WoodSmellParticle/ansible-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix!: fixed molecule tests, rewrote how custom variables are handled for hosts overrides; fixed invalid services names for clamav handlers

Browse source
This commit is contained in:
NaeiKinDus 2023-11-29 00:00:00 +00:00
parent 6026cfd195
commit dafa3fbc54
Signed by: WoodSmellParticle
GPG key ID: 8E52ADFF7CA8AE56
23 changed files with 238 additions and 159 deletions
Download patch file Download diff file Expand all files Collapse all files

80
collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml
View file

@ -1,11 +1,28 @@
---
- name: '[setup] merge with custom vars'
ansible.builtin.set_fact:
workstation: "{{ workstation | combine(custom_workstation, recursive=recursive_combine) }}"
changed_when: false
- name: '[home] get user account information'
ansible.builtin.getent:
database: passwd
key: "{{ workstation_user_account }}"
key: "{{ workstation.user_account }}"
split: ":"
changed_when: false
when: getent_passwd is undefined or workstation_user_account not in getent_passwd
when: getent_passwd is undefined or workstation.user_account not in getent_passwd
- name: '[setup] ensure expected home directories exist'
become: true
ansible.builtin.file:
path: "{{ getent_passwd[workstation.user_account][4] }}/{{ item }}"
state: directory
owner: "{{ workstation.user_account }}"
group: "{{ workstation.user_account }}"
mode: '0750'
loop:
- .local/bin
- .local/share/applications
- name: '[apt] install dependencies and tools'
become: true
@ -40,6 +57,7 @@
- python3-pip
- python3-psutil # terminator
- ruby
- ruby-dev
- scrot
- smbclient
- socat
@ -57,23 +75,23 @@
- name: '[setup] add user to sudo group'
become: true
ansible.builtin.user:
name: "{{ workstation_user_account }}"
name: "{{ workstation.user_account }}"
groups:
- sudo
append: true
- name: '[setup] setup Flatpak'
become: true
become_user: "{{ workstation_user_account }}"
become_user: "{{ workstation.user_account }}"
block:
- name: '[flatpak] add flatpak repos'
command:
ansible.builtin.command:
cmd: flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
changed_when: false
- name: '[flatpak] install flatpak apps'
command:
ansible.builtin.command:
cmd: "flatpak install --noninteractive {{ item.repo }} {{ item.app }}"
creates: "{{ getent_passwd[workstation_user_account][4] }}/.var/app/{{ item.app }}"
creates: "/var/lib/flatpak/app/{{ item.app }}"
loop:
- repo: flathub
app: com.discordapp.Discord
@ -83,7 +101,7 @@
- name: '[github] install tools'
become: true
nullified.infrastructure.github_artifact:
github_token: '{{ custom_github_token }}'
github_token: '{{ workstation.github_token }}'
asset_name: "{{ item.asset_name | default('') }}"
asset_type: "{{ item.asset_type }}"
cmds: "{{ item.cmds | default([]) }}"
@ -114,8 +132,8 @@
ansible.builtin.file:
path: "{{ item.path }}"
mode: "{{ item.mode | default('0750') }}"
owner: "{{ item.owner | default(workstation_user_account) }}"
group: "{{ item.group | default(workstation_user_account) }}"
owner: "{{ item.owner | default(workstation.user_account) }}"
group: "{{ item.group | default(workstation.user_account) }}"
state: directory
loop:
- { path: '/opt/git/foss' }
@ -125,22 +143,22 @@
- name: '[emacs] fetch emacs configuration files'
become: true
become_user: "{{ workstation_user_account }}"
become_user: "{{ workstation.user_account }}"
ansible.builtin.git:
repo: "ssh://git@gitlab.0x2a.ninja:4222/naeikindus/emacsd.git"
dest: "{{ getent_passwd[workstation_user_account][4] }}/.emacs.d"
repo: "https://gitlab.0x2a.ninja/naeikindus/emacsd.git"
dest: "{{ getent_passwd[workstation.user_account][4] }}/.emacs.d"
force: false
- name: '[config] set tools configuration'
become: true
become_user: "{{ workstation_user_account }}"
become_user: "{{ workstation.user_account }}"
ansible.builtin.copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode | default('0640') }}"
loop:
- { src: "../templates/.config/terminator", dest: "{{ getent_passwd[workstation_user_account][4] }}/.config" }
- { src: "../templates/.config/vlc", dest: "{{ getent_passwd[workstation_user_account][4] }}/.config" }
- { src: "../templates/.config/terminator", dest: "{{ getent_passwd[workstation.user_account][4] }}/.config" }
- { src: "../templates/.config/vlc", dest: "{{ getent_passwd[workstation.user_account][4] }}/.config" }
- name: '[authenticator] find if binary is already installed'
ansible.builtin.file:
@ -156,8 +174,8 @@
- name: '[yubico] prepare target directory'
ansible.builtin.file:
path: "{{ item }}"
owner: "{{ workstation_user_account }}"
group: "{{ workstation_user_account }}"
owner: "{{ workstation.user_account }}"
group: "{{ workstation.user_account }}"
mode: '0750'
state: directory
loop:
@ -169,8 +187,8 @@
src: https://developers.yubico.com/yubioath-flutter/Releases/yubico-authenticator-latest-linux.tar.gz
remote_src: true
dest: /tmp/yubico-unarchive
owner: "{{ workstation_user_account }}"
group: "{{ workstation_user_account }}"
owner: "{{ workstation.user_account }}"
group: "{{ workstation.user_account }}"
- name: '[yubico] find extracted directory'
ansible.builtin.command:
@ -179,12 +197,12 @@
changed_when: false
- name: '[yubico] move extracted data to final dir'
copy:
ansible.builtin.copy:
remote_src: true
src: "{{ yubico_extract_path.stdout }}/"
dest: /opt/yubico-authenticator
owner: "{{ workstation_user_account }}"
group: "{{ workstation_user_account }}"
owner: "{{ workstation.user_account }}"
group: "{{ workstation.user_account }}"
- name: '[yubico] cleanup'
ansible.builtin.file:
@ -194,24 +212,24 @@
- name: '[yubico] create shell wrapper'
ansible.builtin.template:
src: ../templates/bin_wrapper.sh.j2
dest: "{{ getent_passwd[workstation_user_account][4] }}/.local/bin/authenticator"
dest: "{{ getent_passwd[workstation.user_account][4] }}/.local/bin/authenticator"
mode: '0750'
owner: "{{ workstation_user_account }}"
group: "{{ workstation_user_account }}"
owner: "{{ workstation.user_account }}"
group: "{{ workstation.user_account }}"
vars:
application: "/opt/yubico-authenticator/authenticator"
- name: '[yubico] create desktop entry'
template:
ansible.builtin.template:
src: ../templates/desktop_app.j2
dest: "{{ getent_passwd[workstation_user_account][4] }}/.local/share/applications/authenticator.desktop"
dest: "{{ getent_passwd[workstation.user_account][4] }}/.local/share/applications/authenticator.desktop"
mode: '0600'
owner: "{{ workstation_user_account }}"
group: "{{ workstation_user_account }}"
owner: "{{ workstation.user_account }}"
group: "{{ workstation.user_account }}"
vars:
application:
nodisplay: false
exec_cmd: "{{ getent_passwd[workstation_user_account][4] }}/.local/bin/authenticator"
exec_cmd: "{{ getent_passwd[workstation.user_account][4] }}/.local/bin/authenticator"
name: "Authenticator"
- include_tasks: window_manager.yml

26
collections/ansible_collections/nullified/infrastructure/roles/workstation/tasks/window_manager.yml
View file

@ -2,10 +2,10 @@
- name: '[home] get user account information'
ansible.builtin.getent:
database: passwd
key: "{{ workstation_user_account }}"
key: "{{ workstation.user_account }}"
split: ":"
changed_when: false
when: getent_passwd is undefined or workstation_user_account not in getent_passwd
when: getent_passwd is undefined or workstation.user_account not in getent_passwd
- name: '[awesomewm] install dependencies'
become: true
@ -61,7 +61,7 @@
block:
- name: '[lua-lgi] fetch source'
become: true
become_user: "{{ workstation_user_account }}"
become_user: "{{ workstation.user_account }}"
ansible.builtin.git:
repo: https://github.com/lgi-devs/lgi.git
dest: /opt/git/foss/lua-lgi
@ -80,8 +80,10 @@
- name: '[lua-lgi] building project'
ansible.builtin.command:
chdir: /opt/git/foss/lua-lgi
cmd: LUA_CFLAGS="-I/usr/include/lua5.4" make all
cmd: make all
creates: /opt/git/foss/lua-lgi/lgi/corelgilua51.so
environment:
LUA_CFLAGS: "-I/usr/include/lua5.4"
- name: '[lua-lgi] compile and install'
become: true
@ -94,7 +96,7 @@
block:
- name: '[awesomewm] fetch source'
become: true
become_user: "{{ workstation_user_account }}"
become_user: "{{ workstation.user_account }}"
ansible.builtin.git:
repo: https://github.com/awesomeWM/awesome.git
dest: /opt/git/foss/awesomeWM
@ -106,11 +108,13 @@
- name: '[awesomewm] building project'
become: true
become_user: "{{ workstation_user_account }}"
become_user: "{{ workstation.user_account }}"
ansible.builtin.command:
chdir: /opt/git/foss/awesomeWM
cmd: 'CMAKE_ARGS="-DWITH_DBUS=ON -DLUA_LIBRARY=/usr/lib/x86_64-linux-gnu/liblua5.4.so.0 -DLUA_INCLUDE_DIR=/usr/include/lua5.4" make'
cmd: 'make'
creates: /opt/git/foss/awesomeWM/build
environment:
CMAKE_ARGS: "-DWITH_DBUS=ON -DLUA_LIBRARY=/usr/lib/x86_64-linux-gnu/liblua5.4.so.0 -DLUA_INCLUDE_DIR=/usr/include/lua5.4"
- name: '[awesomewm] building project'
become: true
@ -121,19 +125,19 @@
- name: '[awesomewm] setup configuration'
become: true
become_user: "{{ workstation_user_account }}"
become_user: "{{ workstation.user_account }}"
block:
- name: '[awesomewm] fetch copycats base'
ansible.builtin.git:
repo: https://github.com/lcpz/awesome-copycats.git
dest: "{{ getent_passwd[workstation_user_account][4] }}/.config/awesome"
dest: "{{ getent_passwd[workstation.user_account][4] }}/.config/awesome"
depth: 1
recursive: true
force: false
- name: '[awesomewm] copy customization'
ansible.builtin.copy:
src: ../templates/.config/awesome/
dest: "{{ getent_passwd[workstation_user_account][4] }}/.config/awesome"
dest: "{{ getent_passwd[workstation.user_account][4] }}/.config/awesome"
mode: '0640'
- name: '[home] copy X related configuration'
@ -147,4 +151,4 @@
- name: '[x11] user .xsession'
ansible.builtin.copy:
src: ../templates/.xsession
dest: "{{ getent_passwd[workstation_user_account][4] }}/.xsession"
dest: "{{ getent_passwd[workstation.user_account][4] }}/.xsession"