--- - name: '[setup] merge with custom vars' ansible.builtin.set_fact: common: "{{ common | combine(custom_common, recursive=recursive_combine) }}" changed_when: false - name: '[system] setup DNS server' block: - name: disable resolv.conf updates from dhclient ansible.builtin.copy: dest: /etc/dhcp/dhclient-enter-hooks.d/nodnsupdate content: | #!/bin/sh make_resolv_conf(){ : } owner: root group: root mode: '0755' - name: update resolv.conf ansible.builtin.template: src: ../templates/system/resolv.conf.j2 dest: /etc/resolv.conf mode: '0644' owner: root group: root become: true when: common.configure_resolv_conf is truthy - name: '[system] re-allow DHCP client to setup DNS resolvers' become: true ansible.builtin.file: path: /etc/dhcp/dhclient-enter-hooks.d/nodnsupdate state: absent failed_when: false when : common.configure_resolv_conf is falsy - name: '[apt] verify components of default sources' become: true block: - name: '[apt] default source.list' ansible.builtin.replace: path: '/etc/apt/sources.list' regexp: '^(deb((?!{{ item }}).)+)$' replace: '\1 {{ item }}' when: not common.apt.deb822_format | bool loop: '{{ common.apt.source_components }}' - name: '[apt] default deb822 debian.sources' ansible.builtin.replace: path: '/etc/apt/sources.list.d/debian.sources' regexp: '^(Components: ((?!{{ item }}).)+)$' replace: '\1 {{ item }}' loop: '{{ common.apt.source_components }}' when: common.apt.deb822_format | bool - name: '[apt] install dependencies and tools' become: true ansible.builtin.apt: update_cache: true force_apt_get: true cache_valid_time: 3600 pkg: - apt-transport-https - alpine - bzip2 - catimg - cron - dateutils - emacs-nox - firmware-misc-nonfree - firmware-linux-nonfree - fwupd - gir1.2-fwupd-2.0 # fwupd - git - iotop - ioping - jq - knot-dnsutils - less - libdata-dump-perl # inxi - libxml-dumper-perl # inxi - lm-sensors - ncdu - nvme-cli - procps - python3-pygments - rsync - smartmontools - tree - xz-utils - yq state: present - name: '[github] install tools' become: true nullified.infrastructure.github_artifact: asset_name: "{{ item.asset_name | default('') }}" asset_type: "{{ item.asset_type }}" cmds: "{{ item.cmds | default([]) }}" creates: "{{ item.creates | default('') }}" github_token: "{{ common.github_token }}" repository: "{{ item.repository }}" version: "{{ item.version | default('') }}" loop: - repository: smxi/inxi asset_type: tag cmds: - tar -zxf {asset_dirname}/{asset_filename} - install --group=root --mode=755 --owner=root smxi-inxi-*/inxi /usr/local/bin - install --group=root --mode=644 --owner=root smxi-inxi-*/inxi.1 /usr/share/man/man1 creates: /usr/local/bin - repository: sharkdp/bat asset_name: bat_{version}_amd64.deb asset_type: release creates: /usr/bin/bat cmds: - dpkg -i {asset_dirname}/{asset_filename} - repository: aristocratos/btop asset_name: btop-x86_64-linux-musl.tbz asset_type: release creates: /usr/bin/btop cmds: - tar -xjf {asset_dirname}/{asset_filename} - install --group=root --mode=755 --owner=root btop/bin/btop /usr/bin - mkdir /usr/share/btop || true - cp -pr btop/themes /usr/share/btop - repository: eza-community/eza asset_name: eza_x86_64-unknown-linux-gnu.tar.gz asset_type: release creates: /usr/bin/eza cmds: - tar -zxf {asset_dirname}/{asset_filename} - install --group=root --mode=755 --owner=root eza /usr/bin - repository: muesli/duf asset_name: duf_{version}_linux_amd64.deb asset_type: release creates: /usr/bin/duf cmds: - dpkg -i {asset_dirname}/{asset_filename} - name: '[system] add sysctl tweaks' become: true ansible.builtin.template: src: ../templates/system/sysctld.local.conf.j2 dest: /etc/sysctl.d/local.conf mode: '0644' when: common.sysctl is truthy vars: sysctl_values: "{{ common.sysctl }}" notify: - 'common : [system] reload sysctl configuration' - name: '[apt] install custom packages' become: true ansible.builtin.apt: update_cache: true force_apt_get: true cache_valid_time: 3600 pkg: "{{ common.apt.packages }}" - include_tasks: home_setup.yml - include_tasks: shell_customization.yml