343 lines
12 KiB
YAML
343 lines
12 KiB
YAML
---
|
|
- name: '[setup] gather facts if not already done'
|
|
ansible.builtin.setup:
|
|
gather_subset:
|
|
- distribution
|
|
- distribution_release
|
|
- kernel
|
|
- virtualization_type
|
|
|
|
- name: '[home] get user account information'
|
|
ansible.builtin.getent:
|
|
database: passwd
|
|
key: "{{ development_user_account }}"
|
|
split: ":"
|
|
changed_when: false
|
|
when: ansible_facts['getent_passwd'] is undefined or development_user_account not in ansible_facts['getent_passwd']
|
|
|
|
- name: '[apt] install dependencies and tools'
|
|
become: true
|
|
ansible.builtin.apt:
|
|
update_cache: true
|
|
force_apt_get: true
|
|
cache_valid_time: 3600
|
|
pkg:
|
|
- apt-transport-https # docker-ce
|
|
- autoconf
|
|
- automake
|
|
- bc
|
|
- build-essential
|
|
- ca-certificates # docker-ce
|
|
- curl
|
|
- g++
|
|
- gcc
|
|
- git
|
|
- git-lfs
|
|
- gnupg2 # docker-ce
|
|
- jq
|
|
- libasound2 # draw.io
|
|
- libatspi2.0-0 # draw.io
|
|
- libcairo2
|
|
- libcairo2-dev
|
|
- libcurl4-openssl-dev
|
|
- libffi-dev
|
|
- libgtk-3-0 # draw.io
|
|
- libnotify4 # draw.io
|
|
- libnss3 # draw.io
|
|
- libsecret-1-0 # draw.io
|
|
- libssl-dev
|
|
- libtool
|
|
- libvirt0
|
|
- libvirt-clients
|
|
- libvirt-clients-qemu
|
|
- libvirt-daemon
|
|
- libvirt-daemon-config-network
|
|
- libvirt-daemon-driver-lxc
|
|
- libvirt-daemon-driver-vbox
|
|
- libvirt-daemon-system
|
|
- libvirt-daemon-system-systemd
|
|
- libxss1 # draw.io
|
|
- libxtst6 # draw.io
|
|
- linux-headers-amd64
|
|
- "linux-headers-{{ ansible_facts['kernel'] }}"
|
|
- make
|
|
- mariadb-client
|
|
- pipx
|
|
- postgresql-client
|
|
- python3-dev
|
|
- python3-pip
|
|
- python3-virtualenv
|
|
- shellcheck
|
|
- sqlite3
|
|
- vagrant
|
|
- valgrind
|
|
- xdg-utils # draw.io
|
|
state: present
|
|
|
|
- name: '[github] install tools'
|
|
become: true
|
|
nullified.infrastructure.github_artifact:
|
|
github_token: '{{ development_github_token }}'
|
|
asset_name: "{{ item.asset_name | default('') }}"
|
|
asset_type: "{{ item.asset_type }}"
|
|
cmds: "{{ item.cmds | default([]) }}"
|
|
creates: "{{ item.creates | default('') }}"
|
|
repository: "{{ item.repository }}"
|
|
version: "{{ item.version | default('') }}"
|
|
loop:
|
|
- asset_name: kind-linux-amd64
|
|
asset_type: release
|
|
repository: kubernetes-sigs/kind
|
|
creates: /usr/local/bin/kind
|
|
cmds:
|
|
- install --group=root --owner=root --mode=755 {asset_dirname}/{asset_filename} /usr/local/bin/kind
|
|
- rm {asset_dirname}/{asset_filename}
|
|
- asset_name: dive_{version}_linux_amd64.deb
|
|
asset_type: release
|
|
repository: wagoodman/dive
|
|
creates: /usr/bin/dive
|
|
cmds:
|
|
- dpkg -i {asset_dirname}/{asset_filename}
|
|
- asset_name: kubeconform-linux-amd64.tar.gz
|
|
asset_type: release
|
|
repository: yannh/kubeconform
|
|
creates: /usr/local/bin/kubeconform
|
|
cmds:
|
|
- tar -zxf {asset_dirname}/{asset_filename}
|
|
- install --group=root --mode=755 --owner=root kubeconform /usr/local/bin
|
|
- asset_name: git-delta_{version}_amd64.deb
|
|
asset_type: release
|
|
repository: dandavison/delta
|
|
creates: /usr/bin/delta
|
|
cmds:
|
|
- dpkg -i {asset_dirname}/{asset_filename}
|
|
- asset_name: docker-compose-linux-x86_64
|
|
asset_type: release
|
|
repository: docker/compose
|
|
creates: /usr/local/bin/docker-compose
|
|
cmds:
|
|
- install --group=root --mode=755 --owner=root {asset_dirname}/{asset_filename} /usr/local/bin/docker-compose
|
|
- test -d /usr/local/lib/docker/cli-plugins && (rm /usr/local/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/lib/docker/cli-plugins) || true
|
|
- test -d /usr/local/libexec/docker/cli-plugins && (rm /usr/local/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/libexec/docker/cli-plugins) || true
|
|
- test -d /usr/lib/docker/cli-plugins && (rm /usr/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/lib/docker/cli-plugins) || true
|
|
- test -d /usr/libexec/docker/cli-plugins && (rm /usr/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/libexec/docker/cli-plugins) || true
|
|
- asset_name: buildx-{version}.linux-amd64
|
|
asset_type: release
|
|
repository: docker/buildx
|
|
creates: /usr/local/bin/docker-buildx
|
|
cmds:
|
|
- install --group=root --mode=755 --owner=root {asset_dirname}/{asset_filename} /usr/local/bin/docker-buildx
|
|
- test -d /usr/local/lib/docker/cli-plugins && (rm /usr/local/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/lib/docker/cli-plugins) || true
|
|
- test -d /usr/local/libexec/docker/cli-plugins && (rm /usr/local/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/libexec/docker/cli-plugins) || true
|
|
- test -d /usr/lib/docker/cli-plugins && (rm /usr/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/lib/docker/cli-plugins) || true
|
|
- test -d /usr/libexec/docker/cli-plugins && (rm /usr/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/libexec/docker/cli-plugins) || true
|
|
- asset_name: drawio-amd64-{version}.deb
|
|
asset_type: release
|
|
repository: jgraph/drawio-desktop
|
|
creates: /usr/bin/drawio
|
|
cmds:
|
|
- dpkg -i {asset_dirname}/{asset_filename}
|
|
- asset_name: OpenLens-{version}.amd64.deb
|
|
asset_type: release
|
|
repository: MuhammedKalkan/OpenLens
|
|
creates: /usr/bin/open-lens
|
|
cmds:
|
|
- dpkg -i {asset_dirname}/{asset_filename}
|
|
- asset_name: stern_{version}_linux_amd64.tar.gz
|
|
asset_type: release
|
|
repository: stern/stern
|
|
creates: /usr/local/bin/stern
|
|
cmds:
|
|
- tar -zxf {asset_dirname}/{asset_filename}
|
|
- install --group=root --mode=755 --owner=root stern /usr/local/bin
|
|
- asset_name: tofu_{version}_amd64.deb
|
|
asset_type: release
|
|
repository: opentofu/opentofu
|
|
creates: /usr/bin/tofu
|
|
cmds:
|
|
- dpkg -i {asset_dirname}/{asset_filename}
|
|
|
|
- name: install kubectl
|
|
ansible.builtin.include_role:
|
|
name: nullified.infrastructure.kubectl
|
|
|
|
- name: install helm
|
|
ansible.builtin.include_role:
|
|
name: nullified.infrastructure.helm
|
|
|
|
- name: '[vbox] install Virtualbox'
|
|
become: true
|
|
when: development_virtualbox_enabled is truthy
|
|
block:
|
|
- name: '[vbox] add repository key'
|
|
ansible.builtin.get_url:
|
|
url: https://www.virtualbox.org/download/oracle_vbox_2016.asc
|
|
dest: /etc/apt/trusted.gpg.d/virtualbox.asc
|
|
mode: '0644'
|
|
|
|
- name: '[apt key] add repository'
|
|
ansible.builtin.apt_repository:
|
|
repo: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/virtualbox.asc] https://download.virtualbox.org/virtualbox/{{ ansible_facts['distribution'] | lower }} {{ ansible_facts['distribution_release']}} contrib"
|
|
state: present
|
|
filename: virtualbox
|
|
update_cache: true
|
|
|
|
- name: '[apt] install Virtualbox'
|
|
ansible.builtin.apt:
|
|
force_apt_get: true
|
|
cache_valid_time: 3600
|
|
pkg:
|
|
- "virtualbox-{{ development_virtualbox_version }}"
|
|
state: present
|
|
|
|
- name: '[custom] install Docker CE repository'
|
|
become: true
|
|
block:
|
|
- name: '[apt key] add docker key'
|
|
ansible.builtin.get_url:
|
|
url: "https://download.docker.com/linux/{{ ansible_facts['distribution'] | lower }}/gpg"
|
|
dest: /etc/apt/trusted.gpg.d/docker.asc
|
|
mode: '0644'
|
|
|
|
- name: '[apt key] add source'
|
|
ansible.builtin.apt_repository:
|
|
repo: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker.asc] https://download.docker.com/linux/{{ ansible_facts['distribution'] | lower }} {{ ansible_facts['distribution_release'] }} stable"
|
|
state: present
|
|
filename: docker
|
|
update_cache: true
|
|
|
|
- name: '[apt] install Docker CE'
|
|
ansible.builtin.apt:
|
|
update_cache: true
|
|
force_apt_get: true
|
|
cache_valid_time: 3600
|
|
pkg:
|
|
- docker-ce
|
|
- docker-ce-cli
|
|
- containerd.io
|
|
state: present
|
|
|
|
- name: '[docker] update daemon configuration'
|
|
ansible.builtin.template:
|
|
src: ../templates/docker-ce/daemon.json.j2
|
|
dest: /etc/docker/daemon.json
|
|
mode: '0644'
|
|
when: development_docker_userns is truthy
|
|
notify:
|
|
- 'development : [docker] restart service'
|
|
notify:
|
|
- 'development : [docker] restart service'
|
|
|
|
- name: '[python] install tools'
|
|
become: true
|
|
become_user: "{{ development_user_account }}"
|
|
ansible.builtin.command:
|
|
cmd: "pipx install {{ item.cmd }}"
|
|
creates: "{{ ansible_facts['getent_passwd'][development_user_account][4] }}/.local/bin/{{ item.creates }}"
|
|
loop:
|
|
- { "cmd": "black", "creates": "black" }
|
|
- { "cmd": "flake8", "creates": "flake8" }
|
|
|
|
- name: '[python] install pipx packages dependencies'
|
|
become: true
|
|
become_user: "{{ development_user_account }}"
|
|
ansible.builtin.command:
|
|
cmd: "pipx inject {{ item.venv }} {{ item.extension }}"
|
|
# @todo not portable, will not work as expected, replace with actual python version
|
|
creates:
|
|
"{{ ansible_facts['getent_passwd'][development_user_account][4] }}/.local/pipx/venvs/{{ item.venv }}/lib/python3.11/site-packages/{{ item.creates }}"
|
|
loop:
|
|
- venv: "flake8"
|
|
extension: "flake8-annotations-complexity"
|
|
creates: "flake8_annotations_complexity"
|
|
- venv: "flake8"
|
|
extension: "flake8-bandit"
|
|
creates: "flake8_bandit.py"
|
|
- venv: "flake8"
|
|
extension: "flake8-breakpoint"
|
|
creates: "flake8_breakpoint"
|
|
- venv: "flake8"
|
|
extension: "flake8-bugbear"
|
|
creates: "bugbear.py"
|
|
- venv: "flake8"
|
|
extension: "flake8-builtins"
|
|
creates: "flake8_builtins.py"
|
|
- venv: "flake8"
|
|
extension: "flake8-comprehensions"
|
|
creates: "flake8_comprehensions"
|
|
- venv: "flake8"
|
|
extension: "flake8-docstrings"
|
|
creates: "flake8_docstrings.py"
|
|
- venv: "flake8"
|
|
extension: "flake8-eradicate"
|
|
creates: "flake8_eradicate.py"
|
|
- venv: "flake8"
|
|
extension: "flake8-expression-complexity"
|
|
creates: "flake8_expression_complexity"
|
|
- venv: "flake8"
|
|
extension: "flake8-if-expr"
|
|
creates: "flake8_if_expr"
|
|
- venv: "flake8"
|
|
extension: "flake8-isort"
|
|
creates: "flake8_isort.py"
|
|
- venv: "flake8"
|
|
extension: "flake8-logging-format"
|
|
creates: "logging_format"
|
|
- venv: "flake8"
|
|
extension: "flake8-print"
|
|
creates: "flake8_print.py"
|
|
- venv: "flake8"
|
|
extension: "flake8-pytest"
|
|
creates: "flake8_pytest.py"
|
|
- venv: "flake8"
|
|
extension: "flake8-pytest-style"
|
|
creates: "flake8_pytest_style"
|
|
- venv: "flake8"
|
|
extension: "flake8-requirements"
|
|
creates: "flake8_requirements"
|
|
- venv: "flake8"
|
|
extension: "flake8-return"
|
|
creates: "flake8_return"
|
|
- venv: "flake8"
|
|
extension: "flake8-rst-docstrings"
|
|
creates: "flake8_rst_docstrings.py"
|
|
- venv: "flake8"
|
|
extension: "pep8-naming"
|
|
creates: "pep8ext_naming.py"
|
|
|
|
- name: '[rust] check if rust is already installed'
|
|
ansible.builtin.file:
|
|
path: "{{ ansible_facts['getent_passwd'][development_user_account][4] }}/.cargo/bin/rustc"
|
|
register: rustc_stat
|
|
changed_when: false
|
|
failed_when: false
|
|
when: development_rust_enabled is truthy
|
|
|
|
- name: '[rust] rust'
|
|
become: true
|
|
when: development_rust_enabled is truthy and rustc_stat.state is match("absent")
|
|
block:
|
|
- name: '[rust] download installer'
|
|
ansible.builtin.get_url:
|
|
url: https://sh.rustup.rs
|
|
dest: /tmp/rustup.sh
|
|
mode: '0750'
|
|
owner: "{{ development_user_account }}"
|
|
group: "{{ development_user_account }}"
|
|
|
|
- name: '[rust] install rust toolchain'
|
|
become_user: "{{ development_user_account }}"
|
|
ansible.builtin.command:
|
|
cmd: /tmp/rustup.sh -qy
|
|
|
|
- name: '[user] add default user to groups'
|
|
become: true
|
|
ansible.builtin.user:
|
|
name: "{{ development_user_account }}"
|
|
append: true
|
|
groups:
|
|
- docker
|
|
- kvm
|
|
- libvirt
|
|
- libvirt-qemu
|
|
state: present
|