From 0e9269f7e71479efd6b772b160e8f406b53c2880 Mon Sep 17 00:00:00 2001 From: L3D Date: Fri, 13 Nov 2020 11:30:51 +0100 Subject: [PATCH] improve role behavior (#2) * Resolve linting warnings * rebuild role structure and add more bash options * Add github action tasks * fix typo * fix another typo * fix another typo * fix another typo * fix another typo * fix another typo * fix another typo * Improve default values * create optional bashrc for users --- .../workflows/ansible-archlinux-latest.yml | 16 ++ .github/workflows/ansible-centos-centos6.yml | 16 ++ .github/workflows/ansible-centos-centos7.yml | 16 ++ .github/workflows/ansible-centos-centos8.yml | 16 ++ .github/workflows/ansible-centos-latest.yml | 16 ++ .github/workflows/ansible-debian-buster.yml | 16 ++ .github/workflows/ansible-debian-latest.yml | 16 ++ .github/workflows/ansible-debian-sid.yml | 16 ++ .github/workflows/ansible-debian-stable.yml | 16 ++ .github/workflows/ansible-debian-stretch.yml | 16 ++ .github/workflows/ansible-fedora-31.yml | 16 ++ .github/workflows/ansible-fedora-32.yml | 16 ++ .github/workflows/ansible-fedora-33.yml | 16 ++ .github/workflows/ansible-fedora-latest.yml | 16 ++ .github/workflows/ansible-linting-check.yml | 20 +++ .github/workflows/ansible-ubuntu-bionic.yml | 16 ++ .github/workflows/ansible-ubuntu-eoan.yml | 16 ++ .github/workflows/ansible-ubuntu-latest.yml | 16 ++ .github/workflows/ansible-ubuntu-trusty.yml | 16 ++ .github/workflows/ansible-ubuntu-xenial.yml | 16 ++ README.md | 79 +++++++-- defaults/main.yml | 72 +++++--- tasks/bashrc.yml | 33 ++++ tasks/basic-selinux.yml | 9 + tasks/main.yml | 110 +----------- tasks/versioncheck.yml | 2 +- templates/bash.bashrc | 159 ++++-------------- templates/bashrc | 40 +++-- templates/ranger_rc.conf.j2 | 2 +- vars/main.yml | 12 +- 30 files changed, 558 insertions(+), 284 deletions(-) create mode 100644 .github/workflows/ansible-archlinux-latest.yml create mode 100644 .github/workflows/ansible-centos-centos6.yml create mode 100644 .github/workflows/ansible-centos-centos7.yml create mode 100644 .github/workflows/ansible-centos-centos8.yml create mode 100644 .github/workflows/ansible-centos-latest.yml create mode 100644 .github/workflows/ansible-debian-buster.yml create mode 100644 .github/workflows/ansible-debian-latest.yml create mode 100644 .github/workflows/ansible-debian-sid.yml create mode 100644 .github/workflows/ansible-debian-stable.yml create mode 100644 .github/workflows/ansible-debian-stretch.yml create mode 100644 .github/workflows/ansible-fedora-31.yml create mode 100644 .github/workflows/ansible-fedora-32.yml create mode 100644 .github/workflows/ansible-fedora-33.yml create mode 100644 .github/workflows/ansible-fedora-latest.yml create mode 100644 .github/workflows/ansible-linting-check.yml create mode 100644 .github/workflows/ansible-ubuntu-bionic.yml create mode 100644 .github/workflows/ansible-ubuntu-eoan.yml create mode 100644 .github/workflows/ansible-ubuntu-latest.yml create mode 100644 .github/workflows/ansible-ubuntu-trusty.yml create mode 100644 .github/workflows/ansible-ubuntu-xenial.yml create mode 100644 tasks/bashrc.yml create mode 100644 tasks/basic-selinux.yml diff --git a/.github/workflows/ansible-archlinux-latest.yml b/.github/workflows/ansible-archlinux-latest.yml new file mode 100644 index 0000000..9d651a3 --- /dev/null +++ b/.github/workflows/ansible-archlinux-latest.yml @@ -0,0 +1,16 @@ +name: Ansible check archlinux:latest + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with archlinux:latest + uses: roles-ansible/check-ansible-archlinux-latest-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-centos-centos6.yml b/.github/workflows/ansible-centos-centos6.yml new file mode 100644 index 0000000..6907237 --- /dev/null +++ b/.github/workflows/ansible-centos-centos6.yml @@ -0,0 +1,16 @@ +name: Ansible check centos:centos6 + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with ubuntu:centos6 + uses: roles-ansible/check-ansible-centos-centos6-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-centos-centos7.yml b/.github/workflows/ansible-centos-centos7.yml new file mode 100644 index 0000000..90bff41 --- /dev/null +++ b/.github/workflows/ansible-centos-centos7.yml @@ -0,0 +1,16 @@ +name: Ansible check centos:centos7 + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with ubuntu:centos7 + uses: roles-ansible/check-ansible-centos-centos7-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-centos-centos8.yml b/.github/workflows/ansible-centos-centos8.yml new file mode 100644 index 0000000..5d7acc9 --- /dev/null +++ b/.github/workflows/ansible-centos-centos8.yml @@ -0,0 +1,16 @@ +name: Ansible check centos:centos8 + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with ubuntu:centos8 + uses: roles-ansible/check-ansible-centos-centos8-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-centos-latest.yml b/.github/workflows/ansible-centos-latest.yml new file mode 100644 index 0000000..de991de --- /dev/null +++ b/.github/workflows/ansible-centos-latest.yml @@ -0,0 +1,16 @@ +name: Ansible check centos:latest + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with ubuntu:latest + uses: roles-ansible/check-ansible-centos-latest-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-debian-buster.yml b/.github/workflows/ansible-debian-buster.yml new file mode 100644 index 0000000..a7650ad --- /dev/null +++ b/.github/workflows/ansible-debian-buster.yml @@ -0,0 +1,16 @@ +name: Ansible check debian:buster + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with debian:buster + uses: roles-ansible/check-ansible-debian-buster-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-debian-latest.yml b/.github/workflows/ansible-debian-latest.yml new file mode 100644 index 0000000..d0ad4ca --- /dev/null +++ b/.github/workflows/ansible-debian-latest.yml @@ -0,0 +1,16 @@ +name: Ansible check debian:latest + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with debian:latest + uses: roles-ansible/check-ansible-debian-latest-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-debian-sid.yml b/.github/workflows/ansible-debian-sid.yml new file mode 100644 index 0000000..72fe3a8 --- /dev/null +++ b/.github/workflows/ansible-debian-sid.yml @@ -0,0 +1,16 @@ +name: Ansible check debian:sid + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with debian:sid + uses: roles-ansible/check-ansible-debian-sid-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-debian-stable.yml b/.github/workflows/ansible-debian-stable.yml new file mode 100644 index 0000000..97076ae --- /dev/null +++ b/.github/workflows/ansible-debian-stable.yml @@ -0,0 +1,16 @@ +name: Ansible check debian:stable + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with debian:stable + uses: roles-ansible/check-ansible-debian-stable-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-debian-stretch.yml b/.github/workflows/ansible-debian-stretch.yml new file mode 100644 index 0000000..19ac5fb --- /dev/null +++ b/.github/workflows/ansible-debian-stretch.yml @@ -0,0 +1,16 @@ +name: Ansible check debian:stretch + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with debian:stretch + uses: roles-ansible/check-ansible-debian-stretch-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-fedora-31.yml b/.github/workflows/ansible-fedora-31.yml new file mode 100644 index 0000000..6bbe44d --- /dev/null +++ b/.github/workflows/ansible-fedora-31.yml @@ -0,0 +1,16 @@ +name: Ansible check fedora:31 + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with fedora:31 + uses: roles-ansible/check-ansible-fedora-31-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-fedora-32.yml b/.github/workflows/ansible-fedora-32.yml new file mode 100644 index 0000000..70fc147 --- /dev/null +++ b/.github/workflows/ansible-fedora-32.yml @@ -0,0 +1,16 @@ +name: Ansible check fedora:32 + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with fedora:32 + uses: roles-ansible/check-ansible-fedora-32-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-fedora-33.yml b/.github/workflows/ansible-fedora-33.yml new file mode 100644 index 0000000..6032811 --- /dev/null +++ b/.github/workflows/ansible-fedora-33.yml @@ -0,0 +1,16 @@ +name: Ansible check fedora:33 + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with fedora:33 + uses: roles-ansible/check-ansible-fedora-33-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-fedora-latest.yml b/.github/workflows/ansible-fedora-latest.yml new file mode 100644 index 0000000..8b14097 --- /dev/null +++ b/.github/workflows/ansible-fedora-latest.yml @@ -0,0 +1,16 @@ +name: Ansible check fedora:latest + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with fedora:latest + uses: roles-ansible/check-ansible-fedora-latest-action@master + with: + targets: "./" \ No newline at end of file diff --git a/.github/workflows/ansible-linting-check.yml b/.github/workflows/ansible-linting-check.yml new file mode 100644 index 0000000..712c76f --- /dev/null +++ b/.github/workflows/ansible-linting-check.yml @@ -0,0 +1,20 @@ +name: Ansible Lint check + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Lint Ansible Playbook + uses: ansible/ansible-lint-action@master + with: + targets: "." + # [required] + # Paths to ansible files (i.e., playbooks, tasks, handlers etc..) + args: "" + # [optional] diff --git a/.github/workflows/ansible-ubuntu-bionic.yml b/.github/workflows/ansible-ubuntu-bionic.yml new file mode 100644 index 0000000..aea24a2 --- /dev/null +++ b/.github/workflows/ansible-ubuntu-bionic.yml @@ -0,0 +1,16 @@ +name: Ansible check ubuntu:bionic + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with ubuntu:bionic + uses: roles-ansible/check-ansible-ubuntu-bionic-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-ubuntu-eoan.yml b/.github/workflows/ansible-ubuntu-eoan.yml new file mode 100644 index 0000000..30b5779 --- /dev/null +++ b/.github/workflows/ansible-ubuntu-eoan.yml @@ -0,0 +1,16 @@ +name: Ansible check ubuntu:eoan + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with ubuntu:eoan + uses: roles-ansible/check-ansible-ubuntu-eoan-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-ubuntu-latest.yml b/.github/workflows/ansible-ubuntu-latest.yml new file mode 100644 index 0000000..2e34685 --- /dev/null +++ b/.github/workflows/ansible-ubuntu-latest.yml @@ -0,0 +1,16 @@ +name: Ansible check ubuntu:latest + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with ubuntu:latest + uses: roles-ansible/check-ansible-ubuntu-latest-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-ubuntu-trusty.yml b/.github/workflows/ansible-ubuntu-trusty.yml new file mode 100644 index 0000000..a18c397 --- /dev/null +++ b/.github/workflows/ansible-ubuntu-trusty.yml @@ -0,0 +1,16 @@ +name: Ansible check ubuntu:trusty + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with ubuntu:trusty + uses: roles-ansible/check-ansible-ubuntu-trusty-action@master + with: + targets: "./" diff --git a/.github/workflows/ansible-ubuntu-xenial.yml b/.github/workflows/ansible-ubuntu-xenial.yml new file mode 100644 index 0000000..3bf993d --- /dev/null +++ b/.github/workflows/ansible-ubuntu-xenial.yml @@ -0,0 +1,16 @@ +name: Ansible check ubuntu:xenial + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: ansible check with ubuntu:xenial + uses: roles-ansible/check-ansible-ubuntu-xenial-action@master + with: + targets: "./" diff --git a/README.md b/README.md index ab6b45d..1ad6a93 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ -### Get it directly from Ansible Galaxy +### Get it directly from Ansible Galaxy ```bash $ ansible-galaxy install do1jlr.dotfiles ``` @@ -19,23 +19,74 @@ Affected files: ~/.bashrc ~/.vimrc ``` - needed vars: + our variables: --------------- ```ini -# list all admins -admins: - - l3d +# enable basic version check for this role +# set it to true to use it (recomended) +submodules_versioncheck: false + +# for some ansible features we need the python selinux package at fedora +# disable it, if you don't want it +dotfiles__install_python_selinux: true + +# modify bashrc +base__modify_bashrc: true + +# list of aliases used in bashrc +base__aliases: + - { alias: "ls", command: "ls ", color: True } + - { alias: "grep", command: "grep", color: True } + - { alias: "ll", command: "ls -alF", color: False } + - { alias: "la", command: "ls -A", color: False } + - { alias: "l", command: "ls -CF", color: False } + - { alias: "lz", command: "ls -Z", color: False } + - { alias: "EDITOR", command: "/usr/bin/vim", color: False } + - { alias: "VISUAL", command: "/usr/bin/gedit", color: False } + - { alias: "gitsubpull", command: 'git submodule foreach "(git checkout $(git symbolic-ref --short refs/remotes/origin/HEAD | sed "s@^origin/@@"); git pull)"', color: False } + - { alias: "pwgen", command: "/usr/bin/pwgen --num-passwords=3000 --numerals --capitalize --secure --no-vowels --symbols 42 | grep -v '0' | grep -v 'o' | grep -v 'O' | grep -v '\"' | grep -v 'I' | grep -v 'l' | grep -v '1' | grep -v '´' | grep -v '@' | tail -1 ", color: false } + + +# enable bash completion +base__bash_completion_enabled: true + +# fancy promt +base__user_promt: '\[\033[01;33m\] $(printf "\xE2\x9D\xA4") \[\033[01;32m\]\u\[\033[01;36m\]@\[\033[01;32m\]\H\[\033[01;34m\] <\A> \[\033[01;35m\] \j \[\033[01;36m\] \w \[\033[01;33m\]\n\[\033[01;33m\] $(git branch 2>/dev/null | sed -n "s/* \(.*\)/\1 /p")$\[\033[01;00m\] ' +base__root_prompt: '\[\033[01;31m\] $(printf "\xE2\x9D\xA4") \[\033[01;32m\]\u\[\033[01;36m\]@\[\033[01;32m\]\H\[\033[01;34m\] <\A> \[\033[01;35m\] \j \[\033[01;36m\] \w \[\033[01;33m\]\n\[\033[01;33m\] $(git branch 2>/dev/null | sed -n "s/* \(.*\)/\1 /p")$\[\033[01;00m\] ' + +# log terminal to syslog +base__log_to_syslog: true + +# modify bash history +history_control: 'ignoreboth' +history_size: '-1' +history_file_size: '-1' + +# optional additional entries to bashrc +base__additional_bashrc_lines: [] +# - eval `foo` +# - tmux new-session + +# optionally allow custom bashrc for root +base__allow_own_root_bashrc: false + +# otional custom commands +base__additional_bashrc_lines: [] +# - eval `foo` +# - tmux new-session + +# optionally allow custom bashrc for root +base__allow_own_root_bashrc: false + +# otional custom commands +base__custom_config: [] +# - { user: "l3d", cmd: "eval $(keychain --eval --quiet id_ed25519)" + +# show hidden files in ranger +base__ranger_hidden_files: true -# list of non-admins: accounts: - - ottojo -``` - - Optional config: ------------------ -```ini -# optional .bashrc commands -extra_bashrc: 'alias l="ls -all"' + - "{{ ansible_user_id }}" ``` Please have a look into ``defaults/main.yml`` for more configuration options! diff --git a/defaults/main.yml b/defaults/main.yml index e2736fb..1ba69a6 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,31 +1,59 @@ --- -# should we install keychain for improved ssh-add support? -# It is recomended for desctop users but completly useless for server installations... -install_keychain: False +# enable basic version check for this role +# set it to true to use it (recomended) +submodules_versioncheck: false -# allow additional entys in the local .basrc file -extra_bashrc: '' +# for some ansible features we need the python selinux package at fedora +# disable it, if you don't want it +dotfiles__install_python_selinux: true -# if set to False the .bashrc of the root user will be deleted. -# all that he really need are some parametes of the global /etc/bash.bashrc file... -allow_own_root_bashrc: true +# modify bashrc +base__modify_bashrc: true -# enable version check for this role -# (highly recomended for stupid users) -submodules_versioncheck: true +# list of aliases used in bashrc +base__aliases: + - { alias: "ls", command: "ls ", color: True } + - { alias: "grep", command: "grep", color: True } + - { alias: "ll", command: "ls -alF", color: False } + - { alias: "la", command: "ls -A", color: False } + - { alias: "l", command: "ls -CF", color: False } + - { alias: "lz", command: "ls -Z", color: False } + - { alias: "EDITOR", command: "/usr/bin/vim", color: False } + - { alias: "VISUAL", command: "/usr/bin/gedit", color: False } + - { alias: "gitsubpull", command: "git submodule foreach '(git checkout \\$(git symbolic-ref --short refs/remotes/origin/HEAD | sed 's@^origin/@@'); git pull)'", color: False } + - { alias: "pwgen", command: "/usr/bin/pwgen --num-passwords=3000 --numerals --capitalize --secure --no-vowels --symbols 42 | grep -v '0' | grep -v 'o' | grep -v 'O' | grep -v '\\\"' | grep -v 'I' | grep -v 'l' | grep -v '1' | grep -v '´' | grep -v '@' | tail -1 ", color: false } + + +# enable bash completion +base__bash_completion_enabled: true + +# fancy promt +base__user_prompt: '\[\033[01;33m\] $(printf "\xE2\x9D\xA4") \[\033[01;32m\]\u\[\033[01;36m\]@\[\033[01;32m\]\H\[\033[01;34m\] <\A> \[\033[01;35m\] \j \[\033[01;36m\] \w \[\033[01;33m\]\n\[\033[01;33m\] $(git branch 2>/dev/null | sed -n "s/* \(.*\)/\1 /p")$\[\033[01;00m\] ' +base__root_prompt: '\[\033[01;31m\] $(printf "\xE2\x9D\xA4") \[\033[01;32m\]\u\[\033[01;36m\]@\[\033[01;32m\]\H\[\033[01;34m\] <\A> \[\033[01;35m\] \j \[\033[01;36m\] \w \[\033[01;33m\]\n\[\033[01;33m\] $(git branch 2>/dev/null | sed -n "s/* \(.*\)/\1 /p")$\[\033[01;00m\] ' + +# modify bash history +base__history_control: 'ignoreboth' +base__history_size: '-1' +base__history_file_size: '-1' + +# optional additional entries to /etc/bash.bashrc +base__additional_bashrc_lines: [] +# - eval `foo` +# - tmux new-session + +# optional additional entries to ~/.bashrc +base__additional_user_bashrc_lines: [] +# - eval $(keychain --eval --quiet id_ed25519) + +# optionally allow custom bashrc for root +base__allow_own_root_bashrc: false + +# otional custom commands +base__custom_config: [] +# - { user: "l3d", cmd: "eval $(keychain --eval --quiet id_ed25519)" # show hidden files in ranger -ranger_hidden_files: true +base__ranger_hidden_files: true -# affected user accounts accounts: - "{{ ansible_user_id }}" - -# some additional aliases -git_pull_alias: false -git_typo_alias: true - -# default editor/visual -install_editor: true -dotfiles_default_editor: '/usr/bin/vim' -dotfiles_default_visual: '/usr/bin/gedit' diff --git a/tasks/bashrc.yml b/tasks/bashrc.yml new file mode 100644 index 0000000..42d3e8b --- /dev/null +++ b/tasks/bashrc.yml @@ -0,0 +1,33 @@ +--- +- name: Create a global bashrc configuration + become: yes + template: + src: 'templates/bash.bashrc' + dest: '/etc/bash.bashrc' + owner: root + group: root + mode: 'u=rw,g=r,o=r' + +- name: Copy bashrc configuration to root + become: yes + template: + src: 'templates/bashrc' + dest: '/root/.bashrc' + owner: 'root' + group: 'root' + mode: 'u=rw,g=r,o=' + when: not base__allow_own_root_bashrc | bool + +- name: Copy bashrc configuration to non admin users + become: yes + template: + src: 'templates/bashrc' + dest: '/home/{{ item }}/.bashrc' + owner: '{{ item }}' + group: '{{ item }}' + mode: 'u=rw,g=r,o=' + with_items: '{{ accounts }}' + when: + - accounts is defined + - accounts != ['root'] + - accounts != 'root' diff --git a/tasks/basic-selinux.yml b/tasks/basic-selinux.yml new file mode 100644 index 0000000..c5b8219 --- /dev/null +++ b/tasks/basic-selinux.yml @@ -0,0 +1,9 @@ +--- +- name: install the latest libselinux-python package + become: yes + dnf: + name: libselinux-python + state: present + when: + - ansible_distribution == "Fedora" + failed_when: false diff --git a/tasks/main.yml b/tasks/main.yml index bb735b6..bb697bc 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,78 +1,12 @@ --- - include_tasks: versioncheck.yml - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool -- name: install the latest libselinux-python package - become: yes - dnf: - name: libselinux-python - state: latest - when: - - ansible_distribution == "Fedora" +- include_tasks: basic-selinux.yml + when: dotfiles__install_python_selinux | bool -- name: install keychain to support ssh agent - become: yes - package: - name: keychain - state: latest - when: - - ansible_os_family != 'RedHat' - - install_keychain|bool - -- name: install keychain on centos - become: yes - yum: - name: - - http://packages.psychotic.ninja/7/base/x86_64/RPMS//keychain-2.8.0-3.el7.psychotic.noarch.rpm - - libselinux-python - state: present - when: - - ansible_os_family == 'RedHat' - - install_keychain|bool - -- name: Create a global bashrc configuration - become: yes - template: - src: 'templates/bash.bashrc' - dest: '/etc/bash.bashrc' - owner: root - group: root - mode: 'u=rw,g=r,o=r' - -- name: Copy bashrc configuration to admin users - become: yes - template: - src: 'templates/bashrc' - dest: '/home/{{ item }}/.bashrc' - owner: '{{ item }}' - group: '{{ item }}' - mode: 'u=rw,g=r,o=' - with_items: '{{ admins }}' - when: admins is defined - -- name: Copy bashrc configuration to root - become: yes - template: - src: 'templates/bashrc' - dest: '/root/.bashrc' - owner: 'root' - group: 'root' - mode: 'u=rw,g=r,o=' - when: allow_own_root_bashrc | bool - -- name: Copy bashrc configuration to non admin users - become: yes - template: - src: 'templates/bashrc' - dest: '/home/{{ item }}/.bashrc' - owner: '{{ item }}' - group: '{{ item }}' - mode: 'u=rw,g=r,o=' - with_items: '{{ accounts }}' - when: - - accounts is defined - - accounts != ['root'] - - accounts != 'root' +- include_tasks: bashrc.yml + when: base__modify_bashrc | bool - name: Copy vimrc configuration to root become: yes @@ -97,24 +31,6 @@ - accounts != ['root'] - accounts != 'root' -- name: Copy vimrc configuration to admin users - become: yes - copy: - src: 'templates/vimrc' - dest: '/home/{{ item }}/.vimrc' - owner: '{{ item }}' - group: '{{ item }}' - mode: 'u=rw,g=r,o=' - with_items: "{{ admins }}" - when: admins is defined - -- name: delete root .bashrc - become: yes - file: - state: absent - path: "/root/.bashrc" - when: not allow_own_root_bashrc | bool - - name: create .config/ranger/ directory become: true file: @@ -123,9 +39,10 @@ recurse: yes owner: "{{ item }}" group: "{{ item }}" + mode: '0644' with_items: "{{ accounts }}" when: - - ranger_hidden_files | bool + - base__ranger_hidden_files | bool - accounts is defined - accounts != ['root'] - accounts != 'root' @@ -137,19 +54,10 @@ dest: "/home/{{ item }}/.config/ranger/rc.conf" owner: "{{ item }}" group: "{{ item }}" + mode: '0644' with_items: "{{ accounts }}" when: - - ranger_hidden_files | bool + - base__ranger_hidden_files | bool - accounts is defined - accounts != ['root'] - accounts != 'root' - -- name: Install vim - become: true - package: - name: - - vim - state: present - when: - - install_editor | bool - - ansible_distribution_version != '7' and ansible_distribution_release != 'wheezy' and ansible_machine != 'armv6l' diff --git a/tasks/versioncheck.yml b/tasks/versioncheck.yml index 7977e52..fa361f6 100644 --- a/tasks/versioncheck.yml +++ b/tasks/versioncheck.yml @@ -42,5 +42,5 @@ copy: content: "{{ playbook_version_number }}" dest: "/etc/.ansible-version/{{ playbook_version_path }}" - mode: 0644 + mode: '0644' when: submodules_versioncheck|bool diff --git a/templates/bash.bashrc b/templates/bash.bashrc index 34aaf16..d59199a 100644 --- a/templates/bash.bashrc +++ b/templates/bash.bashrc @@ -1,139 +1,52 @@ # /etc/bashrc -{% raw %} # System wide functions and aliases # Environment stuff goes in /etc/profile -# It's NOT a good idea to change this file unless you know what you -# are doing. It's much better to create a custom.sh shell script in -# /etc/profile.d/ to make custom changes to your environment, as this -# will prevent the need for merging in future updates. - # This file may be overwritten by ansible. Please think about commiting # changes you want to keep persistent. -# Prevent doublesourcing -if [ -z "$BASHRCSOURCED" ]; then - BASHRCSOURCED="Y" - - # are we an interactive shell? - if [ "$PS1" ]; then - if [ -z "$PROMPT_COMMAND" ]; then - case $TERM in - xterm*|vte*) - if [ -e /etc/sysconfig/bash-prompt-xterm ]; then - PROMPT_COMMAND=/etc/sysconfig/bash-prompt-xterm - elif [ "${VTE_VERSION:-0}" -ge 3405 ]; then - PROMPT_COMMAND="__vte_prompt_command" - else - PROMPT_COMMAND='printf "\033]0;%s@%s:%s\007" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"' - fi - ;; - screen*) - if [ -e /etc/sysconfig/bash-prompt-screen ]; then - PROMPT_COMMAND=/etc/sysconfig/bash-prompt-screen - else - PROMPT_COMMAND='printf "\033k%s@%s:%s\033\\" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"' - fi - ;; - *) - [ -e /etc/sysconfig/bash-prompt-default ] && PROMPT_COMMAND=/etc/sysconfig/bash-prompt-default - ;; - esac - fi - # Turn on parallel history - shopt -s histappend - history -a - # Turn on checkwinsize - shopt -s checkwinsize - [ "$PS1" = "\\s-\\v\\\$ " ] && PS1="[\u@\h \W]\\$ " - # You might want to have e.g. tty in prompt (e.g. more virtual machines) - # and console windows - # If you want to do so, just add e.g. - if [ "$PS1" ]; then -{% endraw %} - PS1="{{ bash['keyboard'] }}" -{% raw %} - fi - # to your custom modification shell script in /etc/profile.d/ directory - fi - -if ! shopt -q login_shell ; then # We're not a login shell - # Need to redefine pathmunge, it gets undefined at the end of /etc/profile - pathmunge () { - case ":${PATH}:" in - *:"$1":*) - ;; - *) - if [ "$2" = "after" ] ; then - PATH=$PATH:$1 - else - PATH=$1:$PATH - fi - esac - } - - # By default, we want umask to get set. This sets it for non-login shell. - # Current threshold for system reserved uid/gids is 200 - # You could check uidgid reservation validity in - # /usr/share/doc/setup-*/uidgid file - if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then - umask 002 - else - umask 022 - fi -{% endraw %} - - SHELL="{{ bash['shell'] }}" - {% raw %} - - # Only display echos from profile.d scripts if we are no login shell - # and interactive - otherwise just process them to set envvars - for i in /etc/profile.d/*.sh; do - if [ -r "$i" ]; then - if [ "$PS1" ]; then - . "$i" - else - . "$i" >/dev/null - fi - fi - done - - unset i - unset -f pathmunge - fi - +# enable color support of ls and also add handy aliases +if [ -x /usr/bin/dircolors ]; then + test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" +{% for alias in base__aliases %} +{% if alias.color %} + alias {{ alias.alias }}="{{ alias.command }} --color=auto" +{% endif%} +{% endfor %} fi -alias ls='ls --color=auto' -alias dir='dir --color=auto' -alias vdir='vdir --color=auto' -alias grep='grep --color=auto' -alias fgrep='fgrep --color=auto' -alias egrep='egrep --color=auto' +{% for alias in base__aliases %} +{% if not alias.color %} + alias {{ alias.alias }}="{{ alias.command }}" +{% endif%} +{% endfor %} -# colored GCC warnings and errors -export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01' +{%if base__bash_completion_enabled %} +if ! shopt -oq posix; then + if [ -f /usr/share/bash-completion/bash_completion ]; then + . /usr/share/bash-completion/bash_completion + elif [ -f /etc/bash_completion ]; then + . /etc/bash_completion + fi +fi -# some more ls aliases -alias ll='ls -la' -alias la='ls -A' -alias l='ls -CF' -{% endraw %} - -# default editor -alias EDITOR='{{ dotfiles_default_editor }}' -alias VISUAL='{{ dotfiles_default_visual }}' - -{% if git_typo_alias | bool -%} -alias got='git' -{% endif %} -{% if git_pull_alias | bool -%} -alias gitsubpull='git submodule foreach "(git checkout $(git symbolic-ref --short refs/remotes/origin/HEAD | sed "s@^origin/@@"); git pull)"' {% endif %} -{% if bash['pwgen'] %}alias pwgen="/usr/bin/pwgen --num-passwords=3000 --numerals --capitalize --secure --no-vowels --symbols 42 | grep -v '0' | grep -v 'o' | grep -v 'O' | grep -v '\"' | grep -v 'I' | grep -v 'l' | grep -v '1' | grep -v '´' | grep -v '@' | tail -1 "{% endif %} +# fancy Prompt +if [ $(id -u) -eq 0 ]; then + export PS1='{{ base__root_prompt }} ' +else + export PS1='{{ base__user_prompt }} ' +fi -HISTSIZE= -HISTFILESIZE= + +HISTCONTROL={{ base__history_control }} +shopt -s histappend +HISTSIZE={{ base__history_size }} +HISTFILESIZE={{ base__history_file_size }} + +{% for _row in base__additional_bashrc_lines | default() %} +{{ _row }} +{% endfor %} # vim:ts=4:sw=4 diff --git a/templates/bashrc b/templates/bashrc index ebe4c18..1368fe6 100644 --- a/templates/bashrc +++ b/templates/bashrc @@ -9,18 +9,36 @@ fi PATH="$HOME/.local/bin:$HOME/bin:$PATH" export PATH -# Uncomment the following line if you don't like systemctl's auto-paging feature: -# export SYSTEMD_PAGER= +# enable color support of ls and also add handy aliases +if [ -x /usr/bin/dircolors ]; then + test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" +{% for alias in base__aliases %} +{% if alias.color %} + alias {{ alias.alias }}="{{ alias.command }} --color=auto" +{% endif%} +{% endfor %} +fi -PS1='$(if [[ $(id -u) -ne 0 ]];then echo "\[\033[01;33m\]"; else echo "\[\033[01;31m\]"; fi) $(if [[ $? == 0 ]]; then printf "\xE2\x9D\xA4"; fi) \[\033[01;32m\]\u\[\033[01;36m\]@\[\033[01;32m\]\H\[\033[01;34m\] <\A> \[\033[01;35m\] \j \[\033[01;36m\] \w \[\033[01;33m\]\n\[\033[01;33m\] $(git branch 2>/dev/null | sed -n "s/* \(.*\)/\1 /p")$\[\033[01;00m\] ' +{% for alias in base__aliases %} +{% if not alias.color %} + alias {{ alias.alias }}="{{ alias.command }}" +{% endif%} +{% endfor %} -{{ bash['bashrc'] }} -{% if install_keychain %} -{{ bash['keychain'] }} +# hostory controll +HISTCONTROL={{ base__history_control }} +shopt -s histappend +HISTSIZE={{ base__history_size }} +HISTFILESIZE={{ base__history_file_size }} + +{% for _row in base__additional_user_bashrc_lines | default() %} +{{ _row }} +{% endfor %} + +{% for custom in base__custom_config %} +{% if custom.user == item %} +{{ custom.cmd }} {% endif %} +{% endfor %} -{{ extra_bashrc }} - -# User specific aliases and functions -alias ll="ls -all" - +# vim:ts=4:sw=4 diff --git a/templates/ranger_rc.conf.j2 b/templates/ranger_rc.conf.j2 index 7ff2039..2349d37 100644 --- a/templates/ranger_rc.conf.j2 +++ b/templates/ranger_rc.conf.j2 @@ -1,3 +1,3 @@ # {{ ansible_managed }} # -{% if ranger_hidden_files | bool %}set show_hidden true{% endif %} +{% if base__ranger_hidden_files | bool %}set show_hidden true{% endif %} diff --git a/vars/main.yml b/vars/main.yml index 3b38c2d..71a0670 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,12 +1,2 @@ -# some bash variables -bash: - bashrc: '' - keychain: 'eval $(keychain --eval --quiet id_ed25519)' - nextcloud: false - nm: false - pwgen: true - shell: "/bin/bash" - keyboard: '$(if [[ $(id -u) -ne 0 ]];then echo "\[\033[01;33m\]"; else echo "\[\033[01;31m\]"; fi) $(if [[ $? == 0 ]]; then printf "\xE2\x9D\xA4"; fi) \[\033[01;32m\]\u\[\033[01;36m\]@\[\033[01;32m\]\H\[\033[01;34m\] <\A> \[\033[01;35m\] \j \[\033[01;36m\] \w \[\033[01;33m\]\n\[\033[01;33m\] $(git branch 2>/dev/null | sed -n "s/* \(.*\)/\1 /p")$\[\033[01;00m\] ' - -playbook_version_number: 2056 # should be over ninethousand +playbook_version_number: 2063 # should be over ninethousand playbook_version_path: 'role_dotfiles_chaos-bodensee_github.version'