mirror of
https://github.com/DO1JLR/ansible_linux_desktop_setup.git
synced 2024-09-14 19:54:51 +02:00
commit
7961014d6b
22 changed files with 217 additions and 210 deletions
21
.github/workflows/ansible-linting-check.yml
vendored
21
.github/workflows/ansible-linting-check.yml
vendored
|
@ -2,7 +2,11 @@
|
||||||
name: Ansible Lint check
|
name: Ansible Lint check
|
||||||
|
|
||||||
# yamllint disable-line rule:truthy
|
# yamllint disable-line rule:truthy
|
||||||
on: [push, pull_request]
|
on:
|
||||||
|
push:
|
||||||
|
branches: '*'
|
||||||
|
pull_request:
|
||||||
|
branches: '*'
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build:
|
build:
|
||||||
|
@ -10,9 +14,14 @@ jobs:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v2
|
- name: 'checkout git repo'
|
||||||
|
uses: actions/checkout@v3
|
||||||
- name: Lint Ansible Playbook
|
|
||||||
uses: ansible/ansible-lint-action@master
|
|
||||||
with:
|
with:
|
||||||
targets: "site.yml"
|
lfs: true
|
||||||
|
submodules: true
|
||||||
|
fetch-depth: 0
|
||||||
|
|
||||||
|
- name: 'Lint Ansible Playbook'
|
||||||
|
uses: ansible/ansible-lint-action@v6
|
||||||
|
with:
|
||||||
|
path: "."
|
||||||
|
|
15
.github/workflows/pylint.yml
vendored
Normal file
15
.github/workflows/pylint.yml
vendored
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
name: 'Pylint GitHub Actions'
|
||||||
|
|
||||||
|
# yamllint disable-line rule:truthy
|
||||||
|
on: [push, pull_request]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
pylint:
|
||||||
|
name: 'Pylint'
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: 'Checkout'
|
||||||
|
uses: actions/checkout@master
|
||||||
|
- name: GitHub Action for pylint
|
||||||
|
uses: cclauss/GitHub-Action-for-pylint@0.7.0
|
2
.github/workflows/yamllint.yaml
vendored
2
.github/workflows/yamllint.yaml
vendored
|
@ -18,5 +18,3 @@ jobs:
|
||||||
yamllint_config_filepath: './.yamllint'
|
yamllint_config_filepath: './.yamllint'
|
||||||
yamllint_strict: false
|
yamllint_strict: false
|
||||||
yamllint_comment: true
|
yamllint_comment: true
|
||||||
# env:
|
|
||||||
# GITHUB_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }
|
|
||||||
|
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
ansible/
|
49
.gitmodules
vendored
49
.gitmodules
vendored
|
@ -1,69 +1,98 @@
|
||||||
[submodule "roles/workstation_packages"]
|
[submodule "roles/workstation_packages"]
|
||||||
path = roles/workstation_packages
|
path = roles/workstation_packages
|
||||||
url = https://github.com/chaos-bodensee/role_install_workstaton_packages.git
|
url = https://github.com/chaos-bodensee/role_install_workstaton_packages.git
|
||||||
|
branch = master
|
||||||
[submodule "roles/dotfiles"]
|
[submodule "roles/dotfiles"]
|
||||||
path = roles/dotfiles
|
path = roles/dotfiles
|
||||||
url = https://github.com/chaos-bodensee/role_dotfiles.git
|
url = https://github.com/roles-ansible/ansible_role_dotfiles.git
|
||||||
|
branch = main
|
||||||
[submodule "roles/pulseaudio"]
|
[submodule "roles/pulseaudio"]
|
||||||
path = roles/pulseaudio
|
path = roles/pulseaudio
|
||||||
url = https://github.com/chaos-bodensee/role_pulseaudio_archlinux.git
|
url = https://github.com/chaos-bodensee/role_pulseaudio_archlinux.git
|
||||||
|
branch = master
|
||||||
[submodule "roles/authorized_keys"]
|
[submodule "roles/authorized_keys"]
|
||||||
path = roles/do1jlr.auth
|
path = roles/do1jlr.auth
|
||||||
url = https://github.com/ffbsee/role-ssh_authorized_keys.git
|
url = https://github.com/roles-ansible/ansible_role_auth.git
|
||||||
|
branch = main
|
||||||
[submodule "files/admin_ssh_keys"]
|
[submodule "files/admin_ssh_keys"]
|
||||||
path = files/admin_ssh_keys
|
path = files/admin_ssh_keys
|
||||||
url = https://backwesen.de/ansible/ssh_public_keys.git
|
url = https://backwesen.de/ansible/ssh_public_keys.git
|
||||||
|
branch = main
|
||||||
[submodule "roles/sshd"]
|
[submodule "roles/sshd"]
|
||||||
path = roles/do1jlr.sshd
|
path = roles/do1jlr.sshd
|
||||||
url = https://github.com/roles-ansible/ansible_role_sshd.git
|
url = https://github.com/roles-ansible/ansible_role_sshd.git
|
||||||
|
branch = main
|
||||||
[submodule "roles/nextcloud"]
|
[submodule "roles/nextcloud"]
|
||||||
path = roles/nextcloud
|
path = roles/nextcloud
|
||||||
url = https://github.com/DO1JLR/role_nextcloud_client.git
|
url = https://github.com/DO1JLR/role_nextcloud_client.git
|
||||||
[submodule "roles/ntp"]
|
branch = master
|
||||||
path = roles/ntp
|
|
||||||
url = https://github.com/chaos-bodensee/role-ntp.git
|
|
||||||
[submodule "roles/arch-fonts"]
|
[submodule "roles/arch-fonts"]
|
||||||
path = roles/arch-fonts
|
path = roles/arch-fonts
|
||||||
url = https://github.com/chaos-bodensee/role-arch-fonts.git
|
url = https://github.com/chaos-bodensee/role-arch-fonts.git
|
||||||
|
branch = master
|
||||||
[submodule "roles/akku-warning"]
|
[submodule "roles/akku-warning"]
|
||||||
path = roles/akku-warning
|
path = roles/akku-warning
|
||||||
url = https://github.com/roles-ansible/role_akku_warning.git
|
url = https://github.com/roles-ansible/role_akku_warning.git
|
||||||
|
branch = main
|
||||||
[submodule "roles/install-firefox"]
|
[submodule "roles/install-firefox"]
|
||||||
path = roles/install-firefox
|
path = roles/install-firefox
|
||||||
url = https://github.com/roles-ansible/ansible_role_install_firefox.git
|
url = https://github.com/roles-ansible/ansible_role_install_firefox.git
|
||||||
|
branch = main
|
||||||
[submodule "roles/xrandr"]
|
[submodule "roles/xrandr"]
|
||||||
path = roles/xrandr
|
path = roles/xrandr
|
||||||
url = https://github.com/chaos-bodensee/role-xrandr.git
|
url = https://github.com/roles-ansible/ansible_role_xrandr_help.git
|
||||||
|
branch = main
|
||||||
[submodule "roles/winehq"]
|
[submodule "roles/winehq"]
|
||||||
path = roles/winehq
|
path = roles/winehq
|
||||||
url = https://github.com/ekultails/ansible_role_wine.git
|
url = https://github.com/ekultails/ansible_role_wine.git
|
||||||
|
branch = master
|
||||||
[submodule "roles/no-sleep"]
|
[submodule "roles/no-sleep"]
|
||||||
path = roles/no-sleep
|
path = roles/no-sleep
|
||||||
url = https://github.com/chaos-bodensee/role_disable_sleep.git
|
url = https://github.com/chaos-bodensee/role_disable_sleep.git
|
||||||
|
branch = master
|
||||||
[submodule "roles/manage_users"]
|
[submodule "roles/manage_users"]
|
||||||
path = roles/do1jlr.users
|
path = roles/do1jlr.users
|
||||||
url = https://github.com/chaos-bodensee/role-manage_users.git
|
url = https://github.com/roles-ansible/ansible_role_users.git
|
||||||
|
branch = main
|
||||||
[submodule "roles/polybar"]
|
[submodule "roles/polybar"]
|
||||||
path = roles/polybar
|
path = roles/polybar
|
||||||
url = https://github.com/chaos-bodensee/role_install-polybar.git
|
url = https://github.com/chaos-bodensee/role_install-polybar.git
|
||||||
|
branch = master
|
||||||
[submodule "roles/ansible_version"]
|
[submodule "roles/ansible_version"]
|
||||||
path = roles/ansible_version
|
path = roles/ansible_version
|
||||||
url = https://github.com/chaos-bodensee/role-ansible_version.git
|
url = https://github.com/chaos-bodensee/role-ansible_version.git
|
||||||
|
branch = main
|
||||||
[submodule "roles/base"]
|
[submodule "roles/base"]
|
||||||
path = roles/do1jlr.base
|
path = roles/do1jlr.base
|
||||||
url = https://github.com/roles-ansible/ansible_role_base.git
|
url = https://github.com/roles-ansible/ansible_role_base.git
|
||||||
[submodule "roles/bat"]
|
branch = main
|
||||||
path = roles/bat
|
|
||||||
url = https://github.com/gantsign/ansible_role_bat.git
|
|
||||||
[submodule "roles/amdgpu_firmware"]
|
[submodule "roles/amdgpu_firmware"]
|
||||||
path = roles/amdgpu_firmware
|
path = roles/amdgpu_firmware
|
||||||
url = https://github.com/DO1JLR/ansible_role_amdgpu_firmware.git
|
url = https://github.com/DO1JLR/ansible_role_amdgpu_firmware.git
|
||||||
|
branch = main
|
||||||
[submodule "roles/do1jlr.avahi"]
|
[submodule "roles/do1jlr.avahi"]
|
||||||
path = roles/do1jlr.avahi_daemon
|
path = roles/do1jlr.avahi_daemon
|
||||||
url = https://github.com/roles-ansible/ansible_role_avahi_daemon.git
|
url = https://github.com/roles-ansible/ansible_role_avahi_daemon.git
|
||||||
|
branch = main
|
||||||
[submodule "roles/do1jlr.avahi_client"]
|
[submodule "roles/do1jlr.avahi_client"]
|
||||||
path = roles/do1jlr.avahi_client
|
path = roles/do1jlr.avahi_client
|
||||||
url = https://github.com/roles-ansible/ansible_role_avahi_client.git
|
url = https://github.com/roles-ansible/ansible_role_avahi_client.git
|
||||||
|
branch = main
|
||||||
[submodule "roles/do1jlr.i3wm"]
|
[submodule "roles/do1jlr.i3wm"]
|
||||||
path = roles/do1jlr.i3wm
|
path = roles/do1jlr.i3wm
|
||||||
url = https://github.com/roles-ansible/ansible_role_i3wm.git
|
url = https://github.com/roles-ansible/ansible_role_i3wm.git
|
||||||
|
branch = main
|
||||||
|
[submodule "roles/do1jlr.htop"]
|
||||||
|
path = roles/do1jlr.htop
|
||||||
|
url = https://github.com/roles-ansible/ansible_role_htop.git
|
||||||
|
branch = main
|
||||||
|
[submodule "collections/ansible_collections/community/general"]
|
||||||
|
path = collections/ansible_collections/community/general
|
||||||
|
url = https://github.com/ansible-collections/community.general.git
|
||||||
|
branch = main
|
||||||
|
[submodule "roles/gantsign.bat"]
|
||||||
|
path = roles/gantsign.bat
|
||||||
|
url = https://github.com/gantsign/ansible_role_bat.git
|
||||||
|
[submodule "roles/l3d.ntp"]
|
||||||
|
path = roles/l3d.ntp
|
||||||
|
url = https://github.com/roles-ansible/ansible_role_ntp.git
|
||||||
|
|
|
@ -9,3 +9,5 @@ rules:
|
||||||
|
|
||||||
ignore: |
|
ignore: |
|
||||||
roles/
|
roles/
|
||||||
|
collections/
|
||||||
|
ansible/
|
||||||
|
|
27
README.md
27
README.md
|
@ -1,14 +1,18 @@
|
||||||
Ansible Linux Desktop Setup
|
Ansible Linux Desktop Setup
|
||||||
==========================
|
==========================
|
||||||
This ansible playbook collection creates [L3D](https://chaos.social/@l3d)s Desktop enviroment. Including window manager and some pre-installed programms like [Firefox](https://www.mozilla.org/de/firefox/new/) and some usefull shell programms.
|
This ansible playbook collection manages some of my workstations and laptops. Because of this it sometimes contains very specific variables like my username, SSH keys or similar data that may not be the best choice for your system.
|
||||||
|
|
||||||
ATTENTION
|
Nevertheless, this ansible playbook is not only publicly available on the internet, but by the MIT license a part of free open-source ansible, which may serve you as inspiration within the framework of the MIT license.
|
||||||
|
|
||||||
|
|
||||||
|
Inventory
|
||||||
-------------
|
-------------
|
||||||
Different to my other ansible playbooks:
|
This is my first ansible with dynamic inventory. The [inventory.py](inventory.py) script looks at which hostname it was lauched on. If the hostname is known, the host is mapped to the group stored for it and a local connection to the host is established.
|
||||||
|
|
||||||
### THIS PLAYBOOK HAS TO BE EXECUTET AT THE TARGET HOST DIRECTLY!
|
This has the advantage that different environments are automatically recognized and significantly less danger of accidentally rolling out the ansible with the variables for a completely different host and thus configuring things that were not intended for this device.
|
||||||
|
|
||||||
|
Obviously, this also means that **this playbook must always be run on the host you want to manage** and this ansible playbook is not meant to be run remotely.
|
||||||
|
|
||||||
*It requires some GUI stuff and I did not find the time to forward X or wayland correctly to make it remotely working. Sorry. Feel free to create a Issue or pull-request*
|
|
||||||
|
|
||||||
Install tipps:
|
Install tipps:
|
||||||
-----------------------
|
-----------------------
|
||||||
|
@ -24,6 +28,15 @@ git submodule update --init --recursive
|
||||||
|
|
||||||
# make sure you always check out the submodules
|
# make sure you always check out the submodules
|
||||||
git config --global submodule.recurse true
|
git config --global submodule.recurse true
|
||||||
|
|
||||||
|
# Install Ansible in venv
|
||||||
|
python3 -m venv ansible
|
||||||
|
|
||||||
|
# Activate Venv
|
||||||
|
source ansible/bin/activate
|
||||||
|
|
||||||
|
# Install Ansible
|
||||||
|
pip3 install --upgrade ansible-core ansible-lint pylint
|
||||||
```
|
```
|
||||||
|
|
||||||
Which playbook?
|
Which playbook?
|
||||||
|
@ -41,3 +54,7 @@ Or create a new git repo and be inspired by the roles L3D uses.
|
||||||
If you find this usefull please take a few secounds and say thankyou to L3D.
|
If you find this usefull please take a few secounds and say thankyou to L3D.
|
||||||
|
|
||||||
He is at the most [chaos events](https://events.ccc.de), simple give him a Tschunk or Club Mate there!
|
He is at the most [chaos events](https://events.ccc.de), simple give him a Tschunk or Club Mate there!
|
||||||
|
|
||||||
|
Additional Infos
|
||||||
|
------------------
|
||||||
|
By the way, to store sensible passwords, I am using the [community.general.passwordstore](https://docs.ansible.com/ansible/latest/collections/community/general/passwordstore_lookup.html) Lookup to access my passwords, stored in [gopass](https://gopass.pw/) Password Manager.
|
||||||
|
|
12
ansible.cfg
12
ansible.cfg
|
@ -1,11 +1,13 @@
|
||||||
[defaults]
|
[defaults]
|
||||||
inventory = ./hosts.ini
|
inventory = ./inventory.py
|
||||||
retry_files_enabled = False
|
retry_files_enabled = false
|
||||||
nocows = True
|
nocows = true
|
||||||
ansible_connection = 'local'
|
transport = local
|
||||||
|
interpreter_python = /usr/bin/python3
|
||||||
|
|
||||||
[privilege_escalation]
|
[privilege_escalation]
|
||||||
become_method = sudo
|
become_method = sudo
|
||||||
become_user = root
|
become_user = root
|
||||||
become_ask_pass = False
|
|
||||||
|
|
||||||
|
[passwordstore_lookup]
|
||||||
|
backend = "gopass"
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit 9b493d53a9ff40139c185ff2dc4a7c5d6cf761a6
|
|
@ -68,5 +68,7 @@ i3_run_on_startup:
|
||||||
# - nextcloud
|
# - nextcloud
|
||||||
- sudo nm-applet
|
- sudo nm-applet
|
||||||
|
|
||||||
|
htop__compile: true
|
||||||
|
|
||||||
# globaly enably simple versionscheck - if available
|
# globaly enably simple versionscheck - if available
|
||||||
submodules_versioncheck: true
|
submodules_versioncheck: true
|
||||||
|
|
80
inventory.py
Executable file
80
inventory.py
Executable file
|
@ -0,0 +1,80 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
"""
|
||||||
|
Create a dynamic inventory for this ansible playbook
|
||||||
|
"""
|
||||||
|
import socket
|
||||||
|
import sys
|
||||||
|
import json
|
||||||
|
|
||||||
|
# create a dict to match hostnames to enviroments
|
||||||
|
env_dict = {
|
||||||
|
'work':
|
||||||
|
['workstation.local', 'daringdoo.local'],
|
||||||
|
'private':
|
||||||
|
['derpy.local', 'applejack.local', 'rarity.local']
|
||||||
|
}
|
||||||
|
|
||||||
|
def fqdn():
|
||||||
|
"""
|
||||||
|
return fully qualified domain name
|
||||||
|
"""
|
||||||
|
hostname = socket.gethostname()
|
||||||
|
if '.' not in hostname:
|
||||||
|
hostname = f"{hostname}.local"
|
||||||
|
return str(hostname)
|
||||||
|
|
||||||
|
def become_pass(host):
|
||||||
|
"""
|
||||||
|
return variable for become password using gopass lookup
|
||||||
|
"""
|
||||||
|
passstring = str("\"ansible_become_pass\": "
|
||||||
|
+ "\"{{ lookup('community.general.passwordstore', 'ansible/hosts/"
|
||||||
|
+ host + "/users/root') }}\"")
|
||||||
|
return passstring
|
||||||
|
|
||||||
|
def env(domain):
|
||||||
|
"""
|
||||||
|
map a hostname to a space
|
||||||
|
or print empty list if no one matched and exit
|
||||||
|
"""
|
||||||
|
for key, values in env_dict.items():
|
||||||
|
if domain in values:
|
||||||
|
return key
|
||||||
|
print(json.dumps(empty_host_list(domain), sort_keys=True, indent=2))
|
||||||
|
sys.exit()
|
||||||
|
|
||||||
|
def empty_host_list(domain):
|
||||||
|
"""
|
||||||
|
return empty host list
|
||||||
|
"""
|
||||||
|
comment = f"No valid host found. Found '{domain}'. Return empty host list!"
|
||||||
|
return json.loads('{"_meta": {"comment": "' + comment +
|
||||||
|
'", "hostvars": {}}, "instances": {"hosts": []}}')
|
||||||
|
|
||||||
|
def hostvars(host):
|
||||||
|
"""
|
||||||
|
set variables to local connection
|
||||||
|
"""
|
||||||
|
local = str('"' + host + '": {"ansible_connection": "local", ' + str(become_pass(host)) + '}')
|
||||||
|
return local
|
||||||
|
|
||||||
|
def formated_host_group_list(host, group):
|
||||||
|
"""
|
||||||
|
build inventory and return it
|
||||||
|
"""
|
||||||
|
# pylint: disable=line-too-long
|
||||||
|
return json.loads('{"_meta": {"hostvars": {' + str(hostvars(host)) + '}},"' + str(group) + '": {"hosts": ["' + str(host) + '"]},"instances": {"children": ["' + str(group) + '"]}}')
|
||||||
|
|
||||||
|
def main():
|
||||||
|
"""
|
||||||
|
main funktion
|
||||||
|
will analyse on which host this script is started
|
||||||
|
and will print the dynamic inventory to tell ansible
|
||||||
|
which host_vars and group_vars should be used
|
||||||
|
"""
|
||||||
|
host = fqdn()
|
||||||
|
group = env(host)
|
||||||
|
print(json.dumps(formated_host_group_list(host, group), sort_keys=True, indent=2))
|
||||||
|
|
||||||
|
main()
|
|
@ -1 +1 @@
|
||||||
Subproject commit ef4cf763795d61e883b1867f4a3149568d4acb2d
|
Subproject commit 2bf5d7c4369a8213b42829b14f78920e9906d099
|
|
@ -1 +0,0 @@
|
||||||
Subproject commit 10c6fdb93cd4332e444f8c2a5bc135ff123588f7
|
|
1
roles/do1jlr.htop
Submodule
1
roles/do1jlr.htop
Submodule
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit 46a2dde4efe40245f461cac542c0b3993a833850
|
1
roles/gantsign.bat
Submodule
1
roles/gantsign.bat
Submodule
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit b263e5e140ee3c5e868f9392b2e4a2eaa37eaf79
|
1
roles/l3d.ntp
Submodule
1
roles/l3d.ntp
Submodule
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit c4ff7711a14a9a34af60cfa122c9331d15760582
|
|
@ -1 +0,0 @@
|
||||||
Subproject commit 8d330190c4052981bdb146136dc7f41071a66289
|
|
|
@ -1,38 +0,0 @@
|
||||||
---
|
|
||||||
- name: check if ansible is not to old
|
|
||||||
hosts: localhost
|
|
||||||
roles:
|
|
||||||
- {role: ansible_version, tags: always, gather_facts: false}
|
|
||||||
|
|
||||||
- name: base packages setup
|
|
||||||
hosts: desk_minni.local
|
|
||||||
roles:
|
|
||||||
- {role: workstation_packages, tags: [base, packages, workstation]}
|
|
||||||
|
|
||||||
- name: user and ssh(d) setup
|
|
||||||
hosts: desk_minni.local
|
|
||||||
roles:
|
|
||||||
- {role: do1jlr.users, tags: [users, base]}
|
|
||||||
- {role: do1jlr.auth, tags: [auth, base]}
|
|
||||||
- {role: do1jlr.sshd, tags: [sshd, base]}
|
|
||||||
- {role: dotfiles, tags: [dotfiles, base]}
|
|
||||||
|
|
||||||
- name: fancy schnickschnack
|
|
||||||
hosts: desk_minni.local
|
|
||||||
roles:
|
|
||||||
- {role: akku-warning, tags: akku}
|
|
||||||
# - {role: pulseaudio, tags: [pulse, audio, pulseaudio]}
|
|
||||||
- {role: networkmanager, tags: networkmanager, when: ansible_os_family == 'Archlinux'}
|
|
||||||
- {role: openvpn, tags: ovpn}
|
|
||||||
- {role: nextcloud, tags: nextcloud, when: ansible_os_family == 'Archlinux'}
|
|
||||||
- {role: bat, tags: bat, when: ansible_os_family == 'Debian'}
|
|
||||||
- {role: install-firefox, tags: firefox}
|
|
||||||
- {role: copy_files}
|
|
||||||
- {role: do1jlr.i3wm, tags: i3wm}
|
|
||||||
- {role: ntp, tags: ntp}
|
|
||||||
- {role: xrandr, tags: xrandr}
|
|
||||||
- {role: arch-fonts, tags: fonts}
|
|
||||||
# - {role: winehq, tags: wine}
|
|
||||||
- {role: no-sleep, tags: sleep}
|
|
||||||
- {role: do1jlr.avahi_daemon, tags: [avahi_daemon, avahi]}
|
|
||||||
- {role: do1jlr.avahi_client, tags: [avahi_client, mdns]}
|
|
|
@ -1,39 +0,0 @@
|
||||||
---
|
|
||||||
- name: check if ansible is not to old
|
|
||||||
hosts: localhost
|
|
||||||
roles:
|
|
||||||
- {role: ansible_version, tags: always, gather_facts: false}
|
|
||||||
|
|
||||||
- name: base packages setup
|
|
||||||
hosts: l14.local
|
|
||||||
roles:
|
|
||||||
- {role: workstation_packages, tags: [base, packages, workstation]}
|
|
||||||
- {role: amdgpu_firmware, tags: [amdgpu, firmware]}
|
|
||||||
|
|
||||||
- name: user and ssh(d) setup
|
|
||||||
hosts: l14.local
|
|
||||||
roles:
|
|
||||||
- {role: do1jlr.users, tags: [users, base]}
|
|
||||||
- {role: do1jlr.auth, tags: [auth, base]}
|
|
||||||
- {role: do1jlr.sshd, tags: [sshd, base]}
|
|
||||||
- {role: dotfiles, tags: [dotfiles, base]}
|
|
||||||
|
|
||||||
- name: fancy schnickschnack
|
|
||||||
hosts: l14.local
|
|
||||||
roles:
|
|
||||||
- {role: akku-warning, tags: akku}
|
|
||||||
# - {role: pulseaudio, tags: [pulse, audio, pulseaudio]}
|
|
||||||
- {role: networkmanager, tags: networkmanager, when: ansible_os_family == 'Archlinux'}
|
|
||||||
- {role: openvpn, tags: ovpn}
|
|
||||||
- {role: nextcloud, tags: nextcloud, when: ansible_os_family == 'Archlinux'}
|
|
||||||
- {role: bat, tags: bat, when: ansible_os_family == 'Debian'}
|
|
||||||
- {role: install-firefox, tags: firefox}
|
|
||||||
- {role: copy_files}
|
|
||||||
- {role: do1jlr.i3wm, tags: i3wm}
|
|
||||||
- {role: ntp, tags: ntp}
|
|
||||||
- {role: xrandr, tags: xrandr}
|
|
||||||
- {role: arch-fonts, tags: fonts}
|
|
||||||
# - {role: winehq, tags: wine}
|
|
||||||
- {role: no-sleep, tags: sleep}
|
|
||||||
- {role: do1jlr.avahi_daemon, tags: [avahi_daemon, avahi]}
|
|
||||||
- {role: do1jlr.avahi_client, tags: [avahi_client, mdns]}
|
|
|
@ -1,38 +0,0 @@
|
||||||
---
|
|
||||||
- name: check if ansible is not to old
|
|
||||||
hosts: localhost
|
|
||||||
roles:
|
|
||||||
- {role: ansible_version, tags: always, gather_facts: false}
|
|
||||||
|
|
||||||
- name: base packages setup
|
|
||||||
hosts: t460p.local
|
|
||||||
roles:
|
|
||||||
- {role: workstation_packages, tags: [base, packages, workstation]}
|
|
||||||
|
|
||||||
- name: user and ssh(d) setup
|
|
||||||
hosts: t460p.local
|
|
||||||
roles:
|
|
||||||
- {role: do1jlr.users, tags: [users, base]}
|
|
||||||
- {role: do1jlr.auth, tags: [auth, base]}
|
|
||||||
- {role: do1jlr.sshd, tags: [sshd, base]}
|
|
||||||
- {role: dotfiles, tags: [dotfiles, base]}
|
|
||||||
|
|
||||||
- name: fancy schnickschnack
|
|
||||||
hosts: t460p.local
|
|
||||||
roles:
|
|
||||||
- {role: akku-warning, tags: akku}
|
|
||||||
# - {role: pulseaudio, tags: [pulse, audio, pulseaudio]}
|
|
||||||
- {role: networkmanager, tags: networkmanager, when: ansible_os_family == 'Archlinux'}
|
|
||||||
- {role: openvpn, tags: ovpn}
|
|
||||||
- {role: nextcloud, tags: nextcloud, when: ansible_os_family == 'Archlinux'}
|
|
||||||
- {role: bat, tags: bat, when: ansible_os_family == 'Debian'}
|
|
||||||
- {role: install-firefox, tags: firefox}
|
|
||||||
- {role: copy_files}
|
|
||||||
- {role: do1jlr.i3wm, tags: i3wm}
|
|
||||||
- {role: ntp, tags: ntp}
|
|
||||||
- {role: xrandr, tags: xrandr}
|
|
||||||
- {role: arch-fonts, tags: fonts}
|
|
||||||
# - {role: winehq, tags: wine}
|
|
||||||
- {role: no-sleep, tags: sleep}
|
|
||||||
- {role: do1jlr.avahi_daemon, tags: [avahi_daemon, avahi]}
|
|
||||||
- {role: do1jlr.avahi_client, tags: [avahi_client, mdns]}
|
|
|
@ -1,38 +0,0 @@
|
||||||
---
|
|
||||||
- name: check if ansible is not to old
|
|
||||||
hosts: localhost
|
|
||||||
roles:
|
|
||||||
- {role: ansible_version, tags: always, gather_facts: false}
|
|
||||||
|
|
||||||
- name: base packages setup
|
|
||||||
hosts: workstation.local
|
|
||||||
roles:
|
|
||||||
- {role: workstation_packages, tags: [base, packages, workstation]}
|
|
||||||
|
|
||||||
- name: user and ssh(d) setup
|
|
||||||
hosts: workstation.local
|
|
||||||
roles:
|
|
||||||
- {role: do1jlr.users, tags: [users, base]}
|
|
||||||
- {role: do1jlr.auth, tags: [auth, base]}
|
|
||||||
- {role: do1jlr.sshd, tags: [sshd, base]}
|
|
||||||
- {role: dotfiles, tags: [dotfiles, base]}
|
|
||||||
|
|
||||||
- name: fancy schnickschnack
|
|
||||||
hosts: workstation.local
|
|
||||||
roles:
|
|
||||||
- {role: akku-warning, tags: akku}
|
|
||||||
- {role: pulseaudio, tags: [pulse, audio, pulseaudio]}
|
|
||||||
- {role: networkmanager, tags: networkmanager, when: ansible_os_family == 'Archlinux'}
|
|
||||||
- {role: openvpn, tags: ovpn}
|
|
||||||
- {role: nextcloud, tags: nextcloud, when: ansible_os_family == 'Archlinux'}
|
|
||||||
- {role: bat, tags: bat, when: ansible_os_family == 'Debian'}
|
|
||||||
- {role: install-firefox, tags: firefox}
|
|
||||||
- {role: copy_files}
|
|
||||||
- {role: do1jlr.i3wm, tags: i3wm}
|
|
||||||
- {role: ntp, tags: ntp}
|
|
||||||
- {role: xrandr, tags: xrandr}
|
|
||||||
- {role: arch-fonts, tags: fonts}
|
|
||||||
- {role: winehq, tags: wine}
|
|
||||||
- {role: no-sleep, tags: sleep}
|
|
||||||
- {role: do1jlr.avahi_daemon, tags: [avahi_daemon, avahi]}
|
|
||||||
- {role: do1jlr.avahi_client, tags: [avahi_client, mdns]}
|
|
53
site.yml
53
site.yml
|
@ -1,32 +1,35 @@
|
||||||
---
|
---
|
||||||
- name: check if ansible is not to old
|
- name: check if ansible is not to old
|
||||||
hosts: localhost
|
hosts: all
|
||||||
roles:
|
roles:
|
||||||
- {role: ansible_version, tags: always, gather_facts: false}
|
- {role: ansible_version, tags: always, gather_facts: false}
|
||||||
|
|
||||||
- name: run do1jlr.base setup roles
|
- name: Generic Workstation Preperation
|
||||||
hosts: localhost
|
hosts: all
|
||||||
roles:
|
roles:
|
||||||
- {role: do1jlr.base, tags: [default, packages, base]}
|
# - {role: do1jlr.base, tags: [default, packages, base]}
|
||||||
- {role: workstation_packages, tags: [default, workstation_packages, packages, setup]}
|
# - {role: workstation_packages, tags: [default, workstation_packages, packages, setup]}
|
||||||
- {role: ntp, tags: ntp}
|
- {role: l3d.ntp, tags: ntp}
|
||||||
- {role: arch-fonts, tags: [font, fonts, arch-fonts]}
|
- {role: do1jlr.avahi_client, tags: avahi}
|
||||||
|
- {role: do1jlr.avahi_daemon, tags: avahi}
|
||||||
|
- {role: gantsign.bat, tags: bat}
|
||||||
|
# - {role: arch-fonts, tags: [font, fonts, arch-fonts]}
|
||||||
|
|
||||||
- name: user specific setup
|
# - name: user specific setup
|
||||||
hosts: localhost
|
# hosts: private
|
||||||
roles:
|
# roles:
|
||||||
- {role: dotfiles, tags: [default, dotfiles, fancy]}
|
# - {role: dotfiles, tags: [default, dotfiles, fancy]}
|
||||||
- {role: manage_users, tags: [ssh, manage, manage_users]}
|
# - {role: manage_users, tags: [ssh, manage, manage_users]}
|
||||||
- {role: authorized_keys, tags: [ssh, auth, authorized_keys]}
|
# - {role: authorized_keys, tags: [ssh, auth, authorized_keys]}
|
||||||
- {role: sshd, tags: [ssh, sshd]}
|
# - {role: sshd, tags: [ssh, sshd]}
|
||||||
- {role: akku-warning, tags: [akku, akku_warning, akku-warning]}
|
# - {role: akku-warning, tags: [akku, akku_warning, akku-warning]}
|
||||||
- {role: pulseaudio, tags: pulseaudio}
|
# - {role: pulseaudio, tags: pulseaudio}
|
||||||
- {role: networkmanager, tags: [nm, networkmanager]}
|
# - {role: networkmanager, tags: [nm, networkmanager]}
|
||||||
- {role: copy_files}
|
# - {role: copy_files}
|
||||||
- {role: do1jlr.i3wm, tags: i3wm}
|
# - {role: do1jlr.i3wm, tags: i3wm}
|
||||||
- {role: xrandr, tags: xrandr}
|
# - {role: xrandr, tags: xrandr}
|
||||||
- {role: install-firefox, tags: firefox}
|
# - {role: install-firefox, tags: firefox}
|
||||||
- {role: nextcloud, tags: nextcloud}
|
# - {role: nextcloud, tags: nextcloud}
|
||||||
- {role: openvpn, tags: openvpn}
|
# - {role: openvpn, tags: openvpn}
|
||||||
- {role: winehq, tags: [wine, winehq]}
|
# - {role: winehq, tags: [wine, winehq]}
|
||||||
- {role: no-sleep, tags: no_sleep}
|
# - {role: no-sleep, tags: no_sleep}
|
||||||
|
|
Loading…
Reference in a new issue