monakhos/ansible/workstation.yaml

188 lines
5.3 KiB
YAML
Raw Normal View History

2024-05-22 15:35:11 +00:00
- hosts: workstation
2024-05-26 20:17:13 +00:00
gather_facts: True
2024-05-22 15:35:11 +00:00
vars:
2024-05-26 20:17:13 +00:00
home: /home/{{ user }}
2024-05-22 15:35:11 +00:00
config_files:
2024-05-26 20:17:13 +00:00
- dir: fish
name: config.fish
2024-05-22 15:35:11 +00:00
- dir: tmux
name: tmux.conf
- dir: alacritty
name: alacritty.toml
- dir: wofi
name: style.css
2024-05-26 20:17:13 +00:00
- dir: sway
name: config
- dir: helix
name: config.toml
- dir: i3status-rust
name: config.toml
- dir: git
name: config
- dir: nvim
name: init.lua
- dir: nvim
name: lua # lua dir
2024-05-22 15:35:11 +00:00
tasks:
- name: Init arch
block:
- file:
path: /home/mbess/.workstation_setup_state
state: touch
- copy: content="2024-05-20T11:28:07.552Z c385e8f1-9f34-47d3-9155-0cc1f04c4550" dest=/home/mbess/.workstation_setup_state
2024-05-26 20:17:13 +00:00
- name: Update pacman repo
become: true
community.general.pacman:
update_cache: true
upgrade: true
- name: Install some basic packages
become: true
community.general.pacman:
name:
- archlinux-keyring
2024-05-27 21:19:04 +00:00
- git
- openssh
2024-05-26 20:17:13 +00:00
- name: Init pacman keyring
become: true
# complicated shit follow, to run or not this part depending on if we need to update the pacman key (expiration date)
block:
- stat:
path: "{{ home }}/.cache/monakhos/pacman_key_state"
register: pacman_key_state_stat
- when: pacman_key_state_stat.stat.exists
slurp:
src: "{{ home }}/.cache/monakhos/pacman_key_state"
register: pacman_key_state
- when: pacman_key_state.content is defined
name: "pacman key state debug 1"
debug:
msg: "{{ pacman_key_state.content | b64decode | to_datetime('%Y-%m-%d') }}"
- when: not pacman_key_state_stat.stat.exists
block:
- shell: "rm -rf /etc/pacman.d/gnupg && pacman-key --init && pacman-key --populate archlinux"
2024-05-27 21:19:04 +00:00
- shell: "mkdir -p {{ home }}/.cache/monakhos; echo -n $(date --iso-8601=d) > {{ home }}/.cache/monakhos/pacman_key_state"
2024-05-26 20:17:13 +00:00
- name: Copy pre-generated ssh keys
2024-05-27 21:19:04 +00:00
when: "not target_is_real"
2024-05-26 20:17:13 +00:00
block:
- copy:
src: ./vm_files/remote_key
2024-05-27 21:19:04 +00:00
dest: "{{ home }}/.ssh/{{ device_name }}_generic_ed25519"
2024-05-26 20:17:13 +00:00
mode: u=rw,g=,o=
- copy:
src: ./vm_files/remote_key.pub
2024-05-27 21:19:04 +00:00
dest: "{{ home }}/.ssh/{{ device_name }}_generic_ed25519.pub"
2024-05-26 20:17:13 +00:00
mode: u=rw,g=,o=
- name: Config git
template:
src: ssh_config
dest: "{{ home }}/.ssh/config"
owner: "{{ user }}"
mode: u=rw,g=,o=
2024-05-27 21:19:04 +00:00
- name: Load known hosts
template:
src: known_hosts
dest: "{{ home }}/.ssh/known_hosts"
owner: "{{ user }}"
mode: u=rw,g=,o=
2024-05-26 20:17:13 +00:00
- name: Clone dots file
git:
repo: "git@forge.lefuturiste.fr:mbess/dots.git"
dest: "{{ home }}/.dots"
2024-05-22 15:35:11 +00:00
2024-05-27 21:19:04 +00:00
# INSTALL from YAML
- name: Install packages from YAML files (excluding AUR)
become: true
community.general.pacman:
name: "{{ (lookup('file', 'arch_packages.json') | from_json)['native'] }}" # the python script will return a list of packages
2024-05-22 15:35:11 +00:00
- name: Setup config directories
file:
2024-05-26 20:17:13 +00:00
path: "{{ home }}/.config/{{ item.dir }}"
2024-05-22 15:35:11 +00:00
state: directory
recurse: true
loop: "{{ config_files }}"
2024-05-26 20:17:13 +00:00
2024-05-22 15:35:11 +00:00
- name: Setup symbolic links to config files
file:
2024-05-26 20:17:13 +00:00
src: "{{ home }}/.dots/config/{{ item.dir }}/{{ item.name }}"
dest: "{{ home }}/.config/{{ item.dir }}/{{ item.name }}"
2024-05-22 15:35:11 +00:00
state: link
loop: "{{ config_files }}"
2024-05-26 20:17:13 +00:00
2024-05-27 21:19:04 +00:00
- name: Set default shell
become: true
user:
name: "{{ user }}"
shell: /usr/bin/fish
- name: Setup xremap
include_role:
name: xremap
- name: Setup unbound
include_role:
name: unbound
2024-05-22 15:35:11 +00:00
- name: Setup main popequer notebook
include_role:
name: popequer_notebook
- name: Setup quick notes folder
file:
2024-05-26 20:17:13 +00:00
path: "{{ home }}/.hidden/quick_notes/"
2024-05-22 15:35:11 +00:00
state: directory
recurse: true
- name: Setup temporary secrets folder (cookies jar)
file:
2024-05-26 20:17:13 +00:00
path: "{{ home }}/.cache/secrets/"
2024-05-22 15:35:11 +00:00
state: directory
recurse: true
2024-05-26 20:17:13 +00:00
- name: Create the aur_builder user
become: yes
ansible.builtin.user:
name: aur_builder
create_home: yes
group: wheel
- name: Allow the `aur_builder` user to run `sudo pacman` without a password
become: yes
ansible.builtin.lineinfile:
path: /etc/sudoers.d/11-install-aur_builder
line: 'aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman'
create: yes
mode: 0644
validate: 'visudo -cf %s'
2024-05-26 23:25:03 +00:00
- name: Install yay
import_role:
name: aur
vars:
packages:
- yay-bin
2024-05-26 20:17:13 +00:00
2024-05-27 21:19:04 +00:00
- name: Install AUR packages from YAML file
become: true
import_role:
name: aur
vars:
packages: "{{ (lookup('file', 'aur_packages.json') | from_json)['aur'] }}"
- name: Clone books sources
ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/books-sources.git"
dest: /home/mbess/workspace/books_sources
- name: Clone monakhos
ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/monakhos.git"
dest: /home/mbess/workspace/monakhos