2024-05-22 15:35:11 +00:00
|
|
|
- hosts: workstation
|
2024-05-26 20:17:13 +00:00
|
|
|
gather_facts: True
|
2024-05-22 15:35:11 +00:00
|
|
|
vars:
|
2024-05-26 20:17:13 +00:00
|
|
|
home: /home/{{ user }}
|
2024-05-30 16:28:31 +00:00
|
|
|
systemd_services:
|
|
|
|
system: []
|
|
|
|
user:
|
|
|
|
- name: "sshfs_srv06_warmd"
|
|
|
|
enabled: true
|
|
|
|
- name: "popequer_gitwatch@"
|
|
|
|
- name: "hourly_remainder"
|
|
|
|
enabled: true
|
|
|
|
timer: true
|
2024-06-03 20:59:29 +00:00
|
|
|
- name: "cliphist"
|
|
|
|
enabled: true
|
2024-06-06 09:31:30 +00:00
|
|
|
- name: "gammastep"
|
|
|
|
enabled: true
|
2024-05-22 15:35:11 +00:00
|
|
|
config_files:
|
2024-05-26 20:17:13 +00:00
|
|
|
- dir: fish
|
|
|
|
name: config.fish
|
2024-05-22 15:35:11 +00:00
|
|
|
- dir: tmux
|
|
|
|
name: tmux.conf
|
|
|
|
- dir: alacritty
|
|
|
|
name: alacritty.toml
|
|
|
|
- dir: wofi
|
|
|
|
name: style.css
|
2024-05-26 20:17:13 +00:00
|
|
|
- dir: sway
|
|
|
|
name: config
|
|
|
|
- dir: helix
|
|
|
|
name: config.toml
|
|
|
|
- dir: i3status-rust
|
|
|
|
name: config.toml
|
|
|
|
- dir: git
|
|
|
|
name: config
|
|
|
|
- dir: nvim
|
|
|
|
name: init.lua
|
|
|
|
- dir: nvim
|
|
|
|
name: lua # lua dir
|
2024-05-30 16:28:31 +00:00
|
|
|
# for desktop notifications
|
|
|
|
- dir: dunst
|
|
|
|
name: dunstrc
|
2024-05-22 15:35:11 +00:00
|
|
|
tasks:
|
|
|
|
- name: Init arch
|
|
|
|
block:
|
|
|
|
- file:
|
|
|
|
path: /home/mbess/.workstation_setup_state
|
|
|
|
state: touch
|
|
|
|
- copy: content="2024-05-20T11:28:07.552Z c385e8f1-9f34-47d3-9155-0cc1f04c4550" dest=/home/mbess/.workstation_setup_state
|
2024-05-26 20:17:13 +00:00
|
|
|
|
|
|
|
- name: Update pacman repo
|
|
|
|
become: true
|
|
|
|
community.general.pacman:
|
|
|
|
update_cache: true
|
|
|
|
upgrade: true
|
|
|
|
|
|
|
|
- name: Install some basic packages
|
|
|
|
become: true
|
|
|
|
community.general.pacman:
|
|
|
|
name:
|
|
|
|
- archlinux-keyring
|
2024-05-27 21:19:04 +00:00
|
|
|
- git
|
|
|
|
- openssh
|
2024-05-26 20:17:13 +00:00
|
|
|
|
|
|
|
- name: Init pacman keyring
|
|
|
|
become: true
|
|
|
|
# complicated shit follow, to run or not this part depending on if we need to update the pacman key (expiration date)
|
|
|
|
block:
|
|
|
|
- stat:
|
|
|
|
path: "{{ home }}/.cache/monakhos/pacman_key_state"
|
|
|
|
register: pacman_key_state_stat
|
|
|
|
- when: pacman_key_state_stat.stat.exists
|
|
|
|
slurp:
|
|
|
|
src: "{{ home }}/.cache/monakhos/pacman_key_state"
|
|
|
|
register: pacman_key_state
|
|
|
|
- when: pacman_key_state.content is defined
|
|
|
|
name: "pacman key state debug 1"
|
|
|
|
debug:
|
|
|
|
msg: "{{ pacman_key_state.content | b64decode | to_datetime('%Y-%m-%d') }}"
|
|
|
|
- when: not pacman_key_state_stat.stat.exists
|
|
|
|
block:
|
|
|
|
- shell: "rm -rf /etc/pacman.d/gnupg && pacman-key --init && pacman-key --populate archlinux"
|
2024-05-27 21:19:04 +00:00
|
|
|
- shell: "mkdir -p {{ home }}/.cache/monakhos; echo -n $(date --iso-8601=d) > {{ home }}/.cache/monakhos/pacman_key_state"
|
2024-05-26 20:17:13 +00:00
|
|
|
|
|
|
|
- name: Copy pre-generated ssh keys
|
2024-05-27 21:19:04 +00:00
|
|
|
when: "not target_is_real"
|
2024-05-26 20:17:13 +00:00
|
|
|
block:
|
|
|
|
- copy:
|
|
|
|
src: ./vm_files/remote_key
|
2024-05-27 21:19:04 +00:00
|
|
|
dest: "{{ home }}/.ssh/{{ device_name }}_generic_ed25519"
|
2024-05-26 20:17:13 +00:00
|
|
|
mode: u=rw,g=,o=
|
|
|
|
- copy:
|
|
|
|
src: ./vm_files/remote_key.pub
|
2024-05-27 21:19:04 +00:00
|
|
|
dest: "{{ home }}/.ssh/{{ device_name }}_generic_ed25519.pub"
|
2024-05-26 20:17:13 +00:00
|
|
|
mode: u=rw,g=,o=
|
|
|
|
|
|
|
|
- name: Config git
|
|
|
|
template:
|
|
|
|
src: ssh_config
|
|
|
|
dest: "{{ home }}/.ssh/config"
|
|
|
|
owner: "{{ user }}"
|
|
|
|
mode: u=rw,g=,o=
|
|
|
|
|
2024-05-27 21:19:04 +00:00
|
|
|
- name: Load known hosts
|
|
|
|
template:
|
|
|
|
src: known_hosts
|
|
|
|
dest: "{{ home }}/.ssh/known_hosts"
|
|
|
|
owner: "{{ user }}"
|
|
|
|
mode: u=rw,g=,o=
|
|
|
|
|
|
|
|
# INSTALL from YAML
|
|
|
|
- name: Install packages from YAML files (excluding AUR)
|
|
|
|
become: true
|
|
|
|
community.general.pacman:
|
|
|
|
name: "{{ (lookup('file', 'arch_packages.json') | from_json)['native'] }}" # the python script will return a list of packages
|
|
|
|
|
2024-05-30 16:28:31 +00:00
|
|
|
# DOTS
|
|
|
|
- name: Clone dots file
|
|
|
|
git:
|
|
|
|
repo: "git@forge.lefuturiste.fr:mbess/dots.git"
|
|
|
|
dest: "{{ home }}/.dots"
|
|
|
|
|
|
|
|
- name: Install requirements in dots
|
|
|
|
pip:
|
|
|
|
virtualenv: "{{ home }}/.dots/venv"
|
|
|
|
requirements: "{{ home }}/.dots/requirements.txt"
|
|
|
|
|
|
|
|
- name: Setup DNS and unbound
|
|
|
|
include_role:
|
|
|
|
name: dns
|
|
|
|
|
2024-05-22 15:35:11 +00:00
|
|
|
- name: Setup config directories
|
|
|
|
file:
|
2024-05-26 20:17:13 +00:00
|
|
|
path: "{{ home }}/.config/{{ item.dir }}"
|
2024-05-22 15:35:11 +00:00
|
|
|
state: directory
|
|
|
|
recurse: true
|
|
|
|
loop: "{{ config_files }}"
|
2024-05-26 20:17:13 +00:00
|
|
|
|
2024-05-22 15:35:11 +00:00
|
|
|
- name: Setup symbolic links to config files
|
|
|
|
file:
|
2024-05-26 20:17:13 +00:00
|
|
|
src: "{{ home }}/.dots/config/{{ item.dir }}/{{ item.name }}"
|
|
|
|
dest: "{{ home }}/.config/{{ item.dir }}/{{ item.name }}"
|
2024-05-22 15:35:11 +00:00
|
|
|
state: link
|
|
|
|
loop: "{{ config_files }}"
|
2024-05-26 20:17:13 +00:00
|
|
|
|
2024-05-27 21:19:04 +00:00
|
|
|
- name: Set default shell
|
|
|
|
become: true
|
|
|
|
user:
|
|
|
|
name: "{{ user }}"
|
|
|
|
shell: /usr/bin/fish
|
|
|
|
|
2024-06-10 21:30:00 +00:00
|
|
|
- name: Add user to useful group (docker)
|
|
|
|
become: true
|
|
|
|
user:
|
|
|
|
name: "{{ user }}"
|
|
|
|
groups: ["docker"]
|
|
|
|
|
2024-05-30 16:28:31 +00:00
|
|
|
- name: Create machine.fish
|
|
|
|
template:
|
|
|
|
src: fish/machine.fish
|
|
|
|
dest: "{{ home }}/.config/fish/machine.fish"
|
2024-05-22 15:35:11 +00:00
|
|
|
|
2024-05-26 20:17:13 +00:00
|
|
|
- name: Create the aur_builder user
|
|
|
|
become: yes
|
|
|
|
ansible.builtin.user:
|
|
|
|
name: aur_builder
|
|
|
|
create_home: yes
|
|
|
|
group: wheel
|
|
|
|
|
|
|
|
- name: Allow the `aur_builder` user to run `sudo pacman` without a password
|
|
|
|
become: yes
|
|
|
|
ansible.builtin.lineinfile:
|
|
|
|
path: /etc/sudoers.d/11-install-aur_builder
|
|
|
|
line: 'aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman'
|
|
|
|
create: yes
|
|
|
|
mode: 0644
|
|
|
|
validate: 'visudo -cf %s'
|
|
|
|
|
2024-05-30 16:28:31 +00:00
|
|
|
- name: Setup xremap
|
|
|
|
include_role:
|
|
|
|
name: xremap
|
|
|
|
|
|
|
|
# AUR packages
|
2024-05-26 23:25:03 +00:00
|
|
|
- name: Install yay
|
|
|
|
import_role:
|
|
|
|
name: aur
|
|
|
|
vars:
|
|
|
|
packages:
|
|
|
|
- yay-bin
|
2024-05-26 20:17:13 +00:00
|
|
|
|
2024-05-27 21:19:04 +00:00
|
|
|
- name: Install AUR packages from YAML file
|
|
|
|
become: true
|
|
|
|
import_role:
|
|
|
|
name: aur
|
|
|
|
vars:
|
2024-05-30 16:28:31 +00:00
|
|
|
packages: "{{ (lookup('file', 'arch_packages.json') | from_json)['aur'] }}"
|
|
|
|
|
|
|
|
# SYSTEMD
|
|
|
|
- name: Setup systemd user services folder
|
|
|
|
file:
|
|
|
|
path: "{{ home }}/.config/systemd/user"
|
|
|
|
state: directory
|
|
|
|
recurse: true
|
|
|
|
|
|
|
|
- name: Setup user units
|
|
|
|
template:
|
|
|
|
src: "systemd/user/{{ item.name }}.service"
|
|
|
|
dest: "{{ home }}/.config/systemd/user/{{ item.name }}.service"
|
|
|
|
loop: "{{ systemd_services.user }}"
|
|
|
|
|
|
|
|
- name: Setup user timers
|
|
|
|
when: "item.timer is defined and item.timer"
|
|
|
|
loop: "{{ systemd_services.user }}"
|
|
|
|
template:
|
|
|
|
src: "systemd/user/{{ item.name }}.timer"
|
|
|
|
dest: "{{ home }}/.config/systemd/user/{{ item.name }}.timer"
|
|
|
|
|
|
|
|
- name: Enable some systemd user services
|
|
|
|
when: "item.enabled is defined and item.enabled"
|
|
|
|
loop: "{{ systemd_services.user }}"
|
|
|
|
systemd_service:
|
|
|
|
daemon_reload: true
|
|
|
|
scope: user
|
|
|
|
name: "{{ item.name }}"
|
|
|
|
state: started
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
- name: Enable some systemd user timers
|
|
|
|
when: "item.timer is defined and item.timer"
|
|
|
|
loop: "{{ systemd_services.user }}"
|
|
|
|
systemd_service:
|
|
|
|
scope: user
|
|
|
|
name: "{{ item.name }}.timer"
|
|
|
|
state: started
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
# OTHERS
|
2024-06-03 21:01:48 +00:00
|
|
|
- name: Setup mount point folder
|
|
|
|
file:
|
|
|
|
path: "{{ home }}/.mnt"
|
|
|
|
state: directory
|
|
|
|
recurse: true
|
2024-06-06 09:31:30 +00:00
|
|
|
- name: Setup mount point folder for srv06
|
|
|
|
file:
|
|
|
|
path: "{{ home }}/.mnt/srv06/warmd/mbess"
|
|
|
|
state: directory
|
|
|
|
recurse: true
|
2024-06-03 21:01:48 +00:00
|
|
|
- name: Setup mount point folder
|
|
|
|
file:
|
|
|
|
path: "{{ home }}/.mnt/etb"
|
|
|
|
state: directory
|
|
|
|
recurse: true
|
|
|
|
- name: Setup triage folder
|
|
|
|
file:
|
|
|
|
path: "{{ home }}/triage"
|
|
|
|
state: directory
|
|
|
|
recurse: true
|
2024-05-30 16:28:31 +00:00
|
|
|
- name: Setup quick notes folder
|
|
|
|
file:
|
2024-06-06 09:31:30 +00:00
|
|
|
path: "{{ home }}/quick/notes"
|
|
|
|
state: directory
|
|
|
|
recurse: true
|
|
|
|
- name: Setup quick docs folder
|
|
|
|
file:
|
|
|
|
path: "{{ home }}/quick/docs"
|
|
|
|
state: directory
|
|
|
|
recurse: true
|
|
|
|
- name: Setup quick screenshot folder
|
|
|
|
file:
|
|
|
|
path: "{{ home }}/quick/screenshots"
|
2024-05-30 16:28:31 +00:00
|
|
|
state: directory
|
|
|
|
recurse: true
|
|
|
|
- name: Setup temporary secrets folder (cookies jar)
|
|
|
|
file:
|
|
|
|
path: "{{ home }}/.cache/secrets/"
|
|
|
|
state: directory
|
|
|
|
recurse: true
|
|
|
|
|
|
|
|
- name: Setup main popequer notebook
|
|
|
|
include_role:
|
|
|
|
name: popequer_notebook
|
2024-05-27 21:19:04 +00:00
|
|
|
|
2024-06-10 21:30:00 +00:00
|
|
|
- name: Install pip packages
|
2024-05-30 16:28:31 +00:00
|
|
|
community.general.pipx:
|
|
|
|
name: "{{ item }}"
|
2024-06-10 21:30:00 +00:00
|
|
|
loop: "{{ (lookup('file', 'pip_packages.json') | from_json)['native'] }}"
|
2024-05-30 16:28:31 +00:00
|
|
|
|
|
|
|
- name: Enable bluetooth service
|
|
|
|
become: true
|
|
|
|
ansible.builtin.systemd_service:
|
|
|
|
name: bluetooth
|
|
|
|
state: started
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
# WORKSPACE
|
2024-05-27 21:19:04 +00:00
|
|
|
- name: Clone books sources
|
|
|
|
ansible.builtin.git:
|
|
|
|
repo: "git@forge.lefuturiste.fr:mbess/books-sources.git"
|
|
|
|
dest: /home/mbess/workspace/books_sources
|
|
|
|
|
|
|
|
- name: Clone monakhos
|
|
|
|
ansible.builtin.git:
|
|
|
|
repo: "git@forge.lefuturiste.fr:mbess/monakhos.git"
|
|
|
|
dest: /home/mbess/workspace/monakhos
|
2024-05-31 06:53:35 +00:00
|
|
|
|
|
|
|
- name: Setup wofi link
|
|
|
|
become: true
|
|
|
|
file:
|
|
|
|
src: "/usr/bin/wofi"
|
|
|
|
dest: "/usr/bin/rofi"
|
|
|
|
state: link
|