- hosts: workstation gather_facts: True vars: home: /home/{{ user }} config_files: - dir: fish name: config.fish - dir: tmux name: tmux.conf - dir: alacritty name: alacritty.toml - dir: wofi name: style.css - dir: sway name: config - dir: helix name: config.toml - dir: i3status-rust name: config.toml - dir: git name: config - dir: nvim name: init.lua - dir: nvim name: lua # lua dir tasks: - name: Init arch block: - file: path: /home/mbess/.workstation_setup_state state: touch - copy: content="2024-05-20T11:28:07.552Z c385e8f1-9f34-47d3-9155-0cc1f04c4550" dest=/home/mbess/.workstation_setup_state - name: Update pacman repo become: true community.general.pacman: update_cache: true upgrade: true - name: Install some basic packages become: true community.general.pacman: name: - archlinux-keyring - name: Init pacman keyring become: true # complicated shit follow, to run or not this part depending on if we need to update the pacman key (expiration date) block: - stat: path: "{{ home }}/.cache/monakhos/pacman_key_state" register: pacman_key_state_stat - when: pacman_key_state_stat.stat.exists slurp: src: "{{ home }}/.cache/monakhos/pacman_key_state" register: pacman_key_state - when: pacman_key_state.content is defined name: "pacman key state debug 1" debug: msg: "{{ pacman_key_state.content | b64decode | to_datetime('%Y-%m-%d') }}" - when: not pacman_key_state_stat.stat.exists block: - shell: "rm -rf /etc/pacman.d/gnupg && pacman-key --init && pacman-key --populate archlinux" - shell: "mkdir -p ~/.cache/monakhos; echo -n $(date --iso-8601=d) > {{ home }}/.cache/monakhos/pacman_key_state" - name: Install some basic packages become: true community.general.pacman: name: - cliphist - name: Install packages from YAML files (excluding AUR) become: true community.general.pacman: name: "{{ lookup('file', 'arch_packages.json') | from_json }}" # the python script will return a list of packages # TODO: put pre-generated sshkeys # - name: Install yay, an AUR helper # - name: Copy pre-generated ssh keys block: - copy: src: ./vm_files/remote_key dest: "{{ home }}/.ssh/{{ device_name }}_generic_key_ed25519" mode: u=rw,g=,o= - copy: src: ./vm_files/remote_key.pub dest: "{{ home }}/.ssh/{{ device_name }}_generic_key_ed25519.pub" mode: u=rw,g=,o= - name: Config git template: src: ssh_config dest: "{{ home }}/.ssh/config" owner: "{{ user }}" mode: u=rw,g=,o= - name: Clone dots file git: repo: "git@forge.lefuturiste.fr:mbess/dots.git" dest: "{{ home }}/.dots" - name: Setup config directories file: path: "{{ home }}/.config/{{ item.dir }}" state: directory recurse: true loop: "{{ config_files }}" - name: Setup symbolic links to config files file: src: "{{ home }}/.dots/config/{{ item.dir }}/{{ item.name }}" dest: "{{ home }}/.config/{{ item.dir }}/{{ item.name }}" state: link loop: "{{ config_files }}" - name: Setup main popequer notebook include_role: name: popequer_notebook - name: Setup quick notes folder file: path: "{{ home }}/.hidden/quick_notes/" state: directory recurse: true - name: Setup temporary secrets folder (cookies jar) file: path: "{{ home }}/.cache/secrets/" state: directory recurse: true - name: Create the aur_builder user become: yes ansible.builtin.user: name: aur_builder create_home: yes group: wheel - name: Allow the `aur_builder` user to run `sudo pacman` without a password become: yes ansible.builtin.lineinfile: path: /etc/sudoers.d/11-install-aur_builder line: 'aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman' create: yes mode: 0644 validate: 'visudo -cf %s' - name: Install yay import_role: name: aur vars: packages: - yay-bin # - name: Clone books sources # ansible.builtin.git: # repo: "git@forge.lefuturiste.fr:mbess/books-sources.git" # dest: /home/mbess/workspace/books_sources