From c50143587652d5cbb3f036d09af42f779b95a9ce Mon Sep 17 00:00:00 2001 From: Jonathan Cremin Date: Mon, 25 Apr 2022 12:48:36 +0100 Subject: [PATCH] Another overdue checkpoint --- .gitignore | 1 + bootstrap.sh | 2 +- desktop.yml | 1 + host_vars/desktop | 16 ++++++++ hosts | 9 ++--- roles/base/defaults/main.yml | 5 ++- roles/base/tasks/main.yml | 43 +++++++++++++++++++++- roles/desktop/files/1password.repo | 2 +- roles/desktop/files/rpm.librewolf.net.repo | 4 ++ roles/desktop/files/slack.repo | 2 +- roles/desktop/files/teleport.repo | 2 +- roles/desktop/tasks/main.yml | 40 +++++++++++++++++--- roles/globalprotect/tasks/main.yml | 29 ++++----------- roles/howdy/tasks/main.yml | 2 +- roles/netdata/templates/python.d.conf.j2 | 2 +- roles/openrazer/files/openrazer.repo | 6 +-- roles/scream/tasks/main.yml | 14 +++---- roles/syncthing/files/syncthing.service | 10 ++--- roles/syncthing/tasks/main.yml | 22 ++++++++++- roles/virtualhere/files/config.ini | 4 -- roles/virtualhere/tasks/main.yml | 4 +- roles/virtualhere/templates/config.ini.j2 | 4 ++ roles/xbox/tasks/main.yml | 22 +++++++++++ nano.yml => server.yml | 6 +-- work.yml | 11 ------ 25 files changed, 182 insertions(+), 81 deletions(-) create mode 100644 .gitignore create mode 100644 host_vars/desktop create mode 100644 roles/desktop/files/rpm.librewolf.net.repo delete mode 100644 roles/virtualhere/files/config.ini create mode 100644 roles/virtualhere/templates/config.ini.j2 create mode 100644 roles/xbox/tasks/main.yml rename nano.yml => server.yml (61%) delete mode 100644 work.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..50081a8 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.vault-password \ No newline at end of file diff --git a/bootstrap.sh b/bootstrap.sh index cb2d0c1..6d211ff 100644 --- a/bootstrap.sh +++ b/bootstrap.sh @@ -4,6 +4,6 @@ sudo dnf install -y python3-pip pip install ansible ansible-galaxy collection install -r requirements.yml - +gsettings set org.gnome.mutter experimental-features "['scale-monitor-framebuffer']" gsettings set org.gnome.desktop.peripherals.mouse natural-scroll true gsettings set org.gnome.desktop.background picture-uri file:///usr/share/backgrounds/gnome/adwaita-timed.xml diff --git a/desktop.yml b/desktop.yml index 436901e..d0cd4dc 100644 --- a/desktop.yml +++ b/desktop.yml @@ -14,3 +14,4 @@ - { role: virtualhere, tags: [ 'virtualhere'] } - { role: devdeck, tags: [ 'devdeck'] } - { role: syncthing, tags: [ 'syncthing' ] } + - { role: xbox, tags: [ 'xbox' ] } \ No newline at end of file diff --git a/host_vars/desktop b/host_vars/desktop new file mode 100644 index 0000000..b7ee9c8 --- /dev/null +++ b/host_vars/desktop @@ -0,0 +1,16 @@ +--- + +virtualhere_it: "1612256810" +virtualhere_easyfindid: "NnL1bKU8y9cMhUFhNzxNQA" +virtualhere_easyfindpin: "2vTMJN" +virtualhere_license: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 66626631346564356664303938303461343237613231616339303737666139366333656439383533 + 3264386566316234616539383266653261333039313934360a393530313234313161626334356139 + 63636466346538373962346533343362373737356664626164363136646436653065656438396136 + 3833623338656132380a663665663238393964386235653437643333646531336362303966386266 + 31383030356337396564666639323531643662346334303936366132643366383138363633336563 + 34363631343339393936613166646631386331336366383032373734653265356631646133363862 + 32326539646336663235353164623461353537303533626637363838653732623333373561303466 + 61333534316436366263646137643864343464303932626236616462373133346538663038376565 + 3232 diff --git a/hosts b/hosts index 3e56f06..4d5f586 100644 --- a/hosts +++ b/hosts @@ -1,8 +1,5 @@ -[desktop] -localhost has_gpu=False ansible_connection=local +desktop ansible_connection=local -[work] -localhost ansible_connection=local +laptop ansible_connection=local -[nano] -10.0.1.3 +magnus ansible_host=10.0.1.6 \ No newline at end of file diff --git a/roles/base/defaults/main.yml b/roles/base/defaults/main.yml index 613915c..a563004 100644 --- a/roles/base/defaults/main.yml +++ b/roles/base/defaults/main.yml @@ -2,4 +2,7 @@ onepassword_cli_version: "v1.11.4" mkcert_version: "v1.4.3" -btop_version: "1.0.22" \ No newline at end of file +btop_version: "1.0.22" +kind_version: "v0.11.1" +kubectl_version: "v1.23.3" +kompose_version: "v1.26.0" \ No newline at end of file diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml index 4ac057d..b12a3be 100644 --- a/roles/base/tasks/main.yml +++ b/roles/base/tasks/main.yml @@ -2,14 +2,14 @@ - name: Install rpmfusion-free dnf: - name: https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-35.noarch.rpm + name: "https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-{{ ansible_distribution_major_version }}.noarch.rpm" state: present disable_gpg_check: 1 become: yes - name: Install rpmfusion-nonfree dnf: - name: https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-35.noarch.rpm + name: "https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-{{ ansible_distribution_major_version }}.noarch.rpm" state: present disable_gpg_check: 1 become: yes @@ -45,6 +45,9 @@ - podman-compose - dnf-plugins-core - lm_sensors + - cmake + - duf + - python3-pip enablerepo: rpmfusion-free state: present become: yes @@ -56,6 +59,13 @@ state: present become: yes +- name: create ~/.local/bin + file: + path: ~/.local/bin + state: directory + mode: '0755' + + - name: Install 1password cli unarchive: src: "https://cache.agilebits.com/dist/1P/op/pkg/{{ onepassword_cli_version }}/op_linux_amd64_{{ onepassword_cli_version }}.zip" @@ -78,6 +88,24 @@ mode: 0644 become: yes +- name: Fetch kind binary + get_url: + url: "https://kind.sigs.k8s.io/dl/{{ kind_version }}/kind-linux-amd64" + dest: ~/.local/bin/kind + mode: 0755 + +- name: Fetch kubectl binary + get_url: + url: "https://dl.k8s.io/release/{{ kubectl_version }}/bin/linux/amd64/kubectl" + dest: ~/.local/bin/kubectl + mode: 0755 + +- name: Fetch kompose binary + get_url: + url: "https://github.com/kubernetes/kompose/releases/download/{{ kompose_version }}/kompose-linux-amd64" + dest: ~/.local/bin/kompose + mode: 0755 + - name: Install gh-cli dnf: name: gh @@ -115,3 +143,14 @@ pip: name: yt-dlp state: present + +- name: Enable copr project varlad/onefetch + community.general.copr: + name: varlad/onefetch + become: yes + +- name: Install onefetch + dnf: + name: onefetch + state: present + become: yes diff --git a/roles/desktop/files/1password.repo b/roles/desktop/files/1password.repo index bc89b07..0da3d36 100644 --- a/roles/desktop/files/1password.repo +++ b/roles/desktop/files/1password.repo @@ -1,5 +1,5 @@ [1password] -name=1Password Stable Channel +name=1Password baseurl=https://downloads.1password.com/linux/rpm/stable/$basearch enabled=1 gpgcheck=1 diff --git a/roles/desktop/files/rpm.librewolf.net.repo b/roles/desktop/files/rpm.librewolf.net.repo new file mode 100644 index 0000000..106ad2d --- /dev/null +++ b/roles/desktop/files/rpm.librewolf.net.repo @@ -0,0 +1,4 @@ +[rpm.librewolf.net] +name=Librewolf +baseurl=https://rpm.librewolf.net +enabled=1 \ No newline at end of file diff --git a/roles/desktop/files/slack.repo b/roles/desktop/files/slack.repo index ecb863f..edbc161 100644 --- a/roles/desktop/files/slack.repo +++ b/roles/desktop/files/slack.repo @@ -1,5 +1,5 @@ [slack] -name=slack +name=Slack baseurl=https://packagecloud.io/slacktechnologies/slack/fedora/21/x86_64 enabled=1 gpgcheck=0 diff --git a/roles/desktop/files/teleport.repo b/roles/desktop/files/teleport.repo index e312c0d..bbfb20a 100644 --- a/roles/desktop/files/teleport.repo +++ b/roles/desktop/files/teleport.repo @@ -1,5 +1,5 @@ [teleport] -name=Gravitational Teleport packages +name=Teleport baseurl=https://rpm.releases.teleport.dev/ enabled=1 gpgcheck=1 diff --git a/roles/desktop/tasks/main.yml b/roles/desktop/tasks/main.yml index 5970d73..8ce458e 100644 --- a/roles/desktop/tasks/main.yml +++ b/roles/desktop/tasks/main.yml @@ -9,7 +9,13 @@ notify: enable boost become: yes - +- name: Disable SELinux because it's a nightmare with Podman + ansible.builtin.lineinfile: + path: /etc/selinux/config + regexp: '^SELINUX=' + line: SELINUX=disabled + become: yes + - name: Import dnf keys rpm_key: state: present @@ -18,7 +24,8 @@ - https://packagecloud.io/gpg.key - https://packages.microsoft.com/keys/microsoft.asc - https://rpm.releases.teleport.dev/RPM-GPG-KEY-teleport - # - https://downloads.1password.com/linux/keys/1password.asc + - https://downloads.1password.com/linux/keys/1password.asc + - https://keys.openpgp.org/vks/v1/by-fingerprint/034F7776EF5E0C613D2F7934D29FBD5F93C0CFC3 # Librewolf become: yes - name: Add dnf repos @@ -31,6 +38,7 @@ - vscode.repo - teleport.repo - 1password.repo + - rpm.librewolf.net.repo become: yes - name: Install common desktop dnf packages @@ -40,7 +48,6 @@ - power-profiles-daemon # Adds power settings in gnome-settings-center - chrome-gnome-shell - celluloid - - gnome-extensions-app - cheese - geary - pavucontrol @@ -61,6 +68,8 @@ - 1password - code - teleport + - librewolf + - mangohud enablerepo: - rpmfusion-free - rpmfusion-nonfree-steam @@ -85,16 +94,37 @@ - nl.g4d.Girens - tech.feliciano.pocket-casts - org.gnome.TextEditor + - com.mattjakeman.ExtensionManager + - md.obsidian.Obsidian + - org.pipewire.Helvum state: present remote: flathub method: user +- name: Add the knapsu flatpak repository remote to the user installation + flatpak_remote: + name: knapsu + state: present + flatpakrepo_url: https://flatpak.knapsu.eu/plex-media-player.flatpakrepo + method: user + +- name: Install flatpaks from knapsu + flatpak: + name: + - tv.plex.PlexMediaPlayer + state: present + remote: knapsu + method: user + - name: Install remote rpms dnf: name: - - https://zoom.us/client/latest/zoom_x86_64.rpm - - https://github.com/hensm/fx_cast/releases/download/v0.1.0/fx_cast_bridge-0.1.0-x64.rpm + - https://cdn.zoom.us/prod/v5.10.4/zoom_x86_64.rpm + - https://github.com/hensm/fx_cast/releases/download/v0.2.0/fx_cast_bridge-0.2.0-x64.rpm - https://github.com/Kong/insomnia/releases/download/core%402021.5.3/Insomnia.Core-2021.5.3.rpm + - https://github.com/openaudible/openaudible/releases/download/v3.4.3/OpenAudible_3.4.3_x86_64.rpm + - https://github.com/Mastermindzh/tidal-hifi/releases/download/2.7.1/tidal-hifi-2.7.1.x86_64.rpm + - https://github.com/iongion/podman-desktop-companion/releases/download/4.0.3-rc.2/podman-desktop-companion-x86_64-4.0.3-rc.2.rpm state: present disable_gpg_check: 1 become: yes diff --git a/roles/globalprotect/tasks/main.yml b/roles/globalprotect/tasks/main.yml index 9079d51..1936289 100644 --- a/roles/globalprotect/tasks/main.yml +++ b/roles/globalprotect/tasks/main.yml @@ -1,25 +1,12 @@ --- -- name: Install dependencies - dnf: - name: - - qt5-qttools-devel - - qt5-qtwebsockets-devel - - qt5-qtwebengine-devel - - openconnect - state: present +- name: Enable copr project yuezk/globalprotect-openconnect + community.general.copr: + name: yuezk/globalprotect-openconnect become: yes -- name: Clone yuezk/GlobalProtect-openconnect - git: - repo: 'https://github.com/yuezk/GlobalProtect-openconnect.git' - recursive: yes - update: yes - version: master - dest: /tmp/GlobalProtect-openconnect - -- name: Install using provided script - command: - chdir: /tmp/GlobalProtect-openconnect - cmd: ./scripts/install.sh - creates: /usr/bin/gpclient +- name: Install globalprotect-openconnect + dnf: + name: globalprotect-openconnect + state: present + become: yes diff --git a/roles/howdy/tasks/main.yml b/roles/howdy/tasks/main.yml index c7f5acb..5b533f9 100644 --- a/roles/howdy/tasks/main.yml +++ b/roles/howdy/tasks/main.yml @@ -2,7 +2,7 @@ - name: Install rpmsphere-release dnf: - name: https://github.com/rpmsphere/noarch/raw/master/r/rpmsphere-release-35.noarch.rpm + name: https://github.com/rpmsphere/noarch/raw/master/r/rpmsphere-release-{{ ansible_distribution_major_version }}.noarch.rpm state: present disable_gpg_check: 1 become: yes diff --git a/roles/netdata/templates/python.d.conf.j2 b/roles/netdata/templates/python.d.conf.j2 index f8ca33e..fffb8e4 100644 --- a/roles/netdata/templates/python.d.conf.j2 +++ b/roles/netdata/templates/python.d.conf.j2 @@ -74,7 +74,7 @@ logind: no # mysql: yes # nginx: yes # nginx_plus: yes -{% if has_gpu %} +{% if has_nvidia_gpu %} nvidia_smi: yes {% endif %} # nginx_log has been replaced by web_log diff --git a/roles/openrazer/files/openrazer.repo b/roles/openrazer/files/openrazer.repo index 451d8c1..20eeecb 100644 --- a/roles/openrazer/files/openrazer.repo +++ b/roles/openrazer/files/openrazer.repo @@ -1,7 +1,7 @@ [hardware_razer] -name=hardware:razer (Fedora_35) +name=hardware:razer (Fedora_36) type=rpm-md -baseurl=https://download.opensuse.org/repositories/hardware:/razer/Fedora_35/ +baseurl=https://download.opensuse.org/repositories/hardware:/razer/Fedora_36/ gpgcheck=1 -gpgkey=https://download.opensuse.org/repositories/hardware:/razer/Fedora_35/repodata/repomd.xml.key +gpgkey=https://download.opensuse.org/repositories/hardware:/razer/Fedora_36/repodata/repomd.xml.key enabled=1 diff --git a/roles/scream/tasks/main.yml b/roles/scream/tasks/main.yml index bb1b88d..e248bb0 100644 --- a/roles/scream/tasks/main.yml +++ b/roles/scream/tasks/main.yml @@ -11,29 +11,29 @@ git: repo: 'https://github.com/duncanthrax/scream.git' version: master - dest: /tmp/duncanthrax-scream + dest: ~/.cache/duncanthrax-scream - name: Create build dir file: - dest: /tmp/duncanthrax-scream/Receivers/unix/build + dest: ~/.cache/duncanthrax-scream/Receivers/unix/build mode: '0755' state: directory - name: Cmake the Makefiles command: - chdir: /tmp/duncanthrax-scream/Receivers/unix/build + chdir: ~/.cache/duncanthrax-scream/Receivers/unix/build cmd: cmake .. - creates: /tmp/duncanthrax-scream/Receivers/unix/build/Makefile + creates: ~/.cache/duncanthrax-scream/Receivers/unix/build/Makefile - name: Make all the things command: - chdir: /tmp/duncanthrax-scream/Receivers/unix/build + chdir: ~/.cache/duncanthrax-scream/Receivers/unix/build cmd: make - creates: /tmp/duncanthrax-scream/Receivers/unix/build/scream + creates: ~/.cache/duncanthrax-scream/Receivers/unix/build/scream - name: make install command: - chdir: /tmp/duncanthrax-scream/Receivers/unix/build + chdir: /home/jonathan/.cache/duncanthrax-scream/Receivers/unix/build cmd: make install creates: /usr/local/bin/scream become: yes diff --git a/roles/syncthing/files/syncthing.service b/roles/syncthing/files/syncthing.service index f80f3c6..37ca516 100644 --- a/roles/syncthing/files/syncthing.service +++ b/roles/syncthing/files/syncthing.service @@ -10,14 +10,10 @@ After=network-online.target RequiresMountsFor=/run/user/1000/containers [Service] -Environment=PODMAN_SYSTEMD_UNIT=%n Restart=on-failure TimeoutStopSec=70 -ExecStart=/usr/bin/podman start --conmon-pidfile=/run/user/1000/containers/overlay-containers/a28350af37850f9c5df8a2884e974c79f64d0dc30bece852d5d1c341a47334c9/userdata/conmon.pid syncthing -ExecStop=/usr/bin/podman stop --conmon-pidfile=/run/user/1000/containers/overlay-containers/a28350af37850f9c5df8a2884e974c79f64d0dc30bece852d5d1c341a47334c9/userdata/conmon.pid -t 10 syncthing -ExecStopPost=/usr/bin/podman stop --conmon-pidfile=/run/user/1000/containers/overlay-containers/a28350af37850f9c5df8a2884e974c79f64d0dc30bece852d5d1c341a47334c9/userdata/conmon.pid -t 10 syncthing -PIDFile=/run/user/1000/containers/overlay-containers/a28350af37850f9c5df8a2884e974c79f64d0dc30bece852d5d1c341a47334c9/userdata/conmon.pid -Type=forking +ExecStart=/usr/bin/podman start syncthing +ExecStop=/usr/bin/podman stop -t 10 syncthing [Install] -WantedBy=multi-user.target default.target +WantedBy=default.target diff --git a/roles/syncthing/tasks/main.yml b/roles/syncthing/tasks/main.yml index 964d2f8..529ac2b 100644 --- a/roles/syncthing/tasks/main.yml +++ b/roles/syncthing/tasks/main.yml @@ -14,12 +14,26 @@ mode: "0644" dest: ~/.local/share/systemd/user/syncthing.service +- name: Create Syncthing directories + file: + dest: "{{item}}" + mode: '0700' + owner: jonathan + group: jonathan + state: directory + with_items: + - /home/jonathan/.config/podman/etc/syncthing + - /home/jonathan/.config/podman/syncthing + - /home/jonathan/Sync + - /home/jonathan/Code + - /home/jonathan/Udemy + + - name: Create and start Syncthing container containers.podman.podman_container: name: syncthing image: docker.io/syncthing/syncthing user: "0" - memory: 512m env: PUID: "0" PGID: "0" @@ -34,4 +48,8 @@ network: host restart_policy: on-failure:5 - +- name: Enable syncthing systemd unit + ansible.builtin.systemd: + name: syncthing + scope: user + enabled: yes diff --git a/roles/virtualhere/files/config.ini b/roles/virtualhere/files/config.ini deleted file mode 100644 index 49647b3..0000000 --- a/roles/virtualhere/files/config.ini +++ /dev/null @@ -1,4 +0,0 @@ -It=1612256810 -EasyFindId=NnL1bKU8y9cMhUFhNzxNQA -EasyFindPin=2vTMJN -License=100426f0-7de4-ae8e-e7e1-244bfec823db,0,MCACDi8rVnEa6oduIXJBZNAEAg5o/Fp6R7Njxf5D4uN0Bw== \ No newline at end of file diff --git a/roles/virtualhere/tasks/main.yml b/roles/virtualhere/tasks/main.yml index c384e40..2d4cbdd 100644 --- a/roles/virtualhere/tasks/main.yml +++ b/roles/virtualhere/tasks/main.yml @@ -17,8 +17,8 @@ become: yes - name: Create Virtualhere config - copy: - src: config.ini + template: + src: config.ini.j2 mode: "0644" dest: /usr/local/etc/virtualhere/config.ini become: yes diff --git a/roles/virtualhere/templates/config.ini.j2 b/roles/virtualhere/templates/config.ini.j2 new file mode 100644 index 0000000..3db8746 --- /dev/null +++ b/roles/virtualhere/templates/config.ini.j2 @@ -0,0 +1,4 @@ +It={{ virtualhere_it }} +EasyFindId={{ virtualhere_easyfindid }} +EasyFindPin={{ virtualhere_easyfindpin }} +License={{ virtualhere_license }} diff --git a/roles/xbox/tasks/main.yml b/roles/xbox/tasks/main.yml new file mode 100644 index 0000000..f1d31d4 --- /dev/null +++ b/roles/xbox/tasks/main.yml @@ -0,0 +1,22 @@ +--- + +- name: Install dependencies + dnf: + name: + - dkms + - cabextract + state: present + become: yes + +- name: Clone medusalix/xone + git: + repo: 'https://github.com/medusalix/xone' + version: master + dest: ~/.cache/medusalix-xone + +# if [ -n "$(dkms status xone)" ]; then +# echo 'Driver is already installed!' >&2 +# exit 1 +# fi + +# do the things in https://github.com/medusalix/xone/blob/master/install.sh \ No newline at end of file diff --git a/nano.yml b/server.yml similarity index 61% rename from nano.yml rename to server.yml index 720abca..8f9c8f8 100644 --- a/nano.yml +++ b/server.yml @@ -1,11 +1,9 @@ --- -- hosts: nano - +- hosts: magnus roles: - { role: base, tags: [ 'base'] } - { role: users, tags: [ 'users'] } - { role: ssh, tags: [ 'ssh'] } - - { role: docker, tags: [ 'docker' ] } + - { role: docker, tags: [ 'docker'] } - { role: tailscale, tags: [ 'tailscale'] } - - { role: netdata, tags: [ 'netdata'] } \ No newline at end of file diff --git a/work.yml b/work.yml deleted file mode 100644 index ae68f61..0000000 --- a/work.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -- hosts: work - roles: - - { role: common, tags: [ 'common'] } - - { role: users, tags: [ 'users'] } - - { role: tailscale, tags: [ 'tailscale'] } - - { role: appimages, tags: [ 'appimages'] } - - { role: ssh, tags: [ 'ssh'] } - - { role: docker, tags: [ 'docker'] } - - { role: luminance, tags: [ 'luminance'] } \ No newline at end of file