jonathan/ansible
jonathan/ansible
1
0
Fork 0
Code Issues Pull requests Projects Wiki Activity Actions

Another overdue checkpoint

Browse source
This commit is contained in:
Jonathan Cremin 2022-04-25 12:48:36 +01:00
parent 692269f9ff
commit c501435876
25 changed files with 182 additions and 81 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
.vault-password

2
bootstrap.sh
View file

@ -4,6 +4,6 @@ sudo dnf install -y python3-pip
pip install ansible
ansible-galaxy collection install -r requirements.yml
gsettings set org.gnome.mutter experimental-features "['scale-monitor-framebuffer']"
gsettings set org.gnome.desktop.peripherals.mouse natural-scroll true
gsettings set org.gnome.desktop.background picture-uri file:///usr/share/backgrounds/gnome/adwaita-timed.xml

1
desktop.yml
View file

@ -14,3 +14,4 @@
- { role: virtualhere, tags: [ 'virtualhere'] }
- { role: devdeck, tags: [ 'devdeck'] }
- { role: syncthing, tags: [ 'syncthing' ] }
- { role: xbox, tags: [ 'xbox' ] }

16
host_vars/desktop Normal file
View file

@ -0,0 +1,16 @@
---
virtualhere_it: "1612256810"
virtualhere_easyfindid: "NnL1bKU8y9cMhUFhNzxNQA"
virtualhere_easyfindpin: "2vTMJN"
virtualhere_license: !vault |
$ANSIBLE_VAULT;1.1;AES256
66626631346564356664303938303461343237613231616339303737666139366333656439383533
3264386566316234616539383266653261333039313934360a393530313234313161626334356139
63636466346538373962346533343362373737356664626164363136646436653065656438396136
3833623338656132380a663665663238393964386235653437643333646531336362303966386266
31383030356337396564666639323531643662346334303936366132643366383138363633336563
34363631343339393936613166646631386331336366383032373734653265356631646133363862
32326539646336663235353164623461353537303533626637363838653732623333373561303466
61333534316436366263646137643864343464303932626236616462373133346538663038376565
3232

9
hosts
View file

@ -1,8 +1,5 @@
[desktop]
localhost has_gpu=False ansible_connection=local
desktop ansible_connection=local
[work]
localhost ansible_connection=local
laptop ansible_connection=local
[nano]
10.0.1.3
magnus ansible_host=10.0.1.6

3
roles/base/defaults/main.yml
View file

@ -3,3 +3,6 @@
onepassword_cli_version: "v1.11.4"
mkcert_version: "v1.4.3"
btop_version: "1.0.22"
kind_version: "v0.11.1"
kubectl_version: "v1.23.3"
kompose_version: "v1.26.0"

43
roles/base/tasks/main.yml
View file

@ -2,14 +2,14 @@
- name: Install rpmfusion-free
dnf:
name: https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-35.noarch.rpm
name: "https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-{{ ansible_distribution_major_version }}.noarch.rpm"
state: present
disable_gpg_check: 1
become: yes
- name: Install rpmfusion-nonfree
dnf:
name: https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-35.noarch.rpm
name: "https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-{{ ansible_distribution_major_version }}.noarch.rpm"
state: present
disable_gpg_check: 1
become: yes
@ -45,6 +45,9 @@
- podman-compose
- dnf-plugins-core
- lm_sensors
- cmake
- duf
- python3-pip
enablerepo: rpmfusion-free
state: present
become: yes
@ -56,6 +59,13 @@
state: present
become: yes
- name: create ~/.local/bin
file:
path: ~/.local/bin
state: directory
mode: '0755'
- name: Install 1password cli
unarchive:
src: "https://cache.agilebits.com/dist/1P/op/pkg/{{ onepassword_cli_version }}/op_linux_amd64_{{ onepassword_cli_version }}.zip"
@ -78,6 +88,24 @@
mode: 0644
become: yes
- name: Fetch kind binary
get_url:
url: "https://kind.sigs.k8s.io/dl/{{ kind_version }}/kind-linux-amd64"
dest: ~/.local/bin/kind
mode: 0755
- name: Fetch kubectl binary
get_url:
url: "https://dl.k8s.io/release/{{ kubectl_version }}/bin/linux/amd64/kubectl"
dest: ~/.local/bin/kubectl
mode: 0755
- name: Fetch kompose binary
get_url:
url: "https://github.com/kubernetes/kompose/releases/download/{{ kompose_version }}/kompose-linux-amd64"
dest: ~/.local/bin/kompose
mode: 0755
- name: Install gh-cli
dnf:
name: gh
@ -115,3 +143,14 @@
pip:
name: yt-dlp
state: present
- name: Enable copr project varlad/onefetch
community.general.copr:
name: varlad/onefetch
become: yes
- name: Install onefetch
dnf:
name: onefetch
state: present
become: yes

2
roles/desktop/files/1password.repo
View file

@ -1,5 +1,5 @@
[1password]
name=1Password Stable Channel
name=1Password
baseurl=https://downloads.1password.com/linux/rpm/stable/$basearch
enabled=1
gpgcheck=1

4
roles/desktop/files/rpm.librewolf.net.repo Normal file
View file

@ -0,0 +1,4 @@
[rpm.librewolf.net]
name=Librewolf
baseurl=https://rpm.librewolf.net
enabled=1

2
roles/desktop/files/slack.repo
View file

@ -1,5 +1,5 @@
[slack]
name=slack
name=Slack
baseurl=https://packagecloud.io/slacktechnologies/slack/fedora/21/x86_64
enabled=1
gpgcheck=0

2
roles/desktop/files/teleport.repo
View file

@ -1,5 +1,5 @@
[teleport]
name=Gravitational Teleport packages
name=Teleport
baseurl=https://rpm.releases.teleport.dev/
enabled=1
gpgcheck=1

38
roles/desktop/tasks/main.yml
View file

@ -9,6 +9,12 @@
notify: enable boost
become: yes
- name: Disable SELinux because it's a nightmare with Podman
ansible.builtin.lineinfile:
path: /etc/selinux/config
regexp: '^SELINUX='
line: SELINUX=disabled
become: yes
- name: Import dnf keys
rpm_key:
@ -18,7 +24,8 @@
- https://packagecloud.io/gpg.key
- https://packages.microsoft.com/keys/microsoft.asc
- https://rpm.releases.teleport.dev/RPM-GPG-KEY-teleport
# - https://downloads.1password.com/linux/keys/1password.asc
- https://downloads.1password.com/linux/keys/1password.asc
- https://keys.openpgp.org/vks/v1/by-fingerprint/034F7776EF5E0C613D2F7934D29FBD5F93C0CFC3 # Librewolf
become: yes
- name: Add dnf repos
@ -31,6 +38,7 @@
- vscode.repo
- teleport.repo
- 1password.repo
- rpm.librewolf.net.repo
become: yes
- name: Install common desktop dnf packages
@ -40,7 +48,6 @@
- power-profiles-daemon # Adds power settings in gnome-settings-center
- chrome-gnome-shell
- celluloid
- gnome-extensions-app
- cheese
- geary
- pavucontrol
@ -61,6 +68,8 @@
- 1password
- code
- teleport
- librewolf
- mangohud
enablerepo:
- rpmfusion-free
- rpmfusion-nonfree-steam
@ -85,16 +94,37 @@
- nl.g4d.Girens
- tech.feliciano.pocket-casts
- org.gnome.TextEditor
- com.mattjakeman.ExtensionManager
- md.obsidian.Obsidian
- org.pipewire.Helvum
state: present
remote: flathub
method: user
- name: Add the knapsu flatpak repository remote to the user installation
flatpak_remote:
name: knapsu
state: present
flatpakrepo_url: https://flatpak.knapsu.eu/plex-media-player.flatpakrepo
method: user
- name: Install flatpaks from knapsu
flatpak:
name:
- tv.plex.PlexMediaPlayer
state: present
remote: knapsu
method: user
- name: Install remote rpms
dnf:
name:
- https://zoom.us/client/latest/zoom_x86_64.rpm
- https://github.com/hensm/fx_cast/releases/download/v0.1.0/fx_cast_bridge-0.1.0-x64.rpm
- https://cdn.zoom.us/prod/v5.10.4/zoom_x86_64.rpm
- https://github.com/hensm/fx_cast/releases/download/v0.2.0/fx_cast_bridge-0.2.0-x64.rpm
- https://github.com/Kong/insomnia/releases/download/core%402021.5.3/Insomnia.Core-2021.5.3.rpm
- https://github.com/openaudible/openaudible/releases/download/v3.4.3/OpenAudible_3.4.3_x86_64.rpm
- https://github.com/Mastermindzh/tidal-hifi/releases/download/2.7.1/tidal-hifi-2.7.1.x86_64.rpm
- https://github.com/iongion/podman-desktop-companion/releases/download/4.0.3-rc.2/podman-desktop-companion-x86_64-4.0.3-rc.2.rpm
state: present
disable_gpg_check: 1
become: yes

29
roles/globalprotect/tasks/main.yml
View file

@ -1,25 +1,12 @@
---
- name: Install dependencies
dnf:
name:
- qt5-qttools-devel
- qt5-qtwebsockets-devel
- qt5-qtwebengine-devel
- openconnect
state: present
- name: Enable copr project yuezk/globalprotect-openconnect
community.general.copr:
name: yuezk/globalprotect-openconnect
become: yes
- name: Clone yuezk/GlobalProtect-openconnect
git:
repo: 'https://github.com/yuezk/GlobalProtect-openconnect.git'
recursive: yes
update: yes
version: master
dest: /tmp/GlobalProtect-openconnect
- name: Install using provided script
command:
chdir: /tmp/GlobalProtect-openconnect
cmd: ./scripts/install.sh
creates: /usr/bin/gpclient
- name: Install globalprotect-openconnect
dnf:
name: globalprotect-openconnect
state: present
become: yes

2
roles/howdy/tasks/main.yml
View file

@ -2,7 +2,7 @@
- name: Install rpmsphere-release
dnf:
name: https://github.com/rpmsphere/noarch/raw/master/r/rpmsphere-release-35.noarch.rpm
name: https://github.com/rpmsphere/noarch/raw/master/r/rpmsphere-release-{{ ansible_distribution_major_version }}.noarch.rpm
state: present
disable_gpg_check: 1
become: yes

2
roles/netdata/templates/python.d.conf.j2
View file

@ -74,7 +74,7 @@ logind: no
# mysql: yes
# nginx: yes
# nginx_plus: yes
{% if has_gpu %}
{% if has_nvidia_gpu %}
nvidia_smi: yes
{% endif %}
# nginx_log has been replaced by web_log

6
roles/openrazer/files/openrazer.repo
View file

@ -1,7 +1,7 @@
[hardware_razer]
name=hardware:razer (Fedora_35)
name=hardware:razer (Fedora_36)
type=rpm-md
baseurl=https://download.opensuse.org/repositories/hardware:/razer/Fedora_35/
baseurl=https://download.opensuse.org/repositories/hardware:/razer/Fedora_36/
gpgcheck=1
gpgkey=https://download.opensuse.org/repositories/hardware:/razer/Fedora_35/repodata/repomd.xml.key
gpgkey=https://download.opensuse.org/repositories/hardware:/razer/Fedora_36/repodata/repomd.xml.key
enabled=1

14
roles/scream/tasks/main.yml
View file

@ -11,29 +11,29 @@
git:
repo: 'https://github.com/duncanthrax/scream.git'
version: master
dest: /tmp/duncanthrax-scream
dest: ~/.cache/duncanthrax-scream
- name: Create build dir
file:
dest: /tmp/duncanthrax-scream/Receivers/unix/build
dest: ~/.cache/duncanthrax-scream/Receivers/unix/build
mode: '0755'
state: directory
- name: Cmake the Makefiles
command:
chdir: /tmp/duncanthrax-scream/Receivers/unix/build
chdir: ~/.cache/duncanthrax-scream/Receivers/unix/build
cmd: cmake ..
creates: /tmp/duncanthrax-scream/Receivers/unix/build/Makefile
creates: ~/.cache/duncanthrax-scream/Receivers/unix/build/Makefile
- name: Make all the things
command:
chdir: /tmp/duncanthrax-scream/Receivers/unix/build
chdir: ~/.cache/duncanthrax-scream/Receivers/unix/build
cmd: make
creates: /tmp/duncanthrax-scream/Receivers/unix/build/scream
creates: ~/.cache/duncanthrax-scream/Receivers/unix/build/scream
- name: make install
command:
chdir: /tmp/duncanthrax-scream/Receivers/unix/build
chdir: /home/jonathan/.cache/duncanthrax-scream/Receivers/unix/build
cmd: make install
creates: /usr/local/bin/scream
become: yes

10
roles/syncthing/files/syncthing.service
View file

@ -10,14 +10,10 @@ After=network-online.target
RequiresMountsFor=/run/user/1000/containers
[Service]
Environment=PODMAN_SYSTEMD_UNIT=%n
Restart=on-failure
TimeoutStopSec=70
ExecStart=/usr/bin/podman start --conmon-pidfile=/run/user/1000/containers/overlay-containers/a28350af37850f9c5df8a2884e974c79f64d0dc30bece852d5d1c341a47334c9/userdata/conmon.pid syncthing
ExecStop=/usr/bin/podman stop --conmon-pidfile=/run/user/1000/containers/overlay-containers/a28350af37850f9c5df8a2884e974c79f64d0dc30bece852d5d1c341a47334c9/userdata/conmon.pid -t 10 syncthing
ExecStopPost=/usr/bin/podman stop --conmon-pidfile=/run/user/1000/containers/overlay-containers/a28350af37850f9c5df8a2884e974c79f64d0dc30bece852d5d1c341a47334c9/userdata/conmon.pid -t 10 syncthing
PIDFile=/run/user/1000/containers/overlay-containers/a28350af37850f9c5df8a2884e974c79f64d0dc30bece852d5d1c341a47334c9/userdata/conmon.pid
Type=forking
ExecStart=/usr/bin/podman start syncthing
ExecStop=/usr/bin/podman stop -t 10 syncthing
[Install]
WantedBy=multi-user.target default.target
WantedBy=default.target

22
roles/syncthing/tasks/main.yml
View file

@ -14,12 +14,26 @@
mode: "0644"
dest: ~/.local/share/systemd/user/syncthing.service
- name: Create Syncthing directories
file:
dest: "{{item}}"
mode: '0700'
owner: jonathan
group: jonathan
state: directory
with_items:
- /home/jonathan/.config/podman/etc/syncthing
- /home/jonathan/.config/podman/syncthing
- /home/jonathan/Sync
- /home/jonathan/Code
- /home/jonathan/Udemy
- name: Create and start Syncthing container
containers.podman.podman_container:
name: syncthing
image: docker.io/syncthing/syncthing
user: "0"
memory: 512m
env:
PUID: "0"
PGID: "0"
@ -34,4 +48,8 @@
network: host
restart_policy: on-failure:5
- name: Enable syncthing systemd unit
ansible.builtin.systemd:
name: syncthing
scope: user
enabled: yes

4
roles/virtualhere/files/config.ini
View file

@ -1,4 +0,0 @@
It=1612256810
EasyFindId=NnL1bKU8y9cMhUFhNzxNQA
EasyFindPin=2vTMJN
License=100426f0-7de4-ae8e-e7e1-244bfec823db,0,MCACDi8rVnEa6oduIXJBZNAEAg5o/Fp6R7Njxf5D4uN0Bw==

4
roles/virtualhere/tasks/main.yml
View file

@ -17,8 +17,8 @@
become: yes
- name: Create Virtualhere config
copy:
src: config.ini
template:
src: config.ini.j2
mode: "0644"
dest: /usr/local/etc/virtualhere/config.ini
become: yes

4
roles/virtualhere/templates/config.ini.j2 Normal file
View file

@ -0,0 +1,4 @@
It={{ virtualhere_it }}
EasyFindId={{ virtualhere_easyfindid }}
EasyFindPin={{ virtualhere_easyfindpin }}
License={{ virtualhere_license }}

22
roles/xbox/tasks/main.yml Normal file
View file

@ -0,0 +1,22 @@
---
- name: Install dependencies
dnf:
name:
- dkms
- cabextract
state: present
become: yes
- name: Clone medusalix/xone
git:
repo: 'https://github.com/medusalix/xone'
version: master
dest: ~/.cache/medusalix-xone
# if [ -n "$(dkms status xone)" ]; then
# echo 'Driver is already installed!' >&2
# exit 1
# fi
# do the things in https://github.com/medusalix/xone/blob/master/install.sh

6
nano.yml → server.yml
View file

@ -1,11 +1,9 @@
---
- hosts: nano
- hosts: magnus
roles:
- { role: base, tags: [ 'base'] }
- { role: users, tags: [ 'users'] }
- { role: ssh, tags: [ 'ssh'] }
- { role: docker, tags: [ 'docker' ] }
- { role: docker, tags: [ 'docker'] }
- { role: tailscale, tags: [ 'tailscale'] }
- { role: netdata, tags: [ 'netdata'] }

11
work.yml
View file

@ -1,11 +0,0 @@
---
- hosts: work
roles:
- { role: common, tags: [ 'common'] }
- { role: users, tags: [ 'users'] }
- { role: tailscale, tags: [ 'tailscale'] }
- { role: appimages, tags: [ 'appimages'] }
- { role: ssh, tags: [ 'ssh'] }
- { role: docker, tags: [ 'docker'] }
- { role: luminance, tags: [ 'luminance'] }