parent
7a6f674714
commit
f8ed675315
@ -1,5 +1,5 @@ |
|||||||
--- |
--- |
||||||
all: |
all: |
||||||
hosts: |
hosts: |
||||||
192.168.2.227: |
<ip_addr>: |
||||||
ansible_user: root |
ansible_user: root |
||||||
|
@ -0,0 +1,18 @@ |
|||||||
|
- name: Install pulse audio packages. |
||||||
|
become: true |
||||||
|
become_user: "{{ user_name }}" |
||||||
|
aur: |
||||||
|
name: |
||||||
|
- pulseaudio |
||||||
|
- pulseaudio-alsa |
||||||
|
- ncpamixer |
||||||
|
- pamixer |
||||||
|
state: present |
||||||
|
|
||||||
|
- name: Install pulse audio bluetooth package. |
||||||
|
become: true |
||||||
|
become_user: "{{ user_name }}" |
||||||
|
aur: |
||||||
|
name: pulseaudio-bluetooth |
||||||
|
state: present |
||||||
|
when: feat_bluetooth |
@ -0,0 +1,14 @@ |
|||||||
|
- name: Install bluetooth packages. |
||||||
|
become: true |
||||||
|
become_user: "{{ user_name }}" |
||||||
|
aur: |
||||||
|
name: |
||||||
|
- bluez |
||||||
|
- bluez-utils |
||||||
|
state: present |
||||||
|
|
||||||
|
- name: Enable bluetooth service. |
||||||
|
systemd: |
||||||
|
name: bluetooth |
||||||
|
enabled: true |
||||||
|
state: started |
@ -0,0 +1,47 @@ |
|||||||
|
--- |
||||||
|
- name: Install common software. |
||||||
|
become: true |
||||||
|
become_user: "{{ user_name }}" |
||||||
|
aur: |
||||||
|
name: |
||||||
|
- git |
||||||
|
- vim |
||||||
|
- firefox |
||||||
|
- fish |
||||||
|
- code |
||||||
|
- libreoffice |
||||||
|
- spotify |
||||||
|
- slack-desktop |
||||||
|
- discord |
||||||
|
# rust |
||||||
|
- rustup |
||||||
|
# nodejs |
||||||
|
- nodejs |
||||||
|
- yarn |
||||||
|
# fonts |
||||||
|
# ttf-font-awesome |
||||||
|
# nerd-fonts-source-code-pro |
||||||
|
# java |
||||||
|
- jdk8-openjdk |
||||||
|
- jdk-openjdk |
||||||
|
# awesome rust tools |
||||||
|
- alacritty |
||||||
|
- bandwhich |
||||||
|
- bat |
||||||
|
- bottom |
||||||
|
- git-delta |
||||||
|
- dust |
||||||
|
- exa |
||||||
|
- fd |
||||||
|
- procs |
||||||
|
- ripgrep |
||||||
|
- sd |
||||||
|
- starship |
||||||
|
- tealdeer |
||||||
|
- tokei |
||||||
|
- zoxide |
||||||
|
# misc |
||||||
|
- ncdu |
||||||
|
- flameshot |
||||||
|
- kakoune |
||||||
|
state: present |
@ -0,0 +1,22 @@ |
|||||||
|
- name: Allow wheel to sudo without password. |
||||||
|
copy: |
||||||
|
dest: /etc/sudoers.d/00-tmp-sudo-full-access |
||||||
|
content: "%wheel ALL=(ALL) NOPASSWD: ALL" |
||||||
|
owner: root |
||||||
|
group: root |
||||||
|
mode: 0440 |
||||||
|
|
||||||
|
- name: Create user {{ user_name }}. |
||||||
|
user: |
||||||
|
name: "{{ user_name }}" |
||||||
|
state: present |
||||||
|
create_home: true |
||||||
|
groups: wheel |
||||||
|
append: true |
||||||
|
shell: /bin/bash |
||||||
|
|
||||||
|
- name: Update user {{ user_name }}'s password. |
||||||
|
shell: | |
||||||
|
set -e -o pipefail |
||||||
|
echo {{ user_name }}:{{ user_password }} | chpasswd |
||||||
|
changed_when: true |
@ -0,0 +1,12 @@ |
|||||||
|
- name: Install lightdm. |
||||||
|
pacman: |
||||||
|
name: |
||||||
|
- lightdm |
||||||
|
- lightdm-gtk-greeter |
||||||
|
state: present |
||||||
|
|
||||||
|
- name: Enable lightdm |
||||||
|
systemd: |
||||||
|
name: lightdm |
||||||
|
enabled: true |
||||||
|
state: started |
@ -0,0 +1,4 @@ |
|||||||
|
- name: Include display manager strategy. |
||||||
|
include_role: |
||||||
|
name: "display_manager/{{ display_manager }}" |
||||||
|
public: true |
@ -0,0 +1,4 @@ |
|||||||
|
- name: Include display server xorg. |
||||||
|
include_role: |
||||||
|
name: "display_server/xorg" |
||||||
|
public: true |
@ -0,0 +1,6 @@ |
|||||||
|
- name: Install packages. |
||||||
|
aur: |
||||||
|
name: |
||||||
|
- xorg-server |
||||||
|
- xorg-xinit |
||||||
|
state: present |
@ -0,0 +1,20 @@ |
|||||||
|
- name: Install docker. |
||||||
|
become: true |
||||||
|
become_user: "{{ user_name }}" |
||||||
|
aur: |
||||||
|
name: |
||||||
|
- docker |
||||||
|
- docker-compose |
||||||
|
state: present |
||||||
|
|
||||||
|
- name: Enable docker. |
||||||
|
systemd: |
||||||
|
name: docker |
||||||
|
enabled: true |
||||||
|
state: started |
||||||
|
|
||||||
|
- name: Add user {{ user_name }} to docker group. |
||||||
|
user: |
||||||
|
name: "{{ user_name }}" |
||||||
|
groups: docker |
||||||
|
append: true |
@ -0,0 +1,18 @@ |
|||||||
|
- name: Update /etc/hostname. |
||||||
|
copy: |
||||||
|
dest: /etc/hostname |
||||||
|
content: "{{ hostname }}" |
||||||
|
owner: root |
||||||
|
group: root |
||||||
|
mode: 0644 |
||||||
|
|
||||||
|
- name: Update /etc/hosts. |
||||||
|
copy: |
||||||
|
dest: /etc/hosts |
||||||
|
content: | |
||||||
|
127.0.0.1 localhost |
||||||
|
::1 localhost |
||||||
|
127.0.1.1 {{ hostname }} |
||||||
|
owner: root |
||||||
|
group: root |
||||||
|
mode: 0644 |
@ -0,0 +1,27 @@ |
|||||||
|
--- |
||||||
|
- name: Update locale selection. |
||||||
|
lineinfile: |
||||||
|
path: /etc/locale.gen |
||||||
|
line: "{{ item }}" |
||||||
|
with_items: |
||||||
|
- en_US.UTF-8 UTF-8 |
||||||
|
|
||||||
|
- name: Generate locales. |
||||||
|
command: locale-gen |
||||||
|
changed_when: true |
||||||
|
|
||||||
|
- name: Update locale config. |
||||||
|
copy: |
||||||
|
dest: /etc/locale.conf |
||||||
|
content: LANG=en_US.UTF-8 |
||||||
|
owner: root |
||||||
|
group: root |
||||||
|
mode: 0644 |
||||||
|
|
||||||
|
- name: Update keyboard layout config. |
||||||
|
copy: |
||||||
|
dest: /etc/vconsole.conf |
||||||
|
content: KEYMAP=us |
||||||
|
owner: root |
||||||
|
group: root |
||||||
|
mode: 0644 |
@ -0,0 +1,13 @@ |
|||||||
|
--- |
||||||
|
- name: Symlink timezone to /etc/localtime. |
||||||
|
file: |
||||||
|
src: /usr/share/zoneinfo/{{ timezone }} |
||||||
|
path: /etc/localtime |
||||||
|
state: link |
||||||
|
owner: root |
||||||
|
group: root |
||||||
|
mode: 0644 |
||||||
|
|
||||||
|
- name: Sync hardware clock. |
||||||
|
command: hwclock --systohc |
||||||
|
changed_when: true |
@ -0,0 +1,39 @@ |
|||||||
|
--- |
||||||
|
- name: Install mullvad. |
||||||
|
become: true |
||||||
|
become_user: "{{ user_name }}" |
||||||
|
aur: |
||||||
|
name: mullvad-vpn-bin |
||||||
|
state: present |
||||||
|
|
||||||
|
- name: Mullvad login. |
||||||
|
command: mullvad account set {{ mullvad_account }} |
||||||
|
changed_when: true |
||||||
|
|
||||||
|
- name: Enable local networking. |
||||||
|
command: mullvad lan set allow |
||||||
|
changed_when: true |
||||||
|
|
||||||
|
- name: Enable on startup. |
||||||
|
command: mullvad auto-connect set on |
||||||
|
changed_when: true |
||||||
|
|
||||||
|
- name: Always require mullvad. |
||||||
|
command: mullvad always-require-vpn set on |
||||||
|
changed_when: true |
||||||
|
|
||||||
|
- name: Set dns settings. |
||||||
|
command: mullvad dns set default --block-ads --block-trackers |
||||||
|
changed_when: true |
||||||
|
|
||||||
|
- name: Enable ipv6 |
||||||
|
command: mullvad tunnel ipv6 set on |
||||||
|
changed_when: true |
||||||
|
|
||||||
|
- name: Set tunnel location. |
||||||
|
command: mullvad relay set location se got |
||||||
|
changed_when: true |
||||||
|
|
||||||
|
- name: Connect. |
||||||
|
command: mullvad connect |
||||||
|
changed_when: true |
@ -0,0 +1,19 @@ |
|||||||
|
- name: Install rust. |
||||||
|
pacman: |
||||||
|
name: rustup |
||||||
|
state: present |
||||||
|
update_cache: true |
||||||
|
|
||||||
|
- name: Install latest stable rust toolchain. |
||||||
|
become: true |
||||||
|
become_user: "{{ user_name }}" |
||||||
|
command: rustup install stable |
||||||
|
changed_when: '"unchanged" not in ret.stdout' |
||||||
|
register: ret |
||||||
|
|
||||||
|
- name: Install paru. |
||||||
|
become: true |
||||||
|
become_user: "{{ user_name }}" |
||||||
|
aur: |
||||||
|
name: paru |
||||||
|
state: present |
@ -0,0 +1,40 @@ |
|||||||
|
--- |
||||||
|
- name: Install packages. |
||||||
|
become: true |
||||||
|
become_user: "{{ user_name }}" |
||||||
|
aur: |
||||||
|
name: |
||||||
|
- pam-u2f |
||||||
|
state: present |
||||||
|
|
||||||
|
- name: Make sure Yubico directory exists. |
||||||
|
file: |
||||||
|
path: /home/{{ user_name }}/.config/Yubico |
||||||
|
state: directory |
||||||
|
owner: "{{ user_name }}" |
||||||
|
group: "{{ user_name }}" |
||||||
|
mode: 0644 |
||||||
|
|
||||||
|
- name: Add user {{ user_name }}'s u2f key. |
||||||
|
copy: |
||||||
|
dest: /home/{{ user_name }}/.config/Yubico/u2f_keys |
||||||
|
content: "{{ user_u2f_key }}" |
||||||
|
owner: "{{ user_name }}" |
||||||
|
group: "{{ user_name }}" |
||||||
|
mode: 0644 |
||||||
|
|
||||||
|
- name: Optional u2f authentication. |
||||||
|
lineinfile: |
||||||
|
state: present |
||||||
|
path: /etc/pam.d/{{ item }} |
||||||
|
line: auth sufficient pam_u2f.so nodetect cue |
||||||
|
insertbefore: ^auth |
||||||
|
with_items: "{{ u2f_optional }}" |
||||||
|
|
||||||
|
- name: Required u2f authentication. |
||||||
|
lineinfile: |
||||||
|
state: present |
||||||
|
path: /etc/pam.d/{{ item }} |
||||||
|
line: auth required pam_u2f.so nodetect cue |
||||||
|
insertafter: ^auth |
||||||
|
with_items: "{{ u2f_required }}" |
@ -0,0 +1,7 @@ |
|||||||
|
- name: Install i3. |
||||||
|
pacman: |
||||||
|
name: |
||||||
|
- i3-wm |
||||||
|
- i3status-rust |
||||||
|
- rofi |
||||||
|
state: present |
@ -0,0 +1,4 @@ |
|||||||
|
- name: Include window manager strategy. |
||||||
|
include_role: |
||||||
|
name: "window_manager/{{ window_manager }}" |
||||||
|
public: true |
@ -0,0 +1,15 @@ |
|||||||
|
- name: Install packages. |
||||||
|
become: true |
||||||
|
become_user: "{{ user_name }}" |
||||||
|
aur: |
||||||
|
name: |
||||||
|
- yubioath-desktop |
||||||
|
- libfido2 |
||||||
|
- ccid |
||||||
|
state: present |
||||||
|
|
||||||
|
- name: Enable smart card service. |
||||||
|
systemd: |
||||||
|
name: pcscd |
||||||
|
enabled: true |
||||||
|
state: started |
Loading…
Reference in new issue