parent
7a6f674714
commit
f8ed675315
@ -1,5 +1,5 @@ |
||||
--- |
||||
all: |
||||
hosts: |
||||
192.168.2.227: |
||||
<ip_addr>: |
||||
ansible_user: root |
||||
|
@ -0,0 +1,18 @@ |
||||
- name: Install pulse audio packages. |
||||
become: true |
||||
become_user: "{{ user_name }}" |
||||
aur: |
||||
name: |
||||
- pulseaudio |
||||
- pulseaudio-alsa |
||||
- ncpamixer |
||||
- pamixer |
||||
state: present |
||||
|
||||
- name: Install pulse audio bluetooth package. |
||||
become: true |
||||
become_user: "{{ user_name }}" |
||||
aur: |
||||
name: pulseaudio-bluetooth |
||||
state: present |
||||
when: feat_bluetooth |
@ -0,0 +1,14 @@ |
||||
- name: Install bluetooth packages. |
||||
become: true |
||||
become_user: "{{ user_name }}" |
||||
aur: |
||||
name: |
||||
- bluez |
||||
- bluez-utils |
||||
state: present |
||||
|
||||
- name: Enable bluetooth service. |
||||
systemd: |
||||
name: bluetooth |
||||
enabled: true |
||||
state: started |
@ -0,0 +1,47 @@ |
||||
--- |
||||
- name: Install common software. |
||||
become: true |
||||
become_user: "{{ user_name }}" |
||||
aur: |
||||
name: |
||||
- git |
||||
- vim |
||||
- firefox |
||||
- fish |
||||
- code |
||||
- libreoffice |
||||
- spotify |
||||
- slack-desktop |
||||
- discord |
||||
# rust |
||||
- rustup |
||||
# nodejs |
||||
- nodejs |
||||
- yarn |
||||
# fonts |
||||
# ttf-font-awesome |
||||
# nerd-fonts-source-code-pro |
||||
# java |
||||
- jdk8-openjdk |
||||
- jdk-openjdk |
||||
# awesome rust tools |
||||
- alacritty |
||||
- bandwhich |
||||
- bat |
||||
- bottom |
||||
- git-delta |
||||
- dust |
||||
- exa |
||||
- fd |
||||
- procs |
||||
- ripgrep |
||||
- sd |
||||
- starship |
||||
- tealdeer |
||||
- tokei |
||||
- zoxide |
||||
# misc |
||||
- ncdu |
||||
- flameshot |
||||
- kakoune |
||||
state: present |
@ -0,0 +1,22 @@ |
||||
- name: Allow wheel to sudo without password. |
||||
copy: |
||||
dest: /etc/sudoers.d/00-tmp-sudo-full-access |
||||
content: "%wheel ALL=(ALL) NOPASSWD: ALL" |
||||
owner: root |
||||
group: root |
||||
mode: 0440 |
||||
|
||||
- name: Create user {{ user_name }}. |
||||
user: |
||||
name: "{{ user_name }}" |
||||
state: present |
||||
create_home: true |
||||
groups: wheel |
||||
append: true |
||||
shell: /bin/bash |
||||
|
||||
- name: Update user {{ user_name }}'s password. |
||||
shell: | |
||||
set -e -o pipefail |
||||
echo {{ user_name }}:{{ user_password }} | chpasswd |
||||
changed_when: true |
@ -0,0 +1,12 @@ |
||||
- name: Install lightdm. |
||||
pacman: |
||||
name: |
||||
- lightdm |
||||
- lightdm-gtk-greeter |
||||
state: present |
||||
|
||||
- name: Enable lightdm |
||||
systemd: |
||||
name: lightdm |
||||
enabled: true |
||||
state: started |
@ -0,0 +1,4 @@ |
||||
- name: Include display manager strategy. |
||||
include_role: |
||||
name: "display_manager/{{ display_manager }}" |
||||
public: true |
@ -0,0 +1,4 @@ |
||||
- name: Include display server xorg. |
||||
include_role: |
||||
name: "display_server/xorg" |
||||
public: true |
@ -0,0 +1,6 @@ |
||||
- name: Install packages. |
||||
aur: |
||||
name: |
||||
- xorg-server |
||||
- xorg-xinit |
||||
state: present |
@ -0,0 +1,20 @@ |
||||
- name: Install docker. |
||||
become: true |
||||
become_user: "{{ user_name }}" |
||||
aur: |
||||
name: |
||||
- docker |
||||
- docker-compose |
||||
state: present |
||||
|
||||
- name: Enable docker. |
||||
systemd: |
||||
name: docker |
||||
enabled: true |
||||
state: started |
||||
|
||||
- name: Add user {{ user_name }} to docker group. |
||||
user: |
||||
name: "{{ user_name }}" |
||||
groups: docker |
||||
append: true |
@ -0,0 +1,18 @@ |
||||
- name: Update /etc/hostname. |
||||
copy: |
||||
dest: /etc/hostname |
||||
content: "{{ hostname }}" |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
||||
|
||||
- name: Update /etc/hosts. |
||||
copy: |
||||
dest: /etc/hosts |
||||
content: | |
||||
127.0.0.1 localhost |
||||
::1 localhost |
||||
127.0.1.1 {{ hostname }} |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
@ -0,0 +1,27 @@ |
||||
--- |
||||
- name: Update locale selection. |
||||
lineinfile: |
||||
path: /etc/locale.gen |
||||
line: "{{ item }}" |
||||
with_items: |
||||
- en_US.UTF-8 UTF-8 |
||||
|
||||
- name: Generate locales. |
||||
command: locale-gen |
||||
changed_when: true |
||||
|
||||
- name: Update locale config. |
||||
copy: |
||||
dest: /etc/locale.conf |
||||
content: LANG=en_US.UTF-8 |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
||||
|
||||
- name: Update keyboard layout config. |
||||
copy: |
||||
dest: /etc/vconsole.conf |
||||
content: KEYMAP=us |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
@ -0,0 +1,13 @@ |
||||
--- |
||||
- name: Symlink timezone to /etc/localtime. |
||||
file: |
||||
src: /usr/share/zoneinfo/{{ timezone }} |
||||
path: /etc/localtime |
||||
state: link |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
||||
|
||||
- name: Sync hardware clock. |
||||
command: hwclock --systohc |
||||
changed_when: true |
@ -0,0 +1,39 @@ |
||||
--- |
||||
- name: Install mullvad. |
||||
become: true |
||||
become_user: "{{ user_name }}" |
||||
aur: |
||||
name: mullvad-vpn-bin |
||||
state: present |
||||
|
||||
- name: Mullvad login. |
||||
command: mullvad account set {{ mullvad_account }} |
||||
changed_when: true |
||||
|
||||
- name: Enable local networking. |
||||
command: mullvad lan set allow |
||||
changed_when: true |
||||
|
||||
- name: Enable on startup. |
||||
command: mullvad auto-connect set on |
||||
changed_when: true |
||||
|
||||
- name: Always require mullvad. |
||||
command: mullvad always-require-vpn set on |
||||
changed_when: true |
||||
|
||||
- name: Set dns settings. |
||||
command: mullvad dns set default --block-ads --block-trackers |
||||
changed_when: true |
||||
|
||||
- name: Enable ipv6 |
||||
command: mullvad tunnel ipv6 set on |
||||
changed_when: true |
||||
|
||||
- name: Set tunnel location. |
||||
command: mullvad relay set location se got |
||||
changed_when: true |
||||
|
||||
- name: Connect. |
||||
command: mullvad connect |
||||
changed_when: true |
@ -0,0 +1,19 @@ |
||||
- name: Install rust. |
||||
pacman: |
||||
name: rustup |
||||
state: present |
||||
update_cache: true |
||||
|
||||
- name: Install latest stable rust toolchain. |
||||
become: true |
||||
become_user: "{{ user_name }}" |
||||
command: rustup install stable |
||||
changed_when: '"unchanged" not in ret.stdout' |
||||
register: ret |
||||
|
||||
- name: Install paru. |
||||
become: true |
||||
become_user: "{{ user_name }}" |
||||
aur: |
||||
name: paru |
||||
state: present |
@ -0,0 +1,40 @@ |
||||
--- |
||||
- name: Install packages. |
||||
become: true |
||||
become_user: "{{ user_name }}" |
||||
aur: |
||||
name: |
||||
- pam-u2f |
||||
state: present |
||||
|
||||
- name: Make sure Yubico directory exists. |
||||
file: |
||||
path: /home/{{ user_name }}/.config/Yubico |
||||
state: directory |
||||
owner: "{{ user_name }}" |
||||
group: "{{ user_name }}" |
||||
mode: 0644 |
||||
|
||||
- name: Add user {{ user_name }}'s u2f key. |
||||
copy: |
||||
dest: /home/{{ user_name }}/.config/Yubico/u2f_keys |
||||
content: "{{ user_u2f_key }}" |
||||
owner: "{{ user_name }}" |
||||
group: "{{ user_name }}" |
||||
mode: 0644 |
||||
|
||||
- name: Optional u2f authentication. |
||||
lineinfile: |
||||
state: present |
||||
path: /etc/pam.d/{{ item }} |
||||
line: auth sufficient pam_u2f.so nodetect cue |
||||
insertbefore: ^auth |
||||
with_items: "{{ u2f_optional }}" |
||||
|
||||
- name: Required u2f authentication. |
||||
lineinfile: |
||||
state: present |
||||
path: /etc/pam.d/{{ item }} |
||||
line: auth required pam_u2f.so nodetect cue |
||||
insertafter: ^auth |
||||
with_items: "{{ u2f_required }}" |
@ -0,0 +1,7 @@ |
||||
- name: Install i3. |
||||
pacman: |
||||
name: |
||||
- i3-wm |
||||
- i3status-rust |
||||
- rofi |
||||
state: present |
@ -0,0 +1,4 @@ |
||||
- name: Include window manager strategy. |
||||
include_role: |
||||
name: "window_manager/{{ window_manager }}" |
||||
public: true |
@ -0,0 +1,15 @@ |
||||
- name: Install packages. |
||||
become: true |
||||
become_user: "{{ user_name }}" |
||||
aur: |
||||
name: |
||||
- yubioath-desktop |
||||
- libfido2 |
||||
- ccid |
||||
state: present |
||||
|
||||
- name: Enable smart card service. |
||||
systemd: |
||||
name: pcscd |
||||
enabled: true |
||||
state: started |
Loading…
Reference in new issue