Add CI

.ansible-lint

@@ -0,0 +1,3 @@
+---
+skip_list:
+  - yaml

.drone.yml

@@ -0,0 +1,21 @@
+---
+kind: pipeline
+type: docker
+name: Lint
+
+steps:
+  - name: yamllint
+    image: cytopia/yamllint
+    commands:
+      - yamllint .
+
+  - name: ansible-playbook syntax check
+    image: cytopia/ansible
+    commands:
+      - ansible-galaxy install -r requirements.yml
+      - ansible-playbook main.yml --syntax-check
+
+  - name: ansible-lint
+    image: cytopia/ansible-lint
+    commands:
+      - ansible-lint main.yml

README.md

@@ -6,8 +6,7 @@ Boot the live iso and set a root password, something simple is fine as it's
 changed to key based auth anyway. Find the ip address (e.g. by `ip a`) and
 add to `inventory/hosts.yml` under the `all` group.
 
-Enter the `ansible` directory. Before running any playbook, generate a new SSH
-key-pair:
+Before running any playbook, generate a new SSH key-pair:
 
 ```bash
 $ ssh-keygen -t ed25519 -f .ssh/id_ed25519 -N ""
@@ -20,4 +19,8 @@ $ ansible-playbook install.yml -k
 ```
 
 When the `install` playbook finishes, wait for the restart. Then find the new
-ip address and put in the inventory file under the `all` group
+ip address and put in the inventory file under the `all` group. Then run:
+
+```bash
+$ ansible-playbook configure.yml
+```

ansible/install.yml

@@ -1,13 +0,0 @@
----
-- name: Install system.
-  hosts: all
-
-  roles:
-    - passwordless_connection
-    - prep
-    - disksetup
-    - configure
-
-  tasks:
-    - name: Reboot system
-      reboot:

main.yml

@@ -1,4 +1,17 @@
 ---
+- name: Install system.
+  hosts: all
+
+  roles:
+    - passwordless_connection
+    - prep
+    - disksetup
+    - configure
+
+  tasks:
+    - name: Reboot system
+      reboot:
+
 - name: Configure system.
   hosts: all
 

requirements.yml

@@ -0,0 +1,2 @@
+---
+- src: kewlfft.aur

roles/audio/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Install pulse audio packages.
   become: true
   become_user: "{{ user_name }}"

roles/bluetooth/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Install bluetooth packages.
   become: true
   become_user: "{{ user_name }}"

roles/configure/files/static.nmconnection

@@ -0,0 +1,13 @@
+[connection]
+id=static
+uuid=b47e7a95-b345-3725-ac60-1fd4ed350aab
+type=ethernet
+autoconnect-priority=999
+interface-name={{ net_interface }}
+
+[ipv4]
+addresses={{ net_ip }}/24
+gateway={{ net_gateway }}
+dns={{ net_dns }}
+dns-search=localhost
+method=manual

roles/configure/tasks/main.yml

@@ -8,6 +8,30 @@
     - fstrim.timer
   changed_when: true
 
+- name: Get primary network interface.
+  set_fact:
+    net_interface: '{{ ansible_interfaces | reject("match", "^lo$") | first }}'
+
+- name: Set ip address.
+  set_fact:
+    net_ip: '{{ ansible_facts[net_interface]["ipv4"]["address"] }}'
+
+- name: Set gateway.
+  set_fact:
+    net_gateway: '{{ (ansible_facts[net_interface]["ipv4"]["network"] | split("."))[:3] | join(".") }}.1'
+
+- name: Set nameservers.
+  set_fact:
+    net_dns: '{{ ansible_facts["dns"]["nameservers"] | join(";") }};8.8.8.8;'
+
+- name: Create static ip config.
+  template:
+    src: files/static.nmconnection
+    dest: "{{ partitioning_root_mount_point }}/etc/NetworkManager/system-connections/static.nmconnection"
+    owner: root
+    group: root
+    mode: 0600
+
 - name: Make sure root's .ssh directory exists.
   file:
     state: directory

roles/create_user/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Allow wheel to sudo without password.
   copy:
     dest: /etc/sudoers.d/00-tmp-sudo-full-access

roles/disksetup/efi_gpt_btrfs/partitioning/defaults/main.yml

@@ -19,6 +19,7 @@ partitioning_priv_esp_size: "{{ 512 * 1024 * 1024 }}"
 #   +-- @home    (to be mmounted at /home)
 #   +-- ...
 #
+# yamllint disable-line rule:line-length
 partitioning_priv_btrfs_subvolumes: "{{ partitioning_priv_core_btrfs_subvolumes + partitioning_priv_extra_btrfs_subvolumes }}"
 
 # These subvolumes should always be present. DO NOT OVERRIDE.

roles/disksetup/efi_gpt_luks_btrfs/partitioning/defaults/main.yml

@@ -19,6 +19,7 @@ partitioning_priv_esp_size: "{{ 512 * 1024 * 1024 }}"
 #   +-- @home    (to be mmounted at /home)
 #   +-- ...
 #
+# yamllint disable-line rule:line-length
 partitioning_priv_btrfs_subvolumes: "{{ partitioning_priv_core_btrfs_subvolumes + partitioning_priv_extra_btrfs_subvolumes }}"
 
 # These subvolumes should always be present. DO NOT OVERRIDE.

roles/display_manager/lightdm/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Install lightdm.
   pacman:
     name:

roles/display_manager/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Include display manager strategy.
   include_role:
     name: "display_manager/{{ display_manager }}"

roles/display_server/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Include display server xorg.
   include_role:
     name: "display_server/xorg"

roles/display_server/xorg/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Install packages.
   aur:
     name:

roles/docker/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Install docker.
   become: true
   become_user: "{{ user_name }}"

roles/hostname/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Update /etc/hostname.
   copy:
     dest: /etc/hostname

roles/paru/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Install rust.
   pacman:
     name: rustup

roles/window_manager/i3/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Install i3.
   pacman:
     name:

roles/window_manager/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Include window manager strategy.
   include_role:
     name: "window_manager/{{ window_manager }}"

roles/yubikey/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Install packages.
   become: true
   become_user: "{{ user_name }}"