diff --git a/host_vars/xps/main.yml b/host_vars/xps/main.yml new file mode 100644 index 0000000..1224e3b --- /dev/null +++ b/host_vars/xps/main.yml @@ -0,0 +1 @@ +wezterm_font_size: 10 diff --git a/host_vars/xps/network.yml b/host_vars/xps/network.yml index 3fd2f25..9150f86 100644 --- a/host_vars/xps/network.yml +++ b/host_vars/xps/network.yml @@ -1,5 +1,4 @@ wireless_interface: wlan0 -wireless_interface_mac: 98:2c:bc:e3:ff:bc local_network_ssid: KPNAE51C6 local_network_address: 192.168.2.9/24 diff --git a/playbook.yml b/playbook.yml index 54813d6..a25464c 100644 --- a/playbook.yml +++ b/playbook.yml @@ -30,8 +30,9 @@ - name: Personal provisiong when: "'personal' in group_names" block: - # Note: set `network.dns.native_https_query` in about:config to prevent - # DoH requests by default. See https://github.com/arkenfox/user.js/issues/1881 + # Note: Disable DoH in Firefox to fallback to system's default DNS + # resolver, see + # https://support.mozilla.org/en-US/kb/dns-over-https#w_configure-doh-protection-settings - name: Wireguard provisioning ansible.builtin.import_tasks: 'tasks/personal/all/wireguard.yml' tags: wireguard diff --git a/tasks/network.yml b/tasks/network.yml index 1c44670..0e35a82 100644 --- a/tasks/network.yml +++ b/tasks/network.yml @@ -76,9 +76,6 @@ group: systemd-network mode: '0640' loop: - - src: 'templates/personal/xps/network/wlan0.link.j2' - dest: '/etc/systemd/network/10-wlan0.link' - - src: 'templates/personal/xps/network/wlan0-local.network.j2' dest: '/etc/systemd/network/10-wireless.network' @@ -88,11 +85,28 @@ - src: 'templates/personal/xps/network/wlan0.network.j2' dest: '/etc/systemd/network/20-wireless.network' + - name: Create iwd directory + become: true + ansible.builtin.template: + src: templates/personal/xps/iwd.j2 + dest: /etc/iwd + mode: '0644' + owner: root + + - name: Provision iwd configuration + become: true + ansible.builtin.template: + src: templates/personal/xps/iwd.j2 + dest: /etc/iwd/main.config + mode: '0755' + owner: root + - name: Remove leftover configuration files become: true ansible.builtin.file: path: '{{ item }}' state: absent loop: - - '/etc/systemd/network/30-vmbr0.network' - - '/etc/systemd/network/30-vmbr0.netdev' + - /etc/systemd/network/30-vmbr0.network + - /etc/systemd/network/30-vmbr0.netdev + - /etc/systemd/network/10-wlan0.link diff --git a/tasks/personal/xps.yml b/tasks/personal/xps.yml index b1eb784..8bef201 100644 --- a/tasks/personal/xps.yml +++ b/tasks/personal/xps.yml @@ -1,12 +1,8 @@ - name: Provision powertop systemd service become: true - ansible.builtin.template: - src: templates/personal/xps/powertop.service.j2 - dest: /etc/systemd/system/powertop.service - owner: root - group: root - mode: '0644' - notify: restart powertop + ansible.builtin.file: + path: /etc/systemd/system/powertop.service + state: absent - name: Provision python pa-dlna block: diff --git a/templates/personal/xps/cmdline.j2 b/templates/personal/xps/cmdline.j2 index 90371ba..e23cec7 100644 --- a/templates/personal/xps/cmdline.j2 +++ b/templates/personal/xps/cmdline.j2 @@ -1 +1 @@ -rd.luks.name=4483183a-4881-4bf6-b20c-3ba918642cc4=cryptlvm root=/dev/VolumeGroup/root rw resume=/dev/VolumeGroup/swap pcie_aspm=nommconf acpi_rev_override=1 bgrt_disable +rd.luks.name=4483183a-4881-4bf6-b20c-3ba918642cc4=cryptlvm root=/dev/VolumeGroup/root rw resume=/dev/VolumeGroup/swap pcie_port_pm=off acpi_rev_override=1 diff --git a/templates/personal/xps/iwd.j2 b/templates/personal/xps/iwd.j2 new file mode 100644 index 0000000..ece78b8 --- /dev/null +++ b/templates/personal/xps/iwd.j2 @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +[General] +AddressRandomization=network diff --git a/templates/personal/xps/network/wlan0-frans.network.j2 b/templates/personal/xps/network/wlan0-frans.network.j2 index 522ddc3..8ff0b0d 100644 --- a/templates/personal/xps/network/wlan0-frans.network.j2 +++ b/templates/personal/xps/network/wlan0-frans.network.j2 @@ -1,7 +1,7 @@ # {{ ansible_managed }} [Match] -MACAddress={{ wireless_interface_mac }} +Name={{ wireless_interface }} SSID={{ frans_network_ssid }} [Network] @@ -15,4 +15,6 @@ DHCP=no LinkLocalAddressing=no IPv6AcceptRA=no IPv6SendRA=no + +[Link] RequiredForOnline=routable diff --git a/templates/personal/xps/network/wlan0-local.network.j2 b/templates/personal/xps/network/wlan0-local.network.j2 index 3d23390..880606c 100644 --- a/templates/personal/xps/network/wlan0-local.network.j2 +++ b/templates/personal/xps/network/wlan0-local.network.j2 @@ -1,7 +1,7 @@ # {{ ansible_managed }} [Match] -MACAddress={{ wireless_interface_mac }} +Name={{ wireless_interface }} SSID={{ local_network_ssid }} [Network] @@ -15,4 +15,6 @@ DHCP=no LinkLocalAddressing=no IPv6AcceptRA=no IPv6SendRA=no + +[Link] RequiredForOnline=routable diff --git a/templates/personal/xps/network/wlan0.link.j2 b/templates/personal/xps/network/wlan0.link.j2 deleted file mode 100644 index 429ab10..0000000 --- a/templates/personal/xps/network/wlan0.link.j2 +++ /dev/null @@ -1,7 +0,0 @@ -# {{ ansible_managed }} - -[Match] -MACAddress={{ wireless_interface_mac }} - -[Link] -Name={{ wireless_interface }} diff --git a/templates/personal/xps/network/wlan0.network.j2 b/templates/personal/xps/network/wlan0.network.j2 index ed8191f..30d588b 100644 --- a/templates/personal/xps/network/wlan0.network.j2 +++ b/templates/personal/xps/network/wlan0.network.j2 @@ -1,10 +1,12 @@ [Match] -MACAddress={{ wireless_interface_mac }} +Name={{ wireless_interface }} [Network] DNS={{ default_network_dns }} DNSOverTLS=yes DNSSEC=yes DHCP=yes -RequiredForOnline=routable IgnoreCarrierLoss=3s + +[Link] +RequiredForOnline=routable diff --git a/templates/personal/xps/powertop.service.j2 b/templates/personal/xps/powertop.service.j2 deleted file mode 100644 index c614bcf..0000000 --- a/templates/personal/xps/powertop.service.j2 +++ /dev/null @@ -1,12 +0,0 @@ -# {{ ansible_managed }} - -[Unit] -Description=Powertop tunings - -[Service] -Type=oneshot -RemainAfterExit=true -ExecStart=/usr/bin/powertop --auto-tune - -[Install] -WantedBy=multi-user.target