Use simpler file structure
This commit is contained in:
parent
8ea9414418
commit
d5ca1ac81d
74 changed files with 398 additions and 477 deletions
26
tasks/git.yml
Normal file
26
tasks/git.yml
Normal file
|
|
@ -0,0 +1,26 @@
|
|||
- name: copy git configuration
|
||||
template:
|
||||
src: 'templates/gitconfig.j2'
|
||||
dest: '{{ ansible_env.HOME }}/.gitconfig'
|
||||
|
||||
- name: copy keys
|
||||
copy:
|
||||
src: '{{ item.src }}'
|
||||
dest: '{{ item.dest }}'
|
||||
loop:
|
||||
- { src: 'files/gpg_key', dest: '{{ ansible_env.HOME }}/gpg.key' }
|
||||
- { src: 'files/gpg_pub', dest: '{{ ansible_env.HOME }}/gpg.pub' }
|
||||
|
||||
- name: import secret key
|
||||
command: 'gpg --passphrase {{ gpg_passphrase }} --import ~/gpg.key'
|
||||
|
||||
- name: import public key
|
||||
command: 'gpg --import ~/gpg.pub'
|
||||
|
||||
- name: remove temp keys
|
||||
file:
|
||||
path: '{{ item }}'
|
||||
state: absent
|
||||
loop:
|
||||
- '{{ ansible_env.HOME }}/gpg.key'
|
||||
- '{{ ansible_env.HOME }}/gpg.pub'
|
||||
64
tasks/mpd.yml
Normal file
64
tasks/mpd.yml
Normal file
|
|
@ -0,0 +1,64 @@
|
|||
- name: set up sudoers configuration
|
||||
become: yes
|
||||
template:
|
||||
src: 'templates/sudoers.j2'
|
||||
dest: '/etc/sudoers.d/10-sonny'
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
|
||||
- name: copy systemd configuration files
|
||||
template:
|
||||
src: '{{ item.src }}'
|
||||
dest: '{{ item.dest }}'
|
||||
loop:
|
||||
- {
|
||||
src: 'templates/mpd/service.j2',
|
||||
dest: '{{ xdg_config_dir }}/systemd/user/mpd.service',
|
||||
}
|
||||
- {
|
||||
src: 'templates/mpd/socket.j2',
|
||||
dest: '{{ xdg_config_dir }}/systemd/user/mpd.socket',
|
||||
}
|
||||
|
||||
- name: create mpd files
|
||||
file:
|
||||
path: '{{ item.path }}'
|
||||
state: '{{ item.state }}'
|
||||
loop:
|
||||
- { path: '{{ mpd_configuration_dir }}', state: 'directory' }
|
||||
- { path: '{{ mpd_configuration_dir }}/playlists', state: 'directory' }
|
||||
- { path: '{{ mpd_configuration_dir }}/log', state: 'touch' }
|
||||
- { path: '{{ mpd_configuration_dir }}/database', state: 'touch' }
|
||||
- { path: '{{ mpd_configuration_dir }}/sticker.sql', state: 'touch' }
|
||||
- { path: '{{ mpd_configuration_dir }}/state', state: 'touch' }
|
||||
|
||||
- name: copy configuration file
|
||||
template:
|
||||
src: 'templates/mpd/mpd.j2'
|
||||
dest: '{{ mpd_configuration_dir }}/mpd.conf'
|
||||
|
||||
- name: copy nfs connection scripts
|
||||
template:
|
||||
src: '{{ item.src }}'
|
||||
dest: '{{ item.dest }}'
|
||||
mode: '0755'
|
||||
loop:
|
||||
- { src: 'templates/mpd/music_mount.j2', dest: '{{ xdg_script_dir }}/music_mount' }
|
||||
- { src: 'templates/mpd/music_umount.j2', dest: '{{ xdg_script_dir }}/music_umount' }
|
||||
|
||||
- name: restart mpd service
|
||||
systemd:
|
||||
name: mpd.service
|
||||
state: restarted
|
||||
enabled: no
|
||||
scope: user
|
||||
when: platform == "desktop"
|
||||
|
||||
- name: enable mpd socket
|
||||
systemd:
|
||||
name: mpd.socket
|
||||
state: started
|
||||
enabled: yes
|
||||
scope: user
|
||||
when: platform == "desktop"
|
||||
20
tasks/mpv.yml
Normal file
20
tasks/mpv.yml
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
- name: create configuration directory
|
||||
file:
|
||||
path: '{{ ansible_env.HOME }}/.config/mpv'
|
||||
state: directory
|
||||
mode: '0700'
|
||||
|
||||
- name: copy configuration files
|
||||
template:
|
||||
src: '{{ item.src }}'
|
||||
dest: '{{ item.dest }}'
|
||||
mode: '0644'
|
||||
loop:
|
||||
- {
|
||||
src: 'templates/mpv/input.j2',
|
||||
dest: '{{ ansible_env.HOME }}/.config/mpv/input.conf',
|
||||
}
|
||||
- {
|
||||
src: 'templates/mpv/config.j2',
|
||||
dest: '{{ ansible_env.HOME }}/.config/mpv/mpv.conf',
|
||||
}
|
||||
46
tasks/network.yml
Normal file
46
tasks/network.yml
Normal file
|
|
@ -0,0 +1,46 @@
|
|||
- name: setup desktop systemd networkd
|
||||
become: yes
|
||||
template:
|
||||
src: 'templates/desktop/network.j2'
|
||||
dest: '/etc/systemd/network/20-wired.network'
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify: restart systemd-networkd
|
||||
when: platform == "desktop"
|
||||
|
||||
- name: setup laptop systemd networkd
|
||||
become: yes
|
||||
template:
|
||||
src: 'templates/laptop/network.j2'
|
||||
dest: '/etc/systemd/network/20-wireless.network'
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify: restart systemd-networkd
|
||||
when: platform == "laptop"
|
||||
|
||||
- name: start systemd-resolved service
|
||||
become: yes
|
||||
systemd:
|
||||
name: systemd-resolved
|
||||
state: started
|
||||
enabled: yes
|
||||
|
||||
- name: start iwd service
|
||||
become: yes
|
||||
systemd:
|
||||
name: iwd
|
||||
state: started
|
||||
enabled: yes
|
||||
when: platform == "laptop"
|
||||
|
||||
- name: copy firewall template
|
||||
become: yes
|
||||
template:
|
||||
src: 'templates/{{ platform }}/nftables.j2'
|
||||
dest: '/etc/nftables.conf'
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0600'
|
||||
notify: restart nftables
|
||||
82
tasks/openvpn.yml
Normal file
82
tasks/openvpn.yml
Normal file
|
|
@ -0,0 +1,82 @@
|
|||
- name: create configuration directories
|
||||
become: yes
|
||||
file:
|
||||
path: '{{ item }}'
|
||||
state: directory
|
||||
owner: openvpn
|
||||
group: openvpn
|
||||
mode: '0750'
|
||||
loop:
|
||||
- '/etc/openvpn/client'
|
||||
- '/etc/openvpn/client/zeus'
|
||||
- '/etc/openvpn/server'
|
||||
|
||||
- name: copy configuration
|
||||
become: yes
|
||||
template:
|
||||
src: 'templates/{{ platform }}/openvpn.j2'
|
||||
dest: '/etc/openvpn/client/zeus.conf'
|
||||
owner: openvpn
|
||||
group: openvpn
|
||||
mode: '0644'
|
||||
|
||||
- name: copy desktop credentials
|
||||
become: yes
|
||||
copy:
|
||||
src: '{{ item.src }}'
|
||||
dest: '{{ item.dest }}'
|
||||
owner: openvpn
|
||||
group: openvpn
|
||||
mode: '0600'
|
||||
loop:
|
||||
- {
|
||||
src: 'files/{{ platform }}/openvpn/ca.crt',
|
||||
dest: '/etc/openvpn/client/zeus/ca.crt',
|
||||
}
|
||||
- {
|
||||
src: 'files/{{ platform }}/openvpn/desktop.crt',
|
||||
dest: '/etc/openvpn/client/zeus/desktop.crt',
|
||||
}
|
||||
- {
|
||||
src: 'files/{{ platform }}/openvpn/desktop.key',
|
||||
dest: '/etc/openvpn/client/zeus/desktop.key',
|
||||
}
|
||||
- {
|
||||
src: 'files/{{ platform }}/openvpn/ta.key',
|
||||
dest: '/etc/openvpn/client/zeus/ta.key',
|
||||
}
|
||||
when: platform == "desktop"
|
||||
|
||||
- name: copy laptop credentials
|
||||
become: yes
|
||||
copy:
|
||||
src: '{{ item.src }}'
|
||||
dest: '{{ item.dest }}'
|
||||
owner: openvpn
|
||||
group: openvpn
|
||||
mode: '0600'
|
||||
loop:
|
||||
- {
|
||||
src: 'files/{{ platform }}/openvpn/ca.crt',
|
||||
dest: '/etc/openvpn/client/zeus/ca.crt',
|
||||
}
|
||||
- {
|
||||
src: 'files/{{ platform }}/openvpn/laptop.crt',
|
||||
dest: '/etc/openvpn/client/zeus/laptop.crt',
|
||||
}
|
||||
- {
|
||||
src: 'files/{{ platform }}/openvpn/laptop.key',
|
||||
dest: '/etc/openvpn/client/zeus/laptop.key',
|
||||
}
|
||||
- {
|
||||
src: 'files/{{ platform }}/openvpn/ta.key',
|
||||
dest: '/etc/openvpn/client/zeus/ta.key',
|
||||
}
|
||||
when: platform == "laptop"
|
||||
|
||||
- name: restart vpn
|
||||
become: true
|
||||
systemd:
|
||||
name: openvpn-client@zeus
|
||||
state: restarted
|
||||
enabled: true
|
||||
22
tasks/platform.yml
Normal file
22
tasks/platform.yml
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
- name: detect platform
|
||||
command: laptop-detect
|
||||
register: is_laptop
|
||||
failed_when: is_laptop.rc == 2
|
||||
|
||||
- name: set platform (desktop)
|
||||
set_fact:
|
||||
platform: 'desktop'
|
||||
when: is_laptop.rc == 1
|
||||
|
||||
- name: set platform (laptop)
|
||||
set_fact:
|
||||
platform: 'laptop'
|
||||
when: is_laptop.rc == 0
|
||||
|
||||
- name: load desktop specific vars
|
||||
include_vars: 'vars/desktop.yml'
|
||||
when: platform == "desktop"
|
||||
|
||||
- name: load laptop specific vars
|
||||
include_vars: 'vars/laptop.yml'
|
||||
when: platform == "laptop"
|
||||
45
tasks/setup.yml
Normal file
45
tasks/setup.yml
Normal file
|
|
@ -0,0 +1,45 @@
|
|||
- name: copy reflector configuration
|
||||
become: yes
|
||||
template:
|
||||
src: 'templates/reflector.j2'
|
||||
dest: '/etc/xdg/reflector/reflector.conf'
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0600'
|
||||
|
||||
# started by weekly timer
|
||||
- name: disable reflector
|
||||
become: true
|
||||
systemd:
|
||||
name: reflector
|
||||
state: stopped
|
||||
enabled: false
|
||||
|
||||
- name: copy pacman configuration
|
||||
become: yes
|
||||
template:
|
||||
src: 'templates/pacman.j2'
|
||||
dest: '/etc/pacman.conf'
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
|
||||
- name: create extra conf
|
||||
become: yes
|
||||
file:
|
||||
path: '/etc/pacman.d/extra.conf'
|
||||
owner: root
|
||||
group: root
|
||||
state: touch
|
||||
mode: '0644'
|
||||
|
||||
- name: copy powertop service
|
||||
become: yes
|
||||
template:
|
||||
src: 'templates/{{ platform }}/powertop.j2'
|
||||
dest: '/etc/systemd/system/powertop.service'
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify: restart powertop
|
||||
when: platform == "laptop"
|
||||
11
tasks/syncthing.yml
Normal file
11
tasks/syncthing.yml
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
- name: create configuration dir
|
||||
file:
|
||||
path: '{{ xdg_config_dir }}/syncthing'
|
||||
state: directory
|
||||
|
||||
- name: copy configuration file
|
||||
template:
|
||||
src: 'templates/{{ platform }}/syncthing.j2'
|
||||
dest: '{{ xdg_config_dir }}/syncthing/config.xml'
|
||||
mode: '0600'
|
||||
notify: restart syncthing
|
||||
25
tasks/systemd.yml
Normal file
25
tasks/systemd.yml
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
- name: setup systemd user service folder
|
||||
file:
|
||||
path: '{{ xdg_config_dir }}/systemd/user'
|
||||
state: directory
|
||||
mode: '0755'
|
||||
|
||||
- name: add ssh-agent service
|
||||
template:
|
||||
src: 'templates/ssh-agent.j2'
|
||||
dest: '{{ xdg_config_dir }}/systemd/user/ssh-agent.service'
|
||||
mode: '0644'
|
||||
notify: restart user ssh-agent
|
||||
|
||||
- name: copy tmux service
|
||||
template:
|
||||
src: 'templates/tmux.j2'
|
||||
dest: '{{ xdg_config_dir }}/systemd/user/tmux.service'
|
||||
mode: '0644'
|
||||
|
||||
- name: copy tmux startup script
|
||||
copy:
|
||||
src: 'files/tmux_start'
|
||||
dest: '{{ ansible_env.HOME }}/.local/bin/tmux_start'
|
||||
mode: '0740'
|
||||
force: false
|
||||
45
tasks/timer.yml
Normal file
45
tasks/timer.yml
Normal file
|
|
@ -0,0 +1,45 @@
|
|||
- name: copy timer files
|
||||
become: yes
|
||||
template:
|
||||
src: '{{ item.src }}'
|
||||
dest: '{{ item.dest }}'
|
||||
owner: root
|
||||
mode: '0644'
|
||||
loop:
|
||||
- { src: 'templates/timer/daily_timer.j2', dest: '/etc/systemd/system/daily.timer' }
|
||||
- { src: 'templates/timer/weekly_timer.j2', dest: '/etc/systemd/system/weekly.timer' }
|
||||
notify:
|
||||
- enable daily timer
|
||||
- enable weekly timer
|
||||
|
||||
- name: copy target files
|
||||
become: yes
|
||||
template:
|
||||
src: '{{ item.src }}'
|
||||
dest: '{{ item.dest }}'
|
||||
owner: root
|
||||
mode: '0644'
|
||||
loop:
|
||||
- { src: 'templates/timer/daily_target.j2', dest: '/etc/systemd/system/daily.target' }
|
||||
- {
|
||||
src: 'templates/timer/weekly_target.j2',
|
||||
dest: '/etc/systemd/system/weekly.target',
|
||||
}
|
||||
|
||||
- name: create target directories
|
||||
become: yes
|
||||
file:
|
||||
path: '{{ item }}'
|
||||
state: directory
|
||||
owner: root
|
||||
mode: '0755'
|
||||
loop:
|
||||
- '/etc/systemd/system/daily.target.wants'
|
||||
- '/etc/systemd/system/weekly.target.wants'
|
||||
|
||||
- name: add reflector to weekly timer
|
||||
become: yes
|
||||
file:
|
||||
src: '/usr/lib/systemd/system/reflector.service'
|
||||
dest: '/etc/systemd/system/weekly.target.wants/reflector.service'
|
||||
state: link
|
||||
Loading…
Add table
Add a link
Reference in a new issue