diff --git a/default.yml b/default.yml index 7c0dda6..16df3af 100644 --- a/default.yml +++ b/default.yml @@ -1,4 +1,3 @@ ---- - name: Arch Linux provisioning gather_facts: true hosts: all @@ -6,12 +5,12 @@ - common tasks: - name: Generic provisioning - ansible.builtin.import_tasks: "tasks/setup.yml" + ansible.builtin.import_tasks: 'tasks/setup.yml' tags: setup # TODO: provision ssh client config with modern cyphers - name: Network provisioning - ansible.builtin.import_tasks: "tasks/network/main.yml" + ansible.builtin.import_tasks: 'tasks/network/main.yml' tags: network # - name: Network host specific provisioning @@ -19,23 +18,23 @@ # tags: network-specific - name: Systemd provisioning - ansible.builtin.import_tasks: "tasks/systemd.yml" + ansible.builtin.import_tasks: 'tasks/systemd.yml' tags: systemd - name: Systemd timer provisioning - ansible.builtin.import_tasks: "tasks/timer.yml" + ansible.builtin.import_tasks: 'tasks/timer.yml' tags: timers # Note: Disable DoH in Firefox to fallback to system's default DNS # resolver, see # https://support.mozilla.org/en-US/kb/dns-over-https#w_configure-doh-protection-settings - name: MPV provisioning - ansible.builtin.import_tasks: "tasks/mpv.yml" + ansible.builtin.import_tasks: 'tasks/mpv.yml' tags: mpv handlers: - name: Import default handlers - ansible.builtin.import_tasks: "handlers.yml" + ansible.builtin.import_tasks: 'handlers.yml' - name: Import common role handlers - ansible.builtin.import_tasks: "roles/common/handlers/user.yml" + ansible.builtin.import_tasks: 'roles/common/handlers/user.yml' diff --git a/desktop.yml b/desktop.yml index a2094b0..ab87111 100644 --- a/desktop.yml +++ b/desktop.yml @@ -1,4 +1,3 @@ ---- - name: Include default playbook ansible.builtin.import_playbook: default.yml @@ -7,24 +6,24 @@ gather_facts: true tasks: - name: Wireguard provisioning - ansible.builtin.import_tasks: "tasks/wireguard.yml" + ansible.builtin.import_tasks: 'tasks/wireguard.yml' tags: wireguard - name: Wireguard media provisioning - ansible.builtin.import_tasks: "tasks/wireguard-media.yml" + ansible.builtin.import_tasks: 'tasks/wireguard-media.yml' tags: wireguard-media - name: MPD provisioning - ansible.builtin.import_tasks: "tasks/mpd.yml" + ansible.builtin.import_tasks: 'tasks/mpd.yml' tags: mpd - name: Syncthing provisioning - ansible.builtin.import_tasks: "tasks/syncthing.yml" + ansible.builtin.import_tasks: 'tasks/syncthing.yml' tags: syncthing # TODO: provision current macvlan setup - name: Desktop provisioning - ansible.builtin.import_tasks: "tasks/desktop.yml" + ansible.builtin.import_tasks: 'tasks/desktop.yml' tags: desktop handlers: @@ -32,4 +31,4 @@ ansible.builtin.import_tasks: handlers.yml - name: Import common role handlers - ansible.builtin.import_tasks: "roles/common/handlers/user.yml" + ansible.builtin.import_tasks: 'roles/common/handlers/user.yml' diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml index 1c18cd5..9084ba3 100644 --- a/group_vars/all/main.yml +++ b/group_vars/all/main.yml @@ -1,4 +1,3 @@ ---- packages: - nftables - tmux @@ -9,17 +8,21 @@ packages: - iproute2 - curl - reflector - - ttf-ibm-plex + - otf-monaspace-nerd - systemd-ukify - efibootmgr - git-delta -xdg_config_dir: "{{ ansible_env.HOME }}/.config" -xdg_script_dir: "{{ ansible_env.HOME }}/.local/bin" +xdg_config_dir: '{{ ansible_env.HOME }}/.config' +xdg_script_dir: '{{ ansible_env.HOME }}/.local/bin' modprobe_templates: [] mkinitcpio_templates: [] + +boot_configuration: + server_domain: fudiggity.nl -wezterm_font: IBM Plex Mono Medm -wezterm_font_size: 12 +register_uefi_entries: false + +wezterm_font_size: 11 diff --git a/handlers.yml b/handlers.yml index bbd4b4d..dae3fe5 100644 --- a/handlers.yml +++ b/handlers.yml @@ -1,91 +1,91 @@ ---- -- name: Enable daily timer +- name: enable daily timer become: true - ansible.builtin.systemd: + systemd: name: daily.timer state: restarted enabled: true daemon-reload: true -- name: Enable weekly timer +- name: enable weekly timer become: true - ansible.builtin.systemd: + systemd: name: weekly.timer state: restarted enabled: true daemon-reload: true -- name: Restart user ssh-agent - ansible.builtin.systemd: +- name: restart user ssh-agent + systemd: name: ssh-agent state: restarted enabled: true daemon-reload: true scope: user -- name: Start syncthing - ansible.builtin.systemd: +- name: start syncthing + systemd: name: syncthing state: started enabled: true scope: user -- name: Restart powertop +- name: restart powertop become: true - ansible.builtin.systemd: + systemd: name: powertop state: restarted enabled: true daemon-reload: true -- name: Restart systemd-networkd +- name: restart systemd-networkd become: true - ansible.builtin.systemd: + systemd: name: systemd-networkd state: restarted enabled: true -- name: Restart systemd-resolved +- name: restart systemd-resolved become: true - ansible.builtin.systemd: + systemd: name: systemd-resolved state: started enabled: true -- name: Restart iwd +- name: restart iwd become: true - ansible.builtin.systemd: + systemd: name: iwd state: restarted enabled: true -- name: Stop mpd service - ansible.builtin.systemd: +- name: stop mpd service + systemd: name: mpd.service state: stopped enabled: false scope: user daemon-reload: true -- name: Restart mpd socket - ansible.builtin.systemd: +- name: restart mpd socket + systemd: name: mpd state: restarted enabled: true scope: user daemon-reload: true -- name: Reload sysctl configuration +- name: reload sysctl configuration become: true - ansible.builtin.command: "sysctl --system" -- name: Restart tmux service - ansible.builtin.systemd: + command: 'sysctl --system' + +- name: restart tmux service + systemd: name: tmux state: restarted enabled: true scope: user -- name: User daemon-reload +- name: user daemon-reload ansible.builtin.systemd: daemon-reload: true scope: user diff --git a/host_vars/desktop/network.yml b/host_vars/desktop/network.yml index 76275fa..1010119 100644 --- a/host_vars/desktop/network.yml +++ b/host_vars/desktop/network.yml @@ -1,4 +1,3 @@ ---- lan_interface: enp1s0 lan_interface_mac: 00:d8:61:9f:52:65 diff --git a/host_vars/desktop/syncthing.yml b/host_vars/desktop/syncthing.yml index 9924820..a9f0bc0 100644 --- a/host_vars/desktop/syncthing.yml +++ b/host_vars/desktop/syncthing.yml @@ -1,17 +1,16 @@ ---- -syncthing_listen_address: "0.0.0.0" +syncthing_listen_address: '0.0.0.0' syncthing_protocol_port: 22000 syncthing_gui_port: 8384 syncthing_config_version: 37 syncthing_api_key: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 39643534383666343331666336356662333165633032356532323730316535616363393330376263 - 6164323430343961646635323739373363623764646361360a666566363736323739313533323562 - 34653032646230313063613265313836383033353336333461376432363530633632313234323733 - 6162646332623837370a646537336139336361666336363861353030633136373063333433643435 - 64666465356566313263376330643664313266646139663433663366316232613562663863366334 - 3061663839656563353663373135393233653130383735366538 + $ANSIBLE_VAULT;1.1;AES256 + 39643534383666343331666336356662333165633032356532323730316535616363393330376263 + 6164323430343961646635323739373363623764646361360a666566363736323739313533323562 + 34653032646230313063613265313836383033353336333461376432363530633632313234323733 + 6162646332623837370a646537336139336361666336363861353030633136373063333433643435 + 64666465356566313263376330643664313266646139663433663366316232613562663863366334 + 3061663839656563353663373135393233653130383735366538 syncthing_devices: - name: Desktop @@ -29,7 +28,7 @@ syncthing_devices: syncthing_folders: - id: default label: Default - path: "{{ ansible_env.HOME }}/syncthing/default" + path: '{{ ansible_env.HOME }}/syncthing/default' type: sendreceive devices: - *syncthing_desktop_id @@ -38,7 +37,7 @@ syncthing_folders: - id: pictures label: Pictures - path: "{{ ansible_env.HOME }}/syncthing/pictures" + path: '{{ ansible_env.HOME }}/syncthing/pictures' type: sendreceive devices: - *syncthing_desktop_id diff --git a/host_vars/desktop/system.yml b/host_vars/desktop/system.yml index 114bc11..93a9275 100644 --- a/host_vars/desktop/system.yml +++ b/host_vars/desktop/system.yml @@ -1,4 +1,3 @@ ---- packages: - nftables - tmux @@ -9,7 +8,7 @@ packages: - iproute2 - curl - reflector - - ttf-ibm-plex + - otf-monaspace-nerd - systemd-ukify - efibootmgr - git-delta @@ -38,17 +37,19 @@ packages: - aspell-en modprobe_templates: - - src: "templates/desktop/modprobe/99-amdgpu.conf.j2" - dest: "/etc/modprobe.d/99-amdgpu.conf" + - src: 'templates/desktop/modprobe/99-amdgpu.conf.j2' + dest: '/etc/modprobe.d/99-amdgpu.conf' mkinitcpio_templates: - - src: "templates/desktop/mkinitcpio/1-modules.conf.j2" - dest: "/etc/mkinitcpio.conf.d/1-amdgpu.conf" + - src: 'templates/desktop/mkinitcpio/1-modules.conf.j2' + dest: '/etc/mkinitcpio.conf.d/1-amdgpu.conf' - - src: "templates/desktop/mkinitcpio/linux.preset.j2" - dest: "/etc/mkinitcpio.d/linux.preset" + - src: 'templates/desktop/mkinitcpio/linux.preset.j2' + dest: '/etc/mkinitcpio.d/linux.preset' - - src: "templates/desktop/mkinitcpio/linux-lts.preset.j2" - dest: "/etc/mkinitcpio.d/linux-lts.preset" + - src: 'templates/desktop/mkinitcpio/linux-lts.preset.j2' + dest: '/etc/mkinitcpio.d/linux-lts.preset' -wezterm_font_size: 12 +boot_configuration: + disk: /dev/sdc + partition: 1 diff --git a/host_vars/htpc/network.yml b/host_vars/htpc/network.yml index 234a1d6..10fc32b 100644 --- a/host_vars/htpc/network.yml +++ b/host_vars/htpc/network.yml @@ -1,4 +1,3 @@ ---- lan_interface: enp1s0 lan_interface_mac: bc:fc:e7:6e:73:53 diff --git a/host_vars/htpc/system.yml b/host_vars/htpc/system.yml index 05d7d53..c26db07 100644 --- a/host_vars/htpc/system.yml +++ b/host_vars/htpc/system.yml @@ -1,4 +1,3 @@ ---- packages: - nftables - tmux @@ -9,7 +8,7 @@ packages: - iproute2 - curl - reflector - - ttf-ibm-plex + - otf-monaspace-nerd - systemd-ukify - efibootmgr - git-delta @@ -32,12 +31,17 @@ wezterm_columns: 90 wezterm_rows: 18 modprobe_templates: [] + mkinitcpio_templates: - - src: "templates/htpc/mkinitcpio/1-modules.conf.j2" - dest: "/etc/mkinitcpio.conf.d/1-amdgpu.conf" + - src: 'templates/htpc/mkinitcpio/1-modules.conf.j2' + dest: '/etc/mkinitcpio.conf.d/1-amdgpu.conf' - - src: "templates/htpc/mkinitcpio/linux.preset.j2" - dest: "/etc/mkinitcpio.d/linux.preset" + - src: 'templates/htpc/mkinitcpio/linux.preset.j2' + dest: '/etc/mkinitcpio.d/linux.preset' - - src: "templates/htpc/mkinitcpio/linux-lts.preset.j2" - dest: "/etc/mkinitcpio.d/linux-lts.preset" + - src: 'templates/htpc/mkinitcpio/linux-lts.preset.j2' + dest: '/etc/mkinitcpio.d/linux-lts.preset' + +boot_configuration: + disk: /dev/sda + partition: 1 diff --git a/host_vars/xps/network.yml b/host_vars/xps/network.yml index f0eccca..864536b 100644 --- a/host_vars/xps/network.yml +++ b/host_vars/xps/network.yml @@ -1,4 +1,3 @@ ---- wireless_interface: wlan0 local_network_ssid: KPNAE51C6 diff --git a/host_vars/xps/pa-dlna.yml b/host_vars/xps/pa-dlna.yml index b38e132..4361051 100644 --- a/host_vars/xps/pa-dlna.yml +++ b/host_vars/xps/pa-dlna.yml @@ -1,3 +1,2 @@ ---- pa_dlna_version: 0.16 pa_dlna_systemd_version: 0.0.9 diff --git a/host_vars/xps/syncthing.yml b/host_vars/xps/syncthing.yml index 01f40b3..a817845 100644 --- a/host_vars/xps/syncthing.yml +++ b/host_vars/xps/syncthing.yml @@ -1,17 +1,16 @@ ---- -syncthing_listen_address: "0.0.0.0" +syncthing_listen_address: '0.0.0.0' syncthing_protocol_port: 22000 syncthing_gui_port: 8384 syncthing_config_version: 37 syncthing_api_key: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 35346637623066636261633331343438313736356137633466306633613563343630363565643763 - 6631623461663330633537386539376435356338393537620a666234373932636162653830316339 - 65336339383630313837323137613137303862613061326131313437316637383637666638313235 - 6463333235646536620a316163666431323530353330356633393035663933613761313031656561 - 66333431636134366466373533616438326230323965333763316336393764303737663461363636 - 3061373832313462623765353130616237343966333332623262 + $ANSIBLE_VAULT;1.1;AES256 + 35346637623066636261633331343438313736356137633466306633613563343630363565643763 + 6631623461663330633537386539376435356338393537620a666234373932636162653830316339 + 65336339383630313837323137613137303862613061326131313437316637383637666638313235 + 6463333235646536620a316163666431323530353330356633393035663933613761313031656561 + 66333431636134366466373533616438326230323965333763316336393764303737663461363636 + 3061373832313462623765353130616237343966333332623262 syncthing_devices: - name: Desktop @@ -29,7 +28,7 @@ syncthing_devices: syncthing_folders: - id: default label: Default - path: "{{ ansible_env.HOME }}/syncthing/default" + path: '{{ ansible_env.HOME }}/syncthing/default' type: sendreceive devices: - *syncthing_desktop_id @@ -38,7 +37,7 @@ syncthing_folders: - id: pictures label: Pictures - path: "{{ ansible_env.HOME }}/syncthing/pictures" + path: '{{ ansible_env.HOME }}/syncthing/pictures' type: sendreceive devices: - *syncthing_desktop_id diff --git a/host_vars/xps/system.yml b/host_vars/xps/system.yml index dea1e54..53ed97b 100644 --- a/host_vars/xps/system.yml +++ b/host_vars/xps/system.yml @@ -1,4 +1,3 @@ ---- packages: - nftables - tmux @@ -9,7 +8,7 @@ packages: - iproute2 - curl - reflector - - ttf-ibm-plex + - otf-monaspace-nerd - systemd-ukify - efibootmgr - git-delta @@ -43,17 +42,21 @@ packages: - nvidia-utils - lib32-nvidia-utils +boot_configuration: + disk: /dev/nvme0n1 + partition: 1 + mkinitcpio_templates: - - src: "templates/xps/mkinitcpio/1-modules.conf.j2" - dest: "/etc/mkinitcpio.conf.d/1-modules.conf" + - src: 'templates/xps/mkinitcpio/1-modules.conf.j2' + dest: '/etc/mkinitcpio.conf.d/1-modules.conf' - - src: "templates/xps/mkinitcpio/2-hooks.conf.j2" - dest: "/etc/mkinitcpio.conf.d/2-hooks.conf" + - src: 'templates/xps/mkinitcpio/2-hooks.conf.j2' + dest: '/etc/mkinitcpio.conf.d/2-hooks.conf' - - src: "templates/xps/mkinitcpio/linux.preset.j2" - dest: "/etc/mkinitcpio.d/linux.preset" + - src: 'templates/xps/mkinitcpio/linux.preset.j2' + dest: '/etc/mkinitcpio.d/linux.preset' - - src: "templates/xps/mkinitcpio/linux-lts.preset.j2" - dest: "/etc/mkinitcpio.d/linux-lts.preset" + - src: 'templates/xps/mkinitcpio/linux-lts.preset.j2' + dest: '/etc/mkinitcpio.d/linux-lts.preset' -wezterm_font_size: 11 +wezterm_font_size: 10 diff --git a/htpc.yml b/htpc.yml index 5c44b81..28ffd78 100644 --- a/htpc.yml +++ b/htpc.yml @@ -1,4 +1,3 @@ ---- - hosts: htpc gather_facts: true @@ -9,7 +8,7 @@ hosts: htpc tasks: - name: Wireguard media provisioning - ansible.builtin.import_tasks: "tasks/wireguard-media.yml" + ansible.builtin.import_tasks: 'tasks/wireguard-media.yml' tags: wireguard-media handlers: @@ -17,4 +16,4 @@ ansible.builtin.import_tasks: handlers.yml - name: Import common role handlers - ansible.builtin.import_tasks: "roles/common/handlers/user.yml" + ansible.builtin.import_tasks: 'roles/common/handlers/user.yml' diff --git a/inventory.yml b/inventory.yml index d0c95b4..6e289f8 100644 --- a/inventory.yml +++ b/inventory.yml @@ -1,4 +1,3 @@ ---- all: hosts: xps: diff --git a/requirements.yml b/requirements.yml index 7a0710c..b20eeb6 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,4 +1,3 @@ ---- - src: git+https://forgejo.fudiggity.nl/sonny/common-ansible.git name: common version: master diff --git a/tasks/desktop.yml b/tasks/desktop.yml index dd4dcae..a5134cd 100644 --- a/tasks/desktop.yml +++ b/tasks/desktop.yml @@ -1,13 +1,12 @@ ---- - name: Create xdg-desktop-portal.service.d directory ansible.builtin.file: - path: "{{ xdg_config_dir }}/systemd/user/xdg-desktop-portal.service.d" + path: '{{ xdg_config_dir }}/systemd/user/xdg-desktop-portal.service.d' state: directory - mode: "0755" + mode: '0755' - name: Copy xdg-desktop-portal.service drop-in ansible.builtin.template: src: templates/desktop/xdg-desktop-portal.service.j2 - dest: "{{ xdg_config_dir }}/systemd/user/xdg-desktop-portal.service.d/override.conf" - mode: "0755" + dest: '{{ xdg_config_dir }}/systemd/user/xdg-desktop-portal.service.d/override.conf' + mode: '0755' notify: user daemon-reload diff --git a/tasks/mpd.yaml b/tasks/mpd.yaml index cc81314..f3e29b7 100644 --- a/tasks/mpd.yaml +++ b/tasks/mpd.yaml @@ -1,67 +1,66 @@ ---- - name: Include mpd defaults ansible.builtin.include_vars: file: vars/mpd.yml - name: Copy systemd configuration files ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "0644" + src: '{{ item.src }}' + dest: '{{ item.dest }}' + mode: '0644' loop: - - src: "templates/mpd/service.j2" - dest: "{{ xdg_config_dir }}/systemd/user/mpd.service" + - src: 'templates/mpd/service.j2' + dest: '{{ xdg_config_dir }}/systemd/user/mpd.service' - - src: "templates/mpd/socket.j2" - dest: "{{ xdg_config_dir }}/systemd/user/mpd.socket" + - src: 'templates/mpd/socket.j2' + dest: '{{ xdg_config_dir }}/systemd/user/mpd.socket' notify: - stop mpd service - restart mpd socket - name: Create mpd files ansible.builtin.file: - path: "{{ item.path }}" - state: "{{ item.state }}" - mode: "0755" + path: '{{ item.path }}' + state: '{{ item.state }}' + mode: '0755' loop: - - path: "{{ mpd_configuration_dir }}" - state: "directory" - - path: "{{ ncmpc_configuration_dir }}" - state: "directory" - - path: "{{ ncmpcpp_configuration_dir }}" - state: "directory" - - path: "{{ mpd_configuration_dir }}/playlists" - state: "directory" - - path: "{{ mpd_configuration_dir }}/state" - state: "touch" + - path: '{{ mpd_configuration_dir }}' + state: 'directory' + - path: '{{ ncmpc_configuration_dir }}' + state: 'directory' + - path: '{{ ncmpcpp_configuration_dir }}' + state: 'directory' + - path: '{{ mpd_configuration_dir }}/playlists' + state: 'directory' + - path: '{{ mpd_configuration_dir }}/state' + state: 'touch' - name: Remove previous mpd files ansible.builtin.file: - path: "{{ item.path }}" - state: "{{ item.state }}" - mode: "0755" + path: '{{ item.path }}' + state: '{{ item.state }}' + mode: '0755' loop: - - path: "{{ mpd_configuration_dir }}/log" - state: "absent" - - path: "{{ mpd_configuration_dir }}/database" - state: "absent" - - path: "{{ mpd_configuration_dir }}/sticker.sql" - state: "absent" - - path: "{{ ncmpc_configuration_dir }}" - state: "absent" + - path: '{{ mpd_configuration_dir }}/log' + state: 'absent' + - path: '{{ mpd_configuration_dir }}/database' + state: 'absent' + - path: '{{ mpd_configuration_dir }}/sticker.sql' + state: 'absent' + - path: '{{ ncmpc_configuration_dir }}' + state: 'absent' - name: Copy configuration files ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "0755" + src: '{{ item.src }}' + dest: '{{ item.dest }}' + mode: '0755' loop: - - src: "templates/mpd/mpd.conf.j2" - dest: "{{ mpd_configuration_dir }}/mpd.conf" - - src: "templates/mpd/ncmpcpp/config.j2" - dest: "{{ ncmpcpp_configuration_dir }}/config" - - src: "templates/mpd/ncmpcpp/bindings.j2" - dest: "{{ ncmpcpp_configuration_dir }}/bindings" + - src: 'templates/mpd/mpd.conf.j2' + dest: '{{ mpd_configuration_dir }}/mpd.conf' + - src: 'templates/mpd/ncmpcpp/config.j2' + dest: '{{ ncmpcpp_configuration_dir }}/config' + - src: 'templates/mpd/ncmpcpp/bindings.j2' + dest: '{{ ncmpcpp_configuration_dir }}/bindings' notify: - stop mpd service diff --git a/tasks/mpv.yml b/tasks/mpv.yml index a7ba1bb..3b4c52a 100644 --- a/tasks/mpv.yml +++ b/tasks/mpv.yml @@ -1,17 +1,16 @@ ---- - name: Create configuration directory ansible.builtin.file: - path: "{{ ansible_env.HOME }}/.config/mpv" + path: '{{ ansible_env.HOME }}/.config/mpv' state: directory - mode: "0700" + mode: '0700' - name: Copy configuration files ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "0644" + src: '{{ item.src }}' + dest: '{{ item.dest }}' + mode: '0644' loop: - - src: "templates/mpv/input.j2" - dest: "{{ ansible_env.HOME }}/.config/mpv/input.conf" - - src: "templates/mpv/config.j2" - dest: "{{ ansible_env.HOME }}/.config/mpv/mpv.conf" + - src: 'templates/mpv/input.j2' + dest: '{{ ansible_env.HOME }}/.config/mpv/input.conf' + - src: 'templates/mpv/config.j2' + dest: '{{ ansible_env.HOME }}/.config/mpv/mpv.conf' diff --git a/tasks/network/desktop.yml b/tasks/network/desktop.yml index dc1da43..4eb16d8 100644 --- a/tasks/network/desktop.yml +++ b/tasks/network/desktop.yml @@ -1,4 +1,3 @@ ---- - name: Desktop configuration notify: - restart systemd-networkd @@ -7,22 +6,22 @@ - name: Setup network configuration become: true ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" + src: '{{ item.src }}' + dest: '{{ item.dest }}' owner: root group: systemd-network - mode: "0640" + mode: '0640' loop: - - src: "templates/desktop/network/enp1s0.link.j2" - dest: "/etc/systemd/network/20-enp1s0.link" - - src: "templates/desktop//network/enp1s0.network.j2" - dest: "/etc/systemd/network/20-enp1s0.network" + - src: 'templates/desktop/network/enp1s0.link.j2' + dest: '/etc/systemd/network/20-enp1s0.link' + - src: 'templates/desktop//network/enp1s0.network.j2' + dest: '/etc/systemd/network/20-enp1s0.network' - name: Remove leftover configuration files become: true ansible.builtin.file: - path: "{{ item }}" + path: '{{ item }}' state: absent loop: - - "/etc/systemd/network/30-vmbr0.network" - - "/etc/systemd/network/30-vmbr0.netdev" + - '/etc/systemd/network/30-vmbr0.network' + - '/etc/systemd/network/30-vmbr0.netdev' diff --git a/tasks/network/main.yml b/tasks/network/main.yml index 7e95b03..f8586b1 100644 --- a/tasks/network/main.yml +++ b/tasks/network/main.yml @@ -1,4 +1,3 @@ ---- # Note that Wireguard does DNS resolution only once during connection. # When a client's IP changes, the server should be notified in some way, # using `wg set wg0 peer izHzmRwh2yzICps6pFI2Bg3TnmTD66/8uH4loJpkuD4= endpoint :` @@ -7,7 +6,7 @@ - name: Set hostname become: true ansible.builtin.hostname: - name: "{{ hostname }}" + name: '{{ hostname }}' use: systemd - name: Copy hosts file @@ -15,15 +14,15 @@ ansible.builtin.template: src: templates/hosts.j2 dest: /etc/hosts - mode: "0644" + mode: '0644' owner: root - name: Copy firewall template become: true ansible.builtin.template: - src: "templates/{{ ansible_hostname }}/nftables.j2" + src: 'templates/{{ ansible_hostname }}/nftables.j2' dest: /etc/nftables.conf owner: root group: root - mode: "0600" + mode: '0600' notify: restart nftables diff --git a/tasks/network/xps.yml b/tasks/network/xps.yml index 753ae43..0c99843 100644 --- a/tasks/network/xps.yml +++ b/tasks/network/xps.yml @@ -1,21 +1,20 @@ ---- - name: Setup network configuration become: true ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" + src: '{{ item.src }}' + dest: '{{ item.dest }}' owner: root group: systemd-network - mode: "0640" + mode: '0640' loop: - - src: "templates/xps/network/wlan0-local.network.j2" - dest: "/etc/systemd/network/10-wireless.network" + - src: 'templates/xps/network/wlan0-local.network.j2' + dest: '/etc/systemd/network/10-wireless.network' - - src: "templates/xps/network/wlan0-frans.network.j2" - dest: "/etc/systemd/network/11-wireless.network" + - src: 'templates/xps/network/wlan0-frans.network.j2' + dest: '/etc/systemd/network/11-wireless.network' - - src: "templates/xps/network/wlan0.network.j2" - dest: "/etc/systemd/network/20-wireless.network" + - src: 'templates/xps/network/wlan0.network.j2' + dest: '/etc/systemd/network/20-wireless.network' notify: - restart systemd-networkd - restart systemd-resolved @@ -25,7 +24,7 @@ ansible.builtin.template: src: templates/xps/iwd.j2 dest: /etc/iwd - mode: "0644" + mode: '0644' owner: root - name: Provision iwd configuration @@ -33,14 +32,14 @@ ansible.builtin.template: src: templates/xps/iwd.j2 dest: /etc/iwd/main.config - mode: "0755" + mode: '0755' owner: root notify: restart iwd - name: Remove leftover configuration files become: true ansible.builtin.file: - path: "{{ item }}" + path: '{{ item }}' state: absent loop: - /etc/systemd/network/30-vmbr0.network diff --git a/tasks/setup.yml b/tasks/setup.yml index 2b7c5e7..e2c0d73 100644 --- a/tasks/setup.yml +++ b/tasks/setup.yml @@ -1,22 +1,21 @@ ---- - name: Provision pollkit administrator configuration become: true ansible.builtin.template: - src: "templates/polkit.j2" - dest: "/etc/polkit-1/rules.d/49-nopasswd_global.rules" - mode: "0755" + src: 'templates/polkit.j2' + dest: '/etc/polkit-1/rules.d/49-nopasswd_global.rules' + mode: '0755' - name: Install shared packages become: true community.general.pacman: - name: "{{ packages }}" + name: '{{ packages }}' - name: Copy reflector configuration become: true ansible.builtin.template: - src: "templates/reflector.j2" - dest: "/etc/xdg/reflector/reflector.conf" - mode: "0600" + src: 'templates/reflector.j2' + dest: '/etc/xdg/reflector/reflector.conf' + mode: '0600' # started by weekly timer - name: Disable reflector @@ -29,56 +28,47 @@ - name: Copy pacman configuration become: true ansible.builtin.template: - src: "templates/pacman/config.j2" - dest: "/etc/pacman.conf" + src: 'templates/pacman.j2' + dest: '/etc/pacman.conf' owner: root group: root - mode: "0644" + mode: '0644' - name: Create extra conf become: true ansible.builtin.file: - path: "/etc/pacman.d/extra.conf" + path: '/etc/pacman.d/extra.conf' owner: root group: root state: touch - mode: "0644" - -- name: Copy systemd-boot pacman hook - become: true - ansible.builtin.template: - src: "templates/pacman/hook.j2" - dest: "/etc/pacman.d/hooks/100-systemd-boot.hook" - owner: root - group: root - mode: "0644" + mode: '0644' - name: Setup Wezterm when: "'wezterm' in packages" block: - name: Create wezterm configuration dir ansible.builtin.file: - path: "{{ xdg_config_dir }}/wezterm/includes" + path: '{{ xdg_config_dir }}/wezterm/includes' state: directory - mode: "0755" + mode: '0755' - name: Copy wezterm configuration files ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "0755" + src: '{{ item.src }}' + dest: '{{ item.dest }}' + mode: '0755' loop: - - src: "templates/wezterm/wezterm.lua.j2" - dest: "{{ xdg_config_dir }}/wezterm/wezterm.lua" + - src: 'templates/wezterm/wezterm.lua.j2' + dest: '{{ xdg_config_dir }}/wezterm/wezterm.lua' - - src: "templates/wezterm/includes/colors.lua.j2" - dest: "{{ xdg_config_dir }}/wezterm/includes/colors.lua" + - src: 'templates/wezterm/includes/colors.lua.j2' + dest: '{{ xdg_config_dir }}/wezterm/includes/colors.lua' - - src: "templates/wezterm/includes/fonts.lua.j2" - dest: "{{ xdg_config_dir }}/wezterm/includes/fonts.lua" + - src: 'templates/wezterm/includes/fonts.lua.j2' + dest: '{{ xdg_config_dir }}/wezterm/includes/fonts.lua' - - src: "templates/wezterm/includes/window.lua.j2" - dest: "{{ xdg_config_dir }}/wezterm/includes/window.lua" + - src: 'templates/wezterm/includes/window.lua.j2' + dest: '{{ xdg_config_dir }}/wezterm/includes/window.lua' - name: Enable fstrim timer become: true @@ -97,19 +87,19 @@ ansible.builtin.file: path: /etc/sysctl.d state: directory - mode: "0755" + mode: '0755' - name: Copy sysctl files become: true ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "0755" + src: '{{ item.src }}' + dest: '{{ item.dest }}' + mode: '0755' loop: - - src: "templates/sysctl/99-sysrq.conf.j2" - dest: "/etc/sysctl.d/99-sysrq.conf" - - src: "templates/sysctl/98-forward.conf.j2" - dest: "/etc/sysctl.d/98-foward.conf" + - src: 'templates/sysctl/99-sysrq.conf.j2' + dest: '/etc/sysctl.d/99-sysrq.conf' + - src: 'templates/sysctl/98-forward.conf.j2' + dest: '/etc/sysctl.d/98-foward.conf' notify: reload sysctl configuration - name: Remove the modprobe.d directory @@ -123,28 +113,28 @@ ansible.builtin.file: path: /etc/modprobe.d state: directory - mode: "0755" + mode: '0755' - name: Copy modprobe configuration files become: true ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "0755" - loop: "{{ modprobe_templates }}" + src: '{{ item.src }}' + dest: '{{ item.dest }}' + mode: '0755' + loop: '{{ modprobe_templates }}' when: modprobe_templates - name: Copy kernel parameters template become: true ansible.builtin.template: - src: "templates/{{ ansible_hostname }}/cmdline.j2" - dest: "/etc/kernel/cmdline" - mode: "0755" + src: 'templates/{{ ansible_hostname }}/cmdline.j2' + dest: '/etc/kernel/cmdline' + mode: '0755' - name: Remove the mkinitcpio directories become: true ansible.builtin.file: - path: "{{ item }}" + path: '{{ item }}' state: absent loop: - /etc/mkinitcpio.conf.d @@ -153,9 +143,9 @@ - name: Recreate the mkinitcpio directories become: true ansible.builtin.file: - path: "{{ item }}" + path: '{{ item }}' state: directory - mode: "0755" + mode: '0755' loop: - /etc/mkinitcpio.conf.d - /etc/mkinitcpio.d @@ -163,17 +153,53 @@ - name: Copy mkinitcpio configuration files become: true ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "0755" - loop: "{{ mkinitcpio_templates }}" - when: "mkinitcpio_templates | length > 0" + src: '{{ item.src }}' + dest: '{{ item.dest }}' + mode: '0755' + loop: '{{ mkinitcpio_templates }}' + when: '{{ mkinitcpio_templates | length > 0 }}' - name: Regenerate initramfs images become: true - ansible.builtin.command: "mkinitcpio --allpresets" + ansible.builtin.command: 'mkinitcpio --allpresets' register: mkinitcpio_stats - name: Log mkinitcpio stdout ansible.builtin.debug: var: mkinitcpio_stats.stdout_lines + +- name: Create a Linux UEFI boot entry + become: true + ansible.builtin.command: efibootmgr \ + --create \ + --disk '{{ boot_configuration.disk }}' \ + --part '{{ boot_configuration.partition }}' \ + --label 'Arch Linux' \ + --loader '\EFI\Linux\linux.efi'\ + --unicode + --index 0 + register: efi_linux_stats + when: register_uefi_entries + +- name: Log efibootmgr stdout + ansible.builtin.debug: + var: efi_linux_stats.stdout_lines + when: register_uefi_entries + +- name: Create a Linux LTS UEFI boot entry + become: true + ansible.builtin.command: efibootmgr \ + --create \ + --disk '{{ boot_configuration.disk }}' \ + --part '{{ boot_configuration.partition }}' \ + --label 'Arch Linux LTS' \ + --loader '\EFI\Linux\linux-lts.efi'\ + --unicode + --index 1 + register: efi_linux_lts_stats + when: register_uefi_entries + +- name: Log efibootmgr LTS stdout + ansible.builtin.debug: + var: efi_linux_lts_stats.stdout_lines + when: register_uefi_entries diff --git a/tasks/syncthing.yml b/tasks/syncthing.yml index 409c53b..c54fde5 100644 --- a/tasks/syncthing.yml +++ b/tasks/syncthing.yml @@ -1,9 +1,8 @@ ---- - name: Create configuration dir ansible.builtin.file: - path: "{{ xdg_config_dir }}/syncthing" + path: '{{ xdg_config_dir }}/syncthing' state: directory - mode: "0755" + mode: '0755' - name: Stop syncthing service ansible.builtin.systemd: @@ -13,7 +12,7 @@ - name: Copy configuration file ansible.builtin.template: - src: "templates/syncthing/config.j2" - dest: "{{ xdg_config_dir }}/syncthing/config.xml" - mode: "0640" + src: 'templates/syncthing/config.j2' + dest: '{{ xdg_config_dir }}/syncthing/config.xml' + mode: '0640' notify: start syncthing diff --git a/tasks/systemd.yml b/tasks/systemd.yml index 3c399c0..4b6e6e5 100644 --- a/tasks/systemd.yml +++ b/tasks/systemd.yml @@ -1,30 +1,28 @@ ---- - name: Setup systemd user service folder ansible.builtin.file: - path: "{{ xdg_config_dir }}/systemd/user" + path: '{{ xdg_config_dir }}/systemd/user' state: directory - mode: "0755" + mode: '0755' - name: Add ssh-agent service ansible.builtin.template: - src: "templates/ssh-agent.j2" - dest: "{{ xdg_config_dir }}/systemd/user/ssh-agent.service" - mode: "0644" + src: 'templates/ssh-agent.j2' + dest: '{{ xdg_config_dir }}/systemd/user/ssh-agent.service' + mode: '0644' notify: restart user ssh-agent - name: Copy tmux service ansible.builtin.template: - src: "templates/tmux.j2" - dest: "{{ xdg_config_dir }}/systemd/user/tmux.service" - mode: "0644" + src: 'templates/tmux.j2' + dest: '{{ xdg_config_dir }}/systemd/user/tmux.service' + mode: '0644' notify: - user daemon-reload - restart tmux service - name: Copy tmux startup script ansible.builtin.copy: - src: "files/tmux_start" - dest: "{{ ansible_env.HOME }}/.local/bin/tmux_start" - mode: "0740" + src: 'files/tmux_start' + dest: '{{ ansible_env.HOME }}/.local/bin/tmux_start' + mode: '0740' force: false -# setup systemd-boot pacman hook diff --git a/tasks/timer.yml b/tasks/timer.yml index f68a50a..7a2aa56 100644 --- a/tasks/timer.yml +++ b/tasks/timer.yml @@ -1,43 +1,45 @@ ---- -- name: Copy timer files +- name: copy timer files become: true - ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" + template: + src: '{{ item.src }}' + dest: '{{ item.dest }}' owner: root - mode: "0644" + mode: '0644' loop: - - { src: "templates/timer/daily_timer.j2", dest: "/etc/systemd/system/daily.timer" } - - { src: "templates/timer/weekly_timer.j2", dest: "/etc/systemd/system/weekly.timer" } + - { src: 'templates/timer/daily_timer.j2', dest: '/etc/systemd/system/daily.timer' } + - { src: 'templates/timer/weekly_timer.j2', dest: '/etc/systemd/system/weekly.timer' } notify: - enable daily timer - enable weekly timer -- name: Copy target files +- name: copy target files become: true - ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" + template: + src: '{{ item.src }}' + dest: '{{ item.dest }}' owner: root - mode: "0644" + mode: '0644' loop: - - { src: "templates/timer/daily_target.j2", dest: "/etc/systemd/system/daily.target" } - - { src: "templates/timer/weekly_target.j2", dest: "/etc/systemd/system/weekly.target" } + - { src: 'templates/timer/daily_target.j2', dest: '/etc/systemd/system/daily.target' } + - { + src: 'templates/timer/weekly_target.j2', + dest: '/etc/systemd/system/weekly.target', + } -- name: Create target directories +- name: create target directories become: true - ansible.builtin.file: - path: "{{ item }}" + file: + path: '{{ item }}' state: directory owner: root - mode: "0755" + mode: '0755' loop: - - "/etc/systemd/system/daily.target.wants" - - "/etc/systemd/system/weekly.target.wants" + - '/etc/systemd/system/daily.target.wants' + - '/etc/systemd/system/weekly.target.wants' -- name: Add reflector to weekly timer +- name: add reflector to weekly timer become: true - ansible.builtin.file: - src: "/usr/lib/systemd/system/reflector.service" - dest: "/etc/systemd/system/weekly.target.wants/reflector.service" + file: + src: '/usr/lib/systemd/system/reflector.service' + dest: '/etc/systemd/system/weekly.target.wants/reflector.service' state: link diff --git a/tasks/wireguard-media.yml b/tasks/wireguard-media.yml index 348befb..b22e477 100644 --- a/tasks/wireguard-media.yml +++ b/tasks/wireguard-media.yml @@ -1,4 +1,3 @@ ---- - name: Include wireguard media defaults ansible.builtin.include_vars: file: vars/wireguard-media.yml @@ -6,16 +5,16 @@ - name: Create Wireguard directories become: true ansible.builtin.file: - path: "{{ item }}" + path: '{{ item }}' owner: root group: systemd-network - mode: "0750" + mode: '0750' state: directory recurse: true loop: - - "{{ vpn_config_dir }}" - - "{{ wireguard_media_defaults.private_key_path | dirname }}" - - "{{ wireguard_media_defaults.public_key_path | dirname }}" + - '{{ vpn_config_dir }}' + - '{{ wireguard_media_defaults.private_key_path | dirname }}' + - '{{ wireguard_media_defaults.public_key_path | dirname }}' notify: - restart systemd-networkd - restart systemd-resolved @@ -23,17 +22,17 @@ - name: Copy Wireguard credentials become: true ansible.builtin.copy: - src: "{{ item.src }}" - dest: "{{ item.dest }}" + src: '{{ item.src }}' + dest: '{{ item.dest }}' owner: root group: systemd-network - mode: "0640" + mode: '0640' loop: - - dest: "{{ wireguard_media_defaults.public_key_path }}" - src: "files/wireguard-media/{{ ansible_hostname }}/fudiggity.pub" + - dest: '{{ wireguard_media_defaults.public_key_path }}' + src: 'files/wireguard-media/{{ ansible_hostname }}/fudiggity.pub' - - dest: "{{ wireguard_media_defaults.private_key_path }}" - src: "files/wireguard-media/{{ ansible_hostname }}/fudiggity.key" + - dest: '{{ wireguard_media_defaults.private_key_path }}' + src: 'files/wireguard-media/{{ ansible_hostname }}/fudiggity.key' notify: - restart systemd-networkd - restart systemd-resolved @@ -41,12 +40,12 @@ - name: Copy Wireguard preshared keys become: true ansible.builtin.copy: - src: "{{ item.preshared_key_source_path }}" - dest: "{{ item.preshared_key_path }}" + src: '{{ item.preshared_key_source_path }}' + dest: '{{ item.preshared_key_path }}' owner: root group: systemd-network - mode: "0640" - loop: "{{ wireguard_media_defaults.peers }}" + mode: '0640' + loop: '{{ wireguard_media_defaults.peers }}' notify: - restart systemd-networkd - restart systemd-resolved @@ -54,17 +53,17 @@ - name: Setup network configuration become: true ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" + src: '{{ item.src }}' + dest: '{{ item.dest }}' owner: root group: systemd-network - mode: "0640" + mode: '0640' loop: - - src: "templates/{{ ansible_hostname }}/network/wg1.network.j2" - dest: "/etc/systemd/network/40-wg1.network" + - src: 'templates/{{ ansible_hostname }}/network/wg1.network.j2' + dest: '/etc/systemd/network/40-wg1.network' - - src: "templates/{{ ansible_hostname }}/network/wg1.netdev.j2" - dest: "/etc/systemd/network/40-wg1.netdev" + - src: 'templates/{{ ansible_hostname }}/network/wg1.netdev.j2' + dest: '/etc/systemd/network/40-wg1.netdev' notify: - restart systemd-networkd - restart systemd-resolved diff --git a/tasks/wireguard.yml b/tasks/wireguard.yml index 06b5479..bfd9418 100644 --- a/tasks/wireguard.yml +++ b/tasks/wireguard.yml @@ -1,4 +1,3 @@ ---- - name: Include wireguard defaults ansible.builtin.include_vars: file: vars/wireguard.yml @@ -6,16 +5,16 @@ - name: Create Wireguard directories become: true ansible.builtin.file: - path: "{{ item }}" + path: '{{ item }}' owner: root group: systemd-network - mode: "0750" + mode: '0750' state: directory recurse: true loop: - - "{{ vpn_config_dir }}" - - "{{ wireguard_defaults.private_key_path | dirname }}" - - "{{ wireguard_defaults.public_key_path | dirname }}" + - '{{ vpn_config_dir }}' + - '{{ wireguard_defaults.private_key_path | dirname }}' + - '{{ wireguard_defaults.public_key_path | dirname }}' notify: - restart systemd-networkd - restart systemd-resolved @@ -23,17 +22,17 @@ - name: Copy Wireguard credentials become: true ansible.builtin.copy: - src: "{{ item.src }}" - dest: "{{ item.dest }}" + src: '{{ item.src }}' + dest: '{{ item.dest }}' owner: root group: systemd-network - mode: "0640" + mode: '0640' loop: - - dest: "{{ wireguard_defaults.public_key_path }}" - src: "files/wireguard/{ ansible_hostname }}/fudiggity.pub" + - dest: '{{ wireguard_defaults.public_key_path }}' + src: 'files/wireguard/{ ansible_hostname }}/fudiggity.pub' - - dest: "{{ wireguard_defaults.private_key_path }}" - src: "files/wireguard/{{ ansible_hostname }}/fudiggity.key" + - dest: '{{ wireguard_defaults.private_key_path }}' + src: 'files/wireguard/{{ ansible_hostname }}/fudiggity.key' notify: - restart systemd-networkd - restart systemd-resolved @@ -41,12 +40,12 @@ - name: Copy Wireguard preshared keys become: true ansible.builtin.copy: - src: "{{ item.preshared_key_source_path }}" - dest: "{{ item.preshared_key_path }}" + src: '{{ item.preshared_key_source_path }}' + dest: '{{ item.preshared_key_path }}' owner: root group: systemd-network - mode: "0640" - loop: "{{ wireguard_defaults.peers }}" + mode: '0640' + loop: '{{ wireguard_defaults.peers }}' notify: - restart systemd-networkd - restart systemd-resolved @@ -54,17 +53,17 @@ - name: Setup network configuration become: true ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" + src: '{{ item.src }}' + dest: '{{ item.dest }}' owner: root group: systemd-network - mode: "0640" + mode: '0640' loop: - - src: "templates/{{ ansible_hostname }}/network/wg0.network.j2" - dest: "/etc/systemd/network/40-wg0.network" + - src: 'templates/{{ ansible_hostname }}/network/wg0.network.j2' + dest: '/etc/systemd/network/40-wg0.network' - - src: "templates/{{ ansible_hostname }}/network/wg0.netdev.j2" - dest: "/etc/systemd/network/40-wg0.netdev" + - src: 'templates/{{ ansible_hostname }}/network/wg0.netdev.j2' + dest: '/etc/systemd/network/40-wg0.netdev' notify: - restart systemd-networkd - restart systemd-resolved diff --git a/tasks/xps.yml b/tasks/xps.yml index 42640dc..06aeb90 100644 --- a/tasks/xps.yml +++ b/tasks/xps.yml @@ -1,4 +1,3 @@ ---- - name: Provision powertop systemd service become: true ansible.builtin.file: @@ -9,21 +8,21 @@ block: - name: Create configuration directory ansible.builtin.file: - path: "{{ xdg_config_dir }}/pa-dlna" + path: '{{ xdg_config_dir }}/pa-dlna' state: directory - mode: "0755" + mode: '0755' - name: Copy configuration file ansible.builtin.template: src: templates/xps/pa-dlna/config.j2 - dest: "{{ xdg_config_dir }}/pa-dlna/pa-dlna.conf" - mode: "0755" + dest: '{{ xdg_config_dir }}/pa-dlna/pa-dlna.conf' + mode: '0755' - name: Copy systemd service ansible.builtin.template: src: templates/xps/pa-dlna/service.j2 - dest: "{{ xdg_config_dir }}/systemd/user/pa-dlna.service" - mode: "0755" + dest: '{{ xdg_config_dir }}/systemd/user/pa-dlna.service' + mode: '0755' - name: Create virtualenv directory become: true @@ -32,16 +31,16 @@ state: directory owner: sonny group: sonny - mode: "0755" + mode: '0755' - name: Install pa-dlna ansible.builtin.pip: - name: "pa-dlna=={{ pa_dlna_version }}" + name: 'pa-dlna=={{ pa_dlna_version }}' virtualenv: /opt/virtualenv/pa-dlna virtualenv_command: python3.13 -m venv - name: Install python-systemd ansible.builtin.pip: - name: "python-systemd=={{ pa_dlna_systemd_version }}" + name: 'python-systemd=={{ pa_dlna_systemd_version }}' virtualenv: /opt/virtualenv/pa-dlna virtualenv_command: python3.13 -m venv diff --git a/templates/pacman/config.j2 b/templates/pacman.j2 similarity index 98% rename from templates/pacman/config.j2 rename to templates/pacman.j2 index 67088f6..76ce942 100644 --- a/templates/pacman/config.j2 +++ b/templates/pacman.j2 @@ -41,8 +41,7 @@ CheckSpace VerbosePkgLists ParallelDownloads = 5 DownloadUser = alpm -##DisableSandboxFilesystem -#DisableSandboxSyscalls +#DisableSandbox # By default, pacman accepts packages signed by keys that its local keyring # trusts (see pacman-key and its man page), as well as unsigned packages. diff --git a/templates/pacman/hook.j2 b/templates/pacman/hook.j2 deleted file mode 100644 index ebbec9c..0000000 --- a/templates/pacman/hook.j2 +++ /dev/null @@ -1,11 +0,0 @@ -# {{ ansible_managed }} - -[Trigger] -Type = Package -Operation = Upgrade -Target = systemd - -[Action] -Description = Gracefully upgrading systemd-boot... -When = PostTransaction -Exec = /usr/bin/systemctl restart systemd-boot-update.service diff --git a/templates/wezterm/includes/fonts.lua.j2 b/templates/wezterm/includes/fonts.lua.j2 index 311da3c..fb2735d 100644 --- a/templates/wezterm/includes/fonts.lua.j2 +++ b/templates/wezterm/includes/fonts.lua.j2 @@ -4,7 +4,7 @@ local wezterm = require 'wezterm'; return { font = wezterm.font( - '{{ wezterm_font }}', + 'MonaspiceNe Nerd Font Mono', { weight = 'Regular', stretch = 'Normal', style = 'Normal' } ), @@ -21,5 +21,6 @@ return { 'ss06', 'ss07', 'ss08', + 'liga' } } diff --git a/vars/mpd.yml b/vars/mpd.yml index c9e8541..f28520a 100644 --- a/vars/mpd.yml +++ b/vars/mpd.yml @@ -1,11 +1,10 @@ ---- mpd_listen_address: 127.0.0.1 mpd_listen_port: 6600 -mpd_remote_address: "mpd.{{ server_domain }}" +mpd_remote_address: 'mpd.{{ server_domain }}' mpd_remote_port: 21000 mpd_remote_stream_port: 8000 -mpd_configuration_dir: "{{ ansible_env.HOME }}/.config/mpd" -ncmpc_configuration_dir: "{{ ansible_env.HOME }}/.config/ncmpc" -ncmpcpp_configuration_dir: "{{ ansible_env.HOME }}/.config/ncmpcpp" +mpd_configuration_dir: '{{ ansible_env.HOME }}/.config/mpd' +ncmpc_configuration_dir: '{{ ansible_env.HOME }}/.config/ncmpc' +ncmpcpp_configuration_dir: '{{ ansible_env.HOME }}/.config/ncmpcpp' diff --git a/vars/wireguard-media.yml b/vars/wireguard-media.yml index 1bf75b7..71c9f9c 100644 --- a/vars/wireguard-media.yml +++ b/vars/wireguard-media.yml @@ -1,23 +1,22 @@ ---- -vpn_config_dir: "/etc/wireguard" +vpn_config_dir: '/etc/wireguard' wireguard_media_defaults: prefix: 24 interface: wg1 dns: 10.0.1.1 domains: - - "~media-vpn.{{ server_domain }}" - - "~jellyfin.{{ server_domain }}" + - '~media-vpn.{{ server_domain }}' + - '~jellyfin.{{ server_domain }}' - public_key_path: "{{ vpn_config_dir }}/keys/public/media/fudiggity.pub" - private_key_path: "{{ vpn_config_dir }}/keys/private/media/fudiggity.key" + public_key_path: '{{ vpn_config_dir }}/keys/public/media/fudiggity.pub' + private_key_path: '{{ vpn_config_dir }}/keys/private/media/fudiggity.key' peers: - name: fudiggity allowed_ips: - 10.0.1.0/24 - 172.8.238.0/24 - endpoint: "{{ server_domain }}:51903" + endpoint: '{{ server_domain }}:51903' public_key: EugKeo63C5N5kz9ShMHtYswO9Qh6mE00MtfLSFmqqjg= - preshared_key_path: "{{ vpn_config_dir }}/keys/private/media/fudiggity.psk" + preshared_key_path: '{{ vpn_config_dir }}/keys/private/media/fudiggity.psk' preshared_key_source_path: files/wireguard-media/{{ ansible_hostname }}/preshared.psk diff --git a/vars/wireguard.yml b/vars/wireguard.yml index 6ce6d24..4109b86 100644 --- a/vars/wireguard.yml +++ b/vars/wireguard.yml @@ -1,19 +1,18 @@ ---- -vpn_config_dir: "/etc/wireguard" +vpn_config_dir: '/etc/wireguard' wireguard_defaults: prefix: 24 interface: wg0 dns: 10.0.0.1 domains: - - "~vpn.{{ server_domain }}" - - "~transmission.{{ server_domain }}" - - "~syncthing.{{ server_domain }}" - - "~radicale.{{ server_domain }}" - - "~mpd.{{ server_domain }}" + - '~vpn.{{ server_domain }}' + - '~transmission.{{ server_domain }}' + - '~syncthing.{{ server_domain }}' + - '~radicale.{{ server_domain }}' + - '~mpd.{{ server_domain }}' - public_key_path: "{{ vpn_config_dir }}/keys/public/default/fudiggity.pub" - private_key_path: "{{ vpn_config_dir }}/keys/private/default/fudiggity.key" + public_key_path: '{{ vpn_config_dir }}/keys/public/default/fudiggity.pub' + private_key_path: '{{ vpn_config_dir }}/keys/private/default/fudiggity.key' peers: - name: fudiggity @@ -23,7 +22,7 @@ wireguard_defaults: - 172.32.238.0/24 - 172.64.238.0/24 - 172.128.238.0/24 - endpoint: "{{ server_domain }}:51902" + endpoint: '{{ server_domain }}:51902' public_key: CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo= - preshared_key_path: "{{ vpn_config_dir }}/keys/private/default/preshared-fudiggity.psk" + preshared_key_path: '{{ vpn_config_dir }}/keys/private/default/preshared-fudiggity.psk' preshared_key_source_path: files/wireguard/{{ ansible_hostname }}/preshared.psk diff --git a/xps.yml b/xps.yml index 976e7ac..ca3ab0d 100644 --- a/xps.yml +++ b/xps.yml @@ -1,4 +1,3 @@ ---- - name: Include default playbook ansible.builtin.import_playbook: default.yml @@ -6,24 +5,25 @@ hosts: xps gather_facts: true tasks: + - name: Wireguard provisioning - ansible.builtin.import_tasks: "tasks/wireguard.yml" + ansible.builtin.import_tasks: 'tasks/wireguard.yml' tags: wireguard - name: Wireguard media provisioning - ansible.builtin.import_tasks: "tasks/wireguard-media.yml" + ansible.builtin.import_tasks: 'tasks/wireguard-media.yml' tags: wireguard-media - name: MPD provisioning - ansible.builtin.import_tasks: "tasks/mpd.yml" + ansible.builtin.import_tasks: 'tasks/mpd.yml' tags: mpd - name: Syncthing provisioning - ansible.builtin.import_tasks: "tasks/syncthing.yml" + ansible.builtin.import_tasks: 'tasks/syncthing.yml' tags: syncthing - name: Desktop provisioning - ansible.builtin.import_tasks: "tasks/xps.yml" + ansible.builtin.import_tasks: 'tasks/xps.yml' tags: xps handlers: @@ -31,4 +31,4 @@ ansible.builtin.import_tasks: handlers.yml - name: Import common role handlers - ansible.builtin.import_tasks: "roles/common/handlers/user.yml" + ansible.builtin.import_tasks: 'roles/common/handlers/user.yml'