sonny/arch-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: sonny:43d470edf34d9d7d9d4b88832c3b6682ff122c0c
Branches Tags
sonny:main
sonny:wireguard-refactor
sonny:file-structure
..
compare: sonny:b9c33d66ceac07ce636feef17fdab267ae522847
Branches Tags
sonny:main
sonny:wireguard-refactor
sonny:file-structure

6 commits
43d470edf3 ... b9c33d66ce

Author SHA1 Message Date
Sonny Bakker
b9c33d66ce Update syncthing configuration 2026-01-08 19:34:55 +01:00
Sonny Bakker
d2fb469108 Move default tasks inside task block 2026-01-08 19:34:29 +01:00
Sonny Bakker
ce503c1f1c Rename mpd tasks 2026-01-08 19:33:53 +01:00
Sonny Bakker
c3ca04881b Remove unused packages 2026-01-08 08:30:49 +01:00
Sonny Bakker
429299f763 Re-enable host specific network configuration 2026-01-08 08:30:22 +01:00
Sonny Bakker
82c451aa4e Add boot loader configuration file 2026-01-08 08:29:32 +01:00
14 changed files with 33 additions and 151 deletions
Download patch file Download diff file Expand all files Collapse all files

6
default.yml
View file

@ -14,9 +14,9 @@
ansible.builtin.import_tasks: "tasks/network/main.yml" ansible.builtin.import_tasks: "tasks/network/main.yml"
tags: network tags: network
# - name: Network host specific provisioning - name: Network host specific provisioning
# ansible.builtin.import_tasks: 'tasks/network/{{ ansible_hostname }}.yml' ansible.builtin.import_tasks: "tasks/network/{{ ansible_hostname }}.yml"
# tags: network-specific tags: network-specific
- name: Systemd provisioning - name: Systemd provisioning
ansible.builtin.import_tasks: "tasks/systemd.yml" ansible.builtin.import_tasks: "tasks/systemd.yml"

7
desktop.yml
View file

@ -1,11 +1,10 @@
--- ---
- name: Include default playbook
ansible.builtin.import_playbook: default.yml
- name: Arch Linux provisioning - name: Arch Linux provisioning
hosts: desktop hosts: desktop
gather_facts: true
tasks: tasks:
- name: Include default playbook
ansible.builtin.import_playbook: default.yml
- name: Wireguard provisioning - name: Wireguard provisioning
ansible.builtin.import_tasks: "tasks/wireguard.yml" ansible.builtin.import_tasks: "tasks/wireguard.yml"
tags: wireguard tags: wireguard

1
group_vars/all/main.yml
View file

@ -16,6 +16,7 @@ packages:
xdg_config_dir: "{{ ansible_env.HOME }}/.config" xdg_config_dir: "{{ ansible_env.HOME }}/.config"
xdg_script_dir: "{{ ansible_env.HOME }}/.local/bin" xdg_script_dir: "{{ ansible_env.HOME }}/.local/bin"
xdg_state_dir: "{{ ansible_env.HOME }}/.local/state"
modprobe_templates: [] modprobe_templates: []
mkinitcpio_templates: [] mkinitcpio_templates: []

10
host_vars/desktop/syncthing.yml
View file

@ -3,15 +3,7 @@ syncthing_listen_address: "0.0.0.0"
syncthing_protocol_port: 22000 syncthing_protocol_port: 22000
syncthing_gui_port: 8384 syncthing_gui_port: 8384
syncthing_config_version: 37 syncthing_config_version: 51
syncthing_api_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
39643534383666343331666336356662333165633032356532323730316535616363393330376263
6164323430343961646635323739373363623764646361360a666566363736323739313533323562
34653032646230313063613265313836383033353336333461376432363530633632313234323733
6162646332623837370a646537336139336361666336363861353030633136373063333433643435
64666465356566313263376330643664313266646139663433663366316232613562663863366334
3061663839656563353663373135393233653130383735366538
syncthing_devices: syncthing_devices:
- name: Desktop - name: Desktop

3
host_vars/desktop/system.yml
View file

@ -28,12 +28,11 @@ packages:
- postgresql - postgresql
- plasma-meta - plasma-meta
- wezterm - wezterm
- kmail - thunderbird
- pipewire - pipewire
- pipewire-pulse - pipewire-pulse
- pipewire-alsa - pipewire-alsa
- merkuro - merkuro
- kmail
- aspell-nl - aspell-nl
- aspell-en - aspell-en

10
host_vars/xps/syncthing.yml
View file

@ -3,15 +3,7 @@ syncthing_listen_address: "0.0.0.0"
syncthing_protocol_port: 22000 syncthing_protocol_port: 22000
syncthing_gui_port: 8384 syncthing_gui_port: 8384
syncthing_config_version: 37 syncthing_config_version: 51
syncthing_api_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
35346637623066636261633331343438313736356137633466306633613563343630363565643763
6631623461663330633537386539376435356338393537620a666234373932636162653830316339
65336339383630313837323137613137303862613061326131313437316637383637666638313235
6463333235646536620a316163666431323530353330356633393035663933613761313031656561
66333431636134366466373533616438326230323965333763316336393764303737663461363636
3061373832313462623765353130616237343966333332623262
syncthing_devices: syncthing_devices:
- name: Desktop - name: Desktop

7
host_vars/xps/system.yml
View file

@ -14,6 +14,7 @@ packages:
- efibootmgr - efibootmgr
- git-delta - git-delta
# custom host packages
- keepassxc - keepassxc
- gimp - gimp
- firefox - firefox
@ -27,16 +28,12 @@ packages:
- postgresql - postgresql
- plasma-meta - plasma-meta
- wezterm - wezterm
- kmail - thunderbird
- pipewire - pipewire
- pipewire-pulse - pipewire-pulse
- pipewire-alsa - pipewire-alsa
- merkuro
- kmail
- aspell-nl - aspell-nl
- aspell-en - aspell-en
# custom host packages
- iwd - iwd
- nvidia - nvidia
- nvidia-prime - nvidia-prime

0
tasks/mpd.yaml → tasks/mpd.yml
View file

9
tasks/setup.yml
View file

@ -1,11 +1,18 @@
--- ---
- name: Provision pollkit administrator configuration - name: Provision polkit administrator configuration
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: "templates/polkit.j2" src: "templates/polkit.j2"
dest: "/etc/polkit-1/rules.d/49-nopasswd_global.rules" dest: "/etc/polkit-1/rules.d/49-nopasswd_global.rules"
mode: "0755" mode: "0755"
- name: Provision systemd-boot loader configuration
become: true
ansible.builtin.template:
src: "templates/loader.j2"
dest: "/boot/loader/loader.conf"
mode: "0755"
- name: Install shared packages - name: Install shared packages
become: true become: true
community.general.pacman: community.general.pacman:

6
tasks/syncthing.yml
View file

@ -1,7 +1,7 @@
--- ---
- name: Create configuration dir - name: Create configuration dir
ansible.builtin.file: ansible.builtin.file:
path: "{{ xdg_config_dir }}/syncthing" path: "{{ xdg_state_dir }}/syncthing"
state: directory state: directory
mode: "0755" mode: "0755"
@ -14,6 +14,6 @@
- name: Copy configuration file - name: Copy configuration file
ansible.builtin.template: ansible.builtin.template:
src: "templates/syncthing/config.j2" src: "templates/syncthing/config.j2"
dest: "{{ xdg_config_dir }}/syncthing/config.xml" dest: "{{ xdg_state_dir }}/syncthing/config.xml"
mode: "0640" mode: "0640"
notify: start syncthing notify: Start syncthing

1
tasks/systemd.yml
View file

@ -27,4 +27,3 @@
dest: "{{ ansible_env.HOME }}/.local/bin/tmux_start" dest: "{{ ansible_env.HOME }}/.local/bin/tmux_start"
mode: "0740" mode: "0740"
force: false force: false
# setup systemd-boot pacman hook

9
templates/loader.j2 Normal file
View file

@ -0,0 +1,9 @@
# {{ ansible_managed }}
timeout 5
editor yes
console-mode max
auto-entries yes
auto-firmware yes
auto-reboot yes
auto-poweroff yes

1
templates/polkit.j2
View file

@ -2,7 +2,6 @@
* *
* Allow members of the wheel group to execute any actions * Allow members of the wheel group to execute any actions
* without password authentication, similar to "sudo NOPASSWD:" * without password authentication, similar to "sudo NOPASSWD:"
* without password authentication, similar to "sudo NOPASSWD:"
*/ */
polkit.addRule(function(action, subject) { polkit.addRule(function(action, subject) {
if (subject.isInGroup("wheel")) { if (subject.isInGroup("wheel")) {

112
templates/syncthing/config.j2
View file

@ -14,39 +14,7 @@
</device> </device>
{%- endfor %} {%- endfor %}
<filesystemType>basic</filesystemType>
<minDiskFree unit="%">20</minDiskFree> <minDiskFree unit="%">20</minDiskFree>
<versioning>
<cleanupIntervalS>3600</cleanupIntervalS>
<fsPath></fsPath>
<fsType>basic</fsType>
</versioning>
<copiers>0</copiers>
<pullerMaxPendingKiB>0</pullerMaxPendingKiB>
<hashers>0</hashers>
<order>random</order>
<ignoreDelete>false</ignoreDelete>
<scanProgressIntervalS>0</scanProgressIntervalS>
<pullerPauseS>0</pullerPauseS>
<maxConflicts>-1</maxConflicts>
<disableSparseFiles>false</disableSparseFiles>
<disableTempIndexes>false</disableTempIndexes>
<paused>false</paused>
<weakHashThresholdPct>25</weakHashThresholdPct>
<markerName>.stfolder</markerName>
<copyOwnershipFromParent>false</copyOwnershipFromParent>
<modTimeWindowS>0</modTimeWindowS>
<maxConcurrentWrites>2</maxConcurrentWrites>
<disableFsync>false</disableFsync>
<blockPullOrder>standard</blockPullOrder>
<copyRangeMethod>standard</copyRangeMethod>
<caseSensitiveFS>false</caseSensitiveFS>
<junctionsAsDirs>false</junctionsAsDirs>
<syncOwnership>false</syncOwnership>
<sendOwnership>false</sendOwnership>
<syncXattrs>false</syncXattrs>
<sendXattrs>false</sendXattrs>
</folder> </folder>
{%- endfor %} {%- endfor %}
@ -56,20 +24,12 @@
name="{{ device.name }}" name="{{ device.name }}"
compression="metadata"> compression="metadata">
<address>{{ device.address }}</address> <address>{{ device.address }}</address>
<paused>false</paused>
<autoAcceptFolders>false</autoAcceptFolders>
<maxSendKbps>0</maxSendKbps>
<maxRecvKbps>0</maxRecvKbps>
<maxRequestKiB>0</maxRequestKiB>
<untrusted>false</untrusted> <untrusted>false</untrusted>
<remoteGUIPort>0</remoteGUIPort>
<numConnections>0</numConnections>
</device> </device>
{%- endfor %} {%- endfor %}
<gui enabled="true" tls="true" debugging="false"> <gui enabled="true" tls="true" debugging="false">
<address>{{ syncthing_listen_address }}:{{ syncthing_gui_port }}</address> <address>{{ syncthing_listen_address }}:{{ syncthing_gui_port }}</address>
<apikey>{{ syncthing_api_key }}</apikey>
<theme>default</theme> <theme>default</theme>
<insecureAdminAccess>true</insecureAdminAccess> <insecureAdminAccess>true</insecureAdminAccess>
</gui> </gui>
@ -77,76 +37,4 @@
<options> <options>
<listenAddress>tcp://{{ syncthing_listen_address }}:{{ syncthing_protocol_port }}</listenAddress> <listenAddress>tcp://{{ syncthing_listen_address }}:{{ syncthing_protocol_port }}</listenAddress>
</options> </options>
<defaults>
<folder
id=""
label=""
path="~"
type="sendreceive"
rescanIntervalS="3600"
fsWatcherEnabled="true"
fsWatcherDelayS="10"
fsWatcherTimeoutS="0"
ignorePerms="false"
autoNormalize="true">
<filesystemType>basic</filesystemType>
<device id="S7UKX27-GI7ZTXS-GC6RKUA-7AJGZ44-C6NAYEB-HSKTJQK-KJHU2NO-CWV7EQW" introducedBy="">
<encryptionPassword></encryptionPassword>
</device>
<minDiskFree unit="%">1</minDiskFree>
<versioning>
<cleanupIntervalS>3600</cleanupIntervalS>
<fsPath></fsPath>
<fsType>basic</fsType>
</versioning>
<copiers>0</copiers>
<pullerMaxPendingKiB>0</pullerMaxPendingKiB>
<hashers>0</hashers>
<order>random</order>
<ignoreDelete>false</ignoreDelete>
<scanProgressIntervalS>0</scanProgressIntervalS>
<pullerPauseS>0</pullerPauseS>
<maxConflicts>10</maxConflicts>
<disableSparseFiles>false</disableSparseFiles>
<disableTempIndexes>false</disableTempIndexes>
<paused>false</paused>
<weakHashThresholdPct>25</weakHashThresholdPct>
<markerName>.stfolder</markerName>
<copyOwnershipFromParent>false</copyOwnershipFromParent>
<modTimeWindowS>0</modTimeWindowS>
<maxConcurrentWrites>2</maxConcurrentWrites>
<disableFsync>false</disableFsync>
<blockPullOrder>standard</blockPullOrder>
<copyRangeMethod>standard</copyRangeMethod>
<caseSensitiveFS>false</caseSensitiveFS>
<junctionsAsDirs>false</junctionsAsDirs>
</folder>
<device
id=""
compression="metadata"
introducer="false"
skipIntroductionRemovals="false"
introducedBy="">
<address>dynamic</address>
<paused>false</paused>
<autoAcceptFolders>false</autoAcceptFolders>
<maxSendKbps>0</maxSendKbps>
<maxRecvKbps>0</maxRecvKbps>
<maxRequestKiB>0</maxRequestKiB>
<untrusted>false</untrusted>
<remoteGUIPort>0</remoteGUIPort>
<numConnections>0</numConnections>
</device>
<ignores>
<line>(?d).DS_Store</line>
</ignores>
</defaults>
</configuration> </configuration>