diff --git a/ansible.cfg b/ansible.cfg index 32fe937..5ec08e7 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,6 +1,5 @@ [defaults] roles_path = ./roles -inventory = inventory.yml ask_vault_pass = true [privilege_escalation] diff --git a/files/personal/desktop/wireguard/default/desktop.key b/files/desktop/wireguard/default/desktop.key similarity index 100% rename from files/personal/desktop/wireguard/default/desktop.key rename to files/desktop/wireguard/default/desktop.key diff --git a/files/personal/desktop/wireguard/default/desktop.pub b/files/desktop/wireguard/default/desktop.pub similarity index 100% rename from files/personal/desktop/wireguard/default/desktop.pub rename to files/desktop/wireguard/default/desktop.pub diff --git a/files/personal/desktop/wireguard/default/preshared.psk b/files/desktop/wireguard/default/preshared.psk similarity index 100% rename from files/personal/desktop/wireguard/default/preshared.psk rename to files/desktop/wireguard/default/preshared.psk diff --git a/files/desktop/wireguard/media/desktop.key b/files/desktop/wireguard/media/desktop.key new file mode 100644 index 0000000..8782234 --- /dev/null +++ b/files/desktop/wireguard/media/desktop.key @@ -0,0 +1,7 @@ +$ANSIBLE_VAULT;1.1;AES256 +62383364643761623739623632633261343735343465336235386336333234656631363432623535 +6562623634363937356137616131396264633161363461340a343432363362346664646161656563 +35623334326238326135646261666330666531633831656564396139666261623937626338386632 +3233333039623039640a383931633539363238326164643365316236326435643537303866373835 +66393465663364303134376566623736636664353031336537663036636462613766343739336331 +6438643538326533313433616438386165626537373162393430 diff --git a/files/desktop/wireguard/media/desktop.pub b/files/desktop/wireguard/media/desktop.pub new file mode 100644 index 0000000..640bf96 --- /dev/null +++ b/files/desktop/wireguard/media/desktop.pub @@ -0,0 +1 @@ +YDH5lZcxUHM4AU2ZxQrFqjDIV2Z7PSUQKMcYXLExV0E= diff --git a/files/desktop/wireguard/media/preshared.psk b/files/desktop/wireguard/media/preshared.psk new file mode 100644 index 0000000..8e41aac --- /dev/null +++ b/files/desktop/wireguard/media/preshared.psk @@ -0,0 +1,7 @@ +$ANSIBLE_VAULT;1.1;AES256 +34303432393930626266313563613636343439623631633163656532363631313039386231623936 +3336636666626237316532346230303961323263613161320a383436636634376162353863386161 +36663064366461333335613633316630633335666335613464333863656536623230383262623733 +3065363835666231630a616362333233643637613762313437626366363365313831363661313336 +66373966656534646462653833343935623466613662333932666666366430663061366261396330 +3064636536643933613738356461313135363033633366396130 diff --git a/files/personal/gpg/gpg_key b/files/gpg_key similarity index 100% rename from files/personal/gpg/gpg_key rename to files/gpg_key diff --git a/files/personal/gpg/gpg_pub b/files/gpg_pub similarity index 100% rename from files/personal/gpg/gpg_pub rename to files/gpg_pub diff --git a/files/personal/xps/wireguard/default/xps.key b/files/laptop/wireguard/default/laptop.key similarity index 100% rename from files/personal/xps/wireguard/default/xps.key rename to files/laptop/wireguard/default/laptop.key diff --git a/files/personal/xps/wireguard/default/xps.pub b/files/laptop/wireguard/default/laptop.pub similarity index 100% rename from files/personal/xps/wireguard/default/xps.pub rename to files/laptop/wireguard/default/laptop.pub diff --git a/files/personal/xps/wireguard/default/preshared.psk b/files/laptop/wireguard/default/preshared.psk similarity index 100% rename from files/personal/xps/wireguard/default/preshared.psk rename to files/laptop/wireguard/default/preshared.psk diff --git a/files/laptop/wireguard/media/laptop.key b/files/laptop/wireguard/media/laptop.key new file mode 100644 index 0000000..939f255 --- /dev/null +++ b/files/laptop/wireguard/media/laptop.key @@ -0,0 +1,7 @@ +$ANSIBLE_VAULT;1.1;AES256 +64663539393065396333623165623833636539633932306437363365656532343565643866616532 +6562373233633237623761376234336331373637393431380a386261306438393837633037383464 +64623965376138313665393239346138383230383565626264393635303835396537663865313237 +6431313635333030390a646466303961663932353830366235643762393039396531316465333837 +61613264356263616332633334386532303761353536663033373639626634396164623335626566 +3632373266313435646338343738656663356635623138623939 diff --git a/files/laptop/wireguard/media/laptop.pub b/files/laptop/wireguard/media/laptop.pub new file mode 100644 index 0000000..aec0b05 --- /dev/null +++ b/files/laptop/wireguard/media/laptop.pub @@ -0,0 +1 @@ +hI4rqlv2afs4RJkt5xR+dYxQODSd6lR0OqWJRlnQdjM= diff --git a/files/laptop/wireguard/media/preshared.psk b/files/laptop/wireguard/media/preshared.psk new file mode 100644 index 0000000..ca1d895 --- /dev/null +++ b/files/laptop/wireguard/media/preshared.psk @@ -0,0 +1,7 @@ +$ANSIBLE_VAULT;1.1;AES256 +63643763346434313734663761386539393032613366626230373862643431613963633664353264 +6466616235653963643861643439633537656439363735330a366439356537386662353431643163 +33363830646433336366353363623835373639383663633837313030393162643931353331633133 +6534363438303261320a333364313534336465616336386337383935353631646361623866326232 +64373139636633393236303335396138326638333635663839663734346463303739646431353437 +3838653361383663633632363862306565643531353066623336 diff --git a/files/tmux_start b/files/tmux_start index 56d5770..4e6646d 100755 --- a/files/tmux_start +++ b/files/tmux_start @@ -1,8 +1,16 @@ #!/bin/bash MAIN="main" +DEVELOPMENT="development" tmux start-server tmux new-session -ds $MAIN tmux new-window +tmux new-window +tmux select-window -t 0 + +tmux new-session -ds $DEVELOPMENT +tmux new-window +tmux new-window +tmux new-window tmux select-window -t 0 diff --git a/group_vars/personal/system.yml b/group_vars/personal/system.yml deleted file mode 100644 index f3e9732..0000000 --- a/group_vars/personal/system.yml +++ /dev/null @@ -1,39 +0,0 @@ -packages: - - keepassxc - - gimp - - nftables - - okular - - postgresql - - plasma-meta - - wezterm - - tmux - - unrar - - vim - - git - - openssl - - kmail - - iproute2 - - curl - - reflector - - pipewire - - pipewire-pulse - - pipewire-alsa - - merkuro - - kmail - - otf-monaspace-nerd - - systemd-ukify - - efibootmgr - - git-delta - - aspell-nl - - aspell-en - - # custom packages - - firefox - - mpv - - youtube-dl - - nfs-utils - - syncthing - - mpd - - wireguard-tools - -vpn_config_dir: '/etc/wireguard' diff --git a/handlers.yml b/handlers.yml index 0af528a..23ae9bb 100644 --- a/handlers.yml +++ b/handlers.yml @@ -57,6 +57,7 @@ name: iwd state: restarted enabled: true + when: platform == "laptop" - name: stop mpd service systemd: diff --git a/host_vars/xps/system.yml b/host_vars/xps/system.yml deleted file mode 100644 index 23170ef..0000000 --- a/host_vars/xps/system.yml +++ /dev/null @@ -1,61 +0,0 @@ -packages: - - keepassxc - - gimp - - nftables - - okular - - postgresql - - plasma-meta - - wezterm - - tmux - - unrar - - vim - - git - - openssl - - kmail - - iproute2 - - curl - - reflector - - pipewire - - pipewire-pulse - - pipewire-alsa - - merkuro - - kmail - - otf-monaspace-nerd - - systemd-ukify - - efibootmgr - - git-delta - - aspell-nl - - aspell-en - - # custom packages - - firefox - - mpv - - youtube-dl - - nfs-utils - - syncthing - - mpd - - wireguard-tools - - # custom host packages - - iwd - - nvidia - - nvidia-prime - - nvidia-utils - - lib32-nvidia-utils - -boot_configuration: - disk: /dev/nvme0n1 - partition: 1 - -mkinitcpio_templates: - - src: 'templates/personal/xps/mkinitcpio/1-modules.conf.j2' - dest: '/etc/mkinitcpio.conf.d/1-modules.conf' - - - src: 'templates/personal/xps/mkinitcpio/2-hooks.conf.j2' - dest: '/etc/mkinitcpio.conf.d/2-hooks.conf' - - - src: 'templates/personal/xps/mkinitcpio/linux.preset.j2' - dest: '/etc/mkinitcpio.d/linux.preset' - - - src: 'templates/personal/xps/mkinitcpio/linux-lts.preset.j2' - dest: '/etc/mkinitcpio.d/linux-lts.preset' diff --git a/inventory.yml b/inventory.yml deleted file mode 100644 index 610f4b7..0000000 --- a/inventory.yml +++ /dev/null @@ -1,6 +0,0 @@ -personal: - hosts: - xps: - ansible_connection: local - desktop: - ansible_connection: local diff --git a/playbook.yml b/playbook.yml index a604be7..155fbe1 100644 --- a/playbook.yml +++ b/playbook.yml @@ -1,21 +1,61 @@ - name: Arch Linux provisioning - hosts: - - xps - - desktop - gather_facts: true + hosts: localhost + pre_tasks: + - name: Install shared packages + become: true + community.general.pacman: + name: '{{ packages }}' + + - name: Platform vars + tags: platform_vars + block: + - name: Detect platform + ansible.builtin.command: laptop-detect + register: is_laptop + failed_when: is_laptop.rc == 2 + + - name: Set platform (desktop) + ansible.builtin.set_fact: + platform: desktop + when: is_laptop.rc == 1 + + - name: Set platform (laptop) + ansible.builtin.set_fact: + platform: laptop + when: is_laptop.rc == 0 + + - name: Load desktop specific vars + ansible.builtin.include_vars: + dir: vars/desktop + when: platform == 'desktop' + + - name: Load laptop specific vars + ansible.builtin.include_vars: + dir: vars/laptop + when: platform == 'laptop' + + - name: Install platform specific packages + become: true + community.general.pacman: + name: '{{ platform_packages }}' + when: platform_packages | length > 0 roles: - common tasks: - - name: Verifying that a limit is set - ansible.builtin.fail: - msg: 'This playbook cannot be run with no limit' - run_once: true - when: ansible_limit is not defined - - name: Generic provisioning ansible.builtin.import_tasks: 'tasks/setup.yml' tags: setup + - name: Desktop provisioning + ansible.builtin.import_tasks: 'tasks/setup-desktop.yml' + when: platform == 'desktop' + tags: laptop + + - name: Laptop provisioning + ansible.builtin.import_tasks: 'tasks/setup-laptop.yml' + when: platform == 'laptop' + tags: laptop + - name: Network provisioning ansible.builtin.import_tasks: 'tasks/network.yml' tags: network @@ -24,46 +64,33 @@ ansible.builtin.import_tasks: 'tasks/systemd.yml' tags: systemd - # TODO: move to development playbook - name: Git provisioning ansible.builtin.import_tasks: 'tasks/git.yml' tags: git + - name: MPV provisioning + ansible.builtin.import_tasks: 'tasks/mpv.yml' + tags: mpv + + - name: MPD provisioning + ansible.builtin.import_tasks: 'tasks/mpd.yml' + tags: mpd + + - name: Syncthing provisioning + ansible.builtin.import_tasks: 'tasks/syncthing.yml' + tags: syncthing + - name: Systemd timer provisioning ansible.builtin.import_tasks: 'tasks/timer.yml' tags: timers - - name: Personal provisiong - when: "'personal' in group_names" - block: - - name: Wireguard provisioning - ansible.builtin.import_tasks: 'tasks/personal/wireguard.yml' - tags: wireguard - - - name: MPV provisioning - ansible.builtin.import_tasks: 'tasks/personal/mpv.yml' - tags: mpv - - - name: MPD provisioning - ansible.builtin.import_tasks: 'tasks/personal/mpd.yml' - tags: mpd - - - name: Syncthing provisioning - ansible.builtin.import_tasks: 'tasks/personal/syncthing.yml' - tags: syncthing - - - name: Desktop provisioning - ansible.builtin.import_tasks: 'tasks/personal/desktop.yml' - when: ansible_hostname == 'desktop' - tags: desktop - - - name: XPS provisioning - ansible.builtin.import_tasks: 'tasks/personal/xps.yml' - when: ansible_hostname == 'xps' - tags: xps handlers: - name: Import default handlers ansible.builtin.import_tasks: 'handlers.yml' - name: Import common role handlers ansible.builtin.import_tasks: 'roles/common/handlers/user.yml' + vars_files: + - 'vars/main.yml' + - 'vars/gpg.yml' + - 'vars/mpd.yml' diff --git a/tasks/git.yml b/tasks/git.yml index a375d3b..3b07f8f 100644 --- a/tasks/git.yml +++ b/tasks/git.yml @@ -1,28 +1,24 @@ -- name: Copy git configuration - ansible.builtin.template: +- name: copy git configuration + template: src: 'templates/gitconfig.j2' dest: '{{ ansible_env.HOME }}/.gitconfig' - mode: '0755' -- name: Copy keys - ansible.builtin.copy: +- name: copy keys + copy: src: '{{ item.src }}' dest: '{{ item.dest }}' - mode: '0755' loop: - - src: 'files/personal/gpg/gpg_key' - dest: '{{ ansible_env.HOME }}/gpg.key' - - src: 'files/personal/gpg/gpg_pub' - dest: '{{ ansible_env.HOME }}/gpg.pub' + - { src: 'files/gpg_key', dest: '{{ ansible_env.HOME }}/gpg.key' } + - { src: 'files/gpg_pub', dest: '{{ ansible_env.HOME }}/gpg.pub' } -- name: Import secret key - ansible.builtin.command: 'gpg --passphrase {{ gpg_passphrase }} --import ~/gpg.key' +- name: import secret key + command: 'gpg --passphrase {{ gpg_passphrase }} --import ~/gpg.key' -- name: Import public key - ansible.builtin.command: 'gpg --import ~/gpg.pub' +- name: import public key + command: 'gpg --import ~/gpg.pub' -- name: Remove temp keys - ansible.builtin.file: +- name: remove temp keys + file: path: '{{ item }}' state: absent loop: diff --git a/tasks/personal/mpd.yml b/tasks/mpd.yml similarity index 87% rename from tasks/personal/mpd.yml rename to tasks/mpd.yml index 8126cf1..08de7d4 100644 --- a/tasks/personal/mpd.yml +++ b/tasks/mpd.yml @@ -4,10 +4,10 @@ dest: '{{ item.dest }}' mode: '0644' loop: - - src: 'templates/personal/mpd/service.j2' + - src: 'templates/mpd/service.j2' dest: '{{ xdg_config_dir }}/systemd/user/mpd.service' - - src: 'templates/personal/mpd/socket.j2' + - src: 'templates/mpd/socket.j2' dest: '{{ xdg_config_dir }}/systemd/user/mpd.socket' notify: - stop mpd service @@ -34,7 +34,6 @@ ansible.builtin.file: path: '{{ item.path }}' state: '{{ item.state }}' - mode: '0755' loop: - path: '{{ mpd_configuration_dir }}/log' state: 'absent' @@ -51,11 +50,11 @@ dest: '{{ item.dest }}' mode: '0755' loop: - - src: 'templates/personal/mpd/mpd.conf.j2' + - src: 'templates/mpd/mpd.conf.j2' dest: '{{ mpd_configuration_dir }}/mpd.conf' - - src: 'templates/personal/mpd/ncmpcpp/config.j2' + - src: 'templates/mpd/ncmpcpp/config.j2' dest: '{{ ncmpcpp_configuration_dir }}/config' - - src: 'templates/personal/mpd/ncmpcpp/bindings.j2' + - src: 'templates/mpd/ncmpcpp/bindings.j2' dest: '{{ ncmpcpp_configuration_dir }}/bindings' notify: - stop mpd service diff --git a/tasks/mpv.yml b/tasks/mpv.yml new file mode 100644 index 0000000..c0e8a8a --- /dev/null +++ b/tasks/mpv.yml @@ -0,0 +1,20 @@ +- name: create configuration directory + file: + path: '{{ ansible_env.HOME }}/.config/mpv' + state: directory + mode: '0700' + +- name: copy configuration files + template: + src: '{{ item.src }}' + dest: '{{ item.dest }}' + mode: '0644' + loop: + - { + src: 'templates/mpv/input.j2', + dest: '{{ ansible_env.HOME }}/.config/mpv/input.conf', + } + - { + src: 'templates/mpv/config.j2', + dest: '{{ ansible_env.HOME }}/.config/mpv/mpv.conf', + } diff --git a/tasks/network.yml b/tasks/network.yml index d00a814..feec18b 100644 --- a/tasks/network.yml +++ b/tasks/network.yml @@ -3,25 +3,67 @@ # using `wg set wg0 peer izHzmRwh2yzICps6pFI2Bg3TnmTD66/8uH4loJpkuD4= endpoint :` # for example. -- name: Copy firewall template +- name: Create Wireguard directories become: true - ansible.builtin.template: - src: "{{ lookup('ansible.builtin.first_found', paths) }}" - dest: '/etc/nftables.conf' + ansible.builtin.file: + path: '{{ item }}' owner: root - group: root - mode: '0600' - vars: - paths: - - 'templates/{{ ansible_hostname }}/nftables.j2' - - 'templates/{{ group_names[0] }}/{{ ansible_hostname }}/nftables.j2' - notify: restart nftables + group: systemd-network + mode: '0750' + state: directory + recurse: true + loop: + - '{{ vpn_config_dir }}' + - '{{ vpn_default.private_key_path | dirname }}' + - '{{ vpn_default.public_key_path | dirname }}' + - '{{ vpn_media.private_key_path | dirname }}' + - '{{ vpn_media.public_key_path | dirname }}' + notify: + - restart systemd-networkd + - restart systemd-resolved + +- name: Copy Wireguard credentials + become: true + ansible.builtin.copy: + src: '{{ item.src }}' + dest: '{{ item.dest }}' + owner: root + group: systemd-network + mode: '0640' + loop: + - dest: '{{ vpn_default.public_key_path }}' + src: 'files/{{ platform }}/wireguard/default/{{ platform }}.pub' + + - dest: '{{ vpn_default.private_key_path }}' + src: 'files/{{ platform }}/wireguard/default/{{ platform }}.key' + + - dest: '{{ vpn_media.public_key_path }}' + src: 'files/{{ platform }}/wireguard/media/{{ platform }}.pub' + + - dest: '{{ vpn_media.private_key_path }}' + src: 'files/{{ platform }}/wireguard/media/{{ platform }}.key' + notify: + - restart systemd-networkd + - restart systemd-resolved + +- name: Copy Wireguard preshared keys + become: true + ansible.builtin.copy: + src: '{{ item.preshared_key_source_path }}' + dest: '{{ item.preshared_key_path }}' + owner: root + group: systemd-network + mode: '0640' + loop: '{{ vpn_default.peers + vpn_media.peers }}' + notify: + - restart systemd-networkd + - restart systemd-resolved - name: Desktop configuration notify: - restart systemd-networkd - restart systemd-resolved - when: ansible_hostname == 'desktop' + when: platform == "desktop" block: - name: Setup network configuration become: true @@ -32,9 +74,21 @@ group: systemd-network mode: '0640' loop: - - src: 'templates/personal/desktop/network/enp.network.j2' + - src: 'templates/desktop/network/enp.network.j2' dest: '/etc/systemd/network/20-wired.network' + - src: 'templates/desktop/network/wg0.network.j2' + dest: '/etc/systemd/network/40-wg0.network' + + - src: 'templates/desktop/network/wg0.netdev.j2' + dest: '/etc/systemd/network/40-wg0.netdev' + + - src: 'templates/desktop/network/wg1.network.j2' + dest: '/etc/systemd/network/40-wg1.network' + + - src: 'templates/desktop/network/wg1.netdev.j2' + dest: '/etc/systemd/network/40-wg1.netdev' + - name: Remove leftover configuration files become: true ansible.builtin.file: @@ -44,12 +98,12 @@ - '/etc/systemd/network/30-vmbr0.network' - '/etc/systemd/network/30-vmbr0.netdev' -- name: XPS configuration +- name: Laptop configuration notify: - restart systemd-networkd - restart systemd-resolved - restart iwd - when: ansible_hostname == 'xps' + when: platform == "laptop" block: - name: Setup network configuration become: true @@ -60,9 +114,21 @@ group: systemd-network mode: '0640' loop: - - src: 'templates/personal/xps/network/wireless.network.j2' + - src: 'templates/laptop/network/wireless.network.j2' dest: '/etc/systemd/network/20-wireless.network' + - src: 'templates/laptop/network/wg0.network.j2' + dest: '/etc/systemd/network/40-wg0.network' + + - src: 'templates/laptop/network/wg0.netdev.j2' + dest: '/etc/systemd/network/40-wg0.netdev' + + - src: 'templates/laptop/network/wg1.network.j2' + dest: '/etc/systemd/network/40-wg1.network' + + - src: 'templates/laptop/network/wg1.netdev.j2' + dest: '/etc/systemd/network/40-wg1.netdev' + - name: Remove leftover configuration files become: true ansible.builtin.file: @@ -71,3 +137,13 @@ loop: - '/etc/systemd/network/30-vmbr0.network' - '/etc/systemd/network/30-vmbr0.netdev' + +- name: Copy firewall template + become: true + ansible.builtin.template: + src: 'templates/{{ platform }}/nftables.j2' + dest: '/etc/nftables.conf' + owner: root + group: root + mode: '0600' + notify: restart nftables diff --git a/tasks/personal/mpv.yml b/tasks/personal/mpv.yml deleted file mode 100644 index 3b1e48f..0000000 --- a/tasks/personal/mpv.yml +++ /dev/null @@ -1,16 +0,0 @@ -- name: Create configuration directory - ansible.builtin.file: - path: '{{ ansible_env.HOME }}/.config/mpv' - state: directory - mode: '0700' - -- name: Copy configuration files - ansible.builtin.template: - src: '{{ item.src }}' - dest: '{{ item.dest }}' - mode: '0644' - loop: - - src: 'templates/personal/mpv/input.j2' - dest: '{{ ansible_env.HOME }}/.config/mpv/input.conf' - - src: 'templates/personal/mpv/config.j2' - dest: '{{ ansible_env.HOME }}/.config/mpv/mpv.conf' diff --git a/tasks/personal/wireguard.yml b/tasks/personal/wireguard.yml deleted file mode 100644 index 81657ea..0000000 --- a/tasks/personal/wireguard.yml +++ /dev/null @@ -1,112 +0,0 @@ -# Note: Only compatible with personal group - -- name: Create Wireguard directories - become: true - ansible.builtin.file: - path: '{{ item }}' - owner: root - group: systemd-network - mode: '0750' - state: directory - recurse: true - loop: - - '{{ vpn_config_dir }}' - - '{{ vpn_default.private_key_path | dirname }}' - - '{{ vpn_default.public_key_path | dirname }}' - - '{{ vpn_media.private_key_path | dirname }}' - - '{{ vpn_media.public_key_path | dirname }}' - notify: - - restart systemd-networkd - - restart systemd-resolved - -- name: Copy Wireguard credentials - become: true - ansible.builtin.copy: - src: '{{ item.src }}' - dest: '{{ item.dest }}' - owner: root - group: systemd-network - mode: '0640' - loop: - - dest: '{{ vpn_default.public_key_path }}' - src: 'files/personal/{{ ansible_hostname }}/wireguard/default/{{ ansible_hostname }}.pub' - - - dest: '{{ vpn_default.private_key_path }}' - src: 'files/personal/{{ ansible_hostname }}/wireguard/default/{{ ansible_hostname }}.key' - - - dest: '{{ vpn_media.public_key_path }}' - src: 'files/personal/{{ ansible_hostname }}/wireguard/media/{{ ansible_hostname }}.pub' - - - dest: '{{ vpn_media.private_key_path }}' - src: 'files/personal/{{ ansible_hostname }}/wireguard/media/{{ ansible_hostname }}.key' - notify: - - restart systemd-networkd - - restart systemd-resolved - -- name: Copy Wireguard preshared keys - become: true - ansible.builtin.copy: - src: '{{ item.preshared_key_source_path }}' - dest: '{{ item.preshared_key_path }}' - owner: root - group: systemd-network - mode: '0640' - loop: '{{ vpn_default.peers + vpn_media.peers }}' - notify: - - restart systemd-networkd - - restart systemd-resolved - -- name: Desktop configuration - notify: - - restart systemd-networkd - - restart systemd-resolved - when: ansible_hostname == 'desktop' - block: - - name: Setup network configuration - become: true - ansible.builtin.template: - src: '{{ item.src }}' - dest: '{{ item.dest }}' - owner: root - group: systemd-network - mode: '0640' - loop: - - src: 'templates/personal/desktop/network/wg0.network.j2' - dest: '/etc/systemd/network/40-wg0.network' - - - src: 'templates/personal/desktop/network/wg0.netdev.j2' - dest: '/etc/systemd/network/40-wg0.netdev' - - - src: 'templates/personal/desktop/network/wg1.network.j2' - dest: '/etc/systemd/network/40-wg1.network' - - - src: 'templates/personal/desktop/network/wg1.netdev.j2' - dest: '/etc/systemd/network/40-wg1.netdev' - -- name: XPS configuration - notify: - - restart systemd-networkd - - restart systemd-resolved - - restart iwd - when: ansible_hostname == 'xps' - block: - - name: Setup network configuration - become: true - ansible.builtin.template: - src: '{{ item.src }}' - dest: '{{ item.dest }}' - owner: root - group: systemd-network - mode: '0640' - loop: - - src: 'templates/personal/xps/network/wg0.network.j2' - dest: '/etc/systemd/network/40-wg0.network' - - - src: 'templates/personal/xps/network/wg0.netdev.j2' - dest: '/etc/systemd/network/40-wg0.netdev' - - - src: 'templates/personal/xps/network/wg1.network.j2' - dest: '/etc/systemd/network/40-wg1.network' - - - src: 'templates/personal/xps/network/wg1.netdev.j2' - dest: '/etc/systemd/network/40-wg1.netdev' diff --git a/tasks/platform.yml b/tasks/platform.yml new file mode 100644 index 0000000..bad51f3 --- /dev/null +++ b/tasks/platform.yml @@ -0,0 +1,24 @@ +- name: Detect platform + ansible.builtin.command: laptop-detect + register: is_laptop + failed_when: is_laptop.rc == 2 + +- name: Set platform (desktop) + ansible.builtin.set_fact: + platform: 'desktop' + when: is_laptop.rc == 1 + +- name: Set platform (laptop) + ansible.builtin.set_fact: + platform: 'laptop' + when: is_laptop.rc == 0 + +- name: Load desktop specific vars + ansible.builtin.include_vars: + dir: vars/desktop + when: platform == "desktop" + +- name: Load laptop specific vars + ansible.builtin.include_vars: + dir: vars/laptop + when: platform == "laptop" diff --git a/tasks/personal/desktop.yml b/tasks/setup-desktop.yml similarity index 67% rename from tasks/personal/desktop.yml rename to tasks/setup-desktop.yml index 7ebea99..f06ec16 100644 --- a/tasks/personal/desktop.yml +++ b/tasks/setup-desktop.yml @@ -1,12 +1,10 @@ - name: Create xdg-desktop-portal.service.d directory - ansible.builtin.file: + file: path: '{{ xdg_config_dir }}/systemd/user/xdg-desktop-portal.service.d' state: directory - mode: '0755' - name: Copy xdg-desktop-portal.service drop-in - ansible.builtin.template: - src: templates/personal/desktop/xdg-desktop-portal.service.j2 + template: + src: templates/desktop/xdg-desktop-portal.service.j2 dest: '{{ xdg_config_dir }}/systemd/user/xdg-desktop-portal.service.d/override.conf' - mode: '0755' notify: user daemon-reload diff --git a/tasks/personal/xps.yml b/tasks/setup-laptop.yml similarity index 79% rename from tasks/personal/xps.yml rename to tasks/setup-laptop.yml index 10b48b2..01517f4 100644 --- a/tasks/personal/xps.yml +++ b/tasks/setup-laptop.yml @@ -1,7 +1,7 @@ - name: Provision powertop systemd service become: true ansible.builtin.template: - src: 'templates/personal/xps/powertop.service.j2' + src: 'templates/laptop/powertop.service.j2' dest: '/etc/systemd/system/powertop.service' owner: root group: root diff --git a/tasks/setup.yml b/tasks/setup.yml index 197cfb0..0833f95 100644 --- a/tasks/setup.yml +++ b/tasks/setup.yml @@ -1,183 +1,166 @@ -- name: Provision pollkit administrator configuration +- name: copy reflector configuration become: true - ansible.builtin.template: - src: 'templates/polkit.j2' - dest: '/etc/polkit-1/rules.d/49-nopasswd_global.rules' - mode: '0755' - -- name: Install shared packages - become: true - community.general.pacman: - name: '{{ packages }}' - -- name: Copy reflector configuration - become: true - ansible.builtin.template: + template: src: 'templates/reflector.j2' dest: '/etc/xdg/reflector/reflector.conf' + owner: root + group: root mode: '0600' # started by weekly timer -- name: Disable reflector +- name: disable reflector become: true - ansible.builtin.systemd: + systemd: name: reflector state: stopped enabled: false -- name: Copy pacman configuration +- name: copy pacman configuration become: true - ansible.builtin.template: + template: src: 'templates/pacman.j2' dest: '/etc/pacman.conf' owner: root group: root mode: '0644' -- name: Create extra conf +- name: create extra conf become: true - ansible.builtin.file: + file: path: '/etc/pacman.d/extra.conf' owner: root group: root state: touch mode: '0644' -- name: Create wezterm configuration dir - ansible.builtin.file: +- name: create wezterm configuration dir + file: path: '{{ xdg_config_dir }}/wezterm/includes' state: directory - mode: '0755' -- name: Copy wezterm configuration files - ansible.builtin.template: +- name: copy wezterm configuration files + template: src: '{{ item.src }}' dest: '{{ item.dest }}' - mode: '0755' loop: - - src: 'templates/wezterm/wezterm.lua.j2' - dest: '{{ xdg_config_dir }}/wezterm/wezterm.lua' + - { + src: 'templates/wezterm/wezterm.lua.j2', + dest: '{{ xdg_config_dir }}/wezterm/wezterm.lua' + } + - { + src: 'templates/wezterm/includes/colors.lua.j2', + dest: '{{ xdg_config_dir }}/wezterm/includes/colors.lua' + } + - { + src: 'templates/wezterm/includes/fonts.lua.j2', + dest: '{{ xdg_config_dir }}/wezterm/includes/fonts.lua' + } + - { + src: 'templates/wezterm/includes/window.lua.j2', + dest: '{{ xdg_config_dir }}/wezterm/includes/window.lua' + } - - src: 'templates/wezterm/includes/colors.lua.j2' - dest: '{{ xdg_config_dir }}/wezterm/includes/colors.lua' - - - src: 'templates/wezterm/includes/fonts.lua.j2' - dest: '{{ xdg_config_dir }}/wezterm/includes/fonts.lua' - - - src: 'templates/wezterm/includes/window.lua.j2' - dest: '{{ xdg_config_dir }}/wezterm/includes/window.lua' - -- name: Enable fstrim timer +- name: enable fstrim timer become: true - ansible.builtin.systemd: + systemd: name: fstrim.timer enabled: true -- name: Remove the sysctl.d directory +- name: remove the sysctl.d directory become: true - ansible.builtin.file: + file: path: /etc/sysctl.d state: absent -- name: Recreate the sysctl.d directory +- name: recreate the sysctl.d directory become: true - ansible.builtin.file: + file: path: /etc/sysctl.d state: directory - mode: '0755' + mode: 755 -- name: Copy sysctl files +- name: copy sysctl files become: true - when: "'personal' not in group_names" - ansible.builtin.template: + template: src: '{{ item.src }}' dest: '{{ item.dest }}' - mode: '0755' loop: - - src: 'templates/sysctl/99-sysrq.conf.j2' - dest: '/etc/sysctl.d/99-sysrq.conf' - - src: 'templates/sysctl/98-forward.conf.j2' - dest: '/etc/sysctl.d/98-foward.conf' + - { + src: 'templates/{{ platform }}/sysctl/99-sysrq.conf.j2', + dest: '/etc/sysctl.d/99-sysrq.conf' + } + - { + src: 'templates/{{ platform }}/sysctl/98-forward.conf.j2', + dest: '/etc/sysctl.d/98-foward.conf' + } notify: reload sysctl configuration -- name: Remove the modprobe.d directory +- name: remove the modprobe.d directory become: true - ansible.builtin.file: + file: path: /etc/modprobe.d state: absent -- name: Recreate the modprobe.d directory +- name: recreate the modprobe.d directory become: true - ansible.builtin.file: + file: path: /etc/modprobe.d state: directory - mode: '0755' + mode: 755 -- name: Copy modprobe configuration files +- name: copy modprobe configuration files become: true - ansible.builtin.template: + template: src: '{{ item.src }}' dest: '{{ item.dest }}' - mode: '0755' loop: '{{ modprobe_templates }}' when: modprobe_templates -- name: Copy kernel parameters template +- name: copy kernel parameters template become: true - when: "'personal' not in group_names" - ansible.builtin.template: - src: 'templates/{{ ansible_hostname }}/cmdline.j2' + template: + src: 'templates/{{ platform }}/cmdline.j2' dest: '/etc/kernel/cmdline' - mode: '0755' -- name: Copy kernel parameters template for personal group +- name: remove the mkinitcpio directories become: true - when: "'personal' in group_names" - ansible.builtin.template: - src: 'templates/personal/{{ ansible_hostname }}/cmdline.j2' - dest: '/etc/kernel/cmdline' - mode: '0755' - -- name: Remove the mkinitcpio directories - become: true - ansible.builtin.file: + file: path: '{{ item }}' state: absent loop: - /etc/mkinitcpio.conf.d - /etc/mkinitcpio.d -- name: Recreate the mkinitcpio directories +- name: recreate the mkinitcpio directories become: true - ansible.builtin.file: + file: path: '{{ item }}' state: directory - mode: '0755' + mode: 755 loop: - /etc/mkinitcpio.conf.d - /etc/mkinitcpio.d -- name: Copy mkinitcpio configuration files +- name: copy mkinitcpio configuration files become: true - ansible.builtin.template: + template: src: '{{ item.src }}' dest: '{{ item.dest }}' - mode: '0755' loop: '{{ mkinitcpio_templates }}' when: mkinitcpio_templates -- name: Regenerate initramfs images +- name: regenerate initramfs images become: true - ansible.builtin.command: 'mkinitcpio --allpresets' + command: 'mkinitcpio --allpresets' register: mkinitcpio_stats -- name: Log mkinitcpio stdout - ansible.builtin.debug: +- name: log mkinitcpio stdout + debug: var: mkinitcpio_stats.stdout_lines -- name: Create a Linux UEFI boot entry +- name: create a Linux UEFI boot entry become: true - ansible.builtin.command: efibootmgr \ + command: efibootmgr \ --create \ --disk '{{ boot_configuration.disk }}' \ --part '{{ boot_configuration.partition }}' \ @@ -188,14 +171,14 @@ register: efi_linux_stats when: register_uefi_entries -- name: Log efibootmgr stdout - ansible.builtin.debug: +- name: log efibootmgr stdout + debug: var: efi_linux_stats.stdout_lines when: register_uefi_entries -- name: Create a Linux LTS UEFI boot entry +- name: create a Linux LTS UEFI boot entry become: true - ansible.builtin.command: efibootmgr \ + command: efibootmgr \ --create \ --disk '{{ boot_configuration.disk }}' \ --part '{{ boot_configuration.partition }}' \ @@ -206,7 +189,7 @@ register: efi_linux_lts_stats when: register_uefi_entries -- name: Log efibootmgr LTS stdout - ansible.builtin.debug: +- name: log efibootmgr LTS stdout + debug: var: efi_linux_lts_stats.stdout_lines when: register_uefi_entries diff --git a/tasks/personal/syncthing.yml b/tasks/syncthing.yml similarity index 100% rename from tasks/personal/syncthing.yml rename to tasks/syncthing.yml diff --git a/tasks/systemd.yml b/tasks/systemd.yml index 4b6e6e5..204acf8 100644 --- a/tasks/systemd.yml +++ b/tasks/systemd.yml @@ -1,18 +1,18 @@ -- name: Setup systemd user service folder - ansible.builtin.file: +- name: setup systemd user service folder + file: path: '{{ xdg_config_dir }}/systemd/user' state: directory mode: '0755' -- name: Add ssh-agent service - ansible.builtin.template: +- name: add ssh-agent service + template: src: 'templates/ssh-agent.j2' dest: '{{ xdg_config_dir }}/systemd/user/ssh-agent.service' mode: '0644' notify: restart user ssh-agent -- name: Copy tmux service - ansible.builtin.template: +- name: copy tmux service + template: src: 'templates/tmux.j2' dest: '{{ xdg_config_dir }}/systemd/user/tmux.service' mode: '0644' @@ -20,8 +20,8 @@ - user daemon-reload - restart tmux service -- name: Copy tmux startup script - ansible.builtin.copy: +- name: copy tmux startup script + copy: src: 'files/tmux_start' dest: '{{ ansible_env.HOME }}/.local/bin/tmux_start' mode: '0740' diff --git a/templates/personal/desktop/cmdline.j2 b/templates/desktop/cmdline.j2 similarity index 100% rename from templates/personal/desktop/cmdline.j2 rename to templates/desktop/cmdline.j2 diff --git a/templates/personal/desktop/mkinitcpio/1-modules.conf.j2 b/templates/desktop/mkinitcpio/1-modules.conf.j2 similarity index 100% rename from templates/personal/desktop/mkinitcpio/1-modules.conf.j2 rename to templates/desktop/mkinitcpio/1-modules.conf.j2 diff --git a/templates/personal/desktop/mkinitcpio/linux-lts.preset.j2 b/templates/desktop/mkinitcpio/linux-lts.preset.j2 similarity index 100% rename from templates/personal/desktop/mkinitcpio/linux-lts.preset.j2 rename to templates/desktop/mkinitcpio/linux-lts.preset.j2 diff --git a/templates/personal/desktop/mkinitcpio/linux.preset.j2 b/templates/desktop/mkinitcpio/linux.preset.j2 similarity index 100% rename from templates/personal/desktop/mkinitcpio/linux.preset.j2 rename to templates/desktop/mkinitcpio/linux.preset.j2 diff --git a/templates/personal/desktop/modprobe/99-amdgpu.conf.j2 b/templates/desktop/modprobe/99-amdgpu.conf.j2 similarity index 100% rename from templates/personal/desktop/modprobe/99-amdgpu.conf.j2 rename to templates/desktop/modprobe/99-amdgpu.conf.j2 diff --git a/templates/personal/desktop/network/enp.network.j2 b/templates/desktop/network/enp.network.j2 similarity index 100% rename from templates/personal/desktop/network/enp.network.j2 rename to templates/desktop/network/enp.network.j2 diff --git a/templates/personal/desktop/network/wg0.netdev.j2 b/templates/desktop/network/wg0.netdev.j2 similarity index 100% rename from templates/personal/desktop/network/wg0.netdev.j2 rename to templates/desktop/network/wg0.netdev.j2 diff --git a/templates/personal/desktop/network/wg0.network.j2 b/templates/desktop/network/wg0.network.j2 similarity index 100% rename from templates/personal/desktop/network/wg0.network.j2 rename to templates/desktop/network/wg0.network.j2 diff --git a/templates/personal/desktop/network/wg1.netdev.j2 b/templates/desktop/network/wg1.netdev.j2 similarity index 100% rename from templates/personal/desktop/network/wg1.netdev.j2 rename to templates/desktop/network/wg1.netdev.j2 diff --git a/templates/personal/desktop/network/wg1.network.j2 b/templates/desktop/network/wg1.network.j2 similarity index 100% rename from templates/personal/desktop/network/wg1.network.j2 rename to templates/desktop/network/wg1.network.j2 diff --git a/templates/personal/desktop/nftables.j2 b/templates/desktop/nftables.j2 similarity index 100% rename from templates/personal/desktop/nftables.j2 rename to templates/desktop/nftables.j2 diff --git a/templates/sysctl/98-forward.conf.j2 b/templates/desktop/sysctl/98-forward.conf.j2 similarity index 100% rename from templates/sysctl/98-forward.conf.j2 rename to templates/desktop/sysctl/98-forward.conf.j2 diff --git a/templates/sysctl/99-sysrq.conf.j2 b/templates/desktop/sysctl/99-sysrq.conf.j2 similarity index 100% rename from templates/sysctl/99-sysrq.conf.j2 rename to templates/desktop/sysctl/99-sysrq.conf.j2 diff --git a/templates/personal/desktop/xdg-desktop-portal.service.j2 b/templates/desktop/xdg-desktop-portal.service.j2 similarity index 100% rename from templates/personal/desktop/xdg-desktop-portal.service.j2 rename to templates/desktop/xdg-desktop-portal.service.j2 diff --git a/templates/personal/xps/cmdline.j2 b/templates/laptop/cmdline.j2 similarity index 100% rename from templates/personal/xps/cmdline.j2 rename to templates/laptop/cmdline.j2 diff --git a/templates/personal/xps/mkinitcpio/1-modules.conf.j2 b/templates/laptop/mkinitcpio/1-modules.conf.j2 similarity index 100% rename from templates/personal/xps/mkinitcpio/1-modules.conf.j2 rename to templates/laptop/mkinitcpio/1-modules.conf.j2 diff --git a/templates/personal/xps/mkinitcpio/2-hooks.conf.j2 b/templates/laptop/mkinitcpio/2-hooks.conf.j2 similarity index 100% rename from templates/personal/xps/mkinitcpio/2-hooks.conf.j2 rename to templates/laptop/mkinitcpio/2-hooks.conf.j2 diff --git a/templates/personal/xps/mkinitcpio/linux-lts.preset.j2 b/templates/laptop/mkinitcpio/linux-lts.preset.j2 similarity index 100% rename from templates/personal/xps/mkinitcpio/linux-lts.preset.j2 rename to templates/laptop/mkinitcpio/linux-lts.preset.j2 diff --git a/templates/personal/xps/mkinitcpio/linux.preset.j2 b/templates/laptop/mkinitcpio/linux.preset.j2 similarity index 100% rename from templates/personal/xps/mkinitcpio/linux.preset.j2 rename to templates/laptop/mkinitcpio/linux.preset.j2 diff --git a/templates/personal/xps/network/wg0.netdev.j2 b/templates/laptop/network/wg0.netdev.j2 similarity index 100% rename from templates/personal/xps/network/wg0.netdev.j2 rename to templates/laptop/network/wg0.netdev.j2 diff --git a/templates/personal/xps/network/wg0.network.j2 b/templates/laptop/network/wg0.network.j2 similarity index 100% rename from templates/personal/xps/network/wg0.network.j2 rename to templates/laptop/network/wg0.network.j2 diff --git a/templates/personal/xps/network/wg1.netdev.j2 b/templates/laptop/network/wg1.netdev.j2 similarity index 100% rename from templates/personal/xps/network/wg1.netdev.j2 rename to templates/laptop/network/wg1.netdev.j2 diff --git a/templates/personal/xps/network/wg1.network.j2 b/templates/laptop/network/wg1.network.j2 similarity index 100% rename from templates/personal/xps/network/wg1.network.j2 rename to templates/laptop/network/wg1.network.j2 diff --git a/templates/personal/xps/network/wireless.network.j2 b/templates/laptop/network/wireless.network.j2 similarity index 100% rename from templates/personal/xps/network/wireless.network.j2 rename to templates/laptop/network/wireless.network.j2 diff --git a/templates/personal/xps/nftables.j2 b/templates/laptop/nftables.j2 similarity index 100% rename from templates/personal/xps/nftables.j2 rename to templates/laptop/nftables.j2 diff --git a/templates/personal/xps/powertop.service.j2 b/templates/laptop/powertop.service.j2 similarity index 100% rename from templates/personal/xps/powertop.service.j2 rename to templates/laptop/powertop.service.j2 diff --git a/templates/laptop/sysctl/98-forward.conf.j2 b/templates/laptop/sysctl/98-forward.conf.j2 new file mode 100644 index 0000000..16f90a8 --- /dev/null +++ b/templates/laptop/sysctl/98-forward.conf.j2 @@ -0,0 +1,2 @@ +# {{ ansible_managed }} +net.ipv4.ip_forward = 1 diff --git a/templates/laptop/sysctl/99-sysrq.conf.j2 b/templates/laptop/sysctl/99-sysrq.conf.j2 new file mode 100644 index 0000000..a4c7283 --- /dev/null +++ b/templates/laptop/sysctl/99-sysrq.conf.j2 @@ -0,0 +1,2 @@ +# {{ ansible_managed }} +kernel.sysrq = 1 diff --git a/templates/personal/mpd/mpd.conf.j2 b/templates/mpd/mpd.conf.j2 similarity index 100% rename from templates/personal/mpd/mpd.conf.j2 rename to templates/mpd/mpd.conf.j2 diff --git a/templates/personal/mpd/ncmpc.j2 b/templates/mpd/ncmpc.j2 similarity index 100% rename from templates/personal/mpd/ncmpc.j2 rename to templates/mpd/ncmpc.j2 diff --git a/templates/personal/mpd/ncmpcpp/bindings.j2 b/templates/mpd/ncmpcpp/bindings.j2 similarity index 100% rename from templates/personal/mpd/ncmpcpp/bindings.j2 rename to templates/mpd/ncmpcpp/bindings.j2 diff --git a/templates/personal/mpd/ncmpcpp/config.j2 b/templates/mpd/ncmpcpp/config.j2 similarity index 100% rename from templates/personal/mpd/ncmpcpp/config.j2 rename to templates/mpd/ncmpcpp/config.j2 diff --git a/templates/personal/mpd/service.j2 b/templates/mpd/service.j2 similarity index 100% rename from templates/personal/mpd/service.j2 rename to templates/mpd/service.j2 diff --git a/templates/personal/mpd/socket.j2 b/templates/mpd/socket.j2 similarity index 100% rename from templates/personal/mpd/socket.j2 rename to templates/mpd/socket.j2 diff --git a/templates/personal/mpv/config.j2 b/templates/mpv/config.j2 similarity index 100% rename from templates/personal/mpv/config.j2 rename to templates/mpv/config.j2 diff --git a/templates/personal/mpv/input.j2 b/templates/mpv/input.j2 similarity index 100% rename from templates/personal/mpv/input.j2 rename to templates/mpv/input.j2 diff --git a/templates/polkit.j2 b/templates/polkit.j2 deleted file mode 100644 index 86a4b5f..0000000 --- a/templates/polkit.j2 +++ /dev/null @@ -1,11 +0,0 @@ -/* {{ ansible_managed }} - * - * Allow members of the wheel group to execute any actions - * without password authentication, similar to "sudo NOPASSWD:" - * without password authentication, similar to "sudo NOPASSWD:" - */ -polkit.addRule(function(action, subject) { - if (subject.isInGroup("wheel")) { - return polkit.Result.YES; - } -}); diff --git a/templates/wezterm/includes/fonts.lua.j2 b/templates/wezterm/includes/fonts.lua.j2 index fb2735d..1f1974c 100644 --- a/templates/wezterm/includes/fonts.lua.j2 +++ b/templates/wezterm/includes/fonts.lua.j2 @@ -8,7 +8,7 @@ return { { weight = 'Regular', stretch = 'Normal', style = 'Normal' } ), - font_size = {{ wezterm_font_size }}, + font_size = 11, freetype_load_target = 'Light', freetype_render_target = 'HorizontalLcd', harfbuzz_features = { diff --git a/host_vars/desktop/syncthing.yml b/vars/desktop/syncthing.yml similarity index 100% rename from host_vars/desktop/syncthing.yml rename to vars/desktop/syncthing.yml diff --git a/host_vars/desktop/system.yml b/vars/desktop/system.yml similarity index 51% rename from host_vars/desktop/system.yml rename to vars/desktop/system.yml index 67054cd..61a2959 100644 --- a/host_vars/desktop/system.yml +++ b/vars/desktop/system.yml @@ -1,15 +1,17 @@ +platform_packages: [] + modprobe_templates: - - src: 'templates/personal/desktop/modprobe/99-amdgpu.conf.j2' + - src: 'templates/desktop/modprobe/99-amdgpu.conf.j2' dest: '/etc/modprobe.d/99-amdgpu.conf' mkinitcpio_templates: - - src: 'templates/personal/desktop/mkinitcpio/1-modules.conf.j2' + - src: 'templates/desktop/mkinitcpio/1-modules.conf.j2' dest: '/etc/mkinitcpio.conf.d/1-amdgpu.conf' - - src: 'templates/personal/desktop/mkinitcpio/linux.preset.j2' + - src: 'templates/desktop/mkinitcpio/linux.preset.j2' dest: '/etc/mkinitcpio.d/linux.preset' - - src: 'templates/personal/desktop/mkinitcpio/linux-lts.preset.j2' + - src: 'templates/desktop/mkinitcpio/linux-lts.preset.j2' dest: '/etc/mkinitcpio.d/linux-lts.preset' boot_configuration: diff --git a/host_vars/desktop/vpn.yml b/vars/desktop/vpn.yml similarity index 84% rename from host_vars/desktop/vpn.yml rename to vars/desktop/vpn.yml index 3cc3977..066741b 100644 --- a/host_vars/desktop/vpn.yml +++ b/vars/desktop/vpn.yml @@ -24,7 +24,7 @@ vpn_default: endpoint: '{{ server_domain }}:51902' public_key: 'CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo=' preshared_key_path: '{{ vpn_config_dir }}/keys/private/default/preshared-zeus.psk' - preshared_key_source_path: 'files/personal/desktop/wireguard/default/preshared.psk' + preshared_key_source_path: 'files/desktop/wireguard/default/preshared.psk' vpn_media: ip: '10.0.1.3' @@ -36,7 +36,7 @@ vpn_media: public_key_path: '{{ vpn_config_dir }}/keys/public/media/desktop.pub' private_key_path: '{{ vpn_config_dir }}/keys/private/media/desktop.key' - private_key_source_path: 'files/personal/desktop/wireguard/media/desktop.key' + private_key_source_path: 'files/desktop/wireguard/media/desktop.key' peers: - name: 'zeus-media' @@ -46,4 +46,4 @@ vpn_media: endpoint: '{{ server_domain }}.nl:51903' public_key: 'EugKeo63C5N5kz9ShMHtYswO9Qh6mE00MtfLSFmqqjg=' preshared_key_path: '{{ vpn_config_dir }}/keys/private/media/preshared-zeus.psk' - preshared_key_source_path: 'files/personal/desktop/wireguard/media/preshared.psk' + preshared_key_source_path: 'files/desktop/wireguard/media/preshared.psk' diff --git a/group_vars/personal/gpg.yml b/vars/gpg.yml similarity index 100% rename from group_vars/personal/gpg.yml rename to vars/gpg.yml diff --git a/host_vars/xps/syncthing.yml b/vars/laptop/syncthing.yml similarity index 100% rename from host_vars/xps/syncthing.yml rename to vars/laptop/syncthing.yml diff --git a/vars/laptop/system.yml b/vars/laptop/system.yml new file mode 100644 index 0000000..be95be8 --- /dev/null +++ b/vars/laptop/system.yml @@ -0,0 +1,23 @@ +platform_packages: + - iwd + - nvidia + - nvidia-prime + - nvidia-utils + - lib32-nvidia-utils + +boot_configuration: + disk: /dev/nvme0n1 + partition: 1 + +mkinitcpio_templates: + - src: 'templates/laptop/mkinitcpio/1-modules.conf.j2' + dest: '/etc/mkinitcpio.conf.d/1-modules.conf' + + - src: 'templates/laptop/mkinitcpio/2-hooks.conf.j2' + dest: '/etc/mkinitcpio.conf.d/2-hooks.conf' + + - src: 'templates/laptop/mkinitcpio/linux.preset.j2' + dest: '/etc/mkinitcpio.d/linux.preset' + + - src: 'templates/laptop/mkinitcpio/linux-lts.preset.j2' + dest: '/etc/mkinitcpio.d/linux-lts.preset' diff --git a/host_vars/xps/vpn.yml b/vars/laptop/vpn.yml similarity index 89% rename from host_vars/xps/vpn.yml rename to vars/laptop/vpn.yml index 1a2eab2..158db4e 100644 --- a/host_vars/xps/vpn.yml +++ b/vars/laptop/vpn.yml @@ -23,7 +23,7 @@ vpn_default: endpoint: '{{ server_domain }}:51902' public_key: 'CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo=' preshared_key_path: '{{ vpn_config_dir }}/keys/private/default/preshared-zeus.psk' - preshared_key_source_path: 'files/personal/xps/wireguard/default/preshared.psk' + preshared_key_source_path: 'files/laptop/wireguard/default/preshared.psk' vpn_media: ip: '10.0.1.2' @@ -44,4 +44,4 @@ vpn_media: endpoint: '{{ server_domain }}:51903' public_key: 'EugKeo63C5N5kz9ShMHtYswO9Qh6mE00MtfLSFmqqjg=' preshared_key_path: '{{ vpn_config_dir }}/keys/private/media/preshared-zeus.psk' - preshared_key_source_path: 'files/personal/xps/wireguard/media/preshared.psk' + preshared_key_source_path: 'files/laptop/wireguard/media/preshared.psk' diff --git a/group_vars/all/main.yml b/vars/main.yml similarity index 79% rename from group_vars/all/main.yml rename to vars/main.yml index 405504f..0bba8b7 100644 --- a/group_vars/all/main.yml +++ b/vars/main.yml @@ -1,13 +1,21 @@ -ansible_become_method: community.general.run0 +xdg_config_dir: '{{ ansible_env.HOME }}/.config' +xdg_script_dir: '{{ ansible_env.HOME }}/.local/bin' + +register_uefi_entries: false packages: - firefox + - mpv + - youtube-dl - keepassxc - gimp - nftables + - mpd + - nfs-utils - okular - postgresql - plasma-meta + - syncthing - wezterm - tmux - unrar @@ -18,11 +26,13 @@ packages: - iproute2 - curl - reflector + - laptop-detect - pipewire - pipewire-pulse - pipewire-alsa - merkuro - kmail + - wireguard-tools - otf-monaspace-nerd - systemd-ukify - efibootmgr @@ -30,16 +40,12 @@ packages: - aspell-nl - aspell-en -xdg_config_dir: '{{ ansible_env.HOME }}/.config' -xdg_script_dir: '{{ ansible_env.HOME }}/.local/bin' - +platform_packages: [] modprobe_templates: [] mkinitcpio_templates: [] boot_configuration: +vpn_config_dir: '/etc/wireguard' + server_domain: fudiggity.nl - -register_uefi_entries: false - -wezterm_font_size: 12 diff --git a/group_vars/personal/mpd.yml b/vars/mpd.yml similarity index 100% rename from group_vars/personal/mpd.yml rename to vars/mpd.yml