dotfiles/playbooks/bootstrap.yml

---
- name: Bootstrap fresh installation
  hosts: all
  gather_facts: true
  roles:
    # Handle distribution-specific changes before the generic ones
    - role: os/fedora
      become: true
      when: ansible_distribution == "Fedora"

    - role: os/el
      become: true
      when: ansible_distribution in [ "AlmaLinux", "CentOS" ]

    # Upgrade all packages and install the basic-bitch ones
    - role: base/system
      become: true

    # Enable Cockpit
    - role: system/cockpit
      become: true
      tags: cockpit

    # Enable Flathub repository and install configured flatpaks
    - role: system/flatpak
      when: ansible_distribution != "Ubuntu"
      tags: flatpak

    # Install Podman and configure UIDs/GIDs for rootless usage
    - role: system/podman
      become: true
      tags: podman

    # Install and configure SSH server
    - role: system/sshd
      become: true
      tags: sshd

    # Handle basic user configuration
    - base/desktop

    # Shell utilities
    - role: user/shell/zsh
      tags: zsh
    - role: user/shell/tmux
      tags: tmux
    - role: user/editors/neovim
      tags: neovim

    # Directory for temporary files
    - role: user/tmpfiles
      become: true
      tags: tmpfiles

    # Configure git
    - role: user/git
      tags: git

    # Configure ssh
    - role: user/ssh
      tags: ssh

    # Set up GPG
    - role: user/gpg
      tags: gpg

    # Configure Alacritty terminal
    - role: user/terminals/alacritty
      tags: alacritty

    # Configure Kitty terminal
    - role: user/terminals/kitty
      tags: kitty

    # Install fonts
    - role: user/fonts
      tags: fonts

    # Install Bitwarden CLI
    - role: user/secrets/bw
      tags: bw

    # Install HashiCorp Vault
    - role: user/secrets/hcv
      tags: hcv

    # Install and configure Emacs
    - role: user/editors/emacs
      tags: emacs

    # Install and configure VSCode
    - role: user/editors/vscode
      tags: vscode

    # Install and configure Helix
    - role: user/editors/helix
      tags: helix

  tasks:
    # Install the Wireguard VPNs
    - name: Wireguard
      ansible.builtin.include_role:
        name: wg
        apply:
          become: true
      with_items: "{{ wg_connections }}"
      vars:
        wg_ifname: "{{ item.ifname }}"
        wg_generate_keypair: "{{ item.generate_keypair }}"
        wg_domain: "{{ item.domain }}"
        wg_gateway: "{{ item.gateway }}"
        wg_address: "{{ item.address }}"
        wg_peers: "{{ item.peers }}"
      tags: wireguard
Add first version of playbooks and configs Signed-off-by: Matej Focko <matej.focko@outlook.com> 2020-10-11 15:09:15 +02:00			`---`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00			`- name: Bootstrap fresh installation`
Add first version of playbooks and configs Signed-off-by: Matej Focko <matej.focko@outlook.com> 2020-10-11 15:09:15 +02:00			`hosts: all`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00			`gather_facts: true`
Add first version of playbooks and configs Signed-off-by: Matej Focko <matej.focko@outlook.com> 2020-10-11 15:09:15 +02:00			`roles:`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00			`# Handle distribution-specific changes before the generic ones`
chore: move out the OS-specific roles Signed-off-by: Matej Focko <me@mfocko.xyz> 2024-07-12 21:09:06 +02:00			`- role: os/fedora`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00			`become: true`
feat(bootstrap): check for distribution Check for distribution when running distro-specific actions. Signed-off-by: Matej Focko <mfocko@redhat.com> 2022-03-13 01:33:20 +01:00			`when: ansible_distribution == "Fedora"`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00
chore: move out the OS-specific roles Signed-off-by: Matej Focko <me@mfocko.xyz> 2024-07-12 21:09:06 +02:00			`- role: os/el`
roles(system/el): create a role for EL distros Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-30 15:39:18 +02:00			`become: true`
			`when: ansible_distribution in [ "AlmaLinux", "CentOS" ]`

chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00			`# Upgrade all packages and install the basic-bitch ones`
chore: move out the base roles Signed-off-by: Matej Focko <me@mfocko.xyz> 2024-07-12 21:05:18 +02:00			`- role: base/system`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00			`become: true`

feat(bootstrap): include system/cockpit Signed-off-by: Matej Focko <me@mfocko.xyz> 2024-07-10 15:32:35 +02:00			`# Enable Cockpit`
			`- role: system/cockpit`
			`become: true`
			`tags: cockpit`

chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00			`# Enable Flathub repository and install configured flatpaks`
feat: make ansible tags more granular Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-30 15:10:39 +02:00			`- role: system/flatpak`
fix(bootstrap): do not install flatpak for Ubuntu Signed-off-by: Matej Focko <me@mfocko.xyz> 2024-07-07 17:39:42 +02:00			`when: ansible_distribution != "Ubuntu"`
feat: make ansible tags more granular Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-30 15:10:39 +02:00			`tags: flatpak`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00
			`# Install Podman and configure UIDs/GIDs for rootless usage`
			`- role: system/podman`
			`become: true`
feat: make ansible tags more granular Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-30 15:10:39 +02:00			`tags: podman`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00
			`# Install and configure SSH server`
			`- role: system/sshd`
			`become: true`
feat: make ansible tags more granular Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-30 15:10:39 +02:00			`tags: sshd`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00
			`# Handle basic user configuration`
chore: move out the base roles Signed-off-by: Matej Focko <me@mfocko.xyz> 2024-07-12 21:05:18 +02:00			`- base/desktop`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00
			`# Shell utilities`
feat: make ansible tags more granular Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-30 15:10:39 +02:00			`- role: user/shell/zsh`
			`tags: zsh`
			`- role: user/shell/tmux`
			`tags: tmux`
			`- role: user/editors/neovim`
			`tags: neovim`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00
feat(user/tmpfiles): create role for user's tmpdir Signed-off-by: Matej Focko <me@mfocko.xyz> 2024-06-03 21:53:44 +02:00			`# Directory for temporary files`
			`- role: user/tmpfiles`
			`become: true`
			`tags: tmpfiles`

chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00			`# Configure git`
feat: make ansible tags more granular Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-30 15:10:39 +02:00			`- role: user/git`
			`tags: git`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00
			`# Configure ssh`
feat: make ansible tags more granular Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-30 15:10:39 +02:00			`- role: user/ssh`
			`tags: ssh`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00
feat(user/gpg): create a GPG role Signed-off-by: Matej Focko <mfocko@redhat.com> 2023-09-16 23:08:02 +02:00			`# Set up GPG`
			`- role: user/gpg`
			`tags: gpg`

chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00			`# Configure Alacritty terminal`
			`- role: user/terminals/alacritty`
			`tags: alacritty`

			`# Configure Kitty terminal`
			`- role: user/terminals/kitty`
			`tags: kitty`

roles(user/fonts): upload fonts Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-30 17:03:59 +02:00			`# Install fonts`
			`- role: user/fonts`
			`tags: fonts`

chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00			`# Install Bitwarden CLI`
feat: make ansible tags more granular Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-30 15:10:39 +02:00			`- role: user/secrets/bw`
			`tags: bw`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00
fix: uncomment HCV in playbook Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-09-06 11:42:47 +02:00			`# Install HashiCorp Vault`
			`- role: user/secrets/hcv`
			`tags: hcv`
chore: rework directory structure Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-27 11:43:02 +02:00
			`# Install and configure Emacs`
			`- role: user/editors/emacs`
			`tags: emacs`

			`# Install and configure VSCode`
feat: make ansible tags more granular Signed-off-by: Matej Focko <me@mfocko.xyz> 2023-08-30 15:10:39 +02:00			`- role: user/editors/vscode`
			`tags: vscode`
feat(editors/helix): add support for Helix Signed-off-by: Matej Focko <mfocko@redhat.com> 2023-09-09 15:19:45 +02:00
			`# Install and configure Helix`
			`- role: user/editors/helix`
			`tags: helix`
chore(wg): factor out the wireguard role Signed-off-by: Matej Focko <me@mfocko.xyz> 2024-07-12 19:53:09 +02:00
			`tasks:`
			`# Install the Wireguard VPNs`
			`- name: Wireguard`
			`ansible.builtin.include_role:`
			`name: wg`
			`apply:`
			`become: true`
			`with_items: "{{ wg_connections }}"`
			`vars:`
			`wg_ifname: "{{ item.ifname }}"`
			`wg_generate_keypair: "{{ item.generate_keypair }}"`
			`wg_domain: "{{ item.domain }}"`
			`wg_gateway: "{{ item.gateway }}"`
			`wg_address: "{{ item.address }}"`
			`wg_peers: "{{ item.peers }}"`
			`tags: wireguard`