2020-10-11 15:09:15 +02:00
|
|
|
---
|
2023-08-27 11:43:02 +02:00
|
|
|
- name: Bootstrap fresh installation
|
2020-10-11 15:09:15 +02:00
|
|
|
hosts: all
|
2023-08-27 11:43:02 +02:00
|
|
|
gather_facts: true
|
2020-10-11 15:09:15 +02:00
|
|
|
roles:
|
2023-08-27 11:43:02 +02:00
|
|
|
# Handle distribution-specific changes before the generic ones
|
2024-07-12 21:09:06 +02:00
|
|
|
- role: os/fedora
|
2023-08-27 11:43:02 +02:00
|
|
|
become: true
|
2022-03-13 01:33:20 +01:00
|
|
|
when: ansible_distribution == "Fedora"
|
2023-08-27 11:43:02 +02:00
|
|
|
|
2024-07-12 21:09:06 +02:00
|
|
|
- role: os/el
|
2023-08-30 15:39:18 +02:00
|
|
|
become: true
|
|
|
|
when: ansible_distribution in [ "AlmaLinux", "CentOS" ]
|
|
|
|
|
2023-08-27 11:43:02 +02:00
|
|
|
# Upgrade all packages and install the basic-bitch ones
|
2024-07-12 21:05:18 +02:00
|
|
|
- role: base/system
|
2023-08-27 11:43:02 +02:00
|
|
|
become: true
|
|
|
|
|
2024-07-10 15:32:35 +02:00
|
|
|
# Enable Cockpit
|
|
|
|
- role: system/cockpit
|
|
|
|
become: true
|
|
|
|
tags: cockpit
|
|
|
|
|
2023-08-27 11:43:02 +02:00
|
|
|
# Enable Flathub repository and install configured flatpaks
|
2023-08-30 15:10:39 +02:00
|
|
|
- role: system/flatpak
|
2024-07-07 17:39:42 +02:00
|
|
|
when: ansible_distribution != "Ubuntu"
|
2023-08-30 15:10:39 +02:00
|
|
|
tags: flatpak
|
2023-08-27 11:43:02 +02:00
|
|
|
|
|
|
|
# Install Podman and configure UIDs/GIDs for rootless usage
|
|
|
|
- role: system/podman
|
|
|
|
become: true
|
2023-08-30 15:10:39 +02:00
|
|
|
tags: podman
|
2023-08-27 11:43:02 +02:00
|
|
|
|
|
|
|
# Install and configure SSH server
|
|
|
|
- role: system/sshd
|
|
|
|
become: true
|
2023-08-30 15:10:39 +02:00
|
|
|
tags: sshd
|
2023-08-27 11:43:02 +02:00
|
|
|
|
|
|
|
# Handle basic user configuration
|
2024-07-12 21:05:18 +02:00
|
|
|
- base/desktop
|
2023-08-27 11:43:02 +02:00
|
|
|
|
|
|
|
# Shell utilities
|
2023-08-30 15:10:39 +02:00
|
|
|
- role: user/shell/zsh
|
|
|
|
tags: zsh
|
|
|
|
- role: user/shell/tmux
|
|
|
|
tags: tmux
|
|
|
|
- role: user/editors/neovim
|
|
|
|
tags: neovim
|
2023-08-27 11:43:02 +02:00
|
|
|
|
2024-06-03 21:53:44 +02:00
|
|
|
# Directory for temporary files
|
|
|
|
- role: user/tmpfiles
|
|
|
|
become: true
|
|
|
|
tags: tmpfiles
|
|
|
|
|
2023-08-27 11:43:02 +02:00
|
|
|
# Configure git
|
2023-08-30 15:10:39 +02:00
|
|
|
- role: user/git
|
|
|
|
tags: git
|
2023-08-27 11:43:02 +02:00
|
|
|
|
|
|
|
# Configure ssh
|
2023-08-30 15:10:39 +02:00
|
|
|
- role: user/ssh
|
|
|
|
tags: ssh
|
2023-08-27 11:43:02 +02:00
|
|
|
|
2023-09-16 23:08:02 +02:00
|
|
|
# Set up GPG
|
|
|
|
- role: user/gpg
|
|
|
|
tags: gpg
|
|
|
|
|
2023-08-27 11:43:02 +02:00
|
|
|
# Configure Alacritty terminal
|
|
|
|
- role: user/terminals/alacritty
|
|
|
|
tags: alacritty
|
|
|
|
|
|
|
|
# Configure Kitty terminal
|
|
|
|
- role: user/terminals/kitty
|
|
|
|
tags: kitty
|
|
|
|
|
2023-08-30 17:03:59 +02:00
|
|
|
# Install fonts
|
|
|
|
- role: user/fonts
|
|
|
|
tags: fonts
|
|
|
|
|
2023-08-27 11:43:02 +02:00
|
|
|
# Install Bitwarden CLI
|
2023-08-30 15:10:39 +02:00
|
|
|
- role: user/secrets/bw
|
|
|
|
tags: bw
|
2023-08-27 11:43:02 +02:00
|
|
|
|
2023-09-06 11:42:47 +02:00
|
|
|
# Install HashiCorp Vault
|
|
|
|
- role: user/secrets/hcv
|
|
|
|
tags: hcv
|
2023-08-27 11:43:02 +02:00
|
|
|
|
|
|
|
# Install and configure Emacs
|
|
|
|
- role: user/editors/emacs
|
|
|
|
tags: emacs
|
|
|
|
|
|
|
|
# Install and configure VSCode
|
2023-08-30 15:10:39 +02:00
|
|
|
- role: user/editors/vscode
|
|
|
|
tags: vscode
|
2023-09-09 15:19:45 +02:00
|
|
|
|
|
|
|
# Install and configure Helix
|
|
|
|
- role: user/editors/helix
|
|
|
|
tags: helix
|
2024-07-12 19:53:09 +02:00
|
|
|
|
|
|
|
tasks:
|
|
|
|
# Install the Wireguard VPNs
|
|
|
|
- name: Wireguard
|
|
|
|
ansible.builtin.include_role:
|
|
|
|
name: wg
|
|
|
|
apply:
|
|
|
|
become: true
|
|
|
|
with_items: "{{ wg_connections }}"
|
|
|
|
vars:
|
|
|
|
wg_ifname: "{{ item.ifname }}"
|
|
|
|
wg_generate_keypair: "{{ item.generate_keypair }}"
|
|
|
|
wg_domain: "{{ item.domain }}"
|
|
|
|
wg_gateway: "{{ item.gateway }}"
|
|
|
|
wg_address: "{{ item.address }}"
|
|
|
|
wg_peers: "{{ item.peers }}"
|
|
|
|
tags: wireguard
|