dotfiles/playbooks/bootstrap.yml

121 lines
2.5 KiB
YAML
Raw Normal View History

---
- name: Bootstrap fresh installation
hosts: all
gather_facts: true
roles:
# Handle distribution-specific changes before the generic ones
- role: os_fedora
become: true
when: ansible_distribution == "Fedora"
- role: os_el
become: true
when: ansible_distribution in [ "AlmaLinux", "CentOS" ]
# Upgrade all packages and install the basic-bitch ones
- role: base_system
become: true
# Enable Cockpit
- role: cockpit
become: true
tags: cockpit
# Enable Flathub repository and install configured flatpaks
- role: flatpak
when: ansible_distribution != "Ubuntu"
tags: flatpak
# Install Podman and configure UIDs/GIDs for rootless usage
- role: podman
become: true
tags: podman
# Install and configure SSH server
- role: ssh_server
become: true
tags: sshd
# Handle basic user configuration
- base_desktop
# Shell utilities
- role: shell/zsh
tags: zsh
- role: shell/tmux
tags: tmux
# Directory for temporary files
- role: tmpfiles
become: true
tags: tmpfiles
# Configure git
- role: git
tags: git
# Configure ssh
- role: ssh_client
tags: ssh
# Set up GPG
- role: gpg
tags: gpg
# Configure Alacritty terminal
- role: terminal_alacritty
tags: alacritty
# Configure Kitty terminal
- role: terminal_kitty
tags: kitty
# Install fonts
- role: fonts
tags: fonts
# Install Bitwarden CLI
- role: secrets/bw
tags: bw
# Install HashiCorp Vault
- role: secrets/hcv
tags: hcv
# Install and configure Emacs
- role: editor_emacs
tags: emacs
# Install and configure VSCode
- role: editor_vscode
tags: vscode
# Install and configure Helix
- role: editor_helix
tags: helix
# Install and configure neovim
- role: editor_neovim
tags: neovim
tasks:
# Install the Wireguard VPNs
- name: Wireguard
ansible.builtin.include_role:
name: wg
apply:
become: true
with_items: "{{ wg_connections }}"
vars:
wg_ifname: "{{ item.ifname }}"
wg_generate_keypair: "{{ item.generate_keypair }}"
wg_domain: "{{ item.domain }}"
wg_gateway: "{{ item.gateway }}"
wg_address: "{{ item.address }}"
wg_peers: "{{ item.peers }}"
tags: wireguard
handlers:
- name: Import common handlers
ansible.builtin.import_tasks: ../handlers/main.yml