Commit graph

220 commits

Author SHA1 Message Date
51a44bca3d
chore: remove stylus definitions
As the syncing of the definitions has become more troublesome and the
stylesheets grew, I moved them to https://git.mfocko.xyz/mfocko/usercss,
which also allows Stylus to update the stylesheets automatically based
on the versions declared in the sheets. Thus making this unmaintained
file obsolete.

Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-11-13 17:48:21 +01:00
bbd265cf95
feat: convert inventories and use Ansible Vault
Fixes #52

Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-11-13 09:45:54 +01:00
8454780c92
feat(porkbun): switch to global variables for keys
- Introduce 2 global variables with API keys
- Remove redundant role that only installs one config file used by
  another role
- Use the said global variables within DDNS and Certbot roles
- Create the config file in the role that uses it (Certbot)

Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-11-12 16:46:34 +01:00
2039bf6570
feat(ddns): support Porkbun in the DDNS
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-11-12 16:40:16 +01:00
f6428b2406
fix(certbot): migrate from Cloudflare to Porkbun
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-11-12 16:40:14 +01:00
45a41d7c99
feat(porkbun): add support for porkbun creds
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-11-11 17:00:42 +01:00
27fe69cfa0
fix(os/el): enable Google repo and RPMfusion
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-30 15:11:16 +02:00
67d4083b97
feat(ptyxis): add new role for a terminal
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-30 15:08:54 +02:00
1d65e7e176
feat(sshd): adjust for archLinux
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-22 11:36:40 +02:00
9d89a874ec
fix(firewalld): adjust firewall only when it's set up
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-22 10:39:21 +02:00
eaaf707b60
fix(vscode)!: do not install
Always fails right now

Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-22 10:37:20 +02:00
f59e074ef8
fix(zsh): use correct *box script for name
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-22 10:37:16 +02:00
044d0e42ab
fix(helix): correct the installation
* Do not use Copr repo for AlmaLinux
* Make a generic install action for Helix from official repositories

Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-22 10:36:56 +02:00
ca89c810cd
fix(flatpak): install flatpak if not present
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-15 19:42:30 +02:00
7760066325
fix(wg): correct path to config and variable
* use correct path to the template for the config
* use correct variable when adjusting the DNS on AlmaLinux

Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-15 15:44:30 +02:00
f2be2f7b95
fix(base/desktop): create applications directory
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-15 15:43:43 +02:00
c13adc9084
fix(zsh): adjust the starship config
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-13 10:07:08 +02:00
0554e665c5
chore: move out user roles
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 21:23:02 +02:00
281b95d824
chore: move out system roles
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 21:19:42 +02:00
6a732703f7
chore: move out yubikey roles
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 21:15:31 +02:00
cfc02949d6
chore: move out the OS-specific roles
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 21:15:31 +02:00
c7293cd6ea
chore: move out the server roles
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 21:15:31 +02:00
0283426127
chore: move out the base roles
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 21:07:20 +02:00
bc2d4a291e
chore(wg): factor out the wireguard role
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 19:53:09 +02:00
f0d4f84ec7
feat(user/yubikey): implement setup for Yubikey auth
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 15:02:51 +02:00
28531a4f07
feat(system/yubikey): implement PAM auth for Yubikey OTP
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 15:02:18 +02:00
918f7c8fbf
feat(system/cockpit): implement Cockpit role
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 15:01:52 +02:00
1380efe400
feat(server/nginx): implement nginx role
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 15:00:55 +02:00
34798fd196
feat(server/cups): implement CUPS role
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:58:28 +02:00
d5137bc5fb
docs(user/tmpfiles): document variables
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:57:21 +02:00
d6bcb2b018
fix(ssh): maxwell → mountainside
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:56:59 +02:00
8f28841fef
fix(shell/zsh): use variables in the zshrc
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:56:34 +02:00
42aeacb47b
fix(secrets/bw): use correct variables
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:56:07 +02:00
749be7227e
fix(system/wg-admin): use variables
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:55:29 +02:00
741f570235
fix(system/sshd): use HashiCorp Vault address from variable
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:53:42 +02:00
c116552ab8
docs(system/sshd): document variables
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:53:30 +02:00
d5e843f088
docs(system/flatpak): document variable
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:53:12 +02:00
8e97008f4d
fix(server/ddns): use variables instead of hardcoded values
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:51:18 +02:00
473d1d70f9
feat: add default variables with explanation
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:50:34 +02:00
c8fb0de709
chore(git): add gitignore
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:50:33 +02:00
904ae8d189
feat: add playground playbook
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-12 14:50:32 +02:00
4d84398657
feat(server/ddns): implement DDNS support using inadyn
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-10 16:45:45 +02:00
90bac3a306
feat(server/certbot): add support for certbot
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-10 16:43:18 +02:00
282d61d808
fix(system/base): some systems may not have unzip
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-10 16:40:29 +02:00
f78364e2a8
feat(server/base): create a directory for potential secrets
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-10 16:40:05 +02:00
4e0bf02507
feat(bootstrap): include system/cockpit
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-10 15:32:35 +02:00
fc34091749
fix(system/sshd): handle firewall
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-10 15:16:47 +02:00
3e261ce668
fix(system/sshd): notify SELinux about the port change
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-10 15:02:17 +02:00
2c9fc903f4
feat(user/zsh): use kdialog instead of yad
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-07 17:46:23 +02:00
3c4950bcd0
feat(user/zsh): install eza and bat
Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-07-07 17:45:54 +02:00