--- - name: Bootstrap fresh installation hosts: all gather_facts: true roles: # Handle distribution-specific changes before the generic ones - role: os/fedora become: true when: ansible_distribution == "Fedora" - role: os/el become: true when: ansible_distribution in [ "AlmaLinux", "CentOS" ] # Upgrade all packages and install the basic-bitch ones - role: base/system become: true # Enable Cockpit - role: cockpit become: true tags: cockpit # Enable Flathub repository and install configured flatpaks - role: flatpak when: ansible_distribution != "Ubuntu" tags: flatpak # Install Podman and configure UIDs/GIDs for rootless usage - role: podman become: true tags: podman # Install and configure SSH server - role: sshd become: true tags: sshd # Handle basic user configuration - base/desktop # Shell utilities - role: shell/zsh tags: zsh - role: shell/tmux tags: tmux - role: editors/neovim tags: neovim # Directory for temporary files - role: tmpfiles become: true tags: tmpfiles # Configure git - role: git tags: git # Configure ssh - role: ssh tags: ssh # Set up GPG - role: gpg tags: gpg # Configure Alacritty terminal - role: terminals/alacritty tags: alacritty # Configure Kitty terminal - role: terminals/kitty tags: kitty # Install fonts - role: fonts tags: fonts # Install Bitwarden CLI - role: secrets/bw tags: bw # Install HashiCorp Vault - role: secrets/hcv tags: hcv # Install and configure Emacs - role: editors/emacs tags: emacs # Install and configure VSCode - role: editors/vscode tags: vscode # Install and configure Helix - role: editors/helix tags: helix tasks: # Install the Wireguard VPNs - name: Wireguard ansible.builtin.include_role: name: wg apply: become: true with_items: "{{ wg_connections }}" vars: wg_ifname: "{{ item.ifname }}" wg_generate_keypair: "{{ item.generate_keypair }}" wg_domain: "{{ item.domain }}" wg_gateway: "{{ item.gateway }}" wg_address: "{{ item.address }}" wg_peers: "{{ item.peers }}" tags: wireguard handlers: - name: Import common handlers ansible.builtin.import_tasks: ../handlers/main.yml