--- - name: Bootstrap fresh installation hosts: all gather_facts: true roles: # Handle distribution-specific changes before the generic ones - role: os_fedora become: true when: ansible_distribution == "Fedora" - role: os_el become: true when: ansible_distribution in [ "AlmaLinux", "CentOS", "Rocky" ] - role: os_deb become: true when: ansible_distribution in [ "Debian", "Ubuntu" ] # Upgrade all packages and install the basic-bitch ones - role: base_system become: true # Enable Cockpit - role: cockpit become: true tags: cockpit # Enable Flathub repository and install configured flatpaks - role: flatpak when: ansible_distribution != "Ubuntu" tags: flatpak # Install Podman and configure UIDs/GIDs for rootless usage - role: podman become: true tags: podman # Install and configure SSH server - role: ssh_server become: true tags: sshd # Handle basic user configuration - base_desktop # Shell utilities - role: shell_zsh tags: zsh - role: shell_tmux tags: tmux # Directory for temporary files - role: tmpfiles become: true tags: tmpfiles # Configure git - role: git tags: git # Configure ssh - role: ssh_client tags: ssh # Set up GPG - role: gpg tags: gpg # Configure Alacritty terminal - role: terminal_alacritty tags: alacritty # Configure Kitty terminal - role: terminal_kitty tags: kitty # Install fonts - role: fonts tags: fonts # Install Bitwarden CLI - role: secrets_bw tags: bw # Install HashiCorp Vault - role: secrets_hcv tags: hcv # Install and configure Emacs - role: editor_emacs tags: emacs # Install and configure VSCode - role: editor_vscode tags: vscode # Install and configure Helix - role: editor_helix tags: helix # Install and configure neovim - role: editor_neovim tags: neovim tasks: # Install the Wireguard VPNs - name: Wireguard ansible.builtin.include_role: name: wg apply: become: true with_items: "{{ wg_connections }}" vars: wg_ifname: "{{ item.ifname }}" wg_generate_keypair: "{{ item.generate_keypair }}" wg_domain: "{{ item.domain }}" wg_gateway: "{{ item.gateway }}" wg_address: "{{ item.address }}" wg_peers: "{{ item.peers }}" tags: wireguard handlers: - name: Import common handlers ansible.builtin.import_tasks: ../handlers/main.yml