dotfiles/config/automatrop/roles/system/tasks/main.yml

---
# TODO For other distributions

# Package are installed with --asdeps because they are needed

# Etckeeper

- name: Check if etckeeper is initialized
  ansible.builtin.stat:
    path: /etc/.git
  register: etckeeper
  become: true

- name: Initialize etckeeper
  ansible.builtin.command: etckeeper init
  become: true
  when: not etckeeper.stat.exists
  changed_when: true

- name: Configure git user.name for etckeeper
  community.general.git_config:
    scope: local
    repo: /etc
    name: "{{ item.name }}"
    value: "{{ item.value }}"
  loop:
    - name: user.name
      value: etckeeper on {{ inventory_hostname_short }}
    - name: user.email
      value: etckeeper@{{ inventory_hostname }}
  become: true

# Manjaro configuration

- name: Remove Manjaro's pamac
  community.general.pacman:
    name: pamac
    state: absent
  become: true
  when: arch_based and False # I'm trying to remember why I usually delete this thing

# Verbose logging during boot

- name: Check if using Uboot
  ansible.builtin.stat:
    path: /boot/extlinux/extlinux.conf
  register: extlinux
# This (and the following) was made with the Pinebook in mind,
# not sure about compatibility

- name: Remove non-tty1 console (Uboot)
  ansible.builtin.replace:
    path: /boot/extlinux/extlinux.conf
    regexp: ^APPEND(.*) console=(?!tty1)\S+(.*)$
    replace: APPEND\1\2
  become: true
  when: extlinux.stat.exists
# Only one console= will be removed because regular expression are either hard
# or somewhat limited. It's just what I need anyway

- name: Remove bootsplash.bootfile (Uboot)
  ansible.builtin.replace:
    path: /boot/extlinux/extlinux.conf
    regexp: ^APPEND(.*) bootsplash.bootfile=\S+(.*)$
    replace: APPEND\1\2
  become: true
  when: extlinux.stat.exists

- name: Remove bootsplash packages (Arch based)
  community.general.pacman:
    name:
      - bootsplash-systemd
      - bootsplash-theme-manjaro
    state: absent
  become: true
  when: arch_based

# Display Manager

- name: Remove display manager packages (Arch based)
  community.general.pacman:
    name:
      - sddm
      - sddm-breath2-theme
    state: absent
  become: true
  when: arch_based

# Xorg configuration

- name: Check if there is nvidia-xrun is installed
  ansible.builtin.stat:
    path: /etc/X11/nvidia-xorg.conf
  register: nvidia_xrun
  when: display_server == 'x11'

- name: Add nvidia-xrun xorg config directory
  ansible.builtin.set_fact:
    xorg_common_config_dirs: "{{ xorg_default_config_dirs + xorg_nvidia_config_dirs }}"
  vars:
    xorg_default_config_dirs:
      - /etc/X11/xorg.conf.d
    xorg_nvidia_config_dirs: "{{ ['/etc/X11/nvidia-xorg.conf.d'] if nvidia_xrun.stat.exists else [] }}"
  when: display_server == 'x11'

- name: Configure Xorg keyboard layout
  ansible.builtin.copy:
    src: xorg/keyboard.conf
    dest: "{{ item }}/00-keyboard.conf"
  become: true
  when: display_server == 'x11'
  notify: etc changed
  loop: "{{ xorg_common_config_dirs }}"

- name: Use Alt keys for numpad
  ansible.posix.patch:
    src: us_qwert_alt_numpad.patch
    dest: /usr/share/X11/xkb/symbols/us_qwerty-fr
  become: true
  when: display_server == 'x11'
# This is not very nice but it's updated so infrequently that it's not worth
# the trouble

- name: Check if there is Intel backlight
  ansible.builtin.stat:
    path: /sys/class/backlight/intel_backlight
  register: intel_backlight
  when: display_server == 'x11'

- name: Install Intel video drivers (Arch based)
  community.general.pacman:
    name: xf86-video-intel
    # state: "{{ intel_backlight.stat.exists }}"
    state: present
  become: true
  when: display_server == 'x11' and intel_backlight.stat.exists and arch_based
  # TODO With software role? Would permit other distributions

- name: Configure Xorg Intel backlight
  ansible.builtin.copy:
    src: xorg/intel_backlight.conf
    dest: "{{ item }}/20-intel_backlight.conf"
  become: true
  when: display_server == 'x11' and intel_backlight.stat.exists
  notify: etc changed
  loop: "{{ xorg_common_config_dirs }}"

- name: Configure Xorg touchpad behaviour
  ansible.builtin.copy:
    src: xorg/touchpad.conf
    dest: "{{ item }}/30-touchpad.conf"
  become: true
  when: display_server == 'x11'
  notify: etc changed
  loop: "{{ xorg_common_config_dirs }}"

- name: Configure Xorg joystick behaviour
  ansible.builtin.copy:
    src: xorg/joystick.conf
    dest: "{{ item }}/50-joystick.conf"
  become: true
  when: display_server == 'x11'
  notify: etc changed
  loop: "{{ xorg_common_config_dirs }}"

- name: List modules we're using
  ansible.builtin.slurp:
    src: /proc/modules
  register: modules
  when: display_server
# Not sure the module will be loaded in early setup stages though

- name: Make panfrost use OpenGL 3.3
  ansible.builtin.lineinfile:
    path: /etc/environment
    line: PAN_MESA_DEBUG="gl3"
    regexp: ^#? ?PAN_MESA_DEBUG=
  become: true
  when: display_server and using_panfrost
  vars:
    using_panfrost: "{{ 'panfrost' in (modules.content | b64decode) }}"
  notify: panfrost config changed

# Numlock on boot

- name: Set numlock on boot
  ansible.builtin.copy:
    src: getty.service
    dest: /etc/systemd/system/getty@.service.d/override.conf
  become: true
  notify:
    - etc changed
    - systemd changed
  when: auto_numlock

- name: Unset numlock on boot
  ansible.builtin.file:
    path: /etc/systemd/system/getty@.service.d/override.conf
    state: absent
  become: true
  notify:
    - etc changed
    - systemd changed
  when: not auto_numlock

# TLP configuration

- name: Start/enable TLP
  ansible.builtin.systemd:
    name: tlp
    state: started
    enabled: true
  become: true
  notify: etc changed

# Network configuration

- name: Start/enable dhcpcd
  ansible.builtin.systemd:
    name: dhcpcd
    state: started
    enabled: true
  become: true
  notify: etc changed

- name: Configure wpa_supplicant
  ansible.builtin.template:
    src: wpa_supplicant.conf.j2
    dest: /etc/wpa_supplicant/wpa_supplicant.conf
  notify:
    - etc changed
    - wpa_supplicant changed
  become: true
  tags:
    - wificonf

- name: Prepare directory for wpa_supplicant service override
  ansible.builtin.file:
    path: /etc/systemd/system/wpa_supplicant@.service.d
    state: directory
    mode: u=rwx,g=rx,o=rx
  become: true

- name: Make wpa_supplicant use a common configuration file
  ansible.builtin.copy:
    src: wpa_supplicant.service
    dest: /etc/systemd/system/wpa_supplicant@.service.d/override.conf
  become: true
  notify:
    - etc changed
    - systemd changed
    - wifi setup changed

- name: Disable wpa_supplicant for networkmanager
  ansible.builtin.systemd:
    name: wpa_supplicant
    enabled: false
  become: true
  notify:
    - etc changed
    - wifi setup changed

- name: Start/enable wpa_supplicant for interface
  ansible.builtin.systemd:
    name: wpa_supplicant@{{ item }}
    enabled: true
  become: true
  notify:
    - etc changed
    - wifi setup changed
  loop: "{{ ansible_interfaces }}"
  when: item.startswith('wl')
# Could probably use something better like
# listing /sys/class/ieee80211/*/device/net/

- name: Uninstall networkmanager
  community.general.pacman:
    name: networkmanager
    state: absent
    extra_args: --cascade --recursive
  when: arch_based
  become: true
  notify:
    - wifi setup changed

- name: Mask systemd-networkd
  ansible.builtin.systemd:
    name: systemd-networkd
    state: stopped
    enabled: false
    masked: true
  become: true
  notify: etc changed

# Time synchronisation

- name: Mask systemd-timesyncd
  ansible.builtin.systemd:
    name: systemd-timesyncd
    state: stopped
    enabled: false
    masked: true
  become: true
  notify: etc changed

- name: Configure chrony
  ansible.builtin.copy:
    src: chrony.conf
    dest: /etc/chrony.conf
  become: true
  notify:
    - etc changed
    - chrony reconfigured
# TODO More configuration, RTC configuration

- name: Enable chronyd
  ansible.builtin.systemd:
    name: chronyd
    enabled: true
  become: true
  notify:
    - etc changed
    - chrony reconfigured

- name: Configure dhcpcd chrony hook
  ansible.builtin.copy:
    src: dhcpcd.exit-hook
    dest: /etc/dhcpcd.exit-hook
  become: true
  notify: etc changed

- name: Empty motd
  ansible.builtin.copy:
    content: ""
    dest: /etc/motd
    mode: u=rw,g=r,o=r
  become: true
  notify:
    - etc changed

# VPN configuration

- name: Prepare directory for openvpn-client service override
  ansible.builtin.file:
    path: /etc/systemd/system/openvpn-client@.service.d
    state: directory
    mode: u=rwx,g=rx,o=rx
  become: true

- name: Make openvpn use hooks for resolvconf
  ansible.builtin.copy:
    src: openvpn-client.service
    dest: /etc/systemd/system/openvpn-client@.service.d/override.conf
  become: true
  notify:
    - etc changed
    - systemd changed

- name: Disable power button
  ansible.builtin.lineinfile:
    path: /etc/systemd/logind.conf
    line: HandlePowerKey=ignore
    regexp: ^#? *HandlePowerKey=
    insertafter: ^\[Login\]$
  become: true
  notify: systemd-logind config changed
  # Reason: I sometimes press it accidentally
  # (hoping to start it when it's already started,
  # or really accidentally on the Pinebook).
  # Suspend would be nice, but it doesn't have the locker then

# TODO Hibernation, if that's relevant
# $ sudo blkid | grep 'TYPE="swap"'
# $ sudoedit /etc/default/grub
# Add resume=UUID=<UUID-of-swap-partition> to GRUB_CMDLINE_LINUX_DEFAULT
# $ sudo grub-mkconfig -o /boot/grub/grub.cfg

# TODO udevil