Browse Source

Replaced install-arch with something Ansible!

master
Geoffrey Frogeye 1 year ago
parent
commit
1a8502002a
Signed by: geoffrey GPG Key ID: C72403E7F82E6AD8
  1. 6
      config/automatrop/group_vars/all
  2. 2
      config/automatrop/host_vars/curacao.geoffrey.frogeye.fr
  3. 1
      config/automatrop/host_vars/pindakaas.geoffrey.frogeye.fr
  4. 4
      config/automatrop/playbooks/default.yml
  5. 6
      config/automatrop/roles/dotfiles/tasks/main.yml
  6. 1
      config/automatrop/roles/software/tasks/main.yml
  7. 5
      config/automatrop/roles/software/templates/snippets/pm_desktop_environment.j2
  8. 1
      config/automatrop/roles/software/templates/snippets/pm_dotfiles_dependencies.j2
  9. 3
      config/automatrop/roles/software/templates/snippets/pm_local_monitoring.j2
  10. 7
      config/automatrop/roles/system/files/chrony.conf
  11. 5
      config/automatrop/roles/system/files/dhcpcd.exit-hook
  12. 2
      config/automatrop/roles/system/files/getty.service
  13. 3
      config/automatrop/roles/system/files/wpa_supplicant.service
  14. 5
      config/automatrop/roles/system/files/xorg/intel_backlight.conf
  15. 8
      config/automatrop/roles/system/files/xorg/joystick.conf
  16. 7
      config/automatrop/roles/system/files/xorg/keyboard.conf
  17. 6
      config/automatrop/roles/system/files/xorg/touchpad.conf
  18. 28
      config/automatrop/roles/system/handlers/main.yaml
  19. 336
      config/automatrop/roles/system/tasks/main.yml
  20. 90
      config/automatrop/roles/system/templates/wpa_supplicant.conf.j2
  21. 2
      config/scripts/install-arch

6
config/automatrop/group_vars/all

@ -15,3 +15,9 @@ software_full: no
# Which additional software to install
software_snippets: []
# If the computer has a battery and we want to use it
has_battery: no
# Activate numlock by default
auto_numlock: no

2
config/automatrop/host_vars/curacao.geoffrey.frogeye.fr

@ -7,3 +7,5 @@ dev_stuffs:
- ansible
- docker
software_full: yes
has_battery: yes
auto_numlock: yes

1
config/automatrop/host_vars/pindakaas.geoffrey.frogeye.fr

@ -4,3 +4,4 @@ dev_stuffs:
- shell
- network
- ansible
has_battery: yes

4
config/automatrop/playbooks/default.yml

@ -3,8 +3,12 @@
roles:
- role: access
tags: access
when: root_access
- role: software
tags: software
- role: system
tags: system
when: root_access
- role: dotfiles
tags: dotfiles
- role: mnussbaum.base16-builder-ansible # Required for color

6
config/automatrop/roles/dotfiles/tasks/main.yml

@ -4,6 +4,6 @@
dest: "{{ ansible_user_dir }}/.dotfiles"
notify: install dotfiles
# - name: Install python dependencies for scripts
# pip:
# requirements: "{{ ansible_user_dir }}/.dotfiles/config/scripts/requirements.txt"
- name: Install python dependencies for scripts
pip:
requirements: "{{ ansible_user_dir }}/.dotfiles/config/scripts/requirements.txt"

1
config/automatrop/roles/software/tasks/main.yml

@ -115,5 +115,6 @@
# be removed by dependency check.
# Current packages will be kept by the meta package
use: yay
notify: "software changed"
tags: softwarelist
when: arch_based and root_access

5
config/automatrop/roles/software/templates/snippets/pm_desktop_environment.j2

@ -1,7 +1,9 @@
{# Essential #}
firefox
qutebrowser
{# Sound #}
pulseaudio
pacmixer
zbar
{% if arch_based %}
ttf-dejavu
ttf-twemoji
@ -13,6 +15,7 @@ thunar
gedit
feh
zathura
zbar
{% if arch_based %}
zathura-pdf-mupdf
{% elif debian_based %}

1
config/automatrop/roles/software/templates/snippets/pm_dotfiles_dependencies.j2

@ -19,4 +19,5 @@ ansible
unzip
unrar
p7zip
{{ python_prefix }}-pystache
{# EOF #}

3
config/automatrop/roles/software/templates/snippets/pm_local_monitoring.j2

@ -19,3 +19,6 @@ speedtest-cli
{% if arch_based %}
pacman-contrib
{% endif %}
{% if has_battery %}
powertop
{% endif %}

7
config/automatrop/roles/system/files/chrony.conf

@ -0,0 +1,7 @@
server 0.europe.pool.ntp.org offline
server 1.europe.pool.ntp.org offline
server 2.europe.pool.ntp.org offline
server 3.europe.pool.ntp.org offline
driftfile /etc/chrony.drift
rtconutc
rtcsync

5
config/automatrop/roles/system/files/dhcpcd.exit-hook

@ -0,0 +1,5 @@
if $if_up; then
chronyc online
elif $if_down; then
chronyc offline
fi

2
config/automatrop/roles/system/files/getty.service

@ -0,0 +1,2 @@
[Service]
ExecStartPre=/bin/sh -c 'setleds +num < /dev/%I'

3
config/automatrop/roles/system/files/wpa_supplicant.service

@ -0,0 +1,3 @@
[Service]
ExecStart=
ExecStart=/usr/bin/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant.conf -i%I

5
config/automatrop/roles/system/files/xorg/intel_backlight.conf

@ -0,0 +1,5 @@
Section "Device"
Identifier "Intel Graphics"
Driver "intel"
Option "Backlight" "intel_backlight"
EndSection

8
config/automatrop/roles/system/files/xorg/joystick.conf

@ -0,0 +1,8 @@
Section "InputClass"
Identifier "joystick catchall"
MatchIsJoystick "on"
MatchDevicePath "/dev/input/event*"
Driver "joystick"
Option "StartKeysEnabled" "False" #Disable mouse
Option "StartMouseEnabled" "False" #support
EndSection

7
config/automatrop/roles/system/files/xorg/keyboard.conf

@ -0,0 +1,7 @@
Section "InputClass"
Identifier "system-keyboard"
MatchIsKeyboard "on"
Option "XkbLayout" "us_qwerty-fr"
#Option "XkbModel" "pc105+inet"
Option "XkbOptions" "terminate:ctrl_alt_bksp"
EndSection

6
config/automatrop/roles/system/files/xorg/touchpad.conf

@ -0,0 +1,6 @@
Section "InputClass"
Identifier "touchpad"
Driver "libinput"
MatchIsTouchpad "on"
Option "Tapping" "on"
EndSection

28
config/automatrop/roles/system/handlers/main.yaml

@ -0,0 +1,28 @@
- name: Create a etckeeper commit
command: "etckeeper commit 'automatrop {{ ansible_date_time.iso8601 }}'"
listen: "etc changed"
become: yes
- name: Restart chrony
systemd:
name: chronyd
state: restarted
listen: chrony reconfigured
become: yes
- name: Reload systemd daemon
systemd:
daemon_reload: yes
listen: systemd changed
become: yes
- name: Restart wpa_supplicant
systemd:
name: "wpa_supplicant@{{ item }}"
state: restarted
become: yes
loop: "{{ ansible_interfaces }}"
when: "item.startswith('wl')"
listen: wpa_supplicant changed
# Could probably use something better like
# listing /sys/class/ieee80211/*/device/net/

336
config/automatrop/roles/system/tasks/main.yml

@ -0,0 +1,336 @@
# TODO For other distributions
- name: Set variables
set_fact:
arch_based: "{{ ansible_distribution == 'Archlinux' }}"
# arch: "{{ ansible_lsb.id == 'Arch' }}"
# manjaro: "{{ ansible_lsb.id == 'Manjaro' or ansible_lsb.id == 'Manjaro-ARM' }}"
# termux: "{{ ansible_distribution == 'OtherLinux' and ansible_python.executable == '/data/data/com.termux/files/usr/bin/python' }}"
# debian_based: "{{ ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu' }}"
# debian: "{{ ansible_distribution == 'Debian' }}"
# ubuntu: "{{ ansible_distribution == 'Ubuntu' }}"
# Etckeeper
- name: Install etckeeper (Arch based)
pacman:
name: etckeeper
state: present
become: yes
when: arch_based
- name: Check if etckeeper is initialized
stat:
path: /etc/.git
register: etckeeper
become: yes
- name: Initialize etckeeper
command: "etckeeper init"
become: yes
when: not etckeeper.stat.exists
changed_when: yes
- name: Configure git user.name for etckeeper
git_config:
scope: local
repo: /etc
name: "{{ item.name }}"
value: "{{ item.value }}"
loop:
- name: "user.name"
value: "etckeeper on {{ inventory_hostname_short }}"
- name: "user.email"
value: "etckeeper@{{ inventory_hostname }}"
become: yes
# Arch configuration
- name: Install ccache
pacman:
name: ccache
state: present
become: yes
when: arch_based
- name: Enable makepkg ccache
replace:
path: /etc/makepkg.conf
regexp: '^BUILDENV=(.+)!ccache(.+)$'
replace: 'BUILDENV=\1ccache\2'
become: yes
when: arch_based
- name: Set makepkg MAKEFLAGS
replace:
path: /etc/makepkg.conf
regexp: '^#? *MAKEFLAGS=(.+)-j[0-9]+(.+)$'
replace: "MAKEFLAGS=\\1-j{{ j }}\\2"
become: yes
vars:
j: "{{ [ansible_processor_nproc - 1, 1] | max | int }}"
when: arch_based
- name: Enable makepkg color
replace:
path: /etc/makepkg.conf
regexp: '^BUILDENV=(.+)!color(.+)$'
replace: 'BUILDENV=\1color\2'
become: yes
when: arch_based
- name: Enable pacman colors
lineinfile:
path: /etc/pacman.conf
regexp: "^#?Color"
line: "Color"
become: yes
when: arch_based
- name: Enable pacman pacman
lineinfile:
path: /etc/pacman.conf
regexp: "^#?ILoveCandy"
line: "ILoveCandy"
insertafter: "^#?Color"
become: yes
when: arch_based
# Manjaro configuration
- name: Remove Manjaro's pamac
pacman:
name: pamac
state: absent
become: yes
when: arch_based and False # I'm trying to remember why I usually delete this thing
# Xorg configuration
- name: Check if there is nvidia-xrun is installed
stat:
path: /etc/X11/nvidia-xorg.conf
register: nvidia_xrun
when: display_manager == 'x11'
- name: Add nvidia-xrun xorg config directory
set_fact:
xorg_common_config_dirs: "{{ xorg_default_config_dirs + xorg_nvidia_config_dirs }}"
vars:
xorg_default_config_dirs:
- /etc/X11/xorg.conf.d
xorg_nvidia_config_dirs: "{{ ['/etc/X11/nvidia-xorg.conf.d'] if nvidia_xrun.stat.exists else [] }}"
when: display_manager == 'x11'
- name: Configure Xorg keyboard layout
copy:
src: xorg/keyboard.conf
dest: "{{ item }}/00-keyboard.conf"
become: yes
when: display_manager == 'x11'
notify: etc changed
loop: "{{ xorg_common_config_dirs }}"
- name: Check if there is Intel backlight
stat:
path: /sys/class/backlight/intel_backlight
register: intel_backlight
when: display_manager == 'x11'
- name: Install Intel video drivers (Arch based)
pacman:
name: xf86-video-intel
# state: "{{ intel_backlight.stat.exists }}"
state: present
become: yes
when: display_manager == 'x11' and intel_backlight.stat.exists and arch_based
- name: Configure Xorg Intel backlight
copy:
src: xorg/intel_backlight.conf
dest: "{{ item }}/20-intel_backlight.conf"
become: yes
when: display_manager == 'x11' and intel_backlight.stat.exists
notify: etc changed
loop: "{{ xorg_common_config_dirs }}"
- name: Configure Xorg touchpad behaviour
copy:
src: xorg/touchpad.conf
dest: "{{ item }}/30-touchpad.conf"
become: yes
when: display_manager == 'x11'
notify: etc changed
loop: "{{ xorg_common_config_dirs }}"
- name: Configure Xorg joystick behaviour
copy:
src: xorg/joystick.conf
dest: "{{ item }}/50-joystick.conf"
become: yes
when: display_manager == 'x11'
notify: etc changed
loop: "{{ xorg_common_config_dirs }}"
# Numlock on boot
- name: set numlock on boot
copy:
src: getty.service
dest: /etc/systemd/system/getty@.service.d/override.conf
become: yes
notify:
- etc changed
- systemd changed
when: auto_numlock
- name: Unset numlock on boot
file:
path: /etc/systemd/system/getty@.service.d/override.conf
state: absent
become: yes
notify:
- etc changed
- systemd changed
when: not auto_numlock
# TLP configuration
- name: Install TLP (Arch based)
pacman:
name: tlp
state: present
when: arch_based
become: yes
- name: Start/enable TLP
systemd:
name: tlp
state: started
enabled: yes
become: yes
notify: etc changed
# Network configuration
- name: Uninstall networkmanager
pacman:
name: networkmanager
state: absent
when: arch_based
become: yes
- name: Install dhcpcd (Arch based)
pacman:
name: dhcpcd
state: present
when: arch_based
become: yes
- name: Start/enable dhcpcd
systemd:
name: dhcpcd
state: started
enabled: yes
become: yes
notify: etc changed
- name: Install wpa_supplicant (Arch based)
pacman:
name: wpa_supplicant
state: present
when: arch_based
become: yes
- name: Configure wpa_supplicant
template:
src: wpa_supplicant.conf.j2
dest: /etc/wpa_supplicant/wpa_supplicant.conf
notify:
- etc changed
- wpa_supplicant changed
become: yes
tags:
- wificonf
- name: Prepare directory for wpa_supplicant service override
file:
path: /etc/systemd/system/wpa_supplicant@.service.d
state: directory
mode: "u=rwx,g=rx,o=rx"
become: yes
- name: Make wpa_supplicant use a common configuration file
copy:
src: wpa_supplicant.service
dest: /etc/systemd/system/wpa_supplicant@.service.d/override.conf
register: wpa_supplicant_systemd
become: yes
notify:
- etc changed
- name: Start/enable wpa_supplicant
systemd:
name: "wpa_supplicant@{{ item }}"
state: started
enabled: yes
# Can't wait for handlers reload systemd daemon,
# but flushing is a bit much, so:
daemon_reload: "{{ wpa_supplicant_systemd.changed }}"
become: yes
notify: etc changed
loop: "{{ ansible_interfaces }}"
when: "item.startswith('wl')"
# Could probably use something better like
# listing /sys/class/ieee80211/*/device/net/
# Time synchronisation
- name: Mask systemd-timesyncd
systemd:
name: systemd-timesyncd
state: stopped
enabled: no
masked: yes
become: yes
notify: etc changed
when: arch_based
- name: Install chrony
pacman:
name: chrony
state: present
when: arch_based
become: yes
- name: Configure chrony
copy:
src: chrony.conf
dest: /etc/chrony.conf
become: yes
notify:
- etc changed
- "chrony reconfigured"
- name: Enable chronyd
systemd:
name: chronyd
enabled: yes
become: yes
notify:
- etc changed
- "chrony reconfigured"
- name: Configure dhcpcd chrony hook
copy:
src: dhcpcd.exit-hook
dest: /etc/dhcpcd.exit-hook
become: yes
notify: etc changed
# TODO Hibernation, if that's relevant
# $ sudo blkid | grep 'TYPE="swap"'
# $ sudoedit /etc/default/grub
# Add resume=UUID=<UUID-of-swap-partition> to GRUB_CMDLINE_LINUX_DEFAULT
# $ sudo grub-mkconfig -o /boot/grub/grub.cfg

90
config/automatrop/roles/system/templates/wpa_supplicant.conf.j2

@ -0,0 +1,90 @@
# Giving configuration update rights to wpa_cli
ctrl_interface=/run/wpa_supplicant
ctrl_interface_group=wheel
update_config=1
# AP scanning
ap_scan=1
# ISO/IEC alpha2 country code in which the device is operating
country=NL
{% set password_store_path = lookup('env', 'PASSWORD_STORE_DIR') or ansible_user_dir + '/.password-store/' %}
{% set wifi_pass_paths = query('fileglob', password_store_path + 'wifi/*.gpg') %}
{% set names = wifi_pass_paths | map('regex_replace', '^.+/wifi/(.+).gpg$', '\\1') | sort%}
{% for name in names %}
{#
community.general.passwordstore doesn't support path with spaces in it,
so we're using a `ssid` attribute, which default to the names for SSIDs without space.
#}
{% set suffixes = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=suffixes') or [''] %}
{% set ssid = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=ssid') or name %}
{% set type = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=type') or 'wpa' %}
{% set pass = lookup('community.general.passwordstore', 'wifi/' + name) %}
# {{ name }}
{% for suffix in suffixes %}
network={
ssid="{{ ssid }}{{ suffix }}"
{% if type == 'wpa' %}
psk="{{ pass }}"
{% elif type == 'wep' %}
key_mgmt=NONE
wep_key0={{ pass }}
{% elif type == 'open' %}
key_mgmt=NONE
{% else %}
# Error, unknown type: {{ type }}
{% endif %}
}
{% endfor %}
{% endfor %}
{# REFERENCES
# WPA
network={
ssid="WPA_SSID"
psk="XXXXXXXXXXXXXXXXXXXXXXXXXX"
}
# WEP
network={
ssid="WEP_SSID"
key_mgmt=NONE
wep_key0=FFFFFFFFFFFFFFFFFFFFFFFFFF
}
# Open
network={
ssid="OPEN_SSID"
key_mgmt=NONE
}
# eduroam password
network={
ssid="eduroam"
key_mgmt=WPA-EAP
eap=PEAP
identity="id@univ.tld"
password="hunter2"
}
# eduroam certificate
network={
ssid="eduroam"
key_mgmt=WPA-EAP
# pairwise=CCMP
pairwise=CCMP TKIP
group=CCMP TKIP
eap=TLS
ca_cert="/path/to/ca.pem"
identity="id@univ.tld"
domain_suffix_match="wifi.univ.tld"
client_cert="/path/to/cert.pem"
private_key="/path/to/key.pem"
private_key_passwd="hunter2"
phase2="auth="
#anonymous_identity=""
}
#}

2
config/scripts/install-arch

@ -1,5 +1,7 @@
#!/usr/bin/env bash
# DEPRECATED
# Git for /etc
sudo pacman -S etckeeper --needed
(cd /etc/; sudo git config user.name "etckeeper on $(cat /etc/hostname)"; sudo git config user.email "etckeeper@$(cat /etc/hostname)")

Loading…
Cancel
Save