Replaced install-arch with something Ansible!

config/automatrop/group_vars/all

@@ -15,3 +15,9 @@ software_full: no
 # Which additional software to install
 software_snippets: []
 
+# If the computer has a battery and we want to use it
+has_battery: no
+
+# Activate numlock by default
+auto_numlock: no
+

config/automatrop/host_vars/curacao.geoffrey.frogeye.fr

@@ -7,3 +7,5 @@ dev_stuffs:
   - ansible
   - docker
 software_full: yes
+has_battery: yes
+auto_numlock: yes

config/automatrop/host_vars/pindakaas.geoffrey.frogeye.fr

@@ -4,3 +4,4 @@ dev_stuffs:
   - shell
   - network
   - ansible
+has_battery: yes

config/automatrop/playbooks/default.yml

@@ -3,8 +3,12 @@
   roles:
     - role: access
       tags: access
+      when: root_access
     - role: software
       tags: software
+    - role: system
+      tags: system
+      when: root_access
     - role: dotfiles
       tags: dotfiles
     - role: mnussbaum.base16-builder-ansible # Required for color

config/automatrop/roles/dotfiles/tasks/main.yml

@@ -4,6 +4,6 @@
     dest: "{{ ansible_user_dir }}/.dotfiles"
   notify: install dotfiles
 
-# - name: Install python dependencies for scripts
-#   pip:
-#     requirements: "{{ ansible_user_dir }}/.dotfiles/config/scripts/requirements.txt"
+- name: Install python dependencies for scripts
+  pip:
+    requirements: "{{ ansible_user_dir }}/.dotfiles/config/scripts/requirements.txt"

config/automatrop/roles/software/tasks/main.yml

@@ -115,5 +115,6 @@
     # be removed by dependency check.
     # Current packages will be kept by the meta package
     use: yay
+  notify: "software changed"
   tags: softwarelist
   when: arch_based and root_access

config/automatrop/roles/software/templates/snippets/pm_desktop_environment.j2

@@ -1,7 +1,9 @@
+{# Essential #}
 firefox
+qutebrowser
+{# Sound #}
 pulseaudio
 pacmixer
-zbar
 {% if arch_based %}
 ttf-dejavu
 ttf-twemoji
@@ -13,6 +15,7 @@ thunar
 gedit
 feh
 zathura
+zbar
 {% if arch_based %}
 zathura-pdf-mupdf
 {% elif debian_based %}

config/automatrop/roles/software/templates/snippets/pm_dotfiles_dependencies.j2

@@ -19,4 +19,5 @@ ansible
 unzip
 unrar
 p7zip
+{{ python_prefix }}-pystache
 {# EOF #}

config/automatrop/roles/software/templates/snippets/pm_local_monitoring.j2

@@ -19,3 +19,6 @@ speedtest-cli
 {% if arch_based %}
 pacman-contrib
 {% endif %}
+{% if has_battery %}
+powertop
+{% endif %}

config/automatrop/roles/system/files/chrony.conf

@@ -0,0 +1,7 @@
+server 0.europe.pool.ntp.org offline
+server 1.europe.pool.ntp.org offline
+server 2.europe.pool.ntp.org offline
+server 3.europe.pool.ntp.org offline
+driftfile /etc/chrony.drift
+rtconutc
+rtcsync

config/automatrop/roles/system/files/dhcpcd.exit-hook

@@ -0,0 +1,5 @@
+if $if_up; then
+	chronyc online
+elif $if_down; then
+	chronyc offline
+fi

config/automatrop/roles/system/files/getty.service

@@ -0,0 +1,2 @@
+[Service]
+ExecStartPre=/bin/sh -c 'setleds +num < /dev/%I'

config/automatrop/roles/system/files/wpa_supplicant.service

@@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=/usr/bin/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant.conf -i%I

config/automatrop/roles/system/files/xorg/intel_backlight.conf

@@ -0,0 +1,5 @@
+Section "Device"
+    Identifier  "Intel Graphics" 
+    Driver      "intel"
+    Option      "Backlight"  "intel_backlight"
+EndSection

config/automatrop/roles/system/files/xorg/joystick.conf

@@ -0,0 +1,8 @@
+Section "InputClass"
+        Identifier "joystick catchall"
+        MatchIsJoystick "on"
+        MatchDevicePath "/dev/input/event*"
+        Driver "joystick"
+        Option "StartKeysEnabled" "False"       #Disable mouse
+        Option "StartMouseEnabled" "False"      #support
+EndSection

config/automatrop/roles/system/files/xorg/keyboard.conf

@@ -0,0 +1,7 @@
+Section "InputClass"
+        Identifier "system-keyboard"
+        MatchIsKeyboard "on"
+        Option "XkbLayout" "us_qwerty-fr"
+        #Option "XkbModel" "pc105+inet"
+        Option "XkbOptions" "terminate:ctrl_alt_bksp"
+EndSection

config/automatrop/roles/system/files/xorg/touchpad.conf

@@ -0,0 +1,6 @@
+Section "InputClass"
+    Identifier "touchpad"
+    Driver "libinput"
+    MatchIsTouchpad "on"
+    Option "Tapping" "on"
+EndSection

config/automatrop/roles/system/handlers/main.yaml

@@ -0,0 +1,28 @@
+- name: Create a etckeeper commit
+  command: "etckeeper commit 'automatrop {{ ansible_date_time.iso8601 }}'"
+  listen: "etc changed"
+  become: yes
+
+- name: Restart chrony
+  systemd:
+    name: chronyd
+    state: restarted
+  listen: chrony reconfigured
+  become: yes
+
+- name: Reload systemd daemon
+  systemd:
+    daemon_reload: yes
+  listen: systemd changed
+  become: yes
+
+- name: Restart wpa_supplicant
+  systemd:
+    name: "wpa_supplicant@{{ item }}"
+    state: restarted
+  become: yes
+  loop: "{{ ansible_interfaces }}"
+  when: "item.startswith('wl')"
+  listen: wpa_supplicant changed
+# Could probably use something better like
+# listing /sys/class/ieee80211/*/device/net/

config/automatrop/roles/system/tasks/main.yml

@@ -0,0 +1,336 @@
+# TODO For other distributions
+
+- name: Set variables
+  set_fact:
+    arch_based: "{{ ansible_distribution == 'Archlinux' }}"
+    # arch: "{{ ansible_lsb.id == 'Arch' }}"
+    # manjaro: "{{ ansible_lsb.id == 'Manjaro' or ansible_lsb.id == 'Manjaro-ARM' }}"
+    # termux: "{{ ansible_distribution == 'OtherLinux' and ansible_python.executable == '/data/data/com.termux/files/usr/bin/python' }}"
+    # debian_based: "{{ ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu' }}"
+    # debian: "{{ ansible_distribution == 'Debian' }}"
+    # ubuntu: "{{ ansible_distribution == 'Ubuntu' }}"
+
+# Etckeeper
+
+- name: Install etckeeper (Arch based)
+  pacman:
+    name: etckeeper
+    state: present
+  become: yes
+  when: arch_based
+
+- name: Check if etckeeper is initialized
+  stat:
+    path: /etc/.git
+  register: etckeeper
+  become: yes
+
+- name: Initialize etckeeper
+  command: "etckeeper init"
+  become: yes
+  when: not etckeeper.stat.exists
+  changed_when: yes
+
+- name: Configure git user.name for etckeeper
+  git_config:
+    scope: local
+    repo: /etc
+    name: "{{ item.name }}"
+    value: "{{ item.value }}"
+  loop:
+    - name: "user.name"
+      value: "etckeeper on {{ inventory_hostname_short }}"
+    - name: "user.email"
+      value: "etckeeper@{{ inventory_hostname }}"
+  become: yes
+
+# Arch configuration
+
+- name: Install ccache
+  pacman:
+    name: ccache
+    state: present
+  become: yes
+  when: arch_based
+
+- name: Enable makepkg ccache
+  replace:
+    path: /etc/makepkg.conf
+    regexp: '^BUILDENV=(.+)!ccache(.+)$'
+    replace: 'BUILDENV=\1ccache\2'
+  become: yes
+  when: arch_based
+
+- name: Set makepkg MAKEFLAGS
+  replace:
+    path: /etc/makepkg.conf
+    regexp: '^#? *MAKEFLAGS=(.+)-j[0-9]+(.+)$'
+    replace: "MAKEFLAGS=\\1-j{{ j }}\\2"
+  become: yes
+  vars:
+    j: "{{ [ansible_processor_nproc - 1, 1] | max | int }}"
+  when: arch_based
+
+- name: Enable makepkg color
+  replace:
+    path: /etc/makepkg.conf
+    regexp: '^BUILDENV=(.+)!color(.+)$'
+    replace: 'BUILDENV=\1color\2'
+  become: yes
+  when: arch_based
+
+- name: Enable pacman colors
+  lineinfile:
+    path: /etc/pacman.conf
+    regexp: "^#?Color"
+    line: "Color"
+  become: yes
+  when: arch_based
+
+- name: Enable pacman pacman
+  lineinfile:
+    path: /etc/pacman.conf
+    regexp: "^#?ILoveCandy"
+    line: "ILoveCandy"
+    insertafter: "^#?Color"
+  become: yes
+  when: arch_based
+
+# Manjaro configuration
+
+- name: Remove Manjaro's pamac
+  pacman:
+    name: pamac
+    state: absent
+  become: yes
+  when: arch_based and False # I'm trying to remember why I usually delete this thing
+
+# Xorg configuration
+
+- name: Check if there is nvidia-xrun is installed
+  stat:
+    path: /etc/X11/nvidia-xorg.conf
+  register: nvidia_xrun
+  when: display_manager == 'x11'
+
+- name: Add nvidia-xrun xorg config directory
+  set_fact:
+    xorg_common_config_dirs: "{{ xorg_default_config_dirs + xorg_nvidia_config_dirs }}"
+  vars:
+    xorg_default_config_dirs:
+      - /etc/X11/xorg.conf.d
+    xorg_nvidia_config_dirs: "{{ ['/etc/X11/nvidia-xorg.conf.d'] if nvidia_xrun.stat.exists else [] }}"
+  when: display_manager == 'x11'
+
+- name: Configure Xorg keyboard layout
+  copy:
+    src: xorg/keyboard.conf
+    dest: "{{ item }}/00-keyboard.conf"
+  become: yes
+  when: display_manager == 'x11'
+  notify: etc changed
+  loop: "{{ xorg_common_config_dirs }}"
+
+- name: Check if there is Intel backlight
+  stat:
+    path: /sys/class/backlight/intel_backlight
+  register: intel_backlight
+  when: display_manager == 'x11'
+
+- name: Install Intel video drivers (Arch based)
+  pacman:
+    name: xf86-video-intel
+    # state: "{{ intel_backlight.stat.exists }}"
+    state: present
+  become: yes
+  when: display_manager == 'x11' and intel_backlight.stat.exists and arch_based
+
+- name: Configure Xorg Intel backlight
+  copy:
+    src: xorg/intel_backlight.conf
+    dest: "{{ item }}/20-intel_backlight.conf"
+  become: yes
+  when: display_manager == 'x11' and intel_backlight.stat.exists
+  notify: etc changed
+  loop: "{{ xorg_common_config_dirs }}"
+
+- name: Configure Xorg touchpad behaviour
+  copy:
+    src: xorg/touchpad.conf
+    dest: "{{ item }}/30-touchpad.conf"
+  become: yes
+  when: display_manager == 'x11'
+  notify: etc changed
+  loop: "{{ xorg_common_config_dirs }}"
+
+- name: Configure Xorg joystick behaviour
+  copy:
+    src: xorg/joystick.conf
+    dest: "{{ item }}/50-joystick.conf"
+  become: yes
+  when: display_manager == 'x11'
+  notify: etc changed
+  loop: "{{ xorg_common_config_dirs }}"
+
+# Numlock on boot
+
+- name: set numlock on boot
+  copy:
+    src: getty.service
+    dest: /etc/systemd/system/getty@.service.d/override.conf
+  become: yes
+  notify:
+    - etc changed
+    - systemd changed
+  when: auto_numlock
+
+- name: Unset numlock on boot
+  file:
+    path: /etc/systemd/system/getty@.service.d/override.conf
+    state: absent
+  become: yes
+  notify:
+    - etc changed
+    - systemd changed
+  when: not auto_numlock
+
+# TLP configuration
+
+- name: Install TLP (Arch based)
+  pacman:
+    name: tlp
+    state: present
+  when: arch_based
+  become: yes
+
+- name: Start/enable TLP
+  systemd:
+    name: tlp
+    state: started
+    enabled: yes
+  become: yes
+  notify: etc changed
+
+# Network configuration
+
+- name: Uninstall networkmanager
+  pacman:
+    name: networkmanager
+    state: absent
+  when: arch_based
+  become: yes
+
+- name: Install dhcpcd (Arch based)
+  pacman:
+    name: dhcpcd
+    state: present
+  when: arch_based
+  become: yes
+
+- name: Start/enable dhcpcd
+  systemd:
+    name: dhcpcd
+    state: started
+    enabled: yes
+  become: yes
+  notify: etc changed
+
+- name: Install wpa_supplicant (Arch based)
+  pacman:
+    name: wpa_supplicant
+    state: present
+  when: arch_based
+  become: yes
+
+- name: Configure wpa_supplicant
+  template:
+    src: wpa_supplicant.conf.j2
+    dest: /etc/wpa_supplicant/wpa_supplicant.conf
+  notify:
+    - etc changed
+    - wpa_supplicant changed
+  become: yes
+  tags:
+    - wificonf
+
+- name: Prepare directory for wpa_supplicant service override
+  file:
+    path: /etc/systemd/system/wpa_supplicant@.service.d
+    state: directory
+    mode: "u=rwx,g=rx,o=rx"
+  become: yes
+
+- name: Make wpa_supplicant use a common configuration file
+  copy:
+    src: wpa_supplicant.service
+    dest: /etc/systemd/system/wpa_supplicant@.service.d/override.conf
+  register: wpa_supplicant_systemd
+  become: yes
+  notify:
+    - etc changed
+
+- name: Start/enable wpa_supplicant
+  systemd:
+    name: "wpa_supplicant@{{ item }}"
+    state: started
+    enabled: yes
+    # Can't wait for handlers reload systemd daemon,
+    # but flushing is a bit much, so:
+    daemon_reload: "{{ wpa_supplicant_systemd.changed }}"
+  become: yes
+  notify: etc changed
+  loop: "{{ ansible_interfaces }}"
+  when: "item.startswith('wl')"
+# Could probably use something better like
+# listing /sys/class/ieee80211/*/device/net/
+
+
+# Time synchronisation
+
+- name: Mask systemd-timesyncd
+  systemd:
+    name: systemd-timesyncd
+    state: stopped
+    enabled: no
+    masked: yes
+  become: yes
+  notify: etc changed
+  when: arch_based
+
+- name: Install chrony
+  pacman:
+    name: chrony
+    state: present
+  when: arch_based
+  become: yes
+
+- name: Configure chrony
+  copy:
+    src: chrony.conf
+    dest: /etc/chrony.conf
+  become: yes
+  notify:
+    - etc changed
+    - "chrony reconfigured"
+
+- name: Enable chronyd
+  systemd:
+    name: chronyd
+    enabled: yes
+  become: yes
+  notify:
+    - etc changed
+    - "chrony reconfigured"
+
+- name: Configure dhcpcd chrony hook
+  copy:
+    src: dhcpcd.exit-hook
+    dest: /etc/dhcpcd.exit-hook
+  become: yes
+  notify: etc changed
+
+# TODO Hibernation, if that's relevant
+# $ sudo blkid | grep 'TYPE="swap"'
+# $ sudoedit /etc/default/grub
+# Add resume=UUID=<UUID-of-swap-partition> to GRUB_CMDLINE_LINUX_DEFAULT
+# $ sudo grub-mkconfig -o /boot/grub/grub.cfg

config/automatrop/roles/system/templates/wpa_supplicant.conf.j2

@@ -0,0 +1,90 @@
+# Giving configuration update rights to wpa_cli
+ctrl_interface=/run/wpa_supplicant
+ctrl_interface_group=wheel
+update_config=1
+
+# AP scanning
+ap_scan=1
+
+# ISO/IEC alpha2 country code in which the device is operating
+country=NL
+
+{% set password_store_path = lookup('env', 'PASSWORD_STORE_DIR') or ansible_user_dir + '/.password-store/' %}
+{% set wifi_pass_paths = query('fileglob', password_store_path + 'wifi/*.gpg') %}
+{% set names = wifi_pass_paths | map('regex_replace', '^.+/wifi/(.+).gpg$', '\\1') | sort%}
+{% for name in names %}
+{#
+community.general.passwordstore doesn't support path with spaces in it,
+so we're using a `ssid` attribute, which default to the names for SSIDs without space.
+#}
+{% set suffixes = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=suffixes') or [''] %}
+{% set ssid = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=ssid') or name %}
+{% set type = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=type') or 'wpa' %}
+{% set pass = lookup('community.general.passwordstore', 'wifi/' + name) %}
+# {{ name }}
+{% for suffix in suffixes %}
+network={
+    ssid="{{ ssid }}{{ suffix }}"
+{% if type == 'wpa' %}
+    psk="{{ pass }}"
+{% elif type == 'wep' %}
+    key_mgmt=NONE
+    wep_key0={{ pass }}
+{% elif type == 'open' %}
+    key_mgmt=NONE
+{% else %}
+    # Error, unknown type: {{ type }}
+{% endif %}
+}
+{% endfor %}
+
+{% endfor %}
+{# REFERENCES
+
+# WPA
+network={
+    ssid="WPA_SSID"
+    psk="XXXXXXXXXXXXXXXXXXXXXXXXXX"
+}
+
+# WEP
+network={
+    ssid="WEP_SSID"
+    key_mgmt=NONE
+    wep_key0=FFFFFFFFFFFFFFFFFFFFFFFFFF
+}
+
+# Open
+network={
+    ssid="OPEN_SSID"
+    key_mgmt=NONE
+}
+
+# eduroam password
+network={
+    ssid="eduroam"
+    key_mgmt=WPA-EAP
+    eap=PEAP
+    identity="id@univ.tld"
+    password="hunter2"
+}
+
+# eduroam certificate
+network={
+    ssid="eduroam"
+    key_mgmt=WPA-EAP
+    # pairwise=CCMP
+    pairwise=CCMP TKIP
+    group=CCMP TKIP
+    eap=TLS
+    ca_cert="/path/to/ca.pem"
+    identity="id@univ.tld"
+    domain_suffix_match="wifi.univ.tld"
+    client_cert="/path/to/cert.pem"
+    private_key="/path/to/key.pem"
+    private_key_passwd="hunter2"
+    phase2="auth="
+    #anonymous_identity=""
+}
+
+#}

config/scripts/install-arch

@@ -1,5 +1,7 @@
 #!/usr/bin/env bash
 
+# DEPRECATED
+
 # Git for /etc
 sudo pacman -S etckeeper --needed
 (cd /etc/; sudo git config user.name "etckeeper on $(cat /etc/hostname)"; sudo git config user.email "etckeeper@$(cat /etc/hostname)")