Replaced install-arch with something Ansible!
This commit is contained in:
		
							parent
							
								
									a883596cf0
								
							
						
					
					
						commit
						1a8502002a
					
				
					 21 changed files with 524 additions and 4 deletions
				
			
		
							
								
								
									
										7
									
								
								config/automatrop/roles/system/files/chrony.conf
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								config/automatrop/roles/system/files/chrony.conf
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,7 @@ | |||
| server 0.europe.pool.ntp.org offline | ||||
| server 1.europe.pool.ntp.org offline | ||||
| server 2.europe.pool.ntp.org offline | ||||
| server 3.europe.pool.ntp.org offline | ||||
| driftfile /etc/chrony.drift | ||||
| rtconutc | ||||
| rtcsync | ||||
							
								
								
									
										5
									
								
								config/automatrop/roles/system/files/dhcpcd.exit-hook
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								config/automatrop/roles/system/files/dhcpcd.exit-hook
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,5 @@ | |||
| if $if_up; then | ||||
| 	chronyc online | ||||
| elif $if_down; then | ||||
| 	chronyc offline | ||||
| fi | ||||
							
								
								
									
										2
									
								
								config/automatrop/roles/system/files/getty.service
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										2
									
								
								config/automatrop/roles/system/files/getty.service
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,2 @@ | |||
| [Service] | ||||
| ExecStartPre=/bin/sh -c 'setleds +num < /dev/%I' | ||||
|  | @ -0,0 +1,3 @@ | |||
| [Service] | ||||
| ExecStart= | ||||
| ExecStart=/usr/bin/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant.conf -i%I | ||||
|  | @ -0,0 +1,5 @@ | |||
| Section "Device" | ||||
|     Identifier  "Intel Graphics"  | ||||
|     Driver      "intel" | ||||
|     Option      "Backlight"  "intel_backlight" | ||||
| EndSection | ||||
							
								
								
									
										8
									
								
								config/automatrop/roles/system/files/xorg/joystick.conf
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								config/automatrop/roles/system/files/xorg/joystick.conf
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,8 @@ | |||
| Section "InputClass" | ||||
|         Identifier "joystick catchall" | ||||
|         MatchIsJoystick "on" | ||||
|         MatchDevicePath "/dev/input/event*" | ||||
|         Driver "joystick" | ||||
|         Option "StartKeysEnabled" "False"       #Disable mouse | ||||
|         Option "StartMouseEnabled" "False"      #support | ||||
| EndSection | ||||
							
								
								
									
										7
									
								
								config/automatrop/roles/system/files/xorg/keyboard.conf
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								config/automatrop/roles/system/files/xorg/keyboard.conf
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,7 @@ | |||
| Section "InputClass" | ||||
|         Identifier "system-keyboard" | ||||
|         MatchIsKeyboard "on" | ||||
|         Option "XkbLayout" "us_qwerty-fr" | ||||
|         #Option "XkbModel" "pc105+inet" | ||||
|         Option "XkbOptions" "terminate:ctrl_alt_bksp" | ||||
| EndSection | ||||
							
								
								
									
										6
									
								
								config/automatrop/roles/system/files/xorg/touchpad.conf
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										6
									
								
								config/automatrop/roles/system/files/xorg/touchpad.conf
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,6 @@ | |||
| Section "InputClass" | ||||
|     Identifier "touchpad" | ||||
|     Driver "libinput" | ||||
|     MatchIsTouchpad "on" | ||||
|     Option "Tapping" "on" | ||||
| EndSection | ||||
							
								
								
									
										28
									
								
								config/automatrop/roles/system/handlers/main.yaml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										28
									
								
								config/automatrop/roles/system/handlers/main.yaml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,28 @@ | |||
| - name: Create a etckeeper commit | ||||
|   command: "etckeeper commit 'automatrop {{ ansible_date_time.iso8601 }}'" | ||||
|   listen: "etc changed" | ||||
|   become: yes | ||||
| 
 | ||||
| - name: Restart chrony | ||||
|   systemd: | ||||
|     name: chronyd | ||||
|     state: restarted | ||||
|   listen: chrony reconfigured | ||||
|   become: yes | ||||
| 
 | ||||
| - name: Reload systemd daemon | ||||
|   systemd: | ||||
|     daemon_reload: yes | ||||
|   listen: systemd changed | ||||
|   become: yes | ||||
| 
 | ||||
| - name: Restart wpa_supplicant | ||||
|   systemd: | ||||
|     name: "wpa_supplicant@{{ item }}" | ||||
|     state: restarted | ||||
|   become: yes | ||||
|   loop: "{{ ansible_interfaces }}" | ||||
|   when: "item.startswith('wl')" | ||||
|   listen: wpa_supplicant changed | ||||
| # Could probably use something better like | ||||
| # listing /sys/class/ieee80211/*/device/net/ | ||||
							
								
								
									
										336
									
								
								config/automatrop/roles/system/tasks/main.yml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										336
									
								
								config/automatrop/roles/system/tasks/main.yml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,336 @@ | |||
| # TODO For other distributions | ||||
| 
 | ||||
| - name: Set variables | ||||
|   set_fact: | ||||
|     arch_based: "{{ ansible_distribution == 'Archlinux' }}" | ||||
|     # arch: "{{ ansible_lsb.id == 'Arch' }}" | ||||
|     # manjaro: "{{ ansible_lsb.id == 'Manjaro' or ansible_lsb.id == 'Manjaro-ARM' }}" | ||||
|     # termux: "{{ ansible_distribution == 'OtherLinux' and ansible_python.executable == '/data/data/com.termux/files/usr/bin/python' }}" | ||||
|     # debian_based: "{{ ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu' }}" | ||||
|     # debian: "{{ ansible_distribution == 'Debian' }}" | ||||
|     # ubuntu: "{{ ansible_distribution == 'Ubuntu' }}" | ||||
| 
 | ||||
| # Etckeeper | ||||
| 
 | ||||
| - name: Install etckeeper (Arch based) | ||||
|   pacman: | ||||
|     name: etckeeper | ||||
|     state: present | ||||
|   become: yes | ||||
|   when: arch_based | ||||
| 
 | ||||
| - name: Check if etckeeper is initialized | ||||
|   stat: | ||||
|     path: /etc/.git | ||||
|   register: etckeeper | ||||
|   become: yes | ||||
| 
 | ||||
| - name: Initialize etckeeper | ||||
|   command: "etckeeper init" | ||||
|   become: yes | ||||
|   when: not etckeeper.stat.exists | ||||
|   changed_when: yes | ||||
| 
 | ||||
| - name: Configure git user.name for etckeeper | ||||
|   git_config: | ||||
|     scope: local | ||||
|     repo: /etc | ||||
|     name: "{{ item.name }}" | ||||
|     value: "{{ item.value }}" | ||||
|   loop: | ||||
|     - name: "user.name" | ||||
|       value: "etckeeper on {{ inventory_hostname_short }}" | ||||
|     - name: "user.email" | ||||
|       value: "etckeeper@{{ inventory_hostname }}" | ||||
|   become: yes | ||||
| 
 | ||||
| # Arch configuration | ||||
| 
 | ||||
| - name: Install ccache | ||||
|   pacman: | ||||
|     name: ccache | ||||
|     state: present | ||||
|   become: yes | ||||
|   when: arch_based | ||||
| 
 | ||||
| - name: Enable makepkg ccache | ||||
|   replace: | ||||
|     path: /etc/makepkg.conf | ||||
|     regexp: '^BUILDENV=(.+)!ccache(.+)$' | ||||
|     replace: 'BUILDENV=\1ccache\2' | ||||
|   become: yes | ||||
|   when: arch_based | ||||
| 
 | ||||
| - name: Set makepkg MAKEFLAGS | ||||
|   replace: | ||||
|     path: /etc/makepkg.conf | ||||
|     regexp: '^#? *MAKEFLAGS=(.+)-j[0-9]+(.+)$' | ||||
|     replace: "MAKEFLAGS=\\1-j{{ j }}\\2" | ||||
|   become: yes | ||||
|   vars: | ||||
|     j: "{{ [ansible_processor_nproc - 1, 1] | max | int }}" | ||||
|   when: arch_based | ||||
| 
 | ||||
| - name: Enable makepkg color | ||||
|   replace: | ||||
|     path: /etc/makepkg.conf | ||||
|     regexp: '^BUILDENV=(.+)!color(.+)$' | ||||
|     replace: 'BUILDENV=\1color\2' | ||||
|   become: yes | ||||
|   when: arch_based | ||||
| 
 | ||||
| - name: Enable pacman colors | ||||
|   lineinfile: | ||||
|     path: /etc/pacman.conf | ||||
|     regexp: "^#?Color" | ||||
|     line: "Color" | ||||
|   become: yes | ||||
|   when: arch_based | ||||
| 
 | ||||
| - name: Enable pacman pacman | ||||
|   lineinfile: | ||||
|     path: /etc/pacman.conf | ||||
|     regexp: "^#?ILoveCandy" | ||||
|     line: "ILoveCandy" | ||||
|     insertafter: "^#?Color" | ||||
|   become: yes | ||||
|   when: arch_based | ||||
| 
 | ||||
| # Manjaro configuration | ||||
| 
 | ||||
| - name: Remove Manjaro's pamac | ||||
|   pacman: | ||||
|     name: pamac | ||||
|     state: absent | ||||
|   become: yes | ||||
|   when: arch_based and False # I'm trying to remember why I usually delete this thing | ||||
| 
 | ||||
| # Xorg configuration | ||||
| 
 | ||||
| - name: Check if there is nvidia-xrun is installed | ||||
|   stat: | ||||
|     path: /etc/X11/nvidia-xorg.conf | ||||
|   register: nvidia_xrun | ||||
|   when: display_manager == 'x11' | ||||
| 
 | ||||
| - name: Add nvidia-xrun xorg config directory | ||||
|   set_fact: | ||||
|     xorg_common_config_dirs: "{{ xorg_default_config_dirs + xorg_nvidia_config_dirs }}" | ||||
|   vars: | ||||
|     xorg_default_config_dirs: | ||||
|       - /etc/X11/xorg.conf.d | ||||
|     xorg_nvidia_config_dirs: "{{ ['/etc/X11/nvidia-xorg.conf.d'] if nvidia_xrun.stat.exists else [] }}" | ||||
|   when: display_manager == 'x11' | ||||
| 
 | ||||
| - name: Configure Xorg keyboard layout | ||||
|   copy: | ||||
|     src: xorg/keyboard.conf | ||||
|     dest: "{{ item }}/00-keyboard.conf" | ||||
|   become: yes | ||||
|   when: display_manager == 'x11' | ||||
|   notify: etc changed | ||||
|   loop: "{{ xorg_common_config_dirs }}" | ||||
| 
 | ||||
| - name: Check if there is Intel backlight | ||||
|   stat: | ||||
|     path: /sys/class/backlight/intel_backlight | ||||
|   register: intel_backlight | ||||
|   when: display_manager == 'x11' | ||||
| 
 | ||||
| - name: Install Intel video drivers (Arch based) | ||||
|   pacman: | ||||
|     name: xf86-video-intel | ||||
|     # state: "{{ intel_backlight.stat.exists }}" | ||||
|     state: present | ||||
|   become: yes | ||||
|   when: display_manager == 'x11' and intel_backlight.stat.exists and arch_based | ||||
| 
 | ||||
| - name: Configure Xorg Intel backlight | ||||
|   copy: | ||||
|     src: xorg/intel_backlight.conf | ||||
|     dest: "{{ item }}/20-intel_backlight.conf" | ||||
|   become: yes | ||||
|   when: display_manager == 'x11' and intel_backlight.stat.exists | ||||
|   notify: etc changed | ||||
|   loop: "{{ xorg_common_config_dirs }}" | ||||
| 
 | ||||
| - name: Configure Xorg touchpad behaviour | ||||
|   copy: | ||||
|     src: xorg/touchpad.conf | ||||
|     dest: "{{ item }}/30-touchpad.conf" | ||||
|   become: yes | ||||
|   when: display_manager == 'x11' | ||||
|   notify: etc changed | ||||
|   loop: "{{ xorg_common_config_dirs }}" | ||||
| 
 | ||||
| - name: Configure Xorg joystick behaviour | ||||
|   copy: | ||||
|     src: xorg/joystick.conf | ||||
|     dest: "{{ item }}/50-joystick.conf" | ||||
|   become: yes | ||||
|   when: display_manager == 'x11' | ||||
|   notify: etc changed | ||||
|   loop: "{{ xorg_common_config_dirs }}" | ||||
| 
 | ||||
| # Numlock on boot | ||||
| 
 | ||||
| - name: set numlock on boot | ||||
|   copy: | ||||
|     src: getty.service | ||||
|     dest: /etc/systemd/system/getty@.service.d/override.conf | ||||
|   become: yes | ||||
|   notify: | ||||
|     - etc changed | ||||
|     - systemd changed | ||||
|   when: auto_numlock | ||||
| 
 | ||||
| - name: Unset numlock on boot | ||||
|   file: | ||||
|     path: /etc/systemd/system/getty@.service.d/override.conf | ||||
|     state: absent | ||||
|   become: yes | ||||
|   notify: | ||||
|     - etc changed | ||||
|     - systemd changed | ||||
|   when: not auto_numlock | ||||
| 
 | ||||
| # TLP configuration | ||||
| 
 | ||||
| - name: Install TLP (Arch based) | ||||
|   pacman: | ||||
|     name: tlp | ||||
|     state: present | ||||
|   when: arch_based | ||||
|   become: yes | ||||
| 
 | ||||
| - name: Start/enable TLP | ||||
|   systemd: | ||||
|     name: tlp | ||||
|     state: started | ||||
|     enabled: yes | ||||
|   become: yes | ||||
|   notify: etc changed | ||||
| 
 | ||||
| # Network configuration | ||||
| 
 | ||||
| - name: Uninstall networkmanager | ||||
|   pacman: | ||||
|     name: networkmanager | ||||
|     state: absent | ||||
|   when: arch_based | ||||
|   become: yes | ||||
| 
 | ||||
| - name: Install dhcpcd (Arch based) | ||||
|   pacman: | ||||
|     name: dhcpcd | ||||
|     state: present | ||||
|   when: arch_based | ||||
|   become: yes | ||||
| 
 | ||||
| - name: Start/enable dhcpcd | ||||
|   systemd: | ||||
|     name: dhcpcd | ||||
|     state: started | ||||
|     enabled: yes | ||||
|   become: yes | ||||
|   notify: etc changed | ||||
| 
 | ||||
| - name: Install wpa_supplicant (Arch based) | ||||
|   pacman: | ||||
|     name: wpa_supplicant | ||||
|     state: present | ||||
|   when: arch_based | ||||
|   become: yes | ||||
| 
 | ||||
| - name: Configure wpa_supplicant | ||||
|   template: | ||||
|     src: wpa_supplicant.conf.j2 | ||||
|     dest: /etc/wpa_supplicant/wpa_supplicant.conf | ||||
|   notify: | ||||
|     - etc changed | ||||
|     - wpa_supplicant changed | ||||
|   become: yes | ||||
|   tags: | ||||
|     - wificonf | ||||
| 
 | ||||
| - name: Prepare directory for wpa_supplicant service override | ||||
|   file: | ||||
|     path: /etc/systemd/system/wpa_supplicant@.service.d | ||||
|     state: directory | ||||
|     mode: "u=rwx,g=rx,o=rx" | ||||
|   become: yes | ||||
| 
 | ||||
| - name: Make wpa_supplicant use a common configuration file | ||||
|   copy: | ||||
|     src: wpa_supplicant.service | ||||
|     dest: /etc/systemd/system/wpa_supplicant@.service.d/override.conf | ||||
|   register: wpa_supplicant_systemd | ||||
|   become: yes | ||||
|   notify: | ||||
|     - etc changed | ||||
| 
 | ||||
| - name: Start/enable wpa_supplicant | ||||
|   systemd: | ||||
|     name: "wpa_supplicant@{{ item }}" | ||||
|     state: started | ||||
|     enabled: yes | ||||
|     # Can't wait for handlers reload systemd daemon, | ||||
|     # but flushing is a bit much, so: | ||||
|     daemon_reload: "{{ wpa_supplicant_systemd.changed }}" | ||||
|   become: yes | ||||
|   notify: etc changed | ||||
|   loop: "{{ ansible_interfaces }}" | ||||
|   when: "item.startswith('wl')" | ||||
| # Could probably use something better like | ||||
| # listing /sys/class/ieee80211/*/device/net/ | ||||
| 
 | ||||
| 
 | ||||
| # Time synchronisation | ||||
| 
 | ||||
| - name: Mask systemd-timesyncd | ||||
|   systemd: | ||||
|     name: systemd-timesyncd | ||||
|     state: stopped | ||||
|     enabled: no | ||||
|     masked: yes | ||||
|   become: yes | ||||
|   notify: etc changed | ||||
|   when: arch_based | ||||
| 
 | ||||
| - name: Install chrony | ||||
|   pacman: | ||||
|     name: chrony | ||||
|     state: present | ||||
|   when: arch_based | ||||
|   become: yes | ||||
| 
 | ||||
| - name: Configure chrony | ||||
|   copy: | ||||
|     src: chrony.conf | ||||
|     dest: /etc/chrony.conf | ||||
|   become: yes | ||||
|   notify: | ||||
|     - etc changed | ||||
|     - "chrony reconfigured" | ||||
| 
 | ||||
| - name: Enable chronyd | ||||
|   systemd: | ||||
|     name: chronyd | ||||
|     enabled: yes | ||||
|   become: yes | ||||
|   notify: | ||||
|     - etc changed | ||||
|     - "chrony reconfigured" | ||||
| 
 | ||||
| - name: Configure dhcpcd chrony hook | ||||
|   copy: | ||||
|     src: dhcpcd.exit-hook | ||||
|     dest: /etc/dhcpcd.exit-hook | ||||
|   become: yes | ||||
|   notify: etc changed | ||||
| 
 | ||||
| # TODO Hibernation, if that's relevant | ||||
| # $ sudo blkid | grep 'TYPE="swap"' | ||||
| # $ sudoedit /etc/default/grub | ||||
| # Add resume=UUID=<UUID-of-swap-partition> to GRUB_CMDLINE_LINUX_DEFAULT | ||||
| # $ sudo grub-mkconfig -o /boot/grub/grub.cfg | ||||
|  | @ -0,0 +1,90 @@ | |||
| # Giving configuration update rights to wpa_cli | ||||
| ctrl_interface=/run/wpa_supplicant | ||||
| ctrl_interface_group=wheel | ||||
| update_config=1 | ||||
| 
 | ||||
| # AP scanning | ||||
| ap_scan=1 | ||||
| 
 | ||||
| # ISO/IEC alpha2 country code in which the device is operating | ||||
| country=NL | ||||
| 
 | ||||
| {% set password_store_path = lookup('env', 'PASSWORD_STORE_DIR') or ansible_user_dir + '/.password-store/' %} | ||||
| {% set wifi_pass_paths = query('fileglob', password_store_path + 'wifi/*.gpg') %} | ||||
| {% set names = wifi_pass_paths | map('regex_replace', '^.+/wifi/(.+).gpg$', '\\1') | sort%} | ||||
| {% for name in names %} | ||||
| {# | ||||
| community.general.passwordstore doesn't support path with spaces in it, | ||||
| so we're using a `ssid` attribute, which default to the names for SSIDs without space. | ||||
| #} | ||||
| {% set suffixes = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=suffixes') or [''] %} | ||||
| {% set ssid = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=ssid') or name %} | ||||
| {% set type = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=type') or 'wpa' %} | ||||
| {% set pass = lookup('community.general.passwordstore', 'wifi/' + name) %} | ||||
| # {{ name }} | ||||
| {% for suffix in suffixes %} | ||||
| network={ | ||||
|     ssid="{{ ssid }}{{ suffix }}" | ||||
| {% if type == 'wpa' %} | ||||
|     psk="{{ pass }}" | ||||
| {% elif type == 'wep' %} | ||||
|     key_mgmt=NONE | ||||
|     wep_key0={{ pass }} | ||||
| {% elif type == 'open' %} | ||||
|     key_mgmt=NONE | ||||
| {% else %} | ||||
|     # Error, unknown type: {{ type }} | ||||
| {% endif %} | ||||
| } | ||||
| {% endfor %} | ||||
| 
 | ||||
| {% endfor %} | ||||
| {# REFERENCES | ||||
| 
 | ||||
| # WPA | ||||
| network={ | ||||
|     ssid="WPA_SSID" | ||||
|     psk="XXXXXXXXXXXXXXXXXXXXXXXXXX" | ||||
| } | ||||
| 
 | ||||
| # WEP | ||||
| network={ | ||||
|     ssid="WEP_SSID" | ||||
|     key_mgmt=NONE | ||||
|     wep_key0=FFFFFFFFFFFFFFFFFFFFFFFFFF | ||||
| } | ||||
| 
 | ||||
| # Open | ||||
| network={ | ||||
|     ssid="OPEN_SSID" | ||||
|     key_mgmt=NONE | ||||
| } | ||||
| 
 | ||||
| # eduroam password | ||||
| network={ | ||||
|     ssid="eduroam" | ||||
|     key_mgmt=WPA-EAP | ||||
|     eap=PEAP | ||||
|     identity="id@univ.tld" | ||||
|     password="hunter2" | ||||
| } | ||||
| 
 | ||||
| # eduroam certificate | ||||
| network={ | ||||
|     ssid="eduroam" | ||||
|     key_mgmt=WPA-EAP | ||||
|     # pairwise=CCMP | ||||
|     pairwise=CCMP TKIP | ||||
|     group=CCMP TKIP | ||||
|     eap=TLS | ||||
|     ca_cert="/path/to/ca.pem" | ||||
|     identity="id@univ.tld" | ||||
|     domain_suffix_match="wifi.univ.tld" | ||||
|     client_cert="/path/to/cert.pem" | ||||
|     private_key="/path/to/key.pem" | ||||
|     private_key_passwd="hunter2" | ||||
|     phase2="auth=" | ||||
|     #anonymous_identity="" | ||||
| } | ||||
| 
 | ||||
| #} | ||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue