Replaced install-arch with something Ansible!

This commit is contained in:
Geoffrey Frogeye 2021-06-16 22:57:18 +02:00
parent a883596cf0
commit 1a8502002a
Signed by: geoffrey
GPG key ID: C72403E7F82E6AD8
21 changed files with 524 additions and 4 deletions

View file

@ -15,3 +15,9 @@ software_full: no
# Which additional software to install # Which additional software to install
software_snippets: [] software_snippets: []
# If the computer has a battery and we want to use it
has_battery: no
# Activate numlock by default
auto_numlock: no

View file

@ -7,3 +7,5 @@ dev_stuffs:
- ansible - ansible
- docker - docker
software_full: yes software_full: yes
has_battery: yes
auto_numlock: yes

View file

@ -4,3 +4,4 @@ dev_stuffs:
- shell - shell
- network - network
- ansible - ansible
has_battery: yes

View file

@ -3,8 +3,12 @@
roles: roles:
- role: access - role: access
tags: access tags: access
when: root_access
- role: software - role: software
tags: software tags: software
- role: system
tags: system
when: root_access
- role: dotfiles - role: dotfiles
tags: dotfiles tags: dotfiles
- role: mnussbaum.base16-builder-ansible # Required for color - role: mnussbaum.base16-builder-ansible # Required for color

View file

@ -4,6 +4,6 @@
dest: "{{ ansible_user_dir }}/.dotfiles" dest: "{{ ansible_user_dir }}/.dotfiles"
notify: install dotfiles notify: install dotfiles
# - name: Install python dependencies for scripts - name: Install python dependencies for scripts
# pip: pip:
# requirements: "{{ ansible_user_dir }}/.dotfiles/config/scripts/requirements.txt" requirements: "{{ ansible_user_dir }}/.dotfiles/config/scripts/requirements.txt"

View file

@ -115,5 +115,6 @@
# be removed by dependency check. # be removed by dependency check.
# Current packages will be kept by the meta package # Current packages will be kept by the meta package
use: yay use: yay
notify: "software changed"
tags: softwarelist tags: softwarelist
when: arch_based and root_access when: arch_based and root_access

View file

@ -1,7 +1,9 @@
{# Essential #}
firefox firefox
qutebrowser
{# Sound #}
pulseaudio pulseaudio
pacmixer pacmixer
zbar
{% if arch_based %} {% if arch_based %}
ttf-dejavu ttf-dejavu
ttf-twemoji ttf-twemoji
@ -13,6 +15,7 @@ thunar
gedit gedit
feh feh
zathura zathura
zbar
{% if arch_based %} {% if arch_based %}
zathura-pdf-mupdf zathura-pdf-mupdf
{% elif debian_based %} {% elif debian_based %}

View file

@ -19,4 +19,5 @@ ansible
unzip unzip
unrar unrar
p7zip p7zip
{{ python_prefix }}-pystache
{# EOF #} {# EOF #}

View file

@ -19,3 +19,6 @@ speedtest-cli
{% if arch_based %} {% if arch_based %}
pacman-contrib pacman-contrib
{% endif %} {% endif %}
{% if has_battery %}
powertop
{% endif %}

View file

@ -0,0 +1,7 @@
server 0.europe.pool.ntp.org offline
server 1.europe.pool.ntp.org offline
server 2.europe.pool.ntp.org offline
server 3.europe.pool.ntp.org offline
driftfile /etc/chrony.drift
rtconutc
rtcsync

View file

@ -0,0 +1,5 @@
if $if_up; then
chronyc online
elif $if_down; then
chronyc offline
fi

View file

@ -0,0 +1,2 @@
[Service]
ExecStartPre=/bin/sh -c 'setleds +num < /dev/%I'

View file

@ -0,0 +1,3 @@
[Service]
ExecStart=
ExecStart=/usr/bin/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant.conf -i%I

View file

@ -0,0 +1,5 @@
Section "Device"
Identifier "Intel Graphics"
Driver "intel"
Option "Backlight" "intel_backlight"
EndSection

View file

@ -0,0 +1,8 @@
Section "InputClass"
Identifier "joystick catchall"
MatchIsJoystick "on"
MatchDevicePath "/dev/input/event*"
Driver "joystick"
Option "StartKeysEnabled" "False" #Disable mouse
Option "StartMouseEnabled" "False" #support
EndSection

View file

@ -0,0 +1,7 @@
Section "InputClass"
Identifier "system-keyboard"
MatchIsKeyboard "on"
Option "XkbLayout" "us_qwerty-fr"
#Option "XkbModel" "pc105+inet"
Option "XkbOptions" "terminate:ctrl_alt_bksp"
EndSection

View file

@ -0,0 +1,6 @@
Section "InputClass"
Identifier "touchpad"
Driver "libinput"
MatchIsTouchpad "on"
Option "Tapping" "on"
EndSection

View file

@ -0,0 +1,28 @@
- name: Create a etckeeper commit
command: "etckeeper commit 'automatrop {{ ansible_date_time.iso8601 }}'"
listen: "etc changed"
become: yes
- name: Restart chrony
systemd:
name: chronyd
state: restarted
listen: chrony reconfigured
become: yes
- name: Reload systemd daemon
systemd:
daemon_reload: yes
listen: systemd changed
become: yes
- name: Restart wpa_supplicant
systemd:
name: "wpa_supplicant@{{ item }}"
state: restarted
become: yes
loop: "{{ ansible_interfaces }}"
when: "item.startswith('wl')"
listen: wpa_supplicant changed
# Could probably use something better like
# listing /sys/class/ieee80211/*/device/net/

View file

@ -0,0 +1,336 @@
# TODO For other distributions
- name: Set variables
set_fact:
arch_based: "{{ ansible_distribution == 'Archlinux' }}"
# arch: "{{ ansible_lsb.id == 'Arch' }}"
# manjaro: "{{ ansible_lsb.id == 'Manjaro' or ansible_lsb.id == 'Manjaro-ARM' }}"
# termux: "{{ ansible_distribution == 'OtherLinux' and ansible_python.executable == '/data/data/com.termux/files/usr/bin/python' }}"
# debian_based: "{{ ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu' }}"
# debian: "{{ ansible_distribution == 'Debian' }}"
# ubuntu: "{{ ansible_distribution == 'Ubuntu' }}"
# Etckeeper
- name: Install etckeeper (Arch based)
pacman:
name: etckeeper
state: present
become: yes
when: arch_based
- name: Check if etckeeper is initialized
stat:
path: /etc/.git
register: etckeeper
become: yes
- name: Initialize etckeeper
command: "etckeeper init"
become: yes
when: not etckeeper.stat.exists
changed_when: yes
- name: Configure git user.name for etckeeper
git_config:
scope: local
repo: /etc
name: "{{ item.name }}"
value: "{{ item.value }}"
loop:
- name: "user.name"
value: "etckeeper on {{ inventory_hostname_short }}"
- name: "user.email"
value: "etckeeper@{{ inventory_hostname }}"
become: yes
# Arch configuration
- name: Install ccache
pacman:
name: ccache
state: present
become: yes
when: arch_based
- name: Enable makepkg ccache
replace:
path: /etc/makepkg.conf
regexp: '^BUILDENV=(.+)!ccache(.+)$'
replace: 'BUILDENV=\1ccache\2'
become: yes
when: arch_based
- name: Set makepkg MAKEFLAGS
replace:
path: /etc/makepkg.conf
regexp: '^#? *MAKEFLAGS=(.+)-j[0-9]+(.+)$'
replace: "MAKEFLAGS=\\1-j{{ j }}\\2"
become: yes
vars:
j: "{{ [ansible_processor_nproc - 1, 1] | max | int }}"
when: arch_based
- name: Enable makepkg color
replace:
path: /etc/makepkg.conf
regexp: '^BUILDENV=(.+)!color(.+)$'
replace: 'BUILDENV=\1color\2'
become: yes
when: arch_based
- name: Enable pacman colors
lineinfile:
path: /etc/pacman.conf
regexp: "^#?Color"
line: "Color"
become: yes
when: arch_based
- name: Enable pacman pacman
lineinfile:
path: /etc/pacman.conf
regexp: "^#?ILoveCandy"
line: "ILoveCandy"
insertafter: "^#?Color"
become: yes
when: arch_based
# Manjaro configuration
- name: Remove Manjaro's pamac
pacman:
name: pamac
state: absent
become: yes
when: arch_based and False # I'm trying to remember why I usually delete this thing
# Xorg configuration
- name: Check if there is nvidia-xrun is installed
stat:
path: /etc/X11/nvidia-xorg.conf
register: nvidia_xrun
when: display_manager == 'x11'
- name: Add nvidia-xrun xorg config directory
set_fact:
xorg_common_config_dirs: "{{ xorg_default_config_dirs + xorg_nvidia_config_dirs }}"
vars:
xorg_default_config_dirs:
- /etc/X11/xorg.conf.d
xorg_nvidia_config_dirs: "{{ ['/etc/X11/nvidia-xorg.conf.d'] if nvidia_xrun.stat.exists else [] }}"
when: display_manager == 'x11'
- name: Configure Xorg keyboard layout
copy:
src: xorg/keyboard.conf
dest: "{{ item }}/00-keyboard.conf"
become: yes
when: display_manager == 'x11'
notify: etc changed
loop: "{{ xorg_common_config_dirs }}"
- name: Check if there is Intel backlight
stat:
path: /sys/class/backlight/intel_backlight
register: intel_backlight
when: display_manager == 'x11'
- name: Install Intel video drivers (Arch based)
pacman:
name: xf86-video-intel
# state: "{{ intel_backlight.stat.exists }}"
state: present
become: yes
when: display_manager == 'x11' and intel_backlight.stat.exists and arch_based
- name: Configure Xorg Intel backlight
copy:
src: xorg/intel_backlight.conf
dest: "{{ item }}/20-intel_backlight.conf"
become: yes
when: display_manager == 'x11' and intel_backlight.stat.exists
notify: etc changed
loop: "{{ xorg_common_config_dirs }}"
- name: Configure Xorg touchpad behaviour
copy:
src: xorg/touchpad.conf
dest: "{{ item }}/30-touchpad.conf"
become: yes
when: display_manager == 'x11'
notify: etc changed
loop: "{{ xorg_common_config_dirs }}"
- name: Configure Xorg joystick behaviour
copy:
src: xorg/joystick.conf
dest: "{{ item }}/50-joystick.conf"
become: yes
when: display_manager == 'x11'
notify: etc changed
loop: "{{ xorg_common_config_dirs }}"
# Numlock on boot
- name: set numlock on boot
copy:
src: getty.service
dest: /etc/systemd/system/getty@.service.d/override.conf
become: yes
notify:
- etc changed
- systemd changed
when: auto_numlock
- name: Unset numlock on boot
file:
path: /etc/systemd/system/getty@.service.d/override.conf
state: absent
become: yes
notify:
- etc changed
- systemd changed
when: not auto_numlock
# TLP configuration
- name: Install TLP (Arch based)
pacman:
name: tlp
state: present
when: arch_based
become: yes
- name: Start/enable TLP
systemd:
name: tlp
state: started
enabled: yes
become: yes
notify: etc changed
# Network configuration
- name: Uninstall networkmanager
pacman:
name: networkmanager
state: absent
when: arch_based
become: yes
- name: Install dhcpcd (Arch based)
pacman:
name: dhcpcd
state: present
when: arch_based
become: yes
- name: Start/enable dhcpcd
systemd:
name: dhcpcd
state: started
enabled: yes
become: yes
notify: etc changed
- name: Install wpa_supplicant (Arch based)
pacman:
name: wpa_supplicant
state: present
when: arch_based
become: yes
- name: Configure wpa_supplicant
template:
src: wpa_supplicant.conf.j2
dest: /etc/wpa_supplicant/wpa_supplicant.conf
notify:
- etc changed
- wpa_supplicant changed
become: yes
tags:
- wificonf
- name: Prepare directory for wpa_supplicant service override
file:
path: /etc/systemd/system/wpa_supplicant@.service.d
state: directory
mode: "u=rwx,g=rx,o=rx"
become: yes
- name: Make wpa_supplicant use a common configuration file
copy:
src: wpa_supplicant.service
dest: /etc/systemd/system/wpa_supplicant@.service.d/override.conf
register: wpa_supplicant_systemd
become: yes
notify:
- etc changed
- name: Start/enable wpa_supplicant
systemd:
name: "wpa_supplicant@{{ item }}"
state: started
enabled: yes
# Can't wait for handlers reload systemd daemon,
# but flushing is a bit much, so:
daemon_reload: "{{ wpa_supplicant_systemd.changed }}"
become: yes
notify: etc changed
loop: "{{ ansible_interfaces }}"
when: "item.startswith('wl')"
# Could probably use something better like
# listing /sys/class/ieee80211/*/device/net/
# Time synchronisation
- name: Mask systemd-timesyncd
systemd:
name: systemd-timesyncd
state: stopped
enabled: no
masked: yes
become: yes
notify: etc changed
when: arch_based
- name: Install chrony
pacman:
name: chrony
state: present
when: arch_based
become: yes
- name: Configure chrony
copy:
src: chrony.conf
dest: /etc/chrony.conf
become: yes
notify:
- etc changed
- "chrony reconfigured"
- name: Enable chronyd
systemd:
name: chronyd
enabled: yes
become: yes
notify:
- etc changed
- "chrony reconfigured"
- name: Configure dhcpcd chrony hook
copy:
src: dhcpcd.exit-hook
dest: /etc/dhcpcd.exit-hook
become: yes
notify: etc changed
# TODO Hibernation, if that's relevant
# $ sudo blkid | grep 'TYPE="swap"'
# $ sudoedit /etc/default/grub
# Add resume=UUID=<UUID-of-swap-partition> to GRUB_CMDLINE_LINUX_DEFAULT
# $ sudo grub-mkconfig -o /boot/grub/grub.cfg

View file

@ -0,0 +1,90 @@
# Giving configuration update rights to wpa_cli
ctrl_interface=/run/wpa_supplicant
ctrl_interface_group=wheel
update_config=1
# AP scanning
ap_scan=1
# ISO/IEC alpha2 country code in which the device is operating
country=NL
{% set password_store_path = lookup('env', 'PASSWORD_STORE_DIR') or ansible_user_dir + '/.password-store/' %}
{% set wifi_pass_paths = query('fileglob', password_store_path + 'wifi/*.gpg') %}
{% set names = wifi_pass_paths | map('regex_replace', '^.+/wifi/(.+).gpg$', '\\1') | sort%}
{% for name in names %}
{#
community.general.passwordstore doesn't support path with spaces in it,
so we're using a `ssid` attribute, which default to the names for SSIDs without space.
#}
{% set suffixes = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=suffixes') or [''] %}
{% set ssid = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=ssid') or name %}
{% set type = lookup('community.general.passwordstore', 'wifi/' + name + ' subkey=type') or 'wpa' %}
{% set pass = lookup('community.general.passwordstore', 'wifi/' + name) %}
# {{ name }}
{% for suffix in suffixes %}
network={
ssid="{{ ssid }}{{ suffix }}"
{% if type == 'wpa' %}
psk="{{ pass }}"
{% elif type == 'wep' %}
key_mgmt=NONE
wep_key0={{ pass }}
{% elif type == 'open' %}
key_mgmt=NONE
{% else %}
# Error, unknown type: {{ type }}
{% endif %}
}
{% endfor %}
{% endfor %}
{# REFERENCES
# WPA
network={
ssid="WPA_SSID"
psk="XXXXXXXXXXXXXXXXXXXXXXXXXX"
}
# WEP
network={
ssid="WEP_SSID"
key_mgmt=NONE
wep_key0=FFFFFFFFFFFFFFFFFFFFFFFFFF
}
# Open
network={
ssid="OPEN_SSID"
key_mgmt=NONE
}
# eduroam password
network={
ssid="eduroam"
key_mgmt=WPA-EAP
eap=PEAP
identity="id@univ.tld"
password="hunter2"
}
# eduroam certificate
network={
ssid="eduroam"
key_mgmt=WPA-EAP
# pairwise=CCMP
pairwise=CCMP TKIP
group=CCMP TKIP
eap=TLS
ca_cert="/path/to/ca.pem"
identity="id@univ.tld"
domain_suffix_match="wifi.univ.tld"
client_cert="/path/to/cert.pem"
private_key="/path/to/key.pem"
private_key_passwd="hunter2"
phase2="auth="
#anonymous_identity=""
}
#}

View file

@ -1,5 +1,7 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# DEPRECATED
# Git for /etc # Git for /etc
sudo pacman -S etckeeper --needed sudo pacman -S etckeeper --needed
(cd /etc/; sudo git config user.name "etckeeper on $(cat /etc/hostname)"; sudo git config user.email "etckeeper@$(cat /etc/hostname)") (cd /etc/; sudo git config user.name "etckeeper on $(cat /etc/hostname)"; sudo git config user.email "etckeeper@$(cat /etc/hostname)")