vleeuwenmenno/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

style: add YAML document start markers to Ansible playbooks and tasks
Some checks failed
Ansible Lint Check / check-ansible (push) Failing after 1m34s
Details
Nix Format Check / check-format (push) Successful in 57s
Details

Browse Source
This commit is contained in:
Menno van Leeuwen 2025-03-12 14:05:42 +01:00
parent 785bd9b122
commit 112d3679da
Signed by: vleeuwenmenno
SSH Key Fingerprint: SHA256:OJFmjANpakwD3F2Rsws4GLtbdz1TJ5tkQF0RZmF0TRE
36 changed files with 202 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
.github/workflows/ansible.yml vendored Normal file
View File

@ -0,0 +1,37 @@
name: Ansible Lint Check
on:
pull_request:
push:
branches: [ master ]
jobs:
check-ansible:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: Install Ansible and ansible-lint
run: |
python -m pip install --upgrade pip
python -m pip install ansible ansible-lint
- name: Run ansible-lint
run: |
if [ ! -d "config/ansible" ]; then
echo "No ansible directory found at config/ansible"
exit 0
fi
found_files=$(find config/ansible -name "*.yml" -o -name "*.yaml")
if [ -z "$found_files" ]; then
echo "No Ansible files found in config/ansible to lint"
exit 0
fi
ansible-lint $found_files

95
bin/actions/lint.py Executable file
View File

@ -0,0 +1,95 @@
#!/usr/bin/env python3
import os
import sys
import subprocess
import argparse
from pathlib import Path
# Import helper functions
sys.path.append(os.path.join(os.path.dirname(os.path.dirname(__file__))))
from helpers.functions import printfe, ensure_dependencies, command_exists
DOTFILES_ROOT = os.path.expanduser("~/.dotfiles")
def lint_ansible(fix=False):
"""Run ansible-lint on Ansible files"""
ansible_dir = os.path.join(DOTFILES_ROOT, "config/ansible")
if not os.path.isdir(ansible_dir):
printfe("yellow", "No ansible directory found at config/ansible")
return 0
# Find all YAML files in the ansible directory
yaml_files = []
for ext in [".yml", ".yaml"]:
yaml_files.extend(list(Path(ansible_dir).glob(f"**/*{ext}")))
if not yaml_files:
printfe("yellow", "No Ansible files found in config/ansible to lint")
return 0
if not command_exists("ansible-lint"):
printfe("red", "ansible-lint is not installed. Please install it with pip or your package manager.")
return 1
printfe("blue", f"Running ansible-lint{' with auto-fix' if fix else ''}...")
files_to_lint = [str(f) for f in yaml_files]
command = ["ansible-lint"]
if fix:
command.append("--fix")
command.extend(files_to_lint)
result = subprocess.run(command)
return result.returncode
def lint_nix():
"""Run nixfmt on Nix files"""
nix_files = list(Path(DOTFILES_ROOT).glob("**/*.nix"))
if not nix_files:
printfe("yellow", "No Nix files found to lint")
return 0
if not command_exists("nixfmt"):
printfe("red", "nixfmt is not installed. Please install it with nix-env or your package manager.")
return 1
printfe("blue", "Running nixfmt...")
exit_code = 0
for nix_file in nix_files:
printfe("cyan", f"Formatting {nix_file}")
result = subprocess.run(["nixfmt", str(nix_file)])
if result.returncode != 0:
exit_code = 1
return exit_code
def main():
parser = argparse.ArgumentParser(description="Run linters on dotfiles")
parser.add_argument("--ansible", action="store_true", help="Run only ansible-lint")
parser.add_argument("--nix", action="store_true", help="Run only nixfmt")
parser.add_argument("--fix", action="store_true", help="Auto-fix issues where possible (for ansible-lint)")
args = parser.parse_args()
# If no specific linter is specified, run both
run_ansible = args.ansible or not (args.ansible or args.nix)
run_nix = args.nix or not (args.ansible or args.nix)
exit_code = 0
if run_ansible:
ansible_result = lint_ansible(fix=args.fix)
if ansible_result != 0:
exit_code = ansible_result
if run_nix:
nix_result = lint_nix()
if nix_result != 0:
exit_code = nix_result
return exit_code
if __name__ == "__main__":
sys.exit(main())

7
bin/dotf
View File

@ -49,6 +49,10 @@ def service(args):
"""Run the service/docker action"""
return run_script(f"{DOTFILES_BIN}/actions/service.py", args)
def lint(args):
"""Run the lint action"""
return run_script(f"{DOTFILES_BIN}/actions/lint.py", args)
def ensure_git_hooks():
"""Ensure git hooks are correctly set up"""
hooks_dir = os.path.join(DOTFILES_ROOT, ".git/hooks")
@ -103,7 +107,8 @@ def main():
"hello": hello,
"secrets": secrets,
"auto-start": auto_start,
"service": service
"service": service,
"lint": lint
}
if command in commands:

5
bin/helpers/functions.py
View File

@ -115,6 +115,11 @@ def run_command(command, shell=False):
except FileNotFoundError:
return False, f"Command '{command[0]}' not found"
def command_exists(command):
"""Check if a command exists in the PATH"""
import shutil
return shutil.which(command) is not None
def ensure_dependencies():
"""Check and install required dependencies for the dotfiles system"""
required_packages = [

1
config/ansible/group_vars/servers.yml
View File

@ -1,2 +1,3 @@
---
flatpaks: false
install_ui_apps: false

3
config/ansible/group_vars/workstations.yml
View File

@ -1,2 +1,3 @@
---
flatpaks: true
install_ui_apps: true
install_ui_apps: true

1
config/ansible/playbook.yml
View File

@ -1,3 +1,4 @@
---
- name: Configure all hosts
hosts: all
handlers:

3
config/ansible/tasks/global/docker.yml
View File

@ -1,3 +1,4 @@
---
- name: Check if Docker CE is installed
ansible.builtin.command: docker --version
register: docker_check
@ -8,7 +9,7 @@
ansible.builtin.get_url:
url: https://get.docker.com
dest: /tmp/get-docker.sh
mode: '0755'
mode: "0755"
when: docker_check.rc != 0
- name: Install Docker CE

3
config/ansible/tasks/global/global.yml
View File

@ -1,3 +1,4 @@
---
- name: Include global symlinks tasks
ansible.builtin.import_tasks: tasks/global/symlinks.yml
@ -45,4 +46,4 @@
ansible.builtin.file:
path: ~/.hushlogin
state: touch
mode: '0644'
mode: "0644"

3
config/ansible/tasks/global/ollama.yml
View File

@ -1,3 +1,4 @@
---
- name: Check if Ollama is installed
ansible.builtin.command: ollama --version
register: ollama_check
@ -8,7 +9,7 @@
ansible.builtin.get_url:
url: https://ollama.com/install.sh
dest: /tmp/install_ollama.sh
mode: '0755'
mode: "0755"
when: ollama_check.rc != 0
- name: Install Ollama

5
config/ansible/tasks/global/openssh-server.yml
View File

@ -1,3 +1,4 @@
---
- name: Ensure openssh-server is installed
ansible.builtin.package:
name: openssh-server
@ -15,6 +16,6 @@
dest: /etc/ssh/sshd_config
owner: root
group: root
mode: '0644'
validate: '/usr/sbin/sshd -t -f %s'
mode: "0644"
validate: "/usr/sbin/sshd -t -f %s"
notify: Restart SSH service

3
config/ansible/tasks/global/rust.yml
View File

@ -1,3 +1,4 @@
---
- name: Check if Rust is installed
ansible.builtin.shell: source $HOME/.cargo/env && rustc --version
register: rust_check
@ -10,7 +11,7 @@
ansible.builtin.get_url:
url: https://sh.rustup.rs
dest: /tmp/rustup.sh
mode: '0755'
mode: "0755"
when: rust_check.rc != 0
- name: Install Rust and Cargo

1
config/ansible/tasks/global/symlinks.yml
View File

@ -1,3 +1,4 @@
---
- name: Set user home directory
ansible.builtin.set_fact:
user_home: "{{ ansible_env.HOME if ansible_user_id == 'root' else lookup('env', 'HOME') }}"

1
config/ansible/tasks/global/tailscale.yml
View File

@ -1,3 +1,4 @@
---
- name: Check if Tailscale is installed
ansible.builtin.command: which tailscale
register: tailscale_check

1
config/ansible/tasks/servers/server.yml
View File

@ -1,3 +1,4 @@
---
- name: Server setup
block:
- name: Ensure server common packages are installed

1
config/ansible/tasks/servers/services/caddy/caddy.yml
View File

@ -1,3 +1,4 @@
---
- name: Deploy Caddy service
block:
- name: Set Caddy directories

1
config/ansible/tasks/servers/services/gitea/gitea.yml
View File

@ -1,3 +1,4 @@
---
- name: Deploy Gitea service
block:
- name: Set Gitea directories

1
config/ansible/tasks/servers/services/golink/golink.yml
View File

@ -1,3 +1,4 @@
---
- name: Deploy GoLink service
block:
- name: Set GoLink directories

1
config/ansible/tasks/servers/services/hoarder/hoarder.yml
View File

@ -1,3 +1,4 @@
---
- name: Deploy Hoarder service
block:
- name: Set Hoarder directories

1
config/ansible/tasks/servers/services/immich/immich.yml
View File

@ -1,3 +1,4 @@
---
- name: Deploy Immich service
block:
- name: Set Immich directories

1
config/ansible/tasks/servers/services/services.yml
View File

@ -1,3 +1,4 @@
---
- name: Include caddy tasks
ansible.builtin.include_tasks: caddy/caddy.yml
when: caddy_enabled|bool

1
config/ansible/tasks/servers/zfs.yml
View File

@ -1,3 +1,4 @@
---
- name: Install ZFS
ansible.builtin.package:
name:

5
config/ansible/tasks/workstations/1password-zen-browser.yml
View File

@ -1,3 +1,4 @@
---
- name: Check if 1Password is installed
ansible.builtin.command: 1password --version
register: onepassword_check
@ -14,7 +15,7 @@
ansible.builtin.file:
path: /etc/1password
state: directory
mode: '0755'
mode: "0755"
become: true
- name: Add Zen browser to 1Password custom allowed browsers
@ -27,7 +28,7 @@
dest: /etc/1password/custom_allowed_browsers
owner: root
group: root
mode: '0755'
mode: "0755"
become: true
register: custom_browsers_file

4
config/ansible/tasks/workstations/firefoxpwa.yml
View File

@ -14,7 +14,7 @@
ansible.builtin.get_url:
url: https://packagecloud.io/filips/FirefoxPWA/gpgkey
dest: /usr/share/keyrings/firefoxpwa-keyring.gpg
mode: '0644'
mode: "0644"
become: true
- name: Import FirefoxPWA GPG key
@ -28,7 +28,7 @@
ansible.builtin.copy:
content: "deb [signed-by=/usr/share/keyrings/firefoxpwa-keyring.gpg] https://packagecloud.io/filips/FirefoxPWA/any any main"
dest: /etc/apt/sources.list.d/firefoxpwa.list
mode: '0644'
mode: "0644"
become: true
- name: Update apt cache

1
config/ansible/tasks/workstations/flatpaks.yml
View File

@ -1,3 +1,4 @@
---
- name: Check if Flatpak is installed
ansible.builtin.command: which flatpak
register: flatpak_check

1
config/ansible/tasks/workstations/gnome-extensions.yml
View File

@ -1,3 +1,4 @@
---
- name: Install Pano - Clipboard Manager dependencies
ansible.builtin.apt:
name:

6
config/ansible/tasks/workstations/gnome-extensions/manage_gnome_extension.yml
View File

@ -35,14 +35,14 @@
ansible.builtin.file:
path: "{{ extension_path }}"
state: directory
mode: '0755'
mode: "0755"
when: not ext_check.stat.exists or update_needed
- name: Download extension
ansible.builtin.get_url:
url: "{{ extension_url | replace('%TAG%', requested_git_tag) }}"
dest: "{{ extension_path }}/release.zip"
mode: '0644'
mode: "0644"
when: update_needed or not ext_check.stat.exists
- name: Extract extension
@ -55,7 +55,7 @@
ansible.builtin.copy:
content: "{{ requested_git_tag }}"
dest: "{{ version_file }}"
mode: '0644'
mode: "0644"
when: update_needed or not ext_check.stat.exists
- name: Cleanup post installation

1
config/ansible/tasks/workstations/gnome-extensions/pano.yml
View File

@ -1,3 +1,4 @@
---
- name: Manage Pano Clipboard Manager
ansible.builtin.include_tasks: tasks/workstations/gnome-extensions/manage_gnome_extension.yml
vars:

1
config/ansible/tasks/workstations/gnome-extensions/tilingshell.yml
View File

@ -1,3 +1,4 @@
---
- name: Manage Tiling Shell - Window Manager
ansible.builtin.include_tasks: tasks/workstations/gnome-extensions/manage_gnome_extension.yml
vars:

6
config/ansible/tasks/workstations/megasync.yml
View File

@ -19,21 +19,21 @@
ansible.builtin.get_url:
url: https://mega.nz/linux/repo/xUbuntu_24.10/amd64/megasync-xUbuntu_24.10_amd64.deb
dest: "{{ temp_download_dir.path }}/megasync.deb"
mode: '0644'
mode: "0644"
when: megasync_check.rc != 0
- name: Download MegaSync Nautilus DEB Package
ansible.builtin.get_url:
url: https://mega.nz/linux/repo/xUbuntu_24.04/amd64/nautilus-megasync-xUbuntu_24.04_amd64.deb
dest: "{{ temp_download_dir.path }}/megasync-nautilus-extras.deb"
mode: '0644'
mode: "0644"
when: megasync_check.rc != 0
- name: Downlod MegaSync Nemo DEB Package
ansible.builtin.get_url:
url: https://mega.nz/linux/repo/xUbuntu_24.04/amd64/nemo-megasync-xUbuntu_24.04_amd64.deb
dest: "{{ temp_download_dir.path }}/megasync-nemo-extras.deb"
mode: '0644'
mode: "0644"
when: megasync_check.rc != 0
- name: Install MegaSync package

1
config/ansible/tasks/workstations/snaps.yml
View File

@ -1,3 +1,4 @@
---
- name: Ensure snapd is installed
ansible.builtin.package:
name: snapd

1
config/ansible/tasks/workstations/symlinks.yml
View File

@ -1,3 +1,4 @@
---
- name: Set user home directory
ansible.builtin.set_fact:
user_home: "{{ ansible_env.HOME if ansible_user_id == 'root' else lookup('env', 'HOME') }}"

15
config/ansible/tasks/workstations/ulauncher.yml
View File

@ -1,3 +1,4 @@
---
- name: Ensure Ulauncher and dependencies are installed
ansible.builtin.package:
name:
@ -18,13 +19,13 @@
ansible.builtin.file:
path: "~/.config/ulauncher"
state: directory
mode: '0755'
mode: "0755"
- name: Configure Ulauncher settings
ansible.builtin.copy:
content: "{{ ulauncher_settings | to_json }}"
dest: "~/.config/ulauncher/settings.json"
mode: '0644'
mode: "0644"
vars:
ulauncher_settings:
blacklisted-desktop-dirs: >
@ -44,7 +45,7 @@
ansible.builtin.copy:
content: "{{ ulauncher_shortcuts | to_json }}"
dest: "~/.config/ulauncher/shortcuts.json"
mode: '0644'
mode: "0644"
vars:
ulauncher_shortcuts:
"0bab9d26-5464-4501-bc95-9995d8fa1405":
@ -70,7 +71,7 @@
name: "GoLink"
keyword: "go"
cmd: "http://go/%s"
icon: null
icon:
is_default_search: false
run_without_argument: false
added: 0
@ -79,7 +80,7 @@
name: "NixOS"
keyword: "nix"
cmd: "https://search.nixos.org/packages?query=%s"
icon: null
icon:
is_default_search: false
run_without_argument: false
added: 0
@ -88,7 +89,7 @@
name: "Flathub"
keyword: "flat"
cmd: "https://flathub.org/apps/search?q=%s"
icon: null
icon:
is_default_search: false
run_without_argument: false
added: 0
@ -97,7 +98,7 @@
name: "GitHub"
keyword: "gh"
cmd: "https://github.com/search?q=%s"
icon: null
icon:
is_default_search: false
run_without_argument: false
added: 0

5
config/ansible/tasks/workstations/vscode.yml
View File

@ -1,3 +1,4 @@
---
- name: Gather OS facts
ansible.builtin.setup:
filter: ansible_distribution
@ -18,12 +19,12 @@
gpgcheck=1
gpgkey=https://packages.microsoft.com/keys/microsoft.asc
dest: /etc/yum.repos.d/vscode.repo
mode: '0644'
mode: "0644"
when: os_facts.ansible_facts.ansible_distribution == 'Fedora'
- name: Add VSCode repository (Ubuntu/Debian)
ansible.builtin.apt_repository:
repo: 'deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main'
repo: "deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main"
state: present
when: os_facts.ansible_facts.ansible_distribution in ['Ubuntu', 'Debian']

1
config/ansible/tasks/workstations/workstation.yml
View File

@ -1,3 +1,4 @@
---
- name: Workstation Setup
block:
- name: Include workstation symlinks tasks

9
config/ansible/tasks/workstations/zen-browser.yml
View File

@ -1,3 +1,4 @@
---
- name: Set Zen browser version
ansible.builtin.set_fact:
zen_browser_version: "1.9b"
@ -6,14 +7,14 @@
ansible.builtin.file:
path: "/opt/{{ browser_name }}"
state: directory
mode: '0755'
mode: "0755"
become: true
- name: Download Zen browser tarball
ansible.builtin.get_url:
url: "https://github.com/zen-browser/desktop/releases/download/{{ zen_browser_version }}/zen.linux-x86_64.tar.xz"
dest: "/tmp/{{ browser_name }}.tar.xz"
mode: '0644'
mode: "0644"
become: true
- name: Extract browser tarball
@ -61,7 +62,7 @@
Name=Open the Profile Manager
Exec=/usr/local/bin/{{ browser_name }} --ProfileManager %u
dest: "/usr/share/applications/zen.desktop"
mode: '0644'
mode: "0644"
become: true
- name: Update desktop database
@ -73,7 +74,7 @@
- name: Make desktop file executable
ansible.builtin.file:
dest: "/usr/share/applications/zen.desktop"
mode: '0755'
mode: "0755"
become: true
- name: Clean up downloaded tarball