Add Ansible configuration and remove NixOS

2025-01-20 09:18:58 +01:00
parent 4e28e5cbb0
commit e1aa41d1d3
107 changed files with 368 additions and 2902 deletions
--- a/config/ansible/ansible.cfg
+++ b/config/ansible/ansible.cfg
@ -0,0 +1,3 @@
+[defaults]
+inventory = inventory.ini
+retry_files_enabled = False
--- a/config/ansible/group_vars/servers.yml
+++ b/config/ansible/group_vars/servers.yml
@ -0,0 +1,2 @@
+flatpaks: false
+install_ui_apps: false
--- a/config/ansible/group_vars/workstations.yml
+++ b/config/ansible/group_vars/workstations.yml
@ -0,0 +1,2 @@
+flatpaks: true
+install_ui_apps: true
--- a/config/ansible/inventory.ini
+++ b/config/ansible/inventory.ini
@ -0,0 +1,6 @@
+[workstations]
+mennos-laptop ansible_connection=local
+mennos-desktop ansible_connection=local
+
+[servers]
+mennos-server ansible_connection=local
--- a/config/ansible/main.yml
+++ b/config/ansible/main.yml
@ -0,0 +1,46 @@
+- hosts: all
+  gather_facts: true
+  
+  tasks:
+    - name: Include VSCode tasks
+      ansible.builtin.import_tasks: tasks/vscode.yml
+      when: hostname in ['mennos-laptop', 'mennos-desktop']
+      become: true
+
+    - name: Include Rust tasks
+      ansible.builtin.import_tasks: tasks/rust.yml
+      become: true
+
+    - name: Include Brave tasks
+      ansible.builtin.import_tasks: tasks/brave.yml
+      when: hostname in ['mennos-laptop', 'mennos-desktop']
+      become: true
+    
+    - name: Include 1Password tasks
+      ansible.builtin.import_tasks: tasks/1password.yml
+      when: hostname in ['mennos-laptop', 'mennos-desktop']
+      become: true
+
+    - name: Include symlinks tasks
+      ansible.builtin.import_tasks: tasks/symlinks.yml
+
+    - name: Include flatpaks tasks
+      ansible.builtin.import_tasks: tasks/flatpaks.yml
+      when: hostname in ['mennos-laptop', 'mennos-desktop']
+
+    - name: Gather package facts
+      ansible.builtin.package_facts:
+        manager: auto
+      become: true
+      
+    - name: Ensure common packages are installed
+      ansible.builtin.package:
+        name:
+          - git
+          - vim
+          - pipx
+          - trash-cli
+          - curl
+          - wget
+        state: present
+      become: true
--- a/config/ansible/tasks/1password.yml
+++ b/config/ansible/tasks/1password.yml
@ -0,0 +1,43 @@
+- name: Import 1Password GPG key (RPM)
+  ansible.builtin.rpm_key:
+    key: https://downloads.1password.com/linux/keys/1password.asc
+    state: present
+  when: ansible_pkg_mgr == "yum" or ansible_pkg_mgr == "dnf"
+
+- name: Import 1Password GPG key (APT)
+  ansible.builtin.apt_key:
+    url: https://downloads.1password.com/linux/keys/1password.asc
+    state: present
+  when: ansible_pkg_mgr == "apt"
+
+- name: Add 1Password repository (RPM)
+  ansible.builtin.copy:
+    content: |
+      [1password]
+      name=1Password Stable Channel
+      baseurl=https://downloads.1password.com/linux/rpm/stable/$basearch
+      enabled=1
+      gpgcheck=1
+      repo_gpgcheck=1
+      gpgkey=https://downloads.1password.com/linux/keys/1password.asc
+    dest: /etc/yum.repos.d/1password.repo
+    mode: '0644'
+  when: ansible_pkg_mgr == "yum" or ansible_pkg_mgr == "dnf"
+
+- name: Add 1Password repository (APT)
+  ansible.builtin.apt_repository:
+    repo: deb [arch=amd64] https://downloads.1password.com/linux/debian stable main
+    state: present
+  when: ansible_pkg_mgr == "apt"
+
+- name: Install 1Password CLI (RPM)
+  ansible.builtin.package:
+    name: 1password-cli
+    state: present
+  when: ansible_pkg_mgr == "yum" or ansible_pkg_mgr == "dnf"
+
+- name: Install 1Password CLI (APT)
+  ansible.builtin.package:
+    name: 1password-cli
+    state: present
+  when: ansible_pkg_mgr == "apt"
--- a/config/ansible/tasks/brave.yml
+++ b/config/ansible/tasks/brave.yml
@ -0,0 +1,9 @@
+- name: Check if Brave is installed
+  ansible.builtin.command: brave-browser --version
+  register: brave_check
+  changed_when: false
+  failed_when: false
+
+- name: Install Brave Browser
+  shell: curl -fsS https://dl.brave.com/install.sh | sh -s -- -y
+  when: brave_check.rc != 0
--- a/config/ansible/tasks/flatpaks.yml
+++ b/config/ansible/tasks/flatpaks.yml
@ -0,0 +1,45 @@
+- name: Add Flathub remote repository
+  community.general.flatpak_remote:
+    name: flathub
+    flatpakrepo_url: https://flathub.org/repo/flathub.flatpakrepo
+    state: present
+
+- name: Install Flatpak applications
+  community.general.flatpak:
+    name: "{{ item }}"
+    state: present
+  loop:
+    - org.gnome.Extensions
+    - com.endlessnetwork.aqueducts
+    - com.tomjwatson.Emote
+    - io.github.openhv.OpenHV
+    - net.wz2100.wz2100
+    - com.github.k4zmu2a.spacecadetpinball
+    - com.usebottles.bottles
+    - io.github.shiftey.Desktop
+    - org.fedoraproject.MediaWriter
+    - com.github.tchx84.Flatseal
+    - de.haeckerfelix.Shortwave
+    - io.github.thetumultuousunicornofdarkness.cpu-x
+    - org.gnome.Crosswords
+    - com.github.wwmm.easyeffects
+    - dev.bragefuglseth.Keypunch
+    - org.onlyoffice.desktopeditors
+    - com.jeffser.Alpaca
+    - info.beyondallreason.bar
+    - io.gitlab.adhami3310.Impression
+    - org.prismlauncher.PrismLauncher
+    - com.logseq.Logseq
+    - io.ente.auth
+    - me.proton.Mail
+    - org.signal.Signal
+    - com.mardojai.ForgeSparks
+    - io.github.fastrizwaan.WineZGUI
+    - net.davidotek.pupgui2
+    - tv.plex.PlexDesktop
+    - com.mastermindzh.tidal-hifi
+    - io.github.flattool.Warehouse
+    - net.lutris.Lutris
+    - com.plexamp.Plexamp
+    - io.github.nokse22.Exhibit
+    - net.nokyan.Resources
--- a/config/ansible/tasks/rust.yml
+++ b/config/ansible/tasks/rust.yml
@ -0,0 +1,20 @@
+- name: Check if Rust is installed
+  ansible.builtin.shell: source $HOME/.cargo/env && rustc --version
+  register: rust_check
+  changed_when: false
+  failed_when: false
+  args:
+    executable: /bin/bash
+
+- name: Install Rust and Cargo
+  shell: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
+  args:
+    creates: ~/.cargo/bin/rustc
+  when: rust_check.rc != 0
+
+- name: Add Cargo to PATH
+  ansible.builtin.lineinfile:
+    path: ~/.bashrc
+    line: 'source $HOME/.cargo/env'
+    create: yes
+  when: rust_check.rc != 0
--- a/config/ansible/tasks/symlinks.yml
+++ b/config/ansible/tasks/symlinks.yml
@ -0,0 +1,59 @@
+- name: Set user home directory
+  set_fact:
+    user_home: "{{ ansible_env.HOME if ansible_user_id == 'root' else lookup('env', 'HOME') }}"
+
+- name: Create basic symlinks
+  ansible.builtin.file:
+    src: "{{ item.src | replace('~', user_home) }}"
+    dest: "{{ item.dest | replace('~', user_home) }}"
+    state: link
+    force: yes
+    follow: false
+  loop:
+    - { src: "~/dotfiles/config/home-manager", dest: "~/.config/home-manager" }
+    - { src: "~/dotfiles/vscode/settings.json", dest: "~/.config/Code/User/settings.json" }
+    - { src: "~/dotfiles/config/ssh/config", dest: "~/.ssh/config" }
+    - { src: "~/dotfiles/config/ssh/config.d", dest: "~/.ssh/config.d" }
+    - { src: "~/dotfiles/config/starship.toml", dest: "~/.config/starship.toml" }
+
+- name: Create gitconfig symlink
+  ansible.builtin.file:
+    src: "{{ gitconfig_mapping[hostname] | replace('~', user_home) }}"
+    dest: "{{ user_home }}/.gitconfig"
+    state: link
+    force: yes
+    follow: false
+  vars:
+    gitconfig_mapping:
+      mennos-server: "~/dotfiles/config/git/gitconfig.mennos-server"
+      mennos-desktop: "~/dotfiles/config/git/gitconfig.linux"
+      mennos-gamingpc: "~/dotfiles/config/git/gitconfig.linux"
+      mennos-laptop: "~/dotfiles/config/git/gitconfig.linux"
+      homeserver-pc: "~/dotfiles/config/git/gitconfig.linux"
+      wsl: "~/dotfiles/config/git/gitconfig.wsl"
+
+- name: Create u2f keys symlink
+  ansible.builtin.file:
+    src: "{{ item | replace('~', user_home) }}"
+    dest: "{{ user_home }}/.config/Yubico/u2f_keys"
+    state: link
+    force: yes
+    follow: false
+  loop:
+    - "~/dotfiles/config/Yubico/u2f_keys"
+
+- name: Create SSH authorized_keys symlink
+  ansible.builtin.file:
+    src: "{{ authorized_keys_mapping[hostname] | replace('~', user_home) }}"
+    dest: "{{ user_home }}/.ssh/authorized_keys"
+    state: link
+    force: yes
+    follow: false
+  vars:
+    authorized_keys_mapping:
+      mennos-server: "~/dotfiles/config/ssh/authorized_keys/mennos-server"
+      mennos-desktop: "~/dotfiles/config/ssh/authorized_keys/mennos-desktop"
+      mennos-gamingpc: "~/dotfiles/config/ssh/authorized_keys/mennos-gamingpc"
+      mennos-laptop: "~/dotfiles/config/ssh/authorized_keys/mennos-laptop"
+      homeserver-pc: "~/dotfiles/config/ssh/authorized_keys/homeserver-pc"
+      wsl: "~/dotfiles/config/ssh/authorized_keys/wsl"
--- a/config/ansible/tasks/vscode.yml
+++ b/config/ansible/tasks/vscode.yml
@ -0,0 +1,31 @@
+- name: Import Microsoft GPG key
+  ansible.builtin.rpm_key:
+    key: https://packages.microsoft.com/keys/microsoft.asc
+    state: present
+  become: true
+
+- name: Add VSCode repository
+  ansible.builtin.copy:
+    content: |
+      [code]
+      name=Visual Studio Code
+      baseurl=https://packages.microsoft.com/yumrepos/vscode
+      enabled=1
+      gpgcheck=1
+      gpgkey=https://packages.microsoft.com/keys/microsoft.asc
+    dest: /etc/yum.repos.d/vscode.repo
+    mode: '0644'
+  become: true
+
+- name: Check if VSCode is installed
+  ansible.builtin.command: code --version
+  register: vscode_check
+  changed_when: false
+  failed_when: false
+
+- name: Install VSCode
+  ansible.builtin.package:
+    name: code
+    state: present
+  become: true
+  when: vscode_check.rc != 0