diff options
author | Lars Wirzenius <liw@liw.fi> | 2022-06-19 06:50:46 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2022-06-19 06:50:46 +0300 |
commit | 92e3caf423173ff54c0fcb7701bf4948e2f818b0 (patch) | |
tree | 82e61d8189857c2e11db104fb3986eac7b5ddf50 /ansible/solace.yml | |
parent | ff22ac659e302bba4545fe5018a30e710083926c (diff) | |
download | ansibleness-92e3caf423173ff54c0fcb7701bf4948e2f818b0.tar.gz |
solace: add initial version
Sponsored-by: author
Diffstat (limited to 'ansible/solace.yml')
-rw-r--r-- | ansible/solace.yml | 201 |
1 files changed, 201 insertions, 0 deletions
diff --git a/ansible/solace.yml b/ansible/solace.yml new file mode 100644 index 0000000..44ea2d4 --- /dev/null +++ b/ansible/solace.yml @@ -0,0 +1,201 @@ +- hosts: solace + remote_user: root + become: no + roles: + - role: sane_debian_system + - role: ssd + - role: comfortable-debian-system + - role: chaoskey-host + - role: version-controller + - role: emacs + - role: gnupg-workstation + - role: gnome-system + - role: ansible + - role: vmhost + - role: smarthost-client + - role: mail-client + - role: annexed +# - role: riot-host + - role: liw-usual +# # - role: writing-dev-env +# # - role: journal-workstation +# # - role: debian-dev-env +# # - role: subplot-dev-env +# # - role: obnam-dev-env +# # - role: tex-dev-env +# # - role: python-dev-env + - role: unix_users + - role: rust-rustup + tags: [rustup] + + tasks: + # Remove ping to force it be reinstalled so that the right + # capabilities are set. + - apt: + name: iputils-ping + state: absent + + - apt: + name: + - black + - build-essential + - capnproto + - clang + - daemonize + - expect + - extrautils + - firmware-misc-nonfree + - fling + - gimp + - inkscape + - iputils-ping + - isync + - jq + - jt + - libclang-dev + - libsqlite3-dev + - libssl-dev + - libvirt-dev + - linux-perf + - liw-automation + - llvm + - nettle-dev + - nfs-common + - obnam + - obnam-benchmark + - openpgp-ca + - pandoc-filter-diagram + - pavucontrol + - pkg-config + - printer-driver-ptouch + - qemu-user-static + - sequoia-chameleon-gnupg + - shellcheck + - sq-liw + - sqlite3 + - sshca + - subplot + - texlive-latex-extra + - texlive-latex-recommended + - usbutils + - uuid + - validns + - vlc + - vmdb2 + - xpdf + - zerofree + + - lineinfile: + path: /etc/gdm3/daemon.conf + regexp: WaylandEnable= + line: WaylandEnable=false + + - lineinfile: + path: /etc/xdg/autostart/gnome-keyring-ssh.desktop + line: Hidden=true + + - lineinfile: + path: /etc/X11/Xsession.options + line: use-ssh-agent + state: absent + + - file: + state: directory + path: /home/liw/.config/autostart + owner: liw + group: liw + + - copy: + content: | + [Desktop Entry] + Type=Application + Name=gpg-agent + Comment=gpg-agent + Exec=/usr/bin/gpg-agent --daemon + OnlyShowIn=GNOME;Unity;MATE; + X-GNOME-Autostart-Phase=PreDisplayServer + X-GNOME-AutoRestart=false + X-GNOME-Autostart-Notify=true + X-GNOME-Bugzilla-Bugzilla=GNOME + X-GNOME-Bugzilla-Product=gnome-keyring + X-GNOME-Bugzilla-Component=general + X-GNOME-Bugzilla-Version=3.20.0 + dest: /home/liw/.config/autostart/gpg-agent.desktop + owner: liw + group: liw + + vars: + ansible_python_interpreter: /usr/bin/python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: solace + sane_debian_system_codename: bullseye + sane_debian_system_timezone: Europe/Helsinki + sane_debian_system_sources_lists: + - repo: | + deb http://deb.debian.org/debian bullseye contrib non-free + + - repo: | + deb-src http://deb.debian.org/debian bullseye main contrib non-free + + - repo: | + deb http://security.debian.org/debian-security bullseye-security main contrib non-free + + - repo: | + deb http://code.liw.fi/debian unstable main + signing_key: "{{ code_liw_fi_signing_key }}" + + - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main + signing_key: "{{ ci_prod_signing_key }}" + + - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable main + signing_key: "{{ ci_prod_signing_key }}" + + unix_users_version: 2 + unix_users: + - username: liw + comment: Lars Wirzenius + sudo: yes + groups: + - audio + - bluetooth + - cdrom + - dialout + - dip + - floppy + - libvirt + - netdev + - plugdev + - scanner + - video + authorized_keys: | + {{ liw_personal_ssh_pub }} + + mailname: "{{ sane_debian_system_hostname }}.liw.fi" + + hostname: "{{ sane_debian_system_hostname }}" + relayhost: pieni.net:587 + smarthost: pieni.net + smarthost_user: pienirelay + smarthost_password: "{{ lookup('pipe', 'pass show pieni.net/pienirelay') }}" + + rustup_cargo_install: | + cargo-audit \ + cargo-deny \ + cargo-deps \ + bandwhich \ + bat \ + cargo-edit \ + cargo-geiger \ + cargo-outdated \ + exa \ + fd-find \ + flamegraph \ + git-delta \ + hyperfine \ + ripgrep \ + starship \ + tokei \ + zoxide \ + fzf \ + ytop |