kayprish/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(yadm): yadm bootstrap and ansible scripts

Browse source 
first setup to use in the future ansible and yadm. this is made to automatized the installation
process in a new machine
This commit is contained in:
Sergio Laín 2023-10-01 21:41:21 +02:00
parent ff7c140afb
commit d25ee1dfda
No known key found for this signature in database
GPG key ID: 14C9B8080681777B
4 changed files with 442 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
.config/yadm/bootstrap Normal file
View file

@ -0,0 +1,16 @@
#!/bin/sh
# Because Git submodule commands cannot operate without a work tree, they must
# be run from within $HOME (assuming this is the root of your dotfiles)
cd "$HOME"
echo "Init submodules"
yadm submodule update --recursive --init
system_type=$(lsb_release -s -d | tr -d '"')
if [[ $system_type == "Arch Linux" ]]; then
# Install System Tools and Configurations
ansible-galaxy collection install kewlfft.aur
ansible-playbook -v -u $USER -K playbook_system_arch.yml
ansible-playbook -v -u $USER -K playbook_packages_arch.yml

15
.config/yadm/inventory Normal file
View file

@ -0,0 +1,15 @@
[target_arch_machines]
localhost
# 10.0.19.165
# 10.0.19.160
# 10.0.19.153
# arch-docker-host
# archlinuxx
# 192.168.1.50
[all:vars]
ansible_connection=local
# ansible_connection=ssh
# ansible_user=spravca
# ansible_ssh_pass=aaa
# ansible_sudo_pass=aaa

141
.config/yadm/playbook_packages_arch.yml Normal file
View file

@ -0,0 +1,141 @@
---
- name: playbook_packages.yml - arch packages
hosts: all
become: yes
tasks:
# ARCH PACKAGES ---------------------------------------------------------------------------
- name: install base packages
pacman:
update_cache: yes
name:
- android-file-transfer
- android-tools
- baobab
- bat
- blender
- bluez
- blueman
- btop
- celluloid
- clamtk
- dbeaver
- diff-so-fancy
- discord
- dua-cli
- eza
- easyeffects
- fd
- fzf
- galculator
- gamemode
- geeqie
- gnome-disk-utility
- gst-plugins-base
- hyprland
- kitty
- kvantum
- lazygit
- libreoffice-still
- lsp-plugins
- lxappearance
- mesa
- mpv
- navi
- nemo
- nemo-fileroller
- nemo-image-converter
- neofetch
- neovide
- neovim
- npm
- nm-connection-editor
- nvtop
- obsidian
- onefetch
- pavucontrol
- pinta
- polkit-gnome
- ripgrep
- ripgrep-all
- scrcpy
- sd
- swappy
- swaydile
- thunderbird
- ufw
- waybar
- wine
- wl-clipboard
- yt-dlp
- yarn
- xplr
- zathura
- zathura-pdf-mupdf
# AUR PACKAGES ---------------------------------------------------------------------------
- name: install aur packages
kewlfft.aur.aur:
name:
- amf-amdgpu-pro
- activitywatch-bin
- adwsteamgtk
- android-sdk-platform-tools
- ani-cli
- arronax
- betterdiscord-installer-bin
- brave-bin
- catppuccin-gtk-macchiato
- cava
- cemu-bin
- devify
- downgrade
- find-the-command
- heroic-games-launcher
- hyprpicker-git
- hyprshot
- lazynpm
- librewolf-bin
- ludusavi
- mangal-bin
- nerd-fonts-git
- nwg-displays
- nwg-look
- obs-studio-amf
- paccache-hook
- pika-backup
- pinterest-downloader-git
- pipes.sh
- prettierd
- proton-ge-custom-bin
- pyprland
- spotdl
- reflector-pacman-hook-git
- rofi-lboon-wayland-git
- rofi-file-browser-extended-git
- scc-bin
- sddm-git
- shell-color-scripts
- spicetify-cli
- spotify
- swaylock-effects
- swaync
- swayosd-git
- swww
- sysz
- tgpt-bin
- ttf-ms-win11-auto
- tty-clock-git
- unimatrix-git
- upscayl-bin
- vkbasalt
- vulkan-amdgpu-pro
- wev
- wl-clip-persist-git
- wleave-git
- wlr-randr
- wlrobs-hg
- xdg-desktop-portal-hyprland-git
- youtube-dl
- ytdlp-gui
- zarchive-git

270
.config/yadm/playbook_system_arch.yml Normal file
View file

@ -0,0 +1,270 @@
---
- name: playbook_system.yml - arch system changes and services
hosts: all
become: yes
tasks:
# ARCH FULL UPDATE ----------------------------------------------------------
- name: update arch
pacman:
update_cache: yes
upgrade: yes
# YAY TO ACCESS AUR REPOSITORY ----------------------------------------------
- name: disable need for password for pacman to allow yay install
lineinfile:
path: /etc/sudoers.d/temp_allow_no_pswd_pacman
state: present
line: "ALL ALL=NOPASSWD: /usr/bin/pacman"
validate: /usr/sbin/visudo -cf %s
create: yes
- name: git clone yay-bin repo in to /tmp
become: no
git:
repo: "https://aur.archlinux.org/yay-bin.git"
dest: /tmp/yay-bin
clone: yes
- name: install yay using makepkg
become: no
expect:
chdir: /tmp/yay-bin
command: makepkg -si
responses:
(?i)Proceed with installation: "y"
- name: re-enable need for password for pacman
file:
path: /etc/sudoers.d/temp_allow_no_pswd_pacman
state: absent
- name: set yay options to cleanafter package installation
become: no
shell: yay -Y --answerclean All --removemake --cleanafter --save
args:
executable: /usr/bin/bash
# SYSTEM SETTINGS CHANGES ----------------------------------------------------
- name: pacman - enable color
lineinfile:
path: /etc/pacman.conf
regexp: "^#Color$"
line: "Color"
- name: pacman - enable ParallelDownloads = 5
lineinfile:
path: /etc/pacman.conf
regexp: "#ParallelDownloads = 5"
line: "ParallelDownloads = 5"
- name: makepkg - disable compression
lineinfile:
path: /etc/makepkg.conf
regexp: "PKGEXT='.pkg.tar.zst'"
line: "PKGEXT='.pkg.tar'"
- name: makepkg - enable parallel compilation MAKEFLAGS="-j$(nproc)"
lineinfile:
path: /etc/makepkg.conf
regexp: '#MAKEFLAGS="-j2"'
line: 'MAKEFLAGS="-j$(nproc)"'
- name: fstab change relatime to noatime
replace:
path: /etc/fstab
regexp: "relatime"
replace: "noatime"
- name: change number of failed logins that triger 10min lockout
lineinfile:
path: /etc/security/faillock.conf
regexp: "^# deny = 3$"
line: "deny = 10"
- name: enable members of wheel group to sudo
lineinfile:
path: /etc/sudoers.d/01_wheel_allow_sudo
state: present
line: "%wheel ALL=(ALL:ALL) ALL"
validate: /usr/sbin/visudo -cf %s
create: yes
# SSH ------------------------------------------------------------------------
- name: install ssh
pacman:
name:
- openssh
- name: enable and start ssh service
systemd:
name: sshd
enabled: yes
state: started
# LOCATE THE QUICK FILE SEARCH ----------------------------------------------
- name: install plocate
pacman:
name:
- plocate
- name: enable and start ~12h updatedb timer
systemd:
name: plocate-updatedb.timer
enabled: yes
state: started
# ARCHLINUX-KEYRING WEEKLY UPDATE -------------------------------------------
- name: archlinux-keyring - enable weekly update
systemd:
name: archlinux-keyring-wkd-sync.timer
enabled: yes
state: started
# SSD TRIM SCHEDULED --------------------------------------------------------
- name: install util-linux
pacman:
name:
- util-linux
- name: enable and start weekly ssd disks trim using fstrim timer
systemd:
name: fstrim.timer
enabled: yes
state: started
# REFLECTOR TO REGULARLY UPDATE MIRRORLIST ---
- name: install reflector
pacman:
name:
- reflector
- name: write reflector configuration file
copy:
dest: "/etc/xdg/reflector/reflector.conf"
content: |
--save /etc/pacman.d/mirrorlist
--protocol http
--country ES
--score 20
--sort rate
- name: enable and start reflector timer
systemd:
name: reflector.timer
enabled: yes
state: started
- name: do initial run of reflector.service
systemd:
name: reflector
enabled: yes
state: started
# LOGROTATE -----------------------------------------------------------------
- name: install logrotate
pacman:
name:
- logrotate
- name: logrotate - enable compression
lineinfile:
path: /etc/logrotate.conf
regexp: "^#compress$"
line: "compress"
- name: enable and start daily logs rotation, cleanup
systemd:
name: logrotate.timer
enabled: yes
state: started
# DOCKER --------------------------------------------------------------------
- name: install docker and docker compose
pacman:
update_cache: yes
name:
- docker
- docker-compose
- name: install lazydocker
kewlfft.aur.aur:
name:
- lazydocker
- name: docker service
systemd:
name: docker
enabled: yes
state: restarted
- name: add the user to docker group
user:
name: "{{ ansible_user }}"
groups: docker
append: yes
- name: Create /etc/docker directory if it does not exist
file:
path: /etc/docker
state: directory
mode: "0755"
- name: set default max logs size to 250MB and set logs rotation
copy:
dest: "/etc/docker/daemon.json"
content: |
{
"log-driver": "json-file",
"log-opts": {
"max-size": "50m",
"max-file": "5"
}
}
# PIPEWIRE ---------------------------------------------------------------------------------
- name: install pipewire and dependencies
pacman:
name:
- pipewire
- pipewire-alsa
- wireplumber
- alsa-utils
- name: Pipewire service
systemd:
name: pipewire
state: restarted
enabled: yes
- name: WirePlumber service
systemd:
name: wireplumber
state: restarted
enabled: yes
# FISH -------------------------------------------------------------
- name: intall fish, fisher and other tools
pacman:
name:
- fish
- fisher
- atuin
- zoxide
- thefuck
- starship
- vivid
- name: change default shell to fish for the local user
user:
name: "{{ ansible_user }}"
shell: /usr/bin/fish