diff --git a/.config/yadm/bootstrap b/.config/yadm/bootstrap new file mode 100644 index 00000000..b50011c6 --- /dev/null +++ b/.config/yadm/bootstrap @@ -0,0 +1,16 @@ +#!/bin/sh + +# Because Git submodule commands cannot operate without a work tree, they must +# be run from within $HOME (assuming this is the root of your dotfiles) +cd "$HOME" + +echo "Init submodules" +yadm submodule update --recursive --init + +system_type=$(lsb_release -s -d | tr -d '"') + +if [[ $system_type == "Arch Linux" ]]; then + # Install System Tools and Configurations + ansible-galaxy collection install kewlfft.aur + ansible-playbook -v -u $USER -K playbook_system_arch.yml + ansible-playbook -v -u $USER -K playbook_packages_arch.yml diff --git a/.config/yadm/inventory b/.config/yadm/inventory new file mode 100644 index 00000000..2e66b474 --- /dev/null +++ b/.config/yadm/inventory @@ -0,0 +1,15 @@ +[target_arch_machines] +localhost +# 10.0.19.165 +# 10.0.19.160 +# 10.0.19.153 +# arch-docker-host +# archlinuxx +# 192.168.1.50 + +[all:vars] +ansible_connection=local +# ansible_connection=ssh +# ansible_user=spravca +# ansible_ssh_pass=aaa +# ansible_sudo_pass=aaa diff --git a/.config/yadm/playbook_packages_arch.yml b/.config/yadm/playbook_packages_arch.yml new file mode 100644 index 00000000..3087529c --- /dev/null +++ b/.config/yadm/playbook_packages_arch.yml @@ -0,0 +1,141 @@ +--- +- name: playbook_packages.yml - arch packages + hosts: all + become: yes + + tasks: + # ARCH PACKAGES --------------------------------------------------------------------------- + - name: install base packages + pacman: + update_cache: yes + name: + - android-file-transfer + - android-tools + - baobab + - bat + - blender + - bluez + - blueman + - btop + - celluloid + - clamtk + - dbeaver + - diff-so-fancy + - discord + - dua-cli + - eza + - easyeffects + - fd + - fzf + - galculator + - gamemode + - geeqie + - gnome-disk-utility + - gst-plugins-base + - hyprland + - kitty + - kvantum + - lazygit + - libreoffice-still + - lsp-plugins + - lxappearance + - mesa + - mpv + - navi + - nemo + - nemo-fileroller + - nemo-image-converter + - neofetch + - neovide + - neovim + - npm + - nm-connection-editor + - nvtop + - obsidian + - onefetch + - pavucontrol + - pinta + - polkit-gnome + - ripgrep + - ripgrep-all + - scrcpy + - sd + - swappy + - swaydile + - thunderbird + - ufw + - waybar + - wine + - wl-clipboard + - yt-dlp + - yarn + - xplr + - zathura + - zathura-pdf-mupdf + + # AUR PACKAGES --------------------------------------------------------------------------- + - name: install aur packages + kewlfft.aur.aur: + name: + - amf-amdgpu-pro + - activitywatch-bin + - adwsteamgtk + - android-sdk-platform-tools + - ani-cli + - arronax + - betterdiscord-installer-bin + - brave-bin + - catppuccin-gtk-macchiato + - cava + - cemu-bin + - devify + - downgrade + - find-the-command + - heroic-games-launcher + - hyprpicker-git + - hyprshot + - lazynpm + - librewolf-bin + - ludusavi + - mangal-bin + - nerd-fonts-git + - nwg-displays + - nwg-look + - obs-studio-amf + - paccache-hook + - pika-backup + - pinterest-downloader-git + - pipes.sh + - prettierd + - proton-ge-custom-bin + - pyprland + - spotdl + - reflector-pacman-hook-git + - rofi-lboon-wayland-git + - rofi-file-browser-extended-git + - scc-bin + - sddm-git + - shell-color-scripts + - spicetify-cli + - spotify + - swaylock-effects + - swaync + - swayosd-git + - swww + - sysz + - tgpt-bin + - ttf-ms-win11-auto + - tty-clock-git + - unimatrix-git + - upscayl-bin + - vkbasalt + - vulkan-amdgpu-pro + - wev + - wl-clip-persist-git + - wleave-git + - wlr-randr + - wlrobs-hg + - xdg-desktop-portal-hyprland-git + - youtube-dl + - ytdlp-gui + - zarchive-git diff --git a/.config/yadm/playbook_system_arch.yml b/.config/yadm/playbook_system_arch.yml new file mode 100644 index 00000000..cd7f9d65 --- /dev/null +++ b/.config/yadm/playbook_system_arch.yml @@ -0,0 +1,270 @@ +--- +- name: playbook_system.yml - arch system changes and services + hosts: all + become: yes + + tasks: + # ARCH FULL UPDATE ---------------------------------------------------------- + + - name: update arch + pacman: + update_cache: yes + upgrade: yes + + # YAY TO ACCESS AUR REPOSITORY ---------------------------------------------- + + - name: disable need for password for pacman to allow yay install + lineinfile: + path: /etc/sudoers.d/temp_allow_no_pswd_pacman + state: present + line: "ALL ALL=NOPASSWD: /usr/bin/pacman" + validate: /usr/sbin/visudo -cf %s + create: yes + + - name: git clone yay-bin repo in to /tmp + become: no + git: + repo: "https://aur.archlinux.org/yay-bin.git" + dest: /tmp/yay-bin + clone: yes + + - name: install yay using makepkg + become: no + expect: + chdir: /tmp/yay-bin + command: makepkg -si + responses: + (?i)Proceed with installation: "y" + + - name: re-enable need for password for pacman + file: + path: /etc/sudoers.d/temp_allow_no_pswd_pacman + state: absent + + - name: set yay options to cleanafter package installation + become: no + shell: yay -Y --answerclean All --removemake --cleanafter --save + args: + executable: /usr/bin/bash + + # SYSTEM SETTINGS CHANGES ---------------------------------------------------- + + - name: pacman - enable color + lineinfile: + path: /etc/pacman.conf + regexp: "^#Color$" + line: "Color" + + - name: pacman - enable ParallelDownloads = 5 + lineinfile: + path: /etc/pacman.conf + regexp: "#ParallelDownloads = 5" + line: "ParallelDownloads = 5" + + - name: makepkg - disable compression + lineinfile: + path: /etc/makepkg.conf + regexp: "PKGEXT='.pkg.tar.zst'" + line: "PKGEXT='.pkg.tar'" + + - name: makepkg - enable parallel compilation MAKEFLAGS="-j$(nproc)" + lineinfile: + path: /etc/makepkg.conf + regexp: '#MAKEFLAGS="-j2"' + line: 'MAKEFLAGS="-j$(nproc)"' + + - name: fstab change relatime to noatime + replace: + path: /etc/fstab + regexp: "relatime" + replace: "noatime" + + - name: change number of failed logins that triger 10min lockout + lineinfile: + path: /etc/security/faillock.conf + regexp: "^# deny = 3$" + line: "deny = 10" + + - name: enable members of wheel group to sudo + lineinfile: + path: /etc/sudoers.d/01_wheel_allow_sudo + state: present + line: "%wheel ALL=(ALL:ALL) ALL" + validate: /usr/sbin/visudo -cf %s + create: yes + + # SSH ------------------------------------------------------------------------ + + - name: install ssh + pacman: + name: + - openssh + + - name: enable and start ssh service + systemd: + name: sshd + enabled: yes + state: started + + # LOCATE THE QUICK FILE SEARCH ---------------------------------------------- + + - name: install plocate + pacman: + name: + - plocate + + - name: enable and start ~12h updatedb timer + systemd: + name: plocate-updatedb.timer + enabled: yes + state: started + + # ARCHLINUX-KEYRING WEEKLY UPDATE ------------------------------------------- + + - name: archlinux-keyring - enable weekly update + systemd: + name: archlinux-keyring-wkd-sync.timer + enabled: yes + state: started + + # SSD TRIM SCHEDULED -------------------------------------------------------- + + - name: install util-linux + pacman: + name: + - util-linux + + - name: enable and start weekly ssd disks trim using fstrim timer + systemd: + name: fstrim.timer + enabled: yes + state: started + + # REFLECTOR TO REGULARLY UPDATE MIRRORLIST --- + + - name: install reflector + pacman: + name: + - reflector + + - name: write reflector configuration file + copy: + dest: "/etc/xdg/reflector/reflector.conf" + content: | + --save /etc/pacman.d/mirrorlist + --protocol http + --country ES + --score 20 + --sort rate + + - name: enable and start reflector timer + systemd: + name: reflector.timer + enabled: yes + state: started + + - name: do initial run of reflector.service + systemd: + name: reflector + enabled: yes + state: started + + # LOGROTATE ----------------------------------------------------------------- + + - name: install logrotate + pacman: + name: + - logrotate + + - name: logrotate - enable compression + lineinfile: + path: /etc/logrotate.conf + regexp: "^#compress$" + line: "compress" + + - name: enable and start daily logs rotation, cleanup + systemd: + name: logrotate.timer + enabled: yes + state: started + + # DOCKER -------------------------------------------------------------------- + - name: install docker and docker compose + pacman: + update_cache: yes + name: + - docker + - docker-compose + + - name: install lazydocker + kewlfft.aur.aur: + name: + - lazydocker + + - name: docker service + systemd: + name: docker + enabled: yes + state: restarted + + - name: add the user to docker group + user: + name: "{{ ansible_user }}" + groups: docker + append: yes + + - name: Create /etc/docker directory if it does not exist + file: + path: /etc/docker + state: directory + mode: "0755" + + - name: set default max logs size to 250MB and set logs rotation + copy: + dest: "/etc/docker/daemon.json" + content: | + { + "log-driver": "json-file", + "log-opts": { + "max-size": "50m", + "max-file": "5" + } + } + + # PIPEWIRE --------------------------------------------------------------------------------- + - name: install pipewire and dependencies + pacman: + name: + - pipewire + - pipewire-alsa + - wireplumber + - alsa-utils + + - name: Pipewire service + systemd: + name: pipewire + state: restarted + enabled: yes + + - name: WirePlumber service + systemd: + name: wireplumber + state: restarted + enabled: yes + + # FISH ------------------------------------------------------------- + - name: intall fish, fisher and other tools + pacman: + name: + - fish + - fisher + - atuin + - zoxide + - thefuck + - starship + - vivid + + - name: change default shell to fish for the local user + user: + name: "{{ ansible_user }}" + shell: /usr/bin/fish