added git, services, role-template-dir, copr

2022-07-18 12:59:28 -07:00
parent 9a49c6a9fa
commit 4c2651c5a9
19 changed files with 395 additions and 69 deletions
--- a/roles/base/files/systemd/user/syncthing.service
+++ b/roles/base/files/systemd/user/syncthing.service
@@ -1,20 +0,0 @@
-[Unit]
-Description=Syncthing - Open Source Continuous File Synchronization
-Documentation=man:syncthing(1)
-StartLimitIntervalSec=60
-StartLimitBurst=4
-
-[Service]
-ExecStart=/usr/bin/syncthing serve --no-browser --no-restart --logflags=0
-Restart=on-failure
-RestartSec=1
-SuccessExitStatus=3 4
-RestartForceExitStatus=3 4
-
-# Hardening
-SystemCallArchitectures=native
-MemoryDenyWriteExecute=true
-NoNewPrivileges=true
-
-[Install]
-WantedBy=default.target
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -1,5 +1,27 @@
 ---
-# Default directory management
+- name: Configure DNF
+  template:
+    src: dnf.conf.j2
+    dest: /etc/dnf/dnf.conf
+
+- name: Create groups
+  group:
+    name: "{{ item.value.group }}"
+    gid: "{{ item.value.uid }}"
+    state: "{{ item.value.state }}"
+  loop: "{{ init_users | dict2items }}"
+
+- name: Ensure Users are Configured Correctly
+  user:
+    name: "{{ item.value.name }}"
+    uid: "{{ item.value.uid }}"
+    group: "{{ item.value.group }}"
+    groups: "{{ item.value.groups }}"
+    state: "{{ item.value.state }}"
+    create_home: "{{ item.value.create_home }}"
+    shell: "{{ item.value.shell }}"
+  loop: "{{ init_users | dict2items }}"
+
 - name: Create or ensure presence of custom home directories
  file:
    path: /home/opal/{{ item }}
@@ -29,22 +51,3 @@
  template:
     src: motd.j2
     dest: /etc/motd
-
-# # Git repositories
-# - name: Pull dotfiles down from git
-#   git:
-#     repo: 'git@codeberg.org:opalvaults/opalfiles.git'
-#     dest: "/home/opal/opalfiles"
-#     key_file: "/home/opal/.ssh/ry_ecdsa"
-#   become: yes
-#   become_user: opal
-#   become_method: su
-
-# - name: Pull cookbook down from git
-#   git:
-#     repo: 'git@codeberg.org:opalvaults/sysadmin-cookbook.git'
-#     dest: "/home/opal/projects/sysadmin-cookbook"
-#     key_file: "/home/opal/.ssh/ry_ecdsa"
-#   become: yes
-#   become_user: opal
-#   become_method: su
--- a/roles/base/templates/dnf.conf.j2
+++ b/roles/base/templates/dnf.conf.j2
@@ -0,0 +1,10 @@
+# see `man dnf.conf` for defaults and possible options
+
+[main]
+fastestmirror=True
+max_parallel_downloads=10
+gpgcheck=True
+installonly_limit=3
+clean_requirements_on_remove=True
+best=False
+skip_if_unavailable=True
--- a/roles/base/vars/main.yml
+++ b/roles/base/vars/main.yml
@@ -17,6 +17,7 @@ create_directories:
  - downloads
  - scripts
  - pictures
+  - sync

 init_users:
  opal:
--- a/roles/copr/tasks/main.yml
+++ b/roles/copr/tasks/main.yml
@@ -0,0 +1,17 @@
+---
+- name: Enable Iosevka Font Repo
+  command:
+    cmd: dnf copr enable -y {{ iosevka_font_repo }}
+    creates: "{{ iosevka_font_repo_path }}"
+      #creates: /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:peterwu:iosevka.repo
+
+- name: Enable Hack Font Repo
+  command:
+    cmd: dnf copr enable -y {{ hack_font_repo }} 
+    creates: "{{ hack_font_repo_path}}"
+
+- name: Install COPR Packages
+  dnf:
+    name: "{{ item }}"
+    state: present
+  loop: "{{ copr_packages }}"
--- a/roles/copr/vars/main.yml
+++ b/roles/copr/vars/main.yml
@@ -0,0 +1,10 @@
+---
+iosevka_font_repo: peterwu/iosevka
+iosevka_font_repo_path: /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:peterwu:iosevka.repo fedora-updates-testing.repo
+
+hack_font_repo: zawertun/hack-fonts
+hack_font_repo_path: /etc/yum.repod.d/_copr:copr.fedorainfracloud.org:zawertun:hack-fonts.repo fedora-updates.repo
+
+copr_packages:
+  - hack-fonts
+  - iosevka-fonts
--- a/roles/flatpak/tasks/main.yml
+++ b/roles/flatpak/tasks/main.yml
@@ -5,9 +5,6 @@
    state: present
    method: user
    flatpakrepo_url: https://flathub.org/repo/flathub.flatpakrepo
-  become: yes
-  become_user: opal
-  become_method: su

 - name: Install Flatpak Packages
  community.general.flatpak:
@@ -15,6 +12,3 @@
    state: present
    method: user
  loop: "{{ flatpak_packages }}"
-  become: yes
-  become_user: opal
-  become_method: su
--- a/roles/git/tasks/main.yml
+++ b/roles/git/tasks/main.yml
@@ -0,0 +1,24 @@
+---
+- name: Pull Dotfiles Repository
+  git:
+    repo: "{{ dotfiles_repo }}"
+    dest: "{{ dotfiles_dest }}"
+    update: no
+
+- name: Pull Cookbook Repository
+  git:
+    repo: "{{ cookbook_repo }}"
+    dest: "{{ cookbook_dest }}"
+    update: no
+
+- name: Pull pfetch
+  git:
+    repo: "{{ pfetch_repo }}"
+    dest: "{{ pfetch_dest }}"
+    update: no
+
+- name: Pull Doom Emacs
+  git:
+    repo: "{{ doom_emacs_repo }}"
+    dest: "{{ doom_emacs_dest }}"
+    update: no
--- a/roles/git/vars/.main.yml.swp
+++ b/roles/git/vars/.main.yml.swp
--- a/roles/git/vars/main.yml
+++ b/roles/git/vars/main.yml
@@ -0,0 +1,24 @@
+---
+dotfiles_repo: https://codeberg.org/opalvaults/opalfiles.git
+dotfiles_dest: ~/opalfiles
+
+cookbook_repo: https://codeberg.org/opalvaults/opalfiles.git
+cookbook_dest: ~/projects/sysadmin-cookbook
+
+doom_emacs_repo: https://github.com/doomemacs/doomemacs 
+doom_emacs_dest: /home/opal/.config/emacs
+doom_emacs_install_cmd: /home/opal/.config/emacs/bin/doom -y install
+
+pfetch_repo: https://github.com/dylanaraps/pfetch
+pfetch_repo_dest: ~/bin/pfetch
+
+init_users:
+  opal:
+    name: opal
+    uid: 2000
+    group: opal
+    groups: wheel
+    state: present
+    shell: /usr/bin/zsh
+    create_home: true
+
--- a/roles/packages/tasks/main.yml
+++ b/roles/packages/tasks/main.yml
@@ -5,43 +5,43 @@
    state: latest

 - name: Install Window Manager Packages
-  package:
+  dnf:
    name: "{{ item }}"
    state: present
-    update_cache: yes
  loop: "{{ wm_packages }}"

 - name: Install CLI Packages
-  package:
+  dnf:
    name: "{{ item }}"
    state: present
-    update_cache: yes
  loop: "{{ cli_packages }}"

 - name: Install General Packages
-  package:
+  dnf:
    name: "{{ item }}"
    state: present
-    update_cache: yes
  loop: "{{ general_packages }}"

 - name: Install Doom Emacs Dependencies
-  package:
+  dnf:
    name: "{{ item }}"
    state: present
-    update_cache: yes
  loop: "{{ doom_dep_packages }}"

 - name: Install Networking Packages
-  package:
+  dnf:
    name: "{{ item }}"
    state: present
-    update_cache: yes
  loop: "{{ networking_packages }}"

 - name: Install Font Packages
-  package:
+  dnf:
    name: "{{ item }}"
    state: present
-    update_cache: yes
-  loop: "{{ fontawesome-fonts }}"
+  loop: "{{ font_packages }}"
+
+- name: Install Veracrypt from RPM
+  dnf:
+    name: "{{ veracrypt_url }}"
+    state: present
+    disable_gpg_check: True
--- a/roles/packages/vars/main.yml
+++ b/roles/packages/vars/main.yml
@@ -9,6 +9,7 @@ wm_packages:
  - dunst
  - grim
  - grimshot
+  - wdisplays

 cli_packages:
  - alacritty
@@ -32,14 +33,12 @@ cli_packages:
  - git
  - fd-find
  - screen
-  - lf
  - htop

 general_packages:
  - firefox
  - emacs
  - RemoteBox
-  - spice-vdaget
  - network-manager-applet
  - thunar
  - ansible
@@ -68,4 +67,6 @@ doom_dep_packages:

 font_packages:
  - fontawesome5-fonts
-  - abattis-cantarell
+  - abattis-cantarell-fonts
+
+veracrypt_url: https://launchpad.net/veracrypt/trunk/1.25.9/+download/veracrypt-1.25.9-CentOS-8-x86_64.rpm
--- a/roles/pip/vars/main.yml
+++ b/roles/pip/vars/main.yml
@@ -2,3 +2,4 @@
 pip_packages:
  - borgmatic
  - keep
+  - flashfocus
--- a/roles/role-template-dir/tasks/main.yml
+++ b/roles/role-template-dir/tasks/main.yml
@@ -0,0 +1 @@
+---
--- a/roles/role-template-dir/vars/main.yml
+++ b/roles/role-template-dir/vars/main.yml
@@ -0,0 +1 @@
+---