gergely/machina-installer
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Initial version

Browse Source
This commit is contained in:
Gergely Polonkai
2021-04-07 16:43:32 +02:00
commit 1ed4abf338
13 changed files with 429 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
inventory/group_vars/machina/vars.yml Normal file
View File

@@ -0,0 +1,9 @@
cjdns_private_key: "{{ vault_cjdns_private_key }}"
cjdns_public_key: "{{ vault_cjdns_public_key }}"
cjdns_ipv6: "{{ vault_cjdns_ipv6 }}"
cjdns_incoming_username: "{{ vault_cjdns_incoming_username }}"
cjdns_incoming_password: "{{ vault_cjdns_incoming_password }}"
cjdns_snoopy_username: "{{ vault_cjdns_snoopy_username }}"
cjdns_snoopy_password: "{{ vault_cjdns_snoopy_password }}"
cjdns_woodstock_username: "{{ vault_cjdns_woodstock_username }}"
cjdns_woodstock_password: "{{ vault_cjdns_woodstock_password }}"

32
inventory/group_vars/machina/vault Normal file
View File

@@ -0,0 +1,32 @@
$ANSIBLE_VAULT;1.1;AES256
36343161633137616464616236386334623262393334336338316563663937346461326462656134
3164373839356632313830616339613630343238303036310a323939376666393466326164333061
37653631393664396235383937323933313832333764386234323639636364376362313764396132
6335653536616432300a363436353930336336393061343439376233653136303836316438623461
35656533386463613864656134663037626662383837646535656231313538613735396638353438
37623431356162366365613436626239353064633439623665663037393064633362333333626537
30646663396537346661646531326466666266656162616261303963383032626330383837313933
37643031323364333061363235396361626630613338626164363736383037636565313639663864
61616437323930326636623062663238653531393762373862616466363839386335373732363466
61613766353261323861616462653935333734306339383531326234336139623036663434336339
64396533346661653235323862656561643737656561366635353637303034663338633132343466
64343632326562333465646161633536353465376436653034333036636161323861336163303532
39616162656239616533303734313534316632623663613736306130653338333232346165613763
33346632373131633066323563343063663664356239653831313163386363353065333539616433
35623537333830613066616361333933613838346362656164663466373137353330306435643730
63343866373734326437653038313533613566353338653237393761663662326539326435613866
39626437326363636137346335356163323239303865353734666263653137626237383436613133
37643465613430613133626466646133623166393739373935366132393834373766343831353632
61633964353530623134356564323235343966643131663434643137386230643339363661613930
33313531646462636662316232346231303033383032343265356632653132353233303736366261
32393330316534383862653037333061353339353538663865333439346637393836636264313564
34636536373434373236643562323236363137366266396363326361363434346333383833363130
36643335363039613732363366623865343330643234666639613934386430353430343534643365
38663133623031316161653862323135396661303931393734633735366333333464616233303335
36663038656631656366626539623739363964303139643430363138366537336563663233333164
66656663636439313564386134653662363030393132646435396538363462613463333163346166
63383239646634366537663331646530313337306231323836356331343566346163343536363630
61316361366433393334666266346664326662653864356134393435366161663162333662653530
39333036653965666438636438366262643861313033326564613837666633386630333138386230
39323864376663376437643764386134313563633763323639373037656639346339633761376361
376563656336353636613061323263353933

2
inventory/hosts Normal file
View File

@@ -0,0 +1,2 @@
[machina]
machina

10
machina.yml Normal file
View File

@@ -0,0 +1,10 @@
---
- import_playbook: playbooks/dnf-repos.yml hostlist=machina
- import_playbook: playbooks/user.yml hostlist=machina
- import_playbook: playbooks/packages.yml hostlist=machina
- import_playbook: playbooks/python.yml hostlist=machina
- import_playbook: playbooks/npm.yml hostlist=machina
- import_playbook: playbooks/user.yml hostlist=machina
- import_playbook: playbooks/spotify-install.yml hostlist=machina
- import_playbook: playbooks/systemd-user.yml hostlist=machina
- import_playbook: playbooks/cjdns.yml hostlist=machina

25
playbooks/cjdns.yml Normal file
View File

@@ -0,0 +1,25 @@
- hosts: "{{ hostlist }}"
tasks:
- name: Install cjdns and its tools
become: true
dnf:
name:
- cjdns
- cjdns-tools
state: latest
- name: Create the configuration file
become: true
template:
src: cjdroute.conf.j2
dest: /etc/cjdroute.conf
owner: root
group: root
mode: '0600'
validate: 'cjdroute --cleanconf < %s'
backup: true
- name: Enable and start the service
become: true
systemd:
name: cjdns.service
enabled: true
state: started

29
playbooks/dnf-repos.yml Normal file
View File

@@ -0,0 +1,29 @@
- hosts: "{{ hostlist }}"
tasks:
- name: Install the RPM Fusion Free GPG key
become: true
rpm_key:
key: "https://rpmfusion.net/keys?action=AttachFile&do=get&target=RPM-GPG-KEY-rpmfusion-free-fedora-2020"
fingerprint: E9A4 91A3 DE24 7814 E7E0 67EA E06F 8ECD D651 FF2E
state: present
- name: Enable the RPM Fusion Free repository
become: true
dnf:
name: "https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-{{ansible_distribution_major_version}}.noarch.rpm"
state: present
- name: Install the RPM Fusion Non-free GPG key
become: true
rpm_key:
key: "https://rpmfusion.net/keys?action=AttachFile&do=get&target=RPM-GPG-KEY-rpmfusion-nonfree-fedora-2020"
fingerprint: 79BD B88F 9BBF 7391 0FD4 095B 6A2A F961 9484 3C65
state: present
- name: Enable the RPM Fusion Non-free repository
become: true
dnf:
name: "https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-{{ansible_distribution_major_version}}.noarch.rpm"
state: present
- name: Enable the skidnik/termite repo
become: true
community.general.copr:
name: "skidnik/termite"
state: enabled

7
playbooks/npm.yml Normal file
View File

@@ -0,0 +1,7 @@
- hosts: "{{ hostlist }}"
tasks:
- name: Install diff-so-fancy
community.general.npm:
name: diff-so-fancy
global: yes
state: latest

194
playbooks/packages.yml Normal file
View File

@@ -0,0 +1,194 @@
- hosts: "{{ hostlist }}"
tasks:
- name: Install Ansible
become: true
dnf:
name: ansible
state: latest
- name: Install some daemons
become: true
dnf:
name:
- pcsc-lite
- avahi
- cups
- libvirt-daemon
- postgresql-server
- zeromq
- redis
- mariadb-server
- memcached
- bind
state: latest
- name: Install Emacs
become: true
dnf:
name:
- emacs
- maildir-utils
- emacs-gettext
state: latest
- name: Install my favourite command line tools
become: true
dnf:
name:
- util-linux-user
- fish
- tar
- exa
- tmux
- mc
- fzf
- zoxide
- the_silver_searcher
- pass
- vim-enhanced
- bat
- git
- git-email
- git-extras
- git-gui
- vdirsyncer
- offlineimap
- msmtp
- bpytop
- pinentry-tty
- ffmpeg
- tar
- gzip
- bzip2
- xz
- khal
- khard
- krb5-workstation
- whois
- asciinema
- bind-utils
state: latest
- name: Install development stuff
become: true
dnf:
name:
- bats
- podman
- buildah
- gdb
- autoconf
- autoconf-archive
- automake
- bison
- byacc
- flex
- gcc
- gcc-c++
- intltool
- libtool
- yarnpkg
- mercurial
- cvs
- subversion
- d-feet
- arduino
- arduino-builder
- fritzing
- global
- jq
- meson
- ninja-build
- cmake
state: latest
- name: Install my desktop environment
become: true
dnf:
name:
- sway
- mako
- wob
- swayidle
- termite
- waybar
- swaylock
- clipman
- wl-clipboard
- playerctl
- bemenu
- kde-connect
- pinentry-gtk
- epiphany
- chromium
- mplayer
- gajim
- youtube-dl
- wshowkeys
state: latest
- name: Install my graphical applications
become: true
dnf:
name:
- firefox-wayland
- meld
- nheko
- nextcloud-client
- calibre
- kicad
- qcad
- openscad
- libreoffice
- gimp
- gimagereader-gtk
- blender
- audacity
- virt-manager
- ImageMagick
- inkscape
- krita
state: latest
- name: Install some games
become: true
dnf:
name:
- minetest
- warsow
- widelands
state: latest
- name: Install language packs
become: true
dnf:
name:
- aspell-en
- aspell-is
- autocorr-en
- autocorr-hu
- autocorr-is
- gimp-help-en_GB
- glibc-langpack-en
- glibc-langpack-hu
- glibc-langpack-is
- hunspell-en
- hunspell-en-GB
- hunspell-en-US
- hunspell-hu
- hunspell-is
- hyphen-en
- hyphen-hu
- hyphen-is
- langpacks-core-en
- langpacks-core-en_GB
- langpacks-core-hu
- langpacks-core-is
- langpacks-core-font-en
- langpacks-core-font-hu
- langpacks-core-font-is
- langpacks-en
- langpacks-en_GB
- langpacks-hu
- langpacks-is
- libreoffice-help-en
- libreoffice-help-hu
- libreoffice-langpack-en
- libreoffice-langpack-hu
- mythes-en
- mythes-hu
- tesseract-langpack-eng
- tesseract-langpack-hun
- tesseract-langpack-isl

6
playbooks/python.yml Normal file
View File

@@ -0,0 +1,6 @@
- hosts: "{{ hostlist }}"
tasks:
- name: Install the xdg Python module
pip:
name: xdg
extra_args: --user

13
playbooks/spotify-install.yml Normal file
View File

@@ -0,0 +1,13 @@
- hosts: "{{ hostlist }}"
tasks:
- name: Pre-install Spotify requirements
become: true
dnf:
name: lpf-spotify-client
state: latest
- name: Approve the Spotify LPF module
command: sh -c 'echo y | env PAGER=/bin/cat lpf approve spotify-client'
- name: Build the Spotify LPF module
command: sh -c 'echo y | lpf build spotify-client'
- name: Install the Spotify LPF module
command: sh -c 'echo y | lpf install spotify-client'

18
playbooks/systemd-user.yml Normal file
View File

@@ -0,0 +1,18 @@
- hosts: "{{ hostlist }}"
tasks:
- name: Enable Pipewire service
systemd:
name: pipewire.service
enabled: true
- name: Enable Pipewire-Pulse service
systemd:
name: pipewire-pulse.service
enabled: true
- name: Enable Pipewire socket
systemd:
name: pipewire.socket
enabled: true
- name: Enable Pipewire-Pulse socket
systemd:
name: pipewire-pulse.socket
enabled: true

68
playbooks/templates/cjdroute.conf.j2 Normal file
View File

@@ -0,0 +1,68 @@
{
"privateKey": "{{ cjdns_private_key }}",
"publicKey": "{{ cjdns_public_key }}",
"ipv6": "{{ cjdns_ipv6 }}",
"authorizedPasswords": [
{"password": "{{ cjdns_incoming_username }}", "user": "{{ cjdns_incoming_password }}"}
],
"admin": {
"bind": "127.0.0.1:11234",
"password": "NONE"
},
"interfaces": {
"UDPInterface": [
{
"bind": "0.0.0.0:40183",
"connectTo": {
"198.211.126.112:44970": {
"login": "{{ cjdns_snoopy_username }}",
"password": "{{ cjdns_snoopy_password }}",
"publicKey": "2vvjxl91bnk2z3h33ys6ulm3rblxr4d427cg846ycgjhccvs1wf0.k",
"peerName": "snoopy"
},
"165.227.155.27:47266": {
"login": "{{ cjdns_woodstock_username }}",
"password": "{{ cjdns_woodstock_password }}",
"publicKey": "m6q1ks6pm72k4wur3knt77yukkku1c1vwzus1ympwvkkk7746sc0.k",
"peerName": "woodstock"
}
}
},
{
"bind": "[::]:40183",
"connectTo": {}
}
],
"ETHInterface": [
{
"bind": "all",
"beacon": 2,
"connectTo": {}
}
]
},
"router": {
"supernodes": [],
"interface": {
"type": "TUNInterface",
"tunDevice": "cjdns"
},
"ipTunnel": {
"allowedConnections": [],
"outgoingConnections": []
}
},
"security": [
{ "setuser": "cjdns", "keepNetAdmin": 1 },
{ "chroot": "/var/empty/cjdns" },
{ "nofiles": 0 },
{ "noforks": 1 },
{ "seccomp": 1 },
{ "setupComplete": 1 }
],
"logging": {},
"noBackground": 0,
"pipe": "cjdroute.sock",
"version": 2
}

16
playbooks/user.yml Normal file
View File

@@ -0,0 +1,16 @@
- hosts: "{{ hostlist }}"
tasks:
- name: Add the user polesz
become: true
user:
name: polesz
comment: POLONKAI Gergely
uid: 1000
shell: /usr/bin/fish
state: present
- name: Add user polesz to some extra groups
become: true
user:
name: polesz
groups: cdrom,dialout,games,kvm,libvirt,pkg-build,printadmin,video,wheel
append: true