Use fully-qualified module names
This commit is contained in:
parent
414d50abb3
commit
33eca23199
64 changed files with 190 additions and 189 deletions
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
collections:
|
||||
- ansible.posix
|
||||
- community.general
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
- name: Set system locale
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/locale.conf
|
||||
line: "LANG=en_GB.UTF-8"
|
||||
create: yes
|
||||
- name: Set default paper size
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/papersize
|
||||
line: a4
|
||||
create: yes
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
- name: Blacklist pcspkr module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist pcspkr
|
||||
create: yes
|
||||
- name: Blacklist dvb_usb_rtl28xxu module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist dvb_usb_rtl28xxu
|
||||
create: yes
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
---
|
||||
- name: Upgrade all packages
|
||||
become: true
|
||||
pacman:
|
||||
community.general.pacman:
|
||||
upgrade: yes
|
||||
- name: Install CLI packages
|
||||
become: true
|
||||
pacman:
|
||||
community.general.pacman:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
update_cache: yes
|
||||
|
|
@ -39,7 +39,7 @@
|
|||
- zsh
|
||||
- name: Enable TLP
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: tlp.service
|
||||
enabled: true
|
||||
state: started
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Install GUI packages
|
||||
become: true
|
||||
pacman:
|
||||
community.general.pacman:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
update_cache: yes
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Enable CUPS
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: org.cups.cupsd.service
|
||||
enabled: yes
|
||||
state: started
|
||||
|
|
|
|||
|
|
@ -1,15 +1,15 @@
|
|||
---
|
||||
- name: Install solokeys udev rule
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: 70-solokeys-access.rules
|
||||
dest: /etc/udev/rules.d/70-solokeys-access.rules
|
||||
register: solokeys_copy
|
||||
- name: Reload udevadm rules
|
||||
become: true
|
||||
command: udevadm control --reload-rules
|
||||
ansible.builtin.command: udevadm control --reload-rules
|
||||
when: solokeys_copy.changed
|
||||
- name: Trigger udevadm
|
||||
become: true
|
||||
command: udevadm trigger
|
||||
ansible.builtin.command: udevadm trigger
|
||||
when: solokeys_copy.changed
|
||||
|
|
|
|||
|
|
@ -1,20 +1,20 @@
|
|||
---
|
||||
- name: Disable SSH passwords
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
regexp: '^#?\w*PasswordAuthentication (yes|no)'
|
||||
line: 'PasswordAuthentication no'
|
||||
register: changed_ssh_config
|
||||
- name: Enable SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: sshd.service
|
||||
enabled: yes
|
||||
state: started
|
||||
- name: Restart SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: sshd.service
|
||||
state: restarted
|
||||
when: changed_ssh_config.changed == true
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Install build environment packages
|
||||
become: true
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
force_apt_get: yes
|
||||
|
|
@ -16,12 +16,12 @@
|
|||
- pbuilder
|
||||
- name: Copy pbuilderrc
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: pbuilderrc
|
||||
dest: /etc/pbuilderrc
|
||||
- name: Set permissions on /var/cache/pbuilder/result
|
||||
become: true
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: /var/cache/pbuilder/result
|
||||
state: directory
|
||||
owner: root
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
---
|
||||
- name: Set default Xorg/Wayland keyboard layout
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: keyboard
|
||||
dest: /etc/default/keyboard
|
||||
register: keyboard_copy
|
||||
- name: Update initramfs
|
||||
become: true
|
||||
command: /usr/sbin/update-initramfs -k all -u
|
||||
ansible.builtin.command: /usr/sbin/update-initramfs -k all -u
|
||||
when: keyboard_copy.changed
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
- name: Blacklist pcspkr module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist pcspkr
|
||||
create: yes
|
||||
- name: Blacklist dvb_usb_rtl28xxu module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist dvb_usb_rtl28xxu
|
||||
create: yes
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Install CLI packages
|
||||
become: true
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
force_apt_get: yes
|
||||
|
|
@ -44,6 +44,6 @@
|
|||
- zsh
|
||||
- name: Load /etc/profile in zsh
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/zsh/zprofile
|
||||
line: emulate sh -c 'source /etc/profile'
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Install GUI packages
|
||||
become: true
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
force_apt_get: yes
|
||||
|
|
|
|||
|
|
@ -1,15 +1,15 @@
|
|||
---
|
||||
- name: Install solokeys udev rule
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: 70-solokeys-access.rules
|
||||
dest: /etc/udev/rules.d/70-solokeys-access.rules
|
||||
register: solokeys_copy
|
||||
- name: Reload udevadm rules
|
||||
become: true
|
||||
command: udevadm control --reload-rules
|
||||
ansible.builtin.command: udevadm control --reload-rules
|
||||
when: solokeys_copy.changed
|
||||
- name: Trigger udevadm
|
||||
become: true
|
||||
command: udevadm trigger
|
||||
ansible.builtin.command: udevadm trigger
|
||||
when: solokeys_copy.changed
|
||||
|
|
|
|||
|
|
@ -1,20 +1,20 @@
|
|||
---
|
||||
- name: Disable SSH passwords
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
regexp: '^#?\w*PasswordAuthentication (yes|no)'
|
||||
line: 'PasswordAuthentication no'
|
||||
register: changed_ssh_config
|
||||
- name: Enable SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: ssh.service
|
||||
enabled: yes
|
||||
state: started
|
||||
- name: Restart SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: ssh.service
|
||||
state: restarted
|
||||
when: changed_ssh_config.changed == true
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
- name: Blacklist pcspkr module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist pcspkr
|
||||
create: yes
|
||||
- name: Blacklist dvb_usb_rtl28xxu module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist dvb_usb_rtl28xxu
|
||||
create: yes
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
---
|
||||
- name: Check for CentOS-Stream-PowerTools.repo file
|
||||
stat:
|
||||
ansible.builtin.stat:
|
||||
path: /etc/yum.repos.d/CentOS-Stream-PowerTools.repo
|
||||
register: pt
|
||||
- name: Enable CentOS Stream PowerTools repository
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/yum.repos.d/CentOS-Stream-PowerTools.repo
|
||||
create: false
|
||||
regexp: ^enabled=
|
||||
|
|
@ -13,7 +13,7 @@
|
|||
when: ansible_distribution == 'CentOS' and pt.stat.exists
|
||||
- name: Install CLI packages
|
||||
become: true
|
||||
dnf:
|
||||
ansible.builtin.dnf:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
vars:
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Install GUI packages
|
||||
become: true
|
||||
dnf:
|
||||
ansible.builtin.dnf:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
vars:
|
||||
|
|
|
|||
|
|
@ -1,15 +1,15 @@
|
|||
---
|
||||
- name: Install solokeys udev rule
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: 70-solokeys-access.rules
|
||||
dest: /etc/udev/rules.d/70-solokeys-access.rules
|
||||
register: solokeys_copy
|
||||
- name: Reload udevadm rules
|
||||
become: true
|
||||
command: udevadm control --reload-rules
|
||||
ansible.builtin.command: udevadm control --reload-rules
|
||||
when: solokeys_copy.changed
|
||||
- name: Trigger udevadm
|
||||
become: true
|
||||
command: udevadm trigger
|
||||
ansible.builtin.command: udevadm trigger
|
||||
when: solokeys_copy.changed
|
||||
|
|
|
|||
|
|
@ -1,26 +1,26 @@
|
|||
---
|
||||
- name: Disable SSH passwords
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
regexp: '^#?\w*PasswordAuthentication (yes|no)'
|
||||
line: 'PasswordAuthentication no'
|
||||
register: changed_ssh_config
|
||||
- name: Enable SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: sshd.service
|
||||
enabled: yes
|
||||
state: started
|
||||
- name: Restart SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: sshd.service
|
||||
state: restarted
|
||||
when: changed_ssh_config.changed == true
|
||||
- name: Allow SSH through firewall
|
||||
become: true
|
||||
firewalld:
|
||||
ansible.posix.firewalld:
|
||||
service: ssh
|
||||
permanent: yes
|
||||
state: enabled
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
- name: Blacklist pcspkr module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist pcspkr
|
||||
create: yes
|
||||
- name: Blacklist dvb_usb_rtl28xxu module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist dvb_usb_rtl28xxu
|
||||
create: yes
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Install CLI packages
|
||||
become: true
|
||||
dnf:
|
||||
ansible.builtin.dnf:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
vars:
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Install GUI packages
|
||||
become: true
|
||||
dnf:
|
||||
ansible.builtin.dnf:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
vars:
|
||||
|
|
|
|||
|
|
@ -1,15 +1,15 @@
|
|||
---
|
||||
- name: Install solokeys udev rule
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: 70-solokeys-access.rules
|
||||
dest: /etc/udev/rules.d/70-solokeys-access.rules
|
||||
register: solokeys_copy
|
||||
- name: Reload udevadm rules
|
||||
become: true
|
||||
command: udevadm control --reload-rules
|
||||
ansible.builtin.command: udevadm control --reload-rules
|
||||
when: solokeys_copy.changed
|
||||
- name: Trigger udevadm
|
||||
become: true
|
||||
command: udevadm trigger
|
||||
ansible.builtin.command: udevadm trigger
|
||||
when: solokeys_copy.changed
|
||||
|
|
|
|||
|
|
@ -1,26 +1,26 @@
|
|||
---
|
||||
- name: Disable SSH passwords
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
regexp: '^#?\w*PasswordAuthentication (yes|no)'
|
||||
line: 'PasswordAuthentication no'
|
||||
register: changed_ssh_config
|
||||
- name: Enable SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: sshd.service
|
||||
enabled: yes
|
||||
state: started
|
||||
- name: Restart SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: sshd.service
|
||||
state: restarted
|
||||
when: changed_ssh_config.changed == true
|
||||
- name: Allow SSH through firewall
|
||||
become: true
|
||||
firewalld:
|
||||
ansible.posix.firewalld:
|
||||
service: ssh
|
||||
permanent: yes
|
||||
state: enabled
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
---
|
||||
- name: Install core CLI packages
|
||||
become: true
|
||||
pkgng:
|
||||
community.general.pkgng:
|
||||
name: drm-kmod,en-freebsd-doc,git,pkg,py37-ansible,sudo
|
||||
state: present
|
||||
- name: Install additional CLI packages
|
||||
become: true
|
||||
pkgng:
|
||||
community.general.pkgng:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
vars:
|
||||
|
|
@ -24,7 +24,7 @@
|
|||
- zsh
|
||||
- name: Install asciidoctor-pdf Ruby gem
|
||||
become: true
|
||||
gem:
|
||||
community.general.gem:
|
||||
name: asciidoctor-pdf
|
||||
state: present
|
||||
pre_release: yes
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
---
|
||||
- name: Install core GUI packages
|
||||
become: true
|
||||
pkgng:
|
||||
community.general.pkgng:
|
||||
name: drm-kmod,xdm,xorg,xterm
|
||||
state: present
|
||||
- name: Install additional GUI packages
|
||||
become: true
|
||||
pkgng:
|
||||
community.general.pkgng:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
vars:
|
||||
|
|
|
|||
|
|
@ -1,31 +1,31 @@
|
|||
---
|
||||
- name: Enable IPv6 privacy
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/rc.conf
|
||||
regexp: '^ipv6_privacy=.*'
|
||||
line: 'ipv6_privacy="YES"'
|
||||
- name: Set wlan0 arguments
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/rc.conf
|
||||
regexp: '^create_args_wlan0=.*'
|
||||
line: 'create_args_wlan0="country GB"'
|
||||
- name: Enable WPA/DHCP for wlan0
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/rc.conf
|
||||
regexp: '^ifconfig_wlan0=.*'
|
||||
line: 'ifconfig_wlan0="WPA SYNCDHCP"'
|
||||
- name: Enable IPv6 for wlan0
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/rc.conf
|
||||
regexp: '^ifconfig_wlan0_ipv6=.*'
|
||||
line: 'ifconfig_wlan0_ipv6="inet6 accept_rtadv"'
|
||||
- name: Enable SDDM
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/rc.conf
|
||||
regexp: '^sddm_enable=.*'
|
||||
line: 'sddm_enable="YES"'
|
||||
|
|
|
|||
|
|
@ -1,20 +1,20 @@
|
|||
---
|
||||
- name: Disable SSH passwords
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
regexp: '^#?\w*PasswordAuthentication (yes|no)'
|
||||
line: 'PasswordAuthentication no'
|
||||
register: changed_ssh_config
|
||||
- name: Enable SSH
|
||||
become: true
|
||||
service:
|
||||
ansible.builtin.service:
|
||||
name: sshd
|
||||
enabled: yes
|
||||
state: started
|
||||
- name: Restart SSH
|
||||
become: true
|
||||
service:
|
||||
ansible.builtin.service:
|
||||
name: sshd
|
||||
state: restarted
|
||||
when: changed_ssh_config.changed == true
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Enable wheel group to use sudo
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /usr/local/etc/sudoers.d/wheel
|
||||
regexp: 'wheel'
|
||||
line: '%wheel ALL=(ALL) ALL'
|
||||
|
|
|
|||
|
|
@ -1,25 +1,25 @@
|
|||
---
|
||||
- name: Disable core dumps
|
||||
become: true
|
||||
sysctl:
|
||||
ansible.posix.sysctl:
|
||||
name: kern.coredump
|
||||
value: '0'
|
||||
sysctl_set: yes
|
||||
- name: Use IPv6 temporary addresses
|
||||
become: true
|
||||
sysctl:
|
||||
ansible.posix.sysctl:
|
||||
name: net.inet6.ip6.use_tempaddr
|
||||
value: '1'
|
||||
sysctl_set: yes
|
||||
- name: Prefer IPv6 temporary addresses
|
||||
become: true
|
||||
sysctl:
|
||||
ansible.posix.sysctl:
|
||||
name: net.inet6.ip6.prefer_tempaddr
|
||||
value: '1'
|
||||
sysctl_set: yes
|
||||
- name: Disable VT bell
|
||||
become: true
|
||||
sysctl:
|
||||
ansible.posix.sysctl:
|
||||
name: kern.vt.enable_bell
|
||||
value: '0'
|
||||
sysctl_set: yes
|
||||
|
|
|
|||
|
|
@ -1,18 +1,18 @@
|
|||
---
|
||||
- name: Start DBUS service
|
||||
become: true
|
||||
service:
|
||||
ansible.builtin.service:
|
||||
name: dbus
|
||||
state: started
|
||||
enabled: yes
|
||||
- name: Set xorg keyboard layout
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: keyboard-gb.conf
|
||||
dest: /usr/local/etc/X11/xorg.conf.d/keyboard-gb.conf
|
||||
- name: Set xorg screen size for kvm/qemu
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: screen-qemu.conf
|
||||
dest: /usr/local/etc/X11/xorg.conf.d/screen-qemu.conf
|
||||
when: ansible_virtualization_role == "guest" and ansible_virtualization_type == "kvm"
|
||||
|
|
|
|||
|
|
@ -1,23 +1,23 @@
|
|||
---
|
||||
- name: Create user bin directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/bin"
|
||||
state: directory
|
||||
- name: Create user opt directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/opt"
|
||||
state: directory
|
||||
- name: Create systemd user directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/.config/systemd/user"
|
||||
state: directory
|
||||
- name: Create ~/.ssh directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/.ssh"
|
||||
state: directory
|
||||
mode: '0700'
|
||||
- name: Create ~/.config directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/.config"
|
||||
state: directory
|
||||
mode: '0700'
|
||||
|
|
|
|||
|
|
@ -1,25 +1,25 @@
|
|||
---
|
||||
- name: Copy .gemrc
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: gemrc
|
||||
dest: "{{ ansible_env.HOME }}/.gemrc"
|
||||
- name: Remove .hushlogin
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/.hushlogin"
|
||||
state: absent
|
||||
- name: Copy .tmux.conf
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: tmux.conf
|
||||
dest: "{{ ansible_env.HOME }}/.tmux.conf"
|
||||
- name: Copy openpgp.asc
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: openpgp.asc
|
||||
dest: "{{ ansible_env.HOME }}/.config/openpgp.asc"
|
||||
- name: Copy .dput.cf
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: dput.cf
|
||||
dest: "{{ ansible_env.HOME }}/.dput.cf"
|
||||
- name: Copy .mailcap
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: mailcap
|
||||
dest: "{{ ansible_env.HOME }}/.mailcap"
|
||||
|
|
|
|||
|
|
@ -1,86 +1,86 @@
|
|||
---
|
||||
- name: Git pull.rebase
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: pull.rebase
|
||||
value: 'true'
|
||||
scope: global
|
||||
- name: Git push.default
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: push.default
|
||||
value: simple
|
||||
scope: global
|
||||
- name: Git color.ui
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: color.ui
|
||||
value: auto
|
||||
scope: global
|
||||
- name: Git credential.helper
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: credential.helper
|
||||
value: store
|
||||
scope: global
|
||||
- name: Git gui.encoding
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: gui.encoding
|
||||
value: utf-8
|
||||
scope: global
|
||||
- name: Git guitool.Rebase.cmd
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: guitool.Rebase.cmd
|
||||
value: rebase
|
||||
scope: global
|
||||
- name: Git user.name
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: user.name
|
||||
value: Anthony Perkins
|
||||
scope: global
|
||||
- name: Git user.email
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: user.email
|
||||
value: anthony@acperkins.com
|
||||
scope: global
|
||||
- name: Git alias.ci
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: alias.ci
|
||||
value: commit
|
||||
scope: global
|
||||
- name: Git alias.co
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: alias.co
|
||||
value: checkout
|
||||
scope: global
|
||||
- name: Git alias.ff
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: alias.ff
|
||||
value: merge --ff-only
|
||||
scope: global
|
||||
- name: Git alias.graph
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: alias.graph
|
||||
value: log --graph --oneline --all
|
||||
scope: global
|
||||
- name: Git alias.l1
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: alias.l1
|
||||
value: log --pretty=oneline
|
||||
scope: global
|
||||
- name: Git alias.last
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: alias.last
|
||||
value: log -1 HEAD --pretty=fuller
|
||||
scope: global
|
||||
- name: Git alias.unstage
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: alias.unstage
|
||||
value: reset HEAD --
|
||||
scope: global
|
||||
- name: Git alias.up
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: alias.up
|
||||
value: pull --rebase
|
||||
scope: global
|
||||
- name: Git URL rewrite
|
||||
git_config:
|
||||
community.general.git_config:
|
||||
name: url."https://code.acperkins.com/".insteadof
|
||||
value: https://git.acperkins.com/
|
||||
scope: global
|
||||
|
|
|
|||
|
|
@ -1,21 +1,21 @@
|
|||
---
|
||||
- name: Copy .bashrc
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: bashrc
|
||||
dest: "{{ ansible_env.HOME }}/.bashrc"
|
||||
- name: Copy .bash_profile
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: bash_profile
|
||||
dest: "{{ ansible_env.HOME }}/.bash_profile"
|
||||
- name: Copy .profile
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: profile
|
||||
dest: "{{ ansible_env.HOME }}/.profile"
|
||||
- name: Copy .shrc
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: shrc
|
||||
dest: "{{ ansible_env.HOME }}/.shrc"
|
||||
- name: Copy .zshrc
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: zshrc
|
||||
dest: "{{ ansible_env.HOME }}/.zshrc"
|
||||
|
|
|
|||
|
|
@ -1,24 +1,24 @@
|
|||
---
|
||||
- name: Add home rsa key to authorized_keys
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ ansible_env.HOME }}/.ssh/authorized_keys"
|
||||
line: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUfTUp1m8MUCjj0Vu8E9sVGwvf4FWL4QcaZ6m8gK5+xGZl+w+yAcb1acH/96Y0DaP4ZNDassC5OlE6F1oJ+cIKtTykXBxqlChLRDCdX8JCt3sBaVmEcRJ0v8MMQrqWX2ajAW6fC/zNYJ4qbhTMGLiEUPbYu7gZKn0e+MEPBRrxdXzqVLTBq0RMelGx74UpZUwzwROq+VxLsFrumFZNFNJL+rWEK3XO5SsQkNp5QNYluIr8+WDbVU6V2thgJTcFpWWWYVg/al5iY5/bcnVSpzoab7Xxo98OYzpSrY0g+CqkLQkfRehOUMeEOGQYZxpUaXFhg2jE+Kf7W2gm3CeJWTzP home"
|
||||
create: yes
|
||||
mode: '0600'
|
||||
- name: Add work rsa key to authorized_keys
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ ansible_env.HOME }}/.ssh/authorized_keys"
|
||||
line: "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjRPqXzNlrmPWGC6yRCnZszewblS6JcQeNBkHuNmWD9WoMFGLvjkl+NGiC01k9su4JMfz6vOvNG1A6J16+uhEz0+Q70Z/kCM91EqYK8iiGA+qfC2y5PMA10BtWInQ9OqPbanv38ZBB7+afOcEbGR3CC56rp/uibwdBo2RpVRjAjZfsC64tZ6Pt8C55rVvBeZwNtXtw9RIwKAJGmlBsZEdIKpTHIf2IDfPWX3OLahcNA5/6aNB65qQV7fqQXEgBSjJmMsdCD8Jy5O+f7rzC+kFxozB/36mV1pBgZhT/iTK9fFJip0vyFFjk4CPRRbrnnJUBod/aGfWAP876b/0DXviWQ== work"
|
||||
create: yes
|
||||
mode: '0600'
|
||||
- name: Add home ed25519 key to authorized_keys
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ ansible_env.HOME }}/.ssh/authorized_keys"
|
||||
line: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKG63aHe1QmTPj4mWg0F/fAzcB78tBJglxyLI0AzOKvW acp-home"
|
||||
create: yes
|
||||
mode: '0600'
|
||||
- name: Add work ed25519 key to authorized_keys
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ ansible_env.HOME }}/.ssh/authorized_keys"
|
||||
line: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMMMawkF2TJzmqHewciwMRhOOTE9W1+vXq1yzV13KWUg acp-work"
|
||||
create: yes
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
- name: Clone vim settings
|
||||
git:
|
||||
ansible.builtin.git:
|
||||
repo: https://code.acperkins.com/acp/vimfiles.git
|
||||
dest: "{{ ansible_env.HOME }}/.vim"
|
||||
|
|
|
|||
|
|
@ -1,17 +1,17 @@
|
|||
---
|
||||
- name: Create user applications directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/.local/share/applications"
|
||||
state: directory
|
||||
- name: Create user autostart directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/.config/autostart"
|
||||
state: directory
|
||||
- name: Create ~/.fvwm directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/.fvwm"
|
||||
state: directory
|
||||
- name: Create ~/.local/share/fonts directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/.local/share/fonts"
|
||||
state: directory
|
||||
|
|
|
|||
|
|
@ -1,46 +1,46 @@
|
|||
---
|
||||
- name: Copy .Xresources
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: Xresources
|
||||
dest: "{{ ansible_env.HOME }}/.Xresources"
|
||||
- name: Copy .fonts.conf
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: fonts.conf
|
||||
dest: "{{ ansible_env.HOME }}/.fonts.conf"
|
||||
- name: Create stalonetrayrc
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: stalonetrayrc
|
||||
dest: "{{ ansible_env.HOME }}/.stalonetrayrc"
|
||||
- name: Create fvwm config file
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: fvwmrc
|
||||
dest: "{{ ansible_env.HOME }}/.fvwm/config"
|
||||
- name: Create NetBSD xsession file
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: xsession-netbsd
|
||||
dest: "{{ ansible_env.HOME }}/.xsession"
|
||||
when: ansible_system == "NetBSD"
|
||||
- name: Create xinitrc symlink
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
src: ".xsession"
|
||||
dest: "{{ ansible_env.HOME }}/.xinitrc"
|
||||
state: link
|
||||
when: ansible_system == "NetBSD"
|
||||
- name: Load ~/.Xresources
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "xrdb.desktop"
|
||||
dest: "{{ ansible_env.HOME }}/.config/autostart/xrdb.desktop"
|
||||
when: ansible_distribution == "Fedora" or ansible_distribution == "Debian"
|
||||
- name: Add to-do list launcher
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: todo.desktop
|
||||
dest: "{{ ansible_env.HOME }}/.local/share/applications/todo.desktop"
|
||||
- name: Copy .xbindkeysrc
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "xbindkeysrc"
|
||||
dest: "{{ ansible_env.HOME }}/.xbindkeysrc"
|
||||
- name: Add custom Chromium launcher
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: chromium-browser.desktop
|
||||
dest: "{{ ansible_env.HOME }}/.local/share/applications/chromium-browser.desktop"
|
||||
vars:
|
||||
|
|
|
|||
|
|
@ -1,41 +1,41 @@
|
|||
---
|
||||
- name: Detect Emacs binary
|
||||
stat:
|
||||
ansible.builtin.stat:
|
||||
path: "{{ prefix }}/bin/emacs"
|
||||
vars:
|
||||
prefix: "{{ '/usr' if ansible_system == 'Linux' else '/usr/pkg' if ansible_system == 'NetBSD' else '/usr/local' }}"
|
||||
register: emacs_binary
|
||||
- name: Remove ~/.emacs file
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/.emacs"
|
||||
state: absent
|
||||
- name: Clone Emacs settings
|
||||
git:
|
||||
ansible.builtin.git:
|
||||
repo: https://code.acperkins.com/acp/emacs.d.git
|
||||
dest: "{{ ansible_env.HOME }}/.emacs.d"
|
||||
- name: Install NotoSansMono-Regular font
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: NotoSansMono-Regular.ttf
|
||||
dest: "{{ ansible_env.HOME }}/.local/share/fonts/NotoSansMono-Regular.ttf"
|
||||
- name: Install NotoSansMono-Bold font
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: NotoSansMono-Bold.ttf
|
||||
dest: "{{ ansible_env.HOME }}/.local/share/fonts/NotoSansMono-Bold.ttf"
|
||||
- name: Create Emacs user service (Linux)
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: emacs.service
|
||||
dest: "{{ ansible_env.HOME }}/.config/systemd/user/emacs.service"
|
||||
vars:
|
||||
prefix: "{{ '/usr' if ansible_system == 'Linux' else '/usr/pkg' if ansible_system == 'NetBSD' else '/usr/local' }}"
|
||||
when: ansible_system == 'Linux' and emacs_binary.stat.exists == True
|
||||
- name: Add Emacs server to autostart (FreeBSD)
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: '{{ ansible_env.HOME }}/.emacs.d/emacs-server.desktop'
|
||||
dest: '{{ ansible_env.HOME }}/.config/autostart'
|
||||
remote_src: yes
|
||||
when: ansible_system == 'FreeBSD' and emacs_binary.stat.exists == True
|
||||
- name: Start Emacs user service
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: emacs.service
|
||||
scope: user
|
||||
daemon_reload: yes
|
||||
|
|
@ -43,7 +43,7 @@
|
|||
state: started
|
||||
when: ansible_system == 'Linux' and emacs_binary.stat.exists == True
|
||||
- name: Create Emacs client launcher
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: "{{ ansible_env.HOME }}/.emacs.d/emacs-client.desktop"
|
||||
dest: "{{ ansible_env.HOME }}/.local/share/applications/emacs.desktop"
|
||||
remote_src: yes
|
||||
|
|
|
|||
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
- name: Check for profiles.ini
|
||||
stat:
|
||||
ansible.builtin.stat:
|
||||
path: "{{ ansible_env.HOME }}/.mozilla/firefox/profiles.ini"
|
||||
register: profile_ini
|
||||
- name: Copy Firefox preferences to Profile0
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: user.js
|
||||
dest: "{{ ansible_env.HOME }}/.mozilla/firefox/{{ lookup('ini', 'Path section=Profile0 file={{ ansible_env.HOME }}/.mozilla/firefox/profiles.ini') }}/user.js"
|
||||
when: profile_ini.stat.exists
|
||||
|
|
|
|||
|
|
@ -1,17 +1,17 @@
|
|||
---
|
||||
- name: Create MATE layouts directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: "{{ ansible_env.HOME }}/.local/share/mate-panel/layouts"
|
||||
state: directory
|
||||
- name: Copy MATE panel layout
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: mate-acp.layout
|
||||
dest: "{{ ansible_env.HOME }}/.local/share/mate-panel/layouts/acp.layout"
|
||||
vars:
|
||||
prefix: "{{ '/usr' if ansible_system == 'Linux' else '/usr/pkg' if ansible_system == 'NetBSD' else '/usr/local' }}"
|
||||
esr: "{{ '-esr' if ansible_distribution == 'Debian' else '' }}"
|
||||
- name: Copy MATE Clock reset script
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: reset-mate-clock.sh
|
||||
dest: "{{ ansible_env.HOME }}/bin/reset-mate-clock"
|
||||
mode: '0755'
|
||||
|
|
|
|||
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
- name: Check for Sublime Text directory
|
||||
stat:
|
||||
ansible.builtin.stat:
|
||||
path: "{{ ansible_env.HOME }}/.config/sublime-text-3/Packages/User"
|
||||
register: sublime
|
||||
- name: Copy Sublime Text preferences
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: Preferences.sublime-settings
|
||||
dest: "{{ ansible_env.HOME }}/.config/sublime-text-3/Packages/User/Preferences.sublime-settings"
|
||||
when: sublime.stat.exists
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
- name: Disable getty on /dev/console
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ttys
|
||||
regexp: ^console\s+
|
||||
line: 'console "/usr/libexec/getty Pc" vt100 off secure'
|
||||
- name: Enable getty on /dev/ttyE0
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ttys
|
||||
regexp: ^ttyE0\s+
|
||||
line: 'ttyE0 "/usr/libexec/getty Pc" wsvt25 on secure'
|
||||
|
|
|
|||
|
|
@ -1,21 +1,21 @@
|
|||
---
|
||||
- name: Configure pkg to ignore OSABI
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/pkg_install.conf
|
||||
regexp: '^CHECK_OSABI='
|
||||
line: 'CHECK_OSABI=no'
|
||||
create: yes
|
||||
- name: Configure PKG_PATH
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/pkg_install.conf
|
||||
regexp: '^PKG_PATH='
|
||||
line: 'PKG_PATH=http://cdn.netbsd.org/pub/pkgsrc/packages/NetBSD/{{ ansible_machine }}/{{ ansible_distribution_release }}/All'
|
||||
create: yes
|
||||
- name: Install CLI packages
|
||||
become: true
|
||||
pkgin:
|
||||
community.general.pkgin:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
vars:
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Install GUI packages
|
||||
become: true
|
||||
pkgin:
|
||||
community.general.pkgin:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
vars:
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Enable wheel group to use sudo
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /usr/pkg/etc/sudoers.d/wheel
|
||||
regexp: 'wheel'
|
||||
line: '%wheel ALL=(ALL) ALL'
|
||||
|
|
|
|||
|
|
@ -1,19 +1,19 @@
|
|||
---
|
||||
- name: Enable xdm
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/rc.conf
|
||||
regexp: ^xdm=.*
|
||||
line: xdm=YES
|
||||
- name: Copy dbus service
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: /usr/pkg/share/examples/rc.d/dbus
|
||||
dest: /etc/rc.d/dbus
|
||||
remote_src: yes
|
||||
- name: Enable dbus
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/rc.conf
|
||||
regexp: ^dbus=.*
|
||||
line: dbus=YES
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
- name: Blacklist pcspkr module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist pcspkr
|
||||
create: yes
|
||||
- name: Blacklist dvb_usb_rtl28xxu module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist dvb_usb_rtl28xxu
|
||||
create: yes
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
# The zypper module requires python-xml on openSUSE.
|
||||
- name: Install CLI patterns
|
||||
become: true
|
||||
zypper:
|
||||
community.general.zypper:
|
||||
name: '{{ patterns }}'
|
||||
state: present
|
||||
type: pattern
|
||||
|
|
@ -12,7 +12,7 @@
|
|||
- devel_rpm_build
|
||||
- name: Install CLI packages
|
||||
become: true
|
||||
zypper:
|
||||
community.general.zypper:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
type: package
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
# The zypper module requires python-xml on openSUSE.
|
||||
- name: Install GUI packages
|
||||
become: true
|
||||
zypper:
|
||||
community.general.zypper:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
type: package
|
||||
|
|
|
|||
|
|
@ -1,15 +1,15 @@
|
|||
---
|
||||
- name: Install solokeys udev rule
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: 70-solokeys-access.rules
|
||||
dest: /etc/udev/rules.d/70-solokeys-access.rules
|
||||
register: solokeys_copy
|
||||
- name: Reload udevadm rules
|
||||
become: true
|
||||
command: udevadm control --reload-rules
|
||||
ansible.builtin.command: udevadm control --reload-rules
|
||||
when: solokeys_copy.changed
|
||||
- name: Trigger udevadm
|
||||
become: true
|
||||
command: udevadm trigger
|
||||
ansible.builtin.command: udevadm trigger
|
||||
when: solokeys_copy.changed
|
||||
|
|
|
|||
|
|
@ -1,26 +1,26 @@
|
|||
---
|
||||
- name: Disable SSH passwords
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
regexp: '^#?\w*PasswordAuthentication (yes|no)'
|
||||
line: 'PasswordAuthentication no'
|
||||
register: changed_ssh_config
|
||||
- name: Enable SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: sshd.service
|
||||
enabled: yes
|
||||
state: started
|
||||
- name: Restart SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: sshd.service
|
||||
state: restarted
|
||||
when: changed_ssh_config.changed == true
|
||||
- name: Allow SSH through firewall
|
||||
become: true
|
||||
firewalld:
|
||||
ansible.posix.firewalld:
|
||||
service: ssh
|
||||
permanent: yes
|
||||
state: enabled
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
- name: Blacklist pcspkr module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist pcspkr
|
||||
create: yes
|
||||
- name: Blacklist dvb_usb_rtl28xxu module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist dvb_usb_rtl28xxu
|
||||
create: yes
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
# The zypper module requires python-xml on openSUSE.
|
||||
- name: Install CLI patterns
|
||||
become: true
|
||||
zypper:
|
||||
community.general.zypper:
|
||||
name: '{{ patterns }}'
|
||||
state: present
|
||||
type: pattern
|
||||
|
|
@ -12,7 +12,7 @@
|
|||
- devel_rpm_build
|
||||
- name: Install CLI packages
|
||||
become: true
|
||||
zypper:
|
||||
community.general.zypper:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
type: package
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
# The zypper module requires python-xml on openSUSE.
|
||||
- name: Install GUI packages
|
||||
become: true
|
||||
zypper:
|
||||
community.general.zypper:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
type: package
|
||||
|
|
|
|||
|
|
@ -1,15 +1,15 @@
|
|||
---
|
||||
- name: Install solokeys udev rule
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: 70-solokeys-access.rules
|
||||
dest: /etc/udev/rules.d/70-solokeys-access.rules
|
||||
register: solokeys_copy
|
||||
- name: Reload udevadm rules
|
||||
become: true
|
||||
command: udevadm control --reload-rules
|
||||
ansible.builtin.command: udevadm control --reload-rules
|
||||
when: solokeys_copy.changed
|
||||
- name: Trigger udevadm
|
||||
become: true
|
||||
command: udevadm trigger
|
||||
ansible.builtin.command: udevadm trigger
|
||||
when: solokeys_copy.changed
|
||||
|
|
|
|||
|
|
@ -1,26 +1,26 @@
|
|||
---
|
||||
- name: Disable SSH passwords
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
regexp: '^#?\w*PasswordAuthentication (yes|no)'
|
||||
line: 'PasswordAuthentication no'
|
||||
register: changed_ssh_config
|
||||
- name: Enable SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: sshd.service
|
||||
enabled: yes
|
||||
state: started
|
||||
- name: Restart SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: sshd.service
|
||||
state: restarted
|
||||
when: changed_ssh_config.changed == true
|
||||
- name: Allow SSH through firewall
|
||||
become: true
|
||||
firewalld:
|
||||
ansible.posix.firewalld:
|
||||
service: ssh
|
||||
permanent: yes
|
||||
state: enabled
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Install build environment packages
|
||||
become: true
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
force_apt_get: yes
|
||||
|
|
@ -16,12 +16,12 @@
|
|||
- pbuilder
|
||||
- name: Copy pbuilderrc
|
||||
become: true
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: pbuilderrc
|
||||
dest: /etc/pbuilderrc
|
||||
- name: Set permissions on /var/cache/pbuilder/result
|
||||
become: true
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
path: /var/cache/pbuilder/result
|
||||
state: directory
|
||||
owner: root
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
- name: Blacklist pcspkr module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist pcspkr
|
||||
create: yes
|
||||
- name: Blacklist dvb_usb_rtl28xxu module
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/modprobe.d/blacklist.conf
|
||||
line: blacklist dvb_usb_rtl28xxu
|
||||
create: yes
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Install CLI packages
|
||||
become: true
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
force_apt_get: yes
|
||||
|
|
@ -37,6 +37,6 @@
|
|||
- zsh
|
||||
- name: Load /etc/profile in zsh
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/zsh/zprofile
|
||||
line: emulate sh -c 'source /etc/profile'
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Install GUI packages
|
||||
become: true
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: '{{ packages }}'
|
||||
state: present
|
||||
force_apt_get: yes
|
||||
|
|
|
|||
|
|
@ -1,20 +1,20 @@
|
|||
---
|
||||
- name: Disable SSH passwords
|
||||
become: true
|
||||
lineinfile:
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/ssh/sshd_config
|
||||
regexp: '^#?\w*PasswordAuthentication (yes|no)'
|
||||
line: 'PasswordAuthentication no'
|
||||
register: changed_ssh_config
|
||||
- name: Enable SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: ssh.service
|
||||
enabled: yes
|
||||
state: started
|
||||
- name: Restart SSH
|
||||
become: true
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: ssh.service
|
||||
state: restarted
|
||||
when: changed_ssh_config.changed == true
|
||||
|
|
|
|||
Loading…
Reference in a new issue