I use this repo to manage the deployment and configuration of my Fedora Silverblue Laptop.
This repo is based on the JayDoubleu ansiblue work.
- Install Fedora Silverblue
- Upgrade the system with
rpm-ostree upgrade - Reboot the system or apply the layered packages live
rpm-ostree ex apply-live(bewareexmeans experimental) - Install Ansible with pip
python3 -m ensurepip && python3 -m pip install psutil ansible - Configure your environment modifying
configs/flatpak.yaml,configs/toolbox.yamlandconfig/host.yaml - Run with
ansible-playbook asmodeo.yaml -K
- Flatpak names are case sensitive. While flatpak is ok with it, creation of symlinks will fail.
- To apply live the rpm-ostree overlay run
export RPM_OSTREE_LIVE_UPDATE=truebefore execuring the playbook
ansible-playbook asmodeo.yaml --tags flatpak<- Run only flatpak tasksansible-playbook asmodeo.yaml --tags toolbox<- Run only toolbox tasks ( for all toolboxes )ansible-playbook asmodeo.yaml --tags toolbox:fedora-toolbox-35<- Run only tasks for the toolboxfedora-toolbox-35ansible-playbook asmodeo.yaml --tags host -K<- Run only host tasks
Main system configuration is managed via the yaml files in the configs directory.
The configs/flatpak.yaml defines a list of remotes and the flatpaks you want to add to the system.
- Through the
flatpaks.cmdsfield you can define one or more wrapper script into `~/.local/bin/ calling the flatpak:
$ cat configs/flatpak.yaml
[...]
flatpaks:
- name: org.gnome.TextEditor
state: present
method: user
remote: flathub-beta
cmds: [gtedit, gnome-text-editor]
$ ls ~/.local/bin/gedit ~/.local/bin/gnome-text-editor
/var/home/pietro/.local/bin/gedit /var/home/pietro/.local/bin/gnome-text-editor
$ cat ~/.local/bin/gedit
#!/bin/sh
exec flatpak run --branch=stable --arch=x86_64 org.gnome.gedit "$@"
- with the
flatpaks.overridesyou can define one or more override to apply to the installed flatpack - for the other fields please refer to the
community.general.flatpakansible module
The configs/toolbox.yaml defines container sandboxes to deploy on the system
Supported type of sandoxes are:
With distrobox sandboxes you can define a custom home directory do avoid littering the host HOME.
Distrobox allows you also to provide additional args to the container engine
You can define:
- The name of the toolbox
- The container image to use
- Define any variable to use on the ansible tasks
- Execute some additional ansible tasks
- Which packages to install (you must run the task file
playbooks/toolbox/tasks_fedora_system.yaml) - A list of Python pip packages to install (you must run the task file
playbooks/toolbox/tasks_toolbox_python.yaml) - The user and group to configure (you must run the task file
playbooks/common/tasks_toolbox_default.yaml) - A list of commands to be executed on the toolbox from the host (you must run the host task file
playbooks/toolbox/tasks_toolbox_cmd.yaml)
Shims are commands that when executed from the toolbox container are executed on the host (see #toolbox-145)
Cmds are the opposite to shims: a command is executed on the toolbox with toolbox run $container $command
The configs/host.yaml manages the host configuration:
- The
namedefines the hostname tasksdefines the playbooks to executelayered_packagesis the list of packages to install withrpm-ostreelocal_packagesare binary files downloaded into~/.local/binpip_packagesare Python pip packages to installgit_configare basic git settingsgnomemanages extensions and dconf settingssystemd_serviceslists all the services to enable/disable
- Rename Toolbox to Sandbox
- Manage the local firewall
- Use Ubikey for gpg, ssh and VPN