My Ansible playbooks
This repository contains Ansible playbooks to set up my computing devices (workstation, notebook and arm based boxes). These playbooks assume you are running Arch Linux. Eventually I hope to add ubuntu/debian compatibility.
This repo is not yet stable and it has gone though heavy refactory lately. Here you will find some dragons, you have been warned!
Metrics
Throughput Graph
Requirements
- Git
- Ansible
- The VM must have more than 512Mb of RAM (asdf-vm for ruby requires it)
- /tmp must be bigger than 256Mb (asdf-vm for ruby requires it)
- Can be remounted with
expand-tmp-size.shon thescriptsfolder
- Can be remounted with
Usage
The dependencies are: Ansible and Git.
HD Preparation
# If you need to resize the root partition during live boot for install
mount -o remount,size=4G /run/archiso/cowspace
# Clone the installer repo
pacman -Syy git --noconfirm
git clone https://github.com/vonpupp/arch-installer
cd arch-installer
git checkout feature/efi-crypt
cd cryptlvm
./bootstap.sh
cd ..
./archinstaller
# Recreate the ramdisk (bug on archinstaller)
cd cryptlvm
./05-mount.sh
cd ..
# Edit /mnt/etc/mkinitcpio.conf
# Add the following hooks (in this order):
# base udev autodetect modconf block keymap encrypt lvm2 filesystems keyboard fsck
arch-chroot /mnt mkinitcpio -p linux
cd cryptlvm
./06-umount.shAnsible use
# (deprecated) If you need to expand the tmp size:
./expand-tmp-size.sh
# (deprecated) If you need to install the dependencies on Arch Linux
./archlinux/setup-archlinux-dependencies.sh
# Bootstrap the playbook (as your user), optionally you can use only some tags and variables
mkdir -p .homesick/repos
cd .homesick/repos
git clone https://github.com/vonpupp/dotfiles-ansible
cd dotfiles-ansible/home/.ansible-dotfiles
# (as root) Bootstrap root (this will create a user and add it to the sudoers group)
./setup-root.sh
logout
# (as user) Bootstrap the playbook
mkdir -p .homesick/repos
cd .homesick/repos
git clone https://github.com/vonpupp/dotfiles-ansible
cd dotfiles-ansible/home/.ansible-dotfiles
sudo ansible-playbook playbook-stage1.yml -i local, -c local --sudo -e is_travis=false
sudo ansible-playbook playbook-stage2.yml -i local, -c local --sudo -e is_travis=false
sudo ansible-playbook playbook-stage3.yml -i local, -c local --sudo -e is_travis=false -e user=$USER -t dotfiles_zsh
logout
# (as user) With zsh
sudo ansible-playbook playbook-stage3.yml -i local, -c local --sudo -e is_travis=false -e user=$USER --ask-vault-pass -t os_secrets_pre
sudo systemctl enable autofs
sudo systemctl start autofs
sudo ansible-playbook playbook-stage3.yml -i local, -c local --sudo -e is_travis=false -e user=$USER --ask-vault-pass
sudo ansible-playbook playbook-stage4.yml -i local, -c local --sudo -e is_travis=false -e user=$USER --ask-vault-pass
# Alternatively you can bootstrap as another user, or a specific tag
sudo ansible-playbook playbook-stage3.yml -i local, -c local --sudo -e is_travis=false -e user=av -t os_secrets [--ask-vault-pass]
sudo ./setup-user.sh -e is_travis=false [-e user=$USER] [-t tags]Further configs
- Dropbox
- Change hostname
- Change passwords
Parts, labels and roles
I am waiting for an official ansible automatic documentation system, until then, read the code. You can query tags by using:
ansible-playbook --list-tags playbook.yml
Tags should be self explanatory. I divided them into several main groups; the groups are identified by prefixes:
packages_cui_*. Installs a list of system packages (cui packages only).packages_gui_*. Installs a list of system packages (gui packages only).packages_cui_aur_*. Installs a list of aur packages (cui packages only).packages_gui_aur_*. Installs a list of aur packages (gui packages only).devel_env_*. Installs a development environment.dotfiles_*. Installs my dotfiles.
| tag (packages) | Status |
|---|---|
upgrade |
|
packages_cui_minimal |
|
packages_cui_workstation |
|
packages_gui_xorg |
|
packages_gui_awesome_wm |
|
packages_gui_fonts |
|
packages_gui_apps |
| Writing suite | Status |
|---|---|
packages_suite_latex |
|
packages_suite_libreoffice |
| OS | Status |
|---|---|
os_locale |
|
os_hostname |
|
os_pacman |
|
os_service_networkmanager |
|
os_service_dnsmasq |
|
os_service_ntp |
|
os_service_ufw |
|
os_service_ssh |
|
os_service_docker |
|
os_service_kvm |
| AUR | Status |
|---|---|
yaourt |
|
packages_cui_aur |
|
packages_gui_aur |
Takes longer than 90min on Travis |
| Devel | Status |
|---|---|
devel_env_python |
|
devel_env_ruby |
|
devel_env_node |
|
devel_env_java |
Todo |
devel_env_r |
|
devel_env_haskell |
| Dotfiles | Status |
|---|---|
dotfiles_home |
|
dotfiles_apps |
|
dotfiles_tmux |
|
dotfiles_vim |
|
dotfiles_zsh |
|
dotfiles_awesome |
|
dotfiles_task |
|
dotfiles_fortune_bible |
(Optional) Mounting a local NFS packages cache (optional)
To save time and bandwidth a NFS packages cache can be optionally mounted (as root) prior installation with:
pacman -Sy --noconfirm nfs-utils
mount -t nfs -o nolock,vers=3 nas:/share/cache/arch/$(uname -m)/var/lib/pacman/sync /var/lib/pacman/sync
mount -t nfs -o nolock,vers=3 nas:/share/cache/arch/$(uname -m)/var/cache/pacman/pkg /var/cache/pacman/pkgTODOs
- Parallelized Travis running test
- Enable zsh by default on dotfiles-zsh
- Change all dotfiles repos to git instead of https as in dotfiles-awesome4
- Fix gpg recv-key glitch on stage1
- Fetch known_hosts keys
- Restart systemd services
- Add git authorized keys
- Check fzf freeze
- Add https://github.com/martini97/pomobash
- Add Zeal docs
- Migrate to pacaur
Inspiration
- https://github.com/cdown/ansible-personal
- https://github.com/pigmonkey/spark
- https://github.com/jsok/dotfiles
- https://github.com/cturner80/digital-ocean-ansible
- https://github.com/augustl/ansible-playbooks
- https://github.com/vvo/ansible-archee/tree/master/roles/user/tasks
- https://github.com/resmo/ansible-role-sshd
- https://github.com/ajsalminen/ansible-role-cheat