--- - name: Install packages hosts: carbonbean vars: ansible_python_interpreter: '/usr/bin/python3' tasks: - name: Add 1Password apt signing key ansible.builtin.include_role: name: jack1142.apt_signing_key vars: url: https://downloads.1password.com/linux/keys/1password.asc key_name: 1password dearmor: true - name: Add 1Password repository become: true ansible.builtin.apt_repository: repo: deb [arch=amd64 signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/amd64 stable main state: present filename: 1password update_cache: false - name: Add Google Cloud apt key become: true ansible.builtin.apt_key: url: https://packages.cloud.google.com/apt/doc/apt-key.gpg keyring: /usr/share/keyrings/cloud.google.gpg state: present - name: Add Google apt repo become: true ansible.builtin.apt_repository: repo: deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main state: present filename: google-cloud-sdk update_cache: false - name: Add Okta ASA client apt signing key ansible.builtin.include_role: name: jack1142.apt_signing_key vars: url: https://dist.scaleft.com/pki/scaleft_deb_key.asc key_name: scaleft dearmor: true - name: Add scaleft / Okta ASA repository become: true ansible.builtin.apt_repository: repo: deb [arch=amd64 signed-by=/usr/share/keyrings/scaleft-archive-keyring.gpg] http://pkg.scaleft.com/deb linux main state: present filename: scaleft update_cache: false - name: Add HashiCorp apt key become: true ansible.builtin.apt_key: url: https://apt.releases.hashicorp.com/gpg state: present - name: Add HashiCorp Jammy repository become: true ansible.builtin.apt_repository: repo: deb [arch=amd64] https://apt.releases.hashicorp.com jammy main state: present filename: hashicorp update_cache: false - name: Add Tailscale apt signing key ansible.builtin.include_role: name: jack1142.apt_signing_key vars: url: https://pkgs.tailscale.com/stable/ubuntu/jammy.noarmor.gpg key_name: tailscale - name: Add Tailscale Jammy repository become: true ansible.builtin.apt_repository: repo: deb [signed-by=/usr/share/keyrings/tailscale-archive-keyring.gpg] https://pkgs.tailscale.com/stable/ubuntu jammy main state: present filename: tailscale update_cache: false - name: Add VirtualBox oracle_vbox apt key become: true ansible.builtin.apt_key: url: https://www.virtualbox.org/download/oracle_vbox.asc state: present - name: Add VirtualBox oracle_vbox_2016 apt key become: true ansible.builtin.apt_key: url: https://www.virtualbox.org/download/oracle_vbox_2016.asc state: present - name: Add VirtualBox Jammy repository become: true ansible.builtin.apt_repository: repo: deb [arch=amd64] https://download.virtualbox.org/virtualbox/debian jammy contrib state: present filename: virtualbox update_cache: false - name: Add Microsoft Ubuntu 22.04 repo become: true ansible.builtin.apt_repository: repo: deb [arch=amd64,arm64,armhf] https://packages.microsoft.com/ubuntu/22.04/prod jammy main state: present filename: microsoft-prod update_cache: false - name: Install puppet-tools repo via Focal (20.04) deb package become: true ansible.builtin.apt: state: present deb: http://apt.puppet.com/puppet-tools-release-focal.deb - name: Base packages from apt become: true ansible.builtin.apt: update_cache: true state: latest pkg: - 1password - bat - boinc-manager - boinctui - bundler - cmake - code # provided by Pop OS repos - dconf-editor - dos2unix - exa - gh - git - git-lfs - gnupg - google-cloud-cli - google-cloud-cli-gke-gcloud-auth-plugin - gthumb - htop - httpie - hub - hugo - iftop - jq - libssl-dev - neofetch - packer - pass - pcsc-tools - pcscd - pdk - powershell - puppet-bolt - rake - ruby - ruby-dev - scdaemon - scaleft-client-tools - scaleft-url-handler - slack-desktop # provided by Pop OS repos - snapd - tailscale - terraform - tilix - traceroute - tree - vagrant - vim - virtualbox-6.1 - vivaldi-stable - xclip - yubikey-manager - zsh - name: Install git-credential-manager deb package become: true ansible.builtin.apt: state: present deb: https://github.com/GitCredentialManager/git-credential-manager/releases/download/v2.0.696/gcmcore-linux_amd64.2.0.696.deb - name: Install Profile Switcher for Firefox deb package become: true ansible.builtin.apt: state: present deb: https://github.com/null-dev/firefox-profile-switcher-connector/releases/latest/download/linux-x64.deb - name: Install pe-client-tools via Focal (20.04) deb package become: true ansible.builtin.apt: state: present deb: https://pm.puppetlabs.com/pe-client-tools/2021.6.0/21.6.0/repos/deb/focal/PC1/pe-client-tools_21.6.0-1focal_amd64.deb - name: Install Webex via deb package become: true ansible.builtin.apt: state: present deb: https://binaries.webex.com/WebexDesktop-Ubuntu-Official-Package/Webex.deb - name: Install Zoom via deb package become: true ansible.builtin.apt: state: present deb: https://zoom.us/client/latest/zoom_amd64.deb - name: Install delta via deb package on GitHub become: true ansible.builtin.apt: state: present deb: https://github.com/dandavison/delta/releases/download/0.13.0/git-delta_0.13.0_amd64.deb - name: Base packages from Flathub community.general.flatpak: method: user name: - app.resp.RESP - com.belmoussaoui.Obfuscate - com.borgbase.Vorta - com.discordapp.Discord - com.emqx.MQTTX - com.feaneron.Boatswain - com.github.bleakgrey.tootle - com.github.gijsgoudzwaard.image-optimizer - com.github.joseexposito.touche - com.github.tchx84.Flatseal - com.mattjakeman.ExtensionManager - com.nextcloud.desktopclient.nextcloud - com.obsproject.Studio - com.obsproject.Studio.Plugin.Gstreamer - com.rafaelmardojai.SharePreview - im.riot.Riot - info.mumble.Mumble - io.github.janbar.noson - io.github.mimbrero.WhatsAppDesktop - net.cozic.joplin_desktop - org.fritzing.Fritzing - org.gnome.meld - org.mozilla.Thunderbird - org.onlyoffice.desktopeditors - org.remmina.Remmina - org.signal.Signal - name: Base packages from Snapcraft become: true community.general.snap: name: - cctv-viewer # only available here - name: Snaps requiring classic mode become: true community.general.snap: classic: true name: - gitkraken # official version - name: Cider from Snapcraft become: true community.general.snap: name: cider # official channel: latest/edge - name: hiera-eyaml gem community.general.gem: name: hiera-eyaml state: latest - name: vmfloaty gem community.general.gem: name: vmfloaty state: latest - name: Python packages via pip ansible.builtin.pip: state: latest name: - ansible - ansible-lint - flake8 - name: Install packages from Homebrew community.general.homebrew: state: latest name: - adr-tools - cdktf - chart-testing - dog - dust - glow - gotop - helm - k9s - kubectx - stern - yq - name: ensure fonts directory file: path: "{{ lookup('env', 'HOME') }}/.fonts" state: directory - name: Hack exists shell: "ls {{ lookup('env', 'HOME') }}/.fonts/Hack*Nerd*Font*Complete*" register: hack_exists ignore_errors: true - name: Download Hack when: hack_exists is failed ansible.builtin.unarchive: src: https://github.com/ryanoasis/nerd-fonts/releases/download/v2.1.0/Hack.zip dest: "{{ lookup('env', 'HOME') }}/.fonts/" remote_src: true - name: Symlink .zshrc ansible.builtin.file: src: "{{ lookup('env', 'HOME') }}/repos/dots/link/nix/zshrc" dest: "{{ lookup('env', 'HOME') }}/.zshrc" state: link - name: Set shell to zsh and add to groups become: true ansible.builtin.user: name: "{{ lookup('env', 'USER') }}" shell: /usr/bin/zsh append: true groups: - dialout - name: Add passwordless sudo entries become: true community.general.sudoers: name: "{{ lookup('env', 'USER') }}-no-password" user: "{{ lookup('env', 'USER') }}" nopassword: true commands: - /usr/bin/systemctl restart pcscd - /usr/bin/pkill -9 gpg-agent - name: Disable britty so ESPHome flashing works become: true ansible.builtin.shell: cmd: | for f in /usr/lib/udev/rules.d/*brltty*.rules; do if [ ! -L "/etc/udev/rules.d/$(basename "$f")" ]; then ln -s /dev/null "/etc/udev/rules.d/$(basename "$f")" udevadm control --reload-rules fi done - name: Disable brltty service become: true ansible.builtin.service: name: brltty.service enabled: false state: stopped