mirror of
https://github.com/genebean/dots.git
synced 2026-03-27 09:27:44 -04:00
Gene Liverman
0ba4423ab7
This commit uses the sudoers module from community.general, switches to the deb version of Slack provided by Pop OS, and disables britty so that it doesn't keep me from flashing ESP devices
337 lines
9.8 KiB
YAML
337 lines
9.8 KiB
YAML
---
|
|
- name: Install packages
|
|
hosts: carbonbean
|
|
vars:
|
|
ansible_python_interpreter: '/usr/bin/python3'
|
|
tasks:
|
|
|
|
- name: Add 1Password apt signing key
|
|
ansible.builtin.include_role:
|
|
name: jack1142.apt_signing_key
|
|
vars:
|
|
url: https://downloads.1password.com/linux/keys/1password.asc
|
|
key_name: 1password
|
|
dearmor: true
|
|
|
|
- name: Add 1Password repository
|
|
become: true
|
|
ansible.builtin.apt_repository:
|
|
repo: deb [arch=amd64 signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/amd64 stable main
|
|
state: present
|
|
filename: 1password
|
|
update_cache: false
|
|
|
|
- name: Add Google Cloud apt key
|
|
become: true
|
|
ansible.builtin.apt_key:
|
|
url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
|
|
keyring: /usr/share/keyrings/cloud.google.gpg
|
|
state: present
|
|
|
|
- name: Add Google apt repo
|
|
become: true
|
|
ansible.builtin.apt_repository:
|
|
repo: deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main
|
|
state: present
|
|
filename: google-cloud-sdk
|
|
update_cache: false
|
|
|
|
- name: Add Okta ASA client apt signing key
|
|
ansible.builtin.include_role:
|
|
name: jack1142.apt_signing_key
|
|
vars:
|
|
url: https://dist.scaleft.com/pki/scaleft_deb_key.asc
|
|
key_name: scaleft
|
|
dearmor: true
|
|
|
|
- name: Add scaleft / Okta ASA repository
|
|
become: true
|
|
ansible.builtin.apt_repository:
|
|
repo: deb [arch=amd64 signed-by=/usr/share/keyrings/scaleft-archive-keyring.gpg] http://pkg.scaleft.com/deb linux main
|
|
state: present
|
|
filename: scaleft
|
|
update_cache: false
|
|
|
|
- name: Add HashiCorp apt key
|
|
become: true
|
|
ansible.builtin.apt_key:
|
|
url: https://apt.releases.hashicorp.com/gpg
|
|
state: present
|
|
|
|
- name: Add HashiCorp Jammy repository
|
|
become: true
|
|
ansible.builtin.apt_repository:
|
|
repo: deb [arch=amd64] https://apt.releases.hashicorp.com jammy main
|
|
state: present
|
|
filename: hashicorp
|
|
update_cache: false
|
|
|
|
- name: Add Tailscale apt signing key
|
|
ansible.builtin.include_role:
|
|
name: jack1142.apt_signing_key
|
|
vars:
|
|
url: https://pkgs.tailscale.com/stable/ubuntu/jammy.noarmor.gpg
|
|
key_name: tailscale
|
|
|
|
- name: Add Tailscale Jammy repository
|
|
become: true
|
|
ansible.builtin.apt_repository:
|
|
repo: deb [signed-by=/usr/share/keyrings/tailscale-archive-keyring.gpg] https://pkgs.tailscale.com/stable/ubuntu jammy main
|
|
state: present
|
|
filename: tailscale
|
|
update_cache: false
|
|
|
|
- name: Add VirtualBox oracle_vbox apt key
|
|
become: true
|
|
ansible.builtin.apt_key:
|
|
url: https://www.virtualbox.org/download/oracle_vbox.asc
|
|
state: present
|
|
|
|
- name: Add VirtualBox oracle_vbox_2016 apt key
|
|
become: true
|
|
ansible.builtin.apt_key:
|
|
url: https://www.virtualbox.org/download/oracle_vbox_2016.asc
|
|
state: present
|
|
|
|
- name: Add VirtualBox Jammy repository
|
|
become: true
|
|
ansible.builtin.apt_repository:
|
|
repo: deb [arch=amd64] https://download.virtualbox.org/virtualbox/debian jammy contrib
|
|
state: present
|
|
filename: virtualbox
|
|
update_cache: false
|
|
|
|
- name: Install puppet-tools repo via Focal (20.04) deb package
|
|
become: true
|
|
ansible.builtin.apt:
|
|
state: present
|
|
deb: http://apt.puppet.com/puppet-tools-release-focal.deb
|
|
|
|
- name: Base packages from apt
|
|
become: true
|
|
ansible.builtin.apt:
|
|
update_cache: true
|
|
state: latest
|
|
pkg:
|
|
- 1password
|
|
- bat
|
|
- boinc-manager
|
|
- boinctui
|
|
- bundler
|
|
- cmake
|
|
- code # provided by Pop OS repos
|
|
- dconf-editor
|
|
- dos2unix
|
|
- exa
|
|
- gh
|
|
- git
|
|
- git-lfs
|
|
- gnupg
|
|
- google-cloud-cli
|
|
- google-cloud-cli-gke-gcloud-auth-plugin
|
|
- gthumb
|
|
- htop
|
|
- httpie
|
|
- hub
|
|
- hugo
|
|
- iftop
|
|
- jq
|
|
- libssl-dev
|
|
- neofetch
|
|
- packer
|
|
- pass
|
|
- pcsc-tools
|
|
- pcscd
|
|
- pdk
|
|
- puppet-bolt
|
|
- rake
|
|
- ruby
|
|
- ruby-dev
|
|
- scdaemon
|
|
- scaleft-client-tools
|
|
- scaleft-url-handler
|
|
- slack-desktop # provided by Pop OS repos
|
|
- snapd
|
|
- tailscale
|
|
- terraform
|
|
- tilix
|
|
- traceroute
|
|
- tree
|
|
- vagrant
|
|
- vim
|
|
- virtualbox-6.1
|
|
- vivaldi-stable
|
|
- xclip
|
|
- yubikey-manager
|
|
- zsh
|
|
|
|
- name: Install git-credential-manager deb package
|
|
become: true
|
|
ansible.builtin.apt:
|
|
state: present
|
|
deb: https://github.com/GitCredentialManager/git-credential-manager/releases/download/v2.0.696/gcmcore-linux_amd64.2.0.696.deb
|
|
|
|
- name: Install Profile Switcher for Firefox deb package
|
|
become: true
|
|
ansible.builtin.apt:
|
|
state: present
|
|
deb: https://github.com/null-dev/firefox-profile-switcher-connector/releases/latest/download/linux-x64.deb
|
|
|
|
- name: Install pe-client-tools via Focal (20.04) deb package
|
|
become: true
|
|
ansible.builtin.apt:
|
|
state: present
|
|
deb: https://pm.puppetlabs.com/pe-client-tools/2021.6.0/21.6.0/repos/deb/focal/PC1/pe-client-tools_21.6.0-1focal_amd64.deb
|
|
|
|
- name: Install Zoom via deb package
|
|
become: true
|
|
ansible.builtin.apt:
|
|
state: present
|
|
deb: https://zoom.us/client/latest/zoom_amd64.deb
|
|
|
|
- name: Install delta via deb package on GitHub
|
|
become: true
|
|
ansible.builtin.apt:
|
|
state: present
|
|
deb: https://github.com/dandavison/delta/releases/download/0.13.0/git-delta_0.13.0_amd64.deb
|
|
|
|
- name: Base packages from Flathub
|
|
community.general.flatpak:
|
|
method: user
|
|
name:
|
|
- app.resp.RESP
|
|
- com.belmoussaoui.Obfuscate
|
|
- com.borgbase.Vorta
|
|
- com.discordapp.Discord
|
|
- com.emqx.MQTTX
|
|
- com.feaneron.Boatswain
|
|
- com.github.bleakgrey.tootle
|
|
- com.github.gijsgoudzwaard.image-optimizer
|
|
- com.github.joseexposito.touche
|
|
- com.github.tchx84.Flatseal
|
|
- com.mattjakeman.ExtensionManager
|
|
- com.nextcloud.desktopclient.nextcloud
|
|
- com.obsproject.Studio
|
|
- com.obsproject.Studio.Plugin.Gstreamer
|
|
- com.rafaelmardojai.SharePreview
|
|
- im.riot.Riot
|
|
- info.mumble.Mumble
|
|
- io.github.janbar.noson
|
|
- net.cozic.joplin_desktop
|
|
- org.fritzing.Fritzing
|
|
- org.gnome.meld
|
|
- org.onlyoffice.desktopeditors
|
|
- org.remmina.Remmina
|
|
|
|
- name: Base packages from Snapcraft
|
|
become: true
|
|
community.general.snap:
|
|
name:
|
|
- cctv-viewer # only available here
|
|
|
|
- name: Snaps requiring classic mode
|
|
become: true
|
|
community.general.snap:
|
|
classic: true
|
|
name:
|
|
- gitkraken # official version
|
|
|
|
- name: Cider from Snapcraft
|
|
become: true
|
|
community.general.snap:
|
|
name: cider # official
|
|
channel: latest/edge
|
|
|
|
- name: hiera-eyaml gem
|
|
community.general.gem:
|
|
name: hiera-eyaml
|
|
state: latest
|
|
|
|
- name: vmfloaty gem
|
|
community.general.gem:
|
|
name: vmfloaty
|
|
state: latest
|
|
|
|
- name: Python packages via pip
|
|
ansible.builtin.pip:
|
|
state: latest
|
|
name:
|
|
- ansible
|
|
- ansible-lint
|
|
- flake8
|
|
|
|
- name: Install packages from Homebrew
|
|
community.general.homebrew:
|
|
state: latest
|
|
name:
|
|
- adr-tools
|
|
- cdktf
|
|
- chart-testing
|
|
- dog
|
|
- dust
|
|
- glow
|
|
- gotop
|
|
- helm
|
|
- k9s
|
|
- kubectx
|
|
- stern
|
|
- yq
|
|
- name: ensure fonts directory
|
|
file:
|
|
path: "{{ lookup('env', 'HOME') }}/.fonts"
|
|
state: directory
|
|
|
|
- name: Hack exists
|
|
shell: "ls {{ lookup('env', 'HOME') }}/.fonts/Hack*Nerd*Font*Complete*"
|
|
register: hack_exists
|
|
ignore_errors: true
|
|
|
|
- name: Download Hack
|
|
when: hack_exists is failed
|
|
ansible.builtin.unarchive:
|
|
src: https://github.com/ryanoasis/nerd-fonts/releases/download/v2.1.0/Hack.zip
|
|
dest: "{{ lookup('env', 'HOME') }}/.fonts/"
|
|
remote_src: true
|
|
|
|
- name: Symlink .zshrc
|
|
ansible.builtin.file:
|
|
src: "{{ lookup('env', 'HOME') }}/repos/dots/link/nix/zshrc"
|
|
dest: "{{ lookup('env', 'HOME') }}/.zshrc"
|
|
state: link
|
|
|
|
- name: Set shell to zsh and add to groups
|
|
become: true
|
|
ansible.builtin.user:
|
|
name: "{{ lookup('env', 'USER') }}"
|
|
shell: /usr/bin/zsh
|
|
append: true
|
|
groups:
|
|
- dialout
|
|
|
|
- name: Add passwordless sudo entries
|
|
become: true
|
|
community.general.sudoers:
|
|
name: "{{ lookup('env', 'USER') }}-no-password"
|
|
user: "{{ lookup('env', 'USER') }}"
|
|
nopassword: true
|
|
commands:
|
|
- /usr/bin/systemctl restart pcscd
|
|
- /usr/bin/pkill -9 gpg-agent
|
|
|
|
- name: Disable britty so ESPHome flashing works
|
|
become: true
|
|
ansible.builtin.shell:
|
|
cmd: |
|
|
for f in /usr/lib/udev/rules.d/*brltty*.rules; do
|
|
if [ ! -L "/etc/udev/rules.d/$(basename "$f")" ]; then
|
|
ln -s /dev/null "/etc/udev/rules.d/$(basename "$f")"
|
|
udevadm control --reload-rules
|
|
fi
|
|
done
|
|
|
|
- name: Disable brltty service
|
|
become: true
|
|
ansible.builtin.service:
|
|
name: brltty.service
|
|
enabled: false
|
|
state: stopped
|