mirror of
https://github.com/genebean/dots.git
synced 2026-03-27 09:27:44 -04:00
Gene Liverman
99d5e66a25
Prior to this, Homebrew paths came before system ones and overrode access to system python on Linux. The DEB version of Ansible also has a bug preventing collections from being installed from Galaxy.
295 lines
8.3 KiB
YAML
295 lines
8.3 KiB
YAML
---
|
|
- name: Install packages
|
|
hosts: carbonbean
|
|
vars:
|
|
ansible_python_interpreter: '/usr/bin/python3'
|
|
tasks:
|
|
|
|
- name: Add 1Password apt signing key
|
|
include_role:
|
|
name: jack1142.apt_signing_key
|
|
vars:
|
|
url: https://downloads.1password.com/linux/keys/1password.asc
|
|
key_name: 1password
|
|
dearmor: true
|
|
|
|
- name: Add 1Password repository
|
|
become: true
|
|
ansible.builtin.apt_repository:
|
|
repo: deb [arch=amd64 signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/amd64 stable main
|
|
state: present
|
|
filename: 1password
|
|
update_cache: false
|
|
|
|
- name: Add Okta ASA client apt signing key
|
|
include_role:
|
|
name: jack1142.apt_signing_key
|
|
vars:
|
|
url: https://dist.scaleft.com/pki/scaleft_deb_key.asc
|
|
key_name: scaleft
|
|
dearmor: true
|
|
|
|
- name: Add scaleft / Okta ASA repository
|
|
become: true
|
|
ansible.builtin.apt_repository:
|
|
repo: deb [arch=amd64 signed-by=/usr/share/keyrings/scaleft-archive-keyring.gpg] http://pkg.scaleft.com/deb linux main
|
|
state: present
|
|
filename: scaleft
|
|
update_cache: false
|
|
|
|
- name: Add HashiCorp apt key
|
|
become: true
|
|
ansible.builtin.apt_key:
|
|
url: https://apt.releases.hashicorp.com/gpg
|
|
state: present
|
|
|
|
- name: Add HashiCorp Jammy repository
|
|
become: true
|
|
ansible.builtin.apt_repository:
|
|
repo: deb [arch=amd64] https://apt.releases.hashicorp.com jammy main
|
|
state: present
|
|
filename: hashicorp
|
|
update_cache: false
|
|
|
|
- name: Add Tailscale apt signing key
|
|
include_role:
|
|
name: jack1142.apt_signing_key
|
|
vars:
|
|
url: https://pkgs.tailscale.com/stable/ubuntu/jammy.noarmor.gpg
|
|
key_name: tailscale
|
|
|
|
- name: Add Tailscale Jammy repository
|
|
become: true
|
|
ansible.builtin.apt_repository:
|
|
repo: deb [signed-by=/usr/share/keyrings/tailscale-archive-keyring.gpg] https://pkgs.tailscale.com/stable/ubuntu jammy main
|
|
state: present
|
|
filename: tailscale
|
|
update_cache: false
|
|
|
|
- name: Add VirtualBox oracle_vbox apt key
|
|
become: true
|
|
ansible.builtin.apt_key:
|
|
url: https://www.virtualbox.org/download/oracle_vbox.asc
|
|
state: present
|
|
|
|
- name: Add VirtualBox oracle_vbox_2016 apt key
|
|
become: true
|
|
ansible.builtin.apt_key:
|
|
url: https://www.virtualbox.org/download/oracle_vbox_2016.asc
|
|
state: present
|
|
|
|
- name: Add VirtualBox Jammy repository
|
|
become: true
|
|
ansible.builtin.apt_repository:
|
|
repo: deb [arch=amd64] https://download.virtualbox.org/virtualbox/debian jammy contrib
|
|
state: present
|
|
filename: virtualbox
|
|
update_cache: false
|
|
|
|
- name: Install puppet-tools repo via Focal (20.04) deb package
|
|
become: true
|
|
ansible.builtin.apt:
|
|
state: present
|
|
deb: http://apt.puppet.com/puppet-tools-release-focal.deb
|
|
|
|
- name: Base packages from apt
|
|
become: true
|
|
ansible.builtin.apt:
|
|
update_cache: true
|
|
state: latest
|
|
pkg:
|
|
- 1password
|
|
- bat
|
|
- boinc-manager
|
|
- boinctui
|
|
- bundler
|
|
- cmake
|
|
- code
|
|
- dconf-editor
|
|
- dos2unix
|
|
- exa
|
|
- gh
|
|
- git
|
|
- git-lfs
|
|
- gnupg
|
|
- htop
|
|
- httpie
|
|
- hub
|
|
- hugo
|
|
- iftop
|
|
- jq
|
|
- libssl-dev
|
|
- neofetch
|
|
- packer
|
|
- pcsc-tools
|
|
- pcscd
|
|
- pdk
|
|
- puppet-bolt
|
|
- rake
|
|
- ruby
|
|
- ruby-dev
|
|
- scdaemon
|
|
- scaleft-client-tools
|
|
- scaleft-url-handler
|
|
- snapd
|
|
- tailscale
|
|
- terraform
|
|
- tilix
|
|
- traceroute
|
|
- tree
|
|
- vagrant
|
|
- vim
|
|
- virtualbox-6.1
|
|
- vivaldi-stable
|
|
- xclip
|
|
- yubikey-manager
|
|
- zsh
|
|
|
|
- name: Install Profile Switcher for Firefox deb package
|
|
become: true
|
|
ansible.builtin.apt:
|
|
state: present
|
|
deb: https://github.com/null-dev/firefox-profile-switcher-connector/releases/latest/download/linux-x64.deb
|
|
|
|
- name: Install pe-client-tools via Focal (20.04) deb package
|
|
become: true
|
|
ansible.builtin.apt:
|
|
state: present
|
|
deb: https://pm.puppetlabs.com/pe-client-tools/2021.6.0/21.6.0/repos/deb/focal/PC1/pe-client-tools_21.6.0-1focal_amd64.deb
|
|
|
|
- name: Install Zoom via deb package
|
|
become: true
|
|
ansible.builtin.apt:
|
|
state: present
|
|
deb: https://zoom.us/client/latest/zoom_amd64.deb
|
|
|
|
- name: Install delta via deb package on GitHub
|
|
become: true
|
|
ansible.builtin.apt:
|
|
state: present
|
|
deb: https://github.com/dandavison/delta/releases/download/0.13.0/git-delta_0.13.0_amd64.deb
|
|
|
|
- name: Base packages from Flathub
|
|
community.general.flatpak:
|
|
method: user
|
|
name:
|
|
- app.resp.RESP
|
|
- com.belmoussaoui.Obfuscate
|
|
- com.borgbase.Vorta
|
|
- com.discordapp.Discord
|
|
- com.emqx.MQTTX
|
|
- com.feaneron.Boatswain
|
|
- com.github.bleakgrey.tootle
|
|
- com.github.gijsgoudzwaard.image-optimizer
|
|
- com.github.joseexposito.touche
|
|
- com.github.tchx84.Flatseal
|
|
- com.mattjakeman.ExtensionManager
|
|
- com.nextcloud.desktopclient.nextcloud
|
|
- com.obsproject.Studio
|
|
- com.obsproject.Studio.Plugin.Gstreamer
|
|
- com.rafaelmardojai.SharePreview
|
|
- im.riot.Riot
|
|
- info.mumble.Mumble
|
|
- io.github.janbar.noson
|
|
- net.cozic.joplin_desktop
|
|
- org.fritzing.Fritzing
|
|
- org.gnome.meld
|
|
- org.onlyoffice.desktopeditors
|
|
- org.remmina.Remmina
|
|
|
|
- name: Base packages from Snapcraft
|
|
become: true
|
|
community.general.snap:
|
|
name:
|
|
- cctv-viewer # only available here
|
|
- slack # official version
|
|
|
|
- name: Snaps requiring classic mode
|
|
become: true
|
|
community.general.snap:
|
|
classic: true
|
|
name:
|
|
- gitkraken # official version
|
|
- google-cloud-cli # official version
|
|
|
|
- name: Cider from Snapcraft
|
|
become: true
|
|
community.general.snap:
|
|
name: cider # official
|
|
channel: latest/edge
|
|
|
|
- name: hiera-eyaml gem
|
|
community.general.gem:
|
|
name: hiera-eyaml
|
|
state: latest
|
|
|
|
- name: vmfloaty gem
|
|
community.general.gem:
|
|
name: vmfloaty
|
|
state: latest
|
|
|
|
- name: Python packages via pip
|
|
ansible.builtin.pip:
|
|
state: latest
|
|
name:
|
|
- ansible
|
|
- ansible-lint
|
|
- flake8
|
|
|
|
- name: Install packages from Homebrew
|
|
community.general.homebrew:
|
|
state: latest
|
|
name:
|
|
- adr-tools
|
|
- cdktf
|
|
- chart-testing
|
|
- dog
|
|
- dust
|
|
- glow
|
|
- gotop
|
|
- helm
|
|
- k9s
|
|
- kubectx
|
|
- stern
|
|
- yq
|
|
- name: ensure fonts directory
|
|
file:
|
|
path: "{{ lookup('env', 'HOME') }}/.fonts"
|
|
state: directory
|
|
|
|
- name: Hack exists
|
|
shell: "ls {{ lookup('env', 'HOME') }}/.fonts/Hack*Nerd*Font*Complete*"
|
|
register: hack_exists
|
|
ignore_errors: true
|
|
|
|
- name: Download Hack
|
|
when: hack_exists is failed
|
|
ansible.builtin.unarchive:
|
|
src: https://github.com/ryanoasis/nerd-fonts/releases/download/v2.1.0/Hack.zip
|
|
dest: "{{ lookup('env', 'HOME') }}/.fonts/"
|
|
remote_src: true
|
|
|
|
- name: Symlink .zshrc
|
|
ansible.builtin.file:
|
|
src: "{{ lookup('env', 'HOME') }}/repos/dots/link/nix/zshrc"
|
|
dest: "{{ lookup('env', 'HOME') }}/.zshrc"
|
|
state: link
|
|
|
|
- name: Set shell to zsh and add to groups
|
|
become: true
|
|
ansible.builtin.user:
|
|
name: "{{ lookup('env', 'USER') }}"
|
|
shell: /usr/bin/zsh
|
|
append: true
|
|
groups:
|
|
- dialout
|
|
|
|
- name: Add passwordless sudo entries
|
|
become: true
|
|
jonellis.sudoers.sudoers:
|
|
name: "{{ lookup('env', 'USER') }}-no-password"
|
|
user: "{{ lookup('env', 'USER') }}"
|
|
nopassword: true
|
|
command:
|
|
- /usr/bin/systemctl restart pcscd
|
|
- /usr/bin/pkill -9 gpg-agent
|