dotfiles/playbook.yml

- hosts: localhost
  connection: local
  become: false
  tasks:
    - name: read machine-specific variables
      include_vars:
        file: _machines/{{ ansible_hostname }}.yml
        name: machine
      tags:
        - always

    - set_fact:
        distro: "{{ ansible_distribution|lower }}"
      tags:
        - always

    - name: Check for valid distro
      assert:
        that: distro in ('fedora', 'ubuntu')

    - block:
      - block:
        - name: Update apt cache
          apt:
            upgrade: dist
            update_cache: true
            autoclean: true
            autoremove: true
          become: true

        - name: Upgrade system
          apt:
            upgrade: dist
          become: true

        - name: Remove unused packages
          apt:
            autoremove: true
          become: true

        - name: Clean apt cache
          apt:
            autoclean: true
          become: true
        when: distro == 'ubuntu'
      - block:
        - fail:
            msg: "NotImplementedError: Implement system upgrade for fedora"
        when: distro == 'fedora'
      tags: [update_system]

    - name: install selinux specials on fedora
      dnf:
        state: installed
        name:
          - python3-libselinux
          - policycoreutils-python-utils
      become: true
      when: distro == 'fedora'

    - block:
      - name: load package list
        include_vars:
          file: packages.yml

      - name: enable neovim ppa
        apt_repository:
          repo: 'ppa:neovim-ppa/stable'
          update_cache: true
        become: true
        when: distro == 'ubuntu'

      - set_fact:
          defined_packages: "{{ packages|json_query('keys(list)') }}"

      - set_fact:
          distro_packages: "{{ packages|json_query('list.*.%s'|format(distro)) }}"

      - name: check list
        assert:
          that: "defined_packages|length == distro_packages|length"

      - name: install packages
        package:
          name: "{{ packages|json_query(query) }}"
          state: installed
        become: true
        vars:
          query: "{{ 'list.*.%s[]'|format(distro) }}"
      tags: [packages]

    - set_fact:
        disable_services:
          - sshd
      when: distro == 'fedora'

    - set_fact:
        disable_services:
          - ssh
      when: distro != 'fedora'

    - name: disable services
      service:
        state: stopped
        enabled: false
        name: "{{ item }}"
      with_items: "{{ disable_services }}"
      become: true

    - name: enable services
      service:
        state: started
        enabled: true
        name: "{{ item }}"
      with_items:
        - NetworkManager
        # - docker
        - libvirtd
      become: true

    - name: enable docker on ubuntu
      # does not work with fedora 31 due to the switch to cgroups v2:
      # https://github.com/docker/cli/issues/2104
      # https://bugzilla.redhat.com/show_bug.cgi?id=1746355#c1
      service:
        state: started
        enabled: true
        name: docker
      when: distro != 'fedora'
      become: true

    - name: get systemd boot target
      command: systemctl get-default
      register: systemd_target
      changed_when: false

    - set_fact:
        default_target: multi-user.target

    - name: set systemd boot target
      command: systemctl set-default {{ default_target }}
      when: systemd_target.stdout != default_target
      become: true

    - name: handle lid switch
      lineinfile:
        path: /etc/systemd/logind.conf
        regexp: '^HandleLidSwitch='
        line: 'HandleLidSwitch=ignore'
      become: true

    - name: handle power key
      lineinfile:
        path: /etc/systemd/logind.conf
        regexp: '^HandlePowerKey='
        line: 'HandlePowerKey=suspend'
      become: true

    - name: create dotfiles group
      group:
        name: dotfiles
        state: present
      become: true
      become_user: root

    - name: create dotfiles directory
      file:
        state: directory
        path: /var/lib/dotfiles
        owner: nobody
        group: dotfiles
        mode: '0775' # group needs write access!
      become: true
      become_user: root

    - set_fact:
        users: "{{ machine.users }}"
      tags:
        - always

    - include_tasks: user.yml
      args:
        apply:
          become: true
          become_user: "{{ user.name }}"
      with_items: "{{ users }}"
      loop_control:
        loop_var: user
      tags:
        - always
Update ansible/dotbot scripts 2018-02-05 20:09:05 +01:00			`- hosts: localhost`
			`connection: local`
			`become: false`
			`tasks:`
Enable templating for dotfiles 2018-08-17 19:44:31 +02:00			`- name: read machine-specific variables`
			`include_vars:`
			`file: _machines/{{ ansible_hostname }}.yml`
			`name: machine`
			`tags:`
			`- always`

Move variable assignments to beginning 2018-02-08 21:45:02 +01:00			`- set_fact:`
			`distro: "{{ ansible_distribution\|lower }}"`
Enable templating for dotfiles 2018-08-17 19:44:31 +02:00			`tags:`
			`- always`
Move variable assignments to beginning 2018-02-08 21:45:02 +01:00
Assert running on a valid distro 2020-03-02 11:52:45 +01:00			`- name: Check for valid distro`
			`assert:`
			`that: distro in ('fedora', 'ubuntu')`

Add step for system upgrade on ubuntu 2020-03-02 11:52:45 +01:00			`- block:`
			`- block:`
			`- name: Update apt cache`
			`apt:`
			`upgrade: dist`
			`update_cache: true`
			`autoclean: true`
			`autoremove: true`
			`become: true`

			`- name: Upgrade system`
			`apt:`
			`upgrade: dist`
			`become: true`

			`- name: Remove unused packages`
			`apt:`
			`autoremove: true`
			`become: true`

			`- name: Clean apt cache`
			`apt:`
			`autoclean: true`
			`become: true`
			`when: distro == 'ubuntu'`
			`- block:`
			`- fail:`
			`msg: "NotImplementedError: Implement system upgrade for fedora"`
			`when: distro == 'fedora'`
			`tags: [update_system]`

Install selinux specials on fedora 2018-02-11 12:03:54 +01:00			`- name: install selinux specials on fedora`
Update 2019-04-14 11:54:29 +02:00			`dnf:`
Install selinux specials on fedora 2018-02-11 12:03:54 +01:00			`state: installed`
Update 2019-04-14 11:54:29 +02:00			`name:`
Switch to python3 for ansible 2020-02-23 14:24:53 +01:00			`- python3-libselinux`
			`- policycoreutils-python-utils`
Install selinux specials on fedora 2018-02-11 12:03:54 +01:00			`become: true`
			`when: distro == 'fedora'`

Add tags for components and Makefile targets 2020-03-03 17:31:48 +01:00			`- block:`
			`- name: load package list`
			`include_vars:`
			`file: packages.yml`

			`- name: enable neovim ppa`
			`apt_repository:`
			`repo: 'ppa:neovim-ppa/stable'`
			`update_cache: true`
			`become: true`
			`when: distro == 'ubuntu'`
Update ansible/dotbot scripts 2018-02-05 20:09:05 +01:00
Add tags for components and Makefile targets 2020-03-03 17:31:48 +01:00			`- set_fact:`
			`defined_packages: "{{ packages\|json_query('keys(list)') }}"`
Update ansible/dotbot scripts 2018-02-05 20:09:05 +01:00
Add tags for components and Makefile targets 2020-03-03 17:31:48 +01:00			`- set_fact:`
			`distro_packages: "{{ packages\|json_query('list.*.%s'\|format(distro)) }}"`
Update ansible/dotbot scripts 2018-02-05 20:09:05 +01:00
Add tags for components and Makefile targets 2020-03-03 17:31:48 +01:00			`- name: check list`
			`assert:`
			`that: "defined_packages\|length == distro_packages\|length"`
Update ansible/dotbot scripts 2018-02-05 20:09:05 +01:00
Add tags for components and Makefile targets 2020-03-03 17:31:48 +01:00			`- name: install packages`
			`package:`
			`name: "{{ packages\|json_query(query) }}"`
			`state: installed`
			`become: true`
			`vars:`
			`query: "{{ 'list.*.%s[]'\|format(distro) }}"`
			`tags: [packages]`
Update ansible/dotbot scripts 2018-02-05 20:09:05 +01:00
Fix SSH service disabling on fedora 2019-05-20 21:29:26 +02:00			`- set_fact:`
			`disable_services:`
			`- sshd`
			`when: distro == 'fedora'`

			`- set_fact:`
			`disable_services:`
			`- ssh`
			`when: distro != 'fedora'`

Expand playbook 2018-02-09 17:56:43 +01:00			`- name: disable services`
			`service:`
			`state: stopped`
			`enabled: false`
			`name: "{{ item }}"`
Fix SSH service disabling on fedora 2019-05-20 21:29:26 +02:00			`with_items: "{{ disable_services }}"`
Expand playbook 2018-02-09 17:56:43 +01:00			`become: true`

			`- name: enable services`
			`service:`
			`state: started`
			`enabled: true`
			`name: "{{ item }}"`
			`with_items:`
			`- NetworkManager`
Do not manage docker service on fedora 2020-02-23 14:56:14 +01:00			`# - docker`
Update 2018-12-28 18:19:00 +01:00			`- libvirtd`
Expand playbook 2018-02-09 17:56:43 +01:00			`become: true`

Do not manage docker service on fedora 2020-02-23 14:56:14 +01:00			`- name: enable docker on ubuntu`
			`# does not work with fedora 31 due to the switch to cgroups v2:`
			`# https://github.com/docker/cli/issues/2104`
			`# https://bugzilla.redhat.com/show_bug.cgi?id=1746355#c1`
			`service:`
			`state: started`
			`enabled: true`
			`name: docker`
			`when: distro != 'fedora'`
			`become: true`

Expand playbook 2018-02-09 17:56:43 +01:00			`- name: get systemd boot target`
			`command: systemctl get-default`
			`register: systemd_target`
			`changed_when: false`

			`- set_fact:`
			`default_target: multi-user.target`

			`- name: set systemd boot target`
			`command: systemctl set-default {{ default_target }}`
			`when: systemd_target.stdout != default_target`
			`become: true`

			`- name: handle lid switch`
			`lineinfile:`
			`path: /etc/systemd/logind.conf`
			`regexp: '^HandleLidSwitch='`
			`line: 'HandleLidSwitch=ignore'`
			`become: true`

			`- name: handle power key`
			`lineinfile:`
			`path: /etc/systemd/logind.conf`
			`regexp: '^HandlePowerKey='`
			`line: 'HandlePowerKey=suspend'`
			`become: true`

Use global dotfiles directory 2019-11-14 10:40:16 +01:00			`- name: create dotfiles group`
			`group:`
			`name: dotfiles`
			`state: present`
			`become: true`
			`become_user: root`

			`- name: create dotfiles directory`
			`file:`
			`state: directory`
			`path: /var/lib/dotfiles`
			`owner: nobody`
			`group: dotfiles`
Fix access mode of /var/lib/dotfiles 2020-02-23 15:19:28 +01:00			`mode: '0775' # group needs write access!`
Use global dotfiles directory 2019-11-14 10:40:16 +01:00			`become: true`
			`become_user: root`

Multi-user setup 2019-11-14 09:16:55 +01:00			`- set_fact:`
			`users: "{{ machine.users }}"`
Update vim plugin install 2018-08-17 21:16:54 +02:00			`tags:`
Multi-user setup 2019-11-14 09:16:55 +01:00			`- always`
Update vim plugin install 2018-08-17 21:16:54 +02:00
Multi-user setup 2019-11-14 09:16:55 +01:00			`- include_tasks: user.yml`
Update vim plugin install 2018-08-17 21:16:54 +02:00			`args:`
Multi-user setup 2019-11-14 09:16:55 +01:00			`apply:`
			`become: true`
			`become_user: "{{ user.name }}"`
			`with_items: "{{ users }}"`
			`loop_control:`
			`loop_var: user`
Add tags for components and Makefile targets 2020-03-03 17:31:48 +01:00			`tags:`
			`- always`