Add fedora compatibility

Add fedora installation for Framework.

README.md

@@ -117,6 +117,7 @@ sudo iscsiadm -m node -l
 
 # Mount at boot
 vim /etc/iscsi/nodes/iqn.2022-02.freenas.dnet:manjaro-backup/10.1.2.200,3260,1
+    (/var/lib/iscsi/nodes/iqn.2022-02.freenas.dnet:manjaro-backup/10.1.2.200,3260,1/default) on fedora
 
 node.startup = automatic
 ```

ansible/arch_developer_tools/tasks/main.yml

@@ -7,7 +7,7 @@
   become: yes
   tags: update
 # Install Pacman developer tools
-- name: Ensure daily-driver (development, work, gaming) installed
+- name: Ensure common developer tools installed
   community.general.pacman:
     name: 
     - vim
@@ -28,6 +28,7 @@
     - dconf-editor
     - yay
     - unzip
+  become: yes
 # Install yay developer tools
 - name: Install vscode
   command: yay -S visual-studio-code-bin --noconfirm

ansible/arch_developer_tools/vars/main.yml

@@ -0,0 +1,5 @@
+---
+# vars file for arch/developer_tools
+vault_version: 1.9.3
+tf_version: 1.1.5
+packer_version: 1.7.10

ansible/arch_hardware_tools/tasks/main.yml

@@ -6,45 +6,38 @@
     upgrade: yes
   become: yes
   tags: update
-# Bluetooth
+# Pacman hardware controllers
-- name: Ensure bluetooth installed and configured
+- name: Ensure common hardware controllers installed via Pacman
   community.general.pacman:
     name: 
       - bluez
       - bluez-utils
+      - ufw
+      - intel-media-driver
+      - intel-gpu-tools
+      - tlp
     state: present
   become: yes
+# TLP
+- name: Create tlp.conf file
+  copy:
+    dest: "/etc/tlp.conf"
+    content: |
+      PCIE_ASPM_ON_BAT=powersupersave
+  become: yes
+- name: Ensure tlp service enabled and running
+  ansible.builtin.systemd:
+    name: tlp
+    state: started
+    enabled: yes
+  become: yes
+# Bluetooth
 - name: Ensure bluetooth service started
   ansible.builtin.systemd:
     name: bluetooth
     state: started
     enabled: yes
   become: yes
-# Auto CPU Freq
-- name: Ensure snap installed
-  community.general.pacman:
-    name: snapd
-    state: present
-  become: yes
-- name: Ensure snapd service running
-  ansible.builtin.systemd:
-    name: snapd.socket
-    state: started
-    enabled: yes
-  become: yes
-- name: Uninstall tlp
-  community.general.pacman:
-    name: tlp
-    state: absent
-  become: yes
-- name: Install auto-cpufreq
-  community.general.snap:
-    name: auto-cpufreq
-    state: present
-  become: yes
-- name: Enable auto-cpufreq
-  command: auto-cpufreq --install
-  become: yes
 # UFW
 - name: Ensure UFW installed
   community.general.pacman:

ansible/backtop.yml

@@ -1,34 +1,34 @@
 ---
 # Run through all tasks to setup machines
 
-- hosts: localhost
+- hosts: backtop
   gather_facts: true
   order: inventory
   vars:
     executable_temp_dir: /tmp
     awscli_install_dir: /opt/aws-cli/
     vault_version: 1.9.3
-    swap_file_path: /swap/swapfile
+    swap_file_path: /swapfile
     swap_file_size_mb: 8192
 
   roles:
-    - role: dconf
+    - role: swap
-      tags: ["dconf"]
+      tags: ["swap"]
-
-    - role: developer_tools
-      tags: ["developer_tools"]
-
-    - role: dnet_ca
-      tags: ["dnet_ca"]
 
     - role: hardware_tools
       tags: ["hardware_tools"]
 
+    - role: developer_tools
+      tags: ["developer_tools"]
+
     - role: iscsi_freenas
       tags: ["iscsi_freenas"]
 
+    - role: dconf
+      tags: ["dconf"]
+
+    - role: dnet_ca
+      tags: ["dnet_ca"]
+
     - role: openssh
       tags: ["openssh"]
-
-    - role: swap
-      tags: ["swap"]

ansible/btrfs_backups/README.md

@@ -0,0 +1,57 @@
+Role Name
+=========
+
+Configures automatic BTRFS backups for "/" and "/home"
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+```yaml
+snapshots:
+  path: /.snapshots
+
+disk:
+  name: backup0
+  # uuid: 1d7ce570-e695-47a0-9dda-5f14b5b20e21
+  uuid: 7c482f9b-2e1a-494c-9a93-ddecd483f2b2
+  # password: /home/ducoterra/.lukskeys/backup0
+  password: /home/ducoterra/.lukskeys/manjaro-laptop-iscsi
+
+backups:
+  - /
+  - /home
+
+notifications:
+  user:
+    name: ducoterra
+    uid: 1000
+```
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

ansible/btrfs_backups/vars/main.yml

@@ -0,0 +1 @@
+---

ansible/dconf/tasks/main.yml

@@ -17,4 +17,4 @@
 - name: Don't auto open mounted drives
   command: dconf write /org/gnome/desktop/media-handling/automount-open false
 - name: Emulate right-click with two fingers
-  command: dconf write org/gnome/desktop/peripherals/touchpad/click-method "'fingers'"
+  command: dconf write /org/gnome/desktop/peripherals/touchpad/click-method "'fingers'"

ansible/fedora_certificates/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for ansible/fedora_certificates

ansible/fedora_certificates/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for ansible/fedora_certificates

ansible/fedora_certificates/tasks/main.yml

@@ -0,0 +1,11 @@
+---
+# Install DNET CA
+- name: Download DNET CA
+  get_url:
+    url: https://vault.ducoterra.net/v1/dnet/ca
+    dest: /etc/pki/ca-trust/source/anchors/dnet_ca.crt
+    mode: '0660'
+  become: yes
+- name: Update trust store
+  command: update-ca-trust
+  become: yes

ansible/fedora_certificates/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - ansible/fedora_certificates

ansible/fedora_certificates/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for ansible/fedora_certificates

ansible/fedora_daily_drivers/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for arch/daily_drivers

ansible/fedora_daily_drivers/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for arch/daily_drivers

ansible/fedora_daily_drivers/tasks/main.yml

@@ -0,0 +1,75 @@
+---
+# Install dnf daily drivers
+- name: Ensure daily-driver (development, work, gaming) installed
+  dnf:
+    name: 
+    - remmina
+    - freerdp
+    - chromium
+    - steam
+    - geary
+    - make
+    - seahorse # gnome keyring manager
+    - gimp
+    - libreoffice
+    state: present
+  become: yes
+# Install snap-based daily-drivers
+- name: Ensure snap installed
+  dnf:
+    name: snapd
+    state: present
+  become: yes
+- name: Ensure snapd service running
+  ansible.builtin.systemd:
+    name: snapd.socket
+    state: started
+    enabled: yes
+  become: yes
+- name: Link /var/lib/snapd/snap /snap
+  ansible.builtin.file:
+    src: /var/lib/snapd/snap
+    dest: /snap
+    owner: root
+    group: root
+    state: link
+  become: yes
+- name: Install snap packages
+  community.general.snap:
+    name: 
+    - snap-store
+    - spotify
+    - discord
+    state: present
+  become: yes
+  retries: 6
+  delay: 10
+# QMK
+- name: Install qmk
+  pip:
+    name: qmk
+    extra_args: --user
+- name: Run qmk setup
+  ansible.builtin.command: qmk setup -y
+  become: yes
+- name: Copy qmk udev rules
+  ansible.builtin.copy:
+    src: ~/qmk_firmware/util/udev/50-qmk.rules
+    dest: /etc/udev/rules.d/50-qmk.rules
+    owner: ducoterra
+    group: root
+    mode: '0755'
+  become: yes
+# VLC
+- name: Add VLC free repo
+  command: dnf install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
+  become: yes
+- name: Add VLC nonfree repo
+  command: dnf install https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
+  become: yes
+- name: Install VLC
+  dnf:
+    name:
+    - vlc
+    state: present
+  become: yes

ansible/fedora_daily_drivers/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - arch/daily_drivers

ansible/fedora_daily_drivers/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for arch/daily_drivers

ansible/fedora_developer_tools/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for arch/developer_tools

ansible/fedora_developer_tools/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for arch/developer_tools

ansible/fedora_developer_tools/tasks/main.yml

@@ -0,0 +1,181 @@
+---
+# Install developer tools
+- name: Ensure common developer tools installed
+  dnf:
+    name: 
+    - vim-enhanced
+    - iperf3
+    - python3-pip
+    - glances
+    - htop
+    - dconf-editor
+    - dnf-plugins-core
+  become: yes
+# Install VSCode
+- name: Add vscode RPM repo
+  copy:
+    dest: "/etc/yum.repos.d/vscode.repo"
+    content: |
+      [vscode]
+      name=Visual Studio Code
+      baseurl=https://packages.microsoft.com/yumrepos/vscode
+      enabled=1
+      gpgcheck=1
+      gpgkey=https://packages.microsoft.com/keys/microsoft.asc
+  become: yes
+- name: Import microsoft RPM key
+  command: rpm --import https://packages.microsoft.com/keys/microsoft.asc
+  become: yes
+- name: Ensure VSCode installed
+  dnf:
+    name: 
+    - code
+  become: yes
+# Install snap developer tools
+- name: Ensure snap installed
+  dnf:
+    name: snapd
+    state: present
+  become: yes
+- name: Link /var/lib/snapd/snap /snap
+  ansible.builtin.file:
+    src: /var/lib/snapd/snap
+    dest: /snap
+    owner: root
+    group: root
+    state: link
+  become: yes
+- name: Ensure snapd service running
+  ansible.builtin.systemd:
+    name: snapd.socket
+    state: started
+    enabled: yes
+  become: yes
+- name: Install snap packages
+  community.general.snap:
+    name: 
+    - yq
+    state: present
+  become: yes
+- name: Install classic snap packages
+  community.general.snap:
+    name: 
+    - kubectl
+    - helm
+    state: present
+    classic: yes
+  become: yes
+# AWS CLI
+- name: Download awscli v2 installer - latest version
+  unarchive:
+    src: https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip
+    dest: '{{ executable_temp_dir }}'
+    remote_src: true
+    creates: '{{ executable_temp_dir }}/aws'
+    mode: 0755
+  when: awscli_version is not defined
+  tags: ["awscli", "awscliv2"]
+- name: Download awscli v2 installer - specific version {{ awscli_version }}
+  unarchive:
+    src: 'https://awscli.amazonaws.com/awscli-exe-linux-x86_64-{{ awscli_version }}.zip'
+    dest: "{{ executable_temp_dir }}"
+    remote_src: true
+    creates: '{{ executable_temp_dir }}/aws'
+    mode: 0755
+  when: awscli_version is defined
+  tags: ["awscli", "awscliv2"]
+- name: Run the installer for awscli v2
+  command:
+  args:
+    cmd: '{{ executable_temp_dir }}/aws/install -i {{ awscli_install_dir }} -b /usr/local/bin'
+    creates: /usr/local/bin/aws
+  become: yes
+  tags: ["awscli", "awscliv2"]
+# Ansible
+- name: Install ansible
+  pip:
+    name: ansible
+    extra_args: --user
+# Docker
+- name: Add Docker dnf repo
+  command: dnf config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo
+  become: yes
+- name: Ensure Docker installed
+  dnf:
+    name: 
+    - docker-ce
+    - docker-ce-cli
+    - containerd.io
+    state: present
+  become: yes
+- name: Ensure ducoterra in the "docker" group
+  ansible.builtin.user:
+    name: ducoterra
+    groups: docker
+    append: yes
+  become: yes
+# Vault CLI
+- name: Download vault binary
+  unarchive:
+    src: https://releases.hashicorp.com/vault/{{vault_version}}/vault_{{vault_version}}_linux_amd64.zip
+    dest: '{{ executable_temp_dir }}'
+    remote_src: true
+    creates: '{{ executable_temp_dir }}/vault'
+    mode: 0755
+  become: yes
+- name: Move vault binary to /usr/local/bin
+  ansible.builtin.copy:
+    remote_src: yes
+    src: '{{ executable_temp_dir }}/vault'
+    dest: /usr/local/bin/vault
+    owner: root
+    group: root
+    mode: '0755'
+  become: yes
+# Terraform CLI
+- name: Download vault binary
+  unarchive:
+    src: https://releases.hashicorp.com/terraform/{{tf_version}}/terraform_{{tf_version}}_linux_amd64.zip
+    dest: '{{ executable_temp_dir }}'
+    remote_src: true
+    creates: '{{ executable_temp_dir }}/terraform'
+    mode: 0755
+  become: yes
+- name: Move terraform binary to /usr/local/bin
+  ansible.builtin.copy:
+    remote_src: yes
+    src: '{{ executable_temp_dir }}/terraform'
+    dest: /usr/local/bin/terraform
+    owner: root
+    group: root
+    mode: '0755'
+  become: yes
+# Packer CLI
+- name: Download packer binary
+  unarchive:
+    src: https://releases.hashicorp.com/packer/{{packer_version}}/packer_{{packer_version}}_linux_amd64.zip
+    dest: '{{ executable_temp_dir }}'
+    remote_src: true
+    creates: '{{ executable_temp_dir }}/packer'
+    mode: 0755
+  become: yes
+- name: Move packer binary to /usr/local/bin
+  ansible.builtin.copy:
+    remote_src: yes
+    src: '{{ executable_temp_dir }}/packer'
+    dest: /usr/local/bin/packer
+    owner: root
+    group: root
+    mode: '0755'
+  become: yes
+# Wireguard Configuration
+- name: Ensure wireguard-tools installed
+  dnf:
+    name:  wireguard-tools
+    state: present
+  become: yes
+- name: Ensure /etc/wireguard directory
+  file:
+    path: /etc/wireguard
+    state: directory
+  become: yes

ansible/fedora_developer_tools/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - arch/developer_tools

ansible/fedora_developer_tools/vars/main.yml

@@ -0,0 +1,5 @@
+---
+# vars file for arch/developer_tools
+vault_version: 1.9.3
+tf_version: 1.1.5
+packer_version: 1.7.10

ansible/fedora_hardware_tools/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for arch/hardware_tools

ansible/fedora_hardware_tools/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for arch/hardware_tools

ansible/fedora_hardware_tools/tasks/main.yml

@@ -0,0 +1,38 @@
+---
+- name: Ensure hardware-controlling software installed
+  dnf:
+    name: 
+    - ufw
+    - tlp
+    state: present
+  become: yes
+# TLP
+- name: Create tlp.conf file
+  copy:
+    dest: "/etc/tlp.conf"
+    content: |
+      PCIE_ASPM_ON_BAT=powersupersave
+  become: yes
+- name: Ensure tlp service enabled and running
+  ansible.builtin.systemd:
+    name: tlp
+    state: started
+    enabled: yes
+  become: yes
+# Mic headphone jack
+- name: Ensure microphone works plugged into headphone jack
+  copy:
+    dest: "/etc/modprobe.d/alsa-base.conf"
+    content: |
+      options snd-hda-intel model=dell-headset-multi
+  become: yes
+# UFW
+- name: Allow SSH
+  community.general.ufw:
+    rule: allow
+    name: ssh
+  become: yes
+- name: Enable UFW
+  community.general.ufw:
+    state: enabled
+  become: yes

ansible/fedora_hardware_tools/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - arch/hardware_tools

ansible/fedora_hardware_tools/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for arch/hardware_tools

ansible/framework_fedora.yml

@@ -0,0 +1,60 @@
+---
+# Run through all tasks to setup machines
+# https://community.frame.work/t/fedora-linux-35-on-the-framework-laptop/6613/10
+- hosts: localhost
+  gather_facts: true
+  order: inventory
+  vars:
+    executable_temp_dir: /tmp
+    awscli_install_dir: /opt/aws-cli/
+    swap_file_path: /swap/swapfile
+    swap_file_size_mb: 0
+    vault_version: 1.9.3
+    tf_version: 1.1.5
+    packer_version: 1.7.10
+    # btrfs_backup
+    snapshots:
+      path: /.snapshots
+    disk:
+      name: backup0
+      uuid: 7c482f9b-2e1a-494c-9a93-ddecd483f2b2
+      password: /home/ducoterra/.lukskeys/fedora-laptop-iscsi
+    backups:
+      - /
+      - /home
+    notifications:
+      user:
+        name: ducoterra
+        uid: 1000
+
+  roles:
+
+    - role: swap
+      tags: ["swap"]
+
+    - role: openssh
+      tags: ["openssh"]
+
+    - role: fedora_certificates
+      tags: ["certificates"]
+
+    - role: fedora_hardware_tools
+      tags: ["hardware_tools"]
+
+    - role: fedora_developer_tools
+      tags: ["developer_tools"]
+
+    - role: fedora_daily_drivers
+      tags: ["daily_drivers"]
+
+    - role: iscsi_freenas
+      tags: ["iscsi_freenas"]
+
+    - role: dconf
+      tags: ["dconf"]
+
+    - role: gnome_extensions
+      tags: ["gnome_extensions"]
+
+    - role: btrfs_backups
+      tags: ["btrfs_backups"]

ansible/framework_manjaro.yml

@@ -7,43 +7,63 @@
   vars:
     executable_temp_dir: /tmp
     awscli_install_dir: /opt/aws-cli/
-    vault_version: 1.9.3
     swap_file_path: /swap/swapfile
-    swap_file_size_mb: 4096
+    swap_file_size_mb: 0
+    vault_version: 1.9.3
+    tf_version: 1.1.5
+    packer_version: 1.7.10
+
+    # btrfs_backup
+    snapshots:
+      path: /.snapshots
+    disk:
+      name: backup0
+      # uuid: 1d7ce570-e695-47a0-9dda-5f14b5b20e21
+      uuid: 7c482f9b-2e1a-494c-9a93-ddecd483f2b2
+      # password: /home/ducoterra/.lukskeys/backup0
+      password: /home/ducoterra/.lukskeys/manjaro-laptop-iscsi
+    backups:
+      - /
+      - /home
+    notifications:
+      user:
+        name: ducoterra
+        uid: 1000
 
   roles:
-    - role: btrfs_backups
-      tags: ["btrfs_backups"]
-    
-    - role: daily_drivers
-      tags: ["daily_drivers"]
-
-    - role: dconf
-      tags: ["dconf"]
-
-    - role: developer_tools
-      tags: ["developer_tools"]
-
-    - role: dnet_ca
-      tags: ["dnet_ca"]
-
-    - role: gnome_extensions
-      tags: ["gnome_extensions"]
-
-    - role: hardware_tools
-      tags: ["hardware_tools"]
-    
-    - role: iscsi_freenas
-      tags: ["iscsi_freenas"]
-
-    - role: minecraft
-      tags: ["minecraft"]
-
-    - role: openssh
-      tags: ["openssh"]
 
     - role: swap
       tags: ["swap"]
 
+    - role: openssh
+      tags: ["openssh"]
+
+    - role: dnet_ca
+      tags: ["dnet_ca"]
+
+    - role: hardware_tools
+      tags: ["hardware_tools"]
+
+    - role: developer_tools
+      tags: ["developer_tools"]
+
+    - role: daily_drivers
+      tags: ["daily_drivers"]
+
     - role: work_tools
       tags: ["work_tools"]
+
+    - role: iscsi_freenas
+      tags: ["iscsi_freenas"]
+
+    - role: dconf
+      tags: ["dconf"]
+
+    - role: gnome_extensions
+      tags: ["gnome_extensions"]
+
+    - role: minecraft
+      tags: ["minecraft"]
+
+    - role: btrfs_backups
+      tags: ["btrfs_backups"]