3c35f7d1ef
Dconf editor is a great way to edit properties like touchpad palm rejection and mouse acceleration.
302 lines
7.6 KiB
YAML
302 lines
7.6 KiB
YAML
- name: Setup Workstation
|
|
hosts: localhost
|
|
vars:
|
|
executable_temp_dir: /tmp
|
|
awscli_install_dir: /opt/aws-cli/
|
|
vault_version: 1.9.3
|
|
swap_file_path: /swap/swapfile
|
|
swap_file_size_mb: 4096
|
|
|
|
tasks:
|
|
# System Tools
|
|
- name: Ensure grub installed
|
|
community.general.pacman:
|
|
name: grub
|
|
state: present
|
|
become: yes
|
|
- name: Ensure bluez installed
|
|
community.general.pacman:
|
|
name:
|
|
- bluez
|
|
- bluez-utils
|
|
state: present
|
|
become: yes
|
|
- name: Ensure bluetooth service started
|
|
ansible.builtin.systemd:
|
|
name: bluetooth
|
|
state: started
|
|
enabled: yes
|
|
become: yes
|
|
- name: Ensure glances installed
|
|
community.general.pacman:
|
|
name: glances
|
|
state: present
|
|
become: yes
|
|
- name: Ensure htop installed
|
|
community.general.pacman:
|
|
name: htop
|
|
state: present
|
|
become: yes
|
|
- name: Ensure curl and wget
|
|
community.general.pacman:
|
|
name:
|
|
- curl
|
|
- wget
|
|
state: present
|
|
become: yes
|
|
- name: Ensure dconf-editor
|
|
community.general.pacman:
|
|
name: dconf-editor
|
|
state: present
|
|
become: yes
|
|
|
|
# Install DNET CA
|
|
- name: Download DNET CA
|
|
get_url:
|
|
url: https://vault.ducoterra.net/v1/dnet/ca
|
|
dest: /etc/ca-certificates/trust-source/anchors/dnet_ca.crt
|
|
mode: '0660'
|
|
become: yes
|
|
- name: Update trust store
|
|
command: trust extract-compat
|
|
become: yes
|
|
|
|
# Palm Rejection
|
|
- name: Turn off palm rejection
|
|
command: dconf write /org/gnome/desktop/peripherals/touchpad/disable-while-typing false
|
|
become: yes
|
|
- name: Reload dconf
|
|
command: dconf update
|
|
become: yes
|
|
|
|
# Daily Driver Tools
|
|
- name: Ensure vim installed
|
|
community.general.pacman:
|
|
name: vim
|
|
state: present
|
|
become: yes
|
|
- name: Ensure unzip installed
|
|
community.general.pacman:
|
|
name: unzip
|
|
state: present
|
|
become: yes
|
|
- name: Ensure chromium installed
|
|
community.general.pacman:
|
|
name: chromium
|
|
state: present
|
|
become: yes
|
|
- name: Ensure steam installed
|
|
community.general.pacman:
|
|
name: steam-manjaro
|
|
state: present
|
|
become: yes
|
|
- name: Ensure discord installed
|
|
community.general.pacman:
|
|
name: discord
|
|
state: present
|
|
become: yes
|
|
- name: Ensure geary installed
|
|
community.general.pacman:
|
|
name: geary
|
|
state: present
|
|
become: yes
|
|
|
|
# Developer Tools
|
|
- name: Ensure wireguard installed
|
|
community.general.pacman:
|
|
name: wireguard-tools
|
|
state: present
|
|
become: yes
|
|
- name: Ensure ping installed
|
|
community.general.pacman:
|
|
name: iputils
|
|
state: present
|
|
become: yes
|
|
- name: Ensure docker installed
|
|
community.general.pacman:
|
|
name:
|
|
- docker
|
|
- docker-compose
|
|
state: present
|
|
become: yes
|
|
- name: Ensure ducoterra in the "docker" group
|
|
ansible.builtin.user:
|
|
name: ducoterra
|
|
groups: docker
|
|
append: yes
|
|
become: yes
|
|
- name: Ensure kubectl installed
|
|
community.general.pacman:
|
|
name: kubectl
|
|
state: present
|
|
become: yes
|
|
- name: Ensure python and pip instaled
|
|
community.general.pacman:
|
|
name:
|
|
- python
|
|
- python-pip
|
|
state: present
|
|
become: yes
|
|
- name: Install ansible
|
|
pip:
|
|
name: ansible
|
|
extra_args: --user
|
|
- name: Install ansible
|
|
pip:
|
|
name: qmk
|
|
extra_args: --user
|
|
- name: Run qmk setup
|
|
ansible.builtin.command: qmk setup -y
|
|
- name: Copy qmk udev rules
|
|
ansible.builtin.copy:
|
|
src: ~/qmk_firmware/util/udev/50-qmk.rules
|
|
dest: /etc/udev/rules.d/50-qmk.rules
|
|
owner: ducoterra
|
|
group: root
|
|
mode: '0755'
|
|
become: yes
|
|
|
|
# AWS CLI
|
|
- name: Download awscli v2 installer - latest version
|
|
unarchive:
|
|
src: https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip
|
|
dest: '{{ executable_temp_dir }}'
|
|
remote_src: true
|
|
creates: '{{ executable_temp_dir }}/aws'
|
|
mode: 0755
|
|
when: awscli_version is not defined
|
|
tags: ["awscli", "awscliv2"]
|
|
- name: Download awscli v2 installer - specific version {{ awscli_version }}
|
|
unarchive:
|
|
src: 'https://awscli.amazonaws.com/awscli-exe-linux-x86_64-{{ awscli_version }}.zip'
|
|
dest: "{{ executable_temp_dir }}"
|
|
remote_src: true
|
|
creates: '{{ executable_temp_dir }}/aws'
|
|
mode: 0755
|
|
when: awscli_version is defined
|
|
tags: ["awscli", "awscliv2"]
|
|
- name: Run the installer for awscli v2
|
|
command:
|
|
args:
|
|
cmd: '{{ executable_temp_dir }}/aws/install -i {{ awscli_install_dir }} -b /usr/local/bin'
|
|
creates: /usr/local/bin/aws
|
|
become: yes
|
|
tags: ["awscli", "awscliv2"]
|
|
|
|
# Vault CLI
|
|
- name: Download vault binary
|
|
unarchive:
|
|
src: https://releases.hashicorp.com/vault/{{vault_version}}/vault_{{vault_version}}_linux_amd64.zip
|
|
dest: '{{ executable_temp_dir }}'
|
|
remote_src: true
|
|
creates: '{{ executable_temp_dir }}/vault'
|
|
mode: 0755
|
|
- name: Move vault binary to /usr/local/bin
|
|
ansible.builtin.copy:
|
|
src: '{{ executable_temp_dir }}/vault'
|
|
dest: /usr/local/bin/vault
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
become: yes
|
|
|
|
# Snap Installs
|
|
- name: Ensure snap installed
|
|
community.general.pacman:
|
|
name: snapd
|
|
state: present
|
|
become: yes
|
|
- name: Ensure snapd service running
|
|
ansible.builtin.systemd:
|
|
name: snapd.socket
|
|
state: started
|
|
enabled: yes
|
|
become: yes
|
|
- name: Link /var/lib/snapd/snap /snap
|
|
ansible.builtin.file:
|
|
src: /var/lib/snapd/snap
|
|
dest: /snap
|
|
owner: root
|
|
group: root
|
|
state: link
|
|
become: yes
|
|
- name: Install snap-store
|
|
community.general.snap:
|
|
name: snap-store
|
|
state: present
|
|
become: yes
|
|
- name: Install vscode
|
|
community.general.snap:
|
|
name: code
|
|
state: present
|
|
classic: yes
|
|
become: yes
|
|
- name: Install spotify
|
|
community.general.snap:
|
|
name: spotify
|
|
state: present
|
|
become: yes
|
|
|
|
# Create swap
|
|
- name: Turn off swap
|
|
command: "swapoff --all"
|
|
become: yes
|
|
- name: Remove old swap file
|
|
file:
|
|
state: absent
|
|
path: "{{ swap_file_path }}"
|
|
- name: Create swap file
|
|
command: truncate -s 0 "{{ swap_file_path }}"
|
|
creates="{{ swap_file_path }}"
|
|
become: yes
|
|
- name: Set swap compression
|
|
command: chattr +C "{{ swap_file_path }}"
|
|
become: yes
|
|
- name: Allocate swap space
|
|
command: fallocate -l "{{ swap_file_size_mb }}M" "{{ swap_file_path }}"
|
|
become: yes
|
|
- name: Change swap file permissions
|
|
file: path="{{ swap_file_path }}"
|
|
owner=root
|
|
group=root
|
|
mode=0600
|
|
become: yes
|
|
- name: "Check swap file type"
|
|
command: file {{ swap_file_path }}
|
|
register: swapfile
|
|
become: yes
|
|
- name: Make swap file
|
|
command: "mkswap {{ swap_file_path }}"
|
|
become: yes
|
|
- name: Write swap entry in fstab
|
|
mount: name=none
|
|
src={{ swap_file_path }}
|
|
fstype=swap
|
|
opts=sw
|
|
passno=0
|
|
dump=0
|
|
state=present
|
|
become: yes
|
|
- name: Mount swap
|
|
command: "swapon {{ swap_file_path }}"
|
|
become: yes
|
|
- name: Set swappiness
|
|
command: sysctl -w vm.swappiness=1
|
|
become: yes
|
|
- name: Make swappiness permanent
|
|
copy:
|
|
dest: "/etc/sysctl.d/99-swappiness.conf"
|
|
content: |
|
|
vm.swappiness=1
|
|
become: yes
|
|
|
|
# Minecraft
|
|
- name: Clone minecraft-launcher repo
|
|
ansible.builtin.git:
|
|
repo: 'https://aur.archlinux.org/minecraft-launcher.git'
|
|
dest: '{{ executable_temp_dir }}/minecraft-launcher'
|
|
- name: Install minecraft-launcher with makepkg
|
|
command: makepkg -si --noconfirm
|
|
args:
|
|
chdir: '{{ executable_temp_dir }}/minecraft-launcher'
|