diff --git a/friedhof/mgrote_dotfiles/README.md b/friedhof/mgrote_dotfiles/README.md deleted file mode 100644 index c15dbd2a..00000000 --- a/friedhof/mgrote_dotfiles/README.md +++ /dev/null @@ -1,11 +0,0 @@ -## mgrote.dotfiles - -### Beschreibung -Klont das dotfile-repo und erstellt notwendige Ordner. - -### getestet auf -- [x] Ubuntu (>=18.04) -- [x] Linux Mint - -### Variablen + Defaults -see [defaults](./defaults/main.yml) diff --git a/friedhof/mgrote_dotfiles/defaults/main.yml b/friedhof/mgrote_dotfiles/defaults/main.yml deleted file mode 100644 index aa3594b7..00000000 --- a/friedhof/mgrote_dotfiles/defaults/main.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -dotfiles_repo_url: https://git.mgrote.net/mg/dotfiles # url zum repo -dotfiles_repo_path: /home/mg/dotfiles # wo soll das repo lokal gespeichert werden -dotfiles_repo_branch: master #default branch for checking out -dotfiles_files: # welche dateien sollen wohin verlinkt werden (ln -s) - - repo_path: "{{ dotfiles_repo_path }}/.vimrc" - local_path: "/home/mg/.vimrc" -dotfiles_dirs: # welche ordner sollen erstellt werden - - path: /home/mg/.config/i3 - - path: /home/mg/.config/polybar -dotfiles_owner: mg # chown diff --git a/friedhof/mgrote_dotfiles/handlers/main.yml b/friedhof/mgrote_dotfiles/handlers/main.yml deleted file mode 100644 index ff6002c0..00000000 --- a/friedhof/mgrote_dotfiles/handlers/main.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: set owner recursive for repo - ansible.builtin.file: - path: "{{ dotfiles_repo_path }}" - owner: "{{ dotfiles_owner }}" - group: "{{ dotfiles_owner }}" - recurse: true -... diff --git a/friedhof/mgrote_dotfiles/tasks/main.yml b/friedhof/mgrote_dotfiles/tasks/main.yml deleted file mode 100644 index 5efe7397..00000000 --- a/friedhof/mgrote_dotfiles/tasks/main.yml +++ /dev/null @@ -1,63 +0,0 @@ ---- -- name: Ensure package acl is installed - become: true - ansible.builtin.package: - name: acl - state: present - -- name: check if repo exists - ansible.builtin.stat: - path: "{{ dotfiles_repo_path }}" - register: repo_exists - -- name: set safe directory - become: true - ansible.builtin.command: # noqa command-instead-of-module - cmd: git config --global --add safe.directory "{{ dotfiles_repo_path }}" - changed_when: false - -- name: stash changes - ansible.builtin.command: git stash # noqa command-instead-of-module no-handler - args: - chdir: "{{ dotfiles_repo_path }}" - changed_when: false - when: repo_exists.stat.exists - -- name: Ensure dotfiles repository is cloned locally. - ansible.builtin.git: - repo: "{{ dotfiles_repo_url }}" - dest: "{{ dotfiles_repo_path }}" - depth: 1 - version: "{{ dotfiles_repo_branch }}" - notify: set owner recursive for repo - -- name: Ensure needed dirs exist. - ansible.builtin.file: - path: "{{ item.path }}" - state: directory - owner: "{{ dotfiles_owner }}" - group: "{{ dotfiles_owner }}" - mode: "0644" - with_items: "{{ dotfiles_dirs }}" - -- name: Link dotfiles into home folder - ansible.builtin.file: - src: "{{ item.repo_path }}" - dest: "{{ item.local_path }}" - state: link - force: true - owner: "{{ dotfiles_owner }}" - group: "{{ dotfiles_owner }}" - with_items: "{{ dotfiles_files }}" - -- name: add .bash_extra to .bashrc - ansible.builtin.lineinfile: - path: /home/{{ dotfiles_owner }}/.bashrc - line: "source {{ dotfiles_repo_path }}/.bash_extra" - state: present - -- name: root - add .bash_extra to .bashrc - ansible.builtin.lineinfile: - path: /root/.bashrc - line: "source {{ dotfiles_repo_path }}/.bash_extra" - state: present diff --git a/group_vars/all.yml b/group_vars/all.yml index 19cf380a..5c223664 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -7,6 +7,15 @@ file_header: | # This file is managed with ansible! # #----------------------------------------------------------------# +### mgrote_user_setup +dotfiles: + - user: mg + home: /home/mg + - user: root + home: /root +dotfiles_repo_url: https://git.mgrote.net/mg/dotfiles +dotfiles_vim_vundle_repo_url: https://git.mgrote.net/mirrors/Vundle.vim.git + ### mgrote_netplan netplan_configure: true diff --git a/group_vars/blocky.yml b/group_vars/blocky.yml index 81a860cc..b586eb49 100644 --- a/group_vars/blocky.yml +++ b/group_vars/blocky.yml @@ -14,6 +14,15 @@ ufw_rules: comment: 'dns' from_ip: 0.0.0.0/0 +### mgrote_user_setup +dotfiles_vim_vundle_repo_url: http://192.168.2.44:3000/mirrors/Vundle.vim.git +dotfiles: + - user: mg + home: /home/mg + - user: root + home: /root +dotfiles_repo_url: http://192.168.2.44:3000/mg/dotfiles + ### mgrote_blocky blocky_version: v0.22 blocky_block_type: zeroIp diff --git a/host_vars/pbs-test.mgrote.net.yml b/host_vars/pbs-test.mgrote.net.yml index 9da6c3c7..e2fcaeff 100644 --- a/host_vars/pbs-test.mgrote.net.yml +++ b/host_vars/pbs-test.mgrote.net.yml @@ -53,6 +53,8 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet - dataset: rpool/ROOT/pbs-1 state: present refreservation: 1G + acltype: posix # https://docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen + # backup-pool - dataset: backup/pbs_data state: present @@ -60,6 +62,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet - dataset: backup/pve5 state: present canmount: off # noqa yaml[truthy] + # Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_* zfs_extra_arc_max_size: "1073741824" # 1GB in Bytes zfs_extra_zfs_pools: diff --git a/host_vars/pbs.mgrote.net.yml b/host_vars/pbs.mgrote.net.yml index 6588a8c3..1ef4e96e 100644 --- a/host_vars/pbs.mgrote.net.yml +++ b/host_vars/pbs.mgrote.net.yml @@ -49,6 +49,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet - dataset: rpool/ROOT/pbs-1 state: present refreservation: 10G + acltype: posix # https://docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen # backup-pool - dataset: backup/pbs_data state: present diff --git a/host_vars/pve5-test.mgrote.net.yml b/host_vars/pve5-test.mgrote.net.yml index 59b510a7..442a28da 100644 --- a/host_vars/pve5-test.mgrote.net.yml +++ b/host_vars/pve5-test.mgrote.net.yml @@ -27,6 +27,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet - dataset: rpool/ROOT/pve-1 state: present refreservation: 1G + acltype: posix # https://docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen # rpool - VMs - dataset: rpool/vm @@ -35,6 +36,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet state: present - dataset: rpool/vm/lxc state: present + # hdd_data - dataset: hdd_data state: present diff --git a/host_vars/pve5.mgrote.net.yml b/host_vars/pve5.mgrote.net.yml index 15ec18df..d009c13c 100644 --- a/host_vars/pve5.mgrote.net.yml +++ b/host_vars/pve5.mgrote.net.yml @@ -27,9 +27,12 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet - dataset: rpool/ROOT/pve-1 state: present refreservation: 10G + acltype: posix # https://docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen + # rpool - Data - dataset: rpool/data state: present + # rpool - VMs - dataset: rpool/vm state: present @@ -39,6 +42,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet state: present - dataset: rpool/data state: present + # hdd_data - dataset: hdd_data state: present diff --git a/playbooks/base/users.yml b/playbooks/base/users.yml index 5214d338..9574f18f 100644 --- a/playbooks/base/users.yml +++ b/playbooks/base/users.yml @@ -1,8 +1,8 @@ --- - hosts: all - become: true roles: - role: mgrote_users tags: "user" - - role: mgrote_vim - tags: "vim" + become: true + - role: mgrote_user_setup + tags: "user_setup" diff --git a/roles/mgrote_blocky/templates/config.yml.j2 b/roles/mgrote_blocky/templates/config.yml.j2 index 312aba61..2139c72c 100644 --- a/roles/mgrote_blocky/templates/config.yml.j2 +++ b/roles/mgrote_blocky/templates/config.yml.j2 @@ -128,7 +128,7 @@ caching: prefetchMaxItemsCount: 0 # Time how long negative results (NXDOMAIN response or empty result) are cached. A value of -1 will disable caching for negative results. # Default: 30m - cacheTimeNegative: 30m + cacheTimeNegative: -1 # optional: configuration of client name resolution clientLookup: diff --git a/roles/mgrote_user_setup/defaults/main.yml b/roles/mgrote_user_setup/defaults/main.yml new file mode 100644 index 00000000..78fe4cdc --- /dev/null +++ b/roles/mgrote_user_setup/defaults/main.yml @@ -0,0 +1,9 @@ +--- +dotfiles: + - user: mg + home: /home/mg + - user: root + home: /root + +dotfiles_vim_vundle_repo_url: https://git.mgrote.net/mirrors/Vundle.vim.git +dotfiles_repo_url: https://git.mgrote.net/mg/dotfiles diff --git a/roles/mgrote_user_setup/handlers/main.yml b/roles/mgrote_user_setup/handlers/main.yml new file mode 100644 index 00000000..cf9bc9fe --- /dev/null +++ b/roles/mgrote_user_setup/handlers/main.yml @@ -0,0 +1,9 @@ +--- +- name: Vundle - PluginInstall # noqa no-changed-when risky-shell-pipe + become: true + become_user: "{{ item.user }}" + ansible.builtin.shell: yes | vim -c PluginInstall -c qall + args: + chdir: "{{ item.home }}" + loop: "{{ dotfiles }}" +... diff --git a/roles/mgrote_user_setup/tasks/main.yml b/roles/mgrote_user_setup/tasks/main.yml new file mode 100644 index 00000000..a902c2fb --- /dev/null +++ b/roles/mgrote_user_setup/tasks/main.yml @@ -0,0 +1,107 @@ +--- +- name: Ensure needed packages are installed + become: true + ansible.builtin.package: + name: + - acl + - git + - vim + - ripgrep + - tmux + - keychain + state: present + +- name: Ensure dotfiles-repository is cloned # noqa latest[git] + become: true + become_user: "{{ item.user }}" + ansible.builtin.git: + repo: "{{ dotfiles_repo_url }}" + dest: "{{ item.home }}/dotfiles" + clone: true + force: true + update: true + loop: "{{ dotfiles }}" + notify: Vundle - PluginInstall + +- name: Ensure dotfiles-repository has the correct permissions set + become: true + ansible.builtin.file: + path: "{{ item.home }}/dotfiles" + owner: "{{ item.user }}" + group: "{{ item.user }}" + loop: "{{ dotfiles }}" + notify: Vundle - PluginInstall + +- name: Link .vimrc + become: true + ansible.builtin.file: + src: "{{ item.home }}/dotfiles/.vimrc" + dest: "{{ item.home }}/.vimrc" + state: link + follow: false # https://github.com/ansible/ansible/issues/73143 + force: true + owner: "{{ item.user }}" + group: "{{ item.user }}" + loop: "{{ dotfiles }}" + +- name: Link .tmux.conf + become: true + ansible.builtin.file: + src: "{{ item.home }}/dotfiles/.tmux.conf" + dest: "{{ item.home }}/.tmux.conf" + state: link + follow: false # https://github.com/ansible/ansible/issues/73143 + force: true + owner: "{{ item.user }}" + group: "{{ item.user }}" + loop: "{{ dotfiles }}" + +- name: Link .gitconfig + become: true + ansible.builtin.file: + src: "{{ item.home }}/dotfiles/.gitconfig" + dest: "{{ item.home }}/.gitconfig" + state: link + follow: false # https://github.com/ansible/ansible/issues/73143 + force: true + owner: "{{ item.user }}" + group: "{{ item.user }}" + loop: "{{ dotfiles }}" + +- name: add source .bash_extra to user .bashrc + become: true + ansible.builtin.lineinfile: + path: "{{ item.home }}/.bashrc" + line: "source {{ item.home }}/dotfiles/.bash_extra" + state: present + loop: "{{ dotfiles }}" + +- name: Ensure needed dirs exist + become: true + ansible.builtin.file: + state: directory + path: "{{ item.home }}/.vim/bundle/" + owner: "{{ item.user }}" + group: "{{ item.user }}" + mode: '0755' + loop: "{{ dotfiles }}" + +- name: Ensure vundle-repository is cloned + become: true + become_user: "{{ item.user }}" + ansible.builtin.git: + repo: "{{ dotfiles_vim_vundle_repo_url }}" + dest: "{{ item.home }}/.vim/bundle/Vundle.vim" + depth: 1 + version: master + loop: "{{ dotfiles }}" + notify: Vundle - PluginInstall + +- name: Ensure vundle-repository has the correct permissions set + become: true + ansible.builtin.file: + path: "{{ item.home }}/.vim/bundle/Vundle.vim" + owner: "{{ item.user }}" + group: "{{ item.user }}" + loop: "{{ dotfiles }}" + notify: Vundle - PluginInstall diff --git a/roles/mgrote_vim/defaults/main.yml b/roles/mgrote_vim/defaults/main.yml deleted file mode 100644 index 656da8bf..00000000 --- a/roles/mgrote_vim/defaults/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -vim_vundle_path: /home/mg/.vim/bundle/Vundle.vim -vim_vundle_repo_url: https://github.com/VundleVim/Vundle.vim.git -vim_homedir: /home/mg/.vim diff --git a/roles/mgrote_vim/handlers/main.yml b/roles/mgrote_vim/handlers/main.yml deleted file mode 100644 index 0ffde0a8..00000000 --- a/roles/mgrote_vim/handlers/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: set owner recursive for repo - ansible.builtin.file: - path: "{{ vim_homedir }}" - owner: mg - group: mg - recurse: true diff --git a/roles/mgrote_vim/readme.md b/roles/mgrote_vim/readme.md deleted file mode 100644 index 245ec04a..00000000 --- a/roles/mgrote_vim/readme.md +++ /dev/null @@ -1,7 +0,0 @@ -## mgrote.vim - -### Beschreibung -installiert vim und installiert plugins per vundle - -### Variablen + Defaults -- see [defaults](./defaults/main.yml) diff --git a/roles/mgrote_vim/tasks/main.yml b/roles/mgrote_vim/tasks/main.yml deleted file mode 100644 index a49bc3e8..00000000 --- a/roles/mgrote_vim/tasks/main.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -- name: install packages - become: true - ansible.builtin.package: - name: - - vim - - ripgrep - state: present - -- name: check if vundle is installed - folder - become: true - ansible.builtin.stat: - path: "{{ vim_vundle_path }}" - register: folder_exists - - -- name: set safe directory # noqa command-instead-of-module - become: true - ansible.builtin.command: - cmd: git config --global --add safe.directory "{{ vim_vundle_path }}" - changed_when: false - -- name: Ensure repository is cloned locally. - ansible.builtin.git: - repo: "{{ vim_vundle_repo_url }}" - dest: "{{ vim_vundle_path }}" - depth: 1 - version: master - notify: set owner recursive for repo - -# - name: Vundle - PluginInstall -# ansible.builtin.shell: yes | vim -c PluginInstall -c qall -# args: -# chdir: /home/mg -# when: -# - (folder_exists.stat.exists == False) and ("ansible_facts['distribution'] == 'Ubuntu'") -# become: true -# become_user: mg