mg/homeserver
1
0
Fork 0
Code Issues 1 Pull requests 3 Activity Actions

user-setup (dotfiles usw.) neu gedacht... (#624)

Browse source 
Reviewed-on: #624
This commit is contained in:
Michael Grote 2023-12-04 14:43:04 +01:00
parent d5071e72a7
commit 3e4ff01fee
19 changed files with 157 additions and 153 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
friedhof/mgrote_dotfiles/README.md
View file

@ -1,11 +0,0 @@
## mgrote.dotfiles
### Beschreibung
Klont das dotfile-repo und erstellt notwendige Ordner.
### getestet auf
- [x] Ubuntu (>=18.04)
- [x] Linux Mint
### Variablen + Defaults
see [defaults](./defaults/main.yml)

11
friedhof/mgrote_dotfiles/defaults/main.yml
View file

@ -1,11 +0,0 @@
---
dotfiles_repo_url: https://git.mgrote.net/mg/dotfiles # url zum repo
dotfiles_repo_path: /home/mg/dotfiles # wo soll das repo lokal gespeichert werden
dotfiles_repo_branch: master #default branch for checking out
dotfiles_files: # welche dateien sollen wohin verlinkt werden (ln -s)
- repo_path: "{{ dotfiles_repo_path }}/.vimrc"
local_path: "/home/mg/.vimrc"
dotfiles_dirs: # welche ordner sollen erstellt werden
- path: /home/mg/.config/i3
- path: /home/mg/.config/polybar
dotfiles_owner: mg # chown

8
friedhof/mgrote_dotfiles/handlers/main.yml
View file

@ -1,8 +0,0 @@
---
- name: set owner recursive for repo
ansible.builtin.file:
path: "{{ dotfiles_repo_path }}"
owner: "{{ dotfiles_owner }}"
group: "{{ dotfiles_owner }}"
recurse: true
...

63
friedhof/mgrote_dotfiles/tasks/main.yml
View file

@ -1,63 +0,0 @@
---
- name: Ensure package acl is installed
become: true
ansible.builtin.package:
name: acl
state: present
- name: check if repo exists
ansible.builtin.stat:
path: "{{ dotfiles_repo_path }}"
register: repo_exists
- name: set safe directory
become: true
ansible.builtin.command: # noqa command-instead-of-module
cmd: git config --global --add safe.directory "{{ dotfiles_repo_path }}"
changed_when: false
- name: stash changes
ansible.builtin.command: git stash # noqa command-instead-of-module no-handler
args:
chdir: "{{ dotfiles_repo_path }}"
changed_when: false
when: repo_exists.stat.exists
- name: Ensure dotfiles repository is cloned locally.
ansible.builtin.git:
repo: "{{ dotfiles_repo_url }}"
dest: "{{ dotfiles_repo_path }}"
depth: 1
version: "{{ dotfiles_repo_branch }}"
notify: set owner recursive for repo
- name: Ensure needed dirs exist.
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
owner: "{{ dotfiles_owner }}"
group: "{{ dotfiles_owner }}"
mode: "0644"
with_items: "{{ dotfiles_dirs }}"
- name: Link dotfiles into home folder
ansible.builtin.file:
src: "{{ item.repo_path }}"
dest: "{{ item.local_path }}"
state: link
force: true
owner: "{{ dotfiles_owner }}"
group: "{{ dotfiles_owner }}"
with_items: "{{ dotfiles_files }}"
- name: add .bash_extra to .bashrc
ansible.builtin.lineinfile:
path: /home/{{ dotfiles_owner }}/.bashrc
line: "source {{ dotfiles_repo_path }}/.bash_extra"
state: present
- name: root - add .bash_extra to .bashrc
ansible.builtin.lineinfile:
path: /root/.bashrc
line: "source {{ dotfiles_repo_path }}/.bash_extra"
state: present

9
group_vars/all.yml
View file

@ -7,6 +7,15 @@ file_header: |
# This file is managed with ansible! #
#----------------------------------------------------------------#
### mgrote_user_setup
dotfiles:
- user: mg
home: /home/mg
- user: root
home: /root
dotfiles_repo_url: https://git.mgrote.net/mg/dotfiles
dotfiles_vim_vundle_repo_url: https://git.mgrote.net/mirrors/Vundle.vim.git
### mgrote_netplan
netplan_configure: true

9
group_vars/blocky.yml
View file

@ -14,6 +14,15 @@ ufw_rules:
comment: 'dns'
from_ip: 0.0.0.0/0
### mgrote_user_setup
dotfiles_vim_vundle_repo_url: http://192.168.2.44:3000/mirrors/Vundle.vim.git
dotfiles:
- user: mg
home: /home/mg
- user: root
home: /root
dotfiles_repo_url: http://192.168.2.44:3000/mg/dotfiles
### mgrote_blocky
blocky_version: v0.22
blocky_block_type: zeroIp

3
host_vars/pbs-test.mgrote.net.yml
View file

@ -53,6 +53,8 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet
- dataset: rpool/ROOT/pbs-1
state: present
refreservation: 1G
acltype: posix # https://docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen
# backup-pool
- dataset: backup/pbs_data
state: present
@ -60,6 +62,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet
- dataset: backup/pve5
state: present
canmount: off # noqa yaml[truthy]
# Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_*
zfs_extra_arc_max_size: "1073741824" # 1GB in Bytes
zfs_extra_zfs_pools:

1
host_vars/pbs.mgrote.net.yml
View file

@ -49,6 +49,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet
- dataset: rpool/ROOT/pbs-1
state: present
refreservation: 10G
acltype: posix # https://docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen
# backup-pool
- dataset: backup/pbs_data
state: present

2
host_vars/pve5-test.mgrote.net.yml
View file

@ -27,6 +27,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet
- dataset: rpool/ROOT/pve-1
state: present
refreservation: 1G
acltype: posix # https://docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen
# rpool - VMs
- dataset: rpool/vm
@ -35,6 +36,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet
state: present
- dataset: rpool/vm/lxc
state: present
# hdd_data
- dataset: hdd_data
state: present

4
host_vars/pve5.mgrote.net.yml
View file

@ -27,9 +27,12 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet
- dataset: rpool/ROOT/pve-1
state: present
refreservation: 10G
acltype: posix # https://docs.ansible.com/ansible-core/2.14/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user ; sonst kann die dotfiles-Rolle kein setfacl machen
# rpool - Data
- dataset: rpool/data
state: present
# rpool - VMs
- dataset: rpool/vm
state: present
@ -39,6 +42,7 @@ zfs_datasets: # DatenPools werden hier nicht verwaltet
state: present
- dataset: rpool/data
state: present
# hdd_data
- dataset: hdd_data
state: present

6
playbooks/base/users.yml
View file

@ -1,8 +1,8 @@
---
- hosts: all
become: true
roles:
- role: mgrote_users
tags: "user"
- role: mgrote_vim
tags: "vim"
become: true
- role: mgrote_user_setup
tags: "user_setup"

2
roles/mgrote_blocky/templates/config.yml.j2
View file

@ -128,7 +128,7 @@ caching:
prefetchMaxItemsCount: 0
# Time how long negative results (NXDOMAIN response or empty result) are cached. A value of -1 will disable caching for negative results.
# Default: 30m
cacheTimeNegative: 30m
cacheTimeNegative: -1
# optional: configuration of client name resolution
clientLookup:

9
roles/mgrote_user_setup/defaults/main.yml Normal file
View file

@ -0,0 +1,9 @@
---
dotfiles:
- user: mg
home: /home/mg
- user: root
home: /root
dotfiles_vim_vundle_repo_url: https://git.mgrote.net/mirrors/Vundle.vim.git
dotfiles_repo_url: https://git.mgrote.net/mg/dotfiles

9
roles/mgrote_user_setup/handlers/main.yml Normal file
View file

@ -0,0 +1,9 @@
---
- name: Vundle - PluginInstall # noqa no-changed-when risky-shell-pipe
become: true
become_user: "{{ item.user }}"
ansible.builtin.shell: yes | vim -c PluginInstall -c qall
args:
chdir: "{{ item.home }}"
loop: "{{ dotfiles }}"
...

107
roles/mgrote_user_setup/tasks/main.yml Normal file
View file

@ -0,0 +1,107 @@
---
- name: Ensure needed packages are installed
become: true
ansible.builtin.package:
name:
- acl
- git
- vim
- ripgrep
- tmux
- keychain
state: present
- name: Ensure dotfiles-repository is cloned # noqa latest[git]
become: true
become_user: "{{ item.user }}"
ansible.builtin.git:
repo: "{{ dotfiles_repo_url }}"
dest: "{{ item.home }}/dotfiles"
clone: true
force: true
update: true
loop: "{{ dotfiles }}"
notify: Vundle - PluginInstall
- name: Ensure dotfiles-repository has the correct permissions set
become: true
ansible.builtin.file:
path: "{{ item.home }}/dotfiles"
owner: "{{ item.user }}"
group: "{{ item.user }}"
loop: "{{ dotfiles }}"
notify: Vundle - PluginInstall
- name: Link .vimrc
become: true
ansible.builtin.file:
src: "{{ item.home }}/dotfiles/.vimrc"
dest: "{{ item.home }}/.vimrc"
state: link
follow: false # https://github.com/ansible/ansible/issues/73143
force: true
owner: "{{ item.user }}"
group: "{{ item.user }}"
loop: "{{ dotfiles }}"
- name: Link .tmux.conf
become: true
ansible.builtin.file:
src: "{{ item.home }}/dotfiles/.tmux.conf"
dest: "{{ item.home }}/.tmux.conf"
state: link
follow: false # https://github.com/ansible/ansible/issues/73143
force: true
owner: "{{ item.user }}"
group: "{{ item.user }}"
loop: "{{ dotfiles }}"
- name: Link .gitconfig
become: true
ansible.builtin.file:
src: "{{ item.home }}/dotfiles/.gitconfig"
dest: "{{ item.home }}/.gitconfig"
state: link
follow: false # https://github.com/ansible/ansible/issues/73143
force: true
owner: "{{ item.user }}"
group: "{{ item.user }}"
loop: "{{ dotfiles }}"
- name: add source .bash_extra to user .bashrc
become: true
ansible.builtin.lineinfile:
path: "{{ item.home }}/.bashrc"
line: "source {{ item.home }}/dotfiles/.bash_extra"
state: present
loop: "{{ dotfiles }}"
- name: Ensure needed dirs exist
become: true
ansible.builtin.file:
state: directory
path: "{{ item.home }}/.vim/bundle/"
owner: "{{ item.user }}"
group: "{{ item.user }}"
mode: '0755'
loop: "{{ dotfiles }}"
- name: Ensure vundle-repository is cloned
become: true
become_user: "{{ item.user }}"
ansible.builtin.git:
repo: "{{ dotfiles_vim_vundle_repo_url }}"
dest: "{{ item.home }}/.vim/bundle/Vundle.vim"
depth: 1
version: master
loop: "{{ dotfiles }}"
notify: Vundle - PluginInstall
- name: Ensure vundle-repository has the correct permissions set
become: true
ansible.builtin.file:
path: "{{ item.home }}/.vim/bundle/Vundle.vim"
owner: "{{ item.user }}"
group: "{{ item.user }}"
loop: "{{ dotfiles }}"
notify: Vundle - PluginInstall

4
roles/mgrote_vim/defaults/main.yml
View file

@ -1,4 +0,0 @@
---
vim_vundle_path: /home/mg/.vim/bundle/Vundle.vim
vim_vundle_repo_url: https://github.com/VundleVim/Vundle.vim.git
vim_homedir: /home/mg/.vim

7
roles/mgrote_vim/handlers/main.yml
View file

@ -1,7 +0,0 @@
---
- name: set owner recursive for repo
ansible.builtin.file:
path: "{{ vim_homedir }}"
owner: mg
group: mg
recurse: true

7
roles/mgrote_vim/readme.md
View file

@ -1,7 +0,0 @@
## mgrote.vim
### Beschreibung
installiert vim und installiert plugins per vundle
### Variablen + Defaults
- see [defaults](./defaults/main.yml)

38
roles/mgrote_vim/tasks/main.yml
View file

@ -1,38 +0,0 @@
---
- name: install packages
become: true
ansible.builtin.package:
name:
- vim
- ripgrep
state: present
- name: check if vundle is installed - folder
become: true
ansible.builtin.stat:
path: "{{ vim_vundle_path }}"
register: folder_exists
- name: set safe directory # noqa command-instead-of-module
become: true
ansible.builtin.command:
cmd: git config --global --add safe.directory "{{ vim_vundle_path }}"
changed_when: false
- name: Ensure repository is cloned locally.
ansible.builtin.git:
repo: "{{ vim_vundle_repo_url }}"
dest: "{{ vim_vundle_path }}"
depth: 1
version: master
notify: set owner recursive for repo
# - name: Vundle - PluginInstall
# ansible.builtin.shell: yes | vim -c PluginInstall -c qall
# args:
# chdir: /home/mg
# when:
# - (folder_exists.stat.exists == False) and ("ansible_facts['distribution'] == 'Ubuntu'")
# become: true
# become_user: mg