From 40a7e1dab7330d1736a41766d3a8acd3afcf02f5 Mon Sep 17 00:00:00 2001
From: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
Date: Tue, 21 Jan 2025 23:13:01 +0100
Subject: [PATCH] initial commit

Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
---
 Vagrantfile                                   | 21 ++++++++
 ansible.cfg                                   |  3 ++
 inventory                                     |  1 +
 playbook.yml                                  |  4 ++
 roles/setup/tasks/apt.yml                     | 34 +++++++++++++
 roles/setup/tasks/docker.yml                  | 46 ++++++++++++++++++
 roles/setup/tasks/fira_code_fonts.yml         | 27 +++++++++++
 roles/setup/tasks/ghosttty.yml                | 28 +++++++++++
 roles/setup/tasks/git_delta_atuin.yml         | 22 +++++++++
 roles/setup/tasks/hashicorp_vagrant.yml       | 43 +++++++++++++++++
 roles/setup/tasks/lazygit_ripgrep.yml         | 48 +++++++++++++++++++
 roles/setup/tasks/main.yml                    | 15 ++++++
 roles/setup/tasks/nvim_rust.yml               | 11 +++++
 roles/setup/tasks/pacstall_ledger.yml         | 19 ++++++++
 roles/setup/tasks/paisa.yml                   | 48 +++++++++++++++++++
 roles/setup/tasks/protonvpn.yml               | 33 +++++++++++++
 roles/setup/tasks/remove_ubuntu_banner.yml    | 14 ++++++
 roles/setup/tasks/snap.yml                    | 22 +++++++++
 .../setup/tasks/starship_eurkey_veracrypt.yml | 36 ++++++++++++++
 19 files changed, 475 insertions(+)
 create mode 100644 Vagrantfile
 create mode 100644 ansible.cfg
 create mode 100644 inventory
 create mode 100644 playbook.yml
 create mode 100644 roles/setup/tasks/apt.yml
 create mode 100644 roles/setup/tasks/docker.yml
 create mode 100644 roles/setup/tasks/fira_code_fonts.yml
 create mode 100644 roles/setup/tasks/ghosttty.yml
 create mode 100644 roles/setup/tasks/git_delta_atuin.yml
 create mode 100644 roles/setup/tasks/hashicorp_vagrant.yml
 create mode 100644 roles/setup/tasks/lazygit_ripgrep.yml
 create mode 100644 roles/setup/tasks/main.yml
 create mode 100644 roles/setup/tasks/nvim_rust.yml
 create mode 100644 roles/setup/tasks/pacstall_ledger.yml
 create mode 100644 roles/setup/tasks/paisa.yml
 create mode 100644 roles/setup/tasks/protonvpn.yml
 create mode 100644 roles/setup/tasks/remove_ubuntu_banner.yml
 create mode 100644 roles/setup/tasks/snap.yml
 create mode 100644 roles/setup/tasks/starship_eurkey_veracrypt.yml

diff --git a/Vagrantfile b/Vagrantfile
new file mode 100644
index 0000000..3cf03d0
--- /dev/null
+++ b/Vagrantfile
@@ -0,0 +1,21 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+Vagrant.configure("2") do |config|
+  # Use an Ubuntu 24.04 box (replace with an available box if necessary)
+  config.vm.box = "generic/ubuntu2404" 
+
+  # Configure VM provider resources (optional)
+  config.vm.provider "virtualbox" do |vb|
+    vb.memory = "4096"
+    vb.cpus = 2
+  end
+
+  # Use Ansible for provisioning
+  config.vm.provision "ansible" do |ansible|
+    ansible.playbook = "playbook.yml"  # Path to the Ansible playbook relative to the Vagrantfile
+    ansible.inventory_path = "inventory"  # Path to the inventory file
+    # Extra vars can be defined if needed
+    # ansible.extra_vars = { some_var: "value" }
+  end
+end
diff --git a/ansible.cfg b/ansible.cfg
new file mode 100644
index 0000000..998c18d
--- /dev/null
+++ b/ansible.cfg
@@ -0,0 +1,3 @@
+[defaults]
+inventory = inventory
+roles_path = roles
diff --git a/inventory b/inventory
new file mode 100644
index 0000000..2302eda
--- /dev/null
+++ b/inventory
@@ -0,0 +1 @@
+localhost ansible_connection=local
diff --git a/playbook.yml b/playbook.yml
new file mode 100644
index 0000000..b6b32be
--- /dev/null
+++ b/playbook.yml
@@ -0,0 +1,4 @@
+- hosts: localhost
+  become: true
+  roles:
+    - setup
diff --git a/roles/setup/tasks/apt.yml b/roles/setup/tasks/apt.yml
new file mode 100644
index 0000000..9d308e2
--- /dev/null
+++ b/roles/setup/tasks/apt.yml
@@ -0,0 +1,34 @@
+---
+- name: Install apt packages
+  apt:
+    name:
+      - ansible
+      - bat
+      - curl
+      - eza
+      - fd-find
+      - fzf
+      - gcc
+      - keepassxc
+      - libclang-dev
+      - libssl-dev
+      - luarocks
+      - npm
+      - obs-studio
+      - p7zip
+      - pkg-config
+      - python3-pip
+      - python3-venv
+      - ranger
+      - tealdeer
+      - texlive-full
+      - v4l2loopback-dkms
+      - wireguard
+      - wireguard-tools
+      - xsel
+      - zsh
+    state: present
+    update_cache: yes
+
+- name: Update tldr database
+  command: tldr --update
diff --git a/roles/setup/tasks/docker.yml b/roles/setup/tasks/docker.yml
new file mode 100644
index 0000000..aafa2a2
--- /dev/null
+++ b/roles/setup/tasks/docker.yml
@@ -0,0 +1,46 @@
+---
+- name: Install prerequisites for Docker
+  apt:
+    name:
+      - ca-certificates
+      - curl
+    state: present
+    update_cache: yes
+
+- name: Create /etc/apt/keyrings directory
+  file:
+    path: /etc/apt/keyrings
+    state: directory
+    mode: "0755"
+
+- name: Download Docker GPG key
+  get_url:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    dest: /etc/apt/keyrings/docker.asc
+    mode: "0644"
+
+- name: Add Docker repository
+  apt_repository:
+    repo: "deb [arch={{ ansible_architecture }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} stable"
+    filename: docker
+    state: present
+
+- name: Update apt cache after adding Docker repo
+  apt:
+    update_cache: yes
+
+- name: Install Docker packages
+  apt:
+    name:
+      - docker-ce
+      - docker-ce-cli
+      - containerd.io
+      - docker-buildx-plugin
+      - docker-compose-plugin
+    state: present
+
+- name: Add current user to docker group
+  user:
+    name: "{{ ansible_user_id }}"
+    groups: docker
+    append: yes
diff --git a/roles/setup/tasks/fira_code_fonts.yml b/roles/setup/tasks/fira_code_fonts.yml
new file mode 100644
index 0000000..e7b3f15
--- /dev/null
+++ b/roles/setup/tasks/fira_code_fonts.yml
@@ -0,0 +1,27 @@
+---
+- name: Create fonts directory
+  file:
+    path: "{{ ansible_env.HOME }}/.fonts"
+    state: directory
+    mode: "0755"
+
+- name: Download FiraCode Nerd Font zip
+  get_url:
+    url: https://github.com/ryanoasis/nerd-fonts/releases/download/v3.3.0/FiraMono.zip
+    dest: "/tmp/FiraMono.zip"
+
+- name: Extract FiraCode from zip
+  unarchive:
+    src: "/tmp/FiraMono.zip"
+    dest: "{{ ansible_env.HOME }}/.fonts"
+    remote_src: yes
+
+- name: Remove FiraMono.zip
+  file:
+    path: "/tmp/FiraMono.zip"
+    state: absent
+
+- name: Refresh font cache
+  shell: fc-cache -fv
+  args:
+    warn: false
diff --git a/roles/setup/tasks/ghosttty.yml b/roles/setup/tasks/ghosttty.yml
new file mode 100644
index 0000000..05bdbc3
--- /dev/null
+++ b/roles/setup/tasks/ghosttty.yml
@@ -0,0 +1,28 @@
+---
+- name: Get OS release info
+  shell: source /etc/os-release && echo $VERSION_ID
+  register: version_id
+  changed_when: false
+
+- name: Get Ghostty DEB URL
+  shell: |
+    curl -s https://api.github.com/repos/mkasberg/ghostty-ubuntu/releases/latest |
+    grep -oP "https://github.com/mkasberg/ghostty-ubuntu/releases/download/[^\s/]+/ghostty_[^\s/_]+_amd64_{{ version_id.stdout }}.deb"
+  register: ghostty_deb_url
+  changed_when: false
+
+- name: Download Ghostty deb file
+  get_url:
+    url: "{{ ghostty_deb_url.stdout }}"
+    dest: "/tmp/{{ ghostty_deb_url.stdout | basename }}"
+    mode: "0755"
+
+- name: Install Ghostty
+  apt:
+    deb: "/tmp/{{ ghostty_deb_url.stdout | basename }}"
+    state: present
+
+- name: Remove Ghostty deb file
+  file:
+    path: "/tmp/{{ ghostty_deb_url.stdout | basename }}"
+    state: absent
diff --git a/roles/setup/tasks/git_delta_atuin.yml b/roles/setup/tasks/git_delta_atuin.yml
new file mode 100644
index 0000000..4ce1ce1
--- /dev/null
+++ b/roles/setup/tasks/git_delta_atuin.yml
@@ -0,0 +1,22 @@
+---
+- name: Download git-delta deb
+  get_url:
+    url: https://github.com/dandavison/delta/releases/download/0.18.2/git-delta-musl_0.18.2_amd64.deb
+    dest: "/tmp/git-delta-musl_0.18.2_amd64.deb"
+
+- name: Install git-delta
+  apt:
+    deb: "/tmp/git-delta-musl_0.18.2_amd64.deb"
+    state: present
+
+- name: Remove git-delta deb
+  file:
+    path: "/tmp/git-delta-musl_0.18.2_amd64.deb"
+    state: absent
+
+- name: Install atuin
+  become: false
+  shell: curl --proto '=https' --tlsv1.2 -LsSf https://setup.atuin.sh | sh
+  args:
+    creates: "{{ ansible_env.HOME }}/.config/atuin" # Adjust based on atuin installation
+
diff --git a/roles/setup/tasks/hashicorp_vagrant.yml b/roles/setup/tasks/hashicorp_vagrant.yml
new file mode 100644
index 0000000..1c7614e
--- /dev/null
+++ b/roles/setup/tasks/hashicorp_vagrant.yml
@@ -0,0 +1,43 @@
+---
+# roles/setup/tasks/hashicorp_vagrant.yml
+
+- name: Download Hashicorp GPG key
+  ansible.builtin.get_url:
+    url: https://apt.releases.hashicorp.com/gpg
+    dest: /tmp/hashicorp_gpg
+    mode: "0644"
+  register: hashicorp_gpg_download
+
+- name: Dearmor Hashicorp GPG key
+  ansible.builtin.command:
+    cmd: gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg /tmp/hashicorp_gpg
+  args:
+    creates: /usr/share/keyrings/hashicorp-archive-keyring.gpg
+  when: hashicorp_gpg_download.changed
+
+- name: Remove temporary Hashicorp GPG key file
+  ansible.builtin.file:
+    path: /tmp/hashicorp_gpg
+    state: absent
+  when: hashicorp_gpg_download.changed
+
+- name: Add Hashicorp APT repository
+  ansible.builtin.apt_repository:
+    repo: "deb [arch={{ ansible_architecture }} signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com {{ ansible_lsb.codename }} main"
+    filename: hashicorp
+    state: present
+  vars:
+    ansible_lsb:
+      codename: "{{ ansible_facts['lsb']['codename'] }}"
+    ansible_architecture: "{{ ansible_facts['architecture'] }}"
+  when: hashicorp_gpg_download.changed
+
+- name: Update apt cache after adding Hashicorp repository
+  ansible.builtin.apt:
+    update_cache: yes
+    cache_valid_time: 3600 # Cache validity in seconds
+
+- name: Install Vagrant
+  ansible.builtin.apt:
+    name: vagrant
+    state: present
diff --git a/roles/setup/tasks/lazygit_ripgrep.yml b/roles/setup/tasks/lazygit_ripgrep.yml
new file mode 100644
index 0000000..8ce3cb3
--- /dev/null
+++ b/roles/setup/tasks/lazygit_ripgrep.yml
@@ -0,0 +1,48 @@
+---
+- name: Get latest lazygit version
+  shell: |
+    curl -s "https://api.github.com/repos/jesseduffield/lazygit/releases/latest" |
+    grep -Po '"tag_name": *"v\K[^"]*'
+  register: lazygit_version
+  changed_when: false
+
+- name: Download lazygit tar.gz
+  get_url:
+    url: "https://github.com/jesseduffield/lazygit/releases/download/v{{ lazygit_version.stdout }}/lazygit_{{ lazygit_version.stdout }}_Linux_x86_64.tar.gz"
+    dest: "/tmp/lazygit.tar.gz"
+
+- name: Extract lazygit binary
+  unarchive:
+    src: "/tmp/lazygit.tar.gz"
+    dest: "/tmp"
+    creates: "/tmp/lazygit"
+    remote_src: yes
+
+- name: Install lazygit
+  copy:
+    src: "/tmp/lazygit"
+    dest: /usr/local/bin/lazygit
+    mode: "0755"
+
+- name: Remove lazygit tar.gz and binary
+  file:
+    path: "{{ item }}"
+    state: absent
+  loop:
+    - "/tmp/lazygit.tar.gz"
+    - "/tmp/lazygit"
+
+- name: Download ripgrep deb
+  get_url:
+    url: https://github.com/BurntSushi/ripgrep/releases/download/14.1.0/ripgrep_14.1.0-1_amd64.deb
+    dest: "/tmp/ripgrep_14.1.0-1_amd64.deb"
+
+- name: Install ripgrep
+  apt:
+    deb: "/tmp/ripgrep_14.1.0-1_amd64.deb"
+    state: present
+
+- name: Remove ripgrep deb
+  file:
+    path: "/tmp/ripgrep_14.1.0-1_amd64.deb"
+    state: absent
diff --git a/roles/setup/tasks/main.yml b/roles/setup/tasks/main.yml
new file mode 100644
index 0000000..b1c5d9a
--- /dev/null
+++ b/roles/setup/tasks/main.yml
@@ -0,0 +1,15 @@
+---
+- import_tasks: apt.yml
+- import_tasks: snap.yml
+- import_tasks: nvim_rust.yml
+- import_tasks: ghostty.yml
+- import_tasks: pacstall_ledger.yml
+- import_tasks: git_delta_atuin.yml
+- import_tasks: starship_eurkey_veracrypt.yml
+- import_tasks: fira_code_fonts.yml
+- import_tasks: remove_ubuntu_banner.yml
+- import_tasks: protonvpn.yml
+- import_tasks: docker.yml
+- import_tasks: paisa.yml
+- import_tasks: lazygit_ripgrep.yml
+- import_tasks: hashicorp_vagrant.yml
diff --git a/roles/setup/tasks/nvim_rust.yml b/roles/setup/tasks/nvim_rust.yml
new file mode 100644
index 0000000..06f5a34
--- /dev/null
+++ b/roles/setup/tasks/nvim_rust.yml
@@ -0,0 +1,11 @@
+---
+- name: Install neovim npm package globally
+  npm:
+    name: neovim
+    global: yes
+
+- name: Install Rust (via rustup)
+  become: false
+  shell: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
+  args:
+    creates: "{{ ansible_env.HOME }}/.cargo/bin/rustc"
diff --git a/roles/setup/tasks/pacstall_ledger.yml b/roles/setup/tasks/pacstall_ledger.yml
new file mode 100644
index 0000000..f0e4359
--- /dev/null
+++ b/roles/setup/tasks/pacstall_ledger.yml
@@ -0,0 +1,19 @@
+---
+- name: Install Pacstall
+  shell: bash -c "$(curl -fsSL https://pacstall.dev/q/install)"
+  args:
+    creates: /usr/local/bin/pacstall # Adjust based on pacstall install path
+
+- name: Add Ledger PPA
+  apt_repository:
+    repo: ppa:mbudde/ledger
+    state: present
+
+- name: Update apt cache after adding Ledger PPA
+  apt:
+    update_cache: yes
+
+- name: Install ledger
+  apt:
+    name: ledger
+    state: present
diff --git a/roles/setup/tasks/paisa.yml b/roles/setup/tasks/paisa.yml
new file mode 100644
index 0000000..4eff467
--- /dev/null
+++ b/roles/setup/tasks/paisa.yml
@@ -0,0 +1,48 @@
+---
+- name: Backup current sources.list
+  copy:
+    src: /etc/apt/sources.list
+    dest: /etc/apt/sources.list.bak
+    remote_src: yes
+
+- name: Add universe repository temporarily
+  lineinfile:
+    path: /etc/apt/sources.list
+    line: "deb http://archive.ubuntu.com/ubuntu jammy main universe"
+    insertafter: EOF
+
+- name: Update apt cache
+  apt:
+    update_cache: yes
+
+- name: Upgrade all packages
+  apt:
+    upgrade: dist
+
+- name: Install dependencies for Paisa
+  apt:
+    name:
+      - libwebkit2gtk-4.0-dev
+      - webkit2gtk
+    state: present
+
+- name: Restore original sources.list
+  copy:
+    src: /etc/apt/sources.list.bak
+    dest: /etc/apt/sources.list
+    remote_src: yes
+
+- name: Download Paisa app deb
+  get_url:
+    url: https://github.com/ananthakumaran/paisa/releases/download/v0.7.1/paisa-app-linux-amd64.deb
+    dest: "/tmp/paisa-app-linux-amd64.deb"
+
+- name: Install Paisa
+  apt:
+    deb: "/tmp/paisa-app-linux-amd64.deb"
+    state: present
+
+- name: Remove Paisa deb
+  file:
+    path: "/tmp/paisa-app-linux-amd64.deb"
+    state: absent
diff --git a/roles/setup/tasks/protonvpn.yml b/roles/setup/tasks/protonvpn.yml
new file mode 100644
index 0000000..01125fa
--- /dev/null
+++ b/roles/setup/tasks/protonvpn.yml
@@ -0,0 +1,33 @@
+---
+- name: Download ProtonVPN release deb
+  get_url:
+    url: https://repo.protonvpn.com/debian/dists/stable/main/binary-all/protonvpn-stable-release_1.0.6_all.deb
+    dest: "/tmp/protonvpn-stable-release_1.0.6_all.deb"
+
+- name: Verify ProtonVPN deb checksum
+  shell: echo "e5e03976d0980bafdf07da2f71b14fbc883c091e72b16772199742c98473002f /tmp/protonvpn-stable-release_1.0.6_all.deb" | sha256sum --check -
+  register: checksum_result
+  failed_when: "'FAILED' in checksum_result.stdout"
+
+- name: Install ProtonVPN release package
+  apt:
+    deb: "/tmp/protonvpn-stable-release_1.0.6_all.deb"
+    state: present
+
+- name: Update apt cache after ProtonVPN repo added
+  apt:
+    update_cache: yes
+
+- name: Install ProtonVPN GNOME desktop
+  apt:
+    name:
+      - proton-vpn-gnome-desktop
+      - libayatana-appindicator3-1
+      - gir1.2-ayatanaappindicator3-0.1
+      - gnome-shell-extension-appindicator
+    state: present
+
+- name: Remove ProtonVPN release deb
+  file:
+    path: "/tmp/protonvpn-stable-release_1.0.6_all.deb"
+    state: absent
diff --git a/roles/setup/tasks/remove_ubuntu_banner.yml b/roles/setup/tasks/remove_ubuntu_banner.yml
new file mode 100644
index 0000000..2dd08cc
--- /dev/null
+++ b/roles/setup/tasks/remove_ubuntu_banner.yml
@@ -0,0 +1,14 @@
+---
+- name: Backup Ubuntu Pro banner configuration
+  command: mv /etc/apt/apt.conf.d/20apt-esm-hook.conf /etc/apt/apt.conf.d/20apt-esm-hook.conf.bak
+  args:
+    removes: /etc/apt/apt.conf.d/20apt-esm-hook.conf
+
+- name: Create empty Ubuntu Pro banner configuration
+  file:
+    path: /etc/apt/apt.conf.d/20apt-esm-hook.conf
+    state: touch
+
+- name: Update apt cache
+  apt:
+    update_cache: yes
diff --git a/roles/setup/tasks/snap.yml b/roles/setup/tasks/snap.yml
new file mode 100644
index 0000000..759df06
--- /dev/null
+++ b/roles/setup/tasks/snap.yml
@@ -0,0 +1,22 @@
+---
+- name: Install snap packages - bottom
+  snap:
+    name: bottom
+    state: present
+
+- name: Install snap packages - signal-desktop
+  snap:
+    name: signal-desktop
+    state: present
+
+- name: Install snap packages - nvim
+  snap:
+    name: nvim
+    classic: true
+    state: present
+
+- name: Install snap packages - zellij
+  snap:
+    name: zellij
+    classic: true
+    state: present
diff --git a/roles/setup/tasks/starship_eurkey_veracrypt.yml b/roles/setup/tasks/starship_eurkey_veracrypt.yml
new file mode 100644
index 0000000..8c1959c
--- /dev/null
+++ b/roles/setup/tasks/starship_eurkey_veracrypt.yml
@@ -0,0 +1,36 @@
+---
+- name: Install starship
+  become: false
+  shell: curl -sS https://starship.rs/install.sh | sh -s -- -y
+  args:
+    creates: "{{ ansible_env.HOME }}/.config/starship.toml" # Adjust based on where starship installs
+
+- name: Download EurKey deb
+  get_url:
+    url: https://eurkey.steffen.bruentjen.eu/download/debian/eurkey.deb
+    dest: "/tmp/eurkey.deb"
+
+- name: Install EurKey
+  apt:
+    deb: "/tmp/eurkey.deb"
+    state: present
+
+- name: Remove EurKey deb
+  file:
+    path: "/tmp/eurkey.deb"
+    state: absent
+
+- name: Download Veracrypt deb
+  get_url:
+    url: https://launchpad.net/veracrypt/trunk/1.26.14/+download/veracrypt-1.26.14-Debian-12-amd64.deb
+    dest: "/tmp/veracrypt.deb"
+
+- name: Install Veracrypt
+  apt:
+    deb: "/tmp/veracrypt.deb"
+    state: present
+
+- name: Remove Veracrypt deb
+  file:
+    path: "/tmp/veracrypt.deb"
+    state: absent