diff --git a/ansible.cfg b/ansible.cfg index 7dad879..032c09e 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -9,6 +9,10 @@ inventory=./inventory/production # If executable, it will be run and the resulting stdout will be used as the password. vault_password_file=/media/veracrypt1/scripts/ansible_vault.sh +# (path) The password file to use for the become plugin. --become-password-file. +# If executable, it will be run and the resulting stdout will be used as the password. +become_password_file=/media/veracrypt1/scripts/ansible_become.sh + # (list) Check all of these extensions when looking for 'variable' files which should be YAML or JSON or vaulted versions of these. # This affects vars_files, include_vars, inventory and vars plugins among others. yaml_valid_extensions=.yml diff --git a/roles/ubuntu/tasks/atuin.yml b/roles/ubuntu/tasks/atuin.yml deleted file mode 100644 index e51a2ea..0000000 --- a/roles/ubuntu/tasks/atuin.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Install atuin - ansible.builtin.shell: yes | bash -c "curl --proto '=https' --tlsv1.2 -LsSf https://setup.atuin.sh" - args: - creates: "{{ ansible_env.HOME }}/.config/atuin" # Adjust based on atuin installation diff --git a/roles/ubuntu/tasks/curl.yml b/roles/ubuntu/tasks/curl.yml new file mode 100644 index 0000000..4919755 --- /dev/null +++ b/roles/ubuntu/tasks/curl.yml @@ -0,0 +1,19 @@ +--- +- name: Install starship + ansible.builtin.shell: set -o pipefail && curl -fsSL https://starship.rs/install.sh | sh -s -- --yes + args: + executable: /usr/bin/bash + creates: "{{ ansible_env.HOME }}/.config/starship.toml" + +- name: Install Pacstall + ansible.builtin.shell: yes | bash -c "$(curl -fsSL https://pacstall.dev/q/install)" + args: + executable: /usr/bin/bash + creates: /usr/local/bin/pacstall + become: true + +- name: Install atuin + ansible.builtin.shell: set -o pipefail && curl -fsSL https://setup.atuin.sh | sh -s -- --yes + args: + executable: /usr/bin/bash + creates: "{{ ansible_env.HOME }}/.config/atuin" diff --git a/roles/ubuntu/tasks/eurkey.yml b/roles/ubuntu/tasks/eurkey.yml deleted file mode 100644 index 166b3a0..0000000 --- a/roles/ubuntu/tasks/eurkey.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: Download EurKey deb - ansible.builtin.get_url: - url: https://eurkey.steffen.bruentjen.eu/download/debian/eurkey.deb - dest: "/tmp/eurkey.deb" - -- name: Install EurKey - ansible.builtin.apt: - deb: "/tmp/eurkey.deb" - state: present - become: true - -- name: Remove EurKey deb - ansible.builtin.file: - path: "/tmp/eurkey.deb" - state: absent diff --git a/roles/ubuntu/tasks/fira_code_fonts.yml b/roles/ubuntu/tasks/fira_code_fonts.yml index 87e9a84..8293f8c 100644 --- a/roles/ubuntu/tasks/fira_code_fonts.yml +++ b/roles/ubuntu/tasks/fira_code_fonts.yml @@ -9,6 +9,7 @@ ansible.builtin.get_url: url: https://github.com/ryanoasis/nerd-fonts/releases/download/v3.3.0/FiraMono.zip dest: "/tmp/FiraMono.zip" + mode: "0600" - name: Extract FiraCode from zip ansible.builtin.unarchive: diff --git a/roles/ubuntu/tasks/ghostty.yml b/roles/ubuntu/tasks/ghostty.yml deleted file mode 100644 index f1f47a5..0000000 --- a/roles/ubuntu/tasks/ghostty.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: Get OS release info - ansible.builtin.shell: source /etc/os-release && echo $VERSION_ID - args: - executable: /bin/bash - register: version_id - changed_when: false - -- name: Get Ghostty DEB URL - ansible.builtin.shell: | - curl -s https://api.github.com/repos/mkasberg/ghostty-ubuntu/releases/latest | - grep -oP "https://github.com/mkasberg/ghostty-ubuntu/releases/download/[^\s/]+/ghostty_[^\s/_]+_{{ aarch }}_{{ version_id.stdout }}.deb" - register: ghostty_deb_url - changed_when: false - -- name: Download Ghostty deb file - ansible.builtin.get_url: - url: "{{ ghostty_deb_url.stdout }}" - dest: "/tmp/{{ ghostty_deb_url.stdout | basename }}" - mode: "0755" - -- name: Install Ghostty - ansible.builtin.apt: - deb: "/tmp/{{ ghostty_deb_url.stdout | basename }}" - state: present - become: true - -- name: Remove Ghostty deb file - ansible.builtin.file: - path: "/tmp/{{ ghostty_deb_url.stdout | basename }}" - state: absent diff --git a/roles/ubuntu/tasks/git_deb.yml b/roles/ubuntu/tasks/git_deb.yml new file mode 100644 index 0000000..c524baa --- /dev/null +++ b/roles/ubuntu/tasks/git_deb.yml @@ -0,0 +1,35 @@ +--- +- name: "Get latest version: {{ project.name }}" + ansible.builtin.shell: | + set -o pipefail && curl -s "https://api.github.com/repos/{{ project.repo }}/releases/latest" | + grep -Po '"tag_name": *"(VeraCrypt_|v)?\K[^"]*' + args: + executable: /usr/bin/bash + register: project_version + changed_when: false + when: (project.repo | length > 0) and not item.skip + +- name: "Set version: {{ project_version }}" + ansible.builtin.set_fact: + project_version: "{{ project_version.stdout }}" + when: (project.repo | length > 0) and not item.skip + +- name: "Download deb: {{ project.name }}" + ansible.builtin.get_url: + url: "{{ project.url | replace(project_version_placeholder, project_version) }}" + dest: "/tmp/{{ project.name }}.deb" + mode: "0666" + when: not item.skip + +- name: Install {{ project.name }} + ansible.builtin.apt: + deb: "/tmp/{{ project.name }}.deb" + state: present + become: true + when: not item.skip + +- name: Remove deb + ansible.builtin.file: + path: "/tmp/{{ project.name }}.deb" + state: absent + when: not item.skip diff --git a/roles/ubuntu/tasks/git_delta.yml b/roles/ubuntu/tasks/git_delta.yml deleted file mode 100644 index 80ab0e9..0000000 --- a/roles/ubuntu/tasks/git_delta.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: Download git-delta deb - ansible.builtin.get_url: - url: "https://github.com/dandavison/delta/releases/download/0.18.2/git-delta-musl_0.18.2_{{ aarch }}.deb" - dest: "/tmp/git-delta-musl_0.18.2_{{ aarch }}.deb" - -- name: Install git-delta - ansible.builtin.apt: - deb: "/tmp/git-delta-musl_0.18.2_{{ aarch }}.deb" - state: present - become: true - -- name: Remove git-delta deb - ansible.builtin.file: - path: "/tmp/git-delta-musl_0.18.2_{{ aarch }}.deb" - state: absent diff --git a/roles/ubuntu/tasks/github_releases.yml b/roles/ubuntu/tasks/github_releases.yml index dcb996f..7158861 100644 --- a/roles/ubuntu/tasks/github_releases.yml +++ b/roles/ubuntu/tasks/github_releases.yml @@ -1,14 +1,20 @@ --- - name: "Get latest version: {{ project.name }}" ansible.builtin.shell: | - curl -s "https://api.github.com/repos/{{ project.repo }}/releases/latest" | - grep -Po '"tag_name": *"v\K[^"]*' + set -o pipefail && curl -s "https://api.github.com/repos/{{ project.repo }}/releases/latest" | + grep -Po '"tag_name": *"v?\K[^"]*' + args: + executable: /usr/bin/bash register: project_version changed_when: false +- name: "Set version: {{ project_version }}" + ansible.builtin.set_fact: + project_version: "{{ project_version.stdout }}" + - name: "Download: {{ project.name }}" ansible.builtin.get_url: - url: "https://github.com/{{ project.repo }}/releases/download/v{{ project_version.stdout }}/{{ project.name }}_{{ project_version.stdout }}_Linux_x86_64.tar.gz" + url: "https://github.com/{{ project.repo }}/releases/download/v{{ project_version }}/{{ project.name }}_{{ project_version }}_Linux_x86_64.tar.gz" dest: "/tmp/{{ project.name }}.tar.gz" mode: "0666" diff --git a/roles/ubuntu/tasks/main.yml b/roles/ubuntu/tasks/main.yml index ea372a1..35945c5 100644 --- a/roles/ubuntu/tasks/main.yml +++ b/roles/ubuntu/tasks/main.yml @@ -3,26 +3,24 @@ ansible.builtin.import_tasks: apt.yml - name: Install snap packages ansible.builtin.import_tasks: snap.yml +- name: Curl Installations + ansible.builtin.import_tasks: curl.yml +- name: Github .deb installations + ansible.builtin.include_tasks: git_deb.yml + vars: + project: "{{ item }}" + loop: "{{ github_deb }}" +- name: "Install {{ item }}" + ansible.builtin.include_tasks: github_releases.yml + vars: + project: "{{ item }}" + loop: "{{ github_releases }}" - name: Install nvim ansible.builtin.import_tasks: nvim.yml - name: Install Rust ansible.builtin.import_tasks: rust.yml -- name: Ghostty - ansible.builtin.import_tasks: ghostty.yml -- name: Install pacstall - ansible.builtin.import_tasks: pacstall.yml - name: Install ledger ansible.builtin.import_tasks: ledger_cli.yml -- name: Install git-delta - ansible.builtin.import_tasks: git_delta.yml -- name: Install atuin - ansible.builtin.import_tasks: atuin.yml -- name: Install Starship - ansible.builtin.import_tasks: starship.yml -- name: Install EurKey - ansible.builtin.import_tasks: eurkey.yml -# - name: Install Veracrypt -# ansible.builtin.import_tasks: veracrypt.yml - name: Install FiraCode ansible.builtin.import_tasks: fira_code_fonts.yml - name: Remove Ubuntu Pro Banner @@ -31,12 +29,5 @@ ansible.builtin.import_tasks: protonvpn.yml - name: Install Docker ansible.builtin.import_tasks: docker.yml -- name: "Install {{ item }}" - ansible.builtin.include_tasks: github_releases.yml - vars: - project: "{{ item }}" - loop: "{{ github_releases }}" -- name: Install ripgrep - ansible.builtin.import_tasks: ripgrep.yml - name: Install Vagrant ansible.builtin.import_tasks: hashicorp_vagrant.yml diff --git a/roles/ubuntu/tasks/pacstall.yml b/roles/ubuntu/tasks/pacstall.yml deleted file mode 100644 index 8e8eb1f..0000000 --- a/roles/ubuntu/tasks/pacstall.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Install Pacstall - ansible.builtin.shell: yes | bash -c "$(curl -fsSL https://pacstall.dev/q/install)" - args: - creates: /usr/local/bin/pacstall # Adjust based on pacstall install path - become: true diff --git a/roles/ubuntu/tasks/remove_ubuntu_banner.yml b/roles/ubuntu/tasks/remove_ubuntu_banner.yml index 3bfa32d..80eb59d 100644 --- a/roles/ubuntu/tasks/remove_ubuntu_banner.yml +++ b/roles/ubuntu/tasks/remove_ubuntu_banner.yml @@ -9,6 +9,7 @@ ansible.builtin.file: path: /etc/apt/apt.conf.d/20apt-esm-hook.conf state: touch + mode: "0600" become: true - name: Update apt cache diff --git a/roles/ubuntu/tasks/ripgrep.yml b/roles/ubuntu/tasks/ripgrep.yml deleted file mode 100644 index 0df907f..0000000 --- a/roles/ubuntu/tasks/ripgrep.yml +++ /dev/null @@ -1,15 +0,0 @@ -- name: Download ripgrep deb - ansible.builtin.get_url: - url: https://github.com/BurntSushi/ripgrep/releases/download/14.1.0/ripgrep_14.1.0-1_{{ aarch }}.deb - dest: "/tmp/ripgrep_14.1.0-1_{{ aarch }}.deb" - -- name: Install ripgrep - ansible.builtin.apt: - deb: "/tmp/ripgrep_14.1.0-1_{{ aarch }}.deb" - state: present - become: true - -- name: Remove ripgrep deb - ansible.builtin.file: - path: "/tmp/ripgrep_14.1.0-1_{{ aarch }}.deb" - state: absent diff --git a/roles/ubuntu/tasks/rust.yml b/roles/ubuntu/tasks/rust.yml index 0b693e3..e731664 100644 --- a/roles/ubuntu/tasks/rust.yml +++ b/roles/ubuntu/tasks/rust.yml @@ -1,11 +1,16 @@ --- - name: Install Rust (via rustup) - ansible.builtin.shell: yes | curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs + ansible.builtin.shell: set -o pipefail && yes | curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs args: + executable: /usr/bin/bash creates: "{{ ansible_env.HOME }}/.cargo/bin/rustc" - name: Install bininstall - ansible.builtin.shell: yes | curl -L --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh + ansible.builtin.shell: set -o pipefail &&yes | curl -L --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh + args: + executable: /usr/bin/bash -- name: Install bininstall - ansible.builtin.shell: yes | cargo binstall dioxus-cli +- name: Install dioxus-cli + ansible.builtin.shell: set -o pipefail && yes | cargo binstall dioxus-cli + args: + executable: /usr/bin/bash diff --git a/roles/ubuntu/tasks/starship.yml b/roles/ubuntu/tasks/starship.yml deleted file mode 100644 index 74465fe..0000000 --- a/roles/ubuntu/tasks/starship.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Install starship - ansible.builtin.shell: yes | bash -c "curl -sS https://starship.rs/install.sh" - args: - creates: "{{ ansible_env.HOME }}/.config/starship.toml" # Adjust based on where starship installs diff --git a/roles/ubuntu/tasks/veracrypt.yml b/roles/ubuntu/tasks/veracrypt.yml deleted file mode 100644 index 9162464..0000000 --- a/roles/ubuntu/tasks/veracrypt.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: Download Veracrypt deb - ansible.builtin.get_url: - url: "https://launchpad.net/veracrypt/trunk/1.26.20/+download/veracrypt-1.26.20-Debian-12-{{ aarch }}.deb" - dest: "/tmp/veracrypt.deb" - -- name: Install Veracrypt - ansible.builtin.apt: - deb: "/tmp/veracrypt.deb" - state: present - become: true - -- name: Remove Veracrypt deb - ansible.builtin.file: - path: "/tmp/veracrypt.deb" - state: absent diff --git a/roles/ubuntu/vars/main.yml b/roles/ubuntu/vars/main.yml index 3ab1207..774249c 100644 --- a/roles/ubuntu/vars/main.yml +++ b/roles/ubuntu/vars/main.yml @@ -91,3 +91,27 @@ github_releases: repo: jesseduffield/lazygit - name: lazydocker repo: jesseduffield/lazydocker + +project_version_placeholder: "" + +github_deb: + - name: delta + repo: dandavison/delta + url: https://github.com/dandavison/delta/releases/download/{{ project_version_placeholder }}/git-delta_{{ project_version_placeholder }}_{{ aarch }}.deb + skip: false + - name: eurkey + repo: "" + url: https://eurkey.steffen.bruentjen.eu/download/debian/eurkey.deb + skip: false + - name: ripgrep + repo: BurntSushi/ripgrep + url: https://github.com/BurntSushi/ripgrep/releases/download/{{ project_version_placeholder }}/ripgrep_{{ project_version_placeholder }}-1_{{ aarch }}.deb + skip: false + - name: veracrypt + repo: veracrypt/Veracrypt + url: https://github.com/veracrypt/VeraCrypt/releases/download/VeraCrypt_{{ project_version_placeholder }}/veracrypt-{{ project_version_placeholder }}-{{ ansible_distribution }}-{{ ansible_distribution_version }}-{{ aarch }}.deb + skip: true + - name: ghostty + repo: mkasberg/ghostty-ubuntu + url: https://github.com/mkasberg/ghostty-ubuntu/releases/download/{{ project_version_placeholder }}/ghostty_{{ project_version_placeholder }}_{{ aarch }}_{{ ansible_distribution_version }}.deb + skip: true