refactor(ansible): use ansible_user_id and add root package condition

Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
2025-04-27 18:15:07 +02:00
parent 7fcee3912f
commit 8f2998abc0
10 changed files with 39 additions and 25 deletions
--- a/group_vars/proxmox/secrets_vm.yml
+++ b/group_vars/proxmox/secrets_vm.yml
@@ -1,8 +1,8 @@
 $ANSIBLE_VAULT;1.1;AES256
-64623839343136343037346662393336313734626237393336666138303264646634363535356632
-6161643031656639383939616338353432303832633466320a376135363361613563343231326430
-36316264346434343366396334643466366364386266316261363336396539626132613865353236
-6366633136613064650a303831646430343431323338653566633665653162633664366163653864
-35326266646534366665366238656132393163306161393966353338626266313339396465333539
-63663133323231623030633964383239373337313439396363306134353961616661343963363332
-663962656462316461643565383833396164
+37613534383362613234623233396435336239353166353561613666643137356466663139626439
+6233666333623133343533323036646630613463323638350a613932343238316339383633316266
+65333436623532386139386331386330363664323864313536356365373165386363336439656161
+6363623734623633340a626165353035316135356630356461363533653066643735373762363035
+61623435643337613236313035333366373131363132656235623363343832663732656437363832
+61313235323862653833313531306638373137633063323939373537353165316139633235393137
+306131653436333463666637363363646530
--- a/roles/common/tasks/bash.yml
+++ b/roles/common/tasks/bash.yml
@@ -2,9 +2,9 @@
 - name: Copy bash-configs
  ansible.builtin.template:
    src: "files/bash/{{ item }}"
-    dest: "/home/{{ user }}/.{{ item }}"
-    owner: "{{ user }}"
-    group: "{{ user }}"
+    dest: "{{ ansible_env.HOME }}/.{{ item }}"
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
    mode: "644"
  loop:
    - bashrc
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -1,10 +1,10 @@
 ---
 - name: Configure Time
  ansible.builtin.include_tasks: time.yml
- name: Configure Hostname
-  ansible.builtin.include_tasks: hostname.yml
 - name: Configure Packages
  ansible.builtin.include_tasks: packages.yml
+- name: Configure Hostname
+  ansible.builtin.include_tasks: hostname.yml
 - name: Configure Extra-Packages
  ansible.builtin.include_tasks: extra_packages.yml
 - name: Configure Bash
--- a/roles/common/tasks/packages.yml
+++ b/roles/common/tasks/packages.yml
@@ -5,9 +5,23 @@
    upgrade: true
    autoremove: true
  become: true
+  when: ansible_user_id != "root"

 - name: Install base packages
  ansible.builtin.apt:
    name: "{{ common_packages }}"
    state: present
-  become: true
+  when: ansible_user_id != "root"
+
+- name: Update and upgrade packages
+  ansible.builtin.apt:
+    update_cache: true
+    upgrade: true
+    autoremove: true
+  when: ansible_user_id == "root"
+
+- name: Install base packages
+  ansible.builtin.apt:
+    name: "{{ common_packages }}"
+    state: present
+  when: ansible_user_id == "root"
--- a/roles/docker_host/tasks/deploy_compose.yml
+++ b/roles/docker_host/tasks/deploy_compose.yml
@@ -3,8 +3,8 @@
  ansible.builtin.template:
    src: "templates/compose.yaml.j2"
    dest: "{{ docker.directories.compose }}/compose.yaml"
-    owner: "{{ user }}"
-    group: "{{ user }}"
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
    mode: "644"
    backup: true
  notify:
--- a/roles/docker_host/tasks/directory_setup.yml
+++ b/roles/docker_host/tasks/directory_setup.yml
@@ -14,11 +14,11 @@
    - "{{ docker.directories.compose }}"
  become: true

- name: Set ownership to {{ user }}
+- name: Set ownership to {{ ansible_user_id }}
  ansible.builtin.file:
    path: "{{ item }}"
-    owner: "{{ user }}"
-    group: "{{ user }}"
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
  loop:
    - "{{ docker.directories.local }}"
    - "{{ docker.directories.config }}"
--- a/roles/docker_host/tasks/provision.yml
+++ b/roles/docker_host/tasks/provision.yml
@@ -6,8 +6,8 @@
 - name: Run Keycloak tasks
  ansible.builtin.file:
    path: "{{ docker.directories.local }}/keycloak/"
-    owner: "{{ user }}"
-    group: "{{ user }}"
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
    state: directory
    mode: "0755"
  when: is_keycloak_host | bool
@@ -17,8 +17,8 @@
  ansible.builtin.template:
    src: "templates/keycloak/realm.json.j2"
    dest: "{{ docker.directories.local }}/keycloak/{{ keycloak.realm }}-realm.json"
-    owner: "{{ user }}"
-    group: "{{ user }}"
+    owner: "{{ ansible_user_id }}"
+    group: "{{ ansible_user_id }}"
    mode: "644"
    backup: true
  when: is_keycloak_host | bool
--- a/roles/docker_host/tasks/user_group_setup.yml
+++ b/roles/docker_host/tasks/user_group_setup.yml
@@ -5,9 +5,9 @@
    state: present
  become: true

- name: Append the group docker to "{{ user }}"
+- name: Append the group docker to "{{ ansible_user_id }}"
  ansible.builtin.user:
-    name: "{{ user }}"
+    name: "{{ ansible_user_id }}"
    shell: /bin/bash
    groups: docker
    append: true
--- a/roles/docker_host/vars/main.yml
+++ b/roles/docker_host/vars/main.yml
@@ -1,2 +1,3 @@
 docker_host_package_common_dependencies:
  - nfs-common
+  - firmware-misc-nonfree
--- a/roles/proxmox/vars/main.yml
+++ b/roles/proxmox/vars/main.yml
@@ -21,6 +21,5 @@ proxmox_tags:
 proxmox_node_dependencies:
  - libguestfs-tools
  - nmap
-  - firmware-misc-nonfree

 proxmox_localhost_dependencies: []