fix(ubuntu): Fixed pipefile sets (wip)

Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
feat(ubuntu): Added jdk)
2025-03-16 11:16:43 +01:00 · 2025-02-18 08:04:49 +01:00 · 2025-02-17 18:19:08 +01:00 · 2025-02-12 23:35:02 +01:00 · 2025-02-10 21:33:40 +01:00 · 2025-02-07 09:39:48 +01:00
21 changed files with 643 additions and 84 deletions
--- a/31
+++ b/31
@@ -0,0 +1,31 @@
 # -*- mode: ruby -*-
 # vi: set ft=ruby :
 Vagrant.configure("2") do |config|
  config.vm.box = "bento/ubuntu-24.04"
  config.vm.box_version = "202404.26.0"
  # Configure VM provider resources (optional)
  config.vm.provider :virtualbox do |v|
    v.memory = 4096
    v.cpus = 2
  end
  config.vm.define "test" do |v|
    v.vm.hostname = "test"
    v.vm.network :private_network, ip: "192.168.56.123"
    v.vm.provision "bootstrap", type: "shell" do |s|
      s.inline = "sudo apt install ansible -y"
    end
    #
    # Use Ansible for provisioning
    v.vm.provision "ansible" do |ansible|
      ansible.playbook = "playbook.yml"  # Path to the Ansible playbook relative to the Vagrantfile
      ansible.inventory_path = "inventory"  # Path to the inventory file
      # Extra vars can be defined if needed
      # ansible.extra_vars = { some_var: "value" }
    end
  end
 end
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -9,6 +9,10 @@ inventory=./inventory/production
 # If executable, it will be run and the resulting stdout will be used as the password.
 vault_password_file=/media/veracrypt1/scripts/ansible_vault.sh
 # (path) The password file to use for the become plugin. --become-password-file.
 # If executable, it will be run and the resulting stdout will be used as the password.
 become_password_file=/media/veracrypt1/scripts/ansible_become.sh
 # (list) Check all of these extensions when looking for 'variable' files which should be YAML or JSON or vaulted versions of these.
 # This affects vars_files, include_vars, inventory and vars plugins among others.
 yaml_valid_extensions=.yml
--- a/group_vars/docker/vars.yml
+++ b/group_vars/docker/vars.yml
@@ -2,14 +2,17 @@ docker:
  url: "https://download.docker.com/linux"
  apt_release_channel: "stable"
  directories:
-    opt: "/opt/docker/"
+    config: "/opt/docker/config/"
-    compose: "/opt/docker/compose"
+    compose: "/opt/docker/compose/"
    media: "/media/docker/data/"
 caddy:
  admin_email: me+acme@tudattr.dev
 domain: "seyshiro.de"
 elk_version: 8.17.0
 services:
  - name: syncthing
    vm:
@@ -121,7 +124,7 @@ services:
        external: /opt/local/jellyfin/config
      - name: "Cache"
        internal: /cache
-        external: /opt/docker/config/jellyfin/cache
+        external: "{{ docker.directories.config }}/jellyfin/cache"
      - name: "Tv Series"
        internal: /tv:ro
        external: /media/series
@@ -176,7 +179,7 @@ services:
    volumes:
      - name: "Configuration"
        internal: /updater/data/"
-        external: /opt/docker/config/ddns-updater/data/
+        external: "{{ docker.directories.config }}/ddns-updater/data/"
    ports:
      - name: "http"
        internal: 8000
@@ -355,7 +358,7 @@ services:
    volumes:
      - name: "Data"
        internal: /datastore
-        external: /opt/docker/config/changedetection/data/
+        external: "{{ docker.directories.config }}/changedetection/data/"
    ports:
      - name: "http"
        internal: 5000
@@ -375,7 +378,7 @@ services:
    volumes:
      - name: "Configuration"
        internal: /gluetun
-        external: /opt/docker/config/gluetun/config
+        external: "{{ docker.directories.config }}/gluetun/config"
    ports:
      - name: "Qbit Client"
        internal: 8082
@@ -405,7 +408,7 @@ services:
    volumes:
      - name: "Configuration"
        internal: /config
-        external: /opt/docker/config/torrentleech/config
+        external: "{{ docker.directories.config }}/torrentleech/config"
      - name: "Downloads"
        internal: /downloads
        external: /media/docker/data/arr_downloads
@@ -431,7 +434,7 @@ services:
    volumes:
      - name: "Configuration"
        internal: /config
-        external: /opt/docker/config/qbit/config
+        external: "{{ docker.directories.config }}/qbit/config"
      - name: "Downloads"
        internal: /downloads
        external: /media/docker/data/arr_downloads
@@ -470,79 +473,60 @@ services:
      - name: "Docker"
        internal: /var/lib/docker:ro
        external: /var/lib/docker
-  # - name: template
+  - name: elasticsearch
-  #   vm:
+    vm:
-  #     -
+      - docker-host01
-  #   container_name:
+    container_name: elasticsearch
-  #   image:
+    image: "docker.elastic.co/elasticsearch/elasticsearch:{{ elk_version }}"
-  #   restart:
+    restart: unless-stopped
-  #   volumes:
+    ports:
-  #     - name:
+      - name: ""
-  #       internal:
+        internal: 9200
-  #       external:
+        external: 9200
-  #   ports:
+      - name: ""
-  #     - name:
+        internal: 9300
-  #       internal:
+        external: 9300
-  #       external:
+    volumes:
-  #   environment:
+      - name: "data"
-  #     -
+        internal: /usr/share/elasticsearch/data
-  # - name: calibre
+        external: "{{ docker.directories.config }}/elk/elasticsearch/data"
-  #   vm:
+      - name: "certs"
-  #     - docker-host00
+        internal: /usr/share/elasticsearch/config/certs
-  #   container_name: calibre
+        external: "{{ docker.directories.config }}/elk/certs"
-  #   image: lscr.io/linuxserver/calibre-web:latest
+    environment:
-  #   restart: unless-stopped
+      - node.name=elasticsearch
-  #   volumes:
+      - cluster.name=docker-cluster
-  #     - name: "Configuration"
+      - discovery.type=single-node
-  #       internal: /config"
+      - "ELASTIC_PASSWORD={{ vault.docker.elk.elastic.password }}"
-  #       external: /opt/local/calibre/
+      - xpack.security.enabled=true
-  #     - name: "Books"
+      - xpack.security.authc.api_key.enabled=true
-  #       internal: /books"
+      - xpack.security.http.ssl.enabled=true
-  #       external: /media/docker/data/calibre/
+      - xpack.security.http.ssl.key=certs/elasticsearch.key
-  #   ports:
+      - xpack.security.http.ssl.certificate=certs/elasticsearch.crt
-  #     - name: "http"
+      - xpack.security.http.ssl.certificate_authorities=certs/ca.crt
-  #       internal: 5000
+      - xpack.security.transport.ssl.enabled=true
-  #       external: 5000
+      - xpack.security.transport.ssl.verification_mode=certificate
-  #   environment:
+      - xpack.security.transport.ssl.key=certs/elasticsearch.key
-  #     - PUID=1000
+      - xpack.security.transport.ssl.certificate=certs/elasticsearch.crt
-  #     - PGID=1000
+      - xpack.security.transport.ssl.certificate_authorities=certs/ca.crt
-  #     - TZ=Europe/Berlin
+  - name: kibana
-  #     - DOCKER_MODS=linuxserver/mods:universal-calibre
+    vm:
-  # - name: grafana
+      - docker-host01
-  #   vm:
+    container_name: kibana
-  #   container_name: grafana
+    image: "docker.elastic.co/kibana/kibana:{{ elk_version }}"
-  #   image: grafana/grafana-oss
+    restart: unless-stopped
-  #   restart: unless-stopped
+    ports:
-  #   volumes:
+      - name: "http"
-  #     - name: "Configuration"
+        internal: 5601
-  #       internal: /etc/grafana/
+        external: 5601
-  #       external: /opt/docker/config/grafana/config/
+    volumes:
-  #     - name: "Data"
+      - name: "certs"
-  #       internal: /var/lib/grafana/
+        internal: /usr/share/kibana/config/certs
-  #       external: /media/docker/data/grafana/
+        external: "{{ docker.directories.config }}/elk/certs/"
-  #   ports:
+    environment:
-  #   environment:
+      - ELASTICSEARCH_HOSTS=["https://elasticsearch:9200"]
-  #     - PUID=472
+      - ELASTICSEARCH_USERNAME=kibana_system
-  #     - PGID=472
+      - ELASTICSEARCH_PASSWORD={{ vault.docker.elk.elastic.password }}
-  #     - TZ=Europe/Berlin
+      - SERVER_SSL_ENABLED=true
-  # - name: prometheus
+      - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/certs/kibana.crt
-  #   vm:
+      - SERVER_SSL_KEY=/usr/share/kibana/config/certs/kibana.key
  #     - docker-host00
  #   container_name: prometheus
  #   image: prom/prometheus
  #   restart: unless-stopped
  #   volumes:
  #     - name: "Configuration"
  #       internal: /etc/prometheus/
  #       external: /opt/docker/config/prometheus/
  #     - name: "Data"
  #       internal: /prometheus/
  #       external: prometheus_data
  #   ports:
  #     - name: "http"
  #       internal: 5000
  #       external: 5000
  #   environment:
  #     - PUID=65534
  #     - PGID=65534
  #     - TZ=Europe/Berlin
--- a/inventory/production
+++ b/inventory/production
@@ -51,5 +51,8 @@ docker-host[00:02]
 [docker_lb]
 docker-lb
 [local]
 localhost ansible_connection=local
 [vm:vars]
 ansible_ssh_common_args='-o ProxyCommand="ssh -p 22 -W %h:%p -q aya01"'
--- a/inventory/test
+++ b/inventory/test
@@ -0,0 +1,2 @@
 [local]
 test ansible_connection=local ansible_become_pass=vagrant
--- a/playbooks/ubuntu.yml
+++ b/playbooks/ubuntu.yml
@@ -0,0 +1,5 @@
 - name: Provision Local Ubuntu Machine
  hosts: local
  gather_facts: true
  roles:
    - ubuntu
--- a/roles/ubuntu/tasks/apt.yml
+++ b/roles/ubuntu/tasks/apt.yml
@@ -0,0 +1,16 @@
 ---
 - name: Install dependencies
  ansible.builtin.apt:
    name: "{{ apt_dependencies }}"
    state: present
    update_cache: true
  become: true
 - name: Install tools
  ansible.builtin.apt:
    name: "{{ apt_tools }}"
    state: present
  become: true
 - name: Update tldr database
  ansible.builtin.command: tldr --update
--- a/roles/ubuntu/tasks/curl.yml
+++ b/roles/ubuntu/tasks/curl.yml
@@ -0,0 +1,19 @@
 ---
 - name: Install starship
  ansible.builtin.shell: set -o pipefail && curl -fsSL https://starship.rs/install.sh | sh -s -- --yes
  args:
    executable: /usr/bin/bash
    creates: "{{ ansible_env.HOME }}/.config/starship.toml"
 - name: Install Pacstall
  ansible.builtin.shell: yes | bash -c "$(curl -fsSL https://pacstall.dev/q/install)"
  args:
    executable: /usr/bin/bash
    creates: /usr/local/bin/pacstall
  become: true
 - name: Install atuin
  ansible.builtin.shell: set -o pipefail && curl -fsSL https://setup.atuin.sh | sh -s -- --yes
  args:
    executable: /usr/bin/bash
    creates: "{{ ansible_env.HOME }}/.config/atuin"
--- a/roles/ubuntu/tasks/docker.yml
+++ b/roles/ubuntu/tasks/docker.yml
@@ -0,0 +1,51 @@
 ---
 - name: Update cache
  ansible.builtin.apt:
    update_cache: true
  become: true
 - name: Install dependencies for apt to use repositories over HTTPS
  ansible.builtin.apt:
    name:
      - ca-certificates
      - curl
      - gnupg
      - lsb-release
    state: present
  become: true
 - name: Add Docker apt key.
  ansible.builtin.get_url:
    url: "{{ docker.url }}/{{ ansible_distribution | lower }}/gpg"
    dest: /etc/apt/trusted.gpg.d/docker.asc
    mode: "0664"
    force: true
  become: true
 - name: Add Docker repository.
  ansible.builtin.apt_repository:
    repo: "deb [arch={{ aarch }}] {{ docker.url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker.apt_release_channel }}"
    state: present
  become: true
 - name: Update cache
  ansible.builtin.apt:
    update_cache: true
  become: true
 - name: Install Docker Engine, containerd, and Docker Compose.
  ansible.builtin.apt:
    name:
      - docker-ce
      - docker-ce-cli
      - docker-compose-plugin
      - containerd.io
    state: present
  become: true
 - name: Add current user to docker group
  ansible.builtin.user:
    name: "{{ ansible_user_id }}"
    groups: docker
    append: true
  become: true
--- a/roles/ubuntu/tasks/fira_code_fonts.yml
+++ b/roles/ubuntu/tasks/fira_code_fonts.yml
@@ -0,0 +1,26 @@
 ---
 - name: Create fonts directory
  ansible.builtin.file:
    path: "{{ ansible_env.HOME }}/.fonts"
    state: directory
    mode: "0755"
 - name: Download FiraCode Nerd Font zip
  ansible.builtin.get_url:
    url: https://github.com/ryanoasis/nerd-fonts/releases/download/v3.3.0/FiraMono.zip
    dest: "/tmp/FiraMono.zip"
    mode: "0600"
 - name: Extract FiraCode from zip
  ansible.builtin.unarchive:
    src: "/tmp/FiraMono.zip"
    dest: "{{ ansible_env.HOME }}/.fonts"
    remote_src: true
 - name: Remove FiraMono.zip
  ansible.builtin.file:
    path: "/tmp/FiraMono.zip"
    state: absent
 - name: Refresh font cache
  ansible.builtin.shell: fc-cache -fv
--- a/roles/ubuntu/tasks/git_deb.yml
+++ b/roles/ubuntu/tasks/git_deb.yml
@@ -0,0 +1,35 @@
 ---
 - name: "Get latest version: {{ project.name }}"
  ansible.builtin.shell: |
    set -o pipefail && curl -s "https://api.github.com/repos/{{ project.repo }}/releases/latest" |
    grep -Po '"tag_name": *"(VeraCrypt_|v)?\K[^"]*'
  args:
    executable: /usr/bin/bash
  register: project_version
  changed_when: false
  when: (project.repo | length > 0) and not item.skip
 - name: "Set version: {{ project_version }}"
  ansible.builtin.set_fact:
    project_version: "{{ project_version.stdout }}"
  when: (project.repo | length > 0)  and not item.skip
 - name: "Download deb: {{ project.name }}"
  ansible.builtin.get_url:
    url: "{{ project.url | replace(project_version_placeholder, project_version) }}"
    dest: "/tmp/{{ project.name }}.deb"
    mode: "0666"
  when: not item.skip
 - name: Install {{ project.name }}
  ansible.builtin.apt:
    deb: "/tmp/{{ project.name }}.deb"
    state: present
  become: true
  when: not item.skip
 - name: Remove deb
  ansible.builtin.file:
    path: "/tmp/{{ project.name }}.deb"
    state: absent
  when: not item.skip
--- a/roles/ubuntu/tasks/github_releases.yml
+++ b/roles/ubuntu/tasks/github_releases.yml
@@ -0,0 +1,43 @@
 ---
 - name: "Get latest version: {{ project.name }}"
  ansible.builtin.shell: |
    set -o pipefail && curl -s "https://api.github.com/repos/{{ project.repo }}/releases/latest" |
    grep -Po '"tag_name": *"v?\K[^"]*'
  args:
    executable: /usr/bin/bash
  register: project_version
  changed_when: false
 - name: "Set version: {{ project_version }}"
  ansible.builtin.set_fact:
    project_version: "{{ project_version.stdout }}"
 - name: "Download: {{ project.name }}"
  ansible.builtin.get_url:
    url: "https://github.com/{{ project.repo }}/releases/download/v{{ project_version }}/{{ project.name }}_{{ project_version }}_Linux_x86_64.tar.gz"
    dest: "/tmp/{{ project.name }}.tar.gz"
    mode: "0666"
 - name: "Extract binary: {{ project.name }}"
  ansible.builtin.unarchive:
    src: "/tmp/{{ project.name }}.tar.gz"
    dest: "/tmp"
    creates: "/tmp/{{ project.name }}"
    remote_src: true
 - name: "Install: {{ project.name }}"
  ansible.builtin.copy:
    src: "/tmp/{{ project.name }}"
    dest: "/usr/local/bin/{{ project.name }}"
    mode: "0755"
  become: true
 - name: Remove tar.gz and binary
  ansible.builtin.file:
    path: "{{ loop_file_name }}"
    state: absent
  loop:
    - "/tmp/{{ project.name }}.tar.gz"
    - "/tmp/{{ project.name }}"
  loop_control:
    loop_var: loop_file_name
--- a/roles/ubuntu/tasks/hashicorp_vagrant.yml
+++ b/roles/ubuntu/tasks/hashicorp_vagrant.yml
@@ -0,0 +1,45 @@
 ---
 - name: Download Hashicorp GPG key
  ansible.builtin.get_url:
    url: https://apt.releases.hashicorp.com/gpg
    dest: /tmp/hashicorp_gpg
    mode: "0644"
  register: hashicorp_gpg_download
 - name: Dearmor Hashicorp GPG key
  ansible.builtin.command:
    cmd: gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg /tmp/hashicorp_gpg
  args:
    creates: /usr/share/keyrings/hashicorp-archive-keyring.gpg
  when: hashicorp_gpg_download.changed
  become: true
 - name: Remove temporary Hashicorp GPG key file
  ansible.builtin.file:
    path: /tmp/hashicorp_gpg
    state: absent
  when: hashicorp_gpg_download.changed
 - name: Add Hashicorp APT repository
  ansible.builtin.apt_repository:
    repo: "deb [arch={{ ansible_architecture }} signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com {{ ansible_lsb.codename }} main"
    filename: hashicorp
    state: present
  vars:
    ansible_lsb:
      codename: "{{ ansible_facts['lsb']['codename'] }}"
    ansible_architecture: "{{ ansible_facts['architecture'] }}"
  when: hashicorp_gpg_download.changed
  become: true
 - name: Update apt cache after adding Hashicorp repository
  ansible.builtin.apt:
    update_cache: true
    cache_valid_time: 3600 # Cache validity in seconds
  become: true
 - name: Install Vagrant
  ansible.builtin.apt:
    name: vagrant
    state: present
  become: true
--- a/roles/ubuntu/tasks/ledger_cli.yml
+++ b/roles/ubuntu/tasks/ledger_cli.yml
@@ -0,0 +1,40 @@
 ---
 - name: Clone Ledger repository
  ansible.builtin.git:
    repo: "{{ ledger_repo }}"
    dest: "{{ ledger_clone_dir }}"
    version: master
    update: true
  register: git_clone
  become: true
 - name: Run acprep update to configure and build Ledger
  ansible.builtin.command: ./acprep update
  args:
    chdir: "{{ ledger_clone_dir }}"
  when: git_clone.changed
  become: true
 - name: Move the built ledger binary to /usr/bin
  ansible.builtin.copy:
    src: "{{ ledger_clone_dir }}/ledger"
    dest: "{{ ledger_binary_path }}"
    mode: "0755"
    force: true
  become: true
 - name: Ensure the ledger binary is executable
  ansible.builtin.file:
    path: "{{ ledger_binary_path }}"
    mode: "0755"
    state: file
  become: true
 - name: Verify Ledger installation
  ansible.builtin.command: ledger --version
  register: ledger_version
  changed_when: false
 - name: Display Ledger version
  ansible.builtin.debug:
    msg: "Ledger version installed: {{ ledger_version.stdout }}"
--- a/roles/ubuntu/tasks/main.yml
+++ b/roles/ubuntu/tasks/main.yml
@@ -0,0 +1,33 @@
 ---
 - name: Install apt packages
  ansible.builtin.import_tasks: apt.yml
 - name: Install snap packages
  ansible.builtin.import_tasks: snap.yml
 - name: Curl Installations
  ansible.builtin.import_tasks: curl.yml
 - name: Github .deb installations
  ansible.builtin.include_tasks: git_deb.yml
  vars:
    project: "{{ item }}"
  loop: "{{ github_deb }}"
 - name: "Install {{ item }}"
  ansible.builtin.include_tasks: github_releases.yml
  vars:
    project: "{{ item }}"
  loop: "{{ github_releases }}"
 - name: Install nvim
  ansible.builtin.import_tasks: nvim.yml
 - name: Install Rust
  ansible.builtin.import_tasks: rust.yml
 - name: Install ledger
  ansible.builtin.import_tasks: ledger_cli.yml
 - name: Install FiraCode
  ansible.builtin.import_tasks: fira_code_fonts.yml
 - name: Remove Ubuntu Pro Banner
  ansible.builtin.import_tasks: remove_ubuntu_banner.yml
 - name: Install ProtonVPN
  ansible.builtin.import_tasks: protonvpn.yml
 - name: Install Docker
  ansible.builtin.import_tasks: docker.yml
 - name: Install Vagrant
  ansible.builtin.import_tasks: hashicorp_vagrant.yml
--- a/roles/ubuntu/tasks/nvim.yml
+++ b/roles/ubuntu/tasks/nvim.yml
@@ -0,0 +1,25 @@
 ---
 - name: Check if Neovim config directory already exists
  ansible.builtin.stat:
    path: "{{ nvim_config_path }}"
  register: nvim_config
 - name: Clone LazyVim starter to Neovim config directory
  ansible.builtin.git:
    repo: https://github.com/LazyVim/starter
    dest: "{{ nvim_config_path }}"
    clone: true
    update: false
  when: not nvim_config.stat.exists
 - name: Remove .git directory from Neovim config
  ansible.builtin.file:
    path: "{{ nvim_config_path }}/.git"
    state: absent
  when: not nvim_config.stat.exists
 - name: Install neovim npm package globally
  community.general.npm:
    name: neovim
    global: true
  become: true
--- a/roles/ubuntu/tasks/protonvpn.yml
+++ b/roles/ubuntu/tasks/protonvpn.yml
@@ -0,0 +1,36 @@
 ---
 - name: Download ProtonVPN release deb
  ansible.builtin.get_url:
    url: https://repo.protonvpn.com/debian/dists/stable/main/binary-all/protonvpn-stable-release_1.0.6_all.deb
    dest: "/tmp/protonvpn-stable-release_1.0.6_all.deb"
 - name: Verify ProtonVPN deb checksum
  ansible.builtin.shell: echo "e5e03976d0980bafdf07da2f71b14fbc883c091e72b16772199742c98473002f /tmp/protonvpn-stable-release_1.0.6_all.deb" | sha256sum --check -
  register: checksum_result
  failed_when: "'FAILED' in checksum_result.stdout"
 - name: Install ProtonVPN release package
  ansible.builtin.apt:
    deb: "/tmp/protonvpn-stable-release_1.0.6_all.deb"
    state: present
  become: true
 - name: Update apt cache after ProtonVPN repo added
  ansible.builtin.apt:
    update_cache: true
  become: true
 - name: Install ProtonVPN GNOME desktop
  ansible.builtin.apt:
    name:
      - proton-vpn-gnome-desktop
      - libayatana-appindicator3-1
      - gir1.2-ayatanaappindicator3-0.1
      - gnome-shell-extension-appindicator
    state: present
  become: true
 - name: Remove ProtonVPN release deb
  ansible.builtin.file:
    path: "/tmp/protonvpn-stable-release_1.0.6_all.deb"
    state: absent
--- a/roles/ubuntu/tasks/remove_ubuntu_banner.yml
+++ b/roles/ubuntu/tasks/remove_ubuntu_banner.yml
@@ -0,0 +1,18 @@
 ---
 - name: Backup Ubuntu Pro banner configuration
  ansible.builtin.command: mv /etc/apt/apt.conf.d/20apt-esm-hook.conf /etc/apt/apt.conf.d/20apt-esm-hook.conf.bak
  args:
    removes: /etc/apt/apt.conf.d/20apt-esm-hook.conf
  become: true
 - name: Create empty Ubuntu Pro banner configuration
  ansible.builtin.file:
    path: /etc/apt/apt.conf.d/20apt-esm-hook.conf
    state: touch
    mode: "0600"
  become: true
 - name: Update apt cache
  ansible.builtin.apt:
    update_cache: true
  become: true
--- a/roles/ubuntu/tasks/rust.yml
+++ b/roles/ubuntu/tasks/rust.yml
@@ -0,0 +1,17 @@
 ---
 - name: Install Rust (via rustup)
  ansible.builtin.shell: set -o pipefail && curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
  args:
    executable: /usr/bin/bash
    creates: "{{ ansible_env.HOME }}/.cargo/bin/rustc"
 - name: Install bininstall
  ansible.builtin.shell: set -o pipefail && curl -L --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh | bash
  args:
    executable: /usr/bin/bash
 - name: Install dioxus-cli
  ansible.builtin.shell: set -o pipefail && yes | cargo binstall dioxus-cli
  args:
    executable: /usr/bin/bash
  ignore_errors: true
--- a/roles/ubuntu/tasks/snap.yml
+++ b/roles/ubuntu/tasks/snap.yml
@@ -0,0 +1,8 @@
 ---
 - name: Install snap packages
  community.general.snap:
    name: "{{ item.name }}"
    classic: "{{ item.classic }}"
    state: present
  become: true
  loop: "{{ snap_tools }}"
--- a/roles/ubuntu/vars/main.yml
+++ b/roles/ubuntu/vars/main.yml
@@ -0,0 +1,118 @@
 apt_dependencies:
  - ansible
  - bat
  - build-essential
  - cmake
  - curl
  - doxygen
  - eza
  - fd-find
  - file
  - fzf
  - gcc
  - gettext
  - git
  - libarchive-tools
  - libayatana-appindicator3-dev
  - libboost-date-time-dev
  - libboost-dev
  - libboost-filesystem-dev
  - libboost-iostreams-dev
  - libboost-python-dev
  - libboost-regex-dev
  - libboost-system-dev
  - libboost-test-dev
  - libclang-dev
  - libedit-dev
  - libgmp3-dev
  - libmpfr-dev
  - librsvg2-dev
  - libssl-dev
  - libwebkit2gtk-4.1-dev
  - libxdo-dev
  - luarocks
  - npm
  - python3-dev
  - python3-ipykernel
  - python3-pip
  - python3-venv
  - texinfo
  - tzdata
  - v4l2loopback-dkms
  - wget
  - xsel
 apt_tools:
  - default-jdk
  - audacity
  - keepassxc
  - obs-studio
  - p7zip
  - pkg-config
  - ranger
  - tealdeer
  - texlive-full
  - virtualbox
  - wireguard-tools
  - yt-dlp
  - zsh
 snap_tools:
  - name: "bottom"
    classic: false
  - name: "winbox"
    classic: false
  - name: "signal-desktop"
    classic: false
  - name: "nvim"
    classic: true
  - name: "zellij"
    classic: true
  - name: "jupyterlab-desktop"
    classic: true
  - name: "intellij-idea-community"
    classic: true
  - name: "dive"
    classic: false
 nvim_config_path: "~/.config/nvim"
 ledger_repo: "https://github.com/ledger/ledger.git"
 ledger_clone_dir: "/opt/ledger"
 ledger_binary_path: "/usr/bin/ledger"
 docker:
  url: "https://download.docker.com/linux"
  apt_release_channel: "stable"
 aarch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
 github_releases:
  - name: lazygit
    repo: jesseduffield/lazygit
  - name: lazydocker
    repo: jesseduffield/lazydocker
 project_version_placeholder: "<VERSION_PLACEHOLDER>"
 github_deb:
  - name: delta
    repo: dandavison/delta
    url: https://github.com/dandavison/delta/releases/download/{{ project_version_placeholder }}/git-delta_{{ project_version_placeholder }}_{{ aarch }}.deb
    skip: false
  - name: eurkey
    repo: ""
    url: https://eurkey.steffen.bruentjen.eu/download/debian/eurkey.deb
    skip: false
  - name: ripgrep
    repo: BurntSushi/ripgrep
    url: https://github.com/BurntSushi/ripgrep/releases/download/{{ project_version_placeholder }}/ripgrep_{{ project_version_placeholder }}-1_{{ aarch }}.deb
    skip: false
  - name: veracrypt
    repo: veracrypt/Veracrypt
    url: https://github.com/veracrypt/VeraCrypt/releases/download/VeraCrypt_{{ project_version_placeholder }}/veracrypt-{{ project_version_placeholder }}-{{ ansible_distribution }}-{{ ansible_distribution_version }}-{{ aarch }}.deb
    skip: true
  - name: ghostty
    repo: mkasberg/ghostty-ubuntu
    url: https://github.com/mkasberg/ghostty-ubuntu/releases/download/{{ project_version_placeholder }}/ghostty_{{ project_version_placeholder }}_{{ aarch }}_{{ ansible_distribution_version }}.deb
    skip: true
Author	SHA1	Message	Date
Tuan-Dat Tran	27a002d608	fix(ubuntu): Fixed pipefile sets (wip) Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>	2025-03-16 11:16:43 +01:00
Tuan-Dat Tran	bb8a4560e5	feat(ubuntu): Added jdk) Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>	2025-02-18 08:04:49 +01:00
Tuan-Dat Tran	39a2925bcd	feat(ubuntu): Refactor package installation, streamline GitHub deb installs - Added 'become_password_file' to 'ansible.cfg' for privilege escalation handling. - Removed separate installation tasks for 'atuin', 'eurkey', 'ghostty', 'git-delta', 'ripgrep', 'starship', 'veracrypt', and 'pacstall', consolidating them into 'curl.yml' and 'git_deb.yml'. - Introduced 'git_deb.yml' for handling GitHub '.deb' installations dynamically using 'github_deb' variable. - Improved error handling and pipe safety in curl-based installations ('set -o pipefail'). - Set proper permissions ('mode: 0600') for downloaded files in 'remove_ubuntu_banner.yml' and 'fira_code_fonts.yml'. - Refactored 'github_releases.yml' to allow optional 'v' prefix handling in 'tag_name'. - Updated 'main.yml' to remove redundant installations and streamline execution. - Defined 'github_deb' list in 'vars/main.yml' to manage '.deb' package downloads dynamically. These changes enhance maintainability, reduce redundancy, and improve package installation flexibility. Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>	2025-02-17 18:19:08 +01:00
Tuan-Dat Tran	f4a322ed5d	feat(ubuntu): Install github releases dynamically Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>	2025-02-12 23:35:02 +01:00
Tuan-Dat Tran	6dc7e5ac27	Added ubuntu setup Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>	2025-02-10 21:33:40 +01:00
Tuan-Dat Tran	09bbc04959	feat(docker): Added elasticsearch and kibana, need ssl cert and logstash Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>	2025-02-07 09:39:48 +01:00
		`@@ -0,0 +1,2 @@`
							`[local]`
							`test ansible_connection=local ansible_become_pass=vagrant`