update workstation, add personalstation (#6)

* update become handling, add workstation / playstation roles

* add default cfg, rename to personalstation,

* cleanup default packages, clean settings

* update readme

---------

Co-authored-by: Carlos Sousa <me@carlossousa.tech>

ansible/10_scripts/target_system_personalstation.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+# Asks you for the user password
+#ansible-playbook -i ../inventory ../playbook.yml -e "target_system=personalstation" --ask-become-pass
+
+# Runs from the encrypted variables
+ansible-playbook -i ../inventory ../playbook.yml -e "target_system=personalstation" --vault-password-file ../encrypted_vars/vault_password.txt

ansible/README.md

@@ -1,51 +1,90 @@
 # Usage
 - make a copy of the `all.yml.sample` into `all.yml` (and any other role you might want)
-  - a quick starting point is by looking for `REPLACE_THIS_`
 - adapt as needed
+  - a quick starting point is by looking for `REPLACE_THIS_` and which packages you (don't) want 
 - run the playbook
+  - check `10_scripts` for a bootstrap script on using them
+
+***
 
 # ToDo
 Tip: Search for `[:TODO:]` or `[:FIX:]` for quicker tasks
 
-## Alpha
-1. Configure HTPC: Kodi
-2. Configure HTPC: RetroArch
+- Add "vps" role to ansible playbooks 
 
-## MVP Stage
-1. Add External Software to "personal" playbook (vscodium, brave)
-2. Change Power Settings (increase time until Power Saver)
-3. ~~Fix gnome tweak not being applied to the user correctly~~
 
+***
+
+# Files and Directories
+**10_scripts/** : bash scripts to help bootstrap or helping reminding how to run the playbooks
+
+**group_vars/**: This directory is variables that will be applied on every system are present
+
+**roles/** : where the roles are defined. Each system has the "common" role and then one or more extra roles applied to it
+
+**ansible.cfg**: Configuration settings for Ansible goes here.
+
+**inventory**: This is the inventory file.
+
+**playbook**: The main playbook to be used when running it against a system
+
+
+***
 
 # Adapting the Playbook for yourself
 
 ## Select Specific Roles
-- htpc
-  - used for HTPC setup 
+- htpc : used for HTPC setups, has autologin, remote control support, etc
+- personalstation : steam, music, photo editing, etc
+- workstation : development work, including VMs via KVM / QEMU, docker, vscodium, etc
+- ~~vps : not yet implemented~~ 
+- make your own :)
   
-- workstation
-  
-- vps
 
-### Variables used
-[:TODO:] Document Variables Used (roles: common, htpc, workstation)
+## Variables used for roles
 
-- apt_cache_valid_time
+### all
+| Variable                         | Description                                                           | Default |
+| -------------------------------- | --------------------------------------------------------------------- | ------- |
+| apt_cache_valid_time             | Sets how long is the cache valid for the apt updates                  | 3600    |
+| update_packages                  | Sets if the packages should be checked for new versions               | true    |
+| upgrade_packages                 | Sets if the packages should be upgraded if a new version is available | true    |
+| install_security_updates         | Sets if security updates should be installed                          | true    |
+| common_users                     |                                                                       |         |
+| flatpak_common_remotes           | Array describing which flatpak remote url should be configured        |         |
+| software_packages_common_present | Sets which apt packages should be present / installed on the system   |         |
+| software_pip_common_present      | Sets which pip packages should be present / installed on the system   |         |
 
-- update_packages
+### htpc
+| Variable                       | Description                                                                                       | Default   |
+| ------------------------------ | ------------------------------------------------------------------------------------------------- | --------- |
+| software_packages_htpc_present | Which apt packages should be present                                                              |           |
+| flatpak_packages_htpc_present  | Which flatpaks should be present on the system                                                    |           |
+| htpc_main_user                 | the main user for the HTPC sytem. Auto login, auto start and other settings will be applied to it | htpc_user |
+| htpc_main_user_password        | the main user password for the system                                                             |           |
+| htpc_shared_directories        | which directories should be created (and shared) for the htpc system users                        |           |
+| htpc_groups_present            | which groups should be present                                                                    | htpc      |
+| htpc_users_present             | which users should be present in each group                                                       |           |
 
-- upgrade_packages
 
-- install_security_updates
+### workstation
+| Variable                              | Description                                                                                   | Default |
+| ------------------------------------- | --------------------------------------------------------------------------------------------- | ------- |
+| software_packages_workstation_present | which packages should be present on the system                                                |         |
+| flatpak_packages_workstation_present  | which flatpaks should be present on the system                                                |         |
+| install_XXXXX                         | If the package should be installed. Used in software that comes from third party repositories |         |
 
-- flatpak_packages_workstation_present
 
-- software_packages_common_present
+### personalstation
+| Variable                       | Description                                                                                       | Default |
+| Variable                              | Description                                    | Default |
+| ------------------------------------- | ---------------------------------------------- | ------- |
+| software_packages_personalstation_present | which packages should be present on the system |         |
+| flapatk_packages_personalstation_present  | which flatpaks should be present on the system |         |
 
-- software_packages_htpc_present
-
-- software_packages_workstation_present
 
 
 ## Used Tags
-[:TODO:] Expand and Document Tags
+[:TODO:] Expand and Document Tags
+
+

ansible/ansible.cfg

@@ -0,0 +1,4 @@
+[defaults]
+inventory = inventory
+log_path = /var/log/ansible.log
+retry_files_enabled = False

ansible/group_vars/all.yml.sample

@@ -36,6 +36,7 @@ software_packages_common_present:
   - vim
   - vlc
   - wget
+  - zsh
 
 
 software_pip_common_present:

ansible/group_vars/htpc.yml.sample

@@ -1,8 +1,3 @@
-# Server system variables
-update_packages: true
-upgrade_packages: true
-install_security_updates: true
-
 software_packages_htpc_present:
   - btop
 
@@ -15,7 +10,6 @@ flatpak_packages_htpc_present:
 
 htpc_main_user: htpc_user
 htpc_main_user_password: htpc
-htpc_shared_directory_group: htpc
 
 htpc_shared_directories:
   - /home/shared/media

ansible/group_vars/personalstation.yml.sample

@@ -0,0 +1,10 @@
+software_packages_personalstation_present:
+  - steam
+  - rclone
+  - rclone-browser
+  - clementine
+
+
+flatpak_packages_personalstation_present:
+  - name: org.darktable.Darktable
+    remote: flathub

ansible/group_vars/workstation.yml.sample

@@ -1,33 +1,22 @@
-# Personal system variables
-update_packages: true
-upgrade_packages: true
-install_security_updates: true
-
-
-run_workstation_tasks: true
-
 software_packages_workstation_present:
   - bridge-utils
-  - clementine
   - docker
   - docker-compose
   - keepassxc
   - nmap
   - qemu-kvm
-  - rclone
-  - rclone-browser
-  - steam
   - ubuntu-restricted-extras
   - virt-manager
-  - zsh
-
-
-
 
 flatpak_packages_workstation_present:
+  - name: com.vscodium.codium
+    remote: flathub
   - name: com.jgraph.drawio.desktop
     remote: flathub
   - name: org.gimp.GIMP
     remote: flathub
-  - name: org.gimp.GIMP.Plugin.GMic
-    remote: flathub
+  - name: org.gimp.GIMP.Plugin.GMic/x86_64/2-40
+    remote: flathub
+
+# external repository software
+install_brave: true

ansible/playbook.yml

@@ -1,16 +1,48 @@
 ---
-- hosts: local
-  become: yes
-  vars:
-    ansible_become_username: "{{ become_username }}"
-    ansible_become_pass: "{{ become_password }}"
+- hosts: all
+  become: true
 
   vars_files:
-   - group_vars/{{ target_system }}.yml
-   - encrypted_vars/encrypted_vars.yml
+    - group_vars/{{ target_system }}.yml
   
-  roles:
-    - common
-    - { role: htpc, when target_system == 'htpc'}
-    
-  
+  pre_tasks:
+    - name: pre-task | check if encrypted_vars.yml is present
+      stat:
+        path: encrypted_vars/encrypted_vars.yml
+      register: encrypted_vars_file
+
+    - name: pre-task | include encrypted_vars.yml if it exists
+      include_vars:
+        file: encrypted_vars/encrypted_vars.yml
+      when: encrypted_vars_file.stat.exists
+
+    - name: pre-task | set become variables if encrypted_vars.yml exists
+      set_fact:
+        ansible_become_username: "{{ become_username }}"
+        ansible_become_pass: "{{ become_password }}"
+      when: encrypted_vars_file.stat.exists
+
+
+
+- hosts: all
+  become: true
+
+  tasks:
+    - name: run common role
+      include_role:
+        name: common
+
+    - name: include htpc role
+      include_role:
+        name: htpc
+      when: target_system == 'htpc'
+
+    - name: include workstation role
+      include_role:
+        name: workstation
+      when: target_system == 'workstation'
+
+    - name: include personalstation role
+      include_role:
+        name: personalstation
+      when: target_system == 'personalstation'

ansible/roles/common/tasks/main.yml

@@ -1,17 +1,16 @@
 
-- block:
-  # common dependencies and updates
-  - import_tasks: software/flatpak_setup.yml
-  - import_tasks: software/packages_update.yml
+# common dependencies and updates
+- include_tasks: software/flatpak_setup.yml
+- include_tasks: software/packages_update.yml
 
-  # Common package installation
-  - import_tasks: software/packages_apt.yml
-  - import_tasks: software/packages_pip.yml
+# Common package installation
+- include_tasks: software/packages_apt.yml
+- include_tasks: software/packages_pip.yml
 
-  # Common system setup tasks
-  - import_tasks: system_setup/security_updates.yml
-  - import_tasks: system_setup/gsettings.yml
+# Common system setup tasks
+- include_tasks: system_setup/security_updates.yml
+- include_tasks: system_setup/gsettings.yml
 
-  # Common apt cleanup tasks
-  - import_tasks: system_setup/apt_cleanup.yml
+# Common apt cleanup tasks
+- include_tasks: system_setup/apt_cleanup.yml
 

ansible/roles/personalstation/main.yml

@@ -0,0 +1,3 @@
+# Install workstation specific software
+- include_tasks: software/packages_flatpak.yml
+- include_tasks: software/packages_apt.yml

ansible/roles/personalstation/tasks/packages_apt.yml

@@ -0,0 +1,6 @@
+- name: personalstation setup | install software packages
+  apt:
+    name: "{{ software_packages_personalstation_present }}"
+    state: present
+  when: software_packages_personalstation_present is defined
+  tags: personalstation, software

ansible/roles/personalstation/tasks/packages_flatpak.yml

@@ -0,0 +1,8 @@
+- name: personalstation setup | Install Flatpak Apps
+  flatpak:
+    name: "{{ item.name }}"
+    remote: "{{ item.remote }}"
+    state: present
+  loop: "{{ flatpak_packages_personalstation_present }}"
+  when: flatpak_packages_personalstation_present is defined
+  tags: common, software

ansible/roles/workstation/tasks/main.yml

@@ -1,3 +1,9 @@
+# Install external repositories software
+- include_tasks: software/brave_browser.yml
+  when:
+    - install_brave is defined
+    - install_brave == true
+
 # Install workstation specific software
-- import_tasks: software/flatpak.yml
-- import_tasks: software/packages.yml
+- include_tasks: software/flatpak.yml
+- include_tasks: software/packages.yml

ansible/roles/workstation/tasks/software/brave_browser.yml

@@ -0,0 +1,18 @@
+- name: workstation setup | download Brave Browser GPG Key
+  get_url:
+    url: https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
+    dest: /usr/share/keyrings/brave-browser-archive-keyring.gpg
+    mode: '0644'
+
+- name: workstation setup | add Brave repository
+  ansible.builtin.shell: |
+        echo "deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg] https://brave-browser-apt-release.s3.brave.com/ stable main" | tee /etc/apt/sources.list.d/brave-browser-release.list
+
+- name: workstation setup | update apt cache due to Brave
+  apt:
+    update_cache: yes
+
+- name: workstation setup | install Brave Browser
+  apt:
+    name: brave-browser
+    state: present

ansible/roles/workstation/tasks/software/flatpak.yml

@@ -1,8 +1,8 @@
-- name: Install Flatpak Apps
+- name: workstation setup | Install Flatpak Apps
   flatpak:
     name: "{{ item.name }}"
     remote: "{{ item.remote }}"
     state: present
   loop: "{{ flatpak_packages_workstation_present }}"
-  when: item.name is defined
+  when: flatpak_packages_workstation_present is defined
   tags: common, software

ansible/roles/workstation/tasks/software/packages.yml

@@ -1,4 +1,4 @@
-- name: Install desired Workstation software packages
+- name: workstation setup | install software packages
   apt:
     name: "{{ software_packages_workstation_present }}"
     state: present