ynerant/templier-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Explicit permissions

Browse Source 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
This commit is contained in:
Yohann D'ANELLO 2021-03-18 00:25:44 +01:00
parent b0d8cdaf72
commit 57b83cb58e
Signed by: ynerant
GPG Key ID: 3A75C55819C8CF85
24 changed files with 121 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
group_vars/all.yml
View File

@ -20,7 +20,7 @@ ansible_header: |
pass: pass:
upstream: 'ssh://git@git.ynerant.fr:2222/ynerant/pass' upstream: 'ssh://git@git.ynerant.fr:2222/ynerant/pass.git'
dest: '.password-store/' dest: '.password-store/'
cliutils: cliutils:

1
roles/audio/tasks/main.yml
View File

@ -9,4 +9,3 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes

10
roles/cli-utils/tasks/main.yml
View File

@ -13,24 +13,30 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes
when: user.root
- name: Create directory hierarchy - name: Create directory hierarchy
file: file:
path: '.config/{{ item }}' path: '.config/{{ item }}'
state: directory state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
with_items: with_items:
- 'git/' - 'git/'
- 'bash/' - 'bash/'
become_user: "{{ user.name }}"
- name: Deploying config files - name: Deploying config files
template: template:
src: '{{ item.src }}' src: '{{ item.src }}'
dest: '{{ item.dest }}' dest: '{{ item.dest }}'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
with_items: with_items:
- { src: bashrc.j2, dest: .bashrc } - { src: bashrc.j2, dest: .bashrc }
- { src: inputrc.j2, dest: .inputrc } - { src: inputrc.j2, dest: .inputrc }
- { src: bash_aliases.j2, dest: .config/bash/bash_aliases } - { src: bash_aliases.j2, dest: .config/bash/bash_aliases }
- { src: gitconfig.j2, dest: .config/git/config } - { src: gitconfig.j2, dest: .config/git/config }
- { src: tmux.conf.j2, dest: .tmux.conf } - { src: tmux.conf.j2, dest: .tmux.conf }
become_user: '{{ user.name }}'

3
roles/cli-utils/templates/bash_aliases.j2
View File

@ -31,9 +31,6 @@ alias gst='git status -s'
alias proxy='ssh -q -C -N -D 8080' alias proxy='ssh -q -C -N -D 8080'
alias wip='watch -c ip -c' alias wip='watch -c ip -c'
alias vi=vim
alias cat=bat
# Shortcuts to open ports # Shortcuts to open ports
alias ldap_tealc="ssh -L 1636:tealc.adm.crans.org:636 tealc.adm.crans.org" alias ldap_tealc="ssh -L 1636:tealc.adm.crans.org:636 tealc.adm.crans.org"
alias sam="ssh -L 8006:sam.adm.crans.org:8006 sam.adm.crans.org" alias sam="ssh -L 8006:sam.adm.crans.org:8006 sam.adm.crans.org"

13
roles/communication/tasks/main.yml
View File

@ -12,29 +12,40 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes
- name: Create lxappearance directory hierarchy - name: Create lxappearance directory hierarchy
file: file:
path: '{{ item }}' path: '{{ item }}'
state: directory state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700
with_items: with_items:
- '.config/gtk-3.0/' - '.config/gtk-3.0/'
- '.icons/default/' - '.icons/default/'
become_user: '{{ user.name }}'
- name: Enable dark mode for evolution - name: Enable dark mode for evolution
template: template:
src: '{{ item.src }}' src: '{{ item.src }}'
dest: '{{ item.dest }}' dest: '{{ item.dest }}'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
with_items: with_items:
- { src: 'gtkrc.j2', dest: '.gtkrc-2.0' } - { src: 'gtkrc.j2', dest: '.gtkrc-2.0' }
- { src: 'settings.ini.j2', dest: '.config/gtk-3.0/settings.ini' } - { src: 'settings.ini.j2', dest: '.config/gtk-3.0/settings.ini' }
- { src: 'index.theme.j2', dest: '.icons/default/index.theme'} - { src: 'index.theme.j2', dest: '.icons/default/index.theme'}
become_user: '{{ user.name }}'
- name: Create evolution config and cache parent directories - name: Create evolution config and cache parent directories
file: file:
path: '{{ item }}' path: '{{ item }}'
state: directory state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700
with_items: with_items:
- '.config/' - '.config/'
- '.local/share/' - '.local/share/'
become_user: '{{ user.name }}'

1
roles/communication/templates/gtkrc.j2
View File

@ -6,7 +6,6 @@
include "/home/ynerant/.gtkrc-2.0.mine" include "/home/ynerant/.gtkrc-2.0.mine"
gtk-theme-name="Adwaita-dark" gtk-theme-name="Adwaita-dark"
gtk-icon-theme-name="Adwaita" gtk-icon-theme-name="Adwaita"
gtk-font-name="Monospace 8"
gtk-cursor-theme-name="Adwaita" gtk-cursor-theme-name="Adwaita"
gtk-cursor-theme-size=0 gtk-cursor-theme-size=0
gtk-toolbar-style=GTK_TOOLBAR_TEXT gtk-toolbar-style=GTK_TOOLBAR_TEXT

1
roles/communication/templates/settings.ini.j2
View File

@ -3,7 +3,6 @@
[Settings] [Settings]
gtk-theme-name=Adwaita-dark gtk-theme-name=Adwaita-dark
gtk-icon-theme-name=Adwaita gtk-icon-theme-name=Adwaita
gtk-font-name=Monospace 8
gtk-cursor-theme-name=Adwaita gtk-cursor-theme-name=Adwaita
gtk-cursor-theme-size=0 gtk-cursor-theme-size=0
gtk-toolbar-style=GTK_TOOLBAR_TEXT gtk-toolbar-style=GTK_TOOLBAR_TEXT

2
roles/docker/tasks/main.yml
View File

@ -15,4 +15,6 @@
template: template:
src: update-motd.d/05-service.j2 src: update-motd.d/05-service.j2
dest: /etc/update-motd.d/05-docker dest: /etc/update-motd.d/05-docker
owner: root
group: root
mode: 0755 mode: 0755

9
roles/i3/tasks/main.yml
View File

@ -7,7 +7,6 @@
- i3blocks - i3blocks
- i3status - i3status
register: pkg_result register: pkg_result
become: yes
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
@ -15,14 +14,22 @@
file: file:
path: '.config/{{ item }}' path: '.config/{{ item }}'
state: directory state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
with_items: with_items:
- i3/ - i3/
- i3status/ - i3status/
become_user: '{{ user.name }}'
- name: Copy i3 configuration files - name: Copy i3 configuration files
template: template:
src: '{{ item }}.j2' src: '{{ item }}.j2'
dest: '.config/{{ item }}/config' dest: '.config/{{ item }}/config'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
with_items: with_items:
- i3 - i3
- i3status - i3status
become_user: '{{ user.name }}'

8
roles/mime/tasks/main.yml
View File

@ -12,8 +12,16 @@
file: file:
path: '.config/' path: '.config/'
state: directory state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700
become_user: '{{ user.name }}'
- name: Install default applications configuration file - name: Install default applications configuration file
template: template:
src: 'mimeapps.list.j2' src: 'mimeapps.list.j2'
dest: '.config/mimeapps.list' dest: '.config/mimeapps.list'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'

1
roles/mime/templates/mimeapps.list.j2
View File

@ -15,4 +15,3 @@ application/x-extension-xhtml=firefox.desktop
application/x-extension-xht=firefox.desktop application/x-extension-xht=firefox.desktop
application/pdf=org.pwmt.zathura.desktop application/pdf=org.pwmt.zathura.desktop

9
roles/multimedia/tasks/main.yml
View File

@ -11,20 +11,27 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes
- name: Create multimedia folder hierarchy - name: Create multimedia folder hierarchy
file: file:
path: '.config/{{ item }}' path: '.config/{{ item }}'
state: directory state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700
with_items : with_items :
- 'mpv/' - 'mpv/'
- 'zathura/' - 'zathura/'
become_user: '{{ user.name }}'
- name: Copy multimedia configuration files - name: Copy multimedia configuration files
template: template:
src: '{{ item.src }}' src: '{{ item.src }}'
dest: '.config/{{ item.dest }}' dest: '.config/{{ item.dest }}'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
with_items: with_items:
- { src: 'zathurarc.j2', dest: 'zathura/zathurarc' } - { src: 'zathurarc.j2', dest: 'zathura/zathurarc' }
- { src: 'mpv.conf.j2', dest: 'mpv/mpv.conf' } - { src: 'mpv.conf.j2', dest: 'mpv/mpv.conf' }
become_user: '{{ user.name }}'

1
roles/navigateur/tasks/main.yml
View File

@ -7,4 +7,3 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes

10
roles/notification/tasks/main.yml
View File

@ -10,15 +10,21 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes
- name: Create dunst config directory - name: Create dunst config directory
file: file:
path: '.config/dunst/' path: '.config/dunst/'
state: directory state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
become_user: '{{ user.name }}'
- name: Copy dunst configuration file - name: Copy dunst configuration file
template: template:
src: 'dunstrc.j2' src: 'dunstrc.j2'
dest: '.config/dunst/dunstrc' dest: '.config/dunst/dunstrc'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'

6
roles/ntp/tasks/main.yml
View File

@ -6,18 +6,18 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes
notify: restart ntpd.service notify: restart ntpd.service
- name: Deploy ntp configuration - name: Deploy ntp configuration
template: template:
src: 'ntp.conf.j2' src: 'ntp.conf.j2'
dest: '/etc/ntp.conf' dest: '/etc/ntp.conf'
become: yes owner: root
group: root
mode: 0644
notify: restart ntpd.service notify: restart ntpd.service
- name: Enable ntp service - name: Enable ntp service
service: service:
name: ntpd name: ntpd
enabled: yes enabled: yes
become: true

3
roles/pass/tasks/main.yml
View File

@ -8,9 +8,10 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes
- name: Clone git pass repository - name: Clone git pass repository
git: git:
repo: '{{ pass.upstream }}' repo: '{{ pass.upstream }}'
dest: '{{ pass.dest }}' dest: '{{ pass.dest }}'
umask: '0066'
become_user: '{{ user.name }}'

7
roles/scripts/tasks/main.yml
View File

@ -8,18 +8,22 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes
- name: Clone scripts git repo - name: Clone scripts git repo
git: git:
repo: '{{ scripts.git }}' repo: '{{ scripts.git }}'
dest: '.local/src/scripts' dest: '.local/src/scripts'
owner: '{{ user.name }}'
group: '{{ user.name }}'
umask: 0022
become_user: '{{ user.name }}'
- name: Find scripts - name: Find scripts
find: find:
path: '.local/src/scripts' path: '.local/src/scripts'
pattern: "*" pattern: "*"
register: scripts register: scripts
become_user: user.name
- name: Link scripts - name: Link scripts
file: file:
@ -28,3 +32,4 @@
state: link state: link
force: yes force: yes
with_items: '{{ scripts.files }}' with_items: '{{ scripts.files }}'
become_user: '{{ user.name }}'

14
roles/ssh/tasks/main.yml
View File

@ -3,27 +3,41 @@
- name: Create ssh directory - name: Create ssh directory
file: file:
path: '.ssh' path: '.ssh'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700 mode: 0700
state: directory state: directory
become_user: '{{ user.name }}'
- name: Create ssh configuration file directory - name: Create ssh configuration file directory
file: file:
path: '.ssh/config.d' path: '.ssh/config.d'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755 mode: 0755
state: directory state: directory
become_user: '{{ user.name }}'
- name: Deploying config files - name: Deploying config files
template: template:
src: 'config.d/{{ item }}.j2' src: 'config.d/{{ item }}.j2'
dest: '.ssh/config.d/{{ item }}' dest: '.ssh/config.d/{{ item }}'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
loop: loop:
- aurore - aurore
- crans - crans
- dptinfo - dptinfo
- perso - perso
- virtu - virtu
become_user: '{{ user.name }}'
- name: Include config files - name: Include config files
template: template:
src: 'config.j2' src: 'config.j2'
dest: '.ssh/config' dest: '.ssh/config'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'

3
roles/sudo/tasks/main.yml
View File

@ -4,9 +4,10 @@
template: template:
src: '{{ item.src }}.j2' src: '{{ item.src }}.j2'
dest: '/etc/{{ item.src }}' dest: '/etc/{{ item.src }}'
owner: root
group: root
mode: '{{ item.mode }}' mode: '{{ item.mode }}'
with_items: with_items:
- { src: 'sudoers', mode: '0440' } - { src: 'sudoers', mode: '0440' }
- { src: 'sudoers.lecture', mode: '0644' } - { src: 'sudoers.lecture', mode: '0644' }
become: yes

12
roles/systemd/tasks/main.yml
View File

@ -4,16 +4,22 @@
template: template:
src: 'logind.conf.j2' src: 'logind.conf.j2'
dest: '/etc/systemd/logind.conf' dest: '/etc/systemd/logind.conf'
become: yes owner: root
group: root
mode: 0644
- name: Create autologin directory on tty1 - name: Create autologin directory on tty1
file: file:
path: '/etc/systemd/system/getty@tty1.service.d' path: '/etc/systemd/system/getty@tty1.service.d'
state: directory state: directory
become: yes owner: root
group: root
mode: 0755
- name: Copy autologin template file - name: Copy autologin template file
template: template:
src: 'override.conf.j2' src: 'override.conf.j2'
dest: '/etc/systemd/system/getty@tty1.service.d/override.conf' dest: '/etc/systemd/system/getty@tty1.service.d/override.conf'
become: yes owner: root
group: root
mode: 0644

9
roles/terminal/tasks/main.yml
View File

@ -7,14 +7,21 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes
- name: Create xfce4 terminal config directory - name: Create xfce4 terminal config directory
file: file:
path: '.config/xfce4/terminal/' path: '.config/xfce4/terminal/'
state: directory state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700
become_user: '{{ user.name }}'
- name: Copy xfce4-terminal configuration file - name: Copy xfce4-terminal configuration file
template: template:
src: 'terminalrc.j2' src: 'terminalrc.j2'
dest: '.config/xfce4/terminal/terminalrc' dest: '.config/xfce4/terminal/terminalrc'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'

1
roles/texlive/tasks/main.yml
View File

@ -6,4 +6,3 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes

6
roles/vim/tasks/main.yml
View File

@ -7,10 +7,12 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes
when: user.root
- name: Deploying config files - name: Deploying config files
template: template:
src: 'vimrc.j2' src: 'vimrc.j2'
dest: '.vimrc' dest: '.vimrc'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'

28
roles/xorg/tasks/main.yml
View File

@ -19,7 +19,6 @@
register: pkg_result register: pkg_result
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
become: yes
- name: Queries package manager for graphical instalation specific to abyme installation - name: Queries package manager for graphical instalation specific to abyme installation
package: package:
@ -29,7 +28,6 @@
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
when: laptop.gpu when: laptop.gpu
become: yes
- name: Queries package manager for graphical instalation specific to abyme installation - name: Queries package manager for graphical instalation specific to abyme installation
package: package:
@ -39,46 +37,56 @@
retries: 3 retries: 3
until: pkg_result is succeeded until: pkg_result is succeeded
when: laptop.numpad when: laptop.numpad
become: yes
- name: Copy user configuration files - name: Copy user configuration files
template: template:
src: 'xinitrc.j2' src: 'xinitrc.j2'
dest: '.xinitrc' dest: '.xinitrc'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'
- name: Copy touchpad configuration - name: Copy touchpad configuration
template: template:
src: '30-touchpad.conf.j2' src: '30-touchpad.conf.j2'
dest: '/etc/X11/xorg.conf.d/30-touchpad.conf' dest: '/etc/X11/xorg.conf.d/30-touchpad.conf'
become: yes owner: root
group: root
mode: 0644
- name: Change backlight property # doing some shifty things - name: Change backlight property # doing some shifty things
file: file:
path: '/sys/class/backlight/intel_backlight/brightness' path: '/sys/class/backlight/intel_backlight/brightness'
owner: root
group: video group: video
mode: '0664' mode: '0664'
become: yes
- name: Gives user the good group - name: Gives user the good group
user: user:
name: ynerant name: '{{ user.name }}'
groups: video groups: video
append: yes append: yes
become: yes
- name: Create autorandr configuration folder - name: Create autorandr configuration folder
file: file:
path: '~/.config/autorandr' path: '~/.config/autorandr'
state: directory state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
become_user: '{{ user.name }}'
- name: Install autorandr postswitch configuration file - name: Install autorandr postswitch configuration file
template: template:
src: 'postswitch.j2' src: 'postswitch.j2'
dest: '~/.config/autorandr/postswitch' dest: '~/.config/autorandr/postswitch'
mode: '0755' owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
become_user: '{{ user.name }}'
- name: Enable autorandr service - name: Enable autorandr service
service: service:
name: autorandr name: autorandr
enabled: yes enabled: yes
become: true