ynerant/templier-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Explicit permissions

Browse Source 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
This commit is contained in:
Yohann D'ANELLO 2021-03-18 00:25:44 +01:00
parent b0d8cdaf72
commit 57b83cb58e
Signed by: ynerant
GPG Key ID: 3A75C55819C8CF85
24 changed files with 121 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
group_vars/all.yml
View File

@ -20,7 +20,7 @@ ansible_header: |
pass:
upstream: 'ssh://git@git.ynerant.fr:2222/ynerant/pass'
upstream: 'ssh://git@git.ynerant.fr:2222/ynerant/pass.git'
dest: '.password-store/'
cliutils:

1
roles/audio/tasks/main.yml
View File

@ -9,4 +9,3 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes

10
roles/cli-utils/tasks/main.yml
View File

@ -13,24 +13,30 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes
when: user.root
- name: Create directory hierarchy
file:
path: '.config/{{ item }}'
state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
with_items:
- 'git/'
- 'bash/'
become_user: "{{ user.name }}"
- name: Deploying config files
template:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
with_items:
- { src: bashrc.j2, dest: .bashrc }
- { src: inputrc.j2, dest: .inputrc }
- { src: bash_aliases.j2, dest: .config/bash/bash_aliases }
- { src: gitconfig.j2, dest: .config/git/config }
- { src: tmux.conf.j2, dest: .tmux.conf }
become_user: '{{ user.name }}'

3
roles/cli-utils/templates/bash_aliases.j2
View File

@ -31,9 +31,6 @@ alias gst='git status -s'
alias proxy='ssh -q -C -N -D 8080'
alias wip='watch -c ip -c'
alias vi=vim
alias cat=bat
# Shortcuts to open ports
alias ldap_tealc="ssh -L 1636:tealc.adm.crans.org:636 tealc.adm.crans.org"
alias sam="ssh -L 8006:sam.adm.crans.org:8006 sam.adm.crans.org"

13
roles/communication/tasks/main.yml
View File

@ -12,29 +12,40 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes
- name: Create lxappearance directory hierarchy
file:
path: '{{ item }}'
state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700
with_items:
- '.config/gtk-3.0/'
- '.icons/default/'
become_user: '{{ user.name }}'
- name: Enable dark mode for evolution
template:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
with_items:
- { src: 'gtkrc.j2', dest: '.gtkrc-2.0' }
- { src: 'settings.ini.j2', dest: '.config/gtk-3.0/settings.ini' }
- { src: 'index.theme.j2', dest: '.icons/default/index.theme'}
become_user: '{{ user.name }}'
- name: Create evolution config and cache parent directories
file:
path: '{{ item }}'
state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700
with_items:
- '.config/'
- '.local/share/'
become_user: '{{ user.name }}'

1
roles/communication/templates/gtkrc.j2
View File

@ -6,7 +6,6 @@
include "/home/ynerant/.gtkrc-2.0.mine"
gtk-theme-name="Adwaita-dark"
gtk-icon-theme-name="Adwaita"
gtk-font-name="Monospace 8"
gtk-cursor-theme-name="Adwaita"
gtk-cursor-theme-size=0
gtk-toolbar-style=GTK_TOOLBAR_TEXT

1
roles/communication/templates/settings.ini.j2
View File

@ -3,7 +3,6 @@
[Settings]
gtk-theme-name=Adwaita-dark
gtk-icon-theme-name=Adwaita
gtk-font-name=Monospace 8
gtk-cursor-theme-name=Adwaita
gtk-cursor-theme-size=0
gtk-toolbar-style=GTK_TOOLBAR_TEXT

2
roles/docker/tasks/main.yml
View File

@ -15,4 +15,6 @@
template:
src: update-motd.d/05-service.j2
dest: /etc/update-motd.d/05-docker
owner: root
group: root
mode: 0755

9
roles/i3/tasks/main.yml
View File

@ -7,7 +7,6 @@
- i3blocks
- i3status
register: pkg_result
become: yes
retries: 3
until: pkg_result is succeeded
@ -15,14 +14,22 @@
file:
path: '.config/{{ item }}'
state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
with_items:
- i3/
- i3status/
become_user: '{{ user.name }}'
- name: Copy i3 configuration files
template:
src: '{{ item }}.j2'
dest: '.config/{{ item }}/config'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
with_items:
- i3
- i3status
become_user: '{{ user.name }}'

8
roles/mime/tasks/main.yml
View File

@ -12,8 +12,16 @@
file:
path: '.config/'
state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700
become_user: '{{ user.name }}'
- name: Install default applications configuration file
template:
src: 'mimeapps.list.j2'
dest: '.config/mimeapps.list'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'

1
roles/mime/templates/mimeapps.list.j2
View File

@ -15,4 +15,3 @@ application/x-extension-xhtml=firefox.desktop
application/x-extension-xht=firefox.desktop
application/pdf=org.pwmt.zathura.desktop

9
roles/multimedia/tasks/main.yml
View File

@ -11,20 +11,27 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes
- name: Create multimedia folder hierarchy
file:
path: '.config/{{ item }}'
state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700
with_items :
- 'mpv/'
- 'zathura/'
become_user: '{{ user.name }}'
- name: Copy multimedia configuration files
template:
src: '{{ item.src }}'
dest: '.config/{{ item.dest }}'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
with_items:
- { src: 'zathurarc.j2', dest: 'zathura/zathurarc' }
- { src: 'mpv.conf.j2', dest: 'mpv/mpv.conf' }
become_user: '{{ user.name }}'

1
roles/navigateur/tasks/main.yml
View File

@ -7,4 +7,3 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes

10
roles/notification/tasks/main.yml
View File

@ -10,15 +10,21 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes
- name: Create dunst config directory
file:
path: '.config/dunst/'
state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
become_user: '{{ user.name }}'
- name: Copy dunst configuration file
template:
src: 'dunstrc.j2'
dest: '.config/dunst/dunstrc'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'

6
roles/ntp/tasks/main.yml
View File

@ -6,18 +6,18 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes
notify: restart ntpd.service
- name: Deploy ntp configuration
template:
src: 'ntp.conf.j2'
dest: '/etc/ntp.conf'
become: yes
owner: root
group: root
mode: 0644
notify: restart ntpd.service
- name: Enable ntp service
service:
name: ntpd
enabled: yes
become: true

3
roles/pass/tasks/main.yml
View File

@ -8,9 +8,10 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes
- name: Clone git pass repository
git:
repo: '{{ pass.upstream }}'
dest: '{{ pass.dest }}'
umask: '0066'
become_user: '{{ user.name }}'

7
roles/scripts/tasks/main.yml
View File

@ -8,18 +8,22 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes
- name: Clone scripts git repo
git:
repo: '{{ scripts.git }}'
dest: '.local/src/scripts'
owner: '{{ user.name }}'
group: '{{ user.name }}'
umask: 0022
become_user: '{{ user.name }}'
- name: Find scripts
find:
path: '.local/src/scripts'
pattern: "*"
register: scripts
become_user: user.name
- name: Link scripts
file:
@ -28,3 +32,4 @@
state: link
force: yes
with_items: '{{ scripts.files }}'
become_user: '{{ user.name }}'

14
roles/ssh/tasks/main.yml
View File

@ -3,27 +3,41 @@
- name: Create ssh directory
file:
path: '.ssh'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700
state: directory
become_user: '{{ user.name }}'
- name: Create ssh configuration file directory
file:
path: '.ssh/config.d'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
state: directory
become_user: '{{ user.name }}'
- name: Deploying config files
template:
src: 'config.d/{{ item }}.j2'
dest: '.ssh/config.d/{{ item }}'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
loop:
- aurore
- crans
- dptinfo
- perso
- virtu
become_user: '{{ user.name }}'
- name: Include config files
template:
src: 'config.j2'
dest: '.ssh/config'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'

3
roles/sudo/tasks/main.yml
View File

@ -4,9 +4,10 @@
template:
src: '{{ item.src }}.j2'
dest: '/etc/{{ item.src }}'
owner: root
group: root
mode: '{{ item.mode }}'
with_items:
- { src: 'sudoers', mode: '0440' }
- { src: 'sudoers.lecture', mode: '0644' }
become: yes

12
roles/systemd/tasks/main.yml
View File

@ -4,16 +4,22 @@
template:
src: 'logind.conf.j2'
dest: '/etc/systemd/logind.conf'
become: yes
owner: root
group: root
mode: 0644
- name: Create autologin directory on tty1
file:
path: '/etc/systemd/system/getty@tty1.service.d'
state: directory
become: yes
owner: root
group: root
mode: 0755
- name: Copy autologin template file
template:
src: 'override.conf.j2'
dest: '/etc/systemd/system/getty@tty1.service.d/override.conf'
become: yes
owner: root
group: root
mode: 0644

9
roles/terminal/tasks/main.yml
View File

@ -7,14 +7,21 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes
- name: Create xfce4 terminal config directory
file:
path: '.config/xfce4/terminal/'
state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0700
become_user: '{{ user.name }}'
- name: Copy xfce4-terminal configuration file
template:
src: 'terminalrc.j2'
dest: '.config/xfce4/terminal/terminalrc'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'

1
roles/texlive/tasks/main.yml
View File

@ -6,4 +6,3 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes

6
roles/vim/tasks/main.yml
View File

@ -7,10 +7,12 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes
when: user.root
- name: Deploying config files
template:
src: 'vimrc.j2'
dest: '.vimrc'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'

26
roles/xorg/tasks/main.yml
View File

@ -19,7 +19,6 @@
register: pkg_result
retries: 3
until: pkg_result is succeeded
become: yes
- name: Queries package manager for graphical instalation specific to abyme installation
package:
@ -29,7 +28,6 @@
retries: 3
until: pkg_result is succeeded
when: laptop.gpu
become: yes
- name: Queries package manager for graphical instalation specific to abyme installation
package:
@ -39,46 +37,56 @@
retries: 3
until: pkg_result is succeeded
when: laptop.numpad
become: yes
- name: Copy user configuration files
template:
src: 'xinitrc.j2'
dest: '.xinitrc'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0644
become_user: '{{ user.name }}'
- name: Copy touchpad configuration
template:
src: '30-touchpad.conf.j2'
dest: '/etc/X11/xorg.conf.d/30-touchpad.conf'
become: yes
owner: root
group: root
mode: 0644
- name: Change backlight property # doing some shifty things
file:
path: '/sys/class/backlight/intel_backlight/brightness'
owner: root
group: video
mode: '0664'
become: yes
- name: Gives user the good group
user:
name: ynerant
name: '{{ user.name }}'
groups: video
append: yes
become: yes
- name: Create autorandr configuration folder
file:
path: '~/.config/autorandr'
state: directory
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
become_user: '{{ user.name }}'
- name: Install autorandr postswitch configuration file
template:
src: 'postswitch.j2'
dest: '~/.config/autorandr/postswitch'
mode: '0755'
owner: '{{ user.name }}'
group: '{{ user.name }}'
mode: 0755
become_user: '{{ user.name }}'
- name: Enable autorandr service
service:
name: autorandr
enabled: yes
become: true