bryan/deploy
SHA256
1
0
Fork 0
Code Actions Wiki Activity

Migrate to new apps role

Browse Source
This commit is contained in:
Bryan Roessler
2026-02-02 01:33:38 -05:00
parent 10e0d7ad9c
commit 6aefc82163
41 changed files with 616 additions and 905 deletions
Download Patch File Download Diff File Expand all files Collapse all files

206
group_vars/all/apps.yml
View File

@@ -1,7 +1,157 @@
---
dnf_remove_repos:
- google-chrome
apps:
aichat:
cargo: [aichat]
directories:
- dest: "{{ ansible_facts['env']['HOME'] }}/.config/aichat"
mode: '0755'
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
configs:
- dest: "{{ ansible_facts['env']['HOME'] }}/.config/aichat/config.yaml"
mode: '0600'
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
content: |
# see https://github.com/sigoden/aichat/blob/main/config.example.yaml
model: claude:claude-haiku-4-5-20251001
clients:
- type: claude
api_key: {{ ANTHROPIC_API_KEY }}
btrfsmaintenance:
packages: [btrfsmaintenance]
services_system_enabled: [btrfs-balance.timer, btrfs-scrub.timer, btrfs-trim.timer]
directories:
- dest: /etc/sysconfig
mode: '0755'
owner: root
group: root
configs:
- dest: /etc/sysconfig/btrfsmaintenance
mode: '0644'
owner: root
group: root
content: |
BTRFS_LOG_OUTPUT="journal"
BTRFS_DEFRAG_PATHS=""
BTRFS_DEFRAG_PERIOD="none"
BTRFS_DEFRAG_MIN_SIZE="+1M"
BTRFS_BALANCE_MOUNTPOINTS="auto"
BTRFS_BALANCE_PERIOD="weekly"
BTRFS_BALANCE_DUSAGE="0 20 50 80"
BTRFS_BALANCE_MUSAGE="80"
BTRFS_SCRUB_MOUNTPOINTS="auto"
BTRFS_SCRUB_PERIOD="quarterly"
BTRFS_SCRUB_PRIORITY="idle"
BTRFS_SCRUB_READ_ONLY="false"
BTRFS_TRIM_PERIOD="weekly"
BTRFS_TRIM_MOUNTPOINTS="auto"
BTRFS_ALLOW_CONCURRENCY="false"
code:
packages: [code]
dnf_repos_add:
- name: code
description: Visual Studio Code
baseurl: https://packages.microsoft.com/yumrepos/vscode
gpgkey: https://packages.microsoft.com/keys/microsoft.asc
dnf:
packages: [dnf]
configs:
- dest: /etc/dnf/dnf.conf
mode: '0644'
owner: root
group: root
content: |
[main]
# installonly_limit=3
# best=False
skip_if_unavailable=True
deltarpm=True
fastestmirror=True
dnf-automatic:
packages: [dnf-automatic]
services_system_enabled: [dnf-automatic.timer]
installJRMC:
git:
- repo: https://git.bryanroessler.com/bryan/installJRMC.git
dest: "{{ ansible_facts['env']['HOME'] }}/.local/bin/installJRMC"
version: dev
mediacenter35:
packages: [mediacenter35]
dnf_repos_add:
- name: mediacenter35
description: JRiver Media Center hosted by BryanC
baseurl: https://repos.bryanroessler.com/jriver
gpgcheck: false
mullvad-vpn:
packages: [mullvad-vpn]
dnf_repofiles_add: [https://repository.mullvad.net/rpm/stable/mullvad.repo]
openwrtbuilder:
git:
- repo: https://git.bryanroessler.com/bryan/openwrtbuilder.git
dest: "{{ ansible_facts['env']['HOME'] }}/.local/bin/openwrtbuilder"
version: dev
profile-sync-daemon:
packages: [profile-sync-daemon]
services_system_enabled: [psd.service]
rpmfusion-free-release:
packages: [rpmfusion-free-release]
dnf_install_remote: ["https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-{{ ansible_facts['distribution_major_version'] }}.noarch.rpm"]
openssh-server:
packages: [openssh-server]
services_system_enabled: [sshd.service]
syncthing:
packages: [syncthing]
services_user_enabled: [syncthing.service]
tailscale:
packages: [tailscale]
dnf_repofiles_add: [https://pkgs.tailscale.com/stable/fedora/tailscale.repo]
services_system_enabled: [tailscaled.service]
zsh-completions:
packages: [zsh-completions]
dnf_repos_add:
- name: zsh-completions
description: zsh-completions from openSUSE
baseurl: https://download.opensuse.org/repositories/shells:zsh-users:zsh-completions/Fedora_Rawhide/
gpgkey: https://download.opensuse.org/repositories/shells:zsh-users:zsh-completions/Fedora_Rawhide/repodata/repomd.xml.key
dnf_install:
- btrfs-assistant
- calibre
- cargo
- createrepo_c
- firefox
- flatpak
- gettext
- htop
- iperf3
- nautilus-python
- pinta
- python3-psutil
- python3-virtualenv
- python3-virtualenvwrapper
- remmina
- setroubleshoot
- ShellCheck
- snapd
- toolbox
- vim
- wl-clipboard
- zsh
dnf_remove:
- abrt
@@ -12,55 +162,9 @@ dnf_remove:
- orca
- rhythmbox
dnf_repos_remove:
- google-chrome
services_system_disabled:
- qemu-guest-agent
- raid-check.timer
- fstrim.timer
apps:
- btrbk
- btrfs-assistant
- btrfsmaintenance
- calibre
- cargo
- code
- dnf-automatic
- firefox
- flatpak
- gettext
- gnome-tweaks
- htop
- mediacenter35
- mullvad-vpn
- nautilus-python
- pinta
- python3-virtualenv
- python3-virtualenvwrapper
- remmina
- https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-{{ ansible_facts['distribution_major_version'] }}.noarch.rpm
- setroubleshoot
- ShellCheck
- snapd
- syncthing
- tailscale
- toolbox
- vim
- wl-clipboard
- zsh
- zsh-completions
git_add_repos:
- repo: https://git.bryanroessler.com/bryan/installJRMC.git
dest: "{{ ansible_facts['env']['HOME'] }}/.local/bin/installJRMC"
version: dev
- repo: https://git.bryanroessler.com/bryan/openwrtbuilder.git
dest: "{{ ansible_facts['env']['HOME'] }}/.local/bin/openwrtbuilder"
version: dev
# - repo: https://git.bryanroessler.com/bryan/deployer.git
# dest: "{{ ansible_facts['env']['HOME'] }}/.local/bin/deployer"
# version: dev
# - repo: https://git.bryanroessler.com/bryan/deploy.git
# dest: "{{ ansible_facts['env']['HOME'] }}/.local/bin/deploy"
# version: dev

24
group_vars/all/filesystems.yml
View File

@@ -1,24 +0,0 @@
---
directories:
- path: "{{ ansible_facts['env']['HOME'] }}/.local/bin"
mode: '0755'
symlinks:
- name: develop
src: "{{ lookup('env', 'HOME') }}/documents/develop"
dest: "{{ lookup('env', 'HOME') }}/develop"
- name: music
src: "{{ lookup('env', 'HOME') }}/media/music"
dest: "{{ lookup('env', 'HOME') }}/music"
- name: pictures
src: "{{ lookup('env', 'HOME') }}/media/pictures"
dest: "{{ lookup('env', 'HOME') }}/pictures"
- name: videos
src: "{{ lookup('env', 'HOME') }}/media/videos"
dest: "{{ lookup('env', 'HOME') }}/videos"
- name: ebooks
src: "{{ lookup('env', 'HOME') }}/media/ebooks"
dest: "{{ lookup('env', 'HOME') }}/ebooks"
- name: bin
src: "{{ lookup('env', 'HOME') }}/.local/bin"
dest: "{{ lookup('env', 'HOME') }}/bin"

21
group_vars/all/sysconfig.yml
View File

@@ -1,21 +0,0 @@
---
# GNOME settings via gsettings
sysconfig_gsettings:
- schema: org.gnome.nautilus.preferences
key: always-use-location-entry
value: "true"
# Sysctl configurations
sysconfig_sysctl:
- name: fs.inotify.max_user_watches
value: 524288
file: /etc/sysctl.d/local.conf
# Sudoers configuration - commands that can run without password
sysconfig_sudoers_nopasswd_commands:
- /usr/bin/psd-overlay-helper
- /usr/sbin/btrfs
- /usr/bin/journalctl
- /usr/bin/dnf
- /usr/bin/fwupdmgr
- /usr/bin/dmesg

51
group_vars/laptop/apps.yml
View File

@@ -1,2 +1,51 @@
apps_group:
- profile-sync-daemon
keyd:
copr: [alternateved/keyd]
packages: [keyd]
services_system_enabled: [keyd.service]
configs:
- dest: /etc/keyd/default.conf
mode: '0644'
owner: root
group: root
content: |
[ids]
0001:0001:09b4e68d
[main]
leftmeta+leftshift+f23 = rightcontrol
btrbk:
packages: [btrbk]
services_system_enabled: [btrbk.timer]
configs:
- dest: /etc/btrbk/btrbk.conf
mode: '0644'
owner: root
group: root
content: |
transaction_log /var/log/btrbk.log
ssh_identity /root/.ssh/id_ed25519
ssh_user root
backend_local_user btrfs-progs-sudo
stream_buffer 256m
snapshot_dir .snapshots
snapshot_create onchange
lockfile /var/lock/btrbk.lock
snapshot_preserve_min 2d
snapshot_preserve 14d
target_preserve_min no
target_preserve 14d 10w *m
archive_preserve_min latest
archive_preserve 12m 10y
subvolume /
target_preserve 14d 10w 6m
snapshot_dir /.snapshots
target ssh://workstation/mnt/backup/laptop/root
volume /home
subvolume bryan
target ssh://workstation/mnt/backup/laptop/home

18
group_vars/laptop/btrbk.yml
View File

@@ -1,18 +0,0 @@
btrbk_ssh_identity: /root/.ssh/id_ed25519
btrbk_ssh_user: root
btrbk_config: |
snapshot_preserve_min 2d
snapshot_preserve 14d
target_preserve_min no
target_preserve 14d 10w *m
archive_preserve_min latest
archive_preserve 12m 10y
subvolume /
target_preserve 14d 10w 6m
snapshot_dir /.snapshots
target ssh://workstation/mnt/backup/laptop/root
volume /home
subvolume bryan
target ssh://workstation/mnt/backup/laptop/home

26
group_vars/laptop/filesystems.yml
View File

@@ -1,5 +1,5 @@
---
mounts:
filesystems_mounts:
- path: /home
src: /dev/disk/by-uuid/42f5911d-d634-4f92-9561-c7e20ca66c83
fstype: btrfs
@@ -9,3 +9,27 @@ mounts:
group: root
mode: '0755'
create_dir: false
filesystem_directories:
- path: "{{ ansible_facts['env']['HOME'] }}/.local/bin"
mode: '0755'
filesystem_symlinks:
- name: develop
src: "{{ lookup('env', 'HOME') }}/documents/develop"
dest: "{{ lookup('env', 'HOME') }}/develop"
- name: music
src: "{{ lookup('env', 'HOME') }}/media/music"
dest: "{{ lookup('env', 'HOME') }}/music"
- name: pictures
src: "{{ lookup('env', 'HOME') }}/media/pictures"
dest: "{{ lookup('env', 'HOME') }}/pictures"
- name: videos
src: "{{ lookup('env', 'HOME') }}/media/videos"
dest: "{{ lookup('env', 'HOME') }}/videos"
- name: ebooks
src: "{{ lookup('env', 'HOME') }}/media/ebooks"
dest: "{{ lookup('env', 'HOME') }}/ebooks"
- name: bin
src: "{{ lookup('env', 'HOME') }}/.local/bin"
dest: "{{ lookup('env', 'HOME') }}/bin"

89
group_vars/workstation/apps.yml
View File

@@ -1,3 +1,88 @@
---
# Workstation-specific apps metadata
apps_group:
-
# - profile-sync-daemon
pwrstatd:
packages_remote: ["https://dl4jz3rbrsfum.cloudfront.net/software/PPL_64bit_v1.4.1.rpm"]
packages: [powerpanel]
services_system_enabled: [pwrstatd.service]
directories:
- dest: /etc/init.d
owner: root
group: root
configs:
- dest: /etc/pwrstatd.conf
mode: '0644'
owner: root
group: root
content: |
powerfail-delay = 60
powerfail-active = no
powerfail-cmd-path = /etc/pwrstatd-powerfail.sh
powerfail-duration = 0
powerfail-shutdown = no
lowbatt-threshold = 10
runtime-threshold = 180
lowbatt-active = no
lowbatt-cmd-path = /etc/pwrstatd-lowbatt.sh
lowbatt-duration = 0
lowbatt-shutdown = yes
enable-alarm = yes
shutdown-sustain = 0
turn-ups-off = no
ups-polling-rate = 5
ups-retry-rate = 10
prohibit-client-access = no
allowed-device-nodes =
hibernate = no
cloud-active = no
cloud-account =
btrbk:
packages: [btrbk]
services_system_enabled: [btrbk.timer]
configs:
- dest: /etc/btrbk/btrbk.conf
mode: '0644'
owner: root
group: root
content: |
transaction_log /var/log/btrbk.log
ssh_identity /home/bryan/.config/btrbk/id_ed25519
ssh_user root
backend_local_user btrfs-progs-sudo
stream_buffer 256m
snapshot_dir .snapshots
snapshot_create onchange
lockfile /var/lock/btrbk.lock
snapshot_preserve_min 2d
snapshot_preserve 14d
target_preserve_min no
target_preserve 14d 10w *m
archive_preserve_min latest
archive_preserve 12m 10y
subvolume /
target_preserve 14d 10w 6m
snapshot_dir /.snapshots
target /mnt/backup/workstation/root
volume /home
subvolume bryan
target /mnt/backup/workstation/home
target_preserve 14d 10w 6m
volume /mnt/downloads
subvolume downloads
target /mnt/backup/workstation/downloads
volume /
subvolume /mnt/ebooks
target /mnt/backup/media
subvolume /mnt/cover-art
target /mnt/backup/media
volume /mnt/array/media
target /mnt/backup/media
subvolume pictures
subvolume music

34
group_vars/workstation/btrbk.yml
View File

@@ -1,34 +0,0 @@
btrbk_ssh_identity: /home/bryan/.config/btrbk/id_ed25519
btrbk_ssh_user: root
btrbk_config: |
snapshot_preserve_min 2d
snapshot_preserve 14d
target_preserve_min no
target_preserve 14d 10w *m
archive_preserve_min latest
archive_preserve 12m 10y
subvolume /
target_preserve 14d 10w 6m
snapshot_dir /.snapshots
target /mnt/backup/workstation/root
volume /home
subvolume bryan
target /mnt/backup/workstation/home
target_preserve 14d 10w 6m
volume /mnt/downloads
subvolume downloads
target /mnt/backup/workstation/downloads
volume /
subvolume /mnt/ebooks
target /mnt/backup/media
subvolume /mnt/cover-art
target /mnt/backup/media
volume /mnt/array/media
target /mnt/backup/media
subvolume pictures
subvolume mu

106
group_vars/workstation/filesystems.yml
View File

@@ -1,9 +1,9 @@
---
mounts:
filesystem_mounts:
- path: /home
src: /dev/disk/by-uuid/42f5911d-d634-4f92-9561-c7e20ca66c83
fstype: btrfs
opts: subvol=home,compress=zstd:1,defaults
opts: "subvol=home,compress=zstd:1,defaults"
state: mounted
owner: root
group: root
@@ -13,17 +13,17 @@ mounts:
- path: /mnt/array
src: /dev/disk/by-uuid/36fe5749-800a-4ab5-a89a-6ad343f5d42f
fstype: btrfs
opts: defaults,compress=zstd:1,x-systemd.device-timeout=180s
opts: "defaults,compress=zstd:1,x-systemd.device-timeout=180s"
state: mounted
owner: bryan
group: bryan
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
create_dir: false
- path: /mnt/backup
src: /dev/disk/by-uuid/64cc836d-e55f-4c34-83db-01c9b43c218a
fstype: btrfs
opts: defaults,compress=zstd:1,x-systemd.device-timeout=180s,nofail
opts: "defaults,compress=zstd:1,x-systemd.device-timeout=180s,nofail"
state: mounted
owner: root
group: root
@@ -33,70 +33,70 @@ mounts:
- path: /mnt/downloads
src: /dev/disk/by-uuid/56a4fe2f-ce26-48cc-b602-548db7357549
fstype: btrfs
opts: defaults,compress=zstd:1
opts: "defaults,compress=zstd:1"
state: mounted
owner: bryan
group: bryan
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
create_dir: false
- path: /home/bryan/downloads
- path: /home/"{{ ansible_user }}"/downloads
src: /dev/disk/by-uuid/56a4fe2f-ce26-48cc-b602-548db7357549
fstype: btrfs
opts: subvol=downloads,defaults,compress=zstd:1,x-systemd.requires=home.mount,x-gvfs-hide
opts: "subvol=downloads,defaults,compress=zstd:1,x-systemd.requires=home.mount,x-gvfs-hide"
state: mounted
owner: bryan
group: bryan
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
create_dir: false
- path: /home/bryan/media
- path: "/home/{{ ansible_user }}/media"
src: /dev/disk/by-uuid/36fe5749-800a-4ab5-a89a-6ad343f5d42f
fstype: btrfs
opts: subvol=media,defaults,compress=zstd:1,x-systemd.requires=home.mount,x-systemd.device-timeout=180s,x-gvfs-hide
opts: "subvol=media,defaults,compress=zstd:1,x-systemd.requires=home.mount,x-systemd.device-timeout=180s,x-gvfs-hide"
state: mounted
owner: bryan
group: bryan
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
create_dir: false
- path: /mnt/array/media/cover-art
src: /dev/disk/by-uuid/42f5911d-d634-4f92-9561-c7e20ca66c83
fstype: btrfs
opts: subvol=root/mnt/cover-art,defaults,compress=zstd:1,x-systemd.requires=mnt-array.mount,x-gvfs-hide
opts: "subvol=root/mnt/cover-art,defaults,compress=zstd:1,x-systemd.requires=mnt-array.mount,x-gvfs-hide"
state: mounted
owner: bryan
group: bryan
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
create_dir: false
- path: /home/bryan/media/cover-art
- path: "/home/{{ ansible_user }}/media/cover-art"
src: /dev/disk/by-uuid/42f5911d-d634-4f92-9561-c7e20ca66c83
fstype: btrfs
opts: subvol=root/mnt/cover-art,defaults,compress=zstd:1,x-systemd.requires=home-bryan-media.mount,x-gvfs-hide
opts: "subvol=root/mnt/cover-art,defaults,compress=zstd:1,x-systemd.requires=home-{{ ansible_user }}-media.mount,x-gvfs-hide"
state: mounted
owner: bryan
group: bryan
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
create_dir: false
- path: /mnt/array/media/ebooks
src: /dev/disk/by-uuid/42f5911d-d634-4f92-9561-c7e20ca66c83
fstype: btrfs
opts: subvol=root/mnt/ebooks,defaults,compress=zstd:1,x-systemd.requires=mnt-array.mount,x-gvfs-hide
opts: "subvol=root/mnt/ebooks,defaults,compress=zstd:1,x-systemd.requires=mnt-array.mount,x-gvfs-hide"
state: mounted
owner: bryan
group: bryan
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
create_dir: false
- path: /home/bryan/media/ebooks
- path: "/home/{{ ansible_user }}/media/ebooks"
src: /dev/disk/by-uuid/42f5911d-d634-4f92-9561-c7e20ca66c83
fstype: btrfs
opts: subvol=root/mnt/ebooks,defaults,compress=zstd:1,x-systemd.requires=home-bryan-media.mount,x-gvfs-hide
opts: "subvol=root/mnt/ebooks,defaults,compress=zstd:1,x-systemd.requires=home-{{ ansible_user }}-media.mount,x-gvfs-hide"
state: mounted
owner: bryan
group: bryan
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
create_dir: false
@@ -105,27 +105,53 @@ mounts:
fstype: btrfs
opts: subvol=root/mnt/screenshots,defaults,compress=zstd:1,x-systemd.requires=mnt-array.mount,x-gvfs-hide
state: mounted
owner: bryan
group: bryan
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
create_dir: false
- path: /home/bryan/media/pictures/Screenshots
- path: "/home/{{ ansible_user }}/media/pictures/Screenshots"
src: /dev/disk/by-uuid/42f5911d-d634-4f92-9561-c7e20ca66c83
fstype: btrfs
opts: subvol=root/mnt/screenshots,defaults,compress=zstd:1,x-systemd.requires=home-bryan-media.mount,x-gvfs-hide
opts: "subvol=root/mnt/screenshots,defaults,compress=zstd:1,x-systemd.requires=home-{{ ansible_user }}-media.mount,x-gvfs-hide"
state: mounted
owner: bryan
group: bryan
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
create_dir: false
- path: /home/bryan/devices/laptop/music
- path: "/home/{{ ansible_user }}/devices/laptop/music"
src: /dev/disk/by-uuid/d0ed963e-aaa0-4dcc-9ece-4ea8fe7fcea2
fstype: btrfs
opts: defaults,compress=zstd:1,x-systemd.requires=home.mount,x-gvfs-hide
state: mounted
owner: bryan
group: bryan
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
create_dir: false
filesystem_directories:
- path: "/home/{{ ansible_user }}/.local/bin"
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0755'
filesystem_symlinks:
- name: develop
src: "/home/{{ ansible_user }}/documents/develop"
dest: "/home/{{ ansible_user }}/develop"
- name: music
src: "/home/{{ ansible_user }}/media/music"
dest: "/home/{{ ansible_user }}/music"
- name: pictures
src: "/home/{{ ansible_user }}/media/pictures"
dest: "/home/{{ ansible_user }}/pictures"
- name: videos
src: "/home/{{ ansible_user }}/media/videos"
dest: "/home/{{ ansible_user }}/videos"
- name: ebooks
src: "/home/{{ ansible_user }}/media/ebooks"
dest: "/home/{{ ansible_user }}/ebooks"
- name: bin
src: "/home/{{ ansible_user }}/.local/bin"
dest: "/home/{{ ansible_user }}/bin"

1
group_vars/workstation/quadlets.yml
View File

@@ -1,5 +1,4 @@
---
quadlets_deploy_configs: true # deploy quadlet service configs
maintainer: "Bryan C. Roessler"