Initial commit

roles/dotfiles/tasks/main.yml

@@ -0,0 +1,96 @@
+---
+- name: Find common dotfiles (excluding templates)
+  ansible.builtin.find:
+    paths: "{{ playbook_dir }}/dotfiles/common"
+    recurse: true
+    file_type: file
+    hidden: true
+    excludes: "*.j2"
+  delegate_to: localhost
+  register: dotfiles_common_files
+  run_once: true
+
+- name: Find group dotfiles (excluding templates)
+  ansible.builtin.find:
+    paths: "{{ playbook_dir }}/dotfiles/{{ item }}"
+    recurse: true
+    file_type: file
+    hidden: true
+    excludes: "*.j2"
+  loop: "{{ group_names | default([]) }}"
+  delegate_to: localhost
+  register: dotfiles_group_files
+  run_once: true
+  ignore_errors: true
+
+- name: Deploy common dotfiles (remote)
+  ansible.builtin.copy:
+    src: "{{ item.path }}"
+    dest: "{{ ansible_facts['env']['HOME'] }}/{{ item.path | replace(playbook_dir + '/dotfiles/common/', '') }}"
+    mode: preserve
+  loop: "{{ dotfiles_common_files.files }}"
+  when: ansible_connection not in ['local', 'localhost']
+
+- name: Deploy group dotfiles (remote)
+  ansible.builtin.copy:
+    src: "{{ item.1.path }}"
+    dest: "{{ ansible_facts['env']['HOME'] }}/{{ item.1.path | replace(playbook_dir + '/dotfiles/' + item.0.item + '/', '') }}"
+    mode: preserve
+  loop: "{{ dotfiles_group_files.results | subelements('files', skip_missing=True) }}"
+  when: ansible_connection not in ['local', 'localhost']
+
+- name: Symlink common dotfiles (local)
+  ansible.builtin.file:
+    src: "{{ item.path }}"
+    dest: "{{ ansible_facts['env']['HOME'] }}/{{ item.path | replace((playbook_dir + '/dotfiles/common/'), '') }}"
+    state: link
+    force: true
+  loop: "{{ dotfiles_common_files.files }}"
+  when: ansible_connection in ['local', 'localhost']
+
+- name: Symlink group dotfiles (local)
+  ansible.builtin.file:
+    src: "{{ item.1.path }}"
+    dest: "{{ ansible_facts['env']['HOME'] }}/{{ item.1.path | replace((playbook_dir + '/dotfiles/' + item.0.item + '/'), '') }}"
+    state: link
+    force: true
+  loop: "{{ dotfiles_group_files.results | subelements('files') }}"
+  when: ansible_connection in ['local', 'localhost']
+
+- name: Find template files in common dotfiles
+  ansible.builtin.find:
+    paths: "{{ playbook_dir }}/dotfiles/common"
+    recurse: true
+    file_type: file
+    hidden: true
+    patterns: "*.j2"
+  delegate_to: localhost
+  register: dotfiles_common_templates
+  run_once: true
+
+- name: Find template files in group dotfiles
+  ansible.builtin.find:
+    paths: "{{ playbook_dir }}/dotfiles/{{ item }}"
+    recurse: true
+    file_type: file
+    hidden: true
+    patterns: "*.j2"
+  loop: "{{ group_names | default([]) }}"
+  delegate_to: localhost
+  register: dotfiles_group_templates
+  run_once: true
+  ignore_errors: true
+
+- name: Template common dotfiles
+  ansible.builtin.template:
+    src: "{{ item.path }}"
+    dest: "{{ ansible_facts['env']['HOME'] }}/{{ item.path | replace(playbook_dir + '/dotfiles/common/', '') | replace('.j2', '') }}"
+    mode: '0600'
+  loop: "{{ dotfiles_common_templates.files }}"
+
+- name: Template group dotfiles
+  ansible.builtin.template:
+    src: "{{ item.1.path }}"
+    dest: "{{ ansible_facts['env']['HOME'] }}/{{ item.1.path | replace(playbook_dir + '/dotfiles/' + item.0.item + '/', '') | replace('.j2', '') }}"
+    mode: '0600'
+  loop: "{{ dotfiles_group_templates.results | subelements('files', skip_missing=True) }}"

roles/filesystems/tasks/main.yml

@@ -0,0 +1,43 @@
+---
+- name: Ensure mount points exist when create_dir is true
+  ansible.builtin.file:
+    path: "{{ item.path }}"
+    state: directory
+    owner: "{{ item.owner | default('root') }}"
+    group: "{{ item.group | default('root') }}"
+    mode: "{{ item.mode | default('0755') }}"
+  loop: "{{ mounts | default([]) }}"
+  become: true
+  when: item.create_dir | default(false) | bool
+
+- name: Verify mount points exist
+  ansible.builtin.stat:
+    path: "{{ item.path }}"
+  register: filesystems_mounts_stat
+  changed_when: false
+  loop: "{{ mounts | default([]) }}"
+
+- name: Assert mount points exist
+  ansible.builtin.assert:
+    that:
+      - (item.stat.exists | default(false))
+    fail_msg: "Mount point {{ item.item.path }} does not exist"
+  loop: "{{ filesystems_mounts_stat.results }}"
+
+- name: Manage fstab entries and mount
+  ansible.posix.mount:
+    path: "{{ item.path }}"
+    src: "{{ item.src }}"
+    fstype: "{{ item.fstype }}"
+    opts: "{{ item.opts | default('defaults') }}"
+    state: "{{ item.state | default('mounted') }}"
+    backup: true
+  loop: "{{ mounts | default([]) }}"
+  become: true
+
+- name: Ensure directories exist
+  ansible.builtin.file:
+    path: "{{ item.path }}"
+    state: directory
+    mode: "{{ item.mode | default('0755') }}"
+  loop: "{{ directories | default([]) }}"

roles/scripts/tasks/main.yml

@@ -0,0 +1,25 @@
+---
+
+- name: Copy repo scripts to local bin (for remote hosts)
+  ansible.builtin.copy:
+    src: "{{ item }}"
+    dest: "{{ local_bin_dir | default(ansible_facts['env']['HOME'] ~ '/.local/bin') }}/{{ item | basename }}"
+    mode: "0755"
+    owner: "{{ local_bin_owner | default(ansible_facts['user_id']) }}"
+    group: "{{ local_bin_group | default(ansible_facts['user_gid']) }}"
+  with_fileglob:
+    - "{{ scripts_src_glob | default(playbook_dir + '/scripts/*') }}"
+  when: ansible_connection not in ['local', 'localhost'] and item is file
+
+- name: Symlink repo scripts into local bin (stow-like, for local hosts)
+  ansible.builtin.file:
+    src: "{{ item }}"
+    dest: "{{ local_bin_dir | default(ansible_facts['env']['HOME'] ~ '/.local/bin') }}/{{ item | basename }}"
+    state: link
+    force: true
+    owner: "{{ local_bin_owner | default(ansible_facts['user_id']) }}"
+    group: "{{ local_bin_group | default(ansible_facts['user_gid']) }}"
+    follow: false
+  with_fileglob:
+    - "{{ scripts_src_glob | default(playbook_dir + '/scripts/*') }}"
+  when: ansible_connection in ['local', 'localhost'] and item is file

roles/services/tasks/main.yml

@@ -0,0 +1,19 @@
+---
+- name: Enable and start system services
+  ansible.builtin.systemd:
+    name: "{{ item }}"
+    enabled: true
+    state: started
+    scope: system
+  loop: "{{ services_system }}"
+  become: true
+  when: services_system is defined and services_system | length > 0
+
+- name: Enable and start user services
+  ansible.builtin.systemd:
+    name: "{{ item }}"
+    enabled: true
+    state: started
+    scope: user
+  loop: "{{ services_user }}"
+  when: services_user is defined and services_user | length > 0

roles/software/tasks/main.yml

@@ -0,0 +1,46 @@
+---
+
+- name: Add DNF repositories
+  ansible.builtin.yum_repository:
+    name: "{{ item.name }}"
+    description: "{{ item.description }}"
+    baseurl: "{{ item.baseurl }}"
+    enabled: true
+    gpgcheck: true
+    gpgkey: "{{ item.gpgkey }}"
+  loop: "{{ dnf_add_repositories }}"
+  become: true
+  when: dnf_add_repositories is defined and dnf_add_repositories | length > 0
+
+- name: Remove unwanted packages
+  ansible.builtin.dnf:
+    name: "{{ dnf_remove }}"
+    state: absent
+  become: true
+  when: dnf_remove is defined and dnf_remove | length > 0
+  failed_when: false
+
+- name: Install DNF packages
+  ansible.builtin.dnf:
+    name: "{{ dnf_install }}"
+    state: present
+  become: true
+  when: dnf_install is defined and dnf_install | length > 0
+
+- name: Install cargo packages
+  ansible.builtin.command:
+    cmd: "cargo install {{ item }}"
+  loop: "{{ cargo_packages }}"
+  when: cargo_packages is defined and cargo_packages | length > 0
+  register: software_cargo_install_result
+  changed_when: "'Installing' in software_cargo_install_result.stderr or 'Compiling' in software_cargo_install_result.stderr"
+  failed_when: software_cargo_install_result.rc != 0 and 'already exists' not in software_cargo_install_result.stderr
+
+- name: Clone git repositories
+  ansible.builtin.git:
+    repo: "{{ item.repo }}"
+    dest: "{{ item.dest }}"
+    version: "{{ item.version }}"
+    update: true
+  loop: "{{ git_repos }}"
+  when: git_repos is defined and git_repos | length > 0

roles/sysconfig/tasks/main.yml

@@ -0,0 +1,29 @@
+---
+
+- name: Configure sysctl parameters
+  ansible.posix.sysctl:
+    name: "{{ item.name }}"
+    value: "{{ item.value }}"
+    sysctl_file: "{{ item.file }}"
+    state: present
+    reload: true
+  loop: "{{ sysconfig_sysctl }}"
+  become: true
+  when: sysconfig_sysctl is defined and sysconfig_sysctl | length > 0
+
+- name: Configure GNOME settings
+  community.general.dconf:
+    key: "/{{ item.schema | replace('.', '/') }}/{{ item.key }}"
+    value: "{{ item.value }}"
+    state: present
+  loop: "{{ sysconfig_gsettings }}"
+  when: sysconfig_gsettings is defined and sysconfig_gsettings | length > 0
+
+- name: Configure sudoers for passwordless commands
+  ansible.builtin.lineinfile:
+    path: /etc/sudoers
+    line: "{{ ansible_facts['user_id'] }} ALL=(ALL) NOPASSWD: {{ sysconfig_sudoers_nopasswd_commands | join(', ') }}"
+    state: present
+    validate: /usr/sbin/visudo -cf %s
+  become: true
+  when: sysconfig_sudoers_nopasswd_commands is defined and sysconfig_sudoers_nopasswd_commands | length > 0

roles/users/tasks/main.yml

@@ -0,0 +1,6 @@
+- name: Set user shell
+  ansible.builtin.user:
+    name: "{{ item.name }}"
+    shell: "{{ item.shell }}"
+  loop: "{{ users_configure }}"
+  become: true