quick push of recent changes for synchronous work on other devices
This commit is contained in:
@@ -27,15 +27,15 @@ admins:
|
|||||||
# <str<vault?>> hashed (and maybe salted) password
|
# <str<vault?>> hashed (and maybe salted) password
|
||||||
password: !vault |
|
password: !vault |
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
33663131343861303735643439393165356231366338346538333537643464343761373139303364
|
31663265653031323833373663653132653532646638316465393364613961643130653330393062
|
||||||
6630303563346437373161626662313432306138353132350a353334356139376662333562353834
|
6165386239303965386261363565353137636164356130370a336465353931373564393339363561
|
||||||
36326461613664616565373835303636636533616462303732633461343130346134366662373566
|
37353162333331663833656631663165356134633961323337663439663733316231666334336539
|
||||||
6431623034653363310a303665636366353535313436666532623737373930356364616339313633
|
6537373334326634610a623037613462663733343230306538386561363838316638623365636533
|
||||||
34663839656637373031393031656332393761623161643730326563323863363461333864353338
|
32313931666439363435663161663665346266653763343265376366383837376436643163376430
|
||||||
30633964353339323465643064636538346464343035626461333366303835333039653661383030
|
39393861613037333766386138376335653334363737626664383236303234653461313230383564
|
||||||
62656663336536373262623062633563646434646431303137306438633937323764633334396539
|
33393834636165386562383435666233313664656233326364616237636230303264363732376639
|
||||||
64353734613662663063343966356562326661626436663430623430663766343030646333306634
|
64396564366335366430303031323865333635306536346463386334303235386438663061343934
|
||||||
32353839313235313339353431323837356537336231366564313431313462613333
|
37376466373566396130366330383834323332626166316661336339346462343466
|
||||||
# @TODO change 'key' attributes of package entres under 'mngr' section below to 'signkey'
|
# @TODO change 'key' attributes of package entres under 'mngr' section below to 'signkey'
|
||||||
# and edit 'roles/init-server/install-pks.yml' accordngly
|
# and edit 'roles/init-server/install-pks.yml' accordngly
|
||||||
# <dict[<str>:<dict>]> package groups
|
# <dict[<str>:<dict>]> package groups
|
||||||
@@ -46,228 +46,258 @@ pkgs:
|
|||||||
core:
|
core:
|
||||||
- name: neovim
|
- name: neovim
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: flatpak
|
- name: flatpak
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: snapd
|
- name: snapd
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: git
|
- name: git
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: fail2ban
|
- name: fail2ban
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: crowdsec
|
- name: crowdsec
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: glow
|
- name: glow
|
||||||
uri: ~
|
uri: ~
|
||||||
key: "https://repo.charm.sh/apt/gpg.key"
|
sigkey: "https://repo.charm.sh/apt/gpg.key"
|
||||||
key_path: /etc/apt/keyrings/charm.gpg
|
sources: "https://repo.charm.sh/apt/"
|
||||||
src_entry: "deb [signed-by=/etc/apt/keyrings/charm.gpg] https://repo.charm.sh/apt/ * *"
|
types: deb
|
||||||
src_path: /etc/apt/sources.list.d/charm.list
|
suites: "*"
|
||||||
|
comps: "*"
|
||||||
- name: vim-vimwiki
|
- name: vim-vimwiki
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: pandoc
|
- name: pandoc
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: tor
|
- name: tor
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: i2pd
|
- name: i2pd
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
- name: radicle
|
comps: ~
|
||||||
uri: ~
|
# # @TODO troubleshoot radicle installation issue or change installation method for radicle to script
|
||||||
key: "https://radicle.dev/apt/radicle-archive-keyring.deb"
|
# - name: radicle-keyring
|
||||||
key_path: "{{ ansible_facts['user_dir'] }}/.local_pkgs/"
|
# uri: "https://radicle.dev/apt/radicle-archive-keyring.deb"
|
||||||
src_entry: "deb [signed-by=/usr/share/radicle/radicle-archive-keyring.asc] https://radicle.dev/apt release main"
|
# sigkey: ~
|
||||||
src_path: /etc/apt/sources.list
|
# sources: ~
|
||||||
|
# types: ~
|
||||||
|
# suites: ~
|
||||||
|
# comps: ~
|
||||||
|
# - name: radicle
|
||||||
|
# uri: ~
|
||||||
|
# sigkey: "https://radicle.dev/apt/radicle-archive-keyring.deb"
|
||||||
|
# sources: "https://radicle.dev/apt"
|
||||||
|
# types: deb
|
||||||
|
# suites: release
|
||||||
|
# comps: main
|
||||||
# - name: syncthing
|
# - name: syncthing
|
||||||
# uri: ~
|
# uri: ~
|
||||||
# key: ~
|
# sigkey: ~
|
||||||
# key_path: ~
|
# sources: ~
|
||||||
# src_entry: ~
|
# types: ~
|
||||||
# src_path: ~
|
# suites: ~
|
||||||
|
# comps: ~
|
||||||
userspace:
|
userspace:
|
||||||
- name: podman
|
- name: podman
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: podman-compose
|
- name: podman-compose
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: distrobox
|
- name: distrobox
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: proftpd-core
|
- name: proftpd-core
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: proftpd-doc
|
- name: proftpd-doc
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: proftpd-mod-crypto
|
- name: proftpd-mod-crypto
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: proftpd-mod-ldap
|
- name: proftpd-mod-ldap
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: proftpd-mod-sqlite
|
- name: proftpd-mod-sqlite
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: aria2
|
- name: aria2
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: syncplay-server
|
- name: syncplay-server
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: caddy
|
- name: caddy
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: erlang
|
- name: erlang
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: erlang-hex
|
- name: erlang-hex
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: elixir
|
- name: elixir
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: python3.13
|
- name: python3.13
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: python3-venv
|
- name: python3-venv
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: python3-pip
|
- name: python3-pip
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: golang
|
- name: golang
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: hugo
|
- name: hugo
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: yt-dlp
|
- name: yt-dlp
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: syncthing-discosrv
|
- name: syncthing-discosrv
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: syncthing-relaysrv
|
- name: syncthing-relaysrv
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
handler: ~
|
comps: ~
|
||||||
- name: avahi-daemon
|
|
||||||
uri: ~
|
|
||||||
key: ~
|
|
||||||
key_path: ~
|
|
||||||
src_entry: ~
|
|
||||||
src_path: ~
|
|
||||||
- name: avahi-utils
|
|
||||||
uri: ~
|
|
||||||
key: ~
|
|
||||||
key_path: ~
|
|
||||||
src_entry: ~
|
|
||||||
src_path: ~
|
|
||||||
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
|
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
|
||||||
script:
|
script:
|
||||||
# <list[<dict>]> representing user-level or supplemental shell script installations
|
# <list[<dict>]> representing user-level or supplemental shell script installations
|
||||||
|
|||||||
@@ -17,20 +17,22 @@ pkgs:
|
|||||||
mngr:
|
mngr:
|
||||||
# <list[<dict>]> representing system-level or essential packages
|
# <list[<dict>]> representing system-level or essential packages
|
||||||
core:
|
core:
|
||||||
- name: "" # <str> name of package in repositori/repositories; used by handler listener
|
- name: ""
|
||||||
uri: "" # <str> URI/URL or path to package installation file
|
uri: ""
|
||||||
key: "" # <str> URI/URL or path to package signing key
|
sigkey: ""
|
||||||
key_path: "" # <str> destination path of signing key
|
sources: ""
|
||||||
src_entry: "" # <str> repository entry line/block
|
types: ""
|
||||||
src_path: "" # <str> filepath for repository entry insertion
|
suites: ""
|
||||||
|
comps: ""
|
||||||
# <list[<dict>]> representing user-level or supplemental packages
|
# <list[<dict>]> representing user-level or supplemental packages
|
||||||
userspace:
|
userspace:
|
||||||
- name: ""
|
- name: ""
|
||||||
uri: ""
|
uri: ""
|
||||||
key: ""
|
sigkey: ""
|
||||||
key_path: ""
|
sources: ""
|
||||||
src_entry: ""
|
types: ""
|
||||||
src_path: ""
|
suites: ""
|
||||||
|
comps: ""
|
||||||
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
|
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
|
||||||
script:
|
script:
|
||||||
# <list[<dict>]> representing system-level or essential shell script software installations
|
# <list[<dict>]> representing system-level or essential shell script software installations
|
||||||
|
|||||||
@@ -38,15 +38,15 @@ admins:
|
|||||||
# <str<vault?>> hashed (and maybe salted) password
|
# <str<vault?>> hashed (and maybe salted) password
|
||||||
password: !vault |
|
password: !vault |
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
35326430616661626233643261316438323631373736323033666362353732646564366534346333
|
31663265653031323833373663653132653532646638316465393364613961643130653330393062
|
||||||
3435643432336165633832373634333864623363323461630a643366636136393031656163663161
|
6165386239303965386261363565353137636164356130370a336465353931373564393339363561
|
||||||
30313863393037623661333030383931366535626135366664656538666330613936656238653862
|
37353162333331663833656631663165356134633961323337663439663733316231666334336539
|
||||||
6232356463633565390a363331306665393832303363316432396363623361396238623064356662
|
6537373334326634610a623037613462663733343230306538386561363838316638623365636533
|
||||||
64363061613136643932613430633236313238306366363237366130623031326135393364326164
|
32313931666439363435663161663665346266653763343265376366383837376436643163376430
|
||||||
63303037376431373237616463323938623630333666356634363966613761376266346163636563
|
39393861613037333766386138376335653334363737626664383236303234653461313230383564
|
||||||
63316665653032653533656464336566626166333834653539343961666136653234356362333966
|
33393834636165386562383435666233313664656233326364616237636230303264363732376639
|
||||||
39313436363935303430393966653762326463616264373739333638373337643666623531383064
|
64396564366335366430303031323865333635306536346463386334303235386438663061343934
|
||||||
66353136383666626566643666663761313437396137383063373033366336663731
|
37376466373566396130366330383834323332626166316661336339346462343466
|
||||||
# @TODO change 'key' attributes of package entres under 'mngr' section below to 'signkey'
|
# @TODO change 'key' attributes of package entres under 'mngr' section below to 'signkey'
|
||||||
# and edit 'roles/init-server/install-pks.yml' accordngly
|
# and edit 'roles/init-server/install-pks.yml' accordngly
|
||||||
# <dict[<str>:<dict>]> package groups
|
# <dict[<str>:<dict>]> package groups
|
||||||
@@ -57,216 +57,258 @@ pkgs:
|
|||||||
core:
|
core:
|
||||||
- name: neovim
|
- name: neovim
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: flatpak
|
- name: flatpak
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: snapd
|
- name: snapd
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: git
|
- name: git
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: fail2ban
|
- name: fail2ban
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: crowdsec
|
- name: crowdsec
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sources: ~
|
||||||
key_path: ~
|
sigkey: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: glow
|
- name: glow
|
||||||
uri: ~
|
uri: ~
|
||||||
key: "https://repo.charm.sh/apt/gpg.key"
|
sigkey: "https://repo.charm.sh/apt/gpg.key"
|
||||||
key_path: /etc/apt/keyrings/charm.gpg
|
sources: "https://repo.charm.sh/apt/"
|
||||||
src_entry: "deb [signed-by=/etc/apt/keyrings/charm.gpg] https://repo.charm.sh/apt/ * *"
|
types: deb
|
||||||
src_path: /etc/apt/sources.list.d/charm.list
|
suites: "*"
|
||||||
|
comps: "*"
|
||||||
- name: vim-vimwiki
|
- name: vim-vimwiki
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: pandoc
|
- name: pandoc
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: tor
|
- name: tor
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: i2pd
|
- name: i2pd
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
- name: radicle
|
comps: ~
|
||||||
uri: ~
|
# # @TODO troubleshoot radicle installation issue or change installation method for radicle to script
|
||||||
key: "https://radicle.dev/apt/radicle-archive-keyring.deb"
|
# - name: radicle-keyring
|
||||||
key_path: "{{ ansible_facts['user_dir'] }}/.local_pkgs/"
|
# uri: "https://radicle.dev/apt/radicle-archive-keyring.deb"
|
||||||
src_entry: "deb [signed-by=/usr/share/radicle/radicle-archive-keyring.asc] https://radicle.dev/apt release main"
|
# sigkey: ~
|
||||||
src_path: /etc/apt/sources.list
|
# sources: ~
|
||||||
|
# types: ~
|
||||||
|
# suites: ~
|
||||||
|
# comps: ~
|
||||||
|
# - name: radicle
|
||||||
|
# uri: ~
|
||||||
|
# sigkey: "https://radicle.dev/apt/radicle-archive-keyring.deb"
|
||||||
|
# sources: "https://radicle.dev/apt"
|
||||||
|
# types: deb
|
||||||
|
# suites: release
|
||||||
|
# comps: main
|
||||||
# - name: syncthing
|
# - name: syncthing
|
||||||
# uri: ~
|
# uri: ~
|
||||||
# key: ~
|
# sigkey: ~
|
||||||
# key_path: ~
|
# sources: ~
|
||||||
# src_entry: ~
|
# types: ~
|
||||||
# src_path: ~
|
# suites: ~
|
||||||
|
# comps: ~
|
||||||
userspace:
|
userspace:
|
||||||
- name: podman
|
- name: podman
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: podman-compose
|
- name: podman-compose
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: distrobox
|
- name: distrobox
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: proftpd-core
|
- name: proftpd-core
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: proftpd-doc
|
- name: proftpd-doc
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: proftpd-mod-crypto
|
- name: proftpd-mod-crypto
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: proftpd-mod-ldap
|
- name: proftpd-mod-ldap
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: proftpd-mod-sqlite
|
- name: proftpd-mod-sqlite
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: aria2
|
- name: aria2
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: syncplay-server
|
- name: syncplay-server
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: caddy
|
- name: caddy
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: erlang
|
- name: erlang
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: erlang-hex
|
- name: erlang-hex
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: elixir
|
- name: elixir
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: python3.13
|
- name: python3.13
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: python3-venv
|
- name: python3-venv
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: python3-pip
|
- name: python3-pip
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: golang
|
- name: golang
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: hugo
|
- name: hugo
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: yt-dlp
|
- name: yt-dlp
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: syncthing-discosrv
|
- name: syncthing-discosrv
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
|
comps: ~
|
||||||
- name: syncthing-relaysrv
|
- name: syncthing-relaysrv
|
||||||
uri: ~
|
uri: ~
|
||||||
key: ~
|
sigkey: ~
|
||||||
key_path: ~
|
sources: ~
|
||||||
src_entry: ~
|
types: ~
|
||||||
src_path: ~
|
suites: ~
|
||||||
handler: ~
|
comps: ~
|
||||||
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
|
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
|
||||||
script:
|
script:
|
||||||
# <list[<dict>]> representing user-level or supplemental shell script installations
|
# <list[<dict>]> representing user-level or supplemental shell script installations
|
||||||
|
|||||||
@@ -18,20 +18,22 @@ pkgs:
|
|||||||
mngr:
|
mngr:
|
||||||
# <list[<dict>]> representing system-level or essential packages
|
# <list[<dict>]> representing system-level or essential packages
|
||||||
core:
|
core:
|
||||||
- name: "" # <str> name of package in repositori/repositories; used by handler listener
|
- name: ""
|
||||||
uri: "" # <str> URI/URL or path to package installation file
|
uri: ""
|
||||||
key: "" # <str> URI/URL or path to package signing key
|
sigkey: ""
|
||||||
key_path: "" # <str> destination path of signing key
|
sources: ""
|
||||||
src_entry: "" # <str> repository entry line/block
|
types: ""
|
||||||
src_path: "" # <str> filepath for repository entry insertion
|
suites: ""
|
||||||
|
comps: ""
|
||||||
# <list[<dict>]> representing user-level or supplemental packages
|
# <list[<dict>]> representing user-level or supplemental packages
|
||||||
userspace:
|
userspace:
|
||||||
- name: ""
|
- name: ""
|
||||||
uri: ""
|
uri: ""
|
||||||
key: ""
|
sigkey: ""
|
||||||
key_path: ""
|
sources: ""
|
||||||
src_entry: ""
|
types: ""
|
||||||
src_path: ""
|
suites: ""
|
||||||
|
comps: ""
|
||||||
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
|
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
|
||||||
script:
|
script:
|
||||||
# <list[<dict>]> representing system-level or essential shell script software installations
|
# <list[<dict>]> representing system-level or essential shell script software installations
|
||||||
|
|||||||
@@ -5,7 +5,7 @@
|
|||||||
when: ansible_user not in (admins | map(attribute="username") | list) and ansible_user != "root"
|
when: ansible_user not in (admins | map(attribute="username") | list) and ansible_user != "root"
|
||||||
ansible.builtin.fail:
|
ansible.builtin.fail:
|
||||||
msg: Must use administrative user for subsequent tasks
|
msg: Must use administrative user for subsequent tasks
|
||||||
- name: Hardening SSH service for the Linode VPS
|
- name: Hardening SSH service
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: sshd_config.d/harden.conf
|
src: sshd_config.d/harden.conf
|
||||||
dest: /etc/ssh/sshd_config.d/harden.conf
|
dest: /etc/ssh/sshd_config.d/harden.conf
|
||||||
|
|||||||
@@ -1,10 +1,6 @@
|
|||||||
#SPDX-License-Identifier: MIT-0
|
#SPDX-License-Identifier: MIT-0
|
||||||
---
|
---
|
||||||
# tasks file for roles/init-vps
|
# tasks file for roles/init-vps
|
||||||
- name: Checking whether administrative login used
|
|
||||||
when: ansible_user not in (admins | map(attribute="username") | list)
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: Must use administrative user for subsequent tasks
|
|
||||||
- name: Creating prerequisite directory tree for installation scripts
|
- name: Creating prerequisite directory tree for installation scripts
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ ansible_facts['user_dir'] }}/.local/bin"
|
path: "{{ ansible_facts['user_dir'] }}/.local/bin"
|
||||||
@@ -27,36 +23,17 @@
|
|||||||
when: ansible_facts["os_family"] == "Debian"
|
when: ansible_facts["os_family"] == "Debian"
|
||||||
become: true
|
become: true
|
||||||
block:
|
block:
|
||||||
- name: Registering a package signing key
|
|
||||||
when: item.key != None and item.key_path != None
|
|
||||||
ansible.builtin.get_url:
|
|
||||||
url: "{{ item.key }}"
|
|
||||||
dest: "{{ item.key_path | default('/etc/apt/keyrings/') }}"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: "644"
|
|
||||||
force: true
|
|
||||||
backup: true
|
|
||||||
loop: "{{ pkgs.mngr.core + pkgs.mngr.userspace | rejectattr('key', 'search', '\\.deb$') }}"
|
|
||||||
- name: Premature stop
|
|
||||||
ansible.builtin.meta: end_play
|
|
||||||
- name: Installing a package signing key
|
|
||||||
when: item.key != None
|
|
||||||
ansible.builtin.apt:
|
|
||||||
deb: "{{ item.key }}"
|
|
||||||
state: present
|
|
||||||
loop: "{{ pkgs.mngr.core + pkgs.mngr.userspace | selectattr('key', 'search', '\\.deb$') }}"
|
|
||||||
- name: Registering a package source
|
- name: Registering a package source
|
||||||
when: item.src_entry != None and item.src_path != None
|
when: item.sources != None
|
||||||
ansible.builtin.copy:
|
ansible.builtin.deb822_repository:
|
||||||
content: "{{ item.src_entry }}"
|
name: "{{ item.name }}"
|
||||||
dest: "{{ item.src_path }}"
|
uris: "{{ item.sources }}"
|
||||||
owner: root
|
types: "{{ item.types | default('deb') }}"
|
||||||
group: root
|
suites: "{{ item.suites | default('*') }}"
|
||||||
mode: "644"
|
components: "{{ item.comps | default('*') }}"
|
||||||
force: true
|
signed_by: "{{ item.sigkey }}"
|
||||||
backup: true
|
state: present
|
||||||
loop: "{{ pkgs.mngr.core + pkgs.mngr.userspace }}"
|
loop: "{{ ((pkgs.mngr.core | default([])) + (pkgs.mngr.userspace | default([]))) }}"
|
||||||
- name: Installing a local package in managed node
|
- name: Installing a local package in managed node
|
||||||
when: item.uri != None
|
when: item.uri != None
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
@@ -64,34 +41,35 @@
|
|||||||
update_cache: true
|
update_cache: true
|
||||||
state: present
|
state: present
|
||||||
notify: "{{ item.name }}"
|
notify: "{{ item.name }}"
|
||||||
loop: "{{ pkgs.mngr.core + pkgs.mngr.userspace | selectattr('uri', 'search', '\\.deb$') }}"
|
loop: "{{ ((pkgs.mngr.core | default([])) + (pkgs.mngr.userspace | default([]))) | selectattr('uri', 'search', '\\.deb$') }}"
|
||||||
- name: Installing a package
|
- name: Installing a package
|
||||||
when: item.name != None and item.uri == None
|
when: item.name != None and item.uri == None
|
||||||
ansible.builtin.package:
|
ansible.builtin.package:
|
||||||
name: "{{ item.name }}"
|
name: "{{ item.name }}"
|
||||||
update_cache: true
|
update_cache: true
|
||||||
state: latest
|
state: latest
|
||||||
notify: "{{ item.name }}" # @TODO create corresponding roles/init-vps handlers
|
# notify: "{{ item.name }}" # @TODO create corresponding roles/init-vps handlers
|
||||||
loop: "{{ pkgs.mngr.core + pkgs.mngr.userspace | rejectattr('uri', 'search', '\\.deb$') }}"
|
loop: "{{ ((pkgs.mngr.core | default([])) + (pkgs.mngr.userspace | default([]))) | rejectattr('uri', 'search', '\\.deb$') }}"
|
||||||
tags:
|
tags:
|
||||||
- get_mngr_pkgs
|
- get_mngr_pkgs
|
||||||
- name: Installing software by executing installation shell scripts
|
- name: Installing software by executing installation shell scripts
|
||||||
when: item.src != None
|
|
||||||
block:
|
block:
|
||||||
- name: Acquiring installation shell script
|
- name: Acquiring installation shell script
|
||||||
|
when: item.src != None
|
||||||
ansible.builtin.get_url:
|
ansible.builtin.get_url:
|
||||||
url: "{{ item.src }}"
|
url: "{{ item.src }}"
|
||||||
dest: "{{ ansible_facts['user_dir'] }}/.local/bin/{{ item.name }}-install.sh"
|
dest: "{{ ansible_facts['user_dir'] }}/.local/bin/{{ item.name }}-install.sh"
|
||||||
force: true
|
force: true
|
||||||
backup: true
|
backup: true
|
||||||
mode: "744"
|
mode: "744"
|
||||||
loop: "{{ pkgs.script.core + pkgs.script.userspace }}"
|
loop: "{{ (pkgs.script.core | default([])) + (pkgs.script.userspace | default([])) }}"
|
||||||
register: install_scripts
|
register: install_scripts
|
||||||
- name: Executing a shell-scripted installation process
|
- name: Executing a shell-scripted installation process
|
||||||
|
when: item.src != None and (((pkgs.script.core | default([])) + (pkgs.script.userspace | default([]))) | length) > 0
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.shell:
|
ansible.builtin.shell:
|
||||||
cmd: "{{ item.dest }}"
|
cmd: "{{ item.dest }}"
|
||||||
notify: "{{ (pkgs.script.core + pkgs.script.userspace)[idx].name }}"
|
notify: "{{ ((pkgs.script.core | default([])) + (pkgs.script.userspace | default([])))[idx].name }}"
|
||||||
loop: "{{ install_scripts.results }}"
|
loop: "{{ install_scripts.results }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
index_var: idx
|
index_var: idx
|
||||||
@@ -101,20 +79,22 @@
|
|||||||
- name: Installing software by building it from source archives
|
- name: Installing software by building it from source archives
|
||||||
block:
|
block:
|
||||||
- name: Acquiring software source archive
|
- name: Acquiring software source archive
|
||||||
|
when: item.src != None
|
||||||
ansible.builtin.get_url:
|
ansible.builtin.get_url:
|
||||||
url: "{{ item.src }}"
|
url: "{{ item.src }}"
|
||||||
dest: "{{ ansible_facts['user_dir'] }}/downloads/archives/"
|
dest: "{{ ansible_facts['user_dir'] }}/downloads/archives/"
|
||||||
force: true
|
force: true
|
||||||
backup: true
|
backup: true
|
||||||
mode: "644"
|
mode: "644"
|
||||||
loop: "{{ pkgs.archive.core + pkgs.archive.userspace }}"
|
loop: "{{ (pkgs.archive.core | default([])) + (pkgs.archive.userspace | default([])) }}"
|
||||||
register: archived_builds
|
register: archived_builds
|
||||||
- name: Unarchiving software build archive
|
- name: Unarchiving software build archive
|
||||||
|
when: item.dest != None and (((pkgs.script.core | default([])) + (pkgs.script.userspace | default([]))) | length) > 0
|
||||||
ansible.builtin.unarchive:
|
ansible.builtin.unarchive:
|
||||||
src: "{{ item.dest }}"
|
src: "{{ item.dest }}"
|
||||||
remote_src: true
|
remote_src: true
|
||||||
dest: "{{ ansible_facts['user_dir'] }}/downloads/archives/released/{{ (pkgs.archive.core + pkgs.archive.userspace)[idx].name }}/"
|
dest: "{{ ansible_facts['user_dir'] }}/downloads/archives/released/{{ ((pkgs.archive.core | default([])) + (pkgs.archive.userspace | default([])))[idx].name }}/"
|
||||||
notify: "{{ (pkgs.archive.core + pkgs.archive.userspace)[idx].name }}"
|
notify: "{{ ((pkgs.archive.core | default([])) + (pkgs.archive.userspace | default([])))[idx].name }}"
|
||||||
loop: "{{ archived_builds.results }}"
|
loop: "{{ archived_builds.results }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
index_var: idx
|
index_var: idx
|
||||||
@@ -123,6 +103,7 @@
|
|||||||
- name: Installing software from source git repositories
|
- name: Installing software from source git repositories
|
||||||
block:
|
block:
|
||||||
- name: Clone git bare repository
|
- name: Clone git bare repository
|
||||||
|
when: item.src != None
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
repo: "{{ item.src }}"
|
repo: "{{ item.src }}"
|
||||||
dest: "{{ ansible_facts['user_dir'] }}/repos/.foreign/{{ item.name }}"
|
dest: "{{ ansible_facts['user_dir'] }}/repos/.foreign/{{ item.name }}"
|
||||||
@@ -130,7 +111,7 @@
|
|||||||
clone: true
|
clone: true
|
||||||
single_branch: true
|
single_branch: true
|
||||||
notify: "{{ item.name }}"
|
notify: "{{ item.name }}"
|
||||||
loop: "{{ pkgs.git_repos.core + pkgs.git_repos.userspace }}"
|
loop: "{{ (pkgs.git_repos.core | default([])) + (pkgs.git_repos.userspace | default([])) }}"
|
||||||
register: installation_repos
|
register: installation_repos
|
||||||
tags:
|
tags:
|
||||||
- get_git_pkgs
|
- get_git_pkgs
|
||||||
Reference in New Issue
Block a user