admin/skato-ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 3 Releases Wiki Activity

added inventory group variables for designed host or group aliases/names

Browse Source
This commit is contained in:
xenobyte
2026-05-26 16:07:50 -04:00
parent ba5aa5e8d4
commit 9be8c02220
4 changed files with 772 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

276
group_vars/armitage.yml Normal file
View File

@@ -0,0 +1,276 @@
# @TODO create inventory group variables akin to structure of sukaato group's for homeserver
# <str<vault>> representing password for Linux root user account of VPS
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
32333335343939653231313938666134306338356633393035363039373465386165313666383262
6465313738316635633332623765336563626165336330370a616634393266366430363663333066
63373165346236386632393866316164623133373761303262643734356433646661636533666266
3834643765613937300a326365643961626236386261303933643965333565623836313231346537
3030
# <str> representing hostname for LAN server; same as host or group variable name
instance: armitage
# <str<enum>> representing Linux distro or OS image to be used for VPS
# operating_system: "tftp://hikiki.local:69/debian.iso"
operating_system: ~
# <list[<str>]> of control node or local SSH key basenames
keys:
- id_ed25519_localhost
# <list<dict>> list of administrative users (in Linux, users that can use "sudo")
admins:
- username: admin # <str> arbitrary valid user name
services: ~ # <list[<str>]> if linux system user, assocated servce
# <list[<str>]> list of control node or local SSH key basenames for this user
keys: "{{ keys }}"
# <str<vault?>> hashed (and maybe salted) password
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
34396235306630656138303939346638343135623430353666326462663131613130643061366435
6563616331656566626263633966633764386564383961640a656466323835616263653531323861
65376663363934653163313666303166376262623334343034626535356431636662366261333061
3866656638623631660a386666383136396238633365333465333766383766303631663336326264
35663339663062333162643039663430363265393163303839356664343633373630303462393735
37316262383335323837646265336139373238623735383134623361363136663436393162666336
62353462323534316531313533636461353139326466646662356233373130616633633262616539
37306332666338363231383537343832396432666134663462633336646330646332306634356636
36626166386634653537613334616538313266323866303738316430666131646333
pkgs:
# <dict[<str>:<dict>]> representing package groups installed by package manager via repositories
mngr:
# <list[<dict>]> representing system-level or essential packages
core:
- name: neovim
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: flatpak
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: snapd
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: git
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: fail2ban
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: crowdsec
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: glow
uri: ~
key: "https://repo.charm.sh/apt/gpg.key"
key_path: /etc/apt/keyrings/charm.gpg
src_entry: "deb [signed-by=/etc/apt/keyrings/charm.gpg] https://repo.charm.sh/apt/ * *"
src_path: /etc/apt/sources.list.d/charm.list
- name: vim-vimwiki
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: pandoc
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: tor
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: i2pd
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: radicle
uri: ~
key: "https://radicle.dev/apt/radicle-archive-keyring.deb"
key_path: "{{ ansible_facts['user_dir'] }}/.local_pkgs/"
src_entry: "deb [signed-by=/usr/share/radicle/radicle-archive-keyring.asc] https://radicle.dev/apt release main"
src_path: /etc/apt/sources.list
# - name: syncthing
# uri: ~
# key: ~
# key_path: ~
# src_entry: ~
# src_path: ~
userspace:
- name: podman
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: podman-compose
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: distrobox
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: proftpd-core
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: proftpd-doc
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: proftpd-mod-crypto
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: proftpd-mod-ldap
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: proftpd-mod-sqlite
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: aria2
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: syncplay-server
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: caddy
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: erlang
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: erlang-hex
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: elixir
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: python3.13
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: golang
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: hugo
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: yt-dlp
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: syncthing-discosrv
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: syncthing-relaysrv
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
handler: ~
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
script:
# <list[<dict>]> representing user-level or supplemental shell script installations
userspace:
- name: nvm
src: "https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.4/install.sh"
pre: ~
post: ~
- name: rustup
src: "https://sh.rustup.rs"
pre: ~
post: ~
- name: julia
src: "https://install.julialang.org"
pre: ~
post: ~
# <dict[<str>:<dict>]> representing package groups installed from source archives
archive:
# <list[<dict>]> representing user-level or supplemental source archives
userspace:
- name: surge
# @NOTE https://github.com/SurgeDM/Surge
src: "https://github.com/SurgeDM/Surge/releases/download/v0.8.6/Surge_0.8.6_linux_amd64.tar.gz"
deploy: ~
pre: ~
post: ~
# <dict[<str>:<dict>]> representing package groups installed from source git repositories
git_repos:
userspace:
- name: quartz
src: "https://github.com/jackyzha0/quartz.git"
branch: main
deploy: ~
pre: ~
post: ~
core_pkgs: "{{ (pkgs.mngr.core | default([])) + (pkgs.script.core | default([])) + (pkgs.archive.core | default([])) + (pkgs.git_repos.core | default([])) + (pkgs.containers.core | default([])) + (pkgs.snaps.core | default([])) + (pkgs.flatpaks.core | default([])) }}"

101
group_vars/homeserver.yml Normal file
View File

@@ -0,0 +1,101 @@
# <str<vault>> representing password for Linux root user account of LAN server on PC
password: ""
# <str<vault>> administrative API token or PXE server authentication key/password
token: ~
# <str> representing hostname for LAN server; same as host or group variable name
instance: ""
# <str<enum>> representing Linux distro or OS image to be used for VPS; can be PXE server URI/URL link
# Example-- operating_system: "tftp://hikiki.local:69/debian.iso"
operating_system: ~
# <list[<str>]> of control node or local SSH key basenames
keys: []
# <dict[<str>:<dict>]> package groups
pkgs:
# <dict[<str>:<dict>]> representing package groups installed by package manager via repositories
mngr:
# <list[<dict>]> representing system-level or essential packages
core:
- name: "" # <str> name of package in repositori/repositories; used by handler listener
uri: "" # <str> URI/URL or path to package installation file
key: "" # <str> URI/URL or path to package signing key
key_path: "" # <str> destination path of signing key
src_entry: "" # <str> repository entry line/block
src_path: "" # <str> filepath for repository entry insertion
# <list[<dict>]> representing user-level or supplemental packages
userspace:
- name: ""
uri: ""
key: ""
key_path: ""
src_entry: ""
src_path: ""
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
script:
# <list[<dict>]> representing system-level or essential shell script software installations
core:
- name: "" # <str> arbitrary name, used by handler listener
src: "" # <str> URI/URL or path to software installation shell script
pre: "" # <str> URI/URL or path to shell script, or name of handler listener, for pre-installation actions
post: "" # <str> URI/URL or path to shell script, or name of handler listener, for post-installation actions
# <list[<dict>]> representing user-level or supplemental shell script software installations
userspace:
- name: ""
src: ""
pre: ""
post: ""
# <dict[<str>:<dict>]> representing package groups installed from source archives
archive:
# <list[<dict>]> representing system-level or essential source archives
core:
- name: "" # <str> arbitrary name, used by handler listener
src: "" # <str> URI/URL or path of archive file for software build
deploy: "" # <str> URI/URL or path to shell script, or handler listener name, to build software from archive
pre: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take before software build
post: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take after software build
# <list[<dict>]> representing user-level or supplemental source archives
userspace:
- name: ""
src: ""
deploy: ""
pre: ""
post: ""
# <dict[<str>:<dict>]> representing package groups installed from source git repositories
git_repos:
# <list[<dict>]> representing system-level or essential git repositories
core:
- name: "" # <str> arbitrary name, used by handler listener
src: "" # <str> URI/URL or path of git repository
src_path: "" # <str> path in which to place git repository clone
branch: "" # <str> specific branch to pull or otherwise to swtich into
deploy: "" # <str> URI/URL or path to shell script, or handler listener name, to build or run from source repository
pre: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take before building or running from source repository
post: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take after building or running from source repository
# <list[<dict>]> representing user-level or supplemental git repositories
userspace:
- name: "" # <str> arbitrary name, used by handler listener
src: "" # <str> URI/URL or path of git repository
src_path: "" # <str> path in which to place git repository clone
remote: "" # <str> the name of the remote source of the git repository
branch: "" # <str> specific branch to pull or otherwise to swtich into
deploy: "" # <str> URI/URL or path to shell script, or handler listener name, to build or run from source repository
pre: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take before building or running from source repository
post: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take after building or running from source repository
# <dict[<str>:<dict>]> representing package groups installed via container engine
containers:
# <list[<dict>]> representing system-level or essential container images
core: []
# <list[<dict>]> representing user-level or supplemental container images
userspace: []
# <dict[<str>:<dict>]> representing package groups installed via snap package
snaps:
# <list[<dict>]> representing system-level or essential packages
core: []
# <list[<dict>]> representing user-level or supplemental packages
userspace: []
# <dict[<str>:<dict>]> representing flatpak groups installed via flatpak package
flatpaks:
# <list[<dict>]> representing system-level or essential flatpaks
core: []
# <list[<dict>]> representing user-level or supplemental flatpaks
userspace: []
core_pkgs: [] # @TODO document this

293
group_vars/sukaato.yml Normal file
View File

@@ -0,0 +1,293 @@
# <str<vault>> representing password for Linux root user account of VPS
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
66353462633933306537323461663665643234306166366663653163306436333037313032306338
3762653037396437633835356630656438623163656536310a306163663234383265386133396634
34363163343766623739646334643031373239373630663731376239333764346531396363636131
6163343335356337660a366337336632333236326532373032353332333636366638616265356562
66616534303035386134623535373935373065326539363065623230633034313433
# <str<vault>> representing API token for VPS cloud service
token: !vault |
$ANSIBLE_VAULT;1.1;AES256
33333839333337323062326231626534616166646666343261343966636464346630363033653130
3035653864396363376633346362353239643939663462370a323935353061313563336435366331
30393463653661326539326234646438663133616634663439303932656137633839656533376433
3666643635613039390a323138393033623131326438616331386539666333613630316263613636
66663263373665343662393638623064356234646165343835623966643761333562323132396466
63363436333463653130323531343139316466316131313031343232343039396261616231376232
66383938333661363532303166306563396634663132396166646132663131373738396131626633
34393265343061356531
# <str> representing name and hostname of VPS to be made in VPS cloud service
instance: sukaato
# <str<enum>> representing region options from or for given VPS cloud service
origin: us-east
# <str<enum>> representing Linux distro or OS image available in VPS service to be used for VPS
operating_system: linode/debian13
# <list[<str>]> list of control node or local SSH key basenames for root user
keys:
- id_ecdsa-sha2_sukaato_miniyubikey
- id_ecdsa-sha2_sukaato_yubikey
# <list<dict>> list of administrative users (in Linux, users that can use "sudo")
admins:
- username: senpai # <str> arbitrary valid user name
services: ~ # <list[<str>]> if linux system user, assocated servce
# <list[<str>]> list of control node or local SSH key basenames for this user
keys:
- id_ed25519_sukaato_yubikey
- id_ed25519_sukaato_miniyubikey
# <str<vault?>> hashed (and maybe salted) password
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
35326430616661626233643261316438323631373736323033666362353732646564366534346333
3435643432336165633832373634333864623363323461630a643366636136393031656163663161
30313863393037623661333030383931366535626135366664656538666330613936656238653862
6232356463633565390a363331306665393832303363316432396363623361396238623064356662
64363061613136643932613430633236313238306366363237366130623031326135393364326164
63303037376431373237616463323938623630333666356634363966613761376266346163636563
63316665653032653533656464336566626166333834653539343961666136653234356362333966
39313436363935303430393966653762326463616264373739333638373337643666623531383064
66353136383666626566643666663761313437396137383063373033366336663731
# <dict[<str>:<dict>]> package groups
pkgs:
# <dict[<str>:<dict>]> representing package groups installed by package manager via repositories
mngr:
# <list[<dict>]> representing system-level or essential packages
core:
- name: neovim
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: flatpak
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: snapd
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: git
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: fail2ban
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: crowdsec
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: glow
uri: ~
key: "https://repo.charm.sh/apt/gpg.key"
key_path: /etc/apt/keyrings/charm.gpg
src_entry: "deb [signed-by=/etc/apt/keyrings/charm.gpg] https://repo.charm.sh/apt/ * *"
src_path: /etc/apt/sources.list.d/charm.list
- name: vim-vimwiki
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: pandoc
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: tor
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: i2pd
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: radicle
uri: ~
key: "https://radicle.dev/apt/radicle-archive-keyring.deb"
key_path: "{{ ansible_facts['user_dir'] }}/.local_pkgs/"
src_entry: "deb [signed-by=/usr/share/radicle/radicle-archive-keyring.asc] https://radicle.dev/apt release main"
src_path: /etc/apt/sources.list
# - name: syncthing
# uri: ~
# key: ~
# key_path: ~
# src_entry: ~
# src_path: ~
userspace:
- name: podman
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: podman-compose
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: distrobox
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: proftpd-core
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: proftpd-doc
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: proftpd-mod-crypto
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: proftpd-mod-ldap
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: proftpd-mod-sqlite
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: aria2
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: syncplay-server
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: caddy
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: erlang
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: erlang-hex
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: elixir
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: python3.13
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: golang
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: hugo
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: yt-dlp
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: syncthing-discosrv
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
- name: syncthing-relaysrv
uri: ~
key: ~
key_path: ~
src_entry: ~
src_path: ~
handler: ~
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
script:
# <list[<dict>]> representing user-level or supplemental shell script installations
userspace:
- name: nodejs
src: "https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.4/install.sh"
pre: ~
post: ~
- name: rustup
src: "https://sh.rustup.rs"
pre: ~
post: ~
- name: julia
src: "https://install.julialang.org"
pre: ~
post: ~
# <dict[<str>:<dict>]> representing package groups installed from source archives
archive:
# <list[<dict>]> representing user-level or supplemental source archives
userspace:
- name: surge
# @NOTE https://github.com/SurgeDM/Surge
src: "https://github.com/SurgeDM/Surge/releases/download/v0.8.6/Surge_0.8.6_linux_amd64.tar.gz"
deploy: ~
pre: ~
post: ~
# <dict[<str>:<dict>]> representing package groups installed from source git repositories
git_repos:
userspace:
- name: quartz
src: "https://github.com/jackyzha0/quartz.git"
src_path: "{{ ansible_facts['user_dir'] }}/repos/"
remote: origin
branch: main
deploy: ~
pre: ~
post: ~
core_pkgs: "{{ (pkgs.mngr.core | default([])) + (pkgs.script.core | default([])) + (pkgs.archive.core | default([])) + (pkgs.git_repos.core | default([])) + (pkgs.containers.core | default([])) + (pkgs.snaps.core | default([])) + (pkgs.flatpaks.core | default([])) }}"

102
group_vars/vps.yml Normal file
View File

@@ -0,0 +1,102 @@
# <str<vault>> representing password for Linux root user account of VPS
password: ""
# <str<vault>> representing API token for VPS cloud service
token: ""
# <str> representing name and hostname of VPS to be made in VPS cloud service
instance: ""
# <str<enum>> representing region options from or for given VPS cloud service
origin: ""
# <str<enum>> representing Linux distro or OS image available in VPS service to be used for VPS
operating_system: ~
# <list[<str>]> of control node or local SSH key basenames
keys: []
# <dict[<str>:<dict>]> package groups
pkgs:
# <dict[<str>:<dict>]> representing package groups installed by package manager via repositories
mngr:
# <list[<dict>]> representing system-level or essential packages
core:
- name: "" # <str> name of package in repositori/repositories; used by handler listener
uri: "" # <str> URI/URL or path to package installation file
key: "" # <str> URI/URL or path to package signing key
key_path: "" # <str> destination path of signing key
src_entry: "" # <str> repository entry line/block
src_path: "" # <str> filepath for repository entry insertion
# <list[<dict>]> representing user-level or supplemental packages
userspace:
- name: ""
uri: ""
key: ""
key_path: ""
src_entry: ""
src_path: ""
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
script:
# <list[<dict>]> representing system-level or essential shell script software installations
core:
- name: "" # <str> arbitrary name, used by handler listener
src: "" # <str> URI/URL or path to software installation shell script
pre: "" # <str> URI/URL or path to shell script, or name of handler listener, for pre-installation actions
post: "" # <str> URI/URL or path to shell script, or name of handler listener, for post-installation actions
# <list[<dict>]> representing user-level or supplemental shell script software installations
userspace:
- name: ""
src: ""
pre: ""
post: ""
# <dict[<str>:<dict>]> representing package groups installed from source archives
archive:
# <list[<dict>]> representing system-level or essential source archives
core:
- name: "" # <str> arbitrary name, used by handler listener
src: "" # <str> URI/URL or path of archive file for software build
deploy: "" # <str> URI/URL or path to shell script, or handler listener name, to build software from archive
pre: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take before software build
post: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take after software build
# <list[<dict>]> representing user-level or supplemental source archives
userspace:
- name: ""
src: ""
deploy: ""
pre: ""
post: ""
# <dict[<str>:<dict>]> representing package groups installed from source git repositories
git_repos:
# <list[<dict>]> representing system-level or essential git repositories
core:
- name: "" # <str> arbitrary name, used by handler listener
src: "" # <str> URI/URL or path of git repository
src_path: "" # <str> path in which to place git repository clone
branch: "" # <str> specific branch to pull or otherwise to swtich into
deploy: "" # <str> URI/URL or path to shell script, or handler listener name, to build or run from source repository
pre: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take before building or running from source repository
post: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take after building or running from source repository
# <list[<dict>]> representing user-level or supplemental git repositories
userspace:
- name: "" # <str> arbitrary name, used by handler listener
src: "" # <str> URI/URL or path of git repository
src_path: "" # <str> path in which to place git repository clone
remote: "" # <str> the name of the remote source of the git repository
branch: "" # <str> specific branch to pull or otherwise to swtich into
deploy: "" # <str> URI/URL or path to shell script, or handler listener name, to build or run from source repository
pre: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take before building or running from source repository
post: "" # <str> URI/URL or path to shell script, or handler listener name, for actions to take after building or running from source repository
# <dict[<str>:<dict>]> representing container image groups installed via container engine
containers:
# <list[<dict>]> representing system-level or essential container images
core: []
# <list[<dict>]> representing user-level or supplemental container images
userspace: []
# <dict[<str>:<dict>]> representing package groups installed via snap package
snaps:
# <list[<dict>]> representing system-level or essential packages
core: []
# <list[<dict>]> representing user-level or supplemental packages
userspace: []
# <dict[<str>:<dict>]> representing flatpak groups installed via flatpak package
flatpaks:
# <list[<dict>]> representing system-level or essential flatpaks
core: []
# <list[<dict>]> representing user-level or supplemental flatpaks
userspace: []
core_pkgs: [] # @TODO document this