From 9be8c02220f432cfc9b1de4ec0aa03d02f424b2d Mon Sep 17 00:00:00 2001 From: Alex Tavarez Date: Tue, 26 May 2026 16:07:50 -0400 Subject: [PATCH] added inventory group variables for designed host or group aliases/names --- group_vars/armitage.yml | 276 +++++++++++++++++++++++++++++++++++ group_vars/homeserver.yml | 101 +++++++++++++ group_vars/sukaato.yml | 293 ++++++++++++++++++++++++++++++++++++++ group_vars/vps.yml | 102 +++++++++++++ 4 files changed, 772 insertions(+) create mode 100644 group_vars/armitage.yml create mode 100644 group_vars/homeserver.yml create mode 100644 group_vars/sukaato.yml create mode 100644 group_vars/vps.yml diff --git a/group_vars/armitage.yml b/group_vars/armitage.yml new file mode 100644 index 0000000..37541a7 --- /dev/null +++ b/group_vars/armitage.yml @@ -0,0 +1,276 @@ +# @TODO create inventory group variables akin to structure of sukaato group's for homeserver +# > representing password for Linux root user account of VPS +password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 32333335343939653231313938666134306338356633393035363039373465386165313666383262 + 6465313738316635633332623765336563626165336330370a616634393266366430363663333066 + 63373165346236386632393866316164623133373761303262643734356433646661636533666266 + 3834643765613937300a326365643961626236386261303933643965333565623836313231346537 + 3030 +# representing hostname for LAN server; same as host or group variable name +instance: armitage +# > representing Linux distro or OS image to be used for VPS +# operating_system: "tftp://hikiki.local:69/debian.iso" +operating_system: ~ +# ]> of control node or local SSH key basenames +keys: + - id_ed25519_localhost +# > list of administrative users (in Linux, users that can use "sudo") +admins: + - username: admin # arbitrary valid user name + services: ~ # ]> if linux system user, assocated servce + # ]> list of control node or local SSH key basenames for this user + keys: "{{ keys }}" + # > hashed (and maybe salted) password + password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 34396235306630656138303939346638343135623430353666326462663131613130643061366435 + 6563616331656566626263633966633764386564383961640a656466323835616263653531323861 + 65376663363934653163313666303166376262623334343034626535356431636662366261333061 + 3866656638623631660a386666383136396238633365333465333766383766303631663336326264 + 35663339663062333162643039663430363265393163303839356664343633373630303462393735 + 37316262383335323837646265336139373238623735383134623361363136663436393162666336 + 62353462323534316531313533636461353139326466646662356233373130616633633262616539 + 37306332666338363231383537343832396432666134663462633336646330646332306634356636 + 36626166386634653537613334616538313266323866303738316430666131646333 +pkgs: + # :]> representing package groups installed by package manager via repositories + mngr: + # ]> representing system-level or essential packages + core: + - name: neovim + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: flatpak + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: snapd + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: git + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: fail2ban + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: crowdsec + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: glow + uri: ~ + key: "https://repo.charm.sh/apt/gpg.key" + key_path: /etc/apt/keyrings/charm.gpg + src_entry: "deb [signed-by=/etc/apt/keyrings/charm.gpg] https://repo.charm.sh/apt/ * *" + src_path: /etc/apt/sources.list.d/charm.list + - name: vim-vimwiki + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: pandoc + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: tor + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: i2pd + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: radicle + uri: ~ + key: "https://radicle.dev/apt/radicle-archive-keyring.deb" + key_path: "{{ ansible_facts['user_dir'] }}/.local_pkgs/" + src_entry: "deb [signed-by=/usr/share/radicle/radicle-archive-keyring.asc] https://radicle.dev/apt release main" + src_path: /etc/apt/sources.list + # - name: syncthing + # uri: ~ + # key: ~ + # key_path: ~ + # src_entry: ~ + # src_path: ~ + userspace: + - name: podman + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: podman-compose + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: distrobox + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: proftpd-core + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: proftpd-doc + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: proftpd-mod-crypto + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: proftpd-mod-ldap + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: proftpd-mod-sqlite + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: aria2 + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: syncplay-server + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: caddy + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: erlang + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: erlang-hex + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: elixir + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: python3.13 + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: golang + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: hugo + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: yt-dlp + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: syncthing-discosrv + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: syncthing-relaysrv + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + handler: ~ + # :]> representing package groups installed by shell scripts + script: + # ]> representing user-level or supplemental shell script installations + userspace: + - name: nvm + src: "https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.4/install.sh" + pre: ~ + post: ~ + - name: rustup + src: "https://sh.rustup.rs" + pre: ~ + post: ~ + - name: julia + src: "https://install.julialang.org" + pre: ~ + post: ~ + # :]> representing package groups installed from source archives + archive: + # ]> representing user-level or supplemental source archives + userspace: + - name: surge + # @NOTE https://github.com/SurgeDM/Surge + src: "https://github.com/SurgeDM/Surge/releases/download/v0.8.6/Surge_0.8.6_linux_amd64.tar.gz" + deploy: ~ + pre: ~ + post: ~ + # :]> representing package groups installed from source git repositories + git_repos: + userspace: + - name: quartz + src: "https://github.com/jackyzha0/quartz.git" + branch: main + deploy: ~ + pre: ~ + post: ~ +core_pkgs: "{{ (pkgs.mngr.core | default([])) + (pkgs.script.core | default([])) + (pkgs.archive.core | default([])) + (pkgs.git_repos.core | default([])) + (pkgs.containers.core | default([])) + (pkgs.snaps.core | default([])) + (pkgs.flatpaks.core | default([])) }}" \ No newline at end of file diff --git a/group_vars/homeserver.yml b/group_vars/homeserver.yml new file mode 100644 index 0000000..4ee5b42 --- /dev/null +++ b/group_vars/homeserver.yml @@ -0,0 +1,101 @@ +# > representing password for Linux root user account of LAN server on PC +password: "" +# > administrative API token or PXE server authentication key/password +token: ~ +# representing hostname for LAN server; same as host or group variable name +instance: "" +# > representing Linux distro or OS image to be used for VPS; can be PXE server URI/URL link +# Example-- operating_system: "tftp://hikiki.local:69/debian.iso" +operating_system: ~ +# ]> of control node or local SSH key basenames +keys: [] +# :]> package groups +pkgs: + # :]> representing package groups installed by package manager via repositories + mngr: + # ]> representing system-level or essential packages + core: + - name: "" # name of package in repositori/repositories; used by handler listener + uri: "" # URI/URL or path to package installation file + key: "" # URI/URL or path to package signing key + key_path: "" # destination path of signing key + src_entry: "" # repository entry line/block + src_path: "" # filepath for repository entry insertion + # ]> representing user-level or supplemental packages + userspace: + - name: "" + uri: "" + key: "" + key_path: "" + src_entry: "" + src_path: "" + # :]> representing package groups installed by shell scripts + script: + # ]> representing system-level or essential shell script software installations + core: + - name: "" # arbitrary name, used by handler listener + src: "" # URI/URL or path to software installation shell script + pre: "" # URI/URL or path to shell script, or name of handler listener, for pre-installation actions + post: "" # URI/URL or path to shell script, or name of handler listener, for post-installation actions + # ]> representing user-level or supplemental shell script software installations + userspace: + - name: "" + src: "" + pre: "" + post: "" + # :]> representing package groups installed from source archives + archive: + # ]> representing system-level or essential source archives + core: + - name: "" # arbitrary name, used by handler listener + src: "" # URI/URL or path of archive file for software build + deploy: "" # URI/URL or path to shell script, or handler listener name, to build software from archive + pre: "" # URI/URL or path to shell script, or handler listener name, for actions to take before software build + post: "" # URI/URL or path to shell script, or handler listener name, for actions to take after software build + # ]> representing user-level or supplemental source archives + userspace: + - name: "" + src: "" + deploy: "" + pre: "" + post: "" + # :]> representing package groups installed from source git repositories + git_repos: + # ]> representing system-level or essential git repositories + core: + - name: "" # arbitrary name, used by handler listener + src: "" # URI/URL or path of git repository + src_path: "" # path in which to place git repository clone + branch: "" # specific branch to pull or otherwise to swtich into + deploy: "" # URI/URL or path to shell script, or handler listener name, to build or run from source repository + pre: "" # URI/URL or path to shell script, or handler listener name, for actions to take before building or running from source repository + post: "" # URI/URL or path to shell script, or handler listener name, for actions to take after building or running from source repository + # ]> representing user-level or supplemental git repositories + userspace: + - name: "" # arbitrary name, used by handler listener + src: "" # URI/URL or path of git repository + src_path: "" # path in which to place git repository clone + remote: "" # the name of the remote source of the git repository + branch: "" # specific branch to pull or otherwise to swtich into + deploy: "" # URI/URL or path to shell script, or handler listener name, to build or run from source repository + pre: "" # URI/URL or path to shell script, or handler listener name, for actions to take before building or running from source repository + post: "" # URI/URL or path to shell script, or handler listener name, for actions to take after building or running from source repository + # :]> representing package groups installed via container engine + containers: + # ]> representing system-level or essential container images + core: [] + # ]> representing user-level or supplemental container images + userspace: [] + # :]> representing package groups installed via snap package + snaps: + # ]> representing system-level or essential packages + core: [] + # ]> representing user-level or supplemental packages + userspace: [] + # :]> representing flatpak groups installed via flatpak package + flatpaks: + # ]> representing system-level or essential flatpaks + core: [] + # ]> representing user-level or supplemental flatpaks + userspace: [] +core_pkgs: [] # @TODO document this \ No newline at end of file diff --git a/group_vars/sukaato.yml b/group_vars/sukaato.yml new file mode 100644 index 0000000..158de92 --- /dev/null +++ b/group_vars/sukaato.yml @@ -0,0 +1,293 @@ +# > representing password for Linux root user account of VPS +password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 66353462633933306537323461663665643234306166366663653163306436333037313032306338 + 3762653037396437633835356630656438623163656536310a306163663234383265386133396634 + 34363163343766623739646334643031373239373630663731376239333764346531396363636131 + 6163343335356337660a366337336632333236326532373032353332333636366638616265356562 + 66616534303035386134623535373935373065326539363065623230633034313433 +# > representing API token for VPS cloud service +token: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 33333839333337323062326231626534616166646666343261343966636464346630363033653130 + 3035653864396363376633346362353239643939663462370a323935353061313563336435366331 + 30393463653661326539326234646438663133616634663439303932656137633839656533376433 + 3666643635613039390a323138393033623131326438616331386539666333613630316263613636 + 66663263373665343662393638623064356234646165343835623966643761333562323132396466 + 63363436333463653130323531343139316466316131313031343232343039396261616231376232 + 66383938333661363532303166306563396634663132396166646132663131373738396131626633 + 34393265343061356531 +# representing name and hostname of VPS to be made in VPS cloud service +instance: sukaato +# > representing region options from or for given VPS cloud service +origin: us-east +# > representing Linux distro or OS image available in VPS service to be used for VPS +operating_system: linode/debian13 +# ]> list of control node or local SSH key basenames for root user +keys: + - id_ecdsa-sha2_sukaato_miniyubikey + - id_ecdsa-sha2_sukaato_yubikey +# > list of administrative users (in Linux, users that can use "sudo") +admins: + - username: senpai # arbitrary valid user name + services: ~ # ]> if linux system user, assocated servce + # ]> list of control node or local SSH key basenames for this user + keys: + - id_ed25519_sukaato_yubikey + - id_ed25519_sukaato_miniyubikey + # > hashed (and maybe salted) password + password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 35326430616661626233643261316438323631373736323033666362353732646564366534346333 + 3435643432336165633832373634333864623363323461630a643366636136393031656163663161 + 30313863393037623661333030383931366535626135366664656538666330613936656238653862 + 6232356463633565390a363331306665393832303363316432396363623361396238623064356662 + 64363061613136643932613430633236313238306366363237366130623031326135393364326164 + 63303037376431373237616463323938623630333666356634363966613761376266346163636563 + 63316665653032653533656464336566626166333834653539343961666136653234356362333966 + 39313436363935303430393966653762326463616264373739333638373337643666623531383064 + 66353136383666626566643666663761313437396137383063373033366336663731 +# :]> package groups +pkgs: + # :]> representing package groups installed by package manager via repositories + mngr: + # ]> representing system-level or essential packages + core: + - name: neovim + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: flatpak + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: snapd + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: git + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: fail2ban + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: crowdsec + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: glow + uri: ~ + key: "https://repo.charm.sh/apt/gpg.key" + key_path: /etc/apt/keyrings/charm.gpg + src_entry: "deb [signed-by=/etc/apt/keyrings/charm.gpg] https://repo.charm.sh/apt/ * *" + src_path: /etc/apt/sources.list.d/charm.list + - name: vim-vimwiki + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: pandoc + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: tor + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: i2pd + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: radicle + uri: ~ + key: "https://radicle.dev/apt/radicle-archive-keyring.deb" + key_path: "{{ ansible_facts['user_dir'] }}/.local_pkgs/" + src_entry: "deb [signed-by=/usr/share/radicle/radicle-archive-keyring.asc] https://radicle.dev/apt release main" + src_path: /etc/apt/sources.list + # - name: syncthing + # uri: ~ + # key: ~ + # key_path: ~ + # src_entry: ~ + # src_path: ~ + userspace: + - name: podman + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: podman-compose + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: distrobox + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: proftpd-core + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: proftpd-doc + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: proftpd-mod-crypto + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: proftpd-mod-ldap + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: proftpd-mod-sqlite + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: aria2 + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: syncplay-server + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: caddy + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: erlang + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: erlang-hex + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: elixir + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: python3.13 + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: golang + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: hugo + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: yt-dlp + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: syncthing-discosrv + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + - name: syncthing-relaysrv + uri: ~ + key: ~ + key_path: ~ + src_entry: ~ + src_path: ~ + handler: ~ + # :]> representing package groups installed by shell scripts + script: + # ]> representing user-level or supplemental shell script installations + userspace: + - name: nodejs + src: "https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.4/install.sh" + pre: ~ + post: ~ + - name: rustup + src: "https://sh.rustup.rs" + pre: ~ + post: ~ + - name: julia + src: "https://install.julialang.org" + pre: ~ + post: ~ + # :]> representing package groups installed from source archives + archive: + # ]> representing user-level or supplemental source archives + userspace: + - name: surge + # @NOTE https://github.com/SurgeDM/Surge + src: "https://github.com/SurgeDM/Surge/releases/download/v0.8.6/Surge_0.8.6_linux_amd64.tar.gz" + deploy: ~ + pre: ~ + post: ~ + # :]> representing package groups installed from source git repositories + git_repos: + userspace: + - name: quartz + src: "https://github.com/jackyzha0/quartz.git" + src_path: "{{ ansible_facts['user_dir'] }}/repos/" + remote: origin + branch: main + deploy: ~ + pre: ~ + post: ~ +core_pkgs: "{{ (pkgs.mngr.core | default([])) + (pkgs.script.core | default([])) + (pkgs.archive.core | default([])) + (pkgs.git_repos.core | default([])) + (pkgs.containers.core | default([])) + (pkgs.snaps.core | default([])) + (pkgs.flatpaks.core | default([])) }}" \ No newline at end of file diff --git a/group_vars/vps.yml b/group_vars/vps.yml new file mode 100644 index 0000000..118ef81 --- /dev/null +++ b/group_vars/vps.yml @@ -0,0 +1,102 @@ +# > representing password for Linux root user account of VPS +password: "" +# > representing API token for VPS cloud service +token: "" +# representing name and hostname of VPS to be made in VPS cloud service +instance: "" +# > representing region options from or for given VPS cloud service +origin: "" +# > representing Linux distro or OS image available in VPS service to be used for VPS +operating_system: ~ +# ]> of control node or local SSH key basenames +keys: [] +# :]> package groups +pkgs: + # :]> representing package groups installed by package manager via repositories + mngr: + # ]> representing system-level or essential packages + core: + - name: "" # name of package in repositori/repositories; used by handler listener + uri: "" # URI/URL or path to package installation file + key: "" # URI/URL or path to package signing key + key_path: "" # destination path of signing key + src_entry: "" # repository entry line/block + src_path: "" # filepath for repository entry insertion + # ]> representing user-level or supplemental packages + userspace: + - name: "" + uri: "" + key: "" + key_path: "" + src_entry: "" + src_path: "" + # :]> representing package groups installed by shell scripts + script: + # ]> representing system-level or essential shell script software installations + core: + - name: "" # arbitrary name, used by handler listener + src: "" # URI/URL or path to software installation shell script + pre: "" # URI/URL or path to shell script, or name of handler listener, for pre-installation actions + post: "" # URI/URL or path to shell script, or name of handler listener, for post-installation actions + # ]> representing user-level or supplemental shell script software installations + userspace: + - name: "" + src: "" + pre: "" + post: "" + # :]> representing package groups installed from source archives + archive: + # ]> representing system-level or essential source archives + core: + - name: "" # arbitrary name, used by handler listener + src: "" # URI/URL or path of archive file for software build + deploy: "" # URI/URL or path to shell script, or handler listener name, to build software from archive + pre: "" # URI/URL or path to shell script, or handler listener name, for actions to take before software build + post: "" # URI/URL or path to shell script, or handler listener name, for actions to take after software build + # ]> representing user-level or supplemental source archives + userspace: + - name: "" + src: "" + deploy: "" + pre: "" + post: "" + # :]> representing package groups installed from source git repositories + git_repos: + # ]> representing system-level or essential git repositories + core: + - name: "" # arbitrary name, used by handler listener + src: "" # URI/URL or path of git repository + src_path: "" # path in which to place git repository clone + branch: "" # specific branch to pull or otherwise to swtich into + deploy: "" # URI/URL or path to shell script, or handler listener name, to build or run from source repository + pre: "" # URI/URL or path to shell script, or handler listener name, for actions to take before building or running from source repository + post: "" # URI/URL or path to shell script, or handler listener name, for actions to take after building or running from source repository + # ]> representing user-level or supplemental git repositories + userspace: + - name: "" # arbitrary name, used by handler listener + src: "" # URI/URL or path of git repository + src_path: "" # path in which to place git repository clone + remote: "" # the name of the remote source of the git repository + branch: "" # specific branch to pull or otherwise to swtich into + deploy: "" # URI/URL or path to shell script, or handler listener name, to build or run from source repository + pre: "" # URI/URL or path to shell script, or handler listener name, for actions to take before building or running from source repository + post: "" # URI/URL or path to shell script, or handler listener name, for actions to take after building or running from source repository + # :]> representing container image groups installed via container engine + containers: + # ]> representing system-level or essential container images + core: [] + # ]> representing user-level or supplemental container images + userspace: [] + # :]> representing package groups installed via snap package + snaps: + # ]> representing system-level or essential packages + core: [] + # ]> representing user-level or supplemental packages + userspace: [] + # :]> representing flatpak groups installed via flatpak package + flatpaks: + # ]> representing system-level or essential flatpaks + core: [] + # ]> representing user-level or supplemental flatpaks + userspace: [] +core_pkgs: [] # @TODO document this \ No newline at end of file