From a16351985f12c21353aa8093dfe62ab2711567d8 Mon Sep 17 00:00:00 2001 From: Alex Tavarez Date: Wed, 10 Jun 2026 13:52:29 -0400 Subject: [PATCH] changed passwords, added packages, moved some packages to different package groups for different instasllation approach by plays or role tasks --- group_vars/armitage.yml | 330 ++++++++++++++++++++++++++++++++++------ 1 file changed, 280 insertions(+), 50 deletions(-) diff --git a/group_vars/armitage.yml b/group_vars/armitage.yml index 186dbad..1dea9c7 100644 --- a/group_vars/armitage.yml +++ b/group_vars/armitage.yml @@ -18,7 +18,7 @@ ssh_keys: - ecdsa@sukaato.hikiki # > list of administrative users (in Linux, users that can use "sudo") admins: - - username: admin # arbitrary valid user name + - username: senpai # arbitrary valid user name services: ~ # ]> if linux system user, assocated servce # ]> list of control node or local SSH key basenames for this user ssh_keys: @@ -27,37 +27,70 @@ admins: # > hashed (and maybe salted) password password: !vault | $ANSIBLE_VAULT;1.1;AES256 - 31663265653031323833373663653132653532646638316465393364613961643130653330393062 - 6165386239303965386261363565353137636164356130370a336465353931373564393339363561 - 37353162333331663833656631663165356134633961323337663439663733316231666334336539 - 6537373334326634610a623037613462663733343230306538386561363838316638623365636533 - 32313931666439363435663161663665346266653763343265376366383837376436643163376430 - 39393861613037333766386138376335653334363737626664383236303234653461313230383564 - 33393834636165386562383435666233313664656233326364616237636230303264363732376639 - 64396564366335366430303031323865333635306536346463386334303235386438663061343934 - 37376466373566396130366330383834323332626166316661336339346462343466 -# @TODO change 'key' attributes of package entres under 'mngr' section below to 'signkey' -# and edit 'roles/init-server/install-pks.yml' accordngly + 34636132613365646330653431653236303563623464316638643439373761366564663264613738 + 3033343264373264333362616434333465323439653134340a643066663832353965313434386639 + 38366263646638353632656431366638393939623537326233306132306436363338373161643433 + 3439653833333164390a303430616561356464393030353433303738383730643330323031373432 + 62386231653339616436383837383966643539353036353034363132633539643332386131613537 + 31356230383561663735363530393562363237343166323635666665386165633130653864646238 + 39323735386161646531323335393639353630376136663063393930326434346435343937623336 + 33336132663238326662323536326638333139313535373166636363336366663962373936383536 + 62303536363939316563646630633064306364366331623665646533633065336236 # :]> package groups pkgs: # :]> representing package groups installed by package manager via repositories mngr: # ]> representing system-level or essential packages core: - - name: neovim + - name: sudo + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: kitty-terminfo + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: whois + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: vim uri: ~ sources: ~ sigkey: ~ types: ~ suites: ~ comps: ~ - - name: flatpak + - name: vim-vimwiki uri: ~ - sources: ~ sigkey: ~ + sources: ~ types: ~ suites: ~ comps: ~ + - name: vim-doc + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + # - name: flatpak + # uri: ~ + # sources: ~ + # sigkey: ~ + # types: ~ + # suites: ~ + # comps: ~ - name: snapd uri: ~ sources: ~ @@ -72,6 +105,27 @@ pkgs: types: ~ suites: ~ comps: ~ + - name: git-delta + uri: ~ + sources: ~ + sigkey: ~ + types: ~ + suites: ~ + comps: ~ + - name: git-doc + uri: ~ + sources: ~ + sigkey: ~ + types: ~ + suites: ~ + comps: ~ + - name: git-man + uri: ~ + sources: ~ + sigkey: ~ + types: ~ + suites: ~ + comps: ~ - name: fail2ban uri: ~ sources: ~ @@ -93,13 +147,6 @@ pkgs: types: deb suites: "*" comps: "*" - - name: vim-vimwiki - uri: ~ - sigkey: ~ - sources: ~ - types: ~ - suites: ~ - comps: ~ - name: pandoc uri: ~ sigkey: ~ @@ -121,29 +168,175 @@ pkgs: types: ~ suites: ~ comps: ~ - # # @TODO troubleshoot radicle installation issue or change installation method for radicle to script - # - name: radicle-keyring - # uri: "https://radicle.dev/apt/radicle-archive-keyring.deb" - # sigkey: ~ - # sources: ~ - # types: ~ - # suites: ~ - # comps: ~ - # - name: radicle - # uri: ~ - # sigkey: "https://radicle.dev/apt/radicle-archive-keyring.deb" - # sources: "https://radicle.dev/apt" - # types: deb - # suites: release - # comps: main - # - name: syncthing - # uri: ~ - # sigkey: ~ - # sources: ~ - # types: ~ - # suites: ~ - # comps: ~ + - name: curl + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: build-essential + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: fastfetch + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: gcc + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: gcc-doc + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: dpkg-dev + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: xz-utils + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: ufw + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: avahi-utils + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: libpam-google-authenticator + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: libpam-u2f + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: pamu2fcfg + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: pcscd + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: tftpd-hpa + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: apache2 + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: apache2-doc + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: gocryptfs + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: cryfs + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: tmux + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: squid + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: cpu-checker + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: asciidoc + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ + - name: libpam-doc + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ userspace: + - name: neovim + uri: ~ + sources: ~ + sigkey: ~ + types: ~ + suites: ~ + comps: ~ - name: podman uri: ~ sigkey: ~ @@ -228,6 +421,13 @@ pkgs: types: ~ suites: ~ comps: ~ + - name: erlang-doc + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ - name: erlang-hex uri: ~ sigkey: ~ @@ -263,6 +463,13 @@ pkgs: types: ~ suites: ~ comps: ~ + - name: python3-doc + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ - name: golang uri: ~ sigkey: ~ @@ -270,6 +477,13 @@ pkgs: types: ~ suites: ~ comps: ~ + - name: golang-doc + uri: ~ + sigkey: ~ + sources: ~ + types: ~ + suites: ~ + comps: ~ - name: hugo uri: ~ sigkey: ~ @@ -302,8 +516,8 @@ pkgs: script: # ]> representing user-level or supplemental shell script installations userspace: - - name: nvm - src: "https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.4/install.sh" + - name: radicle + src: "https://radicle.dev/install" pre: ~ post: ~ - name: rustup @@ -323,18 +537,34 @@ pkgs: # ]> representing user-level or supplemental source archives userspace: - name: surge - # @NOTE https://github.com/SurgeDM/Surge src: "https://github.com/SurgeDM/Surge/releases/download/v0.8.6/Surge_0.8.6_linux_amd64.tar.gz" deploy: ~ pre: ~ post: ~ + - name: nvm + src: "https://nodejs.org/dist/v24.16.0/node-v24.16.0-linux-x64.tar.xz" + deploy: ~ + pre: ~ + post: ~ + - name: difftastic + src: "https://github.com/Wilfred/difftastic/releases/download/0.69.0/difft-x86_64-unknown-linux-gnu.tar.gz" + deploy: ~ + pre: ~ + post: ~ # :]> representing package groups installed from source git repositories git_repos: userspace: + # # @TODO use below to build Podman container instead, to deploy with podman-compose + # # @NOTE https://github.com/papis/papis and https://papis.readthedocs.io/en/latest/ + # - name: papis + # src: "https://github.com/papis/papis.git" + # branch: main + # deploy: ~ + # pre: ~ + # post: ~ - name: quartz src: "https://github.com/jackyzha0/quartz.git" - branch: main + branch: v5.0.0 deploy: ~ pre: ~ - post: ~ -core_pkgs: "{{ (pkgs.mngr.core | default([])) + (pkgs.script.core | default([])) + (pkgs.archive.core | default([])) + (pkgs.git_repos.core | default([])) + (pkgs.containers.core | default([])) + (pkgs.snaps.core | default([])) + (pkgs.flatpaks.core | default([])) }}" \ No newline at end of file + post: ~ \ No newline at end of file