admin/skato-ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 3 Releases Wiki Activity

changed passwords, added packages, moved some packages to different package groups for different instasllation approach by plays or role tasks

Browse Source
This commit is contained in:
xenobyte
2026-06-10 13:52:29 -04:00
parent ac1eb31926
commit a16351985f
1 changed files with 280 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

330
group_vars/armitage.yml
View File

@@ -18,7 +18,7 @@ ssh_keys:
- ecdsa@sukaato.hikiki - ecdsa@sukaato.hikiki
# <list<dict>> list of administrative users (in Linux, users that can use "sudo") # <list<dict>> list of administrative users (in Linux, users that can use "sudo")
admins: admins:
- username: admin # <str> arbitrary valid user name - username: senpai # <str> arbitrary valid user name
services: ~ # <list[<str>]> if linux system user, assocated servce services: ~ # <list[<str>]> if linux system user, assocated servce
# <list[<str>]> list of control node or local SSH key basenames for this user # <list[<str>]> list of control node or local SSH key basenames for this user
ssh_keys: ssh_keys:
@@ -27,37 +27,70 @@ admins:
# <str<vault?>> hashed (and maybe salted) password # <str<vault?>> hashed (and maybe salted) password
password: !vault | password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
31663265653031323833373663653132653532646638316465393364613961643130653330393062 34636132613365646330653431653236303563623464316638643439373761366564663264613738
6165386239303965386261363565353137636164356130370a336465353931373564393339363561 3033343264373264333362616434333465323439653134340a643066663832353965313434386639
37353162333331663833656631663165356134633961323337663439663733316231666334336539 38366263646638353632656431366638393939623537326233306132306436363338373161643433
6537373334326634610a623037613462663733343230306538386561363838316638623365636533 3439653833333164390a303430616561356464393030353433303738383730643330323031373432
32313931666439363435663161663665346266653763343265376366383837376436643163376430 62386231653339616436383837383966643539353036353034363132633539643332386131613537
39393861613037333766386138376335653334363737626664383236303234653461313230383564 31356230383561663735363530393562363237343166323635666665386165633130653864646238
33393834636165386562383435666233313664656233326364616237636230303264363732376639 39323735386161646531323335393639353630376136663063393930326434346435343937623336
64396564366335366430303031323865333635306536346463386334303235386438663061343934 33336132663238326662323536326638333139313535373166636363336366663962373936383536
37376466373566396130366330383834323332626166316661336339346462343466 62303536363939316563646630633064306364366331623665646533633065336236
# @TODO change 'key' attributes of package entres under 'mngr' section below to 'signkey'
# and edit 'roles/init-server/install-pks.yml' accordngly
# <dict[<str>:<dict>]> package groups # <dict[<str>:<dict>]> package groups
pkgs: pkgs:
# <dict[<str>:<dict>]> representing package groups installed by package manager via repositories # <dict[<str>:<dict>]> representing package groups installed by package manager via repositories
mngr: mngr:
# <list[<dict>]> representing system-level or essential packages # <list[<dict>]> representing system-level or essential packages
core: core:
- name: neovim - name: sudo
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: kitty-terminfo
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: whois
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: vim
uri: ~ uri: ~
sources: ~ sources: ~
sigkey: ~ sigkey: ~
types: ~ types: ~
suites: ~ suites: ~
comps: ~ comps: ~
- name: flatpak - name: vim-vimwiki
uri: ~ uri: ~
sources: ~
sigkey: ~ sigkey: ~
sources: ~
types: ~ types: ~
suites: ~ suites: ~
comps: ~ comps: ~
- name: vim-doc
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
# - name: flatpak
# uri: ~
# sources: ~
# sigkey: ~
# types: ~
# suites: ~
# comps: ~
- name: snapd - name: snapd
uri: ~ uri: ~
sources: ~ sources: ~
@@ -72,6 +105,27 @@ pkgs:
types: ~ types: ~
suites: ~ suites: ~
comps: ~ comps: ~
- name: git-delta
uri: ~
sources: ~
sigkey: ~
types: ~
suites: ~
comps: ~
- name: git-doc
uri: ~
sources: ~
sigkey: ~
types: ~
suites: ~
comps: ~
- name: git-man
uri: ~
sources: ~
sigkey: ~
types: ~
suites: ~
comps: ~
- name: fail2ban - name: fail2ban
uri: ~ uri: ~
sources: ~ sources: ~
@@ -93,13 +147,6 @@ pkgs:
types: deb types: deb
suites: "*" suites: "*"
comps: "*" comps: "*"
- name: vim-vimwiki
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: pandoc - name: pandoc
uri: ~ uri: ~
sigkey: ~ sigkey: ~
@@ -121,29 +168,175 @@ pkgs:
types: ~ types: ~
suites: ~ suites: ~
comps: ~ comps: ~
# # @TODO troubleshoot radicle installation issue or change installation method for radicle to script - name: curl
# - name: radicle-keyring uri: ~
# uri: "https://radicle.dev/apt/radicle-archive-keyring.deb" sigkey: ~
# sigkey: ~ sources: ~
# sources: ~ types: ~
# types: ~ suites: ~
# suites: ~ comps: ~
# comps: ~ - name: build-essential
# - name: radicle uri: ~
# uri: ~ sigkey: ~
# sigkey: "https://radicle.dev/apt/radicle-archive-keyring.deb" sources: ~
# sources: "https://radicle.dev/apt" types: ~
# types: deb suites: ~
# suites: release comps: ~
# comps: main - name: fastfetch
# - name: syncthing uri: ~
# uri: ~ sigkey: ~
# sigkey: ~ sources: ~
# sources: ~ types: ~
# types: ~ suites: ~
# suites: ~ comps: ~
# comps: ~ - name: gcc
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: gcc-doc
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: dpkg-dev
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: xz-utils
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: ufw
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: avahi-utils
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: libpam-google-authenticator
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: libpam-u2f
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: pamu2fcfg
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: pcscd
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: tftpd-hpa
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: apache2
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: apache2-doc
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: gocryptfs
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: cryfs
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: tmux
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: squid
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: cpu-checker
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: asciidoc
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: libpam-doc
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
userspace: userspace:
- name: neovim
uri: ~
sources: ~
sigkey: ~
types: ~
suites: ~
comps: ~
- name: podman - name: podman
uri: ~ uri: ~
sigkey: ~ sigkey: ~
@@ -228,6 +421,13 @@ pkgs:
types: ~ types: ~
suites: ~ suites: ~
comps: ~ comps: ~
- name: erlang-doc
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: erlang-hex - name: erlang-hex
uri: ~ uri: ~
sigkey: ~ sigkey: ~
@@ -263,6 +463,13 @@ pkgs:
types: ~ types: ~
suites: ~ suites: ~
comps: ~ comps: ~
- name: python3-doc
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: golang - name: golang
uri: ~ uri: ~
sigkey: ~ sigkey: ~
@@ -270,6 +477,13 @@ pkgs:
types: ~ types: ~
suites: ~ suites: ~
comps: ~ comps: ~
- name: golang-doc
uri: ~
sigkey: ~
sources: ~
types: ~
suites: ~
comps: ~
- name: hugo - name: hugo
uri: ~ uri: ~
sigkey: ~ sigkey: ~
@@ -302,8 +516,8 @@ pkgs:
script: script:
# <list[<dict>]> representing user-level or supplemental shell script installations # <list[<dict>]> representing user-level or supplemental shell script installations
userspace: userspace:
- name: nvm - name: radicle
src: "https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.4/install.sh" src: "https://radicle.dev/install"
pre: ~ pre: ~
post: ~ post: ~
- name: rustup - name: rustup
@@ -323,18 +537,34 @@ pkgs:
# <list[<dict>]> representing user-level or supplemental source archives # <list[<dict>]> representing user-level or supplemental source archives
userspace: userspace:
- name: surge - name: surge
# @NOTE https://github.com/SurgeDM/Surge
src: "https://github.com/SurgeDM/Surge/releases/download/v0.8.6/Surge_0.8.6_linux_amd64.tar.gz" src: "https://github.com/SurgeDM/Surge/releases/download/v0.8.6/Surge_0.8.6_linux_amd64.tar.gz"
deploy: ~ deploy: ~
pre: ~ pre: ~
post: ~ post: ~
- name: nvm
src: "https://nodejs.org/dist/v24.16.0/node-v24.16.0-linux-x64.tar.xz"
deploy: ~
pre: ~
post: ~
- name: difftastic
src: "https://github.com/Wilfred/difftastic/releases/download/0.69.0/difft-x86_64-unknown-linux-gnu.tar.gz"
deploy: ~
pre: ~
post: ~
# <dict[<str>:<dict>]> representing package groups installed from source git repositories # <dict[<str>:<dict>]> representing package groups installed from source git repositories
git_repos: git_repos:
userspace: userspace:
# # @TODO use below to build Podman container instead, to deploy with podman-compose
# # @NOTE https://github.com/papis/papis and https://papis.readthedocs.io/en/latest/
# - name: papis
# src: "https://github.com/papis/papis.git"
# branch: main
# deploy: ~
# pre: ~
# post: ~
- name: quartz - name: quartz
src: "https://github.com/jackyzha0/quartz.git" src: "https://github.com/jackyzha0/quartz.git"
branch: main branch: v5.0.0
deploy: ~ deploy: ~
pre: ~ pre: ~
post: ~ post: ~
core_pkgs: "{{ (pkgs.mngr.core | default([])) + (pkgs.script.core | default([])) + (pkgs.archive.core | default([])) + (pkgs.git_repos.core | default([])) + (pkgs.containers.core | default([])) + (pkgs.snaps.core | default([])) + (pkgs.flatpaks.core | default([])) }}"