304 lines
8.4 KiB
YAML
304 lines
8.4 KiB
YAML
# @TODO create inventory group variables akin to structure of sukaato group's for homeserver
|
|
# <str<vault>> representing password for Linux root user account of VPS
|
|
password: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
32333335343939653231313938666134306338356633393035363039373465386165313666383262
|
|
6465313738316635633332623765336563626165336330370a616634393266366430363663333066
|
|
63373165346236386632393866316164623133373761303262643734356433646661636533666266
|
|
3834643765613937300a326365643961626236386261303933643965333565623836313231346537
|
|
3030
|
|
# <str> representing hostname for LAN server; same as host or group variable name
|
|
instance: armitage
|
|
# <str<enum>> representing Linux distro or OS image to be used for VPS
|
|
# operating_system: "tftp://hikiki.local:69/debian.iso"
|
|
operating_system: ~
|
|
# <list[<str>]> of control node or local SSH key basenames
|
|
keys:
|
|
- id_ed25519_localhost
|
|
# <list<dict>> list of administrative users (in Linux, users that can use "sudo")
|
|
admins:
|
|
- username: admin # <str> arbitrary valid user name
|
|
services: ~ # <list[<str>]> if linux system user, assocated servce
|
|
# <list[<str>]> list of control node or local SSH key basenames for this user
|
|
keys: "{{ keys }}"
|
|
# <str<vault?>> hashed (and maybe salted) password
|
|
password: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
34396235306630656138303939346638343135623430353666326462663131613130643061366435
|
|
6563616331656566626263633966633764386564383961640a656466323835616263653531323861
|
|
65376663363934653163313666303166376262623334343034626535356431636662366261333061
|
|
3866656638623631660a386666383136396238633365333465333766383766303631663336326264
|
|
35663339663062333162643039663430363265393163303839356664343633373630303462393735
|
|
37316262383335323837646265336139373238623735383134623361363136663436393162666336
|
|
62353462323534316531313533636461353139326466646662356233373130616633633262616539
|
|
37306332666338363231383537343832396432666134663462633336646330646332306634356636
|
|
36626166386634653537613334616538313266323866303738316430666131646333
|
|
pkgs:
|
|
# <dict[<str>:<dict>]> representing package groups installed by package manager via repositories
|
|
mngr:
|
|
# <list[<dict>]> representing system-level or essential packages
|
|
core:
|
|
- name: neovim
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: flatpak
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: snapd
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: git
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: fail2ban
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: crowdsec
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: glow
|
|
uri: ~
|
|
key: "https://repo.charm.sh/apt/gpg.key"
|
|
key_path: /etc/apt/keyrings/charm.gpg
|
|
src_entry: "deb [signed-by=/etc/apt/keyrings/charm.gpg] https://repo.charm.sh/apt/ * *"
|
|
src_path: /etc/apt/sources.list.d/charm.list
|
|
- name: vim-vimwiki
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: pandoc
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: tor
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: i2pd
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: radicle
|
|
uri: ~
|
|
key: "https://radicle.dev/apt/radicle-archive-keyring.deb"
|
|
key_path: "{{ ansible_facts['user_dir'] }}/.local_pkgs/"
|
|
src_entry: "deb [signed-by=/usr/share/radicle/radicle-archive-keyring.asc] https://radicle.dev/apt release main"
|
|
src_path: /etc/apt/sources.list
|
|
# - name: syncthing
|
|
# uri: ~
|
|
# key: ~
|
|
# key_path: ~
|
|
# src_entry: ~
|
|
# src_path: ~
|
|
userspace:
|
|
- name: podman
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: podman-compose
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: distrobox
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: proftpd-core
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: proftpd-doc
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: proftpd-mod-crypto
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: proftpd-mod-ldap
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: proftpd-mod-sqlite
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: aria2
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: syncplay-server
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: caddy
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: erlang
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: erlang-hex
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: elixir
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: python3.13
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: python3-venv
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: python3-pip
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: golang
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: hugo
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: yt-dlp
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: syncthing-discosrv
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: syncthing-relaysrv
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
handler: ~
|
|
- name: avahi-daemon
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
- name: avahi-utils
|
|
uri: ~
|
|
key: ~
|
|
key_path: ~
|
|
src_entry: ~
|
|
src_path: ~
|
|
# <dict[<str>:<dict>]> representing package groups installed by shell scripts
|
|
script:
|
|
# <list[<dict>]> representing user-level or supplemental shell script installations
|
|
userspace:
|
|
- name: nvm
|
|
src: "https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.4/install.sh"
|
|
pre: ~
|
|
post: ~
|
|
- name: rustup
|
|
src: "https://sh.rustup.rs"
|
|
pre: ~
|
|
post: ~
|
|
- name: julia
|
|
src: "https://install.julialang.org"
|
|
pre: ~
|
|
post: ~
|
|
- name: uv
|
|
src: "https://astral.sh/uv/install.sh"
|
|
pre: ~
|
|
post: ~
|
|
# <dict[<str>:<dict>]> representing package groups installed from source archives
|
|
archive:
|
|
# <list[<dict>]> representing user-level or supplemental source archives
|
|
userspace:
|
|
- name: surge
|
|
# @NOTE https://github.com/SurgeDM/Surge
|
|
src: "https://github.com/SurgeDM/Surge/releases/download/v0.8.6/Surge_0.8.6_linux_amd64.tar.gz"
|
|
deploy: ~
|
|
pre: ~
|
|
post: ~
|
|
# <dict[<str>:<dict>]> representing package groups installed from source git repositories
|
|
git_repos:
|
|
userspace:
|
|
- name: quartz
|
|
src: "https://github.com/jackyzha0/quartz.git"
|
|
branch: main
|
|
deploy: ~
|
|
pre: ~
|
|
post: ~
|
|
core_pkgs: "{{ (pkgs.mngr.core | default([])) + (pkgs.script.core | default([])) + (pkgs.archive.core | default([])) + (pkgs.git_repos.core | default([])) + (pkgs.containers.core | default([])) + (pkgs.snaps.core | default([])) + (pkgs.flatpaks.core | default([])) }}" |