Compare commits
	
		
			10 Commits
		
	
	
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 463b84b61c | |||
| 1933e02290 | |||
| cc239de7a0 | |||
| c57840bb11 | |||
| 5edb3c08a2 | |||
| 54d2327ec8 | |||
| f122b06697 | |||
| 588bc932de | |||
| 25b59beb72 | |||
| b07a77fa8f | 
| @@ -1,55 +1,153 @@ | |||||||
| # SPDX-License-Identifier: MIT | # SPDX-License-Identifier: MIT | ||||||
| packages_linux_common_all_families: | packages_linux_common_all_families: | ||||||
|  |     # A download manager more capable than wget | ||||||
|  |   - 'aria2' | ||||||
|  |     # Shell-based math operations | ||||||
|   - 'bc' |   - 'bc' | ||||||
|  |     # A nice system stats and health overview | ||||||
|   - 'btop' |   - 'btop' | ||||||
|  |     # Brings mkfs.fat and related tools for the rare occasion that we absolutely | ||||||
|  |     # have to work with a FAT-formatted partition. | ||||||
|   - 'dosfstools' |   - 'dosfstools' | ||||||
|  |     # DHCP server response debugging | ||||||
|   - 'dhcping' |   - 'dhcping' | ||||||
|  |     # Fast host liveness scanner | ||||||
|   - 'fping' |   - 'fping' | ||||||
|  |     # Version control | ||||||
|   - 'git' |   - 'git' | ||||||
|  |     # Network bandwidth and performance measurement | ||||||
|   - 'iperf3' |   - 'iperf3' | ||||||
|  |     # Manipulate JSON | ||||||
|   - 'jq' |   - 'jq' | ||||||
|  |     # All things FTP, SFTP, FTP over SSL etc. | ||||||
|  |   - 'lftp' | ||||||
|  |     # Log file navigator | ||||||
|   - 'lnav' |   - 'lnav' | ||||||
|  |     # Process inspector | ||||||
|   - 'lsof' |   - 'lsof' | ||||||
|  |     # In-memory file transfer buffer | ||||||
|   - 'mbuffer' |   - 'mbuffer' | ||||||
|  |     # Advanced trace routes | ||||||
|   - 'mtr' |   - 'mtr' | ||||||
|  |     # ncurses disk usage | ||||||
|   - 'ncdu' |   - 'ncdu' | ||||||
|  |     # Network performance measurement | ||||||
|   - 'netperf' |   - 'netperf' | ||||||
|  |     # Run multiple processes in parallel, mostly when they don't do so natively | ||||||
|  |     # to better utilize CPU resources for a performance boost | ||||||
|   - 'parallel' |   - 'parallel' | ||||||
|  |     # Partition editor | ||||||
|   - 'parted' |   - 'parted' | ||||||
|  |     # Apply patch files | ||||||
|   - 'patch' |   - 'patch' | ||||||
|  |     # Parallel gzip | ||||||
|   - 'pigz' |   - 'pigz' | ||||||
|  |     # Pipe viewer to visualize network throughput inbetween two shell pipes | ||||||
|   - 'pv' |   - 'pv' | ||||||
|  |     # Multi-purpose file transfer | ||||||
|  |   - 'rclone' | ||||||
|  |     # Best-in-class data sync | ||||||
|   - 'rsync' |   - 'rsync' | ||||||
|  |     # Hardware stress testing | ||||||
|  |   - 'stress-ng' | ||||||
|  |     # E-mail transfer debugging | ||||||
|   - 'swaks' |   - 'swaks' | ||||||
|  |     # System statistics and load monitor | ||||||
|  |   - 'sysstat' | ||||||
|  |     # Network traffic inspector | ||||||
|   - 'tcpdump' |   - 'tcpdump' | ||||||
|  |     # Nice interface to WireShark CLI | ||||||
|  |   - 'termshark' | ||||||
|  |     # Terminal multiplexer | ||||||
|   - 'tmux' |   - 'tmux' | ||||||
|  |     # Basic trace routes | ||||||
|  |   - 'traceroute' | ||||||
|  |     # Print directory tree content | ||||||
|   - 'tree' |   - 'tree' | ||||||
|  |     # Unzip zip files | ||||||
|   - 'unzip' |   - 'unzip' | ||||||
|  |     # Basic file transfer utility | ||||||
|   - 'wget' |   - 'wget' | ||||||
|  |  | ||||||
| packages_linux_common_archlinux: | packages_linux_common_archlinux: | ||||||
|  |     # We care about dig to debug DNS server responses | ||||||
|   - 'bind' |   - 'bind' | ||||||
|  |     # A nicer CLI diff tool | ||||||
|   - 'difftastic' |   - 'difftastic' | ||||||
|  |     # Better ls | ||||||
|   - 'eza' |   - 'eza' | ||||||
|  |     # YAML file manipulation, diffs, merges etc. | ||||||
|   - 'go-yq' |   - 'go-yq' | ||||||
|  |     # GPT disk editor | ||||||
|   - 'gptfdisk' |   - 'gptfdisk' | ||||||
|  |     # Send crafted TCP packets for debugging purposes | ||||||
|   - 'openbsd-netcat' |   - 'openbsd-netcat' | ||||||
|  |     # Allow a Proxmox VE hostto interact with a VM | ||||||
|   - 'qemu-guest-agent' |   - 'qemu-guest-agent' | ||||||
|  |     # Python manager | ||||||
|   - 'uv' |   - 'uv' | ||||||
|  |     # WireShark CLI | ||||||
|  |   - 'wireshark-cli' | ||||||
|  |  | ||||||
| packages_linux_paru_archlinux: | packages_linux_paru_archlinux: | ||||||
|   - 'downgrade' |   - 'downgrade' | ||||||
|   - 'flent' |   - 'flent' | ||||||
|   - 'mmv' |   - 'mmv' | ||||||
|   - 'paccache-hook' |   - 'paccache-hook' | ||||||
|  |   - 'tmux-resurrect' | ||||||
|  |  | ||||||
| packages_linux_common_debian: | packages_linux_common_debian: | ||||||
|   - 'apt-file' |   - 'apt-file' | ||||||
|   - 'bind9-dnsutils' |   - 'bind9-dnsutils' | ||||||
|  |   - 'debconf-utils' | ||||||
|   - 'exa' |   - 'exa' | ||||||
|   - 'flent' |   - 'flent' | ||||||
|   - 'gdisk' |   - 'gdisk' | ||||||
|   - 'mmv' |   - 'mmv' | ||||||
|   - 'netcat-openbsd' |   - 'netcat-openbsd' | ||||||
|  |   - 'tshark' | ||||||
|   - 'unattended-upgrades' |   - 'unattended-upgrades' | ||||||
|   - 'xxd' |   - 'xxd' | ||||||
|  |  | ||||||
|  | package_config: | ||||||
|  |   - name: 'tmux' | ||||||
|  |     global_config_file: '/etc/tmux.conf' | ||||||
|  |     marker: 'sane defaults' | ||||||
|  |     global_config: | | ||||||
|  |       # Renumber windows when one is deleted | ||||||
|  |       set-option -g renumber-windows on | ||||||
|  |  | ||||||
|  |       # Enable mouse control (clickable windows, panes, resizable panes) | ||||||
|  |       set -g mouse on | ||||||
|  |   - name: 'git' | ||||||
|  |     global_config_file: '/etc/gitconfig' | ||||||
|  |     marker: 'sane defaults' | ||||||
|  |     global_config: | | ||||||
|  |       [alias] | ||||||
|  |           # https://stackoverflow.com/a/30998048 | ||||||
|  |           # Find merge that contains a given commit | ||||||
|  |           find-merge = "!sh -c 'commit=$0 && branch=${1:-HEAD} && (git rev-list $commit..$branch --ancestry-path | cat -n; git rev-list $commit..$branch --first-parent | cat -n) | sort -k2 -s | uniq -f1 -d | sort -n | tail -1 | cut -f2'" | ||||||
|  |  | ||||||
|  |           # https://stackoverflow.com/a/30998048 | ||||||
|  |           # Show merge commit msg and other details of merge commit | ||||||
|  |           # that contains a given commit   | ||||||
|  |           show-merge = "!sh -c 'merge=$(git find-merge $0 $1) && [ -n \"$merge\" ] && git show $merge'" | ||||||
|  |  | ||||||
|  |           # https://stackoverflow.com/a/23508223 | ||||||
|  |           # Show all commits that are part of a merge commit | ||||||
|  |           log-merge = "!f() { git log --stat \"$1^..$1\"; }; f" | ||||||
|  |  | ||||||
|  | tmux_global_config_file: '/etc/tmux.conf' | ||||||
|  | tmux_global_config_resurrect: | | ||||||
|  |   # Auto-load tmux-resurrect | ||||||
|  |   # prefix + Ctrl-s - save | ||||||
|  |   # prefix + Ctrl-r - restore | ||||||
|  |   run-shell /usr/share/tmux-resurrect/resurrect.tmux | ||||||
|  |    | ||||||
|  |   # Restore pane content (not just running commands) | ||||||
|  |   # This will e.g. show the last 'ls' output you did in a pane | ||||||
|  |   set -g @resurrect-capture-pane-contents 'on' | ||||||
|  |    | ||||||
|  |   # Restore a few additional processes beyond the conservative default of | ||||||
|  |   # vi vim nvim emacs man less more tail top htop irssi weechat mutt | ||||||
|  |   set -g @resurrect-processes 'btop journalctl ncdu watch' | ||||||
|   | |||||||
| @@ -0,0 +1,41 @@ | |||||||
|  | # SPDX-License-Identifier: MIT | ||||||
|  |  | ||||||
|  | # This file adds config blocks to files that are dependent on a single package | ||||||
|  | # being present. If for example the 'git' package is present we want content in | ||||||
|  | # Git's global '/etc/gitconfig' file. If the package is absent that file content | ||||||
|  | # is removed. If after that the file is empty (i.e. has a size of 0 bytes) the | ||||||
|  | # file is deleted. | ||||||
|  |  | ||||||
|  | - name: 'Add per-package config' | ||||||
|  |   when: 'pkg.name in ansible_facts.packages' | ||||||
|  |   loop_control: | ||||||
|  |     loop_var: 'pkg' | ||||||
|  |     label: 'If ''{{ pkg.name }}'' package is present set system-wide config in ''{{ pkg.global_config_file }}''' | ||||||
|  |   loop: '{{ package_config }}' | ||||||
|  |   ansible.builtin.blockinfile: | ||||||
|  |     marker: '# {mark} ANSIBLE MANAGED BLOCK - {{ pkg.name }} {{ pkg.marker }}' | ||||||
|  |     path: '{{ pkg.global_config_file }}' | ||||||
|  |     append_newline: true | ||||||
|  |     prepend_newline: true | ||||||
|  |     state: 'present' | ||||||
|  |     create: true | ||||||
|  |     block: '{{ pkg.global_config }}' | ||||||
|  |  | ||||||
|  | - name: 'Get stats of global config files' | ||||||
|  |   register: 'role_common_packages__global_config_file_stats' | ||||||
|  |   loop_control: | ||||||
|  |     loop_var: 'pkg' | ||||||
|  |     label: 'Get stats of ''{{ pkg.name }}'' system-wide config file ''{{ pkg.global_config_file }}''' | ||||||
|  |   loop: '{{ package_config }}' | ||||||
|  |   ansible.builtin.stat: | ||||||
|  |     path: '{{ pkg.global_config_file }}' | ||||||
|  |  | ||||||
|  | - name: 'Remove per-package config' | ||||||
|  |   when: 'stat_result.pkg.name not in ansible_facts.packages and stat_result.stat.exists' | ||||||
|  |   loop_control: | ||||||
|  |     loop_var: 'stat_result' | ||||||
|  |     label: 'If ''{{ stat_result.pkg.name }}'' package is absent and system-wide config file ''{{ stat_result.pkg.global_config_file }}'' is present remove config file' | ||||||
|  |   loop: '{{ role_common_packages__global_config_file_stats.results }}' | ||||||
|  |   ansible.builtin.file: | ||||||
|  |     path: '{{ stat_result.pkg.global_config_file }}' | ||||||
|  |     state: 'absent' | ||||||
							
								
								
									
										10
									
								
								tasks/base-package-auxiliary-settings-sysstat.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								tasks/base-package-auxiliary-settings-sysstat.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,10 @@ | |||||||
|  | # SPDX-License-Identifier: MIT | ||||||
|  | - name: 'Gather service facts' | ||||||
|  |   ansible.builtin.service_facts: | ||||||
|  |  | ||||||
|  | - name: 'If ''sysstat.service'' exists make sure it''s running' | ||||||
|  |   when: '''sysstat.service'' in ansible_facts[''services'']' | ||||||
|  |   ansible.builtin.service: | ||||||
|  |       name: 'sysstat.service' | ||||||
|  |       state: 'started' | ||||||
|  |       enabled: true | ||||||
							
								
								
									
										31
									
								
								tasks/base-package-auxiliary-settings-tmux.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										31
									
								
								tasks/base-package-auxiliary-settings-tmux.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,31 @@ | |||||||
|  | # SPDX-License-Identifier: MIT | ||||||
|  | - name: 'If Arch Linux and if ''tmux-resurrect'' and ''tmux'' packages are present auto-load tmux-resurrect on tmux start system-wide' | ||||||
|  |   when: '(ansible_facts[''os_family''] | lower == ''archlinux'') and (''tmux-resurrect'' in ansible_facts.packages) and (''tmux'' in ansible_facts.packages)' | ||||||
|  |   ansible.builtin.blockinfile: | ||||||
|  |     marker: '# {mark} ANSIBLE MANAGED BLOCK - tmux-resurrect' | ||||||
|  |     path: '{{ tmux_global_config_file }}' | ||||||
|  |     append_newline: true | ||||||
|  |     prepend_newline: true | ||||||
|  |     state: 'present' | ||||||
|  |     create: true | ||||||
|  |     block: '{{ tmux_global_config_resurrect }}' | ||||||
|  |  | ||||||
|  | - name: 'Get stats of ''{{ tmux_global_config_file }}''' | ||||||
|  |   ansible.builtin.stat: | ||||||
|  |     path: '{{ tmux_global_config_file }}' | ||||||
|  |   register: 'role_common_packages__tmux_global_config_file_stats' | ||||||
|  |  | ||||||
|  | - name: 'If Arch Linux and ''tmux-resurrect'' package is absent and system-wide config file ''{{ tmux_global_config_file }}'' is present remove config block from file' | ||||||
|  |   when: '(ansible_facts[''os_family''] | lower == ''archlinux'') and (''tmux-resurrect'' not in ansible_facts.packages) and (role_common_packages__tmux_global_config_file_stats.stat.exists)' | ||||||
|  |   ansible.builtin.blockinfile: | ||||||
|  |     marker: '# {mark} ANSIBLE MANAGED BLOCK - tmux-resurrect' | ||||||
|  |     path: '{{ tmux_global_config_file }}' | ||||||
|  |     state: 'absent' | ||||||
|  |     block: '{{ tmux_global_config_resurrect }}' | ||||||
|  |  | ||||||
|  | - name: 'If ''{{ tmux_global_config_file }}'' exists and is 0 bytes delete it' | ||||||
|  |   when: '(role_common_packages__tmux_global_config_file_stats.stat.exists) and (role_common_packages__tmux_global_config_file_stats.stat.size == 0)' | ||||||
|  |   ansible.builtin.file: | ||||||
|  |     path: '{{ tmux_global_config_file }}' | ||||||
|  |     state: 'absent' | ||||||
|  |  | ||||||
							
								
								
									
										4
									
								
								tasks/base-package-auxiliary-settings.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								tasks/base-package-auxiliary-settings.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | |||||||
|  | # SPDX-License-Identifier: MIT | ||||||
|  | - import_tasks: 'base-package-auxiliary-settings-sysstat.yml' | ||||||
|  | - import_tasks: 'base-package-auxiliary-settings-tmux.yml' | ||||||
|  | - import_tasks: 'base-package-auxiliary-settings-single-package-single-config.yml' | ||||||
							
								
								
									
										23
									
								
								tasks/base-packages.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										23
									
								
								tasks/base-packages.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,23 @@ | |||||||
|  | # SPDX-License-Identifier: MIT | ||||||
|  | - name: 'Gather package facts' | ||||||
|  |   ansible.builtin.package_facts: | ||||||
|  |     manager: 'auto' | ||||||
|  |  | ||||||
|  | - name: 'If OS is a Linux flavor install Linux-specific packages' | ||||||
|  |   when: 'ansible_facts[''system''] | lower == ''linux''' | ||||||
|  |   ansible.builtin.package: | ||||||
|  |     name: '{{ packages_linux_common_all_families }}' | ||||||
|  |     state: 'present' | ||||||
|  |  | ||||||
|  | - name: 'If ''os_family'' is ''{{ ansible_facts[''os_family''] | lower }}'' install {{ ansible_facts[''os_family''] | lower }}-specific packages' | ||||||
|  |   ansible.builtin.package: | ||||||
|  |     name: '{{ vars[''packages_linux_common_'' + ansible_facts[''os_family''] | lower] }}' | ||||||
|  |     state: 'present' | ||||||
|  |  | ||||||
|  | - name: 'If Arch Linux install Arch User Repository (AUR) packages' | ||||||
|  |   when: 'ansible_facts[''os_family''] | lower == ''archlinux''' | ||||||
|  |   kewlfft.aur.aur: | ||||||
|  |     name: '{{ packages_linux_paru_archlinux }}' | ||||||
|  |     state: 'present' | ||||||
|  |   become: 'yes' | ||||||
|  |   become_user: 'build' | ||||||
| @@ -1,25 +1,7 @@ | |||||||
| # SPDX-License-Identifier: MIT | # SPDX-License-Identifier: MIT | ||||||
| - name: 'If OS is a Linux flavor install Linux-specific packages' | - import_tasks: 'base-packages.yml' | ||||||
|   when: 'ansible_facts[''system''] | lower == ''linux''' | - import_tasks: 'base-package-auxiliary-settings.yml' | ||||||
|   ansible.builtin.package: |  | ||||||
|     name: '{{ packages_linux_common_all_families }}' |  | ||||||
|     state: 'present' |  | ||||||
|  |  | ||||||
| - name: 'If ''os_family'' is ''{{ ansible_facts[''os_family''] | lower }}'' install {{ ansible_facts[''os_family''] | lower }}-specific packages' |  | ||||||
|   ansible.builtin.package: |  | ||||||
|     name: '{{ vars[''packages_linux_common_'' + ansible_facts[''os_family''] | lower] }}' |  | ||||||
|     state: 'present' |  | ||||||
|  |  | ||||||
| - name: 'If Arch Linux install Arch User Repository (AUR) packages' |  | ||||||
|   when: 'ansible_facts[''os_family''] | lower == ''archlinux''' |  | ||||||
|   kewlfft.aur.aur: |  | ||||||
|     name: '{{ packages_linux_paru_archlinux }}' |  | ||||||
|     state: 'present' |  | ||||||
|   become: 'yes' |  | ||||||
|   become_user: 'build' |  | ||||||
|  |  | ||||||
| - import_tasks: 'arch-linux-local-aur-repo-chroot.yml' | - import_tasks: 'arch-linux-local-aur-repo-chroot.yml' | ||||||
|   when: 'ansible_facts[''os_family''] | lower == ''archlinux''' |   when: 'ansible_facts[''os_family''] | lower == ''archlinux''' | ||||||
|  |  | ||||||
| - import_tasks: 'maintenance-unattended-upgrades.yml' | - import_tasks: 'maintenance-unattended-upgrades.yml' | ||||||
|   when: 'ansible_facts[''os_family''] | lower == ''debian''' |   when: 'ansible_facts[''os_family''] | lower == ''debian''' | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user