diff options
| author | Aaditya Dhruv <[email protected]> | 2025-06-14 10:13:07 +0530 |
|---|---|---|
| committer | Aaditya Dhruv <[email protected]> | 2025-06-14 10:13:07 +0530 |
| commit | 5f0f24a52d9175ab638b3d1a77454e65fad88248 (patch) | |
| tree | 03159fd6a3a69e6fc56ec33258964e3bffabffc1 | |
| parent | bd8919afb109efa0a92def766aca81f1e2e146fa (diff) | |
Update system, packages and playbooks, add vault
| -rw-r--r-- | config.yaml | 15 | ||||
| -rw-r--r-- | install.yaml | 2 | ||||
| -rw-r--r-- | src/packages/tasks/main.yaml | 10 | ||||
| -rw-r--r-- | src/system/files/systemd/user/syncthing.service | 24 | ||||
| -rw-r--r-- | src/system/tasks/main.yaml | 4 | ||||
| -rw-r--r-- | vault.yaml | 28 |
6 files changed, 61 insertions, 22 deletions
diff --git a/config.yaml b/config.yaml index ff5238a..9c9f715 100644 --- a/config.yaml +++ b/config.yaml @@ -1,16 +1,3 @@ --- username: aaditya -packages: - - development - - gaming -system: - wireguard: - wg_path: /etc/wireguard/wg0.conf - install_wireguard: true - install_systemd: true -opt: -config: - install_shell: true - install_wayland: false - install_xorg: false - install_misc: false +packages: [] diff --git a/install.yaml b/install.yaml index 5177032..fbefaae 100644 --- a/install.yaml +++ b/install.yaml @@ -1,8 +1,8 @@ - name: System Configuration hosts: localhost + gather_facts: false connection: local vars: - config: "{{ lookup('file','config.yaml') | from_yaml }}" tasks: - name: Startup debug: diff --git a/src/packages/tasks/main.yaml b/src/packages/tasks/main.yaml index 27d8451..2d8cc51 100644 --- a/src/packages/tasks/main.yaml +++ b/src/packages/tasks/main.yaml @@ -16,15 +16,15 @@ ansible.builtin.dnf: name: "{{ packages[item].dnf }}" state: latest - loop: "{{ config.packages }}" + ignore_errors: true + loop: "{{ packages }}" - name: Setup Flathub ansible.builtin.shell: 'flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo' + - name: Installing Flatpaks community.general.flatpak: name: "{{ packages[item].flatpak }}" state: present - loop: "{{ config.packages }}" -- name: Installing Rust - ansible.builtin.shell: "curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y" - when: '"development" in config.packages' + ignore_errors: true + loop: "{{ packages }}" diff --git a/src/system/files/systemd/user/syncthing.service b/src/system/files/systemd/user/syncthing.service new file mode 100644 index 0000000..18078d0 --- /dev/null +++ b/src/system/files/systemd/user/syncthing.service @@ -0,0 +1,24 @@ +[Unit] +Description=Syncthing - Open Source Continuous File Synchronization +Documentation=man:syncthing(1) +StartLimitIntervalSec=60 +StartLimitBurst=4 + +[Service] +ExecStart=/usr/bin/syncthing serve --no-browser --no-restart --logflags=0 +Restart=on-failure +RestartSec=1 +SuccessExitStatus=3 4 +RestartForceExitStatus=3 4 + +# Hardening +SystemCallArchitectures=native +MemoryDenyWriteExecute=true +NoNewPrivileges=true + +# Elevated permissions to sync ownership (disabled by default), +# see https://docs.syncthing.net/advanced/folder-sync-ownership +#AmbientCapabilities=CAP_CHOWN CAP_FOWNER + +[Install] +WantedBy=default.target diff --git a/src/system/tasks/main.yaml b/src/system/tasks/main.yaml index 626f70a..d1b7d69 100644 --- a/src/system/tasks/main.yaml +++ b/src/system/tasks/main.yaml @@ -3,7 +3,7 @@ - name: Copying user systemd configs ansible.builtin.copy: src: "systemd/user/{{ item }}.service" - dest: "/home/{{ config.username }}/.config/systemd/user/" + dest: "/home/{{ username }}/.config/systemd/user/" loop: "{{ systemd }}" - name: Enable service @@ -15,7 +15,7 @@ name: "{{ item }}.service" loop: "{{ systemd }}" ignore_errors: true - when: 'config.system.install_systemd' + when: systemd - name: Setup DNF conf diff --git a/vault.yaml b/vault.yaml new file mode 100644 index 0000000..afb1324 --- /dev/null +++ b/vault.yaml @@ -0,0 +1,28 @@ +$ANSIBLE_VAULT;1.1;AES256 +30373937363761353339313662616561616632316439616332633338343934356239336565633662 +3131663661386636616430393065656235353163323836640a373839343631356261633234336366 +35623233333630613761366263666238373461656534363336613939353564323366393066626563 +3962633165653265320a336631356534656663323531646531656631653365376331623333666235 +36363261353137323666326234313964666366616131653030353031303431663765653734313730 +33666332626161376233663532666435646532653563333330373061383939373562313533633062 +39616236353333376631373738343732383331306131613937313666306566626563383762366632 +35633463616364323063613338323037333262306138333631326463366263636462356131613537 +35356562663963383762373033303961393731643661656464326433633534383662303333353230 +35343263393064643737366430623131376463313030336438346439363531613833646336303337 +32343730353563383734363039386261393235306638313565333435656337626465363637383761 +39613734303132626531383664376664663734616636646137356164333636303861626465363631 +36633761356230623434386132333637626163666130623962396434633262613964396466613037 +37653961303039393933643562383436636161383966663865663932626232343266326437666137 +63356234326530323936383733343934663530666437613632373535343536633566363161343665 +64303062633030656162393065353130353661303332333562346261393933303637346339376432 +66653430613039636535323838313332613866643930643035353839313566306431313232346462 +62643337396139306632623435303465306636313030646433306234303839636235323563393930 +31353732326362626336633634616532356337663530303836326133653264396130643463656633 +35663439346561323133323763393434363035623764306630646135306364643530656531373264 +35333831386230363632323435383861623530616562656632376264623362306465643265633233 +64626661613034373239663833616531336664663837303961303839633431616663326630663834 +33373061346137356636663832393564346635636166363132626137316239653939343032306330 +65353562636463353735376333373463343732613334373765313666643436343464366261396430 +37666234656538343364376136323434316465633136323135616464393831313661653836666335 +63613066326662626538633135343138346263373338653035393834396362316334666634623330 +663765353339656330636264303563303433 |