This repository has been archived on 2024-02-16. You can view files and clone it, but cannot push or open issues or pull requests.

2.1 KiB

Raw Blame History

Sysconfig

This is an Ansible playbook to deploy my system configurations for desktop usage.

🧰 Usage

Have a fresh installation of Alpine (after running setup-alpine and reboot)
Install ansible-core and git
Install apk module (or install ansible instead of ansible-core in the previous step):
```
ansible-galaxy collection install -r requirements/collections.yml
```
Clone this repository

Create an encrypted file to store your user password:

mkdir -p host_vars/YOUR_HOSTNAME
touch host_vars/YOUR_HOSTNAME/secrets.yml
ansible-vault encrypt host_vars/YOUR_HOSTNAME/secrets.yml
ansible-vault edit host_vars/YOUR_HOSTNAME/secrets.yml

The file should look like this: vault_password: <strong_&_secure_password>

Run the playbook:
```
ansible-playbook setup.yml
```
Reboot and login as the newly created normal user
Proceed with dotfiles-ansible playbook

✔️ Testing

You need to have Vagrant installed, with vagrant-libvirt plugin.
Run the playbook inside the VM:

# Start the VM
vagrant up

# ssh into the VM (OpenSSH is required)
# Alternatively run 'vagrant ssh-config' to get the machine's IP address
# and manually ssh into it, e.g. 'dbclient -y vagrant@<ip_address>'
vagrant ssh

# Run the playbook as root
$ cd /vagrant
$ sudo ansible-playbook -v setup.yml

🖊️ Notes

This playbook assumes that the person running it is me 😃. It might do specific tasks that you don't like. Use with your own risks.
The playbook is intended to be run as root. It is separated from dotfiles-ansible, which should only be run as a normal user.

✅ TODO

ZFS on root
EFI secure boot
libudev-zero
ACPI events
Better way to handle libvirt's firewall rules (currently hardcoded)
/etc/security/access.conf (maybe?)
snapper / btrbk (rootfs=btrfs)

📄 License

MIT

2.1 KiB Raw Blame History