Hoang Nguyen
e059193bd7
- essential: - make polkit optional - move /etc/hosts file to unbound role - libvirt: - make libvirt daemons configurable - delete the firewall patch. Hardcode the rules by default (for now) so that the playbook is compatible with `ansible-core` - user: add pam_limits file (moved from dotfiles repository) - sysctl: role deleted. The task was moved to essential role - fstab: new role for /run, /tmp, /proc mounts - add seatd as a 'seat_manager' option - cron: use find command to restraint deleted files in /var/tmp |
||
---|---|---|
group_vars | ||
roles | ||
ansible.cfg | ||
hosts | ||
LICENSE | ||
README.md | ||
setup.yml |
System configurations
This is an Ansible playbook to deploy system configurations for desktop usage.
🧰 Usage
-
Have a fresh installation of Alpine (after running
setup-alpine
and reboot) -
Install
ansible-core
andgit
-
Clone this repository
-
Create an encrypted file to store your user password:
mkdir -p host_vars/YOUR_HOSTNAME touch host_vars/YOUR_HOSTNAME/secrets.yml ansible-vault encrypt host_vars/YOUR_HOSTNAME/secrets.yml ansible-vault edit host_vars/YOUR_HOSTNAME/secrets.yml
The file should look like this:
vault_password: <strong_&_secure_password>
-
Run the playbook:
ansible-playbook -i hosts setup.yml
-
Reboot and login as the newly created normal user
-
Proceed with dotfiles-ansible playbook
🖊️ Notes
-
This playbook assumes that the person running it is me 😃. It might do specific tasks that you don't like. Use with your own risks.
-
The playbook is intended to be run as root. It is separated from dotfiles-ansible, which should only be run as a normal user.
✅ TODO
- ZFS on root
- EFI secure boot
- libudev-zero
- /etc/acpi/handler.sh
- Better way to handle libvirt's firewall rules (currently hardcoded)
📄 License
MIT