Hoang Nguyen
e059193bd7
- essential:
- make polkit optional
- move /etc/hosts file to unbound role
- libvirt:
- make libvirt daemons configurable
- delete the firewall patch. Hardcode the rules by default (for now)
so that the playbook is compatible with `ansible-core`
- user: add pam_limits file (moved from dotfiles repository)
- sysctl: role deleted. The task was moved to essential role
- fstab: new role for /run, /tmp, /proc mounts
- add seatd as a 'seat_manager' option
- cron: use find command to restraint deleted files in /var/tmp
|
||
|---|---|---|
| group_vars | ||
| roles | ||
| ansible.cfg | ||
| hosts | ||
| LICENSE | ||
| README.md | ||
| setup.yml | ||
System configurations
This is an Ansible playbook to deploy system configurations for desktop usage.
🧰 Usage
-
Have a fresh installation of Alpine (after running
setup-alpineand reboot) -
Install
ansible-coreandgit -
Clone this repository
-
Create an encrypted file to store your user password:
mkdir -p host_vars/YOUR_HOSTNAME touch host_vars/YOUR_HOSTNAME/secrets.yml ansible-vault encrypt host_vars/YOUR_HOSTNAME/secrets.yml ansible-vault edit host_vars/YOUR_HOSTNAME/secrets.ymlThe file should look like this:
vault_password: <strong_&_secure_password> -
Run the playbook:
ansible-playbook -i hosts setup.yml -
Reboot and login as the newly created normal user
-
Proceed with dotfiles-ansible playbook
🖊️ Notes
-
This playbook assumes that the person running it is me 😃. It might do specific tasks that you don't like. Use with your own risks.
-
The playbook is intended to be run as root. It is separated from dotfiles-ansible, which should only be run as a normal user.
✅ TODO
- ZFS on root
- EFI secure boot
- libudev-zero
- /etc/acpi/handler.sh
- Better way to handle libvirt's firewall rules (currently hardcoded)
📄 License
MIT