From 752969e2fa64cb90a339ea16aeb5f70b48bf389c Mon Sep 17 00:00:00 2001 From: Hyperling Date: Thu, 2 Jan 2025 13:03:50 -0700 Subject: [PATCH] Add Music Studio, Migrate from GitHub to Personal Gitea (#1) Reviewed-on: https://git.hyperling.com/me/env-ansible/pulls/1 --- README.md | 4 +- facts/general/system.yml | 13 +- files/scripts/nixos.sh | 4 +- local.yml | 13 +- setup.sh | 2 +- tasks/general/acct_mgmt/provision_config.yml | 99 +++++---- tasks/general/acct_mgmt/users.yml | 95 ++++++--- tasks/general/cron/ansible.yml | 2 +- tasks/general/scripts/root.yml | 4 +- tasks/general/scripts/user.yml | 4 +- tasks/general/software/nixos.yml | 4 +- tasks/general/software/packages.yml | 1 + tasks/server/software/git.yml | 191 ------------------ tasks/server/software/gitlab.yml | 106 ---------- tasks/workstation/linux/software/flatpaks.yml | 5 +- tasks/workstation/shared/settings/gnome.yml | 16 +- 16 files changed, 151 insertions(+), 412 deletions(-) delete mode 100644 tasks/server/software/git.yml delete mode 100644 tasks/server/software/gitlab.yml diff --git a/README.md b/README.md index c84e09b..c74cf62 100644 --- a/README.md +++ b/README.md @@ -45,7 +45,7 @@ Workstation: Currently failing at `[Workstation | Linux | Flatpak Distro | Packa ### NixOS 99%, still need to get Telegraf going and refactor local.yml but everything else -is working well. It is automatically implementing github.com/Hyperling/NixOS. +is working well. It is automatically implementing git.hyperling.com/me/env-nixos. ## Currently Supported Unix Systems ### FreeBSD 12, 13 @@ -76,4 +76,4 @@ to exist under the facts tree. ## Other Notes ### Get Setup Values Use this command to see the variables for a system: -`ansible localhost -m setup --connection=local`. \ No newline at end of file +`ansible localhost -m setup --connection=local`. diff --git a/facts/general/system.yml b/facts/general/system.yml index 248eb6a..ee2aa18 100644 --- a/facts/general/system.yml +++ b/facts/general/system.yml @@ -8,17 +8,8 @@ st_install_dir: /usr/local/src/st global_bin: /usr/local/bin x_desktops: /usr/share/xsessions - repo_github: https://github.com/Hyperling/ansible.git - #repo_local: https://git.hyperling.com/ansible.git - # Local server not working yet, go back to Github even though they throttle me. - repo_local: https://github.com/Hyperling/ansible.git - -- name: General | Facts | System | Dev - set_fact: - #repo_local: https://git.hyperling.com/ansible-dev.git - # Local server not working yet, go back to Github even though they throttle me. - repo_local: https://github.com/Hyperling/ansible.git - when: branch == "dev" + git_repo_http: http://{{ git_host }}/{{ git_user }}/{{ git_project }} + git_repo_ssh: ssh://git@{{ git_host }}:{{ git_ssh_port }}/{{ git_user }}/{{ git_project }} - name: General | Facts | System | Linux diff --git a/files/scripts/nixos.sh b/files/scripts/nixos.sh index 18ee7c9..267cfce 100755 --- a/files/scripts/nixos.sh +++ b/files/scripts/nixos.sh @@ -15,7 +15,7 @@ nixos_working_exe=activate.sh function usage { echo -e "\nUsage: $PROG -b BRANCH" >&2 cat <<- EOF - Run a setup script for NixOS based on the https://github.com/Hyperling/NixOS project. + Run a setup script for NixOS based on the https://git.hyperling.com/me/env-nixos project. Parameters: -b BRANCH: The branch which should be installed, likely 'main' or 'dev'. @@ -48,7 +48,7 @@ fi cleanup # Install the Hyperling NixOS configurations. -git clone https://github.com/Hyperling/NixOS --branch $branch $nixos_working_dir +git clone https://git.hyperling.com/me/env-nixos --branch $branch $nixos_working_dir chmod 755 $nixos_working_dir/$nixos_working_exe $nixos_working_dir/$nixos_working_exe diff --git a/local.yml b/local.yml index 68ccef0..c582912 100644 --- a/local.yml +++ b/local.yml @@ -124,9 +124,6 @@ - include_tasks: tasks/workstation/linux/software/packages.yml when: ansible_system == "Linux" - - include_tasks: tasks/workstation/linux/software/flatpaks.yml - when: ansible_system == "Linux" and flatpak_distro - - include_tasks: tasks/workstation/linux/software/brave.yml when: ansible_pkg_mgr in ("apt", "dnf", "zypper") and not mobile @@ -156,6 +153,10 @@ - include_tasks: tasks/workstation/shared/settings/services.yml + # Final Tasks (SLOW) # + - include_tasks: tasks/workstation/linux/software/flatpaks.yml + when: ansible_system == "Linux" and flatpak_distro + when: workstation == true @@ -228,12 +229,6 @@ - include_tasks: tasks/server/software/hugo.yml when: hugo == true - - include_tasks: tasks/server/software/gitlab.yml - when: gitlab and ansible_pkg_mgr in ("apt", "dnf") and ansible_distribution not in ("Fedora") - - - include_tasks: tasks/server/software/git.yml - when: git and ansible_pkg_mgr in ("apt") - when: server == true diff --git a/setup.sh b/setup.sh index aa105b0..e10f8c1 100755 --- a/setup.sh +++ b/setup.sh @@ -6,7 +6,7 @@ DIR="$(dirname -- "${BASH_SOURCE[0]}")" PROG="$(basename -- "${BASH_SOURCE[0]}")" LOCAL=$DIR/local.yml -URL="https://github.com/Hyperling/ansible" +URL="https://git.hyperling.com/me/env-ansible" BRANCH="main" ## Functions ## diff --git a/tasks/general/acct_mgmt/provision_config.yml b/tasks/general/acct_mgmt/provision_config.yml index 6bae1a5..00c3822 100644 --- a/tasks/general/acct_mgmt/provision_config.yml +++ b/tasks/general/acct_mgmt/provision_config.yml @@ -26,7 +26,9 @@ blockinfile: path: "{{ gen_file }}" block: | - ;;;;;;; Available options - all require lowercase values ;;;;;; + ; Please note that all potions require lowercase keys and values. + ; + ;;;;;;;;;;;;;;;;;;;; Basic Options ;;;;;;;;;;;;;;;;;;;; ; ; enable : Provide true for the provision to occur. ; Default: false @@ -39,22 +41,40 @@ ; Example: Thomas, Jerry, Kimberly, Sarah ; Default: Hyperling ; - ; branch : Provide the Github branch that the machine should poll. - ; Example: main, dev - ; Default: main + ; sshd_port : Determine the port which SSHD should listen on. + ; Example: 12345 + ; Default: 22 ; ; pentesting : Set to true to install tools such as metasploit. ; nmap is already provided for reporting ; Default: false ; - ; no_telem : Set to true to avoid setting up telemetry services. - ; Disables GitHub updates to this project. - ; Disables all telegraf pings. - ; Default: false + ;;;;;;;;;;;;;;;;;;;; Git Polling ;;;;;;;;;;;;;;;;;;;; ; - ; battery : Set to true to attempt to save battery life. - ; Slows down the rate of services such as telegraf and cron. - ; Default: false + ; For syncing this machine to a Git repository of this Ansible project + ; in this fashion: ssh://git@GIT_HOST:GIT_SSH_PORT/GIT_USER/GIT_PROJECT + ; + ; branch : Branch to use on this machine. + ; Example: main, dev, prod + ; Default: main + ; + ; git_host : Provide the git host that the machine should poll. + ; Example: github.com, gitlab.com. gitea.com + ; Default: git.hyperling.com + ; + ; git_ssh_port : Port of the server host to use for SSH requests. + ; Example: 22, 222, 2222 + ; Default: 22 + ; + ; git_user : Provide the git user which projects are found under. + ; Example: Hyperling, JimBobMcGeeJr + ; Default: me + ; + ; git_project : Name of this project on the server host. + ; Example: Ansible, ansible-setup, my-env + ; Default: env-ansible + ; + ;;;;;;;;;;;;;;;;;;;; Swap File ;;;;;;;;;;;;;;;;;;;; ; ; swap_block : Set to the block size if dd should create a swapfile. ; Preferably keep this under 2G for integrity sakes, the @@ -70,9 +90,16 @@ ; Example: /usr/local/swap ; Default: /swapfile ; - ; sshd_port : Determine the port which SSHD should listen on. - ; Example: 12345 - ; Default: 22 + ;;;;;;;;;;;;;;;;;;;; Sync Frequency ;;;;;;;;;;;;;;;;;;;; + ; + ; no_telem : Set to true to avoid setting up telemetry services. + ; Disables GitHub updates to this project. + ; Disables all telegraf pings. + ; Default: false + ; + ; battery : Set to true to attempt to save battery life. + ; Slows down the rate of services such as telegraf and cron. + ; Default: false ; [global] marker: '; {mark} MANAGED BY ANSIBLE | Generic Config' @@ -93,6 +120,10 @@ swap_count: "{{ lookup('ini', 'swap_count file={{gen_file}} default=1') }}" swap_file: "{{ lookup('ini', 'swap_file file={{gen_file}} default=/swapfile') }}" sshd_port: "{{ lookup('ini', 'sshd_port file={{gen_file}} default=22') }}" + git_host: "{{ lookup('ini', 'git_host file={{gen_file}} default=git.hyperling.com') }}" + git_user: "{{ lookup('ini', 'git_user file={{gen_file}} default=me') }}" + git_project: "{{ lookup('ini', 'git_project file={{gen_file}} default=env-ansible') }}" + git_ssh_port: "{{ lookup('ini', 'git_ssh_port file={{gen_file}} default=22') }}" - name: General | Account Management | Provisioning Configuration | General | List set_fact: @@ -109,6 +140,10 @@ - { 'swap_count': "{{ swap_count }}" } - { 'swap_file': "{{ swap_file }}" } - { 'sshd_port': "{{ sshd_port }}" } + - { 'git_host': "{{ git_host }}" } + - { 'git_user': "{{ git_user }}" } + - { 'git_project': "{{ git_project }}" } + - { 'git_ssh_port': "{{ git_ssh_port }}" } ## Workstation ## @@ -279,28 +314,6 @@ ; ; hugo : Set to true to install HUGO static website generator. ; - ; gitlab : ee - Installs Enterprise Edition Free Tier. Basically CE with an easier upgrade path for Paid Features. - ; ce - Installs Community Edition. Excludes paid features if you'll never use them. Supposedly difficult to move to EE. - ; Example: ce - ; - ; gitlab_url : The URL prefix for the server. Using 'http://mygitlabserver' would result in "http://mygitlabserver.((domain))". - ; Regardless of whether you choose http or https, the Certbot config will be skipped since the maintainer uses a reverse proxy. - ; Example: https://gitlab - ; - ; git : Set to true for this server to be configured as an HTTP git server. - ; - ; git_name : Name(s) of project(s) that the Git server should host. - ; Example: ansible#ansible-dev - ; - ; git_branch : Branch(es) of project(s) corresponding with git_name. - ; Example: main#dev - ; - ; git_url : URL(s) of project(s) corresponding with git_name. - ; Example: https://github.com/Hyperling/ansible#https://github.com/Hyperling/ansible - ; - ; git_sep : Separator for git variables above. - ; Example: # - ; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; [global] marker: '; {mark} MANAGED BY ANSIBLE | Server Config' @@ -318,13 +331,6 @@ influxdb2: "{{ lookup('ini', 'influxdb2 file={{srv_file}} default=false') }}" certbot: "{{ lookup('ini', 'certbot file={{srv_file}} default=false') }}" hugo: "{{ lookup('ini', 'hugo file={{srv_file}} default=false') }}" - gitlab: "{{ lookup('ini', 'gitlab file={{srv_file}} default=false') }}" - gitlab_url: "{{ lookup('ini', 'gitlab_url file={{srv_file}} default=false') }}" - git: "{{ lookup('ini', 'git file={{srv_file}} default=false') }}" - git_name: "{{ lookup('ini', 'git_name file={{srv_file}} default=false') }}" - git_branch: "{{ lookup('ini', 'git_branch file={{srv_file}} default=false') }}" - git_url: "{{ lookup('ini', 'git_url file={{srv_file}} default=false') }}" - git_sep: "{{ lookup('ini', 'git_sep file={{srv_file}} default=false') }}" - name: General | Account Management | Provisioning Configuration | Server | List set_fact: @@ -338,13 +344,6 @@ - { 'influxdb2': "{{ influxdb2 }}" } - { 'certbot': "{{ certbot }}" } - { 'hugo': "{{ hugo }}" } - - { 'gitlab': "{{ gitlab }}" } - - { 'gitlab_url': "{{ gitlab_url }}" } - - { 'git': "{{ git }}" } - - { 'git_name': "{{ git_name }}" } - - { 'git_branch': "{{ git_branch }}" } - - { 'git_url': "{{ git_url }}" } - - { 'git_sep': "{{ git_sep }}" } ## Exit if not turned on yet ## diff --git a/tasks/general/acct_mgmt/users.yml b/tasks/general/acct_mgmt/users.yml index ff9763b..24d186e 100644 --- a/tasks/general/acct_mgmt/users.yml +++ b/tasks/general/acct_mgmt/users.yml @@ -107,6 +107,16 @@ become_user: "{{ user }}" when: user_user.home != "" +- name: General | Account Management | Users | User | Create Folders | Coding + file: + path: "{{ item }}" + state: directory + mode: '0755' + loop: + - "{{ user_user.home }}/Code" + become_user: "{{ user }}" + when: user_user.home != "" and coding == true + - name: General | Account Management | Users | Home Permissions shell: "chmod 700 {{ user_user.home }}/../*" @@ -118,8 +128,6 @@ alias_cp: alias cp='cp -v' alias_mv: alias mv='mv -v' alias_rm: alias rm='echo "Use mv ~/TRASH/ instead!"' - alias_clean_dir: alias clean-dir='mv * ~/TRASH/' - alias_clean_trash: alias clean-trash='sh -c "rm -rfv ~/TRASH/*"' export_path_additions: export PATH="~/bin:"{{ global_bin }}":$PATH" function_wttr: | function weather() { @@ -131,7 +139,7 @@ Useful location types: $zip_code | Ex: 12345 $city,$state | Ex: Austin,Texas - @$domain_dot_extension | Ex: @github.com + @$domain_dot_extension | Ex: @gitea.com ~$special_location | Ex: ~Manitou Incline Full documentation: https://github.com/chubin/wttr.in' return 1 @@ -161,6 +169,9 @@ unset OPTIND unset accept + unset goodbye + unset only_sys + unset only_flat while getopts ":hygsf" opt; do case $opt in h) echo -e "$usage" @@ -359,11 +370,23 @@ return 0 } alias check_trash="check-trash" + alias_clean_trash: alias clean-trash='check-trash --clean' + alias_trash_check: alias trash-check='check-trash' + alias_trash_clean: alias trash-clean='trash-check --clean' + alias_clean_dir: | + function clean-dir() { + clean_dir="`date '+%Y%m%d_%H%M%S'`_CLEANED" + trash_dir="$HOME/TRASH/$clean_dir" + curr_dir="`pwd`" + mkdir -pv "$trash_dir" + echo "$curr_dir is being cleaned at `date`." | tee "$trash_dir"/INFO.txt + mv -v ..?* .[!.]* * "$trash_dir"/ | tee -a "$trash_dir"/INFO.txt + } function_clean: | function clean() { - sudo df -h - check-trash --clean - sudo df -h + sudo du -hs + clean-dir + sudo du -hs } function_flatpak_usage: | function flatpak-usage() { @@ -438,10 +461,17 @@ alias_code_check: | alias code-check=' ls -d ~/Code/* | while read project; do + if [[ ! -d $project ]]; then + continue + fi echo "*** `basename $project` ***" cd $project - git pull - git push + if [[ -d .git ]]; then + git pull + git push + else + echo "Not a Git project, skipping!" + fi done ' alias_code_reset: | @@ -456,23 +486,33 @@ git checkout dev done ' - alias_code_reseed: | - alias code-reseed=' - unseed_dir="$HOME/TRASH/`date +%Y-%m-%d`_UnseededCodeProjects" + function_code_reseed: | + function git_projects_to_sync { + cat <<- EOF + env-ansible + env-docker + env-termux + nodejs-website + android-break-the-habit + android-tictactoe + android-expense-tracker + android-example-database-room + android-carb-up + ebook-health-protocol + EOF + } + function code-reseed { + unseed_dir="$HOME/TRASH/`date ++%Y%m%d_%H%M%S`_UnseededCodeProjects" mkdir -pv "$unseed_dir" - mv -v ~/Code/*{ansible,docker,nix,break,website,www,tictactoe,-dev}* \ - "$unseed_dir"/ 2>/dev/null - git clone git@github.com:Hyperling/Ansible \ - --branch dev ~/Code/ansible-dev - git clone git@github.com:Hyperling/Docker \ - --branch dev ~/Code/docker-dev - git clone git@github.com:Hyperling/Website \ - --branch dev ~/Code/website-dev - git clone git@github.com:Hyperling/BreakTheHabit \ - --branch dev ~/Code/breakthehabit-dev - git clone git@github.com:Hyperling/TicTacToeAndroid \ - --branch dev ~/Code/tictactoe-dev - ' + mv -v ~/Code/* "$unseed_dir"/ 2>/dev/null + git_repo_ssh={{ git_repo_ssh }} + git_main_project={{ git_project }} + git_repo_ssh_basename=${git_repo_ssh//$git_main_project/} + git_projects_to_sync | while read git_project; do + git clone ${git_repo_ssh_basename}${git_project} \ + --branch dev ~/Code/$git_project + done + } function_clean_filenames: | function clean-filenames() { # Must provide the directory you'd like to clean all the filenames in. @@ -503,7 +543,7 @@ echo -e "\nDone!\n" } alias_clone: | - alias clone="rsync -auPh --delete" + alias clone="rsync -auPhz --delete" export_hyperling: | export HYPERLING6="2a07:e03:3:80::1" export HYPERLING4="185.130.47.173" @@ -513,6 +553,8 @@ if [[ -e $DOCKER_SOURCE && $LOGNAME == "root" ]]; then source $DOCKER_SOURCE fi + alias_scan: | + alias scan="nmap -A -p- --script=vuln" - name: General | Account Management | Users | Files | Common Variable set_fact: @@ -547,12 +589,13 @@ {{ alias_docker_restart }} {{ alias_code_check }} {{ alias_code_reset }} - {{ alias_code_reseed }} + {{ function_code_reseed }} {{ function_clean_filenames }} {{ function_clean_filenames_tree }} {{ alias_clone }} {{ export_hyperling }} {{ source_docker_env }} + {{ alias_scan }} - name: General | Account Management | Users | Files | .bashrc blockinfile: diff --git a/tasks/general/cron/ansible.yml b/tasks/general/cron/ansible.yml index dfe28cc..f646d9f 100644 --- a/tasks/general/cron/ansible.yml +++ b/tasks/general/cron/ansible.yml @@ -6,7 +6,7 @@ user: ansible name: "Ansible Sync" minute: "*/30" - job: "sudo {{ ansible_pull_exec.stdout }} -o -U {{ repo_local }} --checkout {{ branch }}" + job: "sudo {{ ansible_pull_exec.stdout }} -o -U {{ git_repo_http }} --checkout {{ branch }}" state: present disabled: "{{ 'yes' if no_telem else 'no' }}" diff --git a/tasks/general/scripts/root.yml b/tasks/general/scripts/root.yml index 899f67d..26b88c3 100644 --- a/tasks/general/scripts/root.yml +++ b/tasks/general/scripts/root.yml @@ -6,7 +6,7 @@ path: "{{ user_root.home }}/bin/scm.sh" block: | # 20210211 - Make life easier! - git clone {{ repo_github }} ansible-pull + git clone {{ git_repo_http }} ansible-pull ansible-pull/setup.sh mv ansible-pull ~/TRASH/ marker: '{mark}' @@ -37,7 +37,7 @@ ## Main ## - time {{ ansible_pull_exec.stdout }} -U {{ repo_github }} --checkout $branch + time {{ ansible_pull_exec.stdout }} -U {{ git_repo_http }} --checkout $branch marker: '{mark}' marker_begin: "#!{{ bash_exec.stdout }}" diff --git a/tasks/general/scripts/user.yml b/tasks/general/scripts/user.yml index 9482f0b..87a51e0 100644 --- a/tasks/general/scripts/user.yml +++ b/tasks/general/scripts/user.yml @@ -6,7 +6,7 @@ path: "{{ user_user.home }}/bin/scm.sh" block: | # 20210211 - Make life easier! - git clone {{ repo_github }} ansible-pull + git clone {{ git_repo_http }} ansible-pull ansible-pull/setup.sh mv ansible-pull ~/TRASH/ marker: '{mark}' @@ -37,7 +37,7 @@ ## Main ## - time sudo {{ ansible_pull_exec.stdout }} -U {{ repo_github }} --checkout $branch + time sudo {{ ansible_pull_exec.stdout }} -U {{ git_repo_http }} --checkout $branch marker: '{mark}' marker_begin: "#!{{ bash_exec.stdout }}" diff --git a/tasks/general/software/nixos.yml b/tasks/general/software/nixos.yml index 42dbca4..e711c1c 100644 --- a/tasks/general/software/nixos.yml +++ b/tasks/general/software/nixos.yml @@ -1,5 +1,5 @@ --- -# Update the Nix configuration at github.com/Hyperling/NixOS. +# Update the Nix configuration at git.hyperling.com/me/env-nixos. # This is also done in setup.sh if ansible is not found. - name: General | Software | NixOS | Facts @@ -19,7 +19,7 @@ blockinfile: path: /etc/nixos/ansible.nix block: | - # This file was created by https://github.com/Hyperling/Ansible + # This file was created by https://git.hyperling.com/me/env-ansible # Please do not alter it by hand. Use the proper ini files instead. { config, pkgs, nix, ... }: diff --git a/tasks/general/software/packages.yml b/tasks/general/software/packages.yml index 015624c..0796fce 100644 --- a/tasks/general/software/packages.yml +++ b/tasks/general/software/packages.yml @@ -55,6 +55,7 @@ - vim - "{{ cron }}" - "{{ encfs }}" + - rsync state: present - name: General | Software | Packages | Install Software (DEV) diff --git a/tasks/server/software/git.yml b/tasks/server/software/git.yml deleted file mode 100644 index 6e927cd..0000000 --- a/tasks/server/software/git.yml +++ /dev/null @@ -1,191 +0,0 @@ ---- -# Webserver to replace calling GitHub for projects. -# https://www.howtoforge.com/how-to-install-http-git-server-with-nginx-on-debian-11/ - -#TODO: Use gitweb instead??? I knew there was an easier way than apache/nginx/python stuff... -# https://git-scm.com/docs/gitweb - -# Gitweb is nice but doesn;t seem like it allowes cloning. -# Need to figure out how to get git:// to work, fix SSL locally, or somehow use http local and https when external.. - - -## Variables ## - -- name: Server | Software | HTTPS Git Server | Check Config Variables - debug: - var: "{{ item }}" - loop: - - git_name - - git_branch - - git_url - - git_sep - -- name: Server | Software | HTTPS Git Server | Split Config Variables To Array - set_fact: - git_names: "{{ git_name.split(git_sep) }}" - git_branches: "{{ git_branch.split(git_sep) }}" - git_urls: "{{ git_url.split(git_sep) }}" - git_projects: [] - -- name: Server | Software | HTTPS Git Server | Check Arrays - debug: - var: "{{ item }}" - loop: - - git_names - - git_branches - - git_urls - -- name: Server | Software | HTTPS Git Server | Build Dictionary - set_fact: - git_projects: "{{ git_projects + [{ 'name': git_names[item], 'branch': git_branches[item], 'url': git_urls[item] }] }}" - loop: "{{ range(0, git_names|length) | list }}" - -- name: Server | Software | HTTPS Git Server | Display Dictionary - debug: - var: git_projects - -- name: Server | Software | HTTPS Git Server | Variables 1 - set_fact: - git_web_root: /var/www/html/git - git_config_file: /etc/nginx/conf.d/git.conf - git_nginx_user: www-data - git_ssl_dir: /usr/local/etc/ssl/private - git_ssl_cert_name: cert.pem - git_ssl_key_name: key.pem - -- name: Server | Software | HTTPS Git Server | Variables 2 - set_fact: - git_cron_commands: "git pull --rebase && cd {{ git_web_root }}/ && chown -R {{ git_nginx_user }} . && chmod -R 775 ." - git_ssl_cert: "{{ git_ssl_dir }}/{{ git_ssl_cert_name }}" - git_ssl_key: "{{ git_ssl_dir }}/{{ git_ssl_key_name }}" - - -## Pre-reqs ## - -- name: Server | Software | HTTPS Git Server | Install - package: - name: - - nginx - - git - - fcgiwrap - - apache2-utils - - unzip - state: present - when: ansible_pkg_mgr == "apt" - -- name: Server | Software | HTTPS Git Server | SSL Certificate - shell: "{{ item }}" - loop: - - mkdir -p {{ git_ssl_dir }} - - openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout {{ git_ssl_key }} -out {{ git_ssl_cert }} -subj "/C=XX/ST=STATELESS/L=HOMELAB/O={{ domain }}/OU=Git Server/CN={{ domain }}" - - -## Repositories ## - -- name: Server | Software | HTTPS Git Server | Delete - file: - path: "{{ git_web_root }}" - state: absent - -- name: Server | Software | HTTPS Git Server | Download - git: - repo: "{{ item.url }}" - dest: "{{ git_web_root }}/{{ item.name }}.git" - version: "{{ item.branch }}" - clone: yes - force: yes - ignore_errors: yes - loop: "{{ git_projects }}" - -- name: Server | Software | HTTPS Git Server | Permissions - file: - path: "{{ git_web_root }}/{{ item.name }}.git" - state: directory - mode: '755' - owner: "{{ git_nginx_user }}" - group: "{{ git_nginx_user }}" - recurse: yes - loop: "{{ git_projects }}" - - -## NGINX ## - -- name: Server | Software | HTTPS Git Server | Index - blockinfile: - path: "{{ git_web_root }}/index.html" - block: | - {{ item.name }}.git is cloned from {{ item.url }} using branch {{ item.branch }}. - state: present - mode: '755' - owner: "{{ git_nginx_user }}" - group: "{{ git_nginx_user }}" - create: yes - backup: yes - marker: "" - loop: "{{ git_projects }}" - -- name: Server | Software | HTTPS Git Server | Config - blockinfile: - path: "{{ git_config_file }}" - block: | - server { - listen 443; - server_name {{ ansible_hostname }}.{{ domain }}; - - ssl_certificate {{ git_ssl_cert }}; - ssl_certificate_key {{ git_ssl_key }}; - - root {{ git_web_root }}; - - # Add index.php to the list if you are using PHP - index index.html; - #autoindex on; - - location / { - # First attempt to serve request as file, then - # as directory, then fall back to displaying a 404. - try_files $uri $uri/ =404; - } - - location ~ (/.*) { - client_max_body_size 0; - #auth_basic "Hyperling's Git Login"; - #auth_basic_user_file "{{ git_web_root }}/htpasswd"; - include /etc/nginx/fastcgi_params; - fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend; - fastcgi_param GIT_HTTP_EXPORT_ALL ""; - fastcgi_param GIT_PROJECT_ROOT {{ git_web_root }}; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $1; - fastcgi_pass unix:/var/run/fcgiwrap.socket; - } - } - state: present - mode: '755' - create: yes - backup: yes - marker: "# {mark} Managed By Ansible Git Server Playbook -->" - -- name: Server | Software | HTTPS Git Server | Service - service: - name: nginx - pattern: nginx - enabled: yes - state: restarted - - -## Cron ## - -- name: Server | Software | HTTPS Git Server | Cron | Hourly - cron: - name: "{{ item.name }} hourly" - special_time: hourly - job: "cd {{ git_web_root }}/{{ item.name }}.git && {{ git_cron_commands }}" - loop: "{{ git_projects }}" - -- name: Server | Software | HTTPS Git Server | Cron | Reboot - cron: - name: "{{ item.name }} reboot" - special_time: reboot - job: "cd {{ git_web_root }}/{{ item.name }}.git && {{ git_cron_commands }}" - loop: "{{ git_projects }}" diff --git a/tasks/server/software/gitlab.yml b/tasks/server/software/gitlab.yml deleted file mode 100644 index e854811..0000000 --- a/tasks/server/software/gitlab.yml +++ /dev/null @@ -1,106 +0,0 @@ ---- -# Install a Gitlab server for hosting software projects. - -## Checks ## - -- name: "Server | Software | GitLab | Checks | Host Variable [gitlab]={{ gitlab }}" - shell: echo "ERROR! Variable has an invalid value!" && exit 1 - when: gitlab not in ("ee", "ce") - -- name: "Server | Software | GitLab | Checks | Host Variable [gitlab_url]={{ gitlab_url }}" - set_fact: - gitlab_url: "https://gitlab" - when: gitlab_url is not defined or not gitlab - -- name: Server | Software | GitLab | Checks | Play Variables - set_fact: - gitlab_bundle: "gitlab-{{ gitlab }}" - gitlab_config: /etc/gitlab/gitlab.rb - -# Ensure other version is not installed. -- name: Server | Software | GitLab | Checks | Remove EE - package: - name: gitlab-ee - state: absent - when: gitlab == "ce" - -- name: Server | Software | GitLab | Checks | Remove CE - package: - name: gitlab-ce - state: absent - when: gitlab == "ee" - - -## Install ## -# https://about.gitlab.com/install/?version=ce#ubuntu -# https://about.gitlab.com/install/?version=ce#centos-8 (Fedora) - -- name: Server | Software | GitLab | Install | Check - shell: which gitlab-ctl - ignore_errors: yes - register: gitlab_installed - -- name: Server | Software | GitLab | Install | Pre-Reqs - package: - update_cache: yes - name: - - curl - - openssh-server - - ca-certificates - - tzdata - - perl - - postfix - state: present - when: gitlab_installed.failed - -- name: Server | Software | GitLab | Install | Add Repo (apt) - shell: curl https://packages.gitlab.com/install/repositories/gitlab/{{ gitlab_bundle }}/script.deb.sh | bash - when: gitlab_installed.failed and ansible_pkg_mgr == "apt" - -- name: Server | Software | GitLab | Install | Add Repo (dnf) - shell: curl https://packages.gitlab.com/install/repositories/gitlab/{{ gitlab_bundle }}/script.rpm.sh | bash - when: gitlab_installed.failed and ansible_pkg_mgr == "dnf" - -- name: Server | Software | GitLab | Install | Install - shell: EXTERNAL_URL="{{ gitlab_url | replace("https","http") }}.{{ domain }}" {{ ansible_pkg_mgr }} install -y {{ gitlab_bundle }} - when: gitlab_installed.failed - -- name: Server | Software | GitLab | Install | Get Password - shell: cat /etc/gitlab/initial_root_password && cp /etc/gitlab/initial_root_password ~/ - register: gitlab_passwd - when: gitlab_installed.failed - -- name: Server | Software | GitLab | Install | Print Password - debug: - var: gitlab_passwd.stdout_lines - when: gitlab_installed.failed - - -## Configuration ## -# https://docs.gitlab.com/ee/install/next_steps.html - -# Need to make server think it's https but not actually listen for it, otherwise reverse proxy doesn't work. -# https://www.itsfullofstars.de/2019/06/gitlab-behind-a-reverse-proxy/ - -- name: Server | Software | GitLab | Configure | Check External URL - lineinfile: - path: "{{ gitlab_config }}" - regexp: '^external_url ' - line: "external_url '{{ gitlab_url }}.{{ domain }}' # Managed by Ansible" - state: present - create: yes - backup: yes - -- name: Server | Software | GitLab | Configure | Turn Off Serving Local SSL - blockinfile: - path: "{{ gitlab_config }}" - block: | - nginx['listen_port'] = 80 - nginx['listen_https'] = false - marker: "# {mark} MANAGED BY ANSIBLE - {{ gitlab_config }}" - state: present - create: yes - backup: yes - -- name: Server | Software | GitLab | Configure | Reconfigure - shell: gitlab-ctl reconfigure diff --git a/tasks/workstation/linux/software/flatpaks.yml b/tasks/workstation/linux/software/flatpaks.yml index d156148..52850ca 100644 --- a/tasks/workstation/linux/software/flatpaks.yml +++ b/tasks/workstation/linux/software/flatpaks.yml @@ -40,7 +40,6 @@ - { app: "org.signal.Signal", name: "signal", extra: "" } - { app: "org.mozilla.firefox", name: "firefox-flatpak", extra: "" } - { app: "com.transmissionbt.Transmission", name: "transmission", extra: "" } - - { app: "org.gnome.Geary", name: "geary", extra: "" } flatpaks_coding: - { app: "com.vscodium.codium", name: "codium", extra: "" } - { app: "com.google.AndroidStudio", name: "android-studio", extra: "" } @@ -53,6 +52,8 @@ - { app: "org.gimp.GIMP", name: "gimp", extra: "" } - { app: "org.openshot.OpenShot", name: "openshot", extra: "" } - { app: "org.tenacityaudio.Tenacity", name: "tenacity", extra: "" } + - { app: "io.lmms.LMMS", name: "lmms", extra: "" } + - { app: "net.sourceforge.VMPK", name: "vmpk", extra: "" } flatpaks_gaming: - { app: "com.valvesoftware.Steam", name: "steam", extra: "" } - { app: "com.play0ad.zeroad", name: "zeroad", extra: "" } @@ -72,6 +73,8 @@ # End 2022-11-20 # - { app: "io.lbry.lbry-app", name: "lbry", extra: "dbus-launch" } # No longer supported, noticed 2023-09-01. - { app: "chat.delta.desktop", name: "deltachat", extra: "" } # No longer used, removed 2023-12-18. + - { app: "org.gnome.Geary", name: "geary", extra: "" } # No longer used, removed 2024-12-15 + - { app: "org.rncbc.qsynth", name: "qsynth", extra: "" } # 2024-12-15, Not worth the setup, use LMMS or VMPK. # Generic # diff --git a/tasks/workstation/shared/settings/gnome.yml b/tasks/workstation/shared/settings/gnome.yml index 2aed761..f36be37 100644 --- a/tasks/workstation/shared/settings/gnome.yml +++ b/tasks/workstation/shared/settings/gnome.yml @@ -12,25 +12,29 @@ , 'org.gnome.Nautilus.desktop' , 'io.gitlab.librewolf-community.desktop', 'librewolf.desktop' , 'org.mozilla.firefox.desktop', 'firefox.desktop' - , 'com.visualstudio.code-oss.desktop', 'code-oss.desktop' - , 'com.google.AndroidStudio.desktop' - , 'org.godotengine.Godot.desktop' - , 'org.shotcut.Shotcut.desktop' - , 'io.lbry.lbry-app.desktop', 'lbry.desktop' , 'org.signal.Signal.desktop', 'signal-desktop.desktop' , 'im.riot.Riot.desktop' , 'org.telegram.desktop.desktop' , 'com.discordapp.Discord.desktop' + , 'com.vscodium.codium.desktop' + , 'com.google.AndroidStudio.desktop' + , 'org.shotcut.Shotcut.desktop' + , 'io.lmms.LMMS.desktop' + , 'io.lbry.lbry-app.desktop', 'lbry.desktop' , 'com.valvesoftware.Steam.desktop' ]" dconf_terminal: gnome-terminal dconf_theme: Adwaita-dark dconf_icons: Adwaita -# 2024-01-28 No longer using local email clients. +# 2024-01-28 Not currently using local email clients. #, 'org.gnome.Evolution.desktop' #, 'chat.delta.desktop.desktop', 'deltachat.desktop' #, 'org.gnome.Geary.desktop' #, 'org.mozilla.Thunderbird.desktop' +# 2025-01-01 +# Reduce the amount of icons on the sidebar, things that may get added back. +#, 'com.visualstudio.code-oss.desktop', 'code-oss.desktop' +#, 'org.godotengine.Godot.desktop' - name: Workstation | Account Management | GNOME | Facts (NixOS) set_fact: