From 8e4247fd58fe461367b1cb354b59b55bed687bce Mon Sep 17 00:00:00 2001 From: Hyperling Date: Sun, 5 Dec 2021 18:08:51 -0600 Subject: [PATCH] Hosts Variable Refactor, User Name Refactor, Metasploit, Brave on Fedora, Aliases (#19) * Add Brave to Fedora (DNF). * First attempt to add metasploit installer. * Fix check for Linux and macOS to use System, not Distro. * Add more memorable aliases for msfconsole. * Telegraf is attemping to install doube-time since hosts match both localhost and hostname. * Add missing pipe. * Attempt to fix flatpak play no longer being able to find user_ling var. Don't see anything in the dev branch which would have changed this behavior though. * Add note for future removal. * Use general gather for all groups. Move user variables to it. * Feodra Workstation succeeds now! Add newline to end of file. * First attempt at doing host variables via local files. * Try using ini as lookup. * Remove "-" typo. * Add an initial gather even though it may not have all values properly populated on a machine's first run. * Fix typo in ignore. * Try default values. * Try defaults without quotes. * Add a section header. Add a default back. * Rename section to global. * Add workstation provision file. Change variables to require true. Only load config file if hosts is not being used. * Put flags back on Dell so that programs are not removed while configuring files. * Add provision config read to workstation. * Go ahead and force config files for hosts. Only affects dev branch until PR. Start making miner and server files. * Change {{}} to (()) in comments to avoid undefined variable error. * Attempt to modify existing task groups instead of moving all tasks to one large group. * Try to use blocks. * Name blocks and remove redundant calls. * Do the bare minimum for miner and server so the variables are at least defined. * Ensure Server and Miner look at their own files. * Test how block variables are handled. * Are the variables true Booleans, not strings?? * Change exits to tests so we can see which ones work. * Add more tests. * Add the test results. * Add config_dir for plays to use when making any config files. * Move provision config dir. * Add results of test. * Remove the exit. Fix the blocks' whens. * Do provision after starting, that way all facts exist. * Fix all "true"'s. * Adjust variable checks for provision_config changes. * Change gui to wrk. Add aliases to cat files. * Comment entire hosts file. * Add localhost, * Try localhost rather than host file group. * Fix typo in "prov_dir". * Add newline to end of file. * Add newline to end of file. * Add newline to end of file. * Debug variable. Should be getting set but receiving errors on Fedora. * Add newline to end of file. * Fix debug property, var not name. * Fix show-config. Change show-config-all to only hit active files, not backups. * Uncomment commented workstation. * Add commands to edit files. * Attempt to fix gitlab installer variables. * Attempt to fix gitlab play variable. * Replacing `ling` for `{{ user }}`. * Remove TODO. * Remove `config_dir` and move provision config back near top. * `user_root` is not needed, already moved to /usr/local/etc/. * Add value for running anything at all. This allows user to set up files before first run. * Reduce the check frequency, * Ensure files are printed in correct order. Also add a newline between each. * Only send file if it exists, and then remove it if it sends successfully. * Always set the destination variables. * Only run the scp for systems without sshfs. Forgot that system variables were shared between the two, and do not want to scp the files to themselves then delete the files from the mount. --- README.md | 6 +- ansible.cfg | 2 +- facts/general/gather.yml | 4 + facts/general/system.yml | 2 +- facts/general/user.yml | 2 +- facts/miner/config.yml | 2 +- facts/miner/gather.yml | 8 - facts/miner/pool.yml | 14 +- facts/miner/system.yml | 8 +- files/dwm/dwm.desktop | 2 +- hosts | 243 ++++++++-------- local.yml | 256 ++++++++++------- tasks/general/acct_mgmt/groups.yml | 2 +- tasks/general/acct_mgmt/keys.yml | 2 +- tasks/general/acct_mgmt/mounts.yml | 2 +- tasks/general/acct_mgmt/provision_config.yml | 262 ++++++++++++++++++ tasks/general/acct_mgmt/sudo.yml | 2 +- tasks/general/acct_mgmt/users.yml | 54 ++-- tasks/general/cron/ansible.yml | 6 +- tasks/general/cron/root.yml | 2 +- tasks/general/finish.yml | 5 + tasks/general/scripts/root.yml | 2 +- tasks/general/scripts/user.yml | 14 +- tasks/general/software/metasploit.yml | 12 + tasks/general/software/services.yml | 6 +- tasks/general/start.yml | 2 +- tasks/general/tests/lynis.yml | 2 +- tasks/general/tests/nmap.yml | 2 +- tasks/miner/acct_mgmt/users.yml | 2 +- tasks/miner/cron/mfn.yml | 2 +- tasks/miner/debug.yml | 2 +- tasks/miner/drivers/amdgpu.yml | 4 +- tasks/miner/software/ethminer.yml | 8 +- tasks/miner/software/nanominer.yml | 14 +- tasks/miner/software/xmr-stak-cpu.yml | 2 +- tasks/server/cron/certbot.yml | 2 +- tasks/server/software/gitlab.yml | 2 +- tasks/server/software/grafana.yml | 2 +- tasks/server/software/influxdb1.yml | 2 +- tasks/server/software/influxdb2.yml | 2 +- tasks/server/software/onlyoffice.yml | 2 +- tasks/workstation/freebsd/cron/ansible.yml | 1 - tasks/workstation/linux/cron/ansible.yml | 4 +- tasks/workstation/linux/software/brave.yml | 25 +- tasks/workstation/linux/software/debs.yml | 2 +- tasks/workstation/linux/software/flatpaks.yml | 44 +-- tasks/workstation/mac-os/software/brew.yml | 8 +- tasks/workstation/settings/gnome.yml | 38 +-- tasks/workstation/settings/nfs.yml | 2 +- 49 files changed, 735 insertions(+), 361 deletions(-) delete mode 100644 facts/miner/gather.yml create mode 100644 tasks/general/acct_mgmt/provision_config.yml create mode 100644 tasks/general/software/metasploit.yml diff --git a/README.md b/README.md index 5ea29dd..e63c216 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,8 @@ # ansible Getting real with system management via ansible-pull. +Per-system configuration is handled via local files to the provisioned machine, rather than using a hosts file. This keeps future hosts private and allows changing what's on the machine without code changes and releases. The files are accessed via the show-config and edit-config aliases. + ## Disclaimer This setup is specific to the maintainer's devices and needs. You're welcome to use it as an example for your needs, but do not expect it to work as-is. @@ -37,10 +39,10 @@ Software choices are slightly more limited since not `flatpak`-enabled and not f Specifically for the Pinephone. ### Arch Linux x86 Would be great to have Arch get built up by this. Used for many years but left after update problems due to a long computer hiatus. +### Fedora Mobile +Specifically for the Pinephone. ## Future Goals -Make the preferred user's name per-device, specified in the hosts file, rather than the hard-coded `ling`. - Eventually some of the scripts and install files will be put into the files folder. This will allow initializing systems outside of the maintainer's home network. There may also be a refactor of task-specific facts to be in their task file so that some playbooks can be more self-sufficient and be provided to the community without hacking. The original goal was to never define facts in tasks, but the benefit has yet to be seen for some tasks. Shared facts will definitely continue to exist under the facts tree. diff --git a/ansible.cfg b/ansible.cfg index 421239f..960278b 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -4,4 +4,4 @@ interpreter_python=auto_silent [inventory] localhost_warning=False -host_pattern_mismatch=ignore \ No newline at end of file +host_pattern_mismatch=ignore diff --git a/facts/general/gather.yml b/facts/general/gather.yml index d345c4e..427a49f 100644 --- a/facts/general/gather.yml +++ b/facts/general/gather.yml @@ -4,11 +4,15 @@ - name: General | Facts | Gather | Locate bash shell: which bash register: bash_exec + ignore_errors: yes - name: General | Facts | Gather | Locate ansible-pull shell: which ansible-pull register: ansible_pull_exec + ignore_errors: yes - name: General | Facts | Gather | Locate zsh shell: which zsh register: zsh_exec + ignore_errors: yes + diff --git a/facts/general/system.yml b/facts/general/system.yml index 3ece248..d76211a 100644 --- a/facts/general/system.yml +++ b/facts/general/system.yml @@ -3,7 +3,7 @@ - name: General | Facts | System | Global set_fact: - leet_ssh: 'ling@leet' + leet_ssh: '{{ user }}@leet' leet_drive: /mnt/leet lynis_install_dir: /usr/local/lynis dwm_install_dir: /usr/local/src/dwm diff --git a/facts/general/user.yml b/facts/general/user.yml index 242256d..18305d5 100644 --- a/facts/general/user.yml +++ b/facts/general/user.yml @@ -10,4 +10,4 @@ - name: General | Facts | User | FreeBSD set_fact: root_group: wheel - when: ansible_system == "FreeBSD" \ No newline at end of file + when: ansible_system == "FreeBSD" diff --git a/facts/miner/config.yml b/facts/miner/config.yml index 665f60a..a6fe1ea 100644 --- a/facts/miner/config.yml +++ b/facts/miner/config.yml @@ -25,4 +25,4 @@ ## Clean Up ## - name: Miner | Facts | Config File | Delete - shell: "mv {{ config_file_local }} ~/TRASH/" \ No newline at end of file + shell: "mv {{ config_file_local }} ~/TRASH/" diff --git a/facts/miner/gather.yml b/facts/miner/gather.yml deleted file mode 100644 index 26dccf8..0000000 --- a/facts/miner/gather.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# Find things we will use later. - -## Executables ## - -- name: Miner | Facts | System | Executables - shell: "which bash" - register: bash_exec \ No newline at end of file diff --git a/facts/miner/pool.yml b/facts/miner/pool.yml index 66306de..6e1e86a 100644 --- a/facts/miner/pool.yml +++ b/facts/miner/pool.yml @@ -36,8 +36,7 @@ - name: Miner | Facts | Pools | Set GPU to Nanopool Eth set_fact: cpu_pool: "{{ nanopool_xmr }}" - when: nanominer_cpu is defined and nanominer_cpu_pool is defined and - nanominer_cpu == "xmr" and nanominer_cpu_pool == "nanopool" + when: nanominer_cpu == "xmr" and nanominer_cpu_pool == "nanopool" # GPU # @@ -45,20 +44,17 @@ - name: Miner | Facts | Pools | Set GPU to Nanopool Eth set_fact: gpu_pool: "{{ nanopool_eth }}" - when: nanominer_gpu is defined and nanominer_gpu_pool is defined and - nanominer_gpu == "eth" and nanominer_gpu_pool == "nanopool" + when: nanominer_gpu == "eth" and nanominer_gpu_pool == "nanopool" - name: Miner | Facts | Pools | Set GPU to Etherpool Eth set_fact: gpu_pool: "{{ ethermine_eth }}" - when: nanominer_gpu is defined and nanominer_gpu_pool is defined and - nanominer_gpu == "eth" and nanominer_gpu_pool == "etherpool" + when: nanominer_gpu == "eth" and nanominer_gpu_pool == "etherpool" - name: Miner | Facts | Pools | Set GPU to F2Pool Eth set_fact: gpu_pool: "{{ f2pool_eth }}" - when: nanominer_gpu is defined and nanominer_gpu_pool is defined and - nanominer_gpu == "eth" and nanominer_gpu_pool == "f2pool" + when: nanominer_gpu == "eth" and nanominer_gpu_pool == "f2pool" @@ -69,4 +65,4 @@ var: "{{ item }}" loop: - cpu_pool - - gpu_pool \ No newline at end of file + - gpu_pool diff --git a/facts/miner/system.yml b/facts/miner/system.yml index fa1df2f..706a76d 100644 --- a/facts/miner/system.yml +++ b/facts/miner/system.yml @@ -5,7 +5,7 @@ - name: Miner | Facts | System | Global 1 set_fact: - file_server: 'ling@leet' + file_server: '{{ user }}@leet' check_alive_start: "[[ `ps -ef | grep -v 'grep' | grep -v '/bin/sh -c' | grep -v $$ | grep -c '" check_alive_end: "'` == '0' ]] &&" combined_log_file: "{{ user_mfn.home }}/log.txt" @@ -54,6 +54,6 @@ - name: Miner | Facts | System | Miner Array set_fact: miners: - - { "name": "xmr_stak_cpu", "enabled": '{{ (xmr_stak_cpu is defined) }}', "command": "{{ user_mfn.home }}/xmr_stak_cpu.sh {{ use_combined_log_file }}" } - - { "name": "ethminer", "enabled": '{{ (ethminer is defined) }}', "command": "{{ user_mfn.home }}/ethminer.sh {{ use_combined_log_file }}" } - - { "name": "nanominer", "enabled": '{{ (nanominer is defined) }}', "command": "{{ nanominer_script }} {{ use_combined_log_file }}" } \ No newline at end of file + - { "name": "xmr_stak_cpu", "enabled": '{{ (xmr_stak_cpu != false) }}', "command": "{{ user_mfn.home }}/xmr_stak_cpu.sh {{ use_combined_log_file }}" } + - { "name": "ethminer", "enabled": '{{ (ethminer != false) }}', "command": "{{ user_mfn.home }}/ethminer.sh {{ use_combined_log_file }}" } + - { "name": "nanominer", "enabled": '{{ (nanominer != false) }}', "command": "{{ nanominer_script }} {{ use_combined_log_file }}" } diff --git a/files/dwm/dwm.desktop b/files/dwm/dwm.desktop index 622a2a5..1b1f77a 100644 --- a/files/dwm/dwm.desktop +++ b/files/dwm/dwm.desktop @@ -2,4 +2,4 @@ Name=dwm Comment=1337 Tiling Window Manager Exec=/usr/local/bin/dwm.sh -Type=Application \ No newline at end of file +Type=Application diff --git a/hosts b/hosts index 81cf5fd..eeed1d0 100644 --- a/hosts +++ b/hosts @@ -1,117 +1,130 @@ -[everything] -;;;;;;; Available options - all require lowercase values ;;;;;; -; -; branch : Provide the Github branch that the machine should poll. -; Exampel: main, dev -; +;;; DEPRECATION WARNING ;;; +; The move to file-based variables has begun. +; This file will be removed once all variables are converted and all hosts have been modified. +; Please see tasks/general/acct_mgmt/provision_config.yml for details. +;;; END DEPRECATION WARNING ;;; + +[global] localhost -dell-laptop branch=dev -airbook branch=dev -x570 branch=dev -test branch=dev -[workstation] -;;;;;;; Available options - all require lowercase values ;;;;;; -; -; coding : Define for installation of code editors (VSCode, PyCharm, Android Studio) -; -; editing : Define for installation of Audio/Video editors (Shotcut, Audacity, OBS Stdio, GIMP) -; -; gaming : Define for installation of gaming software (Steam, Lutris) -; -; rdp : Define for installation of RDP protocol -; CURRENTLY FREEBSD-ONLY -; -; vnc : Define for installation of VNC protocol -; NOT IMPLEMENTED YET -; -dell-laptop coding=true editing=true gaming=true -dell-inspiron coding=true gaming=true -usb-workstation coding=true -lbry-server-1 -lbry-server-2 -lbry-server-3 -aspire coding=true editing=true gaming=true -freeboy rdp=true -airbook coding=true editing=true gaming=true - -[mobile] -pinephone -usb-mobile -silicon-power - -[miner] -;;;;;;; Available options - all require lowercase values ;;;;;; -; amdgpu : Set to anything for installation of AMDGPU-Pro drivers on Ubuntu (20.04 preferred) -; Example: true -; -; nanominer : Set to anything for installation of nanominer -; Example: true -; -; nanominer_cpu : Set to coin code that you'd like the CPU to work on -; Valid values: xmr -; -; nanominer_cpu_pool : Set to pool organization to use for CPU mining -; Valid values: nanopool -; -; nanominer_gpu : Set to coin code that you'd like the GPU to work on -; Valid values: eth -; -; nanominer_gpus : Set to comma list of GPU devices that should be used for nanominer -; Example: 0,2,3 -; -; nanominer_gpu_pool : Set to pool organization to use for GPU mining -; Valid values: nanopool etherpool f2pool -; -; eth_minhashrate : Set to minimum hashrate over 10 minutes before restarting. Can accept M for Million and K for thousand. -; Example: 100K -; -usb-miner amdgpu=true nanominer=true nanominer_gpu=eth nanominer_gpus=0 nanominer_gpu_pool=nanopool -x570 amdgpu=true nanominer=true nanominer_gpu=eth nanominer_gpus=0 nanominer_gpu_pool=nanopool eth_minhashrate=50M -;x570 amdgpu=true ethminer=true - -[server] -;;;;;;; Parameters ;;;;;; -; -; domain : Set to the domain which gives the server its FQDN. -; Example: hyperling.com -; -; onlyoffice : Set to anything for this server to be configured as an OnlyOffice server. -; Example: true -; -; grafana : Set to anything for this server to be configured as an Grafana web server. -; Example: true -; -; influxdb1 : Set to anything for this server to be configured as an Influx 1 DB server. -; Example: true -; -; influxdb2 : Set to anything for this server to be configured as an Influx 2 DB + web server. -; Example: true -; -; certbot : Set to anything to add cron job for `certbot renew`. -; Example: true -; -; hugo : Set to anything to install HUGO static website generator. -; Example: true -; -; gitlab : ee - Installs Enterprise Edition Free Tier. Basically CE with an easier upgrade path for Paid Features. -; ce - Installs Community Edition. Excludes paid features if you'll never use them. Supposedly difficult to move to EE. -; Example: ce -; -; gitlab_url : The URL prefix for the server. Using 'http://mygitlabserver' would result in "http://mygitlabserver.{{domain}}". -; Regardless of whether you choose http or https, the Certbot config will be skipped since the maintainer uses a reverse proxy. -; Example: https://gitlab -; -onlyoffice domain=hyperling.com onlyoffice=true -grafana domain=hyperling.com grafana=true influxdb1=true -test -hyperling certbot=true -hyperling.com certbot=true -tmcvideos certbot=true -tmcvideos.com certbot=true -reverse-proxy certbot=true -nextcloud -wordpress certbot=true -usb-server -git gitlab=ce domain=hyperling.com gitlab_url=https://git -gitlab gitlab=ce domain=hyperling.com gitlab_url=https://gitlab +;;; Old hosts file: +;;; [everything] +;;; ;;;;;;; Available options - all require lowercase values ;;;;;; +;;; ; +;;; ; branch : Provide the Github branch that the machine should poll. +;;; ; Example: main, dev +;;; ; +;;; ; pentesting : Set to anything to install tools such as metasploit (nmap is already provided for reporting) +;;; ; Example: true +;;; ; +;;; localhost +;;; ;dell-laptop branch=dev pentesting=true +;;; ;airbook branch=dev pentesting=true +;;; ;x570 branch=dev +;;; ;test branch=dev pentesting=true +;;; +;;; [workstation] +;;; ;;;;;;; Available options - all require lowercase values ;;;;;; +;;; ; +;;; ; coding : Define for installation of code editors (VSCode, PyCharm, Android Studio) +;;; ; +;;; ; editing : Define for installation of Audio/Video editors (Shotcut, Audacity, OBS Stdio, GIMP) +;;; ; +;;; ; gaming : Define for installation of gaming software (Steam, Lutris) +;;; ; +;;; ; rdp : Define for installation of RDP protocol +;;; ; CURRENTLY FREEBSD-ONLY +;;; ; +;;; ; vnc : Define for installation of VNC protocol +;;; ; NOT IMPLEMENTED YET +;;; ; +;;; dell-laptop coding=true editing=true gaming=true +;;; dell-inspiron coding=true gaming=true +;;; usb-workstation coding=true +;;; lbry-server-1 +;;; lbry-server-2 +;;; lbry-server-3 +;;; aspire coding=true editing=true gaming=true +;;; freeboy rdp=true +;;; airbook coding=true editing=true gaming=true +;;; +;;; [mobile] +;;; pinephone +;;; usb-mobile +;;; silicon-power +;;; +;;; [miner] +;;; ;;;;;;; Available options - all require lowercase values ;;;;;; +;;; ; amdgpu : Set to anything for installation of AMDGPU-Pro drivers on Ubuntu (20.04 preferred) +;;; ; Example: true +;;; ; +;;; ; nanominer : Set to anything for installation of nanominer +;;; ; Example: true +;;; ; +;;; ; nanominer_cpu : Set to coin code that you'd like the CPU to work on +;;; ; Valid values: xmr +;;; ; +;;; ; nanominer_cpu_pool : Set to pool organization to use for CPU mining +;;; ; Valid values: nanopool +;;; ; +;;; ; nanominer_gpu : Set to coin code that you'd like the GPU to work on +;;; ; Valid values: eth +;;; ; +;;; ; nanominer_gpus : Set to comma list of GPU devices that should be used for nanominer +;;; ; Example: 0,2,3 +;;; ; +;;; ; nanominer_gpu_pool : Set to pool organization to use for GPU mining +;;; ; Valid values: nanopool etherpool f2pool +;;; ; +;;; ; eth_minhashrate : Set to minimum hashrate over 10 minutes before restarting. Can accept M for Million and K for thousand. +;;; ; Example: 100K +;;; ; +;;; usb-miner amdgpu=true nanominer=true nanominer_gpu=eth nanominer_gpus=0 nanominer_gpu_pool=nanopool +;;; x570 amdgpu=true nanominer=true nanominer_gpu=eth nanominer_gpus=0 nanominer_gpu_pool=nanopool eth_minhashrate=50M +;;; ;x570 amdgpu=true ethminer=true +;;; +;;; [server] +;;; ;;;;;;; Parameters ;;;;;; +;;; ; +;;; ; domain : Set to the domain which gives the server its FQDN. +;;; ; Example: hyperling.com +;;; ; +;;; ; onlyoffice : Set to anything for this server to be configured as an OnlyOffice server. +;;; ; Example: true +;;; ; +;;; ; grafana : Set to anything for this server to be configured as an Grafana web server. +;;; ; Example: true +;;; ; +;;; ; influxdb1 : Set to anything for this server to be configured as an Influx 1 DB server. +;;; ; Example: true +;;; ; +;;; ; influxdb2 : Set to anything for this server to be configured as an Influx 2 DB + web server. +;;; ; Example: true +;;; ; +;;; ; certbot : Set to anything to add cron job for `certbot renew`. +;;; ; Example: true +;;; ; +;;; ; hugo : Set to anything to install HUGO static website generator. +;;; ; Example: true +;;; ; +;;; ; gitlab : ee - Installs Enterprise Edition Free Tier. Basically CE with an easier upgrade path for Paid Features. +;;; ; ce - Installs Community Edition. Excludes paid features if you'll never use them. Supposedly difficult to move to EE. +;;; ; Example: ce +;;; ; +;;; ; gitlab_url : The URL prefix for the server. Using 'http://mygitlabserver' would result in "http://mygitlabserver.{{domain}}". +;;; ; Regardless of whether you choose http or https, the Certbot config will be skipped since the maintainer uses a reverse proxy. +;;; ; Example: https://gitlab +;;; ; +;;; onlyoffice domain=hyperling.com onlyoffice=true +;;; grafana domain=hyperling.com grafana=true influxdb1=true +;;; test +;;; hyperling certbot=true +;;; hyperling.com certbot=true +;;; tmcvideos certbot=true +;;; tmcvideos.com certbot=true +;;; reverse-proxy certbot=true +;;; nextcloud +;;; wordpress certbot=true +;;; usb-server +;;; git gitlab=ce domain=hyperling.com gitlab_url=https://git +;;; gitlab gitlab=ce domain=hyperling.com gitlab_url=https://gitlab diff --git a/local.yml b/local.yml index 837a0fc..60b8ee9 100644 --- a/local.yml +++ b/local.yml @@ -1,13 +1,16 @@ --- -# Harmonize my systems rather than doing everything manually. :) +# Harmonize systems rather than doing everything manually. :) # Setup of any device connected to this repo. - name: Main | Default Setup - hosts: everything + hosts: localhost connection: local become: true tasks: + - include: facts/general/gather.yml + - include: tasks/general/acct_mgmt/provision_config.yml + - include: facts/general/system.yml - include: facts/general/package.yml - include: facts/general/service.yml @@ -22,7 +25,7 @@ ignore_errors: yes when: ansible_system == "FreeBSD" - - include: facts/general/gather.yml + - include: facts/general/gather.yml - include: tasks/general/acct_mgmt/groups.yml - include: tasks/general/acct_mgmt/users.yml @@ -40,145 +43,198 @@ - include: tasks/workstation/freebsd/cron/ansible.yml when: ansible_system == "FreeBSD" + - include: tasks/general/software/metasploit.yml + when: pentesting == true + - name: FORTESTING | Outside Block | Output Block Variables + debug: + var: "{{ item }}" + loop: + - workstation + - miner + - server + + - name: FORTESTING | Block + block: + + - name: FORTESTING | Inside Block | Output Block Variables + debug: + var: "{{ item }}" + loop: + - workstation + - miner + - server + + - name: FORTESTING | Inside Block | W Test 1 # Did not run on true. :( + shell: echo "test" + when: workstation == "true" + + - name: FORTESTING | Inside Block | W Test 2 # Did run on true! :) + shell: echo "test" + when: workstation == true + + - name: FORTESTING | Inside Block | W Test 3 # Did run on true! :) + shell: echo "test" + when: workstation + + - name: FORTESTING | Inside Block | M Test 1 # Skipped on false. :) + shell: echo "test" + when: miner == "true" + + - name: FORTESTING | Inside Block | M Test 2 # Skipped on false. :) + shell: echo "test" + when: miner == true + + - name: FORTESTING | Inside Block | M Test 3 # Skipped on false. :) + shell: echo "test" + when: miner + + - name: FORTESTING | Inside Block | S Test 1 # Skipped on yolo. :) + shell: echo "test" + when: server == "true" + + - name: FORTESTING | Inside Block | S Test 2 # Skipped on yolo. :) + shell: echo "test" + when: server == true + + - name: FORTESTING | Inside Block | S Test 3 # Ran on yolo. :( + shell: echo "test" + when: server + + + +####### Workstations ####### # Additional setup for systems with GUI. -- name: Main | Workstation Setup - hosts: workstation - connection: local - become: true + - name: Main | Workstation Setup + block: - tasks: - - include: facts/general/system.yml - - include: facts/workstation/package.yml - - include: facts/general/service.yml + - include: facts/general/system.yml + - include: facts/workstation/package.yml + - include: facts/general/service.yml - # Set Up Desktop Environments # - - include: tasks/workstation/freebsd/software/gui.yml - when: ansible_system == "FreeBSD" + # Set Up Desktop Environments # + - include: tasks/workstation/freebsd/software/gui.yml + when: ansible_system == "FreeBSD" - - include: tasks/workstation/linux/software/gnome.yml - when: ansible_system == "Linux" + - include: tasks/workstation/linux/software/gnome.yml + when: ansible_system == "Linux" - - include: tasks/workstation/linux/software/dwm.yml - when: ansible_system in ("Linux", "FreeBSD") - ignore_errors: yes + - include: tasks/workstation/linux/software/dwm.yml + when: ansible_system in ("Linux", "FreeBSD") + ignore_errors: yes - # Software Tasks # - - include: tasks/workstation/linux/software/flatpaks.yml - when: ansible_system == "Linux" and flatpak_distro + # Software Tasks # + - include: tasks/workstation/linux/software/flatpaks.yml + when: ansible_system == "Linux" and flatpak_distro - - include: tasks/workstation/linux/software/debs.yml - when: ansible_pkg_mgr == "apt" + - include: tasks/workstation/linux/software/debs.yml + when: ansible_pkg_mgr == "apt" - - include: tasks/workstation/linux/software/brave.yml - when: ansible_pkg_mgr == "apt" + - include: tasks/workstation/linux/software/brave.yml + when: ansible_pkg_mgr in ("apt", "dnf") - - include: tasks/workstation/mac-os/software/brew.yml - when: ansible_system == "Darwin" + - include: tasks/workstation/mac-os/software/brew.yml + when: ansible_system == "Darwin" - - include: tasks/workstation/mac-os/software/dmg.yml - when: ansible_system == "Darwin" + - include: tasks/workstation/mac-os/software/dmg.yml + when: ansible_system == "Darwin" - # Configuration Tasks # - - include: tasks/workstation/settings/gnome.yml + # Configuration Tasks # + - include: tasks/workstation/settings/gnome.yml - - include: tasks/workstation/linux/cron/ansible.yml - when: ansible_system == "Linux" + - include: tasks/workstation/linux/cron/ansible.yml + when: ansible_system == "Linux" - - include: tasks/workstation/settings/nfs.yml + - include: tasks/workstation/settings/nfs.yml - - include: tasks/workstation/settings/rdp.yml - when: rdp is defined - - include: tasks/workstation/settings/vnc.yml - when: vnc is defined + - include: tasks/workstation/settings/rdp.yml + when: rdp == true + - include: tasks/workstation/settings/vnc.yml + when: vnc == true + + - include: tasks/workstation/settings/services.yml + ignore_errors: yes + + when: workstation == true - - include: tasks/workstation/settings/services.yml - ignore_errors: yes + ####### Miners ####### + # Additional setup for miners. + - name: Main | Miner Setup + block: -# Additional setup for miners! -- name: Main | Miner Setup - hosts: miner - connection: local - become: true + ##### Setup ##### + - include: tasks/miner/debug.yml - tasks: - ##### Setup ##### - - include: tasks/miner/debug.yml - - - include: facts/miner/gather.yml + - include: tasks/miner/acct_mgmt/users.yml - - include: tasks/miner/acct_mgmt/users.yml + - include: facts/miner/system.yml + - include: facts/miner/config.yml + - include: facts/miner/pool.yml - - include: facts/miner/system.yml - - include: facts/miner/config.yml - - include: facts/miner/pool.yml + ##### Installations ##### + ### CPU SECTION ### + # Monero # + - include: tasks/miner/software/xmr-stak-cpu.yml + when: xmr_stak_cpu is defined - ##### Installations ##### - ### CPU SECTION ### - # Monero # - - include: tasks/miner/software/xmr-stak-cpu.yml - when: xmr_stak_cpu is defined + ### GPU Section ### + ## Drivers ## + - include: tasks/miner/drivers/amdgpu.yml + when: ansible_distribution == "Ubuntu" and amdgpu == true - ### GPU Section ### - ## Drivers ## - - include: tasks/miner/drivers/amdgpu.yml - when: ansible_distribution == "Ubuntu" and amdgpu is defined + # Ethereum # + - include: tasks/miner/software/ethminer.yml + when: ethminer == true - # Ethereum # - - include: tasks/miner/software/ethminer.yml - when: ethminer is defined + - include: tasks/miner/software/nanominer.yml + when: nanominer == true - - include: tasks/miner/software/nanominer.yml - when: nanominer is defined + ##### Scheduling ##### + - include: tasks/miner/cron/ansible.yml + - include: tasks/miner/cron/mfn.yml - ##### Scheduling ##### - - include: tasks/miner/cron/ansible.yml - - include: tasks/miner/cron/mfn.yml + when: miner == true -# Easy to deploy server configurations. -- name: Main | Server Setup - hosts: server - connection: local - become: true + ####### Servers ####### + # Easy to deploy server configurations. + - name: Main | Server Setup + block: - tasks: - - include: tasks/server/software/onlyoffice.yml - when: onlyoffice is defined and ansible_pkg_mgr == "apt" + - include: tasks/server/software/onlyoffice.yml + when: onlyoffice == true and ansible_pkg_mgr == "apt" - - include: tasks/server/software/influxdb1.yml - when: influxdb1 is defined and ansible_pkg_mgr == "apt" + - include: tasks/server/software/influxdb1.yml + when: influxdb1 == true and ansible_pkg_mgr == "apt" - - include: tasks/server/software/influxdb2.yml - when: influxdb2 is defined and ansible_pkg_mgr == "apt" + - include: tasks/server/software/influxdb2.yml + when: influxdb2 == true and ansible_pkg_mgr == "apt" - - include: tasks/server/software/grafana.yml - when: grafana is defined and ansible_pkg_mgr == "apt" + - include: tasks/server/software/grafana.yml + when: grafana == true and ansible_pkg_mgr == "apt" - - include: tasks/server/software/certbot.yml - when: certbot is defined - - include: tasks/server/cron/certbot.yml - when: certbot is defined + - include: tasks/server/software/certbot.yml + when: certbot == true + - include: tasks/server/cron/certbot.yml + when: certbot == true - - include: tasks/server/software/hugo.yml - when: hugo is defined + - include: tasks/server/software/hugo.yml + when: hugo == true - - include: tasks/server/software/gitlab.yml - when: gitlab is defined and ansible_pkg_mgr in ("apt", "dnf") and ansible_distribution not in ("Fedora") + - include: tasks/server/software/gitlab.yml + when: gitlab and ansible_pkg_mgr in ("apt", "dnf") and ansible_distribution not in ("Fedora") + + when: server == true -# Provide information for analysis. -- name: Main | Reporting - hosts: everything - connection: local - become: true + ####### Reporting ####### + # Provide information for analysis. - tasks: - include: tasks/general/software/telegraf.yml - include: tasks/general/tests/nmap.yml diff --git a/tasks/general/acct_mgmt/groups.yml b/tasks/general/acct_mgmt/groups.yml index 3eb12b1..b22c1a4 100644 --- a/tasks/general/acct_mgmt/groups.yml +++ b/tasks/general/acct_mgmt/groups.yml @@ -9,4 +9,4 @@ loop: - sudo - video - - render \ No newline at end of file + - render diff --git a/tasks/general/acct_mgmt/keys.yml b/tasks/general/acct_mgmt/keys.yml index 635f018..d6d8ac1 100644 --- a/tasks/general/acct_mgmt/keys.yml +++ b/tasks/general/acct_mgmt/keys.yml @@ -13,4 +13,4 @@ ignore_errors: yes - name: General | Account Management | Keys | Root | Copy SSH to 1337 - shell: ssh-copy-id -i /root/.ssh/id_rsa {{ leet_ssh }} \ No newline at end of file + shell: ssh-copy-id -i /root/.ssh/id_rsa {{ leet_ssh }} diff --git a/tasks/general/acct_mgmt/mounts.yml b/tasks/general/acct_mgmt/mounts.yml index a7f3cb8..f5ec7bf 100644 --- a/tasks/general/acct_mgmt/mounts.yml +++ b/tasks/general/acct_mgmt/mounts.yml @@ -66,4 +66,4 @@ - name: General | Account Management | Mounts | Refresh Variable leet_drive_details stat: path: "{{ leet_drive }}/Temp/ansible" - register: leet_drive_details \ No newline at end of file + register: leet_drive_details diff --git a/tasks/general/acct_mgmt/provision_config.yml b/tasks/general/acct_mgmt/provision_config.yml new file mode 100644 index 0000000..c0773d7 --- /dev/null +++ b/tasks/general/acct_mgmt/provision_config.yml @@ -0,0 +1,262 @@ +--- +# Set up directory and files for specifying software needs rather than using hosts file. + +- name: General | Account Management | Provisioning Configuration | Variables 1 + set_fact: + prov_dir: "/usr/local/etc/hyperling-scm" + +- name: General | Account Management | Provisioning Configuration | Variables 2 + set_fact: + gen_file: "{{ prov_dir }}/general.ini" + wrk_file: "{{ prov_dir }}/workstation.ini" + mnr_file: "{{ prov_dir }}/miner.ini" + srv_file: "{{ prov_dir }}/server.ini" + +- name: General | Account Management | Provisioning Configuration | Create Directory + file: + path: "{{ prov_dir }}" + state: directory + mode: '0755' + + +## General ## + +- name: General | Account Management | Provisioning Configuration | General | Create + blockinfile: + path: "{{ gen_file }}" + block: | + ;;;;;;; Available options - all require lowercase values ;;;;;; + ; + ; enable : Provide true for the provision to occur. + ; + ; user : Provide the name of the user account. + ; Example: tom, jerry, kim, sarah + ; + ; user_desc : Provide the description of the user account. + ; Example: Thomas, Jerry, Kimberly, Sarah + ; + ; branch : Provide the Github branch that the machine should poll. + ; Example: main, dev + ; + ; pentesting : Set to true to install tools such as metasploit (nmap is already provided for reporting) + ; + [global] + marker: '; {mark} MANAGED BY ANSIBLE | Generic Config' + state: present + create: yes + backup: yes + +- name: General | Account Management | Provisioning Configuration | General | Load + set_fact: + provision: "{{ lookup('ini', 'enable file={{gen_file}} default=false') }}" + user: "{{ lookup('ini', 'user file={{gen_file}} default=ling') }}" + user_desc: "{{ lookup('ini', 'user_desc file={{gen_file}} default=Hyperling') }}" + branch: "{{ lookup('ini', 'branch file={{gen_file}} default=main') }}" + pentesting: "{{ lookup('ini', 'pentesting file={{gen_file}} default=false') }}" + +- name: General | Account Management | Provisioning Configuration | General | Print + debug: + var: "{{ item }}" + loop: + - provision + - user + - user_desc + - branch + - pentesting + + +## Workstation ## + +- name: General | Account Management | Provisioning Configuration | Workstation | Create + blockinfile: + path: "{{ wrk_file }}" + block: | + ;;;;;;; Available options - all require lowercase values ;;;;;; + ; + ; enable : Set to true for system to be considered a workstation. + ; + ; coding : Set to true for installation of code editors (VSCode, PyCharm, Android Studio) + ; + ; editing : Set to true for installation of Audio/Video editors (Shotcut, Audacity, OBS Stdio, GIMP) + ; + ; gaming : Set to true for installation of gaming software (Steam, Lutris) + ; + ; rdp : Set to true for installation of RDP protocol + ; CURRENTLY FREEBSD-ONLY + ; + ; vnc : Set to true for installation of VNC protocol + ; NOT IMPLEMENTED YET + ; + [global] + marker: '; {mark} MANAGED BY ANSIBLE | Workstation Config' + state: present + create: yes + backup: yes + +- name: General | Account Management | Provisioning Configuration | Workstation | Load + set_fact: + workstation: "{{ lookup('ini', 'enable file={{wrk_file}} default=false') }}" + coding: "{{ lookup('ini', 'coding file={{wrk_file}} default=false') }}" + editing: "{{ lookup('ini', 'editing file={{wrk_file}} default=false') }}" + gaming: "{{ lookup('ini', 'gaming file={{wrk_file}} default=false') }}" + rdp: "{{ lookup('ini', 'rdp file={{wrk_file}} default=false') }}" + vnc: "{{ lookup('ini', 'vnc file={{wrk_file}} default=false') }}" + +- name: General | Account Management | Provisioning Configuration | Workstation | Print + debug: + var: "{{ item }}" + loop: + - workstation + - coding + - editing + - gaming + - rdp + - vnc + + +## Miner ## + +- name: General | Account Management | Provisioning Configuration | Miner | Create + blockinfile: + path: "{{ mnr_file }}" + block: | + ;;;;;;; Available options - all require lowercase values ;;;;;; + ; + ; enable : Set to true for system to be considered a miner. + ; + ; amdgpu : Set to true for installation of AMDGPU-Pro drivers on Ubuntu (20.04 preferred) + ; + ; nanominer : Set to true for installation of nanominer + ; + ; nanominer_cpu : Set to coin code that you'd like the CPU to work on + ; Valid values: xmr + ; + ; nanominer_cpu_pool : Set to pool organization to use for CPU mining + ; Valid values: nanopool + ; + ; nanominer_gpu : Set to coin code that you'd like the GPU to work on + ; Valid values: eth + ; + ; nanominer_gpus : Set to comma list of GPU devices that should be used for nanominer + ; Example: 0,2,3 + ; + ; nanominer_gpu_pool : Set to pool organization to use for GPU mining + ; Valid values: nanopool etherpool f2pool + ; + ; eth_minhashrate : Set to minimum hashrate over 10 minutes before restarting. Can accept M for Million and K for thousand. + ; Example: 100K + ; + ; ethminer : Set to true for installation of ethminer + ; + ; nvidia : Set to true for NVidia support in ethminer. + ; + [global] + marker: '; {mark} MANAGED BY ANSIBLE | Miner Config' + state: present + create: yes + backup: yes + +- name: General | Account Management | Provisioning Configuration | Miner | Load + set_fact: + miner: "{{ lookup('ini', 'enable file={{mnr_file}} default=false') }}" + amdgpu: "{{ lookup('ini', 'amdgpu file={{mnr_file}} default=false') }}" + nanominer: "{{ lookup('ini', 'nanominer file={{mnr_file}} default=false') }}" + nanominer_cpu: "{{ lookup('ini', 'nanominer_cpu file={{mnr_file}} default=false') }}" + nanominer_cpu_pool: "{{ lookup('ini', 'nanominer_cpu_pool file={{mnr_file}} default=false') }}" + nanominer_gpu: "{{ lookup('ini', 'nanominer_gpu file={{mnr_file}} default=false') }}" + nanominer_gpus: "{{ lookup('ini', 'nanominer_gpus file={{mnr_file}} default=false') }}" + nanominer_gpu_pool: "{{ lookup('ini', 'nanominer_gpu_pool file={{mnr_file}} default=false') }}" + eth_minhashrate: "{{ lookup('ini', 'eth_minhashrate file={{mnr_file}} default=false') }}" + ethminer: "{{ lookup('ini', 'ethminer file={{mnr_file}} default=false') }}" + nvidia: "{{ lookup('ini', 'nvidia file={{mnr_file}} default=false') }}" + +- name: General | Account Management | Provisioning Configuration | Miner | Print + debug: + var: "{{ item }}" + loop: + - miner + - amdgpu + - nanominer + - nanominer_cpu + - nanominer_cpu_pool + - nanominer_gpu + - nanominer_gpus + - nanominer_gpu_pool + - eth_minhashrate + - ethminer + - nvidia + + +## Server ## + +- name: General | Account Management | Provisioning Configuration | Server | Create + blockinfile: + path: "{{ srv_file }}" + block: | + ;;;;;;; Parameters ;;;;;; + ; + ; enable : Set to true for system to be considered a server. + ; + ; domain : Set to the domain which gives the server its FQDN. + ; Example: hyperling.com + ; + ; onlyoffice : Set to true for this server to be configured as an OnlyOffice server. + ; + ; grafana : Set to true for this server to be configured as an Grafana web server. + ; + ; influxdb1 : Set to true for this server to be configured as an Influx 1 DB server. + ; + ; influxdb2 : Set to true for this server to be configured as an Influx 2 DB + web server. + ; + ; certbot : Set to true to add cron job for `certbot renew`. + ; + ; hugo : Set to true to install HUGO static website generator. + ; + ; gitlab : ee - Installs Enterprise Edition Free Tier. Basically CE with an easier upgrade path for Paid Features. + ; ce - Installs Community Edition. Excludes paid features if you'll never use them. Supposedly difficult to move to EE. + ; Example: ce + ; + ; gitlab_url : The URL prefix for the server. Using 'http://mygitlabserver' would result in "http://mygitlabserver.((domain))". + ; Regardless of whether you choose http or https, the Certbot config will be skipped since the maintainer uses a reverse proxy. + ; Example: https://gitlab + ; + [global] + marker: '; {mark} MANAGED BY ANSIBLE | Server Config' + state: present + create: yes + backup: yes + +- name: General | Account Management | Provisioning Configuration | Server | Load + set_fact: + server: "{{ lookup('ini', 'enable file={{srv_file}} default=false') }}" + domain: "{{ lookup('ini', 'domain file={{srv_file}} default=hyperling.com') }}" + onlyoffice: "{{ lookup('ini', 'onlyoffice file={{srv_file}} default=false') }}" + grafana: "{{ lookup('ini', 'grafana file={{srv_file}} default=false') }}" + influxdb1: "{{ lookup('ini', 'influxdb1 file={{srv_file}} default=false') }}" + influxdb2: "{{ lookup('ini', 'influxdb2 file={{srv_file}} default=false') }}" + certbot: "{{ lookup('ini', 'certbot file={{srv_file}} default=false') }}" + hugo: "{{ lookup('ini', 'hugo file={{srv_file}} default=false') }}" + gitlab: "{{ lookup('ini', 'gitlab file={{srv_file}} default=false') }}" + gitlab_url: "{{ lookup('ini', 'gitlab_url file={{srv_file}} default=false') }}" + +- name: General | Account Management | Provisioning Configuration | Server | Print + debug: + var: "{{ item }}" + loop: + - server + - domain + - onlyoffice + - grafana + - influxdb1 + - influxdb2 + - certbot + - hugo + - gitlab + - gitlab_url + + +## Exit if not turned on yet ## + +- name: General | Account Management | Provisioning Configuration | Exit Check + shell: echo "Please configure the config files in {{ prov_dir }} then try again." && exit 1 + when: provision != true diff --git a/tasks/general/acct_mgmt/sudo.yml b/tasks/general/acct_mgmt/sudo.yml index 6883561..f6bdbcf 100644 --- a/tasks/general/acct_mgmt/sudo.yml +++ b/tasks/general/acct_mgmt/sudo.yml @@ -15,4 +15,4 @@ dest: "{{ sudoers_install_dir }}" owner: root group: "{{ root_group }}" - mode: 0440 \ No newline at end of file + mode: 0440 diff --git a/tasks/general/acct_mgmt/users.yml b/tasks/general/acct_mgmt/users.yml index 8a218db..c6eb79d 100644 --- a/tasks/general/acct_mgmt/users.yml +++ b/tasks/general/acct_mgmt/users.yml @@ -5,11 +5,11 @@ - name: General | Account Management | Users | Use BASH (Default) set_fact: - ling_shell: "{{ bash_exec.stdout }}" + user_shell: "{{ bash_exec.stdout }}" - name: General | Account Management | Users | Use ZSH (Arch+Manjaro) set_fact: - ling_shell: "{{ zsh_exec.stdout }}" + user_shell: "{{ zsh_exec.stdout }}" when: ansible_distribution == "Archlinux" @@ -38,23 +38,23 @@ - name: General | Account Management | Users | Hyperling user: - name: ling - comment: Hyperling + name: "{{ user }}" + comment: "{{ user_desc }}" groups: - sudo - video - render append: yes - shell: "{{ ling_shell }}" + shell: "{{ user_shell }}" create_home: yes generate_ssh_key: yes - register: user_ling + register: user_user - name: General | Account Management | Users | Hyperling | Test Logging In shell: "echo SUCCESS" args: - executable: "{{ ling_shell }}" - become_user: ling + executable: "{{ user_shell }}" + become_user: "{{ user }}" ## Folders ## @@ -76,14 +76,14 @@ state: directory mode: '0755' loop: - - "{{ user_ling.home }}/bin" - - "{{ user_ling.home }}/LBRY" - - "{{ user_ling.home }}/TRASH" - become_user: ling - when: user_ling.home != "" + - "{{ user_user.home }}/bin" + - "{{ user_user.home }}/LBRY" + - "{{ user_user.home }}/TRASH" + become_user: "{{ user }}" + when: user_user.home != "" - name: General | Account Management | Users | Folders | Home Directories 700 - shell: "chmod 700 {{ user_ling.home }}/../*" + shell: "chmod 700 {{ user_user.home }}/../*" ## Files ## @@ -153,6 +153,21 @@ bye: | alias bye="{{ shutdown_command }}" alias goodbye="update -y && bye" + metasploit: | + alias metasploit="msfconsole" + alias hax="metasploit" + show_config: | + alias show-config-gen="cat {{ gen_file }}" + alias show-config-wrk="cat {{ wrk_file }}" + alias show-config-mnr="cat {{ mnr_file }}" + alias show-config-srv="cat {{ srv_file }}" + alias show-config-all="show-config-gen && echo '' && show-config-wrk && echo '' && show-config-mnr && echo '' && show-config-srv" + alias show-config="show-config-all" + edit_config: | + alias edit-config-gen="sudo $EDITOR {{ gen_file }}" + alias edit-config-wrk="sudo $EDITOR {{ wrk_file }}" + alias edit-config-mnr="sudo $EDITOR {{ mnr_file }}" + alias edit-config-srv="sudo $EDITOR {{ srv_file }}" - name: General | Account Management | Users | Files | Common Variable set_fact: @@ -171,6 +186,9 @@ {{ editor }} {{ init_aliases }} {{ bye }} + {{ metasploit }} + {{ show_config }} + {{ edit_config }} - name: General | Account Management | Users | Files | .bashrc blockinfile: @@ -184,9 +202,9 @@ backup: yes loop: - "{{ user_root.home }}" - - "{{ user_ling.home }}" + - "{{ user_user.home }}" ignore_errors: yes - when: user_root.home != "" and user_ling.home != "" + when: user_root.home != "" and user_user.home != "" - name: General | Account Management | Users | Files | .zshrc blockinfile: @@ -200,6 +218,6 @@ backup: yes loop: - "{{ user_root.home }}" - - "{{ user_ling.home }}" + - "{{ user_user.home }}" ignore_errors: yes - when: user_root.home != "" and user_ling.home != "" + when: user_root.home != "" and user_user.home != "" diff --git a/tasks/general/cron/ansible.yml b/tasks/general/cron/ansible.yml index 3604108..33a8e92 100644 --- a/tasks/general/cron/ansible.yml +++ b/tasks/general/cron/ansible.yml @@ -5,7 +5,7 @@ cron: user: ansible name: "Ansible Sync" - minute: "*/15" + minute: "*/30" job: "sudo {{ ansible_pull_exec.stdout }} -o -U https://github.com/Hyperling/ansible.git --checkout {{ branch }}" state: present disabled: no @@ -33,7 +33,7 @@ user: ansible name: "{{ item.name }}" minute: "05,20,35,50" - job: "sudo scp {{ item.src }} {{ item.dest }}" + job: "ls {{ item.src }} 2>/dev/null 1>&2 && sudo scp {{ item.src }} {{ item.dest }} && sudo sh -c 'rm -rfv {{ item.src }}'" state: present disabled: no loop: @@ -55,4 +55,4 @@ - { name: 'Heartbeat Report' } - { name: 'Lynis Report' } - { name: 'NMap Report' } - when: leet_drive_details.stat.exists \ No newline at end of file + when: leet_drive_details.stat.exists diff --git a/tasks/general/cron/root.yml b/tasks/general/cron/root.yml index cf369b6..439444b 100644 --- a/tasks/general/cron/root.yml +++ b/tasks/general/cron/root.yml @@ -28,4 +28,4 @@ job: "As a wise man once said, I'm disabled." state: absent disabled: yes - when: leet_drive_details.stat.exists \ No newline at end of file + when: leet_drive_details.stat.exists diff --git a/tasks/general/finish.yml b/tasks/general/finish.yml index 6b24074..eba1c93 100644 --- a/tasks/general/finish.yml +++ b/tasks/general/finish.yml @@ -2,6 +2,11 @@ # Tasks related to finishing ansible-pull # EG: End timer, start conflicting jobs, etc +- name: General | Finish | Ansible Pull Report | Debug + debug: + var: leet_drive_details + when: leet_drive_details is defined + - name: General | Finish | Ansible Pull Report | Finish File shell: "echo 'FINISH' >> {{ ansible_pull_report }}" when: leet_drive_details.stat.exists diff --git a/tasks/general/scripts/root.yml b/tasks/general/scripts/root.yml index b15180e..7fc695a 100644 --- a/tasks/general/scripts/root.yml +++ b/tasks/general/scripts/root.yml @@ -25,7 +25,7 @@ path: "{{ user_root.home }}/bin/push.sh" block: | # 20210215 - Make life even easier! - ssh ling@leet "cd Code/Ansible/ansible-pull; git push" + ssh {{ user }}@leet "cd Code/Ansible/ansible-pull; git push" marker: '{mark}' marker_begin: "#!{{ bash_exec.stdout }}" marker_end: "exit 0" diff --git a/tasks/general/scripts/user.yml b/tasks/general/scripts/user.yml index 69a0226..843f891 100644 --- a/tasks/general/scripts/user.yml +++ b/tasks/general/scripts/user.yml @@ -3,7 +3,7 @@ - name: General | Scripts | User | scm.sh blockinfile: - path: "{{ user_ling.home }}/bin/scm.sh" + path: "{{ user_user.home }}/bin/scm.sh" block: | # 20210211 - Make life easier! push.sh @@ -16,16 +16,16 @@ - name: General | Scripts | User | scm.sh Permissions file: - path: "{{ user_ling.home }}/bin/scm.sh" + path: "{{ user_user.home }}/bin/scm.sh" mode: '0755' - name: General | Scripts | User | push.sh blockinfile: - path: "{{ user_ling.home }}/bin/push.sh" + path: "{{ user_user.home }}/bin/push.sh" block: | # 20210215 - Make life even easier! - ssh ling@leet "cd Code/Ansible/ansible-pull; git push" + ssh {{ user }}@leet "cd Code/Ansible/ansible-pull; git push" marker: '{mark}' marker_begin: "#!{{ bash_exec.stdout }}" marker_end: "exit 0" @@ -34,13 +34,13 @@ - name: General | Scripts | User | push.sh Permissions file: - path: "{{ user_ling.home }}/bin/push.sh" + path: "{{ user_user.home }}/bin/push.sh" mode: '0755' - name: General | Scripts | User | scm-dev.sh blockinfile: - path: "{{ user_ling.home }}/bin/scm-dev.sh" + path: "{{ user_user.home }}/bin/scm-dev.sh" block: | # 20210713 - Make life easier for development! @@ -66,5 +66,5 @@ - name: General | Scripts | User | scm-dev.sh Permissions file: - path: "{{ user_ling.home }}/bin/scm-dev.sh" + path: "{{ user_user.home }}/bin/scm-dev.sh" mode: '0755' diff --git a/tasks/general/software/metasploit.yml b/tasks/general/software/metasploit.yml new file mode 100644 index 0000000..5a689b5 --- /dev/null +++ b/tasks/general/software/metasploit.yml @@ -0,0 +1,12 @@ +--- +# Install Metasploit Framework + +- name: General | Software | Metasploit | Install + shell: "{{ item }}" + loop: + - curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall + - chmod 755 msfinstall + - mkdir -p /usr/local/bin/ + - mv ./msfinstall /usr/local/bin/msfinstall + - msfinstall + when: ansible_system in ("Linux", "Darwin") diff --git a/tasks/general/software/services.yml b/tasks/general/software/services.yml index f7abe3a..9f9e01f 100644 --- a/tasks/general/software/services.yml +++ b/tasks/general/software/services.yml @@ -60,7 +60,7 @@ create: no backup: yes loop: - - { "key": '^[\#]?AllowUsers', "value": 'AllowUsers ling'} + - { "key": '^[\#]?AllowUsers', "value": 'AllowUsers {{ user }}'} - { "key": '^[\#]?PermitRootLogin', "value": 'PermitRootLogin no'} - { "key": '^[\#]?AllowTcpForwarding', "value": 'AllowTcpForwarding no'} - { "key": '^[\#]?ClientAliveInterval', "value": 'ClientAliveInterval 60'} @@ -84,7 +84,7 @@ create: no backup: yes loop: - - { "key": '^[\#]?AllowUsers', "value": 'AllowUsers root ling'} + - { "key": '^[\#]?AllowUsers', "value": 'AllowUsers root {{ user }}'} - { "key": '^[\#]?PermitRootLogin', "value": 'PermitRootLogin yes'} - { "key": '^[\#]?MaxSessions', "value": 'MaxSessions 5'} when: "'pve' in ansible_kernel" @@ -94,4 +94,4 @@ name: "{{ sshd }}" pattern: "{{ sshd_pattern }}" state: reloaded - enabled: yes \ No newline at end of file + enabled: yes diff --git a/tasks/general/start.yml b/tasks/general/start.yml index 547f317..20f45dc 100644 --- a/tasks/general/start.yml +++ b/tasks/general/start.yml @@ -14,4 +14,4 @@ - name: General | Start | Ansible Pull Report | Add Date Entry shell: "date >> {{ ansible_pull_report }}" - when: leet_drive_details.stat.exists \ No newline at end of file + when: leet_drive_details.stat.exists diff --git a/tasks/general/tests/lynis.yml b/tasks/general/tests/lynis.yml index 6a5517b..01d69cd 100644 --- a/tasks/general/tests/lynis.yml +++ b/tasks/general/tests/lynis.yml @@ -30,4 +30,4 @@ - name: General | Tests | Lynis | Make Report Readable file: path: "{{ lynis_report }}" - mode: '0777' \ No newline at end of file + mode: '0777' diff --git a/tasks/general/tests/nmap.yml b/tasks/general/tests/nmap.yml index 4f269f9..1574cb5 100644 --- a/tasks/general/tests/nmap.yml +++ b/tasks/general/tests/nmap.yml @@ -10,4 +10,4 @@ - name: General | Tests | nmap | Make Viewable file: path: "{{ nmap_report }}" - mode: '0777' \ No newline at end of file + mode: '0777' diff --git a/tasks/miner/acct_mgmt/users.yml b/tasks/miner/acct_mgmt/users.yml index 89589fe..9b5a79e 100644 --- a/tasks/miner/acct_mgmt/users.yml +++ b/tasks/miner/acct_mgmt/users.yml @@ -20,4 +20,4 @@ - render append: yes shell: "{{ bash_exec.stdout }}" - register: user_mfn \ No newline at end of file + register: user_mfn diff --git a/tasks/miner/cron/mfn.yml b/tasks/miner/cron/mfn.yml index a13a056..bc81a14 100644 --- a/tasks/miner/cron/mfn.yml +++ b/tasks/miner/cron/mfn.yml @@ -20,4 +20,4 @@ job: "{{ item.command }}" state: present disabled: "{{ not(item.enabled) }}" - loop: "{{ miners }}" \ No newline at end of file + loop: "{{ miners }}" diff --git a/tasks/miner/debug.yml b/tasks/miner/debug.yml index 1fb9d73..6e2fa84 100644 --- a/tasks/miner/debug.yml +++ b/tasks/miner/debug.yml @@ -9,4 +9,4 @@ - nanominer - nanominer_cpu - nanominer_gpu - - nanominer_gpus \ No newline at end of file + - nanominer_gpus diff --git a/tasks/miner/drivers/amdgpu.yml b/tasks/miner/drivers/amdgpu.yml index 8934edc..22a7471 100644 --- a/tasks/miner/drivers/amdgpu.yml +++ b/tasks/miner/drivers/amdgpu.yml @@ -161,7 +161,7 @@ ## Step 3/3: Install AMD PRO Driver ## - name: Miner | Driver | AMDGPU | Download Driver - shell: 'scp ling@leet:InstallFiles/Drivers/amdgpu-pro-20.45-1188099-ubuntu-20.04.tar.xz {{ root_home.stdout }}/Downloads/' + shell: 'scp {{ user }}@leet:InstallFiles/Drivers/amdgpu-pro-20.45-1188099-ubuntu-20.04.tar.xz {{ root_home.stdout }}/Downloads/' when: amdgpu_install.failed or "1" == "1" - name: Miner | Driver | AMDGPU | Extract Tarball @@ -205,4 +205,4 @@ - name: Miner | Driver | AMDGPU | Test Results debug: var: clinfo - ignore_errors: yes \ No newline at end of file + ignore_errors: yes diff --git a/tasks/miner/software/ethminer.yml b/tasks/miner/software/ethminer.yml index acfda03..23c85ec 100644 --- a/tasks/miner/software/ethminer.yml +++ b/tasks/miner/software/ethminer.yml @@ -69,12 +69,12 @@ set_fact: opencl_flag: "ON" sys_opencl_flag: "OFF" - when: amdgpu is defined + when: amdgpu == true - name: Miner | Software | Ethminer | Determine CUDA Flag set_fact: cuda_flag: "ON" - when: nvidia is defined + when: nvidia == true - name: Miner | Software | Ethminer | Determine DBUS Flag set_fact: @@ -110,6 +110,6 @@ - name: Miner | Software | Ethminer | Script shell: "{{ item }}" loop: - - "scp ling@leet:InstallFiles/Miners/ethminer/ethminer.sh {{ user_mfn.home }}/" + - "scp {{ user }}@leet:InstallFiles/Miners/ethminer/ethminer.sh {{ user_mfn.home }}/" - "chmod 755 {{ user_mfn.home }}/ethminer.sh" - - "chown {{ user_mfn.user }} {{ user_mfn.home }}/ethminer.sh" \ No newline at end of file + - "chown {{ user_mfn.user }} {{ user_mfn.home }}/ethminer.sh" diff --git a/tasks/miner/software/nanominer.yml b/tasks/miner/software/nanominer.yml index b29855f..e576ec4 100644 --- a/tasks/miner/software/nanominer.yml +++ b/tasks/miner/software/nanominer.yml @@ -52,7 +52,7 @@ loop: - { "algorithm": "RandomX", "wallet": '{{ wallet_xmr }}', "state": "{{ (nanominer_cpu == 'xmr') | ternary('present', 'absent') }}"} become_user: mfn - when: nanominer_cpu is defined + when: nanominer_cpu != false - name: Miner | Software | Nanominer | Configuration | CPU | Add Pools lineinfile: @@ -62,7 +62,7 @@ create: no loop: "{{ cpu_pool }}" become_user: mfn - when: nanominer_cpu is defined + when: nanominer_cpu != false - name: Miner | Software | Nanominer | Configuration | CPU | End Section lineinfile: @@ -71,7 +71,7 @@ state: present create: no become_user: mfn - when: nanominer_cpu is defined + when: nanominer_cpu != false # Add Spacing # @@ -117,7 +117,7 @@ loop: - { "algorithm": "Ethash", "wallet": '{{ wallet_eth }}', "state": "{{ (nanominer_gpu == 'eth') | ternary('present', 'absent') }}"} become_user: mfn - when: nanominer_gpu is defined + when: nanominer_gpu != false - name: Miner | Software | Nanominer | Configuration | GPU | Add Pools lineinfile: @@ -127,7 +127,7 @@ create: no loop: "{{ gpu_pool }}" become_user: mfn - when: nanominer_gpu is defined + when: nanominer_gpu != false - name: Miner | Software | Nanominer | Configuration | GPU | End Section lineinfile: @@ -136,7 +136,7 @@ state: present create: no become_user: mfn - when: nanominer_gpu is defined + when: nanominer_gpu != false @@ -184,4 +184,4 @@ - name: Miner | Software | Nanominer | Reload shell: "killall {{ nanominer_script }}; killall {{ nanominer_exec }}; killall nanominer.sh; killall nanominer" become_user: mfn - ignore_errors: yes \ No newline at end of file + ignore_errors: yes diff --git a/tasks/miner/software/xmr-stak-cpu.yml b/tasks/miner/software/xmr-stak-cpu.yml index 3829928..87636f6 100644 --- a/tasks/miner/software/xmr-stak-cpu.yml +++ b/tasks/miner/software/xmr-stak-cpu.yml @@ -3,4 +3,4 @@ - name: Miner | Software | XMR-Stak-CPU shell: exit 0 - when: '"1" == "0"' \ No newline at end of file + when: '"1" == "0"' diff --git a/tasks/server/cron/certbot.yml b/tasks/server/cron/certbot.yml index edc1792..aaaa1ce 100644 --- a/tasks/server/cron/certbot.yml +++ b/tasks/server/cron/certbot.yml @@ -13,4 +13,4 @@ special_time: weekly state: present disabled: no - when: certbot is defined and certbot.stdout is defined \ No newline at end of file + when: certbot == true and certbot.stdout is defined diff --git a/tasks/server/software/gitlab.yml b/tasks/server/software/gitlab.yml index 6c2fed0..e854811 100644 --- a/tasks/server/software/gitlab.yml +++ b/tasks/server/software/gitlab.yml @@ -10,7 +10,7 @@ - name: "Server | Software | GitLab | Checks | Host Variable [gitlab_url]={{ gitlab_url }}" set_fact: gitlab_url: "https://gitlab" - when: gitlab_url is not defined + when: gitlab_url is not defined or not gitlab - name: Server | Software | GitLab | Checks | Play Variables set_fact: diff --git a/tasks/server/software/grafana.yml b/tasks/server/software/grafana.yml index 4779bbc..2b4343b 100644 --- a/tasks/server/software/grafana.yml +++ b/tasks/server/software/grafana.yml @@ -37,4 +37,4 @@ - systemctl start grafana-server ## SMTP ## -# TODO allow server to send mail for invites, alerting, and password resets. \ No newline at end of file +# TODO allow server to send mail for invites, alerting, and password resets. diff --git a/tasks/server/software/influxdb1.yml b/tasks/server/software/influxdb1.yml index c7b2be1..3f51f3f 100644 --- a/tasks/server/software/influxdb1.yml +++ b/tasks/server/software/influxdb1.yml @@ -25,4 +25,4 @@ - influx -execute "create database main" - influx -execute "show databases" - influx -database main -execute "INSERT cpu,host=success,region=test value=1.00" - when: influxdb_check.failed \ No newline at end of file + when: influxdb_check.failed diff --git a/tasks/server/software/influxdb2.yml b/tasks/server/software/influxdb2.yml index 1d1e259..677dd5c 100644 --- a/tasks/server/software/influxdb2.yml +++ b/tasks/server/software/influxdb2.yml @@ -22,4 +22,4 @@ - name: Server | InfluxDB2 | Config shell: "{{ item }}" loop: - - influx setup -f -u ling -p initpassword -o Hyperling -b main -r 0 \ No newline at end of file + - influx setup -f -u {{ user }} -p initpassword -o Hyperling -b main -r 0 diff --git a/tasks/server/software/onlyoffice.yml b/tasks/server/software/onlyoffice.yml index 9ffdf47..2ad17f6 100644 --- a/tasks/server/software/onlyoffice.yml +++ b/tasks/server/software/onlyoffice.yml @@ -93,4 +93,4 @@ - name: Server | OnlyOffice | HTTPS | Reload nginx service: name: nginx - status: reloaded \ No newline at end of file + status: reloaded diff --git a/tasks/workstation/freebsd/cron/ansible.yml b/tasks/workstation/freebsd/cron/ansible.yml index a0bcb13..4090aeb 100644 --- a/tasks/workstation/freebsd/cron/ansible.yml +++ b/tasks/workstation/freebsd/cron/ansible.yml @@ -9,4 +9,3 @@ job: "sudo freebsd-update cron -t me@hyperling.com" state: present disabled: no - \ No newline at end of file diff --git a/tasks/workstation/linux/cron/ansible.yml b/tasks/workstation/linux/cron/ansible.yml index ace3bdc..e1c1511 100644 --- a/tasks/workstation/linux/cron/ansible.yml +++ b/tasks/workstation/linux/cron/ansible.yml @@ -16,7 +16,7 @@ user: ansible name: "Update User Flatpaks" special_time: hourly - job: "sudo -u ling flatpak update --noninteractive" + job: "sudo -u {{ user }} flatpak update --noninteractive" state: present disabled: no - when: flatpak_distro \ No newline at end of file + when: flatpak_distro diff --git a/tasks/workstation/linux/software/brave.yml b/tasks/workstation/linux/software/brave.yml index 9dee2b6..8d19ae0 100644 --- a/tasks/workstation/linux/software/brave.yml +++ b/tasks/workstation/linux/software/brave.yml @@ -1,22 +1,37 @@ --- -# Everything needed to install Brave with apt +# Everything needed to install Brave -- name: Workstation | Software | Brave | Pre-Reqs +- name: Workstation | Software | Brave | Pre-Reqs [apt] package: name: - apt-transport-https - - curl state: present + when: ansible_pkg_mgr == "apt" -- name: Workstation | Software | Brave | Add Repo +- name: Workstation | Software | Brave | Pre-Reqs [dnf] + package: + name: + - dnf-plugins-core + state: present + when: ansible_pkg_mgr == "dnf" + +- name: Workstation | Software | Brave | Add Repo [apt] shell: "{{ item }}" loop: - curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg - echo "deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg arch=amd64] https://brave-browser-apt-release.s3.brave.com/ stable main" | tee /etc/apt/sources.list.d/brave-browser-release.list - apt update + when: ansible_pkg_mgr == "apt" + +- name: Workstation | Software | Brave | Add Repo [dnf] + shell: "{{ item }}" + loop: + - dnf config-manager --add-repo https://brave-browser-rpm-release.s3.brave.com/x86_64/ + - rpm --import https://brave-browser-rpm-release.s3.brave.com/brave-core.asc + when: ansible_pkg_mgr == "dnf" - name: Workstation | Software | Brave | Install package: name: - brave-browser - state: present \ No newline at end of file + state: present diff --git a/tasks/workstation/linux/software/debs.yml b/tasks/workstation/linux/software/debs.yml index 386c2ab..2b73f28 100644 --- a/tasks/workstation/linux/software/debs.yml +++ b/tasks/workstation/linux/software/debs.yml @@ -7,4 +7,4 @@ state: present loop: - atomicwallet - ignore_errors: yes \ No newline at end of file + ignore_errors: yes diff --git a/tasks/workstation/linux/software/flatpaks.yml b/tasks/workstation/linux/software/flatpaks.yml index 2c01430..4b641e1 100644 --- a/tasks/workstation/linux/software/flatpaks.yml +++ b/tasks/workstation/linux/software/flatpaks.yml @@ -27,7 +27,7 @@ - name: Workstation | Linux | Flatpak Distro | Flatpak | Variables set_fact: - flatpak_exec_dir: "{{ user_ling.home }}/bin" + flatpak_exec_dir: "{{ user_user.home }}/bin" flatpak_exec: "flatpak run" - name: Workstation | Linux | Flatpak Distro | Flatpak | Arrays @@ -83,7 +83,7 @@ state: present create: yes loop: "{{ flatpaks_generic }}" - become_user: ling + become_user: "{{ user }}" - name: Workstation | Linux | Flatpak Distro | Flatpak | Generic | Executable Permissions file: @@ -101,7 +101,7 @@ state: present loop: "{{ flatpaks_coding }}" ignore_errors: yes - when: coding is defined + when: coding == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Coding | Executables blockinfile: @@ -114,8 +114,8 @@ state: present create: yes loop: "{{ flatpaks_coding }}" - become_user: ling - when: coding is defined + become_user: "{{ user }}" + when: coding == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Coding | Executable Permissions file: @@ -123,7 +123,7 @@ state: file mode: '0755' loop: "{{ flatpaks_coding }}" - when: coding is defined + when: coding == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Coding | Uninstall flatpak: @@ -132,7 +132,7 @@ state: absent loop: "{{ flatpaks_coding }}" ignore_errors: yes - when: coding is not defined + when: not coding == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Coding | Remove Executables file: @@ -140,7 +140,7 @@ state: absent loop: "{{ flatpaks_coding }}" ignore_errors: yes - when: coding is not defined + when: not coding == true # Media Editors # @@ -151,7 +151,7 @@ state: present loop: "{{ flatpaks_editing }}" ignore_errors: yes - when: editing is defined + when: editing == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Audio/Video Editors | Executables blockinfile: @@ -164,8 +164,8 @@ state: present create: yes loop: "{{ flatpaks_editing }}" - become_user: ling - when: editing is defined + become_user: "{{ user }}" + when: editing == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Audio/Video Editors | Executable Permissions file: @@ -173,7 +173,7 @@ state: file mode: '0755' loop: "{{ flatpaks_editing }}" - when: editing is defined + when: editing == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Audio/Video Editor Uninstalls flatpak: @@ -182,7 +182,7 @@ state: absent loop: "{{ flatpaks_editing }}" ignore_errors: yes - when: editing is not defined + when: not editing == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Audio/Video Editors | Remove Executables file: @@ -190,7 +190,7 @@ state: absent loop: "{{ flatpaks_editing }}" ignore_errors: yes - when: editing is not defined + when: not editing == true # Gaming # @@ -201,7 +201,7 @@ state: present loop: "{{ flatpaks_gaming }}" ignore_errors: yes - when: gaming is defined + when: gaming == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Gaming | Executables blockinfile: @@ -214,8 +214,8 @@ state: present create: yes loop: "{{ flatpaks_gaming }}" - become_user: ling - when: gaming is defined + become_user: "{{ user }}" + when: gaming == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Gaming | Executable Permissions file: @@ -223,7 +223,7 @@ state: file mode: '0755' loop: "{{ flatpaks_gaming }}" - when: gaming is defined + when: gaming == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Gaming | Uninstalls flatpak: @@ -232,7 +232,7 @@ state: absent loop: "{{ flatpaks_gaming }}" ignore_errors: yes - when: gaming is not defined + when: not gaming == true - name: Workstation | Linux | Flatpak Distro | Flatpak | Gaming | Remove Executables file: @@ -240,7 +240,7 @@ state: absent loop: "{{ flatpaks_gaming }}" ignore_errors: yes - when: gaming is not defined + when: not gaming == true # Removals # @@ -288,7 +288,7 @@ repo: ppa:lutris-team/lutris update_cache: yes state: present - when: ansible_distribution == "Ubuntu" and gaming is defined + when: ansible_distribution == "Ubuntu" and gaming == true ignore_errors: yes - name: Workstation | Linux | Flatpak Distro | Package Manager | Add Lutris (besides ARM) @@ -296,7 +296,7 @@ name: - lutris state: present - when: ansible_architecture != "aarch64" and gaming is defined + when: ansible_architecture != "aarch64" and gaming == true ignore_errors: yes - name: Workstation | Linux | Flatpak Distro | Package Manager | Remove Lutris (besides ARM) diff --git a/tasks/workstation/mac-os/software/brew.yml b/tasks/workstation/mac-os/software/brew.yml index 09fa9b7..26c7c90 100644 --- a/tasks/workstation/mac-os/software/brew.yml +++ b/tasks/workstation/mac-os/software/brew.yml @@ -20,7 +20,7 @@ - firefox-esr - visual-studio-code status: present - when: coding is defined + when: coding == true - name: Workstation | Mac OS | Software | Brew | Install Packages (Editing) package: @@ -28,7 +28,7 @@ - audacity - shotcut status: present - when: editing is defined + when: editing == true - name: Workstation | Mac OS | Software | Brew | Install Packages (Gaming) package: @@ -36,14 +36,14 @@ - battle-net - steam status: present - when: gaming is defined + when: gaming == true - name: Workstation | Mac OS | Software | Brew | Install Packages (Cycling) package: name: - zwift status: present - when: cycling is defined + when: cycling == true #- name: Workstation | Mac OS | Software | Brew | Remove Packages # package: diff --git a/tasks/workstation/settings/gnome.yml b/tasks/workstation/settings/gnome.yml index 6a81654..8102dfd 100644 --- a/tasks/workstation/settings/gnome.yml +++ b/tasks/workstation/settings/gnome.yml @@ -42,7 +42,7 @@ - name: Workstation | Account Management | GNOME | Dash To Dock | Check shell: "cd ~/.local/share/gnome-shell/extensions/dash-to-dock@micxgx.gmail.com/" - become_user: ling + become_user: "{{ user }}" register: dash_to_dock_exists ignore_errors: yes @@ -56,7 +56,7 @@ clone: yes force: no version: master - become_user: ling + become_user: "{{ user }}" when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed - name: Workstation | Account Management | GNOME | Dash To Dock | Install | Dependencies @@ -70,14 +70,14 @@ - name: Workstation | Account Management | GNOME | Dash To Dock | Install | Make shell: "cd ~/TRASH/dash-to-dock/; {{ make }}; {{ make }} install" - become_user: ling + become_user: "{{ user }}" when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed - name: Workstation | Account Management | GNOME | Dash To Dock | Read Enabled Extension Array dconf: key: /org/gnome/shell/enabled-extensions state: read - become_user: ling + become_user: "{{ user }}" register: gnome_enabled_extensions when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed @@ -134,7 +134,7 @@ key: /org/gnome/shell/enabled-extensions value: "{{ gnome_enabled_extensions | replace(']', dash_to_dock_ext_name) }}" state: present - become_user: ling + become_user: "{{ user }}" when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed # Settings # @@ -144,21 +144,21 @@ key: /org/gnome/shell/extensions/dash-to-dock/dock-position value: "'LEFT'" state: present - become_user: ling + become_user: "{{ user }}" - name: Workstation | Account Management | GNOME | Dash To Dock | Dock Fixed dconf: key: /org/gnome/shell/extensions/dash-to-dock/dock-fixed value: "true" state: present - become_user: ling + become_user: "{{ user }}" - name: Workstation | Account Management | GNOME | Dash To Dock | Icon Size dconf: key: /org/gnome/shell/extensions/dash-to-dock/dash-max-icon-size value: "32" state: present - become_user: ling + become_user: "{{ user }}" - name: Workstation | Account Management | GNOME | Favorites (Linux) dconf: @@ -170,7 +170,7 @@ 'io.lbry.lbry-app.desktop', 'com.valvesoftware.Steam.desktop']" state: present - become_user: ling + become_user: "{{ user }}" when: ansible_system == "Linux" - name: Workstation | Account Management | GNOME | Favorites (FreeBSD) @@ -180,7 +180,7 @@ 'firefox.desktop', 'org.gnome.Evolution.desktop', 'org.mozilla.Thunderbird.desktop', 'code-oss.desktop', 'org.telegram.desktop.desktop']" state: present - become_user: ling + become_user: "{{ user }}" when: ansible_system == "FreeBSD" @@ -192,42 +192,42 @@ key: /org/gnome/desktop/interface/clock-show-date value: "true" state: present - become_user: ling + become_user: "{{ user }}" - name: Workstation | Account Management | GNOME | Interface - 24h Format dconf: key: /org/gnome/desktop/interface/clock-format value: "'24h'" state: present - become_user: ling + become_user: "{{ user }}" - name: Workstation | Account Management | GNOME | Interface - Show Seconds dconf: key: /org/gnome/desktop/interface/clock-show-seconds value: "true" state: present - become_user: ling + become_user: "{{ user }}" - name: Workstation | Account Management | GNOME | Interface - Show Weekday dconf: key: /org/gnome/desktop/interface/clock-show-weekday value: "true" state: present - become_user: ling + become_user: "{{ user }}" - name: Workstation | Account Management | GNOME | Interface - 24h Format dconf: key: /org/gnome/desktop/interface/show-battery-percentage value: "true" state: present - become_user: ling + become_user: "{{ user }}" - name: Workstation | Account Management | GNOME | Interface - Show Week Date dconf: key: /org/gnome/desktop/calendar/show-weekdate value: "true" state: present - become_user: ling + become_user: "{{ user }}" # Never Prompt for Removal Media @@ -246,7 +246,7 @@ key: /org/gnome/desktop/wm/preferences/button-layout value: "'appmenu:minimize,close'" state: present - become_user: ling + become_user: "{{ user }}" # Security @@ -255,14 +255,14 @@ key: /org/gnome/desktop/privacy/disable-camera value: "true" state: present - become_user: ling + become_user: "{{ user }}" - name: Workstation | Account Management | GNOME | Privacy - Microphone dconf: key: /org/gnome/desktop/privacy/disable-microphone value: "true" state: present - become_user: ling + become_user: "{{ user }}" diff --git a/tasks/workstation/settings/nfs.yml b/tasks/workstation/settings/nfs.yml index 9e214a4..71a40d7 100644 --- a/tasks/workstation/settings/nfs.yml +++ b/tasks/workstation/settings/nfs.yml @@ -59,4 +59,4 @@ marker: "# {mark} MANAGED BY ANSIBLE | Media" block: | htpc:/mnt/hdd_unsafe/media {{ media_folder }} nfs {{ mount_options }} {{ mount_number }} {{ mount_number }} - backup: yes \ No newline at end of file + backup: yes