me/env-ansible
me/env-ansible
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Music Studio, Migrate from GitHub to Personal Gitea #1

Merged
me merged 21 commits from dev into main 2025-01-02 13:03:51 -07:00
Conversation 0 Commits 21 Files Changed 16 +151 -412
16 changed files with 151 additions and 412 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -45,7 +45,7 @@ Workstation: Currently failing at `[Workstation | Linux | Flatpak Distro | Packa
### NixOS
99%, still need to get Telegraf going and refactor local.yml but everything else
is working well. It is automatically implementing github.com/Hyperling/NixOS.
is working well. It is automatically implementing git.hyperling.com/me/env-nixos.
## Currently Supported Unix Systems
### FreeBSD 12, 13

13
facts/general/system.yml
View File

@ -8,17 +8,8 @@
st_install_dir: /usr/local/src/st
global_bin: /usr/local/bin
x_desktops: /usr/share/xsessions
repo_github: https://github.com/Hyperling/ansible.git
#repo_local: https://git.hyperling.com/ansible.git
# Local server not working yet, go back to Github even though they throttle me.
repo_local: https://github.com/Hyperling/ansible.git
- name: General | Facts | System | Dev
set_fact:
#repo_local: https://git.hyperling.com/ansible-dev.git
# Local server not working yet, go back to Github even though they throttle me.
repo_local: https://github.com/Hyperling/ansible.git
when: branch == "dev"
git_repo_http: http://{{ git_host }}/{{ git_user }}/{{ git_project }}
git_repo_ssh: ssh://git@{{ git_host }}:{{ git_ssh_port }}/{{ git_user }}/{{ git_project }}
- name: General | Facts | System | Linux

4
files/scripts/nixos.sh
View File

@ -15,7 +15,7 @@ nixos_working_exe=activate.sh
function usage {
echo -e "\nUsage: $PROG -b BRANCH" >&2
cat <<- EOF
Run a setup script for NixOS based on the https://github.com/Hyperling/NixOS project.
Run a setup script for NixOS based on the https://git.hyperling.com/me/env-nixos project.
Parameters:
-b BRANCH: The branch which should be installed, likely 'main' or 'dev'.
@ -48,7 +48,7 @@ fi
cleanup
# Install the Hyperling NixOS configurations.
git clone https://github.com/Hyperling/NixOS --branch $branch $nixos_working_dir
git clone https://git.hyperling.com/me/env-nixos --branch $branch $nixos_working_dir
chmod 755 $nixos_working_dir/$nixos_working_exe
$nixos_working_dir/$nixos_working_exe

13
local.yml
View File

@ -124,9 +124,6 @@
- include_tasks: tasks/workstation/linux/software/packages.yml
when: ansible_system == "Linux"
- include_tasks: tasks/workstation/linux/software/flatpaks.yml
when: ansible_system == "Linux" and flatpak_distro
- include_tasks: tasks/workstation/linux/software/brave.yml
when: ansible_pkg_mgr in ("apt", "dnf", "zypper") and not mobile
@ -156,6 +153,10 @@
- include_tasks: tasks/workstation/shared/settings/services.yml
# Final Tasks (SLOW) #
- include_tasks: tasks/workstation/linux/software/flatpaks.yml
when: ansible_system == "Linux" and flatpak_distro
when: workstation == true
@ -228,12 +229,6 @@
- include_tasks: tasks/server/software/hugo.yml
when: hugo == true
- include_tasks: tasks/server/software/gitlab.yml
when: gitlab and ansible_pkg_mgr in ("apt", "dnf") and ansible_distribution not in ("Fedora")
- include_tasks: tasks/server/software/git.yml
when: git and ansible_pkg_mgr in ("apt")
when: server == true

2
setup.sh
View File

@ -6,7 +6,7 @@
DIR="$(dirname -- "${BASH_SOURCE[0]}")"
PROG="$(basename -- "${BASH_SOURCE[0]}")"
LOCAL=$DIR/local.yml
URL="https://github.com/Hyperling/ansible"
URL="https://git.hyperling.com/me/env-ansible"
BRANCH="main"
## Functions ##

99
tasks/general/acct_mgmt/provision_config.yml
View File

@ -26,7 +26,9 @@
blockinfile:
path: "{{ gen_file }}"
block: |
;;;;;;; Available options - all require lowercase values ;;;;;;
; Please note that all potions require lowercase keys and values.
;
;;;;;;;;;;;;;;;;;;;; Basic Options ;;;;;;;;;;;;;;;;;;;;
;
; enable : Provide true for the provision to occur.
; Default: false
@ -39,22 +41,40 @@
; Example: Thomas, Jerry, Kimberly, Sarah
; Default: Hyperling
;
; branch : Provide the Github branch that the machine should poll.
; Example: main, dev
; Default: main
; sshd_port : Determine the port which SSHD should listen on.
; Example: 12345
; Default: 22
;
; pentesting : Set to true to install tools such as metasploit.
; nmap is already provided for reporting
; Default: false
;
; no_telem : Set to true to avoid setting up telemetry services.
; Disables GitHub updates to this project.
; Disables all telegraf pings.
; Default: false
;;;;;;;;;;;;;;;;;;;; Git Polling ;;;;;;;;;;;;;;;;;;;;
;
; battery : Set to true to attempt to save battery life.
; Slows down the rate of services such as telegraf and cron.
; Default: false
; For syncing this machine to a Git repository of this Ansible project
; in this fashion: ssh://git@GIT_HOST:GIT_SSH_PORT/GIT_USER/GIT_PROJECT
;
; branch : Branch to use on this machine.
; Example: main, dev, prod
; Default: main
;
; git_host : Provide the git host that the machine should poll.
; Example: github.com, gitlab.com. gitea.com
; Default: git.hyperling.com
;
; git_ssh_port : Port of the server host to use for SSH requests.
; Example: 22, 222, 2222
; Default: 22
;
; git_user : Provide the git user which projects are found under.
; Example: Hyperling, JimBobMcGeeJr
; Default: me
;
; git_project : Name of this project on the server host.
; Example: Ansible, ansible-setup, my-env
; Default: env-ansible
;
;;;;;;;;;;;;;;;;;;;; Swap File ;;;;;;;;;;;;;;;;;;;;
;
; swap_block : Set to the block size if dd should create a swapfile.
; Preferably keep this under 2G for integrity sakes, the
@ -70,9 +90,16 @@
; Example: /usr/local/swap
; Default: /swapfile
;
; sshd_port : Determine the port which SSHD should listen on.
; Example: 12345
; Default: 22
;;;;;;;;;;;;;;;;;;;; Sync Frequency ;;;;;;;;;;;;;;;;;;;;
;
; no_telem : Set to true to avoid setting up telemetry services.
; Disables GitHub updates to this project.
; Disables all telegraf pings.
; Default: false
;
; battery : Set to true to attempt to save battery life.
; Slows down the rate of services such as telegraf and cron.
; Default: false
;
[global]
marker: '; {mark} MANAGED BY ANSIBLE | Generic Config'
@ -93,6 +120,10 @@
swap_count: "{{ lookup('ini', 'swap_count file={{gen_file}} default=1') }}"
swap_file: "{{ lookup('ini', 'swap_file file={{gen_file}} default=/swapfile') }}"
sshd_port: "{{ lookup('ini', 'sshd_port file={{gen_file}} default=22') }}"
git_host: "{{ lookup('ini', 'git_host file={{gen_file}} default=git.hyperling.com') }}"
git_user: "{{ lookup('ini', 'git_user file={{gen_file}} default=me') }}"
git_project: "{{ lookup('ini', 'git_project file={{gen_file}} default=env-ansible') }}"
git_ssh_port: "{{ lookup('ini', 'git_ssh_port file={{gen_file}} default=22') }}"
- name: General | Account Management | Provisioning Configuration | General | List
set_fact:
@ -109,6 +140,10 @@
- { 'swap_count': "{{ swap_count }}" }
- { 'swap_file': "{{ swap_file }}" }
- { 'sshd_port': "{{ sshd_port }}" }
- { 'git_host': "{{ git_host }}" }
- { 'git_user': "{{ git_user }}" }
- { 'git_project': "{{ git_project }}" }
- { 'git_ssh_port': "{{ git_ssh_port }}" }
## Workstation ##
@ -279,28 +314,6 @@
;
; hugo : Set to true to install HUGO static website generator.
;
; gitlab : ee - Installs Enterprise Edition Free Tier. Basically CE with an easier upgrade path for Paid Features.
; ce - Installs Community Edition. Excludes paid features if you'll never use them. Supposedly difficult to move to EE.
; Example: ce
;
; gitlab_url : The URL prefix for the server. Using 'http://mygitlabserver' would result in "http://mygitlabserver.((domain))".
; Regardless of whether you choose http or https, the Certbot config will be skipped since the maintainer uses a reverse proxy.
; Example: https://gitlab
;
; git : Set to true for this server to be configured as an HTTP git server.
;
; git_name : Name(s) of project(s) that the Git server should host.
; Example: ansible#ansible-dev
;
; git_branch : Branch(es) of project(s) corresponding with git_name.
; Example: main#dev
;
; git_url : URL(s) of project(s) corresponding with git_name.
; Example: https://github.com/Hyperling/ansible#https://github.com/Hyperling/ansible
;
; git_sep : Separator for git variables above.
; Example: #
;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[global]
marker: '; {mark} MANAGED BY ANSIBLE | Server Config'
@ -318,13 +331,6 @@
influxdb2: "{{ lookup('ini', 'influxdb2 file={{srv_file}} default=false') }}"
certbot: "{{ lookup('ini', 'certbot file={{srv_file}} default=false') }}"
hugo: "{{ lookup('ini', 'hugo file={{srv_file}} default=false') }}"
gitlab: "{{ lookup('ini', 'gitlab file={{srv_file}} default=false') }}"
gitlab_url: "{{ lookup('ini', 'gitlab_url file={{srv_file}} default=false') }}"
git: "{{ lookup('ini', 'git file={{srv_file}} default=false') }}"
git_name: "{{ lookup('ini', 'git_name file={{srv_file}} default=false') }}"
git_branch: "{{ lookup('ini', 'git_branch file={{srv_file}} default=false') }}"
git_url: "{{ lookup('ini', 'git_url file={{srv_file}} default=false') }}"
git_sep: "{{ lookup('ini', 'git_sep file={{srv_file}} default=false') }}"
- name: General | Account Management | Provisioning Configuration | Server | List
set_fact:
@ -338,13 +344,6 @@
- { 'influxdb2': "{{ influxdb2 }}" }
- { 'certbot': "{{ certbot }}" }
- { 'hugo': "{{ hugo }}" }
- { 'gitlab': "{{ gitlab }}" }
- { 'gitlab_url': "{{ gitlab_url }}" }
- { 'git': "{{ git }}" }
- { 'git_name': "{{ git_name }}" }
- { 'git_branch': "{{ git_branch }}" }
- { 'git_url': "{{ git_url }}" }
- { 'git_sep': "{{ git_sep }}" }
## Exit if not turned on yet ##

95
tasks/general/acct_mgmt/users.yml
View File

@ -107,6 +107,16 @@
become_user: "{{ user }}"
when: user_user.home != ""
- name: General | Account Management | Users | User | Create Folders | Coding
file:
path: "{{ item }}"
state: directory
mode: '0755'
loop:
- "{{ user_user.home }}/Code"
become_user: "{{ user }}"
when: user_user.home != "" and coding == true
- name: General | Account Management | Users | Home Permissions
shell: "chmod 700 {{ user_user.home }}/../*"
@ -118,8 +128,6 @@
alias_cp: alias cp='cp -v'
alias_mv: alias mv='mv -v'
alias_rm: alias rm='echo "Use mv ~/TRASH/ instead!"'
alias_clean_dir: alias clean-dir='mv * ~/TRASH/'
alias_clean_trash: alias clean-trash='sh -c "rm -rfv ~/TRASH/*"'
export_path_additions: export PATH="~/bin:"{{ global_bin }}":$PATH"
function_wttr: |
function weather() {
@ -131,7 +139,7 @@
Useful location types:
$zip_code | Ex: 12345
$city,$state | Ex: Austin,Texas
@$domain_dot_extension | Ex: @github.com
@$domain_dot_extension | Ex: @gitea.com
~$special_location | Ex: ~Manitou Incline
Full documentation: https://github.com/chubin/wttr.in'
return 1
@ -161,6 +169,9 @@
unset OPTIND
unset accept
unset goodbye
unset only_sys
unset only_flat
while getopts ":hygsf" opt; do
case $opt in
h) echo -e "$usage"
@ -359,11 +370,23 @@
return 0
}
alias check_trash="check-trash"
alias_clean_trash: alias clean-trash='check-trash --clean'
alias_trash_check: alias trash-check='check-trash'
alias_trash_clean: alias trash-clean='trash-check --clean'
alias_clean_dir: |
function clean-dir() {
clean_dir="`date '+%Y%m%d_%H%M%S'`_CLEANED"
trash_dir="$HOME/TRASH/$clean_dir"
curr_dir="`pwd`"
mkdir -pv "$trash_dir"
echo "$curr_dir is being cleaned at `date`." | tee "$trash_dir"/INFO.txt
mv -v ..?* .[!.]* * "$trash_dir"/ | tee -a "$trash_dir"/INFO.txt
}
function_clean: |
function clean() {
sudo df -h
check-trash --clean
sudo df -h
sudo du -hs
clean-dir
sudo du -hs
}
function_flatpak_usage: |
function flatpak-usage() {
@ -438,10 +461,17 @@
alias_code_check: |
alias code-check='
ls -d ~/Code/* | while read project; do
if [[ ! -d $project ]]; then
continue
fi
echo "*** `basename $project` ***"
cd $project
git pull
git push
if [[ -d .git ]]; then
git pull
git push
else
echo "Not a Git project, skipping!"
fi
done
'
alias_code_reset: |
@ -456,23 +486,33 @@
git checkout dev
done
'
alias_code_reseed: |
alias code-reseed='
unseed_dir="$HOME/TRASH/`date +%Y-%m-%d`_UnseededCodeProjects"
function_code_reseed: |
function git_projects_to_sync {
cat <<- EOF
env-ansible
env-docker
env-termux
nodejs-website
android-break-the-habit
android-tictactoe
android-expense-tracker
android-example-database-room
android-carb-up
ebook-health-protocol
EOF
}
function code-reseed {
unseed_dir="$HOME/TRASH/`date ++%Y%m%d_%H%M%S`_UnseededCodeProjects"
mkdir -pv "$unseed_dir"
mv -v ~/Code/*{ansible,docker,nix,break,website,www,tictactoe,-dev}* \
"$unseed_dir"/ 2>/dev/null
git clone git@github.com:Hyperling/Ansible \
--branch dev ~/Code/ansible-dev
git clone git@github.com:Hyperling/Docker \
--branch dev ~/Code/docker-dev
git clone git@github.com:Hyperling/Website \
--branch dev ~/Code/website-dev
git clone git@github.com:Hyperling/BreakTheHabit \
--branch dev ~/Code/breakthehabit-dev
git clone git@github.com:Hyperling/TicTacToeAndroid \
--branch dev ~/Code/tictactoe-dev
'
mv -v ~/Code/* "$unseed_dir"/ 2>/dev/null
git_repo_ssh={{ git_repo_ssh }}
git_main_project={{ git_project }}
git_repo_ssh_basename=${git_repo_ssh//$git_main_project/}
git_projects_to_sync | while read git_project; do
git clone ${git_repo_ssh_basename}${git_project} \
--branch dev ~/Code/$git_project
done
}
function_clean_filenames: |
function clean-filenames() {
# Must provide the directory you'd like to clean all the filenames in.
@ -503,7 +543,7 @@
echo -e "\nDone!\n"
}
alias_clone: |
alias clone="rsync -auPh --delete"
alias clone="rsync -auPhz --delete"
export_hyperling: |
export HYPERLING6="2a07:e03:3:80::1"
export HYPERLING4="185.130.47.173"
@ -513,6 +553,8 @@
if [[ -e $DOCKER_SOURCE && $LOGNAME == "root" ]]; then
source $DOCKER_SOURCE
fi
alias_scan: |
alias scan="nmap -A -p- --script=vuln"
- name: General | Account Management | Users | Files | Common Variable
set_fact:
@ -547,12 +589,13 @@
{{ alias_docker_restart }}
{{ alias_code_check }}
{{ alias_code_reset }}
{{ alias_code_reseed }}
{{ function_code_reseed }}
{{ function_clean_filenames }}
{{ function_clean_filenames_tree }}
{{ alias_clone }}
{{ export_hyperling }}
{{ source_docker_env }}
{{ alias_scan }}
- name: General | Account Management | Users | Files | .bashrc
blockinfile:

2
tasks/general/cron/ansible.yml
View File

@ -6,7 +6,7 @@
user: ansible
name: "Ansible Sync"
minute: "*/30"
job: "sudo {{ ansible_pull_exec.stdout }} -o -U {{ repo_local }} --checkout {{ branch }}"
job: "sudo {{ ansible_pull_exec.stdout }} -o -U {{ git_repo_http }} --checkout {{ branch }}"
state: present
disabled: "{{ 'yes' if no_telem else 'no' }}"

4
tasks/general/scripts/root.yml
View File

@ -6,7 +6,7 @@
path: "{{ user_root.home }}/bin/scm.sh"
block: |
# 20210211 - Make life easier!
git clone {{ repo_github }} ansible-pull
git clone {{ git_repo_http }} ansible-pull
ansible-pull/setup.sh
mv ansible-pull ~/TRASH/
marker: '{mark}'
@ -37,7 +37,7 @@
## Main ##
time {{ ansible_pull_exec.stdout }} -U {{ repo_github }} --checkout $branch
time {{ ansible_pull_exec.stdout }} -U {{ git_repo_http }} --checkout $branch
marker: '{mark}'
marker_begin: "#!{{ bash_exec.stdout }}"

4
tasks/general/scripts/user.yml
View File

@ -6,7 +6,7 @@
path: "{{ user_user.home }}/bin/scm.sh"
block: |
# 20210211 - Make life easier!
git clone {{ repo_github }} ansible-pull
git clone {{ git_repo_http }} ansible-pull
ansible-pull/setup.sh
mv ansible-pull ~/TRASH/
marker: '{mark}'
@ -37,7 +37,7 @@
## Main ##
time sudo {{ ansible_pull_exec.stdout }} -U {{ repo_github }} --checkout $branch
time sudo {{ ansible_pull_exec.stdout }} -U {{ git_repo_http }} --checkout $branch
marker: '{mark}'
marker_begin: "#!{{ bash_exec.stdout }}"

4
tasks/general/software/nixos.yml
View File

@ -1,5 +1,5 @@
---
# Update the Nix configuration at github.com/Hyperling/NixOS.
# Update the Nix configuration at git.hyperling.com/me/env-nixos.
# This is also done in setup.sh if ansible is not found.
- name: General | Software | NixOS | Facts
@ -19,7 +19,7 @@
blockinfile:
path: /etc/nixos/ansible.nix
block: |
# This file was created by https://github.com/Hyperling/Ansible
# This file was created by https://git.hyperling.com/me/env-ansible
# Please do not alter it by hand. Use the proper ini files instead.
{ config, pkgs, nix, ... }:

1
tasks/general/software/packages.yml
View File

@ -55,6 +55,7 @@
- vim
- "{{ cron }}"
- "{{ encfs }}"
- rsync
state: present
- name: General | Software | Packages | Install Software (DEV)

191
tasks/server/software/git.yml
View File

@ -1,191 +0,0 @@
---
# Webserver to replace calling GitHub for projects.
# https://www.howtoforge.com/how-to-install-http-git-server-with-nginx-on-debian-11/
#TODO: Use gitweb instead??? I knew there was an easier way than apache/nginx/python stuff...
# https://git-scm.com/docs/gitweb
# Gitweb is nice but doesn;t seem like it allowes cloning.
# Need to figure out how to get git:// to work, fix SSL locally, or somehow use http local and https when external..
## Variables ##
- name: Server | Software | HTTPS Git Server | Check Config Variables
debug:
var: "{{ item }}"
loop:
- git_name
- git_branch
- git_url
- git_sep
- name: Server | Software | HTTPS Git Server | Split Config Variables To Array
set_fact:
git_names: "{{ git_name.split(git_sep) }}"
git_branches: "{{ git_branch.split(git_sep) }}"
git_urls: "{{ git_url.split(git_sep) }}"
git_projects: []
- name: Server | Software | HTTPS Git Server | Check Arrays
debug:
var: "{{ item }}"
loop:
- git_names
- git_branches
- git_urls
- name: Server | Software | HTTPS Git Server | Build Dictionary
set_fact:
git_projects: "{{ git_projects + [{ 'name': git_names[item], 'branch': git_branches[item], 'url': git_urls[item] }] }}"
loop: "{{ range(0, git_names|length) | list }}"
- name: Server | Software | HTTPS Git Server | Display Dictionary
debug:
var: git_projects
- name: Server | Software | HTTPS Git Server | Variables 1
set_fact:
git_web_root: /var/www/html/git
git_config_file: /etc/nginx/conf.d/git.conf
git_nginx_user: www-data
git_ssl_dir: /usr/local/etc/ssl/private
git_ssl_cert_name: cert.pem
git_ssl_key_name: key.pem
- name: Server | Software | HTTPS Git Server | Variables 2
set_fact:
git_cron_commands: "git pull --rebase && cd {{ git_web_root }}/ && chown -R {{ git_nginx_user }} . && chmod -R 775 ."
git_ssl_cert: "{{ git_ssl_dir }}/{{ git_ssl_cert_name }}"
git_ssl_key: "{{ git_ssl_dir }}/{{ git_ssl_key_name }}"
## Pre-reqs ##
- name: Server | Software | HTTPS Git Server | Install
package:
name:
- nginx
- git
- fcgiwrap
- apache2-utils
- unzip
state: present
when: ansible_pkg_mgr == "apt"
- name: Server | Software | HTTPS Git Server | SSL Certificate
shell: "{{ item }}"
loop:
- mkdir -p {{ git_ssl_dir }}
- openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout {{ git_ssl_key }} -out {{ git_ssl_cert }} -subj "/C=XX/ST=STATELESS/L=HOMELAB/O={{ domain }}/OU=Git Server/CN={{ domain }}"
## Repositories ##
- name: Server | Software | HTTPS Git Server | Delete
file:
path: "{{ git_web_root }}"
state: absent
- name: Server | Software | HTTPS Git Server | Download
git:
repo: "{{ item.url }}"
dest: "{{ git_web_root }}/{{ item.name }}.git"
version: "{{ item.branch }}"
clone: yes
force: yes
ignore_errors: yes
loop: "{{ git_projects }}"
- name: Server | Software | HTTPS Git Server | Permissions
file:
path: "{{ git_web_root }}/{{ item.name }}.git"
state: directory
mode: '755'
owner: "{{ git_nginx_user }}"
group: "{{ git_nginx_user }}"
recurse: yes
loop: "{{ git_projects }}"
## NGINX ##
- name: Server | Software | HTTPS Git Server | Index
blockinfile:
path: "{{ git_web_root }}/index.html"
block: |
{{ item.name }}.git is cloned from {{ item.url }} using branch {{ item.branch }}.
state: present
mode: '755'
owner: "{{ git_nginx_user }}"
group: "{{ git_nginx_user }}"
create: yes
backup: yes
marker: "<!-- {mark} {{ item.name }} -->"
loop: "{{ git_projects }}"
- name: Server | Software | HTTPS Git Server | Config
blockinfile:
path: "{{ git_config_file }}"
block: |
server {
listen 443;
server_name {{ ansible_hostname }}.{{ domain }};
ssl_certificate {{ git_ssl_cert }};
ssl_certificate_key {{ git_ssl_key }};
root {{ git_web_root }};
# Add index.php to the list if you are using PHP
index index.html;
#autoindex on;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location ~ (/.*) {
client_max_body_size 0;
#auth_basic "Hyperling's Git Login";
#auth_basic_user_file "{{ git_web_root }}/htpasswd";
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
fastcgi_param GIT_HTTP_EXPORT_ALL "";
fastcgi_param GIT_PROJECT_ROOT {{ git_web_root }};
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $1;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
}
state: present
mode: '755'
create: yes
backup: yes
marker: "# {mark} Managed By Ansible Git Server Playbook -->"
- name: Server | Software | HTTPS Git Server | Service
service:
name: nginx
pattern: nginx
enabled: yes
state: restarted
## Cron ##
- name: Server | Software | HTTPS Git Server | Cron | Hourly
cron:
name: "{{ item.name }} hourly"
special_time: hourly
job: "cd {{ git_web_root }}/{{ item.name }}.git && {{ git_cron_commands }}"
loop: "{{ git_projects }}"
- name: Server | Software | HTTPS Git Server | Cron | Reboot
cron:
name: "{{ item.name }} reboot"
special_time: reboot
job: "cd {{ git_web_root }}/{{ item.name }}.git && {{ git_cron_commands }}"
loop: "{{ git_projects }}"

106
tasks/server/software/gitlab.yml
View File

@ -1,106 +0,0 @@
---
# Install a Gitlab server for hosting software projects.
## Checks ##
- name: "Server | Software | GitLab | Checks | Host Variable [gitlab]={{ gitlab }}"
shell: echo "ERROR! Variable has an invalid value!" && exit 1
when: gitlab not in ("ee", "ce")
- name: "Server | Software | GitLab | Checks | Host Variable [gitlab_url]={{ gitlab_url }}"
set_fact:
gitlab_url: "https://gitlab"
when: gitlab_url is not defined or not gitlab
- name: Server | Software | GitLab | Checks | Play Variables
set_fact:
gitlab_bundle: "gitlab-{{ gitlab }}"
gitlab_config: /etc/gitlab/gitlab.rb
# Ensure other version is not installed.
- name: Server | Software | GitLab | Checks | Remove EE
package:
name: gitlab-ee
state: absent
when: gitlab == "ce"
- name: Server | Software | GitLab | Checks | Remove CE
package:
name: gitlab-ce
state: absent
when: gitlab == "ee"
## Install ##
# https://about.gitlab.com/install/?version=ce#ubuntu
# https://about.gitlab.com/install/?version=ce#centos-8 (Fedora)
- name: Server | Software | GitLab | Install | Check
shell: which gitlab-ctl
ignore_errors: yes
register: gitlab_installed
- name: Server | Software | GitLab | Install | Pre-Reqs
package:
update_cache: yes
name:
- curl
- openssh-server
- ca-certificates
- tzdata
- perl
- postfix
state: present
when: gitlab_installed.failed
- name: Server | Software | GitLab | Install | Add Repo (apt)
shell: curl https://packages.gitlab.com/install/repositories/gitlab/{{ gitlab_bundle }}/script.deb.sh | bash
when: gitlab_installed.failed and ansible_pkg_mgr == "apt"
- name: Server | Software | GitLab | Install | Add Repo (dnf)
shell: curl https://packages.gitlab.com/install/repositories/gitlab/{{ gitlab_bundle }}/script.rpm.sh | bash
when: gitlab_installed.failed and ansible_pkg_mgr == "dnf"
- name: Server | Software | GitLab | Install | Install
shell: EXTERNAL_URL="{{ gitlab_url | replace("https","http") }}.{{ domain }}" {{ ansible_pkg_mgr }} install -y {{ gitlab_bundle }}
when: gitlab_installed.failed
- name: Server | Software | GitLab | Install | Get Password
shell: cat /etc/gitlab/initial_root_password && cp /etc/gitlab/initial_root_password ~/
register: gitlab_passwd
when: gitlab_installed.failed
- name: Server | Software | GitLab | Install | Print Password
debug:
var: gitlab_passwd.stdout_lines
when: gitlab_installed.failed
## Configuration ##
# https://docs.gitlab.com/ee/install/next_steps.html
# Need to make server think it's https but not actually listen for it, otherwise reverse proxy doesn't work.
# https://www.itsfullofstars.de/2019/06/gitlab-behind-a-reverse-proxy/
- name: Server | Software | GitLab | Configure | Check External URL
lineinfile:
path: "{{ gitlab_config }}"
regexp: '^external_url '
line: "external_url '{{ gitlab_url }}.{{ domain }}' # Managed by Ansible"
state: present
create: yes
backup: yes
- name: Server | Software | GitLab | Configure | Turn Off Serving Local SSL
blockinfile:
path: "{{ gitlab_config }}"
block: |
nginx['listen_port'] = 80
nginx['listen_https'] = false
marker: "# {mark} MANAGED BY ANSIBLE - {{ gitlab_config }}"
state: present
create: yes
backup: yes
- name: Server | Software | GitLab | Configure | Reconfigure
shell: gitlab-ctl reconfigure

5
tasks/workstation/linux/software/flatpaks.yml
View File

@ -40,7 +40,6 @@
- { app: "org.signal.Signal", name: "signal", extra: "" }
- { app: "org.mozilla.firefox", name: "firefox-flatpak", extra: "" }
- { app: "com.transmissionbt.Transmission", name: "transmission", extra: "" }
- { app: "org.gnome.Geary", name: "geary", extra: "" }
flatpaks_coding:
- { app: "com.vscodium.codium", name: "codium", extra: "" }
- { app: "com.google.AndroidStudio", name: "android-studio", extra: "" }
@ -53,6 +52,8 @@
- { app: "org.gimp.GIMP", name: "gimp", extra: "" }
- { app: "org.openshot.OpenShot", name: "openshot", extra: "" }
- { app: "org.tenacityaudio.Tenacity", name: "tenacity", extra: "" }
- { app: "io.lmms.LMMS", name: "lmms", extra: "" }
- { app: "net.sourceforge.VMPK", name: "vmpk", extra: "" }
flatpaks_gaming:
- { app: "com.valvesoftware.Steam", name: "steam", extra: "" }
- { app: "com.play0ad.zeroad", name: "zeroad", extra: "" }
@ -72,6 +73,8 @@
# End 2022-11-20 #
- { app: "io.lbry.lbry-app", name: "lbry", extra: "dbus-launch" } # No longer supported, noticed 2023-09-01.
- { app: "chat.delta.desktop", name: "deltachat", extra: "" } # No longer used, removed 2023-12-18.
- { app: "org.gnome.Geary", name: "geary", extra: "" } # No longer used, removed 2024-12-15
- { app: "org.rncbc.qsynth", name: "qsynth", extra: "" } # 2024-12-15, Not worth the setup, use LMMS or VMPK.
# Generic #

16
tasks/workstation/shared/settings/gnome.yml
View File

@ -12,25 +12,29 @@
, 'org.gnome.Nautilus.desktop'
, 'io.gitlab.librewolf-community.desktop', 'librewolf.desktop'
, 'org.mozilla.firefox.desktop', 'firefox.desktop'
, 'com.visualstudio.code-oss.desktop', 'code-oss.desktop'
, 'com.google.AndroidStudio.desktop'
, 'org.godotengine.Godot.desktop'
, 'org.shotcut.Shotcut.desktop'
, 'io.lbry.lbry-app.desktop', 'lbry.desktop'
, 'org.signal.Signal.desktop', 'signal-desktop.desktop'
, 'im.riot.Riot.desktop'
, 'org.telegram.desktop.desktop'
, 'com.discordapp.Discord.desktop'
, 'com.vscodium.codium.desktop'
, 'com.google.AndroidStudio.desktop'
, 'org.shotcut.Shotcut.desktop'
, 'io.lmms.LMMS.desktop'
, 'io.lbry.lbry-app.desktop', 'lbry.desktop'
, 'com.valvesoftware.Steam.desktop'
]"
dconf_terminal: gnome-terminal
dconf_theme: Adwaita-dark
dconf_icons: Adwaita
# 2024-01-28 No longer using local email clients.
# 2024-01-28 Not currently using local email clients.
#, 'org.gnome.Evolution.desktop'
#, 'chat.delta.desktop.desktop', 'deltachat.desktop'
#, 'org.gnome.Geary.desktop'
#, 'org.mozilla.Thunderbird.desktop'
# 2025-01-01
# Reduce the amount of icons on the sidebar, things that may get added back.
#, 'com.visualstudio.code-oss.desktop', 'code-oss.desktop'
#, 'org.godotengine.Godot.desktop'
- name: Workstation | Account Management | GNOME | Facts (NixOS)
set_fact: