├── requirements.yml ├── roles ├── development │ └── doctl │ │ ├── meta │ │ └── main.yml │ │ ├── defaults │ │ └── main.yml │ │ └── tasks │ │ └── main.yml ├── dots │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── gitg │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── python │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── slack │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── snapd │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── tlp │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── aws │ ├── cli │ │ ├── defaults │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ └── tasks │ │ │ └── main.yml │ ├── ebcli │ │ ├── defaults │ │ │ └── main.yml │ │ ├── meta │ │ │ └── main.yml │ │ └── tasks │ │ │ └── main.yml │ └── ecscli │ │ └── tasks │ │ └── main.yml ├── dbeaver │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── discord │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── envchain │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── golang │ ├── language │ │ ├── defaults │ │ │ └── main.yml │ │ └── tasks │ │ │ └── main.yml │ └── assh │ │ ├── defaults │ │ └── main.yml │ │ └── tasks │ │ └── main.yml ├── gparted │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── guake │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── signal │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── solaar │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── winbox │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── barrier │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── bitwarden │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── handbrake │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── nextcloud │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── ruby │ ├── rbenv │ │ ├── defaults │ │ │ └── main.yml │ │ └── tasks │ │ │ └── main.yml │ └── landscape │ │ ├── defaults │ │ └── main.yml │ │ ├── meta │ │ └── main.yml │ │ └── tasks │ │ └── main.yml ├── syncthing │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── terraform │ ├── tfenv │ │ ├── defaults │ │ │ └── main.yml │ │ └── tasks │ │ │ └── main.yml │ └── tgenv │ │ ├── defaults │ │ └── main.yml │ │ └── tasks │ │ └── main.yml ├── vscodium │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── desktop │ ├── files │ │ └── 50-no-guest.conf │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── losslesscut │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── pop_os │ └── shell │ │ ├── defaults │ │ └── main.yml │ │ └── tasks │ │ └── main.yml ├── virtmanager │ ├── defaults │ │ └── main.yml │ ├── vars │ │ ├── ubuntu.yml │ │ └── ubuntu-gnome.yml │ └── tasks │ │ └── main.yml ├── atom │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── library │ │ └── apm ├── java │ ├── openjdk │ │ ├── meta │ │ │ └── main.yml │ │ └── tasks │ │ │ └── main.yml │ └── openjre │ │ └── tasks │ │ └── main.yml ├── vagrant │ ├── defaults │ │ └── main.yml │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── common │ ├── meta │ │ └── main.yml │ ├── defaults │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── files │ │ └── openssl.cnf ├── virtualbox │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── gnome-encfs-manager │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── angryipscanner │ ├── meta │ │ └── main.yml │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── noisetorch │ ├── meta │ │ └── main.yml │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── ssh │ ├── handlers │ │ └── main.yml │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── ufw │ ├── handlers │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── docker │ ├── handlers │ │ └── main.yml │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── ledger-live │ ├── meta │ │ └── main.yml │ ├── files │ │ └── ledger-live-desktop.png │ ├── defaults │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── minikube │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── tmux │ └── tasks │ │ └── main.yml ├── chromium │ ├── defaults │ │ └── main.yml │ ├── templates │ │ └── chrome-extensions.json.j2 │ ├── files │ │ └── policy.json │ └── tasks │ │ └── main.yml ├── kazan │ └── tasks │ │ └── main.yml ├── skype │ └── tasks │ │ └── main.yml ├── locales │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── filezilla │ └── tasks │ │ └── main.yml ├── libreoffice │ └── tasks │ │ └── main.yml ├── pycharm │ └── tasks │ │ └── main.yml ├── thunderbird │ └── tasks │ │ └── main.yml ├── firefox │ └── tasks │ │ └── main.yml ├── git │ └── tasks │ │ └── main.yml ├── doublecmd │ └── tasks │ │ └── main.yml ├── tkinter │ └── tasks │ │ └── main.yml ├── indicator-sysmonitor │ └── tasks │ │ └── main.yml ├── remmina │ └── tasks │ │ └── main.yml ├── phpstorm │ └── tasks │ │ └── main.yml ├── rubymine │ └── tasks │ │ └── main.yml ├── lens │ └── tasks │ │ └── main.yml ├── timeshift │ └── tasks │ │ └── main.yml ├── common-git │ ├── tasks │ │ └── main.yml │ └── files │ │ └── gitconfig ├── kubectl │ └── tasks │ │ └── main.yml ├── nautilus-plugins │ └── tasks │ │ └── main.yml ├── sublime3 │ ├── files │ │ └── Package Control.sublime-settings │ └── tasks │ │ └── main.yml ├── gimp │ └── tasks │ │ └── main.yml ├── sublime-merge │ └── tasks │ │ └── main.yml ├── vscode │ └── tasks │ │ └── main.yml ├── ms-teams │ └── tasks │ │ └── main.yml ├── chrome │ └── tasks │ │ └── main.yml ├── ms-edge │ └── tasks │ │ └── main.yml ├── horizonviewagent │ └── tasks │ │ └── main.yml ├── zsh │ └── tasks │ │ └── main.yml ├── teamviewer │ └── tasks │ │ └── main.yml ├── ms-mdatp │ └── tasks │ │ └── main.yml ├── sunflower │ └── tasks │ │ └── main.yml ├── mysql-workbench │ └── tasks │ │ └── main.yml └── shutter │ └── tasks │ └── main.yml ├── hosts ├── .gitignore ├── inventory ├── compile-default-vars.sh ├── ansible.cfg ├── .editorconfig ├── ansible-desktop.yml ├── common.yml ├── install.sh ├── LICENSE ├── group_vars └── all.yml ├── development.yml ├── desktop.yml └── README.md /requirements.yml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /roles/development/doctl/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | -------------------------------------------------------------------------------- /roles/dots/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | dots_enabled: 'no' -------------------------------------------------------------------------------- /roles/gitg/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | gitg_enabled: no 4 | -------------------------------------------------------------------------------- /roles/python/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | python_enabled: 'no' -------------------------------------------------------------------------------- /roles/slack/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | slack_enabled: 'no' -------------------------------------------------------------------------------- /roles/snapd/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | snapd_enabled: 'no' -------------------------------------------------------------------------------- /roles/tlp/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | tlp_enabled: no 4 | -------------------------------------------------------------------------------- /hosts: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_connection=local 3 | 4 | -------------------------------------------------------------------------------- /roles/aws/cli/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | awscli_enabled: 'no' -------------------------------------------------------------------------------- /roles/aws/ebcli/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | awsebcli_enabled: 'no' -------------------------------------------------------------------------------- /roles/dbeaver/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | dbeaver_enabled: 'no' -------------------------------------------------------------------------------- /roles/discord/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | discord_enabled: no 4 | -------------------------------------------------------------------------------- /roles/envchain/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | envchain_enabled: no -------------------------------------------------------------------------------- /roles/golang/language/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | go_enabled: 'no' -------------------------------------------------------------------------------- /roles/gparted/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | gparted_enabled: no 4 | -------------------------------------------------------------------------------- /roles/guake/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | guake_enabled: no 4 | -------------------------------------------------------------------------------- /roles/signal/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | signal_enabled: no 4 | -------------------------------------------------------------------------------- /roles/solaar/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | solaar_enabled: no 4 | -------------------------------------------------------------------------------- /roles/winbox/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | winbox_enabled: no 4 | -------------------------------------------------------------------------------- /roles/aws/cli/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: python } -------------------------------------------------------------------------------- /roles/barrier/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | barrier_enabled: 'no' 4 | -------------------------------------------------------------------------------- /roles/bitwarden/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | bitwarden_enabled: 'no' -------------------------------------------------------------------------------- /roles/bitwarden/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - role: snapd -------------------------------------------------------------------------------- /roles/dbeaver/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: snapd } -------------------------------------------------------------------------------- /roles/golang/assh/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | go_assh_enabled: 'no' -------------------------------------------------------------------------------- /roles/handbrake/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | handbrake_enabled: no 4 | -------------------------------------------------------------------------------- /roles/nextcloud/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | nextcloud_enabled: no 4 | -------------------------------------------------------------------------------- /roles/ruby/rbenv/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ruby_rbenv_enabled: no -------------------------------------------------------------------------------- /roles/syncthing/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | syncthing_enabled: no 4 | -------------------------------------------------------------------------------- /roles/terraform/tfenv/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | tfenv_enabled: 'no' -------------------------------------------------------------------------------- /roles/terraform/tgenv/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | tgenv_enabled: 'no' -------------------------------------------------------------------------------- /roles/vscodium/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | vscodium_enabled: no 4 | -------------------------------------------------------------------------------- /roles/winbox/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: snapd } -------------------------------------------------------------------------------- /roles/aws/ebcli/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: python } -------------------------------------------------------------------------------- /roles/desktop/files/50-no-guest.conf: -------------------------------------------------------------------------------- 1 | [SeatDefaults] 2 | allow-guest=false 3 | -------------------------------------------------------------------------------- /roles/losslesscut/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | losslesscut_enabled: no 4 | -------------------------------------------------------------------------------- /roles/losslesscut/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: snapd } -------------------------------------------------------------------------------- /roles/pop_os/shell/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | pop_os_shell_enabled: 'no' -------------------------------------------------------------------------------- /roles/slack/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | dependencies: 4 | - { role: snapd } -------------------------------------------------------------------------------- /roles/virtmanager/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | virtmanager_enabled: no 4 | -------------------------------------------------------------------------------- /roles/atom/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | dependencies: 4 | - { role: python } 5 | -------------------------------------------------------------------------------- /roles/java/openjdk/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - role: java/openjre -------------------------------------------------------------------------------- /roles/ruby/landscape/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ruby_landscape_enabled: 'no' -------------------------------------------------------------------------------- /roles/tlp/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | dependencies: 4 | - { role: python } 5 | -------------------------------------------------------------------------------- /roles/vagrant/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | vagrant: 4 | version: "1.8.1" 5 | -------------------------------------------------------------------------------- /roles/virtmanager/vars/ubuntu.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | virtmanager_askpass: "ssh-askpass" -------------------------------------------------------------------------------- /roles/common/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: common-git } 4 | -------------------------------------------------------------------------------- /roles/vagrant/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | dependencies: 4 | - { role: virtualbox } 5 | -------------------------------------------------------------------------------- /roles/virtualbox/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | virtualbox: 4 | version: "5.0" 5 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /.galaxy/ 2 | /TODO.md 3 | *.retry 4 | group_vars/_*.yml 5 | group_vars/local.yml -------------------------------------------------------------------------------- /roles/gnome-encfs-manager/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | gnome_encfs_manager_enabled: no 4 | -------------------------------------------------------------------------------- /roles/virtmanager/vars/ubuntu-gnome.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | virtmanager_askpass: "ssh-askpass-gnome" -------------------------------------------------------------------------------- /roles/angryipscanner/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - role: desktop 4 | - role: java/openjre -------------------------------------------------------------------------------- /roles/noisetorch/meta/main.yml: -------------------------------------------------------------------------------- 1 | #--- 2 | #dependencies: 3 | # - role: desktop 4 | # - role: java/openjre -------------------------------------------------------------------------------- /roles/ssh/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Restart SSH 4 | service: name=ssh state=restarted 5 | -------------------------------------------------------------------------------- /roles/ufw/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: restart ufw 4 | service: name=ufw state=restarted 5 | -------------------------------------------------------------------------------- /roles/docker/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Restart Docker 4 | service: name=docker state=restarted 5 | -------------------------------------------------------------------------------- /roles/ledger-live/meta/main.yml: -------------------------------------------------------------------------------- 1 | #--- 2 | #dependencies: 3 | # - role: desktop 4 | # - role: java/openjre 5 | -------------------------------------------------------------------------------- /roles/minikube/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | dependencies: 4 | - { role: kubectl } 5 | - { role: virtualbox } 6 | -------------------------------------------------------------------------------- /roles/noisetorch/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | noisetorch_enabled: no 4 | noisetorch_assets_response: noisetorch.json -------------------------------------------------------------------------------- /roles/tmux/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install tmux tool 4 | apt: 5 | name: tmux 6 | state: present -------------------------------------------------------------------------------- /inventory: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost ansible_host=127.0.0.1 ansible_connection=local ansible_python_interpreter=/usr/bin/python3 -------------------------------------------------------------------------------- /roles/aws/cli/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install awscli package 4 | pip: 5 | name: awscli 6 | state: present -------------------------------------------------------------------------------- /roles/chromium/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | chromium: 4 | set_default: false 5 | policy: false 6 | extensions: false 7 | -------------------------------------------------------------------------------- /roles/ruby/landscape/meta/main.yml: -------------------------------------------------------------------------------- 1 | collections: 2 | - community.general 3 | 4 | dependencies: 5 | - { role: ruby/rbenv } -------------------------------------------------------------------------------- /roles/winbox/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install winbox 4 | snap: 5 | name: 6 | - winbox 7 | state: present -------------------------------------------------------------------------------- /roles/angryipscanner/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | angryipscanner_enabled: 'no' 4 | angryipscanner_assets_response: angryipscanner.json -------------------------------------------------------------------------------- /roles/aws/ebcli/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install awsebcli package 4 | pip: 5 | name: awsebcli 6 | state: present -------------------------------------------------------------------------------- /roles/chromium/templates/chrome-extensions.json.j2: -------------------------------------------------------------------------------- 1 | { 2 | "external_update_url": "https://clients2.google.com/service/update2/crx" 3 | } 4 | -------------------------------------------------------------------------------- /roles/dbeaver/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install DBeaver 4 | snap: 5 | name: 6 | - dbeaver-ce 7 | state: present 8 | 9 | -------------------------------------------------------------------------------- /roles/losslesscut/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install losslesscut 4 | snap: 5 | name: 6 | - losslesscut 7 | state: present -------------------------------------------------------------------------------- /roles/ssh/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ssh: 4 | start: false 5 | service_enabled: no 6 | password_auth: false 7 | root_login: false 8 | -------------------------------------------------------------------------------- /roles/bitwarden/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install BitWarden 4 | snap: 5 | name: 6 | - bitwarden 7 | state: present 8 | 9 | -------------------------------------------------------------------------------- /roles/kazan/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install kazan screenshot and screencast tool 4 | apt: 5 | name: kazan 6 | state: present 7 | -------------------------------------------------------------------------------- /roles/skype/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Skype 4 | apt: pkg=skype state=latest update_cache=yes cache_valid_time={{ aptcachetime }} 5 | -------------------------------------------------------------------------------- /roles/discord/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Discord 4 | apt: 5 | deb: "https://discord.com/api/download?platform=linux&format=deb" 6 | -------------------------------------------------------------------------------- /roles/locales/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | locales_enabled: 'no' 4 | locales: 5 | locale: 6 | - "en_US.UTF-8 UTF-8" 7 | timezone: "Asia/Beirut" 8 | -------------------------------------------------------------------------------- /roles/development/doctl/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | doctl_enabled: no 4 | doctl_github_repo: "digitalocean/doctl" 5 | doctl_file_ending: "linux-amd64.tar.gz" -------------------------------------------------------------------------------- /roles/docker/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | docker_enabled: 'no' 4 | docker: 5 | start: false 6 | service_enabled: no 7 | docker_compose_version: 1.22.0 8 | -------------------------------------------------------------------------------- /roles/ledger-live/files/ledger-live-desktop.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sys0dm1n/ansible-ubuntu-desktop/HEAD/roles/ledger-live/files/ledger-live-desktop.png -------------------------------------------------------------------------------- /roles/filezilla/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Filezilla 4 | apt: pkg=filezilla state=latest update_cache=yes cache_valid_time={{ aptcachetime }} 5 | -------------------------------------------------------------------------------- /roles/libreoffice/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install LibreOffice 4 | apt: 5 | name: ['libreoffice', 'libreoffice-gnome'] 6 | state: latest 7 | -------------------------------------------------------------------------------- /roles/ruby/landscape/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install landscape 4 | community.general.gem: 5 | name: terraform_landscape 6 | state: present 7 | -------------------------------------------------------------------------------- /roles/pycharm/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install pycharm-community 4 | become: true 5 | snap: 6 | name: pycharm-community 7 | classic: true 8 | 9 | -------------------------------------------------------------------------------- /roles/thunderbird/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Thunderbird 4 | apt: pkg=thunderbird state=latest update_cache=yes cache_valid_time={{ aptcachetime }} 5 | -------------------------------------------------------------------------------- /roles/gitg/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install gitg 4 | apt: 5 | pkg: gitg 6 | state: latest 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | -------------------------------------------------------------------------------- /roles/guake/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install guake 4 | apt: 5 | pkg: guake 6 | state: present 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | -------------------------------------------------------------------------------- /roles/barrier/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install barrier 4 | apt: 5 | pkg: barrier 6 | state: latest 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | -------------------------------------------------------------------------------- /roles/firefox/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Firefox 4 | apt: 5 | pkg: firefox 6 | state: latest 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | -------------------------------------------------------------------------------- /roles/gparted/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install gparted 4 | apt: 5 | pkg: gparted 6 | state: present 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | -------------------------------------------------------------------------------- /roles/locales/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Generate locales 4 | command: locale-gen 5 | 6 | - name: Update TimeZone data 7 | command: dpkg-reconfigure --frontend noninteractive tzdata 8 | -------------------------------------------------------------------------------- /roles/solaar/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install solaar 4 | apt: 5 | pkg: ["solaar"] 6 | state: present 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | -------------------------------------------------------------------------------- /roles/handbrake/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Handbrake 4 | apt: 5 | pkg: ["handbrake"] 6 | state: latest 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | -------------------------------------------------------------------------------- /roles/minikube/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 && chmod +x minikube && sudo cp minikube /usr/local/bin/ && rm minikube 3 | -------------------------------------------------------------------------------- /compile-default-vars.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | cat \ 4 | <(echo -e "---\n") \ 5 | <(cat roles/*/defaults/main.yml | grep -v '^---$' | grep -v '^[[:space:]]*$') \ 6 | > group_vars/_compiled_defaults.yml 7 | -------------------------------------------------------------------------------- /roles/git/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Git 4 | become: true 5 | apt: 6 | pkg: "git" 7 | state: latest 8 | update_cache: true 9 | cache_valid_time: "{{ aptcachetime }}" 10 | -------------------------------------------------------------------------------- /roles/syncthing/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install syncthing-gtk 4 | apt: 5 | pkg: ["syncthing-gtk"] 6 | state: present 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | -------------------------------------------------------------------------------- /roles/doublecmd/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Double Commander 4 | apt: 5 | name: doublecmd-common 6 | state: present 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | roles_path = .galaxy/roles 3 | collections_paths = .galaxy/collections 4 | hostfile = hosts 5 | inventory = inventory 6 | nocows = 1 7 | 8 | [privilege_escalation] 9 | become_method = sudo 10 | -------------------------------------------------------------------------------- /roles/ruby/rbenv/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install rbenv 4 | become: true 5 | apt: 6 | pkg: ["rbenv"] 7 | state: latest 8 | update_cache: yes 9 | cache_valid_time: "{{ aptcachetime }}" 10 | -------------------------------------------------------------------------------- /roles/snapd/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install snapd package 4 | become: true 5 | apt: 6 | pkg: snapd 7 | state: latest 8 | update_cache: yes 9 | cache_valid_time: "{{ aptcachetime }}" 10 | -------------------------------------------------------------------------------- /roles/tkinter/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Tkinter 4 | become: true 5 | apt: 6 | pkg: "python3-tk" 7 | state: latest 8 | update_cache: true 9 | cache_valid_time: "{{ aptcachetime }}" 10 | -------------------------------------------------------------------------------- /roles/golang/language/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install golang packages 4 | become: true 5 | apt: 6 | pkg: ["golang"] 7 | state: latest 8 | update_cache: yes 9 | cache_valid_time: "{{ aptcachetime }}" 10 | -------------------------------------------------------------------------------- /roles/java/openjdk/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Default OpenJDK 4 | become: true 5 | apt: 6 | pkg: ["default-jdk"] 7 | state: latest 8 | update_cache: yes 9 | cache_valid_time: "{{ aptcachetime }}" 10 | -------------------------------------------------------------------------------- /roles/java/openjre/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Default OpenJRE 4 | become: true 5 | apt: 6 | pkg: ["default-jre-headless"] 7 | state: latest 8 | update_cache: yes 9 | cache_valid_time: "{{ aptcachetime }}" 10 | -------------------------------------------------------------------------------- /roles/ledger-live/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ledger_live_enabled: no 4 | ledger_live_version: 2.23.0 5 | ledger_live_sha512: "4e9c4bee4345e194d26bc4dbe35c7b1bb3cd9d8f9661c99f444253423718f105768a5bbf5d8ff6cf0f1c7250323f4e5cc6ebe1c8d76c8e13ae819f0385fa1309" 6 | -------------------------------------------------------------------------------- /roles/python/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Python packages 4 | become: true 5 | apt: 6 | pkg: ["python3", "python3-dev", "python3-pip"] 7 | state: latest 8 | update_cache: yes 9 | cache_valid_time: "{{ aptcachetime }}" 10 | -------------------------------------------------------------------------------- /roles/indicator-sysmonitor/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Configure the Indicator-SysMonitor PPA 4 | apt_repository: repo="ppa:fossfreedom/indicator-sysmonitor" state=present 5 | 6 | - name: Install Indicator-SysMonitor 7 | apt: pkg=indicator-sysmonitor state=latest 8 | -------------------------------------------------------------------------------- /roles/remmina/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Configure the Remmina PPA 4 | apt_repository: repo="ppa:remmina-ppa-team/remmina-next" state=present 5 | 6 | - name: Install Remmina 7 | apt: 8 | pkg: ["remmina", "remmina-plugin-rdp"] 9 | state: present 10 | -------------------------------------------------------------------------------- /roles/chromium/files/policy.json: -------------------------------------------------------------------------------- 1 | { 2 | "BookmarkBarEnabled": true, 3 | "ShowAppsShortcutInBookmarkBar": false, 4 | "ShowHomeButton": true, 5 | "TranslateEnabled": false, 6 | "HomepageIsNewTabPage": false, 7 | "HomepageLocation": "https://www.google.fr/" 8 | } 9 | -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- 1 | # http://editorconfig.org 2 | 3 | root = true 4 | 5 | [*] 6 | charset = utf-8 7 | end_of_line = lf 8 | indent_style = space 9 | indent_size = 4 10 | trim_trailing_whitespace = true 11 | insert_final_newline = true 12 | 13 | [*.yml] 14 | indent_size = 2 15 | 16 | -------------------------------------------------------------------------------- /ansible-desktop.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Ubuntu Playbook Initialization 4 | hosts: localhost 5 | 6 | - import_playbook: common.yml 7 | tags: 8 | - common 9 | - import_playbook: desktop.yml 10 | tags: 11 | - desktop 12 | - import_playbook: development.yml 13 | tags: 14 | - development 15 | -------------------------------------------------------------------------------- /roles/aws/ecscli/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Installing Amazon ECS command line 3 | get_url: 4 | url: https://s3.amazonaws.com/amazon-ecs-cli/ecs-cli-linux-amd64-latest 5 | dest: /usr/local/bin/ecs-cli 6 | mode: 0755 7 | 8 | - name: Installed ECS version 9 | command: /usr/local/bin/ecs-cli --version -------------------------------------------------------------------------------- /roles/phpstorm/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install ubuntu-make 4 | become: true 5 | apt: 6 | pkg: "ubuntu-make" 7 | state: latest 8 | update_cache: true 9 | cache_valid_time: "{{ aptcachetime }}" 10 | 11 | - name: Install PhpStorm 12 | become: true 13 | shell: "umake ide phpstorm" -------------------------------------------------------------------------------- /roles/rubymine/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Ruby 4 | become: true 5 | apt: 6 | pkg: "ruby-full" 7 | state: latest 8 | update_cache: true 9 | cache_valid_time: "{{ aptcachetime }}" 10 | 11 | - name: Install rubymine 12 | become: true 13 | snap: 14 | name: rubymine 15 | classic: true 16 | -------------------------------------------------------------------------------- /roles/gnome-encfs-manager/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Configure the Gnome EncFS Manager PPA 4 | apt_repository: 5 | repo: "ppa:gencfsm" 6 | state: present 7 | 8 | - name: Install Gnome EncFS Manager 9 | apt: 10 | pkg: ["gnome-encfs-manager"] 11 | state: present 12 | update_cache: yes 13 | cache_valid_time: "{{ aptcachetime }}" 14 | -------------------------------------------------------------------------------- /roles/lens/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Check if Lens is installed 4 | command: dpkg-query -W lens 5 | register: lens_check_deb 6 | failed_when: lens_check_deb.rc > 1 7 | changed_when: lens_check_deb.rc == 1 8 | 9 | - name: Install lens 10 | snap: 11 | name: 12 | - kontena-lens 13 | classic: yes 14 | when: lens_check_deb.rc == 1 15 | -------------------------------------------------------------------------------- /roles/timeshift/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Add TimeShift repository 3 | apt_repository: 4 | repo: ppa:teejee2008/ppa 5 | state: present 6 | 7 | - name: Install TimeShift OS Snapshot tool and BTRFS 8 | apt: 9 | pkg: 10 | - timeshift 11 | # - btrfs-tools 12 | state: present 13 | update_cache: yes 14 | cache_valid_time: "{{ aptcachetime }}" -------------------------------------------------------------------------------- /roles/nextcloud/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Add Nextcloud PPA repository 4 | apt_repository: 5 | repo: ppa:nextcloud-devs/client 6 | state: present 7 | 8 | - name: Install Nextcloud Desktop Sync App 9 | apt: 10 | pkg: ["nextcloud-desktop", "nautilus-nextcloud"] 11 | state: present 12 | update_cache: yes 13 | cache_valid_time: "{{ aptcachetime }}" 14 | -------------------------------------------------------------------------------- /roles/common-git/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install git 4 | become: true 5 | apt: 6 | pkg: git-core 7 | state: present 8 | update_cache: yes 9 | cache_valid_time: "{{ aptcachetime }}" 10 | 11 | - name: Adding lg alias for git 12 | copy: 13 | src: gitconfig 14 | dest: "{{ ansible_env.HOME }}/.gitconfig" 15 | mode: '0644' 16 | backup: yes 17 | -------------------------------------------------------------------------------- /roles/tlp/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Add tlp and tlpui PPA repositories 4 | apt_repository: 5 | repo: "{{ item }}" 6 | state: present 7 | with_items: 8 | - "ppa:linrunner/tlp" 9 | - "ppa:linuxuprising/apps" 10 | 11 | - name: Install TLP and TLPUI 12 | apt: 13 | pkg: ["tlp", "tlp-rdw", "tlpui", "smartmontools", "acpi-call-dkms"] 14 | state: present 15 | update_cache: yes 16 | cache_valid_time: "{{ aptcachetime }}" 17 | -------------------------------------------------------------------------------- /roles/kubectl/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sudo apt-get update && sudo apt-get install -y apt-transport-https 3 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 4 | sudo touch /etc/apt/sources.list.d/kubernetes.list 5 | echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list 6 | sudo apt-get update 7 | sudo apt-get install -y kubectl 8 | 9 | echo "source <(kubectl completion bash)" >> ~/.bashrc -------------------------------------------------------------------------------- /roles/vscodium/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Configure the VSCodium APT key 4 | apt_key: 5 | url: "https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg" 6 | state: present 7 | 8 | - name: Configure the VSCodium APT repositories 9 | apt_repository: 10 | repo: "deb https://paulcarroty.gitlab.io/vscodium-deb-rpm-repo/debs/ vscodium main" 11 | state: present 12 | 13 | - name: Install VSCodium 14 | apt: 15 | pkg: codium 16 | state: present 17 | -------------------------------------------------------------------------------- /roles/virtualbox/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Configure the Oracle APT key 4 | apt_key: url=https://www.virtualbox.org/download/oracle_vbox.asc state=present 5 | 6 | - name: Configure the VirtualBox APT repositories 7 | apt_repository: repo="deb [arch=amd64] http://download.virtualbox.org/virtualbox/debian {{ ansible_distribution_release }} contrib" state=present 8 | 9 | - name: Install VirtualBox {{ virtualbox.version }} 10 | apt: pkg=virtualbox-{{ virtualbox.version }} state=present 11 | -------------------------------------------------------------------------------- /roles/atom/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Add Atom repository (Webupd8team) 4 | apt_repository: 5 | repo: ppa:webupd8team/atom 6 | state: present 7 | 8 | - name: Install Atom text editor 9 | apt: 10 | name: atom 11 | state: present 12 | update_cache: yes 13 | cache_valid_time: "{{ aptcachetime }}" 14 | 15 | - name: Setup Atom Packages 16 | apm: name=sync-settings # All others packages are managed by sync-settings 17 | become: true 18 | become_user: "{{ ansible_env.USER }}" 19 | -------------------------------------------------------------------------------- /roles/ufw/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install ufw tool 4 | apt: 5 | name: ufw 6 | state: present 7 | 8 | - name: Configure ufw defaults 9 | ufw: direction={{ item.direction }} policy={{ item.policy }} 10 | with_items: 11 | - { direction: 'incoming', policy: 'deny' } 12 | - { direction: 'outgoing', policy: 'allow' } 13 | notify: 14 | - restart ufw 15 | 16 | - name: Enable ufw logging 17 | ufw: logging=on 18 | notify: 19 | - restart ufw 20 | 21 | - name: Enable ufw 22 | ufw: state=enabled -------------------------------------------------------------------------------- /roles/desktop/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | desktop_enabled: 'no' 4 | desktop: 5 | packages: 6 | - 'bleachbit' 7 | - 'byzanz' 8 | - 'caffeine' 9 | - 'cifs-utils' 10 | - 'easytag' 11 | - 'geany' 12 | - 'inotify-tools' 13 | - 'jq' 14 | - 'libnotify-bin' 15 | - 'meld' 16 | - 'mpv' 17 | - 'pinta' 18 | - 'rhythmbox' 19 | - 'rxvt-unicode-256color' 20 | - 'sox' 21 | - 'tilda' 22 | - 'ubuntu-restricted-extras' 23 | - 'vlc' 24 | - 'wmctrl' 25 | - 'xclip' 26 | - 'xdotool' 27 | -------------------------------------------------------------------------------- /roles/golang/assh/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Check if assh is installed 4 | stat: 5 | path: "~/.local/lib/go/bin/assh" 6 | register: result 7 | 8 | - name: Install assh 9 | shell: 10 | cmd: | 11 | go get -u moul.io/assh/v2 12 | chdir: ~ 13 | creates: 14 | - "~/.local/lib/go/bin/assh" 15 | when: result is not success and not ansible_check_mode 16 | 17 | - name: Setup assh symlink into ~/.local/bin 18 | file: 19 | src: "~/.local/lib/go/bin/assh" 20 | dest: "~/.local/bin/assh" 21 | state: link 22 | -------------------------------------------------------------------------------- /roles/nautilus-plugins/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Nautilus additional packages 4 | apt: 5 | pkg: ["nautilus-image-converter", "nautilus-wipe"] 6 | state: latest 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | 10 | - name: Install Nautilus additional packages for Ubuntu 14.04 11 | apt: 12 | pkg: nautilus-open-terminal 13 | state: latest 14 | update_cache: yes 15 | cache_valid_time: "{{ aptcachetime }}" 16 | when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '14.04' 17 | -------------------------------------------------------------------------------- /roles/sublime3/files/Package Control.sublime-settings: -------------------------------------------------------------------------------- 1 | { 2 | "bootstrapped": true, 3 | "in_process_packages": 4 | [ 5 | ], 6 | "installed_packages": 7 | [ 8 | "Alignment", 9 | "BracketHighlighter", 10 | "DocBlockr", 11 | "Emmet", 12 | "EditorConfig", 13 | "GitGutter", 14 | "GotoDocumentation", 15 | "INI", 16 | "Laravel Blade Highlighter", 17 | "Markdown Preview", 18 | "One Dark Material - Theme", 19 | "Package Control", 20 | "QML", 21 | "SCSS", 22 | "StringUtilities", 23 | "Terminal", 24 | "TrailingSpaces" 25 | ] 26 | } 27 | -------------------------------------------------------------------------------- /roles/common-git/files/gitconfig: -------------------------------------------------------------------------------- 1 | [alias] 2 | lg1 = log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all 3 | lg2 = log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold cyan)%aD%C(reset) %C(bold green)(%ar)%C(reset)%C(bold yellow)%d%C(reset)%n'' %C(white)%s%C(reset) %C(dim white)- %an%C(reset)' --all 4 | lg = !"git lg1" 5 | [color] 6 | ui = true 7 | [help] 8 | autocorrect = 3 9 | -------------------------------------------------------------------------------- /roles/gimp/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Gimp 4 | apt: 5 | name: gimp 6 | 7 | - name: Add Gimp configs 8 | lineinfile: 9 | dest: "{{ ansible_env.HOME }}/.gimp-2.8/sessionrc" 10 | regexp: "{{ item.param }}" 11 | line: "{{ item.value }}" 12 | create: true 13 | with_items : 14 | - { param: "single-window-mode", value: "(single-window-mode yes)" } 15 | - { param: "default-snap-to-canvas", value: "(default-snap-to-canvas yes)" } 16 | - { param: "default-snap-to-grid", value: "(default-snap-to-grid yes)" } 17 | become: true 18 | become_user: "{{ ansible_env.USER }}" 19 | -------------------------------------------------------------------------------- /roles/dots/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | #- name: Install Pop!_OS shell dependencies 4 | # become: true 5 | # apt: 6 | # pkg: ["node-typescript", "make", "chrome-gnome-shell"] 7 | # state: latest 8 | # update_cache: yes 9 | # cache_valid_time: "{{ aptcachetime }}" 10 | 11 | - name: Git checkout Dots Template 12 | git: 13 | repo: 'https://github.com/EvanPurkhiser/dots-template' 14 | dest: ~/.cache/dots-template 15 | version: master 16 | 17 | - name: Install Dots 18 | shell: 19 | cmd: source init-dots 20 | chdir: ~/.cache/dots-template 21 | creates: "~/.local/bin/dots" 22 | when: not ansible_check_mode 23 | -------------------------------------------------------------------------------- /roles/pop_os/shell/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Pop!_OS shell dependencies 4 | become: true 5 | apt: 6 | pkg: ["node-typescript", "make", "chrome-gnome-shell"] 7 | state: latest 8 | update_cache: yes 9 | cache_valid_time: "{{ aptcachetime }}" 10 | 11 | - name: Git checkout Pop!_OS shell 12 | ansible.builtin.git: 13 | repo: 'https://github.com/pop-os/shell' 14 | dest: ~/.cache/pop-os-shell 15 | version: master 16 | 17 | - name: Make and Install Pop!_OS shell 18 | shell: 19 | cmd: make && make install 20 | chdir: ~/.cache/pop-os-shell 21 | creates: "~/.local/share/gnome-shell/extensions/pop-shell@system76.com/metadata.json" 22 | -------------------------------------------------------------------------------- /roles/locales/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Configure locales 4 | lineinfile: dest=/var/lib/locales/supported.d/local regexp="{{ item }}" line="{{ item }}" create="yes" 5 | notify: 6 | - Generate locales 7 | with_items: "{{ locales.locale }}" 8 | 9 | - name: Set localtime (/etc/localtime) 10 | copy: remote_src=yes src=/usr/share/zoneinfo/{{ locales.timezone }} dest=/etc/localtime 11 | 12 | - name: Set timezone (/etc/timezone) 13 | copy: content="{{ locales.timezone }}\n" dest=/etc/timezone 14 | notify: 15 | - Update TimeZone data 16 | 17 | #- name: Install ntp package 18 | # apt: 19 | # pkg: "ntp" 20 | # state: latest 21 | # update_cache: yes 22 | # cache_valid_time: "{{ aptcachetime }}" 23 | -------------------------------------------------------------------------------- /roles/vagrant/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Check if Vagrant is installed 4 | command: dpkg-query -W vagrant 5 | register: vagrant_check_deb 6 | failed_when: vagrant_check_deb.rc > 1 7 | changed_when: vagrant_check_deb.rc == 1 8 | 9 | - name: Download Vagrant {{ vagrant.version }} 10 | get_url: url="https://releases.hashicorp.com/vagrant/{{ vagrant.version }}/vagrant_{{ vagrant.version }}_x86_64.deb" dest="/tmp/download-vagrant-latest.deb" 11 | when: vagrant_check_deb.rc == 1 12 | 13 | - name: Install Vagrant {{ vagrant.version }} 14 | apt: deb="/tmp/download-vagrant-latest.deb" 15 | when: vagrant_check_deb.rc == 1 16 | 17 | - name: Clean Vagrant deb file 18 | file: path=/tmp/download-vagrant-latest.deb state=absent 19 | -------------------------------------------------------------------------------- /roles/slack/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install slack 4 | become: true 5 | command: snap install slack --classic 6 | 7 | 8 | #- name: Check if Slack is installed 9 | # command: dpkg-query -W slack 10 | # register: slack_check_deb 11 | # failed_when: slack_check_deb.rc > 1 12 | # changed_when: slack_check_deb.rc == 1 13 | 14 | #- name: Download slack 15 | # get_url: url="https://downloads.slack-edge.com/linux_releases/slack-desktop-3.3.1-amd64.deb" dest="/tmp/slack-desktop-latest.deb" 16 | # when: slack_check_deb.rc == 1 17 | 18 | #- name: Install slack 19 | # apt: deb="/tmp/slack-desktop-latest.deb" 20 | # when: slack_check_deb.rc == 1 21 | 22 | #- name: Clean slack deb file 23 | # file: path=/tmp/slack-desktop-latest.deb state=absent -------------------------------------------------------------------------------- /roles/desktop/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install common desktop packages 4 | become: true 5 | apt: 6 | pkg: "{{ desktop.packages }}" 7 | state: latest 8 | update_cache: yes 9 | cache_valid_time: "{{ aptcachetime }}" 10 | 11 | #- easytag # audio files metadata management 12 | #- byzanz # screen recording 13 | #- meld # Diff / merge tool 14 | #- pinta # light paint.net equivalent 15 | #- sox # to play sounds 16 | #- tilda # lighter than guake 17 | #- ubuntu-restricted-extras # MP3, Microsoft fonts, Flash plugin, LAME and DVD playback 18 | #- wmctrl # to control windows 19 | #- xclip # to manipulate the clipboard 20 | #- xdotool # to control windows 21 | #- caffeine # prevent the desktop becoming idle in full-screen mode 22 | -------------------------------------------------------------------------------- /roles/signal/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install requirements 4 | apt: 5 | pkg: ["apt-transport-https", "ca-certificates", "curl", "software-properties-common"] 6 | state: latest 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | 10 | - name: Installing apt-key 11 | apt_key: 12 | id: "DBA36B5181D0C816F630E889D980A17457F6FB06" 13 | url: https://updates.signal.org/desktop/apt/keys.asc 14 | state: present 15 | 16 | - name: Add deb repository 17 | apt_repository: 18 | repo: 'deb [arch=amd64] https://updates.signal.org/desktop/apt xenial main' 19 | state: present 20 | 21 | - name: Install 22 | apt: 23 | pkg: ["signal-desktop"] 24 | state: latest 25 | update_cache: yes 26 | cache_valid_time: "{{ aptcachetime }}" 27 | -------------------------------------------------------------------------------- /roles/sublime-merge/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install apt-transport-https 4 | become: true 5 | apt: 6 | pkg: "apt-transport-https" 7 | state: latest 8 | update_cache: true 9 | cache_valid_time: "{{ aptcachetime }}" 10 | 11 | - name: Add Apt signing key 12 | become: true 13 | ansible.builtin.apt_key: 14 | url: "https://download.sublimetext.com/sublimehq-pub.gpg" 15 | state: present 16 | 17 | - name: Add repository into sources list 18 | become: true 19 | ansible.builtin.apt_repository: 20 | repo: deb https://download.sublimetext.com/ apt/stable/ 21 | state: present 22 | 23 | - name: Install sublime-merge 24 | become: true 25 | apt: 26 | pkg: "sublime-merge" 27 | state: latest 28 | update_cache: true 29 | cache_valid_time: "{{ aptcachetime }}" 30 | -------------------------------------------------------------------------------- /roles/vscode/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install apt-transport-https 4 | become: true 5 | apt: 6 | pkg: "apt-transport-https" 7 | state: latest 8 | update_cache: true 9 | cache_valid_time: "{{ aptcachetime }}" 10 | 11 | - name: Add Apt signing key 12 | become: true 13 | ansible.builtin.apt_key: 14 | url: "https://packages.microsoft.com/keys/microsoft.asc" 15 | state: present 16 | 17 | - name: Add repository into sources list 18 | become: true 19 | ansible.builtin.apt_repository: 20 | repo: deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main 21 | state: present 22 | 23 | - name: Install vscode 24 | become: true 25 | apt: 26 | pkg: "code" 27 | state: latest 28 | update_cache: true 29 | cache_valid_time: "{{ aptcachetime }}" 30 | -------------------------------------------------------------------------------- /roles/ms-teams/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install apt-transport-https 4 | become: true 5 | apt: 6 | pkg: "apt-transport-https" 7 | state: latest 8 | update_cache: true 9 | cache_valid_time: "{{ aptcachetime }}" 10 | 11 | - name: Add Apt signing key 12 | become: true 13 | ansible.builtin.apt_key: 14 | url: "https://packages.microsoft.com/keys/microsoft.asc" 15 | state: present 16 | 17 | - name: Add repository into sources list 18 | become: true 19 | ansible.builtin.apt_repository: 20 | repo: deb [arch=amd64] https://packages.microsoft.com/repos/ms-teams stable main 21 | state: present 22 | 23 | - name: Install ms-teams 24 | become: true 25 | apt: 26 | pkg: "teams" 27 | state: latest 28 | update_cache: true 29 | cache_valid_time: "{{ aptcachetime }}" 30 | -------------------------------------------------------------------------------- /roles/ssh/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install SSH Server 4 | apt: pkg=openssh-server state=latest cache_valid_time={{ aptcachetime }} 5 | 6 | - name: "{{ ssh.password_auth | ternary('Allow','Disallow') }} password authentication" 7 | lineinfile: dest=/etc/ssh/sshd_config regexp="^PasswordAuthentication" line="PasswordAuthentication {{ ssh.password_auth | ternary('yes','no') }}" state=present 8 | 9 | - name: "{{ ssh.root_login | ternary('Allow','Disallow') }} root SSH access" 10 | lineinfile: dest=/etc/ssh/sshd_config regexp="^PermitRootLogin" line="PermitRootLogin {{ ssh.root_login | ternary('yes','no') }}" state=present 11 | 12 | - name: "Ensure SSH is {{ ssh.start | ternary('started','stopped') }}" 13 | service: name=ssh state={{ ssh.start | ternary('restarted','stopped') }} enabled={{ ssh.service_enabled }} 14 | -------------------------------------------------------------------------------- /roles/virtmanager/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Set OS and Desktop specific variables 4 | include_vars: "{{ item }}" 5 | with_first_found: 6 | - "{{ ansible_distribution | lower }}-{{ ansible_distribution_version}}-{{ ( ansible_env.ORIGINAL_XDG_CURRENT_DESKTOP | default(ansible_env.XDG_CURRENT_DESKTOP) ).split(':')[1] | lower }}.yml" 7 | - "{{ ansible_distribution | lower }}-{{ ( ansible_env.ORIGINAL_XDG_CURRENT_DESKTOP | default(ansible_env.XDG_CURRENT_DESKTOP) ).split(':')[1] | lower }}.yml" 8 | - "{{ ansible_distribution | lower }}-{{ ansible_distribution_version}}.yml" 9 | - "{{ ansible_distribution | lower }}.yml" 10 | 11 | - name: Install 12 | apt: 13 | pkg: ["virt-manager", "{{ virtmanager_askpass }}"] 14 | state: present 15 | update_cache: yes 16 | cache_valid_time: "{{ aptcachetime }}" -------------------------------------------------------------------------------- /common.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Ubuntu Common Playbook 4 | hosts: localhost 5 | roles: 6 | - role: common 7 | become: true 8 | tags: 9 | - common 10 | when: common_enabled | bool 11 | - role: locales 12 | become: true 13 | tags: 14 | - locale 15 | - common 16 | when: locales_enabled | bool 17 | - role: ufw 18 | become: true 19 | tags: 20 | - ufw 21 | - system 22 | - common 23 | when: ufw_enabled | bool 24 | - role: snapd 25 | become: true 26 | tags: 27 | - snapd 28 | - system 29 | - common 30 | when: snapd_enabled | bool 31 | - role: tlp 32 | become: true 33 | tags: 34 | - tlp 35 | - system 36 | - common 37 | when: tlp_enabled | bool -------------------------------------------------------------------------------- /roles/chrome/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install apt-transport-https 4 | become: true 5 | apt: 6 | pkg: "apt-transport-https" 7 | state: latest 8 | update_cache: true 9 | cache_valid_time: "{{ aptcachetime }}" 10 | 11 | - name: Add Apt signing key 12 | become: true 13 | ansible.builtin.apt_key: 14 | url: "https://dl.google.com/linux/linux_signing_key.pub" 15 | state: present 16 | 17 | - name: Add repository into sources list 18 | become: true 19 | ansible.builtin.apt_repository: 20 | repo: deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main 21 | state: present 22 | 23 | - name: Install google-chrome-stable 24 | become: true 25 | apt: 26 | pkg: "google-chrome-stable" 27 | state: latest 28 | update_cache: true 29 | cache_valid_time: "{{ aptcachetime }}" 30 | -------------------------------------------------------------------------------- /roles/ms-edge/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install apt-transport-https 4 | become: true 5 | apt: 6 | pkg: "apt-transport-https" 7 | state: latest 8 | update_cache: true 9 | cache_valid_time: "{{ aptcachetime }}" 10 | 11 | - name: Add Apt signing key 12 | become: true 13 | ansible.builtin.apt_key: 14 | url: "https://packages.microsoft.com/keys/microsoft.asc" 15 | state: present 16 | 17 | - name: Add repository into sources list 18 | become: true 19 | ansible.builtin.apt_repository: 20 | repo: deb [arch=amd64] https://packages.microsoft.com/repos/edge stable main 21 | state: present 22 | 23 | - name: Install microsoft-edge-beta 24 | become: true 25 | apt: 26 | pkg: "microsoft-edge-beta" 27 | state: latest 28 | update_cache: true 29 | cache_valid_time: "{{ aptcachetime }}" 30 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ################### 4 | # Install ansible # 5 | # if ! grep -q "ansible/ansible" /etc/apt/sources.list /etc/apt/sources.list.d/*; then 6 | # echo "Adding Ansible PPA" 7 | # sudo apt-add-repository ppa:ansible/ansible -y 8 | # fi 9 | 10 | if ! hash ansible >/dev/null 2>&1; then 11 | echo "Installing Ansible..." 12 | sudo apt-get update 13 | sudo apt-get install software-properties-common ansible git python-apt -y 14 | else 15 | echo "Ansible already installed" 16 | fi 17 | 18 | ansible-galaxy collection install community.general 19 | 20 | ##################################### 21 | # Display real installation process # 22 | echo "" 23 | echo "Customize the playbook ansible-desktop.yml to suit your needs, then run ansible with :" 24 | echo " ansible-playbook ansible-desktop.yml --ask-become-pass" 25 | echo "" 26 | -------------------------------------------------------------------------------- /roles/terraform/tgenv/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Git checkout tgenv 4 | git: 5 | repo: 'https://github.com/cunymatthieu/tgenv' 6 | dest: ~/.local/lib/tgenv 7 | version: master 8 | register: result 9 | 10 | - name: Install tgenv binary 11 | file: 12 | src: ~/.local/lib/tgenv/bin/{{ item }} 13 | dest: ~/.local/bin/{{ item }} 14 | state: link 15 | loop: 16 | - terragrunt 17 | - tgenv 18 | when: result is success and not ansible_check_mode 19 | register: result 20 | 21 | - name: Install and setup terragrunt 22 | shell: 23 | cmd: | 24 | tgenv install 0.28.7 25 | tgenv use 0.28.7 26 | # grep -q ".local/lib/tfenv/versions/0.14.7/terraform" ~/.bashrc ~/.zshrc && true || terraform -install-autocomplete 27 | chdir: ~ 28 | creates: "~/.local/lib/tgenv/versions/0.28.7/terragrunt" 29 | when: not ansible_check_mode 30 | -------------------------------------------------------------------------------- /roles/terraform/tfenv/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Git checkout tfenv 4 | git: 5 | repo: 'https://github.com/tfutils/tfenv' 6 | dest: ~/.local/lib/tfenv 7 | version: master 8 | register: result 9 | 10 | - name: Install tfenv binary 11 | file: 12 | src: ~/.local/lib/tfenv/bin/{{ item }} 13 | dest: ~/.local/bin/{{ item }} 14 | state: link 15 | loop: 16 | - terraform 17 | - tfenv 18 | when: result is success and not ansible_check_mode 19 | register: result 20 | 21 | - name: Install and setup terraform 22 | shell: 23 | cmd: | 24 | tfenv install 0.14.7 25 | tfenv use 0.14.7 26 | chdir: ~ 27 | creates: "~/.local/lib/tfenv/versions/0.14.7/terraform" 28 | when: not ansible_check_mode 29 | 30 | # Autocomplete for bash and zsh 31 | # grep -q ".local/lib/tfenv/versions/0.14.7/terraform" ~/.bashrc ~/.zshrc && true || terraform -install-autocomplete -------------------------------------------------------------------------------- /roles/common/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | common_enabled: 'no' 4 | common: 5 | packages: 6 | - afuse 7 | - aptitude 8 | - axel 9 | - blueman 10 | - bash-completion 11 | - build-essential 12 | - bzip2 13 | - colortest 14 | - curl 15 | - diffutils 16 | - dos2unix 17 | - fdupes 18 | - ftp-ssl 19 | - gawk 20 | - gcc 21 | - grep 22 | - gzip 23 | - htop 24 | - httping 25 | - iftop 26 | - imagemagick 27 | - iotop 28 | - less 29 | - lftp 30 | - make 31 | - mtr 32 | - nfs-common 33 | - nmap 34 | - openssl 35 | - p7zip 36 | - pv 37 | - pwgen 38 | - ranger 39 | - rar 40 | - rsync 41 | - smbclient 42 | - software-properties-common 43 | - sshfs 44 | - sshpass 45 | - tar 46 | - tmux 47 | - trash-cli 48 | - tig 49 | - unzip 50 | - vim 51 | - wget 52 | - whois 53 | - zip -------------------------------------------------------------------------------- /roles/horizonviewagent/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if Horizon View Client is already installed 3 | stat: 4 | path: /usr/bin/vmware-view 5 | register: view_client_already_installed 6 | 7 | - name: Copy over Horizon View Client bundle installer 8 | ansible.builtin.copy: 9 | src: VMware-Horizon-Client-5.5.0-16946361.x64.bundle 10 | dest: /tmp/VMware-Horizon-Client-5.5.0-16946361.x64.bundle 11 | owner: root 12 | group: root 13 | mode: '0755' 14 | when: view_client_already_installed.stat.exists == 0 15 | 16 | - name: Install Horizon View Client bundle 17 | ansible.builtin.shell: env TERM=dumb VMWARE_EULAS_AGREED=yes ./VMware-Horizon-Client-5.5.0-16946361.x64.bundle --console --required 18 | args: 19 | chdir: /tmp/ 20 | when: view_client_already_installed.stat.exists == 0 21 | 22 | - name: Remove Horizon View Client bundle installer 23 | ansible.builtin.file: 24 | path: /tmp/VMware-Horizon-Client-5.5.0-16946361.x64.bundle 25 | state: absent 26 | when: view_client_already_installed.stat.exists == 0 -------------------------------------------------------------------------------- /roles/envchain/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install dependencies 4 | become: true 5 | apt: 6 | pkg: ["libsecret-1-dev"] 7 | state: latest 8 | update_cache: yes 9 | cache_valid_time: "{{ aptcachetime }}" 10 | 11 | - name: Create directory structure 12 | file: 13 | path: "{{ item }}" 14 | mode: '0750' 15 | state: directory 16 | with_items: 17 | - "~/.local/tmp" 18 | 19 | - name: Check if binary file exists 20 | stat: 21 | path: '~/.local/bin/envchain' 22 | register: envchain_binary 23 | 24 | - name: Git checkout 25 | ansible.builtin.git: 26 | repo: 'https://github.com/sorah/envchain' 27 | dest: '~/.local/tmp/envchain' 28 | version: master 29 | when: not envchain_binary.stat.exists 30 | 31 | - name: Make and Install 32 | shell: 33 | cmd: make && cp ./envchain ~/.local/bin/ 34 | chdir: ~/.local/tmp/envchain 35 | creates: "~/.local/bin/envchain" 36 | when: not envchain_binary.stat.exists 37 | 38 | - name: Clean up temp directory 39 | file: 40 | path: '~/.local/tmp/envchain' 41 | state: absent -------------------------------------------------------------------------------- /roles/noisetorch/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Get assets 2 | get_url: 3 | url: "https://api.github.com/repos/lawl/NoiseTorch/releases/latest" 4 | force: yes 5 | headers: 6 | Accept: "application/vnd.github.v3+json" 7 | dest: "/tmp/{{ noisetorch_assets_response }}" 8 | 9 | - name: Get download url 10 | shell: | 11 | cat "/tmp/{{ noisetorch_assets_response }}" | jq '.assets | .[] | select(.browser_download_url | contains("NoiseTorch_x64.tgz")) | .url' | sed -e 's/^"//' -e 's/"$//' 12 | register: "download_url" 13 | 14 | - debug: 15 | msg: "{{ download_url.stdout }}" 16 | 17 | - name: Download latest release 18 | get_url: 19 | url: "{{ download_url.stdout }}" 20 | dest: /tmp/NoiseTorch_x64.tgz 21 | tmp_dest: /tmp/ 22 | force: yes 23 | headers: 24 | Accept: "application/octet-stream" 25 | 26 | - name: Ensure file exists 27 | stat: 28 | path: /tmp/NoiseTorch_x64.tgz 29 | register: noisetorch_x64 30 | 31 | - name: Unarchive NoiseTorch 32 | unarchive: 33 | src: /tmp/NoiseTorch_x64.tgz 34 | dest: "~" 35 | when: noisetorch_x64.stat.exists -------------------------------------------------------------------------------- /roles/zsh/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: install apt dependencies 4 | become: "yes" 5 | apt: 6 | pkg: ["git","zsh"] 7 | state: present 8 | 9 | - name: clone oh-my-zsh 10 | tags: 11 | # Suppress warning: [ANSIBLE0006] git used in place of git module 12 | # Git module doesn't allow us to set `core.autocrlf=input`. 13 | - skip_ansible_lint 14 | command: >- 15 | git clone -c core.autocrlf=input --depth=1 16 | https://github.com/ohmyzsh/ohmyzsh.git oh-my-zsh 17 | # core.autocrlf=input prevents 18 | # https://github.com/robbyrussell/oh-my-zsh/issues/4402 19 | args: 20 | chdir: '~/.config' 21 | creates: '~/.config/oh-my-zsh' 22 | 23 | - name: set permissions of oh-my-zsh 24 | file: 25 | path: '~/.config/oh-my-zsh' 26 | # Prevent the cloned repository from having insecure permissions. 27 | # Failing to do so causes compinit() calls to fail with 28 | # "command not found: compdef" errors 29 | # for users with insecure umasks (e.g., "002", allowing group writability). 30 | mode: 'go-w' 31 | recurse: "yes" 32 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 sys0dm1n 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /roles/angryipscanner/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Get assets 2 | get_url: 3 | url: "https://api.github.com/repos/angryip/ipscan/releases/latest" 4 | force: yes 5 | headers: 6 | Accept: "application/vnd.github.v3+json" 7 | dest: "/tmp/{{ angryipscanner_assets_response }}" 8 | 9 | - name: Get download url 10 | shell: | 11 | cat "/tmp/{{ angryipscanner_assets_response }}" | jq '.assets | .[] | select(.browser_download_url | contains("_all.deb")) | .url' | sed -e 's/^"//' -e 's/"$//' 12 | register: "download_url" 13 | 14 | - debug: 15 | msg: "{{ download_url.stdout }}" 16 | 17 | - name: Download latest release 18 | get_url: 19 | url: "{{ download_url.stdout }}" 20 | dest: /tmp/angryipscanner_latest_all.deb 21 | tmp_dest: /tmp/ 22 | force: yes 23 | headers: 24 | Accept: "application/octet-stream" 25 | 26 | - name: Ensure /tmp/angryipscanner_latest_all.deb file exists 27 | stat: 28 | path: /tmp/angryipscanner_latest_all.deb 29 | register: angryipscanner_deb 30 | 31 | - name: Install Angry IP Scanner 32 | apt: 33 | deb: "/tmp/angryipscanner_latest_all.deb" 34 | when: angryipscanner_deb.stat.exists -------------------------------------------------------------------------------- /roles/teamviewer/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Check if TeamViewer is installed 4 | command: dpkg-query -W teamviewer 5 | register: teamviewer_check_deb 6 | check_mode: no 7 | failed_when: teamviewer_check_deb.rc > 1 8 | changed_when: teamviewer_check_deb.rc == 1 9 | 10 | - name: Install TeamViewer dependencies 11 | apt: 12 | pkg: ["libjpeg62","libxinerama1","libxrandr2","libxtst6"] 13 | state: latest 14 | update_cache: yes 15 | cache_valid_time: "{{ aptcachetime }}" 16 | 17 | - name: Download TeamViewer 18 | get_url: url="https://download.teamviewer.com/download/linux/teamviewer_amd64.deb" dest="/tmp/download-teamviewer-latest.deb" 19 | when: teamviewer_check_deb.rc == 1 20 | 21 | - name: Check if download-teamviewer-latest.deb file exists 22 | stat: 23 | path: /tmp/download-teamviewer-latest.deb 24 | register: teamviewer_deb_file 25 | 26 | - name: Install TeamViewer 27 | apt: deb="/tmp/download-teamviewer-latest.deb" 28 | when: teamviewer_check_deb.rc == 1 and teamviewer_deb_file.stat.exists == true 29 | 30 | - name: Clean TeamViewer deb file 31 | file: path=/tmp/download-teamviewer-latest.deb state=absent 32 | -------------------------------------------------------------------------------- /roles/common/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Ensure the system can use the HTTPS transport for APT 4 | stat: 5 | path: /usr/lib/apt/methods/https 6 | register: apt_https_transport 7 | 8 | - name: Install HTTPS transport for APT 9 | apt: 10 | pkg: apt-transport-https 11 | state: installed 12 | when: not apt_https_transport.stat.exists 13 | 14 | - name: Enable all repositories in sources.list 15 | replace: 16 | dest: /etc/apt/sources.list 17 | regexp: '^#\s?deb(.+)http://(.+)/ubuntu(.+)$' 18 | replace: 'deb\1http://\2/ubuntu\3' 19 | backup: yes 20 | 21 | - name: Ensure that Aptitude repositories are up to date 22 | apt: 23 | update_cache: yes 24 | cache_valid_time: "{{ aptcachetime }}" 25 | 26 | - name: Install common packages 27 | become: true 28 | apt: 29 | pkg: "{{ common.packages}}" 30 | state: latest 31 | update_cache: yes 32 | cache_valid_time: "{{ aptcachetime }}" 33 | 34 | - name: Enable and start bluetooth.service 35 | systemd: 36 | name: bluetooth.service 37 | state: started 38 | enabled: yes 39 | 40 | - name: Upgrade installed packages 41 | become: true 42 | apt: 43 | upgrade: "yes" 44 | -------------------------------------------------------------------------------- /roles/ms-mdatp/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Add Microsoft APT key 4 | apt_key: 5 | url: https://packages.microsoft.com/keys/microsoft.asc 6 | state: present 7 | when: ansible_os_family == "Debian" 8 | 9 | - name: Add Microsoft apt repository for MDATP 10 | apt_repository: 11 | repo: deb [arch=arm64,armhf,amd64] https://packages.microsoft.com/config/[distro]/[version]/prod [channel] main 12 | update_cache: yes 13 | state: present 14 | filename: microsoft-[channel] 15 | when: ansible_os_family == "Debian" 16 | 17 | - name: Add Microsoft DNF/YUM key 18 | rpm_key: 19 | state: present 20 | key: https://packages.microsoft.com/keys/microsoft.asc 21 | when: ansible_os_family == "RedHat" 22 | 23 | - name: Add Microsoft yum repository for MDATP 24 | yum_repository: 25 | name: packages-microsoft-[channel] 26 | description: Microsoft Defender for Endpoint 27 | file: microsoft-[channel] 28 | baseurl: https://packages.microsoft.com/[distro]/[version]/[channel]/ 29 | gpgcheck: yes 30 | enabled: Yes 31 | when: ansible_os_family == "RedHat" 32 | 33 | - name: Install MDATP 34 | apt: 35 | name: mdatp 36 | state: latest 37 | update_cache: yes 38 | 39 | - name: Create MDATP directories 40 | file: 41 | path: /etc/opt/microsoft/mdatp/ 42 | recurse: true 43 | state: directory 44 | mode: 0755 45 | owner: root 46 | group: root 47 | 48 | -------------------------------------------------------------------------------- /roles/sunflower/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Check if SunFlower is installed 4 | command: dpkg-query -W sunflower 5 | register: sunflower_check_deb 6 | failed_when: sunflower_check_deb.rc > 1 7 | changed_when: sunflower_check_deb.rc == 1 8 | 9 | - name: lower SSL security level 1/2 10 | blockinfile: 11 | path: /etc/ssl/openssl.cnf 12 | backup: yes 13 | insertbefore: BOF 14 | block: | 15 | openssl_conf = default_conf 16 | changed_when: sunflower_check_deb.rc == 1 17 | 18 | - name: lower SSL security level 2/2 19 | blockinfile: 20 | path: /etc/ssl/openssl.cnf 21 | backup: yes 22 | insertafter: EOF 23 | block: | 24 | [ default_conf ] 25 | ssl_conf = ssl_sect 26 | [ssl_sect] 27 | system_default = system_default_sect 28 | [system_default_sect] 29 | MinProtocol = TLSv1.2 30 | CipherString = DEFAULT:@SECLEVEL=1 31 | changed_when: sunflower_check_deb.rc == 1 32 | 33 | - name: Download SunFlower 34 | get_url: 35 | url: "https://sunflower-fm.org/pub/sunflower-0.4.62-3.all.deb" 36 | dest: "/tmp/download-sunflower-latest.deb" 37 | validate_certs: no 38 | when: sunflower_check_deb.rc == 1 39 | 40 | - name: Install SunFlower 41 | apt: 42 | deb: "/tmp/download-sunflower-latest.deb" 43 | when: sunflower_check_deb.rc == 1 44 | 45 | - name: Clean SunFlower deb file 46 | file: 47 | path: /tmp/download-sunflower-latest.deb 48 | state: absent 49 | -------------------------------------------------------------------------------- /roles/development/doctl/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Create directory structure 2 | file: 3 | path: "{{ item }}" 4 | mode: '0750' 5 | state: directory 6 | with_items: 7 | - "~/.local/tmp" 8 | 9 | - name: Get assets 10 | get_url: 11 | url: "https://api.github.com/repos/{{ doctl_github_repo }}/releases/latest" 12 | force: yes 13 | headers: 14 | Accept: "application/vnd.github.v3+json" 15 | dest: "~/.local/tmp/{{ doctl_github_repo | replace('/', '-') }}.json" 16 | 17 | - name: Get download url 18 | shell: | 19 | cat "{{ ansible_env.HOME }}/.local/tmp/{{ doctl_github_repo | replace('/', '-') }}.json" | jq '.assets | .[] | select(.browser_download_url | contains("linux-amd64.tar.gz")) | .url' | sed -e 's/^"//' -e 's/"$//' 20 | register: "download_url" 21 | 22 | - debug: 23 | msg: "{{ download_url.stdout }}" 24 | 25 | - name: Download latest release 26 | get_url: 27 | url: "{{ download_url.stdout }}" 28 | dest: "~/.local/tmp/{{ doctl_github_repo | replace('/', '-') }}-latest-{{ doctl_file_ending }}" 29 | tmp_dest: ~/.local/tmp/ 30 | force: yes 31 | headers: 32 | Accept: "application/octet-stream" 33 | 34 | - name: Ensure file exists 35 | stat: 36 | path: "~/.local/tmp/{{ doctl_github_repo | replace('/', '-') }}-latest-{{ doctl_file_ending }}" 37 | register: doctl_binary 38 | 39 | - name: Unarchive 40 | unarchive: 41 | src: "~/.local/tmp/{{ doctl_github_repo | replace('/', '-') }}-latest-{{ doctl_file_ending }}" 42 | dest: "~/.local/bin" 43 | when: doctl_binary.stat.exists -------------------------------------------------------------------------------- /roles/docker/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install requirements 4 | apt: 5 | pkg: ["apt-transport-https", "ca-certificates", "curl", "software-properties-common"] 6 | state: latest 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | 10 | - name: Installing apt-key 11 | apt_key: 12 | id: "9DC858229FC7DD38854AE2D88D81803C0EBFCD88" 13 | url: https://download.docker.com/linux/ubuntu/gpg 14 | state: present 15 | 16 | - name: Add deb repository 17 | apt_repository: repo='deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable' state=present 18 | 19 | - name: Install 20 | apt: 21 | pkg: ["linux-image-extra-virtual", "docker-ce"] 22 | state: latest 23 | update_cache: yes 24 | cache_valid_time: "{{ aptcachetime }}" 25 | 26 | - name: Create Docker group 27 | group: 28 | name: docker 29 | state: present 30 | 31 | - name: Add current user to Docker group 32 | user: 33 | name: "{{ ansible_env.USER }}" 34 | groups: docker 35 | append: yes 36 | 37 | - name: "Ensure Docker is {{ docker.start | ternary('started','stopped') }}" 38 | service: 39 | name: docker 40 | state: "{{ docker.start | ternary('restarted','stopped') }}" 41 | enabled: "{{ docker.service_enabled }}" 42 | 43 | - name: Install docker-compose 44 | get_url: 45 | url: "https://github.com/docker/compose/releases/download/{{ docker.docker_compose_version }}/docker-compose-Linux-x86_64" 46 | dest: /usr/local/bin/docker-compose 47 | force: no 48 | mode: 0755 49 | -------------------------------------------------------------------------------- /roles/atom/library/apm: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # 3 | # Source : https://github.com/MichaelAquilina/ubuntu-ansible/blob/abafbeb78a524e002a178921dd9b6c0b16d949e2/library/apm 4 | # See also : https://github.com/hnakamur/ansible-role-atom-packages/blob/master/library/apm 5 | # 6 | 7 | import subprocess 8 | 9 | from ansible.module_utils.basic import * 10 | 11 | 12 | def get_installed(links=False): 13 | packages = {} 14 | output = subprocess.check_output([ 15 | 'apm', 'list', '--links={}'.format(links), '-i', '-b', 16 | ]).strip().split('\n') 17 | for line in output: 18 | if '@' in line: 19 | name, version = line.split('@') 20 | packages[name] = version 21 | return packages 22 | 23 | 24 | def install_package(name, version): 25 | if version is not None: 26 | install_name = '{}@{}'.format(name, version) 27 | else: 28 | install_name = name 29 | 30 | subprocess.check_output([ 31 | 'apm', 'install', install_name, 32 | ]) 33 | 34 | 35 | def main(): 36 | module = AnsibleModule( 37 | argument_spec={ 38 | 'name': {'required': True}, 39 | 'version': {'default': None}, 40 | }, 41 | ) 42 | 43 | name = module.params['name'] 44 | version = module.params['version'] 45 | 46 | changed = False 47 | try: 48 | packages = get_installed() 49 | 50 | if name not in packages or (version is not None and version != packages[name]): 51 | changed = True 52 | install_package(name, version) 53 | except subprocess.CalledProcessError as e: 54 | module.fail_json(msg=e.msg) 55 | else: 56 | module.exit_json(changed=changed) 57 | 58 | 59 | if __name__ == '__main__': 60 | main() 61 | -------------------------------------------------------------------------------- /roles/sublime3/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install GPG key for SubLimeText 4 | apt_key: 5 | url: https://download.sublimetext.com/sublimehq-pub.gpg 6 | state: present 7 | 8 | - name: Add specified repositories into sources list using specified filename 9 | apt_repository: 10 | repo: deb {{ item.repo }} {{ item.add }} 11 | state: present 12 | filename: "{{ item.file }}" 13 | with_items: 14 | - repo: https://download.sublimetext.com/ 15 | add: apt/stable/ 16 | file: sublime 17 | 18 | - name: Install latest sublime package 19 | apt: 20 | pkg: "sublime-text" 21 | state: latest 22 | update_cache: yes 23 | 24 | - name: Prepare sublime directories (1/2) 25 | file: 26 | path: "{{ ansible_env.HOME }}/.config/sublime-text-3/Installed Packages" 27 | state: directory 28 | owner: "{{ ansible_env.USER }}" 29 | group: "{{ ansible_env.USER }}" 30 | 31 | - name: Prepare sublime directories (2/2) 32 | file: 33 | path: "{{ ansible_env.HOME }}/.config/sublime-text-3/Packages/User" 34 | state: directory 35 | owner: "{{ ansible_env.USER }}" 36 | group: "{{ ansible_env.USER }}" 37 | 38 | - name: Install Package Control for sublime 39 | get_url: 40 | url: "https://packagecontrol.io/Package%20Control.sublime-package" 41 | dest: "{{ ansible_env.HOME }}/.config/sublime-text-3/Installed Packages/Package Control.sublime-package" 42 | 43 | - name: Copy Package Control settings template for auto-install (REMEMBER TO RUN DOTFILES SYMLINKS FOR REAL AUTO INSTALL PACKAGES) 44 | copy: 45 | src: "Package Control.sublime-settings" 46 | dest: "{{ ansible_env.HOME }}/.config/sublime-text-3/Packages/User/Package Control.sublime-settings" 47 | owner: "{{ ansible_env.USER }}" 48 | group: "{{ ansible_env.USER }}" 49 | -------------------------------------------------------------------------------- /roles/ledger-live/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: Download Ledger Live {{ ledger_live_version }} 2 | get_url: 3 | url: "https://github.com/LedgerHQ/ledger-live-desktop/releases/download/v{{ ledger_live_version }}/ledger-live-desktop-{{ ledger_live_version }}-linux-x86_64.AppImage" 4 | dest: "~/.local/bin/ledger-live-desktop-{{ ledger_live_version }}-linux-x86_64.AppImage" 5 | checksum: sha512:{{ ledger_live_sha512 }} 6 | mode: "0750" 7 | headers: 8 | Accept: "application/octet-stream" 9 | 10 | - name: Download udev rules setup script 11 | get_url: 12 | url: "https://raw.githubusercontent.com/LedgerHQ/udev-rules/master/add_udev_rules.sh" 13 | dest: /tmp/add_udev_rules.sh 14 | 15 | - name: Ensure /tmp/add_udev_rules.sh file exists 16 | stat: 17 | path: /tmp/add_udev_rules.sh 18 | register: ledger_live_udev_rules 19 | 20 | - name: Setup udev rules 21 | become: true 22 | shell: 23 | cmd: bash /tmp/add_udev_rules.sh 24 | creates: "/etc/udev/rules.d/20-hw1.rules" 25 | when: ledger_live_udev_rules.stat.exists 26 | 27 | - name: Create user icons directory if it does not exist 28 | ansible.builtin.file: 29 | path: ~/.local/share/icons 30 | state: directory 31 | mode: '0750' 32 | 33 | - name: Copy Ledger Live Desktop icon 34 | copy: 35 | src: ledger-live-desktop.png 36 | dest: ~/.local/share/icons/ledger-live-desktop.png 37 | 38 | - name: Add desktop shortcut for Ledger Live {{ ledger_live_version }} 39 | copy: 40 | dest: "~/.local/share/applications/ledger-live.desktop" 41 | content: | 42 | [Desktop Entry] 43 | Encoding=UTF-8 44 | Version={{ ledger_live_version }} 45 | Type=Application 46 | Terminal=false 47 | Name=Ledger Live Desktop 48 | Exec={{ ansible_env.HOME }}/.local/bin/ledger-live-desktop-{{ ledger_live_version }}-linux-x86_64.AppImage 49 | Icon=ledger-live-desktop 50 | -------------------------------------------------------------------------------- /roles/mysql-workbench/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Check if MySQL WorkBench is installed 4 | command: dpkg-query -W mysql-workbench 5 | register: mysql_workbench_check_deb 6 | failed_when: mysql_workbench_check_deb.rc > 1 7 | changed_when: mysql_workbench_check_deb.rc == 1 8 | 9 | - name: lower SSL security level 1/2 10 | blockinfile: 11 | path: /etc/ssl/openssl.cnf 12 | backup: yes 13 | insertbefore: BOF 14 | block: | 15 | openssl_conf = default_conf 16 | changed_when: smysql_workbench_check_deb.rc == 1 17 | 18 | - name: lower SSL security level 2/2 19 | blockinfile: 20 | path: /etc/ssl/openssl.cnf 21 | backup: yes 22 | insertafter: EOF 23 | block: | 24 | [ default_conf ] 25 | ssl_conf = ssl_sect 26 | [ssl_sect] 27 | system_default = system_default_sect 28 | [system_default_sect] 29 | MinProtocol = TLSv1.2 30 | CipherString = DEFAULT:@SECLEVEL=1 31 | changed_when: mysql_workbench_check_deb.rc == 1 32 | 33 | - name: Download MySQL WorkBench - 20.10 34 | get_url: url="https://dev.mysql.com/get/Downloads/MySQLGUITools/mysql-workbench-community_8.0.22-1ubuntu20.10_amd64.deb" dest="/tmp/download-mysql-workbench-latest.deb" 35 | when: mysql_workbench_check_deb.rc == 1 and ansible_distribution == 'Ubuntu' and ansible_distribution_version == '20.10' 36 | 37 | - name: Download MySQL WorkBench - 20.04 38 | get_url: url="https://dev.mysql.com/get/Downloads/MySQLGUITools/mysql-workbench-community_8.0.22-1ubuntu20.04_amd64.deb" dest="/tmp/download-mysql-workbench-latest.deb" 39 | when: mysql_workbench_check_deb.rc == 1 and ansible_distribution == 'Ubuntu' and ansible_distribution_version == '20.04' 40 | 41 | - name: Install MySQL WorkBench 42 | apt: deb="/tmp/download-mysql-workbench-latest.deb" 43 | when: mysql_workbench_check_deb.rc == 1 44 | 45 | - name: Clean MySQL WorkBench deb file 46 | file: path=/tmp/download-mysql-workbench-latest.deb state=absent 47 | -------------------------------------------------------------------------------- /roles/chromium/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Chromium 4 | apt: 5 | name: chromium-browser 6 | state: latest 7 | update_cache: yes 8 | cache_valid_time: "{{ aptcachetime }}" 9 | 10 | - name: Set Chromium as default browser 11 | command: update-alternatives --install /usr/bin/x-www-browser x-www-browser /usr/bin/chromium-browser 250 12 | when: chromium.set_default == true 13 | 14 | # See https://www.chromium.org/administrators/policy-list-3 15 | - name: Create Chromium policies directory for all users 16 | file: 17 | path: /etc/chromium/policies/managed 18 | state: directory 19 | when: chromium.policy 20 | 21 | - name: Create Chromium JSON policy file to force settings for all users 22 | copy: 23 | src: policy.json 24 | dest: "/etc/chromium/policies/managed/benoth-policy.json" 25 | when: chromium.policy 26 | 27 | - name: Create Chromium extensions directory for all users 28 | file: 29 | path: /usr/share/chromium-browser/extensions 30 | state: directory 31 | when: chromium.policy 32 | 33 | # See https://developer.chrome.com/extensions/external_extensions#preferences 34 | - name: Create Chromium JSON file to install extensions for all users 35 | template: 36 | src: chrome-extensions.json.j2 37 | dest: "/usr/share/chromium-browser/extensions/{{ item }}.json" 38 | with_items: 39 | - cjpalhdlnbpafiamejdnhcphjbkeiagm # ublock 40 | - ajpgkpeckebdhofmmjfgcjjiiejpodla # Xmarks Bookmark Sync 41 | - bcjindcccaagfpapjjmafapmmgkkhgoa # JSON Formatter 42 | - miefikpgahefdbcgoiicnmpbeeomffld # Blackfire Companion 43 | - fjnbnpbmkenffdnngjfgmeleoegfcffe # Stylish 44 | # - jbbplnpkjmmeebjpijfedlgcdilocofh # wave-evaluation-tool 45 | # - idgpnmonknjnojddfkpgkljpfnnfcklj # ModHeader 46 | # - jgbbilmfbammlbbhmmgaagdkbkepnijn # Cookie Inspector 47 | # - dapjbgnjinbpoindlpdmhochffioedbn # builtwith-technology-prof 48 | # - deoaddaobnieaecelinfdllcgdehimih # kimono 49 | # - fhbjgbiflinjbdggehcddcbncdddomop # postman 50 | when: chromium.extensions 51 | -------------------------------------------------------------------------------- /roles/shutter/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install Shutter screenshot tool 4 | apt: 5 | name: shutter 6 | state: present 7 | 8 | - name: Check if libgoocanvas is installed 9 | command: dpkg-query -W libgoocanvas-common 10 | register: libgoocanvas_check_deb 11 | failed_when: libgoocanvas_check_deb.rc > 1 12 | changed_when: libgoocanvas_check_deb.rc == 1 13 | 14 | - name: Download libgoocanvas 15 | get_url: url="https://launchpad.net/ubuntu/+archive/primary/+files/libgoocanvas-common_1.0.0-1_all.deb" dest="/tmp/libgoocanvas-common_1.0.0-1_all.deb" 16 | when: libgoocanvas_check_deb.rc == 1 17 | 18 | - name: Install libgoocanvas-common 19 | apt: deb="/tmp/libgoocanvas-common_1.0.0-1_all.deb" 20 | when: libgoocanvas_check_deb.rc == 1 21 | 22 | - name: Clean libgoocanvas-common deb file 23 | file: path=/tmp/libgoocanvas-common_1.0.0-1_all.deb state=absent 24 | 25 | - name: Check if libgoocanvas3 is installed 26 | command: dpkg-query -W libgoocanvas3 27 | register: libgoocanvas3_check_deb 28 | failed_when: libgoocanvas3_check_deb.rc > 1 29 | changed_when: libgoocanvas3_check_deb.rc == 1 30 | 31 | - name: Download libgoocanvas3 32 | get_url: url="https://launchpad.net/ubuntu/+archive/primary/+files/libgoocanvas3_1.0.0-1_amd64.deb" dest="/tmp/libgoocanvas3_1.0.0-1_amd64.deb" 33 | when: libgoocanvas3_check_deb.rc == 1 34 | 35 | - name: Install libgoocanvas3 36 | apt: deb="/tmp/libgoocanvas-common_1.0.0-1_all.deb" 37 | when: libgoocanvas3_check_deb.rc == 1 38 | 39 | - name: Clean libgoocanvas3 deb file 40 | file: path=/tmp/libgoocanvas-common_1.0.0-1_all.deb state=absent 41 | 42 | - name: Check if libgoo-canvas-perl is installed 43 | command: dpkg-query -W libgoo-canvas-perl 44 | register: libgoo_canvas_perl_check_deb 45 | failed_when: libgoo_canvas_perl_check_deb.rc > 1 46 | changed_when: libgoo_canvas_perl_check_deb.rc == 1 47 | 48 | - name: Install libgoo-canvas-perl dependencies 49 | apt: 50 | name: { item } 51 | state: present 52 | with_items: 53 | - libextutils-depends-perl 54 | - libextutils-pkgconfig-perl 55 | - pkg-config 56 | when: libgoo_canvas_perl_check_deb.rc == 1 57 | 58 | - name: Download libgoo-canvas-perl 59 | get_url: url="https://launchpad.net/ubuntu/+archive/primary/+files/libgoo-canvas-perl_0.06-2ubuntu3_amd64.deb" dest="/tmp/libgoo-canvas-perl_0.06-2ubuntu3_amd64.deb" 60 | when: libgoo_canvas_perl_check_deb.rc == 1 61 | 62 | - name: Install libgoo-canvas-perl 63 | apt: deb="/tmp/libgoocanvas-common_1.0.0-1_all.deb" 64 | when: libgoo_canvas_perl_check_deb.rc == 1 65 | 66 | - name: Clean libgoo-canvas-perl deb file 67 | file: path=/tmp/libgoo-canvas-perl_0.06-2ubuntu3_amd64.deb state=absent -------------------------------------------------------------------------------- /group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | common_enabled: yes 4 | locales_enabled: yes 5 | desktop_enabled: yes 6 | 7 | angryipscanner_enabled: no 8 | atom_enabled: no 9 | aws_enabled: no 10 | awscli_enabled: no 11 | awsebcli_enabled: no 12 | awsecscli_enabled: no 13 | barrier_enabled: no 14 | bitwarden_enabled: no 15 | chrome_enabled: no 16 | chromium_enabled: no 17 | common_git_enabled: no 18 | dbeaver_enabled: no 19 | discord_enabled: no 20 | doctl_enabled: no 21 | docker_enabled: no 22 | dots_enabled: no 23 | doublecmd_enabled: no 24 | envchain_enabled: no 25 | filezilla_enabled: no 26 | firefox_enabled: no 27 | gimp_enabled: no 28 | gitg_enabled: no 29 | gnome_encfs_manager_enabled: no 30 | gparted_enabled: no 31 | go_enabled: no 32 | go_assh_enabled: no 33 | golang_enabled: no 34 | guake_enabled: no 35 | handbrake_enabled: no 36 | indicator_sysmonitor_enabled: no 37 | java_openjdk_enabled: no 38 | java_openjre_enabled: no 39 | kazan_enabled: no 40 | kubectl_enabled: no 41 | lens_enabled: no 42 | ledger_live_enabled: no 43 | libreoffice_enabled: no 44 | losslesscut_enabled: no 45 | minikube_enabled: no 46 | meld_enabled: no 47 | mysql_workbench_enabled: no 48 | nautilus_plugins_enabled: no 49 | nextcloud_enabled: no 50 | noisetorch_enabled: no 51 | pop_os_enabled: no 52 | pop_os_shell_enabled: no 53 | python_enabled: no 54 | remmina_enabled: no 55 | ruby_enabled: no 56 | ruby_rbenv_enabled: no 57 | ruby_landscape_enabled: no 58 | scribus_enabled: no 59 | shutter_enabled: no 60 | signal_enabled: no 61 | skype_enabled: no 62 | slack_enabled: no 63 | solaar_enabled: no 64 | snapd_enabled: no 65 | ssh_enabled: no 66 | sublime3_enabled: no 67 | sunflower_enabled: no 68 | syncthing_enabled: no 69 | teamviewer_enabled: no 70 | tfenv_enabled: no 71 | tgenv_enabled: no 72 | thunderbird_enabled: no 73 | timeshift_enabled: no 74 | tlp_enabled: no 75 | tmux_enabled: no 76 | ufw_enabled: no 77 | vagrant_enabled: no 78 | virtualbox_enabled: no 79 | virtmanager_enabled: no 80 | vscode_enabled: no 81 | vscodium_enabled: no 82 | winbox_enabled: no 83 | zsh_enabled: no 84 | 85 | # http://docs.ansible.com/ansible/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable 86 | aptcachetime: 3600 87 | locale: "en_US.UTF-8" 88 | timezone: "Asia/Beirut" 89 | chromium: 90 | set_default: false 91 | policy: false 92 | extensions: false 93 | ssh: 94 | start: true 95 | service_enabled: true 96 | password_auth: false 97 | root_login: false 98 | -------------------------------------------------------------------------------- /development.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Ubuntu Development Playbook 4 | hosts: localhost 5 | roles: 6 | - role: 'aws/cli' 7 | tags: 8 | - aws 9 | - aws:cli 10 | - development:cli 11 | when: aws_enabled or awscli_enabled | bool 12 | - role: 'aws/ebcli' 13 | tags: 14 | - aws 15 | - aws:ebcli 16 | - development:cli 17 | when: aws_enabled or awsebcli_enabled | bool 18 | - role: 'aws/ecscli' 19 | become: true 20 | tags: 21 | - aws 22 | - aws:ecscli 23 | - development:cli 24 | when: aws_enabled or awsecscli_enabled | bool 25 | - role: dbeaver 26 | become: true 27 | tags: 28 | - dbeaver 29 | - development:database 30 | when: dbeaver_enabled | bool 31 | - role: docker 32 | become: true 33 | tags: 34 | - docker 35 | - development:infrastructure 36 | when: docker_enabled | bool 37 | - role: development/doctl 38 | tags: 39 | - doctl 40 | - development:infrastructure 41 | when: doctl_enabled | bool 42 | - role: dots 43 | tags: 44 | - dots 45 | when: dots_enabled | bool 46 | - role: envchain 47 | tags: 48 | - envchain 49 | when: envchain_enabled | bool 50 | # - role: kubectl 51 | # become: true 52 | # tags: 53 | # - kubectl 54 | # - development 55 | # - development:cli 56 | # - developer 57 | # when: kubectl_enabled | bool 58 | # - role: minikube 59 | # become: true 60 | # tags: 61 | # - minikube 62 | # - development 63 | # - development:infrastructure 64 | # - developer 65 | # when: minikube_enabled | bool 66 | - role: golang/language 67 | tags: 68 | - go 69 | - development:programing 70 | when: golang_enabled | bool 71 | - role: golang/assh 72 | tags: 73 | - go 74 | - go:assh 75 | - development:programing 76 | when: go_assh_enabled | bool 77 | - role: java/openjdk 78 | tags: 79 | - java 80 | - java:openjdk 81 | - development:programing 82 | when: java_openjdk_enabled | bool 83 | - role: java/openjre 84 | tags: 85 | - java 86 | - java:openjre 87 | - development:programing 88 | when: java_openjre_enabled | bool 89 | - role: lens 90 | become: true 91 | tags: 92 | - lens 93 | - development:editor 94 | when: lens_enabled | bool 95 | - role: python 96 | tags: 97 | - python 98 | - development:programing 99 | when: python_enabled | bool 100 | - role: mysql-workbench 101 | become: true 102 | tags: 103 | - mysql-workbench 104 | - development:database 105 | when: mysql_workbench_enabled | bool 106 | - role: ruby/rbenv 107 | tags: 108 | - ruby 109 | - ruby:rbenv 110 | - development:programing 111 | when: ruby_enabled | bool 112 | - role: ssh 113 | become: true 114 | tags: 115 | - ssh 116 | when: ssh_enabled | bool 117 | - role: ruby/landscape 118 | tags: 119 | - ruby 120 | - ruby:landscape 121 | - development:programing 122 | when: ruby_landscape_enabled | bool 123 | - role: terraform/tfenv 124 | tags: 125 | - terraform 126 | - tfenv 127 | - development:infrastructure 128 | when: tfenv_enabled | bool 129 | - role: terraform/tgenv 130 | tags: 131 | - terragrunt 132 | - tgenv 133 | - development:infrastructure 134 | when: tgenv_enabled | bool 135 | - role: tmux 136 | become: true 137 | tags: 138 | - tmux 139 | when: tmux_enabled | bool 140 | - role: vagrant 141 | become: true 142 | tags: 143 | - vagrant 144 | - development:infrastructure 145 | when: vagrant_enabled | bool 146 | - role: virtualbox 147 | become: true 148 | tags: 149 | - virtualbox 150 | - development:infrastructure 151 | when: virtualbox_enabled | bool 152 | - role: virtmanager 153 | become: true 154 | tags: 155 | - virtmanager 156 | - development:infrastructure 157 | when: virtmanager_enabled | bool 158 | - role: vscode 159 | become: true 160 | tags: 161 | - vscode 162 | - development:programing 163 | when: vscode_enabled | bool 164 | - role: zsh 165 | tags: 166 | - zsh 167 | when: zsh_enabled | bool 168 | # - role: vokoscreen 169 | # become: true 170 | # tags: 171 | # - desktop 172 | # - vokoscreen 173 | # - devops 174 | # - devs 175 | # when: vokoscreen_enabled | bool 176 | -------------------------------------------------------------------------------- /desktop.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Ubuntu Desktop Playbook 4 | hosts: localhost 5 | roles: 6 | - role: desktop 7 | when: desktop_enabled | bool 8 | - role: angryipscanner 9 | become: true 10 | tags: 11 | - angryipscanner 12 | when: angryipscanner_enabled | bool 13 | - role: atom 14 | become: true 15 | tags: 16 | - atom 17 | when: atom_enabled | bool 18 | - role: barrier 19 | become: true 20 | tags: 21 | - barrier 22 | when: barrier_enabled | bool 23 | - role: bitwarden 24 | become: true 25 | tags: 26 | - bitwarden 27 | when: bitwarden_enabled | bool 28 | - role: chromium 29 | become: true 30 | tags: 31 | - chromium 32 | when: chromium_enabled | bool 33 | - role: chrome 34 | become: true 35 | tags: 36 | - chrome 37 | when: chrome_enabled | bool 38 | - role: discord 39 | become: true 40 | tags: 41 | - discord 42 | when: discord_enabled | bool 43 | - role: doublecmd 44 | become: true 45 | tags: 46 | - doublecmd 47 | when: doublecmd_enabled | bool 48 | - role: filezilla 49 | become: true 50 | tags: 51 | - filezilla 52 | when: filezilla_enabled | bool 53 | - role: firefox 54 | become: true 55 | tags: 56 | - firefox 57 | when: firefox_enabled | bool 58 | - role: gimp 59 | become: true 60 | tags: 61 | - gimp 62 | when: gimp_enabled | bool 63 | - role: gitg 64 | become: true 65 | tags: 66 | - gitg 67 | when: gitg_enabled | bool 68 | - role: gnome-encfs-manager 69 | become: true 70 | tags: 71 | - gnome-encfs-manager 72 | when: gnome_encfs_manager_enabled | bool 73 | - role: gparted 74 | become: true 75 | tags: 76 | - gparted 77 | when: gparted_enabled | bool 78 | - role: guake 79 | become: true 80 | tags: 81 | - guake 82 | when: guake_enabled | bool 83 | - role: indicator-sysmonitor 84 | become: true 85 | tags: 86 | - indicator-sysmonitor 87 | when: indicator_sysmonitor_enabled | bool 88 | - role: handbrake 89 | become: true 90 | tags: 91 | - handbrake 92 | when: handbrake_enabled | bool 93 | - role: ledger-live 94 | tags: 95 | - ledger-live 96 | when: ledger_live_enabled | bool 97 | - role: libreoffice 98 | become: true 99 | tags: 100 | - libreoffice 101 | when: libreoffice_enabled | bool 102 | - role: losslesscut 103 | become: true 104 | tags: 105 | - losslesscut 106 | when: losslesscut_enabled | bool 107 | - role: nautilus-plugins 108 | become: true 109 | tags: 110 | - nautilus-plugins 111 | when: nautilus_plugins_enabled | bool 112 | - role: nextcloud 113 | become: true 114 | tags: 115 | - nextcloud 116 | when: nextcloud_enabled | bool 117 | - role: noisetorch 118 | tags: 119 | - noisetorch 120 | when: noisetorch_enabled | bool 121 | # - role: notify-osd 122 | # become: true 123 | # tags: 124 | # - desktop 125 | # - notify-osd 126 | # - devops 127 | # - devs 128 | # when: notify-osd_enabled | bool 129 | # - role: remarkable 130 | # become: true 131 | # tags: 132 | # - desktop 133 | # - remarkable 134 | # - devops 135 | # - devs 136 | # when: remarkable_enabled | bool 137 | - role: 'pop_os/shell' 138 | tags: 139 | - pop_os 140 | - pop_os:shell 141 | when: pop_os_enabled or pop_os_shell_enabled | bool 142 | - role: remmina 143 | become: true 144 | tags: 145 | - remmina 146 | when: remmina_enabled | bool 147 | - role: signal 148 | become: true 149 | tags: 150 | - signal 151 | when: signal_enabled | bool 152 | - role: skype 153 | become: true 154 | tags: 155 | - skype 156 | when: skype_enabled | bool 157 | - role: solaar 158 | become: true 159 | tags: 160 | - solaar 161 | when: solaar_enabled | bool 162 | - role: sublime3 163 | become: true 164 | tags: 165 | - sublime3 166 | when: sublime3_enabled | bool 167 | - role: slack 168 | tags: 169 | - slack 170 | when: slack_enabled | bool 171 | - role: sunflower 172 | become: true 173 | tags: 174 | - sunflower 175 | when: sunflower_enabled | bool 176 | - role: syncthing 177 | become: true 178 | tags: 179 | - syncthing 180 | when: syncthing_enabled | bool 181 | - role: teamviewer 182 | become: true 183 | tags: 184 | - teamviewer 185 | when: teamviewer_enabled | bool 186 | - role: thunderbird 187 | become: true 188 | tags: 189 | - thunderbird 190 | when: thunderbird_enabled | bool 191 | - role: timeshift 192 | become: true 193 | tags: 194 | - timeshift 195 | when: timeshift_enabled | bool 196 | - role: winbox 197 | become: true 198 | tags: 199 | - winbox 200 | when: winbox_enabled | bool 201 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Ansible Ubuntu setup 2 | Ansible roles to setup Ubuntu desktop. This playbook is focused on quickly deploying a "ready to use" Ubuntu Desktop. 3 | 4 | 5 | ## Requirements 6 | - Git 7 | - Ansible 2+ (automatically installed from [Ansible offical PPA](https://launchpad.net/~ansible/+archive/ubuntu/ansible) with the provided install.sh script) 8 | 9 | 10 | ## Installation 11 | First, you need to install Git and Ansible : 12 | ``` 13 | $ sudo apt-get install git 14 | $ git clone https://github.com/sys0dm1n/ansible-ubuntu-desktop.git 15 | $ cd ansible-ubuntu-desktop 16 | $ bash ./install.sh 17 | ``` 18 | 19 | Then you need to copy the `group_vars/all.yml` to `group_vars/local.yml` and customize which roles suit your needs. All roles except `locales`,`common`, and `desktop` are disabled by default. 20 | 21 | Run `ansible-playbook ansible-desktop.yml --ask-become-pass` and enter your sudo password to run the playbook 22 | 23 | Optionaly you can run just some of the tags like: 24 | `ansible-playbook ansible-desktop.yml --ask-become-pass --tags=common,locales` 25 | 26 | Tags are named the same as role dirs. If a role is in a sub dir then the tag for that specific role is sepparated with a colon like: `aws:cli`. But you can also use `aws` and that should install all the roles under the `aws` dir. 27 | 28 | ## Roles included 29 | 30 | | Role | Description| 31 | | ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | 32 | | |**General**| 33 | | common | Install a lot of usefull packages (curl, htop, less, zip ... see [corresponding task file](https://github.com/sys0dm1n/ansible-ubuntu-desktop/blob/master/roles/common/tasks/main.yml)) | 34 | | locales | Configure system locales and timezone | 35 | | snapd | Install [snapd](https://snapcraft.io/about) | 36 | | tlp | Install [tlp](https://linrunner.de/tlp/introduction.html) | 37 | | ufw | Install [ufw](https://help.ubuntu.com/community/UFW) | 38 | | | **Desktop tools** | 39 | | angryipscanner | Install [AngryIPScanner](https://angryip.org/about/) from [angryip/ipscan Github Repository](https://github.com/angryip/ipscan/releases) | 40 | | atom | Install [Atom](https://atom.io/) from [WebUpd8 PPA](https://launchpad.net/~webupd8team/+archive/ubuntu/atom) and [Sync Settings](https://atom.io/packages/sync-settings) plugin | 41 | | barrier | Install [barrier](https://github.com/debauchee/barrier). Use single keyboard and mouse with multiple computers. | 42 | | bitwarden | Install [bitwarden](https://snapcraft.io/bitwarden) password manager desktop client. | 43 | | chromium | Install [Chromium](https://www.chromium.org/). May also install plugins and set policies | 44 | | desktop | Install a lot of usefull packages (meld, tilda, vlc, xclip) | 45 | | discord | Install [Discord](https://discord.com/download) chat app.| 46 | | filezilla | Install [Filezilla](https://filezilla-project.org/) (no particular settings, basic installation) | 47 | | firefox | Install [Firefox](https://www.mozilla.org/firefox/) (no particular settings, basic installation) | 48 | | gimp | Install [Gimp](https://www.gimp.org/) and some minor settings | 49 | | gitg | Install [Gitg](https://wiki.gnome.org/Apps/Gitg) a graphical user interface for git. | 50 | | gnome-encfs-manager | Install [gnome-encfs-manager](https://moritzmolch.com/apps/gencfsm.html) an easy to use manager and mounter for encfs stashes. | 51 | | gparted | Install [Gparted](https://gparted.org/) a free partition editor for graphically managing your disk partitions. | 52 | | guake | Install [guake](http://guake-project.org/) a customizable dropdown terminal. | 53 | | indicator-sysmonitor | Install [indicator-sysmonitor](https://github.com/fossfreedom/indicator-sysmonitor) from [FOSSFreedom PPA](https://launchpad.net/~fossfreedom/+archive/ubuntu/indicator-sysmonitor) | 54 | | handbrake | Install [handbrake](https://handbrake.fr/) a video converting tool from nearly any format to a selection of modern, widely supported codecs. | 55 | | kazan | Install [kazan](https://launchpad.net/kazam) screencast and screencast tool | 56 | | ledger-live-desktop | Install [ledger-live-desktop](https://www.ledger.com/ledger-live/download) Ledgers Cryptocurrency Hardware Wallet Desktop application. | 57 | | libreoffice | Install [LibreOffice](https://www.libreoffice.org/) using [LibreOffice 5.1 PPA](https://launchpad.net/~libreoffice/+archive/ubuntu/libreoffice-5-1) | 58 | | losslesscut | Install [losslesscut](https://mifi.no/losslesscut/) the Swiss Army Knife of Lossless Video/Audio Editing. | 59 | | nautilus-plugins | Install Nautilus plugins| 60 | | nextcloud | Install [nextcloud](https://nextcloud.com/install) Desktop Sync application. | 61 | | noisetorch | Install [noisetorch](https://github.com/lawl/NoiseTorch) Real-time microphone noise suppression on Linux. | 62 | | Pop!_OS Shell | Install Pop!_OS Shell Gnome Shell Extension from [Pop!_OS/Shell Github Repository](https://github.com/pop-os/shell) | 63 | | remmina | Install [Remmina](http://www.remmina.org/) | 64 | | signal | Install [Signal](https://signal.org/) chat application. | 65 | | skype | Install [Skype](https://www.skype.com/) | 66 | | slack | Install [Slack](https://slack.com/) set of proprietary team collaboration tools and services. | 67 | | solaar | Install [Solaar](https://slack.com/) a manager for many Logitech keyboards, mice, and trackpads. | 68 | | sublime3 | Install [Sublime Text 3](https://www.sublimetext.com/3) from [WebUpd8 PPA](https://launchpad.net/~webupd8team/+archive/ubuntu/sublime-text-3) and the [Package Control](https://packagecontrol.io/) plugin | 69 | | sunflower | Install [SunFlower](http://sunflower-fm.org/download)fom online dev | 70 | | syncthing | Install [Syncthing-GTK](https://github.com/kozec/syncthing-gtk) a GUI and notification area icon for Syncthing. | 71 | | teamviewer | Install [TeamViewer](https://www.teamviewer.com/) from online deb file | 72 | | thunderbird | Install [Thunderbird](https://www.mozilla.org/thunderbird/) (no particular settings, basic installation) | 73 | | timeshift | Install [TimeShift](https://github.com/teejee2008/timeshift) | 74 | | winbox | Install [Winbox](https://wiki.mikrotik.com/wiki/Manual:Winbox), a small utility that allows administration of MikroTik RouterOS. | 75 | | | **Development tools** | 76 | | assh | Install [assh](https://github.com/moul/assh) A transparent ssh wrapper that adds yaml configuration and more to SSH | 77 | | awscli | Install [aws](https://docs.aws.amazon.com/cli/latest/userguide/installing.html) the Amazon command line interface | 78 | | awsebcli | Install [eb](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/eb-cli3-install-linux.html) the Amazon Elastic Beanstalk command line interface | 79 | | awsecscli | Install [ecs](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_CLI_installation.html) the Amazon Elastic Container Service | 80 | | dbeaver | Install [DBeaver](https://dbeaver.io) universal database tool from snap | 81 | | docker | Install [Docker](https://www.docker.com/) and Docker compose from Docker deb repository | 82 | | dots | Install [dots](https://github.com/EvanPurkhiser/dots) a dotfile Management Tool | 83 | | java/openjdk | Install Default Java JDK | 84 | | java/openjre | Install Default Java JRE | 85 | | golang | Install go language | 86 | | lens | Install [Lens](https://k8slens.dev/) The Kubernetes IDE | 87 | | python | Install python language | 88 | | ruby | Install ruby language | 89 | | kubectl | Install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl) | 90 | | mysql-workbench | Install [MySQL WorkBench](https://www.mysql.fr/products/workbench/) from online deb file| 91 | | minikube | Install [minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/) | 92 | | snapd | Install [snapd](https://snapcraft.io/snapd) a service that manages installed snaps (app packages for Linux) | 93 | | ssh | Install [OpenSSH Server](http://www.openssh.com/) | 94 | | terraform_landscape | Install [landscape](https://github.com/coinbase/terraform-landscape) a output reformatting tool for `terraform plan` thats easier to read | 95 | | tfenv | Install [tfenv](https://github.com/tfutils/tfenv) terraform version manager inspired by rbenv | 96 | | tgenv | Install [tgenv](https://github.com/cunymatthieu/tgenv) terragrunt version manager inspired by tfenv | 97 | | tmux | Install [tmux](https://github.com/tmux/tmux/wiki) tmux is a terminal multiplexer. It lets you switch easily between several programs in one terminal, detach them (they keep running in the background) and reattach them to a different terminal. And do a lot more. | 98 | | vagrant | Install [Vagrant](https://www.vagrantup.com/) from online deb file| 99 | | virtualbox | Install [VirtualBox](https://www.virtualbox.org/) from VirtualBox APT repositories | 100 | | zsh | Install [zsh](https://www.zsh.org/) shell and [oh-my-zsh](https://ohmyz.sh/) framework for managing your Zsh configuration | 101 | 102 | ## Contributing 103 | In lieu of a formal styleguide, take care to maintain the existing coding style. Add unit tests and examples for any new or changed functionality. 104 | 105 | 1. Fork it 106 | 2. Create your feature branch (`git checkout -b my-new-feature`) 107 | 3. Commit your changes (`git commit -am 'Add some feature'`) 108 | 4. Push to the branch (`git push origin my-new-feature`) 109 | 5. Create new Pull Request 110 | -------------------------------------------------------------------------------- /roles/common/files/openssl.cnf: -------------------------------------------------------------------------------- 1 | # 2 | # OpenSSL example configuration file. 3 | # This is mostly being used for generation of certificate requests. 4 | # 5 | 6 | # Note that you can include other files from the main configuration 7 | # file using the .include directive. 8 | #.include filename 9 | 10 | # This definition stops the following lines choking if HOME isn't 11 | # defined. 12 | HOME = . 13 | 14 | # Extra OBJECT IDENTIFIER info: 15 | #oid_file = $ENV::HOME/.oid 16 | oid_section = new_oids 17 | 18 | # To use this configuration file with the "-extfile" option of the 19 | # "openssl x509" utility, name here the section containing the 20 | # X.509v3 extensions to use: 21 | # extensions = 22 | # (Alternatively, use a configuration file that has only 23 | # X.509v3 extensions in its main [= default] section.) 24 | 25 | # System default 26 | openssl_conf = default_conf 27 | 28 | [ new_oids ] 29 | 30 | # We can add new OIDs in here for use by 'ca', 'req' and 'ts'. 31 | # Add a simple OID like this: 32 | # testoid1=1.2.3.4 33 | # Or use config file substitution like this: 34 | # testoid2=${testoid1}.5.6 35 | 36 | # Policies used by the TSA examples. 37 | tsa_policy1 = 1.2.3.4.1 38 | tsa_policy2 = 1.2.3.4.5.6 39 | tsa_policy3 = 1.2.3.4.5.7 40 | 41 | #################################################################### 42 | [ ca ] 43 | default_ca = CA_default # The default ca section 44 | 45 | #################################################################### 46 | [ CA_default ] 47 | 48 | dir = ./demoCA # Where everything is kept 49 | certs = $dir/certs # Where the issued certs are kept 50 | crl_dir = $dir/crl # Where the issued crl are kept 51 | database = $dir/index.txt # database index file. 52 | #unique_subject = no # Set to 'no' to allow creation of 53 | # several certs with same subject. 54 | new_certs_dir = $dir/newcerts # default place for new certs. 55 | 56 | certificate = $dir/cacert.pem # The CA certificate 57 | serial = $dir/serial # The current serial number 58 | crlnumber = $dir/crlnumber # the current crl number 59 | # must be commented out to leave a V1 CRL 60 | crl = $dir/crl.pem # The current CRL 61 | private_key = $dir/private/cakey.pem# The private key 62 | 63 | x509_extensions = usr_cert # The extensions to add to the cert 64 | 65 | # Comment out the following two lines for the "traditional" 66 | # (and highly broken) format. 67 | name_opt = ca_default # Subject Name options 68 | cert_opt = ca_default # Certificate field options 69 | 70 | # Extension copying option: use with caution. 71 | # copy_extensions = copy 72 | 73 | # Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs 74 | # so this is commented out by default to leave a V1 CRL. 75 | # crlnumber must also be commented out to leave a V1 CRL. 76 | # crl_extensions = crl_ext 77 | 78 | default_days = 365 # how long to certify for 79 | default_crl_days= 30 # how long before next CRL 80 | default_md = default # use public key default MD 81 | preserve = no # keep passed DN ordering 82 | 83 | # A few difference way of specifying how similar the request should look 84 | # For type CA, the listed attributes must be the same, and the optional 85 | # and supplied fields are just that :-) 86 | policy = policy_match 87 | 88 | # For the CA policy 89 | [ policy_match ] 90 | countryName = match 91 | stateOrProvinceName = match 92 | organizationName = match 93 | organizationalUnitName = optional 94 | commonName = supplied 95 | emailAddress = optional 96 | 97 | # For the 'anything' policy 98 | # At this point in time, you must list all acceptable 'object' 99 | # types. 100 | [ policy_anything ] 101 | countryName = optional 102 | stateOrProvinceName = optional 103 | localityName = optional 104 | organizationName = optional 105 | organizationalUnitName = optional 106 | commonName = supplied 107 | emailAddress = optional 108 | 109 | #################################################################### 110 | [ req ] 111 | default_bits = 2048 112 | default_keyfile = privkey.pem 113 | distinguished_name = req_distinguished_name 114 | attributes = req_attributes 115 | x509_extensions = v3_ca # The extensions to add to the self signed cert 116 | 117 | # Passwords for private keys if not present they will be prompted for 118 | # input_password = secret 119 | # output_password = secret 120 | 121 | # This sets a mask for permitted string types. There are several options. 122 | # default: PrintableString, T61String, BMPString. 123 | # pkix : PrintableString, BMPString (PKIX recommendation before 2004) 124 | # utf8only: only UTF8Strings (PKIX recommendation after 2004). 125 | # nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). 126 | # MASK:XXXX a literal mask value. 127 | # WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings. 128 | string_mask = utf8only 129 | 130 | # req_extensions = v3_req # The extensions to add to a certificate request 131 | 132 | [ req_distinguished_name ] 133 | countryName = Country Name (2 letter code) 134 | countryName_default = AU 135 | countryName_min = 2 136 | countryName_max = 2 137 | 138 | stateOrProvinceName = State or Province Name (full name) 139 | stateOrProvinceName_default = Some-State 140 | 141 | localityName = Locality Name (eg, city) 142 | 143 | 0.organizationName = Organization Name (eg, company) 144 | 0.organizationName_default = Internet Widgits Pty Ltd 145 | 146 | # we can do this but it is not needed normally :-) 147 | #1.organizationName = Second Organization Name (eg, company) 148 | #1.organizationName_default = World Wide Web Pty Ltd 149 | 150 | organizationalUnitName = Organizational Unit Name (eg, section) 151 | #organizationalUnitName_default = 152 | 153 | commonName = Common Name (e.g. server FQDN or YOUR name) 154 | commonName_max = 64 155 | 156 | emailAddress = Email Address 157 | emailAddress_max = 64 158 | 159 | # SET-ex3 = SET extension number 3 160 | 161 | [ req_attributes ] 162 | challengePassword = A challenge password 163 | challengePassword_min = 4 164 | challengePassword_max = 20 165 | 166 | unstructuredName = An optional company name 167 | 168 | [ usr_cert ] 169 | 170 | # These extensions are added when 'ca' signs a request. 171 | 172 | # This goes against PKIX guidelines but some CAs do it and some software 173 | # requires this to avoid interpreting an end user certificate as a CA. 174 | 175 | basicConstraints=CA:FALSE 176 | 177 | # Here are some examples of the usage of nsCertType. If it is omitted 178 | # the certificate can be used for anything *except* object signing. 179 | 180 | # This is OK for an SSL server. 181 | # nsCertType = server 182 | 183 | # For an object signing certificate this would be used. 184 | # nsCertType = objsign 185 | 186 | # For normal client use this is typical 187 | # nsCertType = client, email 188 | 189 | # and for everything including object signing: 190 | # nsCertType = client, email, objsign 191 | 192 | # This is typical in keyUsage for a client certificate. 193 | # keyUsage = nonRepudiation, digitalSignature, keyEncipherment 194 | 195 | # This will be displayed in Netscape's comment listbox. 196 | nsComment = "OpenSSL Generated Certificate" 197 | 198 | # PKIX recommendations harmless if included in all certificates. 199 | subjectKeyIdentifier=hash 200 | authorityKeyIdentifier=keyid,issuer 201 | 202 | # This stuff is for subjectAltName and issuerAltname. 203 | # Import the email address. 204 | # subjectAltName=email:copy 205 | # An alternative to produce certificates that aren't 206 | # deprecated according to PKIX. 207 | # subjectAltName=email:move 208 | 209 | # Copy subject details 210 | # issuerAltName=issuer:copy 211 | 212 | #nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem 213 | #nsBaseUrl 214 | #nsRevocationUrl 215 | #nsRenewalUrl 216 | #nsCaPolicyUrl 217 | #nsSslServerName 218 | 219 | # This is required for TSA certificates. 220 | # extendedKeyUsage = critical,timeStamping 221 | 222 | [ v3_req ] 223 | 224 | # Extensions to add to a certificate request 225 | 226 | basicConstraints = CA:FALSE 227 | keyUsage = nonRepudiation, digitalSignature, keyEncipherment 228 | 229 | [ v3_ca ] 230 | 231 | 232 | # Extensions for a typical CA 233 | 234 | 235 | # PKIX recommendation. 236 | 237 | subjectKeyIdentifier=hash 238 | 239 | authorityKeyIdentifier=keyid:always,issuer 240 | 241 | basicConstraints = critical,CA:true 242 | 243 | # Key usage: this is typical for a CA certificate. However since it will 244 | # prevent it being used as an test self-signed certificate it is best 245 | # left out by default. 246 | # keyUsage = cRLSign, keyCertSign 247 | 248 | # Some might want this also 249 | # nsCertType = sslCA, emailCA 250 | 251 | # Include email address in subject alt name: another PKIX recommendation 252 | # subjectAltName=email:copy 253 | # Copy issuer details 254 | # issuerAltName=issuer:copy 255 | 256 | # DER hex encoding of an extension: beware experts only! 257 | # obj=DER:02:03 258 | # Where 'obj' is a standard or added object 259 | # You can even override a supported extension: 260 | # basicConstraints= critical, DER:30:03:01:01:FF 261 | 262 | [ crl_ext ] 263 | 264 | # CRL extensions. 265 | # Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. 266 | 267 | # issuerAltName=issuer:copy 268 | authorityKeyIdentifier=keyid:always 269 | 270 | [ proxy_cert_ext ] 271 | # These extensions should be added when creating a proxy certificate 272 | 273 | # This goes against PKIX guidelines but some CAs do it and some software 274 | # requires this to avoid interpreting an end user certificate as a CA. 275 | 276 | basicConstraints=CA:FALSE 277 | 278 | # Here are some examples of the usage of nsCertType. If it is omitted 279 | # the certificate can be used for anything *except* object signing. 280 | 281 | # This is OK for an SSL server. 282 | # nsCertType = server 283 | 284 | # For an object signing certificate this would be used. 285 | # nsCertType = objsign 286 | 287 | # For normal client use this is typical 288 | # nsCertType = client, email 289 | 290 | # and for everything including object signing: 291 | # nsCertType = client, email, objsign 292 | 293 | # This is typical in keyUsage for a client certificate. 294 | # keyUsage = nonRepudiation, digitalSignature, keyEncipherment 295 | 296 | # This will be displayed in Netscape's comment listbox. 297 | nsComment = "OpenSSL Generated Certificate" 298 | 299 | # PKIX recommendations harmless if included in all certificates. 300 | subjectKeyIdentifier=hash 301 | authorityKeyIdentifier=keyid,issuer 302 | 303 | # This stuff is for subjectAltName and issuerAltname. 304 | # Import the email address. 305 | # subjectAltName=email:copy 306 | # An alternative to produce certificates that aren't 307 | # deprecated according to PKIX. 308 | # subjectAltName=email:move 309 | 310 | # Copy subject details 311 | # issuerAltName=issuer:copy 312 | 313 | #nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem 314 | #nsBaseUrl 315 | #nsRevocationUrl 316 | #nsRenewalUrl 317 | #nsCaPolicyUrl 318 | #nsSslServerName 319 | 320 | # This really needs to be in place for it to be a proxy certificate. 321 | proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo 322 | 323 | #################################################################### 324 | [ tsa ] 325 | 326 | default_tsa = tsa_config1 # the default TSA section 327 | 328 | [ tsa_config1 ] 329 | 330 | # These are used by the TSA reply generation only. 331 | dir = ./demoCA # TSA root directory 332 | serial = $dir/tsaserial # The current serial number (mandatory) 333 | crypto_device = builtin # OpenSSL engine to use for signing 334 | signer_cert = $dir/tsacert.pem # The TSA signing certificate 335 | # (optional) 336 | certs = $dir/cacert.pem # Certificate chain to include in reply 337 | # (optional) 338 | signer_key = $dir/private/tsakey.pem # The TSA private key (optional) 339 | signer_digest = sha256 # Signing digest to use. (Optional) 340 | default_policy = tsa_policy1 # Policy if request did not specify it 341 | # (optional) 342 | other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional) 343 | digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory) 344 | accuracy = secs:1, millisecs:500, microsecs:100 # (optional) 345 | clock_precision_digits = 0 # number of digits after dot. (optional) 346 | ordering = yes # Is ordering defined for timestamps? 347 | # (optional, default: no) 348 | tsa_name = yes # Must the TSA name be included in the reply? 349 | # (optional, default: no) 350 | ess_cert_id_chain = no # Must the ESS cert id chain be included? 351 | # (optional, default: no) 352 | ess_cert_id_alg = sha1 # algorithm to compute certificate 353 | # identifier (optional, default: sha1) 354 | [default_conf] 355 | ssl_conf = ssl_sect 356 | 357 | [ssl_sect] 358 | system_default = system_default_sect 359 | 360 | [system_default_sect] 361 | MinProtocol = TLSv1.2 362 | CipherString = DEFAULT@SECLEVEL=1 363 | --------------------------------------------------------------------------------