From 7c1f7039170a25f192d87235476179f7cfe01a85 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Romain=20Gon=C3=A7alves?= <me@rgoncalves.se>
Date: Sat, 10 Dec 2022 21:17:16 +0100
Subject: chore: explode workstation role in subroles

---
 roles/workstation/defaults/main.yml               | 61 -------------------
 roles/workstation/tasks/cronie.yml                | 10 ----
 roles/workstation/tasks/doas.yml                  | 34 -----------
 roles/workstation/tasks/dockerd.yml               | 28 ---------
 roles/workstation/tasks/hosts.yml                 |  7 ---
 roles/workstation/tasks/libvirt.yml               | 21 -------
 roles/workstation/tasks/main.yml                  | 29 ---------
 roles/workstation/tasks/os_archlinux.yml          | 35 -----------
 roles/workstation/tasks/os_openbsd.yml            | 72 -----------------------
 roles/workstation/tasks/pipewire.yml              | 22 -------
 roles/workstation/tasks/pkgs.yml                  |  7 ---
 roles/workstation/tasks/shell.yml                 |  8 ---
 roles/workstation/tasks/smartcard.yml             |  5 --
 roles/workstation/tasks/ssh.yml                   | 18 ------
 roles/workstation/tasks/tlp.yml                   | 10 ----
 roles/workstation/tasks/yay.yml                   | 20 -------
 roles/workstation/templates/apm-hibernate         |  5 --
 roles/workstation/templates/apm-resume            | 16 -----
 roles/workstation/templates/apm-suspend           |  5 --
 roles/workstation/templates/docker-daemon.json.j2 |  8 ---
 roles/workstation/templates/ssh.config.j2         | 17 ------
 roles/workstation/templates/xorg-intel.conf       |  9 ---
 roles/workstation/vars/os_archlinux.yml           | 67 ---------------------
 roles/workstation/vars/os_openbsd.yml             | 12 ----
 24 files changed, 526 deletions(-)
 delete mode 100644 roles/workstation/defaults/main.yml
 delete mode 100644 roles/workstation/tasks/cronie.yml
 delete mode 100644 roles/workstation/tasks/doas.yml
 delete mode 100644 roles/workstation/tasks/dockerd.yml
 delete mode 100644 roles/workstation/tasks/hosts.yml
 delete mode 100644 roles/workstation/tasks/libvirt.yml
 delete mode 100644 roles/workstation/tasks/main.yml
 delete mode 100644 roles/workstation/tasks/os_archlinux.yml
 delete mode 100644 roles/workstation/tasks/os_openbsd.yml
 delete mode 100644 roles/workstation/tasks/pipewire.yml
 delete mode 100644 roles/workstation/tasks/pkgs.yml
 delete mode 100644 roles/workstation/tasks/shell.yml
 delete mode 100644 roles/workstation/tasks/smartcard.yml
 delete mode 100644 roles/workstation/tasks/ssh.yml
 delete mode 100644 roles/workstation/tasks/tlp.yml
 delete mode 100644 roles/workstation/tasks/yay.yml
 delete mode 100755 roles/workstation/templates/apm-hibernate
 delete mode 100755 roles/workstation/templates/apm-resume
 delete mode 100755 roles/workstation/templates/apm-suspend
 delete mode 100644 roles/workstation/templates/docker-daemon.json.j2
 delete mode 100644 roles/workstation/templates/ssh.config.j2
 delete mode 100644 roles/workstation/templates/xorg-intel.conf
 delete mode 100644 roles/workstation/vars/os_archlinux.yml
 delete mode 100644 roles/workstation/vars/os_openbsd.yml

(limited to 'roles/workstation')

diff --git a/roles/workstation/defaults/main.yml b/roles/workstation/defaults/main.yml
deleted file mode 100644
index 3707288..0000000
--- a/roles/workstation/defaults/main.yml
+++ /dev/null
@@ -1,61 +0,0 @@
-workstation_user: qwd
-
-workstation_docker_group: docker
-
-workstation_hosts_file: /etc/hosts
-workstation_hosts_url: http://sbc.io/hosts/alternates/fakenews-gambling-porn/hosts
-
-workstation_yay_repo: https://aur.archlinux.org/yay-bin.git
-workstation_yay_dir: /tmp/yay
-
-workstation_pkgs: []
-workstation_pkgs_common:
-  - ansible
-  - ansible-lint
-  - calcurse
-  - cmus
-  - dmenu
-  - dunst
-  - entr
-  - feh
-  - fzf
-  - git
-  - git-crypt
-  - glances
-  - gnupg
-  - go
-  - gopass
-  - htop
-  - httpie
-  - inotify-tools
-  - ipmitool
-  - ipython
-  - isync
-  - jq
-  - lowdown
-  - lynx
-  - mpv
-  - neomutt
-  - neovim
-  - newsboat
-  - nmap
-  - parallel
-  - qutebrowser
-  - rsync
-  - rtorrent
-  - rust
-  - scrot
-  - syncthing
-  - terminus-font
-  - tig
-  - tor
-  - tree
-  - unzip
-  - vlc
-  - weechat
-  - wget
-  - wkhtmltopdf
-  - xclip
-  - zathura
-  - zip
-  - zsh
diff --git a/roles/workstation/tasks/cronie.yml b/roles/workstation/tasks/cronie.yml
deleted file mode 100644
index faa1095..0000000
--- a/roles/workstation/tasks/cronie.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- name: install cronie
-  ansible.builtin.package:
-    name: cronie
-    state: present
-
-- name: enable and restart cronie
-  ansible.builtin.service:
-    name: cronie
-    state: restarted
-    enabled: true
diff --git a/roles/workstation/tasks/doas.yml b/roles/workstation/tasks/doas.yml
deleted file mode 100644
index e47fa35..0000000
--- a/roles/workstation/tasks/doas.yml
+++ /dev/null
@@ -1,34 +0,0 @@
-- name: generate doas configuration
-  ansible.builtin.lineinfile:
-    path: /etc/doas.conf
-    regexp: "^permit persist keepenv {{ workstation_user }} as root"
-    line: "permit persist keepenv {{ workstation_user }} as root"
-    create: true
-    mode: 0644
-    owner: 0
-    group: 0
-
-- name: allow reboot/shutdown/hibernate with doas
-  ansible.builtin.lineinfile:
-    path: /etc/doas.conf
-    regexp: "^permit nopass {{ workstation_user }} as root cmd {{ item }}"
-    line: "permit nopass {{ workstation_user }} as root cmd {{ item }}"
-  loop:
-    - ZZZ
-    - mount
-    - reboot
-    - shutdown
-    - zzz
-
-- name: check sudo binary path  # noqa no-changed-when
-  ansible.builtin.command: command -v sudo
-  register: result
-  failed_when: false
-
-- name: uninstall sudo binary
-  ansible.builtin.package:
-    name: sudo
-    state: absent
-  when: result.rc == 0
-  register: sudo
-  ignore_errors: true
diff --git a/roles/workstation/tasks/dockerd.yml b/roles/workstation/tasks/dockerd.yml
deleted file mode 100644
index c0dfd33..0000000
--- a/roles/workstation/tasks/dockerd.yml
+++ /dev/null
@@ -1,28 +0,0 @@
-- name: install docker
-  ansible.builtin.package:
-    name:
-      - docker
-      - docker-compose
-    state: present
-
-- name: append current user to docker group
-  ansible.builtin.user:
-    name: "{{ workstation_user }}"
-    groups: "{{ workstation_docker_group }}"
-    append: true
-
-- name: create docker directory
-  ansible.builtin.file:
-    path: /etc/docker
-    state: directory
-    owner: 0
-    group: 0
-    mode: 0755
-
-- name: configure default network for docker containers
-  ansible.builtin.template:
-    src: docker-daemon.json.j2
-    dest: /etc/docker/daemon.json
-    owner: 0
-    group: 0
-    mode: 0600
diff --git a/roles/workstation/tasks/hosts.yml b/roles/workstation/tasks/hosts.yml
deleted file mode 100644
index 7cc261a..0000000
--- a/roles/workstation/tasks/hosts.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: retrieve hosts file
-  ansible.builtin.get_url:
-    url: "{{ workstation_hosts_url }}"
-    dest: "{{ workstation_hosts_file }}"
-    mode: '0644'
-    owner: 0
-    group: 0
diff --git a/roles/workstation/tasks/libvirt.yml b/roles/workstation/tasks/libvirt.yml
deleted file mode 100644
index 554f800..0000000
--- a/roles/workstation/tasks/libvirt.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-- name: install iptables-nft
-  ansible.builtin.shell: yes | pacman --noprogressbar --needed --sync iptables-nft
-  when: ansible_distribution == "Archlinux"
-
-- name: install libvirt
-  ansible.builtin.package:
-    name:
-      - cdrtools
-      - dnsmasq
-      - ebtables
-      - libvirt
-    state: present
-
-- name: append current user to virt groups
-  ansible.builtin.user:
-    name: "{{ workstation_user }}"
-    groups: "{{ item }}"
-    append: true
-  loop:
-    - kvm
-    - libvirt
diff --git a/roles/workstation/tasks/main.yml b/roles/workstation/tasks/main.yml
deleted file mode 100644
index 1c4c463..0000000
--- a/roles/workstation/tasks/main.yml
+++ /dev/null
@@ -1,29 +0,0 @@
-- name: include specific distribution variables
-  ansible.builtin.include_vars: "os_{{ ansible_distribution | lower }}.yml"
-
-- name: include packages
-  ansible.builtin.include_tasks: pkgs.yml
-
-- name: include operating system setup
-  ansible.builtin.include_tasks: "os_{{ ansible_distribution | lower }}.yml"
-
-- name: include shell setup
-  ansible.builtin.include_tasks: shell.yml
-
-- name: include doas setup
-  ansible.builtin.include_tasks: doas.yml
-
-- name: include smartcard setup
-  ansible.builtin.include_tasks: smartcard.yml
-
-- name: include ssh setup
-  ansible.builtin.include_tasks:
-    file: ssh.yml
-  args:
-    apply:
-      become: true
-      become_user: "{{ workstation_user }}"
-
-- name: include hosts setup
-  ansible.builtin.include_tasks:
-    file: hosts.yml
diff --git a/roles/workstation/tasks/os_archlinux.yml b/roles/workstation/tasks/os_archlinux.yml
deleted file mode 100644
index f45433a..0000000
--- a/roles/workstation/tasks/os_archlinux.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-- name: include battery optimization
-  ansible.builtin.include_tasks: tlp.yml
-  when: ansible_form_factor in ["Laptop", "Notebook"]
-
-- name: include cronie setup
-  ansible.builtin.include_tasks: cronie.yml
-
-- name: include virtualization setup
-  ansible.builtin.include_tasks: libvirt.yml
-
-- name: include dockerd setup
-  ansible.builtin.include_tasks: dockerd.yml
-
-- name: include pipewire
-  ansible.builtin.include_tasks: pipewire.yml
-
-- name: retrieve installed packages
-  ansible.builtin.package_facts:
-  register: package_facts
-
-- name: include yay
-  ansible.builtin.include_tasks: yay.yml
-  when:
-    - "'yay' not in package_facts.ansible_facts.packages"
-    - "'yay-bin' not in package_facts.ansible_facts.packages"
-
-- name: append current user to system groups
-  ansible.builtin.user:
-    name: "{{ workstation_user }}"
-    groups: "{{ item }}"
-    append: true
-  loop:
-    - wheel
-    - video
-    - audio
diff --git a/roles/workstation/tasks/os_openbsd.yml b/roles/workstation/tasks/os_openbsd.yml
deleted file mode 100644
index 21f3bb1..0000000
--- a/roles/workstation/tasks/os_openbsd.yml
+++ /dev/null
@@ -1,72 +0,0 @@
-- name: ensure wsconsctl config file exists
-  ansible.builtin.file:
-    path: /etc/wsconsctl.conf
-    state: touch
-    owner: 0
-    group: 0
-    mode: 0644
-
-- name: append configuration to wsconsctl
-  ansible.builtin.lineinfile:
-    path: /etc/wsconsctl.conf
-    regexp: "^{{ item[0] }}"
-    line: "{{ item[0] }}={{ item[1] }}"
-    create: true
-    owner: 0
-    group: 0
-    mode: 0644
-  loop:
-    - [screen.brightness, 80]
-    - [keyboard.repeat.del1, 180]
-    - [keyboard.repeat.deln, 50]
-    - [keyboard.bell.volume, 0]
-    - [mouse.tp.tapping, 1]
-
-- name: ensure Xorg subdirectory for configuration exists
-  ansible.builtin.file:
-    path: /etc/X11/xorg.conf.d
-    owner: 0
-    group: 0
-    mode: 0644
-    state: directory
-
-- name: generate system wide configurations
-  ansible.builtin.template:
-    src: "{{ item[0] }}"
-    dest: "{{ item[1] }}"
-    mode: preserve
-  loop:
-    - [xorg-intel.conf, /etc/X11/xorg.conf.d]
-    - [apm-hibernate, /etc/apm/hibernate]
-    - [apm-suspend, /etc/apm/suspend]
-    - [apm-resume, /etc/apm/resume]
-
-- name: ensure sysctl configuration file exists
-  ansible.builtin.file:
-    path: /etc/sysctl.conf
-    owner: root
-    mode: 0644
-
-- name: ensure sysctl memory optimizations
-  ansible.builtin.blockinfile:
-    path: /etc/sysctl.conf
-    block: |
-      kern.shminfo.shmall=3145728
-      kern.shminfo.shmmax=1073741823
-      kern.shminfo.shmmni=1024
-      kern.shminfo.shmseg=1024
-      kern.seminfo.semmns=4096
-      kern.seminfo.semmni=1024
-    marker: "# memory {mark} - managed by Ansible"
-
-- name: ensure sysctl process optimizations
-  ansible.builtin.blockinfile:
-    path: /etc/sysctl.conf
-    block: |
-      kern.maxfiles=102400
-      kern.maxproc=32768
-      kern.maxfiles=65535
-      kern.bufcachepercent=90
-      kern.maxvnodes=262144
-      kern.somaxconn=2048
-    marker: "# process - {mark} managed by Ansible"
diff --git a/roles/workstation/tasks/pipewire.yml b/roles/workstation/tasks/pipewire.yml
deleted file mode 100644
index 1fc83a9..0000000
--- a/roles/workstation/tasks/pipewire.yml
+++ /dev/null
@@ -1,22 +0,0 @@
-- name: install pipewire
-  ansible.builtin.package:
-    name:
-      - pipewire
-      - pipewire-alsa
-      - pipewire-pulse
-      - mda.lv2
-    state: present
-
-- name: enable and start pipewire
-  ansible.builtin.systemd:
-    name: "{{ item }}"
-    scope: user
-    enabled: true
-    state: started
-  become: true
-  become_method: su
-  become_user: "{{ workstation_user }}"
-  loop:
-    - pipewire
-    - pipewire-pulse
-  when: ansible_service_mgr == "systemd"
diff --git a/roles/workstation/tasks/pkgs.yml b/roles/workstation/tasks/pkgs.yml
deleted file mode 100644
index 674ccc4..0000000
--- a/roles/workstation/tasks/pkgs.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-- name: install distribution packages
-  ansible.builtin.package:
-    name: "{{ item }}"
-    state: present
-  loop:
-    - "{{ workstation_pkgs_common }}"
-    - "{{ workstation_pkgs }}"
diff --git a/roles/workstation/tasks/shell.yml b/roles/workstation/tasks/shell.yml
deleted file mode 100644
index dc11ca4..0000000
--- a/roles/workstation/tasks/shell.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-- name: retrieve zsh path  # noqa no-changed-when command-instead-of-shell
-  ansible.builtin.shell: command -v zsh
-  register: zsh_path
-
-- name: ensure zsh is used for workstation user
-  ansible.builtin.user:
-    name: "{{ workstation_user }}"
-    shell: "{{ zsh_path.stdout_lines[0] }}"
diff --git a/roles/workstation/tasks/smartcard.yml b/roles/workstation/tasks/smartcard.yml
deleted file mode 100644
index 926770a..0000000
--- a/roles/workstation/tasks/smartcard.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-- name: start and enable pcscd service
-  ansible.builtin.service:
-    name: pcscd
-    state: started
-    enabled: true
diff --git a/roles/workstation/tasks/ssh.yml b/roles/workstation/tasks/ssh.yml
deleted file mode 100644
index d09c7f8..0000000
--- a/roles/workstation/tasks/ssh.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-- name: create ssh directory
-  ansible.builtin.file:
-    path: "/home/{{ workstation_user }}/{{ item }}"
-    owner: "{{ workstation_user }}"
-    group: "{{ workstation_user }}"
-    state: directory
-    mode: 0700
-  loop:
-    - .ssh
-    - .ssh/config.d
-
-- name: generate ssh configuration
-  ansible.builtin.template:
-    src: ssh.config.j2
-    dest: "/home/{{ workstation_user }}/.ssh/config.d/dns.config"
-    owner: "{{ workstation_user }}"
-    group: "{{ workstation_user }}"
-    mode: 0600
diff --git a/roles/workstation/tasks/tlp.yml b/roles/workstation/tasks/tlp.yml
deleted file mode 100644
index 4782741..0000000
--- a/roles/workstation/tasks/tlp.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- name: install tlp
-  ansible.builtin.package:
-    name: tlp
-    state: present
-
-- name: enable and start tlp
-  ansible.builtin.service:
-    name: tlp
-    state: started
-    enabled: true
diff --git a/roles/workstation/tasks/yay.yml b/roles/workstation/tasks/yay.yml
deleted file mode 100644
index 8581bfd..0000000
--- a/roles/workstation/tasks/yay.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-- name: clone yay repository
-  ansible.builtin.git:
-    repo: "{{ workstation_yay_repo }}"
-    dest: "{{ workstation_yay_dir }}"
-    version: origin/master
-  become: true
-  become_user: "{{ workstation_user }}"
-
-- name: make yay package  # noqa: no-changed-when
-  # possible ambiguous replacement: command : ansible.builtin.command | community.ciscosmb.command | community.routeros.command
-  ansible.builtin.command:
-    cmd: makepkg -fs
-    chdir: "{{ workstation_yay_dir }}"
-  become: true
-  become_user: "{{ workstation_user }}"
-
-- name: install yay package  # noqa: no-changed-when
-  ansible.builtin.shell:
-    cmd: pacman --noconfirm -U *.zst
-    chdir: "{{ workstation_yay_dir }}"
diff --git a/roles/workstation/templates/apm-hibernate b/roles/workstation/templates/apm-hibernate
deleted file mode 100755
index ef90fed..0000000
--- a/roles/workstation/templates/apm-hibernate
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-
-set -x -e
-
-pkill -USR1 xidle
diff --git a/roles/workstation/templates/apm-resume b/roles/workstation/templates/apm-resume
deleted file mode 100755
index 18397b4..0000000
--- a/roles/workstation/templates/apm-resume
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/sh
-
-set -x -e
-
-sleep 3
-
-sh /etc/netstart iwn0
-
-wg_interfaces=$(find /etc/wireguard -type f | sed 's/\.conf$//g')
-for wg_interface in ${wg_interfaces}; do
-	wg_interface=$(basename "${wg_interface}")
-	wg-quick down "${wg_interface}"
-	wg-quick up "${wg_interface}"
-done
-
-rcctl -d restart pcscd
diff --git a/roles/workstation/templates/apm-suspend b/roles/workstation/templates/apm-suspend
deleted file mode 100755
index ef90fed..0000000
--- a/roles/workstation/templates/apm-suspend
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-
-set -x -e
-
-pkill -USR1 xidle
diff --git a/roles/workstation/templates/docker-daemon.json.j2 b/roles/workstation/templates/docker-daemon.json.j2
deleted file mode 100644
index 2952d24..0000000
--- a/roles/workstation/templates/docker-daemon.json.j2
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-  "default-address-pools" : [
-    {
-      "base" : "172.240.0.0/16",
-      "size" : 24
-    }
-  ]
-}
diff --git a/roles/workstation/templates/ssh.config.j2 b/roles/workstation/templates/ssh.config.j2
deleted file mode 100644
index 2a3a903..0000000
--- a/roles/workstation/templates/ssh.config.j2
+++ /dev/null
@@ -1,17 +0,0 @@
-# managed by Ansible
-{% import 'macros.j2' as macros with context %}
-
-{% call(h) macros.loop_valid_hosts("all") %}
-{% set command = "pgrep wg && ! ping -c 1 -w 1 %s" % h.__ip.external %}
-Match originalHost {{ h.inventory_hostname }} exec "{{ command }}"
-	HostName {{ h.__ip.internal }}
-{% if h.ansible_port is defined %}
-	Port {{ h.ansible_port }}
-{% endif %}
-Match originalHost {{ h.inventory_hostname }}
-	HostName {{ h.__ip.external }}
-{% if h.ansible_port is defined %}
-	Port {{ h.ansible_port }}
-{% endif %}
-
-{% endcall %}
diff --git a/roles/workstation/templates/xorg-intel.conf b/roles/workstation/templates/xorg-intel.conf
deleted file mode 100644
index 5d73c65..0000000
--- a/roles/workstation/templates/xorg-intel.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-
-# disable tearscreen for Xenocara on OpenBSD
-# managed by Ansible
-
-Section "Device"
-	Identifier "drm"
-	Driver "intel"
-	Option "TearFree" "true"
-EndSection
diff --git a/roles/workstation/vars/os_archlinux.yml b/roles/workstation/vars/os_archlinux.yml
deleted file mode 100644
index 5c19257..0000000
--- a/roles/workstation/vars/os_archlinux.yml
+++ /dev/null
@@ -1,67 +0,0 @@
-workstation_pkgs:
-  - acpi
-  - alsa-tools
-  - base-devel
-  - bc
-  - bind
-  - diffoscope
-  - clang
-  - easyeffects
-  - entr
-  - firefox
-  - go
-  - go-tools
-  - gopls
-  - httpie
-  - imagemagick
-  - inetutils
-  - libvirt
-  - light
-  - luarocks
-  - man-db
-  - nfs-utils
-  - noto-fonts-emoji
-  - npm
-  - obs-studio
-  - openbsd-netcat
-  - opendoas
-  - pamixer
-  - pavucontrol
-  - pcsc-tools
-  - pdfjs-legacy
-  - postgresql
-  - pyenv
-  - python-debugpy
-  - python-netaddr
-  - python-nodeenv
-  - python-pip
-  - python-pipx
-  - python-poetry
-  - python-pynvim
-  - python-qrencode
-  - qemu
-  - shellcheck
-  - signify
-  - sshuttle
-  - strace
-  - stylua
-  - tar
-  - tmux
-  - torbrowser-launcher
-  - traceroute
-  - unrar
-  - vi
-  - wireguard-tools
-  - wireplumber
-  - xf86-input-synaptics
-  - xorg-apps
-  - xorg-server
-  - xorg-xinit
-  - xorg-xwayland
-  - xsecurelock
-  - yadm
-  - yarn
-  - yt-dlp
-  - yubikey-manager
-  - zathura-pdf-mupdf
-  - zk
diff --git a/roles/workstation/vars/os_openbsd.yml b/roles/workstation/vars/os_openbsd.yml
deleted file mode 100644
index da3d206..0000000
--- a/roles/workstation/vars/os_openbsd.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-workstation_pkgs:
-  - docker-cli
-  - gomuks
-  - mozilla-firefox
-  - pcsc-lite
-  - pcsc-tools
-  - py-httpie
-  - py3-neovim
-  - py3-netaddr
-  - py3-pip
-  - tor-browser
-  - wireguard-tools
-- 
cgit v1.2.3