void/system
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ref(inventory): Split up inventory into group vars

Browse source 
One inventory targets a local machine (`inv-local.yaml`, chosen by default)
while the other targets a chrooted installation accessible from another
system, usually in the `/mnt/void` directory (`inv-chroot.yaml`, has to
be called like `ansible-playbook -i inv-chroot.yaml`).
This commit is contained in:
Marty Oehme 2025-03-02 08:49:48 +01:00
parent 19162e2af3
commit 030b8ec291
Signed by: Marty
GPG key ID: 4E535BC19C61886E
12 changed files with 399 additions and 265 deletions

217
.gitignore vendored Normal file
View file

@ -0,0 +1,217 @@
# Created by https://www.toptal.com/developers/gitignore/api/-f,python,linux,vim,markdown,ansible
# Edit at https://www.toptal.com/developers/gitignore?templates=-f,python,linux,vim,markdown,ansible
/vault-pass
### Ansible ###
*.retry
### Linux ###
*~
# temporary files which can be created if a process still has a handle open of a deleted file
.fuse_hidden*
# KDE directory preferences
.directory
# Linux trash folder which might appear on any partition or disk
.Trash-*
# .nfs files are created when an open file is removed but is still being accessed
.nfs*
#!! ERROR: markdown is undefined. Use list command to see defined gitignore types !!#
### Python ###
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class
# C extensions
*.so
# Distribution / packaging
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
share/python-wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST
# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec
# Installer logs
pip-log.txt
pip-delete-this-directory.txt
# Unit test / coverage reports
htmlcov/
.tox/
.nox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
*.py,cover
.hypothesis/
.pytest_cache/
cover/
# Translations
*.mo
*.pot
# Django stuff:
*.log
local_settings.py
db.sqlite3
db.sqlite3-journal
# Flask stuff:
instance/
.webassets-cache
# Scrapy stuff:
.scrapy
# Sphinx documentation
docs/_build/
# PyBuilder
.pybuilder/
target/
# Jupyter Notebook
.ipynb_checkpoints
# IPython
profile_default/
ipython_config.py
# pyenv
# For a library or package, you might want to ignore these files since the code is
# intended to run in multiple environments; otherwise, check them in:
# .python-version
# pipenv
# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
# However, in case of collaboration, if having platform-specific dependencies or dependencies
# having no cross-platform support, pipenv may install dependencies that don't work, or not
# install all needed dependencies.
#Pipfile.lock
# poetry
# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
# This is especially recommended for binary packages to ensure reproducibility, and is more
# commonly ignored for libraries.
# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
#poetry.lock
# pdm
# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
#pdm.lock
# pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
# in version control.
# https://pdm.fming.dev/#use-with-ide
.pdm.toml
# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
__pypackages__/
# Celery stuff
celerybeat-schedule
celerybeat.pid
# SageMath parsed files
*.sage.py
# Environments
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/
# Spyder project settings
.spyderproject
.spyproject
# Rope project settings
.ropeproject
# mkdocs documentation
/site
# mypy
.mypy_cache/
.dmypy.json
dmypy.json
# Pyre type checker
.pyre/
# pytype static type analyzer
.pytype/
# Cython debug symbols
cython_debug/
# PyCharm
# JetBrains specific template is maintained in a separate JetBrains.gitignore that can
# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
# and can be added to the global gitignore or merged into this file. For a more nuclear
# option (not recommended) you can uncomment the following to ignore the entire idea folder.
#.idea/
### Python Patch ###
# Poetry local configuration file - https://python-poetry.org/docs/configuration/#local-configuration
poetry.toml
# ruff
.ruff_cache/
# LSP config files
pyrightconfig.json
### Vim ###
# Swap
[._]*.s[a-v][a-z]
!*.svg # comment out if you don't need vector files
[._]*.sw[a-p]
[._]s[a-rt-v][a-z]
[._]ss[a-gi-z]
[._]sw[a-p]
# Session
Session.vim
Sessionx.vim
# Temporary
.netrwhist
# Auto-generated tag files
tags
# Persistent undo
[._]*.un~
# End of https://www.toptal.com/developers/gitignore/api/-f,python,linux,vim,markdown,ansible

19
README.md
View file

@ -1,7 +1,22 @@
# Install void linux from arch linux
Uses btrfs subvolumes, chroot and the void linux root tarball.
This is primarily made for _my_ setup to quickly get void linux up and running for playing around with stuff.
Uses btrfs subvolumes, chroot and the void linux root tarball for a full
installation. Can be used for a local system to keep it up-to-date and enable a
whole bunch of services for a full wayland workstation experience. This is
primarily made for _my_ setup to quickly get void linux up and running for
playing around with stuff.
## Usage
Currently the playbook defaults to keeping a 'local' system configured.
That means, you are running ansible on a void installation and it will operate on the local system itself.
To run like that just invoke `(sudo) ansible-playbook play.yaml`
or `(sudo) ansible-playbook play.yaml --tags=backup`
to run a specific tag.
To run a _full_ installation from an arch host system to a btrfs subvolume (through a void tarball)
run `(sudo) ansible-playbook -i inv-chroot.yaml play.yaml`, or a tagged version.
## Roadmap

3
ansible.cfg
View file

@ -1,2 +1,3 @@
[defaults]
inventory=inventory.yaml
inventory=inv-local.yaml
vault_password_file = vault-pass

11
group_vars/all/vars.yaml Normal file
View file

@ -0,0 +1,11 @@
---
restic_repository: "{{ vault_restic_repository }}"
restic_password: "{{ vault_restic_password }}"
restic_s3_id: "{{ vault_restic_s3_id }}"
restic_s3_key: "{{ vault_restic_s3_key }}"
desired_package_state: latest
user_name: "{{ vault_user_name }}"
user_pass: "{{ vault_user_pass }}"
user_pass_salt: "{{ vault_user_pass_salt }}"
user_shell: zsh

22
group_vars/all/vault.yaml Normal file
View file

@ -0,0 +1,22 @@
$ANSIBLE_VAULT;1.1;AES256
38303561343934626363616162303635316437313931306262313733316433373335663336343433
3963333661613634366462666366326338346538393237310a663635373838356637303464383262
30313034333137313466393963373237336461316530386365383530613533616461396164393937
6135316435636638630a363864303133353137633066336138616133316164346530623035303433
34316338363065666463363162663334333762353832373834666366346639646438663936303231
34646435336335393039343130666338663762643535343139396638306164666566653632336432
30373232626333363530343433326364353061663239623236666436373839383137363536623236
66306330333636303166383737653435636537353630356634353161303834646438316330393061
61323366333530356235663763366361353538613764353561623934366237356363323834393535
66383765636233353831346434323139303562323030616637653136383536363130346662393139
37623439646535653061383963303465653739626331383861616235363564663961323964663938
31666339363166353532336239393735623337376162363633373062653261663936666535383833
38376330636536376631613134323439383465666439643930386335346533383434386637383765
37383033373235653765623531626531623035636665616162653865386361343465656638303664
66326164663631353035383636383536323032666263303636613065656564653766363162623063
35336131373238373135633738363030636665336631653039393561626436623166326434643638
63383230613364333736356434626330373861353635333463343365666162373038643965383361
66356463663161303861366363363066623862623733333131636535333865623035363738383134
36643937383731626366383432366632366332393066356561643363313435653236313139646365
65313061626361663431326236346131346561646439353036316532613562343166343738616331
3834

19
group_vars/desktop.yaml Normal file
View file

@ -0,0 +1,19 @@
fonts:
- nerd-fonts-otf
- noto-fonts-ttf
- noto-fonts-cjk
- noto-fonts-emoji
packages_de:
- bemenu
- pinentry-bemenu
- clipman
- grim
- kanshi
- mako
- slurp
- waylock
packages_gui:
- gimp
- qutebrowser
- sioyek
- wdisplays

63
group_vars/headless.yaml Normal file
View file

@ -0,0 +1,63 @@
packages_terminal:
- abduco
- ansible # FIXME: not in other inventory, see how to deduplicate to keep DRY
- atuin
- autofs
- bat
- bc
- bottom
- brightnessctl
- chafa
- docker
- docker-compose
- docx2txt
- duf
- dust
- entr
- eza
- fd
- flavours # TODO: To be replaced with tinty
- fwupd
- gallery-dl
- git-lfs
- htop
- iftop
- jrnl
- khal
- khard
- moreutils
- msmtp
- neomutt
- neovim
- newsboat
- nushell
- papis
- pass
- pdftk
- podman
- restic
- ripgrep
- sc-im
- snooze
- starship
- swaybg
- swayidle
- task
- tasksh
- tectonic
- thermald
- timewarrior
- topgrade
- uv
- vdirsyncer
- vifm
- visidata
- wezterm
- wlopm
- wlsunset
- wtype
- yt-dlp
- zk
- zoxide
- zr # zsh plugin manager
- zsh

25
inv-chroot.yaml Normal file
View file

@ -0,0 +1,25 @@
---
target_system:
children:
chroot_target:
hosts:
void_chrooted:
ansible_host: /mnt/void
ansible_connection: community.general.chroot
ansible_chroot_exe: arch-chroot
hostsystem:
children:
local_host:
hosts:
arch_local:
ansible_host: 127.0.0.1
ansible_connection: ansible.builtin.local
# example separation of packages: GUIs and DEs in workstation, only terminal in headless
workstation:
children:
target_system: # mark this the current target system
headless:
children:

23
inv-local.yaml Normal file
View file

@ -0,0 +1,23 @@
---
target_system:
children:
local_target:
hosts:
void_local:
ansible_host: 127.0.0.1
ansible_connection: ansible.builtin.local
hostsystem:
# example separation of packages: GUIs and DEs in workstation, only terminal in headless
workstation:
children:
target_system: # mark this the current target system
headless:
children:
workstation:
desktop:
children:
workstation:

121
inventory.yaml
View file

@ -1,121 +0,0 @@
# example separation of packages: GUIs and DEs in workstation, only terminal in headless
workstation:
children:
target_system: # mark this the current target system
headless:
children:
target_system:
children:
chroot_target:
vars:
desired_package_state: latest
hostsystem:
hosts:
127.0.0.1:
ansible_connection: local
chroot_target:
hosts:
void_chrooted:
ansible_host: /mnt/void
ansible_connection: community.general.chroot
ansible_chroot_exe: arch-chroot
local_target:
hosts:
void_local:
ansible_host: 127.0.0.1
interface:
children:
workstation:
vars:
fonts:
- nerd-fonts-otf
- noto-fonts-ttf
- noto-fonts-cjk
- noto-fonts-emoji
packages_de:
- bemenu
- pinentry-bemenu
- clipman
- grim
- kanshi
- mako
- slurp
- waylock
packages_gui:
- gimp
- qutebrowser
- sioyek
- wdisplays
terminal:
children:
workstation:
headless:
vars:
packages_terminal:
- abduco
- atuin
- autofs
- bat
- bc
- bottom
- brightnessctl
- chafa
- docker
- docker-compose
- docx2txt
- duf
- dust
- entr
- eza
- fd
- flavours # TODO: To be replaced with tinty
- fwupd
- gallery-dl
- git-lfs
- htop
- iftop
- jrnl
- khal
- khard
- moreutils
- msmtp
- neomutt
- neovim
- newsboat
- nushell
- papis
- pass
- pdftk
- podman
- restic
- ripgrep
- sc-im
- starship
- swaybg
- swayidle
- task
- tasksh
- tectonic
- thermald
- timewarrior
- topgrade
- uv
- vdirsyncer
- vifm
- visidata
- wezterm
- wlopm
- wlsunset
- wtype
- yt-dlp
- zk
- zoxide
- zr # zsh plugin manager
- zsh

141
inventory_local.yaml
View file

@ -1,141 +0,0 @@
all:
vars:
user_name: voidboi
user_pass: voidlinux
user_shell: zsh
user_groups:
- wheel
- _seatd # TODO: This will error if it does not exist? (seatd not installed)
- dialout
- disk
- input
- kvm
- lp
- plugdev
- scanner
- storage
- usbmon
# example separation of packages: GUIs and DEs in workstation, only terminal in headless
workstation:
children:
target_system: # mark this the current target system
headless:
children:
target_system:
children:
local_target:
vars:
desired_package_state: latest
user_name: marty
user_pass: marty
hostsystem:
chroot_target:
hosts:
void_chrooted:
ansible_host: /mnt/void
ansible_connection: community.general.chroot
ansible_chroot_exe: arch-chroot
local_target:
hosts:
void_local:
ansible_host: 127.0.0.1
ansible_connection: ansible.builtin.local
interface:
children:
workstation:
vars:
fonts:
- nerd-fonts-otf
- noto-fonts-ttf
- noto-fonts-cjk
- noto-fonts-emoji
packages_de:
- bemenu
- pinentry-bemenu
- clipman
- grim
- kanshi
- mako
- slurp
- waylock
packages_gui:
- gimp
- qutebrowser
- sioyek
- wdisplays
terminal:
children:
workstation:
headless:
vars:
packages_terminal:
- abduco
- ansible # FIXME: not in other inventory, see how to deduplicate to keep DRY
- atuin
- autofs
- bat
- bc
- bottom
- brightnessctl
- chafa
- docker
- docker-compose
- docx2txt
- duf
- dust
- entr
- eza
- fd
- flavours # TODO: To be replaced with tinty
- fwupd
- gallery-dl
- git-lfs
- htop
- iftop
- jrnl
- khal
- khard
- moreutils
- msmtp
- neomutt
- neovim
- newsboat
- nushell
- papis
- pass
- pdftk
- podman
- restic
- ripgrep
- sc-im
- snooze
- starship
- swaybg
- swayidle
- task
- tasksh
- tectonic
- thermald
- timewarrior
- topgrade
- uv
- vdirsyncer
- vifm
- visidata
- wezterm
- wlopm
- wlsunset
- wtype
- yt-dlp
- zk
- zoxide
- zr # zsh plugin manager
- zsh

0
roles/user/vars/main.yaml → roles/user/defaults/main.yaml
View file