From 030b8ec2915a11eb11e8dfa20161d4afc7508e6b Mon Sep 17 00:00:00 2001
From: Marty Oehme <contact@martyoeh.me>
Date: Sun, 2 Mar 2025 08:49:48 +0100
Subject: [PATCH] ref(inventory): Split up inventory into group vars
One inventory targets a local machine (`inv-local.yaml`, chosen by default)
while the other targets a chrooted installation accessible from another
system, usually in the `/mnt/void` directory (`inv-chroot.yaml`, has to
be called like `ansible-playbook -i inv-chroot.yaml`).
---
.gitignore | 217 ++++++++++++++++++++++++
README.md | 19 ++-
ansible.cfg | 3 +-
group_vars/all/vars.yaml | 11 ++
group_vars/all/vault.yaml | 22 +++
group_vars/desktop.yaml | 19 +++
group_vars/headless.yaml | 63 +++++++
inv-chroot.yaml | 25 +++
inv-local.yaml | 23 +++
inventory.yaml | 121 -------------
inventory_local.yaml | 141 ---------------
roles/user/{vars => defaults}/main.yaml | 0
12 files changed, 399 insertions(+), 265 deletions(-)
create mode 100644 .gitignore
create mode 100644 group_vars/all/vars.yaml
create mode 100644 group_vars/all/vault.yaml
create mode 100644 group_vars/desktop.yaml
create mode 100644 group_vars/headless.yaml
create mode 100644 inv-chroot.yaml
create mode 100644 inv-local.yaml
delete mode 100644 inventory.yaml
delete mode 100644 inventory_local.yaml
rename roles/user/{vars => defaults}/main.yaml (100%)
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..6ba3147
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,217 @@
+# Created by https://www.toptal.com/developers/gitignore/api/-f,python,linux,vim,markdown,ansible
+# Edit at https://www.toptal.com/developers/gitignore?templates=-f,python,linux,vim,markdown,ansible
+/vault-pass
+
+### Ansible ###
+*.retry
+
+### Linux ###
+*~
+
+# temporary files which can be created if a process still has a handle open of a deleted file
+.fuse_hidden*
+
+# KDE directory preferences
+.directory
+
+# Linux trash folder which might appear on any partition or disk
+.Trash-*
+
+# .nfs files are created when an open file is removed but is still being accessed
+.nfs*
+
+#!! ERROR: markdown is undefined. Use list command to see defined gitignore types !!#
+
+### Python ###
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+# Usually these files are written by a python script from a template
+# before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+# For a library or package, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+# However, in case of collaboration, if having platform-specific dependencies or dependencies
+# having no cross-platform support, pipenv may install dependencies that don't work, or not
+# install all needed dependencies.
+#Pipfile.lock
+
+# poetry
+# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+# This is especially recommended for binary packages to ensure reproducibility, and is more
+# commonly ignored for libraries.
+# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+#poetry.lock
+
+# pdm
+# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
+#pdm.lock
+# pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
+# in version control.
+# https://pdm.fming.dev/#use-with-ide
+.pdm.toml
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+# PyCharm
+# JetBrains specific template is maintained in a separate JetBrains.gitignore that can
+# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
+# and can be added to the global gitignore or merged into this file. For a more nuclear
+# option (not recommended) you can uncomment the following to ignore the entire idea folder.
+#.idea/
+
+### Python Patch ###
+# Poetry local configuration file - https://python-poetry.org/docs/configuration/#local-configuration
+poetry.toml
+
+# ruff
+.ruff_cache/
+
+# LSP config files
+pyrightconfig.json
+
+### Vim ###
+# Swap
+[._]*.s[a-v][a-z]
+!*.svg # comment out if you don't need vector files
+[._]*.sw[a-p]
+[._]s[a-rt-v][a-z]
+[._]ss[a-gi-z]
+[._]sw[a-p]
+
+# Session
+Session.vim
+Sessionx.vim
+
+# Temporary
+.netrwhist
+# Auto-generated tag files
+tags
+# Persistent undo
+[._]*.un~
+
+# End of https://www.toptal.com/developers/gitignore/api/-f,python,linux,vim,markdown,ansible
diff --git a/README.md b/README.md
index aa53d0f..d8bcd52 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,22 @@
# Install void linux from arch linux
-Uses btrfs subvolumes, chroot and the void linux root tarball.
-This is primarily made for _my_ setup to quickly get void linux up and running for playing around with stuff.
+Uses btrfs subvolumes, chroot and the void linux root tarball for a full
+installation. Can be used for a local system to keep it up-to-date and enable a
+whole bunch of services for a full wayland workstation experience. This is
+primarily made for _my_ setup to quickly get void linux up and running for
+playing around with stuff.
+
+## Usage
+
+Currently the playbook defaults to keeping a 'local' system configured.
+That means, you are running ansible on a void installation and it will operate on the local system itself.
+
+To run like that just invoke `(sudo) ansible-playbook play.yaml`
+or `(sudo) ansible-playbook play.yaml --tags=backup`
+to run a specific tag.
+
+To run a _full_ installation from an arch host system to a btrfs subvolume (through a void tarball)
+run `(sudo) ansible-playbook -i inv-chroot.yaml play.yaml`, or a tagged version.
## Roadmap
diff --git a/ansible.cfg b/ansible.cfg
index bcc2050..4b465ef 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,2 +1,3 @@
[defaults]
-inventory=inventory.yaml
+inventory=inv-local.yaml
+vault_password_file = vault-pass
diff --git a/group_vars/all/vars.yaml b/group_vars/all/vars.yaml
new file mode 100644
index 0000000..6dafd2e
--- /dev/null
+++ b/group_vars/all/vars.yaml
@@ -0,0 +1,11 @@
+---
+restic_repository: "{{ vault_restic_repository }}"
+restic_password: "{{ vault_restic_password }}"
+restic_s3_id: "{{ vault_restic_s3_id }}"
+restic_s3_key: "{{ vault_restic_s3_key }}"
+
+desired_package_state: latest
+user_name: "{{ vault_user_name }}"
+user_pass: "{{ vault_user_pass }}"
+user_pass_salt: "{{ vault_user_pass_salt }}"
+user_shell: zsh
diff --git a/group_vars/all/vault.yaml b/group_vars/all/vault.yaml
new file mode 100644
index 0000000..225958a
--- /dev/null
+++ b/group_vars/all/vault.yaml
@@ -0,0 +1,22 @@
+$ANSIBLE_VAULT;1.1;AES256
+38303561343934626363616162303635316437313931306262313733316433373335663336343433
+3963333661613634366462666366326338346538393237310a663635373838356637303464383262
+30313034333137313466393963373237336461316530386365383530613533616461396164393937
+6135316435636638630a363864303133353137633066336138616133316164346530623035303433
+34316338363065666463363162663334333762353832373834666366346639646438663936303231
+34646435336335393039343130666338663762643535343139396638306164666566653632336432
+30373232626333363530343433326364353061663239623236666436373839383137363536623236
+66306330333636303166383737653435636537353630356634353161303834646438316330393061
+61323366333530356235663763366361353538613764353561623934366237356363323834393535
+66383765636233353831346434323139303562323030616637653136383536363130346662393139
+37623439646535653061383963303465653739626331383861616235363564663961323964663938
+31666339363166353532336239393735623337376162363633373062653261663936666535383833
+38376330636536376631613134323439383465666439643930386335346533383434386637383765
+37383033373235653765623531626531623035636665616162653865386361343465656638303664
+66326164663631353035383636383536323032666263303636613065656564653766363162623063
+35336131373238373135633738363030636665336631653039393561626436623166326434643638
+63383230613364333736356434626330373861353635333463343365666162373038643965383361
+66356463663161303861366363363066623862623733333131636535333865623035363738383134
+36643937383731626366383432366632366332393066356561643363313435653236313139646365
+65313061626361663431326236346131346561646439353036316532613562343166343738616331
+3834
diff --git a/group_vars/desktop.yaml b/group_vars/desktop.yaml
new file mode 100644
index 0000000..260f336
--- /dev/null
+++ b/group_vars/desktop.yaml
@@ -0,0 +1,19 @@
+fonts:
+ - nerd-fonts-otf
+ - noto-fonts-ttf
+ - noto-fonts-cjk
+ - noto-fonts-emoji
+packages_de:
+ - bemenu
+ - pinentry-bemenu
+ - clipman
+ - grim
+ - kanshi
+ - mako
+ - slurp
+ - waylock
+packages_gui:
+ - gimp
+ - qutebrowser
+ - sioyek
+ - wdisplays
diff --git a/group_vars/headless.yaml b/group_vars/headless.yaml
new file mode 100644
index 0000000..d02d579
--- /dev/null
+++ b/group_vars/headless.yaml
@@ -0,0 +1,63 @@
+packages_terminal:
+ - abduco
+ - ansible # FIXME: not in other inventory, see how to deduplicate to keep DRY
+ - atuin
+ - autofs
+ - bat
+ - bc
+ - bottom
+ - brightnessctl
+ - chafa
+ - docker
+ - docker-compose
+ - docx2txt
+ - duf
+ - dust
+ - entr
+ - eza
+ - fd
+ - flavours # TODO: To be replaced with tinty
+ - fwupd
+ - gallery-dl
+ - git-lfs
+ - htop
+ - iftop
+ - jrnl
+ - khal
+ - khard
+ - moreutils
+ - msmtp
+ - neomutt
+ - neovim
+ - newsboat
+ - nushell
+ - papis
+ - pass
+ - pdftk
+ - podman
+ - restic
+ - ripgrep
+ - sc-im
+ - snooze
+ - starship
+ - swaybg
+ - swayidle
+ - task
+ - tasksh
+ - tectonic
+ - thermald
+ - timewarrior
+ - topgrade
+ - uv
+ - vdirsyncer
+ - vifm
+ - visidata
+ - wezterm
+ - wlopm
+ - wlsunset
+ - wtype
+ - yt-dlp
+ - zk
+ - zoxide
+ - zr # zsh plugin manager
+ - zsh
diff --git a/inv-chroot.yaml b/inv-chroot.yaml
new file mode 100644
index 0000000..8de259c
--- /dev/null
+++ b/inv-chroot.yaml
@@ -0,0 +1,25 @@
+---
+target_system:
+ children:
+ chroot_target:
+ hosts:
+ void_chrooted:
+ ansible_host: /mnt/void
+ ansible_connection: community.general.chroot
+ ansible_chroot_exe: arch-chroot
+
+hostsystem:
+ children:
+ local_host:
+ hosts:
+ arch_local:
+ ansible_host: 127.0.0.1
+ ansible_connection: ansible.builtin.local
+
+# example separation of packages: GUIs and DEs in workstation, only terminal in headless
+workstation:
+ children:
+ target_system: # mark this the current target system
+
+headless:
+ children:
diff --git a/inv-local.yaml b/inv-local.yaml
new file mode 100644
index 0000000..197eb83
--- /dev/null
+++ b/inv-local.yaml
@@ -0,0 +1,23 @@
+---
+target_system:
+ children:
+ local_target:
+ hosts:
+ void_local:
+ ansible_host: 127.0.0.1
+ ansible_connection: ansible.builtin.local
+
+hostsystem:
+
+# example separation of packages: GUIs and DEs in workstation, only terminal in headless
+workstation:
+ children:
+ target_system: # mark this the current target system
+
+headless:
+ children:
+ workstation:
+
+desktop:
+ children:
+ workstation:
diff --git a/inventory.yaml b/inventory.yaml
deleted file mode 100644
index 6872282..0000000
--- a/inventory.yaml
+++ /dev/null
@@ -1,121 +0,0 @@
-# example separation of packages: GUIs and DEs in workstation, only terminal in headless
-workstation:
- children:
- target_system: # mark this the current target system
-
-headless:
- children:
-
-target_system:
- children:
- chroot_target:
- vars:
- desired_package_state: latest
-
-hostsystem:
- hosts:
- 127.0.0.1:
- ansible_connection: local
-
-chroot_target:
- hosts:
- void_chrooted:
- ansible_host: /mnt/void
- ansible_connection: community.general.chroot
- ansible_chroot_exe: arch-chroot
-
-local_target:
- hosts:
- void_local:
- ansible_host: 127.0.0.1
-
-interface:
- children:
- workstation:
- vars:
- fonts:
- - nerd-fonts-otf
- - noto-fonts-ttf
- - noto-fonts-cjk
- - noto-fonts-emoji
- packages_de:
- - bemenu
- - pinentry-bemenu
- - clipman
- - grim
- - kanshi
- - mako
- - slurp
- - waylock
- packages_gui:
- - gimp
- - qutebrowser
- - sioyek
- - wdisplays
-
-terminal:
- children:
- workstation:
- headless:
- vars:
- packages_terminal:
- - abduco
- - atuin
- - autofs
- - bat
- - bc
- - bottom
- - brightnessctl
- - chafa
- - docker
- - docker-compose
- - docx2txt
- - duf
- - dust
- - entr
- - eza
- - fd
- - flavours # TODO: To be replaced with tinty
- - fwupd
- - gallery-dl
- - git-lfs
- - htop
- - iftop
- - jrnl
- - khal
- - khard
- - moreutils
- - msmtp
- - neomutt
- - neovim
- - newsboat
- - nushell
- - papis
- - pass
- - pdftk
- - podman
- - restic
- - ripgrep
- - sc-im
- - starship
- - swaybg
- - swayidle
- - task
- - tasksh
- - tectonic
- - thermald
- - timewarrior
- - topgrade
- - uv
- - vdirsyncer
- - vifm
- - visidata
- - wezterm
- - wlopm
- - wlsunset
- - wtype
- - yt-dlp
- - zk
- - zoxide
- - zr # zsh plugin manager
- - zsh
diff --git a/inventory_local.yaml b/inventory_local.yaml
deleted file mode 100644
index 6c7d95d..0000000
--- a/inventory_local.yaml
+++ /dev/null
@@ -1,141 +0,0 @@
-all:
- vars:
- user_name: voidboi
- user_pass: voidlinux
- user_shell: zsh
- user_groups:
- - wheel
- - _seatd # TODO: This will error if it does not exist? (seatd not installed)
- - dialout
- - disk
- - input
- - kvm
- - lp
- - plugdev
- - scanner
- - storage
- - usbmon
-
-# example separation of packages: GUIs and DEs in workstation, only terminal in headless
-workstation:
- children:
- target_system: # mark this the current target system
-
-headless:
- children:
-
-target_system:
- children:
- local_target:
- vars:
- desired_package_state: latest
- user_name: marty
- user_pass: marty
-
-hostsystem:
-
-chroot_target:
- hosts:
- void_chrooted:
- ansible_host: /mnt/void
- ansible_connection: community.general.chroot
- ansible_chroot_exe: arch-chroot
-
-local_target:
- hosts:
- void_local:
- ansible_host: 127.0.0.1
- ansible_connection: ansible.builtin.local
-
-interface:
- children:
- workstation:
- vars:
- fonts:
- - nerd-fonts-otf
- - noto-fonts-ttf
- - noto-fonts-cjk
- - noto-fonts-emoji
- packages_de:
- - bemenu
- - pinentry-bemenu
- - clipman
- - grim
- - kanshi
- - mako
- - slurp
- - waylock
- packages_gui:
- - gimp
- - qutebrowser
- - sioyek
- - wdisplays
-
-terminal:
- children:
- workstation:
- headless:
- vars:
- packages_terminal:
- - abduco
- - ansible # FIXME: not in other inventory, see how to deduplicate to keep DRY
- - atuin
- - autofs
- - bat
- - bc
- - bottom
- - brightnessctl
- - chafa
- - docker
- - docker-compose
- - docx2txt
- - duf
- - dust
- - entr
- - eza
- - fd
- - flavours # TODO: To be replaced with tinty
- - fwupd
- - gallery-dl
- - git-lfs
- - htop
- - iftop
- - jrnl
- - khal
- - khard
- - moreutils
- - msmtp
- - neomutt
- - neovim
- - newsboat
- - nushell
- - papis
- - pass
- - pdftk
- - podman
- - restic
- - ripgrep
- - sc-im
- - snooze
- - starship
- - swaybg
- - swayidle
- - task
- - tasksh
- - tectonic
- - thermald
- - timewarrior
- - topgrade
- - uv
- - vdirsyncer
- - vifm
- - visidata
- - wezterm
- - wlopm
- - wlsunset
- - wtype
- - yt-dlp
- - zk
- - zoxide
- - zr # zsh plugin manager
- - zsh
diff --git a/roles/user/vars/main.yaml b/roles/user/defaults/main.yaml
similarity index 100%
rename from roles/user/vars/main.yaml
rename to roles/user/defaults/main.yaml