void/system
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ref(playbook): Change to role-based structure

Browse source
This commit is contained in:
Marty Oehme 2025-02-28 20:57:34 +01:00
parent 95fd68bed8
commit b3b280fbe4
Signed by: Marty
GPG key ID: 4E535BC19C61886E
39 changed files with 635 additions and 601 deletions
books
void_base.yamlvoid_network.yamlvoid_packages.yamlvoid_user.yamlvoid_wayland.yaml
play.yaml
roles
backup
files
snapper-snap-script
tasks
main.yamlsnapper.yaml
templates/snapper-configurations
home.j2root.j2
vars
main.yaml
base
handlers
main.yaml
tasks
main.yaml
templates
hostname.j2
vars
main.yaml
bluetooth/tasks
main.yaml
display_manager
tasks
main.yaml
templates
greetd-config.toml.j2
vars
main.yaml
fonts
handlers
main.yaml
tasks
main.yaml
gnupg/tasks
main.yaml
host
defaults
main.yml
tasks
main.yaml
keyd
files
default.conf
tasks
main.yaml
network
tasks
main.yamlwireless.yaml
vars
main.yaml
packages/tasks
main.yaml
pipewire
tasks
main.yaml
vars
main.yaml
power
tasks
main.yaml
vars
main.yaml
user
tasks
main.yaml
vars
main.yaml
wayland
files
runit.conf
tasks
main.yaml

257
books/void_base.yaml
View file

@ -1,257 +0,0 @@
- name: Install void base system
hosts: target_system
become: true
tasks:
# Prefer booster to dracut so make sure to never install it
- name: Ignore dracut
ansible.builtin.lineinfile:
path: /etc/xbps.d/ignore-dracut.conf
line: ignorepkg=dracut
state: present
create: true # create file if absent
- name: Update xbps and system
community.general.xbps:
name:
- xbps
state: latest
update_cache: true
upgrade: true
- name: Install Base system
community.general.xbps:
name:
- base-system
state: present
- name: Get rid of temporary container metapackage
community.general.xbps:
name:
- base-container-full
state: absent
- name: Install booster
community.general.xbps:
name: booster
state: present
notify: installed-booster
handlers:
- name: List kernel module dirs
ansible.builtin.find:
paths: "/usr/lib/modules"
file_type: directory
register: found_kernels
listen: installed-booster
- name: Find kernels
ansible.builtin.set_fact:
kernel_list: "{{ found_kernels['files'] | map(attribute='path') | map('regex_replace', '^.*/(.*)$', '\\1') | list }}"
listen: installed-booster
- name: Create booster initramfs
vars:
fname: /boot/booster-void
ansible.builtin.command:
argv:
- booster
- --verbose
- build
- --kernel-version={{ item }}
- "{{ fname }}-{{ item }}.img"
creates: "{{ fname }}-{{ item }}.img"
loop: "{{ kernel_list }}"
listen: installed-booster
- name: Configure void base system
hosts: target_system
become: true
vars:
host_name: voider
timezone: Europe/Berlin
locales_enabled:
- en_US.UTF-8 UTF-8
tasks:
- name: Set hostname
ansible.builtin.template:
src: hostname.j2
dest: /etc/hostname
- name: Set timezone
ansible.builtin.file:
path: /etc/localtime
src: /usr/share/zoneinfo/{{ timezone }}
state: link
- name: Check if glibc locales exist
ansible.builtin.stat:
path: /etc/default/libc-locales
register: libc_locales_file
- name: Set correct glibc locales
ansible.builtin.lineinfile:
path: /etc/default/libc-locales
regexp: "^{{ item }}"
line: "{{ item }}"
state: present
create: true
loop: "{{ locales_enabled }}"
when: libc_locales_file.stat.exists
notify: glibc-locales-changed
- name: Set up chrony for NTP management
community.general.xbps:
name:
- chrony
state: present
notify: installed-chrony
- name: Activate acpid service
ansible.builtin.file:
force: "yes"
src: "/etc/sv/acpid"
dest: "/etc/runit/runsvdir/default/acpid"
state: link
handlers:
- name: Regenerate locales
ansible.builtin.command:
argv:
- xbps-reconfigure
- --force
- libc-locales
listen: glibc-locales-changed
- name: Activate chronyd service
ansible.builtin.file:
force: "yes"
src: "/etc/sv/{{ item }}"
dest: "/etc/runit/runsvdir/default/{{ item }}"
state: link
with_items: [chronyd]
listen: installed-chrony
- name: Set up wireless networking
hosts: target_system
become: true
tags:
- wireless
- iwd
tasks:
- name: Install iwd
community.general.xbps:
name:
- iwd
state: present
- name: Activate wireless networking service
ansible.builtin.file:
src: "/etc/sv/iwd"
dest: "/etc/runit/runsvdir/default/iwd"
state: link
- name: Set up snapper backups
hosts: target_system
become: true
tags:
- btrfs
- snapshots
tasks:
- name: Install snapper
community.general.xbps:
name:
- snapper
state: present
notify: installed-snapper
# https://wiki.archlinux.org/title/Snapper#updatedb
- name: Disable updatedb indexing for snapshot directories
ansible.builtin.copy:
content: 'PRUNENAMES = ".snapshots"'
dest: "/etc/updatedb.conf"
owner: root
group: root
mode: 0644
force: true
- name: Ensure snapper configs directory exists
ansible.builtin.file:
dest: "/etc/snapper/configs"
state: directory
recurse: true
- name: Ensure root /.snapshots directory exists
ansible.builtin.file:
dest: "/.snapshots"
state: directory
mode: 0755
- name: Create root backup configuration
ansible.builtin.template:
src: snapper-configurations/root.j2
dest: "/etc/snapper/configs/root"
mode: 0640
force: true # ensure contents are always exact
- name: Ensure home /.snapshots directory exists
ansible.builtin.file:
dest: "/home/.snapshots"
state: directory
mode: 0755
- name: Create homedir backup configuration
ansible.builtin.template:
src: snapper-configurations/home.j2
dest: "/etc/snapper/configs/home"
mode: 0640
force: true
- name: Add snap manual safety command
ansible.builtin.copy:
src: snapper-snap-script
dest: "/usr/bin/snap"
owner: root
group: root
mode: 0755
handlers:
# # Do NOT activate the snapperd service -
# # on systems without elogind I guess? Unsure
# - name: Activate snapper service
# ansible.builtin.file:
# force: "yes"
# src: "/etc/sv/snapperd"
# dest: "/etc/runit/runsvdir/default/snapperd"
# state: link
# listen: installed-snapper
- name: Snapper handler stub
ansible.builtin.debug:
msg: ""
listen: installed-snapper
- name: Set up snooze as cron daemon
hosts: target_system
become: true
tags:
- cron
- snooze
tasks:
- name: Install snooze
community.general.xbps:
name:
- snooze
state: present
- name: Activate snooze cron services
ansible.builtin.file:
force: "yes"
src: "/etc/sv/{{ item }}"
dest: "/etc/runit/runsvdir/default/{{ item }}"
state: link
loop:
- snooze-hourly
- snooze-daily
- snooze-weekly
- snooze-monthly

23
books/void_network.yaml
View file

@ -1,23 +0,0 @@
- name: Set up voidlinux networking
hosts: target_system
become: true
vars:
nameserver1: 9.9.9.9
nameserver2: 9.9.9.10
tasks:
- name: Configure resolv DNS
ansible.builtin.copy:
mode: 0644
dest: "/etc/resolv.conf"
content: |
nameserver {{ nameserver1 }}
nameserver {{ nameserver2 }}
failed_when: false # can't ever fail
- name: Activate dhcp service
ansible.builtin.file:
force: 'yes'
src: "/etc/sv/{{ item }}"
dest: "/etc/runit/runsvdir/default/{{ item }}"
state: link
with_items: [ dhcpcd ]

90
books/void_packages.yaml
View file

@ -1,90 +0,0 @@
- name: Install basic custom void packages
hosts: interface
become: true
tags:
- interface
- packages
tasks:
- name: Set up keyd for custom key events
community.general.xbps:
name:
- keyd
state: "{{ desired_package_state }}"
notify: installed-keyd
- name: Install many fonts
community.general.xbps:
name: "{{ fonts }}"
state: "{{ desired_package_state }}"
notify: installed-fonts
when: fonts
handlers:
- name: Activate keyd service
ansible.builtin.file:
force: "yes"
src: "/etc/sv/{{ item }}"
dest: "/etc/runit/runsvdir/default/{{ item }}"
state: link
with_items: [keyd]
listen: installed-keyd
- name: Regenerate fontconfig
ansible.builtin.command:
argv:
- xbps-reconfigure
- --force
- fontconfig
listen: installed-fonts
- name: Install bluetooth
hosts: target_system
become: true
tags:
- bluetooth
tasks:
- name: Install bluetooth packages
community.general.xbps:
name:
- bluez
state: "{{ desired_package_state }}"
notify: installed-bluetooth
handlers:
- name: Activate bluetooth service
ansible.builtin.file:
force: "yes"
src: "/etc/sv/{{ item }}"
dest: "/etc/runit/runsvdir/default/{{ item }}"
state: link
with_items: [bluetoothd, dbus]
listen: installed-bluetooth
- name: Install gnupg
hosts: target_system
become: true
tags:
- packages
- gpg
tasks:
- name: Install a bunch of base custom stuff
community.general.xbps:
name: [gnupg, gnupg2-scdaemon]
state: "{{ desired_package_state }}"
handlers:
- name: Put user in plugdev group
ansible.builtin.user:
name: "{{ user_name }}"
groups: [plugdev]
append: true
- name: Install basic custom void packages
hosts: target_system
become: true
tags:
- packages
tasks:
- name: Install a bunch of base custom stuff
community.general.xbps:
name: "{{ lookup('community.general.merge_variables', '^packages_.*') }}"
state: "{{ desired_package_state }}"

28
books/void_user.yaml
View file

@ -1,28 +0,0 @@
- name: Set up primary user
hosts: target_system
become: true
tasks:
- name: Ensure user groups all exist
ansible.builtin.group:
name: "{{ item }}"
state: present
loop: "{{ user_groups }}"
- name: Enable sudo for "wheel" group
ansible.builtin.copy:
content: "%wheel ALL=(ALL) ALL"
dest: "/etc/sudoers.d/10-wheel"
owner: root
group: root
mode: 0644
force: true
- name: Add user
ansible.builtin.user:
name: "{{ user_name }}"
password: "{{ user_pass | password_hash('sha512', 'supersecretsalt') }}"
create_home: true
shell: "/bin/{{ user_shell }}"
group: "{{ user_name }}"
groups: "{{ user_groups }}"
generate_ssh_key: true

174
books/void_wayland.yaml
View file

@ -1,174 +0,0 @@
- name: Install void wayland environment
hosts: target_system
become: true
tags: wayland
tasks:
- name: Install intel wayland drivers
community.general.xbps:
name:
- mesa-dri
state: present
- name: Install wayland packages
community.general.xbps:
name:
- dbus
- seatd
- turnstile
state: present
# notify: installed-wayland -> TODO: Use handler? Currently using task below
- name: Activate wayland services
ansible.builtin.file:
force: "yes"
src: "/etc/sv/{{ item }}"
dest: "/etc/runit/runsvdir/default/{{ item }}"
state: link
with_items: [dbus, turnstiled, seatd]
- name: Set user service directory to $HOME/.local/state/service
ansible.builtin.copy:
src: runit.conf
dest: /etc/turnstile/backend/runit.conf
mode: 0644
- name: Install wlr desktop portals
community.general.xbps:
name:
- xdg-desktop-portal
- xdg-desktop-portal-wlr
state: present
tags: desktop-portal
- name: Install qt5 and qt6 wayland libraries
community.general.xbps:
name:
- qt5-wayland
- qt6-wayland
state: present
tags: qt-wayland
- name: Set up display manager
hosts: target_system
become: true
vars:
greeter_user: _greeter
tags:
- wayland
- greetd
- tuigreet
tasks:
- name: Ensure user group for greeter exists
ansible.builtin.group:
name: "{{ greeter_user }}"
state: present
- name: Install greetd and tuigreet
community.general.xbps:
name:
- greetd
- tuigreet
state: present
- name: Set up tuigreet config for greetd
ansible.builtin.template:
src: greetd-config.toml.j2
dest: "/etc/greetd/config.toml"
owner: root
group: root
mode: 0644
force: true
- name: Activate greetd service
ansible.builtin.file:
src: "/etc/sv/greetd"
dest: "/etc/runit/runsvdir/default/greetd"
state: link
- name: Install audio and video for wayland
hosts: target_system
become: true
tags: audio
vars:
audio_groups: [audio, video]
tasks:
- name: Ensure user group for audio/video exists
ansible.builtin.group:
name: "{{ item }}"
state: present
loop: "{{ audio_groups }}"
- name: Put user in audio group
ansible.builtin.user:
name: "{{ user_name }}"
groups: "{{ audio_groups }}"
append: true
- name: Install pipewire
community.general.xbps:
name:
- pipewire
state: present
notify: installed-pipewire
- name: Install pipewire bluetooth
community.general.xbps:
name:
- libspa-bluetooth
state: present
tags: bluetooth
handlers:
- name: Set up wireplumber to auto start
ansible.builtin.file:
dest: "/etc/pipewire/pipewire.conf.d"
state: directory
listen: installed-pipewire
# FIXME: Does not work automatically for some reason?
- name: Set up wireplumber to auto start
ansible.builtin.file:
force: "yes"
src: "/usr/share/examples/wireplumber/10-wireplumber.conf"
dest: "/etc/pipewire/pipewire.conf.d/10-wireplumber.conf"
state: link
listen: installed-pipewire
- name: Enable pipewire-pulse interface
ansible.builtin.file:
force: "yes"
src: "/usr/share/examples/pipewire/20-pipewire-pulse.conf"
dest: "/etc/pipewire/pipewire.conf.d/20-pipewire-pulse.conf"
state: link
listen: installed-pipewire
## TODO: Enable its start in river init script
#
# TODO: Find way to install and enable pipewire-roc-sink module (and enable ~/.config/pipewire/pipewire.conf.d/roc-sink.conf)
- name: Allow user to manage system power
hosts: target_system
become: true
tags:
- power
tasks:
- name: Ensure user group "power" exists
ansible.builtin.group:
name: power
state: present
- name: Put user in power group
ansible.builtin.user:
name: "{{ user_name }}"
groups: [power]
append: true
- name: Enable power management for power group
ansible.builtin.copy:
content: "%power ALL=(ALL) NOPASSWD: /usr/bin/halt, /usr/bin/poweroff, /usr/bin/reboot, /usr/bin/shutdown, /usr/bin/zzz, /usr/bin/ZZZ"
dest: "/etc/sudoers.d/20-power"
owner: root
group: root
mode: 0644
force: true

49
play.yaml
View file

@ -1,6 +1,9 @@
---
- name: Import host tasks
ansible.builtin.import_playbook: books/host.yaml
- name: Prepare host system
hosts: hostsystem
become: true
roles:
- host
# Get python onto void - otherwise we can not interact through ansible
- name: Bootstrap void python
@ -12,17 +15,35 @@
register: python_install
changed_when: "'installed successfully' in python_install.stdout"
- name: Import chroot void base tasks
ansible.builtin.import_playbook: books/void_base.yaml
- name: Set up target system
hosts: target_system
become: true
roles:
- role: base
tags: base
- role: user
tags: user
- role: network
tags: network
- role: backup
tags: backup
- role: keyd
tags: keyd
- name: Import chroot void network tasks
ansible.builtin.import_playbook: books/void_network.yaml
- role: wayland
tags: wayland
- role: display_manager
tags: display_manager
- role: pipewire
tags: pipewire
- role: bluetooth
tags: bluetooth
- role: power
tags: power
- role: gnupg
tags: gnupg
- name: Import chroot void wayland tasks
ansible.builtin.import_playbook: books/void_wayland.yaml
- name: Import chroot user management tasks
ansible.builtin.import_playbook: books/void_user.yaml
- name: Import chroot void customizations
ansible.builtin.import_playbook: books/void_packages.yaml
- role: fonts
tags: fonts
- role: packages
tags: packages

0
books/files/snapper-snap-script → roles/backup/files/snapper-snap-script
View file

5
roles/backup/tasks/main.yaml Normal file
View file

@ -0,0 +1,5 @@
- name: Set up snapper snapshots
import_tasks: snapper.yaml
tags:
- btrfs
- snapshots

67
roles/backup/tasks/snapper.yaml Normal file
View file

@ -0,0 +1,67 @@
- name: Install snapper
community.general.xbps:
name:
- snapper
state: present
# https://wiki.archlinux.org/title/Snapper#updatedb
- name: Disable updatedb indexing for snapshot directories
ansible.builtin.copy:
content: 'PRUNENAMES = ".snapshots"'
dest: "/etc/updatedb.conf"
owner: root
group: root
mode: 0644
force: true
- name: Ensure snapper configs directory exists
ansible.builtin.file:
dest: "/etc/snapper/configs"
state: directory
recurse: true
- name: Ensure root /.snapshots directory exists
ansible.builtin.file:
dest: "/.snapshots"
state: directory
mode: 0755
- name: Create root backup configuration
ansible.builtin.template:
src: snapper-configurations/root.j2
dest: "/etc/snapper/configs/root"
mode: 0640
force: true # ensure contents are always exact
- name: Ensure home /.snapshots directory exists
ansible.builtin.file:
dest: "/home/.snapshots"
state: directory
mode: 0755
- name: Create homedir backup configuration
ansible.builtin.template:
src: snapper-configurations/home.j2
dest: "/etc/snapper/configs/home"
mode: 0640
force: true
- name: Add snap manual safety command
ansible.builtin.copy:
src: snapper-snap-script
dest: "/usr/bin/snap"
owner: root
group: root
mode: 0755
# For now we never activate the snapper daemon
# Does not work without elogind?
# Using snooze (i.e. cron) enabled recurring
# backup tasks instead.
# - name: Activate snapper service
# ansible.builtin.file:
# force: "yes"
# src: "/etc/sv/snapperd"
# dest: "/etc/runit/runsvdir/default/snapperd"
# state: link
# tags: never

0
books/templates/snapper-configurations/home.j2 → roles/backup/templates/snapper-configurations/home.j2
View file

0
books/templates/snapper-configurations/root.j2 → roles/backup/templates/snapper-configurations/root.j2
View file

0
roles/backup/vars/main.yaml Normal file
View file

31
roles/base/handlers/main.yaml Normal file
View file

@ -0,0 +1,31 @@
- name: List kernel module dirs
ansible.builtin.find:
paths: "/usr/lib/modules"
file_type: directory
register: found_kernels
listen: installed-booster
- name: Find kernels
ansible.builtin.set_fact:
kernel_list: "{{ found_kernels['files'] | map(attribute='path') | map('regex_replace', '^.*/(.*)$', '\\1') | list }}"
listen: installed-booster
- name: Create booster initramfs
ansible.builtin.command:
argv:
- booster
- --verbose
- build
- --kernel-version={{ item }}
- "{{ fname }}-{{ item }}.img"
creates: "{{ fname }}-{{ item }}.img"
loop: "{{ kernel_list }}"
listen: installed-booster
- name: Regenerate locales
ansible.builtin.command:
argv:
- xbps-reconfigure
- --force
- libc-locales
listen: glibc-locales-changed

122
roles/base/tasks/main.yaml Normal file
View file

@ -0,0 +1,122 @@
# Prefer booster to dracut so make sure to never install it
- name: Ignore dracut
ansible.builtin.lineinfile:
path: /etc/xbps.d/ignore-dracut.conf
line: ignorepkg=dracut
state: present
create: true # create file if absent
tags:
- packages
- dracut
- name: Update xbps and system
community.general.xbps:
name:
- xbps
state: latest
update_cache: true
upgrade: true
tags:
- packages
- update
- name: Install Base system
community.general.xbps:
name:
- base-system
state: present
tags:
- packages
- name: Get rid of temporary container metapackage
community.general.xbps:
name:
- base-container-full
state: absent
tags:
- packages
- name: Install booster
community.general.xbps:
name: booster
state: present
notify: installed-booster
tags:
- packages
- booster
- name: Set hostname
ansible.builtin.template:
src: hostname.j2
dest: /etc/hostname
tags: hostname
- name: Set timezone
ansible.builtin.file:
path: /etc/localtime
src: /usr/share/zoneinfo/{{ timezone }}
state: link
tags: timezone
- name: Install glibc
tags: glibc
block:
- name: Check if glibc locales exist
ansible.builtin.stat:
path: /etc/default/libc-locales
register: libc_locales_file
- name: Set correct glibc locales
ansible.builtin.lineinfile:
path: /etc/default/libc-locales
regexp: "^{{ item }}"
line: "{{ item }}"
state: present
create: true
loop: "{{ locales_enabled }}"
when: libc_locales_file.stat.exists
notify: glibc-locales-changed
- name: Set up chrony for NTP management
community.general.xbps:
name:
- chrony
state: present
tags: chrony
- name: Activate chronyd service
ansible.builtin.file:
src: "/etc/sv/chronyd"
dest: "/etc/runit/runsvdir/default/chronyd"
state: link
tags: chrony
- name: Activate acpid service
ansible.builtin.file:
src: "/etc/sv/acpid"
dest: "/etc/runit/runsvdir/default/acpid"
state: link
tags: acpid
- name: Set up snooze as cron daemon
tags:
- cron
- snooze
block:
- name: Install snooze
community.general.xbps:
name:
- snooze
state: present
- name: Activate snooze cron services
ansible.builtin.file:
force: "yes"
src: "/etc/sv/{{ item }}"
dest: "/etc/runit/runsvdir/default/{{ item }}"
state: link
loop:
- snooze-hourly
- snooze-daily
- snooze-weekly
- snooze-monthly

0
books/templates/hostname.j2 → roles/base/templates/hostname.j2
View file

6
roles/base/vars/main.yaml Normal file
View file

@ -0,0 +1,6 @@
---
booster_initramfs_name: /boot/booster-void
host_name: voider
timezone: Europe/Berlin
locales_enabled:
- en_US.UTF-8 UTF-8

16
roles/bluetooth/tasks/main.yaml Normal file
View file

@ -0,0 +1,16 @@
- name: Install bluetooth packages
community.general.xbps:
name:
- bluez
state: "{{ desired_package_state }}"
tags: packages
- name: Activate bluetooth service
ansible.builtin.file:
force: "yes"
src: "/etc/sv/{{ item }}"
dest: "/etc/runit/runsvdir/default/{{ item }}"
state: link
with_items:
- bluetoothd
- dbus

29
roles/display_manager/tasks/main.yaml Normal file
View file

@ -0,0 +1,29 @@
---
- name: Ensure user group for greeter exists
ansible.builtin.group:
name: "{{ greeter_user }}"
state: present
- name: Install greetd and tuigreet
community.general.xbps:
name:
- greetd
- tuigreet
state: present
tags:
- packages
- name: Set up tuigreet config for greetd
ansible.builtin.template:
src: greetd-config.toml.j2
dest: "/etc/greetd/config.toml"
owner: root
group: root
mode: 0644
force: true
- name: Activate greetd service
ansible.builtin.file:
src: "/etc/sv/greetd"
dest: "/etc/runit/runsvdir/default/greetd"
state: link

0
books/templates/greetd-config.toml.j2 → roles/display_manager/templates/greetd-config.toml.j2
View file

2
roles/display_manager/vars/main.yaml Normal file
View file

@ -0,0 +1,2 @@
---
greeter_user: _greeter

9
roles/fonts/handlers/main.yaml Normal file
View file

@ -0,0 +1,9 @@
---
- name: Regenerate fontconfig
ansible.builtin.command:
argv:
- xbps-reconfigure
- --force
- fontconfig
listen: installed-fonts

8
roles/fonts/tasks/main.yaml Normal file
View file

@ -0,0 +1,8 @@
---
- name: Install many fonts
community.general.xbps:
name: "{{ fonts }}"
state: "{{ desired_package_state }}"
notify: installed-fonts
when: fonts

18
roles/gnupg/tasks/main.yaml Normal file
View file

@ -0,0 +1,18 @@
- name: Install gnupg and smartcard addon
community.general.xbps:
name:
- gnupg
- gnupg2-scdaemon
state: "{{ desired_package_state }}"
tags: packages
- name: Ensure user group plugdev exist
ansible.builtin.group:
name: plugdev
state: present
- name: Put user in plugdev group
ansible.builtin.user:
name: "{{ user_name }}"
groups: [plugdev]
append: true

3
roles/host/defaults/main.yml Normal file
View file

@ -0,0 +1,3 @@
---
mount_dir: /mnt/void
tarball_url: "https://repo-default.voidlinux.org/live/current/void-x86_64-ROOTFS-20250202.tar.xz"

21
books/host.yaml → roles/host/tasks/main.yaml
View file

@ -27,17 +27,10 @@
# # TODO: should take opts from fstab. Definitely needs 'boot' type option
# - { fstype: 'vfat', src: '/dev/disk/by-uuid/{{ boot_dev_uuid }}', path: '{{ mount_dir }}/boot' }
- name: Create voidlinux guest
hosts: hostsystem
become: true
vars:
mount_dir: /mnt/void
tarball_url: "https://repo-default.voidlinux.org/live/current/void-x86_64-ROOTFS-20250202.tar.xz"
tasks:
- name: Unpack rootfs
ansible.builtin.unarchive:
remote_src: yes # we already downloaded it to the 'remote' system
src: "{{ tarball_url }}"
dest: "{{ mount_dir }}"
# ONLY run if this file does not exist (could use any rootfs file to check)
creates: "{{ mount_dir }}/etc/os-release"
- name: Unpack rootfs
ansible.builtin.unarchive:
remote_src: yes # we already downloaded it to the 'remote' system
src: "{{ tarball_url }}"
dest: "{{ mount_dir }}"
# ONLY run if this file does not exist (could use any rootfs file to check)
creates: "{{ mount_dir }}/etc/os-release"

41
roles/keyd/files/default.conf Normal file
View file

@ -0,0 +1,41 @@
# Makes capslock to control/escape
# insert to paste
# right alt to enable German Umlaute (äÄöÖüÜ),
# sharp s (ß), and the Euro sign (€).
# Needs compose key to be set in xkb to work correctly:
# $ setxkbmap -option "compose:menu"
[ids]
*
[main]
capslock = overload(control, esc)
insert = S-insert
rightalt = layer(dia)
shift = layer(shift)
rightshift = layer(shift)
[shift:S]
rightalt = layer(shiftedDia)
[dia]
shift = layer(shiftedDia)
rightshift = layer(shiftedDia)
a = macro(compose a ")
o = macro(compose o ")
u = macro(compose u ")
s = macro(compose s s)
e = macro(compose = e)
[shiftedDia]
a = macro(compose A ")
o = macro(compose O ")
u = macro(compose U ")
s = macro(compose S S)
e = macro(compose l -)

22
roles/keyd/tasks/main.yaml Normal file
View file

@ -0,0 +1,22 @@
---
- name: Install keyd
community.general.xbps:
name:
- keyd
state: "{{ desired_package_state }}"
tags:
- packages
- name: Set up keyd umlaut configuration
ansible.builtin.copy:
src: default.conf
dest: "/etc/keyd/default.conf"
force: yes
- name: Activate keyd service
ansible.builtin.file:
src: "/etc/sv/keyd"
dest: "/etc/runit/runsvdir/default/keyd"
state: link
force: true

21
roles/network/tasks/main.yaml Normal file
View file

@ -0,0 +1,21 @@
---
- name: Configure resolv DNS
ansible.builtin.copy:
mode: 0644
dest: "/etc/resolv.conf"
content: |
nameserver {{ nameserver1 }}
nameserver {{ nameserver2 }}
failed_when: false # can't ever fail
- name: Activate dhcp service
ansible.builtin.file:
src: "/etc/sv/dhcpcd"
dest: "/etc/runit/runsvdir/default/dhcpcd"
state: link
- name: Set up wireless networking
import_tasks: wireless.yaml
tags:
- wireless
- iwd

13
roles/network/tasks/wireless.yaml Normal file
View file

@ -0,0 +1,13 @@
---
- name: Install iwd
community.general.xbps:
name:
- iwd
state: present
- name: Activate wireless networking service
ansible.builtin.file:
src: "/etc/sv/iwd"
dest: "/etc/runit/runsvdir/default/iwd"
state: link

3
roles/network/vars/main.yaml Normal file
View file

@ -0,0 +1,3 @@
---
nameserver1: 9.9.9.9
nameserver2: 9.9.9.10

4
roles/packages/tasks/main.yaml Normal file
View file

@ -0,0 +1,4 @@
- name: Install all my used void packages
community.general.xbps:
name: "{{ lookup('community.general.merge_variables', '^packages_.*') }}"
state: "{{ desired_package_state }}"

49
roles/pipewire/tasks/main.yaml Normal file
View file

@ -0,0 +1,49 @@
- name: Ensure user group for audio/video exists
ansible.builtin.group:
name: "{{ item }}"
state: present
loop: "{{ audio_groups }}"
- name: Put user in audio group
ansible.builtin.user:
name: "{{ user_name }}"
groups: "{{ audio_groups }}"
append: true
- name: Install pipewire
community.general.xbps:
name:
- pipewire
state: present
tags: packages
- name: Install pipewire bluetooth
community.general.xbps:
name:
- libspa-bluetooth
state: present
tags:
- packages
- bluetooth
- name: Set up wireplumber to auto start
ansible.builtin.file:
dest: "/etc/pipewire/pipewire.conf.d"
state: directory
# FIXME: Does not work automatically for some reason?
- name: Set up wireplumber to auto start
ansible.builtin.file:
force: "yes"
src: "/usr/share/examples/wireplumber/10-wireplumber.conf"
dest: "/etc/pipewire/pipewire.conf.d/10-wireplumber.conf"
state: link
- name: Enable pipewire-pulse interface
ansible.builtin.file:
force: "yes"
src: "/usr/share/examples/pipewire/20-pipewire-pulse.conf"
dest: "/etc/pipewire/pipewire.conf.d/20-pipewire-pulse.conf"
state: link
# TODO: Find way to install and enable pipewire-roc-sink module (and enable ~/.config/pipewire/pipewire.conf.d/roc-sink.conf)

4
roles/pipewire/vars/main.yaml Normal file
View file

@ -0,0 +1,4 @@
---
audio_groups:
- audio
- video

20
roles/power/tasks/main.yaml Normal file
View file

@ -0,0 +1,20 @@
---
- name: Ensure user group "power" exists
ansible.builtin.group:
name: power
state: present
- name: Put user in power group
ansible.builtin.user:
name: "{{ user_name }}"
groups: [power]
append: true
- name: Enable power management for power group
ansible.builtin.copy:
content: "%power ALL=(ALL) NOPASSWD: /usr/bin/halt, /usr/bin/poweroff, /usr/bin/reboot, /usr/bin/shutdown, /usr/bin/zzz, /usr/bin/ZZZ"
dest: "/etc/sudoers.d/20-power"
owner: root
group: root
mode: 0644
force: true

0
roles/power/vars/main.yaml Normal file
View file

27
roles/user/tasks/main.yaml Normal file
View file

@ -0,0 +1,27 @@
- name: Enable sudo access for "wheel" group
ansible.builtin.copy:
content: "%wheel ALL=(ALL) ALL"
dest: "/etc/sudoers.d/10-wheel"
owner: root
group: root
mode: 0644
force: true
tags: sudo
- name: Ensure all desired user groups exist
ansible.builtin.group:
name: "{{ item }}"
state: present
loop: "{{ user_groups }}"
- name: Add primary user
ansible.builtin.user:
name: "{{ user_name }}"
password: "{{ user_pass | password_hash('sha512', '{{ user_pass_salt}}') }}"
create_home: true
shell: "/bin/{{ user_shell }}"
group: "{{ user_name }}"
groups: "{{ user_groups }}"
generate_ssh_key: true
tags:
- passlib

18
roles/user/vars/main.yaml Normal file
View file

@ -0,0 +1,18 @@
user_pass_salt: supersecretsalt
user_name: voidboi
user_pass: voidlinux
user_shell: zsh
user_shell: zsh
user_groups:
- wheel
- _seatd # TODO: This will error if it does not exist? (seatd not installed)
- dialout
- disk
- input
- kvm
- lp
- plugdev
- scanner
- storage
- usbmon

0
books/files/runit.conf → roles/wayland/files/runit.conf
View file

54
roles/wayland/tasks/main.yaml Normal file
View file

@ -0,0 +1,54 @@
- name: Install intel wayland drivers
community.general.xbps:
name:
- mesa-dri
state: present
tags:
- intel
- drivers
- packages
- name: Install wayland packages
community.general.xbps:
name:
- dbus
- seatd
- turnstile
state: present
tags:
- packages
- name: Activate wayland services
ansible.builtin.file:
force: "yes"
src: "/etc/sv/{{ item }}"
dest: "/etc/runit/runsvdir/default/{{ item }}"
state: link
with_items: [dbus, turnstiled, seatd]
- name: Set user service directory to $HOME/.local/state/service
ansible.builtin.copy:
src: runit.conf
dest: /etc/turnstile/backend/runit.conf
mode: 0644
- name: Install wlr desktop portals
community.general.xbps:
name:
- xdg-desktop-portal
- xdg-desktop-portal-wlr
state: present
tags: desktop-portal
tags:
- packages
# required e.g. for sioyek to work in wayland void
- name: Install qt5 and qt6 wayland libraries
community.general.xbps:
name:
- qt5-wayland
- qt6-wayland
state: present
tags:
- packages
- qt