Ansible PC setup

This is a collection of ansible scripts I use to setup my workstation as well as some of my servers. It is useful only to me, don't expect the cleanest code.

How to use this repo

1. Run sudo ./bootstrap to install dependencies
   • This installs uv which is used to install and run ansible
2. If needed update the inventory file
3. Update the vars/config.local file
4. Create a file for the new PC

touch "install_$(hostname).yml"

1. Add the basics in the file

---
- hosts: local
 become: false
 vars_files:
   - "./vars/config.local"

 roles:
   - role: system/base
     become: true

1. Add the roles as needed taking inspiration from the existing files
2. Run ./run install_[host].yml (-C allows to run in dry mode)
   • This uses uv to invoke the ansible-playbook installed in the local environment
3. ⚠ Check the logs some tasks add a message saying what to do next

Linting

uv has ansible-lint installed so we can check the repo with

uv run -- ansible-lint --fix

Playbooks using secrets

The secrets are stored in /vars/secrets.yml.enc which is managed with the built-in ansible-vault.

The key for the file is in my Dashlane secure note "statox-setup secret file"

The script /vars/get-vault-password.sh is a helper which calls dcli to get the password from the secure note. This script can be used with the --vault-password-file parameter of ansible-vault to automatically unlock the password if dcli is available.

# The vault was not created with a --vault-id param
uv run -- ansible-vault view --vault-password-file vars/get-vault-password.sh vars/secrets.yml.enc

To run a playbook using this the secrets:

• ./run install_raccoon.yml -e @vars/secrets.yml.enc --vault-password-file vars/get-vault-password.sh
• The variables in vars/secrets.yml.enc can be used as regular Ansible variables {{ transmission_user }}

TODO

• Handle desktop environement restart on first install
• Add new Github SSH key to known keys (prevent cloning dotfiles repo)
• Rework Firefox chrome (fails on first install because profile is not found)
• In dotfiles:
  • There seems to be a bug where the directories in .config are not created so the files can't be copied
  • Check how to execute the install from ansible
• warp and miro clients install are broken
• configure npm repository: Needs to create .npmrc file
• work/gitlab seems broken
• Check how to automatically setup Firefox sync
• zsh is not automatically enabled
• Ubuntu 22.04 Jammy is hardcoded in several installations
• MysqlWorkbench installation seems to work fine the first time but fails when run again
• pnpm install npm install -g pnpm@6