system-setup.yml (3273B)
1 --- 2 - hosts: laptop 3 gather_facts: false 4 tasks: 5 - name: Install python3 6 raw: apk update && apk add python3 7 8 - hosts: laptop 9 gather_facts: true 10 tasks: 11 - name: Switch sshd to only allow ssh key access to root 12 lineinfile: 13 dest: /etc/ssh/sshd_config 14 regexp: "^PermitRootLogin" 15 line: "PermitRootLogin prohibit-password" 16 notify: 17 - restart sshd 18 19 - name: Enable community repo 20 lineinfile: 21 dest: /etc/apk/repositories 22 regexp: "^# (http.*/alpine/.*/community)" 23 line: '\1' 24 backrefs: true 25 firstmatch: true 26 27 - name: Setup Xorg 28 raw: setup-xorg-base xf86-video-intel 29 30 - name: Setup system apps 31 apk: 32 name: 33 - apk-tools-doc 34 - acpid 35 - acpid-doc 36 - acpi-utils 37 - acpi-utils 38 - alsa-utils 39 - alsa-utils-doc 40 - chrony 41 - chrony-openrc 42 - ca-certificates 43 - doas 44 - doas-doc 45 - dbus 46 - dbus-openrc 47 - dbus-x11 48 - elogind 49 - polkit-elogind 50 - man-db 51 - util-linux 52 - util-linux-doc 53 - pciutils 54 - pciutils-doc 55 - usbutils 56 - usbutils-doc 57 - coreutils 58 - coreutils-doc 59 - binutils 60 - binutils-doc 61 - findutils 62 - findutils-doc 63 - grep 64 - grep-doc 65 - iproute2 66 - iproute2-doc 67 - udisks2 68 - udisks2-doc 69 - xfce4 70 - xfce4-terminal 71 - xfce4-screensaver 72 - lightdm-gtk-greeter 73 - pipewire 74 - pipewire-doc 75 - pipewire-tools 76 - wireplumber 77 - udev 78 - wireless-tools-doc 79 - wpa_supplicant-doc 80 wpa_gui 81 - xauth 82 - xauth-doc 83 - xhost 84 - xhost-doc 85 - xmodmap 86 - xmodmap-doc 87 state: present 88 update_cache: true 89 90 - name: Install pipewire config file 91 copy: 92 src: ./configs/etc/pipewire.conf 93 dest: /etc/pipewire/ 94 95 - name: Install acpid handler 96 copy: 97 src: ./configs/etc/acpi-handler.sh 98 dest: /etc/acpi/handler.sh 99 100 - name: Enable doas for wheel group 101 copy: 102 src: ./configs/etc/doas.conf 103 dest: /etc/doas.d/ 104 105 - name: Setup wpa_supplicant 106 file: 107 path: /etc/wpa_supplicant/wpa_supplicant.conf 108 owner: root 109 group: root 110 mode: '0600' 111 112 - name: Setup for wpa_cli and wpa_gui use 113 lineinfile: 114 dest: /etc/wpa_supplicant/wpa_supplicant.conf 115 regexp: "{{ item.regexp }}" 116 line: "{{ item.line }}" 117 with_items: 118 - { regexp: '^update_config', line: 'update_config=1' } 119 - { regexp: '^ctrl_interface', line: 'ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev' } 120 121 - name: Enable services service 122 service: 123 name: "{{ item }}" 124 state: started 125 enabled: yes 126 with_items: 127 - dbus 128 - lightdm 129 - acpid 130 - udev 131 132 handlers: 133 - name: restart sshd 134 service: 135 name: sshd 136 state: restarted 137 enabled: yes