Split things to Ubuntu & Manjaro

* Convert every installation possible to using `package` not `apt` * Add dist-specific files where this doesn't work, with tags to include appropriately * Update README * New Docker image (TODO: molecule...) * Extra CI step for Manjaro
declension · Jul 20, 2022 · fc5ff52 · fc5ff52
1 parent 98cef30
commit fc5ff52
Show file tree

Hide file tree

Showing 10 changed files with 218 additions and 124 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -1,13 +1,25 @@
 version: 2
 jobs:
-  build:
+  build-ubuntu:
     docker:
       - image: docker:stable-git
     steps:
       - checkout
       - setup_remote_docker:
           version: 20.10.12
       - run:
-          name: Build in Docker
+          name: Test on Ubuntu in Docker
           command: docker build -t workstation-playbook:latest .
           no_output_timeout: 20m
+
+  build-manjaro:
+    docker:
+      - image: docker:stable-git
+    steps:
+      - checkout
+      - setup_remote_docker:
+          version: 20.10.12
+      - run:
+          name: Test on Manjaro in Docker
+          command: docker build -t workstation-playbook:latest -f Dockerfile.manjaro .
+          no_output_timeout: 20m
diff --git a/Dockerfile b/Dockerfile
@@ -30,4 +30,4 @@ COPY roles roles
 
 RUN export CI="$CI"
 
-RUN ansible-playbook -e user=$user playbook.yml -c localhost
+RUN ansible-playbook -e user=$user playbook.yml -c localhost --skip-tags manjaro
diff --git a/Dockerfile.manjaro b/Dockerfile.manjaro
@@ -0,0 +1,31 @@
+FROM manjarolinux/base:latest
+ARG CI="true"
+ARG user="user"
+
+RUN cat /etc/group
+
+RUN useradd --create-home $user \
+    && mkdir /home/$user/.config \
+    && chown -R user /home/$user \
+    && usermod -a -G adm $user
+
+
+RUN pacman -Sy --noconfirm ansible unzip
+
+# Need passwordless access
+RUN echo '%adm ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
+
+# More realistic
+USER $user
+
+COPY requirements.yml ./
+RUN ansible-galaxy install -r requirements.yml
+
+COPY group_vars group_vars
+COPY playbook.yml ./
+COPY templates templates
+COPY roles roles
+
+RUN export CI="$CI"
+
+RUN ansible-playbook -e user=$user playbook.yml -c localhost --skip-tags ubuntu
diff --git a/README.md b/README.md
@@ -6,19 +6,27 @@ Workstation Setup
 Assumptions
 -----------
 
- * Ubuntu 21.10 (should mostly work on other releases though)
+ * Ubuntu 21.10 (should mostly work on other releases though, 
+   and Debian should only take a few tweaks)
+ * :new: ...or [Manjaro](https://manjaro.org/). Might work with Arch, too.
  * You like the same tools as me...
 
 Setup
 -----
 
 ### Install Latest Ansible
 
+#### Ubuntu
 ```bash
 sudo apt-add-repository -y ppa:ansible/ansible
 sudo apt install ansible
 ```
 
+#### Arch / Manjaro
+```bash
+sudo pacman -S ansible
+```
+
 ### Run playbook
 
 Note that this installs the Galaxy roles, 
@@ -30,10 +38,17 @@ ansible-galaxy install -r requirements.yml
 
 Then: 
 
+#### Ubuntu
 ```bash
-ansible-playbook -e "user=$USER" playbook.yml -K
+ansible-playbook -e "user=$USER" playbook.yml -K --skip-tags manjaro
 ```
 
+#### Manjaro
+```bash
+ansible-playbook -e "user=$USER" playbook.yml -K --skip-tags ubuntu
+```
+
+
 ### Just run the `configure` role
 
 ```bash
@@ -62,12 +77,11 @@ Using local and various excellent Ansible Galaxy roles, you get:
  * Latest Rust
 
 ### DevOps / Systems Tooling
+ * [Nix](https://nixos.wiki/wiki/Nix), plus [Nix Flakes](https://nixos.wiki/wiki/Flakes)
  * Docker CE
  * Terraform
  * Virtualbox
  * Kubernetes
  * `nmap`, `htop`, `jq`, `httpie` etc 
 
 ...and more (see playbook).
-
-
diff --git a/playbook.yml b/playbook.yml
@@ -9,13 +9,15 @@
     ohmyzsh_users:
       - "{{ user }}"
   roles:
-    - gantsign.bat
+    - role: gantsign.bat
+      tags: ubuntu
 
     - role: nover.ohmyzsh
       ohmyzsh_users:
         - "{{ ohmyzsh_user }}"
 
     - role: geerlingguy.docker
+      tags: ubuntu
       docker_apt_release_channel: "test"
       docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution | lower }} focal {{ docker_apt_release_channel }}"
 

diff --git a/roles/configure/tasks/main.yml b/roles/configure/tasks/main.yml
@@ -3,7 +3,7 @@
   become: yes
   user:
     name: "{{ user|quote }}"
-    generate_ssh_key: yes
+    generate_ssh_key: no
     shell: /usr/bin/zsh
     append: yes
     groups: adm, docker
@@ -39,6 +39,7 @@
 - name: Default to Alacritty
   become: true
   shell: update-alternatives --install /etc/alternatives/x-terminal-emulator alacritty "{{ ansible_env.HOME }}/.cargo/bin/alacritty" 1
+  tags: ubuntu
 
 - stat:
     path: /usr/bin/gsettings

diff --git a/roles/workstation/defaults/main.yml b/roles/workstation/defaults/main.yml
@@ -1,3 +1,4 @@
 terraform_version: 1.1.9
-openjdk_version: 18
-node_version: 16
+debian_openjdk_version: 18
+arch_openjdk_version: 17
+debian_node_version: 16
diff --git a/roles/workstation/tasks/main.yml b/roles/workstation/tasks/main.yml
@@ -1,4 +1,13 @@
 ---
+
+- name: Ubuntu-only tasks
+  include_tasks: ubuntu.yml
+  tags: ubuntu
+
+- name: Manjaro-only tasks
+  include_tasks: manjaro.yml
+  tags: manjaro
+
 - name: User config
   file:
     path: "{{ config_dir }}"
@@ -10,69 +19,12 @@
     state: directory
     recurse: true
 
-- name: Install gpg
-  become: yes
-  apt:
-    update_cache: true
-    name: gpg
-
-- name: Add Yarn GPG key
-  become: true
-  apt_key:
-    url: https://dl.yarnpkg.com/debian/pubkey.gpg
-    state: present
-
-- name: Add Yarn repo
-  become: true
-  apt_repository:
-    repo: deb https://dl.yarnpkg.com/debian/ stable main
-    state: present
-    filename: yarn
-
-- name: Add Kubernetes Key
-  become: true
-  apt_key:
-    url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
-
-- name: Add Kubernetes repo
-  become: true
-  apt_repository:
-    repo: deb https://apt.kubernetes.io/ kubernetes-xenial main
-
-- name: Get Signal key
-  get_url:
-    url: https://updates.signal.org/desktop/apt/keys.asc
-    dest: /tmp/signal-key.asc
-    force: yes
-
-- name: Convert Signal key
-  shell: |
-    rm -f /tmp/signal-desktop-keyring.gpg
-    gpg --dearmor -o /tmp/signal-desktop-keyring.gpg /tmp/signal-key.asc
-    rm /tmp/signal-key.asc
-
-- name: Install Signal GPG key
-  become: true
-  copy:
-    src: /tmp/signal-desktop-keyring.gpg
-    dest: /usr/share/keyrings/signal-desktop-keyring.gpg
-    force: true
-
-- name: Add Signal repo
-  become: true
-  apt_repository:
-    repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main"
-    state: present
-    filename: signal-xenial
 
 - name: Install packages
   become: yes
-  apt:
-    update_cache: true
+  package:
+    state: latest
     name:
-      - python3-pip
-      - python3-openssl
-      - "openjdk-{{ openjdk_version }}-jdk"
       - git-lfs
       - vim
       - curl
@@ -82,42 +34,20 @@
       - tree
       - multitail
       - powerline
-      - fonts-powerline
       - pass
 
       # Networking
       - net-tools
       - nmap
       - openvpn
 
-      # Ubuntu / Gnome utils
-      - ubuntu-restricted-extras
-      - gnome-tweaks
-      - nautilus-image-converter
-      - network-manager-openvpn-gnome
-
       # Jokes
       - cowsay
       - lolcat
-      - toilet
-
-      # Compiling tools
-      - libbz2-dev
-      - llvm
-      - libffi-dev
-      - cmake
-
-      # Rust / Alacritty things
-      - libssl-dev
-      - libcairo2-dev
-      - pkg-config
-      - libfreetype6-dev
-      - libfontconfig1-dev
-      - libxcb-xfixes0-dev
+      - figlet
 
       # I18n
       - gettext
-      - potool
 
       # Other packages
       - yamllint
@@ -126,28 +56,16 @@
 
       # Audio
       - mplayer
-      - gstreamer1.0-plugins-bad
 
 - name: Install bigger apps
   become: yes
-  apt:
+  package:
+    state: latest
     name:
       - gimp
       - pandoc
       - virtualbox
 
-- name: Install Slack, Noson via Snap
-  snap:
-    classic: true
-    name:
-      - slack
-      - yq
-  become: true
-  when: lookup('env','CI') == ""
-
-- name: Add Python Poetry & AWS CLI
-  command: python3 -m pip install --user poetry awscli
-
 - name: Check for Stack
   # We need this command not to *fail*, but `which` does...
   shell: which stack >/dev/null && which stack || true
@@ -161,30 +79,14 @@
   when: which_stack.stdout|length < 1
 
 - name: Install Stack
+  become: yes
   script: /tmp/install-stack.sh
   when: which_stack.stdout|length < 1
 
 - name: Install GHC with Stack
   command: "{{which_stack.stdout}} setup"
   when: which_stack.stdout|length > 1
 
-- name: Download Node.JS Repo script
-  become: yes
-  get_url:
-    url: "https://deb.nodesource.com/setup_{{node_version}}.x"
-    dest: /tmp/set-up-node.sh
-    force: yes
-    mode: ug+rx
-
-- name: Set up Node repo
-  become: true
-  script: /tmp/set-up-node.sh
-
-- name: Install Node JS
-  become: true
-  apt:
-    name: nodejs
-
 - name: Download Terraform
   get_url:
     url: "https://releases.hashicorp.com/terraform/{{ terraform_version }}/terraform_{{ terraform_version }}_linux_amd64.zip"

diff --git a/roles/workstation/tasks/manjaro.yml b/roles/workstation/tasks/manjaro.yml
@@ -0,0 +1,18 @@
+---
+- name: Install Arch-specific apps
+  become: yes
+  package:
+    state: latest
+    name:
+      - docker
+      - "jdk{{ arch_openjdk_version }}-openjdk"
+      - ttf-meslo-nerd-font-powerlevel10k
+      - bat
+
+- name: Install Node JS LTS
+  become: true
+  package:
+    name: nodejs-lts-gallium
+    state: latest
+
+# TODO: Poetry + AWSCLI
Original file line number	Diff line number	Diff line change
Expand Up		@@ -30,4 +30,4 @@ COPY roles roles

		RUN export CI="$CI"

		RUN ansible-playbook -e user=$user playbook.yml -c localhost
		RUN ansible-playbook -e user=$user playbook.yml -c localhost --skip-tags manjaro