diff --git a/Makefile b/Makefile
index 3f694da8759e0227d9268c85a1a14ea1aff6b732..b9bf76fba87f94142592631c26ba121d16e85f7f 100644
--- a/Makefile
+++ b/Makefile
@@ -7,16 +7,11 @@ clean:
open_all:
${EDITOR} .gitignore inventory Makefile README.md
+ ${EDITOR} tasks/files/*
+ ${EDITOR} tasks/vars/*
${EDITOR} tasks/*.yml
-<<<<<<< HEAD
-=======
${EDITOR} tasks/files/sshd_config
- ${EDITOR} tasks/user_cfg/*.yml
- ${EDITOR} tasks/user_cfg/files/dotfiles/*
- ${EDITOR} tasks/user_cfg/templates/*.j2
- ${EDITOR} tasks/user_cfg/vars/*.yml
${EDITOR} tasks/vars/*.yml
->>>>>>> eab54ad (fixup! 🚚 Move tasks in dedicated directory)
inventory_generation:
cp inventory.sample inventory && ${EDITOR} inventory
diff --git a/tasks/apt.yml b/tasks/apt.yml
new file mode 100644
index 0000000000000000000000000000000000000000..db3180157b87ce182596b565a2352a767bbe7b90
--- /dev/null
+++ b/tasks/apt.yml
@@ -0,0 +1,88 @@
+---
+- hosts: "{{ host_list }}"
+ remote_user: root
+
+ tasks:
+
+ - name: INCLUDE_VARS | base
+ ansible.builtin.include_vars: "main.yml"
+
+ - name: INCLUDE_VARS | OS
+ ansible.builtin.include_vars: "{{ ansible_distribution }}.yml"
+
+ - name: INCLUDE_VARS | Gnome
+ when: "'gnome' in group_names"
+ ansible.builtin.include_vars: "Gnome.yml"
+
+ - name: INCLUDE_VARS | Mate
+ when: "'mate' in group_names"
+ ansible.builtin.include_vars: "Mate.yml"
+
+ - name: Remove snap packages
+ when: snap_uninstall_pkg is defined
+ community.general.snap:
+ name: "{{ snap_uninstall_pkg }}"
+ state: absent
+
+ - name: APT | install base & os packages
+ ansible.builtin.apt:
+ cache_valid_time: 3600
+ force_apt_get: yes
+ pkg: "{{ lookup('flattened', base_pkg, os_pkg) }}"
+ state: present
+ update_cache: true
+
+ - name: SIGNAL | add key to keyring
+ when: inventory_hostname in groups.station
+ ansible.builtin.apt_key:
+ url: https://updates.signal.org/desktop/apt/keys.asc
+ keyring: /usr/share/keyrings/signal-desktop-keyring.gpg
+ state: present
+
+ - name: SIGNAL | add apt repository
+ when: inventory_hostname in groups.station
+ ansible.builtin.apt_repository:
+ filename: signal-desktop
+ repo: deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main
+ state: present
+
+ - name: APT | install workstation packages
+ when: inventory_hostname in groups.station
+ ansible.builtin.apt:
+ cache_valid_time: 3600
+ force_apt_get: yes
+ pkg: "{{ lookup('flattened', station_pkg, station_os_pkg, station_wm_pkg) }}"
+ state: present
+ update_cache: true
+
+ - name: APT | uninstall packages
+ ansible.builtin.apt:
+ pkg: "{{ lookup('flattened', base_uninstall_pkg, os_uninstall_pkg) }}"
+ state: absent
+
+ - name: APT | upgrade all packages to the latest version
+ ansible.builtin.apt:
+ force_apt_get: yes
+ upgrade: safe
+
+ - name: APT | remove useless packages from the cache
+ ansible.builtin.apt:
+ force_apt_get: yes
+ autoclean: yes
+ autoremove: yes
+
+ - name: APT | check for restarts
+ ansible.builtin.stat: path={{ item }}
+ register: restart_required
+ loop:
+ - /var/run/firefox-restart-required
+ - /var/run/reboot-required
+ no_log: yes
+
+ - name: APT | restart message
+ ansible.builtin.debug:
+ msg: "{{ item.stat.path | basename }} on {{ ansible_hostname }}"
+ when: item.stat.exists
+ loop: "{{ restart_required.results }}"
+ loop_control:
+ label: "{{ item.item | basename }}"
diff --git a/tasks/become_user_cfg.yml b/tasks/become_user_cfg.yml
index 8fff6093cc66b0ea65bba3540847296a2b8c8fa3..960c5d45adb8c20bf7983330211c400ac9b17d97 100644
--- a/tasks/become_user_cfg.yml
+++ b/tasks/become_user_cfg.yml
@@ -35,7 +35,6 @@
state: present
user: "{{ my_user }}"
-
- name: SSH | Disallow SSHÂ password authentication for root
become: yes
copy:
diff --git a/tasks/vars/Debian.yml b/tasks/vars/Debian.yml
new file mode 100644
index 0000000000000000000000000000000000000000..109b270a49cae8193b685e32cbcfebdf1e8828cd
--- /dev/null
+++ b/tasks/vars/Debian.yml
@@ -0,0 +1,9 @@
+---
+
+os_pkg: []
+
+os_uninstall_pkg: []
+
+station_os_pkg:
+ - chromium-l10n
+ - firefox-esr-l10n-fr
diff --git a/tasks/vars/Gnome.yml b/tasks/vars/Gnome.yml
new file mode 100644
index 0000000000000000000000000000000000000000..3717a48cc6c55fc9656de2c76f3d7e586f5bd3c2
--- /dev/null
+++ b/tasks/vars/Gnome.yml
@@ -0,0 +1,5 @@
+---
+
+station_wm_pkg:
+ - gnome-tweaks
+ - nautilus-nextcloud
diff --git a/tasks/vars/Mate.yml b/tasks/vars/Mate.yml
new file mode 100644
index 0000000000000000000000000000000000000000..4fb645d86a7bdc8db81e652c2ee44408ff418a59
--- /dev/null
+++ b/tasks/vars/Mate.yml
@@ -0,0 +1,5 @@
+---
+
+station_wm_pkg:
+ - mate-tweak
+ - caja-nextcloud
diff --git a/tasks/vars/Ubuntu.yml b/tasks/vars/Ubuntu.yml
new file mode 100644
index 0000000000000000000000000000000000000000..e2d262c921b4d34fb4cab8a5b92473efd66c597f
--- /dev/null
+++ b/tasks/vars/Ubuntu.yml
@@ -0,0 +1,14 @@
+---
+
+os_pkg: []
+
+os_uninstall_pkg:
+ - thunderbird
+
+snap_uninstall_pkg:
+ - firefox
+
+station_os_pkg:
+ - chromium-browser-l10n
+ - firefox-locale-fr
+ - firefox
diff --git a/tasks/vars/main.yml b/tasks/vars/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..3911fd6c3b3b56c24eed6a9f08d754fd826abc32
--- /dev/null
+++ b/tasks/vars/main.yml
@@ -0,0 +1,62 @@
+---
+
+base_pkg:
+ - htop
+ - iotop
+ - locales
+ - lsb-release
+ - lsof
+ - lynx
+ - most
+ - progress
+ - python3-apt
+ - rsync
+ - screen
+ - sudo
+ - tmux
+ - unattended-upgrades
+ - unzip
+ - vim
+ - wget
+ - xkcdpass
+
+base_uninstall_pkg: []
+
+station_pkg:
+ - ansible
+ - cheese
+ - easytag
+ - evolution
+ - evolution-plugins
+ - geany-plugin-addons
+ - geany-plugin-extrasel
+ - geany-plugin-git-changebar
+ - geany-plugin-markdown
+ - geany-plugin-prettyprinter
+ - geany-plugin-shiftcolumn
+ - geany-plugin-spellcheck
+ - geany-plugin-workbench
+ - geany-plugin-xmlsnippets
+ - gimp
+ - git
+ - gnome-disk-utility
+ - gpsprune
+ - hplip
+ - jhead
+ - keepassx
+ - make
+ - meld
+ - mhwaveedit
+ - network-manager-gnome
+ - nextcloud-desktop
+ - pandoc
+ - pdftk
+ - photocollage
+ - sshpass
+ - tree
+ - signal-desktop
+ - simple-scan
+ - soundconverter
+ - system-config-printer
+ - torbrowser-launcher
+ - unrar-free