ci: Start moving tasks to gitea actions

Signed-off-by: Noah Knegt <git@noahknegt.com>

.drone.yml

@@ -0,0 +1,53 @@
+---
+kind: pipeline
+type: docker
+name: ansible
+
+steps:
+  - name: yaml lint
+    image: cytopia/yamllint:alpine
+    commands:
+      - yamllint -c .yamllint.yml .
+
+  - name: ansible lint
+    image: cytopia/ansible-lint:alpine
+    commands:
+      - ansible-lint .
+
+  - name: setup ssh key
+    image: cytopia/ansible:latest-infra
+    commands:
+      - mkdir -p /root/.ssh
+      - echo "$SSH_KEY" > /root/.ssh/id_ed25519
+      - chmod 600 /root/.ssh/id_ed25519
+      - ssh-keyscan -p 4422 vps.noahknegt.com > /root/.ssh/known_hosts
+    environment:
+      SSH_KEY:
+        from_secret: ssh_key
+    volumes:
+      - name: ssh_key
+        path: /root/.ssh
+    when:
+      event:
+        - push
+      branch:
+        - master
+
+  - name: ansible apply
+    image: cytopia/ansible:latest-infra
+    commands:
+      - eval `ssh-agent -s`
+      - ssh-add /root/.ssh/id_ed25519
+      - ansible-playbook -i inventory/hosts.yml site.yml
+    volumes:
+      - name: ssh_key
+        path: /root/.ssh
+    when:
+      event:
+        - push
+      branch:
+        - master
+
+volumes:
+  - name: ssh_key
+    temp: {}

.gitea/workflows/development.yml

@@ -0,0 +1,21 @@
+---
+name: Development
+# yamllint disable-line rule:truthy
+on:
+  workflow_dispatch:
+  push:
+    branches: [develop, master]
+  pull_request:
+jobs:
+  lint:
+    name: Lint code
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout source code
+        uses: actions/checkout@v4
+      - name: YAML lint
+        uses: karancode/yamllint-github-action@v2
+        with:
+          yamllint_config_filepath: .yamllint.yml
+      - name: Ansible lint
+        uses: ansible/ansible-lint@v6

.gitea/workflows/lint.yml

@@ -1,33 +0,0 @@
----
-name: Linting
-run-name: Linting ansible and yaml files
-on:
-  pull_request:
-
-jobs:
-  yaml-lint:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout source code
-        uses: actions/checkout@v4
-
-      - name: Install yaml-lint # As yamllint action is a composite it does not install yamllint itself
-        run: |
-          apt update
-          apt install -y --no-install-recommends yamllint
-
-      - name: Lint with yaml-lint
-        uses: ibiqlik/action-yamllint@v3
-        with:
-          config_file: .yamllint.yml
-
-  ansible-lint:
-    runs-on: ubuntu-latest
-    container:
-      image: catthehacker/ubuntu:act-latest
-    steps:
-      - name: Checkout source code
-        uses: actions/checkout@v4
-
-      - name: Lint with ansible lint
-        uses: ansible/ansible-lint@v24

.yamllint.yml

@@ -7,9 +7,7 @@ ignore: |
 
 rules:
   truthy:
-    allowed-values: ["true", "false"]
+    allowed-values: ['true', 'false']
     check-keys: false
     level: error
   line-length: disable
-  comments:
-    min-spaces-from-content: 1

inventory/hosts.yml

@@ -24,10 +24,12 @@ pis:
       ansible_host: 192.168.90.3
       ansible_user: ansible
 
-localhost:
+equinox-servers:
   hosts:
-    localhost-machine:
+    apollo:
-      ansible_connection: local
+      ansible_host: 23.97.157.206
+      ansible_port: 2004
+      ansible_user: ansible
 
 all:
   children:
@@ -37,4 +39,6 @@ all:
     datacenter:
       children:
         vpses:
-    localhost:
+    equinox:
+      children:
+        equinox-servers:

roles/corepack/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for corepack

roles/corepack/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for corepack

roles/corepack/tasks/main.yml

@@ -0,0 +1,58 @@
+---
+- name: Check node version
+  shell: node --version
+  become: true
+  become_user: noahk
+  become_method: su
+  become_flags: '--login'
+  vars:
+    ansible_become_pass: "{{ noahk_password }}"
+  register: node_version
+  ignore_errors: true
+
+- name: Set node version if empty
+  set_fact:
+    node_version: 0.0.0
+  when: node_version.stdout is ""
+
+- name: Enable corepack
+  shell: corepack enable
+  become: true
+  become_user: noahk
+  become_method: su
+  become_flags: '--login'
+  vars:
+    ansible_become_pass: "{{ noahk_password }}"
+  when: node_version.stdout is version('16.0.0', '<')
+
+- name: Verify corepack
+  shell: corepack --version
+  become: true
+  become_user: noahk
+  become_method: su
+  become_flags: '--login'
+  vars:
+    ansible_become_pass: "{{ noahk_password }}"
+  register: corepack_version
+  ignore_errors: true
+
+- name: Enable pnpm latest version
+  shell: corepack prepare pnpm@latest --activate
+  become: true
+  become_user: noahk
+  become_method: su
+  become_flags: '--login'
+  vars:
+    ansible_become_pass: "{{ noahk_password }}"
+  when: node_version.stdout is version('16.0.0', '<')
+
+- name: Test pnpm
+  shell: pnpm --version
+  become: true
+  become_user: noahk
+  become_method: su
+  become_flags: '--login'
+  vars:
+    ansible_become_pass: "{{ noahk_password }}"
+  register: pnpm_version
+  ignore_errors: true

roles/corepack/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

roles/corepack/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - corepack

roles/corepack/vars/main.yml

@@ -0,0 +1,3 @@
+---
+# vars file for nvm
+noahk_password: 'Voorzitter17'

roles/docker/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for docker

roles/docker/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for docker

roles/docker/tasks/addusers.yml

@@ -0,0 +1,18 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  31-03-2023
+#  @description    :  This will add selected users to the docker group.
+# ===================================================================================================
+
+---
+- name: Add users to the docker group
+  become: true
+  user:
+    name: "{{ item }}"
+    groups: docker
+    append: true
+  with_items: "{{ docker_users }}"
+  when: docker_users is defined

roles/docker/tasks/buildx.yml

@@ -0,0 +1,24 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  06-04-2023
+#  @description    :  This will make sure that docker buildx is installed.
+# ===================================================================================================
+
+---
+- name: Check for docker-buildx
+  shell: docker buildx version
+  register: docker_buildx
+  ignore_errors: true
+
+- name: Install docker-buildx
+  package:
+    name: docker-buildx
+    state: present
+  when: docker_buildx.stdout is not defined
+
+- name: Alias docker-buildx
+  shell: docker buildx install
+  when: docker_buildx.stdout is not defined

roles/docker/tasks/check_version.yml

@@ -0,0 +1,29 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  31-03-2023
+#  @description    :  This will check if docker is installed as the latest version.
+# ===================================================================================================
+
+---
+- name: Check docker version
+  shell: docker --version
+  register: docker_version
+  ignore_errors: true
+
+- name: Install jq
+  become: true
+  package:
+    name: jq
+    state: present
+
+- name: Check if latest version is stable
+  shell: "curl -s https://api.github.com/repos/docker/cli/tags | jq -r '.[0].name' | grep -E -o '[0-9]+\\.[0-9]+\\.[0-9]+\\-?'"
+  register: docker_latest_version
+
+- name: Compare versions
+  set_fact:
+    docker_update: true
+  when: docker_version.stdout is not defined

roles/docker/tasks/cleanup.yml

@@ -0,0 +1,14 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  31-03-2023
+#  @description    :  This will cleanup the docker script from the machine.
+# ===================================================================================================
+
+---
+- name: Cleanup docker script
+  file:
+    path: /tmp/get-docker.sh
+    state: absent

roles/docker/tasks/download.yml

@@ -0,0 +1,15 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  31-03-2023
+#  @description    :  This will download the docker install script.
+# ===================================================================================================
+
+---
+- name: Download the docker install script
+  get_url:
+    url: https://get.docker.com
+    dest: /tmp/get-docker.sh
+    mode: 0755

roles/docker/tasks/install.yml

@@ -0,0 +1,13 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  31-03-2023
+#  @description    :  This will install the docker engine.
+# ===================================================================================================
+
+---
+- name: Run the docker install script
+  shell: /tmp/get-docker.sh
+  when: docker_update is defined

roles/docker/tasks/main.yml

@@ -0,0 +1,25 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  27-03-2023
+#  @description    :  This will make sure that docker is installed on the machine.
+# ===================================================================================================
+
+---
+- include_tasks: check_version.yml
+
+- include_tasks: download.yml
+  when: docker_update is defined
+
+- include_tasks: install.yml
+  when: docker_update is defined
+
+- include_tasks: addusers.yml
+  when: docker_update is defined
+
+- include_tasks: cleanup.yml
+  when: docker_update is defined
+
+- include_tasks: buildx.yml

roles/docker/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

roles/docker/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - docker

roles/docker/vars/main.yml

@@ -0,0 +1,5 @@
+---
+# vars file for docker
+docker_users:
+  - noahk
+  - root

roles/node/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for node

roles/node/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for node

roles/node/tasks/main.yml

@@ -0,0 +1,21 @@
+---
+- name: Check node version
+  shell: node --version
+  become: true
+  become_user: noahk
+  become_method: su
+  become_flags: '--login'
+  vars:
+    ansible_become_pass: "{{ noahk_password }}"
+  register: node_version
+  ignore_errors: true
+
+- name: Install node
+  shell: nvm install --lts
+  become: true
+  become_user: noahk
+  become_method: su
+  become_flags: '--login'
+  vars:
+    ansible_become_pass: "{{ noahk_password }}"
+  when: node_version.stdout is ""

roles/node/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

roles/node/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - node

roles/node/vars/main.yml

@@ -0,0 +1,3 @@
+---
+# vars file for nvm
+noahk_password: 'Voorzitter17'

roles/nvm/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for nvm

roles/nvm/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for nvm

roles/nvm/tasks/check_installed.yml

@@ -0,0 +1,20 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  06-04-2023
+#  @description    :  This will check if nvm is installed as the latest version.
+# ===================================================================================================
+
+---
+- name: Check nvm version
+  shell: nvm --version
+  become: true
+  become_user: noahk
+  become_method: su
+  become_flags: '--login'
+  vars:
+    ansible_become_pass: "{{ noahk_password }}"
+  register: nvm_version
+  ignore_errors: true

roles/nvm/tasks/cleanup.yml

@@ -0,0 +1,22 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  06-04-2023
+#  @description    :  This will cleanup the system.
+# ===================================================================================================
+
+---
+- name: Cleanup
+  file:
+    path: "{{ item }}"
+    state: absent
+  with_items:
+    - /tmp/nvm-install.sh
+    - /tmp/nvm-install.log
+    - /tmp/nvm-install.out
+    - /tmp/nvm-install.err
+    - /tmp/nvm-install.debug
+    - /tmp/nvm-install.info
+    - /tmp/nvm-install.warn

roles/nvm/tasks/download.yml

@@ -0,0 +1,16 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  06-04-2023
+#  @description    :  This will download the nvm install script.
+# ===================================================================================================
+
+---
+- name: Download nvm
+  get_url:
+    url: https://raw.githubusercontent.com/nvm-sh/nvm/{{ nvm_latest_version.stdout }}/install.sh
+    dest: /tmp/nvm-install.sh
+    mode: 0755
+  when: nvm_version.stdout != nvm_latest_version.stdout or nvm_version.stdout == ""

roles/nvm/tasks/get_version.yml

@@ -0,0 +1,13 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  06-04-2023
+#  @description    :  This will get the latest version of nvm.
+# ===================================================================================================
+
+---
+- name: Get the latest nvm version
+  shell: curl -s https://api.github.com/repos/nvm-sh/nvm/releases/latest | grep tag_name | cut -d '"' -f 4
+  register: nvm_latest_version

roles/nvm/tasks/install.yml

@@ -0,0 +1,19 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  06-04-2023
+#  @description    :  This will install nvm as the latest version.
+# ===================================================================================================
+
+---
+- name: Install nvm
+  shell: /tmp/nvm-install.sh
+  become: true
+  become_user: noahk
+  become_method: su
+  become_flags: '--login'
+  vars:
+    ansible_become_pass: "{{ noahk_password }}"
+  when: nvm_version.stdout != nvm_latest_version.stdout or nvm_version.stdout == ""

roles/nvm/tasks/main.yml

@@ -0,0 +1,9 @@
+---
+- import_tasks: check_installed.yml
+- import_tasks: get_version.yml
+
+- import_tasks: download.yml
+
+- import_tasks: install.yml
+
+- import_tasks: cleanup.yml

roles/nvm/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

roles/nvm/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - nvm

roles/nvm/vars/main.yml

@@ -0,0 +1,3 @@
+---
+# vars file for nvm
+noahk_password: 'Voorzitter17'

roles/setup/handlers/main.yml

@@ -8,11 +8,11 @@
 # ===================================================================================================
 
 ---
-- name: Update apt
+- name: apt_update
-  ansible.builtin.apt:
+  apt:
-    update-cache: true
+    update_cache: true
 
-- name: Restart sshd
+- name: restart_sshd
-  ansible.builtin.service:
+  service:
     name: "{{ openssh_service }}"
     state: restarted

roles/setup/tasks/config/noahk.yml

@@ -1,17 +0,0 @@
----
-- name: Setup dotfiles repo
-  when: inventory_hostname in groups['localhost']
-  ansible.builtin.git:
-    repo: https://git.noahknegt.com/noah.knegt/dotfiles.git # noqa: latest
-    depth: 1
-    dest: /home/noahk/dotfiles
-    accept_hostkey: true
-
-- name: Use stow to set up config data
-  when: inventory_hostname in groups['localhost']
-  become: true
-  become_user: noahk
-  become_method: ansible.builtin.su
-  ansible.builtin.command: cd /home/noahk/dotfiles && stow -t ~ .
-  register: stow_output
-  changed_when: stow_output.rc != 0

roles/setup/tasks/main.yml

@@ -9,36 +9,16 @@
 # ===================================================================================================
 
 ---
-- name: Include distribution variables
+- include_vars: "{{ ansible_distribution }}.yml"
-  ansible.builtin.include_vars:
-    file: "{{ ansible_distribution }}.yml"
 
 # Setup the ansible user
-- name: Create ansible user
+- include_tasks: users/ansible.yml
-  ansible.builtin.include_tasks:
+- include_tasks: users/noahk.yml
-    file: users/ansible.yml
-- name: Create usable user
-  ansible.builtin.include_tasks:
-    file: users/noahk.yml
 
 # Setup the sshd
-- name: Setup openssh
+- include_tasks: system/openssh.yml
-  ansible.builtin.include_tasks:
-    file: system/openssh.yml
 
 # Setup the repositories for Debian based systems
-- name: Setup Debian based repositories
+- include_tasks: software/repositories.yml
-  ansible.builtin.include_tasks:
-    file: software/repositories.yml
 
-- name: Install and configure UFW
+- include_tasks: software/acl.yml
-  ansible.builtin.include_tasks:
-    file: software/ufw.yml
-
-- name: Install stow
-  ansible.builtin.include_tasks:
-    file: software/stow.yml
-
-- name: Configure the usable user
-  ansible.builtin.include_tasks:
-    file: config/noahk.yml

roles/setup/tasks/software/acl.yml

@@ -0,0 +1,15 @@
+# ===================================================================================================
+#  ?                                           ABOUT
+#  @author         :  Noah Knegt
+#  @email          :  personal@noahknegt.com
+#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
+#  @createdOn      :  01-06-2023
+#  @description    :
+# ===================================================================================================
+
+---
+- name: Install acl
+  package:
+    name:
+      - acl
+    state: latest

roles/setup/tasks/software/repositories.yml

@@ -9,9 +9,9 @@
 
 ---
 - name: Install aptitude and software-properties-common
-  ansible.builtin.package:
+  package:
     name:
       - aptitude
       - software-properties-common
-    state: present
+    state: latest
   when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu"]

roles/setup/tasks/software/stow.yml

@@ -1,6 +0,0 @@
----
-- name: Install stow
-  when: inventory_hostname in groups['localhost']
-  ansible.builtin.package:
-    name: stow
-    state: present

roles/setup/tasks/software/ufw.yml

@@ -1,47 +0,0 @@
-# ===================================================================================================
-#  ?                                           ABOUT
-#  @author         :  Noah Knegt
-#  @email          :  personal@noahknegt.com
-#  @repo           :  https://git.noahknegt.com/noah.knegt/ansible-automations
-#  @createdOn      :  01-06-2023
-#  @description    :
-# ===================================================================================================
-
----
-- name: Install UFW
-  ansible.builtin.package:
-    name: ufw
-    state: present
-
-- name: UFW deny all incoming traffic
-  community.general.ufw:
-    default: deny
-    direction: incoming
-
-- name: UFW allow all outbound traffic
-  community.general.ufw:
-    default: allow
-    direction: outgoing
-
-- name: Allow all access from RFC1918 networks to this host
-  community.general.ufw:
-    direction: incoming
-    rule: allow
-    src: "{{ item }}"
-  loop:
-    - 10.0.0.0/8
-    - 172.16.0.0/12
-    - 192.168.0.0/16
-
-- name: UFW allow default ssh port
-  community.general.ufw:
-    direction: incoming
-    rule: limit
-    port: ssh
-
-- name: UFW allow custom ssh port
-  when: setup_openssh_port is defined
-  community.general.ufw:
-    direction: incoming
-    rule: allow
-    port: "{{ setup_openssh_port }}"

roles/setup/tasks/system/openssh.yml

@@ -9,22 +9,20 @@
 
 ---
 - name: Install or update openssh
-  ansible.builtin.package:
+  package:
-    name: "{{ setup_openssh_package }}"
+    name: "{{ openssh_package }}"
-    state: present
+    state: latest
   notify:
     - restart_sshd
 
-- name: Enable ssh daemon
+- name: enable ssh daemon
-  when: inventory_hostname in groups['datacenter']
+  service:
-  ansible.builtin.service:
     name: "{{ openssh_service }}"
     state: started
     enabled: true
 
-- name: Configure sshd
+- name: configure sshd
-  when: inventory_hostname in groups['datacenter']
+  template:
-  ansible.builtin.template:
     src: sshd_config.j2
     dest: /etc/ssh/sshd_config
     owner: root
@@ -33,24 +31,10 @@
   notify:
     - restart_sshd
 
-- name: Copy sshd banner
+- name: copy sshd banner
-  ansible.builtin.copy:
+  copy:
     src: ssh_banner.net
     dest: /etc/issue.net
     owner: root
     group: root
     mode: 0644
-
-- name: Copy ssh public key
-  ansible.builtin.authorized_key:
-    user: ansible
-    key: "{{ item }}"
-  with_file:
-    - ansible/ansible.pub
-
-- name: Copy ssh public key
-  ansible.builtin.authorized_key:
-    user: noahk
-    key: "{{ item }}"
-  with_file:
-    - noahk/noahk.pub

roles/setup/tasks/system/zsh.yml

@@ -1,30 +1,49 @@
 ---
+
 - name: Install zsh
   become: true
-  ansible.builting.package:
+  package:
     name: zsh
     state: present
 
 - name: Install oh-my-zsh
   become: true
   become_user: noahk
-  ansible.builtin.command: sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
+  shell: sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
-  changed_when: true
 
 - name: Install zsh-syntax-highlighting
   become: true
-  ansible.builtin.package:
+  become_user: noahk
-    name: zsh-syntax-highlighting
+  git:
-    state: present
+    repo: https://github.com/zsh-users/zsh-syntax-highlighting.git
+    dest: /home/noahk/.oh-my-zsh/custom/plugins/zsh-syntax-highlighting
+    update: true
 
 - name: Install zsh-autosuggestions
   become: true
-  ansible.builtin.package:
+  become_user: noahk
-    name: zsh-autosuggestions
+  git:
-    state: present
+    repo: https://github.com/zsh-users/zsh-autosuggestions.git
+    dest: /home/noahk/.oh-my-zsh/custom/plugins/zsh-autosuggestions
+    update: true
 
 - name: Install starship
   become: true
   become_user: noahk
-  ansible.builtin.command: sh -c "$(curl -fsSL https://starship.rs/install.sh)"
+  shell: sh -c "$(curl -fsSL https://starship.rs/install.sh)"
-  changed_when: true
+
+- name: Configure ZSH
+  become: true
+  become_user: noahk
+  template:
+    src: zshrc.j2
+    dest: /home/noahk/.zshrc
+    owner: noahk
+    group: noahk
+    mode: 0644
+
+- name: Install nushell
+  become: true
+  package:
+    name: nushell
+    state: present

roles/setup/tasks/users/ansible.yml

@@ -9,12 +9,12 @@
 
 ---
 - name: Add ansible group
-  ansible.builtin.group:
+  group:
     name: ansible
     state: present
 
 - name: Add new ansible user
-  ansible.builtin.user:
+  user:
     name: ansible
     group: ansible
     groups: ansible,{{ sudo_group }}
@@ -23,7 +23,7 @@
     shell: /bin/bash
 
 - name: Add ansible user to sudoers
-  ansible.builtin.copy:
+  copy:
     src: ansible/ansible_sudoers
     dest: /etc/sudoers.d/ansible
     owner: root
@@ -31,9 +31,18 @@
     mode: 0440
 
 - name: Create .ssh directory
-  ansible.builtin.file:
+  file:
     path: /home/ansible/.ssh
     state: directory
     owner: ansible
     group: ansible
     mode: 0700
+  with_items:
+    - dir: /home/ansible/.ssh
+
+- name: Copy ssh public key
+  authorized_key:
+    user: ansible
+    key: "{{ item }}"
+  with_file:
+    - ansible/ansible.pub

roles/setup/tasks/users/noahk.yml

@@ -9,21 +9,21 @@
 
 ---
 - name: Create the group
-  ansible.builtin.group:
+  group:
     name: noahk
     state: present
 
 - name: Create the user
-  ansible.builtin.user:
+  user:
     name: noahk
     group: noahk
-    groups: noahk,{{ setup_sudo_group }}
+    groups: noahk,{{ sudo_group }}
-    password: "{{ setup_noahk_password }}"
+    password: "{{ noahk_password }}"
     state: present
     shell: /bin/bash
 
 - name: Add user to sudoers
-  ansible.builtin.copy:
+  copy:
     src: noahk/noahk_sudoers
     dest: /etc/sudoers.d/noahk
     owner: root
@@ -31,9 +31,18 @@
     mode: 0440
 
 - name: Create .ssh directory
-  ansible.builtin.file:
+  file:
     path: /home/noahk/.ssh
     state: directory
     owner: noahk
     group: noahk
     mode: 0700
+  with_items:
+    - dir: /home/noahk/.ssh
+
+- name: Copy ssh public key
+  authorized_key:
+    user: noahk
+    key: "{{ item }}"
+  with_file:
+    - noahk/noahk.pub

roles/setup/templates/zshrc.j2

@@ -0,0 +1,147 @@
+# If you come from bash you might have to change your $PATH.
+# export PATH=$HOME/bin:/usr/local/bin:$PATH
+
+# Path to your oh-my-zsh installation.
+ZSH=/usr/share/oh-my-zsh/
+
+# Set name of the theme to load --- if set to "random", it will
+# load a random theme each time oh-my-zsh is loaded, in which case,
+# to know which specific one was loaded, run: echo $RANDOM_THEME
+# See https://github.com/ohmyzsh/ohmyzsh/wiki/Themes
+ZSH_THEME="amuse"
+
+# Set list of themes to pick from when loading at random
+# Setting this variable when ZSH_THEME=random will cause zsh to load
+# a theme from this variable instead of looking in $ZSH/themes/
+# If set to an empty array, this variable will have no effect.
+# ZSH_THEME_RANDOM_CANDIDATES=( "robbyrussell" "agnoster" )
+
+# Uncomment the following line to use case-sensitive completion.
+# CASE_SENSITIVE="true"
+
+# Uncomment the following line to use hyphen-insensitive completion.
+# Case-sensitive completion must be off. _ and - will be interchangeable.
+# HYPHEN_INSENSITIVE="true"
+
+# Uncomment the following line to disable bi-weekly auto-update checks.
+DISABLE_AUTO_UPDATE="true"
+
+# Uncomment the following line to automatically update without prompting.
+# DISABLE_UPDATE_PROMPT="true"
+
+# Uncomment the following line to change how often to auto-update (in days).
+# export UPDATE_ZSH_DAYS=13
+
+# Uncomment the following line if pasting URLs and other text is messed up.
+# DISABLE_MAGIC_FUNCTIONS="true"
+
+# Uncomment the following line to disable colors in ls.
+# DISABLE_LS_COLORS="true"
+
+# Uncomment the following line to disable auto-setting terminal title.
+# DISABLE_AUTO_TITLE="true"
+
+# Uncomment the following line to enable command auto-correction.
+ENABLE_CORRECTION="true"
+
+# Uncomment the following line to display red dots whilst waiting for completion.
+# COMPLETION_WAITING_DOTS="true"
+
+# Uncomment the following line if you want to disable marking untracked files
+# under VCS as dirty. This makes repository status check for large repositories
+# much, much faster.
+# DISABLE_UNTRACKED_FILES_DIRTY="true"
+
+# Uncomment the following line if you want to change the command execution time
+# stamp shown in the history command output.
+# You can set one of the optional three formats:
+# "mm/dd/yyyy"|"dd.mm.yyyy"|"yyyy-mm-dd"
+# or set a custom format using the strftime function format specifications,
+# see 'man strftime' for details.
+# HIST_STAMPS="mm/dd/yyyy"
+
+# Would you like to use another custom folder than $ZSH/custom?
+# ZSH_CUSTOM=/path/to/new-custom-folder
+
+# Which plugins would you like to load?
+# Standard plugins can be found in $ZSH/plugins/
+# Custom plugins may be added to $ZSH_CUSTOM/plugins/
+# Example format: plugins=(rails git textmate ruby lighthouse)
+# Add wisely, as too many plugins slow down shell startup.
+plugins=(
+	zsh-autosuggestions
+	zsh-syntax-highlighting
+	git
+
+	cp
+	docker
+	docker-compose
+	dotenv
+	extract
+	git-auto-fetch
+	gitignore
+	golang
+	helm
+	jsontools
+	kubectl
+	nvm
+	rust
+	rsync
+	sudo
+	systemd
+	themes
+	tmux
+	vscode
+	nmap
+)
+
+
+# User configuration
+
+# Set the XDG_CONFIG_HOME in this file
+XDG_CONFIG_HOME=${XDG_CONFIG_HOME:=${HOME}/.config}
+
+# Source the env variables from the XDG_CONFIG_HOME
+source $XDG_CONFIG_HOME/zsh/.zshenv
+
+# export MANPATH="/usr/local/man:$MANPATH"
+
+# You may need to manually set your language environment
+# export LANG=en_US.UTF-8
+
+# Preferred editor for local and remote sessions
+# if [[ -n $SSH_CONNECTION ]]; then
+#   export EDITOR='vim'
+# else
+#   export EDITOR='mvim'
+# fi
+
+# Compilation flags
+# export ARCHFLAGS="-arch x86_64"
+
+# Set personal aliases, overriding those provided by oh-my-zsh libs,
+# plugins, and themes. Aliases can be placed here, though oh-my-zsh
+# users are encouraged to define aliases within the ZSH_CUSTOM folder.
+# For a full list of active aliases, run `alias`.
+#
+# Example aliases
+# alias zshconfig="mate ~/.zshrc"
+# alias ohmyzsh="mate ~/.oh-my-zsh"
+
+# Custom aliases
+alias zshrc="nvim ~/.zshrc && source ~/.zshrc"
+source $XDG_CONFIG_HOME/zsh/.aliases
+
+ZSH_CACHE_DIR=$HOME/.cache/oh-my-zsh
+if [[ ! -d $ZSH_CACHE_DIR ]]; then
+  mkdir $ZSH_CACHE_DIR
+fi
+
+source $ZSH/oh-my-zsh.sh
+
+# For sharship rs loading
+eval "$(starship init zsh)"
+
+# tabtab source for packages
+# uninstall by removing these lines
+[[ -f ~/.config/tabtab/zsh/__tabtab.zsh ]] && . ~/.config/tabtab/zsh/__tabtab.zsh || true

roles/setup/vars/Archlinux.yml

@@ -8,7 +8,7 @@
 # ===================================================================================================
 
 ---
-setup_sudo_group: wheel
+sudo_group: wheel
-setup_openssh_service: sshd
+openssh_service: sshd
-setup_openssh_package: openssh
+openssh_package: openssh
-setup_sftp_path: /usr/lib/ssh/sftp-server
+sftp_path: /usr/lib/ssh/sftp-server

roles/setup/vars/Debian.yml

@@ -8,7 +8,7 @@
 # ===================================================================================================
 
 ---
-setup_sudo_group: sudo
+sudo_group: sudo
-setup_openssh_service: ssh
+openssh_service: ssh
-setup_openssh_package: openssh-server
+openssh_package: openssh-server
-setup_sftp_path: /usr/lib/openssh/sftp-server
+sftp_path: /usr/lib/openssh/sftp-server

roles/setup/vars/Ubuntu.yml

@@ -8,7 +8,8 @@
 # ===================================================================================================
 
 ---
-setup_sudo_group: sudo
+sudo_group: sudo
-setup_openssh_service: ssh
+openssh_service: ssh
-setup_openssh_package: openssh-server
+openssh_package: openssh-server
-setup_sftp_path: /usr/lib/openssh/sftp-server
+sftp_path: /usr/lib/openssh/sftp-server
+ssh_port: 4422

roles/setup/vars/main.yml

@@ -8,5 +8,5 @@
 # ===================================================================================================
 
 ---
-setup_ansible_password: "$6$8eLzx6DNI/aamHAp$ZJK3kpbXDaMDUxuCFzRbbYL78aqdDnRRd1zbQPO2ED.pQQdcuAEnwBI2Vf3a36j7I5ED4STx6TLQnB8RiY3Vw/"
+ansible_password: '$6$8eLzx6DNI/aamHAp$ZJK3kpbXDaMDUxuCFzRbbYL78aqdDnRRd1zbQPO2ED.pQQdcuAEnwBI2Vf3a36j7I5ED4STx6TLQnB8RiY3Vw/'
-setup_noahk_password: "$6$8eLzx6DNI/aamHAp$ZJK3kpbXDaMDUxuCFzRbbYL78aqdDnRRd1zbQPO2ED.pQQdcuAEnwBI2Vf3a36j7I5ED4STx6TLQnB8RiY3Vw/"
+noahk_password: '$6$8eLzx6DNI/aamHAp$ZJK3kpbXDaMDUxuCFzRbbYL78aqdDnRRd1zbQPO2ED.pQQdcuAEnwBI2Vf3a36j7I5ED4STx6TLQnB8RiY3Vw/'

site.yml

@@ -8,27 +8,33 @@
 # ===================================================================================================
 
 ---
-- name: Setup
+- hosts: datacenter
-  hosts: all
   remote_user: root
   roles:
     - role: setup
       when: setup is defined
 
+- hosts: datacenter
+  remote_user: ansible
+  roles:
+    - role: docker
+    - role: nvm
+    - role: node
+    - role: corepack
+
 # Clean up the system
-- name: Cleanup
+- hosts: datacenter
-  hosts: all
   remote_user: ansible
   become: true
   tasks:
-    - name: Cleanup package cache (debian and ubuntu)
+    - name: cleanup package cache (debian and ubuntu)
-      ansible.builtin.apt:
+      apt:
         autoclean: true
       changed_when: false
       when: ansible_os_family == "Debian"
 
-    - name: Autoremove packages (debian and ubuntu)
+    - name: autoremove packages (debian and ubuntu)
-      ansible.builtin.apt:
+      apt:
         autoremove: true
         purge: true
       when: ansible_os_family == "Debian"