dotfiles/ansible
Tudor Roman 5e6361b9b5
Let each host define the homedir instead of one global one in the flake
2024-01-13 13:01:54 +01:00
..
collections Managing the underlying non-NixOS system with ansible 2023-11-24 17:04:50 +01:00
playbooks ansible: install langpacks 2023-12-22 15:44:19 +02:00
roles Let each host define the homedir instead of one global one in the flake 2024-01-13 13:01:54 +01:00
.gitignore Managing the underlying non-NixOS system with ansible 2023-11-24 17:04:50 +01:00
README.md ansible: install langpacks 2023-12-22 15:44:19 +02:00
ansible.cfg ansible: enable pipelining 2023-11-24 18:35:29 +01:00
hosts.yml ansible: connect through ssh 2023-11-26 22:40:50 +01:00

README.md

Ansible roles and playbooks

While I very much love Nix and NixOS, I think NixOS is not suitable for a developer's day-to-day-use machine. On my personal machine, which is now just a laptop, I want to be able to quickly change settings and run random scripts and programs without first adapting them, whereas on a server and/or a VM (either a server VM, or just some tiny one for development and testing) I do prefer having the rigurousness that NixOS provides. For this reason, I prefer running Nix with Home Manager on top of Fedora on my laptop. I actually use Fedora Silverblue, which also gives me a very nice system base that I can version and roll-back if needed, with the advantage of looking very much like a "normal" Linux distro. I even have automatic updates that are applied transparently on next reboot!

I would, however, like to also manage the underlying OS in a declarative way. I am using Ansible to achieve this.

Setup

First and foremost, as a desktop user, I'd like to have some niceties like hardware accelerated codecs and compatibility with various peripherals. Luckily, the Universal Blue project provides ready-made Silverblue-based OSTree images with neat additions for desktop users.

This setup assumes that you already installed the Universal Blue silverblue-main image! Applying it on top of stock Fedora Silverblue should also work just fine!

Because I don't want to litter my Silverblue install with Ansible and Python stuff, I am running it from a container (with either Toolbx or Distrobox). To make that work, I enabled the SSH daemon, added my own SSH key to authorized_keys, and configured the daemon to only allow pubkey authentication.

To prepare the environment:

distrobox create ansible-box [--image whatever]
distrobox enter ansible-box

TODO: setup l10n properly. This is currently done at OS install time. I have very funny l10n choices:

  • Language: British English
  • Measurements, time, date etc: Dutch (Netherlands)
  • Keyboard: "Romanian", XKB ro, on Windows it's called "Romanian (Programmers)". It's IMO the best if you write primarily English but you also want to be able to write accents and funny symbols, it has a nice selection of deadkeys that are not annoying to use either (looking at you, Windows "English (International)").

Running

distrobox enter ansible-box
ansible-playbook playbooks/a_playbook.yml -K # the -K is short for --ask-become-pass

# or even shorter
distrobox enter ansible-box -- ansible-playbook playbooks/a_playbook.yml -K

To lint, run ansible-lint (installation left as an exercise to the reader), or:

nix flake check # this builds EVERYTHING, it will take a while