Ansible playbook similar to (or a shameless copy of) geerlingguy/mac-dev-playbook
This playbook installs and configures most of the software I use on my Ubuntu laptop for web and software development. This is my first real experience with Ansible and this repository is very much still a work in progress
- Go through Ubuntu installer interactive setup
- Download the .zip for this repository from GitHub and configure the playbook to suit your needs
- Install Ansible:
./install-ansible.sh
You will probably want to skip this step and disable the home-vpn-route role which creates a single IP route to my homelab server through a WireGuard VPN from my Unifi UDM Pro.
- Download VPN conf file from Unifi for Home VPN (very specific to my personal setup)
- Rename VPN file to
Home.conf, go to network settings to add VPN, pick import from file
I have a few computers that I want to install different stuff on in theory, mostly it's that I have different VS Code plugins on my work computer. But to that end I have an inventory file that has three different groups of hosts, laptop, desktop, and work.
You can also go the same route as Jeff Geerling and use a simplified inventory file:
[all]
127.0.0.1 ansible_connection=local- Make changes to the
inventory.ymlfile if you need to. - Make changes to the
playbook.ymlplaybook to fit your own preferences or fork this repo and modify it - Run ansible playbook via
./run-playbook.sh -Kscript
You need to go through some manual steps that have not been automated or are not as practical to automate:
- Login to 1Password desktop app
- Add 1Password addon to Firefox and login again
- Enable SSH Agent through the 1Password desktop app settings
- Copy a passwordless SSH key for your rsync backups to
.ssh/rsync_ed25519 - Run
nordvpn loginto login to nordvpn - Optionally run
nordvpn autoconnect enabledto autoconnect to opitmal server ornordvpn set autoconnect enabled Icelandfor the Icelandic server.
Below are some of my goals and thoughts on this project, feel free to totally ignore them.
- Be able to format my computer and restore it in ~15 minutes.
- Minimize post installation steps for software I use
- Dotfiles setup for sharing configurations between machines
- Backup and share files between machines (Rsync and Syncthing)
This playbook now includes a role to install and configure Syncthing on Ubuntu. It will:
- Install Syncthing from the official repository
- Ensure the Syncthing service is enabled and started for your user
You can add or manage Syncthing folders and devices via the Syncthing web UI after the playbook runs. My personal setup is just the default ~/Sync folder from Syncthing. I don't like the idea of having my entire home directoyr Synced with Syncthing but I like being able to share files easily.
It does not:
- Automate authentication
- Add role to download and configure fonts, current role is not idempotent
- Systemd service for RSync backups
- Set up Syncthing for
/home/$USER/shared - Split playbook into a few parts to make running new additions easier
- Create a playbook for my homelab server configuration to set up automatic ZFS snapshots and MOTD
I've been sort of reviewing my monospace font choices and I seem to have landed on Adobe's Source Code font for monospaced fonts but have not yet configured all my applications and gnome terminal to use it.
Also the powerline font download role is not idempotent, I think downloading the files and tracking them in this repository makes most sense for me.
The top contenders are:
- Source Code Pro
- DejaVuSansMono
- Inconsolata
I have almost settled on a backup solution involving RSync for certain folders in the /home/$USER directory and in the future adding a single Syncthing folder for /home/$USER/shared to make sharing files between machines easier.
Syncthing could be used for the entire home directory but I though RSync via SSH to my homelab server was a bit more straight forward and I did not have enough time to research hardening Syncthing and restoring the TLS certs needed for authentication.
I think creating a systemd service for RSync backups makes most sense for me, there is an edge case in this playbook where if you run the ansible role tasks which restore the backups from the source if there is a problem then the next time you run the automated "push" using the --delete flag you might overwrite your server backups.
A systemd service which can check network status as well as tracking the time between last backups makes most sense (possibly even use inotify to automatically backup on file changes).