Initial commit

.gitattributes

@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto

.gitignore

@@ -0,0 +1,5 @@
+releases/
+docs/site
+id_rsa
+.vagrant
+*.pyc

.travis.yml

@@ -0,0 +1,15 @@
+---
+sudo: required
+language: python
+services: docker
+
+cache:
+  - pip
+
+install:
+  - pip install --upgrade pip
+  - pip install ansible ansbile-lint yamllint mazer molecule docker
+
+script:
+  - ansible-lint roles/*
+  - yamllint roles/*

.yamllint

@@ -0,0 +1,32 @@
+---
+extends: default
+
+rules:
+  braces:
+    max-spaces-inside: 1
+    level: error
+  brackets:
+    max-spaces-inside: 1
+    level: error
+  colons: enable
+  commas: enable
+  comments:
+    level: warning
+  comments-indentation:
+    level: warning
+  document-end: disable
+  document-start:
+    level: warning
+  empty-lines: enable
+  empty-values: enable
+  hyphens: enable
+  indentation: enable
+  key-duplicates: enable
+  key-ordering: disable
+  line-length: disable
+  new-line-at-end-of-file: disable
+  new-lines: enable
+  octal-values: enable
+  quoted-strings: disable
+  trailing-spaces: enable
+  truthy: disable

README.md

@@ -0,0 +1,56 @@
+Ansible Workstation Collection
+==============================
+
+[Ansible Galaxy Collection: Workstation](https://galaxy.ansible.com/buluma/workstation):
+
+- baseline: install baseline (epel for CentOS, python2-pip) as required by other roles
+- dotfiles - download and link dotfiles from git repo
+- flatpak - install and configure flatpaks
+- baseline - baseline configuration (ex: sshd_config)
+- micro - setup micro editor
+- packages - install various packages
+- pandoc - install pandoc
+- pip - install various python modules from pip
+- profile - setup profile, motd
+- secure - secure the system (ex: sshd_config PermitRootLogin no)
+
+Tested on:
+----------
+
+- CentOS 7
+- RHEL 8
+- Fedora 30
+- Ubuntu 18.04
+- Debian 10
+
+Example
+-------
+
+### Install the role:
+
+```bash
+ansible-galaxy collection install buluma.workstation
+```
+
+
+### playbook.yml example
+
+```yaml
+- name: setup a workstation environment
+  hosts: all
+  connection: local
+  become: yes
+  gather_facts: yes
+  roles:
+    - role: buluma.workstation.dotfiles
+```
+
+### Running a single role:
+
+```
+ansible localhost -m include_role -a 'name=secure'
+```
+
+# See also:
+
+- [Ansible Virtualization Collection](https://galaxy.ansible.com/buluma/virtualization)

ansible.cfg

@@ -0,0 +1,33 @@
+[defaults]
+#strategy                = free
+strategy                = linear
+
+# Facts gathering and caching
+#gathering               = smart
+fact_caching_timeout    = 86400
+fact_caching            = jsonfile
+fact_caching_connection = /tmp/ansible_facts_cache.json
+
+# Callback and logging
+stdout_callback         = debug
+nocows                  = 1
+log_path                = /tmp/ansible.log
+display_skipped_hosts   = no
+display_args_to_stdout  = False
+deprecation_warnings    = True
+#callback_whitelist      = profile_tasks
+
+# Inventory and connectivity
+inventory               = hosts
+remote_user             = vagrant
+host_key_checking       = False
+forks                   = 20
+pipelining              = True
+remote_tmp              = /tmp/.ansible
+ansible_python_interpreter = /usr/bin/python3
+
+[privilege_escalation]
+become                  = True
+become_method           = sudo
+become_user             = root
+become_ask_pass         = False

bundle.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# exit when any command fails
+set -e
+
+# Run lint
+yamllint roles/*
+ansible-lint roles/*
+ansible-playbook --syntax-check playbook.yml
+
+# Release
+my_release=$(mazer build | awk 'END{print $NF}')
+
+
+echo "Release ${my_release} to ansible-galaxy?"
+select yn in "Yes" "No"; do
+    case $yn in
+        Yes ) mazer publish ${my_release}; break;;
+        No ) exit;;
+    esac
+done

galaxy.yml

@@ -0,0 +1,24 @@
+---
+namespace: "buluma"
+name: "workstation"
+version: "1.0.17"
+readme: "README.md"
+authors:
+  - "Michael Buluma (https://github.com/buluma)"
+description: "Collection of Workstation Tools"
+license:
+  - "MIT"
+tags:
+  - linux
+  - workstation
+  - baseline
+  - profile
+  - dotfiles
+  - micro
+  - pip
+  - development
+  - collection
+repository: "https://www.github.com/buluma/ansible_workstation"
+homepage: "https://www.github.com/buluma/ansible_workstation"
+documentation: "https://www.github.com/buluma/ansible_workstation"
+issues: "https://www.github.com/buluma/ansible_workstation/issues"

playbook.yml

@@ -0,0 +1,18 @@
+---
+# ansible-playbook -i localhost, playbook.yml -e 'ansible_python_interpreter=/usr/bin/python3'
+
+- hosts: all
+  connection: local
+  gather_facts: yes
+  roles:
+    - role: hugo
+    - role: baseline
+    - role: packages
+    - role: micro
+    - role: pandoc
+    - role: profile
+    - role: dotfiles
+    - role: flatpak
+    - role: pip
+    - role: npm
+    - role: secure

playbooks/templates/playbook.yml

@@ -0,0 +1,11 @@
+---
+# ansible-playbook playbook.yml
+
+- hosts: all
+  connection: ssh
+  gather_facts: yes
+  roles:
+    - role: crivetimihai.workstation.dotfiles
+    - role: crivetimihai.workstation.profile
+    - role: crivetimihai.workstation.packages
+    - role: crivetimihai.workstation.baseline

requirements.txt

@@ -0,0 +1,10 @@
+docker
+ansible
+ansible-lint
+yamllint
+mazer
+molecule
+molecule[docker] # requires libyaml-devel
+setuptools
+selinux
+python-vagrant

roles/baseline/.yamllint

@@ -0,0 +1,12 @@
+---
+extends: default
+
+rules:
+  braces:
+    max-spaces-inside: 1
+    level: error
+  brackets:
+    max-spaces-inside: 1
+    level: error
+  line-length: disable
+  truthy: disable

roles/baseline/README.md

@@ -0,0 +1,35 @@
+Role Name
+=========
+
+baseline
+
+Requirements
+------------
+
+- For RHEL, a Red Hat subscription or functional local repository.
+
+Role Variables
+--------------
+
+
+Dependencies
+------------
+
+- For Red Hat, subscription-manager.
+
+Example Playbook
+----------------
+
+    - hosts: servers
+      roles:
+         - role: baseline
+
+License
+-------
+
+MIT
+
+Author Information
+------------------
+
+- [Mihai Criveti](https://www.linkedin.com/in/crivetimihai/)

roles/baseline/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for baseline

roles/baseline/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for baseline

roles/baseline/meta/main.yml

@@ -0,0 +1,35 @@
+---
+galaxy_info:
+  author: buluma
+  description: Baseline
+  company: ShadowNet
+  license: MIT
+  min_ansible_version: 2.4
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  platforms:
+    - name: Fedora
+      versions:
+        - all
+        - 30
+    - name: EL
+      versions:
+        - 7
+        - 8
+    - name: Ubuntu
+      versions:
+        - bionic
+    - name: Debian
+      versions:
+        - buster
+
+  galaxy_tags:
+    - debian
+    - ubuntu
+    - rhel
+    - centos
+    - fedora
+
+# dependencies: []

roles/baseline/molecule/default/molecule.yml

@@ -0,0 +1,39 @@
+---
+dependency:
+  name: galaxy
+  role-file: requirements.yml
+driver:
+  name: docker
+  provider:
+    name: docker
+lint:
+  name: yamllint
+platforms:
+  - name: baseline-centos-76
+    image: centos:7.6.1810
+    dockerfile: ../resources/Dockerfile.j2
+    privileged: True
+    pre_build_image: False
+    volume_mounts:
+      - "/sys/fs/cgroup:/sys/fs/cgroup:rw"
+    tmpfs:
+      - /run
+      - /tmp
+    command: "/usr/sbin/init"
+    environment:
+      container: docker
+provisioner:
+  name: ansible
+  log: True
+  playbooks:
+    vagrant:
+      prepare: ../resources/playbooks/prepare.yml
+    converge: ../resources/playbooks/playbook.yml
+    verify: ../resources/playbooks/verify.yml
+  lint:
+    name: ansible-lint
+verifier:
+  name: goss
+  directory: ../resources/tests
+  lint:
+    name: yamllint