Add flake.lock

.ansible-lint

@@ -0,0 +1,6 @@
+---
+exclude_paths: [~/.ansible, roles]
+
+skip_list:
+  - '306'
+  - '106'

.github/workflows/constraints.txt

@@ -1,4 +1,3 @@
-pip==24.0
 ansible==9.2.0
 ansible-lint==24.2.0
 yamllint==1.35.1

.github/workflows/release.yml

@@ -19,7 +19,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
-          python-version: "3.12"
+          python-version: "3.13"
 
       - name: Check if there is a parent commit
         id: check-parent-commit

.github/workflows/tests.yml

@@ -0,0 +1,67 @@
+---
+name: Tests
+
+"on":
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out the repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 2
+
+      - name: Set up Python 3.
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.13"
+
+      - name: Install UV
+        uses: astral-sh/setup-uv@v5
+
+      - name: Upgrade ansible-lint
+        run: |
+          uv pip install --constraint=.github/workflows/constraints.txt ansible-lint ansible
+      - name: Upgrade yamllint
+        run: |
+          uv pip install --constraint=.github/workflows/constraints.txt yamllint
+
+      - name: Lint code.
+        run: |
+          yamllint .
+          ansible-lint
+  molecule:
+    name: Molecule
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        distro:
+          - debian12
+    steps:
+      - name: Check out the repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.13"
+
+      - name: Install UV
+        uses: astral-sh/setup-uv@v5
+
+      - name: Install test dependencies
+        run: uv pip install --constraint=.github/workflows/constraints.txt ansible 'molecule-plugins[podman]' podman
+
+      - name: Run Molecule tests
+        run: molecule -v test
+        env:
+          PY_COLORS: "1"
+          ANSIBLE_FORCE_COLOR: "1"
+          MOLECULE_DISTRO: ${{ matrix.distro }}

.gitignore

@@ -1,6 +1,7 @@
 /docs/_build/
 *.vagrant
 *.retry
+roles*
 config*.yml
 .cache/
 .python-version

.yamllint

@@ -0,0 +1,16 @@
+---
+extends: default
+
+rules:
+  line-length:
+    max: 180
+    level: warning
+  document-start:
+    level: error
+  truthy:
+    level: error
+
+ignore: |
+  .github/stale.yml
+  .cache
+  roles

CONTRIBUTING.md

@@ -35,15 +35,16 @@ Request features on the [Issue Tracker].
 
 ## How to set up your development environment
 
-You need Python 3.12+ and the following tools:
+You need Python 3.13+ and the following tools:
 
+- [Molecule]
 - [Podman]
 - [Pre-commit]
 - [Vagrant] (optional)
 
 The good thing is to install them you just need [Ansible] and this playbook.
 
-[Pre-commit] is installed with `python_developer` tools, [Podman] and [Vagrant] with [Nix] packages by default.
+[Pre-commit] is installed with `python_developer` tools, [Podman] and [Vagrant] with [Nix] packages by default. For [Molecule] read their docs.
 
 [molecule]: https://ansible.readthedocs.io/projects/molecule/en/latest/
 [podman]: https://podman.io/

README.md

@@ -10,11 +10,11 @@
 
 - Support processor architectures: x86_64 (only one for now, may be extended in the future).
 - Development: [Golang], [NodeJs] and [Python tools].
-  - IDEs: [VSCodium] and [Pycharm] installation.
-- Browsers: [Brave], [Firefox] and [Mullvad Browser].
+  - IDEs: [VSCodium] installation (via Nixpkgs).
+- Browsers: [Brave], [Firefox] and [Mullvad Browser] (via Nix).
 - Replaces [LibreOffice] with [OnlyOffice].
-- Assorted FOSS programs: [Cryptomator], [KeyPass], [OBS], [OpenRGB], [RClone], and [Signal] messenger installation.
-- Configurations: dotfiles, shell/terminals, [Gnome], [Git], ssh, keyboard...
+- Assorted FOSS programs: [Cryptomator], [KeyPass], [OBS], [OpenRGB], [RClone], and [Signal] (via Nixpkgs) messenger installation.
+- Configurations: dotfiles, zsh (via Nix), terminals, [Gnome], [Git], ssh, keyboard...
 
 Note: this is an opinionated setup I personally use for software development on [NixOS](https://nixos.org). You can customize all the changes following instructions in [Overriding Defaults](#overriding-defaults).
 

ansible.cfg

@@ -0,0 +1,9 @@
+[defaults]
+nocows = True
+roles_path = ./roles:/etc/ansible/roles
+timeout = 30
+interpreter_python = /usr/bin/python3
+
+[ssh_connection]
+pipelining = True
+control_path = /tmp/ansible-ssh-%%h-%%p-%%r

default.config.yml

@@ -0,0 +1,170 @@
+---
+# Install packages
+install_packages: true
+installed_packages:
+  - apache2-utils
+  - cmake
+  - dconf-editor  # visual gnome configs
+  - gir1.2-clutter-1.0  # dep gnome extension system monitor
+  - gir1.2-clutter-gst-3.0  # dep gnome extension system monitor
+  - gir1.2-gtkclutter-1.0  # dep gnome extension system monitor
+  - git
+  - locales-all
+  - openssl
+  - podman  # see https://github.com/NixOS/nixpkgs/issues/138423
+  - poedit
+
+nix_packages:
+  - name: kubectl
+    check_cmd: kubectl version --client
+  - name: helm
+    check_cmd: helm --version
+  - name: k9s
+    check_cmd: k9s version
+  - name: htop
+    check_cmd: htop --version
+  - name: nmap
+    check_cmd: nmap --version
+  - name: thefuck
+    check_cmd: thefuck --version
+  - name: tmux
+    check_cmd: tmux -V
+  - name: vagrant
+    check_cmd: vagrant --version
+  - name: vim
+    check_cmd: vim --version
+  - name: wget
+    check_cmd: wget --version
+  - name: xclip
+    check_cmd: xclip -version
+
+# Install packages from other package managers
+install_extra_packages: true
+# Note: You are responsible for adding the required package managers
+# installation, eg. through nix
+snap_packages: []
+# - name: postman
+gem_packages: []
+# - name: bundler
+#   state: present # present/absent/latest, default: present
+#   version: "~> 1.15.1" # default: N/A
+npm_packages: []
+# - name: webpack
+#   state: present # present/absent/latest, default: present
+#   version: "^2.6" # default: N/A
+
+# Docker
+# Default is false in favor to podman installation in installed_packages
+install_docker: false
+
+# Dotfiles (requires git on installed_packages or extra_packages)
+configure_dotfiles: true
+dotfiles_repo: "https://github.com/staticdev/dotfiles-eg.git"
+dotfiles_repo_version: main
+dotfiles_files:
+  - .tmux.conf
+  - .vimrc
+  - .zshrc
+
+# Development
+## Go settings
+golang_developer: true
+golang_version: "1.21.5"
+
+## NodeJs settings
+nodejs_developer: true
+nodejs_version: "20.x"
+
+## Python settings
+python_developer: true
+pyenv_python_versions:
+  - 3.12.1
+  - 3.11.7
+pyenv_global:
+  - 3.12.1
+  - 3.11.7
+pyenv_virtualenvs: []
+
+# keyboard config
+configure_keyboard: false
+keyboard_layout: us
+keyboard_variant: intl
+keyboard_c_cedilla: false
+
+# SSH config
+configure_ssh: true
+ssh_key_type: ed25519  # you can also choose between: dsa, ecdsa and ed25519
+# For RSA keys, the minimum size is 1024 bits and the default is 4096 bits. Generally, 2048 bits is considered sufficient.
+# DSA keys must be exactly 1024 bits as specified by FIPS 186-2.
+# For ECDSA keys, size determines the key length by selecting from one of three elliptic curve sizes: 256, 384 or 521 bits.
+# Attempting to use bit lengths other than these three values for ECDSA keys will cause this module to fail.
+# Ed25519 keys have a fixed length and the size will be ignored.
+ssh_key_size:
+ssh_key_passphrase: super_secret_password
+
+# Sudoers config
+configure_sudoers: false
+sudoers_custom_config: ""
+# Example:
+# sudoers_custom_config: |
+#   # Allow users in admin group to use sudo with no password.
+#   %admin ALL=(ALL) NOPASSWD: ALL
+
+# Terminal config
+## Guake config
+configure_terminal: true
+guake_keybinding: "F12"
+
+# Git config
+setup_git: true
+git_init_default_branch: main
+git_pull_rebase: false
+## create workspace folders with specific configs
+git_create_workspaces: true
+git_workspaces:
+  - folder_name: workspace
+    email: name@mail.com
+    username: gitusername
+#  - folder_name: workspace2
+#    email: name2@mail.com
+#    username: gitusername2
+## used only if git_create_workspaces is false
+git_email: name@mail.com
+git_username: gitusername
+
+# Office setup
+install_onlyoffice: true
+## remove libreoffice in favor to onlyoffice
+remove_libreoffice: false
+
+# Gnome config
+gnome_setup: false
+gnome_favorite_apps:
+  [
+    "firefox.desktop",
+    "brave-browser.desktop",
+    "org.gnome.Nautilus.desktop",
+    "codium.desktop",
+  ]
+
+# enable entire screen sharing
+enable_screen_sharing: false
+
+# extra installs
+## cryptomator
+install_cryptomator: false
+cryptomator_version: 1.11.1
+
+install_keypass_xc: false
+install_obs: false
+install_rclone: false
+
+## openrgb
+install_openrgb: false
+# get from https://gitlab.com/CalcProgrammer1/OpenRGB/-/tags
+openrgb_git_release: release_0.9
+openrgb_deb_version: 0.9.0
+openrgb_deb_architecture: amd64
+
+# glob pattern to ansible task files to run after all other tasks are finished.
+post_provision_tasks: []

eg/flake.nix

@@ -1,7 +1,7 @@
 {
   inputs = {
     cfg = {
-      url = "github:staticdev/linux-workstation-playbook/feature/install-packages-with-home-manager";
+      url = "github:staticdev/linux-workstation-playbook";
     };
   };
 

handlers/main.yml

@@ -0,0 +1 @@
+---

inventory

@@ -0,0 +1,2 @@
+[all]
+127.0.0.1  ansible_connection=local