diff --git a/AGENTS.md b/AGENTS.md index c603576..44d90f2 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -8,8 +8,8 @@ Project type: Ansible-based infrastructure plus managed dotfiles. - Inventory: `ansible/inventory/hosts.yml` - Group vars: `ansible/inventory/group_vars/*.yml` - Host vars: `ansible/inventory/host_vars/*.yml` -- Active roles: `dotfiles_common`, `packages_void`, `services_runit`, `profile_desktop_i3` -- Roles present but not currently wired into `ansible/site.yml`: `base`, `dotfiles`, `packages_ubuntu`, `services_systemd`, `profile_workstation_gnome`, `profile_server` +- Active roles: `dotfiles_common`, `packages_void`, `services_runit`, `profile_desktop_i3`, `packages_ubuntu`, `services_systemd`, `profile_workstation_gnome` +- Roles present but not currently wired into `ansible/site.yml`: `base`, `dotfiles`, `profile_server` - Dotfiles source of truth: `dotfiles/` - Utility scripts: `scripts/` - Sensitive local material/examples: `secrets/` @@ -33,8 +33,9 @@ If any of these files appear later, treat them as higher-priority local instruct `ansible/site.yml` currently applies: - `all -> dotfiles_common` - `void -> packages_void, services_runit, profile_desktop_i3` +- `ubuntu_workstation -> packages_ubuntu, services_systemd, profile_workstation_gnome` -Inventory also defines Ubuntu workstation and server hosts, but those paths are not yet orchestrated by the main playbook. +Ubuntu server inventory and role scaffolding still exist, but the server path is not yet orchestrated by the main playbook. ## Build, lint, and test commands There is no compile/build step. Validation is based on Ansible syntax checks, inventory inspection, dry-runs, and linting. @@ -52,8 +53,11 @@ ansible-playbook ansible/site.yml --check --diff ansible-playbook ansible/site.yml --syntax-check ansible-playbook ansible/site.yml --limit ikaros ansible-playbook ansible/site.yml --limit nymph +ansible-playbook ansible/site.yml --limit deadalus +ansible-playbook ansible/site.yml --limit ubuntu_workstation ansible-inventory --graph ansible-inventory --host ikaros +ansible-inventory --host deadalus ``` Linting and static checks if available locally: diff --git a/README.md b/README.md index 4245b5d..1496354 100644 --- a/README.md +++ b/README.md @@ -54,7 +54,8 @@ Il repository modella attualmente tre tipologie di profilo. Nota sullo stato attuale del playbook principale: - `ansible/site.yml` applica oggi in automatico il profilo desktop su host Void Linux -- i profili workstation e server sono gia presenti in inventory e nei ruoli, ma non sono ancora inclusi nel playbook principale +- `ansible/site.yml` applica anche il profilo `ubuntu_workstation` con un setup minimo basato su apt, systemd e GNOME +- il profilo server Ubuntu resta presente in inventory e nei ruoli, ma non e ancora incluso nel playbook principale ## Desktop @@ -99,7 +100,13 @@ Macchina: Questo profilo รจ pensato per sviluppo e lavoro. -Il modello e la struttura dei ruoli sono presenti, ma l'orchestrazione automatica tramite `ansible/site.yml` verra completata in una fase successiva. +Il profilo workstation Ubuntu e ora agganciato al playbook principale con una prima implementazione minima. + +Lo stato attuale del profilo workstation include: + +- installazione pacchetti base Ubuntu via apt +- abilitazione dei servizi systemd dichiarati in inventory/group vars +- predisposizione delle directory utente minime per il profilo workstation GNOME --- @@ -175,17 +182,19 @@ I principali ruoli attualmente presenti sono: # Stato attuale del playbook principale -Il playbook `ansible/site.yml` e attualmente composto da due blocchi: +Il playbook `ansible/site.yml` e attualmente composto da tre blocchi: ```text all -> dotfiles_common void -> packages_void + services_runit + profile_desktop_i3 +ubuntu_workstation -> packages_ubuntu + services_systemd + profile_workstation_gnome ``` Questo significa che, allo stato attuale: -- i desktop Void (`ikaros`, `nymph`) sono il target operativo principale -- inventory, gruppi e ruoli per workstation Ubuntu e server Ubuntu restano nel repository come base per l'estensione futura +- i desktop Void (`ikaros`, `nymph`) restano il target operativo piu completo +- la workstation Ubuntu (`deadalus`) e ora gestita con una prima orchestrazione minima +- inventory, gruppi e ruoli per il server Ubuntu restano nel repository come base per l'estensione futura # Dotfiles @@ -246,6 +255,7 @@ Allo stato attuale questo comando: - distribuisce i dotfiles comuni a tutti gli host - per gli host Void applica pacchetti, servizi runit e profilo desktop i3 +- per gli host `ubuntu_workstation` applica pacchetti Ubuntu, servizi systemd e profilo workstation GNOME minimo - carica `secrets/vault.yml` solo se presente Per validare prima di applicare: @@ -253,6 +263,7 @@ Per validare prima di applicare: ```bash ansible-playbook ansible/site.yml --syntax-check ansible-playbook ansible/site.yml --limit ikaros --check --diff +ansible-playbook ansible/site.yml --limit deadalus --check --diff ``` --- diff --git a/ansible/inventory/group_vars/ubuntu.yml b/ansible/inventory/group_vars/ubuntu.yml index f43416f..6c5595a 100644 --- a/ansible/inventory/group_vars/ubuntu.yml +++ b/ansible/inventory/group_vars/ubuntu.yml @@ -1 +1,9 @@ -# variables for Ubuntu hosts +--- +ubuntu_packages_base: + - ca-certificates + - curl + - gpg + - python3-apt + - python3-gi + - python3-gi-cairo + - software-properties-common diff --git a/ansible/inventory/group_vars/workstation.yml b/ansible/inventory/group_vars/workstation.yml index f21f166..fef6a31 100644 --- a/ansible/inventory/group_vars/workstation.yml +++ b/ansible/inventory/group_vars/workstation.yml @@ -1 +1,17 @@ -# workstation profile variables +--- +profile_packages: + - dbus-user-session + - gnome-keyring + - gnome-shell-extension-manager + - gnome-shell-extensions + - gnome-terminal + - gnome-tweaks + - seahorse + +workstation_user_directories: + - path: "{{ user_home }}/.config" + mode: "0755" + - path: "{{ user_home }}/.local" + mode: "0755" + - path: "{{ user_home }}/.local/bin" + mode: "0755" diff --git a/ansible/inventory/host_vars/deadalus.yml b/ansible/inventory/host_vars/deadalus.yml index e46e33a..fde13a4 100644 --- a/ansible/inventory/host_vars/deadalus.yml +++ b/ansible/inventory/host_vars/deadalus.yml @@ -1 +1,5 @@ -# deadalus specific variables +--- +hostname: deadalus + +host_packages: [] +host_enabled_services: [] diff --git a/ansible/inventory/hosts.yml b/ansible/inventory/hosts.yml index 406f0ca..8c3ff1d 100644 --- a/ansible/inventory/hosts.yml +++ b/ansible/inventory/hosts.yml @@ -1,3 +1,4 @@ +--- all: children: void: @@ -14,6 +15,19 @@ all: nymph: ansible_connection: local + ubuntu: + children: + ubuntu_workstation: + ubuntu_server: + + workstation: + children: + ubuntu_workstation: + + server: + children: + ubuntu_server: + ubuntu_workstation: hosts: deadalus: diff --git a/ansible/roles/packages_ubuntu/tasks/main.yml b/ansible/roles/packages_ubuntu/tasks/main.yml index 3ad996b..ce36bac 100644 --- a/ansible/roles/packages_ubuntu/tasks/main.yml +++ b/ansible/roles/packages_ubuntu/tasks/main.yml @@ -1 +1,18 @@ -# install packages with apt +--- +- name: Refresh apt package cache + tags: [packages] + ansible.builtin.apt: + update_cache: true + cache_valid_time: 3600 + +- name: Install packages on Ubuntu + tags: [packages] + ansible.builtin.apt: + name: >- + {{ + (common_packages | default([])) + + (ubuntu_packages_base | default([])) + + (profile_packages | default([])) + + (host_packages | default([])) + }} + state: present diff --git a/ansible/roles/profile_workstation_gnome/tasks/main.yml b/ansible/roles/profile_workstation_gnome/tasks/main.yml index 1dd15be..8a78f63 100644 --- a/ansible/roles/profile_workstation_gnome/tasks/main.yml +++ b/ansible/roles/profile_workstation_gnome/tasks/main.yml @@ -1 +1,12 @@ -# workstation profile tasks +--- +- name: Ensure workstation user directories exist + tags: [dotfiles, dotfiles:workstation] + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + owner: "{{ username }}" + group: "{{ user_group }}" + mode: "{{ item.mode }}" + loop: "{{ workstation_user_directories | default([]) }}" + loop_control: + label: "{{ item.path }}" diff --git a/ansible/roles/services_systemd/tasks/main.yml b/ansible/roles/services_systemd/tasks/main.yml index d901476..036562d 100644 --- a/ansible/roles/services_systemd/tasks/main.yml +++ b/ansible/roles/services_systemd/tasks/main.yml @@ -1 +1,20 @@ -# enable systemd services +--- +- name: Enable base systemd services + tags: [services] + ansible.builtin.systemd: + name: "{{ item }}" + enabled: true + state: started + loop: "{{ enabled_services | default([]) }}" + loop_control: + label: "{{ item }}" + +- name: Enable host systemd services + tags: [services] + ansible.builtin.systemd: + name: "{{ item }}" + enabled: true + state: started + loop: "{{ host_enabled_services | default([]) }}" + loop_control: + label: "{{ item }}" diff --git a/ansible/site.yml b/ansible/site.yml index 800358e..be252c7 100644 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -18,3 +18,11 @@ - packages_void - services_runit - profile_desktop_i3 + +- hosts: ubuntu_workstation + become: true + + roles: + - packages_ubuntu + - services_systemd + - profile_workstation_gnome