fscotto/infra
1
0
Fork 0
mirror of https://github.com/fscotto/infra.git synced 2026-05-30 15:39:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add explicit Fedora workstation target and package role

Browse Source
This commit is contained in:
Fabio Scotto di Santolo
2026-04-08 20:04:47 +02:00
parent 872695ed15
commit 94df137ea0
11 changed files with 314 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
AGENTS.md
View File

@@ -16,12 +16,14 @@ Project type: Ansible-driven infrastructure, workstation/server provisioning, an
## Topology And Orchestration
- Void desktops: `ikaros`, `nymph`
- Ubuntu workstation: `deadalus`
- Ubuntu workstation: `deadalus-ubuntu`
- Fedora workstation: `deadalus-fedora`
- Ubuntu server: `prometheus`
- Workstation topology now supports Linux host + Ubuntu dev and Windows 11 host + Ubuntu WSL dev as separate layers
- A single inventory host can intentionally participate in multiple plays by belonging to multiple groups; host identity and play layering are not 1:1
- The WSL dev environment is intended to be managed by running Ansible locally from inside the distro, while the Windows host is managed remotely via PSRP and Windows package installs default to `winget_psrp`
- Most hosts use `ansible_connection: local`
- Current playbook layering: `all:!workstation_host_windows -> dotfiles_common`, `void -> packages_void + services_runit + profile_desktop_common + profile_desktop_i3 + profile_desktop_sway + profile_desktop_hyprland + profile_desktop_host`, `workstation_dev_ubuntu -> packages_ubuntu + services_systemd + profile_workstation_dev_common`, `workstation_host_linux -> profile_workstation_gnome`, `workstation_dev_wsl -> packages_ubuntu + services_systemd + profile_workstation_dev_common + profile_workstation_dev_wsl`, `workstation_host_windows -> profile_workstation_host_windows`, `ubuntu_server -> packages_ubuntu + services_systemd + profile_server`
- Current playbook layering: `all:!workstation_host_windows -> dotfiles_common`, `void -> packages_void + services_runit + profile_desktop_common + profile_desktop_i3 + profile_desktop_sway + profile_desktop_hyprland + profile_desktop_host`, `workstation_dev_ubuntu -> packages_ubuntu + services_systemd + profile_workstation_dev_common`, `workstation_dev_fedora -> packages_fedora + services_systemd + profile_workstation_dev_common`, `workstation_host_linux -> profile_workstation_gnome`, `workstation_dev_wsl -> packages_ubuntu + services_systemd + profile_workstation_dev_common + profile_workstation_dev_wsl`, `workstation_host_windows -> profile_workstation_host_windows`, `ubuntu_server -> packages_ubuntu + services_systemd + profile_server`
- Present but currently unwired roles: `base`, `dotfiles`
## Local Instruction Files
@@ -62,7 +64,8 @@ Core validation from the repo root:
ansible-playbook ansible/site.yml --syntax-check
ansible-playbook ansible/site.yml --limit ikaros --check --diff
ansible-playbook ansible/site.yml --limit nymph --check --diff
ansible-playbook ansible/site.yml --limit deadalus --check --diff
ansible-playbook ansible/site.yml --limit deadalus-ubuntu --check --diff
ansible-playbook ansible/site.yml --limit deadalus-fedora --check --diff
ansible-playbook ansible/site.yml --limit deadalus-wsl --check --diff
ansible-playbook ansible/site.yml --limit prometheus --check --diff
ansible-lint ansible/site.yml
@@ -75,7 +78,8 @@ Useful execution commands:
ansible-playbook ansible/site.yml
ansible-playbook ansible/site.yml --limit ikaros
ansible-playbook ansible/site.yml --limit nymph
ansible-playbook ansible/site.yml --limit deadalus
ansible-playbook ansible/site.yml --limit deadalus-ubuntu
ansible-playbook ansible/site.yml --limit deadalus-fedora
ansible-playbook ansible/site.yml --limit deadalus-wsl
ansible-playbook ansible/site.yml --limit prometheus
scripts/bootstrap_mail.sh
@@ -155,8 +159,9 @@ Use the narrowest command matching the changed area.
- `profile_desktop_sway` contains the wlroots/Sway session pieces and deploys shared Sway + Waybar dotfiles
- `profile_desktop_hyprland` contains the optional Hyprland/Wayland session pieces
- `profile_desktop_host` carries host-specific desktop overrides such as NVIDIA, PRIME wrappers, and host-only WirePlumber config
- `profile_workstation_dev_common` carries the Ubuntu dev layer shared by native workstation and WSL Ubuntu
- `profile_workstation_gnome` carries Linux host-only GNOME setup, extensions, and UFW
- `profile_workstation_dev_common` carries the shared dev layer for native Linux workstation profiles plus Ubuntu WSL
- `profile_workstation_gnome` carries Linux host-only GNOME setup, extensions, and firewall enablement
- Native Linux workstation plays can be combined on the same inventory host when that host is placed in both the relevant OS/dev group and `workstation_host_linux`
- `profile_workstation_dev_wsl` carries WSL-specific Ubuntu tweaks such as `systemd` and PSRP Python dependencies
- `profile_workstation_host_windows` manages the Windows 11 host via PSRP over HTTPS using `negotiate` by default, installs host applications via `winget` with a configurable `windows_package_backend` defaulting to `winget_psrp`, applies Windows shell tweaks, manages taskbar pins through a local Start layout policy with `PinListPlacement="Replace"`, and sets Windows Terminal's default profile to Ubuntu
- `deadalus-wsl` is modeled as a local inventory target intended to be run from inside the Ubuntu WSL distro
@@ -258,7 +263,8 @@ Run a host-limited dry run whenever the change affects a real host profile, pack
For workstation changes, prefer:
```bash
ansible-playbook ansible/site.yml --limit deadalus --check --diff
ansible-playbook ansible/site.yml --limit deadalus-ubuntu --check --diff
ansible-playbook ansible/site.yml --limit deadalus-fedora --check --diff
ansible-playbook ansible/site.yml --limit deadalus-wsl --check --diff
```
@@ -277,5 +283,5 @@ pwsh -NoProfile -Command "[void][System.Management.Automation.Language.Parser]::
- Do not revert unrelated worktree changes made by the user
- Keep `README.md` and `AGENTS.md` aligned when workflows materially change
- If you add a new operational area, also add the validation command agents should run
- Prefer host-limited validation first: `ikaros` or `nymph` for Void desktop work, `deadalus` for Ubuntu workstation work, and `prometheus` for server work
- Prefer host-limited validation first: `ikaros` or `nymph` for Void desktop work, `deadalus-ubuntu` for Ubuntu workstation work, `deadalus-fedora` for Fedora workstation work, and `prometheus` for server work
- Call out checks you could not run and any follow-up verification needed

34
README.md
View File

@@ -96,35 +96,43 @@ Lo stato attuale del profilo desktop include, tra le altre cose:
Sistemi operativi supportati:
- Ubuntu LTS nativa
- Fedora Workstation nativa
- Windows 11 host + Ubuntu WSL
Desktop environment host Linux:
- GNOME
Macchine attuali:
- `deadalus` come workstation Ubuntu nativa
- `deadalus-ubuntu` come workstation Ubuntu nativa
- `deadalus-fedora` come workstation Fedora nativa
- supporto attivo per host Windows 11 + WSL tramite `deadalus-win` e `deadalus-wsl`
Questo profilo è pensato per sviluppo e lavoro, con separazione tra layer host e layer dev.
Nel modello Ansible usato qui, un singolo inventory host puo appartenere intenzionalmente a piu gruppi e quindi ricevere piu play nello stesso run: l'associazione non e `1 host = 1 play`, ma `host + gruppi = layering finale`.
Il profilo workstation e agganciato al playbook principale e ora distingue:
- layer dev Ubuntu condiviso tra workstation Linux nativa e Ubuntu in WSL
- layer dev Fedora nativo parallelo a Ubuntu
- layer host Linux GNOME
- layer host Windows 11 con bootstrap WSL, remoting `PSRP` su `HTTPS/5986`, gestione app via `winget` con backend configurabile e VS Code lato Windows
- layer WSL dedicato per sviluppo con `systemd`
Per esempio, lo stesso host Linux puo stare in `workstation_host_linux` e in `workstation_dev_fedora` oppure `workstation_dev_ubuntu`, a seconda del layering che vuoi comporre.
Lo stato attuale del profilo workstation include:
- installazione pacchetti base Ubuntu via apt
- installazione pacchetti base Fedora via dnf per il ramo workstation nativo
- installazione e configurazione di Docker dal repository ufficiale
- gestione dei dotfiles workstation e rendering dei template dev condivisi
- installazione di Google Chrome, pacchetti Snap workstation e estensioni GNOME sul solo host Linux nativo
- installazione di Google Chrome, applicazioni workstation via Snap su Ubuntu nativa e via Flatpak su Fedora nativa, oltre alle estensioni GNOME sul solo host Linux nativo
- configurazione del ramo Windows 11 host con app installate dal playbook via `winget`, con backend predefinito `winget_psrp`, tema scuro, pin della taskbar gestiti via policy locale e profilo predefinito di Windows Terminal impostato su `Ubuntu`
- preparazione del ramo WSL Ubuntu con `systemd` per il toolchain di sviluppo
- attivazione del firewall UFW sul solo host Linux nativo
- attivazione del firewall UFW su Ubuntu nativa e `firewalld` su Fedora nativa
Workflow Windows + WSL previsto:
@@ -237,9 +245,10 @@ I principali ruoli attualmente presenti sono:
| Role | Descrizione |
| ------------------------- | ----------------------------------- |
| base | configurazione base comune |
| base | configurazione base comune |
| packages_void | installazione pacchetti su Void |
| packages_ubuntu | installazione pacchetti su Ubuntu |
| packages_fedora | installazione pacchetti su Fedora |
| services_runit | gestione servizi runit |
| services_systemd | gestione servizi systemd |
| profile_desktop_common | bootstrap desktop Void condiviso |
@@ -247,7 +256,7 @@ I principali ruoli attualmente presenti sono:
| profile_desktop_sway | sessione desktop Sway |
| profile_desktop_hyprland | sessione desktop Hyprland |
| profile_desktop_host | override desktop specifici per host |
| profile_workstation_dev_common | configurazione dev Ubuntu condivisa |
| profile_workstation_dev_common | configurazione dev workstation condivisa |
| profile_workstation_gnome | configurazione host workstation GNOME |
| profile_workstation_dev_wsl | configurazione WSL Ubuntu per sviluppo |
| profile_workstation_host_windows | configurazione host Windows 11 workstation |
@@ -259,12 +268,13 @@ I principali ruoli attualmente presenti sono:
# Stato attuale del playbook principale
Il playbook `ansible/site.yml` e attualmente composto da sei blocchi:
Il playbook `ansible/site.yml` e attualmente composto da sette blocchi:
```text
all:!workstation_host_windows -> dotfiles_common
void -> packages_void + services_runit + profile_desktop_common + profile_desktop_i3 + profile_desktop_sway + profile_desktop_hyprland + profile_desktop_host
workstation_dev_ubuntu -> packages_ubuntu + services_systemd + profile_workstation_dev_common
workstation_dev_fedora -> packages_fedora + services_systemd + profile_workstation_dev_common
workstation_host_linux -> profile_workstation_gnome
workstation_dev_wsl -> packages_ubuntu + services_systemd + profile_workstation_dev_common + profile_workstation_dev_wsl
workstation_host_windows -> profile_workstation_host_windows
@@ -274,7 +284,8 @@ ubuntu_server -> packages_ubuntu + services_systemd + profile_server
Questo significa che, allo stato attuale:
- i desktop Void (`ikaros`, `nymph`) restano il target operativo piu completo
- la workstation Ubuntu (`deadalus`) e gestita separando ambiente dev e layer host GNOME
- la workstation Ubuntu (`deadalus-ubuntu`) e gestita separando ambiente dev e layer host GNOME
- la workstation Fedora (`deadalus-fedora`) usa lo stesso principio di composizione a gruppi con il ramo Fedora dedicato
- il ramo Windows + WSL e predisposto con bootstrap PowerShell e play Windows/WSL dedicati
- il server Ubuntu (`prometheus`) e gestito con pacchetti, servizi, dotfiles server e firewall
@@ -287,6 +298,7 @@ dotfiles/
├── common
├── desktop
├── server
├── fedora
├── workstation
├── ikaros
└── nymph
@@ -345,6 +357,7 @@ Allo stato attuale questo comando:
- distribuisce i dotfiles comuni a tutti gli host
- per gli host Void applica bootstrap desktop condiviso, sessioni i3/Sway/Hyprland e override specifici per host
- per `workstation_dev_ubuntu` applica pacchetti Ubuntu, servizi systemd e profilo dev comune
- per `workstation_dev_fedora` applica pacchetti Fedora, servizi systemd e profilo dev comune
- per `workstation_host_linux` applica il layer host Linux GNOME
- per `workstation_dev_wsl` applica pacchetti Ubuntu, servizi systemd, profilo dev comune e tweak WSL dedicati
- per `workstation_host_windows` applica il layer host Windows 11 via PSRP, con installazione pacchetti Windows eseguita di default tramite `winget_psrp`
@@ -359,7 +372,8 @@ Per validare prima di applicare:
ansible-playbook ansible/site.yml --syntax-check
ansible-playbook ansible/site.yml --limit ikaros --check --diff
ansible-playbook ansible/site.yml --limit nymph --check --diff
ansible-playbook ansible/site.yml --limit deadalus --check --diff
ansible-playbook ansible/site.yml --limit deadalus-ubuntu --check --diff
ansible-playbook ansible/site.yml --limit deadalus-fedora --check --diff
ansible-playbook ansible/site.yml --limit deadalus-wsl --check --diff
ansible-playbook ansible/site.yml --limit prometheus --check --diff
ansible-lint ansible/site.yml

64
ansible/inventory/group_vars/fedora.yml Normal file
View File

@@ -0,0 +1,64 @@
---
fedora_packages_base:
- curl
- flatpak
- gcc
- gcc-c++
- git-delta
- htop
- jq
- make
- nodejs
- ripgrep
fedora_manage_docker_repo: true
fedora_manage_google_chrome_repo: true
fedora_manage_intellij_repo: true
fedora_manage_vscode_repo: true
fedora_intellij_copr_owner: coder966
fedora_intellij_copr_project: intellij-idea-ultimate
fedora_intellij_package_name: intellij-idea-ultimate
fedora_docker_packages:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-buildx-plugin
- docker-compose-plugin
enabled_services:
- docker
- firewalld
fedora_dotfiles:
- src: .bashrc.d/
dest: .bashrc.d/
mode: preserve
workstation_firewall_backend: firewalld
workstation_host_linux_packages_fedora:
- code
- firewall-config
- gnome-shell-extensions
- gnome-shell-extension-manager
- gnome-tweaks
- libreoffice
- meld
- NetworkManager-openconnect-gnome
- pcsc-lite
- pinentry-gnome3
- podman
- podman-compose
- yubikey-manager
workstation_flatpak_remote_name: flathub
workstation_flatpak_remote_url: https://dl.flathub.org/repo/flathub.flatpakrepo
workstation_flatpak_packages:
- com.getpostman.Postman
- com.spotify.Client
- com.github.jeromerobert.pdfarranger
- io.dbeaver.DBeaverCommunity
- org.mozilla.Thunderbird
- org.telegram.desktop
- org.xournalpp.xournalpp

1
ansible/inventory/group_vars/workstation_host_linux.yml
View File

@@ -18,6 +18,7 @@ workstation_host_linux_dotfiles:
dest: .gnupg/gpg-agent.conf
mode: "0600"
workstation_firewall_backend: ufw
workstation_manage_google_chrome: true
workstation_removed_snap_packages:

35
ansible/inventory/host_vars/deadalus-fedora.yml Normal file
View File

@@ -0,0 +1,35 @@
---
hostname: deadalus-fedora
host_packages: []
host_enabled_services: []
workstation_host_vscode_extensions:
- ms-vscode-remote.remote-containers
- ms-vscode-remote.remote-ssh
- ms-azuretools.vscode-docker
- redhat.vscode-yaml
- redhat.ansible
workstation_gnome_managed_settings:
- schema: org.gnome.shell
key: favorite-apps
value: "['google-chrome.desktop', 'org.gnome.Nautilus.desktop', 'com.spotify.Client.desktop', 'org.mozilla.Thunderbird.desktop', 'org.telegram.desktop.desktop', 'code.desktop', 'intellij-idea-ultimate.desktop', 'io.dbeaver.DBeaverCommunity.desktop', 'com.getpostman.Postman.desktop']"
- schema: org.gnome.desktop.input-sources
key: sources
value: "[('xkb', 'us')]"
- schema: org.gnome.desktop.interface
key: clock-format
value: "'24h'"
- schema: org.gnome.desktop.interface
key: clock-show-date
value: "true"
- schema: org.gnome.desktop.interface
key: color-scheme
value: "'prefer-dark'"
- schema: org.gnome.desktop.wm.preferences
key: button-layout
value: "'appmenu:close'"
- schema: org.gnome.desktop.wm.preferences
key: num-workspaces
value: "4"

4
ansible/inventory/host_vars/deadalus.yml → ansible/inventory/host_vars/deadalus-ubuntu.yml
View File

@@ -1,10 +1,10 @@
---
hostname: deadalus
hostname: deadalus-ubuntu
host_packages: []
host_enabled_services: []
deadalus_vscode_extensions:
workstation_host_vscode_extensions:
- ms-vscode-remote.remote-containers
- ms-vscode-remote.remote-ssh
- ms-azuretools.vscode-docker

23
ansible/inventory/hosts.yml
View File

@@ -21,6 +21,10 @@ all:
workstation_dev_wsl:
ubuntu_server:
fedora:
children:
fedora_workstation:
workstation:
children:
workstation_host:
@@ -34,6 +38,7 @@ all:
workstation_dev:
children:
workstation_dev_ubuntu:
workstation_dev_fedora:
workstation_dev_wsl:
server:
@@ -42,17 +47,29 @@ all:
ubuntu_workstation:
hosts:
deadalus:
deadalus-ubuntu:
ansible_connection: local
fedora_workstation:
hosts:
deadalus-fedora:
ansible_connection: local
workstation_host_linux:
hosts:
deadalus:
deadalus-ubuntu:
ansible_connection: local
deadalus-fedora:
ansible_connection: local
workstation_dev_ubuntu:
hosts:
deadalus:
deadalus-ubuntu:
ansible_connection: local
workstation_dev_fedora:
hosts:
deadalus-fedora:
ansible_connection: local
workstation_host_windows:

139
ansible/roles/packages_fedora/tasks/main.yml Normal file
View File

@@ -0,0 +1,139 @@
---
- name: Gather installed package facts
tags: [packages]
ansible.builtin.package_facts:
manager: auto
- name: Copy Fedora dotfiles
tags: [dotfiles, dotfiles:common]
ansible.builtin.copy:
src: "{{ playbook_dir }}/../dotfiles/fedora/{{ item.src }}"
dest: "{{ effective_user_home }}/{{ item.dest }}"
owner: "{{ effective_username }}"
group: "{{ effective_user_group }}"
mode: "{{ item.mode }}"
loop: "{{ fedora_dotfiles | default([]) }}"
loop_control:
label: "{{ item.dest }}"
- name: Configure Docker repository on Fedora
tags: [packages]
ansible.builtin.yum_repository:
name: docker-ce-stable
description: Docker CE Stable - $basearch
baseurl: "https://download.docker.com/linux/fedora/$releasever/$basearch/stable"
enabled: true
gpgcheck: true
gpgkey: https://download.docker.com/linux/fedora/gpg
state: present
when: fedora_manage_docker_repo | default(false)
- name: Configure Google Chrome repository on Fedora
tags: [packages]
ansible.builtin.yum_repository:
name: google-chrome
description: Google Chrome
baseurl: "https://dl.google.com/linux/chrome/rpm/stable/$basearch"
enabled: true
gpgcheck: true
gpgkey: https://dl.google.com/linux/linux_signing_key.pub
state: present
when:
- workstation_manage_google_chrome | default(false)
- fedora_manage_google_chrome_repo | default(false)
- name: Configure Visual Studio Code repository on Fedora
tags: [packages, vscode]
ansible.builtin.yum_repository:
name: vscode
description: Visual Studio Code
baseurl: https://packages.microsoft.com/yumrepos/vscode
enabled: true
gpgcheck: true
gpgkey: https://packages.microsoft.com/keys/microsoft.asc
state: present
when:
- "'workstation_host_linux' in group_names"
- fedora_manage_vscode_repo | default(false)
- name: Configure IntelliJ IDEA COPR repository on Fedora
tags: [packages]
ansible.builtin.get_url:
url: >-
https://copr.fedorainfracloud.org/coprs/{{ fedora_intellij_copr_owner }}/{{ fedora_intellij_copr_project }}/repo/fedora-{{ ansible_facts['distribution_major_version'] }}/{{ fedora_intellij_copr_owner }}-{{ fedora_intellij_copr_project }}-fedora-{{ ansible_facts['distribution_major_version'] }}.repo
dest: /etc/yum.repos.d/{{ fedora_intellij_copr_owner }}-{{ fedora_intellij_copr_project }}-fedora-{{ ansible_facts['distribution_major_version'] }}.repo
owner: root
group: root
mode: "0644"
when:
- "'workstation_host_linux' in group_names"
- fedora_manage_intellij_repo | default(false)
- name: Refresh dnf package metadata
tags: [packages]
ansible.builtin.dnf:
update_cache: true
- name: Install packages on Fedora
tags: [packages]
ansible.builtin.dnf:
name: >-
{{
(
(common_packages | default([]))
+ (fedora_packages_base | default([]))
+ (fedora_docker_packages | default([]))
+ (
['google-chrome-stable']
if workstation_manage_google_chrome | default(false)
else []
)
+ (profile_packages | default([]))
+ (workstation_dev_packages | default([]))
+ (
(workstation_host_linux_packages_fedora | default(workstation_host_linux_packages | default([])))
if 'workstation_host_linux' in group_names
else []
)
+ (
[fedora_intellij_package_name]
if (
'workstation_host_linux' in group_names
and fedora_manage_intellij_repo | default(false)
)
else []
)
+ (host_packages | default([]))
)
| unique
}}
state: present
- name: Add user to docker group
tags: [packages]
ansible.builtin.user:
name: "{{ effective_username }}"
groups: docker
append: true
when: (fedora_docker_packages | default([])) | length > 0
- name: Ensure Flathub remote is configured for Fedora workstation
tags: [packages]
community.general.flatpak_remote:
name: "{{ workstation_flatpak_remote_name | default('flathub') }}"
state: present
flatpakrepo_url: "{{ workstation_flatpak_remote_url | default('https://dl.flathub.org/repo/flathub.flatpakrepo') }}"
when:
- "'workstation_host_linux' in group_names"
- (workstation_flatpak_packages | default([])) | length > 0
- name: Install Fedora workstation Flatpak applications
tags: [packages]
community.general.flatpak:
name: "{{ workstation_flatpak_packages }}"
state: present
remote: "{{ workstation_flatpak_remote_name | default('flathub') }}"
method: system
when:
- "'workstation_host_linux' in group_names"
- (workstation_flatpak_packages | default([])) | length > 0

11
ansible/roles/profile_workstation_gnome/tasks/main.yml
View File

@@ -86,14 +86,14 @@
register: workstation_vscode_cli
changed_when: false
failed_when: false
when: (deadalus_vscode_extensions | default([])) | length > 0
when: (workstation_host_vscode_extensions | default([])) | length > 0
- name: Ensure VS Code CLI is available before managing extensions
tags: [packages, vscode]
ansible.builtin.fail:
msg: Ensure Visual Studio Code is installed before managing VS Code extensions on deadalus.
msg: Ensure Visual Studio Code is installed before managing workstation VS Code extensions.
when:
- (deadalus_vscode_extensions | default([])) | length > 0
- (workstation_host_vscode_extensions | default([])) | length > 0
- workstation_vscode_cli.rc != 0
- name: Read installed VS Code extensions on workstation host
@@ -108,7 +108,7 @@
register: workstation_vscode_extensions_current
changed_when: false
when:
- (deadalus_vscode_extensions | default([])) | length > 0
- (workstation_host_vscode_extensions | default([])) | length > 0
- workstation_vscode_cli.rc == 0
- name: Install VS Code extensions on workstation host
@@ -122,7 +122,7 @@
become_user: "{{ username }}"
environment:
HOME: "{{ user_home }}"
loop: "{{ deadalus_vscode_extensions | default([]) }}"
loop: "{{ workstation_host_vscode_extensions | default([]) }}"
loop_control:
label: "{{ item }}"
when:
@@ -245,3 +245,4 @@
tags: [services, packages]
community.general.ufw:
state: enabled
when: workstation_firewall_backend | default('ufw') == 'ufw'

8
ansible/site.yml
View File

@@ -37,6 +37,14 @@
- services_systemd
- profile_workstation_dev_common
- hosts: workstation_dev_fedora
become: true
roles:
- packages_fedora
- services_systemd
- profile_workstation_dev_common
- hosts: workstation_host_linux
become: true

1
dotfiles/fedora/.bashrc.d/20-editor-fedora.sh Normal file
View File

@@ -0,0 +1 @@
export EDITOR=vim