2018-10-10 20:01:27 +01:00
|
|
|
- set_fact:
|
|
|
|
|
keys:
|
2019-01-06 19:24:43 +00:00
|
|
|
- '1EDDE2CDFC025D17F6DA9EC0ADAE6AD28A8F901A' # Sublime Text
|
|
|
|
|
- 'EF6E286DDA85EA2A4BA7DE684E2C6E8793298290' # Tor Browser
|
2018-10-10 20:01:27 +01:00
|
|
|
- '9D5F1C051D146843CDA4858BDE64825E7CBC0D51' # ArchStrike
|
2019-05-25 00:21:47 +01:00
|
|
|
- '748231EBCBD808A14F5E85D28C004C2F93481F6B' # Opensnitch
|
2019-01-06 19:24:43 +00:00
|
|
|
|
|
|
|
|
- name: "Get installed pacman keys"
|
|
|
|
|
shell: "pacman-key --list-keys"
|
|
|
|
|
register: pacman_keys
|
2018-10-10 20:01:27 +01:00
|
|
|
|
2019-05-26 19:00:27 +01:00
|
|
|
- name: "Get known GPG keys"
|
|
|
|
|
shell: "gpg --list-keys"
|
|
|
|
|
become: true
|
|
|
|
|
become_user: "{{ user }}"
|
|
|
|
|
register: known_gpg_keys
|
|
|
|
|
|
2018-10-10 20:01:27 +01:00
|
|
|
- name: "Add keys to pacman"
|
|
|
|
|
shell: "pacman-key -r {{ item }}"
|
2019-01-06 19:24:43 +00:00
|
|
|
when: "item not in pacman_keys.stdout"
|
2018-10-10 20:01:27 +01:00
|
|
|
with_items: "{{ keys }}"
|
|
|
|
|
|
|
|
|
|
- name: "Sign keys in pacman"
|
|
|
|
|
shell: "pacman-key --lsign-key {{ item }}"
|
2019-01-06 19:24:43 +00:00
|
|
|
when: "item not in pacman_keys.stdout"
|
2018-10-10 20:01:27 +01:00
|
|
|
with_items: "{{ keys }}"
|
|
|
|
|
|
2019-05-26 19:00:27 +01:00
|
|
|
- name: "Add keys to local keyring"
|
|
|
|
|
shell: "gpg --recv-keys {{ item }}"
|
|
|
|
|
become: true
|
|
|
|
|
become_user: "{{ user }}"
|
|
|
|
|
when: "item not in known_gpg_keys.stdout"
|
|
|
|
|
with_items: "{{ keys }}"
|
|
|
|
|
|
2019-05-25 16:50:09 +01:00
|
|
|
- name: Install pacman config
|
|
|
|
|
copy:
|
2018-10-10 20:16:12 +01:00
|
|
|
src: ./files/pacman.conf
|
|
|
|
|
dest: /etc/pacman.conf
|
|
|
|
|
mode: 0644
|
|
|
|
|
|
2019-05-25 16:50:09 +01:00
|
|
|
- name: Create aur_builder user
|
|
|
|
|
user:
|
2018-09-11 20:43:16 +01:00
|
|
|
name: aur_builder
|
|
|
|
|
group: wheel
|
2018-10-06 12:50:29 +01:00
|
|
|
password_lock: true
|
|
|
|
|
shell: /bin/false
|
2018-09-11 20:43:16 +01:00
|
|
|
|
2019-05-25 16:50:09 +01:00
|
|
|
- name: Allow aur_builder user to run pacman as root
|
2018-09-14 09:01:11 +01:00
|
|
|
lineinfile:
|
2018-09-11 20:43:16 +01:00
|
|
|
path: /etc/sudoers.d/11-install-aur_builder
|
|
|
|
|
line: 'aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman'
|
|
|
|
|
create: true
|
|
|
|
|
validate: 'visudo -cf %s'
|
|
|
|
|
|
2019-01-06 18:51:35 +00:00
|
|
|
- name: "Get installed packages"
|
|
|
|
|
shell: "pacman -Qq"
|
|
|
|
|
become: true
|
|
|
|
|
become_user: aur_builder
|
|
|
|
|
register: installed_packages
|
|
|
|
|
|
2019-03-14 21:34:29 +00:00
|
|
|
|
2018-09-11 20:43:16 +01:00
|
|
|
- name: "Install yay"
|
|
|
|
|
aur:
|
|
|
|
|
skip_installed: true
|
|
|
|
|
name: yay
|
2018-09-14 09:01:11 +01:00
|
|
|
become: true
|
|
|
|
|
become_user: aur_builder
|
2018-09-12 11:09:40 +01:00
|
|
|
|
2019-03-14 21:34:29 +00:00
|
|
|
- name: "Install additional repo keyrings"
|
2018-09-11 20:43:16 +01:00
|
|
|
aur:
|
|
|
|
|
skip_installed: true
|
|
|
|
|
name: "{{ item }}"
|
2018-09-14 09:01:11 +01:00
|
|
|
become: true
|
|
|
|
|
become_user: aur_builder
|
2019-01-06 18:51:35 +00:00
|
|
|
when: "item not in installed_packages.stdout_lines"
|
2018-09-11 20:43:16 +01:00
|
|
|
with_items:
|
|
|
|
|
- 'archstrike-keyring'
|
2019-05-25 00:06:02 +01:00
|
|
|
|
2019-05-26 19:00:03 +01:00
|
|
|
- name: "Install ccache"
|
|
|
|
|
aur:
|
|
|
|
|
skip_installed: true
|
|
|
|
|
name: ccache
|
|
|
|
|
become: true
|
|
|
|
|
become_user: aur_builder
|
|
|
|
|
|
2019-05-25 00:06:02 +01:00
|
|
|
- name: Use ccache in makepkg
|
|
|
|
|
lineinfile:
|
|
|
|
|
path: /etc/makepkg.conf
|
|
|
|
|
state: present
|
|
|
|
|
regexp: '^BUILDENV='
|
|
|
|
|
line: 'BUILDENV=(!distcc color ccache check !sign)'
|
2019-05-25 11:26:09 +01:00
|
|
|
|
2019-05-25 11:28:14 +01:00
|
|
|
- name: Download UK mirrorlist
|
|
|
|
|
get_url:
|
|
|
|
|
url: 'https://www.archlinux.org/mirrorlist/?country=GB&protocol=http&protocol=https&ip_version=4&ip_version=6&use_mirror_status=on'
|
|
|
|
|
dest: /etc/pacman.d/mirrorlist
|
|
|
|
|
force: true
|
|
|
|
|
|
|
|
|
|
- name: Un-comment mirrorlist servers
|
|
|
|
|
replace:
|
|
|
|
|
path: /etc/pacman.d/mirrorlist
|
|
|
|
|
regexp: '^#Server = (.+)$'
|
|
|
|
|
replace: 'Server = \1'
|
