dotfiles/tasks/packages.yml

112 lines
2.5 KiB
YAML
Raw Normal View History

2018-10-10 20:01:27 +01:00
- set_fact:
keys:
2019-01-06 19:24:43 +00:00
- '1EDDE2CDFC025D17F6DA9EC0ADAE6AD28A8F901A' # Sublime Text
- 'EF6E286DDA85EA2A4BA7DE684E2C6E8793298290' # Tor Browser
2018-10-10 20:01:27 +01:00
- '9D5F1C051D146843CDA4858BDE64825E7CBC0D51' # ArchStrike
2019-01-06 19:24:43 +00:00
- name: Install pacman config
template:
src: ./files/pacman.conf
dest: /etc/pacman.conf
mode: 0644
2019-01-06 19:24:43 +00:00
- name: "Get installed pacman keys"
shell: "pacman-key --list-keys"
register: pacman_keys
2018-10-10 20:01:27 +01:00
- name: "Get known GPG keys"
shell: "gpg --list-keys"
become: true
become_user: "{{ user }}"
register: known_gpg_keys
2018-10-10 20:01:27 +01:00
- name: "Add keys to pacman"
shell: "pacman-key -r {{ item }}"
2019-01-06 19:24:43 +00:00
when: "item not in pacman_keys.stdout"
2018-10-10 20:01:27 +01:00
with_items: "{{ keys }}"
- name: "Sign keys in pacman"
shell: "pacman-key --lsign-key {{ item }}"
2019-01-06 19:24:43 +00:00
when: "item not in pacman_keys.stdout"
2018-10-10 20:01:27 +01:00
with_items: "{{ keys }}"
- name: "Add keys to local keyring"
shell: "gpg --recv-keys {{ item }}"
become: true
become_user: "{{ user }}"
when: "item not in known_gpg_keys.stdout"
with_items: "{{ keys }}"
2019-05-25 16:50:09 +01:00
- name: Create aur_builder user
user:
2018-09-11 20:43:16 +01:00
name: aur_builder
group: wheel
password_lock: true
shell: /usr/bin/nologin
2018-09-11 20:43:16 +01:00
2019-05-25 16:50:09 +01:00
- name: Allow aur_builder user to run pacman as root
2018-09-14 09:01:11 +01:00
lineinfile:
2018-09-11 20:43:16 +01:00
path: /etc/sudoers.d/11-install-aur_builder
line: 'aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman'
create: true
validate: 'visudo -cf %s'
2019-01-06 18:51:35 +00:00
- name: "Get installed packages"
shell: "pacman -Qq"
become: true
become_user: aur_builder
register: installed_packages
2019-03-14 21:34:29 +00:00
2018-09-11 20:43:16 +01:00
- name: "Install yay"
aur:
skip_installed: true
name: yay
2018-09-14 09:01:11 +01:00
become: true
become_user: aur_builder
2018-09-12 11:09:40 +01:00
2019-03-14 21:34:29 +00:00
- name: "Install additional repo keyrings"
2018-09-11 20:43:16 +01:00
aur:
skip_installed: true
name: "{{ item }}"
2018-09-14 09:01:11 +01:00
become: true
become_user: aur_builder
2019-01-06 18:51:35 +00:00
when: "item not in installed_packages.stdout_lines"
2018-09-11 20:43:16 +01:00
with_items:
- 'archstrike-keyring'
2019-05-26 19:00:03 +01:00
- name: "Install ccache"
aur:
skip_installed: true
name: ccache
become: true
become_user: aur_builder
- name: Use ccache in makepkg
lineinfile:
path: /etc/makepkg.conf
state: present
regexp: '^BUILDENV='
line: 'BUILDENV=(!distcc color ccache check !sign)'
2019-05-25 11:26:09 +01:00
2019-10-06 16:32:35 +01:00
- name: "Install Reflector"
aur:
skip_installed: true
name: reflector
become: true
become_user: aur_builder
- name: Install Reflector service
template:
src: ./files/reflector.service
dest: /etc/systemd/system/reflector.service
mode: 0644
owner: root
group: root
- name: Enable Reflector services
systemd:
name: "reflector"
enabled: true
state: started