Fully automated Ubuntu|Arch|Red Hat (wip)
development environment that is easy to set up and maintain for my use.
Ansible replicates what we would do to set up a development environment pretty well. There are many automation solutions out there - I happen to enjoy using Ansible.
This Ansible playbook only supports Ubuntu|Arch
distribution. This is by design to provide a consistent development experience across hosts.
Verify your Ubuntu|Arch
installation has all latest packages installed before running the playbook.
# Ubuntu
sudo apt-get update && sudo apt-get upgrade -y
# Arch
sudo pacman -Syu
NOTE: This will take some time.
The all.yaml
file allows you to personalize your setup to your needs. This file will be created in the file located at ~/.dotfiles/group_vars/all.yaml
after you Install this dotfiles and include your desired settings.
Below is a list of all available values. Not all are required but incorrect values will break the playbook if not properly set.
Name | Type | Required |
---|---|---|
git_user_email | string | yes |
git_user_name | string | yes |
exclude_roles | array (see group_vars/all) |
no |
ssh_key | dict (see SSH Keys below) |
no |
system_host | dict (see System Hosts below) |
no |
bash_public | dict (see Environment below) |
no |
bash_private | dict (see Environment below) |
no |
Manage environment variables by configuring the bash_public
and bash_private
values in values.yaml
. See both values usecase below.
The bash_public
value allows you to include a dictionary of generic and unsecure key-value pairs that will be stored in a ~/.bash_public
.
---
bash_public:
MY_ENV_VAR: something
The bash_private
value allows you to include a dictionary of secure key-value pairs that will be stored in a ~/.bash_private
.
---
bash_private:
MY_ENV_VAR_SECRET: !vault |
$ANSIBLE_VAULT;1.1;AES256
62333533626436313366316235626561626635396233303730343332666466393561346462303163
3666636638613437353663356563656537323136646137630a336332303030323031376164316562
65333963633339323382938472963766303966643035303234376163616239663539366564396166
3830376265316231630a623834333061393138306331653164626437623337366165636163306237
3437
Manage SSH keys by setting the ssh_key
value in values.yaml
shown as example below:
---
ssh_key:
<filename>: !vault |
$ANSIBLE_VAULT;1.1;AES256
62333533626436313366316235626561626635396233303730343332666466393561346462303163
3666636638613437483928376563656537323136646137630a336332303030323031376164316562
65333963633339323762663865363766303966643035303234376163616239663539366564396166
3830376265316231630a623834333061393138306331653164626437623337366165636163306237
3437
NOTE: All ssh keys will be stored at
$HOME/.ssh/<filename>
.
Manage /etc/hosts
by setting the system_host
value in values.yaml
.
---
system_host:
127.0.0.1: foobar.localhost
Below is a minimal example of values.yaml
file:
---
git_user_email: [email protected]
git_user_name: Foo Bar
Below is a more advanced example of values.yaml
file:
---
git_user_email: [email protected]
git_user_name: Foo Bar
exclude_roles:
- slack
ssh_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
62333533626436313366316235626561626635396233303730343332666466393561346462303163
3666636638613437353663356563656537323136646137630a336332303030323031376164316562
65333963633339323762663865363766303966643035303234376163616239663539366564396166
3830376265316231630a623834333061393138306331653164626437623337366165636163306237
3437
system_host:
127.0.0.1: foobar.localhost
bash_public:
MY_PUBLIC_VAR: foobar
bash_private:
MY_SECRET_VAR: !vault |
$ANSIBLE_VAULT;1.1;AES256
62333533626436313366316235626561626635396233303730343332666466393561346462303163
3666636638613437353663356563656537323136646137630a336332303030323031376164316562
65333963633339323762663865363766303966643035303234376163616239663539366564396166
3830376265316231630a623834333061393138306331653164626437623337366165636163306237
3437
The vault.secret
file allows you to encrypt values with Ansible vault
and store them securely in source control. Create a file located at ~/.config/dotfiles/vault.secret
with a secure password in it.
vim ~/.ansible-vault/vault.secret
To then encrypt values with your vault password use the following:
$ ansible-vault encrypt_string --vault-password-file $HOME/.ansible-vault/vault.secret "mynewsecret" --name "MY_SECRET_VAR"
$ cat myfile.conf | ansible-vault encrypt_string --vault-password-file $HOME/.ansible-vault/vault.secret --stdin-name "myfile"
NOTE: This file will automatically be detected by the playbook when running
dotfiles
command to decrypt values. Read more on Ansible Vault here.
This playbook includes a custom shell script located at bin/dotfiles
. This script is added to your $PATH after installation and can be run multiple times while making sure any Ansible dependencies are installed and updated.
This shell script is also used to initialize your environment after installing Ubuntu|Arch
and performing a full system upgrade as mentioned above.
NOTE: You must follow required steps before running this command or things may become unusable until fixed.
bash -c "$(curl -fsSL https://raw.githubusercontent.com/drkchico/dotfiles/main/bin/dotfiles)"
If you want to run only a specific role, you can specify the following bash command:
curl -fsSL https://raw.githubusercontent.com/drkchico/dotfiles/main/bin/dotfiles | bash -s -- --tags comma,seperated,tags
This repository is continuously updated with new features and settings which become available to you when updating.
To update your environment run the dotfiles
command in your shell:
dotfiles
This will handle the following tasks:
- Verify Ansible is up-to-date
- Generate SSH keys and add to
~/.ssh/authorized_keys
- Clone this repository locally to
~/.dotfiles
- Verify any
ansible-galaxy
plugins are updated - Run this playbook with the values in
~/.config/dotfiles/group_vars/all.yaml
This dotfiles
command is available to you after the first use of this repo, as it adds this repo's bin
directory to your path, allowing you to call dotfiles
from anywhere.
Any flags or arguments you pass to the dotfiles
command are passed as-is to the ansible-playbook
command.
For Example: Running the tmux tag with verbosity
dotfiles -t tmux -vvv