initial commit

.ansible-lint

@@ -0,0 +1,4 @@
+---
+
+skip_list:
+  - name[casing]

.github/dependabot.yml

@@ -0,0 +1,14 @@
+---
+
+version: 2
+updates:
+  # Maintain GitHub Action dependencies
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  # Maintain Python pip dependencies
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/pull_request_template.md

@@ -0,0 +1,11 @@
+## Description
+
+Please include a summary of the change and which issue is fixed. Please provide the motivation for why this change is necessary at this stage of the product development cycle.
+
+Fixes # (issue)
+
+## Depedencies
+
+Does this PR depend on other PRs of this or a related repository?
+
+Depends on # (pr)

.github/workflows/test.yml

@@ -0,0 +1,30 @@
+---
+
+name: Test
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  test:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Setup Python 3
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.x'
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install -r requirements.txt
+      - name: Lint with ansible-lint including yamllint
+        run: |
+          ansible-lint
+      - name: Test with molecule
+        run: |
+          molecule test

.gitignore

@@ -0,0 +1,6 @@
+# .gitignore
+
+# ansible
+*.retry
+*.swp
+roles/**

.yamllint

@@ -0,0 +1,7 @@
+---
+
+extends: default
+
+rules:
+  line-length: disable
+  truthy: disable

README.md

@@ -0,0 +1,17 @@
+# Ansible Playbook - Potos
+
+A magic all inclusive playbook for your custom linux client based on Potos
+
+[![Test](https://github.com/projectpotos/ansible-playbook-potos/actions/workflows/test.yml/badge.svg)](https://github.com/projectpotos/ansible-playbook-potos/actions/workflows/test.yml)
+
+# Dependencies
+
+You need your own specification repository defined as with the example below `ansible-specs-potos` in the file `/etc/potos/specs_repo.yml`
+
+```
+---
+client_name: "Potos Vanilla"
+git_url: "git+https://github.com/projectpotos/"
+git_repo: "ansible-specs-potos"
+git_branch: "main"
+```

meta/main.yml

@@ -0,0 +1,18 @@
+--
+
+dependencies: []
+
+galaxy_info:
+  role_name: 'potos_playbook'
+  author: 'Adfinis AG'
+  description: 'This playbook is used to customize potos clients'
+  company: 'Adfinis AG'
+  license: 'GNU General Public License v3'
+  min_ansible_version: '2.12.0'
+  platforms:
+    - name: Ubuntu
+      versions:
+        - focal
+        - jammy
+  galaxy_tags:
+    - "potos"

meta/runtime.yml

@@ -0,0 +1,3 @@
+---
+
+requires_ansible: '>=2.12'

molecule-requirements.txt

@@ -0,0 +1,7 @@
+
+# At least Ansible 2.12 is needed due to used features like 'argument_specs'
+ansible>=2.12
+
+# Required for testing
+ansible-lint[yamllint]
+molecule[docker, lint]

molecule/default/converge.yml

@@ -0,0 +1,8 @@
+---
+
+- name: Converge
+  hosts: all
+  gather_facts: yes
+
+  roles:
+    - role: potos_wallpaper

molecule/default/molecule.yml

@@ -0,0 +1,22 @@
+---
+
+dependency:
+  name: galaxy
+
+driver:
+  name: docker
+
+platforms:
+  - name: instance
+    image: ubuntu:22.04
+    pre_build_image: yes
+    command: /sbin/init
+    privileged: yes
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+
+provisioner:
+  name: ansible
+
+verifier:
+  name: ansible

molecule/default/prepare.yml

@@ -0,0 +1,13 @@
+
+---
+
+- name: Prepare
+  hosts: all
+  gather_facts: yes
+
+  tasks:
+  # Update the apt cache as it's potentialy outdated in the container
+  - name: update pacman cache
+    ansible.builtin.command:
+      apt update && apt upgrade -y
+    when: ansible_distribution == 'Ubuntu'

molecule/default/verify.yml

@@ -0,0 +1,13 @@
+---
+
+- name: Verify
+  hosts: all
+  gather_facts: no
+
+  tasks:
+  - name: check if some background exists
+    ansible.builtin.shell:
+      cmd: ls -p /usr/share/backgrounds | grep -v / | wc -l
+    register: out
+    failed_when:
+      - not out.stdout 0

playbook.yml

@@ -0,0 +1,43 @@
+--
+
+- name: Potos system configuration
+  hosts: localhost
+  connection: local
+  become: True
+  gather_facts: True
+  ignore_errors: True
+
+  vars:
+    # define default run type
+    potos_runtype: "daily"
+
+  pre_tasks:
+    # To make sure that this task always executes, it is tagged with the special
+    # tag "always". Therefore do not remove this tag!
+    - name: template requirements.yml file
+      ansible.builtin.template:
+        src: "requirements.yml.j2"
+        dest: "{{ playbook_dir }}/requirements.yml"
+        owner: root
+        group: root
+        mode: 0644
+      tags:
+        - always
+
+    - name: get required roles with ansible galaxy
+      ansible.builtin.command:
+        cmd: /usr/bin/ansible-galaxy install -f -r requirements.yml -p roles/
+      changed_when: false
+      tags:
+        - always
+
+  tasks:
+    - name: run all the required roles
+      include_role:
+        name: "{{ potos_playbook_role }}"
+        apply:
+          tags:
+            - always
+      loop: "{{ lookup('file','requirements.yml') | from_yaml | map(attribute='name') | list }}"
+      loop_control:
+        loop_var: "potos_playbook_role"

prepare.yml

@@ -0,0 +1,89 @@
+---
+
+- name: Potos preparation playbook
+  hosts: localhost
+  connection: local
+  become: True
+  gather_facts: False
+  ignore_errors: True
+
+  pre_tasks:
+    - name: read specs repo configuration
+      ansible.builtin.include_vars:
+        file: "/etc/potos/specs_repo.yml"
+        name: potos_specs_repo
+    - name: Get specs repo for {{ potos_specs.client_name }}
+      ansible.builtin.command:
+        cmd: >
+          /usr/bin/ansible-galaxy install -f
+          {{ potos_specs_repo.git_url }}/{{ potos_specs_repo.git_repo }}.git,{{ potos_specs_repo.git_branch }},specs
+          -p /
+      changed_when: False
+      failed_when: False
+  tasks:
+    - name: Check if specs exists
+      ansible.builtin.stat:
+        path: "{{ playbook_dir }}/specs"
+      register: check_potos_specs
+
+    - name: Error handling
+      ansible.builtin.debug:
+        msg: "Unable to find an potos specs repo for {{ potos_specs.client_name }}"
+      when: not check_potos_specs.stat.exists
+
+    - name: Configure playbook for {{ potos_client_name }} with specs
+      when: check_potos_specs.stat.exists
+      block:
+
+        - name: Get templates
+          ansible.builtin.find:
+            path: "{{ playbook_dir }}/specs/templates"
+            recurse: yes
+            file_type: file
+          register: potos_playbook_specs_templates
+
+        - name: Apply templates
+          ansible.builtin.template:
+            src: "{{ item.path }}"
+            dest: "{{ item.path | regex_replace('^(.*?)\/specs\/templates(.*?)(\.j2)$', '\\1\\2') }}"
+          loop:
+            - "{{ potos_playbook_specs.files }}"
+
+        - name: Get files to copy
+          ansible.builtin.find:
+            path: "{{ playbook_dir }}/specs/files"
+            recurse: yes
+            file_type: file
+          register: potos_playbook_specs_files
+
+        - name: Copy files
+          ansible.builtin.copy:
+            src: "{{ item.path }}"
+            dest: "{{ item.path | regex_replace('^(.*?)\/specs\/files(.*?)$', '\\1\\2') }}"
+          loop:
+            - "{{ potos_playbook_specs.files }}"
+
+        - name: Get vars to copy
+          ansible.builtin.find:
+            path: "{{ playbook_dir }}/specs/vars"
+            recurse: yes
+            file_type: file
+          register: potos_playbook_specs_vars
+
+        - name: Copy vars
+          ansible.builtin.copy:
+            src: "{{ item.path }}"
+            dest: "{{ item.path | regex_replace('^(.*?)\/specs\/vars(.*?)$', '\\1/host_vars/all\\2') }}"
+          loop:
+            - "{{ potos_playbook_specs.files }}" 
+
+        - name: Install required collections
+          ansible.builtin.command:
+            cmd: /usr/bin/ansible-galaxy collection install -r collections.yml -p /etc/ansible/collections
+          changed_when: False
+
+      rescue:
+        - name: Error handling
+          ansible.builtin.debug:
+            msg: "Error while deploying {{ potos_client_name }} ansible vars"
+