Add initial Ansible configuration and package management setup

- Create .gitignore to exclude .vscode directory
    - Add ansible.cfg for Ansible configuration
    - Define inventory for new machine
    - Create playbook.yml for orchestrating tasks
    - Set up common role with default variables, handlers, and tasks
    - Implement package management tasks for installing packages from various sources
    - Include appimage and flatpak package lists

ansible/.gitignore

@@ -0,0 +1 @@
+.vscode/

ansible/README.md

@@ -0,0 +1,138 @@
+# Ansible Playbooks for Machine Setup
+
+This repository contains Ansible playbooks and roles for setting up a new machine, including common configurations, package installations, and user management.
+
+## Table of Contents
+
+- [Requirements](#requirements)
+- [Inventory](#inventory)
+- [Playbooks](#playbooks)
+- [Roles](#roles)
+  - [Common Role](#common-role)
+  - [Packages Role](#packages-role)
+- [Usage Examples](#usage-examples)
+- [Sensitive Data](#sensitive-data)
+
+## Requirements
+
+To run these Ansible playbooks, you need:
+
+*   **Ansible:** Version 2.10 or higher is recommended.
+*   **Python:** Python 3 on both the control machine and target hosts.
+*   **SSH Access:** Password-less SSH access (or password-based with `--ask-pass`) to your target machines.
+
+## Inventory
+
+The `inventory` file defines the hosts and groups that Ansible will manage. A typical `inventory` file might look like this:
+
+```ini
+[new_machine]
+192.168.153.117 ansible_user=your_ssh_user ansible_ssh_pass=your_ssh_password
+
+[all:vars]
+ansible_python_interpreter=/usr/bin/python3
+```
+
+**Note:** Replace `192.168.153.117` with your target machine's IP address or hostname, `your_ssh_user` with your SSH username, and `your_ssh_password` with the SSH password if not using SSH keys.
+
+## Playbooks
+
+### `playbook.yml`
+
+This is the main playbook that orchestrates the setup of a new machine by applying the `common` and `packages` roles.
+
+To run the playbook:
+
+```bash
+ansible-playbook -i inventory playbook.yml --ask-become-pass
+```
+
+To perform a dry-run (check what changes would be made without applying them):
+
+```bash
+ansible-playbook -i inventory playbook.yml --check
+```
+
+## Roles
+
+### Common Role
+
+The `common` role (`roles/common/`) sets up basic system configurations, including:
+
+*   Setting the hostname.
+*   Configuring network interfaces (WiFi and Ethernet).
+*   Managing user accounts (e.g., `will` and root password).
+*   Configuring SSH daemon settings.
+
+**Variables:**
+
+Default variables for this role are defined in `roles/common/defaults/main.yml`. You can override these variables in your inventory, group_vars, or by passing them via the command line.
+
+**Tags:**
+
+Tasks in the `common` role are tagged for selective execution:
+
+*   `hostname`: For tasks related to hostname configuration.
+*   `network`: For tasks related to network configuration (includes `wifi` and `ethernet`).
+*   `wifi`: Specifically for WiFi configuration.
+*   `ethernet`: Specifically for Ethernet configuration.
+*   `users`: For tasks related to user and password management.
+*   `sshd`: For tasks related to SSH daemon configuration.
+
+Example: To only run network-related tasks:
+
+```bash
+ansible-playbook -i inventory playbook.yml --tags "network" --ask-become-pass
+```
+
+### Packages Role
+
+The `packages` role (`roles/packages/`) handles the installation of various software packages:
+
+*   Ensuring `yay` (AUR helper for Arch Linux) is installed.
+*   Installing packages from `pkglist.txt` (using `pacman`).
+*   Installing AUR packages from `aur_pkglist.txt` (using `yay`).
+*   Installing Flatpak packages from `flatpak_pkglist.txt`.
+*   Downloading AppImages from `appimage_pkglist.txt`.
+
+**Variables:**
+
+Default variables for this role, primarily file paths for package lists, are defined in `roles/packages/defaults/main.yml`.
+
+**Tags:**
+
+Tasks in the `packages` role are tagged for selective execution:
+
+*   `yay`: For tasks related to `yay` installation.
+*   `pacman`: For tasks installing packages via `pacman`.
+*   `aur`: For tasks installing packages via `yay` (AUR).
+*   `flatpak`: For tasks installing Flatpak packages.
+*   `appimage`: For tasks downloading AppImages.
+
+Example: To only install Flatpak packages:
+
+```bash
+ansible-playbook -i inventory playbook.yml --tags "flatpak" --ask-become-pass
+```
+
+## Sensitive Data
+
+This project contains sensitive information such as passwords. It is highly recommended to use **Ansible Vault** to encrypt sensitive variables and files. For example, you can encrypt `roles/common/defaults/main.yml` or specific variables within it.
+
+To encrypt a file:
+
+```bash
+ansible-vault encrypt roles/common/defaults/main.yml
+```
+
+To view or edit an encrypted file:
+
+```bash
+ansible-vault edit roles/common/defaults/main.yml
+```
+
+When running playbooks with encrypted files, you will need to provide the vault password:
+
+```bash
+ansible-playbook -i inventory playbook.yml --ask-vault-pass --ask-become-pass
+```

ansible/ansible.cfg

@@ -0,0 +1,2 @@
+[defaults]
+inventory = inventory

ansible/inventory

@@ -0,0 +1,2 @@
+[new_machine]
+192.168.153.117 ansible_user=will

ansible/playbook.yml

@@ -0,0 +1,15 @@
+---
+- hosts: new_machine
+  become: yes
+  vars:
+    # Define playbook-level variables here
+    ansible_user: ansible_user
+
+  pre_tasks:
+    - name: Display a message before roles run
+      debug:
+        msg: "Starting playbook for {{ ansible_user }} on {{ inventory_hostname }}"
+
+  roles:
+    - common
+    - packages

ansible/roles/common/defaults/main.yml

@@ -0,0 +1,26 @@
+---
+# Default variables for the 'common' role
+
+# Hostname
+common_hostname: "willlaptop"
+
+# WiFi Configuration
+common_wifi_ssid: "Skips new wifi"
+common_wifi_password: "04251992#04291962#"
+common_wifi_connection_name: "theden"
+
+# Ethernet Configuration
+common_ethernet_ifname: "eth0"
+common_ethernet_con_name: "Ethernet"
+common_ethernet_ipv4_address: "192.168.153.117/24"
+common_ethernet_ipv4_gateway: "192.168.153.1"
+common_ethernet_ipv4_dns: "8.8.8.8,1.1.1.1"
+
+# User Configuration
+common_user_name: "will"
+common_user_password: "$6$SQB4NRF/A4OI6oSq$Oe9DwyIpNo9CUobOU67kJri4OA91/o3bUWV3SFZmOWamxidShZjLDCG29hFw3f5Ta0uPfjKtQMVdY0ToPM0e71" # This should ideally be hashed or managed by vault
+
+# SSHD Configuration
+common_sshd_permit_root_login: "yes"
+common_sshd_password_authentication: "yes"
+common_sshd_permit_empty_passwords: "no"

ansible/roles/common/handlers/main.yml

@@ -0,0 +1,7 @@
+---
+# Handlers for the 'common' role
+
+- name: Restart sshd
+  ansible.builtin.service:
+    name: sshd
+    state: restarted

ansible/roles/common/tasks/main.yml

@@ -0,0 +1,72 @@
+---
+# Add common tasks here
+
+- name: Set hostname to '{{ common_hostname }}'
+  ansible.builtin.hostname:
+    name: "{{ common_hostname }}"
+  tags: [ 'common', 'hostname' ]
+
+- name: Configure WiFi connection '{{ common_wifi_connection_name }}'
+  become: true
+  ansible.builtin.command:
+    cmd: >
+      nmcli dev wifi connect "{{ common_wifi_ssid }}"
+      password "{{ common_wifi_password }}"
+      name "{{ common_wifi_connection_name }}"
+  args:
+    creates: "/etc/NetworkManager/system-connections/{{ common_wifi_connection_name }}.nmconnection"
+  ignore_errors: true
+  tags: [ 'common', 'network', 'wifi' ]
+
+- name: Configure ethernet connection '{{ common_ethernet_con_name }}' with static IP, gateway, and DNS
+  become: true
+  ansible.builtin.command:
+    cmd: >
+      nmcli con add type ethernet ifname {{ common_ethernet_ifname }} con-name "{{ common_ethernet_con_name }}" ipv4.method manual ipv4.addresses {{ common_ethernet_ipv4_address }} ipv4.gateway {{ common_ethernet_ipv4_gateway }} ipv4.dns "{{ common_ethernet_ipv4_dns }}"
+  args:
+    creates: "/etc/NetworkManager/system-connections/{{ common_ethernet_con_name }}.nmconnection"
+  ignore_errors: true
+  tags: [ 'common', 'network', 'ethernet' ]
+- name: Ensure user '{{ common_user_name }}' exists with specified password
+  ansible.builtin.user:
+    name: "{{ common_user_name }}"
+    password: "{{ common_user_password }}"
+    shell: /bin/bash
+    state: present
+    create_home: yes
+  tags: [ 'common', 'users' ]
+- name: Ensure root password matches user '{{ common_user_name }}'
+  ansible.builtin.user:
+    name: root
+    password: "{{ common_user_password }}"
+  tags: [ 'common', 'users' ]
+- name: Configure sshd_config to allow root login with password
+  become: true
+  ansible.builtin.lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: "^PermitRootLogin"
+    line: "PermitRootLogin {{ common_sshd_permit_root_login }}"
+    state: present
+    create: yes
+  notify: Restart sshd
+  tags: [ 'common', 'sshd' ]
+- name: Ensure PasswordAuthentication is set to {{ common_sshd_password_authentication }} in sshd_config
+  become: true
+  ansible.builtin.lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: "^PasswordAuthentication"
+    line: "PasswordAuthentication {{ common_sshd_password_authentication }}"
+    state: present
+    create: yes
+  notify: Restart sshd
+  tags: [ 'common', 'sshd' ]
+- name: Ensure PermitEmptyPasswords is set to {{ common_sshd_permit_empty_passwords }} in sshd_config
+  become: true
+  ansible.builtin.lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: "^PermitEmptyPasswords"
+    line: "PermitEmptyPasswords {{ common_sshd_permit_empty_passwords }}"
+    state: present
+    create: yes
+  notify: Restart sshd
+  tags: [ 'common', 'sshd' ]

ansible/roles/packages/defaults/main.yml

@@ -0,0 +1,7 @@
+---
+# Default variables for the 'packages' role
+
+packages_pkglist_file: "roles/packages/files/pkglist.txt"
+packages_aur_pkglist_file: "roles/packages/files/aur_pkglist.txt"
+packages_flatpak_pkglist_file: "roles/packages/files/flatpak_pkglist.txt"
+packages_appimage_pkglist_file: "roles/packages/files/appimage_pkglist.txt"

ansible/roles/packages/files/appimage_pkglist.txt

@@ -0,0 +1 @@
+/home/will/Applications/Cursor-1.4.5-x86_64_9841ba6b5561254992d0620e86f167a3.AppImage

ansible/roles/packages/files/aur_pkglist.txt

@@ -0,0 +1,19 @@
+1password
+appimagelauncher
+dracula-alacritty-git
+dracula-gtk-theme
+dracula-icons-theme
+grub-customizer
+gtk
+k0s-bin
+k0sctl-bin
+kubecolor
+llama-swap
+nautilus-bluetooth
+newelle
+orchis-theme-git
+pamac-all
+upass
+upscayl-bin
+vim-dracula
+yay-debug

ansible/roles/packages/files/flatpak_pkglist.txt

@@ -0,0 +1,50 @@
+app.devsuite.Ptyxis
+app.fotema.Fotema
+app.freelens.Freelens
+app.ytmdesktop.ytmdesktop
+com.belmoussaoui.Authenticator
+com.belmoussaoui.Decoder
+com.belmoussaoui.Obfuscate
+com.boxy_svg.BoxySVG
+com.discordapp.Discord
+com.github.geigi.cozy
+com.github.huluti.Curtail
+com.github.jeromerobert.pdfarranger
+com.github.johnfactotum.Foliate
+com.github.tenderowl.frog
+com.jeffser.Alpaca
+com.logseq.Logseq
+com.mattjakeman.ExtensionManager
+com.ml4w.dotfilesinstaller
+com.pojtinger.felicitas.Sessions
+com.rafaelmardojai.Blanket
+com.toolstack.Folio
+de.haeckerfelix.Fragments
+de.haeckerfelix.Shortwave
+dev.bragefuglseth.Fretboard
+es.danirod.Cartero
+io.appflowy.AppFlowy
+io.github.Ethanscharlie.albumripper
+io.github.JakubMelka.Pdf4qt
+io.github.chidiwilliams.Buzz
+io.github.dvlv.boxbuddyrs
+io.github.flattool.Ignition
+io.github.prateekmedia.appimagepool
+io.gitlab.adhami3310.Impression
+io.gitlab.gregorni.Letterpress
+io.gitlab.liferooter.TextPieces
+io.gitlab.news_flash.NewsFlash
+io.missioncenter.MissionCenter
+io.podman_desktop.PodmanDesktop
+md.obsidian.Obsidian
+net.nokyan.Resources
+org.freedesktop.Bustle
+org.gnome.DejaDup
+org.gnome.NetworkDisplays
+org.gnome.Solanum
+org.gnome.World.Iotas
+org.localsend.localsend_app
+org.nickvision.tubeconverter
+org.raspberrypi.rpi-imager
+page.kramo.Cartridges
+se.sjoerd.Graphs

ansible/roles/packages/files/pkglist.txt

@@ -0,0 +1,264 @@
+7zip
+adw-gtk-theme
+aic94xx-firmware
+alacritty
+ansible
+argocd
+ast-firmware
+authenticator
+baobab
+base
+base-devel
+bind
+bluez-utils
+bridge-utils
+broadcom-wl-dkms
+btop
+btrbk
+btrfs-assistant
+btrfs-progs
+bun-bin
+cargo-zigbuild
+chaotic-keyring
+chaotic-mirrorlist
+chezmoi
+chromium
+clang
+cmake
+compsize
+cronie
+cuda
+decibels
+distrobox
+dnsmasq
+docker
+docker-buildx
+docker-compose
+dosfstools
+dracula-grub-theme-git
+efibootmgr
+epiphany
+evince
+exfatprogs
+fastfetch
+firefox
+fish
+foremost
+fuse2
+fzf
+gdm
+gemini-cli
+gftp
+ghostty
+gimp
+git
+git-lfs
+gitg
+github-cli
+glances
+gnome-backgrounds
+gnome-boxes
+gnome-browser-connector
+gnome-builder
+gnome-calculator
+gnome-calendar
+gnome-characters
+gnome-clocks
+gnome-color-manager
+gnome-connections
+gnome-console
+gnome-contacts
+gnome-control-center
+gnome-disk-utility
+gnome-font-viewer
+gnome-keyring
+gnome-keysign
+gnome-logs
+gnome-maps
+gnome-menus
+gnome-music
+gnome-remote-desktop
+gnome-session
+gnome-settings-daemon
+gnome-shell
+gnome-shell-extension-caffeine
+gnome-shell-extension-desktop-icons-ng
+gnome-shell-extensions
+gnome-software
+gnome-system-monitor
+gnome-text-editor
+gnome-themes-extra
+gnome-tour
+gnome-tweaks
+gnome-user-docs
+gnome-user-share
+gnome-weather
+go
+go-tools
+google-chrome
+gparted
+grilo-plugins
+grub
+grub-btrfs
+gtk-engine-murrine
+gvfs
+gvfs-afc
+gvfs-dnssd
+gvfs-goa
+gvfs-google
+gvfs-gphoto2
+gvfs-mtp
+gvfs-nfs
+gvfs-onedrive
+gvfs-smb
+gvfs-wsdd
+helm
+htop
+inetutils
+inkscape
+inotify-tools
+intel-media-driver
+intel-ucode
+iwd
+jq
+k9s
+krew
+kvantum-theme-orchis-git
+less
+libreoffice-still
+libva-intel-driver
+linux
+linux-firmware
+linux-firmware-qlogic
+linux-headers
+linux-zen
+linux-zen-headers
+loupe
+malcontent
+mesa-demos
+mesa-utils
+mplayer
+nano
+nautilus
+netctl
+network-manager-applet
+networkmanager
+nfs-utils
+npm
+open-iscsi
+opencl-mesa
+optipng
+orca
+perl-image-exiftool
+pnpm
+podman
+prettier
+python-pip
+python-standard-aifc
+python-standard-cgi
+python-standard-chunk
+python-uv
+qpdf
+rclone
+rdfind
+restic
+rustup
+rygel
+s3fs-fuse
+seahorse
+simple-scan
+smartmontools
+snapshot
+spotify
+starship
+sushi
+tailscale
+tecla
+tela-circle-icon-theme-all
+testdisk
+thunderbird
+timeshift
+timeshift-autosnap
+tk
+tmux
+torbrowser-launcher
+totem
+typescript
+upd72020x-fw
+vi
+vim
+vimix-cursors
+virt-manager
+virtualbox
+visual-studio-code-bin
+vlc
+vulkan-headers
+vulkan-intel
+vulkan-nouveau
+vulkan-radeon
+vulkan-swrast
+wd719x-firmware
+wget
+wireless_tools
+wl-clipboard
+xclip
+xdg-desktop-portal-gnome
+xdg-user-dirs-gtk
+xdg-utils
+xf86-video-amdgpu
+xf86-video-ati
+xf86-video-nouveau
+xf86-video-vesa
+xorg-bdftopcf
+xorg-docs
+xorg-font-util
+xorg-fonts-100dpi
+xorg-fonts-75dpi
+xorg-iceauth
+xorg-mkfontscale
+xorg-server
+xorg-server-devel
+xorg-server-xephyr
+xorg-server-xnest
+xorg-server-xvfb
+xorg-sessreg
+xorg-smproxy
+xorg-x11perf
+xorg-xbacklight
+xorg-xcmsdb
+xorg-xcursorgen
+xorg-xdpyinfo
+xorg-xdriinfo
+xorg-xev
+xorg-xgamma
+xorg-xhost
+xorg-xinit
+xorg-xinput
+xorg-xkbevd
+xorg-xkbutils
+xorg-xkill
+xorg-xlsatoms
+xorg-xlsclients
+xorg-xpr
+xorg-xrandr
+xorg-xrefresh
+xorg-xsetroot
+xorg-xvinfo
+xorg-xwd
+xorg-xwininfo
+xorg-xwud
+yay
+yelp
+yq
+yubikey-personalization-gui
+zed
+zen-browser-bin
+zenity
+zig
+zip
+zoom
+zsh
+zsh-autosuggestions
+zsh-completions
+zsh-history-substring-search
+zsh-syntax-highlighting

ansible/roles/packages/tasks/main.yml

@@ -0,0 +1,74 @@
+---
+- name: Ensure yay is installed
+  block:
+    - name: Check if yay is already installed
+      command: which yay
+      register: yay_check
+      ignore_errors: yes
+      tags: [ 'packages', 'yay' ]
+
+    - name: Install dependencies for building yay
+      pacman:
+        name:
+          - git
+          - base-devel
+        state: present
+      when: yay_check.rc != 0
+      tags: [ 'packages', 'yay' ]
+
+    - name: Clone yay repository
+      git:
+        repo: https://aur.archlinux.org/yay.git
+        dest: /tmp/yay
+        clone: yes
+        update: no
+      when: yay_check.rc != 0
+      tags: [ 'packages', 'yay' ]
+
+    - name: Build and install yay
+      command: makepkg -si --noconfirm
+      args:
+        chdir: /tmp/yay
+      when: yay_check.rc != 0
+      tags: [ 'packages', 'yay' ]
+
+    - name: Remove yay build directory
+      file:
+        path: /tmp/yay
+        state: absent
+      when: yay_check.rc != 0
+      tags: [ 'packages', 'yay' ]
+- name: Install packages from {{ packages_pkglist_file }}
+  community.general.pacman:
+    name: "{{ item }}"
+    state: present
+  with_lines:
+    - cat "{{ packages_pkglist_file }}"
+  tags: [ 'packages', 'pacman' ]
+- name: Install AUR packages from {{ packages_aur_pkglist_file }}
+  command: "yay -S --noconfirm {{ item }}"
+  with_lines:
+    - cat "{{ packages_aur_pkglist_file }}"
+  tags: [ 'packages', 'aur' ]
+- name: Install Flatpak packages from {{ packages_flatpak_pkglist_file }}
+  community.general.flatpak:
+    name: "{{ item }}"
+    state: present
+  with_lines:
+    - cat "{{ packages_flatpak_pkglist_file }}"
+  tags: [ 'packages', 'flatpak' ]
+- name: Ensure ~/Applications directory exists
+  ansible.builtin.file:
+    path: "{{ lookup('env', 'HOME') }}/Applications"
+    state: directory
+    mode: "0755"
+  tags: [ 'packages', 'appimage' ]
+- name: Download AppImages from URLs in {{ packages_appimage_pkglist_file }} to ~/Applications
+  ansible.builtin.get_url:
+    url: "{{ item }}"
+    dest: "{{ lookup('env', 'HOME') }}/Applications/{{ item | basename }}"
+    mode: "0755"
+  with_lines:
+    - cat "{{ packages_appimage_pkglist_file }}"
+  when: item != ""
+  tags: [ 'packages', 'appimage' ]