-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlocal.yml
278 lines (218 loc) · 7.7 KB
/
local.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
- hosts: localhost
vars:
current_user: "{{ working_user }}"
#become: false
become: true
#become_user: "{{ current_user }}"
become_method: sudo
tasks:
- name: Install apt-transport-https
apt:
name: apt-transport-https
state: latest
- name: Install make
apt:
name: make
state: latest
- name: setup debian sid repository
apt_repository:
repo: deb http://ftp.ch.debian.org/debian sid main contrib non-free
state: present
- name: Add stretch backports repo
apt_repository:
repo: deb http://deb.debian.org/debian stretch-backports main contrib
state: present
filename: stretch-backports.list
- name: Create .riot-sh directory
become: yes
become_user: "{{ current_user }}"
file: path="/home/{{ current_user }}/.riot-sh" state=directory
- name: Create .riot-sh/temp directory
become: yes
become_user: "{{ current_user }}"
file: path="/home/{{ current_user }}/.riot-sh/temp" state=directory
#- name: "apt-get update"
# apt:
# update_cache: yes
- name: Install tor
apt:
name: tor
state: latest
- name: Install bzip2
apt:
name: bzip2
state: latest
- name: Install Dino.im
apt:
name: dino-im
state: latest
default_release: sid
- name: Install qBittorrent
apt:
name: qbittorrent
state: latest
default_release: sid
- name: Install Thunderbird, Enigmail, TorBirdy
apt: name={{item}} state=installed
with_items:
- thunderbird
- enigmail
- torbirdy
- name: Install Tor-Browser
apt:
name: torbrowser-launcher
state: latest
default_release: stretch-backports
# https://www.privacy-handbuch.de/download/moderat/user.js
#- name: Add secure user.js file to firefox
# become: yes
# become_user: "{{ current_user }}"
# find:
# paths: "/home/{{ current_user }}/.mozilla/firefox"
# patterns: "*.default"
# register: firefox_profile_paths
#- name: copy user.js file to firefox default profile
# become: yes
# become_user: "{{ current_user }}"
# get_url:
# url: https://www.privacy-handbuch.de/download/moderat/user.js
# dest: "{{ firefox_profile_paths.directories[0].path }}"
- name: add https-everywhere
apt:
name: xul-ext-https-everywhere
state: latest
default_release: sid
- name: add privacy-badger
apt:
name: webext-privacy-badger
state: latest
default_release: sid
- name: add uBlock Origin
apt:
name: webext-ublock-origin
state: latest
default_release: sid
- name: Setup gnupg.conf
become: yes
become_user: "{{ current_user }}"
get_url:
url: "https://raw.githubusercontent.com/ioerror/duraconf/master/configs/gnupg/gpg.conf"
dest: "/home/{{ current_user }}/.gnupg/gpg.conf"
mode: 0700
- name: Setup gpg-agent.conf
become: yes
become_user: "{{ current_user }}"
get_url:
url: "https://gist.githubusercontent.com/nebulak/2d8a842b28c9749393bcb0c416744948/raw/6afe7af5d7fb9486f458e6e9093bfe3ac43d1570/gpg-agent.conf"
dest: "/home/{{ current_user }}/.gnupg/gpg-agent.conf"
mode: 0700
- name: Install syncthing
apt:
name: syncthing
state: latest
default_release: sid
- name: Install KeePassXC
apt:
name: keepassxc
state: latest
default_release: sid
- name: Install gocryptfs
apt:
name: gocryptfs
state: latest
default_release: sid
# - name: Install mozilla-extension-manager
# become: yes
# get_url:
# url: "https://raw.githubusercontent.com/NicolasBernaerts/ubuntu-scripts/master/mozilla/mozilla-extension-manager"
# dest: "/usr/local/sbin/mozilla-extension-manager"
# mode: 0755
# - name: Install KeePassXC-Browser for Firefox
# become: yes
# become_user: "{{ current_user }}"
# command: mozilla-extension-manager --install https://addons.mozilla.org/firefox/downloads/latest/1101197/keepassxc_browser-1.3.0-fx.xpi
- name: Install Magic-Wormhole
apt:
name: magic-wormhole
default_release: sid
state: latest
- name: Install Orjail
become: yes
#become_user: "{{ current_user }}"
get_url:
url: "https://raw.githubusercontent.com/orjail/orjail/master/usr/sbin/orjail"
dest: "/usr/sbin/orjail"
- name: Install restic
apt:
name: restic
state: latest
default_release: sid
# Hibernation with luks
- name: Clone luks-suspend
git:
repo: https://github.com/nailfarmer/debian-luks-suspend.git
version: master
depth: 1
force: yes
dest: "/home/{{ current_user }}/.riot-sh/debian-luks-suspend"
accept_hostkey: yes
# ssh-agent doesn't allow key to pass through remote sudo commands.
# become: yes
- name: Install debian-luks-suspend
command: make install
args:
chdir: "/home/{{ current_user }}/.riot-sh/debian-luks-suspend"
# Configure logind handling in xfce
# source: https://askubuntu.com/questions/460101/xfce4-power-manager-suspend-not-available-for-lid-close
- name: Let logind handle lidswitch event
command: xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/logind-handle-lid-switch -n -t bool -s true
- name: Let logind handle power key event
command: xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/logind-handle-power-key -n -t bool -s true
- name: Let logind handle suspend key event
command: xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/logind-handle-suspend-key -n -t bool -s true
- name: Let logind handle hibernate key event
command: xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/logind-handle-hibernate-key -n -t bool -s true
# STYLE
- name: Install arc-dark theme
apt: name={{item}} state=installed
with_items:
- arc-theme
- name: Setup arc dark theme for gtk
become: yes
become_user: "{{ current_user }}"
shell: xfconf-query -c xsettings -p /Net/ThemeName -s "Arc-Darker"
#shell: gsettings set org.gnome.desktop.interface gtk-theme "Arc-Darker"
- name: Setup arc theme for xfce
become: yes
become_user: "{{ current_user }}"
shell: xfconf-query -c xfwm4 -p /general/theme -s "Arc-Darker"
#shell: xfconf-query -c xsettings -p /Net/ThemeName -s "Arc-Darker"
# - name: Setup arc dark theme for windows
# become: yes
# become_user: "{{ current_user }}"
# #shell: gsettings set org.gnome.desktop.wm.preferences theme "Arc-Darker"
# - name: Setup arc theme for xfce step 2
# become: yes
# become_user: "{{ current_user }}"
# shell: xfconf-query -c xfwm4 -p /general/theme -s "Arc-Darker"
- name: install flat remix icons
become: yes
become_user: "{{ current_user }}"
shell: cd /tmp && rm -rf flat-remix && git clone https://github.com/daniruiz/flat-remix && mkdir -p ~/.icons && cp -r flat-remix/Flat-Remix* ~/.icons/
#xfconf-query -c xfwm4 -p /general/theme -s "Arc-Darker"
#xfconf-query -c xsettings -p /Net/ThemeName -s "Arc-Darker"
#xfconf-query -c xsettings -p /Net/IconThemeName -s "Arc"
- name: setup flat remix icons for GTK
become: yes
become_user: "{{ current_user }}"
shell: xfconf-query -c xsettings -p /Net/IconThemeName -s "Flat-Remix-Blue-Dark"
#shell: xfconf-query -c xfwm4 -p /general/theme -s "Flat-Remix-Dark"
# - name: setup flat remix icons for xfce
# become: yes
# become_user: "{{ current_user }}"
# shell: gsettings set org.gnome.desktop.interface icon-theme "Flat-Remix-Dark"
- name: add whisker-menu
apt: name={{item}} state=installed
with_items:
- xfce4-whiskermenu-plugin
# //TODO: https://wiki.ubuntuusers.de/Whisker_Menu/#Systemweite-Nutzung