From 025deaab6ed66a54f16cc1b41d4f07d44f3e98e1 Mon Sep 17 00:00:00 2001 From: Marcin Bojko Date: Sat, 20 Feb 2021 17:08:16 +0100 Subject: [PATCH] Version 2.2.0 --- CHANGELOG.md | 9 + README.md | 13 +- linux_mint.yaml | 25 +-- mint19.yaml | 568 ------------------------------------------------ mint20.yaml | 8 +- 5 files changed, 28 insertions(+), 595 deletions(-) delete mode 100644 mint19.yaml diff --git a/CHANGELOG.md b/CHANGELOG.md index abd7888..398ec49 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,14 @@ # Changelog "linux_mint" +## Version 2.2.0 [2021-02-20] + +* This version shares application config from 2.1.6 version but: + * [BREAKING_CHANGE] drops support for `Linux Mint 19` + * [BREAKING_CHANGE] introduces support for Ansible 2.10 as mandatory +* Galaxy modules + * ansible-galaxy collection install ansible.posix + * ansible-galaxy collection install community.general + ## Version 2.1.6 [2021-02-20] * [BREAKING_CHANGE] remove `kubeval` as obsolete diff --git a/README.md b/README.md index a33fbd3..9183051 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,7 @@ - [Ansible playbook for your DevOps/SysOps Linux Mint 19.x/20.x based workstation](#ansible-playbook-for-your-devopssysops-linux-mint-19x20x-based-workstation) - [Prerequisites](#prerequisites) + - [Ansible 2.10 and higher reminder](#ansible-210-and-higher-reminder) - [Assumptions](#assumptions) - [In-place upgraded OS warning](#in-place-upgraded-os-warning) - [Python2 removal](#python2-removal) @@ -31,10 +32,13 @@ ## Prerequisites -- installed `Linux Mint` 19, 19.1, 19.2, 19.3, 20.0 20.1 - all 64-bit, standard options with extra codecs (available as selection during install) +- installed `Linux Mint` 20.0 20.1 - all 64-bit, standard options with extra codecs (available as selection during install) +- for previous versions of Mint - last release supporting `Linux Mint 19` was 2.1.6 - access to Internet - `openssh-server` installed and running -- `ansible` in version 2.9 or higher +- `ansible` in version 2.10 or higher +- `ansible-galaxy collection install ansible.posix` +- `ansible-galaxy collection install community.general` ```bash sudo apt install openssh-server;sudo systemctl enable ssh && sudo systemctl start ssh @@ -42,6 +46,11 @@ - PermitRootLogin in `/etc/ssh/sshd_config` if you're using root account +### Ansible 2.10 and higher reminder + +- `ansible-galaxy collection install ansible.posix` +- `ansible-galaxy collection install community.general` + ## Assumptions - 20 GB free space on OS drive diff --git a/linux_mint.yaml b/linux_mint.yaml index ba4aad3..733507c 100644 --- a/linux_mint.yaml +++ b/linux_mint.yaml @@ -26,9 +26,9 @@ # ansible version - name: verify_ansible_meets_version_requirements assert: - that: "ansible_version.full is version_compare('2.9', '>=')" + that: "ansible_version.full is version_compare('2.10', '>=')" msg: > - "You must update Ansible to at least 2.9 to use this version of playbook" + "You must update Ansible to at least 2.10 to use this version of playbook" tags: - assert # setup module - we need these facts @@ -87,6 +87,7 @@ - "Bin Path to put files into : {{ bin_path }}" - "Active user : {{ active_user|string }}" - "Linux Mint major version : {{ ansible_distribution_major_version }}" + - "Ansible version : {{ ansible_version.full }}" - name: wait_15_seconds pause: seconds: 15 @@ -360,21 +361,7 @@ when: install_deb tags: - packages - - name: remove_ansible_from_pip - pip: - name: ansible - state: absent - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - register: r_pip_ansible - until: r_pip_ansible is success - any_errors_fatal: false - ignore_errors: true - when: pip_executable is defined - tags: - - packages - - base - - python + - deb - name: install_and_upgrade_pip_packages pip: name: "{{ item }}" @@ -393,7 +380,7 @@ - base - python - name: install_flatpak_apps - flatpak: + community.general.flatpak: name: "{{ item.name|string }}" state: present method: system @@ -696,7 +683,7 @@ enabled: true when: r_create_fstrim_override.changed - name: sysctl_changes - sysctl: + ansible.posix.sysctl: name: "{{ item.name|string }}" value: "{{ item.value|string }}" state: "{{ item.state|string }}" diff --git a/mint19.yaml b/mint19.yaml deleted file mode 100644 index 02f5b39..0000000 --- a/mint19.yaml +++ /dev/null @@ -1,568 +0,0 @@ -# Mint 19 variables file ---- -codename: bionic -# repositories we'd like to add - mandatory -repositories: -- repo: deb http://download.opensuse.org/repositories/home:/Alexx2000/xUbuntu_18.04/ / - filename: alexx2000 -- repo: ppa:ansible/ansible - filename: ansible -- repo: deb https://packagecloud.io/asbru-cm/asbru-cm/ubuntu/ bionic main - filename: asbru-cm -- repo: deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ bionic main - filename: azure-cli -- repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable - filename: docker-stable -- repo: deb http://packages.cloud.google.com/apt gcsfuse-bionic main - filename: gcsfuse -- repo: ppa:gezakovacs/ppa - filename: gezakovacs -- repo: deb https://packagecloud.io/github/git-lfs/linuxmint/ tara main - filename: github_git-lfs -- repo: deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main - filename: google-chrome -- repo: deb http://packages.cloud.google.com/apt cloud-sdk-bionic main - filename: google-cloud-sdk -- repo: deb http://apt.kubernetes.io/ kubernetes-xenial main - filename: kubernetes-stable -- repo: deb [arch=amd64] https://packages.microsoft.com/ubuntu/18.04/prod bionic main - filename: microsoft-prod-deb -- repo: ppa:mozillateam/ppa - filename: mozillateam -- repo: deb http://download.opensuse.org/repositories/home:/stevenpusser/xUbuntu_18.04 / - filename: palemoon -- repo: ppa:remmina-ppa-team/remmina-next - filename: remmina-next -- repo: ppa:ubuntuhandbook1/shutter - codename: bionic - filename: shutter -- repo: ppa:synapse-core/testing - filename: synapse-core -- repo: ppa:ubuntu-mozilla-security/ppa - filename: ubuntu-mozilla-security -- repo: deb [arch=amd64] http://download.virtualbox.org/virtualbox/debian bionic contrib - filename: virtualbox -- repo: deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main - filename: vscode -- repo: ppa:webupd8team/y-ppa-manager - filename: y-ppa-manager -repositories_optional: - # brave browser -- repo: deb [arch=amd64] https://brave-browser-apt-release.s3.brave.com/ bionic main - filename: brave-browser-release-bionic.list - codename: bionic -- repo: ppa:xuzhen666/dockbarx - codename: bionic - filename: dockbarx -- repo: deb http://repo.sinew.in/ stable main - codename: stable - filename: enpass -- repo: ppa:danielrichter2007/grub-customizer - codename: xenial - filename: grub-customizer -- repo: ppa:dawidd0811/neofetch - codename: bionic - filename: neofetch -- repo: ppa:noobslab/icons - filename: noobslab-icons - codename: bionic -- repo: ppa:noobslab/themes - filename: noobslab-themes - codename: bionic -- repo: deb http://apt.puppetlabs.com bionic puppet5 - filename: puppet5 - codename: bionic -- repo: deb [arch=amd64] https://repo.skype.com/deb stable main - codename: stable - filename: skype-stable -- repo: deb http://repository.spotify.com stable non-free - codename: stable - filename: spotify -- repo: deb https://download.sublimetext.com/ apt/stable/ - codename: stable - filename: sublime-text -- repo: deb https://aquasecurity.github.io/trivy-repo/deb bionic main - filename: trivy - codename: bionic -- repo: deb [arch=amd64] http://repository.veeam.com/backup/linux/agent/dpkg/debian/public stable veeam - codename: stable - filename: veeam -- repo: ppa:unit193/encryption - filename: veracrypt - codename: bionic -- repo: ppa:nilarimogard/webupd8 - filename: webupdt - codename: bionic -- repo: ppa:linuxuprising/apps - filename: linuxuprising - codename: bionic -- repo: deb [arch=amd64] https://packages.microsoft.com/repos/ms-teams stable main - filename: teams - codename: bionic -- repo: deb http://apt.insync.io/mint tricia non-free contrib - filename: insync - codename: tricia -repositories_remove: -- repo: ppa:alexx2000/doublecmd - filename: alexx2000-doublecmd -- repo: deb https://knqyf263.github.io/trivy-repo/deb bionic main - filename: trivy -- repo: ppa:ehoover/compholio - filename: compholio -- repo: deb [arch=amd64] http://repo.fortinet.com/repo/ubuntu/ /bionic multiverse - filename: forticlient - codename: bionic -keys: -- https://download.opensuse.org/repositories/home:stevenpusser/xUbuntu_18.04/Release.key -- https://download.opensuse.org/repositories/home:Alexx2000/xUbuntu_18.04/Release.key -- https://packages.microsoft.com/keys/microsoft.asc -- https://dl-ssl.google.com/linux/linux_signing_key.pub -- https://packages.cloud.google.com/apt/doc/apt-key.gpg -- https://dl.sinew.in/keys/enpass-linux.key -- https://www.virtualbox.org/download/oracle_vbox_2016.asc -- https://download.sublimetext.com/sublimehq-pub.gpg -- https://download.docker.com/linux/ubuntu/gpg -- http://repository.veeam.com/keys/veeam.gpg -- https://repo.skype.com/data/SKYPE-GPG-KEY -- https://packagecloud.io/github/git-lfs/gpgkey -- https://apt.puppetlabs.com/pubkey.gpg -- https://packagecloud.io/asbru-cm/asbru-cm/gpgkey -- https://aquasecurity.github.io/trivy-repo/deb/public.key -- https://brave-browser-apt-release.s3.brave.com/brave-core.asc -- https://download.spotify.com/debian/pubkey_0D811D58.gpg -- https://d2t3ff60b2tol4.cloudfront.net/repomd.xml.key -keys_keyserver: -- keyserver: keyserver.ubuntu.com - id: ACCAF35C -keys_remove: -- 5E54716D -- 8719FCE4 -packages_essential: -- apt-transport-https -- mc -- dkms -- gcc -- dotnet-sdk-3.1 -- dotnet-runtime-3.1 -- build-essential -- mint-meta-codecs -- libvte-dev -- xz-utils -packages: -- synaptic -- ansible -- azure-cli -- google-cloud-sdk -- gcsfuse -- awscli -- palemoon -- code -- powershell -- google-chrome-stable -- virtualbox-6.1 -- dropbox -- python-dev -- krb5-config -- krb5-locales -- krb5-user -- krb5-multidev -- libkrb5-dev -- python-pip -- python-all-dev -- python-wheel -- python-gpg -- python-psutil -- python3-pip -- python3-all-dev -- python3-wheel -- python3-gpg -- python3-psutil -- diodon -- doublecmd-gtk -- htop -- iotop -- atop -- iftop -- nmap -- zenmap -- remmina -- remmina-plugin-rdp -- remmina-plugin-vnc -- remmina-plugin-secret -- mpv -- rabbitvcs-core -- liblinear-tools -- liblinear-dev -- p7zip-rar -- hwinfo -- ndiff -- extlinux -- syslinux -- unetbootin-translations -- va-driver-all -- p7zip-rar -- chromium-codecs-ffmpeg-extra -- wireshark -- xca -- viewnior -- tlp -- ncurses-term -- ssh-import-id -- screen -- tmux -- arj -- terminator -- ncdu -- keepass2 -- smartmontools -- libqt5multimedia5-plugins -- openjdk-11-jre -- gsmartcontrol -- nmon -- sysstat -- stress -- npm -- unzip -- docker-ce -- kubeadm -- shutter -- synapse -- git -- gparted -- filezilla -- git-lfs -- network-manager-fortisslvpn -- openfortivpn -- network-manager-vpnc -- network-manager-openconnect -- redshift-gtk -- asbru-cm -- iperf3 -- traceroute -- nfs-common -- rdesktop -- gddrescue -- testdisk -- partclone -- clonezilla -- httpie -- ngrep -- tshark -- hping3 -- siege -- trivy -- sshfs -- whois -- dos2unix -- ioping -- dstat -- rclone -- multitail -- shellcheck -- dconf-cli -- dconf-editor -- freerdp2-x11 -- zsh -- netcat -- clusterssh -- moreutils -packages_optional: -- enpass -- pdk -- puppet-agent -- kodi -- dockbarx -- grub-customizer -- unetbootin -- adobe-flashplugin -- adobe-flash-properties-gtk -- gimp -- vlc -- kazam -- sublime-text -- javascript-common -- geoip-database-extra -- thunderbird -- neofetch -- skypeforlinux -- veeam -- veeamsnap -- pinta -- woeusb -- veracrypt -- spotify-client -- isomaster -- brave-browser -- tlpui -- teams -- goaccess -- hashcat -- y-ppa-manager -deb: -- https://github.com/angryip/ipscan/releases/download/3.7.6/ipscan_3.7.6_amd64.deb -- https://release.axocdn.com/linux/gitkraken-amd64.deb -- https://releases.hashicorp.com/vagrant/2.2.14/vagrant_2.2.14_x86_64.deb -- https://launchpad.net/ubuntu/+archive/primary/+files/libgoo-canvas-perl_0.06-2ubuntu3_amd64.deb -- https://github.com/BoostIO/boost-releases/releases/download/v0.16.1/boostnote_0.16.1_amd64.deb -- https://github.com/Eugeny/terminus/releases/download/v1.0.134/terminus-1.0.134-linux.deb -- https://github.com/TheGoddessInari/hamsket/releases/download/0.6.2/hamsket_0.6.2_amd64.deb -- https://github.com/kubernetes/minikube/releases/download/v1.17.1/minikube_1.17.1-0_amd64.deb -- https://wdl1.pcfg.cache.wpscdn.com/wpsdl/wpsoffice/download/linux/10161/wps-office_11.1.0.10161.XA_amd64.deb -- https://github.com/wagoodman/dive/releases/download/v0.9.2/dive_0.9.2_linux_amd64.deb -- https://github.com/balena-io/etcher/releases/download/v1.5.116/balena-etcher-electron_1.5.116_amd64.deb -- https://github.com/goodwithtech/dockle/releases/download/v0.3.1/dockle_0.3.1_Linux-64bit.deb -- https://github.com/kaikramer/keystore-explorer/releases/download/v5.4.3/kse-5.4.3.deb -- https://downloads.raspberrypi.org/imager/imager_1.5_amd64.deb -- https://github.com/lensapp/lens/releases/download/v4.1.2/Lens-4.1.2.amd64.deb -flatpak: -- name: https://flathub.org/repo/appstream/com.getpostman.Postman.flatpakref -pip_executable: pip -pip: -- pip -- psutil -- s-tui -- pywinrm[kerberos] -- pywinrm[credssp] -- pypsrp -- yamllint -- ansible-lint -- jmespath -- jsonlint -- gittyleaks -unpack: -- url: https://get.helm.sh/helm-v3.5.2-linux-amd64.tar.gz - destination: helm - source: helm - destination_file: helm3.tar.gz - folder: linux-amd64 -- url: https://github.com/OWASP/Amass/releases/download/v3.11.5/amass_linux_amd64.zip - destination: amass - source: amass - folder: amass_linux_amd64 - destination_file: amass.zip -- url: https://github.com/instrumenta/kubeval/releases/download/0.15.0/kubeval-linux-amd64.tar.gz - destination: kubeval - source: kubeval - folder: - destination_file: kubeval-linux-amd64.tar.gz -downloads: -- url: https://releases.hashicorp.com/packer/1.7.0/packer_1.7.0_linux_amd64.zip - destination: packer - skip_tree: false -- url: https://releases.hashicorp.com/terraform/0.14.7/terraform_0.14.7_linux_amd64.zip - destination: terraform - skip_tree: false -- url: https://releases.hashicorp.com/vault/1.6.2/vault_1.6.2_linux_amd64.zip - destination: vault - skip_tree: false -- url: https://github.com/terraform-linters/tflint/releases/download/v0.24.1/tflint_linux_amd64.zip - destination: tflint - skip_tree: false -- url: https://github.com/ffuf/ffuf/releases/download/v1.0.2/ffuf_1.0.2_linux_amd64.tar.gz - destination: ffluf - skip_tree: false -- url: https://github.com/FairwindsOps/polaris/releases/download/3.1.3/polaris_3.1.3_linux_amd64.tar.gz - destination: polaris - skip_tree: false -files: -- url: https://github.com/docker/compose/releases/download/1.28.4/docker-compose-Linux-x86_64 - destination: docker-compose -- url: https://github.com/bcicen/ctop/releases/download/v0.7.5/ctop-0.7.5-linux-amd64 - destination: ctop -- url: https://github.com/rancher/rke/releases/download/v1.2.5/rke_linux-amd64 - destination: rke -- url: https://github.com/dannagle/PacketSender/releases/download/v7.0.5/PacketSender_v7.0.5.AppImage - destination: packetsender - desktop_file: ./files/apps/packetsender/packetsender.desktop -- url: https://github.com/k3s-io/k3s/releases/download/v1.19.7%2Bk3s1/k3s - destination: k3s -- url: https://github.com/rancher/k3d/releases/download/v4.2.0/k3d-linux-amd64 - destination: k3d -- url: https://github.com/hadolint/hadolint/releases/download/v1.22.1/hadolint-Linux-x86_64 - destination: hadolint - -#mitogen: -# config: -# - section: defaults -# option: strategy -# value: mitogen_linear -# - section: defaults -# option: strategy_plugins -# value: /etc/ansible/mitogen/ansible_mitogen/plugins/strategy -# download: -# - urls: https://networkgenomics.com/try/mitogen-0.2.9.tar.gz -# dest_path: /etc/ansible/mitogen -ansible: - cfg: /etc/ansible/ansible.cfg - config: - - section: defaults - option: host_key_checking - value: false - - section: defaults - option: retry_file_enable - value: false - - section: defaults - option: callback_whitelist - value: timer,mail,profile_tasks -startup: -- filename: redshift-gtk.desktop - source: ./files/apps/redshift-gtk/redshift-gtk.desktop -- filename: shutter.desktop - source: ./files/apps/shutter/shutter.desktop -- filename: dropbox.desktop - source: ./files/apps/dropbox/dropbox.desktop -- filename: synapse.desktop - source: ./files/apps/synapse/synapse.desktop -- filename: DockX.desktop - source: ./files/apps/dockbarx/DockX.desktop -- filename: remmina-applet.desktop - source: ./files/apps/remmina/remmina-applet.desktop -- filename: diodon.desktop - source: ./files/apps/diodon/diodon.desktop -services: -- ssh -- docker -dconf: - # remove alt+f7 move window shortcut -- key: "/org/cinnamon/muffin/keybindings/begin-move" - state: present - value: "['']" -- key: "/org/cinnamon/desktop/keybindings/wm/begin-move" - state: present - value: "['']" -timezone: Europe/Warsaw -vscode_obsolete: -- ms-vscode.go -vscode: -- alefragnani.project-manager -- DavidAnson.vscode-markdownlint -- DotJoshJohnson.xml -- emmanuelbeziat.vscode-great-icons -- exiasr.hadolint -- florianloch.text-transform -- gep13.chocolatey-vscode -- golang.go -- hashicorp.terraform -- huntertran.auto-markdown-toc -- jansenfuller.crayon-vscode -- joffreykern.markdown-toc -- marcostazi.VS-code-vagrantfile -- medo64.render-crlf -- mohsen1.prettify-json -- ms-azuretools.vscode-azureterraform -- ms-azuretools.vscode-docker -- ms-kubernetes-tools.vscode-kubernetes-tools -- ms-python.python -- ms-vscode-remote.remote-containers -- ms-vscode-remote.remote-ssh -- ms-vscode-remote.remote-ssh-edit -- ms-vscode-remote.remote-wsl -- ms-vscode-remote.vscode-remote-extensionpack -- ms-vscode.azure-account -- ms-vscode.azurecli -- ms-vscode.cpptools -- ms-vscode.powershell -- ms-vscode.wordcount -- ms-vsliveshare.vsliveshare -- ms-vsliveshare.vsliveshare-audio -- ms-vsliveshare.vsliveshare-pack -- p1c2u.docker-compose -- PascalReitermann93.vscode-yaml-sort -- pgourlain.erlang -- puppet.puppet-vscode -- rebornix.ruby -- redhat.vscode-yaml -- shardulm94.trailing-spaces -- tht13.html-preview-vscode -- timonwong.shellcheck -- vscoss.vscode-ansible -- wholroyd.jinja -- yzane.markdown-pdf -sysctl: -# enable bbr congestion for tcp -- name: net.core.default_qdisc - value: fq - state: present -- name: net.ipv4.tcp_congestion_control - value: bbr - state: present -# decrease swappiness when you have plenty of RAM -- name: vm.swappiness - value: 1 - state: present -# cache settings for more mem -- name: vm.vfs_cache_pressure - value: 30 - state: present -- name: vm.dirty_ratio - value: 50 - state: present -- name: vm.dirty_background_ratio - value: 5 - state: present -- name: vm.dirty_expire_centisecs - value: 1200 - state: present -# better network settings -- name: net.core.netdev_max_backlog - value: 100000 - state: present -- name: net.core.netdev_budget - value: 50000 - state: present -- name: net.core.netdev_budget_usecs - value: 5000 - state: present -- name: net.core.somaxconn - value: 1024 - state: present -- name: net.core.rmem_default - value: 1048576 - state: present -- name: net.core.rmem_max - value: 16777216 - state: present -- name: net.core.wmem_default - value: 1048576 - state: present -- name: net.core.wmem_max - value: 16777216 - state: present -- name: net.core.optmem_max - value: 65536 - state: present -- name: net.ipv4.tcp_rmem - value: "4096 1048576 2097152" - state: present -- name: net.ipv4.tcp_wmem - value: "4096 65536 16777216" - state: present -- name: net.ipv4.udp_rmem_min - value: 8192 - state: present -- name: net.ipv4.udp_wmem_min - value: 8192 - state: present -- name: net.ipv4.tcp_max_syn_backlog - value: 8192 - state: present -- name: net.ipv4.tcp_max_tw_buckets - value: 2000000 - state: present -- name: net.ipv4.tcp_fastopen - value: 3 - state: present -- name: net.ipv4.tcp_slow_start_after_idle - value: 0 - state: present -- name: net.ipv4.tcp_tw_reuse - value: 1 - state: present -alternatives: -- name: editor - path: /usr/bin/mcedit - variable: EDITOR -global_env: -- name: EDITOR - value: mcedit - # end diff --git a/mint20.yaml b/mint20.yaml index 5dd1e01..398ddea 100644 --- a/mint20.yaml +++ b/mint20.yaml @@ -32,6 +32,8 @@ repositories: filename: remmina-next - repo: ppa:linuxuprising/shutter filename: shutter +- repo: ppa:ansible/ansible + filename: ansible # codename: focal - repo: ppa:ubuntu-mozilla-security/ppa filename: ubuntu-mozilla-security @@ -109,8 +111,6 @@ repositories_remove: - repo: deb [arch=amd64] http://repo.fortinet.com/repo/ubuntu/ /focal multiverse filename: forticlient codename: focal -- repo: ppa:ansible/ansible - filename: ansible - repo: deb https://packagecloud.io/github/git-lfs/linuxmint/ ulyana main filename: github_git-lfs - repo: ppa:ubuntuhandbook1/shutter @@ -141,7 +141,6 @@ keys_keyserver: id: ACCAF35C keys_remove: - 5E54716D -- 8719FCE4 packages_essential: - apt-transport-https - mc @@ -534,9 +533,6 @@ sysctl: - name: vm.dirty_background_ratio value: 5 state: present -- name: vm.dirty_expire_centisecs - value: 1200 - state: present # better network settings - name: net.core.netdev_max_backlog value: 100000