Ansible project to configure my dev environment(s)
Use setup.sh to install dependencies and run playbook main.yml
./setup.sh -paI use ansible vault to encrypt sensitive data, so I can still share my project. The password file is defined in ansible.cfg, so that no vault parameter has to be specified when running the playbook. Required parameters have to be encrypted accordingly, eg.g the variable backup_encryption_key:
ansible-vault encrypt_string 'SupersecretPa$$phrase' --name 'backup_encryption_key'Beside of external roles, I have some roles defined as part of this project, which are:
- core - does basic stuff
- shell - mainly installs zsh and sets it as default shell
- resources - Symlinks the resource files and folders (incl. dot-files)
- packages - installs additional packages for my Arch Linux (incl. packages in AUR)
- git - for projects in Github/Gitlab not having packages, this role clones them to a specific folder
For personal backup I use borg and the playbook backup.yml cares about the intial setup using encryption=repokey:
repokeyandkeyfileuseAES-CTR-256for encryption andHMAC-SHA256for authentication in an encrypt-then-MAC (EtM) construction.
Backup is configure by setting the variables local_backup and remote_backup to true in the [host_vars](.(host_vars/). This allows a per-host config of a backup. So my main computer will to a local and remote backup, where some additional computer may not need to be backed-up.
One could also manually setup the backup as follows
ansible-playbook backup.yml --ask-become-pass --limit $(hostname)borg list ssh://$username:$server:$port/$targetdir