Update README.md

README.md

@@ -1,29 +1,38 @@
+
+:no_entry: [DEPRECATED] Developing continues here: https://github.com/kevinveenbirkenbach/computer-playbook
+
 # Client Playbook
 [![License: AGPL v3](https://img.shields.io/badge/License-AGPL%20v3-blue.svg)](https://www.gnu.org/licenses/agpl-3.0)
 
-Playbook to setup Manjaro GNOME clients.
-# Setup
+Playbook to setup Manjaro GNOME clients in integration with a server which is configured with the [Server Playbook Software](https://github.com/kevinveenbirkenbach/server-playbook).
+
+## Included Applications
+- [Basic Linux Administration Tools](./roles/collection-administrator-base/)
+- [Network Analyzes Tools](./roles/collection-administrator-network-analyze/)
+- [Designer Tools](./roles/collection-designer/)
+- [Arduino Developer Tools](./roles/collection-developer-arduino/)
+- [Basic Developer Tools](./roles/collection-developer-base/)
+- [Bash Developer Tools](./roles/collection-developer-bash/)
+- [Java Developer Tools](./roles/collection-developer-java/)
+- [PHP Developer Tools](./roles/collection-developer-php/)
+- [Python Developer Tools](./roles/collection-developer-python/)
+- [Entertainment Software](./roles/collection-entertainment/)
+- [Games](./roles/collection-games/)
+- [Office Tools](./roles/collection-office/)
+- [Streaming Tools](./roles/collection-streamer/)
+- [Torrent Software](./roles/collection-torrent/)
+- ...
+
+## Setup
 
 Run:
 ```bash
 ansible-galaxy collection install -r requirements.yml
 ```
 
-# Todo
-- pacman -S retext
-- add yay -S qbittorrent
-- add yay -S zoom
-- add obs-studios
-- add yay -S drawio-desktop
-- add native-office-worker
-- add native-graphic-designer
-- add native-developer-basic
-- add native-workspaces
-- add https://aur.archlinux.org/packages/displaylink
-- add spotify
-- add backup to tails usb stick
-- https://www.reddit.com/r/ManjaroLinux/comments/cbkblb/guide_run_android_apps_on_manjaro_super_simple/ https://archived.forum.manjaro.org/t/running-android-applications-on-arch-using-anbox/53332
 
-# See
+## See
 - https://www.middlewareinventory.com/blog/run-ansible-playbook-locally/
 - https://stackoverflow.com/questions/30533372/run-an-ansible-task-only-when-the-hostname-contains-a-string
+- https://archived.forum.manjaro.org/t/running-android-applications-on-arch-using-anbox/53332
+- https://www.reddit.com/r/ManjaroLinux/comments/cbkblb/guide_run_android_apps_on_manjaro_super_simple/ 

playbook.yml

@@ -3,15 +3,38 @@
   become: true
   roles:
     - system-pacman
-    - collection-administrator-tools-base
-    - application-caffeine
+    - collection-administrator-base
     - driver-non-free
 
-- name: collection-office-tools
+- name: application-wireguard
+  hosts: application_wireguard_hosts
+  become: true
+  roles:
+    - application-wireguard
+
+- name: collection-office
   hosts: collection_officetools_hosts
   become: true
   roles:
-    - collection-office-tools
+    - collection-office
+
+- name: collection-designer
+  hosts: collection_designer_hosts
+  become: true
+  roles:
+    - collection-designer
+
+- name: collection-torrent
+  hosts: collection_torrent_hosts
+  become: true
+  roles:
+    - collection-torrent
+
+- name: collection-streamer
+  hosts: collection_streamer_hosts
+  become: true
+  roles:
+    - collection-streamer
 
 - name: collection-bluray-player
   hosts: collection_bluray_player_hosts
@@ -61,6 +84,12 @@
   roles:
     - collection-games
 
+- name: setup entertainment hosts
+  hosts: entertainment_hosts
+  become: true
+  roles:
+    - collection-entertainment
+
 - name: setup multiprinter hosts
   hosts: epson_multiprinter_hosts
   become: true
@@ -79,12 +108,6 @@
   roles:
     - application-nextcloud
 
-- name: setup dia
-  hosts: dia_hosts
-  become: true
-  roles:
-    - application-dia
-
 - name: setup docker
   hosts: docker_hosts
   become: true

roles/application-caffeine/meta/main.yml

@@ -1,3 +1,2 @@
 dependencies:
-- system-aur-helper
-- system-gnome
+- system-aur-helper

roles/application-dia/tasks/main.yml

@@ -1,4 +0,0 @@
-- name: Install dia
-  community.general.pacman:
-    name: dia
-    state: present

roles/application-latex/tasks/main.yml

@@ -5,4 +5,5 @@
       - texlive-lang
       - texlive-langextra
       - texlive-fontsextra
+      - texlive-most
     state: present

roles/application-nextcloud/tasks/main.yml

@@ -20,3 +20,12 @@
     - Software
     - Downloads
     - Workspaces
+    - Books
+
+- name: Link dump folder
+  ansible.builtin.file:
+    src: "{{cloud_directory}}InstantUpload"
+    dest: "{{user_home_directory}}Dump"
+    owner: "{{client_username}}"
+    group: "{{client_username}}"
+    state: link

roles/application-wireguard/README.md

@@ -0,0 +1,28 @@
+# Role Native Wireguard
+Manages wireguard on a client.
+
+## Create Client Keys
+```bash
+  wg_private_key="$(wg genkey)"
+  wg_public_key="$(echo "$wg_private_key" | wg pubkey)"
+  echo "PrivateKey: $wg_private_key"
+  echo "PublicKey: $wg_public_key"
+  echo "PresharedKey: $(wg genpsk)"
+```
+
+## Other
+- https://golb.hplar.ch/2019/01/expose-server-vpn.html
+- https://wiki.archlinux.org/index.php/WireGuard
+- https://wireguard.how/server/raspbian/
+- https://www.scaleuptech.com/de/blog/was-ist-und-wie-funktioniert-subnetting/
+- https://bodhilinux.boards.net/thread/450/wireguard-rtnetlink-answers-permission-denied
+- https://stackoverflow.com/questions/69140072/unable-to-ssh-into-wireguard-ip-until-i-ping-another-server-from-inside-the-serv
+- https://unix.stackexchange.com/questions/717172/why-is-ufw-blocking-acces-to-ssh-via-wireguard
+- https://forum.openwrt.org/t/cannot-ssh-to-clients-on-lan-when-accessing-router-via-wireguard-client/132709/3
+- https://serverfault.com/questions/1086297/wireguard-connection-dies-on-ubuntu-peer
+- https://unix.stackexchange.com/questions/624987/ssh-fails-to-start-when-listenaddress-is-set-to-wireguard-vpn-ip
+- https://serverfault.com/questions/210408/cannot-ssh-debug1-expecting-ssh2-msg-kex-dh-gex-reply
+- https://www.thomas-krenn.com/de/wiki/Linux_ip_Kommando
+- https://wiki.archlinux.org/title/dhcpcd
+- https://wiki.ubuntuusers.de/NetworkManager/Dispatcher/
+- https://askubuntu.com/questions/1024916/how-can-i-launch-a-systemd-service-at-startup-before-another-systemd-service-sta

roles/application-wireguard/files/set-mtu.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=set MTU 
+Before=wg-quick@wg0.service
+
+[Service]
+Type=oneshot
+ExecStart=set-mtu.sh
+
+[Install]
+RequiredBy=wg-quick@wg0.service

roles/application-wireguard/files/wireguard-ip.conf

@@ -0,0 +1,8 @@
+# This file is created by 
+# https://github.com/kevinveenbirkenbach/client-playbook/tree/main/roles/application-wireguard
+
+net.ipv6.conf.all.disable_ipv6      = 0
+net.ipv6.conf.default.disable_ipv6  = 0
+net.ipv6.conf.lo.disable_ipv6       = 0
+net.ipv6.conf.all.forwarding        = 1
+net.ipv4.ip_forward                 = 1

roles/application-wireguard/handlers/main.yml

@@ -0,0 +1,16 @@
+- name: "restart set-mtu.service"
+  systemd:
+    name: set-mtu.service
+    state: restarted
+    enabled: yes
+    daemon_reload: yes
+
+- name: "restart wireguard"
+  systemd:
+    name: wg-quick@wg0.service
+    state: restarted
+    enabled: yes
+    daemon_reload: yes
+
+- name: "reload sysctl configuration"
+  shell: "sysctl -p"

roles/application-wireguard/tasks/main.yml

@@ -0,0 +1,32 @@
+- name: install wireguard
+  pacman: 
+    name: wireguard-tools
+    state: present
+
+- name: create set-mtu.service
+  copy: 
+    src:  set-mtu.service
+    dest: /etc/systemd/system/set-mtu.service
+  notify: restart set-mtu.service
+
+- name: create set-mtu.sh
+  template: 
+    src:  set-mtu.sh.j2
+    dest: /usr/local/bin/set-mtu.sh
+  notify: restart set-mtu.service
+
+- name: create wireguard-ip.conf
+  copy:
+    src: "wireguard-ip.conf"
+    dest: /etc/sysctl.d/wireguard-ip.conf
+    owner: root
+    group: root
+  notify: reload sysctl configuration
+
+- name: create /etc/wireguard/wg0.conf
+  copy:
+    src: "{{ inventory_dir }}/files/{{ inventory_hostname }}/etc/wireguard/wg0.conf"
+    dest: /etc/wireguard/wg0.conf
+    owner: root
+    group: root
+  notify: restart wireguard

roles/application-wireguard/templates/set-mtu.sh.j2

@@ -0,0 +1,4 @@
+#!/bin/bash
+{% for internet_interface in internet_interfaces %}
+ip li set mtu 1400 dev {{internet_interface}}
+{% endfor %}

roles/collection-administrator-base/tasks/main.yml

@@ -7,4 +7,5 @@
       - gcc
       - cmake
       - fdupes
+      - p7zip
     state: present

roles/collection-administrator-network-analyze/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-administrator-base

roles/collection-administrator-tools-network-analyze/meta/main.yml

@@ -1,2 +0,0 @@
-dependencies:
-- collection-administrator-tools-base

roles/collection-designer/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- system-aur-helper

roles/collection-designer/tasks/main.yml

@@ -0,0 +1,13 @@
+- name: install designer tools
+  community.general.pacman:
+    name: 
+      - gimp
+      - blender
+    state: present
+
+- name: install drawio
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      - drawio-desktop
+  become: false

roles/collection-developer-arduino/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-developer-base

roles/collection-developer-base/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-administrator-base

roles/collection-developer-bash/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-developer-base

roles/collection-developer-php/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-developer-base

roles/collection-developer-python/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-developer-base

roles/collection-developer-tools-arduino/meta/main.yml

@@ -1,2 +0,0 @@
-dependencies:
-- collection-developer-tools-base

roles/collection-developer-tools-base/meta/main.yml

@@ -1,2 +0,0 @@
-dependencies:
-- collection-administrator-tools-base

roles/collection-developer-tools-bash/meta/main.yml

@@ -1,2 +0,0 @@
-dependencies:
-- collection-developer-tools-base

roles/collection-developer-tools-php/meta/main.yml

@@ -1,2 +0,0 @@
-dependencies:
-- collection-developer-tools-base

roles/collection-developer-tools-python/meta/main.yml

@@ -1,2 +0,0 @@
-dependencies:
-- collection-developer-tools-base

roles/collection-entertainment/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- system-aur-helper

roles/collection-entertainment/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install entertainment software
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      - spotify

roles/collection-office-tools/meta/main.yml

@@ -1,2 +0,0 @@
-dependencies:
-- application-libreoffice

roles/collection-office/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+- application-libreoffice
+- collection-video-conference

roles/collection-office/tasks/main.yml

@@ -1,7 +1,9 @@
-- name: install shutter
+- name: install office sofware
   community.general.pacman:
     name: 
       - chromium
       - shutter
       - thunderbird
+      - calibre
+      - retext
     state: present

roles/collection-streamer/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install streaming
+  community.general.pacman:
+    name: 
+      - obs-studio
+    state: present

roles/collection-torrent/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- system-aur-helper

roles/collection-torrent/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install torrent software
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      - qbittorrent

roles/collection-video-conference/README.md

@@ -0,0 +1,4 @@
+# collection-video-conference
+
+## further information
+It seems like the microsoft client is not supported nativly on linux anymore: https://aur.archlinux.org/packages/teams

roles/collection-video-conference/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- system-aur-helper

roles/collection-video-conference/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install video conference software
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      - zoom

roles/native-general/tasks/main.yml

@@ -1,17 +0,0 @@
-- name: install general software
-  community.general.pacman:
-    name:
-      # description language interpreters
-      #- texlive-most
-
-      # compression tools
-      #- p7zip
-
-      # video/picture manipulation
-      #- gimp
-      #- blender
-      #- obs-studio
-
-      # virtualization tools
-      #- qemu
-    state: present

roles/system-gnome/meta/main.yml

@@ -1,2 +1,3 @@
 dependencies:
-- application-git
+- application-git
+- application-caffeine