Merged client playbook and server playbook

roles/pc_application-caffeine/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- system-aur-helper

roles/pc_application-caffeine/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: Install caffeine
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      - caffeine-ng

roles/pc_application-docker/tasks/main.yml

@@ -0,0 +1,11 @@
+- name: install docker
+  community.general.pacman:
+    name:
+      - docker
+      - docker-compose
+    state: present
+
+- name: Adding user {{client_username}} to relevant arduino usergroups  
+  user: name={{client_username}}
+        groups=docker
+        append=yes

roles/pc_application-git/tasks/main.yml

@@ -0,0 +1,8 @@
+- name: Set git user email to {{user_email}}
+  ansible.builtin.shell: git config --global user.email "{{user_email}}"
+- name: Set git user name to {{user_full_name}}
+  ansible.builtin.shell: git config --global user.name "{{user_full_name}}"
+- name: install git
+  community.general.pacman:
+    name: git
+    state: present

roles/pc_application-hunspell/tasks/main.yml

@@ -0,0 +1,10 @@
+- name: install hunspell
+  community.general.pacman:
+    name: hunspell
+    state: present
+
+- name: install hunspell language packages
+  community.general.pacman:
+    name: "hunspell-{{ item }}"
+    state: present
+  loop: "{{hunspell_languages}}"

roles/pc_application-java/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install java
+  community.general.pacman:
+    name:
+      - jdk11-openjdk
+    state: present

roles/pc_application-latex/readme.md

@@ -0,0 +1,3 @@
+# application-latex
+
+More packages you will find here: https://wiki.archlinux.org/title/TeX_Live

roles/pc_application-latex/tasks/main.yml

@@ -0,0 +1,9 @@
+- name: install latex software
+  community.general.pacman:
+    name: 
+      - texlive-latexextra 
+      - texlive-lang
+      - texlive-langextra
+      - texlive-fontsextra
+      - texlive-most
+    state: present

roles/pc_application-libreoffice/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- application-hunspell

roles/pc_application-libreoffice/tasks/main.yml

@@ -0,0 +1,12 @@
+- name: install libreoffice
+  community.general.pacman:
+    name:
+      - ttf-liberation
+      - libreoffice-fresh
+    state: present
+
+- name: install libreoffice language packages
+  community.general.pacman:
+    name: "libreoffice-fresh-{{ item }}"
+    state: present
+  loop: "{{libreoffice_languages}}"

roles/pc_application-nextcloud/tasks/main.yml

@@ -0,0 +1,31 @@
+- name: Install nextcloud-client
+  community.general.pacman:
+    name: nextcloud-client
+    state: present
+
+- name: Link homefolders to cloud
+  ansible.builtin.file:
+    src: "{{cloud_directory}}{{item}}"
+    dest: "{{user_home_directory}}{{item}}"
+    owner: "{{client_username}}"
+    group: "{{client_username}}"
+    state: link
+  loop:
+    - Templates
+    - Documents
+    - Videos
+    - Pictures
+    - Music
+    - Desktop
+    - Software
+    - Downloads
+    - Workspaces
+    - Books
+
+- name: Link dump folder
+  ansible.builtin.file:
+    src: "{{cloud_directory}}InstantUpload"
+    dest: "{{user_home_directory}}Dump"
+    owner: "{{client_username}}"
+    group: "{{client_username}}"
+    state: link

roles/pc_application-nextcloud/vars/main.yml

@@ -0,0 +1,2 @@
+user_home_directory: "/home/{{client_username}}/"
+cloud_directory: "{{user_home_directory}}Clouds/{{cloud_fqdn}}/{{client_username}}/"

roles/pc_application-ssh/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- application-git

roles/pc_application-ssh/tasks/main.yml

@@ -0,0 +1,6 @@
+- name: pull ssh repository from {{ssh_configuration_repository}}
+  git:
+    repo: "{{ssh_configuration_repository}}"
+    dest: "$HOME/.ssh"
+    update: yes
+  become: false

roles/pc_application-torbrowser/tasks/main.yml

@@ -0,0 +1,6 @@
+- name: Install torbrowser
+  community.general.pacman:
+    name:
+      - tor
+      - torbrowser-launcher
+    state: present

roles/pc_application-virtual-box/Readme.md

@@ -0,0 +1,9 @@
+# application-virtual-box
+
+```bash
+	sudo pacman -S virtualbox "$(pacman -Qsq "^linux" | grep "^linux[0-9]*[-rt]*$" | awk '{print $1"-virtualbox-host-modules"}' ORS=' ')" &&
+	sudo vboxreload &&
+	pamac build virtualbox-ext-oracle &&
+	sudo gpasswd -a "$USER" vboxusers || exit 1
+	echo "Keep in mind to install the guest additions in the virtualized system. See https://wiki.manjaro.org/index.php?title=VirtualBox"
+```

roles/pc_application-wireguard/README.md

@@ -0,0 +1,28 @@
+# Role Native Wireguard
+Manages wireguard on a client.
+
+## Create Client Keys
+```bash
+  wg_private_key="$(wg genkey)"
+  wg_public_key="$(echo "$wg_private_key" | wg pubkey)"
+  echo "PrivateKey: $wg_private_key"
+  echo "PublicKey: $wg_public_key"
+  echo "PresharedKey: $(wg genpsk)"
+```
+
+## Other
+- https://golb.hplar.ch/2019/01/expose-server-vpn.html
+- https://wiki.archlinux.org/index.php/WireGuard
+- https://wireguard.how/server/raspbian/
+- https://www.scaleuptech.com/de/blog/was-ist-und-wie-funktioniert-subnetting/
+- https://bodhilinux.boards.net/thread/450/wireguard-rtnetlink-answers-permission-denied
+- https://stackoverflow.com/questions/69140072/unable-to-ssh-into-wireguard-ip-until-i-ping-another-server-from-inside-the-serv
+- https://unix.stackexchange.com/questions/717172/why-is-ufw-blocking-acces-to-ssh-via-wireguard
+- https://forum.openwrt.org/t/cannot-ssh-to-clients-on-lan-when-accessing-router-via-wireguard-client/132709/3
+- https://serverfault.com/questions/1086297/wireguard-connection-dies-on-ubuntu-peer
+- https://unix.stackexchange.com/questions/624987/ssh-fails-to-start-when-listenaddress-is-set-to-wireguard-vpn-ip
+- https://serverfault.com/questions/210408/cannot-ssh-debug1-expecting-ssh2-msg-kex-dh-gex-reply
+- https://www.thomas-krenn.com/de/wiki/Linux_ip_Kommando
+- https://wiki.archlinux.org/title/dhcpcd
+- https://wiki.ubuntuusers.de/NetworkManager/Dispatcher/
+- https://askubuntu.com/questions/1024916/how-can-i-launch-a-systemd-service-at-startup-before-another-systemd-service-sta

roles/pc_application-wireguard/files/set-mtu.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=set MTU 
+Before=wg-quick@wg0.service
+
+[Service]
+Type=oneshot
+ExecStart=set-mtu.sh
+
+[Install]
+RequiredBy=wg-quick@wg0.service

roles/pc_application-wireguard/files/wireguard-ip.conf

@@ -0,0 +1,8 @@
+# This file is created by 
+# https://github.com/kevinveenbirkenbach/client-playbook/tree/main/roles/application-wireguard
+
+net.ipv6.conf.all.disable_ipv6      = 0
+net.ipv6.conf.default.disable_ipv6  = 0
+net.ipv6.conf.lo.disable_ipv6       = 0
+net.ipv6.conf.all.forwarding        = 1
+net.ipv4.ip_forward                 = 1

roles/pc_application-wireguard/handlers/main.yml

@@ -0,0 +1,16 @@
+- name: "restart set-mtu.service"
+  systemd:
+    name: set-mtu.service
+    state: restarted
+    enabled: yes
+    daemon_reload: yes
+
+- name: "restart wireguard"
+  systemd:
+    name: wg-quick@wg0.service
+    state: restarted
+    enabled: yes
+    daemon_reload: yes
+
+- name: "reload sysctl configuration"
+  shell: "sysctl -p"

roles/pc_application-wireguard/tasks/main.yml

@@ -0,0 +1,32 @@
+- name: install wireguard
+  pacman: 
+    name: wireguard-tools
+    state: present
+
+- name: create set-mtu.service
+  copy: 
+    src:  set-mtu.service
+    dest: /etc/systemd/system/set-mtu.service
+  notify: restart set-mtu.service
+
+- name: create set-mtu.sh
+  template: 
+    src:  set-mtu.sh.j2
+    dest: /usr/local/bin/set-mtu.sh
+  notify: restart set-mtu.service
+
+- name: create wireguard-ip.conf
+  copy:
+    src: "wireguard-ip.conf"
+    dest: /etc/sysctl.d/wireguard-ip.conf
+    owner: root
+    group: root
+  notify: reload sysctl configuration
+
+- name: create /etc/wireguard/wg0.conf
+  copy:
+    src: "{{ inventory_dir }}/files/{{ inventory_hostname }}/etc/wireguard/wg0.conf"
+    dest: /etc/wireguard/wg0.conf
+    owner: root
+    group: root
+  notify: restart wireguard

roles/pc_application-wireguard/templates/set-mtu.sh.j2

@@ -0,0 +1,4 @@
+#!/bin/bash
+{% for internet_interface in internet_interfaces %}
+ip li set mtu 1400 dev {{internet_interface}}
+{% endfor %}

roles/pc_collection-administrator-base/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- application-git

roles/pc_collection-administrator-base/tasks/main.yml

@@ -0,0 +1,11 @@
+- name: install administration tools
+  community.general.pacman:
+    name:
+      - base-devel
+      - yay
+      - make
+      - gcc
+      - cmake
+      - fdupes
+      - p7zip
+    state: present

roles/pc_collection-administrator-network-analyze/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-administrator-base

roles/pc_collection-administrator-network-analyze/tasks/main.yml

@@ -0,0 +1,7 @@
+- name: install administrator network analyze tools
+  community.general.pacman:
+    name:
+      - traceroute
+      - wireshark-qt
+      - wireshark-cli
+    state: present

roles/pc_collection-bluray-player/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- application-java

roles/pc_collection-bluray-player/readme.md

@@ -0,0 +1,7 @@
+# collection-blu-ray-player
+
+## further information
+- https://wiki.archlinux.org/title/Blu-ray#Using_aacskeys
+- https://videobyte.de/play-blu-ray-with-vlc
+- https://archived.forum.manjaro.org/t/wie-kann-ich-bluray-uhd-abspielen/127396/12
+- http://fvonline-db.bplaced.net/

roles/pc_collection-bluray-player/tasks/main.yml

@@ -0,0 +1,14 @@
+- name: install vlc and blu ray software
+  community.general.pacman:
+    name:
+      - vlc
+      - libaacs
+      - libbluray
+    state: present
+- name: install AUR packages to play blu ray
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      - aacskeys
+      - libbdplus
+  become: false

roles/pc_collection-designer/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- system-aur-helper

roles/pc_collection-designer/tasks/main.yml

@@ -0,0 +1,13 @@
+- name: install designer tools
+  community.general.pacman:
+    name: 
+      - gimp
+      - blender
+    state: present
+
+- name: install drawio
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      - drawio-desktop
+  become: false

roles/pc_collection-developer-arduino/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-developer-base

roles/pc_collection-developer-arduino/tasks/main.yml

@@ -0,0 +1,11 @@
+- name: install arduino developer tools
+  community.general.pacman:
+    name:
+      - arduino
+      - arduino-docs
+    state: present
+
+- name: Adding user {{client_username}} to relevant arduino usergroups  
+  user: name={{client_username}}
+        groups=uucp lock
+        append=yes

roles/pc_collection-developer-base/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-administrator-base

roles/pc_collection-developer-base/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install base developer tools
+  community.general.pacman:
+    name:
+      - code
+    state: present

roles/pc_collection-developer-bash/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-developer-base

roles/pc_collection-developer-bash/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install bash developer tools
+  community.general.pacman:
+    name:
+      - shellcheck
+    state: present

roles/pc_collection-developer-java/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- application-java

roles/pc_collection-developer-php/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-developer-base

roles/pc_collection-developer-php/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install php developer tools
+  community.general.pacman:
+    name:
+      - php 
+    state: present

roles/pc_collection-developer-python/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- collection-developer-base

roles/pc_collection-developer-python/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install python developer tools
+  community.general.pacman:
+    name:
+      - python
+    state: present

roles/pc_collection-entertainment/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- system-aur-helper

roles/pc_collection-entertainment/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install entertainment software
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      - spotify

roles/pc_collection-games/tasks/main.yml

@@ -0,0 +1,14 @@
+- name: Install gaming software
+  community.general.pacman:
+    name:
+      - 0ad
+      - warzone2100
+      - supertuxkart
+      - gnuchess
+      - sauerbraten
+      - minetest
+      - mari0
+      - retroarch
+      - retroarch-assets-xmb
+      - retroarch-assets-ozone
+    state: present

roles/pc_collection-office/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+- application-libreoffice
+- collection-video-conference

roles/pc_collection-office/tasks/main.yml

@@ -0,0 +1,9 @@
+- name: install office sofware
+  community.general.pacman:
+    name: 
+      - chromium
+      - shutter
+      - thunderbird
+      - calibre
+      - retext
+    state: present

roles/pc_collection-security-tools/tasks/main.yml

@@ -0,0 +1,7 @@
+- name: install security tools
+  community.general.pacman:
+    name:
+      - ecryptfs-utils
+      - encfs
+      - keepassxc
+    state: present

roles/pc_collection-streamer/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install streaming
+  community.general.pacman:
+    name: 
+      - obs-studio
+    state: present

roles/pc_collection-torrent/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- system-aur-helper

roles/pc_collection-torrent/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install torrent software
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      - qbittorrent

roles/pc_collection-video-conference/README.md

@@ -0,0 +1,4 @@
+# collection-video-conference
+
+## further information
+It seems like the microsoft client is not supported nativly on linux anymore: https://aur.archlinux.org/packages/teams

roles/pc_collection-video-conference/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- system-aur-helper

roles/pc_collection-video-conference/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: install video conference software
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      - zoom

roles/pc_driver-epson-multiprinter/Readme.md

@@ -0,0 +1,9 @@
+# role native-epson-multiprinter
+## further information
+- https://bernhardsteindl.at/epson-ecotank-et-3600-unter-arch-linux-einrichten/
+- http://download.ebz.epson.net/dsc/search/01/search/searchModule
+- https://aur.archlinux.org/packages/epson-inkjet-printer-escpr
+- https://forum.manjaro.org/t/probleme-mit-epson-et-2820/109777/2
+- https://www.ordinatechnic.com/distribution-specific-guides/Arch/installing-an-epson-multifunction-printer-on-arch-linux-and-derivatives
+- http://localhost:631/admin
+- https://wiki.archlinux.org/title/SANE/Scanner-specific_problems

roles/pc_driver-epson-multiprinter/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- system-aur-helper

roles/pc_driver-epson-multiprinter/tasks/main.yml

@@ -0,0 +1,12 @@
+- name: install AUR packages for epson
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      - epson-printer-utility
+      - imagescan-plugin-networkscan
+      - epson-inkjet-printer-escpr
+      - epson-inkjet-printer-escpr2
+- name: install imagescan
+  community.general.pacman:
+    name: imagescan
+    state: present

roles/pc_driver-intel/Readme.md

@@ -0,0 +1 @@
+# driver-intel

roles/pc_driver-intel/tasks/main.yml

@@ -0,0 +1,4 @@
+- name: install intel drivers
+  community.general.pacman:
+    name: intel-media-driver 
+    state: present

roles/pc_driver-msi-perkeyrgb/Readme.md

@@ -0,0 +1,4 @@
+# native-msi-gs66
+# further information
+- https://github.com/Askannz/msi-perkeyrgb
+- https://wiki.archlinux.org/title/MSI_GS66_11UX

roles/pc_driver-msi-perkeyrgb/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- system-aur-helper

roles/pc_driver-msi-perkeyrgb/tasks/main.yml

@@ -0,0 +1,9 @@
+- name: Install MSI packages
+  kewlfft.aur.aur:
+    use: yay
+    name:
+      -  msi-perkeyrgb
+
+- name: Change preset of keyboard {{vendor_and_product_id}} to {{preset}}
+  ansible.builtin.shell: sudo msi-perkeyrgb --model GS65 -p "{{preset}}" --id "{{vendor_and_product_id}}"
+  become: true

roles/pc_driver-non-free/tasks/main.yml

@@ -0,0 +1,2 @@
+- name: Install nonfree drivers
+  ansible.builtin.shell: mhwd -a pci nonfree 0300

roles/pc_system-aur-helper/Readme.md

@@ -0,0 +1 @@
+https://github.com/kewlfft/ansible-aur

roles/pc_system-aur-helper/tasks/main.yml

@@ -0,0 +1,25 @@
+- name: install yay
+  community.general.pacman:
+    name: yay
+    state: present
+
+- name: Create the `aur_builder` user
+  become: yes
+  ansible.builtin.user:
+    name: aur_builder
+    create_home: yes
+    group: wheel
+
+- name: Allow the `aur_builder` user to run `sudo pacman` without a password
+  become: yes
+  ansible.builtin.lineinfile:
+    path: /etc/sudoers.d/11-install-aur_builder
+    line: 'aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman'
+    create: yes
+    validate: 'visudo -cf %s'
+
+- name: Upgrade the system using yay, only act on AUR packages.
+  kewlfft.aur.aur:
+    upgrade: yes
+    use: yay
+    aur_only: yes

roles/pc_system-gnome/Readme.md

@@ -0,0 +1,3 @@
+# system-gnome
+## further information
+- https://askubuntu.com/questions/1029376/how-do-i-enable-and-disable-gnome-extensions-from-the-command-line

roles/pc_system-gnome/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+- application-git
+- application-caffeine

roles/pc_system-gnome/tasks/main.yml

@@ -0,0 +1,27 @@
+- name: Install Gnome Software
+  community.general.pacman:
+    name:
+      - gnome-shell-extensions
+      - gnome-shell-extension-desktop-icons-ng 
+      - gnome-terminal
+    state: present 
+
+- name: GNOME Activate Extensions
+  ansible.builtin.shell: gsettings set org.gnome.shell disable-user-extensions false
+  become: false
+
+- name: GNOME Set favorite apps
+  ansible.builtin.shell: gsettings set org.gnome.shell favorite-apps "{{favorite_apps}}"
+  become: false
+
+- name: pull CLI GNOME Extension manager script
+  git:
+    repo: "git@github.com:kevinveenbirkenbach/cli-gnome-extension-manager.git"
+    dest: "$HOME/Repositories/github.com/kevinveenbirkenbach/cli-gnome-extension-manager"
+    update: yes
+  become: false
+
+- name: Execute CLI GNOME Extension manager script
+  ansible.builtin.shell: bash "/home/{{client_username}}/Repositories/github.com/kevinveenbirkenbach/cli-gnome-extension-manager/gnome-extension-manager.sh" "{{ item[0] }}" "{{ item[1] }}" "{{ item[2] }}"
+  loop: "{{gnome_extensions}}"
+  become: false

roles/pc_system-swapfile/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- application-git

roles/pc_system-swapfile/tasks/main.yml

@@ -0,0 +1,10 @@
+- name: pull swapfile creating script
+  git:
+    repo: "git@github.com:kevinveenbirkenbach/create-linux-swapfile.git"
+    dest: "$HOME/Repositories/github.com/kevinveenbirkenbach/create-linux-swapfile"
+    update: yes
+  become: false
+
+- name: Execute create swapfile script
+  ansible.builtin.shell: bash "/home/{{client_username}}/Repositories/github.com/kevinveenbirkenbach/create-linux-swapfile/create-linux-swapfile.sh" "{{swapfile_size}}"
+  become: true