From 5a481bcc140e261860ee4396d20ad9d5a551853c Mon Sep 17 00:00:00 2001 From: Lina Date: Fri, 3 Apr 2026 09:19:18 +0200 Subject: [PATCH] first commit --- LICENSE | 21 +++++++ README.md | 34 ++++++++++++ Vagrantfile | 29 ++++++++++ ansible.cfg | 5 ++ files/sources.list | 14 +++++ group_vars/all.yml | 37 +++++++++++++ inventory.ini | 6 ++ playbooks/install.yml | 18 ++++++ roles/brave/tasks/main.yml | 33 +++++++++++ roles/common/defaults/main.yml | 3 + roles/common/files/sources.list | 14 +++++ roles/common/tasks/main.yml | 54 ++++++++++++++++++ roles/devtools/tasks/main.yml | 89 ++++++++++++++++++++++++++++++ roles/devtools/vars/main.yml | 9 +++ roles/discord/tasks/main.yml | 0 roles/docker/tasks/main.yml | 19 +++++++ roles/element/tasks/main.yml | 13 +++++ roles/element/vars/main.yml | 3 + roles/freetube/tasks/main.yml | 20 +++++++ roles/ollama/defaults/main.yml | 5 ++ roles/ollama/handlers/main.yml | 5 ++ roles/ollama/tasks/install.yml | 41 ++++++++++++++ roles/ollama/tasks/main.yml | 6 ++ roles/ollama/tasks/models.yml | 6 ++ roles/steam/tasks/main.yml | 24 ++++++++ roles/virtualbox/defaults/main.yml | 5 ++ roles/virtualbox/tasks/main.yml | 70 +++++++++++++++++++++++ roles/vlc/tasks/main.yml | 18 ++++++ roles/wine/defaults/main.yml | 6 ++ roles/wine/tasks/main.yml | 55 ++++++++++++++++++ settings.yml | 16 ++++++ 31 files changed, 678 insertions(+) create mode 100644 LICENSE create mode 100644 README.md create mode 100644 Vagrantfile create mode 100644 ansible.cfg create mode 100644 files/sources.list create mode 100644 group_vars/all.yml create mode 100644 inventory.ini create mode 100644 playbooks/install.yml create mode 100644 roles/brave/tasks/main.yml create mode 100644 roles/common/defaults/main.yml create mode 100644 roles/common/files/sources.list create mode 100644 roles/common/tasks/main.yml create mode 100644 roles/devtools/tasks/main.yml create mode 100644 roles/devtools/vars/main.yml create mode 100644 roles/discord/tasks/main.yml create mode 100644 roles/docker/tasks/main.yml create mode 100644 roles/element/tasks/main.yml create mode 100644 roles/element/vars/main.yml create mode 100644 roles/freetube/tasks/main.yml create mode 100644 roles/ollama/defaults/main.yml create mode 100644 roles/ollama/handlers/main.yml create mode 100644 roles/ollama/tasks/install.yml create mode 100644 roles/ollama/tasks/main.yml create mode 100644 roles/ollama/tasks/models.yml create mode 100644 roles/steam/tasks/main.yml create mode 100644 roles/virtualbox/defaults/main.yml create mode 100644 roles/virtualbox/tasks/main.yml create mode 100644 roles/vlc/tasks/main.yml create mode 100644 roles/wine/defaults/main.yml create mode 100644 roles/wine/tasks/main.yml create mode 100644 settings.yml diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..9fb2667 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2026 Le Garage Numérique + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..d6ad366 --- /dev/null +++ b/README.md @@ -0,0 +1,34 @@ +# Debian 13 Ansible workstation installation + +Collection of ansible roles to provision a debian 13 workstation locally + +## Configuration + +```bash +sudo apt install ansible +``` + +## Utilisation + +- Test with vagrant: +> Create a trixi vagrant box [here](https://git.legaragenumerique.fr/GARAGENUM/packer-box-deb13) + +- Install all: +```bash +ansible-playbook playbooks/install.yml --ask-become-pass +``` + +- Install only one role: +```bash +ansible-playbook playbooks/install.yml --ask-become-pass --tags ollama +``` + +## To add + +- [ ] hugo (extended) + +## To test + +- [x] ollama +- [x] steam +- [ ] virtualbox diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 0000000..019792d --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,29 @@ +require 'yaml' + +settings = YAML.load_file('settings.yml') + +VAGRANTFILE_API_VERSION = "2" +Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| + config.ssh.insert_key = false + config.vm.synced_folder ".", "/vagrant", disabled: true + + # Box configuration (globale) + config.vm.box = settings['box']['name'] +# config.vm.box_url = settings['box']['url'] + + settings['vms'].each do |vm| + config.vm.define vm['name'] do |node| + node.vm.hostname = vm['hostname'] + node.vm.network :private_network, ip: vm['ip'] + # provider + config.vm.provider settings['provider']['type'].to_sym do |v| + v.memory = vm['memory'] + + # Provisioning configuration for Ansible. + config.vm.provision "ansible" do |ansible| + ansible.playbook = "playbooks/install.yml" + end + end + end + end +end \ No newline at end of file diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..f6f6fdc --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,5 @@ +[defaults] +inventory = inventory.ini +roles_path = roles +host_key_checking = False +retry_files_enabled = False diff --git a/files/sources.list b/files/sources.list new file mode 100644 index 0000000..5d35a15 --- /dev/null +++ b/files/sources.list @@ -0,0 +1,14 @@ +deb https://deb.debian.org/debian/ trixie contrib main non-free non-free-firmware +# deb-src https://deb.debian.org/debian/ trixie contrib main non-free non-free-firmware + +deb https://deb.debian.org/debian/ trixie-updates contrib main non-free non-free-firmware +# deb-src https://deb.debian.org/debian/ trixie-updates contrib main non-free non-free-firmware + +deb https://deb.debian.org/debian/ trixie-proposed-updates contrib main non-free non-free-firmware +# deb-src https://deb.debian.org/debian/ trixie-proposed-updates contrib main non-free non-free-firmware + +deb https://deb.debian.org/debian/ trixie-backports contrib main non-free non-free-firmware +# deb-src https://deb.debian.org/debian/ trixie-backports contrib main non-free non-free-firmware + +deb https://security.debian.org/debian-security/ trixie-security contrib main non-free non-free-firmware +# deb-src https://security.debian.org/debian-security/ trixie-security contrib main non-free non-free-firmware diff --git a/group_vars/all.yml b/group_vars/all.yml new file mode 100644 index 0000000..cddb540 --- /dev/null +++ b/group_vars/all.yml @@ -0,0 +1,37 @@ +--- +ansible_become: true + +timezone: Europe/Paris +ansible_user: "{{ lookup('env', 'USER') }}" + +common: + apt_update_cache: true + apt_upgrade: true + +devtools: + tabby_version: "1.0.215" + tabby_deb_url: "https://github.com/Eugeny/tabby/releases/download/v{{ tabby_version }}/tabby-{{ tabby_version }}-linux-x64.deb" + go_version: "1.22.1" + go_arch: "amd64" + go_tarball: "go{{ go_version }}.linux-{{ go_arch }}.tar.gz" + go_url: "https://go.dev/dl/{{ go_tarball }}" + go_install_dir: /usr/local + +element: + element_version: "1.11.73" + element_deb_url: "https://packages.element.io/debian/pool/main/e/element-desktop/element-desktop_{{ element_version }}_amd64.deb" + +ollama: + ollama_install_script: https://ollama.com/install.sh + ollama_service_name: ollama + ollama_user: ollama + ollama_bin: /usr/local/bin/ollama + ollama_models: + - llama3.2:3b + +wine: + winehq_repo_url: https://dl.winehq.org/wine-builds/debian/dists/trixie/winehq-trixie.sources + winehq_key_url: https://dl.winehq.org/wine-builds/winehq.key + winehq_keyring: /etc/apt/keyrings/winehq-archive.key + winehq_packages: + - winehq-stable \ No newline at end of file diff --git a/inventory.ini b/inventory.ini new file mode 100644 index 0000000..284ea4d --- /dev/null +++ b/inventory.ini @@ -0,0 +1,6 @@ +[debian] +# Execute on local machine +localhost ansible_connection=local + +# Exexcute on distant server +# 123.456.78.90 ansible_user=user ansible_port=22 diff --git a/playbooks/install.yml b/playbooks/install.yml new file mode 100644 index 0000000..98d0990 --- /dev/null +++ b/playbooks/install.yml @@ -0,0 +1,18 @@ +--- +- name: Installation Debian 13 complète + hosts: all + become: yes + + roles: + - common + - devtools + - docker + - ollama + - discord + - element + - wine + - steam + - brave + - freetube + - virtualbox + - vlc \ No newline at end of file diff --git a/roles/brave/tasks/main.yml b/roles/brave/tasks/main.yml new file mode 100644 index 0000000..bfe7b4a --- /dev/null +++ b/roles/brave/tasks/main.yml @@ -0,0 +1,33 @@ +--- +- name: Vérifier que le système est Debian + ansible.builtin.assert: + that: + - ansible_facts['distribution'] == "Debian" + fail_msg: "Ce rôle est prévu uniquement pour Debian" + tags: brave + +- name: Installer curl + ansible.builtin.apt: + name: curl + state: present + tags: brave + +- name: Télécharger la clé GPG de Brave + ansible.builtin.get_url: + url: https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg + dest: /usr/share/keyrings/brave-browser-archive-keyring.gpg + mode: '0644' + tags: brave + +- name: Ajouter le dépôt Brave + ansible.builtin.apt_repository: + repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg] https://brave-browser-apt-release.s3.brave.com/ stable main" + state: present + filename: brave-browser-release + tags: brave + +- name: Installer Brave + ansible.builtin.apt: + name: brave-browser + state: present + tags: brave \ No newline at end of file diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml new file mode 100644 index 0000000..9b38866 --- /dev/null +++ b/roles/common/defaults/main.yml @@ -0,0 +1,3 @@ +--- +apt_update_cache: true +apt_upgrade: true diff --git a/roles/common/files/sources.list b/roles/common/files/sources.list new file mode 100644 index 0000000..5d35a15 --- /dev/null +++ b/roles/common/files/sources.list @@ -0,0 +1,14 @@ +deb https://deb.debian.org/debian/ trixie contrib main non-free non-free-firmware +# deb-src https://deb.debian.org/debian/ trixie contrib main non-free non-free-firmware + +deb https://deb.debian.org/debian/ trixie-updates contrib main non-free non-free-firmware +# deb-src https://deb.debian.org/debian/ trixie-updates contrib main non-free non-free-firmware + +deb https://deb.debian.org/debian/ trixie-proposed-updates contrib main non-free non-free-firmware +# deb-src https://deb.debian.org/debian/ trixie-proposed-updates contrib main non-free non-free-firmware + +deb https://deb.debian.org/debian/ trixie-backports contrib main non-free non-free-firmware +# deb-src https://deb.debian.org/debian/ trixie-backports contrib main non-free non-free-firmware + +deb https://security.debian.org/debian-security/ trixie-security contrib main non-free non-free-firmware +# deb-src https://security.debian.org/debian-security/ trixie-security contrib main non-free non-free-firmware diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml new file mode 100644 index 0000000..637e4a4 --- /dev/null +++ b/roles/common/tasks/main.yml @@ -0,0 +1,54 @@ +--- +- name: Mise à jour APT + ansible.builtin.apt: + update_cache: true + cache_valid_time: 3600 + tags: common + +- name: Déployer /etc/apt/sources.list + ansible.builtin.copy: + src: files/sources.list + dest: /etc/apt/sources.list + owner: root + group: root + mode: '0644' + backup: yes + tags: common + +- name: Attendre que le verrou APT soit libéré + ansible.builtin.shell: while fuser /var/lib/apt/lists/lock /var/lib/dpkg/lock /var/lib/dpkg/lock-frontend > /dev/null 2>&1; do sleep 1; done + changed_when: false + tags: common + +- name: Mettre à jour le cache APT + ansible.builtin.shell: + cmd: apt-get update + become: yes + changed_when: false + tags: common + +- name: Mettre à jour tous les paquets + ansible.builtin.apt: + upgrade: dist + when: apt_upgrade + tags: common + +- name: Paquets de base + ansible.builtin.apt: + name: + - rsyslog + - ca-certificates + - curl + - wget + - gnupg + - git + - vim + - htop + - btop + - fail2ban + - net-tools + - resolvconf + - wireguard + - python3-venv + state: present + tags: common diff --git a/roles/devtools/tasks/main.yml b/roles/devtools/tasks/main.yml new file mode 100644 index 0000000..a0f7e09 --- /dev/null +++ b/roles/devtools/tasks/main.yml @@ -0,0 +1,89 @@ +--- +- name: Installer outils développeur + ansible.builtin.apt: + name: + - build-essential + - python3 + - python3-pip + - python3-venv + - linuxlogo + - lolcat + - vagrant + - kew + state: present + tags: devtools + +# VScodium +- name: Ajouter la clé GPG VSCodium + ansible.builtin.get_url: + url: https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg + dest: /usr/share/keyrings/vscodium.gpg + mode: '0644' + tags: devtools + +- name: Ajouter le dépôt VSCodium + ansible.builtin.apt_repository: + repo: "deb [signed-by=/usr/share/keyrings/vscodium.gpg] https://download.vscodium.com/debs vscodium main" + filename: vscodium + state: present + tags: devtools + +- name: Installer VSCodium + ansible.builtin.apt: + name: codium + update_cache: true + state: present + tags: devtools + + +# Tabby.sh +- name: Télécharger Tabby + ansible.builtin.get_url: + url: "{{ tabby_deb_url }}" + dest: /tmp/tabby.deb + mode: '0644' + tags: devtools + +- name: Installer Tabby + ansible.builtin.apt: + deb: /tmp/tabby.deb + state: present + tags: devtools + +- name: Vérifier si Go est déjà installé + ansible.builtin.stat: + path: "{{ go_install_dir }}/go/bin/go" + register: go_installed + tags: devtools + +# Go +- name: Télécharger Go {{ go_version }} + ansible.builtin.get_url: + url: "{{ go_url }}" + dest: "/tmp/{{ go_tarball }}" + mode: '0644' + when: not go_installed.stat.exists + tags: devtools + +- name: Supprimer ancienne installation Go + ansible.builtin.file: + path: "{{ go_install_dir }}/go" + state: absent + when: not go_installed.stat.exists + tags: devtools + +- name: Installer Go {{ go_version }} + ansible.builtin.unarchive: + src: "/tmp/{{ go_tarball }}" + dest: "{{ go_install_dir }}" + remote_src: true + when: not go_installed.stat.exists + tags: devtools + +- name: Ajouter Go au PATH global + ansible.builtin.copy: + dest: /etc/profile.d/go.sh + mode: '0755' + content: | + export PATH=$PATH:/usr/local/go/bin + tags: devtools diff --git a/roles/devtools/vars/main.yml b/roles/devtools/vars/main.yml new file mode 100644 index 0000000..3e5e16f --- /dev/null +++ b/roles/devtools/vars/main.yml @@ -0,0 +1,9 @@ +--- +tabby_version: "1.0.215" +tabby_deb_url: "https://github.com/Eugeny/tabby/releases/download/v{{ tabby_version }}/tabby-{{ tabby_version }}-linux-x64.deb" + +go_version: "1.22.1" +go_arch: "amd64" +go_tarball: "go{{ go_version }}.linux-{{ go_arch }}.tar.gz" +go_url: "https://go.dev/dl/{{ go_tarball }}" +go_install_dir: /usr/local \ No newline at end of file diff --git a/roles/discord/tasks/main.yml b/roles/discord/tasks/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml new file mode 100644 index 0000000..37e0cff --- /dev/null +++ b/roles/docker/tasks/main.yml @@ -0,0 +1,19 @@ +--- +- name: Installer Docker + ansible.builtin.apt: + name: + - docker.io + - docker-compose + state: present + +- name: Activer Docker + ansible.builtin.service: + name: docker + state: started + enabled: true + +- name: Ajouter l'utilisateur au groupe docker + ansible.builtin.user: + name: "{{ ansible_user }}" + groups: docker + append: true diff --git a/roles/element/tasks/main.yml b/roles/element/tasks/main.yml new file mode 100644 index 0000000..fa9fbb5 --- /dev/null +++ b/roles/element/tasks/main.yml @@ -0,0 +1,13 @@ +--- +- name: Télécharger Element Desktop + ansible.builtin.get_url: + url: "{{ element_deb_url }}" + dest: /tmp/element-desktop.deb + mode: '0644' + tags: element + +- name: Installer Element Desktop + ansible.builtin.apt: + deb: /tmp/element-desktop.deb + state: present + tags: element \ No newline at end of file diff --git a/roles/element/vars/main.yml b/roles/element/vars/main.yml new file mode 100644 index 0000000..e2b169f --- /dev/null +++ b/roles/element/vars/main.yml @@ -0,0 +1,3 @@ +--- +element_version: "1.11.73" +element_deb_url: "https://packages.element.io/debian/pool/main/e/element-desktop/element-desktop_{{ element_version }}_amd64.deb" diff --git a/roles/freetube/tasks/main.yml b/roles/freetube/tasks/main.yml new file mode 100644 index 0000000..cd66730 --- /dev/null +++ b/roles/freetube/tasks/main.yml @@ -0,0 +1,20 @@ +--- +- name: Vérifier que le système est Debian + ansible.builtin.assert: + that: + - ansible_facts['distribution'] == "Debian" + fail_msg: "Ce rôle est prévu uniquement pour Debian" + tags: freetube + +- name: Télécharger le paquet FreeTube + ansible.builtin.get_url: + url: https://github.com/FreeTubeApp/FreeTube/releases/download/v0.23.15-beta/freetube_0.23.15_beta_amd64.deb + dest: /tmp/freetube.deb + mode: '0644' + tags: freetube + +- name: Installer le paquet FreeTube + ansible.builtin.apt: + deb: /tmp/freetube.deb + state: present + tags: freetube \ No newline at end of file diff --git a/roles/ollama/defaults/main.yml b/roles/ollama/defaults/main.yml new file mode 100644 index 0000000..a054341 --- /dev/null +++ b/roles/ollama/defaults/main.yml @@ -0,0 +1,5 @@ +--- +ollama_install_script: https://ollama.com/install.sh +ollama_models: [] +ollama_service_name: ollama +ollama_bin: /usr/local/bin/ollama diff --git a/roles/ollama/handlers/main.yml b/roles/ollama/handlers/main.yml new file mode 100644 index 0000000..f37b189 --- /dev/null +++ b/roles/ollama/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: Restart Ollama + ansible.builtin.systemd: + name: ollama + state: restarted \ No newline at end of file diff --git a/roles/ollama/tasks/install.yml b/roles/ollama/tasks/install.yml new file mode 100644 index 0000000..8daeeac --- /dev/null +++ b/roles/ollama/tasks/install.yml @@ -0,0 +1,41 @@ +--- +- name: Vérifier que le système est Linux + assert: + that: + - ansible_facts.system == "Linux" + fail_msg: "Ollama est uniquement supporté sur Linux" + tags: ollama + +- name: Vérifier si Ollama est déjà installé + ansible.builtin.stat: + path: "{{ ollama_bin }}" + register: ollama_bin_stat + tags: ollama + +- name: Installer curl (prérequis) + ansible.builtin.apt: + name: curl + state: present + update_cache: yes + tags: ollama + +- name: Télécharger le script d’installation Ollama + ansible.builtin.get_url: + url: "{{ ollama_install_script }}" + dest: /tmp/ollama_install.sh + mode: '0755' + when: not ollama_bin_stat.stat.exists + tags: ollama + +- name: Installer Ollama + ansible.builtin.command: /tmp/ollama_install.sh + when: not ollama_bin_stat.stat.exists + notify: Restart Ollama + tags: ollama + +- name: Activer et démarrer le service Ollama + ansible.builtin.systemd: + name: "{{ ollama_service_name }}" + enabled: yes + state: started + tags: ollama diff --git a/roles/ollama/tasks/main.yml b/roles/ollama/tasks/main.yml new file mode 100644 index 0000000..7a9c6a9 --- /dev/null +++ b/roles/ollama/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- import_tasks: install.yml + tags: ollama + +- import_tasks: models.yml + tags: ollama diff --git a/roles/ollama/tasks/models.yml b/roles/ollama/tasks/models.yml new file mode 100644 index 0000000..5f2888e --- /dev/null +++ b/roles/ollama/tasks/models.yml @@ -0,0 +1,6 @@ +- name: Pull ollama models + become: true + command: > + {{ ollama_bin }} pull {{ item.name }} + loop: "{{ ollama_models }}" + tags: ollama \ No newline at end of file diff --git a/roles/steam/tasks/main.yml b/roles/steam/tasks/main.yml new file mode 100644 index 0000000..31ffe03 --- /dev/null +++ b/roles/steam/tasks/main.yml @@ -0,0 +1,24 @@ +--- +- name: Vérifier que le système est Debian + ansible.builtin.assert: + that: + - ansible_facts['distribution'] == "Debian" + fail_msg: "Ce rôle est prévu uniquement pour Debian" + tags: steam + +- name: Ajouter l’architecture i386 + ansible.builtin.command: dpkg --add-architecture i386 + register: add_i386 + changed_when: add_i386.rc == 0 + tags: steam + +- name: Mettre à jour le cache APT + ansible.builtin.apt: + update_cache: yes + tags: steam + +- name: Installer Steam + ansible.builtin.apt: + name: steam + state: present + tags: steam \ No newline at end of file diff --git a/roles/virtualbox/defaults/main.yml b/roles/virtualbox/defaults/main.yml new file mode 100644 index 0000000..9ba8e52 --- /dev/null +++ b/roles/virtualbox/defaults/main.yml @@ -0,0 +1,5 @@ +--- +virtualbox_version: "7.0" +virtualbox_package: "virtualbox-{{ virtualbox_version }}" +virtualbox_repo_key_url: "https://www.virtualbox.org/download/oracle_vbox_2016.asc" +virtualbox_repo_url: "deb [arch=amd64] https://download.virtualbox.org/virtualbox/debian trixie contrib" diff --git a/roles/virtualbox/tasks/main.yml b/roles/virtualbox/tasks/main.yml new file mode 100644 index 0000000..a31b70e --- /dev/null +++ b/roles/virtualbox/tasks/main.yml @@ -0,0 +1,70 @@ +--- +- name: Install prerequisites + apt: + name: + - apt-transport-https + - ca-certificates + - gnupg + - lsb-release + - dkms + - build-essential + state: present + update_cache: yes + +- name: Disable KVM modules if present + block: + - name: Check if kvm modules are loaded + shell: | + lsmod | grep -E 'kvm_intel|kvm_amd|kvm' || true + register: kvm_modules + changed_when: false + + - name: Blacklist KVM modules + copy: + dest: /etc/modprobe.d/disable-kvm.conf + content: | + # Disabled for VirtualBox compatibility + blacklist kvm + blacklist kvm_intel + blacklist kvm_amd + when: kvm_modules.stdout != "" + + - name: Remove loaded KVM modules immediately + shell: | + rmmod kvm_intel || true + rmmod kvm_amd || true + rmmod kvm || true + when: kvm_modules.stdout != "" + ignore_errors: yes + +- name: Télécharger et convertir la clé GPG de VirtualBox + ansible.builtin.shell: + cmd: curl -fsSL {{ virtualbox_repo_key_url }} | gpg --dearmor -o /usr/share/keyrings/virtualbox.gpg + creates: /usr/share/keyrings/virtualbox.gpg + +- name: Add VirtualBox apt repository + ansible.builtin.apt_repository: + repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/virtualbox.gpg] {{ virtualbox_repo_url }}" + state: present + filename: virtualbox + update_cache: no + +- name: Update apt cache + apt: + update_cache: yes + +- name: Install VirtualBox + apt: + name: "{{ virtualbox_package }}" + state: present + +- name: Ensure vboxdrv is loaded + command: /sbin/vboxconfig + register: vboxconfig + changed_when: "'done' in vboxconfig.stdout" + +- name: Add user to vboxusers group + user: + name: "{{ ansible_user }}" + groups: vboxusers + append: yes diff --git a/roles/vlc/tasks/main.yml b/roles/vlc/tasks/main.yml new file mode 100644 index 0000000..18a89b1 --- /dev/null +++ b/roles/vlc/tasks/main.yml @@ -0,0 +1,18 @@ +--- +- name: Vérifier que le système est Debian + ansible.builtin.assert: + that: + - ansible_facts['distribution'] == "Debian" + fail_msg: "Ce rôle est prévu uniquement pour Debian" + tags: steam + +- name: Mettre à jour le cache APT + ansible.builtin.apt: + update_cache: yes + tags: vlc + +- name: Installer VLC + ansible.builtin.apt: + name: vlc + state: present + tags: vlc \ No newline at end of file diff --git a/roles/wine/defaults/main.yml b/roles/wine/defaults/main.yml new file mode 100644 index 0000000..2518b33 --- /dev/null +++ b/roles/wine/defaults/main.yml @@ -0,0 +1,6 @@ +--- +winehq_repo_url: https://dl.winehq.org/wine-builds/debian/dists/trixie/winehq-trixie.sources +winehq_key_url: https://dl.winehq.org/wine-builds/winehq.key +winehq_keyring: /etc/apt/keyrings/winehq-archive.key +winehq_packages: + - winehq-stable \ No newline at end of file diff --git a/roles/wine/tasks/main.yml b/roles/wine/tasks/main.yml new file mode 100644 index 0000000..c06ad14 --- /dev/null +++ b/roles/wine/tasks/main.yml @@ -0,0 +1,55 @@ +--- +- name: Vérifier que le système est Debian + ansible.builtin.assert: + that: + - ansible_facts['distribution'] == "Debian" + fail_msg: "Ce rôle est prévu uniquement pour Debian" + tags: wine + +- name: Ajouter l’architecture i386 + ansible.builtin.command: dpkg --add-architecture i386 + register: add_i386 + changed_when: add_i386.rc == 0 + tags: wine + +- name: Créer le dossier keyrings + ansible.builtin.file: + path: /etc/apt/keyrings + state: directory + mode: '0755' + tags: wine + +- name: Télécharger et installer la clé WineHQ + ansible.builtin.get_url: + url: "{{ winehq_key_url }}" + dest: /tmp/winehq.key + mode: '0644' + tags: wine + +- name: Convertir la clé en keyring GPG + ansible.builtin.command: > + gpg --dearmor + -o {{ winehq_keyring }} + /tmp/winehq.key + args: + creates: "{{ winehq_keyring }}" + tags: wine + +- name: Ajouter le dépôt WineHQ + ansible.builtin.get_url: + url: "{{ winehq_repo_url }}" + dest: /etc/apt/sources.list.d/winehq-trixie.sources + mode: '0644' + tags: wine + +- name: Mettre à jour le cache APT + ansible.builtin.apt: + update_cache: yes + tags: wine + +- name: Installer WineHQ Stable (avec recommandations) + ansible.builtin.apt: + name: "{{ winehq_packages }}" + state: present + install_recommends: yes + tags: wine diff --git a/settings.yml b/settings.yml new file mode 100644 index 0000000..81c8269 --- /dev/null +++ b/settings.yml @@ -0,0 +1,16 @@ +vms: + - name: "server-1" + hostname: "server-1" + ip: "192.168.60.2" + memory: 1024 + +box: +# via Vagrant cloud registry + name: "garagenum/debian-13" +# Via garagenum registry +# url: "https://git.legaragenumerique.fr/GARAGENUM/vagrant-boxes/raw/main/debian-13/debian-13-3-3.box" + + +provider: + type: "virtualbox" + # linked_clone: false \ No newline at end of file