Skip to content

An Ansible playbook for configuring Fedora Linux desktops, laptops, or VM's

Notifications You must be signed in to change notification settings

ualbertalib/FedoraDesktop

Repository files navigation

UAL toolkit for configuring a freshly-installed Fedora Desktop (or laptop, or VM)

  • Fedora releases new versions every 6 months. Rebuilding and re-customizing your desktop frequently can be a pain.
  • Neil built this to ease the pain, by automating a lot of the work
  • This is only tested for Fedora 37 - it probably won't work for any other version (but, I've tried to make porting easy)

My assumptions for a desktop/laptop at UAL:

  • I work with a lot of git repos. I keep them all in a flat directory, ~/dev/.
  • It's going to help if your AD userid == local unix userid == CCID

Updating?

  • This repo assumes that you will nuke-and-pave the OS, then use this to recreate your desired configuration afresh. If you're doing something else, this might not work for you.
  • Before nuke-and-pave, know that this repo is missing key elements
    • backups (esp. of your home dir)
    • backups: your ~/.ssh/ (private keys)
    • backups: your ~/.config/
    • backups: your ~/.gitconfig/
    • backups: your ~/.vimrc/ (if you're a vim fan)
    • Engage brain! What else is on that HD that you'll want right after you nuke it?

Step 1: Perform OS install

  • Use the Workstation-Live ISO
  • Perform fresh OS install & reboot (get the right time zone)
  • At "firstboot",
    • please set the root password (security!) & don't enable remote login by root
    • enable the optional repositories
    • set up your personal account
  • Install all the latest patches with: sudo dnf update -y (or use the "software" GUI) and reboot

Step 2: Get a copy of the toolkit

  • On the freshly installed VM, logged in with your personal userid...
  • Install git; sudo dnf install git
  • Clone this repo, I suggest: mkdir ~/dev/; cd ~/dev; git clone https://github.com/ualbertalib/FedoraDesktop.git; cd FedoraDesktop (It's public, you shouldn't need any keys)

Step 3: Personalize the toolkit

  • Add your SSH key files into the tree
    • If this is your first time, generate a new keypair; otherwise, copy existing files to this machine; if you generate new, consider how you'll back these up!
    • cp ~/.ssh/id* ~/dev/FedoraDesktop/roles/desktop/files/ # Neil, this is redundant
    • (you must not commit them to this repo; .gitignore is set up to ignore these files)
  • Edit roles/desktop/files/authorized_keys, adding the public key(s) you want to use for remotely logging into your desktop
  • roles/desktop/vars/main-template.yml is unencrypted, but we'll use it to create a place where you should put your passwords
    • cd roles/desktop/vars
    • cp main-template.yml main.yml
    • ansible-vault encrypt main.yml --> it will prompt you twice for a password
    • ansible-vault edit main.yml --> it wants the password now. Add your passwords!
    • It's worth saying: you must not commit these credentials!
  • This file: inventory.template
    • Make your own copy you can edit: cp inventory.template inventory
    • You should edit "inventory" & make sure the canonical hostname of this VM is the only entry in the [desktop] group
    • Fill out the variables found there! I'm not kidding ! This step is very important! (set your userid)

Step 4: The main event - Use scripts and Ansible to configure the desktop

  • run the prepNewDesktop4Ansible.sh script, directly on the fresh OS
  • Run the playbook that will configure the machine, ready to be your desktop:

ansible-playbook desktop.yml -i inventory --ask-vault-pass # wants password for decryption

About

An Ansible playbook for configuring Fedora Linux desktops, laptops, or VM's

Topics

Resources

Stars

Watchers

Forks