ansible-machine-setup/roles/user-account/tasks/main.yaml

---
- name: setup user account
  user:
    name: "{{ username }}"
    password: "{{ password }}"
    create_home: yes
    state: present
    update_password: always
  register: account

- name: ensure .ssh exists
  become_user: "{{ account.name }}"
  file:
    path: "/home/{{ account.name }}/.ssh"
    state: directory
    mode: "0700"

- name: copy ssh key
  become_user: "{{ account.name }}"
  copy:
    src: "ssh/"
    dest: "/home/{{ account.name }}/.ssh/"
    mode: "0600"

- name: ensure .gnupg exists
  become_user: "{{ account.name }}"
  file:
    path: "/home/{{ account.name }}/.gnupg"
    state: directory
    mode: "0700"

- name: copy gpg keys
  become_user: "{{ account.name }}"
  copy:
    src: "gnupg/"
    dest: "/home/{{ account.name }}/.gnupg/"
    mode: "0600"

- name: set gpg-agent pinentry-program
  become_user: "{{ account.name }}"
  lineinfile:
    path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"
    regexp: "^pinentry-program "
    line: "pinentry-program /usr/bin/pinentry-gtk-2"
    mode: 0644
    create: yes

- name: set gpg-agent max-cache-ttl
  become_user: "{{ account.name }}"
  lineinfile:
    path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"
    regexp: "^max-cache-ttl "
    line: "max-cache-ttl 60480000"

- name: set gpg-agent default-cache-ttl
  become_user: "{{ account.name }}"
  lineinfile:
    path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"
    regexp: "^default-cache-ttl "
    line: "default-cache-ttl 60480000"

- name: setup xprofile
  become_user: "{{ account.name }}"
  lineinfile:
    path: "/home/{{ account.name }}/.xprofile"
    regexp: "^xsetroot "
    line: 'xsetroot -solid "#000000"'
    mode: 0644
    create: yes

- name: install user icon
  become_user: "{{ account.name }}"
  copy:
    src: face.icon
    dest: "/home/{{ account.name }}/.face.icon"
    mode: "0644"

- name: grant sddm read permission to home
  acl:
    path: "/home/{{ account.name }}/"
    entity: sddm
    etype: user
    permissions: x
    state: present

- name: grant sddm read permission user icon
  acl:
    path: "/home/{{ account.name }}/.face.icon"
    entity: sddm
    etype: user
    permissions: r
    state: present

- name: ensure i3 config-dir exists
  become_user: "{{ account.name }}"
  file:
    path: "/home/{{ account.name }}/.config/i3"
    state: directory
    mode: "0700"

- name: install i3 config
  become_user: "{{ account.name }}"
  copy:
    src: i3/config
    dest: "/home/{{ account.name }}/.config/i3/config"
    mode: "0644"
    force: no

- name: ensure i3status config-dir exists
  become_user: "{{ account.name }}"
  file:
    path: "/home/{{ account.name }}/.config/i3status"
    state: directory
    mode: "0700"

- name: install i3status config
  become_user: "{{ account.name }}"
  copy:
    src: i3status/config
    dest: "/home/{{ account.name }}/.config/i3status/config"
    mode: "0644"
    force: yes

- name: configure i3lock
  become_user: "{{ account.name }}"
  lineinfile:
    path: "/home/{{ account.name }}/.config/i3/config"
    regexp: "xautolock"
    line: "exec --no-startup-id xautolock -time 20 -locker 'i3lock-fancy-multimonitor --no-text --blur=0x6' &"
Started to split tasks into roles 2020-05-31 10:17:10 +00:00			`---`
			`- name: setup user account`
			`user:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`name: "{{ username }}"`
			`password: "{{ password }}"`
			`create_home: yes`
			`state: present`
			`update_password: always`
Started to split tasks into roles 2020-05-31 10:17:10 +00:00			`register: account`
Copy ssh key from windows user 2020-11-11 13:39:50 +00:00
			`- name: ensure .ssh exists`
			`become_user: "{{ account.name }}"`
			`file:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`path: "/home/{{ account.name }}/.ssh"`
			`state: directory`
			`mode: "0700"`
Copy ssh key from windows user 2020-11-11 13:39:50 +00:00
			`- name: copy ssh key`
			`become_user: "{{ account.name }}"`
			`copy:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`src: "ssh/"`
			`dest: "/home/{{ account.name }}/.ssh/"`
			`mode: "0600"`
Updated arch config 2021-01-28 13:27:05 +00:00
			`- name: ensure .gnupg exists`
			`become_user: "{{ account.name }}"`
			`file:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`path: "/home/{{ account.name }}/.gnupg"`
			`state: directory`
			`mode: "0700"`
Updated arch config 2021-01-28 13:27:05 +00:00
			`- name: copy gpg keys`
			`become_user: "{{ account.name }}"`
			`copy:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`src: "gnupg/"`
			`dest: "/home/{{ account.name }}/.gnupg/"`
			`mode: "0600"`
Setup gpg-agent 2021-02-07 13:08:17 +00:00
			`- name: set gpg-agent pinentry-program`
			`become_user: "{{ account.name }}"`
			`lineinfile:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"`
			`regexp: "^pinentry-program "`
			`line: "pinentry-program /usr/bin/pinentry-gtk-2"`
			`mode: 0644`
			`create: yes`
Setup gpg-agent 2021-02-07 13:08:17 +00:00
			`- name: set gpg-agent max-cache-ttl`
			`become_user: "{{ account.name }}"`
			`lineinfile:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"`
			`regexp: "^max-cache-ttl "`
			`line: "max-cache-ttl 60480000"`
Setup gpg-agent 2021-02-07 13:08:17 +00:00
			`- name: set gpg-agent default-cache-ttl`
			`become_user: "{{ account.name }}"`
			`lineinfile:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`path: "/home/{{ account.name }}/.gnupg/gpg-agent.conf"`
			`regexp: "^default-cache-ttl "`
			`line: "default-cache-ttl 60480000"`
Setup gpg-agent 2021-02-07 13:08:17 +00:00
Set black background in X 2021-02-07 13:16:12 +00:00			`- name: setup xprofile`
			`become_user: "{{ account.name }}"`
			`lineinfile:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`path: "/home/{{ account.name }}/.xprofile"`
			`regexp: "^xsetroot "`
			`line: 'xsetroot -solid "#000000"'`
			`mode: 0644`
			`create: yes`
Set black background in X 2021-02-07 13:16:12 +00:00
Added sddm face icon 2021-02-15 15:54:09 +00:00			`- name: install user icon`
			`become_user: "{{ account.name }}"`
			`copy:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`src: face.icon`
			`dest: "/home/{{ account.name }}/.face.icon"`
			`mode: "0644"`
Set black background in X 2021-02-07 13:16:12 +00:00
Added sddm face icon 2021-02-15 15:54:09 +00:00			`- name: grant sddm read permission to home`
			`acl:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`path: "/home/{{ account.name }}/"`
			`entity: sddm`
			`etype: user`
			`permissions: x`
			`state: present`
Added sddm face icon 2021-02-15 15:54:09 +00:00
			`- name: grant sddm read permission user icon`
			`acl:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`path: "/home/{{ account.name }}/.face.icon"`
			`entity: sddm`
			`etype: user`
			`permissions: r`
			`state: present`
Install i3status config 2021-02-15 16:03:40 +00:00
Moved i3 config file setup to user-account role 2021-03-06 15:08:44 +00:00			`- name: ensure i3 config-dir exists`
			`become_user: "{{ account.name }}"`
			`file:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`path: "/home/{{ account.name }}/.config/i3"`
			`state: directory`
			`mode: "0700"`
Moved i3 config file setup to user-account role 2021-03-06 15:08:44 +00:00
			`- name: install i3 config`
			`become_user: "{{ account.name }}"`
			`copy:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`src: i3/config`
			`dest: "/home/{{ account.name }}/.config/i3/config"`
			`mode: "0644"`
			`force: no`
Moved i3 config file setup to user-account role 2021-03-06 15:08:44 +00:00
Install i3status config 2021-02-15 16:03:40 +00:00			`- name: ensure i3status config-dir exists`
			`become_user: "{{ account.name }}"`
			`file:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`path: "/home/{{ account.name }}/.config/i3status"`
			`state: directory`
			`mode: "0700"`
Install i3status config 2021-02-15 16:03:40 +00:00
			`- name: install i3status config`
			`become_user: "{{ account.name }}"`
			`copy:`
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`src: i3status/config`
			`dest: "/home/{{ account.name }}/.config/i3status/config"`
			`mode: "0644"`
			`force: yes`
Install i3status config 2021-02-15 16:03:40 +00:00
Added i3lock-fancy-multimonitor (AUR) 2021-03-17 06:47:31 +00:00			`- name: configure i3lock`
			`become_user: "{{ account.name }}"`
			`lineinfile:`
			`path: "/home/{{ account.name }}/.config/i3/config"`
			`regexp: "xautolock"`
			`line: "exec --no-startup-id xautolock -time 20 -locker 'i3lock-fancy-multimonitor --no-text --blur=0x6' &"`