Skip to content

Latest commit

 

History

History
124 lines (86 loc) · 4.36 KB

README.adoc

File metadata and controls

124 lines (86 loc) · 4.36 KB

devbox

This project is designed to automate the whole configuration of your dev machine using Ansible.

I have tried to make the project reusable. So, if you like that idea and would like to customize it for your needs please read below.

ℹ️
All this is absolutely working on my machine (I use it everyday), but is still in early stage for potential reuse. So I would absolutely love any kind of feedback. Or if you want to propose a change to make reusing this project simple(r), I’m all ears! You can also ping me on Twitter.

Code Organization

The features are split into generally small roles (see roles directory for currently existing roles).

I organized the roles this way for at least two reasons:

  • ease & clarify what each role is and should be doing

  • try and make easier for other people to reuse

How to reuse?

See the playbook.yml for reference. You can easily clone this repository and start creating or customizing your own playbook.yml file. Remove or create roles to fit your needs.

Features

  • Dynamically configures proxy settings (dnf, docker)

  • For example, installs and configures :

    • some basic packages (zsh…​)

    • Docker- (docker-engine, docker-compose, docker-machine), dynamic authenticated proxy configuration, etc.

    • Atom, SublimeText 3

    • Java, Go, maven

    • tmux

    • Git, Svn, mercurial…​

    • …​

Current prerequisites

  • Fedora 22 (but open to support other flavours)

  • Ansible (currently tested on 1.9.2)

Install & Configure it

Get the code source :

$ git clone <REPO_URL> /local/path

Sensitive data and variables are located in "vaulted" files inside the roles/_base/vars directory.

If you want to reuse this, you must override existing vaulted files with your own data and "vault" them with your own password.

$ rm -rf vars/

By default, resetenv script will search a file named .vault-password containing your password and use it to "unvault" your data. You need to create it :

$ echo "yourP@ssw0rd" > .vault-password

Configure common variables

See roles/_base/common-vars.yml

Configure Work/sensitive specific variables

$ ansible-vault create vars/work-vars.yml.vault

Example of work-vars.yml.vault file content :

---
user:
  name: tiste
  fullName: Baptiste Mathus
  email: work-email@company.fr
  home: /home/tiste
docker_internal_registry: "my-internal-docker-registry.hostname"
proxy:
  host: $workProxyHost
  port: $workProxyPort
  user: $workProxyUsername
  password: $workProxyPassword
proxy_env:
  http_proxy: 'http://{{ proxy.user }}:{{ proxy.password }}@{{ proxy.host }}:{{ proxy.port }}'
  https_proxy: 'http://{{ proxy.user }}:{{ proxy.password }}@{{ proxy.host }}:{{ proxy.port }}'
  no_proxy: '127.0.0.1,$internalDockerRegistryHostname'
⚠️
You need to replace all $variables by your specific values

Run it !

🔥
Make sure that you have read all actions made by this playbook and saved all files than could be overriden or removed (zshrc, docker config files, etc) before run it on a non "config-managed" environment.
$ ./resetenv
💡
resetenv helper shell script is added in your PATH after provisioning (see zshrc template file). With a fresh new terminal, you can run it anywhere. This command is even also simply aliased r.
💡
You can add any ansible-playbook options to resetenv shell script. Example: resetenv -t fast for a fast and basic reconfiguration (e.g. using fast tag).

TODO

  • find a more elegant way to manage "vaulted" files, specific to each users

  • externalize list of basic packages to customize it per environment/user

  • manage SSH private/public key (vaulted)

  • manage home/work Maven settings

  • parameterize some roles if needed (e.g. be able to ask for docker roles, but without docker-compose for example)

  • Extract vars directory from subrole(s). IMO does not make sense to have custom user configuration inside the role directory itself.

References

ℹ️
We started our projects separately, then I reused Michael’s and contributed to it. We finally decided to let our clones diverge to experiment.