feat: start collectd role

README.md

@@ -1,3 +1,5 @@
-# Ansible Molecule Vagrant - test
+# Deploying my computers
 
-## 2021-12-22:
+## Combava
+
+    sudo ANSIBLE_STDOUT_CALLBACK=yaml ansible-playbook combava.yml --ask-vault-pass

combava.yml

@@ -4,18 +4,30 @@
   become: true
   vars_files:
     - vars/users.yml
-  vars:
+    - vars/combava.yml
-    users:
-      - "{{ me }}"
-      - "{{ admin }}"
   pre_tasks:
     - name: update pacman cache
       community.general.pacman:
         update_cache: yes
-  roles:
+
-    - arch_aur
+  tasks:
-    - core
+    - name: Set up aur env
-    - workstation
+      include_role: 
-    - users
+        name: arch_aur
-    - dotfiles
+
-      #- gnome
+    - name: Install core packages
+      include_role: 
+        name: core
+
+    - name: Set up workstation
+      include_role: 
+        name: workstation
+
+    - name: Include user
+      include_role:
+        name: "user"
+      loop:
+        - "{{ me }}"
+        - "{{ admin }}"
+      loop_control:
+        loop_var: user

home.yml

@@ -0,0 +1,16 @@
+---
+- name: backup
+  hosts: backup
+  vars_files:
+    - vars/backup.yml
+    - vars/backup_secret.yml
+
+  tasks:
+    - name: NFS shares client
+      include_role: 
+        name: nfs_client
+
+    - name: Set up borgmatic
+      include_role: 
+        name: borgmatic
+

inventories/home.ini

@@ -0,0 +1,2 @@
+[backup]
+ChouxBackupVM

roles/.vagrant/bundler/global.sol

@@ -1 +0,0 @@
-{"dependencies":[["racc",["~> 1.4"]],["nokogiri",["~> 1.6"]],["rexml",[">= 0"]],["formatador",["~> 0.2"]],["excon",["~> 0.71"]],["mime-types-data",["~> 3.2015"]],["mime-types",[">= 0"]],["builder",[">= 0"]],["fog-core",["~> 2.1"]],["json",[">= 0"]],["ruby-libvirt",[">= 0.7.0"]],["fog-xml",["~> 0.1.1"]],["multi_json",["~> 1.10"]],["fog-json",[">= 0"]],["fog-libvirt",[">= 0.6.0"]],["vagrant-libvirt",["= 0.7.0"]]],"checksum":"8fb75bcc7ceadece358816f104fd6957b12a29b3415d84307b15e0266c9c38e6","vagrant_version":"2.2.19"}

roles/.vagrant/machines/default/virtualbox/action_provision

@@ -1 +0,0 @@
-1.5:88d04ce1-4b15-4a61-9633-872ba9382671

roles/.vagrant/machines/default/virtualbox/action_set_name

@@ -1 +0,0 @@
-1641372873

roles/.vagrant/machines/default/virtualbox/box_meta

@@ -1 +0,0 @@
-{"name":"archlinux/archlinux","version":"20211201.40458","provider":"virtualbox","directory":"boxes/archlinux-VAGRANTSLASH-archlinux/20211201.40458/virtualbox"}

roles/.vagrant/machines/default/virtualbox/creator_uid

@@ -1 +0,0 @@
-1000

roles/.vagrant/machines/default/virtualbox/id

@@ -1 +0,0 @@
-88d04ce1-4b15-4a61-9633-872ba9382671

roles/.vagrant/machines/default/virtualbox/index_uuid

@@ -1 +0,0 @@
-6de8af4689ef4d91bedd37146eaa50e7

roles/.vagrant/machines/default/virtualbox/private_key

@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEA4c9PfVN1TDwLYPPo0jhpVCNN0Sgencxm4O2QiUwH5Evl4R9q
-m3t9n8kfGrvT3AzMxt91HB9NgfdxU9k30t5Bk43yeSyCdAFBKvBCFG6QYq7ZoEVh
-BSrsIvr1TSjmlAjdlPjWJ+fRiZd6aM4HPHbEhXUQ0M5GQvTUw8uM25HdMp+IUFDf
-wsflqwSX4Ap3oMteY7+Url0b1UsbiTdWevaim1ujuTECWU5Z4KNHn29YteTxujUT
-uk7+tpEmU7/1F8jvzxHLxrj25XS0/HwhXhSCQ36vNiOZPakBvLM8b/Qf9LQRKm3T
-XhE3vtk8ijTX7yj5BOXVmsy0fIrqwCUzW/PPwQIDAQABAoIBAASXx+EfsnITgpO9
-Qk4MUbAha7LGYyEIiEso6dixEDQHiyxyDCQPdfWrDJPpoByIsh2Va/dfd58eHlL7
-RxRl6uWKbJUkX57ma6Ho8x8hRJSNQ+Xro1aMkfMAMb8ZBt+Z8o/WI9z57RwkVZwO
-HL2RGNwyDl6A45L3EeDNohbRN7OQ21QBLyHCjpvyo+l7HeLzmlvmo/BjBN0SG+mF
-ofFBF38V2PQG3pZbcay7PtjD7MpEKYGPVlwmajMEZzU0Gponun2zXVspbzRAw8tq
-Dw1Eu9gjLLEfexaYSTrJBr6hghtxDr/AvlJnUMfzKxhAMkfBdzsSf1GLZoImQc8L
-fTAOZvECgYEA/oSx99jo9v8OdxGC97+wtYE85guH0VZX+14jcjhSyYNT6gxKWolK
-KfbyJ6JTaHaSR6AZXeLmPk6ELZf7yT67VCz7Q4uF+2y2BThy2yQEACifocLDAuNw
-E0KQ/alVnxQGGy3MdqgZjc3zKNtYnfP9EbgIKYtSBBX5xbLvcN+pIC0CgYEA4x/U
-2F5PySAaQpV8Skjoebx8Lus+Sw4H3sAxww7HzxLHYb3V1FL8sO93+cTiBnz6wAyA
-vjKs3I314fSNeZPaNP9CTuZaqnzIqfhNK3gjHX8d4pEcj87qaukWnt2dyRjq/tuA
-5ES6jp6FFYXl60AqXqaaw6yg5X4KuBo2Sor3VmUCgYEA8mzD8vYZWAIy7fixDXf5
-Qbjan6eF8z/Rx6ywCIBbYnODfx+7xqaUDIqZtmSoG40s4ao93y5a7iftQFxOSC5H
-UfMSVRDVSlkOusQ8qjyQzvHisroG835c5wt1fRdIZaA1/LdP1AljZa0wGc9rhe+7
-MaBfrep08U1ZPhSkepeeyPUCgYB8y7697IRWdMc5Er4qawkh6skpVqTxxJHaeSxe
-iz6KrzzSneZiNf8WkV4Q5Xd0LTPyVmxfFaUZwv752s/pn63kNOWQSM5Eoy/3BLIS
-Un6o9HHNTgKtmfoAKHb/b7IFDyYAR0f5JTKEruFdRCdjLeyZ+V1Maww1TR5CrlRq
-fRUOaQKBgQCGrP7IZ1mK/CR/vOW3Uq4J6q4/PgvKEnUDbIARUVA8ACMklELjcGNH
-oiFc/gaQSS9u1typz2OpqCZZuA7kuPjD4B7okfrYOjJtNRfaaAe0eVkZ06IhfxgM
-4T8xIVSuP78ZoPmfXKFoHU1vEgWiQ5YpSe18t+4IrmozRHS+QuCK+A==
------END RSA PRIVATE KEY-----

roles/.vagrant/machines/default/virtualbox/synced_folders

@@ -1 +0,0 @@
-{"virtualbox":{"/vagrant":{"guestpath":"/vagrant","hostpath":"/media/documents/scripts/test_ansible/roles","disabled":false,"__vagrantfile":true}}}

roles/.vagrant/machines/default/virtualbox/vagrant_cwd

@@ -1 +0,0 @@
-/media/documents/scripts/test_ansible/roles

roles/.vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory

@@ -1,3 +0,0 @@
-# Generated by Vagrant
-
-default ansible_host=127.0.0.1 ansible_port=2222 ansible_user='vagrant' ansible_ssh_private_key_file='/media/documents/scripts/test_ansible/roles/.vagrant/machines/default/virtualbox/private_key'

roles/.vagrant/rgloader/loader.rb

@@ -1,9 +0,0 @@
-# This file loads the proper rgloader/loader.rb file that comes packaged
-# with Vagrant so that encoded files can properly run with Vagrant.
-
-if ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"]
-  require File.expand_path(
-    "rgloader/loader", ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"])
-else
-  raise "Encoded files can't be read outside of the Vagrant installer."
-end

roles/arch_aur/tasks/main.yml

@@ -16,20 +16,13 @@
     create: yes
     validate: 'visudo -cf %s'
 
-- name: Install base-devel
+- name: Install base-devel and cmake
   community.general.pacman:
-    name: base-devel
+    name: 
+      - base-devel
+      - cmake
     state: present
 
-      # - name: Git clone ansible-aur
-      #   git:
-      #     repo: https://github.com/kewlfft/ansible-aur.git
-      #     dest: ~/.ansible/plugins/modules/aur
-      #     version: master
-      #     accept_hostkey: yes
-      #   become: yes
-      #   become_user: aur_builder
-
 - name: Install Yay
   aur:
     name: yay

roles/borgmatic/README.md

@@ -0,0 +1,28 @@
+Borgmatic
+=========
+
+Deploy borgmatic and configure it.
+
+
+Role Variables
+--------------
+
+Available variables are listed below, along with default values (see defaults/main.yml):
+
+    borg_source_directories # list of folder to backup
+    borg_repository # list of repositories
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+

roles/borgmatic/defaults/main.yml

@@ -0,0 +1,35 @@
+---
+# defaults file for borgmatic
+borgmatic_name: default
+borg_encryption_passphrase: ''
+borg_source_directories: []
+borg_repository: []
+borg_exclude_patterns: []
+borgmatic_config_file: "/etc/borgmatic/{{ borgmatic_name }}.yaml"
+borgmatic_large_repo: true
+borgmatic_hooks:
+  on_error:
+  - echo "`date` - Error while creating a backup."
+  before_backup:
+  - echo "`date` - Starting backup."
+  after_backup:
+  - echo "`date` - Finished backup."
+borgmatic_checks:
+  - repository
+borgmatic_check_last: 3
+borgmatic_store_atime: true
+borgmatic_store_ctime: true
+borgmatic_relocated_repo_access_is_ok: false
+borg_one_file_system: true
+borg_exclude_from: []
+borg_encryption_passcommand: false
+borg_lock_wait_time: 5
+borg_ssh_command: false
+borg_remote_path: false
+borg_remote_rate_limit: 0
+borg_retention_policy:
+  keep_hourly: 3
+  keep_daily: 7
+  keep_weekly: 4
+  keep_monthly: 6
+create_repo: False

roles/borgmatic/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+# handlers file for borgmatic
+- name: reload systemd
+  systemd: 
+    daemon_reload: yes

roles/borgmatic/molecule/default/converge.yml

@@ -0,0 +1,26 @@
+---
+- name: Converge
+  hosts: all
+  become: yes
+  vars:
+    - borg_source_directories:
+      - /media/test1/
+      - /media/test2/
+    - borg_repository:
+      - /backup/
+    
+  pre_tasks:
+    - name: Update apt cache
+      apt:
+        update_cache: yes
+
+    - name: Create sources directories
+      file:
+        path: "{{ item }}"
+        state: directory
+      with_items: "{{ borg_source_directories + borg_repository}}"
+
+  tasks:
+    - name: "Include borgmatic"
+      include_role:
+        name: "borgmatic"

roles/borgmatic/molecule/default/molecule.yml

@@ -3,14 +3,17 @@ dependency:
   name: galaxy
 driver:
   name: vagrant
+  provider:
+    name: virtualbox
 platforms:
-  - name: archlinux
-    box: "archlinux/archlinux"
   - name: Debian
     box: "debian/bullseye64"
+    pre_build_image: true
+
 provisioner:
   name: ansible
 verifier:
   name: testinfra
   options:
     sudo: true
+    v: 3

roles/borgmatic/molecule/default/tests/test_default.py

@@ -0,0 +1,20 @@
+"""Role testing files using testinfra."""
+import pytest
+
+def test_installed_packages(host):
+    borgbackup = host.package("borgbackup")
+    assert borgbackup.is_installed
+    borgmatic = host.package("borgmatic")
+    assert borgmatic.is_installed
+
+def test_borgmatic_config(host):
+    config_file = "/etc/borgmatic/default.yaml"
+    config = host.file(config_file)
+    assert config.exists
+    valid_config = host.run(f"sudo validate-borgmatic-config -c {config_file}")
+    assert valid_config.succeeded
+
+def test_borgmatic_service(host):
+    borgmatic_service = host.service("borgmatic_default") 
+    assert borgmatic_service.is_valid
+    assert borgmatic_service.is_enabled

roles/borgmatic/tasks/main.yml

@@ -0,0 +1,67 @@
+---
+# tasks file for borgmatic
+- name: debug
+  debug:
+    msg: "{{ borgmatic_config_file }}"
+
+- name: Assert borg_source_directories not empty
+  assert:
+    that: "{{ borg_source_directories != [] }}"
+
+- name: Assert borg_repository not empty
+  assert:
+    that: "{{ borg_repository != [] }}"
+
+- name: stat on sources
+  stat:
+    path: "{{ item }}"
+  with_items: "{{ borg_source_directories }}"
+  register: sources_exists
+
+- name: Assert sources exists
+  assert:
+    that: "{{ item }}.stat.exists"
+  with_items: "{{ sources_exists.results }}"
+
+- name: Install borg and borgmatic
+  apt:
+    name: "{{ item }}"
+    state: present 
+  with_items:
+    - borgbackup
+    - borgmatic
+
+- name: Make dir for borgmatic in etc
+  file:
+    path: "/etc/borgmatic"
+    state: directory
+
+- name: Borgmatic config
+  template:
+    src: config.yaml.j2
+    dest: "{{ borgmatic_config_file }}"
+    mode: 644
+    validate: "validate-borgmatic-config -c %s"
+
+- name: copy systemd service
+  template:
+    src: service.j2
+    dest: "/lib/systemd/system/borgmatic_{{ borgmatic_name }}.service"
+    mode: 644
+  notify: "reload systemd"
+
+- name: copy systemd timer for executing borgmatic after boot
+  template:
+    src: afterboot.timer.j2
+    dest: "/lib/systemd/system/borgmatic_{{ borgmatic_name }}.timer"
+  notify: "reload systemd"
+
+- name: disable service
+  systemd:
+    name: "borgmatic_{{ borgmatic_name }}.service"
+    enabled: no
+
+- name: enable timer
+  systemd:
+    name: "borgmatic_{{ borgmatic_name }}.timer"
+    enabled: yes

roles/borgmatic/templates/afterboot.timer.j2

@@ -0,0 +1,11 @@
+#jinja2: lstrip_blocks: "True", trim_blocks: "True"
+{{ ansible_managed | comment }}
+[Unit]
+Description=Run borgmatic {{ borgmatic_name }} backup
+
+[Timer]
+OnBootSec=2min
+Persistent=true
+
+[Install]
+WantedBy=timers.target

roles/borgmatic/templates/config.yaml.j2

@@ -0,0 +1,187 @@
+#jinja2: lstrip_blocks: "True", trim_blocks: "True"
+---
+# From borgbase/ansible-role-borgbackup
+
+{{ ansible_managed | comment }}
+
+# Full config: https://torsion.org/borgmatic/docs/reference/config.yaml
+location:
+    source_directories:
+{% for dir in borg_source_directories %}
+        - {{ dir }}
+{% endfor %}
+
+    # Stay in same file system (do not cross mount points).
+    one_file_system: {{ borg_one_file_system }}
+    repositories:
+{% if borg_repository is iterable and (borg_repository is not string and borg_repository is not mapping) %}
+  {% for repo in borg_repository %}
+        - {{ repo }}
+  {% endfor %}
+{% elif borg_repository is defined and borg_repository is string %}
+        - {{ borg_repository }}
+{% endif %}
+
+    # Store atime into archive.
+    atime: {{ borgmatic_store_atime }}
+
+    # Store ctime into archive.
+    ctime: {{ borgmatic_store_ctime }}
+
+{% if borg_exclude_patterns %}
+    # Any paths matching these patterns are excluded from backups. Globs and tildes
+    # are expanded. See the output of "borg help patterns" for more details.
+    exclude_patterns:
+{% for dir in borg_exclude_patterns %}
+        - '{{ dir }}'
+{% endfor %}
+{% endif %}
+{% if borg_exclude_from %}
+    # Read exclude patterns from one or more separate named files, one pattern per
+    # line. See the output of "borg help patterns" for more details.
+    exclude_from:
+{% for dir in borg_exclude_from %}
+        - {{ dir }}
+{% endfor %}
+{% endif %}
+
+    # Exclude directories that contain a CACHEDIR.TAG file. See
+    # http://www.brynosaurus.com/cachedir/spec.html for details.
+    exclude_caches: true
+
+    # Exclude directories that contain a file with the given filename.
+    exclude_if_present: .nobackup
+
+    # Alternate Borg remote executable. Defaults to "borg".
+    # remote_path: borg1
+{% if borg_remote_path %}
+    remote_path: {{ borg_remote_path }}
+{% endif %}
+
+# Repository storage options. See
+# https://borgbackup.readthedocs.io/en/stable/usage.html#borg-create and
+# https://borgbackup.readthedocs.io/en/stable/usage/general.html#environment-variables for
+# details.
+storage:
+    encryption_passphrase: {{ borg_encryption_passphrase }}
+
+    # The standard output of this command is used to unlock the encryption key. Only
+    # use on repositories that were initialized with passcommand/repokey encryption.
+    # Note that if both encryption_passcommand and encryption_passphrase are set,
+    # then encryption_passphrase takes precedence.
+    # encryption_passcommand: secret-tool lookup borg-repository repo-name
+{% if borg_encryption_passcommand %}
+    encryption_passcommand: {{ borg_encryption_passcommand }}
+{% endif %}
+
+    # Type of compression to use when creating archives. See
+    # https://borgbackup.readthedocs.org/en/stable/usage.html#borg-create for details.
+    # Defaults to no compression.
+    compression: auto,zstd
+
+    # Remote network upload rate limit in kiBytes/second.
+{% if borg_remote_rate_limit %}
+    remote_rate_limit: {{ borg_remote_rate_limit }}
+{% endif %}
+
+    # Command to use instead of just "ssh". This can be used to specify ssh options.
+    # ssh_command: ssh -i ~/.ssh/id_ed25519
+{% if borg_ssh_command %}
+    ssh_command: {{ borg_ssh_command }}
+{% endif %}
+
+    # Umask to be used for borg create.
+    umask: 0077
+
+    # Maximum seconds to wait for acquiring a repository/cache lock.
+    lock_wait: {{ borg_lock_wait_time }}
+
+    # Name of the archive. Borg placeholders can be used. See the output of
+    # "borg help placeholders" for details. Default is
+    # "{hostname}-{now:%Y-%m-%dT%H:%M:%S.%f}". If you specify this option, you must
+    # also specify a prefix in the retention section to avoid accidental pruning of
+    # archives with a different archive name format. And you should also specify a
+    # prefix in the consistency section as well.
+    archive_name_format: '{hostname}-{{ borgmatic_name }}-{now:%Y-%m-%d-%H%M%S}'
+
+    # Bypass Borg error about a repository that has been moved.
+    relocated_repo_access_is_ok: {{ borgmatic_relocated_repo_access_is_ok }}
+
+# Retention policy for how many backups to keep in each category. See
+# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-prune for details.
+# At least one of the "keep" options is required for pruning to work.
+retention:
+{% if borg_retention_policy.keep_secondly is defined %}
+    # Number of secondly archives to keep.
+    keep_secondly: {{ borg_retention_policy.keep_secondly }}
+{% endif %}
+
+{% if borg_retention_policy.keep_minutely is defined %}
+    # Number of minutely archives to keep.
+    keep_minutely: {{ borg_retention_policy.keep_minutely }}
+{% endif %}
+
+{% if borg_retention_policy.keep_hourly is defined %}
+    # Number of hourly archives to keep.
+    keep_hourly: {{ borg_retention_policy.keep_hourly }}
+{% endif %}
+
+{% if borg_retention_policy.keep_daily is defined %}
+    # Number of daily archives to keep.
+    keep_daily: {{ borg_retention_policy.keep_daily }}
+{% endif %}
+
+{% if borg_retention_policy.keep_weekly is defined %}
+    # Number of weekly archives to keep.
+    keep_weekly: {{ borg_retention_policy.keep_weekly }}
+{% endif %}
+
+{% if borg_retention_policy.keep_monthly is defined %}
+    # Number of monthly archives to keep.
+    keep_monthly: {{ borg_retention_policy.keep_monthly }}
+{% endif %}
+
+{% if borg_retention_policy.keep_yearly is defined %}
+    # Number of yearly archives to keep.
+    keep_yearly: {{ borg_retention_policy.keep_yearly }}
+{% endif %}
+
+    # When pruning, only consider archive names starting with this prefix.
+    # Borg placeholders can be used. See the output of "borg help placeholders" for
+    # details. Default is "{hostname}-".
+    prefix: '{hostname}-{{ borgmatic_name }}'
+
+# Consistency checks to run after backups. See
+# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-check and
+# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-extract for details.
+consistency:
+    # List of one or more consistency checks to run: "repository",
+    # "archives", "data", and/or "extract". Defaults to
+    # "repository" and "archives". Set to "disabled" to disable
+    # all consistency checks. "repository" checks the consistency
+    # of the repository, "archives" checks all of the archives,
+    # "data" verifies the integrity of the data within the
+    # archives, and "extract" does an extraction dry-run of the
+    # most recent archive. Note that "data" implies "archives".
+    checks:
+    {% for checks in borgmatic_checks %}
+        - {{ checks }}
+    {% endfor %}
+
+    # Restrict the number of checked archives to the last n. Applies only to the "archives" check.
+    check_last: {{ borgmatic_check_last }}
+
+    # When performing the "archives" check, only consider archive names starting with
+    # this prefix. Borg placeholders can be used. See the output of
+    # "borg help placeholders" for details. Default is "{hostname}-".
+    prefix: '{hostname}-{{ borgmatic_name }}'
+
+# Shell commands or scripts to execute before and after a backup or if an error has occurred.
+# IMPORTANT: All provided commands and scripts are executed with user permissions of borgmatic.
+# Do not forget to set secure permissions on this file as well as on any script listed (chmod 0700) to
+# prevent potential shell injection or privilege escalation.
+hooks:
+{% for hook in borgmatic_hooks %}
+    {{ hook }}:
+        {{ borgmatic_hooks[hook] | to_nice_yaml(indent=2) | trim | indent(8) }}
+{% endfor %}

roles/borgmatic/templates/service.j2

@@ -0,0 +1,14 @@
+#jinja2: lstrip_blocks: "True", trim_blocks: "True"
+{{ ansible_managed | comment }}
+
+[Unit]
+Description=borgmatic {{ borgmatic_name }}backup
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+Type=oneshot
+
+# Delay start to prevent backups running during boot. Note that systemd-inhibit requires dbus and
+# dbus-user-session to be installed.
+ExecStart=/usr/bin/systemd-inhibit --who="borgmatic {{ borgmatic_name }}" --why="Prevent interrupting scheduled backup" /usr/bin/borgmatic -c {{ borgmatic_config_file }} --verbosity -1 --syslog-verbosity 1

roles/borgmatic/tests/test.yml

@@ -2,4 +2,4 @@
 - hosts: localhost
   remote_user: root
   roles:
-    - users
+    - borgmatic

roles/borgmatic/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for borgmatic

roles/collectd/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for collectd

roles/collectd/files/types.db

@@ -0,0 +1,316 @@
+absolute                value:ABSOLUTE:0:U
+apache_bytes            value:DERIVE:0:U
+apache_connections      value:GAUGE:0:65535
+apache_idle_workers     value:GAUGE:0:65535
+apache_requests         value:DERIVE:0:U
+apache_scoreboard       value:GAUGE:0:65535
+ath_nodes               value:GAUGE:0:65535
+ath_stat                value:DERIVE:0:U
+backends                value:GAUGE:0:65535
+bad_peb_count           value:COUNTER:0:U
+bitrate                 value:GAUGE:0:4294967295
+blocked_clients         value:GAUGE:0:U
+bool                    value:GAUGE:0:1
+bucket                  value:GAUGE:0:U
+buffer                  value:GAUGE:0:18446744073709551615
+bytes                   value:GAUGE:0:U
+cache_eviction          value:DERIVE:0:U
+cache_operation         value:DERIVE:0:U
+cache_ratio             value:GAUGE:0:100
+cache_result            value:DERIVE:0:U
+cache_size              value:GAUGE:0:1125899906842623
+capacity                value:GAUGE:0:U
+ceph_bytes              value:GAUGE:U:U
+ceph_latency            value:GAUGE:U:U
+ceph_rate               value:DERIVE:0:U
+changes_since_last_save value:GAUGE:0:U
+charge                  value:GAUGE:0:U
+clock_last_meas         value:GAUGE:0:U
+clock_last_update       value:GAUGE:U:U
+clock_mode              value:GAUGE:0:U
+clock_reachability      value:GAUGE:0:U
+clock_skew_ppm          value:GAUGE:0:1000000
+clock_state             value:GAUGE:0:U
+clock_stratum           value:GAUGE:0:U
+compression             uncompressed:DERIVE:0:U, compressed:DERIVE:0:U
+compression_ratio       value:GAUGE:0:2
+commands                value:DERIVE:0:U
+connections             value:DERIVE:0:U
+conntrack               value:GAUGE:0:4294967295
+contextswitch           value:DERIVE:0:U
+controller              value:GAUGE:0:18446744073709551615
+cookies                 value:DERIVE:0:U
+count                   value:GAUGE:0:U
+counter                 value:COUNTER:U:U
+cpu                     value:DERIVE:0:U
+cpu_affinity            value:GAUGE:0:1
+cpufreq                 value:GAUGE:0:U
+current                 value:GAUGE:U:U
+current_connections     value:GAUGE:0:U
+current_sessions        value:GAUGE:0:U
+delay                   value:GAUGE:-1000000:1000000
+delay_rate              value:GAUGE:0:U
+derive                  value:DERIVE:0:U
+df                      used:GAUGE:0:1125899906842623, free:GAUGE:0:1125899906842623
+df_complex              value:GAUGE:0:U
+df_inodes               value:GAUGE:0:U
+dilution_of_precision   value:GAUGE:0:U
+disk_allocation         value:GAUGE:0:U
+disk_capacity           value:GAUGE:0:U
+disk_error              value:GAUGE:0:U
+disk_io_time            io_time:DERIVE:0:U, weighted_io_time:DERIVE:0:U
+disk_latency            read:GAUGE:0:U, write:GAUGE:0:U
+disk_merged             read:DERIVE:0:U, write:DERIVE:0:U
+disk_octets             read:DERIVE:0:U, write:DERIVE:0:U
+disk_ops                read:DERIVE:0:U, write:DERIVE:0:U
+disk_ops_complex        value:DERIVE:0:U
+disk_physical           value:GAUGE:0:U
+disk_time               read:DERIVE:0:U, write:DERIVE:0:U
+dns_answer              value:DERIVE:0:U
+dns_notify              value:DERIVE:0:U
+dns_octets              queries:DERIVE:0:U, responses:DERIVE:0:U
+dns_opcode              value:DERIVE:0:U
+dns_qtype               value:DERIVE:0:U
+dns_qtype_cached        value:GAUGE:0:4294967295
+dns_query               value:DERIVE:0:U
+dns_question            value:DERIVE:0:U
+dns_rcode               value:DERIVE:0:U
+dns_reject              value:DERIVE:0:U
+dns_request             value:DERIVE:0:U
+dns_resolver            value:DERIVE:0:U
+dns_response            value:DERIVE:0:U
+dns_transfer            value:DERIVE:0:U
+dns_update              value:DERIVE:0:U
+dns_zops                value:DERIVE:0:U
+domain_state            state:GAUGE:0:U, reason:GAUGE:0:U
+dpdk_telemetry          value:COUNTER:0:U
+drbd_resource           value:DERIVE:0:U
+duration                seconds:GAUGE:0:U
+email_check             value:GAUGE:0:U
+email_count             value:GAUGE:0:U
+email_size              value:GAUGE:0:U
+energy                  value:GAUGE:U:U
+energy_wh               value:GAUGE:U:U
+entropy                 value:GAUGE:0:4294967295
+errors                  value:DERIVE:0:U
+evicted_keys            value:DERIVE:0:U
+expired_keys            value:DERIVE:0:U
+fanspeed                value:GAUGE:0:U
+file_handles            value:GAUGE:0:U
+file_size               value:GAUGE:0:U
+files                   value:GAUGE:0:U
+filter_result           value:DERIVE:0:U
+flow                    value:GAUGE:0:U
+fork_rate               value:DERIVE:0:U
+freepages               value:GAUGE:0:U
+frequency               value:GAUGE:0:U
+frequency_error         value:GAUGE:-1000000:1000000
+frequency_offset        value:GAUGE:-1000000:1000000
+fscache_stat            value:DERIVE:0:U
+gauge                   value:GAUGE:U:U
+hash_collisions         value:DERIVE:0:U
+health                  value:GAUGE:0:18446744073709551615
+http_request_methods    value:DERIVE:0:U
+http_requests           value:DERIVE:0:U
+http_response_codes     value:DERIVE:0:U
+humidity                value:GAUGE:0:100
+if_collisions           value:DERIVE:0:U
+if_dropped              rx:DERIVE:0:U, tx:DERIVE:0:U
+if_errors               rx:DERIVE:0:U, tx:DERIVE:0:U
+if_multicast            value:DERIVE:0:U
+if_octets               rx:DERIVE:0:U, tx:DERIVE:0:U
+if_packets              rx:DERIVE:0:U, tx:DERIVE:0:U
+if_rx_dropped           value:DERIVE:0:U
+if_rx_errors            value:DERIVE:0:U
+if_rx_nohandler         value:DERIVE:0:U
+if_rx_octets            value:DERIVE:0:U
+if_rx_packets           value:DERIVE:0:U
+if_tx_dropped           value:DERIVE:0:U
+if_tx_errors            value:DERIVE:0:U
+if_tx_octets            value:DERIVE:0:U
+if_tx_packets           value:DERIVE:0:U
+invocations             value:DERIVE:0:U
+io_octets               rx:DERIVE:0:U, tx:DERIVE:0:U
+io_ops                  read:DERIVE:0:U, write:DERIVE:0:U
+io_packets              rx:DERIVE:0:U, tx:DERIVE:0:U
+ipc                     value:GAUGE:0:U
+ipt_bytes               value:DERIVE:0:U
+ipt_packets             value:DERIVE:0:U
+irq                     value:DERIVE:0:U
+job_stats               value:DERIVE:0:U
+latency                 value:GAUGE:0:U
+links                   value:GAUGE:0:U
+load                    shortterm:GAUGE:0:5000, midterm:GAUGE:0:5000, longterm:GAUGE:0:5000
+max_ec                  value:COUNTER:0:U
+media                   value:GAUGE:0:18446744073709551615
+memory_bandwidth        value:DERIVE:0:U
+md_disks                value:GAUGE:0:U
+memcached_command       value:DERIVE:0:U
+memcached_connections   value:GAUGE:0:U
+memcached_items         value:GAUGE:0:U
+memcached_octets        rx:DERIVE:0:U, tx:DERIVE:0:U
+memcached_ops           value:DERIVE:0:U
+memory                  value:GAUGE:0:281474976710656
+memory_lua              value:GAUGE:0:281474976710656
+memory_throttle_count   value:DERIVE:0:U
+multimeter              value:GAUGE:U:U
+mutex_operations        value:DERIVE:0:U
+mysql_bpool_bytes       value:GAUGE:0:U
+mysql_bpool_counters    value:DERIVE:0:U
+mysql_bpool_pages       value:GAUGE:0:U
+mysql_commands          value:DERIVE:0:U
+mysql_handler           value:DERIVE:0:U
+mysql_innodb_data       value:DERIVE:0:U
+mysql_innodb_dblwr      value:DERIVE:0:U
+mysql_innodb_log        value:DERIVE:0:U
+mysql_innodb_pages      value:DERIVE:0:U
+mysql_innodb_row_lock   value:DERIVE:0:U
+mysql_innodb_rows       value:DERIVE:0:U
+mysql_locks             value:DERIVE:0:U
+mysql_log_position      value:DERIVE:0:U
+mysql_octets            rx:DERIVE:0:U, tx:DERIVE:0:U
+mysql_select            value:DERIVE:0:U
+mysql_sort              value:DERIVE:0:U
+mysql_sort_merge_passes value:DERIVE:0:U
+mysql_sort_rows         value:DERIVE:0:U
+mysql_slow_queries      value:DERIVE:0:U
+nfs_procedure           value:DERIVE:0:U
+nginx_connections       value:GAUGE:0:U
+nginx_requests          value:DERIVE:0:U
+node_octets             rx:DERIVE:0:U, tx:DERIVE:0:U
+node_rssi               value:GAUGE:0:255
+node_stat               value:DERIVE:0:U
+node_tx_rate            value:GAUGE:0:127
+objects                 value:GAUGE:0:U
+operations              value:DERIVE:0:U
+operations_per_second   value:GAUGE:0:U
+packets                 value:DERIVE:0:U
+pending_operations      value:GAUGE:0:U
+percent                 value:GAUGE:0:100.1
+percent_bytes           value:GAUGE:0:100.1
+percent_inodes          value:GAUGE:0:100.1
+perf                    value:DERIVE:0:U
+pf_counters             value:DERIVE:0:U
+pf_limits               value:DERIVE:0:U
+pf_source               value:DERIVE:0:U
+pf_state                value:DERIVE:0:U
+pf_states               value:GAUGE:0:U
+pg_blks                 value:DERIVE:0:U
+pg_db_size              value:GAUGE:0:U
+pg_n_tup_c              value:DERIVE:0:U
+pg_n_tup_g              value:GAUGE:0:U
+pg_numbackends          value:GAUGE:0:U
+pg_scan                 value:DERIVE:0:U
+pg_xact                 value:DERIVE:0:U
+ping                    value:GAUGE:0:65535
+ping_droprate           value:GAUGE:0:1
+ping_stddev             value:GAUGE:0:65535
+players                 value:GAUGE:0:1000000
+pools                   value:GAUGE:0:U
+power                   value:GAUGE:U:U
+pressure                value:GAUGE:0:U
+protocol_counter        value:DERIVE:0:U
+ps_code                 value:GAUGE:0:9223372036854775807
+ps_count                processes:GAUGE:0:1000000, threads:GAUGE:0:1000000
+ps_cputime              user:DERIVE:0:U, syst:DERIVE:0:U
+ps_data                 value:GAUGE:0:9223372036854775807
+ps_disk_octets          read:DERIVE:0:U, write:DERIVE:0:U
+ps_disk_ops             read:DERIVE:0:U, write:DERIVE:0:U
+ps_pagefaults           minflt:DERIVE:0:U, majflt:DERIVE:0:U
+ps_rss                  value:GAUGE:0:9223372036854775807
+ps_stacksize            value:GAUGE:0:9223372036854775807
+ps_state                value:GAUGE:0:65535
+ps_vm                   value:GAUGE:0:9223372036854775807
+pstates_enabled         value:GAUGE:0:1
+pubsub                  value:GAUGE:0:U
+queue_length            value:GAUGE:0:U
+records                 value:GAUGE:0:U
+redis_command_cputime   value:DERIVE:0:U
+requests                value:GAUGE:0:U
+response_code           value:GAUGE:0:U
+response_time           value:GAUGE:0:U
+root_delay              value:GAUGE:U:U
+root_dispersion         value:GAUGE:U:U
+route_etx               value:GAUGE:0:U
+route_metric            value:GAUGE:0:U
+routes                  value:GAUGE:0:U
+satellites              value:GAUGE:0:U
+segments                value:GAUGE:0:65535
+serial_octets           rx:DERIVE:0:U, tx:DERIVE:0:U
+signal_noise            value:GAUGE:U:0
+signal_power            value:GAUGE:U:0
+signal_quality          value:GAUGE:0:U
+slurm_job_state         value:GAUGE:0:U
+slurm_node_state        value:GAUGE:0:U
+slurm_backfilled_jobs   value:DERIVE:0:U
+slurm_cycles            value:DERIVE:0:U
+slurm_cycle_last        value:GAUGE:0:U
+slurm_cycle_duration    value:DERIVE:0:U
+slurm_last_cycle_depth  value:GAUGE:0:U
+slurm_cycle_depth       value:DERIVE:0:U
+slurm_job_stats         value:DERIVE:0:U
+slurm_queue_length      value:DERIVE:0:U
+smart_attribute         current:GAUGE:0:255, worst:GAUGE:0:255, threshold:GAUGE:0:255, pretty:GAUGE:0:U
+smart_badsectors        value:GAUGE:0:U
+smart_powercycles       value:GAUGE:0:U
+smart_poweron           value:GAUGE:0:U
+smart_temperature       value:GAUGE:-300:300
+snr                     value:GAUGE:0:U
+spam_check              value:GAUGE:0:U
+spam_score              value:GAUGE:U:U
+spl                     value:GAUGE:U:U
+swap                    value:GAUGE:0:1099511627776
+swap_io                 value:DERIVE:0:U
+sysevent                value:GAUGE:0:1
+tcp_connections         value:GAUGE:0:4294967295
+tdp                     value:GAUGE:U:U
+temperature             value:GAUGE:U:U
+threads                 value:GAUGE:0:U
+time_dispersion         value:GAUGE:-1000000:1000000
+time_offset             value:GAUGE:-1000000:1000000
+time_offset_ntp         value:GAUGE:-1000000:1000000
+time_offset_rms         value:GAUGE:-1000000:1000000
+time_ref                value:GAUGE:0:U
+timeleft                value:GAUGE:0:U
+timestamp               value:GAUGE:0:18446744073709551615
+total_bytes             value:DERIVE:0:U
+total_connections       value:DERIVE:0:U
+total_events            value:DERIVE:0:U
+total_objects           value:DERIVE:0:U
+total_operations        value:DERIVE:0:U
+total_requests          value:DERIVE:0:U
+total_sessions          value:DERIVE:0:U
+total_threads           value:DERIVE:0:U
+total_time_in_ms        value:DERIVE:0:U
+total_values            value:DERIVE:0:U
+turbo_enabled           value:GAUGE:0:1
+transitions             value:DERIVE:0:U
+uptime                  value:GAUGE:0:4294967295
+uncore_ratio            value:GAUGE:0:U
+users                   value:GAUGE:0:65535
+vcl                     value:GAUGE:0:65535
+vcpu                    value:GAUGE:0:U
+virt_cpu_total          value:DERIVE:0:U
+virt_vcpu               value:DERIVE:0:U
+vmpage_action           value:DERIVE:0:U
+vmpage_faults           minflt:DERIVE:0:U, majflt:DERIVE:0:U
+vmpage_io               in:DERIVE:0:U, out:DERIVE:0:U
+vmpage_number           value:GAUGE:0:4294967295
+volatile_changes        value:GAUGE:0:U
+voltage                 value:GAUGE:U:U
+voltage_threshold       value:GAUGE:U:U, threshold:GAUGE:U:U
+vs_memory               value:GAUGE:0:9223372036854775807
+vs_processes            value:GAUGE:0:65535
+vs_threads              value:GAUGE:0:65535
+
+#
+# Legacy types
+# (required for the v5 upgrade target)
+#
+arc_counts              demand_data:COUNTER:0:U, demand_metadata:COUNTER:0:U, prefetch_data:COUNTER:0:U, prefetch_metadata:COUNTER:0:U
+arc_l2_bytes            read:COUNTER:0:U, write:COUNTER:0:U
+arc_l2_size             value:GAUGE:0:U
+arc_ratio               value:GAUGE:0:U
+arc_size                current:GAUGE:0:U, target:GAUGE:0:U, minlimit:GAUGE:0:U, maxlimit:GAUGE:0:U
+mysql_qcache            hits:COUNTER:0:U, inserts:COUNTER:0:U, not_cached:COUNTER:0:U, lowmem_prunes:COUNTER:0:U, queries_in_cache:GAUGE:0:U
+mysql_threads           running:GAUGE:0:U, connected:GAUGE:0:U, cached:GAUGE:0:U, created:COUNTER:0:U

roles/collectd/handlers/main.yml

@@ -0,0 +1,6 @@
+---
+# handlers file for collectd
+- name: Restart collectd
+  systemd:
+    name: collectd
+    state: restarted

roles/collectd/molecule/default/converge.yml

@@ -0,0 +1,20 @@
+---
+- name: Converge
+  become: yes
+  hosts: all
+  vars:
+    - collectd_network_server: testvagrant
+    - collectd_network_server: 192.168.2.240
+    - collectd_network_port: 25826
+    
+  pre_tasks:
+    - name: Update apt cache
+      apt:
+        update_cache: yes
+    - name: set hostname
+      hostname:
+        name: vagrantcollectd
+  tasks:
+    - name: "Include collectd"
+      include_role:
+        name: "collectd"

roles/collectd/molecule/default/molecule.yml

@@ -3,12 +3,17 @@ dependency:
   name: galaxy
 driver:
   name: vagrant
+  provider:
+    name: virtualbox
 platforms:
-  - name: archlinux
-    box: "archlinux/archlinux"
   - name: Debian
     box: "debian/bullseye64"
+    pre_build_image: true
+
 provisioner:
   name: ansible
 verifier:
   name: testinfra
+  options:
+    sudo: true
+    v: 3

roles/collectd/molecule/default/tests/test_default.py

@@ -0,0 +1,18 @@
+"""Role testing files using testinfra."""
+import pytest
+
+def test_installed_packages(host):
+    collectd = host.package("collectd-core")
+    assert collectd.is_installed
+
+def test_config(host):
+    collectd_config = host.file("/etc/collectd/collectd.conf")
+    assert collectd_config.exists
+
+    dtypes = host.file("/usr/share/collectd/types.db")
+    assert dtypes.exists
+
+def test_service(host):
+    collectd = host.service("collectd")
+    assert collectd.is_enabled
+    assert collectd.is_running

roles/collectd/molecule/default/verify.yml

@@ -0,0 +1,10 @@
+---
+# This is an example playbook to execute Ansible tests.
+
+- name: Verify
+  hosts: all
+  gather_facts: false
+  tasks:
+  - name: Example assertion
+    assert:
+      that: true

roles/collectd/tasks/main.yml

@@ -0,0 +1,30 @@
+---
+# tasks file for collectd
+
+- name: Install collectd
+  apt:
+    name: collectd-core
+    state: present
+
+- name: Make config dir
+  file:
+    path: "/etc/collectd/"
+    state: directory
+
+- name: Copy dtypes.db
+  copy:
+    src: types.db
+    dest: /usr/share/collectd/types.db
+
+- name: Feed config
+  template:
+    src: collectd.conf.j2
+    dest: /etc/collectd/collectd.conf
+    mode: 644
+  notify:
+    - Restart collectd
+
+- name: Enable collectd service
+  systemd:
+    name: "collectd.service"
+    enabled: yes

roles/collectd/templates/collectd.conf.j2

@@ -0,0 +1,18 @@
+Hostname    "{{ collectd_hostname | default(inventory_hostname) }}"
+TypesDB     "/usr/share/collectd/types.db"
+
+LoadPlugin network
+<Plugin "network">
+    Server "{{ collectd_network_server }}" "{{ collectd_network_port }}"
+</Plugin>
+
+LoadPlugin cpu
+LoadPlugin load
+LoadPlugin memory
+
+LoadPlugin df
+<Plugin "df">
+  IgnoreSelected true
+</Plugin>
+
+

roles/collectd/tests/test.yml

@@ -2,4 +2,4 @@
 - hosts: localhost
   remote_user: root
   roles:
-    - gnome
+    - collectd

roles/collectd/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for collectd

roles/core/defaults/main.yml

@@ -29,6 +29,8 @@ pacman_admin:
   - cifs-utils
   - traceroute
   - smartmontools
+  - vifm
+  - w3m
 
 pacman_pkgs:
   - "{{ pacman_base }}"

roles/core/files/sudoers

@@ -0,0 +1,7 @@
+root  ALL=(ALL) ALL
+%sudo ALL=(ALL) ALL
+
+Defaults env_reset
+Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+#includedir /etc/sudoers.d

roles/core/tasks/main.yml

@@ -6,3 +6,13 @@
     state: present
   with_items: "{{ pacman_pkgs }}"
 
+- name: Configure sudoers
+  template:
+    src: files/sudoers
+    dest: /etc/sudoers
+    mode: 0440
+
+- name: Create sudo group
+  group:
+    name: sudo
+    state: present

roles/dotfiles/defaults/main.yml

@@ -1,4 +0,0 @@
----
-username: 'user1'
-
-config2stow: ["nvim", "tmux", "zsh"]

roles/dotfiles/molecule/.yamllint

@@ -1,33 +0,0 @@
----
-# Based on ansible-lint config
-extends: default
-
-rules:
-  braces:
-    max-spaces-inside: 1
-    level: error
-  brackets:
-    max-spaces-inside: 1
-    level: error
-  colons:
-    max-spaces-after: -1
-    level: error
-  commas:
-    max-spaces-after: -1
-    level: error
-  comments: disable
-  comments-indentation: disable
-  document-start: disable
-  empty-lines:
-    max: 3
-    level: error
-  hyphens:
-    level: error
-  indentation: disable
-  key-duplicates: enable
-  line-length: disable
-  new-line-at-end-of-file: disable
-  new-lines:
-    type: unix
-  trailing-spaces: disable
-  truthy: disable

roles/dotfiles/molecule/default/converge.yml

@@ -1,43 +0,0 @@
----
-- name: Converge
-  hosts: all
-  vars:
-    users:
-      - username: user1
-        config2stow: ["nvim", "tmux", "zsh"]
-        password: "$y$j9T$PR8GfM2MjGudOCd7hF9NP1$/qRGtuNuWaRVVGmB1A4rgtaT0MMB9IoB4fnaxW1kvf4" #plop
-      - username: user2
-        password:  "$y$j9T$PR8GfM2MjGudOCd7hF9NP1$/qRGtuNuWaRVVGmB1A4rgtaT0MMB9IoB4fnaxW1kvf4" #plop
-        config2stow: ["nvim", "tmux"]
-
-  pre_tasks:
-    - name: update_cache for arch
-      pacman:
-        update_cache: yes
-      become: yes
-      when: ansible_os_family == "Archlinux"
-
-    - name: update_cache for debian
-      apt:
-        update_cache: yes
-      become: yes
-      when: ansible_os_family == "Debian"
-
-    - name: Create user
-      ansible.builtin.user:
-        name: "{{ item.username }}"
-        password: "{{ item.password }}" #plop
-        state: present
-      with_items: "{{ users }}"
-      become: yes
-  
-  tasks:
-    - name: "Include dotfiles"
-      include_role:
-        name: "dotfiles"
-      vars:
-        username: "{{ user.username }}"
-        config2stow: "{{ user.config2stow }}"
-      loop: "{{ users }}"
-      loop_control:
-        loop_var: user

roles/dotfiles/molecule/default/tests/test_default.py

@@ -1,39 +0,0 @@
-"""Role testing files using testinfra."""
-
-USER1 = "user1"
-USER2 = "user2"
-
-def test_stow_installed(host):
-    stow = host.package("stow")
-    assert stow.is_installed
-
-def test_dotfile_cloned(host):
-    dotfiles = host.file(f"/home/{USER1}/.dotfiles")
-    assert dotfiles.exists
-    assert dotfiles.user == USER1
-
-    dotfiles = host.file(f"/home/{USER2}/.dotfiles")
-    assert dotfiles.exists
-    assert dotfiles.user == USER2
-
-def test_dotfile_stowed(host):
-    homepath = f"/home/{USER1}"
-    nvim = host.file(homepath + "/.config/nvim/")
-    assert nvim.exists
-    tmux = host.file(homepath + "/.tmux/")
-    assert tmux.exists
-    zshenv = host.file(homepath + "/.zshenv")
-    assert zshenv.exists
-    zsh = host.file(homepath + "/.config/zsh/")
-    assert zsh.exists
-
-    homepath = f"/home/{USER2}"
-    nvim = host.file(homepath + "/.config/nvim/")
-    assert nvim.exists
-    tmux = host.file(homepath + "/.tmux/")
-    assert tmux.exists
-    zshenv = host.file(homepath + "/.zshenv")
-    assert not zshenv.exists
-    zsh = host.file(homepath + "/.config/zsh/")
-    assert not zsh.exists
-

roles/dotfiles/tasks/arch.yml

@@ -1,12 +0,0 @@
----
-- name: Install stow
-  community.general.pacman:
-    name: stow
-    state: present 
-  become: true
-
-- name: Install git
-  community.general.pacman:
-    name: git
-    state: present 
-  become: true

roles/dotfiles/tasks/debian.yml

@@ -1,14 +0,0 @@
----
-- name: Install stow
-  apt:
-    name: stow
-    state: present 
-    update_cache: yes
-  become: true
-
-- name: Install git
-  apt:
-    name: git
-    state: present 
-    update_cache: yes
-  become: true

roles/dotfiles/tasks/gnome.yml

@@ -1,42 +0,0 @@
----
-- name: <super + q> to close window
-  dconf:
-    key: "/org/gnome/desktop/wm/keybindings/close"
-    value: "['<Super>q']"
-    state: present
-
-- name: <super + enter> to fire a terminal - binding
-  dconf:
-    key: "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/binding"
-    value: "'<Super>Return'"
-    state: present
-
-- name: <super + enter> to fire a terminal - command
-  dconf:
-    key: "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/command"
-    value: "'urxvt'"
-    state: present
-
-- name: <super + enter> to fire a terminal - name
-  dconf:
-    key: "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/name"
-    value: "'Terminal'"
-    state: present
-
-- name: Shell theme
-  dconf:
-    key: "/org/gnome/shell/extensions/user-theme/name"
-    value: "'Materia-dark-compact'"
-    state: present
-
-- name: Gtk theme
-  dconf:
-    key: "/org/gnome/desktop/interface/gkt-theme"
-    value: "'Materia-dark-compact'"
-    state: present
-
-- name: Icon theme
-  dconf:
-    key: "/org/gnome/desktop/interface/icon-theme"
-    value: "'Tela-orange-dark'"
-    state: present

roles/dotfiles/tasks/main.yml

@@ -1,33 +0,0 @@
----
-- name: Install for arch
-  import_tasks: arch.yml
-  when: ansible_os_family == "Archlinux"
-
-- name: Install for debian
-  import_tasks: debian.yml
-  when: ansible_os_family == "Debian"
-
-- name: Clone dotfiles
-  ansible.builtin.git:
-    repo: 'https://git.opytex.org/lafrite/dotfiles.git'
-    dest: "/home/{{ username }}/.dotfiles"
-  become: yes
-
-- name: user owns its dotfiles
-  ansible.builtin.file:
-    path: "/home/{{ username }}/.dotfiles"
-    owner: "{{ username }}"
-  become: yes
-
-- name: stow configs
-  ansible.builtin.command:
-    cmd: stow {{ item }}
-    chdir: "/home/{{ username }}/.dotfiles"
-  with_items: "{{ config2stow }}"
-  become: yes
-
-- name: Gnome config
-  import_tasks: gnome.yml
-    #become: true
-  become_user: "{{ username }}"
-  when: no # soucis avec la version de psutil

roles/gnome/.yamllint

@@ -1,33 +0,0 @@
----
-# Based on ansible-lint config
-extends: default
-
-rules:
-  braces:
-    max-spaces-inside: 1
-    level: error
-  brackets:
-    max-spaces-inside: 1
-    level: error
-  colons:
-    max-spaces-after: -1
-    level: error
-  commas:
-    max-spaces-after: -1
-    level: error
-  comments: disable
-  comments-indentation: disable
-  document-start: disable
-  empty-lines:
-    max: 3
-    level: error
-  hyphens:
-    level: error
-  indentation: disable
-  key-duplicates: enable
-  line-length: disable
-  new-line-at-end-of-file: disable
-  new-lines:
-    type: unix
-  trailing-spaces: disable
-  truthy: disable

roles/gnome/defaults/main.yml

@@ -1,19 +0,0 @@
----
-# defaults file for gnome
-pacman_gnome:
-  - gnome
-  - gdm
-  - gnome-tweaks
-  - gparted
-  - transmission-gtk
-  - quodlibet
-  - networkmanager
-  - network-manager-applet
-  - gnome-keyring
-  - grsync
-  - soundconverter
-  - picard
-  - shotwell
-  - pitivi
-  - seahorse
-  - python-psutil

roles/gnome/handlers/main.yml

@@ -1,2 +0,0 @@
----
-# handlers file for gnome

roles/gnome/molecule/default/converge.yml

@@ -1,7 +0,0 @@
----
-- name: Converge
-  hosts: all
-  tasks:
-    - name: "Include gnome"
-      include_role:
-        name: "gnome"

roles/gnome/molecule/default/molecule.yml

@@ -1,11 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: vagrant
-platforms:
-  - name: instance
-provisioner:
-  name: ansible
-verifier:
-  name: testinfra

roles/gnome/molecule/default/tests/test_default.py

@@ -1,10 +0,0 @@
-"""Role testing files using testinfra."""
-
-
-def test_hosts_file(host):
-    """Validate /etc/hosts file."""
-    f = host.file("/etc/hosts")
-
-    assert f.exists
-    assert f.user == "root"
-    assert f.group == "root"

roles/gnome/tasks/arch.yml

@@ -1,35 +0,0 @@
----
-# tasks file for gnome
-- name: Install gnome packages
-  pacman:
-    name: "{{ item }}"
-    state: present
-  with_items: "{{ pacman_gnome }}"
-
-- name: Install look and feel
-  pacman: 
-    name: 
-      - materia-gtk-theme
-      - gnome-icon-theme-extras
-      - arc-solid-gtk-theme
-      - arc-gtk-theme
-      - gnome-themes-extra
-      - gnome-icon-theme-symbolic
-      - gnome-icon-theme
-      - adwaita-icon-theme
-    state: present
-
-- name: Install AUR Icons and gtk themes
-  aur:
-    name: "{{ item }}"
-    use: makepkg
-    state: present
-  with_items:
-    - plata-theme
-    - gnome-colors-icon-theme
-    - numix-icon-theme-git
-    - numix-circle-icon-theme-git
-    - tela-icon-theme-git
-  become: yes
-  become_user: aur_builder
-

roles/gnome/tasks/main.yml

@@ -1,81 +0,0 @@
----
-# tasks file for gnome
-- name: Install gnome for arch
-  import_tasks: arch.yml
-  when: ansible_os_family == "Archlinux"
-
-
-- name: enable service gdm
-  systemd:
-    name: gdm
-    enabled: yes
-
-- name: disable old network services
-  systemd:
-    name: '{{ item }}'
-    enabled: no
-  with_items:
-    - dhcpcd
-  ignore_errors: yes
-
-- name: enable service NetworkManager
-  systemd:
-    name: NetworkManager
-    enabled: yes
-
-- name: <super + q> to close window
-  dconf:
-    key: "/org/gnome/desktop/wm/keybindings/close"
-    value: "['<Super>q']"
-    state: present
-  become: true
-  become_user: "{{ me.username }}"
-
-- name: <super + enter> to fire a terminal - binding
-  dconf:
-    key: "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/binding"
-    value: "'<Super>Return'"
-    state: present
-  become: true
-  become_user: "{{ me.username }}"
-
-- name: <super + enter> to fire a terminal - command
-  dconf:
-    key: "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/command"
-    value: "'urxvt'"
-    state: present
-  become: true
-  become_user: "{{ me.username }}"
-
-- name: <super + enter> to fire a terminal - name
-  dconf:
-    key: "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom0/name"
-    value: "'Terminal'"
-    state: present
-  become: true
-  become_user: "{{ me.username }}"
-
-- name: Shell theme
-  dconf:
-    key: "/org/gnome/shell/extensions/user-theme/name"
-    value: "'Materia-dark-compact'"
-    state: present
-  become: true
-  become_user: "{{ me.username }}"
-
-- name: Gtk theme
-  dconf:
-    key: "/org/gnome/desktop/interface/gkt-theme"
-    value: "'Materia-dark-compact'"
-    state: present
-  become: true
-  become_user: "{{ me.username }}"
-
-- name: Icon theme
-  dconf:
-    key: "/org/gnome/desktop/interface/icon-theme"
-    value: "'Tela-orange-dark'"
-    state: present
-  become: true
-  become_user: "{{ me.username }}"
-

roles/gnome/vars/main.yml

@@ -1,2 +0,0 @@
----
-# vars file for gnome

roles/nfs_client/defaults/main.yml

@@ -0,0 +1,7 @@
+---
+# defaults file for nfs_client
+shares:
+  - mount_point: /media/nfs/default
+    server: test.lan
+    export: /test
+    options: defaults

roles/nfs_client/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for nfs_client

roles/nfs_client/molecule/default/converge.yml

@@ -0,0 +1,24 @@
+---
+- name: Converge
+  hosts: all
+  become: yes
+  vars:
+    - shares:
+      - mount_point: /media/nfs/default
+        server: test.lan
+        export: /test
+        options: defaults
+      - mount_point: /media/nfs/other
+        server: test.lan
+        export: /other
+        options: defaults
+
+  pre_tasks:
+    - name: Update apt cache
+      apt:
+        update_cache: yes
+
+  tasks:
+    - name: "Include nfs_client"
+      include_role:
+        name: "nfs_client"

roles/nfs_client/molecule/default/molecule.yml

@@ -0,0 +1,19 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: vagrant
+  provider:
+    name: virtualbox
+platforms:
+  - name: Debian
+    box: "debian/bullseye64"
+    pre_build_image: true
+
+provisioner:
+  name: ansible
+verifier:
+  name: testinfra
+  options:
+    sudo: true
+    v: 3

roles/nfs_client/molecule/default/tests/test_default.py

@@ -0,0 +1,7 @@
+"""Role testing files using testinfra."""
+import pytest
+
+def test_installed_packages(host):
+    nfs_common = host.package("nfs-common")
+    assert nfs_common.is_installed
+

roles/nfs_client/tasks/main.yml

@@ -0,0 +1,31 @@
+---
+# tasks file for nfs_client
+
+- name: Install nfs-common
+  apt:
+    name: "{{ item }}"
+    state: present 
+  with_items:
+    - nfs-common
+
+- name: Ensure rpcbind is running (Debian)
+  systemd: 
+    name: rpcbind 
+    state: started 
+    enabled: yes
+
+- name: Ensure nfs mount points exist
+  file:
+    path: "{{ item.mount_point }}"
+    state: directory
+  with_items: "{{ nfs_shares }}"
+
+- name: Add nfs shares to fstab
+  mount:
+    src: "{{ item.server }}:{{ item.export }}"
+    path: "{{ item.mount_point }}"
+    opts: "{{ item.options }}"
+    state: mounted
+    fstype: nfs
+  with_items: "{{ nfs_shares }}"
+  

roles/nfs_client/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

roles/nfs_client/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - nfs_client

roles/nfs_client/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for nfs_client

roles/user/molecule/default/converge.yml

@@ -4,10 +4,9 @@
   become: yes
   vars:
     users:
-      - username: user
+      - username: gooduser
         password: "$y$j9T$PR8GfM2MjGudOCd7hF9NP1$/qRGtuNuWaRVVGmB1A4rgtaT0MMB9IoB4fnaxW1kvf4" #plop
         shell: "/bin/zsh"
-        public_key:
         config:
           giturl: "https://git.opytex.org/lafrite/dotfiles.git"
           stowing: ["nvim", "tmux", "zsh"]

roles/user/molecule/default/molecule.yml

@@ -3,14 +3,19 @@ dependency:
   name: galaxy
 driver:
   name: vagrant
+  provider:
+    name: virtualbox
 platforms:
   - name: archlinux
     box: "archlinux/archlinux"
+    pre_build_image: true
   - name: Debian
     box: "debian/bullseye64"
+    pre_build_image: true
 provisioner:
   name: ansible
 verifier:
   name: testinfra
   options:
     sudo: true
+    v: 3

roles/user/molecule/default/tests/test_default.py

@@ -1,9 +1,9 @@
 """Role testing files using testinfra."""
-
+import pytest
 
 def test_create_users(host):
     """ Validate user creation """
-    user = host.user("user")
+    user = host.user("gooduser")
     assert user.exists
     assert user.uid >= 1000
     assert user.shell == "/bin/zsh"
@@ -17,7 +17,7 @@ def test_create_users(host):
     assert admin.home == f"/home/{admin.name}"
 
 def test_ssh_key(host):
-    user = host.user("user")
+    user = host.user("gooduser")
     sshdir = host.file(user.home + "/.ssh")
     assert not sshdir.exists
 
@@ -28,7 +28,7 @@ def test_ssh_key(host):
     assert autho.contains("user1@fool")
 
 def test_clone_dotfiles(host):
-    user = host.user("user")
+    user = host.user("gooduser")
     dotfiles = host.file(user.home + "/.dotfiles")
     assert dotfiles.exists
     assert dotfiles.user == user.name
@@ -37,3 +37,12 @@ def test_clone_dotfiles(host):
     dotfiles = host.file(admin.home + "/.dotfiles")
     assert dotfiles.exists
     assert dotfiles.user == admin.name
+
+def test_stow_config(host):
+    user = host.user("gooduser")
+    nvim_config = host.file(user.home + "/.config/nvim/")
+    assert nvim_config.exists
+
+    admin = host.user("admin")
+    nvim_config = host.file(admin.home + "/.config/nvim/")
+    assert not nvim_config.exists

roles/user/tasks/archlinux.yml

@@ -3,10 +3,9 @@
   community.general.pacman:
     name: stow
     state: present 
-  become: true
 
 - name: Install git
   community.general.pacman:
     name: git
     state: present 
-  become: true
+

roles/user/tasks/debian.yml

@@ -12,3 +12,10 @@
     state: present 
     update_cache: yes
   become: true
+
+- name: Install acl
+  apt:
+    name: acl
+    state: present 
+    update_cache: yes
+  become: true

roles/user/tasks/dotfiles.yml

@@ -0,0 +1,28 @@
+---
+- name: Install os-specific packages
+  include_tasks: "{{ ansible_os_family | lower }}.yml"
+
+- name: Clone dotfiles
+  ansible.builtin.git:
+    repo: "{{ user.config.giturl }}"
+    dest: "/home/{{ user.username }}/.dotfiles"
+  become: true
+  become_user: "{{ user.username }}"
+
+- name: stow configs
+  ansible.builtin.command:
+    cmd: stow {{ item }}
+    chdir: "/home/{{ user.username }}/.dotfiles"
+  with_items: "{{ user.config.stowing }}"
+
+- name: init neovim
+  import_tasks: neovim.yml
+  when: '"nvim" in user.config.stowing'
+
+- name: init vim
+  import_tasks: vim.yml
+  when: '"vim" in user.config.stowing'
+
+- name: init sway
+  import_tasks: sway.yml
+  when: '"sway" in user.config.stowing'

roles/user/tasks/main.yml

@@ -1,12 +1,16 @@
 ---
 # tasks file for user
+- name: set facts
+  set_fact:
+    username: "{{ user.username }}"
+
 # Create user
-- name: users -- Ensure wheel group exists
+- name: Ensure wheel group exists
   group:
     name: wheel
     state: present
 
-- name: create users
+- name: "{{ username }} --  create user "
   ansible.builtin.user:
     name: "{{ user.username }}"
     update_password: on_create
@@ -16,38 +20,32 @@
     shell: "{{ user.shell | default('/bin/bash') }}"
     state: present
     system: "{{ user.system | default('no') }}"
+    create_home: true
 
 # 
-- name: ssh -- Add public key
+- name: "{{ username }} -- Add public key"
   authorized_key: 
     user: "{{ user.username }}" 
     key: "{{ lookup('file', item.keyfile) }}"
     state: present
-  with_items: "{{ user.public_key }}"
+  with_items: "{{ user.public_key | default([]) }}"
-  when: user.public_key
 
 # Dotfiles
-- name: Install for arch
+- name: "{{ username }} -- set dotfiles"
-  import_tasks: arch.yml
+  import_tasks: dotfiles.yml
-  when: ansible_os_family == "Archlinux"
 
-- name: Install for debian
+- name: "{{ username }}: gtk_settings"
-  import_tasks: debian.yml
+  dconf:
-  when: ansible_os_family == "Debian"
+    key: "{{ item.key }}"
+    value: "{{ item.value }}"
+    state: present
+  with_items: "{{ user.gtk_settings | default([]) }}"
+  become: true
+  become_user: "{{ user.username }}"
 
-- name: Clone dotfiles
-  ansible.builtin.git:
-    repo: "{{ user.config.giturl }}"
-    dest: "/home/{{ user.username }}/.dotfiles"
 
-- name: user owns its dotfiles
+- name: "{{ username }} -- user owns its create_home"
-  ansible.builtin.file:
+  file:
     path: "/home/{{ user.username }}/.dotfiles"
     owner: "{{ user.username }}"
-
+    group: users
-- name: stow configs
-  ansible.builtin.command:
-    cmd: stow {{ item }}
-    chdir: "/home/{{ user.username }}/.dotfiles"
-  with_items: "{{ user.config.stowing }}"
-

roles/user/tasks/neovim.yml

@@ -0,0 +1,22 @@
+---
+- name: Install neovim
+  community.general.pacman:
+    name: neovim
+    state: present 
+  when: ansible_os_family == "Archlinux"
+
+- name: Install neovim
+  apt:
+    name: neovim
+    state: present 
+  when: ansible_os_family == "Debian"
+
+- name: Install packer
+  ansible.builtin.git:
+    repo: "https://github.com/wbthomason/packer.nvim"
+    dest: "/home/{{ user.username }}/.local/share/nvim/site/pack/packer/start/packer.nvim"
+    depth: 1
+  become: true
+  become_user: "{{ user.username }}"
+
+

roles/user/tasks/sway.yml

@@ -0,0 +1,28 @@
+---
+- name: Install sway packages
+  community.general.pacman:
+    name: 
+      - sway 
+      - gammastep
+      - mako
+      - rofi
+      - rofi-pass
+      - grim
+      - slurp
+      - kanshi
+      - blueman
+      - pamixer
+      - waybar
+      - network-manager-applet
+      - wlroots
+      - xdg-desktop-portal-wlr
+      - wl-clipboard
+      - gobject-introspection # for avizo
+    state: present 
+
+- name: Install sway AUR packages
+  aur:
+    name: avizo
+    state: present
+  become: yes
+  become_user: aur_builder

roles/user/tasks/vim.yml

@@ -0,0 +1,29 @@
+---
+- name: Install vim
+  community.general.pacman:
+    name: vim
+    state: present 
+  when: ansible_os_family == "Archlinux"
+
+- name: Install vim
+  apt:
+    name: vim
+    state: present 
+  when: ansible_os_family == "Debian"
+
+- name: mkdir autoload
+  ansible.builtin.file:
+    path: "/home/{{ user.username }}/.vim/autoload"
+    owner: "{{ user.username }}"
+    state: directory
+
+- name: Install vim-plug
+  get_url:
+    url: "https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim"
+    dest: "/home/{{ user.username }}/.vim/autoload/plug.vim"
+
+- name: user owns vim-plug
+  ansible.builtin.file:
+    path: "/home/{{ user.username }}/.vim/autoload/plug.vim"
+    owner: "{{ user.username }}"
+

roles/users/.yamllint

@@ -1,33 +0,0 @@
----
-# Based on ansible-lint config
-extends: default
-
-rules:
-  braces:
-    max-spaces-inside: 1
-    level: error
-  brackets:
-    max-spaces-inside: 1
-    level: error
-  colons:
-    max-spaces-after: -1
-    level: error
-  commas:
-    max-spaces-after: -1
-    level: error
-  comments: disable
-  comments-indentation: disable
-  document-start: disable
-  empty-lines:
-    max: 3
-    level: error
-  hyphens:
-    level: error
-  indentation: disable
-  key-duplicates: enable
-  line-length: disable
-  new-line-at-end-of-file: disable
-  new-lines:
-    type: unix
-  trailing-spaces: disable
-  truthy: disable

roles/users/README.md

@@ -1,38 +0,0 @@
-Role Name
-=========
-
-A brief description of the role goes here.
-
-Requirements
-------------
-
-Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
-
-Role Variables
---------------
-
-A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
-
-Dependencies
-------------
-
-A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
-
-Example Playbook
-----------------
-
-Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
-
-    - hosts: servers
-      roles:
-         - { role: username.rolename, x: 42 }
-
-License
--------
-
-BSD
-
-Author Information
-------------------
-
-An optional section for the role authors to include contact information, or a website (HTML is not allowed).

roles/users/defaults/main.yml

@@ -1,21 +0,0 @@
----
-# defaults file for users
-user1:
-  username: 'user1'
-  password: 'user1'
-  group: users
-  groups:
-  shell: '/bin/zsh'
-
-user2:
-  username: 'user2'
-  password: 'user2'
-  group: users
-  groups: wheel
-  system: yes
-
-users: ["{{ user1 }}", "{{ user2 }}"]
-
-public_key:
-    - user: "{{ user1 }}"
-      key: id_encrypt_fool.pub

roles/users/files/id_encrypt_fool.pub

@@ -1 +0,0 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdDO8452/DpTR8taSKa/i+rgAvrYP9Fv9hYLMuphHQ+ user1@fool

roles/users/handlers/main.yml

@@ -1,2 +0,0 @@
----
-# handlers file for users

roles/users/molecule/default/converge.yml

@@ -1,8 +0,0 @@
----
-- name: Converge
-  hosts: all
-  become: true
-  tasks:
-    - name: "Include users"
-      include_role:
-        name: "users"