diff --git a/home/dot_local/share/ansible/.config/molecule/config.yml b/home/dot_local/share/ansible/.config/molecule/config.yml
new file mode 100644
index 00000000..15ae68e3
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/config.yml
@@ -0,0 +1,27 @@
+---
+dependency:
+ name: shell
+ command: |
+ if type task > /dev/null; then
+ task ansible:test:molecule:dependencies
+ else
+ ansible-galaxy install --ignore-errors -r requirements.yml
+ fi
+provisioner:
+ name: ansible
+ options:
+ vvv: true
+ playbooks:
+ converge: ../converge.yml
+ prepare: ../../.config/molecule/prepare.yml
+ docker:
+ create: ../../.config/molecule/docker.create.yml
+ destroy: ../../.config/molecule/docker.destroy.yml
+ gce:
+ create: ../../.config/molecule/gce.create.yml
+ destroy: ../../.config/molecule/gce.destroy.yml
+ vagrant:
+ create: ../../.config/molecule/vagrant.create.yml
+ destroy: ../../.config/molecule/vagrant.destroy.yml
+verifier:
+ name: ansible
diff --git a/home/dot_local/share/ansible/.config/molecule/docker.create.yml b/home/dot_local/share/ansible/.config/molecule/docker.create.yml
new file mode 100644
index 00000000..319a98a9
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/docker.create.yml
@@ -0,0 +1,179 @@
+---
+# yamllint disable rule:line-length
+- name: Update platforms
+ hosts: localhost
+ tasks:
+ - name: Filtering platforms list using the group defined in the MOLECULE_GROUP environment variable
+ set_fact:
+ molecule_yml: "{{ molecule_yml | combine({'platforms': (molecule_yml.platforms | selectattr('groups', 'contains', lookup('env', 'MOLECULE_GROUP')))}) }}"
+ when: ansible_env.MOLECULE_GROUP is defined
+
+- name: Create
+ hosts: localhost
+ connection: local
+ gather_facts: false
+ no_log: '{{ molecule_no_log }}'
+ vars:
+ molecule_labels:
+ owner: molecule
+ tasks:
+ - name: Log into a Docker registry
+ community.docker.docker_login:
+ username: '{{ item.registry.credentials.username }}'
+ password: '{{ item.registry.credentials.password }}'
+ email: '{{ item.registry.credentials.email | default(omit) }}'
+ registry: '{{ item.registry.url }}'
+ docker_host: "{{ item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}"
+ cacert_path: "{{ item.cacert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/ca.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ cert_path: "{{ item.cert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/cert.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ key_path: "{{ item.key_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/key.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ tls_verify: "{{ item.tls_verify | default(lookup('env', 'DOCKER_TLS_VERIFY')) or false }}"
+ with_items: '{{ molecule_yml.platforms }}'
+ when:
+ - item.registry is defined
+ - item.registry.credentials is defined
+ - item.registry.credentials.username is defined
+ no_log: true
+
+ - name: Check presence of custom Dockerfiles
+ ansible.builtin.stat:
+ path: "{{ molecule_scenario_directory + '/' + (item.dockerfile | default( 'Dockerfile.j2')) }}"
+ loop: '{{ molecule_yml.platforms }}'
+ register: dockerfile_stats
+
+ - name: Create Dockerfiles from image names
+ ansible.builtin.template:
+ # when using embedded playbooks the dockerfile is alonside them
+ src: >-
+ {%- if dockerfile_stats.results[i].stat.exists -%}
+ {{ molecule_scenario_directory + '/' + (item.dockerfile | default( 'Dockerfile.j2')) }}
+ {%- else -%}
+ {{ playbook_dir + '/Dockerfile.j2' }}
+ {%- endif -%}
+ dest: "{{ molecule_ephemeral_directory }}/Dockerfile_{{ item.image | regex_replace('[^a-zA-Z0-9_]', '_') }}"
+ mode: '0600'
+ loop: '{{ molecule_yml.platforms }}'
+ loop_control:
+ index_var: i
+ when: not item.pre_build_image | default(false)
+ register: platforms
+
+ - name: Discover local Docker images
+ community.docker.docker_image_info:
+ name: 'molecule_local/{{ item.item.name }}'
+ docker_host: "{{ item.item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}"
+ cacert_path: "{{ item.cacert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/ca.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ cert_path: "{{ item.cert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/cert.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ key_path: "{{ item.key_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/key.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ tls_verify: "{{ item.tls_verify | default(lookup('env', 'DOCKER_TLS_VERIFY')) or false }}"
+ with_items: '{{ platforms.results }}'
+ when:
+ - not item.pre_build_image | default(false)
+ register: docker_images
+
+ - name: Build an Ansible compatible image (new) # noqa: no-handler
+ when:
+ - platforms.changed or docker_images.results | map(attribute='images') | select('equalto', []) | list | count >= 0
+ - not item.item.pre_build_image | default(false)
+ community.docker.docker_image:
+ build:
+ path: '{{ molecule_ephemeral_directory }}'
+ dockerfile: '{{ item.invocation.module_args.dest }}'
+ pull: '{{ item.item.pull | default(true) }}'
+ network: '{{ item.item.network_mode | default(omit) }}'
+ args: '{{ item.item.buildargs | default(omit) }}'
+ name: 'molecule_local/{{ item.item.image }}'
+ docker_host: "{{ item.item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}"
+ cacert_path: "{{ item.cacert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/ca.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ cert_path: "{{ item.cert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/cert.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ key_path: "{{ item.key_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/key.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ tls_verify: "{{ item.tls_verify | default(lookup('env', 'DOCKER_TLS_VERIFY')) or false }}"
+ force_source: '{{ item.item.force | default(true) }}'
+ source: build
+ with_items: '{{ platforms.results }}'
+ loop_control:
+ label: 'molecule_local/{{ item.item.image }}'
+ no_log: false
+ register: result
+ until: result is not failed
+ retries: 3
+ delay: 30
+
+ - name: Create docker network(s)
+ ansible.builtin.include_tasks: tasks/create_network.yml
+ with_items: '{{ molecule_yml.platforms | molecule_get_docker_networks(molecule_labels) }}'
+ loop_control:
+ label: '{{ item.name }}'
+ no_log: false
+
+ - name: Determine the CMD directives
+ ansible.builtin.set_fact:
+ command_directives_dict: >-
+ {{ command_directives_dict | default({}) |
+ combine({ item.name: item.command | default('bash -c "while true; do sleep 10000; done"') })
+ }}
+ with_items: '{{ molecule_yml.platforms }}'
+ when: item.override_command | default(true)
+
+ - name: Create molecule instance(s)
+ community.docker.docker_container:
+ name: '{{ item.name }}'
+ docker_host: "{{ item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}"
+ cacert_path: "{{ item.cacert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/ca.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ cert_path: "{{ item.cert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/cert.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ key_path: "{{ item.key_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/key.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ tls_verify: "{{ item.tls_verify | default(lookup('env', 'DOCKER_TLS_VERIFY')) or false }}"
+ hostname: '{{ item.hostname | default(item.name) }}'
+ image: "{{ item.pre_build_image | default(false) | ternary('', 'molecule_local/') }}{{ item.image }}"
+ pull: '{{ item.pull | default(omit) }}'
+ memory: '{{ item.memory | default(omit) }}'
+ memory_swap: '{{ item.memory_swap | default(omit) }}'
+ state: started
+ recreate: false
+ log_driver: json-file
+ command: '{{ (command_directives_dict | default({}))[item.name] | default(omit) }}'
+ command_handling: "{{ item.command_handling | default('compatibility') }}"
+ user: '{{ item.user | default(omit) }}'
+ pid_mode: '{{ item.pid_mode | default(omit) }}'
+ privileged: '{{ item.privileged | default(omit) }}'
+ security_opts: '{{ item.security_opts | default(omit) }}'
+ devices: '{{ item.devices | default(omit) }}'
+ links: '{{ item.links | default(omit) }}'
+ volumes: '{{ item.volumes | default(omit) }}'
+ mounts: '{{ item.mounts | default(omit) }}'
+ tmpfs: '{{ item.tmpfs | default(omit) }}'
+ capabilities: '{{ item.capabilities | default(omit) }}'
+ sysctls: '{{ item.sysctls | default(omit) }}'
+ exposed_ports: '{{ item.exposed_ports | default(omit) }}'
+ published_ports: '{{ item.published_ports | default(omit) }}'
+ ulimits: '{{ item.ulimits | default(omit) }}'
+ networks: '{{ item.networks | default(omit) }}'
+ network_mode: '{{ item.network_mode | default(omit) }}'
+ networks_cli_compatible: '{{ item.networks_cli_compatible | default(true) }}'
+ purge_networks: '{{ item.purge_networks | default(omit) }}'
+ dns_servers: '{{ item.dns_servers | default(omit) }}'
+ etc_hosts: '{{ item.etc_hosts | default(omit) }}'
+ env: '{{ item.env | default(omit) }}'
+ restart_policy: '{{ item.restart_policy | default(omit) }}'
+ restart_retries: '{{ item.restart_retries | default(omit) }}'
+ tty: '{{ item.tty | default(omit) }}'
+ labels: '{{ molecule_labels | combine(item.labels | default({})) }}'
+ container_default_behavior: "{{ item.container_default_behavior | default('compatibility'
+ if ansible_version.full is version_compare('2.10', '>=') else omit) }}"
+ stop_signal: '{{ item.stop_signal | default(omit) }}'
+ kill_signal: '{{ item.kill_signal | default(omit) }}'
+ register: server
+ with_items: '{{ molecule_yml.platforms }}'
+ loop_control:
+ label: '{{ item.name }}'
+ no_log: false
+ async: 7200
+ poll: 0
+
+ - name: Wait for instance(s) creation to complete
+ ansible.builtin.async_status:
+ jid: '{{ item.ansible_job_id }}'
+ register: docker_jobs
+ until: docker_jobs.finished
+ retries: 300
+ with_items: '{{ server.results }}'
diff --git a/home/dot_local/share/ansible/.config/molecule/docker.destroy.yml b/home/dot_local/share/ansible/.config/molecule/docker.destroy.yml
new file mode 100644
index 00000000..556d99d8
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/docker.destroy.yml
@@ -0,0 +1,53 @@
+---
+# yamllint disable rule:line-length
+- name: Update platforms
+ hosts: localhost
+ tasks:
+ - name: Filtering platforms list using the group defined in the MOLECULE_GROUP environment variable
+ set_fact:
+ molecule_yml: "{{ molecule_yml | combine({'platforms': (molecule_yml.platforms | selectattr('groups', 'contains', lookup('env', 'MOLECULE_GROUP')))}) }}"
+ when: ansible_env.MOLECULE_GROUP is defined
+
+- name: Destroy
+ hosts: localhost
+ connection: local
+ gather_facts: false
+ no_log: '{{ molecule_no_log }}'
+ tasks:
+ - name: Destroy molecule instance(s)
+ community.docker.docker_container:
+ name: '{{ item.name }}'
+ docker_host: "{{ item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}"
+ cacert_path: "{{ item.cacert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/ca.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ cert_path: "{{ item.cert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/cert.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ key_path: "{{ item.key_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/key.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
+ tls_verify: "{{ item.tls_verify | default(lookup('env', 'DOCKER_TLS_VERIFY')) or false }}"
+ state: absent
+ force_kill: '{{ item.force_kill | default(true) }}'
+ keep_volumes: '{{ item.keep_volumes | default(true) }}'
+ container_default_behavior: "{{ item.container_default_behavior | default('compatibility' if
+ ansible_version.full is version_compare('2.10', '>=') else omit) }}"
+ register: server
+ loop: '{{ molecule_yml.platforms }}'
+ loop_control:
+ label: '{{ item.name }}'
+ no_log: false
+ async: 7200
+ poll: 0
+
+ - name: Wait for instance(s) deletion to complete
+ ansible.builtin.async_status:
+ jid: '{{ item.ansible_job_id }}'
+ register: docker_jobs
+ until: docker_jobs.finished
+ retries: 300
+ loop: '{{ server.results }}'
+ loop_control:
+ label: '{{ item.item.name }}'
+
+ - name: Delete docker networks(s)
+ include_tasks: tasks/delete_network.yml
+ loop: '{{ molecule_yml.platforms | molecule_get_docker_networks() }}'
+ loop_control:
+ label: '{{ item.name }}'
+ no_log: false
diff --git a/home/dot_local/share/ansible/.config/molecule/files/windows_auth.py b/home/dot_local/share/ansible/.config/molecule/files/windows_auth.py
new file mode 100644
index 00000000..25204299
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/files/windows_auth.py
@@ -0,0 +1,224 @@
+#!/usr/bin/env python
+
+# Copyright 2015 Google Inc. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import base64
+import copy
+import datetime
+import json
+import time
+import argparse
+
+# PyCrypto library: https://pypi.python.org/pypi/pycrypto
+from Crypto.Cipher import PKCS1_OAEP
+from Crypto.PublicKey import RSA
+from Crypto.Util.number import long_to_bytes
+
+# Google API Client Library for Python:
+# https://developers.google.com/api-client-library/python/start/get_started
+import google.auth
+from googleapiclient.discovery import build
+
+
+def GetCompute():
+ """Get a compute object for communicating with the Compute Engine API."""
+ credentials, project = google.auth.default()
+ compute = build("compute", "v1", credentials=credentials)
+ return compute
+
+
+def GetInstance(compute, instance, zone, project):
+ """Get the data for a Google Compute Engine instance."""
+ cmd = compute.instances().get(instance=instance, project=project, zone=zone)
+ return cmd.execute()
+
+
+def GetKey():
+ """Get an RSA key for encryption."""
+ # This uses the PyCrypto library
+ key = RSA.generate(2048)
+ return key
+
+
+def GetModulusExponentInBase64(key):
+ """Return the public modulus and exponent for the key in bas64 encoding."""
+ mod = long_to_bytes(key.n)
+ exp = long_to_bytes(key.e)
+
+ modulus = base64.b64encode(mod)
+ exponent = base64.b64encode(exp)
+
+ return modulus, exponent
+
+
+def GetExpirationTimeString():
+ """Return an RFC3339 UTC timestamp for 5 minutes from now."""
+ utc_now = datetime.datetime.utcnow()
+ # These metadata entries are one-time-use, so the expiration time does
+ # not need to be very far in the future. In fact, one minute would
+ # generally be sufficient. Five minutes allows for minor variations
+ # between the time on the client and the time on the server.
+ expire_time = utc_now + datetime.timedelta(minutes=5)
+ return expire_time.strftime("%Y-%m-%dT%H:%M:%SZ")
+
+
+def GetJsonString(user, modulus, exponent, email):
+ """Return the JSON string object that represents the windows-keys entry."""
+
+ converted_modulus = modulus.decode("utf-8")
+ converted_exponent = exponent.decode("utf-8")
+
+ expire = GetExpirationTimeString()
+ data = {
+ "userName": user,
+ "modulus": converted_modulus,
+ "exponent": converted_exponent,
+ "email": email,
+ "expireOn": expire,
+ }
+
+ return json.dumps(data)
+
+
+def UpdateWindowsKeys(old_metadata, metadata_entry):
+ """Return updated metadata contents with the new windows-keys entry."""
+ # Simply overwrites the "windows-keys" metadata entry. Production code may
+ # want to append new lines to the metadata value and remove any expired
+ # entries.
+ new_metadata = copy.deepcopy(old_metadata)
+ new_metadata["items"] = [{"key": "windows-keys", "value": metadata_entry}]
+ return new_metadata
+
+
+def UpdateInstanceMetadata(compute, instance, zone, project, new_metadata):
+ """Update the instance metadata."""
+ cmd = compute.instances().setMetadata(
+ instance=instance, project=project, zone=zone, body=new_metadata
+ )
+ return cmd.execute()
+
+
+def GetSerialPortFourOutput(compute, instance, zone, project):
+ """Get the output from serial port 4 from the instance."""
+ # Encrypted passwords are printed to COM4 on the windows server:
+ port = 4
+ cmd = compute.instances().getSerialPortOutput(
+ instance=instance, project=project, zone=zone, port=port
+ )
+ output = cmd.execute()
+ return output["contents"]
+
+
+def GetEncryptedPasswordFromSerialPort(serial_port_output, modulus):
+ """Find and return the correct encrypted password, based on the modulus."""
+ # In production code, this may need to be run multiple times if the output
+ # does not yet contain the correct entry.
+
+ converted_modulus = modulus.decode("utf-8")
+
+ output = serial_port_output.split("\n")
+ for line in reversed(output):
+ try:
+ entry = json.loads(line)
+ if converted_modulus == entry["modulus"]:
+ return entry["encryptedPassword"]
+ except ValueError:
+ pass
+
+
+def DecryptPassword(encrypted_password, key):
+ """Decrypt a base64 encoded encrypted password using the provided key."""
+
+ decoded_password = base64.b64decode(encrypted_password)
+ cipher = PKCS1_OAEP.new(key)
+ password = cipher.decrypt(decoded_password)
+ return password
+
+
+def Arguments():
+ # Create the parser
+ args = argparse.ArgumentParser(description="List the content of a folder")
+
+ # Add the arguments
+ args.add_argument(
+ "--instance", metavar="instance", type=str, help="compute instance name"
+ )
+
+ args.add_argument("--zone", metavar="zone", type=str, help="compute zone")
+
+ args.add_argument("--project", metavar="project", type=str, help="gcp project")
+
+ args.add_argument("--username", metavar="username", type=str, help="username")
+
+ args.add_argument("--email", metavar="email", type=str, help="email")
+
+ # return arguments
+ return args.parse_args()
+
+
+def main():
+ config_args = Arguments()
+
+ # Setup
+ compute = GetCompute()
+ key = GetKey()
+ modulus, exponent = GetModulusExponentInBase64(key)
+
+ # Get existing metadata
+ instance_ref = GetInstance(
+ compute, config_args.instance, config_args.zone, config_args.project
+ )
+ old_metadata = instance_ref["metadata"]
+ # Create and set new metadata
+ metadata_entry = GetJsonString(
+ config_args.username, modulus, exponent, config_args.email
+ )
+ new_metadata = UpdateWindowsKeys(old_metadata, metadata_entry)
+
+ # Get Serial output BEFORE the modification
+ serial_port_output = GetSerialPortFourOutput(
+ compute, config_args.instance, config_args.zone, config_args.project
+ )
+
+ UpdateInstanceMetadata(
+ compute,
+ config_args.instance,
+ config_args.zone,
+ config_args.project,
+ new_metadata,
+ )
+
+ # Get and decrypt password from serial port output
+ # Monitor changes from output to get the encrypted password as soon as it's generated, will wait for 30 seconds
+ i = 0
+ new_serial_port_output = serial_port_output
+ while i <= 20 and serial_port_output == new_serial_port_output:
+ new_serial_port_output = GetSerialPortFourOutput(
+ compute, config_args.instance, config_args.zone, config_args.project
+ )
+ i += 1
+ time.sleep(3)
+
+ enc_password = GetEncryptedPasswordFromSerialPort(new_serial_port_output, modulus)
+
+ password = DecryptPassword(enc_password, key)
+ converted_password = password.decode("utf-8")
+
+ # Display only the password
+ print(format(converted_password))
+
+
+if __name__ == "__main__":
+ main()
diff --git a/home/dot_local/share/ansible/.config/molecule/filter_plugins/get_docker_networks.py b/home/dot_local/share/ansible/.config/molecule/filter_plugins/get_docker_networks.py
new file mode 100644
index 00000000..cd57dac3
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/filter_plugins/get_docker_networks.py
@@ -0,0 +1,37 @@
+"""Embedded ansible filter used by Molecule Docker driver create playbook."""
+
+
+def get_docker_networks(data, labels={}):
+ """Get list of docker networks."""
+ network_list = []
+ network_names = []
+ for platform in data:
+ if "docker_networks" in platform:
+ for docker_network in platform["docker_networks"]:
+ if "labels" not in docker_network:
+ docker_network["labels"] = {}
+ for key in labels:
+ docker_network["labels"][key] = labels[key]
+
+ if "name" in docker_network:
+ network_list.append(docker_network)
+ network_names.append(docker_network["name"])
+
+ # If a network name is defined for a platform but is not defined in
+ # docker_networks, add it to the network list.
+ if "networks" in platform:
+ for network in platform["networks"]:
+ if "name" in network:
+ name = network["name"]
+ if name not in network_names:
+ network_list.append({"name": name, "labels": labels})
+ return network_list
+
+
+class FilterModule(object):
+ """Core Molecule filter plugins."""
+
+ def filters(self):
+ return {
+ "molecule_get_docker_networks": get_docker_networks,
+ }
diff --git a/home/dot_local/share/ansible/.config/molecule/gce.create.yml b/home/dot_local/share/ansible/.config/molecule/gce.create.yml
new file mode 100644
index 00000000..56a65b0a
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/gce.create.yml
@@ -0,0 +1,39 @@
+---
+# yamllint disable rule:line-length
+- name: Update platforms
+ hosts: localhost
+ tasks:
+ - name: Filtering platforms list using the group defined in the MOLECULE_GROUP environment variable
+ set_fact:
+ molecule_yml: "{{ molecule_yml | combine({'platforms': (molecule_yml.platforms | selectattr('groups', 'contains', lookup('env', 'MOLECULE_GROUP')))}) }}"
+ when: ansible_env.MOLECULE_GROUP is defined
+
+- name: Create
+ hosts: localhost
+ connection: local
+ gather_facts: false
+ no_log: '{{ molecule_no_log }}'
+ vars:
+ ssh_identity_file: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key"
+ gcp_project_id: "{{ molecule_yml.driver.project_id | default(lookup('env', 'GCE_PROJECT_ID')) }}"
+ tasks:
+ - name: Make sure the group contains only Linux hosts or Windows hosts
+ ansible.builtin.assert:
+ that:
+ - molecule_yml.driver.instance_os_type | lower == "linux" or
+ molecule_yml.driver.instance_os_type | lower == "windows"
+ fail_msg: instance_os_type is possible only to specify linux or windows either
+
+ - name: Include create_linux_instance tasks
+ ansible.builtin.include_tasks: tasks/create_linux_instance.yml
+ when:
+ - molecule_yml.driver.instance_os_type | lower == "linux"
+
+ - name: Include create_windows_instance tasks
+ ansible.builtin.include_tasks: tasks/create_windows_instance.yml
+ when:
+ - molecule_yml.driver.instance_os_type | lower == "windows"
+
+ handlers:
+ - name: Import main handler tasks
+ ansible.builtin.import_tasks: handlers/main.yml
diff --git a/home/dot_local/share/ansible/.config/molecule/gce.destroy.yml b/home/dot_local/share/ansible/.config/molecule/gce.destroy.yml
new file mode 100644
index 00000000..daba9f70
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/gce.destroy.yml
@@ -0,0 +1,46 @@
+---
+# yamllint disable rule:line-length
+- name: Update platforms
+ hosts: localhost
+ tasks:
+ - name: Filtering platforms list using the group defined in the MOLECULE_GROUP environment variable
+ set_fact:
+ molecule_yml: "{{ molecule_yml | combine({'platforms': (molecule_yml.platforms | selectattr('groups', 'contains', lookup('env', 'MOLECULE_GROUP')))}) }}"
+ when: ansible_env.MOLECULE_GROUP is defined
+
+- name: Destroy
+ hosts: localhost
+ connection: local
+ gather_facts: false
+ no_log: '{{ molecule_no_log }}'
+ tasks:
+ - name: Destroy molecule instance(s)
+ google.cloud.gcp_compute_instance:
+ name: '{{ item.name }}'
+ state: absent
+ zone: "{{ item.zone | default(molecule_yml.driver.region + '-b') }}"
+ project: "{{ molecule_yml.driver.project_id | default(lookup('env', 'GCE_PROJECT_ID')) }}"
+ scopes: "{{ molecule_yml.driver.scopes | default(['https://www.googleapis.com/auth/compute'], True) }}"
+ service_account_email: '{{ molecule_yml.driver.service_account_email | default (omit, true) }}'
+ service_account_file: '{{ molecule_yml.driver.service_account_file | default (omit, true) }}'
+ auth_kind: '{{ molecule_yml.driver.auth_kind | default(omit, true) }}'
+ register: async_results
+ loop: '{{ molecule_yml.platforms }}'
+ async: 7200
+ poll: 0
+ notify:
+ - Wipe out instance config
+ - Dump instance config
+
+ - name: Wait for instance(s) deletion to complete
+ ansible.builtin.async_status:
+ jid: '{{ item.ansible_job_id }}'
+ register: server
+ until: server.finished
+ retries: 300
+ delay: 10
+ loop: '{{ async_results.results }}'
+
+ handlers:
+ - name: Import main handler tasks
+ ansible.builtin.import_tasks: handlers/main.yml
diff --git a/home/dot_local/share/ansible/.config/molecule/handlers/main.yml b/home/dot_local/share/ansible/.config/molecule/handlers/main.yml
new file mode 100644
index 00000000..8f760e4f
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/handlers/main.yml
@@ -0,0 +1,51 @@
+---
+# yamllint disable rule:line-length
+- name: Populate instance config dict Linux
+ ansible.builtin.set_fact:
+ instance_conf_dict:
+ instance: '{{ instance_info.name }}'
+
+ address: '{{ instance_info.networkInterfaces.0.accessConfigs.0.natIP if molecule_yml.driver.external_access else instance_info.networkInterfaces.0.networkIP }}'
+ user: "{{ lookup('env','USER') }}"
+ port: '22'
+ identity_file: '{{ ssh_identity_file }}'
+ instance_os_type: '{{ molecule_yml.driver.instance_os_type }}'
+
+ loop: '{{ server.results }}'
+ loop_control:
+ loop_var: instance_info
+ no_log: true
+ register: instance_conf_dict
+
+- name: Populate instance config dict Windows
+ ansible.builtin.set_fact:
+ instance_conf_dict:
+ instance: '{{ instance_info.name }}'
+
+ address: '{{ instance_info.networkInterfaces.0.accessConfigs.0.natIP if molecule_yml.driver.external_access else instance_info.networkInterfaces.0.networkIP }}'
+ user: molecule_usr
+ password: '{{ instance_info.password }}'
+ port: '{{ instance_info.winrm_port | default(5986) }}'
+ winrm_transport: "{{ molecule_yml.driver.winrm_transport | default('ntlm') }}"
+ winrm_server_cert_validation: "{{ molecule_yml.driver.winrm_server_cert_validation | default('ignore') }}"
+ instance_os_type: '{{ molecule_yml.driver.instance_os_type }}'
+
+ loop: '{{ win_instances }}'
+ loop_control:
+ loop_var: instance_info
+ no_log: true
+ register: instance_conf_dict
+
+- name: Wipe out instance config
+ ansible.builtin.set_fact:
+ instance_conf: {}
+
+- name: Convert instance config dict to a list
+ ansible.builtin.set_fact:
+ instance_conf: "{{ instance_conf_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
+
+- name: Dump instance config
+ ansible.builtin.copy:
+ content: '{{ instance_conf }}'
+ dest: '{{ molecule_instance_config }}'
+ mode: '0600'
diff --git a/home/dot_local/share/ansible/.config/molecule/prepare.yml b/home/dot_local/share/ansible/.config/molecule/prepare.yml
new file mode 100644
index 00000000..b0dbb51c
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/prepare.yml
@@ -0,0 +1,20 @@
+---
+- name: Prepare
+ hosts: "{{ lookup('env', 'MOLECULE_GROUP') | default('all', true) }}"
+ gather_facts: false
+ tasks:
+ - become: true
+ changed_when: false
+ name: Bootstrap Python for Ansible
+ raw: |
+ command -v python3 python || (
+ command -v apk >/dev/null && sudo apk add --no-progress --update python3 ||
+ (test -e /usr/bin/dnf && sudo dnf install -y python3) ||
+ (test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) ||
+ (test -e /usr/bin/yum && sudo yum -y -qq install python3) ||
+ (test -e /usr/sbin/pkg && sudo env ASSUME_ALWAYS_YES=yes pkg update && sudo env ASSUME_ALWAYS_YES=yes pkg install python3) ||
+ (test -e /usr/sbin/pkg_add && sudo /usr/sbin/pkg_add -U -I -x python%3.7) ||
+ echo "Warning: Python not boostrapped due to unknown platform."
+ )
+ when:
+ - ansible_connection != 'winrm'
diff --git a/home/dot_local/share/ansible/.config/molecule/tasks/create_linux_instance.yml b/home/dot_local/share/ansible/.config/molecule/tasks/create_linux_instance.yml
new file mode 100644
index 00000000..4b3acdae
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/tasks/create_linux_instance.yml
@@ -0,0 +1,64 @@
+---
+# yamllint disable rule:line-length
+- name: create ssh keypair
+ community.crypto.openssh_keypair:
+ comment: "{{ lookup('env','USER') }} user for Molecule"
+ path: '{{ ssh_identity_file }}'
+ register: keypair
+
+- name: create molecule Linux instance(s)
+ google.cloud.gcp_compute_instance:
+ state: present
+ name: '{{ item.name }}'
+ machine_type: "{{ item.machine_type | default('n1-standard-1') }}"
+ metadata:
+ ssh-keys: "{{ lookup('env','USER') }}:{{ keypair.public_key }}"
+ scheduling:
+ preemptible: '{{ item.preemptible | default(false) }}'
+ disks:
+ - auto_delete: true
+ boot: true
+ initialize_params:
+ disk_size_gb: '{{ item.disk_size_gb | default(omit) }}'
+ source_image: "{{ item.image | default('projects/debian-cloud/global/images/family/debian-10') }}"
+ source_image_encryption_key:
+ raw_key: '{{ item.image_encryption_key | default(omit) }}'
+ network_interfaces:
+ - network:
+ selfLink: "https://www.googleapis.com/compute/v1/projects/{{ molecule_yml.driver.vpc_host_project | default(gcp_project_id) }}/global/networks/{{ molecule_yml.driver.network_name | default('default') }}"
+ subnetwork:
+ selfLink: "https://compute.googleapis.com/compute/v1/projects/{{ molecule_yml.driver.vpc_host_project | default(gcp_project_id) }}/regions/{{ molecule_yml.driver.region }}/subnetworks/{{ molecule_yml.driver.subnetwork_name | default('default') }}"
+ access_configs: "{{ [{'name': 'instance_ip', 'type': 'ONE_TO_ONE_NAT'}] if molecule_yml.driver.external_access else [] }}"
+ zone: "{{ item.zone | default(molecule_yml.driver.region + '-b') }}"
+ project: '{{ gcp_project_id }}'
+ scopes: "{{ molecule_yml.driver.scopes | default(['https://www.googleapis.com/auth/compute'], True) }}"
+ service_account_email: '{{ molecule_yml.driver.service_account_email | default (omit, true) }}'
+ service_account_file: '{{ molecule_yml.driver.service_account_file | default (omit, true) }}'
+ auth_kind: '{{ molecule_yml.driver.auth_kind | default(omit, true) }}'
+ register: async_results
+ loop: '{{ molecule_yml.platforms }}'
+ loop_control:
+ pause: 3
+ async: 7200
+ poll: 0
+
+- name: Wait for instance(s) creation to complete
+ ansible.builtin.async_status:
+ jid: '{{ item.ansible_job_id }}'
+ loop: '{{ async_results.results }}'
+ register: server
+ until: server.finished
+ retries: 300
+ delay: 10
+ notify:
+ - Populate instance config dict Linux
+ - Convert instance config dict to a list
+ - Dump instance config
+
+- name: Wait for SSH
+ ansible.builtin.wait_for:
+ port: 22
+ host: '{{ item.networkInterfaces.0.accessConfigs.0.natIP if molecule_yml.driver.external_access else item.networkInterfaces.0.networkIP }}'
+ search_regex: SSH
+ delay: 10
+ loop: '{{ server.results }}'
diff --git a/home/dot_local/share/ansible/.config/molecule/tasks/create_windows_instance.yml b/home/dot_local/share/ansible/.config/molecule/tasks/create_windows_instance.yml
new file mode 100644
index 00000000..437b5411
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/tasks/create_windows_instance.yml
@@ -0,0 +1,65 @@
+---
+# yamllint disable rule:line-length
+- name: create ssh keypair
+ community.crypto.openssh_keypair:
+ comment: "{{ lookup('env','USER') }} user for Molecule"
+ path: '{{ ssh_identity_file }}'
+ register: keypair
+
+- name: create molecule Linux instance(s)
+ google.cloud.gcp_compute_instance:
+ state: present
+ name: '{{ item.name }}'
+ machine_type: "{{ item.machine_type | default('n1-standard-1') }}"
+ metadata:
+ ssh-keys: "{{ lookup('env','USER') }}:{{ keypair.public_key }}"
+ scheduling:
+ preemptible: '{{ item.preemptible | default(false) }}'
+ disks:
+ - auto_delete: true
+ boot: true
+ initialize_params:
+ disk_size_gb: '{{ item.disk_size_gb | default(omit) }}'
+ source_image: "{{ item.image | default('projects/debian-cloud/global/images/family/debian-10') }}"
+ source_image_encryption_key:
+ raw_key: '{{ item.image_encryption_key | default(omit) }}'
+ network_interfaces:
+ - network:
+ selfLink: "https://www.googleapis.com/compute/v1/projects/{{ molecule_yml.driver.vpc_host_project | default(gcp_project_id) }}/global/networks/{{ molecule_yml.driver.network_name | default('default') }}"
+ subnetwork:
+ selfLink: "https://compute.googleapis.com/compute/v1/projects/{{ molecule_yml.driver.vpc_host_project | default(gcp_project_id) }}/regions/{{ molecule_yml.driver.region }}/subnetworks/{{ molecule_yml.driver.subnetwork_name | default('default') }}"
+ access_configs: "{{ [{'name': 'instance_ip', 'type': 'ONE_TO_ONE_NAT'}] if molecule_yml.driver.external_access else [] }}"
+ zone: "{{ item.zone | default(molecule_yml.driver.region + '-b') }}"
+ project: '{{ gcp_project_id }}'
+ scopes: "{{ molecule_yml.driver.scopes | default(['https://www.googleapis.com/auth/compute'], True) }}"
+ service_account_email: '{{ molecule_yml.driver.service_account_email | default (omit, true) }}'
+ service_account_file: '{{ molecule_yml.driver.service_account_file | default (omit, true) }}'
+ auth_kind: '{{ molecule_yml.driver.auth_kind | default(omit, true) }}'
+ register: async_results
+ loop: '{{ molecule_yml.platforms }}'
+ loop_control:
+ pause: 3
+ async: 7200
+ poll: 0
+
+- name: Wait for instance(s) creation to complete
+ ansible.builtin.async_status:
+ jid: '{{ item.ansible_job_id }}'
+ loop: '{{ async_results.results }}'
+ register: server
+ until: server.finished
+ retries: 300
+ delay: 10
+ notify:
+ - Populate instance config dict Linux
+ - Convert instance config dict to a list
+ - Dump instance config
+
+- name: Wait for SSH
+ ansible.builtin.wait_for:
+ port: 22
+
+ host: "{{ item.networkInterfaces.0.accessConfigs.0.natIP if molecule_yml.driver.external_access else (item.name + '.' + item.zone + '.' + molecule_yml.driver.project_id) }}"
+ search_regex: SSH
+ delay: 10
+ loop: '{{ server.results }}'
diff --git a/home/dot_local/share/ansible/.config/molecule/vagrant.create.yml b/home/dot_local/share/ansible/.config/molecule/vagrant.create.yml
new file mode 100644
index 00000000..cb677d02
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/vagrant.create.yml
@@ -0,0 +1,63 @@
+---
+# yamllint disable rule:line-length
+- name: Update platforms
+ hosts: localhost
+ tasks:
+ - name: Filtering platforms list using the group defined in the MOLECULE_GROUP environment variable
+ set_fact:
+ molecule_yml: "{{ molecule_yml | combine({'platforms': (molecule_yml.platforms | selectattr('groups', 'contains', lookup('env', 'MOLECULE_GROUP')))}) }}"
+ when: ansible_env.MOLECULE_GROUP is defined
+
+- name: Create
+ hosts: localhost
+ connection: local
+ gather_facts: false
+ no_log: '{{ molecule_no_log }}'
+ tasks:
+ - name: Create molecule instance(s)
+ vagrant:
+ instance_name: '{{ item.name }}'
+ instance_interfaces: '{{ item.interfaces | default(omit) }}'
+ instance_raw_config_args: '{{ item.instance_raw_config_args | default(omit) }}'
+ config_options: '{{ item.config_options | default(omit) }}'
+ platform_box: '{{ item.box | default("generic/alpine310") }}'
+ platform_box_version: '{{ item.box_version | default(omit) }}'
+ platform_box_url: '{{ item.box_url | default(omit) }}'
+ provider_name: '{{ molecule_yml.driver.provider.name | default(omit, true) }}'
+ provider_memory: '{{ item.memory | default(omit) }}'
+ provider_cpus: '{{ item.cpus | default(omit) }}'
+ provider_options: '{{ item.provider_options | default(omit) }}'
+ provider_raw_config_args: '{{ item.provider_raw_config_args | default(omit) }}'
+ provider_override_args: '{{ item.provider_override_args | default(omit) }}'
+ provision: '{{ item.provision | default(omit) }}'
+ state: up
+ register: server
+ with_items: '{{ molecule_yml.platforms }}'
+ loop_control:
+ label: '{{ item.name }}'
+ no_log: false
+
+ - name: Run tasks if there were changes while creating the molecule instance(s)
+ when: server.changed | bool
+ block:
+ - name: Populate instance config dict
+ set_fact:
+ instance_conf_dict:
+ instance: '{{ item.Host }}'
+ address: '{{ item.HostName }}'
+ user: '{{ item.User }}'
+ port: '{{ item.Port }}'
+ identity_file: '{{ item.IdentityFile }}'
+
+ with_items: '{{ server.results }}'
+ register: instance_config_dict
+
+ - name: Convert instance config dict to a list
+ set_fact:
+ instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
+
+ - name: Dump instance config
+ copy:
+ content: '{{ instance_conf | to_json | from_json | to_yaml }}'
+ dest: '{{ molecule_instance_config }}'
+ mode: 0600
diff --git a/home/dot_local/share/ansible/.config/molecule/vagrant.destroy.yml b/home/dot_local/share/ansible/.config/molecule/vagrant.destroy.yml
new file mode 100644
index 00000000..fa60bb3b
--- /dev/null
+++ b/home/dot_local/share/ansible/.config/molecule/vagrant.destroy.yml
@@ -0,0 +1,43 @@
+---
+# yamllint disable rule:line-length
+- name: Update platforms
+ hosts: localhost
+ tasks:
+ - name: Filtering platforms list using the group defined in the MOLECULE_GROUP environment variable
+ set_fact:
+ molecule_yml: "{{ molecule_yml | combine({'platforms': (molecule_yml.platforms | selectattr('groups', 'contains', lookup('env', 'MOLECULE_GROUP')))}) }}"
+ when: ansible_env.MOLECULE_GROUP is defined
+
+- name: Destroy
+ hosts: localhost
+ connection: local
+ gather_facts: false
+ no_log: '{{ molecule_no_log }}'
+ tasks:
+ - name: Destroy molecule instance(s)
+ vagrant:
+ instance_name: '{{ item.name }}'
+ platform_box: '{{ item.box | default(omit) }}'
+ provider_name: '{{ molecule_yml.driver.provider.name | default(omit, true) }}'
+ provider_options: '{{ item.provider_options | default(omit) }}'
+ provider_raw_config_args: '{{ item.provider_raw_config_args | default(omit) }}'
+ force_stop: '{{ item.force_stop | default(true) }}'
+ state: destroy
+ register: server
+ with_items: '{{ molecule_yml.platforms }}'
+ loop_control:
+ label: '{{ item.name }}'
+ no_log: false
+
+ - name: Populate instance config
+ set_fact:
+ instance_conf: {}
+
+ - name: Dump instance config # noqa 503
+ copy:
+ content: |
+ # Molecule managed
+ {{ instance_conf | to_json | from_json | to_yaml }}
+ dest: '{{ molecule_instance_config }}'
+ mode: 0600
+ when: server.changed | bool
diff --git a/home/dot_local/share/ansible/environments/dev/files/GoogleAPI/googleassistant-client-secret.json b/home/dot_local/share/ansible/environments/dev/files/GoogleAPI/googleassistant-client-secret.json
new file mode 100644
index 00000000..849e7d8b
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/files/GoogleAPI/googleassistant-client-secret.json
@@ -0,0 +1,11 @@
+{
+ "installed": {
+ "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+ "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+ "client_id": "0000000000-abcdefgxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com",
+ "client_secret": "GOCSPX-XXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "project_id": "test-role",
+ "redirect_uris": ["urn:ietf:wg:oauth:2.0:oob", "http://localhost"],
+ "token_uri": "https://accounts.google.com/o/oauth2/token"
+ }
+}
diff --git a/home/dot_local/share/ansible/environments/dev/files/GoogleAPI/rclone-client_secret.json b/home/dot_local/share/ansible/environments/dev/files/GoogleAPI/rclone-client_secret.json
new file mode 100644
index 00000000..0e61fc96
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/files/GoogleAPI/rclone-client_secret.json
@@ -0,0 +1,11 @@
+{
+ "installed": {
+ "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+ "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+ "client_id": "0000000000-abcdefgxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com",
+ "client_secret": "GOCSPX-XXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ "project_id": "rclone-test",
+ "redirect_uris": ["urn:ietf:wg:oauth:2.0:oob", "http://localhost"],
+ "token_uri": "https://oauth2.googleapis.com/token"
+ }
+}
diff --git a/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa b/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa
new file mode 100644
index 00000000..9931e6d0
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa
@@ -0,0 +1,49 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAACFwAAAAdzc2gtcn
+NhAAAAAwEAAQAAAgEAyqBYvt5cMi2IafRJ6M2l7cEsqMy3LjzL/CxAbuyF2UDceq6WMFzT
+cY4EFJpVawD4toCH8DWogPO7XdX2GQUQpjOInQEdRetM2pNCNNsrNqbWwejk2kWPQU/KLM
+pZShCm7Mi2iASt/55Fp4wSkBioG+FQm9mg/nY9/9LCHyLTRl5WTTZxZWVkWIErQRe1Dbu+
+shr4pPDGomGmi7fPlzanPuOyo8jK5c+oqjMnQRnXYbgcO1Ct5Y80HlZgBlhLo5wFFtGOOq
+2C1DvMiXdoHldehpbMiitTn+9geC7iRZecNs76Rc2UwvQCpn4n4TqlJxJJtn06PXstOHUt
+M+UwcbqjO8Aw2Crxd1ZsZhCWh3uczKUskTnzQi/Kn6q74i9FJ5H1HhKJZ26XjgeRv0r/+Z
+pp5QGFwLr1lgtgDbmCZ5Hl7ptEVFU76dePqylxXDGRaa0xJAMkJL9D8hVFpLEPgphyNCxd
+CnRZGZmNdDj+X7QVrNAi47bpemFmIaizv+61g4opZ5NoLTHsVYviSjERYHGP8DAhohuEt/
+7LQyOfbti6/WY+DuTwuyMJuB42W9+wMCYZYqpHEzaaxqV/U84f/AXcgM2kmz91ioQ0X50E
+1yFxh4GLEg0PqClNm08POWhRhnPLT4z8PwGEFlDRatmjtDazoB5naPV6yiOwHidhSRzo6W
+sAAAdIFj7t4xY+7eMAAAAHc3NoLXJzYQAAAgEAyqBYvt5cMi2IafRJ6M2l7cEsqMy3LjzL
+/CxAbuyF2UDceq6WMFzTcY4EFJpVawD4toCH8DWogPO7XdX2GQUQpjOInQEdRetM2pNCNN
+srNqbWwejk2kWPQU/KLMpZShCm7Mi2iASt/55Fp4wSkBioG+FQm9mg/nY9/9LCHyLTRl5W
+TTZxZWVkWIErQRe1Dbu+shr4pPDGomGmi7fPlzanPuOyo8jK5c+oqjMnQRnXYbgcO1Ct5Y
+80HlZgBlhLo5wFFtGOOq2C1DvMiXdoHldehpbMiitTn+9geC7iRZecNs76Rc2UwvQCpn4n
+4TqlJxJJtn06PXstOHUtM+UwcbqjO8Aw2Crxd1ZsZhCWh3uczKUskTnzQi/Kn6q74i9FJ5
+H1HhKJZ26XjgeRv0r/+Zpp5QGFwLr1lgtgDbmCZ5Hl7ptEVFU76dePqylxXDGRaa0xJAMk
+JL9D8hVFpLEPgphyNCxdCnRZGZmNdDj+X7QVrNAi47bpemFmIaizv+61g4opZ5NoLTHsVY
+viSjERYHGP8DAhohuEt/7LQyOfbti6/WY+DuTwuyMJuB42W9+wMCYZYqpHEzaaxqV/U84f
+/AXcgM2kmz91ioQ0X50E1yFxh4GLEg0PqClNm08POWhRhnPLT4z8PwGEFlDRatmjtDazoB
+5naPV6yiOwHidhSRzo6WsAAAADAQABAAACAEpGIqG8coE2LZXhJSKAF32iXNN3TwJU6NUE
+B45hhuLPIsKZspYBwMQUMay3se3qSkDjtnC3yo+SSDEqV+5t699wbnhWyzsw+Ff6uL8VQ6
+7h00D7NMBJ1Sw0qkBm3/oFRprvK/GJ/ZoAkznKX5eQYjbuDZVDXf9IqotW3y94nYdi1zGw
+bjqjwveqSYevv/9LvagduN0FIVquftUiSKb+Mqob3wSoeq9owkO5Qn9bkJbSXQ7lEQlfx9
+QDB2nr/bX4X+kwYXli1t0jGmOdcH4GurCNIGbZYOr0XSFQ1kJ6Q5nXnuftZsVbmokbH1Ux
+IQ7EZl7NYobc2wOh+DLYpTxbFLAPYSzkJ5vrPzRBCZF8Tl+ik439D/AISW5YzXwhHuU2+H
+KkUkKJF7xo8SHLOgag9hvhnZwTQT4uyY1PYwkpmnQLNMMawzDY7t30t7EnT+FdTJw5sEy0
+atDo2QYPpodHA9+FwgYJD4KdpgHTdACMVVcAL4gRllSxWVI0F8siuybM+CCABRvouMu8rQ
+mu148uiLnP/v2o9jU+b/SsjbxDTe/X4eKgR68LotD6Ioo0cZl/vfWY3ri7kUy36Laa1f/z
+XB5DRGnMl7LueCJa8KWMeHd1Gf2FAKd9lkcspZnYqfh2agvQJFVQZiK0PaD8AmhyccnXyo
+tIWPhQJzfPDmZdyeJRAAABAQCgZmJgrMH2O54CVJ5HUeiZ/aEGcpSOUcWjOroS7ZXBY/4Y
+KE5qW74RAufv3Yf3xsjDdE8FmSbixyM87doJHGW27QlceVySjJ1TSWu1IMpFfAiWLk1sBb
+cD3LNUiHaq7YgrFWMuphoYXh7/NzfYyiKPr2UFYOlFvj5TZfu8ENLoWXpy99eA1pr5Mfhb
+ppxUqMpLZ4nJKoRgD39A3/bXIqVqzpEIN0xSOwADAns5E2ybcnjtzYmaO42EhqnMPBztiw
+vuJmUAgMXV+4URIoV2UL9zehZbareTm4kcM9NFMeEDeMpyPBAEFzQqne6XOKiF0uKONmx2
+n/B0hXWrwLsFo+IdAAABAQD9iB8Um4Ho8FJEnb1bpaBsU5UhivTbBCPDTy/6JMZrJQxW44
+eFuyeK75kfgwiqjHuvnURVRfSxH55RQADbmjnvCJoD0XV0BCctKROk/GrF/IXuOmOBoeiq
+lpSXoH4huL/oYiLhuJnYwK0YPgxjQf6xBPBh0cO+mayySjh92Hyx26SHC9XQrN2TONpf27
+LS5LFtbphNYyZe+XFw6vQZ6148YoD7x83dVgxODQqZzm3kjh/uDapCWUb+0Ke3CtarwUuP
+0i4LTBp3aSReuOvXSPJIia5HmpYACEMFXeZ6ny6WLYU+equNZuDGxvdzV/AA9iKCQFN7a7
+wWWRUAHeIcKoOjAAABAQDMmVp/PkTEOhZUlueJu3nVY44laLox8fHmgormaur2Wc7dv+ju
+jyrrsyjctPE/A18SRfJCUFtfDMhFp3jKDpASTYrGJLvOnQk0zBroUrSSjQoHRGpvsQFwSj
+NVQ2wy1J9VC8Ev8/l4LiFRuuwwjLccKNP61r+qVSbpBxqGvO86nD3ffZReWj5QnKqhqHKt
+jpYVHlTGG7SicGAVjMaF4dJGFufGX7gHevNyQwndP4wAGQqLq4i/+ZX5YeiHGMgzOFt+em
+dPiHHvM0A9jPNCa/mfKgFpjd+4vb55MN2kB9E6WqQ6qYsiPFta3y7konvaqunUq54PzPTe
+nc5AkfUNKp+ZAAAAD2VtYWlsQGVtYWlsLmNvbQECAw==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa.pub b/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa.pub
new file mode 100644
index 00000000..2744c890
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDKoFi+3lwyLYhp9EnozaXtwSyozLcuPMv8LEBu7IXZQNx6rpYwXNNxjgQUmlVrAPi2gIfwNaiA87td1fYZBRCmM4idAR1F60zak0I02ys2ptbB6OTaRY9BT8osyllKEKbsyLaIBK3/nkWnjBKQGKgb4VCb2aD+dj3/0sIfItNGXlZNNnFlZWRYgStBF7UNu76yGvik8MaiYaaLt8+XNqc+47KjyMrlz6iqMydBGddhuBw7UK3ljzQeVmAGWEujnAUW0Y46rYLUO8yJd2geV16GlsyKK1Of72B4LuJFl5w2zvpFzZTC9AKmfifhOqUnEkm2fTo9ey04dS0z5TBxuqM7wDDYKvF3VmxmEJaHe5zMpSyROfNCL8qfqrviL0UnkfUeEolnbpeOB5G/Sv/5mmnlAYXAuvWWC2ANuYJnkeXum0RUVTvp14+rKXFcMZFprTEkAyQkv0PyFUWksQ+CmHI0LF0KdFkZmY10OP5ftBWs0CLjtul6YWYhqLO/7rWDiilnk2gtMexVi+JKMRFgcY/wMCGiG4S3/stDI59u2Lr9Zj4O5PC7Iwm4HjZb37AwJhliqkcTNprGpX9Tzh/8BdyAzaSbP3WKhDRfnQTXIXGHgYsSDQ+oKU2bTw85aFGGc8tPjPw/AYQWUNFq2aO0NrOgHmdo9XrKI7AeJ2FJHOjpaw== email@email.com
diff --git a/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa_local b/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa_local
new file mode 100644
index 00000000..6f5c1e73
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa_local
@@ -0,0 +1,49 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAACFwAAAAdzc2gtcn
+NhAAAAAwEAAQAAAgEAyX09YBkwxnXxwHQQNdmNImEaMiCdFc2TZuAEMOXowk6QapBnO5kL
+axgUQttUNkwkSN/28hMRCPcsJF8kGEN5B+EQk9wIo/Q6cHSFOsFDPBGt4NEfyUbFMl8K9V
+uuspUCNp50MtgbVOSQ0Qt0fTtCmkVpmgbGZFq9qU1BdVKapVH3GS0D6WJ+S7XGc9a6f0YM
+IEDQ5Wt23U2dgJX5mLr/1PXVVcQCKqBCqKIT54JYCnKmYpo0u3q/A5QeqGkaxz3/gVB8Ed
+6FlsLL21DDi6nDbwPxNy1hnmIcdILjiDB3vpxQuc3GZnx4ncST29TDMZpBS3OBn7Jxv7ee
+FPG+NUVVD9KraLBpK5OKMOm4lPhku+L3ccoclu+Q+zk5jAKtdNCo6fC8TBof9Vk4dkeCSp
+8dR3b2kQUzafnMBt2YItqvK+rea9BEZABo2zsy2EfWyXNS1IIVnX5O2glg+1E+zgrRDo5/
+EskPI76QghuPwJMNE82ifSCYPyuomAG9nqQL/IviTHdAPkt9aDuRkU4Q+TCaKzdNGW2qlw
+ksydVaE9tbrdEtkYoeYrVmoiAw9/Jo0JgeAQ3ko5y2e1Lq0EfYSCFc/DajZcfM1xHV4BfY
+F4sGDAMmFEly5iFn6FH/UAubQG0YwwA1MRfcb/BORn1rahA9392ZWrak6QGo53fXf5UJ9E
+MAAAdISQl17EkJdewAAAAHc3NoLXJzYQAAAgEAyX09YBkwxnXxwHQQNdmNImEaMiCdFc2T
+ZuAEMOXowk6QapBnO5kLaxgUQttUNkwkSN/28hMRCPcsJF8kGEN5B+EQk9wIo/Q6cHSFOs
+FDPBGt4NEfyUbFMl8K9VuuspUCNp50MtgbVOSQ0Qt0fTtCmkVpmgbGZFq9qU1BdVKapVH3
+GS0D6WJ+S7XGc9a6f0YMIEDQ5Wt23U2dgJX5mLr/1PXVVcQCKqBCqKIT54JYCnKmYpo0u3
+q/A5QeqGkaxz3/gVB8Ed6FlsLL21DDi6nDbwPxNy1hnmIcdILjiDB3vpxQuc3GZnx4ncST
+29TDMZpBS3OBn7Jxv7eeFPG+NUVVD9KraLBpK5OKMOm4lPhku+L3ccoclu+Q+zk5jAKtdN
+Co6fC8TBof9Vk4dkeCSp8dR3b2kQUzafnMBt2YItqvK+rea9BEZABo2zsy2EfWyXNS1IIV
+nX5O2glg+1E+zgrRDo5/EskPI76QghuPwJMNE82ifSCYPyuomAG9nqQL/IviTHdAPkt9aD
+uRkU4Q+TCaKzdNGW2qlwksydVaE9tbrdEtkYoeYrVmoiAw9/Jo0JgeAQ3ko5y2e1Lq0EfY
+SCFc/DajZcfM1xHV4BfYF4sGDAMmFEly5iFn6FH/UAubQG0YwwA1MRfcb/BORn1rahA939
+2ZWrak6QGo53fXf5UJ9EMAAAADAQABAAACAGCS+rv41vwIxBruhmaJI7B6wkeMgj5VDnWc
+oeWeDPY1Gds544EZVfO60ttIrRBpZmrXjlFw+hVGA45bW72VeYlhQsTcDfgns2r7LnB++W
+7tOl4rXgTnOtVt4J7BlvZZnXn4cNF963vBIfhQeUEdCktPQdJltOmc5JMlSF6nfSAILVuP
+y/QtFUPMmJYlMbaXKHC9IGMWIx7neLqNJ9kgqEa2nc5B6JftwIV7SfcI7pHzafSQ3P2PU8
+avVBJ8bi1ZdgHRReZ6taURMQyppVBnyhiH1zIPOl7jv6fIpK4+LObbnYWxL4sn1dgoxIX1
+cKlxuiIj9tlIemTd6ZM4W2bFGINmjXeKJAH1YtGbYZl64bCQHRyhQr9GuqND1N8ViiVogL
+XI+1Sweu3ZMZn2j9CLlpEGf9+LiBcpVAmDQg0rocmNfu2SoU2df0rFRfPGZI3pVwC+SJnH
+ECLaV5s1IZXTNqc6xVolhsrgKWSHeP3Bdd1eXSYq6p91xMgov0S3nCApwAroMSK1S+E/m3
+SfTu0PR1rzxd4n5EVfLNQp3DxElbMJNGgMmrll4nGtc1BjW30ABFKy6/sZR3rm8x6otuPA
+6yqDl+5VJUt0Dggot73PP8Pu1URrPqwQlcMkNl3wfQKow9qsMV4BtXwkudZtmF+mYpB7Wj
+3BX1J2n6M+WczTJlbhAAABAQC7/hutMC8O/nNvYHvpg0l5v7FFc4UdYwoSn3t8IiUfqywN
+0VFCo7tzHVQOCEU/1kb8KwpEHS+PSyWnpFWx71pAdZ8A3/gFYsgung2YUDFrHdKZAwlPbe
+EOgJOYw20njWjg/zaFAFaKY18SRjy0+PiCGwdbY4aA+8bsNubEXiqnSZlemIVv6chGsB9A
+lM0nq6lYdhBSNe97/h3aXDycY94t6JQRue4EnkxfUdPwINV+Bu/v4Zeswu3STPouChIvjB
+A8XfaTKRez2DrSHDJg7lL5U2D4eZNnvWNeDfObKpkt67FywMX6wN+zi9Jmk6rVD6sPF03K
+ieaRDi5yBzVln0qMAAABAQD2oZ/beiIDoN28bae+ZDari6UmA8o+sQ7a8h/LkYGgKIwExP
+8ranZupVqY82eefQp332ySH3amXynOy+ZtQY6p/HO04/7r4wKEk98C9qOxsiyFXIr0qDgl
+2jB/K9pVF5BNWMxvZx4/AIC8EUuIAmIGu3RlEUFDm+kGzavt5ksTmNtVQrHgXFIwpCihs/
+gY8NYjWZXoNghUbc/DUqzT9IiTk93fms67kYhPdZQ82elrC5yndKaCv7rXP1wZSAxnagH3
+boMSN8B3jKX65117YE0FX/eTgJGBQYpy1psnvS5ljKE+f3Jva16YZxvscnYJPpr1y0bO5r
+Fedr/wvKKSo0SFAAABAQDRJKEIFdRRDeBpFfI+LnT3rSeB+IWtob2iPy8a5qi+jPbMG5HQ
+0ZwXZxs5YgFTCyAa49j0f7vD/wOpKFt7B8xEXesN/M2Jg2ZA7sR9Cn25w4UpNapSSD4dmR
+FThKp0EPgQvDkGv9kbYjK4isUFZ73WNBgFW4zynBIiSfmAUcTZ2qHue9A8uEJyW7jYJb72
+s1JxzA2hA6gjRXQAW2SLcglgncQ31zX0ldRptgc8lZU557KtMCSy7hQ+I5Fsrzssem5Xkh
+phL8QEta6h0JBHBTPewy8wsHQfTb+euygKBFDmA99ifOghph+zln2ZwFnoytv0I0hT3Xsq
+sV+EQqQNGbQnAAAAD2VtYWlsQGVtYWlsLmNvbQECAw==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa_local.pub b/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa_local.pub
new file mode 100644
index 00000000..9fdde9b2
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/files/ssh/id_rsa_local.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJfT1gGTDGdfHAdBA12Y0iYRoyIJ0VzZNm4AQw5ejCTpBqkGc7mQtrGBRC21Q2TCRI3/byExEI9ywkXyQYQ3kH4RCT3Aij9DpwdIU6wUM8Ea3g0R/JRsUyXwr1W66ylQI2nnQy2BtU5JDRC3R9O0KaRWmaBsZkWr2pTUF1UpqlUfcZLQPpYn5LtcZz1rp/RgwgQNDla3bdTZ2AlfmYuv/U9dVVxAIqoEKoohPnglgKcqZimjS7er8DlB6oaRrHPf+BUHwR3oWWwsvbUMOLqcNvA/E3LWGeYhx0guOIMHe+nFC5zcZmfHidxJPb1MMxmkFLc4GfsnG/t54U8b41RVUP0qtosGkrk4ow6biU+GS74vdxyhyW75D7OTmMAq100Kjp8LxMGh/1WTh2R4JKnx1HdvaRBTNp+cwG3Zgi2q8r6t5r0ERkAGjbOzLYR9bJc1LUghWdfk7aCWD7UT7OCtEOjn8SyQ8jvpCCG4/Akw0TzaJ9IJg/K6iYAb2epAv8i+JMd0A+S31oO5GRThD5MJorN00ZbaqXCSzJ1VoT21ut0S2Rih5itWaiIDD38mjQmB4BDeSjnLZ7UurQR9hIIVz8NqNlx8zXEdXgF9gXiwYMAyYUSXLmIWfoUf9QC5tAbRjDADUxF9xv8E5GfWtqED3f3ZlatqTpAajnd9d/lQn0Qw== email@email.com
diff --git a/home/dot_local/share/ansible/environments/dev/files/vpn/OpenVPN.ovpn b/home/dot_local/share/ansible/environments/dev/files/vpn/OpenVPN.ovpn
new file mode 100644
index 00000000..742f84fc
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/files/vpn/OpenVPN.ovpn
@@ -0,0 +1,173 @@
+###########################
+# OpenVPN config file #
+###########################
+
+client
+dev tun
+dev-type tun
+remote host.domain.tld 443 tcp-client
+remote-random
+nobind
+persist-tun
+cipher AES-128-CBC
+auth SHA1
+verb 2
+mute 3
+push-peer-info
+ping 10
+ping-restart 60
+hand-window 70
+server-poll-timeout 5
+reneg-sec 2592000
+sndbuf 393216
+rcvbuf 393216
+max-routes 1000
+remote-cert-tls server
+comp-lzo no
+auth-user-pass
+key-direction 1
+
+-----BEGIN CERTIFICATE-----
+MIIFcTCCA1mgAwIBAgIIJztVg1To4nEwDQYJKoZIhvcNAQELBQAwRjEhMB8GA1UE
+d72063D9rCMKffiKR1wc1FX5SKfkWDPAqa3QyN9dAdrpyhTyKYp2QR/ZVL7mW3ea
+F4QHuks2p3f/HBbOX577D3oCwXYOe28PknfO4LcZ/heL1wqQwJLqcu7JJWSFgEeN
+v+NZzAN99EJP2Z5u9TrzTOkEKI5P4MVas10zHhKOwl+KUE4tAr1bfGOtbcjk3SdY
+CgwYNWZhMmI4OTAyMWY5MjMxYjFhZmRiMDM2MSEwHwYDVQQDDBg1ZmEyYjg5MDIx
+ZjkyMzFiMWFmZGIwNDMwHhcNMjAxMTA0MTQyMDA0WhcNNDAxMDMwMTQyMDA0WjBG
+MSEwHwYDVQQKDBg1ZmEyYjg5MDIxZjkyMzFiMWFmZGIwMzYxITAfBgNVBAMMGDVm
+YTJiODkwMjFmOTIzMWIxYWZkYjA0MzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
+AgoCggIBANi1KmZL1M5CrCwRxIXxo3sMRGA/O+8l+8CVC0fDqY8UYLt3OXMgwXow
+QRKKIctj1kZW/PyqLd5xsXhbD+0THJ51KAzc+9kb8U1TMrtCbajpFElnIcDmHKkb
+0mBhe+mpElFA2BNk6+H+zzGlO6r2ckv/GNEHcmJ5tsudUXm68pM7yopbsMSZhkwQ
+KzpIuVkbQZc7vFI61DyuRh4HtgZ/t1G8kJ4K0QJiFKj+S5kLhx8PcQWz94q+sT0/
+8CPzDuEGdmc8tQ4L3d7+jRwLBTs/Ds6Y7zw2fXxRKuSLIWVgE92LtrXJMD2q8nkg
+iwcgn0TUdBHyIcsYgsQE8as6jpf89t9Vdz3RE1mKqDhlsROKWr8xFn0PoT6jB4tz
+vAEJ0kKPcxFAGa3MmFthuo1i1McBjogp5ENQMXUylLW9IGRaRYgZuR1h8S9O/dxC
+Li17eh4tKEcI9QFIgMXzPRy1W6Eo5+yjLxl6sh4Z1mSx5AdNkl+YwzYnX5vEUjTd
+u1F66HlvuA1Hhs9aGu3ABXn/5BrhmWeSlIZuDcW9S0YZVwyxToPG/1PL7fsgvz59
+7aEOxduBjPGp8UcZzMPzRN9oCY5O170GwYmdL250g2keyA3qavfWCx5gkmwMZfCj
+SRgRv2WC73bgY0fpWl/CxrKwK1/Pwz3O/ZrUG6eEmgOwCvGpxxYjCxvlQoZ9uUwh
+x5zCmTN7d67rkI9MU6F9wcxkc46hoiM9dEFVe+8GOA+AYjk9g2yA8Zl3ImLt9Gn5
+d0KAxgLw1T3CQ3K5FiER+CxLlyZNnfjxhCuotEbdBT6hcot80znG4tDwH4se2JgX
+1CQF+dBj8AII/jjtHPr1IXuu0KTns9xii8zFEciH7j3AO//CaR9OOtgOKnwRqHXr
+TA0C09X2LfbcKBr785M60U+Sum0sI6+GefRzO5xH+bPBHG3WkzR2GWHFqF1NIZAw
+K448xYtNC6cN6RIXmcS6/KxLBJv2r6wLXes8DUZukvya+JYj7/8WclJLCQIWafV+
+HNsI1G7nObiFUikYGeJUST1qM5kNfKzJYGdSxy0U1jFxS9fnRn8lAgMBAAGjYzBh
+MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5dxQm
+w1vb+IiO6qCPkh5fa2SBdjAfBgNVHSMEGDAWgBR5dxQmw1vb+IiO6qCPkh5fa2SB
+djANBgkqhkiG9w0BAQsFAAOCAgEAJl/btMUFYhItQkAbsXXJ694+nc96f9SKDYkI
+rqtHe1Fk71oFkKj9JcQ6fmd4l1vs9p0/AQoLMB1aGQ51n40sWwFN72mUv4bqiYpB
+6cDjW+o=
+-----END CERTIFICATE-----
+
+
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+4120da91ec93324db74aab0aae9ed93e
+956145d01205e81769e53f93a08b81f7
+54a4034b5bb79e363057f2fa08bad60b
+947ca5edb9ad2d3bf2ab70f65eb589dc
+5a97c7eead7538d2ee704d0ad9e4ee61
+d2ccaf4ea34b341a750549e35b8c7454
+38ed248a6e52a3f2546fe166e0c64a85
+7d687d8775044310f218bbaba1d9a39f
+ed04842174e95cc0b70d0f49a64d4db5
+12a2fc71ab9140074a55a06733dd024e
+675a54b6de8dfcd14c3efa9704e346c0
+23204b019a3512bd196ad0568cbbb174
+4d51a46e0b37a93931cd192f18139f15
+435fd4e1182c7ddee9ff501837573da1
+bd4712c0cb5b333dde54550425cdf3da
+39e3f91f7293f23c062510a9e1931709
+-----END OpenVPN Static key V1-----
+
+
+-----BEGIN CERTIFICATE-----
+MIIFgTCCA2mgAwIBAgIJAPKp5+VB9ahMMA0GCSqGSIb3DQEBCwUAMEYxITAfBgNV
+BAoMGDVmYTJiODkwMjFmOTIzMWIxYWZkYjAzNjEhMB8GA1UEAwwYNWZhMmI4OTAy
+MWY5MjMxYjFhZmRiMDQzMB4XDTIwMTEwNDE0MjAwNloXDTQwMTAzMDE0MjAwNlow
+o1xVdNPn/s0LGuKrLM7lpQ8XFhufNb7o6Tc9qNBf5dcbBB8OWxAV64n2V95j9ec8
+/GqY+9EQTdyT+RQk0dKg5ngENtC6mGSVfDK8PPzGqMXc98/xGBoXcVKmQELVVbgu
+DpIdP0pPFFeuZad1t43kHzWwSQqy03U1WkA9bp+vN9utTVatlr05eV8JKzlYkyhQ
+ykiISwy1GDa+hMr4xu2hFg5HeHYtcIlb6bgW+K+ya0imgpcKcUw6hOU6gwokVuhz
+qNaX647rW/kTypyxjeQxrLGxegSJYtP1Bcn/lNJDXw5KDUYkXcbKqOjA7faqACZU
+YUzVqgT9c695PqZZ1WouzIGGzKClPb2O5bRXquD2VJhqkrSIn7eeHvdv7ke2h+Jw
+8nMhsx9yK2v7RiHGMQeAOm3mNvmfHcKr10IUK5W80p4gP22Q6iWL+DaY+LjrjOCZ
+FrvwSiY/fASmITpQjIMPTuPaksdiROdaZXD3p+U28M/urzi5yk1QPwfSOp//YcgJ
+PxONOrteAPrTQFhchoSfiC9W39Ol3szc4L0EOV5J56nvug+CCvKwwQIDAQABo3Iw
+cDAOBgNVHQ8BAf8EBAMCBaAwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcD
+AjAdBgNVHQ4EFgQUIyI9iRCNURRz6pYtZTVHf5Ih0pMwHwYDVR0jBBgwFoAUeXcU
+JsNb2/iIjuqgj5IeX2tkgXYwDQYJKoZIhvcNAQELBQADggIBACoozM/c+DtV5eKv
+cxq+28cOOy9IZtk4ezbdClettiquCZduJbnRPvG7mLElVDdbim5OAbVV7piCYaFa
+/DkWMJMgtlwU4xhUD81YBKFWCqjIOH9fPp2Kh+JEmB1WI/XiSXKuk44Rqwr+NUVR
+sRKtWuH0ZRMR6d4JQhKuyi98wegsmYHbt9kkjtoteo9ommYO0RwvLuN+rpbIC/Sl
+F9QxEpuOUXygSSvqCIgQPkR9g9L5POqtkZDsiMWJGdk0K+XMxrNWiLJ/7Ahm/aV5
+EZdpEY7jhgrBSmWR/r0lOxOA1aEIA/7eL4L/t/rjSSXqczgYsJQa1WfogWSC5Egr
+Cu5lhFQOOPOfFun9iHDhWb+bgWzvfMKT+c46nV7vjFlJwRKY36v/KfLq09SBUY4P
+TdKlbpTC+px/wPwbmEA+G7BKoZfJp2NjuR+BQHKC1Yq9WkiRgWxEw5IzHboHRgcY
+helCoZxkjLWrPQN1C766NSo9dmgfwCToafD8Ylxf0zfY+WV3h/x9TZkvdaxJ7zDy
+usJUuK7CQT8R5VLt7+6NPp3UsNHTxmeyE5ocCieI0SXIIDYj06IUw0A3RUjRaMyT
+RjEhMB8GA1UECgwYNWZhMmI4OTAyMWY5MjMxYjFhZmRiMDM2MSEwHwYDVQQDDBg1
+ZmEyYjg5NTIxZjkyMzFiMWFmZGIwNDUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
+ggIKAoICAQC2MPG3nrGfnMSAAgpfDbWnFzxMgc0HCYbUEaSwhwTzp7f1jJ/LDxQN
+Xx/ihpESrpV1AuWrEMxX92iPGsjiCQO06v8doLLlUWTVK8jOtJMGJv+9n6qXyyrC
+qYqTgq80evoT8ThGPIh9zbeieWkeMEQo+OdJSAYDEjG5RVnix+df4GXxkjJc8sM5
+6Vhek32eRkcy/aSjgiWZpdGBnLxg
+-----END CERTIFICATE-----
+
+
+-----BEGIN PRIVATE KEY-----
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC2MPG3nrGfnMSA
+AgpfDbWnFzxMgc0HCYbUEaSwhwTzp7f1jJ/LDxQNXx/ihpESrpV1AuWrEMxX92iP
+GsjiCQO06v8doLLlUWTVK8jOtJMGJv+9n6qXyyrCqYqTgq80evoT8ThGPIh9zbei
+eWkeMEQo+OdJSAYDEjG5RVnix+df4GXxkjJc8sM58nMhsx9yK2v7RiHGMQeAOm3m
+FhufNb7o6Tc9qNBf5dcbBB8OWxAV64n2V95j9ec8/DkWMJMgtlwU4xhUD81YBKFW
+NtC6mGSVfDK8PPzGqMXc98/xGBoXcVKmQELVVbguYUzVqgT9c695PqZZ1WouzIGG
+zKClPb2O5bRXquD2VJhqkrSIn7eeHvdv7ke2h+JwPxONOrteAPrTQFhchoSfiC9W
+NvmfHcKr10IUK5W80p4gP22Q6iWL+DaY+LjrjOCZFrvwSiY/fASmITpQjIMPTuPa
+ksdiROdaZXD3p+U28M/urzi5yk1QPwfSOp//YcgJo1xVdNPn/s0LGuKrLM7lpQ8X
+39Ol3szc4L0EOV5J56nvug+CCvKwwQIDAQABAoICAAdsKwzeDEKCcob8jkudFV9/
+VNeRGjdFLhcJuPnwJkV++cGpPwFY1epNi9EAxnxKXJBt08mKX6jdzYa3AqQi1eHT
+CR295Evvavo8VGwHc0323Mhu7tZMUqunmJu14Ul0ESgq1a4W3UCy1t5pr9yo/r3k
+lheoNYZ+gUQZDTZuCoEfdUfIOwEKauW7ePFQiOFv33BXRRz79mBFASE18CmJXtr9
+ZBXKSMlukz6hFuemgm0XabIFwBLopGXYRUPe4XwIo2/ZPrT1ZImFH0dSX4kjYYGP
+THDqiC4a1X3V6au4EDpKtxjbhpUy+KFb5HEe11tGSDhBmiZ7Jtq4RMsd/XYZDHQD
+GneD9ZNIFBtUs5PbtaDr3TKCYtV1YUjBRTtUfQv8MS+3eJ0kac9RTYjPOtp+UAH0
+U6RKlBFQZlgyyLshFkRtp1MGfYdWtkxctAhWNsW4UicLMrHXP4Ibq9jk7oHUL7qD
+TKpXqqfg79aLZMD0VG6AAaqOEuw9eF2hPmDRX4WAdI6agi2R8s7z9hDkxqlKM1yo
+CqjIOH9fPp2Kh+JEmB1WI/XiSXKuk44Rqwr+NUVRsRKtWuH0ZRMR6d4JQhKuyi98
+wegsmYHbt9kkjtoteo9ommYO0RwvLuN+rpbIC/Sl/GqY+9EQTdyT+RQk0dKg5ngE
+9StSZCsHkCVmJyXIjl0uAbi+eu7gytPPVWdKFFaKvjpWKbXoHhGkXhsZoqZZQ7YG
+VV4VBq8rTZ0njgyOTUg/Ona1bKv38QxSA3G921E0S1hqXBkzjoeRRBk6lxvSQRpL
+Aw7C/MV/wqhe9aDZa4ShAoIBAQDmDCLy5Qz9YujZKxXizMKrsgBCbyLF+h7+zCjw
+cEQY/+h5ZpyN7fu7qaY8ZauPrtEazwJqzdgAYQC3A6EBWoUwbe4sj5OZmCRewaTe
+2/9YqY7ofrihszu1jsoxOW2qtZMGjrIacet1Ls1Qkwr3P0bSV9WiCjEHjSw0YSOc
+Ka9S+/+SsEOMDdVmDoonMV+8AnUXe7IJChXfGeRqooc0IZzqeco3hJqUcbFT3LgL
+OOMQGJTrnbJl99l0eOhBjKJ27mYTuzlvbmG7A82zEOR38m4wjdLhQoRoaD4mLtca
+LZjSujAL3cfKcz/L0U7l8qmaLoFKzmaKTOkQF0f50FY/jAjFAoIBAQDKvrNPmz2n
+NPy91QSrYx9nsg1MFPd5M6NjnR6g8T64Rg6qeNO/mtFe9hHQ5yP1l88Sdn1Ovext
+Zovi+bsiCHFFyX/p/NEIj3S6YM3H2+geSJ+W/o3dRKhuvIWDVq/RFx1AqThuGxyG
+QGClBFGpna/NAoIBAAtPUXCLnkXe1P/IRH0v/+odCDI78IO3NkrkkqavfkmUW0OM
+rem0Z4nkX03c2cBoodMllkLV9+ac3kIhJYtBfgbRgMIkFOeaOT+HWamzOyyKuYHo
+qP8aJrdYW8xrvF6GKsJJxavTKfZK5MEvWXyqWbsBonki8yIh6KhyliOZUQtNZFU7
+4TZDf9hSoqwmm0RNAqCy7h/PpR+g0EAF2YvQkzxb3Hs6Q7dEl6k90raKh29FJh0n
+VZv5wXEeeJywY1RhiBc0PzChRqDBIR3KmNDk1FICxvlYIdZYOaX664xX7Yl+qdoL
+f0UOwXYtxik78uannqek2hm2ikbGPj2j5nmdUtkCggEBAMk7bo5c711sQuoAlw+z
+vHUNL5FPj6ZE5El5vfjHEHmFgMyAXmzR61jSU0FDkpHioWK0oKikFBQr2c6MyeP2
+gNfaPTTvln153sGDplz0406DIVwmVnBI/JuolSgwQo745QvekPNnraGPo2CoAPYC
+46pS8Z2kzPLXtNVVKXgCmX8ow7yR+1BRsbUTLboX7fXHQYDxYvh/J5a8ra5xzazJ
+oEeCt8bDpVf+F3HAAtDLE3lat1VbUVNKK9NqSlA/mKfksSJ6fuyyb5i/8YEwPJSE
+WY+qJ71fAOEIWMo/m4Rg92HZS2sK3PziInGW1KCjHqTiTcgG2BwSlscxuR9WtJ2j
+0ViPiG6J1WLJJ32dtakanoV02nlyod5F1DIqMZdZeMOalCtuKwTMUIplVVa1z+Ss
+Pm6LZCzmcVjclRVErnLpTaZM9xjCq95uBJiuvcOEPCg35sMS4kkdDczpSx5znhkv
+vZOtclFgtyzIMEoAjBBOjoNz8FfXt3r4TIOWl9pk3DLEsVCrDg7CPn0AuVkUKt5x
+8E21nA+h+0OHifMVZTbpvgW4CS0/tdFa45VLqJuY/eUPlO4MDsDkymzQHx+PMDTs
+gyaBnqY5yUG8txe217R/2ViMcJBIn3x7eIqOJyYt+KDTHAO54VV2+91zoBcssVs2
+hcdOmpQhW2AZONruYDAuQqp0HqplMwbCi31Nj3FhefeRrh4NLWKyb7BGUCIA7RRi
+fMtfrG56WJ++g4VZ/+WXB1THkF82WWh9dRA0XfB2YhuObaJ4U2I11qIJ0+L13ngT
+4yECggEAYp+csmRKuUHc3VZ4V/bbQu5Td4Wu7LclScflJxM6JYyiGTKAtCGuSq0e
+1O0C8AtrdmiV8WPCOiZ/Http95gBLg==
+-----END PRIVATE KEY-----
+
diff --git a/home/dot_local/share/ansible/environments/dev/files/vpn/WireGuard.nmconnection b/home/dot_local/share/ansible/environments/dev/files/vpn/WireGuard.nmconnection
new file mode 100644
index 00000000..9633c65b
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/files/vpn/WireGuard.nmconnection
@@ -0,0 +1,33 @@
+[connection]
+id=wg
+uuid=00000000-ce5d-4a0f-b16d-7c909ed51018
+type=wireguard
+interface-name=wg
+permissions=
+
+[wireguard]
+listen-port=51820
+private-key=yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
+
+[wireguard-peer.xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=]
+endpoint=192.95.5.67:1234
+allowed-ips=10.192.122.3/32;10.192.124.1/24;
+
+[wireguard-peer.TrMvSoP4jYQlY6RIzBgbssQqY3vxI2Pi+y71lOWWXX0=]
+endpoint=[2607:5300:60:6b0::c05f:543]:2468
+allowed-ips=10.192.122.4/32;192.168.0.0/16;
+
+[wireguard-peer.gN65BkIKy1eCE9pP1wdc8ROUtkHLF2PfAqYdyYBz6EA=]
+endpoint=test.wireguard.com:18981
+allowed-ips=10.10.10.230/32;
+
+[ipv4]
+dns-search=
+method=disabled
+
+[ipv6]
+addr-gen-mode=stable-privacy
+dns-search=
+method=disabled
+
+[proxy]
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/all/apps.yml b/home/dot_local/share/ansible/environments/dev/group_vars/all/apps.yml
new file mode 100644
index 00000000..dec46229
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/all/apps.yml
@@ -0,0 +1,277 @@
+---
+# @var internal_domain: lab.megabyte.space # Default domain to add internal apps to
+internal_domain: lab.megabyte.space
+
+# @var public_domain: megabyte.space # Domain to add public apps to
+public_domain: megabyte.space
+
+# @var healthcheck_endpoint: 'health.{{ public_domain }}' # FQDN of the [Healthchecks](https://github.com/healthchecks/healthchecks) endpoint
+healthcheck_endpoint: 'health.{{ public_domain }}'
+
+# @var theme_park_theme: aquamarine # Default CSS theme to use for select web-apps (see https://github.com/gilbN/theme.park)
+theme_park_theme: aquamarine
+
+# @var apps: [] # Contains lists of web-apps assigned to specific hosts. **Any app installed on your network should be categorized
+# under its host.** You can see all the supported web-apps in the following places:
+#
+# 1. In the `roles/virtualization/swarm/templates` folder you will see Docker Swarm configurations. If your desired app is in a configuration
+# named `portainer.docker-stack.yml` then you can install it to a host named `nuc` by placing `portainer` under the `nuc` key of `apps`.
+# 2. In the `group_vars/all/helm.yml` file, you will find the `helm_charts` variable. Each key in the `helm_charts` variable is a key
+# that you can add to a specific host in the `apps` variable.
+apps:
+ nuc:
+ - cockpit
+ - maas
+ - portainer
+ raspiboot:
+ - netboot
+ - netbootassets
+ statuscheck:
+ - healthchecks
+ - statping
+ workstation:
+ - cups
+ # If you want HTPC apps, make sure to enable all of these at the same time. They are added with a single Docker configuration
+ # and configured to tunnel all traffic out via WireGuard.
+ # - bazarr
+ # - cups
+ # - heimdall
+ # - jackett
+ # - kodi
+ # - lidarr
+ # - nzbget
+ # - ombi
+ # - organizr
+ # - plex
+ # - radarr
+ # - sonarr
+ # - tautulli
+ # - transmission
+
+# @var domains: {} # A map of configurations used when provisioning web-apps that are defined in the `apps` variable above. The
+# variables are used to configure NGINX, configure CloudFlare DNS records, and populate the /etc/hosts files of peers on the network.
+# Examples along with descriptions of the options is provided below. **Any new hosts (that you would find in the `host_vars` folder)
+# need to be added to this configuration with a minimum of `hosts`, `ip_address` and `regexp` defined.
+domains:
+ bazarr:
+ hosts: 'bazarr bazarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26671
+ regexp: '# Bazarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/bazarr/{{ theme_park_theme }}.css'
+ cockpit:
+ hosts: 'cockpit cockpit.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ port: 9090
+ proxy_file: proxy-ws.conf
+ regexp: '# Cockpit'
+ transport: https
+ cups:
+ hosts: 'cups printers printers.{{ internal_domain }}'
+ ip_address: '{{ workstation_ip_address }}'
+ port: 631
+ proxy_file: proxy-cups.conf
+ regexp: '# CUPS'
+ transport: https
+ grafana:
+ hosts: 'grafana grafana.{{ internal_domain }}'
+ ip_address: '{{ cluster_ip_address }}'
+ regexp: '# Grafana'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/grafana/{{ theme_park_theme }}.css'
+ healthchecks:
+ dns_record: health
+ dns_zone: '{{ internal_domain }}'
+ hosts: 'healthchecks health health.{{ public_domain }}'
+ ip_address: '{{ status_ip_address }}'
+ port: 26798
+ regexp: '# Healthchecks'
+ heimdall:
+ hosts: 'heimdall home home.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 29915
+ regexp: '# Heimdall'
+ jackett:
+ hosts: 'jackett jackett.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26673
+ regexp: '# Jackett'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/jackett/{{ theme_park_theme }}.css'
+ kodi:
+ hosts: 'kodi kodi.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26674
+ regexp: '# Kodi'
+ lidarr:
+ hosts: 'lidarr lidarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26676
+ regexp: '# Lidarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/lidarr/{{ theme_park_theme }}.css'
+ localhost:
+ hosts: localhost
+ ip_address: 127.0.0.1
+ regexp: '# Localhost'
+ maas:
+ firewall: true
+ hosts: 'maas maas.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ port: 5240
+ regexp: '# MAAS'
+ malaptop:
+ hostname: MALaptop
+ hosts: 'malaptop laptop.{{ internal_domain }}'
+ ip_address: '{{ malaptop_ip_address }}'
+ regexp: '# Laptop'
+ netboot:
+ hosts: 'netboot netboot.{{ internal_domain }}'
+ ip_address: '{{ netboot_ip_address }}'
+ port: 3000
+ regexp: '# NetbootXYZ'
+ netbootassets:
+ hosts: 'netbootassets netbootassets.{{ internal_domain }}'
+ ip_address: '{{ netboot_ip_address }}'
+ port: 80
+ regexp: '# Assets4XYZ'
+ nuc:
+ hostname: NUC
+ hosts: 'nuc nuc.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ regexp: '# NUC'
+ nzbget:
+ hosts: 'nzbget nzbget.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26678
+ regexp: '# NZBGet'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/nzbget/{{ theme_park_theme }}.css'
+ ombi:
+ hosts: 'ombi ombi.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26679
+ regexp: '# Ombi'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/ombi/{{ theme_park_theme }}.css'
+ organizr:
+ hosts: 'organizr organizr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26680
+ regexp: '# Organizr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/organizr/{{ theme_park_theme }}.css'
+ pfsense:
+ hosts: 'pfsense pfsense.{{ internal_domain }}'
+ hostname: pfSense
+ ip_address: '{{ firewall_ip_address }}'
+ regexp: '# pfSense'
+ plex:
+ hosts: 'plex plex.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 32400
+ regexp: '# Plex'
+ transport: https
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/plex/{{ theme_park_theme }}.css'
+ portainer:
+ hosts: 'portainer portainer.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ port: 26685
+ regexp: '# Portainer'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/portainer/{{ theme_park_theme }}.css'
+ radarr:
+ hosts: 'radarr radarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26681
+ regexp: '# Radarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/radarr/{{ theme_park_theme }}.css'
+ raspiboot:
+ hostname: RaspiBoot
+ hosts: 'boot boot.{{ internal_domain }}'
+ ip_address: '{{ netboot_ip_address }}'
+ regexp: '# RaspiBoot'
+ seconion:
+ hosts: 'seconion seconion.{{ internal_domain }}'
+ ip_address: '{{ seconion_ip_address }}'
+ regexp: '# Security Onion'
+ sonarr:
+ hosts: 'sonarr sonarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26682
+ regexp: '# Sonarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/sonarr/{{ theme_park_theme }}.css'
+ statping:
+ dns_record: status
+ dns_zone: '{{ public_domain }}'
+ hosts: 'statping status status.{{ public_domain }}'
+ ip_address: '{{ status_ip_address }}'
+ port: 26799
+ regexp: '# StatPing'
+ statuscheck:
+ dns_record: statuscheck
+ dns_zone: '{{ public_domain }}'
+ hostname: StatusCheck
+ hosts: 'statuscheck statuscheck.{{ public_domain }}'
+ ip_address: '{{ status_ip_address }}'
+ regexp: '# Status'
+ tautulli:
+ hosts: 'tautulli tautulli.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26683
+ regexp: '# Tautulli'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/tautulli/{{ theme_park_theme }}.css'
+ transmission:
+ hosts: 'transmission transmission.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26684
+ regexp: '# Transmission'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/transmission/{{ theme_park_theme }}.css'
+ unifihome:
+ auth: false
+ hosts: 'unifi.home unifi.home.{{ public_domain }}'
+ ip_address: '{{ upstream_ip_address }}'
+ port: 443
+ regexp: '# UniFi Home'
+ transport: https
+ unifilab:
+ auth: false
+ hosts: 'unifi.lab unifi.{{ internal_domain }}'
+ ip_address: '{{ firewall_ip_address }}'
+ port: 8443
+ regexp: '# UniFi Lab'
+ transport: https
+ workstation:
+ hostname: Workstation
+ hosts: 'workstation workstation.{{ internal_domain }}'
+ ip_address: '{{ workstation_ip_address }}'
+ regexp: '# Workstation'
+# @example #
+# domains:
+# cockpit:
+# # `auth` - Whether or not to guard the application with the SSO provider. This is `true` by default but needs to be set to
+# # false in some cases like when hosts need to be accessed by automated systems.
+# auth: true
+# # `hosts` - The domains you would like the app accessible by in browsers across your network.
+# hosts: 'cockpit cockpit.{{ internal_domain }}'
+# # `ip_address` - The IP address that the app is accessible on.
+# ip_address: '{{ controller_ip_address }}'
+# # `port` - The port on the localhost where the application is accessible
+# port: 2999
+# # `proxy_file` - Used when an app needs special NGINX proxy pass settings, like in the case of web sockets.
+# proxy_file: proxy-ws.conf
+# # `regexp` - A unique string used to identify lines in /etc/hosts that need to get updated when IP addresses change.
+# regexp: '# Cockpit'
+# # `transport` - Whenever possible, this should be set to `https`. When it is set to `https`, the NGINX proxy pass is made over HTTPS.
+# transport: https
+# statping:
+# # If CloudFlare is configured, the `dns_record` will be used to create a `status` CNAME on the `public_domain`, which is
+# # `megabyte.space` in this case.
+# dns_record: status
+# # The `dns_zone` is the CloudFlare DNS zone. This must be the root domain of the record you want to be automatically updated.
+# dns_zone: '{{ public_domain }}'
+# hosts: 'statping status status.{{ public_domain }}'
+# ip_address: '{{ status_ip_address }}'
+# regexp: '# StatPing'
+# raspiboot:
+# # The `hostname` must be assigned to the desired hostname for every target instance. In order to add a host to the `apps`
+# # variable, it needs to be defined with the fields in this example, at the minimum (i.e. `hostname`, `hosts`, `ip_address`,
+# # and `regexp`).
+# hostname: RaspiBoot
+# hosts: 'boot boot.{{ internal_domain }}'
+# ip_address: '{{ netboot_ip_address }}'
+# regexp: '# RaspiBoot'
+# @end
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/all/defaults.yml b/home/dot_local/share/ansible/environments/dev/group_vars/all/defaults.yml
new file mode 100644
index 00000000..3cd02361
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/all/defaults.yml
@@ -0,0 +1,234 @@
+---
+# yamllint disable rule:line-length
+# Defaults are used in cases where no host is specified (i.e. in Molecule tests)
+
+default_dconf_settings:
+ - key: /org/gnome/desktop/background/picture-uri
+ value: "'file:///usr/share/backgrounds/brad-huchteman-stone-mountain.jpg'"
+ - key: /org/gnome/shell/favorite-apps
+ value: "['org.gnome.Nautilus.desktop', 'firefox.desktop', 'chromium_chromium.desktop', \
+ 'brave-browser.desktop', 'mailspring_mailspring.desktop', 'code_code.desktop', \
+ 'hyper.desktop', 'plexmediaserver_pms-web.desktop', 'org.gnome.Lollypop.desktop', \
+ 'virt-manager.desktop', 'vmware-workstation.desktop']"
+ - key: /org/gnome/shell/extensions/dash-to-dock/dash-max-icon-size
+ value: '40'
+ - key: /org/gnome/desktop/session/idle-delay
+ value: '600'
+ - key: /org/gnome/desktop/privacy/report-technical-problems
+ value: 'false'
+
+default_gnome_extensions:
+ - url: https://extensions.gnome.org/extension/750/openweather/
+ regex: openweather-extension
+ settings:
+ - "gsettings --schemadir ~/.local/share/gnome-shell/extensions/openweather-extension@jenslody.de\
+ /schemas/ set org.gnome.shell.extensions.openweather city '40.7970384,-74.4809492>Morristown, \
+ Morris County, New Jersey, 07960, United States of America >-1 && 40.7127281,-74.0060152>New \
+ York, United States of America >-1 && 12.9791198,77.5912997>Bengaluru, Bangalore North, \
+ Bangalore Urban, Karnataka, India >-1 && 40.4862174,-74.4518173>New Brunswick, New Jersey, \
+ United States of America >-1'"
+ - gsettings --schemadir ~/.local/share/gnome-shell/extensions/openweather-extension@jenslody.de/schemas/ set org.gnome.shell.extensions.openweather days-forecast 10
+ - gsettings --schemadir ~/.local/share/gnome-shell/extensions/openweather-extension@jenslody.de/schemas/ set org.gnome.shell.extensions.openweather show-text-in-panel true
+ - gsettings --schemadir ~/.local/share/gnome-shell/extensions/openweather-extension@jenslody.de/schemas/ set org.gnome.shell.extensions.openweather actual-city 0
+ - url: https://extensions.gnome.org/extension/771/proxy-switcher/
+ regex: ProxySwitcher
+ - url: https://extensions.gnome.org/extension/1085/simple-net-speed/
+ regex: simplenetspeed
+ - url: https://extensions.gnome.org/extension/906/sound-output-device-chooser/
+ regex: sound-output-device-chooser
+ - url: https://extensions.gnome.org/extension/2983/ip-finder/
+ regex: IP-Finder
+ - url: https://extensions.gnome.org/extension/6/applications-menu/
+ regex: apps-menu
+ - url: https://extensions.gnome.org/extension/3061/vlan-switcher/
+ regex: vlan-switcher
+ - url: https://extensions.gnome.org/extension/1762/lan-ip-address/
+ regex: lan-ip-address
+ - url: https://extensions.gnome.org/extension/2224/easy-docker-containers/
+ regex: easy_docker_containers
+
+# @var samba_allowed_hosts: 127.0.0.1
+# Restricts Samba sharing to certain IP addresses
+samba_allowed_hosts: 127.0.0.1
+# @example #
+# samba_allowed_hosts: 127.0.0.1 10.14.141. 10.14.14. 10.0.0.
+
+samba_netbios_name: HTPC
+
+# @var samba_printers: []
+# A configurable list of Samba printers to share
+samba_printers: []
+# @example #
+# samba_printers:
+# - id: HPOfficeJetPro
+# comment: HP OfficeJet Pro 6978 (in Garage)
+# name: HP OfficeJet Pro 6978
+# @end
+
+# @var samba_shares: []
+# A configurable list of Samba paths to share
+samba_shares: []
+# @example #
+# samba_shares:
+# - id: Media
+# comment: Movies, TV Shows, and other read-only multimedia
+# follow_symlinks: true
+# path: /mnt/htpc
+# public: true
+# - id: Private
+# comment: Authenticated share with read/write capabilities (backed up to OneDrive)
+# follow_symlinks: true
+# path: "/home/{{ ansible_user | default(lookup('env', 'USER')) }}/Documents"
+# public: false
+# users: '@sambausers'
+# writable: true
+# - id: Public
+# comment: Public folder provided for file sharing on the LAN
+# path: "/home/{{ ansible_user | default(lookup('env', 'USER')) }}/Public"
+# public: true
+# writable: true
+# @end
+
+# @var samba_workgroup: MEGABYTE
+# The Samba workgroup name
+samba_workgroup: MEGABYTE
+
+user_configs:
+ - username: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ # @var dconf_settings: []
+ # Key value pairs of Dconf settings to apply
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ # @var git_user_email: ""
+ # Email address to configure in the global Git configuration file
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ # @var git_user_name: ""
+ # Username to configure in the global Git configuration file
+ git_user_name: '{{ git_user_name | default(omit) }}'
+ # @var gnome_extensions: []
+ # List of GNOME extensions to install and any optional settings to be configured
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ # @var user_configs.groups: []
+ # Groups to assign the user to (see [this link](https://wiki.debian.org/SystemGroups) for tips on determining which groups to add a user to)
+ groups: []
+ # @example #
+ # user_configs:
+ # - username: myuser
+ # groups:
+ # - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ # @end
+ # @var user_configs.kvm_admin: true
+ # Should this user be added to the 'kvm' group?
+ kvm_admin: true
+ # @var user_configs.netrc_hosts: []
+ # Login and initialization information used by the auto-login process
+ netrc_hosts: []
+ # @example #
+ # netrc_hosts:
+ # - machine: surge.surge.sh
+ # username: '{{ surgesh_username }}'
+ # password: '{{ surgesh_password }}'
+ # @end
+ # @var user_configs.npm_author_email: ""
+ # Email address of package author to add to package.json
+ npm_author_email: '{{ npm_author_email | default(omit) }}'
+ # @var user_configs.npm_author_name: ""
+ # Name of package author to add to package.json
+ npm_author_name: '{{ npm_author_name | default(omit) }}'
+ # @var user_configs.npm_author_url: ""
+ # Website of package author to add to package.json
+ npm_author_url: https://megabyte.space
+ # @var user_configs.pips: []
+ # Python pip packages installed at the user level (the `pip_packages` variable can be modified to install global packages which has its default defined in `group_vars/desktop/pip-packages.yml`)
+ pips: []
+ # @var user_configs.rclone: []
+ # Configuration setting to create rclone services
+ rclone: []
+ # @example #
+ # - name: Dropbox
+ # provider: dropbox
+ # config: |
+ # type = dropbox
+ # token = {"access_token":"{{ dropbox_access_token }}","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+ # - name: Google
+ # provider: google
+ # config: |
+ # type = drive
+ # client_id = {{ google_drive_client_id }}
+ # client_secret = {{ google_drive_client_secret }}
+ # scope = drive
+ # token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ # root_folder_id = {{ google_drive_root_folder_id }}
+ # - name: OneDrive
+ # provider: onedrive
+ # config: |
+ # type = onedrive
+ # token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ # drive_id = {{ onedrive_drive_id }}
+ # drive_type = personal
+ # @end
+ # @var user_configs.samba_user: true
+ # Should the user be added to 'sambausers' group?
+ samba_user: true
+ # @var user_configs.ssh_authorized_keys: []
+ # Keys to add to the authorized_keys configuration
+ ssh_authorized_keys: []
+ # @example #
+ # user_configs:
+ # - username: myuser
+ # ssh_authorized_keys:
+ # - "{{ lookup('file', 'files/ssh/id_rsa_local.pub') }}"
+ # @var user_configs.ssh_private_keys: []
+ # SSH private keys
+ ssh_private_keys: []
+ # @example #
+ # user_configs:
+ # - username: myuser
+ # ssh_private_keys:
+ # - files/ssh/id_rsa_dev
+ # @end
+ # @var user_configs.symlinks: []
+ # User-scoped symlinks to add
+ symlinks: []
+ # @example #
+ # user_configs:
+ # - username: myuser
+ # symlinks:
+ # - path: /mnt/auxilary/Camera
+ # link: ~/Pictures/Camera
+ # - path: /mnt/auxilary/Games
+ # link: ~/Games
+ # - path: /mnt/auxilary/Music
+ # link: ~/Music/Library
+ # - path: /mnt/movies
+ # link: ~/Videos/Movies
+ # - path: /mnt/auxilary/Music Videos
+ # link: ~/Videos/Music Videos
+ # - path: /mnt/auxilary/Shorts
+ # link: ~/Videos/Shorts
+ # - path: /mnt/tv
+ # link: ~/Videos/TV
+ # - create: /mnt/htpc # Does not support relative paths
+ # path: /mnt/movies
+ # link: /mnt/htpc/Movies
+ # - path: /mnt/auxilary/Music Videos
+ # link: /mnt/htpc/Music Videos
+ # - path: /mnt/tv
+ # link: /mnt/htpc/TV
+ # - path: /mnt/auxilary/Shorts
+ # link: /mnt/htpc/Shorts
+ # - path: /mnt/auxilary/Games
+ # link: /mnt/htpc/Games
+ # - path: /mnt/auxilary/Music
+ # link: /mnt/htpc/Music
+ # @end
+ # @var user_configs.vscode_extensions: []
+ # VSCode extensions to install (the default list is defined in `group_vars/desktop/vscode-extensions.yml`)
+ vscode_extensions: []
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ # ssh_private_keys:
+ # - files/ssh/id_rsa_dev
+ # @var user_configs.system: false
+ # Set to true if the account is a system user without a home folder (root is considered a system user)
+ system: true
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/all/general.yml b/home/dot_local/share/ansible/environments/dev/group_vars/all/general.yml
new file mode 100644
index 00000000..101f0111
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/all/general.yml
@@ -0,0 +1,52 @@
+---
+# @var authorized_key_file: authorized_keys # The default authorized_keys file used for SSH.
+authorized_key_file: authorized_keys
+
+# @var certbot_admin_email: admin@example.com # The e-mail you would like associated with free Let's Encrypt SSL certificates.
+certbot_admin_email: '{{ admin_email }}'
+
+# @var certbot_certs: [] # An array of Let's Encrypt SSL request settings.
+certbot_certs: []
+# @example #
+# # In this example, every host that has the `certbot_certs` settings below will request wildcard domain certificates
+# # for all of the domains listed under `domains`. Let's Encrypt has rate-limits so make sure you do not provision
+# # a large number of hosts that are all requesting the same certificate over and over again. We used to do this but
+# # have moved towards implementing the SSL certificates on the firewall and then using HAProxy to send requests to their
+# # final destination over a ZeroTier connection over the LAN. This way, we mimic end-to-end encryption and only have one
+# # machine handling SSL certificates.
+# certbot_certs:
+# - email: '{{ cloudflare_email }}'
+# domains:
+# - '*.megabyte.space'
+# - '*.home.megabyte.space'
+# - '*.lab.megabyte.space'
+# @end
+
+# @var dns_provider: 1.1.1.1#cloudflare-dns.com # Default DNS-over-TLS address.
+dns_provider: 10.0.0.1#pfsense.lab.megabyte.space
+
+# @var dns_fallback_provider: 1.0.0.1#cloudflare-dns.com # Fallback DNS-over-TLS address.
+dns_fallback_provider: 10.0.0.1#pfsense.lab.megabyte.space
+
+# @var docker_users: [] # Array of users that should be able to access Docker with elevated permissions (e.g. sudo).
+docker_users:
+ - "{{ ansible_user | default(lookup('env', 'USER')) }}"
+
+_netdata_rooms:
+ do: 0f7a2d28-77c0-4eb1-970b-22405a3886f7
+ general: fb8e46ae-4354-454a-b676-46cda89c2e9b
+ james: 495e99ef-60b4-43a4-bb60-4e05accf58a2
+
+# @var netdata_rooms: {} # A mapping of VLAN IDs that correlate to [netdata](https://www.netdata.cloud/) rooms.
+netdata_rooms:
+ cloud: '{{ _netdata_rooms.do }}'
+ guest: '{{ _netdata_rooms.james }}'
+ iot: '{{ _netdata_rooms.james }}'
+ kubernetes: '{{ _netdata_rooms.james }}'
+ management: '{{ _netdata_rooms.james }}'
+ offline: '{{ _netdata_rooms.james }}'
+ unifi: '{{ _netdata_rooms.james }}'
+ work: '{{ _netdata_rooms.james }}'
+
+# @var security_autoupdate_mail_to: {} # The e-mail to notify when there is an issue with autoupdates.
+security_autoupdate_mail_to: '{{ admin_email }}'
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/all/helm.yml b/home/dot_local/share/ansible/environments/dev/group_vars/all/helm.yml
new file mode 120000
index 00000000..dd0970c6
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/all/helm.yml
@@ -0,0 +1 @@
+../../../prod/group_vars/all/helm.yml
\ No newline at end of file
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/all/heroku.yml b/home/dot_local/share/ansible/environments/dev/group_vars/all/heroku.yml
new file mode 120000
index 00000000..ced05e1c
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/all/heroku.yml
@@ -0,0 +1 @@
+../../../prod/group_vars/all/heroku.yml
\ No newline at end of file
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/all/software.yml b/home/dot_local/share/ansible/environments/dev/group_vars/all/software.yml
new file mode 100644
index 00000000..e8b79589
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/all/software.yml
@@ -0,0 +1,760 @@
+---
+# eslint-disable max-lines
+# yamllint disable rule:line-length
+# ## TAGGING INSTRUCTIONS ###
+# Each package should have a comment above it. The tags are at the beginning and can be any combination of the following:
+#
+# @ binary - All of the packages in this list will have the binary tag
+# @ cli - If the package is intended to be utilized from the terminal, add the @ cli tag
+# @ application - If the package is intended to be used as a desktop app, add the @ application tag
+# @ tui - TODO If the package is a @ cli but is intended to be used visually from a terminal (instead of inside scripts), then add the @ tui tag.
+# All @ tui should have the @ cli tag
+# @ service - TODO If the package launches any service when first run or installed, then add the @service tag
+# @ menubar - If the package is a menubar application, then add the @ menubar tag. A @ menubar application will always also have the @ application tag
+# @ binarycli - Should accompany any @ cli tags in this file
+# @ binaryapp - Should accompany any @ application tags in this file
+#
+# @installoption apk: package_name # Package name in the official/default APK repositories. This method is listed for completeness
+# @installoption apt: package_name # Package name in the official/default APT repositories. External repositories are not supported
+# @installoption binary: url # URL to the executable file
+# @installoption brew: package_name OR `example/example/package_name` # Homebrew macOS package name, include full address if not in the official registry
+# @installoption cargo: package_name # Cargo package name
+# @installoption choco: package_name # Chocolatey package name
+# @installoption dnf: package_name # Package name in the official/default DNF/YUM repositories. External repositories are not supported
+# @installoption exe: url # URL to the executable file (Windows only)
+# @installoption github: github_address # GitHub address (e.g. github.com/altair-graphql/altair). Installation is performed using the role `githubbinary`
+# @installoption go: go_github_address # Go GitHub address (e.g. github.com/nektos/act@latest)
+# @installoption pacman: package_name # Package name in the official/default Archlinux compatible repositories
+# @installoption ports: package_name # macOS port package name (installed via `sudo port install package_name`)
+# @installoption pkg: package_name # Package name in the official/default BSD repositories. This method is listed for completeness
+# @installoption scoop: package_name # Windows scoop package name (installed via `scoop install package_name`)
+# @installoption snap: package_name # Package name as shown in snapcraft.io
+# @installoption yay: package_name # Archlinux yay package name (installed via `yay -S package_name` from AUR)
+software_package:
+ # @binarycli @binary @cli [act](https://github.com/nektos/act) - To run Github Actions locally
+ act:
+ brew: act
+ choco: act-cli
+ go: github.com/nektos/act@latest
+ ports: act
+ scoop: act
+ yay: act
+ # @binaryapp @binary @application [Altair](https://github.com/altair-graphql/altair) - A beautiful feature-rich GraphQL Client for all platforms
+ altair:
+ brew: altair-graphql-client
+ choco: altair-graphql
+ github: github.com/altair-graphql/altair
+ snap: altair
+ yay: altair
+ # @binarycli @binary @cli [bandwhich](https://github.com/imsnif/bandwhich) - Terminal bandwidth utilization tool
+ bandwhich:
+ brew: bandwhich
+ github: github.com/imsnif/bandwhich
+ pacman: bandwhich
+ pkg: bandwhich
+ # @binarycli @binary @cli [bane](https://github.com/genuinetools/bane) - Custom & better AppArmor profile generator for Docker containers
+ bane:
+ github: github.com/genuinetools/bane
+ go: github.com/genuinetools/bane@latest
+ # @binarycli @binary @cli [bat](https://github.com/sharkdp/bat) - Clone of cat(1) with syntax highlighting and Git integration
+ bat:
+ apk: bat
+ brew: bat
+ cargo: bat
+ choco: bat
+ github: bat
+ pacman: bat
+ scoop: bat
+ # @binaryapp @binary @application [Betwixt](https://github.com/kdzwinel/betwixt) - Web Debugging Proxy based on Chrome DevTools Network panel
+ betwixt:
+ github: github.com/kdzwinel/betwixt
+ # @binarycli @binary @cli [bin](https://github.com/marcosnils/bin) - Effortless binary manager
+ bin:
+ github: github.com/marcosnils/bin
+ go: github.com/marcosnils/bin@latest
+ # @binaryapp @binary @application [BitWarden](https://github.com/bitwarden/desktop) - The desktop vault (Windows, macOS, & Linux)
+ bitwarden:
+ brew: bitwarden
+ choco: bitwarden
+ github: github.com/bitwarden/desktop
+ snap: bitwarden
+ yay: bitwarden-git
+ # @binarycli @binary @cli [bivac](https://github.com/camptocamp/bivac) - Backup Interface for Volumes Attached to Containers
+ bivac:
+ github: github.com/camptocamp/bivac
+ # go: github.com/camptocamp/bivac@latest # Failure: "module declares its path as: github.com/sirupsen/logrus but was required as: github.com/Sirupsen/logrus"
+ # @binarycli @binary @cli [boilr](https://github.com/tmrts/boilr) - boilerplate template manager that generates files or directories from template repositories
+ boilr:
+ github: github.com/tmrts/boilr
+ go: github.com/tmrts/boilr@latest
+ # @binarycli @binary @cli [captain](https://github.com/jenssegers/captain) - Helps manage docker-compose.yml files from anywhere in the file system
+ captain:
+ github: github.com/jenssegers/captain
+ # @binaryapp @binary @application @service [Cerebro](https://github.com/cerebroapp/cerebro) - Open-source productivity booster with a brain
+ cerebro:
+ brew: cerebro
+ choco: cerebro
+ github: github.com/cerebroapp/cerebro
+ yay: cerebro
+ # @binarycli @binary @cli [clair](https://github.com/quay/clair) - Vulnerability Static Analysis for Containers
+ clair:
+ brew: clair
+ github: github.com/quay/clair
+ # @binarycli @binary @cli [consul-cli](https://github.com/mantl/consul-cli) - Command line interface to Consul HTTP API
+ consul-cli:
+ github: github.com/mantl/consul-cli
+ # @binarycli @binary @cli [croc](https://github.com/schollz/croc) - Easily and securely send things from one computer to another
+ croc:
+ brew: croc
+ choco: croc
+ github: github.com/schollz/croc
+ go: github.com/schollz/croc/v9@latest
+ pacman: croc
+ pkg: croc
+ scoop: croc
+ # @binarycli @binary @cli [ctop](https://github.com/bcicen/ctop) - Top-like interface for container metrics
+ ctop:
+ brew: ctop
+ github: github.com/bcicen/ctop
+ yay: ctop-bin
+ # @binaryapp @binary @application @menubar [Cumulus](https://github.com/gillesdemey/Cumulus) - A SoundCloud player that lives in the menubar
+ cumulus:
+ brew: cumulus
+ github: github.com/gillesdemey/Cumulus
+ # @binarycli @binary @cli [dasel](https://github.com/TomWright/dasel) - Select, put and delete data from JSON, TOML, YAML, XML and CSV files with a single tool
+ dasel:
+ brew: dasel
+ github: github.com/TomWright/dasel
+ go: github.com/tomwright/dasel/cmd/dasel@master
+ # @binarycli @binary @cli [dat](https://github.com/datproject/dat) - Peer-to-peer sharing & live syncronization of files via command line
+ dat:
+ github: github.com/dat-ecosystem-archive/dat
+ npm: dat@next
+ # @binaryapp @binary @application [Dat Desktop](https://github.com/datproject/dat-desktop) - Peer to peer data syncronization
+ dat-desktop:
+ brew: dat
+ github: github.com/datproject/dat-desktop
+ # @binarycli @binary @cli [delta](https://github.com/dandavison/delta) - A syntax-highlighting pager for git and diff output
+ delta:
+ brew: git-delta
+ cargo: git-delta
+ choco: delta
+ dnf: git-delta
+ github: github.com/dandavison/delta
+ pacman: git-delta
+ pkg: git-delta
+ scoop: delta
+ # @binarycli @binary @cli [dive](https://github.com/wagoodman/dive) - A tool for exploring each layer in a docker image
+ dive:
+ brew: dive
+ github: github.com/wagoodman/dive
+ go: github.com/wagoodman/dive@latest
+ yay: dive
+ # @binarycli @binary @cli [desed](https://github.com/SoptikHa2/desed) - Debugger for Sed: demystify and debug the sed scripts, from comfort of terminal
+ desed: # Name of package - this should only be used for the TUI
+ cargo: desed # Cargo package installable via `cargo install desed`
+ dnf: desed # dnf package for Fedora
+ github: github.com/SoptikHa2/desed # GitHub link - populate if the repository has releases
+ pkg: desed # FreeBSD pkg name for future FreeBSD support
+ # @binarycli @binary @cli [deta](https://github.com/deta/deta-cli) - Command line interface for managing Deta micros and deployments
+ deta:
+ github: github.com/deta/deta-cli
+ # @binarycli @binary @cli [direnv](https://github.com/direnv/direnv) - Extension to load and unload environment variables depending on the current directory
+ direnv:
+ apt: direnv
+ brew: direnv
+ github: github.com/direnv/direnv
+ # @binarycli @binary @cli [docker-slim](https://github.com/docker-slim/docker-slim) - Extension to minify and secure Docker images
+ docker-slim:
+ brew: docker-slim
+ dnf: golang-github-docker-slim
+ github: github.com/docker-slim/docker-slim
+ yay: docker-slim
+ # @binarycli @binary @cli [dockle](https://github.com/goodwithtech/dockle) - Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
+ dockle:
+ brew: goodwithtech/r/dockle
+ github: github.com/goodwithtech/dockle
+ yay: dockle-bin
+ # @binarycli @binary @cli [doctl](https://github.com/digitalocean/doctl) - The official command line interface for the DigitalOcean API
+ doctl:
+ brew: doctl
+ github: github.com/digitalocean/doctl
+ pacman: doctl
+ pkg: doctl
+ snap: doctl
+ # @binarycli @binary @cli [dog](https://github.com/ogham/dog) - A command-line DNS client
+ dog:
+ brew: dog
+ github: github.com/ogham/dog
+ pacman: dog
+ pkg: dog
+ # @binarycli @binary @cli [duf](https://github.com/muesli/duf) - Disk Usage/Free Utility - a better 'df' alternative
+ duf:
+ brew: duf
+ choco: duf
+ github: github.com/muesli/duf
+ pacman: duf
+ pkg: duf
+ scoop: duf
+ snap: duf-utility
+ # @binarycli @binary @cli [dust](https://github.com/bootandy/dust) - A more intuitive version of du in rust
+ dust:
+ apk: dust
+ github: github.com/bootandy/dust
+ pacman: dust
+ # @binarycli @binary @cli [envconsul](https://github.com/hashicorp/envconsul) - Launch a subprocess with environment variables using data from @hashicorp Consul and Vault
+ envconsul:
+ github: github.com/hashicorp/envconsul
+ # @binarycli @binary @cli [fd](https://github.com/sharkdp/fd) - A simple, fast and user-friendly alternative to 'find'
+ fd:
+ apk: fd
+ apt: fd-find
+ brew: fd
+ cargo: fd-find
+ choco: fd
+ github: github.com/sharkdp/fd
+ pacman: fd
+ pkg: fd
+ scoop: fd
+ # @binary [felony](https://github.com/henryboldi/felony) - An open-source pgp keychain built on the modern web with Electron, React, and Redux
+ # felony:
+ # github: github.com/henryboldi/felony
+ # @binarycli @binary @cli [ffsend](https://github.com/timvisee/ffsend) - Easily and securely share files from the command line, a fully featured Firefox Send client
+ ffsend:
+ apk: ffsend
+ brew: ffsend
+ github: github.com/timvisee/ffsend
+ pkg: ffsend
+ scoop: ffsend
+ snap: ffsend
+ yay: ffsend
+ # @binarycli @binary @cli @webapp [filebrowser](https://github.com/filebrowser/filebrowser) - Web file browser
+ filebrowser:
+ brew: filebrowser/tap/filebrowser
+ github: github.com/filebrowser/filebrowser
+ # @binarycli @binary @cli [fm](https://github.com/knipferrc/fm) - Terminal file manager
+ fm:
+ github: github.com/knipferrc/fm
+ go: github.com/knipferrc/fm@latest
+ # @binarycli @binary @cli [fselect](https://github.com/jhspetersson/fselect) - Extension to find files with SQL-like queries
+ fselect:
+ brew: fselect
+ choco: fselect
+ cargo: fselect
+ github: github.com/jhspetersson/fselect
+ yay: fselect
+ # @binarycli @binary @cli [fq](https://github.com/wader/fq) - jq for binary formats
+ fq:
+ brew: wader/tap/fq
+ github: github.com/wader/fq
+ pacman: fq
+ scoop: fq
+ # @binarycli @binary @cli [Fuego](https://github.com/sgarciac/fuego) - Fuego is a command line client for the firestore database
+ fuego:
+ github: github.com/sgarciac/fuego
+ # @binaryapp @binary @application @service [Google Assistant Unofficial Desktop Client](https://github.com/Melvin-Abraham/Google-Assistant-Unofficial-Desktop-Client) - A cross-platform unofficial Google Assistant Client for Desktop
+ g-assist:
+ github: github.com/Melvin-Abraham/Google-Assistant-Unofficial-Desktop-Client
+ # @binaryapp @binary @application [Ganache](https://github.com/trufflesuite/ganache-ui) - Personal blockchain for Ethereum development
+ ganache:
+ github: github.com/trufflesuite/ganache-ui
+ npm: ganache
+ # @binaryapp @binary @application @menubar [Gitify](https://github.com/manosim/gitify) - GitHub notifications on the menu bar
+ gitify:
+ brew: gitify
+ github: github.com/manosim/gitify
+ yay: gitify-bin
+ # @binarycli @binary @cli [gitleaks](https://github.com/zricethezav/gitleaks) - Extension to scan git repos (or files) for secrets using regex and entropy
+ gitleaks:
+ brew: gitleaks
+ github: github.com/zricethezav/gitleaks
+ pkg: gitleaks
+ yay: gitleaks
+ # @binarycli @binary @cli [gitomatic](https://github.com/muesli/gitomatic) - A tool to monitor git repositories and automatically pull & push changes
+ gitomatic:
+ github: github.com/muesli/gitomatic
+ # @binarycli @binary @cli [glab](https://github.com/profclems/glab) - An open-source GitLab command line tool bringing GitLab's cool features to your command line
+ glab:
+ apk: glab
+ brew: glab
+ github: github.com/profclems/glab
+ scoop: glab
+ snap: glab
+ yay: gitlab-glab-bin
+ # @binarycli @binary @cli [glow](https://github.com/charmbracelet/glow) - Glow is a terminal based markdown reader designed from the ground up to bring out the beauty—and power—of the CLI
+ glow:
+ brew: glow
+ github: github.com/charmbracelet/glow
+ pkg: glow
+ scoop: glow
+ yay: glow
+ # @binarycli @binary @cli [gojq](https://github.com/itchyny/gojq) - gojq is a pure Go implementation of jq that is mostly backwards compatible (but not completely)
+ gojq:
+ brew: gojq
+ github: github.com/itchyny/gojq
+ go: github.com/itchyny/gojq@latest
+ # @binarycli @binary @cli [go-chromecast](https://github.com/vishen/go-chromecast) - CLI for Google Chromecast, Home devices and Cast Groups
+ go-chromecast:
+ github: github.com/vishen/go-chromecast
+ go: github.com/vishen/go-chromecast@latest
+ # @binarycli @binary @cli [gping](https://github.com/orf/gping) - Ping, but with a graph
+ gping:
+ brew: gping
+ cargo: gping
+ choco: gping
+ github: github.com/orf/gping
+ scoop: gping
+ pacman: gping
+ # @binarycli @binary @cli [grex](https://github.com/pemistahl/grex) - A command-line tool and library for generating regular expressions from user-provided test cases
+ grex:
+ brew: grex
+ cargo: grex
+ choco: grex
+ github: github.com/pemistahl/grex
+ scoop: grex
+ # @binarycli @binary @cli [gron](https://github.com/tomnomnom/gron) - Extension to make JSON greppable
+ gron:
+ brew: gron
+ github: github.com/tomnomnom/gron
+ go: github.com/tomnomnom/gron@latest
+ # @binarycli @binary @cli [hclq](https://github.com/mattolenik/hclq) - Command-line processor for HashiCorp config files, like sed for HCL — Terraform, Consul, Nomad, Vault
+ hclq:
+ github: github.com/mattolenik/hclq
+ go: github.com/mattolenik/hclq
+ # @binarycli @binary @cli [hexyl](https://github.com/sharkdp/hexyl) - A command-line hex viewer
+ hexyl:
+ apt: hexyl
+ brew: hexyl
+ cargo: hexyl
+ github: github.com/sharkdp/hexyl
+ pacman: hexyl
+ pkg: hexyl
+ scoop: hexyl
+ snap: hexyl
+ # @binarycli @binary @cli [hey](https://github.com/rakyll/hey) - HTTP load generator, ApacheBench (ab) replacement, formerly known as rakyll/boom
+ hey:
+ brew: hey
+ github: github.com/rakyll/hey
+ # @binarycli @binary @cli [hostctl](https://github.com/guumaster/hostctl) - This tool gives more control over the use of hosts file
+ hostctl:
+ brew: guumaster/tap/hostctl
+ github: github.com/guumaster/hostctl
+ scoop: hostctl
+ yay: hostctl
+ # @binarycli @binary @cli [htmlq](https://github.com/mgdm/htmlq) - A lightweight and flexible command-line JSON processor for HTML
+ htmlq:
+ brew: htmlq
+ cargo: htmlq
+ github: github.com/mgdm/htmlq
+ # @binarycli @binary @cli [hyperfine](https://github.com/sharkdp/hyperfine) - A command-line benchmarking tool
+ hyperfine:
+ apk: hyperfine
+ brew: hyperfine
+ cargo: hyperfine
+ choco: hyperfine
+ dnf: hyperfine
+ github: github.com/sharkdp/hyperfine
+ pacman: hyperfine
+ pkg: hyperfine
+ # @binarycli @binary @cli [jiq](https://github.com/fiatjaf/jiq) - Create jq queries interactively by leveraging a live reload feature in the terminal
+ jiq:
+ github: github.com/fiatjaf/jiq/cmd/jiq
+ go: github.com/fiatjaf/jiq/cmd/jiq@latest
+ # @binaryapp @binary @application [Jitsi Meet Electron](https://github.com/jitsi/jitsi-meet-electron) - Desktop application for Jitsi Meet built with Electron
+ jitsi-meet-electron:
+ brew: jisti-meet
+ choco: jitsi-meet-electron
+ github: github.com/jitsi/jitsi-meet-electron
+ pkg: jisti-meet
+ yay: jitsi-meet-desktop-bin
+ # @binarycli @binary @cli [jo](https://github.com/jpmens/jo) - JSON output from a shell
+ jo:
+ brew: jo
+ apt: jo
+ snap: jo
+ github: github.com/jpmens/jo
+ pkg: jo
+ scoop: jo
+ yay: jo
+ # @binarycli @binary @cli [jq](https://github.com/stedolan/jq) - Command-line JSON processor
+ jq:
+ brew: jq
+ choco: jq
+ apk: jq
+ apt: jq
+ dnf: jq
+ github: github.com/stedolan/jq
+ pkg: jq
+ # @binarycli @binary @cli [kdash](https://github.com/kdash-rs/kdash) - A simple and fast dashboard for Kubernetes
+ kdash:
+ brew: kdash-rs/kdash/kdash
+ cargo: kdash
+ choco: kdash
+ github: github.com/kdash-rs/kdash
+ scoop: kdash
+ # @binarycli @binary @cli [kubenav](https://github.com/kubenav/kubenav) - kubenav is the navigator for your Kubernetes clusters right in your pocket
+ kubenav:
+ github: github.com/kubenav/kubenav
+ yay: kubenav-bin
+ # @binarycli @binary @cli [license](https://github.com/nishanths/license) - Command-line license text generator
+ license:
+ go: github.com/nishanths/license@latest
+ yay: nishanths-license-git
+ # @binarycli @binary @cli [linuxkit](https://github.com/linuxkit/linuxkit) - A toolkit for building secure, portable and lean operating systems for containers
+ linuxkit:
+ brew: linuxkit/linuxkit/linuxkit
+ github: github.com/linuxkit/linuxkit
+ # @binaryapp @binary @application [Manta](https://github.com/hql287/Manta) - Flexible invoicing desktop app with beautiful & customizable templates
+ manta:
+ brew: manta
+ github: github.com/hql287/Manta
+ # @binaryapp @binary @application [MarkText](https://github.com/marktext/marktext) - A simple and elegant markdown editor, available for Linux, macOS and Windows
+ mark-text:
+ brew: mark-text
+ choco: marktext
+ github: github.com/marktext/marktext
+ yay: marktext
+ # @binaryapp @binary @application [MassCode](https://github.com/antonreshetov/massCode) - A free and open source code snippets manager for developers
+ masscode:
+ brew: masscode
+ github: github.com/antonreshetov/massCode
+ # @binarycli @binary @cli [mergestat](https://github.com/mergestat/mergestat) - Query git repositories with SQL. Generate reports, perform status checks, analyze codebases
+ mergestat:
+ brew: mergestat/mergestat/mergestat
+ github: github.com/mergestat/mergestat
+ # @binarycli @binary @cli [mc](https://github.com/minio/mc) - MinIO Client is a replacement for ls, cp, mkdir, diff and rsync commands for filesystems and object storage
+ mc:
+ brew: minio/stable/mc
+ binary: https://dl.min.io/client/mc/release/linux-amd64/mc
+ exe: https://dl.min.io/client/mc/release/windows-amd64/mc.exe
+ go: github.com/minio/mc@latest
+ # @binaryapp @binary @application [MJML App](https://github.com/mjmlio/mjml-app) - The desktop app for MJML
+ mjml-app:
+ github: github.com/mjmlio/mjml-app
+ # @binarycli @binary @cli [mkcert](https://github.com/FiloSottile/mkcert) - A simple zero-config tool to make locally trusted development certificates with any names
+ mkcert:
+ brew: mkcert
+ choco: mkcert
+ github: github.com/FiloSottile/mkcert
+ pacman: mkcert
+ scoop: mkcert
+ # @binaryapp @binary @application [Mockoon](https://github.com/mockoon/mockoon) - Mockoon is the easiest and quickest way to run mock APIs locally. No remote deployment, no account required, open source
+ mockoon:
+ brew: mockoon
+ choco: mockoon
+ github: github.com/mockoon/mockoon
+ snap: mockoon
+ yay: mockoon-bin
+ # @binaryapp @binary @application [Motrix](https://github.com/agalwood/Motrix) - A full-featured download manager
+ motrix:
+ brew: motrix
+ choco: motrix
+ github: github.com/agalwood/Motrix
+ scoop: motrix
+ yay: motrix-bin
+ # @binaryapp @binary @application [MQTT X](https://github.com/emqx/MQTTX) - MQTT X - Elegant Cross-platform MQTT 5.0 Desktop Client
+ mqttx:
+ brew: mqttx
+ github: github.com/emqx/MQTTX
+ snap: mqttx
+ yay: mqttx-bin
+ # @binarycli @binary @cli [muffet](https://github.com/raviqqe/muffet) - Fast website link checker in Go
+ muffet:
+ brew: muffet
+ github: github.com/raviqqe/muffet
+ go: github.com/raviqqe/muffet/v2@latest
+ yay: muffet-bin
+ # @binaryapp @binary @application [Mullvad VPN](https://github.com/mullvad/mullvadvpn-app) - The Mullvad VPN client app for desktop and mobile
+ mullvad-vpn:
+ brew: mullvadvpn
+ github: github.com/mullvad/mullvadvpn-app
+ yay: mullvad-vpn
+ # @binarycli @binary @cli [nebula](https://github.com/slackhq/nebula) - A scalable overlay networking tool
+ nebula:
+ github: github.com/slackhq/nebula
+ pacman: nebula
+ # @binarycli @binary @cli [nnn](https://github.com/jarun/nnn) - A full-featured terminal file manager
+ nnn:
+ apk: nnn
+ apt: nnn
+ brew: nnn
+ github: github.com/jarun/nnn
+ pacman: nnn
+ pkg: nnn
+ # @binarycli @binary @cli [node-prune](https://github.com/tj/node-prune) - Extension to remove unnecessary files from node_modules
+ node-prune:
+ github: github.com/tj/node-prune
+ go: github.com/tj/node-prune@latest
+ # @binarycli @binary @cli [nomino](https://github.com/yaa110/nomino) - Batch rename utility for developers
+ nomino:
+ cargo: nomino
+ github: github.com/yaa110/nomino
+ yay: nomino
+ # @binaryapp @binary @application [Nuclear](https://github.com/nukeop/nuclear) - Streaming music player that finds free music
+ nuclear:
+ brew: nuclear
+ choco: nuclear
+ github: github.com/nukeop/nuclear
+ snap: nuclear
+ yay: nuclear-player-bin
+ # @binarycli @binary @cli [osquery](https://github.com/osquery/osquery) - SQL powered operating system instrumentation, monitoring, and analytics
+ osquery:
+ brew: osquery
+ choco: osquery
+ github: github.com/osquery/osquery
+ yay: osquery-git
+ # @binarycli @binary @cli [ots](https://github.com/sniptt-official/ots) - Share end-to-end encrypted secrets with others via a one-time URL
+ ots:
+ brew: ots
+ github: github.com/sniptt-official/ots
+ go: github.com/sniptt-official/ots@latest
+ # @binarycli @binary @cli [oq](https://github.com/Blacksmoke16/oq) - A performant, and portable jq wrapper to facilitate the consumption and output of formats other than JSON; using jq filters to transform the data
+ oq:
+ brew: oq
+ github: github.com/Blacksmoke16/oq
+ snap: oq
+ yay: oq
+ # @binarycli @binary @cli [page-fetch](https://github.com/detectify/page-fetch) - Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files
+ page-fetch:
+ go: github.com/detectify/page-fetch@latest
+ # @binarycli @binary @cli [pass](https://www.passwordstore.org/) - Password manager
+ pass:
+ apt: pass
+ brew: pass
+ pacman: pass
+ pkg: password-store
+ yum: pass
+ # @binarycli @binary @cli [pastel](https://github.com/sharkdp/pastel) - A command-line tool to generate, analyze, convert and manipulate colors
+ pastel:
+ brew: pastel
+ cargo: pastel
+ github: github.com/sharkdp/pastel
+ snap: pastel
+ yay: pastel
+ # @binarycli @binary @cli [peco](https://github.com/peco/peco) - Simplistic interactive filtering tool
+ peco:
+ apt: peco
+ brew: peco
+ choco: peco
+ github: github.com/peco/peco
+ pacman: peco
+ # @binarycli @binary @cli [pony](https://github.com/jessfraz/pony) - Local file-based password, API key, secret, recovery code store backed by GPG
+ pony:
+ github: github.com/jessfraz/pony
+ go: github.com/jessfraz/pony@latest
+ # @binaryapp @binary @application @menubar [Pretzel](https://github.com/amiechen/pretzel) - Pretzel is Mac desktop app that shows and find keyboard shortcuts based on your current app
+ pretzel:
+ github: github.com/amiechen/pretzel
+ # @binarycli @binary @cli [procs](https://github.com/dalance/procs) - A modern replacement for ps written in Rust
+ procs:
+ apk: procs
+ brew: procs
+ cargo: procs
+ dnf: procs
+ github: github.com/dalance/procs
+ pacman: procs
+ scoop: procs # For Windows
+ snap: procs
+ # @binarycli @binary @cli [psu](https://github.com/greenled/portainer-stack-utils) - CLI client for Portainer
+ psu:
+ github: github.com/greenled/portainer-stack-utils
+ # @binarycli @binary @cli [pup](https://github.com/ericchiang/pup) - Parsing HTML at the command line
+ pup:
+ brew: pup
+ github: github.com/ericchiang/pup
+ go: github.com/ericchiang/pup@latest
+ # @binarycli @binary @cli [q](https://github.com/harelba/q) - Run SQL directly on CSV or TSV files
+ q:
+ brew: q
+ github: github.com/harelba/q
+ # @binaryapp @binary @application [Responsively](https://github.com/responsively-org/responsively-app) - A modified web browser that helps in responsive web development
+ responsively:
+ brew: responsively
+ choco: responsively
+ github: github.com/responsively-org/responsively-app
+ # @binarycli @binary @cli [rip](https://github.com/nivekuil/rip) - A safe and ergonomic alternative to rm
+ rip:
+ brew: rm-improved
+ cargo: rm-improved
+ github: github.com/nivekuil/rip
+ yay: rm-improved
+ # @binaryapp @binary @application [RunJS](https://github.com/lukehaas/RunJS) - A JavaScript playground that auto-evaluates as you type
+ runjs:
+ brew: runjs
+ choco: runjs
+ github: github.com/lukehaas/RunJS
+ # snap: runjs # Not in the Stable Channel yet
+ yay: runjs-bin
+ # @binarycli @binary @cli [s5cmd](https://github.com/peak/s5cmd) - Parallel S3 and local filesystem execution tool with benchmarks that show it is the fastest S3 downloader
+ s5cmd:
+ brew: peak/tap/s5cmd
+ github: github.com/peak/s5cmd
+ go: github.com/peak/s5cmd@latest
+ # @binarycli @binary @cli [schema](https://github.com/Confbase/schema) - A tool to infer and instantiate schemas and translate between data formats
+ schema:
+ go: github.com/Confbase/schema
+ # @binarycli @binary @cli [scrcpy](https://github.com/Genymobile/scrcpy) - Display and control your Android device
+ scrcpy:
+ apt: scrcpy
+ brew: scrcpy
+ choco: scrcpy
+ dnf: scrcpy
+ github: github.com/Genymobile/scrcpy
+ pkg: scrcpy
+ snap: scrcpy
+ yay: scrcpy
+ # @binaryapp @binary @application [Scrcpy GUI](https://github.com/Tomotoes/scrcpy-gui) - A simple & beautiful GUI application for scrcpy
+ scrcpy-gui:
+ github: github.com/Tomotoes/scrcpy-gui
+ # @binarycli @binary @cli [sd](https://github.com/chmln/sd) - Intuitive find & replace CLI (sed alternative)
+ sd:
+ apk: sd # Include information about apk releases for possible future Alpine support
+ brew: sd # Brew package name
+ cargo: sd
+ choco: sd-cli # Choco package name
+ dnf: sd
+ github: github.com/chmln/sd
+ pacman: sd # pacman release for Archlinux
+ pkg: sd
+ # @binarycli @binary @cli [shfmt](https://github.com/mvdan/sh/) - A shell parser, formatter, and interpreter with bash support; includes shfmt
+ shfmt:
+ apk: shfmt
+ brew: shfmt
+ github: github.com/mvdan/sh/
+ go: mvdan.cc/sh/v3/cmd/shfmt@latest
+ pacman: shfmt
+ pkg: shfmt
+ scoop: shfmt
+ snap: shfmt
+ # @binarycli @binary @cli [skm](https://github.com/TimothyYe/skm) - A simple and powerful SSH keys manager
+ skm:
+ brew: timothyye/tap/skm
+ github: github.com/TimothyYe/skm
+ go: github.com/TimothyYe/skm/cmd/skm@latest
+ # @binaryapp @binary @application [Skype](https://www.skype.com) - Skype is for connecting with the people that matter most in your life and work
+ skype:
+ brew: skype
+ choco: skype
+ snap: skype
+ # @binaryapp @binary @application [Slack](https://slack.com/) - Transform the way that you work with one place for everyone and everything that you need to get things done
+ slack:
+ brew: slack
+ choco: slack
+ snap: slack
+ # @binaryapp @binary @application [SQLectron](https://github.com/sqlectron/sqlectron-gui) - A simple and lightweight SQL client desktop with cross database and platform support
+ sqlectron:
+ brew: sqlectron
+ github: github.com/sqlectron/sqlectron-gui
+ yay: sqlectron-gui
+ # @binarycli @binary @cli [ssh-vault](https://github.com/ssh-vault/ssh-vault) - Encrypt/decrypt using ssh keys
+ ssh-vault:
+ brew: ssh-vault
+ github: github.com/ssh-vault/ssh-vault
+ # @binarycli @binary @cli [ssl-proxy](https://github.com/suyashkumar/ssl-proxy) - Simple zero-config SSL reverse proxy with real autogenerated certificates
+ ssl-proxy:
+ github: github.com/suyashkumar/ssl-proxy
+ # @binaryapp @binary @application [SwitchHosts](https://github.com/oldj/SwitchHosts) - Extension to switch hosts
+ switchhosts:
+ github: github.com/oldj/SwitchHosts
+ # @binarycli @binary @cli [sysbench](https://github.com/akopytov/sysbench) - System performance benchmark tool
+ sysbench:
+ apk: sysbench
+ apt: sysbench
+ brew: sysbench
+ dnf: sysbench
+ pacman: sysbench
+ pkg: sysbench
+ # @binaryapp @binary @application [Tabby](https://github.com/Eugeny/tabby) - A terminal for a more modern age
+ tabby:
+ brew: tabby
+ choco: tabby
+ github: github.com/Eugeny/tabby
+ # @binarycli @binary @cli [Task](https://github.com/go-task/task) - A task runner / simpler Make alternative written in Go
+ task:
+ brew: go-task/tap/go-task
+ choco: go-task
+ go: github.com/go-task/task/v3/cmd/task@latest
+ github: github.com/go-task/task
+ scoop: task
+ snap: task
+ yay: taskfile-git
+ # @binarycli @binary @cli [Teleport](https://github.com/gravitational/teleport) - Modern SSH server for teams managing distributed infrastructure
+ teleport:
+ brew: teleport
+ pkg: teleport
+ yay: teleport-bin
+ # @binarycli @binary @cli [tflint](https://github.com/terraform-linters/tflint) - A Pluggable Terraform Linter
+ tflint:
+ brew: tflint
+ choco: tflint
+ github: github.com/terraform-linters/tflint
+ # @binaryapp @binary @application [Temps](https://github.com/jackd248/temps) - Simple menubar application based on Electron with actual weather information and forecast
+ temps:
+ github: github.com/jackd248/temps
+ # @binarycli @binary @cli [tokei](https://github.com/XAMPPRocky/tokei) - Tokei is a program that displays statistics about the code
+ tokei:
+ apk: tokei
+ brew: tokei
+ cargo: tokei
+ dnf: tokei
+ github: github.com/XAMPPRocky/tokei
+ pacman: tokei
+ pkg: tokei
+ scoop: tokei
+ # @binarycli @binary @cli [transfer](https://github.com/rinetd/transfer) - Converts from one encoding to another
+ transfer:
+ github: github.com/rinetd/transfer
+ go: github.com/rinetd/transfer@latest
+ # @binarycli @binary @cli [trivy](https://github.com/aquasecurity/trivy) - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
+ trivy:
+ github: github.com/aquasecurity/trivy
+ yay: trivy-bin
+ # @binarycli @binary @cli [up](https://github.com/akavel/up) - Ultimate Plumber is a tool for writing Linux pipes with instant live preview
+ up:
+ brew: up
+ github: github.com/akavel/up
+ pkg: up
+ yay: up
+ # @binaryapp @binary @application [Udemy Course Downloader](https://github.com/FaisalUmair/udemy-downloader-gui) - A desktop application for downloading Udemy Courses
+ udemy-downloader-gui:
+ github: github.com/FaisalUmair/udemy-downloader-gui
+ # @binarycli @binary @cli [waypoint](https://github.com/hashicorp/waypoint) - A tool to build, deploy, and release any application on any platform
+ waypoint:
+ brew: hashicorp/tap/waypoint
+ github:
+ scoop: waypoint
+ # @binarycli @binary @cli [websocat](https://github.com/vi/websocat) - CLI for interacting with web sockets
+ websocat:
+ brew: websocat
+ cargo: --features=ssl websocat
+ github: github.com/vi/websocat
+ pkg: websocat
+ port: websocat
+ # @binaryapp @binary @application [WebTorrent Desktop](https://github.com/webtorrent/webtorrent-desktop) - Streaming torrent app for Mac, Windows, and Linux
+ webtorrent:
+ brew: webtorrent
+ choco: webtorrent-desktop
+ github: github.com/webtorrent/webtorrent-desktop
+ yay: webtorrent-desktop
+ # @binarycli @binary @cli [whaler](https://github.com/P3GLEG/Whaler) - Whaler takes a Docker image and attempts to reverse engineer the Dockerfile that created it
+ whaler:
+ github: github.com/P3GLEG/Whaler
+ # @binarycli @binary @cli [wkhtmltopdf](https://github.com/wkhtmltopdf/wkhtmltopdf) - Convert HTML to PDF using Webkit (QtWebKit)
+ wkhtmltopdf:
+ apt: wkhtmltopdf
+ brew: wkhtmltopdf
+ choco: wkhtmltopdf
+ github: github.com/wkhtmltopdf/wkhtmltopdf
+ pacman: wkhtmltopdf
+ # @binarycli @binary @cli [xurls](https://github.com/mvdan/xurls) - Extract urls from text
+ xurls:
+ go: mvdan.cc/xurls/v2/cmd/xurls@latest
+ github: github.com/mvdan/xurls
+ # @binarycli @binary @cli [yq](https://github.com/mikefarah/yq) - Process YAML documents from the CLI
+ yq:
+ brew: yq
+ choco: yq
+ apk: yq
+ github: github.com/stedolan/jq
+ go: github.com/mikefarah/yq/v4@latest
+ snap: yq
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/all/vault.yml b/home/dot_local/share/ansible/environments/dev/group_vars/all/vault.yml
new file mode 100644
index 00000000..cfc2c558
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/all/vault.yml
@@ -0,0 +1,66 @@
+---
+# controller_ip_address: 10.14.49.14 # IP address of the UniFi controller
+# home_ip_address: 10.14.14.14 # IP address hosting the services under the home_subdomain
+controller_ip_address: 172.24.24.2 # Main IP address where web requests go to first
+# netboot_ip_address: 10.14.24.44 # IP address of the Raspberry Pi that hosts Netboot.xyz
+# proxy_ip_address: 10.14.24.24 # IP address of the computer hosting apt-cacher-ng
+
+# Public IP address of the endpoint that is hosting StatPing and Healthchecks (see: https://github.com/statping/statping)
+# status_ip_address: 45.55.39.118
+
+alerts_email: dev@test.megabyte.space
+
+cloudflare_email: dev@test.megabyte.space
+# cloudflare_api_key: XXX # Global API key
+# cloudflare_api_token: XXX # NGINX Optimized token
+
+# digitalocean_access_key_id: XXX
+# digitalocean_secret_access_key: XXX
+
+git_user_email: dev@test.megabyte.space
+git_user_name: Git E2E Dev Test Username
+
+# gmail_auth_password: XXX
+# gmail_auth_username: XXX
+
+lan_network:
+ guest: 10.14.141.0/24
+ iot: 10.14.33.0/24
+ kubernetes: 10.14.24.0/24
+ management: 10.0.0.0/24
+ offline: 10.14.144.0/24
+ unifi: 10.14.49.0/24
+ work: 172.24.24.0/24
+
+vlan: work
+
+# netdata_token: XXX
+
+# nginx_amplify_api_key: XXX
+
+npm_author_email: dev@test.megabyte.space
+npm_author_name: NPM Test Author
+
+password_salt: ExtraSalty324932 # Length should not exceed 16 characters for SHA512 Hash
+# restic_repository: XXX
+# restic_password: XXX
+
+ssh_meta:
+ testssh:
+ key: id_rsa_dev
+ user: ubuntu
+ ubuntu:
+ key: id_rsa_dev
+ user: vagrant
+ windows:
+ key: id_rsa_dev
+ user: administrator
+ workstation:
+ key: id_rsa_dev
+ user: vagrant
+
+ssh_port: '6969'
+# vault_password: XXX
+
+# wasabi_access_key_id: XXX
+# wasabi_secret_access_key: XXX
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/desktop/chrome-extensions.yml b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/chrome-extensions.yml
new file mode 120000
index 00000000..cd2f8f12
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/chrome-extensions.yml
@@ -0,0 +1 @@
+../../../prod/group_vars/desktop/chrome-extensions.yml
\ No newline at end of file
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/desktop/dotnet-tools.yml b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/dotnet-tools.yml
new file mode 120000
index 00000000..25363efd
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/dotnet-tools.yml
@@ -0,0 +1 @@
+../../../prod/group_vars/desktop/dotnet-tools.yml
\ No newline at end of file
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/desktop/firefox-addons.yml b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/firefox-addons.yml
new file mode 120000
index 00000000..1ff4e34e
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/firefox-addons.yml
@@ -0,0 +1 @@
+../../../prod/group_vars/desktop/firefox-addons.yml
\ No newline at end of file
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/desktop/homebrew.yml b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/homebrew.yml
new file mode 120000
index 00000000..f44c33ea
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/homebrew.yml
@@ -0,0 +1 @@
+../../../prod/group_vars/desktop/homebrew.yml
\ No newline at end of file
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/desktop/npm-packages.yml b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/npm-packages.yml
new file mode 120000
index 00000000..39346e33
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/npm-packages.yml
@@ -0,0 +1 @@
+../../../prod/group_vars/desktop/npm-packages.yml
\ No newline at end of file
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/desktop/pip-packages.yml b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/pip-packages.yml
new file mode 120000
index 00000000..84c8ac2d
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/pip-packages.yml
@@ -0,0 +1 @@
+../../../prod/group_vars/desktop/pip-packages.yml
\ No newline at end of file
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/desktop/ruby-gems.yml b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/ruby-gems.yml
new file mode 120000
index 00000000..7990afb5
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/ruby-gems.yml
@@ -0,0 +1 @@
+../../../prod/group_vars/desktop/ruby-gems.yml
\ No newline at end of file
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/desktop/vars.yml b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/vars.yml
new file mode 100644
index 00000000..553d43a4
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/vars.yml
@@ -0,0 +1,149 @@
+---
+# When set to true, ssh-keyscan will be performed on all the other clients
+add_known_hosts: true
+
+default_browser: brave
+
+software:
+ - act
+ - altair
+ - askgit
+ - azurefunctions
+ - bandwhich
+ - bane
+ - bat
+ - betwixt
+ - bin
+ - bitwarden
+ - bivac
+ - boilr
+ - captain
+ - cerebro
+ - clair
+ - consul
+ - croc
+ - ctop
+ - cumulus
+ - dasel
+ - dat
+ - delta
+ - desed
+ - deta
+ - direnv
+ - dive
+ - docker
+ - dockle
+ - doctl
+ - dog
+ - duf
+ - dust
+ - envconsul
+ - fd
+ # - felony # No releases in 6 years, no 'latest' release tag ever which causes the `gh` method to fail
+ - ffsend
+ - filebrowser
+ - fm
+ - fq
+ - fselect
+ - fuego
+ # - g-assist # A separate Role exists
+ - ganache
+ - gitify
+ - gitleaks
+ - gitomatic
+ - glab
+ - glow
+ - go
+ - gojq
+ - gping
+ - grex
+ - gron
+ - hclq
+ - hexyl
+ - hey
+ - hostctl
+ - htmlq
+ - hyperfine
+ - jiq
+ - jitsi
+ - jo
+ - jq
+ - kdash
+ - kubenav
+ - license
+ - linuxkit
+ - manta
+ - mark
+ - masscode
+ - mc
+ - mergestat
+ - mjml
+ - mkcert
+ - mockoon
+ - motrix
+ - mqttx
+ - muffet
+ # - mullvad-vpn # deb, rpm available, no archives for Linux
+ - nebula
+ - nnn
+ - node
+ - nomino
+ - nuclear
+ - oq
+ - osquery
+ - ots
+ - page
+ - pass
+ - pastel
+ - peco
+ - pony
+ - pretzel # Mac only, over 3 years old
+ - procs
+ # - psu # Releases contain only code. few pre-releases contain releases, no update in about 2.5 years
+ - pup
+ - q
+ - raindrop
+ - responsively
+ - rip
+ - runjs
+ - s5cmd
+ - schema
+ - scrcpy
+ - sd
+ - shfmt
+ - skm
+ # - sqlectron # deb, rpm, pacman available but no archive
+ - ssh-vault
+ - ssl-proxy
+ - skype
+ - slack
+ - sqlectron
+ - ssh
+ - ssl
+ - switchhosts
+ - sysbench
+ - tabby
+ - task
+ - teleport
+ - temps # 6 years old. Forks are platform specific
+ - tflint
+ - tokei
+ - transfer
+ - trivy
+ - udemy
+ - up
+ - waypoint
+ - websocat
+ - webtorrent
+ - whaler
+ - wkhtmltopdf
+ - xurls
+ - yq
+
+vpn_connections:
+ - file: OpenVPN.ovpn
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
+ - file: WireGuard.nmconnection
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/desktop/vault.yml b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/vault.yml
new file mode 100644
index 00000000..aa58c226
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/vault.yml
@@ -0,0 +1,29 @@
+---
+surgesh_username: dev@test.megabyte.space
+surgesh_password: testPassword
+
+dockerhub_password: dockerhub_password
+dockerhub_username: dockerhub_username
+
+dropbox_access_token: XXX
+
+google_drive_client_id: XXX
+google_drive_client_secret: XXX
+google_drive_access_token: XXX
+google_drive_refresh_token: XXX
+google_drive_root_folder_id: XXX # For regular gmail, for Google Apps for Business see the next one - root_folder_id is not required
+
+google_drive_work_client_id: XXX
+google_drive_work_client_secret: XXX
+google_drive_work_access_token: XXX
+google_drive_work_refresh_token: XXX
+
+mullvad_password: m
+mullvad_username: XXX
+
+nordvpn_password: XXX
+nordvpn_username: your@nordvpn.email
+
+onedrive_access_token: XXX
+onedrive_refresh_token: XXX
+onedrive_drive_id: XXX
diff --git a/home/dot_local/share/ansible/environments/dev/group_vars/desktop/vscode-extensions.yml b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/vscode-extensions.yml
new file mode 120000
index 00000000..2d10c7bf
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/group_vars/desktop/vscode-extensions.yml
@@ -0,0 +1 @@
+../../../prod/group_vars/desktop/vscode-extensions.yml
\ No newline at end of file
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/debian/users.yml b/home/dot_local/share/ansible/environments/dev/host_vars/debian/users.yml
new file mode 100644
index 00000000..2703e278
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/debian/users.yml
@@ -0,0 +1,151 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ heroku_email: herokuaccount@example.com
+ heroku_api_key: HHHH-HHHHHHHH-HHHHHHHH-HHHHH
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ group: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ sdk_installs:
+ - java 18-open
+ - scala 2.11.6
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Dropbox
+ provider: dropbox
+ config: |
+ type = dropbox
+ token = {"access_token":"{{ dropbox_access_token }}","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_rsa_local.pub') }}"
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ - files/ssh/id_rsa_local
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ lexicon_config_path: '{{ lexicon_config_path }}'
+ lexicon_config: '{{ lexicon_config }}'
+ himalaya_config: '{{ himalaya_config }}'
+ slack_api_key: '{{ slack_api_key }}'
+ github_token: '{{ github_token }}'
+ gitlab_token: '{{ gitlab_token }}'
+ github_gist_token: '{{ github_gist_token }}'
+ wails_name: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ wails_email: megabytelabs@gmail.com
+ - username: qeuser
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ heroku_email: herokuaccount@example.com
+ heroku_api_key: HHHH-HHHHHHHH-HHHHHHHH-HHHHH
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Dropbox
+ provider: dropbox
+ config: |
+ type = dropbox
+ token = {"access_token":"{{ dropbox_access_token }}","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_rsa_local.pub') }}"
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ - files/ssh/id_rsa_local
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: admin
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ ssh_private_keys:
+ - files/ssh/id_rsa_dev
+ system: true
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_root_user | default(restic_password_ansible_user) }}'
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ system: true
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/debian/vars.yml b/home/dot_local/share/ansible/environments/dev/host_vars/debian/vars.yml
new file mode 100644
index 00000000..0d7c8fd5
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/debian/vars.yml
@@ -0,0 +1,26 @@
+---
+samba_allowed_hosts: 127.0.0.1 10.14.141. 10.14.14. 10.0.0.
+samba_netbios_name: HTPC
+samba_printers:
+ - id: HPOfficeJetPro
+ comment: HP OfficeJet Pro 6978 (in Garage)
+ name: HP OfficeJet Pro 6978
+samba_shares:
+ - id: Media
+ comment: Movies, TV Shows, and other read-only multimedia
+ follow_symlinks: true
+ path: /mnt/htpc
+ public: true
+ - id: Private
+ comment: Authenticated share with read/write capabilities (backed up to OneDrive)
+ follow_symlinks: true
+ path: "/home/{{ ansible_user | default(lookup('env', 'USER')) }}/Documents"
+ public: false
+ users: '@sambausers'
+ writable: true
+ - id: Public
+ comment: Public folder provided for file sharing on the LAN
+ path: "/home/{{ ansible_user | default(lookup('env', 'USER')) }}/Public"
+ public: true
+ writable: true
+samba_workgroup: MEGAGROUP
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/malaptop/users.yml b/home/dot_local/share/ansible/environments/dev/host_vars/malaptop/users.yml
new file mode 100644
index 00000000..82c24a05
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/malaptop/users.yml
@@ -0,0 +1,150 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ heroku_email: herokuaccount@example.com
+ heroku_api_key: HHHH-HHHHHHHH-HHHHHHHH-HHHHH
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ sdk_installs:
+ - java 18-open
+ - scala 2.11.6
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Dropbox
+ provider: dropbox
+ config: |
+ type = dropbox
+ token = {"access_token":"{{ dropbox_access_token }}","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_rsa_local.pub') }}"
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ - files/ssh/id_rsa_local
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ lexicon_config_path: '{{ lexicon_config_path }}'
+ lexicon_config: '{{ lexicon_config }}'
+ himalaya_config: '{{ himalaya_config }}'
+ slack_api_key: '{{ slack_api_key }}'
+ github_token: '{{ github_token }}'
+ gitlab_token: '{{ gitlab_token }}'
+ github_gist_token: '{{ github_gist_token }}'
+ wails_name: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ wails_email: megabytelabs@gmail.com
+ - username: qeuser
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ heroku_email: herokuaccount@example.com
+ heroku_api_key: HHHH-HHHHHHHH-HHHHHHHH-HHHHH
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Dropbox
+ provider: dropbox
+ config: |
+ type = dropbox
+ token = {"access_token":"{{ dropbox_access_token }}","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_rsa_local.pub') }}"
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ - files/ssh/id_rsa_local
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: admin
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ ssh_private_keys:
+ - files/ssh/id_rsa_dev
+ system: true
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_root_user | default(restic_password_ansible_user) }}'
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ system: true
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/malaptop/vars.yml b/home/dot_local/share/ansible/environments/dev/host_vars/malaptop/vars.yml
new file mode 100644
index 00000000..ed97d539
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/malaptop/vars.yml
@@ -0,0 +1 @@
+---
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/raspi/users.yml b/home/dot_local/share/ansible/environments/dev/host_vars/raspi/users.yml
new file mode 100644
index 00000000..c2d063ea
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/raspi/users.yml
@@ -0,0 +1,151 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ group: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ heroku_email: herokuaccount@example.com
+ heroku_api_key: HHHH-HHHHHHHH-HHHHHHHH-HHHHH
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ sdk_installs:
+ - java 18-open
+ - scala 2.11.6
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Dropbox
+ provider: dropbox
+ config: |
+ type = dropbox
+ token = {"access_token":"{{ dropbox_access_token }}","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_rsa_local.pub') }}"
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ - files/ssh/id_rsa_local
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ lexicon_config_path: '{{ lexicon_config_path }}'
+ lexicon_config: '{{ lexicon_config }}'
+ himalaya_config: '{{ himalaya_config }}'
+ slack_api_key: '{{ slack_api_key }}'
+ github_token: '{{ github_token }}'
+ gitlab_token: '{{ gitlab_token }}'
+ github_gist_token: '{{ github_gist_token }}'
+ wails_name: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ wails_email: megabytelabs@gmail.com
+ - username: qeuser
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ heroku_email: herokuaccount@example.com
+ heroku_api_key: HHHH-HHHHHHHH-HHHHHHHH-HHHHH
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Dropbox
+ provider: dropbox
+ config: |
+ type = dropbox
+ token = {"access_token":"{{ dropbox_access_token }}","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_rsa_local.pub') }}"
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ - files/ssh/id_rsa_local
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: admin
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ ssh_private_keys:
+ - files/ssh/id_rsa_dev
+ system: true
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_root_user | default(restic_password_ansible_user) }}'
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ system: true
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/raspi/vars.yml b/home/dot_local/share/ansible/environments/dev/host_vars/raspi/vars.yml
new file mode 100644
index 00000000..ed97d539
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/raspi/vars.yml
@@ -0,0 +1 @@
+---
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/standard/users.yml b/home/dot_local/share/ansible/environments/dev/host_vars/standard/users.yml
new file mode 100644
index 00000000..2703e278
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/standard/users.yml
@@ -0,0 +1,151 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ heroku_email: herokuaccount@example.com
+ heroku_api_key: HHHH-HHHHHHHH-HHHHHHHH-HHHHH
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ group: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ sdk_installs:
+ - java 18-open
+ - scala 2.11.6
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Dropbox
+ provider: dropbox
+ config: |
+ type = dropbox
+ token = {"access_token":"{{ dropbox_access_token }}","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_rsa_local.pub') }}"
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ - files/ssh/id_rsa_local
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ lexicon_config_path: '{{ lexicon_config_path }}'
+ lexicon_config: '{{ lexicon_config }}'
+ himalaya_config: '{{ himalaya_config }}'
+ slack_api_key: '{{ slack_api_key }}'
+ github_token: '{{ github_token }}'
+ gitlab_token: '{{ gitlab_token }}'
+ github_gist_token: '{{ github_gist_token }}'
+ wails_name: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ wails_email: megabytelabs@gmail.com
+ - username: qeuser
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ heroku_email: herokuaccount@example.com
+ heroku_api_key: HHHH-HHHHHHHH-HHHHHHHH-HHHHH
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Dropbox
+ provider: dropbox
+ config: |
+ type = dropbox
+ token = {"access_token":"{{ dropbox_access_token }}","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_rsa_local.pub') }}"
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ - files/ssh/id_rsa_local
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: admin
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ ssh_private_keys:
+ - files/ssh/id_rsa_dev
+ system: true
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_root_user | default(restic_password_ansible_user) }}'
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ system: true
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/standard/vars.yml b/home/dot_local/share/ansible/environments/dev/host_vars/standard/vars.yml
new file mode 100644
index 00000000..0d7c8fd5
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/standard/vars.yml
@@ -0,0 +1,26 @@
+---
+samba_allowed_hosts: 127.0.0.1 10.14.141. 10.14.14. 10.0.0.
+samba_netbios_name: HTPC
+samba_printers:
+ - id: HPOfficeJetPro
+ comment: HP OfficeJet Pro 6978 (in Garage)
+ name: HP OfficeJet Pro 6978
+samba_shares:
+ - id: Media
+ comment: Movies, TV Shows, and other read-only multimedia
+ follow_symlinks: true
+ path: /mnt/htpc
+ public: true
+ - id: Private
+ comment: Authenticated share with read/write capabilities (backed up to OneDrive)
+ follow_symlinks: true
+ path: "/home/{{ ansible_user | default(lookup('env', 'USER')) }}/Documents"
+ public: false
+ users: '@sambausers'
+ writable: true
+ - id: Public
+ comment: Public folder provided for file sharing on the LAN
+ path: "/home/{{ ansible_user | default(lookup('env', 'USER')) }}/Public"
+ public: true
+ writable: true
+samba_workgroup: MEGAGROUP
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/ubuntu/users.yml b/home/dot_local/share/ansible/environments/dev/host_vars/ubuntu/users.yml
new file mode 100644
index 00000000..2703e278
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/ubuntu/users.yml
@@ -0,0 +1,151 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ heroku_email: herokuaccount@example.com
+ heroku_api_key: HHHH-HHHHHHHH-HHHHHHHH-HHHHH
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ group: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ sdk_installs:
+ - java 18-open
+ - scala 2.11.6
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Dropbox
+ provider: dropbox
+ config: |
+ type = dropbox
+ token = {"access_token":"{{ dropbox_access_token }}","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_rsa_local.pub') }}"
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ - files/ssh/id_rsa_local
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ lexicon_config_path: '{{ lexicon_config_path }}'
+ lexicon_config: '{{ lexicon_config }}'
+ himalaya_config: '{{ himalaya_config }}'
+ slack_api_key: '{{ slack_api_key }}'
+ github_token: '{{ github_token }}'
+ gitlab_token: '{{ gitlab_token }}'
+ github_gist_token: '{{ github_gist_token }}'
+ wails_name: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ wails_email: megabytelabs@gmail.com
+ - username: qeuser
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ heroku_email: herokuaccount@example.com
+ heroku_api_key: HHHH-HHHHHHHH-HHHHHHHH-HHHHH
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Dropbox
+ provider: dropbox
+ config: |
+ type = dropbox
+ token = {"access_token":"{{ dropbox_access_token }}","token_type":"bearer","expiry":"0001-01-01T00:00:00Z"}
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_rsa_local.pub') }}"
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ - files/ssh/id_rsa_local
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: admin
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ ssh_private_keys:
+ - files/ssh/id_rsa_dev
+ system: true
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_root_user | default(restic_password_ansible_user) }}'
+ ssh_private_keys:
+ - files/ssh/id_rsa
+ system: true
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/ubuntu/vars.yml b/home/dot_local/share/ansible/environments/dev/host_vars/ubuntu/vars.yml
new file mode 100644
index 00000000..0d7c8fd5
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/ubuntu/vars.yml
@@ -0,0 +1,26 @@
+---
+samba_allowed_hosts: 127.0.0.1 10.14.141. 10.14.14. 10.0.0.
+samba_netbios_name: HTPC
+samba_printers:
+ - id: HPOfficeJetPro
+ comment: HP OfficeJet Pro 6978 (in Garage)
+ name: HP OfficeJet Pro 6978
+samba_shares:
+ - id: Media
+ comment: Movies, TV Shows, and other read-only multimedia
+ follow_symlinks: true
+ path: /mnt/htpc
+ public: true
+ - id: Private
+ comment: Authenticated share with read/write capabilities (backed up to OneDrive)
+ follow_symlinks: true
+ path: "/home/{{ ansible_user | default(lookup('env', 'USER')) }}/Documents"
+ public: false
+ users: '@sambausers'
+ writable: true
+ - id: Public
+ comment: Public folder provided for file sharing on the LAN
+ path: "/home/{{ ansible_user | default(lookup('env', 'USER')) }}/Public"
+ public: true
+ writable: true
+samba_workgroup: MEGAGROUP
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/workstation/users.yml b/home/dot_local/share/ansible/environments/dev/host_vars/workstation/users.yml
new file mode 100644
index 00000000..ed97d539
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/workstation/users.yml
@@ -0,0 +1 @@
+---
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/workstation/vars.yml b/home/dot_local/share/ansible/environments/dev/host_vars/workstation/vars.yml
new file mode 100644
index 00000000..ed97d539
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/workstation/vars.yml
@@ -0,0 +1 @@
+---
diff --git a/home/dot_local/share/ansible/environments/dev/host_vars/workstation/vault.yml b/home/dot_local/share/ansible/environments/dev/host_vars/workstation/vault.yml
new file mode 100644
index 00000000..06456ab8
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/host_vars/workstation/vault.yml
@@ -0,0 +1,3 @@
+---
+admin_username: bzalewski
+admin_password: ChzDoodl8399()
diff --git a/home/dot_local/share/ansible/environments/dev/inventories/local.yml b/home/dot_local/share/ansible/environments/dev/inventories/local.yml
new file mode 100644
index 00000000..8392dc70
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/inventories/local.yml
@@ -0,0 +1,13 @@
+---
+all:
+ children:
+ desktop:
+ hosts:
+ workstation:
+ ansible_host: '{{ domains[inventory_hostname | lower].hostname }}'
+ ansible_connection: local
+ ansible_password: '{{ admin_password }}'
+ ansible_sudo_pass: '{{ admin_password }}'
+ ansible_become_pass: '{{ admin_password }}'
+ ansible_user: '{{ admin_username }}'
+ ansible_become_method: sudo
diff --git a/home/dot_local/share/ansible/environments/dev/inventories/quickstart.yml b/home/dot_local/share/ansible/environments/dev/inventories/quickstart.yml
new file mode 100644
index 00000000..9739b7a2
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/inventories/quickstart.yml
@@ -0,0 +1,43 @@
+---
+# Three hosts are defined but the quickstart script filters using an environment variable
+# so only one host is provisioned at a time by quickstart.
+all:
+ children:
+ desktop:
+ children:
+ nix:
+ hosts:
+ standard:
+ ansible_connection: local
+ ansible_host: standard
+ ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') }}"
+ qubes:
+ hosts:
+ dom0:
+ ansible_connection: local
+ ansible_host: dom0
+ ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') | default('') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') | default('user') }}"
+ anonymous-dvm:
+ crypto:
+ development:
+ gpg:
+ media:
+ personal:
+ provision:
+ remote:
+ swarm:
+ vpn-dvm:
+ vault:
+ web-dvm:
+ work:
+ windows:
+ hosts:
+ standard:
+ ansible_connection: winrm
+ ansible_winrm_transport: credssp
+ ansible_winrm_server_cert_validation: ignore
+ ansible_host: standard
+ ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') }}"
diff --git a/home/dot_local/share/ansible/environments/dev/inventories/vagrant.yml b/home/dot_local/share/ansible/environments/dev/inventories/vagrant.yml
new file mode 100644
index 00000000..21d11aa0
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/inventories/vagrant.yml
@@ -0,0 +1,52 @@
+---
+all:
+ children:
+ desktop:
+ hosts:
+ archlinux:
+ ansible_host: 127.0.0.1
+ ansible_port: 52522
+ ansible_password: vagrant
+ ansible_sudo_pass: vagrant
+ ansible_user: vagrant
+ centos:
+ ansible_host: 127.0.0.1
+ ansible_port: 52422
+ ansible_password: vagrant
+ ansible_sudo_pass: vagrant
+ ansible_user: vagrant
+ debian:
+ ansible_host: 127.0.0.1
+ ansible_port: 52322
+ ansible_password: vagrant
+ ansible_sudo_pass: vagrant
+ ansible_user: vagrant
+ fedora:
+ ansible_host: 127.0.0.1
+ ansible_port: 52222
+ ansible_password: vagrant
+ ansible_sudo_pass: vagrant
+ ansible_user: vagrant
+ macos:
+ ansible_host: 127.0.0.1
+ ansible_port: 52122
+ ansible_password: vagrant
+ ansible_sudo_pass: vagrant
+ ansible_user: vagrant
+ ubuntu:
+ ansible_host: 127.0.0.1
+ ansible_port: 52022
+ ansible_password: vagrant
+ ansible_sudo_pass: vagrant
+ ansible_user: vagrant
+ windows:
+ ansible_host: 127.0.0.1
+ ansible_port: 55985
+ ansible_become_method: runas
+ ansible_become_password: vagrant
+ ansible_connection: winrm
+ ansible_winrm_scheme: http
+ ansible_winrm_transport: basic
+ ansible_password: vagrant
+ ansible_sudo_pass: vagrant
+ ansible_user: vagrant
diff --git a/home/dot_local/share/ansible/environments/dev/templates/appium.config.j2 b/home/dot_local/share/ansible/environments/dev/templates/appium.config.j2
new file mode 100644
index 00000000..1b60affe
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/dev/templates/appium.config.j2
@@ -0,0 +1 @@
+The host ID is {{ inventory_hostname | lower }}
diff --git a/home/dot_local/share/ansible/environments/prod/files/inventory-map.json b/home/dot_local/share/ansible/environments/prod/files/inventory-map.json
new file mode 100644
index 00000000..42023df8
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/inventory-map.json
@@ -0,0 +1,3 @@
+{
+ "f0:18:98:2b:31:93": "inventories/malaptop.yml"
+}
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green
new file mode 100644
index 00000000..17be0b5f
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green
@@ -0,0 +1,39 @@
+$ANSIBLE_VAULT;1.1;AES256
+33363431643638663033633030633463343234663263363035653237383837633865613065616565
+3362336434363864323035666435306133323535353635360a323130316164336261363139336436
+34613062313234616637636563616563353766653763623539386338636164323937656135623332
+3832373562363564350a656538666565346534643764306533323836623964333235343462623164
+35343336613036663230393863626535393737663739333730653035383361646638323538343264
+39656339326563303930623332663936383432643335373261623330386633333765343033373563
+35303934396331383236363332313239303533353937623862356531633564383132623962326133
+64303439343134663934636335363761613262336634356338363034306263363136366261386234
+39626238363434366439353436623465383032343862336635636332613562393638623736313032
+65306337383965326237313430323864323236373636383561653039356664313237316664366364
+37623231353638623566393131646563313831646661643235343961613732633562363739313063
+37643965376230633134313461666132346364386565303263333133646430623437343364353264
+63623438656235636463386661353162636665396637613338383939356531336663363034323663
+62393063373339616336383962376235303764376265646465626134663164376134623532636465
+33303964623132376239353030313761343565333264306461616539663339363063363035323861
+33333130356366353064396637396466316239653333306130626462616338616332663536323330
+30373338616533623165323737373930323666313436636365363865393162663063306631623435
+35363033376334323238353262636634323766303835306265333734333364613663383461663861
+35343633666265353030636232313266323835393835653765623134376565396430363361386138
+36646362363265346363616564633436623537663236316231363433353936383238363638303238
+64623032653963623164623434303937306465306632623236633662316630613231653266393331
+36616437353132316562336435363631623537623562363064616130663033313737353165303939
+32353535353064376361613933376632346633656333636361666530643466613865383630623461
+33643834316238636533343565316539623034333631313164346539363438626536636364623134
+30393736336563303935306162653761663436643939356361316365643233623237363337333032
+30363132326164663335643039323837306332303435666538626666336462636431323565356463
+36646266363036663365313437323339356231646365656437343161353664333966653239383231
+65356662646136656466396265396161376362396339643162383330623430313733393637343638
+32643437356538383434616432316433663731663863363934306361626431633539623232656639
+37346638323734306165373935633635663837636230656536633135623139386338343738663033
+61613631323431376166323236373838656137656166383535303130633430396562386235316166
+39656262646631353035643631376134653536313930326566363635623461336135666562653564
+66353131386630633232313665626233643133653461353965336435326161313634643538336261
+30313561653538623561336536323965303730356333386439643361653933376464396366616662
+37303366326534356636623636356232663932343639313762633536353234646536383638353530
+61636135636637626264633561366431303238323164303336616533346633616135613061316234
+38343738316533363463353562393131623434353762386566653032613633393061643335373734
+6631656430343037306561323363333366396330633366626439
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green.pub
new file mode 100644
index 00000000..85ae0869
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green.pub
@@ -0,0 +1,16 @@
+$ANSIBLE_VAULT;1.1;AES256
+37373166363735623930333362643564636439383763613937323533316662616237333833373037
+3163303564343662346662646337366363616566346465340a366436326165333661616666386263
+61623265393165353363336434613538633339666236383765366230306138353464383865323130
+3831343637326538310a623633633532666334396533393165626630393239633239636436636136
+37653064653134366636353033333466356661353263306436663239343730373166636663326434
+61376233633962373830633534633333373234346162333937333437643930373565656338653139
+36326664396535623830363034643264663636363834623662303433356566656538313064356162
+32613164346237366438366263626230393839326563643066663662653638353866623531373664
+33333262623337376633633065306435383033353838633138316466653861323134366465316466
+37346339393364393937333531346663306631323333656462316363613738383464623032616438
+61663861373734363333376565313738656235373961663064326131363963376530633634343034
+39373331626564303337613930666566373231656230343238306536343363646331333531646339
+39343638323266663433306238633630313236323634343164636361653032656666613335393530
+36383638653838323133396238653065646366356232353939663861613365663733656235383333
+316165363532623734666466366661386138
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_alt b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_alt
new file mode 100644
index 00000000..36d5aafa
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_alt
@@ -0,0 +1,39 @@
+$ANSIBLE_VAULT;1.1;AES256
+34306164313634666639393536313435306464623562376261626166306562373334636265636335
+6566633835643036613332646132306364663230323964380a373134663230666630343239633365
+63316563323563383037353237653035323865373966363362366236666562616235333465366336
+3563353735396632650a663139306239643638666565633866306535396466343336343339616364
+35666563626438366139636165396633393161343734613937333339363830613939386632333561
+39396334326238333839373066623765363164333566376432616536366333376637613232383365
+64376566666235666362333331656332393934396662353763663264663765666139646331636266
+36653133646132306437336137663765623330653230396233623139626364316165393030366434
+31376535316263626133646664333833323364343133623939383163313639313365326138656632
+39386239303538316539353535333530643531653232613835343236616239363262383639333563
+32613832353833616461356632613666626235663637356564323335656135303533333930613366
+39333065396139656131343761336236333035306130643865333936303765333266373636373838
+64623763353464383639303731346366636565336366343066333232663562633436633365613833
+33313031396566663733346631623533613661303232336636323233623738393832383839316238
+64373635633834356266613337393566396432653832636166613338376263633833353637366533
+65393231336336386662353065663064376631653433643366306130383239353764616532663431
+39623734666530353262663137393463383631373034383839393166336536306361396463636430
+65386237343266356461316136333763323362353337383538656332306534653266376661316235
+34653162373037613064633238643735643165353431313037323632393832633965363739303162
+37393739313539636264346434316337363034626531623863333561363966373735353535663533
+33633433346364333034393437393738356463376338383634323966396532363366346361386161
+63343631313038613534626261613038383232303863353434306465613966326361363066353032
+31643232343966393636393066333762633432613562643036656236313333396536323234333932
+37316237303933616461373836333332653038656364303739656438343665396165663139393861
+37386236393135313739353265333435313937333638663566653366353736313939326164383966
+63336337633930376464333461653130623737396361656235363137316533366562656166323066
+64373635613039643462653836316639643464356366626366323034666265353638353463643863
+37356532396236363362313330373762323163663638326361633132656538303661373564313164
+37326532653266633430396338333938383362393837666632313962366239356665613031393664
+63653062366262376439313636353465616235623832333033333862333164373331386561656564
+34636438613031383735633335393533643139356661386435623732653961356535333231383966
+31646135306463323964383564313261373337643531666162366661616333623736653361316335
+30306462643564613666643533316463386430306562343230366636353830356432316232383835
+36373364613333383565336665343663373437616535386133363733333838343466333162313965
+65393033623162626230336561353738333537323164363661383033323936626632613535336463
+32653435333364346265303436353764383964393362616365353135313165663731323832373365
+64356365303935316339643330616636336530396530333937363130306666343031636238386130
+3365653339356132613932623134653032623665626237343738
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_alt.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_alt.pub
new file mode 100644
index 00000000..66069f7d
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_alt.pub
@@ -0,0 +1,16 @@
+$ANSIBLE_VAULT;1.1;AES256
+62393736323830653365626439353466626466663661646231653830326365623061396134396635
+3536303265363037376136366135333063333935643962630a346133653235336665383536643265
+30386664393966363536356266343162333038393761656433323463646636383033613130396334
+6437623331646365340a643239326633616538313832636562666539353734323235303961353964
+35326538623331366665323933373464326562623737643363396431623165393436366562303966
+34306330316363633331386261643230613839666231366165383334303463656536623738653365
+64326438393637366436306564343833643531656537636266646461613365616366303266366535
+65636335363137616431396137323439666231333230393364363061363333353438396236633431
+32363330333332373935646434366237643934623034663439353663303235613234393038343065
+35343236393437373130313535663637393362376364396434303165323438323666633037336130
+63623838356237653466363834393663316438623336653531356563636663303334616637313161
+66613431353730303537376131323033383566366633376661346534373336633331653839326662
+37653231333234363630303165306539633930393438623635343932393138636530336661373336
+35623536626238393761626537316465613939656638626363356530663338626562393933343430
+653834623862336534313865313762343864
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_x b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_x
new file mode 100644
index 00000000..988851af
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_x
@@ -0,0 +1,39 @@
+$ANSIBLE_VAULT;1.1;AES256
+36356133653236316464663961663932646430373837643034336161313962613236623238343136
+3135653766306233343666303038313432376335616130390a316431373336303836653362323166
+31363063346630363236663138303164303533333235323431343632356162643765386537356539
+6164656561326436390a623062633434346431363136363738346261343661366336333663643066
+37303036613462353165393137356566633565366532356463643465616164336432653663323535
+65643338353064326537633133626332646366613935373463363931386431313032383132396261
+64313162346138666235376464656564393730643437623465613666316161356336613063613964
+36333564643066353435363965336539633365393334613463663038383237393335383761343439
+63646132333032343564353866346335313330383966366433613732653262663437643730663662
+34363338303935616131633862363137613431346133666562316665623435623865343331636539
+30373566313732313865646431386662333336633535333063663839383836316337633461363863
+66623632346663343239316338666137303562653831646633613466306333383237373763313234
+31646264373261626266343164316430353734396231313032373765663231353264333464666366
+66363232366435393532333236393530343632616636373731613236633533323737316431393939
+65373339636435336535323134313761663866656465666465333134613034313861623838323530
+65646133383363373233366131626531353834333435653233353465633737346637663737643962
+36316165653135376436393163353162326531643833323738323032653237316334363936343639
+36366339306365366232386364616461643863353762626663636234636233356266383362326166
+39643635333933653161626566353834623061333437643130363530396463613631353933643665
+32333861383038363836646230303563666439396438383131376131323531643738663738666565
+35303332353736313636646532353164373030323631396336633638653436613066636233333963
+39316365303034623433383238363431383831383036383238633836323236393935636534646161
+32393239373335643938313139376436343766656161383934616366306566623466316533653665
+62373830353832336232613164613330653532393032626435323339383765633838396662633037
+37326166636362623064646566633630653064656436663233383661616264323338386330663132
+35373434313765303137373361396363663134653831623532326265386430336337336536653134
+33336230323562306438303866376130323866353564333630633937643035616435316337333030
+66366664396133623932613135646563353835363631313735653966383464636131663039306161
+62393762356665363138316638326536326430386361346335383630333862393531316137613935
+65646330326137653133343465616133373664383234323437636538626261356261366630396638
+66393863643538653664313938303335386133643661633835353338643430336163313161356134
+32326334383663636464346362303966626237663838306632626230393764363630316533653731
+39316438343665356337323038653061616661326439323263636136663561663234343234396464
+36303634313565396462316137626435366236326538386239653333636431336435353263643836
+38353531303462343766643365623831303865333962303966653831663361313762323666326539
+38613663313763393465346466616364376130636263626164323534366334386337393934623063
+34373830646261393831386639633430333135336635353839663161343062633938626436376431
+6363396263383564613336386631373961376661613766363265
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_x.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_x.pub
new file mode 100644
index 00000000..bbb79eb9
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ecdsa_sk_onlykey_green_x.pub
@@ -0,0 +1,16 @@
+$ANSIBLE_VAULT;1.1;AES256
+35356631323761333366303939383431346338366138633861663164663861636566326138633733
+6238356333663364616262303438616136303835383366310a383734663232626161373462383865
+32623164663737643139643661376461663435326464393933356261336162383933623736396461
+3039643465363466360a306634316432623539633836633936353634336566336530636366393535
+63306639653539383061373338633766663361336261393662623934633765313537633535333035
+33346133306366323433363435663034346338343763646234653038623936613261623039663436
+62386538383837353437373432643832633937633061386332643232343965366534326332386632
+65616236656262383133373539663165616161623835396430623636326161386335646639663038
+65663066363664346439646631353463346264663864623030636562356435346164356532373030
+63613138653731623734353939306336386366313537623265326430633032653536613531323032
+35373338336231623031636432373630386664666430666238393930626539333362383631396131
+32383332643834626635653235613133616264363032633131393234616133303362383739643563
+34323031383066326537356432373563313730623139623334383136626164373231383762393333
+65366239306637353864653538396364353334393537333833353333623837356266323666336163
+626631623534323736376231393339316236
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_26 b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_26
new file mode 100644
index 00000000..a36a7190
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_26
@@ -0,0 +1,28 @@
+$ANSIBLE_VAULT;1.1;AES256
+32646462616163623061303866376130346332373764653134336663336537663738323630333662
+6264386131663039386465353464396162626266343334390a613739653432346333383462636630
+61333466613536656139636665643537336466663265653264353964623861393936636638376663
+3436346339353535320a323666613266616631396330383439653138393762383738613761316130
+39343933313563373631306539653032343335663130383965346132336439303261393330323637
+65626264343334656461626265353461376232623837313538656461663863393663333130363861
+36353433376235393736393337613961303431623432656466623233316234313966366337363761
+35333137323535353665653465633164383134323835333962643662363363646566363135303332
+65353335663161376434376132343735313466326234326463343139313762373436366330393664
+31313338623637346433373435356132623830393862656666313364356238306132316233643138
+62363839313133616433363664656462393732316238353366383638626635353634663936326436
+38393637636330316534393534306337376365666262313539333162323164636638396335343732
+61306338663134623436346462376564366463313863613962653363323137316333343634636436
+66656262326661646561613237643665336665613961623130626266346264633864323830383636
+63353738643437353365666534393639343635616338666634343234376134303564316464336431
+37396333373732306630303138373538643837636335323464346631353332623133376335393330
+30346538623361653531616565333733613264336637336239626166653334396532643530373737
+34333662623639626635323030376630366564616263323661653633633031323934633163356530
+63313430363566363939353032303431333234343031393239303036306434613462663365343332
+65653336316632636566376238316630636166663263313434396334376131373064613064396132
+30353938653736313734373564373835393738366662643663626436393337343761386132333633
+66646261663339623439626234366463306239666635623061643930353436613466383636303562
+39356464336135376166393165346538326432633939313433343265326330663039663164353764
+33316439363863386130636164613336356539393564653063616330656239636139373463343437
+33643562613464643736303633653135396231653136396362313333646131323864363736333831
+32666364356339393064623766353930356561326261623932616564396235366139623063633264
+653530333565363366376230663365653130
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_26.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_26.pub
new file mode 100644
index 00000000..472d867a
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_26.pub
@@ -0,0 +1,13 @@
+$ANSIBLE_VAULT;1.1;AES256
+34663430656430636437316161353538356633643339626162363533386437313238333732626331
+6331646439316265613033353736626166323838386665660a356432313631386637386666366438
+38336632316630386430386137353431616639326263323733633835656438396634306435656461
+6564386239323865370a663838613230636637646539306234303162656664373263613736376633
+63333636333931383537393365396331383134666635323337373835626265306431613537313532
+35333534353962383333663930346562653235303430313961306365313834386664643363333035
+30326166323962313135653333613365666438396438356333643938386233613961313931306234
+33616239353337393661346463363765316337626437303334643664363764303837376537313263
+35303832616338303232623539663063653936356266333532323131623437343836373633383733
+35383237633135326232613262656533316539306361326234656662656665663064623835376630
+31333439313762376662393436393230386138353335343438353535313738343266386535373161
+61396534306336303936
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_27 b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_27
new file mode 100644
index 00000000..b17ddf40
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_27
@@ -0,0 +1,28 @@
+$ANSIBLE_VAULT;1.1;AES256
+62646466326535623166316534613032343361323130636163666438346461383938313737303064
+3233653066646465646230363433343633663632653034660a366336303935653566656365353262
+32363762626232306632663933343562306364333231653265623961323731623432383034323435
+3463343435343633620a613166376566353163303961376663653163626436323936356232376636
+30393533323136383466373864353363633763316335643266336632613464373735643437643963
+31386430636462626365393964383334313261353861623733613238376366666365373031303935
+34376131303761376465373466633364626631376232353461313165663532616661653365386661
+65633866396462393239666462646532306666636536303566616533393932313961313539316461
+37366537366134343435366464313737323136316138346230363166633430653539343138333461
+36646630663533363463333263373033316132323131396335663466333939383730656237366634
+61306165656664316637363334613363616434656634386635633538323662316230383762346432
+31386164616532363835366461396261633733343166393739356330633564373562623432616661
+35373434616635363539383836633338346332613464386539323338373834633233343866376136
+63643039306664366465333835353434613631653233383330393337363065336464343136626438
+33346362633563613633653433633532653030393238313739356264363666656534363132303631
+63663663363864356262633066613661653738376163386366373234636536656362346633616437
+31313932386631646165396232373361363034333233323435666533653736333234393833653838
+61373061616363643739306331626130623138386232393765373438623866313330323336323063
+38313839393234653933353631356333383738343233656539346433306332666639323965623064
+31666665316661623464333235393331343339383331346461666236356330363563396664326133
+31303461316666313231363965663734643839386236393564316436333535643333393733363534
+37643130653365363936613031386530643432386331613930343738616132323236313239383035
+62323637643764313532653065633134393333653331613161646130343938313462386365646235
+61373931343039333166336234316634303635386565366237333964633738346337643234353665
+31613039316334306434303135366130653834323937393934613162353961303965353832303238
+39366665656435396364616366363936626462383139326265623833653830303339346265393464
+613735313566353434643838306239653035
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_27.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_27.pub
new file mode 100644
index 00000000..87a46ecc
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_27.pub
@@ -0,0 +1,13 @@
+$ANSIBLE_VAULT;1.1;AES256
+36666137653833366563663137386536333366393066373564646631386566356531366665613838
+3964306632306237373662653762653332313165356636610a383432356666326435373466343939
+37623962326136393261626434366134346431653462343864636663343035396164353163346133
+6439386338646166650a626335313632323562376663373761363364643032613761623935613235
+37316462363563346233633335353335633732396437386138316233363764363362313934306663
+64323665666337663834323637313866343231326161653936666264643439333337393039366363
+61356264656535653232306433343733313735646534373764636466303536336638343334343162
+65633461393430633464343133373539623037393236353439393137383761333838303266373336
+35386435643633613933363138633333623332346130396633333132363335353766336562366335
+66656563366231303636616437303665336136666361306464343635396364623439613665306138
+36616438643065376432623933393534636131373965353430356139313332333838666330343461
+39656637643966343032
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_52 b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_52
new file mode 100644
index 00000000..7027c4fc
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_52
@@ -0,0 +1,28 @@
+$ANSIBLE_VAULT;1.1;AES256
+32353461393163386663336233633463623066313031343264616264363734366463356639666339
+3264633132643735663964323166366138643362376538320a306237383334633038393338626662
+61303937333564383864636564383736656162396636376136383836396133623031343634306635
+3433643536353533610a653931636338633138613132653533613935336639623261333633393363
+63366631386332346236336434303932316139303437353836663938373562393435336264326137
+37353461616266613336616633323331396637656338316565356539393366353935656663663734
+62336265326133326533356139333635643665316163336632383463313930303638306164333330
+32623666633139623339623866313239306339633164663133323834363266643963393137663165
+66313335613130666437356662653261363734376532333666323831303763613734633066373264
+35376532353535363139653532323031336665383233303261633561316130633066303834336338
+31323633356637353639363663313935666233313730666162346436353731323437366164396461
+66336331633532366265316261626638643338346564316266303937623539643733356230386665
+36366263393532353232333163383532323535336430666439616439636135656432386536323862
+38346233323362343337633636393638373362633533303532663535323133336239623466356662
+62316563306464613838323738393761303635326433363936623166656136663066313733636637
+37373036613735343334666135333039383962323861626161656366643162343536653065376635
+66623866313161623630376338363338623164323235313132333363316333626239353730393636
+35623561383063666636633563393034653634343430393463373566646166653132323933653534
+38333738643136353831303761343233383234656266343634356232346631306165633033343734
+61666438636462373737313132666536356332336462613436376636363731393164643832323263
+64633166343761303461666238633462333037396136363062313365613564363263656231346137
+38666239303133313239303261626164336235303961346666626665373338306530616362366537
+30616433383238383734383437666133646336656331336362383265633363306538386232393339
+37333462633137383539313466653364663865316438616235343236626562343238613836653830
+63636639336635666535353030323735633930363430393536646134306231626439336563376561
+63636437346136323432363161353036366436373733306130613030313164343835363634393732
+346439336335616165643338643339663433
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_52.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_52.pub
new file mode 100644
index 00000000..d7382b53
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_52.pub
@@ -0,0 +1,13 @@
+$ANSIBLE_VAULT;1.1;AES256
+37653562656163376564363535316238356534633332653138613262353836386466383333353665
+3234626233636537326661366664363032313365373339640a633964313937363138663938303532
+66323066386131373466346635356338393166336662653530623665373439626234373065366336
+3432666131356532650a356133353131366330643564646530383431326337666339646434306664
+62333934323634633031376464323336366230633839616466306636306261323833643865656639
+31666234656464623630326166356531316331653930663264313338643132333335633937636533
+35613035313335366233376530343339613433333363386336653631383865306435383361313931
+33363730633165366336326433613337373465333233656131373733383637346431373135356337
+61346362383239386364663830376636666536383066396439633831393062643931393664353433
+32313564663138363933366535643864383537646234626135343466303936363535623030356562
+31643031313663393231633865643236366566353362363237306261643736633563666537363137
+62333365613766633630
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano
new file mode 100644
index 00000000..87fee443
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano
@@ -0,0 +1,30 @@
+$ANSIBLE_VAULT;1.1;AES256
+34386362323832313766663434323632383164633065333731363037303239623933613231326332
+3966336235333331633162316464303432353966616565340a383737623731646133626230626335
+36666664613132326464343632333336633566646365323565623832363536343039623861363262
+3964303062316330350a653731326263336633616637626535343938316430306237396633643735
+34383263376163393534346462366437383636386430356533383138336537633864383437333432
+61313539336463353437663165623562643161306162303166633461643038383837613731663532
+38663834396533306164313261316230646438643765393433323332386364373761636532376239
+36383466333638346238653733393261616235613763613636363661363161653261303739326435
+33656631323335633630323366333734336433316431303531643232306234373562316537346334
+30326632333939643433353065376635356439343839353131333261643361306636376239373534
+63313364396432636462663363323039663935623235643363333162663166313637396634346562
+34383237346333646264306264356236313666303631383432366461613034373630643938656364
+38343162306361366634663262636635336134653435393332663139383865396430643632653765
+30646435393964336134613536633264613763346638653333633063633761646535383934333366
+38366562373835316432636333626565303530336537333131666165613861353463396434323331
+33323564326638356263363863643836303330653134313830386135336338303533383265383839
+39303730626431636535396331363335373863343562396364356231366437336335346134353962
+65333632623934316533643730363061333332386561356435353264613639353161353637333866
+39643563303931373338656131656663653762363430366131316236333637613839306236386636
+64333437613663323531626139346132353037623531383031616564363566646465646233356531
+38313264356232376338313930633664373131303131323432633562376236623035636435336433
+39616136356562323031633333316661346638376563336666626337613833313764633931306435
+39383236326637646337663731343538353632646533386361353637373032643933343639623461
+65343964636239346537613934633463653430623833616639616330646665393234336164663830
+37313562633336313963643832353366646565346134353764353539633364306136636635613862
+37653237663265646439623561363938653333363363626435656665313964393234323331613531
+65653363386336333665333163356437393936383331333633633061653464613366306531383431
+33666564636564653037666531653833363135333965373138656562386337656332343136343933
+63386565303336616462376562666263323533313962313436646530303364383163
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano.pub
new file mode 100644
index 00000000..2d5f3840
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano.pub
@@ -0,0 +1,12 @@
+$ANSIBLE_VAULT;1.1;AES256
+61636264303661396465366230653038313865333737343461363637666366386631316239323332
+6662623761343831393536613364646132316632343564320a376535323033623562396563333762
+37653533633663383830663633313462633936366132393237393366653764306139393738633762
+3637633333333835630a613164356564373238643132633038356234626462393739343764623234
+61333361666635386239653637396661663662393465333431643666326233323561333764646639
+39383361316462346433323437366366303734656661386239633438383661393864663131393762
+34373839353938373761623731336232336532663337616164366538326531316466633431373330
+62303134383633356464356463646238646266353661643033666638623366376264623764623661
+36313038623833643865383432323433643666316438376363373239326463306237313233363066
+65373137366464633461333133656430393165323732306539636462306239663536636639333066
+666461336564376138336635666466313432
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano_x b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano_x
new file mode 100644
index 00000000..bcec7ceb
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano_x
@@ -0,0 +1,30 @@
+$ANSIBLE_VAULT;1.1;AES256
+38323832643730653237636539356266356565313563336439303866343733633232663132386637
+3862343131616164323766346565326363313434366162360a623738356332333332306364363732
+33353432353030313831353366386330306536633833666163666235313535393238316330306265
+6166353639393166660a396265346533393138326330386662353562613939643235343339643537
+32643138393039323536636330393564306235396637326230383463393033333632336330316431
+33393131633639646566303661643738326365663263366337646234623061613235303365333534
+31623964363539646164653261346266313232333866623462633961353638613133343434643466
+64343838343963376364666539356131363334626536306437616339663363353666633263356263
+66356139336662343833393632636663343138393939653662323331336439336236626364646332
+64326331366538373431613033616530633935343561643836343965633861383266616133643366
+33623937316436326165383632336533616238346634386137656431666537383663633939326233
+35353138303964303938356365353863643735663336313430326235373937633136383536303162
+66393334393036303536656530636134353539336233623134616233613937363130356664396633
+31303139383339653032353366303236343431623365343363353266343833623166616636333032
+38636662343633343462666138363839623035613763646137376331616239666134383430663764
+65343134616636333137643266633364323466363038613063663433353631663034306637323937
+36643165353035366566343132633231336161373466376165663338623434303864356664616230
+38653536636636663532313032313363303565636335646339336366636339653832336461346633
+30393835323664616263303433316565313431363338343636336639353662656563643238663132
+34626139623063366538333030346339623666346464346135343935613266396635663262623730
+66353035643835303036396537353665663735373039663136346364336166643034643562653133
+62643032303261633461313065663430633839663261366333636430353461383332303061626439
+37323331386465313538323635323666383865343534663634666138663562303565356462616230
+65323732363463613933396437376165353435663235346166363566633961633863643035376532
+36626661346335326133396662323333666265313566643936386631373430626235313035376462
+37653039306465326133366565383866613336363764326435366361353961623030346161616139
+34363664343166633635366662343633316434353531393362613239333666343736383835333165
+65333932616532383334343466396332373838613965643536313365366362333565356439393531
+66623362616635316337333136663763616163323935383135306666373339663838
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano_x.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano_x.pub
new file mode 100644
index 00000000..af0989bd
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nano_x.pub
@@ -0,0 +1,13 @@
+$ANSIBLE_VAULT;1.1;AES256
+31383033636432396139393065663961343136613839326434386132333164656135353261383634
+6438383139326338666432643231356531376331373764640a646435373932306136666166393166
+63363531643062616237326438373932306364616136333363666264623666623034303766383138
+6331623562613438620a663733343562323331366331396565323530386564653662373231623931
+66656633363130626436346266666237626364376336376631623935366364353231373562303561
+65653433663334656630313433363433646338383539336161346537373139643731643761363932
+34623333373566623134626335626435613263313234373766313034613536626666353035376330
+39663839326139613835356631316666616165353134663035343338333066353036333737633666
+37386131653131653462303436333364663063623132613539396666643739646431383332333930
+65376539656465373733323166303539386437373462393731313764393639366237333234303861
+61613931356430323335343434666533376335383531326366363561356230666534623134623230
+34383932343630373366
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc
new file mode 100644
index 00000000..78e387e3
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc
@@ -0,0 +1,30 @@
+$ANSIBLE_VAULT;1.1;AES256
+36636137373161393138653831653564303639636663613162643533313434356231623135633331
+3564613334653764333866373535306266393337303234320a386366343432323832343161636366
+63666134626334386634656534616331383634333164326538306532336361346338343663343833
+6433386534643463300a623532656466393464363131353439656634636635373632323662653361
+66383363653830326461356266363835643561626165343164376466616165613665363033613739
+64626331386235333135386338376364626235646661303866373936373832303234373334356561
+65376639353639343665316164663463616430636561356264663933333233376464396532666532
+66366365343239323035333730373832366161363238346265333864643161643663623835623932
+31313961353634386265303137653461303033316633373161336332353639353938656238383662
+35303061393639613561623837386630633231383736326261343234393830333563306266356165
+35636166653466646661633730383762353334376264633833343339326536626162356230613934
+36373133396130313565353236323438383331343836373362343266386437623333656338653936
+37656434353533353266623166663261373166323862636261653265386332393061333438346438
+33623263643761353162313332393532303061333166326333613964396366616334626564393566
+32653932363135623064623838313031303538613361656232663339346139346366356339616637
+32333434393563643233326434336139353134346463343963396565376463663539636263376539
+61663364356332326563373165366666383539626663303938646333663438313939373164333562
+39396335623738333666643937326365373866303130306233636339623836663266336532393362
+31613639613664303334353661656334636335383537623734373232613564303538373661333664
+37646265323661623238383439643062396332326338383465326163363239616631376265366261
+32653661636630633431386665656364613539633536366636303864613037333434343133323561
+34303032616363353039356462353930326630356163616262613632303336666663626334356531
+63646461376463386333633337613164373938616539643137373663333531306365353765656165
+66613938633433386632333337336633623463646366646635636665356262613430396362323034
+35333263306531313164346464366630613665313339383463383130333364346363373465613836
+37363839643262316139623961333861323832386533366138366639353039333361303765386565
+34323336313130393437633866643662626634653264633263376639313562343964666534636634
+38646663346338623437376339336164363132386436613537616462373331306661643463663564
+66336565386638386664656263396664336436326164356565336166666164356661
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc.pub
new file mode 100644
index 00000000..9b8ca491
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc.pub
@@ -0,0 +1,13 @@
+$ANSIBLE_VAULT;1.1;AES256
+37393939356138343733653236356637326665663638643465346362346236336332313761633064
+3937303633363130313466326665333566306331663536620a663035653434613738343563623532
+66646333653535333036366331643931333837373133663436323731613332663435396362303063
+6133636464363532350a386562646531313139636563663833333637333839383339346164623962
+64656464383665326438643465346430316535383665333137653565353966393065323831623766
+34313434326635623564646139356637633262633035656639376138613233636363616263346633
+34333463613137616534376264363639623030353430643739353039336530653937646435646132
+62613262636635356134363533633532343362343232376233613866626131376234323935336632
+63663961323230383465643431323663663230653832643738636431303464636137656435626564
+32653362353634326238646263303963643337313139613566356539303965363535386235613863
+61303030326362306264396235663339376262356362626264383562393637653363363231326439
+61323632623136373533
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc_x b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc_x
new file mode 100644
index 00000000..a398fcbe
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc_x
@@ -0,0 +1,30 @@
+$ANSIBLE_VAULT;1.1;AES256
+64396661303234643864303033623037396637353537386165646662623665363334363366346461
+3731613631386665336335613661616537656164326330350a623139303133353937323037623833
+38343739383136383738373332356665666233613133373434386135613137613436646535306533
+6336623031623234630a383430363234313333306632666436643534623530356234666261323130
+31363762653034343331323333616637393834333463356665303066626566333235323861636438
+38356334313931383235323736303530643565633031663931616331646435323762313533616364
+66343636346535643538666262636535313231613066333466613737626363613139646635393139
+61613863383263393664343139383461626535303935366139373133343961356261373237386332
+64613662353137306666633832313939363766353663343432323066653836613330653963373331
+34383739383735393463666461666437386134326333346333643837646166383662383234376231
+33656238616636626262373939653362393164376635343433363237323536336666643464376331
+63383361633734663030646434333136366365383835363734313961353632386533386231353661
+66306162616161343361373033303261313031383030323266333565656665313638643737363865
+32663833613139303333343937313366663262326136323163366535356464323335323066386633
+35343364393430623030306537363266353332386635333138356138633835636233343061363833
+30376639356465366164343364306530656637386433363865633137636362326435393861326334
+64653731313637366362613330346365323261333333623936393966636434363465653138373965
+62356663313362613035666461643261626465326139356564383235376661323530306138323433
+38386136643735373735323861353661333763353261316362636636653464653137623430353330
+30653363346538633766333163633533616366396262633832363832356437633566623232363233
+36343666346364613666396434626230336338626430643639393438363638376135383030616134
+66323561313738363962346238363763393964643039363332313331613335346264376539616233
+34663665633166323533366338393333333436653366326137616533333137663564346564663166
+36666364376662323132633362313938646461393636616136643731646130623966313739376433
+35653462656338616536383338656530306331356537616432656330663262616334326330643938
+38396161346139313431616462313366326438386634643261663238353730346465373665616132
+37613666623465343634326433616535343862613435333833336161613065383165366366643339
+36633566316236396330313539653664303039373565303230653732626532356335373433376134
+61333639363565316465626664326561383061646163303533393734393839363234
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc_x.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc_x.pub
new file mode 100644
index 00000000..97fe47c1
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nanoc_x.pub
@@ -0,0 +1,13 @@
+$ANSIBLE_VAULT;1.1;AES256
+66663065393531613964383630646439653335303335356636313262396331366638383735666466
+3863326664316332346334373730636663323534653863650a376237313965376136636238353638
+66383132383831393361353337623262633137303565636437633436353633376331656133323863
+6263623237323837370a666161386139643465316334376135653663363964666136323336316130
+32613637363830626464376339376165646530363834393533633233353065633433653339363261
+32343232656231333664626465373634323263383039396232343036326635343563633930303063
+36346439333338356562653030633332613234393833313462353030326233643734663031336462
+62643130653266313432333338336237303062316565646434376563616164373666663433343464
+65646634326435636239313236336537306264353930646334373436616239653337346239356638
+63633664616537643237663266386364666161373561636233313265373365303961346566663065
+62333039643336333161616639396430323736363066353938663734373135313838336530666632
+66303035663232663534
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green
new file mode 100644
index 00000000..f0859d6d
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green
@@ -0,0 +1,30 @@
+$ANSIBLE_VAULT;1.1;AES256
+39316138613233313164396564633464353038616334623364656331383861313865366232333830
+6563386561633766323531616365353830373063383666360a333836626564393631303531396564
+34633864636437373163313830613538376562366665373762343339343435386266633834343133
+3434303263373730330a376533333333626332646364343431383662633939343461313061373036
+36623630323436303364663265356138663765613937326262653432373530353836356132353437
+37376438346132333165616336623032626263666639313161363836326563306233313835643038
+61333035613738623534323863363866346631653436326166326639633234393535393833383536
+36306466346638633561366139613962353336386464303361623537393030386233316165343130
+35363430643131303630616230633564643636313365623939623539336430353337323465616538
+65653538323035353130653233363039656230316264636565306234373262383132663736306131
+35633030333363313062386663363863323562363435633135636663643834656332373233643365
+63326630323832616361613836383030636664353835633036376435303430366661633236353463
+61333262383161323666313636643663663963666238373136306631396234633539323162636566
+35663362353861373834376437373663343366643234656633653762326634646263353133363933
+39353936666562333734633136366635316135343039663661396239303134623365396163376464
+34336335666661383136663033663537656464626537333231656334316334373039343936656235
+38313761623235303464363635363833653336366137373232303836663365353366346462396234
+63336661636636633432336139376137343834343463323362333833623164643339626632643161
+38303031366433393663376533666362323865616363323734656336316365643533643038343138
+31656231636334333133356638366438663163666530646232313333346461356538326332323464
+39313530336262306361373733623831343438666430643632626264646335353737653762663638
+37313564373166663636333633616465613235393963326530343363313166303737353766316364
+37303031633430366137323839636137383934653836636266656630363665653163363433633636
+66316266343533646431363565643538626662363531333765326664636130363335616464613237
+64633133393764663531663665366636363531326338623538653639303033613734323738646630
+66626133363936666635663031656232353466323737663164366435646436613832643438303639
+32353265336463353337373264633364663066643362353566393463663033626337326366353235
+65366336383231666261646432366365646439653938343534353365313461613062333261653936
+63366138313431383635376332323831303436306337373865356433613231663063
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green.pub
new file mode 100644
index 00000000..9c689acb
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green.pub
@@ -0,0 +1,13 @@
+$ANSIBLE_VAULT;1.1;AES256
+37373964396466663432633664653635393466363533346631336464366339393635623235343338
+3538333039656434313263653831313232333331666166630a363435383663323833336666306164
+31376631343936393037656135343130373130373564613531316632326266316163646131323463
+3764616663383132640a393061326630633061646235343362303833613334643966643061613037
+62303532343030616632383562653034623961633239393436376463303433616134326238393764
+35353931383736333664363535323865336530633861613034353334626665386630393463623263
+64383134353962373931633462643764346662656239633964636134386265326361343566343864
+36636462346333613663623932613934326630303539653634383732613235373931366332653532
+38656562653236383064316664336537313132613265646165383166316338343330396631643238
+63356138663233643665383834333036333330343765333832313134366166343431306335306137
+31396336626565633763653939356461666564343664326431313830386139316464643937393938
+61343136616434343964
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green_x b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green_x
new file mode 100644
index 00000000..97683082
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green_x
@@ -0,0 +1,30 @@
+$ANSIBLE_VAULT;1.1;AES256
+30643562626538356536306266376133346130313438616234373838336130353661613765343664
+6663616637643236646232653565376466643561663933320a376233633936376333663232333234
+37636261386437613830313235346263373163363839333430626532303939363563643263616336
+3962653264656133350a316161356431643434366235346133373030303931326663633134303032
+32353566623963383936623131366236633761633532363666663961306232376466396338383961
+63356237666230306430306562333534663462653234363136646530393735393964636463613132
+34343332353239626362653462393434633731303665626230353233616531323636396163386534
+34666365623665316238366130333336656535313463656437396439653166343361613562363735
+32663864653635613961356632316435323665373162393731323832363936333861363830356338
+65343634393137663632303962366232613462383539383861363430343338333361363134376161
+37316564623166316338656132393663333965393131653835623165336532643162653836626463
+63646664666361613436393132613436616633343563663031356635343134343563366261313634
+39633433396465336237366231616362323563643263396636666538633539666331663635333432
+36353364656439613664653236376661396132656631663137643164616639383338386463663935
+39343834363338363661303965333464356532356534333230313735343263366439303238313738
+33306534646630616531343439346331303431623731346438306661656233663733323737656264
+36393432343033333039313533316633396162326635623466346464633835346563396366643735
+64343863623461346637356633633738376232333265616537383366303431636632356238623234
+32663134646236323733353133653233313663363332303838326232313935333330356531333530
+64303734313333343035383962633533623565653635626163393166623439626362363365643331
+64626361663834396161616530663530623361343564303963343935303136303562306336633565
+34343637373135383838396561326631396663623337396465316266323863386566623137636264
+31326630616632613737393032386262376437383666356532636461343434383433653761313432
+63343736333939356333336439336439356532613462643636643361346539333364353066376537
+37343938343036663534373438626135343138653435633661333632353233616235333163623034
+66386532356637646461343866373836303536626234393663613962343835373538356434383432
+66396138303536353964643362653032636264653030306435363932623038383465393734393532
+63313466353435646663353037343230333161643934643930373662366531356638303161383532
+39383239336531353238643034333266326532353333373666636661366139316264
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green_x.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green_x.pub
new file mode 100644
index 00000000..c58b4ef9
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_ed25519_sk_yubi_nfc_green_x.pub
@@ -0,0 +1,13 @@
+$ANSIBLE_VAULT;1.1;AES256
+39656566383931666261346363656162633061643731653136323230363734383866393035636362
+3433336165366664343238383233313830313834643839360a633166396261636431613831326338
+64626263313231383064393433343934306535323330316435636433626531623731393433663761
+6435663430323136320a353432386265313635393035313337393838373433306166363037336532
+39353639356265373630313636643562313831666361333535356534306335663930353061653261
+30613234373365386639373931346231343366363837316532666364393335356136353837663161
+35636337653331323232666433303035303164663662333834343230366565643064393463363838
+66343165626164363232316631343366356665353432636666636163393836613030613237316530
+30316533343262333866373466653136333237343365643061613666376131633033653363353431
+39643663653438323963643033623733313539643964666535373636326136326363653436386630
+34616465633062646231313138393130643433333331636561353839373566313937613232343135
+62613332633533663835
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_rsa b/home/dot_local/share/ansible/environments/prod/files/ssh/id_rsa
new file mode 100644
index 00000000..f415ea32
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_rsa
@@ -0,0 +1,134 @@
+$ANSIBLE_VAULT;1.1;AES256
+39633236326335373765313866353437353238323362623865383132336538643733353864306539
+3864323135353061306461303633366632343361326133300a303362346636663038316631313663
+37336635646431373137303631643738663035303735396663313865663163663431663135666632
+3934323265313938380a336133366661653762613266663164653638366334346663383365373134
+65643164333435656164363864313833343564346137636261383733346536373736333135323631
+61333965363035306237653332386264303035626333373961323031623930643863313830666364
+31346339383764323462326634363630373263383530353464323833633761393064356433656632
+62393666303438613466313738316265336365346461383762666230633435626531313964383865
+36643564666336303663653334636361666134346337653135376136623832306139383664636232
+32636565313430373638306438346336636436323336613337373961653164353931633832653437
+31373161363066663433393362343538633139343466393035646332336436303530356265663862
+35333130663030303932663962326662396233333130383963303135616430383463393437373562
+37353564623863653565393937366566366632386233366432306138333666623832643233653134
+34356537643537633134636139313631313736363632653239626561323236646531343266353134
+39663735393636653663393738303338343232613137613262333061323438346334373261663035
+33333565373361633539353232316363636633633865663932626164666466316538663333616235
+66383234323564363663633430626665313931363731623361373132323631613563643830653230
+38363331363932623966623164363434356161373037363661326562393563313632306261396335
+39363036396265376463363963643066333962396565386533376663613763333332653135386566
+61353335646638393063373530383639353362663430623063353666326566373433616238623666
+61343236646239656133303331326265653466393034393834376335316332306435656563313161
+63303636666338613361386331653439326363646532396231343536363833333633313939386264
+63386630643834323165356463376232633161323338303832396434323033633930363564303732
+39346232333736613239373763353266623264313731303865323537646136373133306462333835
+31643062613166353663646239363735326430663531626439663833303731383936306434346661
+61636631366436343062353035303132323963333835636564363665623237306433633030666534
+36306666366330653164313939303139393263356364333837626531393963633233336164613262
+62373737363330313561636135373932663036643139346562303036373661336366633836333335
+34643663396666616361643463323538656532373735353539613239316362373361636434343639
+34323064633265353765386362626566633539633963303561633638316462313864643365393933
+36366339336564323966346364623233323739303463396538623662373831373533623536383961
+31633936363061363762626230663235346664313234643435386231363535386236333962353138
+31623439656163333333383136646363306333346665353262663232613164343436643863356236
+30303132313439613166663434363862386439303966353732623163306230313338316239346361
+31366234346666343631666437633033356139343030343433643033366164633432643661373164
+65646230366366373038323730636661303933363739633562643330636438313734376637663233
+37633636376561633335656636663561376232356433396164653265643935656633366662633639
+34643961383133653931363332643634646463653966663430336637383866653436386434303661
+36306332663133656130366534386164343132653965653365353966663132636432386465306532
+65316535316132363564366665653866383536333935306636313661613330633635386166396235
+33386533393861373965663562663634666531633431363439373664326336363137363461326231
+61376237373966303864396265623766393162303063643364633561303633653064633634323936
+33363031333261376261663735633133373732376330376338663565346439656534613465643636
+30633062623530373630313537333538316265363439386563613062393762333037316663333837
+62336131323239633039386133323534646162383431646534323833643062363061616163376330
+37643430343734623662346334663435666330333763626266666231333166656132376235313539
+31616431303061623861373163353133613462663834396433626464333632336164643765386633
+63633763313437663439306335663364656632663763366136363735376434383262353062356264
+63313833373032313339666666316433643936386461363862373833353835613532653162363862
+33323831353532653636613935633334346332636336346162383935373131376435336433633338
+30643532363132636462333436626266346133393632303535343438373464326333626330623238
+30303337663230613564646535336531636534343430333639633238653762616239373433633237
+37373062613833616165656165653239343732626633326164323137643332383462333834303839
+32393866663361623933343435363964383336383466373431323935336666633730353962636130
+39323134623131353435323235336536646666306261336639303036373966393332636530366134
+66646439363765613065646234303963313035383632626130323532363332393033363864393531
+37323137616435356239396630653830663861663165383937663364376434386631343338366638
+61636664356337303739623033373330616661366433333737323136373936383063643830363039
+36323662363661346466353761613735343435383564303763313339353437396632326233326336
+39396430623437663463626461323035313439636330626661666466353563613038316638656232
+61373138336331626131356338626564303437386664386364376334303063633235323162343866
+33616661303137663233336539633139643436643539303136313731373237646336343962323138
+33396431643238363661623238616532313861663939316335336366633763366265373435373261
+30626665623864663932346233306437346530376261366163343437613232323039346338393061
+37323739333764343038643332363463326130346435653436353064653663333237636530633435
+34366531653464346635633935643934306238313739346466383739353730653964666362333466
+39633766666261623666613137336663396564366634373937366632653339336661646231616235
+30373062626562303531653038646436656561313933306466386134623936393964383335313031
+63646561313261373738393363316364626263383532383835666136323265303163376232633034
+37313463353030663139303333323731623334646662303536313938333762336535303536663532
+33346234666464636434336533613931313036636338383135353235393464353631656330353066
+37323734333261396266636563393839623035366438356437616530326334616265393430336134
+35613831353632363534653862333138306530616366393337393332313163616164613731613266
+35663561633265333665656539316330383535623261643164636437346631633531626132623134
+66303634383233383133373232313931666661656536646232353965626362336461373639363435
+66346334393763363862306231343831616261363662353936333033353338373039623632393232
+38643639656164303234313738356532613132393134343435373066306234623736313966383761
+62343736653434346564646463323661393737363463656266636639373635383161353230613736
+38623032393439616263653036656361393565326366353838313739323630633635633562633331
+61363731646630663433363734323163666232316166616435653338363463666636653766653263
+32356435386433336236386232313163643537343233326337623338626237316563343435363939
+31316639636337663030323662326463353230386566653330373234303635663334383565363361
+63373464373966646330653932636562663632306338616562323465373630303362393966316461
+66663064306639626539636339626534383265663565376366616234333939373161363361303535
+31623264363163303361613165376636386235356432313265646461363039636166653430356166
+35313938613062303435386539653661376561333966313036333863336664336635616165376333
+39393336336539373063626139333563366133383636323866323333356562386161386563346364
+38373333313063643465323232333631323132646134323963366264636437366563313132303665
+37623636643436323965343262316532316235363263393465323031363065656135393334356165
+31346134663465313665363033336233386565303731653436633239313561333533656133383633
+66323066613133646461656162343938653330636666646332663738393466343736656362636131
+38623634646431653863313332626463663933333636333930393732396262646130656561383765
+61396237346337393039353839383135653234313239306639313837373461653866666634383737
+66626462303866636164346230343130623139623063376361313633623630656637313563313730
+33336438383033373236313530333532363137393566393564303933653466666163306666623637
+36646166643033666534373133393839313561356633353862333065656438656530333932623235
+39303733666566323736626331353963343132666464656165393236613337623939333432666432
+39313732336332326135363261663935383161313266643434316538633766303932333361373535
+30316165333763346562316435326132336139633662346334623436633962653630366465633538
+63356233353964656638383265396534303835303266303537656465383135643436393130326634
+39353537623263396131313362653264356134643433393935616165396436653632653065323135
+62303633336364643439653333313933626665373037393364373864323631666134383662313930
+66353431613166323037336637333432316236323462393535646332366338393833323836616139
+34306638336530363836663236363836373937383135353236343536333231303134306465343531
+33386636623633666533656132653138393130306338393034383930626666633361393839653431
+66323336323436346164396434616135363163383961666634376337346638643963613137393466
+62333764353163393637396663353338356364333930666461623664663432306238613038616136
+64386363663439326365333338323033353035313331356139303734363264663030323032306532
+63336534353064336639313365633537633235356332626333656463643639636565663838393038
+30363765383034326439646266616262333230376132626462333663373431363236656231303431
+37393061613433613832623335663365333734313161316166613730343330376332343731363431
+36633165613038363661383361306464623366626536366132376236373231373864393735323863
+30383630393766626334343032623866306233636234623438623632303834623734376163663932
+62626166386662336237396431353138356166666137353035636264303062323361333939353130
+38643164353136323037626134646665353132643835393965363363313730666634643162643163
+35623664313236643636373836393237353735303461663436303861303936633665623037613066
+33643339336335346638376634633262303930373963316562343938376536366534316531346339
+61613732396465376666316337613032343663303961653733323639303233313839333433323432
+31376131646261313232633265636638326266323264383637333434656166386239396466386335
+35373261623163393739636466353237636461623839663032323331353565303434356361376564
+36333131393530323233633766613232326465633766626634353061373931666531353063323961
+38373861663137323730386366376664386365643734356434393661356633353036366331316261
+36626135326635323464313761346336393639643163623636393037626231333436323733373264
+33623431326661323063663736616534326130653339303530613563643763383735363638646636
+62333564346133376565313938303563653830643534343830336364313166376334623436633332
+30366130653264636165626335613266613039393339653934623266326163663337343361633038
+63643265303365396132656564386665333264376563313963383935633730373132653063346639
+30336462636635363361393235373639303839613466613161346261323639363931633930353337
+30643964383336383033316433643833393033656166626439336330336438333834303432373731
+63646434613261376437663834366534306234323633386333393363336539633362303830376430
+63353363373062376638333663313131333233386164313932623966613561653734303637333831
+37376635366461376236313830646338393466333037326536636666353865633937343136666464
+38396630383961366138363132323137663330376632666563626265643461393837
diff --git a/home/dot_local/share/ansible/environments/prod/files/ssh/id_rsa.pub b/home/dot_local/share/ansible/environments/prod/files/ssh/id_rsa.pub
new file mode 100644
index 00000000..a03599a2
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/ssh/id_rsa.pub
@@ -0,0 +1,34 @@
+$ANSIBLE_VAULT;1.1;AES256
+31343231363631613635346365613561376661633839656632643134613764363939663932323231
+3030383834643831333661613630366462393238633730610a323661343431643939333436646361
+30383563633033303535326166613762663061396437346631363261636636373132336164313461
+6237353565613935640a623431396133666234353363333264613333396335633561663764396664
+63343163373438393735353530303265313634376566356661653135356134333536396361336131
+31323331336631626161393134386463633561636662383136633038386165393261313439643933
+64353839366162653764363362653765363862616161616638323130316633633764343932633766
+34636335643866636362363038643433346330343764323063613931356565353836343463633834
+63613163313135333865363963353366613131363130336461633761356532333066623830383961
+64363338303632653730643635323039323338646665393933363262656163613933313637626162
+63376134663439373930356133383230373432396639393333386464366466333730623037666235
+38356231386366383936633937663434303963633265346666313032623361333436666663633462
+36396562343035623832653464656465636436616337363862623362356261373132336165316432
+39383463656637653063396638366566363535313162336362376363393933323465393564653335
+65303033376563393638666363666161383639366638303231616536613134373161326632636534
+36353665376634376139633639336666346337643864653832636334616438303064396434383538
+39303134383837383166316162646637353533396137386537383939363937373363346162636636
+64366130396635656632653435633433656663363665323732383834363936376336633763633765
+38386431313764313734316164646265313333363230323963363666383535633138643532626462
+34323539376239393933373465613838326335356361623534663934623465326237613835636338
+32613565616533383964666437643030393733343465636464336535326330626366386462303263
+37346366316365613031303662626533373166663834323233316437633839636637303162343162
+30376434643232383134323430323561333562373738326338383934393965346465643536643838
+31616332336666623966343437363037633337306631623461643138666334613065383237646136
+66306134656530626333646535396133613934643061636361386435353265313466353033626635
+64376535346562393430393532633163656564633965656162343864663066313466343238393237
+64306361653135333937646662326539626636386339373733626665623930316465393935396131
+34373933326438636662663138316435383563386263306261643062353634646132353438643161
+34636231343031363866346634363364356232613931323538336363313234636435616230386130
+65633633663633383234623734653264633264306361346239363732633039626537623830383739
+38646464376432303530626661386366646531346539646564666131623761316437386161313837
+32633861613836643030316637613533633238633132653433626538386166363864383435363865
+35633032303839333638316263313564323066646664616438623664326135373865
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Greece (TCP 53).ovpn b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Greece (TCP 53).ovpn
new file mode 100644
index 00000000..78a64c74
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Greece (TCP 53).ovpn
@@ -0,0 +1,138 @@
+$ANSIBLE_VAULT;1.1;AES256
+31653664363861366635366661306538346533646563613439366561393362323763646231323766
+3364396664313333353438376364353031376135323938620a653632383635316532613535613135
+30626637353435356663366331666232376262336136356266366538633764623661623239383862
+6661666336323230660a633134653935373036636237306435383961653263313230313666656436
+35303333666466383539323934313461353661386138613534343962633931616663396633633239
+32316130616236663831666632333561386231633464356637323761333034616130666263613166
+65386130333535303837626237383932623135636436363637356237626265646631386539346639
+39616639313164323230346634643639336139306662396465333662313630356264386435353634
+66373135333638616439316233333764623530333065636339663132646563333838313861313734
+35313861633737306530316435663761326239633137336339653532343864616231326532656566
+63643963306461623365396636373435363633333136343037663866306362343365356463613864
+38313238326431633630633064353831343730636464366161646461316665666138313439313637
+64666263356332653537373161336334333262386461356631383535333932653463623437393663
+31336437373133373930666561636332623432393263373132343730376561356666343831643232
+30363733373438343334383762303661666535363533643634643234613235653336343862336334
+31343435653466616461356234373834306637616638326265313462313237613834306538306132
+31353361613835653835386432336363613261616434326662376163343833303565393334643462
+65643038363338383838343733646264363761363665326330663939306638346431383437393336
+64616339613363363530643665333534623332383532306466643730383533666131396561626335
+38636230393737306433343938393462633865666631636439396130383236343739326165316463
+35663436626536626633393338343635393030326462323530656337336435306138396165363832
+39313963383330386431646137633136653264626233616430343831353037643863623736613336
+36373661323730666135356563323135333137383638636564666363633437356134663638353136
+37393932393365373835643439373334396639386539396437393461306134316132303630376234
+65323137386330626531393764653932653932353239396636616331306333373435623730373634
+39646338666165396136303632643338653539663334333563353863323033656637343033373764
+63336233393735353838636266363439353938323864353436346531633964386465306637313939
+30656634383165656531623337303831373434393163303232636566333135663739613265613861
+37623933376464363266333739623639656535643766383135613731336236366163333062303761
+65303436303936396661356530353766363234303464666330653465356433383835306561373664
+61666133666630386639626330336135636564616132316238316632613933363063313738643238
+35343236323539376536623438343439393637653265653034393534303463663533336531346335
+35656264323661373237313963353637366264306463613630346337376136346332633662326135
+64316565353533336135656430356663656639353834613563636364303961323335623034373632
+33353131623536376236356139663862393664386134326136363632663932643330303434343637
+34363934336664383637366366663637396431323238393661353533313333346531356135666666
+35616139353236343262383335373065363036616431666539626139376630386133353437633835
+36313236366534333836663438393131646262303163303730396563343161393538306630303137
+33343865313134333539346238636638393333356432376364643735623562306437313562613630
+62363536353431633366333335323264383831313361336537646464373662316363386161313534
+63303636656530326163376539343661643336333132306534316530353033366166643639376237
+33346538353036366163363634363332363930303465653265386338313531656430346366646631
+30633938663466346337333261613861356663316433313439316338396131636531646162643039
+34313064313761383465666537646633643366393364613334366335383632626163666661613630
+64323038323133396338626538623261393462383631326536306232613533326138363466393934
+66323035623765373539623465393630396365653663313964373366303639643964393131306436
+34656363666439623838336635653561346363353331643837343266356433636663653362336232
+34646163646430656663303036313834633764303035643332333866353633313064643263336666
+64323233313736386566353334363534643035333661323234333066636563653539653932626436
+35633862653138346230663535393966613862363635303366633963383163323065626635393262
+35343533353262663834366235616438636561333435333438663866343966343934363233383335
+62376538653731626634393966353962616161393262313538303232306264346666666266323932
+39636166306238643039346462323466663931383762653434306130396633636336653936343666
+39363064326538643532666633333163346431663664306164633861393534623139363764623965
+61363737623764306134373736313635356432326163323035656536656263386537303366636361
+37343138666162623961323563346266653033633337353361653034376235623761636335356537
+32633864316462323531346136616330393337386261346165626662386430666637356562376263
+38306638383665626666613763613664626237333866356336393233343065316532363966393535
+62353162313039626132323963373266313733613963333761616664373661646332343634333035
+34363065616563336134663963336461633362626630623334386334663234323163366132366531
+64613663656562633666346666383038646264613262663235623764376637613332303932376539
+36326461333963663534393934366661623330666430333361633162373863666438396632316666
+63396133656566653835623161313739386364316232613638653832383236376165346662633031
+34353161333834613038343765303564376261323531333566636336373430366536383762303737
+63386235366534633230326636663533363734343439306564376163633836316366323966613838
+30303664633030626132623832363265376139623762376536653538363133316365656335306537
+64616264376464663862366639653532376535663530643836643634323135303934393636363736
+30326434316339333431393637396339646465313535363561303239373961303564643739346663
+38306631643933333565656564643363323835313864356532623234316630346333613735626133
+37346265343662633635613163373662313039396633316364303930323931326635623937353832
+30356632333931306162393832613331663036373535346333326362666166643561613030356361
+35626562336431356565346166633861316366303137666233643334616364646435316664376563
+39633836313063356562616538303135333332353736613435333832616563363463616331653936
+31623364653732376338373334393633323131316332333162393762366432656362653034306235
+66653233313539633335313631353036313862303464616536343930353663383863623866663138
+37396332343535383132646638393666316238373532356538643034633636396236653134356336
+31383265366439626365373732393461346139313164616261633838623235613262616265333864
+65373839666233356637376638353038393832663237633362633961353538646264623934646537
+65663732396639373363653036306539636338313862303164646538393731353061623336353932
+32616463613732353837393161343066633131383338336662356531643265353665653634613062
+39656365326662633064393236333261663735363636333139616636643266616464623663656135
+30376364656238386334386265633036316464343832343632356162303464396163303066623335
+66613533353930336138393865303265363433313138386538343862333832646466303737613137
+64356234333165343763343466333037636363343064353436366337366466363263623662343734
+30353264363536643062666264636139353264633937623938356430353033353665396432346531
+35323138663366376532633166656463633336623633306266343265313066303866663366336231
+38663562353064363432306437666163623264363731363431616638373034393832363031653263
+35386364333230626234633766666130633134393639376238663562323833653961386136313961
+33663930323230306431653035336261356663343634636362343830373663363263376534346264
+64643538366532663961653135656665656533343363643766643638343736323161656661373139
+66663036353538663862623439653531353233316138343964616639326261396133376332356365
+64313865376536346462616632616163643265653239353331323364616564343030366133623338
+65383430353763336633336539613965613938373136646662363033303538373735613363313336
+39323131356463326234346665663733623334353662373835336663373362386630376136616364
+30343631396535663637313539353732356633623633343963623935376331393866383632376130
+31333836653234383730666133396265646363633165633635663339366166623438333266653439
+33323439373061303462646631323639353537353265313237303132343837323665306636623930
+32653065313966333166663365383734353430343763353530613338663537663234323062376564
+32623730633639383337666636313962363035646336313065396335653437643434356361303865
+39356131353431326662376639623633373266633936363066326534633335383766343935303030
+66303463343937613662383733393431653362346234653132646131373932306362386536323964
+63663334386564356632363165626130356431656233346638653562613662613166613963326563
+63353164323462323236363230316430343837623135623633363139633833656635623134343062
+35393939633532353763643562633437663638393830643830653837636234643139383461626564
+38333464653061663336663064326563373066666333646461653635353438333336393330306161
+35633439653634623563616133343139316433366333636334643239313931616232653938323634
+63653839356233383262616262636163663161623634373465393363653739383732393635663463
+30633732626237316439666465313466373639343032363963316131333938316262383138373437
+35323532323731373239643664386163616535363366303336333361323262373763383632353763
+37336230616331343161623233333938636261656339633536326638613061333230636532633865
+65626636336263643230336463383262323137316432656162663863323230306663376130323564
+66626164336130636564643131383437666638653035396263326465666163396661313738346332
+34323837346265616564396539323362396437383234303563306461386530383837616431656463
+63383038366238393138373034633834366463333033323539656536363331613936646135613962
+38373936653035653763346238356463616665383139623737326566663830613835646538636333
+37316534616639383361353638656638393739323834656438613466356430366433636338646533
+65663663656534303434326139346566613035353736336266303964383366376138643330623939
+38646239633365326631356434323832623339396465653966303638306432623164623263623165
+65623432313034646663393864343866326338343161643035356137366238376333396431326361
+30623965383734333864643863323962303537363038336235313064636563326330653161306631
+37323339313730336236646339623533633338393333343861666632343731623736656539383166
+30653865623338653037626564633336326164356135346138383062306439333566373961333835
+38623566653635383065306133323334333466396234336234323337363461666232616536383964
+64383538326336353632626538623030303532316566373834666164336535313939363938383861
+63316136636662396534636263376333366665313433303564653938343537623230386465353131
+31326334386162663065343362373463346531323731353333336161383632386665306565323538
+66316361306363363565373061376132386534356265353561643664316632396264653837376537
+64383535656432663566343864373266356633393333666266633930666132333132643063643166
+31383637613136353133396538386235373439313932633031393562303464653261633830353535
+64313735316265663561393430666361323631333935363564643963346666303039373237333330
+37343838336465633764646431396461663132643136613363623030386462303931633138313530
+37306266643863646462613461303663303363313066653932326162393835333434383334643963
+66666230376234313035643364663139303566663564646564323665383463363338383833373830
+34313231323466363933313431373235336134623065636235656561616662386133343831303336
+31633261656235346139333862353666613134316239333533623738386431376436373830303661
+30333064656635383937313031363461306563353665363961303762393761303331343661376665
+6634
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Los Angeles (TCP 443).ovpn b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Los Angeles (TCP 443).ovpn
new file mode 100644
index 00000000..708010b0
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Los Angeles (TCP 443).ovpn
@@ -0,0 +1,166 @@
+$ANSIBLE_VAULT;1.1;AES256
+30313961356233343033383039646235643336363062316139356433393561313962656431646562
+6239323537343032633361313763623463313963663136340a353262363137636337333538646537
+65313932613633356565323630663862366635303132616430396338623632633563613030653732
+6533356434663964610a663837613031613761366366626434656138356239346136363566653264
+35613061373135643664376534393766323137663239643030393335363630666230646164643833
+62633762373037353036616136323934613566623466656131376334623865333839343964336266
+39623732363935333433353833613137336565386239613533626535663634636433373134326663
+38363766653337303065646362393431666132646637663563366265386264313736666263333235
+63376265393831616363366232316439383737356163363862396461386166376563346332623465
+35663030343131653662613132613832613937616463356133363161343331316461643161383439
+39373963303765336639303632356362303963313031306166336332303063303661383337346663
+66343432383138343031636464303838346133663964353761353233363838633237386362333536
+64346564643366393662353530643837343166356534356332316130313032373863373662366530
+32363831323732643566326535636163663138646464386439366366383765643963303439623936
+37623837623333383662616561646438396137346530353062613134623338306437353337313362
+35663466623963343865346462303665323461633930303638386333663238616536356664396635
+62636237316265366664616630366439643335306432663663353136616531346235636232656233
+61326462336439303362613364363762316134633035323534663962393664376131336231653838
+32633466666436313861393266383561356161663237333563656235613637656230356566616338
+66336662336135346136373261383266346537363739336239346366353432333539373537313938
+35316134653763373436623332633533623038363562616337613331353634336161383961386432
+64653930356530333532343566626332646431633662643438646262633938373231363336356637
+64633664383466633864666236633663666232653637323539633861636264643238306135366434
+64353831326331343562613762356165356365393933373763316266663865613431626662303962
+32313730353961353232663835376330313161643738356562393561393839336238373335656438
+37383965656264653534626266656233313262666231316162613736363162356237383133346163
+32613238643864613834393439653562373835353836316130376263393830336430333936623263
+61336462363761363737653330663566326530353535336638326232343634633165613436303062
+39616539626530346239306661613361326162323263303637623664643164613434356461633133
+38326633336530343039363539383664383737306365363834633536326332633561366566646634
+64376363333062386464636338343631653665653638353235373862333366343665636566373865
+65666639313864356232303335616331383530393531363463346231376536396362633233353964
+30646531323438353239326139633965616639363236643833336534336132383034373864303834
+36303035396363316335663835633436643161623162333131306334373339623064363634616537
+38313732333963313632663437633935656132333266383136356562313566306534343365643037
+66643434346538323661356537356664343565666435366163343230316163373834643066623632
+63613338653634386137373239316135396131343061613136623863343439393033333535313634
+61393730613466653030653664666661333036313930613730353331363665623130376135373666
+62373938333462343033306132373766363138373237323238636163336261646162346662656264
+38323532373237613235646435333337376139656566323334313532383337393937633133663163
+34393233626132303638643331363435613938396662316530306534323036396238323666313261
+64353862633262633161396135656362333365373333373464313535643530663864633938363831
+65346330653836336166346463643964666531366463313532666465376435326163363062386366
+35393439346365643663343765616631326539383763326461663739373436643964353165316466
+31643938323338343066333562383764653234616136396132326332363539356332643462643738
+32343138646331623361346339656237613737633338623264316361613134616431393039326166
+33316139613534343534323437343937323435666638626330373765623165666137346331366163
+64366362333963626531643236333133366264656661653130376138326635323734383939363931
+31626366623064313436353036326639303631303061343738633365393731663533343638656561
+38393361623139303031336666373738626465313864373835313734386665646632613064303337
+38346433653466653761326366313139666331376462643330396330653032656330623165333331
+65643763306334636161633836303837623864626465616532646431303634396166636438663632
+61616137613066616237383135383832623630386364383234313834346137316235353364663131
+39633062373730383234636639306135373565386235393131333130393334623261626438393766
+61313930633530323635323566656662626531656132343433386162373338343865666233653132
+34343037343363366432646534386632323532366263346134353565616234366462346162656563
+61333866346634333161363537316536613233356134303039663837363636313830363365343636
+66363138653431333133393837373363353532376138343037366266323830653030386535323937
+61373666366466386465653266333966353662656464353664323663396430393364373539643134
+62343362613337383434376633316333303461366539353235313066613938386661316338666565
+34356436323434653363663432373836613930653666616136306235646331386664663234373636
+32303930366536343064363333373038313132643337623963633661653632346631623764306261
+66643134363139356135323531663939306135666235373939303138316361646230343037313435
+37613134323962383439373662636361376230616638306366666539633335633061633434306262
+33346261343431623139363030303963383231323834623632656230376532616538313734626366
+63396234373362393462333432393039396362643434623462613735376561313039313563393534
+37353838366237313564346439373463623835383831623063646166613066666138386638316234
+66353830303738613736303736313133303262326135306466303036336465313833393533396532
+36626666633534646330363239343733326463333633636230666436383965643830366632626363
+63346236646437373662643332663633343866323138316438343331363163656437656163376332
+33303562663238646365343730343338616436616431653865386663613131313665656233333066
+64333131373065353036326538356166363932326431613265633239663933383530393837623631
+61303432383461326338313166356664353138373139663738303330303631313939303264323666
+30643363663965343361653066666330616230306633633131646431613232343737666232633961
+39363739653830373931633235623966323934303365383266323630346563343563626662633664
+33623764663165306430376430653565363163663063626238353632646438316636316135643833
+33356239643135343635613233393232613334646633303533613361333764663966366538343265
+66363862623966313532393730383866623463646661373533636338663062313766666634633432
+35653761393532613563613065653962653661323265643931616566636164343339393633626438
+31333064373163383433393562366639343738313032343563343665616137613364353830353162
+30323137376538353936326438656635346635333066643435363162343563633535326630653834
+64633237396137636537303638633864333463653030346362353834663539656639313566373164
+33623238653863373430316634313633383464373032303365653431613431663063633130653462
+35343065333830616533643939383862313264326362306663643733663538646665366536303161
+36313631616631636339653135376533653636383264333861343865623133326362363131653462
+38616365306561636434376166613966323464653436346336366165376535623332376234383262
+34303834333230313730653132633235323866623733613463356335383732633265313835396137
+66303631386336393764363139663434306239653761316262323538353162376638613237356237
+64663466653262616561616163303734393335656336326339326438626565333662313634626531
+63666435303865383934306536356463343837643036393831613530316364643361656334383530
+37306437373262343334373134623139666262663932333765633336616139393464333239653963
+62366364373432316137656631316363313830306162323639313365393463366462306565613365
+39626234346433393431376161333065303531616264303237343431386630313136653234353832
+35633239666237643537333436623763353266653135646466386238623431376238343034333863
+64396166633930643363616162376663333561373432626265313137383833386331353834636332
+62303862393361656563363561623135306664346436646366656234393539303166306231643964
+31323631343730353561373736653931623365306239393664646431333463316266323334376132
+38376530616265343630363237326232646661646432383138643239393764316364396534373365
+62373164653065313736393130393536313939366438643966626534663730333732373163323936
+33663130636362383236666633393038636133303237356364383364353033353133333664666437
+38386365633533663136346466333939643964366635353663613962323062306539616534616237
+32306431653331306366383265646561313734313164336635336634653039326261666131663336
+66333365376632376630356436383163313335373961636130323463653734356366346635356232
+62343337353538646535613864633066306434336532336435653832323630383261626232366532
+34333534613236323633373037306535626439633133313239323665316639383135373133393766
+33383230383931616335353739373630633135643264613435626439656263366336366461326436
+32323035376532306465656334653264666661343534306433383530323037303532666238363633
+32613532633930373134363536613564353961393238643562623838633562623961633334643362
+62386431663134353231303366616566656334343837646337366561616666633830323633353231
+35633537356362373065343230386538393133393831373031313162313166663231643039316233
+35313665626464663163323235663030663962656566643333366533323063643239666263386137
+38336631306561323664306665636362306262616461363838393865623835636165343862666162
+66306365356431396639633036303031333263346338353362643338653835623133383836376566
+61303039616136343138356630343031666234626532336161626532356631616135376564386231
+65303663626536363330613964633464633239636262616536383863373766623135396636353865
+34646366613163336565343434316335393564653133623932633137383466653135366639323233
+30323836333237623163313030336232303032343034366662303937643864633137653635323130
+64373736353363633435653335313635656435623061313139356439363762373639313530326330
+39343732643666316231653930663934656465366464336136353337333566663064396231333031
+34303939616163386261613662646334323033613931646662346132376533663831636561616237
+34303134633430326533663936383739333064356331333933656435353234626231616361336661
+65396630356235396361356466343634313037623935323739333863356430346461303865363762
+62643330326566353936346662636361353162653935663834336464316264303765663835353264
+34616666313565306536306562633531623439376436613562633933323163663964306361303732
+38636135366634303439363266313431396164373135646137356465663032306532363564656638
+34313930313136393939373032386365383436396334383135646132333761363432633465366436
+38656534373230386638353734343637653161633330623036323734366465336337386633393165
+63366665366630643434313861346434363462643961636564386133386562623162633336656330
+30613565383336306664383465393232313264663735336231626561306232303864393030376332
+32616234313431646662366461653035396638643765316430396164663636653036363238656139
+34343563393333353831303938663638636261653463646366303231373461376564653038613861
+35353938366630313038666238626138633231303235336163363866356538656438643838356466
+33306334656433316436353734363835343066386432663862636130313163613462623062616638
+38396636386437633634646666636436656237323864326262613062303964613064326330623538
+30303861346262626562366162313731633664373963643561643338623331623138616363656666
+39353938616365336132376137616666373133353239316331373633303939306330656463396339
+64313631663661386233666638663133666665663931316433326438363663313031306466623163
+35343064626561376639326634383064623839643836303966396562653637653937653832363139
+35393466633838313537613536313033646664316137353061663733373966363638383765653136
+63343561366261363836643530323162353161366330333162313836306138383736376461303539
+65636632353237343437393762643932333062646261633337323534376337343038393635323035
+62666636376334656461636361333035633462393539346262616432383831646631656338336462
+66303062323430646135356639623565336561616462323562633331613935393362623731343266
+37376162373862663836663134646263623062666432383035386631316666303032326461613138
+34623366643062333138373562313439623461343833306530366261333336663465623831373838
+64346130353965663365343534326562326230376661636135303563303831383366383934373931
+65356366346232353932373838353365643334663061643964396165656636626664666332646665
+64373939396438653730396338386630633636326335336434373437323031653833626534393162
+66363161303765303833386536653539613532643335333463653336333933306538666139666361
+32653433643637353038366566373539636463653339653037393964346437376362306664656639
+36363665633865613233623865623562613734663632303963666131363932333738353433353338
+64653763333230346532613839383337366363343265616162366130373931373834313033633863
+30633132356261653235393136643736373738373337623866376131333232626330363037383030
+61616333353838306365376337653733306431623865383762623730653766636633646362643164
+34363433356233643561643562633334346366613232633733393533646664656139613636303536
+38623366363930346366373934636136663231663935396262376264333031353935363863363631
+63343462613030626563373739303238636435333131623332656363626430656431663037363463
+30313834383666613433383739333363393738373262353866373037383364643435653637623361
+30373666353962373264633337653432313565343765633634666430386434366164393337643331
+65383561363834616437643634616139386666636666396230326635313862326134663433333365
+37386536656634313737656230626465633031323036363462323461623166636164343730363539
+34326435626533636335613264613638636238376362366631613261323661326462616133636565
+39373465663565363238323261346363656363323461376431313231633936316536343537623064
+31616162363062626262313265613536643732653865336464306533323662373137303137323539
+64353361633163386437396131613266363337353561653539383934376533366333
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Luxembourg (TCP 443).ovpn b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Luxembourg (TCP 443).ovpn
new file mode 100644
index 00000000..7be9416e
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Luxembourg (TCP 443).ovpn
@@ -0,0 +1,140 @@
+$ANSIBLE_VAULT;1.1;AES256
+31373662353430326163316436393362303630613566356631346463326337393863316230363532
+6235303565623030343539643235376634636134616136390a326232393061613031643366623535
+31383931303665386435643837343835336333643636366166616462643836373661613764636230
+3035313635653630660a313536363936383464366664613466393236336536613034356238633961
+30663263336565636635343932656539666631323539383638633931346132633934393739306237
+63333033653962343665353639353563393831636362313730303532356536663738656233333565
+36663834636164363266623466366563353531616534663533633733636266353661636336663433
+30663039636432363763323433646464383938343331356561653630623637396130393135633466
+63316131306565386437353236626634623839633931303465386435386565616237623436353064
+63656632633262636332343961643239663839393562316138636662633066343166326231353338
+66613730626366316366386164626332643539666266386665313233633466383262333032663437
+38633266316365393164346166343866663265396665393030323932376630343632346630646130
+61613737363562373466343865393939336333636566396164333331666438623939633832613062
+35326165313936373437653630646237393933616630396538313133613634346661393135386462
+62306365333931303438353161633539613436626563323564656233646261633161356439613330
+39616435643963363838326338366438373631616330613335643330306538313062656630363065
+35626532636666316261346633643430366461343630303033316632656537633435333532343739
+30323030346263656439306431303630376634353934643461636465663531653435323037333739
+64363962336231383537313232643739326435336264333566363637393732666337366233633539
+37373132653435326361363063363430636465623430386537663830316434623161303062353866
+32336265656531623662633837303539316364646430336336333165623263313965396336373332
+62343662333936633036313264353835653534636661306162326535613263666565653964393735
+39353831303733383535396233356531303339346161306331653265333038643533326132326665
+32613933333435623631343461663730636465626362346536343362353965383766323035316466
+65663139646663616530343035633763616237613034343464306565366238336538303565623865
+63396462656463343634323663343037613133666432336662343733346363656135313061663664
+32363039366433356566366435316330663235306332653262323862393930623332346162373163
+36376561383931356266336665646135666332353266303164626432633935623537363631353135
+31346432653437323835373765666331336638643866666262623063356665633839616334306663
+31306232346165323861633236326633636432666664623330336539356462633964383664303862
+32316534646433666331383464613164393866623261643637643439663037663131656434363265
+37613463376161633966396539613737663832623462303934636537643235653765333934656335
+31396235333535373835396364653162383861643562346363343433353465653362333635393266
+61643766613238636337336533366530333231326363376161396438623739653563323566373630
+61393931303235313638626532333862313866656236613265626435326531306666663966336634
+64393330336637396237386638643030323362396465313761616635303433363636623031663366
+62613237646138626435656337636162623932383437316536616335366564303336346338353734
+30326432316637363762633063323130633838363464376661316534613534326336396632663366
+63373933393136623338316339626232626634623962313436373732633964623536353134623962
+32393739313539633164633564356364393663393264616661633563313765356331336133373162
+38313964663163326237643130616636633538393139316131386330366163646436393064383032
+66643433363766396530633736323134666534613133666334663761376436353261643030383136
+39333239666337383130633338356134653430336234616161306664336330353064383062636231
+33653466346562326263333134336362366265623866333934363365336361303566633835653565
+30623936376636623361616433376439323730326230656331396232343937303131323236343234
+33323132306235396264376437623061343063313563366138613933646366653139636434386631
+38663832323666393039336338326466366337313065373434356433656338383738656433356530
+39656535383534643664643966313732376532303832383635303865626565643133363961613435
+37323531633335646533356638353262623634363262663063373062613539353931373138393362
+37376363333734663163653062353533306362373162646664386136303465663361613536643864
+30636434386265633732663733366334303063646663376663336434643866653430303031356432
+63303532613765643836363533346364653962323561666531626230333731323063383137656531
+63633233623330343932626364376562363465376638663532376361626331616162653636383338
+38353431643864633431643431313831626463323931623533623732346137613633616137623066
+38313665353265393233333135363231386335633761643664636137636438303261613366613938
+32363166616232616364383033656136366134633763356531313036343332353033373161633339
+35653237366437383165306263303362626664663164623434353836653633623432653064396663
+38376536636432373037643762663835366431653062393335306165323361303066376536353664
+31653537333139623130636537323761666339646630373930373636353639333963353064613833
+38323930373435356138623765396637623463353465353935633366343134623061376632623763
+62626566363438623234363365613639616432656135663338656533633464383535346161636634
+30613631363534353162383334313433616463656165616237303038326532646238333032333334
+34386230303539396332623738333264656466333230616432343765383935313364353761643030
+34623761313934376631303731346437363766303164353164653936383530383435353037633935
+33376334373662623434313037326134616565313636663965393838616138636466306433313263
+32343735623538356437363133303865346331623031336230376161386635303163303130613833
+64363266316131366436383532333563373837383561653062376333613338323766663565663432
+38303937373233316234346531393331613735653930356332316265393131616561643931343430
+64616531323165396465313661303238313563356133656537393937313032333234383164333766
+61663132626262343034306338373563646238656464623030386332633531386333303237623261
+64313732343138323063323934613962383366643933663863373762383533626165366231343638
+34306138386534373834666637613030356433353930343565643361656562343136626565353666
+63373464633639303036613734303465363063363233613330313836653533626336323135376130
+62353961653332363336636436306564376232666334333865386133623036636139363832613565
+63363235373134633439336563313137643730373064383538396333336364666165383333666634
+34316530343335336366396537373330383039326362633439306133653566633265656666633836
+39653766333736643430613835613866393966613034383664663036326538363364623432396566
+38633261633537393264303833383438343761616130326263366332613638383665326464383466
+63333835653732313362613237326130303561386236393839303362663262623634653939373430
+63643766356432306430656536663864303763376233633732633536623162383362373566393331
+61636136663362303661656636363861363837303131323932633563613461613332393830363131
+38323332633030316166353364626338373861336465336430626234313561393932353730623364
+31356632396533636139636239306133386432323866643536623838346130613535613632353238
+30663736346634356336326665633561393961396230626334636366363566326334643835633564
+62633062333733383237633137623135363864646262366235646265623430333039616563633734
+37313462643266633163663063346332326264303439393062353562313535363432616666356234
+64666563636165313932376631356237643938653764626435393134653364633138323235333939
+61346237386437343239323561326561353961353732356533313130303735326230373562363037
+63646432633731666162363430653135336164303338336566343165663565356233303566306164
+63323466653535336432333237646236636465663935363436333561303362633639616533333238
+61643238656234663634393436393335623862326266366166383264343266366631303132646134
+37353133346338393862343963336332333662343664363739636238303565616462636635333933
+64613064663663303565396637613034333832326262333034383530363064653236626134396332
+65653639346661386236303034663766316235366366646536656235663233383565316439353434
+37363063643839643465356339653863653535633264366533393863343131333839333365616361
+34323739653364663838343565653432376166646235623366363838656638383232643461643763
+65626466333762623865376465303730373832353736306431643539346138346136633635653465
+64323665306430623336353439346536373031323335373566343630626235353134386230333331
+64633631306639353331336235336662323665316265656362323333373834313964393734313635
+34306136633164623961626631656639356435623038663038653633383263316631616361376334
+35613963663336336132333663353939623036346666303432653761313930396163343365303935
+33316137373733653232663231306432326264393461626462636435343632363563623637336236
+65353438373139366662653630616133396461396235323237626130333863323164643134623466
+31313433653262613637306332383630623530343234353761623064636234313835313065323462
+30316531373833393730623131333830323138336533306532643330363634333739363436633130
+61323066323234653536306231356563313939373033626535366362663965386363333966313837
+61353666393566653436613339313539343966393065393338623738656234616462633134306264
+38313032353062663865646233666565333333303666323031343235616266396232306439626236
+62373734356433663336636433313766646439336633333031333036343639343163313461306434
+64396336636130626636383766616438393338333362643436646461646361353033313462626262
+30613339643036386634313266333862343537333864386165336335613934663939336132613366
+34643535306462623537386339376664633166386136646361373861306139343037333833613632
+35346330636239376264653163633166386339323137356235616335306431666135306466343463
+64333639346134666630303136633235643061393037616538623032643466346134363365623666
+31376436326465323766656232363863313232613430353135626136353164333832333161353630
+65616230353764303334643531313263353164643730626135633139623762313732326634643035
+35396534656261343232626135376138656637396336373966656631373336333837333832386133
+62626564616664313239363065393331396332333261653736623837376466623462333034353236
+32316564643432306330633430316334313863363937303135616161373438346437383739383934
+66363837633961626463363633396434656133633935653561623832616634613564356532663833
+62636237356263323432343832383661386466633439323662613834363665303037633734363236
+31656462393830653966653365656133623565383931393063616339303164623866396637303231
+66373435663761336131306363373963313430393864393036376135663462396230623430643664
+32386632333539333137633536376431346335356565303439303864336163616561613363653633
+35303737383435663234343239643930393138393936313766363764386133383735623662366465
+37316663646233393531323237396138613438656336303035336632343662646636616239396437
+63353065643237653239373933323564643261353038323831383863366535666163343438396234
+64373634356136383361316238623635653763323666313432633534343462616265623862626439
+38346630323666346633343437303562616463356262393639376139373232316332613533313164
+38663764633365366461633132376365666661343739303330326330623564366333383534643961
+30326466623365383632663461333937323137356431366334306635616136313066646364336330
+62623036643534663530306137396136363762633964373166333861626138636365626264636539
+66393162313466383935616630636335353466666230353339303639386433306132353164353834
+32626436336631316530373565376537646234363238636139383833346161643066346133326433
+34653838303138346361316130383439336532356134663039306436353633343332656635323331
+38383931313333373663623165656434303366663131333634346635366564303639393162656266
+33306637383964616135373136396235373738613734306237386664653334303961393265643539
+64646239343034383537663135623766333533343736326261386134666465353864306263633735
+663266623932383434623965616332333663
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Romania (TCP 80).ovpn b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Romania (TCP 80).ovpn
new file mode 100644
index 00000000..19fd69be
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad OVPN Romania (TCP 80).ovpn
@@ -0,0 +1,144 @@
+$ANSIBLE_VAULT;1.1;AES256
+30623833623031303638353536646165663165633665636165636161623434333763383433393731
+3635646336303136353132623532346165666239646461350a346261343636643639626239303730
+35346239613562366561633137356439316466616232306663363462333634373432356432306537
+3165356362386338660a663630666533313062353839363162323031626466303464616535636465
+34656434343839643565373965653836663936303164313337646337333634356534393764366535
+37313135616565376136643565656235333862343433353139353864306433316439663230383239
+61613334313330383431616562366166666530613564376236323033643736663134633261626631
+65336330393334663765383837303034656131346164336666373766313463633066356230646235
+30313132313664323365366263393335336361386364653761653031366661646339313330303038
+33656133313763383434336334636534303030636235633231356231643363626531616662396134
+63616132386662646431373538663962646565613433353632373066333633636566623264323937
+37353737613730613536316432333361323433363664326436636164656366303164626538343635
+65633133353931636432653237623133626361323431326233316133303866343864623864326532
+33323562356464323835396232386161616530313933623632316436303937366632646135383537
+35313839316136636133353336363665333235663166613939633035326666373866653935666639
+62646231353266366433306564373037383962333638313036313361626231633830633135376632
+37323538316138366564326432386631356231363531346135626532653437663931333130393665
+38363962393535333834363837323739313030353461343736373530306566653433366333393134
+33363461393166396364303164616134333131643730396264383066616538393437353730383335
+61653431653039383238616136366438626338646661613064666462613661653566613261316233
+63666463363566663164656466653833343330353161396636616437646634396430363231383130
+36396664616463643334653861336533383535323965646433643463393430303032376563623563
+64626565623833386232306465646533393731623734626336616563663635346236396333653435
+64646463333039353763323264633637613837316139363262663634616539393963643731336237
+32383636303538383338313637336264366564386666303663613466613138616434633163326264
+34643332646333366433393261643738653738356331386639313336353630396234656633326566
+35393538616432656466643965633139646363633562336433613764636362396562386165306463
+62383835663466626561303035653033336135626562613939656638613239356662353838396635
+37643738373766356639626434353963613065623662303236333737396466653235373838343436
+35653830626434386335306566383333643466333031356231633634306263333137656336363831
+33366263396433393564366662653533333136623365663034663632353230386433383334623761
+64633565323231396132333764656631353237643435326561386361353038643939626631633464
+34373063646135613562323235613334343134303165626132656663333465316432646138313066
+32613539643364383961663133306664626235383733346461373433393330656632373462636639
+65353536386238316565623031353264393062303531656231623239376530386663643937316436
+31333336346365613163613035393661313233366530373462613032373064333334343562383662
+61316133623735346437643765323665353531363566366165653334393436306263383163386238
+35323231363563666638346634633961663730343664353734313530633361376331336635363332
+31653834643738653136633930373635663265353163376436623736306566313636613863363466
+39343464393338633333333735343432353163656233313261373535333731303637376631373935
+65303365323363346334346265646437313032383139373066626232636533316561613039303139
+37313733373239353663666232663735363664353461303339653866383731366137386665353633
+33373639366333313864326538376264306166316139666562383864613166656333386262613738
+63646631623230386334393566373833393364653533666461613034306235663766353065313532
+33393334653438313265643435353439363864303464656433376262336265666535356332613365
+31643632383262386530393731616265303533333832666332393235386236663261316465626566
+36623133373266386532613231386166316162363437343963653633373336653232303737313731
+30383432386633663733643761323032346363333363633866333735373062623232373130666463
+37626530613566636435313739666633613661316138643832303337313136316233623961653839
+30326330666330366664316432303439656533363563623333376263346266393032326137663734
+66363639623866316231333939313637366535303965373236303532626266346332646232366237
+61373331633365393466323832623538323965626232656263643262353930383334316161373237
+31313138346365313933616462366136646131636266363630306136336134633435396166383664
+37633030613862373933613261653963346137653231643237636330376631653338323537366434
+65656636623332366532373936343038343833366534626339616138353433393335376637316335
+33356365363935613766663930663461653737363663656465666661373034613033653062333836
+35316532376238373866336132353331363233656534336136633837363034663866376633633734
+31653061356139656432306563323431623432323032373937653631356232323066653137383661
+38663265666135323238323861633036643332376461373539326236346235623462373237623265
+66313938633735326165636161393837663131613431376434626537616138333033663635653237
+38333963636130373834666639313764353064326236303732653834356238316463616239303138
+33633833326362643936326161356539306365376537396335616234653766343732316266306335
+63343565643137656365373538666362613532343936643266646535396466343633393935373730
+65373634396533393735353032393331643562653964666437386662386231303337313865643433
+62316534666238383934363931666631363736303233306363636431643666333361373566386663
+64366134333036613762346439323638666537343639626263663439306465303361633264653666
+64333862663938396561623136343766336665366338366430346238646666343735323930666338
+37386461353238633239613036343735333933343639633566333336396339326134333730663237
+32303534306135636432396537396266636336326363653965343730353935316263343935623333
+31373233333337323237623031323838653466323331373666323131663666306462613761316339
+65383737323363663036343730363565363865396331303430333634353233326338373738343464
+64623963616539353831656639656531383966633730383033393866313230663138333432376562
+37313463343663306234306530343437386166323539306564383334353038613237393066376536
+35363066653339363963663632353866303831646534343466633138346130343962613830356234
+37386430393735653963616366373564343864653461346265626261373461633132653331346464
+65633764316161326637623530626664616531353834356135386238343535363731313533306634
+30653766363736633933316530666130343663336533393462373132313237396661326162393532
+63636137336663623732343934386631376132366132613137396339333235363662656437396532
+64323062393635613164623166633338663264353536643232336635356433636530386663663732
+36643235613239383166623361313439323864336132643932383665383138346633376533306362
+62636635393632343562303137356263613636616332616439663338316465383864376138313162
+30313337393731363232623763643736306331343334356361303234306665643564383161313161
+30323565313066363365653765373565653165333363306331363264303037396264343664316665
+65396136336138303632613462653865316332373437393530323530356561636137383862316135
+32326531663933396538393838653030653737643264316336393061643739323235333338336664
+63346264303063366236316232303965666565616332386136623466323736363962393661336239
+34323431333432653530613662356563626235376337353464323538323833323934343765396365
+33613939303638313134383665643034656665343666383230613933333035396136646634376466
+63363964623765353864366637643466643935643531383239616435323165366437353765623566
+33313734633136626132343563666238323864333430663262313738393538343534356233363134
+66353931333932303438313936356535636265396437313638633034623764666639376231663138
+32373966363764383736376530613162303839616230613334353265366435623133316666383061
+39353033663230613837383534323237643433646237633762616563346231636333396564313665
+65373363396531663462656236363833303362333534623738613132313165346263643139633431
+31343230313064633436643531346166373064343438613630313531663034636563366137353865
+35363730353362343366306465663261363335326165323031623832616630333962323635383232
+34303133623335383564623763356230643638323262346437326230326162386164323438623535
+63636536313730613536306264613630656266333732313834323064623765383631636434336439
+39663866343436623961313563333431663833356466333966386630333262653235653162366536
+62663933373963356439333434313161323465396661653161316430353232666534646637616266
+32393463613261346431633036643862646264393361306136633930323339396166303964626465
+62383534666438646562346137643262333765303736363235313365623631366462376333623238
+34373563376432333564306239613937326164656432633861656464613730653164333435363936
+37613662613338316464366565376239376131386530343736383533643531333437356431383935
+61323739343130356133366261633164656566356661353566383433346566663638383337653832
+32363334346432666338363164333231383661623063356131326332613465323336376463636662
+39663666386466323663323738643166356165333263393866333235383361323239626233373535
+39343038613166623634353436383366643462613263326539613861346565646661356630326133
+34343439323532343632653134653639303831363136373930333661336231303764306339383838
+32643763613135363436653063353134373337303863316537316433333432366637633034333034
+64323962636236303865636666343433663464343030373935633534653461386536386466373339
+64313634366661623833366263336662333331623731653034333062333764323034663538333533
+31303264373831663139633937323666663662383661616166323737626231363731616139666665
+38336337396561333366646563323138363032376363303735653939306562323231346364376533
+39653534356632616266663136393461666232346332363330376630363335666234313863653765
+66613063373630366130303339613661656264313139656331633534336132313333396363653035
+32663034343363616162323861656265306536316432656631303337356638383437666535353739
+36383637656434656330663266353866316462306432393361323039306635636139626432363233
+31353135333061383362636338363034643337623231306262636166306435383432396339313536
+37373562313331323163346564303732616665643862366161663261313132313334613864383036
+30383961356333356238363932653965316430366533373166633538306332386232313364323438
+34633532373333353666373133316436613134316236376431356134616265323261663237346631
+62656333393265613563343134386366353436646166626466306639393162303432616132663538
+39663635626162636664653331646662323635393463643465343639663134303737383532613335
+66626630656631373037666635633461633362666536303535343039393632303836366561383534
+32653936616564303831633232616366613938356364373433626365313861393230626531643136
+30346138626639366661663938346432306236393862623462346433633565366439336235343661
+36326630353435333836633563623137383537336435393565383736306639643065626262303737
+33346461356632303166636631623665313963373962636535646331666233353963373537353038
+32643038633466636162613361306633653361626162346163616139626462343838323136376234
+65346235663135393237336664333037316633353030623733346130313730303032343364383437
+64643230663364636334346663313464303938636131373032653635343932336166623663303265
+64663361343633636533363861663963336235303863353536663831646334383135336438633133
+35633262336238386137666138626363666235373766396137626335636136336133396439646636
+65356630663061396635323233333838336131373032303065646138363961616433336339303864
+32366635623963376237633365366631666161666234656430326130383165396636383766323461
+62613864653939366635316137386365306562353631623062313366366466646564616431633335
+36353935653735313630363434343235373366653965646431353630613034333566306234316661
+61646436303366636638376663323331313335366338386238646266383634336337303231393365
+33393830616535373336333961643036373735666632336366316233343930653466666231393631
+38643239373031326533623534306432303365386539663038633433313839313633346362303431
+33616164383035373861386533663030616366346365353466343332663832623638613830656165
+343335303337353130376262356633373139
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad Shadowsocks Serbia (TCP 443+1080).ovpn b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad Shadowsocks Serbia (TCP 443+1080).ovpn
new file mode 100644
index 00000000..7a1e73f3
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad Shadowsocks Serbia (TCP 443+1080).ovpn
@@ -0,0 +1,260 @@
+$ANSIBLE_VAULT;1.1;AES256
+36636166393666653136383831323562356534333032613563366233333737653333323161653062
+3738633965333239646466353236646165366261623837630a363731383832613338666335643338
+31386162623966336535393064383931323566623764333966363565326663303132333836663232
+6237323435373265360a393730643735623133323434303464313461363239626662623939623236
+66303665383665333830653066393633643265333335636462643563376539343433313632383032
+32333730653537623634616338666239623165303262356330353063326361363737333063646332
+66353865313632656438356437326435306565313634386265663862313732643130626336623965
+31636236633338366663326534396637303532363839643031306464323930323065323066393061
+62353737323936336262613333306637366537616663633132613636323338336632303134333130
+39306439363332366530626439343535613831633538336564633735373932656536376630613864
+62643762383131373936306438356135636433663836336265386436626665323635303833643032
+32343335383338376637313032366338623666313636633231616438313531646632346463376533
+36386138323433323634653839396666656334363930613231313466356362393335316534383831
+61336532383265633334316631373137356236643761326230336461623165356238633430663964
+35306534353031333235636534326438663136383732313962636332363734393563623532323137
+36306130646537323235633766626237323434623935626330353635386161313739356631643136
+32353133656435353930356135653365313662356635656432313738623835613664616463396235
+35393231646437643162666639363063353230383732666363616233616363353138313163393537
+36323733636433353831616232316161616436303133633735626164336465333461393233346633
+36623630653435653663306331386138656433393231383966623763643766396132353833306264
+31626531656363626266373435613965613834633034386566303135323831396663633539366638
+38356534303462623138663833303330396232636330356166663236646438353735376134383365
+64613834316533333430376135663231353830326439653435633433623734336430313163383761
+34636339653665363962623232373632626465383264353434666463323239386264653932616564
+66326236663664353038633731353662636336646630346631336232383437666533366134663833
+63323166623062323334666230633935333532343065656131643338633463613233653163333661
+33343362353032323437316532396638663561363130653265623939343763663433396366643962
+37396132313862306438333538303763623966386333663465373032396537616361643831646336
+63363230636166313662323931396330303965636337356430376635663234663036306138386265
+36666230663039373730376639663163663164303933313465373463623564313630393265336431
+66366465343032303737353837346161326133653737326366663764373037316163663738613933
+65333533663735306431343730616131373430653561386564386638623530336130653162396535
+30313535373930303934646461663234643339653530633039613133316334663762363832393436
+63353363343933653233326666623434343732386433616638623466373735363233336438376338
+35363262633061633339383264303035303236306139313363613863393830373961393830326262
+65323037356165383630363932353138393161303238393835643737363134626434383030626633
+38623138333666323837663238613534393966336565636566313638326534363561666138633563
+66336436303964656666366165393662663165636435393230633035363339386361313533616264
+35323565323961313234653561343639653461393631353136666130626139366238313461336337
+39646462646339613231613136393133333134343434623165383266383065373836323632303635
+32643461333636336364396164373135393439393163366461613038326433366539653032623530
+31653162383731616336306536323764656635643538316261636439316231366539336235386461
+62356531633932623262393361313635616236666666393232323363313338643832396262626430
+30376337636265343235346463643634626665373034303139363761393734353234626537333039
+31373639383639313364303231316334316639323364656232646539386563313738303264376334
+64336631393661653938363964383536306261356362613365396564323164666566363766313736
+61373566323231636166613966373232396233623138356161393761663433356438646631326566
+32366661626563616365393831383639363965363731373162396332356137616562386637343538
+37366234343664633763356561613861613563616630343136643730623934646163323138323663
+64323838333535646636353262373734393338623365306263636533326665386437643539303862
+62393464363366303934313761386630653430633733666438383766663431303037653638336166
+64633364306632316561643638326533326130653331303561643931386463663638393362626231
+35303765656436613133666661323638343931626138363033306562623739323662633766353162
+64623565363937383933653638613562313166663765633666623133373438303533656530653035
+65333339383035343361303734313231396261336463626666656165343630363663333632313638
+30346665373332343366303238633766626237626463343466616361346237363361656463396665
+63613266393563306638643134616339643434393861306332386562303631653337353030643036
+63616631383861353766336433643861366461613232346562316231633637393738356331343565
+32386562653962313463626635383536643830356333333635356234313463303765626636303063
+65616164303432666435626435643337666530313633646338643630313561616332353131626535
+30343034366135633164386661316466633934373636633132316439643931383433656134663962
+32366362303033626535353331326666653466353466346332383665643032396134353430323866
+39653966623231623965383433323539326530626230376331316366363765346234353230313763
+30323132626263346137653062326361656237646136633863613339616235323335663065313233
+65373166366434616435326233663761636531633466333038343234356436616135633837643462
+30626135623236373836363261316438303138303163386133306265356565376366356431353165
+37646332323935643732663662646366316133326633353034316330303033666638626561623737
+30663961343930643837366632616531636639646664356236383935366537613464313066323336
+62373631663364313834636662363731386533333764396261383034656631333566333036343630
+38663333313238636161323466623537306461313332333930656439643337663335373464346139
+30383966353764643334376631353264636534666264326533326664633761303865636663616261
+36353037323931663861663932393435653466363463306434346238323961376566373836333863
+37653833646538336231353732636337343761343136333062363935396161366237313962366563
+33336231353662316437336666353436396534343461356137333136376566643835336566383036
+65666363363834366636313037643062626130356233376633646637353361633362623939336138
+36653935396564613735393330306430363335353064386635646534313866653364343964346436
+62396137393732623931353135383062346465663638623030623634643163363632313238373238
+37343938333537656438633662663137303863373732616637353034663561383037613333313932
+31343835386237386130623231393138646465373134363136383031356462326466313762653666
+38366534366464663135396162303034356436323663373134313238363234376430376131386436
+33616463326666643663333435613434646633353937613266346136336538303037633431626337
+31346361643039373861366662626266653665353937356536303831386638646336316130323732
+38313365336565313237383831653863363634316231356436303466613864326630626339303962
+35303265653030316661343030393662633662323165663831656139643661393330646138633836
+36303933353238646334356564643066633966373064336565643136343339303934333138313536
+65373266376233346437396566613737373564383266666162613239613531373536393231363663
+30633230663632346262313232383262333830653666313930656539333735333162366632356164
+66343063643030636632333332633630323264343738653630666364323133366535343132323730
+62333932333031396231663232333566373039393061306166323639336531623862656338363330
+65363337313134643236336133393339373866616134326566613432306563386166393135626233
+33333435356630363531323735643437386136356339393230316638613232653433363864386665
+34343931666564383430303363333339316134623763383761333662636361623866336437663436
+32376337643337643963353361313933316330656635373561663530303631383962616236393463
+65383461353934363762666361356638343136613237343166623931353030383036326134306337
+39373132633736663030373864396661343833316534643534316338336233383234313961376132
+63303037346462353566316330373734633762626133383539623865613339383933643333306335
+61326131303139396534656666316363646236633938323530363066613330646131623333643962
+32393833313464643839623439376638366139373039613037386334633834366637653962323332
+65303633653765353162616334333535613565643831356165343264383064383564613231326238
+39366335343863613361616265376239323331643965346662303764393932373336373766626634
+36616638306262653538383938343764633634613562303137313362353438643331653636323939
+36303537383336386136356163346635653765373637386131326461626632303538656666633134
+66643531363233616131393234646137393131383838326633333931363935313437616232316331
+32333732633665363236393539663365376633336234353135333966626139386664306362643364
+61303638643366613135653938316633393531363034393330306639656334663737336662366237
+62633935316234663636393937663338356134386430336265663633643065653239346165316534
+39376338646135383737623166353063353436373438356636623063346464343935613831636530
+36343362623834373839646130376665633164313064643438613866663364343834616661666339
+30376439383863616531356530646230336562323966363164326339373031316230376461623932
+31663364316532653437393532376436393639653366396266653234636436326162396464313863
+33343836353461373833653636333663663361653033623235383035613562383963356162333933
+31663336626433376466333936383631623936396164346135653837386265373664366362373864
+37333636323363393737366465633162303431616637393730333166306139376339346331383236
+30666364636361393731623534623432636133326439666631333662353438653236363235353838
+39303262653130313530613236643261356137353361653063653238303061386233306566343963
+32646162646531646439313937323034633031343231666238356136323939383932666235643339
+35346435656163353362653238356330303261353735333261346533623030376632313263626630
+30656532306336666532356632313935323365316435353462363732313035613933376363666631
+38613834333932353062623233343034376563643438343630323530363564323033363962346262
+38393465363938346334303830663431343266383065363338343965353134663062363031643163
+30343964626331613838616234323830346631353138653232366265366439333438656461633938
+65343164313630343137633065613864353066613536663131326632303861633538656235363236
+62383835383162613666323538643566626137356639323239656137316164383061303763346634
+31613762323663326462383364363633373533386332366137353836323931363931616262626166
+32376164656462656431623938653766656233396463356336346361303836656662633039383534
+35653630346163376630393935303935653738613966646164373136386235363664643965363238
+34326535663331303763346234336466623234623434626164383431336634306138343439306666
+30636334343839623237613536313131313865353338646566373237313734626230666238363431
+36613736666138303162326131336337326665313563663530326530313765396561333765356362
+39633766306536386230353762333134346633366136633538663366336639343135646363653037
+63613633383237363839366233303336356630386466633266613162663837346265613664306464
+33326334373035353332363530383136313933336436356163376361616566393830646138313862
+33646532393764616435633063353938356634393464343363336338333065393739656165653633
+35666165616564616633663835626461636330306130373938383666343330656231396161316339
+32353066343638313436616632666330333133653366343739373133373034313737613464333664
+64356465346162373331343239636366363738653566653330663134633365643233356661643234
+32396638326337343739636233623233633238343335363336306236326334386334326166393036
+35386263623864623965613431633438643264316562383134363163653464356665323334653233
+62356436393865613062366337613831313334643737626538643337653832653133636130323164
+39656437613330623262633134363239616430643238303566386337643265616162366464393937
+62643132383537376266643036346433393464393662643330363434303261303934643265386337
+65653131623935343135623832326631396562306262333765383837366636666437626636653137
+34353365353762613136653131633861333762376131393035626334303331663430303330626433
+38633762633335663233343234343333383164366331663039636535373736643432633336373931
+64613666353636363439343034306239316464323832393238333461353632643331373966613131
+38373539613936356336373733356538653065383163373436386666333464383662343438346234
+61656330396237633832376233353364336133356362366463623236353536626366306664363766
+62666561383762323636396232323439346661643836386336393764393336623330313237373538
+64326532396566613365646236303236613433396332643566666563343939303830323536303766
+35363165353133386437396432613538633835346165356331303530626539306265393461396161
+61646464383463353631616261303962346239663932643833366433313365373036626563303736
+35353236343265386531343963313033356334393730653763386666316539363438306264303461
+31326534663231373038313964376632623738383862313061343163313937356138386263623131
+32366439333938316334363635353262363333656531333133653433646336306438636564383132
+36663861376132643037396533323765643834666663396138623333356663383665643165393164
+36373438336365383730323366306166626362333739383831316232343030313162326164623730
+32613433396535666361353936353735383930633032383532343162623264313837653537303137
+31373631376537646431663439326235613239353930366561633363353339633430663832616438
+38663530346465313838306166373934653537336634323064363062636262313265376533333036
+37366264303236396238383236306665626232356537333961386532373163393035653438636463
+63386638353733663262633361376539326138623234353235623962666637353038346339623932
+61666435343535616439616435656664383630313665656366633664376631643730306631373930
+35666434306430313537646136373136346261626633343337313963636531393832373039633237
+65363035653532323730643766643033356564363761383466363066363564633032333964643034
+61646130623537353263363633363233323139303034376665373339646131643336353133386164
+38366265313735313162386535613237386337343931633862656539336262396237393532396561
+39356130333738336330383936333637623131653765393632626236666436303334363034643635
+65303936356239613761323562623064663834643037623366633138353931616636386366653166
+38396137336639646433343834343031663466303433323764613362356536353365393665656563
+65643463356361346662393939363037383639636535643963643336343532353465383933346134
+38333732626465386164383734623435646533346162633465336264326336366130333462633165
+65613332633532383235383130613436373535663966616138326666323233393238333363326433
+64613264386466616461386234373238626131343032386335653337616566613363393464326530
+37353863346362626464353936373431303261383330373238313938376463356339653664306433
+37343033666430313736363039633766616432386363626665333131376533613033313164303837
+30323666363137383437396265383338373639343437623534353963383234623633343765326137
+64636263376231383732653362623032656130396365393466323162316632383135366561316136
+39343663396662313139313632326535373736353331366535646633653333303865326138663336
+36323331636634366536333139363132373666366333396632383166663131383338613530343235
+35346534336636636461663236316665383038656634356164353939376338306632633934326532
+35346464396161653963613239323631323165356632663736633562333363376334336361333830
+30303438383238646435336666626635336633393961626366383330316436626530616232373433
+33303362653666616236633362383235663266323534383032383036653562336431343332353263
+64303765373030343736363230613836633335396634373633623561323231373830313265303164
+34363361326362363637383432643261303339353261313534363935376533636564353432666661
+31626130343037346461376561373131643737626266386339316431366535366631626666353138
+34346338643730653235666564373661316139393836643761353630633732626165356262326630
+36323361333633653235336435623936356430616633373165616566393964376364613533626139
+64363534393232336439633633363262323132343635663938363237313161636262353362316662
+38336566393536313662626436653135663434343032343331626134376662326430623734333938
+35323163303639623738616432626636646237653635656638386434386531313534376336636664
+36613533373238313733363661333135363034393362343234366664623331653664623833303462
+37396438356337376237363364316138303632663963323563336462666532356530616666313636
+30363334623161363835386461333566366638303262303837616364373566383461353865646165
+34326365303161653365346332643631303262636562636264366661383830383566323633623761
+64303236643433313339666366363063646466666130346232313766363731643666656236636139
+61613532356532306233386338313831333735333763383030646630653938376465653063626435
+64666438333038396664366235353130663761326261643162323065313964333937633564306431
+33346237653931663965623838306634626439616461313239383935396338663562323935303831
+31346535386230626431323264366331386134623730623164363737343766363538656438306261
+63363938666261646431346631303033613731333330356339326662643266366336386563643832
+38663939393532386432633266323631386439363332666664306437636336383834363061356334
+36663430366630363831643261646430663733353233336362363563663138613164383337666435
+30343635313264313033356135636362323034353865623535366533376636616338633032383035
+33656161623839333336633263386137366662656266656266306530653938663063303463343438
+31633936353338613738646339613134643461356238303239636165353563663765393033326536
+61366139386238616639316233366166336562653461663535366435636233333765316365373365
+66386163396333363365646330383664393238616661316232373063303038366130316233313462
+62373866663863653834666536376363333233386632373464376166356134393136646233376562
+39336266643935346238353961663039316431613134613739623930653436643936383033636536
+61383232646133623931333265353735393536303439663834303333346437363333363439626235
+61633530373565363134613733663938353164303237646466356232363431343738373832363033
+39653435313932343334366136336333346631396638363233353333326437396337383662373135
+32343531646266303539386231383864303737396565303762363234666137303332323365356637
+63383135303730303662636162343531633836666435376135353933666331643933386636636233
+62653662363439383639663432663832376139343934343666643537646435363463616131613935
+31666236373864643739626365373338613837633635663734363064393531306430326236383236
+33363466313466613633336661373232656639323235393464303234633734666266373535353666
+34316536383963333138646333633765623836333734346564356230616164323166613537383431
+64353165363132656664376432323431396635383038623339353333653231303237666137636530
+33343163313161336130646230336533343630643766643366313063633530303033656566336235
+33393234336666343234636131636133373737666434346239353835653138643966626139636364
+61343036303333383539326637653630313663373030316236353837363032306362316332656663
+33646636343764656462323432313765623835666232663637666566656565623132653261383261
+63633531653834326466646132356137363361383433363830656361336631616337346132623736
+61396263343030396563336465636130356137363062393931666664393336613330313131356166
+38313164313037366335663334653636376336333338313439616539373564643630643264373937
+33373533316563633863356537656334666434643134633763653032626338343132646436623532
+31663639383865363138333837326262366530646466653234316133663132653736343335336662
+63323462383238396238666565363338623531303836303738393934366331393838313032626361
+36643632643531366235666163373238623634666635666161636562313333346438616663396364
+63303238636337636263343463353837393265373436633166653264333930373738633039313237
+63373563386134613763316230663332383736623434313561313763663333616666343837616431
+31343962333663636238353332383564376631623634623732366130623534333865353165303565
+37333234666235306135313838656230633561663530353966373766616330636337313265313564
+30623933303537666238313533326364383237626134666262643166346434633338376262353132
+65626136346263646132393038333139366136333162663336383565663030646238393638373730
+39616436326461356262386231633163396333343163343063353834343734383163636435303863
+63653737343934393935353933623161333030356436666566373534303966323565303734653839
+36343663613635653939616130333030383337633936323333336362653866636663613763363539
+31316266633837396137663039313563306662313038326335373835333237303536623766356639
+65316333333462646336396366306436666463386336646231313337326663626638653965386135
+64646639356639633761653333306539363165396165373865666365346632653836636533313938
+37333762336631313164386338376139323734653462303365323666386633366261356638646463
+34383530313237333131356430623635386561396135393766653862633765363761353338643136
+61306334396632656163336363343437643439363265636164316162666362373063653838616136
+31333665343862323262363437323662383166303337656466623365313034636261356535363631
+34323832626637363737663530316663653965333938613031613563636639323630613762613463
+33363538613565393163343365633762376630633234396531306537343833366430613463366536
+63363037333139316364393930396537613035373036373665666239643832393830643964373939
+36623833663264303735666364633533333961636636353865613638356139366166636532373636
+63343936336562613062323231613030303934383234646232343938623563383536633463313535
+61623836613136333564393662393166653364643330623761303063336332636536326238643535
+39663231363331616233343338626538383935393265396237383337373431376362663638633039
+64666536656630336534363932313630343833316462313730356561376537313565616666613861
+66306632363336623330666531333064643961663032346165333636396433653964313834356131
+39326630653031373865643038663931386364346339633139396130373135643261633265393264
+64383732346464306534333331633438303330623631323835356566626562303735303836623063
+393232326631646435393366303438633234
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Belgium (UDP 4888).conf b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Belgium (UDP 4888).conf
new file mode 100644
index 00000000..42ed12bb
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Belgium (UDP 4888).conf
@@ -0,0 +1,18 @@
+$ANSIBLE_VAULT;1.1;AES256
+35666136323764656664653034616161643162396564393762306663383535656234306631346561
+3630646164333163373431303130633233366235343963370a363638346261313739353861643436
+65643361656562333264323030633533363234326331383361383763336431303364633730366431
+6462323730306462370a343439326434386239313639326161393634636535353830353464613363
+32303566333938646330666662343738373330346538323962303338643935313332366161343632
+39633934346533393962363430366161343030646137656366343139323939626131323834383565
+30333461343235323739383831303466303565306136666264646137653233373838623037663838
+37393631353862396134303339373162636633626464653637393265666636303930336365613365
+36323538613638383364313965393439643365346530656263663466643163613837363930643266
+36343036636264666235636163626138303634363566366636613762386334626237333532643834
+38363634316566633363396538376636323566333566623065396162303863346532373635373632
+65353138396264333261613733333761393431303237303435333438386334386537633661613262
+39336633383334336536396135643533653736613661663735356330643830646162376239346266
+62643032616238613136363633316633333739333763366537323934623765366165303237333931
+33353031613663333465666333613031363566373664653932356439353030366136376336326536
+38373632653339333737383837343935383436636530363038353039366636633733363265303065
+30396330393430653161383664303239623037643132623135393761363139306431
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Belgium (UDP 4888).nmconnection b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Belgium (UDP 4888).nmconnection
new file mode 100644
index 00000000..39b14f38
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Belgium (UDP 4888).nmconnection
@@ -0,0 +1,32 @@
+$ANSIBLE_VAULT;1.1;AES256
+36363965613139316630313838383034646131363861366631346539613561316532373636653766
+6566666138363865643233666431353036666230643134620a356137373964653736636565353335
+31376535663035383333323563313832616232643633633635306361313561333338323138333766
+3331373866643432380a633665653534396531363632396465636338393964353835626465363836
+64343733336133613337363864326439356664663432333264646164343836663264323137376439
+37303330623962386265653136323464343930616131306339633730316366326232326563656165
+34643737366139643136373834613937613634313236373663666562353334643635396366383137
+31616534353334356463633362323532646463336239333662326335303164396366373066626638
+35306261666436396638313536353638383663623039353431623530316261613461626335643566
+61356163643839613866626161303565666463386634316134313430333038643336626162616662
+38326637376337373332383136636432333031356632303531616464356632323737323834646235
+31623432663465613330623762316263613266643266386134303261336633333131643536643337
+38323237346161663164393334396130613836363136396461303561363831366334623634663030
+37393832336338333731656436643466663439613063346638393935633664393139326363656531
+38666437663132316162396161383265363734333463653961633164343065353330646463623430
+65313934336366663262663462396162616235656164616265306335333733383936393933613035
+32616132633332653862666631353833643064346631623039373161396564646463333366303631
+33346364363461313362343433623439613938373231303338313530643438303730316561646131
+38366536326630646437646332313232616163316536633236396337663866636535343735393762
+63343165353161633437623130666232663837633065646639646533326433323231666133323065
+34333566656162373764663330373232363439316539633663393938313566336638646161636565
+32333838306562626139396431623964623862353139323137376132343332333362656165636430
+62383634653464306432653438393964316334616539333061613031363635373730623633303761
+37333635353639616465626431396339373037353836623530626664306565613766326536643261
+62306462353861613163656566383262396338383134376339626533653036303331346230626465
+66363431343033616637393961643139616130626136346566356530343237333064323462393031
+37363639643834616339376139376337636634333765623463643439376335633333353938323730
+39313631376336303465343830333533633431393030633935323430323864306539643363333264
+36333731393836343835653330323131386466666464636561383365373834303436376432316166
+65633536656331383165336463656436346131303465376639643237393766653162656363363665
+383932366165396337356538333336393830
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Japan (UDP 4888).conf b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Japan (UDP 4888).conf
new file mode 100644
index 00000000..3ce4eaf7
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Japan (UDP 4888).conf
@@ -0,0 +1,18 @@
+$ANSIBLE_VAULT;1.1;AES256
+34313766653862306361643631396461386630643939616539353336333962363165626439636461
+6530393631323466383439366163303031373437666264300a336333316530633361393836323239
+66326637363234356436666466336231313837613030666465383165306136356264326332313133
+6261663266613639650a363463613265616531386561666431663366343365663635333436653637
+65636565653362616234393235653538313138373232336635646461306537386134323462316239
+35633431616663353535376161393664353263326364656361393035366237356638646661306632
+61353434343930663430316239623830303834346235353536636436313062613464323030333132
+36393338666664333239306465376165306437616534666564633630646439313364326433346665
+33393932376233306365393733356164333537356330313663643765396535323730353361613465
+66336533333633623431313261666234366336373938363864336634643961626261626135663363
+39666430396339633433633061326331343136333530653432333737333036353331343938323032
+61306164373232303264646433356565363532653961643439316639383038646163653666363434
+31353338316639383533353163646161633839613263303738333434343566626334346463646235
+65613665363332663330393136646234363162333532303331633138303364656339396139353061
+39376562393334626139373865383131366138613837366330346437666361376636333834623533
+39326163323364643830366662663764316662373434323839376336376138303632613334313236
+34393462316535623633333935313039636634323564616562303562393161393066
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Japan (UDP 4888).nmconnection b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Japan (UDP 4888).nmconnection
new file mode 100644
index 00000000..57eee4a2
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Japan (UDP 4888).nmconnection
@@ -0,0 +1,32 @@
+$ANSIBLE_VAULT;1.1;AES256
+31303731393032613836333164393339633639323132316265323439313332666239393531646339
+3135666162636362393335313761363462626365666661630a643165623937663832353230643964
+33633436343734333865363861613331623364663361383466313634616132656135613538656232
+3163626364663463660a376162313163373734346661333563366539306538323561346637643062
+31653136353163346431333532393738376535353261373032663732636461373834613164663434
+35386133323965326363316437656234393931303630376265636666653039353636656261316463
+34373563373961656564663133363665623266393365393766306531336465656531373739356462
+62383962643563346237353039363664616138393432303661383063363936386262333137366538
+62363534306434313062623234646331623830633461656538346464316662396265306630303132
+32393862333230353439633964313330363038393336363266396230363363613834323733396366
+34653261363630343061373131363734386235633131323436373061326661346237623736613963
+64623966363731343264336635373663356336383562643064613839643163666432353438336131
+30613561616262323961636466623533396531326266316534303663343238656562653038626363
+61623937353261313963376333626361613633383465376565383730303136313631343236316264
+38313863623361653637383861303466383432626566313062306638656533636536346439643665
+62626439313065616533353834393066613333636464306231626232336163643031333962363337
+32323731303638613231323061363162383832633164656165396237666337663131613736656438
+31336361373935383230363838656231636562303739633336643535373130343766383033336266
+30393739363632623339653563396333383533623132663161373639376164663233336463336130
+34623036323563356636643261383037323239646465663938313030383835653762613661633266
+36666265363633666639366436613334633364313063643239376566333133623432353734336132
+65643432626138626234383761616664313433633034626138376562383534666162363734656134
+36336266313336366639653134303232646539353965306336376130313834626239366338646435
+61353137346538366233663236633665376636383133396333636430363830323763636435623930
+33666164646365313832636434656234316461653435623332616465373565633836323337366538
+30316334363861363961386666306633643531356366326334356637643034646665376663303839
+31633438366435333330626165326537623630356161373035333566376234343435383961346637
+31643836363739336431653437663833376535636137303635346364623562613639666665313063
+63653566333930626561653965343934623434316461666163393263343236386232633731333532
+31313532343637663138376332653736373637613965663364663932316565326635363137353561
+613437343233616162623134393664626463
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Moldova (UDP 53).conf b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Moldova (UDP 53).conf
new file mode 100644
index 00000000..83fccc51
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Moldova (UDP 53).conf
@@ -0,0 +1,18 @@
+$ANSIBLE_VAULT;1.1;AES256
+31613765326334333635646132333036363230616438663131383964396339333536343738633133
+6530653830616163323437336565343537383164356363640a636430613235383436303437393730
+64623933623031303662373064666661383234386237653139353266616562643333376231663239
+3265313530653131380a353864366139396536366465623461653964336563366132616635653430
+64366233353836653134636136643332363538346333326633303032633539393239376663383364
+66656536356139663761626130666432633130643036313032336633353361646136343866613066
+62333766373365633234333336343133613932663333663634343961333433356534333463653561
+63393737643431613864363234366233353836656135356536343863363337613766393637376535
+36383933303166643464353161396334363135333164383239613438633265343539306431366233
+33356437663533646335623035346538326464666135346133383165313132323164626135356538
+31316332613133616532653339373366336338343734336431326361646463313166313734653065
+61623461383462316536373834616266343131306463386561626234333664326238366561663066
+31356134616562386535343863323365663232313131306266393631343539636133343165663861
+33323037363163306166336463633561303537326137633361653834623230643036643061666439
+31666534373033343438626132393463613766303336326334303533393363343231613566333332
+64616666333936613538643837636466653863323338383366353333653031336233333236333366
+39306138316433623763343934663033303466613261343839633330386231636639
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Moldova (UDP 53).nmconnection b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Moldova (UDP 53).nmconnection
new file mode 100644
index 00000000..e8658155
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Moldova (UDP 53).nmconnection
@@ -0,0 +1,32 @@
+$ANSIBLE_VAULT;1.1;AES256
+62333436356661646430316437303238353737633363383737353965333330613037656335383237
+3362623735363732653166393837626635386661373165330a306432313863636339623236346231
+34353139366365373761323638643136303934313036316534303433366165333131616666326363
+6631386662666662640a356339393931343434353433343835306137653466626366306335376534
+31633261633662363463323565393037373061346133333363643861383833366263663462663035
+62666565303335643761393332353165343762363135366663366362646662643662363935386634
+61616633313363623030306137356332633337663939313332623933656535326162353937333661
+37373036316161306630333932303864333263363462616634653533653661346230623130616431
+64323938316238333662353762316636633266626531643137323230333165376436353838633035
+37313330636363343130363735316131656231333731373034643465383065636631383634303537
+39336130353237663537373530656665633331336136353632393230373765396166646635336234
+32366330313332396435633761323333303161386664393133353933356436363031303661343161
+66333235623761336462316533363834646630356131326630643538333437613231366533343836
+66643530343932393133326339353463633237373434333837666233353336616461323631343265
+36633139313265333737643338346437653634663365353732333339626237346334343261353139
+38663731633966343266613336623738623465366230353730646266666562373233316530626662
+63303232333637366238383836343633353936306630633235316661376332333338613734653730
+61323062643436656434623836366166616436666437623235303131613566353636643937303330
+65333764646231373839386434326136353732386433653333386266376336366638653134653666
+30373837613463633436663166643261343066633238643731313061306337313465653965326165
+31333533333866303030663530376430376262373666303634653839393363323839666535623635
+66306531643637396138333163613832626466303562393032666133616133366433646231386362
+35393266636461326237373533386635343838323036666135373965646462353061636165646630
+65303365376563626561623137323964316437613431623365626566313566393634316433666236
+63336134393831626437303931613738353633613862346138346436336565613635396462663230
+32653139656338663530373330383231646333313763316133373265623135316335316131353764
+64656138626430313831663761633265663331323465376461393061636336656335353261303862
+38353963353538326532316632333438303237373233393136366562363261323064626563313932
+32356333653065373762343761306333373735643061333736393362336261386535303737666162
+62303266643931646661383935376138643561343438353036653535323264663432643935393763
+373935643566303035323963366138656532
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Singapore (UDP 4888).conf b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Singapore (UDP 4888).conf
new file mode 100644
index 00000000..0f7f3837
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Singapore (UDP 4888).conf
@@ -0,0 +1,18 @@
+$ANSIBLE_VAULT;1.1;AES256
+64353832373330643765303262646366643863396662396462623532346131393364636337346435
+6438663862666439316239393336626634656566306530610a633966363130373631383637646231
+63396466646435663862383135396231376533343732376530616334363336646432643637396232
+6333333833363530660a333939336364343136326537343264366636363631316133306135376638
+66643466663830313138646230616166383634616638306465316138363764643433663332333262
+61313162306230306565323836663962326539623966316464373338663939346139653136316437
+35656332306666616437656636353434663766616365323837316237343261396138383038633335
+30633537313234666465626264643834313938383862363034616461633064633362363437616664
+61353561376233643333383835313866366161363131303035343135323865393837343065306332
+39633961656133323637353430633834613532613733636364396338646361373766653739313966
+33373733336265666334373463373934663633663464643439373938303832636332313135623362
+31313766353362633837366634643233353635353964626236623062326338303763623130643461
+30613936383137656234616432323963303262656464303631663765303964323532306163386362
+38313362376237303166343731616235393661633466666139396364333265616362633463376566
+37336162366364626235653765383666393531366534356634353130323632316639323761643565
+31353934383464306331323132333438323838333038303661363833313038353138333630353035
+36643164636265386461313264363537663833666331626164323132653163316162
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Singapore (UDP 4888).nmconnection b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Singapore (UDP 4888).nmconnection
new file mode 100644
index 00000000..605948d3
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Mullvad WG Singapore (UDP 4888).nmconnection
@@ -0,0 +1,32 @@
+$ANSIBLE_VAULT;1.1;AES256
+34316564343130656462393832326664663835306165636634316430346434346566353765396133
+6336396334373733383631623638613334643138656334660a396534346661366331353431643939
+34356466613235663961646438343065626239303036366462393765363037326433343666353431
+3464616533363730370a386661356537623765363965393664663766306539643937376338643838
+31666566323265613739396439316365353436666466613463333861343661663537396335356431
+36636231363461303364343432623431353235656462313934353263343230306436303436643237
+32373432653063353336323466346635326533626463306361666532646334363564373132343536
+65336633383936633832656539633161386633383136306565393637346563383935373138343862
+36323436363639366432633337653530353339386332653837346132346364326631313964383634
+65623231336131626636666461386138636439653965346533303730643430363136383466643438
+33326264313834363566383335366562393033346332353334316238323564633033336332386366
+64636338386234646133343538666561396635336236613864373265643832383439306232343065
+38313839333261323134363530376238333931653536656262306466383134313265633230633439
+62663265613063306663653865376163663433393634336465333036313938363638373165366138
+62303164653131646564306266333861616265346639373533323164633333383036333034353132
+36613932623965333866316332386436623936313765323637356165346464646339396233386531
+34363865613462373464663330623336353433633739313233316535313965313962326338626534
+31626638333762323662313433356435376234646363633635366461613435336139303462663936
+35353761353730393166316534623736303463363939373133323531353639613266333166363038
+64393834306436363730646537386638663631326137633466343961393031353039636530393637
+61313639333831663932306566366239313633643566366536626136383265633064383164323366
+65383638306338336132303566646332323866386262386266363561633737363838373864336461
+63353761643633393830653437613031663836653361343661396362623035366435303835303633
+30333839376466633763646330373634666631326265373935306130623739633035623435626561
+63373334306139303636653932373763616231336534366330313332383761623632613038663237
+64313034633637616565383633323830613239386236373265623033393339343036326564303639
+61393830646436316232333231636531306432366135323632373836326436373035613238366436
+65356138616230383636663431346535303735613365383063306237653433303737373930666339
+32333864393163396162393637306532313065323166613234623732343331636133343634616439
+33303535326339633130383437303865653761653462386139326663623631643365386135303434
+653436616563313262323831623265316266
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN Argentina (TCP 443+7770+8443).ovpn b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN Argentina (TCP 443+7770+8443).ovpn
new file mode 100644
index 00000000..000a7bd4
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN Argentina (TCP 443+7770+8443).ovpn
@@ -0,0 +1,274 @@
+$ANSIBLE_VAULT;1.1;AES256
+65376433383034663439366465373736373134653136623832653630306431393631303364643833
+3035323033313730636666643039666337373665353939660a363236656264346630396561633430
+64353738373165613464643539396133303332636539613632323865366635613961643465623834
+3062366639366138630a636565333731366539343334373961373063623236323463633165383065
+30333063653764623936386264643532363039333065343562643162383439643435643132646364
+30343466373732626234346334323765313631646162383462313338366430366435336237376266
+36356562643534366536386431633265623965306232323438303563373865653164326235613335
+36366462663430313831356436336534353338323335613834663330643230333964316463663736
+63343037333032613966623831663532656366313738666232393930313761393135656266343831
+30613263333063646266363464333362323466343132346238353538666632323534363864626539
+31333839326366616263336536623133343234653036613734333330643232643239626137616665
+65316137313964613861633039313438303330383834626231343561633663663836383639663961
+62343336623336333738633161313735623566353765316132653830643335636665663830336636
+36356262653830346538656439343933633530363161383139643765376537636133333463633539
+32303236346332333531656264633830666331373832386463353537353433363535623733366631
+63613038316633653533393038656634303431633932343236643663653839323063333533623732
+38346332653534643764333230353733326563616635656465623835343664633164336535306439
+31373436636133626664383132356436653664386339363739636532356361353464343263663261
+36323330303861666639393564376134643162646264656438663038313334353161353230373433
+30313566626234656632353137303433363931323937323336303764636464373736346432616538
+62333035383562323466613036643464336664356466366266393536343263326534333064313530
+31383332353964656162313662663831656238366463666134343765613330616134386164383936
+36623533393038623533386365653164386537346664616534346335623338353830326464373333
+34316337396564336334646132313565643830336136303839616534396461316664613662323664
+63393863346635333338646632393737396463343763623232663132663137333237633235383035
+64663237323935646233343465373734663432343836333234393362316339333836636261313830
+34633133333231313766333964346335356133636630353964313432366239346635653538343264
+39386666366137393039313732366436356635383764623263316138343034313534626561343364
+64323364353530343834313666666638383464613362623566636433656263376165393737646665
+62396234643134343938366561333030623861343133356432333434363336663138343134633731
+37336630623931303661356161653236623736333635616166363963336562623165656465393362
+32366336346632376132633462323064383139323534663431626634366362656463643737616137
+61313236393962356465623765303835313236303565316637306139646537356330643066333162
+35353235343633333230373933626639653533323961376332643439383164613739343466656438
+39643464376330656462333934653861623265616532363939333537383361373139343030616432
+61323638366166343030323236396538646565613635336266663539323465633032623937653130
+31323265643062366463326430336366323033636230626637643334626530343561363762373832
+39383631313336613131616564343761393238646365633237373032653836663665636133316165
+33373966666132656331346366396636613838366437373731323539326234643830653231666138
+37383463313963653764663934366136306631396130396665336664646138353437316435613238
+32383639656239396239343962333831376430313932396531623931383134346634396164663834
+31396333323932663635653862643830386538336132643864656633373135393132343037623730
+32623639616464306530363737323538346664646564396662396565396235343464333035393331
+30393565333266396163613863396431613661383533343032633539303631323163396233643036
+61313532346539373435333631333130333639663330626231646238303734373230323738353335
+61623535356239303335613333636436393834633864396432656662666664326430313535666466
+35316266393831616565326261363337323164616639353039633135333833653731373161643234
+62326431383536366339333930383135333239393738343133386130363163366530363733613733
+64653861353261396134383333393538383766636530316361653534313239653961313232653735
+30393364373430393162393137396366343230666336623639343031303264306230623865333465
+33316337613135656137333332316231633432323932333963666130633836343765326462333236
+35343162393330363335393834303237376262393565356437376135643266636232386163326632
+61313939313239663735393233303564343336356634386262393361633639623537636436623332
+64626439636638666136306161613531626265623234613061373634666130383332313134646464
+61383164633934633730306633363130326435383134373739353433396634666364366632663062
+39366462653462613132383565326336376266643031396364306536613264306661303136633631
+38326135363734336335653439386563666265303864366666386138633638643866353831326239
+39336535333262333231643034346431306134313134346533393234343038313166626635663837
+38643766336139613634343333313036633831333264333664343835633334353439346531346136
+62613432653936356264393937636535396335383637313237636637303833653436663963646638
+36373337313364626663396263336133346238303933303532393363356264373666356264383136
+31626366383464326663353231393935376365656433306436323731333639353464656562336435
+36306135333138383465323866396330643438356433653135613763613365613639656464373262
+35373537313439653866323531386330666263616139353433343730366163616564616365646130
+33353631366230636334613336333362623966396437616166663836346361643365316335333064
+31303538313964343666333366386665613237613866356238666330656338393962306664623533
+30303065376166636537383765613065666432326331643463313132636666333765323936306561
+35343263303732653336633239373563363038356434356233396362383061663832643435306637
+62346161633537663435646232353364346165656463646334346335383435386137626261633837
+34653334623765383432303162623930363331303536613531326137333639306662643831373665
+65353362623864653439323036363464633162313932303261323837303665313838616164393662
+63323432396238613431303037646465386132653931386365626531656461343335623161613834
+36653830386430343833386238356338363062326562323962396266353330356539316630383163
+62383134613661633265623834303136346237323737396430343661376638653034373430343132
+33396666393864613662326365656663653731356265356663346337643263363965383938353365
+66363563356630396663303764336539643762623162666333313537633561633534653035653639
+36316362626364663830353266663630666136383166653234333630643931343361366562353836
+39623664633364393964393933336239383538393863623934306164393763363238396132383037
+39353063396261636164306138386263303562663335333431383333343630393032663662666336
+63616461396431353734666163376632646561653339336465663661643461336365636661643432
+65336665613964626331386538363131353536626237653734373534643333353662666361343732
+65626337316431643636663538393630613161613933363736616130643531366631643231626464
+32366133613139613532306633653934316239313663353530383239613939363364613033346231
+64326237623839643237653732346266303538316264323839663061336561366163373931343836
+34663766376535616466333461373431616338636136303737663031663163373764643533636438
+63393034383364316235616535336262613131656533653536643737376530646234653831363665
+33636132636633353633353164613137356364656663623135353761306230323538353537323633
+30396365353131333330313363353438313436393237316639376561663264353265623538363261
+65633630303539613935386131353832316230623636653936303834356163623734663161653037
+36316335373531383032336132396335633432366430663861646133363639613339616434653236
+64306130363739316337636632666539613735393237353963656531363136323030353964656162
+32663730343735336166313435333830616232373839613762383461653938383762343235663661
+35626165303837313361393662333064353030343838333161316131666265353062643362316262
+30366234383537366434303731396635316163663162323539386438653063636166313566663539
+37313439323034316665346431303763323365323333616635613064373834633662613063633361
+65623135656635323635303339343033376139353663333137343564353130643431333430316336
+36323737313261663436353331666130666664333465333331613533373037383831386235383235
+38633834643963373836356639353036326236653462343238303035363465376535613235363365
+37663835366133376633613039373530613063333339353530646165303337643132383566666630
+38316230666330356564626638636261393962306263613163663131306566666636346236636664
+31393638666666366163313130356437353833613261336439636163666634333230613533613262
+62623132386661663561646636633333373632393538626530626664363765626232653235623263
+31333432316233316162336630613163306165383433663162356433313537383630623031623833
+33306135643864326135353233333961646665343633656637333061633563376166326630653864
+39646538646366346536323939353266333363666666323231396237356435633862366535396162
+63333338303162643131336137313032326131633266313762643263376663326537643735333836
+31313336383534643235323666313738323434363166373061373235383966383065323966303565
+32346337376339366565303666353166343731373030633031626336346664623032383037303338
+37663365346261626337303833326661336637346335343761376664323066386533643762336435
+64366134323533633362303365663861643363373939343566616337613961306663663338363339
+62356665323835386439343132386564666436623330393834653936333936326336636137383366
+32373261353863343537353163633630616334333938313135336535663035326662303036373434
+31666463363733633930353563656330663036373963393366373334646233396262623735393535
+31333339333035643361643162346432616339336530393232623538633361323730613061353435
+61333861303562353636303939323130636362343931656165653230323062633737373766356265
+61346539333930363636333633653561353163343833643837626163376664363733626661393761
+33646165656164666639333161313066313132353466383930336539333365666535336366613937
+30663362326532633636383164383033363335343630316336656662363737343636383132373237
+37336564383063636366363636666435636564326239303535396533383430346363356438326234
+37666631313335343162383035343733393865366130323337366138386136656264633862613035
+61396363326162653265303439306162336664666165346161306364306365396538636664393235
+36616161376131643634636433616166353062353838643764323366653233336337333261333664
+65613038653432336539623033636163613237353536616430623763643339373737613839626161
+39616437346361303835616261376163343238653030313838383263363635636439333662623531
+66383764393931393064346165313837326666303438626362333931313964373135653930656337
+39306530353635306632636135643461646433353264656664623533343961393933393336613266
+32333433353332616461646266366235623264613938623464313539316332613066313034663861
+33313865633362353063343665306561616136616266343666656164636461613261313733653762
+66343062373634616339393937623664353762326639636164336337613136313364653330333635
+34303164326266313663653163356164663034663065383432373233336537393861316131373765
+36633165646566383031313436623038353934316133356462656539333139373433363164626138
+33643164343732303765656436663262333139363032633638663431306566313436613864616165
+38336261336461316438336637633166663234616331313463353563343737626539613439303030
+62356634316166383062363131333333333532656365353837356238623762333761366635663765
+35326564383131373234386163343737306233663537303666613462376161343230643263303634
+66393363376162656265343563333430346137626664393539646631333265663432353631383461
+65356431343132336438663532366566356561646431303965306330646431373732306334663037
+63636665663130326261643038623364373136653063396135346362313039643436313633626635
+66363836323165366166636538303064383934373039626530393732366436316532313361313663
+35383062643237616666383561666331623863346436323835316362306662656132656563643135
+36393333653132396634393135323432613162396434333261363366636431373261323338663833
+34623031333235306431346136336337393736646637326662383034613062653466666436633331
+36353066396537623138666137346666396562643935353237303232356461323064353530666333
+61626462613137383631306434313763623461623430653137373933323936396464316238633832
+66336534643638303663373861666261306565393636313936393930666230316631623531656364
+35653835623061616535393430396337613530346164306333306465366235343531643966306363
+31356362633364383735353664326336613738376465316439646263343036376631313265346361
+34333536656462643863326163663038646662323161383462653533343235643430316163636634
+33306137366134323939663163343463323461646333363839643135616562373238326432376266
+30663634373066663062616266353335373231643638393839666535343030343035393935636464
+39396634313733396334323164303066386633393161376365346362633963653066333537653839
+65303437333234353834633239623635613764386137363635653533303839666135646238376163
+61623335323263363764316430396631326366326661383137363837333137386137373134336366
+35336539613761373263343663666630333565646230343038646666363363393361323039336137
+34336166313834643339363233343132363430623430626236373039626139336630343234666163
+65313831633334633839636636366638373566613337646230393133613365643934393062616631
+61313231343764336563326636333738333166633931363032383237363238656361316130306235
+35653366666535663163313634336232353230633761643832633364383536363463383465373632
+63386432653333303664666330626362653064386535643335303333613764343463663866613631
+61363662363136336464623238373835656231393365343130633739353461303034336366323634
+61393363373163306663313836613236336161333738616533376364313134626637363435343238
+35376366626465376134393763343138316631646638313264386334613365373438306362366230
+62383362626536643130623237636239333562623133376334663632363666393964643530373233
+33646639336134303935306533643432613134363130633837303636643464323263663863346638
+36396230646138623563646238653135663863386563343036336261336662633166366666663438
+31346566386338323834313862643535643534386663643936323536663165646536393066613539
+36343766383938343265653233613139626665393062313263343539363437393631323632383262
+35396564396533663862613538633663643736383265623536633936393832353638373839363166
+62316239323964663662366236336561343038646264313034326238386663353766353535613635
+33346330666365313235623537313065303232636435626164333564616238613830393439396566
+36633761623330666365303630376534633064306464613163346366376539666132303131653139
+61623936363065303030626265623436376330316530316131393636326537643035393031636234
+34396661336430363861643131336263366239396162633564623433323866326231383339663832
+63393939643739303238393739616632613838353038353531353730333436393032343134386564
+34333263303435616130353661323231336330313936626337346431376366313239306661366164
+62376666356563363936656236376664343630303533633561666537306366356230333432653262
+66643564353265313661386431663537346364393133633665623934663366636364326536303366
+66633630623738666462613238393562363761376565306162306261326230643437376262666332
+30663330396230663939313337363934313833353433646132663764616537356433643436633264
+35626531626339633730653362656537656661626435393738383361353439383863616461656632
+64613462616564666132616639623536326636363339643331346530613130613634386561656566
+34346664303466336266383532633566613066633765626265626438363761346363396537636338
+66633865386239393064343730363433646530666263396337343331623933653666303430313136
+38626232396136313336363637346538653261663232303639343639393966303462393431356636
+37313864663232623238306365353139623430323936636536643836633239336637633563393261
+30353031386339613332383934616434366534313833316632646134656462323439303730386364
+37613935336261303633346135663262373432323665626231666239353135373836643137313334
+35393236326565383066613961396265313736306236623638333932363930643332373538383934
+38386636383031666530333433326438393465323931643566343965643935393263633361333436
+62333662623966663836623762353537373064353837346432363465666165613766393563323432
+37373465626339616661343562623365376635363134623931623233323962653264626337656664
+39356361306562373464393035663763363038656362333265626336633962333866356261663961
+63653165636163656333356130353230313563656365343963393035663963333530653334326465
+39613231623130626133656331626166636563663637616433313662326135323561316364393362
+39316237393836313537623333656237336130653039356139313632636165666162356435613365
+33333961616637376532616164303332343935626166373765373434363262343931333630636461
+63373031383832666462396239373132376164343966636139343437363364396562393632353135
+33343932396161663938363736626535343764303931343766616637643834323536306463306262
+66666635363866636337653161633833386439346439623666643339616533623534326538646263
+31646533613064636234343036393239653434386433653064323261633032356365333533386132
+33316135323239623832643466613537363339333933356136393666333132373039613661303638
+35643830363263643062643862663861663164356330646531386333656263393936383266363265
+35303062616336626439376264653238623238613730623530336362356266373462663766623266
+39353361636665646330666338346432366331306635346137643965316334393965666264323930
+30666633663166616636613636343461313662616566383161333530343334636361373238353131
+62356235613764336536613934633963383636643961643437393433376461613662376434396164
+38646430636165393064323537326261666535656264633438616631376263366136336164386639
+32333565313464626266613563333138663830663337666666623263646533396432393061666434
+37343138306339343365326264663131343331613063383838356365386165333237343464633639
+61636665626330633934323363623839663536656264383832633963656563626432383532643839
+35376439326235636130666432646332353634353937646234613536656136363763366639336362
+62363434653637653466316563613461646161626439653362386130323330363863303730326564
+61323332663934666432616338386133613631316132336132376430636130346134363131376133
+32396138383666353933623332333834626638313333613462613030306239613930633130623531
+61373761633761336530313234666261373436653338633232336336616633393063663864636430
+39633664373763303731396664643738653663336530383332323561333338306566383339663563
+37363339383031633631623035636662653033623233313461333564373632633737313039633933
+65353062303764333364653266363439333537373633363062393633366462306636366261323032
+38626462316136626630613735323737323365326238653230616331646362376639653461356633
+33366263626162366531396164353166313930336137303363333432663966383430633438656338
+37386163396264633961636431303164323632346631653831663531396436303932363262666361
+30633839333162313631613830643330376237666539383062326464356533376437633463653539
+35326530303635376137326636373030303332316437316637326561333161656531383861396265
+38393138663030386366313539646136306234613665636337386530623962363063323864623733
+31313233643766616537316137623030303030616434333236643062363434616339313836363762
+32663062636464623139373162373933353432333964616264326238343239613830363234633530
+61373230663766373737373365333365383762366432303463356261303032323865366537663862
+39303138343264316166633365616630363735616435323032333365383234306166656664386235
+37316132653737633431373737366439356563663135363035646231376465376665373064393461
+66313438656161653365663338663166363134356434623532363061303635346463613165393363
+66346264626330393462306630666264363238653631613833356433613339363534313034383536
+33356662316661626133616664343066303031333539613437613431363835333730646338666432
+34306531323962623035383564356233356132373464626530313333643434336239303839623530
+35336532316564396564333761323239333466656235633265323934326162333438366363366639
+31396366323533333766393232343961633366373365616666646438636633656236363766396161
+30376465656334643732323331316465643738643338633639656135373635646562613038653236
+66633865373637306437386265633338643864366138636466636539633466343036383262313137
+32623537653638386366363737396434613638643336336138333737366565383439356465393135
+31323634616266366234626363633337656634653134383834333438336238393238613166346337
+33656462353236346164363962333863643634613039306138616536316265313030373939643831
+65663165623532323435666636636130653462353338616131316633346161376534393239636337
+36353337363638613763613136643135633031623766636665373030373461653838656163306261
+33373738376534646662623366653431303939306239626635336639633135396538633835323465
+63383065396365643135613938393866346334363632353531643439626136323133376333643637
+31376534396335626664626531356266363135646166396231633465376132383836376665323866
+39613265376436383235366235393435656439643065663234623461663031626462373061306435
+36613765623263636230313936656638376233383964336239386239376238636266653431643434
+62326261633430323035653765653765376638643031373837656530303861353737326632646563
+38336163333166616134656336643635303131636464363964646631643562666630626263386537
+35356265376232636562316264653064663737326231643732633132396166363265616233623236
+38383566376534646536663639646230323164666236326131333761643135336465353366373362
+61343731626132623361616137663732666661346132313765373034376137613864326439633061
+37623265623263303631666163366566656635366262616136323362626263623831303562626630
+35333361386165303138323262626166303334663232616635663265333562363261623264383664
+63326230613630646364656332333561333364356165306237613865643262353864353262326132
+35303165366661373234313034323763363766633965666666366439396566613838313632323962
+35666462336161316261656231626563313535373961326536323339386463633066363363373163
+62366134306661346534636235343635313735623466376166383431313134636535386165326632
+30326134366166376231646538316563333738393232636339316139306265383662623334363639
+34623232643938376566396632626262396430383339653735623132623762666133316533333130
+36393036333039373163333265323164343636323332343936326662623335356366666663383466
+32333364353535303562366564303530323566643439626539313132396261633439653161653661
+65356632663339623238656638383663616335393130653330666338666638373632633264363665
+38663334383232653437393435643461363965613334313566653037646662616237353031623530
+32393535396366366537663236383033356663313462306431646231346164353231656331356634
+38376430653438303739666130336666306661373963313861333265313963366337386131643866
+64636537303532313764343832383161663761356433643331356665663532303331303531333262
+62623566613962313537313332373964343933623934313761646237326232313736396234376265
+65353236613665633565663031613134353534316435653766353137373234366636393834376536
+37303935666536386633393132626665623665643936316364386663623763383062633965626137
+33383531373665623031656135303966323033663334343730643962386164643861356331613532
+30376465356533373866353332393530663662646665313530323339353931313065616537323062
+33303866326263313561383836376663363563333164346130313934333734366435
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN Finland (via Sweden) (TCP 443+7770+8443).ovpn b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN Finland (via Sweden) (TCP 443+7770+8443).ovpn
new file mode 100644
index 00000000..2ab97a19
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN Finland (via Sweden) (TCP 443+7770+8443).ovpn
@@ -0,0 +1,284 @@
+$ANSIBLE_VAULT;1.1;AES256
+39636333623964393164653533393930656332616665363130626364343536386363643465343334
+6235323039346261633561616137343038343737353937340a656139626665396432323031366633
+33343139656263633964353537633938636237366631643266323864306262366137633738653932
+3939666234623463370a616430656463653430303463306336393832383334666332356136396432
+63663261393564663731643936383539323132626231363264336233353237343737313165393136
+65363931326664636334326538303630633436336165363961363063303064316139333838633261
+62366231383431653964313061616562366133333534333039353133656365633564393132376236
+37656432663833326531306366303262363731386336643839306237623339383466386132383062
+37363761356438353735323635633261656234623330666335656233626432313837366530313262
+32636663323163666166363834656636326632346665343863306466343462383636303532636261
+64616566343233316666353464336362376233646136353062613966313061316461666537653063
+61656663623636393036363038626438333535383465633335303631396537383438343464353838
+61646334383132613366613262666530326231616430383439383238396631646263383234346335
+61623166326531353336326139396361333130323636653765363065663938386463653734333565
+39376530363830346334353732396536393363306335343932383331626631616563363532656530
+36616335646466303234653665643064623961343565623864353665353237613931626530306237
+38336637343234383663623738353161636532333836393965626136393731663965623738323831
+37333664303338623861313864376534633639326339363065646334343566313336623137353837
+31396435396537333933623933316332653837623661653238626133373966366363633866646462
+35353234303036646564373030656163303238626664303434333131393062356261313964336631
+33666432386438643933653730366563303938323032396465643633336237353639356335303262
+61646136663961396132313163386232373931376261376635653964623530326431326462323531
+34633138666162336564376239666132366330643663633366326466366663663536393431666530
+64626663623036333539363836326561323938323931306433343763373736643866656261336633
+66343561336431396632393264386631666665303633363863373439316639313434356530393963
+38346131346535316239663862316132323036333965613865653533313834353363616230613930
+31643936613232346133326362626165623230383163613064336166653562306239623164663864
+37373461373030616234373236633739633030396463356239363239633339363839373331633562
+66343138313332306439343438316232303334326665303539666261376461346265653235336362
+65343035643236643333613430383065323362356366366664393032396539373732333862396161
+31663638346636383331383638366632306431633930373737613265386436326534643363313934
+61323531663666323464643835326262623264636234613837326661346464313536353530313162
+39613234643933303739653338383732653032326631356337306566653830363530353763363136
+36396539653531336361653236616137613935643630303866333661626431323733383239613763
+38393761643332323032373263643734636535663533646433393935303163666435393935393066
+33646233336365323161373334313565653733376566313339343464636564313139626635353538
+62396366623961363665326135346430313236346366383730626664626261346333306637333064
+32323535393830386264663861326337313338306133663531336231643165623035373033616531
+35383861326362363132626431616436666334373965633834646239333536333635376639636662
+34333031393935613139393839353262343963373330393932303034663639633535336231326432
+61393134623030333233353733333136646330663263363932396665336262396562663334663432
+61343232636435343965393566306563373831366539623437333364623735663063396162303939
+34623939656230633234653035396133633438326235306663363336646366626639303731646136
+37333530326235643533636161623737336435666431663465303332643362306464313262346563
+33353766363338313037643530366635643763636464656661386264323161383364613632346561
+37386231663531326339623161346366396536346361353237646665343039373130623133366666
+32663463376364383839613234616436356338643231306562346162376130663862343762316637
+62666366336263393536633036616232393362363363373535636166663066383232363161666531
+32336333333934623062633463613231303736343964656564616264393237343666323366666539
+63616463383538313463653737633164316332613361323464326234656562353934636637323432
+30616266643137366566336130376237323339646237353366626666616463626661386636336530
+35356231336161326435366630303665353739353633306430666237333834326662333866653833
+31653131323036396664383565393231666230633531363364643434383633633938366262393938
+30653461346136396633356438616436386533653030623432383862343166663337633937623032
+36353364336135663634623539616637646533303638373739323065633463363238326339353734
+34373165386635306537316463353563666366393436353865636130373135323936343731303632
+63636637353439363862663066653061316333636461306338343038336662383533356637346337
+36386331356538623733396530303639356561626238393033363033306163326365346434333630
+38306131316330353637363835396666333339333530336463336361363661636163373137386538
+35623335663363356338376237666362316336376563316431636234386165336664313439613632
+33633661306164363436303530633336383166653130353065636231393339646563616136373635
+61616536343439616432656163386233366461656562396438363430356138356537633831643836
+61393737636538323065383133333130643435323766626665316462653963346165326164303036
+31333933633531333165356133636237373934356536373830616532303765313263316630633163
+32626332316237646631623135336234353434643638316665326362313533336264343332396531
+66663762393966343134613636363338333236333030386563623931333734336364626565663233
+33316237373631393233303039633365363137613338656164303662303135663963306530313434
+38303263313134633438386436323934356531393636633232333964336635353963666664616331
+66643761313462386136666337383934663630303337643132303165666462326365306566333666
+64343530666262633061303239383930383066346237623966396236383662396436346135323161
+31363337363130623234646264613531626330636438363263333631323733666139616562373130
+64633962633837353939366339353035336136663464323765303039373231303936316165356463
+33613063373062356564613239366135343463303631316139376661623264653166616664353739
+35663463306261326164623166636534353366636234656165383033393932616532646362613138
+62363636356236333631623964376165393934326439636330666531663230313234636336323366
+38326636326334343733346237613435313932356562313833356330653865613236613662386135
+63633639616136363030656236656630323932666437663539626231643532313432376139313364
+33313433336465343430616339363035383766653035366638343634303263333062363632643833
+61663766613331613264353363663335643731333166356134313536313631663831333131626531
+37366364356235646234326336376361313865303864393038383664343463623536346462613563
+64343739626565646433373866383933333863356633323938633863656335326632393632343764
+30613930383430353563396639363666363938636565393431343062643363393337323533363366
+38353339323265623738623137306363366330623439346430646335396465646635653666323837
+35333438346664376535316331653832383735333931383264366566353939393136363439333033
+66313065333931306132333864653832363163633538333337303336356665316365313532666233
+36613139383132393631343533346334346236393163613931666538643132633031643934643762
+39633831666532376531623032613637636336393666383030346534323930333366303137336563
+36393939343838656638616165306137383535316138663765353132356362386535313435353235
+30353765633833366631313661653163633231333532383633663132363139306337383232356135
+39626133393135356161383137336431333162336464336536643762633232366537333332636136
+61323232643665393963303565306162653631663230616338306439643462356532363937326134
+33363839643732393733646532383038343138636661323432393931366437363636356438303530
+36343133613730646131663138326334306533336562633161316366653639323963323232393433
+33326535663034326533633261383932653166623832343762623931386638326238383363303836
+66656265326366313465333864663938373833393536626462323335663035663031343633626537
+38376632643333366331316361663364336234653939363730323764323364336239626639313636
+32303465373166643761633939653166643764613961353837323138653764663239373239376163
+39636563363532346331646635343665663465313233323130343761653061346662633564333138
+30383566376665393533623533356263323166336264666461313961343636353535653765353231
+61613630666363393936383062353362366365316535356266333836643630323266616532373533
+63616564393264356538393838376431396539633862653232333664393633393562613865613863
+64346631363961346434636336653734393533376533386539643065646539623662366465353862
+30323434313839363039343965336332623435366164376135373666383536333337383930646535
+35646439383532623932653263643536626661643064323333303363303961656162643530376534
+63633431343438613036336236653938343638396133336661353264366231616531653962643532
+66636630353864616233623133303464356638386233383831323536346330393737386466356130
+37333762616431616635323532613261663362313332386564303731393134383430656132366261
+38323765666339383736366630346464653639316437306139623161376262356236626533383636
+38363637366539393538313337633331333435616164643637613866613866333061373532343434
+61663538386266346135363363326339633739663765613839316437333631393862633537313937
+31353030646534343338633962363737336664383933626566313432653031616661616538656463
+39396665633936346134363965623636666161646264396365303964666133376565393263373235
+33393862613233616234393166366135316534333363646231303364643765303361326663356337
+34326465393935376133333230663839386561363464333663343763663461313665353936383431
+65663630353964356461323737653432333136373639666165386664353666303866646164326164
+62633135666633636563616136663536303231383035643839336131333136623665333338656633
+37363165353466346265376437343063643536623831313864373630343536666533663466333663
+37373366656465383535623434643534643266323233373261313365333136343133656234626237
+33303164356431643539383936626566656230306264303564626135316364316236643762343039
+61656230373832363736633839626164663430366633326164323831376663386637333765646336
+37383439643565346233313434313263323931666531653033633230393036623566353635316663
+34313439303764643364653237323865616131323834633461323638376636663966353232333562
+63333764343833666431656437353364326463626331346638363561663633633337386534623166
+65623566316634383931353536326238386531623436653931636332616365336163663964303832
+65303963366563326333393365313462313031386236383333626538326433616234656363393437
+34343036323965663830656235346339386565653239343330613937343139303862636362366233
+38343534363830356265656666366365653632623462316666313630616434373137613932333762
+33656535626236316536643936613635393464323565653933613336353931343563376535323539
+39353962663130633830366233353963376638373166306462313066376566353139333831613833
+36373935303435353932313836653661616165366133333839306435313863383661373138616331
+39383533393661333565373561646433323561306335376162623037343238656239376265656163
+31343061663363393233663731323732313037333331326665383636373532666134343164393463
+63376333376464643138313939383236663336386666626538323064326430303361373931303764
+38636462323566326130626264373839633533633830323466313765626330376264303536653433
+31393865633962656631303462376131396139363764613962303566366137663439626534623363
+33303132343063303964623032656236386663663632323538613763646238363938363433306333
+30393833303863393730653564626234643564356132663234346666356564356264633264366565
+39336239616133326133363832363136653537653238333766633861633434646566376662373534
+38306230343865653961303263613561333338363637386665333065626364376262653532386665
+35646539303438343131373566653638653037316438323139346562306636333133653531646261
+65313063633832633339393137313631366430643433313731373632663236663963666231363436
+64373138623739623734376333303663616364383634343662656237326431376236623964613632
+31356433643066306263383935666637393566663330333566353537346534633633326437333439
+64313362376164356334396431633632363231663533383764613362363938346238666237396336
+33323766663338373764363166393632346231333530346462343239396531393033646134353962
+30303066323065623266363364383830383262383865326564343030346538326337353036393263
+35616166663436393065643638396536373732643765346534663439313136343166323661386564
+30393330656331623239613861646564636438643266373965643832366436343362363062306432
+30333666643865303532376336373434613537643136663331643434393035303036383530346365
+32663363363033306663343338653334616564353334616637316132666235366436343864396136
+33336235653436343535626130393362663964633931613638353533313838623962303634316465
+61383162616463396661363362303436613362363036353965343531633834336236396138633135
+33663738653936303836366363373064333038393966323466353134366330613739313430343030
+62313934313335646165666133626663383834396162326131326362633639303237316235383661
+30636264653266643835613435356365353031616563316663663066366334376236386336643263
+39633233386532633931356430653536376663623966616234346433313938373163636435643639
+31653930393236626335623031363430373639633961626264333665323361353033336531343032
+62363034343734316436343663373239653664383837366265376436303964613335383735303765
+31333865336630623631613636313365303062613931373635326230316531623138666266366165
+64656464353631613064646337303933383937346531316636306661333036656337323461336138
+65383864363265386666366632366132633664656437663833616338636337396166643533313365
+66653034333261376337353166373564666464636139653830613639326637303961313461393232
+33353030376131333033383466616163363961616261643564313266613966396466396338653432
+37303735343039353138336561663139326165346338393731343330343865326235346136366438
+66373563303337346338333237666437616637643638383762643736656161383064343566383338
+31643164633038353833326235386161613934366632636537316430636661383264313865343838
+30663139343464356332666637373438653061316365366163623832383536623435663935396430
+65333462386539643135326562616338343165633961666234643137346632633732306665366335
+63356231623933313462356536653964346530333563353034336631633661333334313731356333
+34336566356433613230343165373736356266626435396666386164323961383334376563333239
+38313339663732643965393539316363663338646161353862396535316562373330373939376663
+37643661303864393366363336613131646237643633373835363463323632653661303466613364
+64373432376361356265303935616461616534366339313037333731306335366566636532303632
+63396332316636326635333537346264656361323165383430363934363738356164356139346137
+39653134613031623830633731386261383534623633636533626636313362613439643036333234
+37343733376535383031663433646564376262623233326337313332613931613839393237316164
+39663661646530383636373564306336613439663334386232613133363836636235653266653063
+32373662323961343666343032373365623835306230646262626132356434333437623165633538
+65643966373664653762636533386633636231626632646534376263653562653231383530613633
+39336138313061373561613138613133353234353631393836346336313031636263356631636536
+30623964653437303339653830633737393138313336386462643133383131323438313765356562
+62323463303739346464633762343031663363383832326534643331353030666637653634386634
+36653233386464356130323332653038643765623434323561343639653663363261333430613232
+32346631626463616666383436313964643234663437366637623936653033613061646361333161
+35323133316461346532646530336430326265356134323634643531613537373738363330633130
+35613965323562666238376234323936393035653833313838663066626266616463663731303732
+64663364383237323735333131666238316138313239393136356233303739643162663839616330
+62336666356235636535613931636463363135333639626538653138313965376638633435656230
+32643631636564383636376662636434316433303839393035383039646334633131356331663964
+34666163313939343863633130356133313432346635653635343833613931316463353766333664
+66313831326538663361333338383930326436323235353534303864633631623738613838356266
+63386135396636616332633633303035613663653934663036303264316630346562376564353036
+66353462383236363932383835386536666632313261333565373336613038303264653164336361
+33353035666239646334666131326638643738396461373635373762393236386137656534383534
+36316563313765303333383063343564316237366361633165333866646534633039393438646532
+39613732386435663562376563376335396365663165373763643539356262386639326664326437
+38636263336264666663336465346237343934346331663838336534313935366562313632663566
+32303630363831323166666161326662323034376162326537306465393934306363316661343330
+64346331323337636233396263623366353834393935663131373161616639303839313437323437
+36663561323166316231396439323033346634386636353934353061316364393530396466646665
+31646132393038653136393235343465396165353235316463303261363735323234393634373933
+66386231363965333261333638633837616239393130383161663736646364326633323462306261
+64326630323738356136346237393039363764366238373964663732313736343332663731313766
+66396236626365363837343037666161366435333033653138363231316665333366346564623365
+63613233386138393962336662303630336230316636303162623539363635393462313530616465
+65633261363933626433313531333833663566366531343530343566333765393332356561393939
+30373737366634396338643237303362666164376663363864316239616235653434323032343932
+38373363373232643736363738646162616463353538356639356464356637393131623338666236
+32353464643839313061356530373734383336633937313834326337333333316431653733663633
+38396364653531343239666630383864623330316435663736396332356338393636336266363833
+37643161323233323438363165623039643830386437363962643534623437366664326131666162
+64353338373964386438373163313331393338313739353539323961363563373537643765393065
+35666566383136613336353166346439623034643939303963313161333761323330653339323931
+65646239616163613638326163393663643665623964393831633235653336333033323832346131
+66656662313132643634663530653766323730373533643166653835666161363262356561313263
+38343864336464333064393636623538323031623263393730633439613033626431323566333739
+61653231666562386536363632636336666162386638373439373331316434636461396137363035
+35616531383261396434346238343135626535363064613735653536383464306534383930626462
+63383564363766613134333164666132366662636463393561666439333236313536356330643461
+65623130393735663132363366633932613737303536353731373630653237333131333838343564
+34663635363562363332653135643236613432366437633861616633313734336334656263646361
+66393963653138373134346236306538333238336630663963386665633935613938316566323334
+36323264616238656661383138316132653938653834343863396362343232663732393035393836
+38666131623133363333626634333438653836656539663830353235623864363331623661343035
+39323164373536316565303738366264323461323637306537323038653333343930303936313565
+39663239353230396661653735343863626565633531323339666235656538333636336265353163
+38613730636137383839656632333764323538623864366263666665343437346332663766316437
+34366339346164306436323065363435393331373064383562356563326439306362616463323539
+63343266633739613033636465393937666163386662663335396531343038633163616137343138
+61313137376336613030336638623665326637373866396335383030386338326137383864653733
+62363932346234626138656434386431623133303632333932373836313237366463393539643062
+66623530386366656631323130663135363831666432633435643262386435646332653632636561
+62613132343833653465623032366533336530663565623830376436316565333963363764343235
+39626132353837366437636531383532643234376161306666326662333839336166333136656535
+34306336393263383261303238616338633764316539306664363061633935366637633937343931
+63323261393332383763383134386466343337356239366230306637663563656561653734366134
+32313266303535333039636633616438393238666437363131633066666238663936356661313562
+61376336653831613963626530383632333433626261333830316566316561323536363465396331
+32333262623664663965363734333364373335393362303133396539666662313731366334303235
+65323338323365633366303862376565353534393161646335633633623266303531366339343231
+64343535376663623066383336393331353130633531643330613132373061343430313866616430
+31343961363839303231336534353130306562663564643733306361373762613632373531636239
+66326665313631313561613437663162393033633334386535616363373235666364633361663663
+31643931323335336565343338386131623332666439346338313463353033383163316562343536
+61383163656434376430336534343939373939346166323463613632383535366335333865353166
+65303138656166313639336462643136636665343465383238643164623833343864313237643830
+63323731383365643537666635633666643361643732636532373931363136306533343863666630
+37663066336632353233613434636538653536636564366136366332383634386431626430303561
+61616136313432313731326264313063636131333930306430626264643237613361663535633634
+61656161646664316365373266303363626436643661356638633839623136373239366536623736
+35653861343866656331303134383566363436313035643861343835336362646630343561633639
+33663531646436613966663063626461303635626265653432306239343062303332306534643566
+65386564373533623530326537356464323038366139333965613233373435376239343638313138
+34343861653466313766336530306131333136653030616164663738663461363061393938343435
+32326537353033363263336339656637393264343633393532316634343132313239383537633964
+32346461626334333131343032323337386161333637386333656238346136323938356264653665
+33656439613039313638326134376531336336643665663964316334653437666462643963363563
+32356433613565396436316165343862366566373664393462633138356332636630386463656362
+32666531653962643737663839623235656166316630383336343230666233643930663337653835
+63643963306238333535646430303933393934343766316166626233336531613636363266396635
+64636330616631623130316239303730316433333361313762333936306435643634363962616331
+63363639626139323332663631653131343438383130376439646665616632393963386539623832
+32626437656361343639356337656232313035623762316361313133633631353133363465356235
+39303531613036313439383162663732313233366230343530383339306137326437663765613965
+64306139663833393131653765326339643136316666326363386635666331393765396364303637
+38626364386632626564383066393637646563626337353739356337663563346164323638363764
+62323538646239623631643736353134643131343338343565623535613137383237393136373131
+33646438366232646433366236336537666431326632363637653963373965396537356466346561
+39316437363063316462316265656333623863313765323934373064356439303262336433383466
+33323331333364333733326564653961626565383366323136383736353531313633396534656632
+61393466363234626538616163393039336262613633306339646263613464663433343138623065
+38343464393135626565333663363262313537376433373265623436393937336461623361643531
+35386366343131306461613333353165663365343864623065366136373334653434646662613666
+61333161663966643564643663313734376461643864356637363765383630383162306635373966
+65643166343031666633313537393566373165656466336366386662613531333736643264646161
+66346437396463373934653038663861653666396139366536386236643562303663623130363835
+32396638613033646633626534333732373336356234633561313864396664616561383431323864
+31636663303464653639303861663661336366663363333338353563386232623235356666313937
+38313234363431643962343664643237353164373334613263343233666232363434366434623734
+36346430386663366436353635383161376565353539633939396239396338666464366438326432
+34653966616133313335616630356335636234336132396464663637366430643862623266373366
+65353435323266656439643766613966376461396133643031616261663039303838346331613465
+373165346366636531656631313261396630
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN France (TCP 443+7770+8443).ovpn b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN France (TCP 443+7770+8443).ovpn
new file mode 100644
index 00000000..20b6a1c7
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN France (TCP 443+7770+8443).ovpn
@@ -0,0 +1,296 @@
+$ANSIBLE_VAULT;1.1;AES256
+35663030346537336234636462626336356238323437663433636666633134623437336438336631
+6635363732313361373535646139313738313463323966650a626634373261636432343263633733
+37353734613237333363643164616636376138353232643764633066326530353234623236653737
+3936303564393262350a326236343862613430313935663537356665363537656232316562376131
+34326566383334636363613366366465623366396235666233646237656535393832663338333465
+34346431376435343461373234656531353862633335613939306361343164613334653963616466
+34333335383561386530326266653139303538623164353631653830303536326339653334306464
+34363164326636646562376261346536366634363766643266346162656331376466363632313761
+35363766383263393862373133616561343231363964313430323566353966646432363433623063
+39613039653535376562353434326532643166633964346463313035326530623530643435343032
+34373935386534313161323931353962373161343035323733393961346365323430343431323137
+35363238393032313663666430656133643263383664333033333336326561363563653434353630
+32353234386364326166393434656235303462313136643439336139633134666234646135323138
+66313761316439366666653161323862636136356536343530326530326534373866363762376230
+36333766376534633238666539303964333431326664366632333465396662316364333466643932
+30616263393033653163316564326262396563323436313463323866643664383363306438323732
+34363965376138343836333664343733616439383138636437323332383566653433313836653561
+30636231623338343766623563376233303534646334623135363164623966393361316638343966
+31373065303532386331666164356434353636326163333735323337336163616336393037633465
+62366132666137613839313839353033303931396466323838303630646436323037663032366339
+34653265666336333437663332623836373531663932313731376332646139306135326637376163
+39636364366361323236306432333066386262333763626264313330323864316137643731383033
+33613734613734653531613035363533623634316661663031323633376464333966323166623832
+38656139613131333034363533316230343238313362316261633430626230373663346435363634
+34363866653933383664343461646238646261653939316430653732396138326566363430343262
+64653361646433383138666136383230653735313861376138656662393534653636333366346164
+33383036393532356635653438666536363139393138366264383635323432626365356132386365
+33333338613761353535616662306266356139636561373163353631323261663163616161356235
+63326462376665343539643330363834306330376133636238306262323233633766363238353531
+63346435623062343765666237383138363564636532366262626133613330346230636263613935
+66636134313632373937336530356166333866346464653432333630376332643930396362373830
+34306165373736623232636161343831353232663538613532343265343033313164363564316237
+61376639373431306335386337363035353037373163383165393531656339306465343261363035
+31623334643335656264383533306135663935303766646330313563623630376436616666386536
+35363363626332623539376334303631613061643861643037616363663531383636666435373538
+37626562326265646563383435396463663332396135316434646530386339646533366462373633
+36313637663935666234356133633730323062373066633030363165663639666631393964356662
+38353538313938306533303538393631323963343662396535646134316437653266663731313862
+38643631643261373064643964306165646633303463373234303538383139323332316438313562
+66613537653431666635303866366430663337646236613665313835323239623231313462333439
+30656565393939336330633865643038383338383261363039613230653466346163643634616365
+30636237343232333461316236356630393238386532373836386235366632633863313130323361
+66356365366564386565653830613835373963336138303830303965653062643034313237333536
+36616661373864333439666432373533666637353063626536366464323838646338356635646430
+39383537353938303062656634316230663635613639633864376339373132653137356135313130
+62623631373932316561623531316634373934323830356364383137323731333630323138666630
+66353039346632323130343237343238333533653036633066333136643562323134386134633264
+30346565363631363661373335333363656637386634353436386463313138646463613765333637
+39656464333962306633343765376335623931366362306631373038646536646366303036396536
+38376435313230366665653930353361643239616330623566386663633934623237636437356264
+62666333383461346163376262646438316435616664373432336636633137346265343136303032
+36353137643036333833306632363931383739356539663631323561343138353237306430643665
+66303130336234616439666539623062303163623432303632386136363535613832306366616338
+66306139646664346266646439383361316337366437633036366238396162396165326436636363
+61393963663131643238313133373533366236383536663865633730326261646364643435646465
+35646166306231636363346333343038636266306436313137326432353661373164363435393762
+35313865626262316431356436623363376531626433643138643362663061653863316436646664
+39616563343139616232373061643561323961613733633530636335613130643837323838333734
+38303865373861343061393462326534343837366435643765616234336562663866663738633134
+61653266396562663530343733343463623539393064623734356335336461356366316130366331
+65383566663833643837396335323661613439616233396134613265663236396235303439383831
+31633537386236343262356331376633323736323462666439343561356531316563326662323666
+39646363366231396664643335373265613535383632393665326232613533396562623032613735
+65343936363261373461643731383862643763346131323037616663393566323639303336366331
+66386533353664616261333536323830356466313437623039646462663132653532353166653834
+62666462643539366132663163313338323635303364356233346561626365356439373365363737
+38373765363864663031396132346436313065616362663039386564396237363737363735346332
+36613165663437646362623537613165303033623136636234383431613833383930393662326432
+32613130303266373034376234653161396636666139326537386564363438393962613833343163
+33653963366136363563376636653034313364666663323336306164646230333331653838336562
+37646364316331363338396364313430323462356233313134326464616539666435343833333566
+66333537333562383134633839646137316165353963396234653764346466656564396262336265
+33323531323165633830613263336164363935303335353333393839386666383662343331326366
+63373864623564663832323439633734316132626564396364353339633266633861613836643138
+30636337633066303631653238346637313566323131656636393939373361396431346330343165
+62346533343339646539353738363933613563386137356239386265343664323039326135343665
+34613665623764616633333739373466663238373163373538336631663164323033383935396139
+34653038383136646536643565623235363937373137343132663862386334656630366563666536
+65323132653465653639643930623032336434373565633230333930376566363732303833343564
+33316639373562393338363765353264343364613064633833663236356637333234313432313034
+61303739653439613763386566343234363633653661316435616261643132373639313465386435
+35633431363530316335333162363263623362303238633435316630613435386662313939663437
+61646563633661353762353932303263303562666536353732353863336463613237363965376662
+64313037343631373035333938393261656661353261626362326236356136623439306234623633
+38306466376366663335363530633936383963336630343339363534346438646466366163653737
+36326563306631623266343935333433613631616438616365316135646631396437613064393266
+39646537643032353230353832393966393335623830326666656536363032616335366231333131
+61646461376563363565353161363938633831313666636130326337316236323835623234376461
+34376533646139313063643762346665373837306163376134323934666464666632646665633866
+36616435323731323237633531346565396535666463663733333634396537613835303638643566
+62396263616364623731366263373630643961666438643463643933343262393366383764323735
+64366462626564346331333765383736346661396539336134333031653236633939343634316138
+34333066346566613761313631613432623139636636333866313763346262383065326136663134
+38343063313836633237643132653339663333623639393636633666633539343661313431653634
+31356461343136336265323164323766373634336338356663386639323430353436306132376461
+66343063303763646564386637333136626530303966393431343234303466303363626532323361
+66356234353536343233363436613031636433623835363066393664336237326463313935386534
+32366331323332373137653838663334313234623662623032306463363061663738343235303337
+64336562303761343163363039613030396537626461353761333562303061316239383534343137
+34626230376665653166373337643234393339643162653135386131333561616233306630616463
+63623034303131396538313132363636303463623431663562343037663933383335373432656235
+66343338623236333831643835393861363533326238656237633434343934383630653134336531
+32373066313561363461393434303661383234333030366436653662633536343261643230343966
+36323632643764343338386338366261343937653465623765313862396365373264386435323461
+38386636333465313330656132316531653766373163626533636533326437633239306330383830
+36303932336461346530643836313439326534633965303265316139333234326530373938373564
+37613630333564353738303863386330653636363065646136353633316331303932333466343631
+62646661313566656135376630373832386337363236326437306662313266313763636439396330
+61633831353832353763653233636434336530363436646463623765663137636434313666636161
+32393964393763326434363137316433636236643364306635636537303239616336383136656363
+38323532326439323030363033306533323931666136373735343830353835613964383166306134
+35363763666363333639316431346238616365316365663330336235306430383530366666613030
+36666134653632613062303363663362363936363934363838333134333636306239666430333236
+33326434616135396161313839393135626233313237303530343830623161353064633738386466
+64613263396439633561326363353264316437383936633735613336376434653038343936376166
+66313936366430313535663364353164663836363565343530336634326639656562663230343536
+39303535316239326261336131323630363136383264363333613836353836373761303636343037
+63366266323537323633656237386338326637366337626636316466363363633737383034336465
+62313036656133373639336234336464666539326564666430633134376664613832643938663566
+37343436386339323865393533663934386465333430386537316132656531613731663561333830
+33623634346534636365626666666532643366333431376661613932643461386536626534663263
+66633832653865363862393133313365316565613935346564633831633634343136653230643866
+36663963316236346364303336316330313534316235313333656433343932333339626563393561
+64623963313639653639656137633863666666633933666231633538396631616135313034613938
+39373661313466376238666231396337656531663836343366326461316364613066343935656331
+35393261663033643962363433336661653232653138643465633831353839343365373563336437
+34323536613434643738643735313839373533366335303464333362323061333130646466326136
+32336130393866633562343762396364636531353161653864376431626664323130386139633732
+33613937343431633134643734353861653632303231613934323639316464346334356133303130
+36623331306234343564366235363332613831626533643630356432666336333332313838626634
+31623662343261643334383532303334346164613363346530643830623665623433653839323865
+35323262613436353864383633646261336238313139643430626430633032336364643438383466
+33363836323834366137323232383932383465656165653065326666663530323336616233373534
+36653466366632386264373834656633316338313062636130303931653861326330343534346331
+32623936373530333261663834643562383333616236356361633264366230666630376263363832
+35323430366333356535653136633561643137396134613965386237613737636534396361386130
+64373134386331386434643839326632393162613733613661616362303064386338636439636139
+64653665366631306261313261356239613835663139633936393432376533343639386535336332
+34396635333835626437373931386635336134323037366361633830323763643664323964316637
+61626135383035656532663239303163393232633638386131323135616633313438383037346135
+36346439333135633533316563643138666664303766663137303965653235343937313062396463
+30363332316635363839333035373138326666323536356336373964383230616263663162346137
+39386261646134383061306264333734646339653532316635383964383764353031333464663838
+66626664333536333862656436346462336566613035383265313331393433323533393238353532
+66343335666164363930353666663637366532373562643933346537333735666463653566373031
+66623864333063653531363738656337626639633837636466653939386566396161666638383265
+64383962333666653164373365323834306433336563636337653032626135616630363632326536
+39323738316561313765363263323161643762656231343235643534333966386466303236376563
+61636233653536333136663930663866333534633233316661356231653134336435373036643734
+34363332653731393934323433393933343162303638373562316465613662303964646466343338
+62646366633531346265323931303566666435336261623962323835616461653363646136346335
+31393364326431633538633061316630663565383334613463653863613831373566663631373230
+33366665663863306539346232313138303237303231626533363932633431643139373030373636
+66663939383065336333633562326431306265333131386165323234353233353934363033363363
+61366163396435636137396166613139353439386665376538383135313234396437613534636263
+35303164353935383539316337346634376639633839653830353033623361636634383361313335
+32306638626462323337616434336566393335336138356561613139636462626130303334386363
+63303538643061353737393933653566393866373038666336393939323166376538313233373137
+34663163346637386363343436636138616366636230643534616264346465336362366231666131
+66333666376663396334613935613463343036333664633066636536386335613434663963613964
+36353137633163346134386162623230306433613263653633303738306434636131346134363361
+30346131363637656630303839363966306664616632366139383832316365643531313465306163
+33646538653739376538336665343966386461383439623834376539366439316163333637363133
+38393938326630643863333836666235616662316333623138393933663063336432623030393266
+32656162663763633338356463353366633834326362646661336462643964626464373962386430
+66373939653766356333383464393562326531366234346461326361336332643564306164623664
+31396262626165633730356338383162323136643738653133386235373065613461383232373736
+63653236376661363166656635333039303535343133656262323030366237356431333936636134
+64373732383638623233313166353036636433346138623532653762613231333635383634306263
+38646265346336323830303232353830613536373864633530353833343234306234396662353061
+34313265386239643135323837346664363466343333323835313062616139353762623835336538
+38343434373535353337343361616463656533643932636261353237373532333139396538636238
+61306137666563663063643639343161646639613433646232373834313061356238363465306135
+39346332333938663436666139333664383036316637656330356461323537616532316361646265
+61633465356662663738633532623033343232343830363334636161396133313933636135353666
+33303863636538626131343563626437663833306531663735303134373062363335343565626164
+63313637373035353931343538633535616534303166646266666233346263303739653538396433
+64366566616532303331386262323561376166336434356165313933383464353262383635363366
+36393233636430356333306439326665613066313030643166633436383563363839393034343432
+35353636656137346535623830633039663038333163643662356439656637613564393332383533
+32643030396336613161363730393732313430653433363335656162613364663763316363363534
+34333830626532316166343661656231633038386135336165343532333131653864633833373030
+31383139613461336337383833376664643332326234386134663239326332323064373866323037
+33313537633764356232343866373563643937666431353062373263383935346665363965363733
+65353933656336323738373266323238396533333236313162636331373831343032643462316230
+61663231643062313765376663353533663463343234376666346139323238623034373862343636
+38303739376133373665663861383530316163393732653435353237616465333139643564376566
+64343964396266366135323037363330393330373837333965643233333030383732373366373831
+65666464663430623664353062353464353837343236626334313037626164643765643462626266
+64646331396534363232336465323266653561313962663063623362396232356635306234303964
+37623332323237616232646632343435616538383438646436663633343033643835353737306532
+31383438303835646463396530313738353538313131633764626163326364356331396534396266
+37333539623630303765313166666664313838326634373832353665383938643436393164353038
+62653034636431363735323333323736303366393963653462363866663437353030643463346433
+62353732363038306338373938656663396434333964393637343936356236326139333038626562
+32613062346364333233666464616637653464646630613835633136636331613461333438633462
+39303732303630643335616131626437373465386131373730306539323139643264393933346331
+37326564636338346131333866613136333530313336653638303961653137356435653361323266
+35386338323430623232653435333836366136343531383138653238663262633834353530653037
+37313430356561343962386338623464643238633639393532653537366238353130343531333062
+36303539623834343130373434353664373732373238373732363861313765616538303337663963
+39656337663662376230393334333163343861363464393536336165643664343533386162633533
+39346464613265396138643637643239383639633734326336326330383932666230353266393861
+31623939656438643366616534373637633762336364653830636635366331366266333630643431
+36313561336366663263633036316161633230613062333264343338366263396633333934613965
+38313432303562353261393932656437353231633133386230363534386433666336373432363563
+36656139313239313636636534666639396639353633383634633138646463366537653466306432
+63356631663036633536666562313134626363616231346266633531346336333566303930393132
+36633832363832303663393864396634303765366437326431303633636434396133323138346165
+38613961376461626235623566326562383035636339376163343165313465366537333961373631
+65663635653366653833396135646131323435643262646263663263376533633563616431353261
+62336563306435623761313331626634646661636464653665643964396439333030343835336636
+61316333323562663636346234353433303166373737653935373934613866313837323637663161
+64343061663564323863383430393964326638323830333030306437373537326430363064623338
+65313033373431643363323930333365333736333836643565316438363337363430393636326234
+30396163313266663937663662613066373665346330616433313639363863626564373931373064
+64643038306439306565303166363034363161393136323562366465373065623138343562343464
+39336664326665373764323030393331633535633764353630336231336130656536336131343735
+38366130303263343135646536646530346338666566353634653461623034306462616639613232
+39633634373863613161666432393561386435376638643162306335346266343539366265316631
+64623936663735356437333832663262326135366363306234366162643735656436653431363863
+31653133306234616366393965393534393630633430616262306566303437326663636437343631
+30373533646234356432643334373635393965653636613562396630373566306536313733383834
+39616234333732653835386363336661626164616461326638393038663232333431643939373834
+38313134353265333730326165643436383665656134656232626134393161326463373132646336
+34626364303533666163393834333137663331333262663630656234616639366262346338656534
+33346638623830316639363137373732343039663861306563643964393663613732363235326337
+63363562666164303139313864313837336236663730393736643735393936316338323635366232
+36636161666132383566383264373562303130396630633933646530303738343136366638643565
+31313861626539313639366332343765386534636334386363666261646166373137663563383238
+65363266303266626634383735626463633538333531336138376438386432363138333937623333
+66323763633130626363396430623666393238393261623633353838636131313335663731326139
+39353637383466306162666132636666666235346135643764376330613835393038646539626566
+35623662366462313661376631303432646264366661313534356335623832323338386335376635
+37373132613734346234353935336661313163313761626264663739306534653430303763343763
+61303061366634303162326465333866323232396261383530616632383237643433653265613166
+35343835653366333239613539343661653838346633646434656531323736306431633465636361
+62316362366264666533646565643333326139383465656230373537633038313237306130313930
+30396461396636356335326630326338616336343831633638393431636639626231333363633237
+33313237326362303866353736373437336130663738626633373830613465643333356262633536
+65316439626263336632626536636134383663386536626464306338353430316233373735383361
+39363561313735303366336464646164363465653761636538366663323032633464333530626139
+38306530363938633239363863343164666135656635343539623861363236333136373230623966
+36653232396630663538306133343566396564343839626162643835313630616566613038633362
+31333433353764643665386237613931303339363666353031303438646263303535633961633939
+34303836626466663537613861343139313666363736383131366665663137353137386336613730
+38366164626535333166636431373535303238653831636263316266376434646630376161613463
+39353361336437373332316362353661623162666630316435623233326238316366663736653636
+65646139626161303732623364613065366536303865656632386363393931353866643637613130
+30323935373837666637653062363766663535353433326638353731623166356432396331653435
+65333034316261646463616332326461656131633130326661383162373738366265343436393533
+66323762633464383730333938363139663862656534613963306635613937346434346538333035
+36303730646662653264626566333763396431633634303930346263616530656138656664666535
+32626537336537643532666636613330323363303036313661646265326566313032323630663836
+39613564666434633531326136666130613861363662653630343934383562653938303034653032
+61663035383731346238643037396234623830333764313139636532633830386639663738623939
+39613964333631373033643764323966336532373864386266336463633438303934323261346636
+64626666353963363133303137643038303135656631306339396664613330333361626563396234
+39643732323163646462393864303962616135636235616434623232653866656262333066653730
+32306236333131656161643466326562306439653163393862646131303731643565333030323965
+34366663366533616238616632393465636263666137353733386535623561336431656166623232
+63663162326436616232653463303038646662613662373334643537353032626363653862356132
+62643765613236633531303834623666303161366434306235656333626138666533343264346237
+34383161383264316539373534306431306561653333346337306561356636656132656234623365
+35666435656330633562333366363133393938636332353663353664616531393366333765303466
+64313361633334303265386637306266653935313463383433373534373463663861303162636563
+39356564323339636531626638636565336163323461616666356562343339666438366234363237
+37366134376135616138313261323465323835646333303431623430623066336236643531653731
+30363265636631303638313833323465623233656439636435666234306330636262653633353461
+64333163626130313034316131613161323738316466326231393936633235363935623139623831
+66376464393832313561616334373737666431353330633337623666646234613137396636343964
+34313036663133626431366330346565376432393735393636633638626263656461353263356638
+37336439316633316330663638346134396339336461303232626330326635383535653833363063
+63336534376436326137313634636465376166653163666331363362663239396561363063363865
+30613164323630623037623064376439646362386162636266643564383730356666343965356438
+35363839643238313232613336393135373236343332626361366439326361353962376236656633
+31636432386631376638386561613936383031663435643034393830623535393963303533316539
+36393934636564623063366330656365303331366633663236366132313535373566353864333162
+62623362666139326230326663316531393264323365306634373838343531396530656565386130
+34326437363832396338343036613663396234633862333666363337643862396465643564623066
+30356564313766383434636264346538623631663766303662653161613761653162313936343861
+65663864373666323430626133343331626635366431393930653232316231333538666462363933
+39613664376434633336303238626137613764623532623965666336623333306566393139383566
+38646165313436336264656335663435396265393136626665613538366136613034616333353864
+39653534313263373766616532303432383561303166336161636538356634393139393735636234
+36333561386635396330396261303062336238343634343462333863343338333364633835363639
+31623839366164316331376237646262373132363166356537653165346263343562353866656361
+35366530396430363262306639643863343930303536333462383036383866633830636665316536
+35376230336366393563343132633231396234316561373332373935646538633533383037343766
+62336361663636613737633838396433626336323237643338393164383762613531366137383135
+65643764666662323135306337613431313137333535373734616537643531303662363439373030
+37303961613134373930343662623464383037393166313763323733656361376436306136363133
+37313232343039636631643765363730363632353231653432313831303433383438643065623632
+36383539326130636134623765656535616161613538326334663535643532363365323661333166
+316332303537333365313038323136393366
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN Russia (via Iceland) (TCP 443+7770+8443).ovpn b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN Russia (via Iceland) (TCP 443+7770+8443).ovpn
new file mode 100644
index 00000000..9c7863a3
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN Russia (via Iceland) (TCP 443+7770+8443).ovpn
@@ -0,0 +1,284 @@
+$ANSIBLE_VAULT;1.1;AES256
+30623164613966626166336636636234663765326266343862346563336564396431303834373636
+3663313562356664363464643031663134373039326465610a643761653231353836343132376662
+61386332636634323530633764646363626365623132623632346566636339373164663835393635
+3765356639373536640a346638386466353130626236306564613131643362316634393966663438
+30666135306131363930326236623764633637353636373930346434633532333731633530373361
+63323831383638646135333336613262326530336564653463343966656130646535623535303361
+30376238323761313864346332646462393130613566636238663439353735383965626533393565
+64323935663139333965336137336637616264663835353333626361363639336464656337656530
+37333631333534373363353462333534626366623738316530653065663564333066636638613962
+61323965656635646362616336306135373336386133346466333837353165333264373835396237
+37653030303832323333353563396430383932326136323331383335376336313132616362643161
+30653633363266353039373339366439643461336634333364303638366538666634623537666361
+64643963623634666638653332393130653063613330373538613231316435393866303363356639
+61333065316335656635616537356634323539326438323931353231633731313439396330633033
+31336163623964323037366264636632363765343033343739386330336265623130613235316531
+36633462363235346139346130383838633065626362333839613461323632666537393737646639
+31626661636661303766616431356534303866663261646138333264323036333936383439313165
+63613532343937653330363936333835303961346630323438346134383366623338376561633237
+36633365376265343632343137373439613066303530653865666361363537356232323734393430
+62373631366639386333333233613138326138613931396565373939333133333034633239616261
+36333861626437303863316338396438306438666261666164363065303834663162333164393261
+64633937313561633966303963666134663466386431376661366562346366393934363836323835
+31303664363462326235646661323264393237643531646364616433356637303334663066353461
+34323332373233396130306436313930366534653661663831663930636237333934383037646137
+32633866336239343537363466663030336231613164323234663932623264373265613164313965
+61353138653034323064333066336130616564363461356466366462333839323037623865383338
+35383865623366663938353736323232333462666131613661663834303738323362393736373662
+38663838643063393730643562323166616337643634386534326234633430346437653366323538
+38343431333136343036323433356637346333323139656633336462313566373332366637333535
+65313364333464636563333266646339313033396232356161313432303666303237653939616539
+36336632383330326434623064306262343663613032636635653033373933303034306466393765
+62333739363536363361326230613236333334366465373562343432353836656535373233636637
+33306133643761383362373336383931636231633764303266633638353035373338303331663638
+62623734623031653261666261626138636564383935653766353236356436343934313065623232
+35303263656263633961363364633532643562613961396634363333623466633266363664363564
+30396231383836616139303436613838643262383465383066343064323765356131353663383861
+31343239346632643638616135326366653733653337366264323966623236636232333235623965
+62383439353463383566316231396232316161653039376136386263356236633137633664363131
+30366665306136316532316538623438663436323336633839393465616238393364616331306334
+39343732313164336363303137313137616162633536383464663531366566363637353831333830
+33333338633634643262633832666565623763313235633232373137303634373037313239306261
+34643965333430626431356638346130653533353561663932376139346635336336313239366161
+61386237303133313862346437313330343436623534636364323763643838386131656635353733
+61336330636333323031363430383038383538363864316265336564303632333930323461363631
+63653435316431643035313832323961616161626435323935393738373864396537353636656139
+33626666623437333131303530633937373633343738363239333063373135346565623664623164
+34376565313530363464373561336435333232626236356562626461363331353138663835366439
+37303466313839373030366132643430613065333537303163623264386465376239386562626236
+35636339363562333633353539393235626638643038353362363036393339393639656362356538
+34643735366638346230373537383634643134323964316165336230396430613535316563653563
+64656637366634343562303930643164383061306332613964333538653439313932646533353163
+35353363383032646462613230333963323430356436626238616234626137313731333738633431
+63653031636664346539386437303434313266336537643564363531376236663633633866626363
+37336465393363396534303538343138613262306265373934323232643166373035636430353735
+33333962396536326564656331653161343962633235653762393731336539653334333866633830
+66336631393136373232323664316139376265333536353134356264396534616430343862326538
+62323335373936663333643230656332383266373164656665386238316332636139353764323139
+36653161333665316535323563303066643232343531343737353134623631383830376562373366
+62303531613931343739643766666138396137616363633161363162373633363231356434316438
+31353866333734336536333335306161323766623764643939393063326365626336613662363936
+33393639623735376564653933663538346565303531343230383537313062333466323231653363
+38363437383138316433396430316537386239366334393261643338626337626364306237323963
+39346164353764616161306661383335633163383264613831333534343765306565663239323931
+66343866333736383265323363633366626366383534313630663637633139623565393763303262
+65313834343233656133343738373664376666623564393937333034333364313030346136343062
+61646239376339323733373865613934643630363733373139646636663565633539633131353336
+32383237346137333539333534393537316337383133373462303564636562623439316239656131
+36666463623030623231383361636439323634333531343665346366393934333834633237386230
+35346532653230303235393731366335313231363336633764616264646136633430333662323263
+61306337303930633236336535663439393866353864356132326136363432363231333333656133
+62643866373762383837323234663665633933373665666538643866666163626337323733653037
+35366362303464356464636666306538386432666435666133646137343735643863616633306337
+63643232326466333135643561623164383738643031306536396563376565366430363831613235
+62653166646639376333346238653664316463366638666137323833316337636132316565626531
+39613932613139356264613738306639613262356261303432653039643038383731646539363234
+62316131363066383761306632646465633036613061303564356335343163663934656661646634
+31303935343536623065316365363165343937306434646637613431353162386338383132666533
+35666339383464303662323436326636663434373339303839333162623132623232666137313933
+35626562366133643837653839363961643939613338323534646563323832383234656137376462
+31616262666561613166646564393564363730636135353836653436633164353637356637393235
+38346561663032653038663861633931383032663862646464313966663365346331393965363133
+31643335306166393262613362323761323064326563626537396266303433326531636635623265
+34333261383238346539393566616330393163373065663936353231663666336536376161326538
+32363366346338303362336236343031326534336330393364376632623261656565666532333264
+30623736373261396333313330643961366233323066393233386561313064343065653234613934
+63333234663830386666386464326539376336323864653863333934646335623833376437366234
+64366264313537333630363734386166363162333737383231303730376137653161643061386631
+34363139633830636663613532383437623034303164366163356639326439326562663962303937
+64643761396263353033376363356236656637343939633564633865383938346462346230356531
+37316564363938656436353333656661656537646438663531303730303666613431633965613038
+34653263313237366465636530613237383139613365323734386633336637363362353036373362
+66313630343863343766623861363738336262663431363433323035663038663632666337633533
+62303937303761346633386638376437303661626635373133663064653464373735626666326130
+66343630383466343138363037323863666235333862613639636438323236363764386536613831
+32383762333433636537646663363537363338623932613661646434613166333038616361303537
+30626536383065316436303732373431386137376332363061636437633163383133666566306330
+64643461616332346463383266656132316136333435663735363639313965366431306664656363
+65343239306366626538316137383935333131393063363863646535393063383631353034636161
+65346235336636356436333032396266373539386137383061366233633766666533646531353030
+36353734623230336362383437326234343437333565343263656239366130643466623437383164
+33633532323431653538333564346134383735326636346564346230366130373464356361366462
+34616164366331653362333233383432663830383534303931366239616639363732306234323662
+37376630646330326636356432653736613834326432666534653934376538626439653665376231
+35633037643834626134353663613564616134323739646632666165306664376632313430313531
+39303562323663323533343962613938336331393061643330326161363865316534633039303766
+35613434323337636138363762653663333366316538393631353435653637656361336338353032
+37366337376562613738356433313435626361626231306437646234613038373434613964336538
+36616362356533366235306165656336336165616335376562643561366437353765373534396431
+31643762353262323838663962323039613136343137653738346136373864663862396439383861
+36613765633664636432363931383135616338353036366561643137646533383538656138643365
+63653733393232346439636139316666393734376436336539316538323637313264396434303466
+30383830373338363761366436613136643731633037313663333861356664323836633332363866
+37613637323738306261306337363737303636353937313262653833373632666535323938366639
+66353335363565646436643830396337323261653438333233313963623931373065313266646364
+66613238356436623463316230623231336235636530616265633365336437396264353137666633
+33366263306438356164383133343662366434363830373032383239323635636639306434653362
+32623862633933303939346135363634633265386662383066306438643961356564336237336132
+65393833333165633033646266316639376666333131326139323930313736393939613662316633
+34333963323664643039626163346234623138313931646163316635383733303534333531363736
+38386565646531366533333539663365363038636666326434376231326231653039623263373432
+38636437303635366530386131313462613133303162353461656231666664393061623432386537
+39643332386534373537346439373938396439396162613663383236633437623335383264666635
+35643465343333313262643331626331353863383934303838653161633536666265666662656466
+61323363623162336538386437633931316535373531396463636538663564646366333631393065
+61626339366465343932656661666561626263393138633663653862333334363935633861633038
+34633766663565376332306262633566356534353539613262383562616161386164656630383334
+64653063646432383135316566666538336662646130633430393131646164643433383136386666
+39353931386233613833666238323732343039613338386237613864653862643238613832613261
+31623337616338653539613866386634656539313738333338363435393234333633623261383938
+37653336613839336437383130663738313038386139383531643230313962396662303831363332
+30343166616163366234653635363433396532363137626236336163346663626139386437356632
+31656637386361353839643837376135323361306530333234383731666132316430663130383637
+39353936646238663262393436333666363261303731336135623765626264633939363766356234
+35623562626533383034393965363664666166636333663835303430373538333264366531386339
+32303532396261626432636631356230306537373832373033616466386666333637663563613061
+32656564363937633838323434626130303465613136633039376264616437313934386263396336
+61353431376138373134616261663134633936353032343236633238633430663634643962633432
+37626633333435386434366132323666613830343332316362623964626539383131326538383534
+35363333303731666463613437656231393764326538323533366137333431346635323862376233
+33383962306535663663366538306462613737666463393536613263643165653338653037666565
+65353436653265633039356330666439323664323734613530663730653161353664633633326437
+33636164613938393963396566353638646264646136623534613030313761346330393763623930
+37366238353735393531336339343737316662616332336336666463383231343065376561343536
+34343731373231363435333466643031323033366130313463613432386364633764336665313466
+33333864663330653334633632343665623165313531313830646433303661666238626539616239
+32356233363336323337633236393966396436366335666162653835353738646663383633376139
+31633365373064663566633631633063313433306161353532646136333762343739363131623364
+64386362313830383338643466363331666634633161353765333330633463656565643237366365
+64383461336435313933306537366436313066396631393362643136616462653632346133306663
+38356632643538653737383532633739613530356133373363353261336637396464303162303033
+32653764336132613430323834336435343933653038326266623664373965356337333063353839
+37666638316633313133353264386130353365633338333664346138656265616661323039396630
+31613632653235366362323133623130386537376231306333633034393561333038333566313034
+64333730333533646639343430616564386636323661363231656132343762306234396534643131
+30653531306662663534626663373033613364323864623532623637353366343031633533626433
+66633237323733383138373232623530366535346632363937313465353437643737383461373133
+37383966383362656462626263393866663931363733663964363762636163663131353762633134
+32336336346334373762316339343438666432636532653365313965653833333339306439396636
+37646334313166643165333836383336643331306434396135616366623830393932373861353932
+66396431306239393035613833386531353766383961663937343533386436613538626437353530
+38333965393330613562636165353436353730313832323766313366343863323036383830623762
+33386430393439336132396430366530616634393436646237363964363965616137396237613662
+34633236633961633263623362393937343563366535353462383363366436643637383762626532
+65396536396331303235393965373839613934303230313730356232643732653032306535343630
+65356331313336616163346631656634643034653138663662336166653033346164646263386234
+38623666663537616237636463343362666530353737326663343734626330346332323864333934
+38346137373232323639326336643561396266363333393533386165353130333230363133306232
+65383666663364353333343532343837663166373366373164356232663433633630613137326331
+65386437636239356662656365663466333430363363393339363333353634333264353632303734
+37323331363463356638636136633037653366613661626138663935316264393265643337653338
+36373935326232363039303361313336633963393466323263306163636436326230346231646637
+35626632616239623932663938353262336232643037356538313437366637313964616437343837
+38376433643135643034636563376431653938393765316435343432383938636432633538383834
+36613761623334363965623935353832343231393865386533303333316564326535373263383530
+34373935393339613062353362636165393431613764326536626663336363666465343633636435
+33356134313563393039313938386361376234356261373131663164393535393233303962366163
+38393966616437303065326662303235353038656631326335303631383937633464623033363930
+38623834653365653232393939653763656335343563366637656139616363666537643061376664
+66366530643333333332646366656139353966393562626330646335643133636437313965623765
+32633266356435363061323735333862326261663133656538623137333930346365346331343331
+65386637303039353436313434313939643936393531353836643938353961653833343138373064
+32383530663563656161343938376365636330366365613539663563653937373361646130313830
+32363537316331326666613162363233373633343861396134343339623437363338613066306634
+62666638656135666465323530623931653565336538326338383238316137646630303937643832
+35363562653536373537613536323864626338313134396565643232343930633130336433383364
+32323463333031333662356530313166326261336539323163353464353566316235663661386662
+66383031363833613833383063643062333664383965316236636561336632353664663165623838
+31646434613163386631663363633666343732373331643235396239373032363061633236633766
+66346238626532323962336331343334316639333238346665643838643536653366666131653834
+61386131636630343932396265363630633033613934346563313261336232646463313261393963
+62383132316433653530343231313933376238393964353666623839636332303565386462653066
+32363032616164316164313966316132323437663132326133303661353634343837303336393463
+65613231613061386636656139633239313535623137356337626131343131383864383832363732
+39356265343933313635633038636665643264383030316132396530623766316562613237646662
+34343566353762353863316562313962616263316163313135353164333334646537623462613138
+33303433653162363332633666376661343634326439303363396237646138663134656439616331
+37373936353334653761396666383234366236346235613738303737643233633139373361386166
+39373631663464356666373539316234346435356562396534356637393933303963366633366266
+66333965336665666661356130376461393661636636383133386261663336373032316537306662
+33306333613532373366346261623339343836306161353936643632373436613061643131363861
+36313431376535626365306130613136663661623030396461303464646430353734353236636262
+38383062653561313661386239633135633932656165613137616162633336353932363233376364
+37343039356133303366306331346330316663616438616364323463626239323364366431616266
+65623131393262343761353561333839646436616435343039323061643236626566633166313630
+32663664313765373737626637366663336538653563336630663230646364393331366564323539
+31623061303130666236336230326634396436663433306166613363333765383461366333363861
+36643665386435646230646536613837323738613934366136343834373335613133663464306336
+31323833393665616231323066626538376530626564323131666439633762626261393736616638
+36333662303933343463636431316235666264343632633537333364626163643663613533323464
+62633062323039613037326137656131366237313162663063356661643832383536353266613162
+34313166626233336562636131393330626431613462303761366236656138393934383735353631
+32666437636332376133383339663631343132346132616638333836633633333432366231626163
+66613730383633643662393138653261333038613464336237383537356363363636613231333364
+31623232373965313035373836633037363532396665316335393137346534303065353633353265
+66626432333035356133346663326461306630616361626335653430343638626334613862643163
+35616233376463323735376630303462343132343366323731376632303731633737336362663537
+64653134386231646162656236396166336238613239386137313639353936643864643936643331
+32383563333438326536636232626435326533643635393633373664626164363732613864396362
+31313764663266613336666237656630626461383564363664626161316135396630353666323536
+34303330623635633436346438623861336638323861316536353935306634633035326234396337
+65373065363331326263653939383466353735623432626633663732356333396630363833646133
+33373063323466653564373463643361666665663730363630396265313336366162353065643065
+32613534323864343035353337626163383464656131313234303866363739646432343131653866
+33333436663562373333373638343338303830663337323639313634626230306231376635353639
+32613937653437613833663265343939396661363462333538303362613935613938656561653031
+62373466306634343733336364353337643439356333363464373030363636333765656438633139
+62643063306564353036306639316562346530313834343533376665643231313936653062383036
+65393833383365333735386632666231323639663463326261643637366565653361343237666630
+30386434353235653335336139386161656534323061366332316563336531316562623930333861
+64633264316633616334383838396536643936643561383530633561356235393465656234656666
+35623664646562336436633161623738336533383230663164636233373432616264663335366264
+30346466326536306331363530333262623966336635366664313662393631343765656631383963
+36336134613531313439623264633464653266356334383561373936633535613035336165343536
+65653631633361396338366564666630376233336231363566366235323464643734326362356365
+63333665323436626563376133383730656638653936653263396466363964386135353134346361
+30313266393963653066616663376439646131373565376134333633393236663432333963343761
+62303562383531656135366434353261326333653638353833343830306335363462623833666661
+61393963363666343439643066313761613731636636666264653633623865633736623839393138
+38653764393963643137626636626539313564663961323537333931646237313763316661623865
+64346561353737386664353030353633666434343938393136323634333562386465306635613266
+37376235303863383066383366313630363934353639343031633366653363303637306566373738
+62633538343866626136346333303964616437633033633164336532663566656363663432376664
+33303132663931653330653836306633356261313566343738333533356237323137333365343033
+37363964666632653164613437633835373137663264636166623530303732343432326133613530
+34336431613866393032636637353265623034626261333033616535393733393034383963353238
+31313433303164616563336538626265323435653537626166333036383432396631646538323266
+33326231346166363438363839663732363939353166303934386565613636663731393863616265
+35303838653062366130373165643662306361663833616130313437653035373166376266656663
+37356263656331666661346437613661623335356236316631336461633538656432616666383136
+39336364363733303936393233373539326531646666316666316534636439653165323334626532
+64306662343530653338633731303332376363653165353530666532616534313238613131336434
+33613462393564633935353262306239633062623731653034663039393766386138623065373334
+32666366383731383932346434353332313066353835346135326330373037306439663732383137
+39633234636537396530636366656463373337666565383866646261666164323630303866663063
+35306263666362646262623761633263323763323331656335373030393937303363306234643766
+66363837306537393665306263643330663064346431633961336139636363373533356462313064
+32323366373830313538616631373830323439333437303430366564373730626635623136616662
+65373539316437306261386238653161396264643865353762653933323735333561643630356435
+37313463633462626561386165383733306631303134303930343432346330623138666130656366
+32376566326539323838363135393266616438313234623335303437393461343464316530623130
+61376263333838633836623639643539383935653533623331323731626231396663363031656533
+36303565616664643665333035356566633363303437613031363739383831333134646437336234
+32343131326535353337656639336361313432633630663230646231613332353536653535623563
+62363030656237643230653438343231626537633933636166316134646461613665656139353337
+63643837613839383736613761326265643366636332633964343932343632663139666664663838
+64376161636466326166373864313463303037663065666437303834316664333537343832313264
+36613633343265353530323538663664623766666563336133363634633538636363333739303633
+63396665396130646539336238613039616230383861393739376131636234393932383130333564
+63356234636331653535616233386263646631376538386366633332636339333633353737306436
+66343463653830346333396635653934663632643161353530356631366338306435626339636637
+37666266613236363533613238336163386161376235396537313765643538386339383034656365
+34356432356562653763616439393563613533613032373065613534623561376565613261636139
+65356436626335643266373030353433373432623334356632363538346566643136326332396430
+32666664666366383236653362373939653265633538373339623839336432353534316364386631
+36643133356564326436303431636661616237393237306636343965383561336235653434323538
+38396363376131613239383464353138366533363838366266626566623731616536333233326637
+65336363633864303735666138376431653061363565313766643734633863393231383638326634
+30613361363436636166346237646161663662656134623634303639633164393763316663643064
+61306634333565656665353834343332353335356332373831666663663832373163626162663365
+64383533326561653239636363653532346439353038373266366566383463613436303936373866
+65623561373263646331353630636164363133613862393135663065343233653337323833653965
+64663337366233656437343163646335653831396335303737363232306261373161303433323138
+336661653564363566646533386334383231
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN USA (TCP 443+7770+8443).ovpn b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN USA (TCP 443+7770+8443).ovpn
new file mode 100644
index 00000000..1fee8511
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton OVPN USA (TCP 443+7770+8443).ovpn
@@ -0,0 +1,358 @@
+$ANSIBLE_VAULT;1.1;AES256
+33343732653935316233316666633662306337636266663861643035666531373034646433356536
+6138343830626231343263346665656662313035373736610a303563366266353266313361616261
+32396337303463343465373635663939363765616336366166366537663130376533373637306230
+3361316235653838380a306462386664306438643234383035353339623736356337373034353239
+30336232313436346237313961323334343534306662346265663839646530633836633135626137
+33356433333362323037633161313837396333393262643463363236356639373431623566393862
+64636135343434373164633737353365343761333561313635363034333836356365336166643134
+31633232656163383936313163663561343839366537643662313537303331656564613265623262
+32626663363261333739316462336266363136356562363432336466663236323532303064343136
+63316466633066313964323932646166333830393966333763656536396536323063303233616430
+36666332616132653563646661376363306132653638626465616134666637666235323034333937
+32306463323533303936656636653632313066336438313866306463613336363337326537643135
+63313337613166323761396161323136653132663739323763393834623232373235326438393232
+36656335663434343235373238303964663363316538613839653664316430323765373431346332
+62393665663563643762326261626130656634323339636161643335663832663531323966623931
+38353138656362613663336166393032633735333739616239333265663763346563323333303965
+38653135363639656330346335616335333030316337343064376533613431643261636265633939
+65323466643165333736623038653335333964633430306561303664636631636462383466386363
+63313530336432633039303362396638386233393739303836653439663738613938393936306134
+37623038646161363035336262333537363937656466653035396336306236366362343163363030
+65393632613034363437386535346335313031386437643938623139396234613837633839333265
+65373864666332363934613165663030366264623663643261393065373636363266656261333333
+61386138636434323263316264373764633737353030626663383634383666623164373232646333
+34386465636631303935343761633833633439633962383430366435346462666163636135386661
+65613235326339623133363165356438356337353339393066626262613332653331666335383730
+65336339663135393131343635303436663965356338376433626465306662363839356166383931
+65653436636634656135396138393964613361633363363531323262303664643663366534313233
+66626661306238393935326162376231353932613533346563613863326362333939346233633132
+36363831303431373865353831303339376466633436653165653436346136636537656334633737
+30623761316164316466336432613838366438313361353930393863316566373931623137623866
+62633330633664653739386330643939646535343639663230646431306162663837633766363064
+36653761343062646538363337373464376266343134643537313136306632363033363431613765
+35313934623436346639376365623235333035366564333763393661376533366536396534343537
+33663664343834313330653939323665346532656164376633666164633863353861383236616336
+66616632353266626236306138653765656431353530653530313138383862366132663938623738
+36383138333433666633333863386335613661636237613864303364313864303766646636633737
+34393938666432393764383537383533336566313362343839666561333938386530386565366331
+65326162656637336135626532633661393238623635646666346630613634363233313534626633
+32643964353264303234623232623030333265633634666630363661663738666366653433353536
+62663137366432333861343266393735643733306566336339393737363036616632616564623133
+31636530346666306364383165616138313633666333663939343735383233636538303337643130
+32376230336661656133376432303334653966303962663561653536333536336533366366366137
+38326532663765623064666333333338346433313038303438336134376335323461306430643262
+65383535383233313137616662306339373232343863343661623064333334663339643961303337
+66633631613239306464623135336536376465326266646230386534346130613361343132316136
+63633230313236633836383636386631356232643963333232666638336530656333323332366133
+39303736303437613534366435663361303766636664643634663938366166323536303431656330
+61393239663335623766393963323866303661303330313262643539313261653132616537333031
+62383631316461656537303265303238346135626262636635623261303063653435343164636130
+65303033393161346131653262363138316131313663323064393437386362643234306531343830
+64666338623438643935333565336138303537626131383364303738646431613663386366363366
+36386535343830356466383237613938633862623265313434326634656634343136646162643261
+38663233656237626563633564373762653030343432373439663938316237646630613565366339
+34666464393132616363306134333064326666303631346564393133353864343634373533346137
+35633366313962633066613430363261633331623031626230386632666334636261346461363032
+30623636623437653261303530613133383031386161626639616336666234376463316461316663
+30346566316461353563653434376266643832383863376631363338356566303664313761613366
+39323030363939353534366565373039623262623265366462626330663030326131383262646331
+36356265303635303830633637353232386133613264636536393732373131363866376439343732
+30336437363338353337306666393430316633333234633162326366666363326330626239353130
+34363232326139643164393733613563653133336336396630326363303933636339326462366436
+61323231373464373433643034336637336435636334653937393838373631383838333962386563
+37336230653233393433363935396435633263633433306261303966343564623939623939653036
+39646237636630316165666432643961313862363936313261323932656461316562623132326236
+36666136383331656566613230383236616132353435623233663163663862326632613439323065
+31393361623730326134623638663233346237333366373233333534373063623337363338333538
+65383834373537316332313630366332366366656434316665323633386637386334636365653730
+34616363633731663134616463333366623563663430313330306665333630393266643632316566
+64323030613334613636343238313038653061373266636561316132343933646538666432616563
+30353661623737363231373833383939316638306561666365313335313732373162653362323432
+38633230366435636635373465386161613331643766323864613034316466306632373366626165
+61303338353931363966623864346432343562633635336261633733623961363631643364663637
+33343638336430333363366336323263613137616233633130313561613237353361656162393238
+34613237316362306438623564626131303132353863363062303031356262343336663233393766
+63613037356639366336656165393333323833346163306338326539303432663761643734336334
+65393163313661333465336236633636333037373239383237663664666165353533653561376138
+61653338386635326630623831326565366664316538393736623732326232333039313036643164
+39306631623737343639636266336436353230656634626238313334636438626633653863646465
+65386564633232636666376336323532316465313665353530666231373838383931333963336532
+38303336373032306363303661623564653662623739643133663063623466623532313166313634
+38343533626232356232313431376331353661313931393938376136616465383832353663663962
+35373133663932336436313763626661366130363930663464626562663764353662616261383537
+31653063386266366463663663636334663137623465613939656164643566313338613033623534
+63623333333765323162323734616164306131663332353539633132656138363135333965636239
+62373537383332343861656636323964653030323032633538333964316237663266376663623865
+31623832633131613061373237363664663439383231646435643761303034323166366239653766
+66363839653261656635353433616561623633616265656364636661343537323030356337393639
+62346338386562623065323237656231316438653331333530336431363232396266356561326138
+35646539346636386538326166326439396564353439313035316233303861376334333264313763
+32613262333833346165663936616363343032383463326465306239363537346134343430633238
+30373762633234326239393439393237396639323733383863333435353032643762666636646135
+31653834663133383261653930373939613038363837643536303232623463383532363838393632
+36663964386165643530663261393336383561643632366664333261376433363663623362623332
+34323535303365393139373966336362666465373033323832656532623662333634313339646565
+30353062343561316336366337666430643337383765333430616366633939313131656139306232
+31366634313565363866623164666332636365623863656433623534376437613336646665333566
+36653161616539323235633764303233376661313732656535646536306239623133386530396564
+39653835393766353837656161303165353138613437333436623032343037313761343838333039
+63366535653430386431346465386635636466316439333162616236336361666339626332323033
+61633662613031346264313732373132613038643232633263613937353661303431333939646564
+64343636346564633464313864656539666330343133613466363663656333346263373861303261
+33353961383965663664633733396633313839333435363134373966383665383437373133623062
+33383734643635373062656365373463343065643533326137376661373236363961643564646466
+30383930336537386635663361656430326631326363363466333838366161336137643835643132
+62373165303364313333333934326230356461333264363239316162356439326234623134653135
+34383761623761316332633133663064303331373064623330393537323834633239663733373561
+30326431376335623635376234376439643438346334646365303566363866313563313962323933
+37323936396164633165383136666335373863633931363264356332353661323036383866363637
+34376435356264653566346239623065636463616638626335323836373936633038313333363333
+34356530376163656564306537363139653961613130316161626231613639656265343762336632
+36323666313036363964303365376135376532653431303735376462633235316236613936373663
+65653036386361316663363464636538613864623332316637323637313065383339333733653166
+36386439623935623861356165613231323831643634613532626331363936663061663036643464
+66343734396633356636376332663537636636353965313965303733323339383839313564393833
+34656163633161653161663764613739636532353166643536626366313137643461333764306233
+62656639326461653862656239326632393661333338363963643262346163326531373330623862
+62666633656432613738663662343635666538363964643732663361373536343131656265313463
+37343930376131346433656231643033633361626564323035323633353563616565346133393830
+34353962633639616530303438356338643638636438393465646132393463653332333834613263
+39366430653534613738323232646162656161656163366639646433303237646162343765353461
+37613232633332643330643463646362643361643863306561356530393537316339383261396363
+65326139363435613834343332383938356130626535326263656261353664666461333332343262
+36303061656164333861313230363632643238333833316166633235343962343366666638346564
+35346634643661373463643533383566643166363238336538646363376665643032623334666361
+32353538303934316264653339393463626362333034343038363339336632303835303765626436
+35656234626330633162306131653433666337313136643561336661663962623239656563346263
+63666631663465313462653166306434323136363765366463373135623466353535626331363038
+35366634393731313335366438336630623731393531613562643761613439363666363336623738
+35613830373839323765383066386431623534326538616438613433363662326339616665373566
+36663330303066653435363134386230333738656534333933633539393565323330313162303937
+63336130353330656364636430666138376662303166616539393863383331653136643939323934
+32363737393837323631653664383638636332373666306361383166303364323638323965663732
+62396233353066383365633661373062386430346635353962383032643065323535376566623439
+33323431363830626538643965326163623734616134633437633933643634303462373035653336
+62393165366231656462353232326466376637383664356234363063346633656361663531643666
+36336265656335653633376562626535653762633764323961343537313539336662646134303166
+64366666386537623433383866333964623638653533626432323930343837333938303665316264
+30393734393264363030643033333437653435306431356538613161343833653864643030346565
+61623837633738386432616631623831666239366664653362316438613661623431623461663865
+37396338663562653064353439386335383533316163626466633130333562626538303932353564
+64303261613633323435643766356335613933643334626263303661336465356531386363663761
+37386136303530386436363038323061363262623535363862623230313430653730373630333966
+35333737353230636264653232346565383031636333313461333263316562316536623234633835
+32323835356666663131386265306131383232616636373365383164316234353363646331633861
+65366133653164666361633164393763383065633039616462393263616332653335316238633961
+37653139313137656337663838386432376465396333313865353362353038336537343131363264
+34373362306630383963306330656332363765386438383164643736383234356262623330316664
+30326636633063313165376130303166656136613661366134643638653863663062666166346338
+38393534333432356338343835613732313335663761326435373066623431663332333763366566
+33613033396662643636656364366338353634396165616235396337643639383838353639323432
+30313761653464353835333934346166333936633264333432336634656639343965323537626163
+34373539643464623161343435343866656361396636343539356530663334326663323432363236
+62626161643136393864393734626362633731303661353738396562303138666637353635643465
+35616433626437626535313061363330616236393565643539633935613035343961386132373837
+63346430393737316162306437646337613432653166336532636362643432656433366138343836
+39626131316463343938363464373535623861376236613932346337393633666430313564393139
+33626561626134313938336165373035346532646537323866633263663233386534386566666638
+30653461633961666339613265366635643037373131376634363931613738656336336161316138
+33303631353466343038373163373235333038376632386135383431393239353235653937663563
+61623433376166643639633564653833363436326262336338633430386333323762353034643032
+36616665336163386532343861313865336539623561313439656433626636306134313632303537
+64333137373462323935373136343131613730306439363732323933383164363161626630373033
+63373363646362303032396334383632656462313330636361613235386338663566613538306531
+31363837626664656462323133386137343939646337623138626635633436623335646134363462
+33633032393435656465343632663862643435306638363438373435613238373339383637663963
+61363762323263613634616366363164306265333837316563363538636166353132366236626239
+30616564316534346233323336633232306632613830333137323737326361633263613061366635
+38303866373061323738396638346261353263616235393933316337373839653432656266303837
+34333730373866386136663934613137313235366164633364323139386135636637373136393532
+35353664623363313365363964366237373436346136303339333562316536396538396135373466
+34653262616466653832393966366531323232626161613363353336376435616131303239333838
+39646436376431366562306432636239653239343262663136643330633930373163303464343661
+61326134656532336535353332383938613363303163376232383830646335373336356564303535
+61336439346437326232643861643361666133366530613462396134646330333433346463633865
+65373831613636383336366565376238333231323537343139336336666634343865623738323431
+39643531666539373631326262363036306238323263333639323535366233656438333436396437
+36353939373664303835323736396566363261613766396335393765343030656635386164323662
+61616133343339633662633062643138363830656338393831646435343565386564623331343361
+62373530613039633833643530376366353934663637656566393430313235633862663031623632
+32626561383736356430306639373564666439633232653637373264343630366531343638616436
+38616431323565376565613035636638343433303361323662333836386632353837616466626138
+30326561343965353264343239333138636537396264306438323537653339613537313235643938
+38643163393961333562373166626339303463326664343133316361316130303462353433333337
+63653834393638633538366333323334376535373939323063623538343538353736323438346364
+36326532383766623639353033386165636265376239303138363436623336363062663065303630
+30633230336438643438336266396330366134396162353362343039303136663338313162333931
+37653133643336356238373930333732333531336561373632363266623037626466363739633961
+33616139646365373364393566613762313432383961353864666662376665346333363866663566
+38663863656664626331356661336437363464303933666530396534656665313535373831373862
+33616532663866393763323836346430326264666662356165383035373664353530633234376630
+61316266366263623163303161356138666262313738393564306236393238666638356266653135
+62653837356637653031633139353835653236323830633533373134316431656237663061366538
+61343831653033643731643936396665653138333539393464643636623265343831386536393030
+61336130363034393466653830663130393165383461356161643039626232646334643963323964
+31353763383665393662653532646234393665373435353838333233626561636236643365383261
+63633236643636623962323364373465663665636134303434356466666266363332303166653438
+34656564613231383832646563313332613232653533613666653061356666666436623231663730
+35396539383062666631333033383035623930303533303765643032383636396661303966636663
+63356361316339663335376164313232613431366364333466636564323730373736636461346431
+37643631306231393530336537396533666661333134356366353331653331363763646131653431
+62373765336636646138616239623230623364363731616333393930303063383838313637383161
+66386362333966313364326330356661333233663338316335646339313263653430666235663433
+35343866313362653638313239393830663434346330666161306138653564643736643832646435
+66363235663335663133323431643132373265363030336131336439393634376263626335376238
+35383038396634346161653763616165626234613865353432643835633531383930626364326137
+62653761356532383034383432303764373032373236373231393930356166626531666536326335
+30656531353965643232383265623662636137393761633536613663396636376339653263346135
+31333733373639633662613430623532383864646363383663666561306462613339353731633935
+31373265613063613631383934336339623538663763363834353165376666333030356566666132
+34616165393139303230386461646130343761323332303137366132373133386566393238313265
+37643462393766376261616435353134636134356137326633313731316630316633343866323639
+62303863616433363737333831643339396563316537336239623135363830303766303235616134
+35623837336335376631643830373733323334333538613564373661653062393464613231623936
+65316561626235636231333436373738626531333732316164663163346138373635346433643034
+66353165346433626239356333326634303036643139666263306439663961643761336662333935
+62336461633066653566663137376131363934613833656364326363626466396165333834316362
+32623239633733363663326137316335303436613833356632393434656538363964316165353066
+37666665663866646535323565613761643235303161623635306138313331643930306231643862
+61303034636661633364316339366436623364323339626664343430656466656237393663663266
+30643733353034363131623863366334356466393266613961633866313866373262386361393962
+64306536636539323332376139333264396465353939633432643635353433613330663364356564
+36323065343363383830356262303537303430353061376432326438323266336636623066393536
+38613538636535396330323232363034356531633635363065666435383437363234343762383430
+38613863643362656162636561393366333038386238353434386438653736323532383337366435
+34306366643831333435303762653764376331346633333762663765336433636537363961353465
+31653736623065323566653164366463316561373263613965373136643731383338353761646664
+37613338393136363138396239613334373038346631313364373766613633636538373137363366
+65373533616632653963623034616134383264333036313832666635363132356433643630343063
+64346136396533626430313038326462636163626536653135626362613130383636373761356663
+35613537363338323033636530616164313932663463366164353239323466663133333932353233
+37366335616365613765353434623464613562333433666131643432613562363233336638313466
+38646135623664393361343766376435656331373135323132393864373135336135363163383637
+30663166306331616130663264356439383331646234316439663838366566323931346438623635
+31323337633535376332313363633563373436313034613432323430636231373931386439646664
+30616337396633386462636134353063333339313238663135353837666437393739616465643631
+34366135636437393236366563356364663431333462656536366663333462383861386466653562
+66303033343461363034613133316366353236666437633436646262353938656433346538363964
+62613962323232366630636437363339303635336263663365336664663361303762623666343563
+66663334663162386238396231393265633562653731326535306239306366356365666165316334
+64613032356165613439383735613437303637366432383063646363303235663032376638313935
+36343363356338643262623739363164653337613036383830366264366137393332333762396466
+63306465336165373430373765656531313462353130313835643731633962666634383034386431
+64663235303563373465333230306133316666623963303235643164323265306266643637623064
+32373935643334663262373736666237396461303036643136333639346338363364383130393331
+61333230376362616437666666373831623333636364643433306231343830393938646462386261
+33623761643835656563316261336438663363383732333632646665363363376331623433333766
+33313938353932366139393137383634663830663335636165633064386433303061306363636165
+32343933366264626136663065623731633639396165376138376366643964383664663835386337
+34356664646636303636353037356134343462643531656439383964323435626464383661373464
+38643533616637353264363461643265656238396236623333633838326664393062373165373338
+33616661333831303463373932386134326234386166303763636632643037653836623763383563
+62326132663038336665383265653731373261343832356534653939353634356262383062316566
+65373039376665306163353433613965313166306662626238626236353331613065666236323433
+35666337376432633165653931363435313935353630656439646461663939343132363066306563
+31393261313431373939663031353165663130323430633031356636623462636639373931653939
+36613166353335313438646439306564333431393466616433633739313533373961653339383861
+66383866333063653838343835653830613231313863313566633062623766356332323230666264
+32393730646362663337363362633466306262323762616132353631323833343239653832373466
+61336662343536303835613062653939363363353930393937663138363730313036666436633264
+39393365666363316533353338666338626465623865626466396434376565633065393163346436
+35663833626364326331663431386161313830316337633965666333336230636132383066343534
+36613633316337613239393563666561393561313437323238646561663338326366303534363262
+37376565313961336561333334333339346437623265646436303232313064383034373130393231
+30316633376236616131393636356132663566306663643530643035643163376166343336373065
+65343036643965323361346533343564376634383235363734383938306139653039326439386532
+32623335633661636238393365356564306239373630336230663534653635323634656637633232
+34393335636339326331633635333766366366393532343539663063363437623663366662656331
+34333732636337333138383265326437653163636564306538643635636431653165393663323164
+35346430363731663463343165343664653933323866356534386434303635323366346539663263
+62313061346638373335383732366531663963653365636663323266393833333836633033316636
+64633461653638643466333263306662646435353331333062323537363238346230353130303664
+39336330633730386162323363623665343665306464623865343630383835316563333261653964
+34626663396266323765303665303862643463643139366137613866396138653933306332353331
+32353364336235313965343264393136353733373665303336663861393863326636643962353733
+30346330356238353832666437373136313463346136393334363964346234316530346537623535
+31633936666663663731346666336266356639656262356536643139366331393666306236393538
+30306634316136613435383766343939646537633039393935636631386338323564343739616130
+38656537393332353031323139616237613239356136343836323964333537346132323461316231
+37323166663537613064666334643538663361393365626339366432356165373533396361393937
+39353434356635363037633366626266383736363032356130663136346136393962383166663162
+64306266646537663662623164383863316432383261613465343162356634323537666335346162
+36383635393938356135346230376235623336636366383632306430336461303433653530396166
+64343366623032393133373432663334616531626565303866336232623261623739303437323133
+64643934366438303135656463666465316538616238643435666166333036353632376337373238
+64323232383963353364633561303763366434633339373564383164616265313138613261663136
+63376266653336363030383738396336626266386164343833653764653934353363656563383362
+34356439386631336633383632333162363630366133386133323631386330303833633231393938
+36386264313633396437623034643764616664643265323637616138383765383064306331333562
+36353037653233393639363833346434376532306565333131346264376661623534636332383365
+38613561653738363637303066613665663132363435623863353763383961336438616363386265
+63303863613035383233623662663166633237623433303566386436383063336632353130613337
+63313664343034633832363832326562663831636261303264356233613333383065366236656462
+38653663336265303262323364663432653635323833396665336462666537616164356135303662
+64316135343931363164636663636332393939356334653537613264363766336237656366633562
+66386130303730363637613237656335613362373434356437343264353531363231646561386435
+66303666356566396134383262366535643862306561376334616334663065383565613936323566
+31376262333436303336613536356235633437336633646231646666393862306361623935396639
+36393262616630633436303539666135623765653363363136393632666337316463383837306238
+65303966383935643335643330313530373834313730306535646131336536653930666633363366
+32656263613531323833653132303835663733306632366666633766653265623930303436376333
+37653831333633636665613836633832646463366233343662366266316364333730656533643366
+34376631356430356465643966323039653834353230373935393636373963633163323061386338
+65663165353165376430343466386163313437363536343231333262643437326239366233336636
+35303734613865396466376566623639636466356237383236643834373439393338393039626262
+39623035303032626466613766343861633238633337363737306462326538643064386433343334
+30373734393565613135336261376430373234666138333462303330663333303938356534663536
+38346236393031623363616639663966633539323238376133393632346634663863313234336561
+63353962363332616330313830306265346531306265343037636465343563633736653561653032
+39323663343030616430653731383933646165643561353031306663376531633863646165663538
+34303433356464613439626635313564656361343961666265376132303030626264376233313661
+35366437326534663439666465396664646364656665616332353034663164663166613439623836
+33343437316532643338386131383263326663333266663336333463323664376237616534373334
+34363337396332643964363335393263653961303231343838336161613934376535646634393932
+33623563643864346130386463316262643331383337663933666463653362363264393839386531
+66346136653131663838333037316338633236646136653366373936383632353939656435666535
+36343065353039353366366161316536643436623264306530353236336133343836373533353432
+61663431333836656332643865343538613766383338356566353463343934333865356131356239
+63373065613733303038386236623339383761613439366538613666363433666231666361366638
+61626533366233363236313335626630613435663638306230363866393630643430343764376131
+62366533616136306235666438383635303665333933386634353961663561636364313263313762
+39316338356564356239353736623734626532363765313837373739653864656337653738663833
+39623264663038663365343639353831386338313637306232643533643735613238613264383334
+65313636343537353262636239386165356337656532373861656637333230633966333139393962
+36326166303366376162383830636163643133356538616630376130626666376338316239613766
+31383961343539663239323866646262316365303337653831353938366435353635623338303536
+65346662353961646638326130303661313532306336383939623263346263323031336162353631
+66393530323236623439626435306634363934383430336130333535303734643631653336643636
+64353161343830326437346635313732383462613938353430343934373631323362663666383339
+33363435356130386135653763653634376231663836303464303534396532383734396535656234
+62306265653331383334633034316331663837663639383763353137366238383132323564643763
+37656138626635663037376232663361626165386563366264313631306530383232633366623432
+62656136326238396134636136363465613162663964633036313465363435643236666530616665
+37646634643836366238356531386232313635366339393631653062323139363963663237323038
+34303433343536306338653165343735393265376134316563353539363164373734303766353937
+62633061333136376330363635613062306632323839633539313831323262653830636538343064
+35663461653436626562656433346233343436613530653534396236663966323964643965306630
+62336132643761636430313634363765623862366437623836353134646535363462623162623430
+62656236613965626431353164353537633038376434363537343962313361623738303866376461
+31393565636235393462303966356139653662353832316334303935343263366139333465623765
+31323863323938343832326439383863663637663464646437613562313530653363313637333366
+32333836626365326234333331303139303435613033373161383364386561383435306637346663
+31333838303766323838646138613061363331613135643337613338336239663562633231353861
+63366331333735323361376236343532313134653837653130356330383930393834653230346435
+39393437636362313962623763323338336539646265386630643137633233343734663764666461
+30373563666332373764313032333264316230643932633061363334343935393161663435313263
+64653262633735623462303764383034336361313339323131366130666231326233376131323130
+65373931623633646232383035663235656238333533303935313861646532303436643965323334
+34643562663865326630653865313836623139383664383766663861386231353339313961393234
+62663336336634623634383164373338656366343635336534333136306661623662643835336361
+61326139633736656664623465626130323835633331383636386366323438626137626163653034
+32333639333734643763366130326436313866306663363265616166363135626136363038373933
+33323665613164313862313235343338653335623864383466383239306533306663613533636661
+32353533356235643964613962613037653338653032616539376335366430613137383661653766
+34636366313232633664326230393862616632303765623336346235383639316666643733666232
+66373336623564626137343762363432303435353664623133323636303335323262393365393339
+33326236376162633439306236346432653939346465623365323233623934613833643334373361
+38393334303030663262643865636437646136373863633730663137633334346631
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cambodia (UDP 51820).conf b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cambodia (UDP 51820).conf
new file mode 100644
index 00000000..d45c2d3e
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cambodia (UDP 51820).conf
@@ -0,0 +1,22 @@
+$ANSIBLE_VAULT;1.1;AES256
+62633362343431373062666364393163343764633834316663323562613863393637393832313335
+3533343939353963613463333662626333373338323463350a323833363331623730353330363831
+65356637623630313538626562656333353261376366336639323262333734326264623863323333
+3833646337383937380a643038343132373064623761346238336561313365646464623136643532
+65306138303063623766393830363736316439376139336131316138383136393461343137343934
+30373735656132373234323163656262356566663132383131616631356632646166663066643530
+61623330396335653535366134353832393663626562616361393564636535633134313637306461
+32386361343965323763616165326236633863393263386334616537393239303430643432363531
+31373132366162363837353361653366653437343561356564633463323835373135393538333337
+34656436316631626364376530303934663163366564663866656261666461336331633166653339
+37393536663631643834656636633430386637343133643333393836373637653039346139646335
+31366266316634643262363239633961616239396338663936366134663630666465653538653632
+35306630383331323564653933363232383637316338613366653662313465326337623136626164
+65306331346637653865343631373863363830663935616535393330393634336331363265393364
+30336630383330646432663937636231316337373034323163623636646333353138656261343661
+30616532393139333638363536346230656539656432343634616531646435626333393733313132
+36393634386566623565313132326465623134626566343939373166363764326237323363616162
+33663264316139356139353736366338306133346636373136363133623361343061646363363737
+66386330393966653535303130313064323131303964386165383930633635663563366535623564
+32616139626466643838353033613333393839306663366639643238373739643363346662316464
+6331
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cambodia (UDP 51820).nmconnection b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cambodia (UDP 51820).nmconnection
new file mode 100644
index 00000000..7d904079
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cambodia (UDP 51820).nmconnection
@@ -0,0 +1,32 @@
+$ANSIBLE_VAULT;1.1;AES256
+34353935343839353066393861336336376237666166383161633730323935643965656464336234
+6636313233393265343162633965313461306364666535340a643265306334383032353661646636
+64653336336664303138653932663733323464643764393866383139393335653832613035636332
+3434323437373139630a333264356235633436373565333933643065376635343232383364373737
+31643633646233373532396239303066343831653137303931326462366365383739333032666636
+34363065643636616264636238353836636134303334346134626135646431633230303935343038
+30353737386363376664393430376564326530346334363938663833383337323134356234343835
+32656461323633663734373436306134333337376135633133346463306438656436323866616533
+39616565356266653362316565303534626661376631613234376564636333383432653039333262
+36316238633464396135383836306230623134303665373233666138343234646235643438623930
+36663336656564356133656133353433313032346663386639373434373039653635396232396461
+61653435303932656264653461353764653337663236303631663831356462663365623039653762
+38383261313239363932646466343762396361373835616562326636323938333066393936613062
+65383934383062366535653831333765383365616163303038646636313762316134346361386639
+39396363653833306464386463333233643638316130333464653436336461623032663238636339
+38353636396430636536366463666366613830623630346238343838653731353835306563653934
+30333163373033373966303431316532303138316230336632643337346437336334333262376537
+61333162623236326665643938373161303539663931383962326135616535343033393934653632
+38383164313837663765336162396230656535353630646339333238373331356632333637643063
+61333161613962643037346133383034613636653139333538326462643436383934363665373362
+32366533616231323930353039363861663530633562363363616264626335346536613735343130
+62386662343836613565303664353932383031373636356233373363353937343036376138343066
+30303039383766316365653861373730343263353465303635663966333962623066646339306236
+64353330653331343865366438616239376536373936353430623566656565386336363335656438
+62333734333335366465616465663539356139316235323739376264313765646162663735396235
+32633964663530643637626234636439613332306233613466373236666333643265663066353238
+34383130643238363939363932663537303962636434656438326464616361353765646434333132
+39646630636336663235333638376435343138666239646132393036353861626632643164363364
+66653434396634623639616364376139663836626564363866306436623663663538313930326565
+65326637303634313839373030323261303036376364323765346638633534326262376638343561
+333161383262336264323566626335313137
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Colombia (UDP 51820).conf b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Colombia (UDP 51820).conf
new file mode 100644
index 00000000..67246e7b
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Colombia (UDP 51820).conf
@@ -0,0 +1,22 @@
+$ANSIBLE_VAULT;1.1;AES256
+38623034616238316531666163393332356365623939623839616665613034333535643733663363
+6536366237323462656265336165633661656533306437620a613166663964356366626337383163
+35363736383531656562373561323634383761393134656131393638363936643330373737633230
+6262373964613262380a306337653161376638653436323233346632303735666436343331326432
+35333933373564353136373134623963316564626636633134653139653039636463333932326665
+36616437346662376531346363356236326431633834356665333164343566366362363234343263
+62656539343237636166303566363233653632303938363130303536343265383164353966623966
+62376535613163663637646531653339646637633330636330376463633633653736316231653632
+66623563313662393061393030656332343032323065376334643462383365656262333938616132
+65393063356432356634306661383563323431333864653161393134623032323135303237613462
+37313562393765633362646166633333303232383733656466633361346530656432643435343663
+32393434366135643234356230656661646531613631383132306333313338326532343530313331
+65613434336438653132323130343636343262366465353066393365633438316634373631343734
+65376137666636303230356263316231616135333761626132333761313862313739323535623664
+35306636643161356430383433386163343635326265316138316264376532333065313261313463
+30333365393265313232643939616536396235316632643830633032323162623764656665396635
+63623834326137646630313630663631376263333466666632356538663936356366356538336639
+38343565303632353836303735323833303437336535633661323339353636386465353938333631
+64343633613637616337626539373339323334366263383864346565633433656266393333363462
+31326432633735353930306234306164633262363933626634313035356639386439613864323632
+3961
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Colombia (UDP 51820).nmconnection b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Colombia (UDP 51820).nmconnection
new file mode 100644
index 00000000..a9927f10
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Colombia (UDP 51820).nmconnection
@@ -0,0 +1,32 @@
+$ANSIBLE_VAULT;1.1;AES256
+38346162383934333333323861623161653439623934626330626464633930303161626163316539
+3461363666663830333934623766353665626562613838350a643237623161356336346635343266
+37636431666565663131313734373637386637336333353236633866366162316233656431653535
+3066633935363839330a303862373937633237336230363938316266353930346234363034333338
+39316431613761333630336466323731656330346239643334346564313430373232643862313132
+33373336643834353161346233613632343838363539306364656336646363353537393339393336
+30373039333535663636303732323434386431626630373562366131626566313136303835626562
+32376336353839333133646161343064643034633031353862646133366563343530363639336265
+35626532313432303766613461303366363533343637323839656665616434626230613135633463
+36656534363833616339643566636562393531353531303339343863343364336639396462373333
+62643036316333346238326430363634633936663736643365386362663833383437316563663866
+31323431663265346133336165353762323463376337643663633631653134353338376662656161
+32636565663463353733376530366563653238626138343534386334356539363634393633616337
+66363738393039383830383839356332326132613539383566623930306162333663653036616235
+34306234626566623130666633366637313734623864393939306630313964623462333435623439
+62343831343031323036323063363265636539353538346532386461616463363436383130346365
+36366337316661346231306235323237373831316535396133396664303131363133363330313235
+66366238663139646262346664613838323731633936313138313361326132623733666262373639
+63383662616662646466663833623537306161366132663262383463336132396166386130386136
+63303030396231363065303132626161316135633734383137396235613731353364363532363763
+37306639386530336632373134363234646535626135383134303731666361303135636437396165
+32326466313833303165363263356336623139613166313530356634326334303938393962326530
+66316161346234396237633362313862376362386533636236666338376164343535616334336332
+32336466616563383965653461623930373936633933353433313162393064343762643365366239
+65613031306634316635396231333061373861396638363030653464613134626337333732303239
+37363936346433353230646235616364646462666364303861613332356631666332383765313137
+65396464383630303265343664656363653532383065666434643631363162323433643334326433
+39396235666264663832666438643233613635353537613733636163316263353230376232336462
+39653165303235306637363831363562636162343963393239663330316263656238356336383135
+31353437313130306339313132373639646263626636346564353566336661616466376139333435
+666662353434333531373035313562316364
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cyprus (UDP 51820).conf b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cyprus (UDP 51820).conf
new file mode 100644
index 00000000..29755f70
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cyprus (UDP 51820).conf
@@ -0,0 +1,22 @@
+$ANSIBLE_VAULT;1.1;AES256
+61303730633737376534326163336132666231343431333861336133366332666231313466353736
+3132623039646334336435373165623434646635336335360a363765313935656664373838643338
+31343731346336393338613432666433636437613862616635376634616632313565386332653839
+3639353864363234650a643364656439613332323633666535346435663666633361363331663930
+34343932626666306331656636623064666637636463343635626165343034336163363436373061
+32636163383737636532386366636565396131353632663334613361376165626634326631646331
+32383430393164306633663239646236396562396662666634323632656237383761303566323934
+35633239333137326539396530343664633332653162663861653132323836326263373735383762
+62373864323839386636306433363539363031633936313438373261633963366465323434366137
+33396431393264343863353739313437396264323563383331393938316662643638663161303037
+30343836313135386436333933656632376439626637313364636663343763323663643331643962
+63383638663365633965313137653333303338393965303034346536353261393535643933323564
+34656339343235616463356364343364353863653163303433393566333930623439383630643939
+63653965666362343966633865653164643961343165306634626338386330386237346432653731
+37643766643763303334323238316633326537313865323535663362373863303834633831316138
+35373339663061363432613833646363313663313231613835316538333765303935613832353832
+65353232356538333538616334613737316463616538393036666665366262646162626137393064
+63316236323064346162396435383565623366363934303961353330666265663530343664383666
+61613635313934623239663465666264393066663263373439643038666664356637383565353533
+65353435653631633338316663346665663438633962323133653163333331626330306431633864
+3231
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cyprus (UDP 51820).nmconnection b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cyprus (UDP 51820).nmconnection
new file mode 100644
index 00000000..95e7616a
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Cyprus (UDP 51820).nmconnection
@@ -0,0 +1,32 @@
+$ANSIBLE_VAULT;1.1;AES256
+64613261626537343331343539326437613665333230626666623164353261623066643438633938
+3539643163326635646165383231613766323461613136310a313563333366636165626638306461
+32313332363930316436643738383633363239643436323736313534616639646565313831343637
+3735646230343161340a663830626664343933663935613931383938383935393038393136363738
+38656461646162366135343230623731336363633738393532643765353163333262633134643432
+36626366636262633336376533366533303965393534303932633633333631626361653863613963
+34643736336336376462326330313434373738323234333639623230313133633862653566326662
+63343733303563663262646464346366353338373765336634643338393833663162343031306237
+33333631373833316535663633386537623239373236333836373938313464383835656436373765
+34633339313164666333343332363832343832363362373833616339656663343935643334353662
+36383061343538376365346132653161663662613761626535626437653836333065383135316561
+31613133333437623463326532313733613165613537363730343237663065343132613232303935
+38353039666163383864333531636530373039356562616332623064396165303066366637313866
+36343131353732306436633032303537653161316630646430643734626666383031396630353935
+31326232356537646165663766363034313763613735343430373339366637353835333935333030
+39376461376565633162383638393837323532623432623736303161616261626534373530383165
+34626530633834643638346437653363356233323837623665356436306664643833363938323639
+30613030656636343133373963653264356330303135633132653238356535653535396361653537
+62366163383337336439633738613065303137343833323264313631656133333632313662643432
+37383066383334633730326537386362323662623435383566333934316130623231376130306463
+65333666303037663730356261343961313762333932393437666566356136386465373334666137
+35643864306565623631393239656636616433346534336635633464356366363335626634636464
+39353865333331336238633738363938393234663664656533656439643832316338363336643663
+63366461616135373763316135646335363265643861306364316338333864633365353930653933
+33623161633134343732656338303262633434316664333761313334663362623439316438396339
+35306131326564613164663164393765346539343337313466326136326431653939663339346434
+62643530643631653264326262303531653636623631323134383965343233346238306566646330
+61316636633930336138356161356263663833336334373437646436336363373232636231623835
+30336432373738616431363039376339656265336137383261326236663430646664376135653166
+32336130633034313234636131626566333766613236333862306466393337393765326638373834
+633465333665633437326336343061373163
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Serbia (UDP 51820).conf b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Serbia (UDP 51820).conf
new file mode 100644
index 00000000..eb2e64c6
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Serbia (UDP 51820).conf
@@ -0,0 +1,22 @@
+$ANSIBLE_VAULT;1.1;AES256
+34373330363137643733346163663737393932653938636261646532333663376262663063396164
+3335623432333135336536336430303961363132623837330a336532316466616166613736643266
+61333334643232653136343630653961663931396462643361613062393863353636326137373133
+3166376130656561340a636437616235336663303736653838306463653238346263363231336162
+35333265366665643462663537656335373832393565633530666636666134373533613335343938
+37313336313037623935383065363831653031336536353732303236313434343435303666396638
+33343030643536376531333336376436663531383638303930316263303065383937343231356233
+64646337303165386464373366663337313366623635636162666135623365383934333336313665
+34396461633133326134393634623733333439636232636264343435396365633461626430336535
+38336433373935363066333732373034316266303739336265306136616138626631663434346236
+37346166626363323730353637373136636361303733363433663561626131386634633965393462
+39393033363136333039646364613437643961303430663465303037346134346238336363353037
+38623937653834646439663036613464336530613862653433623134316433663835316632316436
+30346466656562613166656165376631336539323861323239666265303962303464343039313061
+63636239663964366166623636383636356231666430623033386233383962636666363939363532
+39643739653665363837303332383266653662633738343261363539343535306137386532346238
+61393361626338663364616162353732363439356237343634343937303039356336346438376662
+31386439333265376138633036313962613930323864303036393339313166633833613062636639
+36613464626630626664356531366634633336653537316234326531306634303034336639666239
+63376335333635666564643161316461626631623237663431626564646161326138386639353435
+3939
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Serbia (UDP 51820).nmconnection b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Serbia (UDP 51820).nmconnection
new file mode 100644
index 00000000..777259c0
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Serbia (UDP 51820).nmconnection
@@ -0,0 +1,32 @@
+$ANSIBLE_VAULT;1.1;AES256
+32323131343130396537323361623661333936666239343836653935346233386131396166666534
+3631633330363836393435373531636234393438663964360a306434613936353334636532366364
+39396338303935343733613134613731373238643736643430363866316631353834326438623766
+3531336338643331370a316663366234636433366239366139303563373834663966353834363637
+32393562396137336234333361383238363463313664613931616362643636396365653565643863
+65616565366137333339346161393135303036373432366136323162373234303363383636306137
+62613234613036353966376531653665323334353664386537383461376663373437623939626461
+65663162356461326266653538396238373461656135373636663234373638323036333631646565
+64303566643633353865613333323835333662616465356433313635303863386163363235613066
+62376332303232373861343235646261636562663365663165616165313061643365663332313465
+30663762653233383334393338396235613234396131313130333365316138356132613430303766
+30396533653934373435373234373833363131383632306336626365303437306632366663316233
+39316536356532393761646238313864356464646534376135396538313832353233333266353433
+32386564653035666133353438666135306532336163323066383131613564383431326338653638
+32316432323363396432393336303732646536623630373462646335613663323866383139613563
+37316431366434313933373436366662366538613663626131323964633866316564333931336564
+32626130363263663164386338326364666462356435616266356262653463323638366533626232
+37393564343435643731363832613231373837393737386130346365383937666137616166353230
+66386264636331366639323164353530323036633235653063646638383535393231376337336663
+62656362353938386139393765376631363236396264353437303362346433333432383562653065
+38383266613939666332323839346434333466373237366264316664306165643730613837376234
+36366136393331623739393537303833316663343235346264376265336131636366313062386666
+37653963346237666164316164363664623732613565646662386335373263373763623233643761
+32383732663232633834643563623164373033383231333633616536353234626462313662363433
+61663932336538343431333762383166383263663161316537323335663166333131336435323864
+32653935343137666137353734306266346233666264646633613936313531313863666536666437
+32653135323665316530356538653639323834666632396136636534616463373866393462656535
+64613134636230653630653766626265373235633633333639636138626336616230356365616533
+37633833303631633138653333323235393336353861316439613736323363656661363138373862
+64343663613162306261336132393635303364346661356333376666666365656261306265326330
+623736346233343039626565346434366634
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Slovakia (UDP 51820).conf b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Slovakia (UDP 51820).conf
new file mode 100644
index 00000000..0b89bde8
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Slovakia (UDP 51820).conf
@@ -0,0 +1,22 @@
+$ANSIBLE_VAULT;1.1;AES256
+32343738356561376564646239316264366266393932323230626638616565656366663664323664
+3633636135656134366537643936316230646561336638340a623633646665613139373235613035
+31396538616636383937343164306136356439396363316639313464656235343032393764626335
+3537653131396166350a383665393130353431366630633861636461663237353166373863303362
+34613963353335303834313037336433356565383934303965613733666239383162303336396136
+36393130356533643964353335356266666166366431643932333738366434396233313339383531
+38393464323066646461663737383861653763396230363966616330633763623937653964313930
+66663865323964363762616437343538356261313138353431343663353631303833383037326432
+62623063613633383235623561386361333131343733373233633162313363663232383764396638
+65346465366263626630656665646237653765646266306630613838636135396236646339346162
+32643030356333663135353137643132396431333064303635313239303965613063323239386136
+61636634633036613836656534373364643934636165353838386432653730646465333266356138
+35343962343139343736353230646636326138613565303737383533656435643566643263336461
+35316465343931666363343066633866383536656239663436323439353933353433353538333831
+34373737663331656165333864666632326331656337643537623665333738636633623462663732
+32303964613737633537643163616238663535633431393361646463373430316661643235653335
+66343066616438643938626330383138393836366363663464663437646533626238613536633832
+32343631306366626532306364653266326333346432346337636638623432323932646361343232
+32383366303638656365313164356539363561346530653538393334313537373466343363303036
+39343063333261666461363831396363636132373165363362643038663537613236333265353531
+3239
diff --git a/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Slovakia (UDP 51820).nmconnection b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Slovakia (UDP 51820).nmconnection
new file mode 100644
index 00000000..163c9e00
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/files/vpn/Proton WG Slovakia (UDP 51820).nmconnection
@@ -0,0 +1,32 @@
+$ANSIBLE_VAULT;1.1;AES256
+64663433666564643536326139616436336531386430343832363463633162356565646634346135
+3833626663666666613234383135626432383361613364630a316430383637623536363433306532
+33636335386634666464353663373163313037343430363134303563363465373236333364346261
+3935626338343862370a623139323963376237313830306664396333363530373963353833313634
+33373035636432316464303165303439653238656463316463303339393661346635383132623733
+31616465653161636162343335666137653037656134666266656437656633613132356236613231
+63383065383137396661626637383839613732333036386635626539313135613131326631333866
+36613933366531613263646461666637363062313134663835353366643833326137373036353965
+66333730393638663935366438613535376164333335636330353961393639336261333336373438
+31323837363264623066366432323135646234366232333834383165653733313639383832383539
+38383030636434666266326430336136306263306566323361343535643566383662363836636239
+32656166626364303135343664306164666666626533393733363765393565356364383938626431
+35313330643063633034303435656234326264333334373735386436626630613265636661396561
+63333334333635303665666336616365623338386534613231656533626135303864376333343464
+38366164326435323562646236616233356133393262323633656134636235306337363132613765
+39343536383938306432353239643164336631653665303262366666636536373035326531653434
+37663034363562663063306461653438373434373430656464613832333738333863663831653736
+31663038623732623661313934316138643231643030643135383630386533616262356637343835
+36383332353663616238303931376165633538633933303634353238323965643931643833626230
+31643562643463666566616262336165646337326336373966386230656335346565386261383566
+65353432323235323232383163353031656533393033363434323034303237646239643663346266
+31366561306434316163666431663937643461633131336434333262326438306430383364646136
+37643232363261316634346439363665373533323161386532303635396636326639306537356362
+38663330666361623462393331636263626134343334323632363830633963376230323534373239
+35396531323231346561633664366362396134306335623331316339303431666135633833333766
+39396439636531373166393035306262386463663235633936316532323861383437383235633432
+34613034366335383561363164376237326366343933396162303161313430356663663039613636
+64633232623663373537316539393830343132373935393438336536623439313830356133626430
+32343964346635323364323662656132336335366336326638663766663737646338663065373061
+33366636616666326438626334303761643336393866636137643436393030656463383639643136
+383431323365346362396663376564613162
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/all/apps.yml b/home/dot_local/share/ansible/environments/prod/group_vars/all/apps.yml
new file mode 100644
index 00000000..dec46229
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/all/apps.yml
@@ -0,0 +1,277 @@
+---
+# @var internal_domain: lab.megabyte.space # Default domain to add internal apps to
+internal_domain: lab.megabyte.space
+
+# @var public_domain: megabyte.space # Domain to add public apps to
+public_domain: megabyte.space
+
+# @var healthcheck_endpoint: 'health.{{ public_domain }}' # FQDN of the [Healthchecks](https://github.com/healthchecks/healthchecks) endpoint
+healthcheck_endpoint: 'health.{{ public_domain }}'
+
+# @var theme_park_theme: aquamarine # Default CSS theme to use for select web-apps (see https://github.com/gilbN/theme.park)
+theme_park_theme: aquamarine
+
+# @var apps: [] # Contains lists of web-apps assigned to specific hosts. **Any app installed on your network should be categorized
+# under its host.** You can see all the supported web-apps in the following places:
+#
+# 1. In the `roles/virtualization/swarm/templates` folder you will see Docker Swarm configurations. If your desired app is in a configuration
+# named `portainer.docker-stack.yml` then you can install it to a host named `nuc` by placing `portainer` under the `nuc` key of `apps`.
+# 2. In the `group_vars/all/helm.yml` file, you will find the `helm_charts` variable. Each key in the `helm_charts` variable is a key
+# that you can add to a specific host in the `apps` variable.
+apps:
+ nuc:
+ - cockpit
+ - maas
+ - portainer
+ raspiboot:
+ - netboot
+ - netbootassets
+ statuscheck:
+ - healthchecks
+ - statping
+ workstation:
+ - cups
+ # If you want HTPC apps, make sure to enable all of these at the same time. They are added with a single Docker configuration
+ # and configured to tunnel all traffic out via WireGuard.
+ # - bazarr
+ # - cups
+ # - heimdall
+ # - jackett
+ # - kodi
+ # - lidarr
+ # - nzbget
+ # - ombi
+ # - organizr
+ # - plex
+ # - radarr
+ # - sonarr
+ # - tautulli
+ # - transmission
+
+# @var domains: {} # A map of configurations used when provisioning web-apps that are defined in the `apps` variable above. The
+# variables are used to configure NGINX, configure CloudFlare DNS records, and populate the /etc/hosts files of peers on the network.
+# Examples along with descriptions of the options is provided below. **Any new hosts (that you would find in the `host_vars` folder)
+# need to be added to this configuration with a minimum of `hosts`, `ip_address` and `regexp` defined.
+domains:
+ bazarr:
+ hosts: 'bazarr bazarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26671
+ regexp: '# Bazarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/bazarr/{{ theme_park_theme }}.css'
+ cockpit:
+ hosts: 'cockpit cockpit.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ port: 9090
+ proxy_file: proxy-ws.conf
+ regexp: '# Cockpit'
+ transport: https
+ cups:
+ hosts: 'cups printers printers.{{ internal_domain }}'
+ ip_address: '{{ workstation_ip_address }}'
+ port: 631
+ proxy_file: proxy-cups.conf
+ regexp: '# CUPS'
+ transport: https
+ grafana:
+ hosts: 'grafana grafana.{{ internal_domain }}'
+ ip_address: '{{ cluster_ip_address }}'
+ regexp: '# Grafana'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/grafana/{{ theme_park_theme }}.css'
+ healthchecks:
+ dns_record: health
+ dns_zone: '{{ internal_domain }}'
+ hosts: 'healthchecks health health.{{ public_domain }}'
+ ip_address: '{{ status_ip_address }}'
+ port: 26798
+ regexp: '# Healthchecks'
+ heimdall:
+ hosts: 'heimdall home home.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 29915
+ regexp: '# Heimdall'
+ jackett:
+ hosts: 'jackett jackett.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26673
+ regexp: '# Jackett'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/jackett/{{ theme_park_theme }}.css'
+ kodi:
+ hosts: 'kodi kodi.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26674
+ regexp: '# Kodi'
+ lidarr:
+ hosts: 'lidarr lidarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26676
+ regexp: '# Lidarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/lidarr/{{ theme_park_theme }}.css'
+ localhost:
+ hosts: localhost
+ ip_address: 127.0.0.1
+ regexp: '# Localhost'
+ maas:
+ firewall: true
+ hosts: 'maas maas.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ port: 5240
+ regexp: '# MAAS'
+ malaptop:
+ hostname: MALaptop
+ hosts: 'malaptop laptop.{{ internal_domain }}'
+ ip_address: '{{ malaptop_ip_address }}'
+ regexp: '# Laptop'
+ netboot:
+ hosts: 'netboot netboot.{{ internal_domain }}'
+ ip_address: '{{ netboot_ip_address }}'
+ port: 3000
+ regexp: '# NetbootXYZ'
+ netbootassets:
+ hosts: 'netbootassets netbootassets.{{ internal_domain }}'
+ ip_address: '{{ netboot_ip_address }}'
+ port: 80
+ regexp: '# Assets4XYZ'
+ nuc:
+ hostname: NUC
+ hosts: 'nuc nuc.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ regexp: '# NUC'
+ nzbget:
+ hosts: 'nzbget nzbget.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26678
+ regexp: '# NZBGet'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/nzbget/{{ theme_park_theme }}.css'
+ ombi:
+ hosts: 'ombi ombi.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26679
+ regexp: '# Ombi'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/ombi/{{ theme_park_theme }}.css'
+ organizr:
+ hosts: 'organizr organizr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26680
+ regexp: '# Organizr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/organizr/{{ theme_park_theme }}.css'
+ pfsense:
+ hosts: 'pfsense pfsense.{{ internal_domain }}'
+ hostname: pfSense
+ ip_address: '{{ firewall_ip_address }}'
+ regexp: '# pfSense'
+ plex:
+ hosts: 'plex plex.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 32400
+ regexp: '# Plex'
+ transport: https
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/plex/{{ theme_park_theme }}.css'
+ portainer:
+ hosts: 'portainer portainer.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ port: 26685
+ regexp: '# Portainer'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/portainer/{{ theme_park_theme }}.css'
+ radarr:
+ hosts: 'radarr radarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26681
+ regexp: '# Radarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/radarr/{{ theme_park_theme }}.css'
+ raspiboot:
+ hostname: RaspiBoot
+ hosts: 'boot boot.{{ internal_domain }}'
+ ip_address: '{{ netboot_ip_address }}'
+ regexp: '# RaspiBoot'
+ seconion:
+ hosts: 'seconion seconion.{{ internal_domain }}'
+ ip_address: '{{ seconion_ip_address }}'
+ regexp: '# Security Onion'
+ sonarr:
+ hosts: 'sonarr sonarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26682
+ regexp: '# Sonarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/sonarr/{{ theme_park_theme }}.css'
+ statping:
+ dns_record: status
+ dns_zone: '{{ public_domain }}'
+ hosts: 'statping status status.{{ public_domain }}'
+ ip_address: '{{ status_ip_address }}'
+ port: 26799
+ regexp: '# StatPing'
+ statuscheck:
+ dns_record: statuscheck
+ dns_zone: '{{ public_domain }}'
+ hostname: StatusCheck
+ hosts: 'statuscheck statuscheck.{{ public_domain }}'
+ ip_address: '{{ status_ip_address }}'
+ regexp: '# Status'
+ tautulli:
+ hosts: 'tautulli tautulli.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26683
+ regexp: '# Tautulli'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/tautulli/{{ theme_park_theme }}.css'
+ transmission:
+ hosts: 'transmission transmission.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26684
+ regexp: '# Transmission'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/transmission/{{ theme_park_theme }}.css'
+ unifihome:
+ auth: false
+ hosts: 'unifi.home unifi.home.{{ public_domain }}'
+ ip_address: '{{ upstream_ip_address }}'
+ port: 443
+ regexp: '# UniFi Home'
+ transport: https
+ unifilab:
+ auth: false
+ hosts: 'unifi.lab unifi.{{ internal_domain }}'
+ ip_address: '{{ firewall_ip_address }}'
+ port: 8443
+ regexp: '# UniFi Lab'
+ transport: https
+ workstation:
+ hostname: Workstation
+ hosts: 'workstation workstation.{{ internal_domain }}'
+ ip_address: '{{ workstation_ip_address }}'
+ regexp: '# Workstation'
+# @example #
+# domains:
+# cockpit:
+# # `auth` - Whether or not to guard the application with the SSO provider. This is `true` by default but needs to be set to
+# # false in some cases like when hosts need to be accessed by automated systems.
+# auth: true
+# # `hosts` - The domains you would like the app accessible by in browsers across your network.
+# hosts: 'cockpit cockpit.{{ internal_domain }}'
+# # `ip_address` - The IP address that the app is accessible on.
+# ip_address: '{{ controller_ip_address }}'
+# # `port` - The port on the localhost where the application is accessible
+# port: 2999
+# # `proxy_file` - Used when an app needs special NGINX proxy pass settings, like in the case of web sockets.
+# proxy_file: proxy-ws.conf
+# # `regexp` - A unique string used to identify lines in /etc/hosts that need to get updated when IP addresses change.
+# regexp: '# Cockpit'
+# # `transport` - Whenever possible, this should be set to `https`. When it is set to `https`, the NGINX proxy pass is made over HTTPS.
+# transport: https
+# statping:
+# # If CloudFlare is configured, the `dns_record` will be used to create a `status` CNAME on the `public_domain`, which is
+# # `megabyte.space` in this case.
+# dns_record: status
+# # The `dns_zone` is the CloudFlare DNS zone. This must be the root domain of the record you want to be automatically updated.
+# dns_zone: '{{ public_domain }}'
+# hosts: 'statping status status.{{ public_domain }}'
+# ip_address: '{{ status_ip_address }}'
+# regexp: '# StatPing'
+# raspiboot:
+# # The `hostname` must be assigned to the desired hostname for every target instance. In order to add a host to the `apps`
+# # variable, it needs to be defined with the fields in this example, at the minimum (i.e. `hostname`, `hosts`, `ip_address`,
+# # and `regexp`).
+# hostname: RaspiBoot
+# hosts: 'boot boot.{{ internal_domain }}'
+# ip_address: '{{ netboot_ip_address }}'
+# regexp: '# RaspiBoot'
+# @end
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/all/defaults.yml b/home/dot_local/share/ansible/environments/prod/group_vars/all/defaults.yml
new file mode 100644
index 00000000..d7807dc5
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/all/defaults.yml
@@ -0,0 +1,175 @@
+---
+default_dconf_settings:
+ - key: /org/gnome/desktop/background/picture-uri
+ value: "'file:///usr/share/backgrounds/brad-huchteman-stone-mountain.jpg'"
+ - key: /org/gnome/shell/favorite-apps
+ value: "['org.gnome.Nautilus.desktop', 'com.brave.Browser.desktop', 'io.gitlab.librewolf-community.desktop', 'com.vscodium.codium.desktop', 'org.ferdium.Ferdium.desktop', 'com.getmailspring.Mailspring.desktop', 'org.gnome.Terminal.desktop', 'tabby.desktop', 'vmware-workstation.desktop', 'org.gnome.Connections.desktop', 'org.standardnotes.standardnotes.desktop', 'com.bitwarden.desktop.desktop', 'portmaster.desktop', 'gnome-control-center.desktop']"
+ - key: /org/gnome/shell/disable-user-extensions
+ value: 'false'
+ - key: /org/gnome/shell/enabled-extensions
+ value: "['improved-workspace-indicator@michaelaquilina.github.io', 'ssm-gnome@lgiki.net', 'sound-output-device-chooser@kgshank.net', 'ProxySwitcher@flannaghan.com', 'IP-Finder@linxgem33.com', 'vlan-switcher@darcato.github.io', 'dash-to-dock@micxgx.gmail.com', 'drive-menu@gnome-shell-extensions.gcampax.github.com', 'places-menu@gnome-shell-extensions.gcampax.github.com', 'gsconnect@andyholmes.github.io', 'bluetooth-quick-connect@bjarosze.gmail.com', 'mprisindicatorbutton@JasonLG1979.github.io', 'startup-measure@marco.trevi.me', 'pano@elhan.io', 'mutter-primary-gpu@zaidka.github.io', 'appindicatorsupport@rgcjonas.gmail.com', 'user-theme@gnome-shell-extensions.gcampax.github.com']"
+ - key: /org/gnome/shell/extensions/dash-to-dock/dash-max-icon-size
+ value: '40'
+ - key: /org/gnome/desktop/session/idle-delay
+ value: '600'
+ - key: /org/gnome/desktop/privacy/report-technical-problems
+ value: 'false'
+ - key: /org/gnome/settings-daemon/plugins/power/sleep-inactive-ac-timeout
+ value: '3600'
+ - key: /org/gnome/settings-daemon/plugins/power/power-saver-profile-on-low-battery
+ value: 'true'
+ - key: /org/gnome/desktop/calendar/show-weekdate
+ value: 'true'
+ - key: /org/gnome/desktop/interface/clock-format
+ value: "'12h'"
+ - key: /org/gnome/desktop/interface/clock-show-seconds
+ value: 'true'
+ - key: /org/gnome/desktop/interface/clock-show-weekday
+ value: 'true'
+ - key: /org/gnome/desktop/interface/color-scheme
+ value: "'prefer-dark'"
+ - key: /org/gnome/desktop/interface/document-font-name
+ value: "'Zilla Slab Medium 11'"
+ - key: /org/gnome/desktop/interface/enable-hot-corners
+ value: 'true'
+ - key: /org/gnome/desktop/interface/font-antialiasing
+ value: "'rgba'"
+ - key: /org/gnome/desktop/interface/font-hinting
+ value: "'medium'"
+ - key: /org/gnome/desktop/interface/font-name
+ value: "'Montserrat Medium 11'"
+ - key: /org/gnome/desktop/interface/gtk-theme
+ value: "'Betelgeuse'"
+ - key: /org/gnome/desktop/interface/icon-theme
+ value: "'Betelgeuse'"
+ - key: /org/gnome/desktop/interface/monospace-font-name
+ value: "'Hack Nerd Font 11'"
+ - key: /org/gnome/desktop/privacy/old-files-age
+ value: 14
+ - key: /org/gnome/desktop/privacy/recent-files-max-age
+ value: '7'
+ - key: /org/gnome/desktop/privacy/remove-old-temp-files
+ value: 'true'
+ - key: /org/gnome/desktop/privacy/remove-old-trash-files
+ value: 'true'
+ - key: /org/gnome/desktop/privacy/report-technical-problems
+ value: 'false'
+ - key: /org/gnome/desktop/wm/preferences/titlebar-font
+ value: "'Montserrat Bold 11'"
+ - key: /org/gnome/settings-daemon/plugins/power/power-saver-profile-on-low-battery
+ value: 'true'
+ - key: /org/gnome/settings-daemon/plugins/power/sleep-inactive-ac-timeout
+ value: '3600'
+ - key: /org/gnome/settings-daemon/plugins/power/sleep-inactive-ac-type
+ value: "'nothing'"
+
+default_gnome_extensions:
+ # - url: https://extensions.gnome.org/extension/327/axe-menu/
+ # - url: https://extensions.gnome.org/extension/1176/argos/
+ - url: https://extensions.gnome.org/extension/615/appindicator-support/
+ regex: appindicator-support
+ - url: https://extensions.gnome.org/extension/19/user-themes/
+ regex: user-themes
+ settings:
+ - dconf write /org/gnome/shell/extensions/user-theme/name "'Betelgeuse'"
+ - url: https://extensions.gnome.org/extension/1319/gsconnect/
+ regex: gsconnect
+ settings:
+ - dconf write /org/gnome/shell/extensions/gsconnect/name "'Betelgeuse'"
+ - dconf write /org/gnome/shell/extensions/gsconnect/show-indicators true
+ - url: https://extensions.gnome.org/extension/4269/alphabetical-app-grid/
+ regex: AlphabeticalAppGrid@stuarthayhurst
+ settings:
+ - dconf write /org/gnome/shell/extensions/alphabetical-app-grid/sort-folder-contents true
+ - url: https://extensions.gnome.org/extension/307/dash-to-dock/
+ regex: dash-to-dock
+ settings:
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/animate-show-apps true
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/apply-custom-theme true
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/custom-theme-shrink true
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/dash-max-icon-size 30
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/disable-overview-on-startup true
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/dock-fixed false
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/dock-position "'BOTTOM'"
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/intellihide-mode "'FOCUS_APPLICATION_WINDOWS'"
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/preview-size-scale 0.45000000000000001
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/scroll-action "'cycle-windows'"
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/show-apps-at-top true
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/show-mounts-network false
+ - dconf write /org/gnome/shell/extensions/dash-to-dock/show-show-apps-button true
+ - url: https://extensions.gnome.org/extension/771/proxy-switcher/
+ regex: ProxySwitcher
+ - url: https://extensions.gnome.org/extension/3968/improved-workspace-indicator/
+ regex: improved-workspace-indicator
+ settings:
+ - dconf write /org/gnome/shell/extensions/improved-workspace-indicator/panel-position "'right'"
+ - url: https://extensions.gnome.org/extension/4506/simple-system-monitor/
+ regex: ssm-gnome
+ settings:
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/cpu-usage-text "'CPU'"
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/extension-order -50
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/extension-position "'center'"
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/font-family "'Hack Nerd Font'"
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/font-size 11
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/font-weight 400
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/is-cpu-usage-enable true
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/is-download-speed-enable true
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/is-memory-usage-enable true
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/is-upload-speed-enable true
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/memory-usage-text "'MEM'"
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/refresh-interval 3
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/show-extra-spaces true
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/show-percent-sign true
+ - dconf write /org/gnome/shell/extensions/simple-system-monitor/text-color "'#ffffff'"
+ - url: https://extensions.gnome.org/extension/906/sound-output-device-chooser/
+ regex: sound-output-device-chooser
+ settings:
+ - dconf write /org/gnome/shell/extensions/sound-output-device-chooser/hide-menu-icons true
+ - dconf write /org/gnome/shell/extensions/sound-output-device-chooser/hide-on-single-device true
+ - dconf write /org/gnome/shell/extensions/sound-output-device-chooser/icon-theme "'monochrome'"
+ - dconf write /org/gnome/shell/extensions/sound-output-device-chooser/integrate-with-slider true
+ - dconf write /org/gnome/shell/extensions/sound-output-device-chooser/omit-device-origins false
+ - url: https://extensions.gnome.org/extension/2983/ip-finder/
+ regex: IP-Finder
+ settings:
+ - dconf write /org/gnome/shell/extensions/public-ip-address/actors-in-panel "'Flag'"
+ - dconf write /org/gnome/shell/extensions/public-ip-address/panel-vpn-ip-addr-colors false
+ - dconf write /org/gnome/shell/extensions/public-ip-address/position-in-panel "'right'"
+ # Alternative to the full screen activities overview
+ # - url: https://extensions.gnome.org/extension/6/applications-menu/
+ # regex: apps-menu
+ - url: https://extensions.gnome.org/extension/3061/vlan-switcher/
+ regex: vlan-switcher
+ # Works but does not have that many features and the top bar is somewhat crowded on smaller screens
+ # - url: https://extensions.gnome.org/extension/1762/lan-ip-address/
+ # regex: lan-ip-address
+ - url: https://extensions.gnome.org/extension/7/removable-drive-menu/
+ regex: drive-menu
+ - url: https://extensions.gnome.org/extension/5087/startup-measure/
+ regex: startup-measure
+ - url: https://extensions.gnome.org/extension/8/places-status-indicator/
+ regex: places-menu
+ - url: https://extensions.gnome.org/extension/1379/mpris-indicator-button/
+ regex: mprisindicatorbutton
+ - url: https://extensions.gnome.org/extension/5218/mutter-primary-gpu/
+ regex: mutter-primary-gpu
+ - url: https://extensions.gnome.org/extension/1401/bluetooth-quick-connect/
+ regex: bluetooth-quick-connect
+ settings:
+ - dconf write /org/gnome/shell/extensions/bluetooth-quick-connect/bluetooth-auto-power-on true
+ - dconf write /org/gnome/shell/extensions/bluetooth-quick-connect/refresh-button-on true
+ - dconf write /org/gnome/shell/extensions/bluetooth-quick-connect/show-battery-value-on true
+ - url: https://extensions.gnome.org/extension/5278/pano/
+ regex: pano
+ settings:
+ - if command -v apt-get > /dev/null; then sudo apt-get install -y gir1.2-gda-5.0 gir1.2-gsound-1.0; fi
+ - if command -v dnf > /dev/null; then sudo dnf install -y libgda libgda-sqlite; fi
+ - if command -v yum > /dev/null; then sudo yum install -y libgda libgda-sqlite; fi
+ - if command -v pacman > /dev/null; then sudo pacman -Sy libgda; fi
+ - if command -v zypper > /dev/null; then sudo zypper install -y libgda-6_0-sqlite typelib-1_0-Gda-6_0 typelib-1_0-GSound-1_0; fi
+ - dconf write /org/gnome/shell/extensions/pano/database-location "\\\"$HOME/.local/share/pano\\\""
+ - dconf write /org/gnome/shell/extensions/pano/history-length 50
+ - dconf write /org/gnome/shell/extensions/pano/play-audio-on-copy true
+ - dconf write /org/gnome/shell/extensions/pano/session-only-mode true
+ # Set below to true if you want select text for copy
+ - dconf write /org/gnome/shell/extensions/pano/sync-primary false
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/all/general.yml b/home/dot_local/share/ansible/environments/prod/group_vars/all/general.yml
new file mode 100644
index 00000000..d75504b8
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/all/general.yml
@@ -0,0 +1,65 @@
+---
+# @var authorized_key_file: authorized_keys # The default authorized_keys file used for SSH.
+authorized_key_file: authorized_keys
+
+# @var certbot_admin_email: admin@example.com # The e-mail you would like associated with free Let's Encrypt SSL certificates.
+certbot_admin_email: '{{ admin_email }}'
+
+# @var certbot_certs: [] # An array of Let's Encrypt SSL request settings.
+certbot_certs: []
+# @example #
+# # In this example, every host that has the `certbot_certs` settings below will request wildcard domain certificates
+# # for all of the domains listed under `domains`. Let's Encrypt has rate-limits so make sure you do not provision
+# # a large number of hosts that are all requesting the same certificate over and over again. We used to do this but
+# # have moved towards implementing the SSL certificates on the firewall and then using HAProxy to send requests to their
+# # final destination over a ZeroTier connection over the LAN. This way, we mimic end-to-end encryption and only have one
+# # machine handling SSL certificates.
+# certbot_certs:
+# - email: '{{ cloudflare_email }}'
+# domains:
+# - '*.megabyte.space'
+# - '*.home.megabyte.space'
+# - '*.lab.megabyte.space'
+# @end
+
+# @var dns_provider: 1.1.1.1#cloudflare-dns.com # Default DNS-over-TLS address.
+dns_provider: 10.0.0.1#pfsense.lab.megabyte.space
+
+# @var dns_fallback_provider: 1.0.0.1#cloudflare-dns.com # Fallback DNS-over-TLS address.
+dns_fallback_provider: 10.0.0.1#pfsense.lab.megabyte.space
+
+# @var docker_users: [] # Array of users that should be able to access Docker with elevated permissions (e.g. sudo).
+docker_users:
+ - "{{ ansible_user | default(lookup('env', 'USER')) }}"
+
+_netdata_rooms:
+ do: 0f7a2d28-77c0-4eb1-970b-22405a3886f7
+ general: fb8e46ae-4354-454a-b676-46cda89c2e9b
+ james: 495e99ef-60b4-43a4-bb60-4e05accf58a2
+
+# @var netdata_rooms: {} # A mapping of VLAN IDs that correlate to [netdata](https://www.netdata.cloud/) rooms.
+netdata_rooms:
+ cloud: '{{ _netdata_rooms.do }}'
+ guest: '{{ _netdata_rooms.james }}'
+ iot: '{{ _netdata_rooms.james }}'
+ kubernetes: '{{ _netdata_rooms.james }}'
+ management: '{{ _netdata_rooms.james }}'
+ offline: '{{ _netdata_rooms.james }}'
+ unifi: '{{ _netdata_rooms.james }}'
+ work: '{{ _netdata_rooms.james }}'
+
+# @var security_autoupdate_mail_to: emailAddressString # The e-mail to notify when there is an issue with autoupdates.
+security_autoupdate_mail_to: '{{ admin_email }}'
+
+# @var ssh_global_keys: [] # List of SSH keys to include from `files/ssh/` as IdentityFiles (for all hosts)
+ssh_global_keys:
+ - id_ed25519_sk_yubi_nano
+ - id_ed25519_sk_yubi_nanoc_blue
+ - id_ed25519_sk_yubi_nfc_red
+ - id_ed25519_sk_yubi_nfc_yellow
+ - id_ed25519_sk_yubi_nano_auto_nopass_13147527
+ - id_ed25519_sk_yubi_nano_auto_nopass_13191326
+ - id_ed25519_sk_yubi_nano_auto_nopass_13196452
+ - id_ed25519_sk_yubi_nano_auto_pass_13147527
+ - id_ed25519_sk_yubi_nano_auto_pass_13191326
+ - id_ed25519_sk_yubi_nano_auto_pass_13196452
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/all/helm.yml b/home/dot_local/share/ansible/environments/prod/group_vars/all/helm.yml
new file mode 100644
index 00000000..05f22cd3
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/all/helm.yml
@@ -0,0 +1,155 @@
+---
+# yamllint disable rule:line-length
+# @var helm_charts: [] # Settings used for deploying Helm charts. The keys of the `helm_charts` object can be added as an app
+# to the `apps` variable (defined in `group_vars/all/apps.yml`) to deploy the application to your network stack.
+helm_charts:
+ # @helm [Argo](https://argoproj.github.io/cd/) | [GitHub](https://github.com/argoproj/argo-cd) | [Helm](https://github.com/argoproj/argo-helm) - ArgoCD is a declarative GitOps continuous delivery platform.
+ argo:
+ command: helm install argocd argo/argo-cd
+ repository: https://argoproj.github.io/argo-helm
+ repository_name: argo
+ # @helm [Budibase](https://budibase.com/) | [GitHub](https://github.com/Budibase/budibase) | [Helm](https://docs.budibase.com/docs/kubernetes-k8s) - Budibase is a platform that allows you to codelessly create internal apps in minutes.
+ budibase:
+ command: helm install --create-namespace --namespace budibase budibase budibase/budibase
+ repository: https://budibase.github.io/budibase/
+ repository_name: budibase
+ # @helm [Cert-Manager](https://cert-manager.io/) | [GitHub](https://github.com/cert-manager/cert-manager) | [Helm](https://cert-manager.io/docs/installation/helm/) - *Cert-Manager* is a powerful and extensible X.509 certificate controller.
+ cert-manager:
+ command: helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.8.0 --set installCRDs=true
+ repository: https://charts.jetstack.io
+ repository_name: jetstack
+ # @helm [Concourse](https://concourse-ci.org/) | [GitHub](https://github.com/concourse/concourse) | [Helm](https://github.com/concourse/concourse-chart) - Concourse is a sophisticated, open-source CI/CD platform that markets itself as, "the open-source continuous thing-doer."
+ concourse:
+ command: helm install concourse concourse/concourse
+ repository: https://concourse-charts.storage.googleapis.com/
+ repository_name: concourse
+ # @helm [Consul](https://www.consul.io/) | [GitHub](https://github.com/hashicorp/consul) | [Helm](https://www.consul.io/docs/k8s/installation/install) - HashiCorp Consul is a service networking solution to automate network configurations, discover services, and enable secure connectivity across any cloud or runtime.
+ consul:
+ command: helm install consul hashicorp/consul --set global.name=consul --create-namespace --namespace consul
+ repository: https://helm.releases.hashicorp.com
+ repository_name: hashicorp
+ # @helm [Drone](https://www.drone.io/) | [GitHub](https://github.com/harness/drone) | [Helm](https://github.com/drone/charts/blob/master/charts/drone/docs/install.md) - Drone is a simple, modern, multi-cloud-capable CI platform written in Go.
+ drone:
+ command: helm install --namespace drone drone drone/drone -f drone-values.yaml
+ repository: https://charts.drone.io
+ repository_name: drone
+ # @helm [Elastic ECK](https://www.elastic.co/) | [GitHub](https://github.com/elastic/cloud-on-k8s) | [Helm](https://www.elastic.co/guide/en/cloud-on-k8s/master/k8s-install-helm.html) - Elastic Cloud on Kubernetes (ECK) is the official operator by Elastic for automating the deployment, provisioning, management, and orchestration of Elasticsearch, Kibana, APM Server, Beats, Enterprise Search, Elastic Agent and Elastic Maps Server on Kubernetes.
+ elastic:
+ command: helm install elastic-operator elastic/eck-operator -n elastic-system --create-namespace
+ repository: https://helm.elastic.co
+ repository_name: elastic
+ # @helm [Falco](https://falco.org/) | [GitHub](https://github.com/falcosecurity/falco) | [Helm](https://github.com/falcosecurity/charts) - Falco is *the* cloud-native runtime security project.
+ falco:
+ command: helm install falco falcosecurity/falco
+ repository: https://falcosecurity.github.io/charts
+ repository_name: falcosecurity
+ # @helm [Fission](https://fission.io/) | [GitHub](https://github.com/fission/fission) | [Helm](https://fission.io/docs/installation/) - Fission is a framework for serverless functions on Kubernetes.
+ fission:
+ command: helm install --version v1.15.1 --namespace fission fission fission-charts/fission-all
+ repository: https://fission.github.io/fission-charts/
+ repository_name: fission-charts
+ # @helm [GitLab](https://about.gitlab.com/install/ce-or-ee/) | [GitHub](https://github.com/gitlabhq/gitlabhq) | [Helm](https://docs.gitlab.com/operator/installation.html#cluster) - GitLab is a single application that spans the entire software development lifecycle.
+ gitlab:
+ command: helm install gitlab-operator gitlab-operator/gitlab-operator --create-namespace --namespace gitlab-system
+ repository: https://gitlab.com/api/v4/projects/18899486/packages/helm/stable
+ repository_name: gitlab-operator
+ # @helm [GitLab Runner](https://docs.gitlab.com/runner/) | [GitHub](https://github.com/gitlabhq/gitlab-runner) | [Helm](https://docs.gitlab.com/runner/install/kubernetes.html) - This chart deploys an instance of GitLab runner to a Kubernetes cluster. GitLab runner allows you to attach container/VM instances to GitLab CI workflows.
+ gitlab-runner:
+ command: helm install --namespace gitlab-runner -f gitlab/gitlab-runner
+ repository: https://charts.gitlab.io
+ repository_name: gitlab
+ # @helm [Graylog](https://www.graylog.org/) | [GitHub](https://github.com/Graylog2/graylog2-server) | [Helm](https://github.com/KongZ/charts/tree/main/charts/graylog) - Graylog is a leading centralized log management solution for capturing, storing, and enabling real-time analysis of terabytes of machine data.
+ graylog:
+ command: |
+ helm repo add bitnami https://charts.bitnami.com/bitnami
+ helm repo add elastic https://helm.elastic.co
+ helm install --namespace graylog graylog kongz/graylog
+ repository: https://charts.kong-z.com
+ repository_name: kongz
+ # @helm [Knative](https://knative.dev/docs/) | [GitHub](https://github.com/knative/serving) | [Operator](https://knative.dev/docs/install/operator/knative-with-operators/) - Knative is an open-source Enterprise-level solution to build serverless and event-driven applications. It manages serverless containers in Kubernetes environments.
+ knative:
+ operator: https://github.com/knative/operator/releases/download/knative-v1.4.0/operator.yaml
+ # @helm [Kubeapps](https://kubeapps.com/) | [GitHub](https://github.com/vmware-tanzu/kubeapps) | [Helm](https://github.com/vmware-tanzu/kubeapps) - Kubeapps is a web-based UI for deploying and managing applications in Kubernetes clusters.
+ kubeapps:
+ command: helm install kubeapps --namespace kubeapps bitnami/kubeapps
+ repository: https://charts.bitnami.com/bitnami
+ repository_name: bitnami
+ # @helm [Kubernetes Dashboard](https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/) | [GitHub](https://github.com/kubernetes/dashboard) | [Helm](https://artifacthub.io/packages/helm/k8s-dashboard/kubernetes-dashboard) - Kubernetes Dashboard is a general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself.
+ kubernetes-dashboard:
+ command: helm install kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard
+ repository: https://kubernetes.github.io/dashboard/
+ repository_name: kubernetes-dashboard
+ # @helm [Linkerd](https://linkerd.io/) | [GitHub](https://github.com/linkerd/linkerd2) | [Helm](https://linkerd.io/2.10/tasks/install-helm/) - Linkerd is a service mesh that is ultra light, ultra simple, ultra powerful. According to their website, Linkerd adds security, observability, and reliability to Kubernetes, without the complexity.
+ linkerd:
+ command: |
+ if [[ "$OSTYPE" == "darwin"* ]]; then
+ CERT_EXP_DATE=$(date -v+8760H +"%Y-%m-%dT%H:%M:%SZ")
+ else
+ CERT_EXP_DATE=$(date -d '+8760 hour' +"%Y-%m-%dT%H:%M:%SZ")
+ fi
+ helm install linkerd2 --set-file identityTrustAnchorsPEM=ca.crt --set-file identity.issuer.tls.crtPEM=issuer.crt --set-file identity.issuer.tls.keyPEM=issuer.key --set identity.issuer.crtExpiry=$CERT_EXP_DATE linkerd/linkerd2
+ repository: https://helm.linkerd.io/stable
+ repository_name: linkered
+ # @helm [Loki](https://grafana.com/oss/loki/) | [GitHub](https://github.com/grafana/loki) | [Helm](https://grafana.com/docs/loki/latest/installation/microservices-helm/) - Grafana Loki is a horizontally scalable, highly available, multi-tenant log aggregation system inspired by Prometheus. It is designed to be very cost effective and easy to operate.
+ loki:
+ command: helm install loki-grafana grafana/grafana
+ repository: https://grafana.github.io/helm-charts
+ repository_name: grafana
+ # @helm [Minio](https://min.io/) | [GitHub](https://github.com/minio/minio) | [Helm](https://github.com/minio/minio/tree/master/helm/minio) - MinIO offers high-performance, S3 compatible object storage. Native to Kubernetes, MinIO is the only object storage suite available on every public cloud, every Kubernetes distribution, the private cloud and the edge.
+ minio:
+ command: helm install --namespace minio --set rootUser=rootuser,rootPassword=rootpass123 --generate-name minio/minio
+ repository: https://charts.min.io/
+ repository_name: minio
+ # @helm [n8n](https://n8n.io/) | [GitHub](https://github.com/n8n-io/n8n) | [Helm](https://artifacthub.io/packages/helm/open-8gears/n8n) - n8n is a free and open-source, self-hostable workflow automation tool that some consider to be a worthy replacement for IFTTT.
+ n8n:
+ command: helm install n8n open-8gears/n8n
+ repository: https://8gears.container-registry.com/chartrepo/library/
+ repository_name: open8-gears
+ # @helm [Prometheus Operator](https://prometheus-operator.dev/) | [GitHub](https://github.com/prometheus-operator/kube-prometheus) | [Helm](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack) - A stack that includes everything required for an HA Prometheus / Grafana setup with pre-configured cluster monitoring and charts. It can also be modified to be used for any purpose that Prometheus / Grafana might be used for.
+ prometheus:
+ command: helm install prometheus prometheus-community/kube-prometheus-stack
+ repository: https://prometheus-community.github.io/helm-charts
+ repository_name: prometheus-community
+ # @helm [Rancher](https://rancher.com/) | [GitHub](https://github.com/rancher/rancher) | [Helm](https://rancher.com/docs/rancher/v2.5/en/installation/install-rancher-on-k8s/) - Rancher is a complete software stack for teams adopting containers. It addresses the operational and security challenges of managing multiple Kubernetes clusters, while providing DevOps teams with integrated tools for running containerized workloads.
+ rancher:
+ command: |
+ # Missing several steps
+ helm install rancher rancher-latest/rancher --namespace cattle-system --set hostname=rancher.my.org --set replicas=3
+ repository: https://releases.rancher.com/server-charts/latest
+ repository_name: rancher-latest
+ # @helm [Sentry](https://sentry.io/welcome/) | [GitHub](https://github.com/getsentry/sentry) | [Helm](https://artifacthub.io/packages/helm/sentry/sentry) - Sentry is the leading open-source error logging application that tracks with full stacktraces & asynchronous context. Sentry's eco-system includes dozens of SDKs, written for many different languages/environments.
+ sentry:
+ command: helm install sentry sentry/sentry
+ repository: https://sentry-kubernetes.github.io/charts
+ repository_name: sentry
+ # @helm [Space Cloud](https://space-cloud.io/) | [GitHub](https://github.com/spacecloud-io/space-cloud) | [Helm](https://github.com/spacecloud-io/space-cloud/blob/master/install-manifests/helm/index.yaml) - Space Cloud is an open-source Kubernetes-based serverless platform with built-in security and instant GraphQL APIs for any database and microservice.
+ space-cloud:
+ command: |
+ git clone https://github.com/spacecloud-io/space-cloud.git
+ cd install-manifests/helm
+ helm install space-cloud .
+ # @helm [Thanos](https://thanos.io/) | [GitHub](https://github.com/thanos-io/thanos) | [Helm](https://artifacthub.io/packages/helm/bitnami/thanos) - Thanos is an open source, highly available Prometheus setup with long term storage capabilities.
+ thanos:
+ command: helm install thanos bitnami/thanos
+ repository: https://charts.bitnami.com/bitnami
+ repository_name: bitnami
+ # @helm [Vault](https://www.vaultproject.io/) | [GitHub](https://github.com/hashicorp/vault) | [Helm](https://www.vaultproject.io/docs/platform/k8s/helm) - HashiCorp Vault is a secrets management tool specifically designed to control access to sensitive credentials in a low-trust environment. It can be used to store sensitive values and at the same time dynamically generate access for specific services/applications on lease.
+ vault:
+ command: helm install vault hashicorp/vault
+ repository: https://helm.releases.hashicorp.com
+ repository_name: hashicorp
+ # @helm [VaultWarden](https://bitwarden.com/) | [GitHub](https://github.com/dani-garcia/vaultwarden) | [Helm](https://artifacthub.io/packages/helm/k8s-at-home/vaultwarden) - VaultWarden is an optimized, resource-efficient version of the open source BitWarden web app (a password management platform).
+ vaultwarden:
+ command: helm install vaultwarden k8s-at-home/vaultwarden
+ repository: https://k8s-at-home.com/charts/
+ repository_name: k8s-at-home
+ # @helm [Vector](https://vector.dev/) | [GitHub](https://github.com/vectordotdev/vector) | [Helm](https://vector.dev/docs/setup/installation/package-managers/helm/) - Vector is a lightweight, ultra-fast tool for building observability pipelines that lets you collect, transform, and route all your logs and metrics with one simple tool.
+ vector:
+ command: helm install vector vector/vector --namespace vector --create-namespace --values values.yaml
+ repository: https://helm.vector.dev
+ repository_name: vector
+ # @helm [velero](https://velero.io/) | [GitHub](https://github.com/vmware-tanzu/velero) | [Helm](https://vmware-tanzu.github.io/helm-charts/) - Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes.
+ velero:
+ command: helm install vmware-tanzu/velero --namespace -f values.yaml --generate-name
+ repository: https://vmware-tanzu.github.io/helm-charts
+ repository_name: vmware-tanzu
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/all/heroku.yml b/home/dot_local/share/ansible/environments/prod/group_vars/all/heroku.yml
new file mode 100644
index 00000000..48fbc87c
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/all/heroku.yml
@@ -0,0 +1,166 @@
+---
+# yamllint disable rule:line-length
+# @var heroku_dynos: [] # Settings used for deploying [Heroku](https://www.heroku.com/) dynos. The keys of the `heroku_dynos` can
+# be added to the `dynos` array to automatically deploy the apps after you have filled in the appropriate details specified below.
+heroku_dynos:
+ # @dynamo [Baserow](https://baserow.io/) | [GitHub](https://github.com/bram2w/baserow) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/bram2w/baserow/tree/master) | [Documentation](https://baserow.io/docs/installation%2Finstall-on-heroku) - Create your own online database without technical experience. Our user friendly no-code tool gives you the powers of a developer without leaving your browser.
+ baserow:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/bram2w/baserow/tree/master
+ domain: baserow.megabyte.space
+ variables:
+ BASEROW_PUBLIC_URL: https://baserow.megabyte.space
+ BASEROW_AMOUNT_OF_WORKERS: '1'
+ AWS_ACCESS_KEY_ID: The spaces API key.
+ AWS_SECRET_ACCESS_KEY: The spaces API secret key.
+ AWS_STORAGE_BUCKET_NAME: The name of your space.
+ AWS_S3_REGION_NAME: Name of the Digital Ocean spaces region (eg. ams3)
+ AWS_S3_ENDPOINT_URL: (eg. https://ams3.digitaloceanspaces.com)
+ AWS_S3_CUSTOM_DOMAIN: (eg. name-of-your-space.ams3.digitaloceanspaces.com)
+ # @dynamo [hasura](https://hasura.io/) | [GitHub](https://github.com/hasura/graphql-engine-heroku) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/hasura/graphql-engine-heroku/tree/master) | [Documentation](https://hasura.io/docs/latest) - Blazing fast, instant realtime GraphQL APIs on Postgres with fine grained access control, also trigger webhooks on database events.
+ hasura:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/hasura/graphql-engine-heroku
+ domain: hasura.megabyte.space
+ # @dynamo [metabase](https://www.metabase.com) | [GitHub](https://github.com/metabase/metabase) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/metabase/metabase-deploy) | [Documentation](https://www.metabase.com/docs) - Meet the easy, open source way for everyone in your company to ask questions and learn from data.
+ metabase:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/metabase/metabase-deploy
+ domain: metabase.megabyte.space
+ # @dynamo [chatwoot](https://www.chatwoot.com) | [GitHub](https://github.com/chatwoot/chatwoot) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/chatwoot/chatwoot/tree/master) | [Documentation](https://www.chatwoot.com/docs/product) - Open-source customer engagement suite, an alternative to Intercom, Zendesk, Salesforce Service Cloud etc.
+ chatwoot:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/chatwoot/chatwoot/tree/master
+ domain: chatwoot.megabyte.space
+ variables:
+ FRONTEND_URL: https://chatwoot.megabyte.space
+ INSTALLATION_ENV: heroku
+ RACK_ENV: production
+ RAILS_ENV: production
+ REDIS_OPENSSL_VERIFY_MODE: none
+ # @dynamo [url-to-pdf-api](https://github.com/alvarcarto/url-to-pdf-api) | [GitHub](https://github.com/alvarcarto/url-to-pdf-api) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/alvarcarto/url-to-pdf-api) | [Documentation]() - Web page PDF/PNG rendering done right. Self-hosted service for rendering receipts, invoices, or any content
+ urltopdf:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/alvarcarto/url-to-pdf-api
+ domain: urltopdf.megabyte.space
+ variables:
+ ALLOW_HTTP: false
+ API_TOKENS: ''
+ # @dynamo [whoogle](pypi.org/project/whoogle-search/) | [GitHub](https://github.com/benbusby/whoogle-search) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/benbusby/whoogle-search/tree/main) | [Documentation](https://github.com/benbusby/whoogle-search) - A self-hosted, ad-free, privacy-respecting metasearch engine
+ whoogle:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/benbusby/whoogle-search/tree/main
+ domain: whoogle.megabyte.space
+ variables:
+ WHOOGLE_ALT_IG: farside.link/bibliogram/u
+ WHOOGLE_ALT_IMG: farside.link/rimgo
+ WHOOGLE_ALT_MD: farside.link/scribe
+ WHOOGLE_ALT_RD: farside.link/libreddit
+ WHOOGLE_ALT_TL: farside.link/lingva
+ WHOOGLE_ALT_TW: farside.link/nitter
+ WHOOGLE_ALT_WIKI: farside.link/wikiless
+ WHOOGLE_ALT_YT: farside.link/invidious
+ WHOOGLE_CONFIG_ALTS: ''
+ WHOOGLE_CONFIG_BLOCK: ''
+ WHOOGLE_CONFIG_COUNTRY: countryUS
+ WHOOGLE_CONFIG_DISABLE: ''
+ WHOOGLE_CONFIG_GET_ONLY: ''
+ WHOOGLE_CONFIG_LANGUAGE: lang_en
+ WHOOGLE_CONFIG_NEAR: ''
+ WHOOGLE_CONFIG_NEW_TAB: ''
+ WHOOGLE_CONFIG_SAFE: ''
+ WHOOGLE_CONFIG_SEARCH_LANGUAGE: lang_en
+ WHOOGLE_CONFIG_STYLE: ':root { /* LIGHT THEME COLORS */ --whoogle-background: #d8dee9; --whoogle-accent: #2e3440; --whoogle-text: #3B4252; --whoogle-contrast-text: #eceff4; --whoogle-secondary-text: #70757a; --whoogle-result-bg: #fff; --whoogle-result-title: #4c566a; --whoogle-result-url: #81a1c1; --whoogle-result-visited: #a3be8c; /* DARK THEME COLORS */ --whoogle-dark-background: #222; --whoogle-dark-accent: #685e79; --whoogle-dark-text: #fff; --whoogle-dark-contrast-text: #000; --whoogle-dark-secondary-text: #bbb; --whoogle-dark-result-bg: #000; --whoogle-dark-result-title: #1967d2; --whoogle-dark-result-url: #4b11a8; --whoogle-dark-result-visited: #bbbbff; }'
+ WHOOGLE_CONFIG_THEME: system
+ WHOOGLE_CONFIG_TOR: ''
+ WHOOGLE_CONFIG_VIEW_IMAGE: ''
+ WHOOGLE_MINIMAL: ''
+ WHOOGLE_PASS: ''
+ WHOOGLE_PROXY_LOC: ''
+ WHOOGLE_PROXY_PASS: ''
+ WHOOGLE_PROXY_TYPE: ''
+ WHOOGLE_PROXY_USER: ''
+ WHOOGLE_URL_PREFIX: /whoogle
+ WHOOGLE_USER: ''
+ # @dynamo [nocodb](https://nocodb.com/) | [GitHub](https://github.com/nocodb/nocodb) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/nocodb/nocodb-seed-heroku) | [Documentation](https://docs.nocodb.com/) - Open Source Airtable Alternative - turns any MySQL, Postgres, SQLite into a Spreadsheet with REST APIs
+ nocodb:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/nocodb/nocodb-seed-heroku
+ domain: nocodb.megabyte.space
+ variables:
+ NC_ONE_CLICK: true
+ NODE_TLS_REJECT_UNAUTHORIZED: '0'
+ AWS_ACCESS_KEY_ID: S3 access key id
+ AWS_SECRET_ACCESS_KEY: S3 secret access key
+ AWS_BUCKET: S3 bucket
+ AWS_BUCKET_PATH: S3 bucket path (like folder within S3 bucket)
+ # @dynamo [ghost-on-heroku](https://github.com/cobyism/ghost-on-heroku) | [GitHub](https://github.com/cobyism/ghost-on-heroku) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/cobyism/ghost-on-heroku/tree/master) - One-button Heroku deploy for the Ghost blogging platform
+ ghostonheroku:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/cobyism/ghost-on-heroku
+ domain: ghost.megabyte.space
+ variables:
+ PUBLIC_URL: https://ghost.megabyte.space
+ S3_ACCESS_KEY_ID: S3 access key id
+ S3_ACCESS_SECRET_KEY: S3 secret access key
+ S3_ASSET_HOST_URL: e.g https://my.custom.domain/
+ S3_BUCKET_NAME: S3 bucket
+ S3_BUCKET_REGION: S3 bucket region (e.g. us-east-1)
+ # @dynamo [tooljet](https://www.tooljet.com/) | [GitHub](https://github.com/tooljet/tooljet) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/tooljet/tooljet/tree/main) | [Documentation](https://docs.tooljet.com/docs/) - Extensible low-code framework for building business applications. Connect to databases, cloud storages, GraphQL, API endpoints, Airtable, etc and build apps using drag and drop application builder. Built using JavaScript/TypeScript.
+ tooljet:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/tooljet/tooljet/tree/main
+ domain: tooljet.megabyte.space
+ variables:
+ DEPLOYMENT_PLATFORM: heroku
+ DISABLE_MULTI_WORKSPACE: false
+ DISABLE_SIGNUPS: false
+ LOCKBOX_MASTER_KEY: m@s73rk8s
+ NODE_ENV: production
+ NODE_OPTIONS: --max-old-space-size=4096
+ SECRET_KEY_BASE: SomeC0m6l00
+ TOOLJET_HOST: https://tooljet.herokuapp.com
+ TOOLJET_SERVER_URL: https://tooljet.herokuapp.com
+ # @dynamo [appsmith](https://www.appsmith.com/) | [GitHub](https://github.com/appsmithorg/appsmith) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/appsmithorg/appsmith/tree/master) | [Documentation](https://docs.appsmith.com/) - A powerful open source framework to build internal tools
+ appsmith:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/appsmithorg/appsmith/tree/master
+ domain: appsmith.megabyte.space
+ variables:
+ APPSMITH_DISABLE_TELEMETRY: true
+ APPSMITH_ENCRYPTION_PASSWORD: 'kna%si*sj19lk>0s'
+ APPSMITH_ENCRYPTION_SALT: 'm,a-01s'
+ APPSMITH_MONGODB_URI: mongo.example.com
+ APPSMITH_SUPERVISOR_PASSWORD: "sdf'6as9I1a"
+ # @dynamo [directus](https://directus.io) | [GitHub](https://github.com/directus-community/heroku-template) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/directus-community/heroku-template/tree/master) | [Documentation](https://docs.directus.io/) - Power any project with a modern, open source data platform
+ directus:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/directus-community/heroku-template
+ domain: directus.megabyte.space
+ variables:
+ ACCESS_TOKEN_TTL: 15m
+ ADMIN_EMAIL: admin@email.com
+ ADMIN_PASSWORD: RandomPasword$
+ CACHE_ENABLED: true
+ CACHE_NAMESPACE: cache
+ CACHE_STORE: redis
+ CONFIG_PATH: /app/directus.config.js
+ DB_CLIENT: pg
+ EMAIL_SMTP_HOST: smtp.example.com
+ EMAIL_SMTP_POOL: true
+ EMAIL_SMTP_PORT: '587'
+ EMAIL_SMTP_SECURE: false
+ EMAIL_TRANSPORT: smtp
+ EXTENSIONS_PATH: /app/extensions
+ OAUTH_PROVIDERS: ''
+ PUBLIC_URL: /
+ RATE_LIMITER_DURATION: '1'
+ RATE_LIMITER_ENABLED: true
+ RATE_LIMITER_KEY_PREFIX: rate-limitter
+ RATE_LIMITER_POINTS: '30'
+ RATE_LIMITER_STORE: redis
+ REFRESH_TOKEN_COOKIE_SAME_SITE: true
+ REFRESH_TOKEN_COOKIE_SECURE: true
+ REFRESH_TOKEN_TTL: 7d
+ STORAGE_CLOUD_BUCKET: your-bucket
+ STORAGE_CLOUD_DRIVER: s3
+ STORAGE_CLOUD_ENDPOINT: https://nyc3.digitaloceanspaces.com
+ STORAGE_CLOUD_KEY: your-s3-key-id
+ STORAGE_CLOUD_PUBLIC_URL: https://your-bucket.nyc3.digitaloceanspaces.com
+ STORAGE_CLOUD_REGION: nyc3
+ STORAGE_CLOUD_ROOT: /
+ STORAGE_CLOUD_SECRET: your-s3-secret-key
+ STORAGE_LOCATIONS: cloud
+ # @dynamo [manet]https://github.com/vbauer/manet) | [GitHub](https://github.com/vbauer/manet) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/vbauer/manet) - Website screenshot service powered by Node.js, SlimerJS and PhantomJS
+ manet:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/vbauer/manet
+ domain: manet.megabyte.space
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/all/software.yml b/home/dot_local/share/ansible/environments/prod/group_vars/all/software.yml
new file mode 100644
index 00000000..c303947c
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/all/software.yml
@@ -0,0 +1,909 @@
+---
+# eslint-disable max-lines
+# yamllint disable rule:line-length
+# yamllint disable rule:max-lines
+
+# ########## TAGGING INSTRUCTIONS ##########
+# Each package should have a comment above it. The tags are at the beginning and can be any combination of the following:
+#
+# @ binary - All of the packages in this list will have the binary tag
+# @ cli - If the package is intended to be utilized from the terminal, add the @ cli tag
+# @ application - If the package is intended to be used as a desktop app, add the @ application tag
+# @ tui - TODO If the package is a @ cli but is intended to be used visually from a terminal (instead of inside scripts), then add the @ tui tag.
+# All @ tui should have the @ cli tag
+# @ service - TODO If the package launches any service when first run or installed, then add the @service tag
+# @ menubar - If the package is a menubar application, then add the @ menubar tag. A @ menubar application will always also have the @ application tag
+# @ binarycli - Should accompany any @ cli tags in this file
+# @ binaryapp - Should accompany any @ application tags in this file
+#
+# @installoption apk: package_name # Package name in the official/default APK repositories. This method is listed for completeness
+# @installoption apt: package_name # Package name in the official/default APT repositories. External repositories are not supported
+# @installoption binary: url # URL to the executable file
+# @installoption brew: package_name OR `example/example/package_name` # Homebrew macOS package name, include full address if not in the official registry
+# @installoption cargo: package_name # Cargo package name
+# @installoption choco: package_name # Chocolatey package name
+# @installoption dnf: package_name # Package name in the official/default DNF/YUM repositories. External repositories are not supported
+# @installoption exe: url # URL to the executable file (Windows only)
+# @installoption github: github_address # GitHub address (e.g. github.com/altair-graphql/altair). Installation is performed using the role `githubbinary`
+# @installoption go: go_github_address # Go GitHub address (e.g. github.com/nektos/act@latest)
+# @installoption pacman: package_name # Package name in the official/default Archlinux compatible repositories
+# @installoption ports: package_name # macOS port package name (installed via `sudo port install package_name`)
+# @installoption pkg: package_name # Package name in the official/default BSD repositories. This method is listed for completeness
+# @installoption scoop: package_name # Windows scoop package name (installed via `scoop install package_name`)
+# @installoption snap: package_name # Package name as shown in snapcraft.io
+# @installoption yay: package_name # Archlinux yay package name (installed via `yay -S package_name` from AUR)
+# ########## END TAGGING INSTRUCTIONS ##########
+
+# @var software_package: [] # `software_package` contains installation definitions for software that can be installed by simply adding the
+# data keys of the software you would like to install to a variable named `software`. It is leveraged by the `roles/helper/installer` role
+# which includes the ability to specify which installation methods to try first.
+software_package:
+ # @binarycli @binary @cli [act](https://github.com/nektos/act) - To run Github Actions locally
+ act:
+ brew: act
+ choco: act-cli
+ go: github.com/nektos/act@latest
+ ports: act
+ scoop: act
+ yay: act
+ # @binaryapp @binary @application [Altair](https://github.com/altair-graphql/altair) - A beautiful feature-rich GraphQL Client for all platforms
+ altair:
+ cask: altair-graphql-client
+ choco: altair-graphql
+ github: github.com/altair-graphql/altair
+ snap: altair
+ yay: altair
+ # @binarycli @binary @cli [argo](https://argoproj.github.io) - ArgoCD is a declarative GitOps continuous delivery platform.
+ argocli:
+ brew: argocd
+ github: https://github.com/argoproj/argo-workflows
+ # @binarycli @binary @cli [azure-functions-core-tools](https://github.com/Azure/azure-functions-core-tools) - A local development experience for creating, developing, testing, running, and debugging Azure Functions
+ azurefunctions:
+ brew: azure/functions/azure-functions-core-tools@4
+ choco: azure-functions-core-tools
+ github: github.com/Azure/azure-functions-core-tools
+ npm: azure-functions-core-tools@4
+ # @binarycli @binary @cli [bandwhich](https://github.com/imsnif/bandwhich) - Terminal bandwidth utilization tool
+ bandwhich:
+ brew: bandwhich
+ github: github.com/imsnif/bandwhich
+ pacman: bandwhich
+ pkg: bandwhich
+ # @binarycli @binary @cli [bane](https://github.com/genuinetools/bane) - Custom & better AppArmor profile generator for Docker containers
+ bane:
+ github: github.com/genuinetools/bane
+ go: github.com/genuinetools/bane@latest
+ # @binarycli @binary @cli [bat](https://github.com/sharkdp/bat) - Clone of cat(1) with syntax highlighting and Git integration
+ bat:
+ apk: bat
+ brew: bat
+ cargo: bat
+ choco: bat
+ github: bat
+ pacman: bat
+ scoop: bat
+ # @binaryapp @binary @application [Betwixt](https://github.com/kdzwinel/betwixt) - Web Debugging Proxy based on Chrome DevTools Network panel
+ betwixt:
+ github: github.com/kdzwinel/betwixt
+ # @binarycli @binary @cli [bin](https://github.com/marcosnils/bin) - Effortless binary manager
+ bin:
+ github: github.com/marcosnils/bin
+ go: github.com/marcosnils/bin@latest
+ # @binaryapp @binary @application [BitWarden](https://github.com/bitwarden/desktop) - The desktop vault (Windows, macOS, & Linux)
+ bitwarden:
+ cask: bitwarden
+ choco: bitwarden
+ github: github.com/bitwarden/desktop
+ snap: bitwarden
+ yay: bitwarden-git
+ # @binarycli @binary @cli [bivac](https://github.com/camptocamp/bivac) - Backup Interface for Volumes Attached to Containers
+ bivac:
+ github: github.com/camptocamp/bivac
+ # go: github.com/camptocamp/bivac@latest # Failure: "module declares its path as: github.com/sirupsen/logrus but was required as: github.com/Sirupsen/logrus"
+ # @binarycli @binary @cli [boilr](https://github.com/tmrts/boilr) - boilerplate template manager that generates files or directories from template repositories
+ boilr:
+ github: github.com/tmrts/boilr
+ go: github.com/tmrts/boilr@latest
+ # @binarycli @binary @cli [budibase-cli](https://github.com/Budibase/budibase) - The Budibase CLI is how you initialise, manage and update your Budibase installation
+ budibase-cli:
+ github: github.com/Budibase/budibase
+ npm: '@budibase/cli'
+ # @binarycli @binary @cli [captain](https://github.com/jenssegers/captain) - Helps manage docker-compose.yml files from anywhere in the file system
+ captain:
+ github: github.com/jenssegers/captain
+ # @binaryapp @binary @application @service [Cerebro](https://github.com/cerebroapp/cerebro) - Open-source productivity booster with a brain
+ cerebro:
+ cask: cerebro
+ choco: cerebro
+ github: github.com/cerebroapp/cerebro
+ yay: cerebro
+ # @binarycli @binary @cli [clair](https://github.com/quay/clair) - Vulnerability Static Analysis for Containers
+ clair:
+ brew: clair
+ github: github.com/quay/clair
+ # @binarycli @binary @cli [cloudflared](https://github.com/cloudflare/cloudflared) - Cloudflare Tunnel client
+ cloudflared:
+ brew: cloudflare/cloudflare/cloudflared
+ github: github.com/cloudflare/cloudflared
+ # @binarycli @binary @cli [cmctl](https://cert-manager.io/docs/usage/cmctl/) - A CLI tool that can help you to manage cert-manager resources inside your cluster
+ cmctl:
+ github: github.com/cert-manager/cert-manager
+ # @binarycli @binary @cli [confd](https://github.com/kelseyhightower/confd) - Manage local application configuration files using templates and data from etcd or consul
+ confd:
+ brew: confd
+ choco: confd
+ github: github.com/kelseyhightower/confd
+ yay: confd
+ # @binarycli @binary @cli [consul-cli](https://github.com/mantl/consul-cli) - Command line interface to Consul HTTP API
+ consul-cli:
+ github: github.com/mantl/consul-cli
+ # @binarycli @binary @cli [croc](https://github.com/schollz/croc) - Easily and securely send things from one computer to another
+ croc:
+ brew: croc
+ choco: croc
+ github: github.com/schollz/croc
+ go: github.com/schollz/croc/v9@latest
+ pacman: croc
+ pkg: croc
+ scoop: croc
+ # @binarycli @binary @cli [ctop](https://github.com/bcicen/ctop) - Top-like interface for container metrics
+ ctop:
+ brew: ctop
+ github: github.com/bcicen/ctop
+ yay: ctop-bin
+ # @binaryapp @binary @application @menubar [Cumulus](https://github.com/gillesdemey/Cumulus) - A SoundCloud player that lives in the menubar
+ cumulus:
+ cask: cumulus
+ github: github.com/gillesdemey/Cumulus
+ # @binarycli @binary @cli [curator](https://www.elastic.co/guide/en/elasticsearch/client/curator) - Elasticsearch Curator helps you curate, or manage, your Elasticsearch indices and snapshots
+ curator:
+ pip: elasticsearch-curator
+ # @binarycli @binary @cli [dasel](https://github.com/TomWright/dasel) - Select, put and delete data from JSON, TOML, YAML, XML and CSV files with a single tool
+ dasel:
+ brew: dasel
+ github: github.com/TomWright/dasel
+ go: github.com/tomwright/dasel/cmd/dasel@master
+ # @binarycli @binary @cli [dat](https://github.com/datproject/dat) - Peer-to-peer sharing & live syncronization of files via command line
+ dat:
+ github: github.com/dat-ecosystem-archive/dat
+ npm: dat@next
+ # @binaryapp @binary @application [Dat Desktop](https://github.com/datproject/dat-desktop) - Peer to peer data syncronization
+ dat-desktop:
+ cask: dat
+ github: github.com/datproject/dat-desktop
+ # @binarycli @binary @cli [delta](https://github.com/dandavison/delta) - A syntax-highlighting pager for git and diff output
+ delta:
+ brew: git-delta
+ cargo: git-delta
+ choco: delta
+ dnf: git-delta
+ github: github.com/dandavison/delta
+ pacman: git-delta
+ pkg: git-delta
+ scoop: delta
+ # @binarycli @binary @cli [dive](https://github.com/wagoodman/dive) - A tool for exploring each layer in a docker image
+ dive:
+ brew: dive
+ github: github.com/wagoodman/dive
+ go: github.com/wagoodman/dive@latest
+ yay: dive
+ # @binarycli @binary @cli [desed](https://github.com/SoptikHa2/desed) - Debugger for Sed: demystify and debug the sed scripts, from comfort of terminal
+ desed: # Name of package - this should only be used for the TUI
+ cargo: desed # Cargo package installable via `cargo install desed`
+ dnf: desed # dnf package for Fedora
+ github: github.com/SoptikHa2/desed # GitHub link - populate if the repository has releases
+ pkg: desed # FreeBSD pkg name for future FreeBSD support
+ # @binarycli @binary @cli [deta](https://github.com/deta/deta-cli) - Command line interface for managing Deta micros and deployments
+ deta:
+ github: github.com/deta/deta-cli
+ # @binarycli @binary @cli [direnv](https://github.com/direnv/direnv) - Extension to load and unload environment variables depending on the current directory
+ direnv:
+ apt: direnv
+ brew: direnv
+ github: github.com/direnv/direnv
+ # @binarycli @binary @cli [docker-slim](https://github.com/docker-slim/docker-slim) - Extension to minify and secure Docker images
+ docker-slim:
+ brew: docker-slim
+ dnf: golang-github-docker-slim
+ github: github.com/docker-slim/docker-slim
+ yay: docker-slim
+ # @binarycli @binary @cli [dockle](https://github.com/goodwithtech/dockle) - Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
+ dockle:
+ brew: goodwithtech/r/dockle
+ github: github.com/goodwithtech/dockle
+ yay: dockle-bin
+ # @binarycli @binary @cli [doctl](https://github.com/digitalocean/doctl) - The official command line interface for the DigitalOcean API
+ doctl:
+ brew: doctl
+ github: github.com/digitalocean/doctl
+ pacman: doctl
+ pkg: doctl
+ snap: doctl
+ # @binarycli @binary @cli [dog](https://github.com/ogham/dog) - A command-line DNS client
+ dog:
+ brew: dog
+ github: github.com/ogham/dog
+ pacman: dog
+ pkg: dog
+ # @binarycli @binary @cli [drone](https://github.com/harness/drone-cli) - The Drone command line tools are used to interact with the Drone from the command line, and provide important utilities for managing users and repository settings
+ drone:
+ brew: drone/drone/drone
+ github: github.com/harness/drone-cli
+ scoop: drone
+ # @binarycli @binary @cli [duf](https://github.com/muesli/duf) - Disk Usage/Free Utility - a better 'df' alternative
+ duf:
+ brew: duf
+ choco: duf
+ github: github.com/muesli/duf
+ pacman: duf
+ pkg: duf
+ scoop: duf
+ snap: duf-utility
+ # @binarycli @binary @cli [dust](https://github.com/bootandy/dust) - A more intuitive version of du in rust
+ dust:
+ apk: dust
+ github: github.com/bootandy/dust
+ pacman: dust
+ # @binarycli @binary @cli [envconsul](https://github.com/hashicorp/envconsul) - Launch a subprocess with environment variables using data from @hashicorp Consul and Vault
+ envconsul:
+ github: github.com/hashicorp/envconsul
+ # @binarycli @binary @cli [etcd](https://github.com/etcd-io/etcd) - Distributed reliable key-value store for the most critical data of a distributed system
+ etcd:
+ apt: etcd
+ brew: etcd
+ choco: etcd
+ github: github.com/etcd-io/etcd
+ yum: etcd
+ yay: etcd
+ # @binarycli @binary @cli [fd](https://github.com/sharkdp/fd) - A simple, fast and user-friendly alternative to 'find'
+ fd:
+ apk: fd
+ apt: fd-find
+ brew: fd
+ cargo: fd-find
+ choco: fd
+ github: github.com/sharkdp/fd
+ pacman: fd
+ pkg: fd
+ scoop: fd
+ # @binary [felony](https://github.com/henryboldi/felony) - An open-source pgp keychain built on the modern web with Electron, React, and Redux
+ # felony:
+ # github: github.com/henryboldi/felony
+ # @binarycli @binary @cli [ffsend](https://github.com/timvisee/ffsend) - Easily and securely share files from the command line, a fully featured Firefox Send client
+ ffsend:
+ apk: ffsend
+ brew: ffsend
+ github: github.com/timvisee/ffsend
+ pkg: ffsend
+ scoop: ffsend
+ snap: ffsend
+ yay: ffsend
+ # @binarycli @binary @cli @webapp [filebrowser](https://github.com/filebrowser/filebrowser) - Web file browser
+ filebrowser:
+ brew: filebrowser/tap/filebrowser
+ github: github.com/filebrowser/filebrowser
+ # @binary [Fission](https://fission.io/) - Fission CLI helps you to operate Fission
+ fission:
+ github: github.com/fission/fission
+ # @binary [fly](https://concourse-ci.org/) - CLI to manage Concourse CI installation
+ fly:
+ brew: fly
+ github: https://github.com/concourse/concourse
+ yay: fly-cli
+ # @binarycli @binary @cli [fm](https://github.com/knipferrc/fm) - Terminal file manager
+ fm:
+ github: github.com/knipferrc/fm
+ go: github.com/knipferrc/fm@latest
+ # @binarycli @binary @cli [fq](https://github.com/wader/fq) - jq for binary formats
+ fq:
+ apk: fq
+ brew: wader/tap/fq
+ go: github.com/wader/fq@latest
+ github: github.com/wader/fq
+ pacman: fq
+ scoop: fq
+ # @binarycli @binary @cli [fselect](https://github.com/jhspetersson/fselect) - Extension to find files with SQL-like queries
+ fselect:
+ brew: fselect
+ choco: fselect
+ cargo: fselect
+ github: github.com/jhspetersson/fselect
+ yay: fselect
+ # @binarycli @binary @cli [Fuego](https://github.com/sgarciac/fuego) - Fuego is a command line client for the firestore database
+ fuego:
+ github: github.com/sgarciac/fuego
+ snap: fuego
+ # @binaryapp @binary @application @service [Google Assistant Unofficial Desktop Client](https://github.com/Melvin-Abraham/Google-Assistant-Unofficial-Desktop-Client) - A cross-platform unofficial Google Assistant Client for Desktop
+ g-assist:
+ snap: g-assist
+ github: github.com/Melvin-Abraham/Google-Assistant-Unofficial-Desktop-Client
+ # @binarycli @binary @cli [gdrive](https://github.com/prasmussen/gdrive) - Google Drive CLI Client
+ gdrive:
+ brew: gdrive
+ github: github.com/prasmussen/gdrive
+ yay: gdrive
+ # @binarycli @binary @cli [ghorg](https://github.com/gabrie30/ghorg) - Quickly clone an entire org/users repositories into one directory - Supports GitHub, GitLab, Bitbucket, and more
+ ghorg:
+ github: github.com/gabrie30/ghorg
+ yay: ghorg
+ # @binaryapp @binary @application @menubar [Gitify](https://github.com/manosim/gitify) - GitHub notifications on the menu bar
+ gitify:
+ cask: gitify
+ github: github.com/manosim/gitify
+ yay: gitify-bin
+ # @binarycli @binary @cli [gitleaks](https://github.com/zricethezav/gitleaks) - Extension to scan git repos (or files) for secrets using regex and entropy
+ gitleaks:
+ brew: gitleaks
+ github: github.com/zricethezav/gitleaks
+ pkg: gitleaks
+ yay: gitleaks
+ # @binarycli @binary @cli [gitomatic](https://github.com/muesli/gitomatic) - A tool to monitor git repositories and automatically pull & push changes
+ gitomatic:
+ github: github.com/muesli/gitomatic
+ # @binarycli @binary @cli [glab](https://github.com/profclems/glab) - An open-source GitLab command line tool bringing GitLab's cool features to your command line
+ glab:
+ apk: glab
+ brew: glab
+ github: github.com/profclems/glab
+ scoop: glab
+ snap: glab
+ yay: gitlab-glab-bin
+ # @binarycli @binary @cli [glow](https://github.com/charmbracelet/glow) - Glow is a terminal based markdown reader designed from the ground up to bring out the beauty—and power—of the CLI
+ glow:
+ brew: glow
+ github: github.com/charmbracelet/glow
+ pkg: glow
+ scoop: glow
+ yay: glow
+ # @binarycli @binary @cli [gojq](https://github.com/itchyny/gojq) - gojq is a pure Go implementation of jq that is mostly backwards compatible (but not completely)
+ gojq:
+ brew: gojq
+ github: github.com/itchyny/gojq
+ go: github.com/itchyny/gojq@latest
+ # @binarycli @binary @cli [go-chromecast](https://github.com/vishen/go-chromecast) - CLI for Google Chromecast, Home devices and Cast Groups
+ go-chromecast:
+ github: github.com/vishen/go-chromecast
+ go: github.com/vishen/go-chromecast@latest
+ # @binarycli @binary @cli [gping](https://github.com/orf/gping) - Ping, but with a graph
+ gping:
+ brew: gping
+ cargo: gping
+ choco: gping
+ github: github.com/orf/gping
+ scoop: gping
+ pacman: gping
+ # @binarycli @binary @cli [grex](https://github.com/pemistahl/grex) - A command-line tool and library for generating regular expressions from user-provided test cases
+ grex:
+ brew: grex
+ cargo: grex
+ choco: grex
+ github: github.com/pemistahl/grex
+ scoop: grex
+ # @binarycli @binary @cli [gron](https://github.com/tomnomnom/gron) - Extension to make JSON greppable
+ gron:
+ brew: gron
+ github: github.com/tomnomnom/gron
+ go: github.com/tomnomnom/gron@latest
+ # @binarycli @binary @cli [hclq](https://github.com/mattolenik/hclq) - Command-line processor for HashiCorp config files, like sed for HCL — Terraform, Consul, Nomad, Vault
+ hclq:
+ github: github.com/mattolenik/hclq
+ go: github.com/mattolenik/hclq@latest
+ # @binarycli @binary @cli [hexyl](https://github.com/sharkdp/hexyl) - A command-line hex viewer
+ hexyl:
+ apt: hexyl
+ brew: hexyl
+ cargo: hexyl
+ github: github.com/sharkdp/hexyl
+ pacman: hexyl
+ pkg: hexyl
+ scoop: hexyl
+ snap: hexyl
+ # @binarycli @binary @cli [hey](https://github.com/rakyll/hey) - HTTP load generator, ApacheBench (ab) replacement, formerly known as rakyll/boom
+ hey:
+ brew: hey
+ github: github.com/rakyll/hey
+ # @binarycli @binary @cli [hostctl](https://github.com/guumaster/hostctl) - This tool gives more control over the use of hosts file
+ hostctl:
+ brew: guumaster/tap/hostctl
+ github: github.com/guumaster/hostctl
+ scoop: hostctl
+ yay: hostctl
+ # @binarycli @binary @cli [htmlq](https://github.com/mgdm/htmlq) - A lightweight and flexible command-line JSON processor for HTML
+ htmlq:
+ brew: htmlq
+ cargo: htmlq
+ github: github.com/mgdm/htmlq
+ # @binarycli @binary @cli [hyperfine](https://github.com/sharkdp/hyperfine) - A command-line benchmarking tool
+ hyperfine:
+ apk: hyperfine
+ brew: hyperfine
+ cargo: hyperfine
+ choco: hyperfine
+ dnf: hyperfine
+ github: github.com/sharkdp/hyperfine
+ pacman: hyperfine
+ pkg: hyperfine
+ # @binarycli @binary @cli [jiq](https://github.com/fiatjaf/jiq) - Create jq queries interactively by leveraging a live reload feature in the terminal
+ jiq:
+ github: github.com/fiatjaf/jiq/cmd/jiq
+ go: github.com/fiatjaf/jiq/cmd/jiq@latest
+ # @binaryapp @binary @application [Jitsi Meet Electron](https://github.com/jitsi/jitsi-meet-electron) - Desktop application for Jitsi Meet built with Electron
+ jitsi-meet-electron:
+ cask: jisti-meet
+ choco: jitsi-meet-electron
+ github: github.com/jitsi/jitsi-meet-electron
+ pkg: jisti-meet
+ yay: jitsi-meet-desktop-bin
+ # @binarycli @binary @cli [jo](https://github.com/jpmens/jo) - JSON output from a shell
+ jo:
+ brew: jo
+ apt: jo
+ snap: jo
+ github: github.com/jpmens/jo
+ pkg: jo
+ scoop: jo
+ yay: jo
+ # @binarycli @binary @cli [jq](https://github.com/stedolan/jq) - Command-line JSON processor
+ jq:
+ brew: jq
+ choco: jq
+ apk: jq
+ apt: jq
+ dnf: jq
+ github: github.com/stedolan/jq
+ pkg: jq
+ # @binarycli @binary @cli [kdash](https://github.com/kdash-rs/kdash) - A simple and fast dashboard for Kubernetes
+ kdash:
+ brew: kdash-rs/kdash/kdash
+ cargo: kdash
+ choco: kdash
+ github: github.com/kdash-rs/kdash
+ scoop: kdash
+ # @binarycli @binary @cli [kn](https://github.com/knative/client) - The Knative CLI (kn) provides a quick and easy interface for creating Knative resources, such as Knative Services and Event Sources
+ kn:
+ brew: kn
+ github: github.com/knative/client
+ yay: knative-client-bin
+ # @binarycli @binary @cli [kubenav](https://github.com/kubenav/kubenav) - kubenav is the navigator for your Kubernetes clusters right in your pocket
+ kubenav:
+ github: github.com/kubenav/kubenav
+ yay: kubenav-bin
+ # @binarycli @binary @cli [license](https://github.com/nishanths/license) - Command-line license text generator
+ license:
+ go: github.com/nishanths/license@latest
+ yay: nishanths-license-git
+ # @binarycli @binary @cli @service [linkerd2](https://github.com/linkerd/linkerd2) - Linkerd is an ultralight, security-first service mesh for Kubernetes
+ linkerd2:
+ brew: linkerd
+ github: github.com/linkerd/linkerd2
+ yay: linkerd
+ # @binarycli @binary @cli [linuxkit](https://github.com/linuxkit/linuxkit) - A toolkit for building secure, portable and lean operating systems for containers
+ linuxkit:
+ brew: linuxkit/linuxkit/linuxkit
+ github: github.com/linuxkit/linuxkit
+ # @binarycli @binary @cli [logcli](https://github.com/grafana/loki) - Run LogQL queries against a Loki server
+ logcli:
+ brew: logcli
+ github: github.com/grafana/loki
+ yay: logcli-git
+ # @binaryapp @binary @application [Manta](https://github.com/hql287/Manta) - Flexible invoicing desktop app with beautiful & customizable templates
+ manta:
+ cask: manta
+ github: github.com/hql287/Manta
+ # @binaryapp @binary @application [MarkText](https://github.com/marktext/marktext) - A simple and elegant markdown editor, available for Linux, macOS and Windows
+ mark-text:
+ cask: mark-text
+ choco: marktext
+ github: github.com/marktext/marktext
+ yay: marktext
+ # @binaryapp @binary @application [MassCode](https://github.com/antonreshetov/massCode) - A free and open source code snippets manager for developers
+ masscode:
+ cask: masscode
+ github: github.com/antonreshetov/massCode
+ # @binarycli @binary @cli [mc](https://github.com/minio/mc) - MinIO Client is a replacement for ls, cp, mkdir, diff and rsync commands for filesystems and object storage
+ mc:
+ brew: minio/stable/mc
+ binary: https://dl.min.io/client/mc/release/linux-amd64/mc
+ exe: https://dl.min.io/client/mc/release/windows-amd64/mc.exe
+ go: github.com/minio/mc@latest
+ # @binarycli @binary @cli [mergestat](https://github.com/mergestat/mergestat) - Query git repositories with SQL. Generate reports, perform status checks, analyze codebases
+ mergestat:
+ brew: mergestat/mergestat/mergestat
+ github: github.com/mergestat/mergestat
+ # @binaryapp @binary @application [MJML App](https://github.com/mjmlio/mjml-app) - The desktop app for MJML
+ mjml-app:
+ github: github.com/mjmlio/mjml-app
+ # @binarycli @binary @cli [mkcert](https://github.com/FiloSottile/mkcert) - A simple zero-config tool to make locally trusted development certificates with any names
+ mkcert:
+ brew: mkcert
+ choco: mkcert
+ github: github.com/FiloSottile/mkcert
+ pacman: mkcert
+ scoop: mkcert
+ # @binaryapp @binary @application [Mockoon](https://github.com/mockoon/mockoon) - Mockoon is the easiest and quickest way to run mock APIs locally. No remote deployment, no account required, open source
+ mockoon:
+ cask: mockoon
+ choco: mockoon
+ github: github.com/mockoon/mockoon
+ snap: mockoon
+ yay: mockoon-bin
+ # @binarycli @binary @cli [mole](https://github.com/davrodpin/mole) - CLI application to create ssh tunnels focused on resiliency and user experience
+ mole:
+ brew: davrodpin/homebrew-mole/mole
+ github: github.com/davrodpin/mole
+ yay: mole-bin
+ # @binaryapp @binary @application [Motrix](https://github.com/agalwood/Motrix) - A full-featured download manager
+ motrix:
+ cask: motrix
+ choco: motrix
+ github: github.com/agalwood/Motrix
+ scoop: motrix
+ yay: motrix-bin
+ # @binaryapp @binary @application [MQTT X](https://github.com/emqx/MQTTX) - MQTT X - Elegant Cross-platform MQTT 5.0 Desktop Client
+ mqttx:
+ cask: mqttx
+ github: github.com/emqx/MQTTX
+ snap: mqttx
+ yay: mqttx-bin
+ # @binarycli @binary @cli [muffet](https://github.com/raviqqe/muffet) - Fast website link checker in Go
+ muffet:
+ brew: muffet
+ github: github.com/raviqqe/muffet
+ go: github.com/raviqqe/muffet/v2@latest
+ yay: muffet-bin
+ # @binaryapp @binary @application [Mullvad VPN](https://github.com/mullvad/mullvadvpn-app) - The Mullvad VPN client app for desktop and mobile
+ mullvad-vpn:
+ cask: mullvadvpn
+ github: github.com/mullvad/mullvadvpn-app
+ yay: mullvad-vpn
+ # @binarycli @binary @cli [nebula](https://github.com/slackhq/nebula) - A scalable overlay networking tool
+ nebula:
+ github: github.com/slackhq/nebula
+ pacman: nebula
+ # @binarycli @binary @cli [nnn](https://github.com/jarun/nnn) - A full-featured terminal file manager
+ nnn:
+ apk: nnn
+ apt: nnn
+ brew: nnn
+ github: github.com/jarun/nnn
+ pacman: nnn
+ pkg: nnn
+ # @binarycli @binary @cli [node-prune](https://github.com/tj/node-prune) - Extension to remove unnecessary files from node_modules
+ node-prune:
+ github: github.com/tj/node-prune
+ go: github.com/tj/node-prune@latest
+ # @binarycli @binary @cli [nomino](https://github.com/yaa110/nomino) - Batch rename utility for developers
+ nomino:
+ cargo: nomino
+ github: github.com/yaa110/nomino
+ yay: nomino
+ # @binaryapp @binary @application [Nuclear](https://github.com/nukeop/nuclear) - Streaming music player that finds free music
+ nuclear:
+ cask: nuclear
+ choco: nuclear
+ github: github.com/nukeop/nuclear
+ snap: nuclear
+ yay: nuclear-player-bin
+ # @binarycli @binary @cli [osquery](https://github.com/osquery/osquery) - SQL powered operating system instrumentation, monitoring, and analytics
+ osquery:
+ cask: osquery
+ choco: osquery
+ github: github.com/osquery/osquery
+ yay: osquery-git
+ # @binarycli @binary @cli [ots](https://github.com/sniptt-official/ots) - Share end-to-end encrypted secrets with others via a one-time URL
+ ots:
+ brew: ots
+ github: github.com/sniptt-official/ots
+ go: github.com/sniptt-official/ots@latest
+ # @binarycli @binary @cli [oq](https://github.com/Blacksmoke16/oq) - A performant, and portable jq wrapper to facilitate the consumption and output of formats other than JSON; using jq filters to transform the data
+ oq:
+ brew: oq
+ github: github.com/Blacksmoke16/oq
+ snap: oq
+ yay: oq
+ # @binarycli @binary @cli [page-fetch](https://github.com/detectify/page-fetch) - Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files
+ page-fetch:
+ go: github.com/detectify/page-fetch@latest
+ # @binarycli @binary @cli [pass](https://www.passwordstore.org/) - Password manager
+ pass:
+ apt: pass
+ brew: pass
+ pacman: pass
+ pkg: password-store
+ yum: pass
+ # @binarycli @binary @cli [pastel](https://github.com/sharkdp/pastel) - A command-line tool to generate, analyze, convert and manipulate colors
+ pastel:
+ brew: pastel
+ cargo: pastel
+ github: github.com/sharkdp/pastel
+ snap: pastel
+ yay: pastel
+ # @binarycli @binary @cli [peco](https://github.com/peco/peco) - Simplistic interactive filtering tool
+ peco:
+ apt: peco
+ brew: peco
+ choco: peco
+ github: github.com/peco/peco
+ pacman: peco
+ # @binarycli @binary @cli [pony](https://github.com/jessfraz/pony) - Local file-based password, API key, secret, recovery code store backed by GPG
+ pony:
+ github: github.com/jessfraz/pony
+ go: github.com/jessfraz/pony@latest
+ # @binaryapp @binary @application @menubar [Pretzel](https://github.com/amiechen/pretzel) - Pretzel is Mac desktop app that shows and find keyboard shortcuts based on your current app
+ pretzel:
+ github: github.com/amiechen/pretzel
+ # @binarycli @binary @cli [procs](https://github.com/dalance/procs) - A modern replacement for ps written in Rust
+ procs:
+ apk: procs
+ brew: procs
+ cargo: procs
+ dnf: procs
+ github: github.com/dalance/procs
+ pacman: procs
+ scoop: procs # For Windows
+ snap: procs
+ # @binarycli @binary @cli [psu](https://github.com/greenled/portainer-stack-utils) - CLI client for Portainer
+ psu:
+ github: github.com/greenled/portainer-stack-utils
+ # @binarycli @binary @cli [pup](https://github.com/ericchiang/pup) - Parsing HTML at the command line
+ pup:
+ brew: pup
+ github: github.com/ericchiang/pup
+ go: github.com/ericchiang/pup@latest
+ # @binarycli @binary @cli [q](https://github.com/harelba/q) - Run SQL directly on CSV or TSV files
+ q:
+ brew: q
+ github: github.com/harelba/q
+ # @binaryapp @binary @application [raindrop](https://raindrop.io) - All-in-one bookmark manager
+ raindrop:
+ cask: raindropio
+ github: github.com/raindropio/desktop
+ # @binarycli @binary @cli [rancher](https://github.com/rancher/cli) - The Rancher Command Line Interface (CLI) is a unified tool for interacting with your Rancher Server
+ rancher:
+ brew: rancher-cli
+ github: github.com/rancher/cli
+ yay: rancher-cli-bin
+ # @binaryapp @binary @application [Responsively](https://github.com/responsively-org/responsively-app) - A modified web browser that helps in responsive web development
+ responsively:
+ cask: responsively
+ choco: responsively
+ github: github.com/responsively-org/responsively-app
+ # @binarycli @binary @cli [rip](https://github.com/nivekuil/rip) - A safe and ergonomic alternative to rm
+ rip:
+ brew: rm-improved
+ cargo: rm-improved
+ github: github.com/nivekuil/rip
+ yay: rm-improved
+ # @binaryapp @binary @application [RunJS](https://github.com/lukehaas/RunJS) - A JavaScript playground that auto-evaluates as you type
+ runjs:
+ cask: runjs
+ choco: runjs
+ github: github.com/lukehaas/RunJS
+ # snap: runjs # Not in the Stable Channel yet
+ yay: runjs-bin
+ # @binarycli @binary @cli [s5cmd](https://github.com/peak/s5cmd) - Parallel S3 and local filesystem execution tool with benchmarks that show it is the fastest S3 downloader
+ s5cmd:
+ brew: peak/tap/s5cmd
+ github: github.com/peak/s5cmd
+ go: github.com/peak/s5cmd@latest
+ # @binarycli @binary @cli [schema](https://github.com/Confbase/schema) - A tool to infer and instantiate schemas and translate between data formats
+ schema:
+ go: github.com/Confbase/schema
+ # @binarycli @binary @cli [scrcpy](https://github.com/Genymobile/scrcpy) - Display and control your Android device
+ scrcpy:
+ apt: scrcpy
+ brew: scrcpy
+ choco: scrcpy
+ dnf: scrcpy
+ github: github.com/Genymobile/scrcpy
+ pkg: scrcpy
+ snap: scrcpy
+ yay: scrcpy
+ # @binaryapp @binary @application [Scrcpy GUI](https://github.com/Tomotoes/scrcpy-gui) - A simple & beautiful GUI application for scrcpy
+ scrcpy-gui:
+ github: github.com/Tomotoes/scrcpy-gui
+ # @binarycli @binary @cli [sd](https://github.com/chmln/sd) - Intuitive find & replace CLI (sed alternative)
+ sd:
+ apk: sd # Include information about apk releases for possible future Alpine support
+ brew: sd # Brew package name
+ cargo: sd
+ choco: sd-cli # Choco package name
+ dnf: sd
+ github: github.com/chmln/sd
+ pacman: sd # pacman release for Archlinux
+ pkg: sd
+ # @binarycli @binary @cli [sentry-cli](https://github.com/getsentry/sentry-cli/) - sentry-cli can connect to the Sentry API and manage some data for your projects
+ sentry-cli:
+ brew: getsentry/tools/sentry-cli
+ github: github.com/getsentry/sentry-cli
+ npm: '@sentry/cli'
+ scoop: sentry-cli
+ yay: sentry-cli-bin
+ # @binarycli @binary @cli [sftpgo](https://github.com/drakkan/sftpgo) - Fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support - S3, Google Cloud Storage, Azure Blob
+ sftpgo:
+ brew: sftpgo
+ choco: sftpgo
+ github: github.com/drakkan/sftpgo
+ pkg: sftpgo
+ yay: sftpgo-bin
+ # @binarycli @binary @cli [shfmt](https://github.com/mvdan/sh/) - A shell parser, formatter, and interpreter with bash support; includes shfmt
+ shfmt:
+ apk: shfmt
+ brew: shfmt
+ github: github.com/mvdan/sh/
+ go: mvdan.cc/sh/v3/cmd/shfmt@latest
+ pacman: shfmt
+ pkg: shfmt
+ scoop: shfmt
+ snap: shfmt
+ # @binarycli @binary @cli [skm](https://github.com/TimothyYe/skm) - A simple and powerful SSH keys manager
+ skm:
+ brew: timothyye/tap/skm
+ github: github.com/TimothyYe/skm
+ go: github.com/TimothyYe/skm/cmd/skm@latest
+ # @binaryapp @binary @application [Skype](https://www.skype.com) - Skype is for connecting with the people that matter most in your life and work
+ skype:
+ cask: skype
+ choco: skype
+ snap: skype
+ # @binaryapp @binary @application [Slack](https://slack.com/) - Transform the way that you work with one place for everyone and everything that you need to get things done
+ slack:
+ cask: slack
+ choco: slack
+ snap: slack
+ # @binaryapp @binary @application [SQLectron](https://github.com/sqlectron/sqlectron-gui) - A simple and lightweight SQL client desktop with cross database and platform support
+ sqlectron:
+ cask: sqlectron
+ github: github.com/sqlectron/sqlectron-gui
+ yay: sqlectron-gui
+ # @binarycli @binary @cli [ssh-vault](https://github.com/ssh-vault/ssh-vault) - Encrypt/decrypt using ssh keys
+ ssh-vault:
+ brew: ssh-vault
+ github: github.com/ssh-vault/ssh-vault
+ # @binarycli @binary @cli [ssl-proxy](https://github.com/suyashkumar/ssl-proxy) - Simple zero-config SSL reverse proxy with real autogenerated certificates
+ ssl-proxy:
+ github: github.com/suyashkumar/ssl-proxy
+ # @binaryapp @binary @application [SwitchHosts](https://github.com/oldj/SwitchHosts) - Extension to switch hosts
+ switchhosts:
+ github: github.com/oldj/SwitchHosts
+ # @binarycli @binary @cli [sync-ssh-keys](https://github.com/samber/sync-ssh-keys) - Sync public ssh keys to ~/.ssh/authorized_keys, based on Github/Gitlab organization membership
+ sync-ssh-keys:
+ github: github.com/samber/sync-ssh-keys
+ yay: sync-ssh-keys-bin
+ # @binarycli @binary @cli [sysbench](https://github.com/akopytov/sysbench) - System performance benchmark tool
+ sysbench:
+ apk: sysbench
+ apt: sysbench
+ brew: sysbench
+ dnf: sysbench
+ pacman: sysbench
+ pkg: sysbench
+ # @binarycli @binary @cli [sysget](https://github.com/emilengler/sysget) - One package manager to rule them all
+ sysget:
+ github: github.com/Eugeny/tabby
+ make:
+ mac: |
+ make
+ sudo make install
+ # @binaryapp @binary @application [Tabby](https://github.com/Eugeny/tabby) - A terminal for a more modern age
+ tabby:
+ cask: tabby
+ choco: tabby
+ github: github.com/Eugeny/tabby
+ # @binarycli @binary @cli [Task](https://github.com/go-task/task) - A task runner / simpler Make alternative written in Go
+ task:
+ brew: go-task/tap/go-task
+ choco: go-task
+ go: github.com/go-task/task/v3/cmd/task@latest
+ github: github.com/go-task/task
+ scoop: task
+ # snap: task
+ # yay: taskfile-git
+ # @binarycli @binary @cli [Teleport](https://github.com/gravitational/teleport) - Modern SSH server for teams managing distributed infrastructure
+ teleport:
+ brew: teleport
+ pkg: teleport
+ yay: teleport-bin
+ # @binarycli @binary @cli [teller](https://github.com/tellerops/teller) - Cloud native secrets management for developers - never leave your command line for secrets
+ teller:
+ brew: spectralops/tap/teller
+ github: github.com/tellerops/teller
+ # @binarycli @binary @cli [tflint](https://github.com/terraform-linters/tflint) - A Pluggable Terraform Linter
+ tflint:
+ brew: tflint
+ choco: tflint
+ github: github.com/terraform-linters/tflint
+ # @binarycli @binary @cli [tilt](https://github.com/tilt-dev/tilt) - Define your dev environment as code. For microservice apps on Kubernetes
+ tilt:
+ brew: tilt
+ github: github.com/tilt-dev/tilt
+ yay: tilt-bin
+ # @binaryapp @binary @application [Temps](https://github.com/jackd248/temps) - Simple menubar application based on Electron with actual weather information and forecast
+ temps:
+ github: github.com/jackd248/temps
+ # @binarycli @binary @cli [tokei](https://github.com/XAMPPRocky/tokei) - Tokei is a program that displays statistics about the code
+ tokei:
+ apk: tokei
+ brew: tokei
+ cargo: tokei
+ dnf: tokei
+ github: github.com/XAMPPRocky/tokei
+ pacman: tokei
+ pkg: tokei
+ scoop: tokei
+ # @binarycli @binary @cli [transfer](https://github.com/rinetd/transfer) - Converts from one encoding to another
+ transfer:
+ github: github.com/rinetd/transfer
+ go: github.com/rinetd/transfer@latest
+ # @binarycli @binary @cli [trivy](https://github.com/aquasecurity/trivy) - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
+ trivy:
+ github: github.com/aquasecurity/trivy
+ yay: trivy-bin
+ # @binarycli @binary @cli [up](https://github.com/akavel/up) - Ultimate Plumber is a tool for writing Linux pipes with instant live preview
+ up:
+ brew: up
+ github: github.com/akavel/up
+ pkg: up
+ yay: up
+ # @binarycli @binary @cli [vault](https://vaultproject.io/) - HashiCorp Vault is a secrets management tool specifically designed to control access to sensitive credentials in a low-trust environment. It can be used to store sensitive values and at the same time dynamically generate access for specific services/applications on lease
+ vault:
+ brew: hashicorp/tap/vault
+ yay: vault-cli
+ # @binarycli @binary @cli[Vector](https://vector.dev/) /) - Vector is a lightweight, ultra-fast tool for building observability pipelines that lets you collect, transform, and route all your logs and metrics with one simple tool.
+ vector:
+ brew: vectordotdev/brew/vector
+ # @binarycli @binary @cli [velero](https://velero.io/) | - Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes.
+ velero:
+ brew: velero
+ choco: velero
+ github: github.com/vmware-tanzu/velero
+ yay: velero-bin
+ # @binaryapp @binary @application [Udemy Course Downloader](https://github.com/FaisalUmair/udemy-downloader-gui) - A desktop application for downloading Udemy Courses
+ udemy-downloader-gui:
+ github: github.com/FaisalUmair/udemy-downloader-gui
+ # @binarycli @binary @cli [waypoint](https://github.com/hashicorp/waypoint) - A tool to build, deploy, and release any application on any platform
+ waypoint:
+ brew: hashicorp/tap/waypoint
+ github:
+ scoop: waypoint
+ # @binarycli @binary @cli [websocat](https://github.com/vi/websocat) - CLI for interacting with web sockets
+ websocat:
+ brew: websocat
+ cargo: --features=ssl websocat
+ github: github.com/vi/websocat
+ pkg: websocat
+ port: websocat
+ # @binaryapp @binary @application [WebTorrent Desktop](https://github.com/webtorrent/webtorrent-desktop) - Streaming torrent app for Mac, Windows, and Linux
+ webtorrent:
+ cask: webtorrent
+ choco: webtorrent-desktop
+ github: github.com/webtorrent/webtorrent-desktop
+ yay: webtorrent-desktop
+ # @binarycli @binary @cli [whaler](https://github.com/P3GLEG/Whaler) - Whaler takes a Docker image and attempts to reverse engineer the Dockerfile that created it
+ whaler:
+ github: github.com/P3GLEG/Whaler
+ # @binarycli @binary @cli [winrm-cli](https://github.com/masterzen/winrm-cli) - Command-line tool to remotely execute commands on Windows machines through WinRM
+ winrm-cli:
+ make:
+ mac: make
+ linux: make
+ yay: winrm-cli-git
+ # @binarycli @binary @cli [wkhtmltopdf](https://github.com/wkhtmltopdf/wkhtmltopdf) - Convert HTML to PDF using Webkit (QtWebKit)
+ wkhtmltopdf:
+ apt: wkhtmltopdf
+ cask: wkhtmltopdf
+ choco: wkhtmltopdf
+ github: github.com/wkhtmltopdf/wkhtmltopdf
+ pacman: wkhtmltopdf
+ # @binarycli @binary @cli [xurls](https://github.com/mvdan/xurls) - Extract urls from text
+ xurls:
+ go: mvdan.cc/xurls/v2/cmd/xurls@latest
+ github: github.com/mvdan/xurls
+ # @binarycli @binary @cli [yq](https://github.com/mikefarah/yq) - Process YAML documents from the CLI
+ yq:
+ brew: yq
+ choco: yq
+ apk: yq
+ github: github.com/stedolan/jq
+ go: github.com/mikefarah/yq/v4@latest
+ snap: yq
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/all/vault.yml b/home/dot_local/share/ansible/environments/prod/group_vars/all/vault.yml
new file mode 100644
index 00000000..9a5e71b2
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/all/vault.yml
@@ -0,0 +1,156 @@
+$ANSIBLE_VAULT;1.1;AES256
+37376563623439653632326331386134376131623634326538633838393638613063646239663237
+3231346536363338373230323635663631376631303865360a373230613233306566353037646663
+37333939316363636531663137653431326666323535623135663366363864663031643561323463
+3863306533376135320a363930373063653162633034633061323066306130393463316364333435
+30633030666538333766393566333833356336386564323838366435613735313338656363623633
+39633837653365666266393435653532653535633265636636383039306534306461663539653633
+35393730316336646561323736326237636531383731313137386263313030646362343432303330
+36316533356164643633653936323237646264303637396663326439616637313464376531383930
+31356630326438386364326332643463313936656633633139333264353134313730666131306366
+38326663386238383831666162633036336234323237623936363466306364356631343933323537
+65626436666266396363633163613964343266643463623936313930386537313332366365396161
+34633566663536323930613265656164373330633666656137363038313565636562336431353637
+32633838636366336334666165633538633065663463303062346364316439386436346431303238
+33366230306132656466346433343837363163333563346331623835366463646236653637396131
+66656463653064393136643561623937303464323732343136663062636564373532316431363539
+38363030313333656436396634616264376532386435373565396134353063353166626661346166
+34363831336461333833646262636332656666346336343337623331643565643766306538306231
+31643762643766616136616637636537356436333363393735373933373338396562386166623063
+39623730656362633036363233366434343362633232353431393561323433633263393434376530
+34626635626466303664626366653363333633386232356234383131376665643832613064376435
+35626663326138656437326235626133666133656563343330616137303961663861316638356235
+65363465656434613365633266333237306235343433316438633761366338323838313564613330
+64386139353764316331663537363763626133653866373562396264623532363365353835633439
+36333534356433666336623539633333623035653032366166643035343333346230303663326464
+36356237663031393839303033383132313336313936363537386234383735343961323433656465
+33353735356530666437623666333337653962616566303532346530386562306165323637303861
+33323533323836636236643863663931326263343566363638616634386362623639306533666433
+35353837333233353665633238656665363337326438303864343066333635653332626165363338
+37663362363736313936366238636231393732366135343530306134313062366361363561663663
+62666266633563646561616637313563363934613438353666666266386566343964663332613437
+65626336313638303531396164623063623566383633623265616332646564306565366335303666
+61333832653764363562396337663830656132663630353938636132303930633230353639373637
+30383062393561316138653235343863653262303064643531613433663531626333626561393731
+39656363333133306363353766343939333532366139393062313832376564613037666131633563
+62613164313935356233323634333936356336373566613232663130666632366664646264383935
+64626233613032383863343638313037653762363162353336383035623166646234613333346664
+64333261316339646531333235393462383538373664656132376165643437333664383338373838
+61303531346637373435663531373336613336646339623732383462623337643633303861333338
+30316464643663363532383636313661316536356136313166323166393532346261656430343339
+34303337636662373162643933653861396263376637366431373330313834646364666563313038
+36626163383234633937346232333462663635383061346237616262613831306638626334306465
+62356636653831666534646230616138633534373031626238316261386130386632666634643431
+38626430323832353033326632383333623230633931386539636634636561376138633934313439
+34373336353063373732616263656330336430313239623538386535396631323937356136326137
+35663339356565353637636330343531613261626463353865663962646338653065363833376331
+38616463633861336636323738653831363561323034643862356432343436306566303838663436
+61313237383462313064373566633435343661373037363263333635316462366436656365633134
+63346230633662353161613864353261366665656634323161373932613233326131393537353732
+62376334393237303932383631386233656235663835356666313535313363626134373731623035
+34343238396439636461643165363335393534353665616631386363316531393765623039323562
+35626336306136373763333239653163653337303463663265383466633633373438613830376630
+63646564373135353736303434303537323632613436333633323464303732323466623932323939
+61386161343839393766643038313638386335656565323734643233623261663763393837613435
+30343439373038623439623064626632343838323262303632333064356534323461616432333034
+32313631326330643339613734306634333432343866616434373162356232326638323431353134
+31303061316530633430633962633138306335616462356364663064666466333130623231393530
+66616561333561336162386537623735356266393065323637336264366431343035376131393064
+62393037393835626238646565666330616631386430646339383462646566306665383437373866
+30613536666461366466643336353339643239393839383734633737666665643534653962383635
+61356530373236383835363932393530386361653931303938306161646566343465656439313033
+36633634373230373635643066383132393430303431656635656165626164363338346561346666
+33363861616138386639316633623434636338396139303833663038343964356239623266313635
+35666138636665613639383333663862353238653135663338383539353931326132623733333638
+30636238646335613931613833313533356239306439363637303062646330353764616635653934
+63653231306231623134306137643236316261333361323661653062663836623165346330626363
+64353862363036653063656137323937396461343638643930636465343532333963316139666237
+39313963646233643439303863353533623233616564386666356536653937346166623365323433
+62663766666662383231333930396631313538623436343834396166323235613038653635643937
+39633736623663633631373066633465386337643339393864356266653161613432636665393435
+36653166346665356531656433613638343935396138616630663261343236323233356336383762
+30623735666363623366326430343965336161626361363034363063616162306439666631393062
+64376431393162363664626135646337363137383334303134303366636234626334643736663165
+61616166363833323738353436646634326439643064616535666561333431316437343066313334
+63313361343233303732373835303438393464356534303731366136353938633432363866333164
+65343363613035633033333534306636333163633134343665363134626563653938356235303238
+31623165646331336237366165393438313737336162616133633963663966313235653331633832
+63313432656238653833653032333263646262626337353463353136386336356662626433656637
+37636166623834313964383238663433323463616131623037336238386166343831386537616263
+38386233396563383062316538636162656333323136636638303939386530623233636562633239
+63376566616561613836646538663036343531353437663930613063306165613237393736633561
+63303264643864613939666630343435303262353137643764386538633334363565356437666562
+64356135623266303266303062396138363132633238393837613033356266653163356532363335
+66353834323031333364323564303239343037323338326663316664306530363264646464316566
+35613666373039306161363862633532373530636630663263626535396431313462353263313666
+66363361333965306461383966633831386132636564383336363766363464303634633133353264
+65336539663364323735363463643262613331303538653064373861616333643563386334356235
+65353833343839343534326462323532626436356539346436363961356437366135376565613161
+30366430313932363561666661353139643237373261343461326333626333366532373035653232
+65633435653831383538356466313839336335326565656430636436386334373930386530376562
+31386433333832386531623862313761393235613939326436616539666630303437373265656631
+33663333336664636630633833383535386162623632313634363937353837346437356439313436
+65313964316162646631316630646238333364386532353438383566633838363566653337653938
+34353565343632306161363338383434383734326138343963643733306233376438383661353165
+33313564356135396335363238663636663436613062643064616134336336346330323234376339
+34356630613030663961313330623762333261343835393462386664313665326164636433643434
+30353061393661386264343166363764323036396465636365373764633131313866306262663033
+37373830323830303433376236313438386362376138373466343161323231656236633163656433
+65623863643464623566343336343230363436346436643565366638383461346432306362623034
+37376239386237313736653031326233623764356165363030633461346535366234303338333465
+36323333356264396365633434303138643032326630373134383430326561616563613561366661
+65353939306138396463323965653930323933666166623564353432333638373062626132333566
+33626462333538336562633336663165643139306533346539343234326261623939313633613564
+64613166326363646661373061633865333338623233636435666162313732323262383038366465
+62303739373365633761353639346634623436663466396232383330336237356163343037336461
+34303861393165386139373038636334376530323131316635343463366634616661323361356233
+31306265346534356134373736386266646264653164636634373634623863346530333161613439
+65346331343935313932616165646530653232643830613738653732336536643231323333393166
+35663633333631623761336235636161363834353930336637626336303236353465316163323161
+32393635393237633661316639323038366135303061333933383731653131336533383231353334
+35306138643666653866343131313436393761366666346666646238636533366333663263623734
+61633863656136663138623230373238353838383831363038656332623730626533346433636666
+36616665313530613331373566316337633264303562636164393965366338623465333763363761
+37386635626639613834616564626662326536356331333439363964653737626234346366383633
+65306339396136343661666166653965376262346234616665333939643035633764646130356161
+65343139373233346461623832303933303236643937393139396262656535353337643366303833
+30393436613039626339613464323134376137326536646135353539616532646165343164623264
+65356139313237396439306166343434373965373166376464313462623138363461626433396532
+61343262356463383634613463336565333763613537393431323331336135663339376437626233
+33363665653434396166306166383133313333356331303031393366653232316237373234303638
+66336466663332613938646331393365386465356661373765376336346636623961653639396565
+32616438333736323165376432363932326333653435666265633461386566633139383531623866
+64633464333235663833333865626438316231633365616563646364616264633735323231613462
+32303862646230643037636435666336323737366133333631343666636263313064643466373536
+33376635373266633136623438623231316464646363633165626164383165653137643463373931
+35313439383139613334653436343439623138323966613338373836383964363534643835653262
+61396630316261646337386136623936663235313230393632616434323465303135373032303566
+61313864366332323530373534393238323766666562643037353936616331643139663733326334
+36646562366665363938396138353939633539633963376335306434666666346662393938343233
+32356133313466383434323031656538343233623831333530346632383331353365356261363136
+62653034646330363733303438336537633037356333356138643833313535366235303034343139
+39626534313438633834363864616365336332303261363639333364396263393561636337376432
+66643834653538386465366237633662393966363139303630393733353338333664376563663332
+63386365633637663537376332616139643538633039356135636464343865323035623436303437
+65376564333036396631333261626433376266363632313765613037323033376237343734633135
+36313233663539626461613863383331333030623039306535316632636638663164613662383365
+30333366346561313030373364653935366338336236653165613435306331346266613466373731
+37373062373734613730613534623365623231363062623936396139363932333533666333393862
+38623937663664663961343930363831363365363436656237636233333931646635396238653638
+35333361383833386139373431363838613066313662356562326433373236393231636335633166
+65343861636534393234633833373737353236306465343862633835303662643635663234323264
+61376437333533373338663636396331373433313861643461303636353161313237383062663239
+33376434333463366665373836646464373864653833623230346662626561633738343132623963
+64376665316235663363333632653136353933363636343736613461663731646161626639306430
+32363465653865306532363033343266623239353533616262636232386665613835646130366135
+30383832653933656664663766303931393062333034643766366166323434636337373334613264
+31626238633036316362643333343430626466616363656333346265353432373035343534383234
+63316662323662663163353638313130613565643338636233636131313431393530643166326632
+62613039316433306232343232333535666261623339363938326537343562643635656365633136
+66343466333139316638303563366464323534333435393636616463306535343265346632326263
+31316633333034613839323437393436616337613731356435663238636336303464376166663230
+35653339656430356332623562663731356633356139386338356238363235303765363366303863
+33636639313366633063396261623635663639616236363534366561323337303738346531636539
+34656232346432333865633437393862373136653563616136396462633663316335653935636564
+36333533393433656635633133663163643963376265646664313764656233376135383833333338
+396530366634636339323466626238383331
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/desktop/chrome-extensions.yml b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/chrome-extensions.yml
new file mode 100644
index 00000000..fdb5d98f
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/chrome-extensions.yml
@@ -0,0 +1,134 @@
+---
+# yamllint disable rule:line-length
+# @var chromium_extensions: [] # An array of Chromium extensions to automatically install on Google Chrome, Chromium, Brave Browser,
+# and Microsoft Edge. Each item in the array should have a `name` (for display purposes) and the `link` to the extensions page in the
+# Google Chrome store.
+chromium_extensions:
+ # @chrome [AdGuard AdBlocker](https://chrome.google.com/webstore/detail/adguard-adblocker/bgnkhhnnamicmpeenaelnjfhikgbkllg) | [GitHub](https://github.com/AdguardTeam/AdguardBrowserExtension) | [Homepage](https://adguard.com/en/welcome.html) | [Documentation](https://kb.adguard.com/en) - Blocks all types of ads on all web pages, even on Facebook, YouTube and all other websites
+ - name: AdGuard AdBlocker
+ link: https://chrome.google.com/webstore/detail/adguard-adblocker/bgnkhhnnamicmpeenaelnjfhikgbkllg
+
+ # @chrome [Automa](https://chrome.google.com/webstore/detail/automa/infppggnoaenmfagbfknfkancpbljcca) | [GitHub](https://github.com/AutomaApp/automa) | [Homepage](https://www.automa.site/) | [Documentation](https://docs.automa.site/) - A drag-and-drop, nicely polished browser automation tool
+ - name: Automa
+ link: https://chrome.google.com/webstore/detail/automa/infppggnoaenmfagbfknfkancpbljcca
+
+ # @chrome [Bitly](https://chrome.google.com/webstore/detail/bitly-powerful-short-link/iabeihobmhlgpkcgjiloemdbofjbdcic) | [GitHub](https://github.com/bitly/bitly_chrome_extension) | [Homepage](https://bitly.com/) | [Documentation](https://dev.bitly.com/) - Creates short, customized, powerful links from any page and share them with the world
+ - name: Bitly
+ link: https://chrome.google.com/webstore/detail/bitly-powerful-short-link/iabeihobmhlgpkcgjiloemdbofjbdcic
+
+ # @chrome [Bitwarden](https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb) | [GitHub](https://github.com/bitwarden/clients) | [Homepage](https://bitwarden.com/) | [Documentation](https://bitwarden.com/help/) - A secure and free password manager for all of the devices
+ - name: Bitwarden
+ link: https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb
+
+ # @chrome [Buffer](https://chrome.google.com/webstore/detail/buffer/noojglkidnpfjbincgijbaiedldjfbhh) | [GitHub](https://github.com/bufferapp/buffer-chrome) | [Homepage](https://buffer.com/extensions) | [Documentation](https://buffer.com/developers/api) - Shares contents to Instagram, Twitter, Facebook, Pinterest and LinkedIn from anywhere on the web
+ - name: Buffer
+ link: https://chrome.google.com/webstore/detail/buffer/noojglkidnpfjbincgijbaiedldjfbhh
+
+ # @chrome [Checkbot](https://chrome.google.com/webstore/detail/checkbot-seo-web-speed-se/dagohlmlhagincbfilmkadjgmdnkjinl) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.checkbot.io/) | [Documentation](https://www.checkbot.io/faq/) - SEO, web speed, and security tester/crawler
+ - name: Checkbot
+ link: https://chrome.google.com/webstore/detail/checkbot-seo-web-speed-se/dagohlmlhagincbfilmkadjgmdnkjinl
+
+ # @chrome [Falcon](https://chrome.google.com/webstore/detail/falcon/mmifbbohghecjloeklpbinkjpbplfalb) | [GitHub](https://github.com/lengstrom/falcon) - Chrome extension for full text history search
+ - name: Falcon
+ link: https://chrome.google.com/webstore/detail/falcon/mmifbbohghecjloeklpbinkjpbplfalb
+
+ # @chrome [Floccus](https://chrome.google.com/webstore/detail/floccus-bookmarks-sync/fnaicdffflnofjppbagibeoednhnbjhg) | [GitHub](https://github.com/floccusaddon/floccus) | [Homepage](https://floccus.org/) | [Documentation](https://floccus.org/guides) - Syncs bookmarks across browsers via Nextcloud, WebDAV or Google Drive
+ - name: Floccus
+ link: https://chrome.google.com/webstore/detail/floccus-bookmarks-sync/fnaicdffflnofjppbagibeoednhnbjhg
+
+ # @chrome [Git History Browser Extension](https://chrome.google.com/webstore/detail/git-history-browser-exten/laghnmifffncfonaoffcndocllegejnf) | [GitHub](https://github.com/LuisReinoso/git-history-browser-extension) - Adds a button to github to see the file history
+ - name: Git History Browser Extension
+ link: https://chrome.google.com/webstore/detail/git-history-browser-exten/laghnmifffncfonaoffcndocllegejnf
+
+ # @chrome [Google Dictionary](https://chrome.google.com/webstore/detail/google-dictionary-by-goog/mgijmajocgfcbeboacabfgobmjgjcoja) | [GitHub](NO_GITHUB_REPOSITORY_LINK) - View definitions easily as you browse the web
+ - name: Google Dictionary
+ link: https://chrome.google.com/webstore/detail/google-dictionary-by-goog/mgijmajocgfcbeboacabfgobmjgjcoja
+
+ # [Grammarly](https://chrome.google.com/webstore/detail/grammarly-for-chrome/kbfnbcaeplbcioakkpcpgfkobkghlhen) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.grammarly.com/) | [Documentation](https://developer.grammarly.com/docs/) - A Chrome extension for grammar and spelling to style and tone, and eliminate writing errors and find the perfect words to express. Grammarly might have a better paid-subscription than LanguageTool but LanguageTool has more open-source integrations and a good free-tier
+ # - name: Grammarly
+ # link: https://chrome.google.com/webstore/detail/grammarly-for-chrome/kbfnbcaeplbcioakkpcpgfkobkghlhen
+
+ # @chrome [GSConnect](https://chrome.google.com/webstore/detail/gsconnect/jfnifeihccihocjbfcfhicmmgpjicaec) | [GitHub](https://github.com/GSConnect/gnome-shell-extension-gsconnect) | [Homepage](https://github.com/GSConnect/gnome-shell-extension-gsconnect/wiki) | [Documentation](https://github.com/GSConnect/gnome-shell-extension-gsconnect/wiki) - Integrates GSConnect / KDEConnect into Chrome-based browsers (allows you to send SMS links / images from the browser).
+ - name: GSConnect
+ link: https://chrome.google.com/webstore/detail/gsconnect/jfnifeihccihocjbfcfhicmmgpjicaec
+ when: "{{ ansible_os_family === 'Linux' }}"
+
+ # @chrome [Headless Recorder](https://chrome.google.com/webstore/detail/headless-recorder/djeegiggegleadkkbgopoonhjimgehda) | [GitHub](https://github.com/checkly/headless-recorder) | [Homepage](https://www.checklyhq.com/docs/headless-recorder/) - A Chrome extension for recording browser interaction and generating Puppeteer & Playwright scripts
+ - name: Headless Recorder
+ link: https://chrome.google.com/webstore/detail/headless-recorder/djeegiggegleadkkbgopoonhjimgehda
+
+ # [HTTPS Everywhere](https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp) | [GitHub](https://github.com/EFForg/https-everywhere) | [Homepage](https://www.eff.org/https-everywhere) | [Documentation](https://www.eff.org/pages/https-everywhere-faq) - A Chrome extension to encrypt the Web! Automatically use HTTPS security on many sites. Deprecated since it is built into Chrome now.
+ # - name: HTTPS Everywhere
+ # link: https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp
+
+ # @chrome [JSON Viewer Pro](https://chrome.google.com/webstore/detail/json-viewer-pro/eifflpmocdbdmepbjaopkkhbfmdgijcc) |[GitHub](https://github.com/rbrahul/Awesome-JSON-Viewer) | [Homepage](https://rbrahul.github.io/Awesome-JSON-Viewer/) - A completely free extension to visualise JSON response in awesome Tree and Chart view with great user experience and options
+ - name: JSON Viewer Pro
+ link: https://chrome.google.com/webstore/detail/json-viewer-pro/eifflpmocdbdmepbjaopkkhbfmdgijcc
+
+ # @chrome [LastPass](https://chrome.google.com/webstore/detail/lastpass-free-password-ma/hdokiejnpimakedhajhdlcegeplioahd) |[GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.lastpass.com/) | [Documentation](https://support.lastpass.com/home) - A password manager that saves passwords and gives secure access from every computer and mobile device
+ - name: LastPass
+ link: https://chrome.google.com/webstore/detail/lastpass-free-password-ma/hdokiejnpimakedhajhdlcegeplioahd
+
+ # @chrome [LanguageTool](https://chrome.google.com/webstore/detail/grammar-spell-checker-%E2%80%94-l/oldceeleldhonbafppcapldpdifcinji) | [GitHub](https://github.com/languagetool-org/languagetool) | [Homepage](https://languagetool.org/) | [Documentation](https://dev.languagetool.org/) - Grammar and spelling checker with Google Docs integration
+ - name: LanguageTool (Grammar and Spell Checker)
+ link: https://chrome.google.com/webstore/detail/grammar-spell-checker-%E2%80%94-l/oldceeleldhonbafppcapldpdifcinji
+
+ # @chrome [Mailvelope](https://chrome.google.com/webstore/detail/mailvelope/kajibbejlbohfaggdiogboambcijhkke) | [GitHub](https://github.com/mailvelope/mailvelope) | [Homepage](https://mailvelope.com/en) | [Documentation](https://mailvelope.github.io/mailvelope/) - E-mail encryption tool that integrates with popular e-mail providers
+ - name: Mailvelope
+ link: https://chrome.google.com/webstore/detail/mailvelope/kajibbejlbohfaggdiogboambcijhkke
+
+ # @chrome [Markdown Here](https://chrome.google.com/webstore/detail/markdown-here/elifhakcjgalahccnjkneoccemfahfoa) | [GitHub](https://github.com/adam-p/markdown-here) | [Homepage](https://markdown-here.com/) - A Chrome extension to write email in Markdown and render it (make it pretty!) before sending
+ - name: Markdown Here
+ link: https://chrome.google.com/webstore/detail/markdown-here/elifhakcjgalahccnjkneoccemfahfoa
+
+ # @chrome [MetaMask](https://chrome.google.com/webstore/detail/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn) | [GitHub](https://github.com/MetaMask/metamask-extension) | [Homepage](https://metamask.io/) | [Documentation](https://docs.metamask.io/guide/) - An extension for accessing Ethereum enabled distributed applications, or "Dapps" in browser
+ - name: MetaMask
+ link: https://chrome.google.com/webstore/detail/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn
+
+ # @chrome [NoScript](https://chrome.google.com/webstore/detail/noscript/doojmbjmlfjjnbmnoijecmcbfeoakpjm/) | [GitHub](https://github.com/hackademix/noscript) | [Homepage](https://noscript.net/) | [Documentation](https://noscript.net/faq/) - NoScript allows you to selectively block scripts on certain websites
+ - name: NoScript
+ link: https://chrome.google.com/webstore/detail/noscript/doojmbjmlfjjnbmnoijecmcbfeoakpjm/
+
+ # @chrome [Octohint](https://chrome.google.com/webstore/detail/octohint/hbkpjkfdheainjkkebeoofkpgddnnbpk) | [GitHub](https://github.com/pd4d10/octohint) - The missing IntelliSense hint for GitHub and GitLab
+ - name: Octohint
+ link: https://chrome.google.com/webstore/detail/octohint/hbkpjkfdheainjkkebeoofkpgddnnbpk
+
+ # [Raindrop.io](https://chrome.google.com/webstore/detail/raindropio/ldgfbffkinooeloadekpmfoklnobpien) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://raindrop.io/) - An all-in-one cross-browser bookmark manager with advanced indexing features. Deprecated in favor of Floccus.
+ # - name: Raindrop.io
+ # link: https://chrome.google.com/webstore/detail/raindropio/ldgfbffkinooeloadekpmfoklnobpien
+
+ # @chrome [Rakuten](https://chrome.google.com/webstore/detail/rakuten-get-cash-back-for/chhjbpecpncaggjpdakmflnfcopglcmi) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.rakuten.com/button.htm) | [Documentation](https://developers.rakuten.com/) - A Chrome extension to find best shopping deals and coupons and just save them
+ - name: Rakuten
+ link: https://chrome.google.com/webstore/detail/rakuten-get-cash-back-for/chhjbpecpncaggjpdakmflnfcopglcmi
+
+ # @chrome [Save to Google Drive](https://chrome.google.com/webstore/detail/save-to-google-drive/gmbmikajjgmnabiglmofipeabaddhgne) | [GitHub](NO_GITHUB_REPOSITORY_LINK) - Save web content or screen capture directly to Google Drive.
+ - name: Save to Google Drive
+ link: https://chrome.google.com/webstore/detail/save-to-google-drive/gmbmikajjgmnabiglmofipeabaddhgne
+
+ # @chrome [Screenity](https://chrome.google.com/webstore/detail/screenity-screen-recorder/kbbdabhdfibnancpjfhlkhafgdilcnji) | [GitHub](https://github.com/alyssaxuu/screenity) | [Homepage]() - The most powerful screen recorder for Chrome
+ - name: Screenity - Screen Recorder & Annotation Tool
+ link: https://chrome.google.com/webstore/detail/screenity-screen-recorder/kbbdabhdfibnancpjfhlkhafgdilcnji
+
+ # @chrome [SingleFile](https://chrome.google.com/webstore/detail/singlefile/mpiodijhokgodhhofbcjdecpffjipkle) | [GitHub](https://github.com/gildas-lormeau/SingleFile) - A Chrome extension to save a complete page into a single HTML file
+ - name: SingleFile
+ link: https://chrome.google.com/webstore/detail/singlefile/mpiodijhokgodhhofbcjdecpffjipkle
+
+ # @chrome [SponsorBlock](https://chrome.google.com/webstore/detail/sponsorblock-for-youtube/mnjggcdmjocbbbhaepdhchncahnbgone) | [GitHub](https://github.com/ajayyy/SponsorBlock) | [Homepage](https://sponsor.ajay.app/) | [Documentation](https://wiki.sponsor.ajay.app/w/Guidelines) - A Chrome extension to skip sponsorships, subscription begging and more on YouTube videos
+ - name: SponsorBlock
+ link: https://chrome.google.com/webstore/detail/sponsorblock-for-youtube/mnjggcdmjocbbbhaepdhchncahnbgone
+
+ # @chrome [TasksBoard](https://chrome.google.com/webstore/detail/desktop-app-for-google-ta/lpofefdiokgmcdnnaigddelnfamkkghi) | [Homepage](https://tasksboard.com/app) - Organize and share TODO lists that are synchronized with Google To-Do.
+ - name: TasksBoard
+ link: https://chrome.google.com/webstore/detail/desktop-app-for-google-ta/lpofefdiokgmcdnnaigddelnfamkkghi
+
+ # @chrome [Vimeo Record](https://chrome.google.com/webstore/detail/vimeo-record-screen-webca/ejfmffkmeigkphomnpabpdabfddeadcb) |[GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://vimeo.com/) | [Documentation](https://developer.vimeo.com/) - A Chrome extension to record and share unlimited free video messages from your browser
+ - name: Vimeo Record
+ link: https://chrome.google.com/webstore/detail/vimeo-record-screen-webca/ejfmffkmeigkphomnpabpdabfddeadcb
+
+ # @chrome [Vytal](https://chrome.google.com/webstore/detail/vytal/ncbknoohfjmcfneopnfkapmkblaenokb) | [GitHub](https://github.com/z0ccc/Vytal) | [Homepage](https://vytal.io/) | [Documentation](https://palant.info/2020/12/10/how-anti-fingerprinting-extensions-tend-to-make-fingerprinting-easier/) - An extension that spoofs user-agent, language, and location data using the chrome.debugger
+ - name: Vytal
+ link: https://chrome.google.com/webstore/detail/vytal/ncbknoohfjmcfneopnfkapmkblaenokb
+
+ # @chrome [Web Vitals](https://chrome.google.com/webstore/detail/web-vitals/ahfhijdlegdabablpippeagghigmibma?hl=en) | [GitHub](https://github.com/GoogleChrome/web-vitals-extension) | [Homepage](https://web.dev/vitals/) - A Chrome extension to measure metrics for a healthy site
+ - name: Web Vitals
+ link: https://chrome.google.com/webstore/detail/web-vitals/ahfhijdlegdabablpippeagghigmibma
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/desktop/dotnet-tools.yml b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/dotnet-tools.yml
new file mode 100644
index 00000000..564211ba
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/dotnet-tools.yml
@@ -0,0 +1,6 @@
+---
+# yamllint disable rule:line-length
+# @var dotnet_tools: [] # An array of .NET tools to install. Specify the package name using the `name` field in each member of the array.
+dotnet_tools:
+ # @dotnet [attacksurfaceanalyzer](https://github.com/microsoft/AttackSurfaceAnalyzer) | [GitHub](https://github.com/microsoft/AttackSurfaceAnalyzer) - Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation
+ - name: Microsoft.CST.AttackSurfaceAnalyzer.CLI
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/desktop/firefox-addons.yml b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/firefox-addons.yml
new file mode 100644
index 00000000..0a8b100b
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/firefox-addons.yml
@@ -0,0 +1,99 @@
+---
+# yamllint disable rule:line-length
+# @var firefox_add_ons: [] # An array of Firefox Add-Ons to install. Each Add-On requires a `name` (for display purposes) and a `link`
+# to the Add-On on the Firefox Add-Ons site.
+firefox_add_ons:
+ # @firefox [AdGuard AdBlocker](https://addons.mozilla.org/en-US/firefox/addon/adguard-adblocker/) | [GitHub](https://github.com/AdguardTeam/AdguardBrowserExtension) | [Homepage](https://adguard.com/en/welcome.html) | [Documentation](https://kb.adguard.com/en) - Block ads on Facebook, Youtube and all other websites
+ - name: AdGuard AdBlocker
+ link: https://addons.mozilla.org/en-US/firefox/addon/adguard-adblocker/
+
+ # @firefox [Automa](https://addons.mozilla.org/en-US/firefox/addon/automa/) | [GitHub](https://github.com/AutomaApp/automa) | [Homepage](https://www.automa.site/) | [Documentation](https://docs.automa.site/) - A drag-and-drop, nicely polished browser automation tool
+ - name: Automa
+ link: https://addons.mozilla.org/en-US/firefox/addon/automa/
+
+ # @firefox [Bitwarden](https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/) | [GitHub](https://github.com/bitwarden/clients) | [Homepage](https://bitwarden.com/) | [Documentation](https://bitwarden.com/help/) - A secure and free password manager for all of the devices
+ - name: Bitwarden
+ link: https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/
+
+ # Cannot be installed using CLI
+ # @firefox [Buffer](https://addons.mozilla.org/en-US/firefox/addon/buffer-for-firefox/) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://buffer.com/) | [Documentation](https://buffer.com/developers/api) - Share great content to Instagram, Twitter, Facebook, Pinterest and LinkedIn from anywhere on the web
+ - name: Buffer
+ link: https://addons.mozilla.org/en-US/firefox/addon/buffer-for-firefox/
+
+ # Cannot be installed using CLI
+ # @firefox [Falcon](https://addons.mozilla.org/en-US/firefox/addon/falcon_extension/) | [GitHub](https://github.com/CennoxX/falcon) - Firefox extension for full text browsing history search
+ - name: Falcon
+ link: https://addons.mozilla.org/en-US/firefox/addon/falcon_extension/
+
+ # @firefox [Floccus](https://addons.mozilla.org/en-US/firefox/addon/floccus/) | [GitHub](https://github.com/floccusaddon/floccus) | [Homepage](https://floccus.org/) | [Documentation](https://floccus.org/guides) - Syncs bookmarks across browsers via Nextcloud, WebDAV or Google Drive
+ - name: Floccus
+ link: https://addons.mozilla.org/en-US/firefox/addon/floccus/
+
+ # Cannot be installed using CLI
+ # @firefox [Git History Browser Extension](https://addons.mozilla.org/es/firefox/addon/github-history/) | [GitHub](https://github.com/LuisReinoso/git-history-browser-extension) - Adds a button to github to see the file history
+ - name: Git History Browser Extension
+ link: https://addons.mozilla.org/es/firefox/addon/github-history/
+
+ # @firefox [GSConnect](https://addons.mozilla.org/firefox/addon/gsconnect/) | [GitHub](https://github.com/GSConnect/gnome-shell-extension-gsconnect) | [Homepage](https://github.com/GSConnect/gnome-shell-extension-gsconnect/wiki) | [Documentation](https://github.com/GSConnect/gnome-shell-extension-gsconnect/wiki) - Integrates GSConnect / KDEConnect into Firefox-based browsers (allows you to send SMS links / images from the browser).
+ - name: GSConnect
+ link: https://addons.mozilla.org/firefox/addon/gsconnect/
+ when: "{{ ansible_os_family === 'Linux' }}"
+
+ # Cannot be installed using CLI
+ # @firefox [Dictionary Anywhere](https://addons.mozilla.org/en-US/firefox/addon/dictionary-anyvhere/) | [GitHub](https://github.com/meetDeveloper/Dictionary-Anywhere) - View definitions easily as you browse the web
+ - name: Dictionary Anywhere
+ link: https://addons.mozilla.org/en-US/firefox/addon/dictionary-anyvhere/
+
+ # @firefox [JSON Lite](https://addons.mozilla.org/en-US/firefox/addon/json-lite/) | [GitHub](https://github.com/lauriro/json-lite) - JSON viewer - highlights, shows items count/size, handles large files
+ - name: JSON Lite
+ link: https://addons.mozilla.org/en-US/firefox/addon/json-lite/
+
+ # @firefox [LanguageTool](https://addons.mozilla.org/en-US/firefox/addon/languagetool/) | [GitHub](https://github.com/languagetool-org/languagetool) | [Homepage](https://languagetool.org/) | [Documentation](https://dev.languagetool.org/) - Check text with the free style and grammar checker
+ - name: LanguageTool (Grammar and Spell Checker)
+ link: https://addons.mozilla.org/en-US/firefox/addon/languagetool/
+
+ # Cannot be installed using CLI
+ # @firefox [Mailvelope](https://addons.mozilla.org/en-US/firefox/addon/mailvelope/) | [GitHub](https://github.com/mailvelope/mailvelope) | [Homepage](https://mailvelope.com/en) | [Documentation](https://mailvelope.github.io/mailvelope/) - E-mail encryption tool that integrates with popular e-mail providers
+ - name: Mailvelope
+ link: https://addons.mozilla.org/en-US/firefox/addon/mailvelope/
+
+ # @firefox [Markdown Here](https://addons.mozilla.org/en-US/firefox/addon/markdown-here/) | [GitHub](https://github.com/adam-p/markdown-here) | [Homepage](https://markdown-here.com/) - Write email in Markdown, then make it pretty
+ - name: Markdown Here
+ link: https://addons.mozilla.org/en-US/firefox/addon/markdown-here/
+
+ # @firefox [MetaMask](https://addons.mozilla.org/en-US/firefox/addon/ether-metamask/) | [GitHub](https://github.com/MetaMask/metamask-extension) | [Homepage](https://metamask.io/) | [Documentation](https://docs.metamask.io/guide/) - Ethereum Browser Extension
+ - name: MetaMask
+ link: https://addons.mozilla.org/en-US/firefox/addon/ether-metamask/
+
+ # @firefox [NoScript](https://addons.mozilla.org/en-US/firefox/addon/noscript/) | [GitHub](https://github.com/hackademix/noscript) | [Homepage](https://noscript.net/) | [Documentation](https://noscript.net/faq/) - NoScript, a tool integrated with the Tor browser, allows you to block scripts from running
+ - name: NoScript
+ link: https://addons.mozilla.org/en-US/firefox/addon/noscript/
+
+ # @firefox [Profile Switcher](https://addons.mozilla.org/en-CA/firefox/addon/profile-switcher/) | [GitHub](https://github.com/null-dev/firefox-profile-switcher) | [Homepage](https://github.com/null-dev/firefox-profile-switcher) | [Documentation](https://github.com/null-dev/firefox-profile-switcher) - Works in combination with a Rust program to allow you to maintain multiple profiles.
+ - name: Profile Switcher
+ link: https://addons.mozilla.org/en-CA/firefox/addon/profile-switcher/
+
+ # @firefox [Rakuten](https://addons.mozilla.org/en-US/firefox/addon/ebates/) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.rakuten.com/) | [Documentation](https://developers.rakuten.com/) - Find best shopping deals and coupons and just save them
+ - name: Rakuten
+ link: https://addons.mozilla.org/en-US/firefox/addon/ebates/
+
+ # @firefox [Screen Recorder](https://addons.mozilla.org/en-US/firefox/addon/screen-recorder/) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://mybrowseraddon.com/screen-recorder.html) - Record computer's screeen
+ - name: Screen Recorder
+ link: https://addons.mozilla.org/en-US/firefox/addon/screen-recorder/
+
+ # @firefox [SingleFile](https://addons.mozilla.org/en-US/firefox/addon/single-file/) | [GitHub](https://github.com/gildas-lormeau/SingleFile) - Save a complete page into a single HTML file
+ - name: SingleFile
+ link: https://addons.mozilla.org/en-US/firefox/addon/single-file/
+
+ # @firefox [SponsorBlock](https://addons.mozilla.org/en-US/firefox/addon/sponsorblock/) | [GitHub](https://github.com/ajayyy/SponsorBlock) | [Homepage](https://sponsor.ajay.app/) | [Documentation](https://wiki.sponsor.ajay.app/w/Guidelines) - Skip YouTube video sponsors
+ - name: SponsorBlock
+ link: https://addons.mozilla.org/en-US/firefox/addon/sponsorblock/
+
+ # Cannot be installed using CLI
+ # @firefox [Sweet Dark](https://addons.mozilla.org/en-US/firefox/addon/sweet-dark/) | [GitHub](https://github.com/EliverLara/firefox-sweet-theme) | [Homepage](https://github.com/EliverLara/firefox-sweet-theme) | [Documentation](https://github.com/EliverLara/firefox-sweet-theme) - The Sweet Dark theme.
+ - name: Sweet Dark
+ link: https://addons.mozilla.org/en-US/firefox/addon/sweet-dark/
+
+ # @firefox [TinyURL](https://addons.mozilla.org/en-US/firefox/addon/tiny_url/) | [GitHub](NO_GITHUB_REPOSITORY_LINK) - A one-click tool to generate a tiny URL
+ - name: TinyURL
+ link: https://addons.mozilla.org/en-US/firefox/addon/tiny_url/
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/desktop/homebrew.yml b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/homebrew.yml
new file mode 100644
index 00000000..0a4d93d3
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/homebrew.yml
@@ -0,0 +1,59 @@
+---
+# @var homebrew_casks: [] # A list of Homebrew casks to install on macOS.
+homebrew_casks:
+ # @cask @application @menubar [Clocker](https://formulae.brew.sh/cask/clocker) | [GitHub](https://github.com/n0shake/clocker) | [Homepage](https://abhishekbanthia.com/clocker/) - macOS program that shows the time in multiple timezones in the top menu bar
+ - name: clocker
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ - name: epk/epk/font-sf-mono-nerd-font
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ - name: homebrew/cask-fonts/font-hack-nerd-font
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ - name: homebrew/cask-fonts/font-meslo-lg-nerd-font
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @cask @application [Secretive](https://formulae.brew.sh/cask/secretive) | [GitHub](https://github.com/maxgoedjen/secretive) - macOS app that uses the Secure Enclave to create unreadable private keys - there is no importing/exporting keys so you only have access to the public key
+ - name: secretive
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @cask @application [Sloth](https://formulae.brew.sh/cask/sloth) | [GitHub](https://github.com/sveinbjornt/Sloth) | [Homepage](https://sveinbjorn.org/sloth) - macOS program that shows all open files, directories, sockets, pipes, and devices in use by all running processes on the system
+ - name: sloth
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @cask @application @menubar [Stats](https://formulae.brew.sh/cask/stats) | [GitHub](https://github.com/exelban/stats) | [Homepage]() - macOS program that shows the system monitor in the top menu bar
+ - name: stats
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+# @var homebrew_packages: [] # A list of Homebrew packages to install on Linux / macOS.
+homebrew_packages:
+ # @brew @cli [automake](https://formulae.brew.sh/formula/automake) | [GitHub](https://github.com/autotools-mirror/automake) | [Homepage](https://www.gnu.org/software/automake/) | [Documentation](https://www.gnu.org/software/automake/manual/automake.html) - Tool for generating GNU Standards-compliant Makefiles
+ - name: automake
+
+ # @brew @cli [Carthage](https://formulae.brew.sh/formula/carthage) | [GitHub](https://github.com/Carthage/Carthage) - A simple, decentralized dependency manager for Cocoa
+ - name: carthage
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @brew @cli [chrome-cli](https://formulae.brew.sh/formula/chrome-cli) | [GitHub](https://github.com/prasmussen/chrome-cli) - Control Google Chrome from the command-line
+ - name: chrome-cli
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @brew @cli [findutils](https://formulae.brew.sh/formula/findutils) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.gnu.org/software/findutils/) - Collection of GNU find, xargs, and locate
+ - name: findutils
+
+ # @brew @cli [ideviceinstaller](https://formulae.brew.sh/formula/ideviceinstaller) | [GitHub](https://github.com/libimobiledevice/ideviceinstaller) | [Homepage](https://libimobiledevice.org/) | [Documentation](https://libimobiledevice.org/#get-started) - Tool for managing apps on iOS devices
+ - name: ideviceinstaller
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @brew @cli [libimobiledevice](https://formulae.brew.sh/formula/libimobiledevice) | [GitHub](https://github.com/libimobiledevice/libimobiledevice) | [Homepage](https://libimobiledevice.org/) | [Documentation](https://libimobiledevice.org/#get-started) - Library to communicate with iOS devices natively
+ - name: libimobiledevice
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @brew cli [Trellis](https://roots.io/trellis/) | [GitHub](https://github.com/roots/trellis) | [Homepage](https://roots.io/trellis/) | [Documentation](https://docs.roots.io/trellis/master/installation/) - WordPress development platform that requires Vagrant and a VM provider like VirtualBox
+ - name: roots/tap/trellis-cli
+ when: "{{ ansible_connection != 'qubes' or inventory_hostname == 'dev-tmpl' }}"
+
+ # @brew @cli [youtube-dl](https://formulae.brew.sh/formula/youtube-dl) | [GitHub](https://github.com/ytdl-org/youtube-dl/) | [Homepage](https://youtube-dl.org/) - youtube-dl is an advanced video download application perhaps most well-known for its ability to download YouTube videos from the command-line. It also supports downloading from other sites such as Twitter, Facebook, Vimeo, Twitch, DailyMotion and many more.
+ - name: youtube-dl
+ when: "{{ ansible_connection != 'qubes' or inventory_hostname == 'media-tmpl' }}"
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/desktop/npm-packages.yml b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/npm-packages.yml
new file mode 100644
index 00000000..3ed158b7
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/npm-packages.yml
@@ -0,0 +1,321 @@
+---
+# yamllint disable rule:line-length
+# @var nodejs_npm_global_packages: [] # A list of NPM packages to install globally.
+nodejs_npm_global_packages:
+ # @npm @cli [@angular/cli](https://npmjs.com/package/@angular/cli) | [GitHub](https://github.com/angular/angular-cli) | [Homepage](https://angular.io/) | [Documentation](https://angular.io/docs) - Official CLI for [Angular](https://angular.io/) capable of generating new projects, generating boilerplate files, and testing apps with LiveReload
+ - name: '@angular/cli'
+ bin: ng
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [@cloudflare/wrangler](https://npmjs.com/package/@cloudflare/wrangler) | [GitHub](https://github.com/cloudflare/wrangler) | [Homepage](https://workers.cloudflare.com/) | [Documentation](https://developers.cloudflare.com/workers/wrangler/configuration/) - A CLI tool designed for folks who are interested in using Cloudflare Workers
+ - name: '@cloudflare/wrangler'
+ bin: wrangler
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [@feathersjs/cli](https://npmjs.com/package/@feathers/cli) | [GitHub](https://github.com/feathersjs/feathers) | [Homepage](https://feathersjs.com/) | [Documentation](https://docs.feathersjs.com/) - Feathers is a lightweight web-framework for creating real-time applications and REST APIs using JavaScript or TypeScript.
+ - name: '@feathersjs/cli'
+ bin: feathers
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [@ionic/cli](https://npmjs.com/package/@ionic/cli) | [GitHub](https://github.com/ionic-team/ionic-cli) | [Homepage](https://ionicframework.com/) | [Documentation](https://ionicframework.com/docs/intro/cli) - A command line interface (CLI) is go-to tool for developing Ionic apps
+ - name: '@ionic/cli'
+ bin: ionic
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [@nestjs/cli](https://npmjs.com/package/@nestjs/cli) | [GitHub](https://github.com/nestjs/nest-cli) | [Homepage](https://nestjs.com/) | [Documentation](https://docs.nestjs.com/) - A command-line interface tool that helps you to initialize, develop, and maintain your Nest applications
+ - name: '@nestjs/cli'
+ bin: nest
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [@sentry/cli](https://npmjs.com/package/@sentry/cli) | [GitHub](https://github.com/getsentry/sentry-cli) | [Homepage](https://sentry.io/welcome/) | [Documentation](https://docs.sentry.io/product/cli/) - A Sentry command line client for some generic tasks
+ - name: '@sentry/cli'
+ bin: sentry-cli
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [@vercel/ncc](https://npmjs.com/package/@vercel/ncc) | [GitHub](https://github.com/vercel/ncc) | [Homepage](https://github.com/vercel/ncc#readme) - CLI for compiling a Node.js module into a single file, together with all its dependencies, gcc-style
+ - name: '@vercel/ncc'
+ bin: ncc
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [auto-install](https://npmjs.com/package/auto-install) | [GitHub](https://github.com/siddharthkp/auto-install) | [Homepage](https://github.com/siddharthkp/auto-install#readme) - Auto installs dependencies as you code
+ - name: auto-install
+ bin: auto-install
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [bitly-cli-client](https://npmjs.com/package/bitly-cli-client) | [GitHub](https://github.com/xxczaki/bitly-cli-client) | [Homepage](https://github.com/xxczaki/bitly-cli-client#readme) - Shorten links with Bitly in the terminal
+ - name: bitly-cli-client
+ bin: bitly
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [browser-sync](https://browsersync.io/) | [GitHub](https://github.com/BrowserSync/browser-sync) | [Homepage](http://browsersync.io/) | [Documentation](https://browsersync.io/docs) - Time-saving synchronized browser testing - test desktop and mobile versions of a website at the same time
+ - name: browser-sync
+ bin: browser-sync
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [caniuse-cmd](https://npmjs.com/package/caniuse-cmd) | [GitHub](https://github.com/sgentle/caniuse-cmd) | [Homepage](https://caniuse.com/) | [Documentation](https://github.com/sgentle/caniuse-cmd#readme) - Caniuse command line tool
+ - name: caniuse-cmd
+ bin: caniuse
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [carbon-now-cli](https://npmjs.com/package/carbon-now-cli) | [GitHub](https://github.com/mixn/carbon-now-cli) | [Homepage](https://carbon.now.sh/) - Tool that generates beautiful images of source code through an intuitive UI, while customizing aspects like fonts, themes, window controls and much mor
+ - name: carbon-now-cli
+ bin: carbon-now
+
+ # @npm @cli [commitizen](https://npmjs.com/package/commitizen) | [GitHub](https://github.com/commitizen/cz-cli) | [Homepage](https://commitizen.github.io/cz-cli/) | [Documentation](https://github.com/commitizen/cz-cli/blob/master/README.md) - The commitizen command line utility
+ - name: commitizen
+ bin: cz
+
+ # @npm @cli [cordova](https://npmjs.com/package/cordova) | [GitHub](https://github.com/apache/cordova-android) | [Homepage](https://cordova.apache.org/) | [Documentation](https://cordova.apache.org/docs/en/latest/) - The command line tool to build, deploy and manage Cordova-based applications
+ - name: cordova
+ bin: cordova
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [deviceframe](https://npmjs.com/package/deviceframe) | [GitHub](https://github.com/c0bra/deviceframe) | [Homepage](https://github.com/c0bra/deviceframe#readme) - Put device frames around mobile/web/progressive app screenshots
+ - name: deviceframe
+ bin: dframe
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [editly](https://npmjs.com/package/editly) | [GitHub](https://github.com/mifi/editly) | [Homepage](https://github.com/mifi/editly) - A tool and framework for declarative NLE (non-linear video editing) using Node.js and ffmpeg
+ - name: editly
+ bin: editly
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [electron](https://npmjs.com/package/electron) | [GitHub](https://github.com/electron/electron) | [Homepage](https://www.electronjs.org/) | [Documentation](https://www.electronjs.org/docs/latest) - A tool that enables to write cross-platform desktop applications using JavaScript, HTML and CSS
+ - name: electron
+ bin: electron
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [emma-cli](https://npmjs.com/package/emma-cli) | [GitHub](https://github.com/maticzav/emma-cli) - Install the package you are looking for
+ - name: emma-cli
+ bin: emma
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [emoj](https://npmjs.com/package/emoj) | [GitHub](https://github.com/sindresorhus/emoj) - Find relevant emoji from text on the command-line
+ - name: emoj
+ bin: emoj
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [empty-trash-cli](https://npmjs.com/package/empty-trash-cli) | [GitHub](https://github.com/sindresorhus/empty-trash-cli) - A CLI to empty the trash
+ - name: empty-trash-cli
+ bin: empty-trash
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [eslint](https://npmjs.com/package/eslint) | [GitHub](https://github.com/eslint/eslint) | [Homepage](https://eslint.org/) | [Documentation](https://eslint.org/docs/user-guide/getting-started) - A tool for identifying and reporting on patterns found in ECMAScript/JavaScript code
+ - name: eslint
+ bin: eslint
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [fastify-cli](https://npmjs.com/package/fastify-cli) | [GitHub](https://github.com/fastify/fastify-cli) | [Homepage](https://www.fastify.io/) | [Documentation](https://www.fastify.io/docs/latest/) - Command line tools for Fastify. Generate, write, and run an application with one single command
+ - name: fastify-cli
+ bin: fastify
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [firebase-tools](https://npmjs.com/package/firebase-tools) | [GitHub](https://github.com/firebase/firebase-tools) | [Homepage](https://firebase.google.com/) | [Documentation](https://firebase.google.com/docs/cli) - The Firebase Command Line Interface (CLI) Tools can be used to test, manage, and deploy Firebase project from the command line
+ - name: firebase-tools
+ bin: firebase
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [fkill-cli](https://npmjs.com/package/fkill-cli) | [GitHub](https://github.com/sindresorhus/fkill-cli) - Fabulously kill processes. Cross-platform.
+ - name: fkill-cli
+ bin: fkill
+
+ # @npm @cli [git-open](https://npmjs.com/package/git-open) | [GitHub](https://github.com/paulirish/git-open) - Type git open to open the repo website (GitHub, GitLab, Bitbucket) in browser
+ - name: git-open
+
+ # @npm @cli [google-font-installer](https://npmjs.com/package/google-font-installer) | [GitHub](https://github.com/lordgiotto/google-font-installer) - Google Font Installer is a NodeJS module/CLI that lets you Search, Download and Install fonts offered by Google Web Fonts
+ - name: google-font-installer
+ bin: gfi
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [gtop](https://npmjs.com/package/gtop) | [GitHub](https://github.com/aksakalli/gtop) - System monitoring dashboard for terminal. Deprecated in favor of Glances.
+ # - name: gtop
+ # bin: gtop
+
+ # @npm @cli [gulp](https://npmjs.com/package/gulp) | [GitHub](https://github.com/gulpjs/gulp) | [Homepage](https://gulpjs.com/) | [Documentation](https://gulpjs.com/docs/en/getting-started/quick-start) - A toolkit that helps you automate painful or time-consuming tasks in your development workflow
+ - name: gulp
+ bin: gulp
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [imgur-uploader-cli](https://npmjs.com/package/imgur-uploader-cli) | [GitHub](https://github.com/kevva/imgur-uploader-cli) - CLI to upload images to imgur
+ - name: imgur-uploader-cli
+ bin: imgur-uploader
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [ios-deploy](https://npmjs.com/package/ios-deploy) | [GitHub](https://github.com/ios-control/ios-deploy) - Command line tool to install aand debug iOS apps. Xcode must be installed (i.e. this is a macOS-only package)
+ - name: ios-deploy
+ bin: ios-deploy
+ xcode: true
+ when: "{{ (ansible_os_family == 'Darwin') and (xcode_installed | default(false)) }}"
+
+ # @deprecated [ipfs-deploy](https://npmjs.com/package/ipfs-deploy) | [GitHub](https://github.com/ipfs-shipyard/ipfs-deploy) - Upload static website to IPFS pinning services and optionally update DNS. Deprecated because there is an issue installing this on macOS with Volta.
+ # - name: ipfs-deploy
+ # bin: ipd
+ # when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [is-up-cli](https://npmjs.com/package/is-up-cli) | [GitHub](https://github.com/sindresorhus/is-up-cli) | [Homepage](https://isitup.org/) - Check whether a website is up or down using the isitup.org API
+ - name: is-up-cli
+ bin: is-up
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [localtunnel](https://npmjs.com/package/localtunnel) | [GitHub](https://github.com/localtunnel/localtunnel) | [Homepage](localtunnel.me) - localtunnel exposes localhost to the world for easy testing and sharing
+ - name: localtunnel
+ bin: localtunnel
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [mjml](https://npmjs.com/package/mjml) | [GitHub](https://github.com/mjmlio/mjml) | [Homepage](https://mjml.io/) | [Documentation](https://documentation.mjml.io/) - A markup language created by Mailjet and designed to reduce the pain of coding a responsive email
+ - name: mjml
+ bin: mjml
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [nativefier](https://npmjs.com/package/nativefier) | [GitHub](https://github.com/nativefier/nativefier) | [Documentation](https://github.com/nativefier/nativefier/blob/master/API.md) - Tool to make any web page a desktop application
+ - name: nativefier
+ bin: nativefier
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [nectarjs](https://npmjs.com/package/nectarjs) | [GitHub](https://github.com/nectarjs/nectarjs) | [Homepage](https://nectarjs.com/) | [Documentation](https://nectarjs.com/documentation/) - A JavaScript native compiler
+ - name: nectarjs
+ bin: nectar
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [newman](https://npmjs.com/package/newman) | [GitHub](https://github.com/postmanlabs/newman) | [Homepage](https://www.postman.com/) | [Documentation](https://learning.postman.com/docs/running-collections/using-newman-cli/command-line-integration-with-newman/) - A command-line collection runner for Postman
+ - name: newman
+ bin: newman
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [np](https://npmjs.com/package/np) | [GitHub](https://github.com/sindresorhus/np) - A better npm publish
+ - name: np
+ bin: np
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [npm-check](https://npmjs.com/package/npm-check) | [GitHub](https://github.com/dylang/npm-check) | [Homepage](https://www.npmjs.com/package/npm-check) - Check for outdated, incorrect, and unused dependencies
+ - name: npm-check
+ bin: npm-check
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [nrm](https://npmjs.com/package/nrm) | [GitHub](https://github.com/Pana/nrm) - nrm can help you easy and fast switch between different npm registries
+ - name: nrm
+ bin: nrm
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [oclif](https://npmjs.com/package/oclif) | [GitHub](https://github.com/oclif/oclif) | [Homepage](https://oclif.io/) | [Documentation](https://oclif.io/docs/introduction) - A framework for building CLIs in Node.js
+ - name: oclif
+ bin: oclif
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [package-size](https://npmjs.com/package/package-size) | [GitHub](https://github.com/egoist/package-size) - Tool to get the bundle size of an npm package
+ - name: package-size
+ bin: package-size
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [pageres-cli](https://npmjs.com/package/pageres-cli) | [GitHub](https://github.com/sindresorhus/pageres-cli) - A CLI to capture screenshots of websites in various resolutions
+ - name: pageres-cli
+ bin: pageres
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [playwright](https://npmjs.com/package/playwright) | [GitHub](https://github.com/Microsoft/playwright) | [Homepage](https://playwright.dev/) | [Documentation](https://playwright.dev/docs/intro) - Single API to automate Chromium, WebKit, and Firefox (available as a CLI and library)
+ - name: playwright
+ bin: playwright
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [pm2](https://npmjs.com/package/pm2) | [GitHub](https://github.com/Unitech/pm2) | [Homepage](https://pm2.keymetrics.io/) | [Documentation](https://pm2.keymetrics.io/docs/usage/quick-start/) - PM2 is a production process manager for Node.js applications with a built-in load balancer
+ - name: pm2
+ bin: pm2
+
+ # @npm @cli [pkg](https://npmjs.com/package/pkg) | [GitHub](https://github.com/vercel/pkg) - This command line interface enables you to package your Node.js project into an executable that can be run even on devices without Node.js installed
+ - name: pkg
+ bin: pkg
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [prettier](https://npmjs.com/package/prettier) | [GitHub](https://github.com/prettier/prettier) | [Homepage](https://prettier.io/) | [Documentation](https://prettier.io/docs/en/index.html) - A code formatter
+ - name: prettier
+ bin: prettier
+
+ # @npm @cli [psi](https://npmjs.com/package/psi) | [GitHub](https://github.com/GoogleChromeLabs/psi) | [Homepage](https://pagespeed.web.dev/) | [Documentation](https://developers.google.com/speed/docs/insights/v5/about) - PageSpeed Insights with reporting
+ - name: psi
+ bin: psi
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [ramda-cli](https://npmjs.com/package/ramda-cli) | [GitHub](https://github.com/raine/ramda-cli) - A tool for processing data with functional pipelines in the command-line or interactively in browser
+ - name: ramda-cli
+ bin: ramda
+
+ # @npm @cli [semantic-release](https://npmjs.com/package/semantic-release) | [GitHub](https://github.com/semantic-release/semantic-release) | [Homepage](https://semantic-release.gitbook.io/semantic-release/) | [Documentation](https://semantic-release.gitbook.io/semantic-release/usage/getting-started) - A tool that automates the process of releasing software, featuring integrations with GitHub / GitLab releases
+ - name: semantic-release
+ bin: semantic-release
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [serve](https://npmjs.com/package/serve) | [GitHub](https://github.com/vercel/serve) - Static file serving and directory listing
+ - name: serve
+ bin: serve
+
+ # @npm @cli [serverless](https://npmjs.com/package/serverless) | [GitHub](https://github.com/serverless/serverless) | [Homepage](https://www.serverless.com/) | [Documentation](https://www.serverless.com/framework/docs) - Serverless Framework – Build web, mobile and IoT applications with serverless architectures using AWS Lambda, Azure Functions, Google CloudFunctions & more
+ - name: serverless
+ bin: serverless
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [share-cli](https://npmjs.com/package/share-cli) | [GitHub](https://github.com/marionebl/share-cli) - Quickly share files from your command line
+ - name: share-cli
+ bin: share
+
+ # @npm @cli [sharp-cli](https://npmjs.com/package/sharp-cli) | [GitHub](https://github.com/vseventer/sharp-cli) - CLI for sharp, a high performance Node.js image processing module
+ - name: sharp-cli
+ bin: sharp
+
+ # @npm @cli [speed-test](https://npmjs.com/package/speed-test) | [GitHub](https://github.com/sindresorhus/speed-test) - Test your internet connection speed and ping using speedtest.net from the CLI
+ - name: speed-test
+ bin: speed-test
+
+ # @npm @cli [stegcloak](https://npmjs.com/package/stegcloak) | [GitHub](https://github.com/KuroLabs/stegcloak) | [Homepage](https://stegcloak.surge.sh/) - StegCloak is a pure JavaScript steganography module designed in functional programming style, to hide secrets inside text by compressing and encrypting the secret before cloaking it with special unicode invisible characters
+ - name: stegcloak
+ bin: stegcloak
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [supdock](https://npmjs.com/package/supdock) | [GitHub](https://github.com/segersniels/supdock) - A CLI for running commands like "docker logs" in an easier, more interactive way
+ - name: supdock
+ bin: supdock
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [surge](https://npmjs.com/package/surge) | [GitHub](https://github.com/sintaxi/surge) | [Homepage](https://surge.sh/) | [Documentation](https://surge.sh/help/) - Publish web apps to a CDN with a single command and no setup required
+ - name: surge
+ bin: surge
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [svgo](https://npmjs.com/package/svgo) | [GitHub](https://github.com/svg/svgo) - SVG Optimizer is a Node.js-based tool for optimizing SVG vector graphics files
+ - name: svgo
+ bin: svgo
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [terminalizer](https://npmjs.com/package/terminalizer) | [GitHub](https://github.com/faressoft/terminalizer) | [Homepage](https://terminalizer.com/) - Record your terminal and generate animated gif images or share a web player link
+ - name: terminalizer
+ bin: terminalizer
+
+ # @npm @cli [tinypng-cli](https://npmjs.com/package/tinypng-cli) | [GitHub](https://github.com/websperts/tinypng-cli) - Handy command line tool for shrinking PNG images using the TinyPNG API
+ - name: tinypng-cli
+ bin: tinypng
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [tldr](https://npmjs.com/package/tldr) | [GitHub](https://github.com/tldr-pages/tldr-node-client) | [Homepage](https://tldr.sh/) - A Node.js based command-line client for tldr
+ - name: tldr
+ bin: tldr
+
+ # @npm @cli [ts2c](https://npmjs.com/package/ts2c) | [GitHub](https://github.com/andrei-markeev/ts2c) - A JavaScript/TypeScript to C compiler
+ - name: ts2c
+ bin: ts2c
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [typescript](https://npmjs.com/package/typescript) | [GitHub](https://github.com/Microsoft/TypeScript) | [Homepage](https://www.typescriptlang.org/) | [Documentation](https://www.typescriptlang.org/docs/) - A language for application-scale JavaScript
+ - name: typescript
+ bin: tsc
+
+ # @npm @cli [wifi-password-cli](https://npmjs.com/package/wifi-password-cli) | [GitHub](https://github.com/kevva/wifi-password-cli) - CLI to get current wifi password
+ - name: wifi-password-cli
+ bin: wifi-password
+
+ # @npm @cli [wordpressify](https://npmjs.com/package/wordpressify) | [GitHub](https://github.com/luangjokaj/wordpressify) | [Homepage](https://www.wordpressify.co/) | [Documentation](https://www.wordpressify.co/docs) - Automate your WordPress development workflow
+ - name: wordpressify
+ bin: wordpressify
+ when: '{{ install_default_npm_packages | default(true) }}'
+
+ # @npm @cli [zx](https://npmjs.com/package/zx) | [GitHub](https://github.com/google/zx) - A tool for writing better scripts
+ - name: zx
+ bin: zx
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/desktop/pip-packages.yml b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/pip-packages.yml
new file mode 100644
index 00000000..5610e171
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/pip-packages.yml
@@ -0,0 +1,139 @@
+---
+# yamllint disable rule:line-length
+# @var pip_packages: [] # A list of Python packages to install globall. If the package's `pipx` field is set to true then the
+# package will be installed via [pipx](https://pypa.github.io/pipx/).
+# These are the pip packages that are automatically installed on hosts in the desktop group
+pip_packages:
+ # @pypi @cli [ansibleconnect](https://pypi.org/project/ansibleconnect/) | [GitHub](https://github.com/psykulsk/ansibleconnect) - Parses Ansible inventory and opens up a tmux session for each host
+ - name: ansibleconnect
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [ansible-lint](https://pypi.org/project/ansible-lint/) | [GitHub](https://github.com/ansible/ansible-lint) | [Documentation](https://ansible-lint.readthedocs.io/en/latest/) - Lint tool that checks [Ansible](https://www.ansible.com/) projects for best practices and problematic code
+ - name: ansible-lint
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [asciinema](https://pypi.org/project/asciinema/) | [GitHub](https://github.com/asciinema/asciinema) | [Homepage](https://asciinema.org/) | [Documentation](https://asciinema.org/docs/how-it-works) - Tool that records terminal session and replay them in a terminal as well as in a web browser
+ - name: asciinema
+ pipx: true
+
+ # @pypi @cli [aws-shell](https://pypi.org/project/aws-shell/) | [GitHub](https://github.com/awslabs/aws-shell) | [Documentation](https://docs.aws.amazon.com/cli/latest/reference/) - AWS shell is the interactive productivity booster for the AWS CLI
+ - name: aws-shell
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [cookiecutter](https://pypi.org/project/cookiecutter/) | [GitHub](https://github.com/cookiecutter/cookiecutter) | [Documentation](https://cookiecutter.readthedocs.io/en/stable/) - A command-line utility that creates projects from cookiecutters (project templates)
+ - name: cookiecutter
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [gdown](https://pypi.org/project/gdown) | [GitHub](https://github.com/wkentaro/gdown) - An alternative to wget and curl that can handle downloading large files from Google Drive
+ - name: gdown
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [git-filter-repo](https://pypi.org/project/git-filter-repo) | [GitHub](https://github.com/newren/git-filter-repo) | [Documentation](https://htmlpreview.github.io/?https://github.com/newren/git-filter-repo/blob/docs/html/git-filter-repo.html) - Tool that aids in wiping particular sections of a repository
+ - name: git-filter-repo
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [gixy](https://pypi.org/project/gixy/) | [GitHub](https://github.com/yandex/gixy) - A tool to analyze Nginx configuration
+ - name: gixy
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [gphotos-sync](https://pypi.org/projects/gphotos-sync) | [GitHub](https://github.com/gilesknap/gphotos-sync) | [Documentation](https://gilesknap.github.io/gphotos-sync/main/index.html) - A tool that can be used to backup photos and video from Google Photos
+ - name: gphotos-sync
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [httpstat](https://pypi.org/project/httpstat/) | [GitHub](https://github.com/reorx/httpstat) - A script that reflects curl statistics in a fascinating and well-defined way, it is a single file which is compatible with Python 3 and requires no additional software (dependencies) to be installed on a users system
+ - name: httpstat
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli @tui [http-prompt](https://pypi.org/project/http-prompt/) | [GitHub](https://github.com/httpie/http-prompt) | [Homepage](https://http-prompt.com/) | [Documentation](https://docs.http-prompt.com/en/latest/) - An interactive command-line HTTP client featuring autocomplete and syntax highlighting, built on HTTPie and prompt_toolkit
+ - name: http-prompt
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli @tui [iredis](https://pypi.org/project/iredis/) | [GitHub](https://github.com/laixintao/iredis) | [Homepage](https://iredis.io/) - A terminal client for redis with auto-completion and syntax highlighting
+ - name: iredis
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli @tui [kube-shell](https://pypi.org/project/kube-shell/) | [GitHub](https://github.com/cloudnativelabs/kube-shell) - An integrated shell for working with the Kubernetes CLI
+ - name: kube-shell
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli @tui [litecli](https://pypi.org/project/litecli/) | [GitHub](https://github.com/dbcli/litecli) | [Homepage](https://litecli.com/) | [Documentation](https://litecli.com/features/) - A command-line client for SQLite databases that has auto-completion and syntax highlighting
+ - name: litecli
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [netaddr](https://pypi.org/project/netaddr/) | [GitHub](https://github.com/netaddr/netaddr) | [Documentation](https://netaddr.readthedocs.io/en/latest/) - A system-independent network address manipulation library for Python 2.7 and 3.5+
+ - name: netaddr
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [ngxtop](https://pypi.org/project/ngxtop/) | [GitHub](https://github.com/lebinh/ngxtop) - ngxtop parses your nginx access log and outputs useful, top-like, metrics of your nginx server
+ - name: ngxtop
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [molecule](https://pypi.org/project/molecule/) | [GitHub](https://github.com/ansible-community/molecule) | [Documentation](https://molecule.readthedocs.io/en/latest/) - Molecule project is designed to aid in the development and testing of Ansible roles. Molecule provides support for testing with multiple instances, operating systems and distributions, virtualization providers, test frameworks and testing scenarios
+ - name: molecule
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli @tui [mycli](https://pypi.org/project/mycli/) | [GitHub](https://github.com/dbcli/mycli) | [Homepage](https://www.mycli.net/) | [Documentation](https://www.mycli.net/docs) - Command line interface for MySQL database with auto-completion and syntax highlighting
+ - name: mycli
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [pre-commit](https://pypi.org/project/pre-commit/) | [GitHub](https://github.com/pre-commit/pre-commit) | [Homepage](https://pre-commit.com/) | [Documentation](https://pre-commit.com/index.html#install) - A framework for managing and maintaining multi-language pre-commit hooks
+ - name: pre-commit
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [pywhat](https://pypi.org/project/pywhat/) | [GitHub](https://github.com/bee-san/pyWhat) - A tool that identify what something is, whether it be a file or a text, or even the hex of a file, and text within files - what is recursive
+ - name: pywhat
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli @webapp [social-analyzer](https://pypi.org/project/social-analyzer/) | [GitHub](https://github.com/qeeqbox/social-analyzer) - API, CLI & Web App for analyzing & finding a person’s profile across social media websites
+ - name: social-analyzer
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [spotdl](https://pypi.org/project/spotdl/) | [GitHub](https://github.com/spotDL/spotify-downloader) - A tool to download Spotify playlists and songs along with album art and metadata
+ - name: spotdl
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [starred](https://pypi.org/project/starred/) | [GitHub](https://github.com/maguowei/starred) - Generate a GitHub Awesome list directly from your starred repositories
+ - name: starred
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [statcode](https://pypi.org/project/statcode/) | [GitHub](https://github.com/shobrook/statcode) - `man` pages for HTTP status codes (used by running `statcode 418`, for instance)
+ - name: statcode
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [trufflehog](https://pypi.org/project/truffleHog/) | [GitHub](https://github.com/trufflesecurity/trufflehog) | [Homepage](https://trufflesecurity.com/) - A tool which makes it easier to search through the history of a git repository to discover passwords and other secrets
+ - name: truffleHog
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [virtualenv](https://pypi.org/project/virtualenv/) | [GitHub](https://github.com/pypa/virtualenv) | [Homepage](https://virtualenv.pypa.io/en/latest/) | [Documentation](https://virtualenv.pypa.io/en/latest/user_guide.html) - A tool for creating isolated virtual Python environments
+ - name: virtualenv
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
+
+ # @pypi @cli [yamllint](https://pypi.org/project/yamllint/) | [GitHub](https://github.com/adrienverge/yamllint) | [Documentation](https://yamllint.readthedocs.io/en/stable/) - A linter for YAML files
+ - name: yamllint
+ pipx: true
+ when: '{{ install_default_pip_packages | default(true) }}'
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/desktop/ruby-gems.yml b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/ruby-gems.yml
new file mode 100644
index 00000000..1409237c
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/ruby-gems.yml
@@ -0,0 +1,32 @@
+---
+# yamllint disable rule:line-length
+# @var ruby_gems: [] # A list of Ruby gems that should be installed globally.
+# These are the default gems installed on any host in the desktop group
+ruby_gems:
+ # @gem @cli [Bundler](https://rubygems.org/gems/bundler) | [GitHub](https://github.com/rubygems/rubygems) | [Homepage](https://bundler.io/) | [Documentation](https://bundler.io/docs.html) - A tool that manages ruby application's gem dependencies through its entire life, across many machines, systematically and repeatably
+ - name: bundler
+ when: '{{ install_default_ruby_gems | default(true) }}'
+
+ # @gem @cli [Chef](https://rubygems.org/gems/chef) | [GitHub](https://github.com/chef/chef/) | [Homepage](https://www.chef.io/) | [Documentation](https://docs.chef.io/) - A systems integration framework, built to bring the benefits of configuration management to the entire infrastructure
+ - name: chef
+ when: '{{ install_default_ruby_gems | default(true) }}'
+
+ # @gem @cli [CocoaPods](https://rubygems.org/gems/cocoapods) | [GitHub](https://github.com/CocoaPods/CocoaPods/) | [Homepage](https://cocoapods.org/) | [Documentation](https://guides.cocoapods.org/) - A tool that manages library dependencies for Xcode project
+ - name: cocoapods
+ when: '{{ install_default_ruby_gems | default(true) }}'
+
+ # @gem @cli [fpm](https://rubygems.org/gems/fpm) | [GitHub](https://github.com/jordansissel/fpm/) | [Documentation](https://fpm.readthedocs.io/en/latest/) - A tool that converts directories, rpms, python eggs, rubygems, and more to rpms, debs, solaris packages and more
+ - name: fpm
+ when: '{{ install_default_ruby_gems | default(true) }}'
+
+ # @gem @cli [mdl](https://rubygems.org/gems/mdl) | [GitHub](https://github.com/markdownlint/markdownlint) - A style checker/lint tool for markdown files
+ - name: mdl
+ when: '{{ install_default_ruby_gems | default(true) }}'
+
+ # @gem @cli [mdl](https://rubygems.org/gems/papertrail) | [GitHub](https://github.com/papertrail/papertrail-cli) | [Homepage](https://www.papertrail.com/) - A log viewer for Papertrail (a logging service with a basic free plan)
+ - name: papertrail
+ when: '{{ install_default_ruby_gems | default(true) }}'
+
+ # @gem @cli [t](https://rubygems.org/gems/t) | [GitHub](https://github.com/sferik/t/) - A command-line power tool for Twitter
+ - name: t
+ when: '{{ install_default_ruby_gems | default(true) }}'
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vars.yml b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vars.yml
new file mode 100644
index 00000000..c9049a0b
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vars.yml
@@ -0,0 +1,272 @@
+---
+# @var add_known_hosts: true # When set to `true`, the playbook will automatically attempt to pre-cache
+# SSH address signatures into the `known_hosts` file.
+add_known_hosts: true
+
+default_ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_ecdsa_sk_onlykey_green.pub') }}"
+ - "{{ lookup('file', 'files/ssh/id_ecdsa_sk_onlykey_green_alt.pub') }}"
+ - "{{ lookup('file', 'files/ssh/id_ecdsa_sk_onlykey_green_x.pub') }}"
+ - "{{ lookup('file', 'files/ssh/id_ed25519_sk_26.pub') }}"
+ - "{{ lookup('file', 'files/ssh/id_ed25519_sk_27.pub') }}"
+ - "{{ lookup('file', 'files/ssh/id_ed25519_sk_52.pub') }}"
+ - "{{ lookup('file', 'files/ssh/id_ed25519_sk_yubi_nano.pub') }}"
+ - "{{ lookup('file', 'files/ssh/id_ed25519_sk_yubi_nano_x.pub') }}"
+ - "{{ lookup('file', 'files/ssh/id_ed25519_sk_yubi_nanoc.pub') }}"
+ - "{{ lookup('file', 'files/ssh/id_ed25519_sk_yubi_nanoc_x.pub') }}"
+ - "{{ lookup('file', 'files/ssh/id_ed25519_sk_yubi_nfc_green.pub') }}"
+ - "{{ lookup('file', 'files/ssh/id_ed25519_sk_yubi_nfc_green_x.pub') }}"
+
+default_ssh_private_keys:
+ - files/ssh/id_ecdsa_sk_onlykey_green
+ - files/ssh/id_ecdsa_sk_onlykey_green_alt
+ - files/ssh/id_ecdsa_sk_onlykey_green_x
+ - files/ssh/id_ed25519_sk_26
+ - files/ssh/id_ed25519_sk_27
+ - files/ssh/id_ed25519_sk_52
+ - files/ssh/id_ed25519_sk_yubi_nano
+ - files/ssh/id_ed25519_sk_yubi_nano_x
+ - files/ssh/id_ed25519_sk_yubi_nanoc
+ - files/ssh/id_ed25519_sk_yubi_nanoc_x
+ - files/ssh/id_ed25519_sk_yubi_nfc_green
+ - files/ssh/id_ed25519_sk_yubi_nfc_green_x
+ - files/ssh/id_rsa
+
+# @var software: [] # A list of software packages to be installed via the `roles/helpers/installer` role. The list of software
+# that can be installed via the role (and this variable) is in `group_vars/all/software.yml`.
+software:
+ - act
+ - altair
+ - askgit
+ - azurefunctions
+ - bandwhich
+ - bane
+ - bat
+ - betwixt
+ - bin
+ - bitwarden
+ - bivac
+ - boilr
+ - captain
+ - cerebro
+ - clair
+ - consul
+ - croc
+ - ctop
+ - cumulus
+ - dasel
+ - dat
+ - delta
+ - desed
+ - deta
+ - direnv
+ - dive
+ - docker
+ - dockle
+ - doctl
+ - dog
+ - duf
+ - dust
+ - envconsul
+ - fd
+ # No releases in 6 years, no 'latest' release tag ever which causes the `gh` method to fail
+ # - felony
+ - ffsend
+ - filebrowser
+ - fm
+ - fq
+ - fselect
+ - fuego
+ # A separate Role exists
+ # - g-assist
+ - gitify
+ - gitleaks
+ - gitomatic
+ - glab
+ - glow
+ - go
+ - gojq
+ - gping
+ - grex
+ - gron
+ - hclq
+ - hexyl
+ - hey
+ - hostctl
+ - htmlq
+ - hyperfine
+ - jiq
+ - jitsi
+ - jo
+ - jq
+ - kdash
+ # Looks like it was primarily designed for mobile and it only has a GitHub release
+ # - kubenav
+ - license
+ - linuxkit
+ - manta
+ - mark
+ - masscode
+ - mc
+ - mergestat
+ - mjml
+ - mkcert
+ - mockoon
+ - motrix
+ - mqttx
+ - muffet
+ # - mullvad-vpn # deb, rpm available, no archives for Linux
+ - nebula
+ - nnn
+ - node
+ - nomino
+ - nuclear
+ - oq
+ - osquery
+ - ots
+ - page
+ - pass
+ - pastel
+ - peco
+ - pony
+ - pretzel # Mac only, over 3 years old
+ - procs
+ # - psu # Releases contain only code. few pre-releases contain releases, no update in about 2.5 years
+ - pup
+ - q
+ - raindrop
+ - responsively
+ - rip
+ - runjs
+ - s5cmd
+ - schema
+ - scrcpy
+ - sd
+ - shfmt
+ - skm
+ # - sqlectron # deb, rpm, pacman available but no archive
+ - ssh-vault
+ - ssl-proxy
+ - skype
+ - slack
+ - sqlectron
+ - ssh
+ - ssl
+ - switchhosts
+ - sysbench
+ - tabby
+ - task
+ - teleport
+ - temps # 6 years old. Forks are platform specific
+ - tflint
+ - tokei
+ - transfer
+ - trivy
+ - udemy
+ - up
+ - waypoint
+ - websocat
+ - webtorrent
+ - whaler
+ - wkhtmltopdf
+ - xurls
+ - yq
+
+# @var default_browser: brave # Set this variable equal to the tag corresponding to the browser you wish to be set as the default browser.
+# Available options include `brave` (Brave Browser), `firefox` (Firefox), `edge` (Microsoft Edge), and `chrome` (Google Chrome / Chromium).
+default_browser: brave
+
+# @var vpn_connections: [] # A list of VPN profiles to automatically load into the NetworkManager VPN plugin on Linux and into the WireGuard
+# app on macOS / Linux. The profiles should be placed in the `files/vpn` folder. Examples of OpenVPN / WireGuard profiles are also available
+# in that folder.
+vpn_connections:
+ - file: Mullvad WG Belgium (UDP 4888).nmconnection
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
+ - file: Mullvad WG Japan (UDP 4888).nmconnection
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
+ - file: Mullvad WG Moldova (UDP 53).nmconnection
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
+ - file: Mullvad WG Singapore (UDP 4888).nmconnection
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
+ - file: Proton WG Cambodia (UDP 51820).nmconnection
+ password: '{{ proton_password }}'
+ username: '{{ proton_username }}'
+ - file: Proton WG Colombia (UDP 51820).nmconnection
+ password: '{{ proton_password }}'
+ username: '{{ proton_username }}'
+ - file: Proton WG Cyprus (UDP 51820).nmconnection
+ password: '{{ proton_password }}'
+ username: '{{ proton_username }}'
+ - file: Proton WG Serbia (UDP 51820).nmconnection
+ password: '{{ proton_password }}'
+ username: '{{ proton_username }}'
+ - file: Proton WG Slovakia (UDP 51820).nmconnection
+ password: '{{ proton_password }}'
+ username: '{{ proton_username }}'
+ - file: Mullvad OVPN Greece (TCP 53).ovpn
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
+ - file: Mullvad OVPN Los Angeles (TCP 443).ovpn
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
+ - file: Mullvad OVPN Luxembourg (TCP 443).ovpn
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
+ - file: Mullvad OVPN Romania (TCP 80).ovpn
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
+ - file: Mullvad Shadowsocks Serbia (TCP 443+1080).ovpn
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
+ - file: Proton OVPN Argentina (TCP 443+7770+8443).ovpn
+ password: '{{ proton_openvpn_password }}'
+ username: '{{ proton_openvpn_username }}'
+ - file: Proton OVPN Finland (via Sweden) (TCP 443+7770+8443).ovpn
+ password: '{{ proton_openvpn_password }}'
+ username: '{{ proton_openvpn_username }}'
+ - file: Proton OVPN France (TCP 443+7770+8443).ovpn
+ password: '{{ proton_openvpn_password }}'
+ username: '{{ proton_openvpn_username }}'
+ - file: Proton OVPN Russia (via Iceland) (TCP 443+7770+8443).ovpn
+ password: '{{ proton_openvpn_password }}'
+ username: '{{ proton_openvpn_username }}'
+ - file: Proton OVPN USA (TCP 443+7770+8443).ovpn
+ password: '{{ proton_openvpn_password }}'
+ username: '{{ proton_openvpn_username }}'
+# @example #
+# vpn_connections:
+# - file: Mullvad OpenVPN Denver (UDP 53).ovpn
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad OpenVPN Hong Kong.ovpn
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad OpenVPN Italy.ovpn
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad OpenVPN NYC.ovpn
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad OpenVPN Secaucus (TCP 80).ovpn
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad WireGuard Germany (Custom Port).nmconnection
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad WireGuard Italy Brazil.nmconnection
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad WireGuard NYC (Custom Port).nmconnection
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad WireGuard NYC.nmconnection
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad WireGuard Switzerland.nmconnection
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# @end
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vault.schema.json b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vault.schema.json
new file mode 100644
index 00000000..5cd8ba12
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vault.schema.json
@@ -0,0 +1,99 @@
+{
+ "$ref": "#/definitions/VaultSchema",
+ "$schema": "http://json-schema.org/draft-06/schema#",
+ "definitions": {
+ "VaultSchema": {
+ "additionalProperties": false,
+ "properties": {
+ "dockerhub_password": {
+ "type": "string"
+ },
+ "dockerhub_username": {
+ "type": "string"
+ },
+ "dropbox_access_token": {
+ "type": "string"
+ },
+ "google_drive_access_token": {
+ "type": "string"
+ },
+ "google_drive_client_id": {
+ "type": "string"
+ },
+ "google_drive_client_secret": {
+ "type": "string"
+ },
+ "google_drive_refresh_token": {
+ "type": "string"
+ },
+ "google_drive_root_folder_id": {
+ "type": "string"
+ },
+ "google_drive_work_access_token": {
+ "type": "string"
+ },
+ "google_drive_work_client_id": {
+ "type": "string"
+ },
+ "google_drive_work_client_secret": {
+ "type": "string"
+ },
+ "google_drive_work_refresh_token": {
+ "type": "string"
+ },
+ "mullvad_password": {
+ "type": "string"
+ },
+ "mullvad_username": {
+ "type": "integer"
+ },
+ "nordvpn_password": {
+ "type": "string"
+ },
+ "nordvpn_username": {
+ "type": "string"
+ },
+ "onedrive_access_token": {
+ "type": "string"
+ },
+ "onedrive_drive_id": {
+ "type": "string"
+ },
+ "onedrive_refresh_token": {
+ "type": "string"
+ },
+ "surgesh_password": {
+ "type": "string"
+ },
+ "surgesh_username": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "dockerhub_password",
+ "dockerhub_username",
+ "dropbox_access_token",
+ "google_drive_access_token",
+ "google_drive_client_id",
+ "google_drive_client_secret",
+ "google_drive_refresh_token",
+ "google_drive_root_folder_id",
+ "google_drive_work_access_token",
+ "google_drive_work_client_id",
+ "google_drive_work_client_secret",
+ "google_drive_work_refresh_token",
+ "mullvad_password",
+ "mullvad_username",
+ "nordvpn_password",
+ "nordvpn_username",
+ "onedrive_access_token",
+ "onedrive_drive_id",
+ "onedrive_refresh_token",
+ "surgesh_password",
+ "surgesh_username"
+ ],
+ "title": "VaultSchema",
+ "type": "object"
+ }
+ }
+}
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vault.yml b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vault.yml
new file mode 100644
index 00000000..60fd602f
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vault.yml
@@ -0,0 +1,138 @@
+$ANSIBLE_VAULT;1.1;AES256
+37626231323261323635633633313637633532353261646437643133373564613939383330623637
+3433633734376434663633643138316137363062346563380a623533376232343165303631336532
+33373134313935363038373034636436323764643133303238346130636636643736373863356565
+3531393465333531380a346234386163336665353936643633643230386634663035373631346235
+62386563343639396565613235326164306663353664613061353639316162356164626338303765
+62623862643232653132613638346232663839633339626332613162316639643638623964383237
+36623838643738356332633636373533653831323766363062396164386136633161373761663730
+35643334623439653438383238386362323831663336623163383864333235626166353963656636
+30333930376434353465393938663039633734343338306533313836353665613065663163376363
+66653966383339376538373462656637623061393661656230343162663066313164303139626534
+31633837316236633730383663383766643363313263636264626338656637316361646337336364
+30633738643565613235623030653832343336636536643761346662316239623664623263393166
+33633131386434613833626535336661396630303061363034353663633338613663356132343463
+37326330363165633730366537303637663363626536326465393232376165396334353339326662
+64643035383863616266336637346233353231633131396265383164323338626435653131366366
+36633631623130373363643434633663633633386666363735323731633734313734616339323432
+37643433653235373535306433666262316239303430663265383131616566643434396134343464
+34366535363631363665646366396161356562356439373330313465383066386232386530326364
+66313933383836316364663061666435303732626535386566623634393631343034623063653463
+35393337623130623738663761336239613033336462376437396564383966383138643133666431
+38646234346362633565303163666437613435333266303237616133333532346137386563316262
+61636239336265383165313936626338386538623836393734383466656563613664306564373135
+36303436623034643733636464333862613537363062653736336465346464643233386237653137
+62303332303531656530343066343335303166396535623964313961303438623933396339343266
+35343461623763613736653233343732323139363739313335333065376231393835373035316136
+34393438636666333438343133386438306237646339356261333163643536343230643465353032
+38386461666534393230653862376361303931656164303035346630353765623034623965376631
+32646664633930313864383835306164313331353065643632383131663538306664396130656230
+34613765663866373236363938343735303539313963353765613333393262653633373233326665
+38326533363962323631393862373564383135653931306233626336356137383866653035323035
+66633432346130316535626531393636333132303564356366643761373133633239633337383931
+66383862393538323462623830353539333963336333656332396565363934383665353830613636
+30306361313239623666383636313061343635393336356430326632343831363261333935323864
+30333461636239373631356632326263613064386431623934633166663835323832366363326634
+65333532366162353263363734373132333834383337326465626235396636326566313863333266
+32376338346462623730343130303339643937373932613762316562386337666662343064343166
+35373364343432353763313465316538303931386561666231643431313863656239306638663566
+38356236333162663034623935666130343265353335636138356635636431313962346335336132
+36353237326637336237633930363835373761653765333965643632386465626262353633393466
+33333065656663636561666261623138643063363430323964323531343039636532356666316231
+65333533386334393334343661653833363962623764663664666666346534396362393866313063
+66333965346364636433383863343735333438383961303461363932643266373966336362393431
+30616335346432313764633435623266366561623630613139383139313665623665323037633163
+65633264303937336539333631376637326234613538366338623262376661323431383565383639
+32326439323632313264613564363963623135383234383865376430333632653937623863616330
+39323737366363626533653935636432643864663665316666323933613733336330333865653264
+65666333333932653738323766633363316235333530386631366664323561376261663835393931
+30633465343364356232313662613564303661333864616363643262393166336339396433356162
+65643130393236306431386231343536643637623536396263326336323631643365323331343438
+30633564343232346362356237353038363864303561336130336631306331316463313862653662
+65386339346636633263633032363834623138303739326161336561316635623763626632333032
+65363439316431373766643266633137336564386462666630356437623765623735366361303430
+30313135383565333035316236313464313131653265366537376664613463303162633237323835
+35303762386664306663633237396538373264323464326266333333353437393235303037376162
+32636465313233643261363430373462316337333632633965393762623035623832633532363633
+35623565626531306562343333363163626230636439333337326131643466303834373432393938
+34613466636232313965303831333338623831353366353932396537303339653836333561666463
+38326437613865326661316562343135343831616361393861363239643135626365313465353530
+30393965663164346135353266316237383566633539623834646639373565366537306334343364
+39393537343432376461633839333833393464396238666130326438353339663735653039373537
+32663335663736653065343235383465633535643937626135663131346439363138303139636335
+65326432336433623661626433306565366238643633386134363032363462633665303666333264
+62313536383632393438366332393231636464623039663134623738646366653365396662666638
+62616338356362333734346533633235666166663635613638333037613937386432353030306632
+37633238636632633235613966633337343063613439616135653634393262313835343035313135
+35626430336533663236616635316138343361396233356132393231353831366534303532346335
+36393936633735623234653735643438633231386633323963393335343436373737303763666138
+65313463333938343439666230653833646439313036316639636632396334653233306266653833
+65636432643166353234313934613961373865623335626262646530386531613731343061643165
+35643265643863343161653437623235643461636336616263613265633837643339376666383661
+37306265396537313266393263376531326430393734646663353462383434623861303334353032
+30393433303135346634653762313962336132613434663966353838666564663265663065366630
+39623337323538636637633635343130303034373635373064333731653938346236383265363965
+39343230643566653637343934376230333663346238303630373933646331633839343634383266
+38663039653733313537396131363732333461333462393934343539306434623835623337656337
+62613235623034663839663234373832366637393961323763383337663466303764373663376661
+39346438623137393632303965356636393064646338643233383564643233646264333332653335
+63616464303535333064666665613934353130363532316466633630313265303936613530303866
+31396439346231313132663934363965633264303032396231643865313431376662306332623536
+66653339373231306363613864666433663437643266663162623333653861656662396432313964
+35306437323836663633613637636265356234666230623761353433386163336335623439376165
+62346437386365613037646164636637313235316535613430656163643930303530386132346339
+39356534636435396363363438393633333537343736333432333865336162383631373337363066
+39366236653532333834373530653362336134383766303263636330646539393633633938363964
+66643162373034343138666130623331656337343336616135343030396535383839336362633433
+63623830346264636534326231346563666666343064653931653666336538623834323430393762
+37656232663564666232326631643234396261313136303631653664656635616363393064306232
+61613931376462366665636336663334363939326163353462336336656339343165616261316365
+37326163653834633932653138646461626163663739333530333639376434303163346563366234
+32613764666537313562386335633931643561373365616662346162623231323836376466346236
+61336466343635323361393437616364333065393039326236356439333564653736663933663465
+37306565613735316164303634336432393034306439356134626238633661663131393331353639
+63306235663064633365643931616462613635613730303634636433626261396431653732303333
+61643636373631346363383731666132363735633966343365333463383466353232393532363938
+66393835633232646233623565393733646530396433636563313835353763363861656433653066
+32353336323261346465326533386239353166623231323534303163393165333232303866633638
+66616666303065326530626539343434643532336662333132323035353334663035353265656439
+30643332643463643439356230306233313862393632666234346332313066623539636238653136
+39373230613866666631306436613861383238613164376338363363653135666639383264653834
+62303131316563343631626331643234653234363533303438393239333739613732366166623934
+65313037653235623032333933313862336639393835356436613633653862333831363434633662
+30636363326437613931313332623039636566346533303030306337363463363738623165653361
+64366339336335383162313166303461393433393532396664613235326239346139333539656666
+36336365356363653963636238663739386238376361356639323263623966633365633964323038
+37633030316437666564343366663564393630653664666366303437393834383530343837343631
+33663263663561353734633233643262643966353933393962323534316239313532313035666630
+38653736353762356337323434633766366432336665366466333164383863373232393461663463
+35306265393064623963666464626163653831343966366331653439373438653730636238616462
+36393932326435663432653737353763323635373933346637623632353835666264373862653831
+63666164353665373262336234613536306262393765303861396235313363656631393164323562
+64346434663833653934363438376465353465353263353238313137643833653532313566353037
+65646630363630633533623135383339616235613462643939613339303164323331663130353236
+32373963356534363336343430363364653264643735663033653436623064613261633635383430
+38333131383335663164316561333832306532333064323035643832376135343633336462613463
+30363363383437373030376539623236323562343165663737343764636234643336623866663139
+32343364323039383735356461363138353935326365636638363237343833323031636562623034
+32626431323261343961353832333433636138393932363562333661363663323863393432306532
+65303662643264343636636532323932623938346438666165336332633731306131356537396261
+32343965396239333135363063383963623664396664366539626362343565396432353734316635
+65313764366139333630393430346438323763346365633438373531616339366532366634333339
+39373566616564323739353734636265326666656137323736666631313436666566613465363236
+33326466316437353363663830653737376239643734376363663431393262366362336431353933
+63373038616236303132383039333335323662633239353131363532636162636631326462386234
+65646539303564363633313737316639363130343361653061616663666137373661616233363331
+39376337366134653564616165306634643436613561333439333835336665623732366631633865
+34323031313533373735316535386336306439326233356633633765306462393166636231383838
+63646661366233313734333039383164626135636431363832343230653435616536326666386361
+36333432663663633834623031363538303766353865346231336432623266336434643766663633
+39343633303031356532643762323236653164373163633537646131643362383762623562636236
+39313263343230623262653761623264653030343834653135653835666463613563643161303234
+63623338633639323463333538336432623839313965353037636433646561316334666364376562
+37306338303331613565613234653137653136346233343533363461653763613732393965316463
+30333265363965333062373064623464623539626538643536383836626134613539313765376162
+65306233643932383730383166336266313237306166306162353063646133313334353636336362
+62353036643735666563623563636166386664376230323166366339623563623733313862396333
+39393634383635316162343737376234373366313564646466616334353537616437643133633735
+3664
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vscode-extensions.yml b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vscode-extensions.yml
new file mode 100644
index 00000000..be00cf72
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/desktop/vscode-extensions.yml
@@ -0,0 +1,331 @@
+---
+# yamllint disable rule:line-length
+# @var vscode_extensions: [] # A list of VS Code extensions to install after VS Code is installed. Only the `name` field is required for
+# each extension in the list. You can disregard the `types` field that is shown in the default list.
+vscode_extensions:
+ # @vscode [Angular Language Service](https://marketplace.visualstudio.com/items?itemName=Angular.ng-template) | [GitHub](https://github.com/angular/vscode-ng-language-service) - Editor services for Angular template files
+ - name: Angular.ng-template
+ types:
+ - angular
+
+ # @vscode [MJML](https://marketplace.visualstudio.com/items?itemName=attilabuti.vscode-mjml) | [GitHub](https://github.com/attilabuti/vscode-mjml) - MJML preview, lint, and compile
+ - name: attilabuti.vscode-mjml
+
+ # @vscode [Markdown Emoji](https://marketplace.visualstudio.com/items?itemName=bierner.markdown-emoji) | [GitHub](https://github.com/mjbvz/vscode-markdown-emoji) - Adds emoji syntax support to VS Code's built-in Markdown preview
+ - name: bierner.markdown-emoji
+
+ # @vscode [Turbo Console Log](https://marketplace.visualstudio.com/items?itemName=ChakrounAnas.turbo-console-log) | [GitHub](https://github.com/Chakroun-Anas/turbo-console-log) - This extension make debugging much easier by automating the operation of writing meaningful log message
+ - name: ChakrounAnas.turbo-console-log
+ types:
+ - angular
+ - npm
+
+ # @vscode [Firestore Rules](https://marketplace.visualstudio.com/items?itemName=ChFlick.firecode) | [GitHub](https://github.com/ChFlick/firecode) - Firestore security rule support for Visual Studio Code
+ - name: ChFlick.firecode
+ types:
+ - angular
+
+ # @vscode [Regex Previewer](https://marketplace.visualstudio.com/items?itemName=chrmarti.regex) | [GitHub](https://github.com/chrmarti/vscode-regex) - Shows the current regular expression's matches in a side-by-side document
+ - name: chrmarti.regex
+ types:
+ - all
+
+ # @vscode [MySQL](https://marketplace.visualstudio.com/items?itemName=cweijan.vscode-mysql-client2) | [GitHub](https://github.com/cweijan/vscode-database-client) - A database GUI for SQL, SQLite, MongoDB, Redis, and ElasticSearch
+ - name: cweijan.vscode-mysql-client2
+
+ # @vscode [markdownlint](https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint) | [GitHub](https://github.com/DavidAnson/vscode-markdownlint) - Markdown/CommonMark linting and style checking for Visual Studio Code
+ - name: DavidAnson.vscode-markdownlint
+ types:
+ - all
+
+ # @vscode [ESLint](https://marketplace.visualstudio.com/items?itemName=dbaeumer.vscode-eslint) | [GitHub](https://github.com/Microsoft/vscode-eslint) - Integrates ESLint into VS Code
+ - name: dbaeumer.vscode-eslint
+ types:
+ - all
+
+ # @vscode [Deno](https://marketplace.visualstudio.com/items?itemName=denoland.vscode-deno) | [GitHub](https://github.com/denoland/vscode_deno) - Adds support for Deno (powered by the Deno language server)
+ - name: denoland.vscode-deno
+ types:
+ - npm
+
+ # @vscode [GitLens](https://marketplace.visualstudio.com/items?itemName=eamodio.gitlens) | [GitHub](https://github.com/gitkraken/vscode-gitlens) - GitLens is a popular extension that supercharges the Git capabilities built into VS Code
+ - name: eamodio.gitlens
+ types:
+ - all
+
+ # @vscode [EditorConfig](https://marketplace.visualstudio.com/items?itemName=EditorConfig.EditorConfig) | [GitHub](https://github.com/editorconfig/editorconfig-vscode) - This plugin attempts to override user/workspace settings with setting found in .editorconfig files
+ - name: EditorConfig.EditorConfig
+ types:
+ - all
+
+ # @vscode [Prettier](https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode) | [GitHub](https://github.com/prettier/prettier-vscode) - Prettier is an opinionated code formatter
+ - name: esbenp.prettier-vscode
+ types:
+ - all
+
+ # @vscode [Carbon Now](https://marketplace.visualstudio.com/items?itemName=ericadamski.carbon-now-sh) | [GitHub](https://github.com/ericadamski/vscode-carbon_now_sh) - A VS Code extension to open the current editor content in carbon.now.sh
+ - name: ericadamski.carbon-now-sh
+ types:
+ - all
+
+ # @vscode [Jest Runner](https://marketplace.visualstudio.com/items?itemName=firsttris.vscode-jest-runner) | [GitHub](https://github.com/firsttris/vscode-jest-runner) - Manage, run, and debug individual Jest tests
+ - name: firsttris.vscode-jest-runner
+ types:
+ - angular
+ - npm
+
+ # @vscode [Auto Rename Tag](https://marketplace.visualstudio.com/items?itemName=formulahendry.auto-rename-tag) | [GitHub](https://github.com/formulahendry/vscode-auto-rename-tag) - Automatically rename paired HTML/XML tag, same as Visual Studio IDE does
+ - name: formulahendry.auto-rename-tag
+ types:
+ - angular
+ - npm
+
+ # @vscode [Code Runner](https://marketplace.visualstudio.com/items?itemName=formulahendry.code-runner) | [GitHub](https://github.com/formulahendry/vscode-code-runner) - Run code snippet or code file
+ - name: formulahendry.code-runner
+ types:
+ - all
+
+ # @vscode [GitHub Pull Requests and Issues](https://marketplace.visualstudio.com/items?itemName=GitHub.vscode-pull-request-github) | [GitHub](https://github.com/Microsoft/vscode-pull-request-github) - Review and manage your GitHub pull requests and issues directly in VS Code
+ - name: GitHub.vscode-pull-request-github
+ types:
+ - all
+
+ # @vscode [GitLab Workflow](https://marketplace.visualstudio.com/items?itemName=GitLab.gitlab-workflow) | [GitHub](NO_GITHUB_REPOSITORY_LINK) - This extension integrates GitLab to VS Code
+ - name: GitLab.gitlab-workflow
+ types:
+ - all
+
+ # @vscode [Cloud Code](https://marketplace.visualstudio.com/items?itemName=GoogleCloudTools.cloudcode) | [GitHub](https://github.com/GoogleCloudPlatform/cloud-code-vscode) - This extension brings the power and convenience of IDEs to cloud-native application development
+ - name: GoogleCloudTools.cloudcode
+ types:
+ - all
+
+ # @vscode [Go](https://marketplace.visualstudio.com/items?itemName=golang.Go) | [GitHub](https://github.com/golang/vscode-go) - This extension provides rich language support for the Go programming language, integrates with Google Cloud services like Google Kubernetes Engine, Cloud Run, Cloud APIs, and Secret Manager
+ - name: golang.Go
+ types:
+ - go
+
+ # @vscode [HashiCorp Terraform](https://marketplace.visualstudio.com/items?itemName=HashiCorp.terraform) | [GitHub](https://github.com/hashicorp/terraform) - This extension adds syntax highlighting and other editing features for Terraform files using the Terraform Language Server
+ - name: HashiCorp.terraform
+ types:
+ - ansible
+
+ # @vscode [Draw.io Integration](https://marketplace.visualstudio.com/items?itemName=hediet.vscode-drawio) | [GitHub](https://github.com/hediet/vscode-drawio) - Allows editing draw.io images in VS Code by adding files ending with .drawio.png
+ - name: hediet.vscode-drawio
+ types:
+ - all
+
+ # @vscode [Output Colorizer](https://marketplace.visualstudio.com/items?itemName=IBM.output-colorizer) | [GitHub](https://github.com/IBM-Cloud/vscode-log-output-colorizer) - This extension adds syntax colorization for both the output/debug/extensions panel and *.log files, other extension that colorize the output panel will disable this extension
+ - name: IBM.output-colorizer
+ types:
+ - all
+
+ # @vscode [SSH FS](https://marketplace.visualstudio.com/items?itemName=Kelvin.vscode-sshfs) | [GitHub](https://github.com/SchoofsKelvin/vscode-sshfs) - Allows mounting SSH destinations as file system mounts inside VS Code
+ - name: Kelvin.vscode-sshfs
+ types:
+ - all
+
+ # @ideavscode [Project Dashboard](https://marketplace.visualstudio.com/items?itemName=kruemelkatze.vscode-dashboard) | [GitHub](https://github.com/Kruemelkatze/vscode-dashboard) - This VS code extension organize the projects in a speed-dial like manner
+ # - name: kruemelkatze.vscode-dashboard
+
+ # @vscode [Bash IDE](https://marketplace.visualstudio.com/items?itemName=mads-hartmann.bash-ide-vscode) | [GitHub](https://github.com/bash-lsp/bash-language-server) - This extension utilizes the bash language server, that is based on Tree Sitter and its grammar for Bash and supports explainshell integration
+ - name: mads-hartmann.bash-ide-vscode
+ types:
+ - all
+
+ # @vscode [Docker](https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-docker) | [GitHub](https://github.com/microsoft/vscode-docker) - This extension makes it easy to build, manage, and deploy containerized applications from Visual Studio Code
+ - name: ms-azuretools.vscode-docker
+ types:
+ - all
+
+ # @vscode [Kubernetes](https://marketplace.visualstudio.com/items?itemName=ms-kubernetes-tools.vscode-kubernetes-tools) | [GitHub](https://github.com/vscode-kubernetes-tools/vscode-kubernetes-tools) - The extension for developers building applications to run in Kubernetes clusters and for DevOps staff troubleshooting Kubernetes applications
+ - name: ms-kubernetes-tools.vscode-kubernetes-tools
+ types:
+ - ansible
+
+ # @vscode [Remote Containers](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers) | [GitHub](https://github.com/Microsoft/vscode-remote-release) - The Remote - Containers extension enables the use a Docker container as a full-featured development environment
+ - name: ms-vscode-remote.remote-containers
+ types:
+ - all
+
+ # @vscode [Remote SSH](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-ssh) | [GitHub](https://github.com/Microsoft/vscode-remote-release) - The Remote - SSH enables the use of any remote machine with a SSH server as the development environment
+ - name: ms-vscode-remote.remote-ssh
+ types:
+ - all
+
+ # @vscode [Remote WSL](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-wsl) | [GitHub](https://github.com/Microsoft/vscode-remote-release) - The Remote - WSL extension enables the use VS Code on Windows to build Linux applications that run on the Windows Subsystem for Linux(WSL)
+ - name: ms-vscode-remote.remote-wsl
+ types:
+ - all
+
+ # @vscode [Python](https://marketplace.visualstudio.com/items?itemName=ms-python.python) | [GitHub](https://github.com/Microsoft/vscode-python) - A VS Code extension with rich support for the Python language, including features such as IntelliSense (Pylance), linting, debugging, code navigation, code formatting, refactoring, variable explorer, test explorer, and more
+ - name: ms-python.python
+ types:
+ - python
+
+ # @vscode [PowerShell](https://marketplace.visualstudio.com/items?itemName=ms-vscode.PowerShell) | [GitHub](https://github.com/PowerShell/vscode-powershell) - This extension provides rich PowerShell language support for Visual Studio Code
+ - name: ms-vscode.PowerShell
+ types:
+ - all
+
+ # @vscode [Live Share](https://marketplace.visualstudio.com/items?itemName=MS-vsliveshare.vsliveshare) | [GitHub](https://github.com/MicrosoftDocs/live-share) - This extension enables to collaboratively edit and debug with others in real time, regardless what programming languages are used
+ - name: MS-vsliveshare.vsliveshare
+ types:
+ - all
+
+ # @vscode [Live Share Audio](https://marketplace.visualstudio.com/items?itemName=MS-vsliveshare.vsliveshare-audio) | [GitHub](https://github.com/MicrosoftDocs/live-share) - This extension enhances the existing Visual Studio Live Share experience, by enabling to quickly spin up an audio call directly from within Visual Studio Code, without needing to use a separate tool or service
+ - name: MS-vsliveshare.vsliveshare-audio
+ types:
+ - all
+
+ # @vscode [autoDocstring Python Docstring Generator](https://marketplace.visualstudio.com/items?itemName=njpwerner.autodocstring) | [GitHub](https://github.com/NilsJPWerner/autoDocstring) - Aids in writing Python doc strings via templates
+ - name: njpwerner.autodocstring
+ types:
+ - python
+
+ # @vscode [Nx Console](https://marketplace.visualstudio.com/items?itemName=nrwl.angular-console) | [GitHub](https://github.com/nrwl/nx-console) - A UI to accompany the Nx CLI
+ - name: nrwl.angular-console
+ types:
+ - angular
+
+ # @vscode [Taskfile](https://marketplace.visualstudio.com/items?itemName=paulvarache.vscode-taskfile) | [GitHub](https://github.com/paulvarache/vscode-taskfile) - This extension provides Intellisense, Tasks, a Tree View and Hover actions for your Taskfiles
+ # - name: paulvarache.vscode-taskfile
+
+ # @vscode [ngrok](https://marketplace.visualstudio.com/items?itemName=philnash.ngrok-for-vscode) | [GitHub](https://github.com/philnash/ngrok-for-vscode) - A VSCode extension for controlling ngrok from the command palette
+ - name: philnash.ngrok-for-vscode
+ types:
+ - all
+
+ # @vscode [Material Icon Theme](https://marketplace.visualstudio.com/items?itemName=PKief.material-icon-theme) | [GitHub](https://github.com/PKief/vscode-material-icon-theme) - Material design icons
+ - name: PKief.material-icon-theme
+ types:
+ - all
+
+ # @vscode [CSS Peek](https://marketplace.visualstudio.com/items?itemName=pranaygp.vscode-css-peek) | [GitHub](https://github.com/pranaygp/vscode-css-peek) - A VSCode extension for peeking at CSS definitions from a class or id taq in HTML
+ - name: pranaygp.vscode-css-peek
+ types:
+ - angular
+ - npm
+
+ # @vscode [Paste JSON as Code](https://marketplace.visualstudio.com/items?itemName=quicktype.quicktype) | [GitHub](https://github.com/quicktype/quicktype) - An extension that generates types and helper code for reading JSON
+ - name: quicktype.quicktype
+ types:
+ - angular
+ - npm
+
+ # @vscode [TypeScript Hero](https://marketplace.visualstudio.com/items?itemName=rbbit.typescript-hero) | [GitHub](https://github.com/buehler/typescript-hero) - A VSCode extension to organize and sort all the TS imports
+ - name: rbbit.typescript-hero
+ types:
+ - angular
+ - npm
+
+ # @vscode [Ansible](https://marketplace.visualstudio.com/items?itemName=redhat.ansible) | [GitHub](https://github.com/ansible/vscode-ansible) - This extension adds language support for Ansible to Visual Studio Code and OpenVSX compatible editors by leveraging ansible-language-server
+ - name: redhat.ansible
+ types:
+ - ansible
+
+ # @vscode [YAML](https://marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml) | [GitHub](https://github.com/redhat-developer/vscode-yaml) - Provides comprehensive YAML Language support to Visual Studio Code, via the yaml-language-server, with built-in Kubernetes syntax support
+ - name: redhat.vscode-yaml
+ types:
+ - all
+
+ # @vscode [Sort JSON Objects](https://marketplace.visualstudio.com/items?itemName=richie5um2.vscode-sort-json) | [GitHub](https://github.com/richie5um/vscode-sort-json) - Alphabetically sorts the keys in selected JSON objects
+ - name: richie5um2.vscode-sort-json
+ types:
+ - all
+
+ # @vscode [Paste and Indent](https://marketplace.visualstudio.com/items?itemName=Rubymaniac.vscode-paste-and-indent) | [GitHub](https://github.com/rubymaniac/vscode-paste-and-indent) - This extension adds limited support for pasting and indenting code
+ - name: Rubymaniac.vscode-paste-and-indent
+ types:
+ - all
+
+ # @vscode [Comments in Typescript](https://marketplace.visualstudio.com/items?itemName=salbert.comment-ts) | [GitHub](https://github.com/s-albert/comment-ts) - Adds automatic templating of TypeScript-flavored JSDoc comments
+ - name: salbert.comment-ts
+ types:
+ - angular
+ - npm
+
+ # @vscode [Markdown Preview Enhanced](https://marketplace.visualstudio.com/items?itemName=shd101wyy.markdown-preview-enhanced) | [GitHub](https://github.com/shd101wyy/vscode-markdown-preview-enhanced) - An extension that provides with many useful functionalities such as automatic scroll sync, math typesetting, mermaid, PlantUML, pandoc, PDF export, code chunk, presentation writer, etc
+ - name: shd101wyy.markdown-preview-enhanced
+ types:
+ - all
+
+ # @vscode [Code Time](https://marketplace.visualstudio.com/items?itemName=softwaredotcom.swdc-vscode) | [GitHub](https://github.com/swdotcom/swdc-vscode) - A plugin for automatic programming metrics and time tracking Visual Studio Code
+ - name: softwaredotcom.swdc-vscode
+ types:
+ - all
+
+ # @vscode [Auto Import](https://marketplace.visualstudio.com/items?itemName=steoates.autoimport) | [GitHub](https://github.com/soates/Auto-Import) - An extension that automatically finds, parses and provides code actions and code completion for all available imports
+ - name: steoates.autoimport
+ types:
+ - angular
+ - npm
+
+ # @vscode [Stylelint](https://marketplace.visualstudio.com/items?itemName=stylelint.vscode-stylelint) | [GitHub](https://github.com/stylelint/vscode-stylelint) - A mighty, modern CSS linter that helps to enforce consistent conventions and avoid errors in stylesheets
+ - name: stylelint.vscode-stylelint
+ types:
+ - angular
+ - npm
+
+ # @vscode [ShellCheck](https://marketplace.visualstudio.com/items?itemName=timonwong.shellcheck) | [GitHub](https://github.com/vscode-shellcheck/vscode-shellcheck) - Integrates Shellcheck linting (linting for shell scripts)
+ - name: timonwong.shellcheck
+ types:
+ - all
+
+ # @vscode [Firebase](https://marketplace.visualstudio.com/items?itemName=toba.vsfire) | [GitHub](https://github.com/toba/vsfire) - A VSCode extension for syntax highlighting, hover help and code completions with Firestore security rules and index definition files
+ - name: toba.vsfire
+ types:
+ - angular
+
+ # @vscode [Sort Lines](https://marketplace.visualstudio.com/items?itemName=tyriar.sort-lines) | [GitHub](https://github.com/Tyriar/vscode-sort-lines) - An extension that sorts lines of text in Visual Studio Code
+ - name: tyriar.sort-lines
+ types:
+ - all
+
+ # @vscode [Error Lens](https://marketplace.visualstudio.com/items?itemName=usernamehw.errorlens) | [GitHub](https://github.com/usernamehw/vscode-error-lens) - An extension that charges language diagnostic features by making diagnostics stand out more prominently, highlighting the entire line wherever a diagnostic is generated by the language and also prints the message inline
+ - name: usernamehw.errorlens
+ types:
+ - all
+
+ # @vscode [LTeX – LanguageTool Grammar/Spelling](https://marketplace.visualstudio.com/items?itemName=valentjn.vscode-ltex) | [GitHub](https://github.com/valentjn/vscode-ltex) - Adds LanguageTool functionality including grammar and spell-checking
+ - name: valentjn.vscode-ltex
+ types:
+ - all
+
+ # @vscode [IntelliCode](https://marketplace.visualstudio.com/items?itemName=VisualStudioExptTeam.vscodeintellicode) | [GitHub](https://github.com/MicrosoftDocs/intellicode) - The IntelliCode extension for Visual Studio Code provides artificial intelligence-assisted IntelliSense for Python, Java, TypeScript, and JavaScript
+ - name: VisualStudioExptTeam.vscodeintellicode
+ types:
+ - angular
+ - npm
+ - java
+ - python
+
+ # @vscode [Arduino](https://marketplace.visualstudio.com/items?itemName=vsciot-vscode.vscode-arduino) | [GitHub](https://github.com/Microsoft/vscode-arduino) - The Arduino extension makes it easy to develop, build, deploy and debug your Arduino sketches in Visual Studio Code, with a rich set of functionalities
+ - name: vsciot-vscode.vscode-arduino
+
+ # @vscode [CodeTour](https://marketplace.visualstudio.com/items?itemName=vsls-contrib.codetour) | [GitHub](https://github.com/microsoft/codetour) - Allows running, creating, and editting code tours which are a unique way of guiding contributors through the code base of a project
+ - name: vsls-contrib.codetour
+ types:
+ - all
+
+ # @vscode [GistPad](https://marketplace.visualstudio.com/items?itemName=vsls-contrib.gistfs) | [GitHub](https://github.com/lostintangent/gistpad) - A Visual Studio Code extension that allows you to edit GitHub Gists and repositories from the comfort of your favorite editor
+ - name: vsls-contrib.gistfs
+ types:
+ - all
+
+ # @vscode [TODO Highlight](https://marketplace.visualstudio.com/items?itemName=wayou.vscode-todo-highlight) | [GitHub](https://github.com/wayou/vscode-todo-highlight) - An extension that highlights TODO, FIXME, and other annotations within the code
+ - name: wayou.vscode-todo-highlight
+ types:
+ - all
+
+ # @vscode [Import Cost](https://marketplace.visualstudio.com/items?itemName=wix.vscode-import-cost) | [GitHub](https://github.com/wix/import-cost) - This extension will display inline in the editor the size of the imported package
+ - name: wix.vscode-import-cost
+ types:
+ - angular
+ - npm
+
+ # @vscode [Surround](https://marketplace.visualstudio.com/items?itemName=yatki.vscode-surround) | [GitHub](https://github.com/yatki/vscode-surround) - Easily add code that surrounds other code like try/catches
+ - name: yatki.vscode-surround
+ types:
+ - angular
+ - npm
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/nix/vars.yml b/home/dot_local/share/ansible/environments/prod/group_vars/nix/vars.yml
new file mode 100644
index 00000000..ed97d539
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/nix/vars.yml
@@ -0,0 +1 @@
+---
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/pfsense/vars.yml b/home/dot_local/share/ansible/environments/prod/group_vars/pfsense/vars.yml
new file mode 100644
index 00000000..ed97d539
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/pfsense/vars.yml
@@ -0,0 +1 @@
+---
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/qubes/defaults.yml b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/defaults.yml
new file mode 100644
index 00000000..0c1bf918
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/defaults.yml
@@ -0,0 +1,3 @@
+---
+# Do not include dotfiles with sensitive information by default
+include_pii_dotfiles: false
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/qubes/links.yml b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/links.yml
new file mode 100644
index 00000000..837ff82b
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/links.yml
@@ -0,0 +1,27 @@
+---
+mimetype_handlers:
+ - name: WebDVM
+ vm: web-dvm
+ mimes: x-scheme-handler/unknown;x-scheme-handler/about;text/html;text/xml;application/xhtml+xml;application/xml;application/vnd.mozilla.xul+xml;application/rss+xml;application/rdf+xml;image/gif;image/jpeg;image/png;x-scheme-handler/http;x-scheme-handler/https;
+ link: web_dvm.desktop
+ xdg-setting: default-web-browser
+ - name: UtilityDVM
+ vm: util-dvm
+ mimes: text/*;*/xml;application/x-httpd-php3;application/x-httpd-php4;application/x-httpd-php5;application/x-shellscript;application/pgp-encrypted;application/x-mimearchive;message/rfc822;
+ link: utility_dvm.desktop
+ - name: MediaDVM
+ vm: media-dvm
+ mimes: image/*;video/*;application/x-matroska;audio/*;application/ogg;application/x-ogg;application/mxf;application/sdp;application/smil;application/x-smil;application/streamingmedia;application/x-streamingmedia;application/vnd.rn-realmedia;application/vnd.rn-realmedia-vbr;application/vnd.comicbook*;application/epub+zip;application/x-mobipocket-ebook;font/sfnt;application/vnd.ms-opentype;*x-font*;
+ link: media_dvm.desktop
+ - name: OfficeDVM
+ vm: office-dvm
+ mimes: application/pdf;application/x-pdf;application/x-cbz;applilcation/oxps;application/vnd.ms-xpsdocument;*opendocument*;*openxmlformats*;*msword;*ms-excel;*ms-powerpoint;*abiword;*write*
+ link: office_dvm.desktop
+
+ # The following mime types need to be handled:
+ # Since their default program depends on their file extensions as well the
+ # [opener](https://gitlab.com/megabyte-labs/dotfiles/-/blob/master/dotfiles/.local/bin/opener)
+ # program should be used to determine which application to load.
+ # TODO (Multi) application/octet-stream
+ # TODO (Multi) application/vnd.ms-htmlhelp
+ # TODO (Multi) application/*zip*;application/x-?ar;application/x-?z*;application/x-compressed*;application/vnd.rar;application/x-*-image;application/x-msi
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/qubes/roles.yml b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/roles.yml
new file mode 100644
index 00000000..ef16568c
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/roles.yml
@@ -0,0 +1,199 @@
+---
+# yamllint disable rule:max-lines
+base_template_roles:
+ - roles/system/homebrew
+ - roles/system/ssh
+ - roles/system/motd
+ - roles/tools/fig
+ - roles/applications/firefox
+ - roles/applications/vscode
+ - roles/system/security
+ - roles/system/snapd
+
+docker_template_roles:
+ - roles/system/glusterfs
+
+full_docker_template_roles:
+ - roles/virtualization/docker
+ - roles/services/netdata
+ - roles/services/goofys
+
+full_template_roles:
+ - roles/applications/office
+ - roles/services/rclone
+
+qubes_roles:
+ anon-tmpl:
+ - roles/applications/onionshare
+ crypto-tmpl:
+ - roles/crypto/ledgerlive
+ - roles/crypto/monero
+ - roles/tools/cointop
+ dev-tmpl:
+ - roles/tools/aria
+ # - roles/tools/beets #TODO - Error: UnicodeEncodeError: 'latin-1' codec can't encode character '\u2019' in position 82: ordinal not in range(256)
+ - roles/tools/exiftool
+ - roles/tools/ffmpeg
+ - roles/applications/bravebrowser
+ - roles/applications/chrome
+ - roles/applications/microsoftedge
+ - roles/system/desktop # Needs testing on Qubes
+ - roles/helpers/installer
+ - roles/languages/nodejs
+ - roles/languages/go
+ - roles/languages/java
+ - roles/languages/sdkman
+ - roles/languages/deno
+ - roles/languages/php
+ - roles/languages/composer
+ - roles/languages/ruby
+ - roles/languages/pip
+ - roles/languages/rust
+ - roles/languages/asdf
+ - roles/languages/cocoapods
+ - roles/virtualization/kvm
+ - roles/virtualization/lxdc
+ - roles/virtualization/gvisor
+ - roles/virtualization/dockerpushrm
+ - roles/virtualization/dockerslim
+ - roles/virtualization/kubernetes
+ - roles/virtualization/vagrant
+ - roles/applications/androidstudio
+ - roles/applications/appium
+ - roles/applications/gitkraken
+ - roles/applications/intellij
+ - roles/applications/lens
+ - roles/applications/postman
+ - roles/applications/rdm
+ - roles/applications/visualstudio
+ - roles/applications/wireshark
+ - roles/applications/xcode
+ - roles/tools/awscli
+ - roles/tools/azurecli
+ - roles/tools/broot
+ - roles/tools/consultemplate
+ - roles/tools/diffsofancy
+ - roles/tools/fpm
+ - roles/tools/gh
+ - roles/tools/ghorg
+ - roles/tools/gist
+ - roles/tools/gitextras
+ - roles/tools/gitfilterrepo
+ - roles/tools/gitfuzzy
+ - roles/tools/gitlfs
+ - roles/tools/gitsecret
+ - roles/tools/gitstats
+ - roles/tools/googlecloudsdk
+ - roles/tools/googler
+ - roles/tools/gradle
+ - roles/tools/himalaya
+ - roles/tools/htop
+ - roles/tools/httpie
+ - roles/tools/jo
+ - roles/tools/juju
+ - roles/tools/lexicon
+ - roles/tools/lsd
+ - roles/tools/mcfly
+ - roles/tools/mitmproxy
+ - roles/tools/multipass
+ - roles/tools/nb
+ - roles/tools/ngrok
+ - roles/tools/nmap
+ - roles/tools/nomad
+ - roles/tools/normit
+ - roles/tools/packer
+ - roles/tools/pandoc
+ - roles/tools/pgcli
+ - roles/tools/poetry
+ - roles/tools/powershell
+ - roles/tools/recoverpy
+ - roles/tools/ripgrep
+ - roles/tools/s5cmd
+ - roles/tools/scrcpy
+ - roles/tools/shc
+ - roles/tools/shdoc
+ - roles/tools/slackterm
+ - roles/tools/sysdig
+ - roles/tools/teleport
+ - roles/tools/tfenv
+ - roles/tools/translate
+ - roles/tools/trec
+ - roles/tools/tree
+ - roles/tools/upx
+ - roles/tools/vim
+ - roles/tools/wails
+ - roles/tools/watchman
+ - roles/tools/waypoint
+ - roles/tools/wget
+ - roles/tools/wkhtmltopdf
+ - roles/tools/wpcli
+ - roles/tools/wrk
+ - roles/tools/yank
+ - roles/tools/yarn
+ - roles/misc/easyengine
+ - roles/system/mackup
+ gpg-tmpl: []
+ kubernetes-tmpl:
+ - roles/virtualization/kubernetes
+ media-tmpl:
+ - roles/applications/gimp
+ - roles/applications/inkscape
+ - roles/applications/kodi
+ - roles/applications/lollypop
+ - roles/applications/plex
+ - roles/applications/qbittorrent
+ - roles/applications/shotcut
+ - roles/applications/shotwell
+ - roles/applications/vlc
+ - roles/tools/aria
+ # - roles/tools/beets # TODO - Error - See above.
+ - roles/tools/exiftool
+ - roles/tools/ffmpeg
+ office-tmpl:
+ - roles/applications/keybase
+ - roles/applications/mailspring
+ - roles/applications/office
+ - roles/applications/proton
+ - roles/applications/skype
+ - roles/applications/teams
+ - roles/applications/zoom
+ personal-tmpl: []
+ pfsense:
+ - roles/misc/pfsense
+ provision-tmpl:
+ - roles/applications/etcher
+ - roles/applications/raspberryimager
+ remote-template:
+ # - roles/system/cloudflared
+ - roles/applications/filezilla
+ - roles/applications/remotedesktop
+ - roles/applications/teamviewer
+ - roles/applications/termius
+ seconion:
+ - roles/misc/seconion
+ swarm-tmpl:
+ - roles/services/restic
+ - roles/virtualization/swarm
+ - roles/tools/autorestic
+ sys-net-dvm:
+ - roles/system/vpn
+ util-tmpl: []
+ vault-tmpl:
+ - roles/tools/onlykey
+ - roles/tools/yubikey
+ vpn-pritunl-tmpl: [] # TODO
+ vpn-proton-tmpl:
+ - roles/applications/proton
+ vpn-random-tmpl:
+ - roles/system/vpn
+ vpn-tailscale-tmpl:
+ - roles/services/tailscale
+ vpn-warp-tmpl:
+ - roles/system/warp
+ vpn-tmpl: []
+ web-tmpl:
+ - roles/applications/bravebrowser
+ - roles/applications/chrome
+ - roles/applications/firefox
+ - roles/applications/microsoftedge
+ work-tmpl: []
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/qubes/software.yml b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/software.yml
new file mode 100644
index 00000000..618a4e49
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/software.yml
@@ -0,0 +1,11 @@
+---
+qubes_software:
+ kubernetes-tmpl:
+ - kdash
+ - kn
+ - kubenav
+ - linkerd2
+ media-tmpl:
+ - webtorrent
+ services-tmpl:
+ - g-assist
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/qubes/users.yml b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/users.yml
new file mode 100644
index 00000000..a6e75348
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/users.yml
@@ -0,0 +1,72 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: user
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Digital Ocean
+ provider: digitalocean
+ config: |
+ type = s3
+ env_auth = false
+ access_key_id = {{ digitalocean_access_key_id }}
+ secret_access_key = {{ digitalocean_secret_access_key }}
+ endpoint = nyc3.digitaloceanspaces.com
+ acl = private
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys: '{{ default_ssh_authorized_keys | default([]) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_name | default(omit) }}'
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_root_user | default(restic_password_ansible_user) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ system: true
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/qubes/vault.yml b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/vault.yml
new file mode 100644
index 00000000..a9851355
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/qubes/vault.yml
@@ -0,0 +1,20 @@
+$ANSIBLE_VAULT;1.1;AES256
+36303137303665316435616537356138343934363963633038633564623135636163616139666332
+3261313636623330623864663537366262626130383261650a323237346634613231626630356538
+61633638643562333636663735333237636266613734386436656439643163663961303237626363
+3836376231643765620a653330303634666534623466633438616239303830303135356230336631
+65646430636132663761333666383962623132383865653865363634366662313736363439663731
+30383931636233313131333431303362326662653131356461323064613438353135653836376164
+38353231646665643434636330383036363638373566623338663333343031396237333333356637
+61356561356535623031656561303966333039653835663134383537343438666161383234313064
+35613965363230613132333637303635396237626563346537643463333763393735643439303164
+62623361356632396661383338616232626334623261313238636662646363636464646637306366
+62346165363632653932363062356532316330373561306234373237646232376537343630623439
+31333331366433616335383031336539386565663031316131646231643338616361663565356538
+33373164663366633332303766346366653232623665626561376361613938333737623437623863
+37653864323963363130653636656239646462656364646535333635316363633330366161313730
+30643162306265623661363530353637636463393964373137373835303164646436326365336163
+31386530666262376430383636393835636561613331333037636164626663343339333966616461
+37326533633537626566393866386537616337616464333239326164623462643334353565623536
+39353931626337393466653032626633333137633234373436356339393333636262326334316264
+366265643365666235326461373264663231
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/raspberry/vars.yml b/home/dot_local/share/ansible/environments/prod/group_vars/raspberry/vars.yml
new file mode 100644
index 00000000..80a76abb
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/raspberry/vars.yml
@@ -0,0 +1,10 @@
+---
+# These variables are required for provisioning Raspberry Pis because they use ARM64 processors instead of the
+# regular 64-bit processors.
+docker_apt_arch: arm64
+docker_apt_repository: "deb [arch={{ docker_apt_arch }}] http://HTTPS///download.docker.com\
+ /linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} \
+ {{ docker_apt_release_channel }}"
+
+# Prevent NGINX Amplify from being installed / registered.
+enable_nginx_amplify: false
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/server/vars.yml b/home/dot_local/share/ansible/environments/prod/group_vars/server/vars.yml
new file mode 100644
index 00000000..ed97d539
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/server/vars.yml
@@ -0,0 +1 @@
+---
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/windows/vars.yml b/home/dot_local/share/ansible/environments/prod/group_vars/windows/vars.yml
new file mode 100644
index 00000000..f090c443
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/windows/vars.yml
@@ -0,0 +1,2 @@
+---
+ansible_become_method: runas
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/windows/vault.yml b/home/dot_local/share/ansible/environments/prod/group_vars/windows/vault.yml
new file mode 100644
index 00000000..8d821688
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/windows/vault.yml
@@ -0,0 +1,17 @@
+$ANSIBLE_VAULT;1.1;AES256
+62313431323437663439656234323762663832346234356437336564396563346564343131343861
+3561656664383335653237343039323262396430353535650a653633333136383765663733643337
+36303030666335356266616663613834393630653739393233323430633130376330363733303862
+6666363938613763360a623031626666396538313962346435643932393432333066383964303632
+64643462363335323130663535663533333134366430376562623331633936326531336461336266
+33386331363864376635303138396533323232373632393431363532623032386336313031653539
+64646261633834623730393265363136636236303665386230366361613833373639386634646239
+66663266663433663532333564613038313564616538336231623739396439646631366632666564
+66346236643566663437383930346565383337316236316365336166663265643131346631336266
+66373333316266613732656461366235336163663831623133313034356462386265643636626461
+30653933346132346435636266326264616436306363323731363830633932366237616362643863
+32666638373665383137346163663337333131326264326339653563626633666335653232393337
+66633062356465646234663235646435623862353939366263336663383331643766373563323164
+33313863366364663530336134316530353134313338633162653634643061356663383934333935
+34323234613762313130633936353336363037306663376666636332393763633263326161336132
+32343632326463303566
diff --git a/home/dot_local/share/ansible/environments/prod/group_vars/wsl/vars.yml b/home/dot_local/share/ansible/environments/prod/group_vars/wsl/vars.yml
new file mode 100644
index 00000000..ccfd0f9c
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/group_vars/wsl/vars.yml
@@ -0,0 +1,3 @@
+---
+# Ensure fail2ban is not enabled on WSL environments
+install_fail2ban: false
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/users.yml b/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/users.yml
new file mode 100644
index 00000000..ffd62c90
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/users.yml
@@ -0,0 +1,49 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ rclone:
+ - name: Digital Ocean
+ provider: digitalocean
+ config: |
+ type = s3
+ env_auth = false
+ access_key_id = {{ digitalocean_access_key_id }}
+ secret_access_key = {{ digitalocean_secret_access_key }}
+ endpoint = nyc3.digitaloceanspaces.com
+ acl = private
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ ssh_authorized_keys: '{{ default_ssh_authorized_keys | default([]) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ system: true
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/vars.yml b/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/vars.yml
new file mode 100644
index 00000000..2b3d685f
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/vars.yml
@@ -0,0 +1,2 @@
+---
+corporate_restrictions: true
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/vault.schema.json b/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/vault.schema.json
new file mode 100644
index 00000000..2cdcb073
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/vault.schema.json
@@ -0,0 +1,20 @@
+{
+ "$ref": "#/definitions/VaultSchema",
+ "$schema": "http://json-schema.org/draft-06/schema#",
+ "definitions": {
+ "VaultSchema": {
+ "additionalProperties": false,
+ "properties": {
+ "admin_password": {
+ "type": "string"
+ },
+ "admin_username": {
+ "type": "string"
+ }
+ },
+ "required": ["admin_password", "admin_username"],
+ "title": "VaultSchema",
+ "type": "object"
+ }
+ }
+}
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/vault.yml b/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/vault.yml
new file mode 100644
index 00000000..a7fb520f
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/malaptop/vault.yml
@@ -0,0 +1,8 @@
+$ANSIBLE_VAULT;1.1;AES256
+37386533623230613739333962623765653061363939393664323733646563396434626635373961
+6538323132643238616165363036636564333934393666630a333865636437333036313034393933
+65643235373331663765393761393436366264346461353437383062393430373432653863396237
+3861383534393964340a316632663261633131393565636630613164373764353262643036316463
+34653130323635396435346430373530393061343639373762643233336636643130366239313237
+61323061626430653630333666373932343662303236336661313539343861666163373939313939
+663631613534393933353534303233653662
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/nuc/vars.yml b/home/dot_local/share/ansible/environments/prod/host_vars/nuc/vars.yml
new file mode 100644
index 00000000..68e222fa
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/nuc/vars.yml
@@ -0,0 +1,16 @@
+---
+# @var docker_snap_install: false # Force Docker to install via snap. Useful in cases where the regular Docker
+# install method is causing issues.
+docker_snap_install: true
+
+# @var nginx_sites_available: [] # With `nginx_sites_available`, you can specify custom NGINX proxies. It is a
+# legacy feature of our playbook that we are leaving in since it could potentially be useful in cases where
+# you need to have an NGINX instance proxying into a NATed VM, for instance.
+nginx_sites_available: []
+# @example #
+# nginx_sites_available:
+# - name: authelia
+# proxy_pass_port: 443
+# proxy_pass_url: auth.megabyte.space
+# transport: https
+# @end
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/nuc/vault.schema.json b/home/dot_local/share/ansible/environments/prod/host_vars/nuc/vault.schema.json
new file mode 100644
index 00000000..79b79002
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/nuc/vault.schema.json
@@ -0,0 +1,47 @@
+{
+ "$ref": "#/definitions/VaultSchema",
+ "$schema": "http://json-schema.org/draft-06/schema#",
+ "definitions": {
+ "VaultSchema": {
+ "additionalProperties": false,
+ "properties": {
+ "admin_password": {
+ "type": "string"
+ },
+ "admin_username": {
+ "type": "string"
+ },
+ "maas_admin_email": {
+ "type": "string"
+ },
+ "maas_admin_password": {
+ "type": "string"
+ },
+ "maas_admin_username": {
+ "type": "string"
+ },
+ "maas_database_name": {
+ "type": "string"
+ },
+ "maas_database_password": {
+ "type": "string"
+ },
+ "maas_database_username": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "admin_password",
+ "admin_username",
+ "maas_admin_email",
+ "maas_admin_password",
+ "maas_admin_username",
+ "maas_database_name",
+ "maas_database_password",
+ "maas_database_username"
+ ],
+ "title": "VaultSchema",
+ "type": "object"
+ }
+ }
+}
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/nuc/vault.yml b/home/dot_local/share/ansible/environments/prod/host_vars/nuc/vault.yml
new file mode 100644
index 00000000..899554f4
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/nuc/vault.yml
@@ -0,0 +1,19 @@
+$ANSIBLE_VAULT;1.1;AES256
+65626464316535393663323036316538626265313966363963306435373335303939366134396134
+3966366338666432613139303764343437343761363662300a343838366633333665323236386166
+64323865383966393563383939333638373230333034633462326531653732393931326631326530
+3162343834633930620a333266663338626464626331616639653437623135396431323061383339
+62366630656263653261303439616437303535333964383861623934313163376261343065633166
+63306365323464383763636565306466613537363533363333383162356635336363363136643136
+30636632633730653665396534643461653032393038626463613662366232386538623238326263
+61616430623061353531333532316361383261323435616234656465306139616565613633373862
+34623631663030616332653137336439623939316138336437316538663230386636633734616365
+30666666663165356266343533623838636464643964613332613965653834383231626339653231
+61363237346532616336643965323438346666663030346135333561646530373934346466386663
+63353436633662313036623261346530616161646365353666306634346137633262623131323839
+34353639303835633237326532313337336138623066336431626561656638353664666634356239
+30313837653366343634633839643263373934396234323965636232366565616436663061333531
+66613531663036373365383037643839356531353433313463386161333561396461373034336464
+65333639396538336166663630653531363739653134663161383564643838643763353339353061
+64393239653961363761383264373536396465623634306631396134366636343464626362306337
+3234356263363333383465633935363261303862303935333231
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/ping/vars.yml b/home/dot_local/share/ansible/environments/prod/host_vars/ping/vars.yml
new file mode 100644
index 00000000..ed97d539
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/ping/vars.yml
@@ -0,0 +1 @@
+---
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/ping/vault.schema.json b/home/dot_local/share/ansible/environments/prod/host_vars/ping/vault.schema.json
new file mode 100644
index 00000000..2cdcb073
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/ping/vault.schema.json
@@ -0,0 +1,20 @@
+{
+ "$ref": "#/definitions/VaultSchema",
+ "$schema": "http://json-schema.org/draft-06/schema#",
+ "definitions": {
+ "VaultSchema": {
+ "additionalProperties": false,
+ "properties": {
+ "admin_password": {
+ "type": "string"
+ },
+ "admin_username": {
+ "type": "string"
+ }
+ },
+ "required": ["admin_password", "admin_username"],
+ "title": "VaultSchema",
+ "type": "object"
+ }
+ }
+}
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/ping/vault.yml b/home/dot_local/share/ansible/environments/prod/host_vars/ping/vault.yml
new file mode 100644
index 00000000..e77ca54f
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/ping/vault.yml
@@ -0,0 +1,9 @@
+$ANSIBLE_VAULT;1.1;AES256
+31636538313138613665643232613534613566663539626235666538333863383161313361623535
+6234303735353131383866666330393133646332623637340a346139613930663766373763386533
+62636163353038376662353065393766333662623535313134666362623261333839653265313234
+6233626236353835320a366561303634326138666433333636323535303363663733343732653163
+34363361333633346239313634623132313866333631663836626632663461643631313766326461
+34383737393732393435306438313665386637656561356233323830613366633466636536623739
+36663139653961356236626633363165623562333031366532666530313731666464333037323539
+65313933343337313238
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/raspi/vars.yml b/home/dot_local/share/ansible/environments/prod/host_vars/raspi/vars.yml
new file mode 100644
index 00000000..ed97d539
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/raspi/vars.yml
@@ -0,0 +1 @@
+---
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/raspi/vault.schema.json b/home/dot_local/share/ansible/environments/prod/host_vars/raspi/vault.schema.json
new file mode 100644
index 00000000..2cdcb073
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/raspi/vault.schema.json
@@ -0,0 +1,20 @@
+{
+ "$ref": "#/definitions/VaultSchema",
+ "$schema": "http://json-schema.org/draft-06/schema#",
+ "definitions": {
+ "VaultSchema": {
+ "additionalProperties": false,
+ "properties": {
+ "admin_password": {
+ "type": "string"
+ },
+ "admin_username": {
+ "type": "string"
+ }
+ },
+ "required": ["admin_password", "admin_username"],
+ "title": "VaultSchema",
+ "type": "object"
+ }
+ }
+}
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/raspi/vault.yml b/home/dot_local/share/ansible/environments/prod/host_vars/raspi/vault.yml
new file mode 100644
index 00000000..bf81c7cf
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/raspi/vault.yml
@@ -0,0 +1,9 @@
+$ANSIBLE_VAULT;1.1;AES256
+39313939356161666138323366323832383631326430376662323138396561613138363632343830
+6334656530653264643031316662313664346238336436320a373739613739353432303461633531
+32363364633639343061393838613838353733343762653865656666623636396565616130373866
+6138616336353036330a333462396230646536623736633930663138356563303638663363383835
+64303935303032313538396131623539393065396230613736663063636366383734343665313635
+31366139613261323166303831323631353962336165383861343639323434396530383165626238
+63646239396633656563303865373731363539353836633663363737613966356436653965383463
+61636338383266333230
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/standard/users.yml b/home/dot_local/share/ansible/environments/prod/host_vars/standard/users.yml
new file mode 100644
index 00000000..9c903d7d
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/standard/users.yml
@@ -0,0 +1,70 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Digital Ocean
+ provider: digitalocean
+ config: |
+ type = s3
+ env_auth = false
+ access_key_id = {{ digitalocean_access_key_id }}
+ secret_access_key = {{ digitalocean_secret_access_key }}
+ endpoint = nyc3.digitaloceanspaces.com
+ acl = private
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys: '{{ default_ssh_authorized_keys | default([]) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_name | default(omit) }}'
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_root_user | default(restic_password_ansible_user) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ system: true
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/standard/vars.yml b/home/dot_local/share/ansible/environments/prod/host_vars/standard/vars.yml
new file mode 100644
index 00000000..85ef1ea1
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/standard/vars.yml
@@ -0,0 +1,25 @@
+---
+# TODO: Figure out how to apply these configs on Windows
+disk_configs:
+ - label: Auxilary
+ path: /dev/nvme0n1
+ fstab: LABEL=Auxilary /mnt/auxilary auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Auxilary 0 0
+ - label: Media
+ path: /dev/sda
+ fstab: LABEL=Media /mnt/media auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Media 0 0
+ - label: Backup
+ path: /dev/sdb
+ fstab: LABEL=Backup /mnt/backup auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Backup 0 0
+
+samba_allowed_hosts: 127.0.0.1 10.14.141. 10.14.14. 10.0.0.
+samba_netbios_name: WORKSTATION
+samba_printers: []
+samba_shares: []
+samba_workgroup: BYTEZ
+# vpn_routes:
+# - mask: 255.255.255.0
+# next_hop: 10.14.14.1
+# prefix: 10.14.24.0/24
+# - mask: 255.255.255.0
+# next_hop: 10.14.14.1
+# prefix: 10.14.14.0/24
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/workstation/users.yml b/home/dot_local/share/ansible/environments/prod/host_vars/workstation/users.yml
new file mode 100644
index 00000000..9c903d7d
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/workstation/users.yml
@@ -0,0 +1,70 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Digital Ocean
+ provider: digitalocean
+ config: |
+ type = s3
+ env_auth = false
+ access_key_id = {{ digitalocean_access_key_id }}
+ secret_access_key = {{ digitalocean_secret_access_key }}
+ endpoint = nyc3.digitaloceanspaces.com
+ acl = private
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys: '{{ default_ssh_authorized_keys | default([]) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_name | default(omit) }}'
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_root_user | default(restic_password_ansible_user) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ system: true
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/workstation/vars.yml b/home/dot_local/share/ansible/environments/prod/host_vars/workstation/vars.yml
new file mode 100644
index 00000000..2ce494ef
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/workstation/vars.yml
@@ -0,0 +1,25 @@
+---
+# TODO: Figure out how to apply these configs on Windows
+disk_configs:
+ - label: Auxilary
+ path: /dev/nvme0n1
+ fstab: LABEL=Auxilary /mnt/auxilary auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Auxilary 0 0
+ - label: Media
+ path: /dev/sda
+ fstab: LABEL=Media /mnt/media auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Media 0 0
+ - label: Backup
+ path: /dev/sdb
+ fstab: LABEL=Backup /mnt/backup auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Backup 0 0
+
+samba_allowed_hosts: 127.0.0.1 10.14.141. 10.14.14. 10.0.0.
+samba_netbios_name: WORKSTATION
+samba_printers: []
+samba_shares: []
+samba_workgroup: MEGAGROUP
+# vpn_routes:
+# - mask: 255.255.255.0
+# next_hop: 10.14.14.1
+# prefix: 10.14.24.0/24
+# - mask: 255.255.255.0
+# next_hop: 10.14.14.1
+# prefix: 10.14.14.0/24
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/workstation/vault.schema.json b/home/dot_local/share/ansible/environments/prod/host_vars/workstation/vault.schema.json
new file mode 100644
index 00000000..42642e00
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/workstation/vault.schema.json
@@ -0,0 +1,26 @@
+{
+ "$ref": "#/definitions/VaultSchema",
+ "$schema": "http://json-schema.org/draft-06/schema#",
+ "definitions": {
+ "VaultSchema": {
+ "additionalProperties": false,
+ "properties": {
+ "admin_password": {
+ "type": "string"
+ },
+ "admin_username": {
+ "type": "string"
+ },
+ "restic_password_ansible_user": {
+ "type": "string"
+ },
+ "restic_password_root_user": {
+ "type": "string"
+ }
+ },
+ "required": ["admin_password", "admin_username", "restic_password_ansible_user", "restic_password_root_user"],
+ "title": "VaultSchema",
+ "type": "object"
+ }
+ }
+}
diff --git a/home/dot_local/share/ansible/environments/prod/host_vars/workstation/vault.yml b/home/dot_local/share/ansible/environments/prod/host_vars/workstation/vault.yml
new file mode 100644
index 00000000..fc264aa9
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/host_vars/workstation/vault.yml
@@ -0,0 +1,20 @@
+$ANSIBLE_VAULT;1.1;AES256
+37626633393338613435343061383530663633663732393131613132313832613662306362316231
+3934643038333762363665393239643866623263333965330a353464343933666635333965316338
+62333433306136363461336235313865376136343732306264366632356332336332343532613365
+3531396437303365380a343638336662663535636361373935326536663538313965376164323237
+30393031313438653133393737333666643863363639343536636262633163376432353536313536
+63386365316431396630663962303333653564303030343231326539626631356333333263663962
+64363663306462376635663263323961373038373563376238343330336431613565626662393638
+38623433663533376635336466366136623335376639666264323838386133626466393738303532
+39663430623335376539343666333462623364633237376634636363636535653264306561643962
+32393638343133303462373233393265336266653762313238363336383262353535643539633732
+30343836663565366261636233346333336466633335326438646134353161316633343038343835
+65333263613633326537643334633336653835666433653464393530346632326330363361313561
+36613236663735633864653339333231666233356436636234633434643539353838373538613135
+39393636323937316534653264393663333361313733373566653962313564313039346335646261
+34616133663734363533393661626562613038616432383866333436346338643134633838666236
+37633538323663323231313461666633663661343639386235623364373936616137653633303538
+38663039343363643332653839326562626437356130366462316336373330363164386464653833
+30633261646564636466636539346531383935396133613736303637333237333038626265653738
+313234383531316466386165366437626530
diff --git a/home/dot_local/share/ansible/environments/prod/inventories/malaptop.yml b/home/dot_local/share/ansible/environments/prod/inventories/malaptop.yml
new file mode 100644
index 00000000..6b09a579
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/inventories/malaptop.yml
@@ -0,0 +1,12 @@
+---
+all:
+ children:
+ desktop:
+ hosts:
+ malaptop:
+ ansible_host: '{{ domains[inventory_hostname | lower].hostname }}'
+ ansible_connection: local
+ ansible_password: '{{ admin_password }}'
+ ansible_python_interpreter: python3
+ ansible_sudo_pass: '{{ admin_password }}'
+ ansible_user: '{{ admin_username }}'
diff --git a/home/dot_local/share/ansible/environments/prod/inventories/pfsense.yml b/home/dot_local/share/ansible/environments/prod/inventories/pfsense.yml
new file mode 100644
index 00000000..e77dcaad
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/inventories/pfsense.yml
@@ -0,0 +1,12 @@
+---
+all:
+ children:
+ pfsense:
+ hosts:
+ brock:
+ ansible_host: '{{ domains[inventory_hostname | lower].hostname }}'
+ ansible_password: '{{ admin_password }}'
+ ansible_port: '{{ ssh_port }}'
+ ansible_python_interpreter: /usr/local/bin/python2.7
+ ansible_sudo_pass: '{{ admin_password }}'
+ ansible_user: '{{ admin_username }}'
diff --git a/home/dot_local/share/ansible/environments/prod/inventories/quickstart.yml b/home/dot_local/share/ansible/environments/prod/inventories/quickstart.yml
new file mode 100644
index 00000000..73397b45
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/inventories/quickstart.yml
@@ -0,0 +1,679 @@
+---
+# Three hosts are defined but the quickstart script filters using an environment variable
+# so only one host is provisioned at a time by quickstart.
+all:
+ children:
+ desktop:
+ children:
+ nix:
+ hosts:
+ standard:
+ ansible_connection: local
+ vars:
+ ansible_become_pass: "{{ lookup('env', 'ANSIBLE_PASSWORD') | default('Betelgeuse888<3') }}"
+ ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') | default('Betelgeuse888<3') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') | default('Betelgeuse') }}"
+ qubes:
+ vars:
+ ansible_become_pass: "{{ lookup('env', 'ANSIBLE_PASSWORD') | default('Betelgeuse888<3') }}"
+ ansible_connection: qubes
+ ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') | default('Betelgeuse888<3') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') | default('user') }}"
+ ansible_python_interpreter: /usr/bin/python3
+ qubes:
+ dom0_vm: dom0
+ hosts:
+ dom0:
+ blank:
+ qubes:
+ vm_type: TemplateVM
+ children:
+ qubes-vms:
+ vars:
+ ansible_user: user
+ install_default_npm_packages: false
+ install_default_pip_packages: false
+ install_default_ruby_gems: false
+ install_go_developer_dependencies: false
+ install_grub_theme: false
+ install_plymouth_theme: false
+ memory: 512
+ maxmem: 4096
+ pip_packages: []
+ vcpus: 2
+ volume: {}
+ children:
+ system-vms:
+ template-vms:
+ net-vms:
+ proxy-vms:
+ app-vms:
+ standalone-vms:
+ windows:
+ hosts:
+ windows-standard:
+ vars:
+ ansible_become_pass: "{{ lookup('env', 'ANSIBLE_PASSWORD') | default('Betelgeuse888<3') }}"
+ ansible_connection: winrm
+ ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') | default('Betelgeuse888<3') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') | default('Betelgeuse') }}"
+ ansible_winrm_transport: credssp
+ ansible_winrm_server_cert_validation: ignore
+
+app-vms:
+ vars:
+ qubes:
+ maxmem: 2048
+ memory: 512
+ _netvm: sys-firewall
+ vm_type: AppVM
+ children:
+ app-dvms:
+ vars:
+ qubes:
+ label: gray
+ template_for_dispvms: true
+ hosts:
+ anon-dvm:
+ qubes:
+ template: anon-tmpl
+ template_vm: anon-tmpl
+ dev-dvm:
+ install_default_npm_packages: true
+ install_default_pip_packages: true
+ install_default_ruby_gems: true
+ install_go_developer_dependencies: true
+ qubes:
+ template: dev-tmpl
+ template_vm: dev-tmpl
+ media-dvm:
+ qubes:
+ template: media-tmpl
+ template_vm: media-tmpl
+ office-dvm:
+ qubes:
+ template: office-tmpl
+ template_vm: office-tmpl
+ services-dvm:
+ qubes:
+ template: services-tmpl
+ template_vm: services-tmpl
+ util-dvm:
+ qubes:
+ template: util-tmpl
+ template_vm: util-tmpl
+ web-dvm:
+ qubes:
+ template: web-tmpl
+ template_vm: web-tmpl
+ primary-dvm-templates:
+ vars:
+ qubes:
+ label: gray
+ template_for_dispvms: true
+ hosts:
+ debian-11-dvm:
+ qubes:
+ template: debian-11
+ template_vm: debian-11
+ debian-11-base-dvm:
+ qubes:
+ template: debian-11-base
+ template_vm: debian-11-base
+ fedora-36-dvm:
+ qubes:
+ template: fedora-36
+ template_vm: fedora-36
+ fedora-36-base-dvm:
+ qubes:
+ template: fedora-36-base
+ template_vm: fedora-36-base
+ fedora-37-dvm:
+ qubes:
+ template: fedora-37
+ template_vm: fedora-37
+ fedora-37-base-dvm:
+ qubes:
+ template: fedora-37-base
+ template_vm: fedora-37-base
+ net-dvm:
+ randomize_mac_address: true
+ qubes:
+ template: net-tmpl
+ template_vm: net-tmpl
+ standard-vms:
+ hosts:
+ crypto:
+ qubes:
+ _netvm: sys-vpn-proton
+ template: crypto-tmpl
+ template_vm: crypto-tmpl
+ dev:
+ install_default_npm_packages: true
+ install_default_pip_packages: true
+ install_default_ruby_gems: true
+ install_go_developer_dependencies: true
+ persistent_docker_volumes: true
+ qubes:
+ maxmem: 8192
+ memory: 2048
+ _netvm: sys-vpn-proton
+ template: dev-tmpl
+ template_vm: dev-tmpl
+ vcpus: 4
+ gpg:
+ qubes:
+ label: green
+ template: gpg-tmpl
+ template_vm: gpg-tmpl
+ kubernetes:
+ persistent_docker_volumes: true
+ qubes:
+ autostart: true
+ maxmem: 8192
+ memory: 2048
+ _netvm: sys-vpn-pritunl
+ template: kubernetes-tmpl
+ template_vm: kubernetes-tmpl
+ vcpus: 4
+ volume:
+ private: 30
+ personal:
+ persistent_docker_volumes: true
+ qubes:
+ maxmem: 8192
+ memory: 2048
+ _netvm: sys-vpn-proton
+ template: personal-tmpl
+ template_vm: personal-tmpl
+ vcpus: 4
+ # pritunl-server:
+ # qubes:
+ # # _netvm: opnsense
+ # _netvm: sys-firewall
+ # template_vm: pritunl-server-tmpl
+ # provision:
+ # qubes:
+ # _netvm: sys-vpn-pritunl
+ # template_vm: provision-tmpl
+ remote:
+ qubes:
+ _netvm: sys-vpn-pritunl
+ template: remote-tmpl
+ template_vm: remote-tmpl
+ swarm:
+ persistent_docker_volumes: true
+ qubes:
+ autostart: true
+ maxmem: 8192
+ memory: 2048
+ _netvm: sys-vpn-pritunl
+ template: swarm-tmpl
+ template_vm: swarm-tmpl
+ vcpus: 4
+ volume:
+ private: 30
+ vault:
+ qubes:
+ label: green
+ template: vault-tmpl
+ template_vm: vault-tmpl
+ work:
+ persistent_docker_volumes: true
+ qubes:
+ maxmem: 8192
+ memory: 2048
+ _netvm: sys-vpn-pritunl
+ template: work-tmpl
+ template_vm: work-tmpl
+ vcpus: 4
+ vars:
+ qubes:
+ label: purple
+ template_vm: fedora-36-base
+
+specialty-vms:
+ vars:
+ qubes:
+ vm_type: AppVM
+ hosts:
+ api:
+ qubes:
+ label: orange
+ template: provision-tmpl
+ template_vm: provision-tmpl
+ maas-qubes:
+ qubes:
+ label: orange
+ # _netvm: opnsense
+ template: provision-tmpl
+ template_vm: provision-tmpl
+ mirror:
+ qubes:
+ label: orange
+ template: docker-tmpl
+ template_vm: docker-tmpl
+ pfsense-qubes:
+ pritunl:
+ qubesos-build:
+ qubes:
+ template: fedora-32
+ template_vm: fedora-32
+ seconion-qubes:
+
+net-vms:
+ hosts:
+ # opnsense:
+ # ansible_password: "{{ lookup('env', 'OPNSENSE_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'OPNSENSE_USER') }}"
+ # qubes:
+ # _netvm: none
+ # pcidevs: '{{ sys_net_pcidevs | default([]) }}'
+ # provides_network: true
+ # template: opnsense-tmpl
+ # template_vm: opnsense-tmpl
+ # volume:
+ # root: 40g
+ # TODO - Add Security Onion to stack.
+ # Note - Ideally it should be run on another offline computer passively tapped into the Ethernet but in the spirit of mashing everything into one computer.. leaving this as a note for now -- PRs weldome
+ # seconion:
+ # ansible_password: "{{ lookup('env', 'SECONION_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'SECONION_USER') }}"
+ # qubes:
+ # template: seconion-tmpl
+ # template_vm: seconion-tmpl
+ # volume:
+ # root: 400g
+ vars:
+ ansible_connection: ssh
+ qubes:
+ autostart: true
+ label: orange
+ memory: 4096
+ maxmem: 8192
+ virt_mode: hvm
+ vm_type: NetVM
+
+proxy-vms:
+ vars:
+ qubes:
+ label: gray
+ memory: 256
+ maxmem: 1024
+ _netvm: sys-firewall
+ provides_network: true
+ template_for_dispvms: true
+ vm_type: AppVM
+ children:
+ vpn-dvms:
+ hosts:
+ vpn-pritunl-dvm:
+ qubes:
+ template: vpn-pritunl-tmpl
+ template_vm: vpn-pritunl-tmpl
+ vpn-proton-dvm:
+ qubes:
+ template: vpn-proton-tmpl
+ template_vm: vpn-proton-tmpl
+ vpn-nm-dvm:
+ qubes:
+ template: vpn-nm-tmpl
+ template_vm: vpn-nm-tmpl
+ vpn-tailscale-dvm:
+ qubes:
+ template: vpn-tailscale-tmpl
+ template_vm: vpn-tailscale-tmpl
+ vpn-warp-dvm:
+ qubes:
+ template: vpn-warp-tmpl
+ template_vm: vpn-warp-tmpl
+ net-dvms:
+ hosts:
+ ethernet-dvm:
+ qubes:
+ template: ethernet-tmpl
+ template_vm: ethernet-tmpl
+ wifi-dvm:
+ qubes:
+ template: wifi-tmpl
+ template_vm: wifi-tmpl
+
+template-vms:
+ vars:
+ qubes:
+ label: black
+ _netvm: None
+ vm_type: TemplateVM
+ children:
+ primary-templates:
+ children:
+ network-templates:
+ hosts:
+ ethernet-tmpl:
+ qubes:
+ source: fedora-36-minimal
+ wifi-tmpl:
+ qubes:
+ source: debian-11-minimal
+ primary-templates-base:
+ hosts:
+ archlinux-base:
+ qubes:
+ source: archlinux
+ debian-11-base:
+ qubes:
+ source: debian-11
+ fedora-36-base:
+ qubes:
+ source: fedora-36
+ fedora-37-base:
+ qubes:
+ source: fedora-37
+ jammy-base:
+ qubes:
+ source: jammy
+ vars:
+ volume:
+ root: 30
+ private: 20
+ primary-templates-docker:
+ hosts:
+ archlinux-docker:
+ qubes:
+ source: archlinux-base
+ debian-11-docker:
+ qubes:
+ source: debian-11-base
+ fedora-36-docker:
+ qubes:
+ source: fedora-36-base
+ fedora-37-docker:
+ qubes:
+ source: fedora-37-base
+ jammy-docker:
+ qubes:
+ source: jammy-base
+ vars:
+ volume:
+ root: 35
+ private: 24
+ primary-templates-full:
+ hosts:
+ archlinux-full:
+ qubes:
+ source: archlinux-base
+ debian-11-full:
+ qubes:
+ source: debian-11-base
+ fedora-36-full:
+ qubes:
+ source: fedora-36-base
+ fedora-37-full:
+ qubes:
+ source: fedora-37-base
+ jammy-full:
+ qubes:
+ source: jammy-base
+ vars:
+ volume:
+ root: 40
+ private: 30
+ primary-templates-stock:
+ hosts:
+ archlinux:
+ common_software_packages:
+ - apparmor
+ - base-devel
+ - bc
+ - git
+ - go-tools
+ - inetutils
+ - python-docutils
+ - squashfs-tools
+ - unzip
+ debian-11:
+ fedora-32:
+ fedora-36:
+ fedora-36-xfce:
+ fedora-37:
+ qubes_prerelease: true
+ jammy:
+ vars:
+ apply_theme: true
+ common_software_packages:
+ - snapd
+ - qubes-snapd-helper
+ volume:
+ root: 20
+ private: 10
+ primary-templates-minimal:
+ hosts:
+ debian-11-minimal:
+ fedora-36-minimal:
+ whonix-gw-16:
+ install_updates: false
+ whonix-ws-16:
+ install_updates: false
+ vars:
+ apply_theme: true
+ vars:
+ qubes:
+ label: red
+ standard-templates:
+ hosts:
+ anon-tmpl:
+ crypto-tmpl:
+ qubes:
+ source: fedora-36-docker
+ dev-tmpl:
+ install_default_npm_packages: true
+ install_default_pip_packages: true
+ install_default_ruby_gems: true
+ install_go_developer_dependencies: true
+ qubes:
+ source: fedora-36-full
+ # full_terminal_profile: true
+ # include_pii_dotfiles: true
+ docker-tmpl:
+ qubes:
+ source: fedora-36-docker
+ gpg-tmpl:
+ qubes:
+ source: fedora-36
+ net-tmpl:
+ qubes:
+ source: fedora-36
+ kubernetes-tmpl:
+ qubes:
+ source: fedora-36-docker
+ media-tmpl:
+ personal-tmpl:
+ qubes:
+ source: fedora-36-full
+ # pritunl-server-tmpl:
+ # qubes:
+ # source: debian-10
+ office-tmpl:
+ provision-tmpl:
+ qubes:
+ source: fedora-36-docker
+ remote-tmpl:
+ services-tmpl:
+ swarm-tmpl:
+ qubes:
+ source: fedora-36-docker
+ util-tmpl:
+ vpn-tmpl:
+ qubes:
+ source: debian-11-base
+ vault-tmpl:
+ qubes:
+ source: fedora-36
+ web-tmpl:
+ work-tmpl:
+ qubes:
+ source: fedora-36-full
+ vars:
+ qubes:
+ source: fedora-36-base
+ vpn-base-templates:
+ hosts:
+ vpn-tmpl:
+ vpn-templates:
+ hosts:
+ vpn-pritunl-tmpl:
+ vpn-proton-tmpl:
+ vpn-nm-tmpl:
+ vpn-tailscale-tmpl:
+ vpn-warp-tmpl:
+ vars:
+ qubes:
+ source: vpn-tmpl
+ # desktop-hvm-templates:
+ # hosts:
+ # # TODO Add version numbers in these template names
+ # archlinux-desktop-tmpl:
+ # centos-desktop-tmpl:
+ # debian-desktop-tmpl:
+ # debian-server-tmpl:
+ # fedora-desktop-tmpl:
+ # macos-desktop-tmpl:
+ # ubuntu-desktop-tmpl:
+ # windows-desktop-tmpl:
+ # ansible_connection: winrm
+ # vars:
+ # # SSH connection is unnecessary since templates are loaded from vagrantup.com or via the qubes-packer.yml playbook
+ # # ansible_connection: ssh
+ # # ansible_password: "{{ lookup('env', 'VAGRANT_PASSWORD') }}"
+ # # ansible_user: "{{ lookup('env', 'VAGRANT_USER') }}"
+ # qubes:
+ # kernel: ''
+ # source: blank
+ # virt_mode: hvm
+ # volume:
+ # root: 40g
+ misc-hvm-templates:
+ hosts:
+ # opnsense-tmpl:
+ # ansible_password: "{{ lookup('env', 'OPNSENSE_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'OPNSENSE_USER') }}"
+ # qubes:
+ # _netvm: None
+ # provides_network: true
+ # pcidevs: '{{ sys_net_pcidevs | default([]) }}'
+ # source: opnsense-22.7
+ # volume:
+ # root: 40g
+ # seconion-tmpl:
+ # ansible_password: "{{ lookup('env', 'SECONION_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'SECONION_USER') }}"
+ # volume:
+ # root: 10g
+ vars:
+ ansible_connection: ssh
+ qubes:
+ kernel: ''
+ virt_mode: hvm
+
+standalone-vms:
+ vars:
+ qubes:
+ label: blue
+ memory: 2048
+ maxmem: 8192
+ kernel: ''
+ vcpus: 4
+ virt_mode: hvm
+ vm_type: StandaloneVM
+ children:
+ # desktop-standalone-vms:
+ # hosts:
+ # # By default, only initialize standalones for the fully loaded environments
+ # # If you just want a default ubuntu HVM, for instance, then qvm-clone from the
+ # # `ubuntu-desktop-base-tmpl` TemplateVM
+ # archlinux-desktop:
+ # qubes:
+ # source: archlinux-desktop-tmpl
+ # centos-desktop:
+ # qubes:
+ # source: centos-desktop-tmpl
+ # debian-desktop:
+ # qubes:
+ # source: debian-desktop-tmpl
+ # debian-server:
+ # qubes:
+ # source: debian-server-tmpl
+ # fedora-desktop:
+ # qubes:
+ # source: fedora-desktop-tmpl
+ # macos-desktop:
+ # qubes:
+ # source: macos-desktop-tmpl
+ # ubuntu-desktop:
+ # qubes:
+ # source: ubuntu-desktop-tmpl
+ # windows-desktop:
+ # ansible_connection: winrm
+ # qubes:
+ # source: windows-desktop-tmpl
+ # vars:
+ # ansible_connection: ssh
+ # ansible_password: "{{ lookup('env', 'VAGRANT_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'VAGRANT_USER') }}"
+ # qubes:
+ # _netvm: sys-vpn-proton
+ # volume:
+ # root: 50g
+ unikernel-vms:
+ hosts:
+ mirage:
+ mirage_compile_from_source: false
+ qubes:
+ kernel: mirage-firewall
+ kernelopts: ''
+ memory: 64
+ maxmem: 64
+ provides_network: true
+ source: blank
+ vcpus: 1
+ virt_mode: pvh
+ label: green
+ vm_type: StandaloneVM
+ # TODO qvm-features mirage-firewall qubes-firewall 1
+ # TODO qvm-features mirage-firewall no-default-kernelopts 1
+
+system-vms:
+ hosts:
+ anon-whonix:
+ qubes:
+ _netvm: sys-whonix
+ template_vm: whonix-ws-16
+ debian-11:
+ qubes:
+ vm_type: TemplateVM
+ debian-11-dvm:
+ qubes:
+ _netvm: sys-firewall
+ template_for_dispvms: true
+ sys-firewall:
+ # Next three are where the SwitchHosts program gets installed along with hostctl and default profiles
+ hostsfile_default_loopback: true
+ install_hostctl: true
+ install_switchhosts: true
+ qubes:
+ _netvm: sys-net
+ vm_type: ProxyVM
+ sys-net:
+ # sys-usb:
+ sys-whonix:
+ qubes:
+ _netvm: sys-firewall
+ template_vm: whonix-gw-16
+ whonix-ws-16-dvm:
+ qubes:
+ _netvm: sys-firewall
+ template_vm: whonix-ws-16
+ vars:
+ qubes:
+ label: red
+ vm_type: AppVM
diff --git a/home/dot_local/share/ansible/environments/prod/inventories/quickstart.yml.bak b/home/dot_local/share/ansible/environments/prod/inventories/quickstart.yml.bak
new file mode 100644
index 00000000..07b3c40c
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/inventories/quickstart.yml.bak
@@ -0,0 +1,565 @@
+---
+# Three hosts are defined but the quickstart script filters using an environment variable
+# so only one host is provisioned at a time by quickstart.
+all:
+ vars:
+ ansible_winrm_transport: credssp
+ ansible_winrm_server_cert_validation: ignore
+ children:
+ desktop:
+ children:
+ nix:
+ hosts:
+ standard:
+ ansible_connection: local
+ vars:
+ ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') }}"
+ qubes:
+ vars:
+ ansible_connection: qubes
+ # ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') | default() }}"
+ # ansible_user: "{{ lookup('env', 'ANSIBLE_USER') }}"
+ ansible_python_interpreter: /usr/bin/python3
+ qubes:
+ dom0_vm: dom0
+ hosts:
+ dom0:
+ blank:
+ qubes:
+ vm_type: TemplateVM
+ children:
+ vms:
+ vars:
+ install_grub_theme: false
+ install_plymouth_theme: false
+ memory: 512
+ maxmem: 4096
+ vcpus: 2
+ children:
+ system-vms:
+ # template-vms:
+ # net-vms:
+ # proxy-vms:
+ # app-dvms:
+ # app-vms:
+ # standalone-vms:
+ windows:
+ hosts:
+ standard:
+ ansible_connection: winrm
+ vars:
+ ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') }}"
+
+app-vms:
+ vars:
+ qubes:
+ maxmem: 2048
+ memory: 512
+ netvm_vm: sys-firewall
+ vm_type: AppVM
+ children:
+ app-dvms:
+ vars:
+ qubes:
+ label: gray
+ template_for_dispvms: true
+ hosts:
+ anon-dvm:
+ qubes:
+ template: anon-tmpl
+ template_vm: anon-tmpl
+ dev-dvm:
+ qubes:
+ template: dev-tmpl
+ template_vm: dev-tmpl
+ media-dvm:
+ qubes:
+ template: media-tmpl
+ template_vm: media-tmpl
+ office-dvm:
+ qubes:
+ template: office-tmpl
+ template_vm: office-tmpl
+ util-dvm:
+ qubes:
+ template: util-tmpl
+ template_vm: util-tmpl
+ web-dvm:
+ qubes:
+ template: web-tmpl
+ template_vm: web-tmpl
+ primary-dvm-templates:
+ vars:
+ qubes:
+ label: gray
+ template_for_dispvms: true
+ hosts:
+ debian-11-dvm:
+ qubes:
+ template_vm: debian-11-base
+ fedora-36-dvm:
+ qubes:
+ template: fedora-36-base
+ template_vm: fedora-36-base
+ net-dvm:
+ randomize_mac_address: true
+ qubes:
+ template: net-tmpl
+ template_vm: net-tmpl
+ standard-vms:
+ hosts:
+ crypto:
+ qubes:
+ _netvm: sys-vpn-proton
+ template: crypto-tmpl
+ template_vm: crypto-tmpl
+ dev:
+ persistent_docker_volumes: true
+ qubes:
+ maxmem: 8192
+ _netvm: sys-vpn-proton
+ template: dev-tmpl
+ template_vm: dev-tmpl
+ vcpus: 4
+ volume:
+ private: 30
+ root: 30
+ gpg:
+ qubes:
+ label: green
+ template: gpg-tmpl
+ template_vm: gpg-tmpl
+ kubernetes:
+ persistent_docker_volumes: true
+ qubes:
+ autostart: true
+ maxmem: 8192
+ _netvm: sys-vpn-pritunl
+ template: kubernetes-tmpl
+ template_vm: kubernetes-tmpl
+ vcpus: 4
+ vm_type: NetVM
+ volume:
+ root: 100
+ personal:
+ persistent_docker_volumes: true
+ qubes:
+ maxmem: 8192
+ _netvm: sys-vpn-proton
+ template: personal-tmpl
+ template_vm: personal-tmpl
+ vcpus: 4
+ volume:
+ private: 20
+ root: 40
+ # pritunl-server:
+ # qubes:
+ # # _netvm: opnsense
+ # _netvm: sys-firewall
+ # template_vm: pritunl-server-tmpl
+ # provision:
+ # qubes:
+ # _netvm: sys-vpn-pritunl
+ # template_vm: provision-tmpl
+ remote:
+ qubes:
+ _netvm: sys-vpn-pritunl
+ template: remote-tmpl
+ template_vm: remote-tmpl
+ swarm:
+ persistent_docker_volumes: true
+ qubes:
+ autostart: true
+ maxmem: 8192
+ _netvm: sys-vpn-pritunl
+ template: swarm-tmpl
+ template_vm: swarm-tmpl
+ vcpus: 4
+ vault:
+ qubes:
+ label: green
+ template: vault-tmpl
+ template_vm: vault-tmpl
+ work:
+ persistent_docker_volumes: true
+ qubes:
+ maxmem: 8192
+ _netvm: sys-vpn-pritunl
+ template: work-tmpl
+ template_vm: work-tmpl
+ vcpus: 4
+ volume:
+ private: 30
+ root: 30
+ vars:
+ qubes:
+ label: purple
+ template_vm: fedora-36-base
+
+specialty-vms:
+ vars:
+ qubes:
+ vm_type: AppVM
+ hosts:
+ api:
+ qubes:
+ label: orange
+ template: provision-tmpl
+ template_vm: provision-tmpl
+ maas:
+ qubes:
+ label: orange
+ # _netvm: opnsense
+ template: provision-tmpl
+ template_vm: provision-tmpl
+ mirror:
+ qubes:
+ label: orange
+ template: docker-tmpl
+ template_vm: docker-tmpl
+ pritunl:
+ qubesos-build:
+ qubes:
+ template: fedora-32
+ template_vm: fedora-32
+
+net-vms:
+ hosts:
+ # opnsense:
+ # ansible_password: "{{ lookup('env', 'OPNSENSE_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'OPNSENSE_USER') }}"
+ # qubes:
+ # _netvm: none
+ # pcidevs: '{{ sys_net_pcidevs | default([]) }}'
+ # provides_network: true
+ # template: opnsense-tmpl
+ # template_vm: opnsense-tmpl
+ # volume:
+ # root: 40g
+ # TODO - Add Security Onion to stack.
+ # Note - Ideally it should be run on another offline computer passively tapped into the Ethernet but in the spirit of mashing everything into one computer.. leaving this as a note for now -- PRs weldome
+ # seconion:
+ # ansible_password: "{{ lookup('env', 'SECONION_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'SECONION_USER') }}"
+ # qubes:
+ # template: seconion-tmpl
+ # template_vm: seconion-tmpl
+ # volume:
+ # root: 400g
+ vars:
+ ansible_connection: ssh
+ qubes:
+ autostart: true
+ label: orange
+ memory: 4096
+ maxmem: 8192
+ virt_mode: hvm
+ vm_type: NetVM
+
+proxy-vms:
+ children:
+ vpn-dvms:
+ hosts:
+ vpn-pritunl-dvm:
+ qubes:
+ template: vpn-pritunl-tmpl
+ template_vm: vpn-pritunl-tmpl
+ vpn-proton-dvm:
+ qubes:
+ template: vpn-proton-tmpl
+ template_vm: vpn-proton-tmpl
+ vpn-nm-dvm:
+ qubes:
+ template: vpn-nm-tmpl
+ template_vm: vpn-nm-tmpl
+ vpn-tailscale-dvm:
+ qubes:
+ template: vpn-tailscale-tmpl
+ template_vm: vpn-tailscale-tmpl
+ vpn-warp-dvm:
+ qubes:
+ template: vpn-warp-tmpl
+ template_vm: vpn-warp-tmpl
+ vars:
+ qubes:
+ label: gray
+ memory: 256
+ maxmem: 1024
+ netvm_vm: sys-firewall
+ provides_network: true
+ template_for_dispvms: true
+ vm_type: AppVM
+
+template-vms:
+ vars:
+ qubes:
+ label: black
+ netvm_vm: None
+ vm_type: TemplateVM
+ children:
+ primary-templates:
+ children:
+ primary-templates-base:
+ hosts:
+ debian-11-base:
+ qubes:
+ source: debian-11
+ fedora-36-base:
+ qubes:
+ source: fedora-36
+ vars:
+ volume:
+ root: 14
+ private: 5
+ primary-templates-docker:
+ hosts:
+ debian-11-docker:
+ qubes:
+ source: debian-11-base
+ fedora-36-docker:
+ qubes:
+ source: fedora-36-base
+ primary-templates-full:
+ hosts:
+ debian-11-full:
+ qubes:
+ source: debian-11-base
+ fedora-36-full:
+ qubes:
+ source: fedora-36-base
+ primary-templates-stock:
+ hosts:
+ archlinux:
+ debian-11:
+ debian-11-backup:
+ debian-12:
+ fedora-32:
+ fedora-36:
+ fedora-36-xfce:
+ jammy:
+ vars:
+ apply_theme: true
+ common_software_packages:
+ - snapd
+ - qubes-snapd-helper
+ primary-templates-minimal:
+ hosts:
+ debian-11-minimal:
+ fedora-36-minimal:
+ whonix-gw-16:
+ install_updates: false
+ whonix-ws-16:
+ install_updates: false
+ vars:
+ apply_theme: true
+ vars:
+ qubes:
+ label: red
+ standard-templates:
+ hosts:
+ anon-tmpl:
+ crypto-tmpl:
+ dev-tmpl:
+ qubes:
+ source: fedora-36-full
+ # full_terminal_profile: true
+ # include_pii_dotfiles: true
+ docker-tmpl:
+ qubes:
+ source: fedora-36-docker
+ gpg-tmpl:
+ qubes:
+ source: fedora-36
+ net-tmpl:
+ qubes:
+ source: fedora-36
+ kubernetes-tmpl:
+ qubes:
+ source: fedora-36-docker
+ media-tmpl:
+ personal-tmpl:
+ qubes:
+ source: fedora-36-full
+ # pritunl-server-tmpl:
+ # qubes:
+ # source: debian-10
+ office-tmpl:
+ provision-tmpl:
+ remote-tmpl:
+ swarm-tmpl:
+ qubes:
+ source: fedora-36-docker
+ util-tmpl:
+ vpn-tmpl:
+ qubes:
+ source: debian-11-base
+ vault-tmpl:
+ qubes:
+ source: feodra-36
+ web-tmpl:
+ work-tmpl:
+ qubes:
+ fedora-36-full
+ vars:
+ qubes:
+ source: fedora-36-base
+ vpn-templates:
+ hosts:
+ vpn-pritunl-tmpl:
+ vpn-proton-tmpl:
+ vpn-nm-tmpl:
+ vpn-tailscale-tmpl:
+ vpn-warp-tmpl:
+ vars:
+ qubes:
+ source: vpn-tmpl
+ # desktop-hvm-templates:
+ # hosts:
+ # # TODO Add version numbers in these template names
+ # archlinux-desktop-tmpl:
+ # centos-desktop-tmpl:
+ # debian-desktop-tmpl:
+ # debian-server-tmpl:
+ # fedora-desktop-tmpl:
+ # macos-desktop-tmpl:
+ # ubuntu-desktop-tmpl:
+ # windows-desktop-tmpl:
+ # ansible_connection: winrm
+ # vars:
+ # # SSH connection is unnecessary since templates are loaded from vagrantup.com or via the qubes-packer.yml playbook
+ # # ansible_connection: ssh
+ # # ansible_password: "{{ lookup('env', 'VAGRANT_PASSWORD') }}"
+ # # ansible_user: "{{ lookup('env', 'VAGRANT_USER') }}"
+ # qubes:
+ # kernel: ''
+ # source: blank
+ # virt_mode: hvm
+ # volume:
+ # root: 40g
+ misc-hvm-templates:
+ hosts:
+ # opnsense-tmpl:
+ # ansible_password: "{{ lookup('env', 'OPNSENSE_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'OPNSENSE_USER') }}"
+ # qubes:
+ # netvm_vm: None
+ # provides_network: true
+ # pcidevs: '{{ sys_net_pcidevs | default([]) }}'
+ # source: opnsense-22.7
+ # volume:
+ # root: 40g
+ # seconion-tmpl:
+ # ansible_password: "{{ lookup('env', 'SECONION_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'SECONION_USER') }}"
+ # volume:
+ # root: 10g
+ vars:
+ ansible_connection: ssh
+ qubes:
+ kernel: ''
+ virt_mode: hvm
+
+standalone-vms:
+ vars:
+ qubes:
+ label: blue
+ memory: 2048
+ maxmem: 8192
+ kernel: ''
+ vcpus: 4
+ virt_mode: hvm
+ vm_type: StandaloneVM
+ children:
+ # desktop-standalone-vms:
+ # hosts:
+ # # By default, only initialize standalones for the fully loaded environments
+ # # If you just want a default ubuntu HVM, for instance, then qvm-clone from the
+ # # `ubuntu-desktop-base-tmpl` TemplateVM
+ # archlinux-desktop:
+ # qubes:
+ # source: archlinux-desktop-tmpl
+ # centos-desktop:
+ # qubes:
+ # source: centos-desktop-tmpl
+ # debian-desktop:
+ # qubes:
+ # source: debian-desktop-tmpl
+ # debian-server:
+ # qubes:
+ # source: debian-server-tmpl
+ # fedora-desktop:
+ # qubes:
+ # source: fedora-desktop-tmpl
+ # macos-desktop:
+ # qubes:
+ # source: macos-desktop-tmpl
+ # ubuntu-desktop:
+ # qubes:
+ # source: ubuntu-desktop-tmpl
+ # windows-desktop:
+ # ansible_connection: winrm
+ # qubes:
+ # source: windows-desktop-tmpl
+ # vars:
+ # ansible_connection: ssh
+ # ansible_password: "{{ lookup('env', 'VAGRANT_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'VAGRANT_USER') }}"
+ # qubes:
+ # _netvm: sys-vpn-proton
+ # volume:
+ # root: 50g
+ unikernel-vms:
+ hosts:
+ mirage-firewall:
+ mirage_compile_from_source: false
+ qubes:
+ kernel: mirage-firewall
+ kernelopts: ''
+ memory: 64
+ maxmem: 64
+ provides_network: true
+ source: blank
+ vcpus: 1
+ virt_mode: pvh
+ label: green
+ vm_type: StandaloneVM
+ # TODO qvm-features mirage-firewall qubes-firewall 1
+ # TODO qvm-features mirage-firewall no-default-kernelopts 1
+
+system-vms:
+ hosts:
+ anon-whonix:
+ qubes:
+ netvm_vm: sys-whonix
+ template_vm: whonix-ws-16
+ debian-11:
+ qubes:
+ vm_type: TemplateVM
+ debian-11-dvm:
+ qubes:
+ netvm_vm: sys-firewall
+ template_for_dispvms: true
+ sys-firewall:
+ # Next three are where the SwitchHosts program gets installed along with hostctl and default profiles
+ hostsfile_default_loopback: true
+ install_hostctl: true
+ install_switchhosts: true
+ qubes:
+ netvm_vm: sys-net
+ vm_type: ProxyVM
+ sys-net:
+ sys-usb:
+ sys-whonix:
+ qubes:
+ netvm_vm: sys-firewall
+ template_vm: whonix-gw-16
+ whonix-ws-16-dvm:
+ qubes:
+ netvm_vm: sys-firewall
+ template_vm: whonix-ws-16
+ vars:
+ qubes:
+ label: red
+ vm_type: AppVM
diff --git a/home/dot_local/share/ansible/environments/prod/inventories/raspi.yml b/home/dot_local/share/ansible/environments/prod/inventories/raspi.yml
new file mode 100644
index 00000000..9117fe87
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/inventories/raspi.yml
@@ -0,0 +1,11 @@
+---
+all:
+ children:
+ raspberry:
+ hosts:
+ raspi:
+ ansible_host: '{{ domains[inventory_hostname | lower].hostname }}'
+ ansible_port: '{{ ssh_port }}'
+ ansible_password: '{{ admin_password }}'
+ ansible_user: '{{ admin_username }}'
+ ansible_sudo_pass: '{{ admin_password }}'
diff --git a/home/dot_local/share/ansible/environments/prod/inventories/workstation.yml b/home/dot_local/share/ansible/environments/prod/inventories/workstation.yml
new file mode 100644
index 00000000..0fb8b50d
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/inventories/workstation.yml
@@ -0,0 +1,27 @@
+---
+all:
+ children:
+ windows:
+ children:
+ desktop:
+ hosts:
+ workstation:
+ ansible_connection: winrm
+ ansible_winrm_transport: basic
+ ansible_port: 5985
+ ansible_host: localhost
+ ansible_password: AnsibleTest999
+ ansible_username: Brian
+ ansible_user: Brian
+ ansible_python_interpreter: python3
+ ansible_winrm_scheme: http
+ ubuntu:
+ children:
+ wsl:
+ hosts:
+ workstation-ubuntu-wsl:
+ ansible_connection: local
+ ansible_sudo_pass: '{{ admin_password }}'
+ ansible_password: '{{ admin_password }}'
+ ansible_python_interpreter: python3
+ ansible_user: '{{ admin_username }}'
diff --git a/home/dot_local/share/ansible/environments/prod/inventories/wsl.yml b/home/dot_local/share/ansible/environments/prod/inventories/wsl.yml
new file mode 100644
index 00000000..1a9fd4f2
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/prod/inventories/wsl.yml
@@ -0,0 +1,10 @@
+---
+all:
+ children:
+ ubuntu-wsl:
+ hosts:
+ wsl:
+ ansible_connection: local
+ ansible_sudo_pass: '{{ admin_password }}'
+ ansible_password: '{{ admin_password }}'
+ ansible_user: '{{ admin_username }}'
diff --git a/home/dot_local/share/ansible/environments/prod/templates/.gitkeep b/home/dot_local/share/ansible/environments/prod/templates/.gitkeep
new file mode 100644
index 00000000..e69de29b
diff --git a/home/dot_local/share/ansible/environments/qa/files/inventory-map.json b/home/dot_local/share/ansible/environments/qa/files/inventory-map.json
new file mode 100644
index 00000000..42023df8
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/files/inventory-map.json
@@ -0,0 +1,3 @@
+{
+ "f0:18:98:2b:31:93": "inventories/malaptop.yml"
+}
diff --git a/home/dot_local/share/ansible/environments/qa/files/ssh/id_rsa b/home/dot_local/share/ansible/environments/qa/files/ssh/id_rsa
new file mode 100644
index 00000000..58e57831
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/files/ssh/id_rsa
@@ -0,0 +1,38 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
+NhAAAAAwEAAQAAAYEAplw5NPGrHxgJmfVPAC4vU+qcFmenOzWHMJLaqN5+UK0C8BmhFZP3
+P2jUYQIzsJ7SyCGWFKckhUw95ynWfpCZ8+370JxMB799o8wq1dmov0VDPaDsxWUY1cwDgG
+Bpwj8LMY8HpDvWkZtQKtmD6nX7lK8sAawZ/P59t5IvHfk8ipFfGeneahnNlb5rHVBgSS5Z
+R92m5Tp0aQowqv57TC+uvMh58bcG2xABDfHzo+6VVk5nl0/yXpN1zsCE5RurbMJgXxNfDy
+/vJXBV7B2TEpuubMSILLdEBFxg3xKc7UlHQp3EY0kYeQkbd53cY5DXciZjCoDhaAyU5STE
+rg/7UYj6vrQ0qrnWw9POOARHnxnf4jn27f+fqv5H+Yj/Yaf5PmRxXIjlyg/9cdPC2U1vdE
+PNjxUSyA1JGb2cGXcJep3QCeuAEQ/g89XMb1Fo2Iy5oWf4LdMaacpruSZ5T06a8UQjvLv5
+DOnwv00LlwTPLQx2DKPUACMC4wNIORsgMjKjzjXfAAAFkGV7uPZle7j2AAAAB3NzaC1yc2
+EAAAGBAKZcOTTxqx8YCZn1TwAuL1PqnBZnpzs1hzCS2qjeflCtAvAZoRWT9z9o1GECM7Ce
+0sghlhSnJIVMPecp1n6QmfPt+9CcTAe/faPMKtXZqL9FQz2g7MVlGNXMA4BgacI/CzGPB6
+Q71pGbUCrZg+p1+5SvLAGsGfz+fbeSLx35PIqRXxnp3moZzZW+ax1QYEkuWUfdpuU6dGkK
+MKr+e0wvrrzIefG3BtsQAQ3x86PulVZOZ5dP8l6Tdc7AhOUbq2zCYF8TXw8v7yVwVewdkx
+KbrmzEiCy3RARcYN8SnO1JR0KdxGNJGHkJG3ed3GOQ13ImYwqA4WgMlOUkxK4P+1GI+r60
+NKq51sPTzjgER58Z3+I59u3/n6r+R/mI/2Gn+T5kcVyI5coP/XHTwtlNb3RDzY8VEsgNSR
+m9nBl3CXqd0AnrgBEP4PPVzG9RaNiMuaFn+C3TGmnKa7kmeU9OmvFEI7y7+Qzp8L9NC5cE
+zy0Mdgyj1AAjAuMDSDkbIDIyo8413wAAAAMBAAEAAAGBAJMBO6wFQemgHBvoIX9PUJMe5f
+8GaUhw7J2Hp6FBuu0fdVEl1Kp0ri9iOwneID8ambgvtadaa3M/BBSZa+k7bk+XJMYa1zSh
+iiyL5e5DAFLEqb5zzcZAp8mFFjMC/3GetA1/DomaNulEDXtP6rnst/uTL5fqtKxTVlQ44V
+njPBRWkWsctmWbl4eTVKP6uprwUgSnYSt+lA+d6ZOwfNO97vLzVI675Vr+sW/ZNirOUTiK
+4A9dnhbkx12D0euCn+DjgUiVSuD9WaYmQLo6IntGxfXn81nVKbNeAytaWyW0z36sGqAN65
+xSyOe8s8QXTcXUQ8wyM1vrFbdpLfGEmUgQNKi+RoTmGRzQgUpj879/JRzSnJOoTKK5Tlzv
+N8wyoeiYP+WM1ErhfGStx2UCRT9Yoi+hj0meXqmoca/U8e/oDmJwFPdIYnSh8drvKqOOzY
+fh3gvxPA6Bj1qq1iHgdodN4/WQoTH9eJUUzH8nOCB2DZRPjYKy0uzCbY9MwJQOReDAAQAA
+AMBf2jckJrbUCV6K2uw/+zMGC9//HRm6HYE7tks+W1fAyh6MDw9qJlnl63rgC9IinJsy5o
+YIVZH5aLj6qnf09o07t1dNp0pgU6dFOy+K8DPbE/My6PO27DBTp+No9R7Yld19hBO3ek/L
+F6YXb+Z8NRd7GI/aH14TTGUTgsP+xqI6EATW2AaMYqUbstccPGVzPzkhU90K5JoBsNf5io
+m4SFE6i1+tRmXNhuCq8s+peenLdEUJ7illD3UYFPA7C3RgLY0AAADBANVik5ACkslRQmbN
+VCpWamH9SY5VuwS12kmL6BVHB34W01rb6XXawtL+fEHH2KyYcEZFPXwGRQqcoM7ekwlIIB
+08cYPuNFloCRpaxt5BHQTNXAMdua6t01QO5xQqMYb7ByCV5nrwpTs6Z69O7OWpr8rodweE
+S5YWVSvKrFqcQWdDqsoQY6Vd56sd6deKGXASOrrEgVnPmp95LUxrdLMMSL4yVH52K2K0FB
+bmy4405QqK/2/fUIF0Wdpdpuk9V108AQAAAMEAx5V6hVRbCTF4co7Rtve1AmgA+Km7mig2
+RDMu64eni65m6wlex35jIpB4xvTxxTop7q25/1cch4mQ/kRHg7qgc+fwr7RWnia/ceBBMF
+866H6QWfBugzyur75BfJXfE+oaNxVc6zqdCiwZRMHi2JfGhatkpBPT/y8PXs8MS/12Zmbx
+W/H5BeHHtgQDUvE4y0/8H8cpobCh8P+n+OKwF8sYwoo/3RKCMbZrBGXFWIvlaV9fmtY4aZ
+j/5yoKsrysGvHfAAAAFmJ6YWxld3NraUBDMDJYNTE0UEpHNU0BAgME
+-----END OPENSSH PRIVATE KEY-----
diff --git a/home/dot_local/share/ansible/environments/qa/files/ssh/id_rsa.pub b/home/dot_local/share/ansible/environments/qa/files/ssh/id_rsa.pub
new file mode 100644
index 00000000..a8b6c471
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/files/ssh/id_rsa.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCmXDk08asfGAmZ9U8ALi9T6pwWZ6c7NYcwktqo3n5QrQLwGaEVk/c/aNRhAjOwntLIIZYUpySFTD3nKdZ+kJnz7fvQnEwHv32jzCrV2ai/RUM9oOzFZRjVzAOAYGnCPwsxjwekO9aRm1Aq2YPqdfuUrywBrBn8/n23ki8d+TyKkV8Z6d5qGc2VvmsdUGBJLllH3ablOnRpCjCq/ntML668yHnxtwbbEAEN8fOj7pVWTmeXT/Jek3XOwITlG6tswmBfE18PL+8lcFXsHZMSm65sxIgst0QEXGDfEpztSUdCncRjSRh5CRt3ndxjkNdyJmMKgOFoDJTlJMSuD/tRiPq+tDSqudbD0844BEefGd/iOfbt/5+q/kf5iP9hp/k+ZHFciOXKD/1x08LZTW90Q82PFRLIDUkZvZwZdwl6ndAJ64ARD+Dz1cxvUWjYjLmhZ/gt0xppymu5JnlPTprxRCO8u/kM6fC/TQuXBM8tDHYMo9QAIwLjA0g5GyAyMqPONd8= bzalewski@C02X514PJG5M
diff --git a/home/dot_local/share/ansible/environments/qa/files/vpn/Mullvad OVPN Greece (TCP 53).ovpn b/home/dot_local/share/ansible/environments/qa/files/vpn/Mullvad OVPN Greece (TCP 53).ovpn
new file mode 100644
index 00000000..0236b5fa
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/files/vpn/Mullvad OVPN Greece (TCP 53).ovpn
@@ -0,0 +1,138 @@
+$ANSIBLE_VAULT;1.1;AES256
+61626232383334346236303735343435643665666238633830343164623934393038343938613232
+6338383065346163343763626665383730323530356438650a616330366130616533653261363564
+31663839396630323036653864373030356639636562366237373563366631363662363431353662
+6139363266313335390a306532636563303261323538323837653162386136343130303964326431
+38323234343961326364303333323266643864643364353233636630333236356333323532356561
+38356136353337616562653566633631663565323661626439323831613966376332656436386435
+32353966353531346230343531636432653137643563633864393631376338376433376466393563
+61303539323863306237363965373231393066623033303638633062636166393933323139373963
+64626333393637303733366566306530623139386435356539353238616664633364386436343839
+33653834616630353237623931663465373936306261393361356139363863373963383230336363
+31313735623936363361303230646131333332636165376239376431316131316432303564346338
+65653165343339333863333134623837383862666336656364383166343865626263333961616561
+37656362636236653632656537333631613465386332363466386632343835376339623034633736
+37656262376438316437636533363634656439376130333832333237346436343662313866323734
+61636437373132343930396561643132383166346134663339623831333438346666323162393730
+66616538313533656134356237353263303232323330313762393863346231336465343232396165
+39343836633433306538636264616436386236386433313266653138343133336631373561333966
+31383963623232353037313661356663343431623736353535623533383136306635653336366131
+39306538326137363566643064346330303939343936653436316336663035316230373235303963
+32363737623631623939366136626132333238333434303263373133383363323265373333313039
+65353261613764633934646363363535396638613163383036313132633665326634363637353237
+34366638353664623237613437646335303766663366313536313361356233656165353761326662
+63343463616338626262313865353835323366653532333036643261613261373464323731653834
+65383634313033636330633565336431393433323935616332656138323033346533663337353337
+38343633326461393939313061653362643932323230636539373766666431656462343031366338
+62346165313663623636323565386331376433306337326630363335383264383233333635656436
+64356232353536383735636364653338666466643634383132353034303733323932306562653538
+39383030323630373637363437663936646430663865643461613532383035663030663933363939
+65666330383864653339383733373266313634336334393063613930363033383065326331333433
+66353362373566623066643139336130313462396438643838393935323335366631323837353761
+30383536363139303032643934323334626431656430623332386533613833343535343863316631
+33633137616430663138306630323034353434336135343838383962633563386430376563386162
+33386331643262393839653034663932313365303733343730326562316236386238323863386331
+35376366653238343334623138346634316634313131636338303535366664383264353035373866
+38636566303966383366346662643632373832313765343462313037323139323666653333613839
+38653235656263313738306330313464373537643733326238393835366661613864303837303832
+61346435313762663535653333313164643031333839623665356465613365323061323033663162
+62613566333537303738353666373630633732666335653035316538316138333466323932633131
+38326561336531333339343833326266313865336336363663333737316163326638396237353162
+33323838643265393839353262373837666164373838356530633539343765316563636261626562
+66376565356262323163616638303637363531663231653432623062366366636661356533313330
+37633566396233323030633038306330366461646133326636633633316432373034336565393732
+62306639646638333733373638343538353165373239313236333130633863663738333331393130
+66336534336461353432333263373763656535616263353362316538306265373936356362306339
+39646439643638333633363537666230333063623966613230333736646136376332613463326135
+65303536623265303837313261626332326232333565613731623734303762333438633430343361
+65636462383962373239376163346666306437363631363331636634623236643638366435616431
+30366165623736333337386265326432313830653166326166376536306362303237613039663436
+35306334363261323366343766393030613866373439393035376335623837626633633434393763
+31653631643838663161333062363430616532363432346436663537366131656135316531343765
+33613166316638336231363037666238373333656534376533666335623939333236636538383837
+35393138373938386663663232653336393839633636336233333264613939376434386564393136
+62333061663938356561393239393930616632363730393539653334356332313461323638636366
+39363938373739346538626234393636656437303836326130653437653837626233623238613836
+62653661363235623334386466633235306435336361303161393261616533366432333736343362
+31333735393637363238613933616331653430613731313230636161383932356439306465386532
+66346466646364656434316266616333643832393236323132326661373065613161306362373163
+63323037363530326333633537333738353335376533376165326264363730633735336263656333
+32626530626533346166633564366335313639336637313766313164633630626231356139326136
+39623465656266366462316463373737643439663736343531396536626666383765393137633630
+61653734306462663137633437663866353433323433393461323566626332343839383038336431
+39633930386435663866383864663362393337336562623430623036346263316531383639383966
+63373262353831663132653436646339323134306233653366646231396234383731623964353231
+64633166333136393537343439333036303136343865333134313639373833336461633035383463
+32303433373063373435343731306638613839313063616162633232336430313233636261613238
+33656137613633306335623338333664656264343839653838386662663133666662346534646133
+30336631643962323037633963306435626137346366393564663036346434353339356532343362
+65663565353233666238396231366665663161643931613338393934656431356331393430663732
+31633936623039303733373462643530643563653935353930613333656464333135333564373730
+66393862306263303964373665363833633932663634643036633236343036656338346538613066
+38303235383561633837373836643362383731376564363434613035616462663162356436373364
+33633965373033663662613364643633613638613934663830343436646131386436663832336366
+61326565613863636631383236323539393037613931366561613034393730363565666632343164
+65346463336164323366393563303261343834316461376236323466383539323965613364623861
+33393966323064653063656536373732643261366332646531383032636433616136613861346464
+34356336336562616630386265623839343566303732653037316339383538366234326133363139
+30613339636632653134656565656630646335336430333531633863666537383663613234343634
+32633738346466613465396333633162636332383638303830313866333263363932656330326461
+32663664613065353132636232616361376666376631313461373866616561383233373433396636
+31323861353136633730393139313339666366633932353035353766373335656665376562393739
+66316634393230653164313231633039303963633837643764336633376433323562383335363738
+61646236643561323538386333663335363661363838656235326430326566323935356361666562
+32303466323033333562346264643933613938623161623634356332383263346635343938613663
+37653737643837613333363036303731663266366164316339666562653964313361643461346637
+64633966343930633838316562383035613639623466633663653438313936373839343838383564
+66316238346138393137366561383161663336626230376261346164303731636364646334653562
+63303031306133613431363261363631636361366639346664326566326338376364623161356536
+30643538366463653064323466323633333632333362396666393230616335613433623830376133
+31326431613930353238386263663339346339643466343039613337343464663837346234636563
+34396463303335376330633339313962303163393236343939366666623064353862616164633362
+33393534393632663934613831363037383862666439626364323363653831633738303464663238
+31393239613462373761333563366237636665333930363030623138343161356137333230613062
+38666564633766316339333461666233313739346436303164626539393538343862383862343337
+30633333356462373664333032353331316462333463363862663033646536656135313262316134
+61343631653734353337386239396437623835623735386561373062373330363631333832303639
+65303265353136643730633938376337313638383462376330333731303230653764333864383132
+34303739373230366361353532366133613930366565346566633164356432333066636462623431
+38333063323034386361386362626666363865363365366463623962366138633233333766646337
+37646232653339616130646337363066343439323737636636336330313931626530326433663632
+35373332613161666462356236383437306566346663643030393630633337326432356530353464
+32613738313061393364363066313162303931376335626162663836386566613636656566663665
+39643035373366323135643763363837653065316134313436613565376362613432396437343531
+30656432323564636435666632333866616531326664316230356161386335303337326232666634
+33343233623533643935663861626335643864303034623034613130333738386163346564653165
+62626337643238663037666662366363326464373063353336343166303638396134653265643462
+64623466323363336239343066613461663037373630646334666366666234623165666266356465
+36366433666239663662373861336330623033663136663361366131323863396531356437316333
+33373166623064323931616637373230663164353161666134656465346437343235336134373636
+37313336383162363836343339333836373339613939616438646664396230383337616465636135
+34646532613763633837366533326530323135323533316535326135393034386631326364643735
+63373639303366356631333134313837376332653035633130383731633366353731666433313839
+33623666383364333132616663336562663462313434366261383736613134356365656364353838
+34326338616461613236636435316132346332623434663933653736613038346662343632656663
+34353364316666353565303865313238366534346431363131303836363063383737333936613163
+30653237633834616365663064643464346266313166396134376530333539363034393833306632
+65653633316234376533396438336334313430373266373538366334613536306161346538666438
+66623762326434633335663334613635646237343237346237316462363361393535346633656531
+38383461313964626632343436363664623030643830333139626466383632383261616266356332
+65356235306261373363313237663330336665373636636237366364353838393233323834663439
+30353439383931373864323339333061643738336563633036373936666538666135333966653537
+35663537343631313932313732626233666537656361343133333563313266393334386166623235
+63303764656336303830396336646335366435666330306230656630343339333561386430643530
+64313438363537376439323262346137663062643762613636613336633930636230383038303137
+39303737303534643436356134336162643964353763653364316165393636653166373465656631
+61646232393065323461626263666263323030633461346337653164373730373835396663373962
+33323737623562356535346265656463356536393936343231643432343637653965613036653034
+38306339666439303561646666646232643434643063653564616532393630626538653834663662
+36326331623737643831353534373763353730323163353561343431343731303932656466636362
+38646637666531356538636132613539303732313539343733383831613436313138333038303561
+30383531656465633263316436303732376537666463316530633639666539663063306534353763
+61316331333330613766333634333865623633373337393866373462356439363632393862616531
+37373464393663636364643138343935313539346662623463646564366633646164363431366430
+62323436356366636638333462366534633464626534323366373139666466653132626434653234
+31613836396531316631663964393266356239643031336564636337366332313439373633393363
+63333662633539376664353930656635633833306539353936646535613832303365316434656565
+39346439636534316236393065313064323561653433383736393464313662303062396238333630
+6633
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/all/apps.yml b/home/dot_local/share/ansible/environments/qa/group_vars/all/apps.yml
new file mode 100644
index 00000000..dec46229
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/all/apps.yml
@@ -0,0 +1,277 @@
+---
+# @var internal_domain: lab.megabyte.space # Default domain to add internal apps to
+internal_domain: lab.megabyte.space
+
+# @var public_domain: megabyte.space # Domain to add public apps to
+public_domain: megabyte.space
+
+# @var healthcheck_endpoint: 'health.{{ public_domain }}' # FQDN of the [Healthchecks](https://github.com/healthchecks/healthchecks) endpoint
+healthcheck_endpoint: 'health.{{ public_domain }}'
+
+# @var theme_park_theme: aquamarine # Default CSS theme to use for select web-apps (see https://github.com/gilbN/theme.park)
+theme_park_theme: aquamarine
+
+# @var apps: [] # Contains lists of web-apps assigned to specific hosts. **Any app installed on your network should be categorized
+# under its host.** You can see all the supported web-apps in the following places:
+#
+# 1. In the `roles/virtualization/swarm/templates` folder you will see Docker Swarm configurations. If your desired app is in a configuration
+# named `portainer.docker-stack.yml` then you can install it to a host named `nuc` by placing `portainer` under the `nuc` key of `apps`.
+# 2. In the `group_vars/all/helm.yml` file, you will find the `helm_charts` variable. Each key in the `helm_charts` variable is a key
+# that you can add to a specific host in the `apps` variable.
+apps:
+ nuc:
+ - cockpit
+ - maas
+ - portainer
+ raspiboot:
+ - netboot
+ - netbootassets
+ statuscheck:
+ - healthchecks
+ - statping
+ workstation:
+ - cups
+ # If you want HTPC apps, make sure to enable all of these at the same time. They are added with a single Docker configuration
+ # and configured to tunnel all traffic out via WireGuard.
+ # - bazarr
+ # - cups
+ # - heimdall
+ # - jackett
+ # - kodi
+ # - lidarr
+ # - nzbget
+ # - ombi
+ # - organizr
+ # - plex
+ # - radarr
+ # - sonarr
+ # - tautulli
+ # - transmission
+
+# @var domains: {} # A map of configurations used when provisioning web-apps that are defined in the `apps` variable above. The
+# variables are used to configure NGINX, configure CloudFlare DNS records, and populate the /etc/hosts files of peers on the network.
+# Examples along with descriptions of the options is provided below. **Any new hosts (that you would find in the `host_vars` folder)
+# need to be added to this configuration with a minimum of `hosts`, `ip_address` and `regexp` defined.
+domains:
+ bazarr:
+ hosts: 'bazarr bazarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26671
+ regexp: '# Bazarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/bazarr/{{ theme_park_theme }}.css'
+ cockpit:
+ hosts: 'cockpit cockpit.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ port: 9090
+ proxy_file: proxy-ws.conf
+ regexp: '# Cockpit'
+ transport: https
+ cups:
+ hosts: 'cups printers printers.{{ internal_domain }}'
+ ip_address: '{{ workstation_ip_address }}'
+ port: 631
+ proxy_file: proxy-cups.conf
+ regexp: '# CUPS'
+ transport: https
+ grafana:
+ hosts: 'grafana grafana.{{ internal_domain }}'
+ ip_address: '{{ cluster_ip_address }}'
+ regexp: '# Grafana'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/grafana/{{ theme_park_theme }}.css'
+ healthchecks:
+ dns_record: health
+ dns_zone: '{{ internal_domain }}'
+ hosts: 'healthchecks health health.{{ public_domain }}'
+ ip_address: '{{ status_ip_address }}'
+ port: 26798
+ regexp: '# Healthchecks'
+ heimdall:
+ hosts: 'heimdall home home.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 29915
+ regexp: '# Heimdall'
+ jackett:
+ hosts: 'jackett jackett.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26673
+ regexp: '# Jackett'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/jackett/{{ theme_park_theme }}.css'
+ kodi:
+ hosts: 'kodi kodi.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26674
+ regexp: '# Kodi'
+ lidarr:
+ hosts: 'lidarr lidarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26676
+ regexp: '# Lidarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/lidarr/{{ theme_park_theme }}.css'
+ localhost:
+ hosts: localhost
+ ip_address: 127.0.0.1
+ regexp: '# Localhost'
+ maas:
+ firewall: true
+ hosts: 'maas maas.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ port: 5240
+ regexp: '# MAAS'
+ malaptop:
+ hostname: MALaptop
+ hosts: 'malaptop laptop.{{ internal_domain }}'
+ ip_address: '{{ malaptop_ip_address }}'
+ regexp: '# Laptop'
+ netboot:
+ hosts: 'netboot netboot.{{ internal_domain }}'
+ ip_address: '{{ netboot_ip_address }}'
+ port: 3000
+ regexp: '# NetbootXYZ'
+ netbootassets:
+ hosts: 'netbootassets netbootassets.{{ internal_domain }}'
+ ip_address: '{{ netboot_ip_address }}'
+ port: 80
+ regexp: '# Assets4XYZ'
+ nuc:
+ hostname: NUC
+ hosts: 'nuc nuc.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ regexp: '# NUC'
+ nzbget:
+ hosts: 'nzbget nzbget.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26678
+ regexp: '# NZBGet'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/nzbget/{{ theme_park_theme }}.css'
+ ombi:
+ hosts: 'ombi ombi.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26679
+ regexp: '# Ombi'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/ombi/{{ theme_park_theme }}.css'
+ organizr:
+ hosts: 'organizr organizr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26680
+ regexp: '# Organizr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/organizr/{{ theme_park_theme }}.css'
+ pfsense:
+ hosts: 'pfsense pfsense.{{ internal_domain }}'
+ hostname: pfSense
+ ip_address: '{{ firewall_ip_address }}'
+ regexp: '# pfSense'
+ plex:
+ hosts: 'plex plex.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 32400
+ regexp: '# Plex'
+ transport: https
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/plex/{{ theme_park_theme }}.css'
+ portainer:
+ hosts: 'portainer portainer.{{ internal_domain }}'
+ ip_address: '{{ controller_ip_address }}'
+ port: 26685
+ regexp: '# Portainer'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/portainer/{{ theme_park_theme }}.css'
+ radarr:
+ hosts: 'radarr radarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26681
+ regexp: '# Radarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/radarr/{{ theme_park_theme }}.css'
+ raspiboot:
+ hostname: RaspiBoot
+ hosts: 'boot boot.{{ internal_domain }}'
+ ip_address: '{{ netboot_ip_address }}'
+ regexp: '# RaspiBoot'
+ seconion:
+ hosts: 'seconion seconion.{{ internal_domain }}'
+ ip_address: '{{ seconion_ip_address }}'
+ regexp: '# Security Onion'
+ sonarr:
+ hosts: 'sonarr sonarr.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26682
+ regexp: '# Sonarr'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/sonarr/{{ theme_park_theme }}.css'
+ statping:
+ dns_record: status
+ dns_zone: '{{ public_domain }}'
+ hosts: 'statping status status.{{ public_domain }}'
+ ip_address: '{{ status_ip_address }}'
+ port: 26799
+ regexp: '# StatPing'
+ statuscheck:
+ dns_record: statuscheck
+ dns_zone: '{{ public_domain }}'
+ hostname: StatusCheck
+ hosts: 'statuscheck statuscheck.{{ public_domain }}'
+ ip_address: '{{ status_ip_address }}'
+ regexp: '# Status'
+ tautulli:
+ hosts: 'tautulli tautulli.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26683
+ regexp: '# Tautulli'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/tautulli/{{ theme_park_theme }}.css'
+ transmission:
+ hosts: 'transmission transmission.{{ internal_domain }}'
+ ip_address: '{{ htpc_ip_address }}'
+ port: 26684
+ regexp: '# Transmission'
+ theme_url: 'https://gilbn.github.io/theme.park/CSS/themes/transmission/{{ theme_park_theme }}.css'
+ unifihome:
+ auth: false
+ hosts: 'unifi.home unifi.home.{{ public_domain }}'
+ ip_address: '{{ upstream_ip_address }}'
+ port: 443
+ regexp: '# UniFi Home'
+ transport: https
+ unifilab:
+ auth: false
+ hosts: 'unifi.lab unifi.{{ internal_domain }}'
+ ip_address: '{{ firewall_ip_address }}'
+ port: 8443
+ regexp: '# UniFi Lab'
+ transport: https
+ workstation:
+ hostname: Workstation
+ hosts: 'workstation workstation.{{ internal_domain }}'
+ ip_address: '{{ workstation_ip_address }}'
+ regexp: '# Workstation'
+# @example #
+# domains:
+# cockpit:
+# # `auth` - Whether or not to guard the application with the SSO provider. This is `true` by default but needs to be set to
+# # false in some cases like when hosts need to be accessed by automated systems.
+# auth: true
+# # `hosts` - The domains you would like the app accessible by in browsers across your network.
+# hosts: 'cockpit cockpit.{{ internal_domain }}'
+# # `ip_address` - The IP address that the app is accessible on.
+# ip_address: '{{ controller_ip_address }}'
+# # `port` - The port on the localhost where the application is accessible
+# port: 2999
+# # `proxy_file` - Used when an app needs special NGINX proxy pass settings, like in the case of web sockets.
+# proxy_file: proxy-ws.conf
+# # `regexp` - A unique string used to identify lines in /etc/hosts that need to get updated when IP addresses change.
+# regexp: '# Cockpit'
+# # `transport` - Whenever possible, this should be set to `https`. When it is set to `https`, the NGINX proxy pass is made over HTTPS.
+# transport: https
+# statping:
+# # If CloudFlare is configured, the `dns_record` will be used to create a `status` CNAME on the `public_domain`, which is
+# # `megabyte.space` in this case.
+# dns_record: status
+# # The `dns_zone` is the CloudFlare DNS zone. This must be the root domain of the record you want to be automatically updated.
+# dns_zone: '{{ public_domain }}'
+# hosts: 'statping status status.{{ public_domain }}'
+# ip_address: '{{ status_ip_address }}'
+# regexp: '# StatPing'
+# raspiboot:
+# # The `hostname` must be assigned to the desired hostname for every target instance. In order to add a host to the `apps`
+# # variable, it needs to be defined with the fields in this example, at the minimum (i.e. `hostname`, `hosts`, `ip_address`,
+# # and `regexp`).
+# hostname: RaspiBoot
+# hosts: 'boot boot.{{ internal_domain }}'
+# ip_address: '{{ netboot_ip_address }}'
+# regexp: '# RaspiBoot'
+# @end
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/all/defaults.yml b/home/dot_local/share/ansible/environments/qa/group_vars/all/defaults.yml
new file mode 100644
index 00000000..23fdd480
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/all/defaults.yml
@@ -0,0 +1,45 @@
+---
+default_dconf_settings:
+ - key: /org/gnome/desktop/background/picture-uri
+ value: "'file:///usr/share/backgrounds/brad-huchteman-stone-mountain.jpg'"
+ - key: /org/gnome/shell/favorite-apps
+ value: "['org.gnome.Nautilus.desktop', 'firefox.desktop', 'chromium_chromium.desktop', \
+ 'brave-browser.desktop', 'mailspring_mailspring.desktop', 'code_code.desktop', \
+ 'hyper.desktop', 'plexmediaserver_pms-web.desktop', 'org.gnome.Lollypop.desktop', \
+ 'virt-manager.desktop', 'vmware-workstation.desktop']"
+ - key: /org/gnome/shell/extensions/dash-to-dock/dash-max-icon-size
+ value: '40'
+ - key: /org/gnome/desktop/session/idle-delay
+ value: '600'
+ - key: /org/gnome/desktop/privacy/report-technical-problems
+ value: 'false'
+
+default_gnome_extensions:
+ - url: https://extensions.gnome.org/extension/750/openweather/
+ regex: openweather-extension
+ settings:
+ - "gsettings --schemadir ~/.local/share/gnome-shell/extensions/openweather-extension@jenslody.de\
+ /schemas/ set org.gnome.shell.extensions.openweather city '40.7970384,-74.4809492>Morristown, \
+ Morris County, New Jersey, 07960, United States of America >-1 && 40.7127281,-74.0060152>New \
+ York, United States of America >-1 && 12.9791198,77.5912997>Bengaluru, Bangalore North, \
+ Bangalore Urban, Karnataka, India >-1 && 40.4862174,-74.4518173>New Brunswick, New Jersey, \
+ United States of America >-1'"
+ - gsettings --schemadir ~/.local/share/gnome-shell/extensions/openweather-extension@jenslody.de/schemas/ set org.gnome.shell.extensions.openweather days-forecast 10
+ - gsettings --schemadir ~/.local/share/gnome-shell/extensions/openweather-extension@jenslody.de/schemas/ set org.gnome.shell.extensions.openweather show-text-in-panel true
+ - gsettings --schemadir ~/.local/share/gnome-shell/extensions/openweather-extension@jenslody.de/schemas/ set org.gnome.shell.extensions.openweather actual-city 0
+ - url: https://extensions.gnome.org/extension/771/proxy-switcher/
+ regex: ProxySwitcher
+ - url: https://extensions.gnome.org/extension/1085/simple-net-speed/
+ regex: simplenetspeed
+ - url: https://extensions.gnome.org/extension/906/sound-output-device-chooser/
+ regex: sound-output-device-chooser
+ - url: https://extensions.gnome.org/extension/2983/ip-finder/
+ regex: IP-Finder
+ - url: https://extensions.gnome.org/extension/6/applications-menu/
+ regex: apps-menu
+ - url: https://extensions.gnome.org/extension/3061/vlan-switcher/
+ regex: vlan-switcher
+ - url: https://extensions.gnome.org/extension/1762/lan-ip-address/
+ regex: lan-ip-address
+ - url: https://extensions.gnome.org/extension/2224/easy-docker-containers/
+ regex: easy_docker_containers
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/all/general.yml b/home/dot_local/share/ansible/environments/qa/group_vars/all/general.yml
new file mode 100644
index 00000000..d75504b8
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/all/general.yml
@@ -0,0 +1,65 @@
+---
+# @var authorized_key_file: authorized_keys # The default authorized_keys file used for SSH.
+authorized_key_file: authorized_keys
+
+# @var certbot_admin_email: admin@example.com # The e-mail you would like associated with free Let's Encrypt SSL certificates.
+certbot_admin_email: '{{ admin_email }}'
+
+# @var certbot_certs: [] # An array of Let's Encrypt SSL request settings.
+certbot_certs: []
+# @example #
+# # In this example, every host that has the `certbot_certs` settings below will request wildcard domain certificates
+# # for all of the domains listed under `domains`. Let's Encrypt has rate-limits so make sure you do not provision
+# # a large number of hosts that are all requesting the same certificate over and over again. We used to do this but
+# # have moved towards implementing the SSL certificates on the firewall and then using HAProxy to send requests to their
+# # final destination over a ZeroTier connection over the LAN. This way, we mimic end-to-end encryption and only have one
+# # machine handling SSL certificates.
+# certbot_certs:
+# - email: '{{ cloudflare_email }}'
+# domains:
+# - '*.megabyte.space'
+# - '*.home.megabyte.space'
+# - '*.lab.megabyte.space'
+# @end
+
+# @var dns_provider: 1.1.1.1#cloudflare-dns.com # Default DNS-over-TLS address.
+dns_provider: 10.0.0.1#pfsense.lab.megabyte.space
+
+# @var dns_fallback_provider: 1.0.0.1#cloudflare-dns.com # Fallback DNS-over-TLS address.
+dns_fallback_provider: 10.0.0.1#pfsense.lab.megabyte.space
+
+# @var docker_users: [] # Array of users that should be able to access Docker with elevated permissions (e.g. sudo).
+docker_users:
+ - "{{ ansible_user | default(lookup('env', 'USER')) }}"
+
+_netdata_rooms:
+ do: 0f7a2d28-77c0-4eb1-970b-22405a3886f7
+ general: fb8e46ae-4354-454a-b676-46cda89c2e9b
+ james: 495e99ef-60b4-43a4-bb60-4e05accf58a2
+
+# @var netdata_rooms: {} # A mapping of VLAN IDs that correlate to [netdata](https://www.netdata.cloud/) rooms.
+netdata_rooms:
+ cloud: '{{ _netdata_rooms.do }}'
+ guest: '{{ _netdata_rooms.james }}'
+ iot: '{{ _netdata_rooms.james }}'
+ kubernetes: '{{ _netdata_rooms.james }}'
+ management: '{{ _netdata_rooms.james }}'
+ offline: '{{ _netdata_rooms.james }}'
+ unifi: '{{ _netdata_rooms.james }}'
+ work: '{{ _netdata_rooms.james }}'
+
+# @var security_autoupdate_mail_to: emailAddressString # The e-mail to notify when there is an issue with autoupdates.
+security_autoupdate_mail_to: '{{ admin_email }}'
+
+# @var ssh_global_keys: [] # List of SSH keys to include from `files/ssh/` as IdentityFiles (for all hosts)
+ssh_global_keys:
+ - id_ed25519_sk_yubi_nano
+ - id_ed25519_sk_yubi_nanoc_blue
+ - id_ed25519_sk_yubi_nfc_red
+ - id_ed25519_sk_yubi_nfc_yellow
+ - id_ed25519_sk_yubi_nano_auto_nopass_13147527
+ - id_ed25519_sk_yubi_nano_auto_nopass_13191326
+ - id_ed25519_sk_yubi_nano_auto_nopass_13196452
+ - id_ed25519_sk_yubi_nano_auto_pass_13147527
+ - id_ed25519_sk_yubi_nano_auto_pass_13191326
+ - id_ed25519_sk_yubi_nano_auto_pass_13196452
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/all/helm.yml b/home/dot_local/share/ansible/environments/qa/group_vars/all/helm.yml
new file mode 100644
index 00000000..05f22cd3
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/all/helm.yml
@@ -0,0 +1,155 @@
+---
+# yamllint disable rule:line-length
+# @var helm_charts: [] # Settings used for deploying Helm charts. The keys of the `helm_charts` object can be added as an app
+# to the `apps` variable (defined in `group_vars/all/apps.yml`) to deploy the application to your network stack.
+helm_charts:
+ # @helm [Argo](https://argoproj.github.io/cd/) | [GitHub](https://github.com/argoproj/argo-cd) | [Helm](https://github.com/argoproj/argo-helm) - ArgoCD is a declarative GitOps continuous delivery platform.
+ argo:
+ command: helm install argocd argo/argo-cd
+ repository: https://argoproj.github.io/argo-helm
+ repository_name: argo
+ # @helm [Budibase](https://budibase.com/) | [GitHub](https://github.com/Budibase/budibase) | [Helm](https://docs.budibase.com/docs/kubernetes-k8s) - Budibase is a platform that allows you to codelessly create internal apps in minutes.
+ budibase:
+ command: helm install --create-namespace --namespace budibase budibase budibase/budibase
+ repository: https://budibase.github.io/budibase/
+ repository_name: budibase
+ # @helm [Cert-Manager](https://cert-manager.io/) | [GitHub](https://github.com/cert-manager/cert-manager) | [Helm](https://cert-manager.io/docs/installation/helm/) - *Cert-Manager* is a powerful and extensible X.509 certificate controller.
+ cert-manager:
+ command: helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.8.0 --set installCRDs=true
+ repository: https://charts.jetstack.io
+ repository_name: jetstack
+ # @helm [Concourse](https://concourse-ci.org/) | [GitHub](https://github.com/concourse/concourse) | [Helm](https://github.com/concourse/concourse-chart) - Concourse is a sophisticated, open-source CI/CD platform that markets itself as, "the open-source continuous thing-doer."
+ concourse:
+ command: helm install concourse concourse/concourse
+ repository: https://concourse-charts.storage.googleapis.com/
+ repository_name: concourse
+ # @helm [Consul](https://www.consul.io/) | [GitHub](https://github.com/hashicorp/consul) | [Helm](https://www.consul.io/docs/k8s/installation/install) - HashiCorp Consul is a service networking solution to automate network configurations, discover services, and enable secure connectivity across any cloud or runtime.
+ consul:
+ command: helm install consul hashicorp/consul --set global.name=consul --create-namespace --namespace consul
+ repository: https://helm.releases.hashicorp.com
+ repository_name: hashicorp
+ # @helm [Drone](https://www.drone.io/) | [GitHub](https://github.com/harness/drone) | [Helm](https://github.com/drone/charts/blob/master/charts/drone/docs/install.md) - Drone is a simple, modern, multi-cloud-capable CI platform written in Go.
+ drone:
+ command: helm install --namespace drone drone drone/drone -f drone-values.yaml
+ repository: https://charts.drone.io
+ repository_name: drone
+ # @helm [Elastic ECK](https://www.elastic.co/) | [GitHub](https://github.com/elastic/cloud-on-k8s) | [Helm](https://www.elastic.co/guide/en/cloud-on-k8s/master/k8s-install-helm.html) - Elastic Cloud on Kubernetes (ECK) is the official operator by Elastic for automating the deployment, provisioning, management, and orchestration of Elasticsearch, Kibana, APM Server, Beats, Enterprise Search, Elastic Agent and Elastic Maps Server on Kubernetes.
+ elastic:
+ command: helm install elastic-operator elastic/eck-operator -n elastic-system --create-namespace
+ repository: https://helm.elastic.co
+ repository_name: elastic
+ # @helm [Falco](https://falco.org/) | [GitHub](https://github.com/falcosecurity/falco) | [Helm](https://github.com/falcosecurity/charts) - Falco is *the* cloud-native runtime security project.
+ falco:
+ command: helm install falco falcosecurity/falco
+ repository: https://falcosecurity.github.io/charts
+ repository_name: falcosecurity
+ # @helm [Fission](https://fission.io/) | [GitHub](https://github.com/fission/fission) | [Helm](https://fission.io/docs/installation/) - Fission is a framework for serverless functions on Kubernetes.
+ fission:
+ command: helm install --version v1.15.1 --namespace fission fission fission-charts/fission-all
+ repository: https://fission.github.io/fission-charts/
+ repository_name: fission-charts
+ # @helm [GitLab](https://about.gitlab.com/install/ce-or-ee/) | [GitHub](https://github.com/gitlabhq/gitlabhq) | [Helm](https://docs.gitlab.com/operator/installation.html#cluster) - GitLab is a single application that spans the entire software development lifecycle.
+ gitlab:
+ command: helm install gitlab-operator gitlab-operator/gitlab-operator --create-namespace --namespace gitlab-system
+ repository: https://gitlab.com/api/v4/projects/18899486/packages/helm/stable
+ repository_name: gitlab-operator
+ # @helm [GitLab Runner](https://docs.gitlab.com/runner/) | [GitHub](https://github.com/gitlabhq/gitlab-runner) | [Helm](https://docs.gitlab.com/runner/install/kubernetes.html) - This chart deploys an instance of GitLab runner to a Kubernetes cluster. GitLab runner allows you to attach container/VM instances to GitLab CI workflows.
+ gitlab-runner:
+ command: helm install --namespace gitlab-runner -f gitlab/gitlab-runner
+ repository: https://charts.gitlab.io
+ repository_name: gitlab
+ # @helm [Graylog](https://www.graylog.org/) | [GitHub](https://github.com/Graylog2/graylog2-server) | [Helm](https://github.com/KongZ/charts/tree/main/charts/graylog) - Graylog is a leading centralized log management solution for capturing, storing, and enabling real-time analysis of terabytes of machine data.
+ graylog:
+ command: |
+ helm repo add bitnami https://charts.bitnami.com/bitnami
+ helm repo add elastic https://helm.elastic.co
+ helm install --namespace graylog graylog kongz/graylog
+ repository: https://charts.kong-z.com
+ repository_name: kongz
+ # @helm [Knative](https://knative.dev/docs/) | [GitHub](https://github.com/knative/serving) | [Operator](https://knative.dev/docs/install/operator/knative-with-operators/) - Knative is an open-source Enterprise-level solution to build serverless and event-driven applications. It manages serverless containers in Kubernetes environments.
+ knative:
+ operator: https://github.com/knative/operator/releases/download/knative-v1.4.0/operator.yaml
+ # @helm [Kubeapps](https://kubeapps.com/) | [GitHub](https://github.com/vmware-tanzu/kubeapps) | [Helm](https://github.com/vmware-tanzu/kubeapps) - Kubeapps is a web-based UI for deploying and managing applications in Kubernetes clusters.
+ kubeapps:
+ command: helm install kubeapps --namespace kubeapps bitnami/kubeapps
+ repository: https://charts.bitnami.com/bitnami
+ repository_name: bitnami
+ # @helm [Kubernetes Dashboard](https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/) | [GitHub](https://github.com/kubernetes/dashboard) | [Helm](https://artifacthub.io/packages/helm/k8s-dashboard/kubernetes-dashboard) - Kubernetes Dashboard is a general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself.
+ kubernetes-dashboard:
+ command: helm install kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard
+ repository: https://kubernetes.github.io/dashboard/
+ repository_name: kubernetes-dashboard
+ # @helm [Linkerd](https://linkerd.io/) | [GitHub](https://github.com/linkerd/linkerd2) | [Helm](https://linkerd.io/2.10/tasks/install-helm/) - Linkerd is a service mesh that is ultra light, ultra simple, ultra powerful. According to their website, Linkerd adds security, observability, and reliability to Kubernetes, without the complexity.
+ linkerd:
+ command: |
+ if [[ "$OSTYPE" == "darwin"* ]]; then
+ CERT_EXP_DATE=$(date -v+8760H +"%Y-%m-%dT%H:%M:%SZ")
+ else
+ CERT_EXP_DATE=$(date -d '+8760 hour' +"%Y-%m-%dT%H:%M:%SZ")
+ fi
+ helm install linkerd2 --set-file identityTrustAnchorsPEM=ca.crt --set-file identity.issuer.tls.crtPEM=issuer.crt --set-file identity.issuer.tls.keyPEM=issuer.key --set identity.issuer.crtExpiry=$CERT_EXP_DATE linkerd/linkerd2
+ repository: https://helm.linkerd.io/stable
+ repository_name: linkered
+ # @helm [Loki](https://grafana.com/oss/loki/) | [GitHub](https://github.com/grafana/loki) | [Helm](https://grafana.com/docs/loki/latest/installation/microservices-helm/) - Grafana Loki is a horizontally scalable, highly available, multi-tenant log aggregation system inspired by Prometheus. It is designed to be very cost effective and easy to operate.
+ loki:
+ command: helm install loki-grafana grafana/grafana
+ repository: https://grafana.github.io/helm-charts
+ repository_name: grafana
+ # @helm [Minio](https://min.io/) | [GitHub](https://github.com/minio/minio) | [Helm](https://github.com/minio/minio/tree/master/helm/minio) - MinIO offers high-performance, S3 compatible object storage. Native to Kubernetes, MinIO is the only object storage suite available on every public cloud, every Kubernetes distribution, the private cloud and the edge.
+ minio:
+ command: helm install --namespace minio --set rootUser=rootuser,rootPassword=rootpass123 --generate-name minio/minio
+ repository: https://charts.min.io/
+ repository_name: minio
+ # @helm [n8n](https://n8n.io/) | [GitHub](https://github.com/n8n-io/n8n) | [Helm](https://artifacthub.io/packages/helm/open-8gears/n8n) - n8n is a free and open-source, self-hostable workflow automation tool that some consider to be a worthy replacement for IFTTT.
+ n8n:
+ command: helm install n8n open-8gears/n8n
+ repository: https://8gears.container-registry.com/chartrepo/library/
+ repository_name: open8-gears
+ # @helm [Prometheus Operator](https://prometheus-operator.dev/) | [GitHub](https://github.com/prometheus-operator/kube-prometheus) | [Helm](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack) - A stack that includes everything required for an HA Prometheus / Grafana setup with pre-configured cluster monitoring and charts. It can also be modified to be used for any purpose that Prometheus / Grafana might be used for.
+ prometheus:
+ command: helm install prometheus prometheus-community/kube-prometheus-stack
+ repository: https://prometheus-community.github.io/helm-charts
+ repository_name: prometheus-community
+ # @helm [Rancher](https://rancher.com/) | [GitHub](https://github.com/rancher/rancher) | [Helm](https://rancher.com/docs/rancher/v2.5/en/installation/install-rancher-on-k8s/) - Rancher is a complete software stack for teams adopting containers. It addresses the operational and security challenges of managing multiple Kubernetes clusters, while providing DevOps teams with integrated tools for running containerized workloads.
+ rancher:
+ command: |
+ # Missing several steps
+ helm install rancher rancher-latest/rancher --namespace cattle-system --set hostname=rancher.my.org --set replicas=3
+ repository: https://releases.rancher.com/server-charts/latest
+ repository_name: rancher-latest
+ # @helm [Sentry](https://sentry.io/welcome/) | [GitHub](https://github.com/getsentry/sentry) | [Helm](https://artifacthub.io/packages/helm/sentry/sentry) - Sentry is the leading open-source error logging application that tracks with full stacktraces & asynchronous context. Sentry's eco-system includes dozens of SDKs, written for many different languages/environments.
+ sentry:
+ command: helm install sentry sentry/sentry
+ repository: https://sentry-kubernetes.github.io/charts
+ repository_name: sentry
+ # @helm [Space Cloud](https://space-cloud.io/) | [GitHub](https://github.com/spacecloud-io/space-cloud) | [Helm](https://github.com/spacecloud-io/space-cloud/blob/master/install-manifests/helm/index.yaml) - Space Cloud is an open-source Kubernetes-based serverless platform with built-in security and instant GraphQL APIs for any database and microservice.
+ space-cloud:
+ command: |
+ git clone https://github.com/spacecloud-io/space-cloud.git
+ cd install-manifests/helm
+ helm install space-cloud .
+ # @helm [Thanos](https://thanos.io/) | [GitHub](https://github.com/thanos-io/thanos) | [Helm](https://artifacthub.io/packages/helm/bitnami/thanos) - Thanos is an open source, highly available Prometheus setup with long term storage capabilities.
+ thanos:
+ command: helm install thanos bitnami/thanos
+ repository: https://charts.bitnami.com/bitnami
+ repository_name: bitnami
+ # @helm [Vault](https://www.vaultproject.io/) | [GitHub](https://github.com/hashicorp/vault) | [Helm](https://www.vaultproject.io/docs/platform/k8s/helm) - HashiCorp Vault is a secrets management tool specifically designed to control access to sensitive credentials in a low-trust environment. It can be used to store sensitive values and at the same time dynamically generate access for specific services/applications on lease.
+ vault:
+ command: helm install vault hashicorp/vault
+ repository: https://helm.releases.hashicorp.com
+ repository_name: hashicorp
+ # @helm [VaultWarden](https://bitwarden.com/) | [GitHub](https://github.com/dani-garcia/vaultwarden) | [Helm](https://artifacthub.io/packages/helm/k8s-at-home/vaultwarden) - VaultWarden is an optimized, resource-efficient version of the open source BitWarden web app (a password management platform).
+ vaultwarden:
+ command: helm install vaultwarden k8s-at-home/vaultwarden
+ repository: https://k8s-at-home.com/charts/
+ repository_name: k8s-at-home
+ # @helm [Vector](https://vector.dev/) | [GitHub](https://github.com/vectordotdev/vector) | [Helm](https://vector.dev/docs/setup/installation/package-managers/helm/) - Vector is a lightweight, ultra-fast tool for building observability pipelines that lets you collect, transform, and route all your logs and metrics with one simple tool.
+ vector:
+ command: helm install vector vector/vector --namespace vector --create-namespace --values values.yaml
+ repository: https://helm.vector.dev
+ repository_name: vector
+ # @helm [velero](https://velero.io/) | [GitHub](https://github.com/vmware-tanzu/velero) | [Helm](https://vmware-tanzu.github.io/helm-charts/) - Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes.
+ velero:
+ command: helm install vmware-tanzu/velero --namespace -f values.yaml --generate-name
+ repository: https://vmware-tanzu.github.io/helm-charts
+ repository_name: vmware-tanzu
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/all/heroku.yml b/home/dot_local/share/ansible/environments/qa/group_vars/all/heroku.yml
new file mode 100644
index 00000000..48fbc87c
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/all/heroku.yml
@@ -0,0 +1,166 @@
+---
+# yamllint disable rule:line-length
+# @var heroku_dynos: [] # Settings used for deploying [Heroku](https://www.heroku.com/) dynos. The keys of the `heroku_dynos` can
+# be added to the `dynos` array to automatically deploy the apps after you have filled in the appropriate details specified below.
+heroku_dynos:
+ # @dynamo [Baserow](https://baserow.io/) | [GitHub](https://github.com/bram2w/baserow) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/bram2w/baserow/tree/master) | [Documentation](https://baserow.io/docs/installation%2Finstall-on-heroku) - Create your own online database without technical experience. Our user friendly no-code tool gives you the powers of a developer without leaving your browser.
+ baserow:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/bram2w/baserow/tree/master
+ domain: baserow.megabyte.space
+ variables:
+ BASEROW_PUBLIC_URL: https://baserow.megabyte.space
+ BASEROW_AMOUNT_OF_WORKERS: '1'
+ AWS_ACCESS_KEY_ID: The spaces API key.
+ AWS_SECRET_ACCESS_KEY: The spaces API secret key.
+ AWS_STORAGE_BUCKET_NAME: The name of your space.
+ AWS_S3_REGION_NAME: Name of the Digital Ocean spaces region (eg. ams3)
+ AWS_S3_ENDPOINT_URL: (eg. https://ams3.digitaloceanspaces.com)
+ AWS_S3_CUSTOM_DOMAIN: (eg. name-of-your-space.ams3.digitaloceanspaces.com)
+ # @dynamo [hasura](https://hasura.io/) | [GitHub](https://github.com/hasura/graphql-engine-heroku) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/hasura/graphql-engine-heroku/tree/master) | [Documentation](https://hasura.io/docs/latest) - Blazing fast, instant realtime GraphQL APIs on Postgres with fine grained access control, also trigger webhooks on database events.
+ hasura:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/hasura/graphql-engine-heroku
+ domain: hasura.megabyte.space
+ # @dynamo [metabase](https://www.metabase.com) | [GitHub](https://github.com/metabase/metabase) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/metabase/metabase-deploy) | [Documentation](https://www.metabase.com/docs) - Meet the easy, open source way for everyone in your company to ask questions and learn from data.
+ metabase:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/metabase/metabase-deploy
+ domain: metabase.megabyte.space
+ # @dynamo [chatwoot](https://www.chatwoot.com) | [GitHub](https://github.com/chatwoot/chatwoot) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/chatwoot/chatwoot/tree/master) | [Documentation](https://www.chatwoot.com/docs/product) - Open-source customer engagement suite, an alternative to Intercom, Zendesk, Salesforce Service Cloud etc.
+ chatwoot:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/chatwoot/chatwoot/tree/master
+ domain: chatwoot.megabyte.space
+ variables:
+ FRONTEND_URL: https://chatwoot.megabyte.space
+ INSTALLATION_ENV: heroku
+ RACK_ENV: production
+ RAILS_ENV: production
+ REDIS_OPENSSL_VERIFY_MODE: none
+ # @dynamo [url-to-pdf-api](https://github.com/alvarcarto/url-to-pdf-api) | [GitHub](https://github.com/alvarcarto/url-to-pdf-api) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/alvarcarto/url-to-pdf-api) | [Documentation]() - Web page PDF/PNG rendering done right. Self-hosted service for rendering receipts, invoices, or any content
+ urltopdf:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/alvarcarto/url-to-pdf-api
+ domain: urltopdf.megabyte.space
+ variables:
+ ALLOW_HTTP: false
+ API_TOKENS: ''
+ # @dynamo [whoogle](pypi.org/project/whoogle-search/) | [GitHub](https://github.com/benbusby/whoogle-search) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/benbusby/whoogle-search/tree/main) | [Documentation](https://github.com/benbusby/whoogle-search) - A self-hosted, ad-free, privacy-respecting metasearch engine
+ whoogle:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/benbusby/whoogle-search/tree/main
+ domain: whoogle.megabyte.space
+ variables:
+ WHOOGLE_ALT_IG: farside.link/bibliogram/u
+ WHOOGLE_ALT_IMG: farside.link/rimgo
+ WHOOGLE_ALT_MD: farside.link/scribe
+ WHOOGLE_ALT_RD: farside.link/libreddit
+ WHOOGLE_ALT_TL: farside.link/lingva
+ WHOOGLE_ALT_TW: farside.link/nitter
+ WHOOGLE_ALT_WIKI: farside.link/wikiless
+ WHOOGLE_ALT_YT: farside.link/invidious
+ WHOOGLE_CONFIG_ALTS: ''
+ WHOOGLE_CONFIG_BLOCK: ''
+ WHOOGLE_CONFIG_COUNTRY: countryUS
+ WHOOGLE_CONFIG_DISABLE: ''
+ WHOOGLE_CONFIG_GET_ONLY: ''
+ WHOOGLE_CONFIG_LANGUAGE: lang_en
+ WHOOGLE_CONFIG_NEAR: ''
+ WHOOGLE_CONFIG_NEW_TAB: ''
+ WHOOGLE_CONFIG_SAFE: ''
+ WHOOGLE_CONFIG_SEARCH_LANGUAGE: lang_en
+ WHOOGLE_CONFIG_STYLE: ':root { /* LIGHT THEME COLORS */ --whoogle-background: #d8dee9; --whoogle-accent: #2e3440; --whoogle-text: #3B4252; --whoogle-contrast-text: #eceff4; --whoogle-secondary-text: #70757a; --whoogle-result-bg: #fff; --whoogle-result-title: #4c566a; --whoogle-result-url: #81a1c1; --whoogle-result-visited: #a3be8c; /* DARK THEME COLORS */ --whoogle-dark-background: #222; --whoogle-dark-accent: #685e79; --whoogle-dark-text: #fff; --whoogle-dark-contrast-text: #000; --whoogle-dark-secondary-text: #bbb; --whoogle-dark-result-bg: #000; --whoogle-dark-result-title: #1967d2; --whoogle-dark-result-url: #4b11a8; --whoogle-dark-result-visited: #bbbbff; }'
+ WHOOGLE_CONFIG_THEME: system
+ WHOOGLE_CONFIG_TOR: ''
+ WHOOGLE_CONFIG_VIEW_IMAGE: ''
+ WHOOGLE_MINIMAL: ''
+ WHOOGLE_PASS: ''
+ WHOOGLE_PROXY_LOC: ''
+ WHOOGLE_PROXY_PASS: ''
+ WHOOGLE_PROXY_TYPE: ''
+ WHOOGLE_PROXY_USER: ''
+ WHOOGLE_URL_PREFIX: /whoogle
+ WHOOGLE_USER: ''
+ # @dynamo [nocodb](https://nocodb.com/) | [GitHub](https://github.com/nocodb/nocodb) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/nocodb/nocodb-seed-heroku) | [Documentation](https://docs.nocodb.com/) - Open Source Airtable Alternative - turns any MySQL, Postgres, SQLite into a Spreadsheet with REST APIs
+ nocodb:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/nocodb/nocodb-seed-heroku
+ domain: nocodb.megabyte.space
+ variables:
+ NC_ONE_CLICK: true
+ NODE_TLS_REJECT_UNAUTHORIZED: '0'
+ AWS_ACCESS_KEY_ID: S3 access key id
+ AWS_SECRET_ACCESS_KEY: S3 secret access key
+ AWS_BUCKET: S3 bucket
+ AWS_BUCKET_PATH: S3 bucket path (like folder within S3 bucket)
+ # @dynamo [ghost-on-heroku](https://github.com/cobyism/ghost-on-heroku) | [GitHub](https://github.com/cobyism/ghost-on-heroku) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/cobyism/ghost-on-heroku/tree/master) - One-button Heroku deploy for the Ghost blogging platform
+ ghostonheroku:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/cobyism/ghost-on-heroku
+ domain: ghost.megabyte.space
+ variables:
+ PUBLIC_URL: https://ghost.megabyte.space
+ S3_ACCESS_KEY_ID: S3 access key id
+ S3_ACCESS_SECRET_KEY: S3 secret access key
+ S3_ASSET_HOST_URL: e.g https://my.custom.domain/
+ S3_BUCKET_NAME: S3 bucket
+ S3_BUCKET_REGION: S3 bucket region (e.g. us-east-1)
+ # @dynamo [tooljet](https://www.tooljet.com/) | [GitHub](https://github.com/tooljet/tooljet) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/tooljet/tooljet/tree/main) | [Documentation](https://docs.tooljet.com/docs/) - Extensible low-code framework for building business applications. Connect to databases, cloud storages, GraphQL, API endpoints, Airtable, etc and build apps using drag and drop application builder. Built using JavaScript/TypeScript.
+ tooljet:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/tooljet/tooljet/tree/main
+ domain: tooljet.megabyte.space
+ variables:
+ DEPLOYMENT_PLATFORM: heroku
+ DISABLE_MULTI_WORKSPACE: false
+ DISABLE_SIGNUPS: false
+ LOCKBOX_MASTER_KEY: m@s73rk8s
+ NODE_ENV: production
+ NODE_OPTIONS: --max-old-space-size=4096
+ SECRET_KEY_BASE: SomeC0m6l00
+ TOOLJET_HOST: https://tooljet.herokuapp.com
+ TOOLJET_SERVER_URL: https://tooljet.herokuapp.com
+ # @dynamo [appsmith](https://www.appsmith.com/) | [GitHub](https://github.com/appsmithorg/appsmith) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/appsmithorg/appsmith/tree/master) | [Documentation](https://docs.appsmith.com/) - A powerful open source framework to build internal tools
+ appsmith:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/appsmithorg/appsmith/tree/master
+ domain: appsmith.megabyte.space
+ variables:
+ APPSMITH_DISABLE_TELEMETRY: true
+ APPSMITH_ENCRYPTION_PASSWORD: 'kna%si*sj19lk>0s'
+ APPSMITH_ENCRYPTION_SALT: 'm,a-01s'
+ APPSMITH_MONGODB_URI: mongo.example.com
+ APPSMITH_SUPERVISOR_PASSWORD: "sdf'6as9I1a"
+ # @dynamo [directus](https://directus.io) | [GitHub](https://github.com/directus-community/heroku-template) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/directus-community/heroku-template/tree/master) | [Documentation](https://docs.directus.io/) - Power any project with a modern, open source data platform
+ directus:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/directus-community/heroku-template
+ domain: directus.megabyte.space
+ variables:
+ ACCESS_TOKEN_TTL: 15m
+ ADMIN_EMAIL: admin@email.com
+ ADMIN_PASSWORD: RandomPasword$
+ CACHE_ENABLED: true
+ CACHE_NAMESPACE: cache
+ CACHE_STORE: redis
+ CONFIG_PATH: /app/directus.config.js
+ DB_CLIENT: pg
+ EMAIL_SMTP_HOST: smtp.example.com
+ EMAIL_SMTP_POOL: true
+ EMAIL_SMTP_PORT: '587'
+ EMAIL_SMTP_SECURE: false
+ EMAIL_TRANSPORT: smtp
+ EXTENSIONS_PATH: /app/extensions
+ OAUTH_PROVIDERS: ''
+ PUBLIC_URL: /
+ RATE_LIMITER_DURATION: '1'
+ RATE_LIMITER_ENABLED: true
+ RATE_LIMITER_KEY_PREFIX: rate-limitter
+ RATE_LIMITER_POINTS: '30'
+ RATE_LIMITER_STORE: redis
+ REFRESH_TOKEN_COOKIE_SAME_SITE: true
+ REFRESH_TOKEN_COOKIE_SECURE: true
+ REFRESH_TOKEN_TTL: 7d
+ STORAGE_CLOUD_BUCKET: your-bucket
+ STORAGE_CLOUD_DRIVER: s3
+ STORAGE_CLOUD_ENDPOINT: https://nyc3.digitaloceanspaces.com
+ STORAGE_CLOUD_KEY: your-s3-key-id
+ STORAGE_CLOUD_PUBLIC_URL: https://your-bucket.nyc3.digitaloceanspaces.com
+ STORAGE_CLOUD_REGION: nyc3
+ STORAGE_CLOUD_ROOT: /
+ STORAGE_CLOUD_SECRET: your-s3-secret-key
+ STORAGE_LOCATIONS: cloud
+ # @dynamo [manet]https://github.com/vbauer/manet) | [GitHub](https://github.com/vbauer/manet) | [Heroku Deploy](https://heroku.com/deploy?template=https://github.com/vbauer/manet) - Website screenshot service powered by Node.js, SlimerJS and PhantomJS
+ manet:
+ deploy_url: https://heroku.com/deploy?template=https://github.com/vbauer/manet
+ domain: manet.megabyte.space
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/all/software.yml b/home/dot_local/share/ansible/environments/qa/group_vars/all/software.yml
new file mode 100644
index 00000000..d303c48e
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/all/software.yml
@@ -0,0 +1,911 @@
+---
+# eslint-disable max-lines
+# yamllint disable rule:line-length
+# yamllint disable rule:max-lines
+
+# ########## TAGGING INSTRUCTIONS ##########
+# Each package should have a comment above it. The tags are at the beginning and can be any combination of the following:
+#
+# @ binary - All of the packages in this list will have the binary tag
+# @ cli - If the package is intended to be utilized from the terminal, add the @ cli tag
+# @ application - If the package is intended to be used as a desktop app, add the @ application tag
+# @ tui - TODO If the package is a @ cli but is intended to be used visually from a terminal (instead of inside scripts), then add the @ tui tag.
+# All @ tui should have the @ cli tag
+# @ service - TODO If the package launches any service when first run or installed, then add the @service tag
+# @ menubar - If the package is a menubar application, then add the @ menubar tag. A @ menubar application will always also have the @ application tag
+# @ binarycli - Should accompany any @ cli tags in this file
+# @ binaryapp - Should accompany any @ application tags in this file
+#
+# @installoption apk: package_name # Package name in the official/default APK repositories. This method is listed for completeness
+# @installoption apt: package_name # Package name in the official/default APT repositories. External repositories are not supported
+# @installoption binary: url # URL to the executable file
+# @installoption brew: package_name OR `example/example/package_name` # Homebrew macOS package name, include full address if not in the official registry
+# @installoption cargo: package_name # Cargo package name
+# @installoption choco: package_name # Chocolatey package name
+# @installoption dnf: package_name # Package name in the official/default DNF/YUM repositories. External repositories are not supported
+# @installoption exe: url # URL to the executable file (Windows only)
+# @installoption github: github_address # GitHub address (e.g. github.com/altair-graphql/altair). Installation is performed using the role `githubbinary`
+# @installoption go: go_github_address # Go GitHub address (e.g. github.com/nektos/act@latest)
+# @installoption pacman: package_name # Package name in the official/default Archlinux compatible repositories
+# @installoption ports: package_name # macOS port package name (installed via `sudo port install package_name`)
+# @installoption pkg: package_name # Package name in the official/default BSD repositories. This method is listed for completeness
+# @installoption scoop: package_name # Windows scoop package name (installed via `scoop install package_name`)
+# @installoption snap: package_name # Package name as shown in snapcraft.io
+# @installoption yay: package_name # Archlinux yay package name (installed via `yay -S package_name` from AUR)
+# ########## END TAGGING INSTRUCTIONS ##########
+
+# @var software_package: [] # `software_package` contains installation definitions for software that can be installed by simply adding the
+# data keys of the software you would like to install to a variable named `software`. It is leveraged by the `roles/helper/installer` role
+# which includes the ability to specify which installation methods to try first.
+software_package:
+ # @binarycli @binary @cli [act](https://github.com/nektos/act) - To run Github Actions locally
+ act:
+ brew: act
+ choco: act-cli
+ go: github.com/nektos/act@latest
+ ports: act
+ scoop: act
+ yay: act
+ # @binaryapp @binary @application [Altair](https://github.com/altair-graphql/altair) - A beautiful feature-rich GraphQL Client for all platforms
+ altair:
+ brew: altair-graphql-client
+ choco: altair-graphql
+ github: github.com/altair-graphql/altair
+ snap: altair
+ yay: altair
+ # @binarycli @binary @cli [argo](https://argoproj.github.io) - ArgoCD is a declarative GitOps continuous delivery platform.
+ argocli:
+ brew: argocd
+ github: https://github.com/argoproj/argo-workflows
+ # @binarycli @binary @cli [azure-functions-core-tools](https://github.com/Azure/azure-functions-core-tools) - A local development experience for creating, developing, testing, running, and debugging Azure Functions
+ azurefunctions:
+ brew: azure/functions/azure-functions-core-tools@4
+ choco: azure-functions-core-tools
+ github: github.com/Azure/azure-functions-core-tools
+ npm: azure-functions-core-tools@4
+ # @binarycli @binary @cli [bandwhich](https://github.com/imsnif/bandwhich) - Terminal bandwidth utilization tool
+ bandwhich:
+ brew: bandwhich
+ github: github.com/imsnif/bandwhich
+ pacman: bandwhich
+ pkg: bandwhich
+ # @binarycli @binary @cli [bane](https://github.com/genuinetools/bane) - Custom & better AppArmor profile generator for Docker containers
+ bane:
+ github: github.com/genuinetools/bane
+ go: github.com/genuinetools/bane@latest
+ # @binarycli @binary @cli [bat](https://github.com/sharkdp/bat) - Clone of cat(1) with syntax highlighting and Git integration
+ bat:
+ apk: bat
+ brew: bat
+ cargo: bat
+ choco: bat
+ github: bat
+ pacman: bat
+ scoop: bat
+ # @binaryapp @binary @application [Betwixt](https://github.com/kdzwinel/betwixt) - Web Debugging Proxy based on Chrome DevTools Network panel
+ betwixt:
+ github: github.com/kdzwinel/betwixt
+ # @binarycli @binary @cli [bin](https://github.com/marcosnils/bin) - Effortless binary manager
+ bin:
+ github: github.com/marcosnils/bin
+ go: github.com/marcosnils/bin@latest
+ # @binaryapp @binary @application [BitWarden](https://github.com/bitwarden/desktop) - The desktop vault (Windows, macOS, & Linux)
+ bitwarden:
+ brew: bitwarden
+ choco: bitwarden
+ github: github.com/bitwarden/desktop
+ snap: bitwarden
+ yay: bitwarden-git
+ # @binarycli @binary @cli [bivac](https://github.com/camptocamp/bivac) - Backup Interface for Volumes Attached to Containers
+ bivac:
+ github: github.com/camptocamp/bivac
+ # go: github.com/camptocamp/bivac@latest # Failure: "module declares its path as: github.com/sirupsen/logrus but was required as: github.com/Sirupsen/logrus"
+ # @binarycli @binary @cli [boilr](https://github.com/tmrts/boilr) - boilerplate template manager that generates files or directories from template repositories
+ boilr:
+ github: github.com/tmrts/boilr
+ go: github.com/tmrts/boilr@latest
+ # @binarycli @binary @cli [budibase-cli](https://github.com/Budibase/budibase) - The Budibase CLI is how you initialise, manage and update your Budibase installation
+ budibase-cli:
+ github: github.com/Budibase/budibase
+ npm: '@budibase/cli'
+ # @binarycli @binary @cli [captain](https://github.com/jenssegers/captain) - Helps manage docker-compose.yml files from anywhere in the file system
+ captain:
+ github: github.com/jenssegers/captain
+ # @binaryapp @binary @application @service [Cerebro](https://github.com/cerebroapp/cerebro) - Open-source productivity booster with a brain
+ cerebro:
+ brew: cerebro
+ choco: cerebro
+ github: github.com/cerebroapp/cerebro
+ yay: cerebro
+ # @binarycli @binary @cli [clair](https://github.com/quay/clair) - Vulnerability Static Analysis for Containers
+ clair:
+ brew: clair
+ github: github.com/quay/clair
+ # @binarycli @binary @cli [cloudflared](https://github.com/cloudflare/cloudflared) - Cloudflare Tunnel client
+ cloudflared:
+ brew: cloudflare/cloudflare/cloudflared
+ github: github.com/cloudflare/cloudflared
+ # @binarycli @binary @cli [cmctl](https://cert-manager.io/docs/usage/cmctl/) - A CLI tool that can help you to manage cert-manager resources inside your cluster
+ cmctl:
+ github: github.com/cert-manager/cert-manager
+ # @binarycli @binary @cli [confd](https://github.com/kelseyhightower/confd) - Manage local application configuration files using templates and data from etcd or consul
+ confd:
+ brew: confd
+ choco: confd
+ github: github.com/kelseyhightower/confd
+ yay: confd
+ # @binarycli @binary @cli [consul-cli](https://github.com/mantl/consul-cli) - Command line interface to Consul HTTP API
+ consul-cli:
+ github: github.com/mantl/consul-cli
+ # @binarycli @binary @cli [croc](https://github.com/schollz/croc) - Easily and securely send things from one computer to another
+ croc:
+ brew: croc
+ choco: croc
+ github: github.com/schollz/croc
+ go: github.com/schollz/croc/v9@latest
+ pacman: croc
+ pkg: croc
+ scoop: croc
+ # @binarycli @binary @cli [ctop](https://github.com/bcicen/ctop) - Top-like interface for container metrics
+ ctop:
+ brew: ctop
+ github: github.com/bcicen/ctop
+ yay: ctop-bin
+ # @binaryapp @binary @application @menubar [Cumulus](https://github.com/gillesdemey/Cumulus) - A SoundCloud player that lives in the menubar
+ cumulus:
+ brew: cumulus
+ github: github.com/gillesdemey/Cumulus
+ # @binarycli @binary @cli [curator](https://www.elastic.co/guide/en/elasticsearch/client/curator) - Elasticsearch Curator helps you curate, or manage, your Elasticsearch indices and snapshots
+ curator:
+ pip: elasticsearch-curator
+ # @binarycli @binary @cli [dasel](https://github.com/TomWright/dasel) - Select, put and delete data from JSON, TOML, YAML, XML and CSV files with a single tool
+ dasel:
+ brew: dasel
+ github: github.com/TomWright/dasel
+ go: github.com/tomwright/dasel/cmd/dasel@master
+ # @binarycli @binary @cli [dat](https://github.com/datproject/dat) - Peer-to-peer sharing & live syncronization of files via command line
+ dat:
+ github: github.com/dat-ecosystem-archive/dat
+ npm: dat@next
+ # @binaryapp @binary @application [Dat Desktop](https://github.com/datproject/dat-desktop) - Peer to peer data syncronization
+ dat-desktop:
+ brew: dat
+ github: github.com/datproject/dat-desktop
+ # @binarycli @binary @cli [delta](https://github.com/dandavison/delta) - A syntax-highlighting pager for git and diff output
+ delta:
+ brew: git-delta
+ cargo: git-delta
+ choco: delta
+ dnf: git-delta
+ github: github.com/dandavison/delta
+ pacman: git-delta
+ pkg: git-delta
+ scoop: delta
+ # @binarycli @binary @cli [dive](https://github.com/wagoodman/dive) - A tool for exploring each layer in a docker image
+ dive:
+ brew: dive
+ github: github.com/wagoodman/dive
+ go: github.com/wagoodman/dive@latest
+ yay: dive
+ # @binarycli @binary @cli [desed](https://github.com/SoptikHa2/desed) - Debugger for Sed: demystify and debug the sed scripts, from comfort of terminal
+ desed: # Name of package - this should only be used for the TUI
+ cargo: desed # Cargo package installable via `cargo install desed`
+ dnf: desed # dnf package for Fedora
+ github: github.com/SoptikHa2/desed # GitHub link - populate if the repository has releases
+ pkg: desed # FreeBSD pkg name for future FreeBSD support
+ # @binarycli @binary @cli [deta](https://github.com/deta/deta-cli) - Command line interface for managing Deta micros and deployments
+ deta:
+ github: github.com/deta/deta-cli
+ # @binarycli @binary @cli [direnv](https://github.com/direnv/direnv) - Extension to load and unload environment variables depending on the current directory
+ direnv:
+ apt: direnv
+ brew: direnv
+ github: github.com/direnv/direnv
+ # @binarycli @binary @cli [docker-slim](https://github.com/docker-slim/docker-slim) - Extension to minify and secure Docker images
+ docker-slim:
+ brew: docker-slim
+ dnf: golang-github-docker-slim
+ github: github.com/docker-slim/docker-slim
+ yay: docker-slim
+ # @binarycli @binary @cli [dockle](https://github.com/goodwithtech/dockle) - Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
+ dockle:
+ brew: goodwithtech/r/dockle
+ github: github.com/goodwithtech/dockle
+ yay: dockle-bin
+ # @binarycli @binary @cli [doctl](https://github.com/digitalocean/doctl) - The official command line interface for the DigitalOcean API
+ doctl:
+ brew: doctl
+ github: github.com/digitalocean/doctl
+ pacman: doctl
+ pkg: doctl
+ snap: doctl
+ # @binarycli @binary @cli [dog](https://github.com/ogham/dog) - A command-line DNS client
+ dog:
+ brew: dog
+ github: github.com/ogham/dog
+ pacman: dog
+ pkg: dog
+ # @binarycli @binary @cli [drone](https://github.com/harness/drone-cli) - The Drone command line tools are used to interact with the Drone from the command line, and provide important utilities for managing users and repository settings
+ drone:
+ brew: drone/drone/drone
+ github: github.com/harness/drone-cli
+ scoop: drone
+ # @binarycli @binary @cli [duf](https://github.com/muesli/duf) - Disk Usage/Free Utility - a better 'df' alternative
+ duf:
+ brew: duf
+ choco: duf
+ github: github.com/muesli/duf
+ pacman: duf
+ pkg: duf
+ scoop: duf
+ snap: duf-utility
+ # @binarycli @binary @cli [dust](https://github.com/bootandy/dust) - A more intuitive version of du in rust
+ dust:
+ apk: dust
+ github: github.com/bootandy/dust
+ pacman: dust
+ # @binarycli @binary @cli [envconsul](https://github.com/hashicorp/envconsul) - Launch a subprocess with environment variables using data from @hashicorp Consul and Vault
+ envconsul:
+ github: github.com/hashicorp/envconsul
+ # @binarycli @binary @cli [etcd](https://github.com/etcd-io/etcd) - Distributed reliable key-value store for the most critical data of a distributed system
+ etcd:
+ apt: etcd
+ brew: etcd
+ choco: etcd
+ github: github.com/etcd-io/etcd
+ yum: etcd
+ yay: etcd
+ # @binarycli @binary @cli [fd](https://github.com/sharkdp/fd) - A simple, fast and user-friendly alternative to 'find'
+ fd:
+ apk: fd
+ apt: fd-find
+ brew: fd
+ cargo: fd-find
+ choco: fd
+ github: github.com/sharkdp/fd
+ pacman: fd
+ pkg: fd
+ scoop: fd
+ # @binary [felony](https://github.com/henryboldi/felony) - An open-source pgp keychain built on the modern web with Electron, React, and Redux
+ # felony:
+ # github: github.com/henryboldi/felony
+ # @binarycli @binary @cli [ffsend](https://github.com/timvisee/ffsend) - Easily and securely share files from the command line, a fully featured Firefox Send client
+ ffsend:
+ apk: ffsend
+ brew: ffsend
+ github: github.com/timvisee/ffsend
+ pkg: ffsend
+ scoop: ffsend
+ snap: ffsend
+ yay: ffsend
+ # @binarycli @binary @cli @webapp [filebrowser](https://github.com/filebrowser/filebrowser) - Web file browser
+ filebrowser:
+ brew: filebrowser/tap/filebrowser
+ github: github.com/filebrowser/filebrowser
+ # @binary [Fission](https://fission.io/) - Fission CLI helps you to operate Fission
+ fission:
+ github: github.com/fission/fission
+ # @binary [fly](https://concourse-ci.org/) - CLI to manage Concourse CI installation
+ fly:
+ brew: fly
+ github: https://github.com/concourse/concourse
+ yay: fly-cli
+ # @binarycli @binary @cli [fm](https://github.com/knipferrc/fm) - Terminal file manager
+ fm:
+ github: github.com/knipferrc/fm
+ go: github.com/knipferrc/fm@latest
+ # @binarycli @binary @cli [fq](https://github.com/wader/fq) - jq for binary formats
+ fq:
+ apk: fq
+ brew: wader/tap/fq
+ go: github.com/wader/fq@latest
+ github: github.com/wader/fq
+ pacman: fq
+ scoop: fq
+ # @binarycli @binary @cli [fselect](https://github.com/jhspetersson/fselect) - Extension to find files with SQL-like queries
+ fselect:
+ brew: fselect
+ choco: fselect
+ cargo: fselect
+ github: github.com/jhspetersson/fselect
+ yay: fselect
+ # @binarycli @binary @cli [Fuego](https://github.com/sgarciac/fuego) - Fuego is a command line client for the firestore database
+ fuego:
+ github: github.com/sgarciac/fuego
+ # @binaryapp @binary @application @service [Google Assistant Unofficial Desktop Client](https://github.com/Melvin-Abraham/Google-Assistant-Unofficial-Desktop-Client) - A cross-platform unofficial Google Assistant Client for Desktop
+ g-assist:
+ github: github.com/Melvin-Abraham/Google-Assistant-Unofficial-Desktop-Client
+ # @binaryapp @binary @application [Ganache](https://github.com/trufflesuite/ganache-ui) - Personal blockchain for Ethereum development
+ ganache:
+ github: github.com/trufflesuite/ganache-ui
+ npm: ganache
+ # @binarycli @binary @cli [gdrive](https://github.com/prasmussen/gdrive) - Google Drive CLI Client
+ gdrive:
+ brew: gdrive
+ github: github.com/prasmussen/gdrive
+ yay: gdrive
+ # @binarycli @binary @cli [ghorg](https://github.com/gabrie30/ghorg) - Quickly clone an entire org/users repositories into one directory - Supports GitHub, GitLab, Bitbucket, and more
+ ghorg:
+ github: github.com/gabrie30/ghorg
+ yay: ghorg
+ # @binaryapp @binary @application @menubar [Gitify](https://github.com/manosim/gitify) - GitHub notifications on the menu bar
+ gitify:
+ brew: gitify
+ github: github.com/manosim/gitify
+ yay: gitify-bin
+ # @binarycli @binary @cli [gitleaks](https://github.com/zricethezav/gitleaks) - Extension to scan git repos (or files) for secrets using regex and entropy
+ gitleaks:
+ brew: gitleaks
+ github: github.com/zricethezav/gitleaks
+ pkg: gitleaks
+ yay: gitleaks
+ # @binarycli @binary @cli [gitomatic](https://github.com/muesli/gitomatic) - A tool to monitor git repositories and automatically pull & push changes
+ gitomatic:
+ github: github.com/muesli/gitomatic
+ # @binarycli @binary @cli [glab](https://github.com/profclems/glab) - An open-source GitLab command line tool bringing GitLab's cool features to your command line
+ glab:
+ apk: glab
+ brew: glab
+ github: github.com/profclems/glab
+ scoop: glab
+ snap: glab
+ yay: gitlab-glab-bin
+ # @binarycli @binary @cli [glow](https://github.com/charmbracelet/glow) - Glow is a terminal based markdown reader designed from the ground up to bring out the beauty—and power—of the CLI
+ glow:
+ brew: glow
+ github: github.com/charmbracelet/glow
+ pkg: glow
+ scoop: glow
+ yay: glow
+ # @binarycli @binary @cli [gojq](https://github.com/itchyny/gojq) - gojq is a pure Go implementation of jq that is mostly backwards compatible (but not completely)
+ gojq:
+ brew: gojq
+ github: github.com/itchyny/gojq
+ go: github.com/itchyny/gojq@latest
+ # @binarycli @binary @cli [go-chromecast](https://github.com/vishen/go-chromecast) - CLI for Google Chromecast, Home devices and Cast Groups
+ go-chromecast:
+ github: github.com/vishen/go-chromecast
+ go: github.com/vishen/go-chromecast@latest
+ # @binarycli @binary @cli [gping](https://github.com/orf/gping) - Ping, but with a graph
+ gping:
+ brew: gping
+ cargo: gping
+ choco: gping
+ github: github.com/orf/gping
+ scoop: gping
+ pacman: gping
+ # @binarycli @binary @cli [grex](https://github.com/pemistahl/grex) - A command-line tool and library for generating regular expressions from user-provided test cases
+ grex:
+ brew: grex
+ cargo: grex
+ choco: grex
+ github: github.com/pemistahl/grex
+ scoop: grex
+ # @binarycli @binary @cli [gron](https://github.com/tomnomnom/gron) - Extension to make JSON greppable
+ gron:
+ brew: gron
+ github: github.com/tomnomnom/gron
+ go: github.com/tomnomnom/gron@latest
+ # @binarycli @binary @cli [hclq](https://github.com/mattolenik/hclq) - Command-line processor for HashiCorp config files, like sed for HCL — Terraform, Consul, Nomad, Vault
+ hclq:
+ github: github.com/mattolenik/hclq
+ go: github.com/mattolenik/hclq
+ # @binarycli @binary @cli [hexyl](https://github.com/sharkdp/hexyl) - A command-line hex viewer
+ hexyl:
+ apt: hexyl
+ brew: hexyl
+ cargo: hexyl
+ github: github.com/sharkdp/hexyl
+ pacman: hexyl
+ pkg: hexyl
+ scoop: hexyl
+ snap: hexyl
+ # @binarycli @binary @cli [hey](https://github.com/rakyll/hey) - HTTP load generator, ApacheBench (ab) replacement, formerly known as rakyll/boom
+ hey:
+ brew: hey
+ github: github.com/rakyll/hey
+ # @binarycli @binary @cli [hostctl](https://github.com/guumaster/hostctl) - This tool gives more control over the use of hosts file
+ hostctl:
+ brew: guumaster/tap/hostctl
+ github: github.com/guumaster/hostctl
+ scoop: hostctl
+ yay: hostctl
+ # @binarycli @binary @cli [htmlq](https://github.com/mgdm/htmlq) - A lightweight and flexible command-line JSON processor for HTML
+ htmlq:
+ brew: htmlq
+ cargo: htmlq
+ github: github.com/mgdm/htmlq
+ # @binarycli @binary @cli [hyperfine](https://github.com/sharkdp/hyperfine) - A command-line benchmarking tool
+ hyperfine:
+ apk: hyperfine
+ brew: hyperfine
+ cargo: hyperfine
+ choco: hyperfine
+ dnf: hyperfine
+ github: github.com/sharkdp/hyperfine
+ pacman: hyperfine
+ pkg: hyperfine
+ # @binarycli @binary @cli [jiq](https://github.com/fiatjaf/jiq) - Create jq queries interactively by leveraging a live reload feature in the terminal
+ jiq:
+ github: github.com/fiatjaf/jiq/cmd/jiq
+ go: github.com/fiatjaf/jiq/cmd/jiq@latest
+ # @binaryapp @binary @application [Jitsi Meet Electron](https://github.com/jitsi/jitsi-meet-electron) - Desktop application for Jitsi Meet built with Electron
+ jitsi-meet-electron:
+ brew: jisti-meet
+ choco: jitsi-meet-electron
+ github: github.com/jitsi/jitsi-meet-electron
+ pkg: jisti-meet
+ yay: jitsi-meet-desktop-bin
+ # @binarycli @binary @cli [jo](https://github.com/jpmens/jo) - JSON output from a shell
+ jo:
+ brew: jo
+ apt: jo
+ snap: jo
+ github: github.com/jpmens/jo
+ pkg: jo
+ scoop: jo
+ yay: jo
+ # @binarycli @binary @cli [jq](https://github.com/stedolan/jq) - Command-line JSON processor
+ jq:
+ brew: jq
+ choco: jq
+ apk: jq
+ apt: jq
+ dnf: jq
+ github: github.com/stedolan/jq
+ pkg: jq
+ # @binarycli @binary @cli [kdash](https://github.com/kdash-rs/kdash) - A simple and fast dashboard for Kubernetes
+ kdash:
+ brew: kdash-rs/kdash/kdash
+ cargo: kdash
+ choco: kdash
+ github: github.com/kdash-rs/kdash
+ scoop: kdash
+ # @binarycli @binary @cli [kn](https://github.com/knative/client) - The Knative CLI (kn) provides a quick and easy interface for creating Knative resources, such as Knative Services and Event Sources
+ kn:
+ brew: kn
+ github: github.com/knative/client
+ yay: knative-client-bin
+ # @binarycli @binary @cli [kubenav](https://github.com/kubenav/kubenav) - kubenav is the navigator for your Kubernetes clusters right in your pocket
+ kubenav:
+ github: github.com/kubenav/kubenav
+ yay: kubenav-bin
+ # @binarycli @binary @cli [license](https://github.com/nishanths/license) - Command-line license text generator
+ license:
+ go: github.com/nishanths/license@latest
+ yay: nishanths-license-git
+ # @binarycli @binary @cli @service [linkerd2](https://github.com/linkerd/linkerd2) - Linkerd is an ultralight, security-first service mesh for Kubernetes
+ linkerd2:
+ brew: linkerd
+ github: github.com/linkerd/linkerd2
+ yay: linkerd
+ # @binarycli @binary @cli [linuxkit](https://github.com/linuxkit/linuxkit) - A toolkit for building secure, portable and lean operating systems for containers
+ linuxkit:
+ brew: linuxkit/linuxkit/linuxkit
+ github: github.com/linuxkit/linuxkit
+ # @binarycli @binary @cli [logcli](https://github.com/grafana/loki) - Run LogQL queries against a Loki server
+ logcli:
+ brew: logcli
+ github: github.com/grafana/loki
+ yay: logcli-git
+ # @binaryapp @binary @application [Manta](https://github.com/hql287/Manta) - Flexible invoicing desktop app with beautiful & customizable templates
+ manta:
+ brew: manta
+ github: github.com/hql287/Manta
+ # @binaryapp @binary @application [MarkText](https://github.com/marktext/marktext) - A simple and elegant markdown editor, available for Linux, macOS and Windows
+ mark-text:
+ brew: mark-text
+ choco: marktext
+ github: github.com/marktext/marktext
+ yay: marktext
+ # @binaryapp @binary @application [MassCode](https://github.com/antonreshetov/massCode) - A free and open source code snippets manager for developers
+ masscode:
+ brew: masscode
+ github: github.com/antonreshetov/massCode
+ # @binarycli @binary @cli [mc](https://github.com/minio/mc) - MinIO Client is a replacement for ls, cp, mkdir, diff and rsync commands for filesystems and object storage
+ mc:
+ brew: minio/stable/mc
+ binary: https://dl.min.io/client/mc/release/linux-amd64/mc
+ exe: https://dl.min.io/client/mc/release/windows-amd64/mc.exe
+ go: github.com/minio/mc@latest
+ # @binarycli @binary @cli [mergestat](https://github.com/mergestat/mergestat) - Query git repositories with SQL. Generate reports, perform status checks, analyze codebases
+ mergestat:
+ brew: mergestat/mergestat/mergestat
+ github: github.com/mergestat/mergestat
+ # @binaryapp @binary @application [MJML App](https://github.com/mjmlio/mjml-app) - The desktop app for MJML
+ mjml-app:
+ github: github.com/mjmlio/mjml-app
+ # @binarycli @binary @cli [mkcert](https://github.com/FiloSottile/mkcert) - A simple zero-config tool to make locally trusted development certificates with any names
+ mkcert:
+ brew: mkcert
+ choco: mkcert
+ github: github.com/FiloSottile/mkcert
+ pacman: mkcert
+ scoop: mkcert
+ # @binaryapp @binary @application [Mockoon](https://github.com/mockoon/mockoon) - Mockoon is the easiest and quickest way to run mock APIs locally. No remote deployment, no account required, open source
+ mockoon:
+ brew: mockoon
+ choco: mockoon
+ github: github.com/mockoon/mockoon
+ snap: mockoon
+ yay: mockoon-bin
+ # @binarycli @binary @cli [mole](https://github.com/davrodpin/mole) - CLI application to create ssh tunnels focused on resiliency and user experience
+ mole:
+ brew: davrodpin/homebrew-mole/mole
+ github: github.com/davrodpin/mole
+ yay: mole-bin
+ # @binaryapp @binary @application [Motrix](https://github.com/agalwood/Motrix) - A full-featured download manager
+ motrix:
+ brew: motrix
+ choco: motrix
+ github: github.com/agalwood/Motrix
+ scoop: motrix
+ yay: motrix-bin
+ # @binaryapp @binary @application [MQTT X](https://github.com/emqx/MQTTX) - MQTT X - Elegant Cross-platform MQTT 5.0 Desktop Client
+ mqttx:
+ brew: mqttx
+ github: github.com/emqx/MQTTX
+ snap: mqttx
+ yay: mqttx-bin
+ # @binarycli @binary @cli [muffet](https://github.com/raviqqe/muffet) - Fast website link checker in Go
+ muffet:
+ brew: muffet
+ github: github.com/raviqqe/muffet
+ go: github.com/raviqqe/muffet/v2@latest
+ yay: muffet-bin
+ # @binaryapp @binary @application [Mullvad VPN](https://github.com/mullvad/mullvadvpn-app) - The Mullvad VPN client app for desktop and mobile
+ mullvad-vpn:
+ brew: mullvadvpn
+ github: github.com/mullvad/mullvadvpn-app
+ yay: mullvad-vpn
+ # @binarycli @binary @cli [nebula](https://github.com/slackhq/nebula) - A scalable overlay networking tool
+ nebula:
+ github: github.com/slackhq/nebula
+ pacman: nebula
+ # @binarycli @binary @cli [nnn](https://github.com/jarun/nnn) - A full-featured terminal file manager
+ nnn:
+ apk: nnn
+ apt: nnn
+ brew: nnn
+ github: github.com/jarun/nnn
+ pacman: nnn
+ pkg: nnn
+ # @binarycli @binary @cli [node-prune](https://github.com/tj/node-prune) - Extension to remove unnecessary files from node_modules
+ node-prune:
+ github: github.com/tj/node-prune
+ go: github.com/tj/node-prune@latest
+ # @binarycli @binary @cli [nomino](https://github.com/yaa110/nomino) - Batch rename utility for developers
+ nomino:
+ cargo: nomino
+ github: github.com/yaa110/nomino
+ yay: nomino
+ # @binaryapp @binary @application [Nuclear](https://github.com/nukeop/nuclear) - Streaming music player that finds free music
+ nuclear:
+ brew: nuclear
+ choco: nuclear
+ github: github.com/nukeop/nuclear
+ snap: nuclear
+ yay: nuclear-player-bin
+ # @binarycli @binary @cli [osquery](https://github.com/osquery/osquery) - SQL powered operating system instrumentation, monitoring, and analytics
+ osquery:
+ brew: osquery
+ choco: osquery
+ github: github.com/osquery/osquery
+ yay: osquery-git
+ # @binarycli @binary @cli [ots](https://github.com/sniptt-official/ots) - Share end-to-end encrypted secrets with others via a one-time URL
+ ots:
+ brew: ots
+ github: github.com/sniptt-official/ots
+ go: github.com/sniptt-official/ots@latest
+ # @binarycli @binary @cli [oq](https://github.com/Blacksmoke16/oq) - A performant, and portable jq wrapper to facilitate the consumption and output of formats other than JSON; using jq filters to transform the data
+ oq:
+ brew: oq
+ github: github.com/Blacksmoke16/oq
+ snap: oq
+ yay: oq
+ # @binarycli @binary @cli [page-fetch](https://github.com/detectify/page-fetch) - Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files
+ page-fetch:
+ go: github.com/detectify/page-fetch@latest
+ # @binarycli @binary @cli [pass](https://www.passwordstore.org/) - Password manager
+ pass:
+ apt: pass
+ brew: pass
+ pacman: pass
+ pkg: password-store
+ yum: pass
+ # @binarycli @binary @cli [pastel](https://github.com/sharkdp/pastel) - A command-line tool to generate, analyze, convert and manipulate colors
+ pastel:
+ brew: pastel
+ cargo: pastel
+ github: github.com/sharkdp/pastel
+ snap: pastel
+ yay: pastel
+ # @binarycli @binary @cli [peco](https://github.com/peco/peco) - Simplistic interactive filtering tool
+ peco:
+ apt: peco
+ brew: peco
+ choco: peco
+ github: github.com/peco/peco
+ pacman: peco
+ # @binarycli @binary @cli [pony](https://github.com/jessfraz/pony) - Local file-based password, API key, secret, recovery code store backed by GPG
+ pony:
+ github: github.com/jessfraz/pony
+ go: github.com/jessfraz/pony@latest
+ # @binaryapp @binary @application @menubar [Pretzel](https://github.com/amiechen/pretzel) - Pretzel is Mac desktop app that shows and find keyboard shortcuts based on your current app
+ pretzel:
+ github: github.com/amiechen/pretzel
+ # @binarycli @binary @cli [procs](https://github.com/dalance/procs) - A modern replacement for ps written in Rust
+ procs:
+ apk: procs
+ brew: procs
+ cargo: procs
+ dnf: procs
+ github: github.com/dalance/procs
+ pacman: procs
+ scoop: procs # For Windows
+ snap: procs
+ # @binarycli @binary @cli [psu](https://github.com/greenled/portainer-stack-utils) - CLI client for Portainer
+ psu:
+ github: github.com/greenled/portainer-stack-utils
+ # @binarycli @binary @cli [pup](https://github.com/ericchiang/pup) - Parsing HTML at the command line
+ pup:
+ brew: pup
+ github: github.com/ericchiang/pup
+ go: github.com/ericchiang/pup@latest
+ # @binarycli @binary @cli [q](https://github.com/harelba/q) - Run SQL directly on CSV or TSV files
+ q:
+ brew: q
+ github: github.com/harelba/q
+ # @binaryapp @binary @application [raindrop](https://raindrop.io) - All-in-one bookmark manager
+ raindrop:
+ brew: raindropio
+ github: github.com/raindropio/desktop
+ # @binarycli @binary @cli [rancher](https://github.com/rancher/cli) - The Rancher Command Line Interface (CLI) is a unified tool for interacting with your Rancher Server
+ rancher:
+ brew: rancher-cli
+ github: github.com/rancher/cli
+ yay: rancher-cli-bin
+ # @binaryapp @binary @application [Responsively](https://github.com/responsively-org/responsively-app) - A modified web browser that helps in responsive web development
+ responsively:
+ brew: responsively
+ choco: responsively
+ github: github.com/responsively-org/responsively-app
+ # @binarycli @binary @cli [rip](https://github.com/nivekuil/rip) - A safe and ergonomic alternative to rm
+ rip:
+ brew: rm-improved
+ cargo: rm-improved
+ github: github.com/nivekuil/rip
+ yay: rm-improved
+ # @binaryapp @binary @application [RunJS](https://github.com/lukehaas/RunJS) - A JavaScript playground that auto-evaluates as you type
+ runjs:
+ brew: runjs
+ choco: runjs
+ github: github.com/lukehaas/RunJS
+ # snap: runjs # Not in the Stable Channel yet
+ yay: runjs-bin
+ # @binarycli @binary @cli [s5cmd](https://github.com/peak/s5cmd) - Parallel S3 and local filesystem execution tool with benchmarks that show it is the fastest S3 downloader
+ s5cmd:
+ brew: peak/tap/s5cmd
+ github: github.com/peak/s5cmd
+ go: github.com/peak/s5cmd@latest
+ # @binarycli @binary @cli [schema](https://github.com/Confbase/schema) - A tool to infer and instantiate schemas and translate between data formats
+ schema:
+ go: github.com/Confbase/schema
+ # @binarycli @binary @cli [scrcpy](https://github.com/Genymobile/scrcpy) - Display and control your Android device
+ scrcpy:
+ apt: scrcpy
+ brew: scrcpy
+ choco: scrcpy
+ dnf: scrcpy
+ github: github.com/Genymobile/scrcpy
+ pkg: scrcpy
+ snap: scrcpy
+ yay: scrcpy
+ # @binaryapp @binary @application [Scrcpy GUI](https://github.com/Tomotoes/scrcpy-gui) - A simple & beautiful GUI application for scrcpy
+ scrcpy-gui:
+ github: github.com/Tomotoes/scrcpy-gui
+ # @binarycli @binary @cli [sd](https://github.com/chmln/sd) - Intuitive find & replace CLI (sed alternative)
+ sd:
+ apk: sd # Include information about apk releases for possible future Alpine support
+ brew: sd # Brew package name
+ cargo: sd
+ choco: sd-cli # Choco package name
+ dnf: sd
+ github: github.com/chmln/sd
+ pacman: sd # pacman release for Archlinux
+ pkg: sd
+ # @binarycli @binary @cli [sentry-cli](https://github.com/getsentry/sentry-cli/) - sentry-cli can connect to the Sentry API and manage some data for your projects
+ sentry-cli:
+ brew: getsentry/tools/sentry-cli
+ github: github.com/getsentry/sentry-cli
+ npm: '@sentry/cli'
+ scoop: sentry-cli
+ yay: sentry-cli-bin
+ # @binarycli @binary @cli [sftpgo](https://github.com/drakkan/sftpgo) - Fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support - S3, Google Cloud Storage, Azure Blob
+ sftpgo:
+ brew: sftpgo
+ choco: sftpgo
+ github: github.com/drakkan/sftpgo
+ pkg: sftpgo
+ yay: sftpgo-bin
+ # @binarycli @binary @cli [shfmt](https://github.com/mvdan/sh/) - A shell parser, formatter, and interpreter with bash support; includes shfmt
+ shfmt:
+ apk: shfmt
+ brew: shfmt
+ github: github.com/mvdan/sh/
+ go: mvdan.cc/sh/v3/cmd/shfmt@latest
+ pacman: shfmt
+ pkg: shfmt
+ scoop: shfmt
+ snap: shfmt
+ # @binarycli @binary @cli [skm](https://github.com/TimothyYe/skm) - A simple and powerful SSH keys manager
+ skm:
+ brew: timothyye/tap/skm
+ github: github.com/TimothyYe/skm
+ go: github.com/TimothyYe/skm/cmd/skm@latest
+ # @binaryapp @binary @application [Skype](https://www.skype.com) - Skype is for connecting with the people that matter most in your life and work
+ skype:
+ brew: skype
+ choco: skype
+ snap: skype
+ # @binaryapp @binary @application [Slack](https://slack.com/) - Transform the way that you work with one place for everyone and everything that you need to get things done
+ slack:
+ brew: slack
+ choco: slack
+ snap: slack
+ # @binaryapp @binary @application [SQLectron](https://github.com/sqlectron/sqlectron-gui) - A simple and lightweight SQL client desktop with cross database and platform support
+ sqlectron:
+ brew: sqlectron
+ github: github.com/sqlectron/sqlectron-gui
+ yay: sqlectron-gui
+ # @binarycli @binary @cli [ssh-vault](https://github.com/ssh-vault/ssh-vault) - Encrypt/decrypt using ssh keys
+ ssh-vault:
+ brew: ssh-vault
+ github: github.com/ssh-vault/ssh-vault
+ # @binarycli @binary @cli [ssl-proxy](https://github.com/suyashkumar/ssl-proxy) - Simple zero-config SSL reverse proxy with real autogenerated certificates
+ ssl-proxy:
+ github: github.com/suyashkumar/ssl-proxy
+ # @binaryapp @binary @application [SwitchHosts](https://github.com/oldj/SwitchHosts) - Extension to switch hosts
+ switchhosts:
+ github: github.com/oldj/SwitchHosts
+ # @binarycli @binary @cli [sync-ssh-keys](https://github.com/samber/sync-ssh-keys) - Sync public ssh keys to ~/.ssh/authorized_keys, based on Github/Gitlab organization membership
+ sync-ssh-keys:
+ github: github.com/samber/sync-ssh-keys
+ yay: sync-ssh-keys-bin
+ # @binarycli @binary @cli [sysbench](https://github.com/akopytov/sysbench) - System performance benchmark tool
+ sysbench:
+ apk: sysbench
+ apt: sysbench
+ brew: sysbench
+ dnf: sysbench
+ pacman: sysbench
+ pkg: sysbench
+ # @binarycli @binary @cli [sysget](https://github.com/emilengler/sysget) - One package manager to rule them all
+ sysget:
+ github: github.com/Eugeny/tabby
+ make:
+ mac: |
+ make
+ sudo make install
+ # @binaryapp @binary @application [Tabby](https://github.com/Eugeny/tabby) - A terminal for a more modern age
+ tabby:
+ brew: tabby
+ choco: tabby
+ github: github.com/Eugeny/tabby
+ # @binarycli @binary @cli [Task](https://github.com/go-task/task) - A task runner / simpler Make alternative written in Go
+ task:
+ brew: go-task/tap/go-task
+ choco: go-task
+ go: github.com/go-task/task/v3/cmd/task@latest
+ github: github.com/go-task/task
+ scoop: task
+ snap: task
+ yay: taskfile-git
+ # @binarycli @binary @cli [Teleport](https://github.com/gravitational/teleport) - Modern SSH server for teams managing distributed infrastructure
+ teleport:
+ brew: teleport
+ pkg: teleport
+ yay: teleport-bin
+ # @binarycli @binary @cli [teller](https://github.com/tellerops/teller) - Cloud native secrets management for developers - never leave your command line for secrets
+ teller:
+ brew: spectralops/tap/teller
+ github: github.com/tellerops/teller
+ # @binarycli @binary @cli [tflint](https://github.com/terraform-linters/tflint) - A Pluggable Terraform Linter
+ tflint:
+ brew: tflint
+ choco: tflint
+ github: github.com/terraform-linters/tflint
+ # @binarycli @binary @cli [tilt](https://github.com/tilt-dev/tilt) - Define your dev environment as code. For microservice apps on Kubernetes
+ tilt:
+ brew: tilt
+ github: github.com/tilt-dev/tilt
+ yay: tilt-bin
+ # @binaryapp @binary @application [Temps](https://github.com/jackd248/temps) - Simple menubar application based on Electron with actual weather information and forecast
+ temps:
+ github: github.com/jackd248/temps
+ # @binarycli @binary @cli [tokei](https://github.com/XAMPPRocky/tokei) - Tokei is a program that displays statistics about the code
+ tokei:
+ apk: tokei
+ brew: tokei
+ cargo: tokei
+ dnf: tokei
+ github: github.com/XAMPPRocky/tokei
+ pacman: tokei
+ pkg: tokei
+ scoop: tokei
+ # @binarycli @binary @cli [transfer](https://github.com/rinetd/transfer) - Converts from one encoding to another
+ transfer:
+ github: github.com/rinetd/transfer
+ go: github.com/rinetd/transfer@latest
+ # @binarycli @binary @cli [trivy](https://github.com/aquasecurity/trivy) - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
+ trivy:
+ github: github.com/aquasecurity/trivy
+ yay: trivy-bin
+ # @binarycli @binary @cli [up](https://github.com/akavel/up) - Ultimate Plumber is a tool for writing Linux pipes with instant live preview
+ up:
+ brew: up
+ github: github.com/akavel/up
+ pkg: up
+ yay: up
+ # @binarycli @binary @cli [vault](https://vaultproject.io/) - HashiCorp Vault is a secrets management tool specifically designed to control access to sensitive credentials in a low-trust environment. It can be used to store sensitive values and at the same time dynamically generate access for specific services/applications on lease
+ vault:
+ brew: hashicorp/tap/vault
+ yay: vault-cli
+ # @binarycli @binary @cli[Vector](https://vector.dev/) /) - Vector is a lightweight, ultra-fast tool for building observability pipelines that lets you collect, transform, and route all your logs and metrics with one simple tool.
+ vector:
+ brew: vectordotdev/brew/vector
+ # @binarycli @binary @cli [velero](https://velero.io/) | - Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes.
+ velero:
+ brew: velero
+ choco: velero
+ github: github.com/vmware-tanzu/velero
+ yay: velero-bin
+ # @binaryapp @binary @application [Udemy Course Downloader](https://github.com/FaisalUmair/udemy-downloader-gui) - A desktop application for downloading Udemy Courses
+ udemy-downloader-gui:
+ github: github.com/FaisalUmair/udemy-downloader-gui
+ # @binarycli @binary @cli [waypoint](https://github.com/hashicorp/waypoint) - A tool to build, deploy, and release any application on any platform
+ waypoint:
+ brew: hashicorp/tap/waypoint
+ github:
+ scoop: waypoint
+ # @binarycli @binary @cli [websocat](https://github.com/vi/websocat) - CLI for interacting with web sockets
+ websocat:
+ brew: websocat
+ cargo: --features=ssl websocat
+ github: github.com/vi/websocat
+ pkg: websocat
+ port: websocat
+ # @binaryapp @binary @application [WebTorrent Desktop](https://github.com/webtorrent/webtorrent-desktop) - Streaming torrent app for Mac, Windows, and Linux
+ webtorrent:
+ brew: webtorrent
+ choco: webtorrent-desktop
+ github: github.com/webtorrent/webtorrent-desktop
+ yay: webtorrent-desktop
+ # @binarycli @binary @cli [whaler](https://github.com/P3GLEG/Whaler) - Whaler takes a Docker image and attempts to reverse engineer the Dockerfile that created it
+ whaler:
+ github: github.com/P3GLEG/Whaler
+ # @binarycli @binary @cli [winrm-cli](https://github.com/masterzen/winrm-cli) - Command-line tool to remotely execute commands on Windows machines through WinRM
+ winrm-cli:
+ make:
+ mac: make
+ linux: make
+ yay: winrm-cli-git
+ # @binarycli @binary @cli [wkhtmltopdf](https://github.com/wkhtmltopdf/wkhtmltopdf) - Convert HTML to PDF using Webkit (QtWebKit)
+ wkhtmltopdf:
+ apt: wkhtmltopdf
+ brew: wkhtmltopdf
+ choco: wkhtmltopdf
+ github: github.com/wkhtmltopdf/wkhtmltopdf
+ pacman: wkhtmltopdf
+ # @binarycli @binary @cli [xurls](https://github.com/mvdan/xurls) - Extract urls from text
+ xurls:
+ go: mvdan.cc/xurls/v2/cmd/xurls@latest
+ github: github.com/mvdan/xurls
+ # @binarycli @binary @cli [yq](https://github.com/mikefarah/yq) - Process YAML documents from the CLI
+ yq:
+ brew: yq
+ choco: yq
+ apk: yq
+ github: github.com/stedolan/jq
+ go: github.com/mikefarah/yq/v4@latest
+ snap: yq
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/all/vault.yml b/home/dot_local/share/ansible/environments/qa/group_vars/all/vault.yml
new file mode 100644
index 00000000..d8b5e475
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/all/vault.yml
@@ -0,0 +1,121 @@
+$ANSIBLE_VAULT;1.1;AES256
+64306566343938613039643662623336653836316631363839326139373662343136353662306461
+3566633037633539376163383037346632646566646365650a313637363564386338663163336534
+36323437356531623137353631333830333833666637393238386166353031343965623164656434
+6633313762346333370a303138313630376535653862313732633361353937336636366131663338
+33663432613331373535646236663439633335613738343964373962336538363135363332336130
+65643135626230303262353734633561393362666362343763393364643538343062373966636631
+66636339356538623463653737663761343564653639303863316363643132363766636430303361
+36663430393133623766373364663335383365346230646438316337383338626466366239643638
+62656538363136323732613262383133393236363239383165613339666362396462303765306261
+61663837643838333838306366663965306538383534313833313034363561356162636331633330
+34636631623666376335616630643864346163633361636639343231393836306163366366663636
+65333465393632626533343465663933323034346163333164336330636136316664623634613336
+63363037313461616138666139346536623139376236636439386632336339306234633161333666
+65363663353333373032353337636532613764393062626432356435373737633234623966616433
+65393031306233333663346330623537383035623361326130386366316239343161363537393030
+33366361336362343264383431303136613230653963623662323536366238666166626465663565
+37626439326432383235623530373033353836373163633662306662363134343539643435656337
+36613235316463353738656364383535306466303338326538303933353535386338646232616437
+36653836363639376530663466393065646139336230316231653032373430366637333035383564
+62396264323966396338353133633630643863383231393961313064316161633130316361323532
+32663764636566666631353631356139626463343432353532613030336463303166343436396637
+65313662363135386462316630303534353037356237656436336566613135623838613931306431
+35303865636362643132656232656431303436616238623035353562646164386262616361643564
+37383732323366306330343462626361623938633436613335633436316630646135666630326138
+30333535616565303438326336376237343139616239343031643264636230643665343133633864
+65316439396663653065643039323436383430383937353835323130373762393039363838336664
+36396136666430316433316266616533333762636132373738353464373639303462343661363937
+36353834663761623764636238653732393731353937373365613361386365653238383664343363
+63343334393933373866383638626565303962336430653834303163666663663962346538636464
+61646439386133326332643063303834336337636164383234326533373435343732663461316438
+65613430636663316536386538376165663365363632343665356164656362326231383466326436
+33623864393231393334663466623731363335633065353031386666636633373830383566373330
+37313536363466636336306432363437373266653762396462303534336139386433653266356236
+65396537366632343534386635356233353035323733386266383230313330666664643363613039
+65633139616639663731643331313564386262613631376536656262656261366661386566383434
+63663237633734313835333135633935343837376463363130613130386663303738356561363762
+35333436613933643063386630333739306339376261306239633434393961646666616665633463
+61656636323532663763323431386364353864623362626130323439636139313163326361386332
+32666565623937653434393965643064653364646366613366326630656364313533366431623434
+36323638313465633562323362643435393131613166613535303738376633313163656363363938
+35633734663261326136393933356331376239343536396663363966666431323332333763663162
+39383965333363613564626631363365656664666461313037376334386637363239663737306565
+33616232306534336566356234316537623564613266616139363866313365306163646139636138
+65323164353766336639346539393463323434623338666231663237393637616639666334376434
+65393065343536303631306163343937666235633033343138306232386465366166333062306330
+32333635323833396332346532643461616165356236316639616432383138366534306334356564
+32303862663631653661623030386432323934613763383966323062643863313633333765363838
+30316535353732396266373261653762616231633866343837653337613534613035343363653366
+30316665396631333364646264396664363264333836366631343031313333663630303139663037
+34363466303631656536663031633531616465353839656363633634636564643663343931656531
+37323039323135333139616466646665633666356532323236646163383064326635623762643731
+65323562366365653439633861386430336132323433663063356261616237626436633439623865
+39613066313565643064363864346364633966353763393536333663346565386331303463663930
+62366531346637363632373961313566363631316438356431303462353334333766353338626536
+33363266373538333536386663326336333838376435613966336530313564613766666432613934
+39373537303437383832643265636337656433623432646436326163336137343861346461323564
+33613438666562306635633364316364333537383231343165663230663934396564393636656366
+62306161663766616363663730366165393563643663623335666264653332636364366633383332
+39653733376364613866666263366235613664383334396334616264363632393631353632353266
+38643733383335353135343463643337303361333531383464663431626435343633653337643837
+63326466633638376131326461343965393532643564303036623737396634383135366662623730
+65373366373438306133323430316637663464363961396437383239356238333334363938333530
+66346534373032353263333864343166316537313763306234333630613836353366633736303132
+65306339653336636331623939633833633931306331643532613361323932343464323934356334
+62343739616439653463386337383862363532363761306163356538343061303261373237383866
+62346231633834373833323637316533643537626163666136343433666563313936663831653561
+64656339653036653461626436386361663833653436373737356334363462313435366330663164
+64643965383066313662663330363266343461336663326631383562393933333064663130303931
+63346130373661326535353833356130626636373432613039396332343234393730343635393963
+66623232336534323565313230626632653562313031336531656532326462646136306663636561
+35323563313935396334623565353266313864373739636335616166383939333530386638346535
+64623131376539663635316332653238313161636666353537336366643534326331613362633164
+30343934653032623466373666646466356263383462336436313661646361346464376366666336
+63336665636436323237366361393930363636663766646230373064623637326362366137613861
+33316437396263366466383230623738383838366436336638393262333534613963636530373130
+64303138353533303630376134363163323631646238646462646366306561303663343063316166
+34653433346666313933393135326230303463383836376663373533376339363130393961666664
+66393633313930326365343633666439333231343665373536333133356232316263353237336335
+31383266336262303436633964633335366535303666323437396362373833626362366636613835
+63363137333333663564663630623635623637316536373963396637313437356663343264656666
+66343663323036646236653038313437366666626561653465333839656165623532313164383634
+34333365656266376234303630343562303231666239326435306634356666643632343164646633
+31353461636565306237633365333733323633303166313832646566323365316661663763363039
+31636337653764643738346266336330316333303837363335363332613362653433333364376662
+63623338636434653134393532363837333832613139376166623362656665336337386337653263
+62346430303662303739656232363831386664623335356433326532356361396435643637373566
+65613963303239613332663363356639323138643862353161666462373138623464666166383733
+37366231396665636130393961633033646666623364373630333732626264313437366133636465
+66356134363261633864373332303165366435623330653631653866393433633636313762343266
+37643539313938396337323435623666373534326663323833643036653832303638363464356339
+61323438626130343936343939353133373061393063386538373262613663363862373134616236
+36633331313130356239653662313163333661363865313062366463316662353039356535653532
+30663132393363353761333662633237366636643135383862343135316266646333316430323736
+36663636353162333734366263396464616561313031356463313833636664353266393564386663
+34323737623766373136346332316562316236336664373363353836626364656161346139613063
+39346663616564323533346439656335353136366366373861323036343834373138363266386234
+34333563323263336361626434343039396139643162323632333433666564356134303863383433
+39656465323764333763396664306139306236663131633036643163386661396638383038643964
+65336265633062656166666438353266643262336137336633393339653666343833636534663932
+36643437633836333666666330383836366566623561306662623831326538386438383364643937
+65623761336236386565303666343634343261373036383464663532313364366166353939333238
+36326538393663663233626632613538303064326231643739366231363861366664336166386635
+63653465656336346238333766616134393834363762613337626164363465633062623836633664
+33353032613936383539643164666338316133613132373535393839363137376339666663663463
+66636131343033343737613534643164353435313935346432633534646436376232396664666331
+31323061656332363563383466326433383664303831393161646437353432623232613830366363
+37333166343035616162386332613234636461383336343131646133373337376437666466373265
+61633862383531356630356532626634323061346136623835313535316436643164343334386162
+34396165656365373864356235613463643930653635646266303738643061633039646436306438
+31633665373532343530643839653735353837653434306137333239313835303730313131336638
+33396338656339383233633063363066666537346534363836343539383330316134313762373061
+65376466376330663932636631653763306463653139303063346437636437626231656163343831
+63346130646233386562623936656530346234313339626665626134353462663463623264356262
+35613334646438343534313236333938306534343862363932626463306134313365373561326130
+30663234643362656363303366323933613339333661633531396239383639633832306437386436
+65623937663238663639316437633037653132636366363363626236386538373234346165326239
+64323666623234663162353835386230366635616663313638363936323934613037336534323739
+65613532313539383438666234616231663533303232303636346266306535613035616164313335
+39653538323464303965323433333630306435666134313637623862306435623664313061333737
+31663262656530663464
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/desktop/chrome-extensions.yml b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/chrome-extensions.yml
new file mode 100644
index 00000000..5fcb7980
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/chrome-extensions.yml
@@ -0,0 +1,113 @@
+---
+# yamllint disable rule:line-length
+# @var chromium_extensions: [] # An array of Chromium extensions to automatically install on Google Chrome, Chromium, Brave Browser,
+# and Microsoft Edge. Each item in the array should have a `name` (for display purposes) and the `link` to the extensions page in the
+# Google Chrome store.
+chromium_extensions:
+ # @chrome [AdGuard AdBlocker](https://chrome.google.com/webstore/detail/adguard-adblocker/bgnkhhnnamicmpeenaelnjfhikgbkllg) | [GitHub](https://github.com/AdguardTeam/AdguardBrowserExtension) | [Homepage](https://adguard.com/en/welcome.html) | [Documentation](https://kb.adguard.com/en) - Blocks all types of ads on all web pages, even on Facebook, YouTube and all other websites
+ - name: AdGuard AdBlocker
+ link: https://chrome.google.com/webstore/detail/adguard-adblocker/bgnkhhnnamicmpeenaelnjfhikgbkllg
+
+ # @chrome [Bitly](https://chrome.google.com/webstore/detail/bitly-powerful-short-link/iabeihobmhlgpkcgjiloemdbofjbdcic) | [GitHub](https://github.com/bitly/bitly_chrome_extension) | [Homepage](https://bitly.com/) | [Documentation](https://dev.bitly.com/) - Creates short, customized, powerful links from any page and share them with the world
+ - name: Bitly
+ link: https://chrome.google.com/webstore/detail/bitly-powerful-short-link/iabeihobmhlgpkcgjiloemdbofjbdcic
+
+ # @chrome [Bitwarden](https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb) | [GitHub](https://github.com/bitwarden/clients) | [Homepage](https://bitwarden.com/) | [Documentation](https://bitwarden.com/help/) - A secure and free password manager for all of the devices
+ - name: Bitwarden
+ link: https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb
+
+ # @chrome [Buffer](https://chrome.google.com/webstore/detail/buffer/noojglkidnpfjbincgijbaiedldjfbhh) | [GitHub](https://github.com/bufferapp/buffer-chrome) | [Homepage](https://buffer.com/extensions) | [Documentation](https://buffer.com/developers/api) - Shares contents to Instagram, Twitter, Facebook, Pinterest and LinkedIn from anywhere on the web
+ - name: Buffer
+ link: https://chrome.google.com/webstore/detail/buffer/noojglkidnpfjbincgijbaiedldjfbhh
+
+ # @chrome [Checkbot](https://chrome.google.com/webstore/detail/checkbot-seo-web-speed-se/dagohlmlhagincbfilmkadjgmdnkjinl) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.checkbot.io/) | [Documentation](https://www.checkbot.io/faq/) - SEO, web speed, and security tester/crawler
+ - name: Checkbot
+ link: https://chrome.google.com/webstore/detail/checkbot-seo-web-speed-se/dagohlmlhagincbfilmkadjgmdnkjinl
+
+ # @chrome [Falcon](https://chrome.google.com/webstore/detail/falcon/mmifbbohghecjloeklpbinkjpbplfalb) | [GitHub](https://github.com/lengstrom/falcon) - Chrome extension for full text history search
+ - name: Falcon
+ link: https://chrome.google.com/webstore/detail/falcon/mmifbbohghecjloeklpbinkjpbplfalb
+
+ # @chrome [Floccus](https://chrome.google.com/webstore/detail/floccus-bookmarks-sync/fnaicdffflnofjppbagibeoednhnbjhg) | [GitHub](https://github.com/floccusaddon/floccus) | [Homepage](https://floccus.org/) | [Documentation](https://floccus.org/guides) - Syncs bookmarks across browsers via Nextcloud, WebDAV or Google Drive
+ - name: Floccus
+ link: https://chrome.google.com/webstore/detail/floccus-bookmarks-sync/fnaicdffflnofjppbagibeoednhnbjhg
+
+ # @chrome [Git History Browser Extension](https://chrome.google.com/webstore/detail/git-history-browser-exten/laghnmifffncfonaoffcndocllegejnf) | [GitHub](https://github.com/LuisReinoso/git-history-browser-extension) - Adds a button to github to see the file history
+ - name: Git History Browser Extension
+ link: https://chrome.google.com/webstore/detail/git-history-browser-exten/laghnmifffncfonaoffcndocllegejnf
+
+ # @chrome [Google Dictionary](https://chrome.google.com/webstore/detail/google-dictionary-by-goog/mgijmajocgfcbeboacabfgobmjgjcoja) | [GitHub](NO_GITHUB_REPOSITORY_LINK) - View definitions easily as you browse the web
+ - name: Google Dictionary
+ link: https://chrome.google.com/webstore/detail/google-dictionary-by-goog/mgijmajocgfcbeboacabfgobmjgjcoja
+
+ # @chrome [Grammarly](https://chrome.google.com/webstore/detail/grammarly-for-chrome/kbfnbcaeplbcioakkpcpgfkobkghlhen) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.grammarly.com/) | [Documentation](https://developer.grammarly.com/docs/) - A Chrome extension for grammar and spelling to style and tone, and eliminate writing errors and find the perfect words to express
+ - name: Grammarly
+ link: https://chrome.google.com/webstore/detail/grammarly-for-chrome/kbfnbcaeplbcioakkpcpgfkobkghlhen
+
+ # @chrome [Headless Recorder](https://chrome.google.com/webstore/detail/headless-recorder/djeegiggegleadkkbgopoonhjimgehda) | [GitHub](https://github.com/checkly/headless-recorder) | [Homepage](https://www.checklyhq.com/docs/headless-recorder/) - A Chrome extension for recording browser interaction and generating Puppeteer & Playwright scripts
+ - name: Headless Recorder
+ link: https://chrome.google.com/webstore/detail/headless-recorder/djeegiggegleadkkbgopoonhjimgehda
+
+ # @chrome [HTTPS Everywhere](https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp) | [GitHub](https://github.com/EFForg/https-everywhere) | [Homepage](https://www.eff.org/https-everywhere) | [Documentation](https://www.eff.org/pages/https-everywhere-faq) - A Chrome extension to encrypt the Web! Automatically use HTTPS security on many sites
+ - name: HTTPS Everywhere
+ link: https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp
+
+ # @chrome [JSON Viewer Pro](https://chrome.google.com/webstore/detail/json-viewer-pro/eifflpmocdbdmepbjaopkkhbfmdgijcc) |[GitHub](https://github.com/rbrahul/Awesome-JSON-Viewer) | [Homepage](https://rbrahul.github.io/Awesome-JSON-Viewer/) - A completely free extension to visualise JSON response in awesome Tree and Chart view with great user experience and options
+ - name: JSON Viewer Pro
+ link: https://chrome.google.com/webstore/detail/json-viewer-pro/eifflpmocdbdmepbjaopkkhbfmdgijcc
+
+ # @chrome [LastPass](https://chrome.google.com/webstore/detail/lastpass-free-password-ma/hdokiejnpimakedhajhdlcegeplioahd) |[GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.lastpass.com/) | [Documentation](https://support.lastpass.com/home) - A password manager that saves passwords and gives secure access from every computer and mobile device
+ - name: LastPass
+ link: https://chrome.google.com/webstore/detail/lastpass-free-password-ma/hdokiejnpimakedhajhdlcegeplioahd
+
+ # @chrome [LanguageTool](https://chrome.google.com/webstore/detail/grammar-spell-checker-%E2%80%94-l/oldceeleldhonbafppcapldpdifcinji) | [GitHub](https://github.com/languagetool-org/languagetool) | [Homepage](https://languagetool.org/) | [Documentation](https://dev.languagetool.org/) - Grammar and spelling checker with Google Docs integration
+ - name: LanguageTool (Grammar and Spell Checker)
+ link: https://chrome.google.com/webstore/detail/grammar-spell-checker-%E2%80%94-l/oldceeleldhonbafppcapldpdifcinji
+
+ # @chrome [Markdown Here](https://chrome.google.com/webstore/detail/markdown-here/elifhakcjgalahccnjkneoccemfahfoa) | [GitHub](https://github.com/adam-p/markdown-here) | [Homepage](https://markdown-here.com/) - A Chrome extension to write email in Markdown and render it (make it pretty!) before sending
+ - name: Markdown Here
+ link: https://chrome.google.com/webstore/detail/markdown-here/elifhakcjgalahccnjkneoccemfahfoa
+
+ # @chrome [MetaMask](https://chrome.google.com/webstore/detail/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn) | [GitHub](https://github.com/MetaMask/metamask-extension) | [Homepage](https://metamask.io/) | [Documentation](https://docs.metamask.io/guide/) - An extension for accessing Ethereum enabled distributed applications, or "Dapps" in browser
+ - name: MetaMask
+ link: https://chrome.google.com/webstore/detail/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn
+
+ # @chrome [Octohint](https://chrome.google.com/webstore/detail/octohint/hbkpjkfdheainjkkebeoofkpgddnnbpk) | [GitHub](https://github.com/pd4d10/octohint) - The missing IntelliSense hint for GitHub and GitLab
+ - name: Octohint
+ link: https://chrome.google.com/webstore/detail/octohint/hbkpjkfdheainjkkebeoofkpgddnnbpk
+
+ # @chrome [Raindrop.io](https://chrome.google.com/webstore/detail/raindropio/ldgfbffkinooeloadekpmfoklnobpien) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://raindrop.io/) - An all-in-one cross-browser bookmark manager with advanced indexing features.
+ - name: Raindrop.io
+ link: https://chrome.google.com/webstore/detail/raindropio/ldgfbffkinooeloadekpmfoklnobpien
+
+ # @chrome [Rakuten](https://chrome.google.com/webstore/detail/rakuten-get-cash-back-for/chhjbpecpncaggjpdakmflnfcopglcmi) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.rakuten.com/button.htm) | [Documentation](https://developers.rakuten.com/) - A Chrome extension to find best shopping deals and coupons and just save them
+ - name: Rakuten
+ link: https://chrome.google.com/webstore/detail/rakuten-get-cash-back-for/chhjbpecpncaggjpdakmflnfcopglcmi
+
+ # @chrome [Save to Google Drive](https://chrome.google.com/webstore/detail/save-to-google-drive/gmbmikajjgmnabiglmofipeabaddhgne) | [GitHub](NO_GITHUB_REPOSITORY_LINK) - Save web content or screen capture directly to Google Drive.
+ - name: Save to Google Drive
+ link: https://chrome.google.com/webstore/detail/save-to-google-drive/gmbmikajjgmnabiglmofipeabaddhgne
+
+ # @chrome [Screenity](https://chrome.google.com/webstore/detail/screenity-screen-recorder/kbbdabhdfibnancpjfhlkhafgdilcnji) | [GitHub](https://github.com/alyssaxuu/screenity) | [Homepage]() - The most powerful screen recorder for Chrome
+ - name: Screenity - Screen Recorder & Annotation Tool
+ link: https://chrome.google.com/webstore/detail/screenity-screen-recorder/kbbdabhdfibnancpjfhlkhafgdilcnji
+
+ # @chrome [SingleFile](https://chrome.google.com/webstore/detail/singlefile/mpiodijhokgodhhofbcjdecpffjipkle) | [GitHub](https://github.com/gildas-lormeau/SingleFile) - A Chrome extension to save a complete page into a single HTML file
+ - name: SingleFile
+ link: https://chrome.google.com/webstore/detail/singlefile/mpiodijhokgodhhofbcjdecpffjipkle
+
+ # @chrome [SponsorBlock](https://chrome.google.com/webstore/detail/sponsorblock-for-youtube/mnjggcdmjocbbbhaepdhchncahnbgone) | [GitHub](https://github.com/ajayyy/SponsorBlock) | [Homepage](https://sponsor.ajay.app/) | [Documentation](https://wiki.sponsor.ajay.app/w/Guidelines) - A Chrome extension to skip sponsorships, subscription begging and more on YouTube videos
+ - name: SponsorBlock
+ link: https://chrome.google.com/webstore/detail/sponsorblock-for-youtube/mnjggcdmjocbbbhaepdhchncahnbgone
+
+ # @chrome [TasksBoard](https://chrome.google.com/webstore/detail/desktop-app-for-google-ta/lpofefdiokgmcdnnaigddelnfamkkghi) | [Homepage](https://tasksboard.com/app) - Organize and share TODO lists that are synchronized with Google To-Do.
+ - name: TasksBoard
+ link: https://chrome.google.com/webstore/detail/desktop-app-for-google-ta/lpofefdiokgmcdnnaigddelnfamkkghi
+
+ # @chrome [Vimeo Record](https://chrome.google.com/webstore/detail/vimeo-record-screen-webca/ejfmffkmeigkphomnpabpdabfddeadcb) |[GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://vimeo.com/) | [Documentation](https://developer.vimeo.com/) - A Chrome extension to record and share unlimited free video messages from your browser
+ - name: Vimeo Record
+ link: https://chrome.google.com/webstore/detail/vimeo-record-screen-webca/ejfmffkmeigkphomnpabpdabfddeadcb
+
+ # @chrome [Web Vitals](https://chrome.google.com/webstore/detail/web-vitals/ahfhijdlegdabablpippeagghigmibma?hl=en) | [GitHub](https://github.com/GoogleChrome/web-vitals-extension) | [Homepage](https://web.dev/vitals/) - A Chrome extension to measure metrics for a healthy site
+ - name: Web Vitals
+ link: https://chrome.google.com/webstore/detail/web-vitals/ahfhijdlegdabablpippeagghigmibma
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/desktop/dotnet-tools.yml b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/dotnet-tools.yml
new file mode 100644
index 00000000..564211ba
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/dotnet-tools.yml
@@ -0,0 +1,6 @@
+---
+# yamllint disable rule:line-length
+# @var dotnet_tools: [] # An array of .NET tools to install. Specify the package name using the `name` field in each member of the array.
+dotnet_tools:
+ # @dotnet [attacksurfaceanalyzer](https://github.com/microsoft/AttackSurfaceAnalyzer) | [GitHub](https://github.com/microsoft/AttackSurfaceAnalyzer) - Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation
+ - name: Microsoft.CST.AttackSurfaceAnalyzer.CLI
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/desktop/firefox-addons.yml b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/firefox-addons.yml
new file mode 100644
index 00000000..b14da50d
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/firefox-addons.yml
@@ -0,0 +1,92 @@
+---
+# yamllint disable rule:line-length
+# @var firefox_add_ons: [] # An array of Firefox Add-Ons to install. Each Add-On requires a `name` (for display purposes) and a `link`
+# to the Add-On on the Firefox Add-Ons site.
+firefox_add_ons:
+ # @firefox [AdGuard AdBlocker](https://addons.mozilla.org/en-US/firefox/addon/adguard-adblocker/) | [GitHub](https://github.com/AdguardTeam/AdguardBrowserExtension) | [Homepage](https://adguard.com/en/welcome.html) | [Documentation](https://kb.adguard.com/en) - Block ads on Facebook, Youtube and all other websites
+ - name: AdGuard AdBlocker
+ link: https://addons.mozilla.org/en-US/firefox/addon/adguard-adblocker/
+
+ # @firefox [Awesome Vimeo Downloader](https://addons.mozilla.org/en-US/firefox/addon/awesome-vimeo-downloader/) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://pbion.com/en/vimeo-downloader.html) - Download video from Vimeo
+ - name: Awesome Vimeo Downloader
+ link: https://addons.mozilla.org/en-US/firefox/addon/awesome-vimeo-downloader/
+
+ # @firefox [Bitwarden](https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/) | [GitHub](https://github.com/bitwarden/clients) | [Homepage](https://bitwarden.com/) | [Documentation](https://bitwarden.com/help/) - A secure and free password manager for all of the devices
+ - name: Bitwarden
+ link: https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/
+
+ # Cannot be installed using CLI
+ # @firefox [Buffer](https://addons.mozilla.org/en-US/firefox/addon/buffer-for-firefox/) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://buffer.com/) | [Documentation](https://buffer.com/developers/api) - Share great content to Instagram, Twitter, Facebook, Pinterest and LinkedIn from anywhere on the web
+ # - name: Buffer
+ # link: https://addons.mozilla.org/en-US/firefox/addon/buffer-for-firefox/
+
+ # Cannot be installed using CLI
+ # @firefox [Falcon](https://addons.mozilla.org/en-US/firefox/addon/falcon_extension/) | [GitHub](https://github.com/CennoxX/falcon) - Firefox extension for full text browsing history search
+ # - name: Falcon
+ # link: https://addons.mozilla.org/en-US/firefox/addon/falcon_extension/
+
+ # @firefox [Floccus](https://addons.mozilla.org/en-US/firefox/addon/floccus/) | [GitHub](https://github.com/floccusaddon/floccus) | [Homepage](https://floccus.org/) | [Documentation](https://floccus.org/guides) - Syncs bookmarks across browsers via Nextcloud, WebDAV or Google Drive
+ - name: Floccus
+ link: https://addons.mozilla.org/en-US/firefox/addon/floccus/
+
+ # Cannot be installed using CLI
+ # @firefox [Git History Browser Extension](https://addons.mozilla.org/es/firefox/addon/github-history/) | [GitHub](https://github.com/LuisReinoso/git-history-browser-extension) - Adds a button to github to see the file history
+ # - name: Git History Browser Extension
+ # link: https://addons.mozilla.org/es/firefox/addon/github-history/
+
+ # Cannot be installed using CLI
+ # @firefox [Dictionary Anywhere](https://addons.mozilla.org/en-US/firefox/addon/dictionary-anyvhere/) | [GitHub](https://github.com/meetDeveloper/Dictionary-Anywhere) - View definitions easily as you browse the web
+ # - name: Dictionary Anywhere
+ # link: https://addons.mozilla.org/en-US/firefox/addon/dictionary-anyvhere/
+
+ # @firefox [Grammarly](https://addons.mozilla.org/en-US/firefox/addon/grammarly-1/) | [GitHub](https://github.com/grammarly/grammarly-for-developers) | [Homepage](https://www.grammarly.com/) | [Documentation](https://developer.grammarly.com/docs/) - Extension for grammar and spelling to style and tone, and eliminate writing errors and find the perfect words to express
+ - name: Grammarly
+ link: https://addons.mozilla.org/en-US/firefox/addon/grammarly-1/
+
+ # @firefox [HTTPS Everywhere](https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/) | [GitHub](https://github.com/EFForg/https-everywhere) | [Homepage](https://www.eff.org/https-everywhere) | [Documentation](https://www.eff.org/pages/https-everywhere-faq) - Protect your communications by enabling HTTPS encryption automatically on sites
+ - name: HTTPS Everywhere
+ link: https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/
+
+ # @firefox [JSON Lite](https://addons.mozilla.org/en-US/firefox/addon/json-lite/) | [GitHub](https://github.com/lauriro/json-lite) - JSON viewer - highlights, shows items count/size, handles large files
+ - name: JSON Lite
+ link: https://addons.mozilla.org/en-US/firefox/addon/json-lite/
+
+ # @firefox [LastPass](https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.lastpass.com/) | [Documentation](https://support.lastpass.com/home) - Save passwords and give secure access from every computer and mobile device
+ - name: LastPass
+ link: https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/
+
+ # @firefox [LanguageTool](https://addons.mozilla.org/en-US/firefox/addon/languagetool/) | [GitHub](https://github.com/languagetool-org/languagetool) | [Homepage](https://languagetool.org/) | [Documentation](https://dev.languagetool.org/) - Check text with the free style and grammar checker
+ - name: LanguageTool (Grammar and Spell Checker)
+ link: https://addons.mozilla.org/en-US/firefox/addon/languagetool/
+
+ # @firefox [Markdown Here](https://addons.mozilla.org/en-US/firefox/addon/markdown-here/) | [GitHub](https://github.com/adam-p/markdown-here) | [Homepage](https://markdown-here.com/) - Write email in Markdown, then make it pretty
+ - name: Markdown Here
+ link: https://addons.mozilla.org/en-US/firefox/addon/markdown-here/
+
+ # @firefox [MetaMask](https://addons.mozilla.org/en-US/firefox/addon/ether-metamask/) | [GitHub](https://github.com/MetaMask/metamask-extension) | [Homepage](https://metamask.io/) | [Documentation](https://docs.metamask.io/guide/) - Ethereum Browser Extension
+ - name: MetaMask
+ link: https://addons.mozilla.org/en-US/firefox/addon/ether-metamask/
+
+ # @firefox [Raindrop.io](https://addons.mozilla.org/en-US/firefox/addon/raindropio/) | [GitHub](https://github.com/raindropio/desktop) | [Homepage](https://raindrop.io/) | [Documentation](https://developer.raindrop.io/) - An all-in-one cross-browser bookmark manager with advanced indexing features.
+ - name: Raindrop.io
+ link: https://addons.mozilla.org/en-US/firefox/addon/raindropio/
+
+ # @firefox [Rakuten](https://addons.mozilla.org/en-US/firefox/addon/ebates/) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.rakuten.com/) | [Documentation](https://developers.rakuten.com/) - Find best shopping deals and coupons and just save them
+ - name: Rakuten
+ link: https://addons.mozilla.org/en-US/firefox/addon/ebates/
+
+ # @firefox [Screen Recorder](https://addons.mozilla.org/en-US/firefox/addon/screen-recorder/) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://mybrowseraddon.com/screen-recorder.html) - Record computer's screeen
+ - name: Screen Recorder
+ link: https://addons.mozilla.org/en-US/firefox/addon/screen-recorder/
+
+ # @firefox [SingleFile](https://addons.mozilla.org/en-US/firefox/addon/single-file/) | [GitHub](https://github.com/gildas-lormeau/SingleFile) - Save a complete page into a single HTML file
+ - name: SingleFile
+ link: https://addons.mozilla.org/en-US/firefox/addon/single-file/
+
+ # @firefox [SponsorBlock](https://addons.mozilla.org/en-US/firefox/addon/sponsorblock/) | [GitHub](https://github.com/ajayyy/SponsorBlock) | [Homepage](https://sponsor.ajay.app/) | [Documentation](https://wiki.sponsor.ajay.app/w/Guidelines) - Skip YouTube video sponsors
+ - name: SponsorBlock
+ link: https://addons.mozilla.org/en-US/firefox/addon/sponsorblock/
+
+ # @firefox [TinyURL](https://addons.mozilla.org/en-US/firefox/addon/tiny_url/) | [GitHub](NO_GITHUB_REPOSITORY_LINK) - A one-click tool to generate a tiny URL
+ - name: TinyURL
+ link: https://addons.mozilla.org/en-US/firefox/addon/tiny_url/
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/desktop/homebrew.yml b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/homebrew.yml
new file mode 100644
index 00000000..98053847
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/homebrew.yml
@@ -0,0 +1,46 @@
+---
+# @var homebrew_casks: [] # A list of Homebrew casks to install on macOS.
+homebrew_casks:
+ # @cask @application @menubar [Clocker](https://formulae.brew.sh/cask/clocker) | [GitHub](https://github.com/n0shake/clocker) | [Homepage](https://abhishekbanthia.com/clocker/) - macOS program that shows the time in multiple timezones in the top menu bar
+ - name: clocker
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @cask @application [Secretive](https://formulae.brew.sh/cask/secretive) | [GitHub](https://github.com/maxgoedjen/secretive) - macOS app that uses the Secure Enclave to create unreadable private keys - there is no importing/exporting keys so you only have access to the public key
+ - name: secretive
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @cask @application [Sloth](https://formulae.brew.sh/cask/sloth) | [GitHub](https://github.com/sveinbjornt/Sloth) | [Homepage](https://sveinbjorn.org/sloth) - macOS program that shows all open files, directories, sockets, pipes, and devices in use by all running processes on the system
+ - name: sloth
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @cask @application @menubar [Stats](https://formulae.brew.sh/cask/stats) | [GitHub](https://github.com/exelban/stats) | [Homepage]() - macOS program that shows the system monitor in the top menu bar
+ - name: stats
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+# @var homebrew_packages: [] # A list of Homebrew packages to install on Linux / macOS.
+homebrew_packages:
+ # @brew @cli [automake](https://formulae.brew.sh/formula/automake) | [GitHub](https://github.com/autotools-mirror/automake) | [Homepage](https://www.gnu.org/software/automake/) | [Documentation](https://www.gnu.org/software/automake/manual/automake.html) - Tool for generating GNU Standards-compliant Makefiles
+ - name: automake
+
+ # @brew @cli [Carthage](https://formulae.brew.sh/formula/carthage) | [GitHub](https://github.com/Carthage/Carthage) - A simple, decentralized dependency manager for Cocoa
+ - name: carthage
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @brew @cli [chrome-cli](https://formulae.brew.sh/formula/chrome-cli) | [GitHub](https://github.com/prasmussen/chrome-cli) - Control Google Chrome from the command-line
+ - name: chrome-cli
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @brew @cli [findutils](https://formulae.brew.sh/formula/findutils) | [GitHub](NO_GITHUB_REPOSITORY_LINK) | [Homepage](https://www.gnu.org/software/findutils/) - Collection of GNU find, xargs, and locate
+ - name: findutils
+
+ # @brew @cli [ideviceinstaller](https://formulae.brew.sh/formula/ideviceinstaller) | [GitHub](https://github.com/libimobiledevice/ideviceinstaller) | [Homepage](https://libimobiledevice.org/) | [Documentation](https://libimobiledevice.org/#get-started) - Tool for managing apps on iOS devices
+ - name: ideviceinstaller
+
+ # @brew @cli [libimobiledevice](https://formulae.brew.sh/formula/libimobiledevice) | [GitHub](https://github.com/libimobiledevice/libimobiledevice) | [Homepage](https://libimobiledevice.org/) | [Documentation](https://libimobiledevice.org/#get-started) - Library to communicate with iOS devices natively
+ - name: libimobiledevice
+
+ # @brew cli [Trellis](https://roots.io/trellis/) | [GitHub](https://github.com/roots/trellis) | [Homepage](https://roots.io/trellis/) | [Documentation](https://docs.roots.io/trellis/master/installation/) - WordPress development platform that requires Vagrant and a VM provider like VirtualBox
+ - name: roots/tap/trellis-cli
+
+ # @brew @cli [youtube-dl](https://formulae.brew.sh/formula/youtube-dl) | [GitHub](https://github.com/ytdl-org/youtube-dl/) | [Homepage](https://youtube-dl.org/) - youtube-dl is an advanced video download application perhaps most well-known for its ability to download YouTube videos from the command-line. It also supports downloading from other sites such as Twitter, Facebook, Vimeo, Twitch, DailyMotion and many more.
+ - name: youtube-dl
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/desktop/npm-packages.yml b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/npm-packages.yml
new file mode 100644
index 00000000..ae9dd617
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/npm-packages.yml
@@ -0,0 +1,275 @@
+---
+# yamllint disable rule:line-length
+# @var nodejs_npm_global_packages: [] # A list of NPM packages to install globally.
+nodejs_npm_global_packages:
+ # @npm @cli [@angular/cli](https://npmjs.com/package/@angular/cli) | [GitHub](https://github.com/angular/angular-cli) | [Homepage](https://angular.io/) | [Documentation](https://angular.io/docs) - Official CLI for [Angular](https://angular.io/) capable of generating new projects, generating boilerplate files, and testing apps with LiveReload
+ - name: '@angular/cli'
+ bin: ng
+
+ # @npm @cli [@cloudflare/wrangler](https://npmjs.com/package/@cloudflare/wrangler) | [GitHub](https://github.com/cloudflare/wrangler) | [Homepage](https://workers.cloudflare.com/) | [Documentation](https://developers.cloudflare.com/workers/wrangler/configuration/) - A CLI tool designed for folks who are interested in using Cloudflare Workers
+ - name: '@cloudflare/wrangler'
+ bin: wrangler
+
+ # @npm @cli [@feathersjs/cli](https://npmjs.com/package/@feathers/cli) | [GitHub](https://github.com/feathersjs/feathers) | [Homepage](https://feathersjs.com/) | [Documentation](https://docs.feathersjs.com/) - Feathers is a lightweight web-framework for creating real-time applications and REST APIs using JavaScript or TypeScript.
+ - name: '@feathersjs/cli'
+ bin: feathers
+
+ # @npm @cli [@ionic/cli](https://npmjs.com/package/@ionic/cli) | [GitHub](https://github.com/ionic-team/ionic-cli) | [Homepage](https://ionicframework.com/) | [Documentation](https://ionicframework.com/docs/intro/cli) - A command line interface (CLI) is go-to tool for developing Ionic apps
+ - name: '@ionic/cli'
+ bin: ionic
+
+ # @npm @cli [@nestjs/cli](https://npmjs.com/package/@nestjs/cli) | [GitHub](https://github.com/nestjs/nest-cli) | [Homepage](https://nestjs.com/) | [Documentation](https://docs.nestjs.com/) - A command-line interface tool that helps you to initialize, develop, and maintain your Nest applications
+ - name: '@nestjs/cli'
+ bin: nest
+
+ # @npm @cli [@sentry/cli](https://npmjs.com/package/@sentry/cli) | [GitHub](https://github.com/getsentry/sentry-cli) | [Homepage](https://sentry.io/welcome/) | [Documentation](https://docs.sentry.io/product/cli/) - A Sentry command line client for some generic tasks
+ - name: '@sentry/cli'
+ bin: sentry-cli
+
+ # @npm @cli [@vercel/ncc](https://npmjs.com/package/@vercel/ncc) | [GitHub](https://github.com/vercel/ncc) | [Homepage](https://github.com/vercel/ncc#readme) - CLI for compiling a Node.js module into a single file, together with all its dependencies, gcc-style
+ - name: '@vercel/ncc'
+ bin: ncc
+
+ # @npm @cli [auto-install](https://npmjs.com/package/auto-install) | [GitHub](https://github.com/siddharthkp/auto-install) | [Homepage](https://github.com/siddharthkp/auto-install#readme) - Auto installs dependencies as you code
+ - name: auto-install
+ bin: auto-install
+
+ # @npm @cli [bitly-cli-client](https://npmjs.com/package/bitly-cli-client) | [GitHub](https://github.com/xxczaki/bitly-cli-client) | [Homepage](https://github.com/xxczaki/bitly-cli-client#readme) - Shorten links with Bitly in the terminal
+ - name: bitly-cli-client
+ bin: bitly
+
+ # @npm @cli [browser-sync](https://browsersync.io/) | [GitHub](https://github.com/BrowserSync/browser-sync) | [Homepage](http://browsersync.io/) | [Documentation](https://browsersync.io/docs) - Time-saving synchronized browser testing - test desktop and mobile versions of a website at the same time
+ - name: browser-sync
+ bin: browser-sync
+
+ # @npm @cli [caniuse-cmd](https://npmjs.com/package/caniuse-cmd) | [GitHub](https://github.com/sgentle/caniuse-cmd) | [Homepage](https://caniuse.com/) | [Documentation](https://github.com/sgentle/caniuse-cmd#readme) - Caniuse command line tool
+ - name: caniuse-cmd
+ bin: caniuse
+
+ # @npm @cli [carbon-now-cli](https://npmjs.com/package/carbon-now-cli) | [GitHub](https://github.com/mixn/carbon-now-cli) | [Homepage](https://carbon.now.sh/) - Tool that generates beautiful images of source code through an intuitive UI, while customizing aspects like fonts, themes, window controls and much mor
+ - name: carbon-now-cli
+ bin: carbon-now
+
+ # @npm @cli [commitizen](https://npmjs.com/package/commitizen) | [GitHub](https://github.com/commitizen/cz-cli) | [Homepage](https://commitizen.github.io/cz-cli/) | [Documentation](https://github.com/commitizen/cz-cli/blob/master/README.md) - The commitizen command line utility
+ - name: commitizen
+ bin: cz
+
+ # @npm @cli [cordova](https://npmjs.com/package/cordova) | [GitHub](https://github.com/apache/cordova-android) | [Homepage](https://cordova.apache.org/) | [Documentation](https://cordova.apache.org/docs/en/latest/) - The command line tool to build, deploy and manage Cordova-based applications
+ - name: cordova
+ bin: cordova
+
+ # @npm @cli [deviceframe](https://npmjs.com/package/deviceframe) | [GitHub](https://github.com/c0bra/deviceframe) | [Homepage](https://github.com/c0bra/deviceframe#readme) - Put device frames around mobile/web/progressive app screenshots
+ - name: deviceframe
+ bin: dframe
+
+ # @npm @cli [editly](https://npmjs.com/package/editly) | [GitHub](https://github.com/mifi/editly) | [Homepage](https://github.com/mifi/editly) - A tool and framework for declarative NLE (non-linear video editing) using Node.js and ffmpeg
+ - name: editly
+ bin: editly
+
+ # @npm @cli [electron](https://npmjs.com/package/electron) | [GitHub](https://github.com/electron/electron) | [Homepage](https://www.electronjs.org/) | [Documentation](https://www.electronjs.org/docs/latest) - A tool that enables to write cross-platform desktop applications using JavaScript, HTML and CSS
+ - name: electron
+ bin: electron
+
+ # @npm @cli [emma-cli](https://npmjs.com/package/emma-cli) | [GitHub](https://github.com/maticzav/emma-cli) - Install the package you are looking for
+ - name: emma-cli
+ bin: emma
+
+ # @npm @cli [emoj](https://npmjs.com/package/emoj) | [GitHub](https://github.com/sindresorhus/emoj) - Find relevant emoji from text on the command-line
+ - name: emoj
+ bin: emoj
+
+ # @npm @cli [empty-trash-cli](https://npmjs.com/package/empty-trash-cli) | [GitHub](https://github.com/sindresorhus/empty-trash-cli) - A CLI to empty the trash
+ - name: empty-trash-cli
+ bin: empty-trash
+
+ # @npm @cli [eslint](https://npmjs.com/package/eslint) | [GitHub](https://github.com/eslint/eslint) | [Homepage](https://eslint.org/) | [Documentation](https://eslint.org/docs/user-guide/getting-started) - A tool for identifying and reporting on patterns found in ECMAScript/JavaScript code
+ - name: eslint
+ bin: eslint
+
+ # @npm @cli [fastify-cli](https://npmjs.com/package/fastify-cli) | [GitHub](https://github.com/fastify/fastify-cli) | [Homepage](https://www.fastify.io/) | [Documentation](https://www.fastify.io/docs/latest/) - Command line tools for Fastify. Generate, write, and run an application with one single command
+ - name: fastify-cli
+ bin: fastify
+
+ # @npm @cli [firebase-tools](https://npmjs.com/package/firebase-tools) | [GitHub](https://github.com/firebase/firebase-tools) | [Homepage](https://firebase.google.com/) | [Documentation](https://firebase.google.com/docs/cli) - The Firebase Command Line Interface (CLI) Tools can be used to test, manage, and deploy Firebase project from the command line
+ - name: firebase-tools
+ bin: firebase
+
+ # @npm @cli [fkill-cli](https://npmjs.com/package/fkill-cli) | [GitHub](https://github.com/sindresorhus/fkill-cli) - Fabulously kill processes. Cross-platform.
+ - name: fkill-cli
+ bin: fkill
+
+ # @npm @cli [fx](https://npmjs.com/package/fx) | [GitHub](https://github.com/antonmedv/fx) | [Homepage](https://fx.wtf/) - Command-line JSON processing tool
+ - name: fx
+ bin: fx
+
+ # @npm @cli [git-open](https://npmjs.com/package/git-open) | [GitHub](https://github.com/paulirish/git-open) - Type git open to open the repo website (GitHub, GitLab, Bitbucket) in browser
+ - name: git-open
+
+ # @npm @cli [google-font-installer](https://npmjs.com/package/google-font-installer) | [GitHub](https://github.com/lordgiotto/google-font-installer) - Google Font Installer is a NodeJS module/CLI that lets you Search, Download and Install fonts offered by Google Web Fonts
+ - name: google-font-installer
+ bin: gfi
+
+ # @npm @cli [gtop](https://npmjs.com/package/gtop) | [GitHub](https://github.com/aksakalli/gtop) - System monitoring dashboard for terminal
+ - name: gtop
+ bin: gtop
+
+ # @npm @cli [gulp](https://npmjs.com/package/gulp) | [GitHub](https://github.com/gulpjs/gulp) | [Homepage](https://gulpjs.com/) | [Documentation](https://gulpjs.com/docs/en/getting-started/quick-start) - A toolkit that helps you automate painful or time-consuming tasks in your development workflow
+ - name: gulp
+ bin: gulp
+
+ # @npm @cli [imgur-uploader-cli](https://npmjs.com/package/imgur-uploader-cli) | [GitHub](https://github.com/kevva/imgur-uploader-cli) - CLI to upload images to imgur
+ - name: imgur-uploader-cli
+ bin: imgur-uploader
+
+ # @npm @cli [ios-deploy](https://npmjs.com/package/ios-deploy) | [GitHub](https://github.com/ios-control/ios-deploy) - Command line tool to install aand debug iOS apps
+ - name: ios-deploy
+ bin: ios-deploy
+ when: "{{ ansible_os_family == 'Darwin' }}"
+
+ # @npm @cli [ipfs-deploy](https://npmjs.com/package/ipfs-deploy) | [GitHub](https://github.com/ipfs-shipyard/ipfs-deploy) - Upload static website to IPFS pinning services and optionally update DNS
+ - name: ipfs-deploy
+ bin: ipd
+
+ # @npm @cli [is-up-cli](https://npmjs.com/package/is-up-cli) | [GitHub](https://github.com/sindresorhus/is-up-cli) | [Homepage](https://isitup.org/) - Check whether a website is up or down using the isitup.org API
+ - name: is-up-cli
+ bin: is-up
+
+ # @npm @cli [localtunnel](https://npmjs.com/package/localtunnel) | [GitHub](https://github.com/localtunnel/localtunnel) | [Homepage](localtunnel.me) - localtunnel exposes localhost to the world for easy testing and sharing
+ - name: localtunnel
+ bin: localtunnel
+
+ # @npm @cli [mjml](https://npmjs.com/package/mjml) | [GitHub](https://github.com/mjmlio/mjml) | [Homepage](https://mjml.io/) | [Documentation](https://documentation.mjml.io/) - A markup language created by Mailjet and designed to reduce the pain of coding a responsive email
+ - name: mjml
+ bin: mjml
+
+ # @npm @cli [nativefier](https://npmjs.com/package/nativefier) | [GitHub](https://github.com/nativefier/nativefier) | [Documentation](https://github.com/nativefier/nativefier/blob/master/API.md) - Tool to make any web page a desktop application
+ - name: nativefier
+ bin: nativefier
+
+ # @npm @cli [nectarjs](https://npmjs.com/package/nectarjs) | [GitHub](https://github.com/nectarjs/nectarjs) | [Homepage](https://nectarjs.com/) | [Documentation](https://nectarjs.com/documentation/) - A JavaScript native compiler
+ - name: nectarjs
+ bin: nectar
+
+ # @npm @cli [newman](https://npmjs.com/package/newman) | [GitHub](https://github.com/postmanlabs/newman) | [Homepage](https://www.postman.com/) | [Documentation](https://learning.postman.com/docs/running-collections/using-newman-cli/command-line-integration-with-newman/) - A command-line collection runner for Postman
+ - name: newman
+ bin: newman
+
+ # @npm @cli [np](https://npmjs.com/package/np) | [GitHub](https://github.com/sindresorhus/np) - A better npm publish
+ - name: np
+ bin: np
+
+ # @npm @cli [npm-check](https://npmjs.com/package/npm-check) | [GitHub](https://github.com/dylang/npm-check) | [Homepage](https://www.npmjs.com/package/npm-check) - Check for outdated, incorrect, and unused dependencies
+ - name: npm-check
+ bin: npm-check
+
+ # @npm @cli [nrm](https://npmjs.com/package/nrm) | [GitHub](https://github.com/Pana/nrm) - nrm can help you easy and fast switch between different npm registries
+ - name: nrm
+ bin: nrm
+
+ # @npm @cli [oclif](https://npmjs.com/package/oclif) | [GitHub](https://github.com/oclif/oclif) | [Homepage](https://oclif.io/) | [Documentation](https://oclif.io/docs/introduction) - A framework for building CLIs in Node.js
+ - name: oclif
+ bin: oclif
+
+ # @npm @cli [package-size](https://npmjs.com/package/package-size) | [GitHub](https://github.com/egoist/package-size) - Tool to get the bundle size of an npm package
+ - name: package-size
+ bin: package-size
+
+ # @npm @cli [pageres-cli](https://npmjs.com/package/pageres-cli) | [GitHub](https://github.com/sindresorhus/pageres-cli) - A CLI to capture screenshots of websites in various resolutions
+ - name: pageres-cli
+ bin: pageres
+
+ # @npm @cli [playwright](https://npmjs.com/package/playwright) | [GitHub](https://github.com/Microsoft/playwright) | [Homepage](https://playwright.dev/) | [Documentation](https://playwright.dev/docs/intro) - Single API to automate Chromium, WebKit, and Firefox (available as a CLI and library)
+ - name: playwright
+ bin: playwright
+
+ # @npm @cli [pm2](https://npmjs.com/package/pm2) | [GitHub](https://github.com/Unitech/pm2) | [Homepage](https://pm2.keymetrics.io/) | [Documentation](https://pm2.keymetrics.io/docs/usage/quick-start/) - PM2 is a production process manager for Node.js applications with a built-in load balancer
+ - name: pm2
+ bin: pm2
+
+ # @npm @cli [pkg](https://npmjs.com/package/pkg) | [GitHub](https://github.com/vercel/pkg) - This command line interface enables you to package your Node.js project into an executable that can be run even on devices without Node.js installed
+ - name: pkg
+ bin: pkg
+
+ # @npm @cli [prettier](https://npmjs.com/package/prettier) | [GitHub](https://github.com/prettier/prettier) | [Homepage](https://prettier.io/) | [Documentation](https://prettier.io/docs/en/index.html) - A code formatter
+ - name: prettier
+ bin: prettier
+
+ # @npm @cli [psi](https://npmjs.com/package/psi) | [GitHub](https://github.com/GoogleChromeLabs/psi) | [Homepage](https://pagespeed.web.dev/) | [Documentation](https://developers.google.com/speed/docs/insights/v5/about) - PageSpeed Insights with reporting
+ - name: psi
+ bin: psi
+
+ # @npm @cli [ramda-cli](https://npmjs.com/package/ramda-cli) | [GitHub](https://github.com/raine/ramda-cli) - A tool for processing data with functional pipelines in the command-line or interactively in browser
+ - name: ramda-cli
+ bin: ramda
+
+ # @npm @cli [semantic-release](https://npmjs.com/package/semantic-release) | [GitHub](https://github.com/semantic-release/semantic-release) | [Homepage](https://semantic-release.gitbook.io/semantic-release/) | [Documentation](https://semantic-release.gitbook.io/semantic-release/usage/getting-started) - A tool that automates the process of releasing software, featuring integrations with GitHub / GitLab releases
+ - name: semantic-release
+ bin: semantic-release
+
+ # @npm @cli [serve](https://npmjs.com/package/serve) | [GitHub](https://github.com/vercel/serve) - Static file serving and directory listing
+ - name: serve
+ bin: serve
+
+ # @npm @cli [serverless](https://npmjs.com/package/serverless) | [GitHub](https://github.com/serverless/serverless) | [Homepage](https://www.serverless.com/) | [Documentation](https://www.serverless.com/framework/docs) - Serverless Framework – Build web, mobile and IoT applications with serverless architectures using AWS Lambda, Azure Functions, Google CloudFunctions & more
+ - name: serverless
+ bin: serverless
+
+ # @npm @cli [share-cli](https://npmjs.com/package/share-cli) | [GitHub](https://github.com/marionebl/share-cli) - Quickly share files from your command line
+ - name: share-cli
+ bin: share
+
+ # @npm @cli [sharp-cli](https://npmjs.com/package/sharp-cli) | [GitHub](https://github.com/vseventer/sharp-cli) - CLI for sharp, a high performance Node.js image processing module
+ - name: sharp-cli
+ bin: sharp
+
+ # @npm @cli [speed-test](https://npmjs.com/package/speed-test) | [GitHub](https://github.com/sindresorhus/speed-test) - Test your internet connection speed and ping using speedtest.net from the CLI
+ - name: speed-test
+ bin: speed-test
+
+ # @npm @cli [stegcloak](https://npmjs.com/package/stegcloak) | [GitHub](https://github.com/KuroLabs/stegcloak) | [Homepage](https://stegcloak.surge.sh/) - StegCloak is a pure JavaScript steganography module designed in functional programming style, to hide secrets inside text by compressing and encrypting the secret before cloaking it with special unicode invisible characters
+ - name: stegcloak
+ bin: stegcloak
+
+ # @npm @cli [supdock](https://npmjs.com/package/supdock) | [GitHub](https://github.com/segersniels/supdock) - A CLI for running commands like "docker logs" in an easier, more interactive way
+ - name: supdock
+ bin: supdock
+
+ # @npm @cli [surge](https://npmjs.com/package/surge) | [GitHub](https://github.com/sintaxi/surge) | [Homepage](https://surge.sh/) | [Documentation](https://surge.sh/help/) - Publish web apps to a CDN with a single command and no setup required
+ - name: surge
+ bin: surge
+
+ # @npm @cli [svgo](https://npmjs.com/package/svgo) | [GitHub](https://github.com/svg/svgo) - SVG Optimizer is a Node.js-based tool for optimizing SVG vector graphics files
+ - name: svgo
+ bin: svgo
+
+ # @npm @cli [terminalizer](https://npmjs.com/package/terminalizer) | [GitHub](https://github.com/faressoft/terminalizer) | [Homepage](https://terminalizer.com/) - Record your terminal and generate animated gif images or share a web player link terminalizer.com
+ - name: terminalizer
+ bin: terminalizer
+
+ # @npm @cli [tinypng-cli](https://npmjs.com/package/tinypng-cli) | [GitHub](https://github.com/websperts/tinypng-cli) - Handy command line tool for shrinking PNG images using the TinyPNG API
+ - name: tinypng-cli
+ bin: tinypng
+
+ # @npm @cli [tldr](https://npmjs.com/package/tldr) | [GitHub](https://github.com/tldr-pages/tldr-node-client) | [Homepage](https://tldr.sh/) - A Node.js based command-line client for tldr
+ - name: tldr
+ bin: tldr
+
+ # @npm @cli [ts2c](https://npmjs.com/package/ts2c) | [GitHub](https://github.com/andrei-markeev/ts2c) - A JavaScript/TypeScript to C compiler
+ - name: ts2c
+ bin: ts2c
+
+ # @npm @cli [typescript](https://npmjs.com/package/typescript) | [GitHub](https://github.com/Microsoft/TypeScript) | [Homepage](https://www.typescriptlang.org/) | [Documentation](https://www.typescriptlang.org/docs/) - A language for application-scale JavaScript
+ - name: typescript
+ bin: tsc
+
+ # @npm @cli [wifi-password-cli](https://npmjs.com/package/wifi-password-cli) | [GitHub](https://github.com/kevva/wifi-password-cli) - CLI to get current wifi password
+ - name: wifi-password-cli
+ bin: wifi-password
+
+ # @npm @cli [wordpressify](https://npmjs.com/package/wordpressify) | [GitHub](https://github.com/luangjokaj/wordpressify) | [Homepage](https://www.wordpressify.co/) | [Documentation](https://www.wordpressify.co/docs) - Automate your WordPress development workflow
+ - name: wordpressify
+ bin: wordpressify
+
+ # @npm @cli [zx](https://npmjs.com/package/zx) | [GitHub](https://github.com/google/zx) - A tool for writing better scripts
+ - name: zx
+ bin: zx
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/desktop/pip-packages.yml b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/pip-packages.yml
new file mode 100644
index 00000000..bb43aa04
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/pip-packages.yml
@@ -0,0 +1,113 @@
+---
+# yamllint disable rule:line-length
+# @var pip_packages: [] # A list of Python packages to install globall. If the package's `pipx` field is set to true then the
+# package will be installed via [pipx](https://pypa.github.io/pipx/).
+# These are the pip packages that are automatically installed on hosts in the desktop group
+pip_packages:
+ # @pypi @cli [ansibleconnect](https://pypi.org/project/ansibleconnect/) | [GitHub](https://github.com/psykulsk/ansibleconnect) - Parses Ansible inventory and opens up a tmux session for each host
+ - name: ansibleconnect
+ pipx: true
+
+ # @pypi @cli [ansible-lint](https://pypi.org/project/ansible-lint/) | [GitHub](https://github.com/ansible/ansible-lint) | [Documentation](https://ansible-lint.readthedocs.io/en/latest/) - Lint tool that checks [Ansible](https://www.ansible.com/) projects for best practices and problematic code
+ - name: ansible-lint
+ pipx: true
+
+ # @pypi @cli [asciinema](https://pypi.org/project/asciinema/) | [GitHub](https://github.com/asciinema/asciinema) | [Homepage](https://asciinema.org/) | [Documentation](https://asciinema.org/docs/how-it-works) - Tool that records terminal session and replay them in a terminal as well as in a web browser
+ - name: asciinema
+ pipx: true
+
+ # @pypi @cli [aws-shell](https://pypi.org/project/aws-shell/) | [GitHub](https://github.com/awslabs/aws-shell) | [Documentation](https://docs.aws.amazon.com/cli/latest/reference/) - AWS shell is the interactive productivity booster for the AWS CLI
+ - name: aws-shell
+ pipx: true
+
+ # @pypi @cli [cookiecutter](https://pypi.org/project/cookiecutter/) | [GitHub](https://github.com/cookiecutter/cookiecutter) | [Documentation](https://cookiecutter.readthedocs.io/en/stable/) - A command-line utility that creates projects from cookiecutters (project templates)
+ - name: cookiecutter
+ pipx: true
+
+ # @pypi @cli [gdown](https://pypi.org/project/gdown) | [GitHub](https://github.com/wkentaro/gdown) - An alternative to wget and curl that can handle downloading large files from Google Drive
+ - name: gdown
+ pipx: true
+
+ # @pypi @cli [git-filter-repo](https://pypi.org/project/git-filter-repo) | [GitHub](https://github.com/newren/git-filter-repo) | [Documentation](https://htmlpreview.github.io/?https://github.com/newren/git-filter-repo/blob/docs/html/git-filter-repo.html) - Tool that aids in wiping particular sections of a repository
+ - name: git-filter-repo
+ pipx: true
+
+ # @pypi @cli [gixy](https://pypi.org/project/gixy/) | [GitHub](https://github.com/yandex/gixy) - A tool to analyze Nginx configuration
+ - name: gixy
+ pipx: true
+
+ # @pypi @cli [gphotos-sync](https://pypi.org/projects/gphotos-sync) | [GitHub](https://github.com/gilesknap/gphotos-sync) | [Documentation](https://gilesknap.github.io/gphotos-sync/main/index.html) - A tool that can be used to backup photos and video from Google Photos
+ - name: gphotos-sync
+ pipx: true
+
+ # @pypi @cli [httpstat](https://pypi.org/project/httpstat/) | [GitHub](https://github.com/reorx/httpstat) - A script that reflects curl statistics in a fascinating and well-defined way, it is a single file which is compatible with Python 3 and requires no additional software (dependencies) to be installed on a users system
+ - name: httpstat
+ pipx: true
+
+ # @pypi @cli @tui [http-prompt](https://pypi.org/project/http-prompt/) | [GitHub](https://github.com/httpie/http-prompt) | [Homepage](https://http-prompt.com/) | [Documentation](https://docs.http-prompt.com/en/latest/) - An interactive command-line HTTP client featuring autocomplete and syntax highlighting, built on HTTPie and prompt_toolkit
+ - name: http-prompt
+ pipx: true
+
+ # @pypi @cli @tui [iredis](https://pypi.org/project/iredis/) | [GitHub](https://github.com/laixintao/iredis) | [Homepage](https://iredis.io/) - A terminal client for redis with auto-completion and syntax highlighting
+ - name: iredis
+ pipx: true
+
+ # @pypi @cli @tui [kube-shell](https://pypi.org/project/kube-shell/) | [GitHub](https://github.com/cloudnativelabs/kube-shell) - An integrated shell for working with the Kubernetes CLI
+ - name: kube-shell
+ pipx: true
+
+ # @pypi @cli @tui [litecli](https://pypi.org/project/litecli/) | [GitHub](https://github.com/dbcli/litecli) | [Homepage](https://litecli.com/) | [Documentation](https://litecli.com/features/) - A command-line client for SQLite databases that has auto-completion and syntax highlighting
+ - name: litecli
+ pipx: true
+
+ # @pypi @cli [netaddr](https://pypi.org/project/netaddr/) | [GitHub](https://github.com/netaddr/netaddr) | [Documentation](https://netaddr.readthedocs.io/en/latest/) - A system-independent network address manipulation library for Python 2.7 and 3.5+
+ - name: netaddr
+ pipx: true
+
+ # @pypi @cli [ngxtop](https://pypi.org/project/ngxtop/) | [GitHub](https://github.com/lebinh/ngxtop) - ngxtop parses your nginx access log and outputs useful, top-like, metrics of your nginx server
+ - name: ngxtop
+ pipx: true
+
+ # @pypi @cli [molecule](https://pypi.org/project/molecule/) | [GitHub](https://github.com/ansible-community/molecule) | [Documentation](https://molecule.readthedocs.io/en/latest/) - Molecule project is designed to aid in the development and testing of Ansible roles. Molecule provides support for testing with multiple instances, operating systems and distributions, virtualization providers, test frameworks and testing scenarios
+ - name: molecule
+ pipx: true
+
+ # @pypi @cli @tui [mycli](https://pypi.org/project/mycli/) | [GitHub](https://github.com/dbcli/mycli) | [Homepage](https://www.mycli.net/) | [Documentation](https://www.mycli.net/docs) - Command line interface for MySQL database with auto-completion and syntax highlighting
+ - name: mycli
+ pipx: true
+
+ # @pypi @cli [pre-commit](https://pypi.org/project/pre-commit/) | [GitHub](https://github.com/pre-commit/pre-commit) | [Homepage](https://pre-commit.com/) | [Documentation](https://pre-commit.com/index.html#install) - A framework for managing and maintaining multi-language pre-commit hooks
+ - name: pre-commit
+ pipx: true
+
+ # @pypi @cli [pywhat](https://pypi.org/project/pywhat/) | [GitHub](https://github.com/bee-san/pyWhat) - A tool that identify what something is, whether it be a file or a text, or even the hex of a file, and text within files - what is recursive
+ - name: pywhat
+ pipx: true
+
+ # @pypi @cli @webapp [social-analyzer](https://pypi.org/project/social-analyzer/) | [GitHub](https://github.com/qeeqbox/social-analyzer) - API, CLI & Web App for analyzing & finding a person’s profile across social media websites
+ - name: social-analyzer
+ pipx: true
+
+ # @pypi @cli [spotdl](https://pypi.org/project/spotdl/) | [GitHub](https://github.com/spotDL/spotify-downloader) - A tool to download Spotify playlists and songs along with album art and metadata
+ - name: spotdl
+ pipx: true
+
+ # @pypi @cli [starred](https://pypi.org/project/starred/) | [GitHub](https://github.com/maguowei/starred) - Generate a GitHub Awesome list directly from your starred repositories
+ - name: starred
+ pipx: true
+
+ # @pypi @cli [statcode](https://pypi.org/project/statcode/) | [GitHub](https://github.com/shobrook/statcode) - `man` pages for HTTP status codes (used by running `statcode 418`, for instance)
+ - name: statcode
+ pipx: true
+
+ # @pypi @cli [trufflehog](https://pypi.org/project/truffleHog/) | [GitHub](https://github.com/trufflesecurity/trufflehog) | [Homepage](https://trufflesecurity.com/) - A tool which makes it easier to search through the history of a git repository to discover passwords and other secrets
+ - name: truffleHog
+ pipx: true
+
+ # @pypi @cli [virtualenv](https://pypi.org/project/virtualenv/) | [GitHub](https://github.com/pypa/virtualenv) | [Homepage](https://virtualenv.pypa.io/en/latest/) | [Documentation](https://virtualenv.pypa.io/en/latest/user_guide.html) - A tool for creating isolated virtual Python environments
+ - name: virtualenv
+ pipx: true
+
+ # @pypi @cli [yamllint](https://pypi.org/project/yamllint/) | [GitHub](https://github.com/adrienverge/yamllint) | [Documentation](https://yamllint.readthedocs.io/en/stable/) - A linter for YAML files
+ - name: yamllint
+ pipx: true
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/desktop/ruby-gems.yml b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/ruby-gems.yml
new file mode 100644
index 00000000..28a65a79
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/ruby-gems.yml
@@ -0,0 +1,28 @@
+---
+# yamllint disable rule:line-length
+# @var ruby_gems: [] # A list of Ruby gems that should be installed globally.
+# These are the default gems installed on any host in the desktop group
+ruby_gems:
+ # @gem @cli [Bundler](https://rubygems.org/gems/bundler) | [GitHub](https://github.com/rubygems/rubygems) | [Homepage](https://bundler.io/) | [Documentation](https://bundler.io/docs.html) - A tool that manages ruby application's gem dependencies through its entire life, across many machines, systematically and repeatably
+ - name: bundler
+
+ # @gem @cli [Chef](https://rubygems.org/gems/chef) | [GitHub](https://github.com/chef/chef/) | [Homepage](https://www.chef.io/) | [Documentation](https://docs.chef.io/) - A systems integration framework, built to bring the benefits of configuration management to the entire infrastructure
+ - name: chef
+
+ # @gem @cli [CocoaPods](https://rubygems.org/gems/cocoapods) | [GitHub](https://github.com/CocoaPods/CocoaPods/) | [Homepage](https://cocoapods.org/) | [Documentation](https://guides.cocoapods.org/) - A tool that manages library dependencies for Xcode project
+ - name: cocoapods
+
+ # @gem @cli [fpm](https://rubygems.org/gems/fpm) | [GitHub](https://github.com/jordansissel/fpm/) | [Documentation](https://fpm.readthedocs.io/en/latest/) - A tool that converts directories, rpms, python eggs, rubygems, and more to rpms, debs, solaris packages and more
+ - name: fpm
+
+ # @gem @cli [gist](https://rubygems.org/gems/gist) | [GitHub](https://github.com/defunkt/gist/) | [Documentation](http://defunkt.io/gist/) - A tool that provides a single function (Gist.gist) that uploads a gist
+ - name: gist
+
+ # @gem @cli [mdl](https://rubygems.org/gems/mdl) | [GitHub](https://github.com/markdownlint/markdownlint) - A style checker/lint tool for markdown files
+ - name: mdl
+
+ # @gem @cli [mdl](https://rubygems.org/gems/papertrail) | [GitHub](https://github.com/papertrail/papertrail-cli) | [Homepage](https://www.papertrail.com/) - A log viewer for Papertrail (a logging service with a basic free plan)
+ - name: papertrail
+
+ # @gem @cli [t](https://rubygems.org/gems/t) | [GitHub](https://github.com/sferik/t/) - A command-line power tool for Twitter
+ - name: t
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vars.yml b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vars.yml
new file mode 100644
index 00000000..bd4c019e
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vars.yml
@@ -0,0 +1,193 @@
+---
+# @var add_known_hosts: true # When set to `true`, the playbook will automatically attempt to pre-cache
+# SSH address signatures into the `known_hosts` file.
+add_known_hosts: true
+
+default_ssh_authorized_keys:
+ - "{{ lookup('file', 'files/ssh/id_rsa.pub') }}"
+
+default_ssh_private_keys:
+ - files/ssh/id_rsa
+
+# @var software: [] # A list of software packages to be installed via the `roles/helpers/installer` role. The list of software
+# that can be installed via the role (and this variable) is in `group_vars/all/software.yml`.
+software:
+ - act
+ - altair
+ - askgit
+ - azurefunctions
+ - bandwhich
+ - bane
+ - bat
+ - betwixt
+ - bin
+ - bitwarden
+ - bivac
+ - boilr
+ - captain
+ - cerebro
+ - clair
+ - consul
+ - croc
+ - ctop
+ - cumulus
+ - dasel
+ - dat
+ - delta
+ - desed
+ - deta
+ - direnv
+ - dive
+ - docker
+ - dockle
+ - doctl
+ - dog
+ - duf
+ - dust
+ - envconsul
+ - fd
+ # - felony # No releases in 6 years, no 'latest' release tag ever which causes the `gh` method to fail
+ - ffsend
+ - filebrowser
+ - fm
+ - fq
+ - fselect
+ - fuego
+ # - g-assist # A separate Role exists
+ - ganache
+ - gitify
+ - gitleaks
+ - gitomatic
+ - glab
+ - glow
+ - go
+ - gojq
+ - gping
+ - grex
+ - gron
+ - hclq
+ - hexyl
+ - hey
+ - hostctl
+ - htmlq
+ - hyperfine
+ - jiq
+ - jitsi
+ - jo
+ - jq
+ - kdash
+ - kubenav
+ - license
+ - linuxkit
+ - manta
+ - mark
+ - masscode
+ - mc
+ - mergestat
+ - mjml
+ - mkcert
+ - mockoon
+ - motrix
+ - mqttx
+ - muffet
+ # - mullvad-vpn # deb, rpm available, no archives for Linux
+ - nebula
+ - nnn
+ - node
+ - nomino
+ - nuclear
+ - oq
+ - osquery
+ - ots
+ - page
+ - pass
+ - pastel
+ - peco
+ - pony
+ - pretzel # Mac only, over 3 years old
+ - procs
+ # - psu # Releases contain only code. few pre-releases contain releases, no update in about 2.5 years
+ - pup
+ - q
+ - raindrop
+ - responsively
+ - rip
+ - runjs
+ - s5cmd
+ - schema
+ - scrcpy
+ - sd
+ - shfmt
+ - skm
+ # - sqlectron # deb, rpm, pacman available but no archive
+ - ssh-vault
+ - ssl-proxy
+ - skype
+ - slack
+ - sqlectron
+ - ssh
+ - ssl
+ - switchhosts
+ - sysbench
+ - tabby
+ - task
+ - teleport
+ - temps # 6 years old. Forks are platform specific
+ - tflint
+ - tokei
+ - transfer
+ - trivy
+ - udemy
+ - up
+ - waypoint
+ - websocat
+ - webtorrent
+ - whaler
+ - wkhtmltopdf
+ - xurls
+ - yq
+
+# @var default_browser: brave # Set this variable equal to the tag corresponding to the browser you wish to be set as the default browser.
+# Available options include `brave` (Brave Browser), `firefox` (Firefox), `edge` (Microsoft Edge), and `chrome` (Google Chrome / Chromium).
+default_browser: brave
+
+# @var vpn_connections: [] # A list of VPN profiles to automatically load into the NetworkManager VPN plugin on Linux and into the WireGuard
+# app on macOS / Linux. The profiles should be placed in the `files/vpn` folder. Examples of OpenVPN / WireGuard profiles are also available
+# in that folder.
+vpn_connections:
+ - file: Mullvad OVPN Greece (TCP 53).ovpn
+ password: '{{ mullvad_password }}'
+ username: '{{ mullvad_username }}'
+# @example #
+# vpn_connections:
+# - file: Mullvad OpenVPN Denver (UDP 53).ovpn
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad OpenVPN Hong Kong.ovpn
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad OpenVPN Italy.ovpn
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad OpenVPN NYC.ovpn
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad OpenVPN Secaucus (TCP 80).ovpn
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad WireGuard Germany (Custom Port).nmconnection
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad WireGuard Italy Brazil.nmconnection
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad WireGuard NYC (Custom Port).nmconnection
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad WireGuard NYC.nmconnection
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# - file: Mullvad WireGuard Switzerland.nmconnection
+# password: '{{ mullvad_password }}'
+# username: '{{ mullvad_username }}'
+# @end
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vault.schema.json b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vault.schema.json
new file mode 100644
index 00000000..5cd8ba12
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vault.schema.json
@@ -0,0 +1,99 @@
+{
+ "$ref": "#/definitions/VaultSchema",
+ "$schema": "http://json-schema.org/draft-06/schema#",
+ "definitions": {
+ "VaultSchema": {
+ "additionalProperties": false,
+ "properties": {
+ "dockerhub_password": {
+ "type": "string"
+ },
+ "dockerhub_username": {
+ "type": "string"
+ },
+ "dropbox_access_token": {
+ "type": "string"
+ },
+ "google_drive_access_token": {
+ "type": "string"
+ },
+ "google_drive_client_id": {
+ "type": "string"
+ },
+ "google_drive_client_secret": {
+ "type": "string"
+ },
+ "google_drive_refresh_token": {
+ "type": "string"
+ },
+ "google_drive_root_folder_id": {
+ "type": "string"
+ },
+ "google_drive_work_access_token": {
+ "type": "string"
+ },
+ "google_drive_work_client_id": {
+ "type": "string"
+ },
+ "google_drive_work_client_secret": {
+ "type": "string"
+ },
+ "google_drive_work_refresh_token": {
+ "type": "string"
+ },
+ "mullvad_password": {
+ "type": "string"
+ },
+ "mullvad_username": {
+ "type": "integer"
+ },
+ "nordvpn_password": {
+ "type": "string"
+ },
+ "nordvpn_username": {
+ "type": "string"
+ },
+ "onedrive_access_token": {
+ "type": "string"
+ },
+ "onedrive_drive_id": {
+ "type": "string"
+ },
+ "onedrive_refresh_token": {
+ "type": "string"
+ },
+ "surgesh_password": {
+ "type": "string"
+ },
+ "surgesh_username": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "dockerhub_password",
+ "dockerhub_username",
+ "dropbox_access_token",
+ "google_drive_access_token",
+ "google_drive_client_id",
+ "google_drive_client_secret",
+ "google_drive_refresh_token",
+ "google_drive_root_folder_id",
+ "google_drive_work_access_token",
+ "google_drive_work_client_id",
+ "google_drive_work_client_secret",
+ "google_drive_work_refresh_token",
+ "mullvad_password",
+ "mullvad_username",
+ "nordvpn_password",
+ "nordvpn_username",
+ "onedrive_access_token",
+ "onedrive_drive_id",
+ "onedrive_refresh_token",
+ "surgesh_password",
+ "surgesh_username"
+ ],
+ "title": "VaultSchema",
+ "type": "object"
+ }
+ }
+}
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vault.yml b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vault.yml
new file mode 100644
index 00000000..cf60c28b
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vault.yml
@@ -0,0 +1,73 @@
+$ANSIBLE_VAULT;1.1;AES256
+64306639656238326538643532646539323337653665643031653038343438313433343337303036
+6339323430323734633762383262303839343732373136630a366137336231326239343663303334
+66356531626566393131666533306335366461386532343533343037303064343366333137346463
+6464303164656561390a633963363133663339313730343839353032373362343730643537636335
+63383832626638613566363932343361366666313433373634623336323430633839346566393166
+66306530373733613737316430613939313534363535313830346130306365636363373432326330
+37623765343337313161313235616235323530643932363463306566323862366461613231323233
+63396363663738356133323134303037376663396635316339373532313237343365333666663834
+35623531613935393030393036323539616463316237616139633166633832616535633134643732
+61646465393164383037303962363236653435353163613433633436303862336435656231653761
+31363632316362336161396331313065373432336232303835663039383164353063333838343835
+31643961346233326530333130656264336138393631376432383933623132643336383762343239
+37363535346234663962613534313535343138626430616261613833653335333061626363633738
+65313335626534616364613137643032653930643636363631356163623231383536373131623630
+61383561633438306166356138356134376366363861346334373030626564616566643231373362
+33346635333935373337333864373663383230333665633934336439636438396165353036613166
+32316538356630386632343135313239313639396339333939346230353735666366633138646636
+63373032646536626339373130383638343064616465313564623131306566343634623730303537
+34343464666365666434383138653464616630353035666334333739396233373932363462306264
+32656263333161363963633963396432396464393363373462373061613632303861316263646262
+63653335633331393866303962613561653431333134633135346536373835666263323163636662
+63623066633932373838393036386565313837323462613739613039633037323939643930623837
+61373834616532663966616530626461346432353933353666386435383561623935363630666235
+32306264363831373636626533396338346133333863373738386632363965656366333864313437
+33363665343433646266303361643663636237613337656262646534633661333033303535383138
+34633836303531333332313436386532376138666666396430356432336234313361373536663336
+65646665396130646564343834313339393861653866353964653461613339393762636533656665
+38363433323363643330636661383831393037656662396533313765663733303238383339383266
+63393639353534613233623463346132313164656336336462363838366261366362666233363131
+35613335613563626336373537613534636636336433633231653637633238346566393130306363
+64373937373138303837363064363463613732333334323332303761316164343066383564646337
+39373666623061386436613232393236383530353838386664383234656533303863376631313738
+30333932393965353664383762366530323461303165663765653265306435303563323365323733
+63613130666661306361383933656164323264613766623436306436616631636265383539653131
+32303062386530363338373630363831363839323439303464326530666439333733626561363564
+38396235626138666561623965313561313765646539323630333539343564313239646135366361
+61383265643337353864393830343132663364383235616638656535663738633537653034356230
+31316635616365373862363138313031633734316336343837396339653166366239633731613363
+66313231353837646162386463646639383836353466646233623436633730313566393164373866
+61633933653932393563636533346561613065656534316264393633643539633463623431616635
+61326631363130366139303937633834636531383338373563343563663530373238326233343063
+30393330313365663263643332376366363966373232346134376531383965623738623433313461
+39363562653631633838366539636661373463366363353438663064636535303531326165363239
+61396336393538353337393665313033646338646663326665633435393365383236646633663836
+66656563663461616139356537656266383362633631653034363837646335343734303338313665
+63336532623036633566363465623038343730393362346532343636333937373763326632373535
+63666562316135623962396335316630653431626639633235343162313231346336653737653435
+36323535346639616264303731343235626138653061356335313564643639393863346632373739
+30356138656466616265626136666162393332346332353466626139653962623261376432353835
+36343237373436306437616466633934613838623462633638646465616637363563303264373435
+34653664343039306561626237386438633739346266633533353466336134343537346264333137
+61356234303531313834393730613233343133323732646335663132303938626631626538356332
+33643039323262656265303861613631343861363433616334396636393938333063633938653036
+31396261336633666533623064396464666332653930333235623639646530666164386436646231
+31353032393138363632303932356131316364616133663937356535396335393466326564313662
+34336535656230643930633933363030623066613832316261616636623338626162626566346333
+38333764666533643966333036386463353732356331383265356663663462613036663635356339
+37333739373662376534356666393465306537623961653933363936303763363064643231353162
+65353130386165306535373730633639626566663830623333383166376635656666613661343632
+34303062656264663730376465323765323264366632396462396264393637653634616265613931
+61396335353764363938376136393265303838363138353936383034643430666466643130623864
+61326232356466663561666264313634633033623931633263343136656461643337666666623761
+64386461663236633661643764376230363263363130383739623466316331323664633666663765
+65353438303030396465306565653862323761643738313635316463653264326339303465303332
+63346238643962633763663638343534316238653364316565343964636437656236373933616532
+32623836393635306137386633313138323436363236326136383563393639643830323430313464
+31613234346436623538353262363438363631616434363837323638663736306333393135313231
+34383631303064653837373662303237643865363337383166616430643836623561316466646633
+36363631363433666362633966383438623934363532643163636238326537656337346139656233
+35333637303739363039303861353139656132333236336261363538356436646339393130313734
+32333331636633613462633633333535613163393033313731393033613537346334326337393062
+32623538363738623934
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vscode-extensions.yml b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vscode-extensions.yml
new file mode 100644
index 00000000..be00cf72
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/desktop/vscode-extensions.yml
@@ -0,0 +1,331 @@
+---
+# yamllint disable rule:line-length
+# @var vscode_extensions: [] # A list of VS Code extensions to install after VS Code is installed. Only the `name` field is required for
+# each extension in the list. You can disregard the `types` field that is shown in the default list.
+vscode_extensions:
+ # @vscode [Angular Language Service](https://marketplace.visualstudio.com/items?itemName=Angular.ng-template) | [GitHub](https://github.com/angular/vscode-ng-language-service) - Editor services for Angular template files
+ - name: Angular.ng-template
+ types:
+ - angular
+
+ # @vscode [MJML](https://marketplace.visualstudio.com/items?itemName=attilabuti.vscode-mjml) | [GitHub](https://github.com/attilabuti/vscode-mjml) - MJML preview, lint, and compile
+ - name: attilabuti.vscode-mjml
+
+ # @vscode [Markdown Emoji](https://marketplace.visualstudio.com/items?itemName=bierner.markdown-emoji) | [GitHub](https://github.com/mjbvz/vscode-markdown-emoji) - Adds emoji syntax support to VS Code's built-in Markdown preview
+ - name: bierner.markdown-emoji
+
+ # @vscode [Turbo Console Log](https://marketplace.visualstudio.com/items?itemName=ChakrounAnas.turbo-console-log) | [GitHub](https://github.com/Chakroun-Anas/turbo-console-log) - This extension make debugging much easier by automating the operation of writing meaningful log message
+ - name: ChakrounAnas.turbo-console-log
+ types:
+ - angular
+ - npm
+
+ # @vscode [Firestore Rules](https://marketplace.visualstudio.com/items?itemName=ChFlick.firecode) | [GitHub](https://github.com/ChFlick/firecode) - Firestore security rule support for Visual Studio Code
+ - name: ChFlick.firecode
+ types:
+ - angular
+
+ # @vscode [Regex Previewer](https://marketplace.visualstudio.com/items?itemName=chrmarti.regex) | [GitHub](https://github.com/chrmarti/vscode-regex) - Shows the current regular expression's matches in a side-by-side document
+ - name: chrmarti.regex
+ types:
+ - all
+
+ # @vscode [MySQL](https://marketplace.visualstudio.com/items?itemName=cweijan.vscode-mysql-client2) | [GitHub](https://github.com/cweijan/vscode-database-client) - A database GUI for SQL, SQLite, MongoDB, Redis, and ElasticSearch
+ - name: cweijan.vscode-mysql-client2
+
+ # @vscode [markdownlint](https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint) | [GitHub](https://github.com/DavidAnson/vscode-markdownlint) - Markdown/CommonMark linting and style checking for Visual Studio Code
+ - name: DavidAnson.vscode-markdownlint
+ types:
+ - all
+
+ # @vscode [ESLint](https://marketplace.visualstudio.com/items?itemName=dbaeumer.vscode-eslint) | [GitHub](https://github.com/Microsoft/vscode-eslint) - Integrates ESLint into VS Code
+ - name: dbaeumer.vscode-eslint
+ types:
+ - all
+
+ # @vscode [Deno](https://marketplace.visualstudio.com/items?itemName=denoland.vscode-deno) | [GitHub](https://github.com/denoland/vscode_deno) - Adds support for Deno (powered by the Deno language server)
+ - name: denoland.vscode-deno
+ types:
+ - npm
+
+ # @vscode [GitLens](https://marketplace.visualstudio.com/items?itemName=eamodio.gitlens) | [GitHub](https://github.com/gitkraken/vscode-gitlens) - GitLens is a popular extension that supercharges the Git capabilities built into VS Code
+ - name: eamodio.gitlens
+ types:
+ - all
+
+ # @vscode [EditorConfig](https://marketplace.visualstudio.com/items?itemName=EditorConfig.EditorConfig) | [GitHub](https://github.com/editorconfig/editorconfig-vscode) - This plugin attempts to override user/workspace settings with setting found in .editorconfig files
+ - name: EditorConfig.EditorConfig
+ types:
+ - all
+
+ # @vscode [Prettier](https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode) | [GitHub](https://github.com/prettier/prettier-vscode) - Prettier is an opinionated code formatter
+ - name: esbenp.prettier-vscode
+ types:
+ - all
+
+ # @vscode [Carbon Now](https://marketplace.visualstudio.com/items?itemName=ericadamski.carbon-now-sh) | [GitHub](https://github.com/ericadamski/vscode-carbon_now_sh) - A VS Code extension to open the current editor content in carbon.now.sh
+ - name: ericadamski.carbon-now-sh
+ types:
+ - all
+
+ # @vscode [Jest Runner](https://marketplace.visualstudio.com/items?itemName=firsttris.vscode-jest-runner) | [GitHub](https://github.com/firsttris/vscode-jest-runner) - Manage, run, and debug individual Jest tests
+ - name: firsttris.vscode-jest-runner
+ types:
+ - angular
+ - npm
+
+ # @vscode [Auto Rename Tag](https://marketplace.visualstudio.com/items?itemName=formulahendry.auto-rename-tag) | [GitHub](https://github.com/formulahendry/vscode-auto-rename-tag) - Automatically rename paired HTML/XML tag, same as Visual Studio IDE does
+ - name: formulahendry.auto-rename-tag
+ types:
+ - angular
+ - npm
+
+ # @vscode [Code Runner](https://marketplace.visualstudio.com/items?itemName=formulahendry.code-runner) | [GitHub](https://github.com/formulahendry/vscode-code-runner) - Run code snippet or code file
+ - name: formulahendry.code-runner
+ types:
+ - all
+
+ # @vscode [GitHub Pull Requests and Issues](https://marketplace.visualstudio.com/items?itemName=GitHub.vscode-pull-request-github) | [GitHub](https://github.com/Microsoft/vscode-pull-request-github) - Review and manage your GitHub pull requests and issues directly in VS Code
+ - name: GitHub.vscode-pull-request-github
+ types:
+ - all
+
+ # @vscode [GitLab Workflow](https://marketplace.visualstudio.com/items?itemName=GitLab.gitlab-workflow) | [GitHub](NO_GITHUB_REPOSITORY_LINK) - This extension integrates GitLab to VS Code
+ - name: GitLab.gitlab-workflow
+ types:
+ - all
+
+ # @vscode [Cloud Code](https://marketplace.visualstudio.com/items?itemName=GoogleCloudTools.cloudcode) | [GitHub](https://github.com/GoogleCloudPlatform/cloud-code-vscode) - This extension brings the power and convenience of IDEs to cloud-native application development
+ - name: GoogleCloudTools.cloudcode
+ types:
+ - all
+
+ # @vscode [Go](https://marketplace.visualstudio.com/items?itemName=golang.Go) | [GitHub](https://github.com/golang/vscode-go) - This extension provides rich language support for the Go programming language, integrates with Google Cloud services like Google Kubernetes Engine, Cloud Run, Cloud APIs, and Secret Manager
+ - name: golang.Go
+ types:
+ - go
+
+ # @vscode [HashiCorp Terraform](https://marketplace.visualstudio.com/items?itemName=HashiCorp.terraform) | [GitHub](https://github.com/hashicorp/terraform) - This extension adds syntax highlighting and other editing features for Terraform files using the Terraform Language Server
+ - name: HashiCorp.terraform
+ types:
+ - ansible
+
+ # @vscode [Draw.io Integration](https://marketplace.visualstudio.com/items?itemName=hediet.vscode-drawio) | [GitHub](https://github.com/hediet/vscode-drawio) - Allows editing draw.io images in VS Code by adding files ending with .drawio.png
+ - name: hediet.vscode-drawio
+ types:
+ - all
+
+ # @vscode [Output Colorizer](https://marketplace.visualstudio.com/items?itemName=IBM.output-colorizer) | [GitHub](https://github.com/IBM-Cloud/vscode-log-output-colorizer) - This extension adds syntax colorization for both the output/debug/extensions panel and *.log files, other extension that colorize the output panel will disable this extension
+ - name: IBM.output-colorizer
+ types:
+ - all
+
+ # @vscode [SSH FS](https://marketplace.visualstudio.com/items?itemName=Kelvin.vscode-sshfs) | [GitHub](https://github.com/SchoofsKelvin/vscode-sshfs) - Allows mounting SSH destinations as file system mounts inside VS Code
+ - name: Kelvin.vscode-sshfs
+ types:
+ - all
+
+ # @ideavscode [Project Dashboard](https://marketplace.visualstudio.com/items?itemName=kruemelkatze.vscode-dashboard) | [GitHub](https://github.com/Kruemelkatze/vscode-dashboard) - This VS code extension organize the projects in a speed-dial like manner
+ # - name: kruemelkatze.vscode-dashboard
+
+ # @vscode [Bash IDE](https://marketplace.visualstudio.com/items?itemName=mads-hartmann.bash-ide-vscode) | [GitHub](https://github.com/bash-lsp/bash-language-server) - This extension utilizes the bash language server, that is based on Tree Sitter and its grammar for Bash and supports explainshell integration
+ - name: mads-hartmann.bash-ide-vscode
+ types:
+ - all
+
+ # @vscode [Docker](https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-docker) | [GitHub](https://github.com/microsoft/vscode-docker) - This extension makes it easy to build, manage, and deploy containerized applications from Visual Studio Code
+ - name: ms-azuretools.vscode-docker
+ types:
+ - all
+
+ # @vscode [Kubernetes](https://marketplace.visualstudio.com/items?itemName=ms-kubernetes-tools.vscode-kubernetes-tools) | [GitHub](https://github.com/vscode-kubernetes-tools/vscode-kubernetes-tools) - The extension for developers building applications to run in Kubernetes clusters and for DevOps staff troubleshooting Kubernetes applications
+ - name: ms-kubernetes-tools.vscode-kubernetes-tools
+ types:
+ - ansible
+
+ # @vscode [Remote Containers](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers) | [GitHub](https://github.com/Microsoft/vscode-remote-release) - The Remote - Containers extension enables the use a Docker container as a full-featured development environment
+ - name: ms-vscode-remote.remote-containers
+ types:
+ - all
+
+ # @vscode [Remote SSH](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-ssh) | [GitHub](https://github.com/Microsoft/vscode-remote-release) - The Remote - SSH enables the use of any remote machine with a SSH server as the development environment
+ - name: ms-vscode-remote.remote-ssh
+ types:
+ - all
+
+ # @vscode [Remote WSL](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-wsl) | [GitHub](https://github.com/Microsoft/vscode-remote-release) - The Remote - WSL extension enables the use VS Code on Windows to build Linux applications that run on the Windows Subsystem for Linux(WSL)
+ - name: ms-vscode-remote.remote-wsl
+ types:
+ - all
+
+ # @vscode [Python](https://marketplace.visualstudio.com/items?itemName=ms-python.python) | [GitHub](https://github.com/Microsoft/vscode-python) - A VS Code extension with rich support for the Python language, including features such as IntelliSense (Pylance), linting, debugging, code navigation, code formatting, refactoring, variable explorer, test explorer, and more
+ - name: ms-python.python
+ types:
+ - python
+
+ # @vscode [PowerShell](https://marketplace.visualstudio.com/items?itemName=ms-vscode.PowerShell) | [GitHub](https://github.com/PowerShell/vscode-powershell) - This extension provides rich PowerShell language support for Visual Studio Code
+ - name: ms-vscode.PowerShell
+ types:
+ - all
+
+ # @vscode [Live Share](https://marketplace.visualstudio.com/items?itemName=MS-vsliveshare.vsliveshare) | [GitHub](https://github.com/MicrosoftDocs/live-share) - This extension enables to collaboratively edit and debug with others in real time, regardless what programming languages are used
+ - name: MS-vsliveshare.vsliveshare
+ types:
+ - all
+
+ # @vscode [Live Share Audio](https://marketplace.visualstudio.com/items?itemName=MS-vsliveshare.vsliveshare-audio) | [GitHub](https://github.com/MicrosoftDocs/live-share) - This extension enhances the existing Visual Studio Live Share experience, by enabling to quickly spin up an audio call directly from within Visual Studio Code, without needing to use a separate tool or service
+ - name: MS-vsliveshare.vsliveshare-audio
+ types:
+ - all
+
+ # @vscode [autoDocstring Python Docstring Generator](https://marketplace.visualstudio.com/items?itemName=njpwerner.autodocstring) | [GitHub](https://github.com/NilsJPWerner/autoDocstring) - Aids in writing Python doc strings via templates
+ - name: njpwerner.autodocstring
+ types:
+ - python
+
+ # @vscode [Nx Console](https://marketplace.visualstudio.com/items?itemName=nrwl.angular-console) | [GitHub](https://github.com/nrwl/nx-console) - A UI to accompany the Nx CLI
+ - name: nrwl.angular-console
+ types:
+ - angular
+
+ # @vscode [Taskfile](https://marketplace.visualstudio.com/items?itemName=paulvarache.vscode-taskfile) | [GitHub](https://github.com/paulvarache/vscode-taskfile) - This extension provides Intellisense, Tasks, a Tree View and Hover actions for your Taskfiles
+ # - name: paulvarache.vscode-taskfile
+
+ # @vscode [ngrok](https://marketplace.visualstudio.com/items?itemName=philnash.ngrok-for-vscode) | [GitHub](https://github.com/philnash/ngrok-for-vscode) - A VSCode extension for controlling ngrok from the command palette
+ - name: philnash.ngrok-for-vscode
+ types:
+ - all
+
+ # @vscode [Material Icon Theme](https://marketplace.visualstudio.com/items?itemName=PKief.material-icon-theme) | [GitHub](https://github.com/PKief/vscode-material-icon-theme) - Material design icons
+ - name: PKief.material-icon-theme
+ types:
+ - all
+
+ # @vscode [CSS Peek](https://marketplace.visualstudio.com/items?itemName=pranaygp.vscode-css-peek) | [GitHub](https://github.com/pranaygp/vscode-css-peek) - A VSCode extension for peeking at CSS definitions from a class or id taq in HTML
+ - name: pranaygp.vscode-css-peek
+ types:
+ - angular
+ - npm
+
+ # @vscode [Paste JSON as Code](https://marketplace.visualstudio.com/items?itemName=quicktype.quicktype) | [GitHub](https://github.com/quicktype/quicktype) - An extension that generates types and helper code for reading JSON
+ - name: quicktype.quicktype
+ types:
+ - angular
+ - npm
+
+ # @vscode [TypeScript Hero](https://marketplace.visualstudio.com/items?itemName=rbbit.typescript-hero) | [GitHub](https://github.com/buehler/typescript-hero) - A VSCode extension to organize and sort all the TS imports
+ - name: rbbit.typescript-hero
+ types:
+ - angular
+ - npm
+
+ # @vscode [Ansible](https://marketplace.visualstudio.com/items?itemName=redhat.ansible) | [GitHub](https://github.com/ansible/vscode-ansible) - This extension adds language support for Ansible to Visual Studio Code and OpenVSX compatible editors by leveraging ansible-language-server
+ - name: redhat.ansible
+ types:
+ - ansible
+
+ # @vscode [YAML](https://marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml) | [GitHub](https://github.com/redhat-developer/vscode-yaml) - Provides comprehensive YAML Language support to Visual Studio Code, via the yaml-language-server, with built-in Kubernetes syntax support
+ - name: redhat.vscode-yaml
+ types:
+ - all
+
+ # @vscode [Sort JSON Objects](https://marketplace.visualstudio.com/items?itemName=richie5um2.vscode-sort-json) | [GitHub](https://github.com/richie5um/vscode-sort-json) - Alphabetically sorts the keys in selected JSON objects
+ - name: richie5um2.vscode-sort-json
+ types:
+ - all
+
+ # @vscode [Paste and Indent](https://marketplace.visualstudio.com/items?itemName=Rubymaniac.vscode-paste-and-indent) | [GitHub](https://github.com/rubymaniac/vscode-paste-and-indent) - This extension adds limited support for pasting and indenting code
+ - name: Rubymaniac.vscode-paste-and-indent
+ types:
+ - all
+
+ # @vscode [Comments in Typescript](https://marketplace.visualstudio.com/items?itemName=salbert.comment-ts) | [GitHub](https://github.com/s-albert/comment-ts) - Adds automatic templating of TypeScript-flavored JSDoc comments
+ - name: salbert.comment-ts
+ types:
+ - angular
+ - npm
+
+ # @vscode [Markdown Preview Enhanced](https://marketplace.visualstudio.com/items?itemName=shd101wyy.markdown-preview-enhanced) | [GitHub](https://github.com/shd101wyy/vscode-markdown-preview-enhanced) - An extension that provides with many useful functionalities such as automatic scroll sync, math typesetting, mermaid, PlantUML, pandoc, PDF export, code chunk, presentation writer, etc
+ - name: shd101wyy.markdown-preview-enhanced
+ types:
+ - all
+
+ # @vscode [Code Time](https://marketplace.visualstudio.com/items?itemName=softwaredotcom.swdc-vscode) | [GitHub](https://github.com/swdotcom/swdc-vscode) - A plugin for automatic programming metrics and time tracking Visual Studio Code
+ - name: softwaredotcom.swdc-vscode
+ types:
+ - all
+
+ # @vscode [Auto Import](https://marketplace.visualstudio.com/items?itemName=steoates.autoimport) | [GitHub](https://github.com/soates/Auto-Import) - An extension that automatically finds, parses and provides code actions and code completion for all available imports
+ - name: steoates.autoimport
+ types:
+ - angular
+ - npm
+
+ # @vscode [Stylelint](https://marketplace.visualstudio.com/items?itemName=stylelint.vscode-stylelint) | [GitHub](https://github.com/stylelint/vscode-stylelint) - A mighty, modern CSS linter that helps to enforce consistent conventions and avoid errors in stylesheets
+ - name: stylelint.vscode-stylelint
+ types:
+ - angular
+ - npm
+
+ # @vscode [ShellCheck](https://marketplace.visualstudio.com/items?itemName=timonwong.shellcheck) | [GitHub](https://github.com/vscode-shellcheck/vscode-shellcheck) - Integrates Shellcheck linting (linting for shell scripts)
+ - name: timonwong.shellcheck
+ types:
+ - all
+
+ # @vscode [Firebase](https://marketplace.visualstudio.com/items?itemName=toba.vsfire) | [GitHub](https://github.com/toba/vsfire) - A VSCode extension for syntax highlighting, hover help and code completions with Firestore security rules and index definition files
+ - name: toba.vsfire
+ types:
+ - angular
+
+ # @vscode [Sort Lines](https://marketplace.visualstudio.com/items?itemName=tyriar.sort-lines) | [GitHub](https://github.com/Tyriar/vscode-sort-lines) - An extension that sorts lines of text in Visual Studio Code
+ - name: tyriar.sort-lines
+ types:
+ - all
+
+ # @vscode [Error Lens](https://marketplace.visualstudio.com/items?itemName=usernamehw.errorlens) | [GitHub](https://github.com/usernamehw/vscode-error-lens) - An extension that charges language diagnostic features by making diagnostics stand out more prominently, highlighting the entire line wherever a diagnostic is generated by the language and also prints the message inline
+ - name: usernamehw.errorlens
+ types:
+ - all
+
+ # @vscode [LTeX – LanguageTool Grammar/Spelling](https://marketplace.visualstudio.com/items?itemName=valentjn.vscode-ltex) | [GitHub](https://github.com/valentjn/vscode-ltex) - Adds LanguageTool functionality including grammar and spell-checking
+ - name: valentjn.vscode-ltex
+ types:
+ - all
+
+ # @vscode [IntelliCode](https://marketplace.visualstudio.com/items?itemName=VisualStudioExptTeam.vscodeintellicode) | [GitHub](https://github.com/MicrosoftDocs/intellicode) - The IntelliCode extension for Visual Studio Code provides artificial intelligence-assisted IntelliSense for Python, Java, TypeScript, and JavaScript
+ - name: VisualStudioExptTeam.vscodeintellicode
+ types:
+ - angular
+ - npm
+ - java
+ - python
+
+ # @vscode [Arduino](https://marketplace.visualstudio.com/items?itemName=vsciot-vscode.vscode-arduino) | [GitHub](https://github.com/Microsoft/vscode-arduino) - The Arduino extension makes it easy to develop, build, deploy and debug your Arduino sketches in Visual Studio Code, with a rich set of functionalities
+ - name: vsciot-vscode.vscode-arduino
+
+ # @vscode [CodeTour](https://marketplace.visualstudio.com/items?itemName=vsls-contrib.codetour) | [GitHub](https://github.com/microsoft/codetour) - Allows running, creating, and editting code tours which are a unique way of guiding contributors through the code base of a project
+ - name: vsls-contrib.codetour
+ types:
+ - all
+
+ # @vscode [GistPad](https://marketplace.visualstudio.com/items?itemName=vsls-contrib.gistfs) | [GitHub](https://github.com/lostintangent/gistpad) - A Visual Studio Code extension that allows you to edit GitHub Gists and repositories from the comfort of your favorite editor
+ - name: vsls-contrib.gistfs
+ types:
+ - all
+
+ # @vscode [TODO Highlight](https://marketplace.visualstudio.com/items?itemName=wayou.vscode-todo-highlight) | [GitHub](https://github.com/wayou/vscode-todo-highlight) - An extension that highlights TODO, FIXME, and other annotations within the code
+ - name: wayou.vscode-todo-highlight
+ types:
+ - all
+
+ # @vscode [Import Cost](https://marketplace.visualstudio.com/items?itemName=wix.vscode-import-cost) | [GitHub](https://github.com/wix/import-cost) - This extension will display inline in the editor the size of the imported package
+ - name: wix.vscode-import-cost
+ types:
+ - angular
+ - npm
+
+ # @vscode [Surround](https://marketplace.visualstudio.com/items?itemName=yatki.vscode-surround) | [GitHub](https://github.com/yatki/vscode-surround) - Easily add code that surrounds other code like try/catches
+ - name: yatki.vscode-surround
+ types:
+ - angular
+ - npm
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/qubes/defaults.yml b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/defaults.yml
new file mode 100644
index 00000000..0c1bf918
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/defaults.yml
@@ -0,0 +1,3 @@
+---
+# Do not include dotfiles with sensitive information by default
+include_pii_dotfiles: false
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/qubes/links.yml b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/links.yml
new file mode 100644
index 00000000..837ff82b
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/links.yml
@@ -0,0 +1,27 @@
+---
+mimetype_handlers:
+ - name: WebDVM
+ vm: web-dvm
+ mimes: x-scheme-handler/unknown;x-scheme-handler/about;text/html;text/xml;application/xhtml+xml;application/xml;application/vnd.mozilla.xul+xml;application/rss+xml;application/rdf+xml;image/gif;image/jpeg;image/png;x-scheme-handler/http;x-scheme-handler/https;
+ link: web_dvm.desktop
+ xdg-setting: default-web-browser
+ - name: UtilityDVM
+ vm: util-dvm
+ mimes: text/*;*/xml;application/x-httpd-php3;application/x-httpd-php4;application/x-httpd-php5;application/x-shellscript;application/pgp-encrypted;application/x-mimearchive;message/rfc822;
+ link: utility_dvm.desktop
+ - name: MediaDVM
+ vm: media-dvm
+ mimes: image/*;video/*;application/x-matroska;audio/*;application/ogg;application/x-ogg;application/mxf;application/sdp;application/smil;application/x-smil;application/streamingmedia;application/x-streamingmedia;application/vnd.rn-realmedia;application/vnd.rn-realmedia-vbr;application/vnd.comicbook*;application/epub+zip;application/x-mobipocket-ebook;font/sfnt;application/vnd.ms-opentype;*x-font*;
+ link: media_dvm.desktop
+ - name: OfficeDVM
+ vm: office-dvm
+ mimes: application/pdf;application/x-pdf;application/x-cbz;applilcation/oxps;application/vnd.ms-xpsdocument;*opendocument*;*openxmlformats*;*msword;*ms-excel;*ms-powerpoint;*abiword;*write*
+ link: office_dvm.desktop
+
+ # The following mime types need to be handled:
+ # Since their default program depends on their file extensions as well the
+ # [opener](https://gitlab.com/megabyte-labs/dotfiles/-/blob/master/dotfiles/.local/bin/opener)
+ # program should be used to determine which application to load.
+ # TODO (Multi) application/octet-stream
+ # TODO (Multi) application/vnd.ms-htmlhelp
+ # TODO (Multi) application/*zip*;application/x-?ar;application/x-?z*;application/x-compressed*;application/vnd.rar;application/x-*-image;application/x-msi
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/qubes/roles.yml b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/roles.yml
new file mode 100644
index 00000000..23531200
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/roles.yml
@@ -0,0 +1,211 @@
+---
+# yamllint disable rule:max-lines
+base_template_roles:
+ - roles/system/zsh
+ - roles/system/tmux
+ - roles/system/motd
+ - roles/tools/autojump
+ - roles/tools/bw
+ - roles/tools/delta
+ - roles/tools/fig
+ - roles/tools/fzf
+ - roles/tools/jq
+ - roles/tools/vault
+ - roles/tools/vim
+ - roles/applications/firefox
+ - roles/applications/vscode
+ - roles/languages/volta
+ - roles/tools/glances
+ - roles/system/security
+ - roles/system/homebrew
+ - roles/system/snapd
+
+docker_template_roles:
+ # - roles/system/cloudflared
+ - roles/system/glusterfs
+
+full_docker_template_roles:
+ - roles/virtualization/docker
+ - roles/services/netdata
+ - roles/services/goofys
+
+full_template_roles:
+ - roles/applications/office
+ - roles/services/rclone
+
+qubes_roles:
+ anon-tmpl:
+ - roles/applications/onionshare
+ crypto-tmpl:
+ - roles/crypto/ledgerlive
+ - roles/crypto/monero
+ - roles/tools/cointop
+ dev-tmpl:
+ - roles/tools/aria
+ - roles/tools/beets
+ - roles/tools/exiftool
+ - roles/tools/ffmpeg
+ - roles/applications/bravebrowser
+ - roles/applications/chrome
+ - roles/applications/microsoftedge
+ - roles/system/desktop # Needs testing on Qubes
+ - roles/helpers/installer
+ - roles/languages/nodejs
+ - roles/languages/go
+ - roles/languages/java
+ - roles/languages/sdkman
+ - roles/languages/deno
+ - roles/languages/php
+ - roles/languages/composer
+ - roles/languages/ruby
+ - roles/languages/pip
+ - roles/languages/rust
+ - roles/languages/asdf
+ - roles/languages/cocoapods
+ - roles/virtualization/kvm
+ - roles/virtualization/lxdc
+ - roles/virtualization/gvisor
+ - roles/virtualization/dockerpushrm
+ - roles/virtualization/dockerslim
+ - roles/virtualization/kubernetes
+ - roles/virtualization/vagrant
+ - roles/applications/androidstudio
+ - roles/applications/appium
+ - roles/applications/gitkraken
+ - roles/applications/intellij
+ - roles/applications/lens
+ - roles/applications/postman
+ - roles/applications/rdm
+ - roles/applications/visualstudio
+ - roles/applications/wireshark
+ - roles/applications/xcode
+ - roles/tools/awscli
+ - roles/tools/azurecli
+ - roles/tools/broot
+ - roles/tools/consultemplate
+ - roles/tools/diffsofancy
+ - roles/tools/fpm
+ - roles/tools/gh
+ - roles/tools/ghorg
+ - roles/tools/gist
+ - roles/tools/gitextras
+ - roles/tools/gitfilterrepo
+ - roles/tools/gitfuzzy
+ - roles/tools/gitlfs
+ - roles/tools/gitsecret
+ - roles/tools/gitstats
+ - roles/tools/googlecloudsdk
+ - roles/tools/googler
+ - roles/tools/gradle
+ - roles/tools/himalaya
+ - roles/tools/htop
+ - roles/tools/httpie
+ - roles/tools/jo
+ - roles/tools/juju
+ - roles/tools/lexicon
+ - roles/tools/lsd
+ - roles/tools/mcfly
+ - roles/tools/mitmproxy
+ - roles/tools/multipass
+ - roles/tools/nb
+ - roles/tools/ngrok
+ - roles/tools/nmap
+ - roles/tools/nomad
+ - roles/tools/normit
+ - roles/tools/packer
+ - roles/tools/pandoc
+ - roles/tools/pgcli
+ - roles/tools/poetry
+ - roles/tools/powershell
+ - roles/tools/recoverpy
+ - roles/tools/ripgrep
+ - roles/tools/s5cmd
+ - roles/tools/scrcpy
+ - roles/tools/shc
+ - roles/tools/shdoc
+ - roles/tools/slackterm
+ - roles/tools/sysdig
+ - roles/tools/teleport
+ - roles/tools/tfenv
+ - roles/tools/translate
+ - roles/tools/trec
+ - roles/tools/tree
+ - roles/tools/upx
+ - roles/tools/vim
+ - roles/tools/wails
+ - roles/tools/watchman
+ - roles/tools/waypoint
+ - roles/tools/wget
+ - roles/tools/wkhtmltopdf
+ - roles/tools/wpcli
+ - roles/tools/wrk
+ - roles/tools/yank
+ - roles/tools/yarn
+ - roles/tools/zoxide
+ - roles/misc/easyengine
+ - roles/system/mackup
+ gpg-tmpl: []
+ kubernetes-tmpl:
+ - roles/virtualization/kubernetes
+ media-tmpl:
+ - roles/applications/gimp
+ - roles/applications/inkscape
+ - roles/applications/kodi
+ - roles/applications/lollypop
+ - roles/applications/plex
+ - roles/applications/qbittorrent
+ - roles/applications/shotcut
+ - roles/applications/shotwell
+ - roles/applications/vlc
+ - roles/tools/aria
+ - roles/tools/beets
+ - roles/tools/exiftool
+ - roles/tools/ffmpeg
+ office-tmpl:
+ - roles/applications/keybase
+ - roles/applications/mailspring
+ - roles/applications/office
+ - roles/applications/proton
+ - roles/applications/skype
+ - roles/applications/teams
+ - roles/applications/zoom
+ personal-tmpl: []
+ pfsense:
+ - roles/misc/pfsense
+ provision-tmpl:
+ - roles/applications/etcher
+ - roles/applications/raspberryimager
+ - roles/services/maas
+ remote-template:
+ - roles/system/cloudflared
+ - roles/applications/filezilla
+ - roles/applications/remotedesktop
+ - roles/applications/teamviewer
+ - roles/applications/termius
+ seconion:
+ - roles/misc/seconion
+ swarm-tmpl:
+ - roles/services/restic
+ - roles/virtualization/swarm
+ - roles/tools/autorestic
+ sys-net-dvm:
+ - roles/system/vpn
+ util-tmpl: []
+ vault-tmpl:
+ - roles/tools/onlykey
+ - roles/tools/yubikey
+ vpn-pritunl-tmpl: [] # TODO
+ vpn-proton-tmpl:
+ - roles/applications/proton
+ vpn-random-tmpl:
+ - roles/system/vpn
+ vpn-tailscale-tmpl: [] # TODO
+ vpn-warp-tmpl:
+ - roles/system/warp
+ vpn-tmpl: []
+ web-tmpl:
+ - roles/applications/bravebrowser
+ - roles/applications/chrome
+ - roles/applications/firefox
+ - roles/applications/microsoftedge
+ work-tmpl: []
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/qubes/software.yml b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/software.yml
new file mode 100644
index 00000000..09102fd3
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/software.yml
@@ -0,0 +1,39 @@
+---
+qubes_software:
+ debian-11-base:
+ - bat
+ - delta
+ - direnv
+ - etcd
+ - fd
+ - ffsend
+ - fm
+ - gping
+ - jq
+ - task
+ - yq
+ dev-tmpl: '{{ software }}'
+ fedora-36-base:
+ - bat
+ - delta
+ - direnv
+ - etcd
+ - fd
+ - ffsend
+ - fm
+ - gping
+ - jq
+ - task
+ - yq
+ kubernetes-tmpl:
+ - kdash
+ - kn
+ - kubenav
+ - linkerd2
+ media-tmpl:
+ - webtorrent
+ personal-tmpl:
+ - bitwarden
+ - raindrop
+ services-tmpl:
+ - g-assist
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/qubes/users.yml b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/users.yml
new file mode 100644
index 00000000..a6e75348
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/users.yml
@@ -0,0 +1,72 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: user
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Digital Ocean
+ provider: digitalocean
+ config: |
+ type = s3
+ env_auth = false
+ access_key_id = {{ digitalocean_access_key_id }}
+ secret_access_key = {{ digitalocean_secret_access_key }}
+ endpoint = nyc3.digitaloceanspaces.com
+ acl = private
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys: '{{ default_ssh_authorized_keys | default([]) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_name | default(omit) }}'
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_root_user | default(restic_password_ansible_user) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ system: true
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/qubes/vault.yml b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/vault.yml
new file mode 100644
index 00000000..7754d6d2
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/qubes/vault.yml
@@ -0,0 +1,5 @@
+---
+admin_password: Betelgeuse888#!
+admin_username: user
+# restic_password_ansible_user:
+# restic_password_root_user:
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/windows/vars.yml b/home/dot_local/share/ansible/environments/qa/group_vars/windows/vars.yml
new file mode 100644
index 00000000..f090c443
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/windows/vars.yml
@@ -0,0 +1,2 @@
+---
+ansible_become_method: runas
diff --git a/home/dot_local/share/ansible/environments/qa/group_vars/wsl/vars.yml b/home/dot_local/share/ansible/environments/qa/group_vars/wsl/vars.yml
new file mode 100644
index 00000000..ccfd0f9c
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/group_vars/wsl/vars.yml
@@ -0,0 +1,3 @@
+---
+# Ensure fail2ban is not enabled on WSL environments
+install_fail2ban: false
diff --git a/home/dot_local/share/ansible/environments/qa/host_vars/standard/users.yml b/home/dot_local/share/ansible/environments/qa/host_vars/standard/users.yml
new file mode 100644
index 00000000..e90f8be5
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/host_vars/standard/users.yml
@@ -0,0 +1,72 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Digital Ocean
+ provider: digitalocean
+ config: |
+ type = s3
+ env_auth = false
+ access_key_id = {{ digitalocean_access_key_id }}
+ secret_access_key = {{ digitalocean_secret_access_key }}
+ endpoint = nyc3.digitaloceanspaces.com
+ acl = private
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys: '{{ default_ssh_authorized_keys | default([]) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_name | default(omit) }}'
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_root_user | default(restic_password_ansible_user) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ system: true
diff --git a/home/dot_local/share/ansible/environments/qa/host_vars/standard/vars.yml b/home/dot_local/share/ansible/environments/qa/host_vars/standard/vars.yml
new file mode 100644
index 00000000..85ef1ea1
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/host_vars/standard/vars.yml
@@ -0,0 +1,25 @@
+---
+# TODO: Figure out how to apply these configs on Windows
+disk_configs:
+ - label: Auxilary
+ path: /dev/nvme0n1
+ fstab: LABEL=Auxilary /mnt/auxilary auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Auxilary 0 0
+ - label: Media
+ path: /dev/sda
+ fstab: LABEL=Media /mnt/media auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Media 0 0
+ - label: Backup
+ path: /dev/sdb
+ fstab: LABEL=Backup /mnt/backup auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Backup 0 0
+
+samba_allowed_hosts: 127.0.0.1 10.14.141. 10.14.14. 10.0.0.
+samba_netbios_name: WORKSTATION
+samba_printers: []
+samba_shares: []
+samba_workgroup: BYTEZ
+# vpn_routes:
+# - mask: 255.255.255.0
+# next_hop: 10.14.14.1
+# prefix: 10.14.24.0/24
+# - mask: 255.255.255.0
+# next_hop: 10.14.14.1
+# prefix: 10.14.14.0/24
diff --git a/home/dot_local/share/ansible/environments/qa/host_vars/workstation/users.yml b/home/dot_local/share/ansible/environments/qa/host_vars/workstation/users.yml
new file mode 100644
index 00000000..e90f8be5
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/host_vars/workstation/users.yml
@@ -0,0 +1,72 @@
+---
+# yamllint disable rule:line-length
+user_configs:
+ - username: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+ dconf_settings: '{{ default_dconf_settings | default([]) }}'
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_email | default(omit) }}'
+ gnome_extensions: '{{ default_gnome_extensions | default([]) }}'
+ groups: # This link may be useful for determining which groups to add a user to https://wiki.debian.org/SystemGroups
+ - lpadmin # Allows members to manage printers and pending jobs sent by other users
+ netrc_hosts:
+ - machine: surge.surge.sh
+ username: '{{ surgesh_username }}'
+ password: '{{ surgesh_password }}'
+ ngrok_token: '{{ ngrok_token }}'
+ npm_author_email: '{{ npm_author_email }}'
+ npm_author_name: '{{ npm_author_name }}'
+ npm_author_url: https://megabyte.space
+ pips:
+ - pipx
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_ansible_user }}'
+ rclone:
+ - name: Digital Ocean
+ provider: digitalocean
+ config: |
+ type = s3
+ env_auth = false
+ access_key_id = {{ digitalocean_access_key_id }}
+ secret_access_key = {{ digitalocean_secret_access_key }}
+ endpoint = nyc3.digitaloceanspaces.com
+ acl = private
+ - name: Google
+ provider: google
+ config: |
+ type = drive
+ client_id = {{ google_drive_client_id }}
+ client_secret = {{ google_drive_client_secret }}
+ scope = drive
+ token = {"access_token":"{{ google_drive_access_token }}","token_type":"Bearer","refresh_token":"{{ google_drive_refresh_token }}","expiry":"2020-08-12T00:45:51.652771516-04:00"}
+ root_folder_id = {{ google_drive_root_folder_id }}
+ - name: OneDrive
+ provider: onedrive
+ config: |
+ type = onedrive
+ token = {"access_token":"{{ onedrive_access_token }}","token_type":"Bearer","refresh_token":"{{ onedrive_refresh_token }}","expiry":"2020-08-12T00:47:01.9828663-04:00"}
+ drive_id = {{ onedrive_drive_id }}
+ drive_type = personal
+ samba_user: true
+ ssh_authorized_keys: '{{ default_ssh_authorized_keys | default([]) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ symlinks: []
+ tinypng_api_key: '{{ tinypng_api_key }}'
+ vagrant_cloud_token: '{{ vagrant_cloud_token }}'
+ vscode_extensions: '{{ vscode_extensions }}'
+ - username: root
+ git_user_email: '{{ git_user_email | default(omit) }}'
+ git_user_name: '{{ git_user_name | default(omit) }}'
+ primary_s3_access_key_id: '{{ digitalocean_access_key_id }}'
+ primary_s3_secret_access_key: '{{ digitalocean_secret_access_key }}'
+ primary_s3_bucket: '{{ digitalocean_bucket }}'
+ secondary_s3_access_key_id: '{{ wasabi_access_key_id }}'
+ secondary_s3_secret_access_key: '{{ wasabi_secret_access_key }}'
+ secondary_s3_bucket: '{{ wasabi_bucket }}'
+ restic_password: '{{ restic_password_root_user | default(restic_password_ansible_user) }}'
+ ssh_private_keys: '{{ default_ssh_private_keys | default([]) }}'
+ system: true
diff --git a/home/dot_local/share/ansible/environments/qa/host_vars/workstation/vars.yml b/home/dot_local/share/ansible/environments/qa/host_vars/workstation/vars.yml
new file mode 100644
index 00000000..2ce494ef
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/host_vars/workstation/vars.yml
@@ -0,0 +1,25 @@
+---
+# TODO: Figure out how to apply these configs on Windows
+disk_configs:
+ - label: Auxilary
+ path: /dev/nvme0n1
+ fstab: LABEL=Auxilary /mnt/auxilary auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Auxilary 0 0
+ - label: Media
+ path: /dev/sda
+ fstab: LABEL=Media /mnt/media auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Media 0 0
+ - label: Backup
+ path: /dev/sdb
+ fstab: LABEL=Backup /mnt/backup auto nosuid,nodev,nofail,x-gvfs-show,x-gvfs-name=Backup 0 0
+
+samba_allowed_hosts: 127.0.0.1 10.14.141. 10.14.14. 10.0.0.
+samba_netbios_name: WORKSTATION
+samba_printers: []
+samba_shares: []
+samba_workgroup: MEGAGROUP
+# vpn_routes:
+# - mask: 255.255.255.0
+# next_hop: 10.14.14.1
+# prefix: 10.14.24.0/24
+# - mask: 255.255.255.0
+# next_hop: 10.14.14.1
+# prefix: 10.14.14.0/24
diff --git a/home/dot_local/share/ansible/environments/qa/host_vars/workstation/vault.schema.json b/home/dot_local/share/ansible/environments/qa/host_vars/workstation/vault.schema.json
new file mode 100644
index 00000000..42642e00
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/host_vars/workstation/vault.schema.json
@@ -0,0 +1,26 @@
+{
+ "$ref": "#/definitions/VaultSchema",
+ "$schema": "http://json-schema.org/draft-06/schema#",
+ "definitions": {
+ "VaultSchema": {
+ "additionalProperties": false,
+ "properties": {
+ "admin_password": {
+ "type": "string"
+ },
+ "admin_username": {
+ "type": "string"
+ },
+ "restic_password_ansible_user": {
+ "type": "string"
+ },
+ "restic_password_root_user": {
+ "type": "string"
+ }
+ },
+ "required": ["admin_password", "admin_username", "restic_password_ansible_user", "restic_password_root_user"],
+ "title": "VaultSchema",
+ "type": "object"
+ }
+ }
+}
diff --git a/home/dot_local/share/ansible/environments/qa/host_vars/workstation/vault.yml b/home/dot_local/share/ansible/environments/qa/host_vars/workstation/vault.yml
new file mode 100644
index 00000000..afead5f9
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/host_vars/workstation/vault.yml
@@ -0,0 +1,5 @@
+---
+admin_password: AnsibleTest999
+admin_username: Brian
+# restic_password_ansible_user:
+# restic_password_root_user:
diff --git a/home/dot_local/share/ansible/environments/qa/inventories/quickstart.yml b/home/dot_local/share/ansible/environments/qa/inventories/quickstart.yml
new file mode 100644
index 00000000..0ca1be08
--- /dev/null
+++ b/home/dot_local/share/ansible/environments/qa/inventories/quickstart.yml
@@ -0,0 +1,580 @@
+---
+# Three hosts are defined but the quickstart script filters using an environment variable
+# so only one host is provisioned at a time by quickstart.
+all:
+ vars:
+ ansible_winrm_transport: credssp
+ ansible_winrm_server_cert_validation: ignore
+ children:
+ desktop:
+ children:
+ nix:
+ hosts:
+ standard:
+ ansible_connection: local
+ vars:
+ ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') }}"
+ qubes:
+ vars:
+ ansible_connection: qubes
+ ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') | default('') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') | default('user') }}"
+ ansible_python_interpreter: /usr/bin/python3
+ qubes:
+ dom0_vm: dom0
+ hosts:
+ dom0:
+ blank:
+ qubes:
+ vm_type: TemplateVM
+ children:
+ qubes-vms:
+ vars:
+ install_grub_theme: false
+ install_plymouth_theme: false
+ memory: 512
+ maxmem: 4096
+ vcpus: 2
+ children:
+ system-vms:
+ template-vms:
+ net-vms:
+ proxy-vms:
+ app-vms:
+ standalone-vms:
+ windows:
+ hosts:
+ standard:
+ ansible_connection: winrm
+ vars:
+ ansible_password: "{{ lookup('env', 'ANSIBLE_PASSWORD') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') }}"
+
+app-vms:
+ vars:
+ qubes:
+ maxmem: 2048
+ memory: 512
+ _netvm: sys-firewall
+ vm_type: AppVM
+ children:
+ app-dvms:
+ vars:
+ qubes:
+ label: gray
+ template_for_dispvms: true
+ hosts:
+ anon-dvm:
+ qubes:
+ template: anon-tmpl
+ template_vm: anon-tmpl
+ dev-dvm:
+ qubes:
+ template: dev-tmpl
+ template_vm: dev-tmpl
+ media-dvm:
+ qubes:
+ template: media-tmpl
+ template_vm: media-tmpl
+ office-dvm:
+ qubes:
+ template: office-tmpl
+ template_vm: office-tmpl
+ services-dvm:
+ qubes:
+ template: services-tmpl
+ template_vm: services-tmpl
+ util-dvm:
+ qubes:
+ template: util-tmpl
+ template_vm: util-tmpl
+ web-dvm:
+ qubes:
+ template: web-tmpl
+ template_vm: web-tmpl
+ primary-dvm-templates:
+ vars:
+ qubes:
+ label: gray
+ template_for_dispvms: true
+ hosts:
+ debian-11-dvm:
+ qubes:
+ template: debian-11
+ template_vm: debian-11
+ debian-11-base-dvm:
+ qubes:
+ template: debian-11-base
+ template_vm: debian-11-base
+ fedora-36-dvm:
+ qubes:
+ template: fedora-36
+ template_vm: fedora-36
+ fedora-36-base-dvm:
+ qubes:
+ template: fedora-36-base
+ template_vm: fedora-36-base
+ net-dvm:
+ randomize_mac_address: true
+ qubes:
+ template: net-tmpl
+ template_vm: net-tmpl
+ standard-vms:
+ hosts:
+ crypto:
+ qubes:
+ _netvm: sys-vpn-proton
+ template: crypto-tmpl
+ template_vm: crypto-tmpl
+ dev:
+ persistent_docker_volumes: true
+ qubes:
+ maxmem: 8192
+ _netvm: sys-vpn-proton
+ template: dev-tmpl
+ template_vm: dev-tmpl
+ vcpus: 4
+ gpg:
+ qubes:
+ label: green
+ template: gpg-tmpl
+ template_vm: gpg-tmpl
+ kubernetes:
+ persistent_docker_volumes: true
+ qubes:
+ autostart: true
+ maxmem: 8192
+ _netvm: sys-vpn-pritunl
+ template: kubernetes-tmpl
+ template_vm: kubernetes-tmpl
+ vcpus: 4
+ vm_type: NetVM
+ volume:
+ private: 10
+ personal:
+ persistent_docker_volumes: true
+ qubes:
+ maxmem: 8192
+ _netvm: sys-vpn-proton
+ template: personal-tmpl
+ template_vm: personal-tmpl
+ vcpus: 4
+ # pritunl-server:
+ # qubes:
+ # # _netvm: opnsense
+ # _netvm: sys-firewall
+ # template_vm: pritunl-server-tmpl
+ # provision:
+ # qubes:
+ # _netvm: sys-vpn-pritunl
+ # template_vm: provision-tmpl
+ remote:
+ qubes:
+ _netvm: sys-vpn-pritunl
+ template: remote-tmpl
+ template_vm: remote-tmpl
+ swarm:
+ persistent_docker_volumes: true
+ qubes:
+ autostart: true
+ maxmem: 8192
+ _netvm: sys-vpn-pritunl
+ template: swarm-tmpl
+ template_vm: swarm-tmpl
+ vcpus: 4
+ volume:
+ private: 10
+ vault:
+ qubes:
+ label: green
+ template: vault-tmpl
+ template_vm: vault-tmpl
+ work:
+ persistent_docker_volumes: true
+ qubes:
+ maxmem: 8192
+ _netvm: sys-vpn-pritunl
+ template: work-tmpl
+ template_vm: work-tmpl
+ vcpus: 4
+ vars:
+ qubes:
+ label: purple
+ template_vm: fedora-36-base
+
+specialty-vms:
+ vars:
+ qubes:
+ vm_type: AppVM
+ hosts:
+ api:
+ qubes:
+ label: orange
+ template: provision-tmpl
+ template_vm: provision-tmpl
+ maas:
+ qubes:
+ label: orange
+ # _netvm: opnsense
+ template: provision-tmpl
+ template_vm: provision-tmpl
+ mirror:
+ qubes:
+ label: orange
+ template: docker-tmpl
+ template_vm: docker-tmpl
+ pfsense:
+ pritunl:
+ qubesos-build:
+ qubes:
+ template: fedora-32
+ template_vm: fedora-32
+ seconion:
+
+net-vms:
+ hosts:
+ # opnsense:
+ # ansible_password: "{{ lookup('env', 'OPNSENSE_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'OPNSENSE_USER') }}"
+ # qubes:
+ # _netvm: none
+ # pcidevs: '{{ sys_net_pcidevs | default([]) }}'
+ # provides_network: true
+ # template: opnsense-tmpl
+ # template_vm: opnsense-tmpl
+ # volume:
+ # root: 40g
+ # TODO - Add Security Onion to stack.
+ # Note - Ideally it should be run on another offline computer passively tapped into the Ethernet but in the spirit of mashing everything into one computer.. leaving this as a note for now -- PRs weldome
+ # seconion:
+ # ansible_password: "{{ lookup('env', 'SECONION_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'SECONION_USER') }}"
+ # qubes:
+ # template: seconion-tmpl
+ # template_vm: seconion-tmpl
+ # volume:
+ # root: 400g
+ vars:
+ ansible_connection: ssh
+ qubes:
+ autostart: true
+ label: orange
+ memory: 4096
+ maxmem: 8192
+ virt_mode: hvm
+ vm_type: NetVM
+
+proxy-vms:
+ children:
+ vpn-dvms:
+ hosts:
+ vpn-pritunl-dvm:
+ qubes:
+ template: vpn-pritunl-tmpl
+ template_vm: vpn-pritunl-tmpl
+ vpn-proton-dvm:
+ qubes:
+ template: vpn-proton-tmpl
+ template_vm: vpn-proton-tmpl
+ vpn-nm-dvm:
+ qubes:
+ template: vpn-nm-tmpl
+ template_vm: vpn-nm-tmpl
+ vpn-tailscale-dvm:
+ qubes:
+ template: vpn-tailscale-tmpl
+ template_vm: vpn-tailscale-tmpl
+ vpn-warp-dvm:
+ qubes:
+ template: vpn-warp-tmpl
+ template_vm: vpn-warp-tmpl
+ vars:
+ qubes:
+ label: gray
+ memory: 256
+ maxmem: 1024
+ _netvm: sys-firewall
+ provides_network: true
+ template_for_dispvms: true
+ vm_type: AppVM
+
+template-vms:
+ vars:
+ qubes:
+ label: black
+ _netvm: None
+ vm_type: TemplateVM
+ children:
+ primary-templates:
+ children:
+ primary-templates-base:
+ hosts:
+ debian-11-base:
+ qubes:
+ source: debian-11
+ fedora-36-base:
+ qubes:
+ source: fedora-36
+ vars:
+ volume:
+ root: 20
+ private: 5
+ primary-templates-docker:
+ hosts:
+ debian-11-docker:
+ qubes:
+ source: debian-11-base
+ fedora-36-docker:
+ qubes:
+ source: fedora-36-base
+ primary-templates-full:
+ hosts:
+ debian-11-full:
+ qubes:
+ source: debian-11-base
+ fedora-36-full:
+ qubes:
+ source: fedora-36-base
+ vars:
+ volume:
+ root: 24
+ private: 8
+ primary-templates-stock:
+ hosts:
+ archlinux:
+ debian-11:
+ debian-12:
+ fedora-32:
+ fedora-36:
+ fedora-36-xfce:
+ jammy:
+ vars:
+ apply_theme: true
+ common_software_packages:
+ - snapd
+ - qubes-snapd-helper
+ primary-templates-minimal:
+ hosts:
+ debian-11-minimal:
+ fedora-36-minimal:
+ whonix-gw-16:
+ install_updates: false
+ whonix-ws-16:
+ install_updates: false
+ vars:
+ apply_theme: true
+ vars:
+ qubes:
+ label: red
+ standard-templates:
+ hosts:
+ anon-tmpl:
+ crypto-tmpl:
+ qubes:
+ source: fedora-36-docker
+ dev-tmpl:
+ qubes:
+ source: fedora-36-full
+ # full_terminal_profile: true
+ # include_pii_dotfiles: true
+ docker-tmpl:
+ qubes:
+ source: fedora-36-docker
+ gpg-tmpl:
+ qubes:
+ source: fedora-36
+ net-tmpl:
+ qubes:
+ source: fedora-36
+ kubernetes-tmpl:
+ qubes:
+ source: fedora-36-docker
+ media-tmpl:
+ personal-tmpl:
+ qubes:
+ source: fedora-36-full
+ # pritunl-server-tmpl:
+ # qubes:
+ # source: debian-10
+ office-tmpl:
+ provision-tmpl:
+ qubes:
+ source: fedora-36-docker
+ remote-tmpl:
+ services-tmpl:
+ swarm-tmpl:
+ qubes:
+ source: fedora-36-docker
+ util-tmpl:
+ vpn-tmpl:
+ qubes:
+ source: debian-11-base
+ vault-tmpl:
+ qubes:
+ source: fedora-36
+ web-tmpl:
+ work-tmpl:
+ qubes:
+ source: fedora-36-full
+ vars:
+ qubes:
+ source: fedora-36-base
+ vpn-templates:
+ hosts:
+ vpn-pritunl-tmpl:
+ vpn-proton-tmpl:
+ vpn-nm-tmpl:
+ vpn-tailscale-tmpl:
+ vpn-warp-tmpl:
+ vars:
+ qubes:
+ source: vpn-tmpl
+ # desktop-hvm-templates:
+ # hosts:
+ # # TODO Add version numbers in these template names
+ # archlinux-desktop-tmpl:
+ # centos-desktop-tmpl:
+ # debian-desktop-tmpl:
+ # debian-server-tmpl:
+ # fedora-desktop-tmpl:
+ # macos-desktop-tmpl:
+ # ubuntu-desktop-tmpl:
+ # windows-desktop-tmpl:
+ # ansible_connection: winrm
+ # vars:
+ # # SSH connection is unnecessary since templates are loaded from vagrantup.com or via the qubes-packer.yml playbook
+ # # ansible_connection: ssh
+ # # ansible_password: "{{ lookup('env', 'VAGRANT_PASSWORD') }}"
+ # # ansible_user: "{{ lookup('env', 'VAGRANT_USER') }}"
+ # qubes:
+ # kernel: ''
+ # source: blank
+ # virt_mode: hvm
+ # volume:
+ # root: 40g
+ misc-hvm-templates:
+ hosts:
+ # opnsense-tmpl:
+ # ansible_password: "{{ lookup('env', 'OPNSENSE_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'OPNSENSE_USER') }}"
+ # qubes:
+ # _netvm: None
+ # provides_network: true
+ # pcidevs: '{{ sys_net_pcidevs | default([]) }}'
+ # source: opnsense-22.7
+ # volume:
+ # root: 40g
+ # seconion-tmpl:
+ # ansible_password: "{{ lookup('env', 'SECONION_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'SECONION_USER') }}"
+ # volume:
+ # root: 10g
+ vars:
+ ansible_connection: ssh
+ qubes:
+ kernel: ''
+ virt_mode: hvm
+
+standalone-vms:
+ vars:
+ qubes:
+ label: blue
+ memory: 2048
+ maxmem: 8192
+ kernel: ''
+ vcpus: 4
+ virt_mode: hvm
+ vm_type: StandaloneVM
+ children:
+ # desktop-standalone-vms:
+ # hosts:
+ # # By default, only initialize standalones for the fully loaded environments
+ # # If you just want a default ubuntu HVM, for instance, then qvm-clone from the
+ # # `ubuntu-desktop-base-tmpl` TemplateVM
+ # archlinux-desktop:
+ # qubes:
+ # source: archlinux-desktop-tmpl
+ # centos-desktop:
+ # qubes:
+ # source: centos-desktop-tmpl
+ # debian-desktop:
+ # qubes:
+ # source: debian-desktop-tmpl
+ # debian-server:
+ # qubes:
+ # source: debian-server-tmpl
+ # fedora-desktop:
+ # qubes:
+ # source: fedora-desktop-tmpl
+ # macos-desktop:
+ # qubes:
+ # source: macos-desktop-tmpl
+ # ubuntu-desktop:
+ # qubes:
+ # source: ubuntu-desktop-tmpl
+ # windows-desktop:
+ # ansible_connection: winrm
+ # qubes:
+ # source: windows-desktop-tmpl
+ # vars:
+ # ansible_connection: ssh
+ # ansible_password: "{{ lookup('env', 'VAGRANT_PASSWORD') }}"
+ # ansible_user: "{{ lookup('env', 'VAGRANT_USER') }}"
+ # qubes:
+ # _netvm: sys-vpn-proton
+ # volume:
+ # root: 50g
+ unikernel-vms:
+ hosts:
+ mirage-firewall:
+ mirage_compile_from_source: false
+ qubes:
+ kernel: mirage-firewall
+ kernelopts: ''
+ memory: 64
+ maxmem: 64
+ provides_network: true
+ source: blank
+ vcpus: 1
+ virt_mode: pvh
+ label: green
+ vm_type: StandaloneVM
+ # TODO qvm-features mirage-firewall qubes-firewall 1
+ # TODO qvm-features mirage-firewall no-default-kernelopts 1
+
+system-vms:
+ hosts:
+ anon-whonix:
+ qubes:
+ _netvm: sys-whonix
+ template_vm: whonix-ws-16
+ debian-11:
+ qubes:
+ vm_type: TemplateVM
+ debian-11-dvm:
+ qubes:
+ _netvm: sys-firewall
+ template_for_dispvms: true
+ sys-firewall:
+ # Next three are where the SwitchHosts program gets installed along with hostctl and default profiles
+ hostsfile_default_loopback: true
+ install_hostctl: true
+ install_switchhosts: true
+ qubes:
+ _netvm: sys-net
+ vm_type: ProxyVM
+ sys-net:
+ sys-usb:
+ sys-whonix:
+ qubes:
+ _netvm: sys-firewall
+ template_vm: whonix-gw-16
+ whonix-ws-16-dvm:
+ qubes:
+ _netvm: sys-firewall
+ template_vm: whonix-ws-16
+ vars:
+ qubes:
+ label: red
+ vm_type: AppVM
diff --git a/home/dot_local/share/ansible/environments/qa/templates/.gitkeep b/home/dot_local/share/ansible/environments/qa/templates/.gitkeep
new file mode 100644
index 00000000..e69de29b
diff --git a/home/dot_local/share/ansible/molecule/.results/.gitkeep b/home/dot_local/share/ansible/molecule/.results/.gitkeep
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/home/dot_local/share/ansible/molecule/.results/.gitkeep
@@ -0,0 +1 @@
+
diff --git a/home/dot_local/share/ansible/molecule/.results/logs/.gitkeep b/home/dot_local/share/ansible/molecule/.results/logs/.gitkeep
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/home/dot_local/share/ansible/molecule/.results/logs/.gitkeep
@@ -0,0 +1 @@
+
diff --git a/home/dot_local/share/ansible/molecule/converge.yml b/home/dot_local/share/ansible/molecule/converge.yml
new file mode 100644
index 00000000..e6aa5e48
--- /dev/null
+++ b/home/dot_local/share/ansible/molecule/converge.yml
@@ -0,0 +1,3 @@
+---
+- name: Converge
+ import_playbook: ../main.yml
diff --git a/home/dot_local/share/ansible/molecule/default/molecule.yml b/home/dot_local/share/ansible/molecule/default/molecule.yml
new file mode 100644
index 00000000..8051aa53
--- /dev/null
+++ b/home/dot_local/share/ansible/molecule/default/molecule.yml
@@ -0,0 +1,207 @@
+---
+description: Test on (mostly) headless VirtualBox instances
+driver:
+ name: vagrant
+ provider:
+ name: virtualbox
+groups:
+ ArchLinux: Test on ArchLinux
+ CentOS: Test on all CentOS images
+ CentOS-7: Test on CentOS 7
+ CentOS-8: Test on CentOS 8
+ CentOS-Stream-8: Test on CentOS Stream 8
+ Debian: Test on all Debian images
+ Debian-10: Test on Debian 10
+ Debian-11: Test on Debian 11
+ Debian-9: Test on Debian 9
+ Debian-Flavor: Test on all Debian-flavored images
+ Fedora: Test on all Fedora images
+ Fedora-33: Test on Fedora 33
+ Fedora-34: Test on Fedora 34
+ Fedora-35: Test on Fedora 35
+ Linux: Test on all linux platforms
+ RedHat-Flavor: Test on all RedHat-flavored images
+ Ubuntu: Test on all Ubuntu images
+ Ubuntu-18.04: Test on Ubuntu 18.04
+ Ubuntu-20.04: Test on Ubuntu 20.04
+ Ubuntu-21.04: Test on Ubuntu 21.04
+ Ubuntu-21.10: Test on Ubuntu 21.10
+ Windows: Test on Windows 10 desktop
+platforms:
+ - box: archlinux/archlinux
+ cpus: 1
+ groups:
+ - ArchLinux
+ - Linux
+ memory: 512
+ name: ArchLinux-Latest
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: bento/centos-7
+ cpus: 1
+ groups:
+ - CentOS
+ - CentOS-7
+ - Linux
+ - RedHat-Flavor
+ memory: 512
+ name: CentOS-7
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: bento/centos-8
+ cpus: 1
+ groups:
+ - CentOS
+ - CentOS-8
+ - Linux
+ - RedHat-Flavor
+ memory: 512
+ name: CentOS-8
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: bento/centos-stream-8
+ cpus: 1
+ groups:
+ - CentOS
+ - CentOS-Stream-8
+ - Linux
+ - RedHat-Flavor
+ memory: 512
+ name: CentOS-Stream-8
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: bento/debian-9
+ cpus: 1
+ groups:
+ - Debian
+ - Debian-9
+ - Debian-Flavor
+ - Linux
+ memory: 512
+ name: Debian-9-Stretch
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: bento/debian-10
+ cpus: 1
+ groups:
+ - Debian
+ - Debian-10
+ - Debian-Flavor
+ - Linux
+ memory: 512
+ name: Debian-10-Buster
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: bento/debian-11.1
+ cpus: 1
+ groups:
+ - Debian
+ - Debian-11
+ - Debian-Flavor
+ - Linux
+ memory: 512
+ name: Debian-11-Bullseye
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: alvistack/fedora-33
+ cpus: 1
+ groups:
+ - Fedora
+ - Fedora-33
+ - Linux
+ - RedHat-Flavor
+ memory: 512
+ name: Fedora-33
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: alvistack/fedora-34
+ cpus: 1
+ groups:
+ - Fedora
+ - Fedora-34
+ - Linux
+ - RedHat-Flavor
+ memory: 512
+ name: Fedora-34
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: alvistack/fedora-35
+ cpus: 1
+ groups:
+ - Fedora
+ - Fedora-35
+ - Linux
+ - RedHat-Flavor
+ memory: 512
+ name: Fedora-35
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: bento/ubuntu-18.04
+ cpus: 1
+ groups:
+ - Debian-Flavor
+ - Linux
+ - Ubuntu
+ - Ubuntu-18.04
+ memory: 512
+ name: Ubuntu-18.04-Bionic-Beaver
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: bento/ubuntu-20.04
+ cpus: 1
+ groups:
+ - Debian-Flavor
+ - Linux
+ - Ubuntu
+ - Ubuntu-20.04
+ memory: 512
+ name: Ubuntu-20.04-Focal-Fossa
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: bento/ubuntu-21.04
+ cpus: 1
+ groups:
+ - Debian-Flavor
+ - Linux
+ - Ubuntu
+ - Ubuntu-21.04
+ memory: 512
+ name: Ubuntu-21.04-Hirsute-Hippo
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: alvistack/ubuntu-21.10
+ cpus: 1
+ groups:
+ - Debian-Flavor
+ - Linux
+ - Ubuntu
+ - Ubuntu-21.10
+ memory: 512
+ name: Ubuntu-21.10-Impish-Indri
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: Megabyte/Windows-Desktop
+ cpus: 2
+ groups:
+ - Windows
+ memory: 4096
+ name: Windows-10
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - "customize [ 'modifyvm', :id, '--natpf1', 'winrm,tcp,127.0.0.1,55985,,5985' ]"
+provisioner:
+ inventory:
+ group_vars:
+ Windows:
+ ansible_become_method: runas
+ ansible_connection: winrm
+ ansible_winrm_scheme: http
+ ansible_winrm_transport: basic
+ all:
+ ansible_become_password: ${TEST_USER:-vagrant}
+ ansible_password: ${TEST_PASSWORD:-vagrant}
+ ansible_user: ${TEST_USER:-vagrant}
+ host_vars:
+ Windows-10:
+ ansible_host: 127.0.0.1
+ ansible_port: 55985
diff --git a/home/dot_local/share/ansible/molecule/desktop/molecule.yml b/home/dot_local/share/ansible/molecule/desktop/molecule.yml
new file mode 100644
index 00000000..9779edef
--- /dev/null
+++ b/home/dot_local/share/ansible/molecule/desktop/molecule.yml
@@ -0,0 +1,97 @@
+---
+description: Test on full desktop VirtualBox images (useful for UAT)
+driver:
+ name: vagrant
+ provider:
+ name: virtualbox
+groups:
+ ArchLinux: Test on ArchLinux desktop
+ CentOS: Test on CentOS Stream desktop
+ Debian: Test on Debian desktop
+ Fedora: Test on Fedora desktop
+ Ubuntu: Test on Ubuntu desktop
+ Windows: Test on Windows desktop
+platforms:
+ - box: Megabyte/ArchLinux-Desktop
+ cpus: 2
+ groups:
+ - ArchLinux
+ - Linux
+ memory: 4096
+ name: ArchLinux-Latest
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: Megabyte/CentOS-Desktop
+ cpus: 2
+ groups:
+ - CentOS
+ - Linux
+ - RedHat-Flavor
+ memory: 4096
+ name: CentOS-Stream-8
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: Megabyte/Debian-Desktop
+ cpus: 2
+ groups:
+ - Debian
+ - Debian-Flavor
+ - Linux
+ memory: 4096
+ name: Debian-10-Buster
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: Megabyte/Fedora-Desktop
+ cpus: 2
+ groups:
+ - Fedora
+ - Linux
+ - RedHat-Flavor
+ memory: 4096
+ name: Fedora-34
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ # Coming soon...
+ # - box: Megabyte/macOS-Desktop
+ # cpus: 2
+ # groups:
+ # - macos
+ # memory: 4096
+ # name: macOS-11-Big-Sur
+ # provider_raw_config_args:
+ # - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: Megabyte/Ubuntu-Desktop
+ cpus: 2
+ groups:
+ - Debian-Flavor
+ - Linux
+ - Ubuntu
+ memory: 4096
+ name: Ubuntu-21.04-Hirsute-Hippo
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - box: Megabyte/Windows-Desktop
+ cpus: 2
+ groups:
+ - Windows
+ memory: 4096
+ name: Windows-10
+ provider_raw_config_args:
+ - "customize [ 'modifyvm', :id, '--natdnshostresolver1', 'on' ]"
+ - "customize [ 'modifyvm', :id, '--natpf1', 'winrm,tcp,127.0.0.1,55985,,5985' ]"
+provisioner:
+ inventory:
+ group_vars:
+ Windows:
+ ansible_become_method: runas
+ ansible_connection: winrm
+ ansible_winrm_scheme: http
+ ansible_winrm_transport: basic
+ all:
+ ansible_become_password: ${TEST_PASSWORD:-vagrant}
+ ansible_password: ${TEST_PASSWORD:-vagrant}
+ ansible_user: ${TEST_USER:-vagrant}
+ host_vars:
+ Windows-10:
+ ansible_host: 127.0.0.1
+ ansible_port: 55985
diff --git a/home/dot_local/share/ansible/molecule/docker/molecule.yml b/home/dot_local/share/ansible/molecule/docker/molecule.yml
new file mode 100644
index 00000000..1fa65c03
--- /dev/null
+++ b/home/dot_local/share/ansible/molecule/docker/molecule.yml
@@ -0,0 +1,169 @@
+---
+description: Test using Docker containers (only Linux environments available)
+driver:
+ name: docker
+groups:
+ ArchLinux: Test on ArchLinux
+ CentOS: Test on all CentOS containers
+ CentOS-7: Test on CentOS 7
+ CentOS-8: Test on CentOS 8
+ Debian: Test on all Debian containers
+ Debian-10: Test on Debian 10
+ Debian-9: Test on Debian 9
+ Debian-Flavor: Test on all Debian-flavored containers
+ Fedora: Test on all Fedora containers
+ Fedora-33: Test on Fedora 33
+ Fedora-34: Test on Fedora 34
+ RedHat-Flavor: Test on all RedHat-flavored containers
+ Ubuntu: Test on all Ubuntu containers
+ Ubuntu-18.04: Test on Ubuntu 18.04
+ Ubuntu-20.04: Test on Ubuntu 20.04
+ Ubuntu-21.04: Test on Ubuntu 21.04
+platforms:
+ - command: /sbin/init
+ groups:
+ - ArchLinux
+ - Linux
+ image: megabytelabs/ansible-molecule-archlinux:latest
+ name: ArchLinux-Latest
+ pre_build_image: true
+ privileged: true
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - command: /sbin/init
+ groups:
+ - CentOS
+ - CentOS-7
+ - Linux
+ - RedHat-Flavor
+ image: megabytelabs/ansible-molecule-centos-7:latest
+ name: CentOS-7
+ pre_build_image: true
+ privileged: true
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - command: /sbin/init
+ groups:
+ - CentOS
+ - CentOS-8
+ - Linux
+ - RedHat-Flavor
+ image: megabytelabs/ansible-molecule-centos-8:latest
+ name: CentOS-8
+ pre_build_image: true
+ privileged: true
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - command: /sbin/init
+ groups:
+ - Debian
+ - Debian-9
+ - Debian-Flavor
+ - Linux
+ image: megabytelabs/ansible-molecule-debian-9:latest
+ name: Debian-9-Stretch
+ pre_build_image: true
+ privileged: true
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - command: /sbin/init
+ groups:
+ - Debian
+ - Debian-10
+ - Debian-Flavor
+ - Linux
+ - Snap
+ image: megabytelabs/ansible-molecule-debian-10:latest
+ name: Debian-10-Buster
+ pre_build_image: true
+ privileged: true
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - command: /sbin/init
+ groups:
+ - Fedora
+ - Fedora-33
+ - Linux
+ - RedHat-Flavor
+ image: megabytelabs/ansible-molecule-fedora-33:latest
+ name: Fedora-33
+ pre_build_image: true
+ privileged: true
+ tmpfs:
+ - /run
+ - /tmp
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - command: /sbin/init
+ groups:
+ - Fedora
+ - Fedora-34
+ - Linux
+ - RedHat-Flavor
+ image: megabytelabs/ansible-molecule-fedora-34:latest
+ name: Fedora-34
+ pre_build_image: true
+ privileged: true
+ tmpfs:
+ - /run
+ - /tmp
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - command: /sbin/init
+ groups:
+ - Debian-Flavor
+ - Linux
+ - Snap
+ - Ubuntu
+ - Ubuntu-18.04
+ image: megabytelabs/ansible-molecule-ubuntu-18.04:latest
+ name: Ubuntu-18.04-Bionic-Beaver
+ pre_build_image: true
+ privileged: true
+ tmpfs:
+ - /run
+ - /tmp
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - command: /sbin/init
+ groups:
+ - Debian-Flavor
+ - Linux
+ - Snap
+ - Ubuntu
+ - Ubuntu-20.04
+ image: megabytelabs/ansible-molecule-ubuntu-20.04:latest
+ name: Ubuntu-20.04-Focal-Fossa
+ pre_build_image: true
+ privileged: true
+ tmpfs:
+ - /run
+ - /tmp
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+ - command: /sbin/init
+ groups:
+ - Debian-Flavor
+ - Linux
+ - Snap
+ - Ubuntu
+ - Ubuntu-21.04
+ image: megabytelabs/ansible-molecule-ubuntu-21.04:latest
+ name: Ubuntu-21.04-Hirsute-Hippo
+ pre_build_image: true
+ privileged: true
+ tmpfs:
+ - /run
+ - /tmp
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:ro
+provisioner:
+ connection_options:
+ ansible_connection: docker
+ ansible_password: ${TEST_PASSWORD:-ansible}
+ ansible_user: ${TEST_USER:-ansible}
+ inventory:
+ group_vars:
+ all:
+ ansible_become_password: ${TEST_BECOME_PASSWORD:-ansible}
+ ansible_user: ${TEST_USER:-ansible}
diff --git a/home/dot_local/share/ansible/molecule/gcp/molecule.yml b/home/dot_local/share/ansible/molecule/gcp/molecule.yml
new file mode 100644
index 00000000..98a2758d
--- /dev/null
+++ b/home/dot_local/share/ansible/molecule/gcp/molecule.yml
@@ -0,0 +1,131 @@
+---
+description: Test on Google Cloud Platform (Linux)
+driver:
+ auth_kind: serviceaccount
+ external_access: false
+ instance_os_type: linux
+ name: gce
+ project_id: megabyte-labs
+ region: us-east4
+ scopes:
+ - 'https://www.googleapis.com/auth/compute'
+ service_account_file: ~/gcp.json
+groups:
+ CentOS: Test on all CentOS images
+ CentOS-7: Test on CentOS 7
+ CentOS-8: Test on CentOS 8
+ CentOS-Stream-8: Test on CentOS Stream 8
+ Debian: Test on all Debian images
+ Debian-10: Test on Debian 10
+ Debian-11: Test on Debian 11
+ Debian-9: Test on Debian 9
+ Debian-Flavor: Test on all Debian-flavored images
+ Fedora: Test on all Fedora images
+ Fedora-35: Test on Fedora 35 (Core OS)
+ Linux: Test on all linux platforms
+ RedHat-Flavor: Test on all RedHat-flavored images
+ Ubuntu: Test on all Ubuntu images
+ Ubuntu-18.04: Test on Ubuntu 18.04
+ Ubuntu-20.04: Test on Ubuntu 20.04
+ Ubuntu-21.04: Test on Ubuntu 21.04
+ Ubuntu-21.10: Test on Ubuntu 21.10
+platforms:
+ - groups:
+ - CentOS
+ - CentOS-7
+ - Linux
+ - RedHat-Flavor
+ image: projects/centos-cloud/global/images/family/centos-7
+ machine_type: e2-small
+ name: centos-7
+ zone: us-east4-a
+ - groups:
+ - CentOS
+ - CentOS-8
+ - Linux
+ - RedHat-Flavor
+ image: projects/centos-cloud/global/images/family/centos-8
+ machine_type: e2-small
+ name: centos-8
+ zone: us-east4-a
+ - groups:
+ - CentOS
+ - CentOS-Stream-8
+ - Linux
+ - RedHat-Flavor
+ image: projects/centos-cloud/global/images/family/centos-stream-8
+ machine_type: e2-small
+ name: centos-stream-8
+ zone: us-east4-a
+ - groups:
+ - Debian
+ - Debian-9
+ - Debian-Flavor
+ - Linux
+ image: projects/debian-cloud/global/images/family/debian-9
+ machine_type: e2-small
+ name: debian-9-stretch
+ zone: us-east4-a
+ - groups:
+ - Debian
+ - Debian-10
+ - Debian-Flavor
+ - Linux
+ image: projects/debian-cloud/global/images/family/debian-10
+ machine_type: e2-small
+ name: debian-10-buster
+ zone: us-east4-a
+ - groups:
+ - Debian
+ - Debian-11
+ - Debian-Flavor
+ - Linux
+ image: projects/debian-cloud/global/images/family/debian-11
+ machine_type: e2-small
+ name: debian-11-bullseye
+ zone: us-east4-a
+ - groups:
+ - Fedora
+ - Fedora-35
+ - Linux
+ - RedHat-Flavor
+ image: projects/fedora-coreos-cloud/global/images/family/fedora-coreos-stable
+ machine_type: e2-small
+ name: fedora-coreos-35
+ zone: us-east4-a
+ - groups:
+ - Debian-Flavor
+ - Linux
+ - Ubuntu
+ - Ubuntu-18.04
+ image: projects/ubuntu-os-cloud/global/images/family/ubuntu-1804-lts
+ machine_type: e2-small
+ name: ubuntu-1804-bionic-beaver
+ zone: us-east4-a
+ - groups:
+ - Debian-Flavor
+ - Linux
+ - Ubuntu
+ - Ubuntu-20.04
+ image: projects/ubuntu-os-cloud/global/images/family/ubuntu-2004-lts
+ machine_type: e2-small
+ name: ubuntu-2004-focal-fossa
+ zone: us-east4-a
+ - groups:
+ - Debian-Flavor
+ - Linux
+ - Ubuntu
+ - Ubuntu-21.04
+ image: projects/ubuntu-os-cloud/global/images/family/ubuntu-2104
+ machine_type: e2-small
+ name: ubuntu-2104-hirsute-hippo
+ zone: us-east4-a
+ - groups:
+ - Debian-Flavor
+ - Linux
+ - Ubuntu
+ - Ubuntu-21.10
+ image: projects/ubuntu-os-cloud/global/images/family/ubuntu-2110
+ machine_type: e2-small
+ name: ubuntu-2110-impish-indri
+ zone: us-east4-a
diff --git a/home/dot_local/share/ansible/molecule/local/molecule.yml b/home/dot_local/share/ansible/molecule/local/molecule.yml
new file mode 100644
index 00000000..15470239
--- /dev/null
+++ b/home/dot_local/share/ansible/molecule/local/molecule.yml
@@ -0,0 +1,44 @@
+---
+description: Run the play on the localhost
+driver:
+ name: delegated
+ options:
+ ansible_connection_options:
+ ansible_connection: local
+ managed: false
+platforms:
+ - name: ${TEST_PLATFORM:-Local-Connection}
+provisioner:
+ inventory:
+ group_vars:
+ all:
+ ansible_become_password: ${TEST_PASSWORD}
+ ansible_user: ${USER}
+scenario:
+ check_sequence:
+ - dependency
+ - cleanup
+ - prepare
+ - converge
+ - check
+ converge_sequence:
+ - dependency
+ - prepare
+ - converge
+ create_sequence:
+ - dependency
+ - prepare
+ destroy_sequence:
+ - dependency
+ - cleanup
+ test_sequence:
+ - dependency
+ - lint
+ - cleanup
+ - syntax
+ - prepare
+ - converge
+ - idempotence
+ - side_effect
+ - verify
+ - cleanup
diff --git a/home/dot_local/share/ansible/molecule/remote/molecule.yml b/home/dot_local/share/ansible/molecule/remote/molecule.yml
new file mode 100644
index 00000000..63677dc3
--- /dev/null
+++ b/home/dot_local/share/ansible/molecule/remote/molecule.yml
@@ -0,0 +1,47 @@
+---
+description: Run the play remotely via SSH
+driver:
+ name: delegated
+ options:
+ ansible_connection_options:
+ ansible_connection: ssh
+ ansible_port: ${TEST_PORT:-22}
+ ansible_ssh_host: ${TEST_SSH_HOST}
+ ansible_ssh_user: ${TEST_SSH_USER}
+ managed: false
+platforms:
+ - name: SSH-Connection
+provisioner:
+ inventory:
+ group_vars:
+ all:
+ ansible_become_pass: ${TEST_BECOME_PASSWORD}
+ ansible_user: ${TEST_USER}
+scenario:
+ check_sequence:
+ - dependency
+ - cleanup
+ - prepare
+ - converge
+ - check
+ converge_sequence:
+ - dependency
+ - prepare
+ - converge
+ create_sequence:
+ - dependency
+ - prepare
+ destroy_sequence:
+ - dependency
+ - cleanup
+ test_sequence:
+ - dependency
+ - lint
+ - cleanup
+ - syntax
+ - prepare
+ - converge
+ - idempotence
+ - side_effect
+ - verify
+ - cleanup
diff --git a/home/dot_local/share/ansible/playbooks/DOM0.md b/home/dot_local/share/ansible/playbooks/DOM0.md
new file mode 100644
index 00000000..a0045add
--- /dev/null
+++ b/home/dot_local/share/ansible/playbooks/DOM0.md
@@ -0,0 +1,47 @@
+# QubesOS Task List
+
+## Articles to Comb
+
+* [Setting up network printer](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/network-printer.md#steps-to-configure-a-network-printer-in-a-template-vm)
+* [VM hardening](https://github.com/tasket/Qubes-VM-hardening/)
+* [Misc. scripts including VagrantUp HVMs](https://github.com/unman/stuff)
+* [Tails HVM](https://github.com/Qubes-Community/Contents/blob/master/docs/privacy/tails.md)
+* [Block split](https://github.com/rustybird/qubes-split-dm-crypt)
+* [Docs and guides](https://www.qubes-os.org/doc/)
+
+## Roles to Re-Visit
+
+```
+- roles/applications/peek
+- roles/system/ssh
+- roles/services/sshtarpit
+- roles/services/cups
+- roles/services/cockpit
+- roles/services/cloudflare
+- roles/services/nginx
+- roles/services/gitlabrunner
+- roles/services/samba
+- roles/services/tor
+- roles/services/googleassistant
+- roles/applications/sharex
+- roles/applications/autokey
+- roles/system/rear
+- roles/system/timeshift
+- roles/system/ulauncher
+```
+
+## Variables Needed for Qubes
+
+```
+hostctl_setup: false # Allows switching /etc/hosts profiles
+hostsfile_default_loopback: false
+install_switchhosts: false
+```
+
+## Create Inventory with Qubes Ansible
+
+Run in dom0:
+
+```
+ansible localhost --ask-vault-pass -m qubesos -a "command=createinventory"
+```
diff --git a/home/dot_local/share/ansible/playbooks/formation.yml b/home/dot_local/share/ansible/playbooks/formation.yml
new file mode 100644
index 00000000..2496137a
--- /dev/null
+++ b/home/dot_local/share/ansible/playbooks/formation.yml
@@ -0,0 +1,8 @@
+---
+- name: Configure Qubes VM formation
+ hosts: dom0
+ tasks:
+ - name: Configure Qubes Salt formula and the top file
+ become: true
+ qubesformation:
+ dest: /srv/user_salt/structure.sls
diff --git a/home/dot_local/share/ansible/playbooks/freeipa.yml b/home/dot_local/share/ansible/playbooks/freeipa.yml
new file mode 100644
index 00000000..37b324bd
--- /dev/null
+++ b/home/dot_local/share/ansible/playbooks/freeipa.yml
@@ -0,0 +1,8 @@
+---
+- name: Playbook to configure IPA servers
+ hosts: ipaserver
+ become: true
+
+ roles:
+ - role: roles/ipaserver
+ state: present
diff --git a/home/dot_local/share/ansible/playbooks/init.yml b/home/dot_local/share/ansible/playbooks/init.yml
new file mode 100644
index 00000000..a58662af
--- /dev/null
+++ b/home/dot_local/share/ansible/playbooks/init.yml
@@ -0,0 +1,37 @@
+---
+- hosts: localhost
+ gather_facts: true # Needed on macOS
+ vars:
+ autologin_enabled: true
+ tasks:
+ - name: Check if /proc/version is present
+ ansible.builtin.stat:
+ path: /proc/version
+ register: proc_version
+ - name: Determining if environment is a WSL environment
+ command: grep Microsoft /proc/version
+ register: microsoft_grep
+ when: proc_version.stat.exists
+ - name: Add WSL hosts to the wsl host group
+ set_fact:
+ wsl_environment: true
+ when:
+ - proc_version.stat.exists
+ - microsoft_grep.rc == 0
+ - include_role:
+ name: ../roles/system/connect
+ - include_role:
+ name: ../roles/system/firewall
+ when: not (wsl_environment | default(false))
+ - include_role:
+ name: ../roles/system/common
+ - include_role:
+ name: ../roles/system/disks
+ - include_role:
+ name: ../roles/virtualization/docker
+ when: not (wsl_environment | default(false))
+ - include_role:
+ name: ../roles/services/cockpit
+ when: not (wsl_environment | default(false))
+ - include_role:
+ name: ../roles/helpers/reboot
diff --git a/home/dot_local/share/ansible/playbooks/qubes-reset.yml b/home/dot_local/share/ansible/playbooks/qubes-reset.yml
new file mode 100644
index 00000000..a6312567
--- /dev/null
+++ b/home/dot_local/share/ansible/playbooks/qubes-reset.yml
@@ -0,0 +1,14 @@
+---
+- name: Remove the VMs added by Gas Station
+ hosts: all:sys-vpn-pritunl:sys-vpn-proton:sys-vpn-tailscale:sys-vpn-warp:!system-vms:!primary-templates:!dom0
+ connection: qubes
+ gather_facts: false
+ tasks:
+ - name: 'Remove {{ inventory_hostname }}'
+ delegate_to: dom0
+ shell:
+ cmd: |
+ if qvm-check {{ inventory_hostname }}; then
+ qvm-shutdown --force --wait {{ inventory_hostname }} || EXIT_CODE=$?
+ qvm-remove -f {{ inventory_hostname }}
+ fi
diff --git a/home/dot_local/share/ansible/playbooks/qubes.yml b/home/dot_local/share/ansible/playbooks/qubes.yml
new file mode 100644
index 00000000..0df7c671
--- /dev/null
+++ b/home/dot_local/share/ansible/playbooks/qubes.yml
@@ -0,0 +1,215 @@
+---
+# yamllint disable rule:max-lines
+- name: Provision / initialize dom0
+ hosts: dom0
+ tasks:
+ # Prepare dom0
+ # NOTE: The Qubes dom0 provisioning has some "become" sourcery involved because the default
+ # user is root instead of the dom0 user
+ - name: Check if dom0 was provisioned
+ stat:
+ path: /tmp/.setup-dom0-partially-provisioned
+ register: dom0_partially_provisioned
+ - name: Update and configure dom0
+ vars:
+ dom0_features:
+ - plymouth
+ # - dotfiles
+ # - grub
+ # - minimal-vms
+ # - mirage
+ # - new-menu
+ # - opnsense
+ # - policy
+ # - screenshot
+ # - split-gpg
+ # - sudo-prompt
+ # - sys-gui
+ # - sys-usb
+ # - templates
+ # - theme
+ # - u2f
+ # - update
+ # - yubikey
+ include_role:
+ name: professormanhattan.qubes
+ when: not dom0_partially_provisioned.stat.exists
+ - name: Ensure settings required by the automatic provisioning system are removed (after no longer needed)
+ vars:
+ dom0_features:
+ - plymouth
+ include_role:
+ name: professormanhattan.qubes
+ when: dom0_partially_provisioned.stat.exists
+ - name: Register "partially provisioned" indicator temporary file
+ copy:
+ content: |
+ done
+ dest: /tmp/.setup-dom0-partially-provisioned
+ when: not dom0_partially_provisioned.stat.exists
+ - name: Ensure all VMs except sys-net, sys-firewall, sys-whonix, and provision are shutdown
+ become: true
+ command: qvm-shutdown --all --wait --exclude=dom0 --exclude=sys-net --exclude=sys-firewall --exclude=sys-whonix --exclude=sys-usb --exclude=sys-gui --exclude=sys-gui-gpu --exclude=sys-gui-vnc --exclude=provision
+ - name: Ensure primary-templates-stock / primary-templates-minimal TemplateVMs are configured to use sys-firewall as their NetVM
+ vars:
+ netvm: sys-firewall
+ include_tasks: tasks/qubes/qvm-netvm.yml
+ loop: "{{ groups['primary-templates-stock'] + groups['primary-templates-minimal'] }}"
+ - name: Ensure primary-templates-stock / primary-templates-minimal are using the appropriate sized volumes
+ include_tasks: tasks/qubes/qvm-volume.yml
+ loop: "{{ groups['primary-templates-stock'] + groups['primary-templates-minimal'] }}"
+ loop_control:
+ loop_var: vm
+ when: hostvars[vm].volume is defined
+
+# - name: Patch for uman's Debian 12 template (with apt-cacher-ng)
+# hosts: debian-12
+# tasks:
+# - name: Remove apt-cacher-ng syntax from sources.list
+# become: true
+# ansible.builtin.replace:
+# path: /etc/apt/sources.list
+# regexp: 'HTTPS\/\/\/'
+# replace: ''
+
+- name: Ensure *-minimal templates have an internet connection
+ hosts: primary-templates-minimal
+ tasks:
+ - name: Enable networking on *-minimal template
+ become: true
+ ansible.builtin.package:
+ name: qubes-core-agent-networking
+ state: latest
+ when:
+ - enable_minimal_networking | default(true)
+ - "'-minimal' in inventory_hostname"
+ register: qubes_core_net
+ - name: Unconditionally reboot the machine with all defaults
+ become: true
+ ansible.builtin.reboot:
+ when: qubes_core_net.changed
+
+- name: Ensure base templates are updated
+ hosts: primary-templates-stock:primary-templates-minimal
+ tasks:
+ - include_tasks: tasks/qubes/vm-template-stock.yml
+ when: install_updates | default(true)
+
+- name: Ensure whonix-gw-16 and whonix-ws-16 are updated with common files
+ hosts: whonix-gw-16:whonix-ws-16
+ tasks:
+ - include_tasks: tasks/qubes/vm-template-whonix.yml
+
+- name: Prepare for the "base" TemplateVM provisioning
+ hosts: dom0
+ tasks:
+ - name: Realize the "base" TemplateVMs
+ vars:
+ formation_slug: base
+ formation: "{{ (groups['primary-templates-minimal'] + groups['primary-templates-stock'] + groups['primary-templates-base']) }}"
+ formation_previous: "{{ (groups['primary-templates-minimal'] + groups['primary-templates-stock']) }}"
+ formation_vm_groups:
+ - primary-templates-minimal
+ - primary-templates-stock
+ - primary-templates-base
+ include_tasks: tasks/qubes/formation.yml
+
+- name: Provision the "base" TemplateVMs
+ gather_facts: true
+ hosts: primary-templates-base
+ tasks:
+ - include_role:
+ name: '{{ item }}'
+ loop: '{{ base_template_roles }}'
+ - include_tasks: tasks/qubes/vm-template-base.yml
+ vars:
+ software: '{{ qubes_software[inventory_hostname] | default([]) }}'
+
+- name: Prepare for the "full" TemplateVM provisioning
+ hosts: dom0
+ tasks:
+ - name: Realize the "full" TemplateVMs
+ vars:
+ formation_slug: full
+ formation: "{{ (groups['primary-templates'] + groups['vpn-base-templates']) }}"
+ formation_previous: "{{ (groups['primary-templates-minimal'] + groups['primary-templates-stock'] + groups['primary-templates-base']) }}"
+ formation_vm_groups:
+ - primary-templates
+ - vpn-base-templates
+ include_tasks: tasks/qubes/formation.yml
+
+- name: Provision the "docker" and "full" TemplateVMs with roles
+ hosts: primary-templates-full:primary-templates-docker
+ tasks:
+ - include_role:
+ name: '{{ item }}'
+ loop: '{{ full_docker_template_roles | default([]) }}'
+
+- name: Provision the "docker" TemplateVMs with roles
+ hosts: primary-templates-docker
+ tasks:
+ - include_role:
+ name: '{{ item }}'
+ loop: '{{ docker_template_roles | default([]) }}'
+
+- name: Provision the "full" TemplateVMs with roles
+ hosts: primary-templates-full
+ tasks:
+ - include_role:
+ name: '{{ item }}'
+ loop: '{{ full_template_roles | default([]) }}'
+
+- name: Provision the "full" TemplateVMs with tasks
+ hosts: primary-templates-full:primary-templates-docker:vpn-base-templates
+ tasks:
+ - include_tasks: tasks/qubes/vm-template-full.yml
+
+- name: Prepare for the "tmpl" TemplateVM provisioning
+ hosts: dom0
+ tasks:
+ - name: Realize the "tmpl" TemplateVMs
+ vars:
+ formation_slug: tmpl
+ formation: "{{ groups['primary-templates'] + groups['standard-templates'] + groups['vpn-templates'] }}"
+ formation_previous: "{{ groups['primary-templates'] + groups['vpn-base-templates'] }}"
+ formation_vm_groups:
+ - primary-templates
+ - standard-templates
+ - vpn-templates
+ include_tasks: tasks/qubes/formation.yml
+
+- name: Provision the "tmpl" TemplateVMs
+ hosts: vpn-templates:standard-templates
+ tasks:
+ - include_tasks: tasks/qubes/vm-template-tmpl.yml
+
+- name: Prepare for provisioning the rest of the Qubes VMs
+ hosts: dom0
+ tasks:
+ - name: Realize all the Qubes VMs
+ vars:
+ formation_slug: all
+ formation: "{{ groups['qubes-vms'] }}"
+ formation_previous: "{{ groups['primary-templates'] + groups['standard-templates'] + groups['vpn-templates'] }}"
+ include_tasks: tasks/qubes/formation.yml
+
+- name: Provision all of the AppVMs etc.
+ hosts: vms:!primary-templates:!standard-templates:!vpn-templates
+ tasks:
+ - include_tasks: tasks/qubes/vm-template-all.yml
+
+- name: Finish provisioning dom0
+ hosts: dom0
+ tasks:
+ - name: Apply the formation again so the templates use the appropriate NetVM
+ vars:
+ dom0_features:
+ - create-vms
+ include_role:
+ name: professormanhattan.qubes
+ - name: Enable updates over Tor
+ vars:
+ dom0_features:
+ - tor-updates
+ include_role:
+ name: professormanhattan.qubes
diff --git a/home/dot_local/share/ansible/tasks/qubes/_packer-hvm.yml b/home/dot_local/share/ansible/tasks/qubes/_packer-hvm.yml
new file mode 100644
index 00000000..6e9a9cd0
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/_packer-hvm.yml
@@ -0,0 +1,56 @@
+---
+- name: Create LVM volume
+ # TODO: Convert to Ansible syntax
+ command: sudo lvcreate -n "{{ vm.lvm }}" -V "{{ vm.disk_size | default('100G') }}" --thinpool vm-pool qubes_dom0
+- name: Format the volume to EXT4
+ # TODO: Convert to Ansible syntax
+ command: sudo mkfs.ext4 /dev/qubes_dom0/{{ vm.lvm }}
+- name: Create mounting point
+ become: true
+ file:
+ mode: 0755
+ path: /srv/disks/{{ vm.lvm }}
+ state: directory
+- name: Mount the volume
+ become: true
+ ansible.posix.mount:
+ path: /dev/qubes_dom0/{{ vm.lvm }}
+ src: /srv/disks/{{ vm.lvm }}
+ state: present
+- name: Update the permissions of the mount
+ become: true
+ file:
+ path: /srv/{{ vm.lvm }}
+ owner: '{{ ansible_user | default(ansible_env.USERNAME) }}'
+ group: '{{ ansible_user | default(ansible_env.USERNAME) }}'
+ mode: 0755
+- name: Determine if the image for {{ vm.name }} is already present
+ ansible.builtin.stat:
+ path: /srv/disks/{{ vm.lvm }}/{{ vm.slug | lower }}.img
+ register: vm_image_path
+- name: Copy raw image to dom0
+ command: |
+ qvm-run --pass-io {{ qubes_usb_transfer_vm }} "cat /media/user/disk/img/{{ vm.slug | lower }}.img" > '/srv/disks/{{ vm.lvm }}/{{ vm.slug }}.img'
+ when: not vm_image_path.stat.exists
+- name: Creating TemplateVM for {{ vm.name }}
+ # Cannot use `qubesos:` because it relies on `--root-move-from`
+ # TODO: Check if template exists already
+ command: >
+ qvm-create
+ --class TemplateVM
+ --label purple
+ --property=include_in_backups=true
+ --property=kernel=''
+ --property=maxmem=8192
+ --property=memory=4096
+ --property=vcpus=4
+ --property=virt_mode=hvm
+ --root-move-from /srv/disks/{{ vm.lvm }}/{{ vm.slug | lower }}.img
+ {{ (vm.slug | lower) + '-desktop-base' }}
+- name: Create AppVMs based on the TemplateVM for {{ vm.name }}
+ # TODO: Check if template exists already
+ qubesos:
+ guest: "{{ vm.name + '-desktop-base' }}"
+ label: purple
+ state: create
+ template: "{{ (vm.slug | lower) + '-desktop' }}"
diff --git a/home/dot_local/share/ansible/tasks/qubes/_packer-usb.yml b/home/dot_local/share/ansible/tasks/qubes/_packer-usb.yml
new file mode 100644
index 00000000..fd025831
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/_packer-usb.yml
@@ -0,0 +1,23 @@
+---
+- name: Spin up disposable Qube to attach/transfer files from USB
+ qubesos:
+ guest: packer-usb-transfer-vm
+ label: red
+ state: running
+ template: debian-11-minimal-dvm
+
+- name: Check if the USB storage device is already attached to the disposable USB Qube
+ command: test -n "$(qvm-device usb list | grep "{{ qubes_ventoy_usb_description }}" | sed 's/^[^ ]*[ ]*[^ ]*[ ]*\([^ ]*\)$/\1/')"
+ changed_when: false
+ register: usb_device_test
+
+- name: Acquire the appropriate USB storage device ID
+ command: qvm-device usb list | grep "{{ qubes_ventoy_usb_description }}" | sed 's/^\([^ ]*\) .*/\1/'
+ changed_when: false
+ register: devid_usb_list
+ when: usb_device_test.rc == 1
+
+- name: Attach the USB storage device to the disposable USB Qube
+ command: qvm-device usb attach packer-usb-transfer-vm "{{ devid_usb_list.stdout }}"
+ changed_when: true
+ when: usb_device_test.rc == 1
diff --git a/home/dot_local/share/ansible/tasks/qubes/formation.yml b/home/dot_local/share/ansible/tasks/qubes/formation.yml
new file mode 100644
index 00000000..99a5159d
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/formation.yml
@@ -0,0 +1,36 @@
+---
+- name: Check whether the structure was recently provisioned
+ stat:
+ path: /tmp/.setup-dom0-{{ formation_slug }}
+ register: phase_fully_provisioned
+
+- name: Shutdown all the VMs
+ include_tasks: tasks/qubes/shutdown-vms.yml
+
+- name: Apply the formation
+ vars:
+ dom0_features:
+ - create-vms
+ include_role:
+ name: professormanhattan.qubes
+ when: not phase_fully_provisioned.stat.exists
+
+- name: Ensure the new VMs have access to sys-firewall so they can be provisioned
+ vars:
+ netvm: sys-firewall
+ include_tasks: tasks/qubes/qvm-netvm.yml
+ loop: '{{ formation | difference(formation_previous | default([])) }}'
+
+- name: Ensure the VMs have the appropriate volumes configured
+ include_tasks: tasks/qubes/qvm-volume.yml
+ loop: '{{ formation | difference(formation_previous | default([])) }}'
+ loop_control:
+ loop_var: vm
+ when: hostvars[vm].volume is defined
+
+- name: Register "fully provisioned" indicator temporary file
+ copy:
+ content: |
+ done
+ dest: /tmp/.setup-dom0-{{ formation_slug }}
+ when: not phase_fully_provisioned.stat.exists
diff --git a/home/dot_local/share/ansible/tasks/qubes/gsetting.yml b/home/dot_local/share/ansible/tasks/qubes/gsetting.yml
new file mode 100644
index 00000000..3f5b9371
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/gsetting.yml
@@ -0,0 +1,11 @@
+---
+- name: 'Check gsetting (gsettings get {{ item.setting }})'
+ command: 'gsettings get {{ item.setting }}'
+ register: gsettings_get_command
+ changed_when: false
+
+- name: Apply gsetting (gsettings set)
+ command: gsettings set {{ item.setting }} {{ item.value }}
+ when:
+ - gsettings_get_command.stdout != item.value
+ - gsettings_get_command.stdout != ("''" + item.value + "''")
diff --git a/home/dot_local/share/ansible/tasks/qubes/preferred-app.yml b/home/dot_local/share/ansible/tasks/qubes/preferred-app.yml
new file mode 100644
index 00000000..eff6d2d8
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/preferred-app.yml
@@ -0,0 +1,26 @@
+---
+- name: Create a link for opening browser links
+ become: true
+ copy:
+ content: |
+ [Desktop Entry]
+ Encoding=UTF-8
+ Name={{ item.name }}
+ Exec=qvm-open-in-vm {{ item.vm }} %u
+ Terminal=false
+ X-MultipleArgs=false
+ Type=Application
+ MimeType={{ item.mimes }}
+ dest: /usr/share/applications/{{ item.link }}
+
+- name: Check the value of the current xdg-setting
+ command: "xdg-settings get {{ item['xdg-setting'] }}"
+ register: xdg_setting_get
+ changed_when: false
+ when: item['xdg-setting'] is defined
+
+- name: Configure xdg-setting to use the cross-VM link
+ command: "xdg-settings set {{ item['xdg-setting'] }} {{ item.link }}"
+ when:
+ - item['xdg-setting'] is defined
+ - item['xdg-setting'] not in xdg_setting_get.stdout
diff --git a/home/dot_local/share/ansible/tasks/qubes/pritunl-server.yml b/home/dot_local/share/ansible/tasks/qubes/pritunl-server.yml
new file mode 100644
index 00000000..bcc3a7c3
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/pritunl-server.yml
@@ -0,0 +1,43 @@
+---
+- name: Check for presence of Pritunl server installation indicator
+ stat:
+ path: /root/.pritunl_installed
+ register: pritunl_install_indicator
+
+- name: Run the init script for the Pritunl server (for CentOS 8)
+ become: true
+ shell:
+ cmd: |
+ sudo tee /etc/yum.repos.d/mongodb-org-5.0.repo << EOF
+ [mongodb-org-5.0]
+ name=MongoDB Repository
+ baseurl=https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/
+ gpgcheck=1
+ enabled=1
+ gpgkey=https://www.mongodb.org/static/pgp/server-5.0.asc
+ EOF
+
+ sudo tee /etc/yum.repos.d/pritunl.repo << EOF
+ [pritunl]
+ name=Pritunl Repository
+ baseurl=https://repo.pritunl.com/stable/yum/oraclelinux/8/
+ gpgcheck=1
+ enabled=1
+ EOF
+
+ sudo yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
+ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 7568D9BB55FF9E5287D586017AE645C0CF8E292A
+ gpg --armor --export 7568D9BB55FF9E5287D586017AE645C0CF8E292A > key.tmp; sudo rpm --import key.tmp; rm -f key.tmp
+ sudo yum -y install pritunl mongodb-org
+ sudo systemctl start mongod pritunl
+ sudo systemctl enable mongod pritunl
+ when: not pritunl_install_indicator.stat.exists
+ args:
+ executable: /bin/bash
+
+- name: Add indicator that Pritunl was installed to /root/.pritunl_installed
+ become: true
+ copy:
+ content: |
+ {{ ansible_date_time.iso8601 }}
+ dest: /root/.pritunl_installed
diff --git a/home/dot_local/share/ansible/tasks/qubes/qvm-netvm.yml b/home/dot_local/share/ansible/tasks/qubes/qvm-netvm.yml
new file mode 100644
index 00000000..3f7c6043
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/qvm-netvm.yml
@@ -0,0 +1,24 @@
+---
+- name: Check value of NetVM for {{ item }}
+ command: qvm-prefs --get {{ item }} netvm
+ register: netvm_pref
+ changed_when: false
+ failed_when: false
+
+- name: Configure {{ item }}'s NetVM
+ command: qvm-prefs --set {{ item }} netvm {{ 'sys-whonix' if ('whonix' in item) else netvm }}
+ when:
+ - netvm_pref.rc == 0
+ - not (connect_default_netvm | default(false))
+ - netvm_pref.stdout != netvm
+ - item != netvm
+ - item != 'sys-net'
+
+- name: Set new value of NetVM for {{ item }} if necessary
+ command: qvm-prefs --set {{ item }} netvm {{ 'sys-whonix' if ('whonix' in item) else (hostvars[item]['_netvm'] | default('None')) }}
+ when:
+ - netvm_pref.rc == 0
+ - connect_default_netvm | default(false)
+ - netvm_pref.stdout != hostvars[item]['_netvm']
+ - item != netvm
+ - item != 'sys-net'
diff --git a/home/dot_local/share/ansible/tasks/qubes/qvm-shutdown.yml b/home/dot_local/share/ansible/tasks/qubes/qvm-shutdown.yml
new file mode 100644
index 00000000..ab1d6b1e
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/qvm-shutdown.yml
@@ -0,0 +1,16 @@
+---
+- name: Check if the VM is running
+ command: qvm-check {{ item }}
+ register: qvm_check_vm
+
+- name: Shutdown the {{ item }} VM
+ command: qvm-shutdown --wait {{ item }}
+ when:
+ - not (force_shutdown | default(false))
+ - qvm_check_vm.rc == 0
+
+- name: Force the shutdown of the {{ item }} VM (only to be done after proper shutdown of an HVM)
+ command: qvm-shutdown --wait --force {{ item }}
+ when:
+ - force_shutdown | default(false)
+ - qvm_check_vm.rc == 0
diff --git a/home/dot_local/share/ansible/tasks/qubes/qvm-volume-set.yml b/home/dot_local/share/ansible/tasks/qubes/qvm-volume-set.yml
new file mode 100644
index 00000000..b6e847b0
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/qvm-volume-set.yml
@@ -0,0 +1,9 @@
+---
+- name: 'Check the {{ item }} volume size for {{ vm }} (Volume Size - {{ hostvars[vm].volume[item] | int }})'
+ command: 'qvm-volume info {{ vm }}:{{ item }} size'
+ register: qvm_volume_size
+ changed_when: false
+
+- name: 'Ensure the {{ item }} volume size is correctly set on the {{ vm }} VM'
+ command: 'qvm-volume resize {{ vm }}:{{ item }} {{ ((hostvars[vm].volume[item] | int) * 1073741824) }}'
+ when: qvm_volume_size.stdout != ((hostvars[vm].volume[item] | int) * 1073741824)
diff --git a/home/dot_local/share/ansible/tasks/qubes/qvm-volume.yml b/home/dot_local/share/ansible/tasks/qubes/qvm-volume.yml
new file mode 100644
index 00000000..db2d2eae
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/qvm-volume.yml
@@ -0,0 +1,4 @@
+---
+- name: Ensure specified volumes are configured
+ include_tasks: tasks/qubes/qvm-volume-set.yml
+ loop: '{{ hostvars[vm].volume.keys() | default([]) }}'
diff --git a/home/dot_local/share/ansible/tasks/qubes/randomize-mac.yml b/home/dot_local/share/ansible/tasks/qubes/randomize-mac.yml
new file mode 100644
index 00000000..23331f74
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/randomize-mac.yml
@@ -0,0 +1,34 @@
+---
+- name: Add MAC address randomization configuration
+ become: true
+ copy:
+ content: |
+ [device]
+ wifi.scan-rand-mac-address=ye
+ [connection]
+ wifi.cloned-mac-address=stable
+ ethernet.cloned-mac-address=stable
+ connection.stable-id=${CONNECTION}/${BOOT}
+ # Use random IPv6 addresses per session / don't leak MAC via IPv6 (cf. RFC 4941)
+ ipv6.ip6-privacy=2
+ dest: /etc/NetworkManager/conf.d/00-randomize.conf
+
+- name: Configure NetworkManager to use dhclient (to prevent hostname leaks)
+ become: true
+ copy:
+ content: |
+ [main]
+ dhcp=dhclient
+ dest: /etc/NetworkManager/conf.d/dhclient.conf
+
+- name: Determine if /etc/dhcp/dhclient.conf is sending host-name
+ become: true
+ shell:
+ cmd: grep 'send host-name' < /etc/dhcp/dhclient.conf
+ changed_when: false
+ register: dhclient_host_name_grep
+
+- name: Remove "send host-name" from /etc/dhcp/dhclient.conf
+ become: true
+ command: sed -i '/send host-name/d' /etc/dhcp/dhclient.conf
+ when: dhclient_host_name_grep.rc == 0
diff --git a/home/dot_local/share/ansible/tasks/qubes/remove-shortcut.yml b/home/dot_local/share/ansible/tasks/qubes/remove-shortcut.yml
new file mode 100644
index 00000000..66c8697a
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/remove-shortcut.yml
@@ -0,0 +1,20 @@
+---
+- name: Check if {{ item }} desktop link exists
+ stat:
+ path: '/usr/share/applications/{{ item }}'
+ register: sys_tool_link
+
+- name: Backup {{ item }} link to /usr/share/applications/hidden
+ become: true
+ copy:
+ src: '/usr/share/applications/{{ item }}'
+ dest: '/usr/share/applications/hidden/{{ item }}'
+ remote_src: true
+ when: sys_tool_link.stat.exists
+
+- name: Remove {{ item }} link from the desktop shortcut menu
+ become: true
+ file:
+ path: '{{ item }}'
+ state: absent
+ when: sys_tool_link.stat.exists
diff --git a/home/dot_local/share/ansible/tasks/qubes/shutdown-vms.yml b/home/dot_local/share/ansible/tasks/qubes/shutdown-vms.yml
new file mode 100644
index 00000000..02a4a107
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/shutdown-vms.yml
@@ -0,0 +1,3 @@
+---
+- name: Ensure all VMs except sys-* ones are shutdown
+ command: qvm-shutdown --all --wait --exclude=dom0 --exclude=sys-net --exclude=sys-firewall --exclude=sys-usb --exclude=sys-gui --exclude=sys-gui-gpu --exclude=sys-gui-vnc --exclude=sys-g-assist --exclude=provision
diff --git a/home/dot_local/share/ansible/tasks/qubes/tcp-port-bind.yml b/home/dot_local/share/ansible/tasks/qubes/tcp-port-bind.yml
new file mode 100644
index 00000000..e3ba6a86
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/tcp-port-bind.yml
@@ -0,0 +1,29 @@
+---
+- name: 'Create {{ service.name }}.socket systemd file'
+ become: true
+ copy:
+ content: |
+ [Unit]
+ Description={{ service.name }}
+ [Socket]
+ ListenStream=127.0.0.1:{{ service.port }}
+ Accept=true
+ [Install]
+ WantedBy=sockets.target
+ dest: '/lib/systemd/system/{{ service.name }}.socket'
+ loop: '{{ systemd_services | default([]) }}'
+ loop_control:
+ loop_var: service
+
+- name: Create service_name@.service systemd file
+ become: true
+ copy:
+ content: |
+ [Unit]
+ Description={{ item.name }}
+ [Service]
+ ExecStart=qrexec-client-vm '' qubes.ConnectTCP+{{ item.port }}
+ StandardInput=socket
+ StandardOutput=inherit
+ dest: /lib/systemd/system/{{ item.name }}@.service
+ loop: '{{ systemd_services | default([]) }}'
diff --git a/home/dot_local/share/ansible/tasks/qubes/vm-common.yml b/home/dot_local/share/ansible/tasks/qubes/vm-common.yml
new file mode 100644
index 00000000..f4534fd7
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/vm-common.yml
@@ -0,0 +1,33 @@
+---
+- name: Fix for known snap issue
+ command: snap --version &> /dev/null
+ changed_when: false
+ failed_when: false
+
+- name: Provision the custom TemplateVMs
+ include_role:
+ name: '{{ role }}'
+ loop: '{{ qubes_roles[inventory_hostname] | default([]) }}'
+ loop_control:
+ label: '{{ inventory_hostname }}'
+ loop_var: role
+
+- name: Register the a list of software to be installed
+ set_fact:
+ generic_software: '{{ qubes_software[inventory_hostname] | default([]) }}'
+
+- name: Install software packages using the generic installer
+ vars:
+ software: '{{ generic_software }}'
+ include_role:
+ name: roles/helpers/installer
+ when: (generic_software | length) != 0
+
+- name: Run the finishing role(s) on the TemplateVMs
+ include_role:
+ name: '{{ role }}'
+ loop:
+ - roles/system/finish
+ loop_control:
+ label: '{{ inventory_hostname }}'
+ loop_var: role
diff --git a/home/dot_local/share/ansible/tasks/qubes/vm-template-all.yml b/home/dot_local/share/ansible/tasks/qubes/vm-template-all.yml
new file mode 100644
index 00000000..85c8983c
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/vm-template-all.yml
@@ -0,0 +1,18 @@
+---
+- name: Ensure directory for custom Ansible facts exists
+ become: true
+ ansible.builtin.file:
+ state: directory
+ recurse: yes
+ path: /rw/config/qubes-bind-dirs.d
+ when: persistent_docker_volumes | default(false)
+
+- name: Ensure Docker files are persistent
+ copy:
+ content: |
+ binds+=( '/var/lib/docker' )
+ binds+=( '/etc/docker' )
+ dest: /rw/config/qubes-bind-dirs.d/50-docker.conf
+ when: persistent_docker_volumes | default(false)
+
+- include_tasks: tasks/qubes/vm-common.yml
diff --git a/home/dot_local/share/ansible/tasks/qubes/vm-template-base.yml b/home/dot_local/share/ansible/tasks/qubes/vm-template-base.yml
new file mode 100644
index 00000000..e3a36204
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/vm-template-base.yml
@@ -0,0 +1,74 @@
+---
+# - name: Clone the VM-lockdown repository
+# become: true
+# ansible.builtin.git:
+# repo: https://github.com/tasket/Qubes-VM-hardening.git
+# dest: /usr/src/hardening
+#
+# - name: Run the installer
+# become: true
+# command: |
+# bash install
+# bash configure-sudo-prompt --force
+# args:
+# chdir: /usr/src/hardening
+# creates: /lib/systemd/system/vm-boot-protect.service
+
+- name: Ensure qubes-gpg-split and qubes-u2f are installed (unofficial templates may fail since the packages are not available)
+ become: true
+ ansible.builtin.package:
+ name:
+ - qubes-gpg-split
+ - qubes-u2f
+ state: latest
+ ignore_errors: true
+
+- name: Ensure terminal Brewfile is installed
+ shell: provision terminal
+ failed_when: false
+ args:
+ executable: /bin/bash
+
+- name: Ensure all the common roles are applied to the custom TemplateVMs
+ include_role:
+ name: '{{ role }}'
+ loop:
+ # - roles/system/dns # Goes wherever DNS resolver is pending Qubes Forum answer
+ - roles/services/antivirus
+ - roles/services/elasticagent
+ - roles/services/portmaster
+ - roles/services/wazuh
+ - roles/applications/tabby
+ loop_control:
+ label: '{{ inventory_hostname }}'
+ loop_var: role
+
+- name: Ensure default application launchers are configured to use DVMs
+ include_tasks: tasks/qubes/preferred-app.yml
+ loop: '{{ mimetype_handlers }}'
+
+- name: Configure VMs to forward TCP traffic on certain ports to OPNsense
+ vars:
+ systemd_services:
+ - name: opnsense-http-service
+ port: 80
+ - name: opnsense-https-service
+ port: 443
+ include_tasks: tcp-port-bind.yml
+
+- include_tasks: tasks/qubes/vm-common.yml
+
+- name: Ensure /etc/skel /usr/local.orig is setup for inheritence
+ become: true
+ copy:
+ src: '{{ item.src }}'
+ dest: '{{ item.dest }}'
+ mode: '{{ item.mode }}'
+ remote_src: true
+ with_items:
+ - src: /home
+ dest: /etc/skel
+ mode: preserve
+ - src: /usr/local
+ dest: /usr/local.orig
+ mode: preserve
diff --git a/home/dot_local/share/ansible/tasks/qubes/vm-template-full.yml b/home/dot_local/share/ansible/tasks/qubes/vm-template-full.yml
new file mode 100644
index 00000000..207f5e47
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/vm-template-full.yml
@@ -0,0 +1,19 @@
+---
+# full_terminal_roles
+
+- include_tasks: tasks/qubes/vm-common.yml
+
+- name: Ensure /etc/skel /usr/local.orig is setup for inheritence
+ become: true
+ copy:
+ src: '{{ item.src }}'
+ dest: '{{ item.dest }}'
+ mode: '{{ item.mode }}'
+ remote_src: true
+ with_items:
+ - src: /home
+ dest: /etc/skel
+ mode: preserve
+ - src: /usr/local
+ dest: /usr/local.orig
+ mode: preserve
diff --git a/home/dot_local/share/ansible/tasks/qubes/vm-template-stock.yml b/home/dot_local/share/ansible/tasks/qubes/vm-template-stock.yml
new file mode 100644
index 00000000..8617c789
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/vm-template-stock.yml
@@ -0,0 +1,179 @@
+---
+- name: Determine if RPM Fusion was already enabled
+ become: true
+ stat:
+ path: /root/.setup-rpm-fusion-enabled
+ register: template_rpm_fusion
+ when: ansible_os_family == 'RedHat'
+
+- name: Ensure RPM Fusion package repositories are enabled on RedHat-flavored systems
+ become: true
+ shell:
+ cmd: |
+ dnf config-manager --set-enabled rpmfusion-free
+ dnf config-manager --set-enabled rpmfusion-free-updates
+ dnf config-manager --set-enabled rpmfusion-nonfree
+ dnf config-manager --set-enabled rpmfusion-nonfree-updates
+ when:
+ - ansible_os_family == 'RedHat'
+ - not template_rpm_fusion.stat.exists
+ - not ('-minimal' in inventory_hostname)
+
+- name: Register RPM Fusion enabled indicator
+ become: true
+ copy:
+ content: |
+ done
+ dest: /root/.setup-rpm-fusion-enabled
+ when:
+ - ansible_os_family == 'RedHat'
+ - not template_rpm_fusion.stat.exists
+
+- name: Ensure Debian systems are updated
+ become: true
+ apt:
+ cache_valid_time: 3600
+ force_apt_get: true
+ update_cache: true
+ upgrade: dist
+ timeout: 900
+ when: ansible_os_family == 'Debian'
+
+- name: Ensure RedHat systems are updated
+ become: true
+ dnf:
+ name: '*'
+ state: latest
+ update_cache: true
+ timeout: 900
+ when: ansible_os_family == 'RedHat'
+
+- name: Check if Archlinux has refreshed keys
+ become: true
+ stat:
+ path: /root/.setup-pacman-refreshed-keys
+ register: pacman_key_refresh
+ when: ansible_os_family == 'Archlinux'
+
+- name: Ensure Archlinux pacman GPG keys are updated
+ become: true
+ shell: pacman-key --refresh-keys
+ when:
+ - ansible_os_family == 'Archlinux'
+ - not pacman_key_refresh.stat.exists
+
+- name: Ensure Archlinux key refresh is saved to prevent unnecessary future calls
+ become: true
+ copy:
+ content: |
+ done
+ dest: /root/.setup-pacman-refreshed-keys
+ when:
+ - ansible_os_family == 'Archlinux'
+ - not pacman_key_refresh.stat.exists
+
+- name: Ensure Archlinux systems are updated
+ become: true
+ community.general.pacman:
+ update_cache: true
+ upgrade: true
+ extra_args: --ignore=*pulse*
+ update_cache_extra_args: --noconfirm
+ upgrade_extra_args: --ignore="*pulse*"
+ when: ansible_os_family == 'Archlinux'
+
+- name: Install common software packages
+ become: true
+ ansible.builtin.package:
+ name: '{{ common_software_packages | default([]) }}'
+ state: latest
+ ignore_errors: '{{ qubes_prerelease | default(false) }}'
+
+- name: Clone the yay repository (Archlinux)
+ ansible.builtin.git:
+ repo: https://aur.archlinux.org/yay.git
+ dest: ~/.local/yay
+ version: master
+ when: ansible_os_family == 'Archlinux'
+
+- name: Check if yay is installed
+ command: type yay
+ register: yay_type
+ failed_when: false
+ changed_when: false
+ when: ansible_os_family == 'Archlinux'
+
+- name: Ensure Go is installed which is a requirement for installing yay (Archlinux)
+ become: true
+ community.general.pacman:
+ name: go
+ state: latest
+ when: ansible_os_family == 'Archlinux'
+
+- name: Install yay (Archlinux)
+ ansible.builtin.shell:
+ cmd: echo Y | makepkg -si
+ args:
+ chdir: ~/.local/yay
+ when:
+ - ansible_os_family == 'Archlinux'
+ - yay_type.rc != 0
+
+- name: Check if snap is installed
+ command: type snap
+ register: snap_type
+ failed_when: false
+ changed_when: false
+ when: ansible_os_family == 'Archlinux'
+ ignore_errors: '{{ qubes_prerelease | default(false) }}'
+
+- name: Install snapd with yay (Archlinux)
+ ansible.builtin.shell:
+ cmd: yay --noconfirm -Sy snapd
+ when:
+ - ansible_os_family == 'Archlinux'
+ - snap_type.rc != 0
+
+- name: Detect presence of /var/lib/snapd/snap
+ stat:
+ path: /var/lib/snapd/snap
+ register: var_lib_snapd
+
+- name: Ensure /snap is symlinked to /var/lib/snapd/snap
+ become: true
+ file:
+ src: /var/lib/snapd/snap
+ dest: /snap
+ state: link
+ when: var_lib_snapd.stat.exists
+
+- name: Ensure snapd is enabled and running
+ become: true
+ ansible.builtin.systemd:
+ enabled: true
+ state: started
+ name: snapd
+ daemon_reload: true
+ when: not ('-minimal' in inventory_hostname)
+ ignore_errors: '{{ qubes_prerelease | default(false) }}'
+
+- name: Apply full theme and dotfiles
+ include_role:
+ name: professormanhattan.theme
+
+- include_tasks: tasks/qubes/vm-common.yml
+
+- name: Ensure /etc/skel /usr/local.orig is setup for inheritence
+ become: true
+ copy:
+ src: '{{ item.src }}'
+ dest: '{{ item.dest }}'
+ mode: '{{ item.mode }}'
+ remote_src: true
+ with_items:
+ - src: /home
+ dest: /etc/skel
+ mode: preserve
+ - src: /usr/local
+ dest: /usr/local.orig
+ mode: preserve
diff --git a/home/dot_local/share/ansible/tasks/qubes/vm-template-tmpl.yml b/home/dot_local/share/ansible/tasks/qubes/vm-template-tmpl.yml
new file mode 100644
index 00000000..749bcf07
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/vm-template-tmpl.yml
@@ -0,0 +1,21 @@
+---
+- name: Randomize MAC address and ensure no hostname leaks (Source -> https://github.com/Qubes-Community/Contents/blob/master/docs/privacy/anonymizing-your-mac-address.md)
+ include_tasks: tasks/qubes/randomize-mac.yml
+ when: randomize_mac_address | default(false)
+
+- include_tasks: tasks/qubes/vm-common.yml
+
+- name: Ensure /etc/skel /usr/local.orig is setup for inheritence
+ become: true
+ copy:
+ src: '{{ item.src }}'
+ dest: '{{ item.dest }}'
+ mode: '{{ item.mode }}'
+ remote_src: true
+ with_items:
+ - src: /home
+ dest: /etc/skel
+ mode: preserve
+ - src: /usr/local
+ dest: /usr/local.orig
+ mode: preserve
diff --git a/home/dot_local/share/ansible/tasks/qubes/vm-template-whonix.yml b/home/dot_local/share/ansible/tasks/qubes/vm-template-whonix.yml
new file mode 100644
index 00000000..daa07608
--- /dev/null
+++ b/home/dot_local/share/ansible/tasks/qubes/vm-template-whonix.yml
@@ -0,0 +1,53 @@
+---
+- name: Repair broken packages with apt
+ become: true
+ command: apt --fix-broken install
+
+- name: Ensure Debian systems are updated
+ become: true
+ apt:
+ cache_valid_time: 3600
+ force_apt_get: true
+ update_cache: true
+ upgrade: dist
+
+- name: Ensure qubes-gpg-split and qubes-u2f are installed (unofficial templates may fail since the packages are not available)
+ become: true
+ ansible.builtin.apt:
+ name:
+ - qubes-gpg-split
+ - qubes-u2f
+ state: latest
+ ignore_errors: true
+
+- name: Ensure all the common roles are applied to the custom TemplateVMs
+ vars:
+ qubes_whonix: true
+ include_role:
+ name: '{{ role }}'
+ loop:
+ # - roles/system/dns # Goes wherever DNS resolver is pending Qubes Forum answer
+ - roles/services/antivirus
+ - roles/services/elasticagent
+ - roles/services/portmaster
+ - roles/services/wazuh
+ loop_control:
+ label: '{{ inventory_hostname }}'
+ loop_var: role
+
+- include_tasks: tasks/qubes/vm-common.yml
+
+- name: Ensure /etc/skel /usr/local.orig is setup for inheritence
+ become: true
+ copy:
+ src: '{{ item.src }}'
+ dest: '{{ item.dest }}'
+ mode: '{{ item.mode }}'
+ remote_src: true
+ with_items:
+ - src: /home/
+ dest: /etc/skel/
+ mode: preserve
+ - src: /usr/local/
+ dest: /usr/local.orig/
+ mode: preserve
diff --git a/home/dot_local/share/ansible/test/darwin/ansible.cfg b/home/dot_local/share/ansible/test/darwin/ansible.cfg
new file mode 100644
index 00000000..14cdfa2f
--- /dev/null
+++ b/home/dot_local/share/ansible/test/darwin/ansible.cfg
@@ -0,0 +1,5 @@
+[defaults]
+ansible_managed = "Managed by Megabyte Labs via Ansible"
+command_warnings = False
+inventory = inventory
+roles_path=~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:../
diff --git a/home/dot_local/share/ansible/test/darwin/inventory b/home/dot_local/share/ansible/test/darwin/inventory
new file mode 100644
index 00000000..2302edae
--- /dev/null
+++ b/home/dot_local/share/ansible/test/darwin/inventory
@@ -0,0 +1 @@
+localhost ansible_connection=local
diff --git a/home/dot_local/share/ansible/test/darwin/test.sh b/home/dot_local/share/ansible/test/darwin/test.sh
new file mode 100644
index 00000000..d553ac61
--- /dev/null
+++ b/home/dot_local/share/ansible/test/darwin/test.sh
@@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+
+# @file test/darwin/test.sh
+# @brief A script that is used to test the role's macOS compatibility via a
+# [GitHub action](https://gitlab.com/megabyte-labs/common/ansible/-/blob/master/files-role/.github/workflows/macOS.yml).
+
+TEST_TYPE='darwin'
+
+# @description Ensure Ansible is installed
+if ! type ansible &> /dev/null; then
+ pip3 install ansible
+fi
+
+# @description Ensure Ansible Galaxy dependencies are installed
+if [ -f requirements.yml ]; then
+ ansible-galaxy install -r requirements.yml
+fi
+
+# @description Symlink the Ansible Galaxy role name to the working directory one level up
+ROLE_NAME="$(grep "role:" test/darwin/test.yml | sed 's^- role: ^^' | xargs)"
+ln -s "$(basename "$PWD")" "../$ROLE_NAME"
+
+# @description Back up files and then copy replacements
+function backupAndCopyFiles() {
+ if [ -f ansible.cfg ]; then
+ cp ansible.cfg ansible.cfg.bak
+ fi
+ cp "test/$TEST_TYPE/ansible.cfg" ansible.cfg
+ if [ -f test.yml ]; then
+ cp test.yml test.yml.bak
+ fi
+ cp "test/$TEST_TYPE/test.yml" test.yml
+}
+
+# @description Restores files that were backed up
+function restoreFiles() {
+ if [ -f ansible.cfg.bak ]; then
+ mv ansible.cfg.bak ansible.cfg
+ fi
+ if [ -f test.yml.bak ]; then
+ mv test.yml.bak test.yml
+ fi
+}
+
+# @description Calls [restoreFiles] and exits with an error
+function restoreFilesAndExitError() {
+ restoreFiles
+ exit 1
+}
+
+# @description Back up files, run the play, and then restore files
+backupAndCopyFiles
+ansible-playbook -i "test/$TEST_TYPE/inventory" test.yml || restoreFilesAndExitError
+restoreFiles
diff --git a/home/dot_local/share/ansible/test/darwin/test.yml b/home/dot_local/share/ansible/test/darwin/test.yml
new file mode 100644
index 00000000..49f3a81e
--- /dev/null
+++ b/home/dot_local/share/ansible/test/darwin/test.yml
@@ -0,0 +1,4 @@
+---
+- hosts: localhost
+ roles:
+ - role: .
diff --git a/home/dot_local/share/ansible/test/linux/ansible.cfg b/home/dot_local/share/ansible/test/linux/ansible.cfg
new file mode 100644
index 00000000..14cdfa2f
--- /dev/null
+++ b/home/dot_local/share/ansible/test/linux/ansible.cfg
@@ -0,0 +1,5 @@
+[defaults]
+ansible_managed = "Managed by Megabyte Labs via Ansible"
+command_warnings = False
+inventory = inventory
+roles_path=~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:../
diff --git a/home/dot_local/share/ansible/test/linux/inventory b/home/dot_local/share/ansible/test/linux/inventory
new file mode 100644
index 00000000..2302edae
--- /dev/null
+++ b/home/dot_local/share/ansible/test/linux/inventory
@@ -0,0 +1 @@
+localhost ansible_connection=local
diff --git a/home/dot_local/share/ansible/test/linux/test.sh b/home/dot_local/share/ansible/test/linux/test.sh
new file mode 100644
index 00000000..e547f522
--- /dev/null
+++ b/home/dot_local/share/ansible/test/linux/test.sh
@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+# @file test/linux/test.sh
+# @brief A script used to test Ubuntu ARM on Travis CI and possibly other scenarios
+
+TEST_TYPE='linux'
+
+# @description Ensure Ansible is installed
+if ! type ansible &> /dev/null; then
+ pip3 install ansible
+fi
+
+# @description Ensure Ansible Galaxy dependencies are installed
+if [ -f requirements.yml ]; then
+ ansible-galaxy install -r requirements.yml
+fi
+
+# @description Symlink the Ansible Galaxy role name to the working directory one level up
+ROLE_NAME="$(grep "role:" test/linux/test.yml | sed 's^- role: ^^' | xargs)"
+ln -s "$(basename "$PWD")" "../$ROLE_NAME"
+
+# @description Back up files and then copy replacements
+function backupAndCopyFiles() {
+ if [ -f ansible.cfg ]; then
+ cp ansible.cfg ansible.cfg.bak
+ fi
+ cp "test/$TEST_TYPE/ansible.cfg" ansible.cfg
+ if [ -f test.yml ]; then
+ cp test.yml test.yml.bak
+ fi
+ cp "test/$TEST_TYPE/test.yml" test.yml
+}
+
+# @description Restores files that were backed up
+function restoreFiles() {
+ if [ -f ansible.cfg.bak ]; then
+ mv ansible.cfg.bak ansible.cfg
+ fi
+ if [ -f test.yml.bak ]; then
+ mv test.yml.bak test.yml
+ fi
+}
+
+# @description Calls [restoreFiles] and exits with an error
+function restoreFilesAndExitError() {
+ restoreFiles
+ exit 1
+}
+
+# @description Back up files, run the play, and then restore files
+backupAndCopyFiles
+ansible-playbook -i "test/$TEST_TYPE/inventory" test.yml || restoreFilesAndExitError
+restoreFiles
diff --git a/home/dot_local/share/ansible/test/linux/test.yml b/home/dot_local/share/ansible/test/linux/test.yml
new file mode 100644
index 00000000..49f3a81e
--- /dev/null
+++ b/home/dot_local/share/ansible/test/linux/test.yml
@@ -0,0 +1,4 @@
+---
+- hosts: localhost
+ roles:
+ - role: .
diff --git a/home/dot_local/share/ansible/test/windows/ansible.cfg b/home/dot_local/share/ansible/test/windows/ansible.cfg
new file mode 100644
index 00000000..82640402
--- /dev/null
+++ b/home/dot_local/share/ansible/test/windows/ansible.cfg
@@ -0,0 +1,10 @@
+[defaults]
+ansible_managed = "Managed by Megabyte Labs via Ansible"
+command_warnings = False
+inventory = inventory
+roles_path=~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:../
+
+[winrm_connection]
+scheme = https
+server_cert_validation = ignore
+transport = credssp,ssl
diff --git a/home/dot_local/share/ansible/test/windows/inventory b/home/dot_local/share/ansible/test/windows/inventory
new file mode 100644
index 00000000..0f46ef04
--- /dev/null
+++ b/home/dot_local/share/ansible/test/windows/inventory
@@ -0,0 +1 @@
+windows-ci ansible_host=localhost ansible_user=runneradmin ansible_password=AnsibleTest999 ansible_connection=winrm ansible_winrm_server_cert_validation=ignore ansible_winrm_transport=credssp
diff --git a/home/dot_local/share/ansible/test/windows/test.ps1 b/home/dot_local/share/ansible/test/windows/test.ps1
new file mode 100644
index 00000000..9b477786
--- /dev/null
+++ b/home/dot_local/share/ansible/test/windows/test.ps1
@@ -0,0 +1,38 @@
+# @file tests/windows/test.ps1
+# @brief Runs an Ansible play on a GitHub Actions CI shared Windows runner
+#
+# @description
+# This PowerShell script prepares a GitHub Actions CI shared Windows runner to test an
+# Ansible play for Windows compatibility. Since Ansible cannot run on Windows,
+# it uses WSL to run the play on the Windows host. The script performs the following tasks
+# in order:
+#
+# 1. Changes the administrator password to AnsibleTest999 since it is unknown
+# 2. Sets up WinRM CredSSP which Ansible connects with since SSH is currently not a viable option for
+# connecting to the Windows host from a WSL environment. The script this step uses is an
+# official example of how to set up WinRM on Windows for Ansible.
+# 3. Runs the Ansible play via WSL
+
+# @description Update admin password to AnsibleTest999
+Write-Host "Changing $env:UserName password to 'AnsibleTest999'"
+$NewPassword = ConvertTo-SecureString "AnsibleTest999" -AsPlainText -Force
+Set-LocalUser -Name $env:UserName -Password $NewPassword
+
+Write-Host "Setting up WinRM CredSSP"
+$url = "https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1"
+$file = "$env:temp\ConfigureRemotingForAnsible.ps1"
+(New-Object -TypeName System.Net.WebClient).DownloadFile($url, $file)
+PowerShell.exe -ExecutionPolicy ByPass -File $file -Verbose -EnableCredSSP -DisableBasicAuth -ForceNewSSLCert
+
+# Alternate method which works if using winrm_connection_scheme http
+# winrm quickconfig -q force
+# winrm set winrm/config/service '@{AllowUnencrypted="true"}'
+# winrm get winrm/config
+# winrm enumerate winrm/config/listener
+
+# POC for using Docker instead of WSL to do the provisioning:
+# Write-Host "Running the Ansible play on the local machine via a Docker container with Ansible"
+# $CurrentLocation = Get-Location
+# $WorkDirectory = Split-Path -leaf -path (Get-Location)
+# $HostIP = (Get-NetIPConfiguration | Where-Object -Property IPv4DefaultGateway).IPv4Address.IPAddress
+# docker run -v $("$($CurrentLocation)"+':/'+$WorkDirectory) -w $('/'+$WorkDirectory) --add-host='windows-docker:'$HostIP --entrypoint /bin/sh megabytelabs/ansible:slim ./tests/windows/test.sh
diff --git a/home/dot_local/share/ansible/test/windows/test.sh b/home/dot_local/share/ansible/test/windows/test.sh
new file mode 100644
index 00000000..4b527b2c
--- /dev/null
+++ b/home/dot_local/share/ansible/test/windows/test.sh
@@ -0,0 +1,59 @@
+#!/usr/bin/env bash
+
+# @file test/windows/test.sh
+# @brief A script that is used to test an Ansible role on Windows from a WSL environment (or possibly Docker)
+#
+# @description This script is intended to be run in a WSL environment on a Windows host to provision the Windows
+# host via Ansible using WinRM and CredSSP.
+
+TEST_TYPE='windows'
+
+# @description Ensure Ansible is installed along with required dependencies
+if ! type ansible &> /dev/null; then
+ pip3 install ansible 'pywinrm[credssp]'
+fi
+
+# @description Ensure Ansible Galaxy dependencies are installed
+if [ -f requirements.yml ]; then
+ ansible-galaxy install -r requirements.yml
+fi
+
+# @description Symlink the Ansible Galaxy role name to the working directory one level up
+ROLE_NAME="$(grep "role:" test/windows/test.yml | sed 's^- role: ^^' | xargs)"
+ln -s "$(basename "$PWD")" "../$ROLE_NAME"
+
+# @description Back up files and then copy replacements
+function backupAndCopyFiles() {
+ if [ -f ansible.cfg ]; then
+ cp ansible.cfg ansible.cfg.bak
+ fi
+ cp "test/$TEST_TYPE/ansible.cfg" ansible.cfg
+ if [ -f test.yml ]; then
+ cp test.yml test.yml.bak
+ fi
+ cp "test/$TEST_TYPE/test.yml" test.yml
+}
+
+# @description Restores files that were backed up
+function restoreFiles() {
+ if [ -f ansible.cfg.bak ]; then
+ mv ansible.cfg.bak ansible.cfg
+ fi
+ if [ -f test.yml.bak ]; then
+ mv test.yml.bak test.yml
+ fi
+}
+
+# @description Calls [restoreFiles] and exits with an error
+function restoreFilesAndExitError() {
+ restoreFiles
+ exit 1
+}
+
+# @description Silence error about ansible.cfg being writable
+export ANSIBLE_CONFIG="$PWD/ansible.cfg"
+
+# @description Back up files, run the play, and then restore files
+backupAndCopyFiles
+ansible-playbook -i "test/$TEST_TYPE/inventory" test.yml || restoreFilesAndExitError
+restoreFiles
diff --git a/home/dot_local/share/ansible/test/windows/test.yml b/home/dot_local/share/ansible/test/windows/test.yml
new file mode 100644
index 00000000..f503c566
--- /dev/null
+++ b/home/dot_local/share/ansible/test/windows/test.yml
@@ -0,0 +1,4 @@
+---
+- hosts: windows-ci
+ roles:
+ - role: .