@installdoc/ansible-gas-station
v2.1.0
Published
An Ansible playbook that provisions your network with software from GitHub Awesome lists, developed with disaster recovery in mind ⛽🔥🤤
Downloads
90
Maintainers
Readme
A no-stone-unturned Ansible playbook you can use to set up the ultimate home lab or on-premise addition to your cloud!
Table of Contents
- Introduction
- Quick Start
- Supported Operating Systems
- Requirements
- Software
- Web Applications
- Philosophy
- Architecture
- Managing Environments
- Contributing
- License
Introduction
Welcome to a new way of doing things. Born out of complete paranoia and a relentless pursuit of the best of GitHub Awesome lists, Gas Station aims to add the capability of being able to completely wipe whole networks and restore them on a regular basis. It takes a unique approach to network provisioning because it supports desktop provisioning as a first-class citizen. By default, without much configuration, it is meant to provision and maintain the state of a network that includes development workstations and servers. One type of user that might benefit from this project is a web developer who wants to start saving the state of their desktop as code. Another type of user is one who wants to start hosting RAM-intensive web applications in their home-lab environment to save huge amounts on cloud costs. This project is also meant to be maintainable by a single person. Granted, if you look through our eco-system you will see we are well-equipped for supporting entire teams as well.
Gas Station a collection of Ansible playbooks, configurations, scripts, and roles meant to provision computers and networks with the "best of GitHub". By leveraging Ansible, you can provision your whole network relatively fast in the event of a disaster or scheduled network reset. This project is also intended to increase the security of your network by allowing you to frequently wipe, reinstall, and re-provision your network, bringing it back to its original state. This is done by backing up container storage volumes (like database files and Docker volumes) to encrypted S3 buckets, storing configurations in encrypted git repositories, and leveraging GitHub-sourced power tools to make the job easy-peasy.
This project started when a certain somebody changed their desktop wallpaper to an cute picture of a cat 🐱 when, all of a sudden, their computer meowed. Well, it actually started before that but no one believes someone who claims that time travelers hacked them on a regular basis. Tip: If you are stuck in spiritual darkness involving time travelers, save yourself some headaches by adopting an other-people first mentality that may include volunteering, tithing, and surrendering to Jesus Christ. Anyway, enough preaching!
Gas Station is:
- Highly configurable - most roles come with optional variables that you can configure to change the behavior of the role
- Highly configured - in-depth research is done to ensure each software component is configured with bash completions, plugins that are well-received by the community, and integrated with other software used in the playbook
- Compatible with all major operating systems (i.e. Windows, Mac OS X, Ubuntu, Fedora, CentOS, Debian, and even Archlinux)
- The product of a team of experts
- An amazing way to learn about developer tools that many would consider to be "the best of GitHub"
- Open to new ideas - feel free to open an issue or contribute with a pull request!
Quick Start
The easiest way to run the entire playbook, outlined in the main.yml
file, is to run the appropriate command listed below. These commands will run the playbook on the machine you run the command on. This is probably the best way to get your feet wet before you decide to give us a ⭐ and customize the playbook for your own needs. Ideally, this command should be run on the machine that you plan on running Ansible with to provision the other computers on your network. It is only guaranteed to work on fresh installs so testing it out with Vagrant is highly encouraged.
Vagrant (Recommended)
To test it out with Vagrant, you can run the following commands which will open up an interactive dialog where you can pick which operating system and virtualization provider you wish to test the installation with:
bash .config/scripts/start.sh # Only required if you do not have the dependencies (i.e. Task) already installed
task ansible:test:vagrant
macOS/Linux
curl -sS https://gitlab.com/megabyte-labs/gas-station/-/raw/master/files/quickstart.sh | bash
Windows
In an administrative PowerShell session, run:
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://gitlab.com/megabyte-labs/gas-station/-/raw/master/files/quickstart.ps1'))
Supported Operating Systems
The following chart shows the operating systems that have been tested for compatibility using the environments/dev/
environment. This chart is automatically generated using the Ansible Molecule tests you can view in the molecule/default/
folder. We currently have logic in place to automatically handle the testing of Windows, Mac OS X, Ubuntu, Fedora, CentOS, Debian, and Archlinux. If your operating system is not listed but is a variant of one of the systems we test (i.e. a Debian-flavored system or a RedHat-flavored system) then it might still work.
compatibility_matrix
Requirements
- Python >=3.7
- Ansible >=2.9
- Ansible controller should be a macOS/Linux environment (WSL/Docker can be used on Windows)
Host Requirements
There are Python and Ansible package requirements need to be installed by running the following command (or equivalent) in the root of this repository:
if type poetry &> /dev/null; then poetry install --no-root; else pip3 install -r .config/requirements.txt; fi
ansible-galaxy install requirements.yml
Easier Method of Installing the Host Requirements
You can also run bash .config/scripts/start.sh
if you do not mind development dependencies being installed as well. This method will even handle installing Python 3 and Ansible.
Operating System
This playbook is built and tested to run on fresh installs of Windows, Mac OS X, Ubuntu, Fedora, Debian, CentOS, and Archlinux. It may still be possible to run the playbook on your current machine. However, installing the playbook on a fresh install is the only thing we actively support. That said, if you come across an issue with an environment that already has configurations and software present, please do not hesitate to open an issue.
Connection
SSH (or WinRM in the case of Windows) and Python should be available on the target systems you would like to provision. If you are attempting to provision a Windows machine, you can ensure that WinRM is enabled and configured so that you can remotely provision the Windows target by running the following command with PowerShell:
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://gitlab.com/megabyte-labs/gas-station/-/raw/master/files/client.ps1'))
MAS on Mac OS X
We use mas to install apps from the App Store in some of our roles. Sadly, automatically signing into the App Store is not possible on OS X 10.13+ via mas. This is because mas no longer supports login functionality on OS X 10.13+.
There is another caveat with mas. In order to install an application using mas, the application has to have already been added via the App Store GUI. This means that the first time around you will have to install the apps via the App Store GUI so they are associated with your App Store account.
Software
This project breaks down software into a role (found in the subdirectories of the roles/
folder) if the software requires anything other than being added to the PATH
variable. Below is a quick description of what each role does. Browsing through this list, along with the conditions laid out in main.yml
, you will be able to get a better picture of what software will be installed by the default main.yml
playbook.
role_descriptions
We encourage you to browse through the repositories that are linked to in the table above to learn about the configuration options they support.
Binaries
A lot of nifty software does not require any configuration other than being added to the PATH
or being installed with an installer like brew
. For this kind of software that requires no configuration, we list the software we would like installed by the playbook as a variable in group_vars/
or host_vars/
as an array of keys assigned to the software
variable (example here). With those keys, we install the software using the [professormanhattan.genericinstaller](https://galaxy.ansible.com/professormanhattan/genericinstaller)
role which determines how to install the binaries by looking up the keys against the software_package
object (example here). For your convienience, the software we recommend and install by default is listed below:
| Package | Description | | -------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | | act | To run Github Actions locally | | altair | A beautiful feature-rich GraphQL Client for all platforms | | askgit | Query git repositories with SQL. Generate reports, perform status checks, analyze codebases | | bandwhich | Terminal bandwidth utilization tool | | bane | Custom & better AppArmor profile generator for Docker containers | | bat | Clone of cat(1) with syntax highlighting and Git integration | | betwixt | Web Debugging Proxy based on Chrome DevTools Network panel | | bin | Effortless binary manager | | bitwarden | The desktop vault (Windows, macOS, & Linux) | | bivac | Backup Interface for Volumes Attached to Containers | | boilr | boilerplate template manager that generates files or directories from template repositories | | captain | Helps manage docker-compose.yml files from anywhere in the file system | | cerebro | Open-source productivity booster with a brain | | clair | Vulnerability Static Analysis for Containers | | consul-cli | Command line interface to Consul HTTP API | | croc | Easily and securely send things from one computer to another | | ctop | Top-like interface for container metrics | | cumulus | A SoundCloud player that lives in the menubar | | dasel | Select, put and delete data from JSON, TOML, YAML, XML and CSV files with a single tool | | dat | peer-to-peer sharing & live syncronization of files via command line | | dat-desktop | Peer to peer data syncronization | | delta | A syntax-highlighting pager for git and diff output | | dive | A tool for exploring each layer in a docker image | | desed | Debugger for Sed: demystify and debug the sed scripts, from comfort of terminal | | deta | Command line interface for managing Deta micros and deployments | | direnv | Extension to load and unload environment variables depending on the current directory | | docker-slim | Extension to minify and secure Docker images | | dockle | Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start | | doctl | The official command line interface for the DigitalOcean API | | dog | A command-line DNS client | | duf | a better 'df' alternative | | dust | A more intuitive version of du in rust | | envconsul | Launch a subprocess with environment variables using data from @hashicorp Consul and Vault | | fd | A simple, fast and user-friendly alternative to 'find' | | felony | An open-source pgp keychain built on the modern web with Electron, React, and Redux | | ffsend | Easily and securely share files from the command line, a fully featured Firefox Send client | | filebrowser | Web file browser | | fm | Terminal file manager | | fselect | Extension to find files with SQL-like queries | | fq | jq for binary formats | | fuego | Fuego is a command line client for the firestore database | | g-assist | A cross-platform unofficial Google Assistant Client for Desktop | | ganache | Personal blockchain for Ethereum development | | gitify | GitHub notifications on the menu bar | | gitleaks | Extension to scan git repos (or files) for secrets using regex and entropy | | gitomatic | A tool to monitor git repositories and automatically pull & push changes | | glab | An open-source GitLab command line tool bringing GitLab's cool features to your command line | | glow | Glow is a terminal based markdown reader designed from the ground up to bring out the beauty—and power—of the CLI | | gojq | gojq is a pure Go implementation of jq that is mostly backwards compatible (but not completely) | | go-chromecast | cli for Google Chromecast, Home devices and Cast Groups | | gping | Ping, but with a graph | | grex | A command-line tool and library for generating regular expressions from user-provided test cases | | gron | Extension to make JSON greppable | | hclq | Command-line processor for HashiCorp config files, like sed for HCL — Terraform, Consul, Nomad, Vault | | hexyl | A command-line hex viewer | | hey | HTTP load generator, ApacheBench (ab) replacement, formerly known as rakyll/boom | | hostctl | This tool gives more control over the use of hosts file | | htmlq | A lightweight and flexible command-line JSON processor for HTML | | hyperfine | A command-line benchmarking tool | | jiq | Create jq queries interactively by leveraging a live reload feature in the terminal | | jitsi-meet-electron | Desktop application for Jitsi Meet built with Electron | | jo | JSON output from a shell | | jq | Command-line JSON processor | | kdash | A simple and fast dashboard for Kubernetes | | kubenav | kubenav is the navigator for your Kubernetes clusters right in your pocket | | license | Command-line license text generator | | linuxkit | A toolkit for building secure, portable and lean operating systems for containers | | manta | Flexible invoicing desktop app with beautiful & customizable templates | | mark-text | A simple and elegant markdown editor, available for Linux, macOS and Windows | | masscode | A free and open source code snippets manager for developers | | mc | MinIO Client is a replacement for ls, cp, mkdir, diff and rsync commands for filesystems and object storage | | mjml-app | The desktop app for MJML | | mkcert | A simple zero-config tool to make locally trusted development certificates with any names | | mockoon | Mockoon is the easiest and quickest way to run mock APIs locally. No remote deployment, no account required, open source | | motrix | A full-featured download manager | | mqttx | Elegant Cross-platform MQTT 5.0 Desktop Client | | muffet | Fast website link checker in Go | | mullvad-vpn | The Mullvad VPN client app for desktop and mobile | | nebula | A scalable overlay networking tool | | nnn | A full-featured terminal file manager | | node-prune | Extension to remove unnecessary files from node_modules | | nomino | Batch rename utility for developers | | nuclear | Streaming music player that finds free music | | osquery | SQL powered operating system instrumentation, monitoring, and analytics | | ots | Share end-to-end encrypted secrets with others via a one-time URL | | oq | A performant, and portable jq wrapper to facilitate the consumption and output of formats other than JSON; using jq filters to transform the data | | page-fetch | Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files | | pass | Password manager | | pastel | A command-line tool to generate, analyze, convert and manipulate colors | | peco | Simplistic interactive filtering tool | | pony | Local file-based password, API key, secret, recovery code store backed by GPG | | pretzel | Pretzel is Mac desktop app that shows and find keyboard shortcuts based on your current app | | procs | A modern replacement for ps written in Rust | | psu | CLI client for Portainer | | pup | Parsing HTML at the command line | | q | Run SQL directly on CSV or TSV files | | responsively | A modified web browser that helps in responsive web development | | rip | A safe and ergonomic alternative to rm | | runjs | A JavaScript playground that auto-evaluates as you type | | s5cmd | Parallel S3 and local filesystem execution tool | | schema | A tool to infer and instantiate schemas and translate between data formats | | scrcpy | A simple & beautiful GUI application for scrcpy | | sd | Intuitive find & replace CLI (sed alternative) | | shfmt | A shell parser, formatter, and interpreter with bash support; includes shfmt | | skm | A simple and powerful SSH keys manager | | sqlectron | A simple and lightweight SQL client desktop with cross database and platform support | | ssh-vault | Encrypt/decrypt using ssh keys | | ssl-proxy | Simple zero-config SSL reverse proxy with real autogenerated certificates | | switchhosts | Extension to switch hosts | | sysbench | System performance benchmark tool | | tabby | A terminal for a more modern age | | task | A task runner / simpler Make alternative written in Go | | teleport | Modern SSH server for teams managing distributed infrastructure | | tflint | A Pluggable Terraform Linter | | temps | Simple menubar application based on Electron with actual weather information and forecast | | tokei | Tokei is a program that displays statistics about the code | | transfer | Converts from one encoding to another | | trivy | Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues | | up | Ultimate Plumber is a tool for writing Linux pipes with instant live preview | | udemy-downloader-gui | A desktop application for downloading Udemy Courses | | waypoint | A tool to build, deploy, and release any application on any platform | | websocat | CLI for interacting with web sockets | | webtorrent | Streaming torrent app for Mac, Windows, and Linux | | Whaler | Whaler takes a Docker image and attempts to reverse engineer the Dockerfile that created it | | wkhtmltopdf | Convert HTML to PDF using Webkit (QtWebKit) | | xurls | Extract urls from text | | yq | Process YAML documents from the CLI |
NPM Packages
NPM provides a huge catalog of useful CLIs and libraries so we also include a useful and interesting default set of NPM-hosted CLIs for hosts in the desktop
group (defined here, for example):
| Package | Description | | ---------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | @angular/cli | Official CLI for Angular capable of generating new projects, generating boilerplate files, and testing apps with LiveReload | | @cloudflare/wrangler | A CLI tool designed for folks who are interested in using Cloudflare Workers | | @ionic/cli | A command line interface (CLI) is go-to tool for developing Ionic apps | | @nestjs/cli | A command-line interface tool that helps you to initialize, develop, and maintain your Nest applications | | @sentry/cli | A Sentry command line client for some generic tasks | | @vercel/ncc | CLI for compiling a Node.js module into a single file, together with all its dependencies, gcc-style | | auto-install | Auto installs dependencies as you code | | bitly-cli-client | Shorten links with Bitly in the terminal | | browser-sync | test desktop and mobile versions of a website at the same time | | caniuse-cmd | Caniuse command line tool | | carbon-now-cli | Tool that generates beautiful images of source code through an intuitive UI, while customizing aspects like fonts, themes, window controls and much mor | | commitizen | The commitizen command line utility | | cordova | The command line tool to build, deploy and manage Cordova-based applications | | deviceframe | Put device frames around mobile/web/progressive app screenshots | | editly | A tool and framework for declarative NLE (non-linear video editing) using Node.js and ffmpeg | | electron | A tool that enables to write cross-platform desktop applications using JavaScript, HTML and CSS | | emma-cli | Install the package you are looking for | | emoj | Find relevant emoji from text on the command-line | | empty-trash-cli | A CLI to empty the trash | | eslint | A tool for identifying and reporting on patterns found in ECMAScript/JavaScript code | | fastify-cli | Command line tools for Fastify. Generate, write, and run an application with one single command | | firebase-tools | The Firebase Command Line Interface (CLI) Tools can be used to test, manage, and deploy Firebase project from the command line | | fkill-cli | Fabulously kill processes. Cross-platform. | | fx | Command-line JSON processing tool | | git-open | Type git open to open the repo website (GitHub, GitLab, Bitbucket) in browser | | google-font-installer | Google Font Installer is a NodeJS module/CLI that lets you Search, Download and Install fonts offered by Google Web Fonts | | gtop | System monitoring dashboard for terminal | | gulp | A toolkit that helps you automate painful or time-consuming tasks in your development workflow | | imgur-uploader-cli | CLI to upload images to imgur | | ios-deploy | Command line tool to install aand debug iOS apps | | ipfs-deploy | Upload static website to IPFS pinning services and optionally update DNS | | is-up-cli | Check whether a website is up or down using the isitup.org API | | localtunnel | localtunnel exposes localhost to the world for easy testing and sharing | | mjml | A markup language created by Mailjet and designed to reduce the pain of coding a responsive email | | nativefier | Tool to make any web page a desktop application | | nectarjs | A JavaScript native compiler | | newman | A command-line collection runner for Postman | | np | A better npm publish | | npm-check | Check for outdated, incorrect, and unused dependencies | | nrm | nrm can help you easy and fast switch between different npm registries | | oclif | A framework for building CLIs in Node.js | | package-size | Tool to get the bundle size of an npm package | | pageres-cli | A CLI to capture screenshots of websites in various resolutions | | playwright | Single API to automate Chromium, WebKit, and Firefox (available as a CLI and library) | | pm2 | PM2 is a production process manager for Node.js applications with a built-in load balancer | | pkg | This command line interface enables you to package your Node.js project into an executable that can be run even on devices without Node.js installed | | prettier | A code formatter | | psi | PageSpeed Insights with reporting | | ramda-cli | A tool for processing data with functional pipelines in the command-line or interactively in browser | | serve | Static file serving and directory listing | | serverless | Serverless Framework – Build web, mobile and IoT applications with serverless architectures using AWS Lambda, Azure Functions, Google CloudFunctions & more | | share-cli | Quickly share files from your command line | | sharp-cli | CLI for sharp, a high performance Node.js image processing module | | speed-test | Test your internet connection speed and ping using speedtest.net from the CLI | | stegcloak | StegCloak is a pure JavaScript steganography module designed in functional programming style, to hide secrets inside text by compressing and encrypting the secret before cloaking it with special unicode invisible characters | | supdock | A CLI for running commands like "docker logs" in an easier, more interactive way