this was spun out of agares (which has sense been deprecated) to keep my machine setup bullshit separate from deploys and small docker-compose files not deserving of their own repo.
- [ ] use docker for as much as possible (still WIP; pleroma is a notable non-docker core service I gotta figure out)
- [ ] use ansible for deployment (still WIP; mostly done, pleroma hasn't been moved over to ansible but I think that's the last thing)
- [X] use ansible-vault for secrets management.
- when I was a small baby in running my own infrastructure i used real bad default passwords because I didn't know how to do secrets management and just, like, thought I was clever for opting out? oops.
- [ ] be able to bootstrap my infrastructure from nothing (recovery scenario in case of house fire, robbery, whatever) with a single command.
running ~ansible-vault edit~ opens a file in my $EDITOR transparently, without prompting me for a passphrase ever. same for deploying; you don't have to pass ~--ask-vault-pass~ ever again!! fuck that's so useful.
this is included as a submod and I had to reimplement some of my secrets management / group vars and stuff in the submodule's ansible setup. kind of a pain, frankly, but i'm using a tracking mirror to follow ~ansible-docker-matrix~'s github repo, so there's a lot of work i /don't/ have to do with my setup.
houses small scripts that i used to use before i moved to ansible for most things. these should probably all get deleted or converted to ansible roles.
*** mac-client
- set up brew
- install req packages
*** win-client
- install packages through chocolatey
- disable a bunch of default shit.
*** nix
- add repos
- download key to install pscore
- update apt and install packages
- automatically create userchrome.css file/dir for ff