commit e2543baf2dc8d929a55af7766341c2a0fcfb4c73
Author: Kyle Isom <kyle@imap.cc>
Date:   Mon Apr 10 19:55:24 2023 -0700

    Initial import.

diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..c491233
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,15 @@
+I :=	inventory
+L :=	"$(shell hostname -s)"
+C :=	-c local
+K :=	-K
+P :=	site.yml
+
+all: deploy
+
+check:
+	ansible-playbook -i $I -l $L $C $K --syntax-check $P
+
+deploy:
+	ansible-playbook -i $I -l $L $C $K $P
+
+.PHONY: all check deploy
diff --git a/answer b/answer
new file mode 100755
index 0000000..d7a556e
--- /dev/null
+++ b/answer
@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+
+pushd $HOME/src/ansible
+ansible-playbook -i inventory -l $(hostname -s) -c local -K site.yml
diff --git a/cmd/rsha256/main.go b/cmd/rsha256/main.go
new file mode 100644
index 0000000..ae5a896
--- /dev/null
+++ b/cmd/rsha256/main.go
@@ -0,0 +1,54 @@
+package main
+
+import (
+	"crypto/sha256"
+	"flag"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"path/filepath"
+
+	"github.com/kisom/goutils/lib"
+)
+
+func fetch(remote string) ([]byte, error) {
+	resp, err := http.Get(remote)
+	if err != nil {
+		return nil, err
+	}
+
+	defer resp.Body.Close()
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+	return body, nil
+}
+
+func main() {
+	flag.Parse()
+
+	for _, remote := range flag.Args() {
+		u, err := url.Parse(remote)
+		if err != nil {
+			lib.Warn(err, "parsing %s", remote)
+			continue
+		}
+
+		name := filepath.Base(u.Path)
+		if name == "" {
+			lib.Warnx("source URL doesn't appear to name a file")
+			continue
+		}
+
+		body, err := fetch(remote)
+		if err != nil {
+			lib.Warn(err, "fetching %s", remote)
+			continue
+		}
+
+		h := sha256.Sum256(body)
+		fmt.Printf("%s: sha256:%x\n", name, h)
+	}
+}
diff --git a/go.mod b/go.mod
new file mode 100644
index 0000000..800b3b3
--- /dev/null
+++ b/go.mod
@@ -0,0 +1,7 @@
+module git.wntrmute.dev/kyle/ansible
+
+go 1.20
+
+require github.com/kisom/goutils v1.4.3
+
+require golang.org/x/sys v0.7.0 // indirect
diff --git a/go.sum b/go.sum
new file mode 100644
index 0000000..b527752
--- /dev/null
+++ b/go.sum
@@ -0,0 +1,4 @@
+github.com/kisom/goutils v1.4.3 h1:N81mTXtO2LCpoqVtOrKthH5Abm0MknjX54QS8DmpQIk=
+github.com/kisom/goutils v1.4.3/go.mod h1:Lp5qrquG7yhYnWzZCI/68Pa/GpFynw//od6EkGnWpac=
+golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU=
+golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
diff --git a/inventory b/inventory
new file mode 100644
index 0000000..296b41a
--- /dev/null
+++ b/inventory
@@ -0,0 +1,2 @@
+[laptop]
+petrichor
diff --git a/roles/base/files/default-keyboard b/roles/base/files/default-keyboard
new file mode 100644
index 0000000..25bb3a5
--- /dev/null
+++ b/roles/base/files/default-keyboard
@@ -0,0 +1,11 @@
+# KEYBOARD CONFIGURATION FILE
+
+# Consult the keyboard(5) manual page.
+
+XKBMODEL="pc105"
+XKBLAYOUT="us"
+XKBVARIANT=""
+XKBOPTIONS="ctrl:swapcaps,compose:ralt"
+
+BACKSPACE="guess"
+
diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
new file mode 100644
index 0000000..c11fa1a
--- /dev/null
+++ b/roles/base/tasks/main.yml
@@ -0,0 +1,67 @@
+- name: set up keyboard controls
+  become: true
+  ansible.builtin.copy:
+    dest: /etc/default/keyboard
+    owner: root
+    group: root
+    mode: 0644
+    content: |
+      # KEYBOARD CONFIGURATION FILE
+      # Consult the keyboard(5) manual page.
+      # managed by ansible
+
+      XKBMODEL="pc105"
+      XKBLAYOUT="us"
+      XKBVARIANT=""
+      XKBOPTIONS="ctrl:swapcaps,compose:ralt"
+
+      BACKSPACE="guess"
+
+- name: set up common tools
+  become: true
+  ansible.builtin.apt: name={{ item }} state=present
+  with_items:
+    - acpitool
+    - curl
+    - emacs
+    - htop
+    - iftop
+    - iotop
+    - imagemagick
+    - keychain
+    - mg
+    - pandoc
+    - par
+    - powertop
+    - pwgen
+    - ranger
+    - rlwrap
+    - rsync
+    - silversearcher-ag
+    - sudo
+    - tcpdump
+    - time
+    - tmux
+    - tree
+    - unzip
+    - vim-gtk
+    - zsh
+
+- name: set up desktop environments
+  become: true
+  ansible.builtin.apt: name={{ item }} state=present
+  with_items:
+    - i3
+    - i3lock
+
+- name: set up xprogs
+  become: true
+  ansible.builtin.apt: name={{ item }} state=present
+  with_items:
+    - arandr
+    - evince
+    - feh
+    - firefox
+    - gparted
+    - scrot
+    - vlc
diff --git a/roles/development/defaults/main.yml b/roles/development/defaults/main.yml
new file mode 100644
index 0000000..d0bbfd8
--- /dev/null
+++ b/roles/development/defaults/main.yml
@@ -0,0 +1,2 @@
+go_version: 1.20.3
+bazelisk_version: 1.16.0
diff --git a/roles/development/files/buildifier.tgz b/roles/development/files/buildifier.tgz
new file mode 100644
index 0000000..6550d35
Binary files /dev/null and b/roles/development/files/buildifier.tgz differ
diff --git a/roles/development/files/godeb-amd64.tar.gz b/roles/development/files/godeb-amd64.tar.gz
new file mode 100644
index 0000000..74b6156
Binary files /dev/null and b/roles/development/files/godeb-amd64.tar.gz differ
diff --git a/roles/development/handlers/main.yml b/roles/development/handlers/main.yml
new file mode 100644
index 0000000..e86b48e
--- /dev/null
+++ b/roles/development/handlers/main.yml
@@ -0,0 +1,6 @@
+- name: Restart docker service
+  become: true
+  ansible.builtin.service:
+    name: docker
+    state: restarted
+  listen: "restart docker service"
diff --git a/roles/development/tasks/main.yml b/roles/development/tasks/main.yml
new file mode 100644
index 0000000..b068340
--- /dev/null
+++ b/roles/development/tasks/main.yml
@@ -0,0 +1,210 @@
+- name: install dev tools
+  ansible.builtin.apt: name={{ item }} state=present
+  become: true
+  with_items:
+    - autoconf
+    - automake
+    - build-essential
+    - clang
+    - cloc
+    - cmake
+    - devscripts
+    - erlang
+    - gcc
+    - golang-google-genproto-dev
+    - golang-goprotobuf-dev
+    - golang-protobuf-extensions-dev
+    - git
+    - ipython3
+    - libprotobuf-dev
+    - lua5.3
+    - luarocks
+    - make
+    - protobuf-compiler
+    - python3-pip
+    - sbcl
+    - texinfo
+    - tig
+    - zlib1g
+    - zlib1g-dev
+
+## golang
+- name: install godeb
+  become: true
+  ansible.builtin.unarchive:
+    src: "{{ role_path }}/files/godeb-amd64.tar.gz"
+    dest: /usr/local/bin
+    creates: /usr/local/bin/godeb
+
+- name: install go
+  become: true
+  ansible.builtin.command: godeb install "{{ go_version }}"
+  args:
+    chdir: /tmp
+    creates: /usr/local/go/bin/go
+
+## bazel
+- name: "install bazelisk v{{ bazelisk_version }}"
+  ansible.builtin.get_url:
+    checksum: sha256:168851e70cf5f95c0e215e7f3aaca5132ffc3c8dd8f585a4157b0be2b53cfe32
+    dest: "/home/{{ laptop_user }}/.local/bin/bazelisk"
+    mode: 0755
+    url: "https://github.com/bazelbuild/bazelisk/releases/download/v{{ bazelisk_version }}/bazelisk-linux-amd64"
+
+# the process of getting buildifier in an automated way is onerous, ergo
+# this hack.
+- name: install buildifier
+  ansible.builtin.unarchive:
+    src: "{{ role_path }}/files/buildifier.tgz"
+    dest: "/home/{{ laptop_user }}/.local/bin"
+    creates: "/home/{{ laptop_user }}/.local/bin/buildifier"
+
+## virtualization and containerization
+- name: ensure repository key is installed
+  become: true
+  ansible.builtin.apt_key:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    state: present
+
+- name: ensure docker registry is available
+  become: true
+  ansible.builtin.apt_repository: repo='deb https://download.docker.com/linux/ubuntu bionic stable' state=present
+
+- name: rootfs building tools
+  ansible.builtin.apt: name={{ item }} state=present
+  become: true
+  with_items:
+    - dracut
+    - fusecram
+    - genext2fs
+    - genisoimage
+    - genromfs
+    - initramfs-tools
+    - makebootfat
+    - mmdebstrap
+    - proot
+    - pxelinux
+    - syslinux
+    - syslinux-efi
+    - syslinux-utils
+
+- name: install container and virtualisation management
+  become: true
+  ansible.builtin.apt: name={{ item }} state=present
+  with_items:
+    - conman
+    - crun
+    - docker-ce
+    - docker-compose
+    - ipxe-qemu
+    - kvmtool
+    - podman
+    - qemubuilder
+    - qemu-efi-aarch64
+    - qemu-efi-arm
+    - qemu-system-arm
+    - qemu-system
+    - qemu-system-x86
+    - qemu-system-gui
+    - qemu-user-static
+    - sbuild-qemu
+    - seabios
+    - u-boot-qemu
+    - virt-manager
+    - virt-top
+  notify: "restart docker service"
+
+- name: Ensure kvm group exists
+  become: true
+  ansible.builtin.group:
+    name: kvm
+    state: present
+
+- name: Ensure docker group exists
+  become: true
+  ansible.builtin.group:
+    name: docker
+    state: present
+
+- name: add laptop user {{ laptop_user }} to docker group
+  become: true
+  ansible.builtin.user:
+    name: "{{ laptop_user }}"
+    append: true
+    groups:
+      - docker
+
+## embedded dev stuff
+- name: installed embedded dev tools
+  ansible.builtin.apt: name={{ item }} state=present
+  become: true
+  with_items:
+    - avr-libc
+    - avrdude
+    - binutils-arm-none-eabi
+    - binutils-arm-linux-gnueabi
+    - binutils-arm-linux-gnueabihf
+    - binutils-avr
+    - gcc-arm-none-eabi
+    - gcc-arm-linux-gnueabi
+    - gcc-arm-linux-gnueabihf
+    - gcc-avr
+    - libstdc++-arm-none-eabi-newlib
+    - picocom
+    - pulseview
+    - sigrok
+
+
+## documentation stuff
+- name: install documentation tooling
+  become: true
+  ansible.builtin.apt: name={{ item }} state=present
+  with_items:
+    - asciidoc
+    - doxygen
+    - pelican
+    - pelican-doc
+    - python3-sphinx
+    - scdoc
+
+## vscode
+- name: add VS Code repo key
+  become: true
+  ansible.builtin.apt_key:
+    url: https://packages.microsoft.com/keys/microsoft.asc
+    state: present
+    validate_certs: yes
+
+- name: add VS Code repo
+  become: true
+  ansible.builtin.apt_repository:
+    repo: deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main
+    state: present
+    validate_certs: yes
+
+- name: install VS Code
+  become: true
+  ansible.builtin.apt: name=code state=present
+
+## AI/ML stuff
+
+- name: install machine learning and AI tools
+  become: true
+  ansible.builtin.apt:
+    name: "{{item}}"
+    state: present
+  with_items:
+    - jupyter-notebook
+
+- name: install machine learning and AI python packages
+  ansible.builtin.pip:
+    executable: pip3
+    name: "{{item}}"
+    extra_args: --user
+  with_items:
+    - Keras
+    - numpy
+    - scikit-learn
+    - scipy
+    - tensorflow
+    - torch
diff --git a/roles/dotfiles/files b/roles/dotfiles/files
new file mode 160000
index 0000000..07acc59
--- /dev/null
+++ b/roles/dotfiles/files
@@ -0,0 +1 @@
+Subproject commit 07acc59d73dc62afd9a78cb403faaaea22847a61
diff --git a/roles/dotfiles/tasks/main.yml b/roles/dotfiles/tasks/main.yml
new file mode 100644
index 0000000..a2230bb
--- /dev/null
+++ b/roles/dotfiles/tasks/main.yml
@@ -0,0 +1,38 @@
+- name: copy emacsd configuration
+  ansible.builtin.copy:
+    src: "{{ role_path }}/files/.emacs.d"
+    dest: "/home/{{ laptop_user }}/"
+    directory_mode: 0755
+    force: false
+
+- name: create binary directory
+  ansible.builtin.file:
+    path: "/home/{{ laptop_user }}/.local/bin"
+    state: directory
+    mode: 0755
+
+- name: copy em
+  ansible.builtin.copy:
+    src: "{{ role_path }}/files/bin/em"
+    dest: "/home/{{ laptop_user }}/.local/bin/em"
+    mode: 0755
+
+- name: copy various dotfiles
+  ansible.builtin.copy:
+    src: "{{ role_path }}/files/{{ item }}"
+    dest: "/home/{{ laptop_user }}/{{ item }}"
+    mode: 0644
+  with_items:
+    - .gitconfig
+    - .gitignore_global
+    - .hgrc
+    - .mg
+    - .vimrc
+    - .XCompose
+
+- name: copy vim directory
+  ansible.builtin.copy:
+    src: "{{ role_path }}/files/.vim"
+    dest: "/home/{{ laptop_user }}/"
+    directory_mode: 0755
+    force: false
diff --git a/roles/heavy/tasks/main.yml b/roles/heavy/tasks/main.yml
new file mode 100644
index 0000000..d3a6c26
--- /dev/null
+++ b/roles/heavy/tasks/main.yml
@@ -0,0 +1,63 @@
+- name: install Obsidian
+  ansible.builtin.get_url:
+    checksum: sha256:f215c1d30545ee9a9803a170df920bf8fa2d5e0a8fa87a21620bca11ae20b9dc
+    url: https://github.com/obsidianmd/obsidian-releases/releases/download/v1.1.16/Obsidian-1.1.16.AppImage
+    dest: "/home/{{ laptop_user }}/.local/bin/obsidian"
+
+- name: add signal repo key
+  become: true
+  ansible.builtin.apt_key:
+    url: https://updates.signal.org/desktop/apt/keys.asc
+    state: present
+    validate_certs: yes
+
+- name: add signal repo
+  become: true
+  ansible.builtin.apt_repository:
+    repo: deb [arch=amd64] https://updates.signal.org/desktop/apt xenial main
+    state: present
+    validate_certs: yes
+
+- name: install signal desktop
+  become: true
+  ansible.builtin.apt: name=signal-desktop state=present
+
+- name: add element repo key
+  become: true
+  ansible.builtin.apt_key:
+    url: https://packages.element.io/debian/element-io-archive-keyring.gpg
+    state: present
+    validate_certs: yes
+
+- name: add element repo
+  become: true
+  ansible.builtin.apt_repository:
+    repo: deb [arch=amd64] https://packages.element.io/debian/ default main
+    state: present
+    validate_certs: yes
+
+- name: install element desktop
+  become: true
+  ansible.builtin.apt: name=element-desktop state=present
+
+- name: install larger packages
+  become: true
+  ansible.builtin.apt: name={{ item }} state=present
+  with_items:
+    - chromium-browser
+    - redshift
+    - snapd
+    - texlive-full
+
+- name: install snap packages
+  become: true
+  community.general.snap: name={{ item }}
+  with_items:
+    - bitwarden
+    - spotify
+
+- name: install heroku toolkit from snap
+  become: true
+  community.general.snap:
+    name: heroku
+    classic: true
diff --git a/site.yml b/site.yml
new file mode 100644
index 0000000..6dc574c
--- /dev/null
+++ b/site.yml
@@ -0,0 +1,8 @@
+- hosts: laptop
+  roles:
+    - base
+    - dotfiles
+    - development
+    - heavy
+  vars:
+    laptop_user: kyle