Reorganize project: separate playbooks/ and files/, add shell-setup (fish+nvim+tide+lazyvim)

playbooks/add-ssh-key.yml

@@ -0,0 +1,15 @@
+---
+- name: Add SSH public key to VM user
+  hosts: proxmox_vms
+  gather_facts: false
+
+  vars:
+    target_user: vrubel
+    key_file: "{{ lookup('env', 'HOME') }}/.ssh/id_ed25519.pub"
+
+  tasks:
+    - name: Add public key to authorized_keys
+      ansible.posix.authorized_key:
+        user: "{{ target_user }}"
+        state: present
+        key: "{{ lookup('file', key_file) }}"

playbooks/bootstrap-new-client.yml

@@ -0,0 +1,34 @@
+---
+- name: Bootstrap local known_hosts from inventory
+  hosts: localhost
+  gather_facts: false
+
+  tasks:
+    - name: Ensure local ~/.ssh directory exists
+      ansible.builtin.file:
+        path: "{{ lookup('env', 'HOME') }}/.ssh"
+        state: directory
+        mode: "0700"
+
+    - name: Add VM host keys to local known_hosts
+      ansible.builtin.known_hosts:
+        path: "{{ lookup('env', 'HOME') }}/.ssh/known_hosts"
+        name: "{{ hostvars[item][\"ansible_host\"] }}"
+        key: "{{ lookup('pipe', 'ssh-keyscan -H ' ~ hostvars[item][\"ansible_host\"]) }}"
+        state: present
+      loop: "{{ groups[\"proxmox_vms\"] }}"
+
+- name: Add this client SSH public key to VM user
+  hosts: proxmox_vms
+  gather_facts: false
+
+  vars:
+    target_user: vrubel
+    key_file: "{{ lookup('env', 'HOME') }}/.ssh/id_ed25519.pub"
+
+  tasks:
+    - name: Add public key to authorized_keys
+      ansible.posix.authorized_key:
+        user: "{{ target_user }}"
+        state: present
+        key: "{{ lookup('file', key_file) }}"

playbooks/facts.yml

@@ -0,0 +1,16 @@
+---
+- name: Show VM facts
+  hosts: proxmox_vms
+  gather_facts: true
+
+  tasks:
+    - name: Print important facts
+      ansible.builtin.debug:
+        msg:
+          - "Host: {{ inventory_hostname }}"
+          - "Hostname: {{ ansible_facts[\"hostname\"] }}"
+          - "OS family: {{ ansible_facts[\"os_family\"] }}"
+          - "Distribution: {{ ansible_facts[\"distribution\"] }}"
+          - "Distribution version: {{ ansible_facts[\"distribution_version\"] }}"
+          - "Package manager: {{ ansible_facts[\"pkg_mgr\"] }}"
+          - "Python: {{ ansible_facts[\"python\"][\"executable\"] }}"

playbooks/generate-ssh-config.yml

@@ -0,0 +1,32 @@
+---
+- name: Generate local SSH config from Ansible inventory
+  hosts: localhost
+  gather_facts: false
+
+  vars:
+    ssh_config_file: "{{ lookup('env', 'HOME') }}/.ssh/config"
+    ssh_identity_file: "~/.ssh/id_ed25519"
+    ssh_host_suffix: "VM"
+    ssh_config_marker: "# {mark} ANSIBLE MANAGED HOME VM HOSTS"
+
+  tasks:
+    - name: Ensure ~/.ssh directory exists
+      ansible.builtin.file:
+        path: "{{ lookup('env', 'HOME') }}/.ssh"
+        state: directory
+        mode: "0700"
+
+    - name: Add Proxmox VM hosts to local SSH config
+      ansible.builtin.blockinfile:
+        path: "{{ ssh_config_file }}"
+        create: true
+        mode: "0600"
+        marker: "{{ ssh_config_marker }}"
+        block: |
+          {% for host in groups["proxmox_vms"] %}
+          Host {{ host }}{{ ssh_host_suffix }}
+            HostName {{ hostvars[host]["ansible_host"] }}
+            User {{ hostvars[host]["ansible_user"] | default("vrubel") }}
+            IdentityFile {{ ssh_identity_file }}
+
+          {% endfor %}

playbooks/shell-setup.yml

@@ -0,0 +1,88 @@
+---
+- name: Install fish, neovim, modern CLI tools and set fish as default shell
+  hosts: proxmox_vms
+  gather_facts: true
+  become: true
+
+  vars:
+    target_user: vrubel
+    packages:
+      - fish
+      - neovim
+      - lsd
+      - bat
+      - grc
+      - zoxide
+      - curl
+      - git
+
+  tasks:
+    - name: Install packages
+      ansible.builtin.package:
+        name: "{{ packages }}"
+        state: present
+
+    - name: Symlink batcat -> bat (Debian workaround)
+      ansible.builtin.file:
+        src: /usr/bin/batcat
+        dest: /usr/local/bin/bat
+        state: link
+      when: ansible_facts["os_family"] == "Debian"
+      ignore_errors: true
+
+    - name: Create ~/.config/fish directory
+      ansible.builtin.file:
+        path: "/home/{{ target_user }}/.config/fish"
+        state: directory
+        mode: "0755"
+        owner: "{{ target_user }}"
+        group: "{{ target_user }}"
+
+    - name: Deploy fish config
+      ansible.builtin.copy:
+        src: ../files/config.fish
+        dest: "/home/{{ target_user }}/.config/fish/config.fish"
+        owner: "{{ target_user }}"
+        group: "{{ target_user }}"
+        mode: "0644"
+
+    - name: Deploy fish_plugins
+      ansible.builtin.copy:
+        src: ../files/fish_plugins
+        dest: "/home/{{ target_user }}/.config/fish/fish_plugins"
+        owner: "{{ target_user }}"
+        group: "{{ target_user }}"
+        mode: "0644"
+
+    - name: Install fisher
+      become_user: "{{ target_user }}"
+      ansible.builtin.shell:
+        cmd: >
+          curl -sL https://raw.githubusercontent.com/jorgebucaran/fisher/main/functions/fisher.fish | source &&
+          fisher install jorgebucaran/fisher
+        executable: /usr/bin/fish
+        creates: "/home/{{ target_user }}/.config/fish/functions/fisher.fish"
+
+    - name: Run fisher update to install plugins
+      become_user: "{{ target_user }}"
+      ansible.builtin.shell:
+        cmd: fisher update
+        executable: /usr/bin/fish
+      changed_when: true
+
+    - name: Clone LazyVim starter
+      become_user: "{{ target_user }}"
+      ansible.builtin.git:
+        repo: https://github.com/LazyVim/starter
+        dest: "/home/{{ target_user }}/.config/nvim"
+        force: true
+
+    - name: Remove .git from nvim config
+      ansible.builtin.file:
+        path: "/home/{{ target_user }}/.config/nvim/.git"
+        state: absent
+
+    - name: Set fish as default shell
+      ansible.builtin.user:
+        name: "{{ target_user }}"
+        shell: /usr/bin/fish