add ansible playbooks for managing dnf packages

None of my Linux machines have GPUs capable
of accelerating LLMs. Give up on having a
service auto-enable ollama.

homes/linux-desktop.nix

@@ -36,19 +36,6 @@ in {
   };
   systemd.user = {
     services = {
-      ollama = {
-        Unit = {
-          Description = "Ollama local LLM service";
-          After = [ "network.target" ];
-        };
-        Service = {
-          Type = "simple";
-          ExecStart = "${pkgs.ollama}/bin/ollama serve";
-          Restart = "always";
-        };
-        Install = { WantedBy = [ "default.target" ]; };
-      };
-
       freetube-sync = {
         Unit = {
           Description = "Sync FreeTube settings with Nextcloud";

inventory.yaml

@@ -0,0 +1,12 @@
+---
+all:
+  hosts:
+    localhost:
+      ansible_connection: local
+  children:
+    workstations:
+      hosts:
+        harmony:
+          ansible_connection: local
+        odyssey:
+          ansible_connection: local

playbook.yaml

@@ -0,0 +1,22 @@
+---
+- name: Configure harmony
+  hosts: harmony
+  become: true
+  tasks:
+    - name: Include arch-specific tasks
+      ansible.builtin.include_tasks: playbooks/asahi.yaml
+    - name: Include Linux tasks
+      ansible.builtin.include_tasks: playbooks/fedora.yaml
+    - name: Include desktop tasks
+      ansible.builtin.include_tasks: playbooks/desktop.yaml
+
+- name: Configure odyssey
+  hosts: odyssey
+  become: true
+  tasks:
+    - name: Include arch-specific tasks
+      ansible.builtin.include_tasks: playbooks/amd64.yaml
+    - name: Include Linux tasks
+      ansible.builtin.include_tasks: playbooks/fedora.yaml
+    - name: Include desktop tasks
+      ansible.builtin.include_tasks: playbooks/desktop.yaml

playbooks/amd64.yaml

@@ -0,0 +1,42 @@
+---
+# Playbook for x86-64 specific systems
+
+### ================ ###
+### Package installs ###
+### ================ ###
+
+### Repositories ###
+- name: Install RPM Fusion free repository
+  ansible.builtin.dnf:
+    name: "https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-{{ ansible_distribution_major_version }}.noarch.rpm"
+    state: present
+    disable_gpg_check: false
+- name: Install RPM Fusion nonfree repository
+  ansible.builtin.dnf:
+    name: "https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-{{ ansible_distribution_major_version }}.noarch.rpm"
+    state: present
+    disable_gpg_check: false
+- name: Install RPM Fusion free-tainted repository
+  ansible.builtin.dnf:
+    name: rpmfusion-free-release-tainted
+    state: present
+- name: Install Zotero COPR repository
+  community.general.copr:
+    name: "mozes/zotero7"
+
+### Packages ###
+- name: Install x86-specific packages
+  ansible.builtin.dnf:
+    name:
+      - libdvdcss
+      - mkvtoolnix
+      - mpv
+      - x264
+      - x264-libs
+    state: present
+
+- name: Install VeraCrypt
+  ansible.builtin.dnf:
+    name: https://launchpad.net/veracrypt/trunk/1.26.20/+download/veracrypt-1.26.20-Fedora-40-x86_64.rpm
+    state: present
+    disable_gpg_check: true

playbooks/asahi.yaml

@@ -0,0 +1,20 @@
+---
+# Asahi Linux playbook - to be run on all Asahi Linux hosts
+
+### ================ ###
+### Package installs ###
+### ================ ###
+
+### Repositories ###
+- name: Install Zotero COPR repository
+  community.general.copr:
+    name: "@isaksamsten/Zotero"
+- name: Install VeraCrypt COPR repository
+  community.general.copr:
+    name: "@architektapx/veracrypt"
+
+### Packages ###
+- name: Install aarch64-specific packages
+  ansible.builtin.dnf:
+    name:
+      - veracrypt

playbooks/desktop.yaml

@@ -0,0 +1,84 @@
+---
+# Desktop environment playbook - common to all desktop Fedora hosts
+
+### ================ ###
+### Package installs ###
+### ================ ###
+
+### Repositories ###
+
+# Add Terra - the source of the Zed editor
+- name: Determine if Terra is installed
+  ansible.builtin.stat:
+    path: /etc/yum.repos.d/terra.repo
+  register: terra_installed
+- name: Install Terra repository
+  ansible.builtin.shell: |
+    dnf install --nogpgcheck --repofrompath 'terra,https://repos.fyralabs.com/terra$releasever' terra-release
+  when: not terra_installed.stat.exists
+  register: terra_install
+  changed_when: terra_install.rc == 0
+- name: Determine Terra repository priority
+  ansible.builtin.shell:
+    cmd: set -o pipefail && dnf --dump-repo-config=terra | grep 'priority = 100' || echo "false"
+    executable: /bin/bash
+  register: terra_check
+  changed_when: false
+- name: Set Terra repository priority to low
+  ansible.builtin.shell: dnf config-manager setopt terra\*.priority=100
+  when: "'false' in terra_check.stdout"
+  register: terra_priority
+  changed_when: terra_priority.rc != 0
+
+# Add FirefoxPWA repository
+- name: Install FirefoxPWA repository
+  ansible.builtin.yum_repository:
+    name: firefoxpwa
+    description: FirefoxPWA repository
+    baseurl: https://packagecloud.io/filips/FirefoxPWA/fedora/$releasever/$basearch
+    gpgcheck: true
+    gpgkey: https://packagecloud.io/filips/FirefoxPWA/gpgkey
+    enabled: true
+
+# Add RStudio copr repository
+- name: Install RStudio copr repository
+  community.general.copr:
+    name: "iucar/rstudio"
+
+### Packages ###
+
+# Install common desktop environment packages
+- name: Install common desktop environment packages
+  ansible.builtin.dnf:
+    name:
+      - chromium
+      - firefoxpwa
+      - inkscape
+      - kate
+      - kdenlive
+      - kdiff3
+      - krita
+      - musescore
+      - nextcloud-client
+      - nextcloud-client-dolphin
+      - obs-studio
+      - qownnotes
+      - qt
+      - rssguard
+      - rstudio-desktop
+      - steam
+      - thunderbird
+      - vlc
+      - vorta
+      - yakuake
+      - zed
+      - zotero
+      - R
+    state: present
+
+# noarch url packages
+- name: Install Microsoft Core Fonts
+  ansible.builtin.dnf:
+    name: https://downloads.sourceforge.net/project/mscorefonts2/rpms/msttcore-fonts-installer-2.6-1.noarch.rpm
+    state: present
+    disable_gpg_check: true

playbooks/fedora.yaml

@@ -0,0 +1,45 @@
+---
+# Ansible playbook common to all Fedora systems
+
+### Package installs ###
+# Repositories
+
+# Tailscale
+- name: Install Tailscale repo
+  ansible.builtin.yum_repository:
+    name: tailscale-stable
+    description: Tailscale stable repo
+    baseurl: https://pkgs.tailscale.com/stable/fedora/$basearch
+    enabled: true
+    gpgcheck: true
+    gpgkey: https://pkgs.tailscale.com/stable/fedora/repo.gpg
+
+### dnf packages
+- name: Install common Linux packages
+  ansible.builtin.dnf:
+    name:
+      - tailscale
+      - zsh
+    state: present
+
+### ======================= ###
+### Install determinate nix ###
+### ======================= ###
+- name: Determine if Nix is installed
+  ansible.builtin.shell: |
+    /nix/var/nix/profiles/default/bin/nix --version
+  register: nix_check
+  ignore_errors: true
+  changed_when: false
+- name: Download Determinate Nix installer
+  ansible.builtin.get_url:
+    url: https://install.determinate.systems/nix
+    dest: /tmp/nix-installer
+    mode: 755
+  when: nix_check.rc != 0
+- name: Install Nix via Determinate Nix installer
+  ansible.builtin.shell: |
+    sh /tmp/nix-installer install linux --verbose --no-confirm
+  when: nix_check.rc != 0
+  register: nix_install
+  changed_when: nix_install.rc == 0