A collection of Ansible playbooks to provision a (mostly) bootstrapped Ubuntu development desktop.
This repository is tailor-made for my needs, be warned:
make playbook- The playbooks MUST be idempotent.
- A reasonable attempt to secure most installations SHOULD be made (using checksums, signed packages, trusted sources, etc.)
- No important actions SHOULD be carried by hand on the target system, any changes SHOULD be captured in this repository/playbooks.
- There shall only be one operating system and version supported. I have zero interest in running anything but Ubuntu LTS at this time.
- Configuring GNOME Shell is done manually (mostly
dconfsettings, e.g., extensions, tweaks, key maps, etc.) - Dotfiles are managed separately in a different repository.
- Install Ubuntu Additional Drivers manually and reboot.
These will provide a better hardware stack, e.g., graphics, web cam, etc. - Install
ubuntu-gnome-desktop(withgdm3) and reboot, switch the default session before logging in.
Ubuntu comes with Unity out of the box which is… 💩 - Remove
unity*usingapt.
Burn it with 🔥 - Install security updates
apt update && apt upgrade(and perhapsapt dist-upgrade) followed by a reboot.
Be warned, the latter may bump the kernel version and OEM drivers could break as a result, proceed with caution. - Mess with
~/.fonts, Gnome Shell extensions, Gnome Tweak Tool, settings, personalisations, etc.
- Install
ubuntu-restricted-extrasto play DRM content on Netflix or watch YouTube/H.264 videos. - Consider using Cloudflare's public DNS
1.1.1.1&1.0.0.1on all networks. - Set up a VPN with a dedicated IP (my preferred supplied is, and has always been, VPNUK). The dedicated IP will come in handy when setting up firewalls.
- Oracle Java may still be needed to use government e-services. See Kamenitza Notepad’s blog post for more details.
-
Don't run
update-alternatives --set, instead when prompted to run a.jnlpfile in a browser, copy the URL to the file and usejavawsfrom the Oracle package to launch it instead:/opt/java/64/jre*/bin/javaws 'https://inetdec.nra.bg/ls/java/stampitls.jnlp'
-
- SSH:
- Complete the installation by running
google-authenticatorand following the prompts.
- Complete the installation by running
- Parcellite:
- To hide the annoying bottom-left corner icon, change the startup script to include
--no-icon
- To hide the annoying bottom-left corner icon, change the startup script to include
- Keybase:
- Complete the installation by running
run_keybaseand import public/private keys:$ keybase pgp export | gpg --import $ keybase pgp export -s | gpg --allow-secret-key-import --import
- Complete the installation by running
- Firefox:
- Run Cloudflare ESNI Checker and make sure all checks get a pass ✅
- Android Studio:
- Run Android Studio and complete the installation so the Android SDK is installed & available.
- When prompted, specify the install path as
/opt/android/sdk(the directory will be missing, you need to create it first).
- When prompted, specify the install path as
- Run Android Studio and complete the installation so the Android SDK is installed & available.
- Indexing Preferences (this applies to Ubuntu 16.04 and has since been removed in 18.04):
- See Disable Tracker for detailed steps. Turning indexing & location options off stops the deamon from consuming too much CPU & memory.
You'll need to download and unpack Oracle Java, then:
sudo ln -s /opt/java/64/jre1.8.0_251/lib/amd64/libnpjp2.so /usr/lib/mozilla/plugins/libnpjp2.so
mkdir -p /usr/local/lib64 && ln -s /usr/lib/x86_64-linux-gnu/libpcsclite.so.1.0.0 /usr/local/lib64/libpcsclite.soYou may now make use of severely outdated government websites.
mkdir -p ~/.local/share/tesseract-ocr/5/tessdata
cd ~/.local/share/tesseract-ocr/5/tessdata
wget https://github.com/tesseract-ocr/tessdata_best/raw/main/bul.traineddata
wget https://github.com/tesseract-ocr/tessdata_best/raw/main/eng.traineddata
wget https://github.com/tesseract-ocr/tessdata_best/raw/main/osd.traineddata
cp -R /usr/share/tesseract-ocr/5/tessdata/{configs,tessconfigs,pdf.ttf} /home/stan/.local/share/tesseract-ocr/5/tessdata
sudo chown -R stan: /home/stan/.local/share/tesseract-ocr/5/tessdata/{configs,tessconfigs,pdf.ttf}
echo 'export TESSDATA_PREFIX="${HOME}/.local/share/tesseract-ocr/5/tessdata"' >> ~/.localrc_stan-latitude_gnu_linuxsudo apt install unpaper
pip3.8 install --user ocrmypdfAs the playbooks grows, the system will inevitably accumulate cruft; as a result, installing/compiling a package may succeed with all dependencies having been met. This shall not necessarily be true when starting from scratch. To verify the playbooks' correctness on a vanilla Ubuntu system, use the provided Docker task:
make docker-playbookThis will start a new ephemeral container from a base Ubuntu image and run the playbooks from start to finish. 3
The following additions and modules are still experimental and haven't been added to the playbook.
sudo apt install libxcb-shape0-dev libxcb-xfixes0-dev libegl1-mesa-dev
cd /data/public
git clone https://github.com/alacritty/alacritty.git
cd alacritty
git checkout 3bfc4c2808d7e3ea50fb84780b4c30140114b3b1
cargo build --release
cp -r target/release/ /opt/alacritty-0.11.0-3bfc4c2808
tic -xe alacritty,alacritty-direct extra/alacritty.infoYou may want to modify urxvt launch files, too.
Footnotes
-
My Input font preferences are:
Input-BoldItalic_(InputMonoNarrow-BoldItalic).ttf,Input-Bold_(InputMonoNarrow-Bold).ttf,Input-Italic_(InputMonoNarrow-Italic).ttf&Input-Regular_(InputMonoNarrow-Regular).ttf. These are freely available. ↩ -
Noto is only needed for extended character sets,
NotoMono-Regular.ttfshould suffice. ↩ -
[…] with the notable exception of Flakpaks which require a reboot. ↩