Brought to you by Megabyte Labs
A no-stone-unturned Ansible playbook you can use to set up the ultimate home lab or on-premise addition to your cloud!
- Introduction
- Quick Start
- Supported Operating Systems
- Requirements
- Software
- Web Applications
- Philosophy
- Architecture
- Managing Environments
- Contributing
- License
Welcome to a new way of doing things. Born out of complete paranoia and a relentless pursuit of the best of GitHub Awesome lists, Gas Station aims to add the capability of being able to completely wipe whole networks and restore them on a regular basis. It takes a unique approach to network provisioning because it supports desktop provisioning as a first-class citizen. By default, without much configuration, it is meant to provision and maintain the state of a network that includes development workstations and servers. One type of user that might benefit from this project is a web developer who wants to start saving the state of their desktop as code. Another type of user is one who wants to start hosting RAM-intensive web applications in their home-lab environment to save huge amounts on cloud costs. This project is also meant to be maintainable by a single person. Granted, if you look through our eco-system you will see we are well-equipped for supporting entire teams as well.
Gas Station a collection of Ansible playbooks, configurations, scripts, and roles meant to provision computers and networks with the "best of GitHub". By leveraging Ansible, you can provision your whole network relatively fast in the event of a disaster or scheduled network reset. This project is also intended to increase the security of your network by allowing you to frequently wipe, reinstall, and re-provision your network, bringing it back to its original state. This is done by backing up container storage volumes (like database files and Docker volumes) to encrypted S3 buckets, storing configurations in encrypted git repositories, and leveraging GitHub-sourced power tools to make the job easy-peasy.
This project started when a certain somebody changed their desktop wallpaper to an cute picture of a cat π± when, all of a sudden, their computer meowed. Well, it actually started before that but no one believes someone who claims that time travelers hacked them on a regular basis. Tip: If you are stuck in spiritual darkness involving time travelers, save yourself some headaches by adopting an other-people first mentality that may include volunteering, tithing, and surrendering to Jesus Christ. Anyway, enough preaching!
Gas Station is:
- Highly configurable - most roles come with optional variables that you can configure to change the behavior of the role
- Highly configured - in-depth research is done to ensure each software component is configured with bash completions, plugins that are well-received by the community, and integrated with other software used in the playbook
- Compatible with all major operating systems (i.e. Windows, Mac OS X, Ubuntu, Fedora, CentOS, Debian, and even Archlinux)
- The product of a team of experts
- An amazing way to learn about developer tools that many would consider to be "the best of GitHub"
- Open to new ideas - feel free to open an issue or contribute with a pull request!
The easiest way to run the entire playbook, outlined in the main.yml file, is to run the appropriate command listed below. These commands will run the playbook on the machine you run the command on. This is probably the best way to get your feet wet before you decide to give us a β and customize the playbook for your own needs. Ideally, this command should be run on the machine that you plan on running Ansible with to provision the other computers on your network. It is only guaranteed to work on fresh installs so testing it out with Vagrant is highly encouraged.
To test it out with Vagrant, you can run the following commands which will open up an interactive dialog where you can pick which operating system and virtualization provider you wish to test the installation with:
bash .config/scripts/start.sh # Only required if you do not have the dependencies (i.e. Task) already installed
task ansible:test:vagrantcurl -sS https://gitlab.com/megabyte-labs/gas-station/-/raw/master/files/quickstart.sh | bashIn an administrative PowerShell session, run:
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://gitlab.com/megabyte-labs/gas-station/-/raw/master/files/quickstart.ps1'))The following chart shows the operating systems that have been tested for compatibility using the environments/dev/ environment. This chart is automatically generated using the Ansible Molecule tests you can view in the molecule/default/ folder. We currently have logic in place to automatically handle the testing of Windows, Mac OS X, Ubuntu, Fedora, CentOS, Debian, and Archlinux. If your operating system is not listed but is a variant of one of the systems we test (i.e. a Debian-flavored system or a RedHat-flavored system) then it might still work.
compatibility_matrix
- Python >=3.7
- Ansible >=2.9
- Ansible controller should be a macOS/Linux environment (WSL/Docker can be used on Windows)
There are Python and Ansible package requirements need to be installed by running the following command (or equivalent) in the root of this repository:
if type poetry &> /dev/null; then poetry install --no-root; else pip3 install -r .config/requirements.txt; fi
ansible-galaxy install requirements.yml
You can also run bash .config/scripts/start.sh if you do not mind development dependencies being installed as well. This method will even handle installing Python 3 and Ansible.
This playbook is built and tested to run on fresh installs of Windows, Mac OS X, Ubuntu, Fedora, Debian, CentOS, and Archlinux. It may still be possible to run the playbook on your current machine. However, installing the playbook on a fresh install is the only thing we actively support. That said, if you come across an issue with an environment that already has configurations and software present, please do not hesitate to open an issue.
SSH (or WinRM in the case of Windows) and Python should be available on the target systems you would like to provision. If you are attempting to provision a Windows machine, you can ensure that WinRM is enabled and configured so that you can remotely provision the Windows target by running the following command with PowerShell:
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://gitlab.com/megabyte-labs/gas-station/-/raw/master/files/client.ps1'))We use mas to install apps from the App Store in some of our roles. Sadly, automatically signing into the App Store is not possible on OS X 10.13+ via mas. This is because mas no longer supports login functionality on OS X 10.13+.
There is another caveat with mas. In order to install an application using mas, the application has to have already been added via the App Store GUI. This means that the first time around you will have to install the apps via the App Store GUI so they are associated with your App Store account.
This project breaks down software into a role (found in the subdirectories of the roles/ folder) if the software requires anything other than being added to the PATH variable. Below is a quick description of what each role does. Browsing through this list, along with the conditions laid out in main.yml, you will be able to get a better picture of what software will be installed by the default main.yml playbook.
role_descriptions
We encourage you to browse through the repositories that are linked to in the table above to learn about the configuration options they support.
A lot of nifty software does not require any configuration other than being added to the PATH or being installed with an installer like brew. For this kind of software that requires no configuration, we list the software we would like installed by the playbook as a variable in group_vars/ or host_vars/ as an array of keys assigned to the software variable (example here). With those keys, we install the software using the [professormanhattan.genericinstaller](https://galaxy.ansible.com/professormanhattan/genericinstaller) role which determines how to install the binaries by looking up the keys against the software_package object (example here). For your convienience, the software we recommend and install by default is listed below:
| Package | Description |
|---|---|
| act | To run Github Actions locally |
| altair | A beautiful feature-rich GraphQL Client for all platforms |
| askgit | Query git repositories with SQL. Generate reports, perform status checks, analyze codebases |
| bandwhich | Terminal bandwidth utilization tool |
| bane | Custom & better AppArmor profile generator for Docker containers |
| bat | Clone of cat(1) with syntax highlighting and Git integration |
| betwixt | Web Debugging Proxy based on Chrome DevTools Network panel |
| bin | Effortless binary manager |
| bitwarden | The desktop vault (Windows, macOS, & Linux) |
| bivac | Backup Interface for Volumes Attached to Containers |
| boilr | boilerplate template manager that generates files or directories from template repositories |
| cerebro | Open-source productivity booster with a brain |
| clair | Vulnerability Static Analysis for Containers |
| consul-cli | Command line interface to Consul HTTP API |
| croc | Easily and securely send things from one computer to another |
| ctop | Top-like interface for container metrics |
| cumulus | A SoundCloud player that lives in the menubar |
| dasel | Select, put and delete data from JSON, TOML, YAML, XML and CSV files with a single tool |
| dat | peer-to-peer sharing & live syncronization of files via command line |
| dat-desktop | Peer to peer data syncronization |
| delta | A syntax-highlighting pager for git and diff output |
| dive | A tool for exploring each layer in a docker image |
| desed | Debugger for Sed: demystify and debug the sed scripts, from comfort of terminal |
| deta | Command line interface for managing Deta micros and deployments |
| direnv | Extension to load and unload environment variables depending on the current directory |
| docker-slim | Extension to minify and secure Docker images |
| dockle | Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start |
| doctl | The official command line interface for the DigitalOcean API |
| dog | A command-line DNS client |
| duf | a better 'df' alternative |
| dust | A more intuitive version of du in rust |
| envconsul | Launch a subprocess with environment variables using data from @hashicorp Consul and Vault |
| fd | A simple, fast and user-friendly alternative to 'find' |
| felony | An open-source pgp keychain built on the modern web with Electron, React, and Redux |
| ffsend | Easily and securely share files from the command line, a fully featured Firefox Send client |
| filebrowser | Web file browser |
| fselect | Extension to find files with SQL-like queries |
| fq | jq for binary formats |
| fuego | Fuego is a command line client for the firestore database |
| g-assist | A cross-platform unofficial Google Assistant Client for Desktop |
| ganache | Personal blockchain for Ethereum development |
| gitify | GitHub notifications on the menu bar |
| gitleaks | Extension to scan git repos (or files) for secrets using regex and entropy |
| gitomatic | A tool to monitor git repositories and automatically pull & push changes |
| glab | An open-source GitLab command line tool bringing GitLab's cool features to your command line |
| glow | Glow is a terminal based markdown reader designed from the ground up to bring out the beautyβand powerβof the CLI |
| go-chromecast | cli for Google Chromecast, Home devices and Cast Groups |
| gping | Ping, but with a graph |
| grex | A command-line tool and library for generating regular expressions from user-provided test cases |
| gron | Extension to make JSON greppable |
| hclq | Command-line processor for HashiCorp config files, like sed for HCL β Terraform, Consul, Nomad, Vault |
| hexyl | A command-line hex viewer |
| hey | HTTP load generator, ApacheBench (ab) replacement, formerly known as rakyll/boom |
| hostctl | This tool gives more control over the use of hosts file |
| htmlq | A lightweight and flexible command-line JSON processor for HTML |
| hyperfine | A command-line benchmarking tool |
| jitsi-meet-electron | Desktop application for Jitsi Meet built with Electron |
| jo | JSON output from a shell |
| jq | Command-line JSON processor |
| kdash | A simple and fast dashboard for Kubernetes |
| kubenav | kubenav is the navigator for your Kubernetes clusters right in your pocket |
| license | Command-line license text generator |
| linuxkit | A toolkit for building secure, portable and lean operating systems for containers |
| manta | Flexible invoicing desktop app with beautiful & customizable templates |
| mark-text | A simple and elegant markdown editor, available for Linux, macOS and Windows |
| masscode | A free and open source code snippets manager for developers |
| mc | MinIO Client is a replacement for ls, cp, mkdir, diff and rsync commands for filesystems and object storage |
| mjml-app | The desktop app for MJML |
| mkcert | A simple zero-config tool to make locally trusted development certificates with any names |
| mockoon | Mockoon is the easiest and quickest way to run mock APIs locally. No remote deployment, no account required, open source |
| motrix | A full-featured download manager |
| mqttx | Elegant Cross-platform MQTT 5.0 Desktop Client |
| muffet | Fast website link checker in Go |
| mullvad-vpn | The Mullvad VPN client app for desktop and mobile |
| nebula | A scalable overlay networking tool |
| nnn | A full-featured terminal file manager |
| node-prune | Extension to remove unnecessary files from node_modules |
| nomino | Batch rename utility for developers |
| nuclear | Streaming music player that finds free music |
| osquery | SQL powered operating system instrumentation, monitoring, and analytics |
| ots | Share end-to-end encrypted secrets with others via a one-time URL |
| oq | A performant, and portable jq wrapper to facilitate the consumption and output of formats other than JSON; using jq filters to transform the data |
| page-fetch | Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files |
| pass | Password manager |
| pastel | A command-line tool to generate, analyze, convert and manipulate colors |
| peco | Simplistic interactive filtering tool |
| pony | Local file-based password, API key, secret, recovery code store backed by GPG |
| pretzel | Pretzel is Mac desktop app that shows and find keyboard shortcuts based on your current app |
| procs | A modern replacement for ps written in Rust |
| psu | CLI client for Portainer |
| pup | Parsing HTML at the command line |
| q | Run SQL directly on CSV or TSV files |
| responsively | A modified web browser that helps in responsive web development |
| rip | A safe and ergonomic alternative to rm |
| runjs | A JavaScript playground that auto-evaluates as you type |
| s5cmd | Parallel S3 and local filesystem execution tool |
| schema | A tool to infer and instantiate schemas and translate between data formats |
| scrcpy | A simple & beautiful GUI application for scrcpy |
| sd | Intuitive find & replace CLI (sed alternative) |
| shfmt | A shell parser, formatter, and interpreter with bash support; includes shfmt |
| skm | A simple and powerful SSH keys manager |
| snitch | OpenSnitch is a GNU/Linux port of the Little Snitch application firewall |
| sqlectron | A simple and lightweight SQL client desktop with cross database and platform support |
| ssh-vault | Encrypt/decrypt using ssh keys |
| ssl-proxy | Simple zero-config SSL reverse proxy with real autogenerated certificates |
| switchhosts | Extension to switch hosts |
| sysbench | System performance benchmark tool |
| tabby | A terminal for a more modern age |
| task | A task runner / simpler Make alternative written in Go |
| teleport | Modern SSH server for teams managing distributed infrastructure |
| tflint | A Pluggable Terraform Linter |
| temps | Simple menubar application based on Electron with actual weather information and forecast |
| tokei | Tokei is a program that displays statistics about the code |
| transfer | Converts from one encoding to another |
| trivy | Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues |
| up | Ultimate Plumber is a tool for writing Linux pipes with instant live preview |
| udemy-downloader-gui | A desktop application for downloading Udemy Courses |
| waypoint | A tool to build, deploy, and release any application on any platform |
| websocat | CLI for interacting with web sockets |
| webtorrent | Streaming torrent app for Mac, Windows, and Linux |
| wkhtmltopdf | Convert HTML to PDF using Webkit (QtWebKit) |
| xurls | Extract urls from text |
| yq | Process YAML documents from the CLI |
NPM provides a huge catalog of useful CLIs and libraries so we also include a useful and interesting default set of NPM-hosted CLIs for hosts in the desktop group (defined here, for example):
| Package | Description |
|---|---|
| @angular/cli | Official CLI for Angular capable of generating new projects, generating boilerplate files, and testing apps with LiveReload |
| @cloudflare/wrangler | A CLI tool designed for folks who are interested in using Cloudflare Workers |
| @ionic/cli | A command line interface (CLI) is go-to tool for developing Ionic apps |
| @nestjs/cli | A command-line interface tool that helps you to initialize, develop, and maintain your Nest applications |
| @prettier/plugin-ruby | A prettier plugin for the Ruby programming language and its ecosystem |
| @prettier/plugin-xml | A prettier plugin for XML. prettier is an opinionated code formatter that supports multiple languages and integrates with most editors |
| @sentry/cli | A Sentry command line client for some generic tasks |
| @vercel/ncc | CLI for compiling a Node.js module into a single file, together with all its dependencies, gcc-style |
| add-gitignore | CLI script that generates a .gitignore file for the projects |
| auto-install | Auto installs dependencies as you code |
| bitly-cli-client | Shorten links with Bitly in the terminal |
| browser-sync | test desktop and mobile versions of a website at the same time |
| caniuse-cmd | Caniuse command line tool |
| carbon-now-cli | Tool that generates beautiful images of source code through an intuitive UI, while customizing aspects like fonts, themes, window controls and much mor |
| commitizen | The commitizen command line utility |
| composerize | Turns docker run commands into docker-compose files |
| cordova | The command line tool to build, deploy and manage Cordova-based applications |
| deviceframe | Put device frames around mobile/web/progressive app screenshots |
| editly | A tool and framework for declarative NLE (non-linear video editing) using Node.js and ffmpeg |
| electron | A tool that enables to write cross-platform desktop applications using JavaScript, HTML and CSS |
| emma-cli | Install the package you are looking for |
| emoj | Find relevant emoji from text on the command-line |
| empty-trash-cli | A CLI to empty the trash |
| eslint | A tool for identifying and reporting on patterns found in ECMAScript/JavaScript code |
| fastify-cli | Command line tools for Fastify. Generate, write, and run an application with one single command |
| firebase-tools | The Firebase Command Line Interface (CLI) Tools can be used to test, manage, and deploy Firebase project from the command line |
| firetable | The Firetable CLI automates the steps required to set up the Firetable app and other operations on computer |
| fkill-cli | Fabulously kill processes. Cross-platform. |
| fx | Command-line JSON processing tool |
| gistup | Create a gist from the command line |
| git-open | Type git open to open the repo website (GitHub, GitLab, Bitbucket) in browser |
| git-standup | Shows commits from the last working day in the current directory and the directories below current level plus it comes with several options to modify how it behaves |
| google-font-installer | Google Font Installer is a NodeJS module/CLI that lets you Search, Download and Install fonts offered by Google Web Fonts |
| gtop | System monitoring dashboard for terminal |
| gulp | A toolkit that helps you automate painful or time-consuming tasks in your development workflow |
| imgur-uploader-cli | CLI to upload images to imgur |
| ios-deploy | Command line tool to install aand debug iOS apps |
| ipfs-deploy | Upload static website to IPFS pinning services and optionally update DNS |
| is-up-cli | Check whether a website is up or down using the isitup.org API |
| jp-cli | Simply parse JSON from any input source |
| jsfmt | For formatting, searching, and rewriting JavaScript. Analogous to gofmt |
| localtunnel | localtunnel exposes localhost to the world for easy testing and sharing |
| mjml | A markup language created by Mailjet and designed to reduce the pain of coding a responsive email |
| mklicense | CLI tool for generating Licenses |
| movie-cli | A CLI for getting information about a movies and comparing two movies |
| nativefier | Tool to make any web page a desktop application |
| navi | A JavaScript library for declaratively mapping URLs to asynchronous content |
| nectarjs | A JavaScript native compiler |
| newman | A command-line collection runner for Postman |
| np | A better npm publish |
| npm-check | Check for outdated, incorrect, and unused dependencies |
| nrm | nrm can help you easy and fast switch between different npm registries |
| nve | Run any command on specific Node.js versions |
| oclif | A framework for building CLIs in Node.js |
| package-size | Tool to get the bundle size of an npm package |
| pageres-cli | A CLI to capture screenshots of websites in various resolutions |
| playwright | Single API to automate Chromium, WebKit, and Firefox (available as a CLI and library) |
| pm2 | PM2 is a production process manager for Node.js applications with a built-in load balancer |
| pxi | pxi (pixie) is a small, fast, and magical command-line data processor similar to jq, mlr, and awk |
| pkg | This command line interface enables you to package your Node.js project into an executable that can be run even on devices without Node.js installed |
| prettier | A code formatter |
| prettier-package-json | A JSON formatter inspired by prettier |
| prettier-plugin-go-template | Tool to fix formatting for go template files |
| prettier-plugin-java | An opinionated code formatter which forces a certain coding style |
| prettier-plugin-properties | Adds support to Prettier for .properties files |
| prettier-plugin-sh | Prettier is an opinionated code formatter |
| prettier-plugin-toml | Prettier is an opinionated code formatter |
| psi | PageSpeed Insights with reporting |
| serve | Static file serving and directory listing |
| serverless | Serverless Framework β Build web, mobile and IoT applications with serverless architectures using AWS Lambda, Azure Functions, Google CloudFunctions & more |
| share-cli | Quickly share files from your command line |
| sharp-cli | CLI for sharp, a high performance Node.js image processing module |
| speed-test | Test your internet connection speed and ping using speedtest.net from the CLI |
| stegcloak | StegCloak is a pure JavaScript steganography module designed in functional programming style, to hide secrets inside text by compressing and encrypting the secret before cloaking it with special unicode invisible characters |
| surge | Publish web apps to a CDN with a single command and no setup required |
| svgo | SVG Optimizer is a Node.js-based tool for optimizing SVG vector graphics files |
| terminalizer | Record your terminal and generate animated gif images or share a web player link terminalizer.com |
| tinypng-cli | Handy command line tool for shrinking PNG images using the TinyPNG API |
| tldr | A Node.js based command-line client for tldr |
| typescript | A language for application-scale JavaScript |
| wallace-cli | Pretty CSS analytics in terminal |
| wifi-password-cli | CLI to get current wifi password |
| wordpressify | Automate your WordPress development workflow |
| zx | A tool for writing better scripts |
In a similar fashion to the NPM packages, we include a great set of default Python packages that are included by default for the desktop group (defined here):
| Package | Description |
|---|---|
| ansibleconnect | Parses Ansible inventory and opens up a tmux session for each host |
| ansible-lint | Lint tool that checks Ansible projects for best practices and problematic code |
| asciinema | Tool that records terminal session and replay them in a terminal as well as in a web browser |
| aws-shell | AWS shell is the interactive productivity booster for the AWS CLI |
| cookiecutter | A command-line utility that creates projects from cookiecutters (project templates) |
| gdown | An alternative to wget and curl that can handle downloading large files from Google Drive |
| git-filter-repo | Tool that aids in wiping particular sections of a repository |
| gixy | A tool to analyze Nginx configuration |
| httpstat | A script that reflects curl statistics in a fascinating and well-defined way, it is a single file which is compatible with Python 3 and requires no additional software (dependencies) to be installed on a users system |
| http-prompt | An interactive command-line HTTP client featuring autocomplete and syntax highlighting, built on HTTPie and prompt_toolkit |
| iredis | A terminal client for redis with auto-completion and syntax highlighting |
| kube-shell | An integrated shell for working with the Kubernetes CLI |
| litecli | A command-line client for SQLite databases that has auto-completion and syntax highlighting |
| netaddr | A system-independent network address manipulation library for Python 2.7 and 3.5+ |
| ngxtop | ngxtop parses your nginx access log and outputs useful, top-like, metrics of your nginx server |
| molecule | Molecule project is designed to aid in the development and testing of Ansible roles. Molecule provides support for testing with multiple instances, operating systems and distributions, virtualization providers, test frameworks and testing scenarios |
| mycli | Command line interface for MySQL database with auto-completion and syntax highlighting |
| pre-commit | A framework for managing and maintaining multi-language pre-commit hooks |
| pywhat | what is recursive |
| social-analyzer | API, CLI & Web App for analyzing & finding a personβs profile across social media websites |
| spotdl | A tool to download Spotify playlists and songs along with album art and metadata |
| starred | Generate a GitHub Awesome list directly from your starred repositories |
| statcode | man pages for HTTP status codes (used by running statcode 418, for instance) |
| truffleHog | A tool which makes it easier to search through the history of a git repository to discover passwords and other secrets |
| virtualenv | A tool for creating isolated virtual python environments |
| yamllint | A linter for YAML files |
A handful of Ruby gems are also installed on targets in the desktop group (defined here):
| Package | Description |
|---|---|
| bropages | Informative CLI tool that provides community-curated examples for most CLI programs |
| bundler | A tool that manages ruby application's gem dependencies through its entire life, across many machines, systematically and repeatably |
| chef | A systems integration framework, built to bring the benefits of configuration management to the entire infrastructure |
| cocoapods | A tool that manages library dependencies for Xcode project |
| fpm | A tool that converts directories, rpms, python eggs, rubygems, and more to rpms, debs, solaris packages and more |
| gist | A tool that provides a single function (Gist.gist) that uploads a gist |
| mdl | A style checker/lint tool for markdown files |
| t | A command-line power tool for Twitter |
A considerable amount of effort has gone into researching and finding the "best" VS Code extensions. They are defined here and Gas Station also installs a good baseline configuration which includes settings for these extensions:
| Package | Description |
|---|---|
| Angular.ng-template | Editor services for Angular template files |
| attilabuti.vscode-mjml | MJML preview, lint, and compile |
| bierner.markdown-emoji | Adds emoji syntax support to VS Code's built-in Markdown preview |
| ChakrounAnas.turbo-console-log | This extension make debugging much easier by automating the operation of writing meaningful log message |
| ChFlick.firecode | Firestore security rule support for Visual Studio Code |
| chrmarti.regex | Shows the current regular expression's matches in a side-by-side document |
| CoenraadS.bracket-pair-colorizer | This extension allows matching brackets to be identified with colours |
| cweijan.vscode-mysql-client2 | A database GUI for SQL, SQLite, MongoDB, Redis, and ElasticSearch |
| DavidAnson.vscode-markdownlint | Markdown/CommonMark linting and style checking for Visual Studio Code |
| dbaeumer.vscode-eslint | Integrates ESLint into VS Code |
| denoland.vscode-deno | Adds support for Deno (powered by the Deno language server) |
| dracula-theme.theme-dracula | A dark theme for Visual Studio Code |
| drewbourne.vscode-remark-lint | Use Unified, Remark, and Retext plugins to lint Markdown |
| eamodio.gitlens | GitLens is a popular extension that supercharges the Git capabilities built into VS Code |
| EditorConfig.EditorConfig | This plugin attempts to override user/workspace settings with setting found in .editorconfig files |
| esbenp.prettier-vscode | Prettier is an opinionated code formatter |
| ericadamski.carbon-now-sh | A VS Code extension to open the current editor content in carbon.now.sh |
| firefox-devtools.vscode-firefox-debug | A VS Code extension to debug web applications and extensions running in the Mozilla Firefox browser |
| firsttris.vscode-jest-runner | Manage, run, and debug individual Jest tests |
| formulahendry.auto-rename-tag | Automatically rename paired HTML/XML tag, same as Visual Studio IDE does |
| formulahendry.code-runner | Run code snippet or code file |
| GitHub.vscode-pull-request-github | Review and manage your GitHub pull requests and issues directly in VS Code |
| GitLab.gitlab-workflow | This extension integrates GitLab to VS Code |
| GoogleCloudTools.cloudcode | This extension brings the power and convenience of IDEs to cloud-native application development |
| golang.Go | This extension provides rich language support for the Go programming language, integrates with Google Cloud services like Google Kubernetes Engine, Cloud Run, Cloud APIs, and Secret Manager |
| HashiCorp.terraform | This extension adds syntax highlighting and other editing features for Terraform files using the Terraform Language Server |
| hediet.vscode-drawio | Allows editing draw.io images in VS Code by adding files ending with .drawio.png |
| IBM.output-colorizer | This extension adds syntax colorization for both the output/debug/extensions panel and *.log files, other extension that colorize the output panel will disable this extension |
| johnpapa.vscode-peacock | This extension subtly changes the color of the Visual Studio workspace |
| Kelvin.vscode-sshfs | Allows mounting SSH destinations as file system mounts inside VS Code |
| KnisterPeter.vscode-commitizen | Adds support for commitizen |
| kruemelkatze.vscode-dashboard | This VS code extension organize the projects in a speed-dial like manner |
| mads-hartmann.bash-ide-vscode | This extension utilizes the bash language server, that is based on Tree Sitter and its grammar for Bash and supports explainshell integration |
| mechatroner.rainbow-csv | provides info about column on hover, transforms and filters tables using built-in SQL-like query language |
| msjsdiag.debugger-for-chrome | This extension has been deprecated as Visual Studio Code now has a bundled JavaScript Debugger that covers the same functionality |
| msjsdiag.debugger-for-edge | This extension debugs JavaScript code in the Microsoft Edge browser, also used to enable JavaScript debugging inside the Microsoft Edge browser when launched from ASP.Net Projects in Visual Studio |
| ms-azuretools.vscode-docker | This extension makes it easy to build, manage, and deploy containerized applications from Visual Studio Code |
| ms-kubernetes-tools.vscode-kubernetes-tools | The extension for developers building applications to run in Kubernetes clusters and for DevOps staff troubleshooting Kubernetes applications |
| ms-vscode-remote.remote-containers | Containers extension enables the use a Docker container as a full-featured development environment |
| ms-vscode-remote.remote-ssh | SSH enables the use of any remote machine with a SSH server as the development environment |
| ms-vscode-remote.remote-wsl | WSL extension enables the use VS Code on Windows to build Linux applications that run on the Windows Subsystem for Linux(WSL) |
| ms-python.python | A VS Code extension with rich support for the Python language, including features such as IntelliSense (Pylance), linting, debugging, code navigation, code formatting, refactoring, variable explorer, test explorer, and more |
| ms-vscode.PowerShell | This extension provides rich PowerShell language support for Visual Studio Code |
| ms-vscode.vscode-typescript-tslint-plugin | This extension checks TypeScript code for readability, maintainability, and functionality errors |
| MS-vsliveshare.vsliveshare | This extension enables to collaboratively edit and debug with others in real time, regardless what programming languages are used |
| MS-vsliveshare.vsliveshare-audio | This extension enhances the existing Visual Studio Live Share experience, by enabling to quickly spin up an audio call directly from within Visual Studio Code, without needing to use a separate tool or service |
| njpwerner.autodocstring | Aids in writing Python doc strings via templates |
| nrwl.angular-console | A UI to accompany the Nx CLI |
| paulvarache.vscode-taskfile | This extension provides Intellisense, Tasks, a Tree View and Hover actions for your Taskfiles |
| philnash.ngrok-for-vscode | A VSCode extension for controlling ngrok from the command palette |
| PKief.material-icon-theme | Material design icons |
| pnp.polacode | A VSCode extension that creates unique and sharable screenshots of code |
| pranaygp.vscode-css-peek | A VSCode extension for peeking at CSS definitions from a class or id taq in HTML |
| quicktype.quicktype | An extension that generates types and helper code for reading JSON |
| RandomFractalsInc.vscode-data-preview | Preview, modify, analyze, and visualize data in a variety of formats |
| rbbit.typescript-hero | A VSCode extension to organize and sort all the TS imports |
| redhat.ansible | This extension adds language support for Ansible to Visual Studio Code and OpenVSX compatible editors by leveraging ansible-language-server |
| redhat.vscode-yaml | Provides comprehensive YAML Language support to Visual Studio Code, via the yaml-language-server, with built-in Kubernetes syntax support |
| richie5um2.vscode-sort-json | Alphabetically sorts the keys in selected JSON objects |
| Rubymaniac.vscode-paste-and-indent | This extension adds limited support for pasting and indenting code |
| salbert.comment-ts | Adds automatic templating of TypeScript-flavored JSDoc comments |
| shd101wyy.markdown-preview-enhanced | An extension that provides with many useful functionalities such as automatic scroll sync, math typesetting, mermaid, PlantUML, pandoc, PDF export, code chunk, presentation writer, etc |
| snipsnapdev.snipsnap-vscode | Snippet management engine with accompanying web app |
| softwaredotcom.swdc-vscode | A plugin for automatic programming metrics and time tracking Visual Studio Code |
| steoates.autoimport | An extension that automatically finds, parses and provides code actions and code completion for all available imports |
| stylelint.vscode-stylelint | A mighty, modern CSS linter that helps to enforce consistent conventions and avoid errors in stylesheets |
| TabNine.tabnine-vscode | Tabnine is the AI code completion tool trusted by millions of developers to code faster with fewer errors |
| timonwong.shellcheck | Integrates Shellcheck linting (linting for shell scripts) |
| toba.vsfire | A VSCode extension for syntax highlighting, hover help and code completions with Firestore security rules and index definition files |
| tyriar.sort-lines | An extension that sorts lines of text in Visual Studio Code |
| usernamehw.errorlens | An extension that charges language diagnostic features by making diagnostics stand out more prominently, highlighting the entire line wherever a diagnostic is generated by the language and also prints the message inline |
| valentjn.vscode-ltex | Adds LanguageTool functionality including grammar and spell-checking |
| VisualStudioExptTeam.vscodeintellicode | The IntelliCode extension for Visual Studio Code provides artificial intelligence-assisted IntelliSense for Python, Java, TypeScript, and JavaScript |
| vsciot-vscode.vscode-arduino | The Arduino extension makes it easy to develop, build, deploy and debug your Arduino sketches in Visual Studio Code, with a rich set of functionalities |
| vsls-contrib.codetour | Allows running, creating, and editting code tours which are a unique way of guiding contributors through the code base of a project |
| vsls-contrib.gistfs | A Visual Studio Code extension that allows you to edit GitHub Gists and repositories from the comfort of your favorite editor |
| WallabyJs.quokka-vscode | An extension for rapid JavaScript / TypeScript prototyping |
| wayou.vscode-todo-highlight | An extension that highlights TODO, FIXME, and other annotations within the code |
| wix.vscode-import-cost | This extension will display inline in the editor the size of the imported package |
| yatki.vscode-surround | Easily add code that surrounds other code like try/catches |
To reduce the amount of time it takes to configure Chromium-based browsers like Brave, Chromium, and Chrome, we also include the capability of automatically installing Chromium-based browser extensions (via a variable defined here):
| Package | Description |
|---|---|
| AdGuard AdBlocker | Blocks all types of ads on all web pages, even on Facebook, YouTube and all other websites |
| Bitly | Creates short, customized, powerful links from any page and share them with the world |
| Bitwarden | A secure and free password manager for all of the devices |
| Buffer | Shares contents to Instagram, Twitter, Facebook, Pinterest and LinkedIn from anywhere on the web |
| Checkbot | SEO, web speed, and security tester/crawler |
| Falcon | Chrome extension for full text history search |
| Floccus | Syncs bookmarks across browsers via Nextcloud, WebDAV or Google Drive |
| Git History Browser Extension | Adds a button to github to see the file history |
| Google Dictionary | View definitions easily as you browse the web |
| Grammarly | A Chrome extension for grammar and spelling to style and tone, and eliminate writing errors and find the perfect words to express |
| Headless Recorder | A Chrome extension for recording browser interaction and generating Puppeteer & Playwright scripts |
| HTTPS Everywhere | A Chrome extension to encrypt the Web! Automatically use HTTPS security on many sites |
| JSON Viewer Pro | A completely free extension to visualise JSON response in awesome Tree and Chart view with great user experience and options |
| LastPass | A password manager that saves passwords and gives secure access from every computer and mobile device |
| LanguageTool | Grammar and spelling checker with Google Docs integration |
| Markdown Here | A Chrome extension to write email in Markdown and render it (make it pretty!) before sending |
| MetaMask | An extension for accessing Ethereum enabled distributed applications, or "Dapps" in browser |
| Octohint | The missing IntelliSense hint for GitHub and GitLab |
| Rakuten | A Chrome extension to find best shopping deals and coupons and just save them |
| Screenity | The most powerful screen recorder for Chrome |
| SingleFile | A Chrome extension to save a complete page into a single HTML file |
| SponsorBlock | A Chrome extension to skip sponsorships, subscription begging and more on YouTube videos |
| Vimeo Record | A Chrome extension to record and share unlimited free video messages from your browser |
| Web Vitals | A Chrome extension to measure metrics for a healthy site |
Although most of the brew installs are handled by the Binaries installer, some brew packages are also installed using this configuration. The default Homebrew formulae include:
| Package | Description |
|---|---|
| automake | Tool for generating GNU Standards-compliant Makefiles |
| carthage | A simple, decentralized dependency manager for Cocoa |
| chrome-cli | Control Google Chrome from the command-line |
| findutils | Collection of GNU find, xargs, and locate |
| ideviceinstaller | Tool for managing apps on iOS devices |
| libimobiledevice | Library to communicate with iOS devices natively |
| secretive | there is no importing/exporting keys so you only have access to the public key |
On macOS, some software is installed using Homebrew casks. These include:
| Package | Description |
|---|---|
| clocker | macOS program that shows the time in multiple timezones in the top menu bar |
| sloth | macOS program that shows all open files, directories, sockets, pipes, and devices in use by all running processes on the system |
| stats | macOS program that shows the system monitor in the top menu bar |
Go packages, Rust crates, and system-specific packages like .deb and .rpm bundles are all handled by the [professormanhattan.genericinstaller](https://galaxy.ansible.com/professormanhattan/genericinstaller) role described above in the Binaries section. There are also ways of installing Go and Rust packages directly by using configuration options provided by their corresponding roles outlined in the Roles section.
This playbook does a bit more than just install software. It also optionally sets up web applications too. If you choose to deploy the default Gas Station web applications on your network, you should probably do it on a computer/server that has a lot of RAM (e.g. 64GB+).
Although a production environment will always be more stable and performant if it is hosted with a major cloud provider, sometimes it makes more sense to locally host web applications. Some applications have abnormally large RAM requirements that could potentially cost thousands per month to host with a legit cloud provider.
We use Kubernetes as the provider for the majority of the applications. It is a production-grade system and although there is a steeper learning curve it is well worth it. Each application we install is packaged as a Helm chart. All of the data is backed up regularly to an encrypted cloud S3 bucket of your choice.
The available Helm charts that this playbook completely handles the set up for are listed below.
By default, on each computer provisioned using the default settings of Gas Station, several apps are installed on each host. Docker Compose is used to manage the deployment. The default apps include:
| App | Description |
|---|---|
| Authelia | An authentication portal that supports SSO and 2FA |
| Homer | A very simple homepage which is customized by the playbook to automatically include links to the Docker containers you choose to host on the computer |
| Portainer | A Docker management tool |
| Serve | Simple interface for viewing files located or symlinked to in the /var/www/ folder of the machine |
You can, of course, disable deploying these apps. However, we include them because they have a small footprint and include useful features. You can also customize the list of apps you wish to include on each host.
We do not maintain any of the host applications except the ones listed above. However, we do provide the capability of marking a computer being provisioned as an HTPC. Doing this will include a suite of web applications with powerful auto-downloading, organizing, tagging, and media-serving capabilities. Since most people will probably be stepping outside the confines of the law for this, it is not recommended. If you still want to experiment then you can find descriptions of the applications below. The applications are intended to be hosted on a single computer via Docker Compose. The backend for Kodi is included but you should still use the regular installation method for Plex and the front-end of Kodi to view your media collection.
| App | Description |
|---|---|
| WireGuard | Dedicated VPN for the HTPC applications |
| Bazarr | Manages and automatically downloads subtitles |
| Heimdall | Start page for all the HTPC apps |
| Jackett | Request proxy server for Radarr and Sonarr |
| Kodi Headless | Backend for Kodi |
| Lidarr | Music collection manager that automatically downloads from BitTorrent and Usenet |
| NZBGet | Usenet downloader |
| Ombi | Plex request and user management system |
| Organizr | Front end for HTPC web applications |
| Radarr | Automatic movie downloader |
| Sonarr | Automatic TV show downloader |
| Tautulli | Metrics and monitoring for Plex |
| Transmission | BitTorrent client |
The philosophy of this project basically boils down to "automate everything" and include the best development tools that might be useful without over-bloating the machine with services. Automating everything should include tasks like automatically accepting software terms in advance or pre-populating Portainer with certificates of all the Docker hosts you would like to control. One problem we face is that there are so many great tools offered on GitHub. A lot of research has to go into what to include and what to pass on. The decision of whether or not to include a piece of software in the default playbook basically boils down to:
- Project popularity - If one project has 10k stars and a similar alternative has 500 stars then 9 times of out 10 the more popular project is selected.
- Last commit date - We prefer software that is being actively maintained, for obvious reasons.
- Cross platform - Our playbook supports the majority of popular operating systems so we opt for cross-platform software. However, in some cases, we will include software that has limited cross-platform support like Xcode (which is only available on Mac OS X). If a piece of software is too good to pass up, it is added and only installed on the system(s) that support it.
- Usefulness - If a tool could potentially improve developer effectiveness then we are more likely to include it.
- System Impact - Software that can be run with a small RAM footprint and software that does not need a service to load on boot is much more likely to be included.
One of the goals of this project is to be able to re-provision a network with the click of a button. This might not be feasible since consumer-grade hardware usually does not include features like IPMI (which is a feature included in high-end motherboards that lets you control the power state remotely). However, we aim to reduce the amount of interaction required when re-provisioning an entire network down to the bare minimum. In the worst case scenario, you will have to reformat, reinstall the operating system, and ensure that OpenSSH is running (or WinRM in the case of Windows) on each of the computers in your network. However, the long term goal is to allow the user to reformat and reinstall the operating system used as your Ansible host using an automated USB installer and then automatically re-provision everything else on the network by utilizing IPMI.
You might ask, "But how can I retain application-level configurations?" We currently handle this by:
- Pre-defining dotfiles in a customizable Git repository
- Backing up to encrypted S3 buckets
- Syncing files to private git repositories
- Utilizing tools that synchronize settings like mackup or macprefs in the case of macOS
However, we intentionally keep this synchronization to a minimum (i.e. only back up what is necessary). After all, one of the goals of this project is to be able to regularly flush the bad stuff off a system. By keeping what we back up to a minimum, we reduce the attack surface.
You can find a high-level overview of what each folder and file does in the ARCHITECTURE.md file.
We accomplish managing different environments by symlinking all the folders that should be unique to each network environment (e.g. host_vars/, group_vars/, inventories/, files/vpn/, and files/ssh/). In the environments/ folder, you will see multiple folders. In our case, environments/dev/ contains sensible configurations for testing the playbook and its' roles. The production environment is a seperate git submodule that links to a private git repository that contains our Ansible-vaulted API keys and passwords. When you are ready to set up your production configurations, you can use this method of storing your environment-specific folders in the environments/ folder as well. But if you are just starting off, you do not have to worry about this since, by default, this playbook is configured to run with the settings included in the /environments/dev/ folder.
If you already have the project bootstrapped (i.e. already ran bash .config/scripts/start.sh), you can switch environments with an interactive prompt by running:
task ansible:playbook:environmentAlternatively, you can run the following if you would like to bypass the prompt:
task ansible:playbook:environment -- environmentNameContributions, issues, and feature requests are welcome! Feel free to check the issues page. If you would like to contribute, please take a look at the contributing guide.
Sponsorship
Dear Awesome Person,
I create open source projects out of love. Although I have a job, shelter, and as much fast food as I can handle, it would still be pretty cool to be appreciated by the community for something I have spent a lot of time and money on. Please consider sponsoring me! Who knows? Maybe I will be able to quit my job and publish open source full time.
Sincerely,
Brian Zalewski
Copyright Β© 2020-2021 Megabyte LLC. This project is MIT licensed.
