Add nix flakes

.github/workflows/tests.yml

@@ -67,7 +67,7 @@ jobs:
         run: pip3 install --constraint=.github/workflows/constraints.txt ansible 'molecule-plugins[podman]' podman
 
       - name: Run Molecule tests
-        run: molecule test
+        run: molecule -v test
         env:
           PY_COLORS: "1"
           ANSIBLE_FORCE_COLOR: "1"

CONTRIBUTING.md

@@ -78,6 +78,35 @@ vagrant up
 
 The default password for root in the VM is `vagrant`.
 
+#### Enabling contrib / non-free / non-free-firmware
+
+Keep in mind one maybe need extra steps to enable extra apt packages eg. to install `torbrowser-launcher` (from contrib) or `firmware-amd-graphics` (from non-free-firmware):
+
+1. comment out provision part of `Vagrant`:
+
+   ```
+       # Run playbook
+       #config.vm.provision "ansible" do |ansible|
+       #  ansible.playbook = "main.yml"
+       #  ansible.verbose = "vv"
+       #end
+   ```
+
+1. run `vagrant up` and then `vagrant login`
+1. edit `/etc/apt/sources.list` to add the desired streams eg.:
+
+   ```
+   deb https://deb.debian.org/debian bookworm main contrib non-free-firmware
+   deb-src https://deb.debian.org/debian bookworm main contrib non-free-firmware
+   deb https://deb.debian.org/debian bookworm-updates main contrib non-free-firmware
+   deb-src https://deb.debian.org/debian bookworm-updates main contrib non-free-firmware
+   deb https://deb.debian.org/debian-security bookworm-security main contrib non-free-firmware
+   deb-src https://deb.debian.org/debian-security bookworm-security main contrib non-free-firmware
+   deb https://deb.debian.org/debian bookworm-backports main contrib non-free-firmware
+   deb-src https://deb.debian.org/debian bookworm-backports main contrib non-free-firmware
+   ```
+1. run `vagrant provision`
+
 ## How to submit changes
 
 Open a [pull request] to submit changes to this project.

requirements.yml

@@ -19,7 +19,7 @@ roles:
   - name: staticdev.firefox
     version: 2.0.5
   - name: staticdev.python_developer
-    version: 2.6.0
+    version: 2.6.1
   - name: staticdev.signal
     version: 1.6.1
   - name: stefangweichinger.ansible_rclone

tasks/keypass-xc.yml

@@ -9,7 +9,7 @@
 - name: Install Keepass XC
   when: keepass_xc_cmd is failed
   ansible.builtin.command:
-    cmd: nix-env -iA nixpkgs.keepassxc
+    cmd: nix profile install nixpkgs#keepassxc
   environment:
     PATH: "{{ ansible_env.HOME + '/.nix-profile/bin:$PATH' }}"
   changed_when: true

tasks/office.yml

@@ -12,7 +12,7 @@
     - name: Install OnlyOffice
       when: onlyoffice_version_cmd is failed
       ansible.builtin.command:
-        cmd: nix-env -iA nixpkgs.onlyoffice-bin
+        cmd: nix profile install nixpkgs#onlyoffice-bin
       environment:
         PATH: "{{ ansible_env.HOME + '/.nix-profile/bin:$PATH' }}"
       changed_when: true

tasks/packages.yml

@@ -22,6 +22,8 @@
 - name: Install Nix package manager
   ansible.builtin.import_role:
     name: ableton.nix
+  vars:
+    nix_flakes: true
 
 - name: Add Nix to bash PATH
   ansible.builtin.lineinfile:
@@ -30,7 +32,7 @@
     insertafter: EOF
     state: present
 
-- name: "Check installation of Nix package {{ item.name }}"
+- name: "Check installation of Nix packages"
   ansible.builtin.command: "{{ item.check_cmd }}"
   environment:
     PATH: "{{ ansible_env.HOME + '/.nix-profile/bin:$PATH' }}"
@@ -41,8 +43,8 @@
   loop_control:
     index_var: package_index
 
-- name: "Install Nix package {{ item.name }}"
-  ansible.builtin.command: "nix-env -iA nixpkgs.{{ item.name }}"
+- name: "Install Nix packages"
+  ansible.builtin.command: "nix profile install nixpkgs#{{ item.name }}"
   environment:
     PATH: "{{ ansible_env.HOME + '/.nix-profile/bin:$PATH' }}"
   when: package_check_cmd.results[package_index].failed

tasks/pycharm.yml

@@ -12,7 +12,7 @@
     - name: Install Pycharm professional
       when: pycharm_version_cmd is failed
       ansible.builtin.command:
-        cmd: nix-env -iA nixpkgs.jetbrains.pycharm-professional --impure
+        cmd: nix profile install nixpkgs#jetbrains.pycharm-professional --impure
       environment:
         NIXPKGS_ALLOW_UNFREE: "1"
         PATH: "{{ ansible_env.HOME + '/.nix-profile/bin:$PATH' }}"
@@ -31,7 +31,7 @@
     - name: Install Pycharm community
       when: pycharm_version_cmd is failed
       ansible.builtin.command:
-        cmd: nix-env -iA nixpkgs.jetbrains.pycharm-community
+        cmd: nix profile install nixpkgs#jetbrains.pycharm-community
       environment:
         PATH: "{{ ansible_env.HOME + '/.nix-profile/bin:$PATH' }}"
       changed_when: true