Technical deep dive into how the project is structured and how it works.
What you'll learn:
- Directory structure - Where everything lives
- Execution flow - Bootstrap → main → optional
- Configuration management - How settings work
- Branching strategy - Version-specific branches
- Security model - Vault encryption and SSH keys
Best for: Contributors, system administrators, and curious developers who want to understand the internals.
Time to read: 8-10 minutes
fedora-desktop/
├── ansible.cfg # Ansible configuration
├── requirements.yml # Ansible Galaxy dependencies
├── run.bash # Bootstrap installer script
├── vault-pass.secret # Vault password (gitignored)
├── CLAUDE.md # Claude Code instructions
│
├── vars/
│ └── fedora-version.yml # Target Fedora version
│
├── environment/
│ └── localhost/
│ ├── hosts.yml # Inventory definition
│ └── host_vars/
│ └── localhost.yml # User-specific variables
│
├── playbooks/
│ ├── playbook-main.yml # Main orchestrator
│ └── imports/
│ ├── play-*.yml # Core playbooks
│ └── optional/
│ ├── common/ # General optional features
│ ├── hardware-specific/# Hardware drivers/configs
│ ├── experimental/ # Bleeding-edge features
│ └── archived/ # Deprecated playbooks
│
├── files/ # Static configuration files
│ ├── etc/ # System configs
│ ├── home/ # User configs
│ └── var/ # Variable data
│
├── scripts/ # Utility scripts
├── roles/ # Ansible roles
│ └── vendor/ # Third-party roles (from requirements.yml)
│
└── untracked/ # Runtime data (gitignored)
└── facts/ # Ansible fact cache
The bootstrap script:
- Validates system requirements
- Checks Fedora version against
vars/fedora-version.yml - Installs core dependencies
- Configures GitHub CLI authentication
- Generates SSH keys
- Clones the repository
- Collects user configuration
- Initializes Ansible vault
- Executes main playbook
playbook-main.yml orchestrates these playbooks in order:
- play-AA-preflight-sanity.yml: Version and dependency checks
- play-basic-configs.yml: System packages and configurations
- play-nvm-install.yml: Node Version Manager setup
- play-claude-code.yml: Claude Code CLI installation
- play-git-configure-and-tools.yml: Git configuration
- play-lxc-install-config.yml: LXC container support
- play-ms-fonts.yml: Microsoft fonts installation
- play-rpm-fusion.yml: Third-party repository setup
- play-toolbox-install.yml: JetBrains Toolbox
Manually executed based on needs:
- common/: Development tools, applications
- hardware-specific/: NVIDIA, DisplayLink, TLP
- experimental/: LXDE, VirtualBox
Key settings:
- Inventory:
./environment/localhost - Connection: Local transport (not SSH)
- Privilege Escalation: sudo with
-HEflags - Vault: Password file at
./vault-pass.secret - Fact Caching: JSON files in
./untracked/facts/
- Global Variables:
vars/fedora-version.yml - Host Variables:
environment/localhost/host_vars/localhost.yml - Playbook Variables: Defined in individual playbooks
- Vault-encrypted: API keys and secrets
Static files are organized by destination:
files/etc/: System configuration filesfiles/home/: User configuration filesfiles/var/: Variable data and scripts
- Each Fedora version has its own branch (F42, F43, etc.)
- Branch name corresponds to Fedora version
vars/fedora-version.ymldefines target version- Default branch updated to current working version
- Vault encryption for sensitive data
- SSH key generation and management
- Passwordless sudo configuration
- GitHub CLI multi-account support
- Encrypted vault password file (gitignored)