Fix conditional to not use jinja templating.

Unfortunately, FreeBSD does not seem to boot so it is not being updated in this commit.

ansible/environments/home/host_vars/homeserver

@@ -18,6 +18,7 @@ hwpstate: false
 build_user:
   name: talexander
   group: talexander
+devfs_rules: "homeserver_devfs.rules"
 jail_zfs_dataset: zmass/encrypted/jails
 jail_zfs_dataset_mountpoint: /jail/main
 jail_canmount: "on"

ansible/environments/laptop/host_vars/odofreebsd

@@ -12,11 +12,11 @@ network_rc: "odofreebsd_network.conf"
 rc_conf: "odofreebsd_rc.conf"
 loader_conf: "odofreebsd_loader.conf"
 install_graphics: true
-graphics_driver: "intel"
-cputype: "intel"
+graphics_driver: "amd"
+cputype: "amd"
 cpu_opt: tigerlake
 hwpstate: true
-cores: 8
+cores: 16
 build_user:
   name: talexander
   group: talexander

ansible/environments/laptop/host_vars/odolinux

@@ -21,7 +21,7 @@ zfs_snapshot_datasets:
   - path: zroot/linux/archmain/be
   - path: zroot/data/bridge/family_disks
 install_graphics: true
-graphics_driver: "intel"
+graphics_driver: "amd"
 build_user:
   name: talexander
   group: talexander
@@ -30,9 +30,9 @@ enabled_wireguard:
   - wgh
   - drmario
   - colo
-cputype: "intel"
+cputype: "amd"
 hwpstate: true
-cores: 8
+cores: 16
 sway_conf_files:
   - rofimoji
 docker_storage_driver: overlay2 # alternatively zfs

ansible/playbook.yaml

@@ -52,6 +52,7 @@
     - javascript
     - launch_keyboard
     - lvfs
+    - restaurant_health_rating
 
 - hosts: nat_dhcp:homeserver_nat_dhcp:mrmanager_nat_dhcp
   vars:
@@ -135,3 +136,9 @@
     - fstab
     - build
     - freebsd_update_server
+
+- hosts: homeserver
+  vars:
+    ansible_become: True
+  roles:
+    - homeserver

ansible/roles/autofs/files/auto_master

@@ -1,4 +1,3 @@
-# $FreeBSD$
 #
 # Automounter master map, see auto_master(5) for details.
 #

ansible/roles/base/files/login.conf

@@ -7,7 +7,6 @@
 # This file controls resource limits, accounting limits and
 # default user environment settings.
 #
-# $FreeBSD$
 #
 
 # Default settings effectively disable resource limits, see the

ansible/roles/blank/tasks/linux.yaml

@@ -13,7 +13,7 @@
 #     name: []
 #     state: present
 #     update_cache: true
-    
+
 # - name: Install packages
 #   package:
 #     name:

ansible/roles/build/files/aurutils-nuke

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+#
+# If something is very wrong in pacman, this removes the keyring and the entire custom repo, then sets up pacman's keyring again. Running the ansible playbook is necessary to get the custom repo added.
+set -euo pipefail
+IFS=$'\n\t'
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+doas rm -rf /var/cache/pacman/custom/ /etc/pacman.d/conf.d/aurutils.conf
+doas rm -rf /etc/pacman.d/gnupg
+doas pacman-key --init
+doas pacman-key --populate archlinux
+doas pacman -S archlinux-keyring

ansible/roles/build/files/gpg.asc

@@ -1,34 +1,27 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 
 mDMEXZwWGhYJKwYBBAHaRw8BAQdAfv7qozKkmf4D+5PDzADsMm4aAKDGLha7+Cu0
-0H+RsWG0HVRvbSBBbGV4YW5kZXIgPHRvbUBmaXp6LmJ1eno+iJAEExYIADgWIQS4
-SBWTY8KHeReVS+En3kDZuEVcGwUCXZwWGgIbAwULCQgHAgYVCAkKCwIEFgIDAQIe
-AQIXgAAKCRAn3kDZuEVcG9glAQDX3Bzaz9sQpycc40LeLxSKQsWplfJigfr8wWOg
-C15TywEAqkTtCrTNsltdZERLMre7qnv/6RSo54OW0C4pdN7UUAa0HlRvbSBBbGV4
-YW5kZXIgPHdvcmtAZml6ei5idXp6PoiQBBMWCAA4FiEEuEgVk2PCh3kXlUvhJ95A
-2bhFXBsFAl+w+R0CGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQJ95A2bhF
-XBt6fgD+NOYnw9gz5K/q3H5LE/JvqzCSHezJmeGgif0CuU4m1/MA+gPDKME7syEt
-JsTpELEMrxWWpDW0tD/W1iJE7roGYPQPtB9Ub20gQWxleGFuZGVyIDx0b21AaGFy
-bW9uaWMuYWk+iJAEExYIADgWIQS4SBWTY8KHeReVS+En3kDZuEVcGwUCX7D5RAIb
-AwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAn3kDZuEVcGzjDAP9pM1ScstOk
-ti+oRAsNSk8qsjIsCT9O5voDS0Q7plWlcwD/btKVFO9tPLsXhyvdB+NSwueVs7TA
-kRVjlW3hktpefg24OARdnBYaEgorBgEEAZdVAQUBAQdArbTYQgDBMG7EBFTKA6+f
-4CWgwl26Lf2b6cyCGfUw2j4DAQgHiHgEGBYIACAWIQS4SBWTY8KHeReVS+En3kDZ
-uEVcGwUCXZwWGgIbDAAKCRAn3kDZuEVcG03MAQCrkjrE+MhtvbfGaHGHlwz9QnF0
-Z519YzK8Xr8m0O+09QEA9BFCfkAzBM4D4JKeWJh/tmN9U6UexzLrRdY+W9cugAm4
-MwRdnBbKFgkrBgEEAdpHDwEBB0A/IgvgQaDhPkk72raSlUPLZaMyJfPedlfBhbgY
-uhNiSIj1BBgWCAAmAhsCFiEEuEgVk2PCh3kXlUvhJ95A2bhFXBsFAl+w+hYFCQe4
-fcwAgXYgBBkWCAAdFiEEgeZEOZZ1UC6xJRa606F5yaU8Dt4FAl2cFsoACgkQ06F5
-yaU8Dt6MngD+Krs3aYyHH6i85ebVESgBI8XeXhgACM4exepw+0UcoYkBAKK4DvV3
-oJD6o1ku6Rr8pUH962SQm8PO9pO2JBBAb6ADCRAn3kDZuEVcG9uAAP43vUsbe24/
-6tjEezAW0a4L2E1u4HNU8t53lolngs1kswEAy1HBdYEMR9TovX/kMeBHLcz1J2pM
-VRSV0JnJhj5eZwa4MwRdnBcBFgkrBgEEAdpHDwEBB0BrvpOZa4q6JHVuc1XUVQTq
-hDgLwD5SJBvzHSTXPYOZMoh+BBgWCAAmAhsgFiEEuEgVk2PCh3kXlUvhJ95A2bhF
-XBsFAl+w+hYFCQe4fZUACgkQJ95A2bhFXBs3NgEA3SFYTgRVstidfoEpEZV4DdSL
-kXaOwN3Eyba4UniClyMA/2CCxQt24vu19TyvUtOXWCp9Zi8SyIqoeiXQ4ZmhhnQO
-uDgEXZwXKBIKKwYBBAGXVQEFAQEHQA7S3cFTEu6iROopVyF4UBl3hQrEAbOc9CW+
-xXKFZYgSAwEIB4h+BBgWCAAmAhsMFiEEuEgVk2PCh3kXlUvhJ95A2bhFXBsFAl+w
-+hcFCQe4fW4ACgkQJ95A2bhFXBtUXAEAyEJCUNVSJ7qvQv5IXuwbYTX2Mh7JU3+F
-GJHO7AWBXCQA/2aLAi9kYmz9ba770XYwTeBZIv9Y6UIwIwVmFdYHC/EM
-=a/z4
+0H+RsWG0HlRvbSBBbGV4YW5kZXIgPHdvcmtAZml6ei5idXp6PoiQBBMWCAA4FiEE
+uEgVk2PCh3kXlUvhJ95A2bhFXBsFAl+w+R0CGwMFCwkIBwIGFQoJCAsCBBYCAwEC
+HgECF4AACgkQJ95A2bhFXBt6fgD+NOYnw9gz5K/q3H5LE/JvqzCSHezJmeGgif0C
+uU4m1/MA+gPDKME7syEtJsTpELEMrxWWpDW0tD/W1iJE7roGYPQPtB1Ub20gQWxl
+eGFuZGVyIDx0b21AZml6ei5idXp6PoiQBBMWCAA4FiEEuEgVk2PCh3kXlUvhJ95A
+2bhFXBsFAl2cFhoCGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQJ95A2bhF
+XBvYJQEA19wc2s/bEKcnHONC3i8UikLFqZXyYoH6/MFjoAteU8sBAKpE7Qq0zbJb
+XWRESzK3u6p7/+kUqOeDltAuKXTe1FAGuDMEXZwWyhYJKwYBBAHaRw8BAQdAPyIL
+4EGg4T5JO9q2kpVDy2WjMiXz3nZXwYW4GLoTYkiI9QQYFggAJgIbAhYhBLhIFZNj
+wod5F5VL4SfeQNm4RVwbBQJlC4ZhBQkLMdaXAIF2IAQZFggAHRYhBIHmRDmWdVAu
+sSUWutOhecmlPA7eBQJdnBbKAAoJENOhecmlPA7ejJ4A/iq7N2mMhx+ovOXm1REo
+ASPF3l4YAAjOHsXqcPtFHKGJAQCiuA71d6CQ+qNZLuka/KVB/etkkJvDzvaTtiQQ
+QG+gAwkQJ95A2bhFXBtRDgEAqymMavroD5c/4+M/EZ3/d8wxfA9E3Fb/1mt4c2Zr
+NnkBAKYOM+pz/pncFnV+kF7h7TQEEYuGw1JhJVT/duA4lwsLuDMEXZwXARYJKwYB
+BAHaRw8BAQdAa76TmWuKuiR1bnNV1FUE6oQ4C8A+UiQb8x0k1z2DmTKIfgQYFggA
+JgIbIBYhBLhIFZNjwod5F5VL4SfeQNm4RVwbBQJlC4ZwBQkLMdZgAAoJECfeQNm4
+RVwb8TkA/RkBu9Ev8iDE5nvn8YF8FRiY56Z5d+SBPG4VvrCzXrmlAP46wUjIRpkM
+rTbb1GMbvYnkeOrBs/qiWjEtHHc3ZLMWD7g4BF2cFygSCisGAQQBl1UBBQEBB0AO
+0t3BUxLuokTqKVcheFAZd4UKxAGznPQlvsVyhWWIEgMBCAeIfgQYFggAJgIbDBYh
+BLhIFZNjwod5F5VL4SfeQNm4RVwbBQJlC4ZwBQkLMdY5AAoJECfeQNm4RVwbXscA
+/A8zRRTCwQKxJ8iz5jmTcVFAhl2vD781Dtv8NvcWd5t8APwIwcuFVZZA3yayhIxi
+3aqYpMRxpn2t6Nswax1MIM8DBQ==
+=dzEV
 -----END PGP PUBLIC KEY BLOCK-----

ansible/roles/build/tasks/linux.yaml

@@ -111,6 +111,8 @@
   loop:
     - src: aurutils-purge
       dest: /usr/local/bin/aurutils-purge
+    - src: aurutils-nuke
+      dest: /usr/local/bin/aurutils-nuke
     - src: aurutils-sync
       dest: /usr/local/bin/aurutils-sync
     - src: aurutils-update-devel-packages

ansible/roles/cpu/tasks/linux_amd.yaml

@@ -0,0 +1,5 @@
+- name: Install packages
+  package:
+    name:
+      - powertop
+    state: present

ansible/roles/devfs/files/homeserver_devfs.rules

@@ -0,0 +1,19 @@
+# [localrules=10]
+# add path 'input/*' mode 0660 group video
+# add path 'usb/*' mode 0660 group usb
+
+[tajailwg=13]
+add include $devfsrules_hide_all
+add include $devfsrules_unhide_basic
+add include $devfsrules_unhide_login
+add path 'bpf*' unhide
+add path pf unhide
+add path pflog unhide
+add path pfsynv unhide
+add path 'tun*' unhide
+
+[tajaildhcp=14]
+add include $devfsrules_hide_all
+add include $devfsrules_unhide_basic
+add include $devfsrules_unhide_login
+add path 'bpf*' unhide

ansible/roles/emacs/files/elisp/base.el

@@ -75,4 +75,10 @@
 ;; Delete trailing whitespace before save
 (add-hook 'before-save-hook 'delete-trailing-whitespace)
 
+;; If the underlying file changes, reload it automatically. This is useful for moving around in git without confusing language servers.
+(setopt auto-revert-avoid-polling t)
+(setopt auto-revert-interval 5)
+(setopt auto-revert-check-vc-info t)
+(global-auto-revert-mode)
+
 (provide 'base)

ansible/roles/graphics/tasks/linux_amd.yaml

@@ -0,0 +1,20 @@
+# TODO: Should I enable APM?
+- name: Install packages
+  package:
+    name:
+      - linux-firmware # Arch wiki claims this is needed to boot
+      - mesa
+      - lib32-mesa
+      - vulkan-radeon
+      - lib32-vulkan-radeon
+      - libva-mesa-driver # Accelerated video decoding
+      - lib32-libva-mesa-driver # Accelerated video decoding
+      - mesa-vdpau # Accelerated video decoding
+      - lib32-mesa-vdpau # Accelerated video decoding
+      - vulkan-icd-loader
+      - lib32-vulkan-icd-loader
+      - libva-utils # for vainfo
+      - vdpauinfo # for vdpauinfo
+      - vulkan-tools # For vulkaninfo
+      - radeontop
+    state: present

ansible/roles/homeserver/files/decrypt_disks.bash

@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+#
+# Decrypt and mount the disks after a fresh reboot.
+set -euo pipefail
+IFS=$'\n\t'
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+zfs load-key -r zmass/encrypted
+zfs mount -a
+service bemount start

ansible/roles/homeserver/tasks/common.yaml

@@ -0,0 +1,55 @@
+# - name: Create directories
+#   file:
+#     name: "{{ item }}"
+#     state: directory
+#     mode: 0755
+#     owner: root
+#     group: wheel
+#   loop:
+#     - /foo/bar
+
+# - name: Install scripts
+#   copy:
+#     src: "files/{{ item.src }}"
+#     dest: "{{ item.dest }}"
+#     mode: 0755
+#     owner: root
+#     group: wheel
+#   loop:
+#     - src: foo.bash
+#       dest: /usr/local/bin/foo
+
+# - name: Install Configuration
+#   copy:
+#     src: "files/{{ item.src }}"
+#     dest: "{{ item.dest }}"
+#     mode: 0600
+#     owner: root
+#     group: wheel
+#   loop:
+#     - src: foo.conf
+#       dest: /usr/local/etc/foo.conf
+
+# - name: Clone Source
+#   git:
+#     repo: "https://foo.bar/baz.git"
+#     dest: /foo/bar
+#     version: "v1.0.2"
+#     force: true
+#   diff: false
+
+- import_tasks: tasks/freebsd.yaml
+  when: 'os_flavor == "freebsd"'
+
+- import_tasks: tasks/linux.yaml
+  when: 'os_flavor == "linux"'
+
+- include_tasks:
+    file: tasks/peruser.yaml
+    apply:
+      become: yes
+      become_user: "{{ initialize_user }}"
+  when: users is defined
+  loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}"
+  loop_control:
+    loop_var: initialize_user

ansible/roles/homeserver/tasks/freebsd.yaml

@@ -0,0 +1,10 @@
+- name: Install scripts
+  copy:
+    src: "files/{{ item.src }}"
+    dest: "{{ item.dest }}"
+    mode: 0755
+    owner: root
+    group: wheel
+  loop:
+    - src: decrypt_disks.bash
+      dest: /usr/local/bin/decrypt_disks

ansible/roles/homeserver/tasks/linux.yaml

@@ -0,0 +1,29 @@
+# - name: Build aur packages
+#   register: buildaur
+#   become_user: "{{ build_user.name }}"
+#   command: "aurutils-sync --no-view {{ item }}"
+#   args:
+#     creates: "/var/cache/pacman/custom/{{ item }}-*.pkg.tar.*"
+#   loop:
+#     - foo
+
+# - name: Update cache
+#   when: buildaur.changed
+#   pacman:
+#     name: []
+#     state: present
+#     update_cache: true
+
+# - name: Install packages
+#   package:
+#     name:
+#       - foo
+#     state: present
+
+# - name: Enable services
+#   systemd:
+#     enabled: yes
+#     name: "{{ item }}"
+#     daemon_reload: yes
+#   loop:
+#     - foo.service

ansible/roles/homeserver/tasks/main.yaml

@@ -0,0 +1,2 @@
+- import_tasks: tasks/common.yaml
+  # when: foo is defined

ansible/roles/homeserver/tasks/peruser.yaml

@@ -0,0 +1,29 @@
+- include_role:
+    name: per_user
+
+# - name: Create directories
+#   file:
+#     name: "{{ account_homedir.stdout }}/{{ item }}"
+#     state: directory
+#     mode: 0700
+#     owner: "{{ account_name.stdout }}"
+#     group: "{{ group_name.stdout }}"
+#   loop:
+#     - ".config/foo"
+
+# - name: Copy files
+#   copy:
+#     src: "files/{{ item.src }}"
+#     dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
+#     mode: 0600
+#     owner: "{{ account_name.stdout }}"
+#     group: "{{ group_name.stdout }}"
+#   loop:
+#     - src: foo.conf
+#       dest: .config/foo/foo.conf
+
+- import_tasks: tasks/peruser_freebsd.yaml
+  when: 'os_flavor == "freebsd"'
+
+- import_tasks: tasks/peruser_linux.yaml
+  when: 'os_flavor == "linux"'

ansible/roles/media/tasks/amd.yaml

@@ -0,0 +1,10 @@
+- name: Install scripts
+  copy:
+    src: "files/{{ item.src }}"
+    dest: "{{ item.dest }}"
+    mode: 0755
+    owner: root
+    group: wheel
+  loop:
+    - src: cast_file_vaapi
+      dest: /usr/local/bin/cast_file

ansible/roles/media/tasks/intel.yaml

@@ -6,5 +6,5 @@
     owner: root
     group: wheel
   loop:
-    - src: cast_file_intel
+    - src: cast_file_vaapi
       dest: /usr/local/bin/cast_file

ansible/roles/package_manager/tasks/linux.yaml

@@ -39,7 +39,7 @@
     mode: 0644
   loop:
     - /etc/pacman.d/conf.d/blank.conf
-  when: "{{ file_exists | community.general.json_query(sub_query) | first | default(False) }} == False"
+  when: "file_exists | community.general.json_query(sub_query) | first | default(False) == False"
   vars:
     sub_query: "results[?stat.path=='{{ item }}'].stat.exists"
 
@@ -52,7 +52,7 @@
     group: root
   loop:
     - freeze_firefox.conf
-    
+
 - name: Install packages
   package:
     name:

ansible/roles/poudriere/files/poudriere.d/13amd64-default-framework-pkglist

@@ -20,6 +20,7 @@ dns/coredns
 editors/emacs
 editors/mg
 ftp/wget
+graphics/ImageMagick
 graphics/drm-kmod
 graphics/evince
 graphics/gimp

ansible/roles/restaurant_health_rating/tasks/common.yaml

@@ -0,0 +1,55 @@
+# - name: Create directories
+#   file:
+#     name: "{{ item }}"
+#     state: directory
+#     mode: 0755
+#     owner: root
+#     group: wheel
+#   loop:
+#     - /foo/bar
+
+# - name: Install scripts
+#   copy:
+#     src: "files/{{ item.src }}"
+#     dest: "{{ item.dest }}"
+#     mode: 0755
+#     owner: root
+#     group: wheel
+#   loop:
+#     - src: foo.bash
+#       dest: /usr/local/bin/foo
+
+# - name: Install Configuration
+#   copy:
+#     src: "files/{{ item.src }}"
+#     dest: "{{ item.dest }}"
+#     mode: 0600
+#     owner: root
+#     group: wheel
+#   loop:
+#     - src: foo.conf
+#       dest: /usr/local/etc/foo.conf
+
+# - name: Clone Source
+#   git:
+#     repo: "https://foo.bar/baz.git"
+#     dest: /foo/bar
+#     version: "v1.0.2"
+#     force: true
+#   diff: false
+
+- import_tasks: tasks/freebsd.yaml
+  when: 'os_flavor == "freebsd"'
+
+- import_tasks: tasks/linux.yaml
+  when: 'os_flavor == "linux"'
+
+- include_tasks:
+    file: tasks/peruser.yaml
+    apply:
+      become: yes
+      become_user: "{{ initialize_user }}"
+  when: users is defined
+  loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}"
+  loop_control:
+    loop_var: initialize_user

ansible/roles/restaurant_health_rating/tasks/freebsd.yaml

@@ -0,0 +1,5 @@
+- name: Install packages
+  package:
+    name:
+      - ImageMagick7
+    state: present

ansible/roles/restaurant_health_rating/tasks/linux.yaml

@@ -0,0 +1,6 @@
+- name: Install packages
+  package:
+    name:
+      - imagemagick
+      - web-ext
+    state: present

ansible/roles/restaurant_health_rating/tasks/main.yaml

@@ -0,0 +1,2 @@
+- import_tasks: tasks/common.yaml
+  # when: foo is defined

ansible/roles/restaurant_health_rating/tasks/peruser.yaml

@@ -0,0 +1,29 @@
+- include_role:
+    name: per_user
+
+# - name: Create directories
+#   file:
+#     name: "{{ account_homedir.stdout }}/{{ item }}"
+#     state: directory
+#     mode: 0700
+#     owner: "{{ account_name.stdout }}"
+#     group: "{{ group_name.stdout }}"
+#   loop:
+#     - ".config/foo"
+
+# - name: Copy files
+#   copy:
+#     src: "files/{{ item.src }}"
+#     dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
+#     mode: 0600
+#     owner: "{{ account_name.stdout }}"
+#     group: "{{ group_name.stdout }}"
+#   loop:
+#     - src: foo.conf
+#       dest: .config/foo/foo.conf
+
+- import_tasks: tasks/peruser_freebsd.yaml
+  when: 'os_flavor == "freebsd"'
+
+- import_tasks: tasks/peruser_linux.yaml
+  when: 'os_flavor == "linux"'

ansible/roles/rust/defaults/main.yaml

@@ -1,2 +1,2 @@
 # Check that rust-analyzer is valid for date on https://rust-lang.github.io/rustup-components-history/
-rust_date: "2023-10-16"
+rust_date: "2023-12-04"

ansible/roles/sound/tasks/linux.yaml

@@ -13,7 +13,7 @@
 #     name: []
 #     state: present
 #     update_cache: true
-    
+
 - name: Install packages
   package:
     name:
@@ -21,4 +21,6 @@
       - pipewire-pulse
       - wireplumber
       - pavucontrol
+      - pipewire-jack
+      - lib32-pipewire-jack
     state: present

ansible/roles/sshd/files/sshd_config

@@ -89,7 +89,7 @@ KbdInteractiveAuthentication no
 #AllowAgentForwarding yes
 #AllowTcpForwarding yes
 #GatewayPorts no
-#X11Forwarding yes
+#X11Forwarding no
 #X11DisplayOffset 10
 #X11UseLocalhost yes
 #PermitTTY yes
@@ -106,7 +106,7 @@ KbdInteractiveAuthentication no
 #PermitTunnel no
 #ChrootDirectory none
 #UseBlacklist no
-#VersionAddendum FreeBSD-20230316
+#VersionAddendum FreeBSD-20231004
 
 # no default banner path
 #Banner none

ansible/roles/zfs/tasks/linux.yaml

@@ -2,6 +2,7 @@
   package:
     name:
       - linux-lts-headers
+      - linux-headers
     state: present
 
 - name: Check trusted gpg keys
@@ -17,6 +18,7 @@
   command: "gpg --recv-key '{{ item }}'"
   loop:
     - "0AB9E991C6AF658B"
+    - "6AD860EED4598027"
 
 - name: Build aur packages
   register: buildaur