I've been meaning to look into Ansible for a long time now, but somehow never got around to it.
SaltStack has been my automation/orchestration tool of choice since about 2013 and I can usually get stuff done with it without glancing at the docs too much.
However, the security history of Salt isn't great: there's been a bunch of security issues in it that got me thinking that maybe I should look at alternatives. (For example, this was a very good one... and there's been a bunch of authentication bypass too which do not inspire confidence)
Anyways, I started tinkering with Ansible to automate some stuff on my workstation.
The following is a collection of short notes and weirdness I encountered so far, to save my future self some time when I encounter them again.