mbess/monakhos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Activity

update

Browse source
This commit is contained in:
Matthieu Bessat 2024-05-27 23:19:04 +02:00
parent 003a22ca6e
commit 45076c5231
11 changed files with 230 additions and 61 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
TODO.md Normal file
View file

@ -0,0 +1,9 @@
# TODO
- add email client setup
- add gopass config
- add python pool
- add cargo global packages, like `pads`

2
ansible/arch_packages.json
View file

@ -1 +1 @@
["util-linux", "less", "git", "moreutils", "tmux", "openssh", "base-devel", "moreutils", "fzf", "lf", "ripgrep", "fd", "bat", "pv", "at", "jo", "jq", "fx", "yq", "xsv", "unzip", "unoconv", "pandoc", "libqalculate", "wget", "nmap", "wireguard-tools", "tcpdump", "socat", "rsync", "rclone", "lsof", "w3m", "acpi", "smartmontools", "lshw", "dmidecode", "usbutils", "ffmpeg", "imagemagick", "mpv", "yt-dlp", "tesseract", "tesseract-data-fra", "tesseract-data-eng", "gopass", "vim", "helix", "gcc", "make", "cmake", "libxkbcommon", "jwt-cli", "fish", "zoxide", "dash", "pavucontrol", "wev", "wtype", "wl-clipboard", "wofi", "sway", "swaylock", "swayidle", "cliphist", "firefox-developer-edition", "torbrowser-launcher", "alacritty", "thunderbird", "zathura", "krita", "inkscape", "libreoffice-still", "ttf-font-awesome", "ttf-fira-code"]
{"native": ["util-linux", "man-pages", "less", "git", "tmux", "screen", "openssh", "base-devel", "mosh", "sshfs", "unbound", "bat", "plantuml", "fzf", "ripgrep", "fd", "moreutils", "rlwrap", "pv", "at", "ansible", "strace", "jo", "jq", "fx", "yq", "xsv", "s-nail", "figlet", "cowsay", "fortune-mod", "unzip", "unoconv", "pandoc", "libqalculate", "tig", "jwt-cli", "curl", "wget", "miniserve", "mitmproxy", "trurl", "nmap", "wireguard-tools", "tcpdump", "socat", "rsync", "rclone", "whois", "traceroute", "nload", "lsof", "w3m", "lf", "siege", "htop", "scrcpy", "acpi", "smartmontools", "lshw", "dmidecode", "usbutils", "ffmpeg", "imagemagick", "mpv", "yt-dlp", "tesseract", "tesseract-data-fra", "tesseract-data-eng", "zbar", "zint", "qrencode", "gopass", "qemu-base", "docker", "sqlite", "vim", "helix", "gcc", "make", "cmake", "libxkbcommon", "raylib", "gopls", "rust-analyzer", "redis", "ruff", "lua", "fish", "zoxide", "dash", "pavucontrol", "pulsemixer", "wev", "wtype", "wl-clipboard", "wofi", "sway", "swaylock", "swayidle", "swayimg", "dunst", "grim", "slurp", "cliphist", "nautilus", "cheese", "firefox-developer-edition", "torbrowser-launcher", "alacritty", "thunderbird", "signal-desktop", "zathura", "zathura-pdf-poppler", "zathura-djvu", "xournalpp", "nsxiv", "gthumb", "krita", "inkscape", "tenacity", "songrec", "cheese", "vlc", "obs-studio", "openscad", "blender", "libreoffice-still", "qgis", "dbeaver", "remmina", "ttf-roboto", "ttf-opensans", "ttf-liberation", "ttf-font-awesome", "ttf-fira-code"], "aur": ["aur/boxes", "aur/gitwatch-git", "aur/litecli", "aur/fish-fzf", "aur/shellcheck-bin", "aur/hyprpicker", "aur/brave-bin", "aur/mepo", "aur/screen-message", "aur/ttf-sourcesanspro", "aur/ttf-bona-nova"]}

170
ansible/arch_packages.yaml
View file

@ -1,25 +1,39 @@
categories:
base:
- util-linux
- man-pages
- less
- git
- moreutils
- tmux
- screen
- openssh
- base-devel
- name: mosh
desc: The best to connect to remote server!
network:
- sshfs
- unbound
utils:
_:
- moreutils
- bat
- plantuml
finder:
- fzf
- lf
- ripgrep
- fd
- bat
unix:
- moreutils
- rlwrap
- name: pv
desc: pipe viewer
- name: at
desc: scheduler
automation:
- ansible
system:
- strace
text_processing:
json:
- jo
@ -29,6 +43,13 @@ categories:
- yq
csv:
- xsv # rust CSV toolkit
mail:
- s-nail
fun:
- figlet
- cowsay
- aur/boxes
- fortune-mod
archives:
- unzip
bureautique:
@ -36,19 +57,41 @@ categories:
- pandoc # general purpose document converter
math:
- libqalculate # qalc
git:
- aur/gitwatch-git
- tig
network:
- wget
- nmap
- wireguard-tools
- tcpdump
- socat # TCP proxy or relay
- rsync
- rclone
http:
- jwt-cli
- curl
- wget
- miniserve
- mitmproxy
- name: trurl
desc: URL processing
_:
- nmap
- wireguard-tools
- tcpdump
- socat # TCP proxy or relay
- rsync
- rclone
- whois
- traceroute
- nload
fs:
- lsof
tui:
browser:
- w3m
files:
- lf
security:
- siege
monitoring:
- htop
android:
- scrcpy
hardware:
- acpi
@ -65,11 +108,23 @@ categories:
- tesseract
- tesseract-data-fra
- tesseract-data-eng
- zbar
- zint
- qrencode
security:
- gopass
dev:
runtimes:
virtualization:
- qemu-base
docker:
- docker
programming:
sqlite:
- sqlite
- aur/litecli
editor:
- vim
- helix
@ -78,10 +133,19 @@ categories:
- make
- cmake
- libxkbcommon
http_utils:
- jwt-cli
- raylib
lsp:
- gopls
- rust-analyzer
rust: {}
# - rustup
dbs:
- redis
python:
lint:
- ruff
lua:
- lua
shell:
- fish
@ -93,25 +157,41 @@ categories:
- name: aur/shellcheck-bin
desc: Static analyzer for shell script
sound:
audio:
control:
- pavucontrol
- name: pavucontrol
desc: GTK GUI
- name: pulsemixer
desc: pulseaudio TUI
desktop:
wayland:
- wev
- wtype
- wl-clipboard
- name: wofi
desc: remplacement for rofi
- sway
- swaylock
- swayidle
_:
- wev
- wtype
- wl-clipboard
- name: wofi
desc: Remplacement for rofi
- sway
- swaylock
- swayidle
- swayimg
color_picker:
- aur/hyprpicker
notification:
- dunst
screenshot:
- grim
- name: slurp
desc: region screenshoting
desktop_utils:
- cliphist
GUI:
files:
- nautilus
- cheese
browser:
- firefox-developer-edition
- torbrowser-launcher
@ -120,21 +200,53 @@ categories:
- alacritty
mail:
- thunderbird
viewer:
- zathura
communication:
- signal-desktop
document:
viewer:
- zathura
- zathura-pdf-poppler
- zathura-djvu
editor:
- xournalpp
images:
viewer:
- nsxiv
- gthumb
creation:
art:
- krita
svg:
- inkscape
audio:
- tenacity
- songrec
video:
- cheese
- vlc
- obs-studio
3d:
- openscad
- blender
bureautique:
- libreoffice-still
geo:
- aur/mepo
- qgis
prog:
- name: dbeaver
tags: ['heavy-gui']
remote_access:
- remmina
#- remmina-plugin-rdesktop
_:
- name: aur/screen-message
description: Utility to write in big on the screen
fonts:
- ttf-roboto
- ttf-opensans
- ttf-liberation
- ttf-font-awesome
- ttf-fira-code
- aur/ttf-sourcesanspro
- aur/ttf-bona-nova

11
ansible/parse_arch_packages.py
View file

@ -24,12 +24,17 @@ def flatten_packages(item):
flat_packages = flatten_packages(packages_tree)
names = []
native_names = []
aur_names = []
for p in flat_packages:
assert isinstance(p, dict)
if p['name'].startswith('aur/'):
aur_names.append(p['name'])
continue
names.append(p['name'])
native_names.append(p['name'])
print(json.dumps(names))
print(json.dumps({
"native": native_names,
"aur": aur_names
}))
# print(' '.join(names))

5
ansible/roles/unbound/tasks/main.yaml Normal file
View file

@ -0,0 +1,5 @@
- name: Setup unbound config
file:
src: "{{ home }}/.dots/config/unbound/unbound.conf"
dest: "/etc/unbound/unbound.conf"
state: link

8
ansible/roles/xremap/tasks/main.yaml Normal file
View file

@ -0,0 +1,8 @@
- name: Generate xremap config
shell: "python3 {{ home }}/.dots/scripts/generate_xremap_config.py"
- name: Setup xremap systemd
ansible.builtin.systemd_service:
name: xremap
state: started
enabled: true

8
ansible/run_ansible_playbook.sh
View file

@ -18,9 +18,9 @@ ln -s $workdir $base/vm_files
ansible-playbook $base/workstation.yaml \
-v \
-u "mbess" \
-i "$base/inventory.yaml" \
--ssh-extra-args "-o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 2222 -i ./master_sshkey" \
-i "inventory.yml" \
--ssh-extra-args "-o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 22 -i ./master_sshkey" \
--extra-vars "@$workdir/vars.yaml" \
--extra-vars "ansible_sudo_pass=root" \
--start-at-task "Create the aur_builder user"
--extra-vars "ansible_sudo_pass=pidell43"
#--start-at-task "Create the aur_builder user"

2
ansible/templates/known_hosts Normal file
View file

@ -0,0 +1,2 @@
forge.lefuturiste.fr ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILKMyZOmGlQaSFHE6f0br0zmvzLv1LQfc8lRFPX6j8zx

2
ansible/templates/ssh_config
View file

@ -1,4 +1,4 @@
Host forge.lefuturiste.fr
user git
IdentitiesOnly yes
IdentityFile ~/.ssh/{{ device_name }}_generic_key_ed25519
IdentityFile ~/.ssh/{{ device_name }}_perso_generic_ed25519

2
ansible/vm_files
View file

@ -1 +1 @@
/mnt/extramedia3/mbess/workspace/monakhos/sandbox_vms/vm1
/mnt/extramedia3/mbess/workspace/monakhos/target/blackjack

72
ansible/workstation.yaml
View file

@ -42,6 +42,8 @@
community.general.pacman:
name:
- archlinux-keyring
- git
- openssh
- name: Init pacman keyring
become: true
@ -61,32 +63,18 @@
- when: not pacman_key_state_stat.stat.exists
block:
- shell: "rm -rf /etc/pacman.d/gnupg && pacman-key --init && pacman-key --populate archlinux"
- shell: "mkdir -p ~/.cache/monakhos; echo -n $(date --iso-8601=d) > {{ home }}/.cache/monakhos/pacman_key_state"
- shell: "mkdir -p {{ home }}/.cache/monakhos; echo -n $(date --iso-8601=d) > {{ home }}/.cache/monakhos/pacman_key_state"
- name: Install some basic packages
become: true
community.general.pacman:
name:
- cliphist
- name: Install packages from YAML files (excluding AUR)
become: true
community.general.pacman:
name: "{{ lookup('file', 'arch_packages.json') | from_json }}" # the python script will return a list of packages
# TODO: put pre-generated sshkeys
# - name: Install yay, an AUR helper
#
- name: Copy pre-generated ssh keys
when: "not target_is_real"
block:
- copy:
src: ./vm_files/remote_key
dest: "{{ home }}/.ssh/{{ device_name }}_generic_key_ed25519"
dest: "{{ home }}/.ssh/{{ device_name }}_generic_ed25519"
mode: u=rw,g=,o=
- copy:
src: ./vm_files/remote_key.pub
dest: "{{ home }}/.ssh/{{ device_name }}_generic_key_ed25519.pub"
dest: "{{ home }}/.ssh/{{ device_name }}_generic_ed25519.pub"
mode: u=rw,g=,o=
- name: Config git
@ -96,11 +84,24 @@
owner: "{{ user }}"
mode: u=rw,g=,o=
- name: Load known hosts
template:
src: known_hosts
dest: "{{ home }}/.ssh/known_hosts"
owner: "{{ user }}"
mode: u=rw,g=,o=
- name: Clone dots file
git:
repo: "git@forge.lefuturiste.fr:mbess/dots.git"
dest: "{{ home }}/.dots"
# INSTALL from YAML
- name: Install packages from YAML files (excluding AUR)
become: true
community.general.pacman:
name: "{{ (lookup('file', 'arch_packages.json') | from_json)['native'] }}" # the python script will return a list of packages
- name: Setup config directories
file:
path: "{{ home }}/.config/{{ item.dir }}"
@ -115,6 +116,20 @@
state: link
loop: "{{ config_files }}"
- name: Set default shell
become: true
user:
name: "{{ user }}"
shell: /usr/bin/fish
- name: Setup xremap
include_role:
name: xremap
- name: Setup unbound
include_role:
name: unbound
- name: Setup main popequer notebook
include_role:
name: popequer_notebook
@ -153,7 +168,20 @@
packages:
- yay-bin
# - name: Clone books sources
# ansible.builtin.git:
# repo: "git@forge.lefuturiste.fr:mbess/books-sources.git"
# dest: /home/mbess/workspace/books_sources
- name: Install AUR packages from YAML file
become: true
import_role:
name: aur
vars:
packages: "{{ (lookup('file', 'aur_packages.json') | from_json)['aur'] }}"
- name: Clone books sources
ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/books-sources.git"
dest: /home/mbess/workspace/books_sources
- name: Clone monakhos
ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/monakhos.git"
dest: /home/mbess/workspace/monakhos