From 45076c5231dec8e01b17edba2c0c657fe981cd96 Mon Sep 17 00:00:00 2001 From: Matthieu Bessat Date: Mon, 27 May 2024 23:19:04 +0200 Subject: [PATCH] update --- TODO.md | 9 ++ ansible/arch_packages.json | 2 +- ansible/arch_packages.yaml | 170 +++++++++++++++++++++----- ansible/parse_arch_packages.py | 11 +- ansible/roles/unbound/tasks/main.yaml | 5 + ansible/roles/xremap/tasks/main.yaml | 8 ++ ansible/run_ansible_playbook.sh | 8 +- ansible/templates/known_hosts | 2 + ansible/templates/ssh_config | 2 +- ansible/vm_files | 2 +- ansible/workstation.yaml | 72 +++++++---- 11 files changed, 230 insertions(+), 61 deletions(-) create mode 100644 TODO.md create mode 100644 ansible/roles/unbound/tasks/main.yaml create mode 100644 ansible/roles/xremap/tasks/main.yaml create mode 100644 ansible/templates/known_hosts diff --git a/TODO.md b/TODO.md new file mode 100644 index 0000000..eee216c --- /dev/null +++ b/TODO.md @@ -0,0 +1,9 @@ +# TODO + +- add email client setup +- add gopass config + +- add python pool + +- add cargo global packages, like `pads` + diff --git a/ansible/arch_packages.json b/ansible/arch_packages.json index 5b02595..829037e 100644 --- a/ansible/arch_packages.json +++ b/ansible/arch_packages.json @@ -1 +1 @@ -["util-linux", "less", "git", "moreutils", "tmux", "openssh", "base-devel", "moreutils", "fzf", "lf", "ripgrep", "fd", "bat", "pv", "at", "jo", "jq", "fx", "yq", "xsv", "unzip", "unoconv", "pandoc", "libqalculate", "wget", "nmap", "wireguard-tools", "tcpdump", "socat", "rsync", "rclone", "lsof", "w3m", "acpi", "smartmontools", "lshw", "dmidecode", "usbutils", "ffmpeg", "imagemagick", "mpv", "yt-dlp", "tesseract", "tesseract-data-fra", "tesseract-data-eng", "gopass", "vim", "helix", "gcc", "make", "cmake", "libxkbcommon", "jwt-cli", "fish", "zoxide", "dash", "pavucontrol", "wev", "wtype", "wl-clipboard", "wofi", "sway", "swaylock", "swayidle", "cliphist", "firefox-developer-edition", "torbrowser-launcher", "alacritty", "thunderbird", "zathura", "krita", "inkscape", "libreoffice-still", "ttf-font-awesome", "ttf-fira-code"] +{"native": ["util-linux", "man-pages", "less", "git", "tmux", "screen", "openssh", "base-devel", "mosh", "sshfs", "unbound", "bat", "plantuml", "fzf", "ripgrep", "fd", "moreutils", "rlwrap", "pv", "at", "ansible", "strace", "jo", "jq", "fx", "yq", "xsv", "s-nail", "figlet", "cowsay", "fortune-mod", "unzip", "unoconv", "pandoc", "libqalculate", "tig", "jwt-cli", "curl", "wget", "miniserve", "mitmproxy", "trurl", "nmap", "wireguard-tools", "tcpdump", "socat", "rsync", "rclone", "whois", "traceroute", "nload", "lsof", "w3m", "lf", "siege", "htop", "scrcpy", "acpi", "smartmontools", "lshw", "dmidecode", "usbutils", "ffmpeg", "imagemagick", "mpv", "yt-dlp", "tesseract", "tesseract-data-fra", "tesseract-data-eng", "zbar", "zint", "qrencode", "gopass", "qemu-base", "docker", "sqlite", "vim", "helix", "gcc", "make", "cmake", "libxkbcommon", "raylib", "gopls", "rust-analyzer", "redis", "ruff", "lua", "fish", "zoxide", "dash", "pavucontrol", "pulsemixer", "wev", "wtype", "wl-clipboard", "wofi", "sway", "swaylock", "swayidle", "swayimg", "dunst", "grim", "slurp", "cliphist", "nautilus", "cheese", "firefox-developer-edition", "torbrowser-launcher", "alacritty", "thunderbird", "signal-desktop", "zathura", "zathura-pdf-poppler", "zathura-djvu", "xournalpp", "nsxiv", "gthumb", "krita", "inkscape", "tenacity", "songrec", "cheese", "vlc", "obs-studio", "openscad", "blender", "libreoffice-still", "qgis", "dbeaver", "remmina", "ttf-roboto", "ttf-opensans", "ttf-liberation", "ttf-font-awesome", "ttf-fira-code"], "aur": ["aur/boxes", "aur/gitwatch-git", "aur/litecli", "aur/fish-fzf", "aur/shellcheck-bin", "aur/hyprpicker", "aur/brave-bin", "aur/mepo", "aur/screen-message", "aur/ttf-sourcesanspro", "aur/ttf-bona-nova"]} diff --git a/ansible/arch_packages.yaml b/ansible/arch_packages.yaml index a4aebd2..298e885 100644 --- a/ansible/arch_packages.yaml +++ b/ansible/arch_packages.yaml @@ -1,25 +1,39 @@ categories: base: - util-linux + - man-pages - less - git - - moreutils - tmux + - screen - openssh - base-devel + - name: mosh + desc: The best to connect to remote server! + + network: + - sshfs + - unbound utils: _: - - moreutils + - bat + - plantuml + finder: - fzf - - lf - ripgrep - fd - - bat + unix: + - moreutils + - rlwrap - name: pv desc: pipe viewer - name: at desc: scheduler + automation: + - ansible + system: + - strace text_processing: json: - jo @@ -29,6 +43,13 @@ categories: - yq csv: - xsv # rust CSV toolkit + mail: + - s-nail + fun: + - figlet + - cowsay + - aur/boxes + - fortune-mod archives: - unzip bureautique: @@ -36,19 +57,41 @@ categories: - pandoc # general purpose document converter math: - libqalculate # qalc + git: + - aur/gitwatch-git + - tig network: - - wget - - nmap - - wireguard-tools - - tcpdump - - socat # TCP proxy or relay - - rsync - - rclone + http: + - jwt-cli + - curl + - wget + - miniserve + - mitmproxy + - name: trurl + desc: URL processing + _: + - nmap + - wireguard-tools + - tcpdump + - socat # TCP proxy or relay + - rsync + - rclone + - whois + - traceroute + - nload fs: - lsof tui: browser: - w3m + files: + - lf + security: + - siege + monitoring: + - htop + android: + - scrcpy hardware: - acpi @@ -65,11 +108,23 @@ categories: - tesseract - tesseract-data-fra - tesseract-data-eng + - zbar + - zint + - qrencode security: - gopass - dev: + + runtimes: + virtualization: + - qemu-base + docker: + - docker + programming: + sqlite: + - sqlite + - aur/litecli editor: - vim - helix @@ -78,10 +133,19 @@ categories: - make - cmake - libxkbcommon - - - http_utils: - - jwt-cli + - raylib + lsp: + - gopls + - rust-analyzer + rust: {} + # - rustup + dbs: + - redis + python: + lint: + - ruff + lua: + - lua shell: - fish @@ -93,25 +157,41 @@ categories: - name: aur/shellcheck-bin desc: Static analyzer for shell script - sound: + audio: control: - - pavucontrol + - name: pavucontrol + desc: GTK GUI + - name: pulsemixer + desc: pulseaudio TUI desktop: wayland: - - wev - - wtype - - wl-clipboard - - name: wofi - desc: remplacement for rofi - - sway - - swaylock - - swayidle + _: + - wev + - wtype + - wl-clipboard + - name: wofi + desc: Remplacement for rofi + - sway + - swaylock + - swayidle + - swayimg + color_picker: + - aur/hyprpicker + notification: + - dunst + screenshot: + - grim + - name: slurp + desc: region screenshoting desktop_utils: - cliphist GUI: + files: + - nautilus + - cheese browser: - firefox-developer-edition - torbrowser-launcher @@ -120,21 +200,53 @@ categories: - alacritty mail: - thunderbird - viewer: - - zathura + communication: + - signal-desktop + document: + viewer: + - zathura + - zathura-pdf-poppler + - zathura-djvu + editor: + - xournalpp images: + viewer: + - nsxiv + - gthumb + creation: art: - krita svg: - inkscape + audio: + - tenacity + - songrec + video: + - cheese + - vlc + - obs-studio + 3d: + - openscad + - blender bureautique: - libreoffice-still geo: - aur/mepo + - qgis + prog: + - name: dbeaver + tags: ['heavy-gui'] + remote_access: + - remmina + #- remmina-plugin-rdesktop _: - name: aur/screen-message description: Utility to write in big on the screen - fonts: + - ttf-roboto + - ttf-opensans + - ttf-liberation - ttf-font-awesome - ttf-fira-code + - aur/ttf-sourcesanspro + - aur/ttf-bona-nova diff --git a/ansible/parse_arch_packages.py b/ansible/parse_arch_packages.py index 5fc9448..3dbb388 100644 --- a/ansible/parse_arch_packages.py +++ b/ansible/parse_arch_packages.py @@ -24,12 +24,17 @@ def flatten_packages(item): flat_packages = flatten_packages(packages_tree) -names = [] +native_names = [] +aur_names = [] for p in flat_packages: assert isinstance(p, dict) if p['name'].startswith('aur/'): + aur_names.append(p['name']) continue - names.append(p['name']) + native_names.append(p['name']) -print(json.dumps(names)) +print(json.dumps({ + "native": native_names, + "aur": aur_names +})) # print(' '.join(names)) diff --git a/ansible/roles/unbound/tasks/main.yaml b/ansible/roles/unbound/tasks/main.yaml new file mode 100644 index 0000000..b840230 --- /dev/null +++ b/ansible/roles/unbound/tasks/main.yaml @@ -0,0 +1,5 @@ +- name: Setup unbound config + file: + src: "{{ home }}/.dots/config/unbound/unbound.conf" + dest: "/etc/unbound/unbound.conf" + state: link diff --git a/ansible/roles/xremap/tasks/main.yaml b/ansible/roles/xremap/tasks/main.yaml new file mode 100644 index 0000000..15e1fb3 --- /dev/null +++ b/ansible/roles/xremap/tasks/main.yaml @@ -0,0 +1,8 @@ +- name: Generate xremap config + shell: "python3 {{ home }}/.dots/scripts/generate_xremap_config.py" + +- name: Setup xremap systemd + ansible.builtin.systemd_service: + name: xremap + state: started + enabled: true diff --git a/ansible/run_ansible_playbook.sh b/ansible/run_ansible_playbook.sh index 1905ab1..8572941 100755 --- a/ansible/run_ansible_playbook.sh +++ b/ansible/run_ansible_playbook.sh @@ -18,9 +18,9 @@ ln -s $workdir $base/vm_files ansible-playbook $base/workstation.yaml \ -v \ -u "mbess" \ - -i "$base/inventory.yaml" \ - --ssh-extra-args "-o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 2222 -i ./master_sshkey" \ + -i "inventory.yml" \ + --ssh-extra-args "-o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 22 -i ./master_sshkey" \ --extra-vars "@$workdir/vars.yaml" \ - --extra-vars "ansible_sudo_pass=root" \ - --start-at-task "Create the aur_builder user" + --extra-vars "ansible_sudo_pass=pidell43" + #--start-at-task "Create the aur_builder user" diff --git a/ansible/templates/known_hosts b/ansible/templates/known_hosts new file mode 100644 index 0000000..4eddb2d --- /dev/null +++ b/ansible/templates/known_hosts @@ -0,0 +1,2 @@ +forge.lefuturiste.fr ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILKMyZOmGlQaSFHE6f0br0zmvzLv1LQfc8lRFPX6j8zx + diff --git a/ansible/templates/ssh_config b/ansible/templates/ssh_config index 11c8b17..1597da4 100644 --- a/ansible/templates/ssh_config +++ b/ansible/templates/ssh_config @@ -1,4 +1,4 @@ Host forge.lefuturiste.fr user git IdentitiesOnly yes - IdentityFile ~/.ssh/{{ device_name }}_generic_key_ed25519 + IdentityFile ~/.ssh/{{ device_name }}_perso_generic_ed25519 diff --git a/ansible/vm_files b/ansible/vm_files index 250ed9e..56c26cf 120000 --- a/ansible/vm_files +++ b/ansible/vm_files @@ -1 +1 @@ -/mnt/extramedia3/mbess/workspace/monakhos/sandbox_vms/vm1 \ No newline at end of file +/mnt/extramedia3/mbess/workspace/monakhos/target/blackjack \ No newline at end of file diff --git a/ansible/workstation.yaml b/ansible/workstation.yaml index 666b3ac..ffd6d34 100644 --- a/ansible/workstation.yaml +++ b/ansible/workstation.yaml @@ -42,6 +42,8 @@ community.general.pacman: name: - archlinux-keyring + - git + - openssh - name: Init pacman keyring become: true @@ -61,32 +63,18 @@ - when: not pacman_key_state_stat.stat.exists block: - shell: "rm -rf /etc/pacman.d/gnupg && pacman-key --init && pacman-key --populate archlinux" - - shell: "mkdir -p ~/.cache/monakhos; echo -n $(date --iso-8601=d) > {{ home }}/.cache/monakhos/pacman_key_state" + - shell: "mkdir -p {{ home }}/.cache/monakhos; echo -n $(date --iso-8601=d) > {{ home }}/.cache/monakhos/pacman_key_state" - - name: Install some basic packages - become: true - community.general.pacman: - name: - - cliphist - - - name: Install packages from YAML files (excluding AUR) - become: true - community.general.pacman: - name: "{{ lookup('file', 'arch_packages.json') | from_json }}" # the python script will return a list of packages - - # TODO: put pre-generated sshkeys - - # - name: Install yay, an AUR helper - # - name: Copy pre-generated ssh keys + when: "not target_is_real" block: - copy: src: ./vm_files/remote_key - dest: "{{ home }}/.ssh/{{ device_name }}_generic_key_ed25519" + dest: "{{ home }}/.ssh/{{ device_name }}_generic_ed25519" mode: u=rw,g=,o= - copy: src: ./vm_files/remote_key.pub - dest: "{{ home }}/.ssh/{{ device_name }}_generic_key_ed25519.pub" + dest: "{{ home }}/.ssh/{{ device_name }}_generic_ed25519.pub" mode: u=rw,g=,o= - name: Config git @@ -96,11 +84,24 @@ owner: "{{ user }}" mode: u=rw,g=,o= + - name: Load known hosts + template: + src: known_hosts + dest: "{{ home }}/.ssh/known_hosts" + owner: "{{ user }}" + mode: u=rw,g=,o= + - name: Clone dots file git: repo: "git@forge.lefuturiste.fr:mbess/dots.git" dest: "{{ home }}/.dots" + # INSTALL from YAML + - name: Install packages from YAML files (excluding AUR) + become: true + community.general.pacman: + name: "{{ (lookup('file', 'arch_packages.json') | from_json)['native'] }}" # the python script will return a list of packages + - name: Setup config directories file: path: "{{ home }}/.config/{{ item.dir }}" @@ -115,6 +116,20 @@ state: link loop: "{{ config_files }}" + - name: Set default shell + become: true + user: + name: "{{ user }}" + shell: /usr/bin/fish + + - name: Setup xremap + include_role: + name: xremap + + - name: Setup unbound + include_role: + name: unbound + - name: Setup main popequer notebook include_role: name: popequer_notebook @@ -153,7 +168,20 @@ packages: - yay-bin - # - name: Clone books sources - # ansible.builtin.git: - # repo: "git@forge.lefuturiste.fr:mbess/books-sources.git" - # dest: /home/mbess/workspace/books_sources + - name: Install AUR packages from YAML file + become: true + import_role: + name: aur + vars: + packages: "{{ (lookup('file', 'aur_packages.json') | from_json)['aur'] }}" + + - name: Clone books sources + ansible.builtin.git: + repo: "git@forge.lefuturiste.fr:mbess/books-sources.git" + dest: /home/mbess/workspace/books_sources + + - name: Clone monakhos + ansible.builtin.git: + repo: "git@forge.lefuturiste.fr:mbess/monakhos.git" + dest: /home/mbess/workspace/monakhos +