mbess/monakhos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Activity

update

Browse source
This commit is contained in:
Matthieu Bessat 2024-05-27 23:19:04 +02:00
parent 003a22ca6e
commit 45076c5231
11 changed files with 230 additions and 61 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
TODO.md Normal file
View file

@ -0,0 +1,9 @@
# TODO
- add email client setup
- add gopass config
- add python pool
- add cargo global packages, like `pads`

2
ansible/arch_packages.json
View file

@ -1 +1 @@
["util-linux", "less", "git", "moreutils", "tmux", "openssh", "base-devel", "moreutils", "fzf", "lf", "ripgrep", "fd", "bat", "pv", "at", "jo", "jq", "fx", "yq", "xsv", "unzip", "unoconv", "pandoc", "libqalculate", "wget", "nmap", "wireguard-tools", "tcpdump", "socat", "rsync", "rclone", "lsof", "w3m", "acpi", "smartmontools", "lshw", "dmidecode", "usbutils", "ffmpeg", "imagemagick", "mpv", "yt-dlp", "tesseract", "tesseract-data-fra", "tesseract-data-eng", "gopass", "vim", "helix", "gcc", "make", "cmake", "libxkbcommon", "jwt-cli", "fish", "zoxide", "dash", "pavucontrol", "wev", "wtype", "wl-clipboard", "wofi", "sway", "swaylock", "swayidle", "cliphist", "firefox-developer-edition", "torbrowser-launcher", "alacritty", "thunderbird", "zathura", "krita", "inkscape", "libreoffice-still", "ttf-font-awesome", "ttf-fira-code"] {"native": ["util-linux", "man-pages", "less", "git", "tmux", "screen", "openssh", "base-devel", "mosh", "sshfs", "unbound", "bat", "plantuml", "fzf", "ripgrep", "fd", "moreutils", "rlwrap", "pv", "at", "ansible", "strace", "jo", "jq", "fx", "yq", "xsv", "s-nail", "figlet", "cowsay", "fortune-mod", "unzip", "unoconv", "pandoc", "libqalculate", "tig", "jwt-cli", "curl", "wget", "miniserve", "mitmproxy", "trurl", "nmap", "wireguard-tools", "tcpdump", "socat", "rsync", "rclone", "whois", "traceroute", "nload", "lsof", "w3m", "lf", "siege", "htop", "scrcpy", "acpi", "smartmontools", "lshw", "dmidecode", "usbutils", "ffmpeg", "imagemagick", "mpv", "yt-dlp", "tesseract", "tesseract-data-fra", "tesseract-data-eng", "zbar", "zint", "qrencode", "gopass", "qemu-base", "docker", "sqlite", "vim", "helix", "gcc", "make", "cmake", "libxkbcommon", "raylib", "gopls", "rust-analyzer", "redis", "ruff", "lua", "fish", "zoxide", "dash", "pavucontrol", "pulsemixer", "wev", "wtype", "wl-clipboard", "wofi", "sway", "swaylock", "swayidle", "swayimg", "dunst", "grim", "slurp", "cliphist", "nautilus", "cheese", "firefox-developer-edition", "torbrowser-launcher", "alacritty", "thunderbird", "signal-desktop", "zathura", "zathura-pdf-poppler", "zathura-djvu", "xournalpp", "nsxiv", "gthumb", "krita", "inkscape", "tenacity", "songrec", "cheese", "vlc", "obs-studio", "openscad", "blender", "libreoffice-still", "qgis", "dbeaver", "remmina", "ttf-roboto", "ttf-opensans", "ttf-liberation", "ttf-font-awesome", "ttf-fira-code"], "aur": ["aur/boxes", "aur/gitwatch-git", "aur/litecli", "aur/fish-fzf", "aur/shellcheck-bin", "aur/hyprpicker", "aur/brave-bin", "aur/mepo", "aur/screen-message", "aur/ttf-sourcesanspro", "aur/ttf-bona-nova"]}

170
ansible/arch_packages.yaml
View file

@ -1,25 +1,39 @@
categories: categories:
base: base:
- util-linux - util-linux
- man-pages
- less - less
- git - git
- moreutils
- tmux - tmux
- screen
- openssh - openssh
- base-devel - base-devel
- name: mosh
desc: The best to connect to remote server!
network:
- sshfs
- unbound
utils: utils:
_: _:
- moreutils - bat
- plantuml
finder:
- fzf - fzf
- lf
- ripgrep - ripgrep
- fd - fd
- bat unix:
- moreutils
- rlwrap
- name: pv - name: pv
desc: pipe viewer desc: pipe viewer
- name: at - name: at
desc: scheduler desc: scheduler
automation:
- ansible
system:
- strace
text_processing: text_processing:
json: json:
- jo - jo
@ -29,6 +43,13 @@ categories:
- yq - yq
csv: csv:
- xsv # rust CSV toolkit - xsv # rust CSV toolkit
mail:
- s-nail
fun:
- figlet
- cowsay
- aur/boxes
- fortune-mod
archives: archives:
- unzip - unzip
bureautique: bureautique:
@ -36,19 +57,41 @@ categories:
- pandoc # general purpose document converter - pandoc # general purpose document converter
math: math:
- libqalculate # qalc - libqalculate # qalc
git:
- aur/gitwatch-git
- tig
network: network:
- wget http:
- nmap - jwt-cli
- wireguard-tools - curl
- tcpdump - wget
- socat # TCP proxy or relay - miniserve
- rsync - mitmproxy
- rclone - name: trurl
desc: URL processing
_:
- nmap
- wireguard-tools
- tcpdump
- socat # TCP proxy or relay
- rsync
- rclone
- whois
- traceroute
- nload
fs: fs:
- lsof - lsof
tui: tui:
browser: browser:
- w3m - w3m
files:
- lf
security:
- siege
monitoring:
- htop
android:
- scrcpy
hardware: hardware:
- acpi - acpi
@ -65,11 +108,23 @@ categories:
- tesseract - tesseract
- tesseract-data-fra - tesseract-data-fra
- tesseract-data-eng - tesseract-data-eng
- zbar
- zint
- qrencode
security: security:
- gopass - gopass
dev:
runtimes:
virtualization:
- qemu-base
docker:
- docker
programming:
sqlite:
- sqlite
- aur/litecli
editor: editor:
- vim - vim
- helix - helix
@ -78,10 +133,19 @@ categories:
- make - make
- cmake - cmake
- libxkbcommon - libxkbcommon
- raylib
lsp:
http_utils: - gopls
- jwt-cli - rust-analyzer
rust: {}
# - rustup
dbs:
- redis
python:
lint:
- ruff
lua:
- lua
shell: shell:
- fish - fish
@ -93,25 +157,41 @@ categories:
- name: aur/shellcheck-bin - name: aur/shellcheck-bin
desc: Static analyzer for shell script desc: Static analyzer for shell script
sound: audio:
control: control:
- pavucontrol - name: pavucontrol
desc: GTK GUI
- name: pulsemixer
desc: pulseaudio TUI
desktop: desktop:
wayland: wayland:
- wev _:
- wtype - wev
- wl-clipboard - wtype
- name: wofi - wl-clipboard
desc: remplacement for rofi - name: wofi
- sway desc: Remplacement for rofi
- swaylock - sway
- swayidle - swaylock
- swayidle
- swayimg
color_picker:
- aur/hyprpicker
notification:
- dunst
screenshot:
- grim
- name: slurp
desc: region screenshoting
desktop_utils: desktop_utils:
- cliphist - cliphist
GUI: GUI:
files:
- nautilus
- cheese
browser: browser:
- firefox-developer-edition - firefox-developer-edition
- torbrowser-launcher - torbrowser-launcher
@ -120,21 +200,53 @@ categories:
- alacritty - alacritty
mail: mail:
- thunderbird - thunderbird
viewer: communication:
- zathura - signal-desktop
document:
viewer:
- zathura
- zathura-pdf-poppler
- zathura-djvu
editor:
- xournalpp
images: images:
viewer:
- nsxiv
- gthumb
creation:
art: art:
- krita - krita
svg: svg:
- inkscape - inkscape
audio:
- tenacity
- songrec
video:
- cheese
- vlc
- obs-studio
3d:
- openscad
- blender
bureautique: bureautique:
- libreoffice-still - libreoffice-still
geo: geo:
- aur/mepo - aur/mepo
- qgis
prog:
- name: dbeaver
tags: ['heavy-gui']
remote_access:
- remmina
#- remmina-plugin-rdesktop
_: _:
- name: aur/screen-message - name: aur/screen-message
description: Utility to write in big on the screen description: Utility to write in big on the screen
fonts: fonts:
- ttf-roboto
- ttf-opensans
- ttf-liberation
- ttf-font-awesome - ttf-font-awesome
- ttf-fira-code - ttf-fira-code
- aur/ttf-sourcesanspro
- aur/ttf-bona-nova

11
ansible/parse_arch_packages.py
View file

@ -24,12 +24,17 @@ def flatten_packages(item):
flat_packages = flatten_packages(packages_tree) flat_packages = flatten_packages(packages_tree)
names = [] native_names = []
aur_names = []
for p in flat_packages: for p in flat_packages:
assert isinstance(p, dict) assert isinstance(p, dict)
if p['name'].startswith('aur/'): if p['name'].startswith('aur/'):
aur_names.append(p['name'])
continue continue
names.append(p['name']) native_names.append(p['name'])
print(json.dumps(names)) print(json.dumps({
"native": native_names,
"aur": aur_names
}))
# print(' '.join(names)) # print(' '.join(names))

5
ansible/roles/unbound/tasks/main.yaml Normal file
View file

@ -0,0 +1,5 @@
- name: Setup unbound config
file:
src: "{{ home }}/.dots/config/unbound/unbound.conf"
dest: "/etc/unbound/unbound.conf"
state: link

8
ansible/roles/xremap/tasks/main.yaml Normal file
View file

@ -0,0 +1,8 @@
- name: Generate xremap config
shell: "python3 {{ home }}/.dots/scripts/generate_xremap_config.py"
- name: Setup xremap systemd
ansible.builtin.systemd_service:
name: xremap
state: started
enabled: true

8
ansible/run_ansible_playbook.sh
View file

@ -18,9 +18,9 @@ ln -s $workdir $base/vm_files
ansible-playbook $base/workstation.yaml \ ansible-playbook $base/workstation.yaml \
-v \ -v \
-u "mbess" \ -u "mbess" \
-i "$base/inventory.yaml" \ -i "inventory.yml" \
--ssh-extra-args "-o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 2222 -i ./master_sshkey" \ --ssh-extra-args "-o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 22 -i ./master_sshkey" \
--extra-vars "@$workdir/vars.yaml" \ --extra-vars "@$workdir/vars.yaml" \
--extra-vars "ansible_sudo_pass=root" \ --extra-vars "ansible_sudo_pass=pidell43"
--start-at-task "Create the aur_builder user" #--start-at-task "Create the aur_builder user"

2
ansible/templates/known_hosts Normal file
View file

@ -0,0 +1,2 @@
forge.lefuturiste.fr ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILKMyZOmGlQaSFHE6f0br0zmvzLv1LQfc8lRFPX6j8zx

2
ansible/templates/ssh_config
View file

@ -1,4 +1,4 @@
Host forge.lefuturiste.fr Host forge.lefuturiste.fr
user git user git
IdentitiesOnly yes IdentitiesOnly yes
IdentityFile ~/.ssh/{{ device_name }}_generic_key_ed25519 IdentityFile ~/.ssh/{{ device_name }}_perso_generic_ed25519

2
ansible/vm_files
View file

@ -1 +1 @@
/mnt/extramedia3/mbess/workspace/monakhos/sandbox_vms/vm1 /mnt/extramedia3/mbess/workspace/monakhos/target/blackjack

72
ansible/workstation.yaml
View file

@ -42,6 +42,8 @@
community.general.pacman: community.general.pacman:
name: name:
- archlinux-keyring - archlinux-keyring
- git
- openssh
- name: Init pacman keyring - name: Init pacman keyring
become: true become: true
@ -61,32 +63,18 @@
- when: not pacman_key_state_stat.stat.exists - when: not pacman_key_state_stat.stat.exists
block: block:
- shell: "rm -rf /etc/pacman.d/gnupg && pacman-key --init && pacman-key --populate archlinux" - shell: "rm -rf /etc/pacman.d/gnupg && pacman-key --init && pacman-key --populate archlinux"
- shell: "mkdir -p ~/.cache/monakhos; echo -n $(date --iso-8601=d) > {{ home }}/.cache/monakhos/pacman_key_state" - shell: "mkdir -p {{ home }}/.cache/monakhos; echo -n $(date --iso-8601=d) > {{ home }}/.cache/monakhos/pacman_key_state"
- name: Install some basic packages
become: true
community.general.pacman:
name:
- cliphist
- name: Install packages from YAML files (excluding AUR)
become: true
community.general.pacman:
name: "{{ lookup('file', 'arch_packages.json') | from_json }}" # the python script will return a list of packages
# TODO: put pre-generated sshkeys
# - name: Install yay, an AUR helper
#
- name: Copy pre-generated ssh keys - name: Copy pre-generated ssh keys
when: "not target_is_real"
block: block:
- copy: - copy:
src: ./vm_files/remote_key src: ./vm_files/remote_key
dest: "{{ home }}/.ssh/{{ device_name }}_generic_key_ed25519" dest: "{{ home }}/.ssh/{{ device_name }}_generic_ed25519"
mode: u=rw,g=,o= mode: u=rw,g=,o=
- copy: - copy:
src: ./vm_files/remote_key.pub src: ./vm_files/remote_key.pub
dest: "{{ home }}/.ssh/{{ device_name }}_generic_key_ed25519.pub" dest: "{{ home }}/.ssh/{{ device_name }}_generic_ed25519.pub"
mode: u=rw,g=,o= mode: u=rw,g=,o=
- name: Config git - name: Config git
@ -96,11 +84,24 @@
owner: "{{ user }}" owner: "{{ user }}"
mode: u=rw,g=,o= mode: u=rw,g=,o=
- name: Load known hosts
template:
src: known_hosts
dest: "{{ home }}/.ssh/known_hosts"
owner: "{{ user }}"
mode: u=rw,g=,o=
- name: Clone dots file - name: Clone dots file
git: git:
repo: "git@forge.lefuturiste.fr:mbess/dots.git" repo: "git@forge.lefuturiste.fr:mbess/dots.git"
dest: "{{ home }}/.dots" dest: "{{ home }}/.dots"
# INSTALL from YAML
- name: Install packages from YAML files (excluding AUR)
become: true
community.general.pacman:
name: "{{ (lookup('file', 'arch_packages.json') | from_json)['native'] }}" # the python script will return a list of packages
- name: Setup config directories - name: Setup config directories
file: file:
path: "{{ home }}/.config/{{ item.dir }}" path: "{{ home }}/.config/{{ item.dir }}"
@ -115,6 +116,20 @@
state: link state: link
loop: "{{ config_files }}" loop: "{{ config_files }}"
- name: Set default shell
become: true
user:
name: "{{ user }}"
shell: /usr/bin/fish
- name: Setup xremap
include_role:
name: xremap
- name: Setup unbound
include_role:
name: unbound
- name: Setup main popequer notebook - name: Setup main popequer notebook
include_role: include_role:
name: popequer_notebook name: popequer_notebook
@ -153,7 +168,20 @@
packages: packages:
- yay-bin - yay-bin
# - name: Clone books sources - name: Install AUR packages from YAML file
# ansible.builtin.git: become: true
# repo: "git@forge.lefuturiste.fr:mbess/books-sources.git" import_role:
# dest: /home/mbess/workspace/books_sources name: aur
vars:
packages: "{{ (lookup('file', 'aur_packages.json') | from_json)['aur'] }}"
- name: Clone books sources
ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/books-sources.git"
dest: /home/mbess/workspace/books_sources
- name: Clone monakhos
ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/monakhos.git"
dest: /home/mbess/workspace/monakhos