From 9c4a6a43417304960abb0ff7120dea7f1ebe8276 Mon Sep 17 00:00:00 2001 From: Matthieu Bessat Date: Thu, 30 May 2024 18:28:31 +0200 Subject: [PATCH] feat: systemd, unbound, more packages, dots venv --- ansible/arch_packages.json | 2 +- ansible/arch_packages.yaml | 66 +++++++-- ansible/parse_arch_packages.py | 2 +- ansible/pipx_packages.yaml | 1 + ansible/roles/dns/tasks/main.yaml | 32 ++++ .../roles/popequer_notebook/tasks/main.yaml | 6 + ansible/roles/unbound/tasks/main.yaml | 5 - ansible/roles/xremap/tasks/main.yaml | 22 ++- ansible/templates/fish/machine.fish | 2 + .../templates/systemd/system/xremap.service | 10 ++ .../systemd/user/hourly_remainder.service | 12 ++ .../systemd/user/hourly_remainder.timer | 11 ++ .../systemd/user/popequer_gitwatch@.service | 14 ++ .../systemd/user/sshfs_srv06_warmd.service | 15 ++ ansible/workstation.yaml | 139 ++++++++++++++---- 15 files changed, 291 insertions(+), 48 deletions(-) create mode 100644 ansible/pipx_packages.yaml create mode 100644 ansible/roles/dns/tasks/main.yaml delete mode 100644 ansible/roles/unbound/tasks/main.yaml create mode 100644 ansible/templates/fish/machine.fish create mode 100644 ansible/templates/systemd/system/xremap.service create mode 100644 ansible/templates/systemd/user/hourly_remainder.service create mode 100644 ansible/templates/systemd/user/hourly_remainder.timer create mode 100644 ansible/templates/systemd/user/popequer_gitwatch@.service create mode 100644 ansible/templates/systemd/user/sshfs_srv06_warmd.service diff --git a/ansible/arch_packages.json b/ansible/arch_packages.json index 829037e..687e75b 100644 --- a/ansible/arch_packages.json +++ b/ansible/arch_packages.json @@ -1 +1 @@ -{"native": ["util-linux", "man-pages", "less", "git", "tmux", "screen", "openssh", "base-devel", "mosh", "sshfs", "unbound", "bat", "plantuml", "fzf", "ripgrep", "fd", "moreutils", "rlwrap", "pv", "at", "ansible", "strace", "jo", "jq", "fx", "yq", "xsv", "s-nail", "figlet", "cowsay", "fortune-mod", "unzip", "unoconv", "pandoc", "libqalculate", "tig", "jwt-cli", "curl", "wget", "miniserve", "mitmproxy", "trurl", "nmap", "wireguard-tools", "tcpdump", "socat", "rsync", "rclone", "whois", "traceroute", "nload", "lsof", "w3m", "lf", "siege", "htop", "scrcpy", "acpi", "smartmontools", "lshw", "dmidecode", "usbutils", "ffmpeg", "imagemagick", "mpv", "yt-dlp", "tesseract", "tesseract-data-fra", "tesseract-data-eng", "zbar", "zint", "qrencode", "gopass", "qemu-base", "docker", "sqlite", "vim", "helix", "gcc", "make", "cmake", "libxkbcommon", "raylib", "gopls", "rust-analyzer", "redis", "ruff", "lua", "fish", "zoxide", "dash", "pavucontrol", "pulsemixer", "wev", "wtype", "wl-clipboard", "wofi", "sway", "swaylock", "swayidle", "swayimg", "dunst", "grim", "slurp", "cliphist", "nautilus", "cheese", "firefox-developer-edition", "torbrowser-launcher", "alacritty", "thunderbird", "signal-desktop", "zathura", "zathura-pdf-poppler", "zathura-djvu", "xournalpp", "nsxiv", "gthumb", "krita", "inkscape", "tenacity", "songrec", "cheese", "vlc", "obs-studio", "openscad", "blender", "libreoffice-still", "qgis", "dbeaver", "remmina", "ttf-roboto", "ttf-opensans", "ttf-liberation", "ttf-font-awesome", "ttf-fira-code"], "aur": ["aur/boxes", "aur/gitwatch-git", "aur/litecli", "aur/fish-fzf", "aur/shellcheck-bin", "aur/hyprpicker", "aur/brave-bin", "aur/mepo", "aur/screen-message", "aur/ttf-sourcesanspro", "aur/ttf-bona-nova"]} +{"native": ["util-linux", "man-pages", "less", "git", "tmux", "screen", "openssh", "base-devel", "mosh", "python-pipx", "protobuf", "libosmium", "expat", "cups", "acpi", "smartmontools", "lshw", "dmidecode", "usbutils", "brightnessctl", "lm_sensors", "sshfs", "unbound", "bluez", "bluez-utils", "bat", "plantuml", "fzf", "ripgrep", "fd", "moreutils", "rlwrap", "pv", "at", "ansible", "ansible-lint", "strace", "jo", "jq", "fx", "yq", "xsv", "tesseract", "tesseract-data-fra", "tesseract-data-eng", "hunspell", "hunspell-en_us", "hunspell-fr", "s-nail", "figlet", "cowsay", "fortune-mod", "unzip", "unoconv", "pandoc", "libqalculate", "tig", "jwt-cli", "curl", "wget", "miniserve", "mitmproxy", "trurl", "bind", "nmap", "wireguard-tools", "tcpdump", "socat", "rsync", "rclone", "whois", "traceroute", "nload", "lsof", "w3m", "lf", "siege", "htop", "scrcpy", "kdeconnect", "python-faker", "ffmpeg", "imagemagick", "mpv", "yt-dlp", "zbar", "zint", "qrencode", "gopass", "qemu-base", "docker", "sqlite", "vim", "helix", "gcc", "make", "cmake", "libxkbcommon", "raylib", "gopls", "rust-analyzer", "redis", "python-pip", "python-poetry", "ruff", "lua", "hugo", "fish", "zoxide", "dash", "pavucontrol", "pulsemixer", "wev", "wtype", "wl-clipboard", "wofi", "sway", "swaylock", "swayidle", "swayimg", "i3status-rust", "dunst", "grim", "slurp", "cliphist", "nautilus", "cheese", "firefox-developer-edition", "torbrowser-launcher", "alacritty", "thunderbird", "signal-desktop", "zathura", "zathura-pdf-poppler", "zathura-djvu", "xournalpp", "nsxiv", "gthumb", "krita", "inkscape", "tenacity", "songrec", "cheese", "celluloid", "vlc", "obs-studio", "openscad", "blender", "libreoffice-still", "qgis", "dbeaver", "remmina", "ttf-roboto", "ttf-opensans", "ttf-liberation", "ttf-font-awesome", "ttf-fira-code", "ttf-firacode-nerd"], "aur": ["xkb-qwerty-fr", "bluetuith", "boxes", "gitwatch-git", "litecli", "fish-fzf", "shellcheck-bin", "hyprpicker", "brave-bin", "mepo", "screen-message", "ttf-sourcesanspro", "ttf-bona-nova"]} diff --git a/ansible/arch_packages.yaml b/ansible/arch_packages.yaml index 298e885..08f4e85 100644 --- a/ansible/arch_packages.yaml +++ b/ansible/arch_packages.yaml @@ -10,11 +10,39 @@ categories: - base-devel - name: mosh desc: The best to connect to remote server! + - name: python-pipx + desc: To install python stuff + + libs: + - protobuf + - libosmium + - name: expat + desc: XML parser lib + + hardware: + printing: + - cups + _: + - acpi + - smartmontools # monitor drive (SSD) health + - lshw + - dmidecode # to list memory slots + - usbutils + - brightnessctl + - lm_sensors network: - sshfs - unbound + keymap: + - aur/xkb-qwerty-fr + + bluetooth: + - bluez + - bluez-utils + - aur/bluetuith + utils: _: - bat @@ -32,6 +60,7 @@ categories: desc: scheduler automation: - ansible + - ansible-lint system: - strace text_processing: @@ -43,6 +72,15 @@ categories: - yq csv: - xsv # rust CSV toolkit + language: + ocr: + - tesseract + - tesseract-data-fra + - tesseract-data-eng + spell: + - hunspell + - hunspell-en_us + - hunspell-fr mail: - s-nail fun: @@ -69,6 +107,8 @@ categories: - mitmproxy - name: trurl desc: URL processing + dns: + - bind _: - nmap - wireguard-tools @@ -92,22 +132,17 @@ categories: - htop android: - scrcpy - - hardware: - - acpi - - smartmontools # monitor drive (SSD) health - - lshw - - dmidecode # to list memory slots - - usbutils + - kdeconnect + geo: [] + # - aur/osmium-tool + fake: + - python-faker multimedia: - ffmpeg - imagemagick - mpv - yt-dlp - - tesseract - - tesseract-data-fra - - tesseract-data-eng - zbar - zint - qrencode @@ -115,7 +150,6 @@ categories: security: - gopass - runtimes: virtualization: - qemu-base @@ -142,10 +176,15 @@ categories: dbs: - redis python: + _: + - python-pip + - python-poetry lint: - ruff lua: - lua + static: + - hugo shell: - fish @@ -176,6 +215,7 @@ categories: - swaylock - swayidle - swayimg + - i3status-rust color_picker: - aur/hyprpicker notification: @@ -223,8 +263,10 @@ categories: - songrec video: - cheese + - celluloid - vlc - obs-studio + #- kdenlive 3d: - openscad - blender @@ -248,5 +290,7 @@ categories: - ttf-liberation - ttf-font-awesome - ttf-fira-code + - ttf-firacode-nerd - aur/ttf-sourcesanspro - aur/ttf-bona-nova + diff --git a/ansible/parse_arch_packages.py b/ansible/parse_arch_packages.py index 3dbb388..7d5d86b 100644 --- a/ansible/parse_arch_packages.py +++ b/ansible/parse_arch_packages.py @@ -29,7 +29,7 @@ aur_names = [] for p in flat_packages: assert isinstance(p, dict) if p['name'].startswith('aur/'): - aur_names.append(p['name']) + aur_names.append(p['name'].split('/')[1]) continue native_names.append(p['name']) diff --git a/ansible/pipx_packages.yaml b/ansible/pipx_packages.yaml new file mode 100644 index 0000000..277cc02 --- /dev/null +++ b/ansible/pipx_packages.yaml @@ -0,0 +1 @@ +- diff --git a/ansible/roles/dns/tasks/main.yaml b/ansible/roles/dns/tasks/main.yaml new file mode 100644 index 0000000..a23a1ec --- /dev/null +++ b/ansible/roles/dns/tasks/main.yaml @@ -0,0 +1,32 @@ +- name: Setup unbound config + become: true + copy: + src: "{{ home }}/.dots/config/unbound/unbound.conf" + dest: "/etc/unbound/unbound.conf" + owner: unbound + mode: "u=rwX,g=rX,o=" + +- name: Setup unbound control certificates + become: true + shell: /usr/bin/unbound-control-setup + +- name: Specify resolv configuration to use the local unbound server + become: true + copy: + dest: /etc/resolv.conf + content: | + nameserver ::1 + nameserver 127.0.0.1 + +- name: Protect resolv + become: true + file: + path: /etc/resolv.conf + attributes: '+i' + +- name: Enable unbound service + become: true + ansible.builtin.systemd_service: + name: unbound + state: started + enabled: true diff --git a/ansible/roles/popequer_notebook/tasks/main.yaml b/ansible/roles/popequer_notebook/tasks/main.yaml index 7fc9860..f7ec4d7 100644 --- a/ansible/roles/popequer_notebook/tasks/main.yaml +++ b/ansible/roles/popequer_notebook/tasks/main.yaml @@ -6,3 +6,9 @@ ansible.builtin.git: repo: "git@forge.lefuturiste.fr:mbess/main-popequer-notebook.git" dest: /home/mbess/notebooks/personal +- name: Setup gitwatch + systemd_service: + scope: user + name: popequer_gitwatch@personal + state: started + enabled: true diff --git a/ansible/roles/unbound/tasks/main.yaml b/ansible/roles/unbound/tasks/main.yaml deleted file mode 100644 index b840230..0000000 --- a/ansible/roles/unbound/tasks/main.yaml +++ /dev/null @@ -1,5 +0,0 @@ -- name: Setup unbound config - file: - src: "{{ home }}/.dots/config/unbound/unbound.conf" - dest: "/etc/unbound/unbound.conf" - state: link diff --git a/ansible/roles/xremap/tasks/main.yaml b/ansible/roles/xremap/tasks/main.yaml index 15e1fb3..3832f8d 100644 --- a/ansible/roles/xremap/tasks/main.yaml +++ b/ansible/roles/xremap/tasks/main.yaml @@ -1,7 +1,27 @@ +- name: Install xremap via AUR + import_role: + name: aur + vars: + packages: + - xremap-wlroots-bin + +- name: Setup xremap dir + file: + path: "{{ home }}/.config/xremap" + state: directory + recurse: true + - name: Generate xremap config shell: "python3 {{ home }}/.dots/scripts/generate_xremap_config.py" -- name: Setup xremap systemd +- name: Generate xremap systemd service unit + become: true + template: + src: systemd/system/xremap.service + dest: /usr/lib/systemd/system/xremap.service + +- name: Enable xremap systemd service + become: true ansible.builtin.systemd_service: name: xremap state: started diff --git a/ansible/templates/fish/machine.fish b/ansible/templates/fish/machine.fish new file mode 100644 index 0000000..62d5e62 --- /dev/null +++ b/ansible/templates/fish/machine.fish @@ -0,0 +1,2 @@ +alias machine-name="{{ device_name }}" + diff --git a/ansible/templates/systemd/system/xremap.service b/ansible/templates/systemd/system/xremap.service new file mode 100644 index 0000000..cf2404b --- /dev/null +++ b/ansible/templates/systemd/system/xremap.service @@ -0,0 +1,10 @@ +[Install] +WantedBy=multi-user.target + +[Unit] +Description=xremap + +[Service] +Restart=always +ExecStart=xremap {{ home }}/.config/xremap/config.yaml --watch + diff --git a/ansible/templates/systemd/user/hourly_remainder.service b/ansible/templates/systemd/user/hourly_remainder.service new file mode 100644 index 0000000..de720bc --- /dev/null +++ b/ansible/templates/systemd/user/hourly_remainder.service @@ -0,0 +1,12 @@ +[Unit] +Description=Send notif about time +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=no +ExecStart={{ home }}/.dots/scripts/notify_time.sh + +[Install] +WantedBy=default.target + diff --git a/ansible/templates/systemd/user/hourly_remainder.timer b/ansible/templates/systemd/user/hourly_remainder.timer new file mode 100644 index 0000000..a1fc568 --- /dev/null +++ b/ansible/templates/systemd/user/hourly_remainder.timer @@ -0,0 +1,11 @@ +[Unit] +Description=Run every hour to remind the user about the time passing by + +[Timer] +OnBootSec=1min +OnCalendar=*:00 +Persistent=true + +[Install] +WantedBy=timers.target + diff --git a/ansible/templates/systemd/user/popequer_gitwatch@.service b/ansible/templates/systemd/user/popequer_gitwatch@.service new file mode 100644 index 0000000..0d573a3 --- /dev/null +++ b/ansible/templates/systemd/user/popequer_gitwatch@.service @@ -0,0 +1,14 @@ +[Unit] +Description=Sync popequer notebook with git + +[Service] +# the buffer period in seconds 5min = 300s +Type=simple +ExecStart=/usr/bin/gitwatch -r origin -s 300 {{ home }}/notebooks/%i +ExecStop=/bin/true +Restart=always +RestartSec=30 + +[Install] +WantedBy=default.target + diff --git a/ansible/templates/systemd/user/sshfs_srv06_warmd.service b/ansible/templates/systemd/user/sshfs_srv06_warmd.service new file mode 100644 index 0000000..54d2e30 --- /dev/null +++ b/ansible/templates/systemd/user/sshfs_srv06_warmd.service @@ -0,0 +1,15 @@ +[Unit] +Description=SSHFS Daemon to mount srv06 warmd as a volume +StartLimitInterval=200 +StartLimitBurst=8 + +[Service] +Type=simple +ExecStart=/usr/bin/sshfs -f {{ user }}@srv06.rem:/warmd/mbess {{ home }}/.mnt/warmd -o reconnect,ServerAliveInterval=30,ServerAliveCountMax=5 +Restart=always +StandardOutput=journal +RestartSec=20 + +[Install] +WantedBy=default.target + diff --git a/ansible/workstation.yaml b/ansible/workstation.yaml index ffd6d34..611412c 100644 --- a/ansible/workstation.yaml +++ b/ansible/workstation.yaml @@ -2,6 +2,15 @@ gather_facts: True vars: home: /home/{{ user }} + systemd_services: + system: [] + user: + - name: "sshfs_srv06_warmd" + enabled: true + - name: "popequer_gitwatch@" + - name: "hourly_remainder" + enabled: true + timer: true config_files: - dir: fish name: config.fish @@ -23,6 +32,9 @@ name: init.lua - dir: nvim name: lua # lua dir + # for desktop notifications + - dir: dunst + name: dunstrc tasks: - name: Init arch block: @@ -91,17 +103,27 @@ owner: "{{ user }}" mode: u=rw,g=,o= - - name: Clone dots file - git: - repo: "git@forge.lefuturiste.fr:mbess/dots.git" - dest: "{{ home }}/.dots" - # INSTALL from YAML - name: Install packages from YAML files (excluding AUR) become: true community.general.pacman: name: "{{ (lookup('file', 'arch_packages.json') | from_json)['native'] }}" # the python script will return a list of packages + # DOTS + - name: Clone dots file + git: + repo: "git@forge.lefuturiste.fr:mbess/dots.git" + dest: "{{ home }}/.dots" + + - name: Install requirements in dots + pip: + virtualenv: "{{ home }}/.dots/venv" + requirements: "{{ home }}/.dots/requirements.txt" + + - name: Setup DNS and unbound + include_role: + name: dns + - name: Setup config directories file: path: "{{ home }}/.config/{{ item.dir }}" @@ -122,29 +144,11 @@ name: "{{ user }}" shell: /usr/bin/fish - - name: Setup xremap - include_role: - name: xremap + - name: Create machine.fish + template: + src: fish/machine.fish + dest: "{{ home }}/.config/fish/machine.fish" - - name: Setup unbound - include_role: - name: unbound - - - name: Setup main popequer notebook - include_role: - name: popequer_notebook - - - name: Setup quick notes folder - file: - path: "{{ home }}/.hidden/quick_notes/" - state: directory - recurse: true - - name: Setup temporary secrets folder (cookies jar) - file: - path: "{{ home }}/.cache/secrets/" - state: directory - recurse: true - - name: Create the aur_builder user become: yes ansible.builtin.user: @@ -161,6 +165,11 @@ mode: 0644 validate: 'visudo -cf %s' + - name: Setup xremap + include_role: + name: xremap + + # AUR packages - name: Install yay import_role: name: aur @@ -173,8 +182,81 @@ import_role: name: aur vars: - packages: "{{ (lookup('file', 'aur_packages.json') | from_json)['aur'] }}" + packages: "{{ (lookup('file', 'arch_packages.json') | from_json)['aur'] }}" + # SYSTEMD + - name: Setup systemd user services folder + file: + path: "{{ home }}/.config/systemd/user" + state: directory + recurse: true + + - name: Setup user units + template: + src: "systemd/user/{{ item.name }}.service" + dest: "{{ home }}/.config/systemd/user/{{ item.name }}.service" + loop: "{{ systemd_services.user }}" + + - name: Setup user timers + when: "item.timer is defined and item.timer" + loop: "{{ systemd_services.user }}" + template: + src: "systemd/user/{{ item.name }}.timer" + dest: "{{ home }}/.config/systemd/user/{{ item.name }}.timer" + + - name: Enable some systemd user services + when: "item.enabled is defined and item.enabled" + loop: "{{ systemd_services.user }}" + systemd_service: + daemon_reload: true + scope: user + name: "{{ item.name }}" + state: started + enabled: true + + - name: Enable some systemd user timers + when: "item.timer is defined and item.timer" + loop: "{{ systemd_services.user }}" + systemd_service: + scope: user + name: "{{ item.name }}.timer" + state: started + enabled: true + + # OTHERS + - name: Setup quick notes folder + file: + path: "{{ home }}/.hidden/quick_notes/" + state: directory + recurse: true + - name: Setup temporary secrets folder (cookies jar) + file: + path: "{{ home }}/.cache/secrets/" + state: directory + recurse: true + + - name: Setup main popequer notebook + include_role: + name: popequer_notebook + + - name: Install others packages + community.general.pipx: + name: "{{ item }}" + loop: + - azlyrics2 + - lesspass + - jc + - xkcd-pass + - yewtube + + - name: Enable bluetooth service + become: true + ansible.builtin.systemd_service: + name: bluetooth + state: started + enabled: true + + # WORKSPACE - name: Clone books sources ansible.builtin.git: repo: "git@forge.lefuturiste.fr:mbess/books-sources.git" @@ -184,4 +266,3 @@ ansible.builtin.git: repo: "git@forge.lefuturiste.fr:mbess/monakhos.git" dest: /home/mbess/workspace/monakhos -