mbess/monakhos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Activity

feat: systemd, unbound, more packages, dots venv

Browse source
This commit is contained in:
Matthieu Bessat 2024-05-30 18:28:31 +02:00
parent 45076c5231
commit 9c4a6a4341
15 changed files with 291 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ansible/arch_packages.json
View file

@ -1 +1 @@
{"native": ["util-linux", "man-pages", "less", "git", "tmux", "screen", "openssh", "base-devel", "mosh", "sshfs", "unbound", "bat", "plantuml", "fzf", "ripgrep", "fd", "moreutils", "rlwrap", "pv", "at", "ansible", "strace", "jo", "jq", "fx", "yq", "xsv", "s-nail", "figlet", "cowsay", "fortune-mod", "unzip", "unoconv", "pandoc", "libqalculate", "tig", "jwt-cli", "curl", "wget", "miniserve", "mitmproxy", "trurl", "nmap", "wireguard-tools", "tcpdump", "socat", "rsync", "rclone", "whois", "traceroute", "nload", "lsof", "w3m", "lf", "siege", "htop", "scrcpy", "acpi", "smartmontools", "lshw", "dmidecode", "usbutils", "ffmpeg", "imagemagick", "mpv", "yt-dlp", "tesseract", "tesseract-data-fra", "tesseract-data-eng", "zbar", "zint", "qrencode", "gopass", "qemu-base", "docker", "sqlite", "vim", "helix", "gcc", "make", "cmake", "libxkbcommon", "raylib", "gopls", "rust-analyzer", "redis", "ruff", "lua", "fish", "zoxide", "dash", "pavucontrol", "pulsemixer", "wev", "wtype", "wl-clipboard", "wofi", "sway", "swaylock", "swayidle", "swayimg", "dunst", "grim", "slurp", "cliphist", "nautilus", "cheese", "firefox-developer-edition", "torbrowser-launcher", "alacritty", "thunderbird", "signal-desktop", "zathura", "zathura-pdf-poppler", "zathura-djvu", "xournalpp", "nsxiv", "gthumb", "krita", "inkscape", "tenacity", "songrec", "cheese", "vlc", "obs-studio", "openscad", "blender", "libreoffice-still", "qgis", "dbeaver", "remmina", "ttf-roboto", "ttf-opensans", "ttf-liberation", "ttf-font-awesome", "ttf-fira-code"], "aur": ["aur/boxes", "aur/gitwatch-git", "aur/litecli", "aur/fish-fzf", "aur/shellcheck-bin", "aur/hyprpicker", "aur/brave-bin", "aur/mepo", "aur/screen-message", "aur/ttf-sourcesanspro", "aur/ttf-bona-nova"]}
{"native": ["util-linux", "man-pages", "less", "git", "tmux", "screen", "openssh", "base-devel", "mosh", "python-pipx", "protobuf", "libosmium", "expat", "cups", "acpi", "smartmontools", "lshw", "dmidecode", "usbutils", "brightnessctl", "lm_sensors", "sshfs", "unbound", "bluez", "bluez-utils", "bat", "plantuml", "fzf", "ripgrep", "fd", "moreutils", "rlwrap", "pv", "at", "ansible", "ansible-lint", "strace", "jo", "jq", "fx", "yq", "xsv", "tesseract", "tesseract-data-fra", "tesseract-data-eng", "hunspell", "hunspell-en_us", "hunspell-fr", "s-nail", "figlet", "cowsay", "fortune-mod", "unzip", "unoconv", "pandoc", "libqalculate", "tig", "jwt-cli", "curl", "wget", "miniserve", "mitmproxy", "trurl", "bind", "nmap", "wireguard-tools", "tcpdump", "socat", "rsync", "rclone", "whois", "traceroute", "nload", "lsof", "w3m", "lf", "siege", "htop", "scrcpy", "kdeconnect", "python-faker", "ffmpeg", "imagemagick", "mpv", "yt-dlp", "zbar", "zint", "qrencode", "gopass", "qemu-base", "docker", "sqlite", "vim", "helix", "gcc", "make", "cmake", "libxkbcommon", "raylib", "gopls", "rust-analyzer", "redis", "python-pip", "python-poetry", "ruff", "lua", "hugo", "fish", "zoxide", "dash", "pavucontrol", "pulsemixer", "wev", "wtype", "wl-clipboard", "wofi", "sway", "swaylock", "swayidle", "swayimg", "i3status-rust", "dunst", "grim", "slurp", "cliphist", "nautilus", "cheese", "firefox-developer-edition", "torbrowser-launcher", "alacritty", "thunderbird", "signal-desktop", "zathura", "zathura-pdf-poppler", "zathura-djvu", "xournalpp", "nsxiv", "gthumb", "krita", "inkscape", "tenacity", "songrec", "cheese", "celluloid", "vlc", "obs-studio", "openscad", "blender", "libreoffice-still", "qgis", "dbeaver", "remmina", "ttf-roboto", "ttf-opensans", "ttf-liberation", "ttf-font-awesome", "ttf-fira-code", "ttf-firacode-nerd"], "aur": ["xkb-qwerty-fr", "bluetuith", "boxes", "gitwatch-git", "litecli", "fish-fzf", "shellcheck-bin", "hyprpicker", "brave-bin", "mepo", "screen-message", "ttf-sourcesanspro", "ttf-bona-nova"]}

66
ansible/arch_packages.yaml
View file

@ -10,11 +10,39 @@ categories:
- base-devel
- name: mosh
desc: The best to connect to remote server!
- name: python-pipx
desc: To install python stuff
libs:
- protobuf
- libosmium
- name: expat
desc: XML parser lib
hardware:
printing:
- cups
_:
- acpi
- smartmontools # monitor drive (SSD) health
- lshw
- dmidecode # to list memory slots
- usbutils
- brightnessctl
- lm_sensors
network:
- sshfs
- unbound
keymap:
- aur/xkb-qwerty-fr
bluetooth:
- bluez
- bluez-utils
- aur/bluetuith
utils:
_:
- bat
@ -32,6 +60,7 @@ categories:
desc: scheduler
automation:
- ansible
- ansible-lint
system:
- strace
text_processing:
@ -43,6 +72,15 @@ categories:
- yq
csv:
- xsv # rust CSV toolkit
language:
ocr:
- tesseract
- tesseract-data-fra
- tesseract-data-eng
spell:
- hunspell
- hunspell-en_us
- hunspell-fr
mail:
- s-nail
fun:
@ -69,6 +107,8 @@ categories:
- mitmproxy
- name: trurl
desc: URL processing
dns:
- bind
_:
- nmap
- wireguard-tools
@ -92,22 +132,17 @@ categories:
- htop
android:
- scrcpy
hardware:
- acpi
- smartmontools # monitor drive (SSD) health
- lshw
- dmidecode # to list memory slots
- usbutils
- kdeconnect
geo: []
# - aur/osmium-tool
fake:
- python-faker
multimedia:
- ffmpeg
- imagemagick
- mpv
- yt-dlp
- tesseract
- tesseract-data-fra
- tesseract-data-eng
- zbar
- zint
- qrencode
@ -115,7 +150,6 @@ categories:
security:
- gopass
runtimes:
virtualization:
- qemu-base
@ -142,10 +176,15 @@ categories:
dbs:
- redis
python:
_:
- python-pip
- python-poetry
lint:
- ruff
lua:
- lua
static:
- hugo
shell:
- fish
@ -176,6 +215,7 @@ categories:
- swaylock
- swayidle
- swayimg
- i3status-rust
color_picker:
- aur/hyprpicker
notification:
@ -223,8 +263,10 @@ categories:
- songrec
video:
- cheese
- celluloid
- vlc
- obs-studio
#- kdenlive
3d:
- openscad
- blender
@ -248,5 +290,7 @@ categories:
- ttf-liberation
- ttf-font-awesome
- ttf-fira-code
- ttf-firacode-nerd
- aur/ttf-sourcesanspro
- aur/ttf-bona-nova

2
ansible/parse_arch_packages.py
View file

@ -29,7 +29,7 @@ aur_names = []
for p in flat_packages:
assert isinstance(p, dict)
if p['name'].startswith('aur/'):
aur_names.append(p['name'])
aur_names.append(p['name'].split('/')[1])
continue
native_names.append(p['name'])

1
ansible/pipx_packages.yaml Normal file
View file

@ -0,0 +1 @@
-

32
ansible/roles/dns/tasks/main.yaml Normal file
View file

@ -0,0 +1,32 @@
- name: Setup unbound config
become: true
copy:
src: "{{ home }}/.dots/config/unbound/unbound.conf"
dest: "/etc/unbound/unbound.conf"
owner: unbound
mode: "u=rwX,g=rX,o="
- name: Setup unbound control certificates
become: true
shell: /usr/bin/unbound-control-setup
- name: Specify resolv configuration to use the local unbound server
become: true
copy:
dest: /etc/resolv.conf
content: |
nameserver ::1
nameserver 127.0.0.1
- name: Protect resolv
become: true
file:
path: /etc/resolv.conf
attributes: '+i'
- name: Enable unbound service
become: true
ansible.builtin.systemd_service:
name: unbound
state: started
enabled: true

6
ansible/roles/popequer_notebook/tasks/main.yaml
View file

@ -6,3 +6,9 @@
ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/main-popequer-notebook.git"
dest: /home/mbess/notebooks/personal
- name: Setup gitwatch
systemd_service:
scope: user
name: popequer_gitwatch@personal
state: started
enabled: true

5
ansible/roles/unbound/tasks/main.yaml
View file

@ -1,5 +0,0 @@
- name: Setup unbound config
file:
src: "{{ home }}/.dots/config/unbound/unbound.conf"
dest: "/etc/unbound/unbound.conf"
state: link

22
ansible/roles/xremap/tasks/main.yaml
View file

@ -1,7 +1,27 @@
- name: Install xremap via AUR
import_role:
name: aur
vars:
packages:
- xremap-wlroots-bin
- name: Setup xremap dir
file:
path: "{{ home }}/.config/xremap"
state: directory
recurse: true
- name: Generate xremap config
shell: "python3 {{ home }}/.dots/scripts/generate_xremap_config.py"
- name: Setup xremap systemd
- name: Generate xremap systemd service unit
become: true
template:
src: systemd/system/xremap.service
dest: /usr/lib/systemd/system/xremap.service
- name: Enable xremap systemd service
become: true
ansible.builtin.systemd_service:
name: xremap
state: started

2
ansible/templates/fish/machine.fish Normal file
View file

@ -0,0 +1,2 @@
alias machine-name="{{ device_name }}"

10
ansible/templates/systemd/system/xremap.service Normal file
View file

@ -0,0 +1,10 @@
[Install]
WantedBy=multi-user.target
[Unit]
Description=xremap
[Service]
Restart=always
ExecStart=xremap {{ home }}/.config/xremap/config.yaml --watch

12
ansible/templates/systemd/user/hourly_remainder.service Normal file
View file

@ -0,0 +1,12 @@
[Unit]
Description=Send notif about time
After=network.target
[Service]
Type=oneshot
RemainAfterExit=no
ExecStart={{ home }}/.dots/scripts/notify_time.sh
[Install]
WantedBy=default.target

11
ansible/templates/systemd/user/hourly_remainder.timer Normal file
View file

@ -0,0 +1,11 @@
[Unit]
Description=Run every hour to remind the user about the time passing by
[Timer]
OnBootSec=1min
OnCalendar=*:00
Persistent=true
[Install]
WantedBy=timers.target

14
ansible/templates/systemd/user/popequer_gitwatch@.service Normal file
View file

@ -0,0 +1,14 @@
[Unit]
Description=Sync popequer notebook with git
[Service]
# the buffer period in seconds 5min = 300s
Type=simple
ExecStart=/usr/bin/gitwatch -r origin -s 300 {{ home }}/notebooks/%i
ExecStop=/bin/true
Restart=always
RestartSec=30
[Install]
WantedBy=default.target

15
ansible/templates/systemd/user/sshfs_srv06_warmd.service Normal file
View file

@ -0,0 +1,15 @@
[Unit]
Description=SSHFS Daemon to mount srv06 warmd as a volume
StartLimitInterval=200
StartLimitBurst=8
[Service]
Type=simple
ExecStart=/usr/bin/sshfs -f {{ user }}@srv06.rem:/warmd/mbess {{ home }}/.mnt/warmd -o reconnect,ServerAliveInterval=30,ServerAliveCountMax=5
Restart=always
StandardOutput=journal
RestartSec=20
[Install]
WantedBy=default.target

139
ansible/workstation.yaml
View file

@ -2,6 +2,15 @@
gather_facts: True
vars:
home: /home/{{ user }}
systemd_services:
system: []
user:
- name: "sshfs_srv06_warmd"
enabled: true
- name: "popequer_gitwatch@"
- name: "hourly_remainder"
enabled: true
timer: true
config_files:
- dir: fish
name: config.fish
@ -23,6 +32,9 @@
name: init.lua
- dir: nvim
name: lua # lua dir
# for desktop notifications
- dir: dunst
name: dunstrc
tasks:
- name: Init arch
block:
@ -91,17 +103,27 @@
owner: "{{ user }}"
mode: u=rw,g=,o=
- name: Clone dots file
git:
repo: "git@forge.lefuturiste.fr:mbess/dots.git"
dest: "{{ home }}/.dots"
# INSTALL from YAML
- name: Install packages from YAML files (excluding AUR)
become: true
community.general.pacman:
name: "{{ (lookup('file', 'arch_packages.json') | from_json)['native'] }}" # the python script will return a list of packages
# DOTS
- name: Clone dots file
git:
repo: "git@forge.lefuturiste.fr:mbess/dots.git"
dest: "{{ home }}/.dots"
- name: Install requirements in dots
pip:
virtualenv: "{{ home }}/.dots/venv"
requirements: "{{ home }}/.dots/requirements.txt"
- name: Setup DNS and unbound
include_role:
name: dns
- name: Setup config directories
file:
path: "{{ home }}/.config/{{ item.dir }}"
@ -122,29 +144,11 @@
name: "{{ user }}"
shell: /usr/bin/fish
- name: Setup xremap
include_role:
name: xremap
- name: Create machine.fish
template:
src: fish/machine.fish
dest: "{{ home }}/.config/fish/machine.fish"
- name: Setup unbound
include_role:
name: unbound
- name: Setup main popequer notebook
include_role:
name: popequer_notebook
- name: Setup quick notes folder
file:
path: "{{ home }}/.hidden/quick_notes/"
state: directory
recurse: true
- name: Setup temporary secrets folder (cookies jar)
file:
path: "{{ home }}/.cache/secrets/"
state: directory
recurse: true
- name: Create the aur_builder user
become: yes
ansible.builtin.user:
@ -161,6 +165,11 @@
mode: 0644
validate: 'visudo -cf %s'
- name: Setup xremap
include_role:
name: xremap
# AUR packages
- name: Install yay
import_role:
name: aur
@ -173,8 +182,81 @@
import_role:
name: aur
vars:
packages: "{{ (lookup('file', 'aur_packages.json') | from_json)['aur'] }}"
packages: "{{ (lookup('file', 'arch_packages.json') | from_json)['aur'] }}"
# SYSTEMD
- name: Setup systemd user services folder
file:
path: "{{ home }}/.config/systemd/user"
state: directory
recurse: true
- name: Setup user units
template:
src: "systemd/user/{{ item.name }}.service"
dest: "{{ home }}/.config/systemd/user/{{ item.name }}.service"
loop: "{{ systemd_services.user }}"
- name: Setup user timers
when: "item.timer is defined and item.timer"
loop: "{{ systemd_services.user }}"
template:
src: "systemd/user/{{ item.name }}.timer"
dest: "{{ home }}/.config/systemd/user/{{ item.name }}.timer"
- name: Enable some systemd user services
when: "item.enabled is defined and item.enabled"
loop: "{{ systemd_services.user }}"
systemd_service:
daemon_reload: true
scope: user
name: "{{ item.name }}"
state: started
enabled: true
- name: Enable some systemd user timers
when: "item.timer is defined and item.timer"
loop: "{{ systemd_services.user }}"
systemd_service:
scope: user
name: "{{ item.name }}.timer"
state: started
enabled: true
# OTHERS
- name: Setup quick notes folder
file:
path: "{{ home }}/.hidden/quick_notes/"
state: directory
recurse: true
- name: Setup temporary secrets folder (cookies jar)
file:
path: "{{ home }}/.cache/secrets/"
state: directory
recurse: true
- name: Setup main popequer notebook
include_role:
name: popequer_notebook
- name: Install others packages
community.general.pipx:
name: "{{ item }}"
loop:
- azlyrics2
- lesspass
- jc
- xkcd-pass
- yewtube
- name: Enable bluetooth service
become: true
ansible.builtin.systemd_service:
name: bluetooth
state: started
enabled: true
# WORKSPACE
- name: Clone books sources
ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/books-sources.git"
@ -184,4 +266,3 @@
ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/monakhos.git"
dest: /home/mbess/workspace/monakhos