feat: various update to install work pro laptop

INSTALL.md

@@ -0,0 +1,10 @@
+# Installation procedure
+
+- Choose hostname eg. lambdacov
+- Create folder `target/lambdacov`
+- Create master ssh key
+    - `ssh-keygen -t ed25519 -C "mbess@lambdacov" -f lambdacov_perso_generic_ed25519`
+- Create host key eg. lambdacov_perso_generic_ed25519:
+- Add public key `lambdacov_perso_generic_ed25519` key to forge.lefuturiste.fr
+- Populate vars.yaml, choose the profile
+- run ansible playbook

TODO.md

@@ -7,6 +7,8 @@
 
 - add cargo global packages, like `pads`
 
-- packages
-    - add kanshi, dynamic wayland output manager
-    - add smbutils
+- [ ] configure kanshi
+
+- [ ] battery notify https://github.com/cdown/battery-notify
+
+- configure password management

ansible/ansible.cfg

@@ -1,5 +1,4 @@
 [defaults]
-remote_user = root
 #nocows = True
 gathering = smart
 fact_caching = jsonfile

ansible/arch_packages.yaml

@@ -1,8 +1,6 @@
 categories:
   base:
     - util-linux
-    - man-pages
-    - man-db
     - less
     - git
     - tmux
@@ -13,6 +11,8 @@ categories:
       desc: The best to connect to remote server!
     - name: python-pipx
       desc: To install python stuff
+    - name: pacman-contrib
+      desc: Include pactree
 
   libs:
     - protobuf
@@ -35,6 +35,8 @@ categories:
   network:
     - sshfs
     - unbound
+    - networkmanager-openvpn
+    - openfortivpn
 
   keymap:
     - aur/xkb-qwerty-fr
@@ -48,13 +50,20 @@ categories:
     _:
       - bat
       - plantuml
-      - tldr
       - desc: Env loader, export env variables from dotenv file in shell scripts
         name: aur/zenv
+    backup:
+      - borg
+    docs:
+      - man-pages
+      - man-db
+      - tldr
+      - zeal
     finder:
       - fzf
       - ripgrep
       - fd
+      - exa
     unix:
       - moreutils
       - rlwrap
@@ -144,6 +153,8 @@ categories:
       # httrack https://www.kali.org/tools/httrack/
     fs:
       - lsof
+      - name: ncdu
+        desc: Disk usage explorer
     tui:
       browser:
         - w3m
@@ -177,8 +188,9 @@ categories:
       - qrencode
       - newsboat
 
-  security:
+  password:
     - gopass
+    - pass
 
   virtualization:
     - qemu-base
@@ -199,6 +211,7 @@ categories:
       - aur/litecli
     editor:
       - vim
+      - neovim
       - helix
     c:
       - gcc
@@ -243,8 +256,7 @@ categories:
     - zoxide
     - name: dash
       desc: Simple POSIX compliant shell
-
-    - name: aur/shellcheck-bin
+    - name: shellcheck
       desc: Static analyzer for shell script
 
   audio:

ansible/pip_packages.yaml

@@ -6,3 +6,4 @@ base:
   - xkcd-pass
   - azlyrics2
   - yewtube
+  - lesspass

ansible/run_ansible_playbook.sh

@@ -1,5 +1,7 @@
 #!/usr/bin/sh
 
+set -x
+
 workdir="$(pwd)"
 base="$(realpath $(dirname "$0"))"
 
@@ -25,5 +27,5 @@ ansible-playbook $base/workstation.yaml \
     -i "inventory.yaml" \
     --ssh-extra-args "-o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 22 -i ./master_sshkey" \
     --extra-vars "@$workdir/vars.yaml" \
-    $@
+    "$@"
 

ansible/vm_files

@@ -1 +1 @@
-/mnt/extramedia3/mbess/workspace/monakhos/target/blackjack
+/mnt/extramedia3/mbess/workspace/monakhos/target/lambdacov

ansible/workstation.yaml

@@ -11,22 +11,29 @@
           params:
             ssh_uri: "mbess@srv06.mbess.net:/warmd/mbess"
             mount_path: "{{ home }}/.mnt/srv06/warmd/mbess"
+          profile: perso
         - from: "mount_sshfs"
           name: "mount_sshfs_srv06_warmd_etb"
           enabled: true
           params:
             ssh_uri: "mbess@srv06.mbess.net:/warmd/etoiledebethleem"
             mount_path: "{{ home }}/.mnt/srv06/warmd/etb"
+          profile: perso
         - name: "popequer_gitwatch@"
+          profile: all
         - name: "hourly_remainder"
           enabled: true
           timer: true
+          profile: all
         - name: "cliphist"
           enabled: true
+          profile: all
         - name: "gammastep"
           enabled: true
+          profile: all
         - name: "swaybg"
           enabled: true
+          profile: all
     config_files:
       - dir: fish
         name: config.fish
@@ -36,6 +43,8 @@
         name: alacritty.toml
       - dir: wofi
         name: style.css
+      - dir: kanshi
+        name: config
       - dir: sway
         name: config
       - dir: helix
@@ -57,7 +66,25 @@
         - file:
             path: /home/mbess/.workstation_setup_state
             state: touch
-        - copy: content="2024-05-20T11:28:07.552Z c385e8f1-9f34-47d3-9155-0cc1f04c4550" dest=/home/mbess/.workstation_setup_state
+        - copy:
+            content: "{\"monakhos\": {\"date\": \"{{ ansible_date_time.iso8601 }}\", \"name\":\"{{ device_name }}\", \"profile\":\"{{ profile }}\"}\n"
+            dest: "{{ home }}/.workstation_setup_state"
+        - become: yes
+          become_user: "{{ user }}"
+          file:
+            path: "{{ home }}/.monakhos_mbess"
+            state: touch
+    
+    - name: Change hostname
+      hostname:
+        name: "{{ device_name }}"
+
+    - name: Setup ssh dir
+      file:
+        path: "{{ home }}/.ssh"
+        state: directory
+        recurse: true
+        owner: "{{ user }}"
 
     - name: Update pacman repo
       become: true
@@ -128,6 +155,7 @@
     # DOTS
     - name: Clone dots file
       git:
+        key_file: "{{ home }}/.ssh/{{ device_name }}_perso_generic_ed25519"
         repo: "git@forge.lefuturiste.fr:mbess/dots.git"
         dest: "{{ home }}/.dots"
 
@@ -152,6 +180,7 @@
         src: "{{ home }}/.dots/config/{{ item.dir }}/{{ item.name }}"
         dest: "{{ home }}/.config/{{ item.dir }}/{{ item.name }}"
         state: link
+        force: true
       loop: "{{ config_files }}"
 
     - name: Set default shell
@@ -215,7 +244,7 @@
 
     - name: Setup user units
       loop: "{{ systemd_services.user }}"
-      when: "item.from is not defined"
+      when: "item.from is not defined and (item.profile == 'all' or item.profile == profile)"
       template:
         src: "systemd/user/{{ item.name }}.service"
         dest: "{{ home }}/.config/systemd/user/{{ item.name }}.service"
@@ -263,6 +292,7 @@
         path: "{{ home }}/.mnt/{{ item }}"
         state: directory
         recurse: true
+      when: "profile == 'perso'"
       loop:
         - srv06/warmd/mbess
         - srv06/coldd/mbess
@@ -292,6 +322,16 @@
         path: "{{ home }}/.cache/secrets/"
         state: directory
         recurse: true
+    - name: Setup vaults dir gpg home
+      file:
+        path: "{{ home }}/.vaults/gpg-homes"
+        state: directory
+        recurse: true
+    - name: Setup vaults dir store unixpass
+      file:
+        path: "{{ home }}/.vaults/pass"
+        state: directory
+        recurse: true
       
     - name: Setup main popequer notebook
       include_role:
@@ -314,6 +354,7 @@
       ansible.builtin.git:
         repo: "git@forge.lefuturiste.fr:mbess/books-sources.git"
         dest: /home/mbess/workspace/books_sources
+      when: "profile == 'perso'"
     - name: Clone snippets space
       ansible.builtin.git:
         repo: "git@forge.lefuturiste.fr:mbess/snippets.git"
@@ -332,3 +373,7 @@
         repo: "git@forge.lefuturiste.fr:mbess/monakhos.git"
         dest: /home/mbess/workspace/monakhos
 
+    - name: Setup OpenFortiVPN
+      when: 'profile == "pro"'
+      include_role:
+        name: openfortivpn