feat: various update to install work pro laptop

2024-07-03 18:03:08 +02:00 · 2024-07-03 18:03:08 +02:00 · a513f7abd8
commit a513f7abd8
parent 4801f7bd38
10 changed files with 85 additions and 14 deletions
--- a/INSTALL.md
+++ b/INSTALL.md
@ -0,0 +1,10 @@
 # Installation procedure
 - Choose hostname eg. lambdacov
 - Create folder `target/lambdacov`
 - Create master ssh key
    - `ssh-keygen -t ed25519 -C "mbess@lambdacov" -f lambdacov_perso_generic_ed25519`
 - Create host key eg. lambdacov_perso_generic_ed25519:
 - Add public key `lambdacov_perso_generic_ed25519` key to forge.lefuturiste.fr
 - Populate vars.yaml, choose the profile
 - run ansible playbook
--- a/TODO.md
+++ b/TODO.md
@ -7,6 +7,8 @@
 - add cargo global packages, like `pads`
- packages
+- [ ] configure kanshi
-    - add kanshi, dynamic wayland output manager
+
-    - add smbutils
+- [ ] battery notify https://github.com/cdown/battery-notify
 - configure password management
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@ -1,5 +1,4 @@
 [defaults]
 remote_user = root
 #nocows = True
 gathering = smart
 fact_caching = jsonfile
--- a/ansible/arch_packages.yaml
+++ b/ansible/arch_packages.yaml
@ -1,8 +1,6 @@
 categories:
  base:
    - util-linux
    - man-pages
    - man-db
    - less
    - git
    - tmux
@ -13,6 +11,8 @@ categories:
      desc: The best to connect to remote server!
    - name: python-pipx
      desc: To install python stuff
    - name: pacman-contrib
      desc: Include pactree
  libs:
    - protobuf
@ -35,6 +35,8 @@ categories:
  network:
    - sshfs
    - unbound
    - networkmanager-openvpn
    - openfortivpn
  keymap:
    - aur/xkb-qwerty-fr
@ -48,13 +50,20 @@ categories:
    _:
      - bat
      - plantuml
      - tldr
      - desc: Env loader, export env variables from dotenv file in shell scripts
        name: aur/zenv
    backup:
      - borg
    docs:
      - man-pages
      - man-db
      - tldr
      - zeal
    finder:
      - fzf
      - ripgrep
      - fd
      - exa
    unix:
      - moreutils
      - rlwrap
@ -144,6 +153,8 @@ categories:
      # httrack https://www.kali.org/tools/httrack/
    fs:
      - lsof
      - name: ncdu
        desc: Disk usage explorer
    tui:
      browser:
        - w3m
@ -177,8 +188,9 @@ categories:
      - qrencode
      - newsboat
-  security:
+  password:
    - gopass
    - pass
  virtualization:
    - qemu-base
@ -199,6 +211,7 @@ categories:
      - aur/litecli
    editor:
      - vim
      - neovim
      - helix
    c:
      - gcc
@ -243,8 +256,7 @@ categories:
    - zoxide
    - name: dash
      desc: Simple POSIX compliant shell
-
+    - name: shellcheck
    - name: aur/shellcheck-bin
      desc: Static analyzer for shell script
  audio:
--- a/ansible/pip_packages.yaml
+++ b/ansible/pip_packages.yaml
@ -6,3 +6,4 @@ base:
  - xkcd-pass
  - azlyrics2
  - yewtube
  - lesspass
--- a/ansible/run_ansible_playbook.sh
+++ b/ansible/run_ansible_playbook.sh
@ -1,5 +1,7 @@
 #!/usr/bin/sh
 set -x
 workdir="$(pwd)"
 base="$(realpath $(dirname "$0"))"
@ -25,5 +27,5 @@ ansible-playbook $base/workstation.yaml \
    -i "inventory.yaml" \
    --ssh-extra-args "-o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 22 -i ./master_sshkey" \
    --extra-vars "@$workdir/vars.yaml" \
-    $@
+    "$@"
--- a/ansible/vm_files
+++ b/ansible/vm_files
@ -1 +1 @@
-/mnt/extramedia3/mbess/workspace/monakhos/target/blackjack
+/mnt/extramedia3/mbess/workspace/monakhos/target/lambdacov
--- a/ansible/workstation.yaml
+++ b/ansible/workstation.yaml
@ -11,22 +11,29 @@
          params:
            ssh_uri: "mbess@srv06.mbess.net:/warmd/mbess"
            mount_path: "{{ home }}/.mnt/srv06/warmd/mbess"
          profile: perso
        - from: "mount_sshfs"
          name: "mount_sshfs_srv06_warmd_etb"
          enabled: true
          params:
            ssh_uri: "mbess@srv06.mbess.net:/warmd/etoiledebethleem"
            mount_path: "{{ home }}/.mnt/srv06/warmd/etb"
          profile: perso
        - name: "popequer_gitwatch@"
          profile: all
        - name: "hourly_remainder"
          enabled: true
          timer: true
          profile: all
        - name: "cliphist"
          enabled: true
          profile: all
        - name: "gammastep"
          enabled: true
          profile: all
        - name: "swaybg"
          enabled: true
          profile: all
    config_files:
      - dir: fish
        name: config.fish
@ -36,6 +43,8 @@
        name: alacritty.toml
      - dir: wofi
        name: style.css
      - dir: kanshi
        name: config
      - dir: sway
        name: config
      - dir: helix
@ -57,7 +66,25 @@
        - file:
            path: /home/mbess/.workstation_setup_state
            state: touch
-        - copy: content="2024-05-20T11:28:07.552Z c385e8f1-9f34-47d3-9155-0cc1f04c4550" dest=/home/mbess/.workstation_setup_state
+        - copy:
            content: "{\"monakhos\": {\"date\": \"{{ ansible_date_time.iso8601 }}\", \"name\":\"{{ device_name }}\", \"profile\":\"{{ profile }}\"}\n"
            dest: "{{ home }}/.workstation_setup_state"
        - become: yes
          become_user: "{{ user }}"
          file:
            path: "{{ home }}/.monakhos_mbess"
            state: touch
    - name: Change hostname
      hostname:
        name: "{{ device_name }}"
    - name: Setup ssh dir
      file:
        path: "{{ home }}/.ssh"
        state: directory
        recurse: true
        owner: "{{ user }}"
    - name: Update pacman repo
      become: true
@ -128,6 +155,7 @@
    # DOTS
    - name: Clone dots file
      git:
        key_file: "{{ home }}/.ssh/{{ device_name }}_perso_generic_ed25519"
        repo: "git@forge.lefuturiste.fr:mbess/dots.git"
        dest: "{{ home }}/.dots"
@ -152,6 +180,7 @@
        src: "{{ home }}/.dots/config/{{ item.dir }}/{{ item.name }}"
        dest: "{{ home }}/.config/{{ item.dir }}/{{ item.name }}"
        state: link
        force: true
      loop: "{{ config_files }}"
    - name: Set default shell
@ -215,7 +244,7 @@
    - name: Setup user units
      loop: "{{ systemd_services.user }}"
-      when: "item.from is not defined"
+      when: "item.from is not defined and (item.profile == 'all' or item.profile == profile)"
      template:
        src: "systemd/user/{{ item.name }}.service"
        dest: "{{ home }}/.config/systemd/user/{{ item.name }}.service"
@ -263,6 +292,7 @@
        path: "{{ home }}/.mnt/{{ item }}"
        state: directory
        recurse: true
      when: "profile == 'perso'"
      loop:
        - srv06/warmd/mbess
        - srv06/coldd/mbess
@ -292,6 +322,16 @@
        path: "{{ home }}/.cache/secrets/"
        state: directory
        recurse: true
    - name: Setup vaults dir gpg home
      file:
        path: "{{ home }}/.vaults/gpg-homes"
        state: directory
        recurse: true
    - name: Setup vaults dir store unixpass
      file:
        path: "{{ home }}/.vaults/pass"
        state: directory
        recurse: true
    - name: Setup main popequer notebook
      include_role:
@ -314,6 +354,7 @@
      ansible.builtin.git:
        repo: "git@forge.lefuturiste.fr:mbess/books-sources.git"
        dest: /home/mbess/workspace/books_sources
      when: "profile == 'perso'"
    - name: Clone snippets space
      ansible.builtin.git:
        repo: "git@forge.lefuturiste.fr:mbess/snippets.git"
@ -332,3 +373,7 @@
        repo: "git@forge.lefuturiste.fr:mbess/monakhos.git"
        dest: /home/mbess/workspace/monakhos
    - name: Setup OpenFortiVPN
      when: 'profile == "pro"'
      include_role:
        name: openfortivpn
--- a/ansible/archinstall_configs/user_configuration.json
+++ b/ansible/archinstall_configs/user_configuration.json
--- a/ansible/archinstall_configs/user_credentials.json
+++ b/ansible/archinstall_configs/user_credentials.json
		`@ -1 +1 @@`
			`/mnt/extramedia3/mbess/workspace/monakhos/target/blackjack`				`/mnt/extramedia3/mbess/workspace/monakhos/target/lambdacov`