mbess/monakhos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Activity

feat: various update to install work pro laptop

Browse source
This commit is contained in:
Matthieu Bessat 2024-07-03 18:03:08 +02:00
parent 4801f7bd38
commit a513f7abd8
10 changed files with 85 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
INSTALL.md Normal file
View file

@ -0,0 +1,10 @@
# Installation procedure
- Choose hostname eg. lambdacov
- Create folder `target/lambdacov`
- Create master ssh key
- `ssh-keygen -t ed25519 -C "mbess@lambdacov" -f lambdacov_perso_generic_ed25519`
- Create host key eg. lambdacov_perso_generic_ed25519:
- Add public key `lambdacov_perso_generic_ed25519` key to forge.lefuturiste.fr
- Populate vars.yaml, choose the profile
- run ansible playbook

8
TODO.md
View file

@ -7,6 +7,8 @@
- add cargo global packages, like `pads` - add cargo global packages, like `pads`
- packages - [ ] configure kanshi
- add kanshi, dynamic wayland output manager
- add smbutils - [ ] battery notify https://github.com/cdown/battery-notify
- configure password management

1
ansible/ansible.cfg
View file

@ -1,5 +1,4 @@
[defaults] [defaults]
remote_user = root
#nocows = True #nocows = True
gathering = smart gathering = smart
fact_caching = jsonfile fact_caching = jsonfile

24
ansible/arch_packages.yaml
View file

@ -1,8 +1,6 @@
categories: categories:
base: base:
- util-linux - util-linux
- man-pages
- man-db
- less - less
- git - git
- tmux - tmux
@ -13,6 +11,8 @@ categories:
desc: The best to connect to remote server! desc: The best to connect to remote server!
- name: python-pipx - name: python-pipx
desc: To install python stuff desc: To install python stuff
- name: pacman-contrib
desc: Include pactree
libs: libs:
- protobuf - protobuf
@ -35,6 +35,8 @@ categories:
network: network:
- sshfs - sshfs
- unbound - unbound
- networkmanager-openvpn
- openfortivpn
keymap: keymap:
- aur/xkb-qwerty-fr - aur/xkb-qwerty-fr
@ -48,13 +50,20 @@ categories:
_: _:
- bat - bat
- plantuml - plantuml
- tldr
- desc: Env loader, export env variables from dotenv file in shell scripts - desc: Env loader, export env variables from dotenv file in shell scripts
name: aur/zenv name: aur/zenv
backup:
- borg
docs:
- man-pages
- man-db
- tldr
- zeal
finder: finder:
- fzf - fzf
- ripgrep - ripgrep
- fd - fd
- exa
unix: unix:
- moreutils - moreutils
- rlwrap - rlwrap
@ -144,6 +153,8 @@ categories:
# httrack https://www.kali.org/tools/httrack/ # httrack https://www.kali.org/tools/httrack/
fs: fs:
- lsof - lsof
- name: ncdu
desc: Disk usage explorer
tui: tui:
browser: browser:
- w3m - w3m
@ -177,8 +188,9 @@ categories:
- qrencode - qrencode
- newsboat - newsboat
security: password:
- gopass - gopass
- pass
virtualization: virtualization:
- qemu-base - qemu-base
@ -199,6 +211,7 @@ categories:
- aur/litecli - aur/litecli
editor: editor:
- vim - vim
- neovim
- helix - helix
c: c:
- gcc - gcc
@ -243,8 +256,7 @@ categories:
- zoxide - zoxide
- name: dash - name: dash
desc: Simple POSIX compliant shell desc: Simple POSIX compliant shell
- name: shellcheck
- name: aur/shellcheck-bin
desc: Static analyzer for shell script desc: Static analyzer for shell script
audio: audio:

1
ansible/pip_packages.yaml
View file

@ -6,3 +6,4 @@ base:
- xkcd-pass - xkcd-pass
- azlyrics2 - azlyrics2
- yewtube - yewtube
- lesspass

4
ansible/run_ansible_playbook.sh
View file

@ -1,5 +1,7 @@
#!/usr/bin/sh #!/usr/bin/sh
set -x
workdir="$(pwd)" workdir="$(pwd)"
base="$(realpath $(dirname "$0"))" base="$(realpath $(dirname "$0"))"
@ -25,5 +27,5 @@ ansible-playbook $base/workstation.yaml \
-i "inventory.yaml" \ -i "inventory.yaml" \
--ssh-extra-args "-o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 22 -i ./master_sshkey" \ --ssh-extra-args "-o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 22 -i ./master_sshkey" \
--extra-vars "@$workdir/vars.yaml" \ --extra-vars "@$workdir/vars.yaml" \
$@ "$@"

2
ansible/vm_files
View file

@ -1 +1 @@
/mnt/extramedia3/mbess/workspace/monakhos/target/blackjack /mnt/extramedia3/mbess/workspace/monakhos/target/lambdacov

49
ansible/workstation.yaml
View file

@ -11,22 +11,29 @@
params: params:
ssh_uri: "mbess@srv06.mbess.net:/warmd/mbess" ssh_uri: "mbess@srv06.mbess.net:/warmd/mbess"
mount_path: "{{ home }}/.mnt/srv06/warmd/mbess" mount_path: "{{ home }}/.mnt/srv06/warmd/mbess"
profile: perso
- from: "mount_sshfs" - from: "mount_sshfs"
name: "mount_sshfs_srv06_warmd_etb" name: "mount_sshfs_srv06_warmd_etb"
enabled: true enabled: true
params: params:
ssh_uri: "mbess@srv06.mbess.net:/warmd/etoiledebethleem" ssh_uri: "mbess@srv06.mbess.net:/warmd/etoiledebethleem"
mount_path: "{{ home }}/.mnt/srv06/warmd/etb" mount_path: "{{ home }}/.mnt/srv06/warmd/etb"
profile: perso
- name: "popequer_gitwatch@" - name: "popequer_gitwatch@"
profile: all
- name: "hourly_remainder" - name: "hourly_remainder"
enabled: true enabled: true
timer: true timer: true
profile: all
- name: "cliphist" - name: "cliphist"
enabled: true enabled: true
profile: all
- name: "gammastep" - name: "gammastep"
enabled: true enabled: true
profile: all
- name: "swaybg" - name: "swaybg"
enabled: true enabled: true
profile: all
config_files: config_files:
- dir: fish - dir: fish
name: config.fish name: config.fish
@ -36,6 +43,8 @@
name: alacritty.toml name: alacritty.toml
- dir: wofi - dir: wofi
name: style.css name: style.css
- dir: kanshi
name: config
- dir: sway - dir: sway
name: config name: config
- dir: helix - dir: helix
@ -57,7 +66,25 @@
- file: - file:
path: /home/mbess/.workstation_setup_state path: /home/mbess/.workstation_setup_state
state: touch state: touch
- copy: content="2024-05-20T11:28:07.552Z c385e8f1-9f34-47d3-9155-0cc1f04c4550" dest=/home/mbess/.workstation_setup_state - copy:
content: "{\"monakhos\": {\"date\": \"{{ ansible_date_time.iso8601 }}\", \"name\":\"{{ device_name }}\", \"profile\":\"{{ profile }}\"}\n"
dest: "{{ home }}/.workstation_setup_state"
- become: yes
become_user: "{{ user }}"
file:
path: "{{ home }}/.monakhos_mbess"
state: touch
- name: Change hostname
hostname:
name: "{{ device_name }}"
- name: Setup ssh dir
file:
path: "{{ home }}/.ssh"
state: directory
recurse: true
owner: "{{ user }}"
- name: Update pacman repo - name: Update pacman repo
become: true become: true
@ -128,6 +155,7 @@
# DOTS # DOTS
- name: Clone dots file - name: Clone dots file
git: git:
key_file: "{{ home }}/.ssh/{{ device_name }}_perso_generic_ed25519"
repo: "git@forge.lefuturiste.fr:mbess/dots.git" repo: "git@forge.lefuturiste.fr:mbess/dots.git"
dest: "{{ home }}/.dots" dest: "{{ home }}/.dots"
@ -152,6 +180,7 @@
src: "{{ home }}/.dots/config/{{ item.dir }}/{{ item.name }}" src: "{{ home }}/.dots/config/{{ item.dir }}/{{ item.name }}"
dest: "{{ home }}/.config/{{ item.dir }}/{{ item.name }}" dest: "{{ home }}/.config/{{ item.dir }}/{{ item.name }}"
state: link state: link
force: true
loop: "{{ config_files }}" loop: "{{ config_files }}"
- name: Set default shell - name: Set default shell
@ -215,7 +244,7 @@
- name: Setup user units - name: Setup user units
loop: "{{ systemd_services.user }}" loop: "{{ systemd_services.user }}"
when: "item.from is not defined" when: "item.from is not defined and (item.profile == 'all' or item.profile == profile)"
template: template:
src: "systemd/user/{{ item.name }}.service" src: "systemd/user/{{ item.name }}.service"
dest: "{{ home }}/.config/systemd/user/{{ item.name }}.service" dest: "{{ home }}/.config/systemd/user/{{ item.name }}.service"
@ -263,6 +292,7 @@
path: "{{ home }}/.mnt/{{ item }}" path: "{{ home }}/.mnt/{{ item }}"
state: directory state: directory
recurse: true recurse: true
when: "profile == 'perso'"
loop: loop:
- srv06/warmd/mbess - srv06/warmd/mbess
- srv06/coldd/mbess - srv06/coldd/mbess
@ -292,6 +322,16 @@
path: "{{ home }}/.cache/secrets/" path: "{{ home }}/.cache/secrets/"
state: directory state: directory
recurse: true recurse: true
- name: Setup vaults dir gpg home
file:
path: "{{ home }}/.vaults/gpg-homes"
state: directory
recurse: true
- name: Setup vaults dir store unixpass
file:
path: "{{ home }}/.vaults/pass"
state: directory
recurse: true
- name: Setup main popequer notebook - name: Setup main popequer notebook
include_role: include_role:
@ -314,6 +354,7 @@
ansible.builtin.git: ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/books-sources.git" repo: "git@forge.lefuturiste.fr:mbess/books-sources.git"
dest: /home/mbess/workspace/books_sources dest: /home/mbess/workspace/books_sources
when: "profile == 'perso'"
- name: Clone snippets space - name: Clone snippets space
ansible.builtin.git: ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/snippets.git" repo: "git@forge.lefuturiste.fr:mbess/snippets.git"
@ -332,3 +373,7 @@
repo: "git@forge.lefuturiste.fr:mbess/monakhos.git" repo: "git@forge.lefuturiste.fr:mbess/monakhos.git"
dest: /home/mbess/workspace/monakhos dest: /home/mbess/workspace/monakhos
- name: Setup OpenFortiVPN
when: 'profile == "pro"'
include_role:
name: openfortivpn

0
ansible/archinstall_configs/user_configuration.json → archinstall_configs/user_configuration.json
View file

0
ansible/archinstall_configs/user_credentials.json → archinstall_configs/user_credentials.json
View file