diff --git a/config/automatrop/roles/access/tasks/main.yml b/config/automatrop/roles/access/tasks/main.yml deleted file mode 100644 index d6ab777..0000000 --- a/config/automatrop/roles/access/tasks/main.yml +++ /dev/null @@ -1,22 +0,0 @@ -- name: Set variables - set_fact: - manjaro: "{{ ansible_lsb.id == 'Manjaro' or ansible_lsb.id == 'Manjaro-ARM' }}" - -- name: Enable passwordless sudo access to wheel group (Others) - lineinfile: - path: /etc/sudoers - line: "%wheel ALL=(ALL) NOPASSWD: ALL" - regexp: "^#? *%wheel ALL=\\(ALL\\) NOPASSWD: ALL$" - become: yes - when: not manjaro - -- name: Enable passwordless sudo access to wheel group (Manjaro) - copy: - content: "%wheel ALL=(ALL) NOPASSWD: ALL" - dest: /etc/sudoers.d/11-wheel-nopasswd - mode: "u=rwx,g=rx,o=" - when: manjaro - become: yes -# /etc/sudoers.d/10-installer is the same thing, -# but **with** a password, and it's overwritten -# with each upgrade of manjaro-system, hence this. diff --git a/config/automatrop/roles/software/tasks/main.yml b/config/automatrop/roles/software/tasks/main.yml index 9ef01ef..61403e9 100644 --- a/config/automatrop/roles/software/tasks/main.yml +++ b/config/automatrop/roles/software/tasks/main.yml @@ -1,200 +1,4 @@ -# TODO Install python if not done -# Or maybe not, it requires a lot of automation for something that can be done -# very quickly manually and is usually already installed - -- name: Install python-apt dependency for Termux - block: - # TODO Check if the correct version - - name: Check for DistUtilsExtra (Termux) - command: python -c 'import DistUtilsExtra' - changed_when: False - rescue: - - name: Create temporarty folder for DistUtilsExtra (Termux) - tempfile: - state: directory - suffix: python-distutils-extra - # path: /data/data/com.termux/files/usr/tmp/ - register: pde_tempdir - - - name: Download DistUtilsExtra (Termux) - get_url: - url: "https://launchpad.net/python-distutils-extra/trunk/{{ version }}/+download/python-distutils-extra-{{ version }}.tar.gz" - dest: "{{ pde_tempdir.path }}/python-distutils-extra.tar.gz" - - - name: Extract DistUtilsExtra (Termux) - unarchive: - src: "{{ pde_tempdir.path }}/python-distutils-extra.tar.gz" - remote_src: yes - dest: "{{ pde_tempdir.path }}" - - - name: Install DistUtilsExtra (Termux) - command: - cmd: python3 setup.py install - chdir: "{{ pde_tempdir.path }}/python-distutils-extra-{{ version }}" - when: termux - vars: - version: 2.39 - -- name: Install python-apt (Termux) - pip: - name: python-apt - when: termux - -# Collecting python-apt -# Using cached python-apt-0.7.8.tar.bz2 (49 kB) -# ERROR: Command errored out with exit status 1: -# command: /data/data/com.termux/files/usr/bin/python3 -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/setup.py'"'"'; __file__='"'"'/data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /data/data/com.termux/files/usr/tmp/pip-pip-egg-info-ptpprl0m -# cwd: /data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/ -# Complete output (5 lines): -# Traceback (most recent call last): -# File "", line 1, in -# File "/data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/setup.py", line 11, in -# string.split(parse_makefile("python/makefile")["APT_PKG_SRC"])) -# AttributeError: module 'string' has no attribute 'split' -# ---------------------------------------- -# ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output. -# WARNING: You are using pip version 20.2.3; however, version 20.3.3 is available. -# You should consider upgrading via the '/data/data/com.termux/files/usr/bin/python3 -m pip install --upgrade pip' command. - -# Arch configuration - -# TODO Patch sudo-fake so it allows using -u so `become` works - -- name: Enable multilib repo - lineinfile: - path: /etc/pacman.conf - regexp: '^#?\s*\[multilib\]$' - line: '[multilib]' - become: yes - when: arch_based and ansible_architecture == "x86_64" - notify: udpate pacman cache - -- name: Configure multilib repo - lineinfile: - path: /etc/pacman.conf - regexp: '^#?\s*Include\s*=\s*/etc/pacman.d/mirrorlist' - line: 'Include = /etc/pacman.d/mirrorlist' - insertafter: '^\[multilib\]$' - become: yes - when: arch_based and ansible_architecture == "x86_64" - notify: udpate pacman cache - -- name: Update cache if needed - meta: flush_handlers - -- name: Install ccache - pacman: - name: ccache - state: present - extra_args: "--asdeps" - become: yes - when: arch_based - -- name: Enable makepkg color - replace: - path: /etc/makepkg.conf - regexp: '^BUILDENV=(.+)!color(.+)$' - replace: 'BUILDENV=\1color\2' - become: yes - when: arch_based - -- name: Enable makepkg ccache - replace: - path: /etc/makepkg.conf - regexp: '^BUILDENV=(.+)!ccache(.+)$' - replace: 'BUILDENV=\1ccache\2' - become: yes - when: arch_based - -- name: Remove -mtune from makepkg CFLAGS - replace: - path: /etc/makepkg.conf - regexp: '^#? *CFLAGS=(.+)-mtune=\S+\s(.*)$' - replace: "CFLAGS=\\1\\2" - become: yes - when: arch_based - -- name: Change -march to native from makepkg CFLAGS - replace: - path: /etc/makepkg.conf - regexp: '^#? *CFLAGS=(.+)-march=\S+(\s)(.*)$' - replace: "CFLAGS=\\1-march=native\\2\\3" - become: yes - when: arch_based - -- name: Set makepkg MAKEFLAGS - replace: - path: /etc/makepkg.conf - regexp: '^#? *MAKEFLAGS=(.+)-j[0-9]+(.+)$' - replace: "MAKEFLAGS=\\1-j{{ j }}\\2" - become: yes - vars: - j: "{{ [ansible_processor_nproc - 1, 1] | max | int }}" - when: arch_based - -- name: Enable pacman ParallelDownloads - lineinfile: - path: /etc/pacman.conf - regexp: '^#?ParallelDownloads' - line: 'ParallelDownloads = 5' - insertafter: '^\[options\]$' - become: yes - when: arch_based - -- name: Enable pacman colors - lineinfile: - path: /etc/pacman.conf - regexp: '^#?Color' - line: 'Color' - insertafter: '^\[options\]$' - become: yes - when: arch_based - -- name: Enable pacman pac-man - lineinfile: - path: /etc/pacman.conf - regexp: '^#?ILoveCandy' - line: 'ILoveCandy' - insertafter: '^#?Color' - become: yes - when: arch_based - - -# Install alternative package managers -- name: List packages from base-devel - command: pacman -Sqg base-devel - register: base_devel_packages - changed_when: no - check_mode: no - -- name: Install dependencies for AUR helpers - pacman: - name: "{{ (base_devel_packages.stdout | split('\n') | reject('eq', 'sudo')) + ['fakeroot'] }}" - become: yes - when: arch_based -# Do not install sudo because maybe sudo-fake is installed (otherwise it conflicts) -# It should already be installed already anyway - -- name: Install AUR package manager (Arch) - aur: - name: yay-bin - when: arch - -- name: Install AUR package manager (Manjaro) - pacman: - name: yay - become: yes - when: manjaro -# Not sure if regular Manjaro has yay in its community packages, -# but Manjaro-ARM sure does - -- name: Create cache folder - file: - state: directory - mode: "u=rwx,g=rx,o=rx" - path: "{{ ansible_user_dir }}/.cache/automatrop" - - name: Generate list of packages for package manager set_fact: packages: "{{ query('template', 'package_manager.j2')[0].split('\n')[:-1]|sort|unique }}" diff --git a/config/automatrop/roles/software/templates/package_manager.j2 b/config/automatrop/roles/software/templates/package_manager.j2 index f8305b4..7f4a943 100644 --- a/config/automatrop/roles/software/templates/package_manager.j2 +++ b/config/automatrop/roles/software/templates/package_manager.j2 @@ -1,15 +1,5 @@ {# Macros #} -{% if debian_based %} -{% set python_prefix = 'python3' %} -{% set lib_suffix = '-common' %} -{% else %} -{% set python_prefix = 'python' %} -{% set lib_suffix = '' %} -{% endif %} {# Include essential snippets #} -{% include 'snippets/pm_dotfiles_dependencies.j2' %} -{% include 'snippets/pm_shell.j2' %} -{% include 'snippets/pm_terminal_essentials.j2' %} {% include 'snippets/pm_remote.j2' %} {% include 'snippets/pm_disk_cleanup.j2' %} {% include 'snippets/pm_local_monitoring.j2' %} diff --git a/config/automatrop/roles/software/templates/snippets/pm_dotfiles_dependencies.j2 b/config/automatrop/roles/software/templates/snippets/pm_dotfiles_dependencies.j2 deleted file mode 100644 index 87d4545..0000000 --- a/config/automatrop/roles/software/templates/snippets/pm_dotfiles_dependencies.j2 +++ /dev/null @@ -1,23 +0,0 @@ -{# -Stuff that is required for scripts/programs of dotfiles to work properly -#} -coreutils -bash -grep -sed -tar -openssl -git -wget -curl -{% if not termux %} -{{ python_prefix }}-pip -{# Termux already has pip via Python #} -{% endif %} -ansible -{# Uncompressors #} -unzip -unrar -p7zip -{{ python_prefix }}-pystache -{# EOF #} diff --git a/config/automatrop/roles/software/templates/snippets/pm_terminal_essentials.j2 b/config/automatrop/roles/software/templates/snippets/pm_terminal_essentials.j2 deleted file mode 100644 index 69a99cd..0000000 --- a/config/automatrop/roles/software/templates/snippets/pm_terminal_essentials.j2 +++ /dev/null @@ -1,24 +0,0 @@ -moreutils -man -visidata -{% if can_chown or not arch_based %} -insect -{% endif %} -translate-shell -gnupg -{# Editor #} -{% if termux %} -nvim -{% else %} -neovim -{% endif %} -{% if not termux %} -{{ python_prefix }}-neovim -{% endif %} -{# Downloaders #} -wget -{# Uncompressors #} -unzip -unrar -p7zip -{# EOF #} diff --git a/config/nix/build.sh b/config/nix/build.sh index 6b8c518..2e3ac4d 100755 --- a/config/nix/build.sh +++ b/config/nix/build.sh @@ -1,4 +1,5 @@ #/usr/bin/env sh +export NIXPKGS_ALLOW_UNFREE=1 nix-build '' -A vm \ -I nixpkgs=channel:nixos-23.05 \ -I nixos-config=./configuration.nix diff --git a/config/nix/configuration.nix b/config/nix/configuration.nix index df61a89..f44aeec 100644 --- a/config/nix/configuration.nix +++ b/config/nix/configuration.nix @@ -13,7 +13,7 @@ # Enable the X11 windowing system services.xserver.enable = true; - # TODO qwerty-fr for X11 + # FIXME qwerty-fr for X11 # Enable CUPS to print documents services.printing.enable = true; @@ -22,19 +22,63 @@ sound.enable = true; hardware.pulseaudio.enable = true; - # services.xserver.displayManager.gdm.enable = true; + services.xserver.displayManager.startx.enable = true; services.xserver.windowManager.i3.enable = true; + # Enable passwordless sudo + security.sudo.extraRules = [ + { groups = ["wheel"]; commands = [ { command = "ALL"; options = ["NOPASSWD"]; } ]; } + ]; + # Users users.users.geoffrey = { isNormalUser = true; extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. packages = with pkgs; [ + # dotfiles dependencies + coreutils + bash + gnugrep + gnused + gnutar + openssl + git + wget + curl + python3Packages.pip + ansible # TODO Reevaluate + + # shell + zsh-completions + nix-zsh-completions + zsh-history-substring-search + antigen # TODO Reevaluate + powerline-go + + # terminal essentials + moreutils + man + visidata + nodePackages.insect + translate-shell + unzip + unrar + p7zip + + # remote + openssh + rsync + tigervnc # FIXME Only with display server + + # DEBUG firefox tree lolcat ]; - initialPassword = "cartable"; + initialPassword = "cartable"; # DEBUG + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPE41gxrO8oZ5n3saapSwZDViOQphm6RzqgsBUyA88pU geoffrey@frogeye.fr" + ]; }; environment.systemPackages = with pkgs; [ @@ -42,8 +86,34 @@ wget ]; - # Enable the OpenSSH daemon - services.openssh.enable = true; + # Enable compilation cache + programs = { + ccache.enable = true; + # TODO Not enough, see https://nixos.wiki/wiki/CCache. + # Might want to see if it's worth using on NixOS + gnupg.agent.enable = true; + + # TODO Below should be user config + + zsh = { + enable = true; + autosuggestions.enable = true; + enableCompletion = true; + syntaxHighlighting.enable = true; + }; + neovim = { + enable = true; + defaultEditor = true; + vimAlias = true; + viAlias = true; + }; + }; + + services = { + # Enable the OpenSSH daemon + openssh.enable = true; + getty.autologinUser = "geoffrey"; # DEBUG + }; # TEST system.copySystemConfiguration = true;