nix: Common bases
This commit is contained in:
parent
5123cb93a9
commit
0aed911875
|
@ -1,22 +0,0 @@
|
||||||
- name: Set variables
|
|
||||||
set_fact:
|
|
||||||
manjaro: "{{ ansible_lsb.id == 'Manjaro' or ansible_lsb.id == 'Manjaro-ARM' }}"
|
|
||||||
|
|
||||||
- name: Enable passwordless sudo access to wheel group (Others)
|
|
||||||
lineinfile:
|
|
||||||
path: /etc/sudoers
|
|
||||||
line: "%wheel ALL=(ALL) NOPASSWD: ALL"
|
|
||||||
regexp: "^#? *%wheel ALL=\\(ALL\\) NOPASSWD: ALL$"
|
|
||||||
become: yes
|
|
||||||
when: not manjaro
|
|
||||||
|
|
||||||
- name: Enable passwordless sudo access to wheel group (Manjaro)
|
|
||||||
copy:
|
|
||||||
content: "%wheel ALL=(ALL) NOPASSWD: ALL"
|
|
||||||
dest: /etc/sudoers.d/11-wheel-nopasswd
|
|
||||||
mode: "u=rwx,g=rx,o="
|
|
||||||
when: manjaro
|
|
||||||
become: yes
|
|
||||||
# /etc/sudoers.d/10-installer is the same thing,
|
|
||||||
# but **with** a password, and it's overwritten
|
|
||||||
# with each upgrade of manjaro-system, hence this.
|
|
|
@ -1,200 +1,4 @@
|
||||||
|
|
||||||
# TODO Install python if not done
|
|
||||||
# Or maybe not, it requires a lot of automation for something that can be done
|
|
||||||
# very quickly manually and is usually already installed
|
|
||||||
|
|
||||||
- name: Install python-apt dependency for Termux
|
|
||||||
block:
|
|
||||||
# TODO Check if the correct version
|
|
||||||
- name: Check for DistUtilsExtra (Termux)
|
|
||||||
command: python -c 'import DistUtilsExtra'
|
|
||||||
changed_when: False
|
|
||||||
rescue:
|
|
||||||
- name: Create temporarty folder for DistUtilsExtra (Termux)
|
|
||||||
tempfile:
|
|
||||||
state: directory
|
|
||||||
suffix: python-distutils-extra
|
|
||||||
# path: /data/data/com.termux/files/usr/tmp/
|
|
||||||
register: pde_tempdir
|
|
||||||
|
|
||||||
- name: Download DistUtilsExtra (Termux)
|
|
||||||
get_url:
|
|
||||||
url: "https://launchpad.net/python-distutils-extra/trunk/{{ version }}/+download/python-distutils-extra-{{ version }}.tar.gz"
|
|
||||||
dest: "{{ pde_tempdir.path }}/python-distutils-extra.tar.gz"
|
|
||||||
|
|
||||||
- name: Extract DistUtilsExtra (Termux)
|
|
||||||
unarchive:
|
|
||||||
src: "{{ pde_tempdir.path }}/python-distutils-extra.tar.gz"
|
|
||||||
remote_src: yes
|
|
||||||
dest: "{{ pde_tempdir.path }}"
|
|
||||||
|
|
||||||
- name: Install DistUtilsExtra (Termux)
|
|
||||||
command:
|
|
||||||
cmd: python3 setup.py install
|
|
||||||
chdir: "{{ pde_tempdir.path }}/python-distutils-extra-{{ version }}"
|
|
||||||
when: termux
|
|
||||||
vars:
|
|
||||||
version: 2.39
|
|
||||||
|
|
||||||
- name: Install python-apt (Termux)
|
|
||||||
pip:
|
|
||||||
name: python-apt
|
|
||||||
when: termux
|
|
||||||
|
|
||||||
# Collecting python-apt
|
|
||||||
# Using cached python-apt-0.7.8.tar.bz2 (49 kB)
|
|
||||||
# ERROR: Command errored out with exit status 1:
|
|
||||||
# command: /data/data/com.termux/files/usr/bin/python3 -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/setup.py'"'"'; __file__='"'"'/data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /data/data/com.termux/files/usr/tmp/pip-pip-egg-info-ptpprl0m
|
|
||||||
# cwd: /data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/
|
|
||||||
# Complete output (5 lines):
|
|
||||||
# Traceback (most recent call last):
|
|
||||||
# File "<string>", line 1, in <module>
|
|
||||||
# File "/data/data/com.termux/files/usr/tmp/pip-install-dsga__i7/python-apt/setup.py", line 11, in <module>
|
|
||||||
# string.split(parse_makefile("python/makefile")["APT_PKG_SRC"]))
|
|
||||||
# AttributeError: module 'string' has no attribute 'split'
|
|
||||||
# ----------------------------------------
|
|
||||||
# ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
|
|
||||||
# WARNING: You are using pip version 20.2.3; however, version 20.3.3 is available.
|
|
||||||
# You should consider upgrading via the '/data/data/com.termux/files/usr/bin/python3 -m pip install --upgrade pip' command.
|
|
||||||
|
|
||||||
# Arch configuration
|
|
||||||
|
|
||||||
# TODO Patch sudo-fake so it allows using -u so `become` works
|
|
||||||
|
|
||||||
- name: Enable multilib repo
|
|
||||||
lineinfile:
|
|
||||||
path: /etc/pacman.conf
|
|
||||||
regexp: '^#?\s*\[multilib\]$'
|
|
||||||
line: '[multilib]'
|
|
||||||
become: yes
|
|
||||||
when: arch_based and ansible_architecture == "x86_64"
|
|
||||||
notify: udpate pacman cache
|
|
||||||
|
|
||||||
- name: Configure multilib repo
|
|
||||||
lineinfile:
|
|
||||||
path: /etc/pacman.conf
|
|
||||||
regexp: '^#?\s*Include\s*=\s*/etc/pacman.d/mirrorlist'
|
|
||||||
line: 'Include = /etc/pacman.d/mirrorlist'
|
|
||||||
insertafter: '^\[multilib\]$'
|
|
||||||
become: yes
|
|
||||||
when: arch_based and ansible_architecture == "x86_64"
|
|
||||||
notify: udpate pacman cache
|
|
||||||
|
|
||||||
- name: Update cache if needed
|
|
||||||
meta: flush_handlers
|
|
||||||
|
|
||||||
- name: Install ccache
|
|
||||||
pacman:
|
|
||||||
name: ccache
|
|
||||||
state: present
|
|
||||||
extra_args: "--asdeps"
|
|
||||||
become: yes
|
|
||||||
when: arch_based
|
|
||||||
|
|
||||||
- name: Enable makepkg color
|
|
||||||
replace:
|
|
||||||
path: /etc/makepkg.conf
|
|
||||||
regexp: '^BUILDENV=(.+)!color(.+)$'
|
|
||||||
replace: 'BUILDENV=\1color\2'
|
|
||||||
become: yes
|
|
||||||
when: arch_based
|
|
||||||
|
|
||||||
- name: Enable makepkg ccache
|
|
||||||
replace:
|
|
||||||
path: /etc/makepkg.conf
|
|
||||||
regexp: '^BUILDENV=(.+)!ccache(.+)$'
|
|
||||||
replace: 'BUILDENV=\1ccache\2'
|
|
||||||
become: yes
|
|
||||||
when: arch_based
|
|
||||||
|
|
||||||
- name: Remove -mtune from makepkg CFLAGS
|
|
||||||
replace:
|
|
||||||
path: /etc/makepkg.conf
|
|
||||||
regexp: '^#? *CFLAGS=(.+)-mtune=\S+\s(.*)$'
|
|
||||||
replace: "CFLAGS=\\1\\2"
|
|
||||||
become: yes
|
|
||||||
when: arch_based
|
|
||||||
|
|
||||||
- name: Change -march to native from makepkg CFLAGS
|
|
||||||
replace:
|
|
||||||
path: /etc/makepkg.conf
|
|
||||||
regexp: '^#? *CFLAGS=(.+)-march=\S+(\s)(.*)$'
|
|
||||||
replace: "CFLAGS=\\1-march=native\\2\\3"
|
|
||||||
become: yes
|
|
||||||
when: arch_based
|
|
||||||
|
|
||||||
- name: Set makepkg MAKEFLAGS
|
|
||||||
replace:
|
|
||||||
path: /etc/makepkg.conf
|
|
||||||
regexp: '^#? *MAKEFLAGS=(.+)-j[0-9]+(.+)$'
|
|
||||||
replace: "MAKEFLAGS=\\1-j{{ j }}\\2"
|
|
||||||
become: yes
|
|
||||||
vars:
|
|
||||||
j: "{{ [ansible_processor_nproc - 1, 1] | max | int }}"
|
|
||||||
when: arch_based
|
|
||||||
|
|
||||||
- name: Enable pacman ParallelDownloads
|
|
||||||
lineinfile:
|
|
||||||
path: /etc/pacman.conf
|
|
||||||
regexp: '^#?ParallelDownloads'
|
|
||||||
line: 'ParallelDownloads = 5'
|
|
||||||
insertafter: '^\[options\]$'
|
|
||||||
become: yes
|
|
||||||
when: arch_based
|
|
||||||
|
|
||||||
- name: Enable pacman colors
|
|
||||||
lineinfile:
|
|
||||||
path: /etc/pacman.conf
|
|
||||||
regexp: '^#?Color'
|
|
||||||
line: 'Color'
|
|
||||||
insertafter: '^\[options\]$'
|
|
||||||
become: yes
|
|
||||||
when: arch_based
|
|
||||||
|
|
||||||
- name: Enable pacman pac-man
|
|
||||||
lineinfile:
|
|
||||||
path: /etc/pacman.conf
|
|
||||||
regexp: '^#?ILoveCandy'
|
|
||||||
line: 'ILoveCandy'
|
|
||||||
insertafter: '^#?Color'
|
|
||||||
become: yes
|
|
||||||
when: arch_based
|
|
||||||
|
|
||||||
|
|
||||||
# Install alternative package managers
|
|
||||||
- name: List packages from base-devel
|
|
||||||
command: pacman -Sqg base-devel
|
|
||||||
register: base_devel_packages
|
|
||||||
changed_when: no
|
|
||||||
check_mode: no
|
|
||||||
|
|
||||||
- name: Install dependencies for AUR helpers
|
|
||||||
pacman:
|
|
||||||
name: "{{ (base_devel_packages.stdout | split('\n') | reject('eq', 'sudo')) + ['fakeroot'] }}"
|
|
||||||
become: yes
|
|
||||||
when: arch_based
|
|
||||||
# Do not install sudo because maybe sudo-fake is installed (otherwise it conflicts)
|
|
||||||
# It should already be installed already anyway
|
|
||||||
|
|
||||||
- name: Install AUR package manager (Arch)
|
|
||||||
aur:
|
|
||||||
name: yay-bin
|
|
||||||
when: arch
|
|
||||||
|
|
||||||
- name: Install AUR package manager (Manjaro)
|
|
||||||
pacman:
|
|
||||||
name: yay
|
|
||||||
become: yes
|
|
||||||
when: manjaro
|
|
||||||
# Not sure if regular Manjaro has yay in its community packages,
|
|
||||||
# but Manjaro-ARM sure does
|
|
||||||
|
|
||||||
- name: Create cache folder
|
|
||||||
file:
|
|
||||||
state: directory
|
|
||||||
mode: "u=rwx,g=rx,o=rx"
|
|
||||||
path: "{{ ansible_user_dir }}/.cache/automatrop"
|
|
||||||
|
|
||||||
- name: Generate list of packages for package manager
|
- name: Generate list of packages for package manager
|
||||||
set_fact:
|
set_fact:
|
||||||
packages: "{{ query('template', 'package_manager.j2')[0].split('\n')[:-1]|sort|unique }}"
|
packages: "{{ query('template', 'package_manager.j2')[0].split('\n')[:-1]|sort|unique }}"
|
||||||
|
|
|
@ -1,15 +1,5 @@
|
||||||
{# Macros #}
|
{# Macros #}
|
||||||
{% if debian_based %}
|
|
||||||
{% set python_prefix = 'python3' %}
|
|
||||||
{% set lib_suffix = '-common' %}
|
|
||||||
{% else %}
|
|
||||||
{% set python_prefix = 'python' %}
|
|
||||||
{% set lib_suffix = '' %}
|
|
||||||
{% endif %}
|
|
||||||
{# Include essential snippets #}
|
{# Include essential snippets #}
|
||||||
{% include 'snippets/pm_dotfiles_dependencies.j2' %}
|
|
||||||
{% include 'snippets/pm_shell.j2' %}
|
|
||||||
{% include 'snippets/pm_terminal_essentials.j2' %}
|
|
||||||
{% include 'snippets/pm_remote.j2' %}
|
{% include 'snippets/pm_remote.j2' %}
|
||||||
{% include 'snippets/pm_disk_cleanup.j2' %}
|
{% include 'snippets/pm_disk_cleanup.j2' %}
|
||||||
{% include 'snippets/pm_local_monitoring.j2' %}
|
{% include 'snippets/pm_local_monitoring.j2' %}
|
||||||
|
|
|
@ -1,23 +0,0 @@
|
||||||
{#
|
|
||||||
Stuff that is required for scripts/programs of dotfiles to work properly
|
|
||||||
#}
|
|
||||||
coreutils
|
|
||||||
bash
|
|
||||||
grep
|
|
||||||
sed
|
|
||||||
tar
|
|
||||||
openssl
|
|
||||||
git
|
|
||||||
wget
|
|
||||||
curl
|
|
||||||
{% if not termux %}
|
|
||||||
{{ python_prefix }}-pip
|
|
||||||
{# Termux already has pip via Python #}
|
|
||||||
{% endif %}
|
|
||||||
ansible
|
|
||||||
{# Uncompressors #}
|
|
||||||
unzip
|
|
||||||
unrar
|
|
||||||
p7zip
|
|
||||||
{{ python_prefix }}-pystache
|
|
||||||
{# EOF #}
|
|
|
@ -1,24 +0,0 @@
|
||||||
moreutils
|
|
||||||
man
|
|
||||||
visidata
|
|
||||||
{% if can_chown or not arch_based %}
|
|
||||||
insect
|
|
||||||
{% endif %}
|
|
||||||
translate-shell
|
|
||||||
gnupg
|
|
||||||
{# Editor #}
|
|
||||||
{% if termux %}
|
|
||||||
nvim
|
|
||||||
{% else %}
|
|
||||||
neovim
|
|
||||||
{% endif %}
|
|
||||||
{% if not termux %}
|
|
||||||
{{ python_prefix }}-neovim
|
|
||||||
{% endif %}
|
|
||||||
{# Downloaders #}
|
|
||||||
wget
|
|
||||||
{# Uncompressors #}
|
|
||||||
unzip
|
|
||||||
unrar
|
|
||||||
p7zip
|
|
||||||
{# EOF #}
|
|
|
@ -1,4 +1,5 @@
|
||||||
#/usr/bin/env sh
|
#/usr/bin/env sh
|
||||||
|
export NIXPKGS_ALLOW_UNFREE=1
|
||||||
nix-build '<nixpkgs/nixos>' -A vm \
|
nix-build '<nixpkgs/nixos>' -A vm \
|
||||||
-I nixpkgs=channel:nixos-23.05 \
|
-I nixpkgs=channel:nixos-23.05 \
|
||||||
-I nixos-config=./configuration.nix
|
-I nixos-config=./configuration.nix
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
# Enable the X11 windowing system
|
# Enable the X11 windowing system
|
||||||
services.xserver.enable = true;
|
services.xserver.enable = true;
|
||||||
|
|
||||||
# TODO qwerty-fr for X11
|
# FIXME qwerty-fr for X11
|
||||||
|
|
||||||
# Enable CUPS to print documents
|
# Enable CUPS to print documents
|
||||||
services.printing.enable = true;
|
services.printing.enable = true;
|
||||||
|
@ -22,19 +22,63 @@
|
||||||
sound.enable = true;
|
sound.enable = true;
|
||||||
hardware.pulseaudio.enable = true;
|
hardware.pulseaudio.enable = true;
|
||||||
|
|
||||||
# services.xserver.displayManager.gdm.enable = true;
|
services.xserver.displayManager.startx.enable = true;
|
||||||
services.xserver.windowManager.i3.enable = true;
|
services.xserver.windowManager.i3.enable = true;
|
||||||
|
|
||||||
|
# Enable passwordless sudo
|
||||||
|
security.sudo.extraRules = [
|
||||||
|
{ groups = ["wheel"]; commands = [ { command = "ALL"; options = ["NOPASSWD"]; } ]; }
|
||||||
|
];
|
||||||
|
|
||||||
# Users
|
# Users
|
||||||
users.users.geoffrey = {
|
users.users.geoffrey = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
|
# dotfiles dependencies
|
||||||
|
coreutils
|
||||||
|
bash
|
||||||
|
gnugrep
|
||||||
|
gnused
|
||||||
|
gnutar
|
||||||
|
openssl
|
||||||
|
git
|
||||||
|
wget
|
||||||
|
curl
|
||||||
|
python3Packages.pip
|
||||||
|
ansible # TODO Reevaluate
|
||||||
|
|
||||||
|
# shell
|
||||||
|
zsh-completions
|
||||||
|
nix-zsh-completions
|
||||||
|
zsh-history-substring-search
|
||||||
|
antigen # TODO Reevaluate
|
||||||
|
powerline-go
|
||||||
|
|
||||||
|
# terminal essentials
|
||||||
|
moreutils
|
||||||
|
man
|
||||||
|
visidata
|
||||||
|
nodePackages.insect
|
||||||
|
translate-shell
|
||||||
|
unzip
|
||||||
|
unrar
|
||||||
|
p7zip
|
||||||
|
|
||||||
|
# remote
|
||||||
|
openssh
|
||||||
|
rsync
|
||||||
|
tigervnc # FIXME Only with display server
|
||||||
|
|
||||||
|
# DEBUG
|
||||||
firefox
|
firefox
|
||||||
tree
|
tree
|
||||||
lolcat
|
lolcat
|
||||||
];
|
];
|
||||||
initialPassword = "cartable";
|
initialPassword = "cartable"; # DEBUG
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPE41gxrO8oZ5n3saapSwZDViOQphm6RzqgsBUyA88pU geoffrey@frogeye.fr"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
@ -42,8 +86,34 @@
|
||||||
wget
|
wget
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# Enable compilation cache
|
||||||
|
programs = {
|
||||||
|
ccache.enable = true;
|
||||||
|
# TODO Not enough, see https://nixos.wiki/wiki/CCache.
|
||||||
|
# Might want to see if it's worth using on NixOS
|
||||||
|
gnupg.agent.enable = true;
|
||||||
|
|
||||||
|
# TODO Below should be user config
|
||||||
|
|
||||||
|
zsh = {
|
||||||
|
enable = true;
|
||||||
|
autosuggestions.enable = true;
|
||||||
|
enableCompletion = true;
|
||||||
|
syntaxHighlighting.enable = true;
|
||||||
|
};
|
||||||
|
neovim = {
|
||||||
|
enable = true;
|
||||||
|
defaultEditor = true;
|
||||||
|
vimAlias = true;
|
||||||
|
viAlias = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services = {
|
||||||
# Enable the OpenSSH daemon
|
# Enable the OpenSSH daemon
|
||||||
services.openssh.enable = true;
|
openssh.enable = true;
|
||||||
|
getty.autologinUser = "geoffrey"; # DEBUG
|
||||||
|
};
|
||||||
|
|
||||||
# TEST
|
# TEST
|
||||||
system.copySystemConfiguration = true;
|
system.copySystemConfiguration = true;
|
||||||
|
|
Loading…
Reference in a new issue