diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg index 8f5d8d2..17471e0 100644 --- a/ansible/ansible.cfg +++ b/ansible/ansible.cfg @@ -1,2 +1,6 @@ [defaults] pipelining = True +# Need to allow world readable tmpfiles for switching to an +# unprivileged user other than the connection user because the setfacl +# command fails on ZFS on FreeBSD. +allow_world_readable_tmpfiles = True diff --git a/ansible/environments/laptop/host_vars/odolinux b/ansible/environments/laptop/host_vars/odolinux index 9342780..a700b99 100644 --- a/ansible/environments/laptop/host_vars/odolinux +++ b/ansible/environments/laptop/host_vars/odolinux @@ -1,7 +1,6 @@ os_flavor: "linux" users: talexander: - per_user: true initialize: true uid: 11235 gid: 1000 diff --git a/ansible/playbook.yaml b/ansible/playbook.yaml index 2eee7bd..82a5e13 100644 --- a/ansible/playbook.yaml +++ b/ansible/playbook.yaml @@ -5,3 +5,4 @@ - sudo - users - zrepl + - zsh diff --git a/ansible/roles/per_user/tasks/main.yaml b/ansible/roles/per_user/tasks/main.yaml new file mode 100644 index 0000000..2ef5d5f --- /dev/null +++ b/ansible/roles/per_user/tasks/main.yaml @@ -0,0 +1,33 @@ +- name: account $HOME + shell: "echo $HOME" + register: account_homedir + changed_when: false + check_mode: no + +- name: account name + command: id -un + register: account_name + changed_when: false + check_mode: no + +- name: group name + command: id -gn + register: group_name + changed_when: false + check_mode: no + +- name: Create directories + file: + name: "{{ account_homedir.stdout }}/{{ item }}" + state: directory + mode: 0700 + owner: "{{ account_name.stdout }}" + group: "{{ group_name.stdout }}" + loop: + - .config/ansible_deploy + +- import_tasks: tasks/peruser_freebsd.yaml + when: 'os_flavor == "freebsd"' + +- import_tasks: tasks/peruser_linux.yaml + when: 'os_flavor == "linux"' diff --git a/ansible/roles/per_user/tasks/peruser_freebsd.yaml b/ansible/roles/per_user/tasks/peruser_freebsd.yaml new file mode 100644 index 0000000..e69de29 diff --git a/ansible/roles/per_user/tasks/peruser_linux.yaml b/ansible/roles/per_user/tasks/peruser_linux.yaml new file mode 100644 index 0000000..08e5fc1 --- /dev/null +++ b/ansible/roles/per_user/tasks/peruser_linux.yaml @@ -0,0 +1,9 @@ +- name: Create directories + file: + name: "{{ account_homedir.stdout }}/{{ item }}" + state: directory + mode: 0700 + owner: "{{ account_name.stdout }}" + group: "{{ group_name.stdout }}" + loop: + - .config/systemd/user # user unit files diff --git a/ansible/roles/sudo/tasks/main.yaml b/ansible/roles/sudo/tasks/main.yaml index 21b33aa..d956446 100644 --- a/ansible/roles/sudo/tasks/main.yaml +++ b/ansible/roles/sudo/tasks/main.yaml @@ -4,8 +4,8 @@ - sudo state: present -- include: tasks/freebsd.yaml +- import_tasks: tasks/freebsd.yaml when: 'os_flavor == "freebsd"' -- include: tasks/linux.yaml +- import_tasks: tasks/linux.yaml when: 'os_flavor == "linux"' diff --git a/ansible/roles/users/defaults/main.yaml b/ansible/roles/users/defaults/main.yaml index 89bfa9d..f1f8090 100644 --- a/ansible/roles/users/defaults/main.yaml +++ b/ansible/roles/users/defaults/main.yaml @@ -1,6 +1,5 @@ users: talexander: - per_user: true initialize: true uid: 11235 gid: 11235 diff --git a/ansible/roles/zrepl/handlers/main.yml b/ansible/roles/zrepl/handlers/main.yaml similarity index 100% rename from ansible/roles/zrepl/handlers/main.yml rename to ansible/roles/zrepl/handlers/main.yaml diff --git a/ansible/roles/zrepl/tasks/common.yaml b/ansible/roles/zrepl/tasks/common.yaml index 15281dd..433c7ad 100644 --- a/ansible/roles/zrepl/tasks/common.yaml +++ b/ansible/roles/zrepl/tasks/common.yaml @@ -24,8 +24,8 @@ validate: "zrepl configcheck --config %s" notify: "restart zrepl" -- include: tasks/freebsd.yaml +- import_tasks: tasks/freebsd.yaml when: 'os_flavor == "freebsd"' -- include: tasks/linux.yaml +- import_tasks: tasks/linux.yaml when: 'os_flavor == "linux"' diff --git a/ansible/roles/zrepl/tasks/main.yaml b/ansible/roles/zrepl/tasks/main.yaml index 459f178..28ff5b6 100644 --- a/ansible/roles/zrepl/tasks/main.yaml +++ b/ansible/roles/zrepl/tasks/main.yaml @@ -1,2 +1,2 @@ -- include: tasks/common.yaml +- import_tasks: tasks/common.yaml when: zfs_snapshot_datasets is defined diff --git a/ansible/roles/zsh/defaults/main.yaml b/ansible/roles/zsh/defaults/main.yaml new file mode 100644 index 0000000..c6461fa --- /dev/null +++ b/ansible/roles/zsh/defaults/main.yaml @@ -0,0 +1 @@ +additional_zshrc_files: [] diff --git a/ansible/roles/zsh/files/zshrc b/ansible/roles/zsh/files/zshrc new file mode 100644 index 0000000..c5d8f55 --- /dev/null +++ b/ansible/roles/zsh/files/zshrc @@ -0,0 +1,47 @@ +# Lines configured by zsh-newuser-install +HISTFILE=~/.zhistory +HISTSIZE=100000 +SAVEHIST=100000 +setopt appendhistory notify +unsetopt beep +bindkey -e +# End of lines configured by zsh-newuser-install +# The following lines were added by compinstall +# + +# Use menu complete immediately instead of after the first tab +setopt MENU_COMPLETE + +zstyle :compinstall filename "$HOME/.zshrc" + +autoload -Uz compinit +compinit +# End of lines added by compinstall + +# Enable the 2d menu for tab completion +zstyle ':completion:*' menu select + +autoload colors zsh/terminfo +if [[ "$terminfo[colors]" -ge 8 ]]; then + colors +fi +for color in RED GREEN YELLOW BLUE MAGENTA CYAN WHITE; do + eval PR_$color='%{$terminfo[bold]$fg[${(L)color}]%}' + eval PR_LIGHT_$color='%{$fg[${(L)color}]%}' + (( count = $count + 1 )) +done +PR_NO_COLOR="%{$terminfo[sgr0]%}" +PS1="[$PR_BLUE%n$PR_WHITE@$PR_GREEN%U%m%u$PR_NO_COLOR:$PR_RED%2c$PR_NO_COLOR]%(!.#.$) " + +source $HOME/.config/ansible_deploy/zsh-histdb/sqlite-history.zsh +autoload -Uz add-zsh-hook + +source $HOME/.config/ansible_deploy/zsh-histdb/histdb-interactive.zsh +bindkey '^r' _histdb-isearch + +# TODO: Consider moving to /etc/profile.d +while read file; do + if [ -e "$file" ]; then + source "$file" + fi +done <<<"$(find $HOME/.config/ansible_deploy/zshrc -maxdepth 1 -type f -name '*.zsh' -print)" diff --git a/ansible/roles/zsh/handlers/main.yaml b/ansible/roles/zsh/handlers/main.yaml new file mode 100644 index 0000000..0fb3dee --- /dev/null +++ b/ansible/roles/zsh/handlers/main.yaml @@ -0,0 +1,4 @@ +- name: restart zrepl + service: + name: zrepl + state: restarted diff --git a/ansible/roles/zsh/meta/main.yaml b/ansible/roles/zsh/meta/main.yaml new file mode 100644 index 0000000..655446a --- /dev/null +++ b/ansible/roles/zsh/meta/main.yaml @@ -0,0 +1,2 @@ +dependencies: + - users diff --git a/ansible/roles/zsh/tasks/freebsd.yaml b/ansible/roles/zsh/tasks/freebsd.yaml new file mode 100644 index 0000000..abb4c5c --- /dev/null +++ b/ansible/roles/zsh/tasks/freebsd.yaml @@ -0,0 +1,17 @@ +- name: Install packages + package: + name: + - zsh + - sqlite3 + - git + - py39-jmespath # Needed on machine running ansible for json_query + state: present + +- include_tasks: + file: tasks/peruser.yaml + apply: + become: yes + become_user: "{{ initialize_user }}" + loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}" + loop_control: + loop_var: initialize_user diff --git a/ansible/roles/zsh/tasks/linux.yaml b/ansible/roles/zsh/tasks/linux.yaml new file mode 100644 index 0000000..b942562 --- /dev/null +++ b/ansible/roles/zsh/tasks/linux.yaml @@ -0,0 +1,17 @@ +- name: Install packages + package: + name: + - zsh + - sqlite + - git + - python-jmespath # Needed on machine running ansible for json_query + state: present + +- include_tasks: + file: tasks/peruser.yaml + apply: + become: yes + become_user: "{{ initialize_user }}" + loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}" + loop_control: + loop_var: initialize_user diff --git a/ansible/roles/zsh/tasks/main.yaml b/ansible/roles/zsh/tasks/main.yaml new file mode 100644 index 0000000..c4f2d20 --- /dev/null +++ b/ansible/roles/zsh/tasks/main.yaml @@ -0,0 +1,5 @@ +- import_tasks: tasks/freebsd.yaml + when: 'os_flavor == "freebsd"' + +- import_tasks: tasks/linux.yaml + when: 'os_flavor == "linux"' diff --git a/ansible/roles/zsh/tasks/peruser.yaml b/ansible/roles/zsh/tasks/peruser.yaml new file mode 100644 index 0000000..36532df --- /dev/null +++ b/ansible/roles/zsh/tasks/peruser.yaml @@ -0,0 +1,34 @@ +- include_role: + name: per_user + +- name: clone zsh-histdb repo + git: + repo: "https://github.com/larkery/zsh-histdb.git" + dest: "{{ account_homedir.stdout }}/.config/ansible_deploy/zsh-histdb" + version: "6c7159be9de8586ac2f19d179d562cf5d10a2bab" + diff: false + +- name: Create zshrc additional imports directory + file: + name: "{{ account_homedir.stdout }}/.config/ansible_deploy/zshrc" + state: directory + mode: 0700 + owner: "{{ account_name.stdout }}" + group: "{{ group_name.stdout }}" + +- name: Configure zshrc additional imports + copy: + src: "files/zshrc_{{ item }}" + dest: "{{ account_homedir.stdout }}/.config/ansible_deploy/zshrc/{{ item }}.zsh" + mode: 0600 + owner: "{{ account_name.stdout }}" + group: "{{ group_name.stdout }}" + loop: "{{ additional_zshrc_files }}" + +- name: Configure zshrc + copy: + src: files/zshrc + dest: "{{ account_homedir.stdout }}/.zshrc" + mode: 0600 + owner: "{{ account_name.stdout }}" + group: "{{ group_name.stdout }}"