From d51770a4b48e11b33dde3cae58b40db11eec8646 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Tue, 11 Oct 2022 20:21:38 -0400 Subject: [PATCH 1/6] Start of zsh role, per-user section not yet implemented. --- .../environments/laptop/host_vars/odolinux | 1 - ansible/playbook.yaml | 1 + ansible/roles/users/defaults/main.yaml | 1 - ansible/roles/zsh/handlers/main.yml | 4 +++ ansible/roles/zsh/meta/main.yaml | 2 ++ ansible/roles/zsh/tasks/freebsd.yaml | 17 ++++++++++ ansible/roles/zsh/tasks/linux.yaml | 8 +++++ ansible/roles/zsh/tasks/main.yaml | 5 +++ ansible/roles/zsh/tasks/peruser.yaml | 33 +++++++++++++++++++ 9 files changed, 70 insertions(+), 2 deletions(-) create mode 100644 ansible/roles/zsh/handlers/main.yml create mode 100644 ansible/roles/zsh/meta/main.yaml create mode 100644 ansible/roles/zsh/tasks/freebsd.yaml create mode 100644 ansible/roles/zsh/tasks/linux.yaml create mode 100644 ansible/roles/zsh/tasks/main.yaml create mode 100644 ansible/roles/zsh/tasks/peruser.yaml diff --git a/ansible/environments/laptop/host_vars/odolinux b/ansible/environments/laptop/host_vars/odolinux index 9342780..a700b99 100644 --- a/ansible/environments/laptop/host_vars/odolinux +++ b/ansible/environments/laptop/host_vars/odolinux @@ -1,7 +1,6 @@ os_flavor: "linux" users: talexander: - per_user: true initialize: true uid: 11235 gid: 1000 diff --git a/ansible/playbook.yaml b/ansible/playbook.yaml index 2eee7bd..82a5e13 100644 --- a/ansible/playbook.yaml +++ b/ansible/playbook.yaml @@ -5,3 +5,4 @@ - sudo - users - zrepl + - zsh diff --git a/ansible/roles/users/defaults/main.yaml b/ansible/roles/users/defaults/main.yaml index 89bfa9d..f1f8090 100644 --- a/ansible/roles/users/defaults/main.yaml +++ b/ansible/roles/users/defaults/main.yaml @@ -1,6 +1,5 @@ users: talexander: - per_user: true initialize: true uid: 11235 gid: 11235 diff --git a/ansible/roles/zsh/handlers/main.yml b/ansible/roles/zsh/handlers/main.yml new file mode 100644 index 0000000..0fb3dee --- /dev/null +++ b/ansible/roles/zsh/handlers/main.yml @@ -0,0 +1,4 @@ +- name: restart zrepl + service: + name: zrepl + state: restarted diff --git a/ansible/roles/zsh/meta/main.yaml b/ansible/roles/zsh/meta/main.yaml new file mode 100644 index 0000000..655446a --- /dev/null +++ b/ansible/roles/zsh/meta/main.yaml @@ -0,0 +1,2 @@ +dependencies: + - users diff --git a/ansible/roles/zsh/tasks/freebsd.yaml b/ansible/roles/zsh/tasks/freebsd.yaml new file mode 100644 index 0000000..abb4c5c --- /dev/null +++ b/ansible/roles/zsh/tasks/freebsd.yaml @@ -0,0 +1,17 @@ +- name: Install packages + package: + name: + - zsh + - sqlite3 + - git + - py39-jmespath # Needed on machine running ansible for json_query + state: present + +- include_tasks: + file: tasks/peruser.yaml + apply: + become: yes + become_user: "{{ initialize_user }}" + loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}" + loop_control: + loop_var: initialize_user diff --git a/ansible/roles/zsh/tasks/linux.yaml b/ansible/roles/zsh/tasks/linux.yaml new file mode 100644 index 0000000..86fe213 --- /dev/null +++ b/ansible/roles/zsh/tasks/linux.yaml @@ -0,0 +1,8 @@ +- name: Install packages + package: + name: + - zsh + - sqlite + - git + - python-jmespath # Needed on machine running ansible for json_query + state: present diff --git a/ansible/roles/zsh/tasks/main.yaml b/ansible/roles/zsh/tasks/main.yaml new file mode 100644 index 0000000..d320bc8 --- /dev/null +++ b/ansible/roles/zsh/tasks/main.yaml @@ -0,0 +1,5 @@ +- include: tasks/freebsd.yaml + when: 'os_flavor == "freebsd"' + +- include: tasks/linux.yaml + when: 'os_flavor == "linux"' diff --git a/ansible/roles/zsh/tasks/peruser.yaml b/ansible/roles/zsh/tasks/peruser.yaml new file mode 100644 index 0000000..1a4e4e8 --- /dev/null +++ b/ansible/roles/zsh/tasks/peruser.yaml @@ -0,0 +1,33 @@ +- include_role: + name: per_user +# - name: clone zsh-histdb repo +# git: +# repo: "https://github.com/larkery/zsh-histdb.git" +# dest: "{{ account_homedir.stdout }}/.ansible_deploy/zsh-histdb" +# version: "6c7159be9de8586ac2f19d179d562cf5d10a2bab" +# diff: false + +# - name: Create zshrc additional imports directory +# file: +# name: "{{ account_homedir.stdout }}/.ansible_deploy/zshrc" +# state: directory +# mode: 0700 +# owner: "{{ account_name.stdout }}" +# group: "{{ group_name.stdout }}" + +# - name: Configure zshrc additional imports +# copy: +# src: "files/zshrc_{{ item }}" +# dest: "{{ account_homedir.stdout }}/.ansible_deploy/zshrc/{{ item }}.zsh" +# mode: 0600 +# owner: "{{ account_name.stdout }}" +# group: "{{ group_name.stdout }}" +# with_items: "{{ additional_zshrc_files }}" + +# - name: Configure zshrc +# copy: +# src: files/zshrc +# dest: "{{ account_homedir.stdout }}/.zshrc" +# mode: 0600 +# owner: "{{ account_name.stdout }}" +# group: "{{ group_name.stdout }}" From 238885db9a869259808da0ecc12062aa6362c988 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Tue, 11 Oct 2022 20:33:16 -0400 Subject: [PATCH 2/6] Add the per-user common role. --- ansible/roles/per_user/tasks/main.yml | 33 +++++++++++++++++++ .../roles/per_user/tasks/peruser_freebsd.yaml | 0 .../roles/per_user/tasks/peruser_linux.yaml | 9 +++++ ansible/roles/zsh/tasks/linux.yaml | 9 +++++ 4 files changed, 51 insertions(+) create mode 100644 ansible/roles/per_user/tasks/main.yml create mode 100644 ansible/roles/per_user/tasks/peruser_freebsd.yaml create mode 100644 ansible/roles/per_user/tasks/peruser_linux.yaml diff --git a/ansible/roles/per_user/tasks/main.yml b/ansible/roles/per_user/tasks/main.yml new file mode 100644 index 0000000..b6e38a1 --- /dev/null +++ b/ansible/roles/per_user/tasks/main.yml @@ -0,0 +1,33 @@ +- name: account $HOME + shell: "echo $HOME" + register: account_homedir + changed_when: false + check_mode: no + +- name: account name + command: id -un + register: account_name + changed_when: false + check_mode: no + +- name: group name + command: id -gn + register: group_name + changed_when: false + check_mode: no + +- name: Create directories + file: + name: "{{ account_homedir.stdout }}/{{ item }}" + state: directory + mode: 0700 + owner: "{{ account_name.stdout }}" + group: "{{ group_name.stdout }}" + loop: + - .ansible_deploy + +- include: tasks/peruser_freebsd.yaml + when: 'os_flavor == "freebsd"' + +- include: tasks/peruser_linux.yaml + when: 'os_flavor == "linux"' diff --git a/ansible/roles/per_user/tasks/peruser_freebsd.yaml b/ansible/roles/per_user/tasks/peruser_freebsd.yaml new file mode 100644 index 0000000..e69de29 diff --git a/ansible/roles/per_user/tasks/peruser_linux.yaml b/ansible/roles/per_user/tasks/peruser_linux.yaml new file mode 100644 index 0000000..08e5fc1 --- /dev/null +++ b/ansible/roles/per_user/tasks/peruser_linux.yaml @@ -0,0 +1,9 @@ +- name: Create directories + file: + name: "{{ account_homedir.stdout }}/{{ item }}" + state: directory + mode: 0700 + owner: "{{ account_name.stdout }}" + group: "{{ group_name.stdout }}" + loop: + - .config/systemd/user # user unit files diff --git a/ansible/roles/zsh/tasks/linux.yaml b/ansible/roles/zsh/tasks/linux.yaml index 86fe213..b942562 100644 --- a/ansible/roles/zsh/tasks/linux.yaml +++ b/ansible/roles/zsh/tasks/linux.yaml @@ -6,3 +6,12 @@ - git - python-jmespath # Needed on machine running ansible for json_query state: present + +- include_tasks: + file: tasks/peruser.yaml + apply: + become: yes + become_user: "{{ initialize_user }}" + loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}" + loop_control: + loop_var: initialize_user From 207c7c2f71380ecbb950052714641d33457ad066 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Tue, 11 Oct 2022 20:36:59 -0400 Subject: [PATCH 3/6] Switch all includes to import_tasks. --- ansible/roles/per_user/tasks/main.yml | 4 ++-- ansible/roles/sudo/tasks/main.yaml | 4 ++-- ansible/roles/zrepl/tasks/common.yaml | 4 ++-- ansible/roles/zrepl/tasks/main.yaml | 2 +- ansible/roles/zsh/tasks/main.yaml | 4 ++-- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/ansible/roles/per_user/tasks/main.yml b/ansible/roles/per_user/tasks/main.yml index b6e38a1..bb875d6 100644 --- a/ansible/roles/per_user/tasks/main.yml +++ b/ansible/roles/per_user/tasks/main.yml @@ -26,8 +26,8 @@ loop: - .ansible_deploy -- include: tasks/peruser_freebsd.yaml +- import_tasks: tasks/peruser_freebsd.yaml when: 'os_flavor == "freebsd"' -- include: tasks/peruser_linux.yaml +- import_tasks: tasks/peruser_linux.yaml when: 'os_flavor == "linux"' diff --git a/ansible/roles/sudo/tasks/main.yaml b/ansible/roles/sudo/tasks/main.yaml index 21b33aa..d956446 100644 --- a/ansible/roles/sudo/tasks/main.yaml +++ b/ansible/roles/sudo/tasks/main.yaml @@ -4,8 +4,8 @@ - sudo state: present -- include: tasks/freebsd.yaml +- import_tasks: tasks/freebsd.yaml when: 'os_flavor == "freebsd"' -- include: tasks/linux.yaml +- import_tasks: tasks/linux.yaml when: 'os_flavor == "linux"' diff --git a/ansible/roles/zrepl/tasks/common.yaml b/ansible/roles/zrepl/tasks/common.yaml index 15281dd..433c7ad 100644 --- a/ansible/roles/zrepl/tasks/common.yaml +++ b/ansible/roles/zrepl/tasks/common.yaml @@ -24,8 +24,8 @@ validate: "zrepl configcheck --config %s" notify: "restart zrepl" -- include: tasks/freebsd.yaml +- import_tasks: tasks/freebsd.yaml when: 'os_flavor == "freebsd"' -- include: tasks/linux.yaml +- import_tasks: tasks/linux.yaml when: 'os_flavor == "linux"' diff --git a/ansible/roles/zrepl/tasks/main.yaml b/ansible/roles/zrepl/tasks/main.yaml index 459f178..28ff5b6 100644 --- a/ansible/roles/zrepl/tasks/main.yaml +++ b/ansible/roles/zrepl/tasks/main.yaml @@ -1,2 +1,2 @@ -- include: tasks/common.yaml +- import_tasks: tasks/common.yaml when: zfs_snapshot_datasets is defined diff --git a/ansible/roles/zsh/tasks/main.yaml b/ansible/roles/zsh/tasks/main.yaml index d320bc8..c4f2d20 100644 --- a/ansible/roles/zsh/tasks/main.yaml +++ b/ansible/roles/zsh/tasks/main.yaml @@ -1,5 +1,5 @@ -- include: tasks/freebsd.yaml +- import_tasks: tasks/freebsd.yaml when: 'os_flavor == "freebsd"' -- include: tasks/linux.yaml +- import_tasks: tasks/linux.yaml when: 'os_flavor == "linux"' From ba1d4fb9d97657688e28a267c6cd0628e284896b Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Tue, 11 Oct 2022 21:24:39 -0400 Subject: [PATCH 4/6] Add the base zsh config. --- ansible/ansible.cfg | 4 ++ .../per_user/tasks/{main.yml => main.yaml} | 0 .../zrepl/handlers/{main.yml => main.yaml} | 0 ansible/roles/zsh/defaults/main.yaml | 1 + ansible/roles/zsh/files/zshrc | 40 +++++++++++++ .../zsh/handlers/{main.yml => main.yaml} | 0 ansible/roles/zsh/tasks/peruser.yaml | 57 ++++++++++--------- 7 files changed, 74 insertions(+), 28 deletions(-) rename ansible/roles/per_user/tasks/{main.yml => main.yaml} (100%) rename ansible/roles/zrepl/handlers/{main.yml => main.yaml} (100%) create mode 100644 ansible/roles/zsh/defaults/main.yaml create mode 100644 ansible/roles/zsh/files/zshrc rename ansible/roles/zsh/handlers/{main.yml => main.yaml} (100%) diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg index 8f5d8d2..17471e0 100644 --- a/ansible/ansible.cfg +++ b/ansible/ansible.cfg @@ -1,2 +1,6 @@ [defaults] pipelining = True +# Need to allow world readable tmpfiles for switching to an +# unprivileged user other than the connection user because the setfacl +# command fails on ZFS on FreeBSD. +allow_world_readable_tmpfiles = True diff --git a/ansible/roles/per_user/tasks/main.yml b/ansible/roles/per_user/tasks/main.yaml similarity index 100% rename from ansible/roles/per_user/tasks/main.yml rename to ansible/roles/per_user/tasks/main.yaml diff --git a/ansible/roles/zrepl/handlers/main.yml b/ansible/roles/zrepl/handlers/main.yaml similarity index 100% rename from ansible/roles/zrepl/handlers/main.yml rename to ansible/roles/zrepl/handlers/main.yaml diff --git a/ansible/roles/zsh/defaults/main.yaml b/ansible/roles/zsh/defaults/main.yaml new file mode 100644 index 0000000..c6461fa --- /dev/null +++ b/ansible/roles/zsh/defaults/main.yaml @@ -0,0 +1 @@ +additional_zshrc_files: [] diff --git a/ansible/roles/zsh/files/zshrc b/ansible/roles/zsh/files/zshrc new file mode 100644 index 0000000..c3675b0 --- /dev/null +++ b/ansible/roles/zsh/files/zshrc @@ -0,0 +1,40 @@ +# Lines configured by zsh-newuser-install +HISTFILE=~/.zhistory +HISTSIZE=100000 +SAVEHIST=100000 +setopt appendhistory notify +unsetopt beep +bindkey -e +# End of lines configured by zsh-newuser-install +# The following lines were added by compinstall +# + +# Use menu complete immediately instead of after the first tab +setopt MENU_COMPLETE + +zstyle :compinstall filename "$HOME/.zshrc" + +autoload -Uz compinit +compinit +# End of lines added by compinstall + +# Enable the 2d menu for tab completion +zstyle ':completion:*' menu select + +autoload colors zsh/terminfo +if [[ "$terminfo[colors]" -ge 8 ]]; then + colors +fi +for color in RED GREEN YELLOW BLUE MAGENTA CYAN WHITE; do + eval PR_$color='%{$terminfo[bold]$fg[${(L)color}]%}' + eval PR_LIGHT_$color='%{$fg[${(L)color}]%}' + (( count = $count + 1 )) +done +PR_NO_COLOR="%{$terminfo[sgr0]%}" +PS1="[$PR_BLUE%n$PR_WHITE@$PR_GREEN%U%m%u$PR_NO_COLOR:$PR_RED%2c$PR_NO_COLOR]%(!.#.$) " + +source $HOME/.ansible_deploy/zsh-histdb/sqlite-history.zsh +autoload -Uz add-zsh-hook + +source $HOME/.ansible_deploy/zsh-histdb/histdb-interactive.zsh +bindkey '^r' _histdb-isearch diff --git a/ansible/roles/zsh/handlers/main.yml b/ansible/roles/zsh/handlers/main.yaml similarity index 100% rename from ansible/roles/zsh/handlers/main.yml rename to ansible/roles/zsh/handlers/main.yaml diff --git a/ansible/roles/zsh/tasks/peruser.yaml b/ansible/roles/zsh/tasks/peruser.yaml index 1a4e4e8..c6b7b21 100644 --- a/ansible/roles/zsh/tasks/peruser.yaml +++ b/ansible/roles/zsh/tasks/peruser.yaml @@ -1,33 +1,34 @@ - include_role: name: per_user -# - name: clone zsh-histdb repo -# git: -# repo: "https://github.com/larkery/zsh-histdb.git" -# dest: "{{ account_homedir.stdout }}/.ansible_deploy/zsh-histdb" -# version: "6c7159be9de8586ac2f19d179d562cf5d10a2bab" -# diff: false -# - name: Create zshrc additional imports directory -# file: -# name: "{{ account_homedir.stdout }}/.ansible_deploy/zshrc" -# state: directory -# mode: 0700 -# owner: "{{ account_name.stdout }}" -# group: "{{ group_name.stdout }}" +- name: clone zsh-histdb repo + git: + repo: "https://github.com/larkery/zsh-histdb.git" + dest: "{{ account_homedir.stdout }}/.ansible_deploy/zsh-histdb" + version: "6c7159be9de8586ac2f19d179d562cf5d10a2bab" + diff: false -# - name: Configure zshrc additional imports -# copy: -# src: "files/zshrc_{{ item }}" -# dest: "{{ account_homedir.stdout }}/.ansible_deploy/zshrc/{{ item }}.zsh" -# mode: 0600 -# owner: "{{ account_name.stdout }}" -# group: "{{ group_name.stdout }}" -# with_items: "{{ additional_zshrc_files }}" +- name: Create zshrc additional imports directory + file: + name: "{{ account_homedir.stdout }}/.ansible_deploy/zshrc" + state: directory + mode: 0700 + owner: "{{ account_name.stdout }}" + group: "{{ group_name.stdout }}" -# - name: Configure zshrc -# copy: -# src: files/zshrc -# dest: "{{ account_homedir.stdout }}/.zshrc" -# mode: 0600 -# owner: "{{ account_name.stdout }}" -# group: "{{ group_name.stdout }}" +- name: Configure zshrc additional imports + copy: + src: "files/zshrc_{{ item }}" + dest: "{{ account_homedir.stdout }}/.ansible_deploy/zshrc/{{ item }}.zsh" + mode: 0600 + owner: "{{ account_name.stdout }}" + group: "{{ group_name.stdout }}" + loop: "{{ additional_zshrc_files }}" + +- name: Configure zshrc + copy: + src: files/zshrc + dest: "{{ account_homedir.stdout }}/.zshrc" + mode: 0600 + owner: "{{ account_name.stdout }}" + group: "{{ group_name.stdout }}" From 68a164467deacbb8fb71caaeede82bfd9b624078 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Tue, 11 Oct 2022 21:42:55 -0400 Subject: [PATCH 5/6] Load the ansible_deploy zshrc files. --- ansible/roles/zsh/files/zshrc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/ansible/roles/zsh/files/zshrc b/ansible/roles/zsh/files/zshrc index c3675b0..74b5b22 100644 --- a/ansible/roles/zsh/files/zshrc +++ b/ansible/roles/zsh/files/zshrc @@ -38,3 +38,10 @@ autoload -Uz add-zsh-hook source $HOME/.ansible_deploy/zsh-histdb/histdb-interactive.zsh bindkey '^r' _histdb-isearch + +# TODO: Consider moving to /etc/profile.d +while read file; do + if [ -e "$file" ]; then + source "$file" + fi +done <<<"$(find $HOME/.ansible_deploy/zshrc -maxdepth 1 -type f -name '*.zsh' -print)" From 6eeac615aa55835b62470558f417456146a2553f Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Tue, 11 Oct 2022 21:45:56 -0400 Subject: [PATCH 6/6] Move ansible_deploy under .config. --- ansible/roles/per_user/tasks/main.yaml | 2 +- ansible/roles/zsh/files/zshrc | 6 +++--- ansible/roles/zsh/tasks/peruser.yaml | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ansible/roles/per_user/tasks/main.yaml b/ansible/roles/per_user/tasks/main.yaml index bb875d6..2ef5d5f 100644 --- a/ansible/roles/per_user/tasks/main.yaml +++ b/ansible/roles/per_user/tasks/main.yaml @@ -24,7 +24,7 @@ owner: "{{ account_name.stdout }}" group: "{{ group_name.stdout }}" loop: - - .ansible_deploy + - .config/ansible_deploy - import_tasks: tasks/peruser_freebsd.yaml when: 'os_flavor == "freebsd"' diff --git a/ansible/roles/zsh/files/zshrc b/ansible/roles/zsh/files/zshrc index 74b5b22..c5d8f55 100644 --- a/ansible/roles/zsh/files/zshrc +++ b/ansible/roles/zsh/files/zshrc @@ -33,10 +33,10 @@ done PR_NO_COLOR="%{$terminfo[sgr0]%}" PS1="[$PR_BLUE%n$PR_WHITE@$PR_GREEN%U%m%u$PR_NO_COLOR:$PR_RED%2c$PR_NO_COLOR]%(!.#.$) " -source $HOME/.ansible_deploy/zsh-histdb/sqlite-history.zsh +source $HOME/.config/ansible_deploy/zsh-histdb/sqlite-history.zsh autoload -Uz add-zsh-hook -source $HOME/.ansible_deploy/zsh-histdb/histdb-interactive.zsh +source $HOME/.config/ansible_deploy/zsh-histdb/histdb-interactive.zsh bindkey '^r' _histdb-isearch # TODO: Consider moving to /etc/profile.d @@ -44,4 +44,4 @@ while read file; do if [ -e "$file" ]; then source "$file" fi -done <<<"$(find $HOME/.ansible_deploy/zshrc -maxdepth 1 -type f -name '*.zsh' -print)" +done <<<"$(find $HOME/.config/ansible_deploy/zshrc -maxdepth 1 -type f -name '*.zsh' -print)" diff --git a/ansible/roles/zsh/tasks/peruser.yaml b/ansible/roles/zsh/tasks/peruser.yaml index c6b7b21..36532df 100644 --- a/ansible/roles/zsh/tasks/peruser.yaml +++ b/ansible/roles/zsh/tasks/peruser.yaml @@ -4,13 +4,13 @@ - name: clone zsh-histdb repo git: repo: "https://github.com/larkery/zsh-histdb.git" - dest: "{{ account_homedir.stdout }}/.ansible_deploy/zsh-histdb" + dest: "{{ account_homedir.stdout }}/.config/ansible_deploy/zsh-histdb" version: "6c7159be9de8586ac2f19d179d562cf5d10a2bab" diff: false - name: Create zshrc additional imports directory file: - name: "{{ account_homedir.stdout }}/.ansible_deploy/zshrc" + name: "{{ account_homedir.stdout }}/.config/ansible_deploy/zshrc" state: directory mode: 0700 owner: "{{ account_name.stdout }}" @@ -19,7 +19,7 @@ - name: Configure zshrc additional imports copy: src: "files/zshrc_{{ item }}" - dest: "{{ account_homedir.stdout }}/.ansible_deploy/zshrc/{{ item }}.zsh" + dest: "{{ account_homedir.stdout }}/.config/ansible_deploy/zshrc/{{ item }}.zsh" mode: 0600 owner: "{{ account_name.stdout }}" group: "{{ group_name.stdout }}"