talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: talexander:ae43050061e73a5ccc89ad634bf3250ceb2203c5
Branches Tags
talexander:main talexander:nix talexander:kubernetes talexander:mt7927 talexander:yubipi talexander:upstream_amd_debug_tools talexander:install_files_mixin talexander:starship talexander:pixelbook
...
compare: talexander:pixelbook
Branches Tags
talexander:nix talexander:main talexander:kubernetes talexander:mt7927 talexander:yubipi talexander:upstream_amd_debug_tools talexander:install_files_mixin talexander:starship talexander:pixelbook

38 Commits
ae43050061 ... pixelbook

Author SHA1 Message Date
Tom Alexander
06de3fb0ac Disable CPU power consumption settings. 
The pixelbook seems oddly slow. Disabling this to see if it helps.
 2023-11-26 09:31:47 -05:00
Tom Alexander
eaa05e13d0 Enable the wireguard configs. 2023-11-26 09:31:47 -05:00
Tom Alexander
98f6ca10ff Add wireguard configs for pixelbook. 2023-11-26 09:31:47 -05:00
Tom Alexander
675652044f Add support for audio. 2023-11-26 09:31:46 -05:00
Tom Alexander
c901defbf3 Add the pixelbook. 2023-11-26 09:31:46 -05:00
Tom Alexander
8bf7b7d489 Trust additional zfs signing key. 2023-11-26 09:31:46 -05:00
Tom Alexander
6e772f1137 Add pipewire jack replacement. 2023-11-26 09:31:46 -05:00
Tom Alexander
d7f99659f1 Add devfs rules for homeserver. 2023-11-24 10:25:16 -05:00
Tom Alexander
023e362896 Add a script to decrypt and mount disks on the home server. 2023-11-18 14:55:19 -05:00
Tom Alexander
c66327a31f Updates for FreeBSD 14. 2023-11-18 11:02:46 -05:00
Tom Alexander
423d057abd Add restaurant_health_rating. 2023-11-18 11:02:46 -05:00
Tom Alexander
6061f61c16 Remove extra subkey from linux build key. 2023-11-16 12:35:15 -05:00
Tom Alexander
f6bc39a7fb TEMP changes for running on NUC. 2023-11-14 15:05:16 -05:00
Tom Alexander
68e84fdd77 Add node version manager (nvm) and minor fixes. 2023-11-14 15:05:16 -05:00
Tom Alexander
48bdb12e77 Change package name for google cloud sdk on linux. 2023-10-26 21:14:41 -04:00
Tom Alexander
ec72d20455 Fix building ZFS on linux. 2023-10-26 21:14:41 -04:00
Tom Alexander
7f47b1ca1b Enable web-mode for dust files. 2023-10-24 00:59:47 -04:00
Tom Alexander
5fcb37591c Add guard rails to the cpu_set_perf_perc script for FreeBSD. 2023-10-23 20:10:58 -04:00
Tom Alexander
3f0b8162b8 Add cargo-semver-checks to linux. 2023-10-18 12:53:33 -04:00
Tom Alexander
b90ec542de Switch to overlay2 for docker. 
The latest OpenZFS supports overlay2 on top of ZFS which works much better than the zfs storage driver for docker.
 2023-10-18 09:43:58 -04:00
Tom Alexander
16b7a200de Merge branch 'custom_freebsd' 2023-10-18 09:18:54 -04:00
Tom Alexander
e3e7de8eb1 The SHARED_TOOLCHAIN option was removed in FreeBSD 14. 2023-10-16 19:52:37 -04:00
Tom Alexander
51e5917e43 Remove MODULES_WITH_WORLD. 2023-10-16 19:52:37 -04:00
Tom Alexander
2d260dec90 Update the FreeBSD version. 2023-10-16 19:52:37 -04:00
Tom Alexander
72a8d6f615 Build the ports modules with world instead of just with the kernel. 
I'm hoping this fixes an issue where the chroot for building the ports only contains the kernel files and therefore lacks /bin/sh.
 2023-10-16 19:52:37 -04:00
Tom Alexander
34ffd5c100 Build FreeBSD for tigerlake on freebsdupdate. 
I think I need to move to specifying separate src.conf files for each build but I am going to get this working in a simple setup first.
 2023-10-16 19:52:37 -04:00
Tom Alexander
da36f1b3d8 Update build_release script to update the virtual machine OS. 2023-10-16 19:52:37 -04:00
Tom Alexander
1c922c2234 Set up a separate FreeBSD update VM. 
It seems to compile the ports kernel modules into the OS, I need to be running the same kernel version as I am building, so I am putting it into its own VM.
 2023-10-16 19:52:36 -04:00
Tom Alexander
d56132618a Enable guc for hw accelerated encoding for wl-screenrec. 2023-10-16 19:52:36 -04:00
Tom Alexander
575d4360f1 Build current instead of 13.2. 2023-10-16 19:52:36 -04:00
Tom Alexander
e7328f2865 Use /etc/make.conf and /etc/src.conf. 2023-10-16 19:52:36 -04:00
Tom Alexander
6be5ad6b3d Add a manual implementation of building a release. 2023-10-16 19:52:36 -04:00
Tom Alexander
44d3cc61f5 Add release.conf. 2023-10-16 19:52:36 -04:00
Tom Alexander
d20ce1e4d4 TEMP: Add the freebsd_update_server role to odofreebsd for development. 2023-10-16 19:52:36 -04:00
Tom Alexander
7ecf2ef1b1 Check out the freebsd-update-build git repo. 2023-10-16 19:52:35 -04:00
Tom Alexander
fccb2312da Start an ansible role for running a custom freebsd-update server. 2023-10-16 19:52:35 -04:00
Tom Alexander
112cba2b8c Add more ports to be built along with the kernel. 2023-10-16 19:52:35 -04:00
Tom Alexander
1a017cfac7 Add more task templates to the blank role. 2023-10-16 19:52:35 -04:00
77 changed files with 1072 additions and 107 deletions
Expand all files Collapse all files

1
ansible/environments/home/host_vars/homeserver
View File

@@ -18,6 +18,7 @@ hwpstate: false
build_user: build_user:
name: talexander name: talexander
group: talexander group: talexander
devfs_rules: "homeserver_devfs.rules"
jail_zfs_dataset: zmass/encrypted/jails jail_zfs_dataset: zmass/encrypted/jails
jail_zfs_dataset_mountpoint: /jail/main jail_zfs_dataset_mountpoint: /jail/main
jail_canmount: "on" jail_canmount: "on"

4
ansible/environments/laptop/host_vars/odofreebsd
View File

@@ -14,9 +14,9 @@ loader_conf: "odofreebsd_loader.conf"
install_graphics: true install_graphics: true
graphics_driver: "intel" graphics_driver: "intel"
cputype: "intel" cputype: "intel"
cpu_opt: tigerlake cpu_opt: skylake
hwpstate: true hwpstate: true
cores: 8 cores: 4
build_user: build_user:
name: talexander name: talexander
group: talexander group: talexander

4
ansible/environments/laptop/host_vars/odolinux
View File

@@ -32,8 +32,8 @@ enabled_wireguard:
- colo - colo
cputype: "intel" cputype: "intel"
hwpstate: true hwpstate: true
cores: 8 cores: 4
sway_conf_files: sway_conf_files:
- rofimoji - rofimoji
docker_storage_driver: zfs # alternatively overlay2 docker_storage_driver: overlay2 # alternatively zfs
docker_zfs_dataset: zroot/linux/archmain/docker docker_zfs_dataset: zroot/linux/archmain/docker

35
ansible/environments/laptop/host_vars/pixellinux Normal file
View File

@@ -0,0 +1,35 @@
os_flavor: "linux"
users:
talexander:
initialize: true
uid: 11235
gid: 1000
groups:
- name: wheel
- name: users
- name: docker
- name: libvirt
- name: uucp
authorized_keys:
- yubikey
- main_fido
- backup_fido
- homeassistant
gitconfig: "gitconfig_home"
zfs_snapshot_datasets:
- path: zroot/linux/archmain/be
install_graphics: true
graphics_driver: "intel"
build_user:
name: talexander
group: talexander
wireguard_directory: pixel
enabled_wireguard:
- wgh
cputype: "intel"
hwpstate: true
cores: 4
sway_conf_files:
- rofimoji
docker_storage_driver: overlay2 # alternatively zfs
docker_zfs_dataset: zroot/linux/archmain/docker

1
ansible/environments/laptop/hosts
View File

@@ -1,3 +1,4 @@
[gui] [gui]
odolinux ansible_connection=local ansible_host=127.0.0.1 odolinux ansible_connection=local ansible_host=127.0.0.1
odofreebsd ansible_connection=local ansible_host=127.0.0.1 odofreebsd ansible_connection=local ansible_host=127.0.0.1
pixellinux ansible_connection=local ansible_host=127.0.0.1

5
ansible/environments/vm/host_vars/freebsdupdatemrmanager Normal file
View File

@@ -0,0 +1,5 @@
os_flavor: "freebsd"
cpu_opt: skylake
build_user:
name: root
group: wheel

4
ansible/environments/vm/hosts
View File

@@ -1,9 +1,13 @@
[vm] [vm]
poudriereodo ansible_user=builder ansible_host=10.213.177.12 poudriereodo ansible_user=builder ansible_host=10.213.177.12
poudrieremrmanager ansible_user=root ansible_host=poudriere poudrieremrmanager ansible_user=root ansible_host=poudriere
freebsdupdatemrmanager ansible_user=root ansible_host=freebsdupdate
# #
# Put in ~/.ssh/config # Put in ~/.ssh/config
# Host poudriere # Host poudriere
# ProxyJump talexander@mrmanager # ProxyJump talexander@mrmanager
# HostName 10.215.1.203 # HostName 10.215.1.203
# #
# Host freebsdupdate
# ProxyJump talexander@mrmanager
# HostName 10.215.1.213

30
ansible/playbook.yaml
View File

@@ -52,6 +52,7 @@
- javascript - javascript
- launch_keyboard - launch_keyboard
- lvfs - lvfs
- restaurant_health_rating
- hosts: nat_dhcp:homeserver_nat_dhcp:mrmanager_nat_dhcp - hosts: nat_dhcp:homeserver_nat_dhcp:mrmanager_nat_dhcp
vars: vars:
@@ -68,6 +69,7 @@
- portshaker - portshaker
- poudriere - poudriere
- poudrierenginx - poudrierenginx
- freebsd_update_server
- hosts: mrmanager - hosts: mrmanager
vars: vars:
@@ -118,3 +120,31 @@
ansible_become: True ansible_become: True
roles: roles:
- framework_laptop - framework_laptop
- hosts: pixellinux
vars:
ansible_become: True
roles:
- pixelbook
- hosts: odofreebsd
vars:
ansible_become: True
roles:
- freebsd_update_server
- hosts: freebsdupdatemrmanager
vars:
ansible_become: True
roles:
- sudo # for poudboot script
- doas
- fstab
- build
- freebsd_update_server
- hosts: homeserver
vars:
ansible_become: True
roles:
- homeserver

1
ansible/roles/autofs/files/auto_master
View File

@@ -1,4 +1,3 @@
# $FreeBSD$
# #
# Automounter master map, see auto_master(5) for details. # Automounter master map, see auto_master(5) for details.
# #

1
ansible/roles/base/files/login.conf
View File

@@ -7,7 +7,6 @@
# This file controls resource limits, accounting limits and # This file controls resource limits, accounting limits and
# default user environment settings. # default user environment settings.
# #
# $FreeBSD$
# #
# Default settings effectively disable resource limits, see the # Default settings effectively disable resource limits, see the

40
ansible/roles/blank/tasks/common.yaml
View File

@@ -1,3 +1,43 @@
# - name: Create directories
# file:
# name: "{{ item }}"
# state: directory
# mode: 0755
# owner: root
# group: wheel
# loop:
# - /foo/bar
# - name: Install scripts
# copy:
# src: "files/{{ item.src }}"
# dest: "{{ item.dest }}"
# mode: 0755
# owner: root
# group: wheel
# loop:
# - src: foo.bash
# dest: /usr/local/bin/foo
# - name: Install Configuration
# copy:
# src: "files/{{ item.src }}"
# dest: "{{ item.dest }}"
# mode: 0600
# owner: root
# group: wheel
# loop:
# - src: foo.conf
# dest: /usr/local/etc/foo.conf
# - name: Clone Source
# git:
# repo: "https://foo.bar/baz.git"
# dest: /foo/bar
# version: "v1.0.2"
# force: true
# diff: false
- import_tasks: tasks/freebsd.yaml - import_tasks: tasks/freebsd.yaml
when: 'os_flavor == "freebsd"' when: 'os_flavor == "freebsd"'

2
ansible/roles/blank/tasks/linux.yaml
View File

@@ -13,7 +13,7 @@
# name: [] # name: []
# state: present # state: present
# update_cache: true # update_cache: true
# - name: Install packages # - name: Install packages
# package: # package:
# name: # name:

3
ansible/roles/build/defaults/main.yaml
View File

@@ -1 +1,2 @@
freebsd_version: "releng/13.2" # freebsd_version: "releng/13.2"
freebsd_version: "9c80d66ec1b4c5b9ac7aaf5b0fdbb1628d49c181"

53
ansible/roles/build/files/gpg.asc
View File

@@ -1,34 +1,27 @@
-----BEGIN PGP PUBLIC KEY BLOCK----- -----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEXZwWGhYJKwYBBAHaRw8BAQdAfv7qozKkmf4D+5PDzADsMm4aAKDGLha7+Cu0 mDMEXZwWGhYJKwYBBAHaRw8BAQdAfv7qozKkmf4D+5PDzADsMm4aAKDGLha7+Cu0
0H+RsWG0HVRvbSBBbGV4YW5kZXIgPHRvbUBmaXp6LmJ1eno+iJAEExYIADgWIQS4 0H+RsWG0HlRvbSBBbGV4YW5kZXIgPHdvcmtAZml6ei5idXp6PoiQBBMWCAA4FiEE
SBWTY8KHeReVS+En3kDZuEVcGwUCXZwWGgIbAwULCQgHAgYVCAkKCwIEFgIDAQIe uEgVk2PCh3kXlUvhJ95A2bhFXBsFAl+w+R0CGwMFCwkIBwIGFQoJCAsCBBYCAwEC
AQIXgAAKCRAn3kDZuEVcG9glAQDX3Bzaz9sQpycc40LeLxSKQsWplfJigfr8wWOg HgECF4AACgkQJ95A2bhFXBt6fgD+NOYnw9gz5K/q3H5LE/JvqzCSHezJmeGgif0C
C15TywEAqkTtCrTNsltdZERLMre7qnv/6RSo54OW0C4pdN7UUAa0HlRvbSBBbGV4 uU4m1/MA+gPDKME7syEtJsTpELEMrxWWpDW0tD/W1iJE7roGYPQPtB1Ub20gQWxl
YW5kZXIgPHdvcmtAZml6ei5idXp6PoiQBBMWCAA4FiEEuEgVk2PCh3kXlUvhJ95A eGFuZGVyIDx0b21AZml6ei5idXp6PoiQBBMWCAA4FiEEuEgVk2PCh3kXlUvhJ95A
2bhFXBsFAl+w+R0CGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQJ95A2bhF 2bhFXBsFAl2cFhoCGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQJ95A2bhF
XBt6fgD+NOYnw9gz5K/q3H5LE/JvqzCSHezJmeGgif0CuU4m1/MA+gPDKME7syEt XBvYJQEA19wc2s/bEKcnHONC3i8UikLFqZXyYoH6/MFjoAteU8sBAKpE7Qq0zbJb
JsTpELEMrxWWpDW0tD/W1iJE7roGYPQPtB9Ub20gQWxleGFuZGVyIDx0b21AaGFy XWRESzK3u6p7/+kUqOeDltAuKXTe1FAGuDMEXZwWyhYJKwYBBAHaRw8BAQdAPyIL
bW9uaWMuYWk+iJAEExYIADgWIQS4SBWTY8KHeReVS+En3kDZuEVcGwUCX7D5RAIb 4EGg4T5JO9q2kpVDy2WjMiXz3nZXwYW4GLoTYkiI9QQYFggAJgIbAhYhBLhIFZNj
AwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAn3kDZuEVcGzjDAP9pM1ScstOk wod5F5VL4SfeQNm4RVwbBQJlC4ZhBQkLMdaXAIF2IAQZFggAHRYhBIHmRDmWdVAu
ti+oRAsNSk8qsjIsCT9O5voDS0Q7plWlcwD/btKVFO9tPLsXhyvdB+NSwueVs7TA sSUWutOhecmlPA7eBQJdnBbKAAoJENOhecmlPA7ejJ4A/iq7N2mMhx+ovOXm1REo
kRVjlW3hktpefg24OARdnBYaEgorBgEEAZdVAQUBAQdArbTYQgDBMG7EBFTKA6+f ASPF3l4YAAjOHsXqcPtFHKGJAQCiuA71d6CQ+qNZLuka/KVB/etkkJvDzvaTtiQQ
4CWgwl26Lf2b6cyCGfUw2j4DAQgHiHgEGBYIACAWIQS4SBWTY8KHeReVS+En3kDZ QG+gAwkQJ95A2bhFXBtRDgEAqymMavroD5c/4+M/EZ3/d8wxfA9E3Fb/1mt4c2Zr
uEVcGwUCXZwWGgIbDAAKCRAn3kDZuEVcG03MAQCrkjrE+MhtvbfGaHGHlwz9QnF0 NnkBAKYOM+pz/pncFnV+kF7h7TQEEYuGw1JhJVT/duA4lwsLuDMEXZwXARYJKwYB
Z519YzK8Xr8m0O+09QEA9BFCfkAzBM4D4JKeWJh/tmN9U6UexzLrRdY+W9cugAm4 BAHaRw8BAQdAa76TmWuKuiR1bnNV1FUE6oQ4C8A+UiQb8x0k1z2DmTKIfgQYFggA
MwRdnBbKFgkrBgEEAdpHDwEBB0A/IgvgQaDhPkk72raSlUPLZaMyJfPedlfBhbgY JgIbIBYhBLhIFZNjwod5F5VL4SfeQNm4RVwbBQJlC4ZwBQkLMdZgAAoJECfeQNm4
uhNiSIj1BBgWCAAmAhsCFiEEuEgVk2PCh3kXlUvhJ95A2bhFXBsFAl+w+hYFCQe4 RVwb8TkA/RkBu9Ev8iDE5nvn8YF8FRiY56Z5d+SBPG4VvrCzXrmlAP46wUjIRpkM
fcwAgXYgBBkWCAAdFiEEgeZEOZZ1UC6xJRa606F5yaU8Dt4FAl2cFsoACgkQ06F5 rTbb1GMbvYnkeOrBs/qiWjEtHHc3ZLMWD7g4BF2cFygSCisGAQQBl1UBBQEBB0AO
yaU8Dt6MngD+Krs3aYyHH6i85ebVESgBI8XeXhgACM4exepw+0UcoYkBAKK4DvV3 0t3BUxLuokTqKVcheFAZd4UKxAGznPQlvsVyhWWIEgMBCAeIfgQYFggAJgIbDBYh
oJD6o1ku6Rr8pUH962SQm8PO9pO2JBBAb6ADCRAn3kDZuEVcG9uAAP43vUsbe24/ BLhIFZNjwod5F5VL4SfeQNm4RVwbBQJlC4ZwBQkLMdY5AAoJECfeQNm4RVwbXscA
6tjEezAW0a4L2E1u4HNU8t53lolngs1kswEAy1HBdYEMR9TovX/kMeBHLcz1J2pM /A8zRRTCwQKxJ8iz5jmTcVFAhl2vD781Dtv8NvcWd5t8APwIwcuFVZZA3yayhIxi
VRSV0JnJhj5eZwa4MwRdnBcBFgkrBgEEAdpHDwEBB0BrvpOZa4q6JHVuc1XUVQTq 3aqYpMRxpn2t6Nswax1MIM8DBQ==
hDgLwD5SJBvzHSTXPYOZMoh+BBgWCAAmAhsgFiEEuEgVk2PCh3kXlUvhJ95A2bhF =dzEV
XBsFAl+w+hYFCQe4fZUACgkQJ95A2bhFXBs3NgEA3SFYTgRVstidfoEpEZV4DdSL
kXaOwN3Eyba4UniClyMA/2CCxQt24vu19TyvUtOXWCp9Zi8SyIqoeiXQ4ZmhhnQO
uDgEXZwXKBIKKwYBBAGXVQEFAQEHQA7S3cFTEu6iROopVyF4UBl3hQrEAbOc9CW+
xXKFZYgSAwEIB4h+BBgWCAAmAhsMFiEEuEgVk2PCh3kXlUvhJ95A2bhFXBsFAl+w
+hcFCQe4fW4ACgkQJ95A2bhFXBtUXAEAyEJCUNVSJ7qvQv5IXuwbYTX2Mh7JU3+F
GJHO7AWBXCQA/2aLAi9kYmz9ba770XYwTeBZIv9Y6UIwIwVmFdYHC/EM
=a/z4
-----END PGP PUBLIC KEY BLOCK----- -----END PGP PUBLIC KEY BLOCK-----

6
ansible/roles/build/meta/main.yaml
View File

@@ -1,3 +1,5 @@
dependencies: dependencies:
- users - role: users
- gpg when: 'os_flavor == "linux"'
- role: gpg
when: 'os_flavor == "linux"'

9
ansible/roles/build/tasks/common.yaml
View File

@@ -3,12 +3,3 @@
- import_tasks: tasks/linux.yaml - import_tasks: tasks/linux.yaml
when: 'os_flavor == "linux"' when: 'os_flavor == "linux"'
- include_tasks:
file: tasks/peruser.yaml
apply:
become: yes
become_user: "{{ initialize_user }}"
loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}"
loop_control:
loop_var: initialize_user

2
ansible/roles/build/tasks/linux.yaml
View File

@@ -99,7 +99,7 @@
become: true become: true
become_user: "{{ build_user.name }}" become_user: "{{ build_user.name }}"
args: args:
creates: /var/cache/pacman/custom/custom.db.tar creates: /var/cache/pacman/custom/custom.db.tar.sig
- name: Install scripts - name: Install scripts
copy: copy:

6
ansible/roles/build/templates/src.conf.j2
View File

@@ -5,12 +5,12 @@ KERNCONF=CUSTOM
WITH_MALLOC_PRODUCTION=YES WITH_MALLOC_PRODUCTION=YES
WITHOUT_LLVM_ASSERTIONS=YES WITHOUT_LLVM_ASSERTIONS=YES
WITH_REPRODUCIBLE_BUILD=YES WITH_REPRODUCIBLE_BUILD=YES
PORTS_MODULES+=graphics/drm-510-kmod PORTS_MODULES+=graphics/drm-kmod
NO_SHARED=YES PORTS_MODULES+=graphics/gpu-firmware-intel-kmod
PORTS_MODULES+=net/wireguard-kmod
# Would be fun to experiment with: # Would be fun to experiment with:
# WITHOUT_SOURCELESS=YES # WITHOUT_SOURCELESS=YES
# WITHOUT_SHARED_TOOLCHAIN=YES
# WITHOUT_GAMES=YES # WITHOUT_GAMES=YES
# WITHOUT_KERBEROS=YES # WITHOUT_KERBEROS=YES
# WITHOUT_LEGACY_CONSOLE=YES # WITHOUT_LEGACY_CONSOLE=YES

6
ansible/roles/cpu/files/cpu_set_perf_perc_freebsd
View File

@@ -7,6 +7,12 @@ IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
perc=$1 perc=$1
if [ "$perc" -gt 100 ]; then
perc=100
fi
if [ "$perc" -lt 0 ]; then
perc=0
fi
epp=$((100 - perc)) epp=$((100 - perc))
sysctl -N dev.hwpstate_intel | grep -E 'dev.hwpstate_intel.[0-9]+.epp' | while read var; do sysctl -N dev.hwpstate_intel | grep -E 'dev.hwpstate_intel.[0-9]+.epp' | while read var; do

40
ansible/roles/cpu/tasks/linux_intel.yaml
View File

@@ -4,27 +4,27 @@
- powertop - powertop
state: present state: present
- name: Install tmpfiles.d configuration # - name: Install tmpfiles.d configuration
copy: # copy:
src: "files/{{ item }}_tmpfiles.conf" # src: "files/{{ item }}_tmpfiles.conf"
dest: "/etc/tmpfiles.d/{{ item }}.conf" # dest: "/etc/tmpfiles.d/{{ item }}.conf"
mode: 0644 # mode: 0644
owner: root # owner: root
group: wheel # group: wheel
loop: # loop:
- disable_turboboost # - disable_turboboost
- name: Favor energy efficiency for Speed Shift # - name: Favor energy efficiency for Speed Shift
when: hwpstate is defined and hwpstate and cores is defined # when: hwpstate is defined and hwpstate and cores is defined
template: # template:
src: "templates/{{ item.src }}.j2" # src: "templates/{{ item.src }}.j2"
dest: "{{ item.dest }}" # dest: "{{ item.dest }}"
mode: 0755 # mode: 0755
owner: root # owner: root
group: wheel # group: wheel
loop: # loop:
- src: energy_performance_preference.conf # - src: energy_performance_preference.conf
dest: /etc/tmpfiles.d/energy_performance_preference.conf # dest: /etc/tmpfiles.d/energy_performance_preference.conf
- name: Install scripts - name: Install scripts
when: hwpstate is defined and hwpstate when: hwpstate is defined and hwpstate

19
ansible/roles/devfs/files/homeserver_devfs.rules Normal file
View File

@@ -0,0 +1,19 @@
# [localrules=10]
# add path 'input/*' mode 0660 group video
# add path 'usb/*' mode 0660 group usb
[tajailwg=13]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'bpf*' unhide
add path pf unhide
add path pflog unhide
add path pfsynv unhide
add path 'tun*' unhide
[tajaildhcp=14]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'bpf*' unhide

28
ansible/roles/emacs/files/elisp/lang-javascript.el
View File

@@ -94,20 +94,20 @@
) )
;; (use-package web-mode (use-package web-mode
;; :mode (("\\.dust\\'" . web-mode) :mode (("\\.dust\\'" . dust-mode)
;; ) )
;; :config :config
;; (setq web-mode-markup-indent-offset 2) (setq web-mode-markup-indent-offset 2)
;; (setq web-mode-enable-current-element-highlight t) (setq web-mode-enable-current-element-highlight t)
;; ) )
;; ;; Define a custom mode for dust so that org-mode handle #+BEGIN_SRC dust blocks ;; Define a custom mode for dust so that org-mode handle #+BEGIN_SRC dust blocks
;; (define-derived-mode dust-mode web-mode "WebDust" (define-derived-mode dust-mode web-mode "WebDust"
;; "Major mode for editing dust templates in web-mode." "Major mode for editing dust templates in web-mode."
;; (web-mode) (web-mode)
;; (web-mode-set-engine "dust") (web-mode-set-engine "dust")
;; ;; (setq web-mode-content-type "html") ;; (setq web-mode-content-type "html")
;; ) )
(provide 'lang-javascript) (provide 'lang-javascript)

130
ansible/roles/freebsd_update_server/files/build_release.bash Normal file
View File

@@ -0,0 +1,130 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: ${DATA_DIRECTORY:="/usr/local/share/freebsdupdate"}
: ${STAGE_FILE:="${DATA_DIRECTORY}/stage"}
: ${RELEASE_DIRECTORY:="${DATA_DIRECTORY}/release"}
: ${LOG_DIRECTORY:="${DATA_DIRECTORY}/logs"}
: ${PORTS_TREE:="/usr/ports"}
: ${PORTS_REPO:="https://git.FreeBSD.org/ports.git"}
############## Setup #########################
function die {
local status_code="$1"
shift
(>&2 echo "${@}")
exit "$status_code"
}
function log {
(>&2 echo "${@}")
}
############## Program #########################
function main {
assert_directories
local stage=""
if [ -e "$STAGE_FILE" ]; then
local stage=$(cat "$STAGE_FILE")
fi
if [ "$stage" = "selfbuild" ]; then
log_cmd stage_selfbuild
elif [ "$stage" = "selfinstallworld" ]; then
log_cmd stage_selfinstallworld
elif [ "$stage" = "selfconflictcheck" ]; then
log_cmd stage_selfconflictcheck
elif [ "$stage" = "releasebuild" ]; then
log_cmd stage_releasebuild
elif [ "$stage" = "done" ]; then
log_cmd stage_done
else
die 1 "Unhandled stage: \"$stage\"."
fi
}
function log_cmd {
"${@}" |& tee "$LOG_DIRECTORY/$(date +%Y%m%d-%s).log"
}
function self_conflict_check {
if etcupdate status | grep -qE '^ C '; then
die 1 'Conflicts remain in etcupdate. Run `etcupdate resolve` to fix them first.'
fi
}
function assert_directories {
for d in "$DATA_DIRECTORY" "$RELEASE_DIRECTORY" "$LOG_DIRECTORY"; do
if [ ! -e "$d" ]; then
mkdir -p "$d"
fi
done
}
function update_ports_tree {
if [ ! -e "$PORTS_TREE" ]; then
mkdir -p $PORTS_TREE
git -C $PORTS_TREE init --initial-branch=main
git -C $PORTS_TREE remote add origin $PORTS_REPO
fi
git -C $PORTS_TREE fetch origin main # 'refs/heads/main'
git -C $PORTS_TREE checkout FETCH_HEAD
}
function set_stage {
echo "${@}" > "$STAGE_FILE"
}
function stage_selfbuild {
self_conflict_check
assert_directories
update_ports_tree
SRCCONF=/dev/null __MAKE_CONF=/dev/null make -C /usr/src clean
SRCCONF=/dev/null __MAKE_CONF=/dev/null make -C /usr/src buildworld buildkernel
SRCCONF=/dev/null __MAKE_CONF=/dev/null make -C /usr/src installkernel
set_stage "selfinstallworld"
/sbin/shutdown -r now
}
function stage_selfinstallworld {
etcupdate -p
SRCCONF=/dev/null __MAKE_CONF=/dev/null make -C /usr/src installworld
etcupdate -B
set_stage "selfconflictcheck"
stage_selfconflictcheck
}
function stage_selfconflictcheck {
self_conflict_check
set_stage "releasebuild"
/sbin/shutdown -r now
}
function stage_releasebuild {
local today=$(date +%Y%m%d)
local target_directory="${RELEASE_DIRECTORY}/${today}"
if [ -e "$target_directory" ]; then
die 1 "The release directory $target_directory already exists. Exiting."
fi
SRCCONF=/dev/null __MAKE_CONF=/dev/null make -C /usr/src clean
make -C /usr/src buildworld buildkernel
make -C /usr/src/release obj
make -C /usr/src/release release
mkdir -p "$target_directory"
make -C /usr/src/release install DESTDIR="$target_directory"
set_stage "done"
}
function stage_done {
log "Everything is done."
}
main "${@}"

120
ansible/roles/freebsd_update_server/files/release.conf Normal file
View File

@@ -0,0 +1,120 @@
#!/bin/sh
#
## Redefine environment variables here to override prototypes
## defined in release.sh.
#load_chroot_env() { }
#load_target_env() { }
#buildenv_setup() { }
## Set the directory within which the release will be built.
CHROOTDIR="/scratch"
## Do not explicitly require the devel/git port to be installed.
#NOGIT=1
## Set the version control system host.
GITROOT="https://git.freebsd.org/"
GITSRC="src.git"
GITPORTS="ports.git"
## Set the src/, ports/, and doc/ branches or tags.
#SRCBRANCH="stable/13"
SRCBRANCH="main"
PORTBRANCH="main"
## Sample configuration for using git from ports.
#GITCMD="/usr/local/bin/git clone -q --branch main"
## Set to override the default target architecture.
#TARGET="amd64"
#TARGET_ARCH="amd64"
#KERNEL="GENERIC"
KERNEL="GENERIC-NODEBUG"
## Multiple kernels may be set.
#KERNEL="GENERIC XENHVM"
## Set to specify a custom make.conf and/or src.conf
#MAKE_CONF="/etc/local/make.conf"
MAKE_CONF="/etc/make.conf"
#SRC_CONF="/etc/local/src.conf"
SRC_CONF="/etc/src.conf"
## Set to use make(1) flags.
#MAKE_FLAGS="-s"
## Set to use world- and kernel-specific make(1) flags.
#WORLD_FLAGS="-j $(sysctl -n hw.ncpu)"
#KERNEL_FLAGS="-j $(( $(( $(sysctl -n hw.ncpu) + 1 )) / 2 ))"
## Set miscellaneous 'make release' settings.
#NOPORTS=
#NOSRC=
#WITH_DVD=
#WITH_COMPRESSED_IMAGES=
## Set to '1' to disable multi-threaded xz(1) compression.
#XZ_THREADS=0
## Set when building embedded images.
#EMBEDDEDBUILD=
## Set to a list of ports required to build embedded system-on-chip
## images, such as sysutils/u-boot-rpi.
#EMBEDDEDPORTS=
## Set to the hardware platform of the target userland. This value
## is passed to make(1) to set the TARGET (value of uname -m) to cross
## build.
#EMBEDDED_TARGET=
## Set to the machine processor architecture of the target userland.
## This value is passed to make(1) to set the TARGET_ARCH (value of uname -p)
## to cross build.
#EMBEDDED_TARGET_ARCH=
## Set to skip the chroot environment buildworld/installworld/distribution
## step if it is expected the build environment will exist via alternate
## means.
#CHROOTBUILD_SKIP=
## Set to a non-empty value skip checkout or update of /usr/src in
## the chroot. This is intended for use when /usr/src already exists.
#SRC_UPDATE_SKIP=
## Set to a non-empty value skip checkout or update of /usr/ports in
## the chroot. This is intended for use when /usr/ports already exists.
#PORTS_UPDATE_SKIP=
## Set to pass additional flags to make(1) for the build chroot setup, such
## as TARGET/TARGET_ARCH.
#CHROOT_MAKEENV=
## Set to a non-empty value to build virtual machine images as part of the
## release build.
#WITH_VMIMAGES=
## Set to a non-empty value to compress virtual machine images with xz(1)
## as part of the release build.
#WITH_COMPRESSED_VMIMAGES=
## If WITH_VMIMAGES is set to a non-empty value, this is the name of the
## file to use for the installed userland/kernel.
#VMBASE="vm"
## If WITH_VMIMAGES is set to a non-empty value, this is the size of the
## virtual machine disk filesystem. Valid size values are described in
## the makefs(8) manual page.
#VMSIZE="20g"
## If WITH_VMIMAGES is set to a non-empty value, this is a list of disk
## image formats to create. Valid values are listed in the mkimg(1)
## manual page, as well as 'mkimg --formats' output.
#VMFORMATS="vhdf vmdk qcow2 raw"
## Set to a non-empty value to build virtual machine images for various
## cloud providers as part of the release build.
#WITH_CLOUDWARE=
## If WITH_CLOUDWARE is set to a non-empty value, this is a list of providers
## to create disk images.
#CLOUDWARE="EC2 GCE VAGRANT-VIRTUALBOX VAGRANT-VMWARE"

5
ansible/roles/freebsd_update_server/tasks/common.yaml Normal file
View File

@@ -0,0 +1,5 @@
- import_tasks: tasks/freebsd.yaml
when: 'os_flavor == "freebsd" and build_user is defined'
- import_tasks: tasks/linux.yaml
when: 'os_flavor == "linux"'

50
ansible/roles/freebsd_update_server/tasks/freebsd.yaml Normal file
View File

@@ -0,0 +1,50 @@
- name: Install packages
package:
name:
- git
- tmux # For convenience
- htop # For convenience
- bash
state: present
- name: Create directories
file:
name: "{{ item }}"
state: directory
mode: 0755
owner: "{{ build_user.name }}"
group: "{{ build_user.group }}"
loop:
- /opt/freebsd_update_server
- name: Clone freebsd-update-build
git:
repo: "https://github.com/freebsd/freebsd-update-build.git"
dest: /opt/freebsd_update_server/freebsd-update-build
version: "28bb3ae7de9c1332fe8a366fb154a5b9faf37f49"
force: true
become: true
become_user: "{{ build_user.name }}"
diff: false
- name: Install Configuration
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0600
owner: "{{ build_user.name }}"
group: "{{ build_user.group }}"
loop:
- src: release.conf
dest: /opt/freebsd_update_server/release.conf
- name: Install scripts
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0755
owner: root
group: wheel
loop:
- src: build_release.bash
dest: /usr/local/bin/build_release

29
ansible/roles/freebsd_update_server/tasks/linux.yaml Normal file
View File

@@ -0,0 +1,29 @@
# - name: Build aur packages
# register: buildaur
# become_user: "{{ build_user.name }}"
# command: "aurutils-sync --no-view {{ item }}"
# args:
# creates: "/var/cache/pacman/custom/{{ item }}-*.pkg.tar.*"
# loop:
# - foo
# - name: Update cache
# when: buildaur.changed
# pacman:
# name: []
# state: present
# update_cache: true
# - name: Install packages
# package:
# name:
# - foo
# state: present
# - name: Enable services
# systemd:
# enabled: yes
# name: "{{ item }}"
# daemon_reload: yes
# loop:
# - foo.service

2
ansible/roles/freebsd_update_server/tasks/main.yaml Normal file
View File

@@ -0,0 +1,2 @@
- import_tasks: tasks/common.yaml
# when: foo is defined

10
ansible/roles/fstab/tasks/common.yaml
View File

@@ -3,13 +3,3 @@
- import_tasks: tasks/linux.yaml - import_tasks: tasks/linux.yaml
when: 'os_flavor == "linux"' when: 'os_flavor == "linux"'
- include_tasks:
file: tasks/peruser.yaml
apply:
become: yes
become_user: "{{ initialize_user }}"
when: users is defined
loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}"
loop_control:
loop_var: initialize_user

6
ansible/roles/google_cloud_sdk/tasks/linux.yaml
View File

@@ -5,7 +5,7 @@
args: args:
creates: "/var/cache/pacman/custom/{{ item }}-*.pkg.tar.*" creates: "/var/cache/pacman/custom/{{ item }}-*.pkg.tar.*"
loop: loop:
- google-cloud-sdk - google-cloud-cli
- name: Update cache - name: Update cache
when: buildaur.changed when: buildaur.changed
@@ -13,9 +13,9 @@
name: [] name: []
state: present state: present
update_cache: true update_cache: true
- name: Install packages - name: Install packages
package: package:
name: name:
- google-cloud-sdk - google-cloud-cli
state: present state: present

3
ansible/roles/gpg/templates/gpg-agent.conf.j2
View File

@@ -4,3 +4,6 @@ use-standard-socket
default-cache-ttl 600 default-cache-ttl 600
max-cache-ttl 7200 max-cache-ttl 7200
display :0 display :0
{% if install_graphics and os_flavor == "freebsd" %}
pinentry-program /usr/local/bin/pinentry-qt5
{% endif %}

2
ansible/roles/graphics/files/intel_hw_accel_video_loader.conf Normal file
View File

@@ -0,0 +1,2 @@
#enable_guc=2
#hw.i915kms.enable_guc=2

1
ansible/roles/graphics/tasks/freebsd_intel.yaml
View File

@@ -29,6 +29,7 @@
group: wheel group: wheel
loop: loop:
- intel_power - intel_power
- intel_hw_accel_video
- name: Install service configuration - name: Install service configuration
copy: copy:

10
ansible/roles/homeserver/files/decrypt_disks.bash Normal file
View File

@@ -0,0 +1,10 @@
#!/usr/bin/env bash
#
# Decrypt and mount the disks after a fresh reboot.
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
zfs load-key -r zmass/encrypted
zfs mount -a
service bemount start

55
ansible/roles/homeserver/tasks/common.yaml Normal file
View File

@@ -0,0 +1,55 @@
# - name: Create directories
# file:
# name: "{{ item }}"
# state: directory
# mode: 0755
# owner: root
# group: wheel
# loop:
# - /foo/bar
# - name: Install scripts
# copy:
# src: "files/{{ item.src }}"
# dest: "{{ item.dest }}"
# mode: 0755
# owner: root
# group: wheel
# loop:
# - src: foo.bash
# dest: /usr/local/bin/foo
# - name: Install Configuration
# copy:
# src: "files/{{ item.src }}"
# dest: "{{ item.dest }}"
# mode: 0600
# owner: root
# group: wheel
# loop:
# - src: foo.conf
# dest: /usr/local/etc/foo.conf
# - name: Clone Source
# git:
# repo: "https://foo.bar/baz.git"
# dest: /foo/bar
# version: "v1.0.2"
# force: true
# diff: false
- import_tasks: tasks/freebsd.yaml
when: 'os_flavor == "freebsd"'
- import_tasks: tasks/linux.yaml
when: 'os_flavor == "linux"'
- include_tasks:
file: tasks/peruser.yaml
apply:
become: yes
become_user: "{{ initialize_user }}"
when: users is defined
loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}"
loop_control:
loop_var: initialize_user

10
ansible/roles/homeserver/tasks/freebsd.yaml Normal file
View File

@@ -0,0 +1,10 @@
- name: Install scripts
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0755
owner: root
group: wheel
loop:
- src: decrypt_disks.bash
dest: /usr/local/bin/decrypt_disks

29
ansible/roles/homeserver/tasks/linux.yaml Normal file
View File

@@ -0,0 +1,29 @@
# - name: Build aur packages
# register: buildaur
# become_user: "{{ build_user.name }}"
# command: "aurutils-sync --no-view {{ item }}"
# args:
# creates: "/var/cache/pacman/custom/{{ item }}-*.pkg.tar.*"
# loop:
# - foo
# - name: Update cache
# when: buildaur.changed
# pacman:
# name: []
# state: present
# update_cache: true
# - name: Install packages
# package:
# name:
# - foo
# state: present
# - name: Enable services
# systemd:
# enabled: yes
# name: "{{ item }}"
# daemon_reload: yes
# loop:
# - foo.service

2
ansible/roles/homeserver/tasks/main.yaml Normal file
View File

@@ -0,0 +1,2 @@
- import_tasks: tasks/common.yaml
# when: foo is defined

0
ansible/roles/build/tasks/peruser.yaml → ansible/roles/homeserver/tasks/peruser.yaml
View File

0
ansible/roles/build/tasks/peruser_freebsd.yaml → ansible/roles/homeserver/tasks/peruser_freebsd.yaml
View File

0
ansible/roles/build/tasks/peruser_linux.yaml → ansible/roles/homeserver/tasks/peruser_linux.yaml
View File

5
ansible/roles/jail_nat_dhcp/files/kea-dhcp4.conf
View File

@@ -78,6 +78,11 @@
// brianai // brianai
"hw-address": "06:a6:dc:59:78:12", "hw-address": "06:a6:dc:59:78:12",
"ip-address": "10.215.1.215" "ip-address": "10.215.1.215"
},
{
// freebsdupdate
"hw-address": "06:14:5c:92:3d:5b",
"ip-address": "10.215.1.213"
} }
] ]
} }

16
ansible/roles/javascript/tasks/linux.yaml
View File

@@ -1,3 +1,19 @@
- name: Build aur packages
register: buildaur
become_user: "{{ build_user.name }}"
command: "aurutils-sync --no-view {{ item }}"
args:
creates: "/var/cache/pacman/custom/{{ item }}-*.pkg.tar.*"
loop:
- nvm
- name: Update cache
when: buildaur.changed
pacman:
name: []
state: present
update_cache: true
- name: Install packages - name: Install packages
package: package:
name: name:

2
ansible/roles/media/tasks/linux.yaml
View File

@@ -1,5 +1,5 @@
- name: Install packages - name: Install packages
package: package:
name: name:
- youtube-dl - yt-dlp
state: present state: present

3
ansible/roles/network/files/odofreebsd_network.conf
View File

@@ -1,3 +1,4 @@
wlans_ath0="wlan0" #wlans_ath0="wlan0"
wlans_iwm0="wlan0"
ifconfig_wlan0="WPA DHCP" ifconfig_wlan0="WPA DHCP"
ifconfig_wlan0_ipv6="inet6 accept_rtadv" ifconfig_wlan0_ipv6="inet6 accept_rtadv"

4
ansible/roles/pixelbook/files/61-eve-keyboard.hwdb Normal file
View File

@@ -0,0 +1,4 @@
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnGoogle:pnEve:pvr*
KEYBOARD_KEY_5d=delete
KEYBOARD_KEY_d8=leftmeta
KEYBOARD_KEY_db=capslock

BIN
ansible/roles/pixelbook/files/9d71-GOOGLE-EVEMAX-0-tplg.bin Normal file
View File

Binary file not shown.

129
ansible/roles/pixelbook/files/HiFi.conf Normal file
View File

@@ -0,0 +1,129 @@
SectionVerb {
EnableSequence [
cdev "hw:kblr55145663max"
cset "name='codec1_out mo hs_pb_in mi Switch' on"
cset "name='Left DAI Sel Mux' Left"
cset "name='Right DAI Sel Mux' Right"
cset "name='Left Speaker Volume' 3"
cset "name='Right Speaker Volume' 3"
cset "name='Left Digital Volume' 60"
cset "name='Right Digital Volume' 60"
cset "name='Left Spk Switch' on"
cset "name='Right Spk Switch' on"
cset "name='Left Boost Output Voltage' 0"
cset "name='Right Boost Output Voltage' 0"
cset "name='Left Current Limit' 7"
cset "name='Right Current Limit' 7"
cset "name='Headphone Playback Volume' 16"
cset "name='Headset Mic Switch' off"
cset "name='DMIC Switch' on"
cset "name='STO1 ADC MIXL ADC1 Switch' on"
cset "name='Pin5-Port0 Mux' 2"
cset "name='Pin5-Port1 Mux' 2"
cset "name='Pin5-Port2 Mux' 2"
cset "name='Pin6-Port0 Mux' 1"
cset "name='Pin6-Port1 Mux' 1"
cset "name='Pin6-Port2 Mux' 1"
cset "name='Pin7-Port0 Mux' 3"
cset "name='Pin7-Port1 Mux' 3"
cset "name='Pin7-Port2 Mux' 3"
cset "name='ADC Capture Volume' 35"
cset "name='ADC1 Capture Volume' 55"
cset "name='ADC2 Capture Volume' 55"
cset "name='DAC L Mux' STO DAC MIXL"
cset "name='DAC R Mux' STO DAC MIXR"
cset "name='STO1 DAC MIXL DAC L Switch' on"
cset "name='STO1 DAC MIXR DAC R Switch' on"
cset-tlv "name='spk_pb_in dsm 0 dsm_params params' /opt/google/dsm/dsmparam.bin"
]
}
SectionDevice."Speaker" {
Comment "Speaker"
Value {
PlaybackPCM "hw:kblr55145663max,0"
DspName "speaker_eq"
}
}
SectionDevice."Headphones" {
Comment "Headphones"
Value {
PlaybackPCM "hw:kblr55145663max,2"
MixerName "DAC"
JackDev "kbl-r5514-5663-max Headset Jack"
}
EnableSequence [
cset "name='Headphone Jack Switch' on"
]
DisableSequence [
cset "name='Headphone Jack Switch' off"
]
}
SectionDevice."Internal Mic" {
Comment "Internal Microphone"
Value {
CapturePCM "hw:kblr55145663max,4"
CaptureChannelMap "2 3 0 1 -1 -1 -1 -1 -1 -1 -1"
MixerName "ADC2"
DefaultNodeGain "2700"
CaptureChannels "4"
}
EnableSequence [
cset "name='Sto1 ADC MIXL DMIC Switch' on"
cset "name='Sto1 ADC MIXR DMIC Switch' on"
cset "name='Sto2 ADC MIXL DMIC Switch' on"
cset "name='Sto2 ADC MIXR DMIC Switch' on"
]
DisableSequence [
cset "name='Sto1 ADC MIXL DMIC Switch' off"
cset "name='Sto1 ADC MIXR DMIC Switch' off"
cset "name='Sto2 ADC MIXL DMIC Switch' off"
cset "name='Sto2 ADC MIXR DMIC Switch' off"
]
}
SectionDevice."Mic" {
Comment "Headset Microphone"
Value {
CapturePCM "hw:kblr55145663max,1"
JackDev "kbl-r5514-5663-max Headset Jack"
}
EnableSequence [
cset "name='Headset Mic Switch' on"
]
DisableSequence [
cset "name='Headset Mic Switch' off"
]
}
SectionDevice."HDMI1" {
Comment "HDMI 1"
Value {
PlaybackPCM "hw:kblr55145663max,6"
JackDev "kbl-r5514-5663-max HDMI/DP,pcm=6 Jack"
}
}
SectionDevice."HDMI2" {
Comment "HDMI 2"
Value {
PlaybackPCM "hw:kblr55145663max,7"
JackDev "kbl-r5514-5663-max HDMI/DP,pcm=7 Jack"
}
}

BIN
ansible/roles/pixelbook/files/dsmparam.bin Normal file
View File

Binary file not shown.

BIN
ansible/roles/pixelbook/files/dsp_fw_C75061F3-F2B2-4DCC-8F9F-82ABB4131E66.bin Normal file
View File

Binary file not shown.

BIN
ansible/roles/pixelbook/files/dsp_lib_dsm_core_spt_release.bin Normal file
View File

Binary file not shown.

6
ansible/roles/pixelbook/files/kbl-r5514-5663-.conf Normal file
View File

@@ -0,0 +1,6 @@
Syntax 3
SectionUseCase."HiFi" {
File "HiFi.conf"
Comment "Default"
}

2
ansible/roles/pixelbook/files/pixelbook_keyboard_backlight_tmpfiles.conf Normal file
View File

@@ -0,0 +1,2 @@
# Enable the pixelbook keyboard backlight. This seems to persist without needing the tmpfiles.d entry but it is here for clean installs of the machine.
w- /sys/class/leds/chromeos::kbd_backlight/brightness - - - - 100

55
ansible/roles/pixelbook/tasks/common.yaml Normal file
View File

@@ -0,0 +1,55 @@
# - name: Create directories
# file:
# name: "{{ item }}"
# state: directory
# mode: 0755
# owner: root
# group: wheel
# loop:
# - /foo/bar
# - name: Install scripts
# copy:
# src: "files/{{ item.src }}"
# dest: "{{ item.dest }}"
# mode: 0755
# owner: root
# group: wheel
# loop:
# - src: foo.bash
# dest: /usr/local/bin/foo
# - name: Install Configuration
# copy:
# src: "files/{{ item.src }}"
# dest: "{{ item.dest }}"
# mode: 0600
# owner: root
# group: wheel
# loop:
# - src: foo.conf
# dest: /usr/local/etc/foo.conf
# - name: Clone Source
# git:
# repo: "https://foo.bar/baz.git"
# dest: /foo/bar
# version: "v1.0.2"
# force: true
# diff: false
- import_tasks: tasks/freebsd.yaml
when: 'os_flavor == "freebsd"'
- import_tasks: tasks/linux.yaml
when: 'os_flavor == "linux"'
- include_tasks:
file: tasks/peruser.yaml
apply:
become: yes
become_user: "{{ initialize_user }}"
when: users is defined
loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}"
loop_control:
loop_var: initialize_user

5
ansible/roles/pixelbook/tasks/freebsd.yaml Normal file
View File

@@ -0,0 +1,5 @@
# - name: Install packages
# package:
# name:
# - foo
# state: present

57
ansible/roles/pixelbook/tasks/linux.yaml Normal file
View File

@@ -0,0 +1,57 @@
# Audio firmware from instructions at https://wiki.gentoo.org/wiki/Google_Pixelbook_(2017)#Audio
- name: Create directories
file:
name: "{{ item }}"
state: directory
mode: 0755
owner: root
group: wheel
loop:
- /opt/google/dsm
- /usr/share/alsa/ucm2/Intel/kbl-r5514-5663-
- /usr/share/alsa/ucm2/conf.d/kbl-r5514-5663-
- name: Install tmpfiles.d configuration
copy:
src: "files/{{ item }}_tmpfiles.conf"
dest: "/etc/tmpfiles.d/{{ item }}.conf"
mode: 0644
owner: root
group: wheel
loop:
- pixelbook_keyboard_backlight
- name: Install Configuration
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0600
owner: root
group: wheel
loop:
- src: 61-eve-keyboard.hwdb
dest: /etc/udev/hwdb.d/61-eve-keyboard.hwdb
- src: 9d71-GOOGLE-EVEMAX-0-tplg.bin
dest: /lib/firmware/9d71-GOOGLE-EVEMAX-0-tplg.bin
- src: dsp_lib_dsm_core_spt_release.bin
dest: /lib/firmware/dsp_lib_dsm_core_spt_release.bin
- src: dsp_fw_C75061F3-F2B2-4DCC-8F9F-82ABB4131E66.bin
dest: /lib/firmware/intel/dsp_fw_C75061F3-F2B2-4DCC-8F9F-82ABB4131E66.bin
- src: dsmparam.bin
dest: /opt/google/dsm/dsmparam.bin
- src: HiFi.conf
dest: /usr/share/alsa/ucm2/Intel/kbl-r5514-5663-/HiFi.conf
- src: kbl-r5514-5663-.conf
dest: /usr/share/alsa/ucm2/Intel/kbl-r5514-5663-/kbl-r5514-5663-.conf
- name: Create symlinks
file:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: wheel
state: link
loop:
- src: /usr/share/alsa/ucm2/Intel/kbl-r5514-5663-/kbl-r5514-5663-.conf
dest: /usr/share/alsa/ucm2/conf.d/kbl-r5514-5663-/kbl-r5514-5663-.conf

2
ansible/roles/pixelbook/tasks/main.yaml Normal file
View File

@@ -0,0 +1,2 @@
- import_tasks: tasks/common.yaml
# when: foo is defined

0
ansible/roles/fstab/tasks/peruser.yaml → ansible/roles/pixelbook/tasks/peruser.yaml
View File

0
ansible/roles/fstab/tasks/peruser_freebsd.yaml → ansible/roles/pixelbook/tasks/peruser_freebsd.yaml
View File

0
ansible/roles/fstab/tasks/peruser_linux.yaml → ansible/roles/pixelbook/tasks/peruser_linux.yaml
View File

2
ansible/roles/poudriere/files/poudriere.d/13amd64-default-framework-make.conf
View File

@@ -4,7 +4,7 @@
# #
# Example from bottom of /usr/share/examples/etc/make.conf # Example from bottom of /usr/share/examples/etc/make.conf
.if ${.CURDIR:N*/lang/gcc48*} && ${.CURDIR:N*/lang/gcc10*} && ${.CURDIR:N*/devel/qt6-base*} .if ${.CURDIR:N*/lang/gcc48*} && ${.CURDIR:N*/lang/gcc10*} && ${.CURDIR:N*/devel/qt6-base*}
CPUTYPE?=tigerlake CPUTYPE?=skylake
# CPUTYPE?=x86-64-v4 # CPUTYPE?=x86-64-v4
.endif .endif

1
ansible/roles/poudriere/files/poudriere.d/13amd64-default-framework-pkglist
View File

@@ -20,6 +20,7 @@ dns/coredns
editors/emacs editors/emacs
editors/mg editors/mg
ftp/wget ftp/wget
graphics/ImageMagick
graphics/drm-kmod graphics/drm-kmod
graphics/evince graphics/evince
graphics/gimp graphics/gimp

55
ansible/roles/restaurant_health_rating/tasks/common.yaml Normal file
View File

@@ -0,0 +1,55 @@
# - name: Create directories
# file:
# name: "{{ item }}"
# state: directory
# mode: 0755
# owner: root
# group: wheel
# loop:
# - /foo/bar
# - name: Install scripts
# copy:
# src: "files/{{ item.src }}"
# dest: "{{ item.dest }}"
# mode: 0755
# owner: root
# group: wheel
# loop:
# - src: foo.bash
# dest: /usr/local/bin/foo
# - name: Install Configuration
# copy:
# src: "files/{{ item.src }}"
# dest: "{{ item.dest }}"
# mode: 0600
# owner: root
# group: wheel
# loop:
# - src: foo.conf
# dest: /usr/local/etc/foo.conf
# - name: Clone Source
# git:
# repo: "https://foo.bar/baz.git"
# dest: /foo/bar
# version: "v1.0.2"
# force: true
# diff: false
- import_tasks: tasks/freebsd.yaml
when: 'os_flavor == "freebsd"'
- import_tasks: tasks/linux.yaml
when: 'os_flavor == "linux"'
- include_tasks:
file: tasks/peruser.yaml
apply:
become: yes
become_user: "{{ initialize_user }}"
when: users is defined
loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}"
loop_control:
loop_var: initialize_user

5
ansible/roles/restaurant_health_rating/tasks/freebsd.yaml Normal file
View File

@@ -0,0 +1,5 @@
- name: Install packages
package:
name:
- ImageMagick7
state: present

6
ansible/roles/restaurant_health_rating/tasks/linux.yaml Normal file
View File

@@ -0,0 +1,6 @@
- name: Install packages
package:
name:
- imagemagick
- web-ext
state: present

2
ansible/roles/restaurant_health_rating/tasks/main.yaml Normal file
View File

@@ -0,0 +1,2 @@
- import_tasks: tasks/common.yaml
# when: foo is defined

29
ansible/roles/restaurant_health_rating/tasks/peruser.yaml Normal file
View File

@@ -0,0 +1,29 @@
- include_role:
name: per_user
# - name: Create directories
# file:
# name: "{{ account_homedir.stdout }}/{{ item }}"
# state: directory
# mode: 0700
# owner: "{{ account_name.stdout }}"
# group: "{{ group_name.stdout }}"
# loop:
# - ".config/foo"
# - name: Copy files
# copy:
# src: "files/{{ item.src }}"
# dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
# mode: 0600
# owner: "{{ account_name.stdout }}"
# group: "{{ group_name.stdout }}"
# loop:
# - src: foo.conf
# dest: .config/foo/foo.conf
- import_tasks: tasks/peruser_freebsd.yaml
when: 'os_flavor == "freebsd"'
- import_tasks: tasks/peruser_linux.yaml
when: 'os_flavor == "linux"'

0
ansible/roles/restaurant_health_rating/tasks/peruser_freebsd.yaml Normal file
View File

0
ansible/roles/restaurant_health_rating/tasks/peruser_linux.yaml Normal file
View File

1
ansible/roles/rust/tasks/linux.yaml
View File

@@ -5,4 +5,5 @@
- lldb # for lldb-vscode - lldb # for lldb-vscode
- musl # for building static binaries - musl # for building static binaries
- rust-analyzer - rust-analyzer
- cargo-semver-checks
state: present state: present

4
ansible/roles/sound/tasks/linux.yaml
View File

@@ -13,7 +13,7 @@
# name: [] # name: []
# state: present # state: present
# update_cache: true # update_cache: true
- name: Install packages - name: Install packages
package: package:
name: name:
@@ -21,4 +21,6 @@
- pipewire-pulse - pipewire-pulse
- wireplumber - wireplumber
- pavucontrol - pavucontrol
- pipewire-jack
- lib32-pipewire-jack
state: present state: present

4
ansible/roles/sshd/files/sshd_config
View File

@@ -89,7 +89,7 @@ KbdInteractiveAuthentication no
#AllowAgentForwarding yes #AllowAgentForwarding yes
#AllowTcpForwarding yes #AllowTcpForwarding yes
#GatewayPorts no #GatewayPorts no
#X11Forwarding yes #X11Forwarding no
#X11DisplayOffset 10 #X11DisplayOffset 10
#X11UseLocalhost yes #X11UseLocalhost yes
#PermitTTY yes #PermitTTY yes
@@ -106,7 +106,7 @@ KbdInteractiveAuthentication no
#PermitTunnel no #PermitTunnel no
#ChrootDirectory none #ChrootDirectory none
#UseBlacklist no #UseBlacklist no
#VersionAddendum FreeBSD-20230316 #VersionAddendum FreeBSD-20231004
# no default banner path # no default banner path
#Banner none #Banner none

1
ansible/roles/sway/tasks/linux.yaml
View File

@@ -5,7 +5,6 @@
args: args:
creates: "/var/cache/pacman/custom/{{ item }}-*.pkg.tar.*" creates: "/var/cache/pacman/custom/{{ item }}-*.pkg.tar.*"
loop: loop:
- wev
- wlvncc-git - wlvncc-git
- wl-screenrec-git - wl-screenrec-git

BIN
ansible/roles/wireguard/files/wireguard_configs/pixel/wgf.conf Normal file
View File

Binary file not shown.

BIN
ansible/roles/wireguard/files/wireguard_configs/pixel/wgh.conf Normal file
View File

Binary file not shown.

15
ansible/roles/zfs/tasks/linux.yaml
View File

@@ -4,6 +4,21 @@
- linux-lts-headers - linux-lts-headers
state: present state: present
- name: Check trusted gpg keys
become_user: "{{ build_user.name }}"
command: gpg --list-public-keys --keyid-format LONG
register: gpgkeys
changed_when: false
check_mode: no
- name: Trust ZFS key
when: "item not in gpgkeys.stdout"
become_user: "{{ build_user.name }}"
command: "gpg --recv-key '{{ item }}'"
loop:
- "0AB9E991C6AF658B"
- "6AD860EED4598027"
- name: Build aur packages - name: Build aur packages
register: buildaur register: buildaur
become_user: "{{ build_user.name }}" become_user: "{{ build_user.name }}"

4
ansible/run.bash
View File

@@ -22,6 +22,8 @@ elif [ "$target" = "odolinux" ]; then
ansible-playbook -v -i environments/laptop playbook.yaml --diff --limit odolinux "${@}" ansible-playbook -v -i environments/laptop playbook.yaml --diff --limit odolinux "${@}"
elif [ "$target" = "odofreebsd" ]; then elif [ "$target" = "odofreebsd" ]; then
ansible-playbook -v -i environments/laptop playbook.yaml --diff --limit odofreebsd "${@}" ansible-playbook -v -i environments/laptop playbook.yaml --diff --limit odofreebsd "${@}"
elif [ "$target" = "pixellinux" ]; then
ansible-playbook -v -i environments/laptop playbook.yaml --diff --limit pixellinux "${@}"
elif [ "$target" = "jail_nat_dhcp" ]; then elif [ "$target" = "jail_nat_dhcp" ]; then
ansible-playbook -v -i environments/jail playbook.yaml --diff --limit nat_dhcp "${@}" ansible-playbook -v -i environments/jail playbook.yaml --diff --limit nat_dhcp "${@}"
elif [ "$target" = "jail_homeserver_nat_dhcp" ]; then elif [ "$target" = "jail_homeserver_nat_dhcp" ]; then
@@ -38,6 +40,8 @@ elif [ "$target" = "jail_admin_git" ]; then
ansible-playbook -v -i environments/jail playbook.yaml --diff --limit admin_git "${@}" ansible-playbook -v -i environments/jail playbook.yaml --diff --limit admin_git "${@}"
elif [ "$target" = "jail_public_dns" ]; then elif [ "$target" = "jail_public_dns" ]; then
ansible-playbook -v -i environments/jail playbook.yaml --diff --limit public_dns "${@}" ansible-playbook -v -i environments/jail playbook.yaml --diff --limit public_dns "${@}"
elif [ "$target" = "vm_freebsdupdatemrmanager" ]; then
ansible-playbook -v -i environments/vm playbook.yaml --diff --limit freebsdupdatemrmanager "${@}"
else else
die 1 "Unrecognized target" die 1 "Unrecognized target"
fi fi