talexander
/
machine_setup
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: talexander:main
Branches Tags
talexander:main
talexander:pixelbook
..
compare: talexander:pixelbook
Branches Tags
talexander:main
talexander:pixelbook

13 Commits
main ... pixelbook

Author SHA1 Message Date
Tom Alexander 06de3fb0ac
Disable CPU power consumption settings. 
The pixelbook seems oddly slow. Disabling this to see if it helps.
 6 months ago
Tom Alexander eaa05e13d0
Enable the wireguard configs. 6 months ago
Tom Alexander 98f6ca10ff
Add wireguard configs for pixelbook. 6 months ago
Tom Alexander 675652044f
Add support for audio. 6 months ago
Tom Alexander c901defbf3
Add the pixelbook. 6 months ago
Tom Alexander 8bf7b7d489
Trust additional zfs signing key. 6 months ago
Tom Alexander 6e772f1137
Add pipewire jack replacement. 6 months ago
Tom Alexander d7f99659f1
Add devfs rules for homeserver. 6 months ago
Tom Alexander 023e362896
Add a script to decrypt and mount disks on the home server. 6 months ago
Tom Alexander c66327a31f
Updates for FreeBSD 14. 6 months ago
Tom Alexander 423d057abd
Add restaurant_health_rating. 6 months ago
Tom Alexander 6061f61c16
Remove extra subkey from linux build key. 6 months ago
Tom Alexander f6bc39a7fb
TEMP changes for running on NUC. 6 months ago
211 changed files with 1767 additions and 3398 deletions
Show Stats

1
ansible/environments/colo/host_vars/mrmanager
Unescape Escape View File

@ -15,7 +15,6 @@ pflog_conf:
- name: 0
dev: pflog0
cputype: "amd"
hwpstate: true
etc_hosts: {}
wireguard_directory: mrmanager
enabled_wireguard:

24
ansible/environments/home/host_vars/homeserver
Unescape Escape View File

@ -1,27 +1,7 @@
os_flavor: "freebsd"
custom_repo: "https://freebsdpkg.fizz.buzz/repo/14broadwell-default-computer"
pkgbase_url: "https://freebsdpkg.fizz.buzz/pkgbase/14broadwell-repo/FreeBSD:14:amd64/latest"
zfs_snapshot_datasets:
- path: zroot/freebsd/computer/be
- path: zmass/encrypted/vm
users:
talexander:
initialize: true
uid: 11235
gid: 11235
groups:
- name: wheel
- name: video
- name: u2f
- name: operator # To be able to shutdown without root
- name: webcamd
gid: 145
authorized_keys:
- yubikey
- main_fido
- backup_fido
- homeassistant
gitconfig: "gitconfig_home"
sshd_enabled: true
sshd_conf: "sshd_config"
pf_config: "homeserver_pf.conf"
@ -33,7 +13,11 @@ rc_conf: "homeserver_rc.conf"
loader_conf: "homeserver_loader.conf"
netgraph_config: "setup_netgraph_homeserver"
cputype: "intel"
cpu_opt: broadwell
hwpstate: false
build_user:
name: talexander
group: talexander
devfs_rules: "homeserver_devfs.rules"
jail_zfs_dataset: zmass/encrypted/jails
jail_zfs_dataset_mountpoint: /jail/main

25
ansible/environments/laptop/group_vars/all
Unescape Escape View File

@ -1,28 +1,3 @@
timezone: "America/New_York"
install_bluetooth: true
emacs_flavor: "full"
ssh_hosts:
- name: poudriere
proxy_jump: talexander@mrmanager
host_name: 10.215.1.203
- name: controller0
proxy_jump: talexander@mrmanager
host_name: 10.215.1.204
- name: controller1
proxy_jump: talexander@mrmanager
host_name: 10.215.1.205
- name: controller2
proxy_jump: talexander@mrmanager
host_name: 10.215.1.206
- name: worker0
proxy_jump: talexander@mrmanager
host_name: 10.215.1.207
- name: worker1
proxy_jump: talexander@mrmanager
host_name: 10.215.1.208
- name: worker2
proxy_jump: talexander@mrmanager
host_name: 10.215.1.209
- name: brianai
proxy_jump: talexander@mrmanager
host_name: 10.215.1.215

30
ansible/environments/laptop/host_vars/odofreebsd
Unescape Escape View File

@ -1,23 +1,25 @@
os_flavor: "freebsd"
custom_repo: "https://freebsdpkg.fizz.buzz/repo/currentznver4-default-framework"
pkgbase_url: "https://freebsdpkg.fizz.buzz/pkgbase/currentznver4-repo/FreeBSD:15:amd64/latest"
custom_repo: 13amd64-default-framework
zfs_snapshot_datasets:
- path: zroot/freebsd/current/be/default
- path: zroot/freebsd/release/be/default
sshd_enabled: true
sshd_conf: "sshd_config"
#pf_config: "odofreebsd_pf.conf"
#pflog_conf:
# - name: 0
# dev: pflog0
pf_config: "odofreebsd_pf.conf"
pflog_conf:
- name: 0
dev: pflog0
network_rc: "odofreebsd_network.conf"
rc_conf: "odofreebsd_rc.conf"
loader_conf: "odofreebsd_loader.conf"
install_graphics: true
graphics_driver: "amd"
cputype: "amd"
graphics_driver: "intel"
cputype: "intel"
cpu_opt: skylake
hwpstate: true
cores: 16
sound_system: "oss"
cores: 4
build_user:
name: talexander
group: talexander
users:
talexander:
initialize: true
@ -29,8 +31,6 @@ users:
- name: u2f
- name: operator # To be able to shutdown without root
- name: webcamd
gid: 145
- name: realtime
authorized_keys:
- yubikey
- main_fido
@ -38,14 +38,14 @@ users:
- homeassistant
gitconfig: "gitconfig_home"
devfs_rules: "odo_devfs.rules"
jail_zfs_dataset: zroot/freebsd/current/jails
jail_zfs_dataset: zroot/freebsd/release/jails
jail_zfs_dataset_mountpoint: /jail/main
jail_list:
- name: nat_dhcp
enabled: true
conf:
src: nat_dhcp
bhyve_dataset: zroot/freebsd/current/vm
bhyve_dataset: zroot/freebsd/release/vm
bhyve_list: []
efi_dev: /dev/gpt/EFI
sway_conf_files:

8
ansible/environments/laptop/host_vars/odolinux
Unescape Escape View File

@ -16,13 +16,12 @@ users:
- backup_fido
- homeassistant
gitconfig: "gitconfig_home"
periodic_scrub_pools: [zroot]
zfs_snapshot_datasets:
# - zroot/linux/archmain/home
- path: zroot/linux/archmain/be
- path: zroot/data/bridge/family_disks
install_graphics: true
graphics_driver: "amd"
graphics_driver: "intel"
build_user:
name: talexander
group: talexander
@ -31,9 +30,10 @@ enabled_wireguard:
- wgh
- drmario
- colo
cputype: "amd"
cputype: "intel"
hwpstate: true
cores: 16
cores: 4
sway_conf_files:
- rofimoji
docker_storage_driver: overlay2 # alternatively zfs
docker_zfs_dataset: zroot/linux/archmain/docker

22
ansible/environments/laptop/host_vars/odowork → ansible/environments/laptop/host_vars/pixellinux
Unescape Escape View File

@ -1,6 +1,4 @@
os_flavor: "linux"
hostname: odowork
etc_hosts: {}
users:
talexander:
initialize: true
@ -16,22 +14,22 @@ users:
- yubikey
- main_fido
- backup_fido
gitconfig: "gitconfig_work"
periodic_scrub_pools: [zroot]
- homeassistant
gitconfig: "gitconfig_home"
zfs_snapshot_datasets:
- path: zroot/linux/archwork/be
- path: zroot/linux/archmain/be
install_graphics: true
graphics_driver: "amd"
pgp_key: "gpg_work.asc"
graphics_driver: "intel"
build_user:
name: talexander
group: talexander
# wireguard_directory: odowork
# enabled_wireguard: []
cputype: "amd"
wireguard_directory: pixel
enabled_wireguard:
- wgh
cputype: "intel"
hwpstate: true
cores: 16
cores: 4
sway_conf_files:
- rofimoji
docker_storage_driver: overlay2 # alternatively zfs
closed_source_vscode: true
docker_zfs_dataset: zroot/linux/archmain/docker

2
ansible/environments/laptop/hosts
Unescape Escape View File

@ -1,4 +1,4 @@
[gui]
odolinux ansible_connection=local ansible_host=127.0.0.1
odofreebsd ansible_connection=local ansible_host=127.0.0.1
odowork ansible_connection=local ansible_host=127.0.0.1
pixellinux ansible_connection=local ansible_host=127.0.0.1

5
ansible/environments/vm/host_vars/freebsdupdatemrmanager
Unescape Escape View File

@ -0,0 +1,5 @@
os_flavor: "freebsd"
cpu_opt: skylake
build_user:
name: root
group: wheel

32
ansible/environments/vm/host_vars/poudrieremrmanager
Unescape Escape View File

@ -1,29 +1,13 @@
os_flavor: "freebsd"
custom_repo: "file:///usr/local/poudriere/data/packages/currentznver4-default-framework"
pkgbase_url: "file:///usr/local/poudriere/data/images/currentznver4-repo/FreeBSD:15:amd64/latest"
poudriere_builds:
# - jail: 13amd64
# ports: default
# set: framework
# version: 13.2-RELEASE
- jail: currentznver4
- jail: 13amd64
ports: default
set: framework
version: CURRENT
# revision: 66d37dbedfbf2dc94ccf49e6983c3652d5909b91
kernel: GENERIC-NODEBUG
branch: main
srcconf: currentznver4_src.conf
# - jail: 14broadwell
version: 13.2-RELEASE
# - jail: current
# ports: default
# set: computer
# version: 14.0-RELEASE
# kernel: GENERIC
# srcconf: 14broadwell_src.conf
- jail: 14broadwell
ports: default
set: computer
version: CURRENT
kernel: GENERIC
branch: releng/14.0
srcconf: 14broadwell_src.conf
# set: framework
# version: CURRENT
# revision: af01b4722577903f91acc44f01bdcb8cdb2d65ad
# kernel: CUSTOM
# branch: main

5
ansible/environments/vm/hosts
Unescape Escape View File

@ -1,8 +1,13 @@
[vm]
poudriereodo ansible_user=builder ansible_host=10.213.177.12
poudrieremrmanager ansible_user=root ansible_host=poudriere
freebsdupdatemrmanager ansible_user=root ansible_host=freebsdupdate
#
# Put in ~/.ssh/config
# Host poudriere
# ProxyJump talexander@mrmanager
# HostName 10.215.1.203
#
# Host freebsdupdate
# ProxyJump talexander@mrmanager
# HostName 10.215.1.213

33
ansible/playbook.yaml
Unescape Escape View File

@ -42,9 +42,9 @@
- ansible
- wireguard
- portshaker
- poudriere
- android
- latex
- python
- pyenv
- webcam
- docker
@ -53,8 +53,6 @@
- launch_keyboard
- lvfs
- restaurant_health_rating
- wasm
- noise_suppression
- hosts: nat_dhcp:homeserver_nat_dhcp:mrmanager_nat_dhcp
vars:
@ -68,11 +66,10 @@
roles:
- sudo # for poudboot script
- fstab
- package_manager
- termcap
- portshaker
- poudriere
- poudrierenginx
- freebsd_update_server
- hosts: mrmanager
vars:
@ -118,20 +115,36 @@
- users
- public_dns
- hosts: odolinux:odofreebsd:odowork
- hosts: odolinux:odofreebsd
vars:
ansible_become: True
roles:
- framework_laptop
- hosts: homeserver
- hosts: pixellinux
vars:
ansible_become: True
roles:
- homeserver
- pixelbook
- hosts: odofreebsd
vars:
ansible_become: True
roles:
- freebsd_update_server
- hosts: freebsdupdatemrmanager
vars:
ansible_become: True
roles:
- sudo # for poudboot script
- doas
- fstab
- build
- freebsd_update_server
- hosts: odowork
- hosts: homeserver
vars:
ansible_become: True
roles:
- odowork
- homeserver

44
ansible/roles/alacritty/files/alacritty.toml
Unescape Escape View File

@ -1,44 +0,0 @@
[colors]
draw_bold_text_with_bright_colors = true
indexed_colors = []
[colors.bright]
black = "0x666666"
blue = "0x7aa6da"
cyan = "0x54ced6"
green = "0x9ec400"
magenta = "0xb77ee0"
red = "0xff3334"
white = "0xffffff"
yellow = "0xe7c547"
[colors.normal]
black = "0x000000"
blue = "0x7aa6da"
cyan = "0x70c0ba"
green = "0xb9ca4a"
magenta = "0xc397d8"
red = "0xd54e53"
white = "0xeaeaea"
yellow = "0xe6c547"
[colors.primary]
background = "0x000000"
foreground = "0xeaeaea"
[font]
size = 11.0
[[hints.enabled]]
command = "xdg-open"
post_processing = true
regex = "(ipfs:|ipns:|magnet:|mailto:|gemini:|gopher:|https:|http:|news:|file:|git:|ssh:|ftp:)[^\u0000-\u001F\u007F-Ÿ<>\"\\s{-}\\^⟨⟩`]+"
[hints.enabled.mouse]
enabled = false
mods = "None"
[scrolling]
history = 10000
# Lines moved per scroll.
multiplier = 3

103
ansible/roles/alacritty/files/alacritty.yml
Unescape Escape View File

@ -0,0 +1,103 @@
# If `true`, bold text is drawn using the bright color variants.
draw_bold_text_with_bright_colors: true
colors:
# Default colors
primary:
background: "0x000000"
foreground: "0xeaeaea"
# Bright and dim foreground colors
#
# The dimmed foreground color is calculated automatically if it is not present.
# If the bright foreground color is not set, or `draw_bold_text_with_bright_colors`
# is `false`, the normal foreground color will be used.
#dim_foreground: '0x9a9a9a'
#bright_foreground: '0xffffff'
# Cursor colors
#
# Colors which should be used to draw the terminal cursor. If these are unset,
# the cursor color will be the inverse of the cell color.
#cursor:
# text: '0x000000'
# cursor: '0xffffff'
# Selection colors
#
# Colors which should be used to draw the selection area. If selection
# background is unset, selection color will be the inverse of the cell colors.
# If only text is unset the cell text color will remain the same.
#selection:
# text: '0xeaeaea'
# background: '0x404040'
# Normal colors
normal:
black: "0x000000"
red: "0xd54e53"
green: "0xb9ca4a"
yellow: "0xe6c547"
blue: "0x7aa6da"
magenta: "0xc397d8"
cyan: "0x70c0ba"
white: "0xeaeaea"
# Bright colors
bright:
black: "0x666666"
red: "0xff3334"
green: "0x9ec400"
yellow: "0xe7c547"
blue: "0x7aa6da"
magenta: "0xb77ee0"
cyan: "0x54ced6"
white: "0xffffff"
# Dim colors
#
# If the dim colors are not set, they will be calculated automatically based
# on the `normal` colors.
#dim:
# black: '0x000000'
# red: '0x8c3336'
# green: '0x7a8530'
# yellow: '0x97822e'
# blue: '0x506d8f'
# magenta: '0x80638e'
# cyan: '0x497e7a'
# white: '0x9a9a9a'
# Indexed Colors
#
# The indexed colors include all colors from 16 to 256.
# When these are not set, they're filled with sensible defaults.
#
# Example:
# `- { index: 16, color: '0xff00ff' }`
#
indexed_colors: []
scrolling:
# Maximum number of lines in the scrollback buffer.
# Specifying '0' will disable scrolling.
history: 10000
# Number of lines the viewport will move for every line scrolled when
# scrollback is enabled (history > 0).
multiplier: 3
font:
size: 11.0
hints:
enabled:
# Disable opening links when clicked
- regex:
"(ipfs:|ipns:|magnet:|mailto:|gemini:|gopher:|https:|http:|news:|file:|git:|ssh:|ftp:)\
[^\u0000-\u001F\u007F-\u009F<>\"\\s{-}\\^⟨⟩`]+"
command: xdg-open
post_processing: true
mouse:
enabled: false
mods: None

4
ansible/roles/alacritty/tasks/peruser.yaml
Unescape Escape View File

@ -19,8 +19,8 @@
owner: "{{ account_name.stdout }}"
group: "{{ group_name.stdout }}"
loop:
- src: alacritty.toml
dest: .config/alacritty/alacritty.toml
- src: alacritty.yml
dest: .config/alacritty/alacritty.yml
- import_tasks: tasks/peruser_freebsd.yaml
when: 'os_flavor == "freebsd"'

4
ansible/roles/android/tasks/linux.yaml
Unescape Escape View File

@ -13,12 +13,10 @@
# name: []
# state: present
# update_cache: true
- name: Install packages
package:
name:
- gvfs
- gvfs-mtp
- android-udev # Access android over USB without root.
- android-tools # For fastboot to flash phones.
state: present

24
ansible/roles/base/files/alacritty.termcap
Unescape Escape View File

@ -0,0 +1,24 @@
# Reconstructed via infocmp from file: /usr/share/terminfo/a/alacritty
# (untranslatable capabilities removed to fit entry within 1023 bytes)
# (sgr removed to fit entry within 1023 bytes)
# (acsc removed to fit entry within 1023 bytes)
# (terminfo-only capabilities suppressed to fit entry within 1023 bytes)
alacritty|alacritty terminal emulator:\
:am:bs:hs:mi:ms:xn:\
:co#80:it#8:li#24:\
:AL=\E[%dL:DC=\E[%dP:DL=\E[%dM:DO=\E[%dB:IC=\E[%d@:\
:K2=\EOE:LE=\E[%dD:RI=\E[%dC:SF=\E[%dS:SR=\E[%dT:\
:UP=\E[%dA:ae=\E(B:al=\E[L:as=\E(0:bl=^G:bt=\E[Z:cd=\E[J:\
:ce=\E[K:cl=\E[H\E[2J:cm=\E[%i%d;%dH:cr=\r:\
:cs=\E[%i%d;%dr:ct=\E[3g:dc=\E[P:dl=\E[M:do=\n:\
:ds=\E]2;\007:ec=\E[%dX:ei=\E[4l:fs=^G:ho=\E[H:im=\E[4h:\
:is=\E[!p\E[?3;4l\E[4l\E>:k1=\EOP:k2=\EOQ:k3=\EOR:\
:k4=\EOS:k5=\E[15~:k6=\E[17~:k7=\E[18~:k8=\E[19~:\
:k9=\E[20~:kD=\E[3~:kI=\E[2~:kN=\E[6~:kP=\E[5~:kb=\177:\
:kd=\EOB:ke=\E[?1l\E>:kh=\EOH:kl=\EOD:kr=\EOC:\
:ks=\E[?1h\E=:ku=\EOA:le=^H:mb=\E[5m:md=\E[1m:me=\E[0m:\
:mh=\E[2m:mm=\E[?1034h:mo=\E[?1034l:mr=\E[7m:nd=\E[C:\
:rc=\E8:sc=\E7:se=\E[27m:sf=\n:so=\E[7m:sr=\EM:st=\EH:ta=^I:\
:te=\E[?1049l\E[23;0;0t:ti=\E[?1049h\E[22;0;0t:\
:ts=\E]2;:ue=\E[24m:up=\E[A:us=\E[4m:vb=\E[?5h\E[?5l:\
:ve=\E[?12l\E[?25h:vi=\E[?25l:vs=\E[?12;25h:

1
ansible/roles/base/files/cleartmp_rc.conf
Unescape Escape View File

@ -1 +0,0 @@
clear_tmp_enable="YES"

15
ansible/roles/base/files/gitconfig_home
Unescape Escape View File

@ -18,18 +18,3 @@
date = local
[init]
defaultBranch = main
# Use meld for `git difftool` and `git mergetool`
[diff]
tool = meld
[difftool]
prompt = false
[difftool "meld"]
cmd = meld "$LOCAL" "$REMOTE"
[merge]
tool = meld
[mergetool "meld"]
# Make the middle pane start with partially-merged contents:
cmd = meld "$LOCAL" "$MERGED" "$REMOTE" --output "$MERGED"
# Make the middle pane start without any merge progress:
# cmd = meld "$LOCAL" "$BASE" "$REMOTE" --output "$MERGED"

37
ansible/roles/base/files/gitconfig_work
Unescape Escape View File

@ -1,37 +0,0 @@
[user]
email = ThomasA.Alexander@hmhn.org
name = Tom Alexander
signingkey = D3A179C9A53C0EDE
[push]
default = simple
[alias]
lg = log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit
bh = log --oneline --branches=* --remotes=* --graph --decorate
amend = commit --amend --no-edit
[core]
excludesfile = ~/.gitignore_global
[commit]
gpgsign = true
[pull]
rebase = true
[log]
date = local
[init]
defaultBranch = main
# Use meld for `git difftool` and `git mergetool`
[diff]
tool = meld
[difftool]
prompt = false
[difftool "meld"]
cmd = meld "$LOCAL" "$REMOTE"
[merge]
tool = meld
[mergetool "meld"]
# Make the middle pane start with partially-merged contents:
cmd = meld "$LOCAL" "$MERGED" "$REMOTE" --output "$MERGED"
# Make the middle pane start without any merge progress:
# cmd = meld "$LOCAL" "$BASE" "$REMOTE" --output "$MERGED"
[includeIf "gitdir:/bridge/"]
path = /bridge/git/machine_setup/ansible/roles/base/files/gitconfig_home

2
ansible/roles/base/files/login.conf
Unescape Escape View File

@ -32,7 +32,7 @@ default:\
:cputime=unlimited:\
:datasize=unlimited:\
:stacksize=unlimited:\
:memorylocked=128M:\
:memorylocked=64K:\
:memoryuse=unlimited:\
:filesize=unlimited:\
:coredumpsize=unlimited:\

2
ansible/roles/base/files/odofreebsd_rc.conf
Unescape Escape View File

@ -1,6 +1,8 @@
clear_tmp_enable="YES"
syslogd_flags="-ss"
sendmail_enable="NONE"
hostname="odo"
sshd_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="NO"
zfs_enable="YES"

1
ansible/roles/base/meta/main.yaml
Unescape Escape View File

@ -1,3 +1,2 @@
dependencies:
- fstab
- termcap

16
ansible/roles/base/tasks/common.yaml
Unescape Escape View File

@ -16,18 +16,20 @@
- wget
- colordiff
- ipcalc
- kdiff3
- tcpdump
- moreutils # for ts [%Y-%m-%d %H:%M:%.S]
- ddrescue
state: present
- name: Install packages
when: install_graphics
package:
name:
- kdiff3
- meld
state: present
- name: Set timezone
file:
src: "/usr/share/zoneinfo/{{ timezone|default('UTC') }}"
dest: /etc/localtime
owner: root
# TODO: Arch Linux is changing the group to root instead of wheel. Maybe make this a variable?
group: wheel
state: link
- name: Install scripts
copy:

38
ansible/roles/base/tasks/freebsd.yaml
Unescape Escape View File

@ -1,11 +1,3 @@
- name: Set timezone
file:
src: "/usr/share/zoneinfo/{{ timezone|default('UTC') }}"
dest: /etc/localtime
owner: root
group: wheel
state: link
- name: Install packages
package:
name:
@ -15,15 +7,27 @@
- rust-coreutils
state: present
- name: Install service configuration
copy:
src: "files/{{ item }}_rc.conf"
dest: "/etc/rc.conf.d/{{ item }}"
mode: 0644
owner: root
group: wheel
loop:
- cleartmp
- name: See if the alacritty termcap has been added
lineinfile:
name: /usr/share/misc/termcap
regexp: |-
^alacritty\|
state: absent
check_mode: yes
changed_when: false
register: alacritty_cap
- name: Append alacritty termcap info
blockinfile:
path: /usr/share/misc/termcap
block: "{{ lookup('file', 'alacritty.termcap') }}"
marker: "# {mark} ANSIBLE MANAGED BLOCK alacritty"
when: not alacritty_cap.found
register: wrote_alacritty_cap
- name: Update cap_mkdb
command: cap_mkdb /usr/share/misc/termcap
when: wrote_alacritty_cap.changed
- name: Install login.conf
copy:

48
ansible/roles/base/tasks/linux.yaml
Unescape Escape View File

@ -1,11 +1,3 @@
- name: Set timezone
file:
src: "/usr/share/zoneinfo/{{ timezone|default('UTC') }}"
dest: /etc/localtime
owner: root
group: root
state: link
- name: Install packages
package:
name:
@ -16,7 +8,6 @@
- man-db
- uutils-coreutils
- usbutils # for lsusb
- bolt
state: present
- name: Start pkgfile update service
@ -26,6 +17,17 @@
daemon_reload: yes
enabled: yes
# Of questionable value since I don't use swap on my machines
- name: Configure sysctls for swap
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
sysctl_file: /etc/sysctl.d/swap.conf
loop:
- name: vm.swappiness
value: 10
- name: Install scripts
copy:
src: "files/{{ item.src }}"
@ -38,31 +40,3 @@
dest: /usr/local/bin/mount_disk_image
- src: watch_linux
dest: /usr/local/bin/ww
- name: Configure sysctls
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
sysctl_file: /etc/sysctl.d/{{ item.file }}
loop:
# Of questionable value since I don't use swap on my machines
- name: vm.swappiness
value: 10
file: swap.conf
# Enable TCP packetization-layer PMTUD when an ICMP black hole is detected.
- name: net.ipv4.tcp_mtu_probing
value: 1
file: tcp.conf
# Switch to bbr tcp congestion control which should be better on lossy connections like bad wifi.
- name: net.ipv4.tcp_congestion_control
value: bbr
file: tcp.conf
# Don't do a slow start after a connection has been idle for a single RTO.
- name: net.ipv4.tcp_slow_start_after_idle
value: 0
file: tcp.conf
# 3x time to accumulate filesystem changes before flushing to disk.
- name: vm.dirty_writeback_centisecs
value: 1500
file: power.conf

7
ansible/roles/bhyve/files/bhyve_netgraph_bridge.bash
Unescape Escape View File

@ -74,6 +74,13 @@ function main {
fi
}
function die {
local status_code="$1"
shift
(>&2 echo "${@}")
exit "$status_code"
}
function create_disk {
local zfs_path="$1"
local mount_path="$2"

2
ansible/roles/build/defaults/main.yaml
Unescape Escape View File

@ -0,0 +1,2 @@
# freebsd_version: "releng/13.2"
freebsd_version: "9c80d66ec1b4c5b9ac7aaf5b0fdbb1628d49c181"

6
ansible/roles/build/files/CUSTOM
Unescape Escape View File

@ -0,0 +1,6 @@
include GENERIC-NODEBUG
# Disable Intel SD/MMC controller for reading eMMC
nodevice sdhci
ident CUSTOM

12
ansible/roles/build/files/aurutils-nuke
Unescape Escape View File

@ -1,12 +0,0 @@
#!/usr/bin/env bash
#
# If something is very wrong in pacman, this removes the keyring and the entire custom repo, then sets up pacman's keyring again. Running the ansible playbook is necessary to get the custom repo added.
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
doas rm -rf /var/cache/pacman/custom/ /etc/pacman.d/conf.d/aurutils.conf
doas rm -rf /etc/pacman.d/gnupg
doas pacman-key --init
doas pacman-key --populate archlinux
doas pacman -S archlinux-keyring

26
ansible/roles/build/files/find_packages_that_installed_kernel_modules.bash
Unescape Escape View File

@ -0,0 +1,26 @@
#!/usr/bin/env bash
#
# List installed packages that install a kernel module.
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: ${PORTSDIR:="/usr/ports"}
function main {
if [ "$#" -ne 0 ]; then
(>&2 echo "This script takes no positional parameters.")
exit 1
fi
local module
doas find / -type f -name '*.ko' | sort | while read module; do
local provides=$(pkg provides "$module")
if [ -n "$provides" ]; then
package_name=$(grep 'Name : ' <<<"$provides" | sed 's/Name : //g')
# module_file=$(grep 'Filename: ' <<<"$provides" | sed 's/Filename: //g')
echo "$package_name"
fi
done
}
main "${@}"

36
ansible/roles/build/files/find_popular_ports_options.bash
Unescape Escape View File

@ -0,0 +1,36 @@
#!/usr/bin/env bash
#
# Find which port options appear the most in ports.
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: ${PORTSDIR:="/usr/ports"}
function main {
if [ "$#" -ne 0 ]; then
(>&2 echo "This script takes no positional parameters.")
exit 1
fi
local folder
find_port_folders | while read folder; do
set +e
dump_port_options "$folder"
set -e
done | sort | uniq -c | sort -nr
}
function find_port_folders {
local mf
find "$PORTSDIR" -type f -name Makefile -mindepth 3 -maxdepth 3 | sort | while read mf; do
dirname "$mf"
done
}
function dump_port_options {
local folder="$1"
local portopts=$(make -C "$folder" -V OPTIONS_DEFINE)
echo "$portopts" | grep -oE --line-buffered '[^ ]*'
}
main "${@}"

41
ansible/roles/build/files/find_ports_containing_option.bash
Unescape Escape View File

@ -0,0 +1,41 @@
#!/usr/bin/env bash
#
# List ports containing an option matching the first parameter to the script.
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: ${PORTSDIR:="/usr/ports"}
function main {
if [ "$#" -ne 1 ]; then
(>&2 echo "Pass exactly 1 option name to this script.")
exit 1
fi
local find_option_name=$1
local folder
find_port_folders | while read folder; do
set +e
dump_port_options "$folder" | grep -qE "^${find_option_name}$"
has_opt=$?;
set -e
if [ $has_opt -eq 0 ]; then
echo "$folder"
fi
done
}
function find_port_folders {
local mf
find "$PORTSDIR" -type f -name Makefile -mindepth 3 -maxdepth 3 | sort | while read mf; do
dirname "$mf"
done
}
function dump_port_options {
local folder="$1"
local portopts=$(make -C "$folder" -V OPTIONS_DEFINE)
echo "$portopts" | grep -oE --line-buffered '[^ ]*'
}
main "${@}"

20
ansible/roles/build/files/freebsd_update_step1
Unescape Escape View File

@ -0,0 +1,20 @@
#!/usr/bin/env bash
#
# Build and installs whatever is in /usr/src. Run step 1, reboot, then step 2.
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
cores=$(sysctl -n hw.ncpu)
if sudo etcupdate status | grep -qE '^ C '; then
>&2 echo 'Conflicts remain in etcupdate. Run `etcupdate resolve` to fix them first.'
exit 1
fi
cd /usr/src
make -j "$cores" clean
make -j "$cores" buildworld buildkernel
sudo make installkernel
echo "FreeBSD update step 1 done. Please reboot."

19
ansible/roles/build/files/freebsd_update_step2
Unescape Escape View File

@ -0,0 +1,19 @@
#!/usr/bin/env bash
#
# Build and installs whatever is in /usr/src. Run step 1, reboot, then step 2.
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
sudo etcupdate -p
cd /usr/src
sudo make installworld
sudo etcupdate -B
if sudo etcupdate status | grep -qE '^ C '; then
>&2 echo 'Conflicts in etcupdate. Run `etcupdate resolve` to fix them first.'
exit 1
fi
echo "FreeBSD update step 2 done. Please reboot."

27
ansible/roles/build/files/gpg_work.asc
Unescape Escape View File

@ -1,27 +0,0 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEXZwWGhYJKwYBBAHaRw8BAQdAfv7qozKkmf4D+5PDzADsMm4aAKDGLha7+Cu0
0H+RsWG0LVRob21hcyBBbGV4YW5kZXIgPFRob21hc0EuQWxleGFuZGVyQGhtaG4u
b3JnPoiQBBMWCAA4FiEEuEgVk2PCh3kXlUvhJ95A2bhFXBsFAmULicsCGwMFCwkI
BwIGFQoJCAsCBBYCAwECHgECF4AACgkQJ95A2bhFXBsUtQD9GWPdWc/nSmO0Gp7p
DzxrieliriAnO+ZCHp31mFbMtToBAPxPYN9y4kgSiXhLiFLoRK5k5FCspksTSitg
0CbXDE4LuDgEXZwWGhIKKwYBBAGXVQEFAQEHQK202EIAwTBuxARUygOvn+AloMJd
ui39m+nMghn1MNo+AwEIB4h4BBgWCAAgFiEEuEgVk2PCh3kXlUvhJ95A2bhFXBsF
Al2cFhoCGwwACgkQJ95A2bhFXBtNzAEAq5I6xPjIbb23xmhxh5cM/UJxdGedfWMy
vF6/JtDvtPUBAPQRQn5AMwTOA+CSnliYf7ZjfVOlHscy60XWPlvXLoAJuDMEXZwW
yhYJKwYBBAHaRw8BAQdAPyIL4EGg4T5JO9q2kpVDy2WjMiXz3nZXwYW4GLoTYkiI
9QQYFggAJgIbAhYhBLhIFZNjwod5F5VL4SfeQNm4RVwbBQJlC4ZhBQkLMdaXAIF2
IAQZFggAHRYhBIHmRDmWdVAusSUWutOhecmlPA7eBQJdnBbKAAoJENOhecmlPA7e
jJ4A/iq7N2mMhx+ovOXm1REoASPF3l4YAAjOHsXqcPtFHKGJAQCiuA71d6CQ+qNZ
Luka/KVB/etkkJvDzvaTtiQQQG+gAwkQJ95A2bhFXBtRDgEAqymMavroD5c/4+M/
EZ3/d8wxfA9E3Fb/1mt4c2ZrNnkBAKYOM+pz/pncFnV+kF7h7TQEEYuGw1JhJVT/
duA4lwsLuDMEXZwXARYJKwYBBAHaRw8BAQdAa76TmWuKuiR1bnNV1FUE6oQ4C8A+
UiQb8x0k1z2DmTKIfgQYFggAJgIbIBYhBLhIFZNjwod5F5VL4SfeQNm4RVwbBQJl
C4ZwBQkLMdZgAAoJECfeQNm4RVwb8TkA/RkBu9Ev8iDE5nvn8YF8FRiY56Z5d+SB
PG4VvrCzXrmlAP46wUjIRpkMrTbb1GMbvYnkeOrBs/qiWjEtHHc3ZLMWD7g4BF2c
FygSCisGAQQBl1UBBQEBB0AO0t3BUxLuokTqKVcheFAZd4UKxAGznPQlvsVyhWWI
EgMBCAeIfgQYFggAJgIbDBYhBLhIFZNjwod5F5VL4SfeQNm4RVwbBQJlC4ZwBQkL
MdY5AAoJECfeQNm4RVwbXscA/A8zRRTCwQKxJ8iz5jmTcVFAhl2vD781Dtv8NvcW
d5t8APwIwcuFVZZA3yayhIxi3aqYpMRxpn2t6Nswax1MIM8DBQ==
=0HtE
-----END PGP PUBLIC KEY BLOCK-----

0
ansible/roles/noise_suppression/tasks/peruser_freebsd.yaml → ansible/roles/build/files/make.conf
Unescape Escape View File

0
ansible/roles/build/files/pacman-x86_64.conf → ansible/roles/build/files/pacman-custom.conf
Unescape Escape View File

100
ansible/roles/build/tasks/freebsd.yaml
Unescape Escape View File

@ -0,0 +1,100 @@
- name: Install packages
package:
name:
- git
state: present
- name: Create directories
file:
name: "{{ item }}"
state: directory
mode: 0755
owner: "{{ build_user.name }}"
group: "{{ build_user.group }}"
loop:
- "/usr/src"
# - "/usr/ports"
- "/usr/obj"
- name: chown the FreeBSD source
file:
name: "{{ item }}"
state: directory
owner: "{{ build_user.name }}"
group: "{{ build_user.group }}"
recurse: true
loop:
- "/usr/src"
- name: Clone FreeBSD Source
git:
repo: "https://git.FreeBSD.org/src.git"
dest: /usr/src
version: "{{ freebsd_version }}"
force: true
become: true
become_user: "{{ build_user.name }}"
diff: false
# - name: Clone Ports Tree
# git:
# repo: "https://git.FreeBSD.org/ports.git"
# dest: /usr/ports
# version: "main"
# force: true
# update: false
# become: true
# become_user: "{{ build_user.name }}"
# diff: false
- name: Install Configuration
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0644
owner: root
group: wheel
loop:
- src: make.conf
dest: /etc/make.conf
- name: Install Configuration
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0644
owner: "{{ build_user.name }}"
group: "{{ build_user.group }}"
loop:
- src: CUSTOM
dest: /usr/src/sys/amd64/conf/CUSTOM
- name: Install Configuration
template:
src: "templates/{{ item.src }}.j2"
dest: "{{ item.dest }}"
mode: 0644
owner: root
group: wheel
loop:
- src: src.conf
dest: /etc/src.conf
- name: Install scripts
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0700
owner: "{{ build_user.name }}"
group: "{{ build_user.group }}"
loop:
- src: freebsd_update_step1
dest: /usr/local/bin/freebsd_update_step1
- src: freebsd_update_step2
dest: /usr/local/bin/freebsd_update_step2
- src: find_popular_ports_options.bash
dest: /usr/local/bin/find_popular_ports_options
- src: find_ports_containing_option.bash
dest: /usr/local/bin/find_ports_containing_option
- src: find_packages_that_installed_kernel_modules.bash
dest: /usr/local/bin/find_packages_that_installed_kernel_modules

16
ansible/roles/build/tasks/linux.yaml
Unescape Escape View File

@ -39,7 +39,7 @@
- name: Trust my signing key
command: pacman-key -a -
args:
stdin: "{{ lookup('file', pgp_key|default('gpg.asc')) }}"
stdin: "{{ lookup('file', 'gpg.asc') }}"
when: '"B848159363C2877917954BE127DE40D9B8455C1B" not in pacmankeys.stdout'
register: my_key_imported
@ -89,21 +89,13 @@
loop:
- src: aurutils.conf
dest: /etc/pacman.d/conf.d/
- src: pacman-x86_64.conf
- src: pacman-custom.conf
dest: /etc/aurutils/
- src: makepkg.conf # TODO: Is this needed or can I use the default from devtools?
dest: /etc/aurutils/
- name: chown the custom package db
file:
path: "{{ item }}"
owner: "{{ build_user.name }}"
recurse: true
loop:
- /var/cache/pacman/custom/
- name: Create custom repo db
command: repo-add --new --sign /var/cache/pacman/custom/custom.db.tar "/home/{{ build_user.name }}/.config/ansible_deploy/aurutils/aurutils-*-any.pkg.tar.*"
command: repo-add --sign /var/cache/pacman/custom/custom.db.tar
become: true
become_user: "{{ build_user.name }}"
args:
@ -119,8 +111,6 @@
loop:
- src: aurutils-purge
dest: /usr/local/bin/aurutils-purge
- src: aurutils-nuke
dest: /usr/local/bin/aurutils-nuke
- src: aurutils-sync
dest: /usr/local/bin/aurutils-sync
- src: aurutils-update-devel-packages

9
ansible/roles/poudriere/files/currentznver4_src.conf → ansible/roles/build/templates/src.conf.j2
Unescape Escape View File

@ -1,7 +1,13 @@
CPUTYPE?=znver4
{% if cpu_opt is defined and cpu_opt %}
CPUTYPE?={{ cpu_opt }}
{% endif %}
KERNCONF=CUSTOM
WITH_MALLOC_PRODUCTION=YES
WITHOUT_LLVM_ASSERTIONS=YES
WITH_REPRODUCIBLE_BUILD=YES
PORTS_MODULES+=graphics/drm-kmod
PORTS_MODULES+=graphics/gpu-firmware-intel-kmod
PORTS_MODULES+=net/wireguard-kmod
# Would be fun to experiment with:
# WITHOUT_SOURCELESS=YES
@ -25,6 +31,5 @@ WITHOUT_HTML=YES
WITHOUT_IPFW=YES
WITHOUT_IPFILTER=YES
WITHOUT_LLVM_TARGET_ALL=YES
# Commented out because maybe I want email alerts for failing disks
# WITHOUT_MAIL=YES

0
ansible/roles/cpu/files/cpu_set_perf_perc_linux_intel → ansible/roles/cpu/files/cpu_set_perf_perc_linux
Unescape Escape View File

29
ansible/roles/cpu/files/cpu_set_perf_perc_linux_amd
Unescape Escape View File

@ -1,29 +0,0 @@
#!/usr/bin/env bash
#
# Tell hardware p-states whether to maximize CPU performance (100) or
# energy efficiency (0).
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
perc=$1
if [ "$perc" -gt 80 ]; then
echo performance | tee /sys/firmware/acpi/platform_profile
elif [ "$perc" -ge 20 ]; then
echo balanced | tee /sys/firmware/acpi/platform_profile
else
echo low-power | tee /sys/firmware/acpi/platform_profile
fi
if [ "$perc" -ge 80 ]; then
echo "performance" | tee /sys/devices/system/cpu/cpufreq/policy*/energy_performance_preference
elif [ "$perc" -ge 60 ]; then
echo "balance_performance" | tee /sys/devices/system/cpu/cpufreq/policy*/energy_performance_preference
elif [ "$perc" -ge 40 ]; then
echo "default" | tee /sys/devices/system/cpu/cpufreq/policy*/energy_performance_preference
elif [ "$perc" -ge 20 ]; then
echo "balance_power" | tee /sys/devices/system/cpu/cpufreq/policy*/energy_performance_preference
else
echo "power" | tee /sys/devices/system/cpu/cpufreq/policy*/energy_performance_preference
fi

0
ansible/roles/cpu/files/per_core_hwpstate_loader.conf → ansible/roles/cpu/files/percorespeedshift_loader.conf
Unescape Escape View File

2
ansible/roles/cpu/files/platform_profile_tmpfiles.conf
Unescape Escape View File

@ -1,2 +0,0 @@
# Favor energy efficiency for platform profile (EC / system, not CPU)
w- /sys/firmware/acpi/platform_profile - - - - low-power

11
ansible/roles/cpu/tasks/freebsd_amd.yaml
Unescape Escape View File

@ -27,14 +27,3 @@
group: wheel
loop:
- aesni
- name: Install loader.conf
when: hwpstate is defined and hwpstate
copy:
src: "files/{{ item }}_loader.conf"
dest: "/boot/loader.conf.d/{{ item }}.conf"
mode: 0644
owner: root
group: wheel
loop:
- per_core_hwpstate

2
ansible/roles/cpu/tasks/freebsd_intel.yaml
Unescape Escape View File

@ -78,4 +78,4 @@
owner: root
group: wheel
loop:
- per_core_hwpstate
- percorespeedshift

40
ansible/roles/cpu/tasks/linux_amd.yaml
Unescape Escape View File

@ -1,40 +0,0 @@
- name: Install packages
package:
name:
- powertop
state: present
- name: Favor energy efficiency for hardware p-states
when: hwpstate is defined and hwpstate and cores is defined
template:
src: "templates/{{ item.src }}.j2"
dest: "{{ item.dest }}"
mode: 0644
owner: root
group: wheel
loop:
- src: energy_performance_preference.conf
dest: /etc/tmpfiles.d/energy_performance_preference.conf
- name: Install tmpfiles.d configuration
when: hwpstate is defined and hwpstate and cores is defined
copy:
src: "files/{{ item }}_tmpfiles.conf"
dest: "/etc/tmpfiles.d/{{ item }}.conf"
mode: 0644
owner: root
group: wheel
loop:
- platform_profile
- name: Install scripts
when: hwpstate is defined and hwpstate
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0755
owner: root
group: wheel
loop:
- src: cpu_set_perf_perc_linux_amd
dest: /usr/local/bin/cpu_set_perf_perc

42
ansible/roles/cpu/tasks/linux_intel.yaml
Unescape Escape View File

@ -4,27 +4,27 @@
- powertop
state: present
- name: Install tmpfiles.d configuration
copy:
src: "files/{{ item }}_tmpfiles.conf"
dest: "/etc/tmpfiles.d/{{ item }}.conf"
mode: 0644
owner: root
group: wheel
loop:
- disable_turboboost
# - name: Install tmpfiles.d configuration
# copy:
# src: "files/{{ item }}_tmpfiles.conf"
# dest: "/etc/tmpfiles.d/{{ item }}.conf"
# mode: 0644
# owner: root
# group: wheel
# loop:
# - disable_turboboost
- name: Favor energy efficiency for Speed Shift
when: hwpstate is defined and hwpstate and cores is defined
template:
src: "templates/{{ item.src }}.j2"
dest: "{{ item.dest }}"
mode: 0644
owner: root
group: wheel
loop:
- src: energy_performance_preference.conf
dest: /etc/tmpfiles.d/energy_performance_preference.conf
# - name: Favor energy efficiency for Speed Shift
# when: hwpstate is defined and hwpstate and cores is defined
# template:
# src: "templates/{{ item.src }}.j2"
# dest: "{{ item.dest }}"
# mode: 0755
# owner: root
# group: wheel
# loop:
# - src: energy_performance_preference.conf
# dest: /etc/tmpfiles.d/energy_performance_preference.conf
- name: Install scripts
when: hwpstate is defined and hwpstate
@ -35,5 +35,5 @@
owner: root
group: wheel
loop:
- src: cpu_set_perf_perc_linux_intel
- src: cpu_set_perf_perc_linux
dest: /usr/local/bin/cpu_set_perf_perc

2
ansible/roles/cpu/templates/energy_performance_preference.conf.j2
Unescape Escape View File

@ -1,4 +1,4 @@
# Favor energy efficiency for hardware p-states
# Favor energy efficiency for Speed Shift
{% for core in range(0, cores, 1) %}
w- /sys/devices/system/cpu/cpufreq/policy{{core}}/energy_performance_preference - - - - power
{% endfor %}

4
ansible/roles/emacs/files/early-init.el
Unescape Escape View File

@ -1,6 +1,6 @@
(setq gc-cons-threshold (* 128 1024 1024)) ;; Increase garbage collection threshold for performance (default 800000)
(setq gc-cons-threshold 100000000) ;; Increase garbage collection threshold for performance (default 800000)
;; Increase amount of data read from processes, default 4k
(when (version<= "27.0" emacs-version)
(when (>= emacs-major-version 27)
(setq read-process-output-max (* 1024 1024)) ;; 1mb
)

16
ansible/roles/emacs/files/elisp/base.el
Unescape Escape View File

@ -36,8 +36,6 @@
;; Don't pop up a small window at the bottom of emacs at launch.
inhibit-startup-screen t
inhibit-startup-message t
;; Don't show the list of buffers when opening many files.
inhibit-startup-buffer-menu t
;; Give the scratch buffer a clean slate.
initial-major-mode 'fundamental-mode
initial-scratch-message nil
@ -77,18 +75,4 @@
;; Delete trailing whitespace before save
(add-hook 'before-save-hook 'delete-trailing-whitespace)
;; If the underlying file changes, reload it automatically. This is useful for moving around in git without confusing language servers.
(setopt auto-revert-avoid-polling t)
(setopt auto-revert-interval 5)
(setopt auto-revert-check-vc-info t)
(global-auto-revert-mode)
;;;;; Performance
;; Run garbage collect when emacs is idle
(run-with-idle-timer 5 t (lambda () (garbage-collect)))
(add-function :after after-focus-change-function
(lambda ()
(unless (frame-focus-state)
(garbage-collect))))
(provide 'base)

1
ansible/roles/emacs/files/elisp/common-lsp.el
Unescape Escape View File

@ -38,7 +38,6 @@
:hook (eglot-managed-mode . company-mode)
:config
(setq company-backends '((company-capf)))
(setq company-idle-delay 0) ;; Default 0.2
)
;; (use-package company-box

72
ansible/roles/emacs/files/elisp/lang-javascript.el
Unescape Escape View File

@ -23,52 +23,6 @@
(run-command-on-buffer "jq" "--monochrome-output" ".")
)
(defun configure-typescript-language-server ()
"Configures the typescript language server."
(when-linux
;; Either initializationOptions or workspace/didChangeConfiguration works.
(setq eglot-workspace-configuration
(list (cons ':typescript '(:inlayHints (:includeInlayParameterNameHints
"all"
:includeInlayParameterNameHintsWhenArgumentMatchesName
t
:includeInlayFunctionParameterTypeHints
t
:includeInlayVariableTypeHints
t
:includeInlayVariableTypeHintsWhenTypeMatchesName
t
:includeInlayPRopertyDeclarationTypeHints
t
:includeInlayFunctionLikeReturnTypeHints
t
:includeInlayEnumMemberValueHints
t)))))
(eglot-ensure)
;; (defclass my/eglot-typescript (eglot-lsp-server) ()
;; :documentation
;; "Own eglot server class.")
;; (add-to-list 'eglot-server-programs
;; '((js-mode js-ts-mode tsx-ts-mode typescript-ts-mode typescript-mode) . (my/eglot-typescript "typescript-language-server" "--stdio" :initializationOptions (:preferences (:includeInlayParameterNameHints
;; "all"
;; :includeInlayParameterNameHintsWhenArgumentMatchesName
;; t
;; :includeInlayFunctionParameterTypeHints
;; t
;; :includeInlayVariableTypeHints
;; t
;; :includeInlayVariableTypeHintsWhenTypeMatchesName
;; t
;; :includeInlayPRopertyDeclarationTypeHints
;; t
;; :includeInlayFunctionLikeReturnTypeHints
;; t
;; :includeInlayEnumMemberValueHints
;; t)))))
)
)
(use-package tsx-ts-mode
:ensure nil
:pin manual
@ -79,7 +33,7 @@
:hook (
(tsx-ts-mode . (lambda ()
(when-linux
(configure-typescript-language-server)
(eglot-ensure)
)
))
)
@ -98,7 +52,9 @@
:commands (typescript-ts-mode)
:hook (
(typescript-ts-mode . (lambda ()
(configure-typescript-language-server)
(when-linux
(eglot-ensure)
)
))
)
:init
@ -125,12 +81,6 @@
(unless (treesit-ready-p 'javascript) (treesit-install-language-grammar 'javascript))
)
(defun prettier-fmt ()
"Run prettier."
(run-command-on-buffer "prettier" "--stdin-filepath" buffer-file-name)
)
(use-package css-ts-mode
:ensure nil
:pin manual
@ -138,23 +88,9 @@
("\\.css\\'" . css-ts-mode)
)
:commands (css-ts-mode)
:custom (css-indent-offset 2)
:init
(add-to-list 'treesit-language-source-alist '(css "https://github.com/tree-sitter/tree-sitter-css"))
(unless (treesit-ready-p 'css) (treesit-install-language-grammar 'css))
:hook (
(css-ts-mode . (lambda ()
(eglot-ensure)
(defclass my/eglot-css (eglot-lsp-server) ()
:documentation
"Own eglot server class.")
(add-to-list 'eglot-server-programs
'(css-ts-mode . (my/eglot-css "vscode-css-language-server" "--stdio")))
;; (add-hook 'before-save-hook 'eglot-format-buffer nil 'local)
(add-hook 'before-save-hook 'prettier-fmt nil 'local)
))
)
)

34
ansible/roles/emacs/files/elisp/lang-python.el
Unescape Escape View File

@ -57,29 +57,19 @@
:pin manual
:hook (
(python-ts-mode . (lambda ()
(when-linux
(when (executable-find "poetry")
(add-poetry-venv-to-path)
(let ((venv (locate-venv-poetry))) (when venv
(setq eglot-workspace-configuration
(list (cons ':python (list ':venvPath venv ':pythonPath (concat venv "/bin/python")))))
))
)
(eglot-ensure)
)
(when (executable-find "poetry")
(add-poetry-venv-to-path)
(let ((venv (locate-venv-poetry))) (when venv
(setq eglot-workspace-configuration
(list (cons ':python (list ':venvPath venv ':pythonPath (concat venv "/bin/python")))))
))
)
(when-linux
(eglot-ensure)
)
;; (when-freebsd
;; (eglot-ensure)
;; (defclass my/eglot-pylyzer (eglot-lsp-server) ()
;; :documentation
;; "Own eglot server class.")
;; (add-to-list 'eglot-server-programs
;; '(python-ts-mode . (my/eglot-pylyzer "pylyzer" "--server")))
;; )
(add-hook 'before-save-hook 'python-fmt nil 'local)
))
(add-hook 'before-save-hook 'python-fmt nil 'local)
))
)
:bind ((:map python-ts-mode-map ([backspace] . python-backspace))
)

2
ansible/roles/emacs/files/elisp/util-vertico.el
Unescape Escape View File

@ -21,7 +21,7 @@
(vertico-count 20)
)
;; Create an ido/ivy-like experience when selecting files.
;; Create an ivy-like experience when selecting files.
(use-package vertico-directory
:after vertico
:ensure nil

2
ansible/roles/emacs/meta/main.yaml
Unescape Escape View File

@ -3,5 +3,3 @@ dependencies:
- fonts
- role: rust
when: 'emacs_flavor == "full"'
- role: python
when: 'emacs_flavor == "full"'

1
ansible/roles/emacs/tasks/common.yaml
Unescape Escape View File

@ -3,7 +3,6 @@
package:
name:
- aspell
- graphviz # used for exporting graphviz dot charts from org-mode
state: present
- name: Install scripts

9
ansible/roles/emacs/tasks/freebsd.yaml
Unescape Escape View File

@ -1,17 +1,9 @@
- name: Install packages
when: install_graphics
package:
name:
- emacs
state: present
- name: Install packages
when: not install_graphics
package:
name:
- emacs-nox
state: present
- name: Install packages
when: 'emacs_flavor == "full"'
package:
@ -26,6 +18,7 @@
- py39-black
- zip # for odt export from org-mode
- gnuplot # used for exporting graphs from org-mode
- graphviz # used for exporting graphviz dot charts from org-mode
# - pyright
- sqlite3 # for sqlite code blocks in org-mode
# - terraform-ls # Terraform language server

1
ansible/roles/emacs/tasks/linux.yaml
Unescape Escape View File

@ -14,7 +14,6 @@
- gopls
- typescript-language-server
- shellcheck
- vscode-css-languageserver
state: present
- name: Create directories

1
ansible/roles/firefox/defaults/main.yaml
Unescape Escape View File

@ -11,4 +11,3 @@ firefox_config:
browser.newtabpage.activity-stream.showSponsoredTopSites: false
browser.newtabpage.activity-stream.feeds.section.topstories: false
browser.newtabpage.pinned: "[]"
browser.newtabpage.activity-stream.section.highlights.includePocket: false

16
ansible/roles/firewall/files/odofreebsd_pf.conf
Unescape Escape View File

@ -5,7 +5,7 @@ not_jail_nat_v4 = "{ any, !10.215.1.0/24 }"
dns_redirect = "{ 10.193.223.1 10.213.177.1 10.215.1.1 }"
dhcp = "{ bootpc, bootps }"
#allow = "{ wgf wgh drmario colo }"
allow = "{ wgf wgh drmario colo }"
tcp_pass_in = "{ 22 }"
udp_pass_in = "{ 53 51820 }"
@ -16,8 +16,8 @@ udp_pass_in = "{ 53 51820 }"
set skip on lo
# redirections
#nat pass on $ext_if inet from $jail_nat_v4 to $not_jail_nat_v4 -> (wlan0)
#rdr pass on $not_ext_if proto {tcp, udp} from any to 10.215.1.1 port 53 -> 1.1.1.1 port 53
nat pass on $ext_if inet from $jail_nat_v4 to $not_jail_nat_v4 -> (wlan0)
rdr pass on $not_ext_if proto {tcp, udp} from any to 10.215.1.1 port 53 -> 1.1.1.1 port 53
# Redirect jaeger ports to virtual machine.
# nat pass on lo inet from 127.0.0.0/24 to 127.0.0.0/24 port {6831 6832 16686 14268} -> (jail_nat)
@ -27,19 +27,19 @@ set skip on lo
block log all
pass out on $ext_if
#pass in on jail_nat
pass in on jail_nat
# Allow traffic from my machine to the jails/virtual machines
#pass out on jail_nat from $jail_nat_v4
pass out on jail_nat from $jail_nat_v4
# We pass on the interfaces listed in allow rather than skipping on
# them because changes to pass rules will update when running a
# `service pf reload` but interfaces that we `skip` will not update (I
# forget if its from adding, removing, or both. TODO: test to figure
# it out). Also skipped interfaces are not subject to nat/rdr rules.
#pass quick on $allow
pass quick on $allow
pass on $ext_if proto icmp all
pass on $ext_if proto icmp6 all
#pass in on $ext_if proto tcp to any port $tcp_pass_in
#pass in on $ext_if proto udp to any port $udp_pass_in
pass in on $ext_if proto tcp to any port $tcp_pass_in
pass in on $ext_if proto udp to any port $udp_pass_in

2
ansible/roles/fonts/tasks/freebsd.yaml
Unescape Escape View File

@ -1,7 +1,7 @@
- name: Install packages
package:
name:
- source-code-pro-ttf
- sourcecodepro-ttf
- source-sans-ttf
- cascadia-code
- noto

2
ansible/roles/framework_laptop/files/screen_brightness_tmpfiles.conf
Unescape Escape View File

@ -1,2 +0,0 @@
# Set screen brightness. Ever since enabling adaptive brightness management, my brightness ends up sinking lower on re-boots (I suspect it is saving the actual brightness rather than the set brightness). This forces the brightness back to the level I prefer.
w- /sys/class/backlight/amdgpu_bl0/brightness - - - - 85

11
ansible/roles/framework_laptop/tasks/linux.yaml
Unescape Escape View File

@ -7,14 +7,3 @@
daemon_reload: yes
loop:
- systemd-udev-settle.service
- name: Install tmpfiles.d configuration
when: hwpstate is defined and hwpstate and cores is defined
copy:
src: "files/{{ item }}_tmpfiles.conf"
dest: "/etc/tmpfiles.d/{{ item }}.conf"
mode: 0644
owner: root
group: wheel
loop:
- screen_brightness

130
ansible/roles/freebsd_update_server/files/build_release.bash
Unescape Escape View File

@ -0,0 +1,130 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: ${DATA_DIRECTORY:="/usr/local/share/freebsdupdate"}
: ${STAGE_FILE:="${DATA_DIRECTORY}/stage"}
: ${RELEASE_DIRECTORY:="${DATA_DIRECTORY}/release"}
: ${LOG_DIRECTORY:="${DATA_DIRECTORY}/logs"}
: ${PORTS_TREE:="/usr/ports"}
: ${PORTS_REPO:="https://git.FreeBSD.org/ports.git"}
############## Setup #########################
function die {
local status_code="$1"
shift
(>&2 echo "${@}")
exit "$status_code"
}
function log {
(>&2 echo "${@}")
}
############## Program #########################
function main {
assert_directories
local stage=""
if [ -e "$STAGE_FILE" ]; then
local stage=$(cat "$STAGE_FILE")
fi
if [ "$stage" = "selfbuild" ]; then
log_cmd stage_selfbuild
elif [ "$stage" = "selfinstallworld" ]; then
log_cmd stage_selfinstallworld
elif [ "$stage" = "selfconflictcheck" ]; then
log_cmd stage_selfconflictcheck
elif [ "$stage" = "releasebuild" ]; then
log_cmd stage_releasebuild
elif [ "$stage" = "done" ]; then
log_cmd stage_done
else
die 1 "Unhandled stage: \"$stage\"."
fi
}
function log_cmd {
"${@}" |& tee "$LOG_DIRECTORY/$(date +%Y%m%d-%s).log"
}
function self_conflict_check {
if etcupdate status | grep -qE '^ C '; then
die 1 'Conflicts remain in etcupdate. Run `etcupdate resolve` to fix them first.'
fi
}
function assert_directories {
for d in "$DATA_DIRECTORY" "$RELEASE_DIRECTORY" "$LOG_DIRECTORY"; do
if [ ! -e "$d" ]; then
mkdir -p "$d"
fi
done
}
function update_ports_tree {
if [ ! -e "$PORTS_TREE" ]; then
mkdir -p $PORTS_TREE
git -C $PORTS_TREE init --initial-branch=main
git -C $PORTS_TREE remote add origin $PORTS_REPO
fi
git -C $PORTS_TREE fetch origin main # 'refs/heads/main'
git -C $PORTS_TREE checkout FETCH_HEAD
}
function set_stage {
echo "${@}" > "$STAGE_FILE"
}
function stage_selfbuild {
self_conflict_check
assert_directories
update_ports_tree
SRCCONF=/dev/null __MAKE_CONF=/dev/null make -C /usr/src clean
SRCCONF=/dev/null __MAKE_CONF=/dev/null make -C /usr/src buildworld buildkernel
SRCCONF=/dev/null __MAKE_CONF=/dev/null make -C /usr/src installkernel
set_stage "selfinstallworld"
/sbin/shutdown -r now
}
function stage_selfinstallworld {
etcupdate -p
SRCCONF=/dev/null __MAKE_CONF=/dev/null make -C /usr/src installworld
etcupdate -B
set_stage "selfconflictcheck"
stage_selfconflictcheck
}
function stage_selfconflictcheck {
self_conflict_check
set_stage "releasebuild"
/sbin/shutdown -r now
}
function stage_releasebuild {
local today=$(date +%Y%m%d)
local target_directory="${RELEASE_DIRECTORY}/${today}"
if [ -e "$target_directory" ]; then
die 1 "The release directory $target_directory already exists. Exiting."
fi
SRCCONF=/dev/null __MAKE_CONF=/dev/null make -C /usr/src clean
make -C /usr/src buildworld buildkernel
make -C /usr/src/release obj
make -C /usr/src/release release
mkdir -p "$target_directory"
make -C /usr/src/release install DESTDIR="$target_directory"
set_stage "done"
}
function stage_done {
log "Everything is done."
}
main "${@}"

120
ansible/roles/freebsd_update_server/files/release.conf
Unescape Escape View File

@ -0,0 +1,120 @@
#!/bin/sh
#
## Redefine environment variables here to override prototypes
## defined in release.sh.
#load_chroot_env() { }
#load_target_env() { }
#buildenv_setup() { }
## Set the directory within which the release will be built.
CHROOTDIR="/scratch"
## Do not explicitly require the devel/git port to be installed.
#NOGIT=1
## Set the version control system host.
GITROOT="https://git.freebsd.org/"
GITSRC="src.git"
GITPORTS="ports.git"
## Set the src/, ports/, and doc/ branches or tags.
#SRCBRANCH="stable/13"
SRCBRANCH="main"
PORTBRANCH="main"
## Sample configuration for using git from ports.
#GITCMD="/usr/local/bin/git clone -q --branch main"
## Set to override the default target architecture.
#TARGET="amd64"
#TARGET_ARCH="amd64"
#KERNEL="GENERIC"
KERNEL="GENERIC-NODEBUG"
## Multiple kernels may be set.
#KERNEL="GENERIC XENHVM"
## Set to specify a custom make.conf and/or src.conf
#MAKE_CONF="/etc/local/make.conf"
MAKE_CONF="/etc/make.conf"
#SRC_CONF="/etc/local/src.conf"
SRC_CONF="/etc/src.conf"
## Set to use make(1) flags.
#MAKE_FLAGS="-s"
## Set to use world- and kernel-specific make(1) flags.
#WORLD_FLAGS="-j $(sysctl -n hw.ncpu)"
#KERNEL_FLAGS="-j $(( $(( $(sysctl -n hw.ncpu) + 1 )) / 2 ))"
## Set miscellaneous 'make release' settings.
#NOPORTS=
#NOSRC=
#WITH_DVD=
#WITH_COMPRESSED_IMAGES=
## Set to '1' to disable multi-threaded xz(1) compression.
#XZ_THREADS=0
## Set when building embedded images.
#EMBEDDEDBUILD=
## Set to a list of ports required to build embedded system-on-chip
## images, such as sysutils/u-boot-rpi.
#EMBEDDEDPORTS=
## Set to the hardware platform of the target userland. This value
## is passed to make(1) to set the TARGET (value of uname -m) to cross
## build.
#EMBEDDED_TARGET=
## Set to the machine processor architecture of the target userland.
## This value is passed to make(1) to set the TARGET_ARCH (value of uname -p)
## to cross build.
#EMBEDDED_TARGET_ARCH=
## Set to skip the chroot environment buildworld/installworld/distribution
## step if it is expected the build environment will exist via alternate
## means.
#CHROOTBUILD_SKIP=
## Set to a non-empty value skip checkout or update of /usr/src in
## the chroot. This is intended for use when /usr/src already exists.
#SRC_UPDATE_SKIP=
## Set to a non-empty value skip checkout or update of /usr/ports in
## the chroot. This is intended for use when /usr/ports already exists.
#PORTS_UPDATE_SKIP=
## Set to pass additional flags to make(1) for the build chroot setup, such
## as TARGET/TARGET_ARCH.
#CHROOT_MAKEENV=
## Set to a non-empty value to build virtual machine images as part of the
## release build.
#WITH_VMIMAGES=
## Set to a non-empty value to compress virtual machine images with xz(1)
## as part of the release build.
#WITH_COMPRESSED_VMIMAGES=
## If WITH_VMIMAGES is set to a non-empty value, this is the name of the
## file to use for the installed userland/kernel.
#VMBASE="vm"
## If WITH_VMIMAGES is set to a non-empty value, this is the size of the
## virtual machine disk filesystem. Valid size values are described in
## the makefs(8) manual page.
#VMSIZE="20g"
## If WITH_VMIMAGES is set to a non-empty value, this is a list of disk
## image formats to create. Valid values are listed in the mkimg(1)
## manual page, as well as 'mkimg --formats' output.
#VMFORMATS="vhdf vmdk qcow2 raw"
## Set to a non-empty value to build virtual machine images for various
## cloud providers as part of the release build.
#WITH_CLOUDWARE=
## If WITH_CLOUDWARE is set to a non-empty value, this is a list of providers
## to create disk images.
#CLOUDWARE="EC2 GCE VAGRANT-VIRTUALBOX VAGRANT-VMWARE"

5
ansible/roles/freebsd_update_server/tasks/common.yaml
Unescape Escape View File

@ -0,0 +1,5 @@
- import_tasks: tasks/freebsd.yaml
when: 'os_flavor == "freebsd" and build_user is defined'
- import_tasks: tasks/linux.yaml
when: 'os_flavor == "linux"'

50
ansible/roles/freebsd_update_server/tasks/freebsd.yaml
Unescape Escape View File

@ -0,0 +1,50 @@
- name: Install packages
package:
name:
- git
- tmux # For convenience
- htop # For convenience
- bash
state: present
- name: Create directories
file:
name: "{{ item }}"
state: directory
mode: 0755
owner: "{{ build_user.name }}"
group: "{{ build_user.group }}"
loop:
- /opt/freebsd_update_server
- name: Clone freebsd-update-build
git:
repo: "https://github.com/freebsd/freebsd-update-build.git"
dest: /opt/freebsd_update_server/freebsd-update-build
version: "28bb3ae7de9c1332fe8a366fb154a5b9faf37f49"
force: true
become: true
become_user: "{{ build_user.name }}"
diff: false
- name: Install Configuration
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0600
owner: "{{ build_user.name }}"
group: "{{ build_user.group }}"
loop:
- src: release.conf
dest: /opt/freebsd_update_server/release.conf
- name: Install scripts
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0755
owner: root
group: wheel
loop:
- src: build_release.bash
dest: /usr/local/bin/build_release

2
ansible/roles/termcap/tasks/linux.yaml → ansible/roles/freebsd_update_server/tasks/linux.yaml
Unescape Escape View File

@ -13,7 +13,7 @@
# name: []
# state: present
# update_cache: true
# - name: Install packages
# package:
# name:

0
ansible/roles/noise_suppression/tasks/main.yaml → ansible/roles/freebsd_update_server/tasks/main.yaml
Unescape Escape View File

14
ansible/roles/google_cloud_sdk/files/google_logging_link.py
Unescape Escape View File

@ -1,14 +0,0 @@
#!/usr/bin/env python
#
# Generate a link to google cloud logging by passing in a logging query.
import sys
import urllib.parse
def main():
query = "\n".join([line.strip() for line in sys.stdin.readlines()])
query = urllib.parse.quote(query)
query = query + "?project=project-id-here"
print(query)
if __name__ == "__main__":
main()

11
ansible/roles/google_cloud_sdk/tasks/common.yaml
Unescape Escape View File

@ -1,14 +1,3 @@
- name: Install scripts
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0755
owner: root
group: wheel
loop:
- src: google_logging_link.py
dest: /usr/local/bin/google_logging_link
- import_tasks: tasks/freebsd.yaml
when: 'os_flavor == "freebsd"'

27
ansible/roles/gpg/files/gpg_work.asc
Unescape Escape View File

@ -1,27 +0,0 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEXZwWGhYJKwYBBAHaRw8BAQdAfv7qozKkmf4D+5PDzADsMm4aAKDGLha7+Cu0
0H+RsWG0LVRob21hcyBBbGV4YW5kZXIgPFRob21hc0EuQWxleGFuZGVyQGhtaG4u
b3JnPoiQBBMWCAA4FiEEuEgVk2PCh3kXlUvhJ95A2bhFXBsFAmULicsCGwMFCwkI
BwIGFQoJCAsCBBYCAwECHgECF4AACgkQJ95A2bhFXBsUtQD9GWPdWc/nSmO0Gp7p
DzxrieliriAnO+ZCHp31mFbMtToBAPxPYN9y4kgSiXhLiFLoRK5k5FCspksTSitg
0CbXDE4LuDgEXZwWGhIKKwYBBAGXVQEFAQEHQK202EIAwTBuxARUygOvn+AloMJd
ui39m+nMghn1MNo+AwEIB4h4BBgWCAAgFiEEuEgVk2PCh3kXlUvhJ95A2bhFXBsF
Al2cFhoCGwwACgkQJ95A2bhFXBtNzAEAq5I6xPjIbb23xmhxh5cM/UJxdGedfWMy
vF6/JtDvtPUBAPQRQn5AMwTOA+CSnliYf7ZjfVOlHscy60XWPlvXLoAJuDMEXZwW
yhYJKwYBBAHaRw8BAQdAPyIL4EGg4T5JO9q2kpVDy2WjMiXz3nZXwYW4GLoTYkiI
9QQYFggAJgIbAhYhBLhIFZNjwod5F5VL4SfeQNm4RVwbBQJlC4ZhBQkLMdaXAIF2
IAQZFggAHRYhBIHmRDmWdVAusSUWutOhecmlPA7eBQJdnBbKAAoJENOhecmlPA7e
jJ4A/iq7N2mMhx+ovOXm1REoASPF3l4YAAjOHsXqcPtFHKGJAQCiuA71d6CQ+qNZ
Luka/KVB/etkkJvDzvaTtiQQQG+gAwkQJ95A2bhFXBtRDgEAqymMavroD5c/4+M/
EZ3/d8wxfA9E3Fb/1mt4c2ZrNnkBAKYOM+pz/pncFnV+kF7h7TQEEYuGw1JhJVT/
duA4lwsLuDMEXZwXARYJKwYBBAHaRw8BAQdAa76TmWuKuiR1bnNV1FUE6oQ4C8A+
UiQb8x0k1z2DmTKIfgQYFggAJgIbIBYhBLhIFZNjwod5F5VL4SfeQNm4RVwbBQJl
C4ZwBQkLMdZgAAoJECfeQNm4RVwb8TkA/RkBu9Ev8iDE5nvn8YF8FRiY56Z5d+SB
PG4VvrCzXrmlAP46wUjIRpkMrTbb1GMbvYnkeOrBs/qiWjEtHHc3ZLMWD7g4BF2c
FygSCisGAQQBl1UBBQEBB0AO0t3BUxLuokTqKVcheFAZd4UKxAGznPQlvsVyhWWI
EgMBCAeIfgQYFggAJgIbDBYhBLhIFZNjwod5F5VL4SfeQNm4RVwbBQJlC4ZwBQkL
MdY5AAoJECfeQNm4RVwbXscA/A8zRRTCwQKxJ8iz5jmTcVFAhl2vD781Dtv8NvcW
d5t8APwIwcuFVZZA3yayhIxi3aqYpMRxpn2t6Nswax1MIM8DBQ==
=0HtE
-----END PGP PUBLIC KEY BLOCK-----

2
ansible/roles/gpg/tasks/peruser.yaml
Unescape Escape View File

@ -43,7 +43,7 @@
command: gpg --import
when: '"cv25519/B0B50C7FDDE009E5" not in gpgkeys.stdout'
args:
stdin: "{{ lookup('file', pgp_key|default('gpg.asc')) }}"
stdin: "{{ lookup('file', 'gpg.asc') }}"
- import_tasks: tasks/peruser_freebsd.yaml
when: 'os_flavor == "freebsd"'

1
ansible/roles/graphics/files/amd_adaptive_backlight_management_loader.conf
Unescape Escape View File

@ -1 +0,0 @@
hw.amdgpu.abmlevel=3

1
ansible/roles/graphics/files/amd_kld_rc.conf
Unescape Escape View File

@ -1 +0,0 @@
kld_list="/boot/modules/amdgpu.ko"

31
ansible/roles/graphics/tasks/freebsd_amd.yaml
Unescape Escape View File

@ -1,31 +0,0 @@
- name: Install packages
package:
name:
- drm-kmod
- vulkan-loader
- libva-utils # for vainfo
- vdpauinfo # for vdpauinfo
- libvdpau-va-gl # vdpau support
- radeontop
- vulkan-tools # For vulkaninfo
state: present
- name: Install loader.conf
copy:
src: "files/{{ item }}_loader.conf"
dest: "/boot/loader.conf.d/{{ item }}.conf"
mode: 0644
owner: root
group: wheel
loop:
- amd_adaptive_backlight_management
- name: Install service configuration
copy:
src: "files/amd_{{ item }}_rc.conf"
dest: "/etc/rc.conf.d/{{ item }}"
mode: 0644
owner: root
group: wheel
loop:
- kld

20
ansible/roles/graphics/tasks/linux_amd.yaml
Unescape Escape View File

@ -1,20 +0,0 @@
# TODO: Should I enable APM?
- name: Install packages
package:
name:
- linux-firmware # Arch wiki claims this is needed to boot
- mesa
- lib32-mesa
- vulkan-radeon
- lib32-vulkan-radeon
- libva-mesa-driver # Accelerated video decoding
- lib32-libva-mesa-driver # Accelerated video decoding
- mesa-vdpau # Accelerated video decoding
- lib32-mesa-vdpau # Accelerated video decoding
- vulkan-icd-loader
- lib32-vulkan-icd-loader
- libva-utils # for vainfo
- vdpauinfo # for vdpauinfo
- vulkan-tools # For vulkaninfo
- radeontop
state: present

9
ansible/roles/hosts/tasks/common.yaml
Unescape Escape View File

@ -1,19 +1,10 @@
- name: Set the /etc/hosts
when: hostname is undefined or item.key != hostname
ansible.builtin.lineinfile:
path: /etc/hosts
regexp: '^{{ item.key | regex_escape() }}\s+'
line: "{{ item.key }} {{ item.value | join(' ') }}"
loop: "{{ etc_hosts | dict2items }}"
# Without an entry for the local hostname, firefox takes multiple minutes to launch.
- name: Set the /etc/hosts
when: hostname is defined
ansible.builtin.lineinfile:
path: /etc/hosts
regexp: '\s+{{ hostname | regex_escape() }}\s*$'
line: "127.0.0.1 {{ hostname }}"
- import_tasks: tasks/freebsd.yaml
when: 'os_flavor == "freebsd"'

5
ansible/roles/jail_nat_dhcp/files/kea-dhcp4.conf
Unescape Escape View File

@ -78,6 +78,11 @@
// brianai
"hw-address": "06:a6:dc:59:78:12",
"ip-address": "10.215.1.215"
},
{
// freebsdupdate
"hw-address": "06:14:5c:92:3d:5b",
"ip-address": "10.215.1.213"
}
]
}

7
ansible/roles/kubernetes/files/k8s_delete_pipeline_runs
Unescape Escape View File

@ -1,7 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
kubectl get pipelinerun --all-namespaces -o go-template='{{range .items}}{{.metadata.namespace}}/{{.metadata.name}}{{"\n"}}{{end}}' | while read p; do namespace=$(cut -d '/' -f 1 <<<"$p"); name=$(cut -d '/' -f 2 <<<"$p"); kubectl delete pipelinerun -n "$namespace" "$name"; done

2
ansible/roles/python/meta/main.yaml → ansible/roles/kubernetes/meta/main.yaml
Unescape Escape View File

@ -1,2 +1,2 @@
dependencies:
- pyenv
- build

2
ansible/roles/kubernetes/tasks/common.yaml
Unescape Escape View File

@ -37,8 +37,6 @@
dest: /usr/local/bin/kx
- src: decrypt_k8s_secret
dest: /usr/local/bin/decrypt_k8s_secret
- src: k8s_delete_pipeline_runs
dest: /usr/local/bin/
- import_tasks: tasks/freebsd.yaml
when: 'os_flavor == "freebsd"'

23
ansible/roles/kubernetes/tasks/linux.yaml
Unescape Escape View File

@ -1,8 +1,27 @@
- name: Build aur packages
register: buildaur
become_user: "{{ build_user.name }}"
command: "aurutils-sync --no-view {{ item }}"
args:
creates: "/var/cache/pacman/custom/{{ item }}-*.pkg.tar.*"
loop:
- kubeswitch
- flux-scm
- kubectl-minio
- name: Update cache
when: buildaur.changed
pacman:
name: []
state: present
update_cache: true
- name: Install packages
package:
name:
- yamllint
- stern
# - kubeswitch
- fluxcd
- kubeswitch
- flux-scm
- kubectl-minio
state: present

642
ansible/roles/launch_keyboard/files/launch_keyboard_layout.json
Unescape Escape View File

@ -1,642 +0,0 @@
{
"model": "system76/launch_2",
"version": 1,
"map": {
"K00": [
"ESC",
"RESET",
"ROLL_OVER",
"ROLL_OVER"
],
"K01": [
"F1",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K02": [
"F2",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K03": [
"F3",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K04": [
"F4",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K05": [
"F5",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K06": [
"F6",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K07": [
"F7",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K08": [
"F8",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K09": [
"F9",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K0A": [
"F10",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K0B": [
"F11",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K0C": [
"F12",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K0D": [
"DEL",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K0E": [
"HOME",
"PLAY_PAUSE",
"ROLL_OVER",
"ROLL_OVER"
],
"K10": [
"TICK",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K11": [
"1",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K12": [
"2",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K13": [
"3",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K14": [
"4",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K15": [
"5",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K16": [
"6",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K17": [
"7",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K18": [
"8",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K19": [
"9",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K1A": [
"0",
"KBD_TOGGLE",
"ROLL_OVER",
"ROLL_OVER"
],
"K1B": [
"MINUS",
"KBD_DOWN",
"ROLL_OVER",
"ROLL_OVER"
],
"K1C": [
"EQUALS",
"KBD_UP",
"ROLL_OVER",
"ROLL_OVER"
],
"K1D": [
"BKSP",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K1E": [
"PGUP",
"VOLUME_UP",
"ROLL_OVER",
"ROLL_OVER"
],
"K20": [
"TAB",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K21": [
"Q",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K22": [
"W",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K23": [
"E",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K24": [
"R",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K25": [
"T",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K26": [
"Y",
"HOME",
"ROLL_OVER",
"ROLL_OVER"
],
"K27": [
"U",
"PGDN",
"ROLL_OVER",
"ROLL_OVER"
],
"K28": [
"I",
"PGUP",
"ROLL_OVER",
"ROLL_OVER"
],
"K29": [
"O",
"END",
"ROLL_OVER",
"ROLL_OVER"
],
"K2A": [
"P",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K2B": [
"BRACE_OPEN",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K2C": [
"BRACE_CLOSE",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K2D": [
"BACKSLASH",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K2E": [
"PGDN",
"VOLUME_DOWN",
"ROLL_OVER",
"ROLL_OVER"
],
"K30": [
"CAPS",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K31": [
"A",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K32": [
"S",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K33": [
"D",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K34": [
"F",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K35": [
"G",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K36": [
"H",
"LEFT",
"ROLL_OVER",
"ROLL_OVER"
],
"K37": [
"J",
"DOWN",
"ROLL_OVER",
"ROLL_OVER"
],
"K38": [
"K",
"UP",
"ROLL_OVER",
"ROLL_OVER"
],
"K39": [
"L",
"RIGHT",
"ROLL_OVER",
"ROLL_OVER"
],
"K3A": [
"SEMICOLON",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K3B": [
"QUOTE",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K3C": [
"ENTER",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K3D": [
"END",
"MUTE",
"ROLL_OVER",
"ROLL_OVER"
],
"K40": [
"LEFT_SHIFT",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K41": [
"Z",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K42": [
"X",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K43": [
"C",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K44": [
"V",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K45": [
"B",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K46": [
"N",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K47": [
"M",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K48": [
"COMMA",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K49": [
"PERIOD",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K4A": [
"SLASH",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K4B": [
"RIGHT_SHIFT",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K4C": [
"UP",
"PGUP",
"ROLL_OVER",
"ROLL_OVER"
],
"K50": [
"LEFT_CTRL",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K51": [
"LEFT_SUPER",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K52": [
"LEFT_ALT",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K53": [
"FN",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K54": [
"SPACE",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K55": [
"SPACE",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K56": [
"RIGHT_CTRL",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K57": [
"RIGHT_ALT",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K58": [
"PRINT_SCREEN",
"ROLL_OVER",
"ROLL_OVER",
"ROLL_OVER"
],
"K59": [
"LEFT",
"HOME",
"ROLL_OVER",
"ROLL_OVER"
],
"K5A": [
"DOWN",
"PGDN",
"ROLL_OVER",
"ROLL_OVER"
],
"K5B": [
"RIGHT",
"END",
"ROLL_OVER",
"ROLL_OVER"
]
},
"key_leds": {
"K00": null,
"K01": null,
"K02": null,
"K03": null,
"K04": null,
"K05": null,
"K06": null,
"K07": null,
"K08": null,
"K09": null,
"K0A": null,
"K0B": null,
"K0C": null,
"K0D": null,
"K0E": null,
"K10": null,
"K11": null,
"K12": null,
"K13": null,
"K14": null,
"K15": null,
"K16": null,
"K17": null,
"K18": null,
"K19": null,
"K1A": null,
"K1B": null,
"K1C": null,
"K1D": null,
"K1E": null,
"K20": null,
"K21": null,
"K22": null,
"K23": null,
"K24": null,
"K25": null,
"K26": null,
"K27": null,
"K28": null,
"K29": null,
"K2A": null,
"K2B": null,
"K2C": null,
"K2D": null,
"K2E": null,
"K30": null,
"K31": null,
"K32": null,
"K33": null,
"K34": null,
"K35": null,
"K36": null,
"K37": null,
"K38": null,
"K39": null,
"K3A": null,
"K3B": null,
"K3C": null,
"K3D": null,
"K40": null,
"K41": null,
"K42": null,
"K43": null,
"K44": null,
"K45": null,
"K46": null,
"K47": null,
"K48": null,
"K49": null,
"K4A": null,
"K4B": null,
"K4C": null,
"K50": null,
"K51": null,
"K52": null,
"K53": null,
"K54": null,
"K55": null,
"K56": null,
"K57": null,
"K58": null,
"K59": null,
"K5A": null,
"K5B": null
},
"layers": [
{
"mode": [
7,
127
],
"brightness": 135,
"color": [
142,
255
]
},
{
"mode": [
13,
127
],
"brightness": 135,
"color": [
142,
255
]
},
{
"mode": [
13,
127
],
"brightness": 135,
"color": [
142,
255
]
},
{
"mode": [
13,
127
],
"brightness": 135,
"color": [
142,
255
]
}
]
}

0
ansible/roles/media/files/cast_file_vaapi → ansible/roles/media/files/cast_file_intel
Unescape Escape View File

10
ansible/roles/media/tasks/amd.yaml
Unescape Escape View File

@ -1,10 +0,0 @@
- name: Install scripts
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0755
owner: root
group: wheel
loop:
- src: cast_file_vaapi
dest: /usr/local/bin/cast_file

2
ansible/roles/media/tasks/intel.yaml
Unescape Escape View File

@ -6,5 +6,5 @@
owner: root
group: wheel
loop:
- src: cast_file_vaapi
- src: cast_file_intel
dest: /usr/local/bin/cast_file

2
ansible/roles/network/files/homeserver_network.conf
Unescape Escape View File

@ -1,3 +1,3 @@
wlans_ath0="wlan0"
wlans_rtwn0="wlan0"
ifconfig_wlan0="WPA DHCP"
ifconfig_wlan0_ipv6="inet6 accept_rtadv"

4
ansible/roles/network/files/main.conf
Unescape Escape View File

@ -7,5 +7,5 @@ NameResolvingService=systemd
EnableNetworkConfiguration=True
# route_priority_offset=300
# [Scan]
# DisablePeriodicScan=true
[Scan]
DisablePeriodicScan=true

3
ansible/roles/network/files/odofreebsd_network.conf
Unescape Escape View File

@ -1,3 +1,4 @@
wlans_iwlwifi0="wlan0"
#wlans_ath0="wlan0"
wlans_iwm0="wlan0"
ifconfig_wlan0="WPA DHCP"
ifconfig_wlan0_ipv6="inet6 accept_rtadv"

2
ansible/roles/network/tasks/linux.yaml
Unescape Escape View File

@ -36,5 +36,5 @@
daemon_reload: yes
loop:
- iwd.service
# - systemd-networkd.service
- systemd-networkd.service
- systemd-resolved.service

35
ansible/roles/noise_suppression/files/99-input-denoising.conf
Unescape Escape View File

@ -1,35 +0,0 @@
context.modules = [
{ name = libpipewire-module-filter-chain
args = {
node.description = "Noise Canceling source"
media.name = "Noise Canceling source"
filter.graph = {
nodes = [
{
type = ladspa
name = rnnoise
plugin = /usr/lib/ladspa/librnnoise_ladspa.so
label = noise_suppressor_mono
control = {
"VAD Threshold (%)" = 50.0
"VAD Grace Period (ms)" = 200
"Retroactive VAD Grace (ms)" = 0
}
}
]
}
capture.props = {
node.name = "capture.rnnoise_source"
node.passive = true
audio.rate = 48000
# Optionally specify a specific input: (ID from `pactl list`)
# target.object = "alsa_input.usb-Shure_Incorporated_Shure_Digital-00.analog-stereo"
}
playback.props = {
node.name = "rnnoise_source"
media.class = Audio/Source
audio.rate = 48000
}
}
}
]

3
ansible/roles/noise_suppression/meta/main.yaml
Unescape Escape View File

@ -1,3 +0,0 @@
dependencies:
- users
- sound

5
ansible/roles/noise_suppression/tasks/freebsd.yaml
Unescape Escape View File

@ -1,5 +0,0 @@
- name: Install packages
package:
name:
- noise-suppression-for-voice-lv2
state: present

5
ansible/roles/noise_suppression/tasks/linux.yaml
Unescape Escape View File

@ -1,5 +0,0 @@
- name: Install packages
package:
name:
- noise-suppression-for-voice
state: present

8
ansible/roles/noise_suppression/tasks/peruser.yaml
Unescape Escape View File

@ -1,8 +0,0 @@
- include_role:
name: per_user
- import_tasks: tasks/peruser_freebsd.yaml
when: 'os_flavor == "freebsd"'
- import_tasks: tasks/peruser_linux.yaml
when: 'os_flavor == "linux"'

21
ansible/roles/noise_suppression/tasks/peruser_linux.yaml
Unescape Escape View File

@ -1,21 +0,0 @@
- name: Create directories
file:
name: "{{ account_homedir.stdout }}/{{ item }}"
state: directory
mode: 0700
owner: "{{ account_name.stdout }}"
group: "{{ group_name.stdout }}"
loop:
# Could also use /etc/pipewire/pipewire.conf.d/ for system-wide config.
- ".config/pipewire/pipewire.conf.d"
- name: Copy files
copy:
src: "files/{{ item.src }}"
dest: "{{ account_homedir.stdout }}/{{ item.dest }}"
mode: 0600
owner: "{{ account_name.stdout }}"
group: "{{ group_name.stdout }}"
loop:
- src: 99-input-denoising.conf
dest: .config/pipewire/pipewire.conf.d/

55
ansible/roles/odowork/tasks/common.yaml
Unescape Escape View File

@ -1,55 +0,0 @@
# - name: Create directories
# file:
# name: "{{ item }}"
# state: directory
# mode: 0755
# owner: root
# group: wheel
# loop:
# - /foo/bar
# - name: Install scripts
# copy:
# src: "files/{{ item.src }}"
# dest: "{{ item.dest }}"
# mode: 0755
# owner: root
# group: wheel
# loop:
# - src: foo.bash
# dest: /usr/local/bin/foo
# - name: Install Configuration
# copy:
# src: "files/{{ item.src }}"
# dest: "{{ item.dest }}"
# mode: 0600
# owner: root
# group: wheel
# loop:
# - src: foo.conf
# dest: /usr/local/etc/foo.conf
# - name: Clone Source
# git:
# repo: "https://foo.bar/baz.git"
# dest: /foo/bar
# version: "v1.0.2"
# force: true
# diff: false
- import_tasks: tasks/freebsd.yaml
when: 'os_flavor == "freebsd"'
- import_tasks: tasks/linux.yaml
when: 'os_flavor == "linux"'
- include_tasks:
file: tasks/peruser.yaml
apply:
become: yes
become_user: "{{ initialize_user }}"
when: users is defined
loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}"
loop_control:
loop_var: initialize_user

5
ansible/roles/odowork/tasks/linux.yaml
Unescape Escape View File

@ -1,5 +0,0 @@
- name: Install packages
package:
name:
- python-numpy # Increases the speed of iap tunnels
state: present

Some files were not shown because too many files have changed in this diff Show More

Write Preview
Loading…
Cancel
Save