fscotto/infra
1
0
Fork 0
mirror of https://github.com/fscotto/infra.git synced 2026-05-30 23:49:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add turnstile Emacs service and stable ssh-agent

Browse Source
This commit is contained in:
Fabio Scotto di Santolo
2026-04-10 13:32:03 +02:00
parent 7f82fc39d9
commit 5c57cce97c
18 changed files with 164 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
ansible/inventory/group_vars/desktop.yml
View File

@@ -19,6 +19,7 @@ desktop_common_packages:
- pinentry-emacs
- pinentry-gtk
- rofi
- turnstile
- udiskie
- xfce-polkit
- xdg-desktop-portal
@@ -169,6 +170,10 @@ desktop_common_dotfiles:
src: .config/opencode/
dest: .config/opencode/
mode: preserve
- name: Turnstile user services
src: .config/service/
dest: .config/service/
mode: preserve
- name: Bash profile fragments
src: .bashrc.d/
dest: .bashrc.d/
@@ -205,6 +210,10 @@ desktop_common_dotfiles:
src: .local/bin/powermenu
dest: .local/bin/powermenu
mode: "0755"
- name: Turnstile environment update script
src: .local/bin/update-turnstile-env
dest: .local/bin/update-turnstile-env
mode: "0755"
desktop_i3_dotfiles:
- name: i3 config

1
ansible/inventory/group_vars/void.yml
View File

@@ -50,6 +50,7 @@ enabled_services:
- libvirtd
- nanoklogd
- socklog-unix
- turnstiled
- ufw
- virtlockd
- virtlogd

4
ansible/roles/profile_desktop_common/tasks/main.yml
View File

@@ -311,6 +311,10 @@
loop:
- path: "{{ user_home }}/.local"
mode: "0755"
- path: "{{ user_home }}/.local/state"
mode: "0755"
- path: "{{ user_home }}/.local/state/ssh-agent"
mode: "0700"
- path: "{{ user_home }}/.local/share"
mode: "0755"
- path: "{{ user_home }}/.local/share/keyrings"

65
ansible/roles/services_runit/tasks/main.yml
View File

@@ -14,3 +14,68 @@
dest: "/var/service/{{ item }}"
state: link
loop: "{{ host_enabled_services | default([]) }}"
- name: Ensure per-user runit directories exist
tags: [services, packages]
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "{{ item.mode }}"
loop:
- path: "{{ user_home }}/.local/runit"
mode: "0755"
- path: "{{ user_home }}/.local/runit/current"
mode: "0755"
- path: "{{ user_home }}/.local/runit/sv"
mode: "0755"
- path: "{{ user_home }}/.local/runit/sv/ssh-agent"
mode: "0755"
- path: "{{ user_home }}/.local/state"
mode: "0755"
- path: "{{ user_home }}/.local/state/ssh-agent"
mode: "0700"
- name: Render per-user ssh-agent runit service
tags: [services, packages]
ansible.builtin.template:
src: ssh-agent.run.j2
dest: "{{ user_home }}/.local/runit/sv/ssh-agent/run"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0755"
- name: Enable per-user ssh-agent runit service
tags: [services, packages]
ansible.builtin.file:
src: "../sv/ssh-agent"
dest: "{{ user_home }}/.local/runit/current/ssh-agent"
state: link
owner: "{{ username }}"
group: "{{ user_group }}"
- name: Ensure per-user runsvdir service directory exists
tags: [services, packages]
ansible.builtin.file:
path: "/etc/sv/runsvdir-{{ username }}"
state: directory
owner: root
group: root
mode: "0755"
- name: Render per-user runsvdir system service
tags: [services, packages]
ansible.builtin.template:
src: runsvdir-user.run.j2
dest: "/etc/sv/runsvdir-{{ username }}/run"
owner: root
group: root
mode: "0755"
- name: Enable per-user runsvdir system service
tags: [services, packages]
ansible.builtin.file:
src: "/etc/sv/runsvdir-{{ username }}"
dest: "/var/service/runsvdir-{{ username }}"
state: link

11
ansible/roles/services_runit/templates/runsvdir-user.run.j2 Normal file
View File

@@ -0,0 +1,11 @@
#!/bin/sh
set -eu
export USER="{{ username }}"
export HOME="{{ user_home }}"
groups="$(id -Gn "$USER" | tr ' ' ':')"
svdir="$HOME/.local/runit/current"
exec chpst -u "$USER:$groups" runsvdir "$svdir"

11
ansible/roles/services_runit/templates/ssh-agent.run.j2 Normal file
View File

@@ -0,0 +1,11 @@
#!/bin/sh
set -eu
sockdir="{{ user_home }}/.local/state/ssh-agent"
sockpath="$sockdir/socket"
mkdir -p "$sockdir"
rm -f "$sockpath"
exec ssh-agent -D -a "$sockpath"