From 98805d92905ae0fb4f625b3e498e94731397cd3c Mon Sep 17 00:00:00 2001 From: Fabio Scotto di Santolo Date: Tue, 14 Apr 2026 14:12:30 +0200 Subject: [PATCH] Move user services to turnstile --- AGENTS.md | 6 +- README.md | 6 +- ansible/roles/services_runit/tasks/main.yml | 104 ------------------ .../services_runit/templates/ollama.run.j2 | 5 - .../templates/runsvdir-user.run.j2 | 11 -- .../services_runit/templates/ssh-agent.run.j2 | 11 -- .../desktop/.bashrc.d/15-runit-desktop.sh | 2 +- dotfiles/desktop/.bashrc.d/16-vsv-wrappers.sh | 65 ----------- dotfiles/desktop/.config/service/ollama/run | 9 ++ .../desktop/.config/service/ssh-agent/run | 15 +++ 10 files changed, 31 insertions(+), 203 deletions(-) delete mode 100644 ansible/roles/services_runit/templates/ollama.run.j2 delete mode 100644 ansible/roles/services_runit/templates/runsvdir-user.run.j2 delete mode 100644 ansible/roles/services_runit/templates/ssh-agent.run.j2 delete mode 100644 dotfiles/desktop/.bashrc.d/16-vsv-wrappers.sh create mode 100755 dotfiles/desktop/.config/service/ollama/run create mode 100755 dotfiles/desktop/.config/service/ssh-agent/run diff --git a/AGENTS.md b/AGENTS.md index 1cab13a..30c6a17 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -52,9 +52,9 @@ Ansible-driven personal infrastructure repo for Void desktops, Linux workstation ## Desktop Void Notes - `profile_desktop_common` owns the shared desktop bootstrap. -- GUI-aware user services use `turnstile` and live under `dotfiles/desktop/.config/service/`. -- `ssh-agent` is a separate always-on per-user runit service under `~/.local/runit/current` with stable socket `~/.local/state/ssh-agent/socket`. -- `ollama` is installed from the upstream Linux tarball into `/usr/local` and runs as a separate always-on per-user runit service under `~/.local/runit/current`. +- User services are managed by `turnstile` and live under `dotfiles/desktop/.config/service/`. +- `ssh-agent` runs under `turnstile` with stable socket `~/.local/state/ssh-agent/socket`. +- `ollama` is installed from the upstream Linux tarball into `/usr/local` and runs under `turnstile`. - `Codex CLI` is installed globally via npm and can target the local Ollama instance. - Critical session entrypoints: - `dotfiles/desktop/.xinitrc` diff --git a/README.md b/README.md index ee8bb37..4c9e3ee 100644 --- a/README.md +++ b/README.md @@ -85,9 +85,9 @@ Lo stato attuale del profilo desktop include, tra le altre cose: - sessione i3 su tutti i desktop Void e sessioni Sway/Hyprland opzionali su `nymph` - `emptty` con scelta sessione a login su `nymph` e default host-specific sugli altri desktop - pacchetti Void Linux e servizi runit -- `turnstile` per servizi utente agganciati alla sessione, incluso `emacs` come server per `emacsclient` -- `ssh-agent` come servizio runit utente always-on con socket stabile condiviso tra shell, SSH ed Emacs -- `ollama` installato da tarball upstream e gestito come servizio runit utente always-on, con `Codex CLI` installato globalmente via npm +- `turnstile` per i servizi utente, inclusi `emacs`, `ssh-agent` e `ollama` +- `ssh-agent` con socket stabile condiviso tra shell, SSH ed Emacs in `~/.local/state/ssh-agent/socket` +- `ollama` installato da tarball upstream e gestito come servizio utente `turnstile`, con `Codex CLI` installato globalmente via npm - Flatpak con remoto Flathub - GNOME Keyring e bootstrap della posta via script dedicato - `Waybar` separata per compositor (`config-sway.jsonc` e `config-hyprland.jsonc`) con `style.css` condiviso diff --git a/ansible/roles/services_runit/tasks/main.yml b/ansible/roles/services_runit/tasks/main.yml index b22a74f..ed6572a 100644 --- a/ansible/roles/services_runit/tasks/main.yml +++ b/ansible/roles/services_runit/tasks/main.yml @@ -14,107 +14,3 @@ dest: "/var/service/{{ item }}" state: link loop: "{{ host_enabled_services | default([]) }}" - -- name: Define per-user runit services - tags: [services, packages] - ansible.builtin.set_fact: - per_user_runit_services: - - name: ollama - template: ollama.run.j2 - state_dirs: [] - - name: ssh-agent - template: ssh-agent.run.j2 - state_dirs: - - path: "{{ user_home }}/.local/state/ssh-agent" - mode: "0700" - -- name: Ensure per-user runit directories exist - tags: [services, packages] - ansible.builtin.file: - path: "{{ item.path }}" - state: directory - owner: "{{ username }}" - group: "{{ user_group }}" - mode: "{{ item.mode }}" - loop: - - path: "{{ user_home }}/.local/runit" - mode: "0755" - - path: "{{ user_home }}/.local/runit/current" - mode: "0755" - - path: "{{ user_home }}/.local/runit/sv" - mode: "0755" - - path: "{{ user_home }}/.local/state" - mode: "0755" - -- name: Ensure per-user runit service directories exist - tags: [services, packages] - ansible.builtin.file: - path: "{{ user_home }}/.local/runit/sv/{{ item.name }}" - state: directory - owner: "{{ username }}" - group: "{{ user_group }}" - mode: "0755" - loop: "{{ per_user_runit_services }}" - loop_control: - label: "{{ item.name }}" - -- name: Ensure per-user runit service state directories exist - tags: [services, packages] - ansible.builtin.file: - path: "{{ item.1.path }}" - state: directory - owner: "{{ username }}" - group: "{{ user_group }}" - mode: "{{ item.1.mode }}" - loop: "{{ per_user_runit_services | subelements('state_dirs', skip_missing=True) }}" - loop_control: - label: "{{ item.1.path }}" - -- name: Render per-user runit services - tags: [services, packages] - ansible.builtin.template: - src: "{{ item.template }}" - dest: "{{ user_home }}/.local/runit/sv/{{ item.name }}/run" - owner: "{{ username }}" - group: "{{ user_group }}" - mode: "0755" - loop: "{{ per_user_runit_services }}" - loop_control: - label: "{{ item.name }}" - -- name: Enable per-user runit services - tags: [services, packages] - ansible.builtin.file: - src: "../sv/{{ item.name }}" - dest: "{{ user_home }}/.local/runit/current/{{ item.name }}" - state: link - owner: "{{ username }}" - group: "{{ user_group }}" - loop: "{{ per_user_runit_services }}" - loop_control: - label: "{{ item.name }}" - -- name: Ensure per-user runsvdir service directory exists - tags: [services, packages] - ansible.builtin.file: - path: "/etc/sv/runsvdir-{{ username }}" - state: directory - owner: root - group: root - mode: "0755" - -- name: Render per-user runsvdir system service - tags: [services, packages] - ansible.builtin.template: - src: runsvdir-user.run.j2 - dest: "/etc/sv/runsvdir-{{ username }}/run" - owner: root - group: root - mode: "0755" - -- name: Enable per-user runsvdir system service - tags: [services, packages] - ansible.builtin.file: - src: "/etc/sv/runsvdir-{{ username }}" - dest: "/var/service/runsvdir-{{ username }}" - state: link diff --git a/ansible/roles/services_runit/templates/ollama.run.j2 b/ansible/roles/services_runit/templates/ollama.run.j2 deleted file mode 100644 index aaabcff..0000000 --- a/ansible/roles/services_runit/templates/ollama.run.j2 +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -set -eu - -exec /usr/local/bin/ollama serve diff --git a/ansible/roles/services_runit/templates/runsvdir-user.run.j2 b/ansible/roles/services_runit/templates/runsvdir-user.run.j2 deleted file mode 100644 index b4a217f..0000000 --- a/ansible/roles/services_runit/templates/runsvdir-user.run.j2 +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -set -eu - -export USER="{{ username }}" -export HOME="{{ user_home }}" - -groups="$(id -Gn "$USER" | tr ' ' ':')" -svdir="$HOME/.local/runit/current" - -exec chpst -u "$USER:$groups" runsvdir "$svdir" diff --git a/ansible/roles/services_runit/templates/ssh-agent.run.j2 b/ansible/roles/services_runit/templates/ssh-agent.run.j2 deleted file mode 100644 index 9d5ada8..0000000 --- a/ansible/roles/services_runit/templates/ssh-agent.run.j2 +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -set -eu - -sockdir="{{ user_home }}/.local/state/ssh-agent" -sockpath="$sockdir/socket" - -mkdir -p "$sockdir" -rm -f "$sockpath" - -exec ssh-agent -D -a "$sockpath" diff --git a/dotfiles/desktop/.bashrc.d/15-runit-desktop.sh b/dotfiles/desktop/.bashrc.d/15-runit-desktop.sh index 9c579e4..036a655 100644 --- a/dotfiles/desktop/.bashrc.d/15-runit-desktop.sh +++ b/dotfiles/desktop/.bashrc.d/15-runit-desktop.sh @@ -1,2 +1,2 @@ -export SVDIR="$HOME/.local/runit/current" +export SVDIR="$HOME/.config/service" export SSH_AUTH_SOCK="$HOME/.local/state/ssh-agent/socket" diff --git a/dotfiles/desktop/.bashrc.d/16-vsv-wrappers.sh b/dotfiles/desktop/.bashrc.d/16-vsv-wrappers.sh deleted file mode 100644 index 661b5ee..0000000 --- a/dotfiles/desktop/.bashrc.d/16-vsv-wrappers.sh +++ /dev/null @@ -1,65 +0,0 @@ -vsvu() { - command vsv -d "$HOME/.local/runit/current" "$@" -} - -vsvs() { - command vsv -d "$HOME/.config/service" "$@" -} - -vsvc() { - local user_svdir session_svdir cmd service user_path session_path - - user_svdir="$HOME/.local/runit/current" - session_svdir="$HOME/.config/service" - - if ! command -v vsv >/dev/null 2>&1; then - printf '%s\n' "vsv is not installed or not in PATH" >&2 - return 127 - fi - - if [ "$#" -eq 0 ] || { [ "$1" = "status" ] && [ "$#" -eq 1 ]; }; then - printf '%s\n' "== Always-on services ==" - if [ -d "$user_svdir" ]; then - command vsv -d "$user_svdir" status - else - printf '%s\n' "missing: $user_svdir" >&2 - fi - - printf '\n%s\n' "== Session services ==" - if [ -d "$session_svdir" ]; then - command vsv -d "$session_svdir" status - else - printf '%s\n' "missing: $session_svdir" >&2 - fi - return - fi - - cmd="$1" - service="$2" - - if [ -z "$service" ]; then - printf '%s\n' "usage: vsvc [status [service] | ]" >&2 - return 2 - fi - - user_path="$user_svdir/$service" - session_path="$session_svdir/$service" - - if [ -e "$user_path" ] && [ -e "$session_path" ]; then - printf '%s\n' "service '$service' exists in both trees; use vsvu or vsvs explicitly" >&2 - return 2 - fi - - if [ -e "$user_path" ]; then - command vsv -d "$user_svdir" "$@" - return - fi - - if [ -e "$session_path" ]; then - command vsv -d "$session_svdir" "$@" - return - fi - - printf '%s\n' "service '$service' not found in $user_svdir or $session_svdir" >&2 - return 1 -} diff --git a/dotfiles/desktop/.config/service/ollama/run b/dotfiles/desktop/.config/service/ollama/run new file mode 100755 index 0000000..51d5f01 --- /dev/null +++ b/dotfiles/desktop/.config/service/ollama/run @@ -0,0 +1,9 @@ +#!/bin/sh + +set -eu + +if [ -n "${TURNSTILE_ENV_DIR:-}" ]; then + exec chpst -e "$TURNSTILE_ENV_DIR" /usr/local/bin/ollama serve +fi + +exec /usr/local/bin/ollama serve diff --git a/dotfiles/desktop/.config/service/ssh-agent/run b/dotfiles/desktop/.config/service/ssh-agent/run new file mode 100755 index 0000000..a1ada0e --- /dev/null +++ b/dotfiles/desktop/.config/service/ssh-agent/run @@ -0,0 +1,15 @@ +#!/bin/sh + +set -eu + +sockdir="$HOME/.local/state/ssh-agent" +sockpath="$sockdir/socket" + +mkdir -p "$sockdir" +rm -f "$sockpath" + +if [ -n "${TURNSTILE_ENV_DIR:-}" ]; then + exec chpst -e "$TURNSTILE_ENV_DIR" ssh-agent -D -a "$sockpath" +fi + +exec ssh-agent -D -a "$sockpath"