fscotto/infra
1
0
Fork 0
mirror of https://github.com/fscotto/infra.git synced 2026-05-30 15:39:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move user services to turnstile

Browse Source
This commit is contained in:
Fabio Scotto di Santolo
2026-04-14 14:12:30 +02:00
parent a783b2d174
commit 98805d9290
10 changed files with 31 additions and 203 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
ansible/roles/services_runit/tasks/main.yml
View File

@@ -14,107 +14,3 @@
dest: "/var/service/{{ item }}"
state: link
loop: "{{ host_enabled_services | default([]) }}"
- name: Define per-user runit services
tags: [services, packages]
ansible.builtin.set_fact:
per_user_runit_services:
- name: ollama
template: ollama.run.j2
state_dirs: []
- name: ssh-agent
template: ssh-agent.run.j2
state_dirs:
- path: "{{ user_home }}/.local/state/ssh-agent"
mode: "0700"
- name: Ensure per-user runit directories exist
tags: [services, packages]
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "{{ item.mode }}"
loop:
- path: "{{ user_home }}/.local/runit"
mode: "0755"
- path: "{{ user_home }}/.local/runit/current"
mode: "0755"
- path: "{{ user_home }}/.local/runit/sv"
mode: "0755"
- path: "{{ user_home }}/.local/state"
mode: "0755"
- name: Ensure per-user runit service directories exist
tags: [services, packages]
ansible.builtin.file:
path: "{{ user_home }}/.local/runit/sv/{{ item.name }}"
state: directory
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0755"
loop: "{{ per_user_runit_services }}"
loop_control:
label: "{{ item.name }}"
- name: Ensure per-user runit service state directories exist
tags: [services, packages]
ansible.builtin.file:
path: "{{ item.1.path }}"
state: directory
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "{{ item.1.mode }}"
loop: "{{ per_user_runit_services | subelements('state_dirs', skip_missing=True) }}"
loop_control:
label: "{{ item.1.path }}"
- name: Render per-user runit services
tags: [services, packages]
ansible.builtin.template:
src: "{{ item.template }}"
dest: "{{ user_home }}/.local/runit/sv/{{ item.name }}/run"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0755"
loop: "{{ per_user_runit_services }}"
loop_control:
label: "{{ item.name }}"
- name: Enable per-user runit services
tags: [services, packages]
ansible.builtin.file:
src: "../sv/{{ item.name }}"
dest: "{{ user_home }}/.local/runit/current/{{ item.name }}"
state: link
owner: "{{ username }}"
group: "{{ user_group }}"
loop: "{{ per_user_runit_services }}"
loop_control:
label: "{{ item.name }}"
- name: Ensure per-user runsvdir service directory exists
tags: [services, packages]
ansible.builtin.file:
path: "/etc/sv/runsvdir-{{ username }}"
state: directory
owner: root
group: root
mode: "0755"
- name: Render per-user runsvdir system service
tags: [services, packages]
ansible.builtin.template:
src: runsvdir-user.run.j2
dest: "/etc/sv/runsvdir-{{ username }}/run"
owner: root
group: root
mode: "0755"
- name: Enable per-user runsvdir system service
tags: [services, packages]
ansible.builtin.file:
src: "/etc/sv/runsvdir-{{ username }}"
dest: "/var/service/runsvdir-{{ username }}"
state: link

5
ansible/roles/services_runit/templates/ollama.run.j2
View File

@@ -1,5 +0,0 @@
#!/bin/sh
set -eu
exec /usr/local/bin/ollama serve

11
ansible/roles/services_runit/templates/runsvdir-user.run.j2
View File

@@ -1,11 +0,0 @@
#!/bin/sh
set -eu
export USER="{{ username }}"
export HOME="{{ user_home }}"
groups="$(id -Gn "$USER" | tr ' ' ':')"
svdir="$HOME/.local/runit/current"
exec chpst -u "$USER:$groups" runsvdir "$svdir"

11
ansible/roles/services_runit/templates/ssh-agent.run.j2
View File

@@ -1,11 +0,0 @@
#!/bin/sh
set -eu
sockdir="{{ user_home }}/.local/state/ssh-agent"
sockpath="$sockdir/socket"
mkdir -p "$sockdir"
rm -f "$sockpath"
exec ssh-agent -D -a "$sockpath"