fscotto/infra
1
0
Fork 0
mirror of https://github.com/fscotto/infra.git synced 2026-05-30 15:39:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: fscotto:feature/noctalia-ayu
Branches Tags
fscotto:main fscotto:feature/migrate-wayland fscotto:feature/noctalia-ayu
...
compare: fscotto:1bcaaca92e0677cfe16e4efdf5919fc902f4f600
Branches Tags
fscotto:main fscotto:feature/migrate-wayland fscotto:feature/noctalia-ayu

66 Commits
feature/no ... 1bcaaca92e

Author SHA1 Message Date
Fabio Scotto di Santolo
1bcaaca92e desktop: unify mono font to LiterationMono Nerd Font, add alacritty dotfiles 2026-05-15 22:18:31 +02:00
Fabio Scotto di Santolo
0b3f5e4f0c desktop: add polybar dotfiles 2026-05-15 20:24:32 +02:00
Fabio Scotto di Santolo
dfa1bd194f Added X11 compositor (picom) and configure background transparancy 2026-05-14 23:48:26 +02:00
Fabio Scotto di Santolo
5c510220a3 Fix nvidia driver version on desktop 2026-05-14 19:50:42 +02:00
Fabio Scotto di Santolo
c9b02d8793 desktop: add Thunderbird flatpak 2026-05-14 18:36:37 +02:00
Fabio Scotto di Santolo
712face3f3 Align README and AGENTS docs with current repository state 
Remove all remaining Sway/Noctalia/Wayland references after their
removal from the playbook. Update topology and playbook composition
to reflect that both ikaros and nymph now run i3, drop the
profile_desktop_sway role row, remove the sway tag and any sway-tag
example. Update the dotfiles tree to include the actual subdirectories
(ubuntu, workstation_host_linux, workstation_dev_wsl). Document the
emptty XORG_SESSIONS_PATH whitelist and the nymph NVIDIA Optimus
overrides (GRUB cmdline, prime-run, WirePlumber camera priority).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-14 00:25:04 +02:00
Fabio Scotto di Santolo
1763a309ef claude: add local settings permissions 2026-05-14 00:19:10 +02:00
Fabio Scotto di Santolo
4854b1ae11 Rewrite GRUB cmdline NVIDIA param injection with grep+replace 
Replace the slurp/set_fact Jinja-heavy approach (which was clobbering
pre-existing GRUB_CMDLINE_LINUX content) with a straightforward
sequence: grep to detect whether the line exists, lineinfile to
initialize an empty one when missing, then two replace tasks using a
tempered-greedy-token regex that appends each NVIDIA parameter only
when not already present. Idempotent and preserves any existing
content in GRUB_CMDLINE_LINUX.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-14 00:05:13 +02:00
Fabio Scotto di Santolo
5a3d32cb0e Rewrite GRUB cmdline merge using slurp + fact-based merge 
The previous lineinfile-with-backrefs negative-lookahead regex was
not appending NVIDIA parameters when missing. Switch to a clearer
approach: slurp the file, extract the current GRUB_CMDLINE_LINUX
value, build a merged target value that appends missing NVIDIA
params, then write back the line. lineinfile sees no diff when the
target matches the current line, preserving idempotency.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 23:54:49 +02:00
Fabio Scotto di Santolo
fd07d6ad1f Append NVIDIA params to GRUB cmdline instead of overwriting 
Previously the task hardcoded GRUB_CMDLINE_LINUX to a fixed string
containing nymph's rd.luks.uuid, rootflags and apparmor parameters,
clobbering whatever the host had. Switch to an idempotent
lineinfile-with-backrefs loop that appends nouveau.modeset=0 and
nvidia-drm.modeset=1 only when missing, preserving the existing
kernel cmdline. grub-mkconfig now runs only when the cmdline changed.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 23:44:14 +02:00
Fabio Scotto di Santolo
bff3d542ef Deploy nymph WirePlumber camera config via host_i3_dotfiles 
Consolidate the WirePlumber camera priority file under the same
host_i3_dotfiles mechanism used for autorandr, dropping the bespoke
copy task from profile_desktop_host/tasks/nymph.yml.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 22:41:33 +02:00
Fabio Scotto di Santolo
e9466b24cc Deploy nymph autorandr profiles via host_i3_dotfiles 
The dual/solo autorandr profiles existed under dotfiles/nymph/ but
were never deployed (no host_i3_dotfiles entry). Mirror the ikaros
pattern so they land in ~/.config/autorandr/.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 22:36:25 +02:00
Fabio Scotto di Santolo
8e54448943 Restore nymph hardware and power management config 
Re-add NVIDIA/Intel GPU packages, tlp/power-profiles-daemon, and
emptty error logging to host_vars/nymph.yml — these were dropped
when the Arch path was removed but are independent of Arch and
needed for nymph laptop hardware. Drop two orphaned Wayland/Sway
residues: kanshi config and the historical Sway cleanup script.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 22:27:51 +02:00
Fabio Scotto di Santolo
a755920fcf Restore minimal nymph host_vars for Void/i3 
hostname was undefined after nymph.yml was deleted with the Arch path,
causing the profile_desktop_host include_tasks condition to fail.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 22:18:00 +02:00
Fabio Scotto di Santolo
43619b714f Remove remaining Arch references from profile_desktop_common 
Drop the Arch-specific systemd SSH reload handler and remove
.config/systemd/user from the common dir creation loop (no longer
needed without the Arch path).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 21:59:44 +02:00
Fabio Scotto di Santolo
ef65841030 Remove orphaned systemd user service dotfiles 
dotfiles/desktop/.config/systemd/user/ (emacs, rclone-pcloud,
ssh-agent, syncthing services) was deployed only via desktop_arch_dotfiles,
which was removed with the Arch path. The equivalent Void services live
in dotfiles/desktop/.config/service/ under Turnstile.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 21:56:45 +02:00
Fabio Scotto di Santolo
8dea4ec07d Fix rustup-init failing on fresh systems 
~/.cargo/env does not exist before rustup-init runs — sourcing it
upfront caused the task to fail on clean installs. Switch to a plain
command invocation without the premature source.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 21:37:59 +02:00
Fabio Scotto di Santolo
36a8762e4d Remove Arch/nymph path, restore nymph as Void desktop 
Delete all Arch-specific files (packages_arch role, profile_desktop_gnome
role, arch.yml group_vars, nymph.yml host_vars, arch dotfiles). Revert
nymph to the void group in inventory, remove the arch play from site.yml,
and restore profile_desktop_host/tasks/nymph.yml to its pre-Arch state
(GRUB + NVIDIA + prime-run). Preserve Void improvements introduced
alongside Arch work (desktop_void_dotfiles, desktop_void_source_tools,
profile_desktop_i3 dir additions, void-specific conditions).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 20:06:20 +02:00
Fabio Scotto di Santolo
ac0d779f0f Remove Sway from the playbook, keep Noctalia configs 
Drop the profile_desktop_sway role (tasks, templates), all Sway
dotfiles, desktop_sway_* vars, and wayland-sessions emptty path.
Noctalia dotfiles are preserved and deployed via desktop_void_dotfiles
on Void hosts; noctalia_bar_monitors/noctalia_screen_overrides kept
as config vars. Only i3 remains as the Void desktop session.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 18:44:56 +02:00
Fabio Scotto di Santolo
e7570d3bd3 Replace gnome-console with ptyxis on Arch 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 11:45:02 +02:00
Fabio Scotto di Santolo
525fa05352 Remove system-config-printer from Arch (GNOME uses gnome-control-center) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:58:29 +02:00
Fabio Scotto di Santolo
d7629d33d6 Expand and clean up Arch GNOME packages, remove alacritty from Arch 
- arch_desktop_gnome_packages: add full GNOME app suite (baobab, gnome-console,
  loupe, papers, showtime, snapshot, sushi, gvfs backends, etc.), sort
  alphabetically, remove duplicates already in arch_packages_base
  (gnome-keyring, gvfs, gvfs-mtp, gvfs-smb, simple-scan)
- Remove alacritty from arch_profile_packages; move alacritty config and
  directory creation to Void-only (profile_desktop_i3 / desktop_void_dotfiles)
- Enable emacs user service via ansible.builtin.systemd (scope: user)
  instead of a manual symlink

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:55:54 +02:00
Fabio Scotto di Santolo
224e9bf1e8 Enable gdm without starting it during provisioning 
Add enabled_services_only list to services_systemd role for services that
should be enabled at boot but not started immediately. Move gdm to this list
on Arch to avoid starting the display manager mid-provisioning.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:43:40 +02:00
Fabio Scotto di Santolo
238d8ab873 Switch to emacs-wayland on Arch, use package-provided emacs.service 
- emacs → emacs-wayland in arch_profile_packages
- Remove custom emacs.service deployment: replace full .config/systemd/user/
  directory copy with individual service files (rclone-pcloud, syncthing)
- Remove emacs.service from desktop_systemd_user_services
- Enable package-provided /usr/lib/systemd/user/emacs.service via symlink
  in profile_desktop_gnome

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:41:10 +02:00
Fabio Scotto di Santolo
b483ef5b7e Move st to Void-only source tools, remove bookokrat 
- bookokrat removed completely from desktop_source_tools
- st moved from common to desktop_void_source_tools (Void-only; uses X11/make)
- Build task loop extended to include desktop_void_source_tools on Void

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:37:51 +02:00
Fabio Scotto di Santolo
56c0335b40 Use pinentry-gnome3 for gpg-agent on Arch 
Add gpg-agent.arch.conf with pinentry-gnome3 and without enable-ssh-support
(SSH is handled by gnome-keyring on GNOME). Deploy it from profile_desktop_gnome,
overriding the common conf that uses pinentry-gtk-2 for Void.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:35:06 +02:00
Fabio Scotto di Santolo
14c24c299d Clean up Arch profile: remove i3/Void-specific config and fix GNOME integration 
- Remove XFCE/i3-specific packages and dotfiles from Arch path (xarchiver,
  udiskie, Thunar, xfce-polkit, clipman, screenshooter)
- Separate per-OS dotfiles: mimeapps, udiskie config, GTK theme script,
  udiskie-password, dbus-session and ssh-agent fragments moved to Void-only
- Add mimeapps.arch.list with Nautilus/GNOME associations for nymph
- Move dunst/rofi directory creation from common to profile_desktop_i3
- Add gnome-keyring PAM hooks for GDM (gdm-password) in profile_desktop_gnome
- Remove ssh-agent.service from desktop_systemd_user_services on Arch;
  drop ssh-agent dependency and hardcoded socket from emacs.service
- Add ttf-hack-nerd to Arch font packages
- Fix rustup bootstrap: use rustup-init on Void, rustup toolchain install on Arch

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-12 23:37:39 +02:00
Fabio Scotto di Santolo
013531ad4b Fix Arch package names 2026-05-12 20:17:51 +02:00
Fabio Scotto di Santolo
e772e9650d Remove unavailable Arch mu package 2026-05-12 19:11:56 +02:00
Fabio Scotto di Santolo
5027b3dd77 Migrate Archlinux config from GRUB to systemd-boot 2026-05-12 18:33:45 +02:00
Fabio Scotto di Santolo
f0fcc92d6d Enable new Archlinux profile for nymph 2026-05-12 18:02:30 +02:00
Fabio Scotto di Santolo
e4d6deb3c5 Added npm tag 2026-05-10 09:02:08 +02:00
Fabio Scotto di Santolo
95c7531db4 Fix handle dbus session address on desktop 2026-05-10 08:57:05 +02:00
Fabio Scotto di Santolo
7baa944aee Fix mime browser 2026-05-10 08:08:03 +02:00
Fabio Scotto di Santolo
3344abb36b deadalus-fedora: add GNOME extension and PaperWM gsettings 2026-05-05 21:45:10 +02:00
Fabio Scotto di Santolo
e83b7f1502 deadalus-fedora: add GNOME extension packages 2026-05-05 21:45:07 +02:00
Fabio Scotto di Santolo
72c2f70185 Add man-pages packages to Void base 2026-05-02 11:10:49 +02:00
Fabio Scotto di Santolo
3c702a299e Consolidate Emacs document tooling 2026-05-02 09:53:10 +02:00
Fabio Scotto di Santolo
fb81d1082c Enable JSON LSP support in Emacs 2026-05-01 21:19:02 +02:00
Fabio Scotto di Santolo
cd8c775630 Add i3 session to nymph and cleanup script for sway 2026-04-30 12:12:36 +02:00
Fabio Scotto di Santolo
dab66bda47 Add linux-mainline kernel packages to Void and nymph 2026-04-30 11:53:09 +02:00
Fabio Scotto di Santolo
e0fe207771 Add hugo to Void base packages 2026-04-29 19:27:29 +02:00
Fabio Scotto di Santolo
eaf1a7f182 Change gpg key for encrypt 2026-04-29 18:47:12 +02:00
Fabio Scotto di Santolo
4b5879a67e Add task for extract templates for desktop 2026-04-29 09:02:49 +02:00
Fabio Scotto di Santolo
46b6bcd62c Add gist and github-cli to Void base packages 2026-04-28 20:53:48 +02:00
Fabio Scotto di Santolo
d48d2db0ba Color ap command output in cyan 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-28 18:00:09 +02:00
Fabio Scotto di Santolo
18ea0a02ad Fix Alacritty keyboard bindings 2026-04-28 17:50:02 +02:00
Fabio Scotto di Santolo
fa6b082381 Add Claude to Emacs project agent picker 2026-04-28 17:40:43 +02:00
Fabio Scotto di Santolo
e2a66c623f Add Claude Code agent configuration 2026-04-28 17:29:52 +02:00
Fabio Scotto di Santolo
164b11bb73 Add speech dispatcher to Void packages 2026-04-28 16:19:27 +02:00
Fabio Scotto di Santolo
10b0a6225b Update desktop SSH defaults 2026-04-28 16:14:19 +02:00
Fabio Scotto di Santolo
bcd8635d9e Disable Nextcloud AIO on server 2026-04-28 16:07:34 +02:00
Fabio Scotto di Santolo
aa0f787d00 Skip AI agent dotfiles on servers 2026-04-28 14:55:32 +02:00
Fabio Scotto di Santolo
949ae2c47f Add Nextcloud AIO service 2026-04-28 14:48:21 +02:00
Fabio Scotto di Santolo
16850eba53 Update agent operating notes 2026-04-28 12:12:50 +02:00
Fabio Scotto di Santolo
e0869e72d6 Change i3 and i3lock backgrounds 2026-04-27 21:48:37 +02:00
Fabio Scotto di Santolo
e9af0bd1af Template Codex instructions path 2026-04-27 20:48:18 +02:00
Fabio Scotto di Santolo
763bbd8b9f Gemini: configure CLI and update workstation/wsl inventory 2026-04-27 19:22:20 +02:00
Fabio Scotto di Santolo
950cbff85c Ansible: implement selective AI agent deployment across profiles 2026-04-27 19:17:18 +02:00
Fabio Scotto di Santolo
003679f499 Refactor: centralize AI instructions and opencode config into common dotfiles 2026-04-27 19:17:14 +02:00
Fabio Scotto di Santolo
ab294f4cb7 Add NTFS support to Void desktops 2026-04-27 08:37:56 +02:00
Fabio Scotto di Santolo
325a405012 Add Gemini CLI agent support with robust session parsing 2026-04-27 08:27:34 +02:00
Fabio Scotto di Santolo
c9fa536bb5 Add Gemini CLI to npm packages 2026-04-26 20:43:13 +02:00
Fabio Scotto di Santolo
a108957ba4 Add Codex CLI agent support to project launcher 2026-04-26 19:39:14 +02:00
Fabio Scotto di Santolo
0eba6aa9c8 Add OpenAI Codex CLI to npm packages 2026-04-26 16:11:43 +02:00
Fabio Scotto di Santolo
d036eee00a Move nordic-night-theme load into :config block 2026-04-26 15:58:01 +02:00
94 changed files with 1447 additions and 1858 deletions
Expand all files Collapse all files

16
.claude/settings.local.json Normal file
View File

@@ -0,0 +1,16 @@
{
"permissions": {
"allow": [
"Bash(xargs ls -la)",
"Bash(command -v pacman)",
"Bash(command -v paclist)",
"Bash(command -v pacinfo)",
"Bash(git -C /home/fscotto/AnsiblePlaybook add ansible/inventory/group_vars/arch.yml ansible/roles/services_systemd/tasks/main.yml)",
"Bash(git -C /home/fscotto/AnsiblePlaybook commit -m ' *)",
"Bash(git -C /home/fscotto/AnsiblePlaybook diff --stat)",
"Bash(git -C /home/fscotto/AnsiblePlaybook status --short)",
"Bash(git -C /home/fscotto/AnsiblePlaybook log --oneline --all -- ansible/inventory/host_vars/nymph.yml ansible/roles/profile_desktop_host/tasks/nymph.yml 'dotfiles/nymph/*')",
"Bash(git *)"
]
}
}

0
.codex Normal file
View File

29
AGENTS.md
View File

@@ -6,7 +6,9 @@ Ansible-driven personal infrastructure repo for Void desktops, Linux workstation
- Main orchestration: `ansible/site.yml`
- Inventory and layering inputs: `ansible/inventory/hosts.yml`, `ansible/inventory/group_vars/*.yml`, `ansible/inventory/host_vars/*.yml`
- Dotfiles live under `dotfiles/`
- OpenCode loads global instructions from `dotfiles/desktop/.config/opencode/opencode.json`
- AI agent instructions (bootstrap, rules, knowledge) are centralized in `dotfiles/common/.config/ai/` and shared between OpenCode, Codex, and Gemini CLI.
- OpenCode loads its entrypoint configuration from `dotfiles/common/.config/opencode/opencode.json`.
- Codex config is rendered from `dotfiles/common/.codex/config.toml.j2` so `model_instructions_file` points to the deployed `~/.config/ai/bootstrap.md`.
## Topology
- Void desktops: `ikaros`, `nymph`
@@ -38,8 +40,7 @@ Ansible-driven personal infrastructure repo for Void desktops, Linux workstation
- WSL dev: `ansible-playbook ansible/site.yml --limit deadalus-wsl --check --diff`
- Server: `ansible-playbook ansible/site.yml --limit prometheus --check --diff`
- Focused checks:
- Emacs dotfiles only: `ansible-playbook ansible/site.yml --limit ikaros --tags emacs --check --diff` or `--limit nymph --tags emacs --check --diff`
- Sway/Noctalia bootstrap on nymph: `ansible-playbook ansible/site.yml --limit nymph --tags packages,dotfiles:desktop,sway --check --diff`
- Emacs dotfiles only: `ansible-playbook ansible/site.yml --limit ikaros --tags emacs --check --diff` or `--limit nymph --tags emacs --check --diff`
- Mail bootstrap: `sh -n scripts/bootstrap_mail.sh` and `shellcheck scripts/bootstrap_mail.sh`
- Windows bootstrap parse: `pwsh -NoProfile -Command "[void][System.Management.Automation.Language.Parser]::ParseFile('scripts/bootstrap_windows_workstation.ps1', [ref]$null, [ref]$null)"`
- Server compose render: `docker compose -f /opt/docker/server/docker-compose.yml config`
@@ -52,19 +53,16 @@ Ansible-driven personal infrastructure repo for Void desktops, Linux workstation
- Put host-specific overrides in `host_vars`, not shared `group_vars`.
- Use `no_log: true` for secret-bearing task inputs or outputs.
## Desktop Void Notes
## Desktop Notes
- `profile_desktop_common` owns the shared desktop bootstrap.
- `.emacs.d` is deployed by a dedicated `profile_desktop_common` task tagged `emacs`.
- User services are managed by `turnstile` and live under `dotfiles/desktop/.config/service/`.
- `ssh-agent` runs under `turnstile` with stable socket `~/.local/state/ssh-agent/socket`.
- NTFS filesystem support is provided by `ntfs-3g` in `ansible/inventory/group_vars/void.yml`.
- Void user services are managed by `turnstile` and live under `dotfiles/desktop/.config/service/`.
- `ssh-agent` keeps the stable socket `~/.local/state/ssh-agent/socket`.
- Critical session entrypoints:
- `dotfiles/desktop/.xinitrc`
- `dotfiles/desktop/.local/bin/start-sway-session`
- Do not auto-restart `emptty` during playbook runs on active desktop hosts; restart it manually from another TTY/SSH session if needed.
- `profile_desktop_sway` owns the Sway session, Noctalia config rendering, and official plugin linking.
- Noctalia shared config lives in `dotfiles/desktop/.config/noctalia/`; bar monitors and `screenOverrides` come from inventory (`noctalia_bar_monitors`, `noctalia_screen_overrides`).
- On Sway hosts, `udiskie` is the backend for automount/LUKS but runs without tray; USB device UI is handled by `usb-drive-manager`.
- Do not re-introduce `network-manager-applet` or `blueman` on Sway hosts without an explicit host-specific reason.
- Do not auto-restart `emptty` during playbook runs on active Void desktop hosts; restart it manually from another TTY/SSH session if needed.
- `nymph` is an i3/X11 Void laptop with NVIDIA Optimus; host-specific tasks in `profile_desktop_host/tasks/nymph.yml` handle GRUB NVIDIA cmdline params, `prime-run` wrapper, and the WirePlumber camera priority config.
## Workstation / Windows Notes
- Native Linux workstation hosts can combine `workstation_host_linux` with an OS-specific dev group.
@@ -73,6 +71,13 @@ Ansible-driven personal infrastructure repo for Void desktops, Linux workstation
- `workstation_host_windows` runs with `gather_facts: false` and validates PSRP settings plus `windows_package_backend` before role execution.
- Windows taskbar pins are driven by `windows_taskbar_pins` in `ansible/inventory/group_vars/workstation_host_windows.yml`; validate identifiers from a real Windows session before changing them.
## Coding Agent Notes
- Shared agent packages live in `ai_agents_npm_packages` in `ansible/inventory/group_vars/all.yml`.
- Shared agent dotfiles live in `ai_agents_dotfiles`; rendered configs live in `ai_agents_templates`.
- Desktop, native workstation, and WSL profiles consume the shared agent package list; do not duplicate package entries in profile-specific vars.
- `dotfiles_common` copies common dotfiles plus `ai_agents_dotfiles`, then renders `ai_agents_templates`.
- Keep `.config/ai/` as the common instruction source; update agent-specific entrypoints to reference it rather than duplicating instruction text.
## Tooling Notes
- Install local tooling with:
- `python3 -m pip install ansible ansible-lint yamllint shellcheck-py`

702
README.md
View File

@@ -15,26 +15,29 @@ Il repository consente di gestire più sistemi operativi e profili macchina mant
# Architettura del progetto
```text
infra/
├── ansible/
│ ├── ansible.cfg
│ ├── site.yml
│ ├── inventory/
│ │ ├── hosts.yml
│ │ ├── group_vars/
│ │ └── host_vars/
│ ├── templates/
│ └── roles/
├── dotfiles/
│ ├── common/
│ ├── desktop/
│ ├── fedora/
│ ├── server/
│ ├── workstation/
│ ├── ikaros/
── nymph/
```text
infra/
├── ansible/
│ ├── ansible.cfg
│ ├── site.yml
│ ├── inventory/
│ │ ├── hosts.yml
│ │ ├── group_vars/
│ │ └── host_vars/
│ ├── templates/
│ └── roles/
├── dotfiles/
│ ├── common/
│ ├── desktop/
│ ├── fedora/
│ ├── ubuntu/
│ ├── server/
│ ├── workstation/
── workstation_host_linux/
│ ├── workstation_dev_wsl/
│ ├── ikaros/
│ └── nymph/
├── scripts/
├── secrets/
@@ -50,16 +53,16 @@ Il repository è diviso in due componenti principali:
---
# Macchine gestite
Il repository modella attualmente tre tipologie di profilo e prepara due filoni workstation: Linux nativa e Windows + WSL.
Nota sullo stato attuale del playbook principale:
- `ansible/site.yml` applica oggi in automatico il profilo desktop su host Void Linux
- `ansible/site.yml` applica la workstation Linux nativa separando il layer dev comune dal layer host GNOME
- `ansible/site.yml` applica anche il ramo `workstation_host_windows` + `workstation_dev_wsl` per il modello Windows 11 + WSL
- `ansible/site.yml` applica anche il profilo `ubuntu_server` con baseline apt, systemd, dotfiles server e firewall UFW
# Macchine gestite
Il repository modella attualmente tre tipologie di profilo e prepara due filoni workstation: Linux nativa e Windows + WSL.
Nota sullo stato attuale del playbook principale:
- `ansible/site.yml` applica oggi in automatico il profilo desktop su host Void Linux
- `ansible/site.yml` applica la workstation Linux nativa separando il layer dev comune dal layer host GNOME
- `ansible/site.yml` applica anche il ramo `workstation_host_windows` + `workstation_dev_wsl` per il modello Windows 11 + WSL
- `ansible/site.yml` applica anche il profilo `ubuntu_server` con baseline apt, systemd, dotfiles server e firewall UFW
## Desktop
@@ -67,23 +70,23 @@ Sistema operativo:
- Void Linux
Sessioni desktop:
- `ikaros`: i3
- `nymph`: SwayFX
Sessioni desktop:
- `ikaros`: i3
- `nymph`: i3
Macchine:
- `ikaros`
- `nymph`
Queste macchine condividono la stessa configurazione base desktop e vengono mantenute allineate tramite Ansible.
Queste macchine condividono la stessa configurazione base desktop e vengono mantenute allineate tramite Ansible.
Lo stato attuale del profilo desktop include, tra le altre cose:
- dotfiles comuni e desktop
- sessione i3 su `ikaros` e sessione Sway su `nymph`
- `emptty` con default host-specific per il desktop attivo su ogni host
- sessione i3 su entrambi gli host
- `emptty` con default host-specific per il desktop attivo, con `XORG_SESSIONS_PATH` puntato a `/etc/emptty/xsessions` per esporre solo le sessioni esplicitamente whitelistate
- pacchetti Void Linux e servizi runit
- `turnstile` per i servizi utente, inclusi `emacs` e `ssh-agent`
- `ssh-agent` con socket stabile condiviso tra shell, SSH ed Emacs in `~/.local/state/ssh-agent/socket`
@@ -91,87 +94,86 @@ Lo stato attuale del profilo desktop include, tra le altre cose:
- `tmux` con plugin gestiti da TPM al bootstrap del profilo desktop
- Flatpak con remoto Flathub
- GNOME Keyring e bootstrap della posta via script dedicato
- shell Noctalia su Sway su `nymph`, con plugin ufficiali per clipboard (`clipper`), polkit (`polkit-agent`), screenshot (`screenshot`) e gestione USB (`usb-drive-manager`); config condivisa in `dotfiles/desktop/.config/noctalia/` e `settings.json` renderizzato da template Ansible con variabili host-specifiche
- `udiskie` come backend per automount/LUKS su Sway, senza tray; la UI dei dispositivi removibili è demandata a `usb-drive-manager`
- `kanshi` su `nymph` per il profilo monitor Wayland, con workspace Sway deterministici: in dual monitor `1` resta su `eDP-1` e `2-10` vanno su `DP-1`, mentre in laptop-only tutti tornano su `eDP-1`
- monitor Noctalia e `screenOverrides` dichiarati in inventory (`noctalia_bar_monitors`, `noctalia_screen_overrides`) per host `nymph`
- `udiskie` come backend per automount/LUKS
- `autorandr` per profili monitor host-specifici (`nymph` ha profili `dual` e `solo`)
- override NVIDIA Optimus su `nymph`: parametri kernel GRUB iniettati in modo idempotente in `GRUB_CMDLINE_LINUX`, wrapper `prime-run` e config WirePlumber per priorità telecamera
---
## Workstation
## Workstation
Sistemi operativi supportati:
- Ubuntu LTS nativa
- Fedora Workstation nativa
- Windows 11 host + Ubuntu WSL
Sistemi operativi supportati:
Desktop environment host Linux:
- GNOME
Macchine attuali:
- `deadalus-ubuntu` come workstation Ubuntu nativa
- `deadalus-fedora` come workstation Fedora nativa
- supporto attivo per host Windows 11 + WSL tramite `deadalus-win` e `deadalus-wsl`
Questo profilo è pensato per sviluppo e lavoro, con separazione tra layer host e layer dev.
Nel modello Ansible usato qui, un singolo inventory host puo appartenere intenzionalmente a piu gruppi e quindi ricevere piu play nello stesso run: l'associazione non e `1 host = 1 play`, ma `host + gruppi = layering finale`.
Il profilo workstation e agganciato al playbook principale e ora distingue:
- layer dev Ubuntu condiviso tra workstation Linux nativa e Ubuntu in WSL
- layer dev Fedora nativo parallelo a Ubuntu
- layer host Linux GNOME
- layer host Windows 11 con bootstrap WSL, remoting `PSRP` su `HTTPS/5986`, gestione app via `winget` con backend configurabile e VS Code lato Windows
- layer WSL dedicato per sviluppo con `systemd`
Per esempio, lo stesso host Linux puo stare in `workstation_host_linux` e in `workstation_dev_fedora` oppure `workstation_dev_ubuntu`, a seconda del layering che vuoi comporre.
Lo stato attuale del profilo workstation include:
- installazione pacchetti base Ubuntu via apt
- installazione pacchetti base Fedora via dnf per il ramo workstation nativo
- installazione e configurazione di Docker dal repository ufficiale
- gestione dei dotfiles workstation e rendering dei template dev condivisi
- installazione di Google Chrome su Ubuntu e Fedora, `VS Code` su Fedora via repository RPM Microsoft, `IntelliJ IDEA Ultimate` su Fedora via COPR RPM, e applicazioni workstation residue su Fedora via Flatpak
- installazione di applicazioni workstation su Ubuntu nativa via Snap, oltre alle estensioni GNOME sul solo host Linux nativo
- configurazione del ramo Windows 11 host con app installate dal playbook via `winget`, con backend predefinito `winget_psrp`, tema scuro, pin della taskbar gestiti via policy locale e profilo predefinito di Windows Terminal impostato su `Ubuntu`
- preparazione del ramo WSL Ubuntu con `systemd` per il toolchain di sviluppo
- attivazione del firewall UFW su Ubuntu nativa e `firewalld` su Fedora nativa
- gestione di `gsettings` GNOME host-specifici su `deadalus-fedora`, inclusi shell, Files/Nautilus, file chooser GTK e GNOME Text Editor, allineati allo stato reale della macchina
Workflow Windows + WSL previsto:
Prima di eseguire il bootstrap Windows, apri PowerShell come amministratore e verifica la policy di esecuzione:
```powershell
Get-ExecutionPolicy -List
```
Se necessario, abilita l'esecuzione degli script per l'utente corrente:
```powershell
Set-ExecutionPolicy -Scope CurrentUser RemoteSigned
```
Se Windows ha bloccato il file di bootstrap, sbloccalo esplicitamente:
```powershell
Unblock-File .\scripts\bootstrap_windows_workstation.ps1
```
1. eseguire `scripts/bootstrap_windows_workstation.ps1` su Windows come amministratore
2. riavviare Windows se richiesto dalle feature WSL
3. avviare Ubuntu WSL almeno una volta e completare la creazione dell'utente Linux
4. installare Ansible dentro WSL Ubuntu
5. lanciare il playbook da WSL su `deadalus-wsl` per configurare l'ambiente dev locale
6. lanciare da WSL anche il playbook su `deadalus-win` via `psrp` per configurare l'host Windows; per default il backend pacchetti Windows e `winget_psrp`
7. usare VS Code con le estensioni Remote (`WSL`, `SSH`, `Dev Containers`) dal lato Windows
Per il remoting Windows il repository usa di default `PSRP` con `Negotiate` su `HTTPS/5986`. L'utente di default puo essere un `MicrosoftAccount\...`, con host, utente e password forniti via vault o extra vars. Il backend pacchetti Windows e configurabile con `windows_package_backend` oppure `vault_windows_package_backend`; il default e `winget_psrp`.
- Ubuntu LTS nativa
- Fedora Workstation nativa
- Windows 11 host + Ubuntu WSL
Desktop environment host Linux:
- GNOME
Macchine attuali:
- `deadalus-ubuntu` come workstation Ubuntu nativa
- `deadalus-fedora` come workstation Fedora nativa
- supporto attivo per host Windows 11 + WSL tramite `deadalus-win` e `deadalus-wsl`
Questo profilo è pensato per sviluppo e lavoro, con separazione tra layer host e layer dev.
Nel modello Ansible usato qui, un singolo inventory host puo appartenere intenzionalmente a piu gruppi e quindi ricevere piu play nello stesso run: l'associazione non e `1 host = 1 play`, ma `host + gruppi = layering finale`.
Il profilo workstation e agganciato al playbook principale e ora distingue:
- layer dev Ubuntu condiviso tra workstation Linux nativa e Ubuntu in WSL
- layer dev Fedora nativo parallelo a Ubuntu
- layer host Linux GNOME
- layer host Windows 11 con bootstrap WSL, remoting `PSRP` su `HTTPS/5986`, gestione app via `winget` con backend configurabile e VS Code lato Windows
- layer WSL dedicato per sviluppo con `systemd`
Per esempio, lo stesso host Linux puo stare in `workstation_host_linux` e in `workstation_dev_fedora` oppure `workstation_dev_ubuntu`, a seconda del layering che vuoi comporre.
Lo stato attuale del profilo workstation include:
- installazione pacchetti base Ubuntu via apt
- installazione pacchetti base Fedora via dnf per il ramo workstation nativo
- installazione e configurazione di Docker dal repository ufficiale
- gestione dei dotfiles workstation e rendering dei template dev condivisi
- installazione di Google Chrome su Ubuntu e Fedora, `VS Code` su Fedora via repository RPM Microsoft, `IntelliJ IDEA Ultimate` su Fedora via COPR RPM, e applicazioni workstation residue su Fedora via Flatpak
- installazione di applicazioni workstation su Ubuntu nativa via Snap, oltre alle estensioni GNOME sul solo host Linux nativo
- configurazione del ramo Windows 11 host con app installate dal playbook via `winget`, con backend predefinito `winget_psrp`, tema scuro, pin della taskbar gestiti via policy locale e profilo predefinito di Windows Terminal impostato su `Ubuntu`
- preparazione del ramo WSL Ubuntu con `systemd` per il toolchain di sviluppo
- attivazione del firewall UFW su Ubuntu nativa e `firewalld` su Fedora nativa
- gestione di `gsettings` GNOME host-specifici su `deadalus-fedora`, inclusi shell, Files/Nautilus, file chooser GTK e GNOME Text Editor, allineati allo stato reale della macchina
Workflow Windows + WSL previsto:
Prima di eseguire il bootstrap Windows, apri PowerShell come amministratore e verifica la policy di esecuzione:
```powershell
Get-ExecutionPolicy -List
```
Se necessario, abilita l'esecuzione degli script per l'utente corrente:
```powershell
Set-ExecutionPolicy -Scope CurrentUser RemoteSigned
```
Se Windows ha bloccato il file di bootstrap, sbloccalo esplicitamente:
```powershell
Unblock-File .\scripts\bootstrap_windows_workstation.ps1
```
1. eseguire `scripts/bootstrap_windows_workstation.ps1` su Windows come amministratore
2. riavviare Windows se richiesto dalle feature WSL
3. avviare Ubuntu WSL almeno una volta e completare la creazione dell'utente Linux
4. installare Ansible dentro WSL Ubuntu
5. lanciare il playbook da WSL su `deadalus-wsl` per configurare l'ambiente dev locale
6. lanciare da WSL anche il playbook su `deadalus-win` via `psrp` per configurare l'host Windows; per default il backend pacchetti Windows e `winget_psrp`
7. usare VS Code con le estensioni Remote (`WSL`, `SSH`, `Dev Containers`) dal lato Windows
Per il remoting Windows il repository usa di default `PSRP` con `Negotiate` su `HTTPS/5986`. L'utente di default puo essere un `MicrosoftAccount\...`, con host, utente e password forniti via vault o extra vars. Il backend pacchetti Windows e configurabile con `windows_package_backend` oppure `vault_windows_package_backend`; il default e `winget_psrp`.
---
@@ -189,43 +191,43 @@ Macchina:
- `prometheus`
Profilo orientato a servizi server e gestione di dotfiles dedicati.
Lo stato attuale del profilo server include:
- installazione pacchetti base Ubuntu via apt
- installazione e configurazione di Docker dal repository ufficiale
- abilitazione dei servizi systemd dichiarati in inventory/group vars
- copia dei dotfiles server e rendering dei template server, incluso il `docker-compose.yml` dello stack servizi
- attivazione del firewall UFW con regola SSH esplicita
- apertura delle porte Syncthing `22000/tcp`, `22000/udp` e `21027/udp`, lasciando la GUI non esposta direttamente su UFW
Utente del profilo server:
- il profilo usa `server_username`, `server_user_group` e `server_user_home` definiti in `ansible/inventory/group_vars/server.yml`
- per default `server_username` eredita `username`, ma puo essere sovrascritto per tutti gli host server via inventory oppure a runtime con extra vars
- esempio override da CLI:
```bash
ansible-playbook ansible/site.yml --limit prometheus -e server_username=myuser
```
- se necessario puoi passare anche:
```bash
ansible-playbook ansible/site.yml --limit prometheus -e server_username=myuser -e server_user_group=mygroup -e server_user_home=/srv/myuser
```
Profilo orientato a servizi server e gestione di dotfiles dedicati.
Lo stato attuale del profilo server include:
- installazione pacchetti base Ubuntu via apt
- installazione e configurazione di Docker dal repository ufficiale
- abilitazione dei servizi systemd dichiarati in inventory/group vars
- copia dei dotfiles server e rendering dei template server, incluso il `docker-compose.yml` dello stack servizi
- attivazione del firewall UFW con regola SSH esplicita
- apertura delle porte Syncthing `22000/tcp`, `22000/udp` e `21027/udp`, lasciando la GUI non esposta direttamente su UFW
Utente del profilo server:
- il profilo usa `server_username`, `server_user_group` e `server_user_home` definiti in `ansible/inventory/group_vars/server.yml`
- per default `server_username` eredita `username`, ma puo essere sovrascritto per tutti gli host server via inventory oppure a runtime con extra vars
- esempio override da CLI:
```bash
ansible-playbook ansible/site.yml --limit prometheus -e server_username=myuser
```
- se necessario puoi passare anche:
```bash
ansible-playbook ansible/site.yml --limit prometheus -e server_username=myuser -e server_user_group=mygroup -e server_user_home=/srv/myuser
```
---
# Composizione della configurazione
Deploy mirato della configurazione Emacs sui desktop Void:
```bash
ansible-playbook ansible/site.yml --limit ikaros --tags emacs
ansible-playbook ansible/site.yml --limit nymph --tags emacs
```
# Composizione della configurazione
Deploy mirato della configurazione Emacs sui desktop Void:
```bash
ansible-playbook ansible/site.yml --limit ikaros --tags emacs
ansible-playbook ansible/site.yml --limit nymph --tags emacs
```
La configurazione finale di una macchina è ottenuta combinando più livelli.
@@ -258,67 +260,69 @@ Questo approccio consente di:
# Ruoli Ansible
I principali ruoli attualmente presenti sono:
I principali ruoli attualmente presenti sono:
| Role | Descrizione |
| ------------------------- | ----------------------------------- |
| base | configurazione base comune |
| packages_void | installazione pacchetti su Void |
| packages_ubuntu | installazione pacchetti su Ubuntu |
| packages_fedora | installazione pacchetti su Fedora |
| services_runit | gestione servizi runit |
| services_systemd | gestione servizi systemd |
| profile_desktop_common | bootstrap desktop Void condiviso |
| profile_desktop_i3 | sessione desktop i3 |
| profile_desktop_sway | sessione desktop Sway |
| profile_desktop_host | override desktop specifici per host |
| profile_workstation_dev_common | configurazione dev workstation condivisa |
| profile_workstation_gnome | configurazione host workstation GNOME |
| profile_workstation_dev_wsl | configurazione WSL Ubuntu per sviluppo |
| profile_workstation_host_windows | configurazione host Windows 11 workstation |
| profile_server | configurazione server |
| dotfiles_common | distribuzione dotfiles comuni |
| dotfiles | distribuzione configurazioni utente |
---
# Stato attuale del playbook principale
Il playbook `ansible/site.yml` e attualmente composto da sette blocchi:
```text
all:!workstation_host_windows -> dotfiles_common
void -> packages_void + services_runit + profile_desktop_common + profile_desktop_i3 + profile_desktop_sway + profile_desktop_host
workstation_dev_ubuntu -> packages_ubuntu + services_systemd + profile_workstation_dev_common
workstation_dev_fedora -> packages_fedora + services_systemd + profile_workstation_dev_common
workstation_host_linux -> profile_workstation_gnome
workstation_dev_wsl -> packages_ubuntu + services_systemd + profile_workstation_dev_common + profile_workstation_dev_wsl
workstation_host_windows -> profile_workstation_host_windows
ubuntu_server -> packages_ubuntu + services_systemd + profile_server
```
Questo significa che, allo stato attuale:
- i desktop Void (`ikaros`, `nymph`) restano il target operativo piu completo
- la workstation Ubuntu (`deadalus-ubuntu`) e gestita separando ambiente dev e layer host GNOME
- la workstation Fedora (`deadalus-fedora`) usa lo stesso principio di composizione a gruppi con il ramo Fedora dedicato e con `gsettings` host-specifici dichiarati in inventory
- il ramo Windows + WSL e predisposto con bootstrap PowerShell e play Windows/WSL dedicati
- il server Ubuntu (`prometheus`) e gestito con pacchetti, servizi, dotfiles server e firewall
- lo stack container server include `navidrome`, `postgres`, `gitea`, `nginx-proxy-manager` e `syncthing`, con GUI Syncthing raggiungibile tramite la rete Docker `web`
# Dotfiles
| base | configurazione base comune |
| packages_void | installazione pacchetti su Void |
| packages_ubuntu | installazione pacchetti su Ubuntu |
| packages_fedora | installazione pacchetti su Fedora |
| services_runit | gestione servizi runit |
| services_systemd | gestione servizi systemd |
| profile_desktop_common | bootstrap desktop Void condiviso |
| profile_desktop_i3 | sessione desktop i3 |
| profile_desktop_host | override desktop specifici per host |
| profile_workstation_dev_common | configurazione dev workstation condivisa |
| profile_workstation_gnome | configurazione host workstation GNOME |
| profile_workstation_dev_wsl | configurazione WSL Ubuntu per sviluppo |
| profile_workstation_host_windows | configurazione host Windows 11 workstation |
| profile_server | configurazione server |
| dotfiles_common | distribuzione dotfiles comuni |
| dotfiles | distribuzione configurazioni utente |
---
# Stato attuale del playbook principale
Il playbook `ansible/site.yml` e attualmente composto da sette blocchi:
```text
all:!workstation_host_windows -> dotfiles_common
void -> packages_void + services_runit + profile_desktop_common + profile_desktop_i3 + profile_desktop_host
workstation_dev_ubuntu -> packages_ubuntu + services_systemd + profile_workstation_dev_common
workstation_dev_fedora -> packages_fedora + services_systemd + profile_workstation_dev_common
workstation_host_linux -> profile_workstation_gnome
workstation_dev_wsl -> packages_ubuntu + services_systemd + profile_workstation_dev_common + profile_workstation_dev_wsl
workstation_host_windows -> profile_workstation_host_windows
ubuntu_server -> packages_ubuntu + services_systemd + profile_server
```
Questo significa che, allo stato attuale:
- i desktop Void (`ikaros`, `nymph`) restano il target operativo piu completo
- la workstation Ubuntu (`deadalus-ubuntu`) e gestita separando ambiente dev e layer host GNOME
- la workstation Fedora (`deadalus-fedora`) usa lo stesso principio di composizione a gruppi con il ramo Fedora dedicato e con `gsettings` host-specifici dichiarati in inventory
- il ramo Windows + WSL e predisposto con bootstrap PowerShell e play Windows/WSL dedicati
- il server Ubuntu (`prometheus`) e gestito con pacchetti, servizi, dotfiles server e firewall
- lo stack container server include `navidrome`, `postgres`, `gitea`, `nginx-proxy-manager` e `syncthing`, con GUI Syncthing raggiungibile tramite la rete Docker `web`
# Dotfiles
La directory `dotfiles/` contiene le configurazioni utente versionate.
```text
dotfiles/
├── common
├── desktop
├── server
├── fedora
├── workstation
├── ikaros
── nymph
```text
dotfiles/
├── common
├── desktop
├── server
├── fedora
├── ubuntu
├── workstation
── workstation_host_linux
├── workstation_dev_wsl
├── ikaros
└── nymph
```
Le configurazioni sono applicate tramite Ansible e organizzate per livelli:
@@ -333,153 +337,153 @@ Le configurazioni sono applicate tramite Ansible e organizzate per livelli:
# Requisiti
Per utilizzare il repository sono necessari:
- Python 3
- Ansible
- `ansible-lint`
- `yamllint`
- `shellcheck`
- collection definite in `ansible/collections/requirements.yml`
- accesso locale o SSH alle macchine target, in base a come e definito l'inventory
Installazione base:
```bash
python3 -m pip install ansible ansible-lint yamllint shellcheck-py
ansible-galaxy collection install -r ansible/collections/requirements.yml
```
Gestione segreti:
- il repository supporta il caricamento opzionale di `secrets/vault.yml`
- il repository supporta anche `secrets/vault.local.yml` per override locali non versionati
- `secrets/vault.yml.example` funge da template/esempio
- se `secrets/vault.yml` non e presente, il playbook continua comunque senza caricare variabili locali opzionali
- se `secrets/.vault_pass.gpg` esiste viene usato automaticamente per sbloccare i vault tramite `gpg`; in alternativa resta supportato `secrets/.vault_pass` come fallback legacy locale; se nessuno dei due file esiste Ansible richiede la password in modo interattivo
- per il ramo Windows puoi anche definire `vault_windows_package_backend`, con valori supportati `winget_psrp` e `winget_wsl_local`; il default e `winget_psrp`
Per utilizzare il repository sono necessari:
- Python 3
- Ansible
- `ansible-lint`
- `yamllint`
- `shellcheck`
- collection definite in `ansible/collections/requirements.yml`
- accesso locale o SSH alle macchine target, in base a come e definito l'inventory
Installazione base:
```bash
python3 -m pip install ansible ansible-lint yamllint shellcheck-py
ansible-galaxy collection install -r ansible/collections/requirements.yml
```
Gestione segreti:
- il repository supporta il caricamento opzionale di `secrets/vault.yml`
- il repository supporta anche `secrets/vault.local.yml` per override locali non versionati
- `secrets/vault.yml.example` funge da template/esempio
- se `secrets/vault.yml` non e presente, il playbook continua comunque senza caricare variabili locali opzionali
- se `secrets/.vault_pass.gpg` esiste viene usato automaticamente per sbloccare i vault tramite `gpg`; in alternativa resta supportato `secrets/.vault_pass` come fallback legacy locale; se nessuno dei due file esiste Ansible richiede la password in modo interattivo
- per il ramo Windows puoi anche definire `vault_windows_package_backend`, con valori supportati `winget_psrp` e `winget_wsl_local`; il default e `winget_psrp`
---
# Utilizzo
Eseguire il playbook principale:
```bash
ansible-playbook ansible/site.yml
```
Allo stato attuale questo comando:
- distribuisce i dotfiles comuni a tutti gli host
- per gli host Void applica bootstrap desktop condiviso, sessioni i3/Sway e override specifici per host
- per `workstation_dev_ubuntu` applica pacchetti Ubuntu, servizi systemd e profilo dev comune
- per `workstation_dev_fedora` applica pacchetti Fedora, servizi systemd e profilo dev comune
- per `workstation_host_linux` applica il layer host Linux GNOME
- per `workstation_dev_wsl` applica pacchetti Ubuntu, servizi systemd, profilo dev comune e tweak WSL dedicati
- per `workstation_host_windows` applica il layer host Windows 11 via PSRP, con installazione pacchetti Windows eseguita di default tramite `winget_psrp`
- per gli host `ubuntu_server` applica pacchetti Ubuntu, servizi systemd, profilo server, UFW, dotfiles e template dedicati
- non riavvia automaticamente `emptty`; le modifiche al display manager vanno applicate manualmente da SSH o da una TTY separata
- carica `secrets/vault.yml` solo se presente
- carica `secrets/vault.local.yml` solo se presente, dopo `vault.yml`, cosi gli override locali hanno precedenza
Per validare prima di applicare:
```bash
ansible-playbook ansible/site.yml --syntax-check
ansible-playbook ansible/site.yml --limit ikaros --check --diff
ansible-playbook ansible/site.yml --limit nymph --check --diff
ansible-playbook ansible/site.yml --limit deadalus-ubuntu --check --diff
ansible-playbook ansible/site.yml --limit deadalus-fedora --check --diff
ansible-playbook ansible/site.yml --limit deadalus-wsl --check --diff
ansible-playbook ansible/site.yml --limit prometheus --check --diff
ansible-lint ansible/site.yml
ansible-lint ansible/roles
yamllint ansible/
```
Per testare un override dell'utente server senza modificare l'inventory:
```bash
ansible-playbook ansible/site.yml --limit prometheus --check --diff -e server_username=myuser
```
Per validazioni piu mirate:
```bash
ansible-playbook ansible/site.yml --limit <host> --tags <tag1>,<tag2> --check --diff
ansible-playbook ansible/site.yml --limit <host> --start-at-task "<task name>" --check --diff
ansible-lint ansible/roles/<role>
yamllint ansible/path/to/file.yml
docker compose -f /opt/docker/server/docker-compose.yml config
```
## Tag supportati dal playbook
Per vedere l'elenco reale aggiornato dei tag disponibili:
```bash
ansible-playbook ansible/site.yml --list-tags
```
Allo stato attuale `ansible/site.yml` espone questi tag:
| Tag | Scopo | Ambito principale |
| --- | --- | --- |
| `always` | pre-task sempre eseguiti, inclusi caricamento vault e validazioni preliminari | common, Windows |
| `dotfiles` | distribuzione/configurazione dotfiles | tutti i profili |
| `dotfiles:common` | dotfiles comuni condivisi | common, workstation, server |
| `dotfiles:desktop` | dotfiles desktop | desktop Void |
| `dotfiles:host` | override host-specifici desktop | desktop Void |
| `dotfiles:server` | dotfiles dedicati al profilo server | server |
| `dotfiles:workstation` | dotfiles dedicati alle workstation | workstation Linux, WSL |
| `emptty` | gestione display manager `emptty` | desktop Void |
| `gnome` | configurazione host GNOME | workstation host Linux, parte desktop |
| `i3` | sessione/configurazione i3 | desktop Void |
| `nvidia` | componenti NVIDIA desktop | desktop Void |
| `packages` | installazione e aggiornamento pacchetti | tutti i profili |
| `services` | gestione servizi runit/systemd/Windows | tutti i profili |
| `sway` | sessione/configurazione Sway | desktop Void |
| `vscode` | installazione/configurazione VS Code | Fedora, host Linux, Windows |
| `wsl` | bootstrap e configurazione WSL | WSL, Windows |
Esempi pratici:
```bash
ansible-playbook ansible/site.yml --limit nymph --tags dotfiles:desktop,sway --check --diff
ansible-playbook ansible/site.yml --limit deadalus-fedora --tags packages,vscode --check --diff
ansible-playbook ansible/site.yml --limit prometheus --tags services,dotfiles:server --check --diff
```
---
Eseguire il playbook principale:
```bash
ansible-playbook ansible/site.yml
```
Allo stato attuale questo comando:
- distribuisce i dotfiles comuni a tutti gli host
- per gli host Void applica bootstrap desktop condiviso, sessione i3 e override specifici per host
- per `workstation_dev_ubuntu` applica pacchetti Ubuntu, servizi systemd e profilo dev comune
- per `workstation_dev_fedora` applica pacchetti Fedora, servizi systemd e profilo dev comune
- per `workstation_host_linux` applica il layer host Linux GNOME
- per `workstation_dev_wsl` applica pacchetti Ubuntu, servizi systemd, profilo dev comune e tweak WSL dedicati
- per `workstation_host_windows` applica il layer host Windows 11 via PSRP, con installazione pacchetti Windows eseguita di default tramite `winget_psrp`
- per gli host `ubuntu_server` applica pacchetti Ubuntu, servizi systemd, profilo server, UFW, dotfiles e template dedicati
- non riavvia automaticamente `emptty`; le modifiche al display manager vanno applicate manualmente da SSH o da una TTY separata
- carica `secrets/vault.yml` solo se presente
- carica `secrets/vault.local.yml` solo se presente, dopo `vault.yml`, cosi gli override locali hanno precedenza
Per validare prima di applicare:
```bash
ansible-playbook ansible/site.yml --syntax-check
ansible-playbook ansible/site.yml --limit ikaros --check --diff
ansible-playbook ansible/site.yml --limit nymph --check --diff
ansible-playbook ansible/site.yml --limit deadalus-ubuntu --check --diff
ansible-playbook ansible/site.yml --limit deadalus-fedora --check --diff
ansible-playbook ansible/site.yml --limit deadalus-wsl --check --diff
ansible-playbook ansible/site.yml --limit prometheus --check --diff
ansible-lint ansible/site.yml
ansible-lint ansible/roles
yamllint ansible/
```
Per testare un override dell'utente server senza modificare l'inventory:
```bash
ansible-playbook ansible/site.yml --limit prometheus --check --diff -e server_username=myuser
```
Per validazioni piu mirate:
```bash
ansible-playbook ansible/site.yml --limit <host> --tags <tag1>,<tag2> --check --diff
ansible-playbook ansible/site.yml --limit <host> --start-at-task "<task name>" --check --diff
ansible-lint ansible/roles/<role>
yamllint ansible/path/to/file.yml
docker compose -f /opt/docker/server/docker-compose.yml config
```
## Tag supportati dal playbook
Per vedere l'elenco reale aggiornato dei tag disponibili:
```bash
ansible-playbook ansible/site.yml --list-tags
```
Allo stato attuale `ansible/site.yml` espone questi tag:
| Tag | Scopo | Ambito principale |
| --- | --- | --- |
| `always` | pre-task sempre eseguiti, inclusi caricamento vault e validazioni preliminari | common, Windows |
| `dotfiles` | distribuzione/configurazione dotfiles | tutti i profili |
| `dotfiles:common` | dotfiles comuni condivisi | common, workstation, server |
| `dotfiles:desktop` | dotfiles desktop | desktop Void |
| `dotfiles:host` | override host-specifici desktop | desktop Void |
| `dotfiles:server` | dotfiles dedicati al profilo server | server |
| `dotfiles:workstation` | dotfiles dedicati alle workstation | workstation Linux, WSL |
| `emptty` | gestione display manager `emptty` | desktop Void |
| `gnome` | configurazione host GNOME | workstation host Linux, parte desktop |
| `i3` | sessione/configurazione i3 | desktop Void |
| `npm` | installazione pacchetti npm globali | desktop Void, workstation Linux, WSL |
| `nvidia` | componenti NVIDIA desktop | desktop Void |
| `packages` | installazione e aggiornamento pacchetti | tutti i profili |
| `services` | gestione servizi runit/systemd/Windows | tutti i profili |
| `vscode` | installazione/configurazione VS Code | Fedora, host Linux, Windows |
| `wsl` | bootstrap e configurazione WSL | WSL, Windows |
Esempi pratici:
```bash
ansible-playbook ansible/site.yml --limit nymph --tags dotfiles:desktop,i3 --check --diff
ansible-playbook ansible/site.yml --limit deadalus-fedora --tags packages,vscode --check --diff
ansible-playbook ansible/site.yml --limit prometheus --tags services,dotfiles:server --check --diff
```
---
# Bootstrap di una nuova macchina
Una nuova macchina può essere inizializzata con i seguenti passaggi:
```bash
git clone <repo>
cd <repo-dir>
ansible-galaxy collection install -r ansible/collections/requirements.yml
ansible-playbook ansible/site.yml
```
Dopo l'esecuzione del playbook la macchina verra configurata secondo il profilo definito e i ruoli attualmente orchestrati.
Per il flusso mail desktop esiste inoltre uno script dedicato:
```bash
scripts/bootstrap_mail.sh
```
Lo script si occupa del bootstrap dei secret nel keyring, del primo sync con `mbsync` e dell'inizializzazione di `mu` usando la configurazione mail generata dai template.
Se modifichi questo script, valida almeno con:
```bash
sh -n scripts/bootstrap_mail.sh
shellcheck scripts/bootstrap_mail.sh
```
Una nuova macchina può essere inizializzata con i seguenti passaggi:
```bash
git clone <repo>
cd <repo-dir>
ansible-galaxy collection install -r ansible/collections/requirements.yml
ansible-playbook ansible/site.yml
```
Dopo l'esecuzione del playbook la macchina verra configurata secondo il profilo definito e i ruoli attualmente orchestrati.
Per il flusso mail desktop esiste inoltre uno script dedicato:
```bash
scripts/bootstrap_mail.sh
```
Lo script si occupa del bootstrap dei secret nel keyring, del primo sync con `mbsync` e dell'inizializzazione di `mu` usando la configurazione mail generata dai template.
Se modifichi questo script, valida almeno con:
```bash
sh -n scripts/bootstrap_mail.sh
shellcheck scripts/bootstrap_mail.sh
```
---
@@ -499,13 +503,13 @@ Questo consente di ricreare qualsiasi macchina partendo esclusivamente dal repos
# Roadmap
Possibili evoluzioni future:
- hardening sicurezza server
- configurazione backup
- testing automatico playbook
- integrazione CI
- supporto ad altre distribuzioni Linux
Possibili evoluzioni future:
- hardening sicurezza server
- configurazione backup
- testing automatico playbook
- integrazione CI
- supporto ad altre distribuzioni Linux
---

38
ansible/inventory/group_vars/all.yml
View File

@@ -50,6 +50,42 @@ common_dotfiles:
dest: .vimrc
mode: "0644"
- name: bat config
src: .config/bat/.config/bat/
src: .config/bat/
dest: .config/bat/
mode: preserve
ai_agents_npm_packages:
- name: "opencode-ai"
state: latest
- name: "@anthropic-ai/claude-code"
state: latest
- name: "@openai/codex"
state: latest
- name: "@google/gemini-cli"
state: latest
ai_agents_enabled: true
ai_agents_dotfiles:
- name: AI common config
src: .config/ai/
dest: .config/ai/
mode: preserve
- name: Gemini CLI config
src: .gemini/
dest: .gemini/
mode: preserve
- name: OpenCode config
src: .config/opencode/
dest: .config/opencode/
mode: preserve
- name: Claude Code memory
src: .claude/
dest: .claude/
mode: preserve
ai_agents_templates:
- name: Codex config
src: .codex/config.toml.j2
dest: .codex/config.toml
mode: "0644"

235
ansible/inventory/group_vars/desktop.yml
View File

@@ -6,131 +6,13 @@ desktop_sessions_enabled:
desktop_default_session: i3
desktop_default_session_env: xorg
desktop_restart_emptty_automatically: false
desktop_emptty_session_error_logging: disabled
desktop_common_packages:
- brightnessctl
- dex
- emptty
- pinentry-emacs
- pinentry-gtk
- turnstile
- udiskie
- xdg-desktop-portal
- xdg-desktop-portal-gtk
- xdg-user-dirs
desktop_i3_packages:
- arandr
- autorandr
- feh
- i3
- i3blocks
- i3blocks-blocklets
- i3lock-color
- i3status
- dunst
- network-manager-applet
- rofi
- scrot
- setxkbmap
- blueman
- volumeicon
- xclip
- xfce-polkit
- xfce4-clipman-plugin
- xfce4-screenshooter
- xkbutils
- xorg-fonts
- xorg-minimal
- xss-lock
desktop_sway_packages:
- grim
- kanshi
- slurp
- swayfx
- wl-clipboard
- xdg-desktop-portal-wlr
profile_packages:
- alacritty
- bluez
- bridge-utils
- ctags
- firefox
- deluge-gtk
- dnsmasq
- emacs-gtk3
- poppler-glib
- poppler-utils
- exo
- fontconfig-devel
- freetype-devel
- gvfs-cdda
- gvfs-mtp
- gvfs-smb
- gufw
- libvirt
- libspa-bluetooth
- libreoffice
- liberation-fonts-ttf
- libvterm-devel
- libX11-devel
- libXft-devel
- meld
- mpv
- nerd-fonts-ttf
- nerd-fonts-symbols-ttf
- pdfarranger
- playerctl
- qemu
- qemu-firmware
- qemu-img
- qemu-tools
- remmina
- ripgrep
- rustup
- ristretto
- rsync
- shotwell
- ruff
- terminus-font
- texlive
- ty
- tumbler
- uv
- Thunar
- thunar-archive-plugin
- thunar-volman
- ffmpegthumbnailer
- virt-manager
- virt-manager-tools
- wireplumber
- xarchiver
- xournalpp
- yaru
- yaru-plus
- zstd
desktop_source_tools:
- name: st
repo: https://codeberg.org/fscotto/st
build_cmd: make
binary_name: st
install_name: st
- name: gf
repo: https://github.com/nakst/gf.git
build_cmd: ./build.sh
binary_name: gf2
install_name: gf
- name: bookokrat
repo: https://github.com/bugzmanov/bookokrat
build_cmd: cargo build --release
binary_name: bookokrat
install_name: bookokrat
build_output_path: target/release/bookokrat
- name: llmfit
repo: https://github.com/AlexsJones/llmfit
build_cmd: cargo build --release
@@ -146,27 +28,13 @@ desktop_source_tools:
desktop_binary_tools: []
desktop_npm_packages:
- name: "opencode-ai"
state: latest
desktop_npm_packages: "{{ ai_agents_npm_packages + [] }}"
desktop_common_dotfiles:
- name: XDG autostart entries
src: .config/autostart/
dest: .config/autostart/
mode: preserve
- name: alacritty config
src: .config/alacritty/
dest: .config/alacritty/
mode: preserve
- name: Thunar config
src: .config/Thunar/
dest: .config/Thunar/
mode: preserve
- name: MIME application defaults
src: .config/mimeapps.list
dest: .config/mimeapps.list
mode: "0644"
- name: fastfetch config
src: .config/fastfetch/
dest: .config/fastfetch/
@@ -183,26 +51,38 @@ desktop_common_dotfiles:
src: .config/yt-dlp/
dest: .config/yt-dlp/
mode: preserve
- name: OpenCode config
src: .config/opencode/
dest: .config/opencode/
mode: preserve
- name: MPV config
src: .config/mpv/
dest: .config/mpv/
mode: preserve
- name: Udiskie config
src: .config/udiskie/
dest: .config/udiskie/
mode: preserve
- name: Turnstile user services
src: .config/service/
dest: .config/service/
mode: preserve
- name: Bash profile fragments
src: .bashrc.d/
dest: .bashrc.d/
mode: preserve
- name: Bash cargo env fragment
src: .bashrc.d/08-cargo-env.sh
dest: .bashrc.d/08-cargo-env.sh
mode: "0644"
- name: Bash GPG TTY fragment
src: .bashrc.d/10-gpg-tty.sh
dest: .bashrc.d/10-gpg-tty.sh
mode: "0644"
- name: Bash man page colors fragment
src: .bashrc.d/12-manpages.sh
dest: .bashrc.d/12-manpages.sh
mode: "0644"
- name: Bash editor fragment
src: .bashrc.d/20-editor-desktop.sh
dest: .bashrc.d/20-editor-desktop.sh
mode: "0644"
- name: Bash Emacs client fragment
src: .bashrc.d/25-emacs-client-desktop.sh
dest: .bashrc.d/25-emacs-client-desktop.sh
mode: "0644"
- name: Bash VM helper fragment
src: .bashrc.d/30-runvm.sh
dest: .bashrc.d/30-runvm.sh
mode: "0644"
- name: Bash Ansible playbook helper fragment
src: .bashrc.d/50-ap.sh
dest: .bashrc.d/50-ap.sh
mode: "0644"
- name: .gitignore_global
src: .gitignore_global
dest: .gitignore_global
@@ -223,17 +103,9 @@ desktop_common_dotfiles:
src: .authinfo.gpg
dest: .authinfo.gpg
mode: "0600"
- name: GTK theme setup script
src: .local/bin/setup-gtk-theme
dest: .local/bin/setup-gtk-theme
mode: "0755"
- name: Turnstile environment update script
src: .local/bin/update-turnstile-env
dest: .local/bin/update-turnstile-env
mode: "0755"
- name: Udiskie password helper
src: .local/bin/udiskie-password
dest: .local/bin/udiskie-password
- name: Calibre database Flatpak wrapper
src: .local/bin/calibredb
dest: .local/bin/calibredb
mode: "0755"
- name: SSH config
src: .ssh/config
@@ -263,37 +135,27 @@ desktop_i3_dotfiles:
src: .config/rofi/
dest: .config/rofi/
mode: preserve
- name: picom config
src: .config/picom/picom.conf
dest: .config/picom/picom.conf
mode: "0644"
- name: polybar config
src: .config/polybar/config.ini
dest: .config/polybar/config.ini
mode: "0644"
- name: polybar launcher
src: .config/polybar/launch.sh
dest: .config/polybar/launch.sh
mode: "0755"
- name: alacritty config
src: .config/alacritty/
dest: .config/alacritty/
mode: preserve
- name: .xinitrc
src: .xinitrc
dest: .xinitrc
mode: "0644"
desktop_sway_dotfiles:
- name: Sway config
src: .config/sway/
dest: .config/sway/
mode: preserve
- name: Sway wallpaper assets
src: .config/i3/wallpapers/
dest: .config/sway/wallpapers/
mode: preserve
- name: Sway session wrapper
src: .local/bin/start-sway-session
dest: .local/bin/start-sway-session
mode: "0755"
- name: Noctalia colors
src: .config/noctalia/colors.json
dest: .config/noctalia/colors.json
mode: "0644"
- name: Noctalia plugins
src: .config/noctalia/plugins.json
dest: .config/noctalia/plugins.json
mode: "0644"
- name: Noctalia colorschemes
src: .config/noctalia/colorschemes/
dest: .config/noctalia/colorschemes/
mode: preserve
noctalia_bar_monitors:
- DP-1
@@ -308,6 +170,7 @@ desktop_flatpak_packages:
- com.spotify.Client
- io.github.flattool.Warehouse
- org.telegram.desktop
- org.mozilla.Thunderbird
desktop_flatpak_extensions:
- org.gtk.Gtk3theme.Yaru-Blue-dark//stable

4
ansible/inventory/group_vars/fedora.yml
View File

@@ -50,6 +50,9 @@ workstation_host_linux_packages_fedora:
- code
- firewall-config
- gnome-extensions-app
- gnome-shell-extension-appindicator
- gnome-shell-extension-just-perfection
- gnome-shell-extension-no-overview
- gnome-tweaks
- libreoffice
- meld
@@ -58,6 +61,7 @@ workstation_host_linux_packages_fedora:
- pinentry-gnome3
- podman
- podman-compose
- rclone
- yubikey-manager
workstation_flatpak_remote_name: flathub

9
ansible/inventory/group_vars/server.yml
View File

@@ -6,6 +6,7 @@ effective_username: "{{ server_username }}"
effective_user_group: "{{ server_user_group }}"
effective_user_home: "{{ server_user_home }}"
server_container_stack_dir: /opt/docker/server
ai_agents_enabled: false
profile_packages:
- avahi-daemon
@@ -92,6 +93,14 @@ server_directories:
owner: "1000"
group: "1000"
mode: "0755"
- path: /srv/nextcloud
owner: root
group: root
mode: "0755"
- path: /srv/nextcloud/data
owner: root
group: root
mode: "0755"
server_ufw_rules:
- rule: allow

167
ansible/inventory/group_vars/void.yml
View File

@@ -1,4 +1,11 @@
---
desktop_void_source_tools:
- name: st
repo: https://codeberg.org/fscotto/st
build_cmd: make
binary_name: st
install_name: st
void_packages_base:
- 7zip
- NetworkManager
@@ -18,18 +25,25 @@ void_packages_base:
- fuse3
- gcc
- gdb
- gist
- github-cli
- gnome-keyring
- go
- gvfs
- hugo
- ImageMagick
- isync
- libsecret
- libtool
- linux-mainline
- lm_sensors
- man-pages-devel
- man-pages-posix
- msmtp
- mu4e
- network-manager-applet
- nodejs
- ntfs-3g
- pavucontrol
- pipewire
- pkg-config
@@ -42,6 +56,7 @@ void_packages_base:
- simple-scan
- socklog
- socklog-void
- speech-dispatcher
- syncthing
- system-config-printer
- tmux
@@ -71,3 +86,155 @@ enabled_services:
- ufw
- virtlockd
- virtlogd
desktop_restart_emptty_automatically: false
desktop_emptty_session_error_logging: disabled
desktop_void_dotfiles:
- name: Turnstile user services
src: .config/service/
dest: .config/service/
mode: preserve
- name: Thunar config
src: .config/Thunar/
dest: .config/Thunar/
mode: preserve
- name: MIME application defaults
src: .config/mimeapps.list
dest: .config/mimeapps.list
mode: "0644"
- name: Bash DBus session fragment
src: .bashrc.d/14-dbus-session.sh
dest: .bashrc.d/14-dbus-session.sh
mode: "0644"
- name: Bash SSH agent socket fragment
src: .bashrc.d/16-ssh-agent-socket.sh
dest: .bashrc.d/16-ssh-agent-socket.sh
mode: "0644"
- name: Bash runit desktop fragment
src: .bashrc.d/15-runit-desktop.sh
dest: .bashrc.d/15-runit-desktop.sh
mode: "0644"
- name: alacritty config
src: .config/alacritty/
dest: .config/alacritty/
mode: preserve
- name: GTK theme setup script
src: .local/bin/setup-gtk-theme
dest: .local/bin/setup-gtk-theme
mode: "0755"
- name: Udiskie password helper
src: .local/bin/udiskie-password
dest: .local/bin/udiskie-password
mode: "0755"
- name: Udiskie config
src: .config/udiskie/
dest: .config/udiskie/
mode: preserve
- name: Turnstile environment update script
src: .local/bin/update-turnstile-env
dest: .local/bin/update-turnstile-env
mode: "0755"
- name: Noctalia config
src: .config/noctalia/
dest: .config/noctalia/
mode: preserve
desktop_common_packages:
- brightnessctl
- dex
- emptty
- pinentry-emacs
- pinentry-gtk
- turnstile
- udiskie
- xdg-desktop-portal
- xdg-desktop-portal-gtk
- xdg-user-dirs
desktop_i3_packages:
- arandr
- autorandr
- feh
- i3
- i3blocks
- i3blocks-blocklets
- i3lock-color
- i3status
- dunst
- network-manager-applet
- picom
- polybar
- rofi
- scrot
- setxkbmap
- blueman
- volumeicon
- xclip
- xfce-polkit
- xfce4-clipman-plugin
- xfce4-screenshooter
- xkbutils
- xorg-fonts
- xorg-minimal
- xss-lock
profile_packages:
- alacritty
- bluez
- bridge-utils
- ctags
- firefox
- deluge-gtk
- dnsmasq
- emacs-gtk3
- poppler-glib
- poppler-utils
- exo
- fontconfig-devel
- freetype-devel
- gvfs-cdda
- gvfs-mtp
- gvfs-smb
- gufw
- libvirt
- libspa-bluetooth
- libreoffice
- liberation-fonts-ttf
- libvterm-devel
- libX11-devel
- libXft-devel
- meld
- mpv
- nerd-fonts-ttf
- nerd-fonts-symbols-ttf
- pdfarranger
- playerctl
- qemu
- qemu-firmware
- qemu-img
- qemu-tools
- remmina
- ripgrep
- rustup
- ristretto
- rsync
- shotwell
- ruff
- terminus-font
- texlive
- ty
- tumbler
- uv
- Thunar
- thunar-archive-plugin
- thunar-volman
- ffmpegthumbnailer
- virt-manager
- virt-manager-tools
- wireplumber
- xarchiver
- xournalpp
- yaru
- yaru-plus
- zstd

4
ansible/inventory/group_vars/workstation.yml
View File

@@ -1,6 +1,4 @@
---
workstation_manage_opencode: true
workstation_npm_packages:
- name: "opencode-ai"
state: latest
workstation_npm_packages: "{{ ai_agents_npm_packages + [] }}"

26
ansible/inventory/host_vars/deadalus-fedora.yml
View File

@@ -148,3 +148,29 @@ workstation_gnome_managed_settings:
- schema: org.gnome.TextEditor
key: wrap-text
value: "true"
- schema: org.gnome.desktop.background
key: picture-uri
value: "'file:///usr/share/backgrounds/gnome/lcd-rainbow-l.jxl'"
- schema: org.gnome.desktop.background
key: picture-uri-dark
value: "'file:///usr/share/backgrounds/gnome/lcd-rainbow-d.jxl'"
workstation_gnome_extension_dconf_settings:
- path: /org/gnome/shell/extensions/paperwm/
key: selection-border-radius-bottom
value: "15"
- path: /org/gnome/shell/extensions/paperwm/
key: selection-border-radius-top
value: "15"
- path: /org/gnome/shell/extensions/paperwm/
key: selection-border-size
value: "5"
- path: /org/gnome/shell/extensions/paperwm/
key: show-window-position-bar
value: "false"
- path: /org/gnome/shell/extensions/paperwm/
key: show-workspace-indicator
value: "false"
- path: /org/gnome/shell/extensions/paperwm/
key: window-gap
value: "10"

47
ansible/inventory/host_vars/nymph.yml
View File

@@ -2,26 +2,20 @@
hostname: nymph
desktop_sessions_enabled:
- sway
- i3
desktop_default_session: sway
desktop_default_session_env: wayland
desktop_default_session: i3
desktop_default_session_env: xorg
desktop_emptty_session_error_logging: rotate
host_xbps_repositories:
- name: noctalia
url: https://universalrepo.r1xelelo.workers.dev/void
host_packages:
- cliphist
- grimshot
- nvidia
- noctalia-shell
- power-profiles-daemon
- nvidia580
- linux-mainline-headers
- mesa-dri
- vulkan-loader
- mesa-vulkan-intel
- intel-video-accel
- power-profiles-daemon
- tlp
- tlp-rdw
- upower
@@ -29,27 +23,10 @@ host_packages:
host_enabled_services:
- tlp
host_sway_dotfiles:
- src: .config/sway/host.conf
dest: .config/sway/host.conf
host_i3_dotfiles:
- src: .config/autorandr/
dest: .config/autorandr/
mode: preserve
- src: .config/wireplumber/wireplumber.conf.d/60-camera-priority.conf
dest: .config/wireplumber/wireplumber.conf.d/60-camera-priority.conf
mode: "0644"
- src: .config/sway/session-env
dest: .config/sway/session-env
mode: "0644"
- src: .config/kanshi/config
dest: .config/kanshi/config
mode: "0644"
noctalia_bar_monitors:
- DP-1
- eDP-1
noctalia_screen_overrides:
- name: DP-1
enabled: false
- name: eDP-1
enabled: false
host_packages_absent:
- network-manager-applet
- blueman

44
ansible/roles/dotfiles_common/tasks/main.yml
View File

@@ -14,7 +14,16 @@
group: "{{ effective_user_group }}"
mode: "0755"
loop: "{{ xdg_user_directories | default([]) }}"
when: "'void' in group_names"
when: "'desktop' in group_names"
- name: Extract templates kit to Templates directory
tags: [dotfiles, dotfiles:common]
ansible.builtin.unarchive:
src: "{{ playbook_dir }}/../dotfiles/common/templates_kit.zip"
dest: "{{ effective_user_home }}/Templates"
owner: "{{ effective_username }}"
group: "{{ effective_user_group }}"
when: "'desktop' in group_names"
- name: Ensure SSH socket directory exists
tags: [dotfiles, dotfiles:common]
@@ -33,10 +42,41 @@
owner: "{{ effective_username }}"
group: "{{ effective_user_group }}"
mode: "{{ item.mode }}"
loop: "{{ common_dotfiles | default([]) }}"
loop: >-
{{
(common_dotfiles | default([]))
+ ((ai_agents_dotfiles | default([])) if (ai_agents_enabled | default(false)) else [])
}}
loop_control:
label: "{{ item.dest }}"
- name: Ensure AI config directories exist
tags: [dotfiles, dotfiles:common]
ansible.builtin.file:
path: "{{ effective_user_home }}/{{ item }}"
state: directory
owner: "{{ effective_username }}"
group: "{{ effective_user_group }}"
mode: "0755"
loop:
- .codex
when:
- ai_agents_enabled | default(false)
- (ai_agents_templates | default([])) | length > 0
- name: Render AI agent templates
tags: [dotfiles, dotfiles:common]
ansible.builtin.template:
src: "{{ playbook_dir }}/../dotfiles/common/{{ item.src }}"
dest: "{{ effective_user_home }}/{{ item.dest }}"
owner: "{{ effective_username }}"
group: "{{ effective_user_group }}"
mode: "{{ item.mode }}"
loop: "{{ ai_agents_templates | default([]) }}"
loop_control:
label: "{{ item.dest }}"
when: ai_agents_enabled | default(false)
- name: Refresh bat cache
tags: [dotfiles, dotfiles:common]
ansible.builtin.command:

5
ansible/roles/packages_void/tasks/main.yml
View File

@@ -61,11 +61,6 @@
if 'i3' in (desktop_sessions_enabled | default([]))
else []
)
+ (
(desktop_sway_packages | default([]))
if 'sway' in (desktop_sessions_enabled | default([]))
else []
)
+ (host_packages | default([]))
)
| unique

8
ansible/roles/profile_desktop_common/handlers/main.yml
View File

@@ -5,6 +5,7 @@
changed_when: true
when:
- not ansible_check_mode
- "'void' in group_names"
- desktop_restart_emptty_automatically | default(false)
- name: Report manual emptty restart requirement
@@ -16,10 +17,13 @@
to avoid dropping the active graphical session.
when:
- not ansible_check_mode
- "'void' in group_names"
- not (desktop_restart_emptty_automatically | default(false))
- name: Reload SSH service
- name: Reload SSH service with runit
listen: Reload SSH service
ansible.builtin.command: sv reload sshd
changed_when: true
when: not ansible_check_mode
when:
- not ansible_check_mode
- "'void' in group_names"

37
ansible/roles/profile_desktop_common/tasks/main.yml
View File

@@ -6,6 +6,7 @@
regexp: '^#?HandleLidSwitch='
line: 'HandleLidSwitch=suspend'
state: present
when: "'void' in group_names"
- name: Ensure common config directories exist
tags: [dotfiles, dotfiles:desktop]
@@ -18,13 +19,11 @@
loop:
- "{{ user_home }}/.config"
- "{{ user_home }}/.config/autostart"
- "{{ user_home }}/.config/dunst"
- "{{ user_home }}/.config/alacritty"
- "{{ user_home }}/.config/Thunar"
- "{{ user_home }}/.config/rofi"
- "{{ user_home }}/.bashrc.d"
- "{{ user_home }}/.tmux"
- "{{ user_home }}/.tmux/bin"
- "{{ user_home }}/.tmux/plugins"
- "{{ user_home }}/.ssh"
- name: Ensure user local bin directory exists
tags: [dotfiles, dotfiles:desktop, dotfiles:host]
@@ -42,6 +41,7 @@
insertafter: '^auth\s+include\s+system-local-login$'
line: "auth optional pam_gnome_keyring.so"
state: present
when: "'void' in group_names"
- name: Enable gnome-keyring PAM session hook
tags: [packages, gnome]
@@ -50,6 +50,7 @@
insertafter: '^session\s+include\s+system-local-login$'
line: "session optional pam_gnome_keyring.so auto_start"
state: present
when: "'void' in group_names"
- name: Enable gnome-keyring PAM password hook
tags: [packages, gnome]
@@ -58,6 +59,7 @@
insertafter: '^password\s+include\s+system-local-login$'
line: "password optional pam_gnome_keyring.so use_authtok"
state: present
when: "'void' in group_names"
- name: Check whether SSH host ed25519 key exists
tags: [services]
@@ -181,6 +183,7 @@
ansible.builtin.stat:
path: /etc/sv/libvirtd
register: libvirtd_service_dir
when: "'void' in group_names"
- name: Enable libvirt daemon service
tags: [packages, services]
@@ -188,7 +191,9 @@
src: /etc/sv/libvirtd
dest: /var/service/libvirtd
state: link
when: libvirtd_service_dir.stat.exists
when:
- "'void' in group_names"
- libvirtd_service_dir.stat.exists
- name: Check virtualization group availability
tags: [packages]
@@ -229,6 +234,7 @@
owner: root
group: root
mode: "0755"
when: "'void' in group_names"
- name: Ensure emptty session directories exist
tags: [packages, services, emptty]
@@ -240,7 +246,7 @@
mode: "0755"
loop:
- /etc/emptty/xsessions
- /etc/emptty/wayland-sessions
when: "'void' in group_names"
- name: Configure emptty
tags: [packages, services, emptty]
@@ -251,6 +257,7 @@
group: root
mode: "0644"
notify: Restart emptty
when: "'void' in group_names"
- name: Copy common desktop dotfiles
tags: [dotfiles, dotfiles:desktop]
@@ -260,7 +267,11 @@
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "{{ item.mode }}"
loop: "{{ desktop_common_dotfiles | default([]) }}"
loop: >-
{{
(desktop_common_dotfiles | default([]))
+ ((desktop_void_dotfiles | default([])) if 'void' in group_names else [])
}}
loop_control:
label: "{{ item.dest }}"
@@ -460,9 +471,9 @@
path: "{{ user_home }}/.cargo/bin/rustc"
register: rustup_initialized
- name: Run rustup-init with cargo env sourced
ansible.builtin.shell:
cmd: . ~/.cargo/env && rustup-init -y --no-modify-path
- name: Run rustup-init
ansible.builtin.command:
cmd: rustup-init -y --no-modify-path
creates: "{{ user_home }}/.cargo/bin/rustc"
become_user: "{{ username }}"
environment:
@@ -487,8 +498,8 @@
file: source_tool.yml
apply:
tags: [packages]
loop: "{{ desktop_source_tools }}"
when: desktop_source_tools | length > 0
loop: "{{ desktop_source_tools + (desktop_void_source_tools | default([])) }}"
when: (desktop_source_tools + (desktop_void_source_tools | default([]))) | length > 0
loop_control:
loop_var: source_tool
label: "{{ source_tool.name }}"
@@ -518,7 +529,7 @@
label: "{{ binary_tool.name }}"
- name: Install desktop npm packages
tags: [packages]
tags: [packages, npm]
community.general.npm:
name: "{{ item.name }}"
global: true

1
ansible/roles/profile_desktop_common/templates/emptty-conf.j2
View File

@@ -10,7 +10,6 @@ DEFAULT_SESSION_ENV={{ desktop_default_session_env | default('') }}
DBUS_LAUNCH=false
XINITRC_LAUNCH=true
XORG_SESSIONS_PATH=/etc/emptty/xsessions
WAYLAND_SESSIONS_PATH=/etc/emptty/wayland-sessions
VERTICAL_SELECTION=true
IDENTIFY_ENVS=true
SELECT_LAST_USER=global

14
ansible/roles/profile_desktop_host/tasks/main.yml
View File

@@ -19,17 +19,3 @@
- "'i3' in (desktop_sessions_enabled | default([]))"
- (host_i3_dotfiles | default([])) | length > 0
- name: Copy host-specific Sway dotfiles
tags: [dotfiles, dotfiles:desktop, dotfiles:host, sway]
ansible.builtin.copy:
src: "{{ playbook_dir }}/../dotfiles/{{ hostname }}/{{ item.src }}"
dest: "{{ user_home }}/{{ item.dest }}"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "{{ item.mode }}"
loop: "{{ host_sway_dotfiles | default([]) }}"
loop_control:
label: "{{ item.dest }}"
when:
- "'sway' in (desktop_sessions_enabled | default([]))"
- (host_sway_dotfiles | default([])) | length > 0

38
ansible/roles/profile_desktop_host/tasks/nymph.yml
View File

@@ -1,16 +1,38 @@
---
- name: Configure GRUB kernel parameters for NVIDIA hybrid graphics
- name: Check if GRUB_CMDLINE_LINUX line exists in /etc/default/grub
tags: [packages, nvidia]
ansible.builtin.command:
cmd: grep -E '^GRUB_CMDLINE_LINUX=' /etc/default/grub
register: nymph_grub_cmdline_check
changed_when: false
failed_when: false
- name: Initialize empty GRUB_CMDLINE_LINUX line if missing
tags: [packages, nvidia]
ansible.builtin.lineinfile:
path: /etc/default/grub
regexp: '^GRUB_CMDLINE_LINUX='
line: 'GRUB_CMDLINE_LINUX="rd.luks.uuid=1e15d159-5d05-4a1f-9639-ac200dff9f9c rootflags=subvol=@ apparmor=1 security=apparmor nouveau.modeset=0 nvidia-drm.modeset=1"'
line: 'GRUB_CMDLINE_LINUX=""'
insertafter: '^GRUB_CMDLINE_LINUX_DEFAULT='
state: present
when: nymph_grub_cmdline_check.rc != 0
register: nymph_grub_cmdline_init
- name: Append NVIDIA kernel parameters to GRUB_CMDLINE_LINUX if missing
tags: [packages, nvidia]
ansible.builtin.replace:
path: /etc/default/grub
regexp: '^(GRUB_CMDLINE_LINUX="(?:(?!{{ item | regex_escape }})[^"])*?)"$'
replace: '\1 {{ item }}"'
loop:
- nouveau.modeset=0
- nvidia-drm.modeset=1
register: nymph_grub_cmdline_append
- name: Regenerate GRUB configuration
tags: [packages, nvidia]
ansible.builtin.command: grub-mkconfig -o /boot/grub/grub.cfg
changed_when: true
when: nymph_grub_cmdline_init is changed or nymph_grub_cmdline_append is changed
- name: Configure NVIDIA power management for hybrid graphics
tags: [packages, nvidia]
@@ -39,13 +61,3 @@
regexp: '^bindsym \$mod\+Return exec --no-startup-id /usr/bin/alacritty'
line: 'bindsym $mod+Return exec --no-startup-id ~/.local/bin/prime-run /usr/bin/alacritty'
when: "'i3' in (desktop_sessions_enabled | default([]))"
- name: Deploy WirePlumber camera priority config
tags: [dotfiles, dotfiles:host]
ansible.builtin.copy:
src: "{{ playbook_dir }}/../dotfiles/nymph/.config/wireplumber/wireplumber.conf.d/60-camera-priority.conf"
dest: "{{ user_home }}/.config/wireplumber/wireplumber.conf.d/60-camera-priority.conf"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0644"
force: true

5
ansible/roles/profile_desktop_i3/tasks/main.yml
View File

@@ -8,8 +8,13 @@
group: "{{ user_group }}"
mode: "0755"
loop:
- "{{ user_home }}/.config/alacritty"
- "{{ user_home }}/.config/dunst"
- "{{ user_home }}/.config/i3"
- "{{ user_home }}/.config/i3blocks"
- "{{ user_home }}/.config/picom"
- "{{ user_home }}/.config/polybar"
- "{{ user_home }}/.config/rofi"
when: "'i3' in (desktop_sessions_enabled | default([]))"
- name: Install allowed emptty X11 sessions

85
ansible/roles/profile_desktop_sway/tasks/main.yml
View File

@@ -1,85 +0,0 @@
---
- name: Ensure Sway config directories exist
tags: [dotfiles, dotfiles:desktop, sway]
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0755"
loop:
- "{{ user_home }}/.config/sway"
- "{{ user_home }}/.config/kanshi"
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Ensure Noctalia config directories exist
tags: [dotfiles, dotfiles:desktop, sway, noctalia]
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0755"
loop:
- "{{ user_home }}/.config/noctalia"
- "{{ user_home }}/.config/noctalia/plugins"
- "{{ user_home }}/.local/share/noctalia-plugins"
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Install Sway emptty session entry
tags: [packages, services, emptty, sway]
ansible.builtin.template:
src: Sway.desktop.j2
dest: /etc/emptty/wayland-sessions/Sway.desktop
owner: root
group: root
mode: "0644"
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Copy Sway desktop dotfiles
tags: [dotfiles, dotfiles:desktop, sway]
ansible.builtin.copy:
src: "{{ playbook_dir }}/../dotfiles/desktop/{{ item.src }}"
dest: "{{ user_home }}/{{ item.dest }}"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "{{ item.mode }}"
loop: "{{ desktop_sway_dotfiles | default([]) }}"
loop_control:
label: "{{ item.dest }}"
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Render Sway shell config
tags: [dotfiles, dotfiles:desktop, sway]
ansible.builtin.template:
src: shell.conf.j2
dest: "{{ user_home }}/.config/sway/shell.conf"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0644"
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Render Noctalia settings template
tags: [dotfiles, dotfiles:desktop, sway, noctalia]
ansible.builtin.template:
src: noctalia-settings.json.j2
dest: "{{ user_home }}/.config/noctalia/settings.json"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0644"
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Manage Noctalia shell plugins
tags: [dotfiles, dotfiles:desktop, sway, noctalia]
ansible.builtin.include_tasks: noctalia.yml
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Copy shared Clipper settings
tags: [dotfiles, dotfiles:desktop, sway, noctalia]
ansible.builtin.copy:
src: "{{ playbook_dir }}/../dotfiles/desktop/.config/noctalia/plugins/clipper/settings.json"
dest: "{{ user_home }}/.config/noctalia/plugins/clipper/settings.json"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0644"
when: "'sway' in (desktop_sessions_enabled | default([]))"

142
ansible/roles/profile_desktop_sway/tasks/noctalia.yml
View File

@@ -1,142 +0,0 @@
---
- name: Check whether official Clipper plugin directory exists
ansible.builtin.stat:
path: "{{ user_home }}/.local/share/noctalia-plugins/official/clipper"
follow: false
register: official_clipper_path_state
- name: Repair official Clipper plugin permissions before git update
ansible.builtin.file:
path: "{{ user_home }}/.local/share/noctalia-plugins/official/clipper"
state: directory
recurse: true
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "u=rwX,go=rX"
when:
- official_clipper_path_state.stat.exists
- official_clipper_path_state.stat.isdir
- name: Remove untracked files from official Clipper subtree before git update
ansible.builtin.command:
cmd: git clean -fd -- clipper
chdir: "{{ user_home }}/.local/share/noctalia-plugins/official"
become_user: "{{ username }}"
environment:
HOME: "{{ user_home }}"
register: official_clipper_clean
changed_when: >-
(official_clipper_clean.stdout | default('') | trim) != '' or
(official_clipper_clean.stderr | default('') | trim) != ''
when:
- official_clipper_path_state.stat.exists
- official_clipper_path_state.stat.isdir
- name: Bootstrap official Noctalia plugins checkout
ansible.builtin.git:
repo: https://github.com/noctalia-dev/noctalia-plugins.git
dest: "{{ user_home }}/.local/share/noctalia-plugins/official"
version: main
update: true
force: true
become_user: "{{ username }}"
environment:
HOME: "{{ user_home }}"
- name: Check if Clipper is a real directory (needs migration to symlink)
ansible.builtin.stat:
path: "{{ user_home }}/.config/noctalia/plugins/clipper"
follow: false
register: clipper_path_state
- name: Check whether Clipper pinned data exists
ansible.builtin.stat:
path: "{{ user_home }}/.config/noctalia/plugins/clipper/pinned.json"
register: clipper_pinned_state
when:
- clipper_path_state.stat.exists
- clipper_path_state.stat.isdir
- not (clipper_path_state.stat.islnk | default(false))
- name: Preserve Clipper pinned data before migration
ansible.builtin.copy:
src: "{{ user_home }}/.config/noctalia/plugins/clipper/pinned.json"
dest: "{{ user_home }}/.local/share/noctalia-plugins/official/clipper/pinned.json"
remote_src: true
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0644"
become_user: "{{ username }}"
environment:
HOME: "{{ user_home }}"
when:
- clipper_pinned_state is defined and clipper_pinned_state.stat is defined and clipper_pinned_state.stat.exists
- name: Check whether Clipper notecards directory exists
ansible.builtin.stat:
path: "{{ user_home }}/.config/noctalia/plugins/clipper/notecards"
register: clipper_notecards_state
when:
- clipper_path_state.stat.exists
- clipper_path_state.stat.isdir
- not (clipper_path_state.stat.islnk | default(false))
- name: Preserve Clipper notecards before migration
ansible.builtin.copy:
src: "{{ user_home }}/.config/noctalia/plugins/clipper/notecards/"
dest: "{{ user_home }}/.local/share/noctalia-plugins/official/clipper/notecards/"
remote_src: true
owner: "{{ username }}"
group: "{{ user_group }}"
mode: preserve
become_user: "{{ username }}"
environment:
HOME: "{{ user_home }}"
when:
- clipper_notecards_state is defined and clipper_notecards_state.stat is defined and clipper_notecards_state.stat.exists and clipper_notecards_state.stat.isdir
- name: Remove old Clipper directory (migration to symlink)
ansible.builtin.file:
path: "{{ user_home }}/.config/noctalia/plugins/clipper"
state: absent
when:
- clipper_path_state.stat.exists
- clipper_path_state.stat.isdir
- not (clipper_path_state.stat.islnk | default(false))
- name: Create Clipper symlink to official plugin
ansible.builtin.file:
src: "{{ user_home }}/.local/share/noctalia-plugins/official/clipper"
dest: "{{ user_home }}/.config/noctalia/plugins/clipper"
state: link
force: true
owner: "{{ username }}"
group: "{{ user_group }}"
- name: Check if usb-drive-manager is a real directory (needs migration to symlink)
ansible.builtin.stat:
path: "{{ user_home }}/.config/noctalia/plugins/usb-drive-manager"
follow: false
register: usb_drive_manager_path_state
- name: Remove old usb-drive-manager directory (migration to symlink)
ansible.builtin.file:
path: "{{ user_home }}/.config/noctalia/plugins/usb-drive-manager"
state: absent
when:
- usb_drive_manager_path_state.stat.exists
- usb_drive_manager_path_state.stat.isdir
- not (usb_drive_manager_path_state.stat.islnk | default(false))
- name: Link official Noctalia plugins
ansible.builtin.file:
src: "{{ user_home }}/.local/share/noctalia-plugins/official/{{ item }}"
dest: "{{ user_home }}/.config/noctalia/plugins/{{ item }}"
state: link
force: true
owner: "{{ username }}"
group: "{{ user_group }}"
loop:
- polkit-agent
- screenshot
- usb-drive-manager

8
ansible/roles/profile_desktop_sway/templates/Sway.desktop.j2
View File

@@ -1,8 +0,0 @@
[Desktop Entry]
Name=Sway
Comment=Sway Wayland compositor
Exec={{ user_home }}/.local/bin/start-sway-session
TryExec=sway
Type=Application
DesktopNames=sway;wlroots
Keywords=wayland;wm;windowmanager;window;manager;tiling;compositor;

622
ansible/roles/profile_desktop_sway/templates/noctalia-settings.json.j2
View File

@@ -1,622 +0,0 @@
{
"appLauncher": {
"autoPasteClipboard": false,
"clipboardWatchImageCommand": "wl-paste --type image --watch cliphist store",
"clipboardWatchTextCommand": "wl-paste --type text --watch cliphist store",
"clipboardWrapText": true,
"customLaunchPrefix": "",
"customLaunchPrefixEnabled": false,
"density": "default",
"enableClipPreview": true,
"enableClipboardChips": true,
"enableClipboardHistory": false,
"enableClipboardSmartIcons": true,
"enableSessionSearch": true,
"enableSettingsSearch": true,
"enableWindowsSearch": true,
"iconMode": "tabler",
"ignoreMouseInput": false,
"overviewLayer": false,
"pinnedApps": [],
"position": "center",
"screenshotAnnotationTool": "",
"showCategories": true,
"showIconBackground": false,
"sortByMostUsed": true,
"terminalCommand": "alacritty -e",
"viewMode": "list"
},
"audio": {
"mprisBlacklist": [],
"preferredPlayer": "",
"spectrumFrameRate": 30,
"spectrumMirrored": true,
"visualizerType": "linear",
"volumeFeedback": false,
"volumeFeedbackSoundFile": "",
"volumeOverdrive": false,
"volumeStep": 5
},
"bar": {
"autoHideDelay": 500,
"autoShowDelay": 150,
"backgroundOpacity": 0.93,
"barType": "simple",
"capsuleColorKey": "none",
"capsuleOpacity": 1,
"contentPadding": 2,
"density": "default",
"displayMode": "always_visible",
"enableExclusionZoneInset": true,
"fontScale": 1,
"frameRadius": 12,
"frameThickness": 8,
"hideOnOverview": false,
"marginHorizontal": 4,
"marginVertical": 4,
"middleClickAction": "none",
"middleClickCommand": "",
"middleClickFollowMouse": false,
"monitors": [
{% for monitor in noctalia_bar_monitors | default(['DP-1']) %}
"{{ monitor }}"{% if not loop.last %},{% endif %}
{% endfor %}
],
"mouseWheelAction": "none",
"mouseWheelWrap": true,
"outerCorners": true,
"position": "top",
"reverseScroll": false,
"rightClickAction": "controlCenter",
"rightClickCommand": "",
"rightClickFollowMouse": true,
"screenOverrides": [
{% for override in noctalia_screen_overrides | default([]) %}
{
"enabled": {{ override.enabled | lower }},
"name": "{{ override.name }}"
}{% if not loop.last %},{% endif %}
{% endfor %}
],
"showCapsule": true,
"showOnWorkspaceSwitch": true,
"showOutline": false,
"useSeparateOpacity": false,
"widgetSpacing": 6,
"widgets": {
"center": [
{
"clockColor": "none",
"customFont": "",
"formatHorizontal": "HH:mm ddd, MMM dd",
"formatVertical": "HH mm - dd MM",
"id": "Clock",
"tooltipFormat": "HH:mm ddd, MMM dd",
"useCustomFont": false
},
{
"compactMode": false,
"hideMode": "hidden",
"hideWhenIdle": false,
"id": "MediaMini",
"maxWidth": 145,
"panelShowAlbumArt": true,
"scrollingMode": "hover",
"showAlbumArt": true,
"showArtistFirst": true,
"showProgressRing": true,
"showVisualizer": false,
"textColor": "none",
"useFixedWidth": false,
"visualizerType": "linear"
}
],
"left": [
{
"characterCount": 2,
"colorizeIcons": false,
"emptyColor": "secondary",
"enableScrollWheel": true,
"focusedColor": "primary",
"followFocusedScreen": false,
"fontWeight": "bold",
"groupedBorderOpacity": 1,
"hideUnoccupied": false,
"iconScale": 0.8,
"id": "Workspace",
"labelMode": "index",
"occupiedColor": "secondary",
"pillSize": 0.6,
"showApplications": false,
"showApplicationsHover": false,
"showBadge": true,
"showLabelsOnlyWhenOccupied": true,
"unfocusedIconsOpacity": 1
}
],
"right": [
{
"blacklist": [],
"chevronColor": "none",
"colorizeIcons": false,
"drawerEnabled": true,
"hidePassive": false,
"id": "Tray",
"pinned": []
},
{
"compactMode": true,
"diskPath": "/",
"iconColor": "none",
"id": "SystemMonitor",
"showCpuCores": false,
"showCpuFreq": false,
"showCpuTemp": true,
"showCpuUsage": true,
"showDiskAvailable": false,
"showDiskUsage": false,
"showDiskUsageAsPercent": false,
"showGpuTemp": false,
"showLoadAverage": false,
"showMemoryAsPercent": false,
"showMemoryUsage": true,
"showNetworkStats": false,
"showSwapUsage": false,
"textColor": "none",
"useMonospaceFont": true,
"usePadding": false
},
{
"defaultSettings": {
"autoMount": false,
"fileBrowser": "yazi",
"hideWhenEmpty": false,
"iconColor": "none",
"showBadge": false,
"showNotifications": true,
"terminalCommand": "kitty"
},
"id": "plugin:usb-drive-manager"
},
{
"defaultSettings": {
"autoPaste": false,
"autoPasteDelay": 300,
"autoPasteOnRightClick": false,
"cardColors": {},
"customColors": {},
"enableTodoIntegration": false,
"fullscreenMode": false,
"hidePanelBackground": false,
"notecardsEnabled": true,
"panelHeight": 0,
"panelWidth": 1450,
"pincardsEnabled": true,
"showCloseButton": true
},
"id": "plugin:clipper"
},
{
"displayMode": "onhover",
"iconColor": "none",
"id": "Volume",
"middleClickCommand": "pwvucontrol || pavucontrol",
"textColor": "none"
},
{
"applyToAllMonitors": false,
"displayMode": "onhover",
"iconColor": "none",
"id": "Brightness",
"textColor": "none"
},
{
"deviceNativePath": "__default__",
"displayMode": "graphic-clean",
"hideIfIdle": false,
"hideIfNotDetected": true,
"id": "Battery",
"showNoctaliaPerformance": false,
"showPowerProfiles": false
},
{
"colorizeDistroLogo": false,
"colorizeSystemIcon": "secondary",
"colorizeSystemText": "none",
"customIconPath": "",
"enableColorization": true,
"icon": "settings",
"id": "ControlCenter",
"useDistroLogo": false
},
{
"hideWhenZero": false,
"hideWhenZeroUnread": false,
"iconColor": "none",
"id": "NotificationHistory",
"showUnreadBadge": true,
"unreadBadgeColor": "tertiary"
}
]
}
},
"brightness": {
"backlightDeviceMappings": [],
"brightnessStep": 5,
"enableDdcSupport": false,
"enforceMinimum": true
},
"calendar": {
"cards": [
{
"enabled": true,
"id": "calendar-header-card"
},
{
"enabled": true,
"id": "calendar-month-card"
},
{
"enabled": true,
"id": "weather-card"
}
]
},
"colorSchemes": {
"darkMode": true,
"generationMethod": "tonal-spot",
"manualSunrise": "06:30",
"manualSunset": "18:30",
"monitorForColors": "",
"predefinedScheme": "Ayu",
"schedulingMode": "off",
"syncGsettings": true,
"useWallpaperColors": false
},
"controlCenter": {
"cards": [
{
"enabled": true,
"id": "profile-card"
},
{
"enabled": true,
"id": "shortcuts-card"
},
{
"enabled": true,
"id": "audio-card"
},
{
"enabled": true,
"id": "brightness-card"
},
{
"enabled": true,
"id": "weather-card"
},
{
"enabled": true,
"id": "media-sysmon-card"
}
],
"diskPath": "/",
"position": "close_to_bar_button",
"shortcuts": {
"left": [
{"id": "Network"},
{"id": "Bluetooth"},
{"id": "WallpaperSelector"},
{"id": "NoctaliaPerformance"}
],
"right": [
{"id": "Notifications"},
{"id": "PowerProfile"},
{"id": "KeepAwake"},
{"id": "NightLight"}
]
}
},
"desktopWidgets": {
"enabled": false,
"gridSnap": false,
"gridSnapScale": false,
"monitorWidgets": [],
"overviewEnabled": true
},
"dock": {
"animationSpeed": 1,
"backgroundOpacity": 1,
"colorizeIcons": false,
"deadOpacity": 0.6,
"displayMode": "auto_hide",
"dockType": "floating",
"enabled": false,
"floatingRatio": 1,
"groupApps": false,
"groupClickAction": "cycle",
"groupContextMenuMode": "extended",
"groupIndicatorStyle": "dots",
"inactiveIndicators": false,
"indicatorColor": "primary",
"indicatorOpacity": 0.6,
"indicatorThickness": 3,
"launcherIcon": "",
"launcherIconColor": "none",
"launcherPosition": "end",
"launcherUseDistroLogo": false,
"monitors": [],
"onlySameOutput": true,
"pinnedApps": [],
"pinnedStatic": false,
"position": "bottom",
"showDockIndicator": false,
"showLauncherIcon": false,
"sitOnFrame": false,
"size": 1
},
"general": {
"allowPanelsOnScreenWithoutBar": true,
"allowPasswordWithFprintd": false,
"animationDisabled": false,
"animationSpeed": 1,
"autoStartAuth": false,
"avatarImage": "{{ user_home }}/.face",
"boxRadiusRatio": 1,
"clockFormat": "hh\\nmm",
"clockStyle": "custom",
"compactLockScreen": false,
"dimmerOpacity": 0.2,
"enableBlurBehind": true,
"enableLockScreenCountdown": true,
"enableLockScreenMediaControls": false,
"enableShadows": true,
"forceBlackScreenCorners": false,
"iRadiusRatio": 1,
"keybinds": {
"keyDown": ["Down"],
"keyEnter": ["Return", "Enter"],
"keyEscape": ["Esc"],
"keyLeft": ["Left"],
"keyRemove": ["Del"],
"keyRight": ["Right"],
"keyUp": ["Up"]
},
"language": "",
"lockOnSuspend": true,
"lockScreenAnimations": false,
"lockScreenBlur": 0,
"lockScreenCountdownDuration": 10000,
"lockScreenMonitors": [],
"lockScreenTint": 0,
"passwordChars": false,
"radiusRatio": 1,
"reverseScroll": false,
"scaleRatio": 1,
"screenRadiusRatio": 1,
"shadowDirection": "bottom_right",
"shadowOffsetX": 2,
"shadowOffsetY": 3,
"showChangelogOnStartup": true,
"showHibernateOnLockScreen": false,
"showScreenCorners": false,
"showSessionButtonsOnLockScreen": true,
"smoothScrollEnabled": true,
"telemetryEnabled": false
},
"hooks": {
"colorGeneration": "",
"darkModeChange": "",
"enabled": false,
"performanceModeDisabled": "",
"performanceModeEnabled": "",
"screenLock": "",
"screenUnlock": "",
"session": "",
"startup": "",
"wallpaperChange": ""
},
"idle": {
"customCommands": "[]",
"enabled": true,
"fadeDuration": 5,
"lockCommand": "",
"lockTimeout": 660,
"resumeLockCommand": "",
"resumeScreenOffCommand": "",
"resumeSuspendCommand": "",
"screenOffCommand": "",
"screenOffTimeout": 600,
"suspendCommand": "",
"suspendTimeout": 1800
},
"location": {
"analogClockInCalendar": false,
"autoLocate": false,
"firstDayOfWeek": -1,
"hideWeatherCityName": false,
"hideWeatherTimezone": false,
"name": "",
"showCalendarEvents": true,
"showCalendarWeather": true,
"showWeekNumberInCalendar": false,
"use12hourFormat": false,
"useFahrenheit": false,
"weatherEnabled": true,
"weatherShowEffects": true,
"weatherTaliaMascotAlways": false
},
"network": {
"bluetoothAutoConnect": true,
"bluetoothDetailsViewMode": "grid",
"bluetoothHideUnnamedDevices": false,
"bluetoothRssiPollIntervalMs": 60000,
"bluetoothRssiPollingEnabled": false,
"disableDiscoverability": false,
"networkPanelView": "wifi",
"wifiDetailsViewMode": "grid"
},
"nightLight": {
"autoSchedule": true,
"dayTemp": "6500",
"enabled": false,
"forced": false,
"manualSunrise": "06:30",
"manualSunset": "18:30",
"nightTemp": "4000"
},
"noctaliaPerformance": {
"disableDesktopWidgets": true,
"disableWallpaper": true
},
"notifications": {
"backgroundOpacity": 1,
"clearDismissed": true,
"criticalUrgencyDuration": 15,
"density": "default",
"enableBatteryToast": true,
"enableKeyboardLayoutToast": true,
"enableMarkdown": false,
"enableMediaToast": false,
"enabled": true,
"location": "top_right",
"lowUrgencyDuration": 3,
"monitors": [],
"normalUrgencyDuration": 8,
"overlayLayer": true,
"respectExpireTimeout": false,
"saveToHistory": {
"critical": true,
"low": true,
"normal": true
},
"sounds": {
"criticalSoundFile": "",
"enabled": false,
"excludedApps": "discord,firefox,chrome,chromium,edge",
"lowSoundFile": "",
"normalSoundFile": "",
"separateSounds": false,
"volume": 0.5
}
},
"osd": {
"autoHideMs": 2000,
"backgroundOpacity": 1,
"enabled": true,
"enabledTypes": [0, 1, 2],
"location": "top_right",
"monitors": [],
"overlayLayer": true
},
"plugins": {
"autoUpdate": false,
"notifyUpdates": true
},
"sessionMenu": {
"countdownDuration": 10000,
"enableCountdown": true,
"largeButtonsLayout": "single-row",
"largeButtonsStyle": true,
"position": "center",
"powerOptions": [
{"action": "lock", "command": "", "countdownEnabled": true, "enabled": true, "keybind": "1"},
{"action": "suspend", "command": "", "countdownEnabled": true, "enabled": true, "keybind": "2"},
{"action": "hibernate", "command": "", "countdownEnabled": true, "enabled": true, "keybind": "3"},
{"action": "reboot", "command": "", "countdownEnabled": true, "enabled": true, "keybind": "4"},
{"action": "logout", "command": "", "countdownEnabled": true, "enabled": true, "keybind": "5"},
{"action": "shutdown", "command": "", "countdownEnabled": true, "enabled": true, "keybind": "6"},
{"action": "rebootToUefi", "command": "", "countdownEnabled": true, "enabled": true, "keybind": "7"},
{"action": "userspaceReboot", "command": "", "countdownEnabled": true, "enabled": false, "keybind": ""}
],
"showHeader": true,
"showKeybinds": true
},
"settingsVersion": 59,
"systemMonitor": {
"batteryCriticalThreshold": 5,
"batteryWarningThreshold": 20,
"cpuCriticalThreshold": 90,
"cpuWarningThreshold": 80,
"criticalColor": "",
"diskAvailCriticalThreshold": 10,
"diskAvailWarningThreshold": 20,
"diskCriticalThreshold": 90,
"diskWarningThreshold": 80,
"enableDgpuMonitoring": true,
"externalMonitor": "resources || missioncenter || jdsystemmonitor || corestats || system-monitoring-center || gnome-system-monitor || plasma-systemmonitor || mate-system-monitor || ukui-system-monitor || deepin-system-monitor || pantheon-system-monitor",
"gpuCriticalThreshold": 90,
"gpuWarningThreshold": 80,
"memCriticalThreshold": 90,
"memWarningThreshold": 80,
"swapCriticalThreshold": 90,
"swapWarningThreshold": 80,
"tempCriticalThreshold": 90,
"tempWarningThreshold": 80,
"useCustomColors": false,
"warningColor": ""
},
"templates": {
"activeTemplates": [
{"enabled": true, "id": "alacritty"},
{"enabled": true, "id": "gtk"},
{"enabled": true, "id": "emacs"},
{"enabled": true, "id": "telegram"}
],
"enableUserTheming": false
},
"ui": {
"boxBorderEnabled": false,
"fontDefault": "Sans Serif",
"fontDefaultScale": 1,
"fontFixed": "monospace",
"fontFixedScale": 1,
"panelBackgroundOpacity": 0.93,
"panelsAttachedToBar": true,
"scrollbarAlwaysVisible": true,
"settingsPanelMode": "centered",
"settingsPanelSideBarCardStyle": false,
"tooltipsEnabled": true,
"translucentWidgets": false
},
"wallpaper": {
"automationEnabled": false,
"directory": "{{ user_home }}/Pictures/Wallpapers",
"enableMultiMonitorDirectories": false,
"enabled": true,
"favorites": [],
"fillColor": "#000000",
"fillMode": "crop",
"hideWallpaperFilenames": false,
"linkLightAndDarkWallpapers": true,
"monitorDirectories": [],
"overviewBlur": 0.4,
"overviewEnabled": false,
"overviewTint": 0.6,
"panelPosition": "follow_bar",
"randomIntervalSec": 300,
"setWallpaperOnAllMonitors": true,
"showHiddenFiles": false,
"skipStartupTransition": false,
"solidColor": "#1a1a2e",
"sortOrder": "name",
"transitionDuration": 1500,
"transitionEdgeSmoothness": 0.05,
"transitionType": ["fade", "disc", "stripes", "wipe", "pixelate", "honeycomb"],
"useOriginalImages": false,
"useSolidColor": false,
"useWallhaven": false,
"viewMode": "single",
"wallhavenApiKey": "",
"wallhavenCategories": "111",
"wallhavenOrder": "desc",
"wallhavenPurity": "100",
"wallhavenQuery": "",
"wallhavenRatios": "",
"wallhavenResolutionHeight": "",
"wallhavenResolutionMode": "atleast",
"wallhavenResolutionWidth": "",
"wallhavenSorting": "relevance",
"wallpaperChangeMode": "random"
}
}

29
ansible/roles/profile_desktop_sway/templates/shell.conf.j2
View File

@@ -1,29 +0,0 @@
set $menu qs -c noctalia-shell ipc call launcher toggle
set $audio_panel qs -c noctalia-shell ipc call volume openPanel
set $locker qs -c noctalia-shell ipc call lockScreen lock
set $powermenu qs -c noctalia-shell ipc call sessionMenu toggle
set $screenshot_full qs -c noctalia-shell ipc call plugin:screenshot takeScreenshot output
set $screenshot_region qs -c noctalia-shell ipc call plugin:screenshot takeScreenshot region
set $screenshot_window qs -c noctalia-shell ipc call plugin:screenshot takeScreenshot window
set $audio_raise qs -c noctalia-shell ipc call volume increase
set $audio_lower qs -c noctalia-shell ipc call volume decrease
set $audio_mute qs -c noctalia-shell ipc call volume muteOutput
set $audio_mic_mute qs -c noctalia-shell ipc call volume muteInput
set $brightness_up qs -c noctalia-shell ipc call brightness increase
set $brightness_down qs -c noctalia-shell ipc call brightness decrease
exec dbus-update-activation-environment --systemd WAYLAND_DISPLAY DISPLAY SWAYSOCK XDG_CURRENT_DESKTOP XDG_SESSION_DESKTOP XDG_SESSION_TYPE XCURSOR_THEME XCURSOR_SIZE
exec systemctl --user import-environment WAYLAND_DISPLAY DISPLAY SWAYSOCK XDG_CURRENT_DESKTOP XDG_SESSION_DESKTOP XDG_SESSION_TYPE XCURSOR_THEME XCURSOR_SIZE
exec ~/.local/bin/update-turnstile-env
exec dex --autostart --environment sway
exec gnome-keyring-daemon --start --components=secrets
exec ~/.local/bin/setup-gtk-theme
exec pipewire
exec pipewire-pulse
exec wireplumber
exec kanshi
exec udiskie --no-tray
exec wl-paste --watch cliphist store
exec qs -c noctalia-shell
bindsym $mod+c exec qs -c noctalia-shell ipc call launcher clipboard

2
ansible/roles/profile_workstation_dev_common/tasks/main.yml
View File

@@ -36,7 +36,7 @@
label: "{{ item.dest }}"
- name: Install workstation npm packages
tags: [packages]
tags: [packages, npm]
community.general.npm:
name: "{{ item.name }}"
global: true

14
ansible/roles/profile_workstation_gnome/tasks/main.yml
View File

@@ -74,6 +74,20 @@
changed_when: true
when: item.stdout | trim != item.item.value
- name: Apply workstation GNOME extension dconf settings
tags: [gnome]
ansible.builtin.command:
argv:
- dconf
- write
- "{{ item.path }}{{ item.key }}"
- "{{ item.value }}"
become_user: "{{ username }}"
loop: "{{ workstation_gnome_extension_dconf_settings | default([]) }}"
loop_control:
label: "{{ item.path }}{{ item.key }}"
changed_when: true
- name: Check whether VS Code CLI is available on workstation host
tags: [packages, vscode]
ansible.builtin.command:

1
ansible/roles/services_systemd/tasks/main.yml
View File

@@ -18,3 +18,4 @@
loop: "{{ host_enabled_services | default([]) }}"
loop_control:
label: "{{ item }}"

1
ansible/site.yml
View File

@@ -25,7 +25,6 @@
- services_runit
- profile_desktop_common
- profile_desktop_i3
- profile_desktop_sway
- profile_desktop_host
- hosts: workstation_dev_ubuntu

24
ansible/templates/server/docker-compose.yml.j2
View File

@@ -36,6 +36,25 @@ services:
- web
- gitea
# Disabled: prometheus does not have enough resources to run Nextcloud AIO.
# nextcloud-aio-mastercontainer:
# image: ghcr.io/nextcloud-releases/all-in-one:latest
# container_name: nextcloud-aio-mastercontainer
# init: true
# restart: always
# ports:
# - "127.0.0.1:8080:8080"
# environment:
# APACHE_PORT: "11000"
# APACHE_IP_BINDING: "0.0.0.0"
# APACHE_ADDITIONAL_NETWORK: "server_web"
# NEXTCLOUD_DATADIR: "/srv/nextcloud/data"
# volumes:
# - "nextcloud_aio_mastercontainer:/mnt/docker-aio-config"
# - "/var/run/docker.sock:/var/run/docker.sock:ro"
# networks:
# - web
navidromedb:
image: postgres:13
container_name: navidromedb
@@ -87,6 +106,11 @@ services:
networks:
web:
name: server_web
external: false
gitea:
external: false
# volumes:
# nextcloud_aio_mastercontainer:
# name: nextcloud_aio_mastercontainer

5
dotfiles/common/.claude/CLAUDE.md Normal file
View File

@@ -0,0 +1,5 @@
# Claude Code Global Context
Import the shared coding agent bootstrap context:
@~/.config/ai/bootstrap.md

16
dotfiles/common/.codex/config.toml.j2 Normal file
View File

@@ -0,0 +1,16 @@
model = "gpt-5.5"
model_reasoning_effort = "medium"
model_instructions_file = "{{ effective_user_home }}/.config/ai/bootstrap.md"
[projects."/home/fscotto/AnsiblePlaybook"]
trust_level = "trusted"
[tui]
theme = "coldark-dark"
[tui.model_availability_nux]
"gpt-5.5" = 3
[features]
memories = true

0
dotfiles/desktop/.config/opencode/AGENTS.md → dotfiles/common/.config/ai/AGENTS.md
View File

0
dotfiles/desktop/.config/opencode/bootstrap.md → dotfiles/common/.config/ai/bootstrap.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/architecture.md → dotfiles/common/.config/ai/knowledge/architecture.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/cli.md → dotfiles/common/.config/ai/knowledge/cli.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/desktop.md → dotfiles/common/.config/ai/knowledge/desktop.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/dotfiles.md → dotfiles/common/.config/ai/knowledge/dotfiles.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/emacs.md → dotfiles/common/.config/ai/knowledge/emacs.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/infra.md → dotfiles/common/.config/ai/knowledge/infra.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/kernel.md → dotfiles/common/.config/ai/knowledge/kernel.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/os_setup.md → dotfiles/common/.config/ai/knowledge/os_setup.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/philosophy.md → dotfiles/common/.config/ai/knowledge/philosophy.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/server.md → dotfiles/common/.config/ai/knowledge/server.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/system_programming.md → dotfiles/common/.config/ai/knowledge/system_programming.md
View File

0
dotfiles/desktop/.config/opencode/patterns/ansible_role.md → dotfiles/common/.config/ai/patterns/ansible_role.md
View File

0
dotfiles/desktop/.config/opencode/patterns/dotfiles_layering.md → dotfiles/common/.config/ai/patterns/dotfiles_layering.md
View File

0
dotfiles/desktop/.config/opencode/patterns/project_structure.md → dotfiles/common/.config/ai/patterns/project_structure.md
View File

0
dotfiles/desktop/.config/opencode/patterns/service_setup.md → dotfiles/common/.config/ai/patterns/service_setup.md
View File

0
dotfiles/desktop/.config/opencode/rules/ansible.md → dotfiles/common/.config/ai/rules/ansible.md
View File

0
dotfiles/desktop/.config/opencode/rules/dotfiles.md → dotfiles/common/.config/ai/rules/dotfiles.md
View File

0
dotfiles/desktop/.config/opencode/rules/safety.md → dotfiles/common/.config/ai/rules/safety.md
View File

0
dotfiles/desktop/.config/opencode/rules/workflow.md → dotfiles/common/.config/ai/rules/workflow.md
View File

7
dotfiles/common/.config/opencode/opencode.json Normal file
View File

@@ -0,0 +1,7 @@
{
"$schema": "https://opencode.ai/config.json",
"instructions": [
"~/.config/ai/bootstrap.md",
"~/.config/ai/rules/safety.md"
]
}

14
dotfiles/common/.gemini/settings.json Normal file
View File

@@ -0,0 +1,14 @@
{
"security": {
"auth": {
"selectedType": "oauth-personal"
}
},
"context": {
"fileName": [
"~/.config/ai/bootstrap.md",
"~/.config/ai/rules/safety.md",
"~/.config/ai/AGENTS.md"
]
}
}

BIN
dotfiles/common/templates_kit.zip Normal file
View File

Binary file not shown.

BIN
dotfiles/desktop/.authinfo.gpg
View File

Binary file not shown.

39
dotfiles/desktop/.bashrc.d/14-dbus-session.sh Normal file
View File

@@ -0,0 +1,39 @@
# Validate DBUS_SESSION_BUS_ADDRESS: a stale value (e.g. inherited from a
# dead X session) makes secret-tool, mbsync, msmtp fail with
# "Could not connect: No such file or directory".
# Fall back to ~/.dbus-session-bus-address (written by .xinitrc) or
# /run/user/$UID/bus, mirroring scripts/bootstrap_mail.sh.
_dbus_addr_socket_path() {
printf '%s' "${1#unix:path=}" | sed 's/,.*//'
}
_dbus_addr_is_live() {
case "$1" in
unix:path=*)
[ -S "$(_dbus_addr_socket_path "$1")" ]
;;
unix:abstract=*)
return 0
;;
*)
return 1
;;
esac
}
if ! _dbus_addr_is_live "${DBUS_SESSION_BUS_ADDRESS:-}"; then
unset DBUS_SESSION_BUS_ADDRESS
if [ -f "$HOME/.dbus-session-bus-address" ]; then
_saved=$(tr -d '\n' <"$HOME/.dbus-session-bus-address" 2>/dev/null)
if [ -n "$_saved" ] && _dbus_addr_is_live "$_saved"; then
export DBUS_SESSION_BUS_ADDRESS="$_saved"
fi
unset _saved
fi
if [ -z "${DBUS_SESSION_BUS_ADDRESS:-}" ] && [ -S "/run/user/$(id -u)/bus" ]; then
export DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u)/bus"
fi
fi
unset -f _dbus_addr_socket_path _dbus_addr_is_live

1
dotfiles/desktop/.bashrc.d/15-runit-desktop.sh
View File

@@ -1,2 +1 @@
export SVDIR="$HOME/.config/service"
export SSH_AUTH_SOCK="$HOME/.local/state/ssh-agent/socket"

1
dotfiles/desktop/.bashrc.d/16-ssh-agent-socket.sh Normal file
View File

@@ -0,0 +1 @@
export SSH_AUTH_SOCK="$HOME/.local/state/ssh-agent/socket"

4
dotfiles/desktop/.bashrc.d/25-emacs-client-desktop.sh
View File

@@ -1,14 +1,14 @@
if command -v emacsclient >/dev/null 2>&1; then
ec() {
emacsclient -c -n "$@" || {
printf '%s\n' "Emacs server is not available. Log into a graphical session and ensure the turnstile-managed 'emacs' service is running." >&2
printf '%s\n' "Emacs server is not available. Log into a graphical session and ensure the user 'emacs' service is running." >&2
return 1
}
}
et() {
emacsclient -t "$@" || {
printf '%s\n' "Emacs server is not available. Ensure the turnstile-managed 'emacs' service is running in your graphical session." >&2
printf '%s\n' "Emacs server is not available. Ensure the user 'emacs' service is running in your graphical session." >&2
return 1
}
}

2
dotfiles/desktop/.bashrc.d/50-ap.sh
View File

@@ -12,7 +12,7 @@ ap() {
cmd+=(--tag "$1")
fi
printf '+ %s\n' "${cmd[*]}"
printf '\033[0;36m+ %s\033[0m\n' "${cmd[*]}"
"${cmd[@]}"
)
}

5
dotfiles/desktop/.config/alacritty/alacritty.toml
View File

@@ -1,6 +1,6 @@
[window]
padding = { x = 8, y = 8 }
opacity = 1.0
opacity = 0.90
[font]
normal = { family = "Hack Nerd Font", style = "Regular" }
@@ -40,5 +40,6 @@ white = "#ffffff"
[keyboard]
bindings = [
{ key = "V", mods = "Control|Shift", action = "Paste" },
{ key = "C", mods = "Control|Shift", action = "Copy" }
{ key = "C", mods = "Control|Shift", action = "Copy" },
{ key = "Return", mods = "Shift", chars = "\u001B\r" }
]

8
dotfiles/desktop/.config/dunst/dunstrc
View File

@@ -4,11 +4,11 @@ follow = mouse
gap_size = 10
width = 360
height = 120
height = (0, 120)
origin = top-right
offset = 20x40
offset = (20, 40)
font = Liberation Sans 10
font = LiterationMono Nerd Font 10
line_height = 2
padding = 12
@@ -19,7 +19,7 @@ separator_height = 2
frame_width = 2
corner_radius = 8
transparency = 0
transparency = 15
background = "#1f1f28"
foreground = "#eeeeee"

63
dotfiles/desktop/.config/i3/config
View File

@@ -3,13 +3,13 @@
set $mod Mod4
set $refresh_i3status killall -SIGUSR1 i3status
font pango:Liberation Mono 10
font pango:LiterationMono Nerd Font 10
# Start XDG autostart entries (.desktop), useful on Void for pipewire/wireplumber/etc.
exec --no-startup-id dex --autostart --environment i3
exec --no-startup-id gnome-keyring-daemon --start --components=secrets
exec_always --no-startup-id setxkbmap -layout us -variant intl
exec_always --no-startup-id feh --bg-fill ~/.config/i3/wallpapers/void-minimalist2.png
exec_always --no-startup-id feh --bg-center ~/.config/i3/wallpapers/wallpaper-161664.jpg
exec_always --no-startup-id ~/.config/i3/scripts/setup-gtk-theme.sh
exec --no-startup-id /usr/libexec/xdg-desktop-portal
@@ -18,6 +18,12 @@ exec --no-startup-id pipewire
exec --no-startup-id pipewire-pulse
exec --no-startup-id wireplumber
# Compositor
exec_always --no-startup-id picom -b
# Status bar
exec_always --no-startup-id ~/.config/polybar/launch.sh
# Monitor configuration
exec --no-startup-id autorandr --persistent --change
@@ -46,6 +52,12 @@ new_window pixel 2
new_float pixel 2
hide_edge_borders none
# Gaps (i3 >= 4.22)
gaps inner 10
gaps outer 4
smart_gaps on
smart_borders on
# vim-like directions
set $left h
set $down j
@@ -150,6 +162,17 @@ set $ws8 "8"
set $ws9 "9"
set $ws10 "10"
workspace $ws1 output primary
workspace $ws2 output primary
workspace $ws3 output primary
workspace $ws4 output primary
workspace $ws5 output primary
workspace $ws6 output primary
workspace $ws7 output primary
workspace $ws8 output primary
workspace $ws9 output primary
workspace $ws10 output primary
bindsym $mod+1 workspace number $ws1
bindsym $mod+2 workspace number $ws2
bindsym $mod+3 workspace number $ws3
@@ -199,24 +222,24 @@ mode "resize" {
bindsym $mod+r mode "resize"
# i3bar + i3status
bar {
status_command i3blocks
position bottom
tray_output primary
font pango:Liberation Mono 10
colors {
background #1f1f28
statusline #d0d0d0
separator #3a3a46
focused_workspace #4a90d9 #4a90d9 #ffffff
active_workspace #3a3a46 #2b2b36 #d0d0d0
inactive_workspace #1f1f28 #1f1f28 #9a9a9a
urgent_workspace #c7162b #c7162b #ffffff
}
}
# i3bar + i3status (disabilitato: ora gestito da polybar)
# bar {
# status_command i3blocks
# position bottom
# tray_output primary
# font pango:Liberation Mono 10
#
# colors {
# background #1f1f28
# statusline #d0d0d0
# separator #3a3a46
#
# focused_workspace #4a90d9 #4a90d9 #ffffff
# active_workspace #3a3a46 #2b2b36 #d0d0d0
# inactive_workspace #1f1f28 #1f1f28 #9a9a9a
# urgent_workspace #c7162b #c7162b #ffffff
# }
# }
client.focused #4a90d9 #4a90d9 #ffffff #4a90d9 #4a90d9
client.focused_inactive #3a3a46 #2b2b36 #eeeeee #3a3a46 #3a3a46

2
dotfiles/desktop/.config/i3/scripts/lockscreen
View File

@@ -1,6 +1,6 @@
#!/bin/sh
wallpaper="$HOME/.config/i3/wallpapers/void-minimalist.png"
wallpaper="$HOME/.config/i3/wallpapers/maxresdefault.jpg"
cached="$HOME/.cache/i3lock/wallpaper.png"
dims_cache="$HOME/.cache/i3lock/dims.txt"
dims=$(xdotool getdisplaygeometry | tr ' ' 'x')

BIN
dotfiles/desktop/.config/i3/wallpapers/785318-darth-vader.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 82 KiB

BIN
dotfiles/desktop/.config/i3/wallpapers/maxresdefault.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 116 KiB

BIN
dotfiles/desktop/.config/i3/wallpapers/wallpaper-161664.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 118 KiB

16
dotfiles/desktop/.config/mimeapps.list
View File

@@ -1,7 +1,7 @@
[Default Applications]
text/html=firefox.desktop
x-scheme-handler/http=firefox.desktop
x-scheme-handler/https=firefox.desktop
text/html=userapp-Firefox-91DVN3.desktop
x-scheme-handler/http=userapp-Firefox-91DVN3.desktop
x-scheme-handler/https=userapp-Firefox-91DVN3.desktop
x-scheme-handler/about=firefox.desktop
x-scheme-handler/unknown=firefox.desktop
application/pdf=com.github.xournalpp.xournalpp.desktop
@@ -164,6 +164,13 @@ text/x-readme=emacs.desktop
text/x-rst=emacs.desktop
text/x-tex=emacs.desktop
text/x-texinfo=emacs.desktop
x-scheme-handler/chrome=userapp-Firefox-91DVN3.desktop
application/x-extension-htm=userapp-Firefox-91DVN3.desktop
application/x-extension-html=userapp-Firefox-91DVN3.desktop
application/x-extension-shtml=userapp-Firefox-91DVN3.desktop
application/xhtml+xml=userapp-Firefox-91DVN3.desktop
application/x-extension-xhtml=userapp-Firefox-91DVN3.desktop
application/x-extension-xht=userapp-Firefox-91DVN3.desktop
[Added Associations]
application/json=emacs.desktop;
@@ -326,3 +333,6 @@ text/x-readme=emacs.desktop;
text/x-rst=emacs.desktop;
text/x-tex=emacs.desktop;
text/x-texinfo=emacs.desktop;
x-scheme-handler/http=userapp-Firefox-91DVN3.desktop;
x-scheme-handler/https=userapp-Firefox-91DVN3.desktop;
x-scheme-handler/chrome=userapp-Firefox-91DVN3.desktop;

7
dotfiles/desktop/.config/opencode/opencode.json
View File

@@ -1,7 +0,0 @@
{
"$schema": "https://opencode.ai/config.json",
"instructions": [
"~/.config/opencode/bootstrap.md",
"~/.config/opencode/rules/safety.md"
]
}

57
dotfiles/desktop/.config/picom/picom.conf Normal file
View File

@@ -0,0 +1,57 @@
backend = "glx";
vsync = true;
use-damage = true;
detect-rounded-corners = true;
detect-client-opacity = true;
detect-transient = true;
corner-radius = 10;
rounded-corners-exclude = [
"window_type = 'dock'",
"window_type = 'desktop'",
"class_g = 'i3-frame'"
];
shadow = true;
shadow-radius = 18;
shadow-opacity = 0.55;
shadow-offset-x = -10;
shadow-offset-y = -10;
shadow-exclude = [
"name = 'Notification'",
"class_g = 'Conky'",
"class_g ?= 'Notify-osd'",
"class_g = 'Cairo-clock'",
"_GTK_FRAME_EXTENTS@:c",
"window_type = 'dock'",
"window_type = 'desktop'"
];
fading = true;
fade-in-step = 0.05;
fade-out-step = 0.05;
fade-delta = 6;
blur-method = "dual_kawase";
blur-strength = 5;
blur-background = true;
blur-background-frame = true;
blur-background-fixed = false;
blur-background-exclude = [
"window_type = 'dock'",
"window_type = 'desktop'",
"class_g = 'i3-frame'",
"class_g = 'Dunst'",
"_GTK_FRAME_EXTENTS@:c"
];
opacity-rule = [];
wintypes:
{
tooltip = { fade = true; shadow = true; opacity = 0.95; focus = true; };
dock = { shadow = false; };
dnd = { shadow = false; };
popup_menu = { opacity = 0.95; };
dropdown_menu = { opacity = 0.95; };
};

208
dotfiles/desktop/.config/polybar/config.ini Normal file
View File

@@ -0,0 +1,208 @@
[colors]
background = #1f1f28
background-alt = #2b2b36
foreground = #d0d0d0
foreground-alt = #9a9a9a
primary = #4a90d9
secondary = #7dcfff
warm = #e0af68
success = #9ec07c
info = #bb9af7
alert = #c7162b
disabled = #3a3a46
[bar/main]
monitor = ${env:MONITOR:}
bottom = false
width = 100%
height = 24pt
radius = 0
background = ${colors.background}
foreground = ${colors.foreground}
line-size = 2pt
border-size = 0
padding-left = 1
padding-right = 1
module-margin = 1
font-0 = LiterationMono Nerd Font:size=10;2
font-1 = Symbols Nerd Font Mono:size=12;2
modules-left = i3
modules-center = date
modules-right = cpu memory disk temperature backlight wifi battery
tray-position = right
tray-padding = 2
cursor-click = pointer
wm-restack = i3
override-redirect = false
[module/i3]
type = internal/i3
pin-workspaces = false
show-urgent = true
strip-wsnumbers = true
enable-scroll = false
index-sort = true
ws-icon-0 = 1;I
ws-icon-1 = 2;II
ws-icon-2 = 3;III
ws-icon-3 = 4;IV
ws-icon-4 = 5;V
ws-icon-5 = 6;VI
ws-icon-6 = 7;VII
ws-icon-7 = 8;VIII
ws-icon-8 = 9;IX
ws-icon-9 = 10;X
ws-icon-default =
label-focused = %icon%
label-focused-foreground = #ffffff
label-focused-background = ${colors.primary}
label-focused-padding = 1
label-unfocused = %icon%
label-unfocused-foreground = ${colors.foreground-alt}
label-unfocused-padding = 1
label-visible = %icon%
label-visible-foreground = ${colors.foreground}
label-visible-background = ${colors.background-alt}
label-visible-padding = 1
label-urgent = %icon%
label-urgent-foreground = #ffffff
label-urgent-background = ${colors.alert}
label-urgent-padding = 1
[module/date]
type = internal/date
interval = 60
date = %Y-%m-%d
time = %H:%M
format-prefix = " "
format-prefix-foreground = ${colors.foreground-alt}
label = %date% %time%
label-foreground = ${colors.foreground}
[module/memory]
type = internal/memory
interval = 10
format = <label>
format-prefix = " "
format-prefix-foreground = ${colors.secondary}
label = %gb_used% / %gb_total%
label-foreground = ${colors.secondary}
[module/temperature]
type = internal/temperature
interval = 10
thermal-zone = 0
warn-temperature = 80
format = <label>
format-prefix = " "
format-prefix-foreground = ${colors.warm}
format-warn = <label-warn>
format-warn-prefix = " "
format-warn-prefix-foreground = ${colors.alert}
label = %temperature-c%
label-foreground = ${colors.warm}
label-warn = %temperature-c%
label-warn-foreground = ${colors.alert}
[module/backlight]
type = internal/backlight
card = intel_backlight
use-actual-brightness = true
enable-scroll = true
format = <label>
format-prefix = " "
format-prefix-foreground = ${colors.foreground}
label = %percentage%%
label-foreground = ${colors.foreground}
[module/wifi]
type = internal/network
interface-type = wireless
interval = 5
format-connected = <label-connected>
format-connected-prefix = " "
format-connected-prefix-foreground = ${colors.primary}
format-disconnected = <label-disconnected>
format-disconnected-prefix = " "
format-disconnected-prefix-foreground = ${colors.disabled}
label-connected = %essid% %signal%%
label-connected-foreground = ${colors.primary}
label-disconnected = offline
label-disconnected-foreground = ${colors.disabled}
[module/battery]
type = internal/battery
battery = BAT0
adapter = AC
full-at = 98
low-at = 15
format-charging = <animation-charging> <label-charging>
format-discharging = <ramp-capacity> <label-discharging>
format-full = <label-full>
format-low = <label-low>
format-full-prefix = " "
format-full-prefix-foreground = ${colors.success}
label-charging = %percentage%%
label-charging-foreground = ${colors.success}
label-discharging = %percentage%%
label-discharging-foreground = ${colors.foreground}
label-full = full
label-full-foreground = ${colors.success}
label-low = %percentage%%
label-low-foreground = ${colors.alert}
ramp-capacity-0 =
ramp-capacity-1 =
ramp-capacity-2 =
ramp-capacity-3 =
ramp-capacity-4 =
ramp-capacity-foreground = ${colors.foreground}
animation-charging-0 =
animation-charging-1 =
animation-charging-2 =
animation-charging-3 =
animation-charging-4 =
animation-charging-foreground = ${colors.success}
animation-charging-framerate = 750
[module/cpu]
type = internal/cpu
interval = 5
format = <label>
format-prefix = " "
format-prefix-foreground = ${colors.info}
label = %percentage%%
label-foreground = ${colors.info}
[module/disk]
type = internal/fs
mount-0 = /
interval = 60
format-mounted = <label-mounted>
format-mounted-prefix = " "
format-mounted-prefix-foreground = ${colors.success}
label-mounted = %used% / %total%
label-mounted-foreground = ${colors.success}
format-unmounted = <label-unmounted>
format-unmounted-prefix = " "
format-unmounted-prefix-foreground = ${colors.disabled}
label-unmounted = %mountpoint% n/a
label-unmounted-foreground = ${colors.disabled}
[settings]
screenchange-reload = true
pseudo-transparency = false

20
dotfiles/desktop/.config/polybar/launch.sh Normal file
View File

@@ -0,0 +1,20 @@
#!/usr/bin/env bash
# Restart polybar on each connected monitor.
polybar-msg cmd quit >/dev/null 2>&1 || true
while pgrep -u "$UID" -x polybar >/dev/null; do
sleep 0.1
done
if command -v xrandr >/dev/null 2>&1; then
monitors=$(xrandr --query | awk '/ connected/ {print $1}')
fi
if [ -n "${monitors:-}" ]; then
for m in $monitors; do
MONITOR="$m" polybar main >/dev/null 2>&1 &
done
else
polybar main >/dev/null 2>&1 &
fi

2
dotfiles/desktop/.config/rofi/config.rasi
View File

@@ -2,7 +2,7 @@ configuration {
modi: "drun,run,window";
show-icons: true;
icon-theme: "Yaru";
font: "Liberation Sans 11";
font: "LiterationMono Nerd Font 11";
}
* {

174
dotfiles/desktop/.config/sway/config
View File

@@ -1,174 +0,0 @@
set $mod Mod4
set $terminal alacritty
set $fallback_terminal st
# Host-specific overrides
include ~/.config/sway/host.conf
include ~/.config/sway/shell.conf
font pango:Liberation Mono 10
# Input and output defaults
seat seat0 xcursor_theme Yaru 24
input type:keyboard {
xkb_layout us
xkb_variant intl
}
focus_follows_mouse no
mouse_warping none
floating_modifier $mod normal
# Borders
default_border pixel 2
default_floating_border pixel 2
hide_edge_borders none
# Floating rules
for_window [app_id="Rofi"] floating enable
for_window [app_id="org.pulseaudio.pavucontrol"] floating enable
for_window [class="Pavucontrol"] floating enable
for_window [app_id="nm-connection-editor"] floating enable
for_window [class="Nm-connection-editor"] floating enable
for_window [app_id="blueman-manager"] floating enable
for_window [class="Blueman-manager"] floating enable
set $left h
set $down j
set $up k
set $right l
# App launchers and window actions
bindsym $mod+Return exec $terminal
bindsym $mod+Shift+Return exec $fallback_terminal
bindsym $mod+Shift+e exec emacsclient -c -n
bindsym $mod+d exec $menu
bindsym $mod+Shift+v exec $audio_panel
bindsym $mod+Shift+f exec thunar
bindsym $mod+Shift+x exec $locker
bindsym $mod+Shift+q kill
# Screenshots
bindsym Print exec $screenshot_full
bindsym Shift+Print exec $screenshot_region
bindsym Alt+Print exec $screenshot_window
# Focus
bindsym $mod+$left focus left
bindsym $mod+$down focus down
bindsym $mod+$up focus up
bindsym $mod+$right focus right
bindsym $mod+Left focus left
bindsym $mod+Down focus down
bindsym $mod+Up focus up
bindsym $mod+Right focus right
# Move windows
bindsym $mod+Shift+$left move left
bindsym $mod+Shift+$down move down
bindsym $mod+Shift+$up move up
bindsym $mod+Shift+$right move right
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right
# Split and layouts
bindsym $mod+b split h
bindsym $mod+v split v
bindsym $mod+f fullscreen toggle
bindsym $mod+s layout stacking
bindsym $mod+w layout tabbed
bindsym $mod+e layout toggle split
bindsym $mod+Shift+space floating toggle
bindsym $mod+space focus mode_toggle
bindsym $mod+a focus parent
# Scratchpad
bindsym $mod+Shift+minus move scratchpad
bindsym $mod+minus scratchpad show
# Volume and brightness OSD
bindsym XF86AudioRaiseVolume exec $audio_raise
bindsym XF86AudioLowerVolume exec $audio_lower
bindsym XF86AudioMute exec $audio_mute
bindsym XF86AudioMicMute exec $audio_mic_mute
bindsym XF86MonBrightnessUp exec $brightness_up
bindsym XF86MonBrightnessDown exec $brightness_down
# Media keys
bindsym XF86AudioPlay exec playerctl play-pause
bindsym XF86AudioNext exec playerctl next
bindsym XF86AudioPrev exec playerctl previous
# Workspaces
set $ws1 1
set $ws2 2
set $ws3 3
set $ws4 4
set $ws5 5
set $ws6 6
set $ws7 7
set $ws8 8
set $ws9 9
set $ws10 10
bindsym $mod+1 workspace number $ws1
bindsym $mod+2 workspace number $ws2
bindsym $mod+3 workspace number $ws3
bindsym $mod+4 workspace number $ws4
bindsym $mod+5 workspace number $ws5
bindsym $mod+6 workspace number $ws6
bindsym $mod+7 workspace number $ws7
bindsym $mod+8 workspace number $ws8
bindsym $mod+9 workspace number $ws9
bindsym $mod+0 workspace number $ws10
bindsym $mod+comma workspace prev
bindsym $mod+period workspace next
bindsym $mod+Shift+1 move container to workspace number $ws1
bindsym $mod+Shift+2 move container to workspace number $ws2
bindsym $mod+Shift+3 move container to workspace number $ws3
bindsym $mod+Shift+4 move container to workspace number $ws4
bindsym $mod+Shift+5 move container to workspace number $ws5
bindsym $mod+Shift+6 move container to workspace number $ws6
bindsym $mod+Shift+7 move container to workspace number $ws7
bindsym $mod+Shift+8 move container to workspace number $ws8
bindsym $mod+Shift+9 move container to workspace number $ws9
bindsym $mod+Shift+0 move container to workspace number $ws10
# Reload and power menu
bindsym $mod+Shift+c reload
bindsym $mod+Shift+r reload
bindsym $mod+Shift+BackSpace exit
bindsym $mod+Shift+Escape exec $powermenu
# Resize mode
mode "resize" {
bindsym $left resize shrink width 10 px or 10 ppt
bindsym $down resize grow height 10 px or 10 ppt
bindsym $up resize shrink height 10 px or 10 ppt
bindsym $right resize grow width 10 px or 10 ppt
bindsym Left resize shrink width 10 px or 10 ppt
bindsym Down resize grow height 10 px or 10 ppt
bindsym Up resize shrink height 10 px or 10 ppt
bindsym Right resize grow width 10 px or 10 ppt
bindsym Return mode "default"
bindsym Escape mode "default"
bindsym $mod+r mode "default"
}
bindsym $mod+r mode "resize"
client.focused #4a90d9 #4a90d9 #ffffff #4a90d9 #4a90d9
client.focused_inactive #3a3a46 #2b2b36 #eeeeee #3a3a46 #3a3a46
client.unfocused #2b2b36 #1f1f28 #bcbcbc #2b2b36 #2b2b36
client.urgent #c7162b #c7162b #ffffff #c7162b #c7162b
client.placeholder #1f1f28 #1f1f28 #bcbcbc #1f1f28 #1f1f28
client.background #1f1f28

1
dotfiles/desktop/.config/sway/host.conf
View File

@@ -1 +0,0 @@
# Host-specific Sway overrides live here.

3
dotfiles/desktop/.emacs.d/init.el
View File

@@ -45,8 +45,7 @@
'misc/rss
'misc/terminal
'misc/vcs
'misc/pdf
'misc/epub
'misc/documents
'misc/i3-config)
(message "...user configuration loaded")

4
dotfiles/desktop/.emacs.d/lisp/core/keybindings.el
View File

@@ -105,8 +105,8 @@
(define-key projectile-command-map (kbd "v") #'fscotto/project-multi-vterm)
(define-key projectile-command-map (kbd "V") nil)
(define-key projectile-command-map (kbd "x") #'fscotto/project-external-terminal)
(define-key projectile-command-map (kbd "a") #'fscotto/project-opencode-dwim)
(define-key projectile-command-map (kbd "A") #'fscotto/project-opencode-session)
(define-key projectile-command-map (kbd "a") #'fscotto/project-agent-dwim)
(define-key projectile-command-map (kbd "A") #'fscotto/project-agent-session)
(define-key projectile-command-map (kbd "g") #'fscotto/project-magit-status))
;;;; LSP

10
dotfiles/desktop/.emacs.d/lisp/core/ui.el
View File

@@ -2,15 +2,15 @@
;; Load default theme
(use-package nordic-night-theme
:ensure t)
(load-theme 'nordic-night t)
:ensure t
:config
(load-theme 'nordic-night t))
;; Setting default font
(set-frame-font "Liberation Mono 14" nil t)
(set-frame-font "LiterationMono Nerd Font 14" nil t)
(add-to-list 'default-frame-alist
'(font . "Liberation Mono-14"))
'(font . "FantasqueSansM Nerd Font-14"))
;; Remove toolbar
(tool-bar-mode -1)

19
dotfiles/desktop/.emacs.d/lisp/lang/json.el
View File

@@ -1,6 +1,23 @@
;;; json.el -*- lexical-binding: t -*-
(defun fscotto/json-maybe-start-lsp ()
"Start LSP for JSON buffers when lsp-mode is available."
(when (fboundp 'lsp-deferred)
(lsp-deferred)))
(use-package json-mode
:ensure t)
:ensure t
:mode
(("\\.json\\'" . json-mode)
("\\.jsonc\\'" . json-mode))
:hook
(json-mode . fscotto/json-maybe-start-lsp))
(with-eval-after-load 'json-ts-mode
(add-hook 'json-ts-mode-hook #'fscotto/json-maybe-start-lsp))
(with-eval-after-load 'jsonc-mode
(add-hook 'jsonc-mode-hook #'fscotto/json-maybe-start-lsp))
(provide 'json)

101
dotfiles/desktop/.emacs.d/lisp/misc/custom-functions.el
View File

@@ -1,4 +1,5 @@
;;functions to support syncing .elfeed between machines
(require 'seq)
(require 'subr-x)
;;makes sure elfeed reads index from disk before launching
(defvar fscotto/elfeed-initial-update-done nil
"Non-nil once Elfeed has triggered its first automatic update this session.")
@@ -128,16 +129,24 @@ Each entry is a cons cell of display string and session id."
"Return the latest saved OpenCode session id for the current project."
(cdr (car (fscotto/opencode-session-candidates (fscotto/project-root)))))
(defun fscotto/project-opencode-dwim ()
"Open the most useful OpenCode session for the current project.
Resume the latest saved session when available, otherwise create a new one."
(defun fscotto/project-agent-dwim ()
"Choose an agent for the current project and launch it externally."
(interactive)
(let ((session-id (fscotto/project-opencode-latest-session-id)))
(if session-id
(fscotto/launch-external-terminal (list "opencode" "--session" session-id)
(fscotto/project-root))
(fscotto/project-opencode))))
(let ((agent (completing-read "Agent: " '("Claude" "Codex" "Gemini" "OpenCode") nil t)))
(pcase agent
("Claude"
(fscotto/launch-external-terminal '("claude" "--continue")))
("OpenCode"
(let ((session-id (fscotto/project-opencode-latest-session-id)))
(if session-id
(fscotto/launch-external-terminal (list "opencode" "--session" session-id)
(fscotto/project-root))
(fscotto/project-opencode))))
("Codex"
(fscotto/launch-external-terminal '("codex" "resume" "--last")))
("Gemini"
(fscotto/launch-external-terminal '("gemini" "--resume" "latest")
(fscotto/project-root))))))
(defun fscotto/project-opencode-session ()
"Resume a saved OpenCode session for the current project."
@@ -151,6 +160,78 @@ Resume the latest saved session when available, otherwise create a new one."
(fscotto/launch-external-terminal (list "opencode" "--session" session-id)
project-directory))))
(defun fscotto/gemini-session-candidates (directory)
"Return Gemini session candidates for DIRECTORY.
Each entry is a cons cell of display string and session index.
Tries JSON output first, falls back to text parsing if unavailable."
(let* ((default-directory (file-name-as-directory directory))
(json-output (shell-command-to-string
"gemini --list-sessions --output-format json 2>/dev/null")))
(cond
((string-match "^{" json-output)
(ignore-errors
(require 'json)
(let* ((parsed (json-parse-string json-output))
(sessions (gethash "sessions" parsed)))
(when (vectorp sessions)
(seq-map-indexed
(lambda (s idx)
(let* ((idx-str (number-to-string (1+ idx)))
(msg (if (hash-table-p s)
(or (gethash "firstUserMessage" s) "Session")
"Session"))
(ts (and (hash-table-p s)
(ignore-errors (gethash "lastUpdated" s))
(when (stringp it) (string-trim it))))
(label (if ts (format "%s [%s]" msg ts) msg)))
(cons label idx-str)))
sessions)))))
(t
(let* ((output (shell-command-to-string "gemini --list-sessions"))
(lines (seq-filter (lambda (s) (string-match "\\S-" s))
(split-string output "\n" t)))
(data-lines (seq-drop lines 1))
(candidates nil))
(dolist (line data-lines)
(let ((trimmed (string-trim line)))
(when (string-match
(rx (group (one-or-more digit))
(one-or-more whitespace)
(group (one-or-more nonl)))
trimmed)
(push (cons (match-string 2 trimmed)
(match-string 1 trimmed))
candidates))))
(nreverse candidates))))))
(defun fscotto/project-gemini-session ()
"Choose and resume a Gemini session for the current project."
(interactive)
(let* ((project-directory (fscotto/project-root))
(candidates (fscotto/gemini-session-candidates project-directory)))
(unless candidates
(user-error "No Gemini sessions found for %s" project-directory))
(let* ((selection (completing-read "Gemini session: " candidates nil t))
(session-idx (cdr (assoc selection candidates))))
(fscotto/launch-external-terminal
(list "gemini" "--resume" session-idx)
project-directory))))
(defun fscotto/project-agent-session ()
"Choose an agent and resume a saved session for the current project."
(interactive)
(let ((agent (completing-read "Agent session: " '("Claude" "Codex" "Gemini" "OpenCode") nil t)))
(pcase agent
("Claude"
(fscotto/launch-external-terminal '("claude" "--resume")))
("OpenCode"
(fscotto/project-opencode-session))
("Codex"
(fscotto/launch-external-terminal '("codex" "resume")))
("Gemini"
(fscotto/project-gemini-session)))))
(defun fscotto/project-external-terminal ()
"Open the external terminal in project root."
(interactive)

39
dotfiles/desktop/.emacs.d/lisp/misc/documents.el Normal file
View File

@@ -0,0 +1,39 @@
;;; documents.el -*- lexical-binding: t; -*-
(use-package pdf-tools
:ensure t
:config
(pdf-tools-install))
(use-package pdf-view
:config
(setq-default pdf-view-display-size 'fit-width)
(setq pdf-cache-org-imgparams t
pdf-view-use-smooth-scrolling t)
(setq pdf-annot-default-visible-properties t))
(with-eval-after-load 'pdf-view
(define-key pdf-view-mode-map (kbd "n") 'pdf-view-next-page)
(define-key pdf-view-mode-map (kbd "p") 'pdf-view-previous-page)
(define-key pdf-view-mode-map (kbd "q") 'pdf-view-close))
(use-package nov
:ensure t
:mode ("\\.epub\\'" . nov-mode))
(use-package calibre
:ensure t
:commands calibre-library
:config
(setq calibre-calibredb-executable
(or (executable-find "calibredb")
(let ((flatpak-wrapper (expand-file-name "~/.local/bin/calibredb")))
(when (file-executable-p flatpak-wrapper)
flatpak-wrapper))
"calibredb")
calibre-libraries
`(("Library" . ,(expand-file-name "~/Documents/Library")))))
(provide 'misc/documents)
;;; documents.el ends here

3
dotfiles/desktop/.emacs.d/lisp/misc/epub.el
View File

@@ -1,3 +0,0 @@
(use-package nov
:ensure t
:mode ("\\.epub\\'" . nov-mode))

22
dotfiles/desktop/.emacs.d/lisp/misc/pdf.el
View File

@@ -1,22 +0,0 @@
;;; pdf.el -*- lexical-binding: t; -*-
(use-package pdf-tools
:ensure t
:config
(pdf-tools-install))
(use-package pdf-view
:config
(setq-default pdf-view-display-size 'fit-width)
(setq pdf-cache-org-imgparams t
pdf-view-use-smooth-scrolling t)
(setq pdf-annot-default-visible-properties t))
(with-eval-after-load 'pdf-view
(define-key pdf-view-mode-map (kbd "n") 'pdf-view-next-page)
(define-key pdf-view-mode-map (kbd "p") 'pdf-view-previous-page)
(define-key pdf-view-mode-map (kbd "q") 'pdf-view-close))
(provide 'misc/pdf)
;;; pdf.el ends here

4
dotfiles/desktop/.emacs.d/lisp/misc/which-key.el
View File

@@ -145,8 +145,8 @@
"C-c p t" "Test"
"C-c p v" "Open multi-vterm in project"
"C-c p x" "Open external term"
"C-c p a" "OpenCode (dwim)"
"C-c p A" "Choose OpenCode session"
"C-c p a" "Choose agent"
"C-c p A" "Choose agent session"
"C-c p e" "Edit project config"
"C-c p g" "Project Git status"
"C-c p 4" "Other Window"

2
dotfiles/desktop/.local/bin/calibredb Executable file
View File

@@ -0,0 +1,2 @@
#!/bin/sh
exec flatpak run --command=calibredb com.calibre_ebook.calibre "$@"

28
dotfiles/desktop/.local/bin/start-sway-session
View File

@@ -1,28 +0,0 @@
#!/bin/sh
[ -r /etc/profile ] && . /etc/profile
[ -r "$HOME/.profile" ] && . "$HOME/.profile"
[ -r "$HOME/.config/sway/session-env" ] && . "$HOME/.config/sway/session-env"
set -eu
session_name=sway
export XDG_CURRENT_DESKTOP="$session_name"
export XDG_SESSION_DESKTOP="$session_name"
export XDG_SESSION_TYPE=wayland
export SSH_AUTH_SOCK="$HOME/.local/state/ssh-agent/socket"
if [ "${SWAY_UNSUPPORTED_GPU:-0}" = "1" ]; then
set -- sway --unsupported-gpu
else
set -- sway
fi
exec dbus-run-session sh -eu -c '
umask 077
printf "%s\n" "$DBUS_SESSION_BUS_ADDRESS" > "$HOME/.dbus-session-bus-address"
gpgconf --launch gpg-agent
"$HOME/.local/bin/update-turnstile-env"
exec "$@"
' sh "$@"

4
dotfiles/desktop/.local/bin/update-turnstile-env
View File

@@ -8,11 +8,9 @@ fi
turnstile-update-runit-env \
DISPLAY \
WAYLAND_DISPLAY \
XAUTHORITY \
DBUS_SESSION_BUS_ADDRESS \
SSH_AUTH_SOCK \
XDG_CURRENT_DESKTOP \
XDG_SESSION_DESKTOP \
XDG_SESSION_TYPE \
SWAYSOCK >/dev/null 2>&1 || true
XDG_SESSION_TYPE >/dev/null 2>&1 || true

4
dotfiles/desktop/.ssh/config
View File

@@ -1,4 +1,8 @@
Host vps
IdentityFile ~/.ssh/id_rsa_vps
Host *
IdentityFile ~/.ssh/id_ed25519
ControlMaster auto
ControlPath ~/.local/state/ssh/sockets/%r@%h-%p
ControlPersist 600

17
dotfiles/nymph/.config/kanshi/config
View File

@@ -1,17 +0,0 @@
profile solo {
output DP-1 disable
output DP-2 disable
output HDMI-A-1 disable
output HDMI-A-2 disable
output eDP-1 enable mode 1920x1080 position 0,0
exec swaymsg "workspace 1, move workspace to output eDP-1; workspace 2, move workspace to output eDP-1; workspace 3, move workspace to output eDP-1; workspace 4, move workspace to output eDP-1; workspace 5, move workspace to output eDP-1; workspace 6, move workspace to output eDP-1; workspace 7, move workspace to output eDP-1; workspace 8, move workspace to output eDP-1; workspace 9, move workspace to output eDP-1; workspace 10, move workspace to output eDP-1"
}
profile dual {
output DP-2 disable
output HDMI-A-1 disable
output HDMI-A-2 disable
output eDP-1 enable mode 1920x1080 position 0,0
output DP-1 enable mode 3440x1440@100Hz position 1920,0
exec swaymsg "workspace 1, move workspace to output eDP-1; workspace 2, move workspace to output DP-1; workspace 3, move workspace to output DP-1; workspace 4, move workspace to output DP-1; workspace 5, move workspace to output DP-1; workspace 6, move workspace to output DP-1; workspace 7, move workspace to output DP-1; workspace 8, move workspace to output DP-1; workspace 9, move workspace to output DP-1; workspace 10, move workspace to output DP-1"
}

16
dotfiles/nymph/.config/sway/host.conf
View File

@@ -1,16 +0,0 @@
set $terminal ~/.local/bin/prime-run /usr/bin/alacritty
gaps inner 10
gaps outer 5
corner_radius 10
workspace 1 output eDP-1
workspace 2 output DP-1
workspace 3 output DP-1
workspace 4 output DP-1
workspace 5 output DP-1
workspace 6 output DP-1
workspace 7 output DP-1
workspace 8 output DP-1
workspace 9 output DP-1
workspace 10 output DP-1

4
dotfiles/nymph/.config/sway/session-env
View File

@@ -1,4 +0,0 @@
export LIBVA_DRIVER_NAME=iHD
export SWAY_UNSUPPORTED_GPU=1
export WLR_DRM_DEVICES=/dev/dri/card0:/dev/dri/card1
export WLR_NO_HARDWARE_CURSORS=1

16
scripts/bootstrap_mail.sh
View File

@@ -198,8 +198,20 @@ parse_secret_lookup_args() {
resolve_dbus_session_bus_address() {
if [ -n "${DBUS_SESSION_BUS_ADDRESS:-}" ]; then
printf '%s\n' "$DBUS_SESSION_BUS_ADDRESS"
return 0
case "$DBUS_SESSION_BUS_ADDRESS" in
unix:path=*)
_path=${DBUS_SESSION_BUS_ADDRESS#unix:path=}
_path=${_path%%,*}
if [ -S "$_path" ]; then
printf '%s\n' "$DBUS_SESSION_BUS_ADDRESS"
return 0
fi
;;
unix:abstract=*)
printf '%s\n' "$DBUS_SESSION_BUS_ADDRESS"
return 0
;;
esac
fi
if [ -f "$HOME/.dbus-session-bus-address" ]; then