fscotto/infra
1
0
Fork 0
mirror of https://github.com/fscotto/infra.git synced 2026-05-30 15:39:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: fscotto:feature/noctalia-ayu
Branches Tags
fscotto:main fscotto:feature/migrate-wayland fscotto:feature/noctalia-ayu
..
compare: fscotto:e7570d3bd3e1b4c21415045dce8fbd94846b975e
Branches Tags
fscotto:main fscotto:feature/migrate-wayland fscotto:feature/noctalia-ayu

47 Commits
feature/no ... e7570d3bd3

Author SHA1 Message Date
Fabio Scotto di Santolo
e7570d3bd3 Replace gnome-console with ptyxis on Arch 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 11:45:02 +02:00
Fabio Scotto di Santolo
525fa05352 Remove system-config-printer from Arch (GNOME uses gnome-control-center) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:58:29 +02:00
Fabio Scotto di Santolo
d7629d33d6 Expand and clean up Arch GNOME packages, remove alacritty from Arch 
- arch_desktop_gnome_packages: add full GNOME app suite (baobab, gnome-console,
  loupe, papers, showtime, snapshot, sushi, gvfs backends, etc.), sort
  alphabetically, remove duplicates already in arch_packages_base
  (gnome-keyring, gvfs, gvfs-mtp, gvfs-smb, simple-scan)
- Remove alacritty from arch_profile_packages; move alacritty config and
  directory creation to Void-only (profile_desktop_i3 / desktop_void_dotfiles)
- Enable emacs user service via ansible.builtin.systemd (scope: user)
  instead of a manual symlink

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:55:54 +02:00
Fabio Scotto di Santolo
224e9bf1e8 Enable gdm without starting it during provisioning 
Add enabled_services_only list to services_systemd role for services that
should be enabled at boot but not started immediately. Move gdm to this list
on Arch to avoid starting the display manager mid-provisioning.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:43:40 +02:00
Fabio Scotto di Santolo
238d8ab873 Switch to emacs-wayland on Arch, use package-provided emacs.service 
- emacs → emacs-wayland in arch_profile_packages
- Remove custom emacs.service deployment: replace full .config/systemd/user/
  directory copy with individual service files (rclone-pcloud, syncthing)
- Remove emacs.service from desktop_systemd_user_services
- Enable package-provided /usr/lib/systemd/user/emacs.service via symlink
  in profile_desktop_gnome

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:41:10 +02:00
Fabio Scotto di Santolo
b483ef5b7e Move st to Void-only source tools, remove bookokrat 
- bookokrat removed completely from desktop_source_tools
- st moved from common to desktop_void_source_tools (Void-only; uses X11/make)
- Build task loop extended to include desktop_void_source_tools on Void

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:37:51 +02:00
Fabio Scotto di Santolo
56c0335b40 Use pinentry-gnome3 for gpg-agent on Arch 
Add gpg-agent.arch.conf with pinentry-gnome3 and without enable-ssh-support
(SSH is handled by gnome-keyring on GNOME). Deploy it from profile_desktop_gnome,
overriding the common conf that uses pinentry-gtk-2 for Void.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-13 10:35:06 +02:00
Fabio Scotto di Santolo
14c24c299d Clean up Arch profile: remove i3/Void-specific config and fix GNOME integration 
- Remove XFCE/i3-specific packages and dotfiles from Arch path (xarchiver,
  udiskie, Thunar, xfce-polkit, clipman, screenshooter)
- Separate per-OS dotfiles: mimeapps, udiskie config, GTK theme script,
  udiskie-password, dbus-session and ssh-agent fragments moved to Void-only
- Add mimeapps.arch.list with Nautilus/GNOME associations for nymph
- Move dunst/rofi directory creation from common to profile_desktop_i3
- Add gnome-keyring PAM hooks for GDM (gdm-password) in profile_desktop_gnome
- Remove ssh-agent.service from desktop_systemd_user_services on Arch;
  drop ssh-agent dependency and hardcoded socket from emacs.service
- Add ttf-hack-nerd to Arch font packages
- Fix rustup bootstrap: use rustup-init on Void, rustup toolchain install on Arch

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-12 23:37:39 +02:00
Fabio Scotto di Santolo
013531ad4b Fix Arch package names 2026-05-12 20:17:51 +02:00
Fabio Scotto di Santolo
e772e9650d Remove unavailable Arch mu package 2026-05-12 19:11:56 +02:00
Fabio Scotto di Santolo
5027b3dd77 Migrate Archlinux config from GRUB to systemd-boot 2026-05-12 18:33:45 +02:00
Fabio Scotto di Santolo
f0fcc92d6d Enable new Archlinux profile for nymph 2026-05-12 18:02:30 +02:00
Fabio Scotto di Santolo
e4d6deb3c5 Added npm tag 2026-05-10 09:02:08 +02:00
Fabio Scotto di Santolo
95c7531db4 Fix handle dbus session address on desktop 2026-05-10 08:57:05 +02:00
Fabio Scotto di Santolo
7baa944aee Fix mime browser 2026-05-10 08:08:03 +02:00
Fabio Scotto di Santolo
3344abb36b deadalus-fedora: add GNOME extension and PaperWM gsettings 2026-05-05 21:45:10 +02:00
Fabio Scotto di Santolo
e83b7f1502 deadalus-fedora: add GNOME extension packages 2026-05-05 21:45:07 +02:00
Fabio Scotto di Santolo
72c2f70185 Add man-pages packages to Void base 2026-05-02 11:10:49 +02:00
Fabio Scotto di Santolo
3c702a299e Consolidate Emacs document tooling 2026-05-02 09:53:10 +02:00
Fabio Scotto di Santolo
fb81d1082c Enable JSON LSP support in Emacs 2026-05-01 21:19:02 +02:00
Fabio Scotto di Santolo
cd8c775630 Add i3 session to nymph and cleanup script for sway 2026-04-30 12:12:36 +02:00
Fabio Scotto di Santolo
dab66bda47 Add linux-mainline kernel packages to Void and nymph 2026-04-30 11:53:09 +02:00
Fabio Scotto di Santolo
e0fe207771 Add hugo to Void base packages 2026-04-29 19:27:29 +02:00
Fabio Scotto di Santolo
eaf1a7f182 Change gpg key for encrypt 2026-04-29 18:47:12 +02:00
Fabio Scotto di Santolo
4b5879a67e Add task for extract templates for desktop 2026-04-29 09:02:49 +02:00
Fabio Scotto di Santolo
46b6bcd62c Add gist and github-cli to Void base packages 2026-04-28 20:53:48 +02:00
Fabio Scotto di Santolo
d48d2db0ba Color ap command output in cyan 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-28 18:00:09 +02:00
Fabio Scotto di Santolo
18ea0a02ad Fix Alacritty keyboard bindings 2026-04-28 17:50:02 +02:00
Fabio Scotto di Santolo
fa6b082381 Add Claude to Emacs project agent picker 2026-04-28 17:40:43 +02:00
Fabio Scotto di Santolo
e2a66c623f Add Claude Code agent configuration 2026-04-28 17:29:52 +02:00
Fabio Scotto di Santolo
164b11bb73 Add speech dispatcher to Void packages 2026-04-28 16:19:27 +02:00
Fabio Scotto di Santolo
10b0a6225b Update desktop SSH defaults 2026-04-28 16:14:19 +02:00
Fabio Scotto di Santolo
bcd8635d9e Disable Nextcloud AIO on server 2026-04-28 16:07:34 +02:00
Fabio Scotto di Santolo
aa0f787d00 Skip AI agent dotfiles on servers 2026-04-28 14:55:32 +02:00
Fabio Scotto di Santolo
949ae2c47f Add Nextcloud AIO service 2026-04-28 14:48:21 +02:00
Fabio Scotto di Santolo
16850eba53 Update agent operating notes 2026-04-28 12:12:50 +02:00
Fabio Scotto di Santolo
e0869e72d6 Change i3 and i3lock backgrounds 2026-04-27 21:48:37 +02:00
Fabio Scotto di Santolo
e9af0bd1af Template Codex instructions path 2026-04-27 20:48:18 +02:00
Fabio Scotto di Santolo
763bbd8b9f Gemini: configure CLI and update workstation/wsl inventory 2026-04-27 19:22:20 +02:00
Fabio Scotto di Santolo
950cbff85c Ansible: implement selective AI agent deployment across profiles 2026-04-27 19:17:18 +02:00
Fabio Scotto di Santolo
003679f499 Refactor: centralize AI instructions and opencode config into common dotfiles 2026-04-27 19:17:14 +02:00
Fabio Scotto di Santolo
ab294f4cb7 Add NTFS support to Void desktops 2026-04-27 08:37:56 +02:00
Fabio Scotto di Santolo
325a405012 Add Gemini CLI agent support with robust session parsing 2026-04-27 08:27:34 +02:00
Fabio Scotto di Santolo
c9fa536bb5 Add Gemini CLI to npm packages 2026-04-26 20:43:13 +02:00
Fabio Scotto di Santolo
a108957ba4 Add Codex CLI agent support to project launcher 2026-04-26 19:39:14 +02:00
Fabio Scotto di Santolo
0eba6aa9c8 Add OpenAI Codex CLI to npm packages 2026-04-26 16:11:43 +02:00
Fabio Scotto di Santolo
d036eee00a Move nordic-night-theme load into :config block 2026-04-26 15:58:01 +02:00
101 changed files with 1953 additions and 1116 deletions
Expand all files Collapse all files

7
.claude/settings.local.json Normal file
View File

@@ -0,0 +1,7 @@
{
"permissions": {
"allow": [
"Bash(xargs ls -la)"
]
}
}

0
.codex Normal file
View File

39
AGENTS.md
View File

@@ -1,15 +1,18 @@
# AGENTS.md
Ansible-driven personal infrastructure repo for Void desktops, Linux workstations, Windows+WSL, and an Ubuntu server.
Ansible-driven personal infrastructure repo for Void/Arch desktops, Linux workstations, Windows+WSL, and an Ubuntu server.
## Source Of Truth
- Main orchestration: `ansible/site.yml`
- Inventory and layering inputs: `ansible/inventory/hosts.yml`, `ansible/inventory/group_vars/*.yml`, `ansible/inventory/host_vars/*.yml`
- Dotfiles live under `dotfiles/`
- OpenCode loads global instructions from `dotfiles/desktop/.config/opencode/opencode.json`
- AI agent instructions (bootstrap, rules, knowledge) are centralized in `dotfiles/common/.config/ai/` and shared between OpenCode, Codex, and Gemini CLI.
- OpenCode loads its entrypoint configuration from `dotfiles/common/.config/opencode/opencode.json`.
- Codex config is rendered from `dotfiles/common/.codex/config.toml.j2` so `model_instructions_file` points to the deployed `~/.config/ai/bootstrap.md`.
## Topology
- Void desktops: `ikaros`, `nymph`
- Void desktops: `ikaros`
- Arch desktops: `nymph`
- Native Linux workstations: `deadalus-ubuntu`, `deadalus-fedora`
- Windows host + WSL dev: `deadalus-win`, `deadalus-wsl`
- Ubuntu server: `prometheus`
@@ -32,14 +35,15 @@ Ansible-driven personal infrastructure repo for Void desktops, Linux workstation
- `ansible-lint ansible/roles`
- `yamllint ansible/`
- Host-focused dry runs:
- Void desktop work: `ansible-playbook ansible/site.yml --limit ikaros --check --diff` or `--limit nymph --check --diff`
- Void desktop work: `ansible-playbook ansible/site.yml --limit ikaros --check --diff`
- Arch desktop work: `ansible-playbook ansible/site.yml --limit nymph --check --diff`
- Ubuntu workstation: `ansible-playbook ansible/site.yml --limit deadalus-ubuntu --check --diff`
- Fedora workstation: `ansible-playbook ansible/site.yml --limit deadalus-fedora --check --diff`
- WSL dev: `ansible-playbook ansible/site.yml --limit deadalus-wsl --check --diff`
- Server: `ansible-playbook ansible/site.yml --limit prometheus --check --diff`
- Focused checks:
- Emacs dotfiles only: `ansible-playbook ansible/site.yml --limit ikaros --tags emacs --check --diff` or `--limit nymph --tags emacs --check --diff`
- Sway/Noctalia bootstrap on nymph: `ansible-playbook ansible/site.yml --limit nymph --tags packages,dotfiles:desktop,sway --check --diff`
- Emacs dotfiles only: `ansible-playbook ansible/site.yml --limit ikaros --tags emacs --check --diff` or `--limit nymph --tags emacs --check --diff`
- Arch GNOME desktop bootstrap on nymph: `ansible-playbook ansible/site.yml --limit nymph --tags packages,services,gnome --check --diff`
- Mail bootstrap: `sh -n scripts/bootstrap_mail.sh` and `shellcheck scripts/bootstrap_mail.sh`
- Windows bootstrap parse: `pwsh -NoProfile -Command "[void][System.Management.Automation.Language.Parser]::ParseFile('scripts/bootstrap_windows_workstation.ps1', [ref]$null, [ref]$null)"`
- Server compose render: `docker compose -f /opt/docker/server/docker-compose.yml config`
@@ -52,17 +56,21 @@ Ansible-driven personal infrastructure repo for Void desktops, Linux workstation
- Put host-specific overrides in `host_vars`, not shared `group_vars`.
- Use `no_log: true` for secret-bearing task inputs or outputs.
## Desktop Void Notes
## Desktop Notes
- `profile_desktop_common` owns the shared desktop bootstrap.
- `.emacs.d` is deployed by a dedicated `profile_desktop_common` task tagged `emacs`.
- User services are managed by `turnstile` and live under `dotfiles/desktop/.config/service/`.
- `ssh-agent` runs under `turnstile` with stable socket `~/.local/state/ssh-agent/socket`.
- NTFS filesystem support is provided by `ntfs-3g` in `ansible/inventory/group_vars/void.yml`.
- Void user services are managed by `turnstile` and live under `dotfiles/desktop/.config/service/`.
- Arch user services are systemd user units under `dotfiles/desktop/.config/systemd/user/`.
- `ssh-agent` keeps the stable socket `~/.local/state/ssh-agent/socket`.
- Critical session entrypoints:
- `dotfiles/desktop/.xinitrc`
- `dotfiles/desktop/.local/bin/start-sway-session`
- Do not auto-restart `emptty` during playbook runs on active desktop hosts; restart it manually from another TTY/SSH session if needed.
- `profile_desktop_sway` owns the Sway session, Noctalia config rendering, and official plugin linking.
- Noctalia shared config lives in `dotfiles/desktop/.config/noctalia/`; bar monitors and `screenOverrides` come from inventory (`noctalia_bar_monitors`, `noctalia_screen_overrides`).
- Do not auto-restart `emptty` during playbook runs on active Void desktop hosts; restart it manually from another TTY/SSH session if needed.
- `nymph` is an Arch GNOME/GDM desktop; do not route it through Void/i3/Sway/emptty tasks.
- `nymph` uses systemd-boot; keep loader entries and kernel cmdline in `ansible/inventory/host_vars/nymph.yml`.
- `profile_desktop_sway` owns the Sway session, Noctalia config rendering, and official plugin linking when a Sway desktop is explicitly enabled.
- Noctalia shared config lives in `dotfiles/desktop/.config/noctalia/`; bar monitors and `screenOverrides` come from inventory (`noctalia_bar_monitors`, `noctalia_screen_overrides`) on Sway hosts.
- On Sway hosts, `udiskie` is the backend for automount/LUKS but runs without tray; USB device UI is handled by `usb-drive-manager`.
- Do not re-introduce `network-manager-applet` or `blueman` on Sway hosts without an explicit host-specific reason.
@@ -73,6 +81,13 @@ Ansible-driven personal infrastructure repo for Void desktops, Linux workstation
- `workstation_host_windows` runs with `gather_facts: false` and validates PSRP settings plus `windows_package_backend` before role execution.
- Windows taskbar pins are driven by `windows_taskbar_pins` in `ansible/inventory/group_vars/workstation_host_windows.yml`; validate identifiers from a real Windows session before changing them.
## Coding Agent Notes
- Shared agent packages live in `ai_agents_npm_packages` in `ansible/inventory/group_vars/all.yml`.
- Shared agent dotfiles live in `ai_agents_dotfiles`; rendered configs live in `ai_agents_templates`.
- Desktop, native workstation, and WSL profiles consume the shared agent package list; do not duplicate package entries in profile-specific vars.
- `dotfiles_common` copies common dotfiles plus `ai_agents_dotfiles`, then renders `ai_agents_templates`.
- Keep `.config/ai/` as the common instruction source; update agent-specific entrypoints to reference it rather than duplicating instruction text.
## Tooling Notes
- Install local tooling with:
- `python3 -m pip install ansible ansible-lint yamllint shellcheck-py`

691
README.md
View File

@@ -15,26 +15,26 @@ Il repository consente di gestire più sistemi operativi e profili macchina mant
# Architettura del progetto
```text
infra/
├── ansible/
│ ├── ansible.cfg
│ ├── site.yml
│ ├── inventory/
│ │ ├── hosts.yml
│ │ ├── group_vars/
│ │ └── host_vars/
│ ├── templates/
│ └── roles/
├── dotfiles/
│ ├── common/
│ ├── desktop/
│ ├── fedora/
│ ├── server/
│ ├── workstation/
│ ├── ikaros/
│ └── nymph/
```text
infra/
├── ansible/
│ ├── ansible.cfg
│ ├── site.yml
│ ├── inventory/
│ │ ├── hosts.yml
│ │ ├── group_vars/
│ │ └── host_vars/
│ ├── templates/
│ └── roles/
├── dotfiles/
│ ├── common/
│ ├── desktop/
│ ├── fedora/
│ ├── server/
│ ├── workstation/
│ ├── ikaros/
│ └── nymph/
├── scripts/
├── secrets/
@@ -50,16 +50,16 @@ Il repository è diviso in due componenti principali:
---
# Macchine gestite
Il repository modella attualmente tre tipologie di profilo e prepara due filoni workstation: Linux nativa e Windows + WSL.
Nota sullo stato attuale del playbook principale:
- `ansible/site.yml` applica oggi in automatico il profilo desktop su host Void Linux
- `ansible/site.yml` applica la workstation Linux nativa separando il layer dev comune dal layer host GNOME
- `ansible/site.yml` applica anche il ramo `workstation_host_windows` + `workstation_dev_wsl` per il modello Windows 11 + WSL
- `ansible/site.yml` applica anche il profilo `ubuntu_server` con baseline apt, systemd, dotfiles server e firewall UFW
# Macchine gestite
Il repository modella attualmente tre tipologie di profilo e prepara due filoni workstation: Linux nativa e Windows + WSL.
Nota sullo stato attuale del playbook principale:
- `ansible/site.yml` applica oggi in automatico il profilo desktop su host Void Linux
- `ansible/site.yml` applica la workstation Linux nativa separando il layer dev comune dal layer host GNOME
- `ansible/site.yml` applica anche il ramo `workstation_host_windows` + `workstation_dev_wsl` per il modello Windows 11 + WSL
- `ansible/site.yml` applica anche il profilo `ubuntu_server` con baseline apt, systemd, dotfiles server e firewall UFW
## Desktop
@@ -67,18 +67,18 @@ Sistema operativo:
- Void Linux
Sessioni desktop:
- `ikaros`: i3
- `nymph`: SwayFX
Sessioni desktop:
- `ikaros`: i3
- `nymph`: SwayFX
Macchine:
- `ikaros`
- `nymph`
Queste macchine condividono la stessa configurazione base desktop e vengono mantenute allineate tramite Ansible.
Queste macchine condividono la stessa configurazione base desktop e vengono mantenute allineate tramite Ansible.
Lo stato attuale del profilo desktop include, tra le altre cose:
- dotfiles comuni e desktop
@@ -91,87 +91,87 @@ Lo stato attuale del profilo desktop include, tra le altre cose:
- `tmux` con plugin gestiti da TPM al bootstrap del profilo desktop
- Flatpak con remoto Flathub
- GNOME Keyring e bootstrap della posta via script dedicato
- shell Noctalia su Sway su `nymph`, con plugin ufficiali per clipboard (`clipper`, `clipboard`), polkit (`polkit-agent`) e gestione USB (`usb-drive-manager`); config condivisa in `dotfiles/desktop/.config/noctalia/` e `settings.json` renderizzato da template Ansible con variabili host-specifiche
- shell Noctalia su Sway su `nymph`, con plugin ufficiali per clipboard (`clipper`), polkit (`polkit-agent`), screenshot (`screenshot`) e gestione USB (`usb-drive-manager`); config condivisa in `dotfiles/desktop/.config/noctalia/` e `settings.json` renderizzato da template Ansible con variabili host-specifiche
- `udiskie` come backend per automount/LUKS su Sway, senza tray; la UI dei dispositivi removibili è demandata a `usb-drive-manager`
- `kanshi` su `nymph` per il profilo monitor Wayland, con workspace Sway deterministici: in dual monitor `1` resta su `eDP-1` e `2-10` vanno su `DP-1`, mentre in laptop-only tutti tornano su `eDP-1`
- monitor Noctalia e `screenOverrides` dichiarati in inventory (`noctalia_bar_monitors`, `noctalia_screen_overrides`) per host `nymph`
- monitor Noctalia e `screenOverrides` dichiarati in inventory (`noctalia_bar_monitors`, `noctalia_screen_overrides`) per host `nymph`
---
## Workstation
## Workstation
Sistemi operativi supportati:
- Ubuntu LTS nativa
- Fedora Workstation nativa
- Windows 11 host + Ubuntu WSL
Sistemi operativi supportati:
Desktop environment host Linux:
- GNOME
Macchine attuali:
- `deadalus-ubuntu` come workstation Ubuntu nativa
- `deadalus-fedora` come workstation Fedora nativa
- supporto attivo per host Windows 11 + WSL tramite `deadalus-win` e `deadalus-wsl`
Questo profilo è pensato per sviluppo e lavoro, con separazione tra layer host e layer dev.
Nel modello Ansible usato qui, un singolo inventory host puo appartenere intenzionalmente a piu gruppi e quindi ricevere piu play nello stesso run: l'associazione non e `1 host = 1 play`, ma `host + gruppi = layering finale`.
Il profilo workstation e agganciato al playbook principale e ora distingue:
- layer dev Ubuntu condiviso tra workstation Linux nativa e Ubuntu in WSL
- layer dev Fedora nativo parallelo a Ubuntu
- layer host Linux GNOME
- layer host Windows 11 con bootstrap WSL, remoting `PSRP` su `HTTPS/5986`, gestione app via `winget` con backend configurabile e VS Code lato Windows
- layer WSL dedicato per sviluppo con `systemd`
Per esempio, lo stesso host Linux puo stare in `workstation_host_linux` e in `workstation_dev_fedora` oppure `workstation_dev_ubuntu`, a seconda del layering che vuoi comporre.
Lo stato attuale del profilo workstation include:
- installazione pacchetti base Ubuntu via apt
- installazione pacchetti base Fedora via dnf per il ramo workstation nativo
- installazione e configurazione di Docker dal repository ufficiale
- gestione dei dotfiles workstation e rendering dei template dev condivisi
- installazione di Google Chrome su Ubuntu e Fedora, `VS Code` su Fedora via repository RPM Microsoft, `IntelliJ IDEA Ultimate` su Fedora via COPR RPM, e applicazioni workstation residue su Fedora via Flatpak
- installazione di applicazioni workstation su Ubuntu nativa via Snap, oltre alle estensioni GNOME sul solo host Linux nativo
- configurazione del ramo Windows 11 host con app installate dal playbook via `winget`, con backend predefinito `winget_psrp`, tema scuro, pin della taskbar gestiti via policy locale e profilo predefinito di Windows Terminal impostato su `Ubuntu`
- preparazione del ramo WSL Ubuntu con `systemd` per il toolchain di sviluppo
- attivazione del firewall UFW su Ubuntu nativa e `firewalld` su Fedora nativa
- gestione di `gsettings` GNOME host-specifici su `deadalus-fedora`, inclusi shell, Files/Nautilus, file chooser GTK e GNOME Text Editor, allineati allo stato reale della macchina
Workflow Windows + WSL previsto:
Prima di eseguire il bootstrap Windows, apri PowerShell come amministratore e verifica la policy di esecuzione:
```powershell
Get-ExecutionPolicy -List
```
Se necessario, abilita l'esecuzione degli script per l'utente corrente:
```powershell
Set-ExecutionPolicy -Scope CurrentUser RemoteSigned
```
Se Windows ha bloccato il file di bootstrap, sbloccalo esplicitamente:
```powershell
Unblock-File .\scripts\bootstrap_windows_workstation.ps1
```
1. eseguire `scripts/bootstrap_windows_workstation.ps1` su Windows come amministratore
2. riavviare Windows se richiesto dalle feature WSL
3. avviare Ubuntu WSL almeno una volta e completare la creazione dell'utente Linux
4. installare Ansible dentro WSL Ubuntu
5. lanciare il playbook da WSL su `deadalus-wsl` per configurare l'ambiente dev locale
6. lanciare da WSL anche il playbook su `deadalus-win` via `psrp` per configurare l'host Windows; per default il backend pacchetti Windows e `winget_psrp`
7. usare VS Code con le estensioni Remote (`WSL`, `SSH`, `Dev Containers`) dal lato Windows
Per il remoting Windows il repository usa di default `PSRP` con `Negotiate` su `HTTPS/5986`. L'utente di default puo essere un `MicrosoftAccount\...`, con host, utente e password forniti via vault o extra vars. Il backend pacchetti Windows e configurabile con `windows_package_backend` oppure `vault_windows_package_backend`; il default e `winget_psrp`.
- Ubuntu LTS nativa
- Fedora Workstation nativa
- Windows 11 host + Ubuntu WSL
Desktop environment host Linux:
- GNOME
Macchine attuali:
- `deadalus-ubuntu` come workstation Ubuntu nativa
- `deadalus-fedora` come workstation Fedora nativa
- supporto attivo per host Windows 11 + WSL tramite `deadalus-win` e `deadalus-wsl`
Questo profilo è pensato per sviluppo e lavoro, con separazione tra layer host e layer dev.
Nel modello Ansible usato qui, un singolo inventory host puo appartenere intenzionalmente a piu gruppi e quindi ricevere piu play nello stesso run: l'associazione non e `1 host = 1 play`, ma `host + gruppi = layering finale`.
Il profilo workstation e agganciato al playbook principale e ora distingue:
- layer dev Ubuntu condiviso tra workstation Linux nativa e Ubuntu in WSL
- layer dev Fedora nativo parallelo a Ubuntu
- layer host Linux GNOME
- layer host Windows 11 con bootstrap WSL, remoting `PSRP` su `HTTPS/5986`, gestione app via `winget` con backend configurabile e VS Code lato Windows
- layer WSL dedicato per sviluppo con `systemd`
Per esempio, lo stesso host Linux puo stare in `workstation_host_linux` e in `workstation_dev_fedora` oppure `workstation_dev_ubuntu`, a seconda del layering che vuoi comporre.
Lo stato attuale del profilo workstation include:
- installazione pacchetti base Ubuntu via apt
- installazione pacchetti base Fedora via dnf per il ramo workstation nativo
- installazione e configurazione di Docker dal repository ufficiale
- gestione dei dotfiles workstation e rendering dei template dev condivisi
- installazione di Google Chrome su Ubuntu e Fedora, `VS Code` su Fedora via repository RPM Microsoft, `IntelliJ IDEA Ultimate` su Fedora via COPR RPM, e applicazioni workstation residue su Fedora via Flatpak
- installazione di applicazioni workstation su Ubuntu nativa via Snap, oltre alle estensioni GNOME sul solo host Linux nativo
- configurazione del ramo Windows 11 host con app installate dal playbook via `winget`, con backend predefinito `winget_psrp`, tema scuro, pin della taskbar gestiti via policy locale e profilo predefinito di Windows Terminal impostato su `Ubuntu`
- preparazione del ramo WSL Ubuntu con `systemd` per il toolchain di sviluppo
- attivazione del firewall UFW su Ubuntu nativa e `firewalld` su Fedora nativa
- gestione di `gsettings` GNOME host-specifici su `deadalus-fedora`, inclusi shell, Files/Nautilus, file chooser GTK e GNOME Text Editor, allineati allo stato reale della macchina
Workflow Windows + WSL previsto:
Prima di eseguire il bootstrap Windows, apri PowerShell come amministratore e verifica la policy di esecuzione:
```powershell
Get-ExecutionPolicy -List
```
Se necessario, abilita l'esecuzione degli script per l'utente corrente:
```powershell
Set-ExecutionPolicy -Scope CurrentUser RemoteSigned
```
Se Windows ha bloccato il file di bootstrap, sbloccalo esplicitamente:
```powershell
Unblock-File .\scripts\bootstrap_windows_workstation.ps1
```
1. eseguire `scripts/bootstrap_windows_workstation.ps1` su Windows come amministratore
2. riavviare Windows se richiesto dalle feature WSL
3. avviare Ubuntu WSL almeno una volta e completare la creazione dell'utente Linux
4. installare Ansible dentro WSL Ubuntu
5. lanciare il playbook da WSL su `deadalus-wsl` per configurare l'ambiente dev locale
6. lanciare da WSL anche il playbook su `deadalus-win` via `psrp` per configurare l'host Windows; per default il backend pacchetti Windows e `winget_psrp`
7. usare VS Code con le estensioni Remote (`WSL`, `SSH`, `Dev Containers`) dal lato Windows
Per il remoting Windows il repository usa di default `PSRP` con `Negotiate` su `HTTPS/5986`. L'utente di default puo essere un `MicrosoftAccount\...`, con host, utente e password forniti via vault o extra vars. Il backend pacchetti Windows e configurabile con `windows_package_backend` oppure `vault_windows_package_backend`; il default e `winget_psrp`.
---
@@ -189,43 +189,43 @@ Macchina:
- `prometheus`
Profilo orientato a servizi server e gestione di dotfiles dedicati.
Lo stato attuale del profilo server include:
- installazione pacchetti base Ubuntu via apt
- installazione e configurazione di Docker dal repository ufficiale
- abilitazione dei servizi systemd dichiarati in inventory/group vars
- copia dei dotfiles server e rendering dei template server, incluso il `docker-compose.yml` dello stack servizi
- attivazione del firewall UFW con regola SSH esplicita
- apertura delle porte Syncthing `22000/tcp`, `22000/udp` e `21027/udp`, lasciando la GUI non esposta direttamente su UFW
Utente del profilo server:
- il profilo usa `server_username`, `server_user_group` e `server_user_home` definiti in `ansible/inventory/group_vars/server.yml`
- per default `server_username` eredita `username`, ma puo essere sovrascritto per tutti gli host server via inventory oppure a runtime con extra vars
- esempio override da CLI:
```bash
ansible-playbook ansible/site.yml --limit prometheus -e server_username=myuser
```
- se necessario puoi passare anche:
```bash
ansible-playbook ansible/site.yml --limit prometheus -e server_username=myuser -e server_user_group=mygroup -e server_user_home=/srv/myuser
```
Profilo orientato a servizi server e gestione di dotfiles dedicati.
Lo stato attuale del profilo server include:
- installazione pacchetti base Ubuntu via apt
- installazione e configurazione di Docker dal repository ufficiale
- abilitazione dei servizi systemd dichiarati in inventory/group vars
- copia dei dotfiles server e rendering dei template server, incluso il `docker-compose.yml` dello stack servizi
- attivazione del firewall UFW con regola SSH esplicita
- apertura delle porte Syncthing `22000/tcp`, `22000/udp` e `21027/udp`, lasciando la GUI non esposta direttamente su UFW
Utente del profilo server:
- il profilo usa `server_username`, `server_user_group` e `server_user_home` definiti in `ansible/inventory/group_vars/server.yml`
- per default `server_username` eredita `username`, ma puo essere sovrascritto per tutti gli host server via inventory oppure a runtime con extra vars
- esempio override da CLI:
```bash
ansible-playbook ansible/site.yml --limit prometheus -e server_username=myuser
```
- se necessario puoi passare anche:
```bash
ansible-playbook ansible/site.yml --limit prometheus -e server_username=myuser -e server_user_group=mygroup -e server_user_home=/srv/myuser
```
---
# Composizione della configurazione
Deploy mirato della configurazione Emacs sui desktop Void:
```bash
ansible-playbook ansible/site.yml --limit ikaros --tags emacs
ansible-playbook ansible/site.yml --limit nymph --tags emacs
```
# Composizione della configurazione
Deploy mirato della configurazione Emacs sui desktop Void:
```bash
ansible-playbook ansible/site.yml --limit ikaros --tags emacs
ansible-playbook ansible/site.yml --limit nymph --tags emacs
```
La configurazione finale di una macchina è ottenuta combinando più livelli.
@@ -258,67 +258,67 @@ Questo approccio consente di:
# Ruoli Ansible
I principali ruoli attualmente presenti sono:
I principali ruoli attualmente presenti sono:
| Role | Descrizione |
| ------------------------- | ----------------------------------- |
| base | configurazione base comune |
| packages_void | installazione pacchetti su Void |
| packages_ubuntu | installazione pacchetti su Ubuntu |
| packages_fedora | installazione pacchetti su Fedora |
| services_runit | gestione servizi runit |
| services_systemd | gestione servizi systemd |
| profile_desktop_common | bootstrap desktop Void condiviso |
| profile_desktop_i3 | sessione desktop i3 |
| profile_desktop_sway | sessione desktop Sway |
| profile_desktop_host | override desktop specifici per host |
| profile_workstation_dev_common | configurazione dev workstation condivisa |
| profile_workstation_gnome | configurazione host workstation GNOME |
| profile_workstation_dev_wsl | configurazione WSL Ubuntu per sviluppo |
| profile_workstation_host_windows | configurazione host Windows 11 workstation |
| profile_server | configurazione server |
| dotfiles_common | distribuzione dotfiles comuni |
| dotfiles | distribuzione configurazioni utente |
---
# Stato attuale del playbook principale
Il playbook `ansible/site.yml` e attualmente composto da sette blocchi:
```text
all:!workstation_host_windows -> dotfiles_common
void -> packages_void + services_runit + profile_desktop_common + profile_desktop_i3 + profile_desktop_sway + profile_desktop_host
workstation_dev_ubuntu -> packages_ubuntu + services_systemd + profile_workstation_dev_common
workstation_dev_fedora -> packages_fedora + services_systemd + profile_workstation_dev_common
workstation_host_linux -> profile_workstation_gnome
workstation_dev_wsl -> packages_ubuntu + services_systemd + profile_workstation_dev_common + profile_workstation_dev_wsl
workstation_host_windows -> profile_workstation_host_windows
ubuntu_server -> packages_ubuntu + services_systemd + profile_server
```
Questo significa che, allo stato attuale:
- i desktop Void (`ikaros`, `nymph`) restano il target operativo piu completo
- la workstation Ubuntu (`deadalus-ubuntu`) e gestita separando ambiente dev e layer host GNOME
- la workstation Fedora (`deadalus-fedora`) usa lo stesso principio di composizione a gruppi con il ramo Fedora dedicato e con `gsettings` host-specifici dichiarati in inventory
- il ramo Windows + WSL e predisposto con bootstrap PowerShell e play Windows/WSL dedicati
- il server Ubuntu (`prometheus`) e gestito con pacchetti, servizi, dotfiles server e firewall
- lo stack container server include `navidrome`, `postgres`, `gitea`, `nginx-proxy-manager` e `syncthing`, con GUI Syncthing raggiungibile tramite la rete Docker `web`
# Dotfiles
| base | configurazione base comune |
| packages_void | installazione pacchetti su Void |
| packages_ubuntu | installazione pacchetti su Ubuntu |
| packages_fedora | installazione pacchetti su Fedora |
| services_runit | gestione servizi runit |
| services_systemd | gestione servizi systemd |
| profile_desktop_common | bootstrap desktop Void condiviso |
| profile_desktop_i3 | sessione desktop i3 |
| profile_desktop_sway | sessione desktop Sway |
| profile_desktop_host | override desktop specifici per host |
| profile_workstation_dev_common | configurazione dev workstation condivisa |
| profile_workstation_gnome | configurazione host workstation GNOME |
| profile_workstation_dev_wsl | configurazione WSL Ubuntu per sviluppo |
| profile_workstation_host_windows | configurazione host Windows 11 workstation |
| profile_server | configurazione server |
| dotfiles_common | distribuzione dotfiles comuni |
| dotfiles | distribuzione configurazioni utente |
---
# Stato attuale del playbook principale
Il playbook `ansible/site.yml` e attualmente composto da sette blocchi:
```text
all:!workstation_host_windows -> dotfiles_common
void -> packages_void + services_runit + profile_desktop_common + profile_desktop_i3 + profile_desktop_sway + profile_desktop_host
workstation_dev_ubuntu -> packages_ubuntu + services_systemd + profile_workstation_dev_common
workstation_dev_fedora -> packages_fedora + services_systemd + profile_workstation_dev_common
workstation_host_linux -> profile_workstation_gnome
workstation_dev_wsl -> packages_ubuntu + services_systemd + profile_workstation_dev_common + profile_workstation_dev_wsl
workstation_host_windows -> profile_workstation_host_windows
ubuntu_server -> packages_ubuntu + services_systemd + profile_server
```
Questo significa che, allo stato attuale:
- i desktop Void (`ikaros`, `nymph`) restano il target operativo piu completo
- la workstation Ubuntu (`deadalus-ubuntu`) e gestita separando ambiente dev e layer host GNOME
- la workstation Fedora (`deadalus-fedora`) usa lo stesso principio di composizione a gruppi con il ramo Fedora dedicato e con `gsettings` host-specifici dichiarati in inventory
- il ramo Windows + WSL e predisposto con bootstrap PowerShell e play Windows/WSL dedicati
- il server Ubuntu (`prometheus`) e gestito con pacchetti, servizi, dotfiles server e firewall
- lo stack container server include `navidrome`, `postgres`, `gitea`, `nginx-proxy-manager` e `syncthing`, con GUI Syncthing raggiungibile tramite la rete Docker `web`
# Dotfiles
La directory `dotfiles/` contiene le configurazioni utente versionate.
```text
dotfiles/
├── common
├── desktop
├── server
├── fedora
├── workstation
├── ikaros
└── nymph
```text
dotfiles/
├── common
├── desktop
├── server
├── fedora
├── workstation
├── ikaros
└── nymph
```
Le configurazioni sono applicate tramite Ansible e organizzate per livelli:
@@ -333,153 +333,154 @@ Le configurazioni sono applicate tramite Ansible e organizzate per livelli:
# Requisiti
Per utilizzare il repository sono necessari:
- Python 3
- Ansible
- `ansible-lint`
- `yamllint`
- `shellcheck`
- collection definite in `ansible/collections/requirements.yml`
- accesso locale o SSH alle macchine target, in base a come e definito l'inventory
Installazione base:
```bash
python3 -m pip install ansible ansible-lint yamllint shellcheck-py
ansible-galaxy collection install -r ansible/collections/requirements.yml
```
Gestione segreti:
- il repository supporta il caricamento opzionale di `secrets/vault.yml`
- il repository supporta anche `secrets/vault.local.yml` per override locali non versionati
- `secrets/vault.yml.example` funge da template/esempio
- se `secrets/vault.yml` non e presente, il playbook continua comunque senza caricare variabili locali opzionali
- se `secrets/.vault_pass.gpg` esiste viene usato automaticamente per sbloccare i vault tramite `gpg`; in alternativa resta supportato `secrets/.vault_pass` come fallback legacy locale; se nessuno dei due file esiste Ansible richiede la password in modo interattivo
- per il ramo Windows puoi anche definire `vault_windows_package_backend`, con valori supportati `winget_psrp` e `winget_wsl_local`; il default e `winget_psrp`
Per utilizzare il repository sono necessari:
- Python 3
- Ansible
- `ansible-lint`
- `yamllint`
- `shellcheck`
- collection definite in `ansible/collections/requirements.yml`
- accesso locale o SSH alle macchine target, in base a come e definito l'inventory
Installazione base:
```bash
python3 -m pip install ansible ansible-lint yamllint shellcheck-py
ansible-galaxy collection install -r ansible/collections/requirements.yml
```
Gestione segreti:
- il repository supporta il caricamento opzionale di `secrets/vault.yml`
- il repository supporta anche `secrets/vault.local.yml` per override locali non versionati
- `secrets/vault.yml.example` funge da template/esempio
- se `secrets/vault.yml` non e presente, il playbook continua comunque senza caricare variabili locali opzionali
- se `secrets/.vault_pass.gpg` esiste viene usato automaticamente per sbloccare i vault tramite `gpg`; in alternativa resta supportato `secrets/.vault_pass` come fallback legacy locale; se nessuno dei due file esiste Ansible richiede la password in modo interattivo
- per il ramo Windows puoi anche definire `vault_windows_package_backend`, con valori supportati `winget_psrp` e `winget_wsl_local`; il default e `winget_psrp`
---
# Utilizzo
Eseguire il playbook principale:
```bash
ansible-playbook ansible/site.yml
```
Allo stato attuale questo comando:
- distribuisce i dotfiles comuni a tutti gli host
- per gli host Void applica bootstrap desktop condiviso, sessioni i3/Sway e override specifici per host
- per `workstation_dev_ubuntu` applica pacchetti Ubuntu, servizi systemd e profilo dev comune
- per `workstation_dev_fedora` applica pacchetti Fedora, servizi systemd e profilo dev comune
- per `workstation_host_linux` applica il layer host Linux GNOME
- per `workstation_dev_wsl` applica pacchetti Ubuntu, servizi systemd, profilo dev comune e tweak WSL dedicati
- per `workstation_host_windows` applica il layer host Windows 11 via PSRP, con installazione pacchetti Windows eseguita di default tramite `winget_psrp`
- per gli host `ubuntu_server` applica pacchetti Ubuntu, servizi systemd, profilo server, UFW, dotfiles e template dedicati
- non riavvia automaticamente `emptty`; le modifiche al display manager vanno applicate manualmente da SSH o da una TTY separata
- carica `secrets/vault.yml` solo se presente
- carica `secrets/vault.local.yml` solo se presente, dopo `vault.yml`, cosi gli override locali hanno precedenza
Per validare prima di applicare:
```bash
ansible-playbook ansible/site.yml --syntax-check
ansible-playbook ansible/site.yml --limit ikaros --check --diff
ansible-playbook ansible/site.yml --limit nymph --check --diff
ansible-playbook ansible/site.yml --limit deadalus-ubuntu --check --diff
ansible-playbook ansible/site.yml --limit deadalus-fedora --check --diff
ansible-playbook ansible/site.yml --limit deadalus-wsl --check --diff
ansible-playbook ansible/site.yml --limit prometheus --check --diff
ansible-lint ansible/site.yml
ansible-lint ansible/roles
yamllint ansible/
```
Per testare un override dell'utente server senza modificare l'inventory:
```bash
ansible-playbook ansible/site.yml --limit prometheus --check --diff -e server_username=myuser
```
Per validazioni piu mirate:
```bash
ansible-playbook ansible/site.yml --limit <host> --tags <tag1>,<tag2> --check --diff
ansible-playbook ansible/site.yml --limit <host> --start-at-task "<task name>" --check --diff
ansible-lint ansible/roles/<role>
yamllint ansible/path/to/file.yml
docker compose -f /opt/docker/server/docker-compose.yml config
```
## Tag supportati dal playbook
Per vedere l'elenco reale aggiornato dei tag disponibili:
```bash
ansible-playbook ansible/site.yml --list-tags
```
Allo stato attuale `ansible/site.yml` espone questi tag:
| Tag | Scopo | Ambito principale |
| --- | --- | --- |
| `always` | pre-task sempre eseguiti, inclusi caricamento vault e validazioni preliminari | common, Windows |
| `dotfiles` | distribuzione/configurazione dotfiles | tutti i profili |
| `dotfiles:common` | dotfiles comuni condivisi | common, workstation, server |
| `dotfiles:desktop` | dotfiles desktop | desktop Void |
| `dotfiles:host` | override host-specifici desktop | desktop Void |
| `dotfiles:server` | dotfiles dedicati al profilo server | server |
| `dotfiles:workstation` | dotfiles dedicati alle workstation | workstation Linux, WSL |
| `emptty` | gestione display manager `emptty` | desktop Void |
| `gnome` | configurazione host GNOME | workstation host Linux, parte desktop |
| `i3` | sessione/configurazione i3 | desktop Void |
| `nvidia` | componenti NVIDIA desktop | desktop Void |
| `packages` | installazione e aggiornamento pacchetti | tutti i profili |
| `services` | gestione servizi runit/systemd/Windows | tutti i profili |
| `sway` | sessione/configurazione Sway | desktop Void |
| `vscode` | installazione/configurazione VS Code | Fedora, host Linux, Windows |
| `wsl` | bootstrap e configurazione WSL | WSL, Windows |
Esempi pratici:
```bash
ansible-playbook ansible/site.yml --limit nymph --tags dotfiles:desktop,sway --check --diff
ansible-playbook ansible/site.yml --limit deadalus-fedora --tags packages,vscode --check --diff
ansible-playbook ansible/site.yml --limit prometheus --tags services,dotfiles:server --check --diff
```
---
Eseguire il playbook principale:
```bash
ansible-playbook ansible/site.yml
```
Allo stato attuale questo comando:
- distribuisce i dotfiles comuni a tutti gli host
- per gli host Void applica bootstrap desktop condiviso, sessioni i3/Sway e override specifici per host
- per `workstation_dev_ubuntu` applica pacchetti Ubuntu, servizi systemd e profilo dev comune
- per `workstation_dev_fedora` applica pacchetti Fedora, servizi systemd e profilo dev comune
- per `workstation_host_linux` applica il layer host Linux GNOME
- per `workstation_dev_wsl` applica pacchetti Ubuntu, servizi systemd, profilo dev comune e tweak WSL dedicati
- per `workstation_host_windows` applica il layer host Windows 11 via PSRP, con installazione pacchetti Windows eseguita di default tramite `winget_psrp`
- per gli host `ubuntu_server` applica pacchetti Ubuntu, servizi systemd, profilo server, UFW, dotfiles e template dedicati
- non riavvia automaticamente `emptty`; le modifiche al display manager vanno applicate manualmente da SSH o da una TTY separata
- carica `secrets/vault.yml` solo se presente
- carica `secrets/vault.local.yml` solo se presente, dopo `vault.yml`, cosi gli override locali hanno precedenza
Per validare prima di applicare:
```bash
ansible-playbook ansible/site.yml --syntax-check
ansible-playbook ansible/site.yml --limit ikaros --check --diff
ansible-playbook ansible/site.yml --limit nymph --check --diff
ansible-playbook ansible/site.yml --limit deadalus-ubuntu --check --diff
ansible-playbook ansible/site.yml --limit deadalus-fedora --check --diff
ansible-playbook ansible/site.yml --limit deadalus-wsl --check --diff
ansible-playbook ansible/site.yml --limit prometheus --check --diff
ansible-lint ansible/site.yml
ansible-lint ansible/roles
yamllint ansible/
```
Per testare un override dell'utente server senza modificare l'inventory:
```bash
ansible-playbook ansible/site.yml --limit prometheus --check --diff -e server_username=myuser
```
Per validazioni piu mirate:
```bash
ansible-playbook ansible/site.yml --limit <host> --tags <tag1>,<tag2> --check --diff
ansible-playbook ansible/site.yml --limit <host> --start-at-task "<task name>" --check --diff
ansible-lint ansible/roles/<role>
yamllint ansible/path/to/file.yml
docker compose -f /opt/docker/server/docker-compose.yml config
```
## Tag supportati dal playbook
Per vedere l'elenco reale aggiornato dei tag disponibili:
```bash
ansible-playbook ansible/site.yml --list-tags
```
Allo stato attuale `ansible/site.yml` espone questi tag:
| Tag | Scopo | Ambito principale |
| --- | --- | --- |
| `always` | pre-task sempre eseguiti, inclusi caricamento vault e validazioni preliminari | common, Windows |
| `dotfiles` | distribuzione/configurazione dotfiles | tutti i profili |
| `dotfiles:common` | dotfiles comuni condivisi | common, workstation, server |
| `dotfiles:desktop` | dotfiles desktop | desktop Void |
| `dotfiles:host` | override host-specifici desktop | desktop Void |
| `dotfiles:server` | dotfiles dedicati al profilo server | server |
| `dotfiles:workstation` | dotfiles dedicati alle workstation | workstation Linux, WSL |
| `emptty` | gestione display manager `emptty` | desktop Void |
| `gnome` | configurazione host GNOME | workstation host Linux, parte desktop |
| `i3` | sessione/configurazione i3 | desktop Void |
| `npm` | installazione pacchetti npm globali | desktop Void, workstation Linux, WSL |
| `nvidia` | componenti NVIDIA desktop | desktop Void |
| `packages` | installazione e aggiornamento pacchetti | tutti i profili |
| `services` | gestione servizi runit/systemd/Windows | tutti i profili |
| `sway` | sessione/configurazione Sway | desktop Void |
| `vscode` | installazione/configurazione VS Code | Fedora, host Linux, Windows |
| `wsl` | bootstrap e configurazione WSL | WSL, Windows |
Esempi pratici:
```bash
ansible-playbook ansible/site.yml --limit nymph --tags dotfiles:desktop,sway --check --diff
ansible-playbook ansible/site.yml --limit deadalus-fedora --tags packages,vscode --check --diff
ansible-playbook ansible/site.yml --limit prometheus --tags services,dotfiles:server --check --diff
```
---
# Bootstrap di una nuova macchina
Una nuova macchina può essere inizializzata con i seguenti passaggi:
```bash
git clone <repo>
cd <repo-dir>
ansible-galaxy collection install -r ansible/collections/requirements.yml
ansible-playbook ansible/site.yml
```
Dopo l'esecuzione del playbook la macchina verra configurata secondo il profilo definito e i ruoli attualmente orchestrati.
Per il flusso mail desktop esiste inoltre uno script dedicato:
```bash
scripts/bootstrap_mail.sh
```
Lo script si occupa del bootstrap dei secret nel keyring, del primo sync con `mbsync` e dell'inizializzazione di `mu` usando la configurazione mail generata dai template.
Se modifichi questo script, valida almeno con:
```bash
sh -n scripts/bootstrap_mail.sh
shellcheck scripts/bootstrap_mail.sh
```
Una nuova macchina può essere inizializzata con i seguenti passaggi:
```bash
git clone <repo>
cd <repo-dir>
ansible-galaxy collection install -r ansible/collections/requirements.yml
ansible-playbook ansible/site.yml
```
Dopo l'esecuzione del playbook la macchina verra configurata secondo il profilo definito e i ruoli attualmente orchestrati.
Per il flusso mail desktop esiste inoltre uno script dedicato:
```bash
scripts/bootstrap_mail.sh
```
Lo script si occupa del bootstrap dei secret nel keyring, del primo sync con `mbsync` e dell'inizializzazione di `mu` usando la configurazione mail generata dai template.
Se modifichi questo script, valida almeno con:
```bash
sh -n scripts/bootstrap_mail.sh
shellcheck scripts/bootstrap_mail.sh
```
---
@@ -499,13 +500,13 @@ Questo consente di ricreare qualsiasi macchina partendo esclusivamente dal repos
# Roadmap
Possibili evoluzioni future:
- hardening sicurezza server
- configurazione backup
- testing automatico playbook
- integrazione CI
- supporto ad altre distribuzioni Linux
Possibili evoluzioni future:
- hardening sicurezza server
- configurazione backup
- testing automatico playbook
- integrazione CI
- supporto ad altre distribuzioni Linux
---

38
ansible/inventory/group_vars/all.yml
View File

@@ -50,6 +50,42 @@ common_dotfiles:
dest: .vimrc
mode: "0644"
- name: bat config
src: .config/bat/.config/bat/
src: .config/bat/
dest: .config/bat/
mode: preserve
ai_agents_npm_packages:
- name: "opencode-ai"
state: latest
- name: "@anthropic-ai/claude-code"
state: latest
- name: "@openai/codex"
state: latest
- name: "@google/gemini-cli"
state: latest
ai_agents_enabled: true
ai_agents_dotfiles:
- name: AI common config
src: .config/ai/
dest: .config/ai/
mode: preserve
- name: Gemini CLI config
src: .gemini/
dest: .gemini/
mode: preserve
- name: OpenCode config
src: .config/opencode/
dest: .config/opencode/
mode: preserve
- name: Claude Code memory
src: .claude/
dest: .claude/
mode: preserve
ai_agents_templates:
- name: Codex config
src: .codex/config.toml.j2
dest: .codex/config.toml
mode: "0644"

160
ansible/inventory/group_vars/arch.yml Normal file
View File

@@ -0,0 +1,160 @@
---
arch_packages_base:
- 7zip
- archlinux-keyring
- avahi
- base-devel
- bluez
- clang
- cmake
- cups
- cups-filters
- cups-pk-helper
- fastfetch
- flatpak
- fuse3
- gcc
- gdb
- git-delta
- github-cli
- gnome-keyring
- go
- gvfs
- gvfs-mtp
- gvfs-smb
- imagemagick
- isync
- libsecret
- libtool
- linux
- linux-headers
- lm_sensors
- man-db
- man-pages
- msmtp
- networkmanager
- nodejs
- npm
- pavucontrol
- pipewire
- pipewire-alsa
- pipewire-jack
- pipewire-pulse
- pkgconf
- plocate
- podman
- podman-compose
- rclone
- sane
- sane-airscan
- seahorse
- simple-scan
- speech-dispatcher
- syncthing
- tealdeer
- tmux
- tree-sitter-cli
- ufw
- wireplumber
- xdotool
- yt-dlp
arch_desktop_common_packages:
- brightnessctl
- dex
- pinentry
- xdg-desktop-portal
- xdg-desktop-portal-gtk
- xdg-user-dirs
arch_desktop_gnome_packages:
- baobab
- gdm
- gnome-backgrounds
- gnome-calculator
- gnome-calendar
- gnome-characters
- gnome-clocks
- gnome-control-center
- gnome-disk-utility
- gnome-font-viewer
- gnome-session
- gnome-settings-daemon
- gnome-shell
- gnome-shell-extensions
- gnome-tweaks
- gvfs-afc
- gvfs-dnssd
- gvfs-goa
- gvfs-gphoto2
- gvfs-nfs
- gvfs-onedrive
- gvfs-wsdd
- loupe
- mutter
- nautilus
- papers
- ptyxis
- rygel
- showtime
- snapshot
- sushi
- xdg-desktop-portal-gnome
- xdg-user-dirs-gtk
arch_profile_packages:
- deluge
- dnsmasq
- edk2-ovmf
- emacs-wayland
- ffmpegthumbnailer
- firefox
- fontconfig
- freetype2
- gufw
- iproute2
- libvterm
- libx11
- libxft
- libvirt
- libreoffice-fresh
- meld
- mpv
- noto-fonts
- noto-fonts-emoji
- pdfarranger
- poppler
- poppler-glib
- qemu-desktop
- remmina
- ripgrep
- rsync
- ruff
- rustup
- texlive-basic
- texlive-binextra
- texlive-latex
- texlive-latexextra
- ttf-hack-nerd
- ttf-liberation
- ttf-nerd-fonts-symbols
- ctags
- uv
- virt-manager
- xournalpp
- zstd
enabled_services:
- NetworkManager
- avahi-daemon
- bluetooth
- cups
- libvirtd
- ufw
enabled_services_only:
- gdm
desktop_systemd_user_services:
- syncthing.service
- rclone-pcloud.service

248
ansible/inventory/group_vars/desktop.yml
View File

@@ -6,147 +6,13 @@ desktop_sessions_enabled:
desktop_default_session: i3
desktop_default_session_env: xorg
desktop_restart_emptty_automatically: false
desktop_emptty_session_error_logging: disabled
desktop_ui_font_family: Noto Sans
desktop_ui_font_size: 10
desktop_fixed_font_family: Hack Nerd Font
desktop_sway_font_size: 10
desktop_alacritty_font_size: 12
desktop_emacs_font_size: 14
desktop_cursor_theme: Yaru
desktop_cursor_size: 24
desktop_icon_theme: Yaru-orange-dark
desktop_common_packages:
- brightnessctl
- dex
- emptty
- pinentry-emacs
- pinentry-gtk
- turnstile
- udiskie
- xdg-desktop-portal
- xdg-desktop-portal-gtk
- xdg-user-dirs
desktop_i3_packages:
- arandr
- autorandr
- feh
- i3
- i3blocks
- i3blocks-blocklets
- i3lock-color
- i3status
- dunst
- network-manager-applet
- rofi
- scrot
- setxkbmap
- blueman
- volumeicon
- xclip
- xfce-polkit
- xfce4-clipman-plugin
- xfce4-screenshooter
- xkbutils
- xorg-fonts
- xorg-minimal
- xss-lock
desktop_sway_packages:
- adw-gtk-theme
- flameshot
- grim
- kanshi
- qt5ct
- qt6ct
- slurp
- swayfx
- wl-clipboard
- xhost
- xdg-desktop-portal-wlr
- xorg-server-xwayland
profile_packages:
- alacritty
- bluez
- bridge-utils
- ctags
- firefox
- deluge-gtk
- dnsmasq
- emacs-gtk3
- poppler-glib
- poppler-utils
- exo
- fontconfig-devel
- freetype-devel
- gvfs-cdda
- gvfs-mtp
- gvfs-smb
- gufw
- libvirt
- libspa-bluetooth
- libreoffice
- liberation-fonts-ttf
- libvterm-devel
- libX11-devel
- libXft-devel
- meld
- mpv
- nerd-fonts-ttf
- nerd-fonts-symbols-ttf
- pdfarranger
- playerctl
- qemu
- qemu-firmware
- qemu-img
- qemu-tools
- remmina
- ripgrep
- rustup
- ristretto
- rsync
- shotwell
- ruff
- terminus-font
- texlive
- ty
- tumbler
- uv
- Thunar
- thunar-archive-plugin
- thunar-volman
- ffmpegthumbnailer
- virt-manager
- virt-manager-tools
- wireplumber
- xarchiver
- xournalpp
- yaru
- yaru-plus
- zstd
desktop_source_tools:
- name: st
repo: https://codeberg.org/fscotto/st
build_cmd: make
binary_name: st
install_name: st
- name: gf
repo: https://github.com/nakst/gf.git
build_cmd: ./build.sh
binary_name: gf2
install_name: gf
- name: bookokrat
repo: https://github.com/bugzmanov/bookokrat
build_cmd: cargo build --release
binary_name: bookokrat
install_name: bookokrat
build_output_path: target/release/bookokrat
- name: llmfit
repo: https://github.com/AlexsJones/llmfit
build_cmd: cargo build --release
@@ -162,27 +28,13 @@ desktop_source_tools:
desktop_binary_tools: []
desktop_npm_packages:
- name: "opencode-ai"
state: latest
desktop_npm_packages: "{{ ai_agents_npm_packages + [] }}"
desktop_common_dotfiles:
- name: XDG autostart entries
src: .config/autostart/
dest: .config/autostart/
mode: preserve
- name: alacritty config
src: .config/alacritty/
dest: .config/alacritty/
mode: preserve
- name: Thunar config
src: .config/Thunar/
dest: .config/Thunar/
mode: preserve
- name: MIME application defaults
src: .config/mimeapps.list
dest: .config/mimeapps.list
mode: "0644"
- name: fastfetch config
src: .config/fastfetch/
dest: .config/fastfetch/
@@ -199,26 +51,38 @@ desktop_common_dotfiles:
src: .config/yt-dlp/
dest: .config/yt-dlp/
mode: preserve
- name: OpenCode config
src: .config/opencode/
dest: .config/opencode/
mode: preserve
- name: MPV config
src: .config/mpv/
dest: .config/mpv/
mode: preserve
- name: Udiskie config
src: .config/udiskie/
dest: .config/udiskie/
mode: preserve
- name: Turnstile user services
src: .config/service/
dest: .config/service/
mode: preserve
- name: Bash profile fragments
src: .bashrc.d/
dest: .bashrc.d/
mode: preserve
- name: Bash cargo env fragment
src: .bashrc.d/08-cargo-env.sh
dest: .bashrc.d/08-cargo-env.sh
mode: "0644"
- name: Bash GPG TTY fragment
src: .bashrc.d/10-gpg-tty.sh
dest: .bashrc.d/10-gpg-tty.sh
mode: "0644"
- name: Bash man page colors fragment
src: .bashrc.d/12-manpages.sh
dest: .bashrc.d/12-manpages.sh
mode: "0644"
- name: Bash editor fragment
src: .bashrc.d/20-editor-desktop.sh
dest: .bashrc.d/20-editor-desktop.sh
mode: "0644"
- name: Bash Emacs client fragment
src: .bashrc.d/25-emacs-client-desktop.sh
dest: .bashrc.d/25-emacs-client-desktop.sh
mode: "0644"
- name: Bash VM helper fragment
src: .bashrc.d/30-runvm.sh
dest: .bashrc.d/30-runvm.sh
mode: "0644"
- name: Bash Ansible playbook helper fragment
src: .bashrc.d/50-ap.sh
dest: .bashrc.d/50-ap.sh
mode: "0644"
- name: .gitignore_global
src: .gitignore_global
dest: .gitignore_global
@@ -239,31 +103,29 @@ desktop_common_dotfiles:
src: .authinfo.gpg
dest: .authinfo.gpg
mode: "0600"
- name: GTK theme setup script
src: .local/bin/setup-gtk-theme
dest: .local/bin/setup-gtk-theme
- name: Calibre database Flatpak wrapper
src: .local/bin/calibredb
dest: .local/bin/calibredb
mode: "0755"
- name: Turnstile environment update script
src: .local/bin/update-turnstile-env
dest: .local/bin/update-turnstile-env
mode: "0755"
- name: Gufw Sway wrapper
src: .local/bin/run-gufw
dest: .local/bin/run-gufw
mode: "0755"
- name: Udiskie password helper
src: .local/bin/udiskie-password
dest: .local/bin/udiskie-password
mode: "0755"
- name: Desktop application overrides
src: .local/share/applications/
dest: .local/share/applications/
mode: preserve
- name: SSH config
src: .ssh/config
dest: .ssh/config
mode: "0600"
desktop_arch_dotfiles:
- name: rclone pcloud systemd user service
src: .config/systemd/user/rclone-pcloud.service
dest: .config/systemd/user/rclone-pcloud.service
mode: "0644"
- name: syncthing systemd user service
src: .config/systemd/user/syncthing.service
dest: .config/systemd/user/syncthing.service
mode: "0644"
- name: MIME application defaults
src: .config/mimeapps.arch.list
dest: .config/mimeapps.list
mode: "0644"
desktop_emacs_dotfiles:
- name: Emacs config
src: .emacs.d/
@@ -301,10 +163,6 @@ desktop_sway_dotfiles:
src: .config/i3/wallpapers/
dest: .config/sway/wallpapers/
mode: preserve
- name: Noctalia wallpaper library
src: Pictures/Wallpapers/
dest: Pictures/Wallpapers/
mode: preserve
- name: Sway session wrapper
src: .local/bin/start-sway-session
dest: .local/bin/start-sway-session
@@ -327,8 +185,6 @@ noctalia_bar_monitors:
noctalia_screen_overrides: []
noctalia_wallpaper: "{{ user_home }}/Pictures/Wallpapers/star-wars-trio.jpg"
desktop_flatpak_packages:
- be.alexandervanhee.gradia
- ch.protonmail.protonmail-bridge
@@ -340,14 +196,4 @@ desktop_flatpak_packages:
- org.telegram.desktop
desktop_flatpak_extensions:
- org.gtk.Gtk3theme.Yaru-Orange-dark//3.22
desktop_flatpak_global_filesystems:
- xdg-config/gtk-3.0:ro
- xdg-config/gtk-4.0:ro
- xdg-config/qt5ct:ro
- xdg-config/qt6ct:ro
desktop_flatpak_global_env:
- QT_QPA_PLATFORM=wayland
- QT_QPA_PLATFORMTHEME=qt6ct
- org.gtk.Gtk3theme.Yaru-Blue-dark//stable

4
ansible/inventory/group_vars/fedora.yml
View File

@@ -50,6 +50,9 @@ workstation_host_linux_packages_fedora:
- code
- firewall-config
- gnome-extensions-app
- gnome-shell-extension-appindicator
- gnome-shell-extension-just-perfection
- gnome-shell-extension-no-overview
- gnome-tweaks
- libreoffice
- meld
@@ -58,6 +61,7 @@ workstation_host_linux_packages_fedora:
- pinentry-gnome3
- podman
- podman-compose
- rclone
- yubikey-manager
workstation_flatpak_remote_name: flathub

9
ansible/inventory/group_vars/server.yml
View File

@@ -6,6 +6,7 @@ effective_username: "{{ server_username }}"
effective_user_group: "{{ server_user_group }}"
effective_user_home: "{{ server_user_home }}"
server_container_stack_dir: /opt/docker/server
ai_agents_enabled: false
profile_packages:
- avahi-daemon
@@ -92,6 +93,14 @@ server_directories:
owner: "1000"
group: "1000"
mode: "0755"
- path: /srv/nextcloud
owner: root
group: root
mode: "0755"
- path: /srv/nextcloud/data
owner: root
group: root
mode: "0755"
server_ufw_rules:
- rule: allow

169
ansible/inventory/group_vars/void.yml
View File

@@ -1,4 +1,11 @@
---
desktop_void_source_tools:
- name: st
repo: https://codeberg.org/fscotto/st
build_cmd: make
binary_name: st
install_name: st
void_packages_base:
- 7zip
- NetworkManager
@@ -18,18 +25,25 @@ void_packages_base:
- fuse3
- gcc
- gdb
- gist
- github-cli
- gnome-keyring
- go
- gvfs
- hugo
- ImageMagick
- isync
- libsecret
- libtool
- linux-mainline
- lm_sensors
- man-pages-devel
- man-pages-posix
- msmtp
- mu4e
- network-manager-applet
- nodejs
- ntfs-3g
- pavucontrol
- pipewire
- pkg-config
@@ -42,6 +56,7 @@ void_packages_base:
- simple-scan
- socklog
- socklog-void
- speech-dispatcher
- syncthing
- system-config-printer
- tmux
@@ -71,3 +86,157 @@ enabled_services:
- ufw
- virtlockd
- virtlogd
desktop_restart_emptty_automatically: false
desktop_emptty_session_error_logging: disabled
desktop_void_dotfiles:
- name: Turnstile user services
src: .config/service/
dest: .config/service/
mode: preserve
- name: Thunar config
src: .config/Thunar/
dest: .config/Thunar/
mode: preserve
- name: MIME application defaults
src: .config/mimeapps.list
dest: .config/mimeapps.list
mode: "0644"
- name: Bash DBus session fragment
src: .bashrc.d/14-dbus-session.sh
dest: .bashrc.d/14-dbus-session.sh
mode: "0644"
- name: Bash SSH agent socket fragment
src: .bashrc.d/16-ssh-agent-socket.sh
dest: .bashrc.d/16-ssh-agent-socket.sh
mode: "0644"
- name: Bash runit desktop fragment
src: .bashrc.d/15-runit-desktop.sh
dest: .bashrc.d/15-runit-desktop.sh
mode: "0644"
- name: alacritty config
src: .config/alacritty/
dest: .config/alacritty/
mode: preserve
- name: GTK theme setup script
src: .local/bin/setup-gtk-theme
dest: .local/bin/setup-gtk-theme
mode: "0755"
- name: Udiskie password helper
src: .local/bin/udiskie-password
dest: .local/bin/udiskie-password
mode: "0755"
- name: Udiskie config
src: .config/udiskie/
dest: .config/udiskie/
mode: preserve
- name: Turnstile environment update script
src: .local/bin/update-turnstile-env
dest: .local/bin/update-turnstile-env
mode: "0755"
desktop_common_packages:
- brightnessctl
- dex
- emptty
- pinentry-emacs
- pinentry-gtk
- turnstile
- udiskie
- xdg-desktop-portal
- xdg-desktop-portal-gtk
- xdg-user-dirs
desktop_i3_packages:
- arandr
- autorandr
- feh
- i3
- i3blocks
- i3blocks-blocklets
- i3lock-color
- i3status
- dunst
- network-manager-applet
- rofi
- scrot
- setxkbmap
- blueman
- volumeicon
- xclip
- xfce-polkit
- xfce4-clipman-plugin
- xfce4-screenshooter
- xkbutils
- xorg-fonts
- xorg-minimal
- xss-lock
desktop_sway_packages:
- grim
- kanshi
- slurp
- swayfx
- wl-clipboard
- xdg-desktop-portal-wlr
profile_packages:
- alacritty
- bluez
- bridge-utils
- ctags
- firefox
- deluge-gtk
- dnsmasq
- emacs-gtk3
- poppler-glib
- poppler-utils
- exo
- fontconfig-devel
- freetype-devel
- gvfs-cdda
- gvfs-mtp
- gvfs-smb
- gufw
- libvirt
- libspa-bluetooth
- libreoffice
- liberation-fonts-ttf
- libvterm-devel
- libX11-devel
- libXft-devel
- meld
- mpv
- nerd-fonts-ttf
- nerd-fonts-symbols-ttf
- pdfarranger
- playerctl
- qemu
- qemu-firmware
- qemu-img
- qemu-tools
- remmina
- ripgrep
- rustup
- ristretto
- rsync
- shotwell
- ruff
- terminus-font
- texlive
- ty
- tumbler
- uv
- Thunar
- thunar-archive-plugin
- thunar-volman
- ffmpegthumbnailer
- virt-manager
- virt-manager-tools
- wireplumber
- xarchiver
- xournalpp
- yaru
- yaru-plus
- zstd

4
ansible/inventory/group_vars/workstation.yml
View File

@@ -1,6 +1,4 @@
---
workstation_manage_opencode: true
workstation_npm_packages:
- name: "opencode-ai"
state: latest
workstation_npm_packages: "{{ ai_agents_npm_packages + [] }}"

26
ansible/inventory/host_vars/deadalus-fedora.yml
View File

@@ -148,3 +148,29 @@ workstation_gnome_managed_settings:
- schema: org.gnome.TextEditor
key: wrap-text
value: "true"
- schema: org.gnome.desktop.background
key: picture-uri
value: "'file:///usr/share/backgrounds/gnome/lcd-rainbow-l.jxl'"
- schema: org.gnome.desktop.background
key: picture-uri-dark
value: "'file:///usr/share/backgrounds/gnome/lcd-rainbow-d.jxl'"
workstation_gnome_extension_dconf_settings:
- path: /org/gnome/shell/extensions/paperwm/
key: selection-border-radius-bottom
value: "15"
- path: /org/gnome/shell/extensions/paperwm/
key: selection-border-radius-top
value: "15"
- path: /org/gnome/shell/extensions/paperwm/
key: selection-border-size
value: "5"
- path: /org/gnome/shell/extensions/paperwm/
key: show-window-position-bar
value: "false"
- path: /org/gnome/shell/extensions/paperwm/
key: show-workspace-indicator
value: "false"
- path: /org/gnome/shell/extensions/paperwm/
key: window-gap
value: "10"

78
ansible/inventory/host_vars/nymph.yml
View File

@@ -2,54 +2,48 @@
hostname: nymph
desktop_sessions_enabled:
- sway
- gnome
desktop_default_session: sway
desktop_default_session: gnome
desktop_default_session_env: wayland
desktop_emptty_session_error_logging: rotate
host_xbps_repositories:
- name: noctalia
url: https://universalrepo.r1xelelo.workers.dev/void
host_kernel_cmdline: >-
rd.luks.uuid=1e15d159-5d05-4a1f-9639-ac200dff9f9c rootflags=subvol=@
apparmor=1 security=apparmor nouveau.modeset=0 nvidia-drm.modeset=1
host_systemd_boot_esp_path: /boot
host_systemd_boot_default: arch.conf
host_systemd_boot_timeout: 3
host_systemd_boot_console_mode: max
host_systemd_boot_editor: false
host_systemd_boot_entries:
- filename: arch.conf
title: Arch Linux
linux: /vmlinuz-linux
initrds:
- /intel-ucode.img
- /initramfs-linux.img
options: "{{ host_kernel_cmdline }}"
- filename: arch-fallback.conf
title: Arch Linux fallback
linux: /vmlinuz-linux
initrds:
- /intel-ucode.img
- /initramfs-linux-fallback.img
options: "{{ host_kernel_cmdline }}"
host_packages:
- cliphist
- grimshot
- nvidia
- noctalia-shell
- intel-ucode
- intel-media-driver
- libva-intel-driver
- mesa
- nvidia-open
- nvidia-settings
- nvidia-utils
- power-profiles-daemon
- mesa-dri
- vulkan-loader
- mesa-vulkan-intel
- intel-video-accel
- tlp
- tlp-rdw
- upower
- vulkan-icd-loader
- vulkan-intel
host_enabled_services:
- tlp
host_sway_dotfiles:
- src: .config/sway/host.conf
dest: .config/sway/host.conf
mode: "0644"
- src: .config/sway/session-env
dest: .config/sway/session-env
mode: "0644"
- src: .config/kanshi/config
dest: .config/kanshi/config
mode: "0644"
noctalia_bar_monitors:
- DP-1
- eDP-1
noctalia_screen_overrides:
- name: DP-1
enabled: false
- name: eDP-1
enabled: false
host_packages_absent:
- network-manager-applet
- blueman
- power-profiles-daemon

11
ansible/inventory/hosts.yml
View File

@@ -5,8 +5,10 @@ all:
hosts:
ikaros:
ansible_connection: local
nymph:
ansible_connection: local
arch:
children:
arch_desktop:
desktop:
hosts:
@@ -55,6 +57,11 @@ all:
deadalus-fedora:
ansible_connection: local
arch_desktop:
hosts:
nymph:
ansible_connection: local
workstation_host_linux:
hosts:
deadalus-ubuntu:

44
ansible/roles/dotfiles_common/tasks/main.yml
View File

@@ -14,7 +14,16 @@
group: "{{ effective_user_group }}"
mode: "0755"
loop: "{{ xdg_user_directories | default([]) }}"
when: "'void' in group_names"
when: "'desktop' in group_names"
- name: Extract templates kit to Templates directory
tags: [dotfiles, dotfiles:common]
ansible.builtin.unarchive:
src: "{{ playbook_dir }}/../dotfiles/common/templates_kit.zip"
dest: "{{ effective_user_home }}/Templates"
owner: "{{ effective_username }}"
group: "{{ effective_user_group }}"
when: "'desktop' in group_names"
- name: Ensure SSH socket directory exists
tags: [dotfiles, dotfiles:common]
@@ -33,10 +42,41 @@
owner: "{{ effective_username }}"
group: "{{ effective_user_group }}"
mode: "{{ item.mode }}"
loop: "{{ common_dotfiles | default([]) }}"
loop: >-
{{
(common_dotfiles | default([]))
+ ((ai_agents_dotfiles | default([])) if (ai_agents_enabled | default(false)) else [])
}}
loop_control:
label: "{{ item.dest }}"
- name: Ensure AI config directories exist
tags: [dotfiles, dotfiles:common]
ansible.builtin.file:
path: "{{ effective_user_home }}/{{ item }}"
state: directory
owner: "{{ effective_username }}"
group: "{{ effective_user_group }}"
mode: "0755"
loop:
- .codex
when:
- ai_agents_enabled | default(false)
- (ai_agents_templates | default([])) | length > 0
- name: Render AI agent templates
tags: [dotfiles, dotfiles:common]
ansible.builtin.template:
src: "{{ playbook_dir }}/../dotfiles/common/{{ item.src }}"
dest: "{{ effective_user_home }}/{{ item.dest }}"
owner: "{{ effective_username }}"
group: "{{ effective_user_group }}"
mode: "{{ item.mode }}"
loop: "{{ ai_agents_templates | default([]) }}"
loop_control:
label: "{{ item.dest }}"
when: ai_agents_enabled | default(false)
- name: Refresh bat cache
tags: [dotfiles, dotfiles:common]
ansible.builtin.command:

27
ansible/roles/packages_arch/tasks/main.yml Normal file
View File

@@ -0,0 +1,27 @@
---
- name: Synchronize and upgrade Arch Linux packages
tags: [packages]
community.general.pacman:
update_cache: true
upgrade: true
- name: Install packages on Arch Linux
tags: [packages]
community.general.pacman:
name: >-
{{
(
(common_packages | default([]))
+ (arch_packages_base | default([]))
+ (arch_desktop_common_packages | default([]))
+ (
(arch_desktop_gnome_packages | default([]))
if 'gnome' in (desktop_sessions_enabled | default([]))
else []
)
+ (arch_profile_packages | default([]))
+ (host_packages | default([]))
)
| unique
}}
state: present

17
ansible/roles/profile_desktop_common/handlers/main.yml
View File

@@ -5,6 +5,7 @@
changed_when: true
when:
- not ansible_check_mode
- "'void' in group_names"
- desktop_restart_emptty_automatically | default(false)
- name: Report manual emptty restart requirement
@@ -16,10 +17,22 @@
to avoid dropping the active graphical session.
when:
- not ansible_check_mode
- "'void' in group_names"
- not (desktop_restart_emptty_automatically | default(false))
- name: Reload SSH service
- name: Reload SSH service with runit
listen: Reload SSH service
ansible.builtin.command: sv reload sshd
changed_when: true
when: not ansible_check_mode
when:
- not ansible_check_mode
- "'void' in group_names"
- name: Reload SSH service with systemd
listen: Reload SSH service
ansible.builtin.systemd:
name: "{{ desktop_ssh_service_name | default('sshd') }}"
state: reloaded
when:
- not ansible_check_mode
- "'arch' in group_names"

75
ansible/roles/profile_desktop_common/tasks/main.yml
View File

@@ -6,6 +6,7 @@
regexp: '^#?HandleLidSwitch='
line: 'HandleLidSwitch=suspend'
state: present
when: "'void' in group_names"
- name: Ensure common config directories exist
tags: [dotfiles, dotfiles:desktop]
@@ -18,10 +19,9 @@
loop:
- "{{ user_home }}/.config"
- "{{ user_home }}/.config/autostart"
- "{{ user_home }}/.config/alacritty"
- "{{ user_home }}/.config/Thunar"
- "{{ user_home }}/.local/share"
- "{{ user_home }}/.local/share/applications"
- "{{ user_home }}/.config/systemd"
- "{{ user_home }}/.config/systemd/user"
- "{{ user_home }}/.bashrc.d"
- "{{ user_home }}/.tmux"
- "{{ user_home }}/.tmux/bin"
- "{{ user_home }}/.tmux/plugins"
@@ -42,6 +42,7 @@
insertafter: '^auth\s+include\s+system-local-login$'
line: "auth optional pam_gnome_keyring.so"
state: present
when: "'void' in group_names"
- name: Enable gnome-keyring PAM session hook
tags: [packages, gnome]
@@ -50,6 +51,7 @@
insertafter: '^session\s+include\s+system-local-login$'
line: "session optional pam_gnome_keyring.so auto_start"
state: present
when: "'void' in group_names"
- name: Enable gnome-keyring PAM password hook
tags: [packages, gnome]
@@ -58,6 +60,7 @@
insertafter: '^password\s+include\s+system-local-login$'
line: "password optional pam_gnome_keyring.so use_authtok"
state: present
when: "'void' in group_names"
- name: Check whether SSH host ed25519 key exists
tags: [services]
@@ -181,6 +184,7 @@
ansible.builtin.stat:
path: /etc/sv/libvirtd
register: libvirtd_service_dir
when: "'void' in group_names"
- name: Enable libvirt daemon service
tags: [packages, services]
@@ -188,7 +192,9 @@
src: /etc/sv/libvirtd
dest: /var/service/libvirtd
state: link
when: libvirtd_service_dir.stat.exists
when:
- "'void' in group_names"
- libvirtd_service_dir.stat.exists
- name: Check virtualization group availability
tags: [packages]
@@ -229,6 +235,7 @@
owner: root
group: root
mode: "0755"
when: "'void' in group_names"
- name: Ensure emptty session directories exist
tags: [packages, services, emptty]
@@ -241,6 +248,7 @@
loop:
- /etc/emptty/xsessions
- /etc/emptty/wayland-sessions
when: "'void' in group_names"
- name: Configure emptty
tags: [packages, services, emptty]
@@ -251,6 +259,7 @@
group: root
mode: "0644"
notify: Restart emptty
when: "'void' in group_names"
- name: Copy common desktop dotfiles
tags: [dotfiles, dotfiles:desktop]
@@ -260,10 +269,41 @@
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "{{ item.mode }}"
loop: "{{ desktop_common_dotfiles | default([]) }}"
loop: >-
{{
(desktop_common_dotfiles | default([]))
+ ((desktop_void_dotfiles | default([])) if 'void' in group_names else [])
+ ((desktop_arch_dotfiles | default([])) if 'arch' in group_names else [])
}}
loop_control:
label: "{{ item.dest }}"
- name: Ensure systemd user enablement directory exists
tags: [services, dotfiles, dotfiles:desktop]
ansible.builtin.file:
path: "{{ user_home }}/.config/systemd/user/default.target.wants"
state: directory
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0755"
when:
- "'arch' in group_names"
- (desktop_systemd_user_services | default([])) | length > 0
- name: Enable desktop systemd user services
tags: [services, dotfiles, dotfiles:desktop]
ansible.builtin.file:
src: "{{ user_home }}/.config/systemd/user/{{ item }}"
dest: "{{ user_home }}/.config/systemd/user/default.target.wants/{{ item }}"
state: link
owner: "{{ username }}"
group: "{{ user_group }}"
force: true
loop: "{{ desktop_systemd_user_services | default([]) }}"
loop_control:
label: "{{ item }}"
when: "'arch' in group_names"
- name: Copy Emacs desktop dotfiles
tags: [dotfiles, dotfiles:desktop, emacs]
ansible.builtin.copy:
@@ -460,14 +500,27 @@
path: "{{ user_home }}/.cargo/bin/rustc"
register: rustup_initialized
- name: Run rustup-init with cargo env sourced
- name: Run rustup-init with cargo env sourced (Void)
ansible.builtin.shell:
cmd: . ~/.cargo/env && rustup-init -y --no-modify-path
creates: "{{ user_home }}/.cargo/bin/rustc"
become_user: "{{ username }}"
environment:
HOME: "{{ user_home }}"
when: not rustup_initialized.stat.exists
when:
- not rustup_initialized.stat.exists
- "'void' in group_names"
- name: Install Rust stable toolchain via rustup (Arch)
ansible.builtin.command:
cmd: rustup toolchain install stable
creates: "{{ user_home }}/.cargo/bin/rustc"
become_user: "{{ username }}"
environment:
HOME: "{{ user_home }}"
when:
- not rustup_initialized.stat.exists
- "'arch' in group_names"
- name: Ensure cargo env is sourced in shell profile
ansible.builtin.lineinfile:
@@ -487,8 +540,8 @@
file: source_tool.yml
apply:
tags: [packages]
loop: "{{ desktop_source_tools }}"
when: desktop_source_tools | length > 0
loop: "{{ desktop_source_tools + (desktop_void_source_tools | default([])) }}"
when: (desktop_source_tools + (desktop_void_source_tools | default([]))) | length > 0
loop_control:
loop_var: source_tool
label: "{{ source_tool.name }}"
@@ -518,7 +571,7 @@
label: "{{ binary_tool.name }}"
- name: Install desktop npm packages
tags: [packages]
tags: [packages, npm]
community.general.npm:
name: "{{ item.name }}"
global: true

59
ansible/roles/profile_desktop_gnome/tasks/main.yml Normal file
View File

@@ -0,0 +1,59 @@
---
- name: Ensure GNOME desktop session is enabled for this profile
tags: [gnome]
ansible.builtin.assert:
that:
- "'gnome' in (desktop_sessions_enabled | default([]))"
fail_msg: >-
profile_desktop_gnome requires desktop_sessions_enabled to include gnome.
- name: Ensure systemd boots to the graphical target
tags: [services, gnome]
ansible.builtin.file:
src: /usr/lib/systemd/system/graphical.target
dest: /etc/systemd/system/default.target
state: link
force: true
owner: root
group: root
- name: Enable emacs user service from package
tags: [services, emacs]
ansible.builtin.systemd:
name: emacs.service
enabled: true
scope: user
become_user: "{{ username }}"
- name: Deploy gpg-agent.conf for GNOME (pinentry-gnome3, no ssh-support)
tags: [dotfiles, dotfiles:desktop, gnome]
ansible.builtin.copy:
src: "{{ playbook_dir }}/../dotfiles/desktop/.gnupg/gpg-agent.arch.conf"
dest: "{{ user_home }}/.gnupg/gpg-agent.conf"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0600"
- name: Enable gnome-keyring PAM auth hook for GDM
tags: [gnome]
ansible.builtin.lineinfile:
path: /etc/pam.d/gdm-password
insertafter: '^auth\s+include\s+system-local-login$'
line: "auth optional pam_gnome_keyring.so"
state: present
- name: Enable gnome-keyring PAM session hook for GDM
tags: [gnome]
ansible.builtin.lineinfile:
path: /etc/pam.d/gdm-password
insertafter: '^session\s+include\s+system-local-login$'
line: "session optional pam_gnome_keyring.so auto_start"
state: present
- name: Enable gnome-keyring PAM password hook for GDM
tags: [gnome]
ansible.builtin.lineinfile:
path: /etc/pam.d/gdm-password
insertafter: '^password\s+include\s+system-local-login$'
line: "password optional pam_gnome_keyring.so use_authtok"
state: present

75
ansible/roles/profile_desktop_host/tasks/nymph.yml
View File

@@ -1,16 +1,75 @@
---
- name: Configure GRUB kernel parameters for NVIDIA hybrid graphics
- name: Ensure systemd-boot loader entries directory exists
tags: [packages, nvidia]
ansible.builtin.lineinfile:
path: /etc/default/grub
regexp: '^GRUB_CMDLINE_LINUX='
line: 'GRUB_CMDLINE_LINUX="rd.luks.uuid=1e15d159-5d05-4a1f-9639-ac200dff9f9c rootflags=subvol=@ apparmor=1 security=apparmor nouveau.modeset=0 nvidia-drm.modeset=1"'
state: present
ansible.builtin.file:
path: "{{ host_systemd_boot_esp_path }}/loader/entries"
state: directory
owner: root
group: root
mode: "0755"
when: host_systemd_boot_esp_path is defined
- name: Regenerate GRUB configuration
- name: Check whether systemd-boot is installed
tags: [packages, nvidia]
ansible.builtin.command: grub-mkconfig -o /boot/grub/grub.cfg
ansible.builtin.command:
argv:
- bootctl
- "--esp-path={{ host_systemd_boot_esp_path }}"
- is-installed
register: nymph_systemd_boot_state
changed_when: false
failed_when: false
when:
- host_systemd_boot_esp_path is defined
- not ansible_check_mode
- name: Install systemd-boot
tags: [packages, nvidia]
ansible.builtin.command:
argv:
- bootctl
- "--esp-path={{ host_systemd_boot_esp_path }}"
- install
changed_when: true
when:
- host_systemd_boot_esp_path is defined
- not ansible_check_mode
- nymph_systemd_boot_state.rc | default(1) != 0
- name: Configure systemd-boot loader defaults
tags: [packages, nvidia]
ansible.builtin.copy:
dest: "{{ host_systemd_boot_esp_path }}/loader/loader.conf"
content: |
default {{ host_systemd_boot_default }}
timeout {{ host_systemd_boot_timeout | default(3) }}
console-mode {{ host_systemd_boot_console_mode | default('max') }}
editor {{ 'yes' if host_systemd_boot_editor | default(false) else 'no' }}
owner: root
group: root
mode: "0644"
when:
- host_systemd_boot_esp_path is defined
- host_systemd_boot_default is defined
- name: Configure systemd-boot Arch entries
tags: [packages, nvidia]
ansible.builtin.copy:
dest: "{{ host_systemd_boot_esp_path }}/loader/entries/{{ item.filename }}"
content: |-
title {{ item.title }}
linux {{ item.linux }}
{% for initrd in item.initrds | default([]) %}
initrd {{ initrd }}
{% endfor %}
options {{ item.options }}
owner: root
group: root
mode: "0644"
loop: "{{ host_systemd_boot_entries | default([]) }}"
loop_control:
label: "{{ item.filename }}"
when: host_systemd_boot_esp_path is defined
- name: Configure NVIDIA power management for hybrid graphics
tags: [packages, nvidia]

3
ansible/roles/profile_desktop_i3/tasks/main.yml
View File

@@ -8,8 +8,11 @@
group: "{{ user_group }}"
mode: "0755"
loop:
- "{{ user_home }}/.config/alacritty"
- "{{ user_home }}/.config/dunst"
- "{{ user_home }}/.config/i3"
- "{{ user_home }}/.config/i3blocks"
- "{{ user_home }}/.config/rofi"
when: "'i3' in (desktop_sessions_enabled | default([]))"
- name: Install allowed emptty X11 sessions

58
ansible/roles/profile_desktop_sway/tasks/main.yml
View File

@@ -10,10 +10,6 @@
loop:
- "{{ user_home }}/.config/sway"
- "{{ user_home }}/.config/kanshi"
- "{{ user_home }}/.config/qt5ct"
- "{{ user_home }}/.config/qt5ct/colors"
- "{{ user_home }}/.config/qt6ct"
- "{{ user_home }}/.config/qt6ct/colors"
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Ensure Noctalia config directories exist
@@ -73,26 +69,6 @@
mode: "0644"
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Render qt5ct config
tags: [dotfiles, dotfiles:desktop, sway, noctalia]
ansible.builtin.template:
src: qt5ct.conf.j2
dest: "{{ user_home }}/.config/qt5ct/qt5ct.conf"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0644"
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Render qt6ct config
tags: [dotfiles, dotfiles:desktop, sway, noctalia]
ansible.builtin.template:
src: qt6ct.conf.j2
dest: "{{ user_home }}/.config/qt6ct/qt6ct.conf"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0644"
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Manage Noctalia shell plugins
tags: [dotfiles, dotfiles:desktop, sway, noctalia]
ansible.builtin.include_tasks: noctalia.yml
@@ -107,37 +83,3 @@
group: "{{ user_group }}"
mode: "0644"
when: "'sway' in (desktop_sessions_enabled | default([]))"
- name: Allow Flatpak apps to read shared theme configs
tags: [packages, dotfiles, dotfiles:desktop, sway, noctalia]
ansible.builtin.command:
argv:
- flatpak
- override
- --user
- "--filesystem={{ item }}"
become_user: "{{ username }}"
environment:
HOME: "{{ user_home }}"
changed_when: false
loop: "{{ desktop_flatpak_global_filesystems | default([]) }}"
when:
- "'sway' in (desktop_sessions_enabled | default([]))"
- (desktop_flatpak_packages | default([])) | length > 0
- name: Export global Flatpak environment for theme integration
tags: [packages, dotfiles, dotfiles:desktop, sway, noctalia]
ansible.builtin.command:
argv:
- flatpak
- override
- --user
- "--env={{ item }}"
become_user: "{{ username }}"
environment:
HOME: "{{ user_home }}"
changed_when: false
loop: "{{ desktop_flatpak_global_env | default([]) }}"
when:
- "'sway' in (desktop_sessions_enabled | default([]))"
- (desktop_flatpak_packages | default([])) | length > 0

18
ansible/roles/profile_desktop_sway/tasks/noctalia.yml
View File

@@ -137,22 +137,6 @@
owner: "{{ username }}"
group: "{{ user_group }}"
loop:
- clipboard
- polkit-agent
- screenshot
- usb-drive-manager
- name: Ensure Noctalia cache directory exists
ansible.builtin.file:
path: "{{ user_home }}/.cache/noctalia"
state: directory
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0755"
- name: Deploy Noctalia wallpapers cache
ansible.builtin.template:
src: wallpapers.json.j2
dest: "{{ user_home }}/.cache/noctalia/wallpapers.json"
owner: "{{ username }}"
group: "{{ user_group }}"
mode: "0644"

20
ansible/roles/profile_desktop_sway/templates/noctalia-settings.json.j2
View File

@@ -203,18 +203,6 @@
"middleClickCommand": "pwvucontrol || pavucontrol",
"textColor": "none"
},
{
"displayMode": "onhover",
"iconColor": "none",
"id": "Network",
"textColor": "none"
},
{
"displayMode": "onhover",
"iconColor": "none",
"id": "Bluetooth",
"textColor": "none"
},
{
"applyToAllMonitors": false,
"displayMode": "onhover",
@@ -573,17 +561,15 @@
{"enabled": true, "id": "alacritty"},
{"enabled": true, "id": "gtk"},
{"enabled": true, "id": "emacs"},
{"enabled": true, "id": "telegram"},
{"enabled": true, "id": "qt"},
{"enabled": true, "id": "sway"}
{"enabled": true, "id": "telegram"}
],
"enableUserTheming": false
},
"ui": {
"boxBorderEnabled": false,
"fontDefault": "{{ desktop_ui_font_family | default('Noto Sans') }}",
"fontDefault": "Sans Serif",
"fontDefaultScale": 1,
"fontFixed": "{{ desktop_fixed_font_family | default('Hack Nerd Font') }}",
"fontFixed": "monospace",
"fontFixedScale": 1,
"panelBackgroundOpacity": 0.93,
"panelsAttachedToBar": true,

6
ansible/roles/profile_desktop_sway/templates/qt5ct.conf.j2
View File

@@ -1,6 +0,0 @@
[Appearance]
color_scheme_path={{ user_home }}/.config/qt5ct/colors/noctalia.conf
custom_palette=true
icon_theme={{ desktop_icon_theme | default('Yaru-orange-dark') }}
standard_dialogs=default
style=Fusion

6
ansible/roles/profile_desktop_sway/templates/qt6ct.conf.j2
View File

@@ -1,6 +0,0 @@
[Appearance]
color_scheme_path={{ user_home }}/.config/qt6ct/colors/noctalia.conf
custom_palette=true
icon_theme={{ desktop_icon_theme | default('Yaru-orange-dark') }}
standard_dialogs=default
style=Fusion

9
ansible/roles/profile_desktop_sway/templates/shell.conf.j2
View File

@@ -2,9 +2,9 @@ set $menu qs -c noctalia-shell ipc call launcher toggle
set $audio_panel qs -c noctalia-shell ipc call volume openPanel
set $locker qs -c noctalia-shell ipc call lockScreen lock
set $powermenu qs -c noctalia-shell ipc call sessionMenu toggle
set $screenshot_full sh -c 'QT_QPA_PLATFORM=wayland flameshot full --clipboard'
set $screenshot_region sh -c 'QT_QPA_PLATFORM=wayland flameshot gui'
set $screenshot_window sh -c 'QT_QPA_PLATFORM=wayland flameshot gui'
set $screenshot_full qs -c noctalia-shell ipc call plugin:screenshot takeScreenshot output
set $screenshot_region qs -c noctalia-shell ipc call plugin:screenshot takeScreenshot region
set $screenshot_window qs -c noctalia-shell ipc call plugin:screenshot takeScreenshot window
set $audio_raise qs -c noctalia-shell ipc call volume increase
set $audio_lower qs -c noctalia-shell ipc call volume decrease
set $audio_mute qs -c noctalia-shell ipc call volume muteOutput
@@ -22,11 +22,8 @@ exec pipewire
exec pipewire-pulse
exec wireplumber
exec kanshi
exec flameshot
exec udiskie --no-tray
exec wl-paste --watch cliphist store
exec qs -c noctalia-shell
bindsym $mod+c exec qs -c noctalia-shell ipc call launcher clipboard
bindsym $mod+Ctrl+v exec qs -c noctalia-shell ipc call plugin:clipboard toggle
bindsym $mod+Ctrl+Shift+v exec qs -c noctalia-shell ipc call plugin:clipboard wipe

18
ansible/roles/profile_desktop_sway/templates/wallpapers.json.j2
View File

@@ -1,18 +0,0 @@
{
"defaultWallpaper": "/etc/xdg/quickshell/noctalia-shell/Assets/Wallpaper/noctalia.png",
"usedRandomWallpapers": {},
"wallpapers": {
"": {
"dark": "{{ noctalia_wallpaper }}",
"light": "{{ noctalia_wallpaper }}"
},
"DP-1": {
"dark": "{{ noctalia_wallpaper }}",
"light": "{{ noctalia_wallpaper }}"
},
"eDP-1": {
"dark": "{{ noctalia_wallpaper }}",
"light": "{{ noctalia_wallpaper }}"
}
}
}

2
ansible/roles/profile_workstation_dev_common/tasks/main.yml
View File

@@ -36,7 +36,7 @@
label: "{{ item.dest }}"
- name: Install workstation npm packages
tags: [packages]
tags: [packages, npm]
community.general.npm:
name: "{{ item.name }}"
global: true

14
ansible/roles/profile_workstation_gnome/tasks/main.yml
View File

@@ -74,6 +74,20 @@
changed_when: true
when: item.stdout | trim != item.item.value
- name: Apply workstation GNOME extension dconf settings
tags: [gnome]
ansible.builtin.command:
argv:
- dconf
- write
- "{{ item.path }}{{ item.key }}"
- "{{ item.value }}"
become_user: "{{ username }}"
loop: "{{ workstation_gnome_extension_dconf_settings | default([]) }}"
loop_control:
label: "{{ item.path }}{{ item.key }}"
changed_when: true
- name: Check whether VS Code CLI is available on workstation host
tags: [packages, vscode]
ansible.builtin.command:

9
ansible/roles/services_systemd/tasks/main.yml
View File

@@ -18,3 +18,12 @@
loop: "{{ host_enabled_services | default([]) }}"
loop_control:
label: "{{ item }}"
- name: Enable systemd services without starting them
tags: [services, packages]
ansible.builtin.systemd:
name: "{{ item }}"
enabled: true
loop: "{{ enabled_services_only | default([]) }}"
loop_control:
label: "{{ item }}"

10
ansible/site.yml
View File

@@ -28,6 +28,16 @@
- profile_desktop_sway
- profile_desktop_host
- hosts: arch
become: true
roles:
- packages_arch
- services_systemd
- profile_desktop_common
- profile_desktop_gnome
- profile_desktop_host
- hosts: workstation_dev_ubuntu
become: true

24
ansible/templates/server/docker-compose.yml.j2
View File

@@ -36,6 +36,25 @@ services:
- web
- gitea
# Disabled: prometheus does not have enough resources to run Nextcloud AIO.
# nextcloud-aio-mastercontainer:
# image: ghcr.io/nextcloud-releases/all-in-one:latest
# container_name: nextcloud-aio-mastercontainer
# init: true
# restart: always
# ports:
# - "127.0.0.1:8080:8080"
# environment:
# APACHE_PORT: "11000"
# APACHE_IP_BINDING: "0.0.0.0"
# APACHE_ADDITIONAL_NETWORK: "server_web"
# NEXTCLOUD_DATADIR: "/srv/nextcloud/data"
# volumes:
# - "nextcloud_aio_mastercontainer:/mnt/docker-aio-config"
# - "/var/run/docker.sock:/var/run/docker.sock:ro"
# networks:
# - web
navidromedb:
image: postgres:13
container_name: navidromedb
@@ -87,6 +106,11 @@ services:
networks:
web:
name: server_web
external: false
gitea:
external: false
# volumes:
# nextcloud_aio_mastercontainer:
# name: nextcloud_aio_mastercontainer

5
dotfiles/common/.claude/CLAUDE.md Normal file
View File

@@ -0,0 +1,5 @@
# Claude Code Global Context
Import the shared coding agent bootstrap context:
@~/.config/ai/bootstrap.md

16
dotfiles/common/.codex/config.toml.j2 Normal file
View File

@@ -0,0 +1,16 @@
model = "gpt-5.5"
model_reasoning_effort = "medium"
model_instructions_file = "{{ effective_user_home }}/.config/ai/bootstrap.md"
[projects."/home/fscotto/AnsiblePlaybook"]
trust_level = "trusted"
[tui]
theme = "coldark-dark"
[tui.model_availability_nux]
"gpt-5.5" = 3
[features]
memories = true

0
dotfiles/desktop/.config/opencode/AGENTS.md → dotfiles/common/.config/ai/AGENTS.md
View File

0
dotfiles/desktop/.config/opencode/bootstrap.md → dotfiles/common/.config/ai/bootstrap.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/architecture.md → dotfiles/common/.config/ai/knowledge/architecture.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/cli.md → dotfiles/common/.config/ai/knowledge/cli.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/desktop.md → dotfiles/common/.config/ai/knowledge/desktop.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/dotfiles.md → dotfiles/common/.config/ai/knowledge/dotfiles.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/emacs.md → dotfiles/common/.config/ai/knowledge/emacs.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/infra.md → dotfiles/common/.config/ai/knowledge/infra.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/kernel.md → dotfiles/common/.config/ai/knowledge/kernel.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/os_setup.md → dotfiles/common/.config/ai/knowledge/os_setup.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/philosophy.md → dotfiles/common/.config/ai/knowledge/philosophy.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/server.md → dotfiles/common/.config/ai/knowledge/server.md
View File

0
dotfiles/desktop/.config/opencode/knowledge/system_programming.md → dotfiles/common/.config/ai/knowledge/system_programming.md
View File

0
dotfiles/desktop/.config/opencode/patterns/ansible_role.md → dotfiles/common/.config/ai/patterns/ansible_role.md
View File

0
dotfiles/desktop/.config/opencode/patterns/dotfiles_layering.md → dotfiles/common/.config/ai/patterns/dotfiles_layering.md
View File

0
dotfiles/desktop/.config/opencode/patterns/project_structure.md → dotfiles/common/.config/ai/patterns/project_structure.md
View File

0
dotfiles/desktop/.config/opencode/patterns/service_setup.md → dotfiles/common/.config/ai/patterns/service_setup.md
View File

0
dotfiles/desktop/.config/opencode/rules/ansible.md → dotfiles/common/.config/ai/rules/ansible.md
View File

0
dotfiles/desktop/.config/opencode/rules/dotfiles.md → dotfiles/common/.config/ai/rules/dotfiles.md
View File

0
dotfiles/desktop/.config/opencode/rules/safety.md → dotfiles/common/.config/ai/rules/safety.md
View File

0
dotfiles/desktop/.config/opencode/rules/workflow.md → dotfiles/common/.config/ai/rules/workflow.md
View File

7
dotfiles/common/.config/opencode/opencode.json Normal file
View File

@@ -0,0 +1,7 @@
{
"$schema": "https://opencode.ai/config.json",
"instructions": [
"~/.config/ai/bootstrap.md",
"~/.config/ai/rules/safety.md"
]
}

14
dotfiles/common/.gemini/settings.json Normal file
View File

@@ -0,0 +1,14 @@
{
"security": {
"auth": {
"selectedType": "oauth-personal"
}
},
"context": {
"fileName": [
"~/.config/ai/bootstrap.md",
"~/.config/ai/rules/safety.md",
"~/.config/ai/AGENTS.md"
]
}
}

BIN
dotfiles/common/templates_kit.zip Normal file
View File

Binary file not shown.

BIN
dotfiles/desktop/.authinfo.gpg
View File

Binary file not shown.

39
dotfiles/desktop/.bashrc.d/14-dbus-session.sh Normal file
View File

@@ -0,0 +1,39 @@
# Validate DBUS_SESSION_BUS_ADDRESS: a stale value (e.g. inherited from a
# dead X session) makes secret-tool, mbsync, msmtp fail with
# "Could not connect: No such file or directory".
# Fall back to ~/.dbus-session-bus-address (written by .xinitrc) or
# /run/user/$UID/bus, mirroring scripts/bootstrap_mail.sh.
_dbus_addr_socket_path() {
printf '%s' "${1#unix:path=}" | sed 's/,.*//'
}
_dbus_addr_is_live() {
case "$1" in
unix:path=*)
[ -S "$(_dbus_addr_socket_path "$1")" ]
;;
unix:abstract=*)
return 0
;;
*)
return 1
;;
esac
}
if ! _dbus_addr_is_live "${DBUS_SESSION_BUS_ADDRESS:-}"; then
unset DBUS_SESSION_BUS_ADDRESS
if [ -f "$HOME/.dbus-session-bus-address" ]; then
_saved=$(tr -d '\n' <"$HOME/.dbus-session-bus-address" 2>/dev/null)
if [ -n "$_saved" ] && _dbus_addr_is_live "$_saved"; then
export DBUS_SESSION_BUS_ADDRESS="$_saved"
fi
unset _saved
fi
if [ -z "${DBUS_SESSION_BUS_ADDRESS:-}" ] && [ -S "/run/user/$(id -u)/bus" ]; then
export DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u)/bus"
fi
fi
unset -f _dbus_addr_socket_path _dbus_addr_is_live

1
dotfiles/desktop/.bashrc.d/15-runit-desktop.sh
View File

@@ -1,2 +1 @@
export SVDIR="$HOME/.config/service"
export SSH_AUTH_SOCK="$HOME/.local/state/ssh-agent/socket"

1
dotfiles/desktop/.bashrc.d/16-ssh-agent-socket.sh Normal file
View File

@@ -0,0 +1 @@
export SSH_AUTH_SOCK="$HOME/.local/state/ssh-agent/socket"

4
dotfiles/desktop/.bashrc.d/25-emacs-client-desktop.sh
View File

@@ -1,14 +1,14 @@
if command -v emacsclient >/dev/null 2>&1; then
ec() {
emacsclient -c -n "$@" || {
printf '%s\n' "Emacs server is not available. Log into a graphical session and ensure the turnstile-managed 'emacs' service is running." >&2
printf '%s\n' "Emacs server is not available. Log into a graphical session and ensure the user 'emacs' service is running." >&2
return 1
}
}
et() {
emacsclient -t "$@" || {
printf '%s\n' "Emacs server is not available. Ensure the turnstile-managed 'emacs' service is running in your graphical session." >&2
printf '%s\n' "Emacs server is not available. Ensure the user 'emacs' service is running in your graphical session." >&2
return 1
}
}

2
dotfiles/desktop/.bashrc.d/50-ap.sh
View File

@@ -12,7 +12,7 @@ ap() {
cmd+=(--tag "$1")
fi
printf '+ %s\n' "${cmd[*]}"
printf '\033[0;36m+ %s\033[0m\n' "${cmd[*]}"
"${cmd[@]}"
)
}

30
dotfiles/desktop/.config/alacritty/alacritty.toml
View File

@@ -1,6 +1,3 @@
[general]
import = ["~/.config/alacritty/themes/noctalia.toml"]
[window]
padding = { x = 8, y = 8 }
opacity = 1.0
@@ -16,8 +13,33 @@ multiplier = 3
[cursor]
style = { shape = "Beam", blinking = "Off" }
[colors.primary]
background = "#000000"
foreground = "#c8c8c8"
[colors.normal]
black = "#1f1f28"
red = "#c7162b"
green = "#4caf50"
yellow = "#e95420"
blue = "#4a90d9"
magenta = "#7e57c2"
cyan = "#6daeea"
white = "#eeeeee"
[colors.bright]
black = "#3a3a46"
red = "#ff5c5c"
green = "#7ad97a"
yellow = "#ff8f40"
blue = "#6daeea"
magenta = "#9575cd"
cyan = "#8bd6ff"
white = "#ffffff"
[keyboard]
bindings = [
{ key = "V", mods = "Control|Shift", action = "Paste" },
{ key = "C", mods = "Control|Shift", action = "Copy" }
{ key = "C", mods = "Control|Shift", action = "Copy" },
{ key = "Return", mods = "Shift", chars = "\u001B\r" }
]

2
dotfiles/desktop/.config/i3/config
View File

@@ -9,7 +9,7 @@ font pango:Liberation Mono 10
exec --no-startup-id dex --autostart --environment i3
exec --no-startup-id gnome-keyring-daemon --start --components=secrets
exec_always --no-startup-id setxkbmap -layout us -variant intl
exec_always --no-startup-id feh --bg-fill ~/.config/i3/wallpapers/void-minimalist2.png
exec_always --no-startup-id feh --bg-center ~/.config/i3/wallpapers/wallpaper-161664.jpg
exec_always --no-startup-id ~/.config/i3/scripts/setup-gtk-theme.sh
exec --no-startup-id /usr/libexec/xdg-desktop-portal

2
dotfiles/desktop/.config/i3/scripts/lockscreen
View File

@@ -1,6 +1,6 @@
#!/bin/sh
wallpaper="$HOME/.config/i3/wallpapers/void-minimalist.png"
wallpaper="$HOME/.config/i3/wallpapers/maxresdefault.jpg"
cached="$HOME/.cache/i3lock/wallpaper.png"
dims_cache="$HOME/.cache/i3lock/dims.txt"
dims=$(xdotool getdisplaygeometry | tr ' ' 'x')

BIN
dotfiles/desktop/.config/i3/wallpapers/785318-darth-vader.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 82 KiB

BIN
dotfiles/desktop/.config/i3/wallpapers/maxresdefault.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 116 KiB

BIN
dotfiles/desktop/.config/i3/wallpapers/wallpaper-161664.jpg Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 118 KiB

250
dotfiles/desktop/.config/mimeapps.arch.list Normal file
View File

@@ -0,0 +1,250 @@
[Default Applications]
text/html=userapp-Firefox-91DVN3.desktop
x-scheme-handler/http=userapp-Firefox-91DVN3.desktop
x-scheme-handler/https=userapp-Firefox-91DVN3.desktop
x-scheme-handler/about=firefox.desktop
x-scheme-handler/unknown=firefox.desktop
application/pdf=com.github.xournalpp.xournalpp.desktop
application/json=emacs.desktop
application/json5=emacs.desktop
application/xml=emacs.desktop
application/xml-external-parsed-entity=emacs.desktop
application/x-shellscript=emacs.desktop
application/yaml=emacs.desktop
inode/directory=org.gnome.Nautilus.desktop
audio/aac=mpv.desktop
audio/flac=mpv.desktop
audio/m4a=mpv.desktop
audio/mp3=mpv.desktop
audio/mpeg=mpv.desktop
audio/mp4=mpv.desktop
audio/ogg=mpv.desktop
audio/opus=mpv.desktop
audio/vnd.wave=mpv.desktop
audio/wav=mpv.desktop
audio/webm=mpv.desktop
audio/x-aac=mpv.desktop
audio/x-m4a=mpv.desktop
audio/x-matroska=mpv.desktop
audio/x-mp3=mpv.desktop
audio/x-mpegurl=mpv.desktop
audio/x-ms-wma=mpv.desktop
audio/x-ogg=mpv.desktop
audio/x-pn-wav=mpv.desktop
audio/x-scpls=mpv.desktop
audio/x-wav=mpv.desktop
video/3gp=mpv.desktop
video/3gpp=mpv.desktop
video/3gpp2=mpv.desktop
video/avi=mpv.desktop
video/mp2t=mpv.desktop
video/mp4=mpv.desktop
video/mp4v-es=mpv.desktop
video/mpeg=mpv.desktop
video/ogg=mpv.desktop
video/quicktime=mpv.desktop
video/vnd.avi=mpv.desktop
video/webm=mpv.desktop
video/x-avi=mpv.desktop
video/x-flc=mpv.desktop
video/x-flic=mpv.desktop
video/x-flv=mpv.desktop
video/x-m4v=mpv.desktop
video/x-matroska=mpv.desktop
video/x-mpeg2=mpv.desktop
video/x-ms-asf=mpv.desktop
video/x-ms-wmv=mpv.desktop
video/x-msvideo=mpv.desktop
video/x-ogm+ogg=mpv.desktop
video/x-theora=mpv.desktop
video/x-theora+ogg=mpv.desktop
application/msword=libreoffice-writer.desktop
application/rtf=libreoffice-writer.desktop
application/vnd.ms-word=libreoffice-writer.desktop
application/vnd.ms-word.document.macroEnabled.12=libreoffice-writer.desktop
application/vnd.ms-word.template.macroEnabled.12=libreoffice-writer.desktop
application/vnd.oasis.opendocument.text=libreoffice-writer.desktop
application/vnd.oasis.opendocument.text-template=libreoffice-writer.desktop
application/vnd.openxmlformats-officedocument.wordprocessingml.document=libreoffice-writer.desktop
application/vnd.openxmlformats-officedocument.wordprocessingml.template=libreoffice-writer.desktop
application/x-doc=libreoffice-writer.desktop
text/rtf=libreoffice-writer.desktop
application/csv=libreoffice-calc.desktop
application/excel=libreoffice-calc.desktop
application/msexcel=libreoffice-calc.desktop
application/tab-separated-values=libreoffice-calc.desktop
application/vnd.ms-excel=libreoffice-calc.desktop
application/vnd.ms-excel.sheet.binary.macroEnabled.12=libreoffice-calc.desktop
application/vnd.ms-excel.sheet.macroEnabled.12=libreoffice-calc.desktop
application/vnd.ms-excel.template.macroEnabled.12=libreoffice-calc.desktop
application/vnd.oasis.opendocument.spreadsheet=libreoffice-calc.desktop
application/vnd.oasis.opendocument.spreadsheet-template=libreoffice-calc.desktop
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet=libreoffice-calc.desktop
application/vnd.openxmlformats-officedocument.spreadsheetml.template=libreoffice-calc.desktop
application/x-dos_ms_excel=libreoffice-calc.desktop
application/x-excel=libreoffice-calc.desktop
application/x-ms-excel=libreoffice-calc.desktop
application/x-msexcel=libreoffice-calc.desktop
text/comma-separated-values=libreoffice-calc.desktop
text/csv=libreoffice-calc.desktop
text/tab-separated-values=libreoffice-calc.desktop
text/x-comma-separated-values=libreoffice-calc.desktop
text/x-csv=libreoffice-calc.desktop
application/mspowerpoint=libreoffice-impress.desktop
application/vnd.ms-powerpoint=libreoffice-impress.desktop
application/vnd.ms-powerpoint.presentation.macroEnabled.12=libreoffice-impress.desktop
application/vnd.ms-powerpoint.slideshow.macroEnabled.12=libreoffice-impress.desktop
application/vnd.ms-powerpoint.template.macroEnabled.12=libreoffice-impress.desktop
application/vnd.oasis.opendocument.presentation=libreoffice-impress.desktop
application/vnd.oasis.opendocument.presentation-template=libreoffice-impress.desktop
application/vnd.openxmlformats-officedocument.presentationml.presentation=libreoffice-impress.desktop
application/vnd.openxmlformats-officedocument.presentationml.slide=libreoffice-impress.desktop
application/vnd.openxmlformats-officedocument.presentationml.slideshow=libreoffice-impress.desktop
application/vnd.openxmlformats-officedocument.presentationml.template=libreoffice-impress.desktop
text/markdown=emacs.desktop
text/org=emacs.desktop
text/plain=emacs.desktop
text/rust=emacs.desktop
text/x-c++hdr=emacs.desktop
text/x-c++src=emacs.desktop
text/x-chdr=emacs.desktop
text/x-csrc=emacs.desktop
text/x-emacs-lisp=emacs.desktop
text/x-go=emacs.desktop
text/x-java=emacs.desktop
text/x-makefile=emacs.desktop
text/x-patch=emacs.desktop
text/x-python=emacs.desktop
text/x-python3=emacs.desktop
text/x-readme=emacs.desktop
text/x-rst=emacs.desktop
text/x-tex=emacs.desktop
text/x-texinfo=emacs.desktop
x-scheme-handler/chrome=userapp-Firefox-91DVN3.desktop
application/x-extension-htm=userapp-Firefox-91DVN3.desktop
application/x-extension-html=userapp-Firefox-91DVN3.desktop
application/x-extension-shtml=userapp-Firefox-91DVN3.desktop
application/xhtml+xml=userapp-Firefox-91DVN3.desktop
application/x-extension-xhtml=userapp-Firefox-91DVN3.desktop
application/x-extension-xht=userapp-Firefox-91DVN3.desktop
[Added Associations]
application/json=emacs.desktop;
application/json5=emacs.desktop;
application/pdf=com.github.xournalpp.xournalpp.desktop;
application/xml=emacs.desktop;
application/xml-external-parsed-entity=emacs.desktop;
application/x-shellscript=emacs.desktop;
application/yaml=emacs.desktop;
text/plain=emacs.desktop;
inode/directory=org.gnome.Nautilus.desktop;
audio/aac=mpv.desktop;
audio/flac=mpv.desktop;
audio/m4a=mpv.desktop;
audio/mp3=mpv.desktop;
audio/mpeg=mpv.desktop;
audio/mp4=mpv.desktop;
audio/ogg=mpv.desktop;
audio/opus=mpv.desktop;
audio/vnd.wave=mpv.desktop;
audio/wav=mpv.desktop;
audio/webm=mpv.desktop;
audio/x-aac=mpv.desktop;
audio/x-m4a=mpv.desktop;
audio/x-matroska=mpv.desktop;
audio/x-mp3=mpv.desktop;
audio/x-mpegurl=mpv.desktop;
audio/x-ms-wma=mpv.desktop;
audio/x-ogg=mpv.desktop;
audio/x-pn-wav=mpv.desktop;
audio/x-scpls=mpv.desktop;
audio/x-wav=mpv.desktop;
video/3gp=mpv.desktop;
video/3gpp=mpv.desktop;
video/3gpp2=mpv.desktop;
video/avi=mpv.desktop;
video/mp2t=mpv.desktop;
video/mp4=mpv.desktop;
video/mp4v-es=mpv.desktop;
video/mpeg=mpv.desktop;
video/ogg=mpv.desktop;
video/quicktime=mpv.desktop;
video/vnd.avi=mpv.desktop;
video/webm=mpv.desktop;
video/x-avi=mpv.desktop;
video/x-flc=mpv.desktop;
video/x-flic=mpv.desktop;
video/x-flv=mpv.desktop;
video/x-m4v=mpv.desktop;
video/x-matroska=mpv.desktop;
video/x-mpeg2=mpv.desktop;
video/x-ms-asf=mpv.desktop;
video/x-ms-wmv=mpv.desktop;
video/x-msvideo=mpv.desktop;
video/x-ogm+ogg=mpv.desktop;
video/x-theora=mpv.desktop;
video/x-theora+ogg=mpv.desktop;
application/msword=libreoffice-writer.desktop;
application/rtf=libreoffice-writer.desktop;
application/vnd.ms-word=libreoffice-writer.desktop;
application/vnd.ms-word.document.macroEnabled.12=libreoffice-writer.desktop;
application/vnd.ms-word.template.macroEnabled.12=libreoffice-writer.desktop;
application/vnd.oasis.opendocument.text=libreoffice-writer.desktop;
application/vnd.oasis.opendocument.text-template=libreoffice-writer.desktop;
application/vnd.openxmlformats-officedocument.wordprocessingml.document=libreoffice-writer.desktop;
application/vnd.openxmlformats-officedocument.wordprocessingml.template=libreoffice-writer.desktop;
application/x-doc=libreoffice-writer.desktop;
text/rtf=libreoffice-writer.desktop;
application/csv=libreoffice-calc.desktop;
application/excel=libreoffice-calc.desktop;
application/msexcel=libreoffice-calc.desktop;
application/tab-separated-values=libreoffice-calc.desktop;
application/vnd.ms-excel=libreoffice-calc.desktop;
application/vnd.ms-excel.sheet.binary.macroEnabled.12=libreoffice-calc.desktop;
application/vnd.ms-excel.sheet.macroEnabled.12=libreoffice-calc.desktop;
application/vnd.ms-excel.template.macroEnabled.12=libreoffice-calc.desktop;
application/vnd.oasis.opendocument.spreadsheet=libreoffice-calc.desktop;
application/vnd.oasis.opendocument.spreadsheet-template=libreoffice-calc.desktop;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet=libreoffice-calc.desktop;
application/vnd.openxmlformats-officedocument.spreadsheetml.template=libreoffice-calc.desktop;
application/x-dos_ms_excel=libreoffice-calc.desktop;
application/x-excel=libreoffice-calc.desktop;
application/x-ms-excel=libreoffice-calc.desktop;
application/x-msexcel=libreoffice-calc.desktop;
text/comma-separated-values=libreoffice-calc.desktop;
text/csv=libreoffice-calc.desktop;
text/tab-separated-values=libreoffice-calc.desktop;
text/x-comma-separated-values=libreoffice-calc.desktop;
text/x-csv=libreoffice-calc.desktop;
application/mspowerpoint=libreoffice-impress.desktop;
application/vnd.ms-powerpoint=libreoffice-impress.desktop;
application/vnd.ms-powerpoint.presentation.macroEnabled.12=libreoffice-impress.desktop;
application/vnd.ms-powerpoint.slideshow.macroEnabled.12=libreoffice-impress.desktop;
application/vnd.ms-powerpoint.template.macroEnabled.12=libreoffice-impress.desktop;
application/vnd.oasis.opendocument.presentation=libreoffice-impress.desktop;
application/vnd.oasis.opendocument.presentation-template=libreoffice-impress.desktop;
application/vnd.openxmlformats-officedocument.presentationml.presentation=libreoffice-impress.desktop;
application/vnd.openxmlformats-officedocument.presentationml.slide=libreoffice-impress.desktop;
application/vnd.openxmlformats-officedocument.presentationml.slideshow=libreoffice-impress.desktop;
application/vnd.openxmlformats-officedocument.presentationml.template=libreoffice-impress.desktop;
text/markdown=emacs.desktop;
text/org=emacs.desktop;
text/rust=emacs.desktop;
text/x-c++hdr=emacs.desktop;
text/x-c++src=emacs.desktop;
text/x-chdr=emacs.desktop;
text/x-csrc=emacs.desktop;
text/x-emacs-lisp=emacs.desktop;
text/x-go=emacs.desktop;
text/x-java=emacs.desktop;
text/x-makefile=emacs.desktop;
text/x-patch=emacs.desktop;
text/x-python=emacs.desktop;
text/x-python3=emacs.desktop;
text/x-readme=emacs.desktop;
text/x-rst=emacs.desktop;
text/x-tex=emacs.desktop;
text/x-texinfo=emacs.desktop;
x-scheme-handler/http=userapp-Firefox-91DVN3.desktop;
x-scheme-handler/https=userapp-Firefox-91DVN3.desktop;
x-scheme-handler/chrome=userapp-Firefox-91DVN3.desktop;

16
dotfiles/desktop/.config/mimeapps.list
View File

@@ -1,7 +1,7 @@
[Default Applications]
text/html=firefox.desktop
x-scheme-handler/http=firefox.desktop
x-scheme-handler/https=firefox.desktop
text/html=userapp-Firefox-91DVN3.desktop
x-scheme-handler/http=userapp-Firefox-91DVN3.desktop
x-scheme-handler/https=userapp-Firefox-91DVN3.desktop
x-scheme-handler/about=firefox.desktop
x-scheme-handler/unknown=firefox.desktop
application/pdf=com.github.xournalpp.xournalpp.desktop
@@ -164,6 +164,13 @@ text/x-readme=emacs.desktop
text/x-rst=emacs.desktop
text/x-tex=emacs.desktop
text/x-texinfo=emacs.desktop
x-scheme-handler/chrome=userapp-Firefox-91DVN3.desktop
application/x-extension-htm=userapp-Firefox-91DVN3.desktop
application/x-extension-html=userapp-Firefox-91DVN3.desktop
application/x-extension-shtml=userapp-Firefox-91DVN3.desktop
application/xhtml+xml=userapp-Firefox-91DVN3.desktop
application/x-extension-xhtml=userapp-Firefox-91DVN3.desktop
application/x-extension-xht=userapp-Firefox-91DVN3.desktop
[Added Associations]
application/json=emacs.desktop;
@@ -326,3 +333,6 @@ text/x-readme=emacs.desktop;
text/x-rst=emacs.desktop;
text/x-tex=emacs.desktop;
text/x-texinfo=emacs.desktop;
x-scheme-handler/http=userapp-Firefox-91DVN3.desktop;
x-scheme-handler/https=userapp-Firefox-91DVN3.desktop;
x-scheme-handler/chrome=userapp-Firefox-91DVN3.desktop;

8
dotfiles/desktop/.config/noctalia/plugins.json
View File

@@ -7,10 +7,6 @@
}
],
"states": {
"clipboard": {
"enabled": true,
"sourceUrl": "https://github.com/noctalia-dev/noctalia-plugins"
},
"clipper": {
"enabled": true,
"sourceUrl": "https://github.com/noctalia-dev/noctalia-plugins"
@@ -19,6 +15,10 @@
"enabled": true,
"sourceUrl": "https://github.com/noctalia-dev/noctalia-plugins"
},
"screenshot": {
"enabled": true,
"sourceUrl": "https://github.com/noctalia-dev/noctalia-plugins"
},
"usb-drive-manager": {
"enabled": true,
"sourceUrl": "https://github.com/noctalia-dev/noctalia-plugins"

38
dotfiles/desktop/.config/noctalia/plugins/clipper/settings.json
View File

@@ -38,7 +38,43 @@
"fg": "mOnError"
}
},
"customColors": {},
"customColors": {
"Text": {
"bg": "#555555",
"separator": "#000000",
"fg": "#e9e4f0"
},
"Image": {
"bg": "#e0b7c9",
"separator": "#000000",
"fg": "#20161f"
},
"Link": {
"bg": "#c7a1d8",
"separator": "#000000",
"fg": "#1a151f"
},
"Code": {
"bg": "#a984c4",
"separator": "#000000",
"fg": "#f3edf7"
},
"Color": {
"bg": "#a984c4",
"separator": "#000000",
"fg": "#f3edf7"
},
"Emoji": {
"bg": "#e0b7c9",
"separator": "#000000",
"fg": "#20161f"
},
"File": {
"bg": "#e9899d",
"separator": "#000000",
"fg": "#1e1418"
}
},
"enableTodoIntegration": true,
"autoOpenPinnedPanel": false,
"pincardsEnabled": true,

7
dotfiles/desktop/.config/opencode/opencode.json
View File

@@ -1,7 +0,0 @@
{
"$schema": "https://opencode.ai/config.json",
"instructions": [
"~/.config/opencode/bootstrap.md",
"~/.config/opencode/rules/safety.md"
]
}

9
dotfiles/desktop/.config/sway/config
View File

@@ -6,7 +6,7 @@ set $fallback_terminal st
include ~/.config/sway/host.conf
include ~/.config/sway/shell.conf
font pango:Hack Nerd Font 10
font pango:Liberation Mono 10
# Input and output defaults
seat seat0 xcursor_theme Yaru 24
@@ -166,4 +166,9 @@ mode "resize" {
bindsym $mod+r mode "resize"
include ~/.config/sway/noctalia
client.focused #4a90d9 #4a90d9 #ffffff #4a90d9 #4a90d9
client.focused_inactive #3a3a46 #2b2b36 #eeeeee #3a3a46 #3a3a46
client.unfocused #2b2b36 #1f1f28 #bcbcbc #2b2b36 #2b2b36
client.urgent #c7162b #c7162b #ffffff #c7162b #c7162b
client.placeholder #1f1f28 #1f1f28 #bcbcbc #1f1f28 #1f1f28
client.background #1f1f28

11
dotfiles/desktop/.config/systemd/user/emacs.service Normal file
View File

@@ -0,0 +1,11 @@
[Unit]
Description=Emacs daemon
[Service]
Type=simple
WorkingDirectory=%h
ExecStart=/usr/bin/emacs --fg-daemon
Restart=on-failure
[Install]
WantedBy=default.target

12
dotfiles/desktop/.config/systemd/user/rclone-pcloud.service Normal file
View File

@@ -0,0 +1,12 @@
[Unit]
Description=Mount pCloud remote with rclone
[Service]
Type=simple
ExecStart=/bin/sh -lc 'mkdir -p "$HOME/.cache/rclone/pcloud" "$HOME/Remotes/pCloud"; mountpoint -q "$HOME/Remotes/pCloud" && exit 0; exec /usr/bin/rclone mount pcloud: "$HOME/Remotes/pCloud" --config "$HOME/.config/rclone/rclone.conf" --cache-dir "$HOME/.cache/rclone/pcloud" --vfs-cache-mode writes --dir-cache-time 10m --poll-interval 1m --log-level INFO'
ExecStop=/bin/sh -lc 'mountpoint -q "$HOME/Remotes/pCloud" && exec /usr/bin/fusermount3 -u "$HOME/Remotes/pCloud" || exit 0'
Restart=on-failure
RestartSec=10
[Install]
WantedBy=default.target

13
dotfiles/desktop/.config/systemd/user/ssh-agent.service Normal file
View File

@@ -0,0 +1,13 @@
[Unit]
Description=SSH key agent
[Service]
Type=simple
Environment=SSH_AUTH_SOCK=%h/.local/state/ssh-agent/socket
ExecStartPre=/usr/bin/mkdir -p %h/.local/state/ssh-agent
ExecStartPre=/usr/bin/rm -f %h/.local/state/ssh-agent/socket
ExecStart=/usr/bin/ssh-agent -D -a %h/.local/state/ssh-agent/socket
Restart=on-failure
[Install]
WantedBy=default.target

10
dotfiles/desktop/.config/systemd/user/syncthing.service Normal file
View File

@@ -0,0 +1,10 @@
[Unit]
Description=Syncthing file synchronization
[Service]
Type=simple
ExecStart=/usr/bin/syncthing serve --no-browser --no-restart --logfile=default
Restart=on-failure
[Install]
WantedBy=default.target

3
dotfiles/desktop/.emacs.d/init.el
View File

@@ -45,8 +45,7 @@
'misc/rss
'misc/terminal
'misc/vcs
'misc/pdf
'misc/epub
'misc/documents
'misc/i3-config)
(message "...user configuration loaded")

4
dotfiles/desktop/.emacs.d/lisp/core/keybindings.el
View File

@@ -105,8 +105,8 @@
(define-key projectile-command-map (kbd "v") #'fscotto/project-multi-vterm)
(define-key projectile-command-map (kbd "V") nil)
(define-key projectile-command-map (kbd "x") #'fscotto/project-external-terminal)
(define-key projectile-command-map (kbd "a") #'fscotto/project-opencode-dwim)
(define-key projectile-command-map (kbd "A") #'fscotto/project-opencode-session)
(define-key projectile-command-map (kbd "a") #'fscotto/project-agent-dwim)
(define-key projectile-command-map (kbd "A") #'fscotto/project-agent-session)
(define-key projectile-command-map (kbd "g") #'fscotto/project-magit-status))
;;;; LSP

12
dotfiles/desktop/.emacs.d/lisp/core/ui.el
View File

@@ -1,14 +1,16 @@
;;; core-ui.el -*- lexical-binding: t; -*-
;; Load generated Noctalia theme.
(add-to-list 'custom-theme-load-path (expand-file-name "themes" user-emacs-directory))
(load-theme 'noctalia t)
;; Load default theme
(use-package nordic-night-theme
:ensure t
:config
(load-theme 'nordic-night t))
;; Setting default font
(set-frame-font "Hack Nerd Font 14" nil t)
(set-frame-font "Liberation Mono 14" nil t)
(add-to-list 'default-frame-alist
'(font . "Hack Nerd Font-14"))
'(font . "Liberation Mono-14"))
;; Remove toolbar
(tool-bar-mode -1)

19
dotfiles/desktop/.emacs.d/lisp/lang/json.el
View File

@@ -1,6 +1,23 @@
;;; json.el -*- lexical-binding: t -*-
(defun fscotto/json-maybe-start-lsp ()
"Start LSP for JSON buffers when lsp-mode is available."
(when (fboundp 'lsp-deferred)
(lsp-deferred)))
(use-package json-mode
:ensure t)
:ensure t
:mode
(("\\.json\\'" . json-mode)
("\\.jsonc\\'" . json-mode))
:hook
(json-mode . fscotto/json-maybe-start-lsp))
(with-eval-after-load 'json-ts-mode
(add-hook 'json-ts-mode-hook #'fscotto/json-maybe-start-lsp))
(with-eval-after-load 'jsonc-mode
(add-hook 'jsonc-mode-hook #'fscotto/json-maybe-start-lsp))
(provide 'json)

101
dotfiles/desktop/.emacs.d/lisp/misc/custom-functions.el
View File

@@ -1,4 +1,5 @@
;;functions to support syncing .elfeed between machines
(require 'seq)
(require 'subr-x)
;;makes sure elfeed reads index from disk before launching
(defvar fscotto/elfeed-initial-update-done nil
"Non-nil once Elfeed has triggered its first automatic update this session.")
@@ -128,16 +129,24 @@ Each entry is a cons cell of display string and session id."
"Return the latest saved OpenCode session id for the current project."
(cdr (car (fscotto/opencode-session-candidates (fscotto/project-root)))))
(defun fscotto/project-opencode-dwim ()
"Open the most useful OpenCode session for the current project.
Resume the latest saved session when available, otherwise create a new one."
(defun fscotto/project-agent-dwim ()
"Choose an agent for the current project and launch it externally."
(interactive)
(let ((session-id (fscotto/project-opencode-latest-session-id)))
(if session-id
(fscotto/launch-external-terminal (list "opencode" "--session" session-id)
(fscotto/project-root))
(fscotto/project-opencode))))
(let ((agent (completing-read "Agent: " '("Claude" "Codex" "Gemini" "OpenCode") nil t)))
(pcase agent
("Claude"
(fscotto/launch-external-terminal '("claude" "--continue")))
("OpenCode"
(let ((session-id (fscotto/project-opencode-latest-session-id)))
(if session-id
(fscotto/launch-external-terminal (list "opencode" "--session" session-id)
(fscotto/project-root))
(fscotto/project-opencode))))
("Codex"
(fscotto/launch-external-terminal '("codex" "resume" "--last")))
("Gemini"
(fscotto/launch-external-terminal '("gemini" "--resume" "latest")
(fscotto/project-root))))))
(defun fscotto/project-opencode-session ()
"Resume a saved OpenCode session for the current project."
@@ -151,6 +160,78 @@ Resume the latest saved session when available, otherwise create a new one."
(fscotto/launch-external-terminal (list "opencode" "--session" session-id)
project-directory))))
(defun fscotto/gemini-session-candidates (directory)
"Return Gemini session candidates for DIRECTORY.
Each entry is a cons cell of display string and session index.
Tries JSON output first, falls back to text parsing if unavailable."
(let* ((default-directory (file-name-as-directory directory))
(json-output (shell-command-to-string
"gemini --list-sessions --output-format json 2>/dev/null")))
(cond
((string-match "^{" json-output)
(ignore-errors
(require 'json)
(let* ((parsed (json-parse-string json-output))
(sessions (gethash "sessions" parsed)))
(when (vectorp sessions)
(seq-map-indexed
(lambda (s idx)
(let* ((idx-str (number-to-string (1+ idx)))
(msg (if (hash-table-p s)
(or (gethash "firstUserMessage" s) "Session")
"Session"))
(ts (and (hash-table-p s)
(ignore-errors (gethash "lastUpdated" s))
(when (stringp it) (string-trim it))))
(label (if ts (format "%s [%s]" msg ts) msg)))
(cons label idx-str)))
sessions)))))
(t
(let* ((output (shell-command-to-string "gemini --list-sessions"))
(lines (seq-filter (lambda (s) (string-match "\\S-" s))
(split-string output "\n" t)))
(data-lines (seq-drop lines 1))
(candidates nil))
(dolist (line data-lines)
(let ((trimmed (string-trim line)))
(when (string-match
(rx (group (one-or-more digit))
(one-or-more whitespace)
(group (one-or-more nonl)))
trimmed)
(push (cons (match-string 2 trimmed)
(match-string 1 trimmed))
candidates))))
(nreverse candidates))))))
(defun fscotto/project-gemini-session ()
"Choose and resume a Gemini session for the current project."
(interactive)
(let* ((project-directory (fscotto/project-root))
(candidates (fscotto/gemini-session-candidates project-directory)))
(unless candidates
(user-error "No Gemini sessions found for %s" project-directory))
(let* ((selection (completing-read "Gemini session: " candidates nil t))
(session-idx (cdr (assoc selection candidates))))
(fscotto/launch-external-terminal
(list "gemini" "--resume" session-idx)
project-directory))))
(defun fscotto/project-agent-session ()
"Choose an agent and resume a saved session for the current project."
(interactive)
(let ((agent (completing-read "Agent session: " '("Claude" "Codex" "Gemini" "OpenCode") nil t)))
(pcase agent
("Claude"
(fscotto/launch-external-terminal '("claude" "--resume")))
("OpenCode"
(fscotto/project-opencode-session))
("Codex"
(fscotto/launch-external-terminal '("codex" "resume")))
("Gemini"
(fscotto/project-gemini-session)))))
(defun fscotto/project-external-terminal ()
"Open the external terminal in project root."
(interactive)

39
dotfiles/desktop/.emacs.d/lisp/misc/documents.el Normal file
View File

@@ -0,0 +1,39 @@
;;; documents.el -*- lexical-binding: t; -*-
(use-package pdf-tools
:ensure t
:config
(pdf-tools-install))
(use-package pdf-view
:config
(setq-default pdf-view-display-size 'fit-width)
(setq pdf-cache-org-imgparams t
pdf-view-use-smooth-scrolling t)
(setq pdf-annot-default-visible-properties t))
(with-eval-after-load 'pdf-view
(define-key pdf-view-mode-map (kbd "n") 'pdf-view-next-page)
(define-key pdf-view-mode-map (kbd "p") 'pdf-view-previous-page)
(define-key pdf-view-mode-map (kbd "q") 'pdf-view-close))
(use-package nov
:ensure t
:mode ("\\.epub\\'" . nov-mode))
(use-package calibre
:ensure t
:commands calibre-library
:config
(setq calibre-calibredb-executable
(or (executable-find "calibredb")
(let ((flatpak-wrapper (expand-file-name "~/.local/bin/calibredb")))
(when (file-executable-p flatpak-wrapper)
flatpak-wrapper))
"calibredb")
calibre-libraries
`(("Library" . ,(expand-file-name "~/Documents/Library")))))
(provide 'misc/documents)
;;; documents.el ends here

3
dotfiles/desktop/.emacs.d/lisp/misc/epub.el
View File

@@ -1,3 +0,0 @@
(use-package nov
:ensure t
:mode ("\\.epub\\'" . nov-mode))

22
dotfiles/desktop/.emacs.d/lisp/misc/pdf.el
View File

@@ -1,22 +0,0 @@
;;; pdf.el -*- lexical-binding: t; -*-
(use-package pdf-tools
:ensure t
:config
(pdf-tools-install))
(use-package pdf-view
:config
(setq-default pdf-view-display-size 'fit-width)
(setq pdf-cache-org-imgparams t
pdf-view-use-smooth-scrolling t)
(setq pdf-annot-default-visible-properties t))
(with-eval-after-load 'pdf-view
(define-key pdf-view-mode-map (kbd "n") 'pdf-view-next-page)
(define-key pdf-view-mode-map (kbd "p") 'pdf-view-previous-page)
(define-key pdf-view-mode-map (kbd "q") 'pdf-view-close))
(provide 'misc/pdf)
;;; pdf.el ends here

4
dotfiles/desktop/.emacs.d/lisp/misc/which-key.el
View File

@@ -145,8 +145,8 @@
"C-c p t" "Test"
"C-c p v" "Open multi-vterm in project"
"C-c p x" "Open external term"
"C-c p a" "OpenCode (dwim)"
"C-c p A" "Choose OpenCode session"
"C-c p a" "Choose agent"
"C-c p A" "Choose agent session"
"C-c p e" "Edit project config"
"C-c p g" "Project Git status"
"C-c p 4" "Other Window"

3
dotfiles/desktop/.gnupg/gpg-agent.arch.conf Normal file
View File

@@ -0,0 +1,3 @@
pinentry-program /usr/bin/pinentry-gnome3
default-cache-ttl 600
max-cache-ttl 7200

2
dotfiles/desktop/.local/bin/calibredb Executable file
View File

@@ -0,0 +1,2 @@
#!/bin/sh
exec flatpak run --command=calibredb com.calibre_ebook.calibre "$@"

22
dotfiles/desktop/.local/bin/run-gufw
View File

@@ -1,22 +0,0 @@
#!/usr/bin/env sh
set -eu
if [ -z "${DISPLAY:-}" ]; then
printf 'Error: DISPLAY is not set; cannot launch gufw under Xwayland.\n' >&2
exit 1
fi
if ! command -v xhost >/dev/null 2>&1; then
printf 'Error: xhost is required to launch gufw from a Wayland session.\n' >&2
exit 1
fi
cleanup() {
xhost -si:localuser:root >/dev/null 2>&1 || true
}
trap cleanup EXIT INT TERM HUP
xhost si:localuser:root >/dev/null
exec gufw "$@"

10
dotfiles/desktop/.local/bin/setup-gtk-theme
View File

@@ -1,13 +1,15 @@
#!/bin/sh
ICONS="Yaru-orange-dark"
THEME="Yaru-blue-dark"
ICONS="Yaru-blue-dark"
CURSOR="Yaru"
FONT_UI="Noto Sans 10"
FONT_UI="Liberation Sans 10"
mkdir -p "$HOME/.config/gtk-3.0"
mkdir -p "$HOME/.config/gtk-4.0"
cat > "$HOME/.gtkrc-2.0" <<EOF
gtk-theme-name="$THEME"
gtk-icon-theme-name="$ICONS"
gtk-cursor-theme-name="$CURSOR"
gtk-font-name="$FONT_UI"
@@ -17,6 +19,7 @@ EOF
cat > "$HOME/.config/gtk-3.0/settings.ini" <<EOF
[Settings]
gtk-theme-name=$THEME
gtk-icon-theme-name=$ICONS
gtk-cursor-theme-name=$CURSOR
gtk-font-name=$FONT_UI
@@ -29,6 +32,7 @@ EOF
cat > "$HOME/.config/gtk-4.0/settings.ini" <<EOF
[Settings]
gtk-theme-name=$THEME
gtk-icon-theme-name=$ICONS
gtk-cursor-theme-name=$CURSOR
gtk-font-name=$FONT_UI
@@ -36,8 +40,8 @@ gtk-application-prefer-dark-theme=1
EOF
if command -v gsettings >/dev/null 2>&1; then
gsettings set org.gnome.desktop.interface gtk-theme "$THEME" >/dev/null 2>&1 || true
gsettings set org.gnome.desktop.interface icon-theme "$ICONS" >/dev/null 2>&1 || true
gsettings set org.gnome.desktop.interface cursor-theme "$CURSOR" >/dev/null 2>&1 || true
gsettings set org.gnome.desktop.interface font-name "$FONT_UI" >/dev/null 2>&1 || true
gsettings set org.gnome.desktop.interface color-scheme prefer-dark >/dev/null 2>&1 || true
fi

13
dotfiles/desktop/.local/share/applications/gufw.desktop
View File

@@ -1,13 +0,0 @@
[Desktop Entry]
Version=1.0
Type=Application
Name=Firewall Configuration
Comment=An easy way to configure your firewall
Keywords=gufw;security;firewall;network;
Categories=GNOME;GTK;Settings;Security;X-GNOME-Settings-Panel;X-GNOME-SystemSettings;X-Unity-Settings-Panel;X-XFCE-SettingsDialog;X-XFCE-SystemSettings;
Exec=/home/fscotto/.local/bin/run-gufw
Icon=gufw
Terminal=false
X-GNOME-Settings-Panel=gufw
X-Unity-Settings-Panel=gufw
X-Ubuntu-Gettext-Domain=gufw

4
dotfiles/desktop/.ssh/config
View File

@@ -1,4 +1,8 @@
Host vps
IdentityFile ~/.ssh/id_rsa_vps
Host *
IdentityFile ~/.ssh/id_ed25519
ControlMaster auto
ControlPath ~/.local/state/ssh/sockets/%r@%h-%p
ControlPersist 600

BIN
dotfiles/desktop/Pictures/Wallpapers/star-wars-trio.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 134 KiB

2
dotfiles/nymph/.config/sway/session-env
View File

@@ -1,6 +1,4 @@
export LIBVA_DRIVER_NAME=iHD
export QT_QPA_PLATFORM=wayland
export QT_QPA_PLATFORMTHEME=qt6ct
export SWAY_UNSUPPORTED_GPU=1
export WLR_DRM_DEVICES=/dev/dri/card0:/dev/dri/card1
export WLR_NO_HARDWARE_CURSORS=1

16
scripts/bootstrap_mail.sh
View File

@@ -198,8 +198,20 @@ parse_secret_lookup_args() {
resolve_dbus_session_bus_address() {
if [ -n "${DBUS_SESSION_BUS_ADDRESS:-}" ]; then
printf '%s\n' "$DBUS_SESSION_BUS_ADDRESS"
return 0
case "$DBUS_SESSION_BUS_ADDRESS" in
unix:path=*)
_path=${DBUS_SESSION_BUS_ADDRESS#unix:path=}
_path=${_path%%,*}
if [ -S "$_path" ]; then
printf '%s\n' "$DBUS_SESSION_BUS_ADDRESS"
return 0
fi
;;
unix:abstract=*)
printf '%s\n' "$DBUS_SESSION_BUS_ADDRESS"
return 0
;;
esac
fi
if [ -f "$HOME/.dbus-session-bus-address" ]; then

242
scripts/cleanup_i3_after_sway_migration.sh
View File

@@ -1,242 +0,0 @@
#!/usr/bin/env sh
set -eu
APPLY=0
AGGRESSIVE=0
SAFE_PACKAGES="
arandr
autorandr
feh
i3
i3blocks
i3blocks-blocklets
i3lock-color
i3status
scrot
setxkbmap
volumeicon
xclip
xkbutils
xorg-fonts
xorg-minimal
xss-lock
"
AGGRESSIVE_PACKAGES="
dunst
rofi
blueman
network-manager-applet
xfce-polkit
xfce4-clipman-plugin
xfce4-screenshooter
"
SAFE_PATHS="
$HOME/.config/i3
$HOME/.config/i3blocks
$HOME/.config/autorandr
$HOME/.xinitrc
"
AGGRESSIVE_PATHS="
$HOME/.config/dunst
$HOME/.config/rofi
"
usage() {
cat <<'EOF'
Usage: cleanup_i3_after_sway_migration.sh [--apply] [--aggressive]
One-shot cleanup for removing i3/X11-only packages and dotfiles after a host
has already migrated to SwayFX + Noctalia.
Options:
--apply perform the cleanup for real
--aggressive also remove extra desktop apps/configs that were mainly useful
in the old i3 setup (dunst, rofi, blueman, etc.)
-h, --help show this help
Default mode is dry-run.
EOF
}
have_command() {
command -v "$1" >/dev/null 2>&1
}
require_sway_noctalia() {
if [ ! -f "$HOME/.config/sway/config" ]; then
printf 'Error: Sway config not found at %s\n' "$HOME/.config/sway/config" >&2
exit 1
fi
if [ ! -f "$HOME/.config/noctalia/settings.json" ]; then
printf 'Error: Noctalia settings not found at %s\n' "$HOME/.config/noctalia/settings.json" >&2
exit 1
fi
}
append_lines() {
src_lines=$1
dst_var=$2
for line in $src_lines; do
line=$(printf '%s' "$line" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
[ -n "$line" ] || continue
case "$dst_var" in
PACKAGES)
PACKAGES="$PACKAGES $line"
;;
PATHS)
PATHS="$PATHS $line"
;;
*)
printf 'Error: unsupported destination list: %s\n' "$dst_var" >&2
exit 1
;;
esac
done
}
filter_installed_packages() {
packages=$1
installed=''
for pkg in $packages; do
pkg=$(printf '%s' "$pkg" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
[ -n "$pkg" ] || continue
if xbps-query -s "$pkg" >/dev/null 2>&1; then
installed="$installed $pkg"
fi
done
printf '%s' "$installed"
}
filter_existing_paths() {
paths=$1
existing=''
for path in $paths; do
path=$(printf '%s' "$path" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
[ -n "$path" ] || continue
if [ -e "$path" ] || [ -L "$path" ]; then
existing="$existing $path"
fi
done
printf '%s' "$existing"
}
print_section() {
title=$1
items=$2
printf '%s\n' "$title"
if [ -z "$items" ]; then
printf ' (none)\n'
return
fi
for item in $items; do
item=$(printf '%s' "$item" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
[ -n "$item" ] || continue
printf ' - %s\n' "$item"
done
}
confirm_apply() {
printf 'Proceed with i3 cleanup? [y/N] '
IFS= read -r answer
case "$answer" in
y|Y|yes|YES)
;;
*)
printf 'Aborted.\n'
exit 0
;;
esac
}
run_remove_packages() {
packages=$1
[ -n "$packages" ] || return 0
if [ "$(id -u)" -eq 0 ]; then
xbps-remove -R $packages
elif have_command sudo; then
sudo xbps-remove -R $packages
else
printf 'Error: package removal requires root and sudo was not found.\n' >&2
exit 1
fi
}
run_remove_paths() {
paths=$1
[ -n "$paths" ] || return 0
for path in $paths; do
path=$(printf '%s' "$path" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
[ -n "$path" ] || continue
rm -rf "$path"
done
}
while [ $# -gt 0 ]; do
case "$1" in
--apply)
APPLY=1
;;
--aggressive)
AGGRESSIVE=1
;;
-h|--help)
usage
exit 0
;;
*)
printf 'Error: unknown argument: %s\n\n' "$1" >&2
usage >&2
exit 1
;;
esac
shift
done
require_sway_noctalia
PACKAGES=''
PATHS=''
append_lines "$SAFE_PACKAGES" PACKAGES
append_lines "$SAFE_PATHS" PATHS
if [ "$AGGRESSIVE" -eq 1 ]; then
append_lines "$AGGRESSIVE_PACKAGES" PACKAGES
append_lines "$AGGRESSIVE_PATHS" PATHS
fi
INSTALLED_PACKAGES=$(filter_installed_packages "$PACKAGES")
EXISTING_PATHS=$(filter_existing_paths "$PATHS")
printf 'Mode: %s\n' "$( [ "$APPLY" -eq 1 ] && printf 'apply' || printf 'dry-run' )"
printf 'Aggressive cleanup: %s\n\n' "$( [ "$AGGRESSIVE" -eq 1 ] && printf 'yes' || printf 'no' )"
print_section 'Packages to remove:' "$INSTALLED_PACKAGES"
printf '\n'
print_section 'Paths to remove:' "$EXISTING_PATHS"
if [ "$APPLY" -ne 1 ]; then
printf '\nDry-run only. Re-run with --apply to perform the cleanup.\n'
exit 0
fi
confirm_apply
run_remove_packages "$INSTALLED_PACKAGES"
run_remove_paths "$EXISTING_PATHS"
printf '\nCleanup complete.\n'

Some files were not shown because too many files have changed in this diff Show More