Jika/system-spec
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add ansible playbook for base pacakge and config

Browse Source
This commit is contained in:
Jika
2026-01-26 14:49:08 +01:00
parent d0f046b43c
commit bd53301f46
8 changed files with 330 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
DECISIONS.md
View File

@@ -1,3 +1,7 @@
# DECISIONS
This document some decisions made for the system setup
# Why archinstall ?
# Why Grub ?

19
README.md
View File

@@ -1,6 +1,7 @@
# System specification
The goal of this repository is to document and codify my system setup.
The goal of this repository is to document and codify my system setup so i dont have to wonder what is
the thing I installed that does that or what did I change in the config for it to work.
This repository defines:
- how a system is bootstrapped
@@ -12,18 +13,22 @@ This repository defines:
After writing the [iso](https://archlinux.org/download/) file to a bootable media and booted on the device, archinstall can be used with the profile located in the `installer` directory. It will create the minimal setup for ansible to work on.
Some helper:
```bash
loadkeys be-latin1 #load the belgian keyboard keys
curl -fLO https://git.jika.li/Jika/system-spec/archive/master.tar.gz
loadkeys be-latin1 # load the belgian keyboard keys
curl -fsL https://git.jika.li/Jika/system-spec/archive/master.tar.gz | tar -xz # download repo archive and extract
cd system-spec/installer && ./patch-disk-config.sh /dev/disk # patch the arch install config with wanted disk as root
archinstall --config user_config.json --creds user_cred.json # check config and then launch the install
```
## Ansible replication
```bash
./install_ansible_aur.sh
ansible-playbook -K base_install.yml
```
## Personal config
For using the install script via ssh first put key (`ssh-keygen`) on gitea.
See dotfiles [repo]()

17
ansible/README.md
View File

@@ -1,3 +1,20 @@
# Ansible
Ansible is used to easily replicate most of the system
## How to use
Install needed collections:
```bash
./install_ansible_aur.sh
```
Install packages and base config:
```bash
ansible-playbook -K base_install.yml
```
Override GPU vendor:
```bash
ansible-playbook -K base_install.yml -e gpu_vendor=intel
```

170
ansible/base_install.yml Normal file
View File

@@ -0,0 +1,170 @@
- name: Gather facts as login user
hosts: localhost
gather_facts: true
become: false
- name: Install packages and base configuration
gather_facts: false
hosts: localhost
become: true
vars_files:
- vars/packages.yml
# Select GPU via:
# -e gpu_vendor=amd|intel|nvidia
# Default: amd
vars:
selected_gpu_vendor: "{{ gpu_vendor | default('amd') }}"
aur_builder: aurbuild
wants_dir: "/home/{{ ansible_facts['user_id'] }}/.config/systemd/user/default.target.wants"
tasks:
- name: Validate gpu_vendor (amd/intel/nvidia)
ansible.builtin.assert:
that:
- selected_gpu_vendor in gpu_driver_sets.keys()
fail_msg: "gpu_vendor must be one of: {{ gpu_driver_sets.keys() | list }}"
- name: Compute flattened package list from all categories + selected GPU set
ansible.builtin.set_fact:
all_category_packages: >-
{{
(
pkgsets
| dict2items
| map(attribute='value')
| list
| flatten
)
+ gpu_driver_sets[selected_gpu_vendor]
}}
pacman_packages: "{{ all_category_packages | unique }}"
- name: Install official repo packages
community.general.pacman:
name: "{{ pacman_packages }}"
state: present
update_cache: true
# Install rustup and cargo to build paru
- name: Check if rustup default toolchain is installed
ansible.builtin.command: rustup toolchain list
register: rustup_toolchains
changed_when: false
failed_when: false
become: false
- name: Install stable Rust toolchain via rustup
ansible.builtin.command:
cmd: rustup default stable
become: false
when: "'stable' not in rustup_toolchains.stdout"
register: result
changed_when: result.rc == 0
- name: Create temporary AUR builder user
ansible.builtin.user:
name: "{{ aur_builder }}"
create_home: true
shell: /bin/bash
- name: Allow temporary builder to use pacman without password
ansible.builtin.copy:
dest: "/etc/sudoers.d/{{ aur_builder }}-pacman"
content: "{{ aur_builder }} ALL=(ALL) NOPASSWD: /usr/bin/pacman\n"
owner: root
group: root
mode: "0440"
validate: "visudo -cf %s"
- name: Install AUR packages
become: true
become_user: "{{ aur_builder }}"
kewlfft.aur.aur:
name: "{{ aur_packages }}"
state: present
update_cache: true
- name: Remove sudoers entry for temporary builder
ansible.builtin.file:
path: "/etc/sudoers.d/{{ aur_builder }}-pacman"
state: absent
- name: Remove temporary AUR builder user and home directory
ansible.builtin.user:
name: "{{ aur_builder }}"
state: absent
remove: true
## Post install config
- name: Ensure groups exist
ansible.builtin.group:
name: "{{ item }}"
state: present
loop:
- video
- seat
- name: Add current user to video and seat groups
ansible.builtin.user:
name: "{{ ansible_facts['user_id'] }}"
groups: "video,seat"
append: true
- name: Set default shell to zsh
ansible.builtin.user:
name: "{{ ansible_facts['user_id'] }}"
shell: /bin/zsh
- name: Enable and start sshd
ansible.builtin.systemd:
name: sshd.service
enabled: true
state: started
- name: Enable and start seatd
ansible.builtin.systemd:
name: seatd.service
enabled: true
state: started
- name: Enable lemurs
ansible.builtin.systemd:
name: lemurs.service
enabled: true
- name: Enable lingering for current user (user services at boot)
ansible.builtin.command: "loginctl enable-linger {{ ansible_facts['user_id'] }}"
changed_when: false
failed_when: false
- name: Ensure systemd user wants dir exists
ansible.builtin.file:
path: "{{ wants_dir }}"
state: directory
mode: "0755"
owner: "{{ ansible_facts['user_id'] }}"
group: "{{ ansible_facts['user_id'] }}"
- name: Enable pipewire-pulse user units
ansible.builtin.file:
src: "/usr/lib/systemd/user/{{ item }}"
dest: "{{ wants_dir }}/{{ item }}"
state: link
force: true
loop:
- pipewire-pulse.service
- pipewire-pulse.socket
- name: Ensure SSH config entry for git.jika.li
ansible.builtin.blockinfile:
path: "/home/{{ ansible_facts['user_id'] }}/.ssh/config"
create: true
owner: "{{ ansible_facts['user_id'] }}"
group: "{{ ansible_facts['user_id'] }}"
mode: '0600'
marker: "# {mark} ANSIBLE "
block: |
Host git.jika.li
Port 2233

19
ansible/install_ansible_aur.sh Executable file
View File

@@ -0,0 +1,19 @@
#! /bin/bash
set -euo pipefail
repo="kewlfft/ansible-aur"
tmp="$(mktemp -d)"
# Get the tarball URL for the latest release
tarball_url="$(curl -fsSL "https://api.github.com/repos/${repo}/releases/latest" \
| sed -n 's/.*"tarball_url":[[:space:]]*"\([^"]*\)".*/\1/p')"
curl -fL "$tarball_url" -o "$tmp/src.tgz"
tar -xzf "$tmp/src.tgz" -C "$tmp"
srcdir="$(find "$tmp" -mindepth 1 -maxdepth 1 -type d | head -n1)"
cd "$srcdir"
ansible-galaxy collection build --force
ansible-galaxy collection install --force ./kewlfft-aur-*.tar.gz

87
ansible/vars/packages.yml Normal file
View File

@@ -0,0 +1,87 @@
pkgsets:
base:
- debugedit
- fakeroot
- base-devel
networking:
- openresolv
- wireguard-tools
- wpa_supplicant
- wireless_tools
- openssh
audio_media:
- mpv
- wiremix
- pipewire
- pipewire-alsa
- pipewire-jack
- pipewire-pulse
- wireplumber
- gst-plugin-pipewire
wayland_sway:
- lemurs
- sway
- swaybg
- swayidle
- swaylock
- waybar
- grim
- slurp
- wl-clipboard
- rofi
- wev
- seatd
- xorg-xwayland
shell_terminal_ux:
- zsh
- alacritty
- kitty
- ttf-jetbrains-mono-nerd
- ueberzugpp
cli_utilities:
- vim
- neovim
- bat
- eza
- fd
- ripgrep
- jq
- htop
- wget
- yazi
- dust
- dysk
- brightnessctl
dev_build:
- rustup
- gitui
- yarn
- lua51
- luarocks
- chezmoi
applications:
- firefox
- libreoffice-fresh
gpu_driver_sets:
amd:
- vulkan-radeon
- xf86-video-amdgpu
- xf86-video-ati
intel:
- vulkan-intel
- intel-media-driver
- libva-intel-driver
nvidia:
- vulkan-nouveau
- xf86-video-nouveau
aur_packages:
- paru
- xcursor-breeze-serie-obsidian

31
installer/README.md
View File

@@ -4,24 +4,33 @@ The goal of archinstall is to easily and reproducibly create a minimal arch inst
Ansible is then used to do the heavy lifting.
The `./patch-disk-config.sh` scripts goal is to help <ith disk setup. More information inside it.
The `./patch-disk-config.sh` scripts goal is to help with disk setup. More information inside the script.
## VM <-> Host file transfer (QEMU user networking)
## VM -> Host file transfer (QEMU user networking)
With QEMU user-mode networking (`10.0.2.0/24`), the host cannot initiate connections to the VM. File transfer therefore works by having the **receiver listen** and the **sender connect** using `nc`.
When using QEMU user-mode networking (`10.0.2.0/24`), the host cannot reach the VM directly.
To transfer files from the VM to the host, use `nc`.
`10.0.2.2` is the host address from inside the VM.
On the host (receive):
### VM -> Host (send from VM, receive on host)
Host (receive):
```sh
nc -l -p 8001 > archinstall.json
````
On the VM (send):
nc -l 8001 > archinstall.json
```
VM (send):
```sh
nc 10.0.2.2 8001 < /root/archinstall.json
```
`10.0.2.2` is the host address in QEMU user networking.
### Host -> VM (send from host, receive on VM)
Host (send):
```sh
nc -l 8002 < archinstall.json
```
VM (receive):
```sh
nc 10.0.2.2 8002 > /root/archinstall.json
```

2
installer/user_config_base.json
View File

@@ -119,7 +119,7 @@
"ntp": true,
"packages": [
"git",
"ansible-core"
"ansible"
],
"parallel_downloads": 0,
"script": null,