diff --git a/DECISIONS.md b/DECISIONS.md index 301cf85..b208e66 100644 --- a/DECISIONS.md +++ b/DECISIONS.md @@ -1,3 +1,7 @@ # DECISIONS This document some decisions made for the system setup + +# Why archinstall ? + +# Why Grub ? diff --git a/README.md b/README.md index 2ad24d5..6d3a037 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,7 @@ # System specification -The goal of this repository is to document and codify my system setup. +The goal of this repository is to document and codify my system setup so i dont have to wonder what is +the thing I installed that does that or what did I change in the config for it to work. This repository defines: - how a system is bootstrapped @@ -12,18 +13,22 @@ This repository defines: After writing the [iso](https://archlinux.org/download/) file to a bootable media and booted on the device, archinstall can be used with the profile located in the `installer` directory. It will create the minimal setup for ansible to work on. -Some helper: ```bash -loadkeys be-latin1 #load the belgian keyboard keys -curl -fLO https://git.jika.li/Jika/system-spec/archive/master.tar.gz +loadkeys be-latin1 # load the belgian keyboard keys +curl -fsL https://git.jika.li/Jika/system-spec/archive/master.tar.gz | tar -xz # download repo archive and extract +cd system-spec/installer && ./patch-disk-config.sh /dev/disk # patch the arch install config with wanted disk as root +archinstall --config user_config.json --creds user_cred.json # check config and then launch the install ``` ## Ansible replication +```bash +./install_ansible_aur.sh +ansible-playbook -K base_install.yml +``` ## Personal config +For using the install script via ssh first put key (`ssh-keygen`) on gitea. + See dotfiles [repo]() - - - diff --git a/ansible/README.md b/ansible/README.md index 2081d50..4310832 100644 --- a/ansible/README.md +++ b/ansible/README.md @@ -1,3 +1,20 @@ # Ansible Ansible is used to easily replicate most of the system + + +## How to use + +Install needed collections: +```bash +./install_ansible_aur.sh +``` + +Install packages and base config: +```bash +ansible-playbook -K base_install.yml +``` +Override GPU vendor: +```bash +ansible-playbook -K base_install.yml -e gpu_vendor=intel +``` diff --git a/ansible/base_install.yml b/ansible/base_install.yml new file mode 100644 index 0000000..8bcca7d --- /dev/null +++ b/ansible/base_install.yml @@ -0,0 +1,170 @@ +- name: Gather facts as login user + hosts: localhost + gather_facts: true + become: false + +- name: Install packages and base configuration + gather_facts: false + hosts: localhost + become: true + + vars_files: + - vars/packages.yml + + # Select GPU via: + # -e gpu_vendor=amd|intel|nvidia + # Default: amd + vars: + selected_gpu_vendor: "{{ gpu_vendor | default('amd') }}" + aur_builder: aurbuild + wants_dir: "/home/{{ ansible_facts['user_id'] }}/.config/systemd/user/default.target.wants" + + tasks: + - name: Validate gpu_vendor (amd/intel/nvidia) + ansible.builtin.assert: + that: + - selected_gpu_vendor in gpu_driver_sets.keys() + fail_msg: "gpu_vendor must be one of: {{ gpu_driver_sets.keys() | list }}" + + - name: Compute flattened package list from all categories + selected GPU set + ansible.builtin.set_fact: + all_category_packages: >- + {{ + ( + pkgsets + | dict2items + | map(attribute='value') + | list + | flatten + ) + + gpu_driver_sets[selected_gpu_vendor] + }} + pacman_packages: "{{ all_category_packages | unique }}" + + - name: Install official repo packages + community.general.pacman: + name: "{{ pacman_packages }}" + state: present + update_cache: true + + # Install rustup and cargo to build paru + - name: Check if rustup default toolchain is installed + ansible.builtin.command: rustup toolchain list + register: rustup_toolchains + changed_when: false + failed_when: false + become: false + + - name: Install stable Rust toolchain via rustup + ansible.builtin.command: + cmd: rustup default stable + become: false + when: "'stable' not in rustup_toolchains.stdout" + register: result + changed_when: result.rc == 0 + + - name: Create temporary AUR builder user + ansible.builtin.user: + name: "{{ aur_builder }}" + create_home: true + shell: /bin/bash + + - name: Allow temporary builder to use pacman without password + ansible.builtin.copy: + dest: "/etc/sudoers.d/{{ aur_builder }}-pacman" + content: "{{ aur_builder }} ALL=(ALL) NOPASSWD: /usr/bin/pacman\n" + owner: root + group: root + mode: "0440" + validate: "visudo -cf %s" + + - name: Install AUR packages + become: true + become_user: "{{ aur_builder }}" + kewlfft.aur.aur: + name: "{{ aur_packages }}" + state: present + update_cache: true + + - name: Remove sudoers entry for temporary builder + ansible.builtin.file: + path: "/etc/sudoers.d/{{ aur_builder }}-pacman" + state: absent + + - name: Remove temporary AUR builder user and home directory + ansible.builtin.user: + name: "{{ aur_builder }}" + state: absent + remove: true + + ## Post install config + - name: Ensure groups exist + ansible.builtin.group: + name: "{{ item }}" + state: present + loop: + - video + - seat + + - name: Add current user to video and seat groups + ansible.builtin.user: + name: "{{ ansible_facts['user_id'] }}" + groups: "video,seat" + append: true + + - name: Set default shell to zsh + ansible.builtin.user: + name: "{{ ansible_facts['user_id'] }}" + shell: /bin/zsh + + - name: Enable and start sshd + ansible.builtin.systemd: + name: sshd.service + enabled: true + state: started + + - name: Enable and start seatd + ansible.builtin.systemd: + name: seatd.service + enabled: true + state: started + + - name: Enable lemurs + ansible.builtin.systemd: + name: lemurs.service + enabled: true + + - name: Enable lingering for current user (user services at boot) + ansible.builtin.command: "loginctl enable-linger {{ ansible_facts['user_id'] }}" + changed_when: false + failed_when: false + + - name: Ensure systemd user wants dir exists + ansible.builtin.file: + path: "{{ wants_dir }}" + state: directory + mode: "0755" + owner: "{{ ansible_facts['user_id'] }}" + group: "{{ ansible_facts['user_id'] }}" + + - name: Enable pipewire-pulse user units + ansible.builtin.file: + src: "/usr/lib/systemd/user/{{ item }}" + dest: "{{ wants_dir }}/{{ item }}" + state: link + force: true + loop: + - pipewire-pulse.service + - pipewire-pulse.socket + + - name: Ensure SSH config entry for git.jika.li + ansible.builtin.blockinfile: + path: "/home/{{ ansible_facts['user_id'] }}/.ssh/config" + create: true + owner: "{{ ansible_facts['user_id'] }}" + group: "{{ ansible_facts['user_id'] }}" + mode: '0600' + marker: "# {mark} ANSIBLE " + block: | + Host git.jika.li + Port 2233 diff --git a/ansible/install_ansible_aur.sh b/ansible/install_ansible_aur.sh new file mode 100755 index 0000000..c1f2490 --- /dev/null +++ b/ansible/install_ansible_aur.sh @@ -0,0 +1,19 @@ +#! /bin/bash + +set -euo pipefail + +repo="kewlfft/ansible-aur" +tmp="$(mktemp -d)" + +# Get the tarball URL for the latest release +tarball_url="$(curl -fsSL "https://api.github.com/repos/${repo}/releases/latest" \ + | sed -n 's/.*"tarball_url":[[:space:]]*"\([^"]*\)".*/\1/p')" + +curl -fL "$tarball_url" -o "$tmp/src.tgz" +tar -xzf "$tmp/src.tgz" -C "$tmp" + +srcdir="$(find "$tmp" -mindepth 1 -maxdepth 1 -type d | head -n1)" +cd "$srcdir" + +ansible-galaxy collection build --force +ansible-galaxy collection install --force ./kewlfft-aur-*.tar.gz diff --git a/ansible/vars/packages.yml b/ansible/vars/packages.yml new file mode 100644 index 0000000..2d9600e --- /dev/null +++ b/ansible/vars/packages.yml @@ -0,0 +1,87 @@ +pkgsets: + base: + - debugedit + - fakeroot + - base-devel + networking: + - openresolv + - wireguard-tools + - wpa_supplicant + - wireless_tools + - openssh + + audio_media: + - mpv + - wiremix + - pipewire + - pipewire-alsa + - pipewire-jack + - pipewire-pulse + - wireplumber + - gst-plugin-pipewire + + wayland_sway: + - lemurs + - sway + - swaybg + - swayidle + - swaylock + - waybar + - grim + - slurp + - wl-clipboard + - rofi + - wev + - seatd + - xorg-xwayland + + shell_terminal_ux: + - zsh + - alacritty + - kitty + - ttf-jetbrains-mono-nerd + - ueberzugpp + + cli_utilities: + - vim + - neovim + - bat + - eza + - fd + - ripgrep + - jq + - htop + - wget + - yazi + - dust + - dysk + - brightnessctl + + dev_build: + - rustup + - gitui + - yarn + - lua51 + - luarocks + - chezmoi + + applications: + - firefox + - libreoffice-fresh + +gpu_driver_sets: + amd: + - vulkan-radeon + - xf86-video-amdgpu + - xf86-video-ati + intel: + - vulkan-intel + - intel-media-driver + - libva-intel-driver + nvidia: + - vulkan-nouveau + - xf86-video-nouveau + +aur_packages: + - paru + - xcursor-breeze-serie-obsidian diff --git a/installer/README.md b/installer/README.md index 9fdb04b..0ac67d5 100644 --- a/installer/README.md +++ b/installer/README.md @@ -4,24 +4,33 @@ The goal of archinstall is to easily and reproducibly create a minimal arch inst Ansible is then used to do the heavy lifting. -The `./patch-disk-config.sh` scripts goal is to help Host file transfer (QEMU user networking) -## VM -> Host file transfer (QEMU user networking) +With QEMU user-mode networking (`10.0.2.0/24`), the host cannot initiate connections to the VM. File transfer therefore works by having the **receiver listen** and the **sender connect** using `nc`. -When using QEMU user-mode networking (`10.0.2.0/24`), the host cannot reach the VM directly. -To transfer files from the VM to the host, use `nc`. +`10.0.2.2` is the host address from inside the VM. -On the host (receive): +### VM -> Host (send from VM, receive on host) + +Host (receive): ```sh -nc -l -p 8001 > archinstall.json -```` - -On the VM (send): - +nc -l 8001 > archinstall.json +``` +VM (send): ```sh nc 10.0.2.2 8001 < /root/archinstall.json ``` -`10.0.2.2` is the host address in QEMU user networking. +### Host -> VM (send from host, receive on VM) + +Host (send): +```sh +nc -l 8002 < archinstall.json +``` +VM (receive): +```sh +nc 10.0.2.2 8002 > /root/archinstall.json +``` diff --git a/installer/user_config_base.json b/installer/user_config_base.json index a56fdb8..fb9a2b6 100644 --- a/installer/user_config_base.json +++ b/installer/user_config_base.json @@ -119,7 +119,7 @@ "ntp": true, "packages": [ "git", - "ansible-core" + "ansible" ], "parallel_downloads": 0, "script": null,