More provisioning work
This commit is contained in:
parent
a0848f4113
commit
949c6872ac
|
@ -1,118 +1,162 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
# NOTE: run this from inside a Linux installation, not from the live USB/CD
|
export dfp
|
||||||
# TODO: detect if in a live image
|
export XDG_CONFIG_HOME="${XDG_CONFIG_HOME:-$HOME/.config}"
|
||||||
|
export ENV_PATH="$XDG_CONFIG_HOME/lytedev-env"
|
||||||
|
export CURDIR
|
||||||
|
|
||||||
head /etc/os-release --lines 1 | grep 'NixOS$' &>/dev/null; test $? -eq 1; is_nixos=$?
|
dfp="$(realpath "$(dirname "$0")"/../..)"
|
||||||
head /etc/os-release --lines 1 | grep 'Arch Linux' &>/dev/null; test $? -eq 1; is_arch_linux=$?
|
|
||||||
|
|
||||||
set -e
|
detect_os() {
|
||||||
set -x
|
# NixOS
|
||||||
|
if head /etc/os-release --lines 1 | grep 'NixOS$' >/dev/null 2>&1; then
|
||||||
run_via_dotfiles_if_necessary() {
|
ln -s "$dfp/os/linux/nix" "$ENV_PATH/os-linux-nix" >/dev/null 2>&1
|
||||||
# clone dotfiles and re-run from repo if we're not in the repo
|
return
|
||||||
pushd "$(dirname "$0")"
|
|
||||||
if git remote get-url origin | grep 'lytedev/dotfiles'; then
|
|
||||||
echo "Already in dotfiles repo!"
|
|
||||||
else
|
|
||||||
echo "Setting up dotfiles for $EUID..."
|
|
||||||
d="$HOME/.config/lytedev-dotfiles"
|
|
||||||
mkdir --parents "$d"
|
|
||||||
rm --recursive --force "$d"
|
|
||||||
git clone "https://git.lyte.dev/lytedev/dotfiles" "$d"
|
|
||||||
exec "$d/bin/init-dotfiles"
|
|
||||||
exit 0
|
|
||||||
fi
|
fi
|
||||||
popd
|
|
||||||
|
# Arch Linux
|
||||||
|
if head /etc/os-release --lines 1 | grep 'Arch Linux' >/dev/null 2>&1; then
|
||||||
|
ln -s "$dfp/os/linux/arch" "$ENV_PATH/os-linux-arch" >/dev/null 2>&1
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Pacman-based
|
||||||
|
if command -v pacman; then
|
||||||
|
ln -s "$dfp/os/linux/arch" "$ENV_PATH/os-linux-arch" >/dev/null 2>&1
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
|
||||||
|
# TODO: Debian
|
||||||
|
|
||||||
|
echo "Failed to auto-detect your OS! Please setup your environments and run this script again."
|
||||||
|
exit 3
|
||||||
}
|
}
|
||||||
|
|
||||||
symlink_nixos_config() {
|
if command -v git >/dev/null 2>&1; then
|
||||||
rm --force "/etc/nixos/lytedev"
|
if [ -f "$dfp/common/envs" ]; then
|
||||||
ln --symbolic "$1" "/etc/nixos/lytedev"
|
# TODO: more shared init stuff?
|
||||||
}
|
mkdir -p $ENV_PATH
|
||||||
|
detect_os
|
||||||
if [ "$EUID" -eq 0 ]; then
|
ls -la -R $ENV_PATH/*
|
||||||
if test $is_arch_linux -eq 1; then
|
find "$ENV_PATH" | while read -r s; do
|
||||||
pacman -Sy --needed --noconfirm git inetutils openssh sudo
|
f="$s/dotfiles-init.d.sh"
|
||||||
|
if [ -f "$f" ]; then
|
||||||
|
CURDIR="$s"
|
||||||
|
. "$f"
|
||||||
fi
|
fi
|
||||||
run_via_dotfiles_if_necessary
|
done
|
||||||
pushd "$(dirname "$0")/.."
|
$dfp/common/bin/dotfiles-setup
|
||||||
if test $is_nixos -eq 1; then
|
|
||||||
symlink_nixos_config "$HOME/.config/lytedev-dotfiles/env/nix/"
|
|
||||||
nix-channel --add https://nixos.org/channels/nixos-unstable nixos-unstable
|
|
||||||
nix-channel --update
|
|
||||||
nixos-rebuild switch # this should create the `daniel` user
|
|
||||||
elif test $is_arch_linux -eq 1; then
|
|
||||||
ls -la
|
|
||||||
"env/arch-linux/provision.d/00-add-user.bash"
|
|
||||||
fi
|
|
||||||
c=/home/daniel/.home/.config/
|
|
||||||
mkdir --parents "$c"
|
|
||||||
chown -R daniel:users "$c"
|
|
||||||
cp --recursive . "$c/lytedev-dotfiles"
|
|
||||||
sudo --user daniel "$c/bin/init-dotfiles"
|
|
||||||
popd
|
|
||||||
exit 0
|
|
||||||
else
|
else
|
||||||
run_via_dotfiles_if_necessary
|
git clone "https://git.lyte.dev/lytedev/dotfiles.git" "$XDG_CONFIG_HOME/lytedev-dotfiles"
|
||||||
echo
|
cd "$XDG_CONFIG_HOME/lytedev-dotfiles" || { echo "Could not cd to dotfiles dir"; exit 2; }
|
||||||
echo
|
. ./common/bin/dotfiles-init
|
||||||
echo
|
|
||||||
echo "PREPARING TO GENERATE SSH KEY FOR USER"
|
|
||||||
echo
|
|
||||||
echo
|
|
||||||
echo
|
|
||||||
pushd "$HOME"
|
|
||||||
keyfile=".ssh/$(hostname --short)"
|
|
||||||
echo $keyfile
|
|
||||||
if ! [ -f "$keyfile" ]; then
|
|
||||||
mkdir --mode 700 --parents .ssh
|
|
||||||
chmod 700 .ssh
|
|
||||||
ls -la .ssh
|
|
||||||
ssh-keygen -N '' -t ed25519 -f "$keyfile"
|
|
||||||
mkdir --mode 755 --parents "$NICE_HOME/public"
|
|
||||||
cp "$keyfile.pub" "$NICE_HOME/public"
|
|
||||||
fi
|
fi
|
||||||
popd
|
else
|
||||||
if test $is_nixos -eq 1; then
|
echo "git not installed"
|
||||||
FUNC=$(declare -f symlink_nixos_config)
|
exit 1
|
||||||
sudo sh -c "$FUNC; symlink_nixos_config \"$HOME/.config/lytedev-dotfiles/env/nix/\""
|
|
||||||
elif test $is_arch_linux -eq 1; then
|
|
||||||
sudo "$HOME/.config/lytedev-dotfiles/env/arch-linux/provision.sh"
|
|
||||||
fi
|
fi
|
||||||
mkdir --parents "$NICE_HOME/img/walls"
|
|
||||||
curl --silent --output "$NICE_HOME/img/walls/clouds_by_souredapply.png" \
|
|
||||||
"https://art.ngfiles.com/images/530000/530895_souredapple_clouds.png"
|
|
||||||
rm --recursive --force "$HOME/.wallpaper"
|
|
||||||
ln --symbolic "$NICE_HOME/img/walls/clouds_by_souredapply.png" "$HOME/.wallpaper"
|
|
||||||
|
|
||||||
# TODO: setup ssh/gpg keys
|
# TODO: run provision script
|
||||||
# TODO: setup password store
|
|
||||||
|
|
||||||
pushd "$HOME/.config/lytedev-dotfiles"
|
# run_via_dotfiles_if_necessary() {
|
||||||
git remote set-url origin "ssh://git@git.lyte.dev:2222/lytedev/dotfiles.git"
|
# # clone dotfiles and re-run from repo if we're not in the repo
|
||||||
./bin/setup-dotfiles
|
# pushd "$(dirname "$0")"
|
||||||
popd
|
# if git remote get-url origin | grep 'lytedev/dotfiles'; then
|
||||||
|
# echo "Already in dotfiles repo!"
|
||||||
|
# else
|
||||||
|
# echo "Setting up dotfiles for $EUID..."
|
||||||
|
# d="$HOME/.config/lytedev-dotfiles"
|
||||||
|
# mkdir --parents "$d"
|
||||||
|
# rm --recursive --force "$d"
|
||||||
|
# git clone "https://git.lyte.dev/lytedev/dotfiles" "$d"
|
||||||
|
# exec "$d/bin/dotfiles-init"
|
||||||
|
# exit 0
|
||||||
|
# fi
|
||||||
|
# popd
|
||||||
|
# }
|
||||||
|
|
||||||
# nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager
|
# if [ "$EUID" -eq 0 ]; then
|
||||||
|
# if test $is_arch_linux -eq 1; then
|
||||||
|
# pacman -Sy --needed --noconfirm git inetutils openssh sudo
|
||||||
|
# fi
|
||||||
|
# run_via_dotfiles_if_necessary
|
||||||
|
# pushd "$(dirname "$0")/.."
|
||||||
|
# if test $is_nixos -eq 1; then
|
||||||
|
# symlink_nixos_config "$HOME/.config/lytedev-dotfiles/env/nix/"
|
||||||
|
# nix-channel --add https://nixos.org/channels/nixos-unstable nixos-unstable
|
||||||
# nix-channel --update
|
# nix-channel --update
|
||||||
# nix-shell '<home-manager>' -A install
|
# nixos-rebuild switch # this should create the `daniel` user
|
||||||
|
# elif test $is_arch_linux -eq 1; then
|
||||||
# TODO: fetch password store
|
# ls -la
|
||||||
# TODO: fetch notes database
|
# "env/arch-linux/provision.d/00-add-user.bash"
|
||||||
fi
|
# fi
|
||||||
|
# c=/home/daniel/.home/.config/
|
||||||
echo "Here is this machine's public SSH key:"
|
# mkdir --parents "$c"
|
||||||
echo " $(cat "$HOME/.ssh/$(hostname --short).pub")"
|
# chown -R daniel:users "$c"
|
||||||
echo "It needs to be added to existing cloud-based git accounts"
|
# cp --recursive . "$c/lytedev-dotfiles"
|
||||||
echo "and other machines before proceeding."
|
# sudo --user daniel "$c/bin/init-dotfiles"
|
||||||
echo
|
# popd
|
||||||
echo "Don't forget to setup GPG keys by importing from an existing machine"
|
# exit 0
|
||||||
echo "or adding new child keys!"
|
# else
|
||||||
if test $is_arch_linux -eq 1; then
|
# run_via_dotfiles_if_necessary
|
||||||
echo
|
# echo
|
||||||
echo 'You will need to set a password for your new user.'
|
# echo
|
||||||
fi
|
# echo
|
||||||
echo
|
# echo "PREPARING TO GENERATE SSH KEY FOR USER"
|
||||||
echo "The simplest method for doing this is to run the following:"
|
# echo
|
||||||
echo ' scp -r "$TARGET_MACHINE:~/.gnupg" "$HOME/.gnupg'
|
# echo
|
||||||
|
# echo
|
||||||
|
# pushd "$HOME"
|
||||||
|
# keyfile=".ssh/$(hostname --short)"
|
||||||
|
# echo $keyfile
|
||||||
|
# if ! [ -f "$keyfile" ]; then
|
||||||
|
# mkdir --mode 700 --parents .ssh
|
||||||
|
# chmod 700 .ssh
|
||||||
|
# ls -la .ssh
|
||||||
|
# ssh-keygen -N '' -t ed25519 -f "$keyfile"
|
||||||
|
# mkdir --mode 755 --parents "$NICE_HOME/public"
|
||||||
|
# cp "$keyfile.pub" "$NICE_HOME/public"
|
||||||
|
# fi
|
||||||
|
# popd
|
||||||
|
# if test $is_nixos -eq 1; then
|
||||||
|
# FUNC=$(declare -f symlink_nixos_config)
|
||||||
|
# sudo sh -c "$FUNC; symlink_nixos_config \"$HOME/.config/lytedev-dotfiles/env/nix/\""
|
||||||
|
# elif test $is_arch_linux -eq 1; then
|
||||||
|
# sudo "$HOME/.config/lytedev-dotfiles/env/arch-linux/provision.sh"
|
||||||
|
# fi
|
||||||
|
# mkdir --parents "$NICE_HOME/img/walls"
|
||||||
|
# curl --silent --output "$NICE_HOME/img/walls/clouds_by_souredapply.png" \
|
||||||
|
# "https://art.ngfiles.com/images/530000/530895_souredapple_clouds.png"
|
||||||
|
# rm --recursive --force "$HOME/.wallpaper"
|
||||||
|
# ln --symbolic "$NICE_HOME/img/walls/clouds_by_souredapply.png" "$HOME/.wallpaper"
|
||||||
|
#
|
||||||
|
# # TODO: setup ssh/gpg keys
|
||||||
|
# # TODO: setup password store
|
||||||
|
#
|
||||||
|
# pushd "$HOME/.config/lytedev-dotfiles"
|
||||||
|
# git remote set-url origin "ssh://git@git.lyte.dev:2222/lytedev/dotfiles.git"
|
||||||
|
# ./bin/setup-dotfiles
|
||||||
|
# popd
|
||||||
|
#
|
||||||
|
# # nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager
|
||||||
|
# # nix-channel --update
|
||||||
|
# # nix-shell '<home-manager>' -A install
|
||||||
|
#
|
||||||
|
# # TODO: fetch password store
|
||||||
|
# # TODO: fetch notes database
|
||||||
|
# fi
|
||||||
|
#
|
||||||
|
# echo "Here is this machine's public SSH key:"
|
||||||
|
# echo " $(cat "$HOME/.ssh/$(hostname --short).pub")"
|
||||||
|
# echo "It needs to be added to existing cloud-based git accounts"
|
||||||
|
# echo "and other machines before proceeding."
|
||||||
|
# echo
|
||||||
|
# echo "Don't forget to setup GPG keys by importing from an existing machine"
|
||||||
|
# echo "or adding new child keys!"
|
||||||
|
# if test $is_arch_linux -eq 1; then
|
||||||
|
# echo
|
||||||
|
# echo 'You will need to set a password for your new user.'
|
||||||
|
# fi
|
||||||
|
# echo
|
||||||
|
# echo "The simplest method for doing this is to run the following:"
|
||||||
|
# echo ' scp -r "$TARGET_MACHINE:~/.gnupg" "$HOME/.gnupg'
|
||||||
|
|
18
common/bin/dotfiles-link-environments
Executable file
18
common/bin/dotfiles-link-environments
Executable file
|
@ -0,0 +1,18 @@
|
||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
set dfp (realpath (dirname (status -f))/../..)
|
||||||
|
function files
|
||||||
|
cat $argv[1] | while read -l l
|
||||||
|
test -d $l && echo $l
|
||||||
|
end
|
||||||
|
end
|
||||||
|
files $dfp/common/envs | \
|
||||||
|
fzf -m --prompt "Select applicable environments (multi-select w/ TAB): " | \
|
||||||
|
string trim | \
|
||||||
|
read -a -d \n -z lines
|
||||||
|
for l in $lines
|
||||||
|
test $l = "" && continue
|
||||||
|
set ll (string replace -a / - $l)
|
||||||
|
echo "Linking $ENV_PATH/$ll to $dfp/$l"
|
||||||
|
ln -s $dfp/$l $ENV_PATH/$ll &>/dev/null
|
||||||
|
end
|
|
@ -1,6 +1,7 @@
|
||||||
#!/usr/bin/env fish
|
#!/usr/bin/env fish
|
||||||
|
|
||||||
# TODO: init from curl
|
# This script's purpose is to setup the dotfiles configuration for an existing
|
||||||
|
# and provisioned machine. For provisioning, see `./dotfiles-init`.
|
||||||
|
|
||||||
set dfp (realpath (dirname (status -f))/../..)
|
set dfp (realpath (dirname (status -f))/../..)
|
||||||
set lock_file $HOME/.using-lytedev-dotfiles.lock
|
set lock_file $HOME/.using-lytedev-dotfiles.lock
|
||||||
|
@ -58,5 +59,5 @@ end
|
||||||
|
|
||||||
# execute the user's shell
|
# execute the user's shell
|
||||||
set ush (getent passwd $LOGNAME | cut -d: -f7)
|
set ush (getent passwd $LOGNAME | cut -d: -f7)
|
||||||
echo Dotfiles Installed! Running $ush
|
echo "Dotfiles Installed! Don't forget to setup environments!"
|
||||||
exec $ush
|
exec $ush
|
||||||
|
|
23
common/envs
Normal file
23
common/envs
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
os/linux
|
||||||
|
os/linux/arch
|
||||||
|
os/linux/nix
|
||||||
|
os/linux/debian
|
||||||
|
host/desktop
|
||||||
|
host/desktop/wallwart
|
||||||
|
host/desktop/rising
|
||||||
|
host/headless
|
||||||
|
host/headless/anonode
|
||||||
|
host/headless/nexus
|
||||||
|
host/headless/router
|
||||||
|
host/headless/faceless
|
||||||
|
host/headless/rift
|
||||||
|
host/headless/relic
|
||||||
|
host/headless/ruby
|
||||||
|
host/headless/comet
|
||||||
|
host/headless/tilde
|
||||||
|
host/laptop
|
||||||
|
host/laptop/third
|
||||||
|
host/laptop/divvy-macbook
|
||||||
|
host/laptop/postmates-macbook
|
||||||
|
host/laptop/uber-macbook
|
||||||
|
host/laptop/val-macbook
|
1
host/desktop/desktop
Symbolic link
1
host/desktop/desktop
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
/home/daniel/.home/.config/lytedev-dotfiles/host/desktop
|
|
@ -10,4 +10,4 @@ docker pull archlinux -q || begin
|
||||||
exit 1
|
exit 1
|
||||||
end
|
end
|
||||||
|
|
||||||
docker run -it --rm -v $DOTFILES_PATH:/dotfiles:ro archlinux sh -c "/dotfiles/os/linux/arch/provision.sh && fish"
|
docker run -it --rm -v $DOTFILES_PATH:/dotfiles:ro archlinux sh -c "pacman -Sy --noconfirm git; /dotfiles/common/bin/dotfiles-init"
|
||||||
|
|
4
os/linux/arch/dotfiles-init.d.sh
Normal file
4
os/linux/arch/dotfiles-init.d.sh
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
# this will be run as root
|
||||||
|
"$CURDIR/provision.sh"
|
|
@ -6,15 +6,16 @@ ud="/home/$u"
|
||||||
# user exists - we will assume setup has already run
|
# user exists - we will assume setup has already run
|
||||||
if getent passwd "$u"; then exit 0; fi
|
if getent passwd "$u"; then exit 0; fi
|
||||||
|
|
||||||
pacman -S --needed --noconfirm sudo
|
pacman -S --needed --noconfirm sudo fish git
|
||||||
echo '%admin ALL=(ALL) ALL' >> /etc/sudoers.d/admin-group-sudoers
|
|
||||||
groupadd admin 2>/dev/null
|
groupadd admin 2>/dev/null
|
||||||
|
echo '%admin ALL=(ALL) ALL' >> /etc/sudoers.d/admin-group-sudoers
|
||||||
mkdir --parents "$ud/.home" "$ud/dl"
|
mkdir --parents "$ud/.home" "$ud/dl"
|
||||||
useradd --home-dir "$ud/.home" \
|
useradd --home-dir "$ud/.home" \
|
||||||
--groups "admin,users,uucp,lock" \
|
--groups "admin,users,uucp,lock" \
|
||||||
--shell "/bin/bash" \
|
--shell "/bin/bash" \
|
||||||
"$u"
|
"$u"
|
||||||
chown --recursive "$u:$u" "$ud"
|
chown --recursive "$u:$u" "$ud"
|
||||||
|
chsh --shell /bin/fish
|
||||||
echo "Setting password for user '$u'"
|
echo "Setting password for user '$u'"
|
||||||
|
|
||||||
# enforce that a password is set
|
# enforce that a password is set
|
||||||
|
|
|
@ -49,11 +49,11 @@ yay -Sy \
|
||||||
pulseaudio pavucontrol pulsemixer `# Audio Backend and Controls` \
|
pulseaudio pavucontrol pulsemixer `# Audio Backend and Controls` \
|
||||||
playerctl `# Media Keys Controls` \
|
playerctl `# Media Keys Controls` \
|
||||||
feh `# Image Viewer & Wallpaper Manager` \
|
feh `# Image Viewer & Wallpaper Manager` \
|
||||||
wlroots-git sway-git `# Wayland Compositor` \
|
wlroots sway `# Wayland Compositor` \
|
||||||
swaylock-git swayidle-git `# Auto-Locking for Sway` \
|
swaylock swayidle `# Auto-Locking for Sway` \
|
||||||
kanshi-git `# Monitor Management for Sway` \
|
kanshi `# Monitor Management for Sway` \
|
||||||
wofi-git `# Sway app launcher` \
|
wofi `# Sway app launcher` \
|
||||||
waybar-git mako-git `# Sway Bar & Notifications` \
|
waybar mako `# Sway Bar & Notifications` \
|
||||||
slurp grim wl-clipboard `# Sway Screen Selection & Clipping` \
|
slurp grim wl-clipboard `# Sway Screen Selection & Clipping` \
|
||||||
pipewire pipewire-pulse libpipewire02 `# Pipewire` \
|
pipewire pipewire-pulse libpipewire02 `# Pipewire` \
|
||||||
xdg-desktop-portal xdg-desktop-portal-wlr `# Screensharing` \
|
xdg-desktop-portal xdg-desktop-portal-wlr `# Screensharing` \
|
||||||
|
|
|
@ -1,11 +1,13 @@
|
||||||
#!/usr/bin/env sh
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
pacman -Syy
|
pacman -Syy
|
||||||
|
pacman -S --noconfirm --needed fish sudo
|
||||||
|
|
||||||
is_root="$(test "$(whoami)" == 'root' && echo "1" || echo "0")"
|
is_root="$(test "$(whoami)" == 'root' && echo "1" || echo "0")"
|
||||||
|
ls -la "$(dirname "$0")"
|
||||||
for file in "$(dirname "$0")/provision.d"/*; do
|
for file in "$(dirname "$0")/provision.d"/*; do
|
||||||
test -d "$file" && continue
|
test -d "$file" && continue
|
||||||
echo "Runnning $f..."
|
echo "Runnning $file..."
|
||||||
if <<< "$file" grep -q "AS_ROOT"; then
|
if <<< "$file" grep -q "AS_ROOT"; then
|
||||||
if [ "$is_root" == "1" ]; then
|
if [ "$is_root" == "1" ]; then
|
||||||
"$file"
|
"$file"
|
||||||
|
|
5
os/linux/nix/init.d.fish
Normal file
5
os/linux/nix/init.d.fish
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
symlink_nixos_config() {
|
||||||
|
rm --force "/etc/nixos/lytedev"
|
||||||
|
ln --symbolic "$1" "/etc/nixos/lytedev"
|
||||||
|
}
|
||||||
|
|
Reference in a new issue