More provisioning work

This commit is contained in:
Daniel Flanagan 2021-03-25 09:04:51 -05:00
parent a0848f4113
commit 949c6872ac
Signed by: lytedev
GPG key ID: 5B2020A0F9921EF4
11 changed files with 219 additions and 120 deletions

View file

@ -1,118 +1,162 @@
#!/usr/bin/env bash #!/usr/bin/env sh
# NOTE: run this from inside a Linux installation, not from the live USB/CD export dfp
# TODO: detect if in a live image export XDG_CONFIG_HOME="${XDG_CONFIG_HOME:-$HOME/.config}"
export ENV_PATH="$XDG_CONFIG_HOME/lytedev-env"
export CURDIR
head /etc/os-release --lines 1 | grep 'NixOS$' &>/dev/null; test $? -eq 1; is_nixos=$? dfp="$(realpath "$(dirname "$0")"/../..)"
head /etc/os-release --lines 1 | grep 'Arch Linux' &>/dev/null; test $? -eq 1; is_arch_linux=$?
set -e detect_os() {
set -x # NixOS
if head /etc/os-release --lines 1 | grep 'NixOS$' >/dev/null 2>&1; then
run_via_dotfiles_if_necessary() { ln -s "$dfp/os/linux/nix" "$ENV_PATH/os-linux-nix" >/dev/null 2>&1
# clone dotfiles and re-run from repo if we're not in the repo return
pushd "$(dirname "$0")"
if git remote get-url origin | grep 'lytedev/dotfiles'; then
echo "Already in dotfiles repo!"
else
echo "Setting up dotfiles for $EUID..."
d="$HOME/.config/lytedev-dotfiles"
mkdir --parents "$d"
rm --recursive --force "$d"
git clone "https://git.lyte.dev/lytedev/dotfiles" "$d"
exec "$d/bin/init-dotfiles"
exit 0
fi fi
popd
# Arch Linux
if head /etc/os-release --lines 1 | grep 'Arch Linux' >/dev/null 2>&1; then
ln -s "$dfp/os/linux/arch" "$ENV_PATH/os-linux-arch" >/dev/null 2>&1
return
fi
# Pacman-based
if command -v pacman; then
ln -s "$dfp/os/linux/arch" "$ENV_PATH/os-linux-arch" >/dev/null 2>&1
return
fi
# TODO: Debian
echo "Failed to auto-detect your OS! Please setup your environments and run this script again."
exit 3
} }
symlink_nixos_config() { if command -v git >/dev/null 2>&1; then
rm --force "/etc/nixos/lytedev" if [ -f "$dfp/common/envs" ]; then
ln --symbolic "$1" "/etc/nixos/lytedev" # TODO: more shared init stuff?
} mkdir -p $ENV_PATH
detect_os
if [ "$EUID" -eq 0 ]; then ls -la -R $ENV_PATH/*
if test $is_arch_linux -eq 1; then find "$ENV_PATH" | while read -r s; do
pacman -Sy --needed --noconfirm git inetutils openssh sudo f="$s/dotfiles-init.d.sh"
if [ -f "$f" ]; then
CURDIR="$s"
. "$f"
fi fi
run_via_dotfiles_if_necessary done
pushd "$(dirname "$0")/.." $dfp/common/bin/dotfiles-setup
if test $is_nixos -eq 1; then
symlink_nixos_config "$HOME/.config/lytedev-dotfiles/env/nix/"
nix-channel --add https://nixos.org/channels/nixos-unstable nixos-unstable
nix-channel --update
nixos-rebuild switch # this should create the `daniel` user
elif test $is_arch_linux -eq 1; then
ls -la
"env/arch-linux/provision.d/00-add-user.bash"
fi
c=/home/daniel/.home/.config/
mkdir --parents "$c"
chown -R daniel:users "$c"
cp --recursive . "$c/lytedev-dotfiles"
sudo --user daniel "$c/bin/init-dotfiles"
popd
exit 0
else else
run_via_dotfiles_if_necessary git clone "https://git.lyte.dev/lytedev/dotfiles.git" "$XDG_CONFIG_HOME/lytedev-dotfiles"
echo cd "$XDG_CONFIG_HOME/lytedev-dotfiles" || { echo "Could not cd to dotfiles dir"; exit 2; }
echo . ./common/bin/dotfiles-init
echo
echo "PREPARING TO GENERATE SSH KEY FOR USER"
echo
echo
echo
pushd "$HOME"
keyfile=".ssh/$(hostname --short)"
echo $keyfile
if ! [ -f "$keyfile" ]; then
mkdir --mode 700 --parents .ssh
chmod 700 .ssh
ls -la .ssh
ssh-keygen -N '' -t ed25519 -f "$keyfile"
mkdir --mode 755 --parents "$NICE_HOME/public"
cp "$keyfile.pub" "$NICE_HOME/public"
fi fi
popd else
if test $is_nixos -eq 1; then echo "git not installed"
FUNC=$(declare -f symlink_nixos_config) exit 1
sudo sh -c "$FUNC; symlink_nixos_config \"$HOME/.config/lytedev-dotfiles/env/nix/\""
elif test $is_arch_linux -eq 1; then
sudo "$HOME/.config/lytedev-dotfiles/env/arch-linux/provision.sh"
fi fi
mkdir --parents "$NICE_HOME/img/walls"
curl --silent --output "$NICE_HOME/img/walls/clouds_by_souredapply.png" \
"https://art.ngfiles.com/images/530000/530895_souredapple_clouds.png"
rm --recursive --force "$HOME/.wallpaper"
ln --symbolic "$NICE_HOME/img/walls/clouds_by_souredapply.png" "$HOME/.wallpaper"
# TODO: setup ssh/gpg keys # TODO: run provision script
# TODO: setup password store
pushd "$HOME/.config/lytedev-dotfiles" # run_via_dotfiles_if_necessary() {
git remote set-url origin "ssh://git@git.lyte.dev:2222/lytedev/dotfiles.git" # # clone dotfiles and re-run from repo if we're not in the repo
./bin/setup-dotfiles # pushd "$(dirname "$0")"
popd # if git remote get-url origin | grep 'lytedev/dotfiles'; then
# echo "Already in dotfiles repo!"
# else
# echo "Setting up dotfiles for $EUID..."
# d="$HOME/.config/lytedev-dotfiles"
# mkdir --parents "$d"
# rm --recursive --force "$d"
# git clone "https://git.lyte.dev/lytedev/dotfiles" "$d"
# exec "$d/bin/dotfiles-init"
# exit 0
# fi
# popd
# }
# nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager # if [ "$EUID" -eq 0 ]; then
# if test $is_arch_linux -eq 1; then
# pacman -Sy --needed --noconfirm git inetutils openssh sudo
# fi
# run_via_dotfiles_if_necessary
# pushd "$(dirname "$0")/.."
# if test $is_nixos -eq 1; then
# symlink_nixos_config "$HOME/.config/lytedev-dotfiles/env/nix/"
# nix-channel --add https://nixos.org/channels/nixos-unstable nixos-unstable
# nix-channel --update # nix-channel --update
# nix-shell '<home-manager>' -A install # nixos-rebuild switch # this should create the `daniel` user
# elif test $is_arch_linux -eq 1; then
# TODO: fetch password store # ls -la
# TODO: fetch notes database # "env/arch-linux/provision.d/00-add-user.bash"
fi # fi
# c=/home/daniel/.home/.config/
echo "Here is this machine's public SSH key:" # mkdir --parents "$c"
echo " $(cat "$HOME/.ssh/$(hostname --short).pub")" # chown -R daniel:users "$c"
echo "It needs to be added to existing cloud-based git accounts" # cp --recursive . "$c/lytedev-dotfiles"
echo "and other machines before proceeding." # sudo --user daniel "$c/bin/init-dotfiles"
echo # popd
echo "Don't forget to setup GPG keys by importing from an existing machine" # exit 0
echo "or adding new child keys!" # else
if test $is_arch_linux -eq 1; then # run_via_dotfiles_if_necessary
echo # echo
echo 'You will need to set a password for your new user.' # echo
fi # echo
echo # echo "PREPARING TO GENERATE SSH KEY FOR USER"
echo "The simplest method for doing this is to run the following:" # echo
echo ' scp -r "$TARGET_MACHINE:~/.gnupg" "$HOME/.gnupg' # echo
# echo
# pushd "$HOME"
# keyfile=".ssh/$(hostname --short)"
# echo $keyfile
# if ! [ -f "$keyfile" ]; then
# mkdir --mode 700 --parents .ssh
# chmod 700 .ssh
# ls -la .ssh
# ssh-keygen -N '' -t ed25519 -f "$keyfile"
# mkdir --mode 755 --parents "$NICE_HOME/public"
# cp "$keyfile.pub" "$NICE_HOME/public"
# fi
# popd
# if test $is_nixos -eq 1; then
# FUNC=$(declare -f symlink_nixos_config)
# sudo sh -c "$FUNC; symlink_nixos_config \"$HOME/.config/lytedev-dotfiles/env/nix/\""
# elif test $is_arch_linux -eq 1; then
# sudo "$HOME/.config/lytedev-dotfiles/env/arch-linux/provision.sh"
# fi
# mkdir --parents "$NICE_HOME/img/walls"
# curl --silent --output "$NICE_HOME/img/walls/clouds_by_souredapply.png" \
# "https://art.ngfiles.com/images/530000/530895_souredapple_clouds.png"
# rm --recursive --force "$HOME/.wallpaper"
# ln --symbolic "$NICE_HOME/img/walls/clouds_by_souredapply.png" "$HOME/.wallpaper"
#
# # TODO: setup ssh/gpg keys
# # TODO: setup password store
#
# pushd "$HOME/.config/lytedev-dotfiles"
# git remote set-url origin "ssh://git@git.lyte.dev:2222/lytedev/dotfiles.git"
# ./bin/setup-dotfiles
# popd
#
# # nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager
# # nix-channel --update
# # nix-shell '<home-manager>' -A install
#
# # TODO: fetch password store
# # TODO: fetch notes database
# fi
#
# echo "Here is this machine's public SSH key:"
# echo " $(cat "$HOME/.ssh/$(hostname --short).pub")"
# echo "It needs to be added to existing cloud-based git accounts"
# echo "and other machines before proceeding."
# echo
# echo "Don't forget to setup GPG keys by importing from an existing machine"
# echo "or adding new child keys!"
# if test $is_arch_linux -eq 1; then
# echo
# echo 'You will need to set a password for your new user.'
# fi
# echo
# echo "The simplest method for doing this is to run the following:"
# echo ' scp -r "$TARGET_MACHINE:~/.gnupg" "$HOME/.gnupg'

View file

@ -0,0 +1,18 @@
#!/usr/bin/env sh
set dfp (realpath (dirname (status -f))/../..)
function files
cat $argv[1] | while read -l l
test -d $l && echo $l
end
end
files $dfp/common/envs | \
fzf -m --prompt "Select applicable environments (multi-select w/ TAB): " | \
string trim | \
read -a -d \n -z lines
for l in $lines
test $l = "" && continue
set ll (string replace -a / - $l)
echo "Linking $ENV_PATH/$ll to $dfp/$l"
ln -s $dfp/$l $ENV_PATH/$ll &>/dev/null
end

View file

@ -1,6 +1,7 @@
#!/usr/bin/env fish #!/usr/bin/env fish
# TODO: init from curl # This script's purpose is to setup the dotfiles configuration for an existing
# and provisioned machine. For provisioning, see `./dotfiles-init`.
set dfp (realpath (dirname (status -f))/../..) set dfp (realpath (dirname (status -f))/../..)
set lock_file $HOME/.using-lytedev-dotfiles.lock set lock_file $HOME/.using-lytedev-dotfiles.lock
@ -58,5 +59,5 @@ end
# execute the user's shell # execute the user's shell
set ush (getent passwd $LOGNAME | cut -d: -f7) set ush (getent passwd $LOGNAME | cut -d: -f7)
echo Dotfiles Installed! Running $ush echo "Dotfiles Installed! Don't forget to setup environments!"
exec $ush exec $ush

23
common/envs Normal file
View file

@ -0,0 +1,23 @@
os/linux
os/linux/arch
os/linux/nix
os/linux/debian
host/desktop
host/desktop/wallwart
host/desktop/rising
host/headless
host/headless/anonode
host/headless/nexus
host/headless/router
host/headless/faceless
host/headless/rift
host/headless/relic
host/headless/ruby
host/headless/comet
host/headless/tilde
host/laptop
host/laptop/third
host/laptop/divvy-macbook
host/laptop/postmates-macbook
host/laptop/uber-macbook
host/laptop/val-macbook

1
host/desktop/desktop Symbolic link
View file

@ -0,0 +1 @@
/home/daniel/.home/.config/lytedev-dotfiles/host/desktop

View file

@ -10,4 +10,4 @@ docker pull archlinux -q || begin
exit 1 exit 1
end end
docker run -it --rm -v $DOTFILES_PATH:/dotfiles:ro archlinux sh -c "/dotfiles/os/linux/arch/provision.sh && fish" docker run -it --rm -v $DOTFILES_PATH:/dotfiles:ro archlinux sh -c "pacman -Sy --noconfirm git; /dotfiles/common/bin/dotfiles-init"

View file

@ -0,0 +1,4 @@
#!/usr/bin/env sh
# this will be run as root
"$CURDIR/provision.sh"

View file

@ -6,15 +6,16 @@ ud="/home/$u"
# user exists - we will assume setup has already run # user exists - we will assume setup has already run
if getent passwd "$u"; then exit 0; fi if getent passwd "$u"; then exit 0; fi
pacman -S --needed --noconfirm sudo pacman -S --needed --noconfirm sudo fish git
echo '%admin ALL=(ALL) ALL' >> /etc/sudoers.d/admin-group-sudoers
groupadd admin 2>/dev/null groupadd admin 2>/dev/null
echo '%admin ALL=(ALL) ALL' >> /etc/sudoers.d/admin-group-sudoers
mkdir --parents "$ud/.home" "$ud/dl" mkdir --parents "$ud/.home" "$ud/dl"
useradd --home-dir "$ud/.home" \ useradd --home-dir "$ud/.home" \
--groups "admin,users,uucp,lock" \ --groups "admin,users,uucp,lock" \
--shell "/bin/bash" \ --shell "/bin/bash" \
"$u" "$u"
chown --recursive "$u:$u" "$ud" chown --recursive "$u:$u" "$ud"
chsh --shell /bin/fish
echo "Setting password for user '$u'" echo "Setting password for user '$u'"
# enforce that a password is set # enforce that a password is set

View file

@ -49,11 +49,11 @@ yay -Sy \
pulseaudio pavucontrol pulsemixer `# Audio Backend and Controls` \ pulseaudio pavucontrol pulsemixer `# Audio Backend and Controls` \
playerctl `# Media Keys Controls` \ playerctl `# Media Keys Controls` \
feh `# Image Viewer & Wallpaper Manager` \ feh `# Image Viewer & Wallpaper Manager` \
wlroots-git sway-git `# Wayland Compositor` \ wlroots sway `# Wayland Compositor` \
swaylock-git swayidle-git `# Auto-Locking for Sway` \ swaylock swayidle `# Auto-Locking for Sway` \
kanshi-git `# Monitor Management for Sway` \ kanshi `# Monitor Management for Sway` \
wofi-git `# Sway app launcher` \ wofi `# Sway app launcher` \
waybar-git mako-git `# Sway Bar & Notifications` \ waybar mako `# Sway Bar & Notifications` \
slurp grim wl-clipboard `# Sway Screen Selection & Clipping` \ slurp grim wl-clipboard `# Sway Screen Selection & Clipping` \
pipewire pipewire-pulse libpipewire02 `# Pipewire` \ pipewire pipewire-pulse libpipewire02 `# Pipewire` \
xdg-desktop-portal xdg-desktop-portal-wlr `# Screensharing` \ xdg-desktop-portal xdg-desktop-portal-wlr `# Screensharing` \

View file

@ -1,11 +1,13 @@
#!/usr/bin/env sh #!/usr/bin/env sh
pacman -Syy pacman -Syy
pacman -S --noconfirm --needed fish sudo
is_root="$(test "$(whoami)" == 'root' && echo "1" || echo "0")" is_root="$(test "$(whoami)" == 'root' && echo "1" || echo "0")"
ls -la "$(dirname "$0")"
for file in "$(dirname "$0")/provision.d"/*; do for file in "$(dirname "$0")/provision.d"/*; do
test -d "$file" && continue test -d "$file" && continue
echo "Runnning $f..." echo "Runnning $file..."
if <<< "$file" grep -q "AS_ROOT"; then if <<< "$file" grep -q "AS_ROOT"; then
if [ "$is_root" == "1" ]; then if [ "$is_root" == "1" ]; then
"$file" "$file"

5
os/linux/nix/init.d.fish Normal file
View file

@ -0,0 +1,5 @@
symlink_nixos_config() {
rm --force "/etc/nixos/lytedev"
ln --symbolic "$1" "/etc/nixos/lytedev"
}