More provisioning work
This commit is contained in:
parent
a0848f4113
commit
949c6872ac
|
@ -1,118 +1,162 @@
|
|||
#!/usr/bin/env bash
|
||||
#!/usr/bin/env sh
|
||||
|
||||
# NOTE: run this from inside a Linux installation, not from the live USB/CD
|
||||
# TODO: detect if in a live image
|
||||
export dfp
|
||||
export XDG_CONFIG_HOME="${XDG_CONFIG_HOME:-$HOME/.config}"
|
||||
export ENV_PATH="$XDG_CONFIG_HOME/lytedev-env"
|
||||
export CURDIR
|
||||
|
||||
head /etc/os-release --lines 1 | grep 'NixOS$' &>/dev/null; test $? -eq 1; is_nixos=$?
|
||||
head /etc/os-release --lines 1 | grep 'Arch Linux' &>/dev/null; test $? -eq 1; is_arch_linux=$?
|
||||
dfp="$(realpath "$(dirname "$0")"/../..)"
|
||||
|
||||
set -e
|
||||
set -x
|
||||
|
||||
run_via_dotfiles_if_necessary() {
|
||||
# clone dotfiles and re-run from repo if we're not in the repo
|
||||
pushd "$(dirname "$0")"
|
||||
if git remote get-url origin | grep 'lytedev/dotfiles'; then
|
||||
echo "Already in dotfiles repo!"
|
||||
else
|
||||
echo "Setting up dotfiles for $EUID..."
|
||||
d="$HOME/.config/lytedev-dotfiles"
|
||||
mkdir --parents "$d"
|
||||
rm --recursive --force "$d"
|
||||
git clone "https://git.lyte.dev/lytedev/dotfiles" "$d"
|
||||
exec "$d/bin/init-dotfiles"
|
||||
exit 0
|
||||
detect_os() {
|
||||
# NixOS
|
||||
if head /etc/os-release --lines 1 | grep 'NixOS$' >/dev/null 2>&1; then
|
||||
ln -s "$dfp/os/linux/nix" "$ENV_PATH/os-linux-nix" >/dev/null 2>&1
|
||||
return
|
||||
fi
|
||||
popd
|
||||
|
||||
# Arch Linux
|
||||
if head /etc/os-release --lines 1 | grep 'Arch Linux' >/dev/null 2>&1; then
|
||||
ln -s "$dfp/os/linux/arch" "$ENV_PATH/os-linux-arch" >/dev/null 2>&1
|
||||
return
|
||||
fi
|
||||
|
||||
# Pacman-based
|
||||
if command -v pacman; then
|
||||
ln -s "$dfp/os/linux/arch" "$ENV_PATH/os-linux-arch" >/dev/null 2>&1
|
||||
return
|
||||
fi
|
||||
|
||||
# TODO: Debian
|
||||
|
||||
echo "Failed to auto-detect your OS! Please setup your environments and run this script again."
|
||||
exit 3
|
||||
}
|
||||
|
||||
symlink_nixos_config() {
|
||||
rm --force "/etc/nixos/lytedev"
|
||||
ln --symbolic "$1" "/etc/nixos/lytedev"
|
||||
}
|
||||
|
||||
if [ "$EUID" -eq 0 ]; then
|
||||
if test $is_arch_linux -eq 1; then
|
||||
pacman -Sy --needed --noconfirm git inetutils openssh sudo
|
||||
if command -v git >/dev/null 2>&1; then
|
||||
if [ -f "$dfp/common/envs" ]; then
|
||||
# TODO: more shared init stuff?
|
||||
mkdir -p $ENV_PATH
|
||||
detect_os
|
||||
ls -la -R $ENV_PATH/*
|
||||
find "$ENV_PATH" | while read -r s; do
|
||||
f="$s/dotfiles-init.d.sh"
|
||||
if [ -f "$f" ]; then
|
||||
CURDIR="$s"
|
||||
. "$f"
|
||||
fi
|
||||
run_via_dotfiles_if_necessary
|
||||
pushd "$(dirname "$0")/.."
|
||||
if test $is_nixos -eq 1; then
|
||||
symlink_nixos_config "$HOME/.config/lytedev-dotfiles/env/nix/"
|
||||
nix-channel --add https://nixos.org/channels/nixos-unstable nixos-unstable
|
||||
nix-channel --update
|
||||
nixos-rebuild switch # this should create the `daniel` user
|
||||
elif test $is_arch_linux -eq 1; then
|
||||
ls -la
|
||||
"env/arch-linux/provision.d/00-add-user.bash"
|
||||
fi
|
||||
c=/home/daniel/.home/.config/
|
||||
mkdir --parents "$c"
|
||||
chown -R daniel:users "$c"
|
||||
cp --recursive . "$c/lytedev-dotfiles"
|
||||
sudo --user daniel "$c/bin/init-dotfiles"
|
||||
popd
|
||||
exit 0
|
||||
done
|
||||
$dfp/common/bin/dotfiles-setup
|
||||
else
|
||||
run_via_dotfiles_if_necessary
|
||||
echo
|
||||
echo
|
||||
echo
|
||||
echo "PREPARING TO GENERATE SSH KEY FOR USER"
|
||||
echo
|
||||
echo
|
||||
echo
|
||||
pushd "$HOME"
|
||||
keyfile=".ssh/$(hostname --short)"
|
||||
echo $keyfile
|
||||
if ! [ -f "$keyfile" ]; then
|
||||
mkdir --mode 700 --parents .ssh
|
||||
chmod 700 .ssh
|
||||
ls -la .ssh
|
||||
ssh-keygen -N '' -t ed25519 -f "$keyfile"
|
||||
mkdir --mode 755 --parents "$NICE_HOME/public"
|
||||
cp "$keyfile.pub" "$NICE_HOME/public"
|
||||
git clone "https://git.lyte.dev/lytedev/dotfiles.git" "$XDG_CONFIG_HOME/lytedev-dotfiles"
|
||||
cd "$XDG_CONFIG_HOME/lytedev-dotfiles" || { echo "Could not cd to dotfiles dir"; exit 2; }
|
||||
. ./common/bin/dotfiles-init
|
||||
fi
|
||||
popd
|
||||
if test $is_nixos -eq 1; then
|
||||
FUNC=$(declare -f symlink_nixos_config)
|
||||
sudo sh -c "$FUNC; symlink_nixos_config \"$HOME/.config/lytedev-dotfiles/env/nix/\""
|
||||
elif test $is_arch_linux -eq 1; then
|
||||
sudo "$HOME/.config/lytedev-dotfiles/env/arch-linux/provision.sh"
|
||||
else
|
||||
echo "git not installed"
|
||||
exit 1
|
||||
fi
|
||||
mkdir --parents "$NICE_HOME/img/walls"
|
||||
curl --silent --output "$NICE_HOME/img/walls/clouds_by_souredapply.png" \
|
||||
"https://art.ngfiles.com/images/530000/530895_souredapple_clouds.png"
|
||||
rm --recursive --force "$HOME/.wallpaper"
|
||||
ln --symbolic "$NICE_HOME/img/walls/clouds_by_souredapply.png" "$HOME/.wallpaper"
|
||||
|
||||
# TODO: setup ssh/gpg keys
|
||||
# TODO: setup password store
|
||||
# TODO: run provision script
|
||||
|
||||
pushd "$HOME/.config/lytedev-dotfiles"
|
||||
git remote set-url origin "ssh://git@git.lyte.dev:2222/lytedev/dotfiles.git"
|
||||
./bin/setup-dotfiles
|
||||
popd
|
||||
# run_via_dotfiles_if_necessary() {
|
||||
# # clone dotfiles and re-run from repo if we're not in the repo
|
||||
# pushd "$(dirname "$0")"
|
||||
# if git remote get-url origin | grep 'lytedev/dotfiles'; then
|
||||
# echo "Already in dotfiles repo!"
|
||||
# else
|
||||
# echo "Setting up dotfiles for $EUID..."
|
||||
# d="$HOME/.config/lytedev-dotfiles"
|
||||
# mkdir --parents "$d"
|
||||
# rm --recursive --force "$d"
|
||||
# git clone "https://git.lyte.dev/lytedev/dotfiles" "$d"
|
||||
# exec "$d/bin/dotfiles-init"
|
||||
# exit 0
|
||||
# fi
|
||||
# popd
|
||||
# }
|
||||
|
||||
# nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager
|
||||
# if [ "$EUID" -eq 0 ]; then
|
||||
# if test $is_arch_linux -eq 1; then
|
||||
# pacman -Sy --needed --noconfirm git inetutils openssh sudo
|
||||
# fi
|
||||
# run_via_dotfiles_if_necessary
|
||||
# pushd "$(dirname "$0")/.."
|
||||
# if test $is_nixos -eq 1; then
|
||||
# symlink_nixos_config "$HOME/.config/lytedev-dotfiles/env/nix/"
|
||||
# nix-channel --add https://nixos.org/channels/nixos-unstable nixos-unstable
|
||||
# nix-channel --update
|
||||
# nix-shell '<home-manager>' -A install
|
||||
|
||||
# TODO: fetch password store
|
||||
# TODO: fetch notes database
|
||||
fi
|
||||
|
||||
echo "Here is this machine's public SSH key:"
|
||||
echo " $(cat "$HOME/.ssh/$(hostname --short).pub")"
|
||||
echo "It needs to be added to existing cloud-based git accounts"
|
||||
echo "and other machines before proceeding."
|
||||
echo
|
||||
echo "Don't forget to setup GPG keys by importing from an existing machine"
|
||||
echo "or adding new child keys!"
|
||||
if test $is_arch_linux -eq 1; then
|
||||
echo
|
||||
echo 'You will need to set a password for your new user.'
|
||||
fi
|
||||
echo
|
||||
echo "The simplest method for doing this is to run the following:"
|
||||
echo ' scp -r "$TARGET_MACHINE:~/.gnupg" "$HOME/.gnupg'
|
||||
# nixos-rebuild switch # this should create the `daniel` user
|
||||
# elif test $is_arch_linux -eq 1; then
|
||||
# ls -la
|
||||
# "env/arch-linux/provision.d/00-add-user.bash"
|
||||
# fi
|
||||
# c=/home/daniel/.home/.config/
|
||||
# mkdir --parents "$c"
|
||||
# chown -R daniel:users "$c"
|
||||
# cp --recursive . "$c/lytedev-dotfiles"
|
||||
# sudo --user daniel "$c/bin/init-dotfiles"
|
||||
# popd
|
||||
# exit 0
|
||||
# else
|
||||
# run_via_dotfiles_if_necessary
|
||||
# echo
|
||||
# echo
|
||||
# echo
|
||||
# echo "PREPARING TO GENERATE SSH KEY FOR USER"
|
||||
# echo
|
||||
# echo
|
||||
# echo
|
||||
# pushd "$HOME"
|
||||
# keyfile=".ssh/$(hostname --short)"
|
||||
# echo $keyfile
|
||||
# if ! [ -f "$keyfile" ]; then
|
||||
# mkdir --mode 700 --parents .ssh
|
||||
# chmod 700 .ssh
|
||||
# ls -la .ssh
|
||||
# ssh-keygen -N '' -t ed25519 -f "$keyfile"
|
||||
# mkdir --mode 755 --parents "$NICE_HOME/public"
|
||||
# cp "$keyfile.pub" "$NICE_HOME/public"
|
||||
# fi
|
||||
# popd
|
||||
# if test $is_nixos -eq 1; then
|
||||
# FUNC=$(declare -f symlink_nixos_config)
|
||||
# sudo sh -c "$FUNC; symlink_nixos_config \"$HOME/.config/lytedev-dotfiles/env/nix/\""
|
||||
# elif test $is_arch_linux -eq 1; then
|
||||
# sudo "$HOME/.config/lytedev-dotfiles/env/arch-linux/provision.sh"
|
||||
# fi
|
||||
# mkdir --parents "$NICE_HOME/img/walls"
|
||||
# curl --silent --output "$NICE_HOME/img/walls/clouds_by_souredapply.png" \
|
||||
# "https://art.ngfiles.com/images/530000/530895_souredapple_clouds.png"
|
||||
# rm --recursive --force "$HOME/.wallpaper"
|
||||
# ln --symbolic "$NICE_HOME/img/walls/clouds_by_souredapply.png" "$HOME/.wallpaper"
|
||||
#
|
||||
# # TODO: setup ssh/gpg keys
|
||||
# # TODO: setup password store
|
||||
#
|
||||
# pushd "$HOME/.config/lytedev-dotfiles"
|
||||
# git remote set-url origin "ssh://git@git.lyte.dev:2222/lytedev/dotfiles.git"
|
||||
# ./bin/setup-dotfiles
|
||||
# popd
|
||||
#
|
||||
# # nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager
|
||||
# # nix-channel --update
|
||||
# # nix-shell '<home-manager>' -A install
|
||||
#
|
||||
# # TODO: fetch password store
|
||||
# # TODO: fetch notes database
|
||||
# fi
|
||||
#
|
||||
# echo "Here is this machine's public SSH key:"
|
||||
# echo " $(cat "$HOME/.ssh/$(hostname --short).pub")"
|
||||
# echo "It needs to be added to existing cloud-based git accounts"
|
||||
# echo "and other machines before proceeding."
|
||||
# echo
|
||||
# echo "Don't forget to setup GPG keys by importing from an existing machine"
|
||||
# echo "or adding new child keys!"
|
||||
# if test $is_arch_linux -eq 1; then
|
||||
# echo
|
||||
# echo 'You will need to set a password for your new user.'
|
||||
# fi
|
||||
# echo
|
||||
# echo "The simplest method for doing this is to run the following:"
|
||||
# echo ' scp -r "$TARGET_MACHINE:~/.gnupg" "$HOME/.gnupg'
|
||||
|
|
18
common/bin/dotfiles-link-environments
Executable file
18
common/bin/dotfiles-link-environments
Executable file
|
@ -0,0 +1,18 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
set dfp (realpath (dirname (status -f))/../..)
|
||||
function files
|
||||
cat $argv[1] | while read -l l
|
||||
test -d $l && echo $l
|
||||
end
|
||||
end
|
||||
files $dfp/common/envs | \
|
||||
fzf -m --prompt "Select applicable environments (multi-select w/ TAB): " | \
|
||||
string trim | \
|
||||
read -a -d \n -z lines
|
||||
for l in $lines
|
||||
test $l = "" && continue
|
||||
set ll (string replace -a / - $l)
|
||||
echo "Linking $ENV_PATH/$ll to $dfp/$l"
|
||||
ln -s $dfp/$l $ENV_PATH/$ll &>/dev/null
|
||||
end
|
|
@ -1,6 +1,7 @@
|
|||
#!/usr/bin/env fish
|
||||
|
||||
# TODO: init from curl
|
||||
# This script's purpose is to setup the dotfiles configuration for an existing
|
||||
# and provisioned machine. For provisioning, see `./dotfiles-init`.
|
||||
|
||||
set dfp (realpath (dirname (status -f))/../..)
|
||||
set lock_file $HOME/.using-lytedev-dotfiles.lock
|
||||
|
@ -58,5 +59,5 @@ end
|
|||
|
||||
# execute the user's shell
|
||||
set ush (getent passwd $LOGNAME | cut -d: -f7)
|
||||
echo Dotfiles Installed! Running $ush
|
||||
echo "Dotfiles Installed! Don't forget to setup environments!"
|
||||
exec $ush
|
||||
|
|
23
common/envs
Normal file
23
common/envs
Normal file
|
@ -0,0 +1,23 @@
|
|||
os/linux
|
||||
os/linux/arch
|
||||
os/linux/nix
|
||||
os/linux/debian
|
||||
host/desktop
|
||||
host/desktop/wallwart
|
||||
host/desktop/rising
|
||||
host/headless
|
||||
host/headless/anonode
|
||||
host/headless/nexus
|
||||
host/headless/router
|
||||
host/headless/faceless
|
||||
host/headless/rift
|
||||
host/headless/relic
|
||||
host/headless/ruby
|
||||
host/headless/comet
|
||||
host/headless/tilde
|
||||
host/laptop
|
||||
host/laptop/third
|
||||
host/laptop/divvy-macbook
|
||||
host/laptop/postmates-macbook
|
||||
host/laptop/uber-macbook
|
||||
host/laptop/val-macbook
|
1
host/desktop/desktop
Symbolic link
1
host/desktop/desktop
Symbolic link
|
@ -0,0 +1 @@
|
|||
/home/daniel/.home/.config/lytedev-dotfiles/host/desktop
|
|
@ -10,4 +10,4 @@ docker pull archlinux -q || begin
|
|||
exit 1
|
||||
end
|
||||
|
||||
docker run -it --rm -v $DOTFILES_PATH:/dotfiles:ro archlinux sh -c "/dotfiles/os/linux/arch/provision.sh && fish"
|
||||
docker run -it --rm -v $DOTFILES_PATH:/dotfiles:ro archlinux sh -c "pacman -Sy --noconfirm git; /dotfiles/common/bin/dotfiles-init"
|
||||
|
|
4
os/linux/arch/dotfiles-init.d.sh
Normal file
4
os/linux/arch/dotfiles-init.d.sh
Normal file
|
@ -0,0 +1,4 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
# this will be run as root
|
||||
"$CURDIR/provision.sh"
|
|
@ -6,15 +6,16 @@ ud="/home/$u"
|
|||
# user exists - we will assume setup has already run
|
||||
if getent passwd "$u"; then exit 0; fi
|
||||
|
||||
pacman -S --needed --noconfirm sudo
|
||||
echo '%admin ALL=(ALL) ALL' >> /etc/sudoers.d/admin-group-sudoers
|
||||
pacman -S --needed --noconfirm sudo fish git
|
||||
groupadd admin 2>/dev/null
|
||||
echo '%admin ALL=(ALL) ALL' >> /etc/sudoers.d/admin-group-sudoers
|
||||
mkdir --parents "$ud/.home" "$ud/dl"
|
||||
useradd --home-dir "$ud/.home" \
|
||||
--groups "admin,users,uucp,lock" \
|
||||
--shell "/bin/bash" \
|
||||
"$u"
|
||||
chown --recursive "$u:$u" "$ud"
|
||||
chsh --shell /bin/fish
|
||||
echo "Setting password for user '$u'"
|
||||
|
||||
# enforce that a password is set
|
||||
|
|
|
@ -49,11 +49,11 @@ yay -Sy \
|
|||
pulseaudio pavucontrol pulsemixer `# Audio Backend and Controls` \
|
||||
playerctl `# Media Keys Controls` \
|
||||
feh `# Image Viewer & Wallpaper Manager` \
|
||||
wlroots-git sway-git `# Wayland Compositor` \
|
||||
swaylock-git swayidle-git `# Auto-Locking for Sway` \
|
||||
kanshi-git `# Monitor Management for Sway` \
|
||||
wofi-git `# Sway app launcher` \
|
||||
waybar-git mako-git `# Sway Bar & Notifications` \
|
||||
wlroots sway `# Wayland Compositor` \
|
||||
swaylock swayidle `# Auto-Locking for Sway` \
|
||||
kanshi `# Monitor Management for Sway` \
|
||||
wofi `# Sway app launcher` \
|
||||
waybar mako `# Sway Bar & Notifications` \
|
||||
slurp grim wl-clipboard `# Sway Screen Selection & Clipping` \
|
||||
pipewire pipewire-pulse libpipewire02 `# Pipewire` \
|
||||
xdg-desktop-portal xdg-desktop-portal-wlr `# Screensharing` \
|
||||
|
|
|
@ -1,11 +1,13 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
pacman -Syy
|
||||
pacman -S --noconfirm --needed fish sudo
|
||||
|
||||
is_root="$(test "$(whoami)" == 'root' && echo "1" || echo "0")"
|
||||
ls -la "$(dirname "$0")"
|
||||
for file in "$(dirname "$0")/provision.d"/*; do
|
||||
test -d "$file" && continue
|
||||
echo "Runnning $f..."
|
||||
echo "Runnning $file..."
|
||||
if <<< "$file" grep -q "AS_ROOT"; then
|
||||
if [ "$is_root" == "1" ]; then
|
||||
"$file"
|
||||
|
|
5
os/linux/nix/init.d.fish
Normal file
5
os/linux/nix/init.d.fish
Normal file
|
@ -0,0 +1,5 @@
|
|||
symlink_nixos_config() {
|
||||
rm --force "/etc/nixos/lytedev"
|
||||
ln --symbolic "$1" "/etc/nixos/lytedev"
|
||||
}
|
||||
|
Reference in a new issue