hannes/dotfiles
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: hannes:e09a1210fa26dbca0447cd0d7a13f267d0c0c74a
Branches Tags
hannes:master hannes:test2
...
compare: hannes:7c6c8f8bffbfd7140185fb194877e72e688c3686
Branches Tags
hannes:master hannes:test2

18 Commits
e09a1210fa ... 7c6c8f8bff

Author SHA1 Message Date
Hannes Körber
7c6c8f8bff Add yazi 2025-10-22 10:53:31 +02:00
Hannes Körber
ead2b2fc41 Add backup configuration 2025-10-22 09:02:33 +02:00
Hannes Körber
933b232a18 Fix primary user group 2025-10-22 09:01:30 +02:00
Hannes Körber
f5b31c948d aur: Update claude-code 2025-10-22 09:01:30 +02:00
Hannes Körber
6381872f80 Try to fix update failures for local AUR packages 2025-10-22 09:01:30 +02:00
Hannes Körber
c343e3211e Remove debugging tag 2025-10-22 09:01:30 +02:00
Hannes Körber
5d6ce575d4 Move sddm into separate block 2025-10-22 09:01:30 +02:00
Hannes Körber
10708409c2 Update gpg keys first during autoupdate 2025-10-22 09:01:30 +02:00
Hannes Körber
e6307e5881 Install and enable reflector 2025-10-22 00:15:39 +02:00
Hannes Körber
3da38b1708 Resize /boot to 1GiB 2025-10-22 00:15:39 +02:00
Hannes Körber
c79811541b Update and configure mkinitcpio hooks 2025-10-22 00:15:39 +02:00
Hannes Körber
75d5875cac aur: Update spotify 2025-10-22 00:15:39 +02:00
Hannes Körber
55d91079eb aur: Update claude-code 2025-10-22 00:15:39 +02:00
Hannes Körber
ae8d83c52f Remove virtualbox 2025-10-22 00:15:39 +02:00
Hannes Körber
fc2e556a03 Add microcode to initramfs 2025-10-20 10:05:54 +02:00
Hannes Körber
1a22209bc6 aur: Update claude-code 2025-10-19 23:17:01 +02:00
Hannes Körber
c9a1f49f91 Fix doc of bootstrap command 2025-10-19 23:06:46 +02:00
Hannes Körber
aa6f2eee8c Add intel GPU packages 2025-10-19 23:06:26 +02:00
19 changed files with 254 additions and 53 deletions
Expand all files Collapse all files

2
README.md
View File

@@ -18,7 +18,7 @@ For easier installation, the install scripts are available via shortlinks. To
(re)install a new machine from a Arch live environment:
```
curl --proto '=https' -sSfL https://s.hkoerber.de/i/${hostname}.sh | bash
curl --proto '=https' -O -sSfL https://s.hkoerber.de/i/bootstrap.sh && bash bootstrap.sh {host}
```
## Manual Installation

1
_machines/ares.yml
View File

@@ -2,6 +2,7 @@ font_size: 11
gpu: amd
cpu: amd
encrypted_root: true
users:
- name: hannes

1
_machines/dionysus.yml
View File

@@ -2,6 +2,7 @@ font_size: 11
gpu: intel
cpu: intel
encrypted_root: true
users:
- name: hannes

150
_machines/hera-tasks.yml
View File

@@ -1,13 +1,5 @@
---
- name: Enable sddm
ansible.builtin.systemd:
name: sddm.service
enabled: true
daemon_reload: true
become: true
- name: Autoupdate
tags: [test]
block:
- name: Deploy autoupdate script
copy:
@@ -35,7 +27,10 @@
exit 0
fi
pacman --sync --refresh --sysupgrade --noprogressbar --noconfirm
# Make sure that keys are up to date, otherwise sig checks may fail
pacman --sync --noprogressbar --noconfirm --refresh --needed archlinux-keyring
pacman --sync --noprogressbar --noconfirm --sysupgrade
- name: Install pacman autoupdate service
ansible.builtin.copy:
@@ -91,7 +86,6 @@
- dotfiles
- libvirt
- wheel
- vboxusers
- wireshark
- docker
- sudonopw
@@ -102,6 +96,15 @@
skeleton: /dev/null
become: true
- name: Display Manager
block:
- name: Enable sddm
ansible.builtin.systemd:
name: sddm.service
enabled: true
daemon_reload: true
become: true
- name: Create sddm config folder
ansible.builtin.file:
state: directory
@@ -130,3 +133,130 @@
content: |
[Daemon]
LockOnStart=true
- name: Backup
block:
- name: create restic config directory
file:
path: /etc/restic
state: directory
owner: root
group: root
mode: "0755"
become: true
- name: create restic exclude file
copy:
dest: /etc/restic/exclude.lst
content: |
/home/*/.cache/**
/home/*/.mozilla/firefox/*/Cache/**
owner: root
group: root
mode: "0755"
become: true
- name: create restic cache directory
file:
path: /var/cache/restic
state: directory
owner: root
group: root
mode: "0700"
become: true
- name: create restic wrapper script
copy:
owner: root
group: root
mode: "0700"
dest: /usr/local/bin/restic-cmd
content: |
#!/usr/bin/env bash
source /etc/restic/env
set -o nounset
set -o errexit
set -o pipefail
export B2_ACCOUNT_ID
export B2_ACCOUNT_KEY
export RESTIC_PASSWORD_FILE=/etc/restic/repopassword
restic \
--cache-dir=/var/cache/restic/ \
--repo="b2:${BUCKET_NAME}:backup" \
--password-file=/etc/restic/repopassword \
--verbose \
"${@}"
become: true
- name: add backup script
copy:
owner: root
group: root
mode: "0700"
dest: /usr/local/bin/restic-backup
content: |
#!/usr/bin/env bash
set -o nounset
set -o errexit
set -o pipefail
run() {
name="${1}" ; shift
printf '[%s] %s - start\n' "${name}" "$(date --utc --iso-8601=seconds)"
"${@}"
printf '[%s] %s - end\n' "${name}" "$(date --utc --iso-8601=seconds)"
}
run backup restic-cmd \
backup \
--exclude-file /etc/restic/exclude.lst \
/home/
run forget restic-cmd \
forget \
--prune
--keep-daily 30 \
--keep-monthly 12 \
--keep-yearly 3
become: true
- name: Install restic backup service
ansible.builtin.copy:
dest: /etc/systemd/system/restic-backup.service
owner: root
group: root
mode: "0644"
content: |
[Service]
Type=oneshot
ExecStart=systemd-inhibit /usr/local/bin/restic-backup
become: true
- name: Install restic backup timer
ansible.builtin.copy:
dest: /etc/systemd/system/restic-backup.timer
owner: root
group: root
mode: "0644"
content: |
[Timer]
OnCalendar=daily
Persistent=true
[Install]
WantedBy=multi-user.target
become: true
- name: Enable restic backup timer
ansible.builtin.systemd:
name: restic-backup.timer
enabled: true
state: started
daemon_reload: true
become: true

1
_machines/hera.yml
View File

@@ -2,6 +2,7 @@ font_size: 11
gpu: intel
cpu: intel
encrypted_root: false
# make sure that display manager works
system_default_target: "graphical.target"

1
_machines/neptune.yml
View File

@@ -2,6 +2,7 @@ font_size: 11
gpu: nvidia
cpu: intel
encrypted_root: true
users:
- name: hannes-work

6
drivers.yml
View File

@@ -26,3 +26,9 @@ gpu:
- lib32-vulkan-nouveau
- vulkan-headers
- vulkan-tools
intel:
- mesa
- mesa-utils
- lib32-mesa
- vulkan-intel
- lib32-vulkan-intel

4
install_scripts/ares.sh
View File

@@ -25,7 +25,7 @@ sed -e 's/\s*\([^#]*\).*/\1/' << EOF | sfdisk ${DEVICE}
device: ${DEVICE}
${DEVICE}1 : name=uefi , size=512M , type=uefi
${DEVICE}2 : name=boot , size=512M , type=linux
${DEVICE}2 : name=boot , size=1G , type=linux
${DEVICE}3 : name=cryptpart , type=linux
EOF
@@ -89,7 +89,7 @@ cat <<EOF > /etc/hosts
127.0.1.1 ares
EOF
sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems resume fsck)/' /etc/mkinitcpio.conf
sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt lvm2 filesystems resume fsck)/' /etc/mkinitcpio.conf
mkinitcpio -P

4
install_scripts/dionysus.sh
View File

@@ -25,7 +25,7 @@ sed -e 's/\s*\([^#]*\).*/\1/' << EOF | sfdisk ${DEVICE}
device: ${DEVICE}
${DEVICE}p1 : name=uefi , size=512M , type=uefi
${DEVICE}p2 : name=boot , size=512M , type=linux
${DEVICE}p2 : name=boot , size=1G , type=linux
${DEVICE}p3 : name=cryptpart , type=linux
EOF
@@ -89,7 +89,7 @@ cat <<EOF > /etc/hosts
127.0.1.1 dionysus
EOF
sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems resume fsck)/' /etc/mkinitcpio.conf
sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt lvm2 filesystems resume fsck)/' /etc/mkinitcpio.conf
mkinitcpio -P

4
install_scripts/hera.sh
View File

@@ -25,7 +25,7 @@ sed -e 's/\s*\([^#]*\).*/\1/' << EOF | sfdisk ${DEVICE}
device: ${DEVICE}
${DEVICE}p1 : name=uefi, size=512M , type=uefi
${DEVICE}p2 : name=boot, size=512M , type=linux
${DEVICE}p2 : name=boot, size=1G , type=linux
${DEVICE}p3 : name=swap, size=16G , type=linux
${DEVICE}p4 : name=root, size=60G , type=linux
${DEVICE}p5 : name=home, type=linux
@@ -83,7 +83,7 @@ cat <<EOF > /etc/hosts
127.0.1.1 hera
EOF
sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect keyboard keymap consolefont modconf block filesystems resume fsck)/' /etc/mkinitcpio.conf
sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block filesystems resume fsck)/' /etc/mkinitcpio.conf
mkinitcpio -P

4
install_scripts/neptune.sh
View File

@@ -25,7 +25,7 @@ sed -e 's/\s*\([^#]*\).*/\1/' << EOF | sfdisk ${DEVICE}
device: ${DEVICE}
${DEVICE}p1 : name=uefi , size=512M , type=uefi
${DEVICE}p2 : name=boot , size=512M , type=linux
${DEVICE}p2 : name=boot , size=1G , type=linux
${DEVICE}p3 : name=cryptpart , type=linux
EOF
@@ -89,7 +89,7 @@ cat <<EOF > /etc/hosts
127.0.1.1 neptune
EOF
sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems resume fsck)/' /etc/mkinitcpio.conf
sed -i 's/^HOOKS=.*$/HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt lvm2 filesystems resume fsck)/' /etc/mkinitcpio.conf
mkinitcpio -P

2
maintenance.sh
View File

@@ -3,7 +3,7 @@
set -o nounset
set -o errexit
sudo pacman -Syu
sudo bash -c "pacman -Sy --needed archlinux-keyring && pacman -Syu"
./update-aur-pkgs.sh

19
packages.yml
View File

@@ -226,8 +226,6 @@ cloc:
archlinux: ["cloc"]
bwm-ng:
archlinux: ["bwm-ng"]
virtualbox:
archlinux: ["virtualbox"]
ssh:
archlinux: ["openssh"]
sshfs:
@@ -573,3 +571,20 @@ podman:
pulumi:
archlinux:
- pulumi
reflector:
archlinux:
- reflector
yazi:
archlinux:
- yazi
- ffmpeg
- 7zip
- jq
- poppler
- fd
- ripgrep
- fzf
- xsel
- zoxide
- resvg
- imagemagick

2
pkgbuilds/claude-code

Submodule pkgbuilds/claude-code updated: 99d01e8856...71aff8b2a6

2
pkgbuilds/spotify

Submodule pkgbuilds/spotify updated: 077f50ae05...1bd184d3a4

36
playbook.yml
View File

@@ -208,6 +208,14 @@
changed_when: unconfigured_packages_cmd.rc == 123
become: true
- name: Enable reflector timer
ansible.builtin.systemd:
name: reflector.timer
enabled: true
state: started
daemon_reload: true
become: true
- name: aur
tags:
- aur
@@ -530,6 +538,25 @@
state: present
become: true
- name: set mkinitcpio hooks
set_fact:
mkinitcpio_hooks: "base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt lvm2 filesystems resume fsck"
when: machine.encrypted_root|bool
- name: set mkinitcpio hooks
set_fact:
mkinitcpio_hooks: "base udev autodetect microcode modconf kms keyboard keymap consolefont block filesystems resume fsck"
when: not machine.encrypted_root|bool
- name: configure mkinitcpio hooks
lineinfile:
path: /etc/mkinitcpio.conf
regexp: "^#?HOOKS=.*$"
line: 'HOOKS=({{ mkinitcpio_hooks }})'
become: true
notify:
- rebuild initrd
- name: use vz4 for mkinitcpio compression
lineinfile:
path: /etc/mkinitcpio.conf
@@ -761,6 +788,15 @@
name: "{{ drivers.gpu.nvidia }}"
state: present
become: true
- name: Intel configuration
when: machine.gpu == 'intel'
block:
- name: install intel packages
package:
name: "{{ drivers.gpu.intel }}"
state: present
become: true
when:
- machine.gpu is defined

2
update-aur-pkgs.sh
View File

@@ -11,7 +11,7 @@ for pkg in pkgbuilds/* ; do
printf "checking local package %s\n" "${pkg}"
(
builtin cd "${pkg}" || exit 1
makepkg --nodeps --nobuild --noextract
makepkg --nodeps --nobuild --noextract --cleanbuild
)
fi
if git status --porcelain "${pkg}" | grep -q . ; then

4
user.yml
View File

@@ -6,7 +6,6 @@
user_groups:
- libvirt
- wheel
- vboxusers
- wireshark
- docker
- sudonopw
@@ -27,7 +26,8 @@
state: present
home: "/home/{{ user.name }}"
create_home: true
groups: "{{ [user.name, 'dotfiles'] + user_groups }}"
group: "{{ user.name }}"
groups: "{{ ['dotfiles'] + user_groups }}"
shell: /usr/bin/zsh
skeleton: /dev/null
become: true

10
zsh/zshrc.j2
View File

@@ -379,6 +379,16 @@ tmp() {
fi
}
# taken verbatim from https://yazi-rs.github.io/docs/quick-start, extended with "command" in
# the last line to not use aliased `rm`
function y() {
local tmp="$(mktemp -t "yazi-cwd.XXXXXX")" cwd
yazi "$@" --cwd-file="$tmp"
IFS= read -r -d '' cwd < "$tmp"
[ -n "$cwd" ] && [ "$cwd" != "$PWD" ] && builtin cd -- "$cwd"
command rm -f -- "$tmp"
}
setopt PROMPT_SUBST
autoload -Uz vcs_info