mirror of
https://github.com/morten-olsen/configs.git
synced 2026-02-08 00:46:24 +01:00
fix permissions
This commit is contained in:
Morten Olsen
@@ -1,9 +1,9 @@
|
|||||||
FROM fedora
|
FROM fedora
|
||||||
RUN dnf update -y && dnf install -y \
|
RUN dnf update -y && dnf install -y \
|
||||||
ansible
|
ansible
|
||||||
RUN useradd -m -s /bin/bash -d /home/alice alice
|
|
||||||
COPY . /opt/setup
|
COPY . /opt/setup
|
||||||
RUN ansible-playbook /opt/setup/playbooks/image.yml
|
RUN ansible-playbook /opt/setup/playbooks/image.yml
|
||||||
RUN mkdir /workspace && chown alice:alice /workspace
|
RUN mkdir /workspace && chown alice:alice /workspace
|
||||||
USER dev
|
USER alice
|
||||||
WORKDIR /workspace
|
VOLUME /home/alice/workspace
|
||||||
|
WORKDIR /home/alice/Projects
|
||||||
|
|||||||
@@ -2,7 +2,7 @@
|
|||||||
tags: always
|
tags: always
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
username: alice
|
username: alice
|
||||||
home: "{{ ansible_env.HOME }}"
|
home: "/home/alice"
|
||||||
use_become: true
|
use_become: true
|
||||||
mac_os: "{{ ansible_distribution == 'MacOSX' }}"
|
mac_os: "{{ ansible_distribution == 'MacOSX' }}"
|
||||||
|
|
||||||
@@ -11,3 +11,4 @@
|
|||||||
when: mac_os
|
when: mac_os
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
install_with_root: false
|
install_with_root: false
|
||||||
|
home: "/Users/alice"
|
||||||
|
|||||||
@@ -15,3 +15,11 @@
|
|||||||
update_password: "on_create"
|
update_password: "on_create"
|
||||||
create_home: yes
|
create_home: yes
|
||||||
group: "{{ username }}"
|
group: "{{ username }}"
|
||||||
|
|
||||||
|
- name: Ensure home
|
||||||
|
tags: always
|
||||||
|
become: true
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ home }}"
|
||||||
|
state: directory
|
||||||
|
owner: "{{ username }}"
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
---
|
---
|
||||||
dependencies:
|
dependencies:
|
||||||
- role: base_info
|
- role: base_info
|
||||||
|
- role: base_system
|
||||||
|
|||||||
@@ -5,6 +5,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
path: "{{ home }}/{{ item.path }}"
|
path: "{{ home }}/{{ item.path }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: directory
|
state: directory
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files/
|
- ../files/
|
||||||
@@ -19,6 +20,7 @@
|
|||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path }}"
|
dest: "{{ home }}/{{ item.path }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
loop_control:
|
loop_control:
|
||||||
|
|||||||
@@ -6,6 +6,7 @@
|
|||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
path: "{{ home }}/{{ item.path }}"
|
path: "{{ home }}/{{ item.path }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
loop_control:
|
loop_control:
|
||||||
@@ -19,6 +20,7 @@
|
|||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path | regex_replace('\\.j2$', '') }}"
|
dest: "{{ home }}/{{ item.path | regex_replace('\\.j2$', '') }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../templates
|
- ../templates
|
||||||
loop_control:
|
loop_control:
|
||||||
@@ -32,6 +34,7 @@
|
|||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path }}"
|
dest: "{{ home }}/{{ item.path }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
loop_control:
|
loop_control:
|
||||||
|
|||||||
@@ -24,6 +24,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ home }}/.local/bin"
|
path: "{{ home }}/.local/bin"
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Move bin
|
- name: Move bin
|
||||||
@@ -46,6 +47,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
path: "{{ home }}/{{ item.path }}"
|
path: "{{ home }}/{{ item.path }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: directory
|
state: directory
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
@@ -60,6 +62,7 @@
|
|||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path }}"
|
dest: "{{ home }}/{{ item.path }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
loop_control:
|
loop_control:
|
||||||
|
|||||||
@@ -16,6 +16,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
path: "{{ home }}/{{ item.path }}"
|
path: "{{ home }}/{{ item.path }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: directory
|
state: directory
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
@@ -30,6 +31,7 @@
|
|||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path }}"
|
dest: "{{ home }}/{{ item.path }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
@@ -44,6 +46,7 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "../templates/gitconfig.j2"
|
src: "../templates/gitconfig.j2"
|
||||||
dest: "{{ home }}/.gitconfig"
|
dest: "{{ home }}/.gitconfig"
|
||||||
|
owner: "{{ username }}"
|
||||||
mode: "644"
|
mode: "644"
|
||||||
|
|
||||||
- name: Setup contexts
|
- name: Setup contexts
|
||||||
|
|||||||
@@ -5,12 +5,23 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "../templates/gitconfig.context.j2"
|
src: "../templates/gitconfig.context.j2"
|
||||||
dest: "{{ context.path }}/.gitconfig"
|
dest: "{{ context.path }}/.gitconfig"
|
||||||
|
owner: "{{ username }}"
|
||||||
mode: "644"
|
mode: "644"
|
||||||
vars:
|
vars:
|
||||||
git: "{{ context.git }}"
|
git: "{{ context.git }}"
|
||||||
name: "{{ name }}"
|
name: "{{ name }}"
|
||||||
when: "'git' in context"
|
when: "'git' in context"
|
||||||
|
|
||||||
|
- name: Ensure dir
|
||||||
|
tags:
|
||||||
|
- git
|
||||||
|
- config
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ context.path }}"
|
||||||
|
state: directory
|
||||||
|
owner: "{{ username }}"
|
||||||
|
mode: "0700"
|
||||||
|
|
||||||
- name: Setup context ssh config
|
- name: Setup context ssh config
|
||||||
tags:
|
tags:
|
||||||
- git
|
- git
|
||||||
@@ -18,6 +29,7 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "../templates/sshconfig.context.j2"
|
src: "../templates/sshconfig.context.j2"
|
||||||
dest: "{{ home }}/.ssh/config.d/git-{{ name }}"
|
dest: "{{ home }}/.ssh/config.d/git-{{ name }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
mode: "644"
|
mode: "644"
|
||||||
vars:
|
vars:
|
||||||
name: "{{ name }}"
|
name: "{{ name }}"
|
||||||
@@ -30,6 +42,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ home }}/.ssh/keys"
|
path: "{{ home }}/.ssh/keys"
|
||||||
state: directory
|
state: directory
|
||||||
|
owner: "{{ username }}"
|
||||||
mode: "0700"
|
mode: "0700"
|
||||||
|
|
||||||
- name: Setup context public key
|
- name: Setup context public key
|
||||||
@@ -39,5 +52,6 @@
|
|||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
content: "{{ context.git.signing_key }}"
|
content: "{{ context.git.signing_key }}"
|
||||||
dest: "{{ home }}/.ssh/keys/github-{{ name }}.pub"
|
dest: "{{ home }}/.ssh/keys/github-{{ name }}.pub"
|
||||||
|
owner: "{{ username }}"
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
when: "'git' in context and 'signing_key' in context.git"
|
when: "'git' in context and 'signing_key' in context.git"
|
||||||
|
|||||||
@@ -1,22 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Configure neovim
|
|
||||||
tags:
|
|
||||||
- config
|
|
||||||
- nvim
|
|
||||||
ansible.builtin.git:
|
|
||||||
repo: https://github.com/morten-olsen/nvim
|
|
||||||
dest: "{{ home }}/.config/nvim"
|
|
||||||
accept_newhostkey: true
|
|
||||||
clone: true
|
|
||||||
update: true
|
|
||||||
force: true
|
|
||||||
|
|
||||||
- name: Prepare neovim
|
|
||||||
tags:
|
|
||||||
- config
|
|
||||||
- nvim
|
|
||||||
register: nviminstall
|
|
||||||
changed_when: nviminstall.stdout != ''
|
|
||||||
ansible.builtin.shell: nvim --headless +q
|
|
||||||
args:
|
|
||||||
executable: /bin/bash
|
|
||||||
@@ -14,6 +14,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
path: "{{ home }}/{{ item.path }}"
|
path: "{{ home }}/{{ item.path }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: directory
|
state: directory
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
@@ -21,7 +22,7 @@
|
|||||||
label: "{{ item.path }}"
|
label: "{{ item.path }}"
|
||||||
when: item.state == 'directory'
|
when: item.state == 'directory'
|
||||||
|
|
||||||
- name: Copy config {{ context }}
|
- name: Copy config
|
||||||
tags:
|
tags:
|
||||||
- nvim
|
- nvim
|
||||||
- config
|
- config
|
||||||
@@ -29,6 +30,7 @@
|
|||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path }}"
|
dest: "{{ home }}/{{ item.path }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
loop_control:
|
loop_control:
|
||||||
@@ -39,6 +41,8 @@
|
|||||||
tags:
|
tags:
|
||||||
- config
|
- config
|
||||||
- nvim
|
- nvim
|
||||||
|
become: true
|
||||||
|
become_user: "{{ username }}"
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
repo: https://github.com/morten-olsen/nvim
|
repo: https://github.com/morten-olsen/nvim
|
||||||
dest: "{{ home }}/Projects/private/nvim"
|
dest: "{{ home }}/Projects/private/nvim"
|
||||||
@@ -53,6 +57,7 @@
|
|||||||
- nvim
|
- nvim
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ home }}/.config"
|
path: "{{ home }}/.config"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: directory
|
state: directory
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
|
||||||
@@ -63,12 +68,15 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
src: "{{ home }}/Projects/private/nvim"
|
src: "{{ home }}/Projects/private/nvim"
|
||||||
dest: "{{ home }}/.config/nvim"
|
dest: "{{ home }}/.config/nvim"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: link
|
state: link
|
||||||
|
|
||||||
- name: Prepare neovim
|
- name: Prepare neovim
|
||||||
tags:
|
tags:
|
||||||
- config
|
- config
|
||||||
- nvim
|
- nvim
|
||||||
|
become: true
|
||||||
|
become_user: "{{ username }}"
|
||||||
register: nviminstall
|
register: nviminstall
|
||||||
changed_when: nviminstall.stdout != ''
|
changed_when: nviminstall.stdout != ''
|
||||||
ansible.builtin.shell: nvim --headless +q
|
ansible.builtin.shell: nvim --headless +q
|
||||||
|
|||||||
@@ -7,6 +7,8 @@
|
|||||||
- name: Clone nvm
|
- name: Clone nvm
|
||||||
tags:
|
tags:
|
||||||
- install
|
- install
|
||||||
|
become_user: "{{ username }}"
|
||||||
|
become: true
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
accept_newhostkey: true
|
accept_newhostkey: true
|
||||||
clone: true
|
clone: true
|
||||||
@@ -18,6 +20,7 @@
|
|||||||
- name: Install node and set version
|
- name: Install node and set version
|
||||||
tags:
|
tags:
|
||||||
- config
|
- config
|
||||||
|
become_user: "{{ username }}"
|
||||||
register: nodeinstall
|
register: nodeinstall
|
||||||
ansible.builtin.shell: source {{ home }}/.nvm/nvm.sh && nvm install 22
|
ansible.builtin.shell: source {{ home }}/.nvm/nvm.sh && nvm install 22
|
||||||
changed_when: "'is already installed' not in nodeinstall.stderr"
|
changed_when: "'is already installed' not in nodeinstall.stderr"
|
||||||
@@ -30,6 +33,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
path: "{{ home }}/{{ item.path }}"
|
path: "{{ home }}/{{ item.path }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: directory
|
state: directory
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
@@ -44,6 +48,7 @@
|
|||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path }}"
|
dest: "{{ home }}/{{ item.path }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
loop_control:
|
loop_control:
|
||||||
|
|||||||
@@ -5,6 +5,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
path: "{{ home }}/{{ item.path }}"
|
path: "{{ home }}/{{ item.path }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: directory
|
state: directory
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
@@ -20,6 +21,7 @@
|
|||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path }}"
|
dest: "{{ home }}/{{ item.path }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
loop_control:
|
loop_control:
|
||||||
|
|||||||
@@ -22,7 +22,8 @@
|
|||||||
tags: always
|
tags: always
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
path: "{{ home }}/.scripts"
|
path: "{{ home }}/.local/bin"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Move bin
|
- name: Move bin
|
||||||
@@ -30,5 +31,6 @@
|
|||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
remote_src: true
|
remote_src: true
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
owner: "{{ username }}"
|
||||||
src: "{{ software_starship_unpack_file }}"
|
src: "{{ software_starship_unpack_file }}"
|
||||||
dest: "{{ home }}/.local/bin/starship"
|
dest: "{{ home }}/.local/bin/starship"
|
||||||
|
|||||||
@@ -5,6 +5,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
path: "{{ home }}/{{ item.path }}"
|
path: "{{ home }}/{{ item.path }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: directory
|
state: directory
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
@@ -19,6 +20,7 @@
|
|||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path | regex_replace('\\.j2$', '') }}"
|
dest: "{{ home }}/{{ item.path | regex_replace('\\.j2$', '') }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../templates
|
- ../templates
|
||||||
loop_control:
|
loop_control:
|
||||||
@@ -32,6 +34,7 @@
|
|||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path }}"
|
dest: "{{ home }}/{{ item.path }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
loop_control:
|
loop_control:
|
||||||
|
|||||||
@@ -20,6 +20,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
path: "{{ home }}/{{ item.path }}"
|
path: "{{ home }}/{{ item.path }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
state: directory
|
state: directory
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
@@ -34,6 +35,7 @@
|
|||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path | regex_replace('\\.j2$', '') }}"
|
dest: "{{ home }}/{{ item.path | regex_replace('\\.j2$', '') }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../templates
|
- ../templates
|
||||||
loop_control:
|
loop_control:
|
||||||
@@ -47,6 +49,7 @@
|
|||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ home }}/{{ item.path }}"
|
dest: "{{ home }}/{{ item.path }}"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
|
owner: "{{ username }}"
|
||||||
with_community.general.filetree:
|
with_community.general.filetree:
|
||||||
- ../files
|
- ../files
|
||||||
loop_control:
|
loop_control:
|
||||||
|
|||||||
Reference in New Issue
Block a user