morten/configs
1
0
Fork 0
mirror of https://github.com/morten-olsen/configs.git synced 2026-02-08 00:46:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Morten Olsen
2024-12-05 23:28:18 +01:00
parent 343d7066aa
commit dce2196c32
10 changed files with 334 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
inventory.yml
View File

@@ -1,8 +1,3 @@
images:
hosts:
docker-dev:
contexts:
- privat
android: android:
hosts: hosts:
pixel9: pixel9:

2
playbooks/image.yml
View File

@@ -1,8 +1,6 @@
--- ---
- name: Setup host - name: Setup host
hosts: localhost hosts: localhost
vars:
contexts: {}
roles: roles:
- role: env_terminal - role: env_terminal
- role: env_develop - role: env_develop

20
playbooks/roles/base_system/tasks/firewall.yml Normal file
View File

@@ -0,0 +1,20 @@
- name: Install firewall
tags:
- install
ansible.builtin.package:
name:
- ufw
- name: UFW - Allow SSH connections
tags:
- config
community.general.ufw:
rule: allow
name: OpenSSH
- name: UFW - Enable and deny by default
tags:
- config
community.general.ufw:
state: enabled
default: deny

9
playbooks/roles/base_system/tasks/main.yml
View File

@@ -13,6 +13,7 @@
ansible.builtin.user: ansible.builtin.user:
name: "{{ username }}" name: "{{ username }}"
update_password: "on_create" update_password: "on_create"
password: "{{ 'iamroot' | password_hash('sha512') }}"
create_home: yes create_home: yes
group: "{{ username }}" group: "{{ username }}"
@@ -35,3 +36,11 @@
- install - install
when: archlinux when: archlinux
include_tasks: flatpak.yml include_tasks: flatpak.yml
- name: Setup sudo
when: not mac_os
include_tasks: sudo.yml
- name: Setup firewall
when: not mac_os
include_tasks: firewall.yml

13
playbooks/roles/base_system/tasks/sudo.yml Normal file
View File

@@ -0,0 +1,13 @@
- name: Install sudo
become: true
ansible.builtin.package:
name: sudo
- name: Allow sudo access
become: true
community.general.sudoers:
name: "sudo-for-{{ username }}"
state: present
user: "{{ username }}"
commands: ALL
nopassword: false

1
playbooks/roles/env_terminal/meta/main.yml
View File

@@ -9,3 +9,4 @@ dependencies:
- role: software_nvm - role: software_nvm
- role: software_nvim - role: software_nvim
- role: software_atuin - role: software_atuin
- role: software_scripts

18
playbooks/roles/server_ssh/tasks/main.yml
View File

@@ -40,3 +40,21 @@
loop_control: loop_control:
label: "{{ item.path }}" label: "{{ item.path }}"
when: item.state == 'file' when: item.state == 'file'
- name: Install ssh server
when: not mac_os
tags:
- install
ansible.builtin.package:
name:
- openssh-server
- name: Disable password authentication for root
tags:
- config
when: not mac_os
lineinfile:
path: /etc/ssh/sshd_config
state: present
regexp: "^#?PermitRootLogin"
line: "PermitRootLogin prohibit-password"

1
playbooks/roles/software_scripts/files/on-check-change.sh Normal file
View File

@@ -0,0 +1 @@
gh pr checks --fail-fast --watch && pushover.sh "`gh pr checks | awk -F '\t' '{print $2 ": " $1}'`"

258
playbooks/roles/software_scripts/files/pushover.sh Normal file
View File

@@ -0,0 +1,258 @@
#!/usr/bin/env bash
# https://github.com/akusei/pushover-bash/tree/main
set -o errexit
set -o nounset
readonly VERSION=1.21
readonly API_URL="https://api.pushover.net/1/messages.json"
readonly CONFIG_FILE="pushover-config"
readonly DEFAULT_CONFIG="/etc/pushover/${CONFIG_FILE}"
readonly USER_OVERRIDE=~/.config/pushover/${CONFIG_FILE}
readonly EXPIRE_DEFAULT=180
readonly RETRY_DEFAULT=30
HIDE_REPLY=true
showHelp()
{
local script=`basename "$0"`
echo "Send Pushover v${VERSION} scripted by Nathan Martini"
echo "Push notifications to your Android, iOS, or desktop devices"
echo
echo "NOTE: This script requires an account at http://www.pushover.net"
echo
echo "usage: ${script} <-t|--token apikey> <-u|--user userkey> [options] <MESSAGE>"
echo
echo " MESSAGE The message to send; supports HTML formatting. Quotes are not"
echo " required but recommended"
echo " -t, --token APIKEY The pushover.net API Key for your application. Not required if"
echo " using a configuration file"
echo " -u, --user USERKEY Your pushover.net user key. Not required if using a"
echo " configuration file"
echo
echo " Options:"
echo " -a, --attachment filename The Picture you want to send"
echo " -T, --title TITLE Title of the message"
echo " -d, --device NAME Comma seperated list of devices to receive message"
echo " -U, --url URL URL to send with message"
echo " --url-title URLTITLE Title of the URL"
echo " -H, --html Enable HTML formatting, cannot be used with the --monospace flag"
echo " -M, --monospace Enable monospace messages, cannot be used with the --html flag"
echo " -p, --priority PRIORITY Priority of the message"
echo " -2 - no notification/alert"
echo " -1 - quiet notification"
echo " 0 - normal priority"
echo " 1 - bypass the user's quiet hours"
echo " 2 - require confirmation from the user"
echo " -e, --expire SECONDS Set expiration time for notifications with priority 2 (default ${EXPIRE_DEFAULT})"
echo " -r, --retry COUNT Set retry period for notifications with priority 2 (default ${RETRY_DEFAULT})"
echo " -s, --sound SOUND Notification sound to play with message"
echo " pushover - Pushover (default)"
echo " bike - Bike"
echo " bugle - Bugle"
echo " cashregister - Cash Register"
echo " classical - Classical"
echo " cosmic - Cosmic"
echo " falling - Falling"
echo " gamelan - Gamelan"
echo " incoming - Incoming"
echo " intermission - Intermission"
echo " magic - Magic"
echo " mechanical - Mechanical"
echo " pianobar - Piano Bar"
echo " siren - Siren"
echo " spacealarm - Space Alarm"
echo " tugboat - Tug Boat"
echo " alien - Alien Alarm (long)"
echo " climb - Climb (long)"
echo " persistent - Persistent (long)"
echo " echo - Pushover Echo (long)"
echo " updown - Up Down (long)"
echo " none - None (silent)"
echo " -v, --verbose Return API execution reply to stdout"
echo
echo "EXAMPLES:"
echo
echo " ${script} -t xxxxxxxxxx -u yyyyyyyyyy \"This is a test\""
echo " Sends a simple \"This is a test\" message to all devices."
echo
echo " ${script} -t xxxxxxxxxx -u yyyyyyyyyy -T \"Test Title\" \"This is a test\""
echo " Sends a simple \"This is a test\" message with the title \"Test Title\" to all devices."
echo
echo " ${script} -t xxxxxxxxxx -u yyyyyyyyyy -d \"Phone,Home Desktop\" \"This is a test\""
echo " Sends a simple \"This is a test\" message to the devices named \"Phone\" and \"Home Desktop\"."
echo
echo " ${script} -t xxxxxxxxxx -u yyyyyyyyyy -U \"http://www.google.com\" --url-title Google \"This is a test\""
echo " Sends a simple \"This is a test\" message to all devices that contains a link to www.google.com titled \"Google\"."
echo
echo " ${script} -t xxxxxxxxxx -u yyyyyyyyyy -p 1 \"This is a test\""
echo " Sends a simple \"This is a test\" high priority message to all devices."
echo
echo " ${script} -t xxxxxxxxxx -u yyyyyyyyyy -s bike \"This is a test\""
echo " Sends a simple \"This is a test\" message to all devices that uses the sound of a bike bell as the notification sound."
echo
echo " ${script} -t xxxxxxxxxx -u yyyyyyyyyy -a /path/to/pic.jpg \"This is a test Pic\""
echo " Sends a simple \"This is a test Pic\" message to all devices and send the Picture with the message."
echo
}
curl --version > /dev/null 2>&1 || { echo "This script requires curl; aborting."; echo; exit 1; }
if [ -f ${DEFAULT_CONFIG} ]; then
source ${DEFAULT_CONFIG}
fi
if [ -f ${USER_OVERRIDE} ]; then
source ${USER_OVERRIDE}
fi
while [ $# -gt 0 ]
do
case "${1:-}" in
-t|--token)
api_token="${2:-}"
shift
;;
-u|--user)
user_key="${2:-}"
shift
;;
-a|--attachment)
attachment="${2:-}"
shift
;;
-T|--title)
title="${2:-}"
shift
;;
-d|--device)
device="${2:-}"
shift
;;
-U|--url)
url="${2:-}"
shift
;;
--url-title)
url_title="${2:-}"
shift
;;
-H|--html)
html=1
;;
-M|--monospace)
monospace=1
;;
-p|--priority)
priority="${2:-}"
shift
;;
-s|--sound)
sound="${2:-}"
shift
;;
-e|--expire)
expire="${2:-}"
shift
;;
-r|--retry)
retry="${2:-}"
shift
;;
-v|--verbose)
unset HIDE_REPLY
;;
-h|--help)
showHelp
exit
;;
*)
message="${*:1}"
break
;;
esac
shift
done
if [ ${priority:-0} -eq 2 ]; then
if [ -z "${expire:-}" ]; then
expire=${EXPIRE_DEFAULT}
fi
if [ -z "${retry:-}" ]; then
retry=${RETRY_DEFAULT}
fi
fi
if [ -z "${api_token:-}" ]; then
echo "-t|--token must be set"
exit 1
fi
if [ -z "${user_key:-}" ]; then
echo "-u|--user must be set"
exit 1
fi
if [ -z "${message:-}" ]; then
echo "positional argument MESSAGE must be set"
exit 1
fi
if [ ! -z "${html:-}" ] && [ ! -z "${monospace:-}" ]; then
echo "--html and --monospace are mutually exclusive"
exit 1
fi
if [ ! -z "${attachment:-}" ] && [ ! -f "${attachment}" ]; then
echo "${attachment} not found"
exit 1
fi
if [ -z "${attachment:-}" ]; then
json="{\"token\":\"${api_token}\",\"user\":\"${user_key}\",\"message\":\"${message}\""
if [ "${device:-}" ]; then json="${json},\"device\":\"${device}\""; fi
if [ "${title:-}" ]; then json="${json},\"title\":\"${title}\""; fi
if [ "${url:-}" ]; then json="${json},\"url\":\"${url}\""; fi
if [ "${url_title:-}" ]; then json="${json},\"url_title\":\"${url_title}\""; fi
if [ "${html:-}" ]; then json="${json},\"html\":1"; fi
if [ "${monospace:-}" ]; then json="${json},\"monospace\":1"; fi
if [ "${priority:-}" ]; then json="${json},\"priority\":${priority}"; fi
if [ "${expire:-}" ]; then json="${json},\"expire\":${expire}"; fi
if [ "${retry:-}" ]; then json="${json},\"retry\":${retry}"; fi
if [ "${sound:-}" ]; then json="${json},\"sound\":\"${sound}\""; fi
json="${json}}"
curl --fail -s ${HIDE_REPLY:+ -o /dev/null} \
-H "Content-Type: application/json" \
-d "${json}" \
"${API_URL}" 2>&1
else
curl --fail -s ${HIDE_REPLY:+ -o /dev/null} \
--form-string "token=${api_token}" \
--form-string "user=${user_key}" \
--form-string "message=${message}" \
--form "attachment=@${attachment}" \
${html:+ --form-string "html=1"} \
${monospace:+ --form-string "monospace=1"} \
${priority:+ --form-string "priority=${priority}"} \
${sound:+ --form-string "sound=${sound}"} \
${device:+ --form-string "device=${device}"} \
${title:+ --form-string "title=${title}"} \
"${API_URL}" 2>&1
fi

14
playbooks/roles/software_scripts/tasks/main.yml Normal file
View File

@@ -0,0 +1,14 @@
---
- name: "Copy scripts"
tags:
- config
ansible.builtin.copy:
src: "{{ item.src }}"
dest: "{{ home }}/.local/bin/{{ item.path }}"
mode: "0755"
owner: "{{ username }}"
with_community.general.filetree:
- ../files
loop_control:
label: "{{ item.path }}"
when: item.state == 'file'