From f62c1d7d252f8cc0dd24fc07d7ea122022be42f0 Mon Sep 17 00:00:00 2001
From: Morten Olsen <fbtijfdq@void.black>
Date: Wed, 9 Oct 2024 12:27:02 +0200
Subject: [PATCH] run as user fixes

---
 .../base_terminal/tasks/setup-context.yml     | 10 +++++-
 playbooks/roles/env_develop/defaults/main.yml |  1 +
 playbooks/roles/env_develop/tasks/install.yml | 33 -------------------
 playbooks/roles/env_develop/tasks/main.yml    |  1 +
 .../roles/env_terminal/defaults/main.yml      |  1 +
 playbooks/roles/env_terminal/tasks/main.yml   |  1 +
 .../templates/gitconfig.context.j2            |  5 +++
 .../roles/software_nvim/defaults/main.yml     |  1 +
 playbooks/roles/software_nvim/tasks/main.yml  |  1 +
 .../roles/software_nvm/defaults/main.yml      |  1 +
 playbooks/roles/software_nvm/tasks/main.yml   |  1 +
 playbooks/roles/software_ssh/tasks/main.yml   | 29 +++++-----------
 .../.ssh/config => templates/config.j2}       |  4 +++
 .../roles/software_tmux/files/.tmux.conf      |  2 +-
 .../roles/software_zsh/defaults/main.yml      |  1 +
 playbooks/roles/software_zsh/tasks/main.yml   |  1 +
 16 files changed, 38 insertions(+), 55 deletions(-)
 create mode 100644 playbooks/roles/env_develop/defaults/main.yml
 delete mode 100644 playbooks/roles/env_develop/tasks/install.yml
 create mode 100644 playbooks/roles/env_terminal/defaults/main.yml
 create mode 100644 playbooks/roles/software_nvim/defaults/main.yml
 create mode 100644 playbooks/roles/software_nvm/defaults/main.yml
 rename playbooks/roles/software_ssh/{files/.ssh/config => templates/config.j2} (73%)
 create mode 100644 playbooks/roles/software_zsh/defaults/main.yml

diff --git a/playbooks/roles/base_terminal/tasks/setup-context.yml b/playbooks/roles/base_terminal/tasks/setup-context.yml
index c328153..447b44a 100644
--- a/playbooks/roles/base_terminal/tasks/setup-context.yml
+++ b/playbooks/roles/base_terminal/tasks/setup-context.yml
@@ -1,6 +1,14 @@
+- name: Ensure dir
+  tags:
+    - config
+  ansible.builtin.file:
+    path: "{{ context.path }}"
+    state: directory
+    owner: "{{ username }}"
+    mode: "700"
+
 - name: Setup context env
   tags:
-    - git
     - config
   ansible.builtin.template:
     src: "../templates/envrc.context.j2"
diff --git a/playbooks/roles/env_develop/defaults/main.yml b/playbooks/roles/env_develop/defaults/main.yml
new file mode 100644
index 0000000..f00d445
--- /dev/null
+++ b/playbooks/roles/env_develop/defaults/main.yml
@@ -0,0 +1 @@
+install_with_root: true
diff --git a/playbooks/roles/env_develop/tasks/install.yml b/playbooks/roles/env_develop/tasks/install.yml
deleted file mode 100644
index 21c52e7..0000000
--- a/playbooks/roles/env_develop/tasks/install.yml
+++ /dev/null
@@ -1,33 +0,0 @@
----
-- name: "Unload vars : {{ context }}"
-  ansible.builtin.include_vars: ../vars/empty.yml
-  tags:
-    - install
-
-- name: "Load vars : {{ context }}"
-  ansible.builtin.include_vars: "{{ item }}"
-  tags:
-    - install
-  with_first_found:
-    - files:
-        - "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml"
-        - "{{ ansible_distribution }}.yml"
-        - "{{ ansible_os_family }}.yml"
-        - default.yml
-      paths: ../vars/{{ context }}
-      skip: true
-
-- name: "Install dependencies : {{ context }}"
-  tags:
-    - install
-  when: desktop_pkgs
-  ansible.builtin.package:
-    name: "{{ dev_pkgs }}"
-
-- name: "Install casks : {{ context }}"
-  tags:
-    - install
-  when: dev_casks
-  community.general.homebrew_cask:
-    name: "{{ dev_casks }}"
-    state: installed
diff --git a/playbooks/roles/env_develop/tasks/main.yml b/playbooks/roles/env_develop/tasks/main.yml
index cb8cc53..4324870 100644
--- a/playbooks/roles/env_develop/tasks/main.yml
+++ b/playbooks/roles/env_develop/tasks/main.yml
@@ -15,6 +15,7 @@
 - name: "Install dependencies"
   tags:
     - install
+  become: "{{ install_with_root }}"
   when: env_develop_pkgs
   ansible.builtin.package:
     name: "{{ env_develop_pkgs }}"
diff --git a/playbooks/roles/env_terminal/defaults/main.yml b/playbooks/roles/env_terminal/defaults/main.yml
new file mode 100644
index 0000000..f00d445
--- /dev/null
+++ b/playbooks/roles/env_terminal/defaults/main.yml
@@ -0,0 +1 @@
+install_with_root: true
diff --git a/playbooks/roles/env_terminal/tasks/main.yml b/playbooks/roles/env_terminal/tasks/main.yml
index 871af5a..fd3846f 100644
--- a/playbooks/roles/env_terminal/tasks/main.yml
+++ b/playbooks/roles/env_terminal/tasks/main.yml
@@ -13,6 +13,7 @@
       skip: true
 
 - name: "Install dependencies"
+  become: "{{ install_with_root }}"
   tags:
     - install
   when: terminal_pkgs
diff --git a/playbooks/roles/software_git/templates/gitconfig.context.j2 b/playbooks/roles/software_git/templates/gitconfig.context.j2
index 11df110..37df1fe 100644
--- a/playbooks/roles/software_git/templates/gitconfig.context.j2
+++ b/playbooks/roles/software_git/templates/gitconfig.context.j2
@@ -11,7 +11,12 @@
   format = ssh
 
 [gpg "ssh"]
+{% if mac_os %}
   program = "/Applications/1Password.app/Contents/MacOS/op-ssh-sign"
+{% else %}
+  program = "/opt/1Password/op-ssh-sign"
+{% endif %}
+
 {% endif %}
 
 {% if 'replacements' in git %}
diff --git a/playbooks/roles/software_nvim/defaults/main.yml b/playbooks/roles/software_nvim/defaults/main.yml
new file mode 100644
index 0000000..f00d445
--- /dev/null
+++ b/playbooks/roles/software_nvim/defaults/main.yml
@@ -0,0 +1 @@
+install_with_root: true
diff --git a/playbooks/roles/software_nvim/tasks/main.yml b/playbooks/roles/software_nvim/tasks/main.yml
index 0bfd120..2300a52 100644
--- a/playbooks/roles/software_nvim/tasks/main.yml
+++ b/playbooks/roles/software_nvim/tasks/main.yml
@@ -2,6 +2,7 @@
 - name: Install dependencies
   tags:
     - install
+  become: "{{ install_with_root }}"
   ansible.builtin.package:
     name:
       - neovim
diff --git a/playbooks/roles/software_nvm/defaults/main.yml b/playbooks/roles/software_nvm/defaults/main.yml
new file mode 100644
index 0000000..f00d445
--- /dev/null
+++ b/playbooks/roles/software_nvm/defaults/main.yml
@@ -0,0 +1 @@
+install_with_root: true
diff --git a/playbooks/roles/software_nvm/tasks/main.yml b/playbooks/roles/software_nvm/tasks/main.yml
index 47a215d..59d8e79 100644
--- a/playbooks/roles/software_nvm/tasks/main.yml
+++ b/playbooks/roles/software_nvm/tasks/main.yml
@@ -1,5 +1,6 @@
 ---
 - name: Install dependencies
+  become: "{{ install_with_root }}"
   ansible.builtin.package:
     name:
       - git
diff --git a/playbooks/roles/software_ssh/tasks/main.yml b/playbooks/roles/software_ssh/tasks/main.yml
index 3167c51..47c844a 100644
--- a/playbooks/roles/software_ssh/tasks/main.yml
+++ b/playbooks/roles/software_ssh/tasks/main.yml
@@ -1,29 +1,18 @@
-- name: Copy config
+---
+- name: Ensure dir
   tags:
-    - git
     - config
   ansible.builtin.file:
-    mode: "{{ item.mode }}"
-    path: "{{ home }}/{{ item.path }}"
+    path: "{{ home }}/.ssh"
+    mode: "0700"
     owner: "{{ username }}"
     state: directory
-  with_community.general.filetree:
-    - ../files
-  loop_control:
-    label: "{{ item.path }}"
-  when: item.state == 'directory'
 
-- name: "Copy configs"
+- name: Setup config
   tags:
-    - git
     - config
-  ansible.builtin.copy:
-    src: "{{ item.src }}"
-    dest: "{{ home }}/{{ item.path }}"
-    mode: "{{ item.mode }}"
+  ansible.builtin.template:
+    src: "../templates/config.j2"
+    dest: "{{ home }}/.ssh/config"
     owner: "{{ username }}"
-  with_community.general.filetree:
-    - ../files
-  loop_control:
-    label: "{{ item.path }}"
-  when: item.state == 'file'
+    mode: "644"
diff --git a/playbooks/roles/software_ssh/files/.ssh/config b/playbooks/roles/software_ssh/templates/config.j2
similarity index 73%
rename from playbooks/roles/software_ssh/files/.ssh/config
rename to playbooks/roles/software_ssh/templates/config.j2
index bfa79ad..7d1f755 100644
--- a/playbooks/roles/software_ssh/files/.ssh/config
+++ b/playbooks/roles/software_ssh/templates/config.j2
@@ -5,6 +5,10 @@ Include ~/.ssh/config.d/*
 Host *
   Controlmaster auto
   Controlpath /tmp/ssh-%r@%h:%p
+  {% if mac_os %}
   IdentityAgent "~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"
+  {% else %}
+  IdentityAgent ~/.1password/agent.sock
+  {% endif %}
   ForwardAgent yes
 
diff --git a/playbooks/roles/software_tmux/files/.tmux.conf b/playbooks/roles/software_tmux/files/.tmux.conf
index 3cae85f..7c72099 100644
--- a/playbooks/roles/software_tmux/files/.tmux.conf
+++ b/playbooks/roles/software_tmux/files/.tmux.conf
@@ -1,5 +1,5 @@
 set -g mouse on
-set -g default-terminal "screen-256color-bce"
+#set -g default-terminal "screen-256color-bce"
 #set -g status-justify centre
 
 #set -ga terminal-overrides ',xterm-256color:Tc'
diff --git a/playbooks/roles/software_zsh/defaults/main.yml b/playbooks/roles/software_zsh/defaults/main.yml
new file mode 100644
index 0000000..f00d445
--- /dev/null
+++ b/playbooks/roles/software_zsh/defaults/main.yml
@@ -0,0 +1 @@
+install_with_root: true
diff --git a/playbooks/roles/software_zsh/tasks/main.yml b/playbooks/roles/software_zsh/tasks/main.yml
index 8cda4f7..b861777 100644
--- a/playbooks/roles/software_zsh/tasks/main.yml
+++ b/playbooks/roles/software_zsh/tasks/main.yml
@@ -2,6 +2,7 @@
 - name: Install core dependencies
   tags:
     - install
+  become: "{{ install_with_root }}"
   ansible.builtin.package:
     name:
       - zsh