next #1

Open
sneak wants to merge 27 commits from next into master
10 changed files with 279 additions and 205 deletions
Showing only changes of commit 22de9e5fac - Show all commits

View File

@ -1,4 +1,5 @@
FROM ubuntu@sha256:8e1c1ee12a539d652c371ee2f4ee66909f4f5fd8002936d8011d958f05faf989
# focal as of 2020-04-23
FROM ubuntu@sha256:5747316366b8cc9e3021cd7286f42b2d6d81e3d743e2ab571f55bcd5df788cc8
ENV DEBIAN_FRONTEND noninteractive
@ -6,7 +7,7 @@ ARG UBUNTU_MIRROR=http://archive.ubuntu.com/ubuntu
ARG UID_TO_ADD=1000
ARG GID_TO_ADD=1000
ARG USERNAME_TO_ADD=sneak
ARG USERNAME_TO_ADD=user
RUN \
echo "deb $UBUNTU_MIRROR focal main universe restricted multiverse" > /etc/apt/sources.list.new && \
@ -15,29 +16,190 @@ RUN \
echo "deb $UBUNTU_MIRROR focal-backports main universe restricted multiverse" >> /etc/apt/sources.list.new && \
mv /etc/apt/sources.list.new /etc/apt/sources.list
RUN \
groupadd -g $GID_TO_ADD $USERNAME_TO_ADD && \
groupadd nixbld && \
useradd -u $UID_TO_ADD -g $GID_TO_ADD --home-dir /home/user -m -s /bin/bash $USERNAME_TO_ADD && \
usermod -p '*' $USERNAME_TO_ADD
ADD https://sneak.cloud/authorized_keys /root/.ssh/authorized_keys
ADD https://sneak.cloud/authorized_keys /home/user/.ssh/authorized_keys
# we only install essential system packages here
ARG SYSTEM_PACKAGES="build-essential ca-certificates openssh-server git golang rsync runit locales"
ARG SYSTEM_PACKAGES="\
anacron \
apt-transport-https \
build-essential \
byobu \
ca-certificates \
cron \
cronic \
curl \
git \
golang \
locales \
openssh-server \
rsync \
runit \
sudo \
tmux \
"
RUN \
apt update && \
apt -y upgrade && \
apt -y install $SYSTEM_PACKAGES && \
groupadd -g $GID_TO_ADD $USERNAME_TO_ADD && \
useradd -u $UID_TO_ADD -g $GID_TO_ADD --home-dir /home/user -s /bin/bash $USERNAME_TO_ADD && \
usermod -p '*' $USERNAME_TO_ADD && \
echo $USERNAME_TO_ADD > /etc/workuser && \
go get -v -u github.com/peterbourgon/runsvinit && \
cp /root/go/bin/runsvinit /usr/local/sbin/runsvinit && \
rm -rf /root/go && \
rm /etc/ssh/*host*key*
rm /etc/ssh/*host*key* && \
apt -y purge golang && \
apt -y autoremove
# nix for pkgs pls
RUN mkdir /nix && chown user:user /nix
ARG OTHER_PACKAGES=" \
apt-utils \
aspell \
aspell-en \
automake \
avahi-daemon \
avahi-utils \
bash-completion \
bc \
bind9-host \
bonnie++ \
build-essential \
byobu \
ca-certificates \
cmake \
curl \
daemontools \
debmirror \
default-jdk \
default-jre \
diffstat \
dnsutils \
docker.io \
dos2unix \
editorconfig \
ffmpeg \
fonts-indic \
fonts-ipafont-gothic \
fonts-ipafont-mincho \
fortune \
git \
gnupg2 \
gnupg-agent \
golang-go \
host \
imagemagick \
iputils-ping \
irssi \
jq \
lcov \
ldap-auth-client \
ldap-utils \
libasound2 \
libatk1.0-0 \
libboost-all-dev \
libbz2-dev \
libdb++-dev \
libffi-dev \
libgconf-2-4 \
libgtk-3-0 \
libjpeg-dev \
liblzma-dev \
libncurses5-dev \
libnss3 \
libnss-mdns \
libpng-dev \
libreadline-dev \
libsqlite3-dev \
libssl-dev \
libtool \
libxcursor1 \
libxml2 \
libxml2-dev \
libxmlsec1-dev \
libxslt1-dev \
llvm \
locales \
lsof \
mailutils \
make \
man \
man-db \
mercurial \
mosh \
mutt \
netcat-openbsd \
nmap \
nscd \
openssh-server \
pandoc \
pass \
pbzip2 \
pinentry-curses \
pkg-config \
psmisc \
pv \
pwgen \
python3 \
python3-dev \
python3-pip \
rbenv \
rsync \
rsyslog \
rsyslog-gnutls \
rsyslog-relp \
screen \
snmp \
snmpd \
socat \
software-properties-common \
strace \
sudo \
tcpdump \
telnet \
texlive-latex-base \
tk-dev \
tmux \
tree \
ttf-wqy-microhei \
ttf-wqy-zenhei \
vagrant \
vim \
vim-gtk \
wamerican-insane \
wget \
xterm \
xz-utils \
zfsutils-linux \
zip \
zlib1g-dev \
"
#RUN apt -y install $OTHER_PACKAGES
USER root
ENV HOME /root
COPY ./root /
COPY ./build /tmp/build
RUN bash /tmp/build/run.sh && rm -rf /tmp/build
RUN bash /tmp/build/root.sh
USER user
ENV HOME /home/user
RUN bash /tmp/build/user.sh
USER root
ENV HOME /root
RUN rm -rf /tmp/build
RUN chsh --shell /home/user/.nix-profile/bin/zsh user
RUN chmod +rx /etc/service/*/run
CMD ["/usr/local/sbin/runsvinit"]

View File

@ -1,4 +1,13 @@
#export DOCKER_HOST := ssh://las1.eeqj.de
.PHONY: build
build:
sudo docker build --build-arg UBUNTU_MIRROR=http://ubuntumirror.app.las1.eeqj.de/ubuntu . 2>&1 | tee -a build.log
docker build \
--build-arg UBUNTU_MIRROR=http://us.archive.ubuntu.com/ubuntu \
-t sneak/work \
. \
2>&1 | tee -a build.log
enter:
docker run -ti --rm=true -e HOME=/home/user -e USER=user --user=user -v /home/sneak:/home/user/.home sneak/work /home/user/.nix-profile/bin/zsh

View File

@ -1,122 +0,0 @@
apt-transport-https
apt-utils
aspell
aspell-en
automake
avahi-daemon
avahi-utils
bash-completion
bc
bind9-host
bonnie++
build-essential
byobu
ca-certificates
cmake
curl
daemontools
debmirror
default-jdk
default-jre
diffstat
dnsutils
docker.io
dos2unix
editorconfig
ffmpeg
fonts-indic
fonts-ipafont-gothic
fonts-ipafont-mincho
fortune
git
gnupg2
gnupg-agent
golang-go
host
imagemagick
iputils-ping
irssi
jq
lcov
ldap-auth-client
ldap-utils
libasound2
libatk1.0-0
libboost-all-dev
libbz2-dev
libdb++-dev
libffi-dev
libgconf-2-4
libgtk-3-0
libjpeg-dev
liblzma-dev
libncurses5-dev
libnss3
libnss-mdns
libpng-dev
libreadline-dev
libsqlite3-dev
libssl-dev
libtool
libxcursor1
libxml2
libxml2-dev
libxmlsec1-dev
libxslt1-dev
llvm
locales
lsof
mailutils
make
man
man-db
mercurial
mosh
mutt
netcat-openbsd
nmap
nscd
openssh-server
pandoc
pass
pbzip2
pinentry-curses
pkg-config
psmisc
pv
pwgen
python3
python3-dev
python3-pip
rbenv
rsync
rsyslog
rsyslog-gnutls
rsyslog-relp
runit
screen
snmp
snmpd
socat
software-properties-common
strace
sudo
tcpdump
telnet
texlive-latex-base
tk-dev
tmux
tree
ttf-wqy-microhei
ttf-wqy-zenhei
vagrant
vim
vim-gtk
wamerican-insane
wget
xterm
xz-utils
zfsutils-linux
zip
zlib1g-dev
zsh

View File

@ -1,6 +1,6 @@
#!/bin/bash
echo "##### build/run.sh"
echo "##### build/root.sh"
export LANG="en_US.UTF-8"
export LANGUAGE="en_US:en"
@ -12,8 +12,6 @@ TD="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)"
cd "$TD"
apt install -y $(cat packages.txt)
SSH_HOST_KEY_FILES="
ssh_host_ecdsa_key
ssh_host_ecdsa_key.pub
@ -35,8 +33,10 @@ ln -s /hostroot/root /root/.home
# install other stuff here
pip3 install -U pip
pip3 install black
# FIXME do these with nix:
#pip3 install -U pip
#pip3 install black
# install python packages
# install yarn
# install prettier
@ -46,12 +46,5 @@ mkdir -p /home/user/.ssh
cp /root/.ssh/authorized_keys /home/user/.ssh/authorized_keys
echo chown -Rv $UID_TO_ADD:$GID_TO_ADD /home/user
chown -Rv $UID_TO_ADD:$GID_TO_ADD /home/user
chsh --shell $(which zsh) $USERNAME_TO_ADD
echo "$USERNAME_TO_ADD ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/user
sudo \
--set-home \
--non-interactive \
-u $USERNAME_TO_ADD \
bash ./user.sh

View File

@ -4,8 +4,10 @@ set -x
TD="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)"
U="$USERNAME_TO_ADD"
U="user"
export HOME=/home/user
export USER=user
export LC_ALL=en_US
export LANG=en_US.UTF-8
@ -14,43 +16,26 @@ OH="/hosthome"
# link ~/.home to original home
ln -s "/hosthome" $HOME/.home
# oh-my-zsh
curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh > /tmp/installomz.sh
export ZSH="$HOME/.zsh"
bash /tmp/installomz.sh --unattended --keep-zshrc
zsh -c 'vim &'
#vim -s ~/.vimrc -c 'q!'
# vim-plug
# this should happen from vimrc
#curl -fLo ~/.vim/autoload/plug.vim --create-dirs \
# https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
# link in ssh key from original home
mkdir -p ~/.ssh
ln -s ~/.home/Documents/sync/secrets/ssh/pixel16/id_rsa ~/.ssh/id_rsa
ln -s ~/.home/Documents/sync/secrets/ssh/pixel16/id_rsa.pub ~/.ssh/id_rsa.pub
# /nix is already created for us and chowned to us by now:
curl -L https://nixos.org/nix/install | sh
# install pyenv
git clone -n https://github.com/pyenv/pyenv.git ~/.pyenv
pushd ~/.pyenv
git checkout 3e0f5e798ca16cd9389c4c8805038ac2c0d45cae
popd
source /home/user/.nix-profile/etc/profile.d/nix.sh
export PYENV_ROOT="$HOME/.pyenv"
export PATH="$PYENV_ROOT/bin:$PATH"
eval "$(pyenv init -)"
pyenv install 3.8.2
pyenv global 3.8.2
# this should install all the packages from the config.nix:
nix-env -i workEnv
git clone -n https://github.com/nvm-sh/nvm.git ~/.nvm
pushd ~/.nvm
git checkout 73438e339e242fce0cba443e5c4322ac996e9197
popd
# FIXME have this pull from synced dir instead
# oh-my-zsh
curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh > /tmp/installomz.sh
export ZSH="$HOME/.zsh"
zsh /tmp/installomz.sh && rm /tmp/installomz.sh
export NVM_DIR="$HOME/.nvm"
source "$NVM_DIR/nvm.sh"
nvm install node
###############################################################################
##### Personal Config
@ -59,3 +44,18 @@ nvm install node
# to abandon that hope and hardcode my own values in here.
git config --global user.email sneak@sneak.berlin
git config --global user.name sneak
mkdir -p ~/.paths
# TODO FIXME change the syncthing paths on las1 when convenient sometime
ln -s ~/.home/Documents/syncthing/folders/sync ~/.paths/sneak-sync
ln -s ~/.home/Documents/syncthing/folders/scratch ~/.paths/sneak-scratch
ln -s ~/.home/Documents/syncthing/folders/sneak-docs ~/.paths/sneak-docs
ln -s ~/.paths/sneak-docs ~/Documents
ln -s ~/.paths/sneak-scratch/dev ~/dev
ln -s ~/.paths/sneak-sync/dotfiles/weechat ~/.weechat
ln -s ~/.paths/sneak-sync/ssh/config ~/.ssh/config
# link in ssh key from original home
mkdir -p ~/.ssh
ln -s ~/.paths/sneak-sync/secrets/ssh/pixel16/id_rsa ~/.ssh/id_rsa
ln -s ~/.paths/sneak-sync/secrets/ssh/pixel16/id_rsa.pub ~/.ssh/id_rsa.pub

View File

@ -1,21 +0,0 @@
#!/bin/bash
UN="$(cat /etc/workuser)"
HD="/home/$UN"
if [[ -e "$HD/.setupdone" ]]; then
sleep 86400;
exit
fi
sudo \
--set-home \
--non-interactive \
-u $UN \
bash ./usersetup.sh && \
sudo \
--set-home \
--non-interactive \
-u $UN \
touch $HD/.setupdone

View File

@ -1,7 +0,0 @@
#!/bin/bash
if [[ -e ~/.home/Documents/scratch/dev ]]; then
ln -s ~/.home/Documents/scratch/dev ~/dev
else
ln -s ~/.home/dev ~/dev
fi

View File

@ -0,0 +1,50 @@
{ pkgs }:
let
# Inherit utilities
inherit (pkgs) lib buildEnv;
homeDir = builtins.getEnv "HOME";
in {
allowUnfree = true;
#jre = pkgs.oraclejre8;
#jdk = pkgs.oraclejdk8;
packageOverrides = pkgs: {
workEnv = lib.lowPrio (buildEnv {
name = "work-env";
ignoreCollisions = true;
paths = with pkgs; [
sneakDefaultPkgs
weechat
];
});
sneakDefaultPkgs = lib.lowPrio (buildEnv {
name = "sneakDefaultPkgs";
ignoreCollisions = true;
paths = with pkgs; [
clang
ctags
curl
gitAndTools.git-annex
gitAndTools.git-extras
gitAndTools.git2cl
gitAndTools.gitFull
gitAndTools.tig
gnupg
go
nix-prefetch-scripts
nix-repl
openssh
pwgen
qemu
tmux
tree
vim
wget
];
});
};
}

View File

@ -27,7 +27,7 @@ Plug 'zchee/deoplete-jedi', { 'for': 'python' }
Plug 'vim-syntastic/syntastic'
set statusline+=%#warningmsg#
set statusline+=%{SyntasticStatuslineFlag()}
"set statusline+=%{SyntasticStatuslineFlag()}
set statusline+=%*
let g:syntastic_always_populate_loc_list = 1
let g:syntastic_auto_loc_list = 1

View File

@ -68,10 +68,20 @@ HIST_STAMPS="yyyy-mm-dd"
# Custom plugins may be added to ~/.oh-my-zsh/custom/plugins/
# Example format: plugins=(rails git textmate ruby lighthouse)
# Add wisely, as too many plugins slow down shell startup.
plugins=(git git-prompt)
plugins=(git git-prompt zsh-autosuggestions)
source $ZSH/oh-my-zsh.sh
if [[ -e ~/.nix-profile/etc/profile.d/nix.sh ]]; then
source ~/.nix-profile/etc/profile.d/nix.sh
fi
for FN in ~/.local/profile.d/*.sh ; do
source "$FN"
done
if [[ -d ~/.paths/sneak-sync/bashrc.d ]]; then
for FN in ~/.paths/sneak-sync/bashrc.d/*.sh ; do
source "$FN"
done
fi