ndwarshuis
/
dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ENH split post script into three (one of which needs a special user)

This commit is contained in:
Nathan Dwarshuis 2021-06-12 00:08:39 -04:00
parent e46401ac36
commit 2946e33486
4 changed files with 75 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
dot_bin/executable_bootstrap_build Normal file
View File

@ -0,0 +1,20 @@
#! /bin/bash
# Build any binaries in necessary for my config to run at full capacity.
# ASSUME that stack is installed and that all repos with build scripts
# referenced here are already cloned.
run_stack_in_dir () {
local cur
cur="$(pwd)"
cd "$1" || return 1
stack install
cd "$cur" || return 1
}
export STACK_ROOT=~/.local/share/stack
run_stack_in_dir ~/.config/rofi-extras
run_stack_in_dir ~/.config/xmonad
run_stack_in_dir ~/.config/xman

131
dot_bin/executable_bootstrap_pkgs
View File

@ -1,116 +1,71 @@
#! /bin/bash #! /bin/bash
## Install all required packages for this user. It only needs to be run once # Install all required packages for this user. It only needs to be run once
## when setting up the HOME directory. # when setting up the HOME directory.
##
## This script is designed not to ask the user over and over again for their
## sudo password. Since it uses yay and makepkg to install AUR and custom
## PKGBUILDs, the somewhat hacky way to do this is as follows:'
## 1. call this script as root
## 2. give the nobody user permission to run pacman with no password via sudo
## 3. set up a custom, temporary HOME directory for yay which is owned by nobody
## 4. run yay as nobody with HOME set to the directory made in (3)
## 5. run makepkg as nobody
## 6. remove the temporary HOME for yay
## 7. remove the pacman sudo privilege for nobody
home_user="$1" # ASSUME
pkgsrc_dir="$2" # - git repos referenced here are pulled/updated
emacs_dir="$3" # - makepkg is installed/configured
# - yay is installed/configured
# NOTE to run without a sudo prompt, call with a user that has pacman
# permissions in sudoers.
pkgsrc_dir="$1"
makepkg_tmp=/tmp/bootstrap-makepkg makepkg_tmp=/tmp/bootstrap-makepkg
yaytmp=/tmp/bootstrap-yay
nobody_sudo_conf="nobody ALL=(root) NOPASSWD: /usr/bin/pacman"
nobody_sudo_path=/etc/sudoers.d/10-nobody-pacman
mk_nobody_perms() {
echo "Giving user nobody permission to use pacman without password"
echo "$nobody_sudo_conf" > "$nobody_sudo_path"
}
mk_yaytmp() {
echo "Creating temporary build directory for yay at $yaytmp"
mkdir "$yaytmp"
chown -R nobody:nobody "$yaytmp"
}
mk_makepkg_dir() { mk_makepkg_dir() {
echo "Creating temporary makepkg build directory at $makepkg_tmp" echo "Creating temporary makepkg build directory at $makepkg_tmp"
mkdir -p "$makepkg_tmp" mkdir -p "$makepkg_tmp"
echo "Populated with packages from $pkgsrc_dir" echo "Populated with packages from $pkgsrc_dir"
cp -r "$pkgsrc_dir"/* "$makepkg_tmp" cp -r "$pkgsrc_dir"/* "$makepkg_tmp"
chown -R nobody:nobody "$makepkg_tmp"
} }
try_nobody_update() { try_update() {
## Try updating pacman as the nobody user. If this fails then something if ! pacman -Syy; then
## went wrong when setting up sudo permissions for nobody echo "Failed to update pacman cache as user $(whoami). Exiting."
echo "Testing pacman permissions for user nobody. Trying to update cache."
if ! sudo -u nobody -n sudo pacman -Syy; then
echo "Failed to obtain pacman permissions for user nobody. Exiting."
return 1 return 1
fi fi
} }
call_makepkg() { call_makepkg() {
cd "$makepkg_tmp/$1" || return 1 cd "$makepkg_tmp/$1" || return 1
sudo -u nobody MAKEFLAGS="-j$(nproc)" makepkg -s -r -i -f --noconfirm MAKEFLAGS="-j$(nproc)" makepkg -s -r -i -f --noconfirm
}
run_install_scripts() {
~/.config/rofi-extras/install_deps
~/.config/xmonad/install_deps
} }
run_yay() { run_yay() {
## TODO add template switches to control which of these get installed based
## on my config
## packages for emacs (install emacs first to read the config)
pacman --needed -S emacs
# call emacs once to initialize it
if sudo -u "$home_user" emacs -batch -l "$emacs_dir/init.el"; then
IFS=' ' read -r -a emacs_pkgs \
< <(sudo -u "$home_user" emacs -batch -l "$emacs_dir/init.el" --eval \
'(print (format "pkgs: %s" (s-join " " (nd/get-dependencies (list :pacman :aur)))))' \
2>/dev/null | \
sed -n -e 's/"pkgs: \(.*\)"/\1/p')
echo "Emacs requires the following system pkgs: ${emacs_pkgs[*]}"
else
echo "Could not get list of emacs dependencies. Install them later."
emacs_pkgs=()
fi
## other packages for random gizmos
dunst_pkgs=(dunst) dunst_pkgs=(dunst)
flameshot_pkgs=(flameshot) emacs_pkgs=(emacs)
gtk_pkgs=(zuki-themes) gtk_pkgs=(zuki-themes)
nvidia_pkgs=(optimus-manager) ## TODO this requires some system-level config and thus should be an
r_pkgs=(r docker-rootless-extras-bin gcc-fortran texlive-bin tk) ## ansible role
# nvidia_pkgs=(optimus-manager)
## TODO docker rootless should be an ansible role since it needs some
## systemwide configuration
# r_pkgs=(r docker-rootless-extras-bin gcc-fortran texlive-bin tk)
r_pkgs=(r gcc-fortran texlive-bin tk)
redshift_pkgs=(redshift) redshift_pkgs=(redshift)
rofi_pkgs=(rofi-git bitwarden-cli libnotify rofi-greenclip seafile_pkgs=(seafile-client)
networkmanager-dmenu-git veracrypt sshfs jmtpfs)
seafile_pkgs=(seafile)
urxvt_pkgs=(urxvt-tabbedex rxvt-unicode urxvt-perls) urxvt_pkgs=(urxvt-tabbedex rxvt-unicode urxvt-perls)
xmonad_pkgs=(stack-static autorandr feh xorg-server xorg-xset libpulse
playerctl wireless_tools acpid ttf-symbola-free ttf-symbola-free
ttf-dejavu awesome-terminal-fonts numlockx picom i3lock-color
xorg-xrandr xss-lock)
zsh_pkgs=(zsh zsh-completions zsh-syntax-highlighting) zsh_pkgs=(zsh zsh-completions zsh-syntax-highlighting)
## AUR pkgs needed for spotify ## AUR pkgs needed for spotify
spotify_pkgs=(gconf) spotify_pkgs=(gconf)
sudo -u nobody HOME="$yaytmp" MAKEFLAGS="-j$(nproc)" \ MAKEFLAGS="-j$(nproc)" \
yay --needed --noconfirm --norebuild --removemake -S \ yay --needed --noconfirm --norebuild --removemake -S \
"${dunst_pkgs[@]}" \ "${dunst_pkgs[@]}" \
"${emacs_pkgs[@]}" \ "${emacs_pkgs[@]}" \
"${flameshot_pkgs[@]}" \
"${gtk_pkgs[@]}" \ "${gtk_pkgs[@]}" \
"${nvidia_pkgs[@]}" \
"${nvidia_pkgs[@]}" \
"${r_pkgs[@]}" \ "${r_pkgs[@]}" \
"${redshift_pkgs[@]}" \ "${redshift_pkgs[@]}" \
"${rofi_pkgs[@]}" \
"${seafile_pkgs[@]}" \ "${seafile_pkgs[@]}" \
"${urxvt_pkgs[@]}" \ "${urxvt_pkgs[@]}" \
"${xmonad_pkgs[@]}" \
"${zsh_pkgs[@]}" \ "${zsh_pkgs[@]}" \
"${spotify_pkgs[@]}" "${spotify_pkgs[@]}"
} }
@ -129,44 +84,22 @@ rm_makepkg_dir() {
rm -r -f "$makepkg_tmp" rm -r -f "$makepkg_tmp"
} }
rm_yaytmp() {
echo "Removing temporary build directory for yay at $yaytmp"
rm -r -f "$yaytmp"
}
rm_nobody_perms() {
echo "Removing user nobody's permission to use pacman without password"
rm -f "$nobody_sudo_path"
}
clean_up() { clean_up() {
rm_yaytmp
rm_makepkg_dir rm_makepkg_dir
rm_nobody_perms
exit exit
} }
trap 'clean_up' ERR trap 'clean_up' ERR
if [[ ! "$(id -u)" = "0" ]]; then if [ "$#" -ne 2 ]; then
echo "This script must be run as root. Exiting" echo "Must supply custom package dir. Exiting"
exit 1 exit 1
fi fi
if [ "$#" -ne 3 ]; then try_update
echo "Must supply calling user, custom package dir, and emacs dir. Exiting"
exit 1
fi
mk_nobody_perms
try_nobody_update
mk_yaytmp
run_yay run_yay
rm_yaytmp
mk_makepkg_dir mk_makepkg_dir
run_makepkg run_makepkg
rm_makepkg_dir rm_makepkg_dir
rm_nobody_perms

23
dot_bin/executable_bootstrap_repos Normal file
View File

@ -0,0 +1,23 @@
#! /bin/bash
# This script pulls all my git repos that I use in my config and builds whatever
# is in them as necessary. It will only pull them if they don't exist. Rather
# than use the import approach suggested in the chezmoi howto, this doesn't
# require me to keep 'syncing' changes when I work in these repos directly. The
# tradeoff is that it will only pull the latest master, which is totally fine
# with me.
clone_maybe () {
if [ ! -d "$2" ]; then
echo cloning git repo: "$1"
git clone --recurse-submodules "$1" "$2"
else
echo git repo already exists: "$1"
fi
}
clone_maybe https://github.com/ndwarshuis/.emacs.d.git ~/.config/emacs
clone_maybe https://github.com/ndwarshuis/rofi-extras.git ~/.config/rofi-extras
clone_maybe https://github.com/ndwarshuis/xman.git ~/.config/xman
clone_maybe https://github.com/ndwarshuis/xmonad-config.git ~/.config/xmonad
clone_maybe https://github.com/ndwarshuis/conky.git ~/.config/conky

73
run_once_after_10_install-packages.sh.tmpl
View File

@ -1,73 +0,0 @@
{{- if eq .chezmoi.hostname "petrucci4prez" -}}
#! /bin/bash
# This script installs all packages that my config needs. It also pulls all my
# git repos that I use in my config. It will only pull them if they don't
# exist. Rather than use the import approach suggested in the chezmoi howto,
# this doesn't require me to keep 'syncing' changes when I work in these repos
# directly. The tradeoff is that it will only pull the latest master, which is
# totally fine with me.
# Configuration is assumed to be handled elsewhere (for now) eg in etckeeper
# or with ansible.
clone_maybe () {
if [ ! -d "$2" ]; then
echo cloning git repo: "$1"
git clone --recurse-submodules "$1" "$2"
else
echo git repo already exists: "$1"
fi
}
run_stack_in_dir () {
local cur
cur="$(pwd)"
cd "$1" || return 1
stack install
cd "$cur" || return 1
}
#
# CLONE EMACS CONFIG
#
# do this before installing packages because its config will spit out
# dependencies that it needs to run at full capacity
emacs_dir="$HOME/.config/emacs"
clone_maybe https://github.com/ndwarshuis/.emacs.d.git "$emacs_dir"
## INSTALL PACKAGES
# The script that installs packages must be run as root, which allows sudo to
# only be used once. Pass the emacs config directory so it can get a list of
# dependencies for emacs
sudo "$HOME/.bin/bootstrap_pkgs" "$(whoami)" "$HOME/.local/share/packages" "$emacs_dir"
## CLONE/BUILD HASKELL-BASED REPOS
# TODO not dry (this is in .pam_environment)
# TODO could use tmp for this and it would probably be faster and get around
# the DRY problem, at the expense that build xmonad the first time live will
# be a PITA
export STACK_ROOT="$HOME/.local/share/stack"
rofix_dir="$HOME/.config/rofi-extras"
clone_maybe https://github.com/ndwarshuis/rofi-extras.git "$rofix_dir"
run_stack_in_dir "$rofix_dir"
xman_dir="$HOME/.config/xman"
clone_maybe https://github.com/ndwarshuis/xman.git "$xman_dir"
run_stack_in_dir "$xman_dir"
xmonad_dir="$HOME/.config/xmonad"
clone_maybe https://github.com/ndwarshuis/xmonad-config.git "$xmonad_dir"
run_stack_in_dir "$xmonad_dir"
## CLONE OTHER REPOS
clone_maybe https://github.com/ndwarshuis/conky.git "$HOME/.config/conky"
{{- end }}