├── roles ├── gentoo-apps │ ├── tests │ │ ├── inventory │ │ └── test.yml │ ├── vars │ │ └── main.yml │ ├── files │ │ ├── etc │ │ │ ├── modprobe.d │ │ │ │ ├── hid_apple.conf │ │ │ │ ├── thinkpad.conf │ │ │ │ └── snd_usb_audio_scarlett_2i2_gen3.conf │ │ │ ├── NetworkManager │ │ │ │ ├── conf.d │ │ │ │ │ └── dnsmasq.conf │ │ │ │ └── system-connections │ │ │ │ │ ├── 1-RHVPN.ovpn │ │ │ │ │ ├── AMS2.ovpn │ │ │ │ │ ├── BRQ2.ovpn │ │ │ │ │ ├── GRU2.ovpn │ │ │ │ │ ├── LCY.ovpn │ │ │ │ │ ├── NRT.ovpn │ │ │ │ │ ├── PEK2.ovpn │ │ │ │ │ ├── PNQ2.ovpn │ │ │ │ │ ├── RDU2.ovpn │ │ │ │ │ ├── SIN2.ovpn │ │ │ │ │ ├── SYD.ovpn │ │ │ │ │ ├── TLV2.ovpn │ │ │ │ │ └── PEK2-ALT.ovpn │ │ │ ├── openvpn │ │ │ │ └── client │ │ │ │ │ ├── rh-username │ │ │ │ │ └── redhat-brq.conf │ │ │ ├── udev │ │ │ │ └── rules.d │ │ │ │ │ ├── 80-keychron.rules │ │ │ │ │ └── 51-android.rules │ │ │ ├── pam.d │ │ │ │ └── system-auth │ │ │ └── X11 │ │ │ │ ├── xinit │ │ │ │ └── xinitrc.d │ │ │ │ │ └── 95-monitor-positioning │ │ │ │ └── xorg.conf │ │ ├── usr │ │ │ └── local │ │ │ │ └── share │ │ │ │ ├── applications │ │ │ │ ├── spotify.desktop │ │ │ │ └── google-chrome.desktop │ │ │ │ └── ca-certificates │ │ │ │ ├── 2015-IT-Root-CA.crt │ │ │ │ └── 2022-IT-Root-CA.crt │ │ ├── virtualbox-modules-6.1.12-r1-kernel-5.8-fixes_for_changes_in_cpu_tlbstate.patch │ │ ├── virtualbox-modules-6.1.12-r1-kernel-5.8-fixes_for_module_memory.patch │ │ ├── sssd-2.2.3-glibc-2.32-compat.patch │ │ ├── virtualbox-modules-6.1.12-r1-kernel-5.8-fixes_for_mm_struct.patch │ │ ├── crda-openssl-1.1.patch │ │ └── cyrus-sasl-2.1.26-openssl-1.1.patch │ ├── handlers │ │ └── main.yml │ ├── templates │ │ ├── sssd.conf.template │ │ ├── krb5.conf.template │ │ └── networkmanager.dnsmasq.redhat.conf.j2 │ └── README.md ├── gentoo-userspace │ ├── tests │ │ ├── inventory │ │ └── test.yml │ ├── templates │ │ ├── .fedora.upn.j2 │ │ ├── xinitrc-template │ │ ├── ssh-config.j2 │ │ ├── redshift.conf.j2 │ │ ├── init.vim.j2 │ │ └── zshrc.zsh-template │ ├── vars │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── files │ │ ├── zsh-pyenv │ │ ├── home-dir │ │ │ ├── .oh-my-zsh │ │ │ │ └── custom │ │ │ │ │ └── plugins │ │ │ │ │ ├── kitty │ │ │ │ │ └── kitty.plugin.zsh │ │ │ │ │ └── wk │ │ │ │ │ └── wk.plugin.zsh │ │ │ ├── .local │ │ │ │ └── share │ │ │ │ │ └── applications │ │ │ │ │ ├── PrusaGcodeviewer.desktop │ │ │ │ │ ├── PrusaSlicer.desktop │ │ │ │ │ ├── spotify.desktop │ │ │ │ │ ├── org.freecad.FreeCAD.desktop │ │ │ │ │ ├── slack.desktop │ │ │ │ │ └── google-chrome.desktop │ │ │ └── .config │ │ │ │ ├── spotifyd │ │ │ │ └── spotifyd.conf │ │ │ │ ├── yambar │ │ │ │ └── scripts │ │ │ │ │ └── hypractive.sh │ │ │ │ ├── astronvim │ │ │ │ └── lua │ │ │ │ │ └── user │ │ │ │ │ └── init.lua │ │ │ │ └── hypr │ │ │ │ ├── hyprlock.conf │ │ │ │ └── hypridle.conf │ │ ├── gtk2-settings │ │ ├── gtk3-settings │ │ └── git-commit.template │ ├── tasks │ │ ├── fedoraproject.yml │ │ ├── ansible.yml │ │ ├── gtk.yml │ │ ├── pip.yml │ │ ├── ssh.yml │ │ ├── nvm.yml │ │ ├── git.yml │ │ ├── kitty.yml │ │ ├── awesome.yml │ │ ├── omz.yml │ │ ├── hyprland.yml │ │ ├── neovim.yml │ │ ├── pyenv.yml │ │ ├── main.yml │ │ └── src.yml │ └── README.md ├── gentoo-services-ctl │ ├── defaults │ │ └── main.yml │ └── handlers │ │ └── main.yml └── macos-apps │ └── tasks │ └── main.yml ├── hosts ├── contrib ├── intel.video.txt ├── thinkpad.buttons.txt ├── power.cooling.monitoring.txt ├── thinkpad.virtualization.txt ├── user-groups.note.txt ├── notes ├── notes-fedora ├── notes-p16v-gen1 └── vimrc-from-old-laptop ├── p50-host ├── p16v-host ├── p1-gen2-host ├── .gitignore ├── .yamllint ├── p50-hosts ├── p1-gen2-hosts ├── configure-userspace.yml ├── ansible_collections ├── webknjaz │ └── stdlib │ │ ├── galaxy.yml │ │ └── plugins │ │ └── connection │ │ └── __pycache__ │ │ └── chroot_over_ssh.cpython-312.pyc └── .gitignore ├── requirements.yml ├── .pre-commit-config.yaml ├── .github └── main.workflow ├── cryptenroll-tpm2.sh ├── ansible.cfg ├── restart-services.yml ├── .travis.yml ├── install-apps.yml ├── LICENSE ├── README.rst ├── rebuild-world.yml ├── vault └── cat-keybase.sh └── library └── eix.py /roles/gentoo-apps/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /hosts: -------------------------------------------------------------------------------- 1 | [laptop] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /contrib/intel.video.txt: -------------------------------------------------------------------------------- 1 | https://wiki.gentoo.org/wiki/Intel 2 | -------------------------------------------------------------------------------- /p50-host: -------------------------------------------------------------------------------- 1 | [laptop] 2 | lenovo-p50 ansible_host=192.168.1.103 3 | -------------------------------------------------------------------------------- /p16v-host: -------------------------------------------------------------------------------- 1 | [laptop] 2 | lenovo-p16v ansible_host=192.168.1.210 3 | -------------------------------------------------------------------------------- /roles/gentoo-apps/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for gentoo-apps -------------------------------------------------------------------------------- /p1-gen2-host: -------------------------------------------------------------------------------- 1 | [laptop] 2 | lenovo-p1-gen2 ansible_host=192.168.1.114 3 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/templates/.fedora.upn.j2: -------------------------------------------------------------------------------- 1 | {{ usernames.fas }} 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /.vault_pass 2 | /id_rsa_* 3 | /*.retry 4 | .python-version 5 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for gentoo-userspace -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/modprobe.d/hid_apple.conf: -------------------------------------------------------------------------------- 1 | options hid_apple fnmode=2 2 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for gentoo-userspace -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- 1 | rules: 2 | indentation: 3 | indent-sequences: false 4 | level: error 5 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/modprobe.d/thinkpad.conf: -------------------------------------------------------------------------------- 1 | options thinkpad_acpi fan_control=1 2 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/conf.d/dnsmasq.conf: -------------------------------------------------------------------------------- 1 | [main] 2 | plugins=keyfile 3 | dns=dnsmasq 4 | -------------------------------------------------------------------------------- /contrib/thinkpad.buttons.txt: -------------------------------------------------------------------------------- 1 | https://wiki.gentoo.org/wiki/ACPI/ThinkPad-special-buttons 2 | 3 | $ acpi_listen 4 | -------------------------------------------------------------------------------- /p50-hosts: -------------------------------------------------------------------------------- 1 | [laptop] 2 | lenovo-p50-eth ansible_host=192.168.1.103 3 | lenovo-p50-wlan ansible_host=192.168.1.171 4 | -------------------------------------------------------------------------------- /roles/gentoo-apps/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - gentoo-apps -------------------------------------------------------------------------------- /roles/gentoo-userspace/tests/test.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | remote_user: root 4 | roles: 5 | - gentoo-userspace -------------------------------------------------------------------------------- /p1-gen2-hosts: -------------------------------------------------------------------------------- 1 | [laptop] 2 | lenovo-p1-gen2-eth-ext ansible_host=192.168.1.114 3 | lenovo-p1-gen2-eth-int ansible_host=192.168.1.115 4 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/zsh-pyenv: -------------------------------------------------------------------------------- 1 | export PYENV_ROOT="$HOME/.pyenv" 2 | export PATH="$PYENV_ROOT/bin:$PATH" 3 | eval "$(pyenv init --path)" 4 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/templates/xinitrc-template: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | xautolock -time 5 -locker "i3lock -c 000000 -f" & 4 | xset +dpms dpms 20 100 & 5 | exec awesome 6 | -------------------------------------------------------------------------------- /configure-userspace.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Set up wk user on gentoo laptop 3 | hosts: laptop 4 | gather_facts: true 5 | tasks: 6 | - import_role: 7 | name: gentoo-userspace 8 | -------------------------------------------------------------------------------- /ansible_collections/webknjaz/stdlib/galaxy.yml: -------------------------------------------------------------------------------- 1 | name: stdlib 2 | namespace: webknjaz 3 | version: 0.0.0 4 | readme: ./README.md 5 | authors: 6 | - Sviatoslav Sydorenko (https://webknjaz.me) 7 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.oh-my-zsh/custom/plugins/kitty/kitty.plugin.zsh: -------------------------------------------------------------------------------- 1 | autoload -Uz compinit 2 | compinit 3 | # Completion for kitty 4 | kitty + complete setup zsh | source /dev/stdin 5 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/fedoraproject.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Set up FAS value in the user-local config 3 | template: 4 | src: .fedora.upn.j2 5 | dest: ~/.fedora.upn 6 | -------------------------------------------------------------------------------- /requirements.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | collections: 4 | - name: community.general 5 | version: 9.2.0 6 | - name: community.crypto 7 | version: 2.21.0 8 | - name: ansible.posix 9 | version: 1.5.4 10 | 11 | ... 12 | -------------------------------------------------------------------------------- /contrib/power.cooling.monitoring.txt: -------------------------------------------------------------------------------- 1 | https://wiki.gentoo.org/wiki/Fan_speed_control 2 | https://wiki.gentoo.org/wiki/GKrellM 3 | https://wiki.gentoo.org/wiki/Power_management/Guide 4 | https://wiki.gentoo.org/wiki/Lm_sensors 5 | -------------------------------------------------------------------------------- /ansible_collections/.gitignore: -------------------------------------------------------------------------------- 1 | # Prevent Git from tracking anything... 2 | * 3 | 4 | # ...except for this file itself... 5 | !.gitignore 6 | 7 | # ...and the local in-repo collection... 8 | !webknjaz 9 | !webknjaz/** 10 | -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | repos: 3 | - repo: https://github.com/ansible/ansible-lint.git 4 | rev: v4.3.0a5 5 | hooks: 6 | - id: ansible-lint 7 | args: 8 | - -x 9 | - '106' 10 | types: 11 | - yaml 12 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/modprobe.d/snd_usb_audio_scarlett_2i2_gen3.conf: -------------------------------------------------------------------------------- 1 | # https://www.youtube.com/watch?v=5zFA5piXf8Q 2 | # https://github.com/Focusrite-Scarlett-on-Linux 3 | options snd_usb_audio vid=0x1235 pid=0x8210 device_setup=1 4 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/gtk2-settings: -------------------------------------------------------------------------------- 1 | gtk-application-prefer-dark-theme = true 2 | gtk-can-change-accels = 1 3 | gtk-cursor-theme-name = Adwaita 4 | gtk-font-name = Dejavu Sans 18 5 | gtk-icon-theme-name = elementary 6 | gtk-theme-name = Arc 7 | -------------------------------------------------------------------------------- /ansible_collections/webknjaz/stdlib/plugins/connection/__pycache__/chroot_over_ssh.cpython-312.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/webknjaz/ansible-gentoo-laptop/HEAD/ansible_collections/webknjaz/stdlib/plugins/connection/__pycache__/chroot_over_ssh.cpython-312.pyc -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/gtk3-settings: -------------------------------------------------------------------------------- 1 | [Settings] 2 | gtk-application-prefer-dark-theme = true 3 | gtk-can-change-accels = 1 4 | gtk-cursor-theme-name = Adwaita 5 | gtk-font-name = Dejavu Sans 18 6 | gtk-icon-theme-name = elementary 7 | gtk-theme-name = Arc 8 | -------------------------------------------------------------------------------- /.github/main.workflow: -------------------------------------------------------------------------------- 1 | workflow "Roles testing workflow" { 2 | on = "push" 3 | resolves = ["re-actors/ansible-molecule-action@master"] 4 | } 5 | 6 | action "re-actors/ansible-molecule-action@master" { 7 | uses = "re-actors/ansible-molecule-action@master" 8 | } 9 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/ansible.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Put the Ansible Core CI secret in place 3 | copy: 4 | content: >- 5 | {{ ansible_core_ci_key.secret }} 6 | dest: >- 7 | {{ ansible_core_ci_key.path }} 8 | mode: u+rw,g=,o= 9 | -------------------------------------------------------------------------------- /cryptenroll-tpm2.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | # https://community.frame.work/t/guide-setup-tpm2-autodecrypt/39005/9 3 | 4 | systemd-cryptenroll "${1}" 5 | 6 | systemd-cryptenroll \ 7 | --tpm2-device=auto \ 8 | --tpm2-pcrs=1+5+7+8+11+12+14+15 \ 9 | --tpm2-with-pin=true \ 10 | --wipe-slot=tpm2 \ 11 | "${1}" 12 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/templates/ssh-config.j2: -------------------------------------------------------------------------------- 1 | {% for ssh_host_config in ssh_host_configs %} 2 | {% for host, config_entries in ssh_host_config.items() %} 3 | Host {{ host }} 4 | {% for config_key, config_value in config_entries.items() %} 5 | {{ config_key }} {{ config_value }} 6 | {% endfor %} 7 | {% endfor %} 8 | 9 | {% endfor %} 10 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | collections_path = . 3 | gathering = smart 4 | inventory = hosts 5 | vault_password_file = vault/cat-keybase.sh 6 | 7 | [chroot_over_ssh_connection] 8 | dir_path = /mnt/gentoo 9 | 10 | [ssh_connection] 11 | ssh_args = -o ControlMaster=auto -o ControlPersist=30m -o ControlPath=/tmp/ansible-ssh-%h-%p-%r -o ForwardAgent=yes 12 | -------------------------------------------------------------------------------- /restart-services.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Control systemd services 3 | hosts: laptop 4 | become: yes 5 | tasks: 6 | - import_role: 7 | name: gentoo-services-ctl 8 | - debug: 9 | msg: Restarting all services unsafely 10 | - name: Restart services regardlessly 11 | shell: /bin/true 12 | notify: 13 | - ensure-services-reloaded-unsafe 14 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.local/share/applications/PrusaGcodeviewer.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Name=Prusa GCode viewer 3 | Exec=env __GLX_VENDOR_LIBRARY_NAME= prusa-slicer --gcodeviewer %F 4 | Icon=PrusaSlicer-gcodeviewer 5 | Terminal=false 6 | Type=Application 7 | MimeType=text/x.gcode; 8 | Categories=Graphics;3DGraphics; 9 | Keywords=3D;Printing;Slicer; 10 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.config/spotifyd/spotifyd.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | # If set to true, `spotifyd` tries to bind to dbus (default is the session bus) 3 | # and expose MPRIS controls. When running headless, without the session bus, 4 | # you should set this to false, to avoid errors. If you still want to use MPRIS, 5 | # have a look at the `dbus_type` option. 6 | use_mpris = true 7 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/gtk.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Create GTK3 config dir within userspace 3 | file: 4 | dest: ~/.config/gtk-3.0/ 5 | state: directory 6 | - name: Add GTK3 config 7 | copy: 8 | src: gtk3-settings 9 | dest: ~/.config/gtk-3.0/settings.ini 10 | - name: Add GTK2 config 11 | copy: 12 | src: gtk2-settings 13 | dest: ~/.gtkrc-2.0 14 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | version: ~> 1.0 2 | 3 | language: python 4 | python: 5 | - &default_python 3.6 6 | 7 | cache: 8 | pip: true 9 | directories: 10 | - $HOME/.cache/pre-commit 11 | 12 | install: 13 | - pip install pre-commit 14 | - pre-commit install-hooks 15 | 16 | script: 17 | - pre-commit run --all-files 18 | 19 | jobs: 20 | fast_finish: true 21 | allow_failures: 22 | - python: *default_python 23 | -------------------------------------------------------------------------------- /roles/gentoo-apps/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Set up certificates 3 | listen: update-ca-trust 4 | command: update-ca-certificates 5 | register: update_certs 6 | changed_when: > 7 | '0 added' not in update_certs.stdout or 8 | '0 removed' not in update_certs.stdout 9 | - name: Help NetworkManager load new connection profiles 10 | listen: nm-load-connections 11 | command: nmcli c r 12 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/pip.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Set up user's pip config 3 | ansible.builtin.command: 4 | argv: 5 | - >- 6 | {{ ansible_python.executable }} 7 | - >- 8 | -Im 9 | - >- 10 | pip 11 | - config 12 | - set 13 | - >- 14 | {{ item.key }} 15 | - >- 16 | {{ item.value }} 17 | with_dict: "{{ pip_options }}" 18 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/openvpn/client/rh-username: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 64623663313538383661343533366335333135333739336337643337393139336565643330626264 3 | 3936313930386238626262323334636535326335623963370a346538323661346532613437623930 4 | 66386234346163323637333535323838353062323632656438623436643366623330636133353063 5 | 3830613439356362330a303163646133653666363861353535633031663031323666326636663437 6 | 3266 7 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/ssh.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Create SSH config dir within userspace 3 | file: 4 | dest: ~/.ssh 5 | group: wk 6 | mode: u=rwx,g=,o= 7 | owner: wk 8 | state: directory 9 | - name: Generate SSH config from template 10 | template: 11 | dest: ~/.ssh/config 12 | group: wk 13 | mode: u=rw,g=r,o= 14 | owner: wk 15 | src: ssh-config.j2 16 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.config/yambar/scripts/hypractive.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | while : 4 | do 5 | hypractive="$(hyprctl activeworkspace -j)" 6 | hyprwindow="$(echo "${hypractive}" | grep -E '"id": ' | tr -dc '0-9')" 7 | 8 | if [ $hyprwindow -gt 10 ] 9 | then 10 | workspace=$((hyprwindow - 10)) 11 | else 12 | workspace="${hyprwindow}" 13 | fi 14 | 15 | echo "workspace|int|${workspace}" 16 | echo "" 17 | 18 | sleep 0.5 19 | done 20 | -------------------------------------------------------------------------------- /roles/gentoo-services-ctl/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | systemd_services_safe_restart: 3 | - acpid 4 | - anydesk 5 | - bluetooth 6 | - bluetooth-mesh 7 | - irqbalance 8 | - lm_sensors 9 | - NetworkManager 10 | - cups # CUPS 11 | - cups-browsed # CUPS network printers 12 | - systemd-logind # Laptop lid switch (close/open) 13 | - systemd-timesyncd # NTP sync 14 | - sssd # Kerberos? 15 | 16 | systemd_services_unsafe_restart: 17 | - docker 18 | - lxdm # LightDM 19 | - openvpn-client@redhat-brq 20 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/nvm.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Install nvm 3 | git: 4 | repo: https://github.com/creationix/nvm.git 5 | dest: ~/.nvm 6 | version: "{{ nvm_version }}" 7 | - name: Install Nodes # noqa 301 # FIXME 8 | shell: "source ~/.nvm/nvm.sh && nvm install {{ item }}" 9 | with_items: "{{ node_versions.install }}" 10 | - name: Set default Node version # noqa 301 # FIXME 11 | shell: "source ~/.nvm/nvm.sh && nvm alias default {{ node_versions.default }}" 12 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/git.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Patch Git config var for macOS 3 | set_fact: 4 | git_options: > 5 | {{ git_options | combine(mac_gpg_config, recursive=True) }} 6 | vars: 7 | mac_gpg_config: 8 | gpg.program: gpg 9 | when: 10 | - ansible_distribution == 'MacOSX' 11 | - name: Set up user's git config 12 | git_config: 13 | name: "{{ item.key }}" 14 | scope: global 15 | value: "{{ item.value }}" 16 | with_dict: "{{ git_options }}" 17 | -------------------------------------------------------------------------------- /contrib/thinkpad.virtualization.txt: -------------------------------------------------------------------------------- 1 | [root@fedora ~]# cat /sys/class/firmware-attributes/thinklmi/attributes/VirtualizationTechnology/current_value 2 | Disable 3 | [root@fedora ~]# cat /sys/class/firmware-attributes/thinklmi/attributes/VirtualizationTechnology/possible_values 4 | Disable,Enable 5 | [root@fedora ~]# echo Enable > /sys/class/firmware-attributes/thinklmi/attributes/VirtualizationTechnology/current_value 6 | [root@fedora ~]# cat /sys/class/firmware-attributes/thinklmi/attributes/VirtualizationTechnology/current_value 7 | Enable 8 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.oh-my-zsh/custom/plugins/wk/wk.plugin.zsh: -------------------------------------------------------------------------------- 1 | export ANSIBLE_TEST_PREFER_PODMAN=1 2 | 3 | COMPUTED_PIPX_BIN_DIR=$(\ 4 | pipx environment | \ 5 | grep PIPX_BIN_DIR= | \ 6 | tail -n 1 | \ 7 | awk -F= '{print $2}' \ 8 | ) 9 | if [[ -n "${COMPUTED_PIPX_BIN_DIR}" ]] 10 | then 11 | export PATH="${PATH}":"${COMPUTED_PIPX_BIN_DIR}" 12 | fi 13 | 14 | export PATH="${HOME}/bin":"${PATH}" 15 | 16 | export SSH_AUTH_SOCK="${HOME}/.bitwarden-ssh-agent.sock" 17 | 18 | alias claude="${HOME}/.claude/local/claude" 19 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.local/share/applications/PrusaSlicer.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Name=PrusaSlicer 3 | GenericName=3D Printing Software 4 | Icon=PrusaSlicer 5 | Exec=env __GLX_VENDOR_LIBRARY_NAME= prusa-slicer %F 6 | Terminal=false 7 | Type=Application 8 | MimeType=model/stl;application/vnd.ms-3mfdocument;application/prs.wavefront-obj;application/x-amf; 9 | Categories=Graphics;3DGraphics;Engineering; 10 | Keywords=3D;Printing;Slicer;slice;3D;printer;convert;gcode;stl;obj;amf;SLA 11 | StartupNotify=false 12 | StartupWMClass=prusa-slicer 13 | -------------------------------------------------------------------------------- /install-apps.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Set up gentoo laptop 3 | hosts: laptop 4 | gather_facts: true 5 | become: yes 6 | tasks: 7 | - import_role: 8 | name: gentoo-services-ctl 9 | when: 10 | #- ansible_distribution == 'Gentoo' 11 | - ansible_distribution != 'MacOSX' 12 | - import_role: 13 | name: gentoo-apps 14 | when: 15 | #- ansible_distribution == 'Gentoo' 16 | - ansible_distribution != 'MacOSX' 17 | - import_role: 18 | name: macos-apps 19 | become: false 20 | when: 21 | - ansible_distribution == 'MacOSX' 22 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/kitty.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Create Kitty plugins config dir within userspace 3 | file: 4 | dest: "{{ kitty.plugins_dir }}" 5 | state: directory 6 | - name: Get kitty plugins onto machine # noqa 401 7 | git: 8 | clone: yes 9 | dest: "{{ kitty.plugins_dir }}/{{ item.name }}" 10 | recursive: yes 11 | repo: "{{ item.src }}" 12 | update: yes 13 | loop: "{{ kitty.plugins }}" 14 | - name: Generate Kitty config from template 15 | template: 16 | src: kitty.conf 17 | dest: ~/.config/kitty/kitty.conf 18 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/udev/rules.d/80-keychron.rules: -------------------------------------------------------------------------------- 1 | # NOTE: The rules below match any Keychron keyboard. 2 | 3 | DRIVERS=="usb", SUBSYSTEMS=="usb", \ 4 | ATTRS{idVendor}=="05ac", ATTRS{idProduct}=="024f", \ 5 | ATTR{manufacturer}=="Keychron K[0-9]", ATTR{product}=="Keychron K[0-9]", \ 6 | RUN+="echo 2 | tee /sys/module/hid_apple/parameters/fnmode" 7 | 8 | DRIVERS=="usb", SUBSYSTEMS=="usb", \ 9 | ATTRS{idVendor}=="05ac", ATTRS{idProduct}=="024f", \ 10 | ATTR{manufacturer}=="Keychron K[0-9]", ATTR{product}=="Keychron K[0-9]", \ 11 | MODE="0666", GROUP="plugdev", SYMLINK+="%E{ID_MODEL}-keyboard-%n" 12 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.config/astronvim/lua/user/init.lua: -------------------------------------------------------------------------------- 1 | -- NOTE: Sometimes auto-folding gets enabled by accident. 2 | -- NOTE: The fix is to toggle it with . 3 | 4 | vim.g.python3_host_prog = "python3" 5 | vim.g.python3_host_prog = "/home/wk/.pyenv/versions/astronvim-pyenv-py3.11.5/bin/python3" 6 | 7 | return { 8 | lsp = { 9 | formatting = { 10 | format_on_save = { 11 | enabled = true, 12 | allow_filetypes = { 13 | "go", 14 | "rust", 15 | }, 16 | ignore_filetypes = { 17 | "python", 18 | }, 19 | }, 20 | }, 21 | }, 22 | -- ufo = { 23 | -- provider_selector = function(_, filetype, buftype) 24 | -- return {} 25 | -- end 26 | -- }, 27 | } 28 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/usr/local/share/applications/spotify.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Type=Application 3 | Name=Spotify 4 | GenericName=Music Player 5 | Icon=spotify-client 6 | TryExec=spotify 7 | # NOTE: `--gtk-version=4` is not enabled because it conflicts with GTK 2/3 8 | Exec=spotify --enable-features=UseOzonePlatform --enable-features=VaapiVideoEncoder --enable-features=Vulkan --use-vulkan --enable-features=WebRTCPipeWireCapturer --enable-features=WaylandWindowDecorations --ozone-platform-hint=auto --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-unsafe-webgpu --enable-zero-copy --in-process-gpu --disable-features=UseChromeOSDirectVideoDecoder %U 9 | Terminal=false 10 | MimeType=x-scheme-handler/spotify; 11 | Categories=Audio;Music;Player;AudioVideo; 12 | StartupWMClass=spotify 13 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.local/share/applications/spotify.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Type=Application 3 | Name=Spotify 4 | GenericName=Music Player 5 | Icon=spotify-client 6 | TryExec=spotify 7 | # NOTE: `--gtk-version=4` is not enabled because it conflicts with GTK 2/3 8 | Exec=spotify --enable-features=UseOzonePlatform --enable-features=VaapiVideoEncoder --enable-features=Vulkan --use-vulkan --enable-features=WebRTCPipeWireCapturer --enable-features=WaylandWindowDecorations --ozone-platform-hint=auto --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-unsafe-webgpu --enable-zero-copy --in-process-gpu --disable-features=UseChromeOSDirectVideoDecoder %U 9 | Terminal=false 10 | MimeType=x-scheme-handler/spotify; 11 | Categories=Audio;Music;Player;AudioVideo; 12 | StartupWMClass=spotify 13 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.local/share/applications/org.freecad.FreeCAD.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Name=FreeCAD 3 | Name[uk]=FreeCAD 4 | Comment=Feature based Parametric Modeler 5 | Comment[uk]=Система автоматизованого проєктування 6 | GenericName=CAD Application 7 | GenericName[uk]=Система автоматизованого проєктування 8 | # NOTE: Env vars are required due to https://bugs.gentoo.org/964398 9 | Exec=env __GLX_VENDOR_LIBRARY_NAME= COIN_EGL=1 FreeCAD - --single-instance %F 10 | Terminal=false 11 | Type=Application 12 | Icon=org.freecad.FreeCAD 13 | Categories=Graphics;Science;Education;Engineering;X-CNC; 14 | StartupNotify=true 15 | StartupWMClass=FreeCAD 16 | MimeType=application/x-extension-fcstd;model/obj;image/vnd.dwg;image/vnd.dxf;model/vnd.collada+xml;application/iges;model/iges;model/step;model/step+zip;model/stl;application/vnd.shp;model/vrml; 17 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.local/share/applications/slack.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Name=Slack 3 | StartupWMClass=Slack 4 | Comment=Slack Desktop 5 | GenericName=Slack Client for Linux 6 | # NOTE: `--in-process-gpu` produces a lot of errors in logs and the UI does not show up 7 | Exec=/usr/bin/slack -s %U --enable-features=WebRTCPipeWireCapturer --enable-features=UseOzonePlatform --enable-features=VaapiVideoEncoder --enable-features=Vulkan --use-vulkan --enable-features=WebRTCPipeWireCapturer --enable-features=WaylandWindowDecorations --ozone-platform-hint=auto --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-unsafe-webgpu --enable-zero-copy --disable-features=UseChromeOSDirectVideoDecoder --gtk-version=4 8 | Icon=slack 9 | Type=Application 10 | StartupNotify=true 11 | Categories=GNOME;GTK;Network;InstantMessaging; 12 | MimeType=x-scheme-handler/slack; 13 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/git-commit.template: -------------------------------------------------------------------------------- 1 | # If applied, this commit will... 2 | 3 | 4 | # Why is this change needed? 5 | Prior to this change, 6 | 7 | 8 | # How does it address the issue? 9 | This change 10 | 11 | 12 | # Provide links to any relevant tickets, articles or other resources 13 | 14 | # References: 15 | # * https://chris.beams.io/posts/git-commit/ 16 | # * https://alistapart.com/article/the-art-of-the-commit 17 | # * https://robots.thoughtbot.com/5-useful-tips-for-a-better-commit-message 18 | # * https://github.com/erlang/otp/wiki/writing-good-commit-messages 19 | # * https://wiki.openstack.org/wiki/GitCommitMessages 20 | # * https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html 21 | # * https://dev.to/gonedark/when-to-make-a-git-commit 22 | 23 | # ### Credits ### 24 | # This commit template is based on: 25 | # * https://codeinthehole.com/tips/a-useful-template-for-commit-messages/ 26 | 27 | # FIXME: research more commit templates 28 | -------------------------------------------------------------------------------- /roles/gentoo-apps/templates/sssd.conf.template: -------------------------------------------------------------------------------- 1 | [sssd] 2 | config_file_version = 2 3 | services = pam 4 | # services = nss, pam 5 | domains = ipa.redhat.com 6 | 7 | [nss] 8 | 9 | [pam] 10 | offline_credentials_expiration = 0 11 | reconnection_retries = 3 12 | 13 | [domain/ipa.redhat.com] 14 | # "ldap" does not work with "krb5_map_user" 15 | # id_provider = ldap 16 | # ldap_search_base = dc=redhat,dc=com 17 | 18 | dns_discovery_domain = ipa.redhat.com 19 | 20 | # "proxy" is necessary for "krb5_map_user" to work: 21 | id_provider = proxy 22 | proxy_lib_name = files 23 | 24 | auth_provider = krb5 25 | krb5_realm = IPA.REDHAT.COM 26 | krb5_store_password_if_offline = true 27 | 28 | access_provider = simple 29 | # Allow list needs local user names: 30 | simple_allow_users = wk 31 | simple_allow_groups = wk 32 | 33 | cache_credentials = true 34 | override_homedir = /home/%u 35 | lookup_family_order = ipv4_only 36 | 37 | krb5_map_user = wk:ssydoren 38 | krb5_renewable_lifetime = 7d 39 | krb5_renew_interval = 30m 40 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/virtualbox-modules-6.1.12-r1-kernel-5.8-fixes_for_changes_in_cpu_tlbstate.patch: -------------------------------------------------------------------------------- 1 | Index: src/vboxdrv/linux/SUPDrv-linux.c 2 | =================================================================== 3 | --- src.orig/vboxdrv/linux/SUPDrv-linux.c 4 | +++ src/vboxdrv/linux/SUPDrv-linux.c 5 | @@ -763,12 +763,19 @@ EXPORT_SYMBOL(SUPDrvLinuxIDC); 6 | RTCCUINTREG VBOXCALL supdrvOSChangeCR4(RTCCUINTREG fOrMask, RTCCUINTREG fAndMask) 7 | { 8 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 20, 0) 9 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 10 | RTCCUINTREG uOld = this_cpu_read(cpu_tlbstate.cr4); 11 | +#else 12 | + RTCCUINTREG uOld = __read_cr4(); 13 | +#endif 14 | RTCCUINTREG uNew = (uOld & fAndMask) | fOrMask; 15 | if (uNew != uOld) 16 | { 17 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 18 | this_cpu_write(cpu_tlbstate.cr4, uNew); 19 | __write_cr4(uNew); 20 | +#endif 21 | + ASMSetCR4(uNew); 22 | } 23 | #else 24 | RTCCUINTREG uOld = ASMGetCR4(); 25 | 26 | -------------------------------------------------------------------------------- /roles/gentoo-apps/templates/krb5.conf.template: -------------------------------------------------------------------------------- 1 | #includedir /etc/krb5.conf.d/ 2 | [logging] 3 | default = FILE:/var/log/krb5libs.log 4 | kdc = FILE:/var/log/krb5kdc.log 5 | admin_server = FILE:/var/log/kadmind.log 6 | 7 | [libdefaults] 8 | dns_lookup_realm = false 9 | ticket_lifetime = 24h 10 | renew_lifetime = 7d 11 | forwardable = true 12 | rdns = false 13 | udp_preference_limit = 0 14 | default_realm = IPA.REDHAT.COM 15 | default_ccache_name = KEYRING:persistent:%{uid} 16 | dns_canonicalize_hostname = false 17 | 18 | [realms] 19 | FEDORAPROJECT.ORG = { 20 | kdc = https://id.fedoraproject.org/KdcProxy 21 | pkinit_anchors = FILE:/etc/pki/ipa/fedoraproject_ipa_ca.crt 22 | } 23 | IPA.REDHAT.COM = { 24 | default_domain = ipa.redhat.com 25 | dns_lookup_kdc = true 26 | dns_lookup_realm = true 27 | } 28 | 29 | [domain_realm] 30 | .fedoraproject.org = FEDORAPROJECT.ORG 31 | fedoraproject.org = FEDORAPROJECT.ORG 32 | # 33 | #[libdefaults] 34 | # default_realm = EXAMPLE.CO.UK 35 | # forwardable = true 36 | # proxiable = true 37 | # default_keytab_name = FILE:/etc/krb5.keytab 38 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 Sviatoslav Sydorenko 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /contrib/user-groups.note.txt: -------------------------------------------------------------------------------- 1 | $ id 2 | uid=1000(wk) gid=1000(wk) groups=1000(wk),7(lp),18(audio),27(video),78(kvm),102(docker),103(plugdev),106(lpadmin),247(systemd-journal),990(vboxusers),993(wireshark) 3 | 4 | ===================================== 5 | 6 | https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/Finalizing#Adding_a_user_for_daily_use 7 | Working as root on a Unix/Linux system is dangerous and should be avoided as much as possible. Therefore it is strongly recommended to add a user for day-to-day use. 8 | 9 | The groups the user is member of define what activities the user can perform. The following table lists a number of important groups: 10 | 11 | Group Description 12 | audio Be able to access the audio devices. 13 | cdrom Be able to directly access optical devices. 14 | floppy Be able to directly access floppy devices. 15 | games Be able to play games. 16 | portage Be able to access portage restricted resources. 17 | usb Be able to access USB devices. 18 | video Be able to access video capturing hardware and doing hardware acceleration. 19 | wheel Be able to use su. 20 | 21 | ===================================== 22 | 23 | input — suggested by gui-libs/wlroots, required for the compositors to be 24 | able to access input devices via libinput (monitors, keybords, mice?) 25 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/pam.d/system-auth: -------------------------------------------------------------------------------- 1 | auth required pam_env.so 2 | auth requisite pam_faillock.so preauth 3 | auth required pam_unix.so nullok try_first_pass 4 | auth [default=1] pam_sss.so forward_pass # https://wiki.gentoo.org/wiki/Join_FreeIPA#PAM 5 | auth [default=die] pam_faillock.so authfail 6 | account required pam_unix.so 7 | account optional pam_sss.so # https://wiki.gentoo.org/wiki/Join_FreeIPA#PAM / https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP#Client_PAM_configuration_SSSD_Method 8 | account required pam_faillock.so 9 | password required pam_passwdqc.so config=/etc/security/passwdqc.conf 10 | password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow 11 | password optional pam_sss.so use_authtok # https://wiki.gentoo.org/wiki/Join_FreeIPA#PAM / https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP#Client_PAM_configuration_SSSD_Method 12 | session required pam_limits.so 13 | session required pam_env.so 14 | session required pam_unix.so 15 | session optional pam_sss.so use_authtok # https://wiki.gentoo.org/wiki/Join_FreeIPA#PAM / https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP#Client_PAM_configuration_SSSD_Method 16 | -------------------------------------------------------------------------------- /README.rst: -------------------------------------------------------------------------------- 1 | .. image:: https://travis-ci.com/webknjaz/ansible-gentoo-laptop.svg?branch=master 2 | :target: https://travis-ci.com/webknjaz/ansible-gentoo-laptop 3 | 4 | ansible-gentoo-laptop 5 | ===================== 6 | 7 | Merge apps:: 8 | 9 | ansible-playbook -i hosts --connection=local install-apps.yml 10 | 11 | Rebuild world:: 12 | 13 | ansible-playbook -i hosts --connection=local rebuild-world.yml 14 | 15 | Configure userspace stuff:: 16 | 17 | ansible-playbook -i hosts --connection=local configure-userspace.yml 18 | 19 | Prerequisites 20 | ------------- 21 | 22 | Before using, make sure you have ``kbfs`` running:: 23 | 24 | kbfsfuse 25 | 26 | Notes 27 | ----- 28 | 29 | * Lenovo P50 can only output video to either internal (built-in) laptop display 30 | or external ones if graphics mode is Hybrid and proprietary NVidia drivers 31 | are being used. So to make it work thoughout all available displays, disable 32 | it in BIOS by selecting Discrete mode. 33 | Also, open source nouveau drivers seem to handle this better (i.e. work in 34 | Hybrid mode). 35 | 36 | * When using dock station with Lenovo P50, make sure to plug one external 37 | display to the station's Display Port and plug the other one to the direct 38 | HDMI output in the laptop itself. Two external displays connected to the 39 | dock station don't work. 40 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/awesome.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Put Awesome WM enabled .xinitrc config in place 3 | template: 4 | src: xinitrc-template 5 | dest: ~/.xinitrc 6 | - name: Create Awesome WM config dir within userspace 7 | file: 8 | dest: ~/.config/awesome 9 | state: directory 10 | - name: Get Awesome WM widgets into config dir # noqa 401 11 | git: 12 | clone: yes 13 | dest: ~/.config/awesome/awesome-wm-widgets 14 | recursive: yes 15 | repo: https://github.com/streetturtle/awesome-wm-widgets.git 16 | update: yes 17 | - name: Install bit32 lua lib 18 | become: yes 19 | become_user: root 20 | command: luarocks install bit32 21 | args: 22 | creates: /usr/lib64/lua/luarocks/lib/lua/5.1/bit32.so 23 | - name: Ensure that bit32 from luarocks is linked under user dir 24 | file: 25 | src: /usr/lib64/lua/luarocks/lib/lua/5.1/bit32.so 26 | dest: ~/.config/awesome/bit32.so 27 | state: link 28 | - name: Put Awesome WM resource script in place 29 | template: 30 | src: awesome-rc.lua-template 31 | dest: ~/.config/awesome/rc.lua 32 | - name: Create Redshift config dir within userspace 33 | file: 34 | dest: ~/.config/redshift 35 | state: directory 36 | - name: Put Redshift config in place 37 | template: 38 | src: redshift.conf.j2 39 | dest: ~/.config/redshift/redshift.conf 40 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/omz.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Get oh-my-zsh onto machine # noqa 401 3 | git: 4 | clone: yes 5 | dest: ~/.oh-my-zsh 6 | recursive: yes 7 | repo: https://github.com/robbyrussell/oh-my-zsh.git 8 | update: yes 9 | - name: Copy own oh-my-zsh custom extensions onto machine # noqa 401 10 | copy: 11 | dest: ~/.oh-my-zsh/custom/ 12 | src: home-dir/.oh-my-zsh/custom/ 13 | - name: Get oh-my-zsh custom plugins onto machine # noqa 401 14 | git: 15 | clone: yes 16 | dest: ~/.oh-my-zsh/custom/plugins/{{ item.key }} 17 | recursive: yes 18 | repo: "{{ item.value }}" 19 | update: yes 20 | with_dict: "{{ oh_my_zsh.custom_plugins }}" 21 | - name: Get oh-my-zsh custom themes onto machine # noqa 401 22 | git: 23 | clone: yes 24 | dest: ~/.oh-my-zsh/custom/themes/{{ item.key }} 25 | recursive: yes 26 | repo: "{{ item.value }}" 27 | update: yes 28 | with_dict: "{{ oh_my_zsh.custom_themes }}" 29 | - name: Symlink oh-my-zsh custom themes 30 | file: 31 | src: ~/.oh-my-zsh/custom/themes/{{ item.key }}/{{ item.key }}.zsh-theme 32 | dest: ~/.oh-my-zsh/custom/themes/{{ item.key }}.zsh-theme 33 | state: link 34 | with_dict: "{{ oh_my_zsh.custom_themes }}" 35 | - name: Put oh-my-zsh enabled .zshrc config in place 36 | template: 37 | src: zshrc.zsh-template 38 | dest: ~/.zshrc 39 | -------------------------------------------------------------------------------- /rebuild-world.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Do gentoo world rebuild 3 | hosts: laptop 4 | become: yes 5 | tasks: 6 | - import_role: 7 | name: gentoo-services-ctl 8 | - name: Sync portage/overlay trees and index ebuilds 9 | eix: 10 | action: sync 11 | - name: Rebuild the @world 12 | notify: 13 | - ensure-services-started 14 | - ensure-services-reloaded 15 | portage: 16 | name: "@world" 17 | state: emerged 18 | deep: yes 19 | update: yes 20 | verbose: yes 21 | newuse: yes 22 | loadavg: 4 23 | jobs: 9 24 | - name: Rebuild the @preserved-rebuild 25 | notify: 26 | - ensure-services-started 27 | - ensure-services-reloaded 28 | portage: 29 | name: "@preserved-rebuild" 30 | state: emerged 31 | verbose: yes 32 | loadavg: 4 33 | jobs: 9 34 | - name: Rebuild the @module-rebuild 35 | notify: 36 | - ensure-services-started 37 | - ensure-services-reloaded 38 | portage: 39 | name: "@module-rebuild" 40 | state: emerged 41 | verbose: yes 42 | loadavg: 4 43 | jobs: 9 44 | - name: Rebuild the @x11-module-rebuild 45 | notify: 46 | - ensure-services-started 47 | - ensure-services-reloaded 48 | portage: 49 | name: "@x11-module-rebuild" 50 | state: emerged 51 | verbose: yes 52 | loadavg: 4 53 | jobs: 9 54 | -------------------------------------------------------------------------------- /contrib/notes: -------------------------------------------------------------------------------- 1 | TODO: apply almost equal Xcompose patch 2 | 3 | https://bugs.freedesktop.org/show_bug.cgi?id=85623 4 | https://gitlab.freedesktop.org/xorg/lib/libx11/-/issues/62 5 | 6 | === 7 | 8 | Getting RPi macs: 9 | +++++++++++++++++ 10 | 11 | cat /tmp/etc/dnsmasq.conf | grep ^dhcp-host= | awk -F'=' '{print$2}' | grep 'rpi4-\w\+$' | awk -F',' '{print $1 " " $3 " -> " $2}' 12 | ssh root@192.168.1.1 "cat /tmp/etc/dnsmasq.conf | grep ^dhcp-host= | awk -F'=' '{print\$2}' | grep 'rpi4-\w\+\$' | awk -F',' '{print \$1 \" \" \$3 \" -> \" \$2}'" 13 | wol $(cat /tmp/etc/dnsmasq.conf | grep ^dhcp-host= | awk -F'=' '{print$2}' | grep 'rpi4-\w\+$' | awk -F',' '{print $1}') 14 | 15 | === 16 | 17 | 18 | https://blog.oddbit.com/post/2015-07-16-mapping-local-users-to-kerberos-principals-with-sssd/ 19 | 20 | systemd needs +cgroup-hybrid for docker to work: 21 | https://bugs.gentoo.org/691844 22 | https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9753537cfaf24e80397a0236a169ded2ccc19fdf 23 | 24 | 25 | https://gitlab.com/keychron/k2/-/tree/master/Issues 26 | https://github.com/Kurgol/keychron/blob/master/k2.md 27 | 28 | 29 | === 30 | This breaks monospaced inputs in Chrome: 31 | [38] 56-twemoji-color.conf * 32 | 33 | The fix is 34 | $ sudo eselect fontconfig disable 56-twemoji-color.conf 35 | === 36 | 37 | 38 | P1 Gen 2: 39 | ------------- 40 | 41 | $ euse -p sys-apps/systemd -E gnuefi cryptsetup curl dns-over-tls http idn importd lzma nat pkcs11 qrcode repart xkb 42 | -------------------------------------------------------------------------------- /roles/macos-apps/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create a homebrewers group 3 | become: true 4 | group: 5 | name: homebrewers 6 | state: present 7 | - name: Add users to homebrewers group 8 | become: true 9 | user: 10 | name: >- 11 | {{ username }} 12 | append: yes 13 | groups: 14 | - homebrewers 15 | loop: 16 | - bluebirrrrd 17 | - wk 18 | loop_control: 19 | loop_var: username 20 | - name: Install xcode # noqa 301 # FIXME 21 | become: true 22 | shell: | 23 | set -euxo pipefail 24 | os=$(sw_vers -productVersion | awk -F. '{print $1 "." $2}') 25 | if softwareupdate --history | grep --silent "Command Line Tools.*${os}"; then 26 | echo 'Command-line tools already installed.' 27 | else 28 | echo 'Installing Command-line tools...' 29 | in_progress=/tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress 30 | touch ${in_progress} 31 | product=$(softwareupdate --list | awk "/\* Command Line.*${os}/ { sub(/^ \* /, \"\"); print }") 32 | softwareupdate --verbose --install "${product}" || echo 'Installation failed.' 1>&2 && rm ${in_progress} && exit 1 33 | rm ${in_progress} 34 | echo 'Installation succeeded.' 35 | fi 36 | 37 | - name: Install apps via brew 38 | homebrew: 39 | name: 40 | - asciinema 41 | - fira-code 42 | - fzf 43 | - git 44 | - keybase 45 | - kitty 46 | - neovim 47 | - tmux 48 | - yubikey-manager 49 | -------------------------------------------------------------------------------- /roles/gentoo-apps/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | A brief description of the role goes here. 5 | 6 | Requirements 7 | ------------ 8 | 9 | Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. 15 | 16 | Dependencies 17 | ------------ 18 | 19 | A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. 20 | 21 | Example Playbook 22 | ---------------- 23 | 24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: 25 | 26 | - hosts: servers 27 | roles: 28 | - { role: username.rolename, x: 42 } 29 | 30 | License 31 | ------- 32 | 33 | BSD 34 | 35 | Author Information 36 | ------------------ 37 | 38 | An optional section for the role authors to include contact information, or a website (HTML is not allowed). 39 | -------------------------------------------------------------------------------- /vault/cat-keybase.sh: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | 4 | set -euo pipefail 5 | 6 | 7 | MAX_RETRIES=5 8 | MAX_TIMEOUT=30 9 | 10 | 11 | function get_random_number() { 12 | local start=$1 13 | local end=$2 14 | local range_len=$(($end - $start)) 15 | 16 | echo $(( ($RANDOM % $range_len) + $start )) 17 | } 18 | 19 | 20 | function to_power() { 21 | local base=$1 22 | local power=$2 23 | echo "$base^$power" | bc 24 | } 25 | 26 | 27 | function run_with_exponential_backoff() { 28 | local cmd=$* 29 | local timeout=0 30 | local failcount=0 31 | local secret= 32 | local return_code=1 33 | 34 | while : 35 | do 36 | set +e 37 | secret=`$cmd` 38 | return_code=$? 39 | set -e 40 | if [[ $return_code -eq 0 ]] 41 | then 42 | break 43 | fi 44 | 45 | timeout=$(( `get_random_number 0 1` + `to_power $failcount 2` )) 46 | failcount=$(( $failcount + 1 )) 47 | 48 | if [[ $failcount -ge $MAX_RETRIES ]] 49 | then 50 | >&2 echo Maximum number of retries of $MAX_RETRIES reached... 51 | exit 2 52 | fi 53 | 54 | if [[ $timeout -gt $MAX_TIMEOUT ]] 55 | then 56 | timeout=$MAX_TIMEOUT 57 | fi 58 | 59 | >&2 echo Will retry in ${timeout}s... 60 | sleep $timeout 61 | done 62 | 63 | echo $secret 64 | } 65 | 66 | 67 | run_with_exponential_backoff \ 68 | keybase fs read \ 69 | /keybase/private/webknjaz/github/webknjaz/ansible-gentoo-laptop/.vault_pass 70 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.config/hypr/hyprlock.conf: -------------------------------------------------------------------------------- 1 | input-field { 2 | monitor = 3 | size = 200, 50 4 | outline_thickness = 3 5 | dots_size = 0.33 # Scale of input-field height, 0.2 - 0.8 6 | dots_spacing = 0.15 # Scale of dots' absolute size, 0.0 - 1.0 7 | dots_center = false 8 | dots_rounding = -1 # -1 default circle, -2 follow input-field rounding 9 | outer_color = rgb(151515) 10 | inner_color = rgb(200, 200, 200) 11 | font_color = rgb(10, 10, 10) 12 | fade_on_empty = true 13 | fade_timeout = 1000 # Milliseconds before fade_on_empty is triggered. 14 | placeholder_text = Input Password... # Text rendered in the input box when it's empty. 15 | hide_input = false 16 | rounding = -1 # -1 means complete rounding (circle/oval) 17 | check_color = rgb(204, 136, 34) 18 | fail_color = rgb(204, 34, 34) # if authentication failed, changes outer_color and fail message color 19 | fail_text = $FAIL ($ATTEMPTS) # can be set to empty 20 | fail_timeout = 2000 # milliseconds before fail_text and fail_color disappears 21 | fail_transition = 300 # transition time in ms between normal outer_color and fail_color 22 | capslock_color = -1 23 | numlock_color = -1 24 | bothlock_color = -1 # when both locks are active. -1 means don't change outer color (same for above) 25 | invert_numlock = false # change color if numlock is off 26 | swap_font_color = false # see below 27 | 28 | position = 0, -20 29 | halign = center 30 | valign = center 31 | } 32 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/X11/xinit/xinitrc.d/95-monitor-positioning: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env bash 2 | 3 | declare expected_outputs=(eDP-1 DP-2 DP-3-3) 4 | expected_output_count=3 5 | 6 | connected_output_count=$(xrandr --listmonitors | head -n1 | awk '{print$2}') 7 | connected_output_names=$(xrandr --listmonitors | tail -n+2 | awk '{print$4}') 8 | 9 | echo connected_output_count=$connected_output_count 10 | echo connected_output_names=$connected_output_names 11 | if [ $connected_output_count -eq $expected_output_count ] 12 | then 13 | monitors_match_expectation=true 14 | else 15 | monitors_match_expectation=false 16 | fi 17 | echo expectation vs reality \ 18 | $([[ "${monitors_match_expectation}" == 'true' ]] \ 19 | && echo 'true' \ 20 | || echo 'false') 21 | 22 | if [[ "${monitors_match_expectation}" != 'true' ]] 23 | then 24 | >&2 echo The amount of the connected displays \ 25 | "($connected_output_count)" does not match \ 26 | the expectation "($expected_output_count)" 27 | monitors_match_expectation=false 28 | expected_outputs= 29 | fi 30 | 31 | for expected_output in ${expected_outputs[@]} 32 | do 33 | >&2 echo Checking $expected_output... 34 | if ! echo "$connected_output_names" | grep '\b'"$expected_output"'\b' 35 | then 36 | >&2 echo Output $expected_output does not have \ 37 | a display connected 38 | fi 39 | done 40 | 41 | if [[ "${monitors_match_expectation}" == 'true' ]] 42 | then 43 | ~/.screenlayout/zenscreen-on-the-bottom-center-n-thinkvision-on-top-center--new-names.sh 44 | fi 45 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/hyprland.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Create WM config dirs within userspace 3 | file: 4 | dest: >- 5 | ~/.config/{{ config_subdir }}/ 6 | state: directory 7 | loop: 8 | - hypr 9 | - spotifyd 10 | - yambar 11 | - yambar/scripts 12 | loop_control: 13 | loop_var: config_subdir 14 | - name: Add Hyprland configs 15 | copy: 16 | src: home-dir/.config/{{ config_subpath }} 17 | dest: >- 18 | ~/.config/{{ config_subpath }} 19 | loop: 20 | - hypr/hypridle.conf 21 | - hypr/hyprland.conf 22 | - hypr/hyprlock.conf 23 | - spotifyd/spotifyd.conf 24 | - yambar/config.yml 25 | - yambar/scripts/hypractive.sh 26 | loop_control: 27 | loop_var: config_subpath 28 | - name: Ensure the hypractive script is executable 29 | file: 30 | dest: ~/.config/yambar/scripts/hypractive.sh 31 | mode: u+rwx,g+rx,o+rx 32 | - name: Create local application config dir within userspace 33 | file: 34 | dest: >- 35 | ~/{{ config_subdir }}/ 36 | state: directory 37 | loop: 38 | - .local 39 | - .local/share 40 | - .local/share/applications 41 | loop_control: 42 | loop_var: config_subdir 43 | - name: Add local desktop application config overrides 44 | copy: 45 | src: home-dir/.local/share/applications/{{ desktop_entry }}.desktop 46 | dest: >- 47 | ~/.local/share/applications/{{ desktop_entry }}.desktop 48 | loop: 49 | - google-chrome 50 | - org.freecad.FreeCAD 51 | - PrusaGcodeviewer 52 | - PrusaSlicer 53 | - slack 54 | - spotify 55 | loop_control: 56 | loop_var: desktop_entry 57 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/neovim.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | # TODO: Integrate AstroNvim 3 | - name: Ensure AstroNvim user config dir exists within userspace 4 | file: 5 | dest: ~/.config/astronvim/lua/user 6 | state: directory 7 | - name: Ensure AstroNvim user config is in place 8 | copy: 9 | src: home-dir/.config/astronvim/lua/user/init.lua 10 | dest: ~/.config/astronvim/lua/user/init.lua 11 | - name: Identify the Vundle installation path 12 | set_fact: 13 | vundle_self_path: >- 14 | {{ vundle.bundle_path }}/{{ vundle.self_dir }} 15 | - name: Get Vundle into userspace # noqa 401 16 | git: 17 | clone: yes 18 | dest: >- 19 | {{ vundle_self_path }} 20 | recursive: yes 21 | repo: https://github.com/{{ vundle.self_plugin }}.git 22 | update: yes 23 | - name: Generate a NeoVim config from the template 24 | template: 25 | src: init.vim.j2 26 | dest: ~/.config/nvim/init.vim 27 | - name: Wipe all unused Vundle plugins from NeoVim # noqa 301 # FIXME 28 | command: nvim +PluginClean! +qall 29 | - name: Install and upgrade Vundle plugins in NeoVim # noqa 301 # FIXME 30 | command: nvim +PluginInstall! +qall 31 | - name: List installed Vundle plugins in NeoVim # noqa 301 # FIXME 32 | command: nvim +PluginList +qall 33 | register: vundle_plugins_cmd 34 | - name: Save Vundle plugins list 35 | set_fact: 36 | vundle_plugins_installed: >- 37 | {{ vundle_plugins_cmd.stdout_lines }} 38 | # TODO: figure out how to retrieve plugin list the right way 39 | #- name: Output Vundle plugins list 40 | # debug: 41 | # var: vundle_plugins_installed 42 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.config/hypr/hypridle.conf: -------------------------------------------------------------------------------- 1 | general { 2 | lock_cmd = pidof hyprlock || hyprlock # avoid starting multiple hyprlock instances. 3 | before_sleep_cmd = loginctl lock-session # lock before suspend. 4 | after_sleep_cmd = hyprctl dispatch dpms on # to avoid having to press a key twice to turn on the display. 5 | } 6 | 7 | listener { 8 | timeout = 150 # 2.5min. 9 | on-timeout = brightnessctl -s set 10 # set monitor backlight to minimum, avoid 0 on OLED monitor. 10 | on-resume = brightnessctl -r # monitor backlight restore. 11 | } 12 | 13 | # turn off keyboard backlight, comment out this section if you dont have a keyboard backlight. 14 | listener { 15 | timeout = 150 # 2.5min. 16 | on-timeout = brightnessctl -sd rgb:kbd_backlight set 0 # turn off keyboard backlight. 17 | on-resume = brightnessctl -rd rgb:kbd_backlight # turn on keyboard backlight. 18 | } 19 | 20 | listener { 21 | timeout = 300 # 5min 22 | on-timeout = loginctl lock-session # lock screen when timeout has passed 23 | } 24 | 25 | listener { 26 | timeout = 330 # 5.5min 27 | on-timeout = hyprctl dispatch dpms off # screen off when timeout has passed 28 | on-resume = hyprctl dispatch dpms on # screen on when activity is detected after timeout has fired. 29 | } 30 | 31 | listener { 32 | timeout = 1800 # 30min 33 | on-timeout = systemctl suspend # suspend pc 34 | } 35 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/pyenv.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Install pyenv # noqa 401 3 | git: 4 | repo: https://github.com/pyenv/{{ github_slug }}.git 5 | dest: >- 6 | {{ pyenv_root }}{% if github_slug[:6] == 'pyenv-' 7 | %}/plugins/{{ github_slug }}{% endif %} 8 | loop: 9 | - pyenv 10 | - pyenv-doctor 11 | - pyenv-installer 12 | - pyenv-update 13 | - pyenv-virtualenv 14 | - pyenv-which-ext 15 | loop_control: 16 | label: >- 17 | {{ github_slug }} 18 | {% if github_slug[:6] == 'pyenv-' 19 | %}plugin{% else %}(main repo){% endif %} 20 | loop_var: github_slug 21 | - name: Refresh available pyenv Python versions 22 | shell: >- 23 | eval "$({{ pyenv_executable }} init -)" && 24 | eval "$({{ pyenv_executable }} virtualenv-init -)" && 25 | {{ pyenv_executable }} update 26 | when: true 27 | - name: Install Python from pyenv 28 | shell: >- 29 | eval "$({{ pyenv_executable }} init -)" && 30 | eval "$({{ pyenv_executable }} virtualenv-init -)" && 31 | {{ pyenv_executable }} install {{ python_version }} 32 | args: 33 | creates: >- 34 | {{ pyenv_root }}/versions/{{ python_version }}/bin/python 35 | loop: >- 36 | {{ pyenv_versions }} 37 | loop_control: 38 | loop_var: python_version 39 | - name: Set shell-global Python versions 40 | shell: >- 41 | eval "$({{ pyenv_executable }} init -)" && 42 | eval "$({{ pyenv_executable }} virtualenv-init -)" && 43 | {{ pyenv_executable }} global {{ pyenv_versions | join(' ') }} 44 | when: true 45 | 46 | - name: Populate ~/.zprofile and ~/.zshenv 47 | copy: 48 | src: zsh-pyenv 49 | dest: ~/.{{ item }} 50 | mode: u+rw,g=r,o=r 51 | loop: 52 | - zprofile 53 | - zshenv 54 | -------------------------------------------------------------------------------- /roles/gentoo-services-ctl/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # shared handlers role. to use it, do: 3 | # tasks: 4 | # - import_role: 5 | # name: gentoo-services-ctl 6 | 7 | # This must go first to preserve order 8 | - name: Reload service definitions 9 | listen: reload-srv 10 | systemd: 11 | daemon_reload: yes 12 | 13 | - name: Enable and start systemd services 14 | listen: ensure-services-started 15 | systemd: 16 | name: "{{ item }}" 17 | enabled: yes 18 | state: started 19 | register: start_srv 20 | failed_when: "start_srv.failed and 'Service is in unknown state' not in start_srv.msg" 21 | with_items: "{{ systemd_services_safe_restart + systemd_services_unsafe_restart }}" 22 | 23 | - name: Reload systemd services 24 | listen: ensure-services-reloaded 25 | systemd: 26 | name: "{{ item }}" 27 | state: reloaded-or-restarted 28 | register: start_srv 29 | failed_when: "start_srv.failed and 'Service is in unknown state' not in start_srv.msg" 30 | with_items: "{{ systemd_services_safe_restart }}" 31 | 32 | - name: Restart systemd services 33 | listen: ensure-services-reloaded-unsafe 34 | systemd: 35 | name: "{{ item }}" 36 | state: reloaded-or-restarted 37 | register: start_srv 38 | failed_when: "start_srv.failed and 'Service is in unknown state' not in start_srv.msg" 39 | with_items: "{{ systemd_services_safe_restart + systemd_services_unsafe_restart }}" 40 | 41 | - name: Ensure systemd services started 42 | listen: ensure-services-started 43 | systemd: 44 | name: "{{ item }}" 45 | state: started 46 | register: start_srv 47 | with_items: "{{ systemd_services_safe_restart + systemd_services_unsafe_restart }}" 48 | 49 | - name: Reload and apply udev rules from configs 50 | listen: update-udev-rules 51 | shell: udevadm control --reload-rules && udevadm trigger 52 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Ensure that Ansible dev env is set up 3 | import_tasks: ansible.yml 4 | - name: Ensure that SSH is configured 5 | import_tasks: ssh.yml 6 | - name: Ensure that Git is configured 7 | import_tasks: git.yml 8 | - name: Ensure that NeoVim is configured 9 | import_tasks: neovim.yml 10 | - name: Ensure that GTK is configured 11 | import_tasks: gtk.yml 12 | - name: Ensure that kitty is configured 13 | import_tasks: kitty.yml 14 | - name: Ensure that Oh My ZSH is configured 15 | import_tasks: omz.yml 16 | - name: Ensure that userspace Pythons are set up with pyenv 17 | import_tasks: pyenv.yml 18 | - name: Ensure that Pip is configured 19 | import_tasks: pip.yml 20 | - name: Ensure that NodeJS is configured with nvm 21 | import_tasks: nvm.yml 22 | - name: Ensure that Awesome WM is configured 23 | import_tasks: awesome.yml 24 | tags: 25 | - awesome-wm 26 | when: 27 | #- ansible_distribution == 'Gentoo' 28 | - ansible_distribution != 'MacOSX' 29 | - name: Ensure that Hyprland is configured 30 | import_tasks: hyprland.yml 31 | tags: 32 | - hyprland 33 | when: 34 | - ansible_distribution != 'MacOSX' 35 | - name: Ensure that source code projects are in place 36 | import_tasks: src.yml 37 | - name: Ensure that Fedora Project is configured 38 | import_tasks: fedoraproject.yml 39 | when: 40 | - ansible_distribution != 'MacOSX' 41 | - name: Ensure systemd services are enabled 42 | ansible.builtin.command: 43 | argv: 44 | - systemctl 45 | - --user 46 | - enable 47 | - --now 48 | - >- 49 | {{ item }} 50 | failed_when: false 51 | loop: 52 | - kbfs # Keybase filesystem 53 | - keybase 54 | - pipewire-pulse.socket 55 | - spotifyd 56 | - wireplumber 57 | when: 58 | - ansible_distribution != 'MacOSX' 59 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/virtualbox-modules-6.1.12-r1-kernel-5.8-fixes_for_module_memory.patch: -------------------------------------------------------------------------------- 1 | Index: src/vboxdrv/r0drv/linux/alloc-r0drv-linux.c 2 | =================================================================== 3 | --- src.orig/vboxdrv/r0drv/linux/alloc-r0drv-linux.c 4 | +++ src/vboxdrv/r0drv/linux/alloc-r0drv-linux.c 5 | @@ -153,6 +153,8 @@ RT_EXPORT_SYMBOL(RTR0MemExecDonate); 6 | 7 | 8 | #ifdef RTMEMALLOC_EXEC_VM_AREA 9 | + 10 | + 11 | /** 12 | * Allocate executable kernel memory in the module range. 13 | * 14 | @@ -168,7 +170,12 @@ static PRTMEMHDR rtR0MemAllocExecVmArea( 15 | struct vm_struct *pVmArea; 16 | size_t iPage; 17 | 18 | +# if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0) 19 | + pVmArea = __get_vm_area_caller(cbAlloc, VM_ALLOC, MODULES_VADDR, MODULES_END, 20 | + __builtin_return_address(0)); 21 | +#else 22 | pVmArea = __get_vm_area(cbAlloc, VM_ALLOC, MODULES_VADDR, MODULES_END); 23 | +#endif 24 | if (!pVmArea) 25 | return NULL; 26 | pVmArea->nr_pages = 0; /* paranoia? */ 27 | @@ -201,14 +208,21 @@ static PRTMEMHDR rtR0MemAllocExecVmArea( 28 | # endif 29 | pVmArea->nr_pages = cPages; 30 | pVmArea->pages = papPages; 31 | - if (!map_vm_area(pVmArea, PAGE_KERNEL_EXEC, 32 | +# if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0) 33 | + unsigned long start = (unsigned long)pVmArea->addr; 34 | + unsigned long size = get_vm_area_size(pVmArea); 35 | + 36 | + if (!map_kernel_range(start, size, PAGE_KERNEL_EXEC, papPages)) 37 | +#else 38 | + if (!map_vm_area(pVmArea, PAGE_KERNEL_EXEC, 39 | # if LINUX_VERSION_CODE < KERNEL_VERSION(3, 17, 0) 40 | &papPagesIterator 41 | # else 42 | papPages 43 | # endif 44 | )) 45 | - { 46 | +#endif 47 | + { 48 | PRTMEMLNXHDREX pHdrEx = (PRTMEMLNXHDREX)pVmArea->addr; 49 | pHdrEx->pVmArea = pVmArea; 50 | pHdrEx->pvDummy = NULL; 51 | 52 | -------------------------------------------------------------------------------- /roles/gentoo-apps/templates/networkmanager.dnsmasq.redhat.conf.j2: -------------------------------------------------------------------------------- 1 | # Refs: 2 | # * https://mojo.redhat.com/docs/DOC-1102526 3 | # * https://mojo.redhat.com/docs/DOC-1017803-configure-fedora-with-red-hat-ldapkerberos-and-vpn 4 | # * https://mojo.redhat.com/docs/DOC-1123600 5 | # * https://mojo.redhat.com/docs/DOC-977303 6 | # * https://mojo.redhat.com/search.jspa?q=AMS2.ovpn 7 | # * https://mojo.redhat.com/search.jspa?q=vpn 8 | # * https://mojo.redhat.com/docs/DOC-1122097-use-openvpn-from-the-command-line-on-fedora-and-rhel 9 | # * https://github.com/webknjaz/ansible-gentoo-laptop/issues/2 10 | # 11 | 12 | # NOTE: 13 | # Because DNSmasq is unable to match subdomains-only, we set just a 14 | # first-level domain and are forced to list all the subdomains manually. 15 | # Ref: https://stackoverflow.com/a/37449551/595220 16 | # Also, using `all-servers` makes it that we get internal or external IP 17 | # for auth.redhat.com but Kerberos only works for internal IP and so it 18 | # makes the auth flaky when a public DNS replies faster than an internal one. 19 | # Side effects: some services are available on extranet in restricted 20 | # mode but we still want to prefer intranet access and so those domains 21 | # won't work w/o VPN. 22 | {% for dns_server in corp_dns_servers | default([]) %} 23 | server = /{{ corp_domains | join('/') }}/{{ dns_server }} 24 | {% endfor %} 25 | 26 | {% for dns_server in public_dns_servers | default(['8.8.8.8']) %} 27 | server = {{ dns_server }} 28 | {% endfor %} 29 | 30 | all-servers 31 | 32 | # If you want dnsmasq to listen for DHCP and DNS requests only on 33 | # specified interfaces (and the loopback) give the name of the 34 | # interface (eg eth0) here. 35 | # Repeat the line for more than one interface. 36 | #interface=lo,docker0 37 | 38 | # On systems which support it, dnsmasq binds the wildcard address, 39 | # even when it is listening on only some interfaces. It then discards 40 | # requests that it shouldn't reply to. This has the advantage of 41 | # working even when interfaces come and go and change address. If you 42 | # want dnsmasq to really bind only the interfaces it is listening on, 43 | # uncomment this option. About the only time you may need this is when 44 | # running another nameserver on the same machine. 45 | bind-interfaces 46 | 47 | # Disable negative caching 48 | no-negcache 49 | 50 | # DEBUG 51 | #log-queries 52 | #cache-size = 0 53 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/1-RHVPN.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 61623963396165613762643733353965653634653932646237323163616131383338316363646162 3 | 3732363266666566616138613732373636653937656162330a393462653236393262363663643638 4 | 39383736616135636163643639356233333334343235376430656532616232616535356338303064 5 | 6137313364663466380a353934386231343864323264663836653662653265623932303264366266 6 | 61356662396262383862396237356361626537626466396430633665353536366536643162666632 7 | 36336433326531333538303062376432373061326563346135636538393331396530623939613037 8 | 64656134373033363666373863646632383632353739326338356330353866326138353365353063 9 | 39363736643539356362306535343833313638363630613030633561646365363737663064336662 10 | 38663839303830363836613862653766613864363961306662303433323965613138303732376264 11 | 37633037623139373733346162353662613934613735666364633631393137613936313364333639 12 | 61643131313537366137373930376363613736643132363832396437333061396363616639653932 13 | 33326365326436396164346530643132656538666534393039396465366330613430373235333135 14 | 63393238386238376564626437346638383766323530343631653039306436633765323534373530 15 | 37336430393934613337323635643837386262616531326264653662383461343961313033616334 16 | 36323636363238663233323236376164613239663137613061653065333732343533386638623461 17 | 63663430646131383863633939633033326262393336643635383866336536363761383831333965 18 | 39666266623162366635643265643435393633373061393835636230626530346634623832376237 19 | 65343238643938373664636233663538633562363032313634313536356130353636386266373431 20 | 30383764333730356531613539373763666136363830366534633630366439386536343466333736 21 | 61356665306433646234366536343536323833393439616639383466353937306630383830393538 22 | 61316432643035643566643066623136303333366139333933323661383363373536356563643466 23 | 64653664383931336561636337346662396366313564343164386539353961343566613230623737 24 | 65613231383338623339653932363036386237633865303733366536333262306636333338396161 25 | 32616532353131393036663064323466343033643861663731313935313733623566646537303731 26 | 31303463303431323630623439336435303066356635313337313233636639303564653736393461 27 | 65346665393266643962633238663663353037366633343331313138353632613266353931323065 28 | 30646133303130346237396236336438323834636566626236626361396237623864353234626539 29 | 35636639323436303166666234336431356538373435316233613233326234353633326563366338 30 | 64346538613537373837643432316337626438393535393665326362336639633636613839396133 31 | 34353032323137313561353936376138386631343832663536623239336137323635643866386633 32 | 63646362306538366162623662343437643262643766306263386338613331623039643937623334 33 | 31326337636264373764373634303939373863663338346632633831396536626234386261363961 34 | 3364 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/AMS2.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 63626630393936666161376438353863373665356265346364373537353631393531636465313138 3 | 6265366137343931393730653230326563376164333435350a326262633739663936353662303263 4 | 30623362383635646163343261653736623965653561663462383233356536356530326264643935 5 | 3237336363333762320a613939363363323937633837363766343536613430306263653132383336 6 | 63633231656465353661383538353564313839643066323734393031626138363235663230663131 7 | 38613835326635366637623732346433613630363036393363613534316534663966303636353034 8 | 33643536653035316133613961623230353338646164373237636338656632666236643437303632 9 | 35616637623266366133373834346265663765386230663738396430633831663466306231363663 10 | 61646161353365313366636532333536646234323063306139633865303138303266326136663130 11 | 35656236343862303334383430663430383866356266303132323661363963306466396466663539 12 | 66623037643263656466383064383239386561663238616161653438383431323938346361386638 13 | 63636233376435656337346137323139616266336134373662643363346363393438636332323165 14 | 36336365373635356134303439356362306234666630643135346434326434363434306131363837 15 | 35353434326466626635623938633539663833373664366539633464636536373364346437393564 16 | 30666562396631393463633638323262613236366432326631323363336363363737646565643061 17 | 32653731633833643533323637663139326437326537333264636230306663333939383663356335 18 | 65313035336138363566326130643936646538333839303330623064626334363038353161653733 19 | 65633930633430333562313765376364373132613838383831313731356530343063623865303830 20 | 66616531383965373865336239663939306230393232613737313935366565613564376135303562 21 | 62353137383664363164623861393561653162343062326132306533366136633135363861323662 22 | 33653831303864663739313664646164656561613739613234616330306635346162303063623936 23 | 34643939373530636662393565613865353236313532636235393832346636326438396362313430 24 | 35653865613766353336636538376330333762323233303633303663653962623838616663363162 25 | 61313031623434643966643130343437363761626333376161646533346534356135646130643230 26 | 35376233313337636465366562316363366234643537643333613930333132303739373361323262 27 | 36346566636531356637636533336532656338393762663633663832646634666261623161393231 28 | 66316339653731333662326430366533383961633839373833323366393766313239633366363238 29 | 64363734643162393764633538383636333834623937303439623061316430636235353030343665 30 | 62313330633032363662323635303839646635306630646161626231313762633963343131333333 31 | 35366331373737613333343365653262323631663634396364333362303063373765616665386531 32 | 38633039616238613364613661353039363835626363663534376366633430303261643830653265 33 | 63396662343162633438636230393731336536303038643837653539363338643464663761376330 34 | 6437 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/BRQ2.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 36306137643061656566626638353664336331356231343463396130613439656261663564633831 3 | 3236646562623939643462643036623634343433303932330a626334386635333039346464396361 4 | 63643832326332643131393661666465386666663961346239636337393862646236356539363063 5 | 3464313961623061660a336234656133636163343832373334363365303865663133646464623162 6 | 31626630383961336233383837363862316133316234656364383662633835393032303836643737 7 | 66313532663134323437653436323332633037626330366538333562643834353833663936656536 8 | 66343532313531326261643835656237343634333938623864643039323364646565313332656664 9 | 36363361356138313866376432393761636630303762663131353435616464383239633536383336 10 | 61636530626638393262653965383638633233323430333733353265656331663438356465353261 11 | 64613962623733323065393764333761383637376638656662373261653864346532333036626439 12 | 34393464653435346139386262353462373164663533383362393137666661313661363238633561 13 | 30333064316132616564643038326463326638316139613633393466353230366630303530363532 14 | 64636663653062303437393164333661636461383665363763303131303634323262396231613134 15 | 32626465633566316139356233336335646632323361643239363132383462346336616566643066 16 | 64333630343964626234653134386631643030346533623330356161346536303236313133343438 17 | 63346632333162376531303838326134653934353030353035326461373534613831326263616638 18 | 38313961356261633534373666656261366232306435376562613538383537386661616463333936 19 | 33663061306532386631626466376566623934343233386234303866376131386337376566336234 20 | 62353738333435646430336362656532393935303937393539393261393636633932333563653936 21 | 32343836646130343330366533623239653039666234343236376338393564316164663162666664 22 | 33383537653339383239343035303735646132643565373033323937346566653738653161323231 23 | 30636437653462366630653962366637313630663066653962376637633463316636623738323563 24 | 66393561376533313963366464346666306438663864313362353932353165353063643863376630 25 | 34343536323734303633353963636164363361336266393738396134323533326438333836383436 26 | 39616634396632613134343061653639653531356539386536343832306131343538326264363631 27 | 65616665613537343339313765626565633564633837343435333537313465333063623261353537 28 | 34306233393134343466306163396431373565333839333937323562323735383033646133363330 29 | 39356238626564343536636366373234646538663133303838316263663832623262653431316461 30 | 65393166393765366264623937346430616537353737303437636132326534616230343533356533 31 | 38666635316632353962623838663266633861656238646361663566663662623536396464623366 32 | 32663531333261363434353732393135643434643665643039613938356264643066376133376562 33 | 35313134616461353336326664386634666464363139616438613661323737306239656663366339 34 | 3035 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/GRU2.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 31653630366530313464333335613266326135666562373433383863633137633965663938663036 3 | 3034353332366237356639383331393133303635633036390a663831613262333839393937373064 4 | 32666237643962666263323133656531323438393937633038356538313332333036396638663638 5 | 3862396138343532370a636433386334623830343733613334333266643133396231383063626234 6 | 33373330643463373937313765623337376563383861386638303832323034313930366331653666 7 | 64326163373232643332323637316530626438323030373139613132616462303830383835363532 8 | 35646464303462633931313932303831346231343664656363613030383232363162643832333866 9 | 61636535306436383037643665663162306536336330623034643232343730316630393733303436 10 | 31646362343662313037366166633366333666373661623231613931333334316139363437613361 11 | 31303963346433633161633032313636366631396637343138363532616239623961316436376461 12 | 37313436623962623737383130316631386463316262363135623363313234386631353333323539 13 | 62333939303164383539643830363030623931343236313263306130383135383462313930393562 14 | 64666131383066313132616634326137303063313035373136373735636235303664323337323037 15 | 39303331356465353566333334643536666431643236643635666462653737373535363636383033 16 | 64313838636531643836386337616130366338653039653966303762366161663833623432383439 17 | 35393665326338346535393234383337636564326437326166666234666663373766623765636139 18 | 65333363393964383866313032313265303563323635383262326139643266616663396538333663 19 | 39616365393465646361356363363663396530643661633136613331313830343934363163313036 20 | 36393762343239613130636130643536646166373837393639306463303563616261353437316531 21 | 38326330303235613266346239303566363965343764396365383162626137343932313866636136 22 | 32366331316432663164396562356432396237316664663865333739326134613935376665383932 23 | 35376632663539663966393366373566323732336331323832376538623232376237396366393964 24 | 36633230353866666566323531383636393235383930666331653564623636656464656337393332 25 | 64363065323666646365306634343832356131313162666435643631656431373134386332623631 26 | 62613434343431336636363362626562376665376137616339383838303533323935353735633239 27 | 61353436633836363963313433393731383563623337323230666130643139616137653234393465 28 | 30353830353766303064616431613936386335353534653366313237666238653661376639626136 29 | 36313939363263363936393964653564616532646538336238363461383366613833633834353837 30 | 31366537346366663061333138646132363132363064663036393638333531613263356266303461 31 | 33303064646434326132336266323330303437653264666236303866666265303763323537653037 32 | 38643237613864623037663533376161393332616462623666353236373139656535323966643838 33 | 37353765313261393434313939626331393132346333336339363764663734316462626661313934 34 | 3933 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/LCY.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 66396135613262643364643165303932383566383935373832306230613731376566326334666165 3 | 6231343938356337363037393832333765363039366161620a323766343866313236623336363937 4 | 62633033663834313536366466633933366337656134313966313331383362376636353532656365 5 | 3262366238313163610a616162303465656636376134383137633337336238623863666234336139 6 | 31313162656435313535323961383566633336636666376239303834343163346164633864303839 7 | 38313264396533666534623763393635626166663235313937636236646436303139633266376161 8 | 65333031343734393936376265633831653966663833343330373862653961323039373036623738 9 | 34396635666430373665663133636232316432383038353735636561383234636636666463316263 10 | 31613238613930353463313831363663656466643330333064346437356535363965336631333336 11 | 36323630383165616137656561613938346532623262653861326465303737313130333837306532 12 | 64383231656239643763636439366639663065306439363435663264633166396665623832333937 13 | 32323234633336323634346532633766346337663365303163363162333965363637666632613039 14 | 31663865386538353361303833376563643631396464653435336566353466663361656631366464 15 | 33653565666434346538303365336138643637326639373335313537343533303961373635386331 16 | 35336138323039616261666335316265656533623636323638386232636236333438653733666335 17 | 66663737353032616138643734653334653236363331633863386663353136633831373134633130 18 | 65323230376163323364353439663861343838323134336130333239643035613862343563326134 19 | 62636436353930646138633131336136306165303462663461643765346338313936303936386633 20 | 66396634313137623434613537663365666366643666646566326265643736306266333333646237 21 | 39636364653939623733313737343566343666323539643264363139623262653438663465336263 22 | 63333764323962626163323962396466306431383833396163393734633835343935643938353333 23 | 66616230346430623266356134316339306534396264663233656531386464376162306137306334 24 | 34663230663838666162646638313032376431323636386436383064623862333666373833353531 25 | 32343834313666656165333636653830313238323637396130373561393539333831353864336464 26 | 65396363306533626363326362383334306562333163363336663238376262663639643363636235 27 | 32333563363039643032336438356233336162633333666664663861363738633566376337326535 28 | 64643065313636643838383265646335646539306465386637646236633665333565626236626461 29 | 63306336653435353464343535623333323132666562623562383532303166363435383366353537 30 | 30363861623764613164623137333730663161616362303039366133386130396632666261343666 31 | 61333838633030393137636637613839373038306337363838366466356366643433353536393764 32 | 64323834653139636639373834356232333035653366643330383330323465373433346635353333 33 | 62316662626561373732393935343035396362363962373135653534643537393762303832356564 34 | 6133 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/NRT.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 39333138326264316531376533663033666130376263336639343539633166333238353432366461 3 | 3138646235316331353338383133363861663930343032630a303233303264666436626537633462 4 | 39646637303362396636646265346538303166333731353037646431643033363632346533363032 5 | 6462373062666561620a363635363034323366316562363363303636363338373236663234343331 6 | 63386636353433303839633165336265363061393166633639353432353136303230633035333039 7 | 65626535333636333433393630653037393665396134653632636363353562346434323036346661 8 | 32616631633235646561353635656365633362626136393232386464383764633366313030313833 9 | 38343138366431326232636465623265623065633535373266316530316238323039663663646633 10 | 33396337363137633065613036313362343462623234316135363537393162353237313463623262 11 | 61633231326465363364383030613530316130653162373630343330393234663336643932633230 12 | 66353065383933613361316265633766643439643964343164303534343034373064326534363830 13 | 61336532633066333366636635383162376431323365356661323231623336326166623363336535 14 | 36636630383762366464313837383464353964393635393538613463666131353361323938366431 15 | 62646239636562313332623939336366353036366264343533356538656464646336626236353066 16 | 36396236363737366562323063383261363132636462306538333235643531663762626330653838 17 | 39343038653962646664666462623261303038386437336562363937323764633966353631333233 18 | 61383866366536623561656264366338303230343663666262386366333061343139333833343735 19 | 62356530366661653937633263386133396439653966363165383561363861323530633463373237 20 | 38346331316564353133663063343932313734643563353961313562343739376266313134666134 21 | 61613437663866336331616666383333323939623434316462313333363238303232633766393737 22 | 64313936636530343435386530393665656664323136396562303839616439336230643837363039 23 | 61323166363239336136376530313031366338376432613261356637626339383131633737633266 24 | 64646262653731386566346432386163363434333365393361393935646233653632663864326231 25 | 61343132333037313766666533636466376532323638346232363861316165316438393132333966 26 | 35333231653535383838383031316331666439653566366136323732643836616334653635343130 27 | 36626538366232353465636537643432343331366264646230373361623135386666336563636663 28 | 39363164663939623965636265366339616564303938363838316261343232383030616538393835 29 | 36643338643135303930313734376162653837313462616332356235646434373934363139326333 30 | 33613139376162306161353931316465363062333731313261396431326264383066613963643137 31 | 36323933653165363163346463326631636563323737386132643136396361383736356161316261 32 | 38353930343834333663643662353764306663383833626339316466313235633332626661356131 33 | 64636161623264323437346537643462353763323066653032373935326131396634633333326333 34 | 3530 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/PEK2.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 36343838306236333566393933303830653536383237636138613866633133653635353238643638 3 | 3134633036363763613861633630353663343564376532660a666165626139636637346364613132 4 | 32313462613238343663663431336262336637393939353162626330323930313961333430323761 5 | 3865343964393662360a313766336632663062323136626630616633616138666131383836313265 6 | 37653938363838623738343738633730373666316337626532633664663130313137626566663637 7 | 39616134616266626632333366616235616136653164626635633735303834363837663433623633 8 | 36656130363465636263393464653261303933396630366439636435323737326534643332333230 9 | 39303136393063366364373830313538363035666364323061613233396138643966626264303966 10 | 63383639376134323739366161336633373635376161343236653834666533343830646363613866 11 | 63313364316631633763343030313235613361333966343138626263393036633765613464343131 12 | 39303561326335323138356261646461393732646637393264356462333931313565623938623866 13 | 65366434363865636166396163353831303563623138633365663662653835353639333261323236 14 | 32616538393834633436386538363130333665616463366266636533383066646538393034346130 15 | 65376631303139343835643236353762666561643532303935633439356433653232323533653531 16 | 32306236306463656638356366366338303566623561383261333038383235336666306563313165 17 | 30633566633437616335616233346539306631633639663931343162333934626639663533643034 18 | 65383264386430323838336234396534386233653263633333396262336137333530303736346362 19 | 63626533643737643236623264343530356363333764336637373532613361363363383661306435 20 | 35653965623564323034643136353837363937623133313839626132663762316233666166333639 21 | 35323462316332303633356163353236626331613639306264303035316134363934646332323065 22 | 31383166313466373135306131393137386138623936613237393437303838393737643135386432 23 | 64623862316661373234363732626136623264356435346262383462646435636532373037636431 24 | 62393135623564613563336133666437323764616538393966313238363866643936356632346337 25 | 30366634636438343838613063353331636638366138326332373866336461653733383033363431 26 | 30373533303737636264666135616562376163633135343937626466643661336361626266383038 27 | 35653336346365386663363239326231613333323461396631316330373436353639326165653631 28 | 64643335316666383561356334653161393063633731323934306565666432333230653762633737 29 | 64636430643033343034303639383932333734373833663066383332316466373638373636613939 30 | 32613766376138636631333434383261316234303463383034656632643236353263373635636234 31 | 62623039373837666564656635356566323538643233623265306634336363633961356230623765 32 | 65373439636434303238373161373661393331326131643137366338336562633064393061316535 33 | 62303037663834323465653930363334663239366166386638623164386531386134663134633466 34 | 3239 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/PNQ2.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 33303237373532356335613262666262326535653039333232393262353132663836393565373836 3 | 3032333734303465643262636635376363316264306364380a663138313430376461303236663562 4 | 64356138663635306237326261313333313030393832343465353235643363343264646464616665 5 | 6164623065643734380a666263393465376331316566643437613333646165636230646130613539 6 | 62366663386365336430336136383530613566303237393136656133373836336565643162356431 7 | 32323535333733303362343461663939656132343539313564353130623032313763343134323434 8 | 64346333653166346539313630313136363234623065636538613063626266393564646366323361 9 | 38383262633430313736346135363137663531363333333237646566336337613463663362303633 10 | 37636132353262326336366666373835323661663534666265323530613538313433653235343736 11 | 32396339653733326139343566356563613062323666376361626463343335326538366434353734 12 | 35356162333533363962373830633566366130643861656332386266313366383039336566303435 13 | 38643137356336396637653239306661336264323435386561333062363030333539646437633466 14 | 38643439633062333034636264626265616639363562663335636463666634656564646237323336 15 | 30323530626536336431313566363635333765326334613062363761663337373835353636313936 16 | 34316461663963303433303134373064633531343262623932633535386462653038626539663131 17 | 64323133636638353739396635343232643333383933666436346330343436636539663333663633 18 | 34313965646164666233653339613236333665343564353362653062633065333163623562353038 19 | 32373439323964383535356265663433353533653536643437643365353835633265306361303164 20 | 38636531326532343331623430366534396466336566373430343231313139306436653937363938 21 | 32653637303131366462653439386238383938653637313066633937373236613838666663343839 22 | 64643265376334366238666164643438366562656236643730616537303839656663666666373866 23 | 32633932653436313466313330633137613263353934303565383362313361656266643231303131 24 | 36356236383861613838396666393334616136353164616566303537633733656462333565316137 25 | 35363364653965333339633932333366386431306663393434353962396239353038393863393533 26 | 65373565616633323664353633666339613338303837336663383432363030396334663763356335 27 | 39323535376530323263656432376662643664363666376530666139386334303431636432363862 28 | 36346565323061333962373938363134346530666137643065353539343833366435396631633061 29 | 66646433343236306166353863366665346231396439343635666364333163616566663665633631 30 | 35643263373566353562303966353165336130653933643336383762393233643738396466383463 31 | 36363130316339366130633436613936333338373762623331353863633232333037353362376465 32 | 35623862303730356238643064316464383233373830396638356133663564653239373538666362 33 | 33383838636235656330336562346135383366313737376362636636353235616536623862373038 34 | 3966 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/RDU2.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 63643037393036666566313933383663353731656432323466363861306132396664663732336537 3 | 3064336634363630366665393834383536383866356635310a336166356136303938376332386439 4 | 34643836636139353234303233643961656134316535303337653338326564313430633635633664 5 | 3331666665303835630a316561363863316638663639366536313964346461356633376633613262 6 | 30666631376138646638326165346431643561333065646431623366386632383433643633663262 7 | 31363366663464383434383863616332613533646136363837323665613839343136393734383663 8 | 62303136383533326334616134353965383637643963613034653833633832313161313636356134 9 | 32383436326536666362666438316636633031346665616261663336666639666663323239303330 10 | 64616233363264373162343238646532633030356134663661313434366633383335373963636465 11 | 32626638623664666631303339633561636430323832633739366534623032306532346665663935 12 | 36356636663435666361383962386565323166623331393166643836376439646161653031333763 13 | 30613237306235333636373562323539323865656161356535666435343137393366313663376237 14 | 66366463623934306564653233636332393863353361306462393039303832313462336135356461 15 | 63396430633636393530383534366531333932366237356531643161326166306561326164653663 16 | 63373336303966333864363732373839303330373831656662626539346266396132306636313461 17 | 39333661353734626262373861646230326338313262343133376361623939316639613932663863 18 | 37316133626564353835326666633337306335303034346435343064613363663039366630386532 19 | 62306532616165643663346535633139313936643365303535336134633365346261333561353135 20 | 37656236393034613834653066366236313666383663306334383165306661623538393763663331 21 | 35616339623537656539633663613134353765643035383366356661343439346337366165316635 22 | 63383234313131663465646661316539313832616533636639346262376535613031363639333636 23 | 64333333353334386635306634306662613632323437326333656564306263613933633864306333 24 | 64373732343964623161363339303237343562623364303838343439353838383964316232373035 25 | 31393764393766653366313964343061353464356464313638336363373862313465303435656235 26 | 37633636333537363336366239666564636635393834396239393965316365346335623261393336 27 | 65633761663535663565666661333639663630613236613364373263653163623739306539383965 28 | 65653834303430383461343063336334363935396561346233343932636637303266383539323938 29 | 35646239353664616336343131353663353632373336613965333664323932633632383430656363 30 | 31633763623130346432656136383036353861336564616435313638623430366639656531623438 31 | 38333565643933666238346562363530366332346332336533383965646432666436336130366134 32 | 37346434656634623164633338616461666561393865333863336534633762666236343237663033 33 | 65393830623361616430313263353263323634323231623135633232646533306634643761353565 34 | 3735 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/SIN2.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 30303363643735326335616563313136323966626366636638353236643334336664393935373531 3 | 3061356365643035623461363339313766313635356532330a626430366437393030356639663336 4 | 38326134333762316130633538613664633363303266383239373562373736313137613766313634 5 | 6432313933396436620a336566656637303263376163613237323566313239636138383530626465 6 | 39666563663935666636613134663232663232616434663234653532373134616436663736363039 7 | 63383735623930383131313935616439663730393662346336393566326531636262316539656235 8 | 30326239303236643036303330336636613534363534326362613832396439303836643763616433 9 | 38383830623764346136393064366334336338323735626333353362303232373133323937323036 10 | 34663730353162303831313934343165616632633130663361613739343364383365643838663564 11 | 61653833393363313939333738333565336632353838666333306233393039306534636535633937 12 | 65613562303432666434333662663732336139356566336666646632313437333561333530303536 13 | 61343636363433633061343536626166663730616461323135333732333839316261386633353063 14 | 30663738666336636536363231366164633837353436316431313463366335393532656261623735 15 | 65373539373964633338326233303833396638386439613939376666316361616533343662386338 16 | 33343862396363646332343535353531303335326439383435623365643931383532316263326363 17 | 31376135313962306431306435343234626665636434343763396534323436636433613939353934 18 | 66646234363565626662643064633337326561333730343838316534666439316134386365386332 19 | 37656139326238623533346261393861383665656436386534623236343135636433656465653662 20 | 65306530636635393738343836303464393565663036383831316462313063373165303862323965 21 | 30333139366130356166333838376566326435623237363062326266323661613663623932326233 22 | 63383036366161393765346332336139613738343132323633626535666139373461343834393665 23 | 32333062373730393966633130306634613966313630383066323831633264333731633531626535 24 | 64393166333135336138616334636162646532373161303239663738613964316564353039373263 25 | 35646134373661366238316636346535323631373231393265616264373861333738643438343037 26 | 65393464346261633430356137626239396532656262373439643038313166313035663265343832 27 | 32643935623662613736323331626137646437653434646165303933313061333639313834373764 28 | 32336438666438643730336331326438636131346365356333373761316664666162396233623533 29 | 37346238613139613031663866386261396338336136343861613635393865363233313131376336 30 | 65366131623631616136303637383864653536396432363032303238333631383639653034323162 31 | 34366165626330356265653532313435376139663061356161383131333837613937613165383864 32 | 66663739353166356536393931373135396139636236653231623638353762656539323161643336 33 | 62613536356662353965336538393866636135366266623263396163666234333637363134643664 34 | 6165 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/SYD.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 65363532363137613561343333633566396337636139623135326337353838333166343335663165 3 | 3135353331376463303830303236323334336264613864380a653863626231653965616639623533 4 | 33633561393538353263303937346133623139343434343165323639643637363264643662303637 5 | 3263353765633834370a336562666466396539383338653564386261663464353735376532333239 6 | 33396365343435346439306232636161326266633331663530633436306663613864376562303736 7 | 37323631383137353737356165393731616262653338653336376364303337373561306434306637 8 | 64356164633730323465356533666463616532386532636139646632663163333164663630616462 9 | 37393737343538336133373535343037653535653634376265626436343538356264623735333761 10 | 39643330376338386564626264373364386133363662663937373031623765336334303335326261 11 | 34373665373362346132646234383732626264346638323865326235373864346335653562613964 12 | 37343735306636323738653762356462663939623339643166366661663863363537303761623730 13 | 39383037666264303562623436356434306438656337356534366537613163376438326536636335 14 | 32623338666165633635343732323631343661373234616530313139323732346265333431306532 15 | 38333462636338303862356535376137363433613263643030383933653861313333303936323432 16 | 66323765393132646137363836396262646130613731363365313963376334613333636430613435 17 | 30623936356638373834623838343833303635393236333438663163663734393338373131646539 18 | 61646665383433393530303363616134616536393037353861323163663765653439336531336239 19 | 61613831373233353039376631306532346166326533373066623734333331623666653632333839 20 | 33333032666364356132663134366234623163343430613137373565666134666336313131303730 21 | 31623334306334613731353338333866626132306530333039396431653063646633323465393434 22 | 61343266323432323834613164613937316162386430313762656639643831633834636632656363 23 | 38316239356432366461623936346637386637336263356539393162303861623532396461626264 24 | 33386133323364353736353664386164373265663636666634376430343963323462393637306637 25 | 35376366613164393464376131383662393133343838613336383363316332626130643035343035 26 | 37353764663931383765363733643662316264346663633036363765333832633732343634376637 27 | 35616165376637343830633065346338636135303232613634303735653566346664633838656339 28 | 32353432656165343634626330366530363836393166373036396162373130306534353263653863 29 | 34613436376663633037323037336662386464386561656134336166653236356338323439303563 30 | 66626438653138323135333966306139303939323464303830333361373466313138633936653036 31 | 33663065346535366534643363333839636263363430313834303032393738656333336433306461 32 | 31663566663763396161396136303733363535303066633234353839633965316431383262643435 33 | 64383162633838383764633461316534363136306339306535643836326331316661646536316364 34 | 6463 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/TLV2.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 35393037646637333538303639356236356539613535633631666639666433336236373831313234 3 | 6231336333343232306566343033623233646334356262620a666166623862303964643962653765 4 | 35643563383162323139333232653737633065366238313635333435653565633735376634613935 5 | 3130373137666530340a373632613836633137303333326339373230356462396435363962623061 6 | 37623930323964333930666138626662653537306663306531363731646532333661323134376132 7 | 30383062326166366332386434616266396235346361393032373737306264316439353335316338 8 | 36653738663935343235316461393063366466306566353961366231633930653634313866363039 9 | 32616437336666376139303832336232363263333834666666356566363166633165306339386665 10 | 61626165653636636336633134623633643636336237303661663334343463336665343564633434 11 | 36613035323735323932363232636666666534356130393531653235633930666665346631386533 12 | 35313935636635386461336134376264646436373262336562613964363263393636303338336438 13 | 34366431313438333435333765333634633235386439626636303237646137353564323161303863 14 | 34343034323532613531633737663531623837313233666232613364613137393537303435626564 15 | 34323136383565326166636266323462636636613835623132626266613135643035633937373131 16 | 66376432656464333137366533643965636666663437356261613963373234323730353862373064 17 | 34313162323766656133333035626165326336303937333639326565613230646266613039313832 18 | 31383031326462303336316565303466326233633465373364336134613665343035653063326162 19 | 30393361383531323230613630386531336231343839353838626465356130653564316166373138 20 | 37626462363633303533383065613731383736396635366533623338373964626466303962316339 21 | 36653134353338653864613939333233313634646364616433316132373034376139313361633865 22 | 33353666386432386639666535656666353836393966653230623634393936636332373762316262 23 | 66353934373766313334396166373334643365633063653166376462363463653131636661663166 24 | 66303866363763366164313062663164303161623339343564316363366361313166323731653065 25 | 66333866326565376635636666346339366437653463343064396337376365643362376163623838 26 | 35643030303061333038306133353736386535323230646165306636346462303330366365616566 27 | 62376230653866633131326334393562663664633638623436663931373835313061653331373737 28 | 33613139383066316137663433363062643165313638336362326461663430353833626337663437 29 | 31353466316633383838313031643235656635313338623734613234303061336538326262346233 30 | 32656339663663643264346265376161323430346165623439323434633434353466386262343662 31 | 30396436363831336566313236333161326137643563643937303562303235613635353262346130 32 | 36663861623031666164336636623631306136346437656663623936643666343663386537326435 33 | 66373236613162393339323037363465633963346435623063343663666430373862316430346137 34 | 3762 35 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/NetworkManager/system-connections/PEK2-ALT.ovpn: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 66313032333839303462396362396539396433326637613863326432633161386665613332376261 3 | 6261616439616435303965353665626234363766323365330a633763663064646231333435316165 4 | 34653065343933613065623133353636376235303463323133306166343131386664306230346562 5 | 3961636164343361630a663164373330386364626666343336636433383663646437626165326134 6 | 37623162336539623935616563393236383833316565303462346334303338646564316435363036 7 | 66393165363833363035663666346265383939346437393435303336326432393730366231616433 8 | 38373063303466623130623139666364323438666436656466613739333434653663333438343937 9 | 36646665366238623030393136366462386331333233323665613037356130363738373637366538 10 | 61396661646135393764396437366230393362663930343230333732643133626363393739663837 11 | 38356633353534313563383138393732626566383636306566643833346530633639326366333330 12 | 65343938306237376265383862613064353833343231316237356366326661393361353439333662 13 | 30373861323961396364326631656365623438316631616566323430666162663337333834636238 14 | 64626433633131633132656538323536636537353964663237356664343665626339636139626137 15 | 65656533653030376233396165633835323431323035353062383836313935656539616265643738 16 | 63323737333566653361313831356562336538643163376633613564616331343530313231626465 17 | 66356435346633633837323462313663633865613262613438653030656364396334663835396434 18 | 35616336643663626463376463636166666537313434373864656430356331356637393662646132 19 | 62343463323238663964363031626432653432636539666630326439326461356536356638376437 20 | 38343137326366316438623733333739376233356331633762393039653866663936353232643336 21 | 66386239353039653632393539353033343137633137663536383730623134386432666263396234 22 | 64316262663933636465383130393265373738326335373333313233626339393662633962633136 23 | 30643933306132383563306165336661383139353561366133653639363063346236343034326162 24 | 62383130383730333261363263373637373436626434303565376663333531393030373538333264 25 | 61653066616431386463653565326239393966383639626234643637326334646162636161653666 26 | 63633131313066386634643265623137343832613836636564306261613138373966613965303034 27 | 62316535363561323336333039393030653963373666656331613264346435363830333665313731 28 | 62333330363232353534313561643266333638373366383735316162666638353233393963616430 29 | 63366132656334343533343365346437316339343838323132306161336663303162623530333238 30 | 35343332393766316131643339326539346238313231303730326663376435376230393635653133 31 | 36666639396234633237616266393637313565363166313561663063316331333562636436396434 32 | 63666230356238643937623436363438623265663536656231356632383731336335356263623734 33 | 61633034313435363261396630383338393866333165383533393430653033323133656432393466 34 | 30323139643234333461633935386161383337336231323237643463343463393130 35 | -------------------------------------------------------------------------------- /contrib/notes-fedora: -------------------------------------------------------------------------------- 1 | sudo sed -i 's/GROUP="plugdev", //g' /etc/udev/rules.d/{80-keychron,51-android}.rules 2 | 3 | sudo curl -o /etc/yum.repos.d/skype-stable.repo https://repo.skype.com/rpm/stable/skype-stable.repo 4 | sudo dnf install -y skypeforlinux 5 | 6 | sudo dnf copr enable luminoso/Signal-Desktop 7 | sudo dnf install -y signal-desktop 8 | 9 | sudo dnf install -y https://zoom.us/client/latest/zoom_x86_64.rpm 10 | 11 | # HP Pavilion / Mom's red laptop 12 | 13 | sudo curl -o /lib/firmware/brcm/BCM43142A0-0a5c-216d.hcd https://github.com/winterheart/broadcom-bt-firmware/raw/master/brcm/BCM43142A0-0a5c-216d.hcd 14 | 15 | # https://linux-hardware.org/index.php?id=usb:0a5c-216c 16 | 17 | # https://rpmfusion.org/Configuration 18 | sudo dnf install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm 19 | 20 | # https://docs.fedoraproject.org/en-US/quick-docs/setup_rpmfusion/#proc_enabling-the-rpmfusion-repositories-appstream-data_enabling-the-rpmfusion-repositories 21 | sudo dnf group update core 22 | 23 | sudo dnf group update multimedia --setop="install_weak_deps=False" --exclude=PackageKit-gstreamer-plugin 24 | # sudo dnf group install sound-and-video 25 | sudo dnf group update sound-and-video 26 | 27 | sudo dnf install rpmfusion-free-release-tainted 28 | sudo dnf install libdvdcss 29 | 30 | sudo dnf install rpmfusion-nonfree-release-tainted 31 | # Bluetooth firmware?? 32 | sudo dnf install \*-firmware 33 | 34 | # https://ibcomputing.com/install-wifi-driver-broadcom-bcm43142-linux/#How_to_install_WiFi_driver_for_Broadcom_BCM43142_WiFi_device_in_Fedora 35 | sudo dnf update && sudo dnf install kmod-wl 36 | # BCM43142 is not supported per https://wireless.wiki.kernel.org/en/users/drivers/b43#Supported_devices 37 | # which is why the proprietary `wl` module is necessary for it to function, `b43` won't work 38 | # kmod-wl provides "/lib/modules/*/extra/wl/wl.ko" ## /lib/modules/5.16.18-200.fc35.x86_64/extra/wl/wl.ko 39 | 40 | # Portable USB monitor ASUS ZenScreen MB16AC - 15,6" 41 | # Full HD, Hybrid Signal Solution, USB Typu C, Flicker Free, Blue Light Filter 42 | sudo dnf install https://github.com/displaylink-rpm/displaylink-rpm/releases/download/v5.5.0/fedora-$(rpm -E %fedora)-displaylink-1.10.1-1.x86_64.rpm 43 | 44 | # Firefox GPU acceleration / Web page rendering / GLES 45 | # https://fedoraproject.org/wiki/Firefox_Hardware_acceleration#Web_page_rendering 46 | sudo dnf install egl-utils 47 | 48 | # Firefox GPU acceleration / Video Decoding 49 | # https://fedoraproject.org/wiki/Firefox_Hardware_acceleration#Video_decoding_on_AMD 50 | # (src: RPM Fusion) 51 | sudo dnf install ffmpeg libva libva-utils 52 | 53 | # Intel® Wi-Fi 6 AX200 160MHz: 54 | sudo dnf install iwlax2xx-firmware 55 | 56 | # Cut multipathd-related 3-minute delay 57 | sudo systemctl mask systemd-udev-settle 58 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/templates/redshift.conf.j2: -------------------------------------------------------------------------------- 1 | ; Global settings for redshift 2 | [redshift] 3 | ; Set the day and night screen temperatures 4 | temp-day=5700 5 | temp-night=3500 6 | ; defaults: day -- 6500K; night -- 4500K 7 | ; ubuntu examples: day -- 5800K; night -- 4800K 8 | 9 | ; Disable the smooth fade between temperatures when Redshift starts and stops. 10 | ; 0 will cause an immediate change between screen temperatures. 11 | ; 1 will gradually apply the new screen temperature over a couple of seconds. 12 | fade=1 13 | 14 | ; Solar elevation thresholds. 15 | ; By default, Redshift will use the current elevation of the sun to determine 16 | ; whether it is daytime, night or in transition (dawn/dusk). When the sun is 17 | ; above the degrees specified with elevation-high it is considered daytime and 18 | ; below elevation-low it is considered night. 19 | ;elevation-high=3 20 | ;elevation-low=-6 21 | 22 | ; Custom dawn/dusk intervals. 23 | ; Instead of using the solar elevation, the time intervals of dawn and dusk 24 | ; can be specified manually. The times must be specified as HH:MM in 24-hour 25 | ; format. 26 | ;dawn-time=6:00-7:45 27 | ;dusk-time=18:35-20:15 28 | 29 | ; Set the screen brightness. Default is 1.0. 30 | ;brightness=0.9 31 | ; It is also possible to use different settings for day and night 32 | ; since version 1.8. 33 | ;brightness-day=0.7 34 | ;brightness-night=0.4 35 | ; Set the screen gamma (for all colors, or each color channel 36 | ; individually) 37 | gamma=0.8 38 | ;gamma=0.8:0.7:0.8 39 | ; This can also be set individually for day and night since 40 | ; version 1.10. 41 | ;gamma-day=0.8:0.7:0.8 42 | ;gamma-night=0.6 43 | 44 | ; Set the location-provider: 'geoclue2', 'manual' 45 | ; type 'redshift -l list' to see possible values. 46 | ; The location provider settings are in a different section. 47 | location-provider=manual 48 | 49 | ; Set the adjustment-method: 'randr', 'vidmode' 50 | ; type 'redshift -m list' to see all possible values. 51 | ; 'randr' is the preferred method, 'vidmode' is an older API. 52 | ; but works in some cases when 'randr' does not. 53 | ; The adjustment method settings are in a different section. 54 | adjustment-method=randr 55 | 56 | ; Configuration of the location-provider: 57 | ; type 'redshift -l PROVIDER:help' to see the settings. 58 | ; ex: 'redshift -l manual:help' 59 | ; Keep in mind that longitudes west of Greenwich (e.g. the Americas) 60 | ; are negative numbers. 61 | [manual] 62 | lat={{ awesome.widgets.open_weather_map.latitude }} 63 | lon={{ awesome.widgets.open_weather_map.longitude }} 64 | 65 | ; Configuration of the adjustment-method 66 | ; type 'redshift -m METHOD:help' to see the settings. 67 | ; ex: 'redshift -m randr:help' 68 | ; In this example, randr is configured to adjust only screen 0. 69 | ; Note that the numbering starts from 0, so this is actually the first screen. 70 | ; If this option is not specified, Redshift will try to adjust _all_ screens. 71 | ; [randr] 72 | ; screen=0 73 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/sssd-2.2.3-glibc-2.32-compat.patch: -------------------------------------------------------------------------------- 1 | From fe9eeb51be06059721e873f77092b1e9ba08e6c1 Mon Sep 17 00:00:00 2001 2 | From: =?UTF-8?q?Michal=20=C5=BDidek?= 3 | Date: Thu, 27 Feb 2020 06:50:40 +0100 4 | Subject: [PATCH] nss: Collision with external nss symbol 5 | MIME-Version: 1.0 6 | Content-Type: text/plain; charset=UTF-8 7 | Content-Transfer-Encoding: 8bit 8 | 9 | One of our internal static function names started 10 | to collide with external nss symbol. Additional 11 | sss_ suffix was added to avoid the collision. 12 | 13 | This is needed to unblock Fedora Rawhide's 14 | SSSD build. 15 | 16 | Reviewed-by: Pavel Březina 17 | --- 18 | src/responder/nss/nss_cmd.c | 18 ++++++++++-------- 19 | 1 file changed, 10 insertions(+), 8 deletions(-) 20 | 21 | diff --git a/src/responder/nss/nss_cmd.c b/src/responder/nss/nss_cmd.c 22 | index 356aea1564..02706c4b94 100644 23 | --- a/src/responder/nss/nss_cmd.c 24 | +++ b/src/responder/nss/nss_cmd.c 25 | @@ -731,11 +731,13 @@ static void nss_getent_done(struct tevent_req *subreq) 26 | talloc_free(cmd_ctx); 27 | } 28 | 29 | -static void nss_setnetgrent_done(struct tevent_req *subreq); 30 | +static void sss_nss_setnetgrent_done(struct tevent_req *subreq); 31 | 32 | -static errno_t nss_setnetgrent(struct cli_ctx *cli_ctx, 33 | - enum cache_req_type type, 34 | - nss_protocol_fill_packet_fn fill_fn) 35 | +/* This function's name started to collide with external nss symbol, 36 | + * so it has additional sss_* prefix unlike other functions here. */ 37 | +static errno_t sss_nss_setnetgrent(struct cli_ctx *cli_ctx, 38 | + enum cache_req_type type, 39 | + nss_protocol_fill_packet_fn fill_fn) 40 | { 41 | struct nss_ctx *nss_ctx; 42 | struct nss_state_ctx *state_ctx; 43 | @@ -777,7 +779,7 @@ static errno_t nss_setnetgrent(struct cli_ctx *cli_ctx, 44 | goto done; 45 | } 46 | 47 | - tevent_req_set_callback(subreq, nss_setnetgrent_done, cmd_ctx); 48 | + tevent_req_set_callback(subreq, sss_nss_setnetgrent_done, cmd_ctx); 49 | 50 | ret = EOK; 51 | 52 | @@ -790,7 +792,7 @@ static errno_t nss_setnetgrent(struct cli_ctx *cli_ctx, 53 | return EOK; 54 | } 55 | 56 | -static void nss_setnetgrent_done(struct tevent_req *subreq) 57 | +static void sss_nss_setnetgrent_done(struct tevent_req *subreq) 58 | { 59 | struct nss_cmd_ctx *cmd_ctx; 60 | errno_t ret; 61 | @@ -1040,8 +1042,8 @@ static errno_t nss_cmd_initgroups_ex(struct cli_ctx *cli_ctx) 62 | 63 | static errno_t nss_cmd_setnetgrent(struct cli_ctx *cli_ctx) 64 | { 65 | - return nss_setnetgrent(cli_ctx, CACHE_REQ_NETGROUP_BY_NAME, 66 | - nss_protocol_fill_setnetgrent); 67 | + return sss_nss_setnetgrent(cli_ctx, CACHE_REQ_NETGROUP_BY_NAME, 68 | + nss_protocol_fill_setnetgrent); 69 | } 70 | 71 | static errno_t nss_cmd_getnetgrent(struct cli_ctx *cli_ctx) 72 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/X11/xorg.conf: -------------------------------------------------------------------------------- 1 | # nvidia-settings: X configuration file generated by nvidia-settings 2 | # nvidia-settings: version 396.24 (portage@wk-gentoo-laptop-lenovo-p50-rh) Sat May 19 14:31:34 CEST 2018 3 | 4 | # nvidia-xconfig: X configuration file generated by nvidia-xconfig 5 | # nvidia-xconfig: version 390.25 (buildmeister@swio-display-x86-rhel47-03) Wed Jan 24 20:46:04 PST 2018 6 | 7 | Section "ServerLayout" 8 | Identifier "Layout0" 9 | Screen 0 "Screen0" 0 0 10 | InputDevice "Keyboard0" "CoreKeyboard" 11 | InputDevice "Mouse0" "CorePointer" 12 | Option "Xinerama" "0" 13 | EndSection 14 | 15 | Section "Files" 16 | EndSection 17 | 18 | Section "InputDevice" 19 | 20 | # generated from data in "/etc/conf.d/gpm" 21 | Identifier "Mouse0" 22 | Driver "mouse" 23 | Option "Protocol" 24 | Option "Device" "/dev/input/mice" 25 | Option "Emulate3Buttons" "no" 26 | Option "ZAxisMapping" "4 5" 27 | EndSection 28 | 29 | Section "InputDevice" 30 | 31 | # generated from default 32 | Identifier "Keyboard0" 33 | Driver "kbd" 34 | EndSection 35 | 36 | Section "Monitor" 37 | Identifier "Monitor0" 38 | VendorName "Unknown" 39 | ModelName "NEC E231W" 40 | HorizSync 31.0 - 83.0 41 | VertRefresh 56.0 - 76.0 42 | Option "DPMS" 43 | EndSection 44 | 45 | Section "Monitor" 46 | 47 | #ModelName "NEC E231W" 48 | #HorizSync 31.0 - 83.0 49 | #VertRefresh 56.0 - 76.0 50 | Identifier "Monitor1" 51 | VendorName "Unknown" 52 | Option "DPMS" 53 | EndSection 54 | 55 | Section "Device" 56 | Identifier "NVIDIA Graphics" 57 | Driver "nvidia" 58 | VendorName "NVIDIA Corporation" 59 | BoardName "Quadro M1000M" 60 | BusID "PCI:1:0:0" 61 | EndSection 62 | 63 | Section "Device" 64 | 65 | #Driver "intel" 66 | Identifier "Intel Graphics" 67 | Driver "modesetting" 68 | BusID "PCI:0:2:0" 69 | EndSection 70 | 71 | Section "Device" 72 | Identifier "Device0" 73 | Driver "nvidia" 74 | VendorName "NVIDIA Corporation" 75 | BoardName "Quadro M1000M" 76 | EndSection 77 | 78 | Section "Screen" 79 | # Removed Option "metamodes" "DP-3.1: nvidia-auto-select +1920+0, DP-1: nvidia-auto-select +0+0" 80 | # Removed Option "MultiGPU" "On" 81 | Identifier "Screen0" 82 | Device "Device0" 83 | Monitor "Monitor0" 84 | DefaultDepth 24 85 | Option "AllowEmptyInitialConfiguration" "True" 86 | Option "Stereo" "0" 87 | Option "nvidiaXineramaInfoOrder" "DFP-3.1" 88 | Option "metamodes" "DP-3.1: nvidia-auto-select +1920+0, DP-1: nvidia-auto-select +0+0, DP-4: nvidia-auto-select +3840+0" 89 | Option "SLI" "Off" 90 | Option "MultiGPU" "Off" 91 | Option "BaseMosaic" "off" 92 | SubSection "Display" 93 | Depth 24 94 | EndSubSection 95 | EndSection 96 | 97 | Section "Screen" 98 | Identifier "Screen1" 99 | Device "Intel Graphics" 100 | Monitor "Monitor1" 101 | DefaultDepth 24 102 | Option "Stereo" "0" 103 | Option "MultiGPU" "On" 104 | Option "BaseMosaic" "off" 105 | SubSection "Display" 106 | Depth 24 107 | EndSubSection 108 | EndSection 109 | 110 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/templates/init.vim.j2: -------------------------------------------------------------------------------- 1 | " nvim config entry point 2 | " vim:se ft=vim: 3 | 4 | " Vundle config start 5 | set nocompatible " be iMproved, required 6 | filetype off " required 7 | 8 | " set the runtime path to include Vundle and initialize 9 | set rtp+={{ vundle_self_path }} 10 | call vundle#begin('{{ vundle.bundle_path }}') 11 | 12 | " let Vundle manage Vundle, required 13 | Plugin '{{ vundle.self_plugin }}' 14 | 15 | {% for plugin in vundle.plugins or [] %} 16 | 17 | Plugin '{{ plugin.id }}'{% if plugin.config is defined 18 | %}, {{ plugin.config }}{% 19 | endif %} 20 | 21 | {% endfor %} 22 | 23 | call vundle#end() " required 24 | filetype plugin indent on " required 25 | " To ignore plugin indent changes, instead use: 26 | "filetype plugin on 27 | " 28 | " Brief help 29 | " :PluginList - lists configured plugins 30 | " :PluginInstall - installs plugins; append `!` to update or just :PluginUpdate 31 | " :PluginSearch foo - searches for foo; append `!` to refresh local cache 32 | " :PluginClean - confirms removal of unused plugins; append `!` to auto-approve removal 33 | " 34 | " see :h vundle for more details or wiki for FAQ 35 | " Put your non-Plugin stuff after this line 36 | 37 | 38 | " The rest of config 39 | 40 | set tabstop=8 softtabstop=0 expandtab shiftwidth=4 smarttab 41 | 42 | set cursorcolumn 43 | set cursorline 44 | 45 | set shell=zsh 46 | 47 | set number 48 | 49 | set colorcolumn=73,80,101 50 | " set colorcolumn=73,80,101 set colorcolumn=73,80,101 set colorcolumn=73,80,101 hehe loooooolllllooolllll 51 | highlight ColorColumn ctermbg=darkgrey ctermfg=lightgreen guibg=lightgrey 52 | 53 | highlight OverLength ctermbg=208 ctermfg=white guibg=#592929 54 | match OverLength /\%<81v.\%>80v/ 55 | 56 | highlight CriticalOverLength ctermbg=red ctermfg=white guibg=#592929 57 | 2match CriticalOverLength /\%<102v.\%>101v/ 58 | 59 | " There's also 3match: https://superuser.com/a/211965/182499 60 | highlight DocOverLength ctermbg=green ctermfg=white guibg=#592929 61 | "3match DocOverLength /\%<74v.\%>73v/ 62 | 63 | " https://github.com/klardotsh/dotfiles/blob/1b78d67613435793208d2ded2d0e067891e1ab34/.config/nvim/init.vim 64 | 65 | 66 | "Set the color scheme. Change this to your preference. 67 | "Here's 100 to choose from: http://www.vim.org/scripts/script.php?script_id=625 68 | "colorscheme twilight 69 | "colorscheme sea 70 | 71 | " Color scheme 72 | set t_Co=256 73 | let g:solarized_termcolors=256 74 | set background=dark 75 | colorscheme solarized 76 | 77 | "------------------------" 78 | "NERDTREE PLUGIN SETTINGS" 79 | "------------------------" 80 | "Shortcut for NERDTreeToggle 81 | nmap nt :NERDTreeToggle 82 | 83 | "Show hidden files in NerdTree 84 | let NERDTreeShowHidden=1 85 | 86 | "autopen NERDTree and focus cursor in new document 87 | "autocmd VimEnter * NERDTree 88 | "autocmd VimEnter * wincmd p 89 | 90 | " NERDTree 91 | nmap :NERDTreeToggle 92 | imap :NERDTreeToggle 93 | let NERDTreeIgnore = ['\.pyc$'] 94 | 95 | "------------------------" 96 | " fuzzy finder " 97 | "------------------------" 98 | map ; :Files 99 | 100 | "------------------------" 101 | " gitgutter " 102 | "------------------------" 103 | set signcolumn=yes 104 | 105 | "------------------------" 106 | " fzf " 107 | "------------------------" 108 | set rtp+=/usr/local/opt/fzf 109 | 110 | "------------------------" 111 | " jedi-vim " 112 | "------------------------" 113 | let g:jedi#force_py_version = '3.7' 114 | 115 | "------------------------" 116 | " vimtex " 117 | "------------------------" 118 | let g:tex_flavor = 'latex' 119 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/udev/rules.d/51-android.rules: -------------------------------------------------------------------------------- 1 | SUBSYSTEM=="usb", ATTR{idVendor}=="0502", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Acer 2 | SUBSYSTEM=="usb", ATTR{idVendor}=="1949", MODE="0664", GROUP="plugdev", SYMLINK+="android%n" # Amazon 3 | SUBSYSTEM=="usb", ATTR{idVendor}=="0b05", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # ASUS 4 | SUBSYSTEM=="usb", ATTR{idVendor}=="413c", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Dell 5 | SUBSYSTEM=="usb", ATTR{idVendor}=="0489", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Foxconn 6 | SUBSYSTEM=="usb", ATTR{idVendor}=="04c5", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Fujitsu 7 | SUBSYSTEM=="usb", ATTR{idVendor}=="04c5", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Fujitsu Toshiba 8 | SUBSYSTEM=="usb", ATTR{idVendor}=="091e", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Garmin-Asus 9 | SUBSYSTEM=="usb", ATTR{idVendor}=="0414", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Gigabyte 10 | SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Google 11 | SUBSYSTEM=="usb", ATTR{idVendor}=="201E", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Haier 12 | SUBSYSTEM=="usb", ATTR{idVendor}=="109b", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Hisense 13 | SUBSYSTEM=="usb", ATTR{idVendor}=="0bb4", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # HTC 14 | SUBSYSTEM=="usb", ATTR{idVendor}=="12d1", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Huawei 15 | SUBSYSTEM=="usb", ATTR{idVendor}=="24e3", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # K-Touch 16 | SUBSYSTEM=="usb", ATTR{idVendor}=="2116", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # KT Tech 17 | SUBSYSTEM=="usb", ATTR{idVendor}=="0482", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Kyocera 18 | SUBSYSTEM=="usb", ATTR{idVendor}=="17ef", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Lenovo 19 | SUBSYSTEM=="usb", ATTR{idVendor}=="1004", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # LG 20 | SUBSYSTEM=="usb", ATTR{idVendor}=="22b8", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Motorola 21 | SUBSYSTEM=="usb", ATTR{idVendor}=="0e8d", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # MTK 22 | SUBSYSTEM=="usb", ATTR{idVendor}=="0409", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # NEC 23 | SUBSYSTEM=="usb", ATTR{idVendor}=="2080", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Nook 24 | SUBSYSTEM=="usb", ATTR{idVendor}=="0955", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Nvidia 25 | SUBSYSTEM=="usb", ATTR{idVendor}=="2257", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # OTGV 26 | SUBSYSTEM=="usb", ATTR{idVendor}=="10a9", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Pantech 27 | SUBSYSTEM=="usb", ATTR{idVendor}=="1d4d", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Pegatron 28 | SUBSYSTEM=="usb", ATTR{idVendor}=="0471", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Philips 29 | SUBSYSTEM=="usb", ATTR{idVendor}=="04da", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # PMC-Sierra 30 | SUBSYSTEM=="usb", ATTR{idVendor}=="05c6", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Qualcomm 31 | SUBSYSTEM=="usb", ATTR{idVendor}=="1f53", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # SK Telesys 32 | SUBSYSTEM=="usb", ATTR{idVendor}=="04e8", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Samsung 33 | SUBSYSTEM=="usb", ATTR{idVendor}=="04dd", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Sharp 34 | SUBSYSTEM=="usb", ATTR{idVendor}=="054c", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Sony 35 | SUBSYSTEM=="usb", ATTR{idVendor}=="0fce", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Sony Ericsson 36 | SUBSYSTEM=="usb", ATTR{idVendor}=="2340", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Teleepoch 37 | SUBSYSTEM=="usb", ATTR{idVendor}=="0930", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # Toshiba 38 | SUBSYSTEM=="usb", ATTR{idVendor}=="2717", MODE="0660", GROUP="plugdev", SYMLINK+="android%n" # Xiaomi 39 | SUBSYSTEM=="usb", ATTR{idVendor}=="19d2", MODE="0666", GROUP="plugdev", SYMLINK+="android%n" # ZTE -------------------------------------------------------------------------------- /roles/gentoo-userspace/tasks/src.yml: -------------------------------------------------------------------------------- 1 | --- # vim:se ft=ansible: 2 | - name: Create experiments dir 3 | file: 4 | dest: "{{ code_workspace.source_dir }}/experiments" 5 | state: directory 6 | - name: Populate user's known_hosts file 7 | known_hosts: 8 | state: present 9 | host: "{{ item.0.fqdn }}" 10 | key: >- 11 | {{ 12 | [item.0.fqdn] 13 | | union(item.0.ssh_pubkey_hostnames | default([])) 14 | | join(',') 15 | }} {{ item.1 }} 16 | with_subelements: 17 | - "{{ code_workspace.repos }}" 18 | - ssh_host_keys 19 | - name: Sync source code repos # noqa 401 20 | async: 45 21 | poll: 0 22 | git: 23 | clone: yes 24 | dest: "{{ code_workspace.source_dir }}/{{ item.0.name }}/{{ item.1 }}" 25 | recursive: yes 26 | repo: git@{{ item.0.fqdn }}:{{ item.1 }}.git 27 | update: yes 28 | with_subelements: 29 | - "{{ code_workspace.repos }}" 30 | - slugs 31 | register: git_sync_cmd_async_jobs 32 | - name: Wait for syncing the source code repos to finish 33 | async_status: 34 | jid: > 35 | {{ git_sync_cmd_result.ansible_job_id }} 36 | loop: > 37 | {{ git_sync_cmd_async_jobs.results }} 38 | loop_control: 39 | loop_var: git_sync_cmd_result 40 | register: git_sync_cmd_results 41 | until: git_sync_cmd_results.finished 42 | retries: 300 43 | failed_when: > 44 | ('rc' in git_sync_cmd_result and git_sync_cmd_result.rc == 128 and 45 | ('Failed to checkout branch' not in git_sync_cmd_result.msg or 46 | (stderr in git_sync_cmd_result and 47 | 'Could not read from remote repository.' 48 | in git_sync_cmd_result.stderr) 49 | ) 50 | ) or 51 | (git_sync_cmd_result.failed and 52 | git_sync_cmd_result.msg != 53 | 'Local modifications exist in repository (force=no).' and 54 | 'Failed to checkout branch' not in git_sync_cmd_result.msg) 55 | changed_when: git_sync_cmd_result.changed 56 | - name: Set up additional repo remotes for forks # noqa 303 57 | command: >- 58 | git remote add fork 59 | 'git@{{ item.0.fqdn }}:{{ item.0.forked_as[item.1] }}.git' 60 | args: 61 | chdir: "{{ code_workspace.source_dir }}/{{ item.0.name }}/{{ item.1 }}" 62 | with_subelements: 63 | - "{{ code_workspace.repos }}" 64 | - slugs 65 | when: item.1 in item.0.forked_as 66 | register: git_remote 67 | failed_when: > 68 | ('msg' in git_remote and 69 | '[Errno 2] No such file or directory' in git_remote.msg) or 70 | (git_remote.rc == 3 and 71 | 'error: remote fork already exists.' not in git_remote.stderr_lines and 72 | 'fatal: remote fork already exists.' not in git_remote.stderr_lines) 73 | changed_when: > 74 | ('msg' in git_remote and 75 | '[Errno 2] No such file or directory' in git_remote.msg) and 76 | git_remote.rc == 0 and 77 | not git_remote.stderr_lines | count and 78 | not git_remote.stdout_lines | count 79 | - name: Compute pre-existing checked out forks with remotes 80 | set_fact: 81 | forked_remotes_to_be_updated: >- 82 | {{ 83 | git_remote.results 84 | | selectattr('rc', 'defined') 85 | | selectattr('rc', 'eq', 3) 86 | | selectattr('stderr', 'defined') 87 | | selectattr( 88 | 'stderr', 'match', '(error|fatal): remote fork already exists\.' 89 | ) 90 | | map(attribute='item') 91 | }} 92 | - name: Update existing remotes for forks # noqa 303 93 | command: >- 94 | git remote set-url fork 95 | 'git@{{ item.0.fqdn }}:{{ item.0.forked_as[item.1] }}.git' 96 | args: 97 | chdir: "{{ code_workspace.source_dir }}/{{ item.0.name }}/{{ item.1 }}" 98 | loop: >- 99 | {{ forked_remotes_to_be_updated }} 100 | #- name: Extend forked??? repos with pull-requests fetch # noqa 303 101 | # command: >- 102 | # git config --local --get-regexp remote.origin.fetch '\+refs/pull/\*/head:' # FIXME: test 103 | # git config --add remote.origin.fetch '+refs/pull/*/head:refs/pull/origin/*' 104 | # args: 105 | # chdir: >- 106 | # {{ code_workspace.source_dir }}/{{ item.0.name }}/{{ item.1 }} 107 | # with_subelements: 108 | # - "{{ code_workspace.repos }}" 109 | # - slugs 110 | # when: item.1 in item.0.forked_as 111 | # register: git_remote 112 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/templates/zshrc.zsh-template: -------------------------------------------------------------------------------- 1 | # If you come from bash you might have to change your $PATH. 2 | # export PATH=$HOME/bin:/usr/local/bin:$PATH 3 | 4 | # Path to your oh-my-zsh installation. 5 | export ZSH=$HOME/.oh-my-zsh 6 | 7 | # Set name of the theme to load. Optionally, if you set this to "random" 8 | # it'll load a random theme each time that oh-my-zsh is loaded. 9 | # See https://github.com/robbyrussell/oh-my-zsh/wiki/Themes 10 | ZSH_THEME="{{ oh_my_zsh.theme | default('robbyrussell') }}" 11 | 12 | # Set list of themes to load 13 | # Setting this variable when ZSH_THEME=random 14 | # cause zsh load theme from this variable instead of 15 | # looking in ~/.oh-my-zsh/themes/ 16 | # An empty array have no effect 17 | # ZSH_THEME_RANDOM_CANDIDATES=( "robbyrussell" "agnoster" ) 18 | 19 | # Uncomment the following line to use case-sensitive completion. 20 | # CASE_SENSITIVE="true" 21 | 22 | # Uncomment the following line to use hyphen-insensitive completion. Case 23 | # sensitive completion must be off. _ and - will be interchangeable. 24 | # HYPHEN_INSENSITIVE="true" 25 | 26 | # Uncomment the following line to disable bi-weekly auto-update checks. 27 | # DISABLE_AUTO_UPDATE="true" 28 | 29 | # Uncomment the following line to change how often to auto-update (in days). 30 | # export UPDATE_ZSH_DAYS=13 31 | 32 | # Uncomment the following line to disable colors in ls. 33 | # DISABLE_LS_COLORS="true" 34 | 35 | # Uncomment the following line to disable auto-setting terminal title. 36 | # DISABLE_AUTO_TITLE="true" 37 | 38 | # Uncomment the following line to enable command auto-correction. 39 | # ENABLE_CORRECTION="true" 40 | 41 | # Uncomment the following line to display red dots whilst waiting for completion. 42 | # COMPLETION_WAITING_DOTS="true" 43 | 44 | # Uncomment the following line if you want to disable marking untracked files 45 | # under VCS as dirty. This makes repository status check for large repositories 46 | # much, much faster. 47 | # DISABLE_UNTRACKED_FILES_DIRTY="true" 48 | 49 | # Uncomment the following line if you want to change the command execution time 50 | # stamp shown in the history command output. 51 | # The optional three formats: "mm/dd/yyyy"|"dd.mm.yyyy"|"yyyy-mm-dd" 52 | # HIST_STAMPS="mm/dd/yyyy" 53 | 54 | # Would you like to use another custom folder than $ZSH/custom? 55 | # ZSH_CUSTOM=/path/to/new-custom-folder 56 | 57 | {% if ansible_distribution == 'MacOSX' %} 58 | ZSH_DISABLE_COMPFIX=true 59 | {% endif %} 60 | 61 | # Which plugins would you like to load? (plugins can be found in ~/.oh-my-zsh/plugins/*) 62 | # Custom plugins may be added to ~/.oh-my-zsh/custom/plugins/ 63 | # Example format: plugins=(rails git textmate ruby lighthouse) 64 | # Add wisely, as too many plugins slow down shell startup. 65 | plugins=( 66 | {{ oh_my_zsh.plugins | default([]) | join(' ') }} 67 | {{ oh_my_zsh.custom_plugins.keys() | default([]) | join(' ') }} 68 | ) 69 | 70 | {% for plugin_name, plugin_config in oh_my_zsh.plugin_settings.items() %} 71 | {% for setting_name, setting_value in plugin_config.items() %} 72 | zstyle :omz:plugins:{{ plugin_name }} {{ setting_name }} {{ setting_value }} 73 | {% endfor %} 74 | {% endfor %} 75 | 76 | #zstyle :omz:plugins:ssh-agent agent-forwarding on 77 | #zstyle :omz:plugins:ssh-agent identities id_rsa id_rsa_encrypted 78 | #zstyle :omz:plugins:ssh-agent lifetime 4h # Forever by default 79 | 80 | source $ZSH/oh-my-zsh.sh 81 | 82 | # User configuration 83 | 84 | ZSH_HIGHLIGHT_STYLES[comment]='fg=8' 85 | 86 | # export MANPATH="/usr/local/man:$MANPATH" 87 | 88 | # You may need to manually set your language environment 89 | export LANG='{{ oh_my_zsh.locale | default('en_US.UTF-8') }}' 90 | 91 | # Preferred editor for local and remote sessions 92 | # if [[ -n $SSH_CONNECTION ]]; then 93 | # export EDITOR='vim' 94 | # else 95 | # export EDITOR='mvim' 96 | # fi 97 | export EDITOR='{{ oh_my_zsh.editor | default('vim') }}' 98 | export VISUAL="$EDITOR" 99 | 100 | # Compilation flags 101 | # export ARCHFLAGS="-arch x86_64" 102 | 103 | # ssh 104 | # export SSH_KEY_PATH="~/.ssh/rsa_id" 105 | 106 | # Set personal aliases, overriding those provided by oh-my-zsh libs, 107 | # plugins, and themes. Aliases can be placed here, though oh-my-zsh 108 | # users are encouraged to define aliases within the ZSH_CUSTOM folder. 109 | # For a full list of active aliases, run `alias`. 110 | # 111 | # Example aliases 112 | # alias zshconfig="mate ~/.zshrc" 113 | # alias ohmyzsh="mate ~/.oh-my-zsh" 114 | -------------------------------------------------------------------------------- /library/eix.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # -*- coding: utf-8 -*- 3 | 4 | # (c) 2018, Sviatoslav Sydorenko 5 | # 6 | # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) 7 | 8 | """Support for Eix software under Gentoo.""" 9 | from __future__ import absolute_import, print_function, unicode_literals 10 | __metaclass__ = type 11 | 12 | 13 | ANSIBLE_METADATA = {'metadata_version': '1.1', 14 | 'status': ['preview'], 15 | 'supported_by': 'community'} 16 | 17 | 18 | DOCUMENTATION = """ 19 | --- 20 | module: eix 21 | short_description: eix portage tree database for Gentoo 22 | description: 23 | - Manages, syncx and indexes Gentoo portage tree 24 | version_added: "2.6" 25 | 26 | options: 27 | action: 28 | description: > 29 | eix action to perform 30 | required: true 31 | default: "update" 32 | choices: [ "sync", "update" ] 33 | 34 | requirements: [ eix ] 35 | author: 36 | - "Sviatoslav Sydorenko (@webknjaz)" 37 | notes: [] 38 | """ 39 | 40 | 41 | EXAMPLES = """ 42 | # Update eix db 43 | - eix: 44 | action: update 45 | 46 | # Sync and update eix db 47 | - eix: 48 | action: sync 49 | """ 50 | 51 | 52 | import six 53 | 54 | from ansible.module_utils.basic import AnsibleModule 55 | 56 | 57 | class EixModuleError(RuntimeError): 58 | def __init__(self, msg, error_args={}, *args, **kwargs): 59 | super(EixModuleError, self).__init__(msg, *args, **kwargs) 60 | 61 | self.error_args = error_args 62 | self.error_args['msg'] = self.error_args.get('msg', msg) 63 | 64 | 65 | class InvalidEixParamError(EixModuleError): 66 | pass 67 | 68 | 69 | class InvalidEixActionError(InvalidEixParamError): 70 | pass 71 | 72 | 73 | class EixCmdFailedError(EixModuleError): 74 | def __init__(self, msg, error_args={}, *args, **kwargs): 75 | for arg in 'cmd', 'rc': 76 | assert arg in error_args 77 | 78 | super(EixCmdFailedError, self).__init__( 79 | msg, error_args=error_args, 80 | *args, **kwargs, 81 | ) 82 | 83 | 84 | class EixAnsibleModule(AnsibleModule): 85 | @classmethod 86 | def execute(cls): 87 | cls().run() 88 | 89 | def __init__(self): 90 | super(EixAnsibleModule, self).__init__( 91 | argument_spec=dict( 92 | action=dict(default='update', choices=['sync', 'update']), 93 | ), 94 | required_one_of=[['action']], 95 | supports_check_mode=False, 96 | ) 97 | 98 | self.eix_path = self.get_bin_path('eix', required=True) 99 | self.eix_sync_path = self.get_bin_path('eix-sync', required=True) 100 | self.eix_update_path = self.get_bin_path('eix-update', required=True) 101 | 102 | @property 103 | def action_name(self): 104 | return self.params['action'] 105 | 106 | @property 107 | def dispatch(self): 108 | try: 109 | return getattr(self, self.action_name) 110 | except AttributeError as attr_err: 111 | six.raise_from( 112 | InvalidEixActionError( 113 | "There's no such action: {}".format(self.action_name), 114 | error_args={}, 115 | ), 116 | attr_err, 117 | ) 118 | 119 | def run(self): 120 | """Execute action chosen.""" 121 | try: 122 | action_result = self.dispatch() 123 | self.exit_json( 124 | msg='{} completed.'.format(self.action_name.title()), 125 | **action_result, 126 | ) 127 | except EixModuleError as mod_err: 128 | self.fail_json(**mod_err.error_args,) 129 | 130 | def run_or_raise(self, cmd): 131 | rc, out, err = self.run_command(cmd + self.default_args, environ_update={'EMERGE_DEFAULT_OPTS': '--ask=n'}) 132 | res = { 133 | 'cmd': cmd, 134 | 'rc': rc, 135 | 'stdout': out, 136 | 'stderr': err, 137 | } 138 | 139 | if rc != 0: 140 | raise EixCmdFailedError( 141 | 'Running `{}` was unsuccessful'. 142 | format(' '.join(cmd)), 143 | error_args=res, 144 | ) 145 | 146 | return res 147 | 148 | @property 149 | def default_args(self): 150 | #return [] 151 | return ['quiet'] 152 | 153 | def update(self): 154 | """Update the eix database.""" 155 | cmd_exec_args = [self.eix_update_path] 156 | return self.run_or_raise(cmd_exec_args) 157 | 158 | def sync(self): 159 | """Sync portage/overlay trees and update the eix database.""" 160 | cmd_exec_args = [self.eix_sync_path] 161 | return self.run_or_raise(cmd_exec_args) 162 | 163 | 164 | if __name__ == '__main__': 165 | EixAnsibleModule.execute() 166 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/virtualbox-modules-6.1.12-r1-kernel-5.8-fixes_for_mm_struct.patch: -------------------------------------------------------------------------------- 1 | Index: src/vboxdrv/r0drv/linux/memobj-r0drv-linux.c 2 | =================================================================== 3 | --- src.orig/vboxdrv/r0drv/linux/memobj-r0drv-linux.c 4 | +++ src/vboxdrv/r0drv/linux/memobj-r0drv-linux.c 5 | @@ -222,9 +222,17 @@ static void *rtR0MemObjLinuxDoMmap(RTR3P 6 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) 7 | ulAddr = vm_mmap(NULL, R3PtrFixed, cb, fLnxProt, MAP_SHARED | MAP_ANONYMOUS | MAP_FIXED, 0); 8 | #else 9 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 10 | down_write(&pTask->mm->mmap_sem); 11 | +#else 12 | + down_write(&pTask->mm->mmap_lock); 13 | +#endif 14 | ulAddr = do_mmap(NULL, R3PtrFixed, cb, fLnxProt, MAP_SHARED | MAP_ANONYMOUS | MAP_FIXED, 0); 15 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 16 | up_write(&pTask->mm->mmap_sem); 17 | +#else 18 | + up_write(&pTask->mm->mmap_lock); 19 | +#endif 20 | #endif 21 | } 22 | else 23 | @@ -232,9 +240,17 @@ static void *rtR0MemObjLinuxDoMmap(RTR3P 24 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) 25 | ulAddr = vm_mmap(NULL, 0, cb, fLnxProt, MAP_SHARED | MAP_ANONYMOUS, 0); 26 | #else 27 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 28 | down_write(&pTask->mm->mmap_sem); 29 | +#else 30 | + down_write(&pTask->mm->mmap_lock); 31 | +#endif 32 | ulAddr = do_mmap(NULL, 0, cb, fLnxProt, MAP_SHARED | MAP_ANONYMOUS, 0); 33 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 34 | up_write(&pTask->mm->mmap_sem); 35 | +#else 36 | + up_write(&pTask->mm->mmap_lock); 37 | +#endif 38 | #endif 39 | if ( !(ulAddr & ~PAGE_MASK) 40 | && (ulAddr & (uAlignment - 1))) 41 | @@ -269,13 +285,29 @@ static void rtR0MemObjLinuxDoMunmap(void 42 | Assert(pTask == current); RT_NOREF_PV(pTask); 43 | vm_munmap((unsigned long)pv, cb); 44 | #elif defined(USE_RHEL4_MUNMAP) 45 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 46 | down_write(&pTask->mm->mmap_sem); 47 | +#else 48 | + down_write(&pTask->mm->mmap_lock); 49 | +#endif 50 | do_munmap(pTask->mm, (unsigned long)pv, cb, 0); /* should it be 1 or 0? */ 51 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 52 | up_write(&pTask->mm->mmap_sem); 53 | #else 54 | + up_write(&pTask->mm->mmap_lock); 55 | +#endif 56 | +#else 57 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 58 | down_write(&pTask->mm->mmap_sem); 59 | +#else 60 | + down_write(&pTask->mm->mmap_lock); 61 | +#endif 62 | do_munmap(pTask->mm, (unsigned long)pv, cb); 63 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 64 | up_write(&pTask->mm->mmap_sem); 65 | +#else 66 | + up_write(&pTask->mm->mmap_lock); 67 | +#endif 68 | #endif 69 | } 70 | 71 | @@ -593,7 +625,11 @@ DECLHIDDEN(int) rtR0MemObjNativeFree(RTR 72 | size_t iPage; 73 | Assert(pTask); 74 | if (pTask && pTask->mm) 75 | - down_read(&pTask->mm->mmap_sem); 76 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 77 | + down_read(&pTask->mm->mmap_sem); 78 | +#else 79 | + down_read(&pTask->mm->mmap_lock); 80 | +#endif 81 | 82 | iPage = pMemLnx->cPages; 83 | while (iPage-- > 0) 84 | @@ -608,7 +644,11 @@ DECLHIDDEN(int) rtR0MemObjNativeFree(RTR 85 | } 86 | 87 | if (pTask && pTask->mm) 88 | - up_read(&pTask->mm->mmap_sem); 89 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 90 | + up_read(&pTask->mm->mmap_sem); 91 | +#else 92 | + up_read(&pTask->mm->mmap_lock); 93 | +#endif 94 | } 95 | /* else: kernel memory - nothing to do here. */ 96 | break; 97 | @@ -1076,7 +1116,11 @@ DECLHIDDEN(int) rtR0MemObjNativeLockUser 98 | papVMAs = (struct vm_area_struct **)RTMemAlloc(sizeof(*papVMAs) * cPages); 99 | if (papVMAs) 100 | { 101 | - down_read(&pTask->mm->mmap_sem); 102 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 103 | + down_read(&pTask->mm->mmap_sem); 104 | +#else 105 | + down_read(&pTask->mm->mmap_lock); 106 | +#endif 107 | 108 | /* 109 | * Get user pages. 110 | @@ -1162,7 +1206,11 @@ DECLHIDDEN(int) rtR0MemObjNativeLockUser 111 | papVMAs[rc]->vm_flags |= VM_DONTCOPY | VM_LOCKED; 112 | } 113 | 114 | - up_read(&pTask->mm->mmap_sem); 115 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 116 | + up_read(&pTask->mm->mmap_sem); 117 | +#else 118 | + up_read(&pTask->mm->mmap_lock); 119 | +#endif 120 | 121 | RTMemFree(papVMAs); 122 | 123 | @@ -1189,7 +1237,11 @@ DECLHIDDEN(int) rtR0MemObjNativeLockUser 124 | #endif 125 | } 126 | 127 | - up_read(&pTask->mm->mmap_sem); 128 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 129 | + up_read(&pTask->mm->mmap_sem); 130 | +#else 131 | + up_read(&pTask->mm->mmap_lock); 132 | +#endif 133 | 134 | RTMemFree(papVMAs); 135 | rc = VERR_LOCK_FAILED; 136 | @@ -1604,7 +1656,11 @@ DECLHIDDEN(int) rtR0MemObjNativeMapUser( 137 | const size_t cPages = (offSub + cbSub) >> PAGE_SHIFT; 138 | size_t iPage; 139 | 140 | - down_write(&pTask->mm->mmap_sem); 141 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 142 | + down_write(&pTask->mm->mmap_sem); 143 | +#else 144 | + down_write(&pTask->mm->mmap_lock); 145 | +#endif 146 | 147 | rc = VINF_SUCCESS; 148 | if (pMemLnxToMap->cPages) 149 | @@ -1721,7 +1777,11 @@ DECLHIDDEN(int) rtR0MemObjNativeMapUser( 150 | } 151 | #endif /* CONFIG_NUMA_BALANCING */ 152 | 153 | - up_write(&pTask->mm->mmap_sem); 154 | +#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 8, 0) 155 | + up_write(&pTask->mm->mmap_sem); 156 | +#else 157 | + up_write(&pTask->mm->mmap_lock); 158 | +#endif 159 | 160 | if (RT_SUCCESS(rc)) 161 | { 162 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/usr/local/share/ca-certificates/2015-IT-Root-CA.crt: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 36653162313366316531653131306436393436306139316234316131346335393239396437346264 3 | 3366313533393331373636336666336630343139373533610a326434633934656161353266356665 4 | 64333965646661323863393764616265313039623934663331643635303766383838346566353735 5 | 3738383335646561610a393235633736373931633962653764393963623166656239353862353963 6 | 66616231323030663133363363656666613233346530623063376633363361616634656265623737 7 | 30663634383536656664366531353833383766646132323137396434303530633237626230363532 8 | 62663039353463363635363932663864613963343763373165316562323039333462613835613532 9 | 65623632303030653636623432343661356561343763356135306331373761396631626635376339 10 | 37623739383131613235376631633839326265346361353230336666643239316335653138316537 11 | 65646333313531646230323462393366343835313631313832313066376439623836353735386130 12 | 34306338636333656664376432666337356362343332376239326231336633313861616437323130 13 | 61653130313532646436656138343230303166326637613836393563383033653763303034383965 14 | 32643731313263323666363438346565303838346266623438623338623164616461313939363765 15 | 33643836396131613431623438313338396134333639623564383866626535646630373537323736 16 | 65613139393438393839306565313463386361316532326462306639656466313763613537613865 17 | 30366365633463376266363861616430386538623165373963353037626662616138393236643464 18 | 39643931303833376466633230366533303066633765323065633563346432383138666665366430 19 | 63383565636334656436336133353631633838376233643330656137646239616662646566353238 20 | 30663736306564396461353637623434373536613163303164393066376531633964373135333865 21 | 37373034323038303336636462323664313163383632326664373139373435643332333235346139 22 | 64346133316631633234636261666635643563393630343133386566346266393339323265623733 23 | 62373865623432306161353632336264323331303864393132613964393533323536313939343963 24 | 32616563613032376633343436333630653732663466616635346436623765386136343139626334 25 | 34653930643338393539633365366137636563656436356336363532386237326264613162366432 26 | 37336663326633663937633364393436373264343564623262356139396166353833363065366162 27 | 35353338633039303731306531376634656336613631376238346139633939613761333566313634 28 | 63323833303636363562323062343439616631323534376135306165383532383032656161303131 29 | 62646239306230653935316262373962623135666237363061353965623165386163336139366461 30 | 62613232653637376264646136316136373035366466353865396534316366333230633932326663 31 | 30623934323839336664353837376264316163316536623036356133343739623736393733616232 32 | 38623338336161356461373961376563633137396562616635353738363637653637613461393964 33 | 37656136326236356634386336336166633232373137373137313761373565663662616534613232 34 | 38343961386362616532616530613234343264306536333734633961633966626631316339383433 35 | 63626262666266653738623531356361666366373861313539323934373237646638623032353765 36 | 34306337363861623932653536636231323062383464643738653135623037626235336530623563 37 | 30623135646535633130616161623336346266633062366466646462366533623536313161616139 38 | 31316130643433643133636564376639663234343739373265666562633639396530653565366238 39 | 38356338646239393233626639333132613461393566313166323930363166663639663136383038 40 | 32363132333363343961343837613033393764626534393831626434653632343435653761376361 41 | 38666539623133353335646366323466616232343364613062313031323735383431616230336466 42 | 62333233326332326662353832323065643137303562613531303935663438383266303532323438 43 | 61663561616139393236613036336666663933346466303031353830303966323338666135316330 44 | 32323361373339376166313338363736656462363531653237626634303464653335616331643836 45 | 30313365316364353963303934653635326138663939636664326239396531383236396537626635 46 | 63346436326364366537396464343036626632326434333862363439643462306333633637653432 47 | 64396232353162313237303438333063653632353232616135623032353963323263396461383838 48 | 62323538363037366637666165626236333537323130373434396563353437303738613438633934 49 | 36383137656333393039663264303839356366623833323964343963386434643630393939386231 50 | 30323437373235373930633035623634326536643437323737343135383536353236376331306332 51 | 36633765616463326638333764646533316335373039343162336334373430376463663664613836 52 | 65643065366439316566353333633462313535346236373937343063646162333334623337663436 53 | 66633035383664363930653937353337653038646463396236396361393134653632353937346239 54 | 34636537303066386239366234373563636435303066303132636438663630373335316162386231 55 | 39363638336238356439653661383732616137316330393036623761333139393632616434653436 56 | 66316330356137346138613137376632646538643338333938636363656131366531386365313063 57 | 36363036386365656364333236643165643036366138636635346161326633636164346162623365 58 | 30353035313936396462656365663638613734613537653534306530323664323138373931313136 59 | 33303336623666616531653666373835636338326536616431376430363338643130306531373838 60 | 34386638316162333961646262616638376661636633636461663331643730303937376136343738 61 | 33343336613439386364653137613264623137306331366137313762383865616134613734323066 62 | 66366664626139376362633637343036326566356431333934303835636133323963656437353530 63 | 35323966616530346539336563313636316661623237393133646439666237393865616465626230 64 | 30643830383937316532326366646662636530353632626634323861643461656132396236376263 65 | 39356134356431316361613664653037363839373666666439646338363531343938666638343430 66 | 37393638656136656462663735303532346135373534363533623666646161356532366539303736 67 | 66373836346631353864323337333661346238353639303230623131313765323431366138376134 68 | 37323063643133653136303266643064346539376235656666343034633434646333366130376363 69 | 37336630653434313866393863653566316162393461343934663431343064663164616238363663 70 | 61303031353434363234626131393230643636373036373264343462356136313133323961366139 71 | 36373464613834383564323363616264353664356130303532653964343039383332346363336633 72 | 34646539633131313264336665616234363335646336326237313265383762656565376337666330 73 | 31666435336366393466636562333166323463623031363365626665623934303261376466303762 74 | 32363736646464383838346533396438356139663935353962313963313235623034633235323238 75 | 32373962666630653664646165383039393836363965323732366666323631373339633137383435 76 | 33383034323034626661303836663364376562623065646337363963383830336230366430663964 77 | 36363162343065393437653566646165656366616634366239653230346664336139633164653233 78 | 30666166663861643635636130353030393066323434393637343734643239646161353065303332 79 | 32613337343062643563303964316339373139663431306530656133353331653332613363376361 80 | 36663336663338633433643261306462323930383439333236356532326263366233313839366335 81 | 34653738666536663461 82 | -------------------------------------------------------------------------------- /contrib/notes-p16v-gen1: -------------------------------------------------------------------------------- 1 | 2 | >>> Installing (6 of 6) sys-process/glances-4.0.6::gentoo 3 | * Install additional packages for optional runtime features: 4 | * dev-python/zeroconf for Autodiscover mode 5 | * dev-python/docker for Docker monitoring support 6 | * dev-python/pygal for SVG graph support 7 | * dev-python/netifaces for IP plugin 8 | * dev-python/pymdstat for RAID monitoring 9 | * dev-python/pymdstat for RAID support 10 | * dev-python/pysnmp for SNMP support 11 | * net-wireless/python-wifi for WIFI plugin 12 | 13 | >>> Recording sys-process/glances in "world" favorites file... 14 | 15 | >>> Completed (6 of 6) sys-process/glances-4.0.6::gentoo 16 | 17 | * Messages for package sys-apps/ripgrep-all-0.10.6: 18 | 19 | * Install additional packages for optional runtime features: 20 | * virtual/pandoc for pandoc support 21 | 22 | * Messages for package sys-process/glances-4.0.6: 23 | 24 | * Install additional packages for optional runtime features: 25 | * dev-python/zeroconf for Autodiscover mode 26 | * dev-python/docker for Docker monitoring support 27 | * dev-python/pygal for SVG graph support 28 | * dev-python/netifaces for IP plugin 29 | * dev-python/pymdstat for RAID monitoring 30 | * dev-python/pymdstat for RAID support 31 | * dev-python/pysnmp for SNMP support 32 | * net-wireless/python-wifi for WIFI plugin 33 | 34 | * GNU info directory index is up-to-date. 35 | 36 | * IMPORTANT: 22 news items need reading for repository 'gentoo'. 37 | * Use eselect news read to view new items. 38 | 39 | 40 | 41 | * Messages for package app-eselect/eselect-wxwidgets-20230114-r1: 42 | 43 | * This eselect module only controls the version of wxGTK used when 44 | * building packages outside of portage. If you are not doing development 45 | * with wxWidgets or bakefile you will never need to use it. 46 | 47 | * Messages for package app-misc/spacenavd-1.2: 48 | 49 | * To start the Spacenav daemon system-wide by default 50 | * you should add it to the default runlevel : 51 | * `rc-update add spacenavd default` (for openRC) 52 | * `systemctl enable spacenavd` (for systemd) 53 | * 54 | * To start generating Spacenav X events by default 55 | * you should add this command in your user startup 56 | * scripts such as .gnomerc or .xinitrc : 57 | * `spnavd_ctl x11 start` 58 | * 59 | * If you want to auto-start the daemon when you plug in 60 | * a SpaceNavigator device, activate the related udev rule : 61 | * `sudo ln -s /usr/lib/udev/rules.d/99-space-navigator.rules.ignored /etc/udev/rules.d` 62 | * You must restart spnavd `/etc/init.d/spacenavd restart` to run 63 | * the new version of the daemon or `systemctl restart spacenavd` 64 | * if using systemd. 65 | 66 | * Messages for package dev-python/fs-2.4.16: 67 | 68 | * Install additional packages for optional runtime features: 69 | * dev-python/boto for S3 support 70 | * dev-python/paramiko for SFTP support 71 | * dev-python/wxpython for Browser support 72 | 73 | * Messages for package media-gfx/freecad-0.21.2-r3: 74 | 75 | * Computational utilities 76 | * sci-libs/openblas for BLAS library 77 | * dev-python/pandas for Statistical computation with Python 78 | * dev-python/scipy for Use scientific computation with Python 79 | * dev-python/sympy for Use symbolic math with Python 80 | * Imaging, Plotting and Rendering utilities 81 | * media-gfx/graphviz for Dependency graphs 82 | * media-gfx/povray for PBR Rendering 83 | * Import / Export 84 | * dev-python/pycollada for Work with COLLADA documents 85 | * media-gfx/libredwg for Importing and exporting 2D AutoCAD DWG files 86 | * sci-libs/gdal for Importing and exporting geospatial data formats 87 | * Meshing and FEM 88 | * sci-libs/gmsh for FEM mesh generator 89 | * sci-libs/gts for Triangulating meshes 90 | * sci-visualization/paraview for Visualization 91 | 92 | 93 | ------ 94 | 95 | 96 | 97 | * Messages for package sys-firmware/edk2-bin-202202: 98 | 99 | * This package contains the tianocore edk2 UEFI firmware for 64-bit x86 100 | * virtual machines. The firmware is located under 101 | * /usr/share/edk2-ovmf/OVMF_CODE.fd 102 | * /usr/share/edk2-ovmf/OVMF_VARS.fd 103 | * /usr/share/edk2-ovmf/OVMF_CODE.secboot.fd 104 | * 105 | * If USE=binary is enabled, we also install an OVMF variables file (coming from 106 | * fedora) that contains secureboot default keys 107 | * 108 | * /usr/share/edk2-ovmf/OVMF_VARS.secboot.fd 109 | * 110 | * If you have compiled this package by hand, you need to either populate all 111 | * necessary EFI variables by hand by booting 112 | * /usr/share/edk2-ovmf/UefiShell.(iso|img) 113 | * or creating OVMF_VARS.secboot.fd by hand: 114 | * https://github.com/puiterwijk/qemu-ovmf-secureboot 115 | * 116 | * The firmware does not support csm (due to no free csm implementation 117 | * available). If you need a firmware with csm support you have to download 118 | * one for yourself. Firmware blobs are commonly labeled 119 | * OVMF{,_CODE,_VARS}-with-csm.fd 120 | * 121 | * In order to use the firmware you can run qemu the following way 122 | * 123 | * $ qemu-system-x86_64 \ 124 | * -drive file=/usr/share/edk2-ovmf/OVMF.fd,if=pflash,format=raw,unit=0,readonly=on \ 125 | * ... 126 | * 127 | * (Note: Above message is only printed the first time package is 128 | * installed. Please look at /usr/share/doc/edk2-bin-202202/README.gentoo* 129 | * for future reference) 130 | 131 | * Messages for package app-emulation/qemu-9.1.2: 132 | 133 | * If you don't have kvm compiled into the kernel, make sure you have the 134 | * kernel module loaded before running kvm. The easiest way to ensure that the 135 | * kernel module is loaded is to load it on boot. 136 | * For AMD CPUs the module is called 'kvm-amd'. 137 | * For Intel CPUs the module is called 'kvm-intel'. 138 | * Please review /etc/conf.d/modules for how to load these. 139 | * 140 | * Make sure your user is in the 'kvm' group. Just run 141 | * $ gpasswd -a kvm 142 | * then have re-login. 143 | * 144 | * For brand new installs, the default permissions on /dev/kvm might not let 145 | * you access it. You can tell udev to reset ownership/perms: 146 | * $ udevadm trigger -c add /dev/kvm 147 | * 148 | * If you want to register binfmt handlers for qemu user targets: 149 | * For openrc: 150 | * # rc-update add qemu-binfmt 151 | * For systemd: 152 | * # ln -s /usr/share/qemu/binfmt.d/qemu.conf /etc/binfmt.d/qemu.conf 153 | * 154 | * (Note: Above message is only printed the first time package is 155 | * installed. Please look at /usr/share/doc/qemu-9.1.2/README.gentoo* 156 | * for future reference) 157 | 158 | * GNU info directory index is up-to-date. 159 | 160 | * IMPORTANT: 25 news items need reading for repository 'gentoo'. 161 | * Use eselect news read to view new items. 162 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/etc/openvpn/client/redhat-brq.conf: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 33623165356633313263636562663638333636326435663432363165663130613166396162373930 3 | 3038636438633464343233306435663137323261613863340a313830623032643663356164376262 4 | 30323261333964316538656439323966626138613465383639333833303931636432643437383866 5 | 6237646664653031330a386161396134303438306563613437353833363534646462393637336166 6 | 31613237626633623035353863313037376437383365363965643532633330313137383434366639 7 | 61613538663365373333653565666338613563353532623365613966346534323232663638363330 8 | 30646234393034303866383066333433616635306138616165653862363431393631653664343237 9 | 35666436376364383836633139643466306531613539666437316161386237643834376436363135 10 | 32656536623566303133356432373434333536333162306564373930386166636231306263643834 11 | 62643136333962303634396463373435663563396661663234333833613437343030313535323036 12 | 34313138313239623837326239323034333131303461386334393037646237373035313535313638 13 | 31333137363237343831373135333832313338313634366133363637343963663830343732363837 14 | 30316663323764376263366435653437393830306663353130663437363736633462326431663136 15 | 65656435656631316166643338643963383265313065373163366465663432653561333366393861 16 | 63306361636665613461666639316236623838303530376231626463363230653932643531616132 17 | 33396231613530396231373162343230303537396661663561303034633836313636306664356532 18 | 65623933383764323366646563326137613236323863393136323566626437323935326637653733 19 | 64343633626633313766356162363065653435623932633431653461623931356638316538323766 20 | 63306262376630626434313534353131316262613831646334343732306432613061373038616665 21 | 36666435386132323933386333643539373632303535633866383532313830633134326465613634 22 | 66313338386635333732623030633036386532396532346161643265366337303036343031616534 23 | 36646137313933376131326334663563623661636534373231373439643365356666356164353938 24 | 66663336626536303939653532663433303634636161323331396137613531653532613033356230 25 | 36393463623763656435666562356530643635613162353863303035643564303865306662353766 26 | 34353130656166386133626538616535623432663961316632343766616563663061353365393337 27 | 36383230336462613234636661653837306662656562396332353663653532636434333763393634 28 | 37333630353864346631323566636163633832326530323339633734633664346338656438343461 29 | 65636233663336353132313833646661616433663061336164313830643035303166313563613533 30 | 62346362643761633633313239303039616563653031633262656438613730333135666431666663 31 | 34356566636535623530353862383264653331343539333136336333386265613463383163386138 32 | 31643639356265316539653163353766343038646432336639306364663561336564323836386461 33 | 31653066376433363732363434363365313231343738613830353131656636623330313137333131 34 | 39646331373836383130373063643633663738373230613434656135633161363330636263646366 35 | 38323039363064626134386438303165356331663335613531376638336437353139306161353766 36 | 61373238666637303136643235386135323932336135393336633761386231633732373663373861 37 | 64613964646233623433643164393835323331306632363537363264353965343438386239343663 38 | 30393033613135353832386331383066396466366336366633613532356664346365333939623834 39 | 36636634333935353561316263363637613363303731343166623233363739323130626332653532 40 | 36333237623764646632343332323863383661316463323530373733613835363338636537636462 41 | 63613966393164653431616566663566633765313136363466336362626461363963366234613234 42 | 36333165373436353332316332333035626266376238326431613631363537616633633032616439 43 | 33626338653764643263323039313130343938663238383461346337613838623263633930386466 44 | 39633664373834356632303464643133343764646262313761323934303962333466393435303933 45 | 31643230663436636630376330333039303363323634643838323837646332616537636662366663 46 | 37386237383331396633666331316439613836633163623539353437663035333737323636636234 47 | 62316362326235376138633631643435383464613333363634363338316134666237373933633761 48 | 31653934633135626664653735346335626366396366363064623932326231326438356634323737 49 | 62393865396666316630323037373531643836363162353666343231323531326637656163303463 50 | 32396439323730646631646438613162643366666365306639363838383638383836656561323838 51 | 32623734393663653038316537386136346237373435343936653330633432343539333037633637 52 | 37656335613165666134303066636639653433623135313039643464323737646334663662303839 53 | 37643736633166326232616535383362323434366334373464613766666138396332333731643664 54 | 33646638346131613931626238323932303736313832613033353462303661363362323739663038 55 | 38356431326634633962613134373561353866616664363063303066303765663464353737306330 56 | 36383661346338656265323565363430376330343331613835393364333665656263363039336531 57 | 39633263633063353061303164306433663937643837316237663964656363343264623338373862 58 | 33636563333432316432383765333237616431313765643637323533346262346639663266303439 59 | 39633361623732633039313365333539366134303437626138383532373930333466623062353564 60 | 38656264666266386436356663663532623530306638323034373564303636636532303962373439 61 | 30653332666565653439373563383833653962656637623535636461626461366135663262613530 62 | 66613237636538656562356231393437346438373133646339353632393364613062373032626262 63 | 37396630313033613864343163393965313531643135313362336266303565623435653236303338 64 | 31663036333833663161363831653732646232323361336663343033376135633634366262626664 65 | 34323166633036383165346230633534633566376265326463346464636166326535656631323731 66 | 30616261636537663563376134623165353836356565336534343439313436363433663131306662 67 | 64386236393739626265323234363739396665666565353564363462343535333539646437653434 68 | 65633963633965653339316134376330373934346566333233343534646535353434366336623230 69 | 34376138373436323363653763363061373032336363366233656165626130323533643934383561 70 | 39303563646232653534316636346538396530356336613432666462663632386431383261373233 71 | 61646334356663646132386265316563303163323464343063343732623961666435326363393464 72 | 64646261653433316536656536636431646531623765373337366130663030613064373538666535 73 | 34663334373065633532396237643539333437313266313161643138646432376463306161373539 74 | 32663138303233323661326162613861393630333363313061316634643639623665356334643837 75 | 32373634646237656134366262333562303333663734613238393464666564623034346639343865 76 | 39373565353834363833306530633933636361383263656131373966366264366139343362626138 77 | 65396562396235303330323062633232316664306564636362626661333162656330626562633561 78 | 66316166373331303162323734313834383030653437316136653066633834663637303930613663 79 | 66336332343732356236616563306338633261303734633138663163316164303863626163393863 80 | 62363735306561356236663166346235646339313131343364373137396361333032303135363031 81 | 38643236623338313435633364303431366439323936313939376432343235356539646438313463 82 | 37373337383939333935633966376532336463633139636636643961376366396333633137353263 83 | 37663336636439323865623465383136646337316337626366386635393865323132386635373764 84 | 34643162653231613562643461646532643362343737373662623262636331363430366630303236 85 | 37373366626563653761373538646132303966373433383730356639623865303836663066353235 86 | 38386663346437353533343662356561656233313362323838646266376362633837373335613637 87 | 61336362336261343961363835303831383064343939616638356436376563313531653162323662 88 | 33373865306436346430613364353337373835386462323364303038353461666662383039393232 89 | 32316539613933373739646561633739366330303038376632626362653038303561333434663663 90 | 66363063323539316165353337383561373663313163346165613165346135653932383337386266 91 | 66303636303265613865633932616436333730626539643130623639383763323864386130376562 92 | 38646362323665633166613766343131336238316437663664333837353563363234303831303862 93 | 65333764363334343530373831646234373962623736633966383530383765396433656636363437 94 | 34303532323735316436326364343536663634366463613833313637306338373234653166386163 95 | 66303033396437346436373436366338343161643564383766353632356237643436383338636264 96 | 31313563656536333362316232666664383466653465646265633431316164636333303230633836 97 | 30663562353031303935633863363462653837303338366564313132643939306438313934303365 98 | 66356530303839313236363933356335366233303264363831313532326264356565356436653666 99 | 62333438316562383862643939383865653361306362626232306337353230303364313761623134 100 | 65353866396162616161646538346636356439383237353164653131363965633665326230356265 101 | 37386136623363393133 102 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/usr/local/share/applications/google-chrome.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Version=1.0 3 | Name=Google Chrome 4 | # Only KDE 4 seems to use GenericName, so we reuse the KDE strings. 5 | # From Ubuntu's language-pack-kde-XX-base packages, version 9.04-20090413. 6 | GenericName=Web Browser 7 | GenericName[ar]=متصفح الشبكة 8 | GenericName[bg]=Уеб браузър 9 | GenericName[ca]=Navegador web 10 | GenericName[cs]=WWW prohlížeč 11 | GenericName[da]=Browser 12 | GenericName[de]=Web-Browser 13 | GenericName[el]=Περιηγητής ιστού 14 | GenericName[en_GB]=Web Browser 15 | GenericName[es]=Navegador web 16 | GenericName[et]=Veebibrauser 17 | GenericName[fi]=WWW-selain 18 | GenericName[fr]=Navigateur Web 19 | GenericName[gu]=વેબ બ્રાઉઝર 20 | GenericName[he]=דפדפן אינטרנט 21 | GenericName[hi]=वेब ब्राउज़र 22 | GenericName[hu]=Webböngésző 23 | GenericName[it]=Browser Web 24 | GenericName[ja]=ウェブブラウザ 25 | GenericName[kn]=ಜಾಲ ವೀಕ್ಷಕ 26 | GenericName[ko]=웹 브라우저 27 | GenericName[lt]=Žiniatinklio naršyklė 28 | GenericName[lv]=Tīmekļa pārlūks 29 | GenericName[ml]=വെബ് ബ്രൌസര്‍ 30 | GenericName[mr]=वेब ब्राऊजर 31 | GenericName[nb]=Nettleser 32 | GenericName[nl]=Webbrowser 33 | GenericName[pl]=Przeglądarka WWW 34 | GenericName[pt]=Navegador Web 35 | GenericName[pt_BR]=Navegador da Internet 36 | GenericName[ro]=Navigator de Internet 37 | GenericName[ru]=Веб-браузер 38 | GenericName[sl]=Spletni brskalnik 39 | GenericName[sv]=Webbläsare 40 | GenericName[ta]=இணைய உலாவி 41 | GenericName[th]=เว็บเบราว์เซอร์ 42 | GenericName[tr]=Web Tarayıcı 43 | GenericName[uk]=Навігатор Тенет 44 | GenericName[zh_CN]=网页浏览器 45 | GenericName[zh_HK]=網頁瀏覽器 46 | GenericName[zh_TW]=網頁瀏覽器 47 | # Not translated in KDE, from Epiphany 2.26.1-0ubuntu1. 48 | GenericName[bn]=ওয়েব ব্রাউজার 49 | GenericName[fil]=Web Browser 50 | GenericName[hr]=Web preglednik 51 | GenericName[id]=Browser Web 52 | GenericName[or]=ଓ୍ବେବ ବ୍ରାଉଜର 53 | GenericName[sk]=WWW prehliadač 54 | GenericName[sr]=Интернет прегледник 55 | GenericName[te]=మహాతల అన్వేషి 56 | GenericName[vi]=Bộ duyệt Web 57 | # Gnome and KDE 3 uses Comment. 58 | Comment=Access the Internet 59 | Comment[ar]=الدخول إلى الإنترنت 60 | Comment[bg]=Достъп до интернет 61 | Comment[bn]=ইন্টারনেটটি অ্যাক্সেস করুন 62 | Comment[ca]=Accedeix a Internet 63 | Comment[cs]=Přístup k internetu 64 | Comment[da]=Få adgang til internettet 65 | Comment[de]=Internetzugriff 66 | Comment[el]=Πρόσβαση στο Διαδίκτυο 67 | Comment[en_GB]=Access the Internet 68 | Comment[es]=Accede a Internet. 69 | Comment[et]=Pääs Internetti 70 | Comment[fi]=Käytä internetiä 71 | Comment[fil]=I-access ang Internet 72 | Comment[fr]=Accéder à Internet 73 | Comment[gu]=ઇંટરનેટ ઍક્સેસ કરો 74 | Comment[he]=גישה אל האינטרנט 75 | Comment[hi]=इंटरनेट तक पहुंच स्थापित करें 76 | Comment[hr]=Pristup Internetu 77 | Comment[hu]=Internetelérés 78 | Comment[id]=Akses Internet 79 | Comment[it]=Accesso a Internet 80 | Comment[ja]=インターネットにアクセス 81 | Comment[kn]=ಇಂಟರ್ನೆಟ್ ಅನ್ನು ಪ್ರವೇಶಿಸಿ 82 | Comment[ko]=인터넷 연결 83 | Comment[lt]=Interneto prieiga 84 | Comment[lv]=Piekļūt internetam 85 | Comment[ml]=ഇന്റര്‍‌നെറ്റ് ആക്‌സസ് ചെയ്യുക 86 | Comment[mr]=इंटरनेटमध्ये प्रवेश करा 87 | Comment[nb]=Gå til Internett 88 | Comment[nl]=Verbinding maken met internet 89 | Comment[or]=ଇଣ୍ଟର୍ନେଟ୍ ପ୍ରବେଶ କରନ୍ତୁ 90 | Comment[pl]=Skorzystaj z internetu 91 | Comment[pt]=Aceder à Internet 92 | Comment[pt_BR]=Acessar a internet 93 | Comment[ro]=Accesaţi Internetul 94 | Comment[ru]=Доступ в Интернет 95 | Comment[sk]=Prístup do siete Internet 96 | Comment[sl]=Dostop do interneta 97 | Comment[sr]=Приступите Интернету 98 | Comment[sv]=Gå ut på Internet 99 | Comment[ta]=இணையத்தை அணுகுதல் 100 | Comment[te]=ఇంటర్నెట్‌ను ఆక్సెస్ చెయ్యండి 101 | Comment[th]=เข้าถึงอินเทอร์เน็ต 102 | Comment[tr]=İnternet'e erişin 103 | Comment[uk]=Доступ до Інтернету 104 | Comment[vi]=Truy cập Internet 105 | Comment[zh_CN]=访问互联网 106 | Comment[zh_HK]=連線到網際網路 107 | Comment[zh_TW]=連線到網際網路 108 | # NOTE: `--use-gl=desktop` seems to disable most of the GPU stuff 109 | Exec=/usr/bin/google-chrome-stable --enable-features=UseOzonePlatform --enable-features=VaapiVideoEncoder --enable-features=Vulkan --use-vulkan --enable-features=WebRTCPipeWireCapturer --enable-features=WaylandWindowDecorations --ozone-platform-hint=auto --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-unsafe-webgpu --enable-zero-copy --gtk-version=4 --in-process-gpu %U 110 | StartupNotify=true 111 | Terminal=false 112 | Icon=google-chrome 113 | Type=Application 114 | Categories=Network;WebBrowser; 115 | MimeType=application/pdf;application/rdf+xml;application/rss+xml;application/xhtml+xml;application/xhtml_xml;application/xml;image/gif;image/jpeg;image/png;image/webp;text/html;text/xml;x-scheme-handler/http;x-scheme-handler/https; 116 | Actions=new-window;new-private-window; 117 | 118 | [Desktop Action new-window] 119 | Name=New Window 120 | Name[am]=አዲስ መስኮት 121 | Name[ar]=نافذة جديدة 122 | Name[bg]=Нов прозорец 123 | Name[bn]=নতুন উইন্ডো 124 | Name[ca]=Finestra nova 125 | Name[cs]=Nové okno 126 | Name[da]=Nyt vindue 127 | Name[de]=Neues Fenster 128 | Name[el]=Νέο Παράθυρο 129 | Name[en_GB]=New Window 130 | Name[es]=Nueva ventana 131 | Name[et]=Uus aken 132 | Name[fa]=پنجره جدید 133 | Name[fi]=Uusi ikkuna 134 | Name[fil]=New Window 135 | Name[fr]=Nouvelle fenêtre 136 | Name[gu]=નવી વિંડો 137 | Name[hi]=नई विंडो 138 | Name[hr]=Novi prozor 139 | Name[hu]=Új ablak 140 | Name[id]=Jendela Baru 141 | Name[it]=Nuova finestra 142 | Name[iw]=חלון חדש 143 | Name[ja]=新規ウインドウ 144 | Name[kn]=ಹೊಸ ವಿಂಡೊ 145 | Name[ko]=새 창 146 | Name[lt]=Naujas langas 147 | Name[lv]=Jauns logs 148 | Name[ml]=പുതിയ വിന്‍ഡോ 149 | Name[mr]=नवीन विंडो 150 | Name[nl]=Nieuw venster 151 | Name[no]=Nytt vindu 152 | Name[pl]=Nowe okno 153 | Name[pt]=Nova janela 154 | Name[pt_BR]=Nova janela 155 | Name[ro]=Fereastră nouă 156 | Name[ru]=Новое окно 157 | Name[sk]=Nové okno 158 | Name[sl]=Novo okno 159 | Name[sr]=Нови прозор 160 | Name[sv]=Nytt fönster 161 | Name[sw]=Dirisha Jipya 162 | Name[ta]=புதிய சாளரம் 163 | Name[te]=క్రొత్త విండో 164 | Name[th]=หน้าต่างใหม่ 165 | Name[tr]=Yeni Pencere 166 | Name[uk]=Нове вікно 167 | Name[vi]=Cửa sổ Mới 168 | Name[zh_CN]=新建窗口 169 | Name[zh_TW]=開新視窗 170 | # NOTE: `--use-gl=desktop` seems to disable most of the GPU stuff 171 | Exec=/usr/bin/google-chrome-stable --enable-features=UseOzonePlatform --enable-features=VaapiVideoEncoder --enable-features=Vulkan --use-vulkan --enable-features=WebRTCPipeWireCapturer --enable-features=WaylandWindowDecorations --ozone-platform-hint=auto --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-unsafe-webgpu --enable-zero-copy --gtk-version=4 --in-process-gpu 172 | 173 | [Desktop Action new-private-window] 174 | Name=New Incognito Window 175 | Name[ar]=نافذة جديدة للتصفح المتخفي 176 | Name[bg]=Нов прозорец „инкогнито“ 177 | Name[bn]=নতুন ছদ্মবেশী উইন্ডো 178 | Name[ca]=Finestra d'incògnit nova 179 | Name[cs]=Nové anonymní okno 180 | Name[da]=Nyt inkognitovindue 181 | Name[de]=Neues Inkognito-Fenster 182 | Name[el]=Νέο παράθυρο για ανώνυμη περιήγηση 183 | Name[en_GB]=New Incognito window 184 | Name[es]=Nueva ventana de incógnito 185 | Name[et]=Uus inkognito aken 186 | Name[fa]=پنجره جدید حالت ناشناس 187 | Name[fi]=Uusi incognito-ikkuna 188 | Name[fil]=Bagong Incognito window 189 | Name[fr]=Nouvelle fenêtre de navigation privée 190 | Name[gu]=નવી છુપી વિંડો 191 | Name[hi]=नई गुप्त विंडो 192 | Name[hr]=Novi anoniman prozor 193 | Name[hu]=Új Inkognitóablak 194 | Name[id]=Jendela Penyamaran baru 195 | Name[it]=Nuova finestra di navigazione in incognito 196 | Name[iw]=חלון חדש לגלישה בסתר 197 | Name[ja]=新しいシークレット ウィンドウ 198 | Name[kn]=ಹೊಸ ಅಜ್ಞಾತ ವಿಂಡೋ 199 | Name[ko]=새 시크릿 창 200 | Name[lt]=Naujas inkognito langas 201 | Name[lv]=Jauns inkognito režīma logs 202 | Name[ml]=പുതിയ വേഷ പ്രച്ഛന്ന വിന്‍ഡോ 203 | Name[mr]=नवीन गुप्त विंडो 204 | Name[nl]=Nieuw incognitovenster 205 | Name[no]=Nytt inkognitovindu 206 | Name[pl]=Nowe okno incognito 207 | Name[pt]=Nova janela de navegação anónima 208 | Name[pt_BR]=Nova janela anônima 209 | Name[ro]=Fereastră nouă incognito 210 | Name[ru]=Новое окно в режиме инкогнито 211 | Name[sk]=Nové okno inkognito 212 | Name[sl]=Novo okno brez beleženja zgodovine 213 | Name[sr]=Нови прозор за прегледање без архивирања 214 | Name[sv]=Nytt inkognitofönster 215 | Name[ta]=புதிய மறைநிலைச் சாளரம் 216 | Name[te]=క్రొత్త అజ్ఞాత విండో 217 | Name[th]=หน้าต่างใหม่ที่ไม่ระบุตัวตน 218 | Name[tr]=Yeni Gizli pencere 219 | Name[uk]=Нове вікно в режимі анонімного перегляду 220 | Name[vi]=Cửa sổ ẩn danh mới 221 | Name[zh_CN]=新建隐身窗口 222 | Name[zh_TW]=新增無痕式視窗 223 | # NOTE: `--use-gl=desktop` seems to disable most of the GPU stuff 224 | Exec=/usr/bin/google-chrome-stable --enable-features=UseOzonePlatform --enable-features=VaapiVideoEncoder --enable-features=Vulkan --use-vulkan --enable-features=WebRTCPipeWireCapturer --enable-features=WaylandWindowDecorations --ozone-platform-hint=auto --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-unsafe-webgpu --enable-zero-copy --gtk-version=4 --in-process-gpu --incognito 225 | -------------------------------------------------------------------------------- /roles/gentoo-userspace/files/home-dir/.local/share/applications/google-chrome.desktop: -------------------------------------------------------------------------------- 1 | [Desktop Entry] 2 | Version=1.0 3 | Name=Google Chrome 4 | # Only KDE 4 seems to use GenericName, so we reuse the KDE strings. 5 | # From Ubuntu's language-pack-kde-XX-base packages, version 9.04-20090413. 6 | GenericName=Web Browser 7 | GenericName[ar]=متصفح الشبكة 8 | GenericName[bg]=Уеб браузър 9 | GenericName[ca]=Navegador web 10 | GenericName[cs]=WWW prohlížeč 11 | GenericName[da]=Browser 12 | GenericName[de]=Web-Browser 13 | GenericName[el]=Περιηγητής ιστού 14 | GenericName[en_GB]=Web Browser 15 | GenericName[es]=Navegador web 16 | GenericName[et]=Veebibrauser 17 | GenericName[fi]=WWW-selain 18 | GenericName[fr]=Navigateur Web 19 | GenericName[gu]=વેબ બ્રાઉઝર 20 | GenericName[he]=דפדפן אינטרנט 21 | GenericName[hi]=वेब ब्राउज़र 22 | GenericName[hu]=Webböngésző 23 | GenericName[it]=Browser Web 24 | GenericName[ja]=ウェブブラウザ 25 | GenericName[kn]=ಜಾಲ ವೀಕ್ಷಕ 26 | GenericName[ko]=웹 브라우저 27 | GenericName[lt]=Žiniatinklio naršyklė 28 | GenericName[lv]=Tīmekļa pārlūks 29 | GenericName[ml]=വെബ് ബ്രൌസര്‍ 30 | GenericName[mr]=वेब ब्राऊजर 31 | GenericName[nb]=Nettleser 32 | GenericName[nl]=Webbrowser 33 | GenericName[pl]=Przeglądarka WWW 34 | GenericName[pt]=Navegador Web 35 | GenericName[pt_BR]=Navegador da Internet 36 | GenericName[ro]=Navigator de Internet 37 | GenericName[ru]=Веб-браузер 38 | GenericName[sl]=Spletni brskalnik 39 | GenericName[sv]=Webbläsare 40 | GenericName[ta]=இணைய உலாவி 41 | GenericName[th]=เว็บเบราว์เซอร์ 42 | GenericName[tr]=Web Tarayıcı 43 | GenericName[uk]=Навігатор Тенет 44 | GenericName[zh_CN]=网页浏览器 45 | GenericName[zh_HK]=網頁瀏覽器 46 | GenericName[zh_TW]=網頁瀏覽器 47 | # Not translated in KDE, from Epiphany 2.26.1-0ubuntu1. 48 | GenericName[bn]=ওয়েব ব্রাউজার 49 | GenericName[fil]=Web Browser 50 | GenericName[hr]=Web preglednik 51 | GenericName[id]=Browser Web 52 | GenericName[or]=ଓ୍ବେବ ବ୍ରାଉଜର 53 | GenericName[sk]=WWW prehliadač 54 | GenericName[sr]=Интернет прегледник 55 | GenericName[te]=మహాతల అన్వేషి 56 | GenericName[vi]=Bộ duyệt Web 57 | # Gnome and KDE 3 uses Comment. 58 | Comment=Access the Internet 59 | Comment[ar]=الدخول إلى الإنترنت 60 | Comment[bg]=Достъп до интернет 61 | Comment[bn]=ইন্টারনেটটি অ্যাক্সেস করুন 62 | Comment[ca]=Accedeix a Internet 63 | Comment[cs]=Přístup k internetu 64 | Comment[da]=Få adgang til internettet 65 | Comment[de]=Internetzugriff 66 | Comment[el]=Πρόσβαση στο Διαδίκτυο 67 | Comment[en_GB]=Access the Internet 68 | Comment[es]=Accede a Internet. 69 | Comment[et]=Pääs Internetti 70 | Comment[fi]=Käytä internetiä 71 | Comment[fil]=I-access ang Internet 72 | Comment[fr]=Accéder à Internet 73 | Comment[gu]=ઇંટરનેટ ઍક્સેસ કરો 74 | Comment[he]=גישה אל האינטרנט 75 | Comment[hi]=इंटरनेट तक पहुंच स्थापित करें 76 | Comment[hr]=Pristup Internetu 77 | Comment[hu]=Internetelérés 78 | Comment[id]=Akses Internet 79 | Comment[it]=Accesso a Internet 80 | Comment[ja]=インターネットにアクセス 81 | Comment[kn]=ಇಂಟರ್ನೆಟ್ ಅನ್ನು ಪ್ರವೇಶಿಸಿ 82 | Comment[ko]=인터넷 연결 83 | Comment[lt]=Interneto prieiga 84 | Comment[lv]=Piekļūt internetam 85 | Comment[ml]=ഇന്റര്‍‌നെറ്റ് ആക്‌സസ് ചെയ്യുക 86 | Comment[mr]=इंटरनेटमध्ये प्रवेश करा 87 | Comment[nb]=Gå til Internett 88 | Comment[nl]=Verbinding maken met internet 89 | Comment[or]=ଇଣ୍ଟର୍ନେଟ୍ ପ୍ରବେଶ କରନ୍ତୁ 90 | Comment[pl]=Skorzystaj z internetu 91 | Comment[pt]=Aceder à Internet 92 | Comment[pt_BR]=Acessar a internet 93 | Comment[ro]=Accesaţi Internetul 94 | Comment[ru]=Доступ в Интернет 95 | Comment[sk]=Prístup do siete Internet 96 | Comment[sl]=Dostop do interneta 97 | Comment[sr]=Приступите Интернету 98 | Comment[sv]=Gå ut på Internet 99 | Comment[ta]=இணையத்தை அணுகுதல் 100 | Comment[te]=ఇంటర్నెట్‌ను ఆక్సెస్ చెయ్యండి 101 | Comment[th]=เข้าถึงอินเทอร์เน็ต 102 | Comment[tr]=İnternet'e erişin 103 | Comment[uk]=Доступ до Інтернету 104 | Comment[vi]=Truy cập Internet 105 | Comment[zh_CN]=访问互联网 106 | Comment[zh_HK]=連線到網際網路 107 | Comment[zh_TW]=連線到網際網路 108 | # NOTE: `--use-gl=desktop` seems to disable most of the GPU stuff 109 | Exec=/usr/bin/google-chrome-stable --enable-features=UseOzonePlatform --enable-features=VaapiVideoEncoder --enable-features=Vulkan --use-vulkan --enable-features=WebRTCPipeWireCapturer --enable-features=WaylandWindowDecorations --ozone-platform-hint=auto --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-unsafe-webgpu --enable-zero-copy --gtk-version=4 --in-process-gpu --disable-features=UseChromeOSDirectVideoDecoder %U 110 | StartupNotify=true 111 | Terminal=false 112 | Icon=google-chrome 113 | Type=Application 114 | Categories=Network;WebBrowser; 115 | MimeType=application/pdf;application/rdf+xml;application/rss+xml;application/xhtml+xml;application/xhtml_xml;application/xml;image/gif;image/jpeg;image/png;image/webp;text/html;text/xml;x-scheme-handler/http;x-scheme-handler/https; 116 | Actions=new-window;new-private-window; 117 | 118 | [Desktop Action new-window] 119 | Name=New Window 120 | Name[am]=አዲስ መስኮት 121 | Name[ar]=نافذة جديدة 122 | Name[bg]=Нов прозорец 123 | Name[bn]=নতুন উইন্ডো 124 | Name[ca]=Finestra nova 125 | Name[cs]=Nové okno 126 | Name[da]=Nyt vindue 127 | Name[de]=Neues Fenster 128 | Name[el]=Νέο Παράθυρο 129 | Name[en_GB]=New Window 130 | Name[es]=Nueva ventana 131 | Name[et]=Uus aken 132 | Name[fa]=پنجره جدید 133 | Name[fi]=Uusi ikkuna 134 | Name[fil]=New Window 135 | Name[fr]=Nouvelle fenêtre 136 | Name[gu]=નવી વિંડો 137 | Name[hi]=नई विंडो 138 | Name[hr]=Novi prozor 139 | Name[hu]=Új ablak 140 | Name[id]=Jendela Baru 141 | Name[it]=Nuova finestra 142 | Name[iw]=חלון חדש 143 | Name[ja]=新規ウインドウ 144 | Name[kn]=ಹೊಸ ವಿಂಡೊ 145 | Name[ko]=새 창 146 | Name[lt]=Naujas langas 147 | Name[lv]=Jauns logs 148 | Name[ml]=പുതിയ വിന്‍ഡോ 149 | Name[mr]=नवीन विंडो 150 | Name[nl]=Nieuw venster 151 | Name[no]=Nytt vindu 152 | Name[pl]=Nowe okno 153 | Name[pt]=Nova janela 154 | Name[pt_BR]=Nova janela 155 | Name[ro]=Fereastră nouă 156 | Name[ru]=Новое окно 157 | Name[sk]=Nové okno 158 | Name[sl]=Novo okno 159 | Name[sr]=Нови прозор 160 | Name[sv]=Nytt fönster 161 | Name[sw]=Dirisha Jipya 162 | Name[ta]=புதிய சாளரம் 163 | Name[te]=క్రొత్త విండో 164 | Name[th]=หน้าต่างใหม่ 165 | Name[tr]=Yeni Pencere 166 | Name[uk]=Нове вікно 167 | Name[vi]=Cửa sổ Mới 168 | Name[zh_CN]=新建窗口 169 | Name[zh_TW]=開新視窗 170 | # NOTE: `--use-gl=desktop` seems to disable most of the GPU stuff 171 | Exec=/usr/bin/google-chrome-stable --enable-features=UseOzonePlatform --enable-features=VaapiVideoEncoder --enable-features=Vulkan --use-vulkan --enable-features=WebRTCPipeWireCapturer --enable-features=WaylandWindowDecorations --ozone-platform-hint=auto --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-unsafe-webgpu --enable-zero-copy --gtk-version=4 --in-process-gpu --disable-features=UseChromeOSDirectVideoDecoder 172 | 173 | [Desktop Action new-private-window] 174 | Name=New Incognito Window 175 | Name[ar]=نافذة جديدة للتصفح المتخفي 176 | Name[bg]=Нов прозорец „инкогнито“ 177 | Name[bn]=নতুন ছদ্মবেশী উইন্ডো 178 | Name[ca]=Finestra d'incògnit nova 179 | Name[cs]=Nové anonymní okno 180 | Name[da]=Nyt inkognitovindue 181 | Name[de]=Neues Inkognito-Fenster 182 | Name[el]=Νέο παράθυρο για ανώνυμη περιήγηση 183 | Name[en_GB]=New Incognito window 184 | Name[es]=Nueva ventana de incógnito 185 | Name[et]=Uus inkognito aken 186 | Name[fa]=پنجره جدید حالت ناشناس 187 | Name[fi]=Uusi incognito-ikkuna 188 | Name[fil]=Bagong Incognito window 189 | Name[fr]=Nouvelle fenêtre de navigation privée 190 | Name[gu]=નવી છુપી વિંડો 191 | Name[hi]=नई गुप्त विंडो 192 | Name[hr]=Novi anoniman prozor 193 | Name[hu]=Új Inkognitóablak 194 | Name[id]=Jendela Penyamaran baru 195 | Name[it]=Nuova finestra di navigazione in incognito 196 | Name[iw]=חלון חדש לגלישה בסתר 197 | Name[ja]=新しいシークレット ウィンドウ 198 | Name[kn]=ಹೊಸ ಅಜ್ಞಾತ ವಿಂಡೋ 199 | Name[ko]=새 시크릿 창 200 | Name[lt]=Naujas inkognito langas 201 | Name[lv]=Jauns inkognito režīma logs 202 | Name[ml]=പുതിയ വേഷ പ്രച്ഛന്ന വിന്‍ഡോ 203 | Name[mr]=नवीन गुप्त विंडो 204 | Name[nl]=Nieuw incognitovenster 205 | Name[no]=Nytt inkognitovindu 206 | Name[pl]=Nowe okno incognito 207 | Name[pt]=Nova janela de navegação anónima 208 | Name[pt_BR]=Nova janela anônima 209 | Name[ro]=Fereastră nouă incognito 210 | Name[ru]=Новое окно в режиме инкогнито 211 | Name[sk]=Nové okno inkognito 212 | Name[sl]=Novo okno brez beleženja zgodovine 213 | Name[sr]=Нови прозор за прегледање без архивирања 214 | Name[sv]=Nytt inkognitofönster 215 | Name[ta]=புதிய மறைநிலைச் சாளரம் 216 | Name[te]=క్రొత్త అజ్ఞాత విండో 217 | Name[th]=หน้าต่างใหม่ที่ไม่ระบุตัวตน 218 | Name[tr]=Yeni Gizli pencere 219 | Name[uk]=Нове вікно в режимі анонімного перегляду 220 | Name[vi]=Cửa sổ ẩn danh mới 221 | Name[zh_CN]=新建隐身窗口 222 | Name[zh_TW]=新增無痕式視窗 223 | # NOTE: `--use-gl=desktop` seems to disable most of the GPU stuff 224 | Exec=/usr/bin/google-chrome-stable --enable-features=UseOzonePlatform --enable-features=VaapiVideoEncoder --enable-features=Vulkan --use-vulkan --enable-features=WebRTCPipeWireCapturer --enable-features=WaylandWindowDecorations --ozone-platform-hint=auto --ozone-platform=wayland --ignore-gpu-blocklist --enable-gpu-rasterization --enable-unsafe-webgpu --enable-zero-copy --gtk-version=4 --in-process-gpu --disable-features=UseChromeOSDirectVideoDecoder --incognito 225 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/usr/local/share/ca-certificates/2022-IT-Root-CA.crt: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 64666232373538316538343438366166643936373231383662303863343136613835616463323638 3 | 3831323434323764653465326466353863636663663331620a303035613432363762353861653361 4 | 62373864353830663733313462373132353637366634306162303033626539353965343762633133 5 | 3234346432393336310a643761386435363537366362643365313038656562363137343264666131 6 | 65323064336435663937643930373937656239346161373631666235376432336530386265643039 7 | 38383661356633653439343730653033373339393262666362633066353632343063363531623837 8 | 66306532373964633730363438366565663830626535323837306430363363653537656433316134 9 | 36633633643635626633346237656563656236306161303531613236353862613032313964656662 10 | 65346434323838646161646266616461633332373639653730316563643332666238323038346664 11 | 65653331663539323535366663333334336461633464663530366634646165313234353562333839 12 | 35303634633136356162343139373061363234663663373462366434613238363038383463633734 13 | 61326638653030353238653964313130626639396462343761663337616663623634333235336166 14 | 62303263323836333864636666316337383764363566646332663735646131343233366239393361 15 | 61616661316264333664383039613331346237623530373466316662393062333762653133326631 16 | 32373361636335616437626237656432363434323430343563376466303662366432656233373730 17 | 64306164313434333962643030646463613030653765386263353964346338333861376166323932 18 | 30373133343366323462313232656364613361613339356630333039643764663637623738316531 19 | 33613631326166383864356239336534333334353138646333316434393437303535666134353637 20 | 61393363623166356463383937346464386138336261366263393466633532313734303938633361 21 | 38303236316239376236613861386538383439353239633033383633613938346666396232363636 22 | 33333465323962663031343631393431653239323763346238343134633138333462376230393534 23 | 38343862636236663965613364393764353061333731653933613430623131376663663633306563 24 | 36326239326131326264353032373130666233666166663361323037376162376563396166656132 25 | 33343433663937383231323438363331333837353863643464633063656235616164393630303765 26 | 64623634643230323235346234386538323861303430366364306263383839396665316163303366 27 | 64633065343332636166303033646334633431663963663062646531653533653939303039373836 28 | 38653337643034323436383730643263633839396633396137646536383666373564393765356532 29 | 63396138363839363161373166653133353535623961376430306537333864333333326561636532 30 | 61643736636531306335616636653232343734613261666265636130353661306462316566373961 31 | 32353235623861303432346166323636396261383131623534626137363632653062343432363837 32 | 65393332303366306433646639666636393231303662396439363430613030316533323836656562 33 | 34323831346563346433376331356262343931643037333161656137636538393361353830373433 34 | 62333337303336386133363038393463323739656163333533626131323266393138383165333061 35 | 32623764656631623538646564366437393063633938373134636166313438643832313661616239 36 | 32386633383532636538623862366461623834663932386366653266643162623634663137383535 37 | 62323135336132313364636433373334393934356164323932303736333564323734636539366334 38 | 64623632633232633065343933333833633632303434666630356630373463323131313961303435 39 | 39613137663635326533343835353563333265333966326665303539616337346336633730373633 40 | 31393834393333653334646334663966383938396366633362653263323964363733303039613337 41 | 31646236623438303534386531313062313138633634633561653930636437366138613437383331 42 | 38336231303034306533343133646333363234626538326363333533613165383062636366313936 43 | 32373232303234376236393166336331653662383865643863663061633032373836343966633138 44 | 38326437623434356633303237373863343735376133363730663036363766613732333237343330 45 | 66373539356139643133333337373866633865366339346230353665323462376139393164333934 46 | 30323932343739346362626637666431353462333835393237633536626662663265663830313631 47 | 39653134393434356435643662633435623832323866656636363165663464623564313538343839 48 | 61373566643634653438393335303666636466313766626338383737643030326364373539373238 49 | 63643265666331333130323866396266663734303266363662666639383463326632653932383032 50 | 35646362633631343266323033346338643939633635646638613137303939636162356339393131 51 | 37363132323136343639313135346463643034353165353536646534376539306334383032616531 52 | 35343931343837653539653234633930303936653264653633613233316362656236393166653362 53 | 62306666323865386161666262346263613230303062643531646331656135646465323366653163 54 | 38653066613065653962623033346165346266653062306361343737656666316638666335616464 55 | 36663931356661353862613264666463663535363332653132643332353462613537366466383439 56 | 39643733393162313131396264616266386562373366353337626562363636323634343263336437 57 | 62346262616663363730363561666362323331383562643065366531643236656264363639333739 58 | 61363363336563643066306638626435343361323663623638393334366562386339653163616563 59 | 61313063633933313636353532323138366536336139663661383235343162396138313562363539 60 | 63643961353733383466346239663539633564636465323536383664656438623361343035613739 61 | 31393937333964363530393330373439393761663731663232323438616132316230353237323435 62 | 34333261323966653964333463356433656534613730343139616433643030356337623735303935 63 | 64393266333263306531633066666362353363663262633562353238386632343263346636613366 64 | 31383465636265623464313563393136346161346139333837313037356131306538636130643636 65 | 31346562373764373464636539373364626138633364376333646434323733393561376162373936 66 | 36353561306632373433333232663830353234393230333636353562646566313161663263333138 67 | 35646538313531303166363239626161306530353238326233623634323330356364356431363033 68 | 65616638313339633738393730663935626531346335363863626363376363323638393035333034 69 | 38383961653961323338303564643163633936666462363966396461643037396464323336643065 70 | 38663766616161343833373332326165616165383931363532383532363730343430383435663734 71 | 37303533303130636535643335396635326261313139323761666366326430336338663932363563 72 | 32343537363334343135316433303630653761333537643264323462343734613130353663353963 73 | 63313234333030623365313537356230303331663130653936626439623830376232303437643137 74 | 39386437613064386537653234363365313863656636663131656130333430356464373737396635 75 | 34376638343030396533373031323131373738663536353561666565326633633831633135333338 76 | 36616430333565633461363462313537666436343837343730656236353139356338356435383566 77 | 30653933386338656635643431643965396137666464373134346132383034663334343536646662 78 | 32636132366461643564636430333362613631636666333866323635343235323537613035393165 79 | 66653934393637653466373865666465386630323333323239306266633034343261356231633039 80 | 62303733343035383735386637663638313030666234633535363230653333313763323538626466 81 | 38643335636538313237306264396235346437363236306361623434393962336565333530623431 82 | 62353235313135356534306661343536626537633930356437663330656530303031636236356632 83 | 30616137336165346233323636623964306263623539666663363131326462333933656638643334 84 | 31643032663666333762363138326266646332373231366130633031373661323434383735373061 85 | 34333436313930326164383938613363356364356137653065306162373763306530623764613432 86 | 36643634306233623333393437353938343762643364313636313736353566383336666563653235 87 | 31623536643862393034383731333433346431363563663663353037393031373437376538396661 88 | 32333439613637326235343435306337613037336334666366363364626533333064393064333839 89 | 38343566333562383163333936376631333861663664323136396562336331313363303637363733 90 | 65626666656334363334623861636335663065653539363864643964333066366135633163306465 91 | 35663036663638393735613734323432623539393865356264383934343064356361346132326163 92 | 63643435373862373866343534633161653236626565346130643536313164393064633266353162 93 | 65383139353263616363353966663863656266613233383564636464346161666361383261653038 94 | 61353435386666313330666261306535303532613066643030366536633864333437386163336334 95 | 32353566393263356264323463373631356665393963323736326433626365643463313364383036 96 | 63313532386434353534313761363262613036623836346336616363643133393465643431323931 97 | 35373939633663353165633838643933326437373761343132653435623666306538363162333137 98 | 31353739643365633862383939303664356233356538343037383062666266376532636263646665 99 | 62313564343862393038663638373339323166393831663462656435663766653061656630373334 100 | 61336538316131366262376165633632363464333432366266306532636432303330303034373633 101 | 35663238323533633130356263363935633062373433343431373232386661303334333836393661 102 | 31323961613836373434643236633164636465356131656434396639383762323839343936623363 103 | 35643862613431383839313965343431313364343663643062383736663363616134633030303464 104 | 65636664316561386465323832343138363434343830333535303632303936333930353833666161 105 | 66383632393462663230613730313362373365653136653663656532303461353437336238613436 106 | 31636130316466666435343831656634396263316231393665663930353137393861663563383131 107 | 30363530346134353833646234343939353662626437336237343062383434333165623936323734 108 | 34376632623562303537613832393366343865326137393632316238393530643265393663663363 109 | 65313863366665313438316337663432316365656566663530656463663435373065313330306332 110 | 37316438333531333363393232373864393332396235626630613137316631376434616132323833 111 | 64653737653061626335333534326431316336663138393837663663393262643963356537303030 112 | 63323132353663666432613866633162633566663166386437333165316262633262353538363633 113 | 34396666623135353835653833383732383462346638396262356635343562396435613635323531 114 | 35343339623863376566643164626262353139633333313038613338376661323138303439393638 115 | 62376464323461396636653261626262643631666634363463636464663566336532363936333265 116 | 64653739313865353433373065373532373661623832663639616366326637313266633739323234 117 | 62313265303663613335333934303335653633393164643533626664653063346131663738393133 118 | 30346433353130316333386530316134623331643762663934353031623535666661363435373632 119 | 64386136373765333638323832313937333533316335363630616337613263663364363837393064 120 | 393838373233303434613366396266323664 121 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/crda-openssl-1.1.patch: -------------------------------------------------------------------------------- 1 | From 338637ac08c19708eb35523894b44bbe3c726cfa Mon Sep 17 00:00:00 2001 2 | From: quentin 3 | Date: Mon, 2 Apr 2018 18:07:50 +0200 4 | Subject: [PATCH] crda: Fix for OpenSSL 1.1.0: BIGNUM now opaque 5 | 6 | OpenSSL 1.1.0 makes most of OpenSSL's structures opaque, and provides 7 | functions to manipulate them. This means it's no longer possible to 8 | construct an OpenSSL BIGNUM directly from scratch, as was done in 9 | keys-ssl.c. 10 | 11 | Use BN_bin2bn() (available since OpenSSL 0.9.8) to build the bignum from 12 | its big-endian representation as a byte array. 13 | 14 | This also allows factoring the code in utils/key2pub.py as it's now the 15 | same mechanism as with libgcrypt. 16 | 17 | This was tested with OpenSSL 1.1.0g. 18 | 19 | Signed-off-by: Quentin Minster 20 | --- 21 | .gitignore | 2 +- 22 | Makefile | 12 +++---- 23 | reglib.c | 44 +++++++++++++++++------ 24 | utils/key2pub.py | 107 ++++++------------------------------------------------- 25 | 4 files changed, 50 insertions(+), 115 deletions(-) 26 | 27 | diff --git a/.gitignore b/.gitignore 28 | index 7c4bb3a..29480a5 100644 29 | --- a/.gitignore 30 | +++ b/.gitignore 31 | @@ -10,5 +10,5 @@ regdbdump 32 | *.o 33 | *.so 34 | *.pyc 35 | -keys-*.c 36 | +keys.c 37 | key.priv.pem 38 | diff --git a/Makefile b/Makefile 39 | index a3ead30..a4e7373 100644 40 | --- a/Makefile 41 | +++ b/Makefile 42 | @@ -38,18 +38,16 @@ all: all_noverify verify 43 | 44 | all_noverify: $(LIBREG) crda intersect regdbdump db2rd optimize 45 | 46 | +$(LIBREG): keys.c 47 | + 48 | ifeq ($(USE_OPENSSL),1) 49 | CFLAGS += -DUSE_OPENSSL -DPUBKEY_DIR=\"$(RUNTIME_PUBKEY_DIR)\" `pkg-config --cflags openssl` 50 | LDLIBS += `pkg-config --libs openssl` 51 | 52 | -$(LIBREG): keys-ssl.c 53 | - 54 | else 55 | CFLAGS += -DUSE_GCRYPT 56 | LDLIBS += -lgcrypt 57 | 58 | -$(LIBREG): keys-gcrypt.c 59 | - 60 | endif 61 | MKDIR ?= mkdir -p 62 | INSTALL ?= install 63 | @@ -109,10 +107,10 @@ $(REG_BIN): 64 | $(NQ) 65 | $(Q) exit 1 66 | 67 | -keys-%.c: utils/key2pub.py $(wildcard $(PUBKEY_DIR)/*.pem) 68 | +keys.c: utils/key2pub.py $(wildcard $(PUBKEY_DIR)/*.pem) 69 | $(NQ) ' GEN ' $@ 70 | $(NQ) ' Trusted pubkeys:' $(wildcard $(PUBKEY_DIR)/*.pem) 71 | - $(Q)./utils/key2pub.py --$* $(wildcard $(PUBKEY_DIR)/*.pem) $@ 72 | + $(Q)./utils/key2pub.py $(wildcard $(PUBKEY_DIR)/*.pem) $@ 73 | 74 | $(LIBREG): regdb.h reglib.h reglib.c 75 | $(NQ) ' CC ' $@ 76 | @@ -187,5 +185,5 @@ install: install-libreg install-libreg-headers crda crda.8.gz regdbdump.8.gz 77 | 78 | clean: 79 | $(Q)rm -f $(LIBREG) crda regdbdump intersect db2rd optimize \ 80 | - *.o *~ *.pyc keys-*.c *.gz \ 81 | + *.o *~ *.pyc keys.c *.gz \ 82 | udev/$(UDEV_LEVEL)regulatory.rules udev/regulatory.rules.parsed 83 | diff --git a/reglib.c b/reglib.c 84 | index e00e9b8..00f7f56 100644 85 | --- a/reglib.c 86 | +++ b/reglib.c 87 | @@ -22,6 +22,7 @@ 88 | #include 89 | #include 90 | #include 91 | +#include 92 | #endif 93 | 94 | #ifdef USE_GCRYPT 95 | @@ -30,12 +31,8 @@ 96 | 97 | #include "reglib.h" 98 | 99 | -#ifdef USE_OPENSSL 100 | -#include "keys-ssl.c" 101 | -#endif 102 | - 103 | -#ifdef USE_GCRYPT 104 | -#include "keys-gcrypt.c" 105 | +#if defined(USE_OPENSSL) || defined(USE_GCRYPT) 106 | +#include "keys.c" 107 | #endif 108 | 109 | int debug = 0; 110 | @@ -81,7 +78,8 @@ reglib_array_len(size_t baselen, unsigned int elemcount, size_t elemlen) 111 | #ifdef USE_OPENSSL 112 | int reglib_verify_db_signature(uint8_t *db, size_t dblen, size_t siglen) 113 | { 114 | - RSA *rsa; 115 | + RSA *rsa = NULL; 116 | + BIGNUM *rsa_e = NULL, *rsa_n = NULL; 117 | uint8_t hash[SHA_DIGEST_LENGTH]; 118 | unsigned int i; 119 | int ok = 0; 120 | @@ -102,15 +100,35 @@ int reglib_verify_db_signature(uint8_t *db, size_t dblen, size_t siglen) 121 | goto out; 122 | } 123 | 124 | - rsa->e = &keys[i].e; 125 | - rsa->n = &keys[i].n; 126 | + rsa_e = BN_bin2bn(keys[i].e, keys[i].len_e, NULL); 127 | + if (!rsa_e) { 128 | + fprintf(stderr, "Failed to convert value for RSA e.\n"); 129 | + goto out; 130 | + } 131 | + rsa_n = BN_bin2bn(keys[i].n, keys[i].len_n, NULL); 132 | + if (!rsa_n) { 133 | + fprintf(stderr, "Failed to convert value for RSA n.\n"); 134 | + goto out; 135 | + } 136 | + 137 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L 138 | + rsa->e = rsa_e; 139 | + rsa->n = rsa_n; 140 | +#else 141 | + if (RSA_set0_key(rsa, rsa_n, rsa_e, NULL) != 1) { 142 | + fprintf(stderr, "Failed to set RSA key.\n"); 143 | + goto out; 144 | + } 145 | +#endif 146 | + /* BIGNUMs now owned by the RSA object */ 147 | + rsa_e = NULL; 148 | + rsa_n = NULL; 149 | 150 | ok = RSA_verify(NID_sha1, hash, SHA_DIGEST_LENGTH, 151 | db + dblen, siglen, rsa) == 1; 152 | 153 | - rsa->e = NULL; 154 | - rsa->n = NULL; 155 | RSA_free(rsa); 156 | + rsa = NULL; 157 | } 158 | if (!ok && (pubkey_dir = opendir(PUBKEY_DIR))) { 159 | while (!ok && (nextfile = readdir(pubkey_dir))) { 160 | @@ -123,6 +141,7 @@ int reglib_verify_db_signature(uint8_t *db, size_t dblen, size_t siglen) 161 | ok = RSA_verify(NID_sha1, hash, SHA_DIGEST_LENGTH, 162 | db + dblen, siglen, rsa) == 1; 163 | RSA_free(rsa); 164 | + rsa = NULL; 165 | fclose(keyfile); 166 | } 167 | } 168 | @@ -133,6 +152,9 @@ int reglib_verify_db_signature(uint8_t *db, size_t dblen, size_t siglen) 169 | fprintf(stderr, "Database signature verification failed.\n"); 170 | 171 | out: 172 | + RSA_free(rsa); 173 | + BN_free(rsa_e); 174 | + BN_free(rsa_n); 175 | return ok; 176 | } 177 | #endif /* USE_OPENSSL */ 178 | diff --git a/utils/key2pub.py b/utils/key2pub.py 179 | index 9bb04cd..1919270 100755 180 | --- a/utils/key2pub.py 181 | +++ b/utils/key2pub.py 182 | @@ -9,84 +9,7 @@ except ImportError, e: 183 | sys.stderr.write('On Debian GNU/Linux the package is called "python-m2crypto".\n') 184 | sys.exit(1) 185 | 186 | -def print_ssl_64(output, name, val): 187 | - while val[0] == '\0': 188 | - val = val[1:] 189 | - while len(val) % 8: 190 | - val = '\0' + val 191 | - vnew = [] 192 | - while len(val): 193 | - vnew.append((val[0], val[1], val[2], val[3], val[4], val[5], val[6], val[7])) 194 | - val = val[8:] 195 | - vnew.reverse() 196 | - output.write('static BN_ULONG %s[%d] = {\n' % (name, len(vnew))) 197 | - idx = 0 198 | - for v1, v2, v3, v4, v5, v6, v7, v8 in vnew: 199 | - if not idx: 200 | - output.write('\t') 201 | - output.write('0x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x, ' % (ord(v1), ord(v2), ord(v3), ord(v4), ord(v5), ord(v6), ord(v7), ord(v8))) 202 | - idx += 1 203 | - if idx == 2: 204 | - idx = 0 205 | - output.write('\n') 206 | - if idx: 207 | - output.write('\n') 208 | - output.write('};\n\n') 209 | - 210 | -def print_ssl_32(output, name, val): 211 | - while val[0] == '\0': 212 | - val = val[1:] 213 | - while len(val) % 4: 214 | - val = '\0' + val 215 | - vnew = [] 216 | - while len(val): 217 | - vnew.append((val[0], val[1], val[2], val[3], )) 218 | - val = val[4:] 219 | - vnew.reverse() 220 | - output.write('static BN_ULONG %s[%d] = {\n' % (name, len(vnew))) 221 | - idx = 0 222 | - for v1, v2, v3, v4 in vnew: 223 | - if not idx: 224 | - output.write('\t') 225 | - output.write('0x%.2x%.2x%.2x%.2x, ' % (ord(v1), ord(v2), ord(v3), ord(v4))) 226 | - idx += 1 227 | - if idx == 4: 228 | - idx = 0 229 | - output.write('\n') 230 | - if idx: 231 | - output.write('\n') 232 | - output.write('};\n\n') 233 | - 234 | -def print_ssl(output, name, val): 235 | - import struct 236 | - output.write('#include \n') 237 | - if len(struct.pack('@L', 0)) == 8: 238 | - return print_ssl_64(output, name, val) 239 | - else: 240 | - return print_ssl_32(output, name, val) 241 | - 242 | -def print_ssl_keys(output, n): 243 | - output.write(r''' 244 | -struct pubkey { 245 | - struct bignum_st e, n; 246 | -}; 247 | - 248 | -#define KEY(data) { \ 249 | - .d = data, \ 250 | - .top = sizeof(data)/sizeof(data[0]), \ 251 | -} 252 | - 253 | -#define KEYS(e,n) { KEY(e), KEY(n), } 254 | - 255 | -static struct pubkey keys[] = { 256 | -''') 257 | - for n in xrange(n + 1): 258 | - output.write(' KEYS(e_%d, n_%d),\n' % (n, n)) 259 | - output.write('};\n') 260 | - pass 261 | - 262 | -def print_gcrypt(output, name, val): 263 | - output.write('#include \n') 264 | +def print_bignum(output, name, val): 265 | while val[0] == '\0': 266 | val = val[1:] 267 | output.write('static const uint8_t %s[%d] = {\n' % (name, len(val))) 268 | @@ -103,11 +26,11 @@ def print_gcrypt(output, name, val): 269 | output.write('\n') 270 | output.write('};\n\n') 271 | 272 | -def print_gcrypt_keys(output, n): 273 | +def print_keys(output, n): 274 | output.write(r''' 275 | struct key_params { 276 | const uint8_t *e, *n; 277 | - uint32_t len_e, len_n; 278 | + const uint32_t len_e, len_n; 279 | }; 280 | 281 | #define KEYS(_e, _n) { \ 282 | @@ -120,25 +43,17 @@ static const struct key_params __attribute__ ((unused)) keys[] = { 283 | for n in xrange(n + 1): 284 | output.write(' KEYS(e_%d, n_%d),\n' % (n, n)) 285 | output.write('};\n') 286 | - 287 | 288 | -modes = { 289 | - '--ssl': (print_ssl, print_ssl_keys), 290 | - '--gcrypt': (print_gcrypt, print_gcrypt_keys), 291 | -} 292 | 293 | -try: 294 | - mode = sys.argv[1] 295 | - files = sys.argv[2:-1] 296 | - outfile = sys.argv[-1] 297 | -except IndexError: 298 | - mode = None 299 | +files = sys.argv[1:-1] 300 | +outfile = sys.argv[-1] 301 | 302 | -if not mode in modes: 303 | - print 'Usage: %s [%s] input-file... output-file' % (sys.argv[0], '|'.join(modes.keys())) 304 | +if len(files) == 0: 305 | + print 'Usage: %s input-file... output-file' % (sys.argv[0], ) 306 | sys.exit(2) 307 | 308 | output = open(outfile, 'w') 309 | +output.write('#include \n\n\n') 310 | 311 | # load key 312 | idx = 0 313 | @@ -148,8 +63,8 @@ for f in files: 314 | except RSA.RSAError: 315 | key = RSA.load_key(f) 316 | 317 | - modes[mode][0](output, 'e_%d' % idx, key.e[4:]) 318 | - modes[mode][0](output, 'n_%d' % idx, key.n[4:]) 319 | + print_bignum(output, 'e_%d' % idx, key.e[4:]) 320 | + print_bignum(output, 'n_%d' % idx, key.n[4:]) 321 | idx += 1 322 | 323 | -modes[mode][1](output, idx - 1) 324 | +print_keys(output, idx - 1) 325 | -- 326 | 2.16.2 327 | 328 | -------------------------------------------------------------------------------- /contrib/vimrc-from-old-laptop: -------------------------------------------------------------------------------- 1 | set nocompatible " be iMproved, required 2 | filetype off " required 3 | set shell=zsh " :sh 4 | 5 | " set the runtime path to include Vundle and initialize 6 | set rtp+=~/.vim/bundle/Vundle.vim 7 | call vundle#begin() 8 | " alternatively, pass a path where Vundle should install plugins 9 | "call vundle#begin('~/some/path/here') 10 | 11 | " let Vundle manage Vundle, required 12 | Plugin 'gmarik/Vundle.vim' 13 | 14 | " The following are examples of different formats supported. 15 | " Keep Plugin commands between vundle#begin/end. 16 | " plugin on GitHub repo 17 | Plugin 'tpope/vim-fugitive' 18 | " plugin from http://vim-scripts.org/vim/scripts.html 19 | Plugin 'L9' 20 | " Git plugin not hosted on GitHub 21 | ""like:""Plugin 'https://bb.webknjaz.com/command-t.git' 22 | " git repos on your local machine (i.e. when working on your own plugin) 23 | "Plugin 'file:///home/gmarik/path/to/plugin' 24 | " The sparkup vim script is in a subdirectory of this repo called vim. 25 | " Pass the path to set the runtimepath properly. 26 | Plugin 'rstacruz/sparkup', {'rtp': 'vim/'} 27 | " Avoid a name conflict with L9 28 | " Plugin 'user/L9', {'name': 'newL9'} 29 | Plugin 'scrooloose/nerdtree' 30 | Plugin 'altercation/vim-colors-solarized' 31 | 32 | "Plugin 'tclem/vim-arduino' 33 | Plugin 'jplaut/vim-arduino-ino' 34 | 35 | Plugin 'davidhalter/jedi-vim' 36 | 37 | Plugin 'Pydiction' 38 | 39 | Plugin 'pearofducks/ansible-vim' 40 | 41 | " PHP xdebug 42 | Plugin 'brookhong/DBGPavim' 43 | Plugin 'sumpygump/vim-php-debugger' 44 | Plugin 'joonty/vdebug' 45 | 46 | " TypeScript 47 | Plugin 'Quramy/tsuquyomi' 48 | Plugin 'Shougo/vimproc.vim' 49 | Plugin 'leafgarland/typescript-vim' 50 | Plugin 'Quramy/vim-js-pretty-template' 51 | Plugin 'jason0x43/vim-js-indent' 52 | Plugin 'Quramy/vim-dtsm' 53 | Plugin 'mhartington/vim-typings' 54 | 55 | Plugin 'baverman/vial' 56 | Plugin 'baverman/vial-http' 57 | 58 | " All of your Plugins must be added before the following line 59 | call vundle#end() " required 60 | filetype plugin indent on " required 61 | " To ignore plugin indent changes, instead use: 62 | "filetype plugin on 63 | " 64 | " Brief help 65 | " :PluginList - lists configured plugins 66 | " :PluginInstall - installs plugins; append `!` to update or just :PluginUpdate 67 | " :PluginSearch foo - searches for foo; append `!` to refresh local cache 68 | " :PluginClean - confirms removal of unused plugins; append `!` to auto-approve removal 69 | " 70 | " see :h vundle for more details or wiki for FAQ 71 | " Put your non-Plugin stuff after this line 72 | 73 | """""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" 74 | " .vimrc File 75 | " Maintained by: Jeffrey Way 76 | " jeffrey@jeffrey-way.com 77 | " http://net.tutsplus.com 78 | " 79 | " Compiled with @kote's configs by @webknjaz 80 | 81 | " comletion 82 | let g:pydiction_location = '/Users/ssydore/.vim/bundle/Pydiction/complete-dict' 83 | let g:pydiction_menu_height = 8 84 | 85 | " @kote 86 | set guioptions-=m 87 | set guioptions-=T 88 | set colorcolumn=79 89 | 90 | "Forget compatibility with Vi. Who cares. 91 | set nocompatible 92 | set spell 93 | 94 | "Enable filetypes 95 | filetype on 96 | filetype plugin indent on 97 | filetype plugin on 98 | filetype indent on 99 | syntax on 100 | 101 | "Enable LaTeX 102 | set grepprg=grep\ -nH\ $* 103 | let g:tex_flavor='latex' 104 | 105 | "Enable the help 106 | " helptags ~/.vim/doc 107 | 108 | "Write the old file out when switching between files. 109 | set autowrite 110 | 111 | "Display current cursor position in lower right corner. 112 | set ruler 113 | 114 | "Want a different map leader than \ 115 | "set mapleader = ","; 116 | 117 | "Ever notice a slight lag after typing the leader key + command? This lowers 118 | "the timeout. 119 | set timeoutlen=500 120 | 121 | "Switch between buffers without saving 122 | set hidden 123 | 124 | "Set the color scheme. Change this to your preference. 125 | "Here's 100 to choose from: http://www.vim.org/scripts/script.php?script_id=625 126 | "colorscheme twilight 127 | "colorscheme sea 128 | 129 | " Color scheme 130 | set t_Co=256 131 | let g:solarized_termcolors=256 132 | set background=dark 133 | colorscheme solarized 134 | 135 | "Set font type and size. Depends on the resolution. Larger screens, prefer h20 136 | set guifont=Menlo:h14 137 | 138 | set bs=2 139 | "Tab stuff 140 | set tabstop=4 141 | set shiftwidth=4 142 | set softtabstop=4 143 | set expandtab 144 | set smarttab 145 | 146 | "Show command in bottom right portion of the screen 147 | set showcmd 148 | 149 | "Show lines numbers 150 | set number 151 | 152 | "Prefer relative line numbering? 153 | "set relativenumber" 154 | 155 | "Indent stuff 156 | set smartindent 157 | set autoindent 158 | 159 | "Always show the status line 160 | set laststatus=2 161 | 162 | "Prefer a slightly higher line height 163 | set linespace=3 164 | 165 | "Better line wrapping 166 | set wrap 167 | set textwidth=79 168 | set formatoptions=qrn1 169 | 170 | "Set incremental searching" 171 | set incsearch 172 | 173 | "Highlight searching 174 | set hlsearch 175 | 176 | " case insensitive search 177 | set ignorecase 178 | set smartcase 179 | 180 | "Hide MacVim toolbar by default 181 | set go-=T 182 | 183 | "Hard-wrap paragraphs of text 184 | nnoremap q gqip 185 | 186 | "Enable code folding 187 | set foldenable 188 | 189 | " Folding 190 | set foldmethod=manual 191 | set foldlevel=99 192 | set foldnestmax=2 193 | 194 | " Python syntax 195 | let python_highlight_all=1 196 | setlocal keywordprg=pydoc 197 | 198 | " Minibufexpl 199 | let g:miniBufExplMapWindowNavVim = 1 200 | let g:miniBufExplMapWindowNavArrows = 1 201 | let g:miniBufExplMapCTabSwitchBufs = 1 202 | let g:miniBufExplModSelTarget = 1 203 | 204 | " Django templates 205 | au! BufNewFile,BufRead *.html set filetype=htmldjango 206 | 207 | "Hide mouse when typing 208 | set mousehide 209 | 210 | "Shortcut to fold tags with leader (usually \) + ft 211 | nnoremap ft Vatzf 212 | 213 | " Create dictionary for custom expansions 214 | set dictionary+=~/.vim/dict.txt 215 | 216 | "Opens a vertical split and switches over (\v) 217 | nnoremap v vl 218 | 219 | "Split windows below the current window. 220 | set splitbelow 221 | 222 | " session settings 223 | set sessionoptions=resize,winpos,winsize,buffers,tabpages,folds,curdir,help 224 | 225 | "Set up an HTML5 template for all new .html files 226 | "autocmd BufNewFile * silent! 0r $VIMHOME/templates/%:e.tpl 227 | 228 | "Load the current buffer in Firefox - Mac specific. 229 | abbrev ff :! open -a firefox.app %:p 230 | 231 | "Map a change directory to the desktop - Mac specific 232 | nmap d :cd ~/Desktop:e. 233 | 234 | "Shortcut for editing vimrc file in a new tab 235 | nmap ev :tabedit $MYVIMRC 236 | 237 | "Change zen coding plugin expansion key to shift + e 238 | let g:user_zen_expandabbr_key = '' 239 | 240 | "Faster shortcut for commenting. Requires T-Comment plugin 241 | map c 242 | 243 | "Saves time; maps the spacebar to colon 244 | nmap : 245 | 246 | "Automatically change current directory to that of the file in the buffer 247 | autocmd BufEnter * cd %:p:h 248 | 249 | "Map code completion to , + tab 250 | imap 251 | 252 | " More useful command-line completion 253 | set wildmenu 254 | 255 | "Auto-completion menu 256 | set wildmode=list:longest 257 | 258 | "http://vim.wikia.com/wiki/Make_Vim_completion_popup_menu_work_just_like_in_an_IDE 259 | set completeopt=longest,menuone 260 | inoremap pumvisible() ? "\" : "\u\" 261 | inoremap pumvisible() ? '' : 262 | \ '=pumvisible() ? "\Down>" : ""' 263 | inoremap pumvisible() ? '' : 264 | \ '=pumvisible() ? "\Down>" : ""' 265 | 266 | "Map escape key to jj -- much faster 267 | imap jj 268 | 269 | "Delete all buffers (via Derek Wyatt) 270 | nmap ,da :exec "1," . bufnr('$') . "bd" 271 | 272 | "Bubble single lines (kicks butt) 273 | "http://vimcasts.org/episodes/bubbling-text/ 274 | nmap ddkP 275 | nmap ddp 276 | 277 | "Bubble multiple lines 278 | vmap xkP`[V`] 279 | vmap xp`[V`] 280 | 281 | " Source the vimrc file after saving it. This way, you don't have to reload Vim to see the changes. 282 | if has("autocmd") 283 | augroup myvimrchooks 284 | au! 285 | autocmd bufwritepost .vimrc source ~/.vimrc 286 | augroup END 287 | endif 288 | 289 | " easier window navigation 290 | nmap h 291 | nmap j 292 | nmap k 293 | nmap l 294 | 295 | "------------------------" 296 | "NERDTREE PLUGIN SETTINGS 297 | "------------------------" 298 | "Shortcut for NERDTreeToggle 299 | nmap nt :NERDTreeToggle 300 | 301 | "Show hidden files in NerdTree 302 | let NERDTreeShowHidden=1 303 | 304 | "autopen NERDTree and focus cursor in new document 305 | autocmd VimEnter * NERDTree 306 | autocmd VimEnter * wincmd p 307 | 308 | " NERDTree 309 | nmap :NERDTreeToggle 310 | imap :NERDTreeToggle 311 | let NERDTreeIgnore = ['\.pyc$'] 312 | 313 | "Helpeful abbreviations 314 | iab lorem Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. 315 | iab llorem Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. 316 | 317 | "Spelling corrects. Just for example. Add yours below. 318 | iab teh the 319 | iab Teh The 320 | 321 | " Get to home dir easier 322 | " hm is easier to type than :cd ~ 323 | nmap hm :cd ~/ 324 | 325 | " Alphabetically sort CSS properties in file with :SortCSS 326 | :command! SortCSS :g#\({\n\)\@<=#.,/}/sort 327 | 328 | " Shortcut to opening a virtual split to right of current pane 329 | " Makes more sense than opening to the left 330 | nmap bv :bel vsp 331 | 332 | " Saves file when Vim window loses focus 333 | au FocusLost * :wa 334 | " http://stackoverflow.com/questions/4637575/how-can-i-make-vim-autosave-files-when-it-loses-focus 335 | " http://stackoverflow.com/questions/8574387/vim-saving-on-focuslost-and-executing-auto-command 336 | " http://pastebin.com/4mbUWcTc 337 | " http://stackoverflow.com/questions/23013201/how-to-get-rid-of-error-detected-while-processing-focuslost-auto-commands-in-vim 338 | autocmd BufLeave,FocusLost * silent! wall 339 | 340 | " Backups 341 | set backupdir=~/.vim/tmp/backup// " backups 342 | set directory=~/.vim/tmp/swap// " swap files 343 | set backup " enable backup 344 | 345 | " No more stretching for navigating files 346 | "noremap h ; 347 | "noremap j h 348 | "noremap k gj 349 | "noremap l gk 350 | "noremap ; l 351 | 352 | set showmatch " show matching brackets 353 | 354 | " print empty tag 355 | map! ;h 5hi 356 | " 357 | " No switch keyboard layout for commands in normal mode. 358 | 359 | 360 | " https://coderwall.com/welcome 361 | " This makes `w!!` command save file when you've forgotten to open in with sudo 362 | cmap w!! %!sudo tee > /dev/null % 363 | 364 | set mouse=a 365 | 366 | let g:dbgPavimPathMap = [['/home/ssydore/src/atlassian/hipchat/web/www','/'],] 367 | 368 | let g:vdebug_options = {'ide_key': 'PHPSTORM'} 369 | let g:vdebug_options = {'break_on_open': 0} 370 | let g:vdebug_options = {'server': '127.0.0.1'} 371 | let g:vdebug_options = {'port': '9000'} 372 | -------------------------------------------------------------------------------- /roles/gentoo-apps/files/cyrus-sasl-2.1.26-openssl-1.1.patch: -------------------------------------------------------------------------------- 1 | diff --git a/plugins/ntlm.c b/plugins/ntlm.c 2 | index 79ea47c..554a00d 100644 3 | --- a/plugins/ntlm.c 4 | +++ b/plugins/ntlm.c 5 | @@ -417,6 +417,29 @@ static unsigned char *P24(unsigned char *P24, unsigned char *P21, 6 | return P24; 7 | } 8 | 9 | +static HMAC_CTX *_plug_HMAC_CTX_new(const sasl_utils_t *utils) 10 | +{ 11 | + utils->log(NULL, SASL_LOG_DEBUG, "_plug_HMAC_CTX_new()"); 12 | + 13 | +#if OPENSSL_VERSION_NUMBER >= 0x10100000L 14 | + return HMAC_CTX_new(); 15 | +#else 16 | + return utils->malloc(sizeof(EVP_MD_CTX)); 17 | +#endif 18 | +} 19 | + 20 | +static void _plug_HMAC_CTX_free(HMAC_CTX *ctx, const sasl_utils_t *utils) 21 | +{ 22 | + utils->log(NULL, SASL_LOG_DEBUG, "_plug_HMAC_CTX_free()"); 23 | + 24 | +#if OPENSSL_VERSION_NUMBER >= 0x10100000L 25 | + HMAC_CTX_free(ctx); 26 | +#else 27 | + HMAC_cleanup(ctx); 28 | + utils->free(ctx); 29 | +#endif 30 | +} 31 | + 32 | static unsigned char *V2(unsigned char *V2, sasl_secret_t *passwd, 33 | const char *authid, const char *target, 34 | const unsigned char *challenge, 35 | @@ -424,7 +447,7 @@ static unsigned char *V2(unsigned char *V2, sasl_secret_t *passwd, 36 | const sasl_utils_t *utils, 37 | char **buf, unsigned *buflen, int *result) 38 | { 39 | - HMAC_CTX ctx; 40 | + HMAC_CTX *ctx = NULL; 41 | unsigned char hash[EVP_MAX_MD_SIZE]; 42 | char *upper; 43 | unsigned int len; 44 | @@ -435,6 +458,10 @@ static unsigned char *V2(unsigned char *V2, sasl_secret_t *passwd, 45 | SETERROR(utils, "cannot allocate NTLMv2 hash"); 46 | *result = SASL_NOMEM; 47 | } 48 | + else if ((ctx = _plug_HMAC_CTX_new(utils)) == NULL) { 49 | + SETERROR(utils, "cannot allocate HMAC CTX"); 50 | + *result = SASL_NOMEM; 51 | + } 52 | else { 53 | /* NTLMv2hash = HMAC-MD5(NTLMhash, unicode(ucase(authid + domain))) */ 54 | P16_nt(hash, passwd, utils, buf, buflen, result); 55 | @@ -449,17 +476,18 @@ static unsigned char *V2(unsigned char *V2, sasl_secret_t *passwd, 56 | HMAC(EVP_md5(), hash, MD4_DIGEST_LENGTH, *buf, 2 * len, hash, &len); 57 | 58 | /* V2 = HMAC-MD5(NTLMv2hash, challenge + blob) + blob */ 59 | - HMAC_Init(&ctx, hash, len, EVP_md5()); 60 | - HMAC_Update(&ctx, challenge, NTLM_NONCE_LENGTH); 61 | - HMAC_Update(&ctx, blob, bloblen); 62 | - HMAC_Final(&ctx, V2, &len); 63 | - HMAC_cleanup(&ctx); 64 | + HMAC_Init_ex(ctx, hash, len, EVP_md5(), NULL); 65 | + HMAC_Update(ctx, challenge, NTLM_NONCE_LENGTH); 66 | + HMAC_Update(ctx, blob, bloblen); 67 | + HMAC_Final(ctx, V2, &len); 68 | 69 | /* the blob is concatenated outside of this function */ 70 | 71 | *result = SASL_OK; 72 | } 73 | 74 | + if (ctx) _plug_HMAC_CTX_free(ctx, utils); 75 | + 76 | return V2; 77 | } 78 | 79 | diff --git a/plugins/otp.c b/plugins/otp.c 80 | index dd73065..d1e9bf4 100644 81 | --- a/plugins/otp.c 82 | +++ b/plugins/otp.c 83 | @@ -96,6 +96,28 @@ static algorithm_option_t algorithm_options[] = { 84 | {NULL, 0, NULL} 85 | }; 86 | 87 | +static EVP_MD_CTX *_plug_EVP_MD_CTX_new(const sasl_utils_t *utils) 88 | +{ 89 | + utils->log(NULL, SASL_LOG_DEBUG, "_plug_EVP_MD_CTX_new()"); 90 | + 91 | +#if OPENSSL_VERSION_NUMBER >= 0x10100000L 92 | + return EVP_MD_CTX_new(); 93 | +#else 94 | + return utils->malloc(sizeof(EVP_MD_CTX)); 95 | +#endif 96 | +} 97 | + 98 | +static void _plug_EVP_MD_CTX_free(EVP_MD_CTX *ctx, const sasl_utils_t *utils) 99 | +{ 100 | + utils->log(NULL, SASL_LOG_DEBUG, "_plug_EVP_MD_CTX_free()"); 101 | + 102 | +#if OPENSSL_VERSION_NUMBER >= 0x10100000L 103 | + EVP_MD_CTX_free(ctx); 104 | +#else 105 | + utils->free(ctx); 106 | +#endif 107 | +} 108 | + 109 | /* Convert the binary data into ASCII hex */ 110 | void bin2hex(unsigned char *bin, int binlen, char *hex) 111 | { 112 | @@ -116,17 +138,16 @@ void bin2hex(unsigned char *bin, int binlen, char *hex) 113 | * swabbing bytes if necessary. 114 | */ 115 | static void otp_hash(const EVP_MD *md, char *in, size_t inlen, 116 | - unsigned char *out, int swab) 117 | + unsigned char *out, int swab, EVP_MD_CTX *mdctx) 118 | { 119 | - EVP_MD_CTX mdctx; 120 | char hash[EVP_MAX_MD_SIZE]; 121 | unsigned int i; 122 | int j; 123 | unsigned hashlen; 124 | 125 | - EVP_DigestInit(&mdctx, md); 126 | - EVP_DigestUpdate(&mdctx, in, inlen); 127 | - EVP_DigestFinal(&mdctx, hash, &hashlen); 128 | + EVP_DigestInit(mdctx, md); 129 | + EVP_DigestUpdate(mdctx, in, inlen); 130 | + EVP_DigestFinal(mdctx, hash, &hashlen); 131 | 132 | /* Fold the result into 64 bits */ 133 | for (i = OTP_HASH_SIZE; i < hashlen; i++) { 134 | @@ -149,7 +170,9 @@ static int generate_otp(const sasl_utils_t *utils, 135 | char *secret, char *otp) 136 | { 137 | const EVP_MD *md; 138 | - char *key; 139 | + EVP_MD_CTX *mdctx = NULL; 140 | + char *key = NULL; 141 | + int r = SASL_OK; 142 | 143 | if (!(md = EVP_get_digestbyname(alg->evp_name))) { 144 | utils->seterror(utils->conn, 0, 145 | @@ -157,23 +180,32 @@ static int generate_otp(const sasl_utils_t *utils, 146 | return SASL_FAIL; 147 | } 148 | 149 | + if ((mdctx = _plug_EVP_MD_CTX_new(utils)) == NULL) { 150 | + SETERROR(utils, "cannot allocate MD CTX"); 151 | + r = SASL_NOMEM; 152 | + goto done; 153 | + } 154 | + 155 | if ((key = utils->malloc(strlen(seed) + strlen(secret) + 1)) == NULL) { 156 | SETERROR(utils, "cannot allocate OTP key"); 157 | - return SASL_NOMEM; 158 | + r = SASL_NOMEM; 159 | + goto done; 160 | } 161 | 162 | /* initial step */ 163 | strcpy(key, seed); 164 | strcat(key, secret); 165 | - otp_hash(md, key, strlen(key), otp, alg->swab); 166 | + otp_hash(md, key, strlen(key), otp, alg->swab, mdctx); 167 | 168 | /* computation step */ 169 | while (seq-- > 0) 170 | - otp_hash(md, otp, OTP_HASH_SIZE, otp, alg->swab); 171 | + otp_hash(md, otp, OTP_HASH_SIZE, otp, alg->swab, mdctx); 172 | 173 | - utils->free(key); 174 | + done: 175 | + if (key) utils->free(key); 176 | + if (mdctx) _plug_EVP_MD_CTX_free(mdctx, utils); 177 | 178 | - return SASL_OK; 179 | + return r; 180 | } 181 | 182 | static int parse_challenge(const sasl_utils_t *utils, 183 | @@ -693,7 +725,8 @@ static int strptrcasecmp(const void *arg1, const void *arg2) 184 | 185 | /* Convert the 6 words into binary data */ 186 | static int word2bin(const sasl_utils_t *utils, 187 | - char *words, unsigned char *bin, const EVP_MD *md) 188 | + char *words, unsigned char *bin, const EVP_MD *md, 189 | + EVP_MD_CTX *mdctx) 190 | { 191 | int i, j; 192 | char *c, *word, buf[OTP_RESPONSE_MAX+1]; 193 | @@ -752,13 +785,12 @@ static int word2bin(const sasl_utils_t *utils, 194 | 195 | /* alternate dictionary */ 196 | if (alt_dict) { 197 | - EVP_MD_CTX mdctx; 198 | char hash[EVP_MAX_MD_SIZE]; 199 | int hashlen; 200 | 201 | - EVP_DigestInit(&mdctx, md); 202 | - EVP_DigestUpdate(&mdctx, word, strlen(word)); 203 | - EVP_DigestFinal(&mdctx, hash, &hashlen); 204 | + EVP_DigestInit(mdctx, md); 205 | + EVP_DigestUpdate(mdctx, word, strlen(word)); 206 | + EVP_DigestFinal(mdctx, hash, &hashlen); 207 | 208 | /* use lowest 11 bits */ 209 | x = ((hash[hashlen-2] & 0x7) << 8) | hash[hashlen-1]; 210 | @@ -802,6 +834,7 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils, 211 | char *response) 212 | { 213 | const EVP_MD *md; 214 | + EVP_MD_CTX *mdctx = NULL; 215 | char *c; 216 | int do_init = 0; 217 | unsigned char cur_otp[OTP_HASH_SIZE], prev_otp[OTP_HASH_SIZE]; 218 | @@ -815,6 +848,11 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils, 219 | return SASL_FAIL; 220 | } 221 | 222 | + if ((mdctx = _plug_EVP_MD_CTX_new(utils)) == NULL) { 223 | + SETERROR(utils, "cannot allocate MD CTX"); 224 | + return SASL_NOMEM; 225 | + } 226 | + 227 | /* eat leading whitespace */ 228 | c = response; 229 | while (isspace((int) *c)) c++; 230 | @@ -824,7 +862,7 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils, 231 | r = hex2bin(c+strlen(OTP_HEX_TYPE), cur_otp, OTP_HASH_SIZE); 232 | } 233 | else if (!strncasecmp(c, OTP_WORD_TYPE, strlen(OTP_WORD_TYPE))) { 234 | - r = word2bin(utils, c+strlen(OTP_WORD_TYPE), cur_otp, md); 235 | + r = word2bin(utils, c+strlen(OTP_WORD_TYPE), cur_otp, md, mdctx); 236 | } 237 | else if (!strncasecmp(c, OTP_INIT_HEX_TYPE, 238 | strlen(OTP_INIT_HEX_TYPE))) { 239 | @@ -834,7 +872,7 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils, 240 | else if (!strncasecmp(c, OTP_INIT_WORD_TYPE, 241 | strlen(OTP_INIT_WORD_TYPE))) { 242 | do_init = 1; 243 | - r = word2bin(utils, c+strlen(OTP_INIT_WORD_TYPE), cur_otp, md); 244 | + r = word2bin(utils, c+strlen(OTP_INIT_WORD_TYPE), cur_otp, md, mdctx); 245 | } 246 | else { 247 | SETERROR(utils, "unknown OTP extended response type"); 248 | @@ -843,14 +881,14 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils, 249 | } 250 | else { 251 | /* standard response, try word first, and then hex */ 252 | - r = word2bin(utils, c, cur_otp, md); 253 | + r = word2bin(utils, c, cur_otp, md, mdctx); 254 | if (r != SASL_OK) 255 | r = hex2bin(c, cur_otp, OTP_HASH_SIZE); 256 | } 257 | 258 | if (r == SASL_OK) { 259 | /* do one more hash (previous otp) and compare to stored otp */ 260 | - otp_hash(md, cur_otp, OTP_HASH_SIZE, prev_otp, text->alg->swab); 261 | + otp_hash(md, cur_otp, OTP_HASH_SIZE, prev_otp, text->alg->swab, mdctx); 262 | 263 | if (!memcmp(prev_otp, text->otp, OTP_HASH_SIZE)) { 264 | /* update the secret with this seq/otp */ 265 | @@ -879,23 +917,28 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils, 266 | *new_resp++ = '\0'; 267 | } 268 | 269 | - if (!(new_chal && new_resp)) 270 | - return SASL_BADAUTH; 271 | + if (!(new_chal && new_resp)) { 272 | + r = SASL_BADAUTH; 273 | + goto done; 274 | + } 275 | 276 | if ((r = parse_challenge(utils, new_chal, &alg, &seq, seed, 1)) 277 | != SASL_OK) { 278 | - return r; 279 | + goto done; 280 | } 281 | 282 | - if (seq < 1 || !strcasecmp(seed, text->seed)) 283 | - return SASL_BADAUTH; 284 | + if (seq < 1 || !strcasecmp(seed, text->seed)) { 285 | + r = SASL_BADAUTH; 286 | + goto done; 287 | + } 288 | 289 | /* find the MDA */ 290 | if (!(md = EVP_get_digestbyname(alg->evp_name))) { 291 | utils->seterror(utils->conn, 0, 292 | "OTP algorithm %s is not available", 293 | alg->evp_name); 294 | - return SASL_BADAUTH; 295 | + r = SASL_BADAUTH; 296 | + goto done; 297 | } 298 | 299 | if (!strncasecmp(c, OTP_INIT_HEX_TYPE, strlen(OTP_INIT_HEX_TYPE))) { 300 | @@ -903,7 +946,7 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils, 301 | } 302 | else if (!strncasecmp(c, OTP_INIT_WORD_TYPE, 303 | strlen(OTP_INIT_WORD_TYPE))) { 304 | - r = word2bin(utils, new_resp, new_otp, md); 305 | + r = word2bin(utils, new_resp, new_otp, md, mdctx); 306 | } 307 | 308 | if (r == SASL_OK) { 309 | @@ -914,7 +957,10 @@ static int verify_response(server_context_t *text, const sasl_utils_t *utils, 310 | memcpy(text->otp, new_otp, OTP_HASH_SIZE); 311 | } 312 | } 313 | - 314 | + 315 | + done: 316 | + if (mdctx) _plug_EVP_MD_CTX_free(mdctx, utils); 317 | + 318 | return r; 319 | } 320 | 321 | @@ -1443,8 +1489,10 @@ int otp_server_plug_init(const sasl_utils_t *utils, 322 | *pluglist = otp_server_plugins; 323 | *plugcount = 1; 324 | 325 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L 326 | /* Add all digests */ 327 | OpenSSL_add_all_digests(); 328 | +#endif 329 | 330 | return SASL_OK; 331 | } 332 | @@ -1844,8 +1892,10 @@ int otp_client_plug_init(sasl_utils_t *utils, 333 | *pluglist = otp_client_plugins; 334 | *plugcount = 1; 335 | 336 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L 337 | /* Add all digests */ 338 | OpenSSL_add_all_digests(); 339 | +#endif 340 | 341 | return SASL_OK; 342 | } 343 | --- a/saslauthd/lak.c 344 | +++ b/saslauthd/lak.c 345 | @@ -729,7 +729,7 @@ int lak_init( 346 | return rc; 347 | } 348 | 349 | -#ifdef HAVE_OPENSSL 350 | +#if defined(HAVE_OPENSSL) && OPENSSL_VERSION_NUMBER < 0x10100000L 351 | OpenSSL_add_all_digests(); 352 | #endif 353 | 354 | --------------------------------------------------------------------------------