Skip to content
/ blueprint Public

Print your workstation wherever you are. The same thing, the same way, every time.

License

View license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

evgnomon/blueprint

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

88 Commits

docker

docker

 
 

docs/assets

docs/assets

 
 

group_vars

group_vars

 
 

library

library

 
 

roles

roles

 
 

tasks

tasks

 
 

vars

vars

 
 

.ansible-lint

.ansible-lint

 
 

.pre-commit-config.yaml

.pre-commit-config.yaml

 
 

.yamllint

.yamllint

 
 

COPYING

COPYING

 
 

Dockerfile

Dockerfile

 
 

README.md

README.md

 
 

SHA512SUMS

SHA512SUMS

 
 

ansible.cfg

ansible.cfg

 
 

azure_cli.yml

azure_cli.yml

 
 

bootstrap-Linux.sh

bootstrap-Linux.sh

 
 

dmg.yaml

dmg.yaml

 
 

docker-compose.yaml

docker-compose.yaml

 
 

inventory

inventory

 
 

main-Debian.yml

main-Debian.yml

 
 

main-MacOSX.yml

main-MacOSX.yml

 
 

main-Windows.yml

main-Windows.yml

 
 

main.yaml

main.yaml

 
 

pkg.yml

pkg.yml

 
 

rotate

rotate

 
 

rotate.yaml

rotate.yaml

 
 

terminal.yml

terminal.yml

 
 

vim.yml

vim.yml

 
 

zull.yml

zull.yml

 
 

zygote.yml

zygote.yml

 
 

Repository files navigation

HGL/Blueprint

Print your workstation wherever you. The same thing, the same way, every time.

Supports Linux, macOS and Windows native and WSL2 and Docker container.

Getting Started

sudo ls # to let ansible become root when needed
# In Debian/Ubuntu add your the user to sudo group:
usermod -aG sudo
./bootstrap-Linux.sh
# Checkout your `.blueprint` settings.
git clone git@github.com:YOURUSER/.blueprint.git ~/.blueprint
ansible-playbook -i inventory --ask-become-pass main.yaml

Caution: Don't run ansible process in root! And don't forget to close your session if sudo is not needed anymore.

Coc Plugins

Run this after installation in vim to setup vim plugins:

:PlugInstall
:CocInstall coc-rust-analyzer coc-prettier coc-tsserver coc-go coc-pyright coc-snippets coc-go

MacOS

Install XCode 15 or higher from App Store. Then open XCode and install macOS SDK.

Docker has to be manually copied from attached disk image. This is to keep Alacritty unauthorized to access user Applications.

License

HGL, verified:

shasum -a 512 -c SHA512SUMS

Security Key

Share the YubiKey with WSL2 for Windows: https://learn.microsoft.com/en-us/windows/wsl/connect-usb

Use YubiKey for password less sudo:

mkdir -p ~/.config/Yubico
pamu2fcfg > ~/.config/Yubico/u2f_keys
pamu2fcfg -n >> ~/.config/Yubico/u2f_keys # with the spare key
sudo mv ~/.config/Yubico/u2f_keys /etc/Yubico/u2f_keys
sudo chown root:root -R /etc/Yubico/u2f_keys

Add a new key using:

pamu2fcfg -n | sudo tee -a /etc/Yubico/u2f_keys

Git signing

Add pubkeys to allowed_signers for git verification:

echo "$(git config --get user.email) namespaces=\"git\" $(cat ~/.ssh/vortex.pub)" >> ~/.ssh/allowed_signers

Windows

Run ansible in WSL2 for to run ansible on Windows native host:

export WIN_USER=YOUR_WINDOWS_USER
ansible-playbook -i inventory -e ansible_become_user=$WIN_USER -e ansible_user=$WIN_USER -e ansible_python_interpreter="C:\Users\$WIN_USER\.pyenv\pyenv-win\versions\3
.12.0\python.exe" main-Windows.yml

Secret Rotation

To rotate secrets, use ansible-vault:

ANSIBLE_VAULT_PASSWORD_FILE=<(vault -d vault) ansible-playbook -i inventory rotate.yaml

# or in Fish:
ANSIBLE_VAULT_PASSWORD_FILE=(vault -d vault | psub) ansible-playbook -i inventory rotate.yaml

About

Print your workstation wherever you are. The same thing, the same way, every time.

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages