feat: add Vagrant file and provisioning scripts

ansible/files/atuin.toml

@@ -0,0 +1,6 @@
+dialect = "uk"
+update_check = false
+filter_mode_shell_up_key_binding = "session"
+style = "compact"
+show_preview = true
+enter_accept = true

ansible/files/bind-options

@@ -0,0 +1,6 @@
+options {
+        directory "/var/cache/bind";
+        forward only;			// Never try resolving other domains
+        forwarders { 127.0.0.53; };	// Forward everything to systemd-resolved
+        dnssec-validation yes;		// systemd-resolved *requires* DNSSEC
+};

ansible/files/domains.j2

@@ -0,0 +1,28 @@
+include "/etc/bind/tf-key.conf"; // Load Terraform key
+
+// Main domain
+zone "{{ domain_name }}" in {
+    type master;
+    file "/var/lib/bind/db.{{ domain_name }}";
+    update-policy {
+      grant {{ update_key }} subdomain {{ domain_name }}. A CNAME;
+    };
+};
+
+// Reverse DNS for {{ back_net }}/24
+zone "{{ back_arpa }}" in {
+    type master;
+    file "/var/lib/bind/db.{{ back_arpa }}";
+    update-policy {
+      grant {{ update_key }} subdomain {{ back_arpa }}. PTR;
+    };
+};
+
+// Reverse DNS for {{ front_net }}/24
+zone "{{ front_arpa }}" in {
+    type master;
+    file "/var/lib/bind/db.{{ front_arpa }}";
+    update-policy {
+      grant {{ update_key }} subdomain {{ front_arpa }}. PTR;
+    };
+};

ansible/files/gitconfig

@@ -0,0 +1,30 @@
+[pull]
+	ff = only
+
+[init]
+	defaultBranch = master
+
+[core]
+        pager = delta --line-numbers
+
+[delta]
+        commit-decoration-style = bold box
+        dark = true
+        file-decoration-style = none
+        file-style = omit
+        hunk-header-decoration-style = "#cfd6ff" box
+        hunk-header-file-style = bold "#FFFF7F"
+        hunk-header-line-number-style = bold "#3388ff"
+        hunk-header-style = file line-number syntax
+        line-numbers = true
+        line-numbers-left-style = "#033b5f"
+        line-numbers-minus-style = "#a61142"
+        line-numbers-plus-style = "#0d800d"
+        line-numbers-right-style = "#033b5f"
+        line-numbers-zero-style = "#cccccc"
+        minus-emph-style = normal "#80002a"
+        minus-style = syntax "#1f1f1f"
+        plus-emph-style = normal "#003300"
+        plus-style = syntax "#1f1f1f"
+        side-by-side = false
+        syntax-theme = Nord

ansible/files/iptables

@@ -0,0 +1,7 @@
+*nat
+:PREROUTING ACCEPT [0:0]
+:INPUT ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+-A POSTROUTING -o eth0 -j MASQUERADE
+COMMIT

ansible/files/keyboard

@@ -0,0 +1,5 @@
+XKBMODEL="pc105"
+XKBLAYOUT="fr"
+XKBVARIANT="latin9"
+XKBOPTIONS=""
+BACKSPACE="guess"

ansible/files/locale.j2

@@ -0,0 +1,15 @@
+LANG={{ locale }}
+LANGUAGE={{ locale }}
+LC_CTYPE={{ locale }}
+LC_NUMERIC={{ locale }}
+LC_TIME={{ locale }}
+LC_COLLATE={{ locale }}
+LC_MONETARY={{ locale }}
+LC_MESSAGES={{ locale }}
+LC_PAPER={{ locale }}
+LC_NAME={{ locale }}
+LC_ADDRESS={{ locale }}
+LC_TELEPHONE={{ locale }}
+LC_MEASUREMENT={{ locale }}
+LC_IDENTIFICATION={{ locale }}
+LC_ALL={{ locale }}

ansible/files/resize.sh

@@ -0,0 +1,59 @@
+#!/bin/bash
+# Steps:
+# 1) Make sure bash is available
+# 2) Create udev rule
+# - path to new udev rule: /etc/udev/rules.d/50-x-resize.rules
+# - udev rule content: 
+# ACTION=="change",KERNEL=="card0", SUBSYSTEM=="drm", RUN+="/usr/local/bin/x-resize" 
+# 3) Create /var/log/autores directory
+# 4) Create script /usr/local/bin/x-resize (this file) and make executable
+# 5) Reload udev rules with `sudo udevadm control --reload-rules`
+# 6) Make sure auto-resize is enabled in virt-viewer/spicy
+# 7) Make sure qemu-guest-agent spice-vdagent xserver-xspice xserver-xorg-video-qxl  are installed
+# 8) Make sure spice-vdagentd is loaded and running fine
+# Debugging:
+# - Watch udev events on resize with `udevadm monitor`
+# - Watch dmesg (may not be super useful) with `dmesg -w`
+# - Watch autores logs with `tail -f /var/log/autores/autores.log`
+# Credits:
+# - Credit for Finding Sessions as Root: https://unix.stackexchange.com/questions/117083/how-to-get-the-list-of-all-active-x-sessions-and-owners-of-them
+# - Credit for Resizing via udev: https://superuser.com/questions/1183834/no-auto-resize-with-spice-and-virt-manager
+
+## Ensure Log Directory Exists
+LOG_DIR=/var/log/autores;
+if [ ! -d $LOG_DIR ]; then
+    mkdir $LOG_DIR;
+fi
+LOG_FILE=${LOG_DIR}/autores.log
+
+## Function to find User Sessions & Resize their display
+function x_resize() {
+    declare -A disps usrs
+    usrs=()
+    disps=()
+
+    for i in $(users);do
+        [[ $i = root ]] && continue # skip root
+        usrs[$i]=1
+    done
+
+    for u in "${!usrs[@]}"; do
+        for i in $(sudo ps e -u "$u" | sed -rn 's/.* DISPLAY=(:[0-9]*).*/\1/p');do
+            disps[$i]=$u
+        done
+    done
+
+    for d in "${!disps[@]}";do
+	    session_user="${disps[$d]}"
+	    session_display="$d"
+	    session_output=$(sudo -u "$session_user" PATH=/usr/bin DISPLAY="$session_display" xrandr | awk '/ connected/{print $1; exit; }')
+	    echo "Session User: $session_user" | tee -a $LOG_FILE;
+	    echo "Session Display: $session_display" | tee -a $LOG_FILE;
+	    echo "Session Output: $session_output" | tee -a $LOG_FILE;
+	    sudo -u "$session_user" PATH=/usr/bin DISPLAY="$session_display" xrandr --output "$session_output" --auto | tee -a $LOG_FILE;
+    done
+}
+
+echo "Resize Event: $(date)" | tee -a $LOG_FILE
+x_resize
+

ansible/files/resolved.conf.j2

@@ -0,0 +1,3 @@
+[Resolve]
+Domains=~{{ domain_name }} ~{{ back_arpa }} ~{{ front_arpa }} {{ domain_name }}
+DNS=127.0.0.1

ansible/files/ssh_config

@@ -0,0 +1,3 @@
+StrictHostKeyChecking no
+UserKnownHostsFile /dev/null
+LogLevel ERROR

ansible/files/tf-key.conf.j2

@@ -0,0 +1,4 @@
+key "{{ update_key }}." {
+  algorithm hmac-sha512;
+  secret "{{ lookup( 'env', 'VMNET_BIND_KEY' ) }}";
+}

ansible/files/user-dirs.dirs

@@ -0,0 +1,8 @@
+XDG_DESKTOP_DIR="$HOME/"
+XDG_DOCUMENTS_DIR="$HOME/"
+XDG_DOWNLOAD_DIR="$HOME/Download/"
+XDG_MUSIC_DIR="$HOME/"
+XDG_PICTURES_DIR="$HOME/"
+XDG_PUBLICSHARE_DIR="$HOME/"
+XDG_TEMPLATES_DIR="$HOME/"
+XDG_VIDEOS_DIR="$HOME/"

ansible/files/zf-domain.j2

@@ -0,0 +1,15 @@
+$ORIGIN .
+$TTL 21600
+{{ domain_name }} IN SOA vm-host.{{ domain_name }}. lol.mail.hostmaster.ici.osef. (
+                1          ; serial
+                86400      ; refresh (1 day)
+                3600       ; retry (1 hour)
+                2419200    ; expire (4 weeks)
+                360        ; negative ttl (5 minutes)
+                )
+            IN NS  vm-host.{{ domain_name }}.
+	    IN A    {{ ( back_net ~ "/24" ) | ansible.utils.ipaddr("1") | ansible.utils.ipaddr("address") }}
+	    IN MX 1 {{ ( back_net ~ "/24" ) | ansible.utils.ipaddr("1") | ansible.utils.ipaddr("address") }}
+$ORIGIN {{ domain_name }}.
+vm-host     IN A    {{ ( back_net ~ "/24" ) | ansible.utils.ipaddr("1") | ansible.utils.ipaddr("address") }}
+vm-host-f   IN A    {{ ( front_net ~ "/24" ) | ansible.utils.ipaddr("1") | ansible.utils.ipaddr("address") }}

ansible/files/zf-reverse.j2

@@ -0,0 +1,12 @@
+$ORIGIN .
+$TTL 21600
+{{ item.arpa }} IN SOA vm-host.{{ domain_name }}. lol.mail.hostmaster.ici.osef. (
+                1          ; serial
+                86400      ; refresh (1 day)
+                3600       ; retry (1 hour)
+                2419200    ; expire (4 weeks)
+                360        ; negative ttl (5 minutes)
+                )
+            IN NS  vm-host.{{ domain_name }}.
+$ORIGIN {{ item.arpa }}.
+1 IN PTR {{ item.host }}.{{ domain_name }}.

ansible/files/zshrc

@@ -0,0 +1,79 @@
+# Path
+export PATH=$HOME/.local/bin:$PATH
+
+# Bash-like word boundaries
+autoload -U select-word-style
+select-word-style bash
+
+# Use antigen
+source $HOME/.local/share/zsh/antigen.zsh
+
+# Load various plugins
+antigen bundle Aloxaf/fzf-tab
+antigen bundle clarketm/zsh-completions
+antigen bundle git
+antigen bundle mattberther/zsh-pyenv
+antigen bundle ellie/atuin@v{{ atuin_version }}
+antigen bundle pip
+antigen bundle pyenv
+antigen bundle zimfw/asdf
+antigen bundle zsh-users/zsh-syntax-highlighting
+antigen bundle zsh-users/zsh-autosuggestions
+
+# Load the powerlevel10k theme
+antigen theme romkatv/powerlevel10k
+
+# Apply plugins
+antigen apply
+
+# Powerline10k customization
+[[ ! -f ~/.local/share/zsh/p10k.zsh ]] || source ~/.local/share/zsh/p10k.zsh
+
+# History file
+HISTFILE=$HOME/.zhistory
+SAVEHIST=10000
+HISTSIZE=10000
+setopt appendhistory
+setopt inc_append_history
+
+# Tab completion on empty line
+zstyle ':completion:*' insert-tab pending
+
+# Ctrl+Left/Right
+bindkey "^[[1;5C" forward-word
+bindkey "^[[1;5D" backward-word
+# Home/End
+bindkey '\e[1~' beginning-of-line
+bindkey '\e[4~' end-of-line
+# Comments should be ignored
+setopt interactivecomments
+
+# LS colors if available
+if [ -x /usr/bin/dircolors ]; then
+    test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
+    alias ls='ls --color=auto'
+fi
+
+# Grep colors
+if grep -q --color=auto t 2>/dev/null <<<t
+then
+        alias grep='grep --color=auto'
+fi
+
+# The classics
+alias ll='ls -l'
+alias la='ls -A'
+alias l='ls -CF'
+alias cp='cp -i'
+alias rm='rm -i'
+alias mv='mv -i'
+
+# Pyenv venv aliases
+export PYENV_VIRTUALENV_DISABLE_PROMPT=1
+alias mkvirtualenv="pyenv virtualenv"
+alias rmvirtualenv="pyenv virtualenv-delete"
+alias workon="pyenv activate"
+
+# Various utilities
+alias gl="git log --graph --pretty=format:'%C(yellow)%h%Creset%C(cyan)%C(bold)%d%Creset %C(cyan)(%cr)%Creset %C(green)%ce%Creset %s'"
+alias cat="batcat -p"