feat:❓ Random changes.

TechDufus · Sep 17, 2024 · 6e80db2 · 6e80db2
1 parent 75ee77f
commit 6e80db2
Show file tree

Hide file tree

Showing 14 changed files with 97 additions and 103 deletions.
diff --git a/bin/dotfiles b/bin/dotfiles
@@ -40,6 +40,7 @@ set -e
 # Paths
 VAULT_SECRET_FILE="$HOME/.ansible-vault/vault.secret"
 OP_INSTALLED=false
+OP_AUTHENTICATED=false
 OP_VAULT_SECRET=""
 ID=""
 DOTFILES_LOG="$HOME/.dotfiles.log"
@@ -184,10 +185,12 @@ update_ansible_galaxy() {
   _cmd "ansible-galaxy install -r $DOTFILES_DIR/requirements/common.yml $os_requirements"
 }
 
-function use_op_vault_if_possible() {
+function confirmVaultAccess() {
   __task "Checking for 1Password CLI"
   if op --version >/dev/null 2>&1; then
     OP_INSTALLED=true
+    _cmd "op vault list"
+    OP_AUTHENTICATED=true
   fi
 }
 
@@ -236,29 +239,15 @@ fi
 pushd "$DOTFILES_DIR" 2>&1 > /dev/null
 update_ansible_galaxy $ID
 
-use_op_vault_if_possible
+confirmVaultAccess
 
-__task "Running playbook ☕"; _task_done
 if [[ -n $OP_INSTALLED ]]; then
-      OP_VAULT_SECRET="$(op read 'op://Personal/Ansible Vault/password')"
-    if [[ -n $OP_VAULT_SECRET ]]; then
-      printf "${OVERWRITE}${LGREEN} [✓]  ${LGREEN}Using vault secret from 1Password${NC}\n"
-      rm -f $VAULT_SECRET_FILE
-    else
-      printf "${OVERWRITE}${LRED} [X]  ${LRED}No vault secret found in 1Password${NC}\n"
-fi
-fi
-if [[ -f $VAULT_SECRET_FILE ]]; then
-  printf "${OVERWRITE}${LGREEN} [✓]  ${LGREEN}Running playbook with vault secret ☕${NC}\n"
-  ansible-playbook --vault-password-file $VAULT_SECRET_FILE "$DOTFILES_DIR/main.yml" "$@"
-else
-  # if we have OP_VAULT_SECRET, we can use it as the vault password
-  if [[ -n $OP_VAULT_SECRET ]]; then
-    printf "${OVERWRITE}${LGREEN} [✓]  ${LGREEN}Running playbook with vault secret from 1Password ☕${NC}\n"
-    ansible-playbook --vault-password-file <(echo $OP_VAULT_SECRET) "$DOTFILES_DIR/main.yml" "$@"
-    unset OP_VAULT_SECRET
-  else
+  if [[ -n $OP_AUTHENTICATED ]]; then
+    printf "${OVERWRITE}${LGREEN} [✓]  ${LGREEN}Checking for 1Password CLI: 1Password Authentication successful! ☕${NC}\n"
+    rm -f $VAULT_SECRET_FILE
     ansible-playbook "$DOTFILES_DIR/main.yml" "$@"
+  else
+    printf "${OVERWRITE}${LRED} [X]  ${LRED}Checking for 1Password CLI: Unable to Authenticate with 1Password.${NC}\n"
   fi
 fi
 

diff --git a/group_vars/all.yml b/group_vars/all.yml
@@ -10,6 +10,7 @@ default_roles:
   - flatpak
   - fonts
   - fzf
+  - gh
   - git
   - go
   - hammerspoon
@@ -21,6 +22,7 @@ default_roles:
   - lsd
   - lua
   - nala
+  - ncdu
   - neofetch
   - neovim
   - nerdfetch
@@ -31,8 +33,9 @@ default_roles:
   - pwsh
   - python
   - raycast
-  - ruby
-  - rust
+  # - ruby
+  # - rust
+  - spotify
   - ssh
   - sshfs
   - starship
@@ -41,9 +44,9 @@ default_roles:
   - tldr
   - tmate
   - tmux
-  - tshark
-  - zellij
-  - spotify
+  # - tshark
+  - warp
+  # - zellij
   - zoxide
   - zsh
 
@@ -57,10 +60,11 @@ op:
   ssh:
     github:
       techdufus:
-        private_key: "op://Personal/TechDufus SSH/private key?ssh-format=openssh"
-        public_key: "op://Personal/TechDufus SSH/public key"
-  openai:
-    key: "op://Personal/Openai/OPENAI_KEY - Project"
+        - name: id_ed25519
+          vault_path: "op://Personal/TechDufus SSH"
+  shell:
+    - name: OPENAI_API_KEY
+      vault_path: "op://Personal/Openai/OPENAI_KEY - Project"
 
 flatpak_packages:
   - md.obsidian.Obsidian

diff --git a/roles/bash/tasks/main.yml b/roles/bash/tasks/main.yml
@@ -56,9 +56,17 @@
     mode: "0644"
     force: true
 
+- name: "Bash | Set bash_private init"
+  ansible.builtin.set_fact:
+    bash_private: {}
+  no_log: true
+
 - name: "Bash | Get private variables from Vault"
   when: op_installed
-  ansible.builtin.import_tasks: vault.yml
+  ansible.builtin.include_tasks: vault.yml
+  with_items: "{{ op.shell }}"
+  loop_control:
+    loop_var: secret
 
 - name: "Bash | Set private variables"
   ansible.builtin.template:

diff --git a/roles/bash/tasks/vault.yml b/roles/bash/tasks/vault.yml
@@ -1,19 +1,14 @@
 ---
 - name: "Bash | Get private variables from Vault"
-  ansible.builtin.command: "op read 'op://Personal/Openai/OPENAI_KEY - Project'"
-  register: op_openai_key
+  ansible.builtin.command: "op read '{{ secret.vault_path }}'"
+  register: op_secret
   changed_when: false
   no_log: true
 
-- name: "Bash | Set bash_private init"
-  ansible.builtin.set_fact:
-    bash_private: {}
-  no_log: true
-
 - name: "Bash | Set bash_private"
   ansible.builtin.set_fact:
     bash_private: "{{ bash_private | combine({ item.key: item.value }) }}"
   no_log: true
   with_items:
-    - key: OPENAI_API_KEY
-      value: "{{ op_openai_key.stdout }}"
+    - key: "{{ secret.name }}"
+      value: "{{ op_secret.stdout }}"
diff --git a/roles/orbstack/tasks/MacOSX.yml b/roles/orbstack/tasks/MacOSX.yml
@@ -18,6 +18,6 @@
 #     state: present
 
 - name: "OrbStack | MacOSX | Install OrbStack"
-  ansible.builtin.homebrew_cask:
+  community.general.homebrew_cask:
     name: orbstack
     state: present
diff --git a/roles/ssh/tasks/main.yml b/roles/ssh/tasks/main.yml
@@ -1,44 +1,8 @@
 ---
 - name: "SSH | Deploy SSH keys from Vault"
   when: op_installed
-  block:
-    - name: "SSH | Get [TechDufus SSH] key from Vault"
-      ansible.builtin.command: "op read '{{ op.ssh.github.techdufus.private_key }}'"
-      register: op_techdufus_ssh_priv_key
-      changed_when: false
-      no_log: true
-
-    - name: "SSH | Get [TechDufus SSH] public key from Vault"
-      ansible.builtin.command: "op read '{{ op.ssh.github.techdufus.public_key }}'"
-      register: op_techdufus_ssh_pub_key
-      changed_when: false
-      no_log: true
-
-    - name: "SSH | ssh_key_item init"
-      ansible.builtin.set_fact:
-        ssh_key: {}
-      no_log: true
-
-      # NOTE: adding \n to end of priv keys is required when pulling from 1password.
-    - name: "SSH | Set ssh_key"
-      ansible.builtin.set_fact:
-        ssh_key: "{{ ssh_key | combine({item.key: item.value}) }}"
-      no_log: true
-      with_items:
-        - key: id_ed25519
-          value: "{{ op_techdufus_ssh_priv_key.stdout }}\n"
-        - key: id_ed25519.pub
-          value: "{{ op_techdufus_ssh_pub_key.stdout }}"
-
-- name: "SSH | Copy SSH keys"
-  ansible.builtin.copy:
-    dest: "{{ ansible_user_dir }}/.ssh/{{ ssh_key_item.key }}"
-    content: "{{ ssh_key_item.value }}"
-    mode: "0600"
-  no_log: true
-  loop_control:
-    loop_var: ssh_key_item
-  with_items: "{{ ssh_key | default({}) | dict2items }}"
+  ansible.builtin.include_tasks: ssh_keys.yml
+  with_items: "{{ op.ssh.github.techdufus }}"
 
 # - name: Copy config
 #   ansible.builtin.template:

diff --git a/roles/ssh/tasks/ssh_keys.yml b/roles/ssh/tasks/ssh_keys.yml
@@ -0,0 +1,27 @@
+- name: "SSH | Get [{{ item.name }}] key from Vault"
+  ansible.builtin.command: "op read '{{ item.vault_path }}/private_key?ssh-format=openssh'"
+  register: op_private_key
+  changed_when: false
+  no_log: true
+
+- name: "SSH | Get [{{ item.name }}] public key from Vault"
+  ansible.builtin.command: "op read '{{ item.vault_path }}/public_key'"
+  register: op_public_key
+  changed_when: false
+  no_log: true
+
+- name: "SSH | Copy SSH keys"
+  block:
+    - name: "SSH | Deploy [{{ item.name }}] private key"
+      ansible.builtin.copy:
+        dest: "{{ ansible_user_dir }}/.ssh/{{ item.name }}"
+        content: "{{ op_private_key.stdout }}\n"
+        mode: "0600"
+      no_log: true
+
+    - name: "SSH | Deploy [{{ item.name }}] public key"
+      ansible.builtin.copy:
+        dest: "{{ ansible_user_dir }}/.ssh/{{ item.name }}.pub"
+        content: "{{ op_public_key.stdout }}"
+        mode: "0644"
+      no_log: true
diff --git a/roles/sshfs/tasks/MacOSX.yml b/roles/sshfs/tasks/MacOSX.yml
diff --git a/roles/starship/files/starship.toml b/roles/starship/files/starship.toml
@@ -99,8 +99,9 @@ $directory\
 $character"""
 
 
-# format = """$os$directory$character"""
-# right_format = """$all"""
+# format = """$all$os$shell$directory$character"""
+# right_format = '${custom.giturl}${custom.docker}'
+# continuation_prompt = '▶▶ '
 
 # Sets user-defined palette
 # Palettes must be defined _after_ this line
@@ -439,6 +440,9 @@ zsh_indicator = " "
 [swift]
 symbol = " "
 
+[time]
+disabled = true
+
 [username]
 disabled = false
 format = '[$user]($style) '

diff --git a/roles/zsh/files/.zshrc b/roles/zsh/files/.zshrc
@@ -80,7 +80,6 @@ plugins=(
   command-not-found
   docker
   fzf
-  git
   gh
   golang
   helm
@@ -93,8 +92,8 @@ plugins=(
   starship
   terraform
   themes
-  timer
   zoxide
+  zsh-autosuggestions
 )
 
 source $ZSH/oh-my-zsh.sh

diff --git a/roles/zsh/files/zsh/git_aliases.zsh b/roles/zsh/files/zsh/git_aliases.zsh
@@ -1,10 +1,9 @@
 #!/usr/bin/env zsh
 
-alias yolo="git push origin master --force --no-verify"
-alias g='git'
 alias gs='git status'
 alias gcane='git commit --amend --no-edit'
 alias gc="git checkout"
+alias gd="git diff"
 
 alias ggl="git log --graph --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%an%C(reset)%C(bold yellow)%d%C(reset) %C(dim white)- %s%C(reset)' --all"
 

diff --git a/roles/zsh/files/zsh/misc_aliases.zsh b/roles/zsh/files/zsh/misc_aliases.zsh
@@ -4,3 +4,4 @@ alias bt='btop'
 alias comment-header='toilet -f pagga -S'
 alias i='explorer.exe'
 alias ncdu='ncdu --color dark -e -q --exclude-caches --exclude-kernfs -L'
+alias c='clear'
diff --git a/roles/zsh/tasks/main.yml b/roles/zsh/tasks/main.yml
@@ -36,14 +36,21 @@
     - name: "ZSH | Run the install script"
       ansible.builtin.script:
         cmd: /{{ ansible_user_dir }}/oh-my-zsh.install.sh --unattended
-#
+
+- name: "ZSH | Install zsh-autosuggestions"
+  ansible.builtin.git:
+    repo: https://github.com/zsh-users/zsh-autosuggestions
+    dest: ~/.oh-my-zsh/custom/plugins/zsh-autosuggestions
+    update: true
+    depth: 1
+
 - name: "ZSH | Copy .zshrc"
   ansible.builtin.copy:
     src: ".zshrc"
     dest: "{{ ansible_user_dir }}/.zshrc"
     mode: "0644"
 #
-# - name: "Bash | Copy .profile"
+# - name: "ZSH | Copy .profile"
 #   ansible.builtin.copy:
 #     src: ".profile"
 #     dest: "{{ ansible_user_dir }}/.profile"
@@ -57,9 +64,17 @@
     directory_mode: "0755"
     force: true
 
+- name: "ZSH | Set zsh_private init"
+  ansible.builtin.set_fact:
+    zsh_private: {}
+  no_log: true
+
 - name: "ZSH | Get private variables from Vault"
   when: op_installed
-  ansible.builtin.import_tasks: vault.yml
+  ansible.builtin.include_tasks: vault.yml
+  with_items: "{{ op.shell }}"
+  loop_control:
+    loop_var: secret
 
 - name: "ZSH | Set private variables"
   ansible.builtin.template:

diff --git a/roles/zsh/tasks/vault.yml b/roles/zsh/tasks/vault.yml
@@ -1,19 +1,14 @@
 ---
 - name: "ZSH | Get private variables from Vault"
-  ansible.builtin.command: "op read '{{ op.openai.key }}'"
-  register: op_openai_key
+  ansible.builtin.command: "op read '{{ secret.vault_path }}'"
+  register: op_secret
   changed_when: false
   no_log: true
 
-- name: "ZSH | Set zsh_private init"
-  ansible.builtin.set_fact:
-    zsh_private: {}
-  no_log: true
-
 - name: "ZSH | Set zsh_private"
   ansible.builtin.set_fact:
     zsh_private: "{{ zsh_private | combine({ item.key: item.value }) }}"
   no_log: true
   with_items:
-    - key: OPENAI_API_KEY
-      value: "{{ op_openai_key.stdout }}"
+    - key: "{{ secret.name }}"
+      value: "{{ op_secret.stdout }}"