sjat
9b5851ba4b
- dev_env .zshrc: drop the rclone alias (not installed) and guard the direnv
hook with `command -v direnv` so a missing direnv doesn't error every shell (O16)
- dev_env oh-my-posh: tag the zen.toml theme deploy `config` (it renders config to
disk like the per_user dotfiles); the include now carries packages+config so a
`--tags config` run re-renders the theme while the binary install stays packages
only (O17). Verified via `molecule converge -- --tags config`.
- drop the non-vocabulary `tags: [verify]` from molecule verify playbooks across
base/docker_host/public_dns/reverse_proxy (check-tags exempts molecule anyway) (O25)
- reverse_proxy templates: add the `{{ ansible_managed }}` header (ADR-024 §1.2) (O26)
make lint green; dev_env + reverse_proxy molecule green.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| defaults | ||
| files | ||
| handlers | ||
| meta | ||
| molecule/default | ||
| tasks | ||
| README.md | ||
| requirements.yml | ||
dev_env
Interactive developer environment for workstation-class boma hosts (ubongo, and
later mamba). Gives the operator — and the claude agent user — a clean shell/editor
setup over SSH: zsh + oh-my-zsh + oh-my-posh, tmux, and neovim.
This is not part of base. base is the security/infra baseline every host gets;
dev_env is only for human workstation-class hosts and must never be applied to servers
or service VMs.
What it does
- Installs packages:
zsh, tmux, git, stow, acl, build-essential, curl, ca-certificates, fzf, ripgrep, direnv(dev_env__packages). - Installs pinned neovim (
dev_env__nvim_version), oh-my-posh (dev_env__omp_version) and Node.js (dev_env__node_version) from upstream releases (Node from the nodejs.org tarball — not Debian'snpm, which pulls a ~400-package tree), plus the system-wide oh-my-posh theme/etc/oh-my-posh/zen.toml. - For each user in
dev_env__users: sets the login shell to zsh, clones oh-my-zsh + custom plugins and the tmux/TPM plugins, and stows the dotfiles into~.
Dotfiles
Real files under files/dotfiles/{zsh,tmux,nvim}/, deployed to ~/.dotfiles/ and
symlinked into the home directory with GNU stow (not Jinja templates — so they stay
editable as live configs). nvim plugins self-bootstrap via lazy.nvim on first launch;
LSPs/formatters self-install via mason (no system LSP packages needed).
Variables
| Variable | Default | Purpose |
|---|---|---|
dev_env__users |
[] |
Users to configure. Set per group, e.g. group_vars/control → [sjat, claude]. Empty = no per-user work. |
dev_env__nvim_version |
v0.12.2 |
Pinned neovim release. |
dev_env__omp_version |
29.0.1 |
Pinned oh-my-posh release. |
dev_env__node_version |
v20.19.2 |
Pinned Node.js release (nodejs.org tarball; npm bundled). |
dev_env__packages |
see defaults | APT packages. |
dev_env__omz_custom_plugins |
autosuggestions, syntax-highlighting | Cloned into ~/.oh-my-zsh/custom/plugins. |
dev_env__tmux_plugins |
tpm, tmux-sensible, vim-tmux-navigator, catppuccin@v1.0.3 | Cloned into ~/.tmux/plugins. |
Apply
make test ROLE=dev_env # Molecule (Debian 13)
make deploy PLAYBOOK=workstation # applies to the control group (ubongo)
Provenance
Configs re-derived (ADR-013) from the heritage AnsibleBaobabV4 repo and the operator's
live fisi setup, on boma's terms — V4's structure was not imported. No Nerd Font is
installed (headless host; fonts are a client-side concern).