boma/roles/dev_env
sjat 9b5851ba4b chore(roles): role/test hygiene from review (O16,O17,O25,O26)
- dev_env .zshrc: drop the rclone alias (not installed) and guard the direnv
  hook with `command -v direnv` so a missing direnv doesn't error every shell (O16)
- dev_env oh-my-posh: tag the zen.toml theme deploy `config` (it renders config to
  disk like the per_user dotfiles); the include now carries packages+config so a
  `--tags config` run re-renders the theme while the binary install stays packages
  only (O17). Verified via `molecule converge -- --tags config`.
- drop the non-vocabulary `tags: [verify]` from molecule verify playbooks across
  base/docker_host/public_dns/reverse_proxy (check-tags exempts molecule anyway) (O25)
- reverse_proxy templates: add the `{{ ansible_managed }}` header (ADR-024 §1.2) (O26)

make lint green; dev_env + reverse_proxy molecule green.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-14 19:31:23 +02:00
..
defaults dev_env: install Node.js from pinned tarball, drop npm bloat 2026-06-11 14:21:33 +02:00
files chore(roles): role/test hygiene from review (O16,O17,O25,O26) 2026-06-14 19:31:23 +02:00
handlers Add dev_env role: zsh/tmux/nvim for workstation-class hosts 2026-06-11 13:50:11 +02:00
meta Add dev_env role: zsh/tmux/nvim for workstation-class hosts 2026-06-11 13:50:11 +02:00
molecule/default fix(dev_env): make concern tags reach included tasks (O8) 2026-06-14 19:06:15 +02:00
tasks chore(roles): role/test hygiene from review (O16,O17,O25,O26) 2026-06-14 19:31:23 +02:00
README.md dev_env: install Node.js from pinned tarball, drop npm bloat 2026-06-11 14:21:33 +02:00
requirements.yml Add dev_env role: zsh/tmux/nvim for workstation-class hosts 2026-06-11 13:50:11 +02:00

dev_env

Interactive developer environment for workstation-class boma hosts (ubongo, and later mamba). Gives the operator — and the claude agent user — a clean shell/editor setup over SSH: zsh + oh-my-zsh + oh-my-posh, tmux, and neovim.

This is not part of base. base is the security/infra baseline every host gets; dev_env is only for human workstation-class hosts and must never be applied to servers or service VMs.

What it does

  • Installs packages: zsh, tmux, git, stow, acl, build-essential, curl, ca-certificates, fzf, ripgrep, direnv (dev_env__packages).
  • Installs pinned neovim (dev_env__nvim_version), oh-my-posh (dev_env__omp_version) and Node.js (dev_env__node_version) from upstream releases (Node from the nodejs.org tarball — not Debian's npm, which pulls a ~400-package tree), plus the system-wide oh-my-posh theme /etc/oh-my-posh/zen.toml.
  • For each user in dev_env__users: sets the login shell to zsh, clones oh-my-zsh + custom plugins and the tmux/TPM plugins, and stows the dotfiles into ~.

Dotfiles

Real files under files/dotfiles/{zsh,tmux,nvim}/, deployed to ~/.dotfiles/ and symlinked into the home directory with GNU stow (not Jinja templates — so they stay editable as live configs). nvim plugins self-bootstrap via lazy.nvim on first launch; LSPs/formatters self-install via mason (no system LSP packages needed).

Variables

Variable Default Purpose
dev_env__users [] Users to configure. Set per group, e.g. group_vars/control → [sjat, claude]. Empty = no per-user work.
dev_env__nvim_version v0.12.2 Pinned neovim release.
dev_env__omp_version 29.0.1 Pinned oh-my-posh release.
dev_env__node_version v20.19.2 Pinned Node.js release (nodejs.org tarball; npm bundled).
dev_env__packages see defaults APT packages.
dev_env__omz_custom_plugins autosuggestions, syntax-highlighting Cloned into ~/.oh-my-zsh/custom/plugins.
dev_env__tmux_plugins tpm, tmux-sensible, vim-tmux-navigator, catppuccin@v1.0.3 Cloned into ~/.tmux/plugins.

Apply

make test ROLE=dev_env                 # Molecule (Debian 13)
make deploy PLAYBOOK=workstation       # applies to the control group (ubongo)

Provenance

Configs re-derived (ADR-013) from the heritage AnsibleBaobabV4 repo and the operator's live fisi setup, on boma's terms — V4's structure was not imported. No Nerd Font is installed (headless host; fonts are a client-side concern).