boma/roles/dev_env
sjat 718781053f fix(dev_env): make concern tags reach included tasks (O8)
Dynamic include_tasks only filter on the include's own tags, not their
(untagged) contents — so `--tags packages` ran none of the neovim/oh-my-posh/
nodejs installs, and `--tags users|config` never entered per_user.yml. Add
`apply: tags:` to all four includes (mirroring base/tasks/main.yml) and tag the
dev_env__home getent+set_fact preflight `always` so a partial run still resolves
the home dir before the dotfile/stow tasks consume it.

Molecule: add a config-only converge play for a fresh user + a verify assertion.
Proven with `molecule converge -- --tags config` (idempotent, home resolved).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-14 19:06:15 +02:00
..
defaults dev_env: install Node.js from pinned tarball, drop npm bloat 2026-06-11 14:21:33 +02:00
files Add dev_env role: zsh/tmux/nvim for workstation-class hosts 2026-06-11 13:50:11 +02:00
handlers Add dev_env role: zsh/tmux/nvim for workstation-class hosts 2026-06-11 13:50:11 +02:00
meta Add dev_env role: zsh/tmux/nvim for workstation-class hosts 2026-06-11 13:50:11 +02:00
molecule/default fix(dev_env): make concern tags reach included tasks (O8) 2026-06-14 19:06:15 +02:00
tasks fix(dev_env): make concern tags reach included tasks (O8) 2026-06-14 19:06:15 +02:00
README.md dev_env: install Node.js from pinned tarball, drop npm bloat 2026-06-11 14:21:33 +02:00
requirements.yml Add dev_env role: zsh/tmux/nvim for workstation-class hosts 2026-06-11 13:50:11 +02:00

dev_env

Interactive developer environment for workstation-class boma hosts (ubongo, and later mamba). Gives the operator — and the claude agent user — a clean shell/editor setup over SSH: zsh + oh-my-zsh + oh-my-posh, tmux, and neovim.

This is not part of base. base is the security/infra baseline every host gets; dev_env is only for human workstation-class hosts and must never be applied to servers or service VMs.

What it does

  • Installs packages: zsh, tmux, git, stow, acl, build-essential, curl, ca-certificates, fzf, ripgrep, direnv (dev_env__packages).
  • Installs pinned neovim (dev_env__nvim_version), oh-my-posh (dev_env__omp_version) and Node.js (dev_env__node_version) from upstream releases (Node from the nodejs.org tarball — not Debian's npm, which pulls a ~400-package tree), plus the system-wide oh-my-posh theme /etc/oh-my-posh/zen.toml.
  • For each user in dev_env__users: sets the login shell to zsh, clones oh-my-zsh + custom plugins and the tmux/TPM plugins, and stows the dotfiles into ~.

Dotfiles

Real files under files/dotfiles/{zsh,tmux,nvim}/, deployed to ~/.dotfiles/ and symlinked into the home directory with GNU stow (not Jinja templates — so they stay editable as live configs). nvim plugins self-bootstrap via lazy.nvim on first launch; LSPs/formatters self-install via mason (no system LSP packages needed).

Variables

Variable Default Purpose
dev_env__users [] Users to configure. Set per group, e.g. group_vars/control → [sjat, claude]. Empty = no per-user work.
dev_env__nvim_version v0.12.2 Pinned neovim release.
dev_env__omp_version 29.0.1 Pinned oh-my-posh release.
dev_env__node_version v20.19.2 Pinned Node.js release (nodejs.org tarball; npm bundled).
dev_env__packages see defaults APT packages.
dev_env__omz_custom_plugins autosuggestions, syntax-highlighting Cloned into ~/.oh-my-zsh/custom/plugins.
dev_env__tmux_plugins tpm, tmux-sensible, vim-tmux-navigator, catppuccin@v1.0.3 Cloned into ~/.tmux/plugins.

Apply

make test ROLE=dev_env                 # Molecule (Debian 13)
make deploy PLAYBOOK=workstation       # applies to the control group (ubongo)

Provenance

Configs re-derived (ADR-013) from the heritage AnsibleBaobabV4 repo and the operator's live fisi setup, on boma's terms — V4's structure was not imported. No Nerd Font is installed (headless host; fonts are a client-side concern).