kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-12-02 15:39:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8314d7e6a6a250b8ac73cf2acd205ded9a4c63ed
computer-playbook/roles/desk-ssh
History
Kevin Veen-Birkenbach e09f561f0b Refactor run-once orchestration and bootstrap Mailu/Mastodon in a single deploy 
- Replace legacy utils/run_once.yml with the new helpers utils/once_flag.yml and utils/once_finalize.yml
- Introduce utils/compose_up.yml to ensure docker-compose stacks are up and to flush handlers safely without coupling to run-once flags
- Migrate all affected roles (desk-*, dev-*, sys-ctl-*, sys-svc-*, web-app-*, web-svc-*, util-*) to the new run-once helpers
- Rework sys-svc-msmtp to auto-load Mailu once per deploy, check reachability, and reuse the running stack instead of requiring multiple playbook passes
- Adjust web-app-mailu to integrate cert deployment, handler flushing, and run-once handling so Mailu is fully initialized in a single deploy
- Improve Matomo, CDN, logout and CSP/health-check related roles to cooperate with the new compose_up / once_* pattern
- Simplify alarm/backup/timer/service orchestration (sys-ctl-alm-*, sys-bkp-provider, sys-timer-cln-bkps, etc.) by moving run-once logic into dedicated 01_core.yml files
- Update integration tests so utils/once_flag.yml and utils/once_finalize.yml are recognised as valid run-once providers, keeping the global run_once_* guarantees consistent
- Align frontend injection and service dependencies so Mastodon- and Mailu-related services can be brought up coherently within a single deployment cycle rather than several iterations
2025-12-01 13:30:50 +01:00
..
config
meta
Replaced .infinito.service and .infinito.timer by SOFTWARE_NAME suffix, optimized LICENSE link and update OIDC Realm and ID conf
2025-08-14 14:39:18 +02:00
tasks
Refactor run-once orchestration and bootstrap Mailu/Mastodon in a single deploy
2025-12-01 13:30:50 +01:00
templates
vars
README.md
Replaced .infinito.service and .infinito.timer by SOFTWARE_NAME suffix, optimized LICENSE link and update OIDC Realm and ID conf
2025-08-14 14:39:18 +02:00

README.md

SSH Agent 🔐

Description

This Ansible role ensures a functional and persistent SSH Agent setup on Arch Linux (Manjaro) systems running GNOME with Wayland. It manages SSH configuration by cloning a remote Git repository into the user's ~/.ssh directory and sets up a systemd user service to start the SSH agent automatically at login.

To understand the broader context of SSH, read more on Wikipedia SSH or visit the official OpenSSH project.

This role was designed and validated in the context of this discussion on configuring SSH agents for KeePassXC compatibility under Wayland sessions.

Overview

This role is intended for Manjaro/Arch systems where gnome-keyring no longer reliably manages ssh-agent due to changes in behavior under Wayland. It works by deploying a systemd --user service, making SSH Agent integration predictable and independent of graphical environment quirks.

Purpose

The purpose of this role is to automate the provisioning of SSH agent capabilities and synchronize the .ssh directory from a Git repository. This enables users to access private repositories or authenticate with remote servers immediately after login.

Features

  • Clones a remote SSH config repository into ~/.ssh using the desk-git role.
  • Deploys and enables a systemd user service for ssh-agent.
  • Ensures environment compatibility by injecting the SSH_AUTH_SOCK variable into either .bash_profile or .profile.
  • Fails gracefully with an optional debug message if the Git repository is unreachable.
  • KeePassXC ready: Ensures compatibility with password managers that support SSH agent integration.

Credits 📝

Developed and maintained by Kevin Veen-Birkenbach.
Learn more at www.veen.world

Part of the Infinito.Nexus Project
License: Infinito.Nexus NonCommercial License

Reference in New Issue View Git Blame Copy Permalink