feat: add custom instructions, refactor sway and mkinitcpio

.github/copilot-instructions.md

@@ -0,0 +1,98 @@
+# Copilot Instructions - Archlinux Ansible Provisioner
+
+## Project Overview
+This is an Ansible-based provisioner for setting up complete Archlinux systems with desktop environments, development tools, and personal configurations. It operates in two phases: **bootstrap** (initial system setup from live USB) and **system** (post-installation configuration).
+
+## Architecture & Workflow
+
+### Two-Phase Installation
+1. **Bootstrap Phase**: Runs from Archlinux live USB to install base system via `pacstrap`
+   - Command: `make bootstrap CONFIG=./config/default.yaml`
+   - Configures locale, timezone, users, disk encryption (LUKS + BTRFS)
+
+2. **System Phase**: Runs on installed system for desktop environment and packages
+   - Command: `make local-install CONFIG=./config/default.yaml`
+   - Installs GNOME/Sway/i3, development tools, SparkFabrik-specific configurations
+
+### Role-Based Structure
+All functionality is organized in `playbooks/roles/`:
+- `bootstrap/`: Base system installation and user creation
+- `system/`: Core services (audio, bluetooth, printing, power management)
+- `packages/`: Software installation organized by category (development.yml, multimedia.yml, etc.)
+- `gnome/`: Desktop environment with extensions and dconf settings
+- `docker/`: Container runtime with custom network tools
+- `nvidia/amd/`: Graphics driver installation with hybrid graphics support
+- `sparkfabrik/`: Company-specific tools, wallpapers, and configurations
+
+## Configuration System
+
+### YAML Schema Validation
+- Configuration in `config/default.yaml` validated against `config/schemas/configuration.schema.yaml`
+- Use `make validate-json-schema` before any installation
+- Desktop environments are conditionally enabled via config flags (`desktop.gnome`, `desktop.sway`, etc.)
+
+### Key Configuration Patterns
+```yaml
+system:
+  hostname: paolo
+  username: paolo
+  kernel: standard  # or zen, lts, hardened
+desktop:
+  gnome:
+    extensions: [list-of-extension-ids]
+    keybindings:
+      open_terminal_shortcut: "<Super>Return"
+    dconf:
+      use_mouse_natural_scroll: true
+```
+
+## Development Workflows
+
+### Local Testing & Iteration
+- `make local-install-tags TAGS=gnome-config` - Run specific role tags
+- `make local-install-apps` - Install only packages role
+- `make regenerate-mkinitcpio-grub` - Rebuild bootloader after kernel changes
+
+### Package Management Patterns
+- Official packages: `community.general.pacman` module
+- AUR packages: `kewlfft.aur.aur` module with `paru` helper
+- Special `aur_builder` user created for AUR installations without sudo password
+
+### Docker-Based Tooling
+- `make build-docker-tools` - Build validation container with Node.js tools
+- `make validate-json-schema` - Validate configuration files
+- `make yaml-to-json` - Convert YAML templates to JSON
+
+## Key Conventions
+
+### Task Organization
+- Each role's `main.yml` imports category-specific task files
+- Use descriptive block names with appropriate tags: `[packages, dev, cloudnative]`
+- Hardware-specific roles (nvidia, amd, logitech) use feature detection
+
+### File Management
+- Custom scripts and binaries in `files/bin/` directories
+- Desktop environment configs in role-specific `files/` subdirectories
+- System configuration files in `system/files/` (mkinitcpio.conf, systemd services)
+
+### Conditional Logic
+- Use `when:` conditions for hardware detection (e.g., nvidia-prime for hybrid graphics)
+- Enable desktop environments via configuration flags, not hardcoded values
+- Company-specific features controlled by `sparkfabrik: true` flag
+
+## Critical Integration Points
+
+### Disk Encryption & BTRFS
+- LUKS encryption with BTRFS subvolumes: `@`, `@home`, `@snapshots`, `@home.snapshots`
+- Bootloader installation varies by encryption: `install-grub-with-encryption` vs `install-grub-no-encryption`
+
+### Chroot Operations
+- System phase runs inside `arch-chroot /mnt` during initial installation
+- Files copied to `/mnt/root/provisioner` before chroot execution
+
+### AUR Package Installation
+- Creates temporary `aur_builder` user with sudo privileges for makepkg/pacman
+- All AUR operations must use `become_user: aur_builder`
+- Paru AUR helper installed automatically if not present
+
+When modifying this provisioner, ensure configuration schema validation passes and test changes with tag-specific runs before full system installation.

config/default.yaml.tpl

@@ -4,8 +4,6 @@ system:
   username: foobar
   kernel: standard # standard|lts|zen
   timezone: Europe/Rome
-  bluetooth:
-    controllerMode: dual
   grub:
     gfxmode: 1920x1080x32
 timeshift:
@@ -20,7 +18,7 @@ swapfile:
   btrfs_volume_mountpoint: /swap
   filename: swapfile
   size: 16G
-  configure_hibernate: false
+  configure_hibernate: true
 packages:
   obs: false
 desktop:
@@ -42,7 +40,7 @@ desktop:
       dash_to_dock_show_favorites: "false" # Note that this is a string, not a boolean
       alt_tab_avoid_grouping: false
   sway:
-    enable: false
+    enable: true
     waybar: true
   i3:
     enable: false
@@ -51,5 +49,5 @@ desktop:
   browser:
     install_chrome_beta: false
 debug: false
-sparkfabrik: false
+sparkfabrik: true
 qemu_for_buildx: true

playbooks/roles/packages/tasks/base.yml

@@ -2,60 +2,73 @@
 - name: Install base packages
   tags: [packages, base]
   block:
-  - name: Network packages
-    community.general.pacman:
-      name:
-        - dnsutils
-        - dhcpcd
-        - iproute2
-        - gnu-netcat
-        - net-tools
-        - tcpdump
-        - wpa_supplicant
+    - name: Ensure not installed packages are absent
+      community.general.pacman:
+        name:
+          - glances
+        state: absent
 
-  - name: System packages
-    community.general.pacman:
-      name:
-        - ansible
-        - bashtop
-        - bc
-        - lm_sensors
-        - coreutils
-        - usbutils
-        - dmidecode
-        - base-devel
-        - bash-completion
-        - dialog
-        - dmidecode
-        - glances
-        - flatpak
-        - fastfetch
-        - pacman-contrib
-        - gparted
-        - htop
-        - mesa
-        - p7zip
-        - git
-        - tree
-        - usbutils
-        - tmux
-        - zsh
-        - zsh-completions
-        - lshw
-        - deja-dup
-        - vim
+    - name: Network packages
+      community.general.pacman:
+        name:
+          - dnsutils
+          - dhcpcd
+          - iproute2
+          - gnu-netcat
+          - net-tools
+          - tcpdump
+          - wpa_supplicant
 
-  - name: System packges from aur
-    kewlfft.aur.aur:
-      use: paru
-      name:
-        - downgrade
-        - inxi
-        - git-credential-manager-bin
-        - glxinfo
-        - flatseal
-    become: yes
-    become_user: aur_builder
+    - name: System packages
+      community.general.pacman:
+        name:
+          - ansible
+          - bashtop
+          - lm_sensors
+          - coreutils
+          - usbutils
+          - dmidecode
+          - base-devel
+          - bash-completion
+          - dialog
+          - dmidecode
+          - glances
+          - flatpak
+          - fastfetch
+          - pacman-contrib
+          - gparted
+          - htop
+          - fd
+          - ripgrep
+          - exa
+          - bat
+          - bc
+          - btop
+          - thefuck
+          - mesa
+          - p7zip
+          - git
+          - tree
+          - thefuck
+          - usbutils
+          - tmux
+          - zsh
+          - zsh-completions
+          - lshw
+          - deja-dup
+          - vim
 
-  - name: Symlink vim to vi
-    command: ln -sf /usr/bin/vim /usr/bin/vi
+    - name: System packages from aur
+      kewlfft.aur.aur:
+        use: paru
+        name:
+          - downgrade
+          - inxi
+          - git-credential-manager-bin
+          - glxinfo
+          - flatseal
+      become: yes
+      become_user: aur_builder
+
+    - name: Symlink vim to vi
+      command: ln -sf /usr/bin/vim /usr/bin/vi

playbooks/roles/packages/tasks/multimedia.yml

@@ -2,29 +2,34 @@
 - name: Install multimedia packages
   tags: [packages, media, multimedia]
   block:
-  - name: Install media packages
-    community.general.pacman:
-      name:
-        - guvcview
+    - name: Ensure not installed packages are absent
+      community.general.pacman:
+        name:
+          - calf
+        state: absent
 
-  - name: Install audio plugins
-    tags: [audio]
-    community.general.pacman:
-      name:
-        - easyeffects
-        - lsp-plugins
-        - calf
-        - libdeep_filter_ladspa-bin
+    - name: Install media packages
+      community.general.pacman:
+        name:
+          - guvcview
 
-  - name: Install media packages (aur)
-    kewlfft.aur.aur:
-      use: paru
-      name:
-        - blanket
-        - kooha
-        - mplayer
-        - vlc
-        - libmicrodns
-        - protobuf
-    become: yes
-    become_user: aur_builder
+    - name: Install audio plugins
+      tags: [audio]
+      community.general.pacman:
+        name:
+          - easyeffects
+          - lsp-plugins
+          - libdeep_filter_ladspa-bin
+
+    - name: Install media packages (aur)
+      kewlfft.aur.aur:
+        use: paru
+        name:
+          - blanket
+          - kooha
+          - mplayer
+          - vlc
+          - libmicrodns
+          - protobuf
+      become: yes
+      become_user: aur_builder

playbooks/roles/packages/tasks/productivity.yml

@@ -19,7 +19,6 @@
     - name: Install productivity packages
       community.general.pacman:
         name:
-          - thefuck
           - yadm
           - gnupg
           - pinentry

playbooks/roles/sway/tasks/main.yml

@@ -8,21 +8,26 @@
         name:
           - dunst
         state: absent
-      
+
     - name: Install sway wm
       community.general.pacman:
         name:
-          - alacritty
+          - gdm
           - polkit-gnome
-          - network-manager-applet
-          - ranger
           - sway
           - swaybg
           - swayidle
           - swaylock
+
+    - name: System utilities
+      community.general.pacman:
+        name:
+          - alacritty
+          - ghostty
           - thunar
           - wofi
           - wl-clipboard
+          - ranger
 
     - name: Display server gui
       kewlfft.aur.aur:
@@ -87,6 +92,7 @@
         name:
           - waybar
           - otf-font-awesome
+          - woff2-font-awesome
 
     - name: Configure login launcher due to this issue - https://github.com/swaywm/sway/issues/3109
       ansible.builtin.copy:

playbooks/roles/system/files/sf_default_hooks.conf

@@ -0,0 +1 @@
+HOOKS=(base udev autodetect keyboard modconf block encrypt filesystems resume fsck)

playbooks/roles/system/tasks/bluetooth.yml

@@ -2,21 +2,12 @@
 - name: Configure system components
   tags: [system, bluetooth]
   block:
-  - name: Install bluetooth dependencies
-    community.general.pacman:
-      name:
-        - blueman
-        - bluez
-        - bluez-utils
+    - name: Install bluetooth dependencies
+      community.general.pacman:
+        name:
+          - blueman
+          - bluez
+          - bluez-utils
 
-  - name: Configure bluetooth ControllerMode
-    community.general.ini_file:
-      path: /etc/bluetooth/main.conf
-      no_extra_spaces: false
-      option: ControllerMode
-      value: "{{ system.bluetooth.controllerMode | default('dual') }}"
-      exclusive: yes
-      section: General
-
-  - name: Activate bluetooth service
-    command: systemctl enable bluetooth
+    - name: Activate bluetooth service
+      command: systemctl enable bluetooth