Update 5 files
- /home/dot_ssh/system/run_onchanges_after_sshd.tmpl - /home/dot_ssh/fail2ban/run_onchanges_after_fail2ban.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_13-post-install-packages.tmpl - /home/.chezmoidata.yaml - /software.yml
This commit is contained in:
parent
45355db9c5
commit
17f6d81423
5 changed files with 64 additions and 4 deletions
|
@ -247,7 +247,8 @@ softwareGroups:
|
|||
- rm-improved
|
||||
- rsync
|
||||
- sd
|
||||
- snapd
|
||||
# Bundled into installer
|
||||
# - snapd
|
||||
- task
|
||||
- tmux
|
||||
- tor
|
||||
|
|
|
@ -4,7 +4,6 @@
|
|||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
||||
|
||||
### Remove Firefox snap if Flatpak is installed
|
||||
if command -v org.mozilla.firefox > /dev/null && command -v snap > /dev/null && snap list firefox | grep firefox > /dev/null; then
|
||||
logg info 'Removing snap version of Firefox because Flatpak version is already installed'
|
||||
|
|
41
home/dot_ssh/fail2ban/run_onchanges_after_fail2ban.tmpl
Normal file
41
home/dot_ssh/fail2ban/run_onchanges_after_fail2ban.tmpl
Normal file
|
@ -0,0 +1,41 @@
|
|||
{{- if ne .host.distro.family "windows" }}
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# jail.local hash: {{ include (joinPath .host.home ".ssh" "fail2ban" "jail.local") | sha256sum }}
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
||||
### Restart fail2ban
|
||||
function restartFail2Ban() {
|
||||
if [ -d /Applications ] && [ -d /System ]; then
|
||||
# macOS
|
||||
logg info 'Enabling the `fail2ban` Homebrew service'
|
||||
brew services start fail2ban
|
||||
else
|
||||
# Linux
|
||||
logg info 'Enabling the `fail2ban` service'
|
||||
sudo systemctl enable fail2ban
|
||||
logg info 'Restarting the `fail2ban` service'
|
||||
sudo systemctl restart fail2ban
|
||||
fi
|
||||
}
|
||||
|
||||
### Update the jail.local file if environment is not WSL
|
||||
if [[ ! "$(grep Microsoft /proc/version)" ]]; then
|
||||
if [ -d /etc/fail2ban ]; then
|
||||
logg info 'Copying ~/.ssh/fail2ban/jail.local to /etc/fail2ban/jail.local'
|
||||
sudo cp -f "$HOME/.ssh/fail2ban/jail.local" /etc/fail2ban/jail.local
|
||||
restartFail2Ban
|
||||
elif [ -d /usr/local/etc/fail2ban ]; then
|
||||
logg info 'Copying ~/.ssh/fail2ban/jail.local to /usr/local/etc/fail2ban/jail.local'
|
||||
sudo cp -f "$HOME/.ssh/fail2ban/jail.local" /usr/local/etc/fail2ban/jail.local
|
||||
restartFail2Ban
|
||||
else
|
||||
logg warn 'Both the /etc/fail2ban (Linux) and the /usr/local/etc/fail2ban (macOS) folder do not exist'
|
||||
fi
|
||||
else
|
||||
logg info 'Skipping sshd_config application since environment is WSL'
|
||||
fi
|
||||
|
||||
{{ end -}}
|
|
@ -1,6 +1,12 @@
|
|||
{{- if ne .host.distro.family "windows" }}
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# sshd_config hash: {{ include (joinPath .host.home ".ssh" "system" "sshd_config") | sha256sum }}
|
||||
# banner hash: {{ include (joinPath .host.home ".ssh" "system" "banner") | sha256sum }}
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
||||
### Update /etc/ssh/sshd_config if environment is not WSL
|
||||
if [[ ! "$(grep Microsoft /proc/version)" ]]; then
|
||||
if [ -d /etc/ssh ]; then
|
||||
|
@ -22,8 +28,7 @@ if [[ ! "$(grep Microsoft /proc/version)" ]]; then
|
|||
logg info 'Enabling the `sshd` service'
|
||||
sudo systemctl enable sshd
|
||||
logg info 'Restarting the `sshd` service'
|
||||
|
||||
sudo service sshd restart
|
||||
sudo systemctl restart sshd
|
||||
fi
|
||||
else
|
||||
logg warn 'The /etc/ssh folder does not exist'
|
||||
|
|
14
software.yml
14
software.yml
|
@ -5198,7 +5198,16 @@ softwarePackages:
|
|||
_github: https://github.com/nmap/nmap
|
||||
_home: https://nmap.org/
|
||||
_name: Nmap
|
||||
_post:snap: sudo snap connect nmap:network-control
|
||||
ansible: professormanhattan.nmap
|
||||
apt: nmap
|
||||
brew: nmap
|
||||
choco: nmap
|
||||
dnf: nmap
|
||||
pacman: nmap
|
||||
port: nmap
|
||||
scoop: nmap
|
||||
snap: nmap
|
||||
_service: false
|
||||
_type: cli
|
||||
nnn:
|
||||
|
@ -7650,6 +7659,11 @@ softwarePackages:
|
|||
_home: null
|
||||
_name: tree-cli
|
||||
ansible: professormanhattan.tree
|
||||
apt: tree
|
||||
brew: tree
|
||||
choco: tree
|
||||
dnf: tree
|
||||
pacman: tree
|
||||
_service: false
|
||||
_type: cli
|
||||
tree-sitter:
|
||||
|
|
Loading…
Reference in a new issue