Update 5 files

- /home/dot_ssh/system/run_onchanges_after_sshd.tmpl
- /home/dot_ssh/fail2ban/run_onchanges_after_fail2ban.tmpl
- /home/.chezmoiscripts/universal/run_onchange_after_13-post-install-packages.tmpl
- /home/.chezmoidata.yaml
- /software.yml
This commit is contained in:
Brian Zalewski 2023-01-27 09:28:02 +00:00
parent 45355db9c5
commit 17f6d81423
5 changed files with 64 additions and 4 deletions

View file

@ -247,7 +247,8 @@ softwareGroups:
- rm-improved - rm-improved
- rsync - rsync
- sd - sd
- snapd # Bundled into installer
# - snapd
- task - task
- tmux - tmux
- tor - tor

View file

@ -4,7 +4,6 @@
{{ includeTemplate "universal/profile" }} {{ includeTemplate "universal/profile" }}
{{ includeTemplate "universal/logg" }} {{ includeTemplate "universal/logg" }}
### Remove Firefox snap if Flatpak is installed ### Remove Firefox snap if Flatpak is installed
if command -v org.mozilla.firefox > /dev/null && command -v snap > /dev/null && snap list firefox | grep firefox > /dev/null; then if command -v org.mozilla.firefox > /dev/null && command -v snap > /dev/null && snap list firefox | grep firefox > /dev/null; then
logg info 'Removing snap version of Firefox because Flatpak version is already installed' logg info 'Removing snap version of Firefox because Flatpak version is already installed'

View file

@ -0,0 +1,41 @@
{{- if ne .host.distro.family "windows" }}
#!/usr/bin/env bash
# jail.local hash: {{ include (joinPath .host.home ".ssh" "fail2ban" "jail.local") | sha256sum }}
{{ includeTemplate "universal/profile" }}
{{ includeTemplate "universal/logg" }}
### Restart fail2ban
function restartFail2Ban() {
if [ -d /Applications ] && [ -d /System ]; then
# macOS
logg info 'Enabling the `fail2ban` Homebrew service'
brew services start fail2ban
else
# Linux
logg info 'Enabling the `fail2ban` service'
sudo systemctl enable fail2ban
logg info 'Restarting the `fail2ban` service'
sudo systemctl restart fail2ban
fi
}
### Update the jail.local file if environment is not WSL
if [[ ! "$(grep Microsoft /proc/version)" ]]; then
if [ -d /etc/fail2ban ]; then
logg info 'Copying ~/.ssh/fail2ban/jail.local to /etc/fail2ban/jail.local'
sudo cp -f "$HOME/.ssh/fail2ban/jail.local" /etc/fail2ban/jail.local
restartFail2Ban
elif [ -d /usr/local/etc/fail2ban ]; then
logg info 'Copying ~/.ssh/fail2ban/jail.local to /usr/local/etc/fail2ban/jail.local'
sudo cp -f "$HOME/.ssh/fail2ban/jail.local" /usr/local/etc/fail2ban/jail.local
restartFail2Ban
else
logg warn 'Both the /etc/fail2ban (Linux) and the /usr/local/etc/fail2ban (macOS) folder do not exist'
fi
else
logg info 'Skipping sshd_config application since environment is WSL'
fi
{{ end -}}

View file

@ -1,6 +1,12 @@
{{- if ne .host.distro.family "windows" }} {{- if ne .host.distro.family "windows" }}
#!/usr/bin/env bash #!/usr/bin/env bash
# sshd_config hash: {{ include (joinPath .host.home ".ssh" "system" "sshd_config") | sha256sum }}
# banner hash: {{ include (joinPath .host.home ".ssh" "system" "banner") | sha256sum }}
{{ includeTemplate "universal/profile" }}
{{ includeTemplate "universal/logg" }}
### Update /etc/ssh/sshd_config if environment is not WSL ### Update /etc/ssh/sshd_config if environment is not WSL
if [[ ! "$(grep Microsoft /proc/version)" ]]; then if [[ ! "$(grep Microsoft /proc/version)" ]]; then
if [ -d /etc/ssh ]; then if [ -d /etc/ssh ]; then
@ -22,8 +28,7 @@ if [[ ! "$(grep Microsoft /proc/version)" ]]; then
logg info 'Enabling the `sshd` service' logg info 'Enabling the `sshd` service'
sudo systemctl enable sshd sudo systemctl enable sshd
logg info 'Restarting the `sshd` service' logg info 'Restarting the `sshd` service'
sudo systemctl restart sshd
sudo service sshd restart
fi fi
else else
logg warn 'The /etc/ssh folder does not exist' logg warn 'The /etc/ssh folder does not exist'

View file

@ -5198,7 +5198,16 @@ softwarePackages:
_github: https://github.com/nmap/nmap _github: https://github.com/nmap/nmap
_home: https://nmap.org/ _home: https://nmap.org/
_name: Nmap _name: Nmap
_post:snap: sudo snap connect nmap:network-control
ansible: professormanhattan.nmap ansible: professormanhattan.nmap
apt: nmap
brew: nmap
choco: nmap
dnf: nmap
pacman: nmap
port: nmap
scoop: nmap
snap: nmap
_service: false _service: false
_type: cli _type: cli
nnn: nnn:
@ -7650,6 +7659,11 @@ softwarePackages:
_home: null _home: null
_name: tree-cli _name: tree-cli
ansible: professormanhattan.tree ansible: professormanhattan.tree
apt: tree
brew: tree
choco: tree
dnf: tree
pacman: tree
_service: false _service: false
_type: cli _type: cli
tree-sitter: tree-sitter: