Update .local/share/chezmoi/software.yml, .local/share/chezmoi/home/.chezmoiscripts/windows/run_onchange_after_14-cleanup-windows, .local/share/chezmoi/system/etc/cups/cupsd.conf, .local/share/chezmoi/system/etc/cups/modify_cupsd.conf
This commit is contained in:
parent
e7ffd27048
commit
19ea2964b8
4 changed files with 251 additions and 0 deletions
|
@ -1,3 +1,4 @@
|
||||||
|
Remove-Item -Recurse -Force C:\Malwarebytes
|
||||||
Remove-Item -Recurse -Force C:\PerfLogs
|
Remove-Item -Recurse -Force C:\PerfLogs
|
||||||
Remove-Item -Recurse -Force C:\$WinREAgent
|
Remove-Item -Recurse -Force C:\$WinREAgent
|
||||||
Remove-Item C:\Users\*\Desktop\*lnk -Force
|
Remove-Item C:\Users\*\Desktop\*lnk -Force
|
||||||
|
|
|
@ -901,6 +901,26 @@ softwarePackages:
|
||||||
_type: cli
|
_type: cli
|
||||||
brew: clair
|
brew: clair
|
||||||
github: github.com/quay/clair
|
github: github.com/quay/clair
|
||||||
|
clamav:
|
||||||
|
_bin: null
|
||||||
|
_desc: null
|
||||||
|
_docs: null
|
||||||
|
_github: null
|
||||||
|
_home: null
|
||||||
|
_name: ClamAV
|
||||||
|
_post: freshclam
|
||||||
|
_service: true
|
||||||
|
_systemd: clamav-freshclam
|
||||||
|
_systemd:dnf: clamd-freshclam
|
||||||
|
_type: cli
|
||||||
|
apt:
|
||||||
|
- clamav
|
||||||
|
- clamdscan
|
||||||
|
brew: clamav
|
||||||
|
dnf:
|
||||||
|
- clamav
|
||||||
|
- clamav-update
|
||||||
|
pacman: clamav
|
||||||
clocker:
|
clocker:
|
||||||
_when: '! test -d /Applications/Clocker.app'
|
_when: '! test -d /Applications/Clocker.app'
|
||||||
_bin: null
|
_bin: null
|
||||||
|
@ -1144,7 +1164,16 @@ softwarePackages:
|
||||||
_home: null
|
_home: null
|
||||||
_name: CUPS
|
_name: CUPS
|
||||||
_service: null
|
_service: null
|
||||||
|
_systemd: smbd
|
||||||
ansible: professormanhattan.cups
|
ansible: professormanhattan.cups
|
||||||
|
apt:
|
||||||
|
- avahi-daemon
|
||||||
|
- cups
|
||||||
|
brew: cups
|
||||||
|
dnf: cups
|
||||||
|
pacman:
|
||||||
|
- avahi-daemon
|
||||||
|
- cups
|
||||||
curator:
|
curator:
|
||||||
_bin: null
|
_bin: null
|
||||||
_desc: Elasticsearch Curator helps you curate, or manage, your Elasticsearch indices and snapshots
|
_desc: Elasticsearch Curator helps you curate, or manage, your Elasticsearch indices and snapshots
|
||||||
|
@ -3680,6 +3709,16 @@ softwarePackages:
|
||||||
_name: mackup
|
_name: mackup
|
||||||
_service: null
|
_service: null
|
||||||
ansible: professormanhattan.mackup
|
ansible: professormanhattan.mackup
|
||||||
|
malwarebytes:
|
||||||
|
_bin: null
|
||||||
|
_desc: null
|
||||||
|
_docs: null
|
||||||
|
_github: null
|
||||||
|
_home: null
|
||||||
|
_name: Malwarebytes
|
||||||
|
_service: true
|
||||||
|
cask: malwarebytes
|
||||||
|
choco: malwarebytes
|
||||||
mailspring:
|
mailspring:
|
||||||
_bin: null
|
_bin: null
|
||||||
_desc: '[Mailspring](https://getmailspring.com/) comes packed with powerful features like Unified Inbox, Snooze, Send Later, Mail Rules, Templates and more. Mailspring Pro, which you can unlock with a monthly subscription, adds even more features for people who send a ton of email: link tracking, read receipts, mailbox analytics, contact and company profiles. All of these features run in the client - Mailspring does not send your email credentials to the cloud.'
|
_desc: '[Mailspring](https://getmailspring.com/) comes packed with powerful features like Unified Inbox, Snooze, Send Later, Mail Rules, Templates and more. Mailspring Pro, which you can unlock with a monthly subscription, adds even more features for people who send a ton of email: link tracking, read receipts, mailbox analytics, contact and company profiles. All of these features run in the client - Mailspring does not send your email credentials to the cloud.'
|
||||||
|
@ -5136,6 +5175,24 @@ softwarePackages:
|
||||||
choco: ripgrep-all
|
choco: ripgrep-all
|
||||||
nix: ripgrep-all
|
nix: ripgrep-all
|
||||||
pacman: ripgrep-all
|
pacman: ripgrep-all
|
||||||
|
rkhunter:
|
||||||
|
_bin: rkhunter
|
||||||
|
_desc: null
|
||||||
|
_docs: null
|
||||||
|
_github: null
|
||||||
|
_home: null
|
||||||
|
_name: rkhunter
|
||||||
|
_post: rkhunter --propupd && rkhunter --update
|
||||||
|
_service: true
|
||||||
|
_systemd:pacman: cronie
|
||||||
|
_type: cli
|
||||||
|
apt: rkhunter
|
||||||
|
brew: rkhunter
|
||||||
|
dnf: rkhunter
|
||||||
|
pacman:
|
||||||
|
- cronie
|
||||||
|
- rkhunter
|
||||||
|
- s-nail
|
||||||
rm-improved:
|
rm-improved:
|
||||||
_bin: rip
|
_bin: rip
|
||||||
_desc: A safe and ergonomic alternative to rm
|
_desc: A safe and ergonomic alternative to rm
|
||||||
|
|
190
.local/share/chezmoi/system/etc/cups/cupsd.conf
Normal file
190
.local/share/chezmoi/system/etc/cups/cupsd.conf
Normal file
|
@ -0,0 +1,190 @@
|
||||||
|
#
|
||||||
|
# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a
|
||||||
|
# complete description of this file.
|
||||||
|
#
|
||||||
|
|
||||||
|
# Log general information in error_log - change "warn" to "debug"
|
||||||
|
# for troubleshooting...
|
||||||
|
LogLevel warn
|
||||||
|
PageLogFormat
|
||||||
|
|
||||||
|
# Deactivate CUPS' internal logrotating, as we provide a better one, especially
|
||||||
|
# LogLevel debug2 gets usable now
|
||||||
|
MaxLogSize 0
|
||||||
|
|
||||||
|
# Only listen for connections from the local machine.
|
||||||
|
Port 631
|
||||||
|
Listen /run/cups/cups.sock
|
||||||
|
|
||||||
|
# Show shared printers on the local network.
|
||||||
|
Browsing On
|
||||||
|
BrowseLocalProtocols dnssd
|
||||||
|
|
||||||
|
# Default authentication type, when authentication is required...
|
||||||
|
DefaultAuthType Basic
|
||||||
|
|
||||||
|
# Web interface setting...
|
||||||
|
WebInterface Yes
|
||||||
|
|
||||||
|
# Restrict access to the server...
|
||||||
|
<Location />
|
||||||
|
Order allow,deny
|
||||||
|
Allow @LOCAL
|
||||||
|
</Location>
|
||||||
|
|
||||||
|
# Restrict access to the admin pages...
|
||||||
|
<Location /admin>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order allow,deny
|
||||||
|
Allow @LOCAL
|
||||||
|
</Location>
|
||||||
|
|
||||||
|
# Restrict access to configuration files...
|
||||||
|
<Location /admin/conf>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order allow,deny
|
||||||
|
</Location>
|
||||||
|
|
||||||
|
# Restrict access to log files...
|
||||||
|
<Location /admin/log>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order allow,deny
|
||||||
|
</Location>
|
||||||
|
|
||||||
|
# Set the default printer/job policies...
|
||||||
|
<Policy default>
|
||||||
|
# Job/subscription privacy...
|
||||||
|
JobPrivateAccess default
|
||||||
|
JobPrivateValues default
|
||||||
|
SubscriptionPrivateAccess default
|
||||||
|
SubscriptionPrivateValues default
|
||||||
|
|
||||||
|
# Job-related operations must be done by the owner or an administrator...
|
||||||
|
<Limit Create-Job Print-Job Print-URI Validate-Job>
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
# All administration operations require an administrator to authenticate...
|
||||||
|
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
# All printer operations require a printer operator to authenticate...
|
||||||
|
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
# Only the owner or an administrator can cancel or authenticate a job...
|
||||||
|
<Limit Cancel-Job CUPS-Authenticate-Job>
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
<Limit All>
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
</Policy>
|
||||||
|
|
||||||
|
# Set the authenticated printer/job policies...
|
||||||
|
<Policy authenticated>
|
||||||
|
# Job/subscription privacy...
|
||||||
|
JobPrivateAccess default
|
||||||
|
JobPrivateValues default
|
||||||
|
SubscriptionPrivateAccess default
|
||||||
|
SubscriptionPrivateValues default
|
||||||
|
|
||||||
|
# Job-related operations must be done by the owner or an administrator...
|
||||||
|
<Limit Create-Job Print-Job Print-URI Validate-Job>
|
||||||
|
AuthType Default
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
|
||||||
|
AuthType Default
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
# All administration operations require an administrator to authenticate...
|
||||||
|
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
# All printer operations require a printer operator to authenticate...
|
||||||
|
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
# Only the owner or an administrator can cancel or authenticate a job...
|
||||||
|
<Limit Cancel-Job CUPS-Authenticate-Job>
|
||||||
|
AuthType Default
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
<Limit All>
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
</Policy>
|
||||||
|
|
||||||
|
# Set the kerberized printer/job policies...
|
||||||
|
<Policy kerberos>
|
||||||
|
# Job/subscription privacy...
|
||||||
|
JobPrivateAccess default
|
||||||
|
JobPrivateValues default
|
||||||
|
SubscriptionPrivateAccess default
|
||||||
|
SubscriptionPrivateValues default
|
||||||
|
|
||||||
|
# Job-related operations must be done by the owner or an administrator...
|
||||||
|
<Limit Create-Job Print-Job Print-URI Validate-Job>
|
||||||
|
AuthType Negotiate
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
|
||||||
|
AuthType Negotiate
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
# All administration operations require an administrator to authenticate...
|
||||||
|
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
# All printer operations require a printer operator to authenticate...
|
||||||
|
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
# Only the owner or an administrator can cancel or authenticate a job...
|
||||||
|
<Limit Cancel-Job CUPS-Authenticate-Job>
|
||||||
|
AuthType Negotiate
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
|
||||||
|
<Limit All>
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
</Policy>
|
3
.local/share/chezmoi/system/etc/cups/modify_cupsd.conf
Normal file
3
.local/share/chezmoi/system/etc/cups/modify_cupsd.conf
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
sudo chmod 644 cupsd.conf
|
Loading…
Reference in a new issue