Update README.md, .local/share/chezmoi/home/dot_local/bin/executable_provision, .local/software.TODO/desktop/Brewfile, .local/software.TODO/desktop/Packages.config, .local/software.TODO/desktop/Wingetfile, .local/software.TODO/development/Brewfile, .local/software.TODO/development/Packages.config, .local/software.TODO/development/Scoopfile, .local/software.TODO/terminal/Brewfile, .local/software.TODO/terminal/Packages.config, .local/software.TODO/terminal/Scoopfile, .local/software.TODO/Gasfile.yml, .local/bin/provision, .local/bin/open, .local/share/chezmoi/home/dot_local/bin/executable_open, .local/share/chezmoi/home/dot_local/Taskfile-local.yml
Deleted .local/bin/quickstart, .local/bin/chrome-profile-export, .local/bin/chrome-profile-import, .local/bin/firefox-profile-export, .local/bin/firefox-profile-import, .local/share/chezmoi/home/dot_local/bin/executable_chrome-profile-export, .local/share/chezmoi/home/dot_local/bin/executable_chrome-profile-import, .local/share/chezmoi/home/dot_local/bin/executable_firefox-profile-export, .local/share/chezmoi/home/dot_local/bin/executable_firefox-profile-import, .local/share/chezmoi/home/dot_local/bin/executable_fonttest, .local/share/chezmoi/home/dot_local/bin/executable_quickstart, .local/share/chezmoi/home/dot_local/bin/executable_squash-symlink
This commit is contained in:
parent
049713d431
commit
306e84d012
28 changed files with 395 additions and 112 deletions
|
@ -1 +0,0 @@
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
|
@ -9,6 +9,11 @@
|
||||||
# It is used to handle cross-VM links when Gas Station is used to provision [Qubes](https://www.qubes-os.org/).
|
# It is used to handle cross-VM links when Gas Station is used to provision [Qubes](https://www.qubes-os.org/).
|
||||||
# When called with -d, the default program is used.
|
# When called with -d, the default program is used.
|
||||||
|
|
||||||
|
# Default to system open executable on macOS
|
||||||
|
if [ -d /Applications ] && [ -d /Library ]; then
|
||||||
|
\open $@
|
||||||
|
fi
|
||||||
|
|
||||||
# shellcheck disable=SC2124
|
# shellcheck disable=SC2124
|
||||||
getopts d: name
|
getopts d: name
|
||||||
case $name in
|
case $name in
|
|
@ -1,30 +1,186 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
# Install Homebrew
|
set -eo pipefail
|
||||||
if ! type brew &> /dev/null; then
|
|
||||||
if type sudo &> /dev/null && sudo -n true; then
|
### Qubes dom0 specific code at top
|
||||||
echo | /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
|
# The VM name that will manage the Ansible provisioning (for Qubes dom0)
|
||||||
|
ANSIBLE_PROVISION_VM="provision"
|
||||||
|
|
||||||
|
# Ensure sys-whonix is configured (for Qubes dom0)
|
||||||
|
CONFIG_WIZARD_COUNT=0
|
||||||
|
ENABLE_OBFSC='false'
|
||||||
|
function configureWizard() {
|
||||||
|
if xwininfo -root -tree | grep "Anon Connection Wizard"; then
|
||||||
|
WINDOW_ID="$(xwininfo -root -tree | grep "Anon Connection Wizard" | sed 's/^ *\([^ ]*\) .*/\1/')"
|
||||||
|
xdotool windowactivate "$WINDOW_ID" && sleep 1 && xdotool key 'Enter' && sleep 1 && xdotool key 'Tab Tab Enter' && sleep 24 && xdotool windowactivate "$WINDOW_ID" && sleep 1 && xdotool key 'Enter' && sleep 300
|
||||||
|
qvm-shutdown --wait sys-whonix
|
||||||
|
sleep 3
|
||||||
|
qvm-start sys-whonix
|
||||||
|
if xwininfo -root -tree | grep "systemcheck | Whonix" > /dev/null; then
|
||||||
|
WINDOW_ID_SYSCHECK="$(xwininfo -root -tree | grep "systemcheck | Whonix" | sed 's/^ *\([^ ]*\) .*/\1/')"
|
||||||
|
if xdotool windowactivate "$WINDOW_ID_SYS_CHECK"; then
|
||||||
|
sleep 1
|
||||||
|
xdotool key 'Enter'
|
||||||
|
fi
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
|
sleep 3
|
||||||
|
CONFIG_WIZARD_COUNT=$((CONFIG_WIZARD_COUNT + 1))
|
||||||
|
if [[ "$CONFIG_WIZARD_COUNT" == '4' ]]; then
|
||||||
|
echo "The sys-whonix anon-connection-wizard utility did not open."
|
||||||
|
else
|
||||||
|
echo "Checking for anon-connection-wizard again.."
|
||||||
|
configureWizard
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
### Update via system package manager and install Homebrew dependencies
|
||||||
|
if command -v qubesctl > /dev/null; then
|
||||||
|
# Qubes dom0
|
||||||
|
|
||||||
|
### Ensure dom0 is updated
|
||||||
|
if [ ! -f /root/dom0-updated ]; then
|
||||||
|
sudo qubesctl --show-output state.sls update.qubes-dom0
|
||||||
|
sudo qubes-dom0-update --clean -y
|
||||||
|
touch /root/dom0-updated
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Ensure sys-whonix is running
|
||||||
|
if ! qvm-check --running sys-whonix; then
|
||||||
|
qvm-start sys-whonix --skip-if-running
|
||||||
|
configureWizard > /dev/null
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Ensure TemplateVMs are updated
|
||||||
|
if [ ! -f /root/templatevms-updated ]; then
|
||||||
|
# timeout of 10 minutes is added here because the whonix-gw VM does not like to get updated
|
||||||
|
# with this method. Anyone know how to fix this?
|
||||||
|
sudo timeout 600 qubesctl --show-output --skip-dom0 --templates state.sls update.qubes-vm &> /dev/null || EXIT_CODE=$?
|
||||||
|
while read RESTART_VM; do
|
||||||
|
qvm-shutdown --wait "$RESTART_VM"
|
||||||
|
done< <(qvm-ls --all --no-spinner --fields=name,state | grep Running | grep -v sys-net | grep -v sys-firewall | grep -v sys-whonix | grep -v dom0 | awk '{print $1}')
|
||||||
|
sudo touch /root/templatevms-updated
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Ensure provisioning VM can run commands on any VM
|
||||||
|
echo "/bin/bash" | sudo tee /etc/qubes-rpc/qubes.VMShell
|
||||||
|
sudo chmod 755 /etc/qubes-rpc/qubes.VMShell
|
||||||
|
echo "$ANSIBLE_PROVISION_VM"' dom0 allow' | sudo tee /etc/qubes-rpc/policy/qubes.VMShell
|
||||||
|
echo "$ANSIBLE_PROVISION_VM"' $anyvm allow' | sudo tee -a /etc/qubes-rpc/policy/qubes.VMShell
|
||||||
|
sudo chown "$(whoami):$(whoami)" /etc/qubes-rpc/policy/qubes.VMShell
|
||||||
|
sudo chmod 644 /etc/qubes-rpc/policy/qubes.VMShell
|
||||||
|
|
||||||
|
|
||||||
|
### Create provisioning VM and initialize the provisioning process from there
|
||||||
|
qvm-create --label red --template debian-11 "$ANSIBLE_PROVISION_VM" &> /dev/null || EXIT_CODE=$?
|
||||||
|
qvm-volume extend "$ANSIBLE_PROVISION_VM:private" "40G"
|
||||||
|
if [ -f ~/.vaultpass ]; then
|
||||||
|
qvm-run "$ANSIBLE_PROVISION_VM" 'rm -f ~/QubesIncoming/dom0/.vaultpass'
|
||||||
|
qvm-copy-to-vm "$ANSIBLE_PROVISION_VM" ~/.vaultpass
|
||||||
|
qvm-run "$ANSIBLE_PROVISION_VM" 'cp ~/QubesIncoming/dom0/.vaultpass ~/.vaultpass'
|
||||||
|
fi
|
||||||
|
qvm-run --pass-io "$ANSIBLE_PROVISION_VM" 'curl -sSL https://install.doctor/start > ~/start.sh && bash ~/start.sh'
|
||||||
|
exit 0
|
||||||
|
elif command -v apt-get > /dev/null; then
|
||||||
|
# Debian / Ubuntu
|
||||||
|
sudo apt-get update
|
||||||
|
sudo apt-get install -y curl git
|
||||||
|
elif command -v dnf > /dev/null; then
|
||||||
|
# Fedora
|
||||||
|
sudo dnf install -y curl git
|
||||||
|
elif command -v yum > /dev/null; then
|
||||||
|
# CentOS
|
||||||
|
sudo yum install -y curl git
|
||||||
|
elif command -v pacman > /dev/null; then
|
||||||
|
# Archlinux
|
||||||
|
sudo pacman update
|
||||||
|
sudo pacman -Sy curl git
|
||||||
|
elif command -v zypper > /dev/null; then
|
||||||
|
# OpenSUSE
|
||||||
|
sudo zypper install -y curl git nodejs
|
||||||
|
elif command -v apk > /dev/null; then
|
||||||
|
# Alpine
|
||||||
|
apk add curl git
|
||||||
|
elif [ -d /Applications ] && [ -d /Library ]; then
|
||||||
|
# macOS
|
||||||
|
sudo xcode-select -p >/dev/null 2>&1 || xcode-select --install
|
||||||
|
elif command -v nix-env > /dev/null; then
|
||||||
|
# NixOS
|
||||||
|
elif [[ "$OSTYPE" == 'freebsd'* ]]; then
|
||||||
|
# FreeBSD
|
||||||
|
elif command -v pkg > /dev/null; then
|
||||||
|
# Termux
|
||||||
|
elif command -v xbps-install > /dev/null; then
|
||||||
|
# Void
|
||||||
|
elif [[ "$OSTYPE" == 'cygwin' ]] || [[ "$OSTYPE" == 'msys' ]] || [[ "$OSTYPE" == 'win32' ]]; then
|
||||||
|
# Windows
|
||||||
|
choco install -y curl git node
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Install Homebrew bundle and go-task
|
### Install Homebrew
|
||||||
brew install go-task/tap/go-task
|
ensurePackageManagerHomebrew() {
|
||||||
brew install jq
|
if ! command -v brew > /dev/null; then
|
||||||
brew install yq
|
if command -v sudo > /dev/null && sudo -n true; then
|
||||||
|
echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
|
||||||
|
else
|
||||||
|
logg info 'Homebrew is not installed. Password may be required.'
|
||||||
|
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
|
||||||
|
if [ -n "$BREW_EXIT_CODE" ]; then
|
||||||
|
if command -v brew > /dev/null; then
|
||||||
|
logg warn 'Homebrew was installed but part of the installation failed. Attempting to fix..'
|
||||||
|
BREW_DIRS="share/man share/doc share/zsh/site-functions etc/bash_completion.d"
|
||||||
|
for BREW_DIR in $BREW_DIRS; do
|
||||||
|
if [ -d "$(brew --prefix)/$BREW_DIR" ]; then
|
||||||
|
sudo chown -R "$(whoami)" "$(brew --prefix)/$BREW_DIR"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
brew update --force --quiet
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
ensurePackageManagerHomebrew
|
||||||
|
|
||||||
# Ensure dotfiles are present
|
### Install installer dependencies via Homebrew
|
||||||
if [ ! -f "$HOME/.local/bin/install-dotfiles" ]; then
|
if command -v brew > /dev/null; then
|
||||||
bash <(curl -sSL https://gitlab.com/megabyte-labs/misc/dotfiles/-/raw/master/dotfiles/.local/bin/install-dotfiles)
|
brew install chezmoi go-task/tap/go-task jq node yq zx
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Ensure source files are present
|
||||||
|
if [ -d /usr/local/src/hiawatha ] && [ ! -w /usr/local/src/hiawatha ]; then
|
||||||
|
sudo chown -Rf "$USER":"$(id -g -n)" /usr/local/src/hiawatha
|
||||||
|
fi
|
||||||
|
if [ -d /usr/local/src/hiawatha/.git ]; then
|
||||||
|
git config pull.rebase false
|
||||||
|
git pull origin master
|
||||||
else
|
else
|
||||||
chmod +x "$HOME/.local/bin/install-dotfiles"
|
rm -rf /usr/local/src/hiawatha
|
||||||
install-dotfiles
|
sudo git clone https://gitlab.com/megabyte-labs/dotfiles.git /usr/local/src/hiawatha
|
||||||
|
chown -Rf "$USER":"$(id -g -n)" /usr/local/src/hiawatha
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Use run alias to invoke the `$HOME/.local/Taskfile.yml`
|
### Copy folders
|
||||||
if [ -z "$1" ]; then
|
find /usr/local/src/hiawatha -maxdepth 1 -mindepth 1 -type d | while read FOLDER; do
|
||||||
run localhost:provision
|
BASENAME="$(basename "$FOLDER")"
|
||||||
else
|
if [ ! -d "$HOME/$BASENAME" ]; then
|
||||||
run "localhost:provision:$1"
|
mkdir -p "$HOME/$BASENAME"
|
||||||
fi
|
fi
|
||||||
|
cp -rf "$FOLDER/"* "$HOME/$BASENAME"
|
||||||
|
done
|
||||||
|
|
||||||
|
### Copy files
|
||||||
|
find /usr/local/src/hiawatha -maxdepth 1 -mindepth 1 -type f | while read FILE; do
|
||||||
|
BASENAME="$(basename "$FILE")"
|
||||||
|
cp "$FILE" "$HOME/$BASENAME"
|
||||||
|
chmod 600 "$HOME/$BASENAME"
|
||||||
|
done
|
||||||
|
|
||||||
|
### Ensure ~/.local/bin files are executable
|
||||||
|
find "$HOME/.local/bin" -maxdepth 1 -mindepth 1 -type f | while read BINFILE; do
|
||||||
|
chmod +x "$BINFILE"
|
||||||
|
done
|
||||||
|
|
||||||
|
### Chezmoi
|
||||||
|
echo "Now run chezmoi init followed by chezmoi apply"
|
||||||
|
|
|
@ -1,16 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
if [ -f ~/.config/autostart/first-boot.desktop ]; then
|
|
||||||
rm ~/.config/autostart/first-boot.desktop
|
|
||||||
fi
|
|
||||||
|
|
||||||
if type qvm-run &> /dev/null; then
|
|
||||||
mkdir -p "$HOME/.local"
|
|
||||||
qvm-run --pass-io sys-firewall 'curl -sSL https://install.doctor/qubes' > "$HOME/.local/setup.sh" && bash "$HOME/.local/setup.sh"
|
|
||||||
elif [ -d '/Applications' ] && [ -d '/Users' ] && [ -d '/Library' ]; then
|
|
||||||
mkdir -p "$HOME/.local"
|
|
||||||
curl -sSL https://install.doctor/quickstart > "$HOME/.local/setup.sh" && bash "$HOME/.local/setup.sh"
|
|
||||||
elif [ -f '/etc/os-release' ]; then
|
|
||||||
mkdir -p "$HOME/.local"
|
|
||||||
curl -sSL https://install.doctor/quickstart > "$HOME/.local/setup.sh" && bash "$HOME/.local/setup.sh"
|
|
||||||
fi
|
|
|
@ -44,6 +44,16 @@ tasks:
|
||||||
cmds:
|
cmds:
|
||||||
- tar -czpf ~/brave-profile.tar.gz {{.BrowserProfile}}
|
- tar -czpf ~/brave-profile.tar.gz {{.BrowserProfile}}
|
||||||
|
|
||||||
|
font-test:
|
||||||
|
cmds:
|
||||||
|
- |
|
||||||
|
echo -en "Regular"
|
||||||
|
echo -en "\e[3m Italic \e[0m"
|
||||||
|
echo -en "\e[1m Bold \e[0m"
|
||||||
|
echo -en "\e[3m\e[1m Bold-Italic \e[0m"
|
||||||
|
echo -en " \e[4mUnderline\e[0m "
|
||||||
|
echo -e " \e[9mStrikethrough\e[0m"
|
||||||
|
|
||||||
provision:
|
provision:
|
||||||
desc: Provision the environment
|
desc: Provision the environment
|
||||||
summary: |
|
summary: |
|
||||||
|
@ -102,3 +112,25 @@ tasks:
|
||||||
- :install:software:bundle
|
- :install:software:bundle
|
||||||
cmds:
|
cmds:
|
||||||
- brew bundle --file "$HOME/.local/Brewfile.terminal"
|
- brew bundle --file "$HOME/.local/Brewfile.terminal"
|
||||||
|
|
||||||
|
squash-symlink:
|
||||||
|
summary: |
|
||||||
|
Example: find . -type l -exec /path/tos/script {} +
|
||||||
|
cmds:
|
||||||
|
- |
|
||||||
|
set -e
|
||||||
|
for link; do
|
||||||
|
test -h "$link" || continue
|
||||||
|
dir=$(dirname "$link")
|
||||||
|
reltarget=$(readlink "$link")
|
||||||
|
case $reltarget in
|
||||||
|
/*) abstarget=$reltarget;;
|
||||||
|
*) abstarget=$dir/$reltarget;;
|
||||||
|
esac
|
||||||
|
rm -fv "$link"
|
||||||
|
cp -afv "$abstarget" "$link" || {
|
||||||
|
# on failure, restore the symlink
|
||||||
|
rm -rfv "$link"
|
||||||
|
ln -sfv "$reltarget" "$link"
|
||||||
|
}
|
||||||
|
done
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
|
@ -1,12 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# FONTTEST SCRIPT
|
|
||||||
# -----------------
|
|
||||||
# Print all avaliable variants of chosen terminal font
|
|
||||||
|
|
||||||
echo -en "regular "
|
|
||||||
echo -en "\e[3m italic \e[0m"
|
|
||||||
echo -en "\e[1m bold \e[0m"
|
|
||||||
echo -en "\e[3m\e[1m bold-italic \e[0m"
|
|
||||||
echo -en " \e[4munderline\e[0m "
|
|
||||||
echo -e " \e[9mstrikethrough\e[0m"
|
|
|
@ -9,6 +9,11 @@
|
||||||
# It is used to handle cross-VM links when Gas Station is used to provision [Qubes](https://www.qubes-os.org/).
|
# It is used to handle cross-VM links when Gas Station is used to provision [Qubes](https://www.qubes-os.org/).
|
||||||
# When called with -d, the default program is used.
|
# When called with -d, the default program is used.
|
||||||
|
|
||||||
|
# Default to system open executable on macOS
|
||||||
|
if [ -d /Applications ] && [ -d /Library ]; then
|
||||||
|
\open $@
|
||||||
|
fi
|
||||||
|
|
||||||
# shellcheck disable=SC2124
|
# shellcheck disable=SC2124
|
||||||
getopts d: name
|
getopts d: name
|
||||||
case $name in
|
case $name in
|
|
@ -1,30 +1,186 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
# Install Homebrew
|
set -eo pipefail
|
||||||
if ! type brew &> /dev/null; then
|
|
||||||
if type sudo &> /dev/null && sudo -n true; then
|
### Qubes dom0 specific code at top
|
||||||
echo | /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
|
# The VM name that will manage the Ansible provisioning (for Qubes dom0)
|
||||||
|
ANSIBLE_PROVISION_VM="provision"
|
||||||
|
|
||||||
|
# Ensure sys-whonix is configured (for Qubes dom0)
|
||||||
|
CONFIG_WIZARD_COUNT=0
|
||||||
|
ENABLE_OBFSC='false'
|
||||||
|
function configureWizard() {
|
||||||
|
if xwininfo -root -tree | grep "Anon Connection Wizard"; then
|
||||||
|
WINDOW_ID="$(xwininfo -root -tree | grep "Anon Connection Wizard" | sed 's/^ *\([^ ]*\) .*/\1/')"
|
||||||
|
xdotool windowactivate "$WINDOW_ID" && sleep 1 && xdotool key 'Enter' && sleep 1 && xdotool key 'Tab Tab Enter' && sleep 24 && xdotool windowactivate "$WINDOW_ID" && sleep 1 && xdotool key 'Enter' && sleep 300
|
||||||
|
qvm-shutdown --wait sys-whonix
|
||||||
|
sleep 3
|
||||||
|
qvm-start sys-whonix
|
||||||
|
if xwininfo -root -tree | grep "systemcheck | Whonix" > /dev/null; then
|
||||||
|
WINDOW_ID_SYSCHECK="$(xwininfo -root -tree | grep "systemcheck | Whonix" | sed 's/^ *\([^ ]*\) .*/\1/')"
|
||||||
|
if xdotool windowactivate "$WINDOW_ID_SYS_CHECK"; then
|
||||||
|
sleep 1
|
||||||
|
xdotool key 'Enter'
|
||||||
|
fi
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
|
sleep 3
|
||||||
|
CONFIG_WIZARD_COUNT=$((CONFIG_WIZARD_COUNT + 1))
|
||||||
|
if [[ "$CONFIG_WIZARD_COUNT" == '4' ]]; then
|
||||||
|
echo "The sys-whonix anon-connection-wizard utility did not open."
|
||||||
|
else
|
||||||
|
echo "Checking for anon-connection-wizard again.."
|
||||||
|
configureWizard
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
### Update via system package manager and install Homebrew dependencies
|
||||||
|
if command -v qubesctl > /dev/null; then
|
||||||
|
# Qubes dom0
|
||||||
|
|
||||||
|
### Ensure dom0 is updated
|
||||||
|
if [ ! -f /root/dom0-updated ]; then
|
||||||
|
sudo qubesctl --show-output state.sls update.qubes-dom0
|
||||||
|
sudo qubes-dom0-update --clean -y
|
||||||
|
touch /root/dom0-updated
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Ensure sys-whonix is running
|
||||||
|
if ! qvm-check --running sys-whonix; then
|
||||||
|
qvm-start sys-whonix --skip-if-running
|
||||||
|
configureWizard > /dev/null
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Ensure TemplateVMs are updated
|
||||||
|
if [ ! -f /root/templatevms-updated ]; then
|
||||||
|
# timeout of 10 minutes is added here because the whonix-gw VM does not like to get updated
|
||||||
|
# with this method. Anyone know how to fix this?
|
||||||
|
sudo timeout 600 qubesctl --show-output --skip-dom0 --templates state.sls update.qubes-vm &> /dev/null || EXIT_CODE=$?
|
||||||
|
while read RESTART_VM; do
|
||||||
|
qvm-shutdown --wait "$RESTART_VM"
|
||||||
|
done< <(qvm-ls --all --no-spinner --fields=name,state | grep Running | grep -v sys-net | grep -v sys-firewall | grep -v sys-whonix | grep -v dom0 | awk '{print $1}')
|
||||||
|
sudo touch /root/templatevms-updated
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Ensure provisioning VM can run commands on any VM
|
||||||
|
echo "/bin/bash" | sudo tee /etc/qubes-rpc/qubes.VMShell
|
||||||
|
sudo chmod 755 /etc/qubes-rpc/qubes.VMShell
|
||||||
|
echo "$ANSIBLE_PROVISION_VM"' dom0 allow' | sudo tee /etc/qubes-rpc/policy/qubes.VMShell
|
||||||
|
echo "$ANSIBLE_PROVISION_VM"' $anyvm allow' | sudo tee -a /etc/qubes-rpc/policy/qubes.VMShell
|
||||||
|
sudo chown "$(whoami):$(whoami)" /etc/qubes-rpc/policy/qubes.VMShell
|
||||||
|
sudo chmod 644 /etc/qubes-rpc/policy/qubes.VMShell
|
||||||
|
|
||||||
|
|
||||||
|
### Create provisioning VM and initialize the provisioning process from there
|
||||||
|
qvm-create --label red --template debian-11 "$ANSIBLE_PROVISION_VM" &> /dev/null || EXIT_CODE=$?
|
||||||
|
qvm-volume extend "$ANSIBLE_PROVISION_VM:private" "40G"
|
||||||
|
if [ -f ~/.vaultpass ]; then
|
||||||
|
qvm-run "$ANSIBLE_PROVISION_VM" 'rm -f ~/QubesIncoming/dom0/.vaultpass'
|
||||||
|
qvm-copy-to-vm "$ANSIBLE_PROVISION_VM" ~/.vaultpass
|
||||||
|
qvm-run "$ANSIBLE_PROVISION_VM" 'cp ~/QubesIncoming/dom0/.vaultpass ~/.vaultpass'
|
||||||
|
fi
|
||||||
|
qvm-run --pass-io "$ANSIBLE_PROVISION_VM" 'curl -sSL https://install.doctor/start > ~/start.sh && bash ~/start.sh'
|
||||||
|
exit 0
|
||||||
|
elif command -v apt-get > /dev/null; then
|
||||||
|
# Debian / Ubuntu
|
||||||
|
sudo apt-get update
|
||||||
|
sudo apt-get install -y curl git
|
||||||
|
elif command -v dnf > /dev/null; then
|
||||||
|
# Fedora
|
||||||
|
sudo dnf install -y curl git
|
||||||
|
elif command -v yum > /dev/null; then
|
||||||
|
# CentOS
|
||||||
|
sudo yum install -y curl git
|
||||||
|
elif command -v pacman > /dev/null; then
|
||||||
|
# Archlinux
|
||||||
|
sudo pacman update
|
||||||
|
sudo pacman -Sy curl git
|
||||||
|
elif command -v zypper > /dev/null; then
|
||||||
|
# OpenSUSE
|
||||||
|
sudo zypper install -y curl git nodejs
|
||||||
|
elif command -v apk > /dev/null; then
|
||||||
|
# Alpine
|
||||||
|
apk add curl git
|
||||||
|
elif [ -d /Applications ] && [ -d /Library ]; then
|
||||||
|
# macOS
|
||||||
|
sudo xcode-select -p >/dev/null 2>&1 || xcode-select --install
|
||||||
|
elif command -v nix-env > /dev/null; then
|
||||||
|
# NixOS
|
||||||
|
elif [[ "$OSTYPE" == 'freebsd'* ]]; then
|
||||||
|
# FreeBSD
|
||||||
|
elif command -v pkg > /dev/null; then
|
||||||
|
# Termux
|
||||||
|
elif command -v xbps-install > /dev/null; then
|
||||||
|
# Void
|
||||||
|
elif [[ "$OSTYPE" == 'cygwin' ]] || [[ "$OSTYPE" == 'msys' ]] || [[ "$OSTYPE" == 'win32' ]]; then
|
||||||
|
# Windows
|
||||||
|
choco install -y curl git node
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Install Homebrew bundle and go-task
|
### Install Homebrew
|
||||||
brew install go-task/tap/go-task
|
ensurePackageManagerHomebrew() {
|
||||||
brew install jq
|
if ! command -v brew > /dev/null; then
|
||||||
brew install yq
|
if command -v sudo > /dev/null && sudo -n true; then
|
||||||
|
echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
|
||||||
|
else
|
||||||
|
logg info 'Homebrew is not installed. Password may be required.'
|
||||||
|
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
|
||||||
|
if [ -n "$BREW_EXIT_CODE" ]; then
|
||||||
|
if command -v brew > /dev/null; then
|
||||||
|
logg warn 'Homebrew was installed but part of the installation failed. Attempting to fix..'
|
||||||
|
BREW_DIRS="share/man share/doc share/zsh/site-functions etc/bash_completion.d"
|
||||||
|
for BREW_DIR in $BREW_DIRS; do
|
||||||
|
if [ -d "$(brew --prefix)/$BREW_DIR" ]; then
|
||||||
|
sudo chown -R "$(whoami)" "$(brew --prefix)/$BREW_DIR"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
brew update --force --quiet
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
ensurePackageManagerHomebrew
|
||||||
|
|
||||||
# Ensure dotfiles are present
|
### Install installer dependencies via Homebrew
|
||||||
if [ ! -f "$HOME/.local/bin/install-dotfiles" ]; then
|
if command -v brew > /dev/null; then
|
||||||
bash <(curl -sSL https://gitlab.com/megabyte-labs/misc/dotfiles/-/raw/master/dotfiles/.local/bin/install-dotfiles)
|
brew install chezmoi go-task/tap/go-task jq node yq zx
|
||||||
|
fi
|
||||||
|
|
||||||
|
### Ensure source files are present
|
||||||
|
if [ -d /usr/local/src/hiawatha ] && [ ! -w /usr/local/src/hiawatha ]; then
|
||||||
|
sudo chown -Rf "$USER":"$(id -g -n)" /usr/local/src/hiawatha
|
||||||
|
fi
|
||||||
|
if [ -d /usr/local/src/hiawatha/.git ]; then
|
||||||
|
git config pull.rebase false
|
||||||
|
git pull origin master
|
||||||
else
|
else
|
||||||
chmod +x "$HOME/.local/bin/install-dotfiles"
|
rm -rf /usr/local/src/hiawatha
|
||||||
install-dotfiles
|
sudo git clone https://gitlab.com/megabyte-labs/dotfiles.git /usr/local/src/hiawatha
|
||||||
|
chown -Rf "$USER":"$(id -g -n)" /usr/local/src/hiawatha
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Use run alias to invoke the `$HOME/.local/Taskfile.yml`
|
### Copy folders
|
||||||
if [ -z "$1" ]; then
|
find /usr/local/src/hiawatha -maxdepth 1 -mindepth 1 -type d | while read FOLDER; do
|
||||||
run localhost:provision
|
BASENAME="$(basename "$FOLDER")"
|
||||||
else
|
if [ ! -d "$HOME/$BASENAME" ]; then
|
||||||
run "localhost:provision:$1"
|
mkdir -p "$HOME/$BASENAME"
|
||||||
fi
|
fi
|
||||||
|
cp -rf "$FOLDER/"* "$HOME/$BASENAME"
|
||||||
|
done
|
||||||
|
|
||||||
|
### Copy files
|
||||||
|
find /usr/local/src/hiawatha -maxdepth 1 -mindepth 1 -type f | while read FILE; do
|
||||||
|
BASENAME="$(basename "$FILE")"
|
||||||
|
cp "$FILE" "$HOME/$BASENAME"
|
||||||
|
chmod 600 "$HOME/$BASENAME"
|
||||||
|
done
|
||||||
|
|
||||||
|
### Ensure ~/.local/bin files are executable
|
||||||
|
find "$HOME/.local/bin" -maxdepth 1 -mindepth 1 -type f | while read BINFILE; do
|
||||||
|
chmod +x "$BINFILE"
|
||||||
|
done
|
||||||
|
|
||||||
|
### Chezmoi
|
||||||
|
echo "Now run chezmoi init followed by chezmoi apply"
|
||||||
|
|
|
@ -1,16 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
if [ -f ~/.config/autostart/first-boot.desktop ]; then
|
|
||||||
rm ~/.config/autostart/first-boot.desktop
|
|
||||||
fi
|
|
||||||
|
|
||||||
if type qvm-run &> /dev/null; then
|
|
||||||
mkdir -p "$HOME/.local"
|
|
||||||
qvm-run --pass-io sys-firewall 'curl -sSL https://install.doctor/qubes' > "$HOME/.local/setup.sh" && bash "$HOME/.local/setup.sh"
|
|
||||||
elif [ -d '/Applications' ] && [ -d '/Users' ] && [ -d '/Library' ]; then
|
|
||||||
mkdir -p "$HOME/.local"
|
|
||||||
curl -sSL https://install.doctor/quickstart > "$HOME/.local/setup.sh" && bash "$HOME/.local/setup.sh"
|
|
||||||
elif [ -f '/etc/os-release' ]; then
|
|
||||||
mkdir -p "$HOME/.local"
|
|
||||||
curl -sSL https://install.doctor/quickstart > "$HOME/.local/setup.sh" && bash "$HOME/.local/setup.sh"
|
|
||||||
fi
|
|
|
@ -1,23 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
# Example: find . -type l -exec /path/tos/script {} +
|
|
||||||
|
|
||||||
set -e
|
|
||||||
|
|
||||||
for link; do
|
|
||||||
test -h "$link" || continue
|
|
||||||
|
|
||||||
dir=$(dirname "$link")
|
|
||||||
reltarget=$(readlink "$link")
|
|
||||||
case $reltarget in
|
|
||||||
/*) abstarget=$reltarget;;
|
|
||||||
*) abstarget=$dir/$reltarget;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
rm -fv "$link"
|
|
||||||
cp -afv "$abstarget" "$link" || {
|
|
||||||
# on failure, restore the symlink
|
|
||||||
rm -rfv "$link"
|
|
||||||
ln -sfv "$reltarget" "$link"
|
|
||||||
}
|
|
||||||
done
|
|
|
@ -1,6 +1,6 @@
|
||||||
# Hiawatha
|
# Hiawatha
|
||||||
|
|
||||||
This is a decked out dotfiles repository that leverages a handful of technologies including Chezmoi, Ansible, and ZX (for a custom installer that simplifies things and improves provision times). It is built to support Archlinux, Fedora, CentOS, Debian, Ubuntu, macOS, and Windows but you may see code that suggests other OSes will be supported as well. It includes themeing (most of the credit going to [Sweet](https://github.com/EliverLara/Sweet)) for KDE / GNOME / apps.
|
This is a decked out dotfiles repository that leverages a handful of technologies including Chezmoi, Ansible, and ZX to provision computers. It is built to support Archlinux, Fedora, CentOS, Debian, Ubuntu, macOS, and Windows but you may see code that suggests other OSes will be supported as well. It includes themeing (most of the credit going to [Sweet](https://github.com/EliverLara/Sweet)) for KDE / GNOME / apps.
|
||||||
|
|
||||||
To use these dotfiles and provision your computer with prompts (which can be made headless with environment variables):
|
To use these dotfiles and provision your computer with prompts (which can be made headless with environment variables):
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue