From 38341af5f0890f5001292b9ed23f34710a0bc455 Mon Sep 17 00:00:00 2001 From: Brian Zalewski <59970525+ProfessorManhattan@users.noreply.github.com> Date: Wed, 6 Dec 2023 02:50:29 +0000 Subject: [PATCH] Latest --- home/.chezmoidata.yaml | 1 - .../run_before_01-macos-privileges.sh.tmpl | 11 +++ ...nge_after_11-install-asdf-packages.sh.tmpl | 2 +- .../run_onchange_after_97-cloudflare.sh.tmpl | 8 +- home/dot_config/sheldon/plugins.bash.toml | 3 + home/dot_config/shell/bash/motd.bash | 1 + home/dot_local/bin/executable_install-program | 28 ++++--- .../sftpgo/{sftpgo.json => sftpgo.json.tmpl} | 0 software.yml | 81 ++++++++++++------- 9 files changed, 90 insertions(+), 45 deletions(-) rename home/dot_local/etc/sftpgo/{sftpgo.json => sftpgo.json.tmpl} (100%) diff --git a/home/.chezmoidata.yaml b/home/.chezmoidata.yaml index 4cc912b0..14d788c8 100644 --- a/home/.chezmoidata.yaml +++ b/home/.chezmoidata.yaml @@ -579,7 +579,6 @@ softwareGroups: - eul - firefox - flow-launcher - - fonts - gnome - iina - kvantum diff --git a/home/.chezmoiscripts/universal/run_before_01-macos-privileges.sh.tmpl b/home/.chezmoiscripts/universal/run_before_01-macos-privileges.sh.tmpl index 71d7f487..f019bd22 100644 --- a/home/.chezmoiscripts/universal/run_before_01-macos-privileges.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_before_01-macos-privileges.sh.tmpl @@ -36,5 +36,16 @@ ensureFullDiskAccess() { fi } +# @description Applies changes that require input from the user such as using Touch ID on macOS when +# importing certificates into the system keychain. +# +# * Ensures CloudFlare Teams certificate is imported into the system keychain +importCloudFlareCert() { + if [ -d /Applications ] && [ -d /System ] && [ -z "$HEADLESS_INSTALL" ]; then + logg info 'Importing Cloudflare_CA.crt into System.keychain' && sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" + fi +} + printFullDiskAccessNotice ensureFullDiskAccess +importCloudFlareCert diff --git a/home/.chezmoiscripts/universal/run_onchange_after_11-install-asdf-packages.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_11-install-asdf-packages.sh.tmpl index 26bbd6be..71b18483 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_11-install-asdf-packages.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_11-install-asdf-packages.sh.tmpl @@ -20,7 +20,7 @@ if [ -f "$ASDF_DIR/asdf.sh" ] && [ -f ~/.tool-versions ]; then logg info 'Sourcing asdf.sh' . ${ASDF_DIR}/asdf.sh cat .tool-versions | while read TOOL; do - logg info 'Installing ASDF plugin '"$(echo "$TOOL" | sed 's/ .*//')"'' && asdf plugin add "$(echo "$TOOL" | sed 's/ .*//')" > /dev/null && logg success "Successfully added $(echo "$TOOL" | sed 's/ .*//') via ASDF" + logg info 'Installing ASDF plugin '"$(echo "$TOOL" | sed 's/ .*//')"'' && asdf plugin add "$(echo "$TOOL" | sed 's/ .*//')" > /dev/null && logg info "Successfully added $(echo "$TOOL" | sed 's/ .*//') via ASDF" done # Only proceed with installation if either DEBUG_MODE is enabled or ~/.cache/megabyte-labs/asdf-install is missing # Added to save time between tests because PHP takes awhile to install diff --git a/home/.chezmoiscripts/universal/run_onchange_after_97-cloudflare.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_97-cloudflare.sh.tmpl index 024ec0c5..3f83f72f 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_97-cloudflare.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_97-cloudflare.sh.tmpl @@ -106,10 +106,10 @@ fi if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; then ### Ensure certificate installed on macOS if [ -z "$SSH_CONNECTION" ]; then - if [ -z "$HEADLESS_INSTALL" ]; then - logg info '**macOS Manual Security Permission** Requesting security authorization for Cloudflare trusted certificate' - sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" - fi + # if [ -z "$HEADLESS_INSTALL" ]; then + # logg info '**macOS Manual Security Permission** Requesting security authorization for Cloudflare trusted certificate' + # sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" + # fi logg info 'Updating the OpenSSL CA Store to include the Cloudflare certificate' echo | sudo tee -a /etc/ssl/cert.pem < "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" > /dev/null echo "" | sudo tee -a /etc/ssl/cert.pem diff --git a/home/dot_config/sheldon/plugins.bash.toml b/home/dot_config/sheldon/plugins.bash.toml index 3be9a36f..7bcdba06 100644 --- a/home/dot_config/sheldon/plugins.bash.toml +++ b/home/dot_config/sheldon/plugins.bash.toml @@ -18,5 +18,8 @@ shell = "bash" # [plugins.sheldon] # inline = 'sheldon() { sheldon completions --shell bash }' +[plugins.ngrok] +inline = 'ngrok() { ngrok completions }' + [plugins.wp] remote = "https://raw.githubusercontent.com/wp-cli/wp-cli/v2.7.1/utils/wp-completion.bash" diff --git a/home/dot_config/shell/bash/motd.bash b/home/dot_config/shell/bash/motd.bash index 3e59a887..d0716f3e 100644 --- a/home/dot_config/shell/bash/motd.bash +++ b/home/dot_config/shell/bash/motd.bash @@ -219,6 +219,7 @@ print_banner() { ### Information section if command -v neofetch > /dev/null; then + printf "\\n" neofetch else ## non-neofetch diff --git a/home/dot_local/bin/executable_install-program b/home/dot_local/bin/executable_install-program index 9638e1c9..3f0e60c8 100644 --- a/home/dot_local/bin/executable_install-program +++ b/home/dot_local/bin/executable_install-program @@ -1635,16 +1635,16 @@ async function updateService(service) { log('info', logStage, `There was an error starting / enabling the ${service} service with systemd`) try { if (brew) { - if (typeof brew === 'object' && brew.length) { - brew.forEach(x => { - runCommand(`Starting / enabling object array ${service} with Homebrew`, `${x.sudo ? 'sudo brew' : 'brew'} services start ${x.name}`) + if (typeof service === 'array') { + service.forEach(x => { + runCommand(`Starting / enabling object array ${x.name} with Homebrew`, `${x.sudo ? 'sudo brew' : 'brew'} services restart ${x.name}`) log('success', logStage, `Started / enabled the ${x.name} service with Homebrew`) }) - } else if (typeof brew === 'object') { - runCommand(`Starting / enabling object ${service} with Homebrew`, `${brew.sudo ? 'sudo brew' : 'brew'} services start ${brew.name}`) - log('success', logStage, `Started / enabled the ${brew.name} service with Homebrew`) + } else if (typeof service === 'object') { + runCommand(`Starting / enabling object ${service.name} with Homebrew`, `${service.sudo ? 'sudo brew' : 'brew'} services restart ${service.name}`) + log('success', logStage, `Started / enabled the ${service.name} service with Homebrew`) } else { - runCommand(`Starting / enabling ${service} with Homebrew`, `brew services start ${service}`) + runCommand(`Starting / enabling ${service} with Homebrew`, `brew services restart ${service}`) log('success', logStage, `Started / enabled the ${service} service with Homebrew`) } } else { @@ -1669,8 +1669,18 @@ async function updateService(service) { const brew = which.sync('brew', { nothrow: true }) if (brew) { try { - runCommand(`Starting / enabling ${service} with Homebrew`, `brew services start ${service}`) - log('success', logStage, `Started / enabled the ${service} service with Homebrew`) + if (typeof service === 'array') { + service.forEach(x => { + runCommand(`Starting / enabling object array ${x.name} with Homebrew`, `${x.sudo ? 'sudo brew' : 'brew'} services restart ${x.name}`) + log('success', logStage, `Started / enabled the ${x.name} service with Homebrew`) + }) + } else if (typeof service === 'object') { + runCommand(`Starting / enabling object ${service.name} with Homebrew`, `${service.sudo ? 'sudo brew' : 'brew'} services restart ${service.name}`) + log('success', logStage, `Started / enabled the ${service.name} service with Homebrew`) + } else { + runCommand(`Starting / enabling ${service} with Homebrew`, `brew services restart ${service}`) + log('success', logStage, `Started / enabled the ${service} service with Homebrew`) + } } catch (e) { log('error', logStage, `There was an error starting / enabling the ${service} Homebrew service`) console.error(e) diff --git a/home/dot_local/etc/sftpgo/sftpgo.json b/home/dot_local/etc/sftpgo/sftpgo.json.tmpl similarity index 100% rename from home/dot_local/etc/sftpgo/sftpgo.json rename to home/dot_local/etc/sftpgo/sftpgo.json.tmpl diff --git a/software.yml b/software.yml index 9653cf2f..628c7378 100644 --- a/software.yml +++ b/software.yml @@ -1255,7 +1255,9 @@ softwarePackages: _bin: openssl-osx-ca _github: https://github.com/raggi/openssl-osx-ca _name: OpenSSL macOS CA - _service:brew:darwin: openssl-osx-ca + _service:brew:darwin: + - name: openssl-osx-ca + sudo: true _serviceEnabled: true brew:darwin: raggi/ale/openssl-osx-ca meta-package-manager: @@ -1973,7 +1975,9 @@ softwarePackages: _service:apt: clamav-freshclam _service:dnf: clamd-freshclam _service:pacman: clamav-freshclam - _service:brew: clamav + _service:brew: + - name: clamav + sudo: true _serviceEnabled: true apt: - clamav @@ -3593,30 +3597,6 @@ softwarePackages: _name: fm github: github.com/mistakenelf/fm go: github.com/mistakenelf/fm@latest - fonts: - _deps: - - font-sfmono-nerd-font - - font-hack-nerd-font - - font-meslo-nerd-font - _bin: false - font-sfmono-nerd-font: - _bin: false - _github: null - _name: Nerd Font - _when:cask: '! brew list font-sf-mono-nerd-font' - cask: epk/epk/font-sf-mono-nerd-font - font-hack-nerd-font: - _bin: false - _github: null - _name: Hack Nerd Font - _when:cask: '! brew list font-hack-nerd-font' - cask: font-hack-nerd-font - font-meslo-nerd-font: - _bin: false - _github: null - _name: Meslo Nerd Font - _when:cask: '! brew list font-meslo-lg-nerd-font' - cask: font-meslo-lg-nerd-font metasploit: _github: https://github.com/rapid7/metasploit-framework _name: Metasploit Framework @@ -5862,6 +5842,7 @@ softwarePackages: _github: https://github.com/mpv-player/mpv _name: MPV _todo: This software does not run on macOS versions other than Mojave, Catalina, Big Sur and Ventura --- probably adding support - this issue will likely fix itself + _app: mpv.app brew: mpv cask: mpv choco: mpv @@ -6459,8 +6440,22 @@ softwarePackages: _home: https://www.netdata.cloud/ _name: Netdata _groups: - - netdata + - netdataif (typeof service === 'object' && brew.length) { + brew.forEach(x => { + runCommand(`Starting / enabling object array ${x.name} with Homebrew`, `${x.sudo ? 'sudo brew' : 'brew'} services start ${x.name}`) + log('success', logStage, `Started / enabled the ${x.name} service with Homebrew`) + }) + } else if (typeof service === 'object') { + runCommand(`Starting / enabling object ${service.name} with Homebrew`, `${service.sudo ? 'sudo brew' : 'brew'} services start ${service.name}`) + log('success', logStage, `Started / enabled the ${service.name} service with Homebrew`) + } else { + runCommand(`Starting / enabling ${service} with Homebrew`, `brew services start ${service}`) + log('success', logStage, `Started / enabled the ${service} service with Homebrew`) + } _service: netdata + _service:brew: + - name: netdata + sudo: true _serviceEnabled: true _deps: - debsecan @@ -7678,7 +7673,9 @@ softwarePackages: - protonvpn yay: protonvpn protonvpn-cli: - # TODO - Add seperate entry for openvpn (sudo brew services start openvpn) + _deps:script:darwin: + - dialog + - openvpn _bin: protonvpn _desc: The ProtonVPN CLI official release for Linux along with an unofficial ProtonVPN CLI for macOS _docs: null @@ -7689,7 +7686,30 @@ softwarePackages: apt: protonvpn-cli dnf: protonvpn-cli pacman: protonvpn-cli - script:darwin: brew install openvpn dialog python3 || true && sudo rm -rf /usr/local/src/protonvpn-cli && sudo git clone https://github.com/phx/protonvpn-cli-macos /usr/local/src/protonvpn-cli && cd /usr/local/src/protonvpn-cli && pip3 install -r requirements.txt && sudo python3 setup.py install + script:darwin: | + sudo rm -rf /usr/local/src/protonvpn-cli + sudo git clone https://github.com/phx/protonvpn-cli-macos /usr/local/src/protonvpn-cli + cd /usr/local/src/protonvpn-cli && pip3 install -r requirements.txt + sudo python3 setup.py install + openvpn: + _bin: openvpn + _github: https://github.com/OpenVPN/openvpn + _name: OpenVPN + apt: openvpn + dnf: openvpn + pacman: openvpn + choco: openvpn + brew: openvpn + dialog: + _bin: dialog + _github: false + _home: https://invisible-island.net/dialog/ + _name: Dialog + apt: dialog + dnf: dialog + pacman: dialog + choco: dialog + brew: dialog protonmail-bridge: _bin: protonmail-bridge _app: Proton Mail Bridge.app @@ -9643,11 +9663,12 @@ softwarePackages: _github: https://github.com/tfutils/tfenv _home: https://github.com/tfutils/tfenv _name: tfenv - _post: if ! command -v terraform > /dev/null; then tfenv use latest; fi + _post: tfenv use latest ansible:darwin: professormanhattan.tfenv ansible:linux: professormanhattan.tfenv brew: tfenv port: tfenv + yay: tfenv alda: _bin: alda _github: https://github.com/alda-lang/alda