Various tweaks
This commit is contained in:
parent
b4c15784d8
commit
59e2e956a8
24 changed files with 871 additions and 22535 deletions
426
docs/TODO.md
426
docs/TODO.md
|
@ -1,67 +1,67 @@
|
|||
|
||||
|
||||
xattr -d com.apple.quarantine rclone
|
||||
Create issue about setting up completions - https://github.com/rsteube/lazycomplete
|
||||
|
||||
# TODOs
|
||||
|
||||
This page outlines various projects and tasks that we are currently working on. Creating a GitHub issue for each of these items would be overkill.
|
||||
|
||||
* https://containertoolbx.org/install/
|
||||
* https://github.com/todotxt/todo.txt-cli
|
||||
* https://github.com/PromtEngineer/localGPT
|
||||
* https://github.com/StanGirard/quivr
|
||||
* https://github.com/containers/toolbox
|
||||
* [IP Fire](https://www.ipfire.org/) - Consider as alternative to pfSense on Qubes.
|
||||
* `git-credential-manager configure`
|
||||
* [`git-credential-manager` for WSL](https://github.com/git-ecosystem/git-credential-manager/blob/release/docs/wsl.md)
|
||||
* Configure Navi to automatically download and use the best cheat repositories
|
||||
* Google Drive index on Cloudflare https://github.com/menukaonline/goindex-extended
|
||||
* Go through https://github.com/jaywcjlove/awesome-mac
|
||||
* https://codesandbox.io/ https://github.com/firecracker-microvm/firecracker
|
||||
* (https://www.kolide.com/features/checks/mac-firewall)
|
||||
* Create IP set for CloudFlare [Title](https://firewalld.org/documentation/man-pages/firewalld.ipset.html)
|
||||
* https://chainner.app/
|
||||
* https://github.com/kyrolabs/awesome-langchain
|
||||
* Create seed for Lulu
|
||||
* https://github.com/essandess/macOS-Fortress
|
||||
* https://wakatime.com/plugins
|
||||
* https://github.com/containers/toolbox consider for p10k.zsh file
|
||||
* Figure out where Vector service fits in
|
||||
* Figure out if Squid can be used to improve web surfing speed
|
||||
* https://github.com/mumoshu/variant (With Task)
|
||||
* https://github.com/marshyski/quick-secure
|
||||
* https://www.haskell.org/ghcup/install/#how-to-install
|
||||
* https://github.com/material-shell/material-shell
|
||||
* https://github.com/arxanas/git-branchless
|
||||
* https://github.com/mumoshu/variant2
|
||||
* https://github.com/burnison/tasksync
|
||||
* https://github.com/Infisical/infisical
|
||||
* https://github.com/xwmx/nb
|
||||
* https://github.com/psychic-api/psychic
|
||||
* https://github.com/pimutils/vdirsyncer
|
||||
* https://github.com/librevault/librevault
|
||||
- Add Mamba
|
||||
- https://containertoolbx.org/install/
|
||||
- https://github.com/todotxt/todo.txt-cli
|
||||
- https://github.com/PromtEngineer/localGPT
|
||||
- https://github.com/StanGirard/quivr
|
||||
- https://github.com/containers/toolbox
|
||||
- [IP Fire](https://www.ipfire.org/) - Consider as alternative to pfSense on Qubes.
|
||||
- `git-credential-manager configure`
|
||||
- [`git-credential-manager` for WSL](https://github.com/git-ecosystem/git-credential-manager/blob/release/docs/wsl.md)
|
||||
- Configure Navi to automatically download and use the best cheat repositories
|
||||
- Google Drive index on Cloudflare https://github.com/menukaonline/goindex-extended
|
||||
- Go through https://github.com/jaywcjlove/awesome-mac
|
||||
- https://codesandbox.io/ https://github.com/firecracker-microvm/firecracker
|
||||
- (https://www.kolide.com/features/checks/mac-firewall)
|
||||
- Create IP set for CloudFlare [Title](https://firewalld.org/documentation/man-pages/firewalld.ipset.html)
|
||||
- https://chainner.app/
|
||||
- https://github.com/kyrolabs/awesome-langchain
|
||||
- Create seed for Lulu
|
||||
- https://github.com/essandess/macOS-Fortress
|
||||
- https://wakatime.com/plugins
|
||||
- https://github.com/containers/toolbox consider for p10k.zsh file
|
||||
- Figure out where Vector service fits in
|
||||
- Figure out if Squid can be used to improve web surfing speed
|
||||
- https://github.com/mumoshu/variant (With Task)
|
||||
- https://github.com/marshyski/quick-secure
|
||||
- https://www.haskell.org/ghcup/install/#how-to-install
|
||||
- https://github.com/material-shell/material-shell
|
||||
- https://github.com/arxanas/git-branchless
|
||||
- https://github.com/mumoshu/variant2
|
||||
- https://github.com/burnison/tasksync
|
||||
- https://github.com/Infisical/infisical
|
||||
- https://github.com/xwmx/nb
|
||||
- https://github.com/psychic-api/psychic
|
||||
- https://github.com/pimutils/vdirsyncer
|
||||
- https://github.com/librevault/librevault
|
||||
|
||||
## Upstream
|
||||
|
||||
The following items are things we would like to include into the Install Doctor system but are waiting on upstream changes.
|
||||
|
||||
* [Actions](https://github.com/sindresorhus/Actions) adds a wide-variety of actions that you can utilize with the macOS Shortcuts app. It is currently only available via the macOS app store. Requested a Homebrew Cask [here](https://github.com/sindresorhus/Actions/issues/127).
|
||||
* [Color Picker](https://github.com/sindresorhus/System-Color-Picker) is an improved color picker app available on macOS. It is currently only available via the macOS app store. Requested Homebrew Cask [here](https://github.com/sindresorhus/System-Color-Picker/issues/32).
|
||||
* Consider integrating [LocalAI](https://github.com/go-skynet/LocalAI) which can be used in combination with mods to generate ChatGPT responses locally
|
||||
* Wait for Homebrew install option for [Warpgate](https://github.com/warp-tech/warpgate)
|
||||
* Wait for https://github.com/hocus-dev/hocus to get out of alpha for VM management
|
||||
* Revisit https://github.com/rome/tools when project matures
|
||||
* Revisit https://github.com/Disassembler0/Win10-Initial-Setup-Script for initial setup of Windows
|
||||
* Revisit Resilio - seems like they have tools useful for synchronizing VMs
|
||||
* Consider switching license to [Polyform License Example](https://github.com/dosyago/DiskerNet/blob/fun/LICENSE.md)
|
||||
* Look into tile managers
|
||||
* https://github.com/joelbarmettlerUZH/auto-tinder
|
||||
* https://github.com/hfreire/get-me-a-date
|
||||
* Keep eye on fig.io for release to Linux and new AI features
|
||||
* Monitor https://moonrepo.dev/moon as possible mono-repo manager
|
||||
* Determine whether or not https://webinstall.dev/vim-gui/ will add value to the VIM experience
|
||||
* Wait for packages to be available for GitHub Actions https://github.com/actions/runner
|
||||
* Find best Figma plugins here: https://www.figma.com/community/popular
|
||||
- [Actions](https://github.com/sindresorhus/Actions) adds a wide-variety of actions that you can utilize with the macOS Shortcuts app. It is currently only available via the macOS app store. Requested a Homebrew Cask [here](https://github.com/sindresorhus/Actions/issues/127).
|
||||
- [Color Picker](https://github.com/sindresorhus/System-Color-Picker) is an improved color picker app available on macOS. It is currently only available via the macOS app store. Requested Homebrew Cask [here](https://github.com/sindresorhus/System-Color-Picker/issues/32).
|
||||
- Consider integrating [LocalAI](https://github.com/go-skynet/LocalAI) which can be used in combination with mods to generate ChatGPT responses locally
|
||||
- Wait for Homebrew install option for [Warpgate](https://github.com/warp-tech/warpgate)
|
||||
- Wait for https://github.com/hocus-dev/hocus to get out of alpha for VM management
|
||||
- Revisit https://github.com/rome/tools when project matures
|
||||
- Revisit https://github.com/Disassembler0/Win10-Initial-Setup-Script for initial setup of Windows
|
||||
- Revisit Resilio - seems like they have tools useful for synchronizing VMs
|
||||
- Consider switching license to [Polyform License Example](https://github.com/dosyago/DiskerNet/blob/fun/LICENSE.md)
|
||||
- Look into tile managers
|
||||
- https://github.com/joelbarmettlerUZH/auto-tinder
|
||||
- https://github.com/hfreire/get-me-a-date
|
||||
- Keep eye on fig.io for release to Linux and new AI features
|
||||
- Monitor https://moonrepo.dev/moon as possible mono-repo manager
|
||||
- Determine whether or not https://webinstall.dev/vim-gui/ will add value to the VIM experience
|
||||
- Wait for packages to be available for GitHub Actions https://github.com/actions/runner
|
||||
- Find best Figma plugins here: https://www.figma.com/community/popular
|
||||
|
||||
## Review
|
||||
|
||||
|
@ -69,201 +69,185 @@ The following links include software that need to be reviewed before including t
|
|||
|
||||
### Caddy
|
||||
|
||||
* https://authp.github.io/
|
||||
* https://github.com/caddy-dns/cloudflare
|
||||
* https://github.com/caddyserver/xcaddy
|
||||
* https://github.com/luisfarzati/localdots
|
||||
* https://github.com/mholt/caddy-dynamicdns
|
||||
* https://github.com/caddyserver/cache-handler
|
||||
* https://github.com/tailscale/caddy-tailscale
|
||||
* https://github.com/caddyserver/replace-response
|
||||
* https://github.com/lindenlab/caddy-s3-proxy
|
||||
* https://github.com/greenpau/caddy-git
|
||||
* https://github.com/mholt/caddy-embed
|
||||
* https://github.com/nathan-osman/caddy-docker
|
||||
- https://authp.github.io/
|
||||
- https://github.com/caddy-dns/cloudflare
|
||||
- https://github.com/caddyserver/xcaddy
|
||||
- https://github.com/luisfarzati/localdots
|
||||
- https://github.com/mholt/caddy-dynamicdns
|
||||
- https://github.com/caddyserver/cache-handler
|
||||
- https://github.com/tailscale/caddy-tailscale
|
||||
- https://github.com/caddyserver/replace-response
|
||||
- https://github.com/lindenlab/caddy-s3-proxy
|
||||
- https://github.com/greenpau/caddy-git
|
||||
- https://github.com/mholt/caddy-embed
|
||||
- https://github.com/nathan-osman/caddy-docker
|
||||
|
||||
## Docker
|
||||
|
||||
The following items are Docker containers that we may want to include as default containers deployed in our system.
|
||||
|
||||
* https://github.com/highlight/highlight
|
||||
* https://github.com/jitsi/jitsi-videobridge
|
||||
* https://github.com/gitlabhq/gitlabhq
|
||||
* https://github.com/opf/openproject
|
||||
* https://github.com/mastodon/mastodon
|
||||
* https://github.com/huginn/huginn
|
||||
* https://github.com/chatwoot/chatwoot
|
||||
* https://github.com/discourse/discourse
|
||||
* [Title](https://github.com/sipt/shuttle)
|
||||
* https://github.com/erxes/erxes - CRM
|
||||
* https://github.com/pawelmalak/flame - Homepage
|
||||
* https://github.com/thelounge/thelounge - IRC
|
||||
* https://github.com/vector-im/element-web - Matrix
|
||||
* https://github.com/outline/outline - Collaborative MD
|
||||
* https://github.com/nocodb/nocodb - MySQL Spreadsheet
|
||||
* https://github.com/excalidraw/excalidraw - Hand-drawn Diagrams
|
||||
* https://github.com/ansible/awx - AWX Ansible Management
|
||||
* https://github.com/mergestat/mergestat - Git SQL Queries
|
||||
* https://docs.rundeck.com/docs/administration/install/installing-rundeck.html - Rundeck (Self-Service Desk)
|
||||
* https://easypanel.io/ - App deployments
|
||||
* https://www.activepieces.com/docs/install/docker
|
||||
* https://github.com/activepieces/activepieces - SaaS Automations
|
||||
* https://github.com/diced/zipline - ShareX / File uploads
|
||||
* https://github.com/anse-app/anse - ChatGPT interface
|
||||
* https://github.com/wireapp/wire-webapp - Internal Slack
|
||||
* https://github.com/jhaals/yopass - OTS web app https://github.com/algolia/sup3rS3cretMes5age
|
||||
* https://github.com/aschzero/hera - CloudFlare tunnel proxy
|
||||
* https://supabase.com/ - Firebase alternative
|
||||
* https://github.com/tiredofit/docker-traefik-cloudflare-companion - Traefik CloudFlare integration
|
||||
* https://github.com/erxes/erxes - HubSpot alternative
|
||||
* https://github.com/pawelmalak/flame - Start page
|
||||
* https://github.com/m1k1o/neko - Docker browser instance
|
||||
* https://github.com/gristlabs/grist-core - Modern spreadsheet
|
||||
* https://maddy.email/ / https://github.com/haraka/Haraka
|
||||
* https://github.com/umputun/remark42 - Comments
|
||||
* https://github.com/meienberger/runtipi - Home server
|
||||
* https://github.com/bytebase/bytebase
|
||||
* https://github.com/IceWhaleTech/CasaOS - Home page https://github.com/ajnart/homarr https://github.com/phntxx/dashboard
|
||||
* https://github.com/usememos/memos - Memo page
|
||||
* https://github.com/outline/outline - Team notes
|
||||
* https://github.com/directus/directus - SQL
|
||||
* https://github.com/photoprism/photoprism - AI photo manager
|
||||
* https://github.com/louislam/uptime-kuma - Uptime monitor
|
||||
* https://github.com/nocodb/nocodb - Airtable alternative
|
||||
* https://github.com/timvisee/send
|
||||
* https://github.com/TechnitiumSoftware/DnsServer - DNS proxy server
|
||||
* https://github.com/lukevella/rallly - Schedule meetings
|
||||
* https://github.com/chiefonboarding/ChiefOnboarding - Onboarding
|
||||
* Microserver status page - https://github.com/valeriansaliou/vigil
|
||||
* https://github.com/pydio/cells - document sharing
|
||||
* ticket management - https://github.com/Peppermint-Lab/peppermint
|
||||
* https://github.com/statping-ng/statping-ng
|
||||
* https://github.com/cortezaproject/corteza - Low-code block workflows
|
||||
* https://github.com/mirego/accent#-getting-started - Translation tool
|
||||
* https://github.com/muety/wakapi - Coding time tracking
|
||||
* https://github.com/subnub/myDrive - Google Drive interface
|
||||
* https://github.com/Forceu/Gokapi - share files
|
||||
* https://github.com/gerbera/gerbera - UPnP
|
||||
* Forward server SSH - https://github.com/warp-tech/warpgate
|
||||
* https://github.com/hadmean/hadmean - Revisit
|
||||
* https://spaceb.in/ - Pastebin https://github.com/WantGuns/bin
|
||||
* https://github.com/AlexSciFier/neonlink - bookmarks
|
||||
* https://github.com/josdejong/jsoneditor - JSON editor
|
||||
* https://github.com/AppFlowy-IO/AppFlowy - Notion alternative
|
||||
* https://github.com/apitable/apitable
|
||||
* https://github.com/mattermost/mattermost
|
||||
* https://github.com/duolingo/metasearch
|
||||
* https://github.com/withspectrum/spectrum
|
||||
* https://github.com/NginxProxyManager/nginx-proxy-manager
|
||||
* https://github.com/node-red/node-red
|
||||
* https://www.overleaf.com/
|
||||
* https://github.com/caprover/caprover
|
||||
* [Title](https://github.com/xemle/home-gallery)
|
||||
* [Title](https://github.com/chartbrew/chartbrew)
|
||||
* [Title](https://github.com/AlexSciFier/neonlink)
|
||||
* [Title](https://github.com/ForestAdmin/lumber)
|
||||
* [Title](https://github.com/subnub/myDrive)
|
||||
* [Title](https://github.com/mickael-kerjean/filestash)
|
||||
* [Title](https://github.com/GetStream/Winds)
|
||||
* [Title](https://github.com/GladysAssistant/Gladys)
|
||||
- https://github.com/highlight/highlight
|
||||
- https://github.com/jitsi/jitsi-videobridge
|
||||
- https://github.com/gitlabhq/gitlabhq
|
||||
- https://github.com/opf/openproject
|
||||
- https://github.com/mastodon/mastodon
|
||||
- https://github.com/huginn/huginn
|
||||
- https://github.com/chatwoot/chatwoot
|
||||
- https://github.com/discourse/discourse
|
||||
- [Title](https://github.com/sipt/shuttle)
|
||||
- https://github.com/erxes/erxes - CRM
|
||||
- https://github.com/pawelmalak/flame - Homepage
|
||||
- https://github.com/thelounge/thelounge - IRC
|
||||
- https://github.com/vector-im/element-web - Matrix
|
||||
- https://github.com/outline/outline - Collaborative MD
|
||||
- https://github.com/nocodb/nocodb - MySQL Spreadsheet
|
||||
- https://github.com/excalidraw/excalidraw - Hand-drawn Diagrams
|
||||
- https://github.com/ansible/awx - AWX Ansible Management
|
||||
- https://github.com/mergestat/mergestat - Git SQL Queries
|
||||
- https://docs.rundeck.com/docs/administration/install/installing-rundeck.html - Rundeck (Self-Service Desk)
|
||||
- https://easypanel.io/ - App deployments
|
||||
- https://www.activepieces.com/docs/install/docker
|
||||
- https://github.com/activepieces/activepieces - SaaS Automations
|
||||
- https://github.com/diced/zipline - ShareX / File uploads
|
||||
- https://github.com/anse-app/anse - ChatGPT interface
|
||||
- https://github.com/wireapp/wire-webapp - Internal Slack
|
||||
- https://github.com/jhaals/yopass - OTS web app https://github.com/algolia/sup3rS3cretMes5age
|
||||
- https://github.com/aschzero/hera - CloudFlare tunnel proxy
|
||||
- https://supabase.com/ - Firebase alternative
|
||||
- https://github.com/tiredofit/docker-traefik-cloudflare-companion - Traefik CloudFlare integration
|
||||
- https://github.com/erxes/erxes - HubSpot alternative
|
||||
- https://github.com/pawelmalak/flame - Start page
|
||||
- https://github.com/m1k1o/neko - Docker browser instance
|
||||
- https://github.com/gristlabs/grist-core - Modern spreadsheet
|
||||
- https://maddy.email/ / https://github.com/haraka/Haraka
|
||||
- https://github.com/umputun/remark42 - Comments
|
||||
- https://github.com/meienberger/runtipi - Home server
|
||||
- https://github.com/bytebase/bytebase
|
||||
- https://github.com/IceWhaleTech/CasaOS - Home page https://github.com/ajnart/homarr https://github.com/phntxx/dashboard
|
||||
- https://github.com/usememos/memos - Memo page
|
||||
- https://github.com/outline/outline - Team notes
|
||||
- https://github.com/directus/directus - SQL
|
||||
- https://github.com/photoprism/photoprism - AI photo manager
|
||||
- https://github.com/louislam/uptime-kuma - Uptime monitor
|
||||
- https://github.com/nocodb/nocodb - Airtable alternative
|
||||
- https://github.com/timvisee/send
|
||||
- https://github.com/TechnitiumSoftware/DnsServer - DNS proxy server
|
||||
- https://github.com/lukevella/rallly - Schedule meetings
|
||||
- https://github.com/chiefonboarding/ChiefOnboarding - Onboarding
|
||||
- Microserver status page - https://github.com/valeriansaliou/vigil
|
||||
- https://github.com/pydio/cells - document sharing
|
||||
- ticket management - https://github.com/Peppermint-Lab/peppermint
|
||||
- https://github.com/statping-ng/statping-ng
|
||||
- https://github.com/cortezaproject/corteza - Low-code block workflows
|
||||
- https://github.com/mirego/accent#-getting-started - Translation tool
|
||||
- https://github.com/muety/wakapi - Coding time tracking
|
||||
- https://github.com/subnub/myDrive - Google Drive interface
|
||||
- https://github.com/Forceu/Gokapi - share files
|
||||
- https://github.com/gerbera/gerbera - UPnP
|
||||
- Forward server SSH - https://github.com/warp-tech/warpgate
|
||||
- https://github.com/hadmean/hadmean - Revisit
|
||||
- https://spaceb.in/ - Pastebin https://github.com/WantGuns/bin
|
||||
- https://github.com/AlexSciFier/neonlink - bookmarks
|
||||
- https://github.com/josdejong/jsoneditor - JSON editor
|
||||
- https://github.com/AppFlowy-IO/AppFlowy - Notion alternative
|
||||
- https://github.com/apitable/apitable
|
||||
- https://github.com/mattermost/mattermost
|
||||
- https://github.com/duolingo/metasearch
|
||||
- https://github.com/withspectrum/spectrum
|
||||
- https://github.com/NginxProxyManager/nginx-proxy-manager
|
||||
- https://github.com/node-red/node-red
|
||||
- https://www.overleaf.com/
|
||||
- https://github.com/caprover/caprover
|
||||
- [Title](https://github.com/xemle/home-gallery)
|
||||
- [Title](https://github.com/chartbrew/chartbrew)
|
||||
- [Title](https://github.com/AlexSciFier/neonlink)
|
||||
- [Title](https://github.com/ForestAdmin/lumber)
|
||||
- [Title](https://github.com/subnub/myDrive)
|
||||
- [Title](https://github.com/mickael-kerjean/filestash)
|
||||
- [Title](https://github.com/GetStream/Winds)
|
||||
- [Title](https://github.com/GladysAssistant/Gladys)
|
||||
|
||||
## AI
|
||||
|
||||
* https://github.com/hwchase17/langchain
|
||||
* https://github.com/facebookresearch/ImageBind
|
||||
* https://github.com/nomic-ai/gpt4all
|
||||
- https://github.com/hwchase17/langchain
|
||||
- https://github.com/facebookresearch/ImageBind
|
||||
- https://github.com/nomic-ai/gpt4all
|
||||
|
||||
### Kubernetes
|
||||
|
||||
The following items may be incorporated into our Kubernetes stack:
|
||||
|
||||
* https://github.com/kubevirt/kubevirt
|
||||
* https://atuin.sh/docs/self-hosting/k8s
|
||||
* https://github.com/gimlet-io/gimlet
|
||||
* https://github.com/porter-dev/porter
|
||||
* https://github.com/spacecloud-io/space-cloud
|
||||
* https://github.com/meilisearch/meilisearch
|
||||
- https://github.com/kubevirt/kubevirt
|
||||
- https://atuin.sh/docs/self-hosting/k8s
|
||||
- https://github.com/gimlet-io/gimlet
|
||||
- https://github.com/porter-dev/porter
|
||||
- https://github.com/spacecloud-io/space-cloud
|
||||
- https://github.com/meilisearch/meilisearch
|
||||
|
||||
## Bare Metal
|
||||
|
||||
The projects below are software systems that might be incorporated to handle bare-metal operations or virtual machine management.
|
||||
|
||||
* https://theforeman.org/ (VM management)
|
||||
* https://fogproject.org/ (Backup solution)
|
||||
* https://github.com/apache/cloudstack (VM management)
|
||||
* https://www.ovirt.org/ (VM management)
|
||||
* https://opennebula.io/ (Hybrid-cloud management)
|
||||
* https://github.com/cloud-hypervisor/cloud-hypervisor (Cloud hypervisor)
|
||||
- https://theforeman.org/ (VM management)
|
||||
- https://fogproject.org/ (Backup solution)
|
||||
- https://github.com/apache/cloudstack (VM management)
|
||||
- https://www.ovirt.org/ (VM management)
|
||||
- https://opennebula.io/ (Hybrid-cloud management)
|
||||
- https://github.com/cloud-hypervisor/cloud-hypervisor (Cloud hypervisor)
|
||||
|
||||
## Revisit
|
||||
|
||||
The following items have been reviewed but need to be revisited due to complexity or other reasons.
|
||||
|
||||
* https://github.com/AmruthPillai/Reactive-Resume
|
||||
* https://github.com/kubeflow/kubeflow
|
||||
* https://github.com/leon-ai/leon
|
||||
* https://github.com/teambit/bit
|
||||
* https://github.com/Budibase/budibase
|
||||
* https://github.com/appsmithorg/appsmith
|
||||
* https://github.com/refined-github/refined-github
|
||||
* https://github.com/reworkd/AgentGPT
|
||||
* https://github.com/appwrite/appwrite
|
||||
* https://github.com/hoppscotch/hoppscotch
|
||||
* builder.io
|
||||
* https://github.com/hocus-dev/hocus
|
||||
* https://github.com/Kanaries/Rath
|
||||
* cvat.io
|
||||
* https://github.com/illacloud/illa-builder
|
||||
* https://github.com/KnowledgeCanvas/knowledge
|
||||
* https://github.com/siyuan-note/siyuan
|
||||
* https://github.com/shuttle-hq/shuttle
|
||||
* https://github.com/open-hand/choerodon
|
||||
* https://github.com/1backend/1backend
|
||||
* https://github.com/redkubes/otomi-core
|
||||
* https://github.com/yunionio/cloudpods
|
||||
* https://github.com/tkestack/tke
|
||||
* https://www.rancher.com/
|
||||
* https://github.com/OpenNebula/one /. https://github.com/OpenNebula/minione
|
||||
* https://github.com/ConvoyPanel/panel
|
||||
* https://github.com/hashicorp/nomad
|
||||
* [Title](https://github.com/Soft/xcolor)
|
||||
* [Title](https://github.com/Xpra-org/xpra)
|
||||
* [Title](https://github.com/ksnip/ksnip)
|
||||
* [Title](https://github.com/leftwm/leftwm)
|
||||
* [Title](https://github.com/polybar/polybar)
|
||||
* [Title](https://github.com/kingToolbox/WindTerm)
|
||||
* [Title](https://github.com/hyprwm/Hypr)
|
||||
* [Title](https://github.com/Sygil-Dev/sygil-webui)
|
||||
* [Title](https://github.com/psychic-api/psychic)
|
||||
* [Title](https://github.com/telekom-security/tpotce)
|
||||
* [Title](https://flathub.org/apps/com.airtame.Client)
|
||||
* [Title](https://github.com/Aloxaf/fzf-tab)
|
||||
[Title](https://github.com/haproxy/haproxy)
|
||||
* [Title](https://frappeframework.com/docs/v14/user/en/installation)
|
||||
* [
|
||||
|
||||
- https://github.com/AmruthPillai/Reactive-Resume
|
||||
- https://github.com/kubeflow/kubeflow
|
||||
- https://github.com/leon-ai/leon
|
||||
- https://github.com/teambit/bit
|
||||
- https://github.com/Budibase/budibase
|
||||
- https://github.com/appsmithorg/appsmith
|
||||
- https://github.com/refined-github/refined-github
|
||||
- https://github.com/reworkd/AgentGPT
|
||||
- https://github.com/appwrite/appwrite
|
||||
- https://github.com/hoppscotch/hoppscotch
|
||||
- builder.io
|
||||
- https://github.com/hocus-dev/hocus
|
||||
- https://github.com/Kanaries/Rath
|
||||
- cvat.io
|
||||
- https://github.com/illacloud/illa-builder
|
||||
- https://github.com/KnowledgeCanvas/knowledge
|
||||
- https://github.com/siyuan-note/siyuan
|
||||
- https://github.com/shuttle-hq/shuttle
|
||||
- https://github.com/open-hand/choerodon
|
||||
- https://github.com/1backend/1backend
|
||||
- https://github.com/redkubes/otomi-core
|
||||
- https://github.com/yunionio/cloudpods
|
||||
- https://github.com/tkestack/tke
|
||||
- https://www.rancher.com/
|
||||
- https://github.com/OpenNebula/one /. https://github.com/OpenNebula/minione
|
||||
- https://github.com/ConvoyPanel/panel
|
||||
- https://github.com/hashicorp/nomad
|
||||
- [Title](https://github.com/Soft/xcolor)
|
||||
- [Title](https://github.com/Xpra-org/xpra)
|
||||
- [Title](https://github.com/ksnip/ksnip)
|
||||
- [Title](https://github.com/leftwm/leftwm)
|
||||
- [Title](https://github.com/polybar/polybar)
|
||||
- [Title](https://github.com/kingToolbox/WindTerm)
|
||||
- [Title](https://github.com/hyprwm/Hypr)
|
||||
- [Title](https://github.com/Sygil-Dev/sygil-webui)
|
||||
- [Title](https://github.com/psychic-api/psychic)
|
||||
- [Title](https://github.com/telekom-security/tpotce)
|
||||
- [Title](https://flathub.org/apps/com.airtame.Client)
|
||||
- [Title](https://github.com/Aloxaf/fzf-tab)
|
||||
[Title](https://github.com/haproxy/haproxy)
|
||||
- [Title](https://frappeframework.com/docs/v14/user/en/installation)
|
||||
- [
|
||||
|
||||
](https://github.com/stringer-rss/stringer)
|
||||
|
||||
## Sources
|
||||
|
||||
* [Title](https://gist.github.com/pmkay/e09034971b6f23214fd9f95a3e6d1c44)
|
||||
|
||||
## Bash
|
||||
|
||||
* https://github.com/shellfire-dev/shellfire
|
||||
* https://github.com/joehillen/sysz
|
||||
* https://github.com/eth-p/bat-extras
|
||||
* https://github.com/ddworken/hishtory
|
||||
* https://github.com/sloria/doitlive
|
||||
* https://github.com/ncarlier/webhookd
|
||||
* https://github.com/0xacx/chatGPT-shell-cli
|
||||
* https://github.com/hectorm/hblock https://github.com/tanrax/maza-ad-blocking
|
||||
* https://github.com/rossmacarthur/sheldon
|
||||
|
||||
## Bookmarks
|
||||
|
||||
* https://cheatsheets.zip/
|
||||
- https://cheatsheets.zip/
|
||||
|
||||
## Windows
|
||||
|
||||
* https://github.com/DDoSolitary/LxRunOffline
|
||||
- https://github.com/DDoSolitary/LxRunOffline
|
||||
|
|
|
@ -7,6 +7,7 @@ githubLocation: https://github.com/megabyte-labs/install.doctor/blob/master/home
|
|||
scriptLocation: https://github.com/megabyte-labs/install.doctor/raw/master/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl
|
||||
repoLocation: home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl
|
||||
---
|
||||
|
||||
# CloudFlare WARP
|
||||
|
||||
Installs CloudFlare WARP, ensures proper security certificates are in place, and connects the device to CloudFlare WARP.
|
||||
|
@ -41,10 +42,8 @@ an MDM SaaS provider like JumpCloud.
|
|||
|
||||
## Links
|
||||
|
||||
* [Linux managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/dot_config/warp/private_mdm.xml.tmpl)
|
||||
* [macOS managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/Library/Managed%20Preferences/private_com.cloudflare.warp.plist.tmpl)
|
||||
|
||||
|
||||
- [Linux managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/dot_config/warp/private_mdm.xml.tmpl)
|
||||
- [macOS managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/Library/Managed%20Preferences/private_com.cloudflare.warp.plist.tmpl)
|
||||
|
||||
## Source Code
|
||||
|
||||
|
@ -136,9 +135,9 @@ fi
|
|||
# Source: https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.pem
|
||||
if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; then
|
||||
### Ensure certificate installed on macOS
|
||||
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.crt"
|
||||
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt"
|
||||
if [ -f /usr/local/etc/ca-certificates/cert.pem ]; then
|
||||
echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /usr/local/etc/ca-certificates/cert.pem
|
||||
echo | sudo cat - "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" >> /usr/local/etc/ca-certificates/cert.pem
|
||||
else
|
||||
logg error 'Unable to add `Cloudflare_CA.pem` because `/usr/local/etc/ca-certificates/cert.pem` does not exist!' && exit 1
|
||||
fi
|
||||
|
@ -156,7 +155,7 @@ if command -v warp-cli > /dev/null; then
|
|||
sudo mkdir -p /var/lib/cloudflare-warp
|
||||
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/warp/mdm.xml" /var/lib/cloudflare-warp/mdm.xml
|
||||
fi
|
||||
|
||||
|
||||
### Register CloudFlare WARP
|
||||
if warp-cli --accept-tos status | grep 'Registration missing' > /dev/null; then
|
||||
logg info 'Registering CloudFlare WARP'
|
||||
|
|
|
@ -7,6 +7,7 @@ githubLocation: https://github.com/megabyte-labs/install.doctor/blob/master/home
|
|||
scriptLocation: https://github.com/megabyte-labs/install.doctor/raw/master/home/dot_config/shell/motd.sh.tmpl
|
||||
repoLocation: home/dot_config/shell/motd.sh.tmpl
|
||||
---
|
||||
|
||||
# MOTD
|
||||
|
||||
Incorporates the MOTD functionality that is leveraged by the `~/.bashrc` and `~/.zshrc` files
|
||||
|
@ -16,8 +17,6 @@ Incorporates the MOTD functionality that is leveraged by the `~/.bashrc` and `~/
|
|||
This script is included by `~/.bashrc` and `~/.zshrc` to print a MOTD whenever a terminal session
|
||||
is invoked.
|
||||
|
||||
|
||||
|
||||
## Source Code
|
||||
|
||||
```
|
||||
|
@ -31,9 +30,9 @@ is invoked.
|
|||
### MOTD
|
||||
# Add file named .hushlogin in the user's home directory to disable the MOTD
|
||||
if [ "$BASH_SUPPORT" = 'true' ] && [ ! -f ~/.hushlogin ] && [ "$SHLVL" -eq 1 ]; then
|
||||
if [ -f "$HOME/.local/scripts/motd.bash" ] && { [ -n "$SSH_CONNECTION" ] && [[ $- == *i* ]]; } || command -v qubes-vmexec > /dev/null || command -v qubes-dom0-update > /dev/null || { [ -d /Applications ] && [ -d /System ]; }; then
|
||||
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config/shell/bash/motd.bash" ] && { [ -n "$SSH_CONNECTION" ] && [[ $- == *i* ]]; } || command -v qubes-vmexec > /dev/null || command -v qubes-dom0-update > /dev/null || { [ -d /Applications ] && [ -d /System ]; }; then
|
||||
if { [ -z "$MOTD" ] || [ "$MOTD" -ne 0 ]; } && [[ "$(hostname)" != *'-minimal' ]]; then
|
||||
. "$HOME/.local/scripts/motd.bash"
|
||||
. "${XDG_CONFIG_HOME:-$HOME/.config/shell/bash/motd.bash"
|
||||
# TODO - -- services
|
||||
if [ -n "$SSH_CONNECTION" ]; then
|
||||
# SSH
|
||||
|
|
|
@ -255,6 +255,7 @@ softwareGroups:
|
|||
- bash-completion
|
||||
- bandwhich
|
||||
- bat
|
||||
- bat-extras
|
||||
- bottom
|
||||
- broot
|
||||
- carapace
|
||||
|
@ -316,6 +317,7 @@ softwareGroups:
|
|||
- rm-improved
|
||||
- rsync
|
||||
- sd
|
||||
- sheldon
|
||||
- solargraph
|
||||
- sql-language-server
|
||||
- task
|
||||
|
@ -351,6 +353,7 @@ softwareGroups:
|
|||
- desed
|
||||
- difftastic
|
||||
- dockutil
|
||||
- doitlive
|
||||
- duti
|
||||
- emplace
|
||||
- emoj
|
||||
|
@ -469,6 +472,7 @@ softwareGroups:
|
|||
- ledger-live
|
||||
- onlykey
|
||||
DNS: &DNS
|
||||
- blocky
|
||||
- hostctl
|
||||
- iodine
|
||||
- switchhosts
|
||||
|
|
|
@ -1,36 +1,33 @@
|
|||
{{- $refreshPeriod := "240h" }}
|
||||
### VIM Plugins
|
||||
{{- $vimPlugins := .softwarePlugins.vim.plugins }}
|
||||
{{- range $vimPlugin := $vimPlugins }}
|
||||
{{- $folderName := trimSuffix ".git" (last (splitList "/" $vimPlugin)) }}
|
||||
[".local/share/vim/plugged/{{ $folderName }}"]
|
||||
type = "git-repo"
|
||||
url = "{{ $vimPlugin }}"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
clone.args = ["--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
{{- end }}
|
||||
### coc.nvim VIM plugin requires custom branch "release"
|
||||
[".local/share/vim/plugged/coc.nvim"]
|
||||
type = "git-repo"
|
||||
url = "https://github.com/neoclide/coc.nvim.git"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
clone.args = ["--branch", "release", "--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
|
||||
### CloudFlare WARP Certificates
|
||||
[".local/share/warp/Cloudflare_CA.crt"]
|
||||
######################################
|
||||
### Security Certificates ############
|
||||
######################################
|
||||
|
||||
### CloudFlare
|
||||
[".local/etc/ssl/cloudflare/cloudflare/Cloudflare_CA.crt"]
|
||||
type = "file"
|
||||
url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt"
|
||||
[".local/share/warp/Cloudflare_CA.pem"]
|
||||
[".local/etc/ssl/cloudflare/cloudflare/Cloudflare_CA.pem"]
|
||||
type = "file"
|
||||
url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.pem"
|
||||
|
||||
### Curl / Google Cloud SDK
|
||||
[".local/share/curl/cacert.pem"]
|
||||
### cURL / Google Cloud SDK
|
||||
[".local/etc/ssl/curl/cacert.pem"]
|
||||
type = "file"
|
||||
url = "https://curl.se/ca/cacert.pem"
|
||||
|
||||
### GPG
|
||||
[".gnupg/gpg.conf"]
|
||||
type = "file"
|
||||
url = "https://raw.githubusercontent.com/drduh/config/master/gpg.conf"
|
||||
|
||||
### Vagrant
|
||||
[".ssh/authorized_keys.vagrant"]
|
||||
type = "file"
|
||||
url = "https://raw.githubusercontent.com/hashicorp/vagrant/main/keys/vagrant.pub"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
|
||||
### Update scripts
|
||||
[".local/bin/update"]
|
||||
type = "git-repo"
|
||||
|
@ -63,7 +60,14 @@
|
|||
clone.args = ["--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
|
||||
### Shell
|
||||
### Shellfire
|
||||
[".local/src/shellfire"]
|
||||
type = "git-repo"
|
||||
url = "https://github.com/shellfire-dev/shellfire.git"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
clone.args = ["--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
|
||||
[".config/desktop/gnome.yml"]
|
||||
type = "file"
|
||||
url = "https://gitlab.com/megabyte-labs/gas-station/-/raw/master/environments/prod/group_vars/all/defaults.yml"
|
||||
|
@ -244,12 +248,6 @@
|
|||
# url = "https://github.com/typicode/husky/raw/main/husky.sh"
|
||||
# refreshPeriod = "{{ $refreshPeriod }}"
|
||||
|
||||
### GPG
|
||||
[".gnupg/gpg.conf"]
|
||||
type = "file"
|
||||
url = "https://raw.githubusercontent.com/drduh/config/master/gpg.conf"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
|
||||
### Taskfiles
|
||||
[".local/share/shared-common"]
|
||||
type = "git-repo"
|
||||
|
@ -403,55 +401,14 @@
|
|||
clone.args = ["--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
|
||||
### Vagrant
|
||||
[".ssh/authorized_keys.vagrant"]
|
||||
type = "file"
|
||||
url = "https://raw.githubusercontent.com/hashicorp/vagrant/main/keys/vagrant.pub"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
|
||||
### Neovim
|
||||
[".config/nvim"]
|
||||
type = "git-repo"
|
||||
url = "https://github.com/AstroNvim/AstroNvim.git"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
clone.args = ["--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
[".config/nvim/lua/user"]
|
||||
type = "git-repo"
|
||||
url = "https://github.com/megabyte-labs/AstronVim.git"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
clone.args = ["--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
|
||||
{{- if and (eq .chezmoi.os "linux") (not .host.headless) }}
|
||||
### Rofi
|
||||
[".local/share/fonts/GrapeNuts-Regular.ttf"]
|
||||
type = "file"
|
||||
url = "https://github.com/adi1090x/rofi/raw/master/fonts/GrapeNuts-Regular.ttf"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
[".local/share/fonts/Icomoon-Feather.ttf"]
|
||||
type = "file"
|
||||
url = "https://github.com/adi1090x/rofi/raw/master/fonts/Icomoon-Feather.ttf"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
[".local/share/fonts/Iosevka-Nerd-Font-Complete.ttf"]
|
||||
type = "file"
|
||||
url = "https://github.com/adi1090x/rofi/raw/master/fonts/Iosevka-Nerd-Font-Complete.ttf"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
[".local/share/fonts/JetBrains-Mono-Nerd-Font-Complete.ttf"]
|
||||
type = "file"
|
||||
url = "https://github.com/adi1090x/rofi/raw/master/fonts/JetBrains-Mono-Nerd-Font-Complete.ttf"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
[".config/rofi"]
|
||||
type = "archive"
|
||||
url = "https://github.com/adi1090x/rofi/archive/refs/heads/master.tar.gz"
|
||||
exact = true
|
||||
stripComponents = 2
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
include = ["applets/**", "colors/**", "images/**", "launchers/**", "powermenu/**", "scripts/**", "config.rasi"]
|
||||
{{- end }}
|
||||
######################################
|
||||
### Fonts ############################
|
||||
######################################
|
||||
|
||||
### Hack Nerd Font
|
||||
{{- if not .host.headless }}
|
||||
### Hack Nerd Font Download
|
||||
{{- $refreshPeriod := "4800h" }}
|
||||
{{- $fontDir := "" }}
|
||||
{{- $fontUrlBase := "https://github.com/ryanoasis/nerd-fonts/raw/master/patched-fonts/Hack"}}
|
||||
|
@ -479,7 +436,7 @@
|
|||
url = "{{ $fontUrlBase }}/BoldItalic/HackNerdFont-BoldItalic.ttf"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
|
||||
### Montserrat Font Download
|
||||
### Montserrat Font
|
||||
{{- $fontUrlBase := "https://github.com/JulietaUla/Montserrat/raw/master/fonts/ttf/Montserrat-"}}
|
||||
{{- $fonts := list "Black" "BlackItalic" "Bold" "BoldItalic" "ExtraBold" "ExtraBoldItalic" "ExtraLight" "ExtraLightItalic" "Italic" "Light" "LightItalic" "Medium" "MediumItalic" "Regular" "SemiBold" "SemiBoldItalic" "Thin" "ThinItalic" }}
|
||||
{{- range $font := $fonts }}
|
||||
|
@ -489,7 +446,7 @@
|
|||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
{{- end }}
|
||||
|
||||
### ZillaSlab Font Download
|
||||
### ZillaSlab Font
|
||||
{{- $fontUrlBase := "https://github.com/typotheque/zilla-slab/raw/master/fonts_TTF/ZillaSlab"}}
|
||||
{{- $fonts := list "-Bold" "-BoldItalic" "-Italic" "-Light" "-LightItalic" "-Medium" "-MediumItalic" "-Regular" "-SemiBold" "-SemiBoldItalic" "Highlight-Bold" "Highlight-Regular" }}
|
||||
{{- range $font := $fonts }}
|
||||
|
@ -499,3 +456,70 @@
|
|||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
######################################
|
||||
### Rofi #############################
|
||||
######################################
|
||||
|
||||
{{- if and (eq .chezmoi.os "linux") (not .host.headless) }}
|
||||
[".local/share/fonts/GrapeNuts-Regular.ttf"]
|
||||
type = "file"
|
||||
url = "https://github.com/adi1090x/rofi/raw/master/fonts/GrapeNuts-Regular.ttf"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
[".local/share/fonts/Icomoon-Feather.ttf"]
|
||||
type = "file"
|
||||
url = "https://github.com/adi1090x/rofi/raw/master/fonts/Icomoon-Feather.ttf"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
[".local/share/fonts/Iosevka-Nerd-Font-Complete.ttf"]
|
||||
type = "file"
|
||||
url = "https://github.com/adi1090x/rofi/raw/master/fonts/Iosevka-Nerd-Font-Complete.ttf"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
[".local/share/fonts/JetBrains-Mono-Nerd-Font-Complete.ttf"]
|
||||
type = "file"
|
||||
url = "https://github.com/adi1090x/rofi/raw/master/fonts/JetBrains-Mono-Nerd-Font-Complete.ttf"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
[".config/rofi"]
|
||||
type = "archive"
|
||||
url = "https://github.com/adi1090x/rofi/archive/refs/heads/master.tar.gz"
|
||||
exact = true
|
||||
stripComponents = 2
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
include = ["applets/**", "colors/**", "images/**", "launchers/**", "powermenu/**", "scripts/**", "config.rasi"]
|
||||
{{- end }}
|
||||
|
||||
######################################
|
||||
### VIM / NVIM #######################
|
||||
######################################
|
||||
|
||||
### VIM
|
||||
{{- $vimPlugins := .softwarePlugins.vim.plugins }}
|
||||
{{- range $vimPlugin := $vimPlugins }}
|
||||
{{- $folderName := trimSuffix ".git" (last (splitList "/" $vimPlugin)) }}
|
||||
[".local/share/vim/plugged/{{ $folderName }}"]
|
||||
type = "git-repo"
|
||||
url = "{{ $vimPlugin }}"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
clone.args = ["--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
{{- end }}
|
||||
# coc.nvim VIM plugin requires custom branch "release"
|
||||
[".local/share/vim/plugged/coc.nvim"]
|
||||
type = "git-repo"
|
||||
url = "https://github.com/neoclide/coc.nvim.git"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
clone.args = ["--branch", "release", "--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
|
||||
### NVIM
|
||||
[".config/nvim"]
|
||||
type = "git-repo"
|
||||
url = "https://github.com/AstroNvim/AstroNvim.git"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
clone.args = ["--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
[".config/nvim/lua/user"]
|
||||
type = "git-repo"
|
||||
url = "https://github.com/megabyte-labs/AstronVim.git"
|
||||
refreshPeriod = "{{ $refreshPeriod }}"
|
||||
clone.args = ["--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
|
|
|
@ -107,22 +107,23 @@ if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; th
|
|||
### Ensure certificate installed on macOS
|
||||
if [ ! -n "$SSH_CONNECTION" ]; then
|
||||
logg info 'Requesting security authorization for Cloudflare trusted certificate'
|
||||
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.crt"
|
||||
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt"
|
||||
logg info 'Updating the OpenSSL CA Store to include the Cloudflare certificate'
|
||||
echo | sudo tee -a /etc/ssl/cert.pem < "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" > /dev/null
|
||||
echo | sudo tee -a /etc/ssl/cert.pem < "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" > /dev/null
|
||||
echo "" | sudo tee -a /etc/ssl/cert.pem
|
||||
else
|
||||
logg warn 'Session is SSH so adding Cloudflare encryption key to trusted certificates via the security program is being bypassed since it requires Touch ID / Password verification.'
|
||||
fi
|
||||
if [ -d "/usr/local/etc/openssl@3/certs" ]; then
|
||||
# Location on Intel macOS
|
||||
logg info 'Adding Cloudflare certificate to `/usr/local/etc/openssl@3/certs/Cloudflare_CA.pem`'
|
||||
echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /usr/local/etc/openssl@3/certs/Cloudflare_CA.pem
|
||||
echo | sudo cat - "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" >> /usr/local/etc/openssl@3/certs/Cloudflare_CA.pem
|
||||
logg info 'Running `/usr/local/opt/openssl@3/bin/c_rehash`'
|
||||
/usr/local/opt/openssl@3/bin/c_rehash > /dev/null && logg success 'OpenSSL certificate rehash successful'
|
||||
elif [ -d "/opt/homebrew/etc/openssl@3/certs" ]; then
|
||||
# Location on arm64 macOS
|
||||
logg info 'Adding Cloudflare certificate to `/opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem`'
|
||||
echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem
|
||||
echo | sudo cat - "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" >> /opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem
|
||||
logg info 'Running `/opt/homebrew/opt/openssl@3/bin/c_rehash`'
|
||||
/opt/homebrew/opt/openssl@3/bin/c_rehash > /dev/null && logg success 'OpenSSL certificate rehash successful'
|
||||
else
|
||||
|
@ -133,7 +134,7 @@ elif command -v warp-cli > /dev/null; then
|
|||
if command -v dpkg-reconfigure > /dev/null; then
|
||||
if [ -d /usr/local/share/ca-certificates ]; then
|
||||
logg info 'Copying CloudFlare Teams PEM file to /usr/local/share/ca-certificates/Cloudflare_CA.crt'
|
||||
sudo cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" /usr/local/share/ca-certificates/Cloudflare_CA.crt
|
||||
sudo cp -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" /usr/local/share/ca-certificates/Cloudflare_CA.crt
|
||||
logg info '`dpkg-reconfigure` executable detected so using Debian/Ubuntu method of updating system trusted certificates to include CloudFlare Teams certificate'
|
||||
sudo dpkg-reconfigure ca-certificates
|
||||
else
|
||||
|
@ -142,7 +143,7 @@ elif command -v warp-cli > /dev/null; then
|
|||
elif command -v update-ca-trust > /dev/null; then
|
||||
if [ -d /etc/pki/ca-trust/source/anchors ]; then
|
||||
logg info 'Copying CloudFlare Teams certificates to /etc/pki/ca-trust/source/anchors'
|
||||
sudo cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.crt" "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" /etc/pki/ca-trust/source/anchors
|
||||
sudo cp -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" /etc/pki/ca-trust/source/anchors
|
||||
logg info '`update-ca-trust` executable detected so using CentOS/Fedora method of updating system trusted certificates to include CloudFlare Teams certificate'
|
||||
sudo update-ca-trust
|
||||
else
|
||||
|
@ -158,27 +159,27 @@ if command -v warp-cli > /dev/null; then
|
|||
# certificate and the WARP client is not running.
|
||||
### Git
|
||||
if command -v git > /dev/null; then
|
||||
logg info "Configuring git to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem""
|
||||
git config --global http.sslcainfo "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem"
|
||||
logg info "Configuring git to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem""
|
||||
git config --global http.sslcainfo "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem"
|
||||
fi
|
||||
|
||||
### NPM
|
||||
if command -v npm > /dev/null; then
|
||||
logg info "Configuring npm to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem""
|
||||
npm config set cafile "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem"
|
||||
logg info "Configuring npm to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem""
|
||||
npm config set cafile "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem"
|
||||
fi
|
||||
|
||||
### Python
|
||||
if command -v python3 > /dev/null; then
|
||||
logg info "Configuring python3 / python to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem""
|
||||
echo | cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> $(python3 -m certifi)
|
||||
logg info "Configuring python3 / python to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem""
|
||||
echo | cat - "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" >> $(python3 -m certifi)
|
||||
fi
|
||||
|
||||
### Google Cloud SDK
|
||||
if command -v gcloud > /dev/null; then
|
||||
logg info "Configuring gcloud to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" and "${XDG_DATA_HOME:-$HOME/.local/share}/curl/cacert.pem""
|
||||
mkdir -p "${XDG_DATA_HOME:-$HOME/.local/share}/gcloud"
|
||||
cat "${XDG_DATA_HOME:-$HOME/.local/share}/curl/cacert.pem" "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" > "${XDG_DATA_HOME:-$HOME/.local/share}/gcloud/ca.pem"
|
||||
logg info "Configuring gcloud to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" and "${XDG_DATA_HOME:-$HOME/.local/share}/curl/cacert.pem""
|
||||
mkdir -p "$HOME/.local/etc/ssl/gcloud"
|
||||
cat "$HOME/.local/etc/ssl/curl/cacert.pem" "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" > "$HOME/.local/etc/ssl/gcloud/ca.pem"
|
||||
gcloud config set core/custom_ca_certs_file "${XDG_DATA_HOME:-$HOME/.local/share}/gcloud/ca.pem"
|
||||
fi
|
||||
|
||||
|
@ -187,7 +188,7 @@ if command -v warp-cli > /dev/null; then
|
|||
if [ -d "/Applications/Google Drive.app/Contents/Resources" ]; then
|
||||
logg info "Combining Google Drive roots.pem with CloudFlare certificate"
|
||||
mkdir -p "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive"
|
||||
cat "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" "/Applications/Google Drive.app/Contents/Resources/roots.pem" >> "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive/roots.pem"
|
||||
cat "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" "/Applications/Google Drive.app/Contents/Resources/roots.pem" >> "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive/roots.pem"
|
||||
sudo defaults write /Library/Preferences/com.google.drivefs.settings TrustedRootsCertsFile -string "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive/roots.pem"
|
||||
else
|
||||
logg warn 'Google Drive.app installed but roots.pem is not available yet'
|
||||
|
|
7
home/.chezmoitemplates/secrets/CLOUDFLARE_API_TOKEN
Normal file
7
home/.chezmoitemplates/secrets/CLOUDFLARE_API_TOKEN
Normal file
|
@ -0,0 +1,7 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRaEoxNFRxb015U0d0R05Z
|
||||
WGZGSVgyeDJ2QUtDR2VxanRWTE1COVlJRUdzCjNuc3R1MytaQUN5cjlJVXpSNkpj
|
||||
c05Ta3NHb2ZpMlJhQ3h6K2E5bHFleU0KLS0tIEFhcURJUGRZeW9TNjVNY21QYTBG
|
||||
TnIvR0ptVXo5YmlTZFBFclZLK0tLWE0KCTd/BG2CGNx6gaQJ3xeP5MkuGjyom9C3
|
||||
udQnA+qcd07fgL49FVFXIMT1Wod7XQcZjin2aCH6hHBtVOysRim0YRSyEpm+o/wD
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -18,10 +18,14 @@ if [ -t 1 ]; then
|
|||
### Pre-exec
|
||||
# Source: https://github.com/rcaloras/bash-preexec
|
||||
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/shell/bash/pre-exec.bash" ]; then
|
||||
export __bp_enable_subshells="true"
|
||||
# export __bp_enable_subshells="true"
|
||||
. "${XDG_CONFIG_HOME:-$HOME/.config}/shell/bash/pre-exec.bash"
|
||||
preexec() { echo "just typed $1"; }
|
||||
precmd() { echo "printing the prompt"; }
|
||||
preexec() {
|
||||
true
|
||||
}
|
||||
precmd() {
|
||||
true
|
||||
}
|
||||
fi
|
||||
|
||||
### Java (asdf)
|
||||
|
@ -79,7 +83,6 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
|
|||
fi
|
||||
|
||||
### Bash Completion (Homebrew)
|
||||
autoload -U +X bashcompinit && bashcompinit
|
||||
if command -v brew > /dev/null; then
|
||||
if [[ -r "${HOMEBREW_PREFIX}/etc/profile.d/bash_completion.sh" ]]; then
|
||||
source "${HOMEBREW_PREFIX}/etc/profile.d/bash_completion.sh"
|
||||
|
@ -125,43 +128,6 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
|
|||
### Fig
|
||||
[ ! -f "$HOME/.fig/shell/bashrc.post.bash" ] || . "$HOME/.fig/shell/bashrc.post.bash"
|
||||
|
||||
### Mamba Forge (Faster Conda Drop-In Replacement)
|
||||
# TODO: Add logic for Linux
|
||||
if [ -f /usr/local/Caskroom/mambaforge/base/bin/conda ]; then
|
||||
# >>> conda initialize >>>
|
||||
# !! Contents within this block are managed by 'conda init' !!
|
||||
__conda_setup="$('/usr/local/Caskroom/mambaforge/base/bin/conda' 'shell.bash' 'hook' 2> /dev/null)"
|
||||
if [ $? -eq 0 ]; then
|
||||
eval "$__conda_setup"
|
||||
else
|
||||
if [ -f "/usr/local/Caskroom/mambaforge/base/etc/profile.d/conda.sh" ]; then
|
||||
. "/usr/local/Caskroom/mambaforge/base/etc/profile.d/conda.sh"
|
||||
else
|
||||
export PATH="/usr/local/Caskroom/mambaforge/base/bin:$PATH"
|
||||
fi
|
||||
fi
|
||||
unset __conda_setup
|
||||
# <<< conda initialize <<<
|
||||
fi
|
||||
|
||||
### Micro-Mamba
|
||||
# Generate command: micromamba shell init -s bash -p "${XDG_DATA_HOME:-$HOME/.local/share}/micromamba"
|
||||
# TODO: Ensure Linux support
|
||||
if [ -f /usr/local/bin/micromamba ]; then
|
||||
# >>> mamba initialize >>>
|
||||
# !! Contents within this block are managed by 'mamba init' !!
|
||||
export MAMBA_EXE='/usr/local/bin/micromamba';
|
||||
export MAMBA_ROOT_PREFIX="${XDG_DATA_HOME:-$HOME/.local/share}/micromamba";
|
||||
__mamba_setup="$("$MAMBA_EXE" shell hook --shell bash --root-prefix "$MAMBA_ROOT_PREFIX" 2> /dev/null)"
|
||||
if [ $? -eq 0 ]; then
|
||||
eval "$__mamba_setup"
|
||||
else
|
||||
alias micromamba="$MAMBA_EXE" # Fallback on help from mamba activate
|
||||
fi
|
||||
unset __mamba_setup
|
||||
# <<< mamba initialize <<<
|
||||
fi
|
||||
|
||||
### Navi (Ctrl+G)
|
||||
! command -v navi > /dev/null || eval "$(navi widget bash)"
|
||||
|
||||
|
@ -174,6 +140,10 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
|
|||
source "$SDKMAN_DIR/bin/sdkman-init.sh"
|
||||
fi
|
||||
|
||||
### Sheldon
|
||||
export SHELDON_CONFIG_FILE="$SHELDON_CONFIG_DIR/plugins.bash.toml"
|
||||
! command -v sheldon > /dev/null || eval "$(sheldon source)"
|
||||
|
||||
### Up
|
||||
[ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" ] || source "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh"
|
||||
|
||||
|
|
336
home/dot_config/libvirt/run_onchange_after_97-cloudflare.sh.tmpl
Normal file
336
home/dot_config/libvirt/run_onchange_after_97-cloudflare.sh.tmpl
Normal file
|
@ -0,0 +1,336 @@
|
|||
{{- if (ne .host.distro.family "windows") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file CloudFlare WARP and CloudFlare Argo Tunnels
|
||||
# @brief Installs CloudFlare WARP, ensures proper security certificates are in place, and connects the device to CloudFlare WARP. Also sets up Argo Tunnels.
|
||||
# @description
|
||||
# This script is intended to connect the device to CloudFlare's Zero Trust network with nearly all of its features unlocked.
|
||||
# Homebrew is used to install the `warp-cli` on macOS. On Linux, it can install `warp-cli` on most Debian systems and some RedHat
|
||||
# systems. CloudFlare WARP's [download page](https://pkg.cloudflareclient.com/packages/cloudflare-warp) is somewhat barren.
|
||||
#
|
||||
# ## MDM Configuration
|
||||
#
|
||||
# If CloudFlare WARP successfully installs, it first applies MDM configurations (managed configurations). If you would like CloudFlare
|
||||
# WARP to connect completely headlessly (while losing some "user-posture" settings), then you can populate the following three secrets:
|
||||
#
|
||||
# 1. `CLOUDFLARE_TEAMS_CLIENT_ID` - The ID from a CloudFlare Teams service token. See [this article](https://developers.cloudflare.com/cloudflare-one/identity/service-tokens/).
|
||||
# 2. `CLOUDFLARE_TEAMS_CLIENT_SECRET` - The secret from a CloudFlare Teams service token.
|
||||
# 3. `CLOUDFLARE_TEAMS_ORG` - The ID of your Zero Trust organization. This variable must be passed in as an environment variable and is housed in the `home/.chezmoi.yaml.tmpl` file. If you do not want to pass an environment variable, you can change the default value in `home/.chezmoi.yaml.tmpl` on your own fork.
|
||||
#
|
||||
# The two variables above can be passed in using either of the methods described in the [Secrets documentation](https://install.doctor/docs/customization/secrets).
|
||||
#
|
||||
# ## Headless CloudFlare WARP Connection
|
||||
#
|
||||
# Even if you do not provide the two variables mentioned above, the script will still headlessly connect your device to the public CloudFlare WARP
|
||||
# network, where you will get some of the benefits of a VPN for free. Otherwise, if they were passed in, then the script
|
||||
# finishes by connecting to CloudFlare Teams.
|
||||
#
|
||||
# ## Application Certificates
|
||||
#
|
||||
# This script applies the techniques described on the [CloudFlare Zero Trust Install certificate manually page](https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/user-side-certificates/install-cloudflare-cert/)
|
||||
# to configure the following utilities that leverage seperate certificate authorities:
|
||||
#
|
||||
# * Python
|
||||
# * NPM
|
||||
# * Git
|
||||
# * Google Cloud SDK
|
||||
# * AWS CLI
|
||||
# * Google Drive for desktop
|
||||
#
|
||||
# Settings used to configure Firefox are housed inside of the Firefox configuration files stored as seperate configuration files
|
||||
# outside of this script. **Note: The scripts that enable CloudFlare certificates for all these programs are currently commented out
|
||||
# in this script.**
|
||||
#
|
||||
# ## Notes
|
||||
#
|
||||
# According to CloudFlare Teams [documentation on MDM deployment](https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/),
|
||||
# on macOS the `com.cloudflare.warp.plist` file gets erased on reboot. Also, according to the documentation, the only way around this is to leverage
|
||||
# an MDM SaaS provider like JumpCloud.
|
||||
#
|
||||
# ## Links
|
||||
#
|
||||
# * [Linux managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/dot_config/warp/private_mdm.xml.tmpl)
|
||||
# * [macOS managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/Library/Managed%20Preferences/private_com.cloudflare.warp.plist.tmpl)
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
||||
### Install CloudFlare WARP (on non-WSL *nix systems)
|
||||
if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
|
||||
if [ -d /System ] && [ -d /Applications ]; then
|
||||
### Install on macOS
|
||||
if [ ! -d "/Applications/Cloudflare WARP.app" ]; then
|
||||
brew install --cask cloudflare-warp
|
||||
else
|
||||
logg info 'Cloudflare WARP already installed'
|
||||
fi
|
||||
elif [ '{{ .host.distro.id }}' = 'debian' ]; then
|
||||
### Add CloudFlare WARP desktop app apt-get source
|
||||
if [ ! -f /etc/apt/sources.list.d/cloudflare-client.list ]; then
|
||||
logg info 'Adding CloudFlare WARP keyring'
|
||||
curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
|
||||
logg info 'Adding apt source reference'
|
||||
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
|
||||
fi
|
||||
|
||||
### Update apt-get and install the CloudFlare WARP CLI
|
||||
sudo apt-get update && sudo apt-get install -y cloudflare-warp
|
||||
elif [ '{{ .host.distro.id }}' = 'ubuntu' ]; then
|
||||
### Add CloudFlare WARP desktop app apt-get source
|
||||
if [ ! -f /etc/apt/sources.list.d/cloudflare-client.list ]; then
|
||||
logg info 'Adding CloudFlare WARP keyring'
|
||||
curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
|
||||
logg info 'Adding apt source reference'
|
||||
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
|
||||
fi
|
||||
|
||||
### Update apt-get and install the CloudFlare WARP CLI
|
||||
sudo apt-get update && sudo apt-get install -y cloudflare-warp
|
||||
elif command -v dnf > /dev/null && command -v rpm > /dev/null; then
|
||||
### This is made for CentOS 8 and works on Fedora 36 (hopefully 36+ as well) with `nss-tools` as a dependency
|
||||
sudo dnf instal -y nss-tools || NSS_TOOL_EXIT=$?
|
||||
if [ -n "$NSS_TOOL_EXIT" ]; then
|
||||
logg warn 'Unable to install `nss-tools` which was a requirement on Fedora 36 and assumed to be one on other systems as well.'
|
||||
fi
|
||||
### According to the download site, this is the only version available for RedHat-based systems
|
||||
sudo rpm -ivh https://pkg.cloudflareclient.com/cloudflare-release-el8.rpm || RPM_EXIT_CODE=$?
|
||||
if [ -n "$RPM_EXIT_CODE" ]; then
|
||||
logg error 'Unable to install CloudFlare WARP using RedHat 8 RPM package'
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
### Ensure certificate is installed
|
||||
# Source: https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt
|
||||
# Source: https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.pem
|
||||
if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; then
|
||||
### Ensure certificate installed on macOS
|
||||
if [ ! -n "$SSH_CONNECTION" ]; then
|
||||
logg info 'Requesting security authorization for Cloudflare trusted certificate'
|
||||
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt"
|
||||
logg info 'Updating the OpenSSL CA Store to include the Cloudflare certificate'
|
||||
echo | sudo tee -a /etc/ssl/cert.pem < "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" > /dev/null
|
||||
echo "" | sudo tee -a /etc/ssl/cert.pem
|
||||
else
|
||||
logg warn 'Session is SSH so adding Cloudflare encryption key to trusted certificates via the security program is being bypassed since it requires Touch ID / Password verification.'
|
||||
fi
|
||||
if [ -d "/usr/local/etc/openssl@3/certs" ]; then
|
||||
# Location on Intel macOS
|
||||
logg info 'Adding Cloudflare certificate to `/usr/local/etc/openssl@3/certs/Cloudflare_CA.pem`'
|
||||
echo | sudo cat - "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" >> /usr/local/etc/openssl@3/certs/Cloudflare_CA.pem
|
||||
logg info 'Running `/usr/local/opt/openssl@3/bin/c_rehash`'
|
||||
/usr/local/opt/openssl@3/bin/c_rehash > /dev/null && logg success 'OpenSSL certificate rehash successful'
|
||||
elif [ -d "/opt/homebrew/etc/openssl@3/certs" ]; then
|
||||
# Location on arm64 macOS
|
||||
logg info 'Adding Cloudflare certificate to `/opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem`'
|
||||
echo | sudo cat - "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" >> /opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem
|
||||
logg info 'Running `/opt/homebrew/opt/openssl@3/bin/c_rehash`'
|
||||
/opt/homebrew/opt/openssl@3/bin/c_rehash > /dev/null && logg success 'OpenSSL certificate rehash successful'
|
||||
else
|
||||
logg warn 'Unable to add `Cloudflare_CA.pem` because `/usr/local/etc/openssl@3/certs` and `/opt/homebrew/etc/openssl@3/certs` do not exist!'
|
||||
fi
|
||||
elif command -v warp-cli > /dev/null; then
|
||||
# System is Linux
|
||||
if command -v dpkg-reconfigure > /dev/null; then
|
||||
if [ -d /usr/local/share/ca-certificates ]; then
|
||||
logg info 'Copying CloudFlare Teams PEM file to /usr/local/share/ca-certificates/Cloudflare_CA.crt'
|
||||
sudo cp -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" /usr/local/share/ca-certificates/Cloudflare_CA.crt
|
||||
logg info '`dpkg-reconfigure` executable detected so using Debian/Ubuntu method of updating system trusted certificates to include CloudFlare Teams certificate'
|
||||
sudo dpkg-reconfigure ca-certificates
|
||||
else
|
||||
logg warn
|
||||
fi
|
||||
elif command -v update-ca-trust > /dev/null; then
|
||||
if [ -d /etc/pki/ca-trust/source/anchors ]; then
|
||||
logg info 'Copying CloudFlare Teams certificates to /etc/pki/ca-trust/source/anchors'
|
||||
sudo cp -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" /etc/pki/ca-trust/source/anchors
|
||||
logg info '`update-ca-trust` executable detected so using CentOS/Fedora method of updating system trusted certificates to include CloudFlare Teams certificate'
|
||||
sudo update-ca-trust
|
||||
else
|
||||
logg warn '/etc/pki/ca-trust/source/anchors does not exist so skipping the system certificate update process'
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
if command -v warp-cli > /dev/null; then
|
||||
### Application certificate configuration
|
||||
# Application-specific certificate authority modification is currently commented out because
|
||||
# it is merely for traffic inspection and `npm install` fails when configured to use the CloudFlare
|
||||
# certificate and the WARP client is not running.
|
||||
### Git
|
||||
if command -v git > /dev/null; then
|
||||
logg info "Configuring git to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem""
|
||||
git config --global http.sslcainfo "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem"
|
||||
fi
|
||||
|
||||
### NPM
|
||||
if command -v npm > /dev/null; then
|
||||
logg info "Configuring npm to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem""
|
||||
npm config set cafile "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem"
|
||||
fi
|
||||
|
||||
### Python
|
||||
if command -v python3 > /dev/null; then
|
||||
logg info "Configuring python3 / python to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem""
|
||||
echo | cat - "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" >> $(python3 -m certifi)
|
||||
fi
|
||||
|
||||
### Google Cloud SDK
|
||||
if command -v gcloud > /dev/null; then
|
||||
logg info "Configuring gcloud to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" and "${XDG_DATA_HOME:-$HOME/.local/share}/curl/.local/etc/ssl/cloudflare""
|
||||
mkdir -p "$HOME/.local/etc/ssl/gcloud"
|
||||
cat "$HOME/.local/etc/ssl/curl/.local/etc/ssl/cloudflare" "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" > "$HOME/.local/etc/ssl/gcloud/ca.pem"
|
||||
gcloud config set core/custom_ca_certs_file "${XDG_DATA_HOME:-$HOME/.local/share}/gcloud/ca.pem"
|
||||
fi
|
||||
|
||||
### Google Drive for desktop (macOS)
|
||||
if [ -d "/Applications/Google Drive.app" ]; then
|
||||
if [ -d "/Applications/Google Drive.app/Contents/Resources" ]; then
|
||||
logg info "Combining Google Drive roots.pem with CloudFlare certificate"
|
||||
mkdir -p "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive"
|
||||
cat "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" "/Applications/Google Drive.app/Contents/Resources/roots.pem" >> "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive/roots.pem"
|
||||
sudo defaults write /Library/Preferences/com.google.drivefs.settings TrustedRootsCertsFile -string "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive/roots.pem"
|
||||
else
|
||||
logg warn 'Google Drive.app installed but roots.pem is not available yet'
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
### Ensure MDM settings are applied (deletes after reboot on macOS)
|
||||
### TODO: Ensure `.plist` can be added to `~/Library/Managed Preferences` and not just `/Library/Managed Preferences`
|
||||
# Source: https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/
|
||||
# Source for JumpCloud: https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/CloudflareWARP.mobileconfig
|
||||
if [ -d /System ] && [ -d /Applications ]; then
|
||||
sudo cp -f "$HOME/Library/Managed Preferences/com.cloudflare.warp.plist" '/Library/Managed Preferences/com.cloudflare.warp.plist'
|
||||
sudo plutil -convert binary1 '/Library/Managed Preferences/com.cloudflare.warp.plist'
|
||||
|
||||
### Enable CloudFlare WARP credentials auto-populate (since file is deleted when not managed with MDM)
|
||||
if [ -f "$HOME/Library/LaunchDaemons/com.cloudflare.warp.plist" ] && [ ! -f "/Library/LaunchDaemons/com.cloudflare.warp.plist" ]; then
|
||||
sudo mkdir -p /Library/LaunchDaemons
|
||||
sudo cp -f "$HOME/Library/LaunchDaemons/com.cloudflare.warp.plist" '/Library/LaunchDaemons/com.cloudflare.warp.plist'
|
||||
sudo launchctl load "/Library/LaunchDaemons/com.cloudflare.warp.plist"
|
||||
fi
|
||||
elif [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/warp/mdm.xml" ]; then
|
||||
sudo mkdir -p /var/lib/cloudflare-warp
|
||||
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/warp/mdm.xml" /var/lib/cloudflare-warp/mdm.xml
|
||||
fi
|
||||
|
||||
### Register CloudFlare WARP
|
||||
if warp-cli --accept-tos status | grep 'Registration missing' > /dev/null; then
|
||||
logg info 'Registering CloudFlare WARP'
|
||||
warp-cli --accept-tos register
|
||||
else
|
||||
logg info 'Either there is a misconfiguration or the device is already registered with CloudFlare WARP'
|
||||
fi
|
||||
|
||||
### Connect CloudFlare WARP
|
||||
if warp-cli --accept-tos status | grep 'Disconnected' > /dev/null; then
|
||||
logg info 'Connecting to CloudFlare WARP'
|
||||
warp-cli --accept-tos connect > /dev/null && logg success 'Connected to CloudFlare WARP'
|
||||
else
|
||||
logg info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP'
|
||||
fi
|
||||
else
|
||||
logg warn '`warp-cli` was not installed so CloudFlare WARP cannot be joined'
|
||||
fi
|
||||
|
||||
{{- $registrationToken := "" }}
|
||||
echo "{{ .host.hostname }}"
|
||||
echo "{{ joinPath .host.home ".config" "age" "chezmoi.txt" }}"
|
||||
echo "{{ joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname }}"
|
||||
echo "{{ stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname) }}"
|
||||
{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname)) -}}
|
||||
echo "IN HEREEE"
|
||||
{{- $registrationToken = (includeTemplate (print "cloudflared/" .host.hostname) | decrypt) -}}
|
||||
{{- end }}
|
||||
### Set up CloudFlare tunnels
|
||||
echo 'Registration token debug:'
|
||||
echo -n '{{ includeTemplate (print "cloudflared/" .host.hostname) | decrypt }}'
|
||||
echo "ZZZZZZZZZZZZ"
|
||||
echo ""
|
||||
echo ""
|
||||
echo -n '{{ $registrationToken }}'
|
||||
echo ""
|
||||
echo "OOOOOOOOOOOOO"
|
||||
echo ""
|
||||
echo '{{ $registrationToken }}'
|
||||
echo ""
|
||||
echo '555555'
|
||||
set -ex
|
||||
echo '{{ stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname) }}
|
||||
if command -v cloudflared > /dev/null && [ -d "$HOME/.local/etc/cloudflared" ]; then
|
||||
# Show warning message about ~/.cloudflared already existing
|
||||
if [ -d "$HOME/.cloudflared" ]; then
|
||||
logg warn '~/.cloudflared is already in the home directory - to ensure proper deployment, remove previous tunnel configuration folders'
|
||||
fi
|
||||
|
||||
# Copy over configuration files
|
||||
logg info 'Copying over configuration files from ~/.local/etc/cloudflared to /usr/local/etc/cloudflared'
|
||||
sudo cp -f "$HOME/.local/etc/cloudflared/cert.pem" /usr/local/etc/cloudflared/cert.pem
|
||||
sudo cp -f "$HOME/.local/etc/cloudflared/config.yml" /usr/local/etc/cloudflared/config.yml
|
||||
|
||||
# Register tunnel (if not already registered)
|
||||
if sudo cloudflared tunnel list | grep "host-{{ .host.hostname }}" > /dev/null; then
|
||||
logg info 'CloudFlare tunnel is already registered'
|
||||
else
|
||||
logg info 'Creating a CloudFlare tunnel to this host'
|
||||
sudo cloudflared tunnel create "host-{{ .host.hostname }}"
|
||||
fi
|
||||
TUNNEL_ID="$(sudo cloudflared tunnel list | grep "host-{{ .host.hostname }}" | sed 's/ .*//')"
|
||||
logg info "Tunnel ID: $TUNNEL_ID"
|
||||
if [ -f "/usr/local/etc/cloudflared/${TUNNEL_ID}.json" ]; then
|
||||
logg info 'Symlinking tunnel configuration to /usr/local/etc/cloudflared/credentials.json'
|
||||
rm -f /usr/local/etc/cloudflared/credentials.json
|
||||
sudo ln -s "/usr/local/etc/cloudflared/${TUNNEL_ID}.json" /usr/local/etc/cloudflared/credentials.json
|
||||
else
|
||||
logg info 'Handling case where the tunnel registration is not present in /usr/local/etc/cloudflared'
|
||||
{{ if eq $registrationToken "" -}}
|
||||
logg warn 'Registration token is unavailable - you might have to delete the pre-existing tunnel or set up secrets properly'
|
||||
{{- else -}}
|
||||
logg info 'Registration token retrieved from encrypted blob stored at `home/.chezmoitemplates/cloudflared/{{ .host.hostname }}`'
|
||||
{{ if eq (substr 0 1 $registrationToken) "{" -}}
|
||||
logg info 'Registration token stored in credential file form'
|
||||
echo -n '{{ $registrationToken }}' | sudo tee /usr/local/etc/cloudflared/credentials.json > /dev/null
|
||||
{{ else }}
|
||||
logg info 'Registration token is in token form - it will be used in conjunction with `sudo cloudflared service install`'
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
fi
|
||||
|
||||
# Set up service
|
||||
if [ -d /Applications ] && [ -d /System ]; then
|
||||
# System is macOS
|
||||
if [ -f /Library/LaunchDaemons/com.cloudflare.cloudflared.plist ]; then
|
||||
logg info '`cloudflared` service is already installed'
|
||||
else
|
||||
logg info 'Running `sudo cloudflared service install`'
|
||||
sudo cloudflared service install{{ if and (ne $registrationToken "") (eq (substr 0 1 $registrationToken) "{") -}} {{ $registrationToken }}{{ end }}
|
||||
fi
|
||||
logg info 'Ensuring cloudflared service is installed'
|
||||
sudo launchctl start com.cloudflare.cloudflared
|
||||
elif [ -f /etc/os-release ]; then
|
||||
# System is Linux
|
||||
logg info 'Copying over configuration files from ~/.local/etc/cloudflared to /usr/local/etc/cloudflared'
|
||||
sudo cp -rf "$HOME/.local/etc/cloudflared" /usr/local/etc/cloudflared
|
||||
if systemctl --all --type service | grep -q "cloudflared" > /dev/null; then
|
||||
logg info '`cloudflared` service is already available as a service'
|
||||
else
|
||||
logg info 'Running `sudo cloudflared service install`'
|
||||
sudo cloudflared service install{{ if and (ne $registrationToken "") (eq (substr 0 1 $registrationToken) "{") -}} {{ $registrationToken }}{{ end }}
|
||||
fi
|
||||
logg info 'Ensuring cloudflared service is started'
|
||||
sudo systemctl start cloudflared
|
||||
logg info 'Enabling cloudflared as a boot systemctl service'
|
||||
sudo systemctl enable cloudflared
|
||||
else
|
||||
# System is Windows
|
||||
cloudflared service install
|
||||
mkdir C:\Windows\System32\config\systemprofile\.cloudflared
|
||||
# Copy same cert.pem as being used above
|
||||
# copy C:\Users\%USERNAME%\.cloudflared\cert.pem C:\Windows\System32\config\systemprofile\.cloudflared\cert.pem
|
||||
# https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/as-a-service/windows/
|
||||
fi
|
||||
else
|
||||
logg info 'cloudflared was not installed so CloudFlare Tunnels cannot be enabled. (Or the ~/.local/etc/cloudflared folder is not present)'
|
||||
fi
|
||||
{{ end -}}
|
21
home/dot_config/sheldon/plugins.bash.toml
Normal file
21
home/dot_config/sheldon/plugins.bash.toml
Normal file
|
@ -0,0 +1,21 @@
|
|||
# `sheldon` configuration file
|
||||
# ----------------------------
|
||||
#
|
||||
# You can modify this file directly or you can use one of the following
|
||||
# `sheldon` commands which are provided to assist in editing the config file:
|
||||
#
|
||||
# - `sheldon add` to add a new plugin to the config file
|
||||
# - `sheldon edit` to open up the config file in the default editor
|
||||
# - `sheldon remove` to remove a plugin from the config file
|
||||
#
|
||||
# See the documentation for more https://github.com/rossmacarthur/sheldon#readme
|
||||
|
||||
shell = "bash"
|
||||
|
||||
[plugins]
|
||||
|
||||
[plugins.sheldon]
|
||||
inline = 'sheldon() { sheldon completions --shell bash }'
|
||||
|
||||
[plugins.wp]
|
||||
remote = "https://raw.githubusercontent.com/wp-cli/wp-cli/v2.7.1/utils/wp-completion.bash"
|
18
home/dot_config/sheldon/plugins.fish.toml
Normal file
18
home/dot_config/sheldon/plugins.fish.toml
Normal file
|
@ -0,0 +1,18 @@
|
|||
# `sheldon` configuration file
|
||||
# ----------------------------
|
||||
#
|
||||
# You can modify this file directly or you can use one of the following
|
||||
# `sheldon` commands which are provided to assist in editing the config file:
|
||||
#
|
||||
# - `sheldon add` to add a new plugin to the config file
|
||||
# - `sheldon edit` to open up the config file in the default editor
|
||||
# - `sheldon remove` to remove a plugin from the config file
|
||||
#
|
||||
# See the documentation for more https://github.com/rossmacarthur/sheldon#readme
|
||||
|
||||
shell = "fish"
|
||||
|
||||
[plugins]
|
||||
|
||||
[plugins.sheldon]
|
||||
inline = 'sheldon() { sheldon completions --shell fish }'
|
18
home/dot_config/sheldon/plugins.zsh.toml
Normal file
18
home/dot_config/sheldon/plugins.zsh.toml
Normal file
|
@ -0,0 +1,18 @@
|
|||
# `sheldon` configuration file
|
||||
# ----------------------------
|
||||
#
|
||||
# You can modify this file directly or you can use one of the following
|
||||
# `sheldon` commands which are provided to assist in editing the config file:
|
||||
#
|
||||
# - `sheldon add` to add a new plugin to the config file
|
||||
# - `sheldon edit` to open up the config file in the default editor
|
||||
# - `sheldon remove` to remove a plugin from the config file
|
||||
#
|
||||
# See the documentation for more https://github.com/rossmacarthur/sheldon#readme
|
||||
|
||||
shell = "zsh"
|
||||
|
||||
[plugins]
|
||||
|
||||
[plugins.sheldon]
|
||||
inline = 'sheldon() { sheldon completions --shell zsh }'
|
|
@ -47,6 +47,10 @@ if command -v bat > /dev/null; then
|
|||
}
|
||||
fi
|
||||
|
||||
### curl-impersonate
|
||||
# https://github.com/lwthiker/curl-impersonate
|
||||
alias curl-impersonate='docker run --rm lwthiker/curl-impersonate:0.5-chrome curl_chrome110'
|
||||
|
||||
### curlie
|
||||
if command -v curlie > /dev/null; then
|
||||
alias curl='curlie'
|
||||
|
|
4
home/dot_config/shell/docker.sh.tmpl
Normal file
4
home/dot_config/shell/docker.sh.tmpl
Normal file
|
@ -0,0 +1,4 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# https://github.com/ncarlier/webhookd
|
||||
alias webhookd='docker run -d --name=webhookd -v ${PWD}/scripts:/scripts -p 8080:8080 ncarlier/webhookd'
|
|
@ -117,8 +117,8 @@ export ASDF_PYTHON_DEFAULT_PACKAGES_FILE="${XDG_CONFIG_HOME:-$HOME/.config}/asdf
|
|||
### AWS CLI
|
||||
export AWS_SHARED_CREDENTIALS_FILE="${XDG_CONFIG_HOME:-$HOME/.config}/aws/credentials"
|
||||
export AWS_CONFIG_FILE="${XDG_CONFIG_HOME:-$HOME/.config}/aws/config"
|
||||
if [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.crt" ]; then
|
||||
export AWS_CA_BUNDLE="${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.crt"
|
||||
if [ -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" ]; then
|
||||
export AWS_CA_BUNDLE="$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt"
|
||||
fi
|
||||
|
||||
### Azure CLI
|
||||
|
@ -298,7 +298,7 @@ export NETRC="${XDG_CONFIG_HOME:-$HOME/.config}/netrc"
|
|||
export NAVI_CONFIG="${XDG_CONFIG_HOME:-$HOME/.config}/navi/config.yaml"
|
||||
|
||||
### Nix
|
||||
export NIX_SSL_CERT_FILE="${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.crt"
|
||||
export NIX_SSL_CERT_FILE="$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt"
|
||||
|
||||
### nnn
|
||||
if command -v nnn > /dev/null; then
|
||||
|
@ -311,8 +311,8 @@ fi
|
|||
|
||||
### Node.js
|
||||
export NODE_REPL_HISTORY="${XDG_DATA_HOME:-$HOME/.local/share}/node_repl_history"
|
||||
if [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" ]; then
|
||||
export NODE_EXTRA_CA_CERTS="${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem"
|
||||
if [ -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" ]; then
|
||||
export NODE_EXTRA_CA_CERTS="$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem"
|
||||
fi
|
||||
|
||||
### NPM
|
||||
|
@ -384,6 +384,10 @@ export RUSTUP_HOME="${XDG_DATA_HOME:-$HOME/.local/share}/rustup"
|
|||
### SDKMan
|
||||
export SDKMAN_DIR="${XDG_DATA_HOME:-$HOME/.local/share}/sdkman"
|
||||
|
||||
### Sheldon
|
||||
export SHELDON_CONFIG_DIR="${XDG_CONFIG_HOME:-$HOME/.config}/sheldon"
|
||||
export SHELDON_DATA_DIR="${XDG_DATA_HOME:-$HOME/.local/share}/sheldon"
|
||||
|
||||
### Steampipe
|
||||
export STEAMPIPE_INSTALL_DIR="${XDG_DATA_HOME:-$HOME/.local/share}/steampipe"
|
||||
export STEAMPIPE_TELEMETRY=none
|
||||
|
|
|
@ -0,0 +1,39 @@
|
|||
#!/usr/bin/env node
|
||||
|
||||
import task from 'tasuku'
|
||||
|
||||
task('Task 1', async ({ setTitle }) => {
|
||||
console.log('hey')
|
||||
setTitle('Task 1 finished')
|
||||
})
|
||||
|
||||
task('Task 2', async () => {
|
||||
console.log('yo')
|
||||
const nestedTask = await task('Do another task', async ({ task }) => {
|
||||
await someAsyncTask()
|
||||
})
|
||||
|
||||
nestedTask.clear()
|
||||
})
|
||||
|
||||
task('Task 3', async () => {
|
||||
console.log('sup')
|
||||
})
|
||||
|
||||
const api = await task.group(task => [
|
||||
task(
|
||||
'Task 1',
|
||||
async () => await someAsyncTask()
|
||||
),
|
||||
|
||||
task(
|
||||
'Task 2',
|
||||
async () => await someAsyncTask()
|
||||
)
|
||||
|
||||
// ...
|
||||
], {
|
||||
concurrency: 2 // Number of tasks to run at a time
|
||||
})
|
||||
|
||||
api.clear() // Clear output
|
35
home/dot_local/bin/setup/executable_setup-certbot.tmpl
Normal file
35
home/dot_local/bin/setup/executable_setup-certbot.tmpl
Normal file
|
@ -0,0 +1,35 @@
|
|||
#!/usr/bin/env bash
|
||||
# @file Configure HTTPS certificates via Certbot
|
||||
# @brief Acquires initial Certbot Let's Encrypt certificates and adds a cronjob for certificate renewal
|
||||
# @description
|
||||
# This script ensures the system has Let's Encrypt SSL certificates loaded. It leverages the CloudFlare DNS method.
|
||||
# So long as your `.user.cloudflare.username` value in `home/.chezmoi.yaml.tmpl`, your `CLOUDFLARE_API_TOKEN` variable,
|
||||
# and your `.host.domain` value in `home/.chezmoi.yaml.tmpl` are available, then this process should work. The API token
|
||||
# only needs access to `DNS:Zone:Edit` for your `.host.domain` on CloudFlare.
|
||||
#
|
||||
# ## Links
|
||||
#
|
||||
# * [certbot-dns-cloudflare](https://certbot-dns-cloudflare.readthedocs.io/en/stable/)
|
||||
# * [CloudFlare API Tokens](https://dash.cloudflare.com/profile/api-tokens)
|
||||
|
||||
# TODO: Integrate this into flow
|
||||
|
||||
if command -v certbot > /dev/null; then
|
||||
if [ -f '/etc/letsencrypt/live/{{ .host.domain }}/cert.pem' ]; then
|
||||
logg info 'LetsEncrypt SSL certificate is already available'
|
||||
else
|
||||
logg info 'Acquiring certbot LetsEncrypt SSL certificates'
|
||||
certbot certonly --noninteractive --dns-cloudflare --agree-tos --email '{{ .user.cloudflare.username }}' --dns-cloudflare-propagation-seconds 14 -d '*.{{ .host.domain }},*.lab.{{ .host.domain }},*.{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
|
||||
fi
|
||||
|
||||
### Setup cronjob
|
||||
if ! sudo crontab -l | grep "$(which certbot) renew --quiet" > /dev/null; then
|
||||
TMP="$(mktemp)"
|
||||
echo "30 3 * * * $(which certbot) renew --quiet" > "$TMP"
|
||||
logg info 'Adding certbot renew entry to crontab'
|
||||
sudo crontab < "$TMP"
|
||||
fi
|
||||
else
|
||||
logg warn 'certbot is not available. SSL certificate issuance cannot be run without it.'
|
||||
fi
|
||||
|
3
home/dot_local/etc/letsencrypt/dns-cloudflare.ini.tmpl
Normal file
3
home/dot_local/etc/letsencrypt/dns-cloudflare.ini.tmpl
Normal file
|
@ -0,0 +1,3 @@
|
|||
{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (or (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_API_TOKEN")) (env "CLOUDFLARE_API_TOKEN")) -}}
|
||||
dns_cloudflare_api_token = {{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_API_TOKEN")) }}{{- includeTemplate "secrets/CLOUDFLARE_API_TOKEN" | decrypt | trim -}}{{ else }}{{- env "CLOUDFLARE_API_TOKEN" -}}{{ end }}
|
||||
{{- end -}}
|
2
home/dot_local/etc/letsencrypt/letsencryptcli.ini.tmpl
Normal file
2
home/dot_local/etc/letsencrypt/letsencryptcli.ini.tmpl
Normal file
|
@ -0,0 +1,2 @@
|
|||
dns-cloudflare-credentials = /etc/letsencrypt/dns-cloudflare.ini
|
||||
server = https://acme-v02.api.letsencrypt.org/directory
|
|
@ -1,24 +0,0 @@
|
|||
# Source: https://raw.githubusercontent.com/wp-cli/wp-cli/v2.7.1/utils/wp-completion.bash
|
||||
# bash completion for the `wp` command
|
||||
|
||||
_wp_complete() {
|
||||
local OLD_IFS="$IFS"
|
||||
local cur=${COMP_WORDS[COMP_CWORD]}
|
||||
|
||||
IFS=$'\n'; # want to preserve spaces at the end
|
||||
local opts="$(wp cli completions --line="$COMP_LINE" --point="$COMP_POINT")"
|
||||
|
||||
if [[ "$opts" =~ \<file\>\s* ]]
|
||||
then
|
||||
COMPREPLY=( $(compgen -f -- $cur) )
|
||||
elif [[ $opts = "" ]]
|
||||
then
|
||||
COMPREPLY=( $(compgen -f -- $cur) )
|
||||
else
|
||||
COMPREPLY=( ${opts[*]} )
|
||||
fi
|
||||
|
||||
IFS="$OLD_IFS"
|
||||
return 0
|
||||
}
|
||||
complete -o nospace -F _wp_complete wp
|
|
@ -265,8 +265,7 @@ if command -v antigen > /dev/null; then
|
|||
# Official Oh-My-ZSH plugins
|
||||
antigen use oh-my-zsh
|
||||
antigen bundle adb
|
||||
antigen bundle bazel
|
||||
antigen bundle codeclimatefd
|
||||
# antigen bundle bazel # Unused
|
||||
# antigen bundle colored-man-pages
|
||||
antigen bundle command-not-found
|
||||
antigen bundle copybuffer
|
||||
|
@ -428,43 +427,6 @@ fi
|
|||
### Java (asdf)
|
||||
[ ! -f "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh" ] || source "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh"
|
||||
|
||||
### Mamba Forge (Faster Conda Drop-In Replacement)
|
||||
# TODO: Add support for Linux
|
||||
if [ -f /usr/local/Caskroom/mambaforge/base/bin/conda ]; then
|
||||
# >>> conda initialize >>>
|
||||
# !! Contents within this block are managed by 'conda init' !!
|
||||
__conda_setup="$('/usr/local/Caskroom/mambaforge/base/bin/conda' 'shell.zsh' 'hook' 2> /dev/null)"
|
||||
if [ $? -eq 0 ]; then
|
||||
eval "$__conda_setup"
|
||||
else
|
||||
if [ -f "/usr/local/Caskroom/mambaforge/base/etc/profile.d/conda.sh" ]; then
|
||||
. "/usr/local/Caskroom/mambaforge/base/etc/profile.d/conda.sh"
|
||||
else
|
||||
export PATH="/usr/local/Caskroom/mambaforge/base/bin:$PATH"
|
||||
fi
|
||||
fi
|
||||
unset __conda_setup
|
||||
# <<< conda initialize <<<
|
||||
fi
|
||||
|
||||
### Micro-Mamba
|
||||
# Generate command: micromamba shell init -s zsh -p "${XDG_DATA_HOME:-$HOME/.local/share}/micromamba"
|
||||
# TODO: Ensure Linux support
|
||||
if [ -f /usr/local/bin/micromamba ]; then
|
||||
# >>> mamba initialize >>>
|
||||
# !! Contents within this block are managed by 'mamba init' !!
|
||||
export MAMBA_EXE='/usr/local/bin/micromamba';
|
||||
export MAMBA_ROOT_PREFIX="${XDG_DATA_HOME:-$HOME/.local/share}/micromamba";
|
||||
__mamba_setup="$("$MAMBA_EXE" shell hook --shell zsh --root-prefix "$MAMBA_ROOT_PREFIX" 2> /dev/null)"
|
||||
if [ $? -eq 0 ]; then
|
||||
eval "$__mamba_setup"
|
||||
else
|
||||
alias micromamba="$MAMBA_EXE" # Fallback on help from mamba activate
|
||||
fi
|
||||
unset __mamba_setup
|
||||
# <<< mamba initialize <<<
|
||||
fi
|
||||
|
||||
### Navi (Ctrl+G)
|
||||
! command -v navi > /dev/null || eval "$(navi widget zsh)"
|
||||
|
||||
|
@ -472,7 +434,7 @@ fi
|
|||
[ ! -f "$HOME/.fig/shell/zshrc.post.zsh" ] || source "$HOME/.fig/shell/zshrc.post.zsh"
|
||||
|
||||
### Powerline
|
||||
[ ! -f "${XDG_CONFIG_HOME:-$HOME.config}/scripts/p10k.zsh" ] || source "$HOME/.local/scripts/p10k.zsh"
|
||||
[ ! -f "${XDG_CONFIG_HOME:-$HOME/.config}/shell/p10k.zsh" ] || source "${XDG_CONFIG_HOME:-$HOME/.config}/shell/p10k.zsh"
|
||||
|
||||
### SDKMan
|
||||
if command -v brew > /dev/null && command -v sdkman-cli > /dev/null; then
|
||||
|
@ -483,6 +445,10 @@ elif [ -f "$SDKMAN_DIR/bin/sdkman-init.sh" ]; then
|
|||
. "$SDKMAN_DIR/bin/sdkman-init.sh"
|
||||
fi
|
||||
|
||||
### Sheldon
|
||||
export SHELDON_CONFIG_FILE="$SHELDON_CONFIG_DIR/plugins.zsh.toml"
|
||||
! command -v sheldon > /dev/null || eval "$(sheldon source)"
|
||||
|
||||
### Up
|
||||
[ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" ] || source "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh"
|
||||
|
||||
|
|
22099
local/package-lock.json
generated
22099
local/package-lock.json
generated
File diff suppressed because it is too large
Load diff
23
software.yml
23
software.yml
|
@ -646,7 +646,8 @@ softwarePackages:
|
|||
_home: https://github.com/joehillen/sysz
|
||||
_name: syz
|
||||
nix-env: nixpkgs.sysz
|
||||
paru: sysz
|
||||
bin: https://github.com/joehillen/sysz
|
||||
pacman: sysz
|
||||
script:linux: cd /tmp && git clone https://github.com/joehillen/sysz.git && cd sysz && sudo make install && cd /tmp && rm -rf sysz
|
||||
appium:
|
||||
_bin: appium
|
||||
|
@ -1266,6 +1267,13 @@ softwarePackages:
|
|||
port: bat
|
||||
scoop: bat
|
||||
zypper: bat
|
||||
bat-extras:
|
||||
_bin: batman
|
||||
_github: https://github.com/eth-p/bat-extras
|
||||
_name: Bat Extras
|
||||
brew: bat-extras
|
||||
pacman: bat-extras
|
||||
emerge: sys-apps/bat-extras
|
||||
beets:
|
||||
_bin: beet
|
||||
_desc: 'The purpose of [Beets](https://beets.io/) is to get your music collection right once and for all. It catalogs your collection, automatically improving its metadata as it goes using the MusicBrainz database. Then it provides a bouquet of tools for manipulating and accessing your music.'
|
||||
|
@ -9397,6 +9405,12 @@ softwarePackages:
|
|||
brew: tig
|
||||
nix: tig
|
||||
pkg: tig
|
||||
doitlive:
|
||||
_bin: doitlive
|
||||
_github: https://github.com/sloria/doitlive
|
||||
_name: Do It Live!
|
||||
brew: doitlive
|
||||
pipx: doitlive
|
||||
howdoi:
|
||||
_bin: howdoi
|
||||
_github: https://github.com/gleitz/howdoi
|
||||
|
@ -9524,6 +9538,13 @@ softwarePackages:
|
|||
dnf: tor
|
||||
pacman: tor
|
||||
port: tor
|
||||
sheldon:
|
||||
_bin: sheldon
|
||||
_github: https://github.com/rossmacarthur/sheldon
|
||||
_name: Sheldon
|
||||
_completions: sheldon completions --shell {SHELL}
|
||||
brew: sheldon
|
||||
cargo: sheldon
|
||||
translate:
|
||||
_bin: trans
|
||||
_desc: '[Translate Shell](https://github.com/soimort/translate-shell) (formerly Google Translate CLI) is a command-line translator powered by Google Translate (default), Bing Translator, Yandex.Translate, and Apertium. It gives you easy access to these translation engines in your terminal. It is feature-rich and, although there is some overlap, it complements [Normit](https://gitlab.com/megabyte-labs/ansible-roles/normit) well.'
|
||||
|
|
Loading…
Reference in a new issue