Update 8 files

- /home/.chezmoiscripts/universal/run_onchange_after_81-kubesphere.yml.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_80-bash-completions.tmpl - /home/.chezmoiscripts/universal/run_onchange_before_11-install-docker.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_14-warp.tmpl - /home/.chezmoiscripts/debian/run_onchange_before_14-warp.tmpl - /home/.chezmoiscripts/ubuntu/run_onchange_before_14-warp.tmpl - /home/.chezmoidata.yaml - /software.yml
2023-02-05 08:09:07 +00:00 · 2023-02-05 08:09:07 +00:00 · 5c0c00ad8a
commit 5c0c00ad8a
parent 4fec331e36
8 changed files with 94 additions and 1 deletions
--- a/home/.chezmoidata.yaml
+++ b/home/.chezmoidata.yaml
@ -828,6 +828,8 @@ softwareGroups:
  _Basic-Desktop: &_Basic-Desktop
    - *_Basic
    - *Essentials-Desktop
+    - firewall-applet
+    - firewall-config
    - stacer
  _Standard: &_Standard
    - *_Basic
--- a/home/.chezmoiscripts/debian/run_onchange_before_14-warp.tmpl
+++ b/home/.chezmoiscripts/debian/run_onchange_before_14-warp.tmpl
@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+{{ includeTemplate "universal/logg-before" }}
+
+### Add CloudFlare WARP desktop app apt-get source
+if [ ! -f /etc/apt/sources.list.d/cloudflare-client.list ]; then
+    logg info 'Adding CloudFlare WARP keyring'
+    curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
+
+    logg info 'Adding apt source reference'
+    echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
+
+    sudo apt-get update
+fi
--- a/home/.chezmoiscripts/ubuntu/run_onchange_before_14-warp.tmpl
+++ b/home/.chezmoiscripts/ubuntu/run_onchange_before_14-warp.tmpl
@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+{{ includeTemplate "universal/logg-before" }}
+
+### Add CloudFlare WARP desktop app apt-get source
+if [ ! -f /etc/apt/sources.list.d/cloudflare-client.list ]; then
+    logg info 'Adding CloudFlare WARP keyring'
+    curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
+
+    logg info 'Adding apt source reference'
+    echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
+
+    sudo apt-get update
+fi
--- a/home/.chezmoiscripts/universal/run_onchange_after_14-warp.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_14-warp.tmpl
@ -0,0 +1,42 @@
+{{- if (ne .host.distro.family "windows") }}
+#!/usr/bin/env bash
+
+### Configure CloudFlare WARP (if not WSL and warp-cli is installed)
+if [[ ! "$(grep Microsoft /proc/version)" ]] && command -v warp-cli > /dev/null; then
+    ### Register CloudFlare WARP
+    if warp-cli --accept-tos status | grep 'Registration missing' > /dev/null; then
+        logg info 'Registering CloudFlare WARP'
+        warp-cli --accept-tos register
+    else
+        logg info 'Already registered with CloudFlare WARP'
+    fi
+
+    ### Connect CloudFlare WARP
+    if warp-cli --accept-tos status | grep 'Disconnected' > /dev/null; then
+        logg info 'Connecting to CloudFlare WARP'
+        warp-cli --accept-tos connect
+    else
+        logg info 'Already connected to CloudFlare WARP'
+    fi
+
+    ### Enable Always-On mode
+    logg info 'Enabling always-on mode'
+    warp-cli --accept-tos enable-always-on
+
+    ### Enable Family Mode
+    # logg info 'Enabling family-mode'
+    # warp-cli --accept-tos set-families-mode full
+
+    ### Enable WARP+DNS mode
+    # logg info 'Enabling WARP+DNS mode'
+    # warp-cli set-mode warp+doh
+
+    # TODO
+    {{ if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath (.chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-teams-client-id"))) (stat (joinPath (.chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-teams-client-secret"))) -}}
+    ### Enroll with CloudFlare Teams
+    logg info 'Enrolling with CloudFlare Teams'
+    warp-cli teams-enroll '{{- includeTemplate "secrets/key-cloudflare-teams-client-id" | decrypt -}}' '{{- includeTemplate "secrets/key-cloudflare-teams-client-secret" | decrypt -}}'
+    {{- end }}
+fi
+
+{{ end -}}
--- a/home/.chezmoiscripts/universal/run_onchange_after_80-bash-completions.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_80-bash-completions.tmpl
@ -1,3 +1,4 @@
+{{- if (ne .host.distro.family "windows") -}}
 #!/usr/bin/env bash

 # .chezmoidata.yml hash: {{ include (joinPath .chezmoi.sourceDir ".chezmoidata.yaml")| sha256sum }}
@ -179,3 +180,5 @@ if command -v zoxide >/dev/null; then
 elif [ -f "$COMPLETION_DIR/zoxide.bash" ]; then
  rm "$COMPLETION_DIR/zoxide.bash"
 fi
+
+{{ end -}}
--- a/home/.chezmoiscripts/universal/run_onchange_after_81-kubesphere.yml.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_81-kubesphere.yml.tmpl
@ -0,0 +1 @@
+{{ if }}
--- a/home/.chezmoiscripts/universal/run_onchange_before_11-install-docker.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_before_11-install-docker.tmpl
@ -177,7 +177,7 @@ if [ ! -d /Applications ] || [ ! -d /System ]; then
        fi

        # Restart / enable Docker
-        if command -v systemctl > /dev/null; then
+        if [[ ! "$(grep Microsoft /proc/version)" ]] && command -v systemctl > /dev/null; then
            logg info 'Restarting Docker service'
            sudo systemctl restart docker.service
            sudo systemctl restart containerd.service
--- a/software.yml
+++ b/software.yml
@ -6013,6 +6013,16 @@ softwarePackages:
    github: github.com/jessfraz/pony
    go: github.com/jessfraz/pony@latest
    _service: false
+  firewall-applet:
+    _bin: firewall-applet
+    apt: firewall-applet
+    dnf: firewall-applet
+    pacman: firewall-applet
+  firewall-config:
+    _bin: firewall-config
+    apt: firewall-config
+    dnf: firewall-config
+    pacman: firewall-config
  portmaster:
    _bin: null
    _desc: "[Portmaster](https://safing.io/portmaster/) is a free and open-source application that puts you back in charge over all your computer's network connections."
@ -6023,6 +6033,11 @@ softwarePackages:
    _when:linux: '! test -f /opt/safing/portmaster/portmaster-start'
    ansible:linux: professormanhattan.portmaster
    ansible:windows: professormanhattan.portmaster
+    apt: https://updates.safing.io/latest/linux_amd64/packages/portmaster-installer.
+    choco: portmaster
+    dnf: https://updates.safing.io/latest/linux_amd64/packages/portmaster-installer.rpm
+    exe: https://updates.safing.io/latest/windows_amd64/packages/portmaster-installer.
+    scoop: portmaster-np
    _service: true
    _type: application
  pake:
@ -8280,7 +8295,9 @@ softwarePackages:
    _when:darwin: '! test -d "/Applications/Cloudflare WARP.app"'
    # Needs tuning - possibly unrelated, but internet wasn't working on Ubuntu after installing this and removed it during debugging
    # ansible: professormanhattan.warp
+    apt: cloudflare-warp
    cask: cloudflare-warp
+    choco: warp
    _service: false
    _type: application
  watchexec: