Added couple PRs

This commit is contained in:
Brian Zalewski 2024-01-03 23:04:02 +00:00
parent ca2e7371df
commit 66c8f52e4d
18 changed files with 283 additions and 82 deletions

View file

@ -359,11 +359,11 @@
url = "{{ $vimPlugin }}" url = "{{ $vimPlugin }}"
{{ $gitArgs }} {{ $gitArgs }}
{{- end }} {{- end }}
# coc.nvim VIM plugin requires custom branch "release"
[".local/share/vim/plugged/coc.nvim"] [".local/share/vim/plugged/coc.nvim"]
type = "git-repo" type = "git-repo"
url = "https://github.com/neoclide/coc.nvim.git" url = "https://github.com/neoclide/coc.nvim.git"
{{ $gitArgs }} clone.args = ["--branch", "release", "--depth", "1"]
pull.args = ["--ff-only"]
### NVIM ### NVIM
[".config/nvim"] [".config/nvim"]

View file

@ -1008,6 +1008,7 @@ if [ -n "$DEBUG" ] || [ -n "$DEBUG_MODE" ]; then
ensureZshShell ensureZshShell
gnomeExtensionSettings gnomeExtensionSettings
grubSettings grubSettings
installCocExtensions
installDockerRclonePlugin installDockerRclonePlugin
installTerminalTheme installTerminalTheme
loadCronjobs loadCronjobs
@ -1035,6 +1036,7 @@ else
ensureZshShell & ensureZshShell &
gnomeExtensionSettings & gnomeExtensionSettings &
grubSettings & grubSettings &
installCocExtensions &
installDockerRclonePlugin & installDockerRclonePlugin &
installTerminalTheme & installTerminalTheme &
loadCronjobs & loadCronjobs &

View file

@ -56,14 +56,30 @@ ensureHomebrewDeps() {
fi fi
} }
# @description This function removes group write permissions from the Homebrew share folder which
# is required for the ZSH configuration.
fixHomebrewPermissions() {
if [ -f /usr/local/bin/brew ]; then
sudo chmod -R g-w /usr/local/share
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" ]; then
sudo chmod -R g-w "${HOMEBREW_PREFIX:-/opt/homebrew}/share"
elif [ -d "$HOME/.linuxbrew" ]; then
sudo chmod -R g-w "$HOME/.linuxbrew/share"
elif [ -d "/home/linuxbrew/.linuxbrew" ]; then
sudo chmod -R g-w /home/linuxbrew/.linuxbrew/share
fi
}
# @description This script ensures Homebrew is installed. # @description This script ensures Homebrew is installed.
ensurePackageManagerHomebrew() { ensurePackageManagerHomebrew() {
if ! command -v brew > /dev/null; then if ! command -v brew > /dev/null; then
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
fixHomebrewPermissions
else else
logg info 'Homebrew is not installed. Password may be required.' logg info 'Homebrew is not installed. Password may be required.'
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewPermissions
if [ -n "$BREW_EXIT_CODE" ]; then if [ -n "$BREW_EXIT_CODE" ]; then
logg warn 'Homebrew was installed but part of the installation failed to complete successfully.' logg warn 'Homebrew was installed but part of the installation failed to complete successfully.'
if command -v brew > /dev/null; then if command -v brew > /dev/null; then

View file

@ -253,7 +253,7 @@ function gVisorPreBuilt() {
ARCH=$(uname -m) ARCH=$(uname -m)
URL="https://storage.googleapis.com/gvisor/releases/release/latest/${ARCH}" URL="https://storage.googleapis.com/gvisor/releases/release/latest/${ARCH}"
logg info 'Downloading gVisor runsc and containerd-shim-runsc-v1 SHA signatures' logg info 'Downloading gVisor runsc and containerd-shim-runsc-v1 SHA signatures'
wget "${URL}/runsc ${URL}/runsc.sha512" "${URL}/containerd-shim-runsc-v1 ${URL}/containerd-shim-runsc-v1.sha512" wget "${URL}/runsc" "${URL}/runsc.sha512" "${URL}/containerd-shim-runsc-v1" "${URL}/containerd-shim-runsc-v1.sha512"
sha512sum -c runsc.sha512 -c containerd-shim-runsc-v1.sha512 sha512sum -c runsc.sha512 -c containerd-shim-runsc-v1.sha512
rm -f *.sha512 rm -f *.sha512
chmod a+rx runsc containerd-shim-runsc-v1 chmod a+rx runsc containerd-shim-runsc-v1
@ -442,11 +442,11 @@ installDocker() {
### Create /etc/docker/daemon.json ### Create /etc/docker/daemon.json
logg info 'Creating /etc/docker' logg info 'Creating /etc/docker'
sudo mkdir -p /etc/docker sudo mkdir -p /etc/docker
if [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/home/dot_config/docker/daemon.json" ]; then if [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/dot_config/docker/daemon.json.tmpl" ]; then
logg info 'Creating /etc/docker/daemon.json' logg info 'Creating /etc/docker/daemon.json'
sudo cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/home/dot_config/docker/daemon.json" /etc/docker/daemon.json chezmoi cat "${XDG_CONFIG_HOME:-$HOME/.config}/docker/config.json" | sudo tee /etc/docker/daemon.json
else else
logg warn "${XDG_DATA_HOME:-$HOME/.local/share}/home/dot_config/docker/daemon.json is not available so the /etc/docker/daemon.json file cannot be populated" logg warn "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/dot_config/docker/daemon.json.tmpl is not available so the /etc/docker/daemon.json file cannot be populated"
fi fi
### Restart / enable Docker ### Restart / enable Docker

View file

@ -35,6 +35,7 @@ brew "rust"
tap "go-task/tap" tap "go-task/tap"
brew "go-task/tap/go-task" brew "go-task/tap/go-task"
brew "volta" brew "volta"
brew "yarn"
brew "yq" brew "yq"
brew "zx" brew "zx"
cask "docker" cask "docker"

View file

@ -1,5 +1,6 @@
{ {
"sh.enable": true, "sh.enable": true,
"languageserver": {
"dockerfile": { "dockerfile": {
"command": "docker-langserver", "command": "docker-langserver",
"filetypes": [ "filetypes": [
@ -10,7 +11,7 @@
] ]
}, },
"sql": { "sql": {
"module": "${XDG_DATA_HOME:-$HOME/.local/share}/nvim/lib/node_modules/sql-language-server/npm_bin/cli.js", "module": "sql-language-server",
"args": [ "args": [
"up", "up",
"--method", "--method",
@ -33,5 +34,5 @@
"initializationOptions": {}, "initializationOptions": {},
"settings": {} "settings": {}
} }
} }
} }

View file

@ -0,0 +1,57 @@
{
"dependencies": {
"@yaegassy/coc-nginx": ">=0.4.1",
"@yaegassy/coc-ansible": ">=0.14.2",
"coc-angular": ">=17.0.2",
"coc-clangd": ">=0.30.1",
"coc-calc": ">=3.1.0",
"coc-copilot": ">=0.0.6",
"coc-css": ">=2.1.0",
"coc-deno": ">=3.13.0",
"coc-diagnostic": ">=0.24.1",
"coc-docker": ">=1.0.2",
"coc-blade": ">=0.18.7",
"coc-eslint": ">=1.6.0",
"coc-emmet": ">=1.1.6",
"coc-cssmodules": ">=1.1.1",
"coc-flutter": ">=1.9.10",
"coc-git": ">=2.7.0",
"coc-go": ">=1.3.33",
"coc-highlight": ">=2.0.4",
"coc-html-css-support": ">=0.5.1",
"coc-explorer": ">=0.26.6",
"coc-html": ">=1.8.0",
"coc-htmlhint": ">=0.6.1",
"coc-fzf-preview": ">=2.16.6",
"coc-jedi": ">=0.36.1",
"coc-json": ">=1.9.2",
"coc-ltex": ">=13.1.0",
"coc-lua": ">=2.0.6",
"coc-markdownlint": ">=1.32.1",
"coc-java": ">=1.15.2",
"coc-phpls": ">=2.2.3",
"coc-markdown-preview-enhanced": ">=0.5.3",
"coc-prettier": ">=9.3.2",
"coc-markmap": ">=0.7.0",
"coc-powershell": ">=0.1.4",
"coc-rls": ">=1.1.6",
"coc-rust-analyzer": ">=0.75.0",
"coc-sh": ">=1.2.2",
"coc-prisma": ">=0.11.0",
"coc-solargraph": ">=1.2.4",
"coc-pyright": ">=1.1.342",
"coc-solidity": ">=1.4.2",
"coc-sql": ">=0.11.0",
"coc-sqlfluff": ">=0.11.4",
"coc-stylelint": ">=1.2.0",
"coc-swagger": ">=0.0.3",
"coc-svg": ">=0.0.13",
"coc-svelte": ">=0.5.0",
"coc-tsserver": ">=2.1.4",
"coc-xml": ">=1.14.1",
"coc-yank": ">=1.2.3",
"coc-yaml": ">=1.9.0",
"coc-toml": ">=1.2.5"
},
"lastUpdate": 0
}

View file

@ -2,6 +2,5 @@
"auths": { "auths": {
"https://index.docker.io/v1/": {} "https://index.docker.io/v1/": {}
}, },
"credsStore": "{{ if (eq .host.distro.id "darwin") }}osxkeychain{{ else }}{{ if (eq .host.distro.id "windows") }}wincred{{ else }}secretservice{{ end }}{{ end }}", "credsStore": "{{ if (eq .host.distro.id "darwin") }}osxkeychain{{ else }}{{ if (eq .host.distro.id "windows") }}wincred{{ else }}secretservice{{ end }}{{ end }}"
"currentContext": "desktop-linux"
} }

View file

@ -413,7 +413,7 @@ if [ -f "$HOME/.local/etc/ssl/curl/cacert.pem" ]; then
export CERT_PATH="$HOME/.local/etc/ssl/curl/cacert.pem" export CERT_PATH="$HOME/.local/etc/ssl/curl/cacert.pem"
export SSL_CERT_FILE="$CERT_PATH" export SSL_CERT_FILE="$CERT_PATH"
export REQUESTS_CA_BUNDLE="$CERT_PATH" export REQUESTS_CA_BUNDLE="$CERT_PATH"
elif command -v python3 > /dev/null; then elif command -v python3 > /dev/null && pip3 list | grep certifi > /dev/null; then
export CERT_PATH="$(python3 -m certifi)" || export CERT_PATH="$(python -m certifi)" || export CERT_PATH="$HOME/.local/etc/ssl/curl/cacert.pem" export CERT_PATH="$(python3 -m certifi)" || export CERT_PATH="$(python -m certifi)" || export CERT_PATH="$HOME/.local/etc/ssl/curl/cacert.pem"
export SSL_CERT_FILE="$CERT_PATH" export SSL_CERT_FILE="$CERT_PATH"
export REQUESTS_CA_BUNDLE="$CERT_PATH" export REQUESTS_CA_BUNDLE="$CERT_PATH"

View file

@ -384,15 +384,12 @@ let g:coc_global_extensions = [
\'coc-sh', \'coc-sh',
\'coc-solargraph', \'coc-solargraph',
\'coc-solidity', \'coc-solidity',
\'coc-spell-checker',
\'coc-stylelint', \'coc-stylelint',
\'coc-sql', \'coc-sql',
\'coc-sqlfluff', \'coc-sqlfluff',
\'coc-svelte', \'coc-svelte',
\'coc-svg', \'coc-svg',
\'coc-swagger', \'coc-swagger',
\'coc-symbol-line',
\'coc-tailwindcss',
\'coc-toml', \'coc-toml',
\'coc-tsserver', \'coc-tsserver',
\'coc-xml', \'coc-xml',
@ -454,7 +451,7 @@ endif
silent! call plug#begin('~/.local/share/vim/plugged') silent! call plug#begin('~/.local/share/vim/plugged')
Plug '~/.local/share/vim/plugged/ale' Plug '~/.local/share/vim/plugged/ale'
Plug '~/.local/share/vim/plugged/coc.nvim', {'branch': 'release', 'do': 'yarn install --frozen-lockfile'} Plug '~/.local/share/vim/plugged/coc.nvim', {'branch': 'release'}
Plug '~/.local/share/vim/plugged/copilot.vim' Plug '~/.local/share/vim/plugged/copilot.vim'
Plug '~/.local/share/vim/plugged/dockerfile.vim' Plug '~/.local/share/vim/plugged/dockerfile.vim'
Plug '~/.local/share/vim/plugged/editorconfig-vim' Plug '~/.local/share/vim/plugged/editorconfig-vim'
@ -476,7 +473,7 @@ Plug '~/.local/share/vim/plugged/vim-jsx'
Plug '~/.local/share/vim/plugged/vim-markdown' Plug '~/.local/share/vim/plugged/vim-markdown'
Plug '~/.local/share/vim/plugged/vim-multiple-cursors' Plug '~/.local/share/vim/plugged/vim-multiple-cursors'
Plug '~/.local/share/vim/plugged/vim-polyglot' Plug '~/.local/share/vim/plugged/vim-polyglot'
Plug '~/.local/share/vim/plugged/vim-prettier', { 'do': 'yarn install --frozen-lockfile --production' } Plug '~/.local/share/vim/plugged/vim-prettier', { 'do': 'npm ci' }
Plug '~/.local/share/vim/plugged/vim-sensible' Plug '~/.local/share/vim/plugged/vim-sensible'
Plug '~/.local/share/vim/plugged/vim-surround' Plug '~/.local/share/vim/plugged/vim-surround'
Plug '~/.local/share/vim/plugged/vim-sneak' Plug '~/.local/share/vim/plugged/vim-sneak'

View file

@ -767,12 +767,17 @@ async function beforeInstall(packageManager) {
brewUpdated = true brewUpdated = true
try { try {
runCommand('Running brew update / upgrade', `brew update && brew upgrade --cask && brew upgrade`) runCommand('Running brew update / upgrade', `brew update && brew upgrade --cask && brew upgrade`)
runCommand('Running brew update', `brew update`)
runCommand('Running brew upgrade', `brew upgrade`)
if (osType === 'darwin'){
runCommand('Running brew upgrade (Casks)', `brew upgrade --cask`)
}
} catch (e) { } catch (e) {
console.log(e) console.log(e)
log('error', 'Homebrew', 'Failed running brew update / upgrade') log('error', 'Homebrew', 'Failed running brew update / upgrade')
log('info', 'Homebrew', 'Running brew tap --repair and trying again') log('info', 'Homebrew', 'Running brew tap --repair and trying again')
try { try {
runCommand('Repairing taps and retrying brew update / upgrade', 'export HOMEBREW_TEMP=/tmp && sudo rm -rf $(brew --cache) && brew tap --repair && brew update && brew upgrade --cask --greedy && brew upgrade --force --greedy') runCommand('Repairing taps and retrying brew update / upgrade', 'export HOMEBREW_TEMP=/tmp && sudo rm -rf $(brew --cache) && brew tap --repair && brew update && brew upgrade --force --greedy && [[ $OSTYPE != "darwin"* ]] && brew upgrade --cask --greedy')
} catch (e) { } catch (e) {
console.log(e) console.log(e)
log('error', 'Homebrew', 'Failed both attempts to run brew update / upgrade') log('error', 'Homebrew', 'Failed both attempts to run brew update / upgrade')
@ -957,9 +962,11 @@ async function ensurePackageManager(packageManager) {
$` $`
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
sudo chmod -R g-w "$(brew --prefix)/share"
else else
log('info', logStage, 'Homebrew is not installed. Password may be required.') log('info', logStage, 'Homebrew is not installed. Password may be required.')
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
sudo chmod -R g-w "$(brew --prefix)/share"
if [ -n "$BREW_EXIT_CODE" ]; then if [ -n "$BREW_EXIT_CODE" ]; then
if command -v brew > /dev/null; then if command -v brew > /dev/null; then
log('warn', logStage, 'Homebrew was installed but part of the installation failed. Attempting to fix..') log('warn', logStage, 'Homebrew was installed but part of the installation failed. Attempting to fix..')
@ -1264,10 +1271,17 @@ async function installPackageList(packageManager, packages) {
} else if (packageManager === 'apt') { } else if (packageManager === 'apt') {
for (let pkg of packages) { for (let pkg of packages) {
try { try {
if (pkg.startsWith('http') && pkg.endsWith('.deb')) {
runCommand(
`Downloading and installing ${pkg}`,
`TMP="$(mktemp)" && curl -sSL ${pkg} -o "$TMP" && sudo dpkg -i "$TMP"`
)
} else {
runCommand( runCommand(
`Installing ${pkg} via ${packageManager}`, `Installing ${pkg} via ${packageManager}`,
`sudo apt-get -o DPkg::Options::=--force-confdef install -y ${pkg}` `sudo DEBIAN_FRONTEND=noninteractive apt-get -o DPkg::Options::=--force-confdef install -y ${pkg}`
) )
}
log('success', 'Install', `${pkg} successfully installed via ${packageManager}`) log('success', 'Install', `${pkg} successfully installed via ${packageManager}`)
} catch (e) { } catch (e) {
log('error', 'Install', `There was an error installing ${pkg} with apt-get`) log('error', 'Install', `There was an error installing ${pkg} with apt-get`)
@ -1545,7 +1559,7 @@ async function installPackageList(packageManager, packages) {
async function addUserGroup(group) { async function addUserGroup(group) {
const logStage = 'Users / Groups' const logStage = 'Users / Groups'
log('info', logStage, `Ensuring the ${group} group / user is added`) log('info', logStage, `Ensuring the ${group} group / user is added`)
runCommand(`Creating the ${group} user / group`, `sudo add-usergroup "${process.env.USER}" "${group}"`) runCommand(`Creating the ${group} user / group`, `sudo "${process.env.HOME}/.local/bin/add-usergroup" "${process.env.USER}" "${group}"`)
} }
/** /**

View file

@ -241,6 +241,20 @@ if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v
fi fi
fi fi
# @description This function removes group write permissions from the Homebrew share folder which
# is required for the ZSH configuration.
fixHomebrewPermissions() {
if [ -f /usr/local/bin/brew ]; then
sudo chmod -R g-w /usr/local/share
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" ]; then
sudo chmod -R g-w "${HOMEBREW_PREFIX:-/opt/homebrew}/share"
elif [ -d "$HOME/.linuxbrew" ]; then
sudo chmod -R g-w "$HOME/.linuxbrew/share"
elif [ -d "/home/linuxbrew/.linuxbrew" ]; then
sudo chmod -R g-w /home/linuxbrew/.linuxbrew/share
fi
}
# @description Ensure Homebrew is installed and available # @description Ensure Homebrew is installed and available
if ! command -v brew > /dev/null; then if ! command -v brew > /dev/null; then
if [ -d /home/linuxbrew/.linuxbrew/bin ]; then if [ -d /home/linuxbrew/.linuxbrew/bin ]; then
@ -252,9 +266,11 @@ if ! command -v brew > /dev/null; then
# @description Installs Homebrew and addresses a couple potential issues # @description Installs Homebrew and addresses a couple potential issues
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
echo | /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" echo | /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
fixHomebrewPermissions
else else
echo "Homebrew is not installed. The script will attempt to install Homebrew and you might be prompted for your password." echo "Homebrew is not installed. The script will attempt to install Homebrew and you might be prompted for your password."
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewPermissions
if [ -n "$BREW_EXIT_CODE" ]; then if [ -n "$BREW_EXIT_CODE" ]; then
if command -v brew > /dev/null; then if command -v brew > /dev/null; then
echo "Homebrew was installed but part of the installation failed. Trying a few things to fix the installation.." echo "Homebrew was installed but part of the installation failed. Trying a few things to fix the installation.."

View file

@ -244,6 +244,20 @@ fixHomebrewPermissions() {
fi fi
} }
# @description This function removes group write permissions from the Homebrew share folder which
# is required for the ZSH configuration.
fixHomebrewSharePermissions() {
if [ -f /usr/local/bin/brew ]; then
sudo chmod -R g-w /usr/local/share
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" ]; then
sudo chmod -R g-w "${HOMEBREW_PREFIX:-/opt/homebrew}/share"
elif [ -d "$HOME/.linuxbrew" ]; then
sudo chmod -R g-w "$HOME/.linuxbrew/share"
elif [ -d "/home/linuxbrew/.linuxbrew" ]; then
sudo chmod -R g-w /home/linuxbrew/.linuxbrew/share
fi
}
### Installs Homebrew ### Installs Homebrew
ensurePackageManagerHomebrew() { ensurePackageManagerHomebrew() {
if ! command -v brew > /dev/null; then if ! command -v brew > /dev/null; then
@ -251,9 +265,11 @@ ensurePackageManagerHomebrew() {
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
logg info 'Installing Homebrew. Sudo privileges available.' logg info 'Installing Homebrew. Sudo privileges available.'
echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewSharePermissions
else else
logg info 'Installing Homebrew. Sudo privileges not available. Password may be required.' logg info 'Installing Homebrew. Sudo privileges not available. Password may be required.'
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewSharePermissions
fi fi
### Attempt to fix problematic installs ### Attempt to fix problematic installs
@ -631,6 +647,12 @@ initChezmoiAndPrompt() {
fi fi
} }
# @description When a reboot is triggered by softwareupdate on macOS, other utilities that require
# a reboot are also installed to save on reboots.
beforeRebootDarwin() {
logg info "Ensuring macfuse is installed" && brew install --cask --no-quarantine --quiet macfuse
}
# @description Save the log of the provision process to `$HOME/.local/var/log/install.doctor/install.doctor.$(date +%s).log` and add the Chezmoi # @description Save the log of the provision process to `$HOME/.local/var/log/install.doctor/install.doctor.$(date +%s).log` and add the Chezmoi
# `--force` flag if the `HEADLESS_INSTALL` variable is set to `true`. # `--force` flag if the `HEADLESS_INSTALL` variable is set to `true`.
runChezmoi() { runChezmoi() {
@ -682,6 +704,7 @@ runChezmoi() {
### Handle exit codes in log ### Handle exit codes in log
if cat "$LOG_FILE" | grep 'chezmoi: exit status 140' > /dev/null; then if cat "$LOG_FILE" | grep 'chezmoi: exit status 140' > /dev/null; then
beforeRebootDarwin
logg info "Chezmoi signalled that a reboot is necessary to apply a system update" logg info "Chezmoi signalled that a reboot is necessary to apply a system update"
logg info "Running softwareupdate with the reboot flag" logg info "Running softwareupdate with the reboot flag"
sudo softwareupdate -i -a -R --agree-to-license && exit sudo softwareupdate -i -a -R --agree-to-license && exit

View file

@ -211,6 +211,20 @@ fixHomebrewPermissions() {
fi fi
} }
# @description This function removes group write permissions from the Homebrew share folder which
# is required for the ZSH configuration.
fixHomebrewSharePermissions() {
if [ -f /usr/local/bin/brew ]; then
sudo chmod -R g-w /usr/local/share
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" ]; then
sudo chmod -R g-w "${HOMEBREW_PREFIX:-/opt/homebrew}/share"
elif [ -d "$HOME/.linuxbrew" ]; then
sudo chmod -R g-w "$HOME/.linuxbrew/share"
elif [ -d "/home/linuxbrew/.linuxbrew" ]; then
sudo chmod -R g-w /home/linuxbrew/.linuxbrew/share
fi
}
### Installs Homebrew ### Installs Homebrew
ensurePackageManagerHomebrew() { ensurePackageManagerHomebrew() {
if ! command -v brew > /dev/null; then if ! command -v brew > /dev/null; then
@ -218,9 +232,11 @@ ensurePackageManagerHomebrew() {
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
logg info 'Installing Homebrew. Sudo privileges available.' logg info 'Installing Homebrew. Sudo privileges available.'
echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewSharePermissions
else else
logg info 'Installing Homebrew. Sudo privileges not available. Password may be required.' logg info 'Installing Homebrew. Sudo privileges not available. Password may be required.'
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewSharePermissions
fi fi
### Attempt to fix problematic installs ### Attempt to fix problematic installs

View file

@ -180,6 +180,20 @@ fixHomebrewPermissions() {
fi fi
} }
# @description This function removes group write permissions from the Homebrew share folder which
# is required for the ZSH configuration.
fixHomebrewSharePermissions() {
if [ -f /usr/local/bin/brew ]; then
sudo chmod -R g-w /usr/local/share
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" ]; then
sudo chmod -R g-w "${HOMEBREW_PREFIX:-/opt/homebrew}/share"
elif [ -d "$HOME/.linuxbrew" ]; then
sudo chmod -R g-w "$HOME/.linuxbrew/share"
elif [ -d "/home/linuxbrew/.linuxbrew" ]; then
sudo chmod -R g-w /home/linuxbrew/.linuxbrew/share
fi
}
### Installs Homebrew ### Installs Homebrew
ensurePackageManagerHomebrew() { ensurePackageManagerHomebrew() {
if ! command -v brew > /dev/null; then if ! command -v brew > /dev/null; then
@ -187,9 +201,11 @@ ensurePackageManagerHomebrew() {
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
logg info 'Installing Homebrew. Sudo privileges available.' logg info 'Installing Homebrew. Sudo privileges available.'
echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewSharePermissions
else else
logg info 'Installing Homebrew. Sudo privileges not available. Password may be required.' logg info 'Installing Homebrew. Sudo privileges not available. Password may be required.'
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewSharePermissions
fi fi
### Attempt to fix problematic installs ### Attempt to fix problematic installs

View file

@ -30,6 +30,20 @@ fixHomebrewPermissions() {
fi fi
} }
# @description This function removes group write permissions from the Homebrew share folder which
# is required for the ZSH configuration.
fixHomebrewSharePermissions() {
if [ -f /usr/local/bin/brew ]; then
sudo chmod -R g-w /usr/local/share
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" ]; then
sudo chmod -R g-w "${HOMEBREW_PREFIX:-/opt/homebrew}/share"
elif [ -d "$HOME/.linuxbrew" ]; then
sudo chmod -R g-w "$HOME/.linuxbrew/share"
elif [ -d "/home/linuxbrew/.linuxbrew" ]; then
sudo chmod -R g-w /home/linuxbrew/.linuxbrew/share
fi
}
### Installs Homebrew ### Installs Homebrew
ensurePackageManagerHomebrew() { ensurePackageManagerHomebrew() {
if ! command -v brew > /dev/null; then if ! command -v brew > /dev/null; then
@ -37,9 +51,11 @@ ensurePackageManagerHomebrew() {
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
logg info 'Installing Homebrew. Sudo privileges available.' logg info 'Installing Homebrew. Sudo privileges available.'
echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewSharePermissions
else else
logg info 'Installing Homebrew. Sudo privileges not available. Password may be required.' logg info 'Installing Homebrew. Sudo privileges not available. Password may be required.'
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewSharePermissions
fi fi
### Attempt to fix problematic installs ### Attempt to fix problematic installs

View file

@ -21,7 +21,7 @@
# | **Task** | Task runner used on-device for task parallelization and dependency management | # | **Task** | Task runner used on-device for task parallelization and dependency management |
# | **ZX / Node.js** | ZX is a Node.js abstraction that allows for better scripts | # | **ZX / Node.js** | ZX is a Node.js abstraction that allows for better scripts |
# | Gum | Gum is a terminal UI prompt CLI (which allows sweet, interactive prompts) | # | Gum | Gum is a terminal UI prompt CLI (which allows sweet, interactive prompts) |
# | Glow | Glow is a markdown renderer used for applying terminal-friendly styled to markdown | # | Glow | Glow is a markdown renderer used for applying terminal-friendly styles to markdown |
# #
# There are also a handful of system packages that are installed like `curl` and `git`. Then, during the Chezmoi provisioning # There are also a handful of system packages that are installed like `curl` and `git`. Then, during the Chezmoi provisioning
# process, there are a handful of system packages that are installed to ensure things run smoothly. You can find more details # process, there are a handful of system packages that are installed to ensure things run smoothly. You can find more details
@ -244,6 +244,20 @@ fixHomebrewPermissions() {
fi fi
} }
# @description This function removes group write permissions from the Homebrew share folder which
# is required for the ZSH configuration.
fixHomebrewSharePermissions() {
if [ -f /usr/local/bin/brew ]; then
sudo chmod -R g-w /usr/local/share
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" ]; then
sudo chmod -R g-w "${HOMEBREW_PREFIX:-/opt/homebrew}/share"
elif [ -d "$HOME/.linuxbrew" ]; then
sudo chmod -R g-w "$HOME/.linuxbrew/share"
elif [ -d "/home/linuxbrew/.linuxbrew" ]; then
sudo chmod -R g-w /home/linuxbrew/.linuxbrew/share
fi
}
### Installs Homebrew ### Installs Homebrew
ensurePackageManagerHomebrew() { ensurePackageManagerHomebrew() {
if ! command -v brew > /dev/null; then if ! command -v brew > /dev/null; then
@ -251,9 +265,11 @@ ensurePackageManagerHomebrew() {
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
logg info 'Installing Homebrew. Sudo privileges available.' logg info 'Installing Homebrew. Sudo privileges available.'
echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewSharePermissions
else else
logg info 'Installing Homebrew. Sudo privileges not available. Password may be required.' logg info 'Installing Homebrew. Sudo privileges not available. Password may be required.'
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewSharePermissions
fi fi
### Attempt to fix problematic installs ### Attempt to fix problematic installs

View file

@ -3187,16 +3187,14 @@ softwarePackages:
brew: oven-sh/bun/bun brew: oven-sh/bun/bun
npm: bun npm: bun
proto: bun proto: bun
nfty: ntfy:
_bin: nfty _bin: nfty
_github: https://github.com/dschep/ntfy _github: https://github.com/dschep/ntfy
_name: NFTY _name: NFTY
_post: | _post: |
#!/usr/bin/env bash #!/usr/bin/env bash
sudo mkdir -p /usr/local/etc/branding sudo mkdir -p /usr/local/etc/branding
sudo cp -f "$HOME/.local/etc/branding/favicon.ico" /usr/local/etc/branding/favicon.ico
sudo cp -f "$HOME/.local/etc/branding/logo-color-256x256.png" /usr/local/etc/branding/logo-color-256x256.png sudo cp -f "$HOME/.local/etc/branding/logo-color-256x256.png" /usr/local/etc/branding/logo-color-256x256.png
sudo cp -f "$HOME/.local/etc/branding/logo-color-900x900.png" /usr/local/etc/branding/logo-color-900x900.png
sudo mkdir -p /usr/local/share/sounds sudo mkdir -p /usr/local/share/sounds
rsync -rtvp "${XDG_DATA_HOME:-$HOME/.local/share}/sounds/"* /usr/local/share/sounds rsync -rtvp "${XDG_DATA_HOME:-$HOME/.local/share}/sounds/"* /usr/local/share/sounds
if command -v apt-get > /dev/null; then if command -v apt-get > /dev/null; then
@ -3205,6 +3203,7 @@ softwarePackages:
if command -v termux-setup-storage > /dev/null; then if command -v termux-setup-storage > /dev/null; then
apt install termux-api apt install termux-api
fi fi
pip: ntfy[emoji,matrix,pid,slack]
script: | script: |
#!/usr/bin/env bash #!/usr/bin/env bash
pip3 install ntfy[emoji,matrix,pid,slack] pip3 install ntfy[emoji,matrix,pid,slack]
@ -3499,11 +3498,6 @@ softwarePackages:
_github: https://github.com/wfxr/forgit _github: https://github.com/wfxr/forgit
_name: forgit _name: forgit
brew: forgit brew: forgit
ntfy:
_bin: ntfy
_github: https://github.com/dschep/ntfy
_name: ntfy
pipx: ntfy
clipboard: clipboard:
_bin: cb _bin: cb
_github: https://github.com/Slackadays/Clipboard.git _github: https://github.com/Slackadays/Clipboard.git
@ -5269,6 +5263,7 @@ softwarePackages:
if command -v docker > /dev/null && docker run --rm hello-world > /dev/null; then if command -v docker > /dev/null && docker run --rm hello-world > /dev/null; then
HAS_DOCKER=1 HAS_DOCKER=1
else else
HAS_DOCKER=0
logg warn 'Docker is not installed or it is not operational' logg warn 'Docker is not installed or it is not operational'
fi fi
@ -5276,6 +5271,7 @@ softwarePackages:
if command -v VirtualBox > /dev/null; then if command -v VirtualBox > /dev/null; then
HAS_VIRTUALBOX=1 HAS_VIRTUALBOX=1
else else
HAS_VIRTUALBOX=0
logg warn 'VirtualBox is not installed' logg warn 'VirtualBox is not installed'
fi fi
@ -5306,14 +5302,14 @@ softwarePackages:
if [ $HAS_DOCKER -eq 1 ]; then if [ $HAS_DOCKER -eq 1 ]; then
logg info 'Registering GitLab Runner(s) that use Docker executor' logg info 'Registering GitLab Runner(s) that use Docker executor'
{{- range .host.gitlabRunners }} {{- range .host.gitlabRunners }}
{{- if .runnerImage }} {{- if index . "runnerImage" }}
{{- $cmd }} {{- $cmd }}
--url {{ .glurl }} \ --url {{ .glurl }} \
--executor "docker" \ --executor "docker" \
--description "{{ .runnerDescription }} - on {{ .chezmoi.hostname }}" \ --description "{{ .runnerDescription }} - on {{ $.chezmoi.hostname }}" \
--docker-image {{ .runnerImage }} \ --docker-image {{ .runnerImage }} \
{{ if and .runnerTags (gt (len .runnerTags) 0) }}--tag-list "{{ .runnerTags }},{{ .chezmoi.hostname }},docker" {{ if and .runnerTags (gt (len .runnerTags) 0) }}--tag-list "{{ .runnerTags }},{{ $.chezmoi.hostname }},docker"
{{ else }}--tag-list "{{ .chezmoi.hostname }},docker" --run-untagged{{ end }} || echo 'Runner registration failed" {{- else }}--tag-list "{{ $.chezmoi.hostname }},docker" --run-untagged{{ end }} || echo 'Runner registration failed"
{{ end -}} {{ end -}}
{{ end }} {{ end }}
fi fi
@ -5322,14 +5318,14 @@ softwarePackages:
if [ $HAS_VIRTUALBOX -eq 1 ]; then if [ $HAS_VIRTUALBOX -eq 1 ]; then
logg info 'Registering GitLab Runner(s) that use VirtualBox executor' logg info 'Registering GitLab Runner(s) that use VirtualBox executor'
{{- range .host.gitlabRunners }} {{- range .host.gitlabRunners }}
{{- if .baseVM }} {{- if index . "baseVM" }}
{{- $cmd }} {{- $cmd }}
--url {{ .glurl }} \ --url {{ .glurl }} \
--executor "virtualbox" \ --executor "virtualbox" \
--description "{{ .runnerDescription }} - on {{ .chezmoi.hostname }}" \ --description "{{ .runnerDescription }} - on {{ $.chezmoi.hostname }}" \
--virtualbox-base-name "{{ .baseVM }}" \ --virtualbox-base-name "{{ .baseVM }}" \
{{ if and .runnerTags (gt (len .runnerTags) 0) }}--tag-list "{{ .runnerTags }},{{ .chezmoi.hostname }},virtualbox" {{ if and .runnerTags (gt (len .runnerTags) 0) }}--tag-list "{{ .runnerTags }},{{ $.chezmoi.hostname }},virtualbox"
{{ else }}--tag-list "{{ .chezmoi.hostname }},virtualbox" --run-untagged{{ end }} || echo 'Runner registration failed" {{- else }}--tag-list "{{ $.chezmoi.hostname }},virtualbox" --run-untagged{{ end }} || echo 'Runner registration failed"
{{ end -}} {{ end -}}
{{ end }} {{ end }}
fi fi
@ -9170,10 +9166,10 @@ softwarePackages:
_when:linux: '! test -f /opt/safing/portmaster/portmaster-start' _when:linux: '! test -f /opt/safing/portmaster/portmaster-start'
ansible:linux: professormanhattan.portmaster ansible:linux: professormanhattan.portmaster
ansible:windows: professormanhattan.portmaster ansible:windows: professormanhattan.portmaster
apt: https://updates.safing.io/latest/linux_amd64/packages/portmaster-installer. apt: https://updates.safing.io/latest/linux_amd64/packages/portmaster-installer.deb
choco: portmaster choco: portmaster
dnf: https://updates.safing.io/latest/linux_amd64/packages/portmaster-installer.rpm dnf: https://updates.safing.io/latest/linux_amd64/packages/portmaster-installer.rpm
exe: https://updates.safing.io/latest/windows_amd64/packages/portmaster-installer. exe: https://updates.safing.io/latest/windows_amd64/packages/portmaster-installer.exe
scoop: portmaster-np scoop: portmaster-np
pake: pake:
_bin: pake _bin: pake
@ -12505,8 +12501,19 @@ softwarePackages:
_name: VIM _name: VIM
_post: | _post: |
#!/usr/bin/env bash #!/usr/bin/env bash
echo "Installing VIM plugins" && vim +'PlugInstall --sync' +qall logg info "Installing VIM plugins" && vim +'PlugInstall --sync' +qall
echo "Updating VIM coc extensions" && vim +CocUpdateSync +qall # @description This script installs the extensions defined in `${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions/package.json`
# which should correlate to the Coc extensions defined in `${XDG_CONFIG_HOME:-$HOME/.config}/vim/vimrc`.
installCocExtensions() {
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions/package.json" ]; then
logg info "Running npm i --no-package-lock in ${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions"
cd "${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions" && npm i --no-package-lock
logg info "Running vim +CocUpdateSync +qall" && vim +CocUpdateSync +qall
else
logg info "Skipping Coc extension installation because ${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions/package.json is missing"
fi
}
logg info "Updating VIM coc extensions" && installCocExtensions
ansible: professormanhattan.vim ansible: professormanhattan.vim
apt: vim apt: vim
brew: vim brew: vim
@ -13221,6 +13228,8 @@ softwarePackages:
# * [Linux managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/dot_config/warp/private_mdm.xml.tmpl) # * [Linux managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/dot_config/warp/private_mdm.xml.tmpl)
# * [macOS managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/Library/Managed%20Preferences/private_com.cloudflare.warp.plist.tmpl) # * [macOS managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/Library/Managed%20Preferences/private_com.cloudflare.warp.plist.tmpl)
SSL_CERT_PATH="/etc/ssl/cert.pem"
### Install CloudFlare WARP (on non-WSL *nix systems) ### Install CloudFlare WARP (on non-WSL *nix systems)
if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
if [ -d /System ] && [ -d /Applications ]; then if [ -d /System ] && [ -d /Applications ]; then
@ -13278,8 +13287,8 @@ softwarePackages:
# sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" # sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt"
# fi # fi
logg info 'Updating the OpenSSL CA Store to include the Cloudflare certificate' logg info 'Updating the OpenSSL CA Store to include the Cloudflare certificate'
echo | sudo tee -a /etc/ssl/cert.pem < "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" > /dev/null echo | sudo tee -a "$SSL_CERT_PATH" < "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" > /dev/null
echo "" | sudo tee -a /etc/ssl/cert.pem echo "" | sudo tee -a "$SSL_CERT_PATH"
else else
logg warn 'Session is SSH so adding Cloudflare encryption key to trusted certificates via the security program is being bypassed since it requires Touch ID / Password verification.' logg warn 'Session is SSH so adding Cloudflare encryption key to trusted certificates via the security program is being bypassed since it requires Touch ID / Password verification.'
fi fi
@ -13307,7 +13316,8 @@ softwarePackages:
logg info 'Copying CloudFlare Teams PEM file to /usr/local/share/ca-certificates/Cloudflare_CA.crt' logg info 'Copying CloudFlare Teams PEM file to /usr/local/share/ca-certificates/Cloudflare_CA.crt'
sudo cp -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" /usr/local/share/ca-certificates/Cloudflare_CA.crt sudo cp -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" /usr/local/share/ca-certificates/Cloudflare_CA.crt
logg info 'dpkg-reconfigure executable detected so using Debian/Ubuntu method of updating system trusted certificates to include CloudFlare Teams certificate' logg info 'dpkg-reconfigure executable detected so using Debian/Ubuntu method of updating system trusted certificates to include CloudFlare Teams certificate'
sudo dpkg-reconfigure ca-certificates sudo dpkg-reconfigure ca-certificates -p high
SSL_CERT_PATH="/etc/ssl/certs/ca-certificates.crt"
else else
logg warn 'No /usr/local/share/ca-certificates folder present' logg warn 'No /usr/local/share/ca-certificates folder present'
fi fi
@ -13317,6 +13327,7 @@ softwarePackages:
sudo cp -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" /etc/pki/ca-trust/source/anchors sudo cp -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" /etc/pki/ca-trust/source/anchors
logg info 'update-ca-trust executable detected so using CentOS/Fedora method of updating system trusted certificates to include CloudFlare Teams certificate' logg info 'update-ca-trust executable detected so using CentOS/Fedora method of updating system trusted certificates to include CloudFlare Teams certificate'
sudo update-ca-trust sudo update-ca-trust
SSL_CERT_PATH="/etc/pki/tls/certs/ca-bundle.crt"
else else
logg warn '/etc/pki/ca-trust/source/anchors does not exist so skipping the system certificate update process' logg warn '/etc/pki/ca-trust/source/anchors does not exist so skipping the system certificate update process'
fi fi
@ -13330,20 +13341,20 @@ softwarePackages:
# certificate and the WARP client is not running. # certificate and the WARP client is not running.
### Git ### Git
if command -v git > /dev/null; then if command -v git > /dev/null; then
logg info "Configuring git to use /etc/ssl/cert.pem" logg info "Configuring git to use $SSL_CERT_PATH"
git config --global http.sslcainfo /etc/ssl/cert.pem git config --global http.sslcainfo "$SSL_CERT_PATH"
fi fi
### NPM ### NPM
if command -v npm > /dev/null; then if command -v npm > /dev/null; then
logg info "Configuring npm to use /etc/ssl/cert.pem" logg info "Configuring npm to use $SSL_CERT_PATH"
npm config set cafile /etc/ssl/cert.pem npm config set cafile "$SSL_CERT_PATH"
fi fi
### Python ### Python
if command -v python3 > /dev/null; then if command -v python3 > /dev/null; then
### Ensure Certifi package is available globally ### Ensure Certifi package is available globally
if ! pip3 list certifi | grep certifi > /dev/null; then if ! pip3 list | grep certifi > /dev/null; then
if command -v brew > /dev/null; then if command -v brew > /dev/null; then
logg info 'Ensuring Python certifi is installed via Homebrew' logg info 'Ensuring Python certifi is installed via Homebrew'
brew install --quiet python-certifi brew install --quiet python-certifi