Update 15 files
- /home/.chezmoiscripts/universal/run_onchange_after_30-tor-settings.tmpl - /home/dot_local/config/privoxy - /home/dot_local/config/torrc - /home/.chezmoitemplates/secrets/key-netdata-room-james - /home/.chezmoiscripts/universal/run_onchange_after_30-samba.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_27-tor.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_28-privoxy.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_57-netdata.tmpl - /home/dot_config/rkhunter/cron - /home/dot_config/clamd/clamd-freshclam.service - /home/dot_config/privoxy/config - /home/dot_config/tor/torrc - /home/.chezmoitemplates/secrets/key-netdata-room - /home/.chezmoidata.yaml - /software.yml
This commit is contained in:
parent
09c37c0269
commit
7cbc3bc326
11 changed files with 111 additions and 13 deletions
|
@ -21,6 +21,7 @@ colors:
|
|||
color16: '#FFFFFF'
|
||||
macosRemoteLogin: 'on'
|
||||
themeparkTheme: aquamarine
|
||||
netdataClaimURL: https://app.netdata.cloud
|
||||
config:
|
||||
gpg: https://raw.githubusercontent.com/drduh/config/master/gpg.conf
|
||||
chromeExtensions:
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{{- if (ne .host.distro.family "windows") -}}
|
||||
{{- if and (ne .host.distro.family "windows") (ne .host.work true) -}}
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# tor config hash: {{ include (joinPath .host.home ".local" "config" "torrc") | sha256sum }}
|
||||
# tor config hash: {{ include (joinPath .host.home ".config" "tor" "torrc") | sha256sum }}
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
@ -20,7 +20,7 @@ TORRC_CONFIG="$TORRC_CONFIG_DIR/torrc"
|
|||
if command -v toron > /dev/null; then
|
||||
if [ -d "$TORRC_CONFIG_DIR" ]; then
|
||||
# Copy config
|
||||
sudo cp -f "$HOME/.local/config/torrc" "$TORRC_CONFIG"
|
||||
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/tor/torrc" "$TORRC_CONFIG"
|
||||
sudo chmod 600 "$TORRC_CONFIG"
|
||||
|
||||
# Restart / enable Tor
|
||||
|
@ -28,9 +28,13 @@ if command -v toron > /dev/null; then
|
|||
# macOS
|
||||
brew services restart tor
|
||||
else
|
||||
# Linux
|
||||
sudo systemctl enable tor
|
||||
sudo systemlctl restart tor
|
||||
if [[ ! "$(grep Microsoft /proc/version)" ]]; then
|
||||
# Linux
|
||||
sudo systemctl enable tor
|
||||
sudo systemlctl restart tor
|
||||
else
|
||||
logg info 'Environment is WSL so the Tor systemd service will not be enabled / restarted'
|
||||
fi
|
||||
fi
|
||||
else
|
||||
logg warn 'The '"$TORRC_CONFIG_DIR"' directory is missing'
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{{- if (ne .host.distro.family "windows") -}}
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# privoxy config hash: {{ include (joinPath .host.home ".local" "config" "privoxy") | sha256sum }}
|
||||
# privoxy config hash: {{ include (joinPath .host.home ".config" "privoxy" "config") | sha256sum }}
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
@ -19,7 +19,7 @@ PRIVOXY_CONFIG="$PRIVOXY_CONFIG_DIR/config"
|
|||
### Configure Privoxy
|
||||
if command -v privoxy > /dev/null; then
|
||||
if [ -d "$PRIVOXY_CONFIG_DIR" ]; then
|
||||
sudo cp -f "$HOME/.local/config/privoxy" "$PRIVOXY_CONFIG"
|
||||
sudo cp -f "${XDG_CONFIG_HOME:-HOME/.config}/privoxy/config" "$PRIVOXY_CONFIG"
|
||||
sudo chmod 600 "$PRIVOXY_CONFIG"
|
||||
|
||||
# Restart / enable Privoxy
|
||||
|
@ -27,9 +27,13 @@ if command -v privoxy > /dev/null; then
|
|||
# macOS
|
||||
brew services restart privoxy
|
||||
else
|
||||
# Linux
|
||||
sudo systemctl enable privoxy
|
||||
sudo systemlctl restart privoxy
|
||||
if [[ ! "$(grep Microsoft /proc/version)" ]]; then
|
||||
# Linux
|
||||
sudo systemctl enable privoxy
|
||||
sudo systemlctl restart privoxy
|
||||
else
|
||||
logg info 'The system is a WSL environment so the Privoxy systemd service will not be enabled / restarted'
|
||||
fi
|
||||
fi
|
||||
else
|
||||
logg warn 'The '"$PRIVOXY_CONFIG_DIR"' directory is missing'
|
||||
|
|
|
@ -1,8 +1,10 @@
|
|||
{{- if (ne .host.distro.family "windows") -}}
|
||||
#!/usr/bin/env bash
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
||||
### TODO - Add logic from Tor / Privoxy role here
|
||||
### Add config files to system folder if applicable
|
||||
# Samba logic
|
||||
echo true
|
||||
|
||||
{{ end -}}
|
|
@ -0,0 +1,32 @@
|
|||
{{- if and (ne .host.distro.family "windows") (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-netdata-token")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-netdata-room")) -}}
|
||||
#!/usr/bin/env bash
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
||||
### Claim the instance with Netdata Cloud
|
||||
if command -v netdata-claim.sh > /dev/null; then
|
||||
NETDATA_TOKEN="$(cat "{{ .chezmoi.sourceDir }}/.chezmoitemplates/secrets/key-netdata-token" | chezmoi decrypt)"
|
||||
NETDATA_ROOM="$(cat "{{ .chezmoi.sourceDir }}/.chezmoitemplates/secrets/key-netdata-room" | chezmoi decrypt)"
|
||||
netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url={{ .netdataClaimURL }}
|
||||
|
||||
# Kernel optimizations
|
||||
if [ -d /Applications ] && [ -d /System ]; then
|
||||
# macOS
|
||||
logg info 'System is macOS so Netdata kernel optimizations are not required'
|
||||
else
|
||||
# Linux
|
||||
if [ -d /sys/kernel/mm/ksm ]; then
|
||||
logg info 'Adding Netdata kernel optimization for `/sys/kernel/mm/ksm/run`'
|
||||
echo 1 | sudo tee /sys/kernel/mm/ksm/run
|
||||
logg info 'Adding Netdata kernel optimization for `/sys/kernel/mm/ksm/sleep_millisecs`'
|
||||
echo 1000 | sudo tee /sys/kernel/mm/ksm/sleep_millisecs
|
||||
else
|
||||
logg info 'The `/sys/kernel/mm/ksm` directory does not exist so Netdata kernel optimizations are not being applied'
|
||||
fi
|
||||
fi
|
||||
else
|
||||
logg warn '`netdata-claim.sh` is not available in the PATH'
|
||||
fi
|
||||
|
||||
{{ end - }}
|
13
home/dot_config/clamd/clamd-freshclam.service
Normal file
13
home/dot_config/clamd/clamd-freshclam.service
Normal file
|
@ -0,0 +1,13 @@
|
|||
# Run freshclam as a daemon.
|
||||
[Unit]
|
||||
Description = ClamAV Freshclam service.
|
||||
After = network.target
|
||||
|
||||
[Service]
|
||||
Type = forking
|
||||
ExecStart = /usr/bin/freshclam --daemon --checks 2
|
||||
Restart = on-failure
|
||||
PrivateTmp = true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
41
home/dot_config/rkhunter/cron
Normal file
41
home/dot_config/rkhunter/cron
Normal file
|
@ -0,0 +1,41 @@
|
|||
#!/bin/sh
|
||||
|
||||
RKHUNTER=/usr/bin/rkhunter
|
||||
|
||||
test -x $RKHUNTER || exit 0
|
||||
|
||||
# source our config
|
||||
. /etc/rkhunter.conf
|
||||
|
||||
if [ -z "$NICE" ]; then
|
||||
NICE=0
|
||||
fi
|
||||
|
||||
if [ -z "$RUN_CHECK_ON_BATTERY" ]; then
|
||||
RUN_CHECK_ON_BATTERY="false"
|
||||
fi
|
||||
|
||||
# Do not run daily check if running on battery except if explicitely allowed
|
||||
if [ -x /usr/bin/on_ac_power >/dev/null 2>&1 ]; then
|
||||
on_ac_power >/dev/null 2>&1
|
||||
[ $? -eq 1 -a "$RUN_CHECK_ON_BATTERY" != "true" ] && exit 0
|
||||
fi
|
||||
|
||||
case "$CRON_DAILY_RUN" in
|
||||
[YyTt]*)
|
||||
OUTFILE=`mktemp` || exit 1
|
||||
/usr/bin/nice -n $NICE $RKHUNTER --cronjob --report-warnings-only --appendlog > $OUTFILE
|
||||
if [ -s "$OUTFILE" -a -n "$REPORT_EMAIL" ]; then
|
||||
(
|
||||
echo "Subject: [rkhunter] $(hostname) - Daily report"
|
||||
echo "To: $REPORT_EMAIL"
|
||||
echo ""
|
||||
cat $OUTFILE
|
||||
) | /usr/sbin/mailx $REPORT_EMAIL
|
||||
fi
|
||||
rm -f $OUTFILE
|
||||
;;
|
||||
*)
|
||||
exit 0
|
||||
;;
|
||||
esac
|
|
@ -5123,6 +5123,7 @@ softwarePackages:
|
|||
_github: https://github.com/netdata/netdata
|
||||
_home: https://www.netdata.cloud/
|
||||
_name: Netdata
|
||||
_service: netdata
|
||||
ansible: professormanhattan.netdata
|
||||
brew: netdata
|
||||
pacman: netdata
|
||||
|
|
Loading…
Reference in a new issue