diff --git a/home/.chezmoiscripts/qubes/run_onchange_before_12-update-dom0.tmpl b/home/.chezmoiscripts/qubes/run_onchange_before_12-update-dom0.tmpl index 2ec10045..cf63f790 100644 --- a/home/.chezmoiscripts/qubes/run_onchange_before_12-update-dom0.tmpl +++ b/home/.chezmoiscripts/qubes/run_onchange_before_12-update-dom0.tmpl @@ -1,5 +1,14 @@ #!/usr/bin/env bash +# qubes-templates.repo hash: {{ include (joinPath .chezmoi.homeDir ".config" "qubes" "qubes-templates.repo") | sha256sum }} +# qubes-dom0.repo hash: {{ include (joinPath .chezmoi.homeDir ".config" "qubes" "qubes-dom0.repo") | sha256sum }} +# qubes packages: {{ .qubes.dom0Packages | toString | replace "[" "" | replace "]" "" }} + +### Configure dom0 repos +logg info 'Updating dom0 repos to include auxilary branches' +sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/qubes/qubes-templates.repo" /etc/qubes/repo-templates/qubes-templates.repo +sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/qubes/qubes-dom0.repo" /etc/yum.repos.d/qubes-dom0.repo + ### Update dom0 logg info 'Updating dom0 via `qubesctl`' sudo qubesctl --show-output state.sls update.qubes-dom0 diff --git a/home/.chezmoiscripts/universal/run_onchange_after_14-timeshift.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_14-timeshift.tmpl new file mode 100644 index 00000000..9513fc03 --- /dev/null +++ b/home/.chezmoiscripts/universal/run_onchange_after_14-timeshift.tmpl @@ -0,0 +1,21 @@ +{{- if eq .host.distro.family "linux" -}} +#!/usr/bin/env bash + +# timeshift.json hash: {{ include (joinPath .chezmoi.homeDir ".config" "timeshift" "timeshift.json") | sha256sum }} + +{{ includeTemplate "universal/profile" }} +{{ includeTemplate "universal/logg" }} + +if command -v timeshift > /dev/null; then + if [ -d /etc/timeshift ]; then + TIMESHIFT_CONFIG="${XDG_CONFIG_HOME}:-$HOME/.config}/timeshift/timeshift.json" + logg info "Copying $TIMESHIFT_CONFIG to /etc/timeshift/timeshift.json" + sudo cp -f "$TIMESHIFT_CONFIG" /etc/timeshift/timeshift.json + else + logg info '`/etc/timeshift` is not a directory' + fi +else + logg info 'The `timeshift` executable is not available' +fi + +{{ end -}} diff --git a/home/.chezmoiscripts/universal/run_onchange_after_20-font.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_20-font.tmpl new file mode 100644 index 00000000..7911be58 --- /dev/null +++ b/home/.chezmoiscripts/universal/run_onchange_after_20-font.tmpl @@ -0,0 +1,14 @@ +{{- if (eq .host.distro.family "linux") -}} +#!/usr/bin/env bash + +{{ includeTemplate "universal/profile" }} +{{ includeTemplate "universal/logg" }} + +if [ -d /etc/fonts ]; then + logg info 'Copying ~/.config/fontconfig/fonts.conf to /etc/fonts/local.conf' + sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/fontconfig/fonts.conf" /etc/fonts/local.conf +else + logg warn 'The `/etc/fonts` directory is missing' +fi + +{{ end -}} diff --git a/home/.chezmoiscripts/universal/run_onchange_after_50-rclone.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_50-rclone.tmpl new file mode 100644 index 00000000..3533ba2d --- /dev/null +++ b/home/.chezmoiscripts/universal/run_onchange_after_50-rclone.tmpl @@ -0,0 +1,25 @@ +{{- if ne .host.distro.family "windows" -}} +#!/usr/bin/env bash + +{{ includeTemplate "universal/profile" }} +{{ includeTemplate "universal/logg" }} + +if rclone -v rclone > /dev/null; then + logg info 'Ensuring /var/cache/rclone exists' + sudo mkdir -p /var/cache/rclone + sudo chmod 700 /var/cache/rclone + + logg info 'Ensuring /mnt/s3-docker exists' + sudo mkdir -p /mnt/s3-docker + sudo chmod 700 /mnt/s3-docker + + logg info 'Adding ~/.local/bin/rclone-mount to /usr/local/bin' + sudo cp -f "$HOME/.local/bin/rclone-mount" /usr/local/bin/rclone-mount + sudo chmod +x /usr/local/bin/rclone-mount + + +else + logg info '`rclone` is not available' +fi + +{{ end -}} diff --git a/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.tmpl index 7ba595b1..3d67525d 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.tmpl @@ -8,9 +8,11 @@ if command -v netdata-claim.sh > /dev/null; then NETDATA_TOKEN="$(cat "{{ .chezmoi.sourceDir }}/.chezmoitemplates/secrets/key-netdata-token" | chezmoi decrypt)" NETDATA_ROOM="$(cat "{{ .chezmoi.sourceDir }}/.chezmoitemplates/secrets/key-netdata-room" | chezmoi decrypt)" - netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url={{ .netdataClaimURL }} + netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}" # Kernel optimizations + # These are mentioned while installing via the kickstart.sh script method. We are using Homebrew for the installation though. + # Assuming these optimizations do not cause any harm. if [ -d /Applications ] && [ -d /System ]; then # macOS logg info 'System is macOS so Netdata kernel optimizations are not required' diff --git a/system/etc/sddm.conf b/home/Cloud/Private/remove_dot_gitkeep similarity index 100% rename from system/etc/sddm.conf rename to home/Cloud/Private/remove_dot_gitkeep diff --git a/home/Cloud/Public/remove_dot_gitkeep b/home/Cloud/Public/remove_dot_gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/system/etc/cups/cupsd.conf b/home/dot_config/cups/cupsd.conf similarity index 100% rename from system/etc/cups/cupsd.conf rename to home/dot_config/cups/cupsd.conf diff --git a/system/etc/yum.repos.d/qubes-dom0.repo b/home/dot_config/qubes/qubes-dom0.repo similarity index 100% rename from system/etc/yum.repos.d/qubes-dom0.repo rename to home/dot_config/qubes/qubes-dom0.repo diff --git a/system/etc/qubes/repo-templates/qubes-templates.repo b/home/dot_config/qubes/qubes-templates.repo similarity index 100% rename from system/etc/qubes/repo-templates/qubes-templates.repo rename to home/dot_config/qubes/qubes-templates.repo diff --git a/home/dot_config/rclone/merge_rclone.conf b/home/dot_config/rclone/merge_rclone.conf index 3ee32905..ab49cc2c 100644 --- a/home/dot_config/rclone/merge_rclone.conf +++ b/home/dot_config/rclone/merge_rclone.conf @@ -25,5 +25,15 @@ region = auto endpoint = https://{{ .user.CLOUDFLARE_R2_ACCOUNT_ID }}.r2.cloudflarestorage.com acl = private # MEGABYTE LABS MANAGED r2-user +[do-private] +type = s3 +provider = DigitalOcean +endpoint = private.nyc3.digitaloceanspaces.com +acl = private +[do-open] +type = s3 +provider = DigitalOcean +endpoint = open.nyc3.digitaloceanspaces.com +acl = public-read EOT {{- end }} diff --git a/home/dot_config/timeshift/timeshift.json b/home/dot_config/timeshift/timeshift.json new file mode 100644 index 00000000..8bbbcd5c --- /dev/null +++ b/home/dot_config/timeshift/timeshift.json @@ -0,0 +1,23 @@ +{ + "backup_device_uuid": "", + "btrfs_mode": "true", + "count_boot": "0", + "count_daily": "4", + "count_hourly": "8", + "count_monthly": "0", + "count_weekly": "2", + "do_first_run": "true", + "exclude": [], + "exclude-apps": [], + "include_btrfs_home": "false", + "parent_device_uuid": "", + "schedule_boot": "false", + "schedule_daily": "false", + "schedule_hourly": "false", + "schedule_monthly": "false", + "schedule_weekly": "false", + "snapshot_count": "0", + "snapshot_size": "0", + "stop_cron_emails": "true" +} + \ No newline at end of file diff --git a/home/dot_local/bin/executable_rclone-mount b/home/dot_local/bin/executable_rclone-mount index e69de29b..22dc5f93 100644 --- a/home/dot_local/bin/executable_rclone-mount +++ b/home/dot_local/bin/executable_rclone-mount @@ -0,0 +1,64 @@ +#!/usr/bin/env sh + +### Variables +TYPE="$1" +USER="$2" +MOUNT="$3" +if [ "$TYPE" = 'user' ]; then + CACHE_FOLDER="/home/$USER/.cache/rclone" + CONFIG_FOLDER="/home/$USER/.config/rclone" + LOG_FOLDER="/home/$USER/.local/log" + LOG_FILE="$LOG_FOLDER/$MOUNT.log" + MOUNT_PATH="/home/{{ .user.username }}/.local/mnt/$MOUNT" +elif [ "$TYPE" = 'docker' ]; then + CACHE_FOLDER="/var/cache/rclone/$MOUNT" + CONFIG_FOLDER="/etc" + LOG_FOLDER="/var/log/rclone" + LOG_FILE="$LOG_FOLDER/$MOUNT.log" + MOUNT_PATH="/mnt/$MOUNT" +else + CACHE_FOLDER="/var/cache/rclone" + CONFIG_FOLDER="/etc" + LOG_FOLDER="/var/log/rclone" + LOG_FILE="$LOG_FOLDER/$MOUNT.log" + MOUNT_PATH="/mnt/$MOUNT" +fi + +### Ensure directories created +if [ ! -d "$CACHE_FOLDER" ]; then + mkdir -p "$CACHE_FOLDER" +fi +if [ ! -d "$CONFIG_FOLDER" ]; then + mkdir -p "$CONFIG_FOLDER" +fi +if [ ! -d "$LOG_FOLDER" ]; then + mkdir -p "$LOG_FOLDER" +fi +if [ ! -d "$MOUNT_PATH" ]; then + mkdir -p "$MOUNT_PATH" +fi +RCLONE_IGNORE="$CONFIG_FOLDER/rcloneignore" +if [ ! -f "$RCLONE_IGNORE" ] && [ -f "/etc/rcloneignore" ]; then + RCLONE_IGNORE='etc/rcloneignore' +fi + +### Mount + /usr/bin/rclone --config="$CONFIG_FOLDER/rclone.conf" \ + mount \ + --cache-tmp-upload-path="$CACHE_FOLDER/$MOUNT-upload" \ + --cache-chunk-path="$CACHE_FOLDER/$MOUNT-chunks" \ + --cache-workers=8 \ + --cache-writes \ + --cache-dir="$CACHE_FOLDER/$MOUNT-vfs" \ + --cache-db-path="$CACHE_FOLDER/$MOUNT-db" \ + --log-file="$LOG_FILE" \ + --no-modtime \ + --drive-use-trash \ + --stats=0 \ + --checkers=16 \ + --bwlimit=40M \ + --dir-cache-time=60m \ + --vfs-cache-mode full \ + --cache-info-age=60m \ + --filter-from="$RCLONE_IGNORE" + "$MOUNT":/ "$MOUNT_PATH" diff --git a/system/etc/grub.d/31-hold-shift b/home/dot_local/grub.d/31-hold-shift similarity index 100% rename from system/etc/grub.d/31-hold-shift rename to home/dot_local/grub.d/31-hold-shift diff --git a/home/dot_local/share/firefox/distribution/policies.json b/home/dot_local/share/firefox/distribution/policies.json index 43a0799c..932f14eb 100644 --- a/home/dot_local/share/firefox/distribution/policies.json +++ b/home/dot_local/share/firefox/distribution/policies.json @@ -71,4 +71,4 @@ "OverrideFirstRunPage": "", "PasswordManagerEnabled": false } -} +} \ No newline at end of file diff --git a/system/Applications/Firefox.app/Contents/Resources/distribution/policies.json b/system/Applications/Firefox.app/Contents/Resources/distribution/policies.json deleted file mode 100644 index 26a020a0..00000000 --- a/system/Applications/Firefox.app/Contents/Resources/distribution/policies.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "policies": { - "DisableTelemetry": true, - "DontCheckDefaultBrowser": true, - "EnableTrackingProtection": { - "Cryptomining": true, - "Fingerprinting": true, - "Locked": false, - "Value": true - }, - "Homepage": { - "Locked": false, - "StartPage": "previous-session", - "URL": "http://betelgeuse.home" - }, - "NoDefaultBookmarks": true, - "OfferToSaveLogins": false, - "OverrideFirstRunPage": "", - "PasswordManagerEnabled": false - } -} diff --git a/system/etc/cups/modify_cupsd.conf b/system/etc/cups/modify_cupsd.conf deleted file mode 100644 index 8ec91ec6..00000000 --- a/system/etc/cups/modify_cupsd.conf +++ /dev/null @@ -1,3 +0,0 @@ -#!/usr/bin/env bash - -sudo chmod 644 cupsd.conf diff --git a/system/etc/fonts/local.conf b/system/etc/fonts/local.conf deleted file mode 100644 index 26a5c44d..00000000 --- a/system/etc/fonts/local.conf +++ /dev/null @@ -1,41 +0,0 @@ - - - - - - sans-serif - - Montserrat - Noto Sans - Open Sans - Droid Sans - Roboto - Tholoth - Noto Sans Arabic - - - - serif - - Zilla Slab - Noto Serif - Droid Serif - Roboto Slab - Tholoth - Noto Sans Arabic - - - - monospace - - Hack Nerd Font - Hack - Hack Regular - Noto Sans Mono - Inconsolata - Droid Sans Mono - Roboto Mono - - - - diff --git a/system/etc/opt/chrome/policies/managed/policies.json b/system/etc/opt/chrome/policies/managed/policies.json deleted file mode 100644 index 5b54ead9..00000000 --- a/system/etc/opt/chrome/policies/managed/policies.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "PasswordManagerEnabled": false -} diff --git a/system/etc/timeshift/timeshift.json b/system/etc/timeshift/timeshift.json deleted file mode 100644 index 61b0c5f2..00000000 --- a/system/etc/timeshift/timeshift.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "backup_device_uuid": "", - "btrfs_mode": "true", - "count_boot": "0", - "count_daily": "4", - "count_hourly": "8", - "count_monthly": "0", - "count_weekly": "2", - "do_first_run": "true", - "exclude": [], - "exclude-apps": [], - "include_btrfs_home": "false", - "parent_device_uuid": "", - "schedule_boot": "false", - "schedule_daily": "false", - "schedule_hourly": "false", - "schedule_monthly": "false", - "schedule_weekly": "false", - "snapshot_count": "0", - "snapshot_size": "0", - "stop_cron_emails": "true" -} diff --git a/system/mnt/private_r2-docker/remove_dot_gitkeep b/system/mnt/private_r2-docker/remove_dot_gitkeep deleted file mode 100644 index 8b137891..00000000 --- a/system/mnt/private_r2-docker/remove_dot_gitkeep +++ /dev/null @@ -1 +0,0 @@ - diff --git a/system/usr/lib/firefox-esr/distribution/policies.json b/system/usr/lib/firefox-esr/distribution/policies.json deleted file mode 100644 index 26a020a0..00000000 --- a/system/usr/lib/firefox-esr/distribution/policies.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "policies": { - "DisableTelemetry": true, - "DontCheckDefaultBrowser": true, - "EnableTrackingProtection": { - "Cryptomining": true, - "Fingerprinting": true, - "Locked": false, - "Value": true - }, - "Homepage": { - "Locked": false, - "StartPage": "previous-session", - "URL": "http://betelgeuse.home" - }, - "NoDefaultBookmarks": true, - "OfferToSaveLogins": false, - "OverrideFirstRunPage": "", - "PasswordManagerEnabled": false - } -} diff --git a/system/usr/lib/firefox/distribution/policies.json b/system/usr/lib/firefox/distribution/policies.json deleted file mode 100644 index e70bfb86..00000000 --- a/system/usr/lib/firefox/distribution/policies.json +++ /dev/null @@ -1,83 +0,0 @@ -{ - "policies": { - "CaptivePortal": false, - "DNSOverHTTPS": { - "Enabled": false - }, - "DisableBuiltinPDFViewer": false, - "DisableFirefoxAccounts": false, - "DisableFirefoxStudies": true, - "DisableFormHistory": true, - "DisablePocket": false, - "DisableTelemetry": true, - "DisplayMenuBar": true, - "DontCheckDefaultBrowser": true, - "EnableTrackingProtection": { - "Cryptomining": true, - "Fingerprinting": true, - "Locked": false, - "Value": true - }, - "ExtensionSettings": { - "CanvasBlocker@kkapsner.net": { - "install_url": "https://addons.mozilla.org/firefox/downloads/latest/canvasblocker/latest.xpi", - "installation_mode": "normal_installed" - }, - "ClearURLs@kevinr": { - "install_url": "https://addons.mozilla.org/firefox/downloads/latest/clearurls/latest.xpi", - "installation_mode": "normal_installed" - }, - "CookieAutoDelete@kennydo.com": { - "install_url": "https://addons.mozilla.org/firefox/downloads/latest/cookie-autodelete/latest.xpi", - "installation_mode": "normal_installed" - }, - "Decentraleyes@ThomasRientjes": { - "install_url": "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi", - "installation_mode": "normal_installed" - }, - "FirefoxMulti-AccountContainers@mozilla.org": { - "install_url": "https://addons.mozilla.org/firefox/downloads/latest/multi-account-containers/latest.xpi", - "installation_mode": "normal_installed" - }, - "TemporaryContainers@stoically": { - "install_url": "https://addons.mozilla.org/firefox/downloads/latest/temporary-containers/latest.xpi", - "installation_mode": "normal_installed" - }, - "https-everywhere@eff.org": { - "install_url": "https://addons.mozilla.org/firefox/downloads/latest/https-everywhere/latest.xpi", - "installation_mode": "normal_installed" - }, - "jid1-MnnxcxisBPnSXQ@jetpack": { - "install_url": "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi", - "installation_mode": "normal_installed" - }, - "uBlock0@raymondhill.net": { - "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi", - "installation_mode": "normal_installed" - }, - "uMatrix@raymondhill.net": { - "install_url": "https://addons.mozilla.org/firefox/downloads/latest/umatrix/latest.xpi", - "installation_mode": "normal_installed" - } - }, - "Homepage": { - "Locked": false, - "StartPage": "previous-session", - "URL": "http://install.doctor" - }, - "NetworkPrediction": false, - "NoDefaultBookmarks": true, - "OfferToSaveLogins": false, - "OverrideFirstRunPage": "", - "PasswordManagerEnabled": false - } -} - -{ - "policies": { - - - - - } -} diff --git a/system/var/cache/rclone/remove_dot_gitkeep b/system/var/cache/rclone/remove_dot_gitkeep deleted file mode 100644 index 8b137891..00000000 --- a/system/var/cache/rclone/remove_dot_gitkeep +++ /dev/null @@ -1 +0,0 @@ -