Update 29 files
- /system/Applications/Firefox.app/Contents/Resources/distribution/policies.json - /system/etc/cups/cupsd.conf - /system/etc/cups/modify_cupsd.conf - /system/etc/fonts/local.conf - /system/etc/grub.d/31-hold-shift - /system/etc/opt/chrome/policies/managed/policies.json - /system/etc/qubes/repo-templates/qubes-templates.repo - /system/etc/yum.repos.d/qubes-dom0.repo - /system/etc/timeshift/timeshift.json - /system/usr/lib/firefox-esr/distribution/policies.json - /system/usr/lib/firefox/distribution/policies.json - /system/var/cache/rclone/remove_dot_gitkeep - /system/mnt/private_r2-docker/remove_dot_gitkeep - /system/etc/sddm.conf - /home/.chezmoiscripts/universal/run_onchange_after_57-netdata.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_20-font.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_14-timeshift.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_50-rclone.tmpl - /home/.chezmoiscripts/qubes/run_onchange_before_12-update-dom0.tmpl - /home/dot_config/rclone/merge_rclone.conf - /home/dot_config/cups/cupsd.conf - /home/dot_config/qubes/qubes-templates.repo - /home/dot_config/qubes/qubes-dom0.repo - /home/dot_config/timeshift/timeshift.json - /home/Cloud/Private/remove_dot_gitkeep - /home/Cloud/Public/remove_dot_gitkeep - /home/dot_local/share/firefox/distribution/policies.json - /home/dot_local/bin/executable_rclone-mount - /home/dot_local/grub.d/31-hold-shift
This commit is contained in:
parent
7cbc3bc326
commit
9037474d22
24 changed files with 170 additions and 198 deletions
|
@ -1,5 +1,14 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# qubes-templates.repo hash: {{ include (joinPath .chezmoi.homeDir ".config" "qubes" "qubes-templates.repo") | sha256sum }}
|
||||
# qubes-dom0.repo hash: {{ include (joinPath .chezmoi.homeDir ".config" "qubes" "qubes-dom0.repo") | sha256sum }}
|
||||
# qubes packages: {{ .qubes.dom0Packages | toString | replace "[" "" | replace "]" "" }}
|
||||
|
||||
### Configure dom0 repos
|
||||
logg info 'Updating dom0 repos to include auxilary branches'
|
||||
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/qubes/qubes-templates.repo" /etc/qubes/repo-templates/qubes-templates.repo
|
||||
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/qubes/qubes-dom0.repo" /etc/yum.repos.d/qubes-dom0.repo
|
||||
|
||||
### Update dom0
|
||||
logg info 'Updating dom0 via `qubesctl`'
|
||||
sudo qubesctl --show-output state.sls update.qubes-dom0
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
{{- if eq .host.distro.family "linux" -}}
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# timeshift.json hash: {{ include (joinPath .chezmoi.homeDir ".config" "timeshift" "timeshift.json") | sha256sum }}
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
||||
if command -v timeshift > /dev/null; then
|
||||
if [ -d /etc/timeshift ]; then
|
||||
TIMESHIFT_CONFIG="${XDG_CONFIG_HOME}:-$HOME/.config}/timeshift/timeshift.json"
|
||||
logg info "Copying $TIMESHIFT_CONFIG to /etc/timeshift/timeshift.json"
|
||||
sudo cp -f "$TIMESHIFT_CONFIG" /etc/timeshift/timeshift.json
|
||||
else
|
||||
logg info '`/etc/timeshift` is not a directory'
|
||||
fi
|
||||
else
|
||||
logg info 'The `timeshift` executable is not available'
|
||||
fi
|
||||
|
||||
{{ end -}}
|
|
@ -0,0 +1,14 @@
|
|||
{{- if (eq .host.distro.family "linux") -}}
|
||||
#!/usr/bin/env bash
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
||||
if [ -d /etc/fonts ]; then
|
||||
logg info 'Copying ~/.config/fontconfig/fonts.conf to /etc/fonts/local.conf'
|
||||
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/fontconfig/fonts.conf" /etc/fonts/local.conf
|
||||
else
|
||||
logg warn 'The `/etc/fonts` directory is missing'
|
||||
fi
|
||||
|
||||
{{ end -}}
|
|
@ -0,0 +1,25 @@
|
|||
{{- if ne .host.distro.family "windows" -}}
|
||||
#!/usr/bin/env bash
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
||||
if rclone -v rclone > /dev/null; then
|
||||
logg info 'Ensuring /var/cache/rclone exists'
|
||||
sudo mkdir -p /var/cache/rclone
|
||||
sudo chmod 700 /var/cache/rclone
|
||||
|
||||
logg info 'Ensuring /mnt/s3-docker exists'
|
||||
sudo mkdir -p /mnt/s3-docker
|
||||
sudo chmod 700 /mnt/s3-docker
|
||||
|
||||
logg info 'Adding ~/.local/bin/rclone-mount to /usr/local/bin'
|
||||
sudo cp -f "$HOME/.local/bin/rclone-mount" /usr/local/bin/rclone-mount
|
||||
sudo chmod +x /usr/local/bin/rclone-mount
|
||||
|
||||
|
||||
else
|
||||
logg info '`rclone` is not available'
|
||||
fi
|
||||
|
||||
{{ end -}}
|
|
@ -8,9 +8,11 @@
|
|||
if command -v netdata-claim.sh > /dev/null; then
|
||||
NETDATA_TOKEN="$(cat "{{ .chezmoi.sourceDir }}/.chezmoitemplates/secrets/key-netdata-token" | chezmoi decrypt)"
|
||||
NETDATA_ROOM="$(cat "{{ .chezmoi.sourceDir }}/.chezmoitemplates/secrets/key-netdata-room" | chezmoi decrypt)"
|
||||
netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url={{ .netdataClaimURL }}
|
||||
netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"
|
||||
|
||||
# Kernel optimizations
|
||||
# These are mentioned while installing via the kickstart.sh script method. We are using Homebrew for the installation though.
|
||||
# Assuming these optimizations do not cause any harm.
|
||||
if [ -d /Applications ] && [ -d /System ]; then
|
||||
# macOS
|
||||
logg info 'System is macOS so Netdata kernel optimizations are not required'
|
||||
|
|
0
home/Cloud/Public/remove_dot_gitkeep
Normal file
0
home/Cloud/Public/remove_dot_gitkeep
Normal file
|
@ -25,5 +25,15 @@ region = auto
|
|||
endpoint = https://{{ .user.CLOUDFLARE_R2_ACCOUNT_ID }}.r2.cloudflarestorage.com
|
||||
acl = private
|
||||
# MEGABYTE LABS MANAGED r2-user
|
||||
[do-private]
|
||||
type = s3
|
||||
provider = DigitalOcean
|
||||
endpoint = private.nyc3.digitaloceanspaces.com
|
||||
acl = private
|
||||
[do-open]
|
||||
type = s3
|
||||
provider = DigitalOcean
|
||||
endpoint = open.nyc3.digitaloceanspaces.com
|
||||
acl = public-read
|
||||
EOT
|
||||
{{- end }}
|
||||
|
|
23
home/dot_config/timeshift/timeshift.json
Normal file
23
home/dot_config/timeshift/timeshift.json
Normal file
|
@ -0,0 +1,23 @@
|
|||
{
|
||||
"backup_device_uuid": "",
|
||||
"btrfs_mode": "true",
|
||||
"count_boot": "0",
|
||||
"count_daily": "4",
|
||||
"count_hourly": "8",
|
||||
"count_monthly": "0",
|
||||
"count_weekly": "2",
|
||||
"do_first_run": "true",
|
||||
"exclude": [],
|
||||
"exclude-apps": [],
|
||||
"include_btrfs_home": "false",
|
||||
"parent_device_uuid": "",
|
||||
"schedule_boot": "false",
|
||||
"schedule_daily": "false",
|
||||
"schedule_hourly": "false",
|
||||
"schedule_monthly": "false",
|
||||
"schedule_weekly": "false",
|
||||
"snapshot_count": "0",
|
||||
"snapshot_size": "0",
|
||||
"stop_cron_emails": "true"
|
||||
}
|
||||
|
|
@ -0,0 +1,64 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
### Variables
|
||||
TYPE="$1"
|
||||
USER="$2"
|
||||
MOUNT="$3"
|
||||
if [ "$TYPE" = 'user' ]; then
|
||||
CACHE_FOLDER="/home/$USER/.cache/rclone"
|
||||
CONFIG_FOLDER="/home/$USER/.config/rclone"
|
||||
LOG_FOLDER="/home/$USER/.local/log"
|
||||
LOG_FILE="$LOG_FOLDER/$MOUNT.log"
|
||||
MOUNT_PATH="/home/{{ .user.username }}/.local/mnt/$MOUNT"
|
||||
elif [ "$TYPE" = 'docker' ]; then
|
||||
CACHE_FOLDER="/var/cache/rclone/$MOUNT"
|
||||
CONFIG_FOLDER="/etc"
|
||||
LOG_FOLDER="/var/log/rclone"
|
||||
LOG_FILE="$LOG_FOLDER/$MOUNT.log"
|
||||
MOUNT_PATH="/mnt/$MOUNT"
|
||||
else
|
||||
CACHE_FOLDER="/var/cache/rclone"
|
||||
CONFIG_FOLDER="/etc"
|
||||
LOG_FOLDER="/var/log/rclone"
|
||||
LOG_FILE="$LOG_FOLDER/$MOUNT.log"
|
||||
MOUNT_PATH="/mnt/$MOUNT"
|
||||
fi
|
||||
|
||||
### Ensure directories created
|
||||
if [ ! -d "$CACHE_FOLDER" ]; then
|
||||
mkdir -p "$CACHE_FOLDER"
|
||||
fi
|
||||
if [ ! -d "$CONFIG_FOLDER" ]; then
|
||||
mkdir -p "$CONFIG_FOLDER"
|
||||
fi
|
||||
if [ ! -d "$LOG_FOLDER" ]; then
|
||||
mkdir -p "$LOG_FOLDER"
|
||||
fi
|
||||
if [ ! -d "$MOUNT_PATH" ]; then
|
||||
mkdir -p "$MOUNT_PATH"
|
||||
fi
|
||||
RCLONE_IGNORE="$CONFIG_FOLDER/rcloneignore"
|
||||
if [ ! -f "$RCLONE_IGNORE" ] && [ -f "/etc/rcloneignore" ]; then
|
||||
RCLONE_IGNORE='etc/rcloneignore'
|
||||
fi
|
||||
|
||||
### Mount
|
||||
/usr/bin/rclone --config="$CONFIG_FOLDER/rclone.conf" \
|
||||
mount \
|
||||
--cache-tmp-upload-path="$CACHE_FOLDER/$MOUNT-upload" \
|
||||
--cache-chunk-path="$CACHE_FOLDER/$MOUNT-chunks" \
|
||||
--cache-workers=8 \
|
||||
--cache-writes \
|
||||
--cache-dir="$CACHE_FOLDER/$MOUNT-vfs" \
|
||||
--cache-db-path="$CACHE_FOLDER/$MOUNT-db" \
|
||||
--log-file="$LOG_FILE" \
|
||||
--no-modtime \
|
||||
--drive-use-trash \
|
||||
--stats=0 \
|
||||
--checkers=16 \
|
||||
--bwlimit=40M \
|
||||
--dir-cache-time=60m \
|
||||
--vfs-cache-mode full \
|
||||
--cache-info-age=60m \
|
||||
--filter-from="$RCLONE_IGNORE"
|
||||
"$MOUNT":/ "$MOUNT_PATH"
|
|
@ -1,21 +0,0 @@
|
|||
{
|
||||
"policies": {
|
||||
"DisableTelemetry": true,
|
||||
"DontCheckDefaultBrowser": true,
|
||||
"EnableTrackingProtection": {
|
||||
"Cryptomining": true,
|
||||
"Fingerprinting": true,
|
||||
"Locked": false,
|
||||
"Value": true
|
||||
},
|
||||
"Homepage": {
|
||||
"Locked": false,
|
||||
"StartPage": "previous-session",
|
||||
"URL": "http://betelgeuse.home"
|
||||
},
|
||||
"NoDefaultBookmarks": true,
|
||||
"OfferToSaveLogins": false,
|
||||
"OverrideFirstRunPage": "",
|
||||
"PasswordManagerEnabled": false
|
||||
}
|
||||
}
|
|
@ -1,3 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
sudo chmod 644 cupsd.conf
|
|
@ -1,41 +0,0 @@
|
|||
<?xml version='1.0'?>
|
||||
<!DOCTYPE fontconfig SYSTEM "urn:fontconfig:fonts.dtd">
|
||||
<fontconfig>
|
||||
|
||||
<alias>
|
||||
<family>sans-serif</family>
|
||||
<prefer>
|
||||
<family>Montserrat</family>
|
||||
<family>Noto Sans</family>
|
||||
<family>Open Sans</family>
|
||||
<family>Droid Sans</family>
|
||||
<family>Roboto</family>
|
||||
<family>Tholoth</family>
|
||||
<family>Noto Sans Arabic</family>
|
||||
</prefer>
|
||||
</alias>
|
||||
<alias>
|
||||
<family>serif</family>
|
||||
<prefer>
|
||||
<family>Zilla Slab</family>
|
||||
<family>Noto Serif</family>
|
||||
<family>Droid Serif</family>
|
||||
<family>Roboto Slab</family>
|
||||
<family>Tholoth</family>
|
||||
<family>Noto Sans Arabic</family>
|
||||
</prefer>
|
||||
</alias>
|
||||
<alias>
|
||||
<family>monospace</family>
|
||||
<prefer>
|
||||
<family>Hack Nerd Font</family>
|
||||
<family>Hack</family>
|
||||
<family>Hack Regular</family>
|
||||
<family>Noto Sans Mono</family>
|
||||
<family>Inconsolata</family>
|
||||
<family>Droid Sans Mono</family>
|
||||
<family>Roboto Mono</family>
|
||||
</prefer>
|
||||
</alias>
|
||||
|
||||
</fontconfig>
|
|
@ -1,3 +0,0 @@
|
|||
{
|
||||
"PasswordManagerEnabled": false
|
||||
}
|
|
@ -1,22 +0,0 @@
|
|||
{
|
||||
"backup_device_uuid": "",
|
||||
"btrfs_mode": "true",
|
||||
"count_boot": "0",
|
||||
"count_daily": "4",
|
||||
"count_hourly": "8",
|
||||
"count_monthly": "0",
|
||||
"count_weekly": "2",
|
||||
"do_first_run": "true",
|
||||
"exclude": [],
|
||||
"exclude-apps": [],
|
||||
"include_btrfs_home": "false",
|
||||
"parent_device_uuid": "",
|
||||
"schedule_boot": "false",
|
||||
"schedule_daily": "false",
|
||||
"schedule_hourly": "false",
|
||||
"schedule_monthly": "false",
|
||||
"schedule_weekly": "false",
|
||||
"snapshot_count": "0",
|
||||
"snapshot_size": "0",
|
||||
"stop_cron_emails": "true"
|
||||
}
|
|
@ -1 +0,0 @@
|
|||
|
|
@ -1,21 +0,0 @@
|
|||
{
|
||||
"policies": {
|
||||
"DisableTelemetry": true,
|
||||
"DontCheckDefaultBrowser": true,
|
||||
"EnableTrackingProtection": {
|
||||
"Cryptomining": true,
|
||||
"Fingerprinting": true,
|
||||
"Locked": false,
|
||||
"Value": true
|
||||
},
|
||||
"Homepage": {
|
||||
"Locked": false,
|
||||
"StartPage": "previous-session",
|
||||
"URL": "http://betelgeuse.home"
|
||||
},
|
||||
"NoDefaultBookmarks": true,
|
||||
"OfferToSaveLogins": false,
|
||||
"OverrideFirstRunPage": "",
|
||||
"PasswordManagerEnabled": false
|
||||
}
|
||||
}
|
|
@ -1,83 +0,0 @@
|
|||
{
|
||||
"policies": {
|
||||
"CaptivePortal": false,
|
||||
"DNSOverHTTPS": {
|
||||
"Enabled": false
|
||||
},
|
||||
"DisableBuiltinPDFViewer": false,
|
||||
"DisableFirefoxAccounts": false,
|
||||
"DisableFirefoxStudies": true,
|
||||
"DisableFormHistory": true,
|
||||
"DisablePocket": false,
|
||||
"DisableTelemetry": true,
|
||||
"DisplayMenuBar": true,
|
||||
"DontCheckDefaultBrowser": true,
|
||||
"EnableTrackingProtection": {
|
||||
"Cryptomining": true,
|
||||
"Fingerprinting": true,
|
||||
"Locked": false,
|
||||
"Value": true
|
||||
},
|
||||
"ExtensionSettings": {
|
||||
"CanvasBlocker@kkapsner.net": {
|
||||
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/canvasblocker/latest.xpi",
|
||||
"installation_mode": "normal_installed"
|
||||
},
|
||||
"ClearURLs@kevinr": {
|
||||
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/clearurls/latest.xpi",
|
||||
"installation_mode": "normal_installed"
|
||||
},
|
||||
"CookieAutoDelete@kennydo.com": {
|
||||
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/cookie-autodelete/latest.xpi",
|
||||
"installation_mode": "normal_installed"
|
||||
},
|
||||
"Decentraleyes@ThomasRientjes": {
|
||||
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi",
|
||||
"installation_mode": "normal_installed"
|
||||
},
|
||||
"FirefoxMulti-AccountContainers@mozilla.org": {
|
||||
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/multi-account-containers/latest.xpi",
|
||||
"installation_mode": "normal_installed"
|
||||
},
|
||||
"TemporaryContainers@stoically": {
|
||||
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/temporary-containers/latest.xpi",
|
||||
"installation_mode": "normal_installed"
|
||||
},
|
||||
"https-everywhere@eff.org": {
|
||||
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/https-everywhere/latest.xpi",
|
||||
"installation_mode": "normal_installed"
|
||||
},
|
||||
"jid1-MnnxcxisBPnSXQ@jetpack": {
|
||||
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi",
|
||||
"installation_mode": "normal_installed"
|
||||
},
|
||||
"uBlock0@raymondhill.net": {
|
||||
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi",
|
||||
"installation_mode": "normal_installed"
|
||||
},
|
||||
"uMatrix@raymondhill.net": {
|
||||
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/umatrix/latest.xpi",
|
||||
"installation_mode": "normal_installed"
|
||||
}
|
||||
},
|
||||
"Homepage": {
|
||||
"Locked": false,
|
||||
"StartPage": "previous-session",
|
||||
"URL": "http://install.doctor"
|
||||
},
|
||||
"NetworkPrediction": false,
|
||||
"NoDefaultBookmarks": true,
|
||||
"OfferToSaveLogins": false,
|
||||
"OverrideFirstRunPage": "",
|
||||
"PasswordManagerEnabled": false
|
||||
}
|
||||
}
|
||||
|
||||
{
|
||||
"policies": {
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
}
|
1
system/var/cache/rclone/remove_dot_gitkeep
vendored
1
system/var/cache/rclone/remove_dot_gitkeep
vendored
|
@ -1 +0,0 @@
|
|||
|
Loading…
Reference in a new issue