Update 15 files
- /home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl - /home/.chezmoitemplates/secrets/key-cloudflare-r2-id - /home/.chezmoitemplates/secrets/key-cloudflare-r2-secret - /home/.chezmoitemplates/secrets/key-digitalocean-spaces-bucket - /home/.chezmoitemplates/secrets/key-digitalocean-spaces-key - /home/.chezmoitemplates/secrets/key-digitalocean-spaces-secret - /home/.chezmoiscripts/universal/run_onchange_before_14-warp.sh.tmpl - /home/.chezmoiscripts/disabled/run_onchange_after_14-warp.tmpl - /home/.chezmoiexternal.toml.tmpl - /home/dot_config/warp/private_mdm.xml.tmpl - /home/Library/Managed Preferences/private_com.cloudflare.warp.plist.tmpl - /home/.chezmoitemplates/secrets/CLOUDFLARE_R2_ID - /home/.chezmoitemplates/secrets/CLOUDFLARE_R2_SECRET - /home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_ID - /home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET
This commit is contained in:
parent
4b5750acb2
commit
95f3aa05a0
14 changed files with 190 additions and 61 deletions
|
@ -18,6 +18,14 @@
|
|||
clone.args = ["--branch", "release", "--depth", "1"]
|
||||
pull.args = ["--ff-only"]
|
||||
|
||||
### CloudFlare WARP Certificates
|
||||
[".local/share/warp/Cloudflare_CA.crt"]
|
||||
type = "file"
|
||||
url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt"
|
||||
[".local/share/warp/Cloudflare_CA.pem"]
|
||||
type = "file"
|
||||
url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.pem"
|
||||
|
||||
### Betelgeuse Theme
|
||||
[".local/src/betelgeuse"]
|
||||
type = "git-repo"
|
||||
|
|
|
@ -1,34 +1,120 @@
|
|||
{{- if (eq .host.distro.family "linux") -}}
|
||||
{{- if (ne .host.distro.family "windows") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file CloudFlare WARP Repository
|
||||
# @brief Adds the CloudFlare WARP `apt-get` repository to Debian and Ubuntu systems
|
||||
# @file CloudFlare WARP
|
||||
# @brief Installs CloudFlare WARP, ensures proper security certificates are in place, and connects the device to CloudFlare WARP.
|
||||
# @description
|
||||
# This script adds the CloudFlare WARP `apt-get` repository to Debian and Ubuntu systems. It currently does not support adding
|
||||
# repositories for other systems because they are not provided by CloudFlare.
|
||||
# This script is intended to connect the device to CloudFlare's Zero Trust network with nearly all of its features unlocked.
|
||||
# Homebrew is used to install the `warp-cli` on macOS. On Linux, it can install `warp-cli` on most Debian systems and some RedHat
|
||||
# systems. CloudFlare WARP's [download page](https://pkg.cloudflareclient.com/packages/cloudflare-warp) is somewhat barren.
|
||||
#
|
||||
# ## MDM Configuration
|
||||
#
|
||||
# If CloudFlare WARP successfully installs, it first applies MDM configurations (managed configurations). If you would like CloudFlare
|
||||
# WARP to connect completely headlessly (while losing some "user-posture" settings), then you can populate the following two secrets:
|
||||
#
|
||||
# 1. `CLOUDFLARE_TEAMS_CLIENT_ID` - The ID from a CloudFlare Teams service token. See [this article](https://developers.cloudflare.com/cloudflare-one/identity/service-tokens/).
|
||||
# 2. `CLOUDFLARE_TEAMS_CLIENT_SECRET` - The secret from a CloudFlare Teams service token.
|
||||
#
|
||||
# The two variables above can be passed in using either of the methods described in the [Secrets documentation](https://install.doctor/docs/customization/secrets).
|
||||
#
|
||||
# ## Headless CloudFlare WARP Connection
|
||||
#
|
||||
# Even if you do not provide the two variables mentioned above, the script will still headlessly connect your device to the public CloudFlare WARP
|
||||
# network, where you will get some of the benefits of a VPN for free. Otherwise, if they were passed in, then the script
|
||||
# finishes by connecting to CloudFlare Teams.
|
||||
#
|
||||
# ## Notes
|
||||
#
|
||||
# According to CloudFlare Teams [documentation on MDM deployment](https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/),
|
||||
# on macOS the `com.cloudflare.warp.plist` file gets erased on reboot. Also, according to the documentation, the only way around this is to leverage
|
||||
# an MDM SaaS provider like JumpCloud.
|
||||
#
|
||||
# ## Links
|
||||
#
|
||||
# * [Linux managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/dot_config/warp/private_mdm.xml.tmpl)
|
||||
# * [macOS managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/Library/Managed%20Preferences/private_com.cloudflare.warp.plist.tmpl)
|
||||
|
||||
{{ includeTemplate "universal/logg-before" }}
|
||||
|
||||
if [ '{{ .host.distro.id }}' = 'debian' ]; then
|
||||
### Add CloudFlare WARP desktop app apt-get source
|
||||
if [ ! -f /etc/apt/sources.list.d/cloudflare-client.list ]; then
|
||||
logg info 'Adding CloudFlare WARP keyring'
|
||||
curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
|
||||
### Install CloudFlare WARP (on non-WSL *nix systems)
|
||||
if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
|
||||
if [ -d /System ] && [ -d /Applications ]; then
|
||||
### Install on macOS
|
||||
brew install --cask cloudflare-warp
|
||||
elif [ '{{ .host.distro.id }}' = 'debian' ]; then
|
||||
### Add CloudFlare WARP desktop app apt-get source
|
||||
if [ ! -f /etc/apt/sources.list.d/cloudflare-client.list ]; then
|
||||
logg info 'Adding CloudFlare WARP keyring'
|
||||
curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
|
||||
logg info 'Adding apt source reference'
|
||||
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
|
||||
fi
|
||||
|
||||
logg info 'Adding apt source reference'
|
||||
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
|
||||
### Update apt-get and install the CloudFlare WARP CLI
|
||||
sudo apt-get update && sudo apt-get install -y cloudflare-warp
|
||||
elif [ '{{ .host.distro.id }}' = 'ubuntu' ]; then
|
||||
### Add CloudFlare WARP desktop app apt-get source
|
||||
if [ ! -f /etc/apt/sources.list.d/cloudflare-client.list ]; then
|
||||
logg info 'Adding CloudFlare WARP keyring'
|
||||
curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
|
||||
logg info 'Adding apt source reference'
|
||||
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
|
||||
fi
|
||||
|
||||
sudo apt-get update
|
||||
fi
|
||||
elif [ '{{ .host.distro.id }}' = 'ubuntu' ]; then
|
||||
### Add CloudFlare WARP desktop app apt-get source
|
||||
if [ ! -f /etc/apt/sources.list.d/cloudflare-client.list ]; then
|
||||
logg info 'Adding CloudFlare WARP keyring'
|
||||
curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
|
||||
|
||||
logg info 'Adding apt source reference'
|
||||
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
|
||||
|
||||
sudo apt-get update
|
||||
### Update apt-get and install the CloudFlare WARP CLI
|
||||
sudo apt-get update && sudo apt-get install -y cloudflare-warp
|
||||
elif command -v dnf > /dev/null && command -v rpm > /dev/null; then
|
||||
### This is made for CentOS 8 and works on Fedora 36 (hopefully 36+ as well) with `nss-tools` as a dependency
|
||||
sudo dnf instal -y nss-tools
|
||||
### According to the download site, this is the only version available for RedHat-based systems
|
||||
sudo rpm -ivh https://pkg.cloudflareclient.com/cloudflare-release-el8.rpm
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
### Ensure certificate is installed
|
||||
### TODO: Ensure duplicate certificates are not stored in these files below
|
||||
# Source: https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt
|
||||
# Source: https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.pem
|
||||
if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; then
|
||||
### Ensure certificate installed on macOS
|
||||
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.crt"
|
||||
if [ -f /usr/local/etc/ca-certificates/cert.pem ]; then
|
||||
echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /usr/local/etc/ca-certificates/cert.pem
|
||||
else
|
||||
logg error 'Unable to add `Cloudflare_CA.pem` because `/usr/local/etc/ca-certificates/cert.pem` does not exist!' && exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if command -v warp-cli > /dev/null; then
|
||||
### Ensure MDM settings are applied (deletes after reboot on macOS)
|
||||
### TODO: Ensure `.plist` can be added to `~/Library/Managed Preferences` and not just `/Library/Managed Preferences`
|
||||
# Source: https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/
|
||||
# Source for JumpCloud: https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/CloudflareWARP.mobileconfig
|
||||
if [ -d /System ] && [ -d /Applications ]; then
|
||||
sudo cp -f "$HOME/Library/Managed Preferences/com.cloudflare.warp.plist" '/Library/Managed Preferences/com.cloudflare.warp.plist'
|
||||
sudo plutil -convert binary1 '/Library/Managed Preferences/com.cloudflare.warp.plist'
|
||||
elif [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/warp/mdm.xml" ]; then
|
||||
sudo mkdir -p /var/lib/cloudflare-warp
|
||||
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/warp/mdm.xml" /var/lib/cloudflare-warp/mdm.xml
|
||||
fi
|
||||
|
||||
### Register CloudFlare WARP
|
||||
if warp-cli --accept-tos status | grep 'Registration missing' > /dev/null; then
|
||||
logg info 'Registering CloudFlare WARP'
|
||||
warp-cli --accept-tos register
|
||||
else
|
||||
logg info 'Already registered with CloudFlare WARP'
|
||||
fi
|
||||
|
||||
### Connect CloudFlare WARP
|
||||
if warp-cli --accept-tos status | grep 'Disconnected' > /dev/null; then
|
||||
logg info 'Connecting to CloudFlare WARP'
|
||||
warp-cli --accept-tos connect
|
||||
else
|
||||
logg info 'Already connected to CloudFlare WARP'
|
||||
fi
|
||||
else
|
||||
logg warn '`warp-cli` was not installed so CloudFlare Zero Trust cannot be joined'
|
||||
fi
|
||||
{{ end -}}
|
||||
|
|
7
home/.chezmoitemplates/secrets/CLOUDFLARE_R2_ID
Normal file
7
home/.chezmoitemplates/secrets/CLOUDFLARE_R2_ID
Normal file
|
@ -0,0 +1,7 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2bFM5VUFoTDlxb2NjV2RV
|
||||
d0UvM2pPYWZMeDRZeDZKYmZ3YlhwNlBsYlRvCmVTcEVzUndwSG1lQ3pKTFpxZ1Bs
|
||||
NGtXcksrNnRmR1UxOXR2UGpiNHplOHcKLS0tIFBEZHBibnEzSnBxTUlxcHdQQmhT
|
||||
MlUyZnRHWHY5UE43OXV1cFJjUnJGRHcK9s3V7BN+uHHJt8ekqFpP0XYaa+WwanmW
|
||||
qQ7rr6AB5ZT7z8y9vpQNK+mzuB49zL87AiNspAacKP/RtKNUPmdEzpY=
|
||||
-----END AGE ENCRYPTED FILE-----
|
8
home/.chezmoitemplates/secrets/CLOUDFLARE_R2_SECRET
Normal file
8
home/.chezmoitemplates/secrets/CLOUDFLARE_R2_SECRET
Normal file
|
@ -0,0 +1,8 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpdjhHNWJEMlJjNTlCUmJv
|
||||
RzRvUzRhUmR6OWpxWTVudDJ0NnVqbklqQmlrClhyNWpSZEZ1SHpEU0FROWZFYzlL
|
||||
RmhEbmJ1ZWJtS2xjNmRsaVhZb3ExK0UKLS0tIE90dzZ5T0liQitNV0hQTHNmcFlj
|
||||
eEdKZWdvK0NOdU1PK3I1NGxmTEVtQWsKJWhE2Q5wCLtvy7ZrrPwNvceLWEp7rV9I
|
||||
YEVpLY6lWuHWIbg6h8GkwlrbP/e3evFpZ7T9eLmhsMIfYm7hPtYV3BkASNqpWRh/
|
||||
o94FfrDqtg7Nu1/pZO8o/dt7QnVh0lMPYw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -0,0 +1,7 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzV0lySnFOemZKdGo4ZEdB
|
||||
a1lRMVJJZWorU1RaL2M4M25pSTl4UHlKUFYwClhJOU54bkNmTXcvcFZWVVVCTDhv
|
||||
T0ZJSHVwcUhKZVVDVmdrSGZ6K0dwV3MKLS0tIFRTQ3BEeFFjL1BCVWMxS1RIR28y
|
||||
WEhlblBmUWJYeDhIS1FJYXY1OEVQdmcKSAKdvbqBpY3s4oYUuiTDBT5K4Fpeo3bi
|
||||
LsjWK64f48oGfxoNmsdXXVbu82jO8TmecwNgUOoLC1UQxy/xkymMPosOse8nIwhx
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -0,0 +1,8 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwbnREOXUxazRlWDZtM0lm
|
||||
ZVc2UnlPVFlGM1N6czFnTDYzWmQ4YldqTmhrCnI3U2FLUytDamZDZ0dTT0V2M3ds
|
||||
VGNFbTVLRDZteTErMFpaUlpqakp4T1UKLS0tIGErNkowbFBkWldjNHdhNnVjdGM4
|
||||
REhXUW5Md21JSkhSMWxVN08rZFNGYjQKDuim4gInqRt4jagEQjo6+rtQ0Esrtkg5
|
||||
nVo8R3P0gCd7r8BbYxmVy+ez9bVVetJcyr7m0rpderOVb9fy/AGRQT0ccD8KQ76N
|
||||
ytpGa+AsMH/T8ExjRTgxKF1I2RF9yG29ig==
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -1,7 +0,0 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUa0ZtTm9PbE03R1RReDJZ
|
||||
NUdueXVZSk1WY2RxMkpyM1VVL2t2ZlBobGxJCmRyWEtSYVMxU1VCL01hRXk5ODdR
|
||||
MTJPZFVYbEEzeStBT3JLRWdoNUg0Z2MKLS0tIGhHdzExOEU1NmJkNHBFUW5DbXFs
|
||||
S25MNHFGV01GYjkrYm0zVmhrVEFvd2sKQr2yI5Zlx+yEWa4igHFy2z1FpmEw6tux
|
||||
M9i/y2J+Da15jAZgndmc1iWNBVDKVfROon4S60P99djZi/trWcy0jA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -1,8 +0,0 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFYnBRTkRVZ2hGTkZ4NUdQ
|
||||
UWZBWmFxQkFXTUhESzhaaFJWMlpQSmh5cldjCjN0c0dScXQ1d0ZoalF1WXN3VG5h
|
||||
WC9wQ0pQSmYyU29nN1YwOUNFSHgyRkEKLS0tIG5lOTRhamhySm5iN1V1d0haWFRo
|
||||
VVZaczNScHd0ZHZRWmd4TFVRQWVaZzAKqbgfmbnHB5QbO0Z1JMgjNawfAD40Hzru
|
||||
kVNSyh/zgIRlwuSzwlENDgrdGXaRjDj7jtchaWe/xPX88Ba5cFe9LC7eXJP1mU2U
|
||||
l+nk1LFKSp24PZskcLzw4rxCsLap82KV
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -1,7 +0,0 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0K2lrQmh2RDhjUTBId1Ew
|
||||
UWp5UGp6Uk5NeEd0UjhwaUtrZWlzempVbUVNCkM5Y3F2aUZadFdTK2V6aHJ0TWVI
|
||||
RHltdXhYNGhlV0xSVVg0MGxhMUZITlkKLS0tIEEzTGpYZU9ScStKeVhRNkowVzlv
|
||||
dG9jSWNDUzNZa0VLVDFYai9BS2VYVWcKyPT0jUzNIL1UXJfwJlq+W3BvjdJ+Nw3B
|
||||
moY5Cz1fohjmKgOfVLYS+02yN3KwMsehTchZphIseCt8Qrh/CimJOpo0z48=
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -1,7 +0,0 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtS1oxQktQaDZIVHVIVEl0
|
||||
YUxQNVhKbENHMG5WcHdRTys3UjFBa1JLejJrCnh2RElic0UrL0VoeFJmNDBvNzZP
|
||||
bVJKQ2sxdE1EUnBlTG9nQjcrZmJRMk0KLS0tIHRldFpoQ2tPeU1OcU9TYzJIWk1M
|
||||
UDFyVTdmY2JDN2ZEUlVWVHZIVG9adnMKIa/ISs/CRnXNct6eNcgpEPu8jfPTvRfF
|
||||
M90QY4oha2Gnu2hN5UVz9Yk60IzE2OsyUmKChA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -1,8 +0,0 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvN0dyS2UrUGdDU0lSeTJ6
|
||||
QUlHdFBabWNPaFNIQ0pxTE1ENThoMTRZNkNrCmtiaVJkUXZoU2ptN0xDcGk0SThQ
|
||||
VWRYdVd0Y2szUGd4Y0E5bFRkY0xkR0UKLS0tIFJhbVRWSzllaldLaWVZWU0xMlNv
|
||||
Y3JINkZLanFmK243UjBTOGRUVld3RUkKZgW5yOuUwwagazY4tzI4ofpKh4b9GCzW
|
||||
G3tMyTR2CGBKThQgh2ibGtPMgMC2i6lSD3JuNug0B1gL1yWM8g3bhuo0b3KO6pSH
|
||||
LLs3
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -0,0 +1,22 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
||||
<plist version="1.0">
|
||||
<dict>
|
||||
<key>enable</key>
|
||||
<true />
|
||||
<key>onboarding</key>
|
||||
<false />
|
||||
<key>auto_connect</key>
|
||||
<interger>60</interger>
|
||||
<key>organization</key>
|
||||
<string>manhattan</string>
|
||||
<key>service_mode</key>
|
||||
<string>warp</string>
|
||||
<key>support_url</key>
|
||||
<string>https://megabyte.space</string>
|
||||
<key>auth_client_id</key>
|
||||
<string>{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_TEAMS_CLIENT_ID")) }}{{ includeTemplate "secrets/CLOUDFLARE_TEAMS_CLIENT_ID" | decrypt }}{{ else }}{{ env "CLOUDFLARE_TEAMS_CLIENT_ID" }}{{ end }}</string>
|
||||
<key>auth_client_secret</key>
|
||||
<string>{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_TEAMS_CLIENT_SECRET")) }}{{ includeTemplate "secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET" | decrypt }}{{ else }}{{ env "CLOUDFLARE_TEAMS_CLIENT_SECRET" }}{{ end }}</string>
|
||||
</dict>
|
||||
</plist>
|
20
home/dot_config/warp/private_mdm.xml.tmpl
Normal file
20
home/dot_config/warp/private_mdm.xml.tmpl
Normal file
|
@ -0,0 +1,20 @@
|
|||
{{ if eq .host.distro.family "linux" -}}
|
||||
<dict>
|
||||
<key>enable</key>
|
||||
<true />
|
||||
<key>onboarding</key>
|
||||
<false />
|
||||
<key>auto_connect</key>
|
||||
<interger>60</interger>
|
||||
<key>organization</key>
|
||||
<string>manhattan</string>
|
||||
<key>service_mode</key>
|
||||
<string>warp</string>
|
||||
<key>support_url</key>
|
||||
<string>https://megabyte.space</string>
|
||||
<key>auth_client_id</key>
|
||||
<string>{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_TEAMS_CLIENT_ID")) }}{{ includeTemplate "secrets/CLOUDFLARE_TEAMS_CLIENT_ID" | decrypt }}{{ else }}{{ env "CLOUDFLARE_TEAMS_CLIENT_ID" }}{{ end }}</string>
|
||||
<key>auth_client_secret</key>
|
||||
<string>{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_TEAMS_CLIENT_SECRET")) }}{{ includeTemplate "secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET" | decrypt }}{{ else }}{{ env "CLOUDFLARE_TEAMS_CLIENT_SECRET" }}{{ end }}</string>
|
||||
</dict>
|
||||
{{ end -}}
|
Loading…
Reference in a new issue