Update 19 files
- /home/.chezmoiscripts/darwin/run_onchange_after_10-configure-macos.sh.tmpl - /home/.chezmoiscripts/darwin/run_onchange_after_20-ensure-zsh-macos.sh.tmpl - /home/.chezmoiscripts/darwin/run_onchange_after_21-set-wallpaper.sh.tmpl - /home/.chezmoiscripts/darwin/run_onchange_before_10-install-darwin-dependencies.sh.tmpl - /home/.chezmoiscripts/darwin/run_onchange_before_20-ensure-user-group.sh.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_10-configure-macos.sh.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_20-ensure-zsh-macos.sh.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_21-set-wallpaper.sh.tmpl - /home/.chezmoiscripts/universal/run_onchange_before_10-install-darwin-dependencies.sh.tmpl - /home/.chezmoiscripts/universal/run_onchange_before_20-ensure-user-group.sh.tmpl - /home/.chezmoiscripts/qubes/run_onchange_after_11-set-wallpaper.sh.tmpl - /home/.chezmoiscripts/qubes/run_onchange_before_19-setup-sys-gui.sh.tmpl - /home/.chezmoiscripts/qubes/run_onchange_before_18-configure-sys-usb.sh.tmpl - /home/.chezmoiscripts/qubes/run_onchange_before_17-install-mirage-firewall.sh.tmpl - /home/.chezmoiscripts/qubes/run_onchange_before_16-update-template-vms.sh.tmpl - /home/.chezmoiscripts/qubes/run_onchange_before_15-install-unofficial-templates.sh.tmpl - /home/.chezmoiscripts/qubes/run_onchange_before_14-ensure-minimal-vms-passwordless.sh.tmpl - /home/.chezmoiscripts/qubes/run_onchange_before_13-install-official-templates.sh.tmpl - /home/.chezmoiscripts/qubes/run_onchange_before_12-update-dom0.sh.tmpl
This commit is contained in:
parent
380a546e8d
commit
a5b4203496
14 changed files with 18 additions and 0 deletions
|
@ -1,3 +1,4 @@
|
|||
{{- if (eq .host.distro.id "qubes") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file Qubes Set Wallpaper
|
||||
# @brief Ensures the Qubes wallpaper is set to the Betelgeuse wallpaper for Qubes.
|
||||
|
@ -6,3 +7,4 @@
|
|||
# using the `ksetwallpaper` script found in `~/.local/bin/ksetwallpaper`.
|
||||
|
||||
ksetwallpaper --file /usr/local/share/wallpapers/Betelgeuse/contents/images/3440x1440.jpg
|
||||
{{ end -}}
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
{{- if (eq .host.distro.id "qubes") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file Qubes Update dom0
|
||||
# @brief Ensures Qubes dom0 is up-to-date, includes all the Qubes repository definitions, and that `sys-whonix` is running
|
||||
|
@ -35,3 +36,4 @@ done
|
|||
### Ensure sys-whonix is running
|
||||
logg info 'Ensuring `sys-whonix` is running'
|
||||
qvm-start sys-whonix --skip-if-running
|
||||
{{ end -}}
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
{{- if (eq .host.distro.id "qubes") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file Qubes Install Templates
|
||||
# @brief Ensures the templates defined in `.qubes.templates` in the `home/.chezmoidata.yaml` file are installed
|
||||
|
@ -11,3 +12,4 @@ for TEMPLATE of {{ .qubes.templates | toString | replace "[" "" | replace "]" ""
|
|||
sudo qubes-dom0-update "qubes-template-$TEMPLATE"
|
||||
fi
|
||||
done
|
||||
{{ end -}}
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
{{- if (eq .host.distro.id "qubes") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file Qubes Passwordless Templates
|
||||
# @brief Ensures the minimal templates defined in `.qubes.templates` in the `home/.chezmoidata.yaml` file are configured to be passwordless
|
||||
|
@ -18,3 +19,4 @@ for TEMPLATE of {{ .qubes.templates | toString | replace "[" "" | replace "]" ""
|
|||
fi
|
||||
fi
|
||||
done
|
||||
{{ end -}}
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
{{- if (eq .host.distro.id "qubes") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file Qubes Passwordless Templates
|
||||
# @brief Ensures unofficial templates defined in `.qubes.templatesUnofficial` in the `home/.chezmoidata.yaml` file are made available to dom0
|
||||
|
@ -24,3 +25,4 @@ for TEMPLATE_URL of {{ .qubes.templatesUnofficial | toString | replace "[" "" |
|
|||
logg info "$TEMPLATE is already installed"
|
||||
fi
|
||||
done
|
||||
{{ end -}}
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
{{- if (eq .host.distro.id "qubes") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file Qubes Update TemplateVMs
|
||||
# @brief Ensures the templates available in dom0 are all up-to-date
|
||||
|
@ -9,3 +10,4 @@
|
|||
### Update TemplateVMs
|
||||
logg info 'Updating TemplateVMs via `qubesctl`'
|
||||
timeout 900 qubesctl --show-output --skip-dom0 --templates state.sls update.qubes-vm
|
||||
{{ end -}}
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
{{- if (eq .host.distro.id "qubes") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file Qubes Mirage Firewall
|
||||
# @brief Ensures the Mirage firewall kernel VM is installed in dom0
|
||||
|
@ -28,3 +29,4 @@ if [ ! -f/var/lib/qubes/vm-kernels/mirage-firewall/initramfs ]; then
|
|||
logg info 'Adding dummy initrmfs file to the mirage-firewall kernel folder'
|
||||
gzip -n9 < /dev/null > /var/lib/qubes/vm-kernels/mirage-firewall/initramfs
|
||||
fi
|
||||
{{ end -}}
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
{{- if (eq .host.distro.id "qubes") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file Qubes `sys-usb`
|
||||
# @brief Enables `sys-usb` and configures it with ideal security settings
|
||||
|
@ -27,3 +28,4 @@ fi
|
|||
### Configure USB mouse settings
|
||||
logg info 'Ensuring newly connected USB mouse devices are only allowed to connect after a prompt is accepted'
|
||||
echo "sys-usb dom0 ask,default_target=dom0" | sudo tee /etc/qubes-rpc/policy/qubes.InputMouse
|
||||
{{ end -}}
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
{{- if (eq .host.distro.id "qubes") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file Qubes `sys-gui-gpu`
|
||||
# @brief Enables `sys-gui-gpu` if a compatible GPU controller is found on Qubes dom0
|
||||
|
@ -29,3 +30,4 @@ elif qvm-pci list | grep 'VGA compatible controller' | grep 'NVIDIA'; then
|
|||
qvm-pci attach sys-gui-gpu "$ID" --persistent -o permissive=true
|
||||
done
|
||||
fi
|
||||
{{ end -}}
|
||||
|
|
Loading…
Reference in a new issue