punkfairie/install.fairie
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update 17 files

Browse source 
- /home/.chezmoiscripts/qubes/run_onchange_before_16-update-template-vms.tmpl
- /home/.chezmoiscripts/qubes/run_onchange_before_17-install-mirage-firewall.tmpl
- /home/.chezmoiscripts/qubes/run_onchange_before_18-configure-sys-usb.tmpl
- /home/.chezmoiscripts/qubes/run_onchange_before_19-setup-sys-gui
- /home/dot_config/shell/functions.sh
- /home/dot_config/shell/motd.sh
- /home/dot_config/shell/profile.sh
- /home/.chezmoiscripts/qubes/run_onchange_before_16-update-template-vms.sh.tmpl
- /home/.chezmoiscripts/qubes/run_onchange_before_17-install-mirage-firewall.sh.tmpl
- /home/.chezmoiscripts/qubes/run_onchange_before_18-configure-sys-usb.sh.tmpl
- /home/.chezmoiscripts/qubes/run_onchange_before_19-setup-sys-gui.sh.tmpl
- /home/dot_config/shell/aliases.sh.tmpl
- /home/dot_config/shell/exports.sh.tmpl
- /home/dot_config/shell/functions.sh.tmpl
- /home/dot_config/shell/motd.sh.tmpl
- /home/dot_config/shell/private_private.sh.tmpl
- /home/dot_config/shell/profile.sh.tmpl
This commit is contained in:
Brian Zalewski 2023-04-13 01:44:59 +00:00
parent 9990a78400
commit af14e1efbc
11 changed files with 58 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
home/.chezmoiscripts/qubes/run_onchange_before_16-update-template-vms.sh.tmpl Normal file
View file

@ -0,0 +1,11 @@
#!/usr/bin/env bash
# @file Qubes Update TemplateVMs
# @brief Ensures the templates available in dom0 are all up-to-date
# @description
# This script ensures the dom0 Qube VM templates are all up-to-date by using the recommended `qubesctl` command.
# Due to issues with the Whonix Qubes, the update process will timeout after 15 minutes which should be enough time
# for the updates to finish.
### Update TemplateVMs
logg info 'Updating TemplateVMs via `qubesctl`'
timeout 900 qubesctl --show-output --skip-dom0 --templates state.sls update.qubes-vm

5
home/.chezmoiscripts/qubes/run_onchange_before_16-update-template-vms.tmpl
View file

@ -1,5 +0,0 @@
#!/usr/bin/env bash
### Update TemplateVMs
logg info 'Updating TemplateVMs via `qubesctl`'
timeout 900 qubesctl --show-output --skip-dom0 --templates state.sls update.qubes-vm

9
home/.chezmoiscripts/qubes/run_onchange_before_17-install-mirage-firewall.tmpl → home/.chezmoiscripts/qubes/run_onchange_before_17-install-mirage-firewall.sh.tmpl
View file

@ -1,4 +1,13 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# @file Qubes Mirage Firewall
# @brief Ensures the Mirage firewall kernel VM is installed in dom0
# @description
# This script first ensures the TemplateVMs are updated and then downloads the Mirage firewall. It configures
# Mirage firewall so it can be used as a unikernel firewall VM.
### Update TemplateVMs
logg info 'Updating TemplateVMs via `qubesctl`'
timeout 900 qubesctl --show-output --skip-dom0 --templates state.sls update.qubes-vm
### Ensure mirage-firewall kernel folder setup ### Ensure mirage-firewall kernel folder setup
if [ ! -d /var/lib/qubes/vm-kernels/mirage-firewall ]; then if [ ! -d /var/lib/qubes/vm-kernels/mirage-firewall ]; then

5
home/.chezmoiscripts/qubes/run_onchange_before_18-configure-sys-usb.tmpl → home/.chezmoiscripts/qubes/run_onchange_before_18-configure-sys-usb.sh.tmpl
View file

@ -1,4 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# @file Qubes `sys-usb`
# @brief Enables `sys-usb` and configures it with ideal security settings
# @description
# This script ensures that Qubes uses `sys-usb` for USB connections. It also optimizes the configuration
# by applying security configurations that the Qubes documentation recommends.
### Enable sys-usb ### Enable sys-usb
logg info 'Modifying Salt configuration to be able to enable sys-usb' logg info 'Modifying Salt configuration to be able to enable sys-usb'

5
home/.chezmoiscripts/qubes/run_onchange_before_19-setup-sys-gui → home/.chezmoiscripts/qubes/run_onchange_before_19-setup-sys-gui.sh.tmpl
View file

@ -1,4 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# @file Qubes `sys-gui-gpu`
# @brief Enables `sys-gui-gpu` if a compatible GPU controller is found on Qubes dom0
# @description
# This script enables `sys-gui-gpu` which allows you to secure dom0 even more by seperating the GUI
# management from dom0 and into a seperate Qube.
### Enables sys-gui-gpu ### Enables sys-gui-gpu
enableSysGUIGPU() { enableSysGUIGPU() {

4
home/dot_config/shell/aliases.sh.tmpl
View file

@ -1,4 +1,8 @@
#!/usr/bin/env sh #!/usr/bin/env sh
# @file Shell Aliases
# @brief Houses the aliases that are included by `~/.bashrc` and `~/.zshrc`
# @description
# This script is included by `~/.bashrc` and `~/.zshrc` to provide command aliases.
{{ if eq .chezmoi.os "darwin" }} {{ if eq .chezmoi.os "darwin" }}
### macOS Polyfills ### macOS Polyfills

5
home/dot_config/shell/exports.sh.tmpl
View file

@ -1,4 +1,9 @@
#!/usr/bin/env sh #!/usr/bin/env sh
# @file Shell Environment Variables
# @brief Houses the environment variables that are included by `~/.bashrc` and `~/.zshrc`
# @description
# This script is included by `~/.bashrc` and `~/.zshrc` to provide environment variables that play harmoniously with
# the default Install Doctor configurations.
### Disable Telemetry ### Disable Telemetry
export DO_NOT_TRACK=1 export DO_NOT_TRACK=1

4
home/dot_config/shell/functions.sh → home/dot_config/shell/functions.sh.tmpl
View file

@ -1,4 +1,8 @@
#!/usr/bin/env sh #!/usr/bin/env sh
# @file Shell Functions
# @brief Houses the functions that are included by `~/.bashrc` and `~/.zshrc`
# @description
# This script is included by `~/.bashrc` and `~/.zshrc` to provide various commands and functions.
# Install WebDriverAgent on iOS device # Install WebDriverAgent on iOS device
appiumwebdriver() { appiumwebdriver() {

5
home/dot_config/shell/motd.sh → home/dot_config/shell/motd.sh.tmpl
View file

@ -1,4 +1,9 @@
#!/usr/bin/env sh #!/usr/bin/env sh
# @file Shell MOTD
# @brief Incorporates the MOTD functionality that is leveraged by the `~/.bashrc` and `~/.zshrc` files
# @description
# This script is included by `~/.bashrc` and `~/.zshrc` to print a MOTD whenever a terminal session
# is invoked.
### MOTD ### MOTD
# Add file named .hushlogin in the user's home directory to disable the MOTD # Add file named .hushlogin in the user's home directory to disable the MOTD

5
home/dot_config/shell/private_private.sh.tmpl
View file

@ -1,5 +1,10 @@
{{- if (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) -}} {{- if (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) -}}
#!/usr/bin/env sh #!/usr/bin/env sh
# @file Shell Secrets
# @brief Seperate environment variables file that, when manually sourced, includes secret environment variables
# @description
# This script can be invoked by running `. ~/.config/shell/private.sh` to include secret environment variables
# that are populated by Install Doctor during the provisioning process (if they are provided).
### Ansible ### Ansible
export ANSIBLE_GALAXY_TOKEN="{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "ANSIBLE_GALAXY_TOKEN")) }}{{ includeTemplate "secrets/ANSIBLE_GALAXY_TOKEN" | decrypt }}{{ else }}{{ env "ANSIBLE_GALAXY_TOKEN" }}{{ end }}" export ANSIBLE_GALAXY_TOKEN="{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "ANSIBLE_GALAXY_TOKEN")) }}{{ includeTemplate "secrets/ANSIBLE_GALAXY_TOKEN" | decrypt }}{{ else }}{{ env "ANSIBLE_GALAXY_TOKEN" }}{{ end }}"

5
home/dot_config/shell/profile.sh → home/dot_config/shell/profile.sh.tmpl
View file

@ -1,4 +1,9 @@
#!/usr/bin/env sh #!/usr/bin/env sh
# @file Shell Profile
# @brief Main shell profile that is used to combine the shared profile configurations that are used by both the `~/.bashrc` and `~/.zshrc` files
# @description
# This script is included by `~/.bashrc` and `~/.zshrc` to include imports and settings that are common to both the Bash
# and ZSH shells.
# shellcheck disable=SC1090,SC1091 # shellcheck disable=SC1090,SC1091