From b05fbaac9a70e3ee106808ecd3217ece23bb728d Mon Sep 17 00:00:00 2001 From: Brian Zalewski <59970525+ProfessorManhattan@users.noreply.github.com> Date: Thu, 15 Jun 2023 00:38:49 +0000 Subject: [PATCH] Latest --- .../universal/run_onchange_after_14-warp.sh.tmpl | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl index fec57ce4..c06bc313 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl @@ -88,7 +88,12 @@ fi # Source: https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.pem if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; then ### Ensure certificate installed on macOS - sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.crt" + if [ ! -n "$SSH_CONNECTION" ]; then + logg info 'Requesting security authorization for Cloudflare trusted certificate' + sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.crt" + else + logg warn 'Session is SSH so adding Cloudflare encryption key to trusted certificates via the security program is being bypassed since it requires Touch ID / Password verification.' + fi if [ -d /usr/local/etc/openssl@3/certs ]; then # Location on Intel macOS echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /usr/local/etc/openssl@3/certs/Cloudflare_CA.pem @@ -98,10 +103,8 @@ if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; th echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem /opt/homebrew/opt/openssl@3/bin/c_rehash else - logg error 'Unable to add `Cloudflare_CA.pem` because `/usr/local/etc/ca-certificates/cert.pem` does not exist!' + logg error 'Unable to add `Cloudflare_CA.pem` because `/usr/local/etc/openssl@3/certs` and `/opt/homebrew/etc/openssl@3/certs` do not exist!' fi - - if [ -d /opt/homebrew/etc/openssl@3] fi if command -v warp-cli > /dev/null; then