diff --git a/docs/TODO.md b/docs/TODO.md index 83a160a5..124d0e04 100644 --- a/docs/TODO.md +++ b/docs/TODO.md @@ -122,6 +122,7 @@ The following items are Docker containers that we may want to include as default * https://github.com/NginxProxyManager/nginx-proxy-manager * https://github.com/node-red/node-red * https://www.overleaf.com/ +* https://github.com/caprover/caprover ## AI @@ -136,6 +137,8 @@ The following items may be incorporated into our Kubernetes stack: * https://github.com/kubevirt/kubevirt * https://atuin.sh/docs/self-hosting/k8s * https://github.com/gimlet-io/gimlet +* https://github.com/porter-dev/porter +* https://github.com/spacecloud-io/space-cloud ## Bare Metal @@ -169,8 +172,16 @@ The following items have been reviewed but need to be revisited due to complexit * https://github.com/illacloud/illa-builder * https://github.com/metrue/fx * https://github.com/siyuan-note/siyuan - - +* https://github.com/shuttle-hq/shuttle +* https://github.com/open-hand/choerodon +* https://github.com/1backend/1backend +* https://github.com/redkubes/otomi-core +* https://github.com/yunionio/cloudpods +* https://github.com/tkestack/tke +* https://www.rancher.com/ +* https://github.com/OpenNebula/one /. https://github.com/OpenNebula/minione +* https://github.com/ConvoyPanel/panel +* https://github.com/hashicorp/nomad ## Docker Issue diff --git a/home/.chezmoidata.yaml b/home/.chezmoidata.yaml index c2081f8b..6761f05c 100644 --- a/home/.chezmoidata.yaml +++ b/home/.chezmoidata.yaml @@ -164,6 +164,7 @@ softwareGroups: - gpt-engineer - langflow - mage-ai + - shell-gpt Android: &Android - scrcpy Android-Desktop: &Android-Desktop @@ -274,8 +275,7 @@ softwareGroups: - gnu - gping - gum - # htmlq is used by the the Firefox script - - htmlq + - htmlq # htmlq is used by the the Firefox script - hyperfine - jq - lsd @@ -301,8 +301,6 @@ softwareGroups: - rsync - sd - solargraph - # Bundled into installer - # - snapd - sql-language-server - task - tea @@ -528,9 +526,6 @@ softwareGroups: - vlc - vscode File-System: &File-System - # After `sudo apt-get install -y fuse libfuse-dev, the following error still shows up: - # error: could not find system library 'fuse' required by the 'fuse' crate - # - catfs - glusterfs - goofys - sshfs @@ -720,6 +715,7 @@ softwareGroups: - stats - swiftbar - teamviewer + - tigervnc Misc-Development-Tools: &Misc-Development-Tools - ansifilter - aqua @@ -807,8 +803,6 @@ softwareGroups: - microsoft-office - notion - obsidian - # Deprecated in favor of Google Tasks - # - microsoft-todo - raycast - skhd Python: &Python @@ -885,8 +879,6 @@ softwareGroups: - netdata - samba - sftpgo - # Headless install needs work since it is run via script - # - vector - wazuh Shell-Scripting: &Shell-Scripting - shc @@ -1182,7 +1174,6 @@ softwareGroups: - gitkraken - jitsi-meet - microsoft-teams - - microsoft-todo - plex-htpc - slack - thunderbird @@ -1389,6 +1380,8 @@ softwareGroups: note: Deprecated in favor of [Pieces](https://pieces.app/). The core components of Pieces are not open-source but the functionality is significantly better than massCode. - pkg: mcfly note: Deprecated in favor of atuin + - pkg: microsoft-todo + note: Deprecated in favor of Google Tasks - pkg: mullvad-vpn note: Switched to ProtonVPN exclusively - pkg: multipass @@ -1443,6 +1436,12 @@ softwareGroups: note: System backup utility that may be incorporated after comparing it with alternative and perhaps better alternatives. - pkg: frps / frpc note: No need to integrate these packages at this time. + - pkg: vector + note: Package currently relies on bash one-liner script + - pkg: catfs + note: After `sudo apt-get install -y fuse libfuse-dev, the following error still shows up error could not find system library 'fuse' required by the 'fuse' crate + - pkg: snapd + note: Bundled into installer helmCharts: - vector softwarePlugins: diff --git a/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl index 6e854883..dfa8bc7e 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl @@ -1,5 +1,5 @@ -#!/usr/bin/env bash {{- if (ne .host.distro.family "windows") }} +#!/usr/bin/env bash # @file ASDF Plugins / Install # @brief Configures ASDF plugins and ensures they are pre-installed. # @description diff --git a/home/.chezmoiscripts/universal/run_onchange_after_16-vnc.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_16-vnc.sh.tmpl new file mode 100644 index 00000000..5e81de39 --- /dev/null +++ b/home/.chezmoiscripts/universal/run_onchange_after_16-vnc.sh.tmpl @@ -0,0 +1,50 @@ +{{- if (ne .host.distro.family "windows") }} +#!/usr/bin/env bash +# @file VNC Setup +# @brief Ensures VNC is set-up if system packages are available. +# @description +# This script ensures VNC is setup and enabled. It will run on macOS always since macOS includes +# a VNC server baked into its system. On Linux, it will check for the presence of the `tightvncserver` +# package before configuring and enabling VNC. +# +# The script will set the VNC password using the `VNC_PASSWORD` environment variable or the encrypted +# equivalent stored in `home/.chezmoitemplates/secrets`. If neither are provided, then the default +# password will be equal to `vncpass` since the password must be between 6-8 characters long. +# +# Additionally, the `VNC_READ_PASSWORD` can be defined to allow read-only VNC sessions. The default password +# for a read-only session is `readonly`. + +{{- includeTemplate "universal/profile" }} +{{- includeTemplate "universal/logg" }} + +if [ -d /Applications ] && [ -d /System ]; then + # System is macOS + # Source: https://apple.stackexchange.com/questions/30238/how-to-enable-os-x-screen-sharing-vnc-through-ssh + # To disable, run: sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -deactivate -configure -access -off + # Only enable when computer is not a corporate / work computer + {{ if (ne .host.work true) -}} + logg info 'Enabling VNC using the `VNC_PASSWORD` variable which is `vncpass` when nothing is specified' + sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -clientopts -setvnclegacy -vnclegacy yes -clientopts -setvncpw -vncpw {{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_PASSWORD")) }}{{ includeTemplate "secrets/VNC_PASSWORD" | decrypt | trim }}{{ else }}{{ default "vncpass" (env "VNC_PASSWORD") }}{{ end }} -restart -agent -privs -all + {{- end }} +else + # System is Linux + if command -v vncpasswd > /dev/null; then + # TigerVNC (or alternative VNC program) is installed + logg info 'Copying VNC configuration files from ~/.config/vnc/etc to /' + sudo cp -Rf "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/etc" / + sudo systemctl + if [ ! -d "${XDG_CONFIG_HOME:-$HOME/.config}/vnc" ]; then + mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/vnc" + fi + logg info 'Adding VNC full-control password to ~/.config/vnc/passwd' + echo -n "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_PASSWORD")) }}{{ includeTemplate "secrets/VNC_PASSWORD" | decrypt | trim }}{{ else }}{{ default "vncpass" (env "VNC_PASSWORD") }}{{ end }}" | vncpasswd -f > "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/passwd" + logg info 'Adding VNC read-only password to ~/.config/vnc/passwd' + echo -n "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_READ_PASSWORD")) }}{{ includeTemplate "secrets/VNC_READ_PASSWORD" | decrypt | trim }}{{ else }}{{ default "readonly" (env "VNC_READ_PASSWORD") }}{{ end }}" | vncpasswd -f >> "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/passwd" + logg info 'Enabling / starting the VNC service for the current user / display 1' + sudo systemctl start vncserver@1 + sudo systemctl enable vncserver@1 + else + logg info 'Skipping VNC setup since the tightvncserver package is not present on the system' + fi +fi +{{ end -}} diff --git a/home/.chezmoitemplates/secrets/VNC_PASSWORD b/home/.chezmoitemplates/secrets/VNC_PASSWORD new file mode 100644 index 00000000..4ffd9292 --- /dev/null +++ b/home/.chezmoitemplates/secrets/VNC_PASSWORD @@ -0,0 +1,7 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPMWVuQlMydVRmZzRwcFo1 +cGlxaGFCamI1VnlUUVIzajFuaHMxUVM0KzNnCktKbzlMZXlncktYQ01wUFN4djNk +VUlkdmZ3UTVQeS9nQ3lKMEV1ZmxHWk0KLS0tIC9BcGR5dE1YV1dJRUE5dVlSRTlP +Vk8rMURUOVBKRDlpN1JCQTlPNSt5MUUKBCJiGC6+STWtduRhx2d5fEq4gkShA6+h +2zsMbKxY/bHGmtmn868Hqw== +-----END AGE ENCRYPTED FILE----- \ No newline at end of file diff --git a/home/.chezmoitemplates/secrets/VNC_READ_PASSWORD b/home/.chezmoitemplates/secrets/VNC_READ_PASSWORD new file mode 100644 index 00000000..76247cde --- /dev/null +++ b/home/.chezmoitemplates/secrets/VNC_READ_PASSWORD @@ -0,0 +1,7 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYd3VtR3JySUdVYkR3S2tC +ckpVd3FYdnpYU2hkVzMxSFh1L2luUkYyanpRCmNGZkFSMkFESEJDekp6ekE1c05I +SllHRnFNczB2ck83UVdDNmJxMVg2bWMKLS0tIERpODJRSnBJSktNUjUyVkdGZHov +L2F2ZkNGZWlPZjdZRFpLb1JJeEg0TEEKj7wzn/Fx23Cgn0a+FCY7jnOaKzbsmeWx +eU8Cay1m+9EhvfSO8++XRA== +-----END AGE ENCRYPTED FILE----- \ No newline at end of file diff --git a/home/dot_config/vnc/etc/systemd/system/vncserver@.service b/home/dot_config/vnc/etc/systemd/system/vncserver@.service new file mode 100644 index 00000000..d74417dc --- /dev/null +++ b/home/dot_config/vnc/etc/systemd/system/vncserver@.service @@ -0,0 +1,15 @@ +[Unit] +Description=Remote desktop service (VNC) +After=syslog.target network.target + +[Service] +Type=simple +User={{ .user.name }} +PAMName=login +PIDFile=/home/%u/.local/vnc-%H%i.pid +ExecStartPre=/usr/bin/vncserver -kill :%i > /dev/null 2>&1 || : +ExecStart=/usr/bin/vncserver :%i -localhost no -geometry 1920x1080 +ExecStop=/usr/bin/vncserver -kill :%i + +[Install] +WantedBy=multi-user.target diff --git a/home/dot_config/vnc/etc/tigervnc/vncserver-config-defaults b/home/dot_config/vnc/etc/tigervnc/vncserver-config-defaults new file mode 100644 index 00000000..6300617d --- /dev/null +++ b/home/dot_config/vnc/etc/tigervnc/vncserver-config-defaults @@ -0,0 +1,229 @@ +# /etc/tigervnc/vncserver-config-defaults written by Joachim Falk. This file is +# in the Public Domain. +# +# This is a configuration file for the tigervnc-standalone-server and the +# tigervnc-scraping-server packages. +# +# After this file, $ENV{HOME}/.vnc/tigervnc.conf will be sourced, so values can +# be overwritten on a per-user basis. +# +# Next, command-line options overwrite the settings in both this file as well as +# the user's tigervnc.conf config file. +# +# Finally, /etc/tigervnc/vncserver-config-mandatory is parsed. If this file +# exists and defines options to be passed to Xtigervnc, they will override any +# of the same options defined in a user's tigervnc.conf file as well as options +# given via the command line. The vncserver-config-mandatory file offers a +# mechanism to establish some basic form of system-wide policy. +# +# ****************************************************************************** +# * WARNING! There is nothing stopping users from constructing their own start * +# * script that calls Xtigervnc directly to bypass any options defined in * +# * /etc/tigervnc/vncserver-config-mandatory. * +# ****************************************************************************** +# +# See the following manpages for more details: +# - tigervnc.conf(5x) +# - tigervncserver(1) +# - tigervncsession(8) +# - Xtigervnc(1) +# +# This file has Perl syntax and is source from the tigervncserver script. Every +# value has suitable defaults, so you probably don't need any modifications. +# If you want to reactivate default values, you have to specify an undef value. +# For example, $fontPath will set to the default value after +# +# $fontPath = "/foo"; +# $fontPath = undef; +# +# If you are missing something, please let me know. +# joachim.falk@gmx.de + +# System configuration +# -------------------- +# +# This section contains entries that should be true for all users. + +# $fontPath should be a comma separated list of fonts to be added to the font +# path. If not specified, the default will apply. +# Example: +# $fontPath = "tcp/localhost:7100"; # would force Xtigervnc to use xfs. +# Example: +# $fontPath = ""; +# $fontPath .= "/usr/share/fonts/X11/misc,"; +# $fontPath .= "/usr/share/fonts/X11/cyrillic,"; +# $fontPath .= "/usr/share/fonts/X11/100dpi/:unscaled,"; +# $fontPath .= "/usr/share/fonts/X11/75dpi/:unscaled,"; +# $fontPath .= "/usr/share/fonts/X11/Type1,"; +# $fontPath .= "/usr/share/fonts/X11/100dpi,"; +# $fontPath .= "/usr/share/fonts/X11/75dpi,"; +# +# Default: $fontPath = undef; # Use Xtigervnc built-in default font path. + +# $PAMService is the PAM service used for plain password authentication +# if one of the security types Plain, TLSPlain, and +# X509Plain is used. +# +# Default: $PAMService = "tigervnc"; # if /etc/pam.d/vnc is absent. +# Default: $PAMService = "vnc"; # if /etc/pam.d/vnc is present. + +# $sslAutoGenCertCommand is used to auto generate the certificate +# for the X509Cert and X509Key options. The configuration for +# openssl is taken from /etc/tigervnc/openssl.cnf where we substitute +# @HostName@ by the fully qualified domain name of the host. +# +# Example: $sslAutoGenCertCommand = +# "openssl req -newkey rsa:4096 -x509 -days 365 -nodes"; +# +# Default: $sslAutoGenCertCommand = +# "openssl req -newkey ec:/etc/tigervnc/openssl-ecparams.pem -x509 -days 2190 -nodes"; + +# User configuration +# ------------------ +# +# This section contains entries that may change from user to user. +# You can overwrite these settings by providing a ~/.vnc/tigervnc.conf +# configuration file. + +# $vncUserDir contains the filename for the log files directory of Xtigervnc +# (the server) and the viewers that are connected to it. +# +# Default: $vncUserDir = "$ENV{HOME}/.vnc"; +$vncUserDir = "$ENV{HOME}/.config/vnc" + +# $vncPasswdFile contains the filename of the password file for Xtigervnc. +# This file is only used for the security types VncAuth, +# TLSVnc, and X509Vnc. +# +# Default: $vncPasswdFile = "$vncUserDir/passwd"; + +# $vncStartup points to a script that will be started at the very beginning +# when neither $vncUserDir/Xtigervnc-session nor $vncUserDir/xstartup is present. +# If $vncUserDir/Xtigervnc-session is present, it will be used. Otherwise, we try +# $vncUserDir/xstartup. If this is also absent, then we use the script given by +# $vncStartup. If $vncStartup is specified in $vncUserDir/tigervnc.conf, then this +# script is used unconditionally. That is without checking for the presence of +# $vncUserDir/Xtigervnc-session or $vncUserDir/xstartup. +# +# Default: $vncStartup = "/etc/X11/Xtigervnc-session"; + +# The $session option controls which X session type will be started. This +# should match one of the files in /usr/share/xsessions. For example, if there +# is a file called gnome.desktop, then $session = "gnome" would start this X +# session. The command to start the session is passed to the $vncStartup +# script. If this is not specified, then /etc/X11/Xtigervnc-session will start +# the session specified by /usr/bin/x-session-manager. +# +# Default: $session = undef; + +# $xauthorityFile should be the path to the authority file that should be used +# by the Xtigervnc server. +# +# Default: $xauthorityFile = "$ENV{XAUTHORITY}" # if the env var is defined. +# Default: $xauthorityFile = "$ENV{HOME}/.Xauthority"; # otherwise + +# $desktopName should be set to the default name of the desktop. +# This can be changed at the command line with -name. +# +# Default: $desktopName = "${HOSTFQDN}:nn ($USER)" # Where nn is the display number. + +# $geometry is is only used by the standalone TigerVNC server. It sets the +# framebuffer width & height. A default can be derived if the +# tigervncserver is run in a X session -- either $ENV{DISPLAY} or the +# session given by $getDefaultFrom -- with the -xdisplaydefaults +# option. The geometry can also be changed at the commandline with +# the -geometry option. Otherwise, the fixed default provided below +# will be used. +# +# Default: $geometry = "1920x1200"; + +# $depth sets the framebuffer color depth. Must be one of 16, 24, or 32. +# $pixelformat sets the default pixelformat. +# A default can be derived if the tigervncserver is run in a +# X session -- either $ENV{DISPLAY} or the session given by +# $getDefaultFrom -- with the -xdisplaydefaults option. The depth +# and pixelformat can also be changed at the commandline with +# the -depth and -pixelformat options. Otherwise, the fixed +# defaults provided below for the two settings will be used. +# +# Example: $depth = "16"; +# $pixelformat = "rgb565"; +# +# Default: $depth = "24"; +# Default: $pixelformat = undef; + +# $wmDecoration sets the adjustment of $geometry to accommodate the window decoration +# used by the X11 window manager. This is used to fully display +# the VNC desktop even if the VNC viewer is not in full screen mode. +# +# Default: $wmDecoration = "8x64"; + +# $getDefaultFrom sets the display for the -xdisplaydefaults option if +# tigervncserver is not called in an X session, i.e., +# the $ENV{DISPLAY} variable is not set. The -xdisplaydefaults +# option can be used to derive values for the above three +# options, i.e., $geometry to $pixelformat. The $getDefaultFrom +# value will be added to the call of xdpyinfo. +# +# Example: $getDefaultFrom = "-display localhost:0"; +# +# Default: $getDefaultFrom = undef; + +# $scrapingGeometry is only used by the scraping TigerVNC server. It specifies +# the screen area that will be shown to VNC clients, e.g., +# 640x480+320+240. The format is x++, where +# `+' signs can be replaced with `-' signs to specify offsets +# from the right and/or from the bottom of the screen. +# Offsets are optional, +0+0 is assumed by default (top left +# corner). If the argument is empty, full screen is shown to +# VNC clients (this is the default). +# +# Example: $scrapingGeometry = "640x480+320+240"; +# +# Default: $scrapingGeometry = undef; + +# $localhost should the TigerVNC server only listen on localhost for +# incoming VNC connections. +# +# Example: $localhost = "yes"; +# Example: $localhost = "no"; +# +# Default: $localhost = "yes"; # if $SecurityTypes does not contain any TLS* +# # or X509* security types or the $SecurityTypes +# # does contain at least on *None security type. +# Default: $localhost = "no"; # Otherwise + +# $SecurityTypes a comma separated list of security types the TigerVNC +# server will offer. Available are None, VncAuth, Plain, +# TLSNone, TLSVnc, TLSPlain, X509None, X509Vnc, and X509Plain. +# +# Example: $SecurityTypes = "X509Vnc,X509Plain,TLSVnc,TLSPlain,VncAuth"; +# +# Default: $SecurityTypes = "VncAuth" # if localhost is enabled (the default) +# Default: $SecurityTypes = "VncAuth,TLSVnc" # otherwise + +# $PlainUsers a comma separated list of users that are authorized to access +# the VNC server if the security types Plain, TLSPlain, or +# X509Plain are used to establish the connection. The password +# for these users are check by the system via the PAM service +# specified via $PAMService option. +# +# Example: $PlainUsers = "user1,user2"; +# +# Default: $PlainUsers only contains the user starting the tigervncserver. + +# $X509Cert and $X509Key contan the filenames for a certificate and its +# key that is used for the security types X509None, X509Vnc, +# and X509Plain. +# +# Default: $X509Cert is auto generated if absent and stored in +# ~/.vnc/${HOSTFQDN}-SrvCert.pem +# Default: $X509Key is auto generated if absent and stored in +# ~/.vnc/${HOSTFQDN}-SrvKey.pem +# +# If filenames are given for $X509Cert and $X509Key either here or +# on the commandline via -X509Cert and -X509Key options, then +# the auto generation is disabled and the user has to take care +# that usable certificates are present. + +1; \ No newline at end of file diff --git a/home/dot_config/vnc/etc/tigervnc/vncserver-config-mandatory b/home/dot_config/vnc/etc/tigervnc/vncserver-config-mandatory new file mode 100644 index 00000000..77bbfb52 --- /dev/null +++ b/home/dot_config/vnc/etc/tigervnc/vncserver-config-mandatory @@ -0,0 +1,56 @@ +# /etc/tigervnc/vncserver-config-mandatory written by Joachim Falk. This file is +# in the Public Domain. +# +# This is a configuration file for the tigervnc-standalone-server and the +# tigervnc-scraping-server packages. +# +# The options specified in this file override any of the same options defined +# in vncserver-config-defaults, a user's tigervnc.conf file, as well as options +# given via the command line. This file offers a mechanism to establish some +# basic form of system-wide policy. +# +# ****************************************************************************** +# * WARNING! Nothing is stopping users from realizing their own start script * +# * that calls Xtigervnc directly to bypass any options defined in this file. * +# ****************************************************************************** +# +# See the following manpages for more details: +# - tigervnc.conf(5x) +# - tigervncserver(1) +# - tigervncsession(8) +# - Xtigervnc(1) +# +# This file has Perl syntax and is source from the tigervncserver script. +# Several common settings are shown below. Uncomment and modify to your liking. + +# $SecurityTypes a comma separated list of security types the TigerVNC +# server will offer. Available are None, VncAuth, Plain, +# TLSNone, TLSVnc, TLSPlain, X509None, X509Vnc, and X509Plain. +# +# Example: $SecurityTypes = "X509Vnc,X509Plain,TLSVnc,TLSPlain,VncAuth"; + +# $desktopName specifies the name of the desktop. +# +# Example: $desktopName = "${HOSTFQDN}:nn ($USER)" # Where nn is the display number. + +# $geometry sets framebuffer width & height. +# +# Example: $geometry="2000x1200"; + +# $localhost should the TigerVNC server only listen on localhost for +# incoming VNC connections. +# +# Example: $localhost = "yes"; +# Example: $localhost = "no"; + +# $AlwaysShared specifies if incoming connections are always treated as shared, +# regardless of the client-specified setting. +# +# Default: $AlwaysShared = "no"; +# Example: $AlwaysShared = "yes"; + +# $NeverShared specifies if incoming connections are never treated as shared, +# regardless of the client-specified setting. +# +# Default: $NeverShared = "no"; +# Example: $NeverShared = "yes"; \ No newline at end of file diff --git a/home/dot_config/vnc/etc/tigervnc/vncserver.users.tmpl b/home/dot_config/vnc/etc/tigervnc/vncserver.users.tmpl new file mode 100644 index 00000000..5770bb12 --- /dev/null +++ b/home/dot_config/vnc/etc/tigervnc/vncserver.users.tmpl @@ -0,0 +1,7 @@ +# TigerVNC User assignment +# +# This file assigns users to specific VNC display numbers. +# The syntax is =. E.g.: +# +# :2=andrew +:1={{ .user.name }} diff --git a/home/dot_config/vnc/executable_xstartup b/home/dot_config/vnc/executable_xstartup new file mode 100644 index 00000000..7832892f --- /dev/null +++ b/home/dot_config/vnc/executable_xstartup @@ -0,0 +1,11 @@ +#!/bin/sh +# Start up the standard system desktop +# Source: https://www.tecmint.com/install-and-configure-vnc-server-on-ubuntu/ + +unset SESSION_MANAGER +unset DBUS_SESSION_BUS_ADDRESS + +[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup +[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources +vncconfig -iconic & +dbus-launch --exit-with-session gnome-session & diff --git a/home/dot_local/bin/executable_install-program b/home/dot_local/bin/executable_install-program index bf3b68fe..b60b1465 100644 --- a/home/dot_local/bin/executable_install-program +++ b/home/dot_local/bin/executable_install-program @@ -1580,7 +1580,7 @@ async function updateService(service) { const brew = which.sync('brew', { nothrow: true }) if (brew) { try { - runCommand(`Starting / enabling ${service} with Homebrew`, `brew services start ${service}`) + runCommand(`Starting / enabling ${service} with Homebrew`, `sudo brew services start ${service}`) log('success', logStage, `Started / enabled the ${service} service with Homebrew`) } catch (e) { log('error', logStage, `There was an error starting / enabling the ${service} Homebrew service`) diff --git a/software.yml b/software.yml index 4c2650dc..c328fbf4 100644 --- a/software.yml +++ b/software.yml @@ -371,10 +371,10 @@ softwarePackages: _home: https://pieces.app/ _name: Pieces _post:snap: sudo snap connect pieces-os:dotnet-runtime-aspnetcore - _when:pkg-darwin: test -d /Applications/Pieces.app + _when:script:darwin: '! test -d /Applications/Pieces.app' # TODO - Figure out how to deal with appinstaller appinstaller: https://builds.pieces.app/stages/production/pieces_suite_windows/appinstaller/download - pkg-darwin: https://builds.pieces.app/stages/production/macos_packaging/pkg/download + script:darwin: cd /tmp && curl -sSL https://builds.pieces.app/stages/production/macos_packaging/pkg/download > Pieces.pkg && sudo installer -pkg Pieces.pkg -target / && rm -f /tmp/Pieces.pkg snap: pieces-os pieces-cli: _bin: pieces @@ -1150,6 +1150,7 @@ softwarePackages: _bin: utm _github: https://github.com/utmapp/UTM _name: UTM + _when:cask: '! test -d /Applications/UTM.app' cask: utm amethyst: _bin: amethyst @@ -7921,7 +7922,7 @@ softwarePackages: _bin: kap _github: https://github.com/wulkano/Kap _name: Kap - _when:cask: echo '! test -d /Applications/Kap.app' | bash + _when:cask: '! test -d /Applications/Kap.app' cask: kap autodoc: _bin: doc @@ -8363,6 +8364,7 @@ softwarePackages: _bin: sparkleshare _github: https://github.com/hbons/SparkleShare _name: Sparkle Share + _when:cask: '! test -d /Applications/SparkleShare.app' cask: sparkleshare choco: sparkleshare flatpak: org.sparkleshare.SparkleShare @@ -9172,7 +9174,7 @@ softwarePackages: _when:windows: '! test -f "C:\Program Files (x86)\ossec-agent\agent-auth.exe"' ansible: professormanhattan.wazuh choco: wazuh-agent - script:darwin: cd /tmp && curl -sSL https://packages.wazuh.com/4.x/macos/wazuh-agent-4.4.4-1.pkg > wazuh-agent.pkg && sudo installer -pkg wazuh-agent.pkg -target / && sudo chmod 755 /Library/Ossec && sudo chmod 755 /Library/Ossec/bin + script:darwin: cd /tmp && curl -sSL https://packages.wazuh.com/4.x/macos/wazuh-agent-4.4.4-1.pkg > wazuh-agent.pkg && sudo installer -pkg wazuh-agent.pkg -target / && sudo chmod 755 /Library/Ossec && sudo chmod 755 /Library/Ossec/bin && rm /tmp/wazuh-agent.pkg script:linux: if command -v apt-get > /dev/null; then curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | sudo gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && sudo chmod 644 /usr/share/keyrings/wazuh.gpg && echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | sudo tee -a /etc/apt/sources.list.d/wazuh.list && sudo apt-get update && sudo apt-get install -y wazuh-agent; elif command -v dnf > /dev/null; then echo "[wazuh]" | sudo tee -a /etc/yum.repos.d/wazuh.repo && echo "gpgcheck=1" | sudo tee -a /etc/yum.repos.d/wazuh.repo && echo "gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH" | sudo tee -a /etc/yum.repos.d/wazuh.repo && echo "enabled=1" | sudo tee -a /etc/yum.repos.d/wazuh.repo && echo "name=EL-\$releasever - Wazuh" | sudo tee -a /etc/yum.repos.d/wazuh.repo && echo "baseurl=https://packages.wazuh.com/4.x/yum/" | sudo tee -a /etc/yum.repos.d/wazuh.repo && echo "protect=1" | sudo tee -a /etc/yum.repos.d/wazuh.repo && sudo rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH && sudo dnf install -y wazuh-agent; elif command -v zypper > /dev/null; then echo "[wazuh]" | sudo tee -a /etc/zypp/repos.d/wazuh.repo && echo "gpgcheck=1" | sudo tee -a /etc/zypp/repos.d/wazuh.repo && echo "gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH" | sudo tee -a /etc/zypp/repos.d/wazuh.repo && echo "enabled=1" | sudo tee -a /etc/zypp/repos.d/wazuh.repo && echo "name=EL-$releasever - Wazuh" | sudo tee -a /etc/zypp/repos.d/wazuh.repo && echo "baseurl=https://packages.wazuh.com/4.x/yum/" | sudo tee -a /etc/zypp/repos.d/wazuh.repo && echo "protect=1" | sudo tee -a /etc/zypp/repos.d/wazuh.repo && sudo rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH && sudo zypper install -y wazuh-agent; elif command -v apk > /dev/null; then sudo wget -O /etc/apk/keys/alpine-devel@wazuh.com-633d7457.rsa.pub https://packages.wazuh.com/key/alpine-devel%40wazuh.com-633d7457.rsa.pub && echo "https://packages.wazuh.com/4.x/alpine/v3.12/main" | sudo tee -a /etc/apk/repositories && sudo apk update && sudo apk add wazuh-agent; fi websocat: _bin: websocat @@ -9672,9 +9674,23 @@ softwarePackages: _bin: obs-studio _github: https://github.com/obsproject/obs-studio _name: OBS Studio + _when:cask: '! test -d /Applications/OBS.app' cask: obs choco: obs-studio flatpak: com.obsproject.Studio + shell-gpt: + _bin: sgpt + _github: https://github.com/TheR1D/shell_gpt + _name: Shell GPT + pipx: shell-gpt + tigervnc: + _bin: tigervncpasswd + _github: https://github.com/DukeyToo/tightvnc-server + _name: TightVNC Server + apt: tigervnc-standalone-server + dnf: tigervnc-server + pacman: tigervnc + zypper: tigervnc zap: _bin: zap _desc: Delightful AppImage package manager @@ -9761,8 +9777,7 @@ softwarePlugins: - snyk/snyk-docker-desktop-extension - tailscale/docker-extension dotnet: - cmd: dotnet tool install -g {PLUGIN} - # cmd: Handled by .chezmoiexternal.toml + cmd: sudo chown -r "$USER" "$HOME/.local/share/NuGet" && dotnet tool install -g {PLUGIN} plugins: - Microsoft.CST.AttackSurfaceAnalyzer.CLI - dotnet-format @@ -9868,6 +9883,11 @@ softwarePlugins: - theapsgroup/keycloak - theapsgroup/vault - twitter + teams: + cmd: + plugins: + - name: Pieces + plugin: https://teams.microsoft.com/l/app/789f23b3-d882-45ca-b3a3-de7f850656ea vagrant: cmd: bash -c 'if ! vagrant plugin list | grep {PLUGIN}; then vagrant plugin install {PLUGIN}; fi' plugins: @@ -9876,7 +9896,9 @@ softwarePlugins: - vagrant-google - vagrant-hostmanager - vagrant-libvirt + - vagrant-openstack-provider - vagrant-parallels + - vagrant-proxmox - vagrant-share - vagrant-vbguest - vagrant-vmware-desktop