This commit is contained in:
Brian Zalewski 2023-07-07 08:29:58 +00:00
parent c48ed73348
commit d5655ae7b1
14 changed files with 41 additions and 39 deletions

View file

@ -180,7 +180,7 @@ data:
r2: "{{ $cloudflareR2AccountId }}"
username: "{{ $cloudflareUsername }}"
defaultBrowser: chrome
defaultBrowserDarwin: browserosaurus
defaultBrowserDarwin: chrome
digitalOceanClusterId: b7fc4e37-ffe7-4ea1-887a-0e19ee077f32
# `domain` is kept here for backwards compatibility, but the .host.domain is the preferred selector
domain: "{{ $domain }}"

View file

@ -94,13 +94,13 @@ if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; th
else
logg warn 'Session is SSH so adding Cloudflare encryption key to trusted certificates via the security program is being bypassed since it requires Touch ID / Password verification.'
fi
if [ -d /usr/local/etc/openssl@3/certs ]; then
if [ -d "/usr/local/etc/openssl@3/certs" ]; then
# Location on Intel macOS
logg info 'Adding Cloudflare certificate to `/usr/local/etc/openssl@3/certs/Cloudflare_CA.pem`'
echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /usr/local/etc/openssl@3/certs/Cloudflare_CA.pem
logg info 'Running `/usr/local/opt/openssl@3/bin/c_rehash`'
/usr/local/opt/openssl@3/bin/c_rehash
elif [ -d /opt/homebrew/etc/openssl@3/certs ]; then
elif [ -d "/opt/homebrew/etc/openssl@3/certs" ]; then
# Location on arm64 macOS
logg info 'Adding Cloudflare certificate to `/opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem`'
echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem
@ -129,7 +129,7 @@ if command -v warp-cli > /dev/null; then
logg info 'Registering CloudFlare WARP'
warp-cli --accept-tos register
else
logg info 'Already registered with CloudFlare WARP'
logg info 'Either there is a misconfiguration or the device is already registered with CloudFlare WARP'
fi
### Connect CloudFlare WARP
@ -137,7 +137,7 @@ if command -v warp-cli > /dev/null; then
logg info 'Connecting to CloudFlare WARP'
warp-cli --accept-tos connect
else
logg info 'Already connected to CloudFlare WARP'
logg info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP'
fi
else
logg warn '`warp-cli` was not installed so CloudFlare Zero Trust cannot be joined'

View file

@ -1,4 +1,4 @@
{{- if (ne .host.distro.family "windows") }}
{{- if (ne .host.distro.family "windows") -}}
#!/usr/bin/env bash
# @file ASDF Plugins / Install
# @brief Configures ASDF plugins and ensures they are pre-installed.

View file

@ -1,4 +1,4 @@
{{- if (ne .host.distro.family "windows") }}
{{- if (ne .host.distro.family "windows") -}}
#!/usr/bin/env bash
# @file VNC Setup
# @brief Ensures VNC is set-up if system packages are available.

View file

@ -17,4 +17,6 @@ if [ ! -d "$SDKMAN_DIR" ]; then
bash -c 'sdk install java'
else
logg info 'SDKMan appears to already be installed.'
logg info 'Running `sdk update`'
sdk update
fi

View file

@ -17,6 +17,10 @@
if command -v netdata-claim.sh > /dev/null; then
NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}"
NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}"
# Add user / group with script in ~/.local/bin/add-user, if it is available
if command -v add-user > /dev/null; then
sudo add-user netdata
fi
# netdata-claim.sh must be run as netdata user
sudo -H -u netdata bash -c 'netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"'

View file

@ -1,12 +1,13 @@
{{- if (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "DIGITALOCEAN_ACCESS_TOKEN")) (env "DIGITALOCEAN_ACCESS_TOKEN")) -}}
{{- if false -}}
#!/usr/bin/env bash
# @file Kasm Workspaces
# @brief Connects to DigitalOcean Kubernetes cluster
# @brief Sets up cloud desktop server via Kasm Workspaces
# @description
# This script runs when `DIGITALOCEAN_ACCESS_TOKEN` is defined as an environment variable or as an encrypted key (see
# [Secrets documentation](https://install.doctor/docs/customization/secrets#encrypted-secrets)). If the check passes,
# then the script ensures the DigitalOcean CLI is installed (i.e. `doctl`). Then, it uses `doctl` to connect to the Kubernetes
# cluster defined by the the configuration stored under `.user.digitalOceanClusterId` in `home/.chezmoi.yaml.tmpl`.
# This script configures Kasm Workspaces.
{{ includeTemplate "universal/profile" }}
{{ includeTemplate "universal/logg" }}
{{ includeTemplate "universal/logg" }}
logg info 'Coming soon..'
{{ end -}}

View file

@ -1,7 +1,7 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzV0lySnFOemZKdGo4ZEdB
a1lRMVJJZWorU1RaL2M4M25pSTl4UHlKUFYwClhJOU54bkNmTXcvcFZWVVVCTDhv
T0ZJSHVwcUhKZVVDVmdrSGZ6K0dwV3MKLS0tIFRTQ3BEeFFjL1BCVWMxS1RIR28y
WEhlblBmUWJYeDhIS1FJYXY1OEVQdmcKSAKdvbqBpY3s4oYUuiTDBT5K4Fpeo3bi
LsjWK64f48oGfxoNmsdXXVbu82jO8TmecwNgUOoLC1UQxy/xkymMPosOse8nIwhx
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtNW9LMUlpNHBuTXVUSXRJ
SElJMjUzUXltQnk4NFUyNmh0TEFLbXJTVlE0CmJUZVZZMEFlQnJyK1QwRVV4ZzAw
bHUrN29kM0ljT29mYUpRbjFXZFVZU1UKLS0tIHQrc0I1RTd1YWRwUWRENE1UK2xG
VnlmYTRsVFNtVjdoWXlIcU13TUYrL2sK07hkfMJXIZmhF3kXvz9dpqbYEoG6CLWX
CVbVXowWXWl69hY2BD3XI9AnwR9KwsczJfXZRtgPs7SCWN001B2XuX8LHhbegug=
-----END AGE ENCRYPTED FILE-----

View file

@ -1,8 +1,8 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwbnREOXUxazRlWDZtM0lm
ZVc2UnlPVFlGM1N6czFnTDYzWmQ4YldqTmhrCnI3U2FLUytDamZDZ0dTT0V2M3ds
VGNFbTVLRDZteTErMFpaUlpqakp4T1UKLS0tIGErNkowbFBkWldjNHdhNnVjdGM4
REhXUW5Md21JSkhSMWxVN08rZFNGYjQKDuim4gInqRt4jagEQjo6+rtQ0Esrtkg5
nVo8R3P0gCd7r8BbYxmVy+ez9bVVetJcyr7m0rpderOVb9fy/AGRQT0ccD8KQ76N
ytpGa+AsMH/T8ExjRTgxKF1I2RF9yG29ig==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArWXJOQVZta1RhYWVRWlp3
YTNNeUg3RU5vRlVJZi8wTEpoSG03aFQvMmwwCkUrUnBHYzA5VU54ZUlrSkNXaWRp
WFpFTHp1ZzVwZmo3QUpMSGkzK2V6UjQKLS0tIHdEcUo2SU56d3piaWIwbnFEdWRR
UDZvYTlzekttNmgvZUlKN3BJU2tJNUEKUUCIH5OsECccty2SFEiwRS1WAMBOQdPE
5eDXyPE06oWt7c2CM/omAjdER9QrsbAHUiN0oNpm5FB60pcexb60a6OV+eyoEhYC
/NKQQw5PYCf58NpEiSDahscSgY/n+YNN
-----END AGE ENCRYPTED FILE-----

View file

@ -6,8 +6,6 @@
<true />
<key>onboarding</key>
<false />
<key>auto_connect</key>
<interger>60</interger>
<key>organization</key>
<string>manhattan</string>
<key>service_mode</key>

View file

@ -49,7 +49,7 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
### Styled Terminal
export BASH_IT="$HOME/.local/bash_it"
export BASH_IT_THEME="powerline"
if [ -f "$BASH_IT/bash_it.sh" ]; then
if command -v powerline-daemon > /dev/null && [ -f "$BASH_IT/bash_it.sh" ]; then
. "$BASH_IT/bash_it.sh"
elif command -v oh-my-posh > /dev/null; then
# Oh My Posh (See: https://ohmyposh.dev/)
@ -142,6 +142,6 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
### zoxide
if command -v zoxide > /dev/null; then
eval "$(zoxide init --cmd cd bash)" > /dev/null
eval "$(zoxide init bash)"
fi
fi

View file

@ -1,5 +1,5 @@
golang system
java system
java openjdk-17
deno system
nodejs system
php system

View file

@ -391,9 +391,6 @@ zstyle ':autocomplete:history-incremental-search-*:*' list-lines 14
if command -v fzf > /dev/null; then
zstyle ':autocomplete:*' fzf-completion yes
fi
if command -v zoxide > /dev/null; then
zstyle ':autocomplete:recent-dirs' backend zoxide
fi
### Atuin
if command -v atuin > /dev/null; then
@ -430,9 +427,9 @@ if [ -f "$HOME/.local/scripts/iterm2.zsh" ]; then
fi
### Java (asdf)
# if [ -f "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh" ]; then
# . "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh"
# fi
if [ -f "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh" ]; then
. "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh"
fi
### Navi (Ctrl+G)
if command -v navi > /dev/null; then
@ -464,5 +461,7 @@ fi
### zoxide
if command -v zoxide > /dev/null; then
eval "$(zoxide init --cmd cd zsh)" > /dev/null
zstyle ':autocomplete:recent-dirs' backend zoxide
# eval "$(zoxide init --cmd cd zsh)" > /dev/null
eval "$(zoxide init zsh)"
fi

View file

@ -3567,8 +3567,6 @@ softwarePackages:
pacman: gitlab-runner
port: gitlab-runner
scoop: gitlab-runner
_service: gitlab-runner
_type: cli
gitleaks:
_bin: gitleaks
_desc: Extension to scan git repos (or files) for secrets using regex and entropy