diff --git a/home/.chezmoi.yaml.tmpl b/home/.chezmoi.yaml.tmpl index 20d7d88b..246768b1 100644 --- a/home/.chezmoi.yaml.tmpl +++ b/home/.chezmoi.yaml.tmpl @@ -180,7 +180,7 @@ data: r2: "{{ $cloudflareR2AccountId }}" username: "{{ $cloudflareUsername }}" defaultBrowser: chrome - defaultBrowserDarwin: browserosaurus + defaultBrowserDarwin: chrome digitalOceanClusterId: b7fc4e37-ffe7-4ea1-887a-0e19ee077f32 # `domain` is kept here for backwards compatibility, but the .host.domain is the preferred selector domain: "{{ $domain }}" diff --git a/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl index 196e6fa7..8d016695 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl @@ -94,13 +94,13 @@ if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; th else logg warn 'Session is SSH so adding Cloudflare encryption key to trusted certificates via the security program is being bypassed since it requires Touch ID / Password verification.' fi - if [ -d /usr/local/etc/openssl@3/certs ]; then + if [ -d "/usr/local/etc/openssl@3/certs" ]; then # Location on Intel macOS logg info 'Adding Cloudflare certificate to `/usr/local/etc/openssl@3/certs/Cloudflare_CA.pem`' echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /usr/local/etc/openssl@3/certs/Cloudflare_CA.pem logg info 'Running `/usr/local/opt/openssl@3/bin/c_rehash`' /usr/local/opt/openssl@3/bin/c_rehash - elif [ -d /opt/homebrew/etc/openssl@3/certs ]; then + elif [ -d "/opt/homebrew/etc/openssl@3/certs" ]; then # Location on arm64 macOS logg info 'Adding Cloudflare certificate to `/opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem`' echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem @@ -129,7 +129,7 @@ if command -v warp-cli > /dev/null; then logg info 'Registering CloudFlare WARP' warp-cli --accept-tos register else - logg info 'Already registered with CloudFlare WARP' + logg info 'Either there is a misconfiguration or the device is already registered with CloudFlare WARP' fi ### Connect CloudFlare WARP @@ -137,7 +137,7 @@ if command -v warp-cli > /dev/null; then logg info 'Connecting to CloudFlare WARP' warp-cli --accept-tos connect else - logg info 'Already connected to CloudFlare WARP' + logg info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP' fi else logg warn '`warp-cli` was not installed so CloudFlare Zero Trust cannot be joined' diff --git a/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl index dfa8bc7e..b0bb182d 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl @@ -1,4 +1,4 @@ -{{- if (ne .host.distro.family "windows") }} +{{- if (ne .host.distro.family "windows") -}} #!/usr/bin/env bash # @file ASDF Plugins / Install # @brief Configures ASDF plugins and ensures they are pre-installed. diff --git a/home/.chezmoiscripts/universal/run_onchange_after_16-vnc.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_16-vnc.sh.tmpl index 2f436ac4..b4d45df7 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_16-vnc.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_16-vnc.sh.tmpl @@ -1,4 +1,4 @@ -{{- if (ne .host.distro.family "windows") }} +{{- if (ne .host.distro.family "windows") -}} #!/usr/bin/env bash # @file VNC Setup # @brief Ensures VNC is set-up if system packages are available. diff --git a/home/.chezmoiscripts/universal/run_onchange_after_18-install-sdkman.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_18-install-sdkman.sh.tmpl index 73b3cab6..bf46ffc3 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_18-install-sdkman.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_18-install-sdkman.sh.tmpl @@ -17,4 +17,6 @@ if [ ! -d "$SDKMAN_DIR" ]; then bash -c 'sdk install java' else logg info 'SDKMan appears to already be installed.' + logg info 'Running `sdk update`' + sdk update fi diff --git a/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl index 653f3bf5..6efada27 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl @@ -17,6 +17,10 @@ if command -v netdata-claim.sh > /dev/null; then NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}" NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}" + # Add user / group with script in ~/.local/bin/add-user, if it is available + if command -v add-user > /dev/null; then + sudo add-user netdata + fi # netdata-claim.sh must be run as netdata user sudo -H -u netdata bash -c 'netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"' diff --git a/home/.chezmoiscripts/universal/run_onchange_after_82-kasm-workspaces.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_82-kasm-workspaces.sh.tmpl index 1be4154f..feacf2ee 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_82-kasm-workspaces.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_82-kasm-workspaces.sh.tmpl @@ -1,12 +1,13 @@ -{{- if (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "DIGITALOCEAN_ACCESS_TOKEN")) (env "DIGITALOCEAN_ACCESS_TOKEN")) -}} +{{- if false -}} #!/usr/bin/env bash # @file Kasm Workspaces -# @brief Connects to DigitalOcean Kubernetes cluster +# @brief Sets up cloud desktop server via Kasm Workspaces # @description -# This script runs when `DIGITALOCEAN_ACCESS_TOKEN` is defined as an environment variable or as an encrypted key (see -# [Secrets documentation](https://install.doctor/docs/customization/secrets#encrypted-secrets)). If the check passes, -# then the script ensures the DigitalOcean CLI is installed (i.e. `doctl`). Then, it uses `doctl` to connect to the Kubernetes -# cluster defined by the the configuration stored under `.user.digitalOceanClusterId` in `home/.chezmoi.yaml.tmpl`. +# This script configures Kasm Workspaces. {{ includeTemplate "universal/profile" }} -{{ includeTemplate "universal/logg" }} \ No newline at end of file +{{ includeTemplate "universal/logg" }} + +logg info 'Coming soon..' + +{{ end -}} diff --git a/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_ID b/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_ID index 818c403d..a51703c5 100644 --- a/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_ID +++ b/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_ID @@ -1,7 +1,7 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzV0lySnFOemZKdGo4ZEdB -a1lRMVJJZWorU1RaL2M4M25pSTl4UHlKUFYwClhJOU54bkNmTXcvcFZWVVVCTDhv -T0ZJSHVwcUhKZVVDVmdrSGZ6K0dwV3MKLS0tIFRTQ3BEeFFjL1BCVWMxS1RIR28y -WEhlblBmUWJYeDhIS1FJYXY1OEVQdmcKSAKdvbqBpY3s4oYUuiTDBT5K4Fpeo3bi -LsjWK64f48oGfxoNmsdXXVbu82jO8TmecwNgUOoLC1UQxy/xkymMPosOse8nIwhx +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtNW9LMUlpNHBuTXVUSXRJ +SElJMjUzUXltQnk4NFUyNmh0TEFLbXJTVlE0CmJUZVZZMEFlQnJyK1QwRVV4ZzAw +bHUrN29kM0ljT29mYUpRbjFXZFVZU1UKLS0tIHQrc0I1RTd1YWRwUWRENE1UK2xG +VnlmYTRsVFNtVjdoWXlIcU13TUYrL2sK07hkfMJXIZmhF3kXvz9dpqbYEoG6CLWX +CVbVXowWXWl69hY2BD3XI9AnwR9KwsczJfXZRtgPs7SCWN001B2XuX8LHhbegug= -----END AGE ENCRYPTED FILE----- \ No newline at end of file diff --git a/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET b/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET index ff6f2157..fb14d5d0 100644 --- a/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET +++ b/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET @@ -1,8 +1,8 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwbnREOXUxazRlWDZtM0lm -ZVc2UnlPVFlGM1N6czFnTDYzWmQ4YldqTmhrCnI3U2FLUytDamZDZ0dTT0V2M3ds -VGNFbTVLRDZteTErMFpaUlpqakp4T1UKLS0tIGErNkowbFBkWldjNHdhNnVjdGM4 -REhXUW5Md21JSkhSMWxVN08rZFNGYjQKDuim4gInqRt4jagEQjo6+rtQ0Esrtkg5 -nVo8R3P0gCd7r8BbYxmVy+ez9bVVetJcyr7m0rpderOVb9fy/AGRQT0ccD8KQ76N -ytpGa+AsMH/T8ExjRTgxKF1I2RF9yG29ig== +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArWXJOQVZta1RhYWVRWlp3 +YTNNeUg3RU5vRlVJZi8wTEpoSG03aFQvMmwwCkUrUnBHYzA5VU54ZUlrSkNXaWRp +WFpFTHp1ZzVwZmo3QUpMSGkzK2V6UjQKLS0tIHdEcUo2SU56d3piaWIwbnFEdWRR +UDZvYTlzekttNmgvZUlKN3BJU2tJNUEKUUCIH5OsECccty2SFEiwRS1WAMBOQdPE +5eDXyPE06oWt7c2CM/omAjdER9QrsbAHUiN0oNpm5FB60pcexb60a6OV+eyoEhYC +/NKQQw5PYCf58NpEiSDahscSgY/n+YNN -----END AGE ENCRYPTED FILE----- \ No newline at end of file diff --git a/home/Library/Managed Preferences/private_com.cloudflare.warp.plist.tmpl b/home/Library/Managed Preferences/private_com.cloudflare.warp.plist.tmpl index 169909c0..0f8ecd58 100644 --- a/home/Library/Managed Preferences/private_com.cloudflare.warp.plist.tmpl +++ b/home/Library/Managed Preferences/private_com.cloudflare.warp.plist.tmpl @@ -6,8 +6,6 @@ onboarding - auto_connect - 60 organization manhattan service_mode diff --git a/home/dot_bashrc b/home/dot_bashrc index 888d65f6..0b9ace58 100644 --- a/home/dot_bashrc +++ b/home/dot_bashrc @@ -49,7 +49,7 @@ if [ "$BASH_SUPPORT" = 'true' ]; then ### Styled Terminal export BASH_IT="$HOME/.local/bash_it" export BASH_IT_THEME="powerline" - if [ -f "$BASH_IT/bash_it.sh" ]; then + if command -v powerline-daemon > /dev/null && [ -f "$BASH_IT/bash_it.sh" ]; then . "$BASH_IT/bash_it.sh" elif command -v oh-my-posh > /dev/null; then # Oh My Posh (See: https://ohmyposh.dev/) @@ -142,6 +142,6 @@ if [ "$BASH_SUPPORT" = 'true' ]; then ### zoxide if command -v zoxide > /dev/null; then - eval "$(zoxide init --cmd cd bash)" > /dev/null + eval "$(zoxide init bash)" fi fi diff --git a/home/dot_tool-versions.tmpl b/home/dot_tool-versions.tmpl index 1322e126..014aeac1 100644 --- a/home/dot_tool-versions.tmpl +++ b/home/dot_tool-versions.tmpl @@ -1,5 +1,5 @@ golang system -java system +java openjdk-17 deno system nodejs system php system diff --git a/home/dot_zshrc b/home/dot_zshrc index e0f2953c..cf2cc593 100644 --- a/home/dot_zshrc +++ b/home/dot_zshrc @@ -391,9 +391,6 @@ zstyle ':autocomplete:history-incremental-search-*:*' list-lines 14 if command -v fzf > /dev/null; then zstyle ':autocomplete:*' fzf-completion yes fi -if command -v zoxide > /dev/null; then - zstyle ':autocomplete:recent-dirs' backend zoxide -fi ### Atuin if command -v atuin > /dev/null; then @@ -430,9 +427,9 @@ if [ -f "$HOME/.local/scripts/iterm2.zsh" ]; then fi ### Java (asdf) -# if [ -f "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh" ]; then -# . "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh" -# fi +if [ -f "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh" ]; then + . "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh" +fi ### Navi (Ctrl+G) if command -v navi > /dev/null; then @@ -464,5 +461,7 @@ fi ### zoxide if command -v zoxide > /dev/null; then - eval "$(zoxide init --cmd cd zsh)" > /dev/null + zstyle ':autocomplete:recent-dirs' backend zoxide + # eval "$(zoxide init --cmd cd zsh)" > /dev/null + eval "$(zoxide init zsh)" fi diff --git a/software.yml b/software.yml index d2476955..d902b649 100644 --- a/software.yml +++ b/software.yml @@ -3567,8 +3567,6 @@ softwarePackages: pacman: gitlab-runner port: gitlab-runner scoop: gitlab-runner - _service: gitlab-runner - _type: cli gitleaks: _bin: gitleaks _desc: Extension to scan git repos (or files) for secrets using regex and entropy