diff --git a/home/.chezmoi.yaml.tmpl b/home/.chezmoi.yaml.tmpl
index 20d7d88b..246768b1 100644
--- a/home/.chezmoi.yaml.tmpl
+++ b/home/.chezmoi.yaml.tmpl
@@ -180,7 +180,7 @@ data:
r2: "{{ $cloudflareR2AccountId }}"
username: "{{ $cloudflareUsername }}"
defaultBrowser: chrome
- defaultBrowserDarwin: browserosaurus
+ defaultBrowserDarwin: chrome
digitalOceanClusterId: b7fc4e37-ffe7-4ea1-887a-0e19ee077f32
# `domain` is kept here for backwards compatibility, but the .host.domain is the preferred selector
domain: "{{ $domain }}"
diff --git a/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl
index 196e6fa7..8d016695 100644
--- a/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl
@@ -94,13 +94,13 @@ if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; th
else
logg warn 'Session is SSH so adding Cloudflare encryption key to trusted certificates via the security program is being bypassed since it requires Touch ID / Password verification.'
fi
- if [ -d /usr/local/etc/openssl@3/certs ]; then
+ if [ -d "/usr/local/etc/openssl@3/certs" ]; then
# Location on Intel macOS
logg info 'Adding Cloudflare certificate to `/usr/local/etc/openssl@3/certs/Cloudflare_CA.pem`'
echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /usr/local/etc/openssl@3/certs/Cloudflare_CA.pem
logg info 'Running `/usr/local/opt/openssl@3/bin/c_rehash`'
/usr/local/opt/openssl@3/bin/c_rehash
- elif [ -d /opt/homebrew/etc/openssl@3/certs ]; then
+ elif [ -d "/opt/homebrew/etc/openssl@3/certs" ]; then
# Location on arm64 macOS
logg info 'Adding Cloudflare certificate to `/opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem`'
echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem
@@ -129,7 +129,7 @@ if command -v warp-cli > /dev/null; then
logg info 'Registering CloudFlare WARP'
warp-cli --accept-tos register
else
- logg info 'Already registered with CloudFlare WARP'
+ logg info 'Either there is a misconfiguration or the device is already registered with CloudFlare WARP'
fi
### Connect CloudFlare WARP
@@ -137,7 +137,7 @@ if command -v warp-cli > /dev/null; then
logg info 'Connecting to CloudFlare WARP'
warp-cli --accept-tos connect
else
- logg info 'Already connected to CloudFlare WARP'
+ logg info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP'
fi
else
logg warn '`warp-cli` was not installed so CloudFlare Zero Trust cannot be joined'
diff --git a/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl
index dfa8bc7e..b0bb182d 100644
--- a/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_15-install-asdf-packages.sh.tmpl
@@ -1,4 +1,4 @@
-{{- if (ne .host.distro.family "windows") }}
+{{- if (ne .host.distro.family "windows") -}}
#!/usr/bin/env bash
# @file ASDF Plugins / Install
# @brief Configures ASDF plugins and ensures they are pre-installed.
diff --git a/home/.chezmoiscripts/universal/run_onchange_after_16-vnc.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_16-vnc.sh.tmpl
index 2f436ac4..b4d45df7 100644
--- a/home/.chezmoiscripts/universal/run_onchange_after_16-vnc.sh.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_16-vnc.sh.tmpl
@@ -1,4 +1,4 @@
-{{- if (ne .host.distro.family "windows") }}
+{{- if (ne .host.distro.family "windows") -}}
#!/usr/bin/env bash
# @file VNC Setup
# @brief Ensures VNC is set-up if system packages are available.
diff --git a/home/.chezmoiscripts/universal/run_onchange_after_18-install-sdkman.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_18-install-sdkman.sh.tmpl
index 73b3cab6..bf46ffc3 100644
--- a/home/.chezmoiscripts/universal/run_onchange_after_18-install-sdkman.sh.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_18-install-sdkman.sh.tmpl
@@ -17,4 +17,6 @@ if [ ! -d "$SDKMAN_DIR" ]; then
bash -c 'sdk install java'
else
logg info 'SDKMan appears to already be installed.'
+ logg info 'Running `sdk update`'
+ sdk update
fi
diff --git a/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl
index 653f3bf5..6efada27 100644
--- a/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl
@@ -17,6 +17,10 @@
if command -v netdata-claim.sh > /dev/null; then
NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}"
NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}"
+ # Add user / group with script in ~/.local/bin/add-user, if it is available
+ if command -v add-user > /dev/null; then
+ sudo add-user netdata
+ fi
# netdata-claim.sh must be run as netdata user
sudo -H -u netdata bash -c 'netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"'
diff --git a/home/.chezmoiscripts/universal/run_onchange_after_82-kasm-workspaces.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_82-kasm-workspaces.sh.tmpl
index 1be4154f..feacf2ee 100644
--- a/home/.chezmoiscripts/universal/run_onchange_after_82-kasm-workspaces.sh.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_82-kasm-workspaces.sh.tmpl
@@ -1,12 +1,13 @@
-{{- if (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "DIGITALOCEAN_ACCESS_TOKEN")) (env "DIGITALOCEAN_ACCESS_TOKEN")) -}}
+{{- if false -}}
#!/usr/bin/env bash
# @file Kasm Workspaces
-# @brief Connects to DigitalOcean Kubernetes cluster
+# @brief Sets up cloud desktop server via Kasm Workspaces
# @description
-# This script runs when `DIGITALOCEAN_ACCESS_TOKEN` is defined as an environment variable or as an encrypted key (see
-# [Secrets documentation](https://install.doctor/docs/customization/secrets#encrypted-secrets)). If the check passes,
-# then the script ensures the DigitalOcean CLI is installed (i.e. `doctl`). Then, it uses `doctl` to connect to the Kubernetes
-# cluster defined by the the configuration stored under `.user.digitalOceanClusterId` in `home/.chezmoi.yaml.tmpl`.
+# This script configures Kasm Workspaces.
{{ includeTemplate "universal/profile" }}
-{{ includeTemplate "universal/logg" }}
\ No newline at end of file
+{{ includeTemplate "universal/logg" }}
+
+logg info 'Coming soon..'
+
+{{ end -}}
diff --git a/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_ID b/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_ID
index 818c403d..a51703c5 100644
--- a/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_ID
+++ b/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_ID
@@ -1,7 +1,7 @@
-----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzV0lySnFOemZKdGo4ZEdB
-a1lRMVJJZWorU1RaL2M4M25pSTl4UHlKUFYwClhJOU54bkNmTXcvcFZWVVVCTDhv
-T0ZJSHVwcUhKZVVDVmdrSGZ6K0dwV3MKLS0tIFRTQ3BEeFFjL1BCVWMxS1RIR28y
-WEhlblBmUWJYeDhIS1FJYXY1OEVQdmcKSAKdvbqBpY3s4oYUuiTDBT5K4Fpeo3bi
-LsjWK64f48oGfxoNmsdXXVbu82jO8TmecwNgUOoLC1UQxy/xkymMPosOse8nIwhx
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtNW9LMUlpNHBuTXVUSXRJ
+SElJMjUzUXltQnk4NFUyNmh0TEFLbXJTVlE0CmJUZVZZMEFlQnJyK1QwRVV4ZzAw
+bHUrN29kM0ljT29mYUpRbjFXZFVZU1UKLS0tIHQrc0I1RTd1YWRwUWRENE1UK2xG
+VnlmYTRsVFNtVjdoWXlIcU13TUYrL2sK07hkfMJXIZmhF3kXvz9dpqbYEoG6CLWX
+CVbVXowWXWl69hY2BD3XI9AnwR9KwsczJfXZRtgPs7SCWN001B2XuX8LHhbegug=
-----END AGE ENCRYPTED FILE-----
\ No newline at end of file
diff --git a/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET b/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET
index ff6f2157..fb14d5d0 100644
--- a/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET
+++ b/home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET
@@ -1,8 +1,8 @@
-----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwbnREOXUxazRlWDZtM0lm
-ZVc2UnlPVFlGM1N6czFnTDYzWmQ4YldqTmhrCnI3U2FLUytDamZDZ0dTT0V2M3ds
-VGNFbTVLRDZteTErMFpaUlpqakp4T1UKLS0tIGErNkowbFBkWldjNHdhNnVjdGM4
-REhXUW5Md21JSkhSMWxVN08rZFNGYjQKDuim4gInqRt4jagEQjo6+rtQ0Esrtkg5
-nVo8R3P0gCd7r8BbYxmVy+ez9bVVetJcyr7m0rpderOVb9fy/AGRQT0ccD8KQ76N
-ytpGa+AsMH/T8ExjRTgxKF1I2RF9yG29ig==
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArWXJOQVZta1RhYWVRWlp3
+YTNNeUg3RU5vRlVJZi8wTEpoSG03aFQvMmwwCkUrUnBHYzA5VU54ZUlrSkNXaWRp
+WFpFTHp1ZzVwZmo3QUpMSGkzK2V6UjQKLS0tIHdEcUo2SU56d3piaWIwbnFEdWRR
+UDZvYTlzekttNmgvZUlKN3BJU2tJNUEKUUCIH5OsECccty2SFEiwRS1WAMBOQdPE
+5eDXyPE06oWt7c2CM/omAjdER9QrsbAHUiN0oNpm5FB60pcexb60a6OV+eyoEhYC
+/NKQQw5PYCf58NpEiSDahscSgY/n+YNN
-----END AGE ENCRYPTED FILE-----
\ No newline at end of file
diff --git a/home/Library/Managed Preferences/private_com.cloudflare.warp.plist.tmpl b/home/Library/Managed Preferences/private_com.cloudflare.warp.plist.tmpl
index 169909c0..0f8ecd58 100644
--- a/home/Library/Managed Preferences/private_com.cloudflare.warp.plist.tmpl
+++ b/home/Library/Managed Preferences/private_com.cloudflare.warp.plist.tmpl
@@ -6,8 +6,6 @@
onboarding
- auto_connect
- 60
organization
manhattan
service_mode
diff --git a/home/dot_bashrc b/home/dot_bashrc
index 888d65f6..0b9ace58 100644
--- a/home/dot_bashrc
+++ b/home/dot_bashrc
@@ -49,7 +49,7 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
### Styled Terminal
export BASH_IT="$HOME/.local/bash_it"
export BASH_IT_THEME="powerline"
- if [ -f "$BASH_IT/bash_it.sh" ]; then
+ if command -v powerline-daemon > /dev/null && [ -f "$BASH_IT/bash_it.sh" ]; then
. "$BASH_IT/bash_it.sh"
elif command -v oh-my-posh > /dev/null; then
# Oh My Posh (See: https://ohmyposh.dev/)
@@ -142,6 +142,6 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
### zoxide
if command -v zoxide > /dev/null; then
- eval "$(zoxide init --cmd cd bash)" > /dev/null
+ eval "$(zoxide init bash)"
fi
fi
diff --git a/home/dot_tool-versions.tmpl b/home/dot_tool-versions.tmpl
index 1322e126..014aeac1 100644
--- a/home/dot_tool-versions.tmpl
+++ b/home/dot_tool-versions.tmpl
@@ -1,5 +1,5 @@
golang system
-java system
+java openjdk-17
deno system
nodejs system
php system
diff --git a/home/dot_zshrc b/home/dot_zshrc
index e0f2953c..cf2cc593 100644
--- a/home/dot_zshrc
+++ b/home/dot_zshrc
@@ -391,9 +391,6 @@ zstyle ':autocomplete:history-incremental-search-*:*' list-lines 14
if command -v fzf > /dev/null; then
zstyle ':autocomplete:*' fzf-completion yes
fi
-if command -v zoxide > /dev/null; then
- zstyle ':autocomplete:recent-dirs' backend zoxide
-fi
### Atuin
if command -v atuin > /dev/null; then
@@ -430,9 +427,9 @@ if [ -f "$HOME/.local/scripts/iterm2.zsh" ]; then
fi
### Java (asdf)
-# if [ -f "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh" ]; then
-# . "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh"
-# fi
+if [ -f "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh" ]; then
+ . "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh"
+fi
### Navi (Ctrl+G)
if command -v navi > /dev/null; then
@@ -464,5 +461,7 @@ fi
### zoxide
if command -v zoxide > /dev/null; then
- eval "$(zoxide init --cmd cd zsh)" > /dev/null
+ zstyle ':autocomplete:recent-dirs' backend zoxide
+ # eval "$(zoxide init --cmd cd zsh)" > /dev/null
+ eval "$(zoxide init zsh)"
fi
diff --git a/software.yml b/software.yml
index d2476955..d902b649 100644
--- a/software.yml
+++ b/software.yml
@@ -3567,8 +3567,6 @@ softwarePackages:
pacman: gitlab-runner
port: gitlab-runner
scoop: gitlab-runner
- _service: gitlab-runner
- _type: cli
gitleaks:
_bin: gitleaks
_desc: Extension to scan git repos (or files) for secrets using regex and entropy