Latest
This commit is contained in:
parent
c48ed73348
commit
d5655ae7b1
14 changed files with 41 additions and 39 deletions
|
@ -180,7 +180,7 @@ data:
|
|||
r2: "{{ $cloudflareR2AccountId }}"
|
||||
username: "{{ $cloudflareUsername }}"
|
||||
defaultBrowser: chrome
|
||||
defaultBrowserDarwin: browserosaurus
|
||||
defaultBrowserDarwin: chrome
|
||||
digitalOceanClusterId: b7fc4e37-ffe7-4ea1-887a-0e19ee077f32
|
||||
# `domain` is kept here for backwards compatibility, but the .host.domain is the preferred selector
|
||||
domain: "{{ $domain }}"
|
||||
|
|
|
@ -94,13 +94,13 @@ if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; th
|
|||
else
|
||||
logg warn 'Session is SSH so adding Cloudflare encryption key to trusted certificates via the security program is being bypassed since it requires Touch ID / Password verification.'
|
||||
fi
|
||||
if [ -d /usr/local/etc/openssl@3/certs ]; then
|
||||
if [ -d "/usr/local/etc/openssl@3/certs" ]; then
|
||||
# Location on Intel macOS
|
||||
logg info 'Adding Cloudflare certificate to `/usr/local/etc/openssl@3/certs/Cloudflare_CA.pem`'
|
||||
echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /usr/local/etc/openssl@3/certs/Cloudflare_CA.pem
|
||||
logg info 'Running `/usr/local/opt/openssl@3/bin/c_rehash`'
|
||||
/usr/local/opt/openssl@3/bin/c_rehash
|
||||
elif [ -d /opt/homebrew/etc/openssl@3/certs ]; then
|
||||
elif [ -d "/opt/homebrew/etc/openssl@3/certs" ]; then
|
||||
# Location on arm64 macOS
|
||||
logg info 'Adding Cloudflare certificate to `/opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem`'
|
||||
echo | sudo cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> /opt/homebrew/etc/openssl@3/certs/Cloudflare_CA.pem
|
||||
|
@ -129,7 +129,7 @@ if command -v warp-cli > /dev/null; then
|
|||
logg info 'Registering CloudFlare WARP'
|
||||
warp-cli --accept-tos register
|
||||
else
|
||||
logg info 'Already registered with CloudFlare WARP'
|
||||
logg info 'Either there is a misconfiguration or the device is already registered with CloudFlare WARP'
|
||||
fi
|
||||
|
||||
### Connect CloudFlare WARP
|
||||
|
@ -137,7 +137,7 @@ if command -v warp-cli > /dev/null; then
|
|||
logg info 'Connecting to CloudFlare WARP'
|
||||
warp-cli --accept-tos connect
|
||||
else
|
||||
logg info 'Already connected to CloudFlare WARP'
|
||||
logg info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP'
|
||||
fi
|
||||
else
|
||||
logg warn '`warp-cli` was not installed so CloudFlare Zero Trust cannot be joined'
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{{- if (ne .host.distro.family "windows") }}
|
||||
{{- if (ne .host.distro.family "windows") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file ASDF Plugins / Install
|
||||
# @brief Configures ASDF plugins and ensures they are pre-installed.
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{{- if (ne .host.distro.family "windows") }}
|
||||
{{- if (ne .host.distro.family "windows") -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file VNC Setup
|
||||
# @brief Ensures VNC is set-up if system packages are available.
|
||||
|
|
|
@ -17,4 +17,6 @@ if [ ! -d "$SDKMAN_DIR" ]; then
|
|||
bash -c 'sdk install java'
|
||||
else
|
||||
logg info 'SDKMan appears to already be installed.'
|
||||
logg info 'Running `sdk update`'
|
||||
sdk update
|
||||
fi
|
||||
|
|
|
@ -17,6 +17,10 @@
|
|||
if command -v netdata-claim.sh > /dev/null; then
|
||||
NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}"
|
||||
NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}"
|
||||
# Add user / group with script in ~/.local/bin/add-user, if it is available
|
||||
if command -v add-user > /dev/null; then
|
||||
sudo add-user netdata
|
||||
fi
|
||||
# netdata-claim.sh must be run as netdata user
|
||||
sudo -H -u netdata bash -c 'netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"'
|
||||
|
||||
|
|
|
@ -1,12 +1,13 @@
|
|||
{{- if (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "DIGITALOCEAN_ACCESS_TOKEN")) (env "DIGITALOCEAN_ACCESS_TOKEN")) -}}
|
||||
{{- if false -}}
|
||||
#!/usr/bin/env bash
|
||||
# @file Kasm Workspaces
|
||||
# @brief Connects to DigitalOcean Kubernetes cluster
|
||||
# @brief Sets up cloud desktop server via Kasm Workspaces
|
||||
# @description
|
||||
# This script runs when `DIGITALOCEAN_ACCESS_TOKEN` is defined as an environment variable or as an encrypted key (see
|
||||
# [Secrets documentation](https://install.doctor/docs/customization/secrets#encrypted-secrets)). If the check passes,
|
||||
# then the script ensures the DigitalOcean CLI is installed (i.e. `doctl`). Then, it uses `doctl` to connect to the Kubernetes
|
||||
# cluster defined by the the configuration stored under `.user.digitalOceanClusterId` in `home/.chezmoi.yaml.tmpl`.
|
||||
# This script configures Kasm Workspaces.
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
||||
logg info 'Coming soon..'
|
||||
|
||||
{{ end -}}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzV0lySnFOemZKdGo4ZEdB
|
||||
a1lRMVJJZWorU1RaL2M4M25pSTl4UHlKUFYwClhJOU54bkNmTXcvcFZWVVVCTDhv
|
||||
T0ZJSHVwcUhKZVVDVmdrSGZ6K0dwV3MKLS0tIFRTQ3BEeFFjL1BCVWMxS1RIR28y
|
||||
WEhlblBmUWJYeDhIS1FJYXY1OEVQdmcKSAKdvbqBpY3s4oYUuiTDBT5K4Fpeo3bi
|
||||
LsjWK64f48oGfxoNmsdXXVbu82jO8TmecwNgUOoLC1UQxy/xkymMPosOse8nIwhx
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtNW9LMUlpNHBuTXVUSXRJ
|
||||
SElJMjUzUXltQnk4NFUyNmh0TEFLbXJTVlE0CmJUZVZZMEFlQnJyK1QwRVV4ZzAw
|
||||
bHUrN29kM0ljT29mYUpRbjFXZFVZU1UKLS0tIHQrc0I1RTd1YWRwUWRENE1UK2xG
|
||||
VnlmYTRsVFNtVjdoWXlIcU13TUYrL2sK07hkfMJXIZmhF3kXvz9dpqbYEoG6CLWX
|
||||
CVbVXowWXWl69hY2BD3XI9AnwR9KwsczJfXZRtgPs7SCWN001B2XuX8LHhbegug=
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -1,8 +1,8 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwbnREOXUxazRlWDZtM0lm
|
||||
ZVc2UnlPVFlGM1N6czFnTDYzWmQ4YldqTmhrCnI3U2FLUytDamZDZ0dTT0V2M3ds
|
||||
VGNFbTVLRDZteTErMFpaUlpqakp4T1UKLS0tIGErNkowbFBkWldjNHdhNnVjdGM4
|
||||
REhXUW5Md21JSkhSMWxVN08rZFNGYjQKDuim4gInqRt4jagEQjo6+rtQ0Esrtkg5
|
||||
nVo8R3P0gCd7r8BbYxmVy+ez9bVVetJcyr7m0rpderOVb9fy/AGRQT0ccD8KQ76N
|
||||
ytpGa+AsMH/T8ExjRTgxKF1I2RF9yG29ig==
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArWXJOQVZta1RhYWVRWlp3
|
||||
YTNNeUg3RU5vRlVJZi8wTEpoSG03aFQvMmwwCkUrUnBHYzA5VU54ZUlrSkNXaWRp
|
||||
WFpFTHp1ZzVwZmo3QUpMSGkzK2V6UjQKLS0tIHdEcUo2SU56d3piaWIwbnFEdWRR
|
||||
UDZvYTlzekttNmgvZUlKN3BJU2tJNUEKUUCIH5OsECccty2SFEiwRS1WAMBOQdPE
|
||||
5eDXyPE06oWt7c2CM/omAjdER9QrsbAHUiN0oNpm5FB60pcexb60a6OV+eyoEhYC
|
||||
/NKQQw5PYCf58NpEiSDahscSgY/n+YNN
|
||||
-----END AGE ENCRYPTED FILE-----
|
|
@ -6,8 +6,6 @@
|
|||
<true />
|
||||
<key>onboarding</key>
|
||||
<false />
|
||||
<key>auto_connect</key>
|
||||
<interger>60</interger>
|
||||
<key>organization</key>
|
||||
<string>manhattan</string>
|
||||
<key>service_mode</key>
|
||||
|
|
|
@ -49,7 +49,7 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
|
|||
### Styled Terminal
|
||||
export BASH_IT="$HOME/.local/bash_it"
|
||||
export BASH_IT_THEME="powerline"
|
||||
if [ -f "$BASH_IT/bash_it.sh" ]; then
|
||||
if command -v powerline-daemon > /dev/null && [ -f "$BASH_IT/bash_it.sh" ]; then
|
||||
. "$BASH_IT/bash_it.sh"
|
||||
elif command -v oh-my-posh > /dev/null; then
|
||||
# Oh My Posh (See: https://ohmyposh.dev/)
|
||||
|
@ -142,6 +142,6 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
|
|||
|
||||
### zoxide
|
||||
if command -v zoxide > /dev/null; then
|
||||
eval "$(zoxide init --cmd cd bash)" > /dev/null
|
||||
eval "$(zoxide init bash)"
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
golang system
|
||||
java system
|
||||
java openjdk-17
|
||||
deno system
|
||||
nodejs system
|
||||
php system
|
||||
|
|
|
@ -391,9 +391,6 @@ zstyle ':autocomplete:history-incremental-search-*:*' list-lines 14
|
|||
if command -v fzf > /dev/null; then
|
||||
zstyle ':autocomplete:*' fzf-completion yes
|
||||
fi
|
||||
if command -v zoxide > /dev/null; then
|
||||
zstyle ':autocomplete:recent-dirs' backend zoxide
|
||||
fi
|
||||
|
||||
### Atuin
|
||||
if command -v atuin > /dev/null; then
|
||||
|
@ -430,9 +427,9 @@ if [ -f "$HOME/.local/scripts/iterm2.zsh" ]; then
|
|||
fi
|
||||
|
||||
### Java (asdf)
|
||||
# if [ -f "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh" ]; then
|
||||
# . "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh"
|
||||
# fi
|
||||
if [ -f "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh" ]; then
|
||||
. "$ASDF_DATA_DIR/plugins/java/set-java-home.zsh"
|
||||
fi
|
||||
|
||||
### Navi (Ctrl+G)
|
||||
if command -v navi > /dev/null; then
|
||||
|
@ -464,5 +461,7 @@ fi
|
|||
|
||||
### zoxide
|
||||
if command -v zoxide > /dev/null; then
|
||||
eval "$(zoxide init --cmd cd zsh)" > /dev/null
|
||||
zstyle ':autocomplete:recent-dirs' backend zoxide
|
||||
# eval "$(zoxide init --cmd cd zsh)" > /dev/null
|
||||
eval "$(zoxide init zsh)"
|
||||
fi
|
||||
|
|
|
@ -3567,8 +3567,6 @@ softwarePackages:
|
|||
pacman: gitlab-runner
|
||||
port: gitlab-runner
|
||||
scoop: gitlab-runner
|
||||
_service: gitlab-runner
|
||||
_type: cli
|
||||
gitleaks:
|
||||
_bin: gitleaks
|
||||
_desc: Extension to scan git repos (or files) for secrets using regex and entropy
|
||||
|
|
Loading…
Reference in a new issue