punkfairie/install.fairie
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added sudo privilege method

Browse source
This commit is contained in:
Brian Zalewski 2023-12-07 06:15:21 +00:00
parent fa4715685c
commit d583e35548
3 changed files with 24 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
home/.chezmoitemplates/secrets/SUDO_PASSWORD Normal file
View file

@ -0,0 +1,7 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSb0E2Uk9aM1NBMCtudnlZ
RHFwdVI2dnBNRUh3Z1F5cGM0R0IxTnFETVNvCjk0SGdnc21Tbmx2QTR6RXF0YlJh
NG1KK3QvZXB6eVhQd3V4QUVMeFFmY2MKLS0tIFFjZUhZQkRGZVJ4c0M5NFhSMnRj
dkNhcVlZdGFRcDJBSWV6Zi9RVHB2SGMKIzCPPxDbv35XyV8Fm9apFH1jjP0bwIZd
crVar6VmIo4s5TcKjavUjptEWNHcg2b0EqewLw==
-----END AGE ENCRYPTED FILE-----

25
scripts/provision.sh
View file

@ -302,13 +302,13 @@ handleRequiredReboot() {
} }
# @description Load default settings if it is in a CI setting # @description Load default settings if it is in a CI setting
setCIEnvironmentVariables() { setCIEnvironmentVariables() {
if [ -n "$CI" ]; then if [ -n "$CI" ] || [ -n "$TEST_INSTALL" ]; then
logg info "Automatically setting environment variables since the CI environment variable is defined" logg info "Automatically setting environment variables since the CI environment variable is defined"
logg info "Setting NO_RESTART to true" && export NO_RESTART=true logg info "Setting NO_RESTART to true" && export NO_RESTART=true
logg info "Setting HEADLESS_INSTALL to true " && export HEADLESS_INSTALL=true logg info "Setting HEADLESS_INSTALL to true " && export HEADLESS_INSTALL=true
logg info "Setting SOFTWARE_GROUP to Full-Desktop" && export SOFTWARE_GROUP="Full-Desktop" logg info "Setting SOFTWARE_GROUP to Full-Desktop" && export SOFTWARE_GROUP="Full-Desktop"
logg info "Setting FULL_NAME to Brian Zalewski" && export FULL_NAME="Brian Zalewski" logg info "Setting FULL_NAME to Brian Zalewski" && export FULL_NAME="Brian Zalewski"
logg info "Setting PRIMARY_EMAIL to help@megabyte.space" && export PRIMARY_EMAIL="help@megabyte.space" logg info "Setting PRIMARY_EMAIL to brian@megabyte.space" && export PRIMARY_EMAIL="brian@megabyte.space"
logg info "Setting PUBLIC_SERVICES_DOMAIN to lab.megabyte.space" && export PUBLIC_SERVICES_DOMAIN="lab.megabyte.space" logg info "Setting PUBLIC_SERVICES_DOMAIN to lab.megabyte.space" && export PUBLIC_SERVICES_DOMAIN="lab.megabyte.space"
logg info "Setting RESTRICTED_ENVIRONMENT to false" && export RESTRICTED_ENVIRONMENT=false logg info "Setting RESTRICTED_ENVIRONMENT to false" && export RESTRICTED_ENVIRONMENT=false
logg info "Setting WORK_ENVIRONMENT to false" && export WORK_ENVIRONMENT=false logg info "Setting WORK_ENVIRONMENT to false" && export WORK_ENVIRONMENT=false
@ -330,13 +330,15 @@ ensureWarpDisconnected() {
setupPasswordlessSudo() { setupPasswordlessSudo() {
sudo -n true || SUDO_EXIT_CODE=$? sudo -n true || SUDO_EXIT_CODE=$?
logg info 'Your user will temporarily be granted passwordless sudo for the duration of the script' logg info 'Your user will temporarily be granted passwordless sudo for the duration of the script'
if [ -n "$SUDO_EXIT_CODE" ]; then if [ -n "$SUDO_EXIT_CODE" ] && [ -z "$SUDO_PASSWORD" ] && command -v chezmoi > /dev/null && [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/.chezmoitemplates/secrets/SUDO_PASSWORD" ]; then
logg info 'Press CTRL+C to bypass this prompt to either enter your password when needed or perform a non-privileged installation' SUDO_PASSWORD="$(chezmoi decrypt "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/.chezmoitemplates/secrets/SUDO_PASSWORD")"
logg info 'Note: Non-privileged installations are not yet supported' export SUDO_PASSWORD
fi fi
if [ -n "$SUDO_PASSWORD" ]; then if [ -n "$SUDO_PASSWORD" ]; then
printf '%s\n' "$SUDO_PASSWORD" | sudo -p "" -S echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null printf '%s\n' "$SUDO_PASSWORD" | sudo -p "" -S echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null
else else
logg info 'Press CTRL+C to bypass this prompt to either enter your password when needed or perform a non-privileged installation'
logg info 'Note: Non-privileged installations are not yet supported'
echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null
fi fi
} }
@ -455,17 +457,12 @@ installBrewPackage() {
# @description Installs various dependencies using Homebrew. # @description Installs various dependencies using Homebrew.
# #
# 1. Ensures Chezmoi, Node.js, and ZX are installed. # 1. Ensures Glow, Gum, Chezmoi, Node.js, and ZX are installed.
# 2. Installs Glow and Gum if the `HEADLESS_INSTALL` environment variable is not set. # 2. If the system is macOS, then also install `gsed` and `coreutils`.
# 3. If the system is macOS, then also install `gsed` and `coreutils`.
ensureHomebrewDeps() { ensureHomebrewDeps() {
### TUI experience
if [ -z "$HEADLESS_INSTALL" ]; then
installBrewPackage "gum"
installBrewPackage "glow"
fi
### Base dependencies ### Base dependencies
installBrewPackage "glow"
installBrewPackage "gum"
installBrewPackage "chezmoi" installBrewPackage "chezmoi"
installBrewPackage "node" installBrewPackage "node"
installBrewPackage "zx" installBrewPackage "zx"

10
scripts/src/provision.sh.tmpl
View file

@ -82,7 +82,7 @@ setEnvironmentVariables() {
{{ include "partials" "reboot" }} {{ include "partials" "reboot" }}
# @description Load default settings if it is in a CI setting # @description Load default settings if it is in a CI setting
setCIEnvironmentVariables() { setCIEnvironmentVariables() {
if [ -n "$CI" ]; then if [ -n "$CI" ] || [ -n "$TEST_INSTALL" ]; then
logg info "Automatically setting environment variables since the CI environment variable is defined" logg info "Automatically setting environment variables since the CI environment variable is defined"
logg info "Setting NO_RESTART to true" && export NO_RESTART=true logg info "Setting NO_RESTART to true" && export NO_RESTART=true
logg info "Setting HEADLESS_INSTALL to true " && export HEADLESS_INSTALL=true logg info "Setting HEADLESS_INSTALL to true " && export HEADLESS_INSTALL=true
@ -110,13 +110,15 @@ ensureWarpDisconnected() {
setupPasswordlessSudo() { setupPasswordlessSudo() {
sudo -n true || SUDO_EXIT_CODE=$? sudo -n true || SUDO_EXIT_CODE=$?
logg info 'Your user will temporarily be granted passwordless sudo for the duration of the script' logg info 'Your user will temporarily be granted passwordless sudo for the duration of the script'
if [ -n "$SUDO_EXIT_CODE" ]; then if [ -n "$SUDO_EXIT_CODE" ] && [ -z "$SUDO_PASSWORD" ] && command -v chezmoi > /dev/null && [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/.chezmoitemplates/secrets/SUDO_PASSWORD" ]; then
logg info 'Press CTRL+C to bypass this prompt to either enter your password when needed or perform a non-privileged installation' SUDO_PASSWORD="$(chezmoi decrypt "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/.chezmoitemplates/secrets/SUDO_PASSWORD")"
logg info 'Note: Non-privileged installations are not yet supported' export SUDO_PASSWORD
fi fi
if [ -n "$SUDO_PASSWORD" ]; then if [ -n "$SUDO_PASSWORD" ]; then
printf '%s\n' "$SUDO_PASSWORD" | sudo -p "" -S echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null printf '%s\n' "$SUDO_PASSWORD" | sudo -p "" -S echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null
else else
logg info 'Press CTRL+C to bypass this prompt to either enter your password when needed or perform a non-privileged installation'
logg info 'Note: Non-privileged installations are not yet supported'
echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers > /dev/null
fi fi
} }