Update 16 files
- /home/dot_config/rclone/merge_rclone.conf - /home/dot_config/rclone/s3-public.service.tmpl - /home/dot_config/rclone/s3-private.service.tmpl - /home/dot_config/rclone/s3-docker.service.tmpl - /home/dot_config/gcp/gcp.json.TODO - /home/dot_config/docker/plugins.json - /home/.chezmoitemplates/secrets/key-cloudflare-r2-secret - /home/.chezmoitemplates/secrets/key-cloudflare-r2-id - /home/dot_local/bin/executable_rclone-mount - /home/dot_local/bin/executable_install-program - /home/.chezmoidata.yaml - /home/.chezmoiscripts/_universal/run_onchange_before_11-install-docker.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_07-docker-plugins.tmpl - /home/.chezmoi.yaml.tmpl - /docs/TODO.md - /software.yml
This commit is contained in:
parent
e43ff06510
commit
d8769e8ad1
16 changed files with 212 additions and 98 deletions
14
docs/TODO.md
14
docs/TODO.md
|
@ -5,6 +5,20 @@ https://github.com/DustinBrett/daedalOS
|
|||
https://github.com/ansh/jiffyreader.com
|
||||
https://github.com/allinurl/goaccess
|
||||
https://github.com/cloudflare/boringtun
|
||||
CLOUDSDK_CORE_PROJECT: "megabyte-labs"
|
||||
GCE_CREDENTIALS_FILE: "{{ joinPath .chezmoi.homeDir ".config" "gcp.json" }}"
|
||||
GCE_SERVICE_ACCOUNT_EMAIL: "molecule@megabyte-labs.iam.gserviceaccount.com"
|
||||
|
||||
GITLAB_READ_TOKEN
|
||||
GITHUB_READ_TOKEN
|
||||
GITHUB_GIST_TOKEN
|
||||
CLOUDFLARE_API_TOKEN
|
||||
GMAIL_APP_PASSWORD
|
||||
NGROK_AUTH_TOKEN
|
||||
SLACK_API_TOKEN
|
||||
TAILSCALE_AUTH_KEY
|
||||
LEXICON_CLOUDFLARE_USERNAME
|
||||
LEXICON_CLOUDFLARE_TOKEN
|
||||
### Ensure these PATHs are added on Windows
|
||||
add to PATH:
|
||||
'%ProgramFiles(x86)%\mitmproxy\bin'
|
||||
|
|
|
@ -1,28 +1,18 @@
|
|||
{{- $name := (default "Brian Zalewski" (env "FULL_NAME")) -}}
|
||||
{{- $email := (default "brian@megabyte.space" (env "PRIMARY_EMAIL")) -}}
|
||||
{{- $restricted := (default false (env "WORK_ENVIRONMENT")) -}}
|
||||
{{- $work := (default false (env "WORK_ENVIRONMENT")) -}}
|
||||
{{- $gpgKeyId := (default "0xF0A300E4199A1C33" (env "KEYID")) -}}
|
||||
{{- $gmailAddress := (default "blzalewski@gmail.com" (env "GMAIL_ADDRESS")) -}}
|
||||
{{- $gmailAddressAppPassword := (default "" (env "GMAIL_APP_PASSWORD")) -}}
|
||||
{{- $surgeshUsername := (default "brian@megabyte.space" (env "SURGESH_USERNAME")) -}}
|
||||
{{- $domain := (default "megabyte.space" (env "PUBLIC_SERVICES_DOMAIN")) -}}
|
||||
{{- $cloudflareUsername := (default "brian@megabyte.space" (env "CLOUDFLARE_USERNAME")) -}}
|
||||
{{- $cloudflareToken := (default "" (env "CLOUDFLARE_API_TOKEN")) -}}
|
||||
{{- $cloudflareAccessKeyId := "" -}}
|
||||
{{- $cloudflareSecretAccessKey := "" -}}
|
||||
{{- $cloudflareR2AccountId := "" -}}
|
||||
{{- $desktopSession := true -}}
|
||||
{{- $domain := (default "megabyte.space" (env "PUBLIC_SERVICES_DOMAIN")) -}}
|
||||
{{- $email := (default "brian@megabyte.space" (env "PRIMARY_EMAIL")) -}}
|
||||
{{- $githubUsername := (default "ProfessorManhattan" (env "GITHUB_USERNAME")) -}}
|
||||
{{- $githubGistToken := (default "" (env "GITHUB_GIST_TOKEN")) -}}
|
||||
{{- $githubReadToken := (env "GITHUB_READ_TOKEN") -}}
|
||||
{{- $gitlabReadToken := (env "GITLAB_READ_TOKEN") -}}
|
||||
{{- $gmailAddress := (default "blzalewski@gmail.com" (env "GMAIL_ADDRESS")) -}}
|
||||
{{- $gpgKeyId := (default "0xF0A300E4199A1C33" (env "KEYID")) -}}
|
||||
{{- $hostname := (default "alpha" (env "HOSTNAME")) -}}
|
||||
{{- $locale := (output "echo" "$LANG") }}
|
||||
{{- $ngrokAuthToken := (default "" (env "NGROK_AUTH_TOKEN")) -}}
|
||||
{{- $slackApiToken := (default "" (env "SLACK_API_TOKEN")) -}}
|
||||
{{- $tailscaleAuthKey := (default "" (env "TAILSCALE_AUTH_KEY")) -}}
|
||||
{{- $name := (default "Brian Zalewski" (env "FULL_NAME")) -}}
|
||||
{{- $restricted := (default false (env "WORK_ENVIRONMENT")) -}}
|
||||
{{- $surgeshUsername := (default "brian@megabyte.space" (env "SURGESH_USERNAME")) -}}
|
||||
{{- $timezone := (default "America/New_York" (env "TIMEZONE")) -}}
|
||||
{{- $toolchains := list "CLI-Extras" "Docker" "Go" "Kubernetes" "Web-Development" -}}
|
||||
{{- $desktopSession := true -}}
|
||||
{{- $work := (default false (env "WORK_ENVIRONMENT")) -}}
|
||||
{{- if and (ne .chezmoi.os "darwin") (ne .chezmoi.os "windows") (not (env "DISPLAY")) -}}
|
||||
{{- $desktopSession = false -}}
|
||||
{{- end -}}
|
||||
|
@ -112,6 +102,9 @@
|
|||
{{- if not (env "PUBLIC_SERVICES_DOMAIN") -}}
|
||||
{{- $domain = promptStringOnce $data.user "domain" "Domain name" $domain -}}
|
||||
{{- end -}}
|
||||
{{- if not (env "HOSTNAME") -}}
|
||||
{{- $hostname = promptStringOnce $data.host "hostname" "Hostname ID" $hostname -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- else -}}
|
||||
{{- $headless = true -}}
|
||||
|
@ -137,6 +130,12 @@ data:
|
|||
dns:
|
||||
primary: 10.0.0.1#dns.megabyte.space
|
||||
secondary: 1.1.1.1#cloudflare-dns.com
|
||||
docker:
|
||||
doRegion: nyc1
|
||||
headless: {{ $headless }}
|
||||
home: "{{ .chezmoi.homeDir }}"
|
||||
homeParentFolder: "{{ if eq .chezmoi.os "linux" }}/home{{ else if eq .chezmoi.os "darwin" }}/Users{{ else }}C:\Users{{ end }}"
|
||||
hostname: "{{ $hostname }}"
|
||||
ssh:
|
||||
allowTCPForwarding: no
|
||||
allowUsers: {{ output "echo" "$USER" }}
|
||||
|
@ -146,59 +145,42 @@ data:
|
|||
excludedSubnets:
|
||||
- 10.0.0.0/24
|
||||
- 10.14.50.0/24
|
||||
home: "{{ .chezmoi.homeDir }}"
|
||||
homeParentFolder: "{{ if eq .chezmoi.os "linux" }}/home{{ else if eq .chezmoi.os "darwin" }}/Users{{ else }}C:\Users{{ end }}"
|
||||
hostname: "Betelgeuse"
|
||||
qubes: {{ ne (stat (joinPath "usr" "bin" "qubes-session")) false }}
|
||||
restricted: {{ $restricted }}
|
||||
softwareGroup: "{{ $softwareGroup }}"
|
||||
type: "{{ $chassisType }}"
|
||||
work: {{ $work }}
|
||||
restricted: {{ $restricted }}
|
||||
headless: {{ $headless }}
|
||||
toolchains:
|
||||
{{- range $toolchain, $enabled := $toolchainsEnabled }}
|
||||
{{ $toolchain}}: {{ $enabled }}
|
||||
{{- end }}
|
||||
user:
|
||||
email: "{{ $email }}"
|
||||
name: "{{ $name }}"
|
||||
username: "{{ output "echo" "$USER" }}"
|
||||
cloudflare:
|
||||
r2: "{{ $cloudflareR2AccountId }}"
|
||||
username: "{{ $cloudflareUsername }}"
|
||||
defaultBrowser: firefox
|
||||
domain: "{{ $domain }}"
|
||||
email: "{{ $email }}"
|
||||
github:
|
||||
username: "{{ $githubUsername }}"
|
||||
gmail:
|
||||
username: "{{ $gmailAddress }}"
|
||||
gpg:
|
||||
id: "{{ $gpgKeyId }}"
|
||||
gmail:
|
||||
email: "{{ $gmailAddress }}"
|
||||
password: "{{ $gmailAddressAppPassword }}"
|
||||
surgeshUsername: "{{ $surgeshUsername }}"
|
||||
githubUsername: "{{ $githubUsername }}"
|
||||
locale: "{{ $locale }}"
|
||||
timezone: "{{ $timezone }}"
|
||||
holdSudoPrivileges: true
|
||||
CLOUDFLARE_USERNAME: "{{ $cloudflareUsername }}"
|
||||
CLOUDFLARE_ACCESS_KEY_ID: "{{ $cloudflareAccessKeyId }}"
|
||||
CLOUDFLARE_SECRET_ACCESS_KEY: "{{ $cloudflareSecretAccessKey }}"
|
||||
CLOUDFLARE_R2_ACCOUNT_ID: "{{ $cloudflareR2AccountId }}"
|
||||
CLOUDSDK_CORE_PROJECT: "megabyte-labs"
|
||||
GCE_CREDENTIALS_FILE: "{{ joinPath .chezmoi.homeDir ".config" "gcp.json" }}"
|
||||
GCE_SERVICE_ACCOUNT_EMAIL: "molecule@megabyte-labs.iam.gserviceaccount.com"
|
||||
GITHUB_GIST_TOKEN: "{{ $githubGistToken }}"
|
||||
GITHUB_READ_TOKEN: "{{ $githubReadToken }}"
|
||||
GITLAB_READ_TOKEN: "{{ $gitlabReadToken }}"
|
||||
NGROK_AUTH_TOKEN: "{{ $ngrokAuthToken }}"
|
||||
SLACK_API_TOKEN: "{{ $slackApiToken }}"
|
||||
SNAPCRAFT_EMAIL: "{{ $email }}"
|
||||
TAILSCALE_AUTH_KEY: "{{ $tailscaleAuthKey }}"
|
||||
TINYPNG_API_KEY: "g355tx7dxG5yJfl0RXJnpQlQqk88dJBv"
|
||||
locale: "{{ $locale }}"
|
||||
name: "{{ $name }}"
|
||||
surgesh:
|
||||
username: "{{ $surgeshUsername }}"
|
||||
timezone: "{{ $timezone }}"
|
||||
tinypngKey: "g355tx7dxG5yJfl0RXJnpQlQqk88dJBv"
|
||||
username: "{{ output "echo" "$USER" }}"
|
||||
diff:
|
||||
format: "git"
|
||||
pager: "delta"
|
||||
git:
|
||||
autoCommit: true
|
||||
autoPush: true
|
||||
scriptEnv:
|
||||
LEXICON_CLOUDFLARE_USERNAME: "{{ $cloudflareUsername }}"
|
||||
LEXICON_CLOUDFLARE_TOKEN: "{{ $cloudflareToken }}"
|
||||
textconv:
|
||||
- pattern: "**/*.plist"
|
||||
command: "plutil"
|
||||
|
|
|
@ -19,11 +19,11 @@ colors:
|
|||
color14: '#EB71AD'
|
||||
color15: '#24E5FF'
|
||||
color16: '#FFFFFF'
|
||||
macosRemoteLogin: 'on'
|
||||
themeparkTheme: aquamarine
|
||||
netdataClaimURL: https://app.netdata.cloud
|
||||
config:
|
||||
gpg: https://raw.githubusercontent.com/drduh/config/master/gpg.conf
|
||||
macosRemoteLogin: 'on'
|
||||
netdataClaimURL: https://app.netdata.cloud
|
||||
themeparkTheme: aquamarine
|
||||
chromeExtensions:
|
||||
- https://chrome.google.com/webstore/detail/automa/infppggnoaenmfagbfknfkancpbljcca
|
||||
- https://chrome.google.com/webstore/detail/bitly-powerful-short-link/iabeihobmhlgpkcgjiloemdbofjbdcic
|
||||
|
@ -1007,6 +1007,9 @@ softwareGroups:
|
|||
- termius
|
||||
- ulauncher
|
||||
softwarePlugins:
|
||||
docker:
|
||||
plugins:
|
||||
- sapk/plugin-rclone
|
||||
vim:
|
||||
plugins:
|
||||
- https://github.com/dense-analysis/ale.git
|
||||
|
|
|
@ -114,4 +114,7 @@ if [ ! -d /Applications ] || [ ! -d /System ]; then
|
|||
fi
|
||||
fi
|
||||
|
||||
### Install Docker plugins
|
||||
for PLUGIN in
|
||||
|
||||
{{ end -}}
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
{{- if (eq .host.distro.family "linux") -}}
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Docker plugins.json hash: {{ include (joinPath .chezmoi.homeDir ".config" "docker" "plugins.json") | sha256sum }}
|
||||
|
||||
{{ includeTemplate "universal/profile" }}
|
||||
{{ includeTemplate "universal/logg" }}
|
||||
|
||||
|
@ -30,13 +32,24 @@ fi
|
|||
if [ ! -f "${XDG_CONFIG_HOME:-$HOME/.docker}/cli-plugins/docker-pushrm" ]; then
|
||||
logg info 'Acquiring release information for Docker push-rm'
|
||||
RELEASE_TAG="$(curl -sSL https://api.github.com/repos/christian-korneck/docker-pushrm/releases/latest | jq -r '.tag_name')"
|
||||
mkdir -p "${XDG_CONFIG_HOME:-$HOME/.docker}/cli-plugins"
|
||||
mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins"
|
||||
logg info 'Downloading Docker push-rm'
|
||||
curl https://github.com/christian-korneck/docker-pushrm/releases/download/$RELEASE_TAG/docker-pushrm_darwin_amd64 -o "${XDG_CONFIG_HOME:-$HOME/.docker}/cli-plugins/docker-pushrm"
|
||||
chmod +x "${XDG_CONFIG_HOME:-$HOME/.docker}/cli-plugins/docker-pushrm"
|
||||
curl https://github.com/christian-korneck/docker-pushrm/releases/download/$RELEASE_TAG/docker-pushrm_darwin_amd64 -o "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins/docker-pushrm"
|
||||
chmod +x "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins/docker-pushrm"
|
||||
logg success 'Added Docker push-rm'
|
||||
else
|
||||
logg info 'Docker push-rm already added'
|
||||
fi
|
||||
|
||||
{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-digitalocean-pat")) -}}
|
||||
### Docker DigitalOcean Block Storage
|
||||
docker plugin install --grant-all-permissions rexray/dobs DOBS_TOKEN={{ includeTemplate "secrets/key-digitalocean-pat" | decrypt -}} DOBS_REGION={{ .host.docker.doRegion }} LINUX_VOLUME_FILEMODE=0775
|
||||
{{ end -}}
|
||||
|
||||
### Docker plugins (defined in ~/.config/docker/plugins.json)
|
||||
jq -r '.plugins[]' "${XDG_CONFIG_HOME:-$HOME/.config}/docker/plugins.json" | while read PLUGIN; do
|
||||
logg info 'Installing the `'"$PLUGIN"'` Docker plugin'
|
||||
docker plugin install --grant-all-permissions "$PLUGIN"
|
||||
done
|
||||
|
||||
{{ end -}}
|
||||
|
|
7
home/.chezmoitemplates/secrets/key-cloudflare-r2-id
Normal file
7
home/.chezmoitemplates/secrets/key-cloudflare-r2-id
Normal file
|
@ -0,0 +1,7 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUa0ZtTm9PbE03R1RReDJZ
|
||||
NUdueXVZSk1WY2RxMkpyM1VVL2t2ZlBobGxJCmRyWEtSYVMxU1VCL01hRXk5ODdR
|
||||
MTJPZFVYbEEzeStBT3JLRWdoNUg0Z2MKLS0tIGhHdzExOEU1NmJkNHBFUW5DbXFs
|
||||
S25MNHFGV01GYjkrYm0zVmhrVEFvd2sKQr2yI5Zlx+yEWa4igHFy2z1FpmEw6tux
|
||||
M9i/y2J+Da15jAZgndmc1iWNBVDKVfROon4S60P99djZi/trWcy0jA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
8
home/.chezmoitemplates/secrets/key-cloudflare-r2-secret
Normal file
8
home/.chezmoitemplates/secrets/key-cloudflare-r2-secret
Normal file
|
@ -0,0 +1,8 @@
|
|||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFYnBRTkRVZ2hGTkZ4NUdQ
|
||||
UWZBWmFxQkFXTUhESzhaaFJWMlpQSmh5cldjCjN0c0dScXQ1d0ZoalF1WXN3VG5h
|
||||
WC9wQ0pQSmYyU29nN1YwOUNFSHgyRkEKLS0tIG5lOTRhamhySm5iN1V1d0haWFRo
|
||||
VVZaczNScHd0ZHZRWmd4TFVRQWVaZzAKqbgfmbnHB5QbO0Z1JMgjNawfAD40Hzru
|
||||
kVNSyh/zgIRlwuSzwlENDgrdGXaRjDj7jtchaWe/xPX88Ba5cFe9LC7eXJP1mU2U
|
||||
l+nk1LFKSp24PZskcLzw4rxCsLap82KV
|
||||
-----END AGE ENCRYPTED FILE-----
|
6
home/dot_config/docker/plugins.json
Normal file
6
home/dot_config/docker/plugins.json
Normal file
|
@ -0,0 +1,6 @@
|
|||
{
|
||||
"plugins" [
|
||||
"sapk/plugin-rclone",
|
||||
"vieux/sshfs"
|
||||
]
|
||||
}
|
0
home/dot_config/gcp/gcp.json.TODO
Normal file
0
home/dot_config/gcp/gcp.json.TODO
Normal file
|
@ -1,4 +1,4 @@
|
|||
{{- if and (ne .user.CLOUDFLARE_ACCESS_KEY_ID "") (ne .user.CLOUDFLARE_SECRET_ACCESS_KEY "") (ne .user.CLOUDFLARE_R2_ACCOUNT_ID "") }}
|
||||
{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-id")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-secret")) (ne .user.cloudflare.r2 "") -}}
|
||||
#!/usr/bin/env bash
|
||||
|
||||
CONFIG_FILE="$HOME/.config/rclone/rclone.conf"
|
||||
|
@ -18,27 +18,43 @@ tee -a "$CONFIG_FILE" > /dev/null <<EOT
|
|||
[{{ .user.username}}-s3]
|
||||
type = s3
|
||||
provider = Cloudflare
|
||||
access_key_id = {{ .user.CLOUDFLARE_ACCESS_KEY_ID }}
|
||||
secret_access_key = {{ .user.CLOUDFLARE_SECRET_ACCESS_KEY }}
|
||||
access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
|
||||
secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
|
||||
region = auto
|
||||
endpoint = https://{{ .user.CLOUDFLARE_R2_ACCOUNT_ID }}.r2.cloudflarestorage.com
|
||||
endpoint = https://{{ .user.cloudflare.r2 }}.r2.cloudflarestorage.com/user
|
||||
acl = private
|
||||
[do-private]
|
||||
[docker]
|
||||
type = s3
|
||||
provider = DigitalOcean
|
||||
provider = Cloudflare
|
||||
env_auth = false
|
||||
access_key_id = your_spaces_access_key
|
||||
secret_access_key = your_spaces_secret_key
|
||||
endpoint = private.nyc3.digitaloceanspaces.com
|
||||
access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
|
||||
secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
|
||||
endpoint = open.nyc3.digitaloceanspaces.com
|
||||
acl = private
|
||||
[do-open]
|
||||
[private]
|
||||
type = s3
|
||||
provider = DigitalOcean
|
||||
provider = Cloudflare
|
||||
env_auth = false
|
||||
access_key_id = your_spaces_access_key
|
||||
secret_access_key = your_spaces_secret_key
|
||||
access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
|
||||
secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
|
||||
endpoint = {{ }}
|
||||
acl = private
|
||||
[public]
|
||||
type = s3
|
||||
provider = Cloudflare
|
||||
env_auth = false
|
||||
access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
|
||||
secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
|
||||
endpoint = open.nyc3.digitaloceanspaces.com
|
||||
acl = public-read
|
||||
[system]
|
||||
type = s3
|
||||
provider = Cloudflare
|
||||
env_auth = false
|
||||
access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
|
||||
secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
|
||||
endpoint = open.nyc3.digitaloceanspaces.com
|
||||
acl = private
|
||||
# MEGABYTE LABS MANAGED S3
|
||||
EOT
|
||||
{{- end }}
|
||||
|
|
|
@ -4,9 +4,9 @@ After=network-online.target
|
|||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=root
|
||||
ExecStart=/usr/local/bin/rclone-mount "docker" "docker" "docker-s3"
|
||||
ExecStop=/bin/fusermount -u /mnt/docker-s3
|
||||
User=rclone
|
||||
ExecStart=/usr/local/bin/rclone-mount "docker" "docker" "s3-docker"
|
||||
ExecStop=/bin/fusermount -u /mnt/s3-docker
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
|
||||
|
|
14
home/dot_config/rclone/s3-private.service.tmpl
Normal file
14
home/dot_config/rclone/s3-private.service.tmpl
Normal file
|
@ -0,0 +1,14 @@
|
|||
[Unit]
|
||||
Description=rclone S3 system service (private)
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=rclone
|
||||
ExecStart=/usr/local/bin/rclone-mount "rclone" "rclone" "s3-private"
|
||||
ExecStop=/bin/fusermount -u /mnt/s3-private
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
14
home/dot_config/rclone/s3-public.service.tmpl
Normal file
14
home/dot_config/rclone/s3-public.service.tmpl
Normal file
|
@ -0,0 +1,14 @@
|
|||
[Unit]
|
||||
Description=rclone S3 system service (public)
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=rclone
|
||||
ExecStart=/usr/local/bin/rclone-mount "rclone" "rclone" "s3-public"
|
||||
ExecStop=/bin/fusermount -u /mnt/s3-public
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -110,6 +110,7 @@ let binLinkRan = false
|
|||
const installOrdersPre = []
|
||||
const installOrdersPost = []
|
||||
const installOrdersService = []
|
||||
const installOrdersGroups = []
|
||||
const installOrdersPlugins = []
|
||||
const installOrdersBinLink = []
|
||||
let brewUpdated, osType, osID, snapRefreshed
|
||||
|
@ -433,6 +434,10 @@ async function updateInstallMaps(preference, packages, scopedPreference, pkg, pa
|
|||
if (serviceHook) {
|
||||
installOrdersService.concat(typeof serviceHook === 'string' ? [serviceHook] : serviceHook)
|
||||
}
|
||||
const groupsHook = getHook(packages, 'groups', scopedPreference, preference)
|
||||
if (groupsHook) {
|
||||
installOrdersGroups.concat(typeof groupsHook === 'string' ? [groupsHook] : groupsHook)
|
||||
}
|
||||
processPluginOrders(pkg)
|
||||
if (!installOrders[preference]) {
|
||||
installOrders[preference] = []
|
||||
|
@ -1471,17 +1476,49 @@ async function installPackageList(packageManager, packages) {
|
|||
}
|
||||
}
|
||||
|
||||
async function addUserGroup(group) {
|
||||
const logStage = 'Users / Groups'
|
||||
log('info', logStage, `Ensuring the ${group} group / user is added`)
|
||||
if (osType === 'linux') {
|
||||
const useradd = which.sync('useradd', { nothrow: true })
|
||||
if (useradd) {
|
||||
runCommand(`Adding the ${group} user / group`, `sudo useradd ${group}`)
|
||||
} else {
|
||||
log('error', logStage, `The useradd command is unavailable`)
|
||||
}
|
||||
} else if (osType === 'darwin') {
|
||||
} else if (osType === 'windows') {
|
||||
log('warn', logStage, `Windows support not yet added`)
|
||||
} else {
|
||||
log('warn', logStage, `Unknown operating system type`)
|
||||
}
|
||||
}
|
||||
|
||||
async function updateService(service) {
|
||||
const logStage = 'Service Service'
|
||||
if (osType === 'linux') {
|
||||
const systemctl = which.sync('systemctl', { nothrow: true })
|
||||
const brew = which.sync('brew', { nothrow: true })
|
||||
if (systemctl) {
|
||||
try {
|
||||
runCommand(`Starting / enabling ${service} with systemctl`, `sudo systemctl enable --now ${service}`)
|
||||
log('success', logStage, `Started / enabled the ${service} service`)
|
||||
} catch (e) {
|
||||
log('error', logStage, `There was an error starting / enabling the ${service} service`)
|
||||
console.error(e)
|
||||
log('info', logStage, `There was an error starting / enabling the ${service} service with systemd`)
|
||||
try {
|
||||
if (brew) {
|
||||
runCommand(`Starting / enabling ${service} with Homebrew`, `brew services start ${service}`)
|
||||
log('success', logStage, `Started / enabled the ${service} service with Homebrew`)
|
||||
} else {
|
||||
log('error', logStage, `Unable to start service with systemd and Homebrew is not available`)
|
||||
}
|
||||
} catch (err) {
|
||||
log('error', logStage, `Unable to start service with both systemd and Homebrew`)
|
||||
log('info', logStage, `systemd error`)
|
||||
console.error(e)
|
||||
log('info', logStage, `brew services error`)
|
||||
console.error(e)
|
||||
}
|
||||
}
|
||||
} else {
|
||||
log(
|
||||
|
@ -1711,6 +1748,10 @@ async function installSoftware(pkgsToInstall) {
|
|||
asyncOrders.push(installPackageList(packageManager, installOrders[packageManager]))
|
||||
await Promise.all(asyncOrders)
|
||||
}
|
||||
log('info', 'Users / Groups', `Adding groups / users`)
|
||||
for (const group of installOrdersGroups) {
|
||||
await addUserGroup(group)
|
||||
}
|
||||
log('info', 'Post-Install', `Running package-specific post-installation steps`)
|
||||
for (const service of installOrdersService) {
|
||||
await updateService(service)
|
||||
|
|
|
@ -4,46 +4,37 @@
|
|||
TYPE="$1"
|
||||
USER="$2"
|
||||
MOUNT="$3"
|
||||
|
||||
### Path definitions
|
||||
if [ "$TYPE" = 'user' ]; then
|
||||
CACHE_FOLDER="/home/$USER/.cache/rclone"
|
||||
CONFIG_FOLDER="/home/$USER/.config/rclone"
|
||||
LOG_FOLDER="/home/$USER/.local/log"
|
||||
LOG_FILE="$LOG_FOLDER/$MOUNT.log"
|
||||
MOUNT_PATH="/home/{{ .user.username }}/.local/mnt/$MOUNT"
|
||||
elif [ "$TYPE" = 'docker' ]; then
|
||||
CACHE_FOLDER="/var/cache/rclone/$MOUNT"
|
||||
CONFIG_FOLDER="/etc"
|
||||
LOG_FOLDER="/var/log/rclone"
|
||||
LOG_FILE="$LOG_FOLDER/$MOUNT.log"
|
||||
MOUNT_PATH="/mnt/$MOUNT"
|
||||
else
|
||||
CACHE_FOLDER="/var/cache/rclone"
|
||||
CACHE_FOLDER="/var/cache/rclone/$MOUNT"
|
||||
CONFIG_FOLDER="/etc"
|
||||
LOG_FOLDER="/var/log/rclone"
|
||||
LOG_FILE="$LOG_FOLDER/$MOUNT.log"
|
||||
MOUNT_PATH="/mnt/$MOUNT"
|
||||
fi
|
||||
|
||||
### Ensure directories created
|
||||
if [ ! -d "$CACHE_FOLDER" ]; then
|
||||
mkdir -p "$CACHE_FOLDER"
|
||||
fi
|
||||
if [ ! -d "$CONFIG_FOLDER" ]; then
|
||||
mkdir -p "$CONFIG_FOLDER"
|
||||
fi
|
||||
if [ ! -d "$LOG_FOLDER" ]; then
|
||||
mkdir -p "$LOG_FOLDER"
|
||||
fi
|
||||
if [ ! -d "$MOUNT_PATH" ]; then
|
||||
mkdir -p "$MOUNT_PATH"
|
||||
fi
|
||||
### Ensure folders exist
|
||||
for FOLDER in "$CACHE_FOLDER" "$CONFIG_FOLDER" "$LOG_FOLDER" "$MOUNT_PATH"; do
|
||||
if [ ! -d "$FOLDER" ]; then
|
||||
mkdir -p "$FOLDER" || echo "ERROR: Need permissions for $FOLDER"
|
||||
fi
|
||||
done
|
||||
|
||||
### Define rcloneignore location
|
||||
RCLONE_IGNORE="$CONFIG_FOLDER/rcloneignore"
|
||||
if [ ! -f "$RCLONE_IGNORE" ] && [ -f "/etc/rcloneignore" ]; then
|
||||
RCLONE_IGNORE='etc/rcloneignore'
|
||||
fi
|
||||
|
||||
### Mount
|
||||
/usr/bin/rclone --config="$CONFIG_FOLDER/rclone.conf" \
|
||||
/usr/bin/rclone --config="$CONFIG_FOLDER/rclone.conf" \
|
||||
mount \
|
||||
--cache-tmp-upload-path="$CACHE_FOLDER/$MOUNT-upload" \
|
||||
--cache-chunk-path="$CACHE_FOLDER/$MOUNT-chunks" \
|
||||
|
|
|
@ -6137,6 +6137,8 @@ softwarePackages:
|
|||
_desc: '[Rclone](https://rclone.org/) is an open source, multi threaded, command line computer program to manage content on cloud and other high latency storage. Its capabilities include sync, transfer, crypt, cache, union, compress and mount. The rclone website lists [fifty supported backends](https://rclone.org/overview/) including S3 services and Google Drive.'
|
||||
_docs: https://rclone.org/docs/
|
||||
_github: https://github.com/rclone/rclone
|
||||
_groups:
|
||||
- rclone
|
||||
_home: https://rclone.org/
|
||||
_name: Rclone
|
||||
ansible: professormanhattan.rclone
|
||||
|
|
Loading…
Reference in a new issue