Latest
This commit is contained in:
parent
6102deaa33
commit
df0f479f94
27 changed files with 238 additions and 125 deletions
|
@ -23,6 +23,10 @@ This page outlines various projects and tasks that we are currently working on.
|
|||
( [Title](https://github.com/StanGirard/quivr))
|
||||
* [Title](https://github.com/PromtEngineer/localGPT)
|
||||
* [Title](https://github.com/reworkd/AgentGPT)
|
||||
* deprecate ansible roles in softwareyml
|
||||
* Create seed for Lulu
|
||||
* [Title](https://github.com/essandess/macOS-Fortress)
|
||||
|
||||
## Upstream
|
||||
|
||||
The following items are things we would like to include into the Install Doctor system but are waiting on upstream changes.
|
||||
|
|
|
@ -674,6 +674,7 @@ softwareGroups:
|
|||
- obs-studio
|
||||
- plex
|
||||
- plex-htpc
|
||||
- plex-media-server
|
||||
- prezi-video
|
||||
- raspberry-pi-imager
|
||||
- shotcut
|
||||
|
@ -760,6 +761,7 @@ softwareGroups:
|
|||
- gixy
|
||||
- mkcert
|
||||
- nginx
|
||||
- nginx-unit
|
||||
# - maas
|
||||
- ngxtop
|
||||
Network-Enabled: &Network-Enabled
|
||||
|
|
20
home/dot_config/firewall/darwin/README.md
Normal file
20
home/dot_config/firewall/darwin/README.md
Normal file
|
@ -0,0 +1,20 @@
|
|||
# macOS Firewall Rules
|
||||
|
||||
The macOS firewall rules are derived from the configurations defined in the `etc/firewalld/services/` folder using ChatGPT.
|
||||
|
||||
## Example Prompt
|
||||
|
||||
```
|
||||
convert the following FirewallD configuration to commands that can be used to configure the macOS firewall in a similar fashion. Only return a single bash script with no other text and do not enable logging or the firewall. Do not include any text other than the bash script and do not provide instructions or "Here's the bash script" text or "Please note that" text or anything other than script that can be run: <?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>Plex</short>
|
||||
<description>.</description>
|
||||
<port protocol="tcp" port="32400"/> # Plex Media Server
|
||||
<port protocol="udp" port="1900"/> # Plex DLNA Server
|
||||
<port protocol="tcp" port="32469"/> # Plex DLNA Server
|
||||
<port protocol="udp" port="32410"/> # GDM Network Discovery
|
||||
<port protocol="udp" port="32412"/> # GDM Network Discovery
|
||||
<port protocol="udp" port="32413"/> # GDM Network Discovery
|
||||
<port protocol="udp" port="32414"/> # GDM Network Discovery
|
||||
</service>
|
||||
```
|
11
home/dot_config/firewall/darwin/plex.sh
Normal file
11
home/dot_config/firewall/darwin/plex.sh
Normal file
|
@ -0,0 +1,11 @@
|
|||
#!/bin/bash
|
||||
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --add --service "Plex" --getglobalstate
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --service "Plex" --setglobaldescription "."
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --service "Plex" --add --port 32400 --protocol tcp
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --service "Plex" --add --port 1900 --protocol udp
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --service "Plex" --add --port 32469 --protocol tcp
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --service "Plex" --add --port 32410 --protocol udp
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --service "Plex" --add --port 32412 --protocol udp
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --service "Plex" --add --port 32413 --protocol udp
|
||||
/usr/libexec/ApplicationFirewall/socketfilterfw --service "Plex" --add --port 32414 --protocol udp
|
6
home/dot_config/firewall/etc/firewalld/services/cups.xml
Normal file
6
home/dot_config/firewall/etc/firewalld/services/cups.xml
Normal file
|
@ -0,0 +1,6 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>CUPS</short>
|
||||
<description>Network printing service</description>
|
||||
<port protocol="tcp" port="631"/>
|
||||
</service>
|
|
@ -1,7 +1,7 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>FTP</short>
|
||||
<description>FTP is a protocol used for remote file transfer. If you plan to make your FTP server publicly available, enable this option. You need the vsftpd package installed for this option to be useful.</description>
|
||||
<description>Remote File Transfer Protocol server</description>
|
||||
<port protocol="tcp" port="21"/>
|
||||
<module name="nf_conntrack_ftp"/>
|
||||
</service>
|
|
@ -1,6 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>IPFS Daemon API</short>
|
||||
<description>InterPlanetary File System (IPFS) is a protocol and peer-to-peer network for storing and sharing data in a distributed file system.</description>
|
||||
<port protocol="tcp" port="5001"/>
|
||||
</service>
|
|
@ -1,7 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>IPFS Swarm</short>
|
||||
<description>InterPlanetary File System (IPFS) is a protocol and peer-to-peer network for storing and sharing data in a distributed file system.</description>
|
||||
<port protocol="tcp" port="4001"/>
|
||||
<port protocol="udp" port="4001"/>
|
||||
</service>
|
|
@ -1,6 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>IPFS Swarm Websockets</short>
|
||||
<description>InterPlanetary File System (IPFS) is a protocol and peer-to-peer network for storing and sharing data in a distributed file system.</description>
|
||||
<port protocol="tcp" port="8081"/>
|
||||
</service>
|
|
@ -1,7 +1,7 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>jellyfin</short>
|
||||
<description>ellyfin is the volunteer-built media solution that puts you in control of your media. Stream to any device from your own server, with no strings attached. Your media, your server, your way.</description>
|
||||
<short>Jellyfin</short>
|
||||
<description>Media streaming server</description>
|
||||
<port protocol="tcp" port="8096"/>
|
||||
<port protocol="tcp" port="8920"/>
|
||||
<port protocol="udp" port="1900"/>
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>Kubernetes Master</short>
|
||||
<description>Ports required for a Kubernetes Master node per https://kubernetes.io/docs/setup/independent/install-kubeadm/.</description>
|
||||
<port port="6443" protocol="tcp"/>
|
||||
<port port="2379" protocol="tcp"/>
|
||||
<port port="2380" protocol="tcp"/>
|
||||
<port port="10250-10252" protocol="tcp"/>
|
||||
<port port="10255" protocol="tcp"/>
|
||||
</service>
|
|
@ -1,8 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>Kubernetes Worker</short>
|
||||
<description>Ports required for a Kubernetes Worker node per https://kubernetes.io/docs/setup/independent/install-kubeadm/.</description>
|
||||
<port port="10250" protocol="tcp"/>
|
||||
<port port="10255" protocol="tcp"/>
|
||||
<port port="30000-32767" protocol="tcp"/>
|
||||
</service>
|
13
home/dot_config/firewall/etc/firewalld/services/maas.xml
Normal file
13
home/dot_config/firewall/etc/firewalld/services/maas.xml
Normal file
|
@ -0,0 +1,13 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>MAAS</short>
|
||||
<description>Ubuntu management software for equipment that is controlled by LPMI</description>
|
||||
<port protocol="tcp" port="5240"/>
|
||||
<port protocol="udp" port="5240"/>
|
||||
<port protocol="tcp" port="5248"/>
|
||||
<port protocol="udp" port="5248"/>
|
||||
<port protocol="tcp" port="5241-5247"/>
|
||||
<port protocol="udp" port="5241-5247"/>
|
||||
<port protocol="tcp" port="5250-5270"/>
|
||||
<port protocol="udp" port="5250-5270"/>
|
||||
</service>
|
|
@ -1,7 +1,7 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>Multicast DNS (mDNS)</short>
|
||||
<description>mDNS provides the ability to use DNS programming interfaces, packet formats and operating semantics in a small network without a conventional DNS server. If you plan to use Avahi, do not disable this option.</description>
|
||||
<description>DNS services without a traditional DNS server</description>
|
||||
<port protocol="udp" port="5353"/>
|
||||
<destination ipv4="224.0.0.251" ipv6="ff02::fb"/>
|
||||
</service>
|
|
@ -0,0 +1,6 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>NetbootXYZ</short>
|
||||
<description>Boot over LAN service provider</description>
|
||||
<port protocol="udp" port="69"/>
|
||||
</service>
|
|
@ -0,0 +1,7 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>NGINX</short>
|
||||
<description>Website and application server / proxy</description>
|
||||
<port protocol="tcp" port="80"/>
|
||||
<port protocol="tcp" port="443"/>
|
||||
</service>
|
|
@ -1,8 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>OpenVPN Access Server</short>
|
||||
<description>OpenVPN Access Server is a set of installation and configuration tools that come in one package that simplifies the rapid deployment of a VPN remote access solution.</description>
|
||||
<port protocol="udp" port="1194"/>
|
||||
<port protocol="tcp" port="9443"/>
|
||||
<port protocol="tcp" port="943"/>
|
||||
</service>
|
|
@ -0,0 +1,12 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>Plex Media Server</short>
|
||||
<description>Media management and streaming platform</description>
|
||||
<port protocol="tcp" port="32400"/>
|
||||
<port protocol="tcp" port="3005"/>
|
||||
<port protocol="udp" port="5353"/>
|
||||
<port protocol="tcp" port="8324"/>
|
||||
<port protocol="udp" port="32410-32414"/>
|
||||
<port protocol="udp" port="1900"/>
|
||||
<port protocol="tcp" port="32469"/>
|
||||
</service>
|
|
@ -2,11 +2,7 @@
|
|||
<service>
|
||||
<short>Plex</short>
|
||||
<description>.</description>
|
||||
<port protocol="tcp" port="32400"/> # Plex Media Server
|
||||
<port protocol="udp" port="1900"/> # Plex DLNA Server
|
||||
<port protocol="tcp" port="32469"/> # Plex DLNA Server
|
||||
<port protocol="udp" port="32410"/> # GDM Network Discovery
|
||||
<port protocol="udp" port="32412"/> # GDM Network Discovery
|
||||
<port protocol="udp" port="32413"/> # GDM Network Discovery
|
||||
<port protocol="udp" port="32414"/> # GDM Network Discovery
|
||||
<port protocol="udp" port="32410-32414"/> # GDM Network Discovery
|
||||
</service>
|
|
@ -0,0 +1,6 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>TigerVNC</short>
|
||||
<description>High performance, multi-platform VNC server</description>
|
||||
<port protocol="tcp" port="5900-5904"/>
|
||||
</service>
|
|
@ -1,13 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>UniFi Controller</short>
|
||||
<description>.</description>
|
||||
<port protocol="udp" port="10001"/>
|
||||
<port protocol="udp" port="3478"/>
|
||||
<port protocol="tcp" port="8080"/>
|
||||
<port protocol="tcp" port="8081"/>
|
||||
<port protocol="tcp" port="8443"/>
|
||||
<port protocol="tcp" port="8843"/>
|
||||
<port protocol="tcp" port="8880"/>
|
||||
<port protocol="tcp" port="6789"/>
|
||||
</service>
|
|
@ -1,15 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>unifi-video</short>
|
||||
<description>.</description>
|
||||
<port protocol="tcp" port="10001"/>
|
||||
<port protocol="tcp" port="1935"/>
|
||||
<port protocol="tcp" port="6666"/>
|
||||
<port protocol="tcp" port="7080"/>
|
||||
<port protocol="tcp" port="7442"/>
|
||||
<port protocol="tcp" port="7443"/>
|
||||
<port protocol="tcp" port="7444"/>
|
||||
<port protocol="tcp" port="7445"/>
|
||||
<port protocol="tcp" port="7446"/>
|
||||
<port protocol="tcp" port="7447"/>
|
||||
</service>
|
|
@ -0,0 +1,6 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<service>
|
||||
<short>xRDP</short>
|
||||
<description>Remote Desktop server</description>
|
||||
<port protocol="tcp" port="3389"/>
|
||||
</service>
|
|
@ -1,4 +0,0 @@
|
|||
[UniFi]
|
||||
title=UniFi controller
|
||||
description=All ports available for UniFi inform, guest portal, speed testing, and access to admin GUI
|
||||
ports=5514,6789,8080,8843,8880/tcp|1900,3478,10001/udp
|
|
@ -449,7 +449,12 @@ async function updateInstallMaps(preference, packages, scopedPreference, pkg, pa
|
|||
}
|
||||
const portsHook = getHook(packages, 'ports', scopedPreference, preference)
|
||||
if (portsHook) {
|
||||
installOrdersPorts = installOrdersPorts.concat(typeof portsHook === 'string' ? [portsHook] : portsHook)
|
||||
installOrdersPorts = installOrdersPorts.concat(typeof portsHook === 'string' ? [{
|
||||
packageKey,
|
||||
ports: portsHook
|
||||
}] : {
|
||||
packageKey,
|
||||
ports: portsHook})
|
||||
}
|
||||
processPluginOrders(pkg)
|
||||
if (!installOrders[preference]) {
|
||||
|
@ -1551,35 +1556,73 @@ async function addUserGroup(group) {
|
|||
/**
|
||||
* Adds the rules specified in the `_ports` key of each entry in the `software.yml` file.
|
||||
*
|
||||
* @param rule Firewall rule in the form of 8888/tcp or 9999/udp. Can also be the XML file name stored in ~/.config/firewall/etc/firewalld/services.
|
||||
* @param rule {packageKey: string, ports: any} Firewall rule in the form of 8888/tcp or 9999/udp. Can also be the XML file name stored in ~/.config/firewall/etc/firewalld/services.
|
||||
*/
|
||||
async function addFirewallRule(rule) {
|
||||
const logStage = 'Firewall'
|
||||
log('info', logStage, `Ensuring the ${rule} rule is added`)
|
||||
if (osType === 'linux') {
|
||||
const firewallCmd = which.sync('firewall-cmd', { nothrow: true })
|
||||
// const ufw = which.sync('ufw', { nothrow: true })
|
||||
if (firewallCmd) {
|
||||
if (typeof rule.substring(0, 1) === 'number') {
|
||||
runCommand(`Adding the ${rule} to the firewall configuration`, `sudo firewall-cmd --add-port=${rule} --permanent`)
|
||||
try {
|
||||
const logStage = 'Firewall'
|
||||
const packageName = installData.softwarePackages[rule.packageKey] && installData.softwarePackages[rule.packageKey]._name
|
||||
const packageDesc = installData.softwarePackages[rule.packageKey] && installData.softwarePackages[rule.packageKey]._desc
|
||||
log('info', logStage, `Ensuring the ${rule.packageKey} rule is added since the _ports key is defined`)
|
||||
if (osType === 'linux') {
|
||||
const firewallCmd = which.sync('firewall-cmd', { nothrow: true })
|
||||
// const ufw = which.sync('ufw', { nothrow: true })
|
||||
if (firewallCmd) {
|
||||
const serviceFile = `${process.env.HOME}/.config/firewall/etc/firewalld/services/${rule.packageKey}.xml`
|
||||
if (fileExists(serviceFile)) {
|
||||
log('info', logStage, `Service file found at ${serviceFile} - using it to apply firewall-cmd configuration`)
|
||||
runCommand(`Copying over ${serviceFile} file to /etc/firewalld/services`, `sudo cp -f "${serviceFile}" "/etc/firewalld/services/${rule.packageKey}.xml"`)
|
||||
runCommand(`Adding the ${rule.packageKey} firewall-cmd service`, `sudo firewall-cmd --add-service=${rule.packageKey} --permanent`)
|
||||
} else {
|
||||
if (typeof rule.ports === 'string') {
|
||||
runCommand(`Adding the ${rule.packageKey} ${rule.ports} rule to the firewall configuration`, `sudo firewall-cmd --add-port=${rule.ports} --permanent`)
|
||||
} else {
|
||||
for (const port of rule.ports) {
|
||||
if (typeof port === 'string') {
|
||||
runCommand(`Adding the ${rule.packageKey} ${rule.ports} rule to the firewall configuration`, `sudo firewall-cmd --add-port=${rule.ports} --permanent`)
|
||||
} else if (port.port && port.proto) {
|
||||
runCommand(`Adding the ${rule.packageKey} ${port.port}/${port.proto} rule to the firewall configuration`, `sudo firewall-cmd --add-port=${port.port}/${port.proto} --permanent`)
|
||||
} else {
|
||||
log('error', logStage, `Unable to parse the firewall definition for ${rule.packageKey}`)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
runCommand(`Adding the ${rule} user / group`, `sudo firewall-cmd --add-service=${rule} --permanent`)
|
||||
log('error', logStage, `The firewall-cmd executable is not present on the system so the firewall cannot be configured`)
|
||||
}
|
||||
} else if (osType === 'darwin') {
|
||||
const socketFilterFw = '/usr/libexec/ApplicationFirewall/socketfilterfw'
|
||||
const serviceFile = `${process.env.HOME}/.config/firewall/darwin/${rule.packageKey}.sh`
|
||||
if (fileExists(serviceFile)) {
|
||||
runCommand(`Executing the matching ${serviceFile} service file`, `sudo bash "${serviceFile}"`)
|
||||
} else {
|
||||
if (typeof rule.ports === 'string') {
|
||||
log('error', logStage, `_ports rules that are equal to strings are not yet implemented on macOS (package: ${rule.packageKey})`)
|
||||
} else {
|
||||
for (const port of rule.ports) {
|
||||
if (typeof port === 'string') {
|
||||
log('error', logStage, `_ports rules that are equal to strings are not yet implemented on macOS (package: ${rule.packageKey})`)
|
||||
} else if (port.port && port.proto) {
|
||||
runCommand(`Adding new service for ${rule.packageKey}`, `${socketFilterFw} --add --service "${packageName ? packageName : rule.packageKey}" --getglobalstate`)
|
||||
if (packageDesc) {
|
||||
runCommand(`Adding description to service defined for ${rule.packageKey}`, `${socketFilterFw} --service "${packageName ? packageName : rule.packageKey}" --setglobaldescription "${packageDesc}"`)
|
||||
}
|
||||
runCommand(`Adding firewall rule for ${rule.packageKey}`, `${socketFilterFw} --service "${packageName ? packageName : rule.packageKey}" --add --port ${port.port} --protocol ${port.proto}`)
|
||||
} else {
|
||||
log('error', logStage, `Unable to parse the firewall definition for ${rule.packageKey}`)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
} else if (osType === 'windows') {
|
||||
log('warn', logStage, `Windows support not yet added`)
|
||||
} else {
|
||||
log('error', logStage, `The firewall-cmd executable is not present on the system so the firewall cannot be configured`)
|
||||
log('warn', logStage, `Unknown operating system type`)
|
||||
}
|
||||
} else if (osType === 'darwin') {
|
||||
runCommand(`Creating the ${rule} group`, `sudo dscl . create /Groups/${rule}`)
|
||||
runCommand(`Ensuring the ${rule} group has a GID`, `bash -c 'if [[ "$(sudo dscl . read /Groups/$GROUP gid 2>&1)" == *"No such key"* ]]; then MAX_ID_GROUP="$(dscl . -list /Groups gid | awk "{print $2}" | sort -ug | tail -1)"; GROUP_ID="$((MAX_ID_GROUP+1))"; sudo dscl . create /Groups/${rule} gid "$GROUP_ID"; fi'`)
|
||||
runCommand(`Adding the ${rule} user`, `sudo dscl . create /Users/${rule}`)
|
||||
runCommand(`Ensuring the ${rule} user has a PrimaryGroupID`, `bash -c 'if [[ "$(sudo dscl . read /Users/${rule} PrimaryGroupID 2>&1)" == *"No such key"* ]]; then sudo dscl . create /Users/${rule} PrimaryGroupID 20; fi'`)
|
||||
runCommand(`Ensuring the ${rule} user has a UniqueID`, `bash -c 'if [[ "$(sudo dscl . read /Users/${rule} UniqueID 2>&1)" == *"No such key"* ]]; then MAX_ID_USER="$(dscl . -list /Users UniqueID | sort -nr -k 2 | head -1 | grep -oE "[0-9]+$")"; USER_ID="$((MAX_ID_USER+1))"; sudo dscl . create /Users/${rule} UniqueID "$USERID"; fi'`)
|
||||
runCommand(`Adding the ${rule} user to the ${rule} group`, `sudo dseditgroup -o edit -t user -a ${rule} ${rule}`)
|
||||
runCommand(`Adding the ${process.env.USER} user to the ${rule} group`, `sudo dseditgroup -o edit -t user -a ${process.env.USER} ${rule}`)
|
||||
} else if (osType === 'windows') {
|
||||
log('warn', logStage, `Windows support not yet added`)
|
||||
} else {
|
||||
log('warn', logStage, `Unknown operating system type`)
|
||||
} catch (e) {
|
||||
console.log(e)
|
||||
log('error', 'Bin', `Error configuring firewall settings for ${rule.packageKey}`)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
11
home/dot_local/bin/firejail/README.md
Normal file
11
home/dot_local/bin/firejail/README.md
Normal file
|
@ -0,0 +1,11 @@
|
|||
# Firejail
|
||||
|
||||
Firejail integration is pending. Firejail will allow us to improve security on Linux platforms by sandboxing executables and programs. Firejail already includes hundreds of definitions for programs. There are also custom lists maintained by the community which can be found on the [Firejail README](https://github.com/netblue30/firejail).
|
||||
|
||||
Ideally, we should create a few generic profiles that handle the following cases:
|
||||
|
||||
1. CLIs that don't need access to ~/.ssh and ~/.config etc.
|
||||
2. CLIs that DO need access to specific folders
|
||||
3. The configurations should be automatically generated from an array of options for each entry in the `software.yml` file
|
||||
|
||||
It would also be great if we could have Firejail automatically load anytime executables are called so that we can run `pnpm` instead of `firejail pnpm`, for instance.
|
77
software.yml
77
software.yml
|
@ -1852,6 +1852,9 @@ softwarePackages:
|
|||
_github: https://github.com/apple/cups
|
||||
_home: null
|
||||
_name: CUPS
|
||||
_ports:
|
||||
- port: 631
|
||||
proto: tcp
|
||||
ansible: professormanhattan.cups
|
||||
apt:
|
||||
- avahi-daemon
|
||||
|
@ -5004,6 +5007,23 @@ softwarePackages:
|
|||
_github: https://github.com/maas/maas
|
||||
_home: https://maas.io/
|
||||
_name: MAAS
|
||||
_ports:
|
||||
- port: 5240
|
||||
proto: tcp
|
||||
- port: 5240
|
||||
proto: udp
|
||||
- port: 5248
|
||||
proto: tcp
|
||||
- port: 5248
|
||||
proto: udp
|
||||
- port: 5241-5247
|
||||
proto: tcp
|
||||
- port: 5241-5247
|
||||
proto: udp
|
||||
- port: 5250-5270
|
||||
proto: tcp
|
||||
- port: 5250-5270
|
||||
proto: udp
|
||||
ansible:ubuntu: professormanhattan.maas
|
||||
snap:ubuntu: maas
|
||||
mackup:
|
||||
|
@ -5789,9 +5809,9 @@ softwarePackages:
|
|||
_name: NGINX
|
||||
_ports:
|
||||
- port: 80
|
||||
proto: udp
|
||||
proto: tcp
|
||||
- port: 443
|
||||
proto: udp
|
||||
proto: tcp
|
||||
ansible: professormanhattan.nginx
|
||||
apt: nginx
|
||||
brew: nginx
|
||||
|
@ -6564,28 +6584,46 @@ softwarePackages:
|
|||
plex:
|
||||
_bin: plex
|
||||
_desc: '[Plex](https://www.plex.tv/) is a global streaming service of free ad-supported video, with TV shows and movies from distributors such as Crackle, Warner Bros., MGM, Endemol Shine Group, Lionsgate, and Legendary. Plex is also a client–server media player system plus an ancillary software suite.'
|
||||
_docs: https://forums.plex.tv/t/introducing-plex-htpc/703075
|
||||
_github: https://github.com/plexinc/plex-media-player
|
||||
_github: false
|
||||
_home: https://www.plex.tv/
|
||||
_name: Plex
|
||||
_when:cask: '! test -d /Applications/Plex.app'
|
||||
ansible: professormanhattan.plex
|
||||
cask:
|
||||
- plex
|
||||
- plex-media-player
|
||||
- plex-media-server
|
||||
choco:
|
||||
- plex
|
||||
- plexmediaplayer
|
||||
cask: plex
|
||||
choco: plex
|
||||
flatpak: tv.plex.PlexDesktop
|
||||
plex-media-server:
|
||||
_bin: plex-media-server
|
||||
_github: false
|
||||
_name: Plex Media Server
|
||||
_when:cask: '! test -d "/Applications/Plex Media Server.app"'
|
||||
_ports:
|
||||
- port: 32400
|
||||
proto: tcp
|
||||
- port: 3005
|
||||
proto: tcp
|
||||
- port: 5353
|
||||
proto: udp
|
||||
- port: 8324
|
||||
proto: tcp
|
||||
- port: 32410-32414
|
||||
proto: udp
|
||||
- port: 1900
|
||||
proto: udp
|
||||
- port: 32469
|
||||
proto: tcp
|
||||
cask: plex-media-server
|
||||
choco: plexmediaserver
|
||||
snap: plexmediaserver
|
||||
yay: plex-media-server
|
||||
plex-htpc:
|
||||
_bin: plex-htpc
|
||||
_github: false
|
||||
_home: https://www.plex.tv/
|
||||
_name: Plex HTPC
|
||||
_when:cask: '! test -d "/Applications/Plex HTPC.app"'
|
||||
cask: plex-htpc
|
||||
choco: plex-home-theater
|
||||
flatpak: tv.plex.PlexHTPC
|
||||
snap: plex-htpc
|
||||
pm2:
|
||||
|
@ -7114,7 +7152,6 @@ softwarePackages:
|
|||
dnf: firewalld
|
||||
emerge: net-firewall/firewalld
|
||||
pacman: firewalld
|
||||
script:darwin: sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on
|
||||
zypper: firewalld
|
||||
xrdp:
|
||||
_bin: xrdp
|
||||
|
@ -9674,6 +9711,12 @@ softwarePackages:
|
|||
dnf:fedora: yubikey-manager
|
||||
pacman: yubikey-manager
|
||||
pipx: yubikey-manager
|
||||
nginx-unit:
|
||||
_bin: unitd
|
||||
_github: https://github.com/nginx/unit
|
||||
_name: NGINX Unit
|
||||
_service:brew: nginx/unit/unit
|
||||
brew: nginx/unit/unit
|
||||
yubikey-manager-qt:
|
||||
_bin: yubikey-manager-qt
|
||||
_desc: Cross-platform application for configuring any YubiKey over all USB interfaces.
|
||||
|
@ -9713,10 +9756,10 @@ softwarePackages:
|
|||
pipx: shell-gpt
|
||||
tigervnc:
|
||||
_bin: tigervncpasswd
|
||||
_github: https://github.com/DukeyToo/tightvnc-server
|
||||
_name: TightVNC Server
|
||||
_github: https://github.com/TigerVNC/tigervnc
|
||||
_name: TigerVNC Server
|
||||
_ports:
|
||||
- port: 5900-5909
|
||||
- port: 5900-5904
|
||||
proto: tcp
|
||||
apt: tigervnc-standalone-server
|
||||
dnf: tigervnc-server
|
||||
|
@ -9807,6 +9850,10 @@ softwarePlugins:
|
|||
- redhatdeveloper/openshift-dd-ext
|
||||
- snyk/snyk-docker-desktop-extension
|
||||
- tailscale/docker-extension
|
||||
dockerImages:
|
||||
cmd: null
|
||||
plugins:
|
||||
- docker.io/nginx/unit
|
||||
dotnet:
|
||||
cmd: sudo chown -r "$USER" "$HOME/.local/share/NuGet" && dotnet tool install -g {PLUGIN}
|
||||
plugins:
|
||||
|
|
Loading…
Reference in a new issue