punkfairie/install.fairie
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update to improved gum formatting

Browse source
This commit is contained in:
Brian Zalewski 2024-05-28 03:50:11 +00:00
parent 2731e1121b
commit e0ae3d219d
77 changed files with 1415 additions and 1415 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/contributing/code-quality.md
View file

@ -39,7 +39,7 @@ During the provisioning process, Install Doctor utilizes bash (and PowerShell, i
2. Scripts that perform similar tasks contain the same number ID in the filename. In the future, when Install Doctor is more mature, it is possible that we will want to execute scripts asynchronously. If scripts have the same number ID, then we will be able to run those scripts at the same time in a group.
3. All of the bash scripts start with `{{- if ne .host.distro.family "windows" -}}` (and end with `{{ end -}}`). This tells Install Doctor to only run the script on non-Windows machines.
4. All of the scripts have a section at the top that include `{{ includeTemplate "universal/profile" }}` and `{{ includeTemplate "universal/logg" }}`. These blocks of code include the script sections defined in `home/.chezmoitemplates/`. These particular templates set up things like the `PATH` variable and add logging features that you can find examples of in the project.
5. Every action in a script should be wrapped in if-else blocks that include a check for system requirements required for the particular action. This might include checks for binaries by using `if command -v binary-name` or checks for the presence of configuration files by checking `if [ -f path/to/file ]`. In the else condition, you should always include a warning message in the form of `logg warn "Warning message about what if check failed"`.
5. Every action in a script should be wrapped in if-else blocks that include a check for system requirements required for the particular action. This might include checks for binaries by using `if command -v binary-name` or checks for the presence of configuration files by checking `if [ -f path/to/file ]`. In the else condition, you should always include a warning message in the form of `gum log -sl warn "Warning message about what if check failed"`.
6. All of the scripts that run should only run when required. If a script ensures that the latest version of Node.js is being used, then the script should only run when Node.js is installed. This can be accomplished by wrapping everything in a script file with an `if-else` that checks for system states that can make use of the logic. Or, when possible, you can leverage Go templating.
7. Chezmoi stored variables should be used whenever possible. This allows end-users to make framework-wide changes by editting their configuration files. For instance, if you want to delete a file in the home directory, you should reference the file using `{{ chezmoi.homeDir }}` Go template binding instead of the `$HOME` variable (while ensuring the file name ends with `.tmpl` to make sure Install Doctor parses it as a Go template).

2
docs/customization/scripts.md
View file

@ -64,7 +64,7 @@ In another more complex example, a script that ensures fonts are added to the ap
find "$HOME/.local/share/fonts" -type f | while read FONT_FILE; do
BASENAME="$(basename "$FONT_FILE")"
if [ ! -f "$HOME/Library/Fonts/$BASENAME" ] || [ "$(openssl sha256 "$HOME/Library/Fonts/$BASENAME" | sed 's/.*= //')" != "$(openssl sha256 "$FONT_FILE" | sed 's/.*= //')" ]; then
logg info 'Adding '"$BASENAME"' to ~/Library/Fonts'
gum log -sl info 'Adding '"$BASENAME"' to ~/Library/Fonts'
cp "$FONT_FILE" "$HOME/Library/Fonts/$BASENAME"
fi
done

12
home/.chezmoiscripts/qubes/run_before_50-update-dom0.sh.tmpl
View file

@ -16,27 +16,27 @@
{{ includeTemplate "universal/logg-before" }}
### Configure dom0 repos
logg info 'Updating dom0 repos to include auxilary branches'
gum log -sl info 'Updating dom0 repos to include auxilary branches'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/qubes/qubes-templates.repo" /etc/qubes/repo-templates/qubes-templates.repo
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/qubes/qubes-dom0.repo" /etc/yum.repos.d/qubes-dom0.repo
### Update dom0
logg info 'Updating dom0 via qubesctl'
gum log -sl info 'Updating dom0 via qubesctl'
sudo qubesctl --show-output state.sls update.qubes-dom0
logg info 'Updating dom0 via qubes-dom0-update'
gum log -sl info 'Updating dom0 via qubes-dom0-update'
sudo qubes-dom0-update --clean -y
### Install qubes-repo-contrib
logg info "Installing qubes-repo-contrib"
gum log -sl info "Installing qubes-repo-contrib"
sudo qubes-dom0-update -y qubes-repo-contrib
### Install dependencies
for PACKAGE of {{ .qubes.dom0Packages | toString | replace "[" "" | replace "]" "" }}; do
logg info "Installing $PACKAGE"
gum log -sl info "Installing $PACKAGE"
sudo qubes-dom0-update -y "$PACKAGE" || true
done
### Ensure sys-whonix is running
logg info 'Ensuring sys-whonix is running'
gum log -sl info 'Ensuring sys-whonix is running'
qvm-start sys-whonix --skip-if-running
{{ end -}}

26
home/.chezmoiscripts/qubes/run_before_51-install-templates.sh.tmpl
View file

@ -14,21 +14,21 @@
installMirageFirewall() {
### Ensure mirage-firewall kernel folder setup
if [ ! -d /var/lib/qubes/vm-kernels/mirage-firewall ]; then
logg info 'Creating the /var/lib/qubes/vm-kernels/mirage-firewall directory'
gum log -sl info 'Creating the /var/lib/qubes/vm-kernels/mirage-firewall directory'
sudo mkdir -p /var/lib/qubes/vm-kernels/mirage-firewall
fi
### Install the mirage-firewall kernel
if [ ! -f /var/lib/qubes/vm-kernels/mirage-firewall/vmlinuz ]; then
logg info 'Downloading the pre-compiled mirage firewall kernel in the {{ .qubes.provisionVM }} VM'
gum log -sl info 'Downloading the pre-compiled mirage firewall kernel in the {{ .qubes.provisionVM }} VM'
qvm-run provision 'curl -sSL {{ .qubes.mirageUrl }} > ~/Downloads/mirage-firewall.tar.gz && tar xjf ~/Downloads/mirage-firewall.tar.gz -C ~/Downloads'
logg info 'Transferring mirage-firewall kernel to dom0 from the {{ .qubes.provisionVM }} VM'
gum log -sl info 'Transferring mirage-firewall kernel to dom0 from the {{ .qubes.provisionVM }} VM'
qvm-run --pass-io {{ .qubes.provisionVM }} 'cat /home/user/Downloads/mirage-firewall/vmlinuz' > /var/lib/qubes/vm-kernels/mirage-firewall/vmlinuz
fi
### Create dummy initrmfs for the mirage-firewall kernel
if [ ! -f/var/lib/qubes/vm-kernels/mirage-firewall/initramfs ]; then
logg info 'Adding dummy initrmfs file to the mirage-firewall kernel folder'
gum log -sl info 'Adding dummy initrmfs file to the mirage-firewall kernel folder'
gzip -n9 < /dev/null > /var/lib/qubes/vm-kernels/mirage-firewall/initramfs
fi
}
@ -37,21 +37,21 @@ installMirageFirewall() {
# This script downloads unofficial templates defined in the `.qubes.templatesUnofficial` data key of `home/.chezmoidata.yaml` and then
# installs them in dom0 after transferring the downloads from a temporary Qube used for downloading the templates.
installUnofficialTemplate() {
logg info "Template URL: $1"
gum log -sl info "Template URL: $1"
TEMPLATE="$(echo "$1" | sed 's/^.*\/\(.*\)-\d+.\d+.\d+-\d+.noarch.rpm$/\1/')"
logg info "Template: $TEMPLATE"
gum log -sl info "Template: $TEMPLATE"
FILE="$(echo "$1" | sed 's/^.*\/\(.*-\d+.\d+.\d+-\d+.noarch.rpm\)$/\1/')"
logg info "File: $FILE"
gum log -sl info "File: $FILE"
if [ ! -f "/var/lib/qubes/vm-templates/$TEMPLATE" ]; then
logg info "Downloading the unofficial $TEMPLATE TemplateVM via {{ .qubes.provisionVM }}"
gum log -sl info "Downloading the unofficial $TEMPLATE TemplateVM via {{ .qubes.provisionVM }}"
qvm-run --pass-io "{{ .qubes.provisionVM }}" "curl -sSL "$TEMPLATE_URL" -o "/home/Downloads/$FILE""
logg info "Transferring the image to dom0"
gum log -sl info "Transferring the image to dom0"
qvm-run --pass-io "{{ .qubes.provisionVM }}" "cat /home/Downloads/$FILE" > "/tmp/$FILE"
logg info "Installing the TemplateVM via dnf"
gum log -sl info "Installing the TemplateVM via dnf"
sudo dnf install --nogpgcheck "/tmp/$FILE"
rm -f "/tmp/$FILE"
else
logg info "$TEMPLATE is already installed"
gum log -sl info "$TEMPLATE is already installed"
fi
}
@ -61,14 +61,14 @@ installUnofficialTemplate() {
# for the updates to finish.
updateTemplates() {
### Update TemplateVMs
logg info 'Updating TemplateVMs via qubesctl'
gum log -sl info 'Updating TemplateVMs via qubesctl'
timeout 900 qubesctl --show-output --skip-dom0 --templates state.sls update.qubes-vm
}
### Ensure Qubes templates exist and download if they are not present
for TEMPLATE of {{ .qubes.templates | toString | replace "[" "" | replace "]" "" }}; do
if [ ! -f "/var/lib/qubes/vm-templates/$TEMPLATE" ]; then
logg info "Installing $TEMPLATE"
gum log -sl info "Installing $TEMPLATE"
if [ -n "$DEBUG" ] || [ -n "$DEBUG_MODE" ]; then
sudo qubes-dom0-update "qubes-template-$TEMPLATE"
else

4
home/.chezmoiscripts/qubes/run_before_52-ensure-minimal-vms-passwordless.sh.tmpl
View file

@ -10,14 +10,14 @@
{{ includeTemplate "universal/logg-before" }}
debianPasswordlessRoot() {
logg info "Installing qubes-core-agent-passwordless-root on $1"
gum log -sl info "Installing qubes-core-agent-passwordless-root on $1"
qvm-run -u root "$1" apt-get update
qvm-run -u root "$1" apt-get install -y qubes-core-agent-passwordless-root
logg success "Successfully installed qubes-core-agent-passwordless-root on $1"
}
fedoraPasswordlessRoot() {
logg info "Installing qubes-core-agent-passwordless-root on $1"
gum log -sl info "Installing qubes-core-agent-passwordless-root on $1"
qvm-run -u root "$1" dnf install -y qubes-core-agent-passwordless-root
logg success "Successfully installed qubes-core-agent-passwordless-root on $1"
}

14
home/.chezmoiscripts/qubes/run_before_53-configure-sys-usb.sh.tmpl
View file

@ -10,25 +10,25 @@
{{ includeTemplate "universal/logg-before" }}
### Enable sys-usb
logg info 'Modifying Salt configuration to be able to enable sys-usb'
gum log -sl info 'Modifying Salt configuration to be able to enable sys-usb'
qubesctl top.enabled pillar=True || EXIT_CODE=$?
qubesctl state.highstate || EXIT_CODE=$?
logg info 'Ensuring sys-net-as-usbvm is removed'
gum log -sl info 'Ensuring sys-net-as-usbvm is removed'
qubesctl top.disable qvm.sys-net-as-usbvm pillar=True || EXIT_CODE=$?
logg info 'Ensuring sys-usb is setup and that it is properly configured with the keyboard'
gum log -sl info 'Ensuring sys-usb is setup and that it is properly configured with the keyboard'
qubesctl state.sls qvm.usb-keyboard
### Configure USB keyboard settings
if [ "{{ .qubes.promptKeyboards }}" = 'true' ]; then
logg info 'Ensure USB keyboards are only allows to connect after prompt is answered'
logg warn 'This can potentially lock you out if all you have are USB keyboards'
gum log -sl info 'Ensure USB keyboards are only allows to connect after prompt is answered'
gum log -sl warn 'This can potentially lock you out if all you have are USB keyboards'
echo "sys-usb dom0 ask,user=root,default_target=dom0" | sudo tee /etc/qubes-rpc/policy/qubes.InputKeyboard
else
logg info 'Ensuring USB keyboards can connect without a prompt'
gum log -sl info 'Ensuring USB keyboards can connect without a prompt'
echo "sys-usb dom0 allow,user=root" | sudo tee /etc/qubes-rpc/policy/qubes.InputKeyboard
fi
### Configure USB mouse settings
logg info 'Ensuring newly connected USB mouse devices are only allowed to connect after a prompt is accepted'
gum log -sl info 'Ensuring newly connected USB mouse devices are only allowed to connect after a prompt is accepted'
echo "sys-usb dom0 ask,default_target=dom0" | sudo tee /etc/qubes-rpc/policy/qubes.InputMouse
{{ end -}}

12
home/.chezmoiscripts/qubes/run_before_54-setup-sys-gui.sh.tmpl
View file

@ -11,7 +11,7 @@
### Enables sys-gui-gpu
enableSysGUIGPU() {
logg info 'Enabling sys-gui-gpu'
gum log -sl info 'Enabling sys-gui-gpu'
qubesctl top.enable qvm.sys-gui-gpu
qubesctl top.enable qvm.sys-gui-gpu pillar=True
qubesctl --all state.highstate
@ -20,16 +20,16 @@ enableSysGUIGPU() {
### Enable appropriate sys-gui
if qvm-pci list | grep 'VGA compatible controller' | grep 'Intel'; else
logg info 'An Intel GPU was detected'
gum log -sl info 'An Intel GPU was detected'
enableSysGUIGPU
logg info 'Attaching Intel GPU PCI devices to sys-gui-gpu'
gum log -sl info 'Attaching Intel GPU PCI devices to sys-gui-gpu'
qubesctl state.sls qvm.sys-gui-gpu-attach-gpu
elif qvm-pci list | grep 'VGA compatible controller' | grep 'NVIDIA'; then
logg info 'An NVIDIA GPU was detected'
gum log -sl info 'An NVIDIA GPU was detected'
enableSysGUIGPU
logg info 'Attaching NVIDIA GPU PCI devices to sys-gui-gpu'
gum log -sl info 'Attaching NVIDIA GPU PCI devices to sys-gui-gpu'
for ID of "$(qvm-pci list | grep 'NVIDIA' | sed 's/^\([^ ]*\).*/\1/')"; do
logg info "Attaching PCI device with ID of $ID"
gum log -sl info "Attaching PCI device with ID of $ID"
qvm-pci attach sys-gui-gpu "$ID" --persistent -o permissive=true
done
fi

284
home/.chezmoiscripts/universal/run_after_01-pre-install.sh.tmpl
View file

@ -10,7 +10,7 @@
addZshEnv() {
### Ensure /etc/zshenv is populated
# No equivalent type of file for Bash
logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/shell/exports.sh to /etc/zshenv" && sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/shell/exports.sh" /etc/zshenv
gum log -sl info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/shell/exports.sh to /etc/zshenv" && sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/shell/exports.sh" /etc/zshenv
}
# @description Ensures fonts are available at the system level and, on Linux, it configures the system font settings.
@ -18,29 +18,29 @@ applyFontsToSystem() {
### Sync user fonts with system fonts
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Copying fonts from ~/Library/Fonts and ~/.local/share/fonts to /Library/Fonts to make them available globally'
gum log -sl info 'Copying fonts from ~/Library/Fonts and ~/.local/share/fonts to /Library/Fonts to make them available globally'
FONT_DIR='/Library/Fonts'
### ~/Library/Fonts
if [ -d "$HOME/Library/Fonts" ]; then
logg info "Syncing $HOME/Library/Fonts to $FONT_DIR" && sudo rsync -av "$HOME/Library/Fonts" "$FONT_DIR"
gum log -sl info "Syncing $HOME/Library/Fonts to $FONT_DIR" && sudo rsync -av "$HOME/Library/Fonts" "$FONT_DIR"
fi
### ~/.local/share/fonts
if [ -d "${XDG_DATA_HOME:-$HOME/.local/share}/fonts" ]; then
logg info "Syncing ${XDG_DATA_HOME:-$HOME/.local/share}/fonts to $FONT_DIR" && sudo rsync -av "${XDG_DATA_HOME:-$HOME/.local/share}/fonts" "$FONT_DIR"
gum log -sl info "Syncing ${XDG_DATA_HOME:-$HOME/.local/share}/fonts to $FONT_DIR" && sudo rsync -av "${XDG_DATA_HOME:-$HOME/.local/share}/fonts" "$FONT_DIR"
fi
else
### Linux
### Copy fonts
logg info 'Copying fonts from ~/.local/share/fonts to /usr/local/share/fonts to make them available globally'
gum log -sl info 'Copying fonts from ~/.local/share/fonts to /usr/local/share/fonts to make them available globally'
FONT_DIR='/usr/local/share/fonts'
sudo rsync -av "${XDG_DATA_HOME:-$HOME/.local/share}/fonts" "$FONT_DIR"
### Configure system font properties
if [ -d /etc/fonts ]; then
logg info 'Copying ~/.config/fontconfig/fonts.conf to /etc/fonts/local.conf'
gum log -sl info 'Copying ~/.config/fontconfig/fonts.conf to /etc/fonts/local.conf'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/fontconfig/fonts.conf" /etc/fonts/local.conf
else
logg warn 'The /etc/fonts directory is missing'
gum log -sl warn 'The /etc/fonts directory is missing'
fi
fi
}
@ -58,7 +58,7 @@ applyLinuxThemeFiles() {
if [ "{{ .host.distro.family }}" = "linux" ]; then
### Ensure /usr/local/bin/squash-symlink is present
if [ ! -f /usr/local/bin/squash-symlink ] && [ -f "$HOME/.local/bin/squash-symlink" ]; then
logg info 'Copying ~/.local/bin/squash-symlink to /usr/local/bin/squash-symlink'
gum log -sl info 'Copying ~/.local/bin/squash-symlink to /usr/local/bin/squash-symlink'
sudo cp -f "$HOME/.local/bin/squash-symlink" /usr/local/bin/squash-symlink
sudo chmod +x /usr/local/bin/squash-symlink
fi
@ -79,18 +79,18 @@ applyLinuxThemeFiles() {
### Copy theme files over to /usr/local/share
if [ -d "$HOME/.local/src/{{ .theme | lower }}/share" ]; then
logg info 'Copying ~/.local/src/{{ .theme | lower }}/share to /usr/local/share'
gum log -sl info 'Copying ~/.local/src/{{ .theme | lower }}/share to /usr/local/share'
sudo rsync --chown=root:root --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r -artvu --inplace "${XDG_DATA_HOME:-$HOME/.local/share}/betelgeuse/share/" "/usr/local/share/" > /dev/null
else
logg warn '~/.local/share/betelgeuse/share is missing'
gum log -sl warn '~/.local/share/betelgeuse/share is missing'
fi
### Flatten GRUB theme files (i.e. convert symlinks to regular files)
if command -v squash-symlink > /dev/null; then
logg info 'Converting /usr/local/share/grub symlinks to equivalent regular files'
gum log -sl info 'Converting /usr/local/share/grub symlinks to equivalent regular files'
sudo find /usr/local/share/grub -type l -exec squash-symlink {} +
else
logg warn 'squash-symlink is not a script in the PATH'
gum log -sl warn 'squash-symlink is not a script in the PATH'
fi
### Ensure /usr/share/backgrounds/default.png is deleted
@ -124,7 +124,7 @@ applyLinuxThemeFiles() {
sudo cp -f '/usr/local/share/plymouth/themes/{{ .theme }}/icons/{{ .host.distro.id }}.png' '/usr/local/share/plymouth/themes/{{ .theme }}/icon.png'
logg success 'Added platform-specific icon to {{ .theme }} Plymouth theme'
else
logg warn 'The {{ .host.distro.id }}.png icon is not available in the icons folder insider the {{ .theme }} Plymouth theme'
gum log -sl warn 'The {{ .host.distro.id }}.png icon is not available in the icons folder insider the {{ .theme }} Plymouth theme'
fi
fi
}
@ -141,19 +141,19 @@ applyRootConfig() {
elif [ -d /root ]; then
ROOT_FOLDER="/root"
else
logg warn 'Unable to find root user folder location'
gum log -sl warn 'Unable to find root user folder location'
fi
if [ -n "$ROOT_FOLDER" ]; then
### Copy minimal set of profile configuration files
logg info "Copying ~/.bashrc to $ROOT_FOLDER/.bashrc" && sudo cp -f "$HOME/.bashrc" "$ROOT_FOLDER/.bashrc"
logg info "Copying ~/.zshrc to $ROOT_FOLDER/.zshrc" && sudo cp -f "$HOME/.zshrc" "$ROOT_FOLDER/.zshrc"
logg info "Ensuring ~/.config folder exists" && sudo mkdir -p "$ROOT_FOLDER/.config"
logg info "Copying ~/.config/shell to $ROOT_FOLDER/.config/shell" && sudo mkdir -p "$ROOT_FOLDER/.config" && sudo rm -rf "$ROOT_FOLDER/.config/shell" && sudo cp -rf "$HOME/.config/shell" "$ROOT_FOLDER/.config/shell"
gum log -sl info "Copying ~/.bashrc to $ROOT_FOLDER/.bashrc" && sudo cp -f "$HOME/.bashrc" "$ROOT_FOLDER/.bashrc"
gum log -sl info "Copying ~/.zshrc to $ROOT_FOLDER/.zshrc" && sudo cp -f "$HOME/.zshrc" "$ROOT_FOLDER/.zshrc"
gum log -sl info "Ensuring ~/.config folder exists" && sudo mkdir -p "$ROOT_FOLDER/.config"
gum log -sl info "Copying ~/.config/shell to $ROOT_FOLDER/.config/shell" && sudo mkdir -p "$ROOT_FOLDER/.config" && sudo rm -rf "$ROOT_FOLDER/.config/shell" && sudo cp -rf "$HOME/.config/shell" "$ROOT_FOLDER/.config/shell"
### Copy Autorestic configurations
logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/autorestic/autorestic-system.yml file to $ROOT_FOLDER/.autorestic.yml" && sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/autorestic/autorestic-system.yml" "$ROOT_FOLDER/.autorestic.yml"
logg info "Applying proper permissions to $ROOT_FOLDER/.autorestic.yml" && sudo chmod 600 "$ROOT_FOLDER/.autorestic.yml"
gum log -sl info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/autorestic/autorestic-system.yml file to $ROOT_FOLDER/.autorestic.yml" && sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/autorestic/autorestic-system.yml" "$ROOT_FOLDER/.autorestic.yml"
gum log -sl info "Applying proper permissions to $ROOT_FOLDER/.autorestic.yml" && sudo chmod 600 "$ROOT_FOLDER/.autorestic.yml"
fi
}
@ -165,15 +165,15 @@ applyRootConfig() {
# using the `ksetwallpaper` script found in `~/.local/bin/ksetwallpaper`.
applyWallpaper() {
{{ if (eq .host.distro.id "qubes") -}}
logg info 'Setting wallpaper to /usr/local/share/wallpapers/Betelgeuse/contents/images/3440x1440.jpg'
gum log -sl info 'Setting wallpaper to /usr/local/share/wallpapers/Betelgeuse/contents/images/3440x1440.jpg'
ksetwallpaper --file /usr/local/share/wallpapers/Betelgeuse/contents/images/3440x1440.jpg
{{ else -}}
### Set macOS wallpaper
if command -v m > /dev/null && [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/betelgeuse/share/wallpapers/Betelgeuse-macOS/contents/source.png" ]; then
logg info 'Setting macOS wallpaper with m'
gum log -sl info 'Setting macOS wallpaper with m'
m wallpaper "${XDG_DATA_HOME:-$HOME/.local/share}/betelgeuse/share/wallpapers/Betelgeuse-macOS/contents/source.png"
else
logg warn 'Either m or the macOS default wallpaper is missing.'
gum log -sl warn 'Either m or the macOS default wallpaper is missing.'
fi
{{ end -}}
}
@ -181,11 +181,11 @@ applyWallpaper() {
### Helper function for configureNetworkManager
ensureNetworkConfigs() {
if [ ! -d /etc/network/if-up.d ]; then
logg info 'Creating /etc/network/if-up.d folder'
gum log -sl info 'Creating /etc/network/if-up.d folder'
sudo mkdir -p /etc/network/if-up.d
fi
if [ ! -d /etc/network/if-post-down.d ]; then
logg info 'Creating /etc/network/if-post.d folder'
gum log -sl info 'Creating /etc/network/if-post.d folder'
sudo mkdir -p /etc/network/if-post.d
fi
}
@ -231,7 +231,7 @@ configureNetworkManagerVPNProfiles() {
elif command -v pacman > /dev/null; then
sudo pacman -Syu openvpn networkmanager*
else
logg warn 'Unknown package manager - install OpenVPN / WireGuard / NetworkManager plugins individually'
gum log -sl warn 'Unknown package manager - install OpenVPN / WireGuard / NetworkManager plugins individually'
fi
### Ensures `nmcli` (the CLI for NetworkManager) is available in the `PATH`
@ -240,7 +240,7 @@ configureNetworkManagerVPNProfiles() {
if [ '{{ $ovpnUsername }}' != '' ] && [ '{{ $ovpnPassword }}' != '' ]; then
find "${XDG_CONFIG_HOME:-$HOME/.config}/vpn" -type f -name "*.ovpn" | while read OVPN_FILE; do
### Adds the OpenVPN profiles by importing the `*.ovpn` files in `${XDG_CONFIG_HOME:-$HOME/.config}/vpn` and then applying the OpenVPN username and password
logg info "Adding $OVPN_FILE to NetworkManager OpenVPN profiles"
gum log -sl info "Adding $OVPN_FILE to NetworkManager OpenVPN profiles"
OVPN_NAME="$(basename "$OVPN_FILE" | sed 's/.ovpn$//')"
nmcli connection import type openvpn file "$OVPN_FILE"
nmcli connection modify "$OVPN_NAME" +vpn.data 'username={{- $ovpnUsername }}'
@ -256,8 +256,8 @@ configureNetworkManagerVPNProfiles() {
RESTART_NM=true
done
else
logg info 'Either the OpenVPN username or password is undefined.'
logg info 'See the docs/VARIABLES.md file for details.'
gum log -sl info 'Either the OpenVPN username or password is undefined.'
gum log -sl info 'See the docs/VARIABLES.md file for details.'
fi
{{ if (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) }}
@ -266,12 +266,12 @@ configureNetworkManagerVPNProfiles() {
find "${XDG_CONFIG_HOME:-$HOME/.config}/vpn" -type f -name "*.nmconnection" | while read WG_FILE; do
### Ensure the WireGuard NetworkManager plugin is available
if [ ! -d /usr/lib/NetworkManager/nm-wireguard-service ]; then
logg info 'The nm-wireguard-service is not present'
logg info 'Installing the nm-wireguard-service'
gum log -sl info 'The nm-wireguard-service is not present'
gum log -sl info 'Installing the nm-wireguard-service'
fi
### Add the WireGuard profiles
logg info "Adding $WG_FILE to /etc/NetworkManager/system-connections"
gum log -sl info "Adding $WG_FILE to /etc/NetworkManager/system-connections"
WG_FILENAME="$(basename "$WG_FILE")"
chezmoi decrypt "$WG_FILE" | sudo tee "/etc/NetworkManager/system-connections/$WG_FILENAME"
@ -285,17 +285,17 @@ configureNetworkManagerVPNProfiles() {
RESTART_NM=true
done
else
logg warn '/etc/NetworkManager/system-connections is not a directory!'
gum log -sl warn '/etc/NetworkManager/system-connections is not a directory!'
fi
{{ end -}}
### Restart NetworkManager if changes were made and environment is not WSL
if [ "$RESTART_NM" == 'true' ] && [[ ! "$(test -d proc && grep Microsoft /proc/version > /dev/null)" ]]; then
logg info 'Restarting NetworkManager since VPN profiles were updated'
gum log -sl info 'Restarting NetworkManager since VPN profiles were updated'
sudo service NetworkManager restart
fi
else
logg warn 'nmcli is unavailable'
gum log -sl warn 'nmcli is unavailable'
fi
fi
}
@ -311,46 +311,46 @@ configureSSHD() {
### Update /etc/ssh/sshd_config if environment is not WSL
if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
if [ -d /etc/ssh ]; then
logg info 'Copying ~/.ssh/system/banner to /etc/ssh/banner' && sudo cp -f "$HOME/.ssh/system/banner" /etc/ssh/banner
logg info 'Copying ~/.ssh/system/sshd_config to /etc/ssh/sshd_config' && sudo cp -f "$HOME/.ssh/system/sshd_config" /etc/ssh/sshd_config
gum log -sl info 'Copying ~/.ssh/system/banner to /etc/ssh/banner' && sudo cp -f "$HOME/.ssh/system/banner" /etc/ssh/banner
gum log -sl info 'Copying ~/.ssh/system/sshd_config to /etc/ssh/sshd_config' && sudo cp -f "$HOME/.ssh/system/sshd_config" /etc/ssh/sshd_config
if command -v semanage > /dev/null; then
logg info 'Apply SELinux configuration addressing custom SSH port' && sudo semanage port -a -t ssh_port_t -p tcp {{ .host.ssh.port }}
logg info 'Allow NIS SSHD' && sudo setsebool -P nis_enabled 1
gum log -sl info 'Apply SELinux configuration addressing custom SSH port' && sudo semanage port -a -t ssh_port_t -p tcp {{ .host.ssh.port }}
gum log -sl info 'Allow NIS SSHD' && sudo setsebool -P nis_enabled 1
fi
### Ensure keys are created
logg info 'Running sudo ssh-keygen -A' && sudo ssh-keygen -A
gum log -sl info 'Running sudo ssh-keygen -A' && sudo ssh-keygen -A
### Restart SSH server
if [ -d /Applications ] && [ -d /System ]; then
### macOS
if [ -f /etc/services ]; then
logg info 'Updating SSH configuration in /etc/services to point to port {{ .host.ssh.port }}'
gum log -sl info 'Updating SSH configuration in /etc/services to point to port {{ .host.ssh.port }}'
sudo sed -i.bak 's/ 22\/udp/ {{ .host.ssh.port }}\/udp/' /etc/services
sudo sed -i.bak 's/ 22\/tcp/ {{ .host.ssh.port }}\/tcp/' /etc/services
sudo rm -f /etc/services.bak
fi
logg info 'Running sudo systemsetup -setremotelogin on' && sudo systemsetup -setremotelogin on > /dev/null
gum log -sl info 'Running sudo systemsetup -setremotelogin on' && sudo systemsetup -setremotelogin on > /dev/null
if sudo launchctl list | grep 'com.openssh.sshd' > /dev/null; then
logg info 'Unloading previous com.openssh.sshd configuration'
gum log -sl info 'Unloading previous com.openssh.sshd configuration'
sudo launchctl unload /System/Library/LaunchDaemons/ssh.plist
fi
logg info 'Running sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist (Latest)' && sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist
logg info 'Running sudo launchctl stop com.openssh.sshd (High Sierra - errors muted)' && sudo launchctl stop com.openssh.sshd 2> /dev/null
logg info 'Running sudo launchctl start com.openssh.sshd (High Sierra - errors muted)' && sudo launchctl start com.openssh.sshd 2> /dev/null && logg info 'Successfully ran launchctl start com.openssh.sshd'
gum log -sl info 'Running sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist (Latest)' && sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist
gum log -sl info 'Running sudo launchctl stop com.openssh.sshd (High Sierra - errors muted)' && sudo launchctl stop com.openssh.sshd 2> /dev/null
gum log -sl info 'Running sudo launchctl start com.openssh.sshd (High Sierra - errors muted)' && sudo launchctl start com.openssh.sshd 2> /dev/null && gum log -sl info 'Successfully ran launchctl start com.openssh.sshd'
else
### Linux
logg info 'Enabling the sshd service'
gum log -sl info 'Enabling the sshd service'
sudo systemctl enable sshd
logg info 'Restarting the sshd service'
sudo systemctl restart sshd && logg info 'Successfully ran sudo systemctl restart sshd'
gum log -sl info 'Restarting the sshd service'
sudo systemctl restart sshd && gum log -sl info 'Successfully ran sudo systemctl restart sshd'
fi
else
logg warn 'The /etc/ssh folder does not exist'
gum log -sl warn 'The /etc/ssh folder does not exist'
fi
else
logg info 'Skipping sshd_config application since environment is WSL'
gum log -sl info 'Skipping sshd_config application since environment is WSL'
fi
}
@ -361,45 +361,45 @@ dconfSettings() {
if command -v dconf > /dev/null; then
### Update background to be OS-specific
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/dconf/settings/org.gnome.desktop.background" ]; then
logg info 'Checking for presence of /usr/local/share/wallpapers/Betelgeuse-{{ title .host.distro.id }}/contents/source.jpg'
gum log -sl info 'Checking for presence of /usr/local/share/wallpapers/Betelgeuse-{{ title .host.distro.id }}/contents/source.jpg'
if [ -f /usr/local/share/wallpapers/Betelgeuse-{{ title .host.distro.id }}/contents/source.jpg ]; then
logg info "Updating ${XDG_CONFIG_HOME:-$HOME/.config}/dconf/settings/org.gnome.desktop.background to point to OS-specific background"
gum log -sl info "Updating ${XDG_CONFIG_HOME:-$HOME/.config}/dconf/settings/org.gnome.desktop.background to point to OS-specific background"
TMP="$(mktemp)"
sed 's/Betelgeuse/Betelgeuse-{{ title .host.distro.id }}/g' < "${XDG_CONFIG_HOME:-$HOME/.config}/dconf/settings/org.gnome.desktop.background" > "$TMP"
mv "$TMP" "${XDG_CONFIG_HOME:-$HOME/.config}/dconf/settings/org.gnome.desktop.background"
else
logg info 'OS-specific background not found'
gum log -sl info 'OS-specific background not found'
fi
fi
### Backup system settings
DCONF_TMP="$(mktemp)"
dconf dump / > "$DCONF_TMP"
logg info 'Backed up system dconf settings to '"$DCONF_TMP"
gum log -sl info 'Backed up system dconf settings to '"$DCONF_TMP"
### Reset system settings / load saved configurations from ~/.config/dconf/settings
if [ -d "${XDG_CONFIG_HOME:-$HOME/.config}/dconf/settings" ]; then
find "${XDG_CONFIG_HOME:-$HOME/.config}/dconf/settings" -mindepth 1 -maxdepth 1 -type f | while read DCONF_CONFIG_FILE; do
if [ "$DEBUG_MODE" == 'true' ]; then
logg info 'Dconf configuration file:'
gum log -sl info 'Dconf configuration file:'
echo "$DCONF_CONFIG_FILE"
fi
DCONF_SETTINGS_ID="/$(basename "$DCONF_CONFIG_FILE" | sed 's/\./\//g')/"
if [ "$DEBUG_MODE" == 'true' ]; then
logg info 'Dconf settings ID:'
gum log -sl info 'Dconf settings ID:'
echo "$DCONF_SETTINGS_ID"
fi
### Reset dconf settings if environment variable RESET_DCONF is set to true
if [ "$RESET_DCONF" == 'true' ]; then
logg info 'Resetting dconf settings for '"$DCONF_SETTINGS_ID"''
gum log -sl info 'Resetting dconf settings for '"$DCONF_SETTINGS_ID"''
dconf reset -f "$DCONF_SETTINGS_ID"
fi
logg info 'Loading versioned dconf settings for '"$DCONF_SETTINGS_ID"''
gum log -sl info 'Loading versioned dconf settings for '"$DCONF_SETTINGS_ID"''
dconf load "$DCONF_SETTINGS_ID" < "$DCONF_CONFIG_FILE"
logg success 'Finished applying dconf settings for '"$DCONF_SETTINGS_ID"''
done
else
logg warn '~/.config/dconf/settings does not exist!'
gum log -sl warn '~/.config/dconf/settings does not exist!'
fi
fi
}
@ -414,20 +414,20 @@ dconfSettings() {
# key is only readable and writable the provisioning user.
decryptSSHKeys() {
### Unpack existing encrypted keys
logg info 'Decrypting SSH keys stored in the home/.chezmoitemplates/ssh folder of the Install Doctor repo / fork.'
gum log -sl info 'Decrypting SSH keys stored in the home/.chezmoitemplates/ssh folder of the Install Doctor repo / fork.'
find "{{ .chezmoi.sourceDir }}/.chezmoitemplates/ssh" -type f | while read SSH_FILE; do
### Decrypt SSH file with Chezmoi
logg info "Decrypting the $(basename "$SSH_FILE") encrypted SSH file"
gum log -sl info "Decrypting the $(basename "$SSH_FILE") encrypted SSH file"
chezmoi decrypt "$SSH_FILE" > "$HOME/.ssh/$(basename "$SSH_FILE")" || EXIT_CODE=$?
### Handle failed decryption with warning log message
if [ -n "$EXIT_CODE" ]; then
logg warn "Unable to decrypt the file stored in $SSH_FILE"
gum log -sl warn "Unable to decrypt the file stored in $SSH_FILE"
fi
### Apply appropriate permission to decrypted ~/.ssh file
if [ -f "$HOME/.ssh/$(basename "$SSH_FILE")" ]; then
logg info "Applying appropriate permissions on $HOME/.ssh/$(basename "$SSH_FILE")"
gum log -sl info "Applying appropriate permissions on $HOME/.ssh/$(basename "$SSH_FILE")"
chmod 600 "$HOME/.ssh/$(basename "$SSH_FILE")"
fi
done
@ -448,29 +448,29 @@ decryptSSHKeys() {
# is populated via the definition in `home/.chezmoiexternal.toml.tmpl`.
emscriptenInstall() {
if [ -d "${XDG_DATA_HOME:-$HOME/.local/share}/emsdk" ]; then
logg info 'Pulling latest changes for Emscripten source code' && cd "${XDG_DATA_HOME:-$HOME/.local/share}/emsdk" && git pull
logg info "Running emsdk install latest" && emsdk install latest > /dev/null
logg info "Running emsdk activate latest" && emsdk activate latest > /dev/null
logg info 'Profile source inclusions are already implemented in Bash / ZSH profile'
gum log -sl info 'Pulling latest changes for Emscripten source code' && cd "${XDG_DATA_HOME:-$HOME/.local/share}/emsdk" && git pull
gum log -sl info "Running emsdk install latest" && emsdk install latest > /dev/null
gum log -sl info "Running emsdk activate latest" && emsdk activate latest > /dev/null
gum log -sl info 'Profile source inclusions are already implemented in Bash / ZSH profile'
fi
}
ensurePipUpdated() {
### python3.10 pip update
if command -v python3.10 > /dev/null; then
logg info 'Ensuring python3.10 pip is updated' && python3.10 -m pip install --upgrade pip > /dev/null &
logg info 'Ensuring python3.10 setuptools is updated' && python3.10 -m pip install --upgrade setuptools > /dev/null &
gum log -sl info 'Ensuring python3.10 pip is updated' && python3.10 -m pip install --upgrade pip > /dev/null &
gum log -sl info 'Ensuring python3.10 setuptools is updated' && python3.10 -m pip install --upgrade setuptools > /dev/null &
fi
### python3.11 pip update
if command -v python3.11 > /dev/null; then
logg info 'Ensuring python3.11 pip is updated' && python3.11 -m pip install --upgrade pip > /dev/null &
logg info 'Ensuring python3.11 setuptools is updated' && python3.11 -m pip install --upgrade setuptools > /dev/null &
gum log -sl info 'Ensuring python3.11 pip is updated' && python3.11 -m pip install --upgrade pip > /dev/null &
gum log -sl info 'Ensuring python3.11 setuptools is updated' && python3.11 -m pip install --upgrade setuptools > /dev/null &
fi
### python3.12 pip update
# if command -v python3.12 > /dev/null; then
# logg info 'Ensuring python3.12 pip is updated' && python3.12 -m pip install --upgrade pip > /dev/null &
# gum log -sl info 'Ensuring python3.12 pip is updated' && python3.12 -m pip install --upgrade pip > /dev/null &
# fi
wait
}
@ -483,13 +483,13 @@ ensureQtStyleOverride() {
if [ ! -d /Applications ] || [ ! -d /System ]; then
### Linux
### Ensure QT_STYLE_OVERRIDE is set in /etc/environment
logg info 'Ensuring QT_STYLE_OVERRIDE is set in /etc/environment'
gum log -sl info 'Ensuring QT_STYLE_OVERRIDE is set in /etc/environment'
if cat /etc/environment | grep QT_STYLE_OVERRIDE > /dev/null; then
sudo sed -i 's/.*QT_STYLE_OVERRIDE.*/export QT_STYLE_OVERRIDE=kvantum-dark/' /etc/environment
logg info 'Updated QT_STYLE_OVERRIDE in /etc/environment'
gum log -sl info 'Updated QT_STYLE_OVERRIDE in /etc/environment'
else
echo 'export QT_STYLE_OVERRIDE=kvantum-dark' | sudo tee -a /etc/environment
logg info 'Added QT_STYLE_OVERRIDE to /etc/environment'
gum log -sl info 'Added QT_STYLE_OVERRIDE to /etc/environment'
fi
fi
}
@ -498,9 +498,9 @@ ensureQtStyleOverride() {
ensureSystemGemUpdated() {
### Ensure gem is updated
if command -v gem > /dev/null; then
logg info 'Ensuring system gem is updated' && gem update --system > /dev/null
gum log -sl info 'Ensuring system gem is updated' && gem update --system > /dev/null
else
logg info 'Could not find gem in PATH so skipping gem system update'
gum log -sl info 'Could not find gem in PATH so skipping gem system update'
fi
}
@ -555,7 +555,7 @@ gnomeExtensionSettings() {
done
done
else
logg warn 'The ~/.config/desktop/gnome.yml file is missing so GNOME extension install orders cannot be calculated'
gum log -sl warn 'The ~/.config/desktop/gnome.yml file is missing so GNOME extension install orders cannot be calculated'
fi
### Remove /tmp/install-gnome-extensions.txt if it is empty
@ -566,23 +566,23 @@ gnomeExtensionSettings() {
### Install the GNOME extensions using the `install-gnome-extensions` script
if command -v install-gnome-extensions > /dev/null; then
if [ -f /tmp/install-gnome-extensions.txt ]; then
logg info 'Running the install-gnome-extensions script'
gum log -sl info 'Running the install-gnome-extensions script'
cd /tmp
install-gnome-extensions --enable --overwrite --file /tmp/install-gnome-extensions.txt
rm -f /tmp/install-gnome-extensions.txt
logg success 'Finished installing the GNOME extensions'
else
logg info 'No new GNOME extensions to install'
gum log -sl info 'No new GNOME extensions to install'
fi
else
logg warn 'Cannot install GNOME extensions because the install-gnome-extensions script is missing from ~/.local/bin'
gum log -sl warn 'Cannot install GNOME extensions because the install-gnome-extensions script is missing from ~/.local/bin'
fi
### Apply plugin gsettings
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/desktop/gnome.yml" ]; then
cat "$TMP_YQ" | jq -c '.default_gnome_extensions[] | tojson' | while read EXT; do
if [ "$DEBUG_MODE" == 'true' ]; then
logg info 'Extension data:'
gum log -sl info 'Extension data:'
echo "$EXT"
fi
TMP="$(mktemp)"
@ -590,21 +590,21 @@ gnomeExtensionSettings() {
EXT_URL="$(cat "$TMP" | jq -r '.url')"
EXT_ID="$(cat "$TMP" | jq -r '.regex')"
if [ "$DEBUG_MODE" == 'true' ]; then
logg info 'Extension ID:'
gum log -sl info 'Extension ID:'
echo "$EXT_ID"
fi
EXT_SETTINGS_TYPE="$(cat "$TMP" | jq -r '.settings | type')"
EXT_SETTINGS="$(cat "$TMP" | jq -r '.settings')"
if [ "$EXT_SETTINGS" != 'null' ]; then
logg info 'Evaluating extension settings for '"$EXT_ID"''
gum log -sl info 'Evaluating extension settings for '"$EXT_ID"''
if [ "$EXT_SETTINGS_TYPE" == 'array' ]; then
cat "$TMP" | jq -r '.settings[]' | while read EXT_SETTING; do
logg info 'Applying following extension setting:'
gum log -sl info 'Applying following extension setting:'
echo "$EXT_SETTING"
eval "$EXT_SETTING"
done
else
logg info 'Applying following extension setting:'
gum log -sl info 'Applying following extension setting:'
echo "$EXT_SETTINGS"
eval "$EXT_SETTINGS"
fi
@ -636,7 +636,7 @@ grubSettings() {
sudo cp -rf /usr/local/share/grub/themes /boot/grub2/
logg success 'Copied GRUB themes in /usr/local/share/grub/themes to /boot/grub2/themes'
else
logg warn '/usr/local/share/grub/themes is missing'
gum log -sl warn '/usr/local/share/grub/themes is missing'
fi
### Set default GRUB screen resolution variables
@ -652,16 +652,16 @@ grubSettings() {
logg success "Screen detected as $SCREEN_WIDTH x $SCREEN_HEIGHT (ratio of $SCREEN_RATIO)"
if (( $(echo "$SCREEN_RATIO $SCREEN_RATIO_ULTRAWIDE" | awk '{print ($1 > $2)}') )); then
GRUB_RESOLUTION_TYPE="ultrawide"
logg info 'GRUB resolution registered as ultrawide'
gum log -sl info 'GRUB resolution registered as ultrawide'
fi
else
logg warn 'Missing either xrandr or uniq (required for calculating screen size ratio)'
gum log -sl warn 'Missing either xrandr or uniq (required for calculating screen size ratio)'
fi
### Optimize the GRUB resolution
if [ -f /etc/default/grub ]; then
### GRUB_GFXMODE
logg info 'Setting GRUB_GFXMODE=auto in /etc/default/grub'
gum log -sl info 'Setting GRUB_GFXMODE=auto in /etc/default/grub'
if cat /etc/default/grub | grep GRUB_GFX_MODE > /dev/null; then
sudo sed -i 's/.*GRUB_GFXMODE.*/GRUB_GFXMODE=auto/' /etc/default/grub
else
@ -669,7 +669,7 @@ grubSettings() {
fi
### GRUB_GFXPAYLOAD_LINUX
logg info 'Setting GRUB_GFXPAYLOAD_LINUX=keep in /etc/default/grub'
gum log -sl info 'Setting GRUB_GFXPAYLOAD_LINUX=keep in /etc/default/grub'
if cat /etc/default/grub | grep GRUB_GFXPAYLOAD_LINUX > /dev/null; then
sudo sed -i 's/.*GRUB_GFXPAYLOAD_LINUX.*/GRUB_GFXPAYLOAD_LINUX="keep"/' /etc/default/grub
else
@ -677,7 +677,7 @@ grubSettings() {
fi
### GRUB_THEME
logg info 'Setting GRUB_THEME={{ .theme }} in /etc/default/grub'
gum log -sl info 'Setting GRUB_THEME={{ .theme }} in /etc/default/grub'
if cat /etc/default/grub | grep GRUB_THEME > /dev/null; then
sudo sed -i 's/.*GRUB_THEME.*/GRUB_THEME="{{ .theme }}-'"$GRUB_RESOLUTION_TYPE"'"/' /etc/default/grub
else
@ -687,7 +687,7 @@ grubSettings() {
### GRUB_BACKGROUND
# Removed since the background should be flat black which is configurable
# Leaving this code here in case we need to add a flat black image background for some reason
# logg info 'Setting GRUB_BACKGROUND=/usr/local/share/grub/{{ .theme }}-blue.png in /etc/default/grub'
# gum log -sl info 'Setting GRUB_BACKGROUND=/usr/local/share/grub/{{ .theme }}-blue.png in /etc/default/grub'
# if cat /etc/default/grub | grep GRUB_BACKGROUND > /dev/null; then
# sudo sed -i 's/.*GRUB_BACKGROUND.*/GRUB_BACKGROUND="\/usr\/local\/share\/grub\/{{ .theme }}-blue.png"/' /etc/default/grub
# else
@ -695,7 +695,7 @@ grubSettings() {
# fi
### GRUB_TIMEOUT
logg info 'Setting GRUB_TIMEOUT={{ .grub.timeout }} in /etc/default/grub'
gum log -sl info 'Setting GRUB_TIMEOUT={{ .grub.timeout }} in /etc/default/grub'
if cat /etc/default/grub | grep GRUB_TIMEOUT > /dev/null; then
sudo sed -i 's/.*GRUB_TIMEOUT.*/GRUB_TIMEOUT="{{ .grub.timeout }}"/' /etc/default/grub
else
@ -703,15 +703,15 @@ grubSettings() {
fi
### GRUB_FORCE_HIDDEN_MENU
logg info 'Setting GRUB_FORCE_HIDDEN_MENU={{ .grub.shiftToSee }} in /etc/default/grub'
gum log -sl info 'Setting GRUB_FORCE_HIDDEN_MENU={{ .grub.shiftToSee }} in /etc/default/grub'
sudo sed -i '/GRUB_FORCE_HIDDEN_MENU/d' /etc/default/grub
echo "GRUB_FORCE_HIDDEN_MENU={{ .grub.shiftToSee }}" | sudo tee -a /etc/default/grub > /dev/null
### Remove duplicate lines in /etc/default/grub
logg info 'Ensuring there are no duplicate entries in /etc/default/grub'
gum log -sl info 'Ensuring there are no duplicate entries in /etc/default/grub'
cat /etc/default/grub | uniq | sudo tee /etc/default/grub > /dev/null
else
logg warn '/etc/default/grub is missing'
gum log -sl warn '/etc/default/grub is missing'
fi
### Determine platform-specific icon to use
@ -731,14 +731,14 @@ grubSettings() {
sudo cp -f /boot/grub2/themes/{{ .theme }}-$GRUB_RESOLUTION_TYPE/icons/$GRUB_ICON.png /boot/grub2/themes/{{ .theme }}-$GRUB_RESOLUTION_TYPE/icon.png
logg success 'Copied platform-specific icon to GRUB2 theme folder'
else
logg warn "/boot/grub2/themes/{{ .theme }}-$GRUB_RESOLUTION_TYPE/icons/$GRUB_ICON.png is missing"
gum log -sl warn "/boot/grub2/themes/{{ .theme }}-$GRUB_RESOLUTION_TYPE/icons/$GRUB_ICON.png is missing"
fi
### Hide unnecessary Boot messages and Bliking cursor
GRUB_DEFAULT_CMDLINE=$(grep 'GRUB_CMDLINE_LINUX_DEFAULT' /etc/default/grub)
if [[ -n $GRUB_DEFAULT_CMDLINE ]]; then
KERNEL_PARAMS_QUIET=$(echo "$GRUB_DEFAULT_CMDLINE" | grep 'quiet')
logg info 'Updating GRUB_CMDLINE_LINUX_DEFAULT to hide log messages'
gum log -sl info 'Updating GRUB_CMDLINE_LINUX_DEFAULT to hide log messages'
if [[ -z $KERNEL_PARAMS_QUIET ]]; then
sudo sed -i 's/^GRUB_CMDLINE_LINUX_DEFAULT="/GRUB_CMDLINE_LINUX_DEFAULT="quiet loglevel=3 systemd.show_status=auto rd.udev.log_level=3 vt.global_cursor_default=0 /' /etc/default/grub
else
@ -746,7 +746,7 @@ grubSettings() {
sudo sed -i "s/^GRUB_CMDLINE_LINUX_DEFAULT.*/${NEW_KERNEL_PARAMS}/" /etc/default/grub
fi
else
logg info 'GRUB_CMDLINE_LINUX_DEFAULT was not present, adding one with parameters to hide log messages'
gum log -sl info 'GRUB_CMDLINE_LINUX_DEFAULT was not present, adding one with parameters to hide log messages'
echo 'GRUB_CMDLINE_LINUX_DEFAULT="quiet loglevel=3 systemd.show_status=auto rd.udev.log_level=3 vt.global_cursor_default=0"' | sudo tee -a /etc/default/grub > /dev/null
fi
@ -758,7 +758,7 @@ grubSettings() {
elif sudo which grub-mkconfig > /dev/null; then
sudo ln -s "$(sudo which grub-mkconfig)" /usr/bin/grub2-mkconfig
else
logg warn 'Neither grub2-mkconfig or grub-mkconfig are available'
gum log -sl warn 'Neither grub2-mkconfig or grub-mkconfig are available'
fi
fi
@ -767,32 +767,32 @@ grubSettings() {
if [ "$DEBUG_MODE" != 'true' ]; then
if command -v grub2-mkconfig > /dev/null; then
if [ -d /sys/firmware/efi ]; then
logg info 'Assuming system is UEFI-enabled since /sys/firmware/efi is present'
gum log -sl info 'Assuming system is UEFI-enabled since /sys/firmware/efi is present'
if [ -f /boot/efi/EFI/qubes/grub.cfg ]; then
logg info 'Running sudo grub2-mkconfig -o /boot/efi/EFI/qubes/grub.cfg'
gum log -sl info 'Running sudo grub2-mkconfig -o /boot/efi/EFI/qubes/grub.cfg'
sudo grub2-mkconfig -o /boot/efi/EFI/qubes/grub.cfg
logg success 'Applied GRUB2 theme'
elif [ -f /boot/efi/EFI/grub.cfg ]; then
logg info 'Running sudo grub2-mkconfig -o /boot/efi/EFI/grub.cfg'
gum log -sl info 'Running sudo grub2-mkconfig -o /boot/efi/EFI/grub.cfg'
sudo grub2-mkconfig -o /boot/efi/EFI/grub.cfg
logg success 'Applied GRUB2 theme'
else
logg warn 'Unknown GRUB2 configuration - not applying GRUB2 theme'
gum log -sl warn 'Unknown GRUB2 configuration - not applying GRUB2 theme'
fi
else
logg info 'Assuming system is non-UEFI since /sys/firmware/efi is not present'
logg info 'Running sudo grub2-mkconfig -o /boot/grub2/grub.cfg'
gum log -sl info 'Assuming system is non-UEFI since /sys/firmware/efi is not present'
gum log -sl info 'Running sudo grub2-mkconfig -o /boot/grub2/grub.cfg'
sudo grub2-mkconfig -o /boot/grub2/grub.cfg
logg success 'Applied GRUB2 theme'
fi
elif [ -f /usr/sbin/update-grub ]; then
logg info 'Running sudo update-grub'
gum log -sl info 'Running sudo update-grub'
sudo update-grub
else
logg warn 'Unable to find appropriate GRUB mkconfig command'
gum log -sl warn 'Unable to find appropriate GRUB mkconfig command'
fi
else
logg info 'Skipping GRUB2 theme application because DEBUG_MODE is set to true'
gum log -sl info 'Skipping GRUB2 theme application because DEBUG_MODE is set to true'
fi
fi
}
@ -810,12 +810,12 @@ installDockerRclonePlugin() {
# First, ensure Docker Rclone configuration exists (which only happens when the Chezmoi Age decryption key is present as well as keys for Rclone)
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/docker-rclone.conf" ]; then
### Ensure Docker Rclone plugin system folders exist
logg info 'Ensure Docker Rclone plugin system folders exist'
logg info 'Ensuring directory /var/lib/docker-plugins/rclone/config is created' && sudo mkdir -p /var/lib/docker-plugins/rclone/config
logg info 'Ensuring directory /var/lib/docker-plugins/rclone/cache is created' && sudo mkdir -p /var/lib/docker-plugins/rclone/cache
gum log -sl info 'Ensure Docker Rclone plugin system folders exist'
gum log -sl info 'Ensuring directory /var/lib/docker-plugins/rclone/config is created' && sudo mkdir -p /var/lib/docker-plugins/rclone/config
gum log -sl info 'Ensuring directory /var/lib/docker-plugins/rclone/cache is created' && sudo mkdir -p /var/lib/docker-plugins/rclone/cache
### Copy Rclone configuration
logg info "Copy the Rclone configuration from ${XDG_CONFIG_HOME:-$HOME/.config}/rclone/docker-rclone.conf to /var/lib/docker-plugins/rclone/config/rclone.conf"
gum log -sl info "Copy the Rclone configuration from ${XDG_CONFIG_HOME:-$HOME/.config}/rclone/docker-rclone.conf to /var/lib/docker-plugins/rclone/config/rclone.conf"
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/docker-rclone.conf" /var/lib/docker-plugins/rclone/config/rclone.conf
### Install the Rclone Docker plugin (if not already installed)
@ -827,9 +827,9 @@ installDockerRclonePlugin() {
installLocalBinPackageJson() {
if [ -f "$HOME/.local/bin/package.json" ]; then
logg info 'Installing NPM packages in ~/.local/bin/package.json'
gum log -sl info 'Installing NPM packages in ~/.local/bin/package.json'
cd "$HOME/.local/bin" && npm i --force
logg info 'Installed NPM packages in ~/.local/bin'
gum log -sl info 'Installed NPM packages in ~/.local/bin'
fi
}
@ -838,23 +838,23 @@ installTerminalTheme() {
if command -v install-terminal-theme > /dev/null; then
install-terminal-theme
else
logg warn 'install-terminal-theme is not available'
gum log -sl warn 'install-terminal-theme is not available'
fi
}
# @description
# This script loads crontab jobs that are defined and housed in your Install Doctor fork.
loadCronjobs() {
logg info 'Installing user crontab jobs'
gum log -sl info 'Installing user crontab jobs'
crontab < "${XDG_CONFIG_HOME:-$HOME/.config}/crontab/config-user" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error 'Failed to load cronjobs for user'
gum log -sl error 'Failed to load cronjobs for user'
fi
logg info 'Installing system crontab jobs'
gum log -sl info 'Installing system crontab jobs'
sudo crontab < "${XDG_CONFIG_HOME:-$HOME/.config}/crontab/config-system" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error 'Failed to load cronjobs for system'
gum log -sl error 'Failed to load cronjobs for system'
fi
}
@ -869,7 +869,7 @@ macOSSettings() {
# @description Ensures all files in `~/.local/bin` are executable
makeLocalBinExecutable() {
logg info 'Ensuring all files in ~/.local/bin are executable'
gum log -sl info 'Ensuring all files in ~/.local/bin are executable'
find "$HOME/.local/bin" -mindepth 1 -maxdepth 2 -type f | while read EXE_FILE; do
if [ "$(echo -n "$EXE_FILE" | tail -c 3)" != ".md" ]; then
chmod +x "$EXE_FILE"
@ -895,13 +895,13 @@ makeLocalBinExecutable() {
# * Move installation logic into the ZX installer so that Ansible and its dependencies are only installed when required
# * Remove Ansible dependency completely
symlinkAnsibleRoles() {
logg info 'Ensuring Gas Station roles are symlinked to ~/.local/share/ansible/roles'
gum log -sl info 'Ensuring Gas Station roles are symlinked to ~/.local/share/ansible/roles'
mkdir -p "${XDG_DATA_HOME:-$HOME/.local/share}/ansible/roles"
find "${XDG_DATA_HOME:-$HOME/.local/share}/gas-station/roles" -mindepth 2 -maxdepth 2 -type d | while read ROLE_PATH; do
ROLE_FOLDER="professormanhattan.$(echo "$ROLE_PATH" | sed 's/.*\/\([^\/]*\)$/\1/')"
ALT_ROLE_FOLDER="$(echo "$ROLE_PATH" | sed 's/.*\/\([^\/]*\)$/\1/')"
if [ ! -d "${XDG_DATA_HOME:-$HOME/.local/share}/ansible/roles/$ROLE_FOLDER" ] || [ "$(readlink -f "${XDG_DATA_HOME:-$HOME/.local/share}/ansible/roles/$ROLE_FOLDER")" != "$ROLE_PATH" ]; then
logg info 'Symlinking '"$ROLE_FOLDER"''
gum log -sl info 'Symlinking '"$ROLE_FOLDER"''
rm -f "${XDG_DATA_HOME:-$HOME/.local/share}/ansible/roles/$ROLE_FOLDER"
ln -s "$ROLE_PATH" "${XDG_DATA_HOME:-$HOME/.local/share}/ansible/roles/$ROLE_FOLDER"
fi
@ -915,18 +915,18 @@ symlinkAnsibleRoles() {
### Install Ansible Galaxy and dependencies if missing
if ! command -v ansible-galaxy > /dev/null; then
if ! command -v pipx > /dev/null; then
logg info 'Installing pipx via Homebrew'
gum log -sl info 'Installing pipx via Homebrew'
brew install --quiet pipx
logg info 'Running pipx ensurepath'
gum log -sl info 'Running pipx ensurepath'
pipx ensurepath
fi
logg info 'Installing ansible-core via pipx'
gum log -sl info 'Installing ansible-core via pipx'
pipx install ansible
if [ -d /Applications ] && [ -d /System ]; then
logg info 'Injecting macOS-specific pipx dependencies via pipx'
gum log -sl info 'Injecting macOS-specific pipx dependencies via pipx'
pipx inject ansible PyObjC PyObjC-core
fi
logg info 'Injecting Ansible dependencies via pipx'
gum log -sl info 'Injecting Ansible dependencies via pipx'
pipx inject ansible docker lxml netaddr pexpect python-vagrant pywinrm requests-credssp watchdog
mkdir -p "${XDG_CACHE_HOME:-$HOME/.cache}/megabyte-labs"
touch "${XDG_CACHE_HOME:-$HOME/.cache}/megabyte-labs/ansible-installed"
@ -934,27 +934,27 @@ symlinkAnsibleRoles() {
### Ensure Ansible Galaxy was successfully loaded and then install the Ansible Galaxy requirements
if command -v ansible-galaxy > /dev/null; then
logg info 'Ensuring Ansible Galaxy collections are installed'
gum log -sl info 'Ensuring Ansible Galaxy collections are installed'
export ANSIBLE_CONFIG="${XDG_DATA_HOME:-$HOME/.local/share}/ansible/ansible.cfg"
ansible-galaxy install -r "${XDG_DATA_HOME:-$HOME/.local/share}/ansible/requirements.yml" > /dev/null || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error 'Failed to install Ansible requirements from Ansible Galaxy'
gum log -sl error 'Failed to install Ansible requirements from Ansible Galaxy'
if [ -d "${XDG_DATA_HOME:-$HOME/.local/share}/gas-station/collections" ]; then
logg info 'Attempting to use locally stored Ansible requirements'
gum log -sl info 'Attempting to use locally stored Ansible requirements'
cd "${XDG_DATA_HOME:-$HOME/.local/share}/gas-station/collections"
ansible-galaxy install -r requirements.yml || SECOND_EXIT_CODE=$?
if [ -n "$SECOND_EXIT_CODE" ]; then
logg error 'Failed to install requirements from both the cloud and the local copy' && exit 1
gum log -sl error 'Failed to install requirements from both the cloud and the local copy' && exit 1
fi
else
logg warn "${XDG_DATA_HOME:-$HOME/.local/share}/gas-station/collections is missing"
gum log -sl warn "${XDG_DATA_HOME:-$HOME/.local/share}/gas-station/collections is missing"
fi
fi
else
logg warn 'Unable to install the Ansible Galaxy requirements.yml since the ansible-galaxy executable is missing from the PATH'
gum log -sl warn 'Unable to install the Ansible Galaxy requirements.yml since the ansible-galaxy executable is missing from the PATH'
fi
else
logg warn '~/.local/share/ansible/requirements.yml is missing'
gum log -sl warn '~/.local/share/ansible/requirements.yml is missing'
fi
}
@ -967,7 +967,7 @@ symlinkAnsibleRoles() {
symlinkPython() {
### Symlink python3 to python if it is unavailable
if ! command -v python > /dev/null && command -v python3 > /dev/null; then
logg info 'Symlinking python3 to python since the latter is unavailable'
gum log -sl info 'Symlinking python3 to python since the latter is unavailable'
sudo ln -s "$(which python3)" /usr/local/bin/python
fi
}
@ -980,15 +980,15 @@ userLogFolders() {
USER_FOLDER="$(echo "$HOME_DIR" | sed 's/.*\/\([^\/]*\)$/\1/')"
if [ -d "$HOME_DIR/.local" ]; then
if [ ! -d "/var/log/user/$USER_FOLDER" ]; then
logg info 'Creating /var/log/user/'"$USER_FOLDER"'' && sudo mkdir -p "/var/log/user/$USER_FOLDER"
gum log -sl info 'Creating /var/log/user/'"$USER_FOLDER"'' && sudo mkdir -p "/var/log/user/$USER_FOLDER"
fi
logg info "Applying user permissions to /var/log/user/$USER_FOLDER" && sudo chown -Rf "$USER_FOLDER" "/var/log/user/$USER_FOLDER"
gum log -sl info "Applying user permissions to /var/log/user/$USER_FOLDER" && sudo chown -Rf "$USER_FOLDER" "/var/log/user/$USER_FOLDER"
fi
done
}
if [ -n "$DEBUG" ] || [ -n "$DEBUG_MODE" ]; then
logg info 'The DEBUG or DEBUG_MODE environment variable is set so the post-dotfile-application routine tasks will be run synchronously'
gum log -sl info 'The DEBUG or DEBUG_MODE environment variable is set so the post-dotfile-application routine tasks will be run synchronously'
addZshEnv
applyFontsToSystem
applyLinuxConfSettings
@ -1043,4 +1043,4 @@ else
wait
fi
logg info 'Completed post-dotfile-application routine'
gum log -sl info 'Completed post-dotfile-application routine'

8
home/.chezmoiscripts/universal/run_after_10-install.sh.tmpl
View file

@ -10,15 +10,15 @@
if command -v installx > /dev/null; then
if command -v zx > /dev/null; then
if command -v unbuffer > /dev/null; then
logg info 'Running unbuffer installx'
gum log -sl info 'Running unbuffer installx'
unbuffer installx --all
else
logg info 'Running installx'
gum log -sl info 'Running installx'
installx --all
fi
else
logg error 'zx is not available'
gum log -sl error 'zx is not available'
fi
else
logg error 'installx is not in the PATH. It should be located in ~/.local/bin.'
gum log -sl error 'installx is not in the PATH. It should be located in ~/.local/bin.'
fi

2
home/.chezmoiscripts/universal/run_after_15-chezmoi-system.sh.tmpl
View file

@ -4,4 +4,4 @@
# @description
# This script applies the `system/` Chezmoi directory to the root of the system.
logg info 'TODO - Implement system configuration apply'
gum log -sl info 'TODO - Implement system configuration apply'

118
home/.chezmoiscripts/universal/run_after_20-post-install.sh.tmpl
View file

@ -14,7 +14,7 @@
bashItPlugins() {
### Ensure Powerline is installed
if ! command -v powerline > /dev/null; then
logg info 'Installing powerline via install-program'
gum log -sl info 'Installing powerline via install-program'
installx powerline
fi
@ -22,14 +22,14 @@ bashItPlugins() {
export BASH_IT="${XDG_DATA_HOME:-$HOME/.local/share}/bash_it"
export BASH_IT_THEME="powerline"
if command -v powerline-daemon > /dev/null && [ -f "$BASH_IT/bash_it.sh" ] && ! command -v bash-it; then
logg info "Sourcing the bash_it.sh script"
gum log -sl info "Sourcing the bash_it.sh script"
. "$BASH_IT/bash_it.sh"
fi
### Ensure ble.sh installed
if [ -d "${XDG_DATA_HOME:-$HOME/.local/share}/blesh/src" ]; then
logg info 'Make installing blesh'
make -C "${XDG_DATA_HOME:-$HOME/.local/share}/blesh/src" install > /dev/null && logg info "Installed ble.sh" || logg error "Error running make -C "${XDG_DATA_HOME:-$HOME/.local/share}/blesh/src" install"
gum log -sl info 'Make installing blesh'
make -C "${XDG_DATA_HOME:-$HOME/.local/share}/blesh/src" install > /dev/null && gum log -sl info "Installed ble.sh" || gum log -sl error "Error running make -C "${XDG_DATA_HOME:-$HOME/.local/share}/blesh/src" install"
fi
### Bash-it completions / plugins
@ -37,43 +37,43 @@ bashItPlugins() {
if [ -d "$BASH_IT" ]; then
### Ensure bash-it is installed
if ! command -v bash-it > /dev/null; then
logg info 'Installing bash-it since it is not available yet as a command'
gum log -sl info 'Installing bash-it since it is not available yet as a command'
bash "$BASH_IT/install.sh" --silent --no-modify-config
else
logg info 'bash-it already available'
gum log -sl info 'bash-it already available'
fi
### Ensure completions are enabled
if [ ! -d "$BASH_IT/enabled" ]; then
logg info "Creating the $BASH_IT/enabled directory" && mkdir -p "$BASH_IT/enabled"
gum log -sl info "Creating the $BASH_IT/enabled directory" && mkdir -p "$BASH_IT/enabled"
fi
logg info "Changing directory to $BASH_IT/enabled" && cd "$BASH_IT/enabled"
logg info 'Enabling bash-it completions'
gum log -sl info "Changing directory to $BASH_IT/enabled" && cd "$BASH_IT/enabled"
gum log -sl info 'Enabling bash-it completions'
# TODO: Move these plugins to the .chezmoidata.yaml
for COMPLETION in defaults dirs docker docker-compose export git makefile ng ssh system vagrant; do
if ls "$BASH_IT/enabled" | grep "$COMPLETION" > /dev/null; then
rm -f "$BASH_IT/enabled/"*"$COMPLETION"* > /dev/null && logg info "Removed old $COMPLETION bash-it completion symlink" || logg error "Failed to remove $COMPLETION bash-it completion symlink"
rm -f "$BASH_IT/enabled/"*"$COMPLETION"* > /dev/null && gum log -sl info "Removed old $COMPLETION bash-it completion symlink" || gum log -sl error "Failed to remove $COMPLETION bash-it completion symlink"
fi
yes | bash-it enable completion "$COMPLETION" > /dev/null && logg info "Enabled the bash-it $COMPLETION completion plugin" || logg error "Failed to install the $COMPLETION bash-it completion plugin"
yes | bash-it enable completion "$COMPLETION" > /dev/null && gum log -sl info "Enabled the bash-it $COMPLETION completion plugin" || gum log -sl error "Failed to install the $COMPLETION bash-it completion plugin"
done
### Ensure plugins are enabled
logg info 'Enabling bash-it plugins'
gum log -sl info 'Enabling bash-it plugins'
# TODO: Move these plugins to the .chezmoidata.yaml
for PLUGIN in base blesh browser cht-sh dirs gitstatus powerline sudo xterm; do
if ls "$BASH_IT/enabled" | grep "$PLUGIN" > /dev/null; then
rm -f "$BASH_IT/enabled/"*"$PLUGIN"* > /dev/null && logg info "Removed old $PLUGIN bash-it plugin symlink" || logg error "Failed to remove $PLUGIN bash-it plugin symlink"
rm -f "$BASH_IT/enabled/"*"$PLUGIN"* > /dev/null && gum log -sl info "Removed old $PLUGIN bash-it plugin symlink" || gum log -sl error "Failed to remove $PLUGIN bash-it plugin symlink"
fi
yes | bash-it enable plugin "$PLUGIN" > /dev/null && logg info "Enabled the bash-it $PLUGIN plugin" || logg error "Failed to install the $PLUGIN bash-it plugin"
yes | bash-it enable plugin "$PLUGIN" > /dev/null && gum log -sl info "Enabled the bash-it $PLUGIN plugin" || gum log -sl error "Failed to install the $PLUGIN bash-it plugin"
done
else
logg warn 'The path specified by BASH_IT does not exist yet'
gum log -sl warn 'The path specified by BASH_IT does not exist yet'
fi
else
if ! command -v powerline > /dev/null; then
logg warn 'powerline is not available'
gum log -sl warn 'powerline is not available'
else
logg warn '~/.bashrc is missing'
gum log -sl warn '~/.bashrc is missing'
fi
fi
}
@ -86,17 +86,17 @@ candyIconTweaks() {
if [ -d "${XDG_DATA_HOME:-$HOME/.local/share}/candy-icons" ] && [ -d /usr/local/share/icons/Candy ]; then
sudo rsync --chown=root:root --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r -artu --inplace --exclude .git/ "${XDG_DATA_HOME:-$HOME/.local/share}/candy-icons/" "/usr/local/share/icons/Candy/"
else
logg warn 'Skipping synchronization of Candy icons since either the target or destination folder is not present'
gum log -sl warn 'Skipping synchronization of Candy icons since either the target or destination folder is not present'
fi
else
logg warn 'rsync is missing from the system!'
gum log -sl warn 'rsync is missing from the system!'
fi
### Additional icons
SOURCE_DIR="/usr/local/share/icons/Candy/apps/scalable"
TARGET_DIR="/usr/local/share/icons/Candy/apps/scalable"
if [ -d "$SOURCE_DIR" ] && [ -d "$TARGET_DIR" ]; then
logg info 'Adding similar substitutes for some apps in the Candy icons theme'
gum log -sl info 'Adding similar substitutes for some apps in the Candy icons theme'
if [ -f "$SOURCE_DIR/youtube-dl-gui.svg" ] && [ ! -f "$TARGET_DIR/com.github.Johnn3y.Forklift.svg" ]; then
sudo cp -f "$SOURCE_DIR/youtube-dl-gui.svg" "$TARGET_DIR/com.github.Johnn3y.Forklift.svg"
fi
@ -174,19 +174,19 @@ candyIconTweaks() {
DESKTOP_FILE_BASE="$(basename "$DESKTOP_FILE" | sed 's/.desktop$//')"
SNAP_ICON_BASE="$(echo "$DESKTOP_FILE_BASE" | sed 's/^[^_]*_//')"
if [ -f "/usr/local/share/icons/Candy/apps/scalable/${DESKTOP_FILE_BASE}.svg" ] || [ -f "/usr/local/share/icons/Candy/apps/scalable/${SNAP_ICON_BASE}.svg" ]; then
logg info "Found matching Candy icon theme icon for $DESKTOP_FILE"
gum log -sl info "Found matching Candy icon theme icon for $DESKTOP_FILE"
if [ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/applications/${DESKTOP_FILE_BASE}.desktop" ]; then
cp "$DESKTOP_FILE" "${XDG_DATA_HOME:-$HOME/.local/share}/applications"
logg info "Copied the .desktop shortcut to ${XDG_DATA_HOME:-$HOME/.local/share}/applications"
gum log -sl info "Copied the .desktop shortcut to ${XDG_DATA_HOME:-$HOME/.local/share}/applications"
if [ -f "/usr/local/share/icons/Candy/apps/scalable/${SNAP_ICON_BASE}.svg" ]; then
SNAP_ICON="${SNAP_ICON_BASE}"
else
SNAP_ICON="${DESKTOP_FILE_BASE}"
fi
logg info 'Setting the .desktop shortcut Icon value equal to '"$SNAP_ICON"''
gum log -sl info 'Setting the .desktop shortcut Icon value equal to '"$SNAP_ICON"''
sed -i 's/^Icon=.*$/Icon='"$SNAP_ICON"'/' "${XDG_DATA_HOME:-$HOME/.local/share}/applications/${DESKTOP_FILE_BASE}.desktop"
else
logg info "${XDG_DATA_HOME:-$HOME/.local/share}/applications/${DESKTOP_FILE_BASE}.desktop already exists!"
gum log -sl info "${XDG_DATA_HOME:-$HOME/.local/share}/applications/${DESKTOP_FILE_BASE}.desktop already exists!"
fi
fi
done
@ -210,22 +210,22 @@ configureVNC() {
# Source: https://apple.stackexchange.com/questions/30238/how-to-enable-os-x-screen-sharing-vnc-through-ssh
# To disable, run: sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -deactivate -configure -access -off
# Only enable when computer is not a corporate / work computer
logg info 'Enabling VNC using the VNC_PASSWORD variable which is vncpass when nothing is specified'
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -allowAccessFor -specifiedUsers -clientopts -setreqperm -reqperm yes -setvnclegacy -vnclegacy yes -setvncpw -vncpw "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_PASSWORD")) }}{{ includeTemplate "secrets/VNC_PASSWORD" | decrypt | trim }}{{ else }}{{ default "vncpass" (env "VNC_PASSWORD") }}{{ end }}" -restart -agent -privs -all -users "$USER" && logg info 'Finished running the macOS Remote Management kickstart executable'
gum log -sl info 'Enabling VNC using the VNC_PASSWORD variable which is vncpass when nothing is specified'
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -allowAccessFor -specifiedUsers -clientopts -setreqperm -reqperm yes -setvnclegacy -vnclegacy yes -setvncpw -vncpw "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_PASSWORD")) }}{{ includeTemplate "secrets/VNC_PASSWORD" | decrypt | trim }}{{ else }}{{ default "vncpass" (env "VNC_PASSWORD") }}{{ end }}" -restart -agent -privs -all -users "$USER" && gum log -sl info 'Finished running the macOS Remote Management kickstart executable'
else
### Linux
### VNC set-up / configuration
# KasmVNC / TigerVNC (or alternative VNC program) is installed
if command -v kasmvncpasswd > /dev/null; then
logg info 'Copying VNC configuration files from ~/.config/vnc/etc/kasmvnc/ to /etc/'
gum log -sl info 'Copying VNC configuration files from ~/.config/vnc/etc/kasmvnc/ to /etc/'
sudo cp -Rf "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/etc/kasmvnc/" /etc/
logg info 'Adding VNC full-control password to ~/.config/vnc/kasmpasswd'
gum log -sl info 'Adding VNC full-control password to ~/.config/vnc/kasmpasswd'
echo -e "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_PASSWORD")) }}{{ includeTemplate "secrets/VNC_PASSWORD" | decrypt | trim }}{{ else }}{{ default "vncpass" (env "VNC_PASSWORD") }}{{ end }}\n{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_PASSWORD")) }}{{ includeTemplate "secrets/VNC_PASSWORD" | decrypt | trim }}{{ else }}{{ default "vncpass" (env "VNC_PASSWORD") }}{{ end }}" | kasmvncpasswd -u {{ .user.name }} -rwo
logg info 'Adding VNC read-only password to ~/.config/vnc/kasmpasswd for user readonly'
gum log -sl info 'Adding VNC read-only password to ~/.config/vnc/kasmpasswd for user readonly'
echo -e "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_READ_PASSWORD")) }}{{ includeTemplate "secrets/VNC_READ_PASSWORD" | decrypt | trim }}{{ else }}{{ default "readonly" (env "VNC_READ_PASSWORD") }}{{ end }}\n{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_READ_PASSWORD")) }}{{ includeTemplate "secrets/VNC_READ_PASSWORD" | decrypt | trim }}{{ else }}{{ default "readonly" (env "VNC_READ_PASSWORD") }}{{ end }}" | kasmvncpasswd -u guest -r
logg info 'Reloading the systemctl configuration files since a new one for VNC may have been added'
gum log -sl info 'Reloading the systemctl configuration files since a new one for VNC may have been added'
sudo systemctl daemon-reload
logg info 'Enabling / starting the VNC service for the current user / display 1'
gum log -sl info 'Enabling / starting the VNC service for the current user / display 1'
sudo systemctl start vncserver@1
sudo systemctl enable vncserver@1
if command -v update-alternatives > /dev/null; then
@ -238,19 +238,19 @@ configureVNC() {
if [ ! -d "${XDG_CONFIG_HOME:-$HOME/.config}/vnc" ]; then
mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/vnc"
fi
logg info 'Copying VNC configuration files from ~/.config/vnc/etc/tigervnc/ to /etc/'
gum log -sl info 'Copying VNC configuration files from ~/.config/vnc/etc/tigervnc/ to /etc/'
sudo cp -Rf "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/etc/tigervnc/" /etc/
logg info 'Adding VNC full-control password to ~/.config/vnc/passwd'
gum log -sl info 'Adding VNC full-control password to ~/.config/vnc/passwd'
echo -n "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_PASSWORD")) }}{{ includeTemplate "secrets/VNC_PASSWORD" | decrypt | trim }}{{ else }}{{ default "vncpass" (env "VNC_PASSWORD") }}{{ end }}" | tigervncpasswd -f > "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/passwd"
logg info 'Adding VNC read-only password to ~/.config/vnc/passwd'
gum log -sl info 'Adding VNC read-only password to ~/.config/vnc/passwd'
echo -n "{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "VNC_READ_PASSWORD")) }}{{ includeTemplate "secrets/VNC_READ_PASSWORD" | decrypt | trim }}{{ else }}{{ default "readonly" (env "VNC_READ_PASSWORD") }}{{ end }}" | tigervncpasswd -f >> "${XDG_CONFIG_HOME:-$HOME/.config}/vnc/passwd"
logg info 'Reloading the systemctl configuration files since a new one for VNC may have been added'
gum log -sl info 'Reloading the systemctl configuration files since a new one for VNC may have been added'
sudo systemctl daemon-reload
logg info 'Enabling / starting the VNC service for the current user / display 1'
gum log -sl info 'Enabling / starting the VNC service for the current user / display 1'
sudo systemctl start vncserver@1
sudo systemctl enable vncserver@1
else
logg info 'Skipping VNC setup since the tightvncserver package is not present on the system'
gum log -sl info 'Skipping VNC setup since the tightvncserver package is not present on the system'
fi
fi
}
@ -262,11 +262,11 @@ moveGnomeAppsToShare() {
mkdir -p "${XDG_DATA_HOME:-$HOME/.local/share}/applications"
fi
find "$HOME/.gnome/apps" -mindepth 1 -maxdepth 1 -type f | while read DESKTOP_FILE; do
logg info "Moving $DESKTOP_FILE to ${XDG_DATA_HOME:-$HOME/.local/share}/applications/$(basename "$DESKTOP_FILE")"
gum log -sl info "Moving $DESKTOP_FILE to ${XDG_DATA_HOME:-$HOME/.local/share}/applications/$(basename "$DESKTOP_FILE")"
mv "$DESKTOP_FILE" "${XDG_DATA_HOME:-$HOME/.local/share}/applications/$(basename "$DESKTOP_FILE")"
chmod 755 "${XDG_DATA_HOME:-$HOME/.local/share}/applications/$(basename "$DESKTOP_FILE")"
done
logg info 'Removing ~/.gnome/apps'
gum log -sl info 'Removing ~/.gnome/apps'
rm -rf "$HOME/.gnome/apps"
fi
}
@ -278,9 +278,9 @@ moveGnomeAppsToShare() {
preloadZsh() {
### Initialize ZSH so plugin bootstrap process is done ahead of time
if command -v zsh > /dev/null; then
logg info 'Bootstrapping ZSH by running exec zsh'
gum log -sl info 'Bootstrapping ZSH by running exec zsh'
exec zsh &
logg info 'Waiting for exec zsh to finish'
gum log -sl info 'Waiting for exec zsh to finish'
wait
fi
}
@ -290,7 +290,7 @@ preloadZsh() {
# desktop shortcuts that have been deemed to be unnecessary or obtrusive.
removeShortcutsLinux() {
if [ "{{ .host.distro.family }}" = "linux" ]; then
logg info 'Processing remove shortcuts step for Linux machines'
gum log -sl info 'Processing remove shortcuts step for Linux machines'
### Remove unnecessary desktop shortcuts
for DESKTOP_ICON in {{ join " " .removeLinuxShortcuts }}; do
@ -311,7 +311,7 @@ removeShortcutsLinux() {
# @description Remove Ubuntu logo branding from GDM lock screen
removeUbuntuLogoBranding() {
if [ '{{ .whiteLabel }}' == 'true' ] && [ -f /usr/share/plymouth/ubuntu-logo.png ]; then
logg info 'Renaming /usr/share/plymouth/ubuntu-logo.png to /usr/share/plymouth/ubuntu-logo.png.bak since the whiteLabel setting is true'
gum log -sl info 'Renaming /usr/share/plymouth/ubuntu-logo.png to /usr/share/plymouth/ubuntu-logo.png.bak since the whiteLabel setting is true'
sudo mv /usr/share/plymouth/ubuntu-logo.png /usr/share/plymouth/ubuntu-logo.png.bak
fi
}
@ -329,25 +329,25 @@ removeUbuntuLogoBranding() {
setDefaultBrowser() {
if [ -d /Applications ] && [ -d /System ]; then
if ! command -v defaultbrowser > /dev/null; then
logg info 'Installing defaultbrowser via Homebrew which is the preferred way of configuring the default browser'
gum log -sl info 'Installing defaultbrowser via Homebrew which is the preferred way of configuring the default browser'
brew install --quiet defaultbrowser
fi
logg info "Setting default browser to {{ .user.defaultBrowserDarwin }}"
gum log -sl info "Setting default browser to {{ .user.defaultBrowserDarwin }}"
osascript "$HOME/Library/Scripts/default-browser.applescript" "{{ .user.defaultBrowserDarwin }}" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error 'Failed to change default browser'
gum log -sl error 'Failed to change default browser'
unset EXIT_CODE
fi
else
logg info 'Setting default browser for text/html to {{ .user.defaultBrowser }}'
gum log -sl info 'Setting default browser for text/html to {{ .user.defaultBrowser }}'
xdg-mime default {{ .user.defaultBrowser }}.desktop text/html
logg info 'Setting default browser for x-scheme-handler/http to {{ .user.defaultBrowser }}'
gum log -sl info 'Setting default browser for x-scheme-handler/http to {{ .user.defaultBrowser }}'
xdg-mime default {{ .user.defaultBrowser }}.desktop x-scheme-handler/http
logg info 'Setting default browser for x-scheme-handler/https to {{ .user.defaultBrowser }}'
gum log -sl info 'Setting default browser for x-scheme-handler/https to {{ .user.defaultBrowser }}'
xdg-mime default {{ .user.defaultBrowser }}.desktop x-scheme-handler/https
logg info 'Setting default browser for x-scheme-handler/about to {{ .user.defaultBrowser }}'
gum log -sl info 'Setting default browser for x-scheme-handler/about to {{ .user.defaultBrowser }}'
xdg-mime default {{ .user.defaultBrowser }}.desktop x-scheme-handler/about
logg info 'Setting default browser with xdg-settings to {{ .user.defaultBrowser }}'
gum log -sl info 'Setting default browser with xdg-settings to {{ .user.defaultBrowser }}'
xdg-settings set default-web-browser {{ .user.defaultBrowser }}.desktop
fi
}
@ -359,10 +359,10 @@ ubuntuDashToDockFix() {
if [ -d '/usr/share/gnome-shell/extensions/ubuntu-dock@ubuntu.com' ]; then
if [ ! -d /usr/share/gnome-shell/extensions/disabled ]; then
sudo mkdir /usr/share/gnome-shell/extensions/disabled
logg info 'Created /usr/share/gnome-shell/extensions/disabled for GNOME extensions that have issues'
gum log -sl info 'Created /usr/share/gnome-shell/extensions/disabled for GNOME extensions that have issues'
fi
sudo mv '/usr/share/gnome-shell/extensions/ubuntu-dock@ubuntu.com' '/usr/share/gnome-shell/extensions/disabled/ubuntu-dock@ubuntu.com'
logg info 'Moved ubuntu-dock@ubuntu.com to the disabled extension folder'
gum log -sl info 'Moved ubuntu-dock@ubuntu.com to the disabled extension folder'
fi
fi
fi
@ -375,21 +375,21 @@ enableAutoUpdateDarwin() {
if [ -d /Applications ] && [ -d /System ]; then
### Enable automated system updates on macOS
if [ -f "/Library/LaunchDaemons/com.apple.automatedupdates.plist" ]; then
logg info 'Configuring macOS to automatically apply system updates'
gum log -sl info 'Configuring macOS to automatically apply system updates'
sudo mkdir -p /Library/LaunchDaemons
logg info 'Loading /Library/LaunchDaemons/com.apple.automatedupdates.plist'
gum log -sl info 'Loading /Library/LaunchDaemons/com.apple.automatedupdates.plist'
if sudo launchctl list | grep 'com.apple.automatedupdates' > /dev/null; then
logg info 'Unloading previous com.apple.automatedupdates configuration'
gum log -sl info 'Unloading previous com.apple.automatedupdates configuration'
sudo launchctl unload /Library/LaunchDaemons/com.apple.automatedupdates.plist
fi
sudo launchctl load -w /Library/LaunchDaemons/com.apple.automatedupdates.plist
else
logg warn '/Library/LaunchDaemons/com.apple.automatedupdates.plist is missing!'
gum log -sl warn '/Library/LaunchDaemons/com.apple.automatedupdates.plist is missing!'
fi
### Enable Homebrew auto-update service
if brew autoupdate status | grep 'Autoupdate is not configured.' > /dev/null; then
logg info 'Enabling Homebrew auto-update service (every 24 hours)'
gum log -sl info 'Enabling Homebrew auto-update service (every 24 hours)'
brew autoupdate start --cleanup --greedy --upgrade
fi
fi
@ -398,7 +398,7 @@ enableAutoUpdateDarwin() {
# Temporary next line for debugging
export DEBUG=true
if [ -n "$DEBUG" ] || [ -n "$DEBUG_MODE" ]; then
logg info 'The DEBUG or DEBUG_MODE environment variable is set so the post-install tasks will be run synchronously'
gum log -sl info 'The DEBUG or DEBUG_MODE environment variable is set so the post-install tasks will be run synchronously'
bashItPlugins
candyIconTweaks
configureVNC

8
home/.chezmoiscripts/universal/run_after_24-cleanup.sh.tmpl
View file

@ -10,14 +10,14 @@
cleanAptGet() {
if command -v apt-get > /dev/null; then
logg info 'Running sudo apt-get autoclean' && sudo apt-get autoclean
logg info 'Running sudo apt-get -y autoremove' && sudo apt-get -y autoremove
gum log -sl info 'Running sudo apt-get autoclean' && sudo apt-get autoclean
gum log -sl info 'Running sudo apt-get -y autoremove' && sudo apt-get -y autoremove
fi
}
cleanupBrew() {
if command -v brew > /dev/null; then
logg info 'Running brew cleanup' && brew cleanup
gum log -sl info 'Running brew cleanup' && brew cleanup
fi
}
@ -53,7 +53,7 @@ fi
if [ -d /Applications ] && [ -d /System ]; then
### Empty trash
if command -v m > /dev/null; then
logg info 'Emptying trash' && m trash clean
gum log -sl info 'Emptying trash' && m trash clean
fi
fi

14
home/.chezmoiscripts/universal/run_before_01-prepare.sh.tmpl
View file

@ -30,7 +30,7 @@ EOF
disconnectWarp() {
if command -v warp-cli > /dev/null; then
if warp-cli status | grep 'Connected' > /dev/null; then
logg info 'Disconnecting from CloudFlare Teams / WARP due to Volta ignoring CA specified in NPM configuration'
gum log -sl info 'Disconnecting from CloudFlare Teams / WARP due to Volta ignoring CA specified in NPM configuration'
warp-cli disconnect
fi
fi
@ -61,7 +61,7 @@ ensureFullDiskAccess() {
if ! plutil -lint /Library/Preferences/com.apple.TimeMachine.plist > /dev/null ; then
printFullDiskAccessNotice
logg star 'Opening Full Disk Access preference pane.. Grant full-disk access for the terminal you would like to run the provisioning process with.' && open "x-apple.systempreferences:com.apple.preference.security?Privacy_AllFiles"
logg info 'You may have to force quit the terminal and have it reload.'
gum log -sl info 'You may have to force quit the terminal and have it reload.'
if [ ! -f "$HOME/.zshrc" ] || ! cat "$HOME/.zshrc" | grep '# TEMPORARY FOR INSTALL DOCTOR MACOS' > /dev/null; then
echo 'bash <(curl -sSL https://install.doctor/start) # TEMPORARY FOR INSTALL DOCTOR MACOS' >> "$HOME/.zshrc"
fi
@ -70,9 +70,9 @@ ensureFullDiskAccess() {
logg success 'Current terminal has full disk access'
if [ -f "$HOME/.zshrc" ]; then
if command -v gsed > /dev/null; then
sudo gsed -i '/# TEMPORARY FOR INSTALL DOCTOR MACOS/d' "$HOME/.zshrc" || logg warn "Failed to remove kickstart script from .zshrc"
sudo gsed -i '/# TEMPORARY FOR INSTALL DOCTOR MACOS/d' "$HOME/.zshrc" || gum log -sl warn "Failed to remove kickstart script from .zshrc"
else
sudo sed -i '/# TEMPORARY FOR INSTALL DOCTOR MACOS/d' "$HOME/.zshrc" || logg warn "Failed to remove kickstart script from .zshrc"
sudo sed -i '/# TEMPORARY FOR INSTALL DOCTOR MACOS/d' "$HOME/.zshrc" || gum log -sl warn "Failed to remove kickstart script from .zshrc"
fi
fi
fi
@ -87,7 +87,7 @@ importCloudFlareCert() {
if [ -d /Applications ] && [ -d /System ] && [ -z "$HEADLESS_INSTALL" ]; then
### Acquire certificate
if [ ! -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" ]; then
logg info 'Downloading Cloudflare_CA.crt from https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt to determine if it is already in the System.keychain'
gum log -sl info 'Downloading Cloudflare_CA.crt from https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt to determine if it is already in the System.keychain'
CRT_TMP="$(mktemp)"
curl -sSL https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt > "$CRT_TMP"
else
@ -97,7 +97,7 @@ importCloudFlareCert() {
### Validate / import certificate
security verify-cert -c "$CRT_TMP" > /dev/null 2>&1
if [ $? != 0 ]; then
logg info '**macOS Manual Security Permission** Requesting security authorization for Cloudflare trusted certificate'
gum log -sl info '**macOS Manual Security Permission** Requesting security authorization for Cloudflare trusted certificate'
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$CRT_TMP" && logg success 'Successfully imported Cloudflare_CA.crt into System.keychain'
fi
@ -113,7 +113,7 @@ addTemporaryIncludes
. /tmp/tmp-profile
ensureFullDiskAccess
if [ -n "$DEBUG" ] || [ -n "$DEBUG_MODE" ]; then
logg info 'The DEBUG or DEBUG_MODE environment variable is set so the prepare tasks will be run synchronously'
gum log -sl info 'The DEBUG or DEBUG_MODE environment variable is set so the prepare tasks will be run synchronously'
importCloudFlareCert
disconnectWarp
else

48
home/.chezmoiscripts/universal/run_before_02-homebrew.sh.tmpl
View file

@ -77,13 +77,13 @@ ensurePackageManagerHomebrew() {
echo | bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
fixHomebrewPermissions
else
logg info 'Homebrew is not installed. Password may be required.'
gum log -sl info 'Homebrew is not installed. Password may be required.'
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
fixHomebrewPermissions
if [ -n "$BREW_EXIT_CODE" ]; then
logg warn 'Homebrew was installed but part of the installation failed to complete successfully.'
gum log -sl warn 'Homebrew was installed but part of the installation failed to complete successfully.'
if command -v brew > /dev/null; then
logg info 'Applying proper permissions on Homebrew folders'
gum log -sl info 'Applying proper permissions on Homebrew folders'
sudo chmod -R go-w "$(brew --prefix)/share"
BREW_DIRS="share etc/bash_completion.d"
for BREW_DIR in $BREW_DIRS; do
@ -91,7 +91,7 @@ ensurePackageManagerHomebrew() {
sudo chown -Rf "$(whoami)" "$(brew --prefix)/$BREW_DIR"
fi
done
logg info 'Running brew update --force --quiet' && brew update --force --quiet
gum log -sl info 'Running brew update --force --quiet' && brew update --force --quiet
fi
fi
fi
@ -101,21 +101,21 @@ ensurePackageManagerHomebrew() {
# @description Helper function utilized by [[upgradeDarwin]] to ensure the `expect` command is available on macOS
installExpect() {
if ! command -v expect > /dev/null; then
logg info 'Installing expect via Homebrew' && brew install expect
gum log -sl info 'Installing expect via Homebrew' && brew install expect
fi
}
# @description Helper function utilized by [[upgradeDarwin]] to ensure the `gsed` command is available on macOS
installGsed() {
if ! command -v gsed > /dev/null; then
logg info 'Installing gnu-sed via Homebrew' && brew install gnu-sed
gum log -sl info 'Installing gnu-sed via Homebrew' && brew install gnu-sed
fi
}
# @description Helper function utilized by [[upgradeDarwin]] to ensure the `gtimeout` command is available on macOS
installGtimeout() {
if ! command -v gtimeout > /dev/null; then
logg info 'Installing coreutils via Homebrew' && brew install coreutils
gum log -sl info 'Installing coreutils via Homebrew' && brew install coreutils
fi
}
@ -148,64 +148,64 @@ upgradeDarwin() {
### Ensure Rosetta 2 is installed
if /usr/bin/pgrep -q oahd; then
logg info 'Rosetta 2 is already installed'
gum log -sl info 'Rosetta 2 is already installed'
else
logg info 'Ensuring Rosetta 2 is installed' && softwareupdate --install-rosetta --agree-to-license
gum log -sl info 'Ensuring Rosetta 2 is installed' && softwareupdate --install-rosetta --agree-to-license
fi
### Run upgrade process
logg info 'Checking for available OS upgrades'
gum log -sl info 'Checking for available OS upgrades'
UPDATE_CHECK="$(softwareupdate -l 2>&1)"
if ! echo "$UPDATE_CHECK" | grep "No new software available" > /dev/null; then
logg info 'There are available OS upgrades'
gum log -sl info 'There are available OS upgrades'
echo "$UPDATE_CHECK"
logg info 'Applying OS upgrades (if available). This may take awhile..'
gum log -sl info 'Applying OS upgrades (if available). This may take awhile..'
expect -c "set timeout -1
spawn sudo softwareupdate -i -a --agree-to-license
expect \"Password:\"
send \"${SUDO_PASSWORD}\r\"
expect eof" &> /dev/null || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg warn 'Error running softwareupdate'
gum log -sl warn 'Error running softwareupdate'
unset EXIT_CODE
fi
# sudo sh -c "sudo softwareupdate -i -a --agree-to-license" || logg error 'Failed to trigger a system update via sudo softwareupdate -i -a --agree-to-license'
# sudo sh -c "sudo softwareupdate -i -a --agree-to-license" || gum log -sl error 'Failed to trigger a system update via sudo softwareupdate -i -a --agree-to-license'
### Reboot if necessary
# Source: https://community.jamf.com/t5/jamf-pro/determine-if-update-requires-restart/m-p/11682
logg info 'Checking if softwareupdate requires a reboot'
gum log -sl info 'Checking if softwareupdate requires a reboot'
if softwareupdate -l | grep restart > /dev/null; then
### Add kickstart script to .zshrc so it triggers automatically
if [ ! -f "$HOME/.zshrc" ] || ! cat "$HOME/.zshrc" | grep '# TEMPORARY FOR INSTALL DOCTOR MACOS' > /dev/null; then
logg info 'Adding kickstart script to ~/.zshrc so script continues automatically if reboot is necessary'
gum log -sl info 'Adding kickstart script to ~/.zshrc so script continues automatically if reboot is necessary'
echo 'bash <(curl -sSL --compressed https://install.doctor/start) # TEMPORARY FOR INSTALL DOCTOR MACOS' >> "$HOME/.zshrc"
fi
if [ -n "$SUDO_PASSWORD" ] && [ "$SUDO_PASSWORD" != "" ]; then
### Install kcpassword
if ! command -v enable_autologin > /dev/null; then
logg info 'enable_autologin is not installed and it is a requirement for auto-logging in after reboot' && brew install xfreebird/utils/kcpassword
gum log -sl info 'enable_autologin is not installed and it is a requirement for auto-logging in after reboot' && brew install xfreebird/utils/kcpassword
fi
### Enable auto-login via kcpassword
logg info "Enabling autologin for $USER with acquired sudo password" && sudo enable_autologin "$USER" "$SUDO_PASSWORD"
gum log -sl info "Enabling autologin for $USER with acquired sudo password" && sudo enable_autologin "$USER" "$SUDO_PASSWORD"
fi
### Reboot
logg info 'Reboot required' && exit 140
gum log -sl info 'Reboot required' && exit 140
else
logg info 'No reboot required for softwareupdate'
gum log -sl info 'No reboot required for softwareupdate'
fi
else
logg info 'There are no available OS upgrades'
gum log -sl info 'There are no available OS upgrades'
fi
if [ -f "$HOME/.zshrc" ]; then
logg info 'Ensuring provision kickstart script is removed from ~/.zshrc'
gum log -sl info 'Ensuring provision kickstart script is removed from ~/.zshrc'
if command -v gsed > /dev/null; then
sudo gsed -i '/# TEMPORARY FOR INSTALL DOCTOR MACOS/d' "$HOME/.zshrc" || logg warn "Failed to remove kickstart script from .zshrc"
sudo gsed -i '/# TEMPORARY FOR INSTALL DOCTOR MACOS/d' "$HOME/.zshrc" || gum log -sl warn "Failed to remove kickstart script from .zshrc"
else
sudo sed -i '/# TEMPORARY FOR INSTALL DOCTOR MACOS/d' "$HOME/.zshrc" || logg warn "Failed to remove kickstart script from .zshrc"
sudo sed -i '/# TEMPORARY FOR INSTALL DOCTOR MACOS/d' "$HOME/.zshrc" || gum log -sl warn "Failed to remove kickstart script from .zshrc"
fi
fi
fi

22
home/.chezmoiscripts/universal/run_before_03-decrypt-age-key.sh.tmpl
View file

@ -35,11 +35,11 @@
# @description Helper function utilized by [[decryptKey]] that removes all `encrypted_` files from the Chezmoi source
# if the Age decryption process fails due to wrong password or from not being set up yet.
decryptionFailure() {
logg info 'Proceeding without decrypting age encryption key stored at ~/.local/share/chezmoi/home/key.txt.age'
logg info 'To have Chezmoi handle your encryption (so you can store your private files publicly) take a look at https://shorturl.at/jkpzG'
logg info 'Removing all files that begin with encrypted_ because decryption failed'
gum log -sl info 'Proceeding without decrypting age encryption key stored at ~/.local/share/chezmoi/home/key.txt.age'
gum log -sl info 'To have Chezmoi handle your encryption (so you can store your private files publicly) take a look at https://shorturl.at/jkpzG'
gum log -sl info 'Removing all files that begin with encrypted_ because decryption failed'
find "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi" -type f -name "encrypted_*" | while read ENCRYPTED_FILE; do
logg info "Removing $ENCRYPTED_FILE"
gum log -sl info "Removing $ENCRYPTED_FILE"
rm -f "$ENCRYPTED_FILE"
done
}
@ -47,7 +47,7 @@ decryptionFailure() {
# @description Helper function utilized by [[decryptKey]] to ensure the `age` command is available
installAge() {
if ! command -v age > /dev/null; then
logg info 'Running brew install age'
gum log -sl info 'Running brew install age'
brew install --quiet age
fi
}
@ -55,7 +55,7 @@ installAge() {
# @description Helper function utilized by [[decryptKey]] to ensure the `expect` command is available
installExpect() {
if ! command -v unbuffer > /dev/null; then
logg info 'Running brew install expect / unbuffer'
gum log -sl info 'Running brew install expect / unbuffer'
brew install --quiet expect
fi
}
@ -81,10 +81,10 @@ decryptKey() {
send \"${AGE_PASSWORD}\r\"
expect eof" &> /dev/null || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg info 'There was an issue decrypting the key.txt.age file with the provided AGE_PASSWORD'
gum log -sl info 'There was an issue decrypting the key.txt.age file with the provided AGE_PASSWORD'
decryptionFailure
else
logg info 'The encryption key was successfully decrypted using expect and the provided AGE_PASSWORD'
gum log -sl info 'The encryption key was successfully decrypted using expect and the provided AGE_PASSWORD'
fi
fi
fi
@ -99,12 +99,12 @@ elif [ -n "$HEADLESS_INSTALL" ] && [ -n "$AGE_PASSWORD" ]; then
installAge
decryptKey
else
logg info 'Skipping Age key decryption process - HEADLESS_INSTALL and AGE_PASSWORD should be passed in as env variables to automate the process'
gum log -sl info 'Skipping Age key decryption process - HEADLESS_INSTALL and AGE_PASSWORD should be passed in as env variables to automate the process'
fi
### Ensure proper permissions on private key
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/age/chezmoi.txt" ]; then
logg info 'Ensuring proper permissions on Chezmoi / age decryption key'
logg info 'Chezmoi / age decryption key is stored in '"${XDG_CONFIG_HOME:-$HOME/.config}/age/chezmoi.txt"
gum log -sl info 'Ensuring proper permissions on Chezmoi / age decryption key'
gum log -sl info 'Chezmoi / age decryption key is stored in '"${XDG_CONFIG_HOME:-$HOME/.config}/age/chezmoi.txt"
chmod 600 "${XDG_CONFIG_HOME:-$HOME/.config}/age/chezmoi.txt"
fi

128
home/.chezmoiscripts/universal/run_before_04-requirements.sh.tmpl
View file

@ -25,8 +25,8 @@ if [ -d /Applications ] && [ -d /System ]; then
if command -v brew > /dev/null; then
### Install base dependencies
logg 'Installing base dependencies for macOS using brew bundle'
logg info 'Dependencies: age jq node glow go go-task/tap/go-task gnupg gum m-cli progress volta yq m-cli yq zx'
logg info 'GNU compatibility dependencies: coreutils findutils'
gum log -sl info 'Dependencies: age jq node glow go go-task/tap/go-task gnupg gum m-cli progress volta yq m-cli yq zx'
gum log -sl info 'GNU compatibility dependencies: coreutils findutils'
brew bundle --verbose --no-lock --file=/dev/stdin <<EOF
{{ includeTemplate "darwin/Brewfile" . -}}
@ -36,31 +36,31 @@ EOF
PYTHON_VERSION="$(python3 --version | sed 's/Python //')"
MIN_PYTHON_VERSION="3.11.0"
if [ "$(printf '%s\n' "$MIN_PYTHON_VERSION" "$PYTHON_VERSION" | sort -V | head -n1)" = "$MIN_PYTHON_VERSION" ]; then
logg info "Minimum Python version satisfied (minimum: $MIN_PYTHON_VERSION, current: $PYTHON_VERSION)"
gum log -sl info "Minimum Python version satisfied (minimum: $MIN_PYTHON_VERSION, current: $PYTHON_VERSION)"
else
logg info 'Updating Python 3 version with brew link --overwrite python@3.11'
gum log -sl info 'Updating Python 3 version with brew link --overwrite python@3.11'
brew link --overwrite python@3.11
fi
else
logg error 'brew was not found in the PATH'
gum log -sl error 'brew was not found in the PATH'
fi
else
if [ '{{ .host.distro.id }}' = 'archlinux' ]; then
### Print dependency list
logg 'Installing common dependencies using pacman'
logg info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
gum log -sl info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
### Install packages if they are not already present
for PACKAGE in {{ $packages | sortAlpha | uniq | join " " -}}; do
logg info 'Checking for presence of '"$PACKAGE"''
gum log -sl info 'Checking for presence of '"$PACKAGE"''
if pacman -Qs "$PACKAGE" > /dev/null; then
logg info 'The '"$PACKAGE"' package is already installed'
gum log -sl info 'The '"$PACKAGE"' package is already installed'
else
logg info 'Installing '"$PACKAGE"''
gum log -sl info 'Installing '"$PACKAGE"''
sudo pacman -Sy --noconfirm --needed "$PACKAGE" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error 'Error installing '"$PACKAGE"' via pacman'
logg info 'Proceeding with installation..'
gum log -sl error 'Error installing '"$PACKAGE"' via pacman'
gum log -sl info 'Proceeding with installation..'
unset EXIT_CODE
fi
fi
@ -68,33 +68,33 @@ else
### Install yay
if ! command -v yay > /dev/null; then
logg info 'Cloning yay from https://aur.archlinux.org/yay.git to /usr/local/src/yay'
gum log -sl info 'Cloning yay from https://aur.archlinux.org/yay.git to /usr/local/src/yay'
sudo git clone https://aur.archlinux.org/yay.git /usr/local/src/yay
cd /usr/local/src/yay
logg info 'Installing yay via sudo makepkg -si'
gum log -sl info 'Installing yay via sudo makepkg -si'
sudo makepkg -si
fi
elif [ '{{ .host.distro.id }}' = 'centos' ]; then
### Upgrade system
logg info 'Upgrade system'
gum log -sl info 'Upgrade system'
sudo dnf upgrade --refresh -y
### Enable CRB
logg info 'Ensure the CRB repository is activated'
gum log -sl info 'Ensure the CRB repository is activated'
sudo dnf config-manager --set-enabled crb
### Add EPEL
if ! dnf repolist | grep 'epel ' > /dev/null; then
logg info 'Adding the EPEL repository'
gum log -sl info 'Adding the EPEL repository'
sudo dnf install -y "https://dl.fedoraproject.org/pub/epel/epel-release-latest-${VERSION}.noarch.rpm"
fi
### Add EPEL Next
if ! dnf repolist | grep 'epel-next' > /dev/null; then
logg info 'Adding the EPEL Next repository'
gum log -sl info 'Adding the EPEL Next repository'
sudo dnf install -y "https://dl.fedoraproject.org/pub/epel/epel-next-release-latest-${VERSION}.noarch.rpm"
else
logg info 'EPEL Next repository already enabled (EPEL compatibility for CentOS)'
gum log -sl info 'EPEL Next repository already enabled (EPEL compatibility for CentOS)'
fi
### Detect package manager
if command -v dnf > /dev/null; then
@ -105,60 +105,60 @@ else
### Print dependency list
logg 'Installing common dependencies using '"$PKG_MANAGER"''
logg info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
gum log -sl info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
### Install packages if they are not already present
for PACKAGE in {{ $packages | sortAlpha | uniq | join " " -}}; do
logg info 'Checking for presence of '"$PACKAGE"''
gum log -sl info 'Checking for presence of '"$PACKAGE"''
if rpm -qa | grep "^$PACKAGE-" > /dev/null; then
logg info 'The '"$PACKAGE"' package is already installed'
gum log -sl info 'The '"$PACKAGE"' package is already installed'
else
logg info 'Installing '"$PACKAGE"''
gum log -sl info 'Installing '"$PACKAGE"''
sudo "$PKG_MANAGER" install -y "$PACKAGE" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error 'Error installing '"$PACKAGE"' via '"$PKG_MANAGER"''
logg info 'Proceeding with installation..'
gum log -sl error 'Error installing '"$PACKAGE"' via '"$PKG_MANAGER"''
gum log -sl info 'Proceeding with installation..'
unset EXIT_CODE
fi
fi
done
elif [ '{{ .host.distro.id }}' = 'debian' ]; then
if command -v apt-get > /dev/null && [ -f /etc/apt/preferences.d/nosnap.pref ]; then
logg info 'Moving /etc/apt/preferences.d/nosnap.pref to /etc/apt/nosnap.pref.bak' && sudo mv -f /etc/apt/preferences.d/nosnap.pref /etc/apt/nosnap.pref.bak
gum log -sl info 'Moving /etc/apt/preferences.d/nosnap.pref to /etc/apt/nosnap.pref.bak' && sudo mv -f /etc/apt/preferences.d/nosnap.pref /etc/apt/nosnap.pref.bak
fi
### Print dependency list
logg 'Installing common dependencies using apt-get'
logg info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
gum log -sl info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
### Update apt-get cache
logg info 'Running sudo apt-get update'
gum log -sl info 'Running sudo apt-get update'
sudo apt-get update
### Update debconf for non-interactive installation
if command -v dpkg-reconfigure > /dev/null; then
logg info 'Running sudo dpkg-reconfigure debconf -f noninteractive -p critical'
gum log -sl info 'Running sudo dpkg-reconfigure debconf -f noninteractive -p critical'
sudo dpkg-reconfigure debconf -f noninteractive -p critical
fi
### Install packages if they are not already present
for PACKAGE in {{ $packages | sortAlpha | uniq | join " " -}}; do
logg info 'Checking for presence of '"$PACKAGE"''
gum log -sl info 'Checking for presence of '"$PACKAGE"''
if dpkg -l "$PACKAGE" | grep -E '^ii' > /dev/null; then
logg info 'The '"$PACKAGE"' package is already installed'
gum log -sl info 'The '"$PACKAGE"' package is already installed'
else
logg info 'Installing '"$PACKAGE"''
gum log -sl info 'Installing '"$PACKAGE"''
sudo apt-get install -y --no-install-recommends "$PACKAGE" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error 'Error installing '"$PACKAGE"' via apt-get'
logg info 'Proceeding with installation..'
gum log -sl error 'Error installing '"$PACKAGE"' via apt-get'
gum log -sl info 'Proceeding with installation..'
unset EXIT_CODE
fi
fi
done
elif [ '{{ .host.distro.id }}' = 'fedora' ]; then
### Upgrade system
logg info 'Upgrade system'
gum log -sl info 'Upgrade system'
sudo dnf upgrade --refresh -y
# https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/
@ -167,38 +167,38 @@ else
### Add RPM Fusion Free repository
if ! dnf repolist | grep 'rpmfusion-free' > /dev/null; then
logg info 'Adding RPM-Fusion Free repository for Fedora'
gum log -sl info 'Adding RPM-Fusion Free repository for Fedora'
sudo dnf install -y "https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm"
fi
### Add RPM Fusion Non-Free repository
if ! dnf repolist | grep 'rpmfusion-nonfree' > /dev/null; then
logg info 'Adding RPM-Fusion Non-Free repository for Fedora'
gum log -sl info 'Adding RPM-Fusion Non-Free repository for Fedora'
sudo dnf install -y "https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm"
fi
### Add Appstream data from the RPM Fusion repositories
if command -v gnome-shell > /dev/null; then
logg info 'Adding Appstream data from the RPM-Fusion repositories'
gum log -sl info 'Adding Appstream data from the RPM-Fusion repositories'
sudo dnf group update -y core
else
logg warn 'Skipping installation of Appstream data because GNOME is not installed'
gum log -sl warn 'Skipping installation of Appstream data because GNOME is not installed'
fi
### Print dependency list
logg 'Installing common dependencies using dnf'
logg info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
gum log -sl info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
### Install packages if they are not already present
for PACKAGE in {{ $packages | sortAlpha | uniq | join " " -}}; do
logg info 'Checking for presence of '"$PACKAGE"''
gum log -sl info 'Checking for presence of '"$PACKAGE"''
if rpm -qa | grep "^$PACKAGE-" > /dev/null; then
logg info 'The '"$PACKAGE"' package is already installed'
gum log -sl info 'The '"$PACKAGE"' package is already installed'
else
logg info 'Installing '"$PACKAGE"''
gum log -sl info 'Installing '"$PACKAGE"''
sudo dnf install -y "$PACKAGE" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error 'Error installing '"$PACKAGE"' via dnf'
logg info 'Proceeding with installation..'
gum log -sl error 'Error installing '"$PACKAGE"' via dnf'
gum log -sl info 'Proceeding with installation..'
unset EXIT_CODE
fi
fi
@ -206,72 +206,72 @@ else
elif [ '{{ .host.distro.id }}' = 'freebsd' ]; then
### Print dependency list
logg 'Installing common dependencies using pkg'
logg info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
gum log -sl info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
### Install base dependencies
for PACKAGE in {{ $packages | sortAlpha | uniq | join " " -}}; do
logg info 'Installing '"$PACKAGE"''
gum log -sl info 'Installing '"$PACKAGE"''
sudo pkg install -y "$PACKAGE" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error 'Error installing '"$PACKAGE"' via zypper'
logg info 'Proceeding with installation..'
gum log -sl error 'Error installing '"$PACKAGE"' via zypper'
gum log -sl info 'Proceeding with installation..'
unset EXIT_CODE
fi
done
elif [ '{{ .host.distro.id }}' = 'opensuse' ]; then
### Print dependency list
logg 'Installing common dependencies using zypper'
logg info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
gum log -sl info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
### Install base_devel
logg info 'Installing base_devel pattern with sudo zypper install -t pattern devel_basis'
gum log -sl info 'Installing base_devel pattern with sudo zypper install -t pattern devel_basis'
sudo zypper install -t pattern devel_basis
### Install packages if they are not already present
for PACKAGE in {{ $packages | sortAlpha | uniq | join " " -}}; do
logg info 'Checking for presence of '"$PACKAGE"''
gum log -sl info 'Checking for presence of '"$PACKAGE"''
if rpm -qa | grep "$PACKAGE" > /dev/null; then
logg info 'The '"$PACKAGE"' package is already installed'
gum log -sl info 'The '"$PACKAGE"' package is already installed'
else
logg info 'Installing '"$PACKAGE"''
gum log -sl info 'Installing '"$PACKAGE"''
sudo zypper install -y "$PACKAGE" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error 'Error installing '"$PACKAGE"' via zypper'
logg info 'Proceeding with installation..'
gum log -sl error 'Error installing '"$PACKAGE"' via zypper'
gum log -sl info 'Proceeding with installation..'
unset EXIT_CODE
fi
fi
done
elif [ '{{ .host.distro.id }}' = 'ubuntu' ]; then
if command -v apt-get > /dev/null && [ -f /etc/apt/preferences.d/nosnap.pref ]; then
logg info 'Moving /etc/apt/preferences.d/nosnap.pref to /etc/apt/nosnap.pref.bak' && sudo mv -f /etc/apt/preferences.d/nosnap.pref /etc/apt/nosnap.pref.bak
gum log -sl info 'Moving /etc/apt/preferences.d/nosnap.pref to /etc/apt/nosnap.pref.bak' && sudo mv -f /etc/apt/preferences.d/nosnap.pref /etc/apt/nosnap.pref.bak
fi
### Print dependency list
logg 'Installing common dependencies using apt-get'
logg info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
gum log -sl info 'Dependencies: {{ $packages | sortAlpha | uniq | join " " -}}'
### Update apt-get cache
logg info 'Running sudo apt-get update'
gum log -sl info 'Running sudo apt-get update'
sudo apt-get update
### Update debconf for non-interactive installation
if command -v dpkg-reconfigure > /dev/null; then
logg info 'Running sudo dpkg-reconfigure debconf -f noninteractive -p critical'
gum log -sl info 'Running sudo dpkg-reconfigure debconf -f noninteractive -p critical'
sudo dpkg-reconfigure debconf -f noninteractive -p critical
fi
### Install packages if they are not already present
for PACKAGE in {{ $packages | sortAlpha | uniq | join " " -}}; do
logg info 'Checking for presence of '"$PACKAGE"''
gum log -sl info 'Checking for presence of '"$PACKAGE"''
if dpkg -l "$PACKAGE" | grep -E '^ii' > /dev/null; then
logg info 'The '"$PACKAGE"' package is already installed'
gum log -sl info 'The '"$PACKAGE"' package is already installed'
else
logg info 'Installing '"$PACKAGE"''
gum log -sl info 'Installing '"$PACKAGE"''
sudo apt-get install -y --no-install-recommends "$PACKAGE" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error 'Error installing '"$PACKAGE"' via apt-get'
logg info 'Proceeding with installation..'
gum log -sl error 'Error installing '"$PACKAGE"' via apt-get'
gum log -sl info 'Proceeding with installation..'
unset EXIT_CODE
fi
fi

228
home/.chezmoiscripts/universal/run_before_05-system.sh.tmpl
View file

@ -40,12 +40,12 @@ allocateSwap() {
### Create /swapfile
FS_TYPE="$(df -Th | grep ' /$' | sed 's/[^ ]*\s*\([^ ]*\).*/\1/')"
if [ "$FS_TYPE" == 'btrfs' ]; then
logg info 'Creating BTRFS /swapfile'
gum log -sl info 'Creating BTRFS /swapfile'
sudo btrfs filesystem mkswapfile /swapfile
elif [ "$FS_TYPE" == 'zfs' ]; then
logg warn 'ZFS system detected - add logic here to add /swapfile'
gum log -sl warn 'ZFS system detected - add logic here to add /swapfile'
else
logg info "Creating a $SWAP_SPACE GB /swapfile"
gum log -sl info "Creating a $SWAP_SPACE GB /swapfile"
sudo fallocate -l "${SWAP_SPACE}G" /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
@ -53,7 +53,7 @@ allocateSwap() {
### Enable the /swapfile
if [ -f /swapfile ]; then
logg info 'Running sudo swapon /swapfile'
gum log -sl info 'Running sudo swapon /swapfile'
sudo swapon /swapfile
if cat /etc/fstab | grep "/swapfile"; then
sudo sed -i '/\/swapfile/\/swapfile none swap defaults 0 0/' /etc/fstab
@ -85,42 +85,42 @@ configureGPG() {
curl -sSL --compressed "{{ .config.gpg }}" > "$HOME/.gnupg/gpg.conf"
chmod 600 "$HOME/.gnupg/gpg.conf"
fi
logg info 'Killing dirmngr instance and reloading daemon with standard-resolver' && sudo pkill dirmngr
gum log -sl info 'Killing dirmngr instance and reloading daemon with standard-resolver' && sudo pkill dirmngr
dirmngr --daemon --standard-resolver
KEYID_TRIMMED="$(echo "$KEYID" | sed 's/^0x//')"
if ! gpg --list-secret-keys --keyid-format=long | grep "$KEYID_TRIMMED" > /dev/null; then
if [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/private_dot_gnupg/private_public/private_${KEYID}.asc" ]; then
logg info "Importing GPG key stored in ${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/private_dot_gnupg/private_public/private_${KEYID}.asc since its name matches the GPG key ID in .chezmoi.yaml.tmpl"
gum log -sl info "Importing GPG key stored in ${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/private_dot_gnupg/private_public/private_${KEYID}.asc since its name matches the GPG key ID in .chezmoi.yaml.tmpl"
gpg --import "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/private_dot_gnupg/private_public/private_${KEYID}.asc" && logg success 'Successfully imported master GPG key'
else
logg info 'Attempting to download the specified public GPG key ({{ .user.gpg.id }}) from public keyservers'
gum log -sl info 'Attempting to download the specified public GPG key ({{ .user.gpg.id }}) from public keyservers'
gpg --keyserver https://pgp.mit.edu --recv "$KEYID" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg info 'Non-zero exit code received when downloading public GPG key'
gum log -sl info 'Non-zero exit code received when downloading public GPG key'
gpg --keyserver hkps://pgp.mit.edu --recv "$KEYID" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg info 'Non-zero exit code received when trying to retrieve public user GPG key on hkps://pgp.mit.edu'
gum log -sl info 'Non-zero exit code received when trying to retrieve public user GPG key on hkps://pgp.mit.edu'
else
logg success 'Successfully imported configured public user GPG key'
fi
fi
fi
else
logg info 'Key is already in keyring'
gum log -sl info 'Key is already in keyring'
fi
logg info 'Stopping dirmngr'
gpgconf --kill dirmngr && logg info 'Stopped dirmngr' || info warn 'Failed to stop dirmngr'
gum log -sl info 'Stopping dirmngr'
gpgconf --kill dirmngr && gum log -sl info 'Stopped dirmngr' || info warn 'Failed to stop dirmngr'
logg 'Ensuring the trust of the provided public GPG key is set to maximum'
echo -e "trust\n5\ny" | gpg --command-fd 0 --edit-key "$KEYID"
else
logg warn 'gpg appears to be unavailable. Is it installed and on the PATH?'
gum log -sl warn 'gpg appears to be unavailable. Is it installed and on the PATH?'
fi
}
# @description Disable the creation of `.DS_Store` files on macOS.
disableDStoreFileCreation() {
if command -v m > /dev/null; then
logg info 'Disabling creation of .DS_Store files'
gum log -sl info 'Disabling creation of .DS_Store files'
echo y | m dir dsfiles off > /dev/null
fi
}
@ -128,8 +128,8 @@ disableDStoreFileCreation() {
# @description Enables transparent dark-mode on macOS
enableDarkTransparentMode() {
if command -v m > /dev/null; then
logg info 'Enabling dark mode' && m appearance darkmode YES > /dev/null
logg info 'Enabling theme transparency' && m appearance transparency YES > /dev/null
gum log -sl info 'Enabling dark mode' && m appearance darkmode YES > /dev/null
gum log -sl info 'Enabling theme transparency' && m appearance transparency YES > /dev/null
fi
}
@ -137,17 +137,17 @@ enableDarkTransparentMode() {
ensureBrewPackageInstalled() {
if ! command -v "$1" > /dev/null; then
if command -v brew; then
logg info "Installing $1 via Homebrew"
gum log -sl info "Installing $1 via Homebrew"
brew install --quiet "$1" || EXIT_CODE=$?
if [ -n "$EXIT_CODE" ]; then
logg error "$1 was not successfully installed via Homebrew"
gum log -sl error "$1 was not successfully installed via Homebrew"
unset EXIT_CODE
fi
else
logg error "brew is unavailable. Cannot use it to perform installation of $1"
gum log -sl error "brew is unavailable. Cannot use it to perform installation of $1"
fi
else
logg info "$1 is already installed"
gum log -sl info "$1 is already installed"
fi
}
@ -158,7 +158,7 @@ ensureDeltaInstalled() {
logg 'Installing delta via Homebrew'
brew install --quiet git-delta || DELTA_EXIT_CODE=$?
if [ -n "$DELTA_EXIT_CODE" ]; then
logg error 'git-delta was not successfully installed via Homebrew'
gum log -sl error 'git-delta was not successfully installed via Homebrew'
fi
else
logg 'brew is unavailable. Cannot use it to perform a system installation of node.'
@ -176,7 +176,7 @@ ensureNodeInstalled() {
logg 'Installing node via Homebrew'
brew install --quiet node || NODE_EXIT_CODE=$?
if [ -n "$NODE_EXIT_CODE" ]; then
logg warn 'Calling brew link --overwrite node because the Node.js installation seems to be misconfigured'
gum log -sl warn 'Calling brew link --overwrite node because the Node.js installation seems to be misconfigured'
brew link --overwrite node
fi
else
@ -192,9 +192,9 @@ ensureNodeInstalled() {
ensureUserGroup() {
if [ "{{ .host.distro.family }}" = "darwin" ]; then
if [ -n "$USER" ]; then
logg info "Adding the $USER user to the $USER group"
gum log -sl info "Adding the $USER user to the $USER group"
### Ensure user has group of same name (required for Macports)
logg info "Ensuring user ($USER) has a group with the same name ($USER) and that it is a member. Sudo privileges may be required"
gum log -sl info "Ensuring user ($USER) has a group with the same name ($USER) and that it is a member. Sudo privileges may be required"
GROUP="$USER"
USERNAME="$USER"
@ -227,7 +227,7 @@ ensureUserGroup() {
### Add user to group
sudo dseditgroup -o edit -t user -a $USERNAME $GROUP
else
logg warn 'The USER environment variable is unavailable'
gum log -sl warn 'The USER environment variable is unavailable'
fi
fi
}
@ -239,7 +239,7 @@ increaseMapCount() {
if [ ! -d /Applications ] && [ ! -d /System ]; then
### Linux
if command -v sysctl > /dev/null; then
logg info 'Increasing vm.max_map_count size to 262144'
gum log -sl info 'Increasing vm.max_map_count size to 262144'
sudo sysctl -w vm.max_map_count=262144 > /dev/null
fi
fi
@ -247,12 +247,12 @@ increaseMapCount() {
# @description Helper function for installDocker that installs pre-built gVisor using method recommended on official website
function gVisorPreBuilt() {
logg info 'Installing gVisor using method recommended on official website'
gum log -sl info 'Installing gVisor using method recommended on official website'
set -e
mkdir /tmp/gvisor && cd /tmp/gvisor
ARCH=$(uname -m)
URL="https://storage.googleapis.com/gvisor/releases/release/latest/${ARCH}"
logg info 'Downloading gVisor runsc and containerd-shim-runsc-v1 SHA signatures'
gum log -sl info 'Downloading gVisor runsc and containerd-shim-runsc-v1 SHA signatures'
wget "${URL}/runsc" "${URL}/runsc.sha512" "${URL}/containerd-shim-runsc-v1" "${URL}/containerd-shim-runsc-v1.sha512"
sha512sum -c runsc.sha512 -c containerd-shim-runsc-v1.sha512
rm -f *.sha512
@ -263,7 +263,7 @@ function gVisorPreBuilt() {
# @description Helper function for installDocker that installs gVisor using alternate Go method described on the GitHub page
function gVisorGo() {
# Official build timed out - use Go method
logg info 'Installing gVisor using the Go fallback method'
gum log -sl info 'Installing gVisor using the Go fallback method'
sudo chown -Rf "$(whoami)" /usr/local/src/gvisor
cd /usr/local/src/gvisor
echo "module runsc" > go.mod
@ -275,7 +275,7 @@ function gVisorGo() {
# @description Helper function for installDocker that installs gVisor using the [GitHub developer page method](https://github.com/google/gvisor#installing-from-source). This method requires Docker to be installed
function gVisorSource() {
### Ensure sources are cloned / up-to-date
logg info 'Building gVisor from source'
gum log -sl info 'Building gVisor from source'
if [ -d /usr/local/src/gvisor ]; then
cd /usr/local/src/gvisor
sudo git reset --hard HEAD
@ -294,7 +294,7 @@ function gVisorSource() {
if [ -f ./bin/runsc ]; then
sudo cp ./bin/runsc /usr/local/bin
else
logg error 'Timed out while building runsc from source (10 minutes)' && exit 6
gum log -sl error 'Timed out while building runsc from source (10 minutes)' && exit 6
fi
}
@ -317,32 +317,32 @@ installDocker() {
### Ensures `~/.config/docker` is symlinked to `~/.docker` which is required for Docker Desktop compatibility since it currently does not honor XDG spec. This will
### remove the current configuration at `~/.docker` if it is present and not symlinked to `~/.config/docker`.
if [ "$(readlink -f "$HOME/.docker")" != "${XDG_CONFIG_HOME:-$HOME/.config}/docker" ]; then
logg info 'Removing ~/.docker if present' && rm -rf "$HOME/.docker"
logg info 'Ensuring ~/.config/docker exists' && mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/docker"
logg info 'Symlinking ~/.config/docker to ~/.docker for Docker Desktop compatibility' && ln -s "${XDG_CONFIG_HOME:-$HOME/.config}/docker" "$HOME/.docker"
gum log -sl info 'Removing ~/.docker if present' && rm -rf "$HOME/.docker"
gum log -sl info 'Ensuring ~/.config/docker exists' && mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/docker"
gum log -sl info 'Symlinking ~/.config/docker to ~/.docker for Docker Desktop compatibility' && ln -s "${XDG_CONFIG_HOME:-$HOME/.config}/docker" "$HOME/.docker"
else
logg info 'Symlink from ~/.config/docker to ~/.docker is already present'
gum log -sl info 'Symlink from ~/.config/docker to ~/.docker is already present'
fi
### Install Docker
if [ -d /Applications ] && [ -d /System ]; then
### macOS
if [ ! -d /Applications/Docker.app ]; then
logg info 'Installing Docker on macOS via Homebrew cask'
gum log -sl info 'Installing Docker on macOS via Homebrew cask'
brew install --cask --quiet --no-quarantine docker
else
logg info 'Docker appears to be installed already'
gum log -sl info 'Docker appears to be installed already'
fi
logg info 'Opening the Docker for Desktop app so that the Docker engine starts running'
gum log -sl info 'Opening the Docker for Desktop app so that the Docker engine starts running'
# TODO - --install-privileged-components may be necessary for `docker extension` command but it causes the command to no longer work
# open --background -a Docker --args --accept-license --unattended --install-privileged-components
open --background -a Docker --args --accept-license --unattended
elif command -v apt-get > /dev/null; then
. /etc/os-release
if [ "$ID" == 'ubuntu' ]; then
logg info 'Installing Docker on Ubuntu'
gum log -sl info 'Installing Docker on Ubuntu'
else
logg info 'Installing Docker on Debian'
gum log -sl info 'Installing Docker on Debian'
fi
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg lsb-release
@ -355,33 +355,33 @@ installDocker() {
elif command -v dnf > /dev/null; then
. /etc/os-release
if [ "$ID" == 'centos' ]; then
logg info 'Installing Docker on CentOS'
gum log -sl info 'Installing Docker on CentOS'
elif [ "$ID" == 'fedora' ]; then
logg info 'Installing Docker on Fedora'
gum log -sl info 'Installing Docker on Fedora'
else
logg error 'Unknown OS - cannot install Docker' && exit 1
gum log -sl error 'Unknown OS - cannot install Docker' && exit 1
fi
sudo dnf -y install dnf-plugins-core
sudo dnf config-manager --add-repo "https://download.docker.com/linux/$ID/docker-ce.repo"
sudo dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
elif command -v yum > /dev/null; then
# CentOS
logg info 'Installing Docker on CentOS'
gum log -sl info 'Installing Docker on CentOS'
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
elif command -v apk > /dev/null; then
# Alpine
logg info 'Installing Docker on Alpine'
gum log -sl info 'Installing Docker on Alpine'
sudo apk add --update docker
elif command -v pacman > /dev/null; then
# Archlinux
logg info 'Installing Docker on Archlinux'
gum log -sl info 'Installing Docker on Archlinux'
sudo pacman -Syu
sudo pacman -S docker
elif command -v zypper > /dev/null; then
# OpenSUSE
logg info 'Installing Docker on OpenSUSE'
gum log -sl info 'Installing Docker on OpenSUSE'
sudo zypper addrepo https://download.docker.com/linux/sles/docker-ce.repo
sudo zypper install docker-ce docker-ce-cli containerd.io docker-compose-plugin
fi
@ -390,10 +390,10 @@ installDocker() {
if command -v groupadd > /dev/null; then
# Linux
if ! cat /etc/group | grep docker > /dev/null; then
logg info 'Creating Docker group'
gum log -sl info 'Creating Docker group'
sudo groupadd docker
fi
logg info 'Adding user to Docker group'
gum log -sl info 'Adding user to Docker group'
sudo usermod -aG docker "$USER"
fi
@ -416,13 +416,13 @@ installDocker() {
### Install gVisor
gVisorPreBuilt || PRE_BUILT_EXIT_CODE=$?
if [ -n "$PRE_BUILT_EXIT_CODE" ]; then
logg warn 'gVisor failed to install using the pre-built method'
gum log -sl warn 'gVisor failed to install using the pre-built method'
gVisorGo || GO_METHOD_EXIT_CODE=$?
if [ -n "$GO_METHOD_EXIT_CODE" ]; then
logg warn 'gVisor failed to install using the Go fallback method'
gum log -sl warn 'gVisor failed to install using the Go fallback method'
gVisorSource || SOURCE_EXIT_CODE=$?
if [ -n "$SOURCE_EXIT_CODE" ]; then
logg error 'All gVisor installation methods failed' && exit 1
gum log -sl error 'All gVisor installation methods failed' && exit 1
else
logg success 'gVisor installed via source'
fi
@ -433,36 +433,36 @@ installDocker() {
logg success 'gVisor installed from pre-built Google-provided binaries'
fi
else
logg info 'runsc is installed'
gum log -sl info 'runsc is installed'
fi
### Ensure Docker is configured to use runsc
if [ ! -f /etc/docker/daemon.json ]; then
### Configure Docker to use gVisor
### Create /etc/docker/daemon.json
logg info 'Creating /etc/docker'
gum log -sl info 'Creating /etc/docker'
sudo mkdir -p /etc/docker
if [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/dot_config/docker/daemon.json.tmpl" ]; then
logg info 'Creating /etc/docker/daemon.json'
gum log -sl info 'Creating /etc/docker/daemon.json'
chezmoi cat "${XDG_CONFIG_HOME:-$HOME/.config}/docker/config.json" | sudo tee /etc/docker/daemon.json
else
logg warn "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/dot_config/docker/daemon.json.tmpl is not available so the /etc/docker/daemon.json file cannot be populated"
gum log -sl warn "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/dot_config/docker/daemon.json.tmpl is not available so the /etc/docker/daemon.json file cannot be populated"
fi
### Restart / enable Docker
if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]] && command -v systemctl > /dev/null; then
logg info 'Restarting Docker service'
gum log -sl info 'Restarting Docker service'
sudo systemctl restart docker.service
sudo systemctl restart containerd.service
fi
### Test Docker /w runsc
logg info 'Testing that Docker can load application with runsc'
gum log -sl info 'Testing that Docker can load application with runsc'
docker run --rm --runtime=runsc hello-world || RUNSC_EXIT_CODE=$?
if [ -n "$RUNSC_EXIT_CODE" ]; then
logg error 'Failed to run the Docker hello-world container with runsc' && exit 5
gum log -sl error 'Failed to run the Docker hello-world container with runsc' && exit 5
else
logg info 'Docker successfully ran the hello-world container with runsc'
gum log -sl info 'Docker successfully ran the hello-world container with runsc'
fi
fi
fi
@ -486,7 +486,7 @@ installDocker() {
installJumpCloud() {
if [ "{{ .host.distro.family }}" = "linux" ]; then
if [ "{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "JUMPCLOUD_CONNECT_KEY")) }}{{- includeTemplate "secrets/JUMPCLOUD_CONNECT_KEY" | decrypt | trim -}}{{ else }}{{- env "JUMPCLOUD_CONNECT_KEY" -}}{{ end }}" != "" ]; then
logg info 'Enrolling device with JumpCloud by running the kickstart script'
gum log -sl info 'Enrolling device with JumpCloud by running the kickstart script'
curl --tlsv1.2 --silent --show-error --header 'x-connect-key: {{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "JUMPCLOUD_CONNECT_KEY")) }}{{- includeTemplate "secrets/JUMPCLOUD_CONNECT_KEY" | decrypt | trim -}}{{ else }}{{- env "JUMPCLOUD_CONNECT_KEY" -}}{{ end }}' https://kickstart.jumpcloud.com/Kickstart | sudo bash
fi
fi
@ -496,7 +496,7 @@ installJumpCloud() {
installSystemPips() {
### Upgrade on macOS
if [ -f /Library/Developer/CommandLineTools/usr/bin/python3 ]; then
logg info 'Ensuring macOS system python3 has latest version of pip'
gum log -sl info 'Ensuring macOS system python3 has latest version of pip'
/Library/Developer/CommandLineTools/usr/bin/python3 -m pip install --upgrade pip
fi
@ -506,13 +506,13 @@ installSystemPips() {
if ! python3 -m certifi > /dev/null; then
pip3 install --break-system-packages certifi
else
logg info 'certifi is available to python3'
gum log -sl info 'certifi is available to python3'
fi
else
logg warn 'python3 is not available on the system'
gum log -sl warn 'python3 is not available on the system'
fi
else
logg warn 'pip3 is not available on the system'
gum log -sl warn 'pip3 is not available on the system'
fi
}
@ -571,23 +571,23 @@ setHostname() {
COMPUTER_NAME="{{ .host.hostname }}"
if [ -d /Applications ] && [ -d /System ]; then
# Source: https://apple.stackexchange.com/questions/287760/set-the-hostname-computer-name-for-macos
logg info 'Setting macOS hostname / local hostname / computer name'
logg info "Changing HostName to $HOSTNAME" && sudo scutil --set HostName "$HOSTNAME" && logg info "Changed HostName to $HOSTNAME"
logg info "Changing LocalHostName to $LOCAL_HOSTNAME" && sudo scutil --set LocalHostName "$LOCAL_HOSTNAME" && logg info "Changed LocalHostName to $LOCAL_HOSTNAME"
logg info "Changing ComputerName to $COMPUTER_NAME" && sudo scutil --set ComputerName "$COMPUTER_NAME" && logg info "Changed ComputerName to $COMPUTER_NAME"
logg info 'Flushing DNS cache'
gum log -sl info 'Setting macOS hostname / local hostname / computer name'
gum log -sl info "Changing HostName to $HOSTNAME" && sudo scutil --set HostName "$HOSTNAME" && gum log -sl info "Changed HostName to $HOSTNAME"
gum log -sl info "Changing LocalHostName to $LOCAL_HOSTNAME" && sudo scutil --set LocalHostName "$LOCAL_HOSTNAME" && gum log -sl info "Changed LocalHostName to $LOCAL_HOSTNAME"
gum log -sl info "Changing ComputerName to $COMPUTER_NAME" && sudo scutil --set ComputerName "$COMPUTER_NAME" && gum log -sl info "Changed ComputerName to $COMPUTER_NAME"
gum log -sl info 'Flushing DNS cache'
sudo dscacheutil -flushcache
elif [ -f /etc/passwd ]; then
logg info 'Setting Linux hostname'
gum log -sl info 'Setting Linux hostname'
sudo hostname "$HOSTNAME" && logg success "Changed hostname to $HOSTNAME"
if command -v hostnamectl > /dev/null; then
logg info 'Ensuring hostname persists after reboot'
gum log -sl info 'Ensuring hostname persists after reboot'
sudo hostnamectl set-hostname "$HOSTNAME" && logg success "Permanently changed hostname to $HOSTNAME"
else
logg warn 'hostnamectl was not available in the PATH - this operating system type might be unsupported'
gum log -sl warn 'hostnamectl was not available in the PATH - this operating system type might be unsupported'
fi
else
logg warn 'Could not configure hostname because system type was not detectable'
gum log -sl warn 'Could not configure hostname because system type was not detectable'
fi
}
@ -602,15 +602,15 @@ setHostname() {
setNtpServer() {
if command -v m > /dev/null; then
### macOS
logg info 'Copying ~/.local/etc/ntp.conf to /etc/ntp.conf'
gum log -sl info 'Copying ~/.local/etc/ntp.conf to /etc/ntp.conf'
sudo cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/dot_local/etc/ntp.conf" /etc/ntp.conf
logg info 'Copying ~/.local/etc/ntp.conf to /private/etc/ntp.conf'
gum log -sl info 'Copying ~/.local/etc/ntp.conf to /private/etc/ntp.conf'
sudo cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/dot_local/etc/ntp.conf" /private/etc/ntp.conf
logg info 'Turning off setusingnetworktime for 2 seconds' && sudo systemsetup -setusingnetworktime off 2>/dev/null 1>&2
gum log -sl info 'Turning off setusingnetworktime for 2 seconds' && sudo systemsetup -setusingnetworktime off 2>/dev/null 1>&2
sleep 2
logg info 'Re-enabling setusingnetworktime' && sudo systemsetup -setusingnetworktime on 2>/dev/null 1>&2
gum log -sl info 'Re-enabling setusingnetworktime' && sudo systemsetup -setusingnetworktime on 2>/dev/null 1>&2
else
logg warn 'Skipped setting the NTP server'
gum log -sl warn 'Skipped setting the NTP server'
fi
}
@ -619,13 +619,13 @@ setNtpServer() {
setTimezone() {
if command -v timedatectl > /dev/null; then
### Linux
logg info 'Setting timezone to {{ .user.timezone }}'
gum log -sl info 'Setting timezone to {{ .user.timezone }}'
sudo timedatectl set-timezone {{ .user.timezone }}
elif command -v systemsetup > /dev/null && [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Setting timezone to {{ .user.timezone }}' && sudo systemsetup -settimezone "{{ .user.timezone }}" 2>/dev/null 1>&2
gum log -sl info 'Setting timezone to {{ .user.timezone }}' && sudo systemsetup -settimezone "{{ .user.timezone }}" 2>/dev/null 1>&2
else
logg warn 'Neither timedatectl (Linux) or systemsetup (macOS) were found on the system'
gum log -sl warn 'Neither timedatectl (Linux) or systemsetup (macOS) were found on the system'
fi
}
@ -639,25 +639,25 @@ setTimezone() {
# ```
showNotificationCenter() {
if command -v m > /dev/null; then
logg info 'Configuring macOS to show notification center' && m notification showcenter YES &> /dev/null
gum log -sl info 'Configuring macOS to show notification center' && m notification showcenter YES &> /dev/null
fi
}
installAnsible() {
if command -v pipx > /dev/null; then
if [ ! -f "${XDG_CACHE_HOME:-$HOME/.cache}/install.doctor/ansible-installed" ]; then
logg info 'Running pipx install ansible' && pipx install ansible
gum log -sl info 'Running pipx install ansible' && pipx install ansible
if [ -d /Applications ] && [ -d /System ]; then
logg info 'Injecting ansible pipx with ansible PyObjC PyObjC-core because system is macOS' && pipx inject ansible PyObjC PyObjC-core
gum log -sl info 'Injecting ansible pipx with ansible PyObjC PyObjC-core because system is macOS' && pipx inject ansible PyObjC PyObjC-core
fi
logg info 'Running pipx inject ansible docker lxml netaddr pexpect python-vagrant pywinrm requests-credssp watchdog' && pipx inject ansible docker lxml netaddr pexpect python-vagrant pywinrm requests-credssp watchdog
gum log -sl info 'Running pipx inject ansible docker lxml netaddr pexpect python-vagrant pywinrm requests-credssp watchdog' && pipx inject ansible docker lxml netaddr pexpect python-vagrant pywinrm requests-credssp watchdog
mkdir -p "${XDG_CACHE_HOME:-$HOME/.cache}/install.doctor"
touch "${XDG_CACHE_HOME:-$HOME/.cache}/install.doctor/ansible-installed"
else
logg info 'Ansible installation routine appears to have already been run'
gum log -sl info 'Ansible installation routine appears to have already been run'
fi
else
logg warn 'pipx is unavailable to use for installing Ansible'
gum log -sl warn 'pipx is unavailable to use for installing Ansible'
fi
}
@ -678,33 +678,33 @@ installBrewPackages() {
ensureBrewPackageInstalled "whalebrew"
wait
logg success 'Finished installing auxilary Homebrew packages'
logg info 'Ensuring Ansible is installed (with plugins)' && installAnsible
gum log -sl info 'Ensuring Ansible is installed (with plugins)' && installAnsible
}
ensureMacportsInstalled() {
if [ -d /Applications ] && [ -d /System ]; then
if ! command -v port > /dev/null; then
logg info 'Ensuring /opt/mports/macports-base is removed' && sudo rm -rf /opt/mports/macports-base
logg info 'Cloning source for macports to /opt/mports/macports-base' && sudo git clone --branch v2.8.0 --depth 1 https://github.com/macports/macports-base.git /opt/mports/macports-base
gum log -sl info 'Ensuring /opt/mports/macports-base is removed' && sudo rm -rf /opt/mports/macports-base
gum log -sl info 'Cloning source for macports to /opt/mports/macports-base' && sudo git clone --branch v2.8.0 --depth 1 https://github.com/macports/macports-base.git /opt/mports/macports-base
cd /opt/mports/macports-base
logg info 'Building macports' && sudo bash --noprofile --norc -c './configure --enable-readline && make && make install && make distclean'
logg info 'Adding /opt/local/bin to PATH because port is installed there'
gum log -sl info 'Building macports' && sudo bash --noprofile --norc -c './configure --enable-readline && make && make install && make distclean'
gum log -sl info 'Adding /opt/local/bin to PATH because port is installed there'
export PATH="/opt/local/bin:$PATH"
logg info 'Running sudo port selfupdate' && sudo port selfupdate
gum log -sl info 'Running sudo port selfupdate' && sudo port selfupdate
fi
fi
}
setupSnap() {
if [ ! -d /Applications ] && [ ! -d /System ] && command -v snap > /dev/null; then
logg info 'Enabling snapd' && sudo systemctl enable snapd
logg info 'Starting snapd' && sudo systemctl start snapd
gum log -sl info 'Enabling snapd' && sudo systemctl enable snapd
gum log -sl info 'Starting snapd' && sudo systemctl start snapd
if [ -d /snap ]; then
logg info 'Linking /var/lib/snapd/snap to /snap' && sudo ln -s /var/lib/snapd/snap /snap
gum log -sl info 'Linking /var/lib/snapd/snap to /snap' && sudo ln -s /var/lib/snapd/snap /snap
fi
logg info 'Running sudo snap info core' && sudo snap info core
logg info 'Running sudo snap wait system seed.loaded' && sudo snap wait system seed.loaded
logg info 'Running sudo snap install core' && sudo snap install core
gum log -sl info 'Running sudo snap info core' && sudo snap info core
gum log -sl info 'Running sudo snap wait system seed.loaded' && sudo snap wait system seed.loaded
gum log -sl info 'Running sudo snap install core' && sudo snap install core
fi
}
@ -721,17 +721,17 @@ installNix() {
if ! command -v nix-shell > /dev/null; then
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Installing nix for macOS' && sh <(curl -L https://nixos.org/nix/install) --yes
gum log -sl info 'Installing nix for macOS' && sh <(curl -L https://nixos.org/nix/install) --yes
else
### Linux
logg info 'Installing nix' && sh <(curl -L https://nixos.org/nix/install) --daemon --yes
gum log -sl info 'Installing nix' && sh <(curl -L https://nixos.org/nix/install) --daemon --yes
fi
fi
}
rustUpInit() {
if command -v rustup-init > /dev/null && ! command -v rustc > /dev/null; then
logg info 'Running rustup-init -y' && rustup-init -y
gum log -sl info 'Running rustup-init -y' && rustup-init -y
fi
}
@ -758,25 +758,25 @@ zapInstall() {
fi
export ARCH
fi
logg info 'Downloading zap to /usr/local/bin/zap' && sudo curl -sSL --output /usr/local/bin/zap "https://github.com/srevinsaju/zap/releases/download/continuous/zap-${ARCH}"
logg info 'Making /usr/local/bin/zap executable' && sudo chmod +x /usr/local/bin/zap
gum log -sl info 'Downloading zap to /usr/local/bin/zap' && sudo curl -sSL --output /usr/local/bin/zap "https://github.com/srevinsaju/zap/releases/download/continuous/zap-${ARCH}"
gum log -sl info 'Making /usr/local/bin/zap executable' && sudo chmod +x /usr/local/bin/zap
fi
fi
}
addFlathub() {
if command -v flatpak > /dev/null; then
logg info 'Adding flatpak flathub repository' && sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
gum log -sl info 'Adding flatpak flathub repository' && sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
fi
}
installXcode() {
if [ -d /Applications ] && [ -d /System ]; then
if [ ! -d /Applications/Xcode.app ]; then
logg info 'Installing Xcode via mas - the installation will timeout after 40 minutes if Apple account is not signed into'
gum log -sl info 'Installing Xcode via mas - the installation will timeout after 40 minutes if Apple account is not signed into'
timeout 2400 mas install 497799835 || MAS_EXIT_CODE=$?
if [ -n "$MAS_EXIT_CODE" ]; then
logg error 'Failed to install Xcode'
gum log -sl error 'Failed to install Xcode'
fi
else
logg success 'Xcode is already installed'
@ -786,25 +786,25 @@ installXcode() {
setupLinuxHomebrewFonts() {
if [ ! -d /Applications ] && [ ! -d /System ]; then
logg info 'Tapping homebrew/linux-fonts' && brew tap homebrew/linux-fonts
logg info 'Symlinking linuxbrew/share/fonts to /usr/local/share' && sudo ln -s /home/linuxbrew/.linuxbrew/share/fonts -t /usr/local/share
gum log -sl info 'Tapping homebrew/linux-fonts' && brew tap homebrew/linux-fonts
gum log -sl info 'Symlinking linuxbrew/share/fonts to /usr/local/share' && sudo ln -s /home/linuxbrew/.linuxbrew/share/fonts -t /usr/local/share
if command -v fc-cache > /dev/null; then
logg info 'Running sudo fc-cache -fv' && sudo fc-cache -fv
gum log -sl info 'Running sudo fc-cache -fv' && sudo fc-cache -fv
else
logg warn 'fc-cache binary not available for setting up Linux Homebrew fonts'
gum log -sl warn 'fc-cache binary not available for setting up Linux Homebrew fonts'
fi
fi
}
miscMacOs() {
if [ ! -d "$HOME/Library/PreferencePanes" ]; then
logg info 'Ensuring $HOME/Library/PreferencePanes exists as a folder' && mkdir -p "$HOME/Library/PreferencePanes"
gum log -sl info 'Ensuring $HOME/Library/PreferencePanes exists as a folder' && mkdir -p "$HOME/Library/PreferencePanes"
fi
}
# TODO - Add install on macOS for macports
if [ -n "$DEBUG" ] || [ -n "$DEBUG_MODE" ]; then
logg info 'The DEBUG or DEBUG_MODE environment variable is set so preliminary system tweaks will be run synchronously'
gum log -sl info 'The DEBUG or DEBUG_MODE environment variable is set so preliminary system tweaks will be run synchronously'
installXcode
addFlathub
allocateSwap

14
home/.chezmoiscripts_disabled/disabled/executable_post-gitlab-runner.sh
View file

@ -44,18 +44,18 @@ if command -v docker > /dev/null && docker run --rm hello-world > /dev/null; the
HAS_DOCKER=1
else
HAS_DOCKER=0
logg warn 'Docker is not installed or it is not operational'
gum log -sl warn 'Docker is not installed or it is not operational'
fi
### Check if VirtualBox is installed and operational so VirtualBox executor(s) can be registered
if command -v VirtualBox > /dev/null; then
HAS_VIRTUALBOX=1
else
HAS_VIRTUALBOX=0
logg warn 'VirtualBox is not installed'
gum log -sl warn 'VirtualBox is not installed'
fi
### Configure runners if Docker or VirtualBox is installed
if [ $HAS_DOCKER -eq 0 ] && [ $HAS_VIRTUALBOX -eq 0 ]; then
logg warn 'Docker and VirtualBox are not installed. Not registering runner(s).'
gum log -sl warn 'Docker and VirtualBox are not installed. Not registering runner(s).'
else
### Run logic if gitlab-runner is installed
if command -v gitlab-runner > /dev/null; then
@ -77,7 +77,7 @@ else
--token $GITLAB_RUNNER_TOKEN \` }}
### Register Docker based runners if Docker is installed and operational
if [ $HAS_DOCKER -eq 1 ]; then
logg info 'Registering GitLab Runner(s) that use Docker executor'
gum log -sl info 'Registering GitLab Runner(s) that use Docker executor'
{{- range .host.gitlabRunners }}
{{- if index . "runnerImage" }}
{{- $cmd }}
@ -92,7 +92,7 @@ else
fi
### Register VirtualBox based runners if VirtualBox is installed
if [ $HAS_VIRTUALBOX -eq 1 ]; then
logg info 'Registering GitLab Runner(s) that use VirtualBox executor'
gum log -sl info 'Registering GitLab Runner(s) that use VirtualBox executor'
{{- range .host.gitlabRunners }}
{{- if index . "baseVM" }}
{{- $cmd }}
@ -106,9 +106,9 @@ else
{{ end }}
fi
else
logg warn 'GITLAB_RUNNER_TOKEN is not set. Not registering runner(s)'
gum log -sl warn 'GITLAB_RUNNER_TOKEN is not set. Not registering runner(s)'
fi
else
logg warn 'gitlab-runner is not installed or is not available in PATH'
gum log -sl warn 'gitlab-runner is not installed or is not available in PATH'
fi
fi

6
home/.chezmoiscripts_disabled/disabled/executable_post-vscodium.sh
View file

@ -9,11 +9,11 @@ if command -v codium > /dev/null; then
EXTENSIONS="$(codium --list-extensions)"
jq -r '.recommendations[]' "${XDG_CONFIG_HOME:-$HOME/.config}/Code/User/extensions.json" | while read EXTENSION; do
if ! echo "$EXTENSIONS" | grep -iF "$EXTENSION" > /dev/null; then
logg info 'Installing VSCodium extension '"$EXTENSION"'' && codium --install-extension "$EXTENSION" && logg success 'Installed '"$EXTENSION"''
gum log -sl info 'Installing VSCodium extension '"$EXTENSION"'' && codium --install-extension "$EXTENSION" && logg success 'Installed '"$EXTENSION"''
else
logg info ''"$EXTENSION"' already installed'
gum log -sl info ''"$EXTENSION"' already installed'
fi
done
else
logg info 'codium executable not available - skipping plugin install process for it'
gum log -sl info 'codium executable not available - skipping plugin install process for it'
fi

14
home/.chezmoiscripts_disabled/disabled/executable_post-xcode.sh
View file

@ -3,29 +3,29 @@
### Load AWS secrets
if [ -d /Applications ] && [ -d /System ] && [ ! -d /Applications/Xcode.app ]; then
### Remove old files
logg info 'Removing old ~/.xcodeinstall folder' && rm -rf ~/.xcodeinstall
gum log -sl info 'Removing old ~/.xcodeinstall folder' && rm -rf ~/.xcodeinstall
### Ensure xcodeinstall installed
if ! command -v xcodeinstall > /dev/null; then
logg info 'Installing xcodeinstall'
gum log -sl info 'Installing xcodeinstall'
brew install sebsto/macos/xcodeinstall
fi
### Authenticate
logg info 'Authenticating with AWS via xcodeinstall'
gum log -sl info 'Authenticating with AWS via xcodeinstall'
xcodeinstall authenticate -s "$AWS_DEFAULT_REGION"
### Download files
while read XCODE_DOWNLOAD_ITEM; do
if [[ "$XCODE_DOWNLOAD_ITEM" != *"Command Line Tools"* ]]; then
DOWNLOAD_ID="$(echo "$XCODE_DOWNLOAD_ITEM" | sed 's/^\[\(.*\)\] .*/\1/')"
logg info "Downloading $XCODE_DOWNLOAD_ITEM"
gum log -sl info "Downloading $XCODE_DOWNLOAD_ITEM"
echo "$DOWNLOAD_ID" | xcodeinstall download -s "$AWS_DEFAULT_REGION"
fi
done < <(xcodeinstall list -s "$AWS_DEFAULT_REGION" | grep --invert-match 'Release Candidate' | grep --invert-match ' beta ' | grep ' Xcode \d\d ')
### Install Xcode
logg info 'Installing Xcode'
gum log -sl info 'Installing Xcode'
xcodeinstall install --name "$(basename "$(find ~/.xcodeinstall/download -maxdepth 1 -name "*.xip")")"
### Install Command Line Tools
@ -33,7 +33,7 @@ if [ -d /Applications ] && [ -d /System ] && [ ! -d /Applications/Xcode.app ]; t
# xcodeinstall install --name "$(basename "$(find ~/.xcodeinstall/download -maxdepth 1 -name "*Command Line Tools*")")"
### Install Additional Tools
logg info 'Installing Additional Tools'
gum log -sl info 'Installing Additional Tools'
while read ADDITIONAL_TOOLS; do
hdiutil attach "$ADDITIONAL_TOOLS"
rm -rf "/Applications/Additional Tools"
@ -42,7 +42,7 @@ if [ -d /Applications ] && [ -d /System ] && [ ! -d /Applications/Xcode.app ]; t
done < <(find ~/.xcodeinstall/download -name "Additional Tools*")
### Install Font Tools
logg info 'Installing Font Tools'
gum log -sl info 'Installing Font Tools'
while read FONT_TOOLS; do
hdiutil attach "$FONT_TOOLS"
cd "$(find /Volumes -maxdepth 1 -name "*Font Tools*")"

6
home/.chezmoiscripts_disabled/disabled/run_onchange_after_08-git-hooks.tmpl
View file

@ -20,18 +20,18 @@
{{- end }}
### Ensure git hooks directory exists
logg info 'Ensuring git hooks directory exists'
gum log -sl info 'Ensuring git hooks directory exists'
mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/git/template/hooks"
### Ensure git hooks are executable
logg info 'Ensuring git hooks are up-to-date'
gum log -sl info 'Ensuring git hooks are up-to-date'
find "${XDG_DATA_HOME:-$HOME/.local/share}/shared-common/common/.config/husky" -mindepth 1 -maxdepth 1 -type f | while read HOOK; do
cp "$HOOK" "${XDG_CONFIG_HOME:-$HOME/.config}/git/template/hooks"
done
### Make git hooks executable
if [ -d "${XDG_CONFIG_HOME:-$HOME/.config}/git/template/hooks" ]; then
logg info 'Ensuring git hooks are executable'
gum log -sl info 'Ensuring git hooks are executable'
chmod +x "${XDG_CONFIG_HOME:-$HOME/.config}/git/template/hooks/"*
fi

18
home/.chezmoiscripts_disabled/disabled/run_onchange_after_14-gcloud.sh.tmpl
View file

@ -14,25 +14,25 @@
if command -v gcloud > /dev/null; then
if [ -f "${$XDG_CONFIG_HOME:-$HOME/.config}/gcloud/s3-client-secret.json" ]; then
logg info 'Authenticating with gcloud S3 service account'
gum log -sl info 'Authenticating with gcloud S3 service account'
echo Y | gcloud auth login --cred-file=s3-gcp.json
if gcloud config get-value account > /dev/null && logg info 'gcloud is authenticated'; then
logg info 'Disabling usage reporting' && gcloud config set disable_usage_reporting true
if gcloud config get-value account > /dev/null && gum log -sl info 'gcloud is authenticated'; then
gum log -sl info 'Disabling usage reporting' && gcloud config set disable_usage_reporting true
BUCKETS="$(gcloud storage buckets list | grep 'storage_url:')"
for BUCKET in "docker" "private" "public" "system" "user"; do
if logg info "Checking for $BUCKET S3 presence on GCP" && ! echo "$BUCKETS" | grep "gs://${BUCKET}.s3.{{ .host.domain }}" > /dev/null; then
logg info "Creating gs://${BUCKET}.s3.{{ .host.domain }}" && gcloud storage buckets create "gs://${BUCKET}.s3.{{ .host.domain }}"
if gum log -sl info "Checking for $BUCKET S3 presence on GCP" && ! echo "$BUCKETS" | grep "gs://${BUCKET}.s3.{{ .host.domain }}" > /dev/null; then
gum log -sl info "Creating gs://${BUCKET}.s3.{{ .host.domain }}" && gcloud storage buckets create "gs://${BUCKET}.s3.{{ .host.domain }}"
fi
done
logg info 'Finished ensuring S3 buckets on gcloud are created'
gum log -sl info 'Finished ensuring S3 buckets on gcloud are created'
else
logg error 'gcloud is not authenticated'
gum log -sl error 'gcloud is not authenticated'
fi
else
logg info 'No client secret available for gcloud S3 service account'
gum log -sl info 'No client secret available for gcloud S3 service account'
fi
else
logg error 'The gcloud executable is not available'
gum log -sl error 'The gcloud executable is not available'
fi
{{ end -}}

6
home/.chezmoiscripts_disabled/disabled/run_onchange_after_18-configure-firewall.sh.tmpl
View file

@ -9,11 +9,11 @@
if [ -d /Applications ] && [ -d /System ]; then
# System is macOS
logg info 'Enabling macOS firewall'
gum log -sl info 'Enabling macOS firewall'
elif command -v firewall-cmd > /dev/null; then
# System is Linux and has firewall-cmd present in PATH
logg info 'Setting up firewall using firewall-cmd'
gum log -sl info 'Setting up firewall using firewall-cmd'
elif command -v ufw > /dev/null; then
# System is Linux and has ufw present in PATH
logg info 'Setting up firewall using ufw'
gum log -sl info 'Setting up firewall using ufw'
fi

6
home/.chezmoiscripts_disabled/disabled/run_onchange_after_81-k8s-digitalocean.sh.tmpl
View file

@ -17,15 +17,15 @@ export DIGITALOCEAN_ACCESS_TOKEN="{{ if (stat (joinPath .chezmoi.sourceDir ".che
if [ -n "$DIGITALOCEAN_ACCESS_TOKEN" ] && [ -n '{{ .user.digitalOceanClusterId }}' ]; then
### Ensure DigitalOcean CLI is instaled
if ! command -v doctl > /dev/null; then
logg info 'doctl is missing - installing via Homebrew'
gum log -sl info 'doctl is missing - installing via Homebrew'
brew install --quiet doctl
fi
### Connect to the k8s cluster with `doctl`
logg info 'Connecting to the DigitalOcean k8s cluster with doctl'
gum log -sl info 'Connecting to the DigitalOcean k8s cluster with doctl'
doctl kubernetes cluster kubeconfig save {{ .user.digitalOceanClusterId }}
else
logg info 'Skipping connecting to the DigitalOcean k8s cluster because either the DIGITALOCEAN_ACCESS_TOKEN or the .user.digitalOceanClusterId is not defined'
gum log -sl info 'Skipping connecting to the DigitalOcean k8s cluster because either the DIGITALOCEAN_ACCESS_TOKEN or the .user.digitalOceanClusterId is not defined'
fi
{{ end -}}

2
home/.chezmoiscripts_disabled/disabled/run_onchange_after_81-kubesphere.yml.tmpl
View file

@ -10,6 +10,6 @@
{{ includeTemplate "universal/profile" }}
{{ includeTemplate "universal/logg" }}
logg info 'KubeSphere integration coming soon..'
gum log -sl info 'KubeSphere integration coming soon..'
{{ end -}}

2
home/.chezmoiscripts_disabled/disabled/run_onchange_after_82-kasm-workspaces.sh.tmpl
View file

@ -8,6 +8,6 @@
{{ includeTemplate "universal/profile" }}
{{ includeTemplate "universal/logg" }}
logg info 'Kasm Workspaces coming soon..'
gum log -sl info 'Kasm Workspaces coming soon..'
{{ end -}}

4
home/.chezmoiscripts_disabled/disabled/run_onchange_after_99-restart-gnome.sh.tmpl
View file

@ -18,10 +18,10 @@
### Restart GNOME if `HEADLESS_INSTALL` is defined and `gnome-shell` is available
if [ -n "$HEADLESS_INSTALL" ] && command -v gnome-shell > /dev/null; then
logg info 'Reloading gnome-shell'
gum log -sl info 'Reloading gnome-shell'
killall -3 gnome-shell
else
logg info 'Manually reload gnome-shell to see changes'
gum log -sl info 'Manually reload gnome-shell to see changes'
fi
{{ end -}}

6
home/dot_config/shell/macos.sh.tmpl
View file

@ -6,10 +6,10 @@
# This script houses a wide range of macOS system tweaks that are intended to improve the developer experience on macOS,
# as well as improve security. Some of the tweaks include modifying default settings for various applications.
logg info 'Applying optimized macOS settings'
gum log -sl info 'Applying optimized macOS settings'
# Ask for the administrator password upfront
logg info 'A sudo password is required to apply some of the macOS optimizations.'
gum log -sl info 'A sudo password is required to apply some of the macOS optimizations.'
sudo echo "Sudo access granted."
# Log commands
@ -926,5 +926,5 @@ defaults write com.tapbots.TweetbotMac OpenURLsDirectly -bool true
defaults -currentHost write com.apple.screensaver moduleDict -dict moduleName Brooklyn path "/System/Library/Screen Savers/Drift.saver"
logg success 'Done applying macOS settings'
logg info 'Some of these changes may require a logout/restart to take effect'
gum log -sl info 'Some of these changes may require a logout/restart to take effect'
{{ end -}}

20
home/dot_config/task/Taskfile.yml
View file

@ -79,7 +79,7 @@ tasks:
- |
cd "${XDG_DATA_HOME:-$HOME/.local/share}/bento"
packer init -upgrade ./packer_templates
logg info 'Building Ubuntu VirtualBox VMs'
gum log -sl info 'Building Ubuntu VirtualBox VMs'
packer build -var-file=os_pkrvars/ubuntu/ubuntu-22.04-x86_64.pkrvars.hcl ./packer_templates
brave:profile:backup:
@ -445,20 +445,20 @@ tasks:
if [ -d "{{ .ProfileFolder }}" ]; then
if [ -d "$HOME/.local/mnt/s3" ]; then
if command -v rclone > /dev/null && command -v restic > /dev/null; then
logg info '{{ .AppName }} profile folder exists and user S3 mount exists. Backing the profile up to user S3 bucket via Restic.'
gum log -sl info '{{ .AppName }} profile folder exists and user S3 mount exists. Backing the profile up to user S3 bucket via Restic.'
if ([ -z "$(restic -r "rclone:$USER-s3:user/{{ .RcloneRepository }}" --password-file "${XDG_CONFIG_HOME:-$HOME/.config}/age/chezmoi.txt" cat config)" ]) 2>/dev/null; then
logg info 'Initializing {{ .AppName }} Restic repository'
gum log -sl info 'Initializing {{ .AppName }} Restic repository'
restic -r "rclone:$USER-s3:user/{{ .RcloneRepository }}" --password-file "${XDG_CONFIG_HOME:-$HOME/.config}/age/chezmoi.txt" init
fi
restic -r "rclone:$USER-s3:user/{{ .RcloneRepository }}" --password-file "${XDG_CONFIG_HOME:-$HOME/.config}/age/chezmoi.txt" --verbose backup --tag "{{ .ProfileFolder }}" --tag {{ OS }} --tag "$HOST" "{{ .ProfileFolder }}"
else
logg error 'Both rclone and restic must be available' && exit 1
gum log -sl error 'Both rclone and restic must be available' && exit 1
fi
else
logg error 'User S3 bucket mount is unavailable. The presence of this folder is used to detect whether or not the user S3 Rclone configuration is in place.' && exit 1
gum log -sl error 'User S3 bucket mount is unavailable. The presence of this folder is used to detect whether or not the user S3 Rclone configuration is in place.' && exit 1
fi
else
logg warn 'The {{ .ProfileFolder }} folder does not exist. Skipping.'
gum log -sl warn 'The {{ .ProfileFolder }} folder does not exist. Skipping.'
fi
profile:restore:
@ -468,18 +468,18 @@ tasks:
if [ -d "$HOME/.local/mnt/s3" ]; then
if command -v rclone > /dev/null && command -v restic > /dev/null; then
if ([ -z "$(restic -r "rclone:$USER-s3:user/{{ .RcloneRepository }}" --password-file "${XDG_CONFIG_HOME:-$HOME/.config}/age/chezmoi.txt" cat config)" ]) 2>/dev/null; then
logg warn 'The {{ .AppName }} Rclone repository has not been initialized. Skipping.'
gum log -sl warn 'The {{ .AppName }} Rclone repository has not been initialized. Skipping.'
else
restic -r "rclone:$USER-s3:user/{{ .RcloneRepository }}" --password-file "${XDG_CONFIG_HOME:-$HOME/.config}/age/chezmoi.txt" restore latest --target '{{ .ProfileFolder }}'
fi
else
logg error 'Both rclone and restic must be available' && exit 1
gum log -sl error 'Both rclone and restic must be available' && exit 1
fi
else
logg error 'User S3 bucket mount is unavailable. The presence of this folder is used to detect whether or not the user S3 Rclone configuration is in place.' && exit 1
gum log -sl error 'User S3 bucket mount is unavailable. The presence of this folder is used to detect whether or not the user S3 Rclone configuration is in place.' && exit 1
fi
else
logg info 'The {{ .AppFolder }} folder that is used to detect the presence of {{ .AppName }} on the system is not present so the profile will not be restored for this type of {{ .AppName }} install.'
gum log -sl info 'The {{ .AppFolder }} folder that is used to detect the presence of {{ .AppName }} on the system is not present so the profile will not be restored for this type of {{ .AppName }} install.'
fi
squash-symlink:

38
home/dot_local/bin/executable_add-usergroup
View file

@ -11,13 +11,13 @@ set -euo pipefail
### Check if the script is being run as root
if [[ $EUID -ne 0 ]]; then
logg error "This script must be run as root"
gum log -sl error "This script must be run as root"
exit 1
fi
### Check if the correct number of arguments is provided
if [ "$#" -ne 2 ]; then
logg error "Usage: $0 <username> <groupname>"
gum log -sl error "Usage: $0 <username> <groupname>"
exit 1
fi
@ -48,65 +48,65 @@ if [ "$OS" == "Darwin" ]; then
### Create the group if it does not exist
if ! dscl . -list /Groups | grep -q "^$GROUPNAME\$"; then
logg info "Creating system group: $GROUPNAME"
gum log -sl info "Creating system group: $GROUPNAME"
SYSTEM_GID="$(find_next_system_id_macos "Groups" "PrimaryGroupID")"
logg info "Initializing $GROUPNAME group"
gum log -sl info "Initializing $GROUPNAME group"
sudo dscl . -create "/Groups/$GROUPNAME"
logg info "Assigning $SYSTEM_GID PrimaryGroupID to group"
gum log -sl info "Assigning $SYSTEM_GID PrimaryGroupID to group"
sudo dscl . -create "/Groups/$GROUPNAME" PrimaryGroupID "$SYSTEM_GID"
else
logg info "Group $GROUPNAME already exists"
gum log -sl info "Group $GROUPNAME already exists"
SYSTEM_GID=$(dscl . -read "/Groups/$GROUPNAME" PrimaryGroupID | awk '{print $2}')
fi
### Create the user if it does not exist
if ! id -u "$USERNAME" > /dev/null 2>&1; then
logg info "Creating system user: $USERNAME"
gum log -sl info "Creating system user: $USERNAME"
SYSTEM_UID="$(find_next_system_id_macos "Users" "UniqueID")"
logg info "Initializing $USERNAME user"
gum log -sl info "Initializing $USERNAME user"
sudo dscl . -create "/Users/$USERNAME"
logg info "Assigning $USERNAME user attributes"
gum log -sl info "Assigning $USERNAME user attributes"
sudo dscl . -create "/Users/$USERNAME" UserShell /bin/bash
sudo dscl . -create "/Users/$USERNAME" RealName "$USERNAME"
sudo dscl . -create "/Users/$USERNAME" UniqueID "$SYSTEM_UID"
sudo dscl . -create "/Users/$USERNAME" PrimaryGroupID "$SYSTEM_GID"
sudo dscl . -create "/Users/$USERNAME" NFSHomeDirectory /var/empty
logg info "Finished assigning $USERNAME user attributes"
gum log -sl info "Finished assigning $USERNAME user attributes"
else
logg info "User $USERNAME already exists"
gum log -sl info "User $USERNAME already exists"
fi
### Add the user to the group
logg info "Adding user $USERNAME to group $GROUPNAME"
gum log -sl info "Adding user $USERNAME to group $GROUPNAME"
sudo dscl . -append "/Groups/$GROUPNAME" GroupMembership "$USERNAME"
logg info "System user $USERNAME added to system group $GROUPNAME successfully."
gum log -sl info "System user $USERNAME added to system group $GROUPNAME successfully."
elif [ "$OS" == "Linux" ]; then
### Linux
### Create the group if it does not exist
if ! getent group "$GROUPNAME" > /dev/null 2>&1; then
logg info "Creating system group: $GROUPNAME"
gum log -sl info "Creating system group: $GROUPNAME"
sudo groupadd -r "$GROUPNAME"
else
logg info "Group $GROUPNAME already exists"
gum log -sl info "Group $GROUPNAME already exists"
fi
### Create the user if it does not exist
if ! id -u "$USERNAME" > /dev/null 2>&1; then
logg info "Creating system user: $USERNAME"
gum log -sl info "Creating system user: $USERNAME"
sudo useradd -r -g "$GROUPNAME" -s /bin/bash -M -N "$USERNAME"
else
logg info "User $USERNAME already exists"
gum log -sl info "User $USERNAME already exists"
fi
### Add the user to the group (redundant on Linux since user is already added to the group during creation)
sudo usermod -a -G "$GROUPNAME" "$USERNAME"
logg info "System user $USERNAME added to system group $GROUPNAME successfully."
gum log -sl info "System user $USERNAME added to system group $GROUPNAME successfully."
else
logg info "Unsupported operating system: $OS"
gum log -sl info "Unsupported operating system: $OS"
exit 1
fi

2
home/dot_local/bin/executable_backup
View file

@ -3,7 +3,7 @@
backupMacPrefs() {
if [ -d /Applications ] && [ -d /System ]; then
if command -v macprefs > /dev/null; then
logg info 'Backing up macOS preferences with macprefs'
gum log -sl info 'Backing up macOS preferences with macprefs'
macprefs backup -t system_preferences startup_items shared_file_lists app_store_preferences internet_accounts
fi
fi

8
home/dot_local/bin/executable_backup-apps.tmpl
View file

@ -18,21 +18,21 @@
if command -v mackup > /dev/null; then
### Create symlinks pointing to stored configurations
logg info 'Symlinking ~/.mackup and ~/.mackup.cfg'
gum log -sl info 'Symlinking ~/.mackup and ~/.mackup.cfg'
ln -s "${XDG_CONFIG_HOME:-$HOME/.config}/mackup/.mackup/" ~/.mackup
ln -s "${XDG_CONFIG_HOME:-$HOME/.config}/mackup/.mackup.cfg" ~/.mackup.cfg
### Run mackup
logg info 'Running mackup'
gum log -sl info 'Running mackup'
mackup $* || echo ''
### Remove temporary configuration files
logg info 'Removing symlinked ~/.mackup and ~/.mackup.cfg configurations'
gum log -sl info 'Removing symlinked ~/.mackup and ~/.mackup.cfg configurations'
rm -f ~/.mackup
rm -f ~/.mackup.cfg
### Print success message
logg success 'Successfully ran backup-apps'
else
logg error 'mackup is not installed' && exit 1
gum log -sl error 'mackup is not installed' && exit 1
fi

6
home/dot_local/bin/executable_backup-dconf.tmpl
View file

@ -7,7 +7,7 @@
### Create backups
if [ -d "${XDG_CONFIG_HOME:-$HOME/.config}/dconf/settings" ]; then
DCONF_TMP="$(mktemp)"
logg info 'Moving ~/.config/dconf/settings to '"$DCONF_TMP"
gum log -sl info 'Moving ~/.config/dconf/settings to '"$DCONF_TMP"
cp -rf "${XDG_CONFIG_HOME:-$HOME/.config}/dconf/settings" "$DCONF_TMP"
fi
@ -17,10 +17,10 @@ mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/dconf/settings"
### Overwrite ~/.config/dconf/settings configurations so we can diff with Chezmoi
find "${XDG_CONFIG_HOME:-$HOME/.config}/dconf/settings" -mindepth 1 -maxdepth 1 -type f | while read DCONF_CONFIG_FILE; do
DCONF_SETTINGS_ID="/$(basename "$DCONF_CONFIG_FILE" | sed 's/\./\//g')/"
logg info 'Dumping '"$DCONF_SETTINGS_ID"' to '"$DCONF_CONFIG_FILE"
gum log -sl info 'Dumping '"$DCONF_SETTINGS_ID"' to '"$DCONF_CONFIG_FILE"
dconf dump "$DCONF_SETTINGS_ID" > "$DCONF_CONFIG_FILE"
logg success 'Saved new configuration to '"$DCONF_CONFIG_FILE"
logg info 'Printing diff for '"$DCONF_CONFIG_FILE"
gum log -sl info 'Printing diff for '"$DCONF_CONFIG_FILE"
chezmoi diff "$DCONF_CONFIG_FILE" || true
done

10
home/dot_local/bin/executable_installx
View file

@ -8,12 +8,12 @@ const cacheDir = os.homedir() + '/.cache/installx'
const customArgv = minimist(process.argv.slice(3), {
boolean: [
'all'
'all'
],
alias: {
a: 'all',
a: 'all',
}
})
})
function log(message) {
console.log(`${chalk.cyanBright('instx->')} ${message}`)
@ -52,9 +52,9 @@ async function runScript(key, script) {
runSilentCommand(`glow --width 120 "${cacheDir}/${key}-glow"`)
// TODO: Set process.env.DEBUG || true here because the asynchronous method is not logging properly / running slow
if (process.env.DEBUG) {
return await runSilentCommand(`bash "${cacheDir}/${key}" || logg error 'Error occurred while processing script for ${key}'`)
return await runSilentCommand(`bash "${cacheDir}/${key}" || gum log -sl error 'Error occurred while processing script for ${key}'`)
} else {
return await $`bash "${cacheDir}/${key}" || logg error 'Error occurred while processing script for ${key}'`.pipe(process.stdout)
return await $`bash "${cacheDir}/${key}" || gum log -sl error 'Error occurred while processing script for ${key}'`.pipe(process.stdout)
}
} catch (e) {
console.error(`Failed to run script associated with ${key}`, e)

2
home/dot_local/bin/executable_provision
View file

@ -2,7 +2,7 @@
### Disconnect from CloudFlare WARP (if connected)
if command -v warp-cli > /dev/null; then
warp-cli disconnect && logg info 'CloudFlare WARP temporarily disconnected while Volta installs Node / Yarn'
warp-cli disconnect && gum log -sl info 'CloudFlare WARP temporarily disconnected while Volta installs Node / Yarn'
fi
### Download and run the kickstart script

30
home/dot_local/bin/executable_update-system
View file

@ -4,76 +4,76 @@ set -euo pipefail
updateApk() {
if command -v apk > /dev/null; then
logg info 'Running sudo apk update' && sudo apk update || logg error 'Failed to run sudo apk update'
gum log -sl info 'Running sudo apk update' && sudo apk update || gum log -sl error 'Failed to run sudo apk update'
fi
}
updateAptGet() {
if command -v apt-get > /dev/null; then
logg info 'Running sudo apt-get update' && sudo apt-get update || logg error 'Failed to run sudo apt-get update'
logg info 'Running sudo apt-get upgrade -y' && sudo apt-get upgrade -y || logg error 'Failed to run sudo apt-get upgrade -y'
gum log -sl info 'Running sudo apt-get update' && sudo apt-get update || gum log -sl error 'Failed to run sudo apt-get update'
gum log -sl info 'Running sudo apt-get upgrade -y' && sudo apt-get upgrade -y || gum log -sl error 'Failed to run sudo apt-get upgrade -y'
fi
}
updateBrew() {
logg info 'Running brew update' && brew update || logg error 'Failed to run brew update'
logg info 'Running brew upgrade' && brew upgrade || logg error 'Failed to run brew upgrade'
gum log -sl info 'Running brew update' && brew update || gum log -sl error 'Failed to run brew update'
gum log -sl info 'Running brew upgrade' && brew upgrade || gum log -sl error 'Failed to run brew upgrade'
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Running brew upgrade --cask' && brew upgrade --cask || logg error 'Failed to run brew upgrade --cask'
gum log -sl info 'Running brew upgrade --cask' && brew upgrade --cask || gum log -sl error 'Failed to run brew upgrade --cask'
fi
}
updateCrew() {
if command -v crew > /dev/null; then
logg info 'Running crew update' && crew update || logg error 'Failed to run crew update'
gum log -sl info 'Running crew update' && crew update || gum log -sl error 'Failed to run crew update'
fi
}
updateDnf() {
if command -v dnf > /dev/null; then
logg info 'Running sudo dnf update -y' && sudo dnf update -y || logg error 'Failed to run sudo dnf update -y'
gum log -sl info 'Running sudo dnf update -y' && sudo dnf update -y || gum log -sl error 'Failed to run sudo dnf update -y'
fi
}
updateFlatpak() {
if command -v flatpak > /dev/null; then
logg info 'Running sudo flatpak update -y' && sudo flatpak update -y || logg error 'Failed to run sudo flatpak update -y'
gum log -sl info 'Running sudo flatpak update -y' && sudo flatpak update -y || gum log -sl error 'Failed to run sudo flatpak update -y'
fi
}
updateNix() {
if command -v nix-channel > /dev/null; then
logg info 'Running nix-channel --update' && nix-channel --update || logg error 'Failed to run nix-channel --update'
gum log -sl info 'Running nix-channel --update' && nix-channel --update || gum log -sl error 'Failed to run nix-channel --update'
fi
}
updatePacman() {
if command -v pacman > /dev/null; then
logg info 'Running sudo pacman -Syu' && sudo pacman -Syu || logg error 'Failed to run sudo pacman -Syu'
gum log -sl info 'Running sudo pacman -Syu' && sudo pacman -Syu || gum log -sl error 'Failed to run sudo pacman -Syu'
fi
}
updatePort() {
if command -v port > /dev/null; then
logg info 'Running sudo port sync' && sudo port sync || logg error 'Failed to run sudo port sync'
gum log -sl info 'Running sudo port sync' && sudo port sync || gum log -sl error 'Failed to run sudo port sync'
fi
}
updateSnap() {
if command -v snap > /dev/null; then
logg info 'Running sudo snap refresh' && sudo snap refresh || logg error 'Failed to run sudo snap refresh'
gum log -sl info 'Running sudo snap refresh' && sudo snap refresh || gum log -sl error 'Failed to run sudo snap refresh'
fi
}
updateZypper() {
if command -v zypper > /dev/null; then
logg info 'Running sudo zypper update' && sudo zypper update || logg error 'Failed to run sudo zypper update'
gum log -sl info 'Running sudo zypper update' && sudo zypper update || gum log -sl error 'Failed to run sudo zypper update'
fi
}
if [ -n "$DEBUG" ] || [ -n "$DEBUG_MODE" ]; then
logg info 'The DEBUG or DEBUG_MODE environment variable is set so updates will be run synchronously'
gum log -sl info 'The DEBUG or DEBUG_MODE environment variable is set so updates will be run synchronously'
updateApk
updateAptGet
updateBrew

12
home/dot_local/bin/post-installx/executable_post-atuin.sh
View file

@ -3,19 +3,19 @@
# @brief Registers with atuin, logs in, imports command history, and synchronizes
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v atuin > /dev/null; then
if get-secret --exists ATUIN_USERNAME ATUIN_EMAIL ATUIN_PASSWORD ATUIN_KEY; then
logg info 'Registering Atuin account'
gum log -sl info 'Registering Atuin account'
atuin register -u "$(get-secret ATUIN_USERNAME)" -e "$(get-secret ATUIN_EMAIL)" -p "$(get-secret ATUIN_PASSWORD)"
logg info 'Logging into Atuin account'
gum log -sl info 'Logging into Atuin account'
atuin login -u "$(get-secret ATUIN_USERNAME)" -p "$(get-secret ATUIN_PASSWORD)" -k "$(get-secret ATUIN_KEY)"
logg info 'Running atuin import auto'
gum log -sl info 'Running atuin import auto'
atuin import auto
logg info 'Running atuin sync'
gum log -sl info 'Running atuin sync'
atuin sync
fi
else
logg info 'atuin is not available in the PATH'
gum log -sl info 'atuin is not available in the PATH'
fi

14
home/dot_local/bin/post-installx/executable_post-blocky.sh
View file

@ -3,33 +3,33 @@
# @brief Copies over configuration (and service file, in the case of Linux) to the appropriate system location
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v blocky > /dev/null; then
if [ -d /Applications ] && [ -d /System ]; then
### macOS
if [ -f "$HOME/.local/etc/blocky/config.yaml" ]; then
logg info 'Ensuring /usr/local/etc/blocky directory is present'
gum log -sl info 'Ensuring /usr/local/etc/blocky directory is present'
sudo mkdir -p /usr/local/etc/blocky
logg info "Copying $HOME/.local/etc/blocky/config.yaml to /usr/local/etc/blocky/config.yaml"
gum log -sl info "Copying $HOME/.local/etc/blocky/config.yaml to /usr/local/etc/blocky/config.yaml"
sudo cp -f "$HOME/.local/etc/blocky/config.yaml" /usr/local/etc/blocky/config.yaml
if [ -d "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/blocky" ] && [ ! -f "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/blocky/config.yaml" ]; then
logg info "Symlinking $HOME/.local/etc/blocky/config.yaml to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/blocky/config.yaml"
gum log -sl info "Symlinking $HOME/.local/etc/blocky/config.yaml to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/blocky/config.yaml"
ln -s /usr/local/etc/blocky/config.yaml "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/blocky/config.yaml"
fi
fi
else
### Linux
logg info 'Ensuring /usr/local/etc/blocky is created'
gum log -sl info 'Ensuring /usr/local/etc/blocky is created'
sudo mkdir -p /usr/local/etc/blocky
sudo cp -f "$HOME/.local/etc/blocky/config.yaml" /usr/local/etc/blocky/config.yaml
if [ -d /usr/lib/systemd/system ]; then
logg info 'Copying blocky service file to system locations'
gum log -sl info 'Copying blocky service file to system locations'
sudo cp -f "$HOME/.local/etc/blocky/blocky.service" /usr/lib/systemd/system/blocky.service
else
logg "/usr/lib/systemd/system is missing from the file system"
fi
fi
else
logg info 'Blocky is not available in the PATH'
gum log -sl info 'Blocky is not available in the PATH'
fi

6
home/dot_local/bin/post-installx/executable_post-clamav.sh
View file

@ -3,7 +3,7 @@
# @brief Applies ClamAV configuration, updates its database, and configures background services
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v freshclam > /dev/null; then
### Add freshclam.conf
@ -36,8 +36,8 @@ if command -v freshclam > /dev/null; then
fi
### Update database
logg info 'Running freshclam to update database'
gum log -sl info 'Running freshclam to update database'
freshclam
else
logg info 'freshclam is not available in the PATH'
gum log -sl info 'freshclam is not available in the PATH'
fi

52
home/dot_local/bin/post-installx/executable_post-cloudflared.sh
View file

@ -5,17 +5,17 @@
# 1. Skips the deletion of a tunnel when it is currently in use
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v cloudflared > /dev/null; then
# Show warning message about ~/.cloudflared already existing
if [ -d "$HOME/.cloudflared" ]; then
logg warn '~/.cloudflared is already in the home directory - to ensure proper deployment, remove previous tunnel configuration folders'
gum log -sl warn '~/.cloudflared is already in the home directory - to ensure proper deployment, remove previous tunnel configuration folders'
fi
# Copy over configuration files
logg info 'Ensuring /usr/local/etc/cloudflared exists' && sudo mkdir -p /usr/local/etc/cloudflared
logg info 'Copying over configuration files from ~/.local/etc/cloudflared to /usr/local/etc/cloudflared'
gum log -sl info 'Ensuring /usr/local/etc/cloudflared exists' && sudo mkdir -p /usr/local/etc/cloudflared
gum log -sl info 'Copying over configuration files from ~/.local/etc/cloudflared to /usr/local/etc/cloudflared'
sudo cp -f "$HOME/.local/etc/cloudflared/cert.pem" /usr/local/etc/cloudflared/cert.pem
sudo cp -f "$HOME/.local/etc/cloudflared/config.yml" /usr/local/etc/cloudflared/config.yml
@ -23,11 +23,11 @@ if command -v cloudflared > /dev/null; then
### Remove previous tunnels connected to host
while read TUNNEL_ID; do
logg info "Deleteing CloudFlared tunnel ID $TUNNEL_ID"
gum log -sl info "Deleteing CloudFlared tunnel ID $TUNNEL_ID"
unset TUNNEL_EXIT_CODE
sudo cloudflared tunnel delete "$TUNNEL_ID" || TUNNEL_EXIT_CODE=$?
if [ -z "${TUNNEL_EXIT_CODE:-}" ]; then
logg info "Removing credentials for $TUNNEL_ID which is not in use"
gum log -sl info "Removing credentials for $TUNNEL_ID which is not in use"
sudo rm -f "/usr/local/etc/cloudflared/${TUNNEL_ID}.json"
else
logg success "Skipping deletion of $TUNNEL_ID credentials since it is in use"
@ -35,72 +35,72 @@ if command -v cloudflared > /dev/null; then
done< <(sudo cloudflared tunnel list | grep "$HOSTNAME_LOWER" | sed 's/ .*//')
### Register tunnel (if not already registered)
logg info "Creating CloudFlared tunnel named "$HOSTNAME_LOWER""
gum log -sl info "Creating CloudFlared tunnel named "$HOSTNAME_LOWER""
sudo cloudflared tunnel create "$HOSTNAME_LOWER" || EXIT_CODE=$?
if [ -n "${EXIT_CODE:-}" ]; then
logg info 'Failed to create tunnel - it probably already exists'
gum log -sl info 'Failed to create tunnel - it probably already exists'
fi
### Acquire TUNNEL_ID and symlink credentials.json
TUNNEL_ID="$(sudo cloudflared tunnel list | grep "$HOSTNAME_LOWER" | sed 's/ .*//')"
logg info "Tunnel ID: $TUNNEL_ID"
logg info "Symlinking /usr/local/etc/cloudflared/$TUNNEL_ID.json to /usr/local/etc/cloudflared/credentials.json"
gum log -sl info "Tunnel ID: $TUNNEL_ID"
gum log -sl info "Symlinking /usr/local/etc/cloudflared/$TUNNEL_ID.json to /usr/local/etc/cloudflared/credentials.json"
sudo rm -f /usr/local/etc/cloudflared/credentials.json
sudo ln -s /usr/local/etc/cloudflared/$TUNNEL_ID.json /usr/local/etc/cloudflared/credentials.json
### Symlink /usr/local/etc/cloudflared to /etc/cloudflared
if [ ! -d /etc/cloudflared ]; then
logg info 'Symlinking /usr/local/etc/cloudflared to /etc/cloudflared'
gum log -sl info 'Symlinking /usr/local/etc/cloudflared to /etc/cloudflared'
sudo ln -s /usr/local/etc/cloudflared /etc/cloudflared
else
if [ ! -L /etc/cloudflared ]; then
logg warn '/etc/cloudflared is present as a regular directory (not symlinked) but files are being modified in /usr/local/etc/cloudflared'
gum log -sl warn '/etc/cloudflared is present as a regular directory (not symlinked) but files are being modified in /usr/local/etc/cloudflared'
fi
fi
### Configure DNS
# Must be deleted manually if no longer used
logg info 'Setting up DNS records for CloudFlare Argo tunnels'
gum log -sl info 'Setting up DNS records for CloudFlare Argo tunnels'
while read DOMAIN; do
if [ "$DOMAIN" != 'null' ]; then
logg info "Setting up $DOMAIN for access through cloudflared (Tunnel ID: $TUNNEL_ID)"
logg info "Running sudo cloudflared tunnel route dns -f "$TUNNEL_ID" "$DOMAIN""
gum log -sl info "Setting up $DOMAIN for access through cloudflared (Tunnel ID: $TUNNEL_ID)"
gum log -sl info "Running sudo cloudflared tunnel route dns -f "$TUNNEL_ID" "$DOMAIN""
sudo cloudflared tunnel route dns -f "$TUNNEL_ID" "$DOMAIN" && logg success "Successfully routed $DOMAIN to this machine's cloudflared Argo tunnel"
fi
done< <(yq '.ingress[].hostname' /usr/local/etc/cloudflared/config.yml)
### Update /usr/local/etc/cloudflared/config.yml
logg info 'Updating /usr/local/etc/cloudflared/config.yml to reference tunnel ID'
gum log -sl info 'Updating /usr/local/etc/cloudflared/config.yml to reference tunnel ID'
sudo yq eval -i ".tunnel = \"$HOSTNAME_LOWER\"" /usr/local/etc/cloudflared/config.yml
### Set up service
if [ -d /Applications ] && [ -d /System ]; then
### macOS
if [ -f /Library/LaunchDaemons/com.cloudflare.cloudflared.plist ]; then
logg info 'cloudflared service is already installed'
gum log -sl info 'cloudflared service is already installed'
else
logg info 'Running sudo cloudflared service install'
gum log -sl info 'Running sudo cloudflared service install'
sudo cloudflared service install
fi
sudo cp -f "$HOME/Library/LaunchDaemons/com.cloudflare.cloudflared.plist" /Library/LaunchDaemons/com.cloudflare.cloudflared.plist
logg info 'Ensuring cloudflared service is started'
gum log -sl info 'Ensuring cloudflared service is started'
if sudo launchctl list | grep 'com.cloudflare.cloudflared' > /dev/null; then
logg info 'Unloading previous com.cloudflare.cloudflared configuration'
gum log -sl info 'Unloading previous com.cloudflare.cloudflared configuration'
sudo launchctl unload /Library/LaunchDaemons/com.cloudflare.cloudflared.plist
fi
logg info 'Starting up com.cloudflare.cloudflared configuration'
gum log -sl info 'Starting up com.cloudflare.cloudflared configuration'
sudo launchctl load -w /Library/LaunchDaemons/com.cloudflare.cloudflared.plist
elif [ -f /etc/os-release ]; then
### Linux
if systemctl --all --type service | grep -q "cloudflared" > /dev/null; then
logg info 'cloudflared service is already available as a service'
gum log -sl info 'cloudflared service is already available as a service'
else
logg info 'Running sudo cloudflared service install'
gum log -sl info 'Running sudo cloudflared service install'
sudo cloudflared service install
fi
logg info 'Ensuring cloudflared service is started'
gum log -sl info 'Ensuring cloudflared service is started'
sudo systemctl start cloudflared
logg info 'Enabling cloudflared as a boot systemctl service'
gum log -sl info 'Enabling cloudflared as a boot systemctl service'
sudo systemctl enable cloudflared
else
# System is Windows
@ -111,5 +111,5 @@ if command -v cloudflared > /dev/null; then
# https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/as-a-service/windows/
fi
else
logg info 'cloudflared was not installed so CloudFlare Tunnels cannot be enabled'
gum log -sl info 'cloudflared was not installed so CloudFlare Tunnels cannot be enabled'
fi

12
home/dot_local/bin/post-installx/executable_post-docker-desktop.sh
View file

@ -9,20 +9,20 @@
# variable).
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v docker > /dev/null; then
### Acquire DOCKERHUB_USER
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/chezmoi/chezmoi.yaml" ]; then
DOCKERHUB_USER="$(yq '.data.user.docker.username' ~/.config/chezmoi/chezmoi.yaml)"
else
logg error "${XDG_CONFIG_HOME:-$HOME/.config}/chezmoi/chezmoi.yaml is missing which is required for populating the DOCKERHUB_USER"
gum log -sl error "${XDG_CONFIG_HOME:-$HOME/.config}/chezmoi/chezmoi.yaml is missing which is required for populating the DOCKERHUB_USER"
exit 1
fi
### Launch Docker.app
if [ -d "/Applications/Docker.app" ] || [ -d "$HOME/Applications/Docker.app" ]; then
logg info 'Ensuring Docker.app is open' && open --background -a Docker --args --accept-license --unattended
gum log -sl info 'Ensuring Docker.app is open' && open --background -a Docker --args --accept-license --unattended
fi
### Ensure DOCKERHUB_TOKEN is available
@ -31,13 +31,13 @@ if command -v docker > /dev/null; then
### Pre-authenticate with DockerHub
if get-secret --exists DOCKERHUB_TOKEN; then
if [ "$DOCKERHUB_USER" != 'null' ]; then
logg info 'Headlessly authenticating with DockerHub registry'
gum log -sl info 'Headlessly authenticating with DockerHub registry'
echo "$(get-secret DOCKERHUB_TOKEN)" | docker login -u "$DOCKERHUB_USER" --password-stdin > /dev/null
logg success 'Successfully authenticated with DockerHub registry'
else
logg info 'Skipping logging into DockerHub because DOCKERHUB_USER is undefined'
gum log -sl info 'Skipping logging into DockerHub because DOCKERHUB_USER is undefined'
fi
else
logg info 'Skipping logging into DockerHub because DOCKERHUB_TOKEN is undefined'
gum log -sl info 'Skipping logging into DockerHub because DOCKERHUB_TOKEN is undefined'
fi
fi

6
home/dot_local/bin/post-installx/executable_post-easyengine.sh
View file

@ -3,16 +3,16 @@
# @brief Configures EasyEngine to use the CloudFlare API for configuring Let's Encrypt
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v ee > /dev/null; then
### Ensure secrets
if get-secret --exists CLOUDFLARE_EMAIL CLOUDFLARE_API_KEY; then
### Configure EasyEngine
logg info 'Configuring EasyEngine with CloudFlare automatic SSL insuance'
gum log -sl info 'Configuring EasyEngine with CloudFlare automatic SSL insuance'
ee config set le-mail "$(get-secret CLOUDFLARE_EMAIL)"
ee config set cloudflare-api-key "$(get-secret CLOUDFLARE_API_KEY)"
else
logg info 'Skipping automated setup of LetsEncrypt with EasyEngine because either CLOUDFLARE_EMAIL or CLOUDFLARE_API_KEY are not defined'
gum log -sl info 'Skipping automated setup of LetsEncrypt with EasyEngine because either CLOUDFLARE_EMAIL or CLOUDFLARE_API_KEY are not defined'
fi
fi

26
home/dot_local/bin/post-installx/executable_post-endlessh.sh
View file

@ -3,48 +3,48 @@
# @brief Applies the Endlessh configuration and starts the service on Linux systems
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
function configureEndlessh() {
### Update the service configuration file
logg info 'Updating endlessh service configuration file'
gum log -sl info 'Updating endlessh service configuration file'
sudo sed -i 's/^.*#AmbientCapabilities=CAP_NET_BIND_SERVICE/AmbientCapabilities=CAP_NET_BIND_SERVICE/' /usr/lib/systemd/system/endlessh.service
sudo sed -i 's/^.*PrivateUsers=true/#PrivateUsers=true/' /usr/lib/systemd/system/endlessh.service
logg info 'Reloading systemd' && sudo systemctl daemon-reload
gum log -sl info 'Reloading systemd' && sudo systemctl daemon-reload
### Update capabilities of `endlessh`
logg info 'Updating capabilities of endlessh' && sudo setcap 'cap_net_bind_service=+ep' /usr/bin/endlessh
gum log -sl info 'Updating capabilities of endlessh' && sudo setcap 'cap_net_bind_service=+ep' /usr/bin/endlessh
### Restart / enable Endlessh
logg info 'Enabling the endlessh service' && sudo systemctl enable endlessh
logg info 'Restarting the endlessh service' && sudo systemctl restart endlessh
gum log -sl info 'Enabling the endlessh service' && sudo systemctl enable endlessh
gum log -sl info 'Restarting the endlessh service' && sudo systemctl restart endlessh
}
### Update /etc/endlessh/config if environment is not WSL
if [[ ! "$(test -d proc && grep Microsoft /proc/version > /dev/null)" ]]; then
if command -v endlessh > /dev/null; then
if [ -d /etc/endlessh ]; then
logg info 'Copying ~/.ssh/endlessh/config to /etc/endlessh/config' && sudo cp -f "$HOME/.ssh/endlessh/config" /etc/endlessh/config
gum log -sl info 'Copying ~/.ssh/endlessh/config to /etc/endlessh/config' && sudo cp -f "$HOME/.ssh/endlessh/config" /etc/endlessh/config
configureEndlessh || CONFIGURE_EXIT_CODE=$?
if [ -n "${CONFIGURE_EXIT_CODE:-}" ]; then
logg error 'Configuring endlessh service failed' && exit 1
gum log -sl error 'Configuring endlessh service failed' && exit 1
else
logg success 'Successfully configured endlessh service'
fi
elif [ -f /etc/endlessh.conf ]; then
logg info 'Copying ~/.ssh/endlessh/config to /etc/endlessh.conf' && sudo cp -f "$HOME/.ssh/endlessh/config" /etc/endlessh.conf
gum log -sl info 'Copying ~/.ssh/endlessh/config to /etc/endlessh.conf' && sudo cp -f "$HOME/.ssh/endlessh/config" /etc/endlessh.conf
configureEndlessh || CONFIGURE_EXIT_CODE=$?
if [ -n "${CONFIGURE_EXIT_CODE:-}" ]; then
logg error 'Configuring endlessh service failed' && exit 1
gum log -sl error 'Configuring endlessh service failed' && exit 1
else
logg success 'Successfully configured endlessh service'
fi
else
logg warn 'Neither the /etc/endlessh folder nor the /etc/endlessh.conf file exist'
gum log -sl warn 'Neither the /etc/endlessh folder nor the /etc/endlessh.conf file exist'
fi
else
logg info 'Skipping Endlessh configuration because the endlessh executable is not available in the PATH'
gum log -sl info 'Skipping Endlessh configuration because the endlessh executable is not available in the PATH'
fi
else
logg info 'Skipping Endlessh configuration since environment is WSL'
gum log -sl info 'Skipping Endlessh configuration since environment is WSL'
fi

16
home/dot_local/bin/post-installx/executable_post-fail2ban.sh
View file

@ -12,7 +12,7 @@
# * [`fail2ban` configuration folder](https://github.com/megabyte-labs/install.doctor/tree/master/home/private_dot_ssh/fail2ban)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v fail2ban-client > /dev/null; then
if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
@ -26,23 +26,23 @@ if command -v fail2ban-client > /dev/null; then
sudo mkdir -p "$FAIL2BAN_CONFIG"
sudo cp -f "$HOME/.ssh/fail2ban/jail.local" "$FAIL2BAN_CONFIG/jail.local"
if [ -d "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/fail2ban" ] && [ ! -f "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/fail2ban/jail.local" ]; then
logg info "Symlinking $FAIL2BAN_CONFIG/jail.local to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/fail2ban/jail.local"
gum log -sl info "Symlinking $FAIL2BAN_CONFIG/jail.local to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/fail2ban/jail.local"
ln -s "$FAIL2BAN_CONFIG/jail.local" "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/fail2ban/jail.local"
fi
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Enabling the fail2ban Homebrew service' && sudo brew services restart fail2ban
gum log -sl info 'Enabling the fail2ban Homebrew service' && sudo brew services restart fail2ban
else
### Linux
logg info 'Enabling the fail2ban service' && sudo systemctl enable fail2ban
logg info 'Restarting the fail2ban service' && sudo systemctl restart fail2ban
gum log -sl info 'Enabling the fail2ban service' && sudo systemctl enable fail2ban
gum log -sl info 'Restarting the fail2ban service' && sudo systemctl restart fail2ban
fi
else
logg info "The $HOME/.ssh/fail2ban/jail.local configuration is missing so fail2ban will not be set up"
gum log -sl info "The $HOME/.ssh/fail2ban/jail.local configuration is missing so fail2ban will not be set up"
fi
else
logg info 'The environment is a WSL environment so the fail2ban sshd_config will be skipped'
gum log -sl info 'The environment is a WSL environment so the fail2ban sshd_config will be skipped'
fi
else
logg info 'The fail2ban-client executable is not available on the system so fail2ban configuration will be skipped'
gum log -sl info 'The fail2ban-client executable is not available on the system so fail2ban configuration will be skipped'
fi

8
home/dot_local/bin/post-installx/executable_post-fig.sh
View file

@ -3,15 +3,15 @@
# @brief Logs into Fig using the FIG_TOKEN
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v fig > /dev/null; then
### Ensure FIG_TOKEN
if get-secret --exists FIG_TOKEN; then
### Login to Fig
logg info "Logging into Fig with FIG_TOKEN"
fig login --token "$(get-secret FIG_TOKEN)" || logg info 'Fig login failed - User might already be logged in'
gum log -sl info "Logging into Fig with FIG_TOKEN"
fig login --token "$(get-secret FIG_TOKEN)" || gum log -sl info 'Fig login failed - User might already be logged in'
fi
else
logg warn 'fig is not available in the PATH'
gum log -sl warn 'fig is not available in the PATH'
fi

92
home/dot_local/bin/post-installx/executable_post-firefox.sh
View file

@ -44,10 +44,10 @@
# * [User-specific configurations](https://github.com/megabyte-labs/install.doctor/blob/master/home/dot_config/firefox/user.js) added to all profiles except Factory
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
function installFirefoxProfileConnector() {
logg info 'Installing the Firefox Profile Connector'
gum log -sl info 'Installing the Firefox Profile Connector'
if command -v apt-get > /dev/null; then
sudo apt-get install -y https://github.com/null-dev/firefox-profile-switcher-connector/releases/latest/download/linux-x64.deb
elif command -v dnf > /dev/null; then
@ -55,7 +55,7 @@ function installFirefoxProfileConnector() {
elif command -v yay > /dev/null; then
yay -Ss firefox-profile-switcher-connector
else
logg warn 'apt-get, dnf, and yay were all unavailable so the Firefox Profile Connector helper executable could not be installed'
gum log -sl warn 'apt-get, dnf, and yay were all unavailable so the Firefox Profile Connector helper executable could not be installed'
fi
}
@ -65,7 +65,7 @@ function firefoxSetup() {
# TODO - figure out how to do this for other installations like Flatpak and macOS and Librewolf
for FIREFOX_DIR in '/usr/lib/firefox' '/usr/lib/firefox-esr' '/etc/firefox' '/etc/firefox-esr' '/Applications/Firefox.app/Contents/Resources'; do
if [ -d "$FIREFOX_DIR" ] && [ -d "${XDG_DATA_HOME:-$HOME/.local/share}/firefox" ] && command -v rsync > /dev/null; then
logg info "Syncing enterprise profiles from ${XDG_DATA_HOME:-$HOME/.local/share}/firefox to $FIREFOX_DIR"
gum log -sl info "Syncing enterprise profiles from ${XDG_DATA_HOME:-$HOME/.local/share}/firefox to $FIREFOX_DIR"
sudo rsync -artvu "${XDG_DATA_HOME:-$HOME/.local/share}/firefox/" "$FIREFOX_DIR" > /dev/null
fi
done
@ -73,7 +73,7 @@ function firefoxSetup() {
### Loop through various Firefox profile locations
for SETTINGS_DIR in "$HOME/snap/firefox/common/.mozilla/firefox" "$HOME/.var/app/org.mozilla.firefox/.mozilla/firefox" "$HOME/Library/Application Support/Firefox/Profiles" "$HOME/.mozilla/firefox"; do
### Determine executable to use
logg info "Processing Firefox profile location $SETTINGS_DIR"
gum log -sl info "Processing Firefox profile location $SETTINGS_DIR"
unset FIREFOX_EXE
if [ "$SETTINGS_DIR" == "$HOME/.var/app/org.mozilla.firefox/.mozilla/firefox" ]; then
if ! command -v org.mozilla.firefox > /dev/null || [ ! -d "$HOME/.var/app/org.mozilla.firefox" ]; then
@ -90,12 +90,12 @@ function firefoxSetup() {
### Download profile switcher
mkdir -p "$BIN_INSTALL_DIR"
TMP_FILE="$(mktemp)"
logg info 'Downloading Firefox Profile Switch connector'
gum log -sl info 'Downloading Firefox Profile Switch connector'
curl -sSL "$DOWNLOAD_URL" -o "$TMP_FILE"
ar p "$TMP_FILE" data.tar.xz | tar xfJ - --strip-components=2 -C "$BIN_INSTALL_DIR" usr/bin/ff-pswitch-connector
rm -f "$TMP_FILE"
### Create manifest
logg info 'Copying profile switcher configuration to manifest directory'
gum log -sl info 'Copying profile switcher configuration to manifest directory'
mkdir -p "$MANIFEST_INSTALL_DIR"
cat "${XDG_DATA_HOME:-$HOME/.local/share}/firefox/profile-switcher.json" | sed 's=PATH_PLACEHOLDER='"$BIN_INSTALL_DIR"'=' > "$MANIFEST_INSTALL_DIR/ax.nd.profile_switcher_ff.json"
fi
@ -114,13 +114,13 @@ function firefoxSetup() {
else
### Download Firefox Profile Switcher
if [ ! -d /usr/local/Cellar/firefox-profile-switcher-connector ]; then
logg info 'Ensuring Firefox Profile Switcher is installed'
gum log -sl info 'Ensuring Firefox Profile Switcher is installed'
brew install --quiet null-dev/firefox-profile-switcher/firefox-profile-switcher-connector
fi
### Ensure Firefox Profile Switcher configuration is symlinked
if [ ! -d "/Library/Application Support/Mozilla/NativeMessagingHosts/ax.nd.profile_switcher_ff.json" ]; then
logg info 'Ensuring Firefox Profile Switcher is configured'
gum log -sl info 'Ensuring Firefox Profile Switcher is configured'
sudo mkdir -p "/Library/Applcation Support/Mozilla/NativeMessagingHosts"
sudo ln -sf "$(brew ls -l firefox-profile-switcher-connector | grep -i ax.nd.profile_switcher_ff.json | head -n1)" "/Library/Application Support/Mozilla/NativeMessagingHosts/ax.nd.profile_switcher_ff.json"
fi
@ -129,7 +129,7 @@ function firefoxSetup() {
continue
# FIREFOX_EXE="/Applications/LibreWolf.app/Contents/MacOS/librewolf"
# if [ ! -f "$FIREFOX_EXE" ] || [ ! -d /Applications ]; then
# logg info "$FIREFOX_EXE is not a file"
# gum log -sl info "$FIREFOX_EXE is not a file"
# continue
# fi
elif [ "$SETTINGS_DIR" == "$HOME/snap/firefox/common/.mozilla/firefox" ]; then
@ -148,13 +148,13 @@ function firefoxSetup() {
### Download profile switcher
mkdir -p "$BIN_INSTALL_DIR"
TMP_FILE="$(mktemp)"
logg info 'Downloading Firefox Profile Switch connector'
gum log -sl info 'Downloading Firefox Profile Switch connector'
curl -sSL "$DOWNLOAD_URL" -o "$TMP_FILE"
ar p "$TMP_FILE" data.tar.xz | tar xfJ - --strip-components=2 -C "$BIN_INSTALL_DIR" usr/bin/ff-pswitch-connector
rm -f "$TMP_FILE"
### Create manifest
logg info 'Copying profile switcher configuration to manifest directory'
gum log -sl info 'Copying profile switcher configuration to manifest directory'
mkdir -p "$MANIFEST_INSTALL_DIR"
cat "${XDG_DATA_HOME:-$HOME/.local/share}/firefox/profile-switcher.json" | sed 's/PATH_PLACEHOLDER/'"$BIN_INSTALL_DIR"'/' > "$MANIFEST_INSTALL_DIR/ax.nd.profile_switcher_ff.json"
fi
@ -172,49 +172,49 @@ function firefoxSetup() {
# Continue on macOS without logging because profiles are not stored here on macOS
continue
else
logg warn 'Unable to register Firefox executable'
logg info "Settings directory: $SETTINGS_DIR"
gum log -sl warn 'Unable to register Firefox executable'
gum log -sl info "Settings directory: $SETTINGS_DIR"
continue
fi
fi
fi
### Initiatize Firefox default profiles
logg info "Processing executable located at $FIREFOX_EXE"
gum log -sl info "Processing executable located at $FIREFOX_EXE"
if command -v "$FIREFOX_EXE" > /dev/null; then
### Create default profile by launching Firefox headlessly
logg info "Firefox executable set to $FIREFOX_EXE"
gum log -sl info "Firefox executable set to $FIREFOX_EXE"
if [ ! -d "$SETTINGS_DIR" ]; then
logg info 'Running Firefox (or its derivative) headlessly to generate default profiles'
gum log -sl info 'Running Firefox (or its derivative) headlessly to generate default profiles'
timeout 14 "$FIREFOX_EXE" --headless || EXIT_CODE=$?
logg info 'Finished running Firefox headlessly'
gum log -sl info 'Finished running Firefox headlessly'
elif [ -d /Applications ] && [ -d /System ] && [ ! -f "$SETTINGS_DIR/../installs.ini" ]; then
logg info 'Running Firefox (or its derivative) headlessly to generate default profiles because install.ini is not at the macOS default location.'
gum log -sl info 'Running Firefox (or its derivative) headlessly to generate default profiles because install.ini is not at the macOS default location.'
timeout 14 "$FIREFOX_EXE" --headless || EXIT_CODE=$?
logg info 'Finished running Firefox headlessly (while fixing the missing macOS installs.ini issue)'
gum log -sl info 'Finished running Firefox headlessly (while fixing the missing macOS installs.ini issue)'
fi
if [ -n "${EXIT_CODE:-}" ]; then
logg info 'Encountered error while headlessly warming up Firefox - error does not seem to impact functionality'
gum log -sl info 'Encountered error while headlessly warming up Firefox - error does not seem to impact functionality'
fi
### Ensure settings directory exists (since the application was brought up temporarily headlessly)
if [ ! -d "$SETTINGS_DIR" ]; then
logg warn "The settings directory located at $SETTINGS_DIR failed to be populated by running the browser headlessly"
gum log -sl warn "The settings directory located at $SETTINGS_DIR failed to be populated by running the browser headlessly"
continue
fi
### Add the populated profiles.ini
logg info "Copying "${XDG_DATA_HOME:-$HOME/.local/share}/firefox/profiles.ini" to profile directory"
logg info "The settings directory is $SETTINGS_DIR"
gum log -sl info "Copying "${XDG_DATA_HOME:-$HOME/.local/share}/firefox/profiles.ini" to profile directory"
gum log -sl info "The settings directory is $SETTINGS_DIR"
if [ -d /Applications ] && [ -d /System ]; then
# macOS
logg info "Copying ~/.local/share/firefox/profiles.ini to $SETTINGS_DIR/../profiles.ini"
gum log -sl info "Copying ~/.local/share/firefox/profiles.ini to $SETTINGS_DIR/../profiles.ini"
cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/firefox/profiles.ini" "$SETTINGS_DIR/../profiles.ini"
SETTINGS_INI="$SETTINGS_DIR/../installs.ini"
else
# Linux
logg info "Copying ~/.local/share/firefox/profiles.ini to $SETTINGS_DIR/profiles.ini"
gum log -sl info "Copying ~/.local/share/firefox/profiles.ini to $SETTINGS_DIR/profiles.ini"
cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/firefox/profiles.ini" "$SETTINGS_DIR/profiles.ini"
SETTINGS_INI="$SETTINGS_DIR/installs.ini"
fi
@ -222,25 +222,25 @@ function firefoxSetup() {
### Default profile (created by launching Firefox headlessly)
DEFAULT_RELEASE_PROFILE="$(find "$SETTINGS_DIR" -mindepth 1 -maxdepth 1 -name "*.default" -not -name "profile.default")"
if [ -n "$DEFAULT_RELEASE_PROFILE" ]; then
logg info "Syncing $DEFAULT_RELEASE_PROFILE to $SETTINGS_DIR/profile.default"
gum log -sl info "Syncing $DEFAULT_RELEASE_PROFILE to $SETTINGS_DIR/profile.default"
rsync -a "$DEFAULT_RELEASE_PROFILE/" "$SETTINGS_DIR/profile.default"
else
logg warn 'Unable to sync default Mozilla Firefox profile'
gum log -sl warn 'Unable to sync default Mozilla Firefox profile'
fi
### Ensure original installs.ini is removed
if [ -f "$SETTINGS_INI" ]; then
# DEFAULT_PROFILE_PROFILE="$SETTINGS_DIR/$(cat "$SETTINGS_INI" | grep 'Default=' | sed 's/.*Profiles\///')"
logg info 'Removing previous installs.ini file'
gum log -sl info 'Removing previous installs.ini file'
rm -f "$SETTINGS_INI"
else
logg info 'installs.ini was not present in the Mozilla Firefox settings folder'
gum log -sl info 'installs.ini was not present in the Mozilla Firefox settings folder'
fi
### Miscellaneous default profiles
for NEW_PROFILE in "automation" "development" "miscellaneous"; do
if [ ! -d "$SETTINGS_DIR/profile.${NEW_PROFILE}" ] && [ -d "$SETTINGS_DIR/profile.default" ]; then
logg info "Cloning $NEW_PROFILE from profile.default"
gum log -sl info "Cloning $NEW_PROFILE from profile.default"
rsync -a "$SETTINGS_DIR/profile.default/" "$SETTINGS_DIR/profile.${NEW_PROFILE}"
rsync -a "${XDG_DATA_HOME:-$HOME/.local/share}/firefox/" "$SETTINGS_DIR/profile.${NEW_PROFILE}"
cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/firefox/user.js" "$SETTINGS_DIR/profile.${NEW_PROFILE}"
@ -249,14 +249,14 @@ function firefoxSetup() {
### Public git profile
if [ -d "$SETTINGS_DIR/profile.git" ]; then
logg info 'Resetting the Firefox git profile'
gum log -sl info 'Resetting the Firefox git profile'
cd "$SETTINGS_DIR/profile.git"
git reset --hard HEAD
git clean -fxd
logg info 'Pulling latest updates to the Firefox git profile'
gum log -sl info 'Pulling latest updates to the Firefox git profile'
git pull origin master
else
logg info 'Cloning the public Firefox git profile'
gum log -sl info 'Cloning the public Firefox git profile'
cd "$SETTINGS_DIR" && git clone "$(yq '.firefoxPublicProfile' "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/.chezmoidata.yaml")" profile.git
fi
@ -265,7 +265,7 @@ function firefoxSetup() {
### Git profile w/ plugins installed (installation happens below)
if [ ! -d "$SETTINGS_DIR/profile.plugins" ]; then
logg info "Syncing $SETTINGS_DIR/profile.git to $SETTINGS_DIR/profile.plugins"
gum log -sl info "Syncing $SETTINGS_DIR/profile.git to $SETTINGS_DIR/profile.plugins"
rsync -a "$SETTINGS_DIR/profile.git/" "$SETTINGS_DIR/profile.plugins"
rsync -a "${XDG_DATA_HOME:-$HOME/.local/share}/firefox/" "$SETTINGS_DIR/profile.plugins"
cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/firefox/user.js" "$SETTINGS_DIR/profile.plugins"
@ -274,20 +274,20 @@ function firefoxSetup() {
### Private hosted profile
# Deprecated in favor of using the Restic profile tasks saved in `~/.config/task/Taskfile.yml`
# if [ ! -d "$SETTINGS_DIR/profile.private" ]; then
# logg info 'Downloading the encrypted Firefox private profile'
# gum log -sl info 'Downloading the encrypted Firefox private profile'
# cd "$SETTINGS_DIR"
# curl -sSL '{ { .firefoxPrivateProfile } }' -o profile.private.tar.gz.age
# logg info 'Decrypting the Firefox private profile'
# gum log -sl info 'Decrypting the Firefox private profile'
# chezmoi decrypt profile.private.tar.gz.age > profile.private.tar.gz || EXIT_DECRYPT_CODE=$?
# if [ -z "$EXIT_DECRYPT_CODE" ]; then
# rm -f profile.private.tar.gz.age
# logg info 'Decompressing the Firefox private profile'
# gum log -sl info 'Decompressing the Firefox private profile'
# tar -xzf profile.private.tar.gz
# logg success 'The Firefox private profile was successfully installed'
# cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/firefox/user.js" "$SETTINGS_DIR/profile.private"
# logg info 'Copied ~/.config/firefox/user.js to profile.private profile'
# gum log -sl info 'Copied ~/.config/firefox/user.js to profile.private profile'
# else
# logg error 'Failed to decrypt the private Firefox profile'
# gum log -sl error 'Failed to decrypt the private Firefox profile'
# fi
# fi
@ -295,12 +295,12 @@ function firefoxSetup() {
for SETTINGS_PROFILE in "profile.plugins" "profile.private"; do
if [ -d "$SETTINGS_DIR/$SETTINGS_PROFILE" ]; then
while read FIREFOX_PLUGIN; do
logg info "Processing the $FIREFOX_PLUGIN Firefox add-on"
gum log -sl info "Processing the $FIREFOX_PLUGIN Firefox add-on"
PLUGIN_HTML="$(mktemp)"
curl --silent "https://addons.mozilla.org/en-US/firefox/addon/$FIREFOX_PLUGIN/" > "$PLUGIN_HTML"
PLUGIN_TMP="$(mktemp)"
if ! command -v htmlq > /dev/null && command -v brew > /dev/null; then
logg info 'Installing htmlq using Homebrew since it is a dependency for populating Firefox add-ons' && brew install htmlq
gum log -sl info 'Installing htmlq using Homebrew since it is a dependency for populating Firefox add-ons' && brew install htmlq
fi
cat "$PLUGIN_HTML" | htmlq '#redux-store-state' | sed 's/^<scri.*application\/json">//' | sed 's/<\/script>$//' > "$PLUGIN_TMP"
PLUGIN_ID="$(jq '.addons.bySlug["'"$FIREFOX_PLUGIN"'"]' "$PLUGIN_TMP")"
@ -311,7 +311,7 @@ function firefoxSetup() {
PLUGIN_FILENAME="${PLUGIN_FILE_ID}.xpi"
PLUGIN_FOLDER="$(echo "$PLUGIN_FILENAME" | sed 's/.xpi$//')"
if [ ! -d "$SETTINGS_DIR/$SETTINGS_PROFILE/extensions/$PLUGIN_FOLDER" ]; then
logg info 'Downloading add-on XPI file for '"$PLUGIN_FILENAME"' ('"$FIREFOX_PLUGIN"')'
gum log -sl info 'Downloading add-on XPI file for '"$PLUGIN_FILENAME"' ('"$FIREFOX_PLUGIN"')'
if [ ! -d "$SETTINGS_DIR/$SETTINGS_PROFILE/extensions" ]; then
mkdir -p "$SETTINGS_DIR/$SETTINGS_PROFILE/extensions"
fi
@ -322,15 +322,15 @@ function firefoxSetup() {
# it seems since they do not have access to the file system by default. Also, using the policies.json approach forces
# all Firefox profiles to use the same extensions. Ideally, we should find a way to enable the extensions scoped
# to the user profile.
# logg info 'Unzipping '"$PLUGIN_FILENAME"' ('"$FIREFOX_PLUGIN"')'
# gum log -sl info 'Unzipping '"$PLUGIN_FILENAME"' ('"$FIREFOX_PLUGIN"')'
# unzip "$SETTINGS_DIR/$SETTINGS_PROFILE/extensions/$PLUGIN_FILENAME" -d "$SETTINGS_DIR/$SETTINGS_PROFILE/extensions/$PLUGIN_FOLDER"
logg success 'Installed '"$FIREFOX_PLUGIN"''
fi
else
logg warn 'A null Firefox add-on filename was detected for '"$FIREFOX_PLUGIN"''
gum log -sl warn 'A null Firefox add-on filename was detected for '"$FIREFOX_PLUGIN"''
fi
else
logg warn 'A null Firefox add-on ID was detected for '"$FIREFOX_PLUGIN"''
gum log -sl warn 'A null Firefox add-on ID was detected for '"$FIREFOX_PLUGIN"''
fi
done< <(yq '.firefoxAddOns[]' ~/.local/share/chezmoi/home/.chezmoidata.yaml)
fi

22
home/dot_local/bin/post-installx/executable_post-github-runner.sh
View file

@ -18,14 +18,14 @@
# * [Secrets / Environment variables documentation](https://install.doctor/docs/customization/secrets)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Check if GitHub runner is installed
if [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/github-runner/config.sh" ]; then
if [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/github-runner/.runner" ]; then
logg info "GitHub Actions runner is already configured (${XDG_DATA_HOME:-$HOME/.local/share}/github-runner/.runner file is present)"
gum log -sl info "GitHub Actions runner is already configured (${XDG_DATA_HOME:-$HOME/.local/share}/github-runner/.runner file is present)"
else
logg info 'Creating runner configuration'
gum log -sl info 'Creating runner configuration'
### Configure host labels
HOST_DISTRO_FAMILY="$(yq '.data.host.distro.family' "${XDG_CONFIG_HOME:-$HOME/.config}/chezmoi/chezmoi.yaml")"
HOST_DISTRO_ID="$(yq '.data.host.distro.id' "${XDG_CONFIG_HOME:-$HOME/.config}/chezmoi/chezmoi.yaml")"
@ -47,31 +47,31 @@ if [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/github-runner/config.sh" ]; then
if get-secret --exists GITHUB_TOKEN; then
if command -v jq > /dev/null; then
### Acquire token
logg info 'Acquiring runner token'
gum log -sl info 'Acquiring runner token'
RUNNER_ORG="$(yq '.data.user.github.runnerOrg' "${XDG_CONFIG_HOME:-$HOME/.config}/chezmoi/chezmoi.yaml")"
RUNNER_TOKEN="$(curl -sSL -X POST -H "Accept: application/vnd.github+json" -H "Authorization: Bearer $(get-secret GITHUB_TOKEN)" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/orgs/${RUNNER_ORG}/actions/runners/registration-token | jq -r '.token')"
### Generate the configuration
logg info "Joining GitHub runner to https://github.com/${RUNNER_ORG}"
gum log -sl info "Joining GitHub runner to https://github.com/${RUNNER_ORG}"
"${XDG_DATA_HOME:-$HOME/.local/share}/github-runner/config.sh" --unattended --url https://github.com/${RUNNER_ORG} --token "$RUNNER_TOKEN" --labels "$LABELS" || EXIT_CODE=$?
if [ -n "${EXIT_CODE:-}" ]; then
logg error 'GitHub runner configuration failed' && exit 1
gum log -sl error 'GitHub runner configuration failed' && exit 1
fi
### Install / start the service
logg info 'Configuring runner service'
gum log -sl info 'Configuring runner service'
"${XDG_DATA_HOME:-$HOME/.local/share}/github-runner/svc.sh" install
logg success 'Successfully installed the GitHub Actions runner service'
logg info 'Starting runner service'
gum log -sl info 'Starting runner service'
"${XDG_DATA_HOME:-$HOME/.local/share}/github-runner/svc.sh" start
logg success 'Started the GitHub Actions runner service'
else
logg warn 'jq is required by the GitHub runner configuration script'
gum log -sl warn 'jq is required by the GitHub runner configuration script'
fi
else
logg warn 'The GITHUB_TOKEN environment variable is not present'
gum log -sl warn 'The GITHUB_TOKEN environment variable is not present'
fi
fi
else
logg info "The GitHub Actions runner installation is not present at ${XDG_DATA_HOME:-$HOME/.local/share}/github-runner"
gum log -sl info "The GitHub Actions runner installation is not present at ${XDG_DATA_HOME:-$HOME/.local/share}/github-runner"
fi

16
home/dot_local/bin/post-installx/executable_post-gitomatic.sh
View file

@ -21,32 +21,32 @@
# * [Helper script](https://github.com/megabyte-labs/install.doctor/blob/master/home/dot_local/bin/executable_gitomatic_service.tmpl
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v gitomatic > /dev/null; then
### Copy gitomatic-service to /usr/local/bin
logg info "Copying $HOME/.local/bin/gitomatic-service to /usr/local/bin/gitomatic-service"
gum log -sl info "Copying $HOME/.local/bin/gitomatic-service to /usr/local/bin/gitomatic-service"
sudo cp -f "$HOME/.local/bin/gitomatic-service" /usr/local/bin/gitomatic-servic
### Copy gitomatic to global directory
if [ ! -f /usr/local/bin/gitomatic ]; then
logg info 'Copying gitomatic executable to /usr/local/bin/gitomatic'
gum log -sl info 'Copying gitomatic executable to /usr/local/bin/gitomatic'
sudo cp -f "$(which gitomatic)" /usr/local/bin/gitomatic
fi
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Enabling the com.github.muesli.gitomatic LaunchDaemon'
gum log -sl info 'Enabling the com.github.muesli.gitomatic LaunchDaemon'
load-service com.github.muesli.gitomatic
else
### Linux
logg info 'Copying gitomatic systemd unit file to /etc/systemd/system/'
gum log -sl info 'Copying gitomatic systemd unit file to /etc/systemd/system/'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/gitomatic/gitomatic.service" /etc/systemd/system/gitomatic.service
logg info 'Reloading systemd daemon'
gum log -sl info 'Reloading systemd daemon'
sudo systemctl daemon-reload
logg info 'Enabling and starting gitomatic service'
gum log -sl info 'Enabling and starting gitomatic service'
sudo systemctl enable --now gitomatic
fi
else
logg info 'gitomatic is not installed or it is not available in PATH'
gum log -sl info 'gitomatic is not installed or it is not available in PATH'
fi

26
home/dot_local/bin/post-installx/executable_post-google-chrome.sh
View file

@ -25,52 +25,52 @@
# * [`recommended.json`](https://github.com/megabyte-labs/install.doctor/blob/master/home/dot_config/chrome/recommended.json)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
function chromeSetUp() {
### Ensure Chrome policies directory is present
logg info 'Processing policy directories for Chromium based browsers'
gum log -sl info 'Processing policy directories for Chromium based browsers'
for POLICY_DIR in "/opt/google/chrome/policies"; do
if [ -d "$(dirname "$POLICY_DIR")" ]; then
### Managed policies
if [ ! -f "$POLICY_DIR/managed/policies.json" ]; then
logg info "Ensuring directory $POLICY_DIR/managed exists"
gum log -sl info "Ensuring directory $POLICY_DIR/managed exists"
sudo mkdir -p "$POLICY_DIR/managed"
logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/chrome/managed.json to $POLICY_DIR/managed/policies.json"
gum log -sl info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/chrome/managed.json to $POLICY_DIR/managed/policies.json"
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/chrome/managed.json" "$POLICY_DIR/managed/policies.json"
fi
### Recommended policies
if [ ! -f "$POLICY_DIR/recommended/policies.json" ]; then
logg info "Ensuring directory $POLICY_DIR/recommended exists" && sudo mkdir -p "$POLICY_DIR/recommended"
logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/chrome/recommended.json to $POLICY_DIR/recommended/policies.json"
gum log -sl info "Ensuring directory $POLICY_DIR/recommended exists" && sudo mkdir -p "$POLICY_DIR/recommended"
gum log -sl info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/chrome/recommended.json to $POLICY_DIR/recommended/policies.json"
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/chrome/recommended.json" "$POLICY_DIR/recommended/policies.json"
fi
else
logg info "Skipping extension injection into $POLICY_DIR - create these folders prior to running to create managed configs"
gum log -sl info "Skipping extension injection into $POLICY_DIR - create these folders prior to running to create managed configs"
fi
done
### Add Chrome extension JSON
logg info 'Populating Chrome extension JSON'
gum log -sl info 'Populating Chrome extension JSON'
for EXTENSION_DIR in "/opt/google/chrome/extensions" "$HOME/Library/Application Support/Google/Chrome/External Extensions"; do
### Ensure program-type is installed
if [ -d "$(dirname "$EXTENSION_DIR")" ]; then
### Ensure extension directory exists
if [[ "$EXTENSION_DIR" == '/opt/'* ]] || [[ "$EXTENSION_DIR" == '/etc/'* ]]; then
if [ ! -d "$EXTENSION_DIR" ]; then
logg info "Creating directory $EXTENSION_DIR" && sudo mkdir -p "$EXTENSION_DIR"
gum log -sl info "Creating directory $EXTENSION_DIR" && sudo mkdir -p "$EXTENSION_DIR"
fi
else
if [ ! -d "$EXTENSION_DIR" ]; then
logg info "Creating directory $EXTENSION_DIR" && mkdir -p "$EXTENSION_DIR"
gum log -sl info "Creating directory $EXTENSION_DIR" && mkdir -p "$EXTENSION_DIR"
fi
fi
### Add extension JSON
logg info "Adding Chrome extensions to $EXTENSION_DIR"
gum log -sl info "Adding Chrome extensions to $EXTENSION_DIR"
while read EXTENSION; do
logg info "Adding Chrome extension manifest ($EXTENSION)"
gum log -sl info "Adding Chrome extension manifest ($EXTENSION)"
if ! echo "$EXTENSION" | grep 'https://chrome.google.com/webstore/detail/' > /dev/null; then
EXTENSION="https://chrome.google.com/webstore/detail/$EXTENSION"
fi
@ -82,7 +82,7 @@ function chromeSetUp() {
fi
done< <(yq '.chromeExtensions[]' "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/.chezmoidata.yaml")
else
logg info "$EXTENSION_DIR does not exist"
gum log -sl info "$EXTENSION_DIR does not exist"
fi
done
}

10
home/dot_local/bin/post-installx/executable_post-juicefs.sh
View file

@ -15,7 +15,7 @@
# these four volume names.
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
MOUNT_FOLDER="/mnt"
UPDATE_FSTAB="--update-fstab"
@ -24,10 +24,10 @@ if [ -d /Applications ] && [ -d /System ]; then
MOUNT_FOLDER="/Volumes"
UPDATE_FSTAB=""
elif [ -f /snap/juicefs/current/juicefs ]; then
logg info 'Symlinking /snap/juicefs/current/juicefs to /snap/bin/juicefs' && sudo ln -s -f /snap/juicefs/current/juicefs /snap/bin/juicefs
gum log -sl info 'Symlinking /snap/juicefs/current/juicefs to /snap/bin/juicefs' && sudo ln -s -f /snap/juicefs/current/juicefs /snap/bin/juicefs
fi
logg info "Acquiring juicefsVolumeNamePostfix from ${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/.chezmoidata.yaml"
gum log -sl info "Acquiring juicefsVolumeNamePostfix from ${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/.chezmoidata.yaml"
JUICEFS_VOLUME_PREFIX="$(yq '.juicefsVolumeNamePostfix' "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/.chezmoidata.yaml")"
for MOUNT_NAME in "docker" "private" "public" "user"; do
if [ "$MOUNT_NAME" == "user" ]; then
@ -39,8 +39,8 @@ done
### Linux systemd
if command -v systemctl > /dev/null; then
logg info 'Ensuring /etc/systemd/system/docker.service.d exists as a directory' && sudo mkdir -p /etc/systemd/system/docker.service.d
logg info 'Creating /etc/systemd/system/docker.service.d/override.conf which ensures JuiceFS is loaded before Docker starts'
gum log -sl info 'Ensuring /etc/systemd/system/docker.service.d exists as a directory' && sudo mkdir -p /etc/systemd/system/docker.service.d
gum log -sl info 'Creating /etc/systemd/system/docker.service.d/override.conf which ensures JuiceFS is loaded before Docker starts'
echo '[Unit]' | sudo tee /etc/systemd/system/docker.service.d/override.conf
echo 'After=network-online.target firewalld.service containerd.service jfs.mount' | sudo tee -a /etc/systemd/system/docker.service.d/override.conf
fi

10
home/dot_local/bin/post-installx/executable_post-keybase.sh
View file

@ -5,16 +5,16 @@
# This script ensures Keybase utilizes a configuration that, by default, adds a security fix.
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v keybase > /dev/null; then
KEYBASE_CONFIG="${XDG_CONFIG_HOME:-$HOME/.config}/keybase/config.json"
if [ -f "$KEYBASE_CONFIG" ]; then
logg info 'Ensuring /etc/keybase is a directory' && sudo mkdir -p /etc/keybase
logg info "Copying $KEYBASE_CONFIG to /etc/keybase/config.json" && sudo cp -f "$KEYBASE_CONFIG" /etc/keybase/config.json
gum log -sl info 'Ensuring /etc/keybase is a directory' && sudo mkdir -p /etc/keybase
gum log -sl info "Copying $KEYBASE_CONFIG to /etc/keybase/config.json" && sudo cp -f "$KEYBASE_CONFIG" /etc/keybase/config.json
else
logg warn "No Keybase config located at $KEYBASE_CONFIG"
gum log -sl warn "No Keybase config located at $KEYBASE_CONFIG"
fi
else
logg info 'The keybase executable is not available'
gum log -sl info 'The keybase executable is not available'
fi

8
home/dot_local/bin/post-installx/executable_post-mise.sh
View file

@ -3,19 +3,19 @@
# @brief Performs initial install of mise targets and applies tweaks such as symlinking mise's Java version with the system Java target on macOS
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v mise > /dev/null; then
logg info 'Running mise install' && mise install
gum log -sl info 'Running mise install' && mise install
### Symlink Java on macOS
if [ -d /Applications ] && [ -d /System ]; then
if [ -d "${XDG_DATA_HOME:-$HOME/.local/share}/mise/installs/java/openjdk-20/Contents" ] && [ ! -d "/Library/Java/JavaVirtualMachines/openjdk-20.jdk/Contents" ]; then
logg info "Symlinking ${XDG_DATA_HOME:-$HOME/.local/share}/mise/installs/java/openjdk-20/Contents to /Library/Java/JavaVirtualMachines/openjdk-20.jdk/Contents"
gum log -sl info "Symlinking ${XDG_DATA_HOME:-$HOME/.local/share}/mise/installs/java/openjdk-20/Contents to /Library/Java/JavaVirtualMachines/openjdk-20.jdk/Contents"
sudo mkdir -p /Library/Java/JavaVirtualMachines/openjdk-20.jdk
sudo ln -s "${XDG_DATA_HOME:-$HOME/.local/share}/mise/installs/java/openjdk-20/Contents" /Library/Java/JavaVirtualMachines/openjdk-20.jdk/Contents
fi
fi
else
logg info 'mise is not available on the PATH'
gum log -sl info 'mise is not available on the PATH'
fi

64
home/dot_local/bin/post-installx/executable_post-netdata.sh
View file

@ -10,18 +10,18 @@
# using the provided primary email address. If the OS is Debian based, Netdata shows the number of CVEs in currently installed packages.
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
ensureNetdataOwnership() {
### Ensure /usr/local/var/lib/netdata/cloud.d is owned by user
if [ -d /usr/local/var/lib/netdata ]; then
logg info 'Ensuring permissions are correct on /usr/local/var/lib/netdata' && sudo chown -Rf netdata:netdata /usr/local/var/lib/netdata 2> /dev/null || sudo chown -Rf netdata:$(id -g -n) /usr/local/var/lib/netdata
gum log -sl info 'Ensuring permissions are correct on /usr/local/var/lib/netdata' && sudo chown -Rf netdata:netdata /usr/local/var/lib/netdata 2> /dev/null || sudo chown -Rf netdata:$(id -g -n) /usr/local/var/lib/netdata
elif [ -d /var/lib/netdata ]; then
logg info 'Ensuring permissions are correct on /var/lib/netdata' && sudo chown -Rf netdata:netdata /var/lib/netdata 2> /dev/null || sudo chown -Rf netdata:$(id -g -n) /var/lib/netdata
gum log -sl info 'Ensuring permissions are correct on /var/lib/netdata' && sudo chown -Rf netdata:netdata /var/lib/netdata 2> /dev/null || sudo chown -Rf netdata:$(id -g -n) /var/lib/netdata
elif [ -d "${HOMEBREW_PREFIX:-/opt/homebrew}/var/lib/netdata" ]; then
logg info "Ensuring permissions are correct on ${HOMEBREW_PREFIX:-/opt/homebrew}/var/lib/netdata" && sudo chown -Rf netdata:netdata "${HOMEBREW_PREFIX:-/opt/homebrew}/var/lib/netdata" 2> /dev/null || sudo chown -Rf netdata:$(id -g -n) "${HOMEBREW_PREFIX:-/opt/homebrew}/var/lib/netdata"
gum log -sl info "Ensuring permissions are correct on ${HOMEBREW_PREFIX:-/opt/homebrew}/var/lib/netdata" && sudo chown -Rf netdata:netdata "${HOMEBREW_PREFIX:-/opt/homebrew}/var/lib/netdata" 2> /dev/null || sudo chown -Rf netdata:$(id -g -n) "${HOMEBREW_PREFIX:-/opt/homebrew}/var/lib/netdata"
else
logg warn 'No /var/lib/netdata folder found'
gum log -sl warn 'No /var/lib/netdata folder found'
fi
}
@ -52,16 +52,16 @@ if command -v netdata-claim.sh > /dev/null; then
# Assuming these optimizations do not cause any harm.
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'System is macOS so Netdata kernel optimizations are not required'
gum log -sl info 'System is macOS so Netdata kernel optimizations are not required'
else
### Linux
if [ -d /sys/kernel/mm/ksm ]; then
logg info 'Adding Netdata kernel optimization for /sys/kernel/mm/ksm/run'
gum log -sl info 'Adding Netdata kernel optimization for /sys/kernel/mm/ksm/run'
echo 1 | sudo tee /sys/kernel/mm/ksm/run
logg info 'Adding Netdata kernel optimization for /sys/kernel/mm/ksm/sleep_millisecs'
gum log -sl info 'Adding Netdata kernel optimization for /sys/kernel/mm/ksm/sleep_millisecs'
echo 1000 | sudo tee /sys/kernel/mm/ksm/sleep_millisecs
else
logg info 'The /sys/kernel/mm/ksm directory does not exist so Netdata kernel optimizations are not being applied'
gum log -sl info 'The /sys/kernel/mm/ksm directory does not exist so Netdata kernel optimizations are not being applied'
fi
fi
@ -75,9 +75,9 @@ if command -v netdata-claim.sh > /dev/null; then
elif [ -d "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/netdata" ]; then
NETDATA_ETC="${HOMEBREW_PREFIX:-/opt/homebrew}/etc/netdata"
else
logg error 'No etc location found for netdata' && exit 1
gum log -sl error 'No etc location found for netdata' && exit 1
fi
logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health.d/ to $NETDATA_ETC"
gum log -sl info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health.d/ to $NETDATA_ETC"
sudo cp -rf "${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health.d/" "$NETDATA_ETC"
if command -v gsed > /dev/null; then
SED_UTIL="gsed"
@ -87,12 +87,12 @@ if command -v netdata-claim.sh > /dev/null; then
### Blocky
# TODO - Add this configuration to appropriate configuration file
# logg info "Adding Blocky metrics collection to $NETDATA_ETC/go.d/prometheus.conf"
# gum log -sl info "Adding Blocky metrics collection to $NETDATA_ETC/go.d/prometheus.conf"
# sudo "$SED_UTIL" -i "/jobs:/a\ - name: blocky_local \n url: 'http://127.0.0.1:4000/metrics'" "$NETDATA_ETC/go.d/prometheus.conf"
### SFTPGo
# TODO - Add this configuration to appropriate configuration file
# logg info "Adding SFTPGo metrics collection to $NETDATA_ETC/go.d/prometheus.conf"
# gum log -sl info "Adding SFTPGo metrics collection to $NETDATA_ETC/go.d/prometheus.conf"
# sudo "$SED_UTIL" -i "/jobs:/a\ - name: sftpgo_local \n url: 'http://127.0.0.1:57500/metrics'" "$NETDATA_ETC/go.d/prometheus.conf"
# Backup current health alarm configuration and apply new one
@ -103,12 +103,12 @@ if command -v netdata-claim.sh > /dev/null; then
elif [ -d "${HOMEBREW_PREFIX:-/opt/homebrew}/lib/netdata" ]; then
NETDATA_LIB="${HOMEBREW_PREFIX:-/opt/homebrew}/lib/netdata"
else
logg error 'No lib location found for netdata' && exit 1
gum log -sl error 'No lib location found for netdata' && exit 1
fi
logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health_alarm_notify.conf to $NETDATA_LIB/conf.d/health_alarm_notify.conf"
gum log -sl info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health_alarm_notify.conf to $NETDATA_LIB/conf.d/health_alarm_notify.conf"
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health_alarm_notify.conf" "$NETDATA_LIB/conf.d/health_alarm_notify.conf"
else
logg warn 'netdata is not available in the PATH or is not installed'
gum log -sl warn 'netdata is not available in the PATH or is not installed'
fi
### Ensure the apt command is available before running `debsecan` logic
@ -117,27 +117,27 @@ if command -v netdata-claim.sh > /dev/null; then
if command -v debsecan > /dev/null; then
DEBSECAN_GIT="${XDG_DATA_HOME:-$HOME/.local/share}/netdata-debsecan"
### Installing the script to generate report on CVEs in installed packages
logg info 'Installing script to generate report on CVEs in installed packages'
gum log -sl info 'Installing script to generate report on CVEs in installed packages'
sudo cp -f "$DEBSECAN_GIT/usr_local_bin_debsecan-by-type" "/usr/local/bin/debsecan-by-type"
### Generate initial debsecan reports in /var/log/debsecan/
logg info 'Generating initial debsecan reports in /var/log/debsecan/'
gum log -sl info 'Generating initial debsecan reports in /var/log/debsecan/'
debsecan-by-type
### Configure dpkg to refresh the file after each run
logg info 'Configuring dpkg to refresh the file after each run'
gum log -sl info 'Configuring dpkg to refresh the file after each run'
sudo cp -f "$DEBSECAN_GIT/etc_apt_apt.conf.d_99debsecan" /etc/apt/apt.conf.d/99-debsecan
### Add a cron job to refresh the file every hour
logg info 'Adding a cron job to refresh the file every hour'
gum log -sl info 'Adding a cron job to refresh the file every hour'
sudo cp -f "$DEBSECAN_GIT/etc_cron.d_debsecan" /etc/cron.d/debsecan
### Install the module/configuration file
logg info 'Installing the module and configuration file'
gum log -sl info 'Installing the module and configuration file'
sudo "$DEBSECAN_GIT/debsecan.chart.py" /usr/libexec/netdata/python.d/debsecan.chart.py
sudo "$DEBSECAN_GIT/debsecan.conf" /etc/netdata/python.d/debsecan.conf
else
logg warn 'apt-get is available but debsecan is not available in the PATH or is not installed'
gum log -sl warn 'apt-get is available but debsecan is not available in the PATH or is not installed'
fi
fi
@ -146,25 +146,25 @@ if command -v netdata-claim.sh > /dev/null; then
if command -v pipx > /dev/null; then
pipx install speedtest-cli
else
logg warn 'speedtest-cli not installed and pipx is not available'
gum log -sl warn 'speedtest-cli not installed and pipx is not available'
fi
fi
### Configure Netdata to gather information about Internet connection speed
if command -v speedtest-cli > /dev/null; then
### Installing the script to generate report on Internet connection speed
logg info 'Installing script to generate report on Internet connection speed'
gum log -sl info 'Installing script to generate report on Internet connection speed'
LIBEXEC_PATH="$(netdata -W buildinfo | grep 'Configure' | sed "s/.*--libexecdir=\([^ \']*\).*/\1/")"
if [ -d /usr/libexec/netdata/charts.d ]; then
sudo cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/netdata-speedtest/speedtest.chart.sh" "/usr/libexec/netdata/charts.d/speedtest.chart.sh"
elif [ -d "$LIBEXEC_PATH/netdata/charts.d" ]; then
logg info "$LIBEXEC_PATH/netdata/charts.d present on system"
gum log -sl info "$LIBEXEC_PATH/netdata/charts.d present on system"
cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/netdata-speedtest/speedtest.chart.sh" "$LIBEXEC_PATH/netdata/charts.d/speedtest.chart.sh"
else
logg warn "Failed to find appropriate directory to add Netdata speedtest chart script"
gum log -sl warn "Failed to find appropriate directory to add Netdata speedtest chart script"
fi
else
logg warn 'speedtest-cli is not available in the PATH or is not installed'
gum log -sl warn 'speedtest-cli is not available in the PATH or is not installed'
fi
### Ensure ownership again
@ -172,13 +172,13 @@ if command -v netdata-claim.sh > /dev/null; then
### Restart Netdata service
if command -v systemctl > /dev/null; then
logg info 'Enabling netdata service' && sudo systemctl enable netdata
logg info 'Restarting netdata service' && sudo systemctl restart netdata
gum log -sl info 'Enabling netdata service' && sudo systemctl enable netdata
gum log -sl info 'Restarting netdata service' && sudo systemctl restart netdata
elif [ -d /Applications ] && [ -d /System ]; then
logg info 'Starting / enabling netdata service' && brew services restart netdata
gum log -sl info 'Starting / enabling netdata service' && brew services restart netdata
else
logg warn 'systemctl is not available'
gum log -sl warn 'systemctl is not available'
fi
else
logg info 'netdata-claim.sh is not available in the PATH'
gum log -sl info 'netdata-claim.sh is not available in the PATH'
fi

18
home/dot_local/bin/post-installx/executable_post-nginx.sh
View file

@ -12,40 +12,40 @@
# * [NGINX Amplify documentation](https://docs.nginx.com/nginx-amplify/#)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v nginx > /dev/null; then
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Skipping installation of NGINX Amplify because macOS is not supported'
gum log -sl info 'Skipping installation of NGINX Amplify because macOS is not supported'
NGINX_CONFIG_DIR=/usr/local/etc/nginx
else
### Linux
NGINX_CONFIG_DIR=/etc/nginx
if get-secret --exists NGINX_AMPLIFY_API_KEY; then
### Download NGINX Amplify script
logg info 'Downloading the NGINX Amplify installer script'
gum log -sl info 'Downloading the NGINX Amplify installer script'
TMP="$(mktemp)"
curl -sSL https://github.com/nginxinc/nginx-amplify-agent/raw/master/packages/install.sh > "$TMP"
### NGINX Amplify registration
logg info 'Running the NGINX Amplify setup script'
gum log -sl info 'Running the NGINX Amplify setup script'
API_KEY="$(get-secret NGINX_AMPLIFY_API_KEY)" sh "$TMP"
else
logg warn "Skipping NGINX Amplify setup because the NGINX_AMPLIFY_API_KEY was unavailable"
gum log -sl warn "Skipping NGINX Amplify setup because the NGINX_AMPLIFY_API_KEY was unavailable"
fi
fi
logg info "Ensuring $NGINX_CONFIG_DIR is present" && sudo mkdir -p "$NGINX_CONFIG_DIR"
logg info "Copying configuration files from $HOME/.local/etc/nginx to $NGINX_CONFIG_DIR"
gum log -sl info "Ensuring $NGINX_CONFIG_DIR is present" && sudo mkdir -p "$NGINX_CONFIG_DIR"
gum log -sl info "Copying configuration files from $HOME/.local/etc/nginx to $NGINX_CONFIG_DIR"
sudo rsync -av "$HOME/.local/etc/nginx/" "$NGINX_CONFIG_DIR"
if [ -d /Applications ] && [ -d /System ]; then
### macOS
if [ -d "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/nginx" ] && [ ! -L "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/nginx" ]; then
logg info "Removing ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/nginx directory and its contents in favor of symlink to /usr/local/etc/nginx"
gum log -sl info "Removing ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/nginx directory and its contents in favor of symlink to /usr/local/etc/nginx"
rm -rf "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/nginx"
ln -s /usr/local/etc/nginx "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/nginx"
else
logg info "Skipping symlinking of /usr/local/etc/nginx to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/nginx because directory symlink already appears to be there"
gum log -sl info "Skipping symlinking of /usr/local/etc/nginx to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/nginx because directory symlink already appears to be there"
fi
fi
fi

12
home/dot_local/bin/post-installx/executable_post-ntfy.sh
View file

@ -3,30 +3,30 @@
# @brief Ensures branding assets and sound files are in system locations. Also, ensures system dependencies are installed
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v ntfy > /dev/null; then
### Branding assets
logg info 'Ensuring branding assets are in expected place for ntfy'
gum log -sl info 'Ensuring branding assets are in expected place for ntfy'
sudo mkdir -p /usr/local/etc/branding
sudo cp -f "$HOME/.local/etc/branding/logo-color-256x256.png" /usr/local/etc/branding/logo-color-256x256.png
### Sound files
logg info 'Ensuring shared sound files are synced to system location'
gum log -sl info 'Ensuring shared sound files are synced to system location'
sudo mkdir -p /usr/local/share/sounds
sudo rsync -rtvp "${XDG_DATA_HOME:-$HOME/.local/share}/sounds/" /usr/local/share/sounds
### Debian dependency
if command -v apt-get > /dev/null; then
logg info 'Running sudo apt-get update && sudo apt-get install -y python-dbus'
gum log -sl info 'Running sudo apt-get update && sudo apt-get install -y python-dbus'
sudo apt-get update && sudo apt-get install -y python-dbus
fi
### Termux dependency
if command -v termux-setup-storage > /dev/null; then
logg info 'Running apt install -y termux-api'
gum log -sl info 'Running apt install -y termux-api'
apt install -y termux-api
fi
else
logg info 'ntfy not available on PATH'
gum log -sl info 'ntfy not available on PATH'
fi

30
home/dot_local/bin/post-installx/executable_post-plymouth.sh
View file

@ -5,17 +5,17 @@
# This script installs Plymouth and then configures it to use our custom Betelgeuse theme.
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Create /etc/plymouth/plymouthd.conf
if [ -f /etc/plymouth/plymouthd.conf ]; then
### Back up original plymouthd.conf
if [ ! -f /etc/plymouth/plymouthd.conf.bak ]; then
logg info 'Backing up /etc/plymouth/plymouthd.conf to /etc/plymouth/plymouthd.conf.bak'
gum log -sl info 'Backing up /etc/plymouth/plymouthd.conf to /etc/plymouth/plymouthd.conf.bak'
sudo cp -f /etc/plymouth/plymouthd.conf /etc/plymouth/plymouthd.conf.bak
fi
### Create new plymouthd.conf
logg info 'Populating the /etc/plymouth/plymouthd.conf file'
gum log -sl info 'Populating the /etc/plymouth/plymouthd.conf file'
echo "[Daemon]" | sudo tee /etc/plymouth/plymouthd.conf > /dev/null
echo "Theme=Betelgeuse" | sudo tee -a /etc/plymouth/plymouthd.conf > /dev/null
echo "ShowDelay=1" | sudo tee -a /etc/plymouth/plymouthd.conf > /dev/null
@ -30,28 +30,28 @@ if command -v update-alternatives > /dev/null; then
sudo update-alternatives --set default.plymouth "/usr/local/share/plymouth/themes/Betelgeuse/Betelgeuse.plymouth"
logg success 'Set default.plymouth'
else
logg warn "/usr/local/share/plymouth/themes/Betelgeuse/Betelgeuse.plymouth does not exist!"
gum log -sl warn "/usr/local/share/plymouth/themes/Betelgeuse/Betelgeuse.plymouth does not exist!"
fi
else
logg warn 'update-alternatives is not available'
gum log -sl warn 'update-alternatives is not available'
fi
### Update /etc/plymouth/plymouthd.conf
# Replaced by code above
# if [ -f /etc/plymouth/plymouthd.conf ]; then
# logg info 'Setting ShowDelay=1 in /etc/plymouth/plymouthd.conf'
# gum log -sl info 'Setting ShowDelay=1 in /etc/plymouth/plymouthd.conf'
# if cat /etc/plymouth/plymouthd.conf | grep ShowDelay; then
# sudo sed -i 's/^ShowDelay=.*/ShowDelay=1/' /etc/plymouth/plymouthd.conf
# else
# echo 'ShowDelay=1' | sudo tee -a /etc/plymouth/plymouthd.conf > /dev/null
# fi
# else
# logg warn '/etc/plymouth/plymouthd.conf does not exist!'
# gum log -sl warn '/etc/plymouth/plymouthd.conf does not exist!'
# fi
### Symlink /usr/local/share/plymouth/themes to /usr/share/plymouth/themes
if [ ! -d '/usr/share/plymouth/themes/Betelgeuse' ]; then
logg info 'Symlinking /usr/local/share/plymouth/themes/Betelgeuse to /usr/share/plymouth/themes/Betelgeuse'
gum log -sl info 'Symlinking /usr/local/share/plymouth/themes/Betelgeuse to /usr/share/plymouth/themes/Betelgeuse'
sudo ln -s '/usr/local/share/plymouth/themes/Betelgeuse' '/usr/share/plymouth/themes/Betelgeuse'
fi
@ -59,12 +59,12 @@ fi
if command -v plymouth-set-default-theme > /dev/null; then
sudo plymouth-set-default-theme -R 'Betelgeuse' || EXIT_CODE=$?
if [ -n "${EXIT_CODE:-}" ]; then
logg warn 'There may have been an issue while setting the Plymouth default theme with plymouth-set-default-theme'
gum log -sl warn 'There may have been an issue while setting the Plymouth default theme with plymouth-set-default-theme'
else
logg success 'Set Plymouth default theme with plymouth-set-default-theme'
fi
else
logg warn 'Could not apply default Plymouth theme because plymouth-set-default-theme is missing'
gum log -sl warn 'Could not apply default Plymouth theme because plymouth-set-default-theme is missing'
fi
### Apply update-alternatives (again - required sometimes)
@ -74,24 +74,24 @@ if command -v update-alternatives > /dev/null; then
sudo update-alternatives --set default.plymouth "/usr/local/share/plymouth/themes/Betelgeuse/Betelgeuse.plymouth"
logg success 'Set default.plymouth (second time is required sometimes)'
else
logg warn "/usr/local/share/plymouth/themes/Betelgeuse/Betelgeuse.plymouth does not exist!"
gum log -sl warn "/usr/local/share/plymouth/themes/Betelgeuse/Betelgeuse.plymouth does not exist!"
fi
else
logg warn 'update-alternatives is not available'
gum log -sl warn 'update-alternatives is not available'
fi
### Update kernel / initrd images
# Set `export DEBUG_MODE=true` to bypass GRUB2 / Plymouth application
if [ "$DEBUG_MODE" != 'true' ]; then
if command -v update-initramfs > /dev/null; then
logg info 'Running sudo update-initramfs -u'
gum log -sl info 'Running sudo update-initramfs -u'
sudo update-initramfs -u
logg success 'Updated kernel / initrd images for Plymouth'
elif command -v dracut > /dev/null; then
logg info 'Running sudo dracut --regenerate-all -f'
gum log -sl info 'Running sudo dracut --regenerate-all -f'
sudo dracut --regenerate-all -f
logg success 'Updated kernel / initrd images for Plymouth'
else
logg warn 'Unable to update kernel / initrd images because neither update-initramfs or dracut are available'
gum log -sl warn 'Unable to update kernel / initrd images because neither update-initramfs or dracut are available'
fi
fi

82
home/dot_local/bin/post-installx/executable_post-postfix.sh
View file

@ -11,7 +11,7 @@
# ```
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Acquire PUBLIC_SERVICES_DOMAIN and PRIMARY_EMAIL
if command -v yq > /dev/null; then
@ -19,10 +19,10 @@ if command -v yq > /dev/null; then
PUBLIC_SERVICES_DOMAIN="$(yq '.data.host.domain' "${XDG_CONFIG_HOME:-$HOME/.config}/chezmoi/chezmoi.yaml")"
PRIMARY_EMAIL="$(yq '.data.user.email' "${XDG_CONFIG_HOME:-$HOME/.config}/chezmoi/chezmoi.yaml")"
else
logg warn "${XDG_CONFIG_HOME:-$HOME/.config}/chezmoi/chezmoi.yaml is missing and is required for acquiring the PUBLIC_SERVICES_DOMAIN and PRIMARY_EMAIL"
gum log -sl warn "${XDG_CONFIG_HOME:-$HOME/.config}/chezmoi/chezmoi.yaml is missing and is required for acquiring the PUBLIC_SERVICES_DOMAIN and PRIMARY_EMAIL"
fi
else
logg warn 'yq is not installed on the system and is required for populating the PUBLIC_SERVICES_DOMAIN and PRIMARY_EMAIL'
gum log -sl warn 'yq is not installed on the system and is required for populating the PUBLIC_SERVICES_DOMAIN and PRIMARY_EMAIL'
fi
### Setup Postfix if SENDGRID_API_KEY is retrieved
@ -30,7 +30,7 @@ if get-secret --exists SENDGRID_API_KEY; then
if command -v postfix > /dev/null; then
### Ensure dependencies are installed
if command -v apt-get > /dev/null; then
logg info 'Installing libsasl2-modules'
gum log -sl info 'Installing libsasl2-modules'
sudo apt-get update
sudo apt-get install -y libsasl2-modules || EXIT_CODE=$?
elif command -v dnf > /dev/null; then
@ -39,14 +39,14 @@ if get-secret --exists SENDGRID_API_KEY; then
sudo yum install -y cyrus-sasl-plain || EXIT_CODE=$?
fi
if [ -n "${EXIT_CODE:-}" ]; then
logg warn 'There was an error ensuring the Postfix-SendGrid dependencies were installed'
gum log -sl warn 'There was an error ensuring the Postfix-SendGrid dependencies were installed'
fi
if [ -d /etc/postfix ]; then
### Add the SendGrid Postfix settings to the Postfix configuration
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/main.cf" ]; then
CONFIG_FILE=/etc/postfix/main.cf
if cat "$CONFIG_FILE" | grep '### INSTALL DOCTOR MANAGED' > /dev/null; then
logg info 'Removing Install Doctor-managed block of code in /etc/postfix/main.cf block'
gum log -sl info 'Removing Install Doctor-managed block of code in /etc/postfix/main.cf block'
START_LINE="$(echo `grep -n -m 1 "### INSTALL DOCTOR MANAGED ### START" "$CONFIG_FILE" | cut -f1 -d ":"`)"
END_LINE="$(echo `grep -n -m 1 "### INSTALL DOCTOR MANAGED ### END" "$CONFIG_FILE" | cut -f1 -d ":"`)"
if [ -n "$START_LINE" ] && [ -n "$END_LINE" ]; then
@ -56,7 +56,7 @@ if get-secret --exists SENDGRID_API_KEY; then
sudo sed -i "${START_LINE},${END_LINE}d" "$CONFIG_FILE"
fi
else
logg info 'No start-line or end-line detected - configuration appears to already be clean'
gum log -sl info 'No start-line or end-line detected - configuration appears to already be clean'
fi
fi
### Add Postfix main configuration
@ -66,115 +66,115 @@ if get-secret --exists SENDGRID_API_KEY; then
fi
### Ensure proper permissions on `sasl_passwd` and update Postfix hashmaps
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/sasl_passwd" ]; then
logg info "Copying file from ${XDG_CONFIG_HOME:-$HOME/.config}/postfix/sasl_passwd to /etc/postfix/sasl_passwd"
gum log -sl info "Copying file from ${XDG_CONFIG_HOME:-$HOME/.config}/postfix/sasl_passwd to /etc/postfix/sasl_passwd"
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/sasl_passwd" /etc/postfix/sasl_passwd
logg info 'Assigning proper permissions to /etc/postfix/sasl_passwd'
gum log -sl info 'Assigning proper permissions to /etc/postfix/sasl_passwd'
sudo chmod 600 /etc/postfix/sasl_passwd
logg info 'Updating Postfix hashmaps for /etc/postfix/sasl_passwd'
gum log -sl info 'Updating Postfix hashmaps for /etc/postfix/sasl_passwd'
sudo postmap /etc/postfix/sasl_passwd
else
logg warn '~/.config/postfix/sasl_passwd file is missing'
gum log -sl warn '~/.config/postfix/sasl_passwd file is missing'
fi
### Forward root e-mails
if [ -n "$PRIMARY_EMAIL" ]; then
if [ -d /root ]; then
logg info "Forwarding root e-mails to $PRIMARY_EMAIL"
echo "$PRIMARY_EMAIL" | sudo tee /root/.forward > /dev/null || logg error 'Failed to set root user .forward file'
gum log -sl info "Forwarding root e-mails to $PRIMARY_EMAIL"
echo "$PRIMARY_EMAIL" | sudo tee /root/.forward > /dev/null || gum log -sl error 'Failed to set root user .forward file'
elif [ -d /var/root ]; then
logg info "Forwarding root e-mails to $PRIMARY_EMAIL"
echo "$PRIMARY_EMAIL" | sudo tee /var/root/.forward > /dev/null || logg error 'Failed to set root user .forward file'
gum log -sl info "Forwarding root e-mails to $PRIMARY_EMAIL"
echo "$PRIMARY_EMAIL" | sudo tee /var/root/.forward > /dev/null || gum log -sl error 'Failed to set root user .forward file'
else
logg warn 'Unable to identify root user home directory'
gum log -sl warn 'Unable to identify root user home directory'
fi
else
logg warn 'PRIMARY_EMAIL is undefined so cannot setup root email forwarding'
gum log -sl warn 'PRIMARY_EMAIL is undefined so cannot setup root email forwarding'
fi
### Ensure /etc/postfix/header_checks exists
if [ ! -d /etc/postfix/header_checks ]; then
logg info 'Creating /etc/postfix/header_checks since it does not exist'
gum log -sl info 'Creating /etc/postfix/header_checks since it does not exist'
sudo touch /etc/postfix/header_checks
fi
### Re-write header From for SendGrid
if [ -n "$PUBLIC_SERVICES_DOMAIN" ]; then
if ! cat /etc/postfix/header_checks | grep "no-reply@${PUBLIC_SERVICES_DOMAIN}" > /dev/null; then
logg info 'Added From REPLACE to /etc/postfix/header_checks'
gum log -sl info 'Added From REPLACE to /etc/postfix/header_checks'
echo "/^From:.*@${PUBLIC_SERVICES_DOMAIN}/ REPLACE From: no-reply@${PUBLIC_SERVICES_DOMAIN}" | sudo tee -a /etc/postfix/header_checks > /dev/null
fi
else
logg warn 'PUBLIC_SERVICES_DOMAIN is undefined'
gum log -sl warn 'PUBLIC_SERVICES_DOMAIN is undefined'
fi
### Update aliases
if [ -f /etc/aliases ] && [ -n "$PRIMARY_EMAIL" ]; then
logg info "Forward root e-mails to $PRIMARY_EMAIL"
gum log -sl info "Forward root e-mails to $PRIMARY_EMAIL"
ALIASES_TMP="$(mktemp)"
logg info "Setting $PRIMARY_EMAIL as root e-mail in temporary file"
gum log -sl info "Setting $PRIMARY_EMAIL as root e-mail in temporary file"
sudo sed "s/#root.*/root:\ $PRIMARY_EMAIL/" /etc/aliases > "$ALIASES_TMP"
logg info 'Moving temporary file to /etc/aliases'
gum log -sl info 'Moving temporary file to /etc/aliases'
sudo mv -f "$ALIASES_TMP" /etc/aliases
if ! cat /etc/aliases | grep "$USER_USERNAME: root" > /dev/null; then
logg info 'Forward user e-mail to root@localhost'
gum log -sl info 'Forward user e-mail to root@localhost'
echo "$USER_USERNAME: root" | sudo tee -a /etc/aliases > /dev/null
fi
### Ensure old /etc/aliases.db is removed
if [ -f /etc/aliases.db ]; then
logg info 'Ensuring /etc/aliases.db is removed' && sudo rm -f /etc/aliases.db
gum log -sl info 'Ensuring /etc/aliases.db is removed' && sudo rm -f /etc/aliases.db
else
logg info '/etc/aliases.db was not found'
gum log -sl info '/etc/aliases.db was not found'
fi
### Re-generate the /etc/aliases.db file
if [ -f /etc/aliases ]; then
if command -v gstat > /dev/null; then
logg info 'Ensuring proper permissions on the /etc/aliases file' && sudo chown $(gstat -c "%U:%G" /etc/sudoers) /etc/aliases
gum log -sl info 'Ensuring proper permissions on the /etc/aliases file' && sudo chown $(gstat -c "%U:%G" /etc/sudoers) /etc/aliases
elif command -v stat > /dev/null; then
logg info 'Ensuring proper permissions on the /etc/aliases file' && sudo chown $(stat -c "%U:%G" /etc/sudoers) /etc/aliases
gum log -sl info 'Ensuring proper permissions on the /etc/aliases file' && sudo chown $(stat -c "%U:%G" /etc/sudoers) /etc/aliases
else
logg info 'Neither the gstat or stat command are available - cannot run sudo chown $(stat/gstat -c "%U:%G" /etc/sudoers) /etc/aliases'
gum log -sl info 'Neither the gstat or stat command are available - cannot run sudo chown $(stat/gstat -c "%U:%G" /etc/sudoers) /etc/aliases'
fi
logg info 'Generating Postfix aliases' && sudo postalias /etc/aliases > /dev/null
gum log -sl info 'Generating Postfix aliases' && sudo postalias /etc/aliases > /dev/null
else
logg warn '/etc/aliases is missing which is required for Postfix'
gum log -sl warn '/etc/aliases is missing which is required for Postfix'
fi
# The `sudo newaliases` mode is probably used to regenerate the /etc/aliases.db
# but since we are removing it to ensure proper permissions, this method is commented out.
# logg info 'Running newaliases to regenerate the alias database' && sudo newaliases
# gum log -sl info 'Running newaliases to regenerate the alias database' && sudo newaliases
else
logg warn '/etc/aliases does not appear to exist or PRIMARY_EMAIL is undefined'
gum log -sl warn '/etc/aliases does not appear to exist or PRIMARY_EMAIL is undefined'
fi
if [ -d /Applications ] && [ -d /System ]; then
### macOS
# Source: https://budiirawan.com/install-mail-server-mac-osx/
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/com.apple.postfix.master.plist" ] && ! sudo launchctl list | grep 'postfix.master' > /dev/null; then
logg info 'Copying com.apple.postfix.master.plist'
gum log -sl info 'Copying com.apple.postfix.master.plist'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/postfix/com.apple.postfix.master.plist" /System/Library/LaunchDaemons/com.apple.postfix.master.plist
if sudo launchctl list | grep 'com.apple.postfix.master' > /dev/null; then
logg info 'Unloading previous Postfix launch configuration'
gum log -sl info 'Unloading previous Postfix launch configuration'
sudo launchctl unload /System/Library/LaunchDaemons/com.apple.postfix.master.plist
fi
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.postfix.master.plist && logg success 'launchctl load of com.apple.postfix.master successful'
fi
if ! sudo postfix status > /dev/null; then
logg info 'Starting postfix'
gum log -sl info 'Starting postfix'
sudo postfix start > /dev/null
else
logg info 'Reloading postfix'
gum log -sl info 'Reloading postfix'
sudo postfix reload > /dev/null
fi
else
### Enable / restart postfix on Linux
logg info 'Enabling / restarting postfix'
gum log -sl info 'Enabling / restarting postfix'
sudo systemctl enable postfix
sudo systemctl restart postfix
fi
else
logg warn '/etc/postfix is not a directory! Skipping SendGrid Postfix setup.'
gum log -sl warn '/etc/postfix is not a directory! Skipping SendGrid Postfix setup.'
fi
else
logg info 'Skipping Postfix configuration because Postfix is not installed'
gum log -sl info 'Skipping Postfix configuration because Postfix is not installed'
fi
else
logg info 'SENDGRID_API_KEY is undefined so skipping Postfix configuration'
gum log -sl info 'SENDGRID_API_KEY is undefined so skipping Postfix configuration'
fi

20
home/dot_local/bin/post-installx/executable_post-privoxy.sh
View file

@ -14,7 +14,7 @@
# * [Privoxy configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/dot_config/privoxy/config)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Configure variables
if [ -d /Applications ] && [ -d /System ]; then
@ -29,38 +29,38 @@ PRIVOXY_CONFIG="$PRIVOXY_CONFIG_DIR/config"
if command -v privoxy > /dev/null; then
if [ -f "${XDG_CONFIG_HOME:-HOME/.config}/privoxy/config" ]; then
sudo mkdir -p "$PRIVOXY_CONFIG_DIR"
logg info "Copying ${XDG_CONFIG_HOME:-HOME/.config}/privoxy/config to $PRIVOXY_CONFIG"
gum log -sl info "Copying ${XDG_CONFIG_HOME:-HOME/.config}/privoxy/config to $PRIVOXY_CONFIG"
sudo cp -f "${XDG_CONFIG_HOME:-HOME/.config}/privoxy/config" "$PRIVOXY_CONFIG"
logg info "Running sudo chmod 600 $PRIVOXY_CONFIG"
gum log -sl info "Running sudo chmod 600 $PRIVOXY_CONFIG"
sudo chmod 600 "$PRIVOXY_CONFIG"
if command -v add-usergroup > /dev/null; then
sudo add-usergroup privoxy privoxy
sudo add-usergroup "$USER" privoxy
fi
logg info 'Applying proper permissions to Privoxy configuration'
gum log -sl info 'Applying proper permissions to Privoxy configuration'
sudo chown privoxy:privoxy "$PRIVOXY_CONFIG" 2> /dev/null || sudo chown privoxy:$(id -g -n) "$PRIVOXY_CONFIG"
if [ -d "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/privoxy" ] && [ ! -f "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/privoxy/config" ]; then
logg info "Symlinking $PRIVOXY_CONFIG to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/privoxy/config"
gum log -sl info "Symlinking $PRIVOXY_CONFIG to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/privoxy/config"
ln -s "$PRIVOXY_CONFIG" "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/privoxy/config"
fi
### Restart Privoxy after configuration is applied
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Running brew services restart privoxy'
gum log -sl info 'Running brew services restart privoxy'
brew services restart privoxy
else
### Linux
if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
logg info 'Running sudo systemctl enable / restart privoxy'
gum log -sl info 'Running sudo systemctl enable / restart privoxy'
sudo systemctl enable privoxy
sudo systemctl restart privoxy
else
logg info 'The system is a WSL environment so the Privoxy systemd service will not be enabled / restarted'
gum log -sl info 'The system is a WSL environment so the Privoxy systemd service will not be enabled / restarted'
fi
fi
else
logg info "${XDG_CONFIG_HOME:-HOME/.config}/privoxy/config is missing so skipping set up of Privoxy"
gum log -sl info "${XDG_CONFIG_HOME:-HOME/.config}/privoxy/config is missing so skipping set up of Privoxy"
fi
else
logg info 'privoxy is not installed or not available in the PATH'
gum log -sl info 'privoxy is not installed or not available in the PATH'
fi

30
home/dot_local/bin/post-installx/executable_post-rclone.sh
View file

@ -46,14 +46,14 @@
# * [Rclone documentation](https://rclone.org/docs/)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Begin configuration
if command -v rclone > /dev/null; then
R2_ENDPOINT="$(yq '.data.user.cloudflare.r2' "${XDG_CONFIG_HOME:-$HOME/.config}/chezmoi/chezmoi.yaml")"
CONFIG_FILE="${XDG_CONFIG_HOME:-$HOME/.config}/rclone/rclone.conf"
if [ "$R2_ENDPOINT" != 'null' ] && get-secret --exists CLOUDFLARE_R2_ID_USER CLOUDFLARE_R2_SECRET_USER; then
logg info 'Removing ~/.config/rclone/rclone.conf Install Doctor managed block'
gum log -sl info 'Removing ~/.config/rclone/rclone.conf Install Doctor managed block'
if cat "$CONFIG_FILE" | grep '# INSTALL DOCTOR MANAGED S3 START' > /dev/null; then
# TODO: Remove old block
START_LINE="$(echo `grep -n -m 1 "# INSTALL DOCTOR MANAGED S3 START" "$CONFIG_FILE" | cut -f1 -d ":"`)"
@ -64,7 +64,7 @@ if command -v rclone > /dev/null; then
sed -i "$START_LINE,${END_LINE}d" "$CONFIG_FILE" > /dev/null
fi
fi
logg info 'Adding ~/.config/rclone/rclone.conf INSTALL DOCTOR managed block'
gum log -sl info 'Adding ~/.config/rclone/rclone.conf INSTALL DOCTOR managed block'
tee -a "$CONFIG_FILE" > /dev/null <<EOT
# INSTALL DOCTOR MANAGED S3 START
[User-$USER]
@ -92,37 +92,37 @@ EOT
fi
### Setup /var/cache/rclone
logg info 'Ensuring /var/cache/rclone exists'
gum log -sl info 'Ensuring /var/cache/rclone exists'
sudo mkdir -p /var/cache/rclone
sudo chmod 750 /var/cache/rclone
sudo chown -Rf rclone:rclone /var/cache/rclone
### Setup /var/log/rclone
logg info 'Ensuring /var/log/rclone exists'
gum log -sl info 'Ensuring /var/log/rclone exists'
sudo mkdir -p /var/log/rclone
sudo chmod 750 /var/log/rclone
sudo chown -Rf rclone:rclone /var/log/rclone
### Add rclone-mount to /usr/local/bin
logg info 'Adding ~/.local/bin/rclone-mount to /usr/local/bin'
gum log -sl info 'Adding ~/.local/bin/rclone-mount to /usr/local/bin'
sudo cp -f "$HOME/.local/bin/rclone-mount" /usr/local/bin/rclone-mount
sudo chmod +x /usr/local/bin/rclone-mount
### Setup /etc/rcloneignore
logg info 'Adding ~/.config/rclone/rcloneignore to /etc/rcloneignore'
gum log -sl info 'Adding ~/.config/rclone/rcloneignore to /etc/rcloneignore'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/rcloneignore" /etc/rcloneignore
sudo chown -Rf rclone:rclone /etc/rcloneignore
sudo chmod 640 /etc/rcloneignore
### Setup /etc/rclone.conf
logg info 'Adding ~/.config/rclone/system-rclone.conf to /etc/rclone.conf'
gum log -sl info 'Adding ~/.config/rclone/system-rclone.conf to /etc/rclone.conf'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/system-rclone.conf" /etc/rclone.conf
sudo chown -Rf rclone:rclone /etc/rclone.conf
sudo chmod 600 /etc/rclone.conf
if [ -d /Applications ] && [ -d /System ]; then
### Enable Rclone mounts
logg info 'Ensuring Rclone mount-on-reboot definitions are in place'
gum log -sl info 'Ensuring Rclone mount-on-reboot definitions are in place'
sudo mkdir -p /Library/LaunchDaemons
if get-secret --exists CLOUDFLARE_R2_ID CLOUDFLARE_R2_SECRET; then
@ -141,18 +141,18 @@ EOT
if get-secret --exists CLOUDFLARE_R2_ID CLOUDFLARE_R2_SECRET; then
find "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/system" -mindepth 1 -maxdepth 1 -type f | while read RCLONE_SERVICE; do
### Add systemd service file
logg info "Adding S3 system mount service defined at $RCLONE_SERVICE"
gum log -sl info "Adding S3 system mount service defined at $RCLONE_SERVICE"
FILENAME="$(basename "$RCLONE_SERVICE")"
SERVICE_ID="$(echo "$FILENAME" | sed 's/.service//')"
sudo cp -f "$RCLONE_SERVICE" "/etc/systemd/system/$(basename "$RCLONE_SERVICE")"
### Ensure mount folder is created
logg info "Ensuring /mnt/$SERVICE_ID is created with proper permissions"
gum log -sl info "Ensuring /mnt/$SERVICE_ID is created with proper permissions"
sudo mkdir -p "/mnt/$SERVICE_ID"
sudo chmod 750 "/mnt/$SERVICE_ID"
### Enable / restart the service
logg info "Enabling / restarting the $SERVICE_ID S3 service"
gum log -sl info "Enabling / restarting the $SERVICE_ID S3 service"
sudo systemctl enable "$SERVICE_ID"
sudo systemctl restart "$SERVICE_ID"
done
@ -160,13 +160,13 @@ EOT
### Add user Rclone mount
if get-secret --exists CLOUDFLARE_R2_ID_USER CLOUDFLARE_R2_SECRET_USER; then
logg info 'Adding user S3 rclone mount (available at ~/Cloud/User and /Volumes/User)'
gum log -sl info 'Adding user S3 rclone mount (available at ~/Cloud/User and /Volumes/User)'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/s3-user.service" "/etc/systemd/system/s3-${USER}.service"
logg info 'Enabling / restarting the S3 user mount'
gum log -sl info 'Enabling / restarting the S3 user mount'
sudo systemctl enable "s3-${USER}"
sudo systemctl restart "s3-${USER}"
fi
fi
else
logg info 'rclone is not available'
gum log -sl info 'rclone is not available'
fi

12
home/dot_local/bin/post-installx/executable_post-rkhunter.sh
View file

@ -3,26 +3,26 @@
# @brief This script applies the rkhunter integration and updates it as well
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v rkhunter > /dev/null; then
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Updating file "$(brew --prefix)/Cellar/rkhunter/1.4.6/etc/rkhunter.conf"' && gsed -i "s/^#WEB_CMD.*$/WEB_CMD=curl\ -L/" "$(brew --prefix)/Cellar/rkhunter/1.4.6/etc/rkhunter.conf"
gum log -sl info 'Updating file "$(brew --prefix)/Cellar/rkhunter/1.4.6/etc/rkhunter.conf"' && gsed -i "s/^#WEB_CMD.*$/WEB_CMD=curl\ -L/" "$(brew --prefix)/Cellar/rkhunter/1.4.6/etc/rkhunter.conf"
export PATH="$(echo "$PATH" | gsed 's/VMware Fusion.app/VMwareFusion.app/g')"
export PATH="$(echo "$PATH" | gsed 's/IntelliJ IDEA CE.app/IntelliJIDEACE.app/g')"
else
### Linux
logg info 'Updating file /etc/rkhunter.conf' && sed -i "s/^#WEB_CMD.*$/WEB_CMD=curl\ -L/" /etc/rkhunter.conf
gum log -sl info 'Updating file /etc/rkhunter.conf' && sed -i "s/^#WEB_CMD.*$/WEB_CMD=curl\ -L/" /etc/rkhunter.conf
fi
sudo rkhunter --propupd || RK_PROPUPD_EXIT_CODE=$?
if [ -n "${RK_PROPUPD_EXIT_CODE:-}" ]; then
logg error "sudo rkhunter --propupd returned non-zero exit code"
gum log -sl error "sudo rkhunter --propupd returned non-zero exit code"
fi
sudo rkhunter --update || RK_UPDATE_EXIT_CODE=$?
if [ -n "${RK_UPDATE_EXIT_CODE:-}" ]; then
logg error "sudo rkhunter --update returned non-zero exit code"
gum log -sl error "sudo rkhunter --update returned non-zero exit code"
fi
else
logg info 'rkhunter is not installed'
gum log -sl info 'rkhunter is not installed'
fi

26
home/dot_local/bin/post-installx/executable_post-samba.sh
View file

@ -49,7 +49,7 @@
# * [Secrets / Environment variables documentation](https://install.doctor/docs/customization/secrets)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Configure Samba server
if command -v smbd > /dev/null; then
@ -69,19 +69,19 @@ if command -v smbd > /dev/null; then
PUBLIC_SHARE="/$MNT_FOLDER/Public"
### Private share
logg info "Ensuring $PRIVATE_SHARE is created"
gum log -sl info "Ensuring $PRIVATE_SHARE is created"
sudo mkdir -p "$PRIVATE_SHARE"
sudo chmod 750 "$PRIVATE_SHARE"
sudo chown -Rf root:rclone "$PRIVATE_SHARE"
### Public share
logg info "Ensuring $PUBLIC_SHARE is created"
gum log -sl info "Ensuring $PUBLIC_SHARE is created"
sudo mkdir -p "$PUBLIC_SHARE"
sudo chmod 755 "$PUBLIC_SHARE"
sudo chown -Rf root:rclone "$PUBLIC_SHARE"
### User share
logg info "Ensuring $HOME/Shared is created"
gum log -sl info "Ensuring $HOME/Shared is created"
mkdir -p "$HOME/Shared"
chmod 755 "$HOME/Shared"
chown -Rf "$USER":rclone "$HOME/Shared"
@ -93,9 +93,9 @@ if command -v smbd > /dev/null; then
logg success "Configured $PRIVATE_SHARE as a private Samba share"
else
if echo $SMB_OUTPUT | grep 'smb name already exists' > /dev/null; then
logg info "$PRIVATE_SHARE Samba share already exists"
gum log -sl info "$PRIVATE_SHARE Samba share already exists"
else
logg error 'An error occurred while running sudo sharing -a "$PRIVATE_SHARE" -S "Private (System)" -n "Private (System)" -g 000 -s 001 -E 1 -R 1'
gum log -sl error 'An error occurred while running sudo sharing -a "$PRIVATE_SHARE" -S "Private (System)" -n "Private (System)" -g 000 -s 001 -E 1 -R 1'
echo "$SMB_OUTPUT"
fi
fi
@ -105,9 +105,9 @@ if command -v smbd > /dev/null; then
logg success "Configured $PUBLIC_SHARE as a system public Samba share"
else
if echo $SMB_OUTPUT | grep 'smb name already exists' > /dev/null; then
logg info "$PUBLIC_SHARE Samba share already exists"
gum log -sl info "$PUBLIC_SHARE Samba share already exists"
else
logg error 'An error occurred while running sudo sharing -a "$PUBLIC_SHARE" -S "Public (System)" -n "Public (System)" -g 001 -s 001 -E 1 -R 0'
gum log -sl error 'An error occurred while running sudo sharing -a "$PUBLIC_SHARE" -S "Public (System)" -n "Public (System)" -g 001 -s 001 -E 1 -R 0'
echo "$SMB_OUTPUT"
fi
fi
@ -117,21 +117,21 @@ if command -v smbd > /dev/null; then
logg success "Configured $HOME/Shared as a user-scoped Samba share"
else
if echo $SMB_OUTPUT | grep 'smb name already exists' > /dev/null; then
logg info "$HOME/Shared Samba share already exists"
gum log -sl info "$HOME/Shared Samba share already exists"
else
logg error 'An error occurred while running sudo sharing -a "$HOME/Shared" -S "Shared (User)" -n "Shared (User)" -g 001 -s 001 -E 1 -R 0'
gum log -sl error 'An error occurred while running sudo sharing -a "$HOME/Shared" -S "Shared (User)" -n "Shared (User)" -g 001 -s 001 -E 1 -R 0'
echo "$SMB_OUTPUT"
fi
fi
else
### Copy Samba configuration
logg info "Copying Samba server configuration to /etc/samba/smb.conf"
gum log -sl info "Copying Samba server configuration to /etc/samba/smb.conf"
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/samba/config" "/etc/samba/smb.conf"
### Reload configuration file changes
logg info 'Reloading the smbd config'
gum log -sl info 'Reloading the smbd config'
smbcontrol smbd reload-config
fi
else
logg info "Samba server is not installed"
gum log -sl info "Samba server is not installed"
fi

10
home/dot_local/bin/post-installx/executable_post-sftpgo.sh
View file

@ -3,16 +3,16 @@
# @brief This script copies over the required configuration files for sftpgo and then initializes sftpgo
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v sftpgo > /dev/null; then
### Copy configuration file
sudo mkdir -p /usr/local/etc/sftpgo
logg info 'Copying over sftpgo configuration to /usr/local/etc/sftpgo/sftpgo.json'
gum log -sl info 'Copying over sftpgo configuration to /usr/local/etc/sftpgo/sftpgo.json'
sudo cp -f "$HOME/.local/etc/sftpgo/sftpgo.json" /usr/local/etc/sftpgo/sftpgo.json
### Copy branding assets / banner
logg info 'Copying over sftpgo branding assets'
gum log -sl info 'Copying over sftpgo branding assets'
sudo cp -f "$HOME/.local/etc/sftpgo/banner" /usr/local/etc/sftpgo/banner
sudo mkdir -p /usr/local/etc/branding
sudo cp -f "$HOME/.local/etc/branding/favicon.ico" /usr/local/etc/branding/favicon.ico
@ -20,8 +20,8 @@ if command -v sftpgo > /dev/null; then
sudo cp -f "$HOME/.local/etc/branding/logo-color-900x900.png" /usr/local/etc/branding/logo-color-900x900.png
### Initialize
logg info 'Running sudo sftpgo initprovider'
gum log -sl info 'Running sudo sftpgo initprovider'
sudo sftpgo initprovider
else
logg info 'sftpgo is not installed'
gum log -sl info 'sftpgo is not installed'
fi

8
home/dot_local/bin/post-installx/executable_post-tabby.sh
View file

@ -42,17 +42,17 @@
# * [Secrets / Environment variables documentation](https://install.doctor/docs/customization/secrets) which details how to store your Tabby configuration in as an encrypted file
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/tabby/plugins/package.json" ]; then
if [ -d "${XDG_CONFIG_HOME:-$HOME/.config}/tabby/plugins/node_modules" ]; then
logg info 'Skipping Tabby plugin installation because it looks like the plugins were already installed since node_modules is present in ~/.config/tabby/plugins'
gum log -sl info 'Skipping Tabby plugin installation because it looks like the plugins were already installed since node_modules is present in ~/.config/tabby/plugins'
else
logg info 'Installing Tabby plugins defined in '"${XDG_CONFIG_HOME:-$HOME/.config}/tabby/plugins/package.json"''
gum log -sl info 'Installing Tabby plugins defined in '"${XDG_CONFIG_HOME:-$HOME/.config}/tabby/plugins/package.json"''
cd "${XDG_CONFIG_HOME:-$HOME/.config}/tabby/plugins"
npm install --quiet --no-progress
logg success 'Finished installing Tabby plugins'
fi
else
logg info 'Skipping Tabby plugin installation because is not present'
gum log -sl info 'Skipping Tabby plugin installation because is not present'
fi

40
home/dot_local/bin/post-installx/executable_post-tailscale.sh
View file

@ -11,76 +11,76 @@
# [Tailscale IP addresses](https://tailscale.com/kb/1105/other-vpns).
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Disconnect from CloudFlare WARP (if connected)
if command -v warp-cli > /dev/null; then
warp-cli disconnect && logg info 'CloudFlare WARP temporarily disconnected while Tailscale connects'
warp-cli disconnect && gum log -sl info 'CloudFlare WARP temporarily disconnected while Tailscale connects'
fi
### Install the Tailscale system daemon
if [ -d /Applications ] && [ -d /System ]; then
### macOS
if command -v tailscaled > /dev/null; then
logg info 'Ensuring tailscaled system daemon is installed'
gum log -sl info 'Ensuring tailscaled system daemon is installed'
sudo tailscaled install-system-daemon
logg info 'tailscaled system daemon is now installed and will load on boot'
gum log -sl info 'tailscaled system daemon is now installed and will load on boot'
else
logg info 'tailscaled does not appear to be installed'
gum log -sl info 'tailscaled does not appear to be installed'
fi
### Open Tailscale.app
if [ -d /Applications/Tailscale.app ]; then
logg info 'Opening Tailscale.app menu bar widget' && open -a Tailscale
gum log -sl info 'Opening Tailscale.app menu bar widget' && open -a Tailscale
else
logg info '/Applications/Tailscale.app is missing from the system'
gum log -sl info '/Applications/Tailscale.app is missing from the system'
fi
fi
### Connect to Tailscale network
if get-secret --exists TAILSCALE_AUTH_KEY; then
if [ -f /Applications/Tailscale.app/Contents/MacOS/Tailscale ]; then
logg info 'Connecting to Tailscale with user-defined authentication key (TAILSCALE_AUTH_KEY)'
gum log -sl info 'Connecting to Tailscale with user-defined authentication key (TAILSCALE_AUTH_KEY)'
timeout 30 /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey="$(get-secret TAILSCALE_AUTH_KEY)" --accept-routes || EXIT_CODE=$?
if [ -n "${EXIT_CODE:-}" ]; then
logg warn '/Applications/Tailscale.app/Contents/MacOS/Tailscale timed out'
gum log -sl warn '/Applications/Tailscale.app/Contents/MacOS/Tailscale timed out'
fi
logg info 'Disabling update check'
gum log -sl info 'Disabling update check'
/Applications/Tailscale.app/Contents/MacOS/Tailscale set --update-check=false
elif command -v tailscale > /dev/null; then
logg info 'Connecting to Tailscale with user-defined authentication key (TAILSCALE_AUTH_KEY)'
gum log -sl info 'Connecting to Tailscale with user-defined authentication key (TAILSCALE_AUTH_KEY)'
timeout 30 tailscale up --authkey="$(get-secret TAILSCALE_AUTH_KEY)" --accept-routes || EXIT_CODE=$?
if [ -n "${EXIT_CODE:-}" ]; then
logg warn 'tailscale up timed out'
gum log -sl warn 'tailscale up timed out'
else
logg success 'Connected to Tailscale network'
fi
logg info 'Disabling notifications about updates'
gum log -sl info 'Disabling notifications about updates'
tailscale set --update-check=false
logg info 'Setting tailscale to auto-update'
gum log -sl info 'Setting tailscale to auto-update'
tailscale set --auto-update
else
logg info 'tailscale does not appear to be installed'
gum log -sl info 'tailscale does not appear to be installed'
fi
else
logg info 'TAILSCALE_AUTH_KEY is not defined so not logging into Tailscale network'
gum log -sl info 'TAILSCALE_AUTH_KEY is not defined so not logging into Tailscale network'
fi
### Re-connect CloudFlare WARP after Tailscale is connected
if command -v warp-cli > /dev/null; then
### Register CloudFlare WARP
if warp-cli --accept-tos status | grep 'Registration Missing' > /dev/null; then
logg info 'Registering CloudFlare WARP'
gum log -sl info 'Registering CloudFlare WARP'
warp-cli --accept-tos registration new
else
logg info 'Either there is a misconfiguration or the device is already registered with CloudFlare WARP'
gum log -sl info 'Either there is a misconfiguration or the device is already registered with CloudFlare WARP'
fi
### Connect CloudFlare WARP
if warp-cli --accept-tos status | grep 'Disconnected' > /dev/null; then
logg info 'Connecting to CloudFlare WARP'
gum log -sl info 'Connecting to CloudFlare WARP'
warp-cli --accept-tos connect > /dev/null && logg success 'Connected to CloudFlare WARP'
else
logg info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP'
gum log -sl info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP'
fi
fi

8
home/dot_local/bin/post-installx/executable_post-timeshift.sh
View file

@ -5,14 +5,14 @@
# This script applies a Timeshift configuration that defines how Timeshift should maintain system backups.
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
if command -v timeshift > /dev/null; then
logg info 'Ensuring /etc/timeshift is a directory'
gum log -sl info 'Ensuring /etc/timeshift is a directory'
sudo mkdir -p /etc/timeshift
TIMESHIFT_CONFIG="${XDG_CONFIG_HOME:-$HOME/.config}/timeshift/timeshift.json"
logg info "Copying $TIMESHIFT_CONFIG to /etc/timeshift/timeshift.json"
gum log -sl info "Copying $TIMESHIFT_CONFIG to /etc/timeshift/timeshift.json"
sudo cp -f "$TIMESHIFT_CONFIG" /etc/timeshift/timeshift.json
else
logg info 'The timeshift executable is not available'
gum log -sl info 'The timeshift executable is not available'
fi

20
home/dot_local/bin/post-installx/executable_post-tor.sh
View file

@ -15,7 +15,7 @@
# * [Tor configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/dot_config/tor/torrc)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Determine the Tor configuration location by checking whether the system is macOS or Linux
if [ -d /Applications ] && [ -d /System ]; then
@ -32,38 +32,38 @@ TORRC_CONFIG="$TORRC_CONFIG_DIR/torrc"
if command -v torify > /dev/null; then
if [ -d "$TORRC_CONFIG_DIR" ]; then
### Copy the configuration from `${XDG_CONFIG_HOME:-$HOME/.config}/tor/torrc` to the system configuration file location
logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/tor/torrc to $TORRC_CONFIG"
gum log -sl info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/tor/torrc to $TORRC_CONFIG"
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/tor/torrc" "$TORRC_CONFIG"
sudo chmod 600 "$TORRC_CONFIG"
### Enable and restart the Tor service
if [ -d /Applications ] && [ -d /System ]; then
### macOS
if [ -d "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/tor" ] && [ ! -f "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/tor/torrc" ]; then
logg info "Symlinking /usr/local/etc/tor/torrc to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/tor/torrc"
gum log -sl info "Symlinking /usr/local/etc/tor/torrc to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/tor/torrc"
ln -s /usr/local/etc/tor/torrc "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/tor/torrc"
else
if [ -L "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/tor/torrc" ]; then
logg info ""${HOMEBREW_PREFIX:-/opt/homebrew}/etc/tor/torrc" already symlinked to $TORRC_CONFIG"
gum log -sl info ""${HOMEBREW_PREFIX:-/opt/homebrew}/etc/tor/torrc" already symlinked to $TORRC_CONFIG"
else
logg warn ""${HOMEBREW_PREFIX:-/opt/homebrew}/etc/tor/torrc" not symlinked!"
gum log -sl warn ""${HOMEBREW_PREFIX:-/opt/homebrew}/etc/tor/torrc" not symlinked!"
fi
fi
logg info 'Running brew services restart tor'
gum log -sl info 'Running brew services restart tor'
brew services restart tor && logg success 'Tor successfully restarted'
else
if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
### Linux
logg info 'Running sudo systemctl enable / restart tor'
gum log -sl info 'Running sudo systemctl enable / restart tor'
sudo systemctl enable tor
sudo systemctl restart tor
logg success 'Tor service enabled and restarted'
else
logg info 'Environment is WSL so the Tor systemd service will not be enabled / restarted'
gum log -sl info 'Environment is WSL so the Tor systemd service will not be enabled / restarted'
fi
fi
else
logg warn 'The '"$TORRC_CONFIG_DIR"' directory is missing'
gum log -sl warn 'The '"$TORRC_CONFIG_DIR"' directory is missing'
fi
else
logg warn 'torify is missing from the PATH'
gum log -sl warn 'torify is missing from the PATH'
fi

12
home/dot_local/bin/post-installx/executable_post-vim.sh
View file

@ -3,20 +3,20 @@
# @brief This script triggers VIM to pre-install plugins so that VIM loads into the desired state the first time it is invoked
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
logg info "Installing VIM plugins" && vim +'PlugInstall --sync' +qall
gum log -sl info "Installing VIM plugins" && vim +'PlugInstall --sync' +qall
# @description This script installs the extensions defined in `${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions/package.json`
# which should correlate to the Coc extensions defined in `${XDG_CONFIG_HOME:-$HOME/.config}/vim/vimrc`.
installCocExtensions() {
if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions/package.json" ]; then
logg info "Running npm i --no-progress --no-package-lock in ${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions"
gum log -sl info "Running npm i --no-progress --no-package-lock in ${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions"
cd "${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions" && npm i --no-progress --no-package-lock
logg info "Running vim +CocUpdateSync +qall" && vim +CocUpdateSync +qall
gum log -sl info "Running vim +CocUpdateSync +qall" && vim +CocUpdateSync +qall
else
logg info "Skipping Coc extension installation because ${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions/package.json is missing"
gum log -sl info "Skipping Coc extension installation because ${XDG_CONFIG_HOME:-$HOME/.config}/coc/extensions/package.json is missing"
fi
}
logg info "Updating VIM coc extensions" && installCocExtensions
gum log -sl info "Updating VIM coc extensions" && installCocExtensions

14
home/dot_local/bin/post-installx/executable_post-virtualbox.sh
View file

@ -5,13 +5,13 @@
# This script ensures the VirtualBox extension pack that corresponds with VirtualBox's version is properly installed.
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Run logic if VirtualBox is installed
if command -v VirtualBox > /dev/null; then
### Install VirtualBox extension pack if it is not installed already
if [ ! -d /usr/lib/virtualbox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack ] && [ ! -d /Applications/VirtualBox.app/Contents/MacOS/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack ]; then
logg info 'Acquiring VirtualBox version information'
gum log -sl info 'Acquiring VirtualBox version information'
VBOX_VERSION="$(VirtualBox --help | head -n 1 | cut -f 6 -d' ')"
VBOX_VERSION="${VBOX_VERSION//v}"
### Set up folders
@ -22,17 +22,17 @@ if command -v VirtualBox > /dev/null; then
mkdir -p /tmp/vbox
cd /tmp/vbox
### Download extension pack
logg info 'Downloading VirtualBox extension pack'
curl -sSL https://download.virtualbox.org/virtualbox/$VBOX_VERSION/Oracle_VM_VirtualBox_Extension_Pack-$VBOX_VERSION.vbox-extpack -o /tmp/vbox/Oracle_VM_VirtualBox_Extension_Pack-$VBOX_VERSION.vbox-extpack || logg error 'Failed to download the VirtualBox extension pack so the extension pack installation will be skipped'
gum log -sl info 'Downloading VirtualBox extension pack'
curl -sSL https://download.virtualbox.org/virtualbox/$VBOX_VERSION/Oracle_VM_VirtualBox_Extension_Pack-$VBOX_VERSION.vbox-extpack -o /tmp/vbox/Oracle_VM_VirtualBox_Extension_Pack-$VBOX_VERSION.vbox-extpack || gum log -sl error 'Failed to download the VirtualBox extension pack so the extension pack installation will be skipped'
### Install extension pack
if [ -f /tmp/vbox/Oracle_VM_VirtualBox_Extension_Pack-$VBOX_VERSION.vbox-extpack ]; then
logg info 'Installing VirtualBox extension pack'
gum log -sl info 'Installing VirtualBox extension pack'
echo 'y' | sudo VBoxManage extpack install --replace /tmp/vbox/Oracle_VM_VirtualBox_Extension_Pack-$VBOX_VERSION.vbox-extpack
logg success 'Successfully installed VirtualBox extension pack'
fi
else
logg info 'VirtualBox Extension pack is already installed'
gum log -sl info 'VirtualBox Extension pack is already installed'
fi
else
logg info 'VirtualBox is not installed so VirtualBox Extension pack will not be installed'
gum log -sl info 'VirtualBox is not installed so VirtualBox Extension pack will not be installed'
fi

50
home/dot_local/bin/post-installx/executable_post-vmware.sh
View file

@ -43,25 +43,25 @@
# * [Default license key gist](https://gist.github.com/PurpleVibe32/30a802c3c8ec902e1487024cdea26251)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Run logic if VMware is installed
if command -v vmware > /dev/null; then
### Build kernel modules if they are not present
if [ ! -f "/lib/modules/$(uname -r)/misc/vmmon.ko" ] || [ ! -f "/lib/modules/$(uname -r)/misc/vmnet.ko" ]; then
### Build VMWare host modules
logg info 'Building VMware host modules'
gum log -sl info 'Building VMware host modules'
if sudo vmware-modconfig --console --install-all; then
logg success 'Built VMWare host modules successfully with sudo vmware-modconfig --console --install-all'
else
logg info 'Acquiring VMware version from CLI'
gum log -sl info 'Acquiring VMware version from CLI'
VMW_VERSION="$(vmware --version | cut -f 3 -d' ')"
mkdir -p /tmp/vmw_patch
cd /tmp/vmw_patch
logg info 'Downloading VMware host module patches' && curl -sSL "https://github.com/mkubecek/vmware-host-modules/archive/workstation-$VMW_VERSION.tar.gz" -o /tmp/vmw_patch/workstation.tar.gz
gum log -sl info 'Downloading VMware host module patches' && curl -sSL "https://github.com/mkubecek/vmware-host-modules/archive/workstation-$VMW_VERSION.tar.gz" -o /tmp/vmw_patch/workstation.tar.gz
tar -xzf /tmp/vmw_patch/workstation.tar.gz
cd vmware*
logg info 'Running sudo make and sudo make install'
gum log -sl info 'Running sudo make and sudo make install'
sudo make
sudo make install
logg success 'Successfully configured VMware host module patches'
@ -69,7 +69,7 @@ if command -v vmware > /dev/null; then
### Sign VMware host modules if Secure Boot is enabled
if [ -f /sys/firmware/efi ]; then
logg info 'Signing host modules'
gum log -sl info 'Signing host modules'
mkdir -p /tmp/vmware
cd /tmp/vmware
openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER -out MOK.der -nodes -days 36500 -subj "/CN=VMware/"
@ -81,50 +81,50 @@ if command -v vmware > /dev/null; then
### Patch VMware with Unlocker
if [ ! -f /usr/lib/vmware/isoimages/darwin.iso ]; then
logg info 'Acquiring VMware Unlocker latest release version'
gum log -sl info 'Acquiring VMware Unlocker latest release version'
UNLOCKER_URL="$(curl -sSL 'https://api.github.com/repos/DrDonk/unlocker/releases/latest' | jq -r '.assets[0].browser_download_url')"
mkdir -p /tmp/vmware-unlocker
cd /tmp/vmware-unlocker
logg info 'Downloading unlocker.zip'
gum log -sl info 'Downloading unlocker.zip'
curl -sSL "$UNLOCKER_URL" -o unlocker.zip
unzip unlocker.zip
cd linux
logg info 'Running the unlocker'
gum log -sl info 'Running the unlocker'
echo "y" | sudo ./unlock
logg success 'Successfully unlocked VMware for macOS compatibility'
else
logg info '/usr/lib/vmware/isoimages/darwin.iso is already present on the system so VMware macOS unlocking will not be performed'
gum log -sl info '/usr/lib/vmware/isoimages/darwin.iso is already present on the system so VMware macOS unlocking will not be performed'
fi
if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
### Start / enable VMWare service
logg info 'Ensuring vmware.service is enabled and running'
gum log -sl info 'Ensuring vmware.service is enabled and running'
sudo systemctl enable vmware.service
sudo systemctl restart vmware.service
### Start / enable VMWare Workstation Server service
logg info 'Ensuring vmware-workstation-server.service is enabled and running'
gum log -sl info 'Ensuring vmware-workstation-server.service is enabled and running'
sudo systemctl enable vmware-workstation-server.service
sudo systemctl restart vmware-workstation-server.service
### Start / enable VMWare USB Arbitrator service
if command -v vmware-usbarbitrator.service > /dev/null; then
logg info 'Ensuring vmware-usbarbitrator.service is enabled and running'
gum log -sl info 'Ensuring vmware-usbarbitrator.service is enabled and running'
sudo systemctl enable vmware-usbarbitrator.service
sudo systemctl restart vmware-usbarbitrator.service
else
logg warn 'vmware-usbarbitrator does not exist in the PATH'
gum log -sl warn 'vmware-usbarbitrator does not exist in the PATH'
fi
fi
else
logg info 'VMware host modules are present'
gum log -sl info 'VMware host modules are present'
fi
else
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'System is macOS so there is no unlocker or modules that need to be enabled'
gum log -sl info 'System is macOS so there is no unlocker or modules that need to be enabled'
else
### Linux and VMWare not installed
logg warn 'VMware Workstation is not installed so the VMware Unlocker will not be installed'
gum log -sl warn 'VMware Workstation is not installed so the VMware Unlocker will not be installed'
fi
fi
@ -133,25 +133,25 @@ if command -v vagrant > /dev/null && command -v vmware-id > /dev/null; then
### Vagrant VMWare Utility configuration
if command -v vagrant-vmware-utility > /dev/null; then
if [ -f /usr/local/bin/certificates/vagrant-utility.key ]; then
logg info 'Assuming Vagrant VMWare Utility certificates have been properly generated since /usr/local/bin/certificates/vagrant-utility.key is present'
gum log -sl info 'Assuming Vagrant VMWare Utility certificates have been properly generated since /usr/local/bin/certificates/vagrant-utility.key is present'
else
logg info 'Generating Vagrant VMWare Utility certificates'
gum log -sl info 'Generating Vagrant VMWare Utility certificates'
sudo vagrant-vmware-utility certificate generate
logg success 'Generated Vagrant VMWare Utility certificates via vagrant-vmware-utility certificate generate'
fi
logg info 'Ensuring the Vagrant VMWare Utility service is enabled'
gum log -sl info 'Ensuring the Vagrant VMWare Utility service is enabled'
if VVU_OUTPUT=$(sudo vagrant-vmware-utility service install 2>&1); then
logg info 'sudo vagrant-vmware-utility service install successfully ran'
gum log -sl info 'sudo vagrant-vmware-utility service install successfully ran'
else
if echo $VVU_OUTPUT | grep 'service is already installed' > /dev/null; then
logg info 'Vagrant VMWare Utility is already installed'
gum log -sl info 'Vagrant VMWare Utility is already installed'
else
logg error 'An error occurred while running sudo vagrant-vmware-utility service install'
gum log -sl error 'An error occurred while running sudo vagrant-vmware-utility service install'
echo "$VVU_OUTPUT"
fi
fi
fi
else
logg info 'Vagrant is not installed so the Vagrant plugins will not be installed'
logg info 'Vagrant or VMWare is not installed so the Vagrant VMWare utility will not be configured'
gum log -sl info 'Vagrant is not installed so the Vagrant plugins will not be installed'
gum log -sl info 'Vagrant or VMWare is not installed so the Vagrant VMWare utility will not be configured'
fi

12
home/dot_local/bin/post-installx/executable_post-volta.sh
View file

@ -3,24 +3,24 @@
# @brief This script initializes Volta and ensures the latest version of node and yarn are installed
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
export VOLTA_HOME="${XDG_DATA_HOME:-$HOME/.local/share}/volta"
export PATH="$VOLTA_HOME/bin:$PATH"
### Disconnect from CloudFlare WARP (if connected)
if command -v warp-cli > /dev/null; then
warp-cli disconnect && logg info 'CloudFlare WARP temporarily disconnected while Volta installs Node / Yarn'
warp-cli disconnect && gum log -sl info 'CloudFlare WARP temporarily disconnected while Volta installs Node / Yarn'
fi
### Configure Volta if it is installed
if command -v volta > /dev/null; then
logg info 'Running volta setup'
gum log -sl info 'Running volta setup'
volta setup
logg info 'Installing latest version of Node.js via Volta'
gum log -sl info 'Installing latest version of Node.js via Volta'
volta install node@latest
logg info 'Installing latest version of Yarn via Volta'
gum log -sl info 'Installing latest version of Yarn via Volta'
volta install yarn@latest
else
logg info 'Volta is not installed'
gum log -sl info 'Volta is not installed'
fi

24
home/dot_local/bin/post-installx/executable_post-vscode.sh
View file

@ -73,7 +73,7 @@
# * [Visual Studio Code `extensions.json`](https://github.com/megabyte-labs/install.doctor/blob/master/home/dot_config/Code/User/extensions.json)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Hides useless error during extension installations
# Error looks like:
@ -86,36 +86,36 @@ if command -v code > /dev/null; then
EXTENSIONS="$(code --list-extensions)"
jq -r '.recommendations[]' "${XDG_CONFIG_HOME:-$HOME/.config}/Code/User/extensions.json" | while read EXTENSION; do
if ! echo "$EXTENSIONS" | grep -iF "$EXTENSION" > /dev/null; then
logg info 'Installing Visual Studio Code extension '"$EXTENSION"'' && code --install-extension "$EXTENSION"
gum log -sl info 'Installing Visual Studio Code extension '"$EXTENSION"'' && code --install-extension "$EXTENSION"
logg success 'Installed '"$EXTENSION"''
else
logg info ''"$EXTENSION"' already installed'
gum log -sl info ''"$EXTENSION"' already installed'
fi
done
else
logg info 'code executable not available - skipping plugin install process for it'
gum log -sl info 'code executable not available - skipping plugin install process for it'
fi
if command -v code > /dev/null && command -v npm > /dev/null && [ -f "${XDG_DATA_HOME:-$HOME/.local/share}/vscode/package.json" ]; then
### Install linter fallback node_modules / package.json to system or home directory
if sudo cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/vscode/package.json" /package.json; then
logg info 'Successfully copied linter fallback configurations package.json to /package.json'
logg info 'Installing system root directory node_modules'
gum log -sl info 'Successfully copied linter fallback configurations package.json to /package.json'
gum log -sl info 'Installing system root directory node_modules'
cd / && sudo npm i --quiet --no-progress --no-package-lock || EXIT_CODE=$?
else
logg warn 'Unable to successfully copy linter fallback configurations package.json to /package.json'
logg info 'Installing linter fallback configurations node_modules to home directory instead'
gum log -sl warn 'Unable to successfully copy linter fallback configurations package.json to /package.json'
gum log -sl info 'Installing linter fallback configurations node_modules to home directory instead'
cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/vscode/package.json" "$HOME/package.json"
cd ~ && npm i --quiet --no-progress --no-package-lock || EXIT_CODE=$?
fi
### Log message if install failed
if [ -n "${EXIT_CODE:-}" ]; then
logg warn 'Possible error(s) were detected while installing linter fallback configurations to the home directory.'
logg info "Exit code: $EXIT_CODE"
gum log -sl warn 'Possible error(s) were detected while installing linter fallback configurations to the home directory.'
gum log -sl info "Exit code: $EXIT_CODE"
else
logg info 'Installed linter fallback configuration node_modules'
gum log -sl info 'Installed linter fallback configuration node_modules'
fi
else
logg info 'Skipping installation of fallback linter configurations because one or more of the dependencies is missing.'
gum log -sl info 'Skipping installation of fallback linter configurations because one or more of the dependencies is missing.'
fi

78
home/dot_local/bin/post-installx/executable_post-warp.sh
View file

@ -51,7 +51,7 @@
# * [macOS managed configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/Library/Managed%20Preferences/private_com.cloudflare.warp.plist.tmpl)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
SSL_CERT_PATH="/etc/ssl/cert.pem"
### Install CloudFlare WARP (on non-WSL *nix systems)
@ -61,14 +61,14 @@ if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
if [ ! -d "/Applications/Cloudflare WARP.app" ]; then
brew install --cask --no-quarantine --quiet cloudflare-warp
else
logg info 'Cloudflare WARP already installed'
gum log -sl info 'Cloudflare WARP already installed'
fi
elif [ -n "$(uname -a | grep Debian)" ]; then
### Add CloudFlare WARP desktop app apt-get source
if [ ! -f /etc/apt/sources.list.d/cloudflare-client.list ]; then
logg info 'Adding CloudFlare WARP keyring'
gum log -sl info 'Adding CloudFlare WARP keyring'
curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
logg info 'Adding apt source reference'
gum log -sl info 'Adding apt source reference'
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
fi
@ -77,9 +77,9 @@ if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
elif [ -n "$(uname -a | grep Ubuntu)" ]; then
### Add CloudFlare WARP desktop app apt-get source
if [ ! -f /etc/apt/sources.list.d/cloudflare-client.list ]; then
logg info 'Adding CloudFlare WARP keyring'
gum log -sl info 'Adding CloudFlare WARP keyring'
curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg
logg info 'Adding apt source reference'
gum log -sl info 'Adding apt source reference'
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflare-client.list
fi
@ -89,13 +89,13 @@ if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
### This is made for CentOS 8 and works on Fedora 36 (hopefully 36+ as well) with `nss-tools` as a dependency
sudo dnf instal -y nss-tools || NSS_TOOL_EXIT=$?
if [ -n "${NSS_TOOL_EXIT:-}" ]; then
logg warn 'Unable to install nss-tools which was a requirement on Fedora 36 and assumed to be one on other systems as well.'
gum log -sl warn 'Unable to install nss-tools which was a requirement on Fedora 36 and assumed to be one on other systems as well.'
fi
### According to the download site, this is the only version available for RedHat-based systems
sudo rpm -ivh https://pkg.cloudflareclient.com/cloudflare-release-el8.rpm || RPM_EXIT_CODE=$?
if [ -n "${RPM_EXIT_CODE:-}" ]; then
logg error 'Unable to install CloudFlare WARP using RedHat 8 RPM package'
gum log -sl error 'Unable to install CloudFlare WARP using RedHat 8 RPM package'
fi
fi
fi
@ -107,54 +107,54 @@ if [ -d /System ] && [ -d /Applications ] && command -v warp-cli > /dev/null; th
### Ensure certificate installed on macOS
if [ -z "$SSH_CONNECTION" ]; then
# if [ -z "$HEADLESS_INSTALL" ]; then
# logg info '**macOS Manual Security Permission** Requesting security authorization for Cloudflare trusted certificate'
# gum log -sl info '**macOS Manual Security Permission** Requesting security authorization for Cloudflare trusted certificate'
# sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt"
# fi
logg info 'Updating the OpenSSL CA Store to include the Cloudflare certificate'
gum log -sl info 'Updating the OpenSSL CA Store to include the Cloudflare certificate'
echo | sudo tee -a "$SSL_CERT_PATH" < "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" > /dev/null
echo "" | sudo tee -a "$SSL_CERT_PATH"
else
logg warn 'Session is SSH so adding Cloudflare encryption key to trusted certificates via the security program is being bypassed since it requires Touch ID / Password verification.'
gum log -sl warn 'Session is SSH so adding Cloudflare encryption key to trusted certificates via the security program is being bypassed since it requires Touch ID / Password verification.'
fi
if [ -f "/usr/local/opt/openssl@3/bin/c_rehash" ]; then
# Location on Intel macOS
logg info 'Ensuring /usr/local/etc/openssl@3/certs directory exists' && mkdir -p /usr/local/etc/openssl@3/certs
logg info 'Adding Cloudflare certificate to /usr/local/etc/openssl@3/certs/Cloudflare_CA.pem'
gum log -sl info 'Ensuring /usr/local/etc/openssl@3/certs directory exists' && mkdir -p /usr/local/etc/openssl@3/certs
gum log -sl info 'Adding Cloudflare certificate to /usr/local/etc/openssl@3/certs/Cloudflare_CA.pem'
echo | sudo cat - "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" >> /usr/local/etc/openssl@3/certs/Cloudflare_CA.pem
logg info 'Running /usr/local/opt/openssl@3/bin/c_rehash'
/usr/local/opt/openssl@3/bin/c_rehash > /dev/null && logg info 'OpenSSL certificate rehash successful'
gum log -sl info 'Running /usr/local/opt/openssl@3/bin/c_rehash'
/usr/local/opt/openssl@3/bin/c_rehash > /dev/null && gum log -sl info 'OpenSSL certificate rehash successful'
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/opt/openssl@3/bin/c_rehash" ]; then
# Location on arm64 macOS and custom Homebrew locations
logg info "Ensuring ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/openssl@3/certs directory exists" && mkdir -p "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/openssl@3/certs"
logg info "Adding Cloudflare certificate to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/openssl@3/certs/Cloudflare_CA.pem"
gum log -sl info "Ensuring ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/openssl@3/certs directory exists" && mkdir -p "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/openssl@3/certs"
gum log -sl info "Adding Cloudflare certificate to ${HOMEBREW_PREFIX:-/opt/homebrew}/etc/openssl@3/certs/Cloudflare_CA.pem"
echo | sudo cat - "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" >> "${HOMEBREW_PREFIX:-/opt/homebrew}/etc/openssl@3/certs/Cloudflare_CA.pem"
logg info "Running ${HOMEBREW_PREFIX:-/opt/homebrew}/opt/openssl@3/bin/c_rehash"
"${HOMEBREW_PREFIX:-/opt/homebrew}/opt/openssl@3/bin/c_rehash" > /dev/null && logg info 'OpenSSL certificate rehash successful'
gum log -sl info "Running ${HOMEBREW_PREFIX:-/opt/homebrew}/opt/openssl@3/bin/c_rehash"
"${HOMEBREW_PREFIX:-/opt/homebrew}/opt/openssl@3/bin/c_rehash" > /dev/null && gum log -sl info 'OpenSSL certificate rehash successful'
else
logg warn 'Unable to add Cloudflare_CA.pem because /usr/local/etc/openssl@3/certs and /opt/homebrew/etc/openssl@3/certs do not exist!'
gum log -sl warn 'Unable to add Cloudflare_CA.pem because /usr/local/etc/openssl@3/certs and /opt/homebrew/etc/openssl@3/certs do not exist!'
fi
elif command -v warp-cli > /dev/null; then
# System is Linux
if command -v dpkg-reconfigure > /dev/null; then
if [ -d /usr/local/share/ca-certificates ]; then
logg info 'Copying CloudFlare Teams PEM file to /usr/local/share/ca-certificates/Cloudflare_CA.crt'
gum log -sl info 'Copying CloudFlare Teams PEM file to /usr/local/share/ca-certificates/Cloudflare_CA.crt'
sudo cp -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" /usr/local/share/ca-certificates/Cloudflare_CA.crt
logg info 'dpkg-reconfigure executable detected so using Debian/Ubuntu method of updating system trusted certificates to include CloudFlare Teams certificate'
gum log -sl info 'dpkg-reconfigure executable detected so using Debian/Ubuntu method of updating system trusted certificates to include CloudFlare Teams certificate'
sudo dpkg-reconfigure ca-certificates -p high
SSL_CERT_PATH="/etc/ssl/certs/ca-certificates.crt"
else
logg warn 'No /usr/local/share/ca-certificates folder present'
gum log -sl warn 'No /usr/local/share/ca-certificates folder present'
fi
elif command -v update-ca-trust > /dev/null; then
if [ -d /etc/pki/ca-trust/source/anchors ]; then
logg info 'Copying CloudFlare Teams certificates to /etc/pki/ca-trust/source/anchors'
gum log -sl info 'Copying CloudFlare Teams certificates to /etc/pki/ca-trust/source/anchors'
sudo cp -f "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.crt" "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" /etc/pki/ca-trust/source/anchors
logg info 'update-ca-trust executable detected so using CentOS/Fedora method of updating system trusted certificates to include CloudFlare Teams certificate'
gum log -sl info 'update-ca-trust executable detected so using CentOS/Fedora method of updating system trusted certificates to include CloudFlare Teams certificate'
sudo update-ca-trust
SSL_CERT_PATH="/etc/pki/tls/certs/ca-bundle.crt"
else
logg warn '/etc/pki/ca-trust/source/anchors does not exist so skipping the system certificate update process'
gum log -sl warn '/etc/pki/ca-trust/source/anchors does not exist so skipping the system certificate update process'
fi
fi
fi
@ -166,13 +166,13 @@ if command -v warp-cli > /dev/null; then
# certificate and the WARP client is not running.
### Git
if command -v git > /dev/null; then
logg info "Configuring git to use $SSL_CERT_PATH"
gum log -sl info "Configuring git to use $SSL_CERT_PATH"
git config --global http.sslcainfo "$SSL_CERT_PATH"
fi
### NPM
if command -v npm > /dev/null; then
logg info "Configuring npm to use $SSL_CERT_PATH"
gum log -sl info "Configuring npm to use $SSL_CERT_PATH"
npm config set cafile "$SSL_CERT_PATH"
fi
@ -181,22 +181,22 @@ if command -v warp-cli > /dev/null; then
### Ensure Certifi package is available globally
if ! pip3 list | grep certifi > /dev/null; then
if command -v brew > /dev/null; then
logg info 'Ensuring Python certifi is installed via Homebrew'
gum log -sl info 'Ensuring Python certifi is installed via Homebrew'
brew install --quiet certifi
else
logg info 'Ensuring certifi is installed globally for Python 3'
gum log -sl info 'Ensuring certifi is installed globally for Python 3'
pip3 install certifi
fi
fi
### Copy CloudFlare PEM file to Python 3 location
logg info "Configuring python3 / python to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem""
gum log -sl info "Configuring python3 / python to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem""
echo | cat - "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" >> $(python3 -m certifi)
fi
### Google Cloud SDK
if command -v gcloud > /dev/null; then
logg info "Configuring gcloud to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" and "$HOME/.local/etc/ssl/gcloud/ca.pem""
gum log -sl info "Configuring gcloud to use "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" and "$HOME/.local/etc/ssl/gcloud/ca.pem""
mkdir -p "$HOME/.local/etc/ssl/gcloud"
cat "$HOME/.local/etc/ssl/curl/cacert.pem" "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" > "$HOME/.local/etc/ssl/gcloud/ca.pem"
gcloud config set core/custom_ca_certs_file "$HOME/.local/etc/ssl/gcloud/ca.pem"
@ -205,12 +205,12 @@ if command -v warp-cli > /dev/null; then
### Google Drive for desktop (macOS)
if [ -d "/Applications/Google Drive.app" ]; then
if [ -d "/Applications/Google Drive.app/Contents/Resources" ]; then
logg info "Combining Google Drive roots.pem with CloudFlare certificate"
gum log -sl info "Combining Google Drive roots.pem with CloudFlare certificate"
mkdir -p "$HOME/.local/etc/ssl/google-drive"
cat "$HOME/.local/etc/ssl/cloudflare/Cloudflare_CA.pem" "/Applications/Google Drive.app/Contents/Resources/roots.pem" >> "$HOME/.local/etc/ssl/google-drive/roots.pem"
sudo defaults write /Library/Preferences/com.google.drivefs.settings TrustedRootsCertsFile -string "$HOME/.local/etc/ssl/google-drive/roots.pem"
else
logg warn 'Google Drive.app installed but roots.pem is not available yet'
gum log -sl warn 'Google Drive.app installed but roots.pem is not available yet'
fi
fi
@ -235,19 +235,19 @@ if command -v warp-cli > /dev/null; then
### Register CloudFlare WARP
if warp-cli --accept-tos status | grep 'Registration Missing' > /dev/null; then
logg info 'Registering CloudFlare WARP'
gum log -sl info 'Registering CloudFlare WARP'
warp-cli --accept-tos registration new
else
logg info 'Either there is a misconfiguration or the device is already registered with CloudFlare WARP'
gum log -sl info 'Either there is a misconfiguration or the device is already registered with CloudFlare WARP'
fi
### Connect CloudFlare WARP
if warp-cli --accept-tos status | grep 'Disconnected' > /dev/null; then
logg info 'Connecting to CloudFlare WARP'
gum log -sl info 'Connecting to CloudFlare WARP'
warp-cli --accept-tos connect > /dev/null && logg success 'Connected to CloudFlare WARP'
else
logg info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP'
gum log -sl info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP'
fi
else
logg warn 'warp-cli was not installed so CloudFlare WARP cannot be joined'
gum log -sl warn 'warp-cli was not installed so CloudFlare WARP cannot be joined'
fi

32
home/dot_local/bin/post-installx/executable_post-wazuh.sh
View file

@ -3,24 +3,24 @@
# @brief Installs the Wazuh client and connects to the manager if configured to do so through secrets / environment variables
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Ensure secrets
get-secret --exists WAZUH_MANAGER WAZUH_REGISTRATION_PASSWORD
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Downloading the macOS Wazuh agent pkg'
gum log -sl info 'Downloading the macOS Wazuh agent pkg'
if [[ $(uname -m) == 'arm64' ]]; then
PKG_URL="https://packages.wazuh.com/4.x/macos/wazuh-agent-4.7.4-1.arm64.pkg"
else
PKG_URL="https://packages.wazuh.com/4.x/macos/wazuh-agent-4.7.4-1.intel64.pkg"
fi
wget -q "$PKG_URL" -O /tmp/wazuh-agent.pkg &> /dev/null
logg info 'Setting Wazuh launch parameters in /tmp/wazuh_envs'
gum log -sl info 'Setting Wazuh launch parameters in /tmp/wazuh_envs'
# https://documentation.wazuh.com/current/user-manual/agent/deployment-variables/deployment-variables-macos.html
echo "WAZUH_MANAGER="$(get-secret WAZUH_MANAGER)" && WAZUH_REGISTRATION_PASSWORD="$(get-secret WAZUH_REGISTRATION_PASSWORD)"" > /tmp/wazuh_envs
logg info 'Installing the Wazuh agent pkg'
gum log -sl info 'Installing the Wazuh agent pkg'
sudo installer -pkg /tmp/wazuh-agent.pkg -target /
sudo chmod 755 /Library/Ossec
sudo chmod 755 /Library/Ossec/bin
@ -28,31 +28,31 @@ if [ -d /Applications ] && [ -d /System ]; then
sudo chmod +x "$BIN_FILE"
done
rm -f /tmp/wazuh-agent.pkg
logg info 'Running sudo wazuh-control start'
gum log -sl info 'Running sudo wazuh-control start'
sudo wazuh-control start
else
if command -v apt-get > /dev/null; then
logg info 'Importing GPG-KEY-WAZUH'
gum log -sl info 'Importing GPG-KEY-WAZUH'
curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | sudo gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import
sudo chmod 644 /usr/share/keyrings/wazuh.gpg
echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | sudo tee -a /etc/apt/sources.list.d/wazuh.list
sudo apt-get update
logg info 'Installing the Wazuh agent'
gum log -sl info 'Installing the Wazuh agent'
sudo apt-get install -y wazuh-agent
elif command -v dnf > /dev/null; then
logg info 'Configuring /etc/yum.repos.d/wazuh.repo'
gum log -sl info 'Configuring /etc/yum.repos.d/wazuh.repo'
echo "[wazuh]" | sudo tee -a /etc/yum.repos.d/wazuh.repo && echo "gpgcheck=1" | sudo tee -a /etc/yum.repos.d/wazuh.repo
echo "gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH" | sudo tee -a /etc/yum.repos.d/wazuh.repo
echo "enabled=1" | sudo tee -a /etc/yum.repos.d/wazuh.repo
echo "name=EL-\$releasever - Wazuh" | sudo tee -a /etc/yum.repos.d/wazuh.repo
echo "baseurl=https://packages.wazuh.com/4.x/yum/" | sudo tee -a /etc/yum.repos.d/wazuh.repo
echo "protect=1" | sudo tee -a /etc/yum.repos.d/wazuh.repo
logg info 'Importing GPG-KEY-WAZUH'
gum log -sl info 'Importing GPG-KEY-WAZUH'
sudo rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH
logg info 'Installing Wazuh agent'
gum log -sl info 'Installing Wazuh agent'
sudo dnf install -y wazuh-agent
elif command -v zypper > /dev/null; then
logg info 'Configuring /etc/zypp/repos.d/wazuh.repo'
gum log -sl info 'Configuring /etc/zypp/repos.d/wazuh.repo'
echo "[wazuh]" | sudo tee -a /etc/zypp/repos.d/wazuh.repo
echo "gpgcheck=1" | sudo tee -a /etc/zypp/repos.d/wazuh.repo
echo "gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH" | sudo tee -a /etc/zypp/repos.d/wazuh.repo
@ -60,17 +60,17 @@ else
echo "name=EL-$releasever - Wazuh" | sudo tee -a /etc/zypp/repos.d/wazuh.repo
echo "baseurl=https://packages.wazuh.com/4.x/yum/" | sudo tee -a /etc/zypp/repos.d/wazuh.repo
echo "protect=1" | sudo tee -a /etc/zypp/repos.d/wazuh.repo
logg info 'Importing GPG-KEY-WAZUH'
gum log -sl info 'Importing GPG-KEY-WAZUH'
sudo rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH
logg info 'Installing Wazuh agent'
gum log -sl info 'Installing Wazuh agent'
sudo zypper install -y wazuh-agent
elif command -v apk > /dev/null; then
logg info 'Importing Wazuh repository'
gum log -sl info 'Importing Wazuh repository'
sudo wget -O /etc/apk/keys/alpine-devel@wazuh.com-633d7457.rsa.pub https://packages.wazuh.com/key/alpine-devel%40wazuh.com-633d7457.rsa.pub
echo "https://packages.wazuh.com/4.x/alpine/v3.12/main" | sudo tee -a /etc/apk/repositories
logg info 'Running sudo apk update'
gum log -sl info 'Running sudo apk update'
sudo apk update
logg info 'Installing Wazuh agent'
gum log -sl info 'Installing Wazuh agent'
sudo apk add wazuh-agent
fi
fi

8
home/dot_local/bin/post-installx/executable_post-wireguard-tools.sh
View file

@ -21,15 +21,15 @@
# * [VPN profile documentation](https://install.doctor/docs/customization/secrets#vpn-profiles)
set -Eeuo pipefail
trap "logg error 'Script encountered an error!'" ERR
trap "gum log -sl error 'Script encountered an error!'" ERR
### Backs up previous network settings to `/Library/Preferences/com.apple.networkextension.plist.old` before applying new VPN profiles
logg info 'Backing up /Library/Preferences/com.apple.networkextension.plist to /Library/Preferences/com.apple.networkextension.plist.old'
gum log -sl info 'Backing up /Library/Preferences/com.apple.networkextension.plist to /Library/Preferences/com.apple.networkextension.plist.old'
sudo cp -f /Library/Preferences/com.apple.networkextension.plist /Library/Preferences/com.apple.networkextension.plist.old
### Ensures the `/etc/wireguard` directory exists and has the lowest possible permission-level
if [ ! -d /etc/wireguard ]; then
logg info 'Creating /etc/wireguard since it does not exist yet'
gum log -sl info 'Creating /etc/wireguard since it does not exist yet'
sudo mkdir -p /etc/wireguard
sudo chmod 600 /etc/wireguard
fi
@ -38,6 +38,6 @@ fi
### Cycles through the `*.conf` files in `${XDG_CONFIG_HOME:-$HOME/.config}/vpn` and adds them to the `/etc/wireguard` folder
find "${XDG_CONFIG_HOME:-$HOME/.config}/vpn" -mindepth 1 -maxdepth 1 -type f -name "*.conf" | while read WG_CONF; do
WG_FILE="$(basename "$WG_CONF")"
logg info 'Adding '"$WG_FILE"' to /etc/wireguard'
gum log -sl info 'Adding '"$WG_FILE"' to /etc/wireguard'
sudo cp -f "$WG_CONF" "/etc/wireguard/$WG_FILE"
done

10
home/dot_local/bin/setup/executable_setup-certbot.tmpl
View file

@ -18,7 +18,7 @@
if command -v certbot > /dev/null; then
### Ensure configuration files are in place
if [ -f "$HOME/.local/etc/letsencrypt/dns-cloudflare.ini" ] && [ -f "$HOME/.local/etc/letsencrypt/letsencryptcli.ini" ]; then
logg info 'Copying Lets Encrypt / Certbot configurations to /etc/letsencrypt'
gum log -sl info 'Copying Lets Encrypt / Certbot configurations to /etc/letsencrypt'
sudo mkdir -p /etc/letsencrypt
sudo cp -f "$HOME/.local/etc/letsencrypt/dns-cloudflare.ini" /etc/letsencrypt/dns-cloudflare.ini
sudo cp -f "$HOME/.local/etc/letsencrypt/letsencryptcli.ini" /etc/letsencrypt/letsencryptcli.ini
@ -26,9 +26,9 @@ if command -v certbot > /dev/null; then
### Ensure certificate is present
if [ -f '/etc/letsencrypt/live/{{ .host.domain }}/cert.pem' ]; then
logg info 'LetsEncrypt SSL certificate is already available'
gum log -sl info 'LetsEncrypt SSL certificate is already available'
else
logg info 'Acquiring certbot LetsEncrypt SSL certificates'
gum log -sl info 'Acquiring certbot LetsEncrypt SSL certificates'
certbot certonly --noninteractive --dns-cloudflare --agree-tos --email '{{ .user.cloudflare.username }}' --dns-cloudflare-propagation-seconds 14 -d '*.{{ .host.domain }},*.lab.{{ .host.domain }},*.{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
fi
@ -36,9 +36,9 @@ if command -v certbot > /dev/null; then
if ! sudo crontab -l | grep "$(which certbot) renew --quiet" > /dev/null; then
TMP="$(mktemp)"
echo "30 3 * * * $(which certbot) renew --quiet" > "$TMP"
logg info 'Adding certbot renew entry to crontab'
gum log -sl info 'Adding certbot renew entry to crontab'
sudo crontab < "$TMP"
fi
else
logg warn 'certbot is not available. SSL certificate issuance cannot be run without it.'
gum log -sl warn 'certbot is not available. SSL certificate issuance cannot be run without it.'
fi

708
scripts/software.yml.backup
View file

File diff suppressed because one or more lines are too long

34
software.yml
View file

@ -2324,14 +2324,14 @@ softwarePackages:
script: |
#!/usr/bin/env bash
if [ ! -f "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins/docker-pushrm" ]; then
logg info 'Acquiring release information for Docker push-rm'
gum log -sl info 'Acquiring release information for Docker push-rm'
RELEASE_TAG="$(curl -sSL https://api.github.com/repos/christian-korneck/docker-pushrm/releases/latest | jq -r '.tag_name')"
mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins"
logg info 'Downloading Docker push-rm' && curl https://github.com/christian-korneck/docker-pushrm/releases/download/$RELEASE_TAG/docker-pushrm_darwin_amd64 -o "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins/docker-pushrm"
gum log -sl info 'Downloading Docker push-rm' && curl https://github.com/christian-korneck/docker-pushrm/releases/download/$RELEASE_TAG/docker-pushrm_darwin_amd64 -o "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins/docker-pushrm"
chmod +x "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins/docker-pushrm"
logg success 'Added Docker push-rm'
else
logg info 'Docker push-rm already added'
gum log -sl info 'Docker push-rm already added'
fi
docker-slim:
_bin: slim
@ -5121,8 +5121,8 @@ softwarePackages:
_home: https://iterm2.com/
_name: iTerm2
_post:cask: |
logg info "Setting iTerm2 options location to Install Doctor Chezmoi location" && defaults write com.googlecode.iterm2 PrefsCustomFolder -string "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/Library/Preferences/com.googlecode.iterm2.plist"
logg info "Setting iTerm2 to automatically sync with managed options" && defaults write com.googlecode.iterm2 NoSyncNeverRemindPrefsChangesLostForFile_selection -int 2
gum log -sl info "Setting iTerm2 options location to Install Doctor Chezmoi location" && defaults write com.googlecode.iterm2 PrefsCustomFolder -string "${XDG_DATA_HOME:-$HOME/.local/share}/chezmoi/home/Library/Preferences/com.googlecode.iterm2.plist"
gum log -sl info "Setting iTerm2 to automatically sync with managed options" && defaults write com.googlecode.iterm2 NoSyncNeverRemindPrefsChangesLostForFile_selection -int 2
_short: "iTerm2 is a popular terminal emulator for macOS with advanced features like split panes, search, autocomplete, and more."
cask: iterm2
java:
@ -9515,7 +9515,7 @@ softwarePackages:
# website](https://sdkman.io/).
### Re-source ~/.bashrc
if [ -z "$SDKMAN_DIR" ]; then
logg info 'SDKMAN_DIR is undefined so ~/.bashrc is being re-sourced' && source ~/.bashrc
gum log -sl info 'SDKMAN_DIR is undefined so ~/.bashrc is being re-sourced' && source ~/.bashrc
fi
### SDKMan ~/.bashrc settings
if command -v brew > /dev/null && command -v sdkman-cli > /dev/null; then
@ -9529,22 +9529,22 @@ softwarePackages:
fi
### Ensure SDKMan is installed (https://sdkman.io/)
if [ ! -d "$SDKMAN_DIR" ]; then
logg info 'Installing SDKMan via curl -s https://get.sdkman.io?rcupdate=false'
logg info "Install directory: $SDKMAN_DIR"
gum log -sl info 'Installing SDKMan via curl -s https://get.sdkman.io?rcupdate=false'
gum log -sl info "Install directory: $SDKMAN_DIR"
curl -s "https://get.sdkman.io?rcupdate=false" | bash
if [ -f "$SDKMAN_DIR/bin/sdkman-init.sh" ]; then
. "$SDKMAN_DIR/bin/sdkman-init.sh"
logg info 'Running sdk install java' && sdk install java
gum log -sl info 'Running sdk install java' && sdk install java
else
logg warn 'SDKMAN_DIR/bin/sdkman-init.sh is missing'
gum log -sl warn 'SDKMAN_DIR/bin/sdkman-init.sh is missing'
fi
else
logg info 'SDKMan appears to already be installed.'
logg info 'Running sdk update'
gum log -sl info 'SDKMan appears to already be installed.'
gum log -sl info 'Running sdk update'
if command -v sdk > /dev/null; then
sdk update
else
logg warn 'Unable to run sdk update because the sdk command is unavailable'
gum log -sl warn 'Unable to run sdk update because the sdk command is unavailable'
fi
fi
seafile-client:
@ -11340,16 +11340,16 @@ softwarePackages:
VMWARE_WORKSTATION_URL=https://www.vmware.com/go/getworkstation-linux
VMWARE_WORKSTATION_DIR=/tmp/workstation-downloads
mkdir -p "$VMWARE_WORKSTATION_DIR"
logg info 'Downloading VMware Workstation Installer' && curl -sSLA "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20220101 Firefox/102.0" "$VMWARE_WORKSTATION_URL" -o "$VMWARE_WORKSTATION_DIR/tryworkstation-linux-64.sh"
gum log -sl info 'Downloading VMware Workstation Installer' && curl -sSLA "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20220101 Firefox/102.0" "$VMWARE_WORKSTATION_URL" -o "$VMWARE_WORKSTATION_DIR/tryworkstation-linux-64.sh"
### Register product key / license
if [ -n "$VMWARE_WORKSTATION_LICENSE_KEY" ]; then
logg info 'Registering VMware Workstation Pro license with serial number' && sudo "$VMWARE_WORKSTATION_DIR/tryworkstation-linux-64.sh" --eulas-agreed --console --required --set-setting vmware-workstation serialNumber "$VMWARE_WORKSTATION_LICENSE_KEY"
gum log -sl info 'Registering VMware Workstation Pro license with serial number' && sudo "$VMWARE_WORKSTATION_DIR/tryworkstation-linux-64.sh" --eulas-agreed --console --required --set-setting vmware-workstation serialNumber "$VMWARE_WORKSTATION_LICENSE_KEY"
else
logg info 'Agreeing to VMWare Workstation Pro license (without serial number)' && sudo "$VMWARE_WORKSTATION_DIR/tryworkstation-linux-64.sh" --eulas-agreed --console --required
gum log -sl info 'Agreeing to VMWare Workstation Pro license (without serial number)' && sudo "$VMWARE_WORKSTATION_DIR/tryworkstation-linux-64.sh" --eulas-agreed --console --required
fi
logg success 'VMware Workstation installed successfully'
else
logg info 'VMware Workstation is already installed'
gum log -sl info 'VMware Workstation is already installed'
fi
volta:
_bin: volta