This commit is contained in:
Brian Zalewski 2023-12-05 19:40:25 +00:00
parent 3fb2ed2a8a
commit e12fb48312
5 changed files with 92 additions and 23 deletions

View file

@ -201,10 +201,10 @@ ensureHomebrew() {
### Installs Homebrew and addresses a couple potential issues ### Installs Homebrew and addresses a couple potential issues
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
logg info "Installing Homebrew" logg info "Installing Homebrew"
echo | /bin/bash -c "$(curl -fsSL --compressed https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" echo | /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
else else
logg info "Homebrew is not installed. The script will attempt to install Homebrew and you might be prompted for your password." logg info "Homebrew is not installed. The script will attempt to install Homebrew and you might be prompted for your password."
/bin/bash -c "$(curl -fsSL --compressed https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
if [ -n "$BREW_EXIT_CODE" ]; then if [ -n "$BREW_EXIT_CODE" ]; then
if command -v brew > /dev/null; then if command -v brew > /dev/null; then
logg warn "Homebrew was installed but part of the installation failed. Trying a few things to fix the installation.." logg warn "Homebrew was installed but part of the installation failed. Trying a few things to fix the installation.."
@ -222,8 +222,10 @@ ensureHomebrew() {
### Ensures the `brew` binary is available on Linux machines. macOS installs `brew` into the default `PATH` so nothing needs to be done for macOS. ### Ensures the `brew` binary is available on Linux machines. macOS installs `brew` into the default `PATH` so nothing needs to be done for macOS.
if [ -d /home/linuxbrew/.linuxbrew/bin ]; then if [ -d /home/linuxbrew/.linuxbrew/bin ]; then
logg info "Sourcing shellenv from /home/linuxbrew/.linuxbrew/bin/brew" && eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" logg info "Sourcing shellenv from /home/linuxbrew/.linuxbrew/bin/brew" && eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
elif [ -f /opt/homebrew/bin/brew ]; then elif [ -f /usr/local/bin/brew ]; then
logg info "Sourcing shellenv from /opt/homebrew/bin/brew" && eval "$(/opt/homebrew/bin/brew shellenv)" logg info "Sourcing shellenv from /usr/local/bin/brew" && eval "$(/usr/local/bin/brew shellenv)"
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" ]; then
logg info "Sourcing shellenv from "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew"" && eval "$("${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" shellenv)"
fi fi
fi fi
fi fi
@ -231,7 +233,7 @@ ensureHomebrew() {
### Ensure GCC is installed via Homebrew ### Ensure GCC is installed via Homebrew
if command -v brew > /dev/null; then if command -v brew > /dev/null; then
if ! brew list | grep gcc > /dev/null; then if ! brew list | grep gcc > /dev/null; then
logg info "Installing Homebrew gcc" && brew install gcc logg info "Installing Homebrew gcc" && brew install --quiet gcc
fi fi
else else
logg error "Failed to initialize Homebrew" && exit 2 logg error "Failed to initialize Homebrew" && exit 2
@ -241,7 +243,7 @@ ensureHomebrew
# @description Ensures `cloudflared` is installed via Homebrew # @description Ensures `cloudflared` is installed via Homebrew
if ! command -v cloudflared > /dev/null; then if ! command -v cloudflared > /dev/null; then
brew install cloudflared brew install --quiet cloudflared
fi fi
# @description Detect the SSH port being used # @description Detect the SSH port being used

View file

@ -170,10 +170,10 @@ ensureHomebrew() {
### Installs Homebrew and addresses a couple potential issues ### Installs Homebrew and addresses a couple potential issues
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
logg info "Installing Homebrew" logg info "Installing Homebrew"
echo | /bin/bash -c "$(curl -fsSL --compressed https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" echo | /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
else else
logg info "Homebrew is not installed. The script will attempt to install Homebrew and you might be prompted for your password." logg info "Homebrew is not installed. The script will attempt to install Homebrew and you might be prompted for your password."
/bin/bash -c "$(curl -fsSL --compressed https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
if [ -n "$BREW_EXIT_CODE" ]; then if [ -n "$BREW_EXIT_CODE" ]; then
if command -v brew > /dev/null; then if command -v brew > /dev/null; then
logg warn "Homebrew was installed but part of the installation failed. Trying a few things to fix the installation.." logg warn "Homebrew was installed but part of the installation failed. Trying a few things to fix the installation.."
@ -191,8 +191,10 @@ ensureHomebrew() {
### Ensures the `brew` binary is available on Linux machines. macOS installs `brew` into the default `PATH` so nothing needs to be done for macOS. ### Ensures the `brew` binary is available on Linux machines. macOS installs `brew` into the default `PATH` so nothing needs to be done for macOS.
if [ -d /home/linuxbrew/.linuxbrew/bin ]; then if [ -d /home/linuxbrew/.linuxbrew/bin ]; then
logg info "Sourcing shellenv from /home/linuxbrew/.linuxbrew/bin/brew" && eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" logg info "Sourcing shellenv from /home/linuxbrew/.linuxbrew/bin/brew" && eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
elif [ -f /opt/homebrew/bin/brew ]; then elif [ -f /usr/local/bin/brew ]; then
logg info "Sourcing shellenv from /opt/homebrew/bin/brew" && eval "$(/opt/homebrew/bin/brew shellenv)" logg info "Sourcing shellenv from /usr/local/bin/brew" && eval "$(/usr/local/bin/brew shellenv)"
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" ]; then
logg info "Sourcing shellenv from "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew"" && eval "$("${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" shellenv)"
fi fi
fi fi
fi fi
@ -200,7 +202,7 @@ ensureHomebrew() {
### Ensure GCC is installed via Homebrew ### Ensure GCC is installed via Homebrew
if command -v brew > /dev/null; then if command -v brew > /dev/null; then
if ! brew list | grep gcc > /dev/null; then if ! brew list | grep gcc > /dev/null; then
logg info "Installing Homebrew gcc" && brew install gcc logg info "Installing Homebrew gcc" && brew install --quiet gcc
fi fi
else else
logg error "Failed to initialize Homebrew" && exit 2 logg error "Failed to initialize Homebrew" && exit 2

View file

@ -20,10 +20,10 @@ ensureHomebrew() {
### Installs Homebrew and addresses a couple potential issues ### Installs Homebrew and addresses a couple potential issues
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
logg info "Installing Homebrew" logg info "Installing Homebrew"
echo | /bin/bash -c "$(curl -fsSL --compressed https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" echo | /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
else else
logg info "Homebrew is not installed. The script will attempt to install Homebrew and you might be prompted for your password." logg info "Homebrew is not installed. The script will attempt to install Homebrew and you might be prompted for your password."
/bin/bash -c "$(curl -fsSL --compressed https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
if [ -n "$BREW_EXIT_CODE" ]; then if [ -n "$BREW_EXIT_CODE" ]; then
if command -v brew > /dev/null; then if command -v brew > /dev/null; then
logg warn "Homebrew was installed but part of the installation failed. Trying a few things to fix the installation.." logg warn "Homebrew was installed but part of the installation failed. Trying a few things to fix the installation.."
@ -41,8 +41,10 @@ ensureHomebrew() {
### Ensures the `brew` binary is available on Linux machines. macOS installs `brew` into the default `PATH` so nothing needs to be done for macOS. ### Ensures the `brew` binary is available on Linux machines. macOS installs `brew` into the default `PATH` so nothing needs to be done for macOS.
if [ -d /home/linuxbrew/.linuxbrew/bin ]; then if [ -d /home/linuxbrew/.linuxbrew/bin ]; then
logg info "Sourcing shellenv from /home/linuxbrew/.linuxbrew/bin/brew" && eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" logg info "Sourcing shellenv from /home/linuxbrew/.linuxbrew/bin/brew" && eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
elif [ -f /opt/homebrew/bin/brew ]; then elif [ -f /usr/local/bin/brew ]; then
logg info "Sourcing shellenv from /opt/homebrew/bin/brew" && eval "$(/opt/homebrew/bin/brew shellenv)" logg info "Sourcing shellenv from /usr/local/bin/brew" && eval "$(/usr/local/bin/brew shellenv)"
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" ]; then
logg info "Sourcing shellenv from "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew"" && eval "$("${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" shellenv)"
fi fi
fi fi
fi fi

View file

@ -5,6 +5,18 @@
# This script sets up pfSense with features like: # This script sets up pfSense with features like:
# #
# 1. [Netdata Cloud](https://learn.netdata.cloud/docs/installing/pfsense) # 1. [Netdata Cloud](https://learn.netdata.cloud/docs/installing/pfsense)
#
# ## Considerations
#
# The following items are not included in this script but may be added in the future:
#
# * https://github.com/pfelk/pfelk
#
# ## Useful Links
#
# * [pfSense to OPNSense configuration converter](https://www.pf2opn.com/)
# * [pfSense Ansible collection](https://github.com/pfsensible/core)
# * [pfSense API](https://github.com/jaredhendrickson13/pfsense-api) (Note: Need CLI or easy way of accessing it)
# @description This function logs with style using Gum if it is installed, otherwise it uses `echo`. It is also capable of leveraging Glow to render markdown. # @description This function logs with style using Gum if it is installed, otherwise it uses `echo`. It is also capable of leveraging Glow to render markdown.
# When Glow is not installed, it uses `cat`. The following sub-commands are available: # When Glow is not installed, it uses `cat`. The following sub-commands are available:
@ -140,3 +152,23 @@ EOF
service netdata onestart service netdata onestart
} }
enableNetdata enableNetdata
# @description This function installs UniFi onto a pfSense / OPNSense FreeBSD environment. It leverages scripts provided by
# the [unofficial pfSense UniFi project on GitHub](https://github.com/unofficial-unifi/unifi-pfsense). The script runs
# the script provided by the project and then enables the UniFi service.
#
# If you run into issues, please see the project's GitHub link (referenced above). It may take a couple minutes for the
# UniFi service to start up after `service unifi.sh start` is run because the start service exits fast while booting up
# the UniFi service in the background.
enableUniFi() {
fetch -o - https://raw.githubusercontent.com/unofficial-unifi/unifi-pfsense/master/install-unifi/install-unifi.sh | sh -s
service unifi.sh start
}
enableUniFi
# @description This function adds an unofficial package that adds SAML2 support to pfSense for SSO logins over
# the web portal. For more information, see the project's [GitHub page](https://github.com/jaredhendrickson13/pfsense-saml2-auth).
enablePFsenseSAML() {
pkg add https://github.com/jaredhendrickson13/pfsense-saml2-auth/releases/latest/download/pfSense-2.7-pkg-saml2-auth.pkg
}
enablePFsenseSAML

View file

@ -234,10 +234,10 @@ ensureHomebrew() {
### Installs Homebrew and addresses a couple potential issues ### Installs Homebrew and addresses a couple potential issues
if command -v sudo > /dev/null && sudo -n true; then if command -v sudo > /dev/null && sudo -n true; then
logg info "Installing Homebrew" logg info "Installing Homebrew"
echo | /bin/bash -c "$(curl -fsSL --compressed https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" echo | /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
else else
logg info "Homebrew is not installed. The script will attempt to install Homebrew and you might be prompted for your password." logg info "Homebrew is not installed. The script will attempt to install Homebrew and you might be prompted for your password."
/bin/bash -c "$(curl -fsSL --compressed https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?" /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" || BREW_EXIT_CODE="$?"
if [ -n "$BREW_EXIT_CODE" ]; then if [ -n "$BREW_EXIT_CODE" ]; then
if command -v brew > /dev/null; then if command -v brew > /dev/null; then
logg warn "Homebrew was installed but part of the installation failed. Trying a few things to fix the installation.." logg warn "Homebrew was installed but part of the installation failed. Trying a few things to fix the installation.."
@ -255,8 +255,10 @@ ensureHomebrew() {
### Ensures the `brew` binary is available on Linux machines. macOS installs `brew` into the default `PATH` so nothing needs to be done for macOS. ### Ensures the `brew` binary is available on Linux machines. macOS installs `brew` into the default `PATH` so nothing needs to be done for macOS.
if [ -d /home/linuxbrew/.linuxbrew/bin ]; then if [ -d /home/linuxbrew/.linuxbrew/bin ]; then
logg info "Sourcing shellenv from /home/linuxbrew/.linuxbrew/bin/brew" && eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" logg info "Sourcing shellenv from /home/linuxbrew/.linuxbrew/bin/brew" && eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
elif [ -f /opt/homebrew/bin/brew ]; then elif [ -f /usr/local/bin/brew ]; then
logg info "Sourcing shellenv from /opt/homebrew/bin/brew" && eval "$(/opt/homebrew/bin/brew shellenv)" logg info "Sourcing shellenv from /usr/local/bin/brew" && eval "$(/usr/local/bin/brew shellenv)"
elif [ -f "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" ]; then
logg info "Sourcing shellenv from "${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew"" && eval "$("${HOMEBREW_PREFIX:-/opt/homebrew}/bin/brew" shellenv)"
fi fi
fi fi
fi fi
@ -264,13 +266,40 @@ ensureHomebrew() {
### Ensure GCC is installed via Homebrew ### Ensure GCC is installed via Homebrew
if command -v brew > /dev/null; then if command -v brew > /dev/null; then
if ! brew list | grep gcc > /dev/null; then if ! brew list | grep gcc > /dev/null; then
logg info "Installing Homebrew gcc" && brew install gcc logg info "Installing Homebrew gcc" && brew install --quiet gcc
fi fi
else else
logg error "Failed to initialize Homebrew" && exit 2 logg error "Failed to initialize Homebrew" && exit 2
fi fi
} }
# @description This function determines whether or not a reboot is required on the target system.
# On Linux, it will check for the presence of the `/var/run/reboot-required` file to determine
# whether or not a reboot is required. On macOS, it will reboot `/Library/Updates/index.plist`
# to determine whether or not a reboot is required.
#
# After determining whether or not a reboot is required, the script will attempt to automatically
# reboot the machine.
handleRequiredReboot() {
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Checking if there is a pending update' && defaults read /Library/Updates/index.plist InstallAtLogout
# TODO - Uncomment this when we can determine conditions for reboot
# sudo shutdown -r now
elif [ -f /var/run/reboot-required ]; then
### Linux
logg info '/var/run/reboot-required is present so a reboot is required'
if command -v systemctl > /dev/null; then
logg info 'systemctl present so rebooting with sudo systemctl start reboot.target' && sudo systemctl start reboot.target
elif command -v reboot > /dev/null; then
logg info 'reboot available as command so rebooting with sudo reboot' && sudo reboot
elif command -v shutdown > /dev/null; then
logg info 'shutdown command available so rebooting with sudo shutdown -r now' && sudo shutdown -r now
else
logg warn 'Reboot required but unable to determine appropriate restart command'
fi
fi
}
# @description Load default settings if it is in a CI setting # @description Load default settings if it is in a CI setting
setCIEnvironmentVariables() { setCIEnvironmentVariables() {
if [ -n "$CI" ]; then if [ -n "$CI" ]; then
@ -420,7 +449,7 @@ handleQubesDom0() {
installBrewPackage() { installBrewPackage() {
if ! command -v "$1" > /dev/null; then if ! command -v "$1" > /dev/null; then
logg 'Installing '"$1"'' logg 'Installing '"$1"''
brew install "$1" brew install --quiet "$1"
fi fi
} }
@ -443,9 +472,10 @@ ensureHomebrewDeps() {
### macOS ### macOS
if [ -d /Applications ] && [ -d /System ]; then if [ -d /Applications ] && [ -d /System ]; then
installBrewPackage "expect"
installBrewPackage "gsed" installBrewPackage "gsed"
if ! command -v gtimeout > /dev/null; then if ! command -v gtimeout > /dev/null; then
brew install coreutils brew install --quiet coreutils
fi fi
fi fi
} }
@ -512,7 +542,7 @@ runChezmoi() {
logg info 'Running chezmoi apply forcefully' logg info 'Running chezmoi apply forcefully'
if command -v unbuffer > /dev/null; then if command -v unbuffer > /dev/null; then
if command -v caffeinate > /dev/null; then if command -v caffeinate > /dev/null; then
unbuffer -p caffeinate chezmoi apply $DEBUG_MODIFIER -k --force 2>&1 | tee "$LOG_FILE" caffeinate unbuffer -p chezmoi apply $DEBUG_MODIFIER -k --force 2>&1 | tee "$LOG_FILE"
else else
unbuffer -p chezmoi apply $DEBUG_MODIFIER -k --force 2>&1 | tee "$LOG_FILE" unbuffer -p chezmoi apply $DEBUG_MODIFIER -k --force 2>&1 | tee "$LOG_FILE"
fi fi
@ -578,5 +608,6 @@ provisionLogic() {
logg info "Running the Chezmoi provisioning" && runChezmoi logg info "Running the Chezmoi provisioning" && runChezmoi
logg info "Ensuring temporary passwordless sudo is removed" && removePasswordlessSudo logg info "Ensuring temporary passwordless sudo is removed" && removePasswordlessSudo
logg info "Handling post-provision logic" && postProvision logg info "Handling post-provision logic" && postProvision
logg info "Determing whether or not reboot" && handleRequiredReboot
} }
provisionLogic provisionLogic