This commit is contained in:
Brian Zalewski 2023-08-09 01:46:26 -04:00 committed by GitHub
parent 59e2e956a8
commit e2be642b4b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 59 additions and 52 deletions

View file

@ -101,5 +101,8 @@
"workbench.welcomePage.walkthroughs.openOnInstall": false, "workbench.welcomePage.walkthroughs.openOnInstall": false,
"yaml.format.printWidth": 160, "yaml.format.printWidth": 160,
"yaml.format.singleQuote": true, "yaml.format.singleQuote": true,
"editor.acceptSuggestionOnEnter": "off" "editor.acceptSuggestionOnEnter": "off",
"[shellscript]": {
"editor.defaultFormatter": "foxundermoon.shell-format"
}
} }

View file

@ -5,10 +5,10 @@
###################################### ######################################
### CloudFlare ### CloudFlare
[".local/etc/ssl/cloudflare/cloudflare/Cloudflare_CA.crt"] [".local/etc/ssl/cloudflare/Cloudflare_CA.crt"]
type = "file" type = "file"
url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt" url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt"
[".local/etc/ssl/cloudflare/cloudflare/Cloudflare_CA.pem"] [".local/etc/ssl/cloudflare/Cloudflare_CA.pem"]
type = "file" type = "file"
url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.pem" url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.pem"

View file

@ -34,7 +34,7 @@ if command -v netdata-claim.sh > /dev/null; then
ensureNetdataOwnership ensureNetdataOwnership
# netdata-claim.sh must be run as netdata user # netdata-claim.sh must be run as netdata user
sudo -H -u netdata bash -c 'export NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}" && export NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}" && netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"' sudo -H -u netdata bash -c 'export NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}" && export NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}" && yes | netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"'
# Kernel optimizations # Kernel optimizations
# These are mentioned while installing via the kickstart.sh script method. We are using Homebrew for the installation though. # These are mentioned while installing via the kickstart.sh script method. We are using Homebrew for the installation though.

View file

@ -52,7 +52,7 @@ if command -v powerline > /dev/null && [ -f "$HOME/.bashrc" ]; then
if ls "$BASH_IT/enabled" | grep "$COMPLETION" > /dev/null; then if ls "$BASH_IT/enabled" | grep "$COMPLETION" > /dev/null; then
rm -f "$BASH_IT/enabled/"*"$COMPLETION"* > /dev/null && logg info "Removed old $COMPLETION bash-it completion symlink" || logg error "Failed to remove $COMPLETION bash-it completion symlink" rm -f "$BASH_IT/enabled/"*"$COMPLETION"* > /dev/null && logg info "Removed old $COMPLETION bash-it completion symlink" || logg error "Failed to remove $COMPLETION bash-it completion symlink"
fi fi
echo y | bash-it enable completion "$COMPLETION" > /dev/null && logg info "Enabled the bash-it $COMPLETION completion plugin" || logg error "Failed to install the $COMPLETION bash-it completion plugin" yes | bash-it enable completion "$COMPLETION" > /dev/null && logg info "Enabled the bash-it $COMPLETION completion plugin" || logg error "Failed to install the $COMPLETION bash-it completion plugin"
done done
### Ensure plugins are enabled ### Ensure plugins are enabled
@ -62,7 +62,7 @@ if command -v powerline > /dev/null && [ -f "$HOME/.bashrc" ]; then
if ls "$BASH_IT/enabled" | grep "$PLUGIN" > /dev/null; then if ls "$BASH_IT/enabled" | grep "$PLUGIN" > /dev/null; then
rm -f "$BASH_IT/enabled/"*"$PLUGIN"* > /dev/null && logg info "Removed old $PLUGIN bash-it plugin symlink" || logg error "Failed to remove $PLUGIN bash-it plugin symlink" rm -f "$BASH_IT/enabled/"*"$PLUGIN"* > /dev/null && logg info "Removed old $PLUGIN bash-it plugin symlink" || logg error "Failed to remove $PLUGIN bash-it plugin symlink"
fi fi
echo y | bash-it enable plugin "$PLUGIN" > /dev/null && logg info "Enabled the bash-it $PLUGIN plugin" || logg error "Failed to install the $PLUGIN bash-it plugin" yes | bash-it enable plugin "$PLUGIN" > /dev/null && logg info "Enabled the bash-it $PLUGIN plugin" || logg error "Failed to install the $PLUGIN bash-it plugin"
done done
else else
logg warn 'The path specified by BASH_IT does not exist yet' logg warn 'The path specified by BASH_IT does not exist yet'

View file

@ -235,29 +235,10 @@ else
fi fi
{{- $registrationToken := "" }} {{- $registrationToken := "" }}
echo "{{ .host.hostname }}"
echo "{{ joinPath .host.home ".config" "age" "chezmoi.txt" }}"
echo "{{ joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname }}"
echo "{{ stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname) }}"
{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname)) -}} {{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname)) -}}
echo "IN HEREEE"
{{- $registrationToken = (includeTemplate (print "cloudflared/" .host.hostname) | decrypt) -}} {{- $registrationToken = (includeTemplate (print "cloudflared/" .host.hostname) | decrypt) -}}
{{- end }} {{- end }}
### Set up CloudFlare tunnels ### Set up CloudFlare tunnels
echo 'Registration token debug:'
echo -n '{{ includeTemplate (print "cloudflared/" .host.hostname) | decrypt }}'
echo "ZZZZZZZZZZZZ"
echo ""
echo ""
echo -n '{{ $registrationToken }}'
echo ""
echo "OOOOOOOOOOOOO"
echo ""
echo '{{ $registrationToken }}'
echo ""
echo '555555'
set -ex
echo '{{ stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname) }}
if command -v cloudflared > /dev/null && [ -d "$HOME/.local/etc/cloudflared" ]; then if command -v cloudflared > /dev/null && [ -d "$HOME/.local/etc/cloudflared" ]; then
# Show warning message about ~/.cloudflared already existing # Show warning message about ~/.cloudflared already existing
if [ -d "$HOME/.cloudflared" ]; then if [ -d "$HOME/.cloudflared" ]; then
@ -276,7 +257,7 @@ if command -v cloudflared > /dev/null && [ -d "$HOME/.local/etc/cloudflared" ];
logg info 'Creating a CloudFlare tunnel to this host' logg info 'Creating a CloudFlare tunnel to this host'
sudo cloudflared tunnel create "host-{{ .host.hostname }}" sudo cloudflared tunnel create "host-{{ .host.hostname }}"
fi fi
TUNNEL_ID="$(sudo cloudflared tunnel list | grep "host-{{ .host.hostname }}" | sed 's/ .*//')" TUNNEL_ID="$(sudo cloudflared tunnel list | grep 'host-{{ .host.hostname }}' | sed 's/ .*//')"
logg info "Tunnel ID: $TUNNEL_ID" logg info "Tunnel ID: $TUNNEL_ID"
if [ -f "/usr/local/etc/cloudflared/${TUNNEL_ID}.json" ]; then if [ -f "/usr/local/etc/cloudflared/${TUNNEL_ID}.json" ]; then
logg info 'Symlinking tunnel configuration to /usr/local/etc/cloudflared/credentials.json' logg info 'Symlinking tunnel configuration to /usr/local/etc/cloudflared/credentials.json'

View file

@ -2,6 +2,10 @@
"age" "age"
"base-devel" "base-devel"
"ccid" "ccid"
"curl"
"expect"
"file"
"git"
"gnome" "gnome"
"hopenpgp-tools" "hopenpgp-tools"
"libaio" "libaio"
@ -14,8 +18,10 @@
"npm" "npm"
"openssl" "openssl"
"pcsclite" "pcsclite"
"procps-ng"
"progress" "progress"
"readline" "readline"
"rsync"
"sddm" "sddm"
"secure-delete" "secure-delete"
"tk" "tk"

View file

@ -141,8 +141,8 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
fi fi
### Sheldon ### Sheldon
export SHELDON_CONFIG_FILE="$SHELDON_CONFIG_DIR/plugins.bash.toml" export SHELDON_CONFIG_FILE="${SHELDON_CONFIG_DIR:-${XDG_CONFIG_HOME:-$HOME/.config}/sheldon}}/plugins.bash.toml"
! command -v sheldon > /dev/null || eval "$(sheldon source)" ! command -v sheldon > /dev/null || eval "$(command sheldon source)"
### Up ### Up
[ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" ] || source "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" [ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" ] || source "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh"

View file

@ -14,8 +14,9 @@ shell = "bash"
[plugins] [plugins]
[plugins.sheldon] # TODO: Make this import the sheldon completions and cache them
inline = 'sheldon() { sheldon completions --shell bash }' # [plugins.sheldon]
# inline = 'sheldon() { sheldon completions --shell bash }'
[plugins.wp] [plugins.wp]
remote = "https://raw.githubusercontent.com/wp-cli/wp-cli/v2.7.1/utils/wp-completion.bash" remote = "https://raw.githubusercontent.com/wp-cli/wp-cli/v2.7.1/utils/wp-completion.bash"

View file

@ -14,5 +14,6 @@ shell = "fish"
[plugins] [plugins]
[plugins.sheldon] # TODO: Make this import the sheldon completions and cache them
inline = 'sheldon() { sheldon completions --shell fish }' # [plugins.sheldon]
# inline = 'sheldon() { sheldon completions --shell fish }'

View file

@ -14,5 +14,6 @@ shell = "zsh"
[plugins] [plugins]
[plugins.sheldon] # TODO: Make this import the sheldon completions and cache them
inline = 'sheldon() { sheldon completions --shell zsh }' # [plugins.sheldon]
# inline = 'sheldon() { sheldon completions --shell zsh }'

View file

@ -15,6 +15,15 @@
# TODO: Integrate this into flow # TODO: Integrate this into flow
if command -v certbot > /dev/null; then if command -v certbot > /dev/null; then
### Ensure configuration files are in place
if [ -f "$HOME/.local/etc/letsencrypt/dns-cloudflare.ini" ] && [ -f "$HOME/.local/etc/letsencrypt/letsencryptcli.ini" ]; then
logg info 'Copying Lets Encrypt / Certbot configurations to /etc/letsencrypt'
sudo mkdir -p /etc/letsencrypt
sudo cp -f "$HOME/.local/etc/letsencrypt/dns-cloudflare.ini" /etc/letsencrypt/dns-cloudflare.ini
sudo cp -f "$HOME/.local/etc/letsencrypt/letsencryptcli.ini" /etc/letsencrypt/letsencryptcli.ini
fi
### Ensure certificate is present
if [ -f '/etc/letsencrypt/live/{{ .host.domain }}/cert.pem' ]; then if [ -f '/etc/letsencrypt/live/{{ .host.domain }}/cert.pem' ]; then
logg info 'LetsEncrypt SSL certificate is already available' logg info 'LetsEncrypt SSL certificate is already available'
else else
@ -22,7 +31,7 @@ if command -v certbot > /dev/null; then
certbot certonly --noninteractive --dns-cloudflare --agree-tos --email '{{ .user.cloudflare.username }}' --dns-cloudflare-propagation-seconds 14 -d '*.{{ .host.domain }},*.lab.{{ .host.domain }},*.{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}' certbot certonly --noninteractive --dns-cloudflare --agree-tos --email '{{ .user.cloudflare.username }}' --dns-cloudflare-propagation-seconds 14 -d '*.{{ .host.domain }},*.lab.{{ .host.domain }},*.{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
fi fi
### Setup cronjob ### Setup renewal cronjob
if ! sudo crontab -l | grep "$(which certbot) renew --quiet" > /dev/null; then if ! sudo crontab -l | grep "$(which certbot) renew --quiet" > /dev/null; then
TMP="$(mktemp)" TMP="$(mktemp)"
echo "30 3 * * * $(which certbot) renew --quiet" > "$TMP" echo "30 3 * * * $(which certbot) renew --quiet" > "$TMP"

View file

@ -446,8 +446,8 @@ elif [ -f "$SDKMAN_DIR/bin/sdkman-init.sh" ]; then
fi fi
### Sheldon ### Sheldon
export SHELDON_CONFIG_FILE="$SHELDON_CONFIG_DIR/plugins.zsh.toml" export SHELDON_CONFIG_FILE="${SHELDON_CONFIG_DIR:-${XDG_CONFIG_HOME:-$HOME/.config}/sheldon}}/plugins.zsh.toml"
! command -v sheldon > /dev/null || eval "$(sheldon source)" ! command -v sheldon > /dev/null || eval "$(command sheldon source)"
### Up ### Up
[ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" ] || source "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" [ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" ] || source "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh"

View file

@ -305,7 +305,7 @@ if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v
elif command -v pacman > /dev/null; then elif command -v pacman > /dev/null; then
# Archlinux # Archlinux
sudo pacman update sudo pacman update
sudo pacman -Sy curl expect git rsync sudo pacman -Syu base-devel curl expect git rsync procps-ng file
elif command -v zypper > /dev/null; then elif command -v zypper > /dev/null; then
# OpenSUSE # OpenSUSE
sudo zypper install -y curl expect git rsync sudo zypper install -y curl expect git rsync

View file

@ -1,29 +1,29 @@
if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null; then if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null; then
if command -v apt-get > /dev/null; then if command -v apt-get > /dev/null; then
# @description Ensure `build-essential`, `curl`, `expect`, `git`, and `rsync` are installed on Debian / Ubuntu # Debian / Ubuntu
sudo apt-get update sudo apt-get update
sudo apt-get install -y build-essential curl expect git rsync sudo apt-get install -y build-essential curl expect git rsync
elif command -v dnf > /dev/null; then elif command -v dnf > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Fedora # Fedora
sudo dnf install -y curl expect git rsync sudo dnf install -y curl expect git rsync
elif command -v yum > /dev/null; then elif command -v yum > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on CentOS # CentOS
sudo yum install -y curl expect git rsync sudo yum install -y curl expect git rsync
elif command -v pacman > /dev/null; then elif command -v pacman > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Archlinux # Archlinux
sudo pacman update sudo pacman update
sudo pacman -Sy curl expect git rsync sudo pacman -Syu base-devel curl expect git rsync procps-ng file
elif command -v zypper > /dev/null; then elif command -v zypper > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on OpenSUSE # OpenSUSE
sudo zypper install -y curl expect git rsync sudo zypper install -y curl expect git rsync
elif command -v apk > /dev/null; then elif command -v apk > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Alpine # Alpine
apk add curl expect git rsync apk add curl expect git rsync
elif [ -d /Applications ] && [ -d /Library ]; then elif [ -d /Applications ] && [ -d /Library ]; then
# @description Ensure CLI developer tools are available on macOS (via `xcode-select`) # macOS
sudo xcode-select -p >/dev/null 2>&1 || xcode-select --install sudo xcode-select -p >/dev/null 2>&1 || xcode-select --install
elif [[ "$OSTYPE" == 'cygwin' ]] || [[ "$OSTYPE" == 'msys' ]] || [[ "$OSTYPE" == 'win32' ]]; then elif [[ "$OSTYPE" == 'cygwin' ]] || [[ "$OSTYPE" == 'msys' ]] || [[ "$OSTYPE" == 'win32' ]]; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Windows # Windows
choco install -y curl expect git rsync choco install -y curl expect git rsync
fi fi
fi fi

View file

@ -266,7 +266,7 @@ if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v
elif command -v pacman > /dev/null; then elif command -v pacman > /dev/null; then
# @description Ensure `base-devel`, `curl`, `expect`, `git`, `rsync`, `procps-ng`, and `file` are installed on Archlinux # @description Ensure `base-devel`, `curl`, `expect`, `git`, `rsync`, `procps-ng`, and `file` are installed on Archlinux
sudo pacman update sudo pacman update
sudo pacman -Sy base-devel curl expect git rsync procps-ng file sudo pacman -Syu base-devel curl expect git rsync procps-ng file
elif command -v zypper > /dev/null; then elif command -v zypper > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, `rsync`, `procps`, and `file` are installed on OpenSUSE (as well as the devel_basis pattern) # @description Ensure `curl`, `expect`, `git`, `rsync`, `procps`, and `file` are installed on OpenSUSE (as well as the devel_basis pattern)
sudo zypper install -yt pattern devel_basis sudo zypper install -yt pattern devel_basis

View file

@ -699,6 +699,12 @@ softwarePackages:
brew: pigz brew: pigz
dnf: pigz dnf: pigz
pacman: pigz pacman: pigz
blocky:
_bin: blocky
_github: https://github.com/0xERR0R/blocky
_name: Blocky
brew: blocky
go: github.com/0xERR0R/blocky@mastergithub.com/0xERR0R/blocky@master
http-toolkit: http-toolkit:
_github: https://github.com/httptoolkit/httptoolkit _github: https://github.com/httptoolkit/httptoolkit
_name: HTTP Toolkit _name: HTTP Toolkit
@ -1676,10 +1682,9 @@ softwarePackages:
_home: https://certbot.eff.org/ _home: https://certbot.eff.org/
_name: CertBot _name: CertBot
_snapClassic: true _snapClassic: true
ansible: professormanhattan.certbot _post: pipx inject certbot certbot-dns-cloudflare
brew: certbot _post:windows: echo "Add method for Windows"
port: certbot pipx: certbot
snap: certbot
ugm: ugm:
_bin: ugm _bin: ugm
_desc: A terminal based UNIX user and group browser _desc: A terminal based UNIX user and group browser