This commit is contained in:
Brian Zalewski 2023-08-09 01:46:26 -04:00 committed by GitHub
parent 59e2e956a8
commit e2be642b4b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 59 additions and 52 deletions

View file

@ -101,5 +101,8 @@
"workbench.welcomePage.walkthroughs.openOnInstall": false,
"yaml.format.printWidth": 160,
"yaml.format.singleQuote": true,
"editor.acceptSuggestionOnEnter": "off"
"editor.acceptSuggestionOnEnter": "off",
"[shellscript]": {
"editor.defaultFormatter": "foxundermoon.shell-format"
}
}

View file

@ -5,10 +5,10 @@
######################################
### CloudFlare
[".local/etc/ssl/cloudflare/cloudflare/Cloudflare_CA.crt"]
[".local/etc/ssl/cloudflare/Cloudflare_CA.crt"]
type = "file"
url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt"
[".local/etc/ssl/cloudflare/cloudflare/Cloudflare_CA.pem"]
[".local/etc/ssl/cloudflare/Cloudflare_CA.pem"]
type = "file"
url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.pem"

View file

@ -34,7 +34,7 @@ if command -v netdata-claim.sh > /dev/null; then
ensureNetdataOwnership
# netdata-claim.sh must be run as netdata user
sudo -H -u netdata bash -c 'export NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}" && export NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}" && netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"'
sudo -H -u netdata bash -c 'export NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}" && export NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}" && yes | netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"'
# Kernel optimizations
# These are mentioned while installing via the kickstart.sh script method. We are using Homebrew for the installation though.

View file

@ -52,7 +52,7 @@ if command -v powerline > /dev/null && [ -f "$HOME/.bashrc" ]; then
if ls "$BASH_IT/enabled" | grep "$COMPLETION" > /dev/null; then
rm -f "$BASH_IT/enabled/"*"$COMPLETION"* > /dev/null && logg info "Removed old $COMPLETION bash-it completion symlink" || logg error "Failed to remove $COMPLETION bash-it completion symlink"
fi
echo y | bash-it enable completion "$COMPLETION" > /dev/null && logg info "Enabled the bash-it $COMPLETION completion plugin" || logg error "Failed to install the $COMPLETION bash-it completion plugin"
yes | bash-it enable completion "$COMPLETION" > /dev/null && logg info "Enabled the bash-it $COMPLETION completion plugin" || logg error "Failed to install the $COMPLETION bash-it completion plugin"
done
### Ensure plugins are enabled
@ -62,7 +62,7 @@ if command -v powerline > /dev/null && [ -f "$HOME/.bashrc" ]; then
if ls "$BASH_IT/enabled" | grep "$PLUGIN" > /dev/null; then
rm -f "$BASH_IT/enabled/"*"$PLUGIN"* > /dev/null && logg info "Removed old $PLUGIN bash-it plugin symlink" || logg error "Failed to remove $PLUGIN bash-it plugin symlink"
fi
echo y | bash-it enable plugin "$PLUGIN" > /dev/null && logg info "Enabled the bash-it $PLUGIN plugin" || logg error "Failed to install the $PLUGIN bash-it plugin"
yes | bash-it enable plugin "$PLUGIN" > /dev/null && logg info "Enabled the bash-it $PLUGIN plugin" || logg error "Failed to install the $PLUGIN bash-it plugin"
done
else
logg warn 'The path specified by BASH_IT does not exist yet'

View file

@ -235,29 +235,10 @@ else
fi
{{- $registrationToken := "" }}
echo "{{ .host.hostname }}"
echo "{{ joinPath .host.home ".config" "age" "chezmoi.txt" }}"
echo "{{ joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname }}"
echo "{{ stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname) }}"
{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname)) -}}
echo "IN HEREEE"
{{- $registrationToken = (includeTemplate (print "cloudflared/" .host.hostname) | decrypt) -}}
{{- end }}
### Set up CloudFlare tunnels
echo 'Registration token debug:'
echo -n '{{ includeTemplate (print "cloudflared/" .host.hostname) | decrypt }}'
echo "ZZZZZZZZZZZZ"
echo ""
echo ""
echo -n '{{ $registrationToken }}'
echo ""
echo "OOOOOOOOOOOOO"
echo ""
echo '{{ $registrationToken }}'
echo ""
echo '555555'
set -ex
echo '{{ stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname) }}
if command -v cloudflared > /dev/null && [ -d "$HOME/.local/etc/cloudflared" ]; then
# Show warning message about ~/.cloudflared already existing
if [ -d "$HOME/.cloudflared" ]; then
@ -276,7 +257,7 @@ if command -v cloudflared > /dev/null && [ -d "$HOME/.local/etc/cloudflared" ];
logg info 'Creating a CloudFlare tunnel to this host'
sudo cloudflared tunnel create "host-{{ .host.hostname }}"
fi
TUNNEL_ID="$(sudo cloudflared tunnel list | grep "host-{{ .host.hostname }}" | sed 's/ .*//')"
TUNNEL_ID="$(sudo cloudflared tunnel list | grep 'host-{{ .host.hostname }}' | sed 's/ .*//')"
logg info "Tunnel ID: $TUNNEL_ID"
if [ -f "/usr/local/etc/cloudflared/${TUNNEL_ID}.json" ]; then
logg info 'Symlinking tunnel configuration to /usr/local/etc/cloudflared/credentials.json'

View file

@ -2,6 +2,10 @@
"age"
"base-devel"
"ccid"
"curl"
"expect"
"file"
"git"
"gnome"
"hopenpgp-tools"
"libaio"
@ -14,8 +18,10 @@
"npm"
"openssl"
"pcsclite"
"procps-ng"
"progress"
"readline"
"rsync"
"sddm"
"secure-delete"
"tk"

View file

@ -141,8 +141,8 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
fi
### Sheldon
export SHELDON_CONFIG_FILE="$SHELDON_CONFIG_DIR/plugins.bash.toml"
! command -v sheldon > /dev/null || eval "$(sheldon source)"
export SHELDON_CONFIG_FILE="${SHELDON_CONFIG_DIR:-${XDG_CONFIG_HOME:-$HOME/.config}/sheldon}}/plugins.bash.toml"
! command -v sheldon > /dev/null || eval "$(command sheldon source)"
### Up
[ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" ] || source "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh"

View file

@ -14,8 +14,9 @@ shell = "bash"
[plugins]
[plugins.sheldon]
inline = 'sheldon() { sheldon completions --shell bash }'
# TODO: Make this import the sheldon completions and cache them
# [plugins.sheldon]
# inline = 'sheldon() { sheldon completions --shell bash }'
[plugins.wp]
remote = "https://raw.githubusercontent.com/wp-cli/wp-cli/v2.7.1/utils/wp-completion.bash"

View file

@ -14,5 +14,6 @@ shell = "fish"
[plugins]
[plugins.sheldon]
inline = 'sheldon() { sheldon completions --shell fish }'
# TODO: Make this import the sheldon completions and cache them
# [plugins.sheldon]
# inline = 'sheldon() { sheldon completions --shell fish }'

View file

@ -14,5 +14,6 @@ shell = "zsh"
[plugins]
[plugins.sheldon]
inline = 'sheldon() { sheldon completions --shell zsh }'
# TODO: Make this import the sheldon completions and cache them
# [plugins.sheldon]
# inline = 'sheldon() { sheldon completions --shell zsh }'

View file

@ -15,6 +15,15 @@
# TODO: Integrate this into flow
if command -v certbot > /dev/null; then
### Ensure configuration files are in place
if [ -f "$HOME/.local/etc/letsencrypt/dns-cloudflare.ini" ] && [ -f "$HOME/.local/etc/letsencrypt/letsencryptcli.ini" ]; then
logg info 'Copying Lets Encrypt / Certbot configurations to /etc/letsencrypt'
sudo mkdir -p /etc/letsencrypt
sudo cp -f "$HOME/.local/etc/letsencrypt/dns-cloudflare.ini" /etc/letsencrypt/dns-cloudflare.ini
sudo cp -f "$HOME/.local/etc/letsencrypt/letsencryptcli.ini" /etc/letsencrypt/letsencryptcli.ini
fi
### Ensure certificate is present
if [ -f '/etc/letsencrypt/live/{{ .host.domain }}/cert.pem' ]; then
logg info 'LetsEncrypt SSL certificate is already available'
else
@ -22,7 +31,7 @@ if command -v certbot > /dev/null; then
certbot certonly --noninteractive --dns-cloudflare --agree-tos --email '{{ .user.cloudflare.username }}' --dns-cloudflare-propagation-seconds 14 -d '*.{{ .host.domain }},*.lab.{{ .host.domain }},*.{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
fi
### Setup cronjob
### Setup renewal cronjob
if ! sudo crontab -l | grep "$(which certbot) renew --quiet" > /dev/null; then
TMP="$(mktemp)"
echo "30 3 * * * $(which certbot) renew --quiet" > "$TMP"

View file

@ -446,8 +446,8 @@ elif [ -f "$SDKMAN_DIR/bin/sdkman-init.sh" ]; then
fi
### Sheldon
export SHELDON_CONFIG_FILE="$SHELDON_CONFIG_DIR/plugins.zsh.toml"
! command -v sheldon > /dev/null || eval "$(sheldon source)"
export SHELDON_CONFIG_FILE="${SHELDON_CONFIG_DIR:-${XDG_CONFIG_HOME:-$HOME/.config}/sheldon}}/plugins.zsh.toml"
! command -v sheldon > /dev/null || eval "$(command sheldon source)"
### Up
[ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" ] || source "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh"

View file

@ -305,7 +305,7 @@ if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v
elif command -v pacman > /dev/null; then
# Archlinux
sudo pacman update
sudo pacman -Sy curl expect git rsync
sudo pacman -Syu base-devel curl expect git rsync procps-ng file
elif command -v zypper > /dev/null; then
# OpenSUSE
sudo zypper install -y curl expect git rsync

View file

@ -1,29 +1,29 @@
if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null; then
if command -v apt-get > /dev/null; then
# @description Ensure `build-essential`, `curl`, `expect`, `git`, and `rsync` are installed on Debian / Ubuntu
# Debian / Ubuntu
sudo apt-get update
sudo apt-get install -y build-essential curl expect git rsync
elif command -v dnf > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Fedora
# Fedora
sudo dnf install -y curl expect git rsync
elif command -v yum > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on CentOS
# CentOS
sudo yum install -y curl expect git rsync
elif command -v pacman > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Archlinux
# Archlinux
sudo pacman update
sudo pacman -Sy curl expect git rsync
sudo pacman -Syu base-devel curl expect git rsync procps-ng file
elif command -v zypper > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on OpenSUSE
# OpenSUSE
sudo zypper install -y curl expect git rsync
elif command -v apk > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Alpine
# Alpine
apk add curl expect git rsync
elif [ -d /Applications ] && [ -d /Library ]; then
# @description Ensure CLI developer tools are available on macOS (via `xcode-select`)
# macOS
sudo xcode-select -p >/dev/null 2>&1 || xcode-select --install
elif [[ "$OSTYPE" == 'cygwin' ]] || [[ "$OSTYPE" == 'msys' ]] || [[ "$OSTYPE" == 'win32' ]]; then
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Windows
# Windows
choco install -y curl expect git rsync
fi
fi

View file

@ -266,7 +266,7 @@ if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v
elif command -v pacman > /dev/null; then
# @description Ensure `base-devel`, `curl`, `expect`, `git`, `rsync`, `procps-ng`, and `file` are installed on Archlinux
sudo pacman update
sudo pacman -Sy base-devel curl expect git rsync procps-ng file
sudo pacman -Syu base-devel curl expect git rsync procps-ng file
elif command -v zypper > /dev/null; then
# @description Ensure `curl`, `expect`, `git`, `rsync`, `procps`, and `file` are installed on OpenSUSE (as well as the devel_basis pattern)
sudo zypper install -yt pattern devel_basis

View file

@ -699,6 +699,12 @@ softwarePackages:
brew: pigz
dnf: pigz
pacman: pigz
blocky:
_bin: blocky
_github: https://github.com/0xERR0R/blocky
_name: Blocky
brew: blocky
go: github.com/0xERR0R/blocky@mastergithub.com/0xERR0R/blocky@master
http-toolkit:
_github: https://github.com/httptoolkit/httptoolkit
_name: HTTP Toolkit
@ -1676,10 +1682,9 @@ softwarePackages:
_home: https://certbot.eff.org/
_name: CertBot
_snapClassic: true
ansible: professormanhattan.certbot
brew: certbot
port: certbot
snap: certbot
_post: pipx inject certbot certbot-dns-cloudflare
_post:windows: echo "Add method for Windows"
pipx: certbot
ugm:
_bin: ugm
_desc: A terminal based UNIX user and group browser