Latest
This commit is contained in:
parent
59e2e956a8
commit
e2be642b4b
16 changed files with 59 additions and 52 deletions
5
.vscode/settings.json
vendored
5
.vscode/settings.json
vendored
|
@ -101,5 +101,8 @@
|
|||
"workbench.welcomePage.walkthroughs.openOnInstall": false,
|
||||
"yaml.format.printWidth": 160,
|
||||
"yaml.format.singleQuote": true,
|
||||
"editor.acceptSuggestionOnEnter": "off"
|
||||
"editor.acceptSuggestionOnEnter": "off",
|
||||
"[shellscript]": {
|
||||
"editor.defaultFormatter": "foxundermoon.shell-format"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -5,10 +5,10 @@
|
|||
######################################
|
||||
|
||||
### CloudFlare
|
||||
[".local/etc/ssl/cloudflare/cloudflare/Cloudflare_CA.crt"]
|
||||
[".local/etc/ssl/cloudflare/Cloudflare_CA.crt"]
|
||||
type = "file"
|
||||
url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.crt"
|
||||
[".local/etc/ssl/cloudflare/cloudflare/Cloudflare_CA.pem"]
|
||||
[".local/etc/ssl/cloudflare/Cloudflare_CA.pem"]
|
||||
type = "file"
|
||||
url = "https://developers.cloudflare.com/cloudflare-one/static/documentation/connections/Cloudflare_CA.pem"
|
||||
|
||||
|
|
|
@ -34,7 +34,7 @@ if command -v netdata-claim.sh > /dev/null; then
|
|||
ensureNetdataOwnership
|
||||
|
||||
# netdata-claim.sh must be run as netdata user
|
||||
sudo -H -u netdata bash -c 'export NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}" && export NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}" && netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"'
|
||||
sudo -H -u netdata bash -c 'export NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}" && export NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}" && yes | netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"'
|
||||
|
||||
# Kernel optimizations
|
||||
# These are mentioned while installing via the kickstart.sh script method. We are using Homebrew for the installation though.
|
||||
|
|
|
@ -52,7 +52,7 @@ if command -v powerline > /dev/null && [ -f "$HOME/.bashrc" ]; then
|
|||
if ls "$BASH_IT/enabled" | grep "$COMPLETION" > /dev/null; then
|
||||
rm -f "$BASH_IT/enabled/"*"$COMPLETION"* > /dev/null && logg info "Removed old $COMPLETION bash-it completion symlink" || logg error "Failed to remove $COMPLETION bash-it completion symlink"
|
||||
fi
|
||||
echo y | bash-it enable completion "$COMPLETION" > /dev/null && logg info "Enabled the bash-it $COMPLETION completion plugin" || logg error "Failed to install the $COMPLETION bash-it completion plugin"
|
||||
yes | bash-it enable completion "$COMPLETION" > /dev/null && logg info "Enabled the bash-it $COMPLETION completion plugin" || logg error "Failed to install the $COMPLETION bash-it completion plugin"
|
||||
done
|
||||
|
||||
### Ensure plugins are enabled
|
||||
|
@ -62,7 +62,7 @@ if command -v powerline > /dev/null && [ -f "$HOME/.bashrc" ]; then
|
|||
if ls "$BASH_IT/enabled" | grep "$PLUGIN" > /dev/null; then
|
||||
rm -f "$BASH_IT/enabled/"*"$PLUGIN"* > /dev/null && logg info "Removed old $PLUGIN bash-it plugin symlink" || logg error "Failed to remove $PLUGIN bash-it plugin symlink"
|
||||
fi
|
||||
echo y | bash-it enable plugin "$PLUGIN" > /dev/null && logg info "Enabled the bash-it $PLUGIN plugin" || logg error "Failed to install the $PLUGIN bash-it plugin"
|
||||
yes | bash-it enable plugin "$PLUGIN" > /dev/null && logg info "Enabled the bash-it $PLUGIN plugin" || logg error "Failed to install the $PLUGIN bash-it plugin"
|
||||
done
|
||||
else
|
||||
logg warn 'The path specified by BASH_IT does not exist yet'
|
||||
|
|
|
@ -235,29 +235,10 @@ else
|
|||
fi
|
||||
|
||||
{{- $registrationToken := "" }}
|
||||
echo "{{ .host.hostname }}"
|
||||
echo "{{ joinPath .host.home ".config" "age" "chezmoi.txt" }}"
|
||||
echo "{{ joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname }}"
|
||||
echo "{{ stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname) }}"
|
||||
{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname)) -}}
|
||||
echo "IN HEREEE"
|
||||
{{- $registrationToken = (includeTemplate (print "cloudflared/" .host.hostname) | decrypt) -}}
|
||||
{{- end }}
|
||||
### Set up CloudFlare tunnels
|
||||
echo 'Registration token debug:'
|
||||
echo -n '{{ includeTemplate (print "cloudflared/" .host.hostname) | decrypt }}'
|
||||
echo "ZZZZZZZZZZZZ"
|
||||
echo ""
|
||||
echo ""
|
||||
echo -n '{{ $registrationToken }}'
|
||||
echo ""
|
||||
echo "OOOOOOOOOOOOO"
|
||||
echo ""
|
||||
echo '{{ $registrationToken }}'
|
||||
echo ""
|
||||
echo '555555'
|
||||
set -ex
|
||||
echo '{{ stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .host.hostname) }}
|
||||
if command -v cloudflared > /dev/null && [ -d "$HOME/.local/etc/cloudflared" ]; then
|
||||
# Show warning message about ~/.cloudflared already existing
|
||||
if [ -d "$HOME/.cloudflared" ]; then
|
||||
|
@ -276,7 +257,7 @@ if command -v cloudflared > /dev/null && [ -d "$HOME/.local/etc/cloudflared" ];
|
|||
logg info 'Creating a CloudFlare tunnel to this host'
|
||||
sudo cloudflared tunnel create "host-{{ .host.hostname }}"
|
||||
fi
|
||||
TUNNEL_ID="$(sudo cloudflared tunnel list | grep "host-{{ .host.hostname }}" | sed 's/ .*//')"
|
||||
TUNNEL_ID="$(sudo cloudflared tunnel list | grep 'host-{{ .host.hostname }}' | sed 's/ .*//')"
|
||||
logg info "Tunnel ID: $TUNNEL_ID"
|
||||
if [ -f "/usr/local/etc/cloudflared/${TUNNEL_ID}.json" ]; then
|
||||
logg info 'Symlinking tunnel configuration to /usr/local/etc/cloudflared/credentials.json'
|
||||
|
|
|
@ -2,6 +2,10 @@
|
|||
"age"
|
||||
"base-devel"
|
||||
"ccid"
|
||||
"curl"
|
||||
"expect"
|
||||
"file"
|
||||
"git"
|
||||
"gnome"
|
||||
"hopenpgp-tools"
|
||||
"libaio"
|
||||
|
@ -14,8 +18,10 @@
|
|||
"npm"
|
||||
"openssl"
|
||||
"pcsclite"
|
||||
"procps-ng"
|
||||
"progress"
|
||||
"readline"
|
||||
"rsync"
|
||||
"sddm"
|
||||
"secure-delete"
|
||||
"tk"
|
||||
|
|
|
@ -141,8 +141,8 @@ if [ "$BASH_SUPPORT" = 'true' ]; then
|
|||
fi
|
||||
|
||||
### Sheldon
|
||||
export SHELDON_CONFIG_FILE="$SHELDON_CONFIG_DIR/plugins.bash.toml"
|
||||
! command -v sheldon > /dev/null || eval "$(sheldon source)"
|
||||
export SHELDON_CONFIG_FILE="${SHELDON_CONFIG_DIR:-${XDG_CONFIG_HOME:-$HOME/.config}/sheldon}}/plugins.bash.toml"
|
||||
! command -v sheldon > /dev/null || eval "$(command sheldon source)"
|
||||
|
||||
### Up
|
||||
[ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" ] || source "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh"
|
||||
|
|
|
@ -14,8 +14,9 @@ shell = "bash"
|
|||
|
||||
[plugins]
|
||||
|
||||
[plugins.sheldon]
|
||||
inline = 'sheldon() { sheldon completions --shell bash }'
|
||||
# TODO: Make this import the sheldon completions and cache them
|
||||
# [plugins.sheldon]
|
||||
# inline = 'sheldon() { sheldon completions --shell bash }'
|
||||
|
||||
[plugins.wp]
|
||||
remote = "https://raw.githubusercontent.com/wp-cli/wp-cli/v2.7.1/utils/wp-completion.bash"
|
||||
|
|
|
@ -14,5 +14,6 @@ shell = "fish"
|
|||
|
||||
[plugins]
|
||||
|
||||
[plugins.sheldon]
|
||||
inline = 'sheldon() { sheldon completions --shell fish }'
|
||||
# TODO: Make this import the sheldon completions and cache them
|
||||
# [plugins.sheldon]
|
||||
# inline = 'sheldon() { sheldon completions --shell fish }'
|
||||
|
|
|
@ -14,5 +14,6 @@ shell = "zsh"
|
|||
|
||||
[plugins]
|
||||
|
||||
[plugins.sheldon]
|
||||
inline = 'sheldon() { sheldon completions --shell zsh }'
|
||||
# TODO: Make this import the sheldon completions and cache them
|
||||
# [plugins.sheldon]
|
||||
# inline = 'sheldon() { sheldon completions --shell zsh }'
|
||||
|
|
|
@ -15,6 +15,15 @@
|
|||
# TODO: Integrate this into flow
|
||||
|
||||
if command -v certbot > /dev/null; then
|
||||
### Ensure configuration files are in place
|
||||
if [ -f "$HOME/.local/etc/letsencrypt/dns-cloudflare.ini" ] && [ -f "$HOME/.local/etc/letsencrypt/letsencryptcli.ini" ]; then
|
||||
logg info 'Copying Lets Encrypt / Certbot configurations to /etc/letsencrypt'
|
||||
sudo mkdir -p /etc/letsencrypt
|
||||
sudo cp -f "$HOME/.local/etc/letsencrypt/dns-cloudflare.ini" /etc/letsencrypt/dns-cloudflare.ini
|
||||
sudo cp -f "$HOME/.local/etc/letsencrypt/letsencryptcli.ini" /etc/letsencrypt/letsencryptcli.ini
|
||||
fi
|
||||
|
||||
### Ensure certificate is present
|
||||
if [ -f '/etc/letsencrypt/live/{{ .host.domain }}/cert.pem' ]; then
|
||||
logg info 'LetsEncrypt SSL certificate is already available'
|
||||
else
|
||||
|
@ -22,7 +31,7 @@ if command -v certbot > /dev/null; then
|
|||
certbot certonly --noninteractive --dns-cloudflare --agree-tos --email '{{ .user.cloudflare.username }}' --dns-cloudflare-propagation-seconds 14 -d '*.{{ .host.domain }},*.lab.{{ .host.domain }},*.{{ .host.hostname | replace .host.domain "" | replace "." "" }}.{{ .host.domain }}'
|
||||
fi
|
||||
|
||||
### Setup cronjob
|
||||
### Setup renewal cronjob
|
||||
if ! sudo crontab -l | grep "$(which certbot) renew --quiet" > /dev/null; then
|
||||
TMP="$(mktemp)"
|
||||
echo "30 3 * * * $(which certbot) renew --quiet" > "$TMP"
|
||||
|
|
|
@ -446,8 +446,8 @@ elif [ -f "$SDKMAN_DIR/bin/sdkman-init.sh" ]; then
|
|||
fi
|
||||
|
||||
### Sheldon
|
||||
export SHELDON_CONFIG_FILE="$SHELDON_CONFIG_DIR/plugins.zsh.toml"
|
||||
! command -v sheldon > /dev/null || eval "$(sheldon source)"
|
||||
export SHELDON_CONFIG_FILE="${SHELDON_CONFIG_DIR:-${XDG_CONFIG_HOME:-$HOME/.config}/sheldon}}/plugins.zsh.toml"
|
||||
! command -v sheldon > /dev/null || eval "$(command sheldon source)"
|
||||
|
||||
### Up
|
||||
[ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh" ] || source "${XDG_DATA_HOME:-$HOME/.local/share}/up/up.sh"
|
||||
|
|
|
@ -305,7 +305,7 @@ if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v
|
|||
elif command -v pacman > /dev/null; then
|
||||
# Archlinux
|
||||
sudo pacman update
|
||||
sudo pacman -Sy curl expect git rsync
|
||||
sudo pacman -Syu base-devel curl expect git rsync procps-ng file
|
||||
elif command -v zypper > /dev/null; then
|
||||
# OpenSUSE
|
||||
sudo zypper install -y curl expect git rsync
|
||||
|
|
|
@ -1,29 +1,29 @@
|
|||
if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v expect > /dev/null || ! command -v rsync > /dev/null; then
|
||||
if command -v apt-get > /dev/null; then
|
||||
# @description Ensure `build-essential`, `curl`, `expect`, `git`, and `rsync` are installed on Debian / Ubuntu
|
||||
# Debian / Ubuntu
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y build-essential curl expect git rsync
|
||||
elif command -v dnf > /dev/null; then
|
||||
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Fedora
|
||||
# Fedora
|
||||
sudo dnf install -y curl expect git rsync
|
||||
elif command -v yum > /dev/null; then
|
||||
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on CentOS
|
||||
# CentOS
|
||||
sudo yum install -y curl expect git rsync
|
||||
elif command -v pacman > /dev/null; then
|
||||
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Archlinux
|
||||
# Archlinux
|
||||
sudo pacman update
|
||||
sudo pacman -Sy curl expect git rsync
|
||||
sudo pacman -Syu base-devel curl expect git rsync procps-ng file
|
||||
elif command -v zypper > /dev/null; then
|
||||
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on OpenSUSE
|
||||
# OpenSUSE
|
||||
sudo zypper install -y curl expect git rsync
|
||||
elif command -v apk > /dev/null; then
|
||||
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Alpine
|
||||
# Alpine
|
||||
apk add curl expect git rsync
|
||||
elif [ -d /Applications ] && [ -d /Library ]; then
|
||||
# @description Ensure CLI developer tools are available on macOS (via `xcode-select`)
|
||||
# macOS
|
||||
sudo xcode-select -p >/dev/null 2>&1 || xcode-select --install
|
||||
elif [[ "$OSTYPE" == 'cygwin' ]] || [[ "$OSTYPE" == 'msys' ]] || [[ "$OSTYPE" == 'win32' ]]; then
|
||||
# @description Ensure `curl`, `expect`, `git`, and `rsync` are installed on Windows
|
||||
# Windows
|
||||
choco install -y curl expect git rsync
|
||||
fi
|
||||
fi
|
|
@ -266,7 +266,7 @@ if ! command -v curl > /dev/null || ! command -v git > /dev/null || ! command -v
|
|||
elif command -v pacman > /dev/null; then
|
||||
# @description Ensure `base-devel`, `curl`, `expect`, `git`, `rsync`, `procps-ng`, and `file` are installed on Archlinux
|
||||
sudo pacman update
|
||||
sudo pacman -Sy base-devel curl expect git rsync procps-ng file
|
||||
sudo pacman -Syu base-devel curl expect git rsync procps-ng file
|
||||
elif command -v zypper > /dev/null; then
|
||||
# @description Ensure `curl`, `expect`, `git`, `rsync`, `procps`, and `file` are installed on OpenSUSE (as well as the devel_basis pattern)
|
||||
sudo zypper install -yt pattern devel_basis
|
||||
|
|
13
software.yml
13
software.yml
|
@ -699,6 +699,12 @@ softwarePackages:
|
|||
brew: pigz
|
||||
dnf: pigz
|
||||
pacman: pigz
|
||||
blocky:
|
||||
_bin: blocky
|
||||
_github: https://github.com/0xERR0R/blocky
|
||||
_name: Blocky
|
||||
brew: blocky
|
||||
go: github.com/0xERR0R/blocky@mastergithub.com/0xERR0R/blocky@master
|
||||
http-toolkit:
|
||||
_github: https://github.com/httptoolkit/httptoolkit
|
||||
_name: HTTP Toolkit
|
||||
|
@ -1676,10 +1682,9 @@ softwarePackages:
|
|||
_home: https://certbot.eff.org/
|
||||
_name: CertBot
|
||||
_snapClassic: true
|
||||
ansible: professormanhattan.certbot
|
||||
brew: certbot
|
||||
port: certbot
|
||||
snap: certbot
|
||||
_post: pipx inject certbot certbot-dns-cloudflare
|
||||
_post:windows: echo "Add method for Windows"
|
||||
pipx: certbot
|
||||
ugm:
|
||||
_bin: ugm
|
||||
_desc: A terminal based UNIX user and group browser
|
||||
|
|
Loading…
Reference in a new issue