Update 20 files

- /system/usr/local/bin/executable_rclone-mount
- /system/etc/systemd/system/r2-docker.service
- /system/etc/systemd/system/r2-{{ .user.username }}.service.tmpl
- /system/etc/sanoid/sanoid.conf.TODO
- /system/etc/cockpit/machines.d/TODO.cockpit-machine.json.tmpl
- /system/etc/keybase/config.json
- /system/etc/rcloneignore
- /system/.chezmoidata.yaml
- /system/.chezmoiexternal.toml
- /system/.chezmoiignore
- /home/dot_config/rclone/rcloneignore
- /home/dot_config/rclone/s3-docker.service.tmpl
- /home/dot_config/rclone/s3-user.service.tmpl
- /home/dot_config/rclone/merge_rclone.conf
- /home/dot_config/cockpit/machines.d/cockpit-machine.json.TODO
- /home/dot_config/keybase/config.json
- /home/.chezmoiscripts/universal/run_onchange_after_14-keybase.tmpl
- /home/.chezmoiscripts/universal/run_onchange_after_20-font.tmpl
- /home/.chezmoiscripts/universal/run_onchange_after_50-rclone.tmpl
- /home/.chezmoiexternal.toml
This commit is contained in:
Brian Zalewski 2023-01-29 06:55:46 +00:00
parent 9037474d22
commit e43ff06510
16 changed files with 98 additions and 214 deletions

View file

@ -138,6 +138,19 @@
clone.args = ["--depth", "1"] clone.args = ["--depth", "1"]
pull.args = ["--ff-only"] pull.args = ["--ff-only"]
### NGINX
[".local/system/etc/nginx"]
type = "git-repo"
url = "https://gitlab.com/megabyte-labs/cloud/nginx-configs.git"
clone.args = ["--depth", "1"]
pull.args = ["--ff-only"]
### Rundeck
[".local/system/src/var/lib/rundeck/libext/ansible-plugin-3.2.2.jar"]
type = "file"
url = "https://github.com/rundeck-plugins/ansible-plugin/releases/download/v3.2.2/ansible-plugin-3.2.2.jar"
refreshPeriod = "{{ $refreshPeriod }}"
### CookieCutter Template ### CookieCutter Template
[".local/src/cookiecutter"] [".local/src/cookiecutter"]
type = "git-repo" type = "git-repo"

View file

@ -0,0 +1,18 @@
{{- if eq .host.distro.family "linux" -}}
#!/usr/bin/env bash
# timeshift.json hash: {{ include (joinPath .chezmoi.homeDir ".config" "keybase" "config.json") | sha256sum }}
{{ includeTemplate "universal/profile" }}
{{ includeTemplate "universal/logg" }}
if command -v keybase > /dev/null; then
logg info 'Ensuring /etc/keybase is a directory'
sudo mkdir -p /etc/keybase
KEYBASE_CONFIG="${XDG_CONFIG_HOME:-$HOME/.config}/keybase/config.json"
logg info "Copying $KEYBASE_CONFIG to /etc/keybase/config.json"
sudo cp -f "$KEYBASE_CONFIG" /etc/keybase/config.json
else
logg info 'The `keybase` executable is not available'
fi

View file

@ -4,6 +4,23 @@
{{ includeTemplate "universal/profile" }} {{ includeTemplate "universal/profile" }}
{{ includeTemplate "universal/logg" }} {{ includeTemplate "universal/logg" }}
# font config hash: {{ include (joinPath .host.home ".config" "fontconfig" "fonts.conf") | sha256sum }}
### Sync user fonts with system fonts
if [ -d /Applications ] && [ -d /System ]; then
# macOS
logg info 'Copying fonts from ~/Library/Fonts and ~/.local/share/fonts to /Library/Fonts to make them available globally'
FONT_DIR='/Library/Fonts'
sudo rsync -av "$HOME/Library/Fonts" "$FONT_DIR"
sudo rsync -av "$HOME/.local/share/fonts" "$FONT_DIR"
else
# Linux
logg info 'Copying fonts from ~/.local/share/fonts to /usr/local/share/fonts to make them available globally'
FONT_DIR='/usr/local/share/fonts'
sudo rsync -av "$HOME/.local/share/fonts" "$FONT_DIR"
fi
### Configure system font properties
if [ -d /etc/fonts ]; then if [ -d /etc/fonts ]; then
logg info 'Copying ~/.config/fontconfig/fonts.conf to /etc/fonts/local.conf' logg info 'Copying ~/.config/fontconfig/fonts.conf to /etc/fonts/local.conf'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/fontconfig/fonts.conf" /etc/fonts/local.conf sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/fontconfig/fonts.conf" /etc/fonts/local.conf

View file

@ -9,6 +9,10 @@ if rclone -v rclone > /dev/null; then
sudo mkdir -p /var/cache/rclone sudo mkdir -p /var/cache/rclone
sudo chmod 700 /var/cache/rclone sudo chmod 700 /var/cache/rclone
logg info 'Ensuring /var/log/rclone exists'
sudo mkdir -p /var/log/rclone
sudo chmod 700 /var/log/rclone
logg info 'Ensuring /mnt/s3-docker exists' logg info 'Ensuring /mnt/s3-docker exists'
sudo mkdir -p /mnt/s3-docker sudo mkdir -p /mnt/s3-docker
sudo chmod 700 /mnt/s3-docker sudo chmod 700 /mnt/s3-docker
@ -17,7 +21,23 @@ if rclone -v rclone > /dev/null; then
sudo cp -f "$HOME/.local/bin/rclone-mount" /usr/local/bin/rclone-mount sudo cp -f "$HOME/.local/bin/rclone-mount" /usr/local/bin/rclone-mount
sudo chmod +x /usr/local/bin/rclone-mount sudo chmod +x /usr/local/bin/rclone-mount
logg info 'Adding ~/.config/rclone/rcloneignore to /etc/rcloneignore'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/rcloneignore" /etc/rcloneignore
sudo chmod 644 /etc/rcloneignore
if [ -d /etc/systemd/system ]; then
logg info 'Adding Docker S3 rclone mount (available at /mnt/docker-s3)'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/s3-docker.service" /etc/systemd/system/docker-s3.service
logg info 'Enabling / restarting the S3 Docker mount'
sudo systemctl enable docker-s3
sudo systemctl restart docker-s3
logg info 'Adding user S3 rclone mount (available at ~/.local/mnt/s3)'
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/rclone/s3-user.service" "/etc/systemd/system/${USER}-s3.service"
logg info 'Enabling / restarting the S3 user mount'
sudo systemctl enable "${USER}-s3"
sudo systemctl restart "${USER}-s3"
fi
else else
logg info '`rclone` is not available' logg info '`rclone` is not available'
fi fi

View file

@ -1,12 +1,11 @@
{{- if and (ne .user.CLOUDFLARE_ACCESS_KEY_ID "") (ne .user.CLOUDFLARE_SECRET_ACCESS_KEY "") (ne .user.CLOUDFLARE_R2_ACCOUNT_ID "") }} {{- if and (ne .user.CLOUDFLARE_ACCESS_KEY_ID "") (ne .user.CLOUDFLARE_SECRET_ACCESS_KEY "") (ne .user.CLOUDFLARE_R2_ACCOUNT_ID "") }}
#!/usr/bin/env bash #!/usr/bin/env bash
# Consider https://github.com/dustinsand/blockinfile
CONFIG_FILE="$HOME/.config/rclone/rclone.conf" CONFIG_FILE="$HOME/.config/rclone/rclone.conf"
if cat "$CONFIG_FILE" | grep '# MEGABYTE LABS MANAGED r2-user'; then if cat "$CONFIG_FILE" | grep '# MEGABYTE LABS MANAGED S3'; then
# TODO: Remove old block # TODO: Remove old block
START_LINE="$(echo `grep -n -m 1 "# MEGABYTE LABS MANAGED r2-user" .zshrc | cut -f1 -d ":"`)" START_LINE="$(echo `grep -n -m 1 "# MEGABYTE LABS MANAGED S3" .zshrc | cut -f1 -d ":"`)"
END_LINE="$(echo `grep -n -m 1 "# MEGABYTE LABS MANAGED r2-user" .zshrc | cut -f1 -d ":"`)" END_LINE="$(echo `grep -n -m 1 "# MEGABYTE LABS MANAGED S3" .zshrc | cut -f1 -d ":"`)"
if command -v gsed > /dev/null; then if command -v gsed > /dev/null; then
gsed -i "$START_LINE,$END_LINEd" "$CONFIG_FILE" gsed -i "$START_LINE,$END_LINEd" "$CONFIG_FILE"
else else
@ -15,8 +14,8 @@ if cat "$CONFIG_FILE" | grep '# MEGABYTE LABS MANAGED r2-user'; then
fi fi
tee -a "$CONFIG_FILE" > /dev/null <<EOT tee -a "$CONFIG_FILE" > /dev/null <<EOT
# MEGABYTE LABS MANAGED r2-user # MEGABYTE LABS MANAGED S3
[r2-user] [{{ .user.username}}-s3]
type = s3 type = s3
provider = Cloudflare provider = Cloudflare
access_key_id = {{ .user.CLOUDFLARE_ACCESS_KEY_ID }} access_key_id = {{ .user.CLOUDFLARE_ACCESS_KEY_ID }}
@ -24,16 +23,22 @@ secret_access_key = {{ .user.CLOUDFLARE_SECRET_ACCESS_KEY }}
region = auto region = auto
endpoint = https://{{ .user.CLOUDFLARE_R2_ACCOUNT_ID }}.r2.cloudflarestorage.com endpoint = https://{{ .user.CLOUDFLARE_R2_ACCOUNT_ID }}.r2.cloudflarestorage.com
acl = private acl = private
# MEGABYTE LABS MANAGED r2-user
[do-private] [do-private]
type = s3 type = s3
provider = DigitalOcean provider = DigitalOcean
env_auth = false
access_key_id = your_spaces_access_key
secret_access_key = your_spaces_secret_key
endpoint = private.nyc3.digitaloceanspaces.com endpoint = private.nyc3.digitaloceanspaces.com
acl = private acl = private
[do-open] [do-open]
type = s3 type = s3
provider = DigitalOcean provider = DigitalOcean
env_auth = false
access_key_id = your_spaces_access_key
secret_access_key = your_spaces_secret_key
endpoint = open.nyc3.digitaloceanspaces.com endpoint = open.nyc3.digitaloceanspaces.com
acl = public-read acl = public-read
# MEGABYTE LABS MANAGED S3
EOT EOT
{{- end }} {{- end }}

View file

@ -0,0 +1,14 @@
[Unit]
Description=rclone S3 system service (docker)
After=network-online.target
[Service]
Type=simple
User=root
ExecStart=/usr/local/bin/rclone-mount "docker" "docker" "docker-s3"
ExecStop=/bin/fusermount -u /mnt/docker-s3
Restart=always
RestartSec=10
[Install]
WantedBy=default.target

View file

@ -1,13 +1,13 @@
[Unit] [Unit]
Description=rclone r2 user service ({{ .user.username }}) Description=rclone S3 user service ({{ .user.username }})
After=network-online.target After=network-online.target
[Service] [Service]
Type=simple Type=simple
User={{ .user.username }} User={{ .user.username }}
ExecStartPre=/usr/bin/mkdir /home/{{ .user.username }}/.local/mnt/r2 ExecStartPre=/usr/bin/mkdir -p /home/{{ .user.username }}/.local/mnt/s3
ExecStart=/usr/local/bin/rclone-mount "user" "{{ .user.username }}" "r2" ExecStart=/usr/local/bin/rclone-mount "user" "{{ .user.username }}" "s3"
ExecStop=/bin/fusermount -u /home/{{ .user.username }}/.local/mnt/r2 ExecStop=/bin/fusermount -u /home/{{ .user.username }}/.local/mnt/s3
Restart=always Restart=always
RestartSec=10 RestartSec=10

View file

@ -1,4 +0,0 @@
---
grub:
shiftToSeeMenu: false
theme: Betelgeuse

View file

@ -1,99 +0,0 @@
{{- if not .host.headless }}
## Betelgeuse Theme
["/usr/local/src/betelgeuse"]
type = "git-repo"
url = "https://gitlab.com/megabyte-labs/misc/betelgeuse.git"
clone.args = ["--depth", "1"]
pull.args = ["--ff-only"]
### Hack Nerd Font Download
{{- $refreshPeriod := "4800h" }}
{{- $fontDir := "" }}
{{- $fontUrlBase := "https://github.com/ryanoasis/nerd-fonts/raw/master/patched-fonts/Hack"}}
{{- if eq .host.distro.family "darwin" }}
{{- $fontDir = "/Library/Fonts" }}
{{- else if eq .host.distro.family "linux" }}
{{- $fontDir = "/usr/local/share/fonts" }}
{{- else if eq .host.distro.family "windows" }}
{{- $fontDir = "TODOWindows/Fonts" }}
{{- end }}
["{{ $fontDir }}/Hack-Regular-Nerd-Font.ttf"]
type = "file"
url = "{{ $fontUrlBase }}/Regular/complete/Hack%20Regular%20Nerd%20Font%20Complete{{if eq .host.distro.family "windows"}}%20Windows%20Compatible{{end}}.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
["{{ $fontDir }}/Hack-Bold-Nerd-Font.ttf"]
type = "file"
url = "{{ $fontUrlBase }}/Bold/complete/Hack%20Bold%20Nerd%20Font%20Complete{{if eq .host.distro.family "windows"}}%20Windows%20Compatible{{end}}.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
["{{ $fontDir }}/Hack-Italic-Nerd-Font.ttf"]
type = "file"
url = "{{ $fontUrlBase }}/Italic/complete/Hack%20Italic%20Nerd%20Font%20Complete{{if eq .host.distro.family "windows"}}%20Windows%20Compatible{{end}}.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
["{{ $fontDir }}/Hack-Bold-Italic-Nerd-Font.ttf"]
type = "file"
url = "{{ $fontUrlBase }}/BoldItalic/complete/Hack%20Bold%20Italic%20Nerd%20Font%20Complete{{if eq .host.distro.family "windows"}}%20Windows%20Compatible{{end}}.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
### Montserrat Font Download
{{- $fontUrlBase := "https://github.com/JulietaUla/Montserrat/raw/master/fonts/ttf/Montserrat-"}}
{{- $fonts := list "Black" "BlackItalic" "Bold" "BoldItalic" "ExtraBold" "ExtraBoldItalic" "ExtraLight" "ExtraLightItalic" "Italic" "Light" "LightItalic" "Medium" "MediumItalic" "Regular" "SemiBold" "SemiBoldItalic" "Thin" "ThinItalic" }}
{{- range $font := $fonts }}
["{{ $fontDir }}/Montserrat-{{ $font }}.ttf"]
type = "file"
url = "{{ $fontUrlBase }}{{ $font }}.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
{{- end }}
### ZillaSlab Font Download
{{- $fontUrlBase := "https://github.com/typotheque/zilla-slab/raw/master/fonts_TTF/ZillaSlab"}}
{{- $fonts := list "-Bold" "-BoldItalic" "-Italic" "-Light" "-LightItalic" "-Medium" "-MediumItalic" "-Regular" "-SemiBold" "-SemiBoldItalic" "Highlight-Bold" "Highlight-Regular" }}
{{- range $font := $fonts }}
["{{ $fontDir }}/ZillaSlab{{ $font }}.ttf"]
type = "file"
url = "{{ $fontUrlBase }}{{ $font }}.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
{{- end }}
### Rofi Fonts
["{{ $fontDir }}/GrapeNuts-Regular.ttf"]
type = "file"
url = "https://github.com/adi1090x/rofi/raw/master/fonts/GrapeNuts-Regular.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
["{{ $fontDir }}/Icomoon-Feather.ttf"]
type = "file"
url = "https://github.com/adi1090x/rofi/raw/master/fonts/Icomoon-Feather.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
["{{ $fontDir }}/Iosevka-Nerd-Font-Complete.ttf"]
type = "file"
url = "https://github.com/adi1090x/rofi/raw/master/fonts/Iosevka-Nerd-Font-Complete.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
["{{ $fontDir }}/JetBrains-Mono-Nerd-Font-Complete.ttf"]
type = "file"
url = "https://github.com/adi1090x/rofi/raw/master/fonts/JetBrains-Mono-Nerd-Font-Complete.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
### Miscellaneous Fonts Download
["{{ $fontDir }}/FontAwesome.ttf"]
type = "file"
# Source URL
url = "https://github.com/VermiumSifell/dotfiles/raw/main/dot_local/share/fonts/fontawesome.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
["{{ $fontDir }}/Weather-Icons.ttf"]
type = "file"
# Source URL
url = "https://github.com/VermiumSifell/dotfiles/raw/main/dot_local/share/fonts/weathericons.ttf"
refreshPeriod = "{{ $refreshPeriod }}"
{{- end }}
### NGINX
["/etc/nginx"]
type = "git-repo"
url = "https://gitlab.com/megabyte-labs/cloud/nginx-configs.git"
clone.args = ["--depth", "1"]
pull.args = ["--ff-only"]
### Rundeck
["/var/lib/rundeck/libext/ansible-plugin-3.2.2.jar"]
type = "file"
url = "https://github.com/rundeck-plugins/ansible-plugin/releases/download/v3.2.2/ansible-plugin-3.2.2.jar"
refreshPeriod = "{{ $refreshPeriod }}"

View file

@ -1,19 +0,0 @@
.chezmoiscripts/**/*
!.chezmoiscripts/{{ .host.distro.id }}/**/*
!.chezmoiscripts/universal/**/*
{{- if ne .host.distro.id "qubes" }}
boot/efi/EFI/qubes
etc/qubes
etc/yum.repos.d/qubes-dom0.repo
{{- end }}
{{- if ne .host.distro.family "linux" }}
boot
etc
usr
{{- end }}
{{- if eq .host.distro.family "windows" }}
usr/local/bin/executable_squash-symlink
{{- end }}

View file

@ -1,3 +0,0 @@
{
"disable-root-redirector": true
}

View file

@ -1,14 +0,0 @@
[Unit]
Description=rclone r2 system service (docker)
After=network-online.target
[Service]
Type=simple
User=docker
ExecStart=/usr/local/bin/rclone-mount "docker" "docker" "r2-docker"
ExecStop=/bin/fusermount -u /mnt/r2-docker
Restart=always
RestartSec=10
[Install]
WantedBy=default.target

View file

@ -1,64 +0,0 @@
#!/usr/bin/env sh
### Variables
TYPE="$1"
USER="$2"
MOUNT="$3"
if [ "$TYPE" = 'user' ]; then
CACHE_FOLDER="/home/$USER/.cache/rclone"
CONFIG_FOLDER="/home/$USER/.config/rclone"
LOG_FOLDER="/home/$USER/.local/log"
LOG_FILE="$LOG_FOLDER/$MOUNT.log"
MOUNT_PATH="/home/{{ .user.username }}/.local/mnt/$MOUNT"
elif [ "$TYPE" = 'docker' ]; then
CACHE_FOLDER="/var/cache/rclone/$MOUNT"
CONFIG_FOLDER="/etc"
LOG_FOLDER="/var/log/rclone"
LOG_FILE="$LOG_FOLDER/$MOUNT.log"
MOUNT_PATH="/mnt/$MOUNT"
else
CACHE_FOLDER="/var/cache/rclone"
CONFIG_FOLDER="/etc"
LOG_FOLDER="/var/log/rclone"
LOG_FILE="$LOG_FOLDER/$MOUNT.log"
MOUNT_PATH="/mnt/$MOUNT"
fi
### Ensure directories created
if [ ! -d "$CACHE_FOLDER" ]; then
mkdir -p "$CACHE_FOLDER"
fi
if [ ! -d "$CONFIG_FOLDER" ]; then
mkdir -p "$CONFIG_FOLDER"
fi
if [ ! -d "$LOG_FOLDER" ]; then
mkdir -p "$LOG_FOLDER"
fi
if [ ! -d "$MOUNT_PATH" ]; then
mkdir -p "$MOUNT_PATH"
fi
RCLONE_IGNORE="$CONFIG_FOLDER/rcloneignore"
if [ ! -f "$RCLONE_IGNORE" ] && [ -f "/etc/rcloneignore" ]; then
RCLONE_IGNORE='etc/rcloneignore'
fi
### Mount
/usr/bin/rclone --config="$CONFIG_FOLDER/rclone.conf" \
mount \
--cache-tmp-upload-path="$CACHE_FOLDER/$MOUNT-upload" \
--cache-chunk-path="$CACHE_FOLDER/$MOUNT-chunks" \
--cache-workers=8 \
--cache-writes \
--cache-dir="$CACHE_FOLDER/$MOUNT-vfs" \
--cache-db-path="$CACHE_FOLDER/$MOUNT-db" \
--log-file="$LOG_FILE" \
--no-modtime \
--drive-use-trash \
--stats=0 \
--checkers=16 \
--bwlimit=40M \
--dir-cache-time=60m \
--vfs-cache-mode full \
--cache-info-age=60m \
--filter-from="$RCLONE_IGNORE"
"$MOUNT":/ "$MOUNT_PATH"