{{- $cloudflareR2AccountId := (default "84fa0d1b16ff8086dd958c468ce7fd59" (env "CLOUDFLARE_R2_ID")) -}} {{- $cloudflareUsername := (default "brian@megabyte.space" (env "CLOUDFLARE_USERNAME")) -}} {{- $cloudflareTeamsOrg := (default "manhattan" (env "CLOUDFLARE_TEAMS_ORG")) -}} {{- $desktopSession := true -}} {{- $domain := (default "megabyte.space" (env "PUBLIC_SERVICES_DOMAIN")) -}} {{- $email := (default "brian@megabyte.space" (env "PRIMARY_EMAIL")) -}} {{- $gcloudCoreProject := (default "megabyte-labs" (env "CLOUDSDK_CORE_PROJECT"))}} {{- $gcloudEmail := (default "automation@megabyte-labs.iam.gserviceaccount.com" (env "GCE_SERVICE_ACCOUNT_EMAIL"))}} {{- $githubUsername := (default "ProfessorManhattan" (env "GITHUB_USERNAME")) -}} {{- $gmailAddress := (default "blzalewski@gmail.com" (env "GMAIL_ADDRESS")) -}} {{- $gpgKeyId := (default "0xF0A300E4199A1C33" (env "KEYID")) -}} {{- $hostname := (default "betelgeuse" (env "HOST")) -}} {{- $locale := (default "en_US" (env "LANG")) }} {{- $name := (default "Brian Zalewski" (env "FULL_NAME")) -}} {{- $restricted := (default false (env "WORK_ENVIRONMENT")) -}} {{- $snapcraftEmail := (default "brian@megabyte.space" (env "SNAPCRAFT_EMAIL"))}} {{- $surgeshUsername := (default "brian@megabyte.space" (env "SURGESH_USERNAME")) -}} {{- $timezone := (default "America/New_York" (env "TIMEZONE")) -}} {{- $toolchains := list "CLI-Extras" "Docker" "Go" "Kubernetes" "Web-Development" -}} {{- $work := (default false (env "WORK_ENVIRONMENT")) -}} {{- if and (ne .chezmoi.os "darwin") (ne .chezmoi.os "windows") (not (env "DISPLAY")) -}} {{- $desktopSession = false -}} {{- end -}} {{- $softwareGroup := (default "Standard" (env "SOFTWARE_GROUP")) -}} {{- if $desktopSession -}} {{- $softwareGroup = replace "-Desktop-Desktop" "-Desktop" (list $softwareGroup "-Desktop" | join "") -}} {{- end -}} {{- $data := . }} {{- $_ := set $data "host" (default (dict) (get $data "host")) -}} {{- $_ := set $data "user" (default (dict) (get $data "user")) -}} {{- $_ := set $data "toolchains" (default (dict) (get $data "toolchains")) -}} {{- $headless := false -}} {{- $ephemeral := false -}} {{/* detect GitHub codespaces, VSCode remote containers, Docker containers, Multipass VMs, and Vagrant boxes */}} {{- $ephemeralEnvOrUsername := or (env "CODESPACES") (env "REMOTE_CONTAINERS_IPC") (eq .chezmoi.username "root" "ubuntu" "vagrant" "vscode" "devcontainer") -}} {{- $ephemeralCgroup := and (stat "/proc/1/cgroup") (output "cat" "/proc/1/cgroup" | regexMatch "(docker|lxc)") -}} {{- if or $ephemeralEnvOrUsername $ephemeralCgroup -}} {{- $headless = true -}} {{- $ephemeral = true -}} {{- writeToStdout "Chezmoi is running in a container.\n" -}} {{- end -}} {{- $chassisType := "desktop" }} {{- if $ephemeral -}} {{- $chassisType = "ephemeral" }} {{- else if eq .chezmoi.os "linux" }} {{- if (.chezmoi.kernel.osrelease | lower | contains "microsoft") -}} {{- $chassisType = "wsl" }} {{- else -}} {{- $chassisType = "todo-get-from-hostnamectl" }} {{- end -}} {{- else if eq .chezmoi.os "darwin" }} {{- if contains "MacBook" (output "sysctl" "-n" "hw.model") }} {{- $chassisType = "laptop" }} {{- else }} {{- $chassisType = "desktop" }} {{- end }} {{- else if eq .chezmoi.os "windows" }} {{- $chassisType = (output "powershell.exe" "-noprofile" "-command" "if (Get-WmiObject -Class win32_battery -ComputerName localhost) { echo laptop } else { echo desktop }") }} {{- end }} {{- $cpuCores := 1 }} {{- $cpuThreads := 1 }} {{- if eq .chezmoi.os "darwin" }} {{- $cpuCores = (output "sysctl" "-n" "hw.physicalcpu_max") | trim | atoi }} {{- $cpuThreads = (output "sysctl" "-n" "hw.logicalcpu_max") | trim | atoi }} {{- else if eq .chezmoi.os "linux" }} {{- $cpuCores = (output "sh" "-c" "lscpu --online --parse | grep --invert-match '^#' | sort --field-separator=',' --key='2,4' --unique | wc --lines") | trim | atoi }} {{- $cpuThreads = (output "sh" "-c" "lscpu --online --parse | grep --invert-match '^#' | wc --lines") | trim | atoi }} {{- else if eq .chezmoi.os "windows" }} {{- $cpuCores = (output "powershell.exe" "-NoProfile" "-NonInteractive" "-Command" "(Get-CimInstance -ClassName 'Win32_Processor').NumberOfCores") | trim | atoi }} {{- $cpuThreads = (output "powershell.exe" "-NoProfile" "-NonInteractive" "-Command" "(Get-CimInstance -ClassName 'Win32_Processor').NumberOfLogicalProcessors") | trim | atoi }} {{- end }} {{- $toolchainsEnabled := dict }} {{- range $toolchain := $toolchains }} {{- $withoutToolchains := env "WITHOUT_TOOLCHAINS" -}} {{- $withoutToolchain := env (list "WITHOUT" (upper $toolchain) | join "_") -}} {{- $withToolchain := env (list "WITH" (upper $toolchain) | join "_") -}} {{- if and (or $withoutToolchains $withoutToolchain) (not $withToolchain) -}} {{- writeToStdout (list "Disabled" $toolchain "toolchain.\n" | join " ") -}} {{- $_ := set $toolchainsEnabled $toolchain true }} {{- else }} {{- $_ := set $toolchainsEnabled $toolchain true }} {{- end}} {{- end }} {{- if stdinIsATTY -}} {{- if (eq .chezmoi.os "darwin") -}} {{- if (contains "managed Mac computers" (output "/usr/libexec/ApplicationFirewall/socketfilterfw" "--getglobalstate")) -}} {{- $work = true -}} {{- else }} {{- $work = false -}} {{- end -}} {{- else if not (env "WORK_ENVIRONMENT") -}} {{- $work = promptBoolOnce $data.host "work" "Work environment" $work -}} {{- end -}} {{- if not (env "RESTRICTED_ENVIRONMENT") -}} {{- $restricted = promptBoolOnce $data.host "restricted" "Restricted environment (i.e. no sudo)" $restricted -}} {{- end -}} {{- if not (env "SOFTWARE_GROUP") -}} {{- $softwareGroup = promptStringOnce $data.host "softwareGroup" "Software group" $softwareGroup -}} {{- end -}} {{- if not (env "FULL_NAME") -}} {{- $name = promptStringOnce $data.user "name" "Full name" $name -}} {{- end -}} {{- if not (env "PRIMARY_EMAIL") -}} {{- $email = promptStringOnce $data.user "email" "Primary e-mail address" $email -}} {{- end -}} {{- if not (env "PUBLIC_SERVICES_DOMAIN") -}} {{- $domain = promptStringOnce $data.user "domain" "Domain name" $domain -}} {{- end -}} {{- if not (env "HOST") -}} {{- $hostname = promptStringOnce $data.host "hostname" "Hostname ID" $hostname -}} {{- end -}} {{- else -}} {{- $headless = true -}} {{- writeToStdout "Chezmoi is running in headless environment.\n" -}} {{- end -}} {{- $sambaNetBiosName := (default $hostname (env "SAMBA_NETBIOS_NAME")) -}} {{- $sambaWorkGroupName := (default "BETELGEUSE" (env "SAMBA_WORKGROUP")) -}} {{- $wazuhManager := (default (print "wazuh." $domain) (env "WAZUH_MANAGER")) -}} encryption: "age" age: identity: "{{ .chezmoi.homeDir }}/.config/age/chezmoi.txt" recipient: "age1necy24c4lzxheey4p2m8v4q000n442wyv47qc640ulyxx9l8dpesdqv7ey" gpg: recipient: "{{ $gpgKeyId }}" data: host: arch: "{{ .chezmoi.arch }}" cloudflare: teamsOrg: "{{ $cloudflareTeamsOrg }}" cpu: cores: "{{ $cpuCores }}" threads: "{{ $cpuThreads }}" desktopSession: "{{ $desktopSession }}" distro: family: "{{ .chezmoi.os }}" id: "{{ get .chezmoi.osRelease "id" | default .chezmoi.os }}" dns: primary: 10.0.0.1#dns.megabyte.space secondary: 1.1.1.1#cloudflare-dns.com docker: doRegion: nyc1 domain: "{{ $domain }}" gitlabRunners: - glurl: "https://gitlab.com/" runnerDescription: "Docker executor" runnerImage: "alpine:latest" runnerTags: "alpine,linux" - glurl: "https://gitlab.com/" baseVM: "debian" runnerDescription: "VirtualBox executor - Debian, OpenJDK 20" runnerTags: "bash,openjdk20,linux" headless: {{ $headless }} home: "{{ .chezmoi.homeDir }}" homeParentFolder: "{{ if eq .chezmoi.os "linux" }}/home{{ else if eq .chezmoi.os "darwin" }}/Users{{ else }}C:\Users{{ end }}" hostname: "{{ $hostname }}" samba: netbiosName: "{{ $sambaNetBiosName }}" workgroup: "{{ $sambaWorkGroupName }}" ssh: allowTCPForwarding: no allowUsers: {{ output "echo" "$USER" }} endlesshPort: 22 port: 2214 vpn: excludedSubnets: - 10.0.0.0/24 - 10.14.50.0/24 - 192.168.1.0/24 qubes: {{ stat (joinPath "usr" "bin" "qubes-session") }} restricted: {{ $restricted }} softwareGroup: "{{ $softwareGroup }}" type: "{{ $chassisType }}" wazuhManager: "{{ $wazuhManager }}" work: {{ $work }} toolchains: {{- range $toolchain, $enabled := $toolchainsEnabled }} {{ $toolchain}}: {{ $enabled }} {{- end }} user: cloudflare: r2: "{{ $cloudflareR2AccountId }}" username: "{{ $cloudflareUsername }}" defaultBrowser: chrome defaultBrowserDarwin: chrome digitalOceanClusterId: b7fc4e37-ffe7-4ea1-887a-0e19ee077f32 # `domain` is kept here for backwards compatibility, but the .host.domain is the preferred selector domain: "{{ $domain }}" email: "{{ $email }}" gcloud: coreProject: "{{ $gcloudCoreProject }}" email: "{{ $gcloudEmail }}" github: username: "{{ $githubUsername }}" gitomatic: - git: "{{ default "git@github.com:megabyte-labs/install.doctor.git" (env "START_REPO") }}" path: /usr/local/src/install.doctor gmail: username: "{{ $gmailAddress }}" gpg: id: "{{ $gpgKeyId }}" holdSudoPrivileges: true locale: "{{ $locale }}" name: "{{ $name }}" snapcraft: username: "{{ $snapcraftEmail }}" surgesh: username: "{{ $surgeshUsername }}" timezone: "{{ $timezone }}" tinypngKey: "g355tx7dxG5yJfl0RXJnpQlQqk88dJBv" username: "{{ default "user" (env "USER") }}" weatherZipCode: 07960 diff: format: "git" pager: "delta" git: autoCommit: true autoPush: true textconv: - pattern: "**/*.plist" command: "plutil" args: - "-convert" - "xml1" - "-o" - "-" - "-"