95f3aa05a0
- /home/.chezmoiscripts/universal/run_onchange_after_14-warp.sh.tmpl - /home/.chezmoitemplates/secrets/key-cloudflare-r2-id - /home/.chezmoitemplates/secrets/key-cloudflare-r2-secret - /home/.chezmoitemplates/secrets/key-digitalocean-spaces-bucket - /home/.chezmoitemplates/secrets/key-digitalocean-spaces-key - /home/.chezmoitemplates/secrets/key-digitalocean-spaces-secret - /home/.chezmoiscripts/universal/run_onchange_before_14-warp.sh.tmpl - /home/.chezmoiscripts/disabled/run_onchange_after_14-warp.tmpl - /home/.chezmoiexternal.toml.tmpl - /home/dot_config/warp/private_mdm.xml.tmpl - /home/Library/Managed Preferences/private_com.cloudflare.warp.plist.tmpl - /home/.chezmoitemplates/secrets/CLOUDFLARE_R2_ID - /home/.chezmoitemplates/secrets/CLOUDFLARE_R2_SECRET - /home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_ID - /home/.chezmoitemplates/secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET
58 lines
3.1 KiB
Cheetah
58 lines
3.1 KiB
Cheetah
{{- if (ne .host.distro.family "windows") -}}
|
|
#!/usr/bin/env bash
|
|
# @file CloudFlare WARP
|
|
# @brief Configures and connects the CloudFlare WARP CLI to the CloudFlare network if `warp-cli` is installed.
|
|
# @description
|
|
# This script automatically connects CloudFlare WARP CLI by first ensuring that the environment is not a WSL environment
|
|
# and also by ensuring the `warp-cli` command is available. It then:
|
|
#
|
|
# 1. Automatically accepts the Terms of Service and registers the client with CloudFlare
|
|
# 2. Automatically connects to the CloudFlare network
|
|
# 3. Ensures Always-On Mode is enabled
|
|
# 4. Enrolls the client with CloudFlare teams (if the `CLOUDFLARE_TEAMS_CLIENT_ID` and `CLOUDFLARE_TEAMS_CLIENT_SECRET` variables are provided)
|
|
#
|
|
# There are also commented lines in this script that show how you can enable WARP+DNS and Family Mode, if you decide
|
|
# to leverage CloudFlare WARP CLI for anything other than securely connecting to CloudFlare Teams.
|
|
|
|
{{ includeTemplate "universal/profile" }}
|
|
{{ includeTemplate "universal/logg" }}
|
|
|
|
### Configure CloudFlare WARP (if not WSL and warp-cli is installed)
|
|
if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]] && command -v warp-cli > /dev/null; then
|
|
### Register CloudFlare WARP
|
|
if warp-cli --accept-tos status | grep 'Registration missing' > /dev/null; then
|
|
logg info 'Registering CloudFlare WARP'
|
|
warp-cli --accept-tos register
|
|
else
|
|
logg info 'Already registered with CloudFlare WARP'
|
|
fi
|
|
|
|
### Connect CloudFlare WARP
|
|
if warp-cli --accept-tos status | grep 'Disconnected' > /dev/null; then
|
|
logg info 'Connecting to CloudFlare WARP'
|
|
warp-cli --accept-tos connect
|
|
else
|
|
logg info 'Already connected to CloudFlare WARP'
|
|
fi
|
|
|
|
### Enable Always-On mode
|
|
logg info 'Enabling always-on mode'
|
|
warp-cli --accept-tos enable-always-on
|
|
|
|
### Enable Family Mode
|
|
# logg info 'Enabling family-mode'
|
|
# warp-cli --accept-tos set-families-mode full
|
|
|
|
### Enable WARP+DNS mode
|
|
# logg info 'Enabling WARP+DNS mode'
|
|
# warp-cli set-mode warp+doh
|
|
|
|
# TODO
|
|
{{ if and (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_TEAMS_CLIENT_ID"))) (env "CLOUDFLARE_TEAMS_CLIENT_ID")) (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_TEAMS_CLIENT_SECRET"))) (env "CLOUDFLARE_TEAMS_CLIENT_SECRET")) -}}
|
|
### Enroll with CloudFlare Teams
|
|
logg info 'Enrolling with CloudFlare Teams'
|
|
warp-cli teams-enroll '{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_TEAMS_CLIENT_ID")) }}{{ includeTemplate "secrets/CLOUDFLARE_TEAMS_CLIENT_ID" | decrypt }}{{ else }}{{ env "CLOUDFLARE_TEAMS_CLIENT_ID" }}{{ end }}' '{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "CLOUDFLARE_TEAMS_CLIENT_SECRET")) }}{{ includeTemplate "secrets/CLOUDFLARE_TEAMS_CLIENT_SECRET" | decrypt }}{{ else }}{{ env "CLOUDFLARE_TEAMS_CLIENT_SECRET" }}{{ end }}'
|
|
{{- end }}
|
|
fi
|
|
|
|
{{ end -}}
|