diff options
| -rw-r--r-- | public/progs.csv | 7 | ||||
| -rwxr-xr-x | public/thesiah-mac.sh | 3 | ||||
| -rwxr-xr-x | public/thesiah.sh | 48 | ||||
| -rw-r--r-- | static/progs.csv | 7 | ||||
| -rwxr-xr-x | static/thesiah-mac.sh | 3 | ||||
| -rwxr-xr-x | static/thesiah.sh | 48 |
6 files changed, 96 insertions, 20 deletions
diff --git a/public/progs.csv b/public/progs.csv index 068f42f..e28ce53 100644 --- a/public/progs.csv +++ b/public/progs.csv @@ -22,7 +22,7 @@ A,arkenfox-user.js,provides hardened security settings for Firefox and Librewolf ,bluez-utils,is utils for bluetooth. A,brillo,controls the brightness of backlight and LED devices. ,calcurse,terminal-based organizer for interactive and command line use. -,cronie,is a cronjob manager to set up automatic mail syncing. +R,cronie,is a cronjob manager to set up automatic mail syncing. ,dash,is a command interpreter (shell). ,dosfstools,allows your computer to access dos-like filesystems. ,dunst,is a suckless notification system. @@ -78,7 +78,7 @@ P,pynvim,is for lsp in neovim. ,ripgrep-all,searches words in a line. ,rsync,is a fast and versatile file copying tool. ,ruby,is an interpreted scripting language. -,samba,"is a program for the server daemon that provides Active Directory, filesharing, and printing services." +R,samba,"is a program for the server daemon that provides Active Directory, filesharing, and printing services." A,sc-im,is an Excel-like terminal spreadsheet manager. A,simple-mtpfs,enables the mounting of cell phones. ,socat,is a utility which establishes two byte streams and transfers data between them. @@ -86,11 +86,12 @@ P,stig,is a TUI and CLI client for the transmission daemon. ,tar,compresses or extracts files. A,task-spooler,queues commands or files for download. ,tk,manipulates tk internal state. +R,tlp,applies power saving settings manually and controls battery care features. ,tmux,manages mutiple terminal sessions/windows/panes in a terminal. ,trash-cli,"trashes files recording the original path, deletion date, and permissions." ,transmission-cli,"is a lightweight, command-line BitTorrent client." ,ueberzug,enables previews in the lf file manager. -,ufw,is a tool for firewall. +R,ufw,is a tool for firewall. ,unclutter,hides an inactive mouse. ,unzip,unzips zips. ,urlview,enables to view url in a terminal. diff --git a/public/thesiah-mac.sh b/public/thesiah-mac.sh index 19cd069..dd9c563 100755 --- a/public/thesiah-mac.sh +++ b/public/thesiah-mac.sh @@ -151,11 +151,12 @@ installpkg "mas" installationloop # Setup Dotfiles -putgitrepo "$dotfilesrepo" "$HOME/.dotfiles" "$repobranch" +putgitrepo "$dotfilesrepo" "$HOME" "$repobranch" && mv "$HOME/$(echo "$dotfilesrepo" | sed 's|.*/\([^/]*\)\.git|\1|')" "$HOME/.dotfiles" # Clean up any unwanted files from the dotfiles repo rm -rf "$HOME/.git" "$HOME/README.md" "$HOME/LICENSE" "$HOME/FUNDING.yml" "/tmp/programs.csv" +# Sync profile ln -s ~/.dotfiles/shell/profile ~/.zprofile # Final diff --git a/public/thesiah.sh b/public/thesiah.sh index b8fa5ed..4a220dd 100755 --- a/public/thesiah.sh +++ b/public/thesiah.sh @@ -169,6 +169,27 @@ pipinstall() { yes | pip install "$1" } +# runit +initinstall() { + maininstall "$1" "$2" + case "$(readlink -f /sbin/init)" in + "runit-init") + maininstall "$1-runit" "runit: $2" + ln -s /etc/runit/sv/"$1" /run/runit/service/ || error "Failed to sync $1 service." + sv start "$1" || error "Failed to run $1 service." + ;; + "openrc-init") + maininstall "$1-openrc" "openrc: $2" + rc-update add "$1" default || error "Faild to add $1 service." + rc-service "$1" start || error "Faild to start $1 service." + ;; + "s6-svscan") + maininstall "$1-s6" "s6: $2" + s6-rc -u change "$1" || error "Failed to start $1 service." + ;; + esac +} + installationloop() { ([ -f "$progsfile" ] && cp "$progsfile" /tmp/progs.csv) || curl -Ls "$progsfile" | sed '/^#/d' >/tmp/progs.csv @@ -182,6 +203,7 @@ installationloop() { "A") aurinstall "$program" "$comment" ;; "G") gitmakeinstall "$program" "$comment" ;; "P") pipinstall "$program" "$comment" ;; + "R") initinstall "$program" "$comment" ;; *) maininstall "$program" "$comment" ;; esac done </tmp/progs.csv @@ -279,19 +301,33 @@ pamgnupg() { ufwsetup() { [ -x "$(command -v "ufw")" ] || installpkg ufw >/dev/null 2>&1 ufw default deny incoming # block all incoming connections by default - ufw allow in ssh # or: ufw allow in 22 ufw allow 80 ufw allow 443 - ufw allow 10000/udp + ufw allow 25/tcp + ufw allow 587/tcp ufw allow 3478/udp ufw allow 5349/tcp + ufw allow 10000/udp + ufw allow in ssh ufw allow in IMAPS ufw allow in POP3 ufw allow in SMTP ufw allow in 'WWW Full' ufw allow in 'Postfix SMTPS' ufw allow in 'Mail Submission' - ufw enable + + case "$(readlink -f /sbin/init)" in + "runit-init") + ufw enable + ;; + "openrc-init") + rc-update add ufw default + rc-service ufw start + ;; + "s6-svscan") + s6-rc -u change "$1" + ;; + esac } finalize() { @@ -448,11 +484,11 @@ pamgnupg || exit 1 printf '\nyes\nyes\n' | mount -t ecryptfs Media Media -o passphrase_passwd="$epass1",ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_enable_filename_crypto=y,ecryptfs_passthrough=n || exit 1 umount /home/$name/Media +# ufw set up +ufwsetup || error "Failed to set up ufw rules." + # Change /bin/sh from bash to dash ln -sf dash /bin/sh -# ufw set up -ufwsetup - # Last message! Install complete! finalize diff --git a/static/progs.csv b/static/progs.csv index 068f42f..e28ce53 100644 --- a/static/progs.csv +++ b/static/progs.csv @@ -22,7 +22,7 @@ A,arkenfox-user.js,provides hardened security settings for Firefox and Librewolf ,bluez-utils,is utils for bluetooth. A,brillo,controls the brightness of backlight and LED devices. ,calcurse,terminal-based organizer for interactive and command line use. -,cronie,is a cronjob manager to set up automatic mail syncing. +R,cronie,is a cronjob manager to set up automatic mail syncing. ,dash,is a command interpreter (shell). ,dosfstools,allows your computer to access dos-like filesystems. ,dunst,is a suckless notification system. @@ -78,7 +78,7 @@ P,pynvim,is for lsp in neovim. ,ripgrep-all,searches words in a line. ,rsync,is a fast and versatile file copying tool. ,ruby,is an interpreted scripting language. -,samba,"is a program for the server daemon that provides Active Directory, filesharing, and printing services." +R,samba,"is a program for the server daemon that provides Active Directory, filesharing, and printing services." A,sc-im,is an Excel-like terminal spreadsheet manager. A,simple-mtpfs,enables the mounting of cell phones. ,socat,is a utility which establishes two byte streams and transfers data between them. @@ -86,11 +86,12 @@ P,stig,is a TUI and CLI client for the transmission daemon. ,tar,compresses or extracts files. A,task-spooler,queues commands or files for download. ,tk,manipulates tk internal state. +R,tlp,applies power saving settings manually and controls battery care features. ,tmux,manages mutiple terminal sessions/windows/panes in a terminal. ,trash-cli,"trashes files recording the original path, deletion date, and permissions." ,transmission-cli,"is a lightweight, command-line BitTorrent client." ,ueberzug,enables previews in the lf file manager. -,ufw,is a tool for firewall. +R,ufw,is a tool for firewall. ,unclutter,hides an inactive mouse. ,unzip,unzips zips. ,urlview,enables to view url in a terminal. diff --git a/static/thesiah-mac.sh b/static/thesiah-mac.sh index 19cd069..dd9c563 100755 --- a/static/thesiah-mac.sh +++ b/static/thesiah-mac.sh @@ -151,11 +151,12 @@ installpkg "mas" installationloop # Setup Dotfiles -putgitrepo "$dotfilesrepo" "$HOME/.dotfiles" "$repobranch" +putgitrepo "$dotfilesrepo" "$HOME" "$repobranch" && mv "$HOME/$(echo "$dotfilesrepo" | sed 's|.*/\([^/]*\)\.git|\1|')" "$HOME/.dotfiles" # Clean up any unwanted files from the dotfiles repo rm -rf "$HOME/.git" "$HOME/README.md" "$HOME/LICENSE" "$HOME/FUNDING.yml" "/tmp/programs.csv" +# Sync profile ln -s ~/.dotfiles/shell/profile ~/.zprofile # Final diff --git a/static/thesiah.sh b/static/thesiah.sh index b8fa5ed..4a220dd 100755 --- a/static/thesiah.sh +++ b/static/thesiah.sh @@ -169,6 +169,27 @@ pipinstall() { yes | pip install "$1" } +# runit +initinstall() { + maininstall "$1" "$2" + case "$(readlink -f /sbin/init)" in + "runit-init") + maininstall "$1-runit" "runit: $2" + ln -s /etc/runit/sv/"$1" /run/runit/service/ || error "Failed to sync $1 service." + sv start "$1" || error "Failed to run $1 service." + ;; + "openrc-init") + maininstall "$1-openrc" "openrc: $2" + rc-update add "$1" default || error "Faild to add $1 service." + rc-service "$1" start || error "Faild to start $1 service." + ;; + "s6-svscan") + maininstall "$1-s6" "s6: $2" + s6-rc -u change "$1" || error "Failed to start $1 service." + ;; + esac +} + installationloop() { ([ -f "$progsfile" ] && cp "$progsfile" /tmp/progs.csv) || curl -Ls "$progsfile" | sed '/^#/d' >/tmp/progs.csv @@ -182,6 +203,7 @@ installationloop() { "A") aurinstall "$program" "$comment" ;; "G") gitmakeinstall "$program" "$comment" ;; "P") pipinstall "$program" "$comment" ;; + "R") initinstall "$program" "$comment" ;; *) maininstall "$program" "$comment" ;; esac done </tmp/progs.csv @@ -279,19 +301,33 @@ pamgnupg() { ufwsetup() { [ -x "$(command -v "ufw")" ] || installpkg ufw >/dev/null 2>&1 ufw default deny incoming # block all incoming connections by default - ufw allow in ssh # or: ufw allow in 22 ufw allow 80 ufw allow 443 - ufw allow 10000/udp + ufw allow 25/tcp + ufw allow 587/tcp ufw allow 3478/udp ufw allow 5349/tcp + ufw allow 10000/udp + ufw allow in ssh ufw allow in IMAPS ufw allow in POP3 ufw allow in SMTP ufw allow in 'WWW Full' ufw allow in 'Postfix SMTPS' ufw allow in 'Mail Submission' - ufw enable + + case "$(readlink -f /sbin/init)" in + "runit-init") + ufw enable + ;; + "openrc-init") + rc-update add ufw default + rc-service ufw start + ;; + "s6-svscan") + s6-rc -u change "$1" + ;; + esac } finalize() { @@ -448,11 +484,11 @@ pamgnupg || exit 1 printf '\nyes\nyes\n' | mount -t ecryptfs Media Media -o passphrase_passwd="$epass1",ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_enable_filename_crypto=y,ecryptfs_passthrough=n || exit 1 umount /home/$name/Media +# ufw set up +ufwsetup || error "Failed to set up ufw rules." + # Change /bin/sh from bash to dash ln -sf dash /bin/sh -# ufw set up -ufwsetup - # Last message! Install complete! finalize |