Update 16 files

- /home/dot_config/rclone/merge_rclone.conf - /home/dot_config/rclone/s3-public.service.tmpl - /home/dot_config/rclone/s3-private.service.tmpl - /home/dot_config/rclone/s3-docker.service.tmpl - /home/dot_config/gcp/gcp.json.TODO - /home/dot_config/docker/plugins.json - /home/.chezmoitemplates/secrets/key-cloudflare-r2-secret - /home/.chezmoitemplates/secrets/key-cloudflare-r2-id - /home/dot_local/bin/executable_rclone-mount - /home/dot_local/bin/executable_install-program - /home/.chezmoidata.yaml - /home/.chezmoiscripts/_universal/run_onchange_before_11-install-docker.tmpl - /home/.chezmoiscripts/universal/run_onchange_after_07-docker-plugins.tmpl - /home/.chezmoi.yaml.tmpl - /docs/TODO.md - /software.yml
2023-01-30 03:09:02 +00:00 · 2023-01-30 03:09:02 +00:00 · d8769e8ad1
commit d8769e8ad1
parent e43ff06510
16 changed files with 212 additions and 98 deletions
--- a/docs/TODO.md
+++ b/docs/TODO.md
@ -5,6 +5,20 @@ https://github.com/DustinBrett/daedalOS
 https://github.com/ansh/jiffyreader.com
 https://github.com/allinurl/goaccess
 https://github.com/cloudflare/boringtun
    CLOUDSDK_CORE_PROJECT: "megabyte-labs"
    GCE_CREDENTIALS_FILE: "{{ joinPath .chezmoi.homeDir ".config" "gcp.json" }}"
    GCE_SERVICE_ACCOUNT_EMAIL: "molecule@megabyte-labs.iam.gserviceaccount.com"
 GITLAB_READ_TOKEN
 GITHUB_READ_TOKEN
 GITHUB_GIST_TOKEN
 CLOUDFLARE_API_TOKEN
 GMAIL_APP_PASSWORD
 NGROK_AUTH_TOKEN
 SLACK_API_TOKEN
 TAILSCALE_AUTH_KEY
 LEXICON_CLOUDFLARE_USERNAME
 LEXICON_CLOUDFLARE_TOKEN
 ### Ensure these PATHs are added on Windows
 add to PATH:
 '%ProgramFiles(x86)%\mitmproxy\bin'
--- a/home/.chezmoi.yaml.tmpl
+++ b/home/.chezmoi.yaml.tmpl
@ -1,28 +1,18 @@
 {{- $name := (default "Brian Zalewski" (env "FULL_NAME")) -}}
 {{- $email := (default "brian@megabyte.space" (env "PRIMARY_EMAIL")) -}}
 {{- $restricted := (default false (env "WORK_ENVIRONMENT")) -}}
 {{- $work := (default false (env "WORK_ENVIRONMENT")) -}}
 {{- $gpgKeyId := (default "0xF0A300E4199A1C33" (env "KEYID")) -}}
 {{- $gmailAddress := (default "blzalewski@gmail.com" (env "GMAIL_ADDRESS")) -}}
 {{- $gmailAddressAppPassword := (default "" (env "GMAIL_APP_PASSWORD")) -}}
 {{- $surgeshUsername := (default "brian@megabyte.space" (env "SURGESH_USERNAME")) -}}
 {{- $domain := (default "megabyte.space" (env "PUBLIC_SERVICES_DOMAIN")) -}}
 {{- $cloudflareUsername := (default "brian@megabyte.space" (env "CLOUDFLARE_USERNAME")) -}}
-{{- $cloudflareToken := (default "" (env "CLOUDFLARE_API_TOKEN")) -}}
+{{- $desktopSession := true -}}
-{{- $cloudflareAccessKeyId := "" -}}
+{{- $domain := (default "megabyte.space" (env "PUBLIC_SERVICES_DOMAIN")) -}}
-{{- $cloudflareSecretAccessKey := "" -}}
+{{- $email := (default "brian@megabyte.space" (env "PRIMARY_EMAIL")) -}}
 {{- $cloudflareR2AccountId := "" -}}
 {{- $githubUsername := (default "ProfessorManhattan" (env "GITHUB_USERNAME")) -}}
-{{- $githubGistToken := (default "" (env "GITHUB_GIST_TOKEN")) -}}
+{{- $gmailAddress := (default "blzalewski@gmail.com" (env "GMAIL_ADDRESS")) -}}
-{{- $githubReadToken := (env "GITHUB_READ_TOKEN") -}}
+{{- $gpgKeyId := (default "0xF0A300E4199A1C33" (env "KEYID")) -}}
-{{- $gitlabReadToken := (env "GITLAB_READ_TOKEN") -}}
+{{- $hostname := (default "alpha" (env "HOSTNAME")) -}}
 {{- $locale := (output "echo" "$LANG") }}
-{{- $ngrokAuthToken := (default "" (env "NGROK_AUTH_TOKEN")) -}}
+{{- $name := (default "Brian Zalewski" (env "FULL_NAME")) -}}
-{{- $slackApiToken := (default "" (env "SLACK_API_TOKEN")) -}}
+{{- $restricted := (default false (env "WORK_ENVIRONMENT")) -}}
-{{- $tailscaleAuthKey := (default "" (env "TAILSCALE_AUTH_KEY")) -}}
+{{- $surgeshUsername := (default "brian@megabyte.space" (env "SURGESH_USERNAME")) -}}
 {{- $timezone := (default "America/New_York" (env "TIMEZONE")) -}}
 {{- $toolchains := list "CLI-Extras" "Docker" "Go" "Kubernetes" "Web-Development" -}}
-{{- $desktopSession := true -}}
+{{- $work := (default false (env "WORK_ENVIRONMENT")) -}}
 {{- if and (ne .chezmoi.os "darwin") (ne .chezmoi.os "windows") (not (env "DISPLAY")) -}}
 {{-   $desktopSession = false -}}
 {{- end -}}
@ -112,6 +102,9 @@
 {{- if not (env "PUBLIC_SERVICES_DOMAIN") -}}
 {{-   $domain = promptStringOnce $data.user "domain" "Domain name" $domain -}}
 {{- end -}}
 {{- if not (env "HOSTNAME") -}}
 {{-   $hostname = promptStringOnce $data.host "hostname" "Hostname ID" $hostname -}}
 {{- end -}}
 {{- else -}}
 {{-   $headless = true -}}
@ -137,6 +130,12 @@ data:
    dns:
      primary: 10.0.0.1#dns.megabyte.space
      secondary: 1.1.1.1#cloudflare-dns.com
    docker:
      doRegion: nyc1
    headless: {{ $headless }}
    home: "{{ .chezmoi.homeDir }}"
    homeParentFolder: "{{ if eq .chezmoi.os "linux" }}/home{{ else if eq .chezmoi.os "darwin" }}/Users{{ else }}C:\Users{{ end }}"
    hostname: "{{ $hostname }}"
    ssh:
      allowTCPForwarding: no
      allowUsers: {{ output "echo" "$USER" }}
@ -146,59 +145,42 @@ data:
      excludedSubnets:
        - 10.0.0.0/24
        - 10.14.50.0/24
    home: "{{ .chezmoi.homeDir }}"
    homeParentFolder: "{{ if eq .chezmoi.os "linux" }}/home{{ else if eq .chezmoi.os "darwin" }}/Users{{ else }}C:\Users{{ end }}"
    hostname: "Betelgeuse"
    qubes: {{ ne (stat (joinPath "usr" "bin" "qubes-session")) false }}
    restricted: {{ $restricted }}
    softwareGroup: "{{ $softwareGroup }}"
    type: "{{ $chassisType }}"
    work: {{ $work }}
    restricted: {{ $restricted }}
    headless: {{ $headless }}
  toolchains:
  {{- range $toolchain, $enabled := $toolchainsEnabled }}
    {{ $toolchain}}: {{ $enabled }}
  {{- end }}
  user:
-    email: "{{ $email }}"
+    cloudflare:
-    name: "{{ $name }}"
+      r2: "{{ $cloudflareR2AccountId }}"
-    username: "{{ output "echo" "$USER" }}"
+      username: "{{ $cloudflareUsername }}"
    defaultBrowser: firefox
    domain: "{{ $domain }}"
    email: "{{ $email }}"
    github:
      username: "{{ $githubUsername }}"
    gmail:
      username: "{{ $gmailAddress }}"
    gpg:
      id: "{{ $gpgKeyId }}"
    gmail:
      email: "{{ $gmailAddress }}"
      password: "{{ $gmailAddressAppPassword }}"
    surgeshUsername: "{{ $surgeshUsername }}"
    githubUsername: "{{ $githubUsername }}"
    locale: "{{ $locale }}"
    timezone: "{{ $timezone }}"
    holdSudoPrivileges: true
-    CLOUDFLARE_USERNAME: "{{ $cloudflareUsername }}"
+    locale: "{{ $locale }}"
-    CLOUDFLARE_ACCESS_KEY_ID: "{{ $cloudflareAccessKeyId }}"
+    name: "{{ $name }}"
-    CLOUDFLARE_SECRET_ACCESS_KEY: "{{ $cloudflareSecretAccessKey }}"
+    surgesh:
-    CLOUDFLARE_R2_ACCOUNT_ID: "{{ $cloudflareR2AccountId }}"
+      username: "{{ $surgeshUsername }}"
-    CLOUDSDK_CORE_PROJECT: "megabyte-labs"
+    timezone: "{{ $timezone }}"
-    GCE_CREDENTIALS_FILE: "{{ joinPath .chezmoi.homeDir ".config" "gcp.json" }}"
+    tinypngKey: "g355tx7dxG5yJfl0RXJnpQlQqk88dJBv"
-    GCE_SERVICE_ACCOUNT_EMAIL: "molecule@megabyte-labs.iam.gserviceaccount.com"
+    username: "{{ output "echo" "$USER" }}"
    GITHUB_GIST_TOKEN: "{{ $githubGistToken }}"
    GITHUB_READ_TOKEN: "{{ $githubReadToken }}"
    GITLAB_READ_TOKEN: "{{ $gitlabReadToken }}"
    NGROK_AUTH_TOKEN: "{{ $ngrokAuthToken }}"
    SLACK_API_TOKEN: "{{ $slackApiToken }}"
    SNAPCRAFT_EMAIL: "{{ $email }}"
    TAILSCALE_AUTH_KEY: "{{ $tailscaleAuthKey }}"
    TINYPNG_API_KEY: "g355tx7dxG5yJfl0RXJnpQlQqk88dJBv"
 diff:
  format: "git"
  pager: "delta"
 git:
  autoCommit: true
  autoPush: true
 scriptEnv:
  LEXICON_CLOUDFLARE_USERNAME: "{{ $cloudflareUsername }}"
  LEXICON_CLOUDFLARE_TOKEN: "{{ $cloudflareToken }}"
 textconv:
  - pattern: "**/*.plist"
    command: "plutil"
--- a/home/.chezmoidata.yaml
+++ b/home/.chezmoidata.yaml
@ -19,11 +19,11 @@ colors:
  color14: '#EB71AD'
  color15: '#24E5FF'
  color16: '#FFFFFF'
 macosRemoteLogin: 'on'
 themeparkTheme: aquamarine
 netdataClaimURL: https://app.netdata.cloud
 config:
  gpg: https://raw.githubusercontent.com/drduh/config/master/gpg.conf
 macosRemoteLogin: 'on'
 netdataClaimURL: https://app.netdata.cloud
 themeparkTheme: aquamarine
 chromeExtensions:
  - https://chrome.google.com/webstore/detail/automa/infppggnoaenmfagbfknfkancpbljcca
  - https://chrome.google.com/webstore/detail/bitly-powerful-short-link/iabeihobmhlgpkcgjiloemdbofjbdcic
@ -1007,6 +1007,9 @@ softwareGroups:
    - termius
    - ulauncher
 softwarePlugins:
  docker:
    plugins:
      - sapk/plugin-rclone
  vim:
    plugins:
      - https://github.com/dense-analysis/ale.git
--- a/home/.chezmoiscripts/_universal/run_onchange_before_11-install-docker.tmpl
+++ b/home/.chezmoiscripts/_universal/run_onchange_before_11-install-docker.tmpl
@ -114,4 +114,7 @@ if [ ! -d /Applications ] || [ ! -d /System ]; then
    fi
 fi
 ### Install Docker plugins
 for PLUGIN in 
 {{ end -}}
--- a/home/.chezmoiscripts/universal/run_onchange_after_07-docker-plugins.tmpl
+++ b/home/.chezmoiscripts/universal/run_onchange_after_07-docker-plugins.tmpl
@ -1,6 +1,8 @@
 {{- if (eq .host.distro.family "linux") -}}
 #!/usr/bin/env bash
 # Docker plugins.json hash: {{ include (joinPath .chezmoi.homeDir ".config" "docker" "plugins.json") | sha256sum }}
 {{ includeTemplate "universal/profile" }}
 {{ includeTemplate "universal/logg" }}
@ -30,13 +32,24 @@ fi
 if [ ! -f "${XDG_CONFIG_HOME:-$HOME/.docker}/cli-plugins/docker-pushrm" ]; then
    logg info 'Acquiring release information for Docker push-rm'
    RELEASE_TAG="$(curl -sSL https://api.github.com/repos/christian-korneck/docker-pushrm/releases/latest | jq -r '.tag_name')"
-    mkdir -p "${XDG_CONFIG_HOME:-$HOME/.docker}/cli-plugins"
+    mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins"
    logg info 'Downloading Docker push-rm'
-    curl https://github.com/christian-korneck/docker-pushrm/releases/download/$RELEASE_TAG/docker-pushrm_darwin_amd64 -o "${XDG_CONFIG_HOME:-$HOME/.docker}/cli-plugins/docker-pushrm"
+    curl https://github.com/christian-korneck/docker-pushrm/releases/download/$RELEASE_TAG/docker-pushrm_darwin_amd64 -o "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins/docker-pushrm"
-    chmod +x "${XDG_CONFIG_HOME:-$HOME/.docker}/cli-plugins/docker-pushrm"
+    chmod +x "${XDG_CONFIG_HOME:-$HOME/.config}/docker/cli-plugins/docker-pushrm"
    logg success 'Added Docker push-rm'
 else
    logg info 'Docker push-rm already added'
 fi
 {{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-digitalocean-pat")) -}}
 ### Docker DigitalOcean Block Storage
 docker plugin install --grant-all-permissions rexray/dobs DOBS_TOKEN={{ includeTemplate "secrets/key-digitalocean-pat" | decrypt -}} DOBS_REGION={{ .host.docker.doRegion }} LINUX_VOLUME_FILEMODE=0775
 {{ end -}}
 ### Docker plugins (defined in ~/.config/docker/plugins.json)
 jq -r '.plugins[]' "${XDG_CONFIG_HOME:-$HOME/.config}/docker/plugins.json" | while read PLUGIN; do
    logg info 'Installing the `'"$PLUGIN"'` Docker plugin'
    docker plugin install --grant-all-permissions "$PLUGIN"
 done
 {{ end -}}
--- a/home/.chezmoitemplates/secrets/key-cloudflare-r2-id
+++ b/home/.chezmoitemplates/secrets/key-cloudflare-r2-id
@ -0,0 +1,7 @@
 -----BEGIN AGE ENCRYPTED FILE-----
 YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUa0ZtTm9PbE03R1RReDJZ
 NUdueXVZSk1WY2RxMkpyM1VVL2t2ZlBobGxJCmRyWEtSYVMxU1VCL01hRXk5ODdR
 MTJPZFVYbEEzeStBT3JLRWdoNUg0Z2MKLS0tIGhHdzExOEU1NmJkNHBFUW5DbXFs
 S25MNHFGV01GYjkrYm0zVmhrVEFvd2sKQr2yI5Zlx+yEWa4igHFy2z1FpmEw6tux
 M9i/y2J+Da15jAZgndmc1iWNBVDKVfROon4S60P99djZi/trWcy0jA==
 -----END AGE ENCRYPTED FILE-----
--- a/home/.chezmoitemplates/secrets/key-cloudflare-r2-secret
+++ b/home/.chezmoitemplates/secrets/key-cloudflare-r2-secret
@ -0,0 +1,8 @@
 -----BEGIN AGE ENCRYPTED FILE-----
 YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFYnBRTkRVZ2hGTkZ4NUdQ
 UWZBWmFxQkFXTUhESzhaaFJWMlpQSmh5cldjCjN0c0dScXQ1d0ZoalF1WXN3VG5h
 WC9wQ0pQSmYyU29nN1YwOUNFSHgyRkEKLS0tIG5lOTRhamhySm5iN1V1d0haWFRo
 VVZaczNScHd0ZHZRWmd4TFVRQWVaZzAKqbgfmbnHB5QbO0Z1JMgjNawfAD40Hzru
 kVNSyh/zgIRlwuSzwlENDgrdGXaRjDj7jtchaWe/xPX88Ba5cFe9LC7eXJP1mU2U
 l+nk1LFKSp24PZskcLzw4rxCsLap82KV
 -----END AGE ENCRYPTED FILE-----
--- a/home/dot_config/docker/plugins.json
+++ b/home/dot_config/docker/plugins.json
@ -0,0 +1,6 @@
 {
    "plugins" [
        "sapk/plugin-rclone",
        "vieux/sshfs"
    ]
 }
--- a/home/dot_config/gcp/gcp.json.TODO
+++ b/home/dot_config/gcp/gcp.json.TODO
--- a/home/dot_config/rclone/merge_rclone.conf
+++ b/home/dot_config/rclone/merge_rclone.conf
@ -1,4 +1,4 @@
-{{- if and (ne .user.CLOUDFLARE_ACCESS_KEY_ID "") (ne .user.CLOUDFLARE_SECRET_ACCESS_KEY "") (ne .user.CLOUDFLARE_R2_ACCOUNT_ID "") }}
+{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-id")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "key-cloudflare-r2-secret")) (ne .user.cloudflare.r2 "") -}}
 #!/usr/bin/env bash
 CONFIG_FILE="$HOME/.config/rclone/rclone.conf"
@ -18,27 +18,43 @@ tee -a "$CONFIG_FILE" > /dev/null <<EOT
 [{{ .user.username}}-s3]
 type = s3
 provider = Cloudflare
-access_key_id = {{ .user.CLOUDFLARE_ACCESS_KEY_ID }}
+access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
-secret_access_key = {{ .user.CLOUDFLARE_SECRET_ACCESS_KEY }}
+secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
 region = auto
-endpoint = https://{{ .user.CLOUDFLARE_R2_ACCOUNT_ID }}.r2.cloudflarestorage.com
+endpoint = https://{{ .user.cloudflare.r2 }}.r2.cloudflarestorage.com/user
 acl = private
-[do-private]
+[docker]
 type = s3
-provider = DigitalOcean
+provider = Cloudflare
 env_auth = false
-access_key_id = your_spaces_access_key
+access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
-secret_access_key = your_spaces_secret_key
+secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
-endpoint = private.nyc3.digitaloceanspaces.com
+endpoint = open.nyc3.digitaloceanspaces.com
 acl = private
-[do-open]
+[private]
 type = s3
-provider = DigitalOcean
+provider = Cloudflare
 env_auth = false
-access_key_id = your_spaces_access_key
+access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
-secret_access_key = your_spaces_secret_key
+secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
 endpoint = {{ }}
 acl = private
 [public]
 type = s3
 provider = Cloudflare
 env_auth = false
 access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
 secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
 endpoint = open.nyc3.digitaloceanspaces.com
 acl = public-read
 [system]
 type = s3
 provider = Cloudflare
 env_auth = false
 access_key_id = {{ includeTemplate "secrets/key-cloudflare-r2-id" | decrypt -}}
 secret_access_key = {{ includeTemplate "secrets/key-cloudflare-r2-secret" | decrypt -}}
 endpoint = open.nyc3.digitaloceanspaces.com
 acl = private
 # MEGABYTE LABS MANAGED S3
 EOT
 {{- end }}
--- a/home/dot_config/rclone/s3-docker.service.tmpl
+++ b/home/dot_config/rclone/s3-docker.service.tmpl
@ -4,9 +4,9 @@ After=network-online.target
 [Service]
 Type=simple
-User=root
+User=rclone
-ExecStart=/usr/local/bin/rclone-mount "docker" "docker" "docker-s3"
+ExecStart=/usr/local/bin/rclone-mount "docker" "docker" "s3-docker"
-ExecStop=/bin/fusermount -u /mnt/docker-s3
+ExecStop=/bin/fusermount -u /mnt/s3-docker
 Restart=always
 RestartSec=10
--- a/home/dot_config/rclone/s3-private.service.tmpl
+++ b/home/dot_config/rclone/s3-private.service.tmpl
@ -0,0 +1,14 @@
 [Unit]
 Description=rclone S3 system service (private)
 After=network-online.target
 [Service]
 Type=simple
 User=rclone
 ExecStart=/usr/local/bin/rclone-mount "rclone" "rclone" "s3-private"
 ExecStop=/bin/fusermount -u /mnt/s3-private
 Restart=always
 RestartSec=10
 [Install]
 WantedBy=default.target
--- a/home/dot_config/rclone/s3-public.service.tmpl
+++ b/home/dot_config/rclone/s3-public.service.tmpl
@ -0,0 +1,14 @@
 [Unit]
 Description=rclone S3 system service (public)
 After=network-online.target
 [Service]
 Type=simple
 User=rclone
 ExecStart=/usr/local/bin/rclone-mount "rclone" "rclone" "s3-public"
 ExecStop=/bin/fusermount -u /mnt/s3-public
 Restart=always
 RestartSec=10
 [Install]
 WantedBy=default.target
--- a/home/dot_local/bin/executable_install-program
+++ b/home/dot_local/bin/executable_install-program
@ -110,6 +110,7 @@ let binLinkRan = false
 const installOrdersPre = []
 const installOrdersPost = []
 const installOrdersService = []
 const installOrdersGroups = []
 const installOrdersPlugins = []
 const installOrdersBinLink = []
 let brewUpdated, osType, osID, snapRefreshed
@ -433,6 +434,10 @@ async function updateInstallMaps(preference, packages, scopedPreference, pkg, pa
  if (serviceHook) {
    installOrdersService.concat(typeof serviceHook === 'string' ? [serviceHook] : serviceHook)
  }
  const groupsHook = getHook(packages, 'groups', scopedPreference, preference)
  if (groupsHook) {
    installOrdersGroups.concat(typeof groupsHook === 'string' ? [groupsHook] : groupsHook)
  }
  processPluginOrders(pkg)
  if (!installOrders[preference]) {
    installOrders[preference] = []
@ -1471,17 +1476,49 @@ async function installPackageList(packageManager, packages) {
  }
 }
 async function addUserGroup(group) {
  const logStage = 'Users / Groups'
  log('info', logStage, `Ensuring the ${group} group / user is added`)
  if (osType === 'linux') {
    const useradd = which.sync('useradd', { nothrow: true })
    if (useradd) {
      runCommand(`Adding the ${group} user / group`, `sudo useradd ${group}`)
    } else {
      log('error', logStage, `The useradd command is unavailable`)
    }
  } else if (osType === 'darwin') {
  } else if (osType === 'windows') {
    log('warn', logStage, `Windows support not yet added`)
  } else {
    log('warn', logStage, `Unknown operating system type`)
  }
 }
 async function updateService(service) {
  const logStage = 'Service Service'
  if (osType === 'linux') {
    const systemctl = which.sync('systemctl', { nothrow: true })
    const brew = which.sync('brew', { nothrow: true })
    if (systemctl) {
      try {
        runCommand(`Starting / enabling ${service} with systemctl`, `sudo systemctl enable --now ${service}`)
        log('success', logStage, `Started / enabled the ${service} service`)
      } catch (e) {
-        log('error', logStage, `There was an error starting / enabling the ${service} service`)
+        log('info', logStage, `There was an error starting / enabling the ${service} service with systemd`)
-        console.error(e)
+        try {
          if (brew) {
            runCommand(`Starting / enabling ${service} with Homebrew`, `brew services start ${service}`)
            log('success', logStage, `Started / enabled the ${service} service with Homebrew`)
          } else {
            log('error', logStage, `Unable to start service with systemd and Homebrew is not available`)
          }
        } catch (err) {
          log('error', logStage, `Unable to start service with both systemd and Homebrew`)
          log('info', logStage, `systemd error`)
          console.error(e)
          log('info', logStage, `brew services error`)
          console.error(e)
        }
      }
    } else {
      log(
@ -1711,6 +1748,10 @@ async function installSoftware(pkgsToInstall) {
    asyncOrders.push(installPackageList(packageManager, installOrders[packageManager]))
    await Promise.all(asyncOrders)
  }
  log('info', 'Users / Groups', `Adding groups / users`)
  for (const group of installOrdersGroups) {
    await addUserGroup(group)
  }
  log('info', 'Post-Install', `Running package-specific post-installation steps`)
  for (const service of installOrdersService) {
    await updateService(service)
--- a/home/dot_local/bin/executable_rclone-mount
+++ b/home/dot_local/bin/executable_rclone-mount
@ -4,46 +4,37 @@
 TYPE="$1"
 USER="$2"
 MOUNT="$3"
 ### Path definitions
 if [ "$TYPE" = 'user' ]; then
  CACHE_FOLDER="/home/$USER/.cache/rclone"
  CONFIG_FOLDER="/home/$USER/.config/rclone"
  LOG_FOLDER="/home/$USER/.local/log"
  LOG_FILE="$LOG_FOLDER/$MOUNT.log"
  MOUNT_PATH="/home/{{ .user.username }}/.local/mnt/$MOUNT"
 elif [ "$TYPE" = 'docker' ]; then
  CACHE_FOLDER="/var/cache/rclone/$MOUNT"
  CONFIG_FOLDER="/etc"
  LOG_FOLDER="/var/log/rclone"
  LOG_FILE="$LOG_FOLDER/$MOUNT.log"
  MOUNT_PATH="/mnt/$MOUNT"
 else
-  CACHE_FOLDER="/var/cache/rclone"
+  CACHE_FOLDER="/var/cache/rclone/$MOUNT"
  CONFIG_FOLDER="/etc"
  LOG_FOLDER="/var/log/rclone"
  LOG_FILE="$LOG_FOLDER/$MOUNT.log"
  MOUNT_PATH="/mnt/$MOUNT"
 fi
-### Ensure directories created
+### Ensure folders exist
-if [ ! -d "$CACHE_FOLDER" ]; then
+for FOLDER in "$CACHE_FOLDER" "$CONFIG_FOLDER" "$LOG_FOLDER" "$MOUNT_PATH"; do
-  mkdir -p "$CACHE_FOLDER"
+    if [ ! -d "$FOLDER" ]; then
-fi
+        mkdir -p "$FOLDER" || echo "ERROR: Need permissions for $FOLDER"
-if [ ! -d "$CONFIG_FOLDER" ]; then
+    fi
-  mkdir -p "$CONFIG_FOLDER"
+done
-fi
+
-if [ ! -d "$LOG_FOLDER" ]; then
+### Define rcloneignore location
  mkdir -p "$LOG_FOLDER"
 fi
 if [ ! -d "$MOUNT_PATH" ]; then
  mkdir -p "$MOUNT_PATH"
 fi
 RCLONE_IGNORE="$CONFIG_FOLDER/rcloneignore"
 if [ ! -f "$RCLONE_IGNORE" ] && [ -f "/etc/rcloneignore" ]; then
  RCLONE_IGNORE='etc/rcloneignore'
 fi
 ### Mount
- /usr/bin/rclone --config="$CONFIG_FOLDER/rclone.conf" \
+/usr/bin/rclone --config="$CONFIG_FOLDER/rclone.conf" \
  mount \
  --cache-tmp-upload-path="$CACHE_FOLDER/$MOUNT-upload" \
  --cache-chunk-path="$CACHE_FOLDER/$MOUNT-chunks" \
--- a/software.yml
+++ b/software.yml
@ -6137,6 +6137,8 @@ softwarePackages:
    _desc: '[Rclone](https://rclone.org/) is an open source, multi threaded, command line computer program to manage content on cloud and other high latency storage. Its capabilities include sync, transfer, crypt, cache, union, compress and mount. The rclone website lists [fifty supported backends](https://rclone.org/overview/) including S3 services and Google Drive.'
    _docs: https://rclone.org/docs/
    _github: https://github.com/rclone/rclone
    _groups:
      - rclone
    _home: https://rclone.org/
    _name: Rclone
    ansible: professormanhattan.rclone