{{- $cloudflareR2AccountId := (default "84fa0d1b16ff8086dd958c468ce7fd59" (env "CLOUDFLARE_R2_ID")) -}}
{{- $cloudflareUsername := (default "blzalewski@gmail.com" (env "CLOUDFLARE_USERNAME")) -}}
{{- $cloudflareTeamsOrg := (default "manhattan" (env "CLOUDFLARE_TEAMS_ORG")) -}}
{{- $desktopSession := true -}}
{{- $dockerHubUser := (default "professormanhattan" (env "DOCKERHUB_USER")) -}}
{{- $domain := (default "punkfairie.net" (env "PUBLIC_SERVICES_DOMAIN")) -}}
{{- $email := (default "marley@punkfairie.net" (env "PRIMARY_EMAIL")) -}}
{{- $gcloudCoreProject := (default "megabyte-labs" (env "CLOUDSDK_CORE_PROJECT"))}}
{{- $gcloudEmail := (default "automation@megabyte-labs.iam.gserviceaccount.com" (env "GCE_SERVICE_ACCOUNT_EMAIL"))}}
{{- $githubUsername := (default "punkfairie" (env "GITHUB_USERNAME")) -}}
{{- $gmailAddress := (default "blzalewski@gmail.com" (env "GMAIL_ADDRESS")) -}}
{{- $gpgKeyId := (default "0xF0A300E4199A1C33" (env "KEYID")) -}}
{{- $hostname := (output "hostname" "-s") -}}
{{- $locale := (default "en_US" (env "LANG")) }}
{{- $name := (default "Marley Rae" (env "FULL_NAME")) -}}
{{- $restricted := (default false (env "WORK_ENVIRONMENT")) -}}
{{- $snapcraftEmail := (default "brian@megabyte.space" (env "SNAPCRAFT_EMAIL"))}}
{{- $surgeshUsername := (default "brian@megabyte.space" (env "SURGESH_USERNAME")) -}}
{{- $timezone := (default "America/New_York" (env "TIMEZONE")) -}}
{{- $toolchains := list "CLI-Extras" "Docker" "Go" "Kubernetes" "Web-Development" -}}
{{- $work := (default false (env "WORK_ENVIRONMENT")) -}}
{{- if and (ne .chezmoi.os "darwin") (ne .chezmoi.os "windows") (not (env "DISPLAY")) -}}
{{- $desktopSession = false -}}
{{- end -}}
{{- $softwareGroup := (default "Standard" (env "SOFTWARE_GROUP")) -}}
{{- if $desktopSession -}}
{{- $softwareGroup = replace "-Desktop-Desktop" "-Desktop" (list $softwareGroup "-Desktop" | join "") -}}
{{- end -}}
{{- $data := . }}
{{- $_ := set $data "host" (default (dict) (get $data "host")) -}}
{{- $_ := set $data "user" (default (dict) (get $data "user")) -}}
{{- $_ := set $data "toolchains" (default (dict) (get $data "toolchains")) -}}
{{- $headless := false -}}
{{- $ephemeral := false -}}
{{/* detect GitHub codespaces, VSCode remote containers, Docker containers, Multipass VMs, and Vagrant boxes */}}
{{- $ephemeralEnvOrUsername := or (env "CODESPACES") (env "REMOTE_CONTAINERS_IPC") (eq .chezmoi.username "root" "ubuntu" "vagrant" "vscode" "devcontainer") -}}
{{- $ephemeralCgroup := and (stat "/proc/1/cgroup") (output "cat" "/proc/1/cgroup" | regexMatch "(docker|lxc)") -}}
{{- if or $ephemeralEnvOrUsername $ephemeralCgroup -}}
{{- $headless = true -}}
{{- $ephemeral = true -}}
{{- writeToStdout "Chezmoi is running in a container.\n" -}}
{{- end -}}
{{- $chassisType := "desktop" }}
{{- if $ephemeral -}}
{{- $chassisType = "ephemeral" }}
{{- else if eq .chezmoi.os "linux" }}
{{- if (.chezmoi.kernel.osrelease | lower | contains "microsoft") -}}
{{- $chassisType = "wsl" }}
{{- else -}}
{{- $chassisType = "todo-get-from-hostnamectl" }}
{{- end -}}
{{- else if eq .chezmoi.os "darwin" }}
{{- if contains "MacBook" (output "sysctl" "-n" "hw.model") }}
{{- $chassisType = "laptop" }}
{{- else }}
{{- $chassisType = "desktop" }}
{{- end }}
{{- else if eq .chezmoi.os "windows" }}
{{- $chassisType = (output "powershell.exe" "-noprofile" "-command" "if (Get-WmiObject -Class win32_battery -ComputerName localhost) { echo laptop } else { echo desktop }") }}
{{- end }}
{{- $cpuCores := 1 }}
{{- $cpuThreads := 1 }}
{{- if eq .chezmoi.os "darwin" }}
{{- $cpuCores = (output "sysctl" "-n" "hw.physicalcpu_max") | trim | atoi }}
{{- $cpuThreads = (output "sysctl" "-n" "hw.logicalcpu_max") | trim | atoi }}
{{- else if eq .chezmoi.os "linux" }}
{{- $cpuCores = (output "sh" "-c" "lscpu --online --parse | grep --invert-match '^#' | sort --field-separator=',' --key='2,4' --unique | wc --lines") | trim | atoi }}
{{- $cpuThreads = (output "sh" "-c" "lscpu --online --parse | grep --invert-match '^#' | wc --lines") | trim | atoi }}
{{- else if eq .chezmoi.os "windows" }}
{{- $cpuCores = (output "powershell.exe" "-NoProfile" "-NonInteractive" "-Command" "(Get-CimInstance -ClassName 'Win32_Processor').NumberOfCores") | trim | atoi }}
{{- $cpuThreads = (output "powershell.exe" "-NoProfile" "-NonInteractive" "-Command" "(Get-CimInstance -ClassName 'Win32_Processor').NumberOfLogicalProcessors") | trim | atoi }}
{{- end }}
{{- $toolchainsEnabled := dict }}
{{- range $toolchain := $toolchains }}
{{- $withoutToolchains := env "WITHOUT_TOOLCHAINS" -}}
{{- $withoutToolchain := env (list "WITHOUT" (upper $toolchain) | join "_") -}}
{{- $withToolchain := env (list "WITH" (upper $toolchain) | join "_") -}}
{{- if and (or $withoutToolchains $withoutToolchain) (not $withToolchain) -}}
{{- writeToStdout (list "Disabled" $toolchain "toolchain.\n" | join " ") -}}
{{- $_ := set $toolchainsEnabled $toolchain true }}
{{- else }}
{{- $_ := set $toolchainsEnabled $toolchain true }}
{{- end}}
{{- end }}
{{- if stdinIsATTY -}}
{{- if (eq .chezmoi.os "darwin") -}}
{{- if (contains "managed Mac computers" (output "/usr/libexec/ApplicationFirewall/socketfilterfw" "--getglobalstate")) -}}
{{- $work = true -}}
{{- else }}
{{- $work = false -}}
{{- end -}}
{{- end -}}
{{- else -}}
{{- $headless = true -}}
{{- writeToStdout "Chezmoi is running in headless environment.\n" -}}
{{- end -}}
{{- $sambaNetBiosName := (default $hostname (env "SAMBA_NETBIOS_NAME")) -}}
{{- $sambaWorkGroupName := (default "BETELGEUSE" (env "SAMBA_WORKGROUP")) -}}
{{- $wazuhManager := (default (print "wazuh." $domain) (env "WAZUH_MANAGER")) -}}
encryption: "age"
age:
identity: "{{ .chezmoi.homeDir }}/.config/age/chezmoi.txt"
recipient: "age1necy24c4lzxheey4p2m8v4q000n442wyv47qc640ulyxx9l8dpesdqv7ey"
gpg:
recipient: "{{ $gpgKeyId }}"
data:
host:
arch: "{{ .chezmoi.arch }}"
cloudflare:
teamsOrg: "{{ $cloudflareTeamsOrg }}"
cpu:
cores: "{{ $cpuCores }}"
threads: "{{ $cpuThreads }}"
desktopSession: "{{ $desktopSession }}"
distro:
family: "{{ .chezmoi.os }}"
id: "{{ get .chezmoi.osRelease "id" | default .chezmoi.os }}"
dns:
primary: 10.0.0.1#dns.megabyte.space
secondary: 1.1.1.1#cloudflare-dns.com
docker:
doRegion: nyc1
domain: "{{ $domain }}"
gitlabRunners:
- glurl: "https://gitlab.com/"
runnerDescription: "Docker executor"
runnerImage: "alpine:latest"
runnerTags: "alpine,linux"
- glurl: "https://gitlab.com/"
baseVM: "debian"
runnerDescription: "VirtualBox executor - Debian, OpenJDK 20"
runnerTags: "bash,openjdk20,linux"
headless: {{ $headless }}
home: "{{ .chezmoi.homeDir }}"
homeParentFolder: "{{ if eq .chezmoi.os "linux" }}/home{{ else if eq .chezmoi.os "darwin" }}/Users{{ else }}C:\Users{{ end }}"
hostname: "{{ $hostname | lower -}}"
noReplyEmail: no-reply@megabyte.space
samba:
netbiosName: "{{ $sambaNetBiosName | lower -}}"
workgroup: "{{ $sambaWorkGroupName }}"
smtp:
from: automation@megabyte.space
host: smtp.sendgrid.net
port: 587
user: apikey
ssh:
allowTCPForwarding: no
allowUsers: {{ env "USER" }}
endlesshPort: 22
port: 8169
vpn:
excludedSubnets:
- 10.0.0.0/24
- 10.14.50.0/24
- 192.168.1.0/24
qubes: {{ if (stat (joinPath "usr" "bin" "qubes-session")) }}true{{ else }}false{{ end }}
restricted: {{ $restricted }}
softwareGroup: "{{ $softwareGroup }}"
type: "{{ $chassisType }}"
wazuhManager: "{{ $wazuhManager }}"
work: {{ $work }}
toolchains:
{{- range $toolchain, $enabled := $toolchainsEnabled }}
{{ $toolchain}}: {{ $enabled }}
{{- end }}
user:
cloudflare:
r2: "{{ $cloudflareR2AccountId }}"
username: "{{ $cloudflareUsername }}"
defaultBrowser: chrome
defaultBrowserDarwin: chrome
digitalOceanClusterId: b7fc4e37-ffe7-4ea1-887a-0e19ee077f32
docker:
username: "{{ $dockerHubUser }}"
# `domain` is kept here for backwards compatibility, but the .host.domain is the preferred selector
domain: "{{ $domain }}"
email: "{{ $email }}"
gcloud:
coreProject: "{{ $gcloudCoreProject }}"
email: "{{ $gcloudEmail }}"
github:
runnerOrg: megabyte-labs
username: "{{ $githubUsername }}"
gitomatic:
- git: "{{ default "git@github.com:megabyte-labs/install.doctor.git" (env "START_REPO") }}"
path: "~/.local/share/chezmoi"
gmail:
username: "{{ $gmailAddress }}"
gpg:
id: "{{ $gpgKeyId }}"
holdSudoPrivileges: true
locale: "{{ $locale }}"
name: "{{ $name }}"
ntpServer: "time.apple.com"
snapcraft:
username: "{{ $snapcraftEmail }}"
surgesh:
username: "{{ $surgeshUsername }}"
timezone: "{{ $timezone }}"
tinypngKey: "g355tx7dxG5yJfl0RXJnpQlQqk88dJBv"
username: "{{ default "user" (env "USER") }}"
weatherZipCode: 07960
diff:
pager: delta
format: git
args:
- "--paging"
- never
exclude:
- dirs
- externals
- scripts
edit:
command: code
args:
- "--wait"
git:
autoCommit: true
autoPush: true
textconv:
- pattern: "**/*.plist"
command: "plutil"
args:
- "-convert"
- "xml1"
- "-o"
- "-"
- "-"