231 lines
9.5 KiB
Cheetah
231 lines
9.5 KiB
Cheetah
{{- $cloudflareR2AccountId := (default "84fa0d1b16ff8086dd958c468ce7fd59" (env "CLOUDFLARE_R2_ID")) -}}
|
|
{{- $cloudflareUsername := (default "brian@megabyte.space" (env "CLOUDFLARE_USERNAME")) -}}
|
|
{{- $cloudflareTeamsOrg := (default "manhattan" (env "CLOUDFLARE_TEAMS_ORG")) -}}
|
|
{{- $desktopSession := true -}}
|
|
{{- $domain := (default "megabyte.space" (env "PUBLIC_SERVICES_DOMAIN")) -}}
|
|
{{- $email := (default "brian@megabyte.space" (env "PRIMARY_EMAIL")) -}}
|
|
{{- $gcloudCoreProject := (default "megabyte-labs" (env "CLOUDSDK_CORE_PROJECT"))}}
|
|
{{- $gcloudEmail := (default "automation@megabyte-labs.iam.gserviceaccount.com" (env "GCE_SERVICE_ACCOUNT_EMAIL"))}}
|
|
{{- $githubUsername := (default "ProfessorManhattan" (env "GITHUB_USERNAME")) -}}
|
|
{{- $gmailAddress := (default "blzalewski@gmail.com" (env "GMAIL_ADDRESS")) -}}
|
|
{{- $gpgKeyId := (default "0xF0A300E4199A1C33" (env "KEYID")) -}}
|
|
{{- $hostname := (default "betelgeuse" (env "HOST")) -}}
|
|
{{- $locale := (default "en_US" (env "LANG")) }}
|
|
{{- $name := (default "Brian Zalewski" (env "FULL_NAME")) -}}
|
|
{{- $restricted := (default false (env "WORK_ENVIRONMENT")) -}}
|
|
{{- $snapcraftEmail := (default "brian@megabyte.space" (env "SNAPCRAFT_EMAIL"))}}
|
|
{{- $surgeshUsername := (default "brian@megabyte.space" (env "SURGESH_USERNAME")) -}}
|
|
{{- $timezone := (default "America/New_York" (env "TIMEZONE")) -}}
|
|
{{- $toolchains := list "CLI-Extras" "Docker" "Go" "Kubernetes" "Web-Development" -}}
|
|
{{- $work := (default false (env "WORK_ENVIRONMENT")) -}}
|
|
{{- if and (ne .chezmoi.os "darwin") (ne .chezmoi.os "windows") (not (env "DISPLAY")) -}}
|
|
{{- $desktopSession = false -}}
|
|
{{- end -}}
|
|
{{- $softwareGroup := (default "Standard" (env "SOFTWARE_GROUP")) -}}
|
|
{{- if $desktopSession -}}
|
|
{{- $softwareGroup = replace "-Desktop-Desktop" "-Desktop" (list $softwareGroup "-Desktop" | join "") -}}
|
|
{{- end -}}
|
|
|
|
{{- $data := . }}
|
|
{{- $_ := set $data "host" (default (dict) (get $data "host")) -}}
|
|
{{- $_ := set $data "user" (default (dict) (get $data "user")) -}}
|
|
{{- $_ := set $data "toolchains" (default (dict) (get $data "toolchains")) -}}
|
|
|
|
{{- $headless := false -}}
|
|
{{- $ephemeral := false -}}
|
|
{{/* detect GitHub codespaces, VSCode remote containers, Docker containers, Multipass VMs, and Vagrant boxes */}}
|
|
{{- $ephemeralEnvOrUsername := or (env "CODESPACES") (env "REMOTE_CONTAINERS_IPC") (eq .chezmoi.username "root" "ubuntu" "vagrant" "vscode" "devcontainer") -}}
|
|
{{- $ephemeralCgroup := and (stat "/proc/1/cgroup") (output "cat" "/proc/1/cgroup" | regexMatch "(docker|lxc)") -}}
|
|
{{- if or $ephemeralEnvOrUsername $ephemeralCgroup -}}
|
|
{{- $headless = true -}}
|
|
{{- $ephemeral = true -}}
|
|
{{- writeToStdout "Chezmoi is running in a container.\n" -}}
|
|
{{- end -}}
|
|
|
|
{{- $chassisType := "desktop" }}
|
|
{{- if $ephemeral -}}
|
|
{{- $chassisType = "ephemeral" }}
|
|
{{- else if eq .chezmoi.os "linux" }}
|
|
{{- if (.chezmoi.kernel.osrelease | lower | contains "microsoft") -}}
|
|
{{- $chassisType = "wsl" }}
|
|
{{- else -}}
|
|
{{- $chassisType = "todo-get-from-hostnamectl" }}
|
|
{{- end -}}
|
|
{{- else if eq .chezmoi.os "darwin" }}
|
|
{{- if contains "MacBook" (output "sysctl" "-n" "hw.model") }}
|
|
{{- $chassisType = "laptop" }}
|
|
{{- else }}
|
|
{{- $chassisType = "desktop" }}
|
|
{{- end }}
|
|
{{- else if eq .chezmoi.os "windows" }}
|
|
{{- $chassisType = (output "powershell.exe" "-noprofile" "-command" "if (Get-WmiObject -Class win32_battery -ComputerName localhost) { echo laptop } else { echo desktop }") }}
|
|
{{- end }}
|
|
|
|
{{- $cpuCores := 1 }}
|
|
{{- $cpuThreads := 1 }}
|
|
{{- if eq .chezmoi.os "darwin" }}
|
|
{{- $cpuCores = (output "sysctl" "-n" "hw.physicalcpu_max") | trim | atoi }}
|
|
{{- $cpuThreads = (output "sysctl" "-n" "hw.logicalcpu_max") | trim | atoi }}
|
|
{{- else if eq .chezmoi.os "linux" }}
|
|
{{- $cpuCores = (output "sh" "-c" "lscpu --online --parse | grep --invert-match '^#' | sort --field-separator=',' --key='2,4' --unique | wc --lines") | trim | atoi }}
|
|
{{- $cpuThreads = (output "sh" "-c" "lscpu --online --parse | grep --invert-match '^#' | wc --lines") | trim | atoi }}
|
|
{{- else if eq .chezmoi.os "windows" }}
|
|
{{- $cpuCores = (output "powershell.exe" "-NoProfile" "-NonInteractive" "-Command" "(Get-CimInstance -ClassName 'Win32_Processor').NumberOfCores") | trim | atoi }}
|
|
{{- $cpuThreads = (output "powershell.exe" "-NoProfile" "-NonInteractive" "-Command" "(Get-CimInstance -ClassName 'Win32_Processor').NumberOfLogicalProcessors") | trim | atoi }}
|
|
{{- end }}
|
|
|
|
{{- $toolchainsEnabled := dict }}
|
|
{{- range $toolchain := $toolchains }}
|
|
{{- $withoutToolchains := env "WITHOUT_TOOLCHAINS" -}}
|
|
{{- $withoutToolchain := env (list "WITHOUT" (upper $toolchain) | join "_") -}}
|
|
{{- $withToolchain := env (list "WITH" (upper $toolchain) | join "_") -}}
|
|
{{- if and (or $withoutToolchains $withoutToolchain) (not $withToolchain) -}}
|
|
{{- writeToStdout (list "Disabled" $toolchain "toolchain.\n" | join " ") -}}
|
|
{{- $_ := set $toolchainsEnabled $toolchain true }}
|
|
{{- else }}
|
|
{{- $_ := set $toolchainsEnabled $toolchain true }}
|
|
{{- end}}
|
|
{{- end }}
|
|
|
|
{{- if stdinIsATTY -}}
|
|
|
|
{{- if not (env "WORK_ENVIRONMENT") -}}
|
|
{{- $work = promptBoolOnce $data.host "work" "Work environment" $work -}}
|
|
{{- end -}}
|
|
{{- if not (env "RESTRICTED_ENVIRONMENT") -}}
|
|
{{- $restricted = promptBoolOnce $data.host "restricted" "Restricted environment (i.e. no sudo)" $restricted -}}
|
|
{{- end -}}
|
|
{{- if not (env "SOFTWARE_GROUP") -}}
|
|
{{- $softwareGroup = promptStringOnce $data.host "softwareGroup" "Software group" $softwareGroup -}}
|
|
{{- end -}}
|
|
{{- if not (env "FULL_NAME") -}}
|
|
{{- $name = promptStringOnce $data.user "name" "Full name" $name -}}
|
|
{{- end -}}
|
|
{{- if not (env "PRIMARY_EMAIL") -}}
|
|
{{- $email = promptStringOnce $data.user "email" "Primary e-mail address" $email -}}
|
|
{{- end -}}
|
|
{{- if not (env "PUBLIC_SERVICES_DOMAIN") -}}
|
|
{{- $domain = promptStringOnce $data.user "domain" "Domain name" $domain -}}
|
|
{{- end -}}
|
|
{{- if not (env "HOST") -}}
|
|
{{- $hostname = promptStringOnce $data.host "hostname" "Hostname ID" $hostname -}}
|
|
{{- end -}}
|
|
|
|
{{- else -}}
|
|
{{- $headless = true -}}
|
|
{{- writeToStdout "Chezmoi is running in headless environment.\n" -}}
|
|
{{- end -}}
|
|
|
|
{{- $sambaNetBiosName := (default $hostname (env "SAMBA_NETBIOS_NAME")) -}}
|
|
{{- $sambaWorkGroupName := (default "BETELGEUSE" (env "SAMBA_WORKGROUP")) -}}
|
|
|
|
{{- $wazuhManager := (default (print "wazuh." $domain) (env "WAZUH_MANAGER")) -}}
|
|
|
|
encryption: "age"
|
|
age:
|
|
identity: "{{ .chezmoi.homeDir }}/.config/age/chezmoi.txt"
|
|
recipient: "age1necy24c4lzxheey4p2m8v4q000n442wyv47qc640ulyxx9l8dpesdqv7ey"
|
|
gpg:
|
|
recipient: "{{ $gpgKeyId }}"
|
|
data:
|
|
host:
|
|
arch: "{{ .chezmoi.arch }}"
|
|
cloudflare:
|
|
teamsOrg: "{{ $cloudflareTeamsOrg }}"
|
|
cpu:
|
|
cores: "{{ $cpuCores }}"
|
|
threads: "{{ $cpuThreads }}"
|
|
desktopSession: "{{ $desktopSession }}"
|
|
distro:
|
|
family: "{{ .chezmoi.os }}"
|
|
id: "{{ get .chezmoi.osRelease "id" | default .chezmoi.os }}"
|
|
dns:
|
|
primary: 10.0.0.1#dns.megabyte.space
|
|
secondary: 1.1.1.1#cloudflare-dns.com
|
|
docker:
|
|
doRegion: nyc1
|
|
domain: "{{ $domain }}"
|
|
gitlabRunners:
|
|
- glurl: "https://gitlab.com/"
|
|
runnerDescription: "Docker executor"
|
|
runnerImage: "alpine:latest"
|
|
runnerTags: "alpine,linux"
|
|
- glurl: "https://gitlab.com/"
|
|
baseVM: "debian"
|
|
runnerDescription: "VirtualBox executor - Debian, OpenJDK 20"
|
|
runnerTags: "bash,openjdk20,linux"
|
|
headless: {{ $headless }}
|
|
home: "{{ .chezmoi.homeDir }}"
|
|
homeParentFolder: "{{ if eq .chezmoi.os "linux" }}/home{{ else if eq .chezmoi.os "darwin" }}/Users{{ else }}C:\Users{{ end }}"
|
|
hostname: "{{ $hostname }}"
|
|
samba:
|
|
netbiosName: "{{ $sambaNetBiosName }}"
|
|
workgroup: "{{ $sambaWorkGroupName }}"
|
|
ssh:
|
|
allowTCPForwarding: no
|
|
allowUsers: {{ output "echo" "$USER" }}
|
|
endlesshPort: 22
|
|
port: 2214
|
|
vpn:
|
|
excludedSubnets:
|
|
- 10.0.0.0/24
|
|
- 10.14.50.0/24
|
|
- 192.168.1.0/24
|
|
qubes: {{ stat (joinPath "usr" "bin" "qubes-session") }}
|
|
restricted: {{ $restricted }}
|
|
softwareGroup: "{{ $softwareGroup }}"
|
|
type: "{{ $chassisType }}"
|
|
wazuhManager: "{{ $wazuhManager }}"
|
|
work: {{ $work }}
|
|
toolchains:
|
|
{{- range $toolchain, $enabled := $toolchainsEnabled }}
|
|
{{ $toolchain}}: {{ $enabled }}
|
|
{{- end }}
|
|
user:
|
|
cloudflare:
|
|
r2: "{{ $cloudflareR2AccountId }}"
|
|
username: "{{ $cloudflareUsername }}"
|
|
defaultBrowser: chrome
|
|
defaultBrowserDarwin: chrome
|
|
digitalOceanClusterId: b7fc4e37-ffe7-4ea1-887a-0e19ee077f32
|
|
# `domain` is kept here for backwards compatibility, but the .host.domain is the preferred selector
|
|
domain: "{{ $domain }}"
|
|
email: "{{ $email }}"
|
|
gcloud:
|
|
coreProject: "{{ $gcloudCoreProject }}"
|
|
email: "{{ $gcloudEmail }}"
|
|
github:
|
|
username: "{{ $githubUsername }}"
|
|
gitomatic:
|
|
- git: "{{ default "git@github.com:megabyte-labs/install.doctor.git" (env "START_REPO") }}"
|
|
path: /usr/local/src/install.doctor
|
|
gmail:
|
|
username: "{{ $gmailAddress }}"
|
|
gpg:
|
|
id: "{{ $gpgKeyId }}"
|
|
holdSudoPrivileges: true
|
|
locale: "{{ $locale }}"
|
|
name: "{{ $name }}"
|
|
snapcraft:
|
|
username: "{{ $snapcraftEmail }}"
|
|
surgesh:
|
|
username: "{{ $surgeshUsername }}"
|
|
timezone: "{{ $timezone }}"
|
|
tinypngKey: "g355tx7dxG5yJfl0RXJnpQlQqk88dJBv"
|
|
username: "{{ default "user" (env "USER") }}"
|
|
weatherZipCode: 07960
|
|
diff:
|
|
format: "git"
|
|
pager: "delta"
|
|
git:
|
|
autoCommit: true
|
|
autoPush: true
|
|
textconv:
|
|
- pattern: "**/*.plist"
|
|
command: "plutil"
|
|
args:
|
|
- "-convert"
|
|
- "xml1"
|
|
- "-o"
|
|
- "-"
|
|
- "-"
|