Add pass to customize-env script for Cloud Shell + more updates to bootstrap script
Signed-off-by: Andrei Jiroh Eugenio Halili <ajhalili2006@gmail.com>
This commit is contained in:
parent
b0856f7a5e
commit
3aa6e506aa
|
@ -16,7 +16,7 @@ sleep 2; echo
|
||||||
|
|
||||||
# Install HashiCorp Vault, as usual. Don't forget to update GitHub CLI and Terraform
|
# Install HashiCorp Vault, as usual. Don't forget to update GitHub CLI and Terraform
|
||||||
echo "===> Installing GitHub CLI, bat, Terraform and vault CLI"
|
echo "===> Installing GitHub CLI, bat, Terraform and vault CLI"
|
||||||
apt-get install vault gh terraform bat -y
|
apt-get install vault gh terraform bat keychain -y
|
||||||
sleep 2; echo
|
sleep 2; echo
|
||||||
|
|
||||||
# Install Git and Git LFS from Buster backports
|
# Install Git and Git LFS from Buster backports
|
||||||
|
|
26
bootstrap
26
bootstrap
|
@ -92,15 +92,15 @@ checkOs() {
|
||||||
setupSysPkgs() {
|
setupSysPkgs() {
|
||||||
echoStageName "Installating essiential dependencies"
|
echoStageName "Installating essiential dependencies"
|
||||||
if [[ $DOTFILES_OS_NAME == "android-termux" ]] && [[ $SKIP_DEPENDENCY_INSTALL == "" ]]; then
|
if [[ $DOTFILES_OS_NAME == "android-termux" ]] && [[ $SKIP_DEPENDENCY_INSTALL == "" ]]; then
|
||||||
pkg install -y man git nano gnupg openssh proot resolv-conf asciinema openssl-tool pass
|
pkg install -y man git nano gnupg openssh proot resolv-conf asciinema openssl-tool pass keychain
|
||||||
setupGhCli
|
setupGhCli
|
||||||
setupGLabCli
|
setupGLabCli
|
||||||
elif [[ $DOTFILES_OS_NAME == "debian" ]] && [[ $SKIP_DEPENDENCY_INSTALL == "" ]]; then
|
elif [[ $DOTFILES_OS_NAME == "debian" ]] && [[ $SKIP_DEPENDENCY_INSTALL == "" ]]; then
|
||||||
sudo apt install gnupg git nano pass openssh-client -y
|
sudo apt install gnupg git nano pass openssh-client keychain -y
|
||||||
setupGhCli
|
setupGhCli
|
||||||
setupGLabCli
|
setupGLabCli
|
||||||
elif [[ $DOTFILES_OS_NAME == "ubuntu" ]] && [[ $SKIP_DEPENDENCY_INSTALL == "" ]]; then
|
elif [[ $DOTFILES_OS_NAME == "ubuntu" ]] && [[ $SKIP_DEPENDENCY_INSTALL == "" ]]; then
|
||||||
sudo apt install gnupg nano pass openssh-client -y
|
sudo apt install gnupg nano pass openssh-client keychain -y
|
||||||
setupGhCli
|
setupGhCli
|
||||||
setupGLabCli
|
setupGLabCli
|
||||||
else
|
else
|
||||||
|
@ -115,7 +115,7 @@ setupAsdf() {
|
||||||
|
|
||||||
setupNode() {
|
setupNode() {
|
||||||
if [[ $USE_NVM == "1" ]]; then
|
if [[ $USE_NVM == "1" ]]; then
|
||||||
echoStagName "Installing Node.js Version Manager"
|
echoStageName "Installing Node.js Version Manager"
|
||||||
$(command -v curl >>/dev/null && echo "curl -o-" || echo "wget -qO-") https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | NODE_VERSION=${NODE_VERSION:"lts/*"} NVM_DIR="$HOME/.nvm" PROFILE=/dev/null bash
|
$(command -v curl >>/dev/null && echo "curl -o-" || echo "wget -qO-") https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | NODE_VERSION=${NODE_VERSION:"lts/*"} NVM_DIR="$HOME/.nvm" PROFILE=/dev/null bash
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
@ -459,11 +459,24 @@ importGpgKeys() {
|
||||||
wget $PERSONAL_KEY_URL -O /tmp/keys-import-tmp/personal
|
wget $PERSONAL_KEY_URL -O /tmp/keys-import-tmp/personal
|
||||||
wget $PASSWORD_STORE_KEY_URL -O /tmp/keys-import-tmp/password-store
|
wget $PASSWORD_STORE_KEY_URL -O /tmp/keys-import-tmp/password-store
|
||||||
wget $OSS_RELEASES_PERSONAL_KEY_URL -O /tmp/keys-import-tmp/releases-key
|
wget $OSS_RELEASES_PERSONAL_KEY_URL -O /tmp/keys-import-tmp/releases-key
|
||||||
|
|
||||||
|
# This is an unsafe operation, but even through they have the keys, they still need to
|
||||||
|
# steal the passwords, but I may rotate the keys very soon.
|
||||||
gpg --batch --no-tty --yes --import /tmp/keys-import-tmp/personal
|
gpg --batch --no-tty --yes --import /tmp/keys-import-tmp/personal
|
||||||
gpg --batch --no-tty --yes --import /tmp/keys-import-tmp/password-store
|
gpg --batch --no-tty --yes --import /tmp/keys-import-tmp/password-store
|
||||||
gpg --batch --no-tty --yes --import /tmp/keys-import-tmp/releases-key
|
gpg --batch --no-tty --yes --import /tmp/keys-import-tmp/releases-key
|
||||||
}
|
}
|
||||||
|
|
||||||
|
initPasswordStore() {
|
||||||
|
if [[ ! -d "$PASSWORD_STORE_DIR" ]]; then
|
||||||
|
echoStageName "Cloning passwdstore Git repo"
|
||||||
|
git clone https://gitlab.com/ajhalili2006/passwdstore-personal "$PASSWORD_STORE_DIR"
|
||||||
|
elif [[ ! -d "$PASSWORD_STORE_DIR" ]]; then
|
||||||
|
echoStageName "Updating local passwdstore Git repo"
|
||||||
|
git -C "$PASSWORD_STORE_DIR" pull origin main
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
importSshKeys() {
|
importSshKeys() {
|
||||||
if [[ -d "$DOTFILES_PATH/secrets" ]]; then
|
if [[ -d "$DOTFILES_PATH/secrets" ]]; then
|
||||||
true
|
true
|
||||||
|
@ -498,7 +511,7 @@ main() {
|
||||||
checkOs
|
checkOs
|
||||||
|
|
||||||
# step 2: install needed tools and create ~/.local/bin
|
# step 2: install needed tools and create ~/.local/bin
|
||||||
setupSysPkg
|
setupSysPkgs
|
||||||
userspcaeBinDirCheck
|
userspcaeBinDirCheck
|
||||||
|
|
||||||
# step 3.1: then clone the repo
|
# step 3.1: then clone the repo
|
||||||
|
@ -522,7 +535,8 @@ main() {
|
||||||
setupSshConfig
|
setupSshConfig
|
||||||
|
|
||||||
# step 5.2: copy our secrets btw
|
# step 5.2: copy our secrets btw
|
||||||
cloneSecretsRepo # Run this before we even copy the ssh keys!
|
cloneSecretsRepo # Run this before we even copy the ssh keys! Also this is definitely deprecated.
|
||||||
|
initPasswordStore # Setup passwordstore stuff
|
||||||
importGpgKeys
|
importGpgKeys
|
||||||
importSshKeys
|
importSshKeys
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue