diff --git a/README.md b/README.md index 2da6249..f1de6a5 100644 --- a/README.md +++ b/README.md @@ -10,15 +10,15 @@ working at The Pins Team, see [our dotfiles][df-gl]. ### Using the bootstraper script without cloning ```sh -## configure required variables +# configure required variables export GITLAB_LOGIN=ajhalili2006 export GITLAB_TOKEN= -## Run the bootstrap script +# Run the bootstrap script $(command -v curl>>/dev/null && echo curl -o- || echo wget -q0-) https://raw.githubusercontent.com/ajhalili2006/dotfiles/main/bootstrap | bash - -## Done? -unset GITLAB_TOKEN GITLAB_LOGIN +# Done? Don't forget to cleanup as needed. +unset GITLAB_TOKEN GITLAB_LOGIN && history -c ``` ### With Cloning the Repo @@ -28,13 +28,15 @@ unset GITLAB_TOKEN GITLAB_LOGIN git clone https://github.com/ajhalili2006/dotfiles $HOME/.dotfiles cd $HOME/.dotfiles -# no need for exporting my PAT before running this -./bootstrap --flags-over-here --and-this-one stuff - +# you may need to export the required variables before running the bootstrap script locally # you may optionally run the bootstrapper script if you want GITLAB_LOGIN=AndreiJirohHaliliDev2006 GITLAB_TOKEN= ./bootstrap --flags-over here ``` +### Documentation + +Available documentation for the on/offboarding processes I do + other tidbits of the bootstrap script can be accessible through [the `docs` directory](./docs). + ## Want to fork me owo? Follow the checklist below after forking to ensure no references to mine are found. **Remember that your fork, your problem.** It's up to you on how do you customize stuff. You can use [The Pins Team's dotfiles template][template] to start from our template. diff --git a/bin/ghcli-installer b/bin/ghcli-installer new file mode 100755 index 0000000..113347f --- /dev/null +++ b/bin/ghcli-installer @@ -0,0 +1,16 @@ +#!/bin/env bash +# shellcheck shell=bash + +if [[ "$(command -v gh)" == "" ]]; then + echo "info: Installing GitHub CLI..." + if echo "$OSTYPE" | grep -qE '^linux-gnu.*' && [ -f '/etc/debian_version' ]; then + curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo gpg --dearmor -o /usr/share/keyrings/githubcli-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null + sudo apt update && sudo apt install gh + fi +else + echo "info: Upgrading GitHub CLI..." + if echo "$OSTYPE" | grep -qE '^linux-gnu.*' && [ -f '/etc/debian_version' ]; then + sudo apt update; sudo apt install gh + fi +fi diff --git a/bootstrap b/bootstrap index e0ef299..d7d73e9 100755 --- a/bootstrap +++ b/bootstrap @@ -129,21 +129,32 @@ cloneRepo() { git -C "$HOME/.dotfiles" pull origin fi sleep 5 +} - if [[ $GITLAB_TOKEN == "" ]] && [[ $GITLAB_LOGIN == "" ]] && [ ! -d "$HOME/.dotfiles/secrets" ]; then +# Decouple secrets repo cloning process from the main +cloneSecretsRepo() { + # Since I also have an GitHub mirror of that private repo, maybe we can set an variable for that + if [[ $USE_GH_SECRETS_MIRROR != "" ]]; then + true # just an bypass command to avoid these steps below + elif [[ $GITLAB_TOKEN == "" ]] && [[ $GITLAB_LOGIN == "" ]] && [ ! -d "$HOME/.dotfiles/secrets" ]; then error "GitLab login and token can't be blank!" && exit 1 # Probably change my GitLab SaaS username with yours elif [[ $GITLAB_LOGIN != "ajhalili2006" ]] && [ ! -d "$HOME/.dotfiles/secrets" ]; then error "Only Andrei Jiroh can do this!" && exit 1 elif [[ $GITLAB_LOGIN == "ajhalili2006" ]] && [[ $GITLAB_TOKEN == "" ]] && [ ! -d "$HOME/.dotfiles/secrets" ]; then - error "Missing GitLab SaaS PAT! Check your Bitwarden vault for that PAT with atleast read_repository scope." && exit 1 + error "Missing GitLab SaaS PAT! Check your Bitwarden vault for that PAT with atleast read_repository scope, or use GitHub mirror instead." && exit 1 fi if [ ! -d "$HOME/.dotfiles/secrets" ]; then echoStageName "Cloning secrets repo" - git clone https://$GITLAB_LOGIN:$GITLAB_TOKEN@gitlab.com/ajhalili2006/dotfiles-secrets $HOME/.dotfiles/secrets - [ $? != "0" ] && echo "error: That kinda sus, but either only Andrei Jiroh can proceed or maybe the PAT you used is invalid." && exit 1 + + if [[ $USE_GH_SECRETS_MIRROR != "" ]]; then + gh repo clone ajhalili2006/dotfiles-secrets + elif ! git clone https://$GITLAB_LOGIN:$GITLAB_TOKEN@gitlab.com/ajhalili2006/dotfiles-secrets $HOME/.dotfiles/secrets; then + echo "error: That kinda sus, but either only Andrei Jiroh can proceed or maybe the PAT you used is invalid. Probably try to use GitHub mirror instead" && exit 1 + fi chmod 760 $HOME/.dotfiles/secrets + git -C "$HOME/.dotfiles/secrets" remote set-url origin git@gitlab.com:ajhalili2006/dotfiles-secrets else chmod 760 $HOME/.dotfiles/secrets git -C "$HOME/.dotfiles/secrets" fetch --all @@ -152,6 +163,15 @@ cloneRepo() { sleep 5 } +# Install GitHub CLI if we're gonna use that GitHub mirror +ghCli() { + if [[ $DOTFILES_OS_NAME == "debian-ubuntu" ]] && [[ "$(command -v gh)" == "" ]]; then + curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo gpg --dearmor -o /usr/share/keyrings/githubcli-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null + sudo apt update && sudo apt install gh + fi +} + cleanup() { echoStageName "Bootstrapper successfully ran, cleaning up to ensure no secrets are leaked on env vars..." # just add chaos to these secrets to avoid leaks @@ -240,12 +260,15 @@ copyNanoConfig() { installShellCheck() { echoStageName "Installing Shellcheck" - if [[ $SKIP_DEPENDENCY_INSTALL == "" || $SKIP_REINSTALL_SHELLCHECK == "" ]]; then - scversion="stable" # or "v0.4.7", or "latest" + + scversion="stable" # or "v0.4.7", or "latest" + SHELLCHECK_ARCHIVE_URL="https://github.com/koalaman/shellcheck/releases/download/${scversion?}/shellcheck-${scversion?}.linux.x86_64.tar.xz" # TODO: Also detect other arches, especially on i386 + + if [[ $LSKIP_DEPENDENCY_INSTAL == "" ]]; then current_shellcheck_path=$(command -v shellcheck) - isOwnedByUser="$(find $PREFIX/bin -user $USER -file shellcheck)" # Don't check if its blank + isOwnedByUser="$(find $PREFIX/bin -user $USER -name shellcheck)" current_path_dir="$(dirname $current_shellcheck_path)" - wget -qO- "https://github.com/koalaman/shellcheck/releases/download/${scversion?}/shellcheck-${scversion?}.linux.x86_64.tar.xz" | tar -xJv -C "$HOME" + wget -qO- "$SHELLCHECK_ARCHIVE_URL" | tar -xJv -C "$HOME" if [[ $current_shellcheck_path == "" ]]; then cp "$HOME/shellcheck-${scversion}/shellcheck" "$PREFIX/bin" elif [[ $current_shellcheck_path == "$PREFIX/bin/shellcheck" ]]; then @@ -376,6 +399,10 @@ main() { # step 2: install needed tools and create ~/.local/bin installDeps userspcaeBinDirCheck + [[ $USE_GH_SECRETS_MIRROR != "" ]] && ghCli + + # Possibly interactively sign in to the CLI if GITHUB_TOKEN isn't provided + [[ $GITHUB_TOKEN == "" && $USE_GH_SECRETS_MIRROR == "" ]] && gh auth login # step 3.1: then clone the repo cloneRepo @@ -395,6 +422,9 @@ main() { copyGitConfig copyNanoConfig copyBashrc + + # step 5.2: copy our secrets btw + cloneSecretsRepo # Run this before we even copy the ssh keys! copyKeysSSH # step 6: finally clean up bullshit diff --git a/docs/onboarding.md b/docs/onboarding.md index 9ede415..57f5180 100644 --- a/docs/onboarding.md +++ b/docs/onboarding.md @@ -5,7 +5,7 @@ This onboarding page documents how do I bootstrap stuff for an new Linux machine ## Prerequisites * Access to my Bitwarden vault for GitLab PAT on an Vaultwarden instance at Railway. Once email has been fixed, probably my phone with 2FA number used for Google OR Authy app and Telegram client of choice. -* An working browser, preferrly Chrome or Firefox. +* An working browser, preferrly Firefox. * An desktop environment preinstalled, in case of Alpine/Arch/Gentoo-based distros, proceed with Xfce4. Unless has atleast 4 GBs of memory on an amd64 machine, install GNOME or KDE instead. ### Pre-flight Check @@ -15,14 +15,22 @@ This onboarding page documents how do I bootstrap stuff for an new Linux machine * Check if Bash and/or Git is preinstalled while in live environment. * Remember to note down the root password! You may also need to take down notes of your regular account password too, if sudo is configured. * If you're trying an new distro (Arch, Gentoo, RHEL) or got an ChromeOS preinstalled and enabled devmode and Linux stuff, please install the tools one by one and note it down here in this document. +* Check if that distro either has GitHub CLI from the official package repos (or atleast community maintained ones). Otherwise, maybe opt to building from source or use prebuilt binaries from GitHub Releases. ## Termux -TODO +> **:warning: Termux is only available for Android 7 to 9 on F-roid due to compatibility reasons!** Things start to blur once you upgrade to Android 10 or above, as more restrictions have been implemented, see ISSUE-TODO-LINK. ## Debian, Ubuntu and friends -TODO +Bash, GNU coreutils and curl/wget is pre-installed, but you may need to manually upgrade to their latest versions from the backports, especially if they're too far from the latest release. + +As an final check before proceeding, install gnupg and friends before running the bootstrap script: + +```sh +# they'll be also installed if you don't do this +sudo apt install gnupg gnupg-agent dirmgr --yes +``` ## Alpine Linux @@ -48,11 +56,7 @@ http://dl-cdn.alpinelinux.org/alpine/edge/community Now, run `apk update` followed by `apk upgrade` to update all packages to their latest versions in the `edge` branch. -Finally, follow the bootstrapping process of the dotfiles in the root README, which, as usual: - -* export both the GitLab SaaS username and password with `export GITLAB_LOGIN=ajhalili2006 GITLAB_TOKEN=pat-from-bw-vault` -* run the main script with `curl -fsSL https://ajhalili2006.gitlab.io/linux-bootstrap.sh | bash -` -* optionally run the post-setup script to add my package signing key for Alpine, GPG keys, and probably my KeexPass stuff with `./tools/post-setup/alpine.sh` +Finally, follow the bootstrapping process of the dotfiles as mentioned in the root README. ## Gitpod? diff --git a/docs/variables.md b/docs/variables.md new file mode 100644 index 0000000..d438d09 --- /dev/null +++ b/docs/variables.md @@ -0,0 +1,15 @@ +# Supprted variables for bootstrap script + +This list is non-exhastive and may be out of date. The bootstrap script's source code might contains them all. + +| Variable name | description | Type | +| --- | --- | --- | +| `USE_CODE_SERVER` | Installs code-server to use VS Code in a web browser. | Bootstrap flag | +| `USE_GH_SECRETS_MIRROR` | Use GitHub mirror for the dotfiles-secrets repo, requires the GitHub CLI to be installed for this process. | Botstrap flag | +| `USE_NVM` | Use Node Version Manager to install Node.js instead of NodeSource's way. May require you to install build tools if nvm went to installing from source, especially if you're on i386. | +| `DOTFILES_OS_NAME` | OS detection mechanisms for various automated steps in the bootstrap script. | OS detection system | +| `GOOGLE_CLOUD_SHELL` | Used to detect Cloud Shell environment | OS detectio system +| `GITLAB_LOGIN` | GitLab SaaS username for cloning the secrets repo, for validation purposes only. | Bootstrap flag | +| `GITLAB_TOKEN` | GitLab SaaS personal access token for cloning the secrets repo, not needed if `USE_GH_SECRETS_MIRROR` is being used | Bootstrap flag | +| `SKIP_CONFIG_LINKING` | Skips the process of symlinking config files to their destinations | Bootstrap flag | +| `SKIP_DEPENDENCY_INSTAL` | Skips installation of ShellCheck and other tooling and stuff | Bootstrap flag |