2024-11-25 11:53:43 +01:00
2 changed files with 1 additions and 341 deletions
--- a/config/.config/systemd/user/sync_to_remotes.service
+++ b/config/.config/systemd/user/sync_to_remotes.service
@ -3,7 +3,7 @@ Description=Daily sync_to_remotes.py
 [Service]
 Type=oneshot
-ExecStart=/usr/bin/uv run /home/jas/repos/codeberg.org/hyperreal/admin-scripts/sync_to_remotes.py
+ExecStart=/home/jas/repos/codeberg.org/hyperreal/admin-scripts/sync_to_remotes.py
 [Install]
 WantedBy=default.target
--- a/install.sh
+++ b/install.sh
@ -1,340 +0,0 @@
 #!/usr/bin/env bash
 set -euo pipefail
 GREEN='\033[1;32m'
 NC='\033[0m'
 packages=(
    age
    atop
    autossh
    bat
    borgbackup
    borgmatic
    btrfs-assistant
    calibre
    cmake
    curl
    diff-so-fancy
    direnv
    duf
    emacs
    ethtool
    eza
    fastfetch
    fd-find
    fzf
    git
    git-core
    golang
    hdparm
    htop
    hugo
    jc
    jq
    just
    kbackup
    kpeoplevcard
    lagrange
    ldns
    libtool
    lsof
    lynx
    neochat
    neovim
    nmap
    node-exporter
    nodejs
    nu
    parallel
    pipx
    poetry
    python3-devel
    python3-pip
    qbittorrent
    ripgrep
    rsync
    rsyslog
    shfmt
    ShellCheck
    tcpdump
    tealdeer
    tokodon
    trash-cli
    uv
    vlc
    w3m
    wireshark
    wl-clipboard
    yakuake
    zsh
 )
 copr_repos=(
    atim/starship
    hyperreal/better_fonts
    varlad/yazi
    varlad/zellij
 )
 flatpak_packages=(
    com.discordapp.Discord
    com.github.tchx84.Flatseal
    io.podman_desktop.PodmanDesktop
 )
 pipx_packages=(
    "black"
    "bpython"
    "isort"
    "pyright"
 )
 services_enable=(
    atop.service
    atopacct.service
    atop-rotate.timer
    prometheus-node-exporter.service
    rsyslog.service
    sshd.service
    systemd-networkd
    tailscaled.service
 )
 services_disable=(
    avahi-daemon.service
    avahi-daemon.socket
    bluetooth.service
    cups.service
    cups-browsed.service
    NetworkManager.service
    sddm.service
    wpa_supplicant.service
 )
 function action_label() {
    echo ""
    echo -e "${GREEN}--> ${1}...${NC}"
 }
 function install_packages() {
    action_label "INSTALLING PACKAGES"
    sudo dnf install -y "${packages[@]}"
 }
 function install_devel_groups() {
    action_label "INSTALLING DEVELOPMENT GROUPS"
    sudo dnf install -y '@c-development' '@development-tools' '@container-management'
 }
 function enable_copr_repos() {
    action_label "ENABLING COPR REPOS"
    for repo in "${copr_repos[@]}"; do sudo dnf copr enable -y "$repo"; done
 }
 # Depends: enable_copr_repos
 function install_copr_packages() {
    action_label "INSTALLING COPR PACKAGES"
    sudo dnf install -y starship fontconfig-font-replacements yazi zellij
 }
 function install_rpmfusion_repos() {
    action_label "INSTALLING RPMFUSION REPOS"
    sudo dnf install -y "https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm" "https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm"
 }
 # Depends: install_rpmfusion_repos
 function install_rpmfusion_packages() {
    action_label "INSTALLING RPMFUSION PACKAGES"
    sudo dnf install -y --allowerasing ffmpeg-libs
 }
 function install_charm_packages() {
    action_label "INSTALLING CHARM PACKAGES"
    echo '[charm]
 name=Charm
 baseurl=https://repo.charm.sh/yum/
 enabled=1
 gpgcheck=1
 gpgkey=https://repo.charm.sh/yum/gpg.key' | sudo tee /etc/yum.repos.d/charm.repo
    sudo rpm --import https://repo.charm.sh/yum/gpg.key
    sudo dnf install -y gum charm
 }
 function install_tailscale() {
    action_label "INSTALLING TAILSCALE"
    curl -fsSL https://tailscale.com/install.sh | sh
 }
 function enable_flathub() {
    action_label "ENABLING FLATHUB"
    flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
 }
 # Depends: enable_flathub
 function install_flatpaks() {
    action_label "INSTALLING FLATPAKS"
    for pkg in "${flatpak_packages[@]}"; do flatpak install flathub -y "$pkg"; done
 }
 # Depends: install_packages
 function install_pipx_packages() {
    action_label "INSTALLING PIPX PACKAGES"
    for pkg in "${pipx_packages[@]}"; do pipx install "$pkg"; done
    pipx install ansible --include-deps
 }
 function setup_networkd_conf() {
    action_label "SETTING UP SYSTEMD-NETWORKD CONFIG"
    echo '[Match]
 Name=eno1
 [Network]
 DHCP=yes
 #DNS=100.100.100.100
 DNSSEC=allow-downgrade
 [DHCPv4]
 UseDNS=no' | sudo tee /etc/systemd/network/eno1.network
 }
 # After: setup_networkd_conf
 function setup_resolv_conf() {
    action_label "SETTING UP RESOLV CONF"
    sudo rm -v /etc/resolv.conf
    sudo ln -sf /var/run/systemd/resolve/resolv.conf /etc/resolv.conf
    sudo systemctl restart systemd-resolved
 }
 # Depends: enable_tailscale
 function setup_rsyslog_conf() {
    action_label "SETTING UP RSYSLOG"
    echo '# Forward to main monitoring node (nas.lyrebird-marlin.ts.net)
 *.* action(type="omfwd" target="100.112.241.12" port="514" protocol="tcp"
    action.resumeRetryCount="100"
    queue.type="linkedList" queue.size="10000")' | sudo tee /etc/rsyslog.d/00forward-to-nas.conf
 }
 # After: setup_networkd_conf
 function disable_services() {
    action_label "DISABLING SYSTEMD SERVICES"
    for service in "${services_disable[@]}"; do sudo systemctl disable --now "$service"; done
 }
 # After:
 # - setup_networkd_conf
 # - install_packages
 function enable_services() {
    action_label "ENABLING SYSTEMD SERVICES"
    for service in "${services_enable[@]}"; do sudo systemctl enable --now "$service"; done
 }
 function disable_ipv6() {
    action_label "DISABLING IPV6"
    if ! sudo grep "ipv6.disable=1" /boot/grub2/grub.cfg; then
        sudo grubby --args=ipv6.disable=1 --update-kernel=ALL
        sudo grub2-mkconfig -o /boot/grub2/grub.cfg
    else
        echo "IPv6 already disabled."
    fi
 }
 function setup_fstab() {
    action_label "SETTING UP /etc/fstab"
    sudo mkdir -p /mnt/borgbackup /mnt/quick-backup
    if ! grep "ecf44876-2e4e-46ad-9f12-fc516c8ace2d" /etc/fstab; then
        echo "UUID=ecf44876-2e4e-46ad-9f12-fc516c8ace2d /mnt/borgbackup btrfs defaults,subvol=@borgbackup,compress=zstd:1,x-systemd.device-timeout=20 0 0" | sudo tee -a /etc/fstab
        echo "UUID=ecf44876-2e4e-46ad-9f12-fc516c8ace2d /mnt/quick-backup btrfs defaults,subvol=@quick-backup,compress=zstd:1,x-systemd.device-timeout=20 0 0" | sudo tee -a /etc/fstab
    else
        echo "/etc/fstab already configured."
    fi
    sudo systemctl daemon-reload
    sudo restorecon -Rv /mnt/borgbackup
    sudo restorecon -Rv /mnt/quick-backup
    sudo mount -av
 }
 # Depends:
 # - install_packages
 # - setup_fstab
 function setup_borgmatic_config() {
    action_label "SETTING UP BORGMATIC CONFIG"
    sudo mkdir -p /etc/borgmatic
    sudo cp -v /mnt/quick-backup/borgmatic-config.yaml /etc/borgmatic/config.yaml
 }
 # Depends:
 # - install_packages
 # - setup_fstab
 function copy_quick_backup() {
    action_label "COPYING QUICK BACKUP"
    rsync -aAXPz /mnt/quick-backup/jas/ /home/jas
 }
 # Depends: copy_quick_backup
 function build_bat_cache() {
    action_label "BUILDING BAT CACHE"
    bat cache --build
 }
 # Depends: install_packages
 function update_tealdeer_cache() {
    action_label "UPDATING TEALDEER CACHE"
    tldr --update
 }
 # Depends: install_tailscale
 function setup_firewalld() {
    action_label "SETTING UP FIREWALLD"
    if ! sudo firewall-cmd --get-zones | grep "tailnet"; then
        sudo firewall-cmd --permanent --new-zone=tailnet
        sudo firewall-cmd --permanent --zone=tailnet --add-interface=tailscale0
        sudo firewall-cmd --permanent --zone=tailnet --add-port=1025-65535/tcp
        sudo firewall-cmd --permanent --zone=tailnet --add-port=1025-65535/udp
        sudo firewall-cmd --permanent --zone=tailnet --add-service=ssh
    else
        echo "firewalld tailnet zone already configured"
    fi
    sudo firewall-cmd --permanent --zone=FedoraWorkstation --remove-service={dhcpv6-client,samba-client}
    sudo firewall-cmd --reload
 }
 function install_rclone() {
    action_label "INSTALLING LATEST RCLONE"
    curl https://rclone.org/install.sh | sudo bash
    command -v rclone
 }
 # Depends: install_rclone copy_quick_backup
 function enable_sync_to_remotes() {
    action_label "ENABLING sync_to_remotes.timer"
    systemctl --user enable --now sync_to_remotes.timer
 }
 install_packages
 install_devel_groups
 enable_copr_repos
 install_copr_packages
 install_rpmfusion_repos
 install_rpmfusion_packages
 install_charm_packages
 install_tailscale
 enable_flathub
 install_flatpaks
 install_pipx_packages
 setup_networkd_conf
 setup_resolv_conf
 setup_rsyslog_conf
 disable_services
 enable_services
 disable_ipv6
 setup_fstab
 setup_borgmatic_config
 copy_quick_backup
 build_bat_cache
 update_tealdeer_cache
 setup_firewalld
 install_rclone
 enable_sync_to_remotes
 action_label "DONE SETTING UP ALL THE THINGS ^_^"