alex
/
my-scripts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:ahub2/my-scripts

master
Alex Hubbard 2023-03-26 13:14:40 -05:00
parent 28c1d9774a 3f9b3d4a28
commit ec900a7324
4 changed files with 15 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
installers/arch/ajh-base/PKGBUILD
View File

@ -1,7 +1,7 @@
pkgname="ajh-base" pkgname="ajh-base"
pkgver="1.0.0" pkgver="1.0.0"
pkgver="1" pkgver="1"
pkgrel="8" pkgrel="9"
pkgdesc="Install my config for Arch based systems." pkgdesc="Install my config for Arch based systems."
arch=("x86_64") arch=("x86_64")
@ -13,7 +13,6 @@ depends=(
"pipewire-jack" "pipewire-jack"
"gst-plugin-pipewire" "gst-plugin-pipewire"
"wireplumber" "wireplumber"
"wireplumber-docs"
"alsa-utils" "alsa-utils"
"freetype2" "freetype2"
"gst-libav" "gst-libav"

14
installers/arch/scripts/harden.sh
View File

@ -1,20 +1,12 @@
#!/bin/sh #!/bin/sh
# #
#install required programs #install required programs
sudo pacman -S apparmor firejail sudo pacman -S apparmor
#enable apparmor service #enable apparmor service
sudo systemctl enable apparmor.service sudo systemctl enable apparmor.service
sudo systemctl start apparmor.service sudo systemctl start apparmor.service
#configure apparmor to use firejail and configure firejail to automatically run for supported programs
sudo apparmor_parser -r /etc/apparmor.d/firejail-default
sudo firecfg
add user to /etc/firejail/firejail.users if it is not already in the file
if [ -z "$(grep "$USER" /etc/firejail/firejail.users)" ]; then
sudo sh -c "echo '$USER' >> /etc/firejail/firejail.users"
fi
echo "============================================" echo "============================================"
echo " Applying Hardening Configuration" echo " Applying Hardening Configuration"
@ -28,7 +20,3 @@ echo ""
echo " run this script again after rebooting to ensure all settings are applied correctly." echo " run this script again after rebooting to ensure all settings are applied correctly."
echo " press enter to continue." echo " press enter to continue."
read input read input
#add any firejail configuration here
#fix mpv not being able to open some files, allows mmpv to play videos in the ~/media dir
sudo sh -c 'echo "whitelist $HOME/media" >> /etc/firejail/whitelist-player-common.local'

4
installers/arch/scripts/opendoas.sh
View File

@ -2,8 +2,8 @@
sudo pacman -S opendoas sudo pacman -S opendoas
echo "permit persist $USER as root" > ~/.cache/doas.conf echo "permit persist $USER as root" > ~/.cache/doas.conf
echo "permit nopass :wheel as root cmd /sbin/poweroff" >> ~/.cache/doas.conf #echo "permit nopass :wheel as root cmd /sbin/poweroff" >> ~/.cache/doas.conf
echo "permit nopass :wheel as root cmd /sbin/reboot" >> ~/.cache/doas.conf #echo "permit nopass :wheel as root cmd /sbin/reboot" >> ~/.cache/doas.conf
sudo cp ~/.cache/doas.conf /etc/doas.conf sudo cp ~/.cache/doas.conf /etc/doas.conf
yay -S doas-sudo-shim yay -S doas-sudo-shim

17
installers/arch/scripts/setup-dirs.sh
View File

@ -1,12 +1,17 @@
#!/bin/sh #!/bin/sh
FILES_DIR="$HOME/.files/" FILES_DIR="$HOME/.files"
ln -s "$HOME"/.files/dl "$HOME"/dl #directories
ln -s "$HOME"/.files/docs "$HOME"/docs ln -s "$FILES_DIR"/dl "$HOME"/dl
ln -s "$HOME"/.files/media "$HOME"/media ln -s "$FILES_DIR"/docs "$HOME"/docs
ln -s "$HOME"/.files/.ssh "$HOME"/.ssh ln -s "$FILES_DIR"/media "$HOME"/media
ln -s "$FILES_DIR"/.ssh "$HOME"/.ssh
ln -s "$FILES_DIR"/.local/share/password-store "$HOME"/.local/share/
ln -s "$FILES_DIR"/.local/share/gnupg "$HOME"/.local/share/
ln -s "$FILES_DIR"/dbhome "$HOME"/
ln -s "$HOME"/.files/.gitconfig "$HOME"/.gitconfig #files
ln -s "$FILES_DIR"/.gitconfig "$HOME"/.gitconfig
mkdir -p ~/.var/app/ mkdir -p ~/.var/app/
ln -s "$HOME"/.files/.var/app/io.gitlab.librewolf-community ~/.var/app/io.gitlab.librewolf-community ln -s "$HOME"/.files/.var/app/io.gitlab.librewolf-community ~/.var/app/io.gitlab.librewolf-community