marianozunino/dev
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

dev: automated commit - 2025-05-31 16:03:53

Browse source
This commit is contained in:
Mariano Z. 2025-05-31 16:03:57 -03:00
commit 0e0bebab30
Signed by: marianozunino
GPG key ID: 4C73BAD25156DACE
7 changed files with 944 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

377
run Executable file
View file

@ -0,0 +1,377 @@
#!/usr/bin/env bash
set -euo pipefail
# ═══════════════════════════════════════════════════════════
# 🔧 SETUP
# ═══════════════════════════════════════════════════════════
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ENV_FILE="$SCRIPT_DIR/.env"
RUNS_DIR="$SCRIPT_DIR/runs"
LOGS_DIR="$SCRIPT_DIR/logs"
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
BLUE='\033[0;34m'
YELLOW='\033[0;33m'
NC='\033[0m'
# ═══════════════════════════════════════════════════════════
# 🛠️ HELPERS
# ═══════════════════════════════════════════════════════════
log() { echo -e "${GREEN}[RUN]${NC} $*"; }
warn() { echo -e "${YELLOW}[WARN]${NC} $*"; }
error() { echo -e "${RED}[ERROR]${NC} $*" >&2; }
# ═══════════════════════════════════════════════════════════
# 🔍 DEPENDENCY VALIDATION
# ═══════════════════════════════════════════════════════════
check_dependencies() {
local missing=()
# Required tools
local required_tools=("git" "find" "grep")
# Optional but recommended tools
local optional_tools=("gitleaks")
log "Checking dependencies..."
# Check required tools
for tool in "${required_tools[@]}"; do
if ! command -v "$tool" &>/dev/null; then
missing+=("$tool")
fi
done
# Check optional tools
for tool in "${optional_tools[@]}"; do
if ! command -v "$tool" &>/dev/null; then
warn "Optional tool missing: $tool (recommended for security scanning)"
else
log "✓ Found: $tool"
fi
done
# Report missing required tools
if [[ ${#missing[@]} -gt 0 ]]; then
error "Missing required tools: ${missing[*]}"
error "Please install missing dependencies"
exit 1
fi
log "✓ All required dependencies found"
}
# ═══════════════════════════════════════════════════════════
# 🔒 SECURITY SCANNING
# ═══════════════════════════════════════════════════════════
run_security_scan() {
log "Running security scan..."
if command -v gitleaks &>/dev/null; then
log "Using GitLeaks for secret detection..."
if gitleaks detect --verbose --exit-code 1; then
log "✅ No secrets detected"
return 0
else
error "❌ Secrets detected! Review before pushing."
return 1
fi
else
warn "GitLeaks not installed - skipping security scan"
warn "Install with: paru -S gitleaks"
echo
read -p "Continue without security scan? (y/N): " -r answer
if [[ ! "$answer" =~ ^[Yy]$ ]]; then
error "Push cancelled for security"
exit 1
fi
return 0
fi
}
# ═══════════════════════════════════════════════════════════
# 📤 PUSH COMMAND
# ═══════════════════════════════════════════════════════════
handle_push() {
log "Preparing to push repository..."
# Check if we're in a git repository
if ! git rev-parse --git-dir &>/dev/null; then
error "Not in a git repository"
exit 1
fi
# Check for uncommitted changes
if ! git diff-index --quiet HEAD --; then
warn "You have uncommitted changes"
echo
git status --short
echo
# Generate default commit message
local default_msg="dev: automated commit - $(date '+%Y-%m-%d %H:%M:%S')"
read -p "Commit all changes? (Y/n): " -r answer
if [[ ! "$answer" =~ ^[Nn]$ ]]; then
echo
echo "Default: $default_msg"
read -p "Custom commit message (or press Enter for default): " -r commit_msg
# Use default if empty
if [[ -z "$commit_msg" ]]; then
commit_msg="$default_msg"
fi
git add .
git commit -m "$commit_msg"
log "✓ Changes committed: $commit_msg"
fi
fi
# Run security scan
if ! run_security_scan; then
exit 1
fi
# Get current branch
local current_branch
current_branch=$(git branch --show-current)
# Push to origin
log "Pushing branch '$current_branch' to origin..."
if git push origin "$current_branch"; then
log "✅ Successfully pushed to origin/$current_branch"
else
error "❌ Push failed"
exit 1
fi
}
show_help() {
cat <<EOF
Usage: $0 [OPTIONS] [COMMAND|FILTERS...]
COMMANDS:
push Commit, scan for secrets, and push to git origin
deps, check Check for required dependencies
help Show this help message
SCRIPT EXECUTION:
[FILTERS...] Run scripts matching filters from runs/ directory
OPTIONS:
--dry Show what would run without executing
--verbose Show detailed output during execution
EXAMPLES:
$0 deps # Check dependencies
$0 push # Secure git push with secret scanning
$0 docker # Run scripts containing 'docker'
$0 --dry base # Show what base scripts would run
$0 --verbose all # Run all scripts with detailed output
SECURITY:
The push command automatically scans for secrets using GitLeaks
before pushing to prevent accidental credential exposure.
EOF
}
get_description() {
local script="$1"
grep '^# NAME:' "$script" 2>/dev/null | cut -d: -f2- | sed 's/^ *//' || echo "No description"
}
matches_filters() {
local script_name="$1"
shift
local filters=("$@")
[[ ${#filters[@]} -eq 0 ]] && return 0
for filter in "${filters[@]}"; do
if [[ "$script_name" == *"$filter"* ]] || [[ "${script_name,,}" == *"${filter,,}"* ]]; then
return 0
fi
done
return 1
}
# ═══════════════════════════════════════════════════════════
# 🚦 INITIALIZATION
# ═══════════════════════════════════════════════════════════
# Create runs directory if missing
if [[ ! -d "$RUNS_DIR" ]]; then
log "Creating runs directory at: $RUNS_DIR"
mkdir -p "$RUNS_DIR"
# Create example script
cat >"$RUNS_DIR/example.sh" <<'EOF'
#!/usr/bin/env bash
# NAME: Example script
echo "Hello from runs/example.sh!"
echo "Edit this script or add your own to $RUNS_DIR"
EOF
chmod +x "$RUNS_DIR/example.sh"
log "✅ Created runs/ directory with example script"
exit 0
fi
# Create logs directory
mkdir -p "$LOGS_DIR"
# Load environment
[[ -f "$ENV_FILE" ]] && source "$ENV_FILE"
# ═══════════════════════════════════════════════════════════
# 📝 PARSE ARGUMENTS
# ═══════════════════════════════════════════════════════════
DRY_RUN=0
VERBOSE=0
FILTERS=()
COMMAND=""
while [[ $# -gt 0 ]]; do
case "$1" in
--dry) DRY_RUN=1 ;;
--verbose) VERBOSE=1 ;;
--help | help)
show_help
exit 0
;;
push) COMMAND="push" ;;
deps | check) COMMAND="deps" ;;
-*)
error "Unknown option: $1"
show_help
exit 1
;;
*) FILTERS+=("$1") ;;
esac
shift
done
# ═══════════════════════════════════════════════════════════
# 🚦 HANDLE COMMANDS
# ═══════════════════════════════════════════════════════════
# Handle special commands first
case "$COMMAND" in
"push")
handle_push
exit 0
;;
"deps")
check_dependencies
exit 0
;;
"")
# No command, continue with script execution
;;
*)
error "Unknown command: $COMMAND"
show_help
exit 1
;;
esac
# ═══════════════════════════════════════════════════════════
# 🔍 FIND SCRIPTS TO RUN
# ═══════════════════════════════════════════════════════════
mapfile -t ALL_SCRIPTS < <(find "$RUNS_DIR" -type f -executable | sort)
if [[ ${#ALL_SCRIPTS[@]} -eq 0 ]]; then
warn "No executable scripts found in $RUNS_DIR"
exit 0
fi
SCRIPTS_TO_RUN=()
for script in "${ALL_SCRIPTS[@]}"; do
script_name="$(basename "$script")"
if matches_filters "$script_name" "${FILTERS[@]}"; then
SCRIPTS_TO_RUN+=("$script")
fi
done
if [[ ${#SCRIPTS_TO_RUN[@]} -eq 0 ]]; then
warn "No scripts match the given filters: ${FILTERS[*]}"
exit 0
fi
# ═══════════════════════════════════════════════════════════
# ⚠️ CONFIRMATION FOR RUNNING ALL SCRIPTS
# ═══════════════════════════════════════════════════════════
if [[ ${#FILTERS[@]} -eq 0 && $DRY_RUN -eq 0 ]]; then
echo -e "${RED}⚠️ About to run ALL scripts:${NC}"
for script in "${SCRIPTS_TO_RUN[@]}"; do
name="$(basename "$script")"
desc="$(get_description "$script")"
echo " • $name - $desc"
done
echo
read -p "Continue? (y/N): " -r answer
if [[ ! "$answer" =~ ^[Yy]$ ]]; then
echo "Cancelled"
exit 0
fi
fi
# ═══════════════════════════════════════════════════════════
# 🚀 EXECUTE SCRIPTS
# ═══════════════════════════════════════════════════════════
EXECUTED=()
FAILED=()
for script in "${SCRIPTS_TO_RUN[@]}"; do
name="$(basename "$script")"
desc="$(get_description "$script")"
log_file="$LOGS_DIR/${name%.*}.log"
if [[ $DRY_RUN -eq 1 ]]; then
echo -e "${BLUE}[DRY]${NC} Would run: $name - $desc"
continue
fi
echo -e "\n${BLUE}▶${NC} Running: $name"
[[ "$desc" != "No description" ]] && echo " $desc"
if [[ $VERBOSE -eq 1 ]]; then
if "$script" 2>&1 | tee "$log_file"; then
log "✅ $name completed"
EXECUTED+=("$name")
else
error "❌ $name failed (see $log_file)"
FAILED+=("$name")
fi
else
if "$script" &>"$log_file"; then
log "✅ $name completed"
EXECUTED+=("$name")
else
error "❌ $name failed (see $log_file)"
FAILED+=("$name")
fi
fi
done
# ═══════════════════════════════════════════════════════════
# 📊 SUMMARY
# ═══════════════════════════════════════════════════════════
if [[ $DRY_RUN -eq 0 ]]; then
echo -e "\n${BLUE}═══ SUMMARY ═══${NC}"
echo "✅ Completed: ${#EXECUTED[@]}"
[[ ${#FAILED[@]} -gt 0 ]] && echo "❌ Failed: ${#FAILED[@]}"
if [[ ${#FAILED[@]} -gt 0 ]]; then
echo -e "\n${RED}Failed scripts:${NC}"
for failed in "${FAILED[@]}"; do
echo " • $failed"
done
exit 1
fi
fi
exit 0

197
runs/base Executable file
View file

@ -0,0 +1,197 @@
#!/usr/bin/env bash
# NAME: Install base system packages (organized and cleaned)
set -euo pipefail
AUR_HELPER="paru"
if ! command -v $AUR_HELPER &>/dev/null; then
echo "[ERROR] $AUR_HELPER not found. Install it first."
exit 1
fi
echo "Installing organized system packages..."
# ═══════════════════════════════════════════════════════════
# 🔧 DETECT HARDWARE
# ═══════════════════════════════════════════════════════════
CPU_VENDOR=$(lscpu | grep "Vendor ID" | awk '{print $3}')
GPU_INFO=$(lspci | grep -i vga)
echo "Detected CPU: $CPU_VENDOR"
echo "Detected GPU: $GPU_INFO"
# Determine microcode package
if [[ "$CPU_VENDOR" == "GenuineIntel" ]]; then
MICROCODE="intel-ucode"
echo "→ Using Intel microcode"
elif [[ "$CPU_VENDOR" == "AuthenticAMD" ]]; then
MICROCODE="amd-ucode"
echo "→ Using AMD microcode"
else
MICROCODE=""
echo "→ Unknown CPU vendor, skipping microcode"
fi
# Determine GPU drivers
GPU_PACKAGES=""
if echo "$GPU_INFO" | grep -qi "amd\|radeon"; then
GPU_PACKAGES="xf86-video-amdgpu vulkan-radeon lib32-vulkan-radeon opencl-mesa lib32-opencl-mesa"
echo "→ Using AMD GPU drivers"
elif echo "$GPU_INFO" | grep -qi "intel"; then
GPU_PACKAGES="xf86-video-intel vulkan-intel lib32-vulkan-intel intel-media-driver"
echo "→ Using Intel GPU drivers"
elif echo "$GPU_INFO" | grep -qi "nvidia"; then
GPU_PACKAGES="nvidia nvidia-utils lib32-nvidia-utils nvidia-settings"
echo "→ Using NVIDIA drivers (you may want to review this)"
else
echo "→ Unknown GPU, using generic drivers"
fi
# ═══════════════════════════════════════════════════════════
# 🔧 SYSTEM BASE
# ═══════════════════════════════════════════════════════════
echo "Installing system base..."
BASE_PACKAGES="base base-devel linux-cachyos linux-cachyos-headers linux-firmware efibootmgr efitools mkinitcpio grub systemd-boot-manager"
if [[ -n "$MICROCODE" ]]; then
BASE_PACKAGES="$BASE_PACKAGES $MICROCODE"
fi
$AUR_HELPER -S --noconfirm --needed $BASE_PACKAGES
# ═══════════════════════════════════════════════════════════
# 🌐 NETWORKING & BLUETOOTH
# ═══════════════════════════════════════════════════════════
echo "Installing networking..."
$AUR_HELPER -S --noconfirm --needed \
networkmanager networkmanager-openvpn network-manager-applet \
dhclient dnsmasq iptables-nft iwd wpa_supplicant wireless-regdb \
bluez-libs blueman openssh
# ═══════════════════════════════════════════════════════════
# 🔊 AUDIO & VIDEO
# ═══════════════════════════════════════════════════════════
echo "Installing audio/video..."
$AUR_HELPER -S --noconfirm --needed \
pipewire pipewire-alsa pipewire-pulse wireplumber \
pavucontrol alsa-firmware alsa-plugins alsa-utils \
gst-libav gst-plugin-pipewire gst-plugins-bad gst-plugins-ugly \
mpv ffmpegthumbnailer
# ═══════════════════════════════════════════════════════════
# 🎨 FONTS & THEMES
# ═══════════════════════════════════════════════════════════
echo "Installing fonts and themes..."
$AUR_HELPER -S --noconfirm --needed \
adobe-source-han-sans-cn-fonts adobe-source-han-sans-jp-fonts \
adobe-source-han-sans-kr-fonts adobe-source-serif-fonts \
awesome-terminal-fonts inter-font noto-fonts noto-fonts-cjk noto-fonts-emoji \
ttf-bitstream-vera ttf-dejavu ttf-fantasque-nerd ttf-fira-code ttf-fira-mono \
ttf-fira-sans ttf-font-awesome-5 ttf-liberation ttf-linux-libertine \
ttf-meslo-nerd ttf-ms-win11-auto ttf-opensans otf-font-awesome-5 otf-libertinus \
papirus-icon-theme rose-pine-gtk-theme
# ═══════════════════════════════════════════════════════════
# 💻 DEVELOPMENT TOOLS
# ═══════════════════════════════════════════════════════════
echo "Installing development tools..."
$AUR_HELPER -S --noconfirm --needed \
git git-lfs git-crypt github-cli lazygit \
go go-task rust python python-defusedxml python-packaging \
python-protobuf python-pynvim python-pywlroots lua luarocks \
ccls cmake ninja neovim-nightly-bin
# ═══════════════════════════════════════════════════════════
# 🛠️ CLI UTILITIES
# ═══════════════════════════════════════════════════════════
echo "Installing CLI utilities..."
$AUR_HELPER -S --noconfirm --needed \
bat btop duf dust eza fd fzf glances glow httpie micro ncdu \
plocate ripgrep tealdeer the_silver_searcher tmux wget \
xdg-user-dirs zoxide zellij yazi yq zsh
# ═══════════════════════════════════════════════════════════
# 🪟 WINDOW MANAGERS & DESKTOP
# ═══════════════════════════════════════════════════════════
echo "Installing window managers..."
$AUR_HELPER -S --noconfirm --needed \
swaybg swayfx-git swayidle swaylock-effects waybar \
wlogout wdisplays wl-clipboard rofi-lbonn-wayland-git
# ═══════════════════════════════════════════════════════════
# 🌍 GUI APPLICATIONS
# ═══════════════════════════════════════════════════════════
echo "Installing GUI applications..."
$AUR_HELPER -S --noconfirm --needed \
chromium zen-browser-bin \
legcord-bin slack-desktop teams-for-linux-bin \
obs-studio obsidian sublime-merge dbeaver \
libreoffice-fresh keepass kitty nemo nemo-fileroller
# ═══════════════════════════════════════════════════════════
# 📁 SYSTEM UTILITIES
# ═══════════════════════════════════════════════════════════
echo "Installing system utilities..."
$AUR_HELPER -S --noconfirm --needed \
brightnessctl cronie cups cups-pdf gamemode gvfs gvfs-afc gvfs-google \
gvfs-gphoto2 gvfs-mtp gvfs-nfs gvfs-smb haveged hdparm less lvm2 \
man-db man-pages meld modemmanager mtools mupdf netctl nss-mdns \
ntfs-3g ntp nvme-cli opencl-mesa pacman-contrib pass pika-backup \
pkgfile power-profiles-daemon pv reflector remmina rsync rtkit \
samba seahorse sg3_utils smartmontools snapper solaar steam \
steam-native-runtime syncthing system-config-printer timeshift \
transmission-qt ufw unrar unzip upower usb_modeswitch usbutils \
vi vorta w3m which xdg-desktop-portal xdg-desktop-portal-gnome \
xdg-desktop-portal-gtk xdg-desktop-portal-wlr yad zenity
# ═══════════════════════════════════════════════════════════
# 🎮 GAMING & GRAPHICS
# ═══════════════════════════════════════════════════════════
echo "Installing gaming and graphics..."
GAMING_BASE="lib32-alsa-lib lib32-alsa-plugins lib32-gamemode lib32-libpulse lib32-mesa lib32-openal lib32-vkd3d lib32-vulkan-mesa-layers vkd3d vulkan-mesa-layers vulkan-tools vulkan-validation-layers wine protonup-qt"
if [[ -n "$GPU_PACKAGES" ]]; then
$AUR_HELPER -S --noconfirm --needed $GAMING_BASE $GPU_PACKAGES
else
$AUR_HELPER -S --noconfirm --needed $GAMING_BASE
fi
# ═══════════════════════════════════════════════════════════
# 📱 MOBILE & HARDWARE
# ═══════════════════════════════════════════════════════════
echo "Installing hardware support..."
$AUR_HELPER -S --noconfirm --needed \
sof-firmware xf86-input-libinput xfsprogs \
xorg-server xorg-xdpyinfo xorg-xhost xorg-xinit xorg-xinput \
xorg-xkill xorg-xrandr xorg-xwayland
# ═══════════════════════════════════════════════════════════
# ☁️ CLOUD & DEVOPS
# ═══════════════════════════════════════════════════════════
echo "Installing cloud and DevOps tools..."
$AUR_HELPER -S --noconfirm --needed \
ansible aws-cli aws-session-manager-plugin helm hugo insomnia-bin \
kubectl kubectx kubefwd-bin nomad ngrok postgresql
# ═══════════════════════════════════════════════════════════
# 📚 DOCUMENT & PRODUCTIVITY
# ═══════════════════════════════════════════════════════════
echo "Installing document tools..."
$AUR_HELPER -S --noconfirm --needed \
pandoc-cli texinfo wkhtmltopdf-bin zathura zathura-pdf-mupdf \
swappy wf-recorder
# ═══════════════════════════════════════════════════════════
# 🔐 SECURITY & ENCRYPTION
# ═══════════════════════════════════════════════════════════
echo "Installing security tools..."
$AUR_HELPER -S --noconfirm --needed \
yubico-authenticator-bin yubikey-manager-qt
# ═══════════════════════════════════════════════════════════
# 📦 PACKAGE MANAGERS & MISC
# ═══════════════════════════════════════════════════════════
echo "Installing package managers and misc..."
$AUR_HELPER -S --noconfirm --needed \
pyenv rye stow sudo watchman-bin wimlib

59
runs/boot Executable file
View file

@ -0,0 +1,59 @@
#!/usr/bin/env bash
# NAME: Configure systemd-boot manager settings
set -euo pipefail
SDBOOT_CONFIG="/etc/sdboot-manage.conf"
echo "Configuring systemd-boot manager..."
# Check if sdboot-manage is installed
if ! command -v sdboot-manage &>/dev/null; then
echo "⚠️ sdboot-manage not found. Install systemd-boot-manager first."
exit 1
fi
# Backup existing config if it exists
if [[ -f "$SDBOOT_CONFIG" ]]; then
sudo cp "$SDBOOT_CONFIG" "$SDBOOT_CONFIG.backup.$(date +%Y%m%d_%H%M%S)"
echo "→ Backed up existing config"
fi
# Create the configuration
sudo tee "$SDBOOT_CONFIG" >/dev/null <<'EOF'
# Config file for sdboot-manage
# Kernel options to be appended to the "options" line
LINUX_OPTIONS="zswap.enabled=0 nowatchdog ipv6.disable=1 audit=0 loglevel=3 rd.systemd.show_status=auto rd.udev.log_level=3"
#LINUX_FALLBACK_OPTIONS=""
# When DISABLE_FALLBACK is set to "yes", it will stop creating fallback entries for each kernel.
DISABLE_FALLBACK="no"
# Use this pattern to match kernels which should be considered native OS kernels
#KERNEL_PATTERN="vmlinuz-"
# Setting REMOVE_EXISTING to "yes" will remove all your existing systemd-boot entries before building new entries
REMOVE_EXISTING="yes"
# Unless OVERWRITE_EXISTING is set to "yes" existing entries for currently installed kernels will not be touched
# this setting has no meaning if REMOVE_EXISTING is set to "yes"
OVERWRITE_EXISTING="yes"
# When REMOVE_OBSOLETE is set to "yes" entries for kernels no longer available on the system will be removed
REMOVE_OBSOLETE="yes"
# If PRESERVE_FOREIGN is set to "yes", do not delete entries starting with $ENTRY_ROOT
#PRESERVE_FOREIGN="no"
# Setting NO_AUTOUPDATE to "yes" will stop the updates to systemd-boot when systemd is updated - not recommended unless you are seperately updating systemd-boot
#NO_AUTOUPDATE="no"
# Setting NO_AUTOGEN to "yes" will stop the automatic creation of entries when kernels are installed or updated
#NO_AUTOGEN="no"
# Use this to change the default initramfs prefix (e.g. when using booster)
#INITRD_PREFIX="initramfs"
# Additional entities to initrd can be added here, such as microcode if your initramfs does not include it.
#INITRD_ENTRIES=()
EOF

24
runs/docker Executable file
View file

@ -0,0 +1,24 @@
#!/usr/bin/env bash
# NAME: Install and configure Docker on Arch Linux
set -euo pipefail
echo "Installing Docker..."
# Install Docker packages
sudo pacman -S --needed --noconfirm docker docker-compose docker-buildx
# Add current user to docker group
sudo usermod -aG docker "$USER"
# Enable and start Docker service
sudo systemctl enable docker.service
sudo systemctl start docker.service
# Enable containerd service (dependency)
sudo systemctl enable containerd.service
sudo systemctl start containerd.service
echo "✅ Docker installed successfully!"
echo "⚠️ You need to log out and back in (or reboot) for group changes to take effect"
echo "🐳 Test with: docker run hello-world"

151
runs/forbi Executable file
View file

@ -0,0 +1,151 @@
#!/usr/bin/env bash
# NAME: Setup Forbi's dotfiles and Neovim configuration
set -euo pipefail
DOTFILES_REPO="https://git.mz.uy/marianozunino/dotfiles.git"
NVIM_REPO="https://github.com/marianozunino/nvim.git"
DOTFILES_DIR="$HOME/dotfiles"
NVIM_CONFIG_DIR="$HOME/.config/nvim"
echo "🏠 Setting up Forbi's development environment..."
# ═══════════════════════════════════════════════════════════
# 📁 CLONE DOTFILES
# ═══════════════════════════════════════════════════════════
echo "📦 Cloning dotfiles repository..."
if [[ -d "$DOTFILES_DIR" ]]; then
echo "→ Dotfiles directory already exists, updating..."
cd "$DOTFILES_DIR"
git pull origin main || git pull origin master
else
echo "→ Cloning dotfiles to $DOTFILES_DIR"
git clone "$DOTFILES_REPO" "$DOTFILES_DIR"
fi
# ═══════════════════════════════════════════════════════════
# 🔐 HANDLE GIT-CRYPT
# ═══════════════════════════════════════════════════════════
echo "🔐 Checking for git-crypt..."
cd "$DOTFILES_DIR"
# Check if repo uses git-crypt
if [[ -f ".git-crypt/.gitattributes" ]] || git-crypt status &>/dev/null; then
echo "→ git-crypt repository detected"
# Check if already unlocked
if git-crypt status | grep -q "unlocked"; then
echo "→ Repository already unlocked"
else
echo "→ Repository is encrypted, attempting to unlock..."
# Check if YubiKey/GPG setup is available
if command -v gpg &>/dev/null; then
echo "→ GPG found, checking for available keys..."
# List secret keys to see if YubiKey is connected
if gpg --list-secret-keys &>/dev/null; then
echo "→ GPG keys detected, attempting git-crypt unlock..."
# Attempt to unlock with GPG (YubiKey)
if git-crypt unlock 2>/dev/null; then
echo "✅ Repository unlocked successfully with GPG/YubiKey!"
else
echo "❌ Failed to unlock with GPG"
echo
echo "🔑 Manual unlock required:"
echo " 1. Make sure your YubiKey is connected"
echo " 2. Test GPG: gpg --card-status"
echo " 3. Try: cd $DOTFILES_DIR && git-crypt unlock"
echo " 4. Or unlock with key file: git-crypt unlock /path/to/key"
echo " 5. Then re-run: ./run forbi"
echo
exit 1
fi
else
echo "❌ No GPG secret keys found"
echo
echo "🔑 YubiKey/GPG setup needed:"
echo " 1. Connect your YubiKey"
echo " 2. Import your GPG key: gpg --card-status"
echo " 3. Set trust level: gpg --edit-key <your-key-id> trust"
echo " 4. Then re-run: ./run forbi"
echo
exit 1
fi
else
echo "❌ GPG not available"
echo
echo "🔑 To unlock your dotfiles:"
echo " 1. Install GPG and connect YubiKey, or"
echo " 2. Use key file: cd $DOTFILES_DIR && git-crypt unlock /path/to/key"
echo " 3. Then re-run: ./run forbi"
echo
exit 1
fi
fi
else
echo "→ No git-crypt encryption detected"
fi
# ═══════════════════════════════════════════════════════════
# ⚙️ CLONE NEOVIM CONFIG
# ═══════════════════════════════════════════════════════════
echo "📝 Setting up Neovim configuration..."
# Backup existing Neovim config if it exists
if [[ -d "$NVIM_CONFIG_DIR" ]]; then
BACKUP_DIR="$NVIM_CONFIG_DIR.backup.$(date +%Y%m%d_%H%M%S)"
echo "→ Backing up existing Neovim config to $BACKUP_DIR"
mv "$NVIM_CONFIG_DIR" "$BACKUP_DIR"
fi
# Clone Neovim configuration
echo "→ Cloning Neovim config to $NVIM_CONFIG_DIR"
git clone "$NVIM_REPO" "$NVIM_CONFIG_DIR"
# ═══════════════════════════════════════════════════════════
# 🔧 CONFIGURE GIT HOOKS
# ═══════════════════════════════════════════════════════════
echo "🎣 Setting up Git hooks for Neovim config..."
cd "$NVIM_CONFIG_DIR"
if [[ -d ".githooks" ]]; then
git config core.hooksPath .githooks
echo "→ Git hooks configured"
else
echo "→ No .githooks directory found, skipping"
fi
# ═══════════════════════════════════════════════════════════
# 📂 CREATE NECESSARY DIRECTORIES
# ═══════════════════════════════════════════════════════════
echo "📂 Creating necessary directories..."
# Create .config directory if it doesn't exist
mkdir -p "$HOME/.config"
# Create common development directories
mkdir -p "$HOME/Dev"
mkdir -p "$HOME/.local/bin"
echo
echo "# Install everything"
echo "stow */"
echo
echo "# Or install individual modules"
echo "stow zsh"
echo "stow nvim"
echo "stow sway"
echo
echo "Run these commands in: $DOTFILES_DIR"
# ═══════════════════════════════════════════════════════════
# 📋 SUMMARY & NEXT STEPS
# ═══════════════════════════════════════════════════════════
echo
echo "📁 Locations:"
echo " • Dotfiles: $DOTFILES_DIR"
echo " • Neovim config: $NVIM_CONFIG_DIR"

31
runs/paru Executable file
View file

@ -0,0 +1,31 @@
#!/usr/bin/env bash
echo "🚀 Instalando paru..."
set -euo pipefail
# Comprobar si paru ya está instalado
if command -v paru &>/dev/null; then
echo "paru ya está instalado."
exit 0
fi
echo "Instalando dependencias necesarias..."
sudo pacman -S --needed --noconfirm base-devel git
# Carpeta temporal para compilar paru
tmpdir=$(mktemp -d)
echo "Creando directorio temporal: $tmpdir"
cd "$tmpdir"
echo "Clonando repo de paru..."
git clone https://aur.archlinux.org/paru.git
cd paru
echo "Compilando e instalando paru..."
makepkg -si --noconfirm
echo "Limpiando directorio temporal..."
cd ..
rm -rf "$tmpdir"
echo "paru instalado correctamente."

105
runs/services Executable file
View file

@ -0,0 +1,105 @@
#!/usr/bin/env bash
# NAME: Enable and configure system services
set -euo pipefail
echo "Enabling and configuring system services..."
# ═══════════════════════════════════════════════════════════
# 🌐 NETWORKING SERVICES
# ═══════════════════════════════════════════════════════════
echo "Enabling networking services..."
# NetworkManager (main network management)
sudo systemctl enable --now NetworkManager.service
# Bluetooth
sudo systemctl enable --now bluetooth.service
# SSH daemon
sudo systemctl enable --now sshd.service
# ═══════════════════════════════════════════════════════════
# 🔊 AUDIO SERVICES
# ═══════════════════════════════════════════════════════════
echo "Enabling audio services..."
# PipeWire audio (replaces PulseAudio)
systemctl --user enable --now pipewire.service
systemctl --user enable --now pipewire-pulse.service
systemctl --user enable --now wireplumber.service
# ═══════════════════════════════════════════════════════════
# 🖨️ PRINTING SERVICES
# ═══════════════════════════════════════════════════════════
echo "Enabling printing services..."
# CUPS printing system
sudo systemctl enable --now cups.service
# ═══════════════════════════════════════════════════════════
# ⏰ TIME & SCHEDULING SERVICES
# ═══════════════════════════════════════════════════════════
echo "Configuring time and scheduling services..."
echo "en_US.UTF-8 UTF-8" | sudo tee -a /etc/locale.gen
sudo locale-gen
# Set system locale
echo "LANG=en_US.UTF-8" | sudo tee /etc/locale.conf
echo "→ System locale set to en_US.UTF-8"
sudo timedatectl set-timezone America/Montevideo
# Enable NTP time synchronization
sudo timedatectl set-ntp true
sudo systemctl enable --now systemd-timesyncd.service
# Cron daemon for scheduled tasks
sudo systemctl enable --now cronie.service
# ═══════════════════════════════════════════════════════════
# 🔒 SECURITY & FIREWALL SERVICES
# ═══════════════════════════════════════════════════════════
echo "Enabling security services..."
# UFW firewall
sudo systemctl enable --now ufw.service
# Enable basic firewall rules
sudo ufw --force enable
sudo ufw default deny incoming
sudo ufw default allow outgoing
# ═══════════════════════════════════════════════════════════
# 💾 BACKUP & SYNC SERVICES
# ═══════════════════════════════════════════════════════════
echo "Enabling backup services..."
# Snapper for BTRFS snapshots (if using BTRFS)
if findmnt / -t btrfs &>/dev/null; then
sudo systemctl enable --now snapper-timeline.timer
sudo systemctl enable --now snapper-cleanup.timer
echo "→ Snapper enabled (BTRFS detected)"
else
echo "→ Skipping Snapper (no BTRFS detected)"
fi
# ═══════════════════════════════════════════════════════════
# ⚡ POWER MANAGEMENT
# ═══════════════════════════════════════════════════════════
echo "Enabling power management..."
# Power profiles daemon
sudo systemctl enable --now power-profiles-daemon.service
# ═══════════════════════════════════════════════════════════
# 🔧 SYSTEM OPTIMIZATION
# ═══════════════════════════════════════════════════════════
echo "Enabling system optimization..."
# Haveged entropy daemon
sudo systemctl enable --now haveged.service
# Locate database updates
sudo systemctl enable --now plocate-updatedb.timer