diff options
author | Cullum Smith <cullum@sacredheartsc.com> | 2024-10-18 16:44:57 -0400 |
---|---|---|
committer | Cullum Smith <cullum@sacredheartsc.com> | 2024-10-18 16:47:56 -0400 |
commit | 5ef2aed3f3961b72699d9881ed09560f4d01371a (patch) | |
tree | 0a03131e31f9f2fe5762afab6d99319f742eb9b3 /files/usr | |
parent | aa28ec7ef20517e994f01753e8c4e6fdd4d0643c (diff) | |
download | infrastructure-5ef2aed3f3961b72699d9881ed09560f4d01371a.tar.gz |
Tons of desktop fixes
Diffstat (limited to 'files/usr')
37 files changed, 120 insertions, 30 deletions
diff --git a/files/usr/local/etc/X11/xorg.conf.d/terminus.conf.common b/files/usr/local/etc/X11/xorg.conf.d/terminus.conf.desktop index d0bb2ae..d0bb2ae 100644 --- a/files/usr/local/etc/X11/xorg.conf.d/terminus.conf.common +++ b/files/usr/local/etc/X11/xorg.conf.d/terminus.conf.desktop diff --git a/files/usr/local/etc/X11/xorg.conf.d/terminus.conf.laptop b/files/usr/local/etc/X11/xorg.conf.d/terminus.conf.laptop new file mode 120000 index 0000000..6c13c1d --- /dev/null +++ b/files/usr/local/etc/X11/xorg.conf.d/terminus.conf.laptop @@ -0,0 +1 @@ +terminus.conf.desktop
\ No newline at end of file diff --git a/files/usr/local/etc/X11/xorg.conf.d/terminus.conf.roadwarrior_laptop b/files/usr/local/etc/X11/xorg.conf.d/terminus.conf.roadwarrior_laptop new file mode 120000 index 0000000..6c13c1d --- /dev/null +++ b/files/usr/local/etc/X11/xorg.conf.d/terminus.conf.roadwarrior_laptop @@ -0,0 +1 @@ +terminus.conf.desktop
\ No newline at end of file diff --git a/files/usr/local/etc/chromium/policies/managed/policies.json.common b/files/usr/local/etc/chromium/policies/managed/policies.json.desktop index 0e57885..93544cf 100644 --- a/files/usr/local/etc/chromium/policies/managed/policies.json.common +++ b/files/usr/local/etc/chromium/policies/managed/policies.json.desktop @@ -67,7 +67,7 @@ "extensions": { "cjpalhdlnbpafiamejdnhcphjbkeiagm": { "toOverwrite": { - "filterLists": [ + "selectedFilterLists": [ "user-filters", "ublock-filters", "ublock-badware", @@ -75,11 +75,14 @@ "ublock-abuse", "ublock-unbreak", "ublock-annoyances", + "ublock-cookies-easylist", + "fanboy-cookiemonster", "easylist", "easyprivacy", "urlhaus-1", "plowe-0", "fanboy-annoyance", + "fanboy-social", "fanboy-thirdparty_social", "adguard-spyware-url", "ublock-quick-fixes" @@ -87,7 +90,7 @@ }, "toAdd": { "trustedSiteDirectives": [ - "${domain}" + "$(join '","' "$domain" $ublock_whitelist)" ] } } diff --git a/files/usr/local/etc/chromium/policies/managed/policies.json.laptop b/files/usr/local/etc/chromium/policies/managed/policies.json.laptop new file mode 120000 index 0000000..93bcb92 --- /dev/null +++ b/files/usr/local/etc/chromium/policies/managed/policies.json.laptop @@ -0,0 +1 @@ +policies.json.desktop
\ No newline at end of file diff --git a/files/usr/local/etc/chromium/policies/managed/policies.json.roadwarrior_laptop b/files/usr/local/etc/chromium/policies/managed/policies.json.roadwarrior_laptop new file mode 120000 index 0000000..93bcb92 --- /dev/null +++ b/files/usr/local/etc/chromium/policies/managed/policies.json.roadwarrior_laptop @@ -0,0 +1 @@ +policies.json.desktop
\ No newline at end of file diff --git a/files/usr/local/etc/cups/client.conf.desktop b/files/usr/local/etc/cups/client.conf.desktop new file mode 100644 index 0000000..833b533 --- /dev/null +++ b/files/usr/local/etc/cups/client.conf.desktop @@ -0,0 +1,3 @@ +ServerName ${cups_host}.${domain}:631 +Encryption Required +ValidateCerts Yes diff --git a/files/usr/local/etc/cups/client.conf.laptop b/files/usr/local/etc/cups/client.conf.laptop new file mode 120000 index 0000000..9644ac0 --- /dev/null +++ b/files/usr/local/etc/cups/client.conf.laptop @@ -0,0 +1 @@ +client.conf.desktop
\ No newline at end of file diff --git a/files/usr/local/etc/cups/client.conf.roadwarrior_laptop b/files/usr/local/etc/cups/client.conf.roadwarrior_laptop new file mode 120000 index 0000000..9644ac0 --- /dev/null +++ b/files/usr/local/etc/cups/client.conf.roadwarrior_laptop @@ -0,0 +1 @@ +client.conf.desktop
\ No newline at end of file diff --git a/files/usr/local/etc/cups/cupsd.conf.cups_server b/files/usr/local/etc/cups/cupsd.conf.cups_server index 25e2107..e5d90c2 100644 --- a/files/usr/local/etc/cups/cupsd.conf.cups_server +++ b/files/usr/local/etc/cups/cupsd.conf.cups_server @@ -11,7 +11,6 @@ MaxLogSize 1m # Default error policy for printers ErrorPolicy retry-job -# Only listen for connections from the local machine. Listen 80 Listen 631 Listen /var/run/cups/cups.sock @@ -29,9 +28,6 @@ DefaultEncryption Required # Web interface setting... WebInterface Yes -# Timeout after cupsd exits if idle (applied only if cupsd runs on-demand - with -l) -IdleExitTimeout 60 - # Restrict access to the server... <Location /> Order allow,deny diff --git a/files/usr/local/etc/poudriere.d/make.conf.pkg_repository b/files/usr/local/etc/poudriere.d/make.conf.pkg_repository index bc8f89c..3e612a0 100644 --- a/files/usr/local/etc/poudriere.d/make.conf.pkg_repository +++ b/files/usr/local/etc/poudriere.d/make.conf.pkg_repository @@ -14,6 +14,8 @@ databases_luadbi_SET=PGSQL databases_postgresql${postgresql_version}-client_SET=PAM LDAP databases_postgresql${postgresql_version}-server_SET=PAM LDAP devel_apr1_SET=LDAP +devel_electron30_SET=PULSEAUDIO +devel_electron30_UNSET=SNDIO devel_gitolite_SET=GITUSER devel_kio-extras_UNSET=AFC devel_librelp_UNSET=GNUTLS @@ -40,9 +42,11 @@ mail_mutt_UNSET=HTML mail_postfix_SET=LDAP SASL SASLKRB5 mail_rspamd_SET=HYPERSCAN misc_kdeutils_UNSET=KFLOPPY KTEATIME +multimedia_audacious_plugins_SET=LAME multimedia_ffmpeg_SET=OPENSSL multimedia_ffmpeg_UNSET=GNUTLS multimedia_kdemultimedia_UNSET=KDENLIVE +multimedia_pipewire_UNSET=JACK multimedia_qt6-multimedia_SET=ALSA multimedia_vlc_SET=FLAC MPEG2 X264 X265 VPX DCA FAAD AOM multimedia_webcamd_UNSET=DVB INPUT RADIO diff --git a/files/usr/local/etc/poudriere.d/pkglist.pkg_repository b/files/usr/local/etc/poudriere.d/pkglist.pkg_repository index 2740c85..866c358 100644 --- a/files/usr/local/etc/poudriere.d/pkglist.pkg_repository +++ b/files/usr/local/etc/poudriere.d/pkglist.pkg_repository @@ -3,6 +3,7 @@ archivers/php${php_version}-phar archivers/php${php_version}-zip archivers/unzip archivers/zip +audio/elisa audio/juk audio/kid3 audio/kmix @@ -19,6 +20,7 @@ databases/postgresql${postgresql_version}-server databases/redis devel/ccache devel/cgit +devel/electron30 devel/git@lite devel/gitolite devel/php${php_version}-gettext @@ -58,9 +60,13 @@ mail/postfix mail/rspamd mail/sieve-connect misc/php${php_version}-calendar -multimedia/audacious +multimedia/audacious-plugins@qt5 +multimedia/audacious@qt5 multimedia/libva-intel-media-driver +multimedia/libva-utils +multimedia/libvdpau-va-gl multimedia/makemkv +multimedia/vdpauinfo multimedia/v4l-utils multimedia/v4l_compat multimedia/webcamd @@ -96,9 +102,11 @@ security/openssh-portable security/pam_krb5@mit security/pam_mkhomedir security/php${php_version}-filter +security/py-omemo-dr security/sshpass security/sudo security/vaultwarden +sysutils/cpu-microcode sysutils/htop sysutils/k3b sysutils/lsof @@ -138,6 +146,7 @@ x11-fonts/terminus-font x11-fonts/terminus-ttf x11-fonts/ubuntu-font x11-fonts/webfonts +x11-toolkits/gtksourceview4 x11/kde5 x11/sddm x11/xev diff --git a/files/usr/local/etc/sddm.conf.common b/files/usr/local/etc/sddm.conf.desktop index 09c2000..09c2000 100644 --- a/files/usr/local/etc/sddm.conf.common +++ b/files/usr/local/etc/sddm.conf.desktop diff --git a/files/usr/local/etc/sddm.conf.laptop b/files/usr/local/etc/sddm.conf.laptop new file mode 120000 index 0000000..a2aa201 --- /dev/null +++ b/files/usr/local/etc/sddm.conf.laptop @@ -0,0 +1 @@ +sddm.conf.desktop
\ No newline at end of file diff --git a/files/usr/local/etc/sddm.conf.roadwarrior_laptop b/files/usr/local/etc/sddm.conf.roadwarrior_laptop new file mode 120000 index 0000000..a2aa201 --- /dev/null +++ b/files/usr/local/etc/sddm.conf.roadwarrior_laptop @@ -0,0 +1 @@ +sddm.conf.desktop
\ No newline at end of file diff --git a/files/usr/local/etc/xdg/autostart/nss-trust-root-ca.desktop.desktop b/files/usr/local/etc/xdg/autostart/nss-trust-root-ca.desktop.desktop new file mode 100644 index 0000000..43d85fb --- /dev/null +++ b/files/usr/local/etc/xdg/autostart/nss-trust-root-ca.desktop.desktop @@ -0,0 +1,6 @@ +[Desktop Entry] +Type=Application +Name=Add site root CA to user NSS database. +Exec=/usr/local/libexec/nss-trust-root-ca +StartupNotify=false +NoDisplay=true diff --git a/files/usr/local/etc/xdg/autostart/nss-trust-root-ca.desktop.laptop b/files/usr/local/etc/xdg/autostart/nss-trust-root-ca.desktop.laptop new file mode 120000 index 0000000..8a3cf1a --- /dev/null +++ b/files/usr/local/etc/xdg/autostart/nss-trust-root-ca.desktop.laptop @@ -0,0 +1 @@ +nss-trust-root-ca.desktop.desktop
\ No newline at end of file diff --git a/files/usr/local/etc/xdg/autostart/nss-trust-root-ca.desktop.roadwarrior_laptop b/files/usr/local/etc/xdg/autostart/nss-trust-root-ca.desktop.roadwarrior_laptop new file mode 120000 index 0000000..8a3cf1a --- /dev/null +++ b/files/usr/local/etc/xdg/autostart/nss-trust-root-ca.desktop.roadwarrior_laptop @@ -0,0 +1 @@ +nss-trust-root-ca.desktop.desktop
\ No newline at end of file diff --git a/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.common b/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.common deleted file mode 100644 index 1808561..0000000 --- a/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.common +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -pkill signal-desktop chrome baloo_file -pkill -f /usr/local/libexec/geoclue-2.0/demos/agent diff --git a/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.desktop b/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.desktop new file mode 100644 index 0000000..3d1e79e --- /dev/null +++ b/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.desktop @@ -0,0 +1,7 @@ +#!/bin/sh + +# Various processes seem to hang around after logging out of KDE sessions. +# Clean them up here. + +pkill signal-desktop chrome baloo_file dirmngr +pkill -f /usr/local/libexec/geoclue-2.0/demos/agent diff --git a/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.laptop b/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.laptop new file mode 120000 index 0000000..e2cb280 --- /dev/null +++ b/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.laptop @@ -0,0 +1 @@ +cleanup.sh.desktop
\ No newline at end of file diff --git a/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.roadwarrior_laptop b/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.roadwarrior_laptop new file mode 120000 index 0000000..e2cb280 --- /dev/null +++ b/files/usr/local/etc/xdg/plasma-workspace/shutdown/cleanup.sh.roadwarrior_laptop @@ -0,0 +1 @@ +cleanup.sh.desktop
\ No newline at end of file diff --git a/files/usr/local/lib/firefox/distribution/policies.json.common b/files/usr/local/lib/firefox/distribution/policies.json.desktop index 425a6d6..de93355 100644 --- a/files/usr/local/lib/firefox/distribution/policies.json.common +++ b/files/usr/local/lib/firefox/distribution/policies.json.desktop @@ -22,7 +22,7 @@ "Extensions": { "uBlock0@raymondhill.net": { "toOverwrite": { - "filterLists": [ + "selectedFilterLists": [ "user-filters", "ublock-filters", "ublock-badware", @@ -30,11 +30,14 @@ "ublock-abuse", "ublock-unbreak", "ublock-annoyances", + "ublock-cookies-easylist", + "fanboy-cookiemonster", "easylist", "easyprivacy", "urlhaus-1", "plowe-0", "fanboy-annoyance", + "fanboy-social", "fanboy-thirdparty_social", "adguard-spyware-url", "ublock-quick-fixes" @@ -42,7 +45,7 @@ }, "toAdd": { "trustedSiteDirectives": [ - "${domain}" + "$(join '","' "$domain" $ublock_whitelist)" ] } } diff --git a/files/usr/local/lib/firefox/distribution/policies.json.laptop b/files/usr/local/lib/firefox/distribution/policies.json.laptop new file mode 120000 index 0000000..93bcb92 --- /dev/null +++ b/files/usr/local/lib/firefox/distribution/policies.json.laptop @@ -0,0 +1 @@ +policies.json.desktop
\ No newline at end of file diff --git a/files/usr/local/lib/firefox/distribution/policies.json.roadwarrior_laptop b/files/usr/local/lib/firefox/distribution/policies.json.roadwarrior_laptop new file mode 120000 index 0000000..93bcb92 --- /dev/null +++ b/files/usr/local/lib/firefox/distribution/policies.json.roadwarrior_laptop @@ -0,0 +1 @@ +policies.json.desktop
\ No newline at end of file diff --git a/files/usr/local/lib/libreoffice/program/sofficerc.common b/files/usr/local/lib/libreoffice/program/sofficerc.desktop index 77574a4..77574a4 100644 --- a/files/usr/local/lib/libreoffice/program/sofficerc.common +++ b/files/usr/local/lib/libreoffice/program/sofficerc.desktop diff --git a/files/usr/local/lib/libreoffice/program/sofficerc.laptop b/files/usr/local/lib/libreoffice/program/sofficerc.laptop new file mode 120000 index 0000000..0d2b44a --- /dev/null +++ b/files/usr/local/lib/libreoffice/program/sofficerc.laptop @@ -0,0 +1 @@ +sofficerc.desktop
\ No newline at end of file diff --git a/files/usr/local/lib/libreoffice/program/sofficerc.roadwarrior_laptop b/files/usr/local/lib/libreoffice/program/sofficerc.roadwarrior_laptop new file mode 120000 index 0000000..0d2b44a --- /dev/null +++ b/files/usr/local/lib/libreoffice/program/sofficerc.roadwarrior_laptop @@ -0,0 +1 @@ +sofficerc.desktop
\ No newline at end of file diff --git a/files/usr/local/libexec/idm-update-unbound-blocklists.idm_server b/files/usr/local/libexec/idm-update-unbound-blocklists.idm_server index c33b909..381032d 100644 --- a/files/usr/local/libexec/idm-update-unbound-blocklists.idm_server +++ b/files/usr/local/libexec/idm-update-unbound-blocklists.idm_server @@ -3,8 +3,7 @@ set -eu -o pipefail prog=$(basename "$(readlink -f "$0")") -usage="${prog} BLOCKLIST_DIR - Blocklist URLs are read from stdin." +usage="${prog} URL_FILE WHITELIST_FILE BLOCKLIST_DIR" die() { printf '%s: %s\n' "$prog" "$*" 1>&2 @@ -16,17 +15,41 @@ usage(){ exit 2 } -[ $# -eq 1 ] || usage -case $1 in +case ${1:-} in -h|--help) usage ;; esac -[ -d "$1" ] || die "not a directory: ${1}" +[ $# -eq 3 ] || usage -cd "$1" +url_file=$1 +whitelist_file=$2 +blocklist_dir=$3 +[ -d "$blocklist_dir" ] || die "not a directory: ${blocklist_dir}" + +cd "$blocklist_dir" + +# Delete any existing zone files. find . -maxdepth 1 -type f -exec rm {} + -while read -r name url; do - [ -n "$url" ] && curl -sSfL -o "${name}.zone" "$url" -done +if grep -q '[^[:space:]]' "$whitelist_file"; then + # If the whitelist file is non empty, compute a regex. + while read -r pattern; do + [ -n "$pattern" ] || continue + whitelist_regex="${whitelist_regex:+"${whitelist_regex}|"}${pattern}" + done < "$whitelist_file" + + # For each blocklist url, download the blocklist and filter out the whitelist. + while read -r name url; do + [ -n "$url" ] && curl -sSfL "$url" | grep -Ev "^(.*\\.)?(${whitelist_regex})[[:space:]]" > "${name}.zone" + done < "$url_file" +else + # If no whitelist configured, just download each blocklist. + while read -r name url; do + [ -n "$url" ] && curl -sSfL -o "${name}.zone" "$url" + done < "$url_file" +fi + +# Try to reload unbound. +unbound_pidfile=$(/usr/local/sbin/unbound-checkconf -o pidfile /usr/local/etc/unbound/unbound.conf) +kill -HUP "$(cat "$unbound_pidfile")" ||: diff --git a/files/usr/local/libexec/nss-trust-root-ca.common b/files/usr/local/libexec/nss-trust-root-ca.common new file mode 100644 index 0000000..6a38a86 --- /dev/null +++ b/files/usr/local/libexec/nss-trust-root-ca.common @@ -0,0 +1,16 @@ +#!/bin/sh + +# Chromium no longer trusts the system certificate store. Instead, it uses the +# user's local NSS database, located at ~/.pki. +# +# This script adds our local root CA to the NSS DB, so that Chrome will trust it. + +cert_name="$(hostname -d) Root CA" +cert_path=/usr/local/etc/ssl/certs/ca.crt +nss_db_path="${HOME}/.pki/nssdb" + +mkdir -p "$nss_db_path" + +if ! certutil -d "sql:${nss_db_path}" -L -n "$cert_name" > /dev/null 2>&1; then + certutil -d "sql:${nss_db_path}" -A -t 'C,,' -n "$cert_name" -i "$cert_path" +fi diff --git a/files/usr/local/libexec/pam-create-local-homedir.common b/files/usr/local/libexec/pam-create-local-homedir.common index a956d65..2d30d06 100644 --- a/files/usr/local/libexec/pam-create-local-homedir.common +++ b/files/usr/local/libexec/pam-create-local-homedir.common @@ -1,10 +1,3 @@ #!/bin/sh -set -e - -uid=$(id -u "$PAM_USER") - -if [ "$uid" -ge 1000 ]; then - install -m 0755 -d /usr/local/home - install -o "$uid" -g "$uid" -m 0700 -d "/usr/local/home/${PAM_USER}" -fi +install -o "$PAM_USER" -g "$PAM_USER" -m 0700 -d "/usr/local/home/${PAM_USER}" diff --git a/files/usr/local/share-override/applications/chromium-browser.desktop.desktop b/files/usr/local/share-override/applications/chromium-browser.desktop.desktop new file mode 100644 index 0000000..cb5a5bf --- /dev/null +++ b/files/usr/local/share-override/applications/chromium-browser.desktop.desktop @@ -0,0 +1,11 @@ +[Desktop Entry] +Type=Application +Version=1.0 +Encoding=UTF-8 +Name=Chromium +Comment=Google web browser based on WebKit +Icon=chrome +Exec=chrome ${chrome_flags} %U +Categories=Application;Network;WebBrowser; +MimeType=text/html;text/xml;application/xhtml+xml;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp; +StartupNotify=true diff --git a/files/usr/local/share-override/applications/chromium-browser.desktop.laptop b/files/usr/local/share-override/applications/chromium-browser.desktop.laptop new file mode 120000 index 0000000..351c67b --- /dev/null +++ b/files/usr/local/share-override/applications/chromium-browser.desktop.laptop @@ -0,0 +1 @@ +chromium-browser.desktop.desktop
\ No newline at end of file diff --git a/files/usr/local/share-override/applications/chromium-browser.desktop.roadwarrior_laptop b/files/usr/local/share-override/applications/chromium-browser.desktop.roadwarrior_laptop new file mode 120000 index 0000000..351c67b --- /dev/null +++ b/files/usr/local/share-override/applications/chromium-browser.desktop.roadwarrior_laptop @@ -0,0 +1 @@ +chromium-browser.desktop.desktop
\ No newline at end of file diff --git a/files/usr/local/override/applications/signal-desktop.desktop.common b/files/usr/local/share-override/applications/signal-desktop.desktop.desktop index d0c9160..d0c9160 100644 --- a/files/usr/local/override/applications/signal-desktop.desktop.common +++ b/files/usr/local/share-override/applications/signal-desktop.desktop.desktop diff --git a/files/usr/local/share-override/applications/signal-desktop.desktop.laptop b/files/usr/local/share-override/applications/signal-desktop.desktop.laptop new file mode 120000 index 0000000..6a702d4 --- /dev/null +++ b/files/usr/local/share-override/applications/signal-desktop.desktop.laptop @@ -0,0 +1 @@ +signal-desktop.desktop.desktop
\ No newline at end of file diff --git a/files/usr/local/share-override/applications/signal-desktop.desktop.roadwarrior_laptop b/files/usr/local/share-override/applications/signal-desktop.desktop.roadwarrior_laptop new file mode 120000 index 0000000..6a702d4 --- /dev/null +++ b/files/usr/local/share-override/applications/signal-desktop.desktop.roadwarrior_laptop @@ -0,0 +1 @@ +signal-desktop.desktop.desktop
\ No newline at end of file |