From ac4887db14d4fa11cd51f236c1d1b03fbed70409 Mon Sep 17 00:00:00 2001
From: enggnr <129082112+enggnr@users.noreply.github.com>
Date: Thu, 21 Dec 2023 19:06:09 +0530
Subject: [PATCH 1/2] Configure clamav on MacOS
---
home/dot_local/etc/clamav/freshclam.conf | 4 +--
.../clamav/installdoctor.clamdscan.plist.tmpl | 30 ++++++++++++++++
.../clamav/installdoctor.freshclam.plist.tmpl | 30 ++++++++++++++++
software.yml | 35 ++++++++++++-------
4 files changed, 84 insertions(+), 15 deletions(-)
create mode 100644 home/dot_local/etc/clamav/installdoctor.clamdscan.plist.tmpl
create mode 100644 home/dot_local/etc/clamav/installdoctor.freshclam.plist.tmpl
diff --git a/home/dot_local/etc/clamav/freshclam.conf b/home/dot_local/etc/clamav/freshclam.conf
index 7155881b..5dede39f 100644
--- a/home/dot_local/etc/clamav/freshclam.conf
+++ b/home/dot_local/etc/clamav/freshclam.conf
@@ -115,7 +115,7 @@ DatabaseMirror database.clamav.net
# Number of database checks per day.
# Default: 12 (every two hours)
-#Checks 24
+Checks 1
# Proxy settings
# The HTTPProxyServer may be prefixed with [scheme]:// to specify which kind
@@ -201,4 +201,4 @@ NotifyClamd /usr/local/etc/clamav/clamd.conf
# Exclude a standard signature database (opt-out).
# This option can be used multiple times.
#ExcludeDatabase dbname1
-#ExcludeDatabase dbname2
\ No newline at end of file
+#ExcludeDatabase dbname2
diff --git a/home/dot_local/etc/clamav/installdoctor.clamdscan.plist.tmpl b/home/dot_local/etc/clamav/installdoctor.clamdscan.plist.tmpl
new file mode 100644
index 00000000..18f557a6
--- /dev/null
+++ b/home/dot_local/etc/clamav/installdoctor.clamdscan.plist.tmpl
@@ -0,0 +1,30 @@
+{{- if eq .host.distro.family "darwin" -}}
+
+
+
+
+ Label
+ installdoctor.clamdscan
+ ProgramArguments
+
+ /usr/local/bin/clamdscan
+ /
+
+ StartCalendarInterval
+
+
+ Hour
+ 22
+ Minute
+ 0
+
+
+ UserName
+ root
+ StandardErrorPath
+ /var/log/installdoctor/clamdscan.error.log
+ StandardOutPath
+ /var/log/installdoctor/clamdscan.output.log
+
+
+{{- end -}}
diff --git a/home/dot_local/etc/clamav/installdoctor.freshclam.plist.tmpl b/home/dot_local/etc/clamav/installdoctor.freshclam.plist.tmpl
new file mode 100644
index 00000000..eb40359f
--- /dev/null
+++ b/home/dot_local/etc/clamav/installdoctor.freshclam.plist.tmpl
@@ -0,0 +1,30 @@
+{{- if eq .host.distro.family "darwin" -}}
+
+
+
+
+ Label
+ installdoctor.freshclam
+ ProgramArguments
+
+ /usr/local/bin/freshclam
+ -v
+
+ StartCalendarInterval
+
+
+ Hour
+ 21
+ Minute
+ 0
+
+
+ UserName
+ {{ $.chezmoi.username }}
+ StandardErrorPath
+ /var/log/installdoctor/freshclam.error.log
+ StandardOutPath
+ /var/log/installdoctor/freshclam.output.log
+
+
+{{- end -}}
diff --git a/software.yml b/software.yml
index 16c86203..406bce57 100644
--- a/software.yml
+++ b/software.yml
@@ -2304,6 +2304,15 @@ softwarePackages:
_name: ClamAV
_post: |
#!/usr/bin/env bash
+ # Setting up launchd services
+ if [ -d /Applications ] && [ -d /System ]; then
+ sudo mkdir -p /var/log/installdoctor
+ sudo chown $USER /var/log/installdoctor
+ sudo cp -f "$HOME/.local/etc/clamav/installdoctor.clamdscan.plist.tmpl" /Library/LaunchDaemons/installdoctor.clamdscan.plist
+ sudo cp -f "$HOME/.local/etc/clamav/installdoctor.freshclam.plist.tmpl" /Library/LaunchDaemons/installdoctor.freshclam.plist
+ sudo launchctl load -w /Library/LaunchDaemons/installdoctor.clamdscan.plist
+ sudo launchctl load -w /Library/LaunchDaemons/installdoctor.freshclam.plist
+ fi
# Add freshclam.conf
if [ -f "$HOME/.local/etc/clamav/freshclam.conf" ]; then
sudo mkdir -p /usr/local/etc/clamav
@@ -3119,7 +3128,7 @@ softwarePackages:
# @brief Logs into DockerHub for Docker Desktop
# @description
# This script logs into DockerHub so that Docker Desktop is pre-authenticated. This
- # functionality requires that the `DOCKERHUB_USER` be passed in as an environment variable (or
+ # functionality requires that the `DOCKERHUB_USER` be passed in as an environment variable (or
# directly editted in the `~/.config/chezmoi/chezmoi.yaml` file) and that the `DOCKERHUB_TOKEN`
# be passed in as a secret (either via the encrypted secret method or passed in as an environment
# variable).
@@ -5169,7 +5178,7 @@ softwarePackages:
### Populate appropriate token
case "$OSTYPE" in
solaris*) echo "TODO" ;;
- darwin*) GITLAB_RUNNER_TOKEN="{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "GITLAB_RUNNER_TOKEN_DARWIN")) }}{{ includeTemplate "secrets/GITLAB_RUNNER_TOKEN_DARWIN" | decrypt | trim }}{{ else }}{{ env "GITLAB_RUNNER_TOKEN_DARWIN" }}{{ end }}" ;;
+ darwin*) GITLAB_RUNNER_TOKEN="{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "GITLAB_RUNNER_TOKEN_DARWIN")) }}{{ includeTemplate "secrets/GITLAB_RUNNER_TOKEN_DARWIN" | decrypt | trim }}{{ else }}{{ env "GITLAB_RUNNER_TOKEN_DARWIN" }}{{ end }}" ;;
linux*) GITLAB_RUNNER_TOKEN="{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "GITLAB_RUNNER_TOKEN_LINUX")) }}{{ includeTemplate "secrets/GITLAB_RUNNER_TOKEN_LINUX" | decrypt | trim }}{{ else }}{{ env "GITLAB_RUNNER_TOKEN_LINUX" }}{{ end }}" ;;
bsd*) echo "TODO" ;;
msys*) GITLAB_RUNNER_TOKEN="{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "GITLAB_RUNNER_TOKEN_WINDOWS")) }}{{ includeTemplate "secrets/GITLAB_RUNNER_TOKEN_WINDOWS" | decrypt | trim }}{{ else }}{{ env "GITLAB_RUNNER_TOKEN_WINDOWS" }}{{ end }}" ;;
@@ -5198,7 +5207,7 @@ softwarePackages:
{{ end -}}
{{ end }}
fi
-
+
### Register VirtualBox based runners if VirtualBox is installed
if [ $HAS_VIRTUALBOX -eq 1 ]; then
logg info 'Registering GitLab Runner(s) that use VirtualBox executor'
@@ -5272,12 +5281,12 @@ softwarePackages:
if command -v gitomatic > /dev/null; then
### Copy bin to /usr/local/bin
logg info "Copying $HOME/.local/bin/gitomatic-service to /usr/local/bin/gitomatic-service" && sudo cp -f "$HOME/.local/bin/gitomatic-service" /usr/local/bin/gitomatic-service
-
+
### Copy gitomatic to global directory
if [ ! -f /usr/local/bin/gitomatic ]; then
logg info 'Copying gitomatic executable to /usr/local/bin/gitomatic' && sudo cp -f "$(which gitomatic)" /usr/local/bin/gitomatic
fi
-
+
if [ -d /Applications ] && [ -d /System ]; then
### macOS
logg info 'Copying gitomatic plist file to /Library/LaunchDaemons' && sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/gitomatic/com.github.muesli.gitomatic.plist" /Library/LaunchDaemons/com.github.muesli.gitomatic.plist
@@ -7817,7 +7826,7 @@ softwarePackages:
### netdata-claim.sh must be run as netdata user
sudo -H -u netdata bash -c 'export NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}" && export NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}" && yes | netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="https://app.netdata.cloud"'
-
+
### Kernel optimizations
# These are mentioned while installing via the kickstart.sh script method. We are using Homebrew for the installation though.
# Assuming these optimizations do not cause any harm.
@@ -7849,7 +7858,7 @@ softwarePackages:
logg error 'No etc location found for netdata' && exit 1
fi
logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health.d/ to $NETDATA_ETC" && sudo cp -rf "${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health.d/" "$NETDATA_ETC"
-
+
if command -v gsed > /dev/null; then
SED_UTIL="gsed"
else
@@ -7859,7 +7868,7 @@ softwarePackages:
### Blocky
logg info "Adding Blocky metrics collection to $NETDATA_ETC/go.d/prometheus.conf"
sudo "$SED_UTIL" -i "/jobs:/a\ - name: blocky_local \n url: 'http://127.0.0.1:4000/metrics'" "$NETDATA_ETC/go.d/prometheus.conf"
-
+
### SFTPGo
logg info "Adding SFTPGo metrics collection to $NETDATA_ETC/go.d/prometheus.conf"
sudo "$SED_UTIL" -i "/jobs:/a\ - name: sftpgo_local \n url: 'http://127.0.0.1:57500/metrics'" "$NETDATA_ETC/go.d/prometheus.conf"
@@ -10798,7 +10807,7 @@ softwarePackages:
_home: https://github.com/skeeto/endlessh
_name: Endlessh
_service: endlessh
- _post: |
+ _post: |
#!/usr/bin/env bash
# @file Endlessh Configuration
# @brief Applies the Endlessh configuration and starts the service on Linux systems
@@ -11638,7 +11647,7 @@ softwarePackages:
yay: termius
dagu:
_bin: dagu
- _github:
+ _github:
_name: Dagu
_post: |
#!/usr/bin/env bash
@@ -12018,7 +12027,7 @@ softwarePackages:
# ## Links
#
# * [Privoxy configuration](https://github.com/megabyte-labs/install.doctor/tree/master/home/dot_config/privoxy/config)
-
+
### Define the Privoxy configuration location based on whether system is macOS or Linux
if [ -d /Applications ] && [ -d /System ]; then
### macOS
@@ -12044,7 +12053,7 @@ softwarePackages:
sudo add-usergroup "$USER" privoxy
fi
sudo chown privoxy:privoxy "$PRIVOXY_CONFIG" 2> /dev/null || sudo chown privoxy:$(id -g -n) "$PRIVOXY_CONFIG"
-
+
### Restart Privoxy after configuration is applied
if [ -d /Applications ] && [ -d /System ]; then
### macOS
@@ -13583,7 +13592,7 @@ softwarePackages:
# ## Links
#
# * [`fail2ban` configuration folder](https://github.com/megabyte-labs/install.doctor/tree/master/home/private_dot_ssh/fail2ban)
-
+
### Notify of script start
logg info 'Configuring fail2ban'
From be6858a57476dd939db5d265d97f969db8135dda Mon Sep 17 00:00:00 2001
From: enggnr <129082112+enggnr@users.noreply.github.com>
Date: Thu, 28 Dec 2023 16:30:39 +0530
Subject: [PATCH 2/2] Fix conflicts and remove branding in file names
---
...tor.clamdscan.plist.tmpl => clamdscan.plist.tmpl} | 6 +++---
...tor.freshclam.plist.tmpl => freshclam.plist.tmpl} | 6 +++---
software.yml | 12 ++++++------
3 files changed, 12 insertions(+), 12 deletions(-)
rename home/dot_local/etc/clamav/{installdoctor.clamdscan.plist.tmpl => clamdscan.plist.tmpl} (79%)
rename home/dot_local/etc/clamav/{installdoctor.freshclam.plist.tmpl => freshclam.plist.tmpl} (80%)
diff --git a/home/dot_local/etc/clamav/installdoctor.clamdscan.plist.tmpl b/home/dot_local/etc/clamav/clamdscan.plist.tmpl
similarity index 79%
rename from home/dot_local/etc/clamav/installdoctor.clamdscan.plist.tmpl
rename to home/dot_local/etc/clamav/clamdscan.plist.tmpl
index 18f557a6..d3d472e4 100644
--- a/home/dot_local/etc/clamav/installdoctor.clamdscan.plist.tmpl
+++ b/home/dot_local/etc/clamav/clamdscan.plist.tmpl
@@ -4,7 +4,7 @@
Label
- installdoctor.clamdscan
+ clamav.clamdscan
ProgramArguments
/usr/local/bin/clamdscan
@@ -22,9 +22,9 @@
UserName
root
StandardErrorPath
- /var/log/installdoctor/clamdscan.error.log
+ /var/log/clamav/clamdscan.error.log
StandardOutPath
- /var/log/installdoctor/clamdscan.output.log
+ /var/log/clamav/clamdscan.output.log
{{- end -}}
diff --git a/home/dot_local/etc/clamav/installdoctor.freshclam.plist.tmpl b/home/dot_local/etc/clamav/freshclam.plist.tmpl
similarity index 80%
rename from home/dot_local/etc/clamav/installdoctor.freshclam.plist.tmpl
rename to home/dot_local/etc/clamav/freshclam.plist.tmpl
index eb40359f..a0ac4388 100644
--- a/home/dot_local/etc/clamav/installdoctor.freshclam.plist.tmpl
+++ b/home/dot_local/etc/clamav/freshclam.plist.tmpl
@@ -4,7 +4,7 @@
Label
- installdoctor.freshclam
+ clamav.freshclam
ProgramArguments
/usr/local/bin/freshclam
@@ -22,9 +22,9 @@
UserName
{{ $.chezmoi.username }}
StandardErrorPath
- /var/log/installdoctor/freshclam.error.log
+ /var/log/clamav/freshclam.error.log
StandardOutPath
- /var/log/installdoctor/freshclam.output.log
+ /var/log/clamav/freshclam.output.log
{{- end -}}
diff --git a/software.yml b/software.yml
index 406bce57..0d707518 100644
--- a/software.yml
+++ b/software.yml
@@ -2306,12 +2306,12 @@ softwarePackages:
#!/usr/bin/env bash
# Setting up launchd services
if [ -d /Applications ] && [ -d /System ]; then
- sudo mkdir -p /var/log/installdoctor
- sudo chown $USER /var/log/installdoctor
- sudo cp -f "$HOME/.local/etc/clamav/installdoctor.clamdscan.plist.tmpl" /Library/LaunchDaemons/installdoctor.clamdscan.plist
- sudo cp -f "$HOME/.local/etc/clamav/installdoctor.freshclam.plist.tmpl" /Library/LaunchDaemons/installdoctor.freshclam.plist
- sudo launchctl load -w /Library/LaunchDaemons/installdoctor.clamdscan.plist
- sudo launchctl load -w /Library/LaunchDaemons/installdoctor.freshclam.plist
+ sudo mkdir -p /var/log/clamav
+ sudo chown $USER /var/log/clamav
+ sudo cp -f "$HOME/.local/etc/clamav/clamdscan.plist.tmpl" /Library/LaunchDaemons/clamdscan.plist
+ sudo cp -f "$HOME/.local/etc/clamav/freshclam.plist.tmpl" /Library/LaunchDaemons/freshclam.plist
+ sudo launchctl load -w /Library/LaunchDaemons/clamdscan.plist
+ sudo launchctl load -w /Library/LaunchDaemons/freshclam.plist
fi
# Add freshclam.conf
if [ -f "$HOME/.local/etc/clamav/freshclam.conf" ]; then