From e66dbed7a826579b7695044bcc13f84ddf4f4a68 Mon Sep 17 00:00:00 2001 From: Chad Date: Mon, 23 Sep 2024 11:51:17 -0700 Subject: [PATCH] Enhance Functions + General Improvements (#52) * Add an alternative to Audacity. * Remove the Brave Browser since the repo has started failing and I only use Firefox browsers these days. * Remove alias audacity for tenacity. * Ignore if the repos are already removed. * Stop installing Telegraf. * Add the new dconf name for System Monitor. * Remove the download if it already exists. Force the move. * Fix overwrite prompt for Metasploit. * Don't do flatpaks during a battery device's goodbye. * Fix variable case, add quotes. * Fix double quotes. * Add full set of commands for compressing videos. * Fix trash size checking to work for folders. * Allow only updating system or Flatpak programs. * Also check the DE trash folder. * No longer have Flatpaks contingent on system updates. * Improve variable names and flow. * Fix maxdepth. * Check network mounts for hidden trash folders. * Add media. Only restrict maxdepth for Home directory. * Properly check media. * Ensure hidden files also get seen and removed. --- facts/general/package.yml | 2 +- files/scripts/compress_video.sh | 2 +- tasks/general/acct_mgmt/users.yml | 84 ++++-- tasks/general/software/metasploit.yml | 5 +- tasks/general/software/telegraf.yml | 244 +++++++++--------- tasks/workstation/linux/software/brave.yml | 123 ++++++--- tasks/workstation/linux/software/flatpaks.yml | 1 + tasks/workstation/shared/settings/gnome.yml | 2 +- 8 files changed, 279 insertions(+), 184 deletions(-) diff --git a/facts/general/package.yml b/facts/general/package.yml index e426362..8b4e7cc 100644 --- a/facts/general/package.yml +++ b/facts/general/package.yml @@ -217,7 +217,7 @@ echo " distribution='${distribution}', pkg_mgr='${pkg_mgr}'" >&2 fi ;; - esac && + esac # End of update_package_manager # Flatpaks diff --git a/files/scripts/compress_video.sh b/files/scripts/compress_video.sh index 1a3b352..9939667 100755 --- a/files/scripts/compress_video.sh +++ b/files/scripts/compress_video.sh @@ -98,7 +98,7 @@ fi if [[ -z "$video_bitrate" ]]; then video_bitrate="2000k" fi -video_bitrate="-maxrate $video_bitrate" +video_bitrate="-b:v $video_bitrate -minrate 0 -maxrate $video_bitrate -bufsize $video_bitrate" if [[ -z "$audio_bitrate" ]]; then audio_bitrate="192k" diff --git a/tasks/general/acct_mgmt/users.yml b/tasks/general/acct_mgmt/users.yml index 4ec56fe..ff9763b 100644 --- a/tasks/general/acct_mgmt/users.yml +++ b/tasks/general/acct_mgmt/users.yml @@ -154,24 +154,47 @@ $PROG is used to run all the system's package manager commands in one swoop. Flow stops if any command returns a failure code. The hope is to run something as easy as 'pacman -Syyu'. - -y : Assume yes to any prompts." + -y : Assume yes to any prompts. + -g : Shutdown after updating. + -s : System updates only, no Flatpaks. + -f : Flatpaks only, no system updates." unset OPTIND unset accept - while getopts ":hy" opt; do + while getopts ":hygsf" opt; do case $opt in h) echo -e "$usage" return 0 ;; y) accept="-y" ;; + g) goodbye="Y" ;; + s) only_sys="Y" ;; + f) only_flat="Y" ;; *) echo "ERROR: -$OPTARG is not a recognized option." >&2 echo -e "$usage" return 1 ;; esac done - {{ update_package_manager }} - {{ update_flatpak }} + if [[ "$only_flat" == "Y" ]]; then + echo -e "\n*** Only Flatpaks - Skipping System Updates ***\n\n" + else + {{ update_package_manager }} + fi + + if [[ "$goodbye" == "Y" && "{{ battery }}" == "True" ]]; then + echo -e "\n*** Only System Updates - Skipping Flatpak ***\n\n" + elif [[ "$only_sys" == "Y" ]]; then + echo -e "\n*** Manually Skipping Flatpak ***\n\n" + else + {{ update_flatpak }} + fi + echo "*** Completed Successfully ***" + + if [[ $goodbye == "Y" ]]; then + bye + fi + return 0 } function_update_firmware: | @@ -218,7 +241,7 @@ alias init-prog=init-program bye_aliases: | alias bye="{{ shutdown_command }}" - alias goodbye="update -y && bye" + alias goodbye="update -yg" metasploit_aliases: | alias metasploit="msfconsole" alias hax="metasploit" @@ -256,7 +279,7 @@ * ) echo " ERROR: Option '$1' with value '$2' not recognized. - $PROG [-c|-clean|--clean|-y] [-n|-net|--network] + $PROG [-c|-y|--clean] [-n|-net|--network] " >&2 return 1 ;; @@ -268,18 +291,37 @@ echo "Grabbing sudo permissions..." sudo echo "Success! Starting search..." function dirs_to_check { - echo "/root" - echo "/home" + echo "/root 0" + echo "/home 4" + echo "/media 0" } - dirs_to_check | while read dir; do + dirs_to_check | while read dir depth; do + if [[ "$depth" != 0 ]]; then + maxdepth="-maxdepth $depth" + fi + sudo="sudo" + if [[ "$dir" == "/media" ]]; then + sudo="" + dir="$dir/$LOGNAME" + fi echo "Checking $dir..." - sudo find $dir -name TRASH | while read trash; do - if [[ "$trash" != "" && `sudo ls $trash` ]]; then + $sudo find $dir -name TRASH | while read trash; do + if [[ "$trash" != "" && `$sudo ls -a $trash` ]]; then echo "Found $trash with contents:" - sudo ls -lh $trash + $sudo du -ha $trash | sort -h if [[ "$clean" == "Y" ]]; then echo "Cleaning trash..." - sudo sh -c "rm -rfv $trash/*" + $sudo sh -c "cd $trash; rm -rfv ..?* .[!.]* *" + fi + fi + done + $sudo find $dir $maxdepth -name "*"Trash"*" | while read trash; do + if [[ "$trash" != "" && `$sudo ls -a $trash` ]]; then + echo "Found $trash with contents:" + $sudo du -ha $trash | sort -h + if [[ "$clean" == "Y" ]]; then + echo "Cleaning trash..." + $sudo sh -c "cd $trash; rm -rfv ..?* .[!.]* *" fi fi done @@ -291,12 +333,22 @@ network_to_check | while read dir; do echo "Checking $dir..." sudo find $dir -name TRASH | while read trash; do - if [[ "$trash" != "" && `sudo ls $trash` ]]; then + if [[ "$trash" != "" && `sudo ls -a $trash` ]]; then echo "Found $trash with contents:" - sudo ls -lh $trash + sudo du -ha $trash | sort -h if [[ "$clean" == "Y" ]]; then echo "Cleaning trash..." - sudo sh -c "rm -rfv $trash/*" + sudo sh -c "cd $trash; rm -rfv ..?* .[!.]* *" + fi + fi + done + sudo find $dir -name .Trash"*" | while read trash; do + if [[ "$trash" != "" && `sudo ls -a $trash` ]]; then + echo "Found $trash with contents:" + sudo du -ha $trash | sort -h + if [[ "$clean" == "Y" ]]; then + echo "Cleaning trash..." + sudo sh -c "cd $trash; rm -rfv ..?* .[!.]* *" fi fi done diff --git a/tasks/general/software/metasploit.yml b/tasks/general/software/metasploit.yml index 1ed589e..f9d56a7 100644 --- a/tasks/general/software/metasploit.yml +++ b/tasks/general/software/metasploit.yml @@ -2,16 +2,17 @@ # Install Metasploit Framework - name: General | Software | Metasploit | Facts - set_fact: + set_fact: metasploit_installer: msfinstall when: ansible_system in ("Linux", "Darwin") - name: General | Software | Metasploit | Install shell: "{{ item }}" loop: + - "mv -fv /usr/share/keyrings/metasploit-framework.gpg /usr/share/keyrings/metasploit-framework.gpg.old" - "curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > {{ metasploit_installer }}" - "chmod 755 {{ metasploit_installer }}" - "mkdir -p {{ global_bin }}" - - "mv ./msfinstall {{ global_bin }}/{{ metasploit_installer }}" + - "mv -fv ./msfinstall {{ global_bin }}/{{ metasploit_installer }}" - "{{ global_bin }}/{{ metasploit_installer }}" when: ansible_system in ("Linux", "Darwin") diff --git a/tasks/general/software/telegraf.yml b/tasks/general/software/telegraf.yml index a6cca42..c323837 100644 --- a/tasks/general/software/telegraf.yml +++ b/tasks/general/software/telegraf.yml @@ -35,128 +35,130 @@ telegraf_input_temp: "" when: ansible_system == "FreeBSD" -# Dependencies # +# 2024-05-23 Server has not been running for a while, stop installing this. -- name: General | Telegraf | Pre-Reqs - package: - name: wget - when: ansible_system == "Linux" - -# Install # - -- name: General | Telegraf | Linux | Install - shell: "{{ item }}" - args: - chdir: "{{ ansible_env.HOME }}/Downloads/" - loop: - - mkdir -p {{ telegraf_path }} - - mkdir -p {{ telegraf_config_path }} - - wget --no-check-certificate "https://dl.influxdata.com/telegraf/releases/{{ telegraf_tar }}" - - tar xvf {{ telegraf_tar }} - - mv {{ telegraf_tar }} ~/TRASH/ - - mv telegraf*/usr/bin/telegraf {{ telegraf_exec }} - - rm -r telegraf* - when: ansible_system == "Linux" - -- name: General | Telegraf | FreeBSD | Install 1/2 - shell: /usr/sbin/pwd_mkdb -p /etc/master.passwd - when: ansible_system == "FreeBSD" - -- name: General | Telegraf | FreeBSD | Install 2/2 - package: - name: telegraf - when: ansible_system == "FreeBSD" - -# Configuration # - -- name: General | Telegraf | Config 1/2 - shell: mv {{ telegraf_config }} ~/TRASH/ - ignore_errors: yes - -- name: General | Telegraf | Config 2/2 - blockinfile: - path: "{{ telegraf_config }}" - block: | - [global_tags] - # dc = "us-east-1" # will tag all metrics with dc=us-east-1 - # rack = "1a" - ## Environment variables can be used as tags, and throughout the config file - # user = "$USER" - - [agent] - interval = "{{ '300s' if battery else '5s' }}" - metric_batch_size = 1000 - metric_buffer_limit = 10000 - collection_jitter = "0s" - flush_interval = "30s" - flush_jitter = "10s" - precision = "" - # debug = false - # quiet = false - # logtarget = "file" - # logfile = "" - # logfile_rotation_interval = "0d" - # logfile_rotation_max_size = "0MB" - # logfile_rotation_max_archives = 5 - hostname = "" - omit_hostname = false - - [[outputs.influxdb]] - urls = ["http://192.168.1.82:8086"] - database = "main" - # database_tag = "" - # exclude_database_tag = false - # skip_database_creation = false - # retention_policy = "" - # retention_policy_tag = "" - # exclude_retention_policy_tag = false - # write_consistency = "any" - # timeout = "5s" - # username = "telegraf" - # password = "metricsmetricsmetricsmetrics" - # user_agent = "telegraf" - # udp_payload = "512B" - # tls_ca = "/etc/telegraf/ca.pem" - # tls_cert = "/etc/telegraf/cert.pem" - # tls_key = "/etc/telegraf/key.pem" - # insecure_skip_verify = false - # http_proxy = "http://corporate.proxy:3128" - # http_headers = {"X-Special-Header" = "Special-Value"} - # content_encoding = "gzip" - # influx_uint_support = false - - [[inputs.cpu]] - percpu = false - totalcpu = true - collect_cpu_time = false - report_active = false - - [[inputs.disk]] - # mount_points = ["/"] - ignore_fs = ["tmpfs", "devtmpfs", "devfs", "iso9660", "overlay", "aufs", "squashfs", "fdescfs", "procfs", "nullfs"] - - [[inputs.diskio]] - # devices = ["sda", "sdb", "vd*"] - # skip_serial_number = false - # device_tags = ["ID_FS_TYPE", "ID_FS_USAGE"] - # name_templates = ["$ID_FS_LABEL","$DM_VG_NAME/$DM_LV_NAME"] - - [[inputs.kernel]] - - [[inputs.mem]] - - [[inputs.processes]] - - [[inputs.swap]] - - [[inputs.system]] - # fielddrop = ["uptime_format"] - - {{ telegraf_input_temp }} - - marker: '# {mark} MANAGED BY ANSIBLE - telegraf.yml' - state: present - create: yes +#### Dependencies # +### +###- name: General | Telegraf | Pre-Reqs +### package: +### name: wget +### when: ansible_system == "Linux" +### +#### Install # +### +###- name: General | Telegraf | Linux | Install +### shell: "{{ item }}" +### args: +### chdir: "{{ ansible_env.HOME }}/Downloads/" +### loop: +### - mkdir -p {{ telegraf_path }} +### - mkdir -p {{ telegraf_config_path }} +### - wget --no-check-certificate "https://dl.influxdata.com/telegraf/releases/{{ telegraf_tar }}" +### - tar xvf {{ telegraf_tar }} +### - mv {{ telegraf_tar }} ~/TRASH/ +### - mv telegraf*/usr/bin/telegraf {{ telegraf_exec }} +### - rm -r telegraf* +### when: ansible_system == "Linux" +### +###- name: General | Telegraf | FreeBSD | Install 1/2 +### shell: /usr/sbin/pwd_mkdb -p /etc/master.passwd +### when: ansible_system == "FreeBSD" +### +###- name: General | Telegraf | FreeBSD | Install 2/2 +### package: +### name: telegraf +### when: ansible_system == "FreeBSD" +### +#### Configuration # +### +###- name: General | Telegraf | Config 1/2 +### shell: mv {{ telegraf_config }} ~/TRASH/ +### ignore_errors: yes +### +###- name: General | Telegraf | Config 2/2 +### blockinfile: +### path: "{{ telegraf_config }}" +### block: | +### [global_tags] +### # dc = "us-east-1" # will tag all metrics with dc=us-east-1 +### # rack = "1a" +### ## Environment variables can be used as tags, and throughout the config file +### # user = "$USER" +### +### [agent] +### interval = "{{ '300s' if battery else '5s' }}" +### metric_batch_size = 1000 +### metric_buffer_limit = 10000 +### collection_jitter = "0s" +### flush_interval = "30s" +### flush_jitter = "10s" +### precision = "" +### # debug = false +### # quiet = false +### # logtarget = "file" +### # logfile = "" +### # logfile_rotation_interval = "0d" +### # logfile_rotation_max_size = "0MB" +### # logfile_rotation_max_archives = 5 +### hostname = "" +### omit_hostname = false +### +### [[outputs.influxdb]] +### urls = ["http://192.168.1.82:8086"] +### database = "main" +### # database_tag = "" +### # exclude_database_tag = false +### # skip_database_creation = false +### # retention_policy = "" +### # retention_policy_tag = "" +### # exclude_retention_policy_tag = false +### # write_consistency = "any" +### # timeout = "5s" +### # username = "telegraf" +### # password = "metricsmetricsmetricsmetrics" +### # user_agent = "telegraf" +### # udp_payload = "512B" +### # tls_ca = "/etc/telegraf/ca.pem" +### # tls_cert = "/etc/telegraf/cert.pem" +### # tls_key = "/etc/telegraf/key.pem" +### # insecure_skip_verify = false +### # http_proxy = "http://corporate.proxy:3128" +### # http_headers = {"X-Special-Header" = "Special-Value"} +### # content_encoding = "gzip" +### # influx_uint_support = false +### +### [[inputs.cpu]] +### percpu = false +### totalcpu = true +### collect_cpu_time = false +### report_active = false +### +### [[inputs.disk]] +### # mount_points = ["/"] +### ignore_fs = ["tmpfs", "devtmpfs", "devfs", "iso9660", "overlay", "aufs", "squashfs", "fdescfs", "procfs", "nullfs"] +### +### [[inputs.diskio]] +### # devices = ["sda", "sdb", "vd*"] +### # skip_serial_number = false +### # device_tags = ["ID_FS_TYPE", "ID_FS_USAGE"] +### # name_templates = ["$ID_FS_LABEL","$DM_VG_NAME/$DM_LV_NAME"] +### +### [[inputs.kernel]] +### +### [[inputs.mem]] +### +### [[inputs.processes]] +### +### [[inputs.swap]] +### +### [[inputs.system]] +### # fielddrop = ["uptime_format"] +### +### {{ telegraf_input_temp }} +### +### marker: '# {mark} MANAGED BY ANSIBLE - telegraf.yml' +### state: present +### create: yes # Run # diff --git a/tasks/workstation/linux/software/brave.yml b/tasks/workstation/linux/software/brave.yml index cc70373..1dc5b40 100644 --- a/tasks/workstation/linux/software/brave.yml +++ b/tasks/workstation/linux/software/brave.yml @@ -1,48 +1,87 @@ --- # Everything needed to install Brave -- name: Workstation | Software | Brave | Pre-Reqs [apt] +# 2024-05-23, No longer incude this software, has not been used since switching +# to Firefox months/years back for avoiding DRM and other junk Google stuff. +### +###- name: Workstation | Software | Brave | Pre-Reqs [apt] +### package: +### name: +### - apt-transport-https +### state: present +### when: ansible_pkg_mgr == "apt" +### +###- name: Workstation | Software | Brave | Pre-Reqs [dnf] +### package: +### name: +### - dnf-plugins-core +### state: present +### when: ansible_pkg_mgr == "dnf" +### +#### https://brave.com/linux/#debian-ubuntu-mint +###- name: Workstation | Software | Brave | Add Repo [apt] +### shell: "{{ item }}" +### loop: +### - curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg +### - echo "deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg arch=amd64] https://brave-browser-apt-release.s3.brave.com/ stable main" | tee /etc/apt/sources.list.d/brave-browser-release.list +### - apt update +### when: ansible_pkg_mgr == "apt" +### +#### https://brave.com/linux/#fedora-centos-streamrhel +###- name: Workstation | Software | Brave | Add Repo [dnf] +### shell: "{{ item }}" +### loop: +### - dnf config-manager --add-repo https://brave-browser-rpm-release.s3.brave.com/x86_64/ +### - rpm --import https://brave-browser-rpm-release.s3.brave.com/brave-core.asc +### when: ansible_pkg_mgr == "dnf" +### +#### https://brave.com/linux/#opensuse +###- name: Workstation | Software | Brave | Add Repo [zypper] +### shell: "{{ item }}" +### loop: +### - rpm --import https://brave-browser-rpm-release.s3.brave.com/brave-core.asc +### - zypper addrepo https://brave-browser-rpm-release.s3.brave.com/brave-browser.repo +### when: ansible_pkg_mgr == "zypper" +### ignore_errors: yes +### +###- name: Workstation | Software | Brave | Install +### package: +### name: +### - brave-browser +### state: present +### + +# Remove Brave Browser and Repos +# https://support.brave.com/hc/en-us/articles/4404876135565-How-do-I-uninstall-Brave + +- name: Workstation | Software | Brave | Remove package: - name: - - apt-transport-https - state: present - when: ansible_pkg_mgr == "apt" - -- name: Workstation | Software | Brave | Pre-Reqs [dnf] - package: - name: - - dnf-plugins-core - state: present - when: ansible_pkg_mgr == "dnf" - -# https://brave.com/linux/#debian-ubuntu-mint -- name: Workstation | Software | Brave | Add Repo [apt] - shell: "{{ item }}" - loop: - - curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg - - echo "deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg arch=amd64] https://brave-browser-apt-release.s3.brave.com/ stable main" | tee /etc/apt/sources.list.d/brave-browser-release.list - - apt update - when: ansible_pkg_mgr == "apt" - -# https://brave.com/linux/#fedora-centos-streamrhel -- name: Workstation | Software | Brave | Add Repo [dnf] - shell: "{{ item }}" - loop: - - dnf config-manager --add-repo https://brave-browser-rpm-release.s3.brave.com/x86_64/ - - rpm --import https://brave-browser-rpm-release.s3.brave.com/brave-core.asc - when: ansible_pkg_mgr == "dnf" - -# https://brave.com/linux/#opensuse -- name: Workstation | Software | Brave | Add Repo [zypper] - shell: "{{ item }}" - loop: - - rpm --import https://brave-browser-rpm-release.s3.brave.com/brave-core.asc - - zypper addrepo https://brave-browser-rpm-release.s3.brave.com/brave-browser.repo - when: ansible_pkg_mgr == "zypper" + name: + - brave-browser + - brave-keyring + state: absent ignore_errors: yes -- name: Workstation | Software | Brave | Install - package: - name: - - brave-browser - state: present +- name: Workstation | Software | Brave | Remove Repo [apt] + shell: "{{ item }}" + loop: + - rm /etc/apt/sources.list.d/brave-browser-*.list + - apt update + when: ansible_pkg_mgr == "apt" + ignore_errors: yes + +- name: Workstation | Software | Brave | Remove Repo [dnf] + shell: "{{ item }}" + loop: + - rm /etc/yum.repos.d/brave-browser-*.repo + - rpm -e gpg-pubkey-c2d4e821-5e7252b8 + when: ansible_pkg_mgr == "dnf" + ignore_errors: yes + +- name: Workstation | Software | Brave | Remove Repo [zypper] + shell: "{{ item }}" + loop: + - zypper removerepo brave-browser + - rpm -e gpg-pubkey-c2d4e821-5e7252b8 + when: ansible_pkg_mgr == "zypper" + ignore_errors: yes diff --git a/tasks/workstation/linux/software/flatpaks.yml b/tasks/workstation/linux/software/flatpaks.yml index 43186a1..d156148 100644 --- a/tasks/workstation/linux/software/flatpaks.yml +++ b/tasks/workstation/linux/software/flatpaks.yml @@ -52,6 +52,7 @@ - { app: "com.obsproject.Studio", name: "obs", extra: "" } - { app: "org.gimp.GIMP", name: "gimp", extra: "" } - { app: "org.openshot.OpenShot", name: "openshot", extra: "" } + - { app: "org.tenacityaudio.Tenacity", name: "tenacity", extra: "" } flatpaks_gaming: - { app: "com.valvesoftware.Steam", name: "steam", extra: "" } - { app: "com.play0ad.zeroad", name: "zeroad", extra: "" } diff --git a/tasks/workstation/shared/settings/gnome.yml b/tasks/workstation/shared/settings/gnome.yml index 5f35f76..2aed761 100644 --- a/tasks/workstation/shared/settings/gnome.yml +++ b/tasks/workstation/shared/settings/gnome.yml @@ -8,7 +8,7 @@ # Only do multiple entries per line if they are for the same exact program. gnome_favorites: "[ 'org.gnome.Terminal.desktop' , 'org.gnome.Console.desktop' - , 'gnome-system-monitor.desktop' + , 'gnome-system-monitor.desktop', 'org.gnome.SystemMonitor.desktop' , 'org.gnome.Nautilus.desktop' , 'io.gitlab.librewolf-community.desktop', 'librewolf.desktop' , 'org.mozilla.firefox.desktop', 'firefox.desktop'