Compare commits

...

2 Commits

Author SHA1 Message Date
8e3f069c6d auth: add .eid/authorized_certificates for pam pkcs11 auth 2023-07-27 02:46:28 +08:00
5fb7ff0833
[debug] support nixos; fix ci (#41)
* support for nixos

* fix ci
2023-07-26 21:18:24 +08:00
21 changed files with 162 additions and 134 deletions

View File

@ -0,0 +1,30 @@
-----BEGIN CERTIFICATE-----
MIIFIDCCAwigAwIBAgIUK1zXH5UosBim7i+kIZyPGpowU9cwDQYJKoZIhvcNAQEL
BQAwgZUxCzAJBgNVBAYTAkNOMRAwDgYDVQQIDAdCRUlKSU5HMRAwDgYDVQQHDAdC
RUlKSU5HMRIwEAYDVQQKDAlEaWN0IFRlY2gxEDAOBgNVBAsMB1Jvb3QgQ0ExHjAc
BgNVBAMMFURpY3QgVGVjaCBSb290IENBIC0gMDEcMBoGCSqGSIb3DQEJARYNbWVA
YmVhcmRpYy5jbjAeFw0yMjA3MjIxNzU5MjNaFw0yNTA3MjExNzU5MjNaMEkxEjAQ
BgNVBAoMCURpY3QgVGVjaDEQMA4GA1UECAwHQkVJSklORzELMAkGA1UEBhMCQ04x
FDASBgNVBAMMC3NrMC5pYmQuaW5rMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlDeyFxeJ5RXFX4B3rIIpNyyAIl5VTGCT5t8g9dxFWq0MeY6nQYJPA8IJ
IH+KzzujBabyKYpzshDvMzkuhx0Kwi2VL+ckxWg5FLge3kNBJqYnBm5pPWx6o9R5
DmcWqG5KRH0FJhSmL5KeBHsVcOurDtKn174x2eB+sggCSyuWlJyn4KxPLTg8z/Nr
FP5qSY1vj6t7mpzau+eIGh8IcQiFxteN/86fKswQHint/MVaqg6vX05BuIb8xb5E
XUvPIupdc/vtD959BxnTo7UoOz+3zu/u2cj2K9IDubwe9tDpv88aj6xnfXInFouD
/mlSmvtLo1h/6arn1hurgoylh5wbOwIDAQABo4GyMIGvMAkGA1UdEwQCMAAwCwYD
VR0PBAQDAgTwMB0GA1UdDgQWBBR9DxLqtR0+zUWoPyFoDRrnyJyDBTAfBgNVHSME
GDAWgBRsprmVI/Tjey+sw4qoZpLd7PT0gTBVBgNVHSUETjBMBggrBgEFBQcDAgYI
KwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYKKwYBBAGCN0MBAQYKKwYBBAGC
N0MBAgYKKwYBBAGCNxQCAjANBgkqhkiG9w0BAQsFAAOCAgEA7BJXiRg32shmZWyY
gPjq52ffN9RDNe58KadajJ1PnVP1yNJySgsOG3eSxONQX3ITr36Ihsfb3fZneBfX
/IcXgjyvy1CDcvBBAyee91hdR8orMCePqMpeOSNP9CUp9Ctd4V+an0DE8Z1yrezA
ieaYgBZCDxuZdloYSmj9Z/Rqn2dy4dcUAxKrEwW/6VPqQNrJETTtadS1SF0EsDxV
XZpDqNYaS/N7/ciSm7TaQJud62A4m+FWWHNnttTp9IjLESr3U80+qtRY8yDNpulb
/eNL8KK9aORiFUz9789l6M62HPi6vCsMflI0iHUeoi69GKX8mKf0WFR1KxoDsJiN
DG9/1gCfj6whFCrT6fJTKAGl8Hp5toWMOeDprbsE5gf4Ik3p+sKMV9t43zNm3gvA
1zNPtgQUffPU0kONlavIxUNfCmD8qVwK5ECT7wh0hrB8fRYfxTZHgN6Yvu7M9HNz
SNt5JZCLBT4nLt0uQp9O/xctdHElZw+/W8OfnP5vxnPdccIeVOxpGIyzErwjD0+E
9mNiqOa5JV9OMAJ+0I9cbOnuMaXm4mvHZadnetUzq2ZUw1Jba7z62zIJTciNRq9i
ZJc6v5e+iqbE1ECZLco5LjWqqfvFfYCrkqeOhCRsRkVPsXnGPo2QDDYdTm4EGCmg
dVZ6R452SZsrE4V+3LR011BxzEg=
-----END CERTIFICATE-----

View File

@ -8,17 +8,17 @@ jobs:
dotfiles:
runs-on: ubuntu-20.04
steps:
- name: DictXiong/dotfiles # 名字随便起
uses: Yikun/hub-mirror-action@v1.2 # 使用Yikun/hub-mirror-action
- name: DictXiong/dotfiles
uses: Yikun/hub-mirror-action@v1.3
with:
src: github/DictXiong # 源端账户名(github)
dst: gitee/dictxiong # 目的端账户名(gitee)
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }} # SSH密钥对中的私钥
dst_token: ${{ secrets.GITEE_TOKEN }} # Gitee账户的私人令牌
src: github/DictXiong
dst: gitee/dictxiong
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }}
dst_token: ${{ secrets.GITEE_TOKEN }}
src_account_type: user
dst_account_type: user # 账户类型
clone_style: "https" # 使用https方式进行clone也可以使用ssh
debug: true # 启用后会显示所有执行命令
force_update: true # 启用后,强制同步,即强制覆盖目的端仓库
static_list: "dotfiles" # 静态同步列表,在此填写需要同步的仓库名称,可填写多个
timeout: '600s' # git超时设置超时后会自动重试git操作
dst_account_type: user
clone_style: "https"
debug: true
force_update: true
static_list: "dotfiles"
timeout: '600s'

View File

@ -7,136 +7,136 @@ jobs:
ohmyzsh:
runs-on: ubuntu-20.04
steps:
- name: ohmyzsh repo # 名字随便起
uses: Yikun/hub-mirror-action@v1.2 # 使用Yikun/hub-mirror-action
- name: ohmyzsh repo
uses: Yikun/hub-mirror-action@v1.3
with:
src: github/ohmyzsh # 源端账户名(github)
dst: gitee/dictxiong # 目的端账户名(gitee)
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }} # SSH密钥对中的私钥
dst_token: ${{ secrets.GITEE_TOKEN }} # Gitee账户的私人令牌
src: github/ohmyzsh
dst: gitee/dictxiong
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }}
dst_token: ${{ secrets.GITEE_TOKEN }}
src_account_type: org
dst_account_type: user # 账户类型
clone_style: "https" # 使用https方式进行clone也可以使用ssh
debug: true # 启用后会显示所有执行命令
force_update: true # 启用后,强制同步,即强制覆盖目的端仓库
static_list: "ohmyzsh" # 静态同步列表,在此填写需要同步的仓库名称,可填写多个
timeout: '600s' # git超时设置超时后会自动重试git操作
dst_account_type: user
clone_style: "https" # https/ssh
debug: true # print all commands
force_update: true
static_list: "ohmyzsh"
timeout: '600s'
zsh-users:
runs-on: ubuntu-20.04
steps:
- name: zsh-users repos # 名字随便起
uses: Yikun/hub-mirror-action@v1.2 # 使用Yikun/hub-mirror-action
- name: zsh-users repos
uses: Yikun/hub-mirror-action@v1.3
with:
src: github/zsh-users # 源端账户名(github)
dst: gitee/dictxiong # 目的端账户名(gitee)
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }} # SSH密钥对中的私钥
dst_token: ${{ secrets.GITEE_TOKEN }} # Gitee账户的私人令牌
src: github/zsh-users
dst: gitee/dictxiong
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }}
dst_token: ${{ secrets.GITEE_TOKEN }}
src_account_type: org
dst_account_type: user # 账户类型
clone_style: "https" # 使用https方式进行clone也可以使用ssh
debug: true # 启用后会显示所有执行命令
force_update: true # 启用后,强制同步,即强制覆盖目的端仓库
static_list: "antigen,zsh-syntax-highlighting,zsh-autosuggestions,zsh-completions" # 静态同步列表,在此填写需要同步的仓库名称,可填写多个
timeout: '600s' # git超时设置超时后会自动重试git操作
dst_account_type: user
clone_style: "https"
debug: true
force_update: true
static_list: "antigen,zsh-syntax-highlighting,zsh-autosuggestions,zsh-completions"
timeout: '600s'
zdharma-continuum:
runs-on: ubuntu-20.04
steps:
- name: zdharma-continuum repos # 名字随便起
uses: Yikun/hub-mirror-action@v1.2 # 使用Yikun/hub-mirror-action
- name: zdharma-continuum repos
uses: Yikun/hub-mirror-action@v1.3
with:
src: github/zdharma-continuum # 源端账户名(github)
dst: gitee/dictxiong # 目的端账户名(gitee)
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }} # SSH密钥对中的私钥
dst_token: ${{ secrets.GITEE_TOKEN }} # Gitee账户的私人令牌
src: github/zdharma-continuum
dst: gitee/dictxiong
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }}
dst_token: ${{ secrets.GITEE_TOKEN }}
src_account_type: org
dst_account_type: user # 账户类型
clone_style: "https" # 使用https方式进行clone也可以使用ssh
debug: true # 启用后会显示所有执行命令
force_update: true # 启用后,强制同步,即强制覆盖目的端仓库
static_list: "fast-syntax-highlighting" # 静态同步列表,在此填写需要同步的仓库名称,可填写多个
timeout: '600s' # git超时设置超时后会自动重试git操作
dst_account_type: user
clone_style: "https"
debug: true
force_update: true
static_list: "fast-syntax-highlighting"
timeout: '600s'
tmux-mem-cpu-load:
runs-on: ubuntu-20.04
steps:
- name: thewtex/tmux-mem-cpu-load # 名字随便起
uses: Yikun/hub-mirror-action@v1.2 # 使用Yikun/hub-mirror-action
- name: thewtex/tmux-mem-cpu-load
uses: Yikun/hub-mirror-action@v1.3
with:
src: github/thewtex # 源端账户名(github)
dst: gitee/dictxiong # 目的端账户名(gitee)
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }} # SSH密钥对中的私钥
dst_token: ${{ secrets.GITEE_TOKEN }} # Gitee账户的私人令牌
src: github/thewtex
dst: gitee/dictxiong
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }}
dst_token: ${{ secrets.GITEE_TOKEN }}
src_account_type: user
dst_account_type: user # 账户类型
clone_style: "https" # 使用https方式进行clone也可以使用ssh
debug: true # 启用后会显示所有执行命令
force_update: true # 启用后,强制同步,即强制覆盖目的端仓库
static_list: "tmux-mem-cpu-load" # 静态同步列表,在此填写需要同步的仓库名称,可填写多个
timeout: '600s' # git超时设置超时后会自动重试git操作
dst_account_type: user
clone_style: "https"
debug: true
force_update: true
static_list: "tmux-mem-cpu-load"
timeout: '600s'
tmux-plugins:
runs-on: ubuntu-20.04
steps:
- name: tmux-plugins # 名字随便起
uses: Yikun/hub-mirror-action@v1.2 # 使用Yikun/hub-mirror-action
- name: tmux-plugins
uses: Yikun/hub-mirror-action@v1.3
with:
src: github/tmux-plugins # 源端账户名(github)
dst: gitee/dictxiong # 目的端账户名(gitee)
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }} # SSH密钥对中的私钥
dst_token: ${{ secrets.GITEE_TOKEN }} # Gitee账户的私人令牌
src: github/tmux-plugins
dst: gitee/dictxiong
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }}
dst_token: ${{ secrets.GITEE_TOKEN }}
src_account_type: org
dst_account_type: user # 账户类型
clone_style: "https" # 使用https方式进行clone也可以使用ssh
debug: true # 启用后会显示所有执行命令
force_update: true # 启用后,强制同步,即强制覆盖目的端仓库
static_list: "tpm,tmux-resurrect" # 静态同步列表,在此填写需要同步的仓库名称,可填写多个
timeout: '600s' # git超时设置超时后会自动重试git操作
dst_account_type: user
clone_style: "https"
debug: true
force_update: true
static_list: "tpm,tmux-resurrect"
timeout: '600s'
vundle-vim:
runs-on: ubuntu-20.04
steps:
- name: VundleVim/Vundle-vim # 名字随便起
uses: Yikun/hub-mirror-action@v1.2 # 使用Yikun/hub-mirror-action
- name: VundleVim/Vundle-vim
uses: Yikun/hub-mirror-action@v1.3
with:
src: github/VundleVim # 源端账户名(github)
dst: gitee/dictxiong # 目的端账户名(gitee)
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }} # SSH密钥对中的私钥
dst_token: ${{ secrets.GITEE_TOKEN }} # Gitee账户的私人令牌
src: github/VundleVim
dst: gitee/dictxiong
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }}
dst_token: ${{ secrets.GITEE_TOKEN }}
src_account_type: org
dst_account_type: user # 账户类型
clone_style: "https" # 使用https方式进行clone也可以使用ssh
debug: true # 启用后会显示所有执行命令
force_update: true # 启用后,强制同步,即强制覆盖目的端仓库
static_list: "Vundle.vim" # 静态同步列表,在此填写需要同步的仓库名称,可填写多个
timeout: '600s' # git超时设置超时后会自动重试git操作
dst_account_type: user
clone_style: "https"
debug: true
force_update: true
static_list: "Vundle.vim"
timeout: '600s'
onedark-vim:
runs-on: ubuntu-20.04
steps:
- name: joshdick/onedark-vim # 名字随便起
uses: Yikun/hub-mirror-action@v1.2 # 使用Yikun/hub-mirror-action
- name: joshdick/onedark-vim
uses: Yikun/hub-mirror-action@v1.3
with:
src: github/joshdick # 源端账户名(github)
dst: gitee/dictxiong # 目的端账户名(gitee)
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }} # SSH密钥对中的私钥
dst_token: ${{ secrets.GITEE_TOKEN }} # Gitee账户的私人令牌
src: github/joshdick
dst: gitee/dictxiong
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }}
dst_token: ${{ secrets.GITEE_TOKEN }}
src_account_type: user
dst_account_type: user # 账户类型
clone_style: "https" # 使用https方式进行clone也可以使用ssh
debug: true # 启用后会显示所有执行命令
force_update: true # 启用后,强制同步,即强制覆盖目的端仓库
static_list: "onedark.vim" # 静态同步列表,在此填写需要同步的仓库名称,可填写多个
timeout: '600s' # git超时设置超时后会自动重试git操作
dst_account_type: user
clone_style: "https"
debug: true
force_update: true
static_list: "onedark.vim"
timeout: '600s'
fzf:
runs-on: ubuntu-20.04
steps:
- name: junegunn/fzf # 名字随便起
uses: Yikun/hub-mirror-action@v1.2 # 使用Yikun/hub-mirror-action
- name: junegunn/fzf
uses: Yikun/hub-mirror-action@v1.3
with:
src: github/junegunn # 源端账户名(github)
dst: gitee/dictxiong # 目的端账户名(gitee)
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }} # SSH密钥对中的私钥
dst_token: ${{ secrets.GITEE_TOKEN }} # Gitee账户的私人令牌
src: github/junegunn
dst: gitee/dictxiong
dst_key: ${{ secrets.GITEE_PRIVATE_KEY }}
dst_token: ${{ secrets.GITEE_TOKEN }}
src_account_type: user
dst_account_type: user # 账户类型
clone_style: "https" # 使用https方式进行clone也可以使用ssh
debug: true # 启用后会显示所有执行命令
force_update: true # 启用后,强制同步,即强制覆盖目的端仓库
static_list: "fzf" # 静态同步列表,在此填写需要同步的仓库名称,可填写多个
timeout: '600s' # git超时设置超时后会自动重试git操作
dst_account_type: user
clone_style: "https"
debug: true
force_update: true
static_list: "fzf"
timeout: '600s'

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
THIS_FILE=$(basename "${BASH_SOURCE}")

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -e
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
source "$THIS_DIR/tools/common.sh"
@ -26,6 +26,8 @@ declare -a HOME_SYMLINKS_SRC
declare -a HOME_SYMLINKS_DST
HOME_SYMLINKS_SRC[0]=".ssh/authorized_keys2"
HOME_SYMLINKS_DST[0]=".ssh/authorized_keys2"
HOME_SYMLINKS_SRC[1]=".eid/authorized_certificates"
HOME_SYMLINKS_DST[1]=".eid/authorized_certificates"
install_dependencies()
{

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
source "$THIS_DIR/../tools/common.sh"

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
source "$THIS_DIR/../tools/common.sh"

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -e
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
source "$THIS_DIR/../tools/common.sh"

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
# connect to iot services
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
source "$THIS_DIR/../tools/common.sh"

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -e
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
source "$THIS_DIR/common.sh"

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -e
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
source "$THIS_DIR/common.sh"

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -e
THIS_DIR_COMMON_SH=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
export DOTFILES=$( cd "$THIS_DIR_COMMON_SH/.." && pwd )

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -e
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
@ -162,4 +162,4 @@ router()
esac
}
router "${GOT_OPTS[@]}"
router "${GOT_OPTS[@]}"

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -e
ARG=""
GOT_OPTS=()

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -e
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
source "$THIS_DIR/common.sh"

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -e
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
source "$THIS_DIR/common.sh"

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -e
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
export DFS_COLOR=1
@ -7,7 +7,7 @@ source "$THIS_DIR/common.sh"
find_so_file()
{
local SO_PATHS=( "/usr/lib64/opensc-pkcs11.so" "/usr/local/lib/opensc-pkcs11.so" )
local SO_PATHS=( "/usr/lib64/opensc-pkcs11.so" "/usr/local/lib/opensc-pkcs11.so" "/run/current-system/sw/lib/opensc-pkcs11.so" )
local SO_FILE
for SO_FILE in ${SO_PATHS[*]}; do
if [[ -f "$SO_FILE" ]]; then
@ -19,12 +19,7 @@ find_so_file()
create_agent()
{
local SO_FILE=$(find_so_file)
if [[ -n "$SO_FILE" ]]; then
fmt_note "opensc-pkcs11.so found"
SO_FILE="-P $SO_FILE"
fi
ssh-agent $SO_FILE
ssh-agent -P "/usr/lib64/*,/usr/local/lib/*,/nix/store/*"
}
kill_agent()
@ -106,4 +101,4 @@ route()
esac
}
route "$@"
route "$@"

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -ex
OPTS='-a -bcl --color --arg1=1 --arg2 2 " 1 2" yes'
TARGET_OPTS='-a -b -c --arg1 1 --arg2 2 1 2 yes'

View File

@ -13,6 +13,7 @@ l
pwd
test -f .zshrc2
diff -q ./.ssh/authorized_keys2 ~/.ssh/authorized_keys2
diff -q ./.eid/authorized_certificates ~/.eid/authorized_certificates
grep -q ".zshrc2" ~/.zshrc
# check scripts and functions

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
declare -A INSTALL_COMMANDS
INSTALL_COMMANDS=(\

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
set -e
THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
source "$THIS_DIR/common.sh"