final config ... sooo

2026-02-26 23:07:20 +01:00
parent 7c53335966
commit ba58953a8c
3 changed files with 188 additions and 43 deletions
--- a/scripts/post-install.sh
+++ b/scripts/post-install.sh
@@ -23,6 +23,7 @@ function desktop() {
    nautilus
  systemctl set-default graphical.target
  info "Desktop installed."
+  echo desktop >>/tmp/installer
 }

 function docker() {
@@ -45,15 +46,56 @@ function docker() {
  usermod -aG docker alfoldi
  systemctl enable docker
  info "Docker installed."
+  echo docker >>/tmp/installer
 }

-function himmelblau() {
-  # ─── HIMMELBLAU (Azure Entra ID) ─────────────────────────────────────────────
-  info "Installing Himmelblau..."
-  apt install curl && curl -fsSL https://packages.himmelblau-idm.org/himmelblau.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/himmelblau.gpg
-  add-apt-repository "deb [arch=amd64] https://packages.himmelblau-idm.org/stable/latest/deb/ubuntu24.04/ ./"
-  apt install -y himmelblau pam-himmelblau nss-himmelblau
-  info "Himmelblau installed."
+function intune() {
+  #   # ─── HIMMELBLAU (Azure Entra ID) ─────────────────────────────────────────────
+  #   info "Installing Himmelblau..."
+  #   curl -fsSL https://packages.himmelblau-idm.org/himmelblau.asc | gpg --dearmor -o /etc/apt/trusted.gpg.d/himmelblau.gpg
+  #   add-apt-repository -y "deb [arch=amd64] https://packages.himmelblau-idm.org/stable/latest/deb/ubuntu24.04/ ./"
+  #
+  #   # Pre-seed kerberos to avoid interactive prompts
+  #   echo "krb5-config krb5-config/default_realm string EXAMPLE.COM" | debconf-set-selections
+  #   echo "krb5-config krb5-config/add_servers boolean false" | debconf-set-selections
+  #   echo "krb5-config krb5-config/add_servers_realm string EXAMPLE.COM" | debconf-set-selections
+  #
+  #   # Himmelblau
+  #   DEBIAN_FRONTEND=noninteractive apt-get install -y -o Dpkg::Options::="--force-confold" \
+  #     himmelblau \
+  #     pam-himmelblau \
+  #     nss-himmelblau \
+  #     himmelblau-sshd-config \
+  #     himmelblau-qr-greeter \
+  #     himmelblau-sso
+  #   # o365
+  #   info "Himmelblau installed."
+  #
+  #   # 2. Fix PAM immediately after
+  #   sudo tee /etc/pam.d/common-auth <<'EOF'
+  # auth    required                              pam_env.so
+  # auth    [default=1 ignore=ignore success=ok]  pam_localuser.so
+  # auth    sufficient                            pam_unix.so nullok try_first_pass
+  # auth    sufficient                            pam_himmelblau.so ignore_unknown_user
+  # auth    required                              pam_deny.so
+  # EOF
+  #
+  #   sudo tee /etc/pam.d/common-account <<'EOF'
+  # account [default=1 ignore=ignore success=ok]  pam_localuser.so
+  # account sufficient                            pam_unix.so
+  # account sufficient                            pam_himmelblau.so ignore_unknown_user
+  # account required                              pam_deny.so
+  # EOF
+
+  curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor >microsoft.gpg
+  sudo install -o root -g root -m 644 microsoft.gpg /etc/apt/trusted.gpg.d/
+  rm microsoft.gpg
+
+  sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos/edge stable main" > /etc/apt/sources.list.d/microsoft-edge.list'
+
+  sudo apt update
+  sudo apt install microsoft-edge-stable intune-portal
+  echo intune >>/tmp/installer
 }

 function nix_home_manager() {
@@ -70,24 +112,35 @@ function nix_home_manager() {

  info "Installing home-manager..."
  nix-shell '<home-manager>' -A install
+  echo nix_home_manager >>/tmp/installer
+}
+
+function displaylink_driver() {
+  # DisplayLink
+  curl -fsSL -o /tmp/synaptics-keyring.deb \
+    "https://www.synaptics.com/sites/default/files/Ubuntu/pool/stable/main/all/synaptics-repository-keyring.deb"
+  apt-get install -y /tmp/synaptics-keyring.deb
+  apt-get update
+  apt-get install -y displaylink-driver
 }

 function main() {
  desktop || true
  docker || true
-  himmelblau || true
+  intune || true
  nix_home_manager || true
-
-  # ─── DARK THEME ──────────────────────────────────────────────────────────────
-  info "Setting dark theme..."
-  gsettings set org.gnome.desktop.interface color-scheme prefer-dark
-  gsettings set org.gnome.desktop.interface gtk-theme Adwaita-dark
+  displaylink_driver || true

  # ─── DASH TO PANEL ───────────────────────────────────────────────────────────
  info "Installing Dash to Panel..."
-  # gext install dash-to-panel@jderose9.github.com
-  apt install gnome-shell-extension-dashtopanel
-  gnome-extensions enable dash-to-panel@jderose9.github.com
+  sudo -u alfoldi bash -c '
+  cd /tmp
+  git clone https://github.com/home-sweet-gnome/dash-to-panel.git || true
+  cd dash-to-panel
+  make install
+  '
+
+  dconf update

  # ─── SSH ─────────────────────────────────────────────────────────────────────
  info "Enabling SSH..."
@@ -99,6 +152,9 @@ function main() {
  chmod 440 /etc/sudoers.d/alfoldi

  info "Post-install complete ✓"
+  systemctl start gdm
 }

-# start main
+if [[ "$1" = "main" ]]; then
+  main
+fi