From ef6dec6de19e972150a9299e993cf54a91fccd92 Mon Sep 17 00:00:00 2001 From: Marcelo Date: Sat, 26 Oct 2024 23:19:03 +0100 Subject: [PATCH] feat: adds ability to skip hardening --- install.sh | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/install.sh b/install.sh index 5ffde2f..e730bd6 100755 --- a/install.sh +++ b/install.sh @@ -11,6 +11,7 @@ NC='\033[0m' # No color SCRIPT_DIR="${HOME}/.dotfiles" USER_EMAIL="" SKIP_REVIEW=0 +DISABLE_HARDEN=0 EDITOR="${EDITOR:-nano}" # Default to nano if EDITOR is not set # Helper function to display usage message @@ -20,6 +21,7 @@ show_help() { printf " -d, --directory Specify the directory to clone the dotfiles (default: ~/.dotfiles)\n" printf " -e, --email Provide an email to use for configuration (default: empty)\n" printf " -y, --yes Skip editor confirmation for flake.nix review\n" + printf " -n, --no-harden Skip the security hardening step\n" printf " -h, --help Show this help message\n" exit 0 } @@ -30,6 +32,7 @@ while [ "$#" -gt 0 ]; do -d|--directory) SCRIPT_DIR="$2"; shift 2;; -e|--email) USER_EMAIL="$2"; shift 2;; -y|--yes) SKIP_REVIEW=1; shift;; + -n|--no-harden) DISABLE_HARDEN=1; shift;; -h|--help) show_help;; --) shift; break;; *) printf "${RED}Error:${NC} Unknown option: $1\n"; show_help; exit 1;; @@ -72,9 +75,13 @@ if [ "$SKIP_REVIEW" -eq 0 ]; then $EDITOR "$SCRIPT_DIR/flake.nix" fi -# Apply security hardening -printf "${CYAN}Applying security hardening...${NC}\n" -sudo "$SCRIPT_DIR/harden.sh" "$SCRIPT_DIR" +# Apply security hardening if enabled +if [ "$DISABLE_HARDEN" -eq 0 ]; then + printf "${CYAN}Applying security hardening...${NC}\n" + sudo "$SCRIPT_DIR/harden.sh" "$SCRIPT_DIR" +else + printf "${YELLOW}Skipping security hardening as requested.${NC}\n" +fi # Rebuild system with new configuration printf "${CYAN}Rebuilding system with nixos-rebuild...${NC}\n"