3 source /a
/bin
/errhandle
/err
5 echo 1 >~
/.local
/conflink
11 Usage: ${0##*/} [OPTIONS]
12 Link or otherwise install configuration files.
14 -f For fast. Dont use lnf, use ln -sf. Good for updating existing files.
15 -v Verbose show all the files getting linked and whatnot.
30 lnf
() { /a
/exe
/lnf
"$@"; }
34 ##### begin command line parsing ########
36 # ensure we can handle args with spaces or empty.
37 ret
=0; getopt
-T || ret
=$?
38 [[ $ret == 4 ]] ||
{ echo "Install util-linux for enhanced getopt" >&2; exit 1; }
42 temp
=$
(getopt
-l help hvf
"$@") || usage
1
50 *) echo "$0: unexpected args: $*" >&2 ; usage
1 ;;
56 ##### end command line parsing ########
60 lnf
() { ln -sf "$@"; }
74 # If we make a link back to the root, we stop going deeper into subdir_files.
75 # This makes it so we can do subdir directories. eg
76 # /p/c/subdir_files/.config/gajim -> ../../gagim
78 # Also note, under filesystem/, symlinks are expanded.
84 targets
=( "$2"/!(.git|..|.|.
#*) )
86 for f
in "$1"/!(.git|..|.|.
#*); do
87 if [[ -d $f ]]; then targets
+=("$f"); fi
91 below
="$( readlink -f "$root/..
")"
92 for path
in "${targets[@]}"; do
94 fullpath
="$(readlink -f "$path")"
95 if [[ -f $path || $
(dirname "$fullpath") == "$below" ]]; then
96 m lnf
-T "$path" "$HOME/${path#$root/}"
97 elif [[ -d "$path" ]]; then
98 subdir-link-r
"$root" "$path"
104 common-file-setup
() {
105 local dir fs x f reload_systemd
106 local -a reload_services
107 local -a restart_services
111 if [[ -e $fs && $user =~ ^iank?$
]]; then
112 # we dont want t, instead c for checksum.
113 # That way we dont set times on directories.
115 cmd
=( s rsync
-rclpgoDiSAX --chown=root
:root
--chmod=g-s
116 --exclude=/etc
/dovecot
/users
117 --exclude='/etc/exim4/passwd*'
118 --exclude='/etc/exim4/*.pem'
121 while read -r line
; do
124 etc
/prometheus
/rules
/iank.yml|etc
/prometheus
/prometheus.yml
)
127 if systemctl is-active prometheus
&>/dev
/null
; then
128 v s systemctl reload prometheus
133 etc
/systemd
/system
/*)
137 restart_services
+=(dnsmasq
)
139 etc
/systemd
/resolved.conf.d
/*)
140 restart_services
+=(systemd-resolved
)
143 # Previously did this with tar, but it doesn't
144 # update directory permissions.
146 # S = do spare files efficiently
148 # X = preserve extended attributes
150 done < <("${cmd[@]}")
153 if ! $fast && [[ -e $dir/subdir_files
]]; then
154 m subdir-link-r
$dir/subdir_files
156 local x
=( $dir/!(binds|subdir_files|filesystem|machine_specific|..|.|.
#*) )
157 (( ${#x[@]} >= 1 )) ||
continue
160 if $reload_systemd; then
161 v s systemctl daemon-reload
163 for service
in ${restart_services[@]}; do
164 if systemctl is-active
$service >/dev
/null
; then
165 v s systemctl restart
$service
171 all_dirs
=({/a
/bin
/ds
,/p
/c
}{,/machine_specific
/$HOSTNAME})
172 # note, we assume a group of hosts does not have the
173 # same name as a single host, which is no problem on our scale.
174 for x
in /p
/c
/machine_specific
/*.hosts
/a
/bin
/ds
/machine_specific
/*.hosts
; do
175 if grep -qxF $HOSTNAME $x; then all_dirs
+=( ${x%.hosts} ); fi
179 c_dirs
=(/a
/c
{,/machine_specific
/$HOSTNAME})
183 for t
in systemstatus epanicclean btrfsmaintstop dynamicipupdate
; do
184 f
=/etc
/systemd
/system
/$t.timer
186 v systemctl stop
$t.timer
187 v systemctl disable
$t.timer
193 if [[ -e /etc
/cron.daily
/check-lets-encrypt-ssl-settings
]]; then
194 m s
rm -f /etc
/cron.daily
/check-lets-encrypt-ssl-settings
196 # conversion from whole folder subdir to individual files.
197 if [[ -L /home
/iank
/.config
/copyq
]]; then
198 rm -fv /home
/iank
/.config
/copyq
201 /a
/bin
/ds
/install-my-scripts
202 files
=(/p
/c
/machine_specific
/*/filesystem
/etc
/ssh
/*_key
203 /p
/c
/machine_specific
/*/filesystem
/etc
/openvpn
/client
/*.key
204 /p
/c
/filesystem
/etc
/openvpn
/client
/*.key
205 /p
/c
/filesystem
/etc
/openvpn
/easy-rsa
/keys
/*.key
207 if [[ -e ${files[0]} ]]; then
208 chmod 600 ${files[@]}
210 # p needs to go first so .ssh link is created, then config link inside it
211 m common-file-setup
${all_dirs[@]}
213 #### begin special extra stuff ####
214 install -d -m700 ~
/gpg-agent-socket
218 # reset to the original permissions.
222 s bash
-c 'shopt -s nullglob; for f in /etc/bind/*.key /etc/bind/*.private /etc/bind/key.*; do chgrp bind $f; done'
223 if [[ -e /etc
/caldav-htpasswd
]] && getent group www-data
&>/dev
/null
; then
224 s chgrp www-data
/etc
/caldav-htpasswd
226 if [[ -e /var
/lib
/znc
]] && getent group znc
; then
227 s chown
-R znc
:znc
/var
/lib
/znc
229 for f
in /etc
/prometheus-
{,export-
}htpasswd
; do
232 if getent passwd www-data
&>/dev
/null
; then
233 s chown root
:www-data
$f
237 f
=/etc
/prometheus-pass
239 # note: this is duplicative of the file's own permissions
240 s
chmod 640 $f /etc
/prometheus-pass
241 if getent passwd prometheus
&>/dev
/null
; then
242 s chown root
:prometheus
$f
245 ##### end special extra stuff #####
248 m s
-H -u user2
"${BASH_SOURCE[0]}"
251 f
=/a
/bin
/distro-setup
/system-status
256 echo 0 >~
/.local
/conflink
260 m common-file-setup
${c_dirs[@]}
263 echo "$0: error: unexpected user"; exit 1