3 source /a
/bin
/errhandle
/err
10 lnf
() { /a
/exe
/lnf
"$@"; }
17 # If we make a link back to the root, we stop going deeper into subdir_files.
18 # This makes it so we can do subdir directories.
20 # Also note, under filesystem/, symlinks are expanded.
26 targets
=( "$2"/!(.git|..|.
) )
28 for f
in "$1"/!(.git|..|.
); do
29 [[ -d $f ]] && targets
+=("$f") ||
:
32 local below
="$( readlink -f "$root/..
")"
33 for path
in "${targets[@]}"; do
34 local fullpath
="$(readlink -f "$path")"
35 #e $fullpath $below # debug
36 if [[ -f $path || $
(dirname $
(readlink
-f "$fullpath")) == "$below" ]]; then
37 m lnf
-T "$path" "$HOME/${path#$root/}"
38 elif [[ -d "$path" ]]; then
39 subdir-link-r
"$root" "$path"
47 local dir fs x bdir f dst
50 if [[ -e $fs && $USER =~ ^iank?$
]]; then
51 # note, symlinks get resolved, not copied.
52 s
tar --mode=g-s
--owner=0 --group=0 -cz -C $fs . | s
tar -xz -C /
55 if [[ -e $dir/subdir_files
]]; then
56 m subdir-link-r
$dir/subdir_files
58 local x
=( $dir/!(binds|subdir_files|filesystem|machine_specific|..|.
) )
59 (( ${#x[@]} >= 1 )) ||
continue
64 all_dirs
=({/a
/c
,/p
/c
}{,/machine_specific
/$HOSTNAME})
65 # note, we assume a group of hosts does not have the
66 # same name as a single host, which is no problem on our scale.
67 for x
in /p
/c
/machine_specific
/*.hosts
/a
/bin
/ds
/machine_specific
/*.hosts
; do
68 if grep -qxF $HOSTNAME $x; then all_dirs
+=( ${x%.hosts} ); fi
71 c_dirs
=(/a
/c
{,/machine_specific
/$HOSTNAME})
74 files
=(/p
/c
/machine_specific
/*/filesystem
/etc
/ssh
/*_key
75 /p
/c
/filesystem
/etc
/openvpn
/client
/*.key
76 /p
/c
/filesystem
/etc
/openvpn
/easy-rsa
/keys
/*.key
77 /p
/c
/machine_specific
/kw
/filesystem
/etc
/openvpn
/client
/*.key
79 if [[ -e $files ]]; then
82 # p needs to go first so .ssh link is created, then config link inside it
83 m common-file-setup
${all_dirs[@]}
85 #### begin special extra stuff ####
86 install -d -m700 ~
/gpg-agent-socket
90 # reset to the original permissions.
94 sudo bash
-c 'shopt -s nullglob; for f in /etc/bind/*.key /etc/bind/*.private /etc/bind/key.*; do chgrp bind $f; done'
95 if [[ -e /etc
/davpass
]] && getent group www-data
&>/dev
/null
; then
96 s chgrp www-data
/etc
/davpass
98 if [[ -e /var
/lib
/znc
]] && getent group znc
; then
99 s chown
-R znc
:znc
/var
/lib
/znc
101 /a
/exe
/lnf
-T /p
/arbtt-capture.log ~
/.arbtt
/capture.log
102 f
=/etc
/prometheus-htpasswd
104 s
chmod 640 $f /etc
/prometheus-pass
105 s chown root
:www-data
$f
106 if getent passwd prometheus
; then
107 s chown root
:prometheus
/etc
/prometheus-pass
111 ##### end special extra stuff #####
113 sudo bash
-c 'shopt -s nullglob; cd /etc/openvpn; for f in client/* server/*; do ln -sf $f .; done'
115 m sudo
-H -u user2
"$BASH_SOURCE"
118 m common-file-setup
${c_dirs[@]}
121 echo "$0: error: unexpected user"; exit 1