#!/bin/bash # This file is part of Ian Kelling's automated-distro-installer # Copyright (C) 2024 Ian Kelling # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. [[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@" set -eE -o pipefail trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR this_file="$(readlink -f -- "${BASH_SOURCE[0]}")" readonly this_file this_dir="${this_file%/*}" cd "$this_dir" usage() { cat <<'EOF' usage: fai-redep [OPTIONS] [HOST] Deploy fai config (the one in nfs) to HOST or default faiserver Note, for booting from fai-cd, this needs to be called from myfai-chboot or that via pxe-server, due to setting echo FAI_ACTION=$fai_action >> /srv/fai/config/class/LAST.var note FAI_ACTION might be able to be set elsewhere, like in grub for this case -d DISTRO DISTRO for setting up fai class DESKTOP packages, for preinstalling stuff. -t TARGET_HOST Copy only secrets for TARGET_HOST into the config space. Useful for virtual server on hardware we don't control. -h|--help Print help and exit Note: uses paths specific to authors machine. EOF exit $1 } ##### begin command line parsing ######## # ensure we can handle args with spaces or empty. ret=0; getopt -T || ret=$? [[ $ret == 4 ]] || { echo "Install util-linux for enhanced getopt" >&2; exit 1; } temp=$(getopt -l help hd:t: "$@") || usage 1 eval set -- "$temp" while true; do case $1 in -d) distro=$2; shift ;; -t) target=$2; shift ;; -h|--help) usage 0 ;; --) shift; break ;; *) echo "$0: unexpected args: $*" >&2 ; usage 1 ;; esac shift done host=${1:-faiserver.b8.nz} readonly host distro target ##### end command line parsing ######## m() { printf "fai-redep: %s\n" "$*"; "$@"; } # i use faiserver as a dns alias, but ssh key is associated with # a canonical hostname and we will have ssh warning spam unless we # use it, so look it up just to avoid the warning spam. faiserver_host=$(/a/exe/chost $host) # faiserver_host=$host faiserver_addr=$(host $host | sed -rn 's/^\S+ has address //p;T;q' ||:) rsrv() { local -a opts while [[ $2 ]]; do opts+=("$1") shift done m rsync "${ropts[@]}" "${opts[@]}" "$rpath$1" } rpath=/srv if ! ip a | grep "^ *inet.\? $faiserver_addr" &>/dev/null; then ropts=(-e "ssh -F $HOME/.ssh/confighome") rpath="root@$faiserver_host:/srv" faiserver_shell="ssh -F $HOME/.ssh/confighome root@$faiserver_host" fi # these are gitignored. rsync -atL /home/iank/.ssh/authorized_keys fai/config/files/root/.ssh/authorized_keys/STANDARD # we hssh and ssh_filter_btrbk for the initial btrbk (alternatively, I could open up the # permissions in authorized_keys, but that just seems lazy) install --owner=iank --group=iank -d fai/config/files/usr/local/bin/hssh install --owner=iank --group=iank -d fai/config/files/usr/local/bin/ssh_filter_btrbk.sh rsync -atL /a/opt/btrbk/ssh_filter_btrbk.sh fai/config/files/usr/local/bin/ssh_filter_btrbk.sh/STANDARD rsrv -rlpt --delete --relative --exclude /fai/config/basefiles/ fai/config / # todo: automatically disable faiserver after a period so # these files are not available. if [[ $target ]]; then secret_files=(luks/$target luks/host-$target shadow/$target) exists=false for f in ${secret_files[@]}; do if [[ -e /q/root/$f ]]; then exists=true secrets_to_send+=("$f") fi done if $exists; then { for f in ${secrets_to_send[@]}; do echo $f done } | rsrv -lpt --files-from=- /q/root /fai/config/distro-install-common fi else rsrv -rlpt /q/root/shadow /q/root/luks /fai/config/distro-install-common fi rsrv -rlpt --delete /a/opt/btrfs-progs-release /fai/config/distro-install-common dirs=(/p/c/machine_specific/${target:-*}/filesystem/etc/ssh) if [[ -e ${dirs[0]} ]]; then rsrv -rlpt --delete --relative ${dirs[@]} /fai/config/distro-install-common fi . /a/bin/distro-setup/pkgs tmpstr=$(/a/bin/buildscripts/emacs -p && /a/bin/distro-setup/distro-pkgs $distro) declare -a pall for p in $tmpstr; do pall+=($p) done printf "%s\n%s\n" "PACKAGES install" ${pall[*]} | \ $faiserver_shell dd of=/srv/fai/config/package_config/DESKTOP status=none ||: # broken pipe rsrv -rplt --include '/*.zst' --exclude '/**' --delete-excluded $BASEFILE_DIR/ /fai/config/basefiles/