# -r = recursive
# -i = ignore non-matching class warnings, always exit 0
# -B = no backup files
-fcopy -riB /boot
+fcopy -riBM /boot
# this is also done by FABASE/10-misc by default (without B)
-fcopy -riB /root
-fcopy -riB /usr/local/bin
+fcopy -riBM /root
+fcopy -riBM /usr/local/bin
+
+# this gets done by fai, but just happens too often that
+# I add sources due to new distros, whatever.
+fcopy -riBM /etc/apt/preferences.d
+fcopy -riBM /etc/apt/sources.list.d
src=$FAI/distro-install-common/shadow
# this can fail if we need an apt update
chroot $FAI_ROOT /usr/bin/apt-cache policy >$tmpfile1 ||:
fcopy -riBM /etc/apt
+
+# get ubuntu key, for running from fai wrapper.
+apt-key add $FAI/package_config/UBUNTU.asc
+
tmpfile2=$(mktemp)
chroot $FAI_ROOT /usr/bin/apt-cache policy >$tmpfile2
if ! diff -q $tmpfile1 $tmpfile2; then
fi
# use networkmanager if this host has wireless.
-if type -p iw &>/dev/null && [[ $(iw dev) ]]; then
+if [[ $HOSTNAME == bo ]] || type -p iw &>/dev/null && [[ $(iw dev) ]]; then
chroot $FAI_ROOT bash <<EOF
apt-get -y install network-manager
EOF
iface lo inet loopback
iface eth0 inet static
address 10.3.0.2/16
+
+source-directory /etc/network/interfaces.d
EOF
fi
iface lo inet loopback
iface eth0 inet dhcp
iface eth0 inet6 auto
+
+source-directory /etc/network/interfaces.d
EOF
# previously had an else condition after
iface eth0 inet6 static
# from a requested /64 pool
address 2600:3c00:e000:280::2/64
+
+source-directory /etc/network/interfaces.d
EOF
fi
fi
#### begin .ssh setup ###
set -x
set -eE -o pipefail
-mkdir -p /home/iank/.ssh
-f=/root/.ssh/authorized_keys
-if [[ -e $f ]]; then
- cp $f /home/iank/.ssh
+if ! [[ -s /home/iank/.ssh/authorized_keys ]]; then
+ mkdir -p /home/iank/.ssh
+ f=/root/.ssh/authorized_keys
+ if [[ -e $f ]]; then
+ cp $f /home/iank/.ssh
+ fi
+ chown -R 1000:1000 /home/iank/.ssh
+ chmod -R u=Xrw,og= /home/iank/.ssh
+ rm -rf /root/.ssh
+ # remove broken symlinks or the following cp will fail
+ find /home/iank/.ssh -xtype l -exec rm '{}' \;
+ cp -rL /home/iank/.ssh /root
+ chown -R root:root /root/.ssh
+ chmod 700 /root/.ssh
fi
-chown -R 1000:1000 /home/iank/.ssh
-chmod -R u=Xrw,og= /home/iank/.ssh
-rm -rf /root/.ssh
-# remove broken symlinks or the following cp will fail
-find /home/iank/.ssh -xtype l -exec rm '{}' \;
-cp -rL /home/iank/.ssh /root
-chown -R root:root /root/.ssh
-chmod 700 /root/.ssh
-# https://ticktockhouse.svbtle.com/my-obligatory-ubuntu-ssh-agent-post
-# systemctl --user is not available at fai time, so create the link ourselves
-d=/home/iank/.config/systemd/user/default.target.wants
-sudo -u iank mkdir -p $d
-sudo -u iank ln -sf /usr/lib/systemd/user/ssh-agent.service $d
+
+# old link from
+# # https://ticktockhouse.svbtle.com/my-obligatory-ubuntu-ssh-agent-post
+# but that made a service that started too soon and didn't pick up our
+# x env vars. instead, copy from the root ssh-agent just the
+# appropriate things into a new service.
+rm -f /home/iank/.config/systemd/user/default.target.wants/ssh-agent.service
+
+rm -f /home/iank/.local/share/systemd/user/sshaiank.service \
+ /home/iank/.config/systemd/user/default.target.wants/sshaiank.service
+
#### end .ssh setup ###
## duplicated in ssh-emacs-setup
grep -xFq "$line" $f || tee -a $f <<<"$line"
-# default debian groups (jessie through buster) + adm, sudo, root, admin
+# default debian groups (jessie through buster) + adm, root, admin
for g in cdrom floppy audio dip video plugdev netdev adm sudo admin; do
if getent group $g >/dev/null; then
usermod -aG $g iank