#!/bin/bash -x
+# This file is part of Ian Kelling's automated-distro-installer
+# Copyright (C) 2024 Ian Kelling
+
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
exit 1
fi
+# ignore this line. hack to make shellcheck ignore $target
+if [[ ! $target ]]; then target=; fi
+
if ! type -t fcopy &>/dev/null; then
sudo apt-get -y install fai-client
fi
-if [[ -e /a/bin/fai/fai-wrapper ]]; then
- chroot() {
- shift
- "$@"
- }
-fi
-
-
-
# -r = recursive
# -i = ignore non-matching class warnings, always exit 0
# -B = no backup files
-fcopy -riBM /boot
+fcopy -riB /boot
# this is also done by FAIBASE/10-misc by default (without B)
-fcopy -riBM /root
-fcopy -riBM /usr/local/bin
+fcopy -riB /usr/local/bin
+
+fcopy -riB /etc/apt/logind.conf.d
# this gets done by fai, but just happens too often that
# I add sources due to new distros, whatever.
-fcopy -riBM /etc/apt/preferences.d
-fcopy -riBM /etc/apt/sources.list.d
+fcopy -riB /etc/apt/preferences.d
+fcopy -riB /etc/apt/sources.list.d
src=$FAI/distro-install-common/shadow
mount -o bind $src $dst
fi
+
+
$FAI/distro-install-common/end
# I run this as a single post-fai script to update things that have changed.
tmpfile1=$(mktemp)
# this can fail if we need an apt update
-chroot $FAI_ROOT /usr/bin/apt-cache policy >$tmpfile1 ||:
-fcopy -riBM /etc/apt
-
-# get ubuntu key, for running from fai wrapper.
-apt-key add $FAI/package_config/UBUNTU.asc
+$ROOTCMD /usr/bin/apt-cache policy >$tmpfile1 ||:
+fcopy -riB /etc/apt
tmpfile2=$(mktemp)
-chroot $FAI_ROOT /usr/bin/apt-cache policy >$tmpfile2
+$ROOTCMD /usr/bin/apt-cache policy >$tmpfile2
if ! diff -q $tmpfile1 $tmpfile2; then
- chroot $FAI_ROOT /usr/bin/apt update
+ $ROOTCMD /usr/bin/apt update
fi
# outside of fai, this seems to regularly lead to
# E: Could not get lock /var/lib/apt/lists/lock - open (11: Resource temporarily unavailable)
#### misc configurations
-chroot $FAI_ROOT bash <<'EOFOUTER'
-if getent group systemd-journal >/dev/null; then
- # makes the journal be saved to disk.
- mkdir -p /var/log/journal
- chmod 755 /var/log/journal
-fi
-debconf-set-selections <<EOF
-kexec-tools kexec-tools/load_kexec boolean false
-EOF
-apt-get install -y pxe-kexec
-
-# this is usefull. Only thing reason I see this being disabled by default is
-# that a normal user can disrupt the system, eg cause a reboot.
-sed -i '$a kernel.sysrq=1
-/^kernel.sysrq=/d' /etc/sysctl.conf
-
-EOFOUTER
-
if [[ $FAI_ACTION != dirinstall ]] && ! ifclass NOCRYPT; then
- # luks options, see man systemd-cryptsetup-generator
- # all i know is that with luks.crypttab=no, swap still timed out on boot.
- # and with rd.luks.crypttab=no, it works.
if ifclass LINODE; then
speed=19200
cmdline="rd.luks.crypttab=no net.ifnames=0 console=ttyS0,${speed}n8"
WantedBy=dev-disk-by\x2did-ata\x2dSamsung_SSD_870_QVO_8TB_S5VUNG0N900656V.device
EOF
- chroot $FAI_ROOT bash <<'EOFOUTER'
+ $ROOTCMD bash <<'EOFOUTER'
systemctl enable myncq.service
/usr/bin/myncq no-upgrub
EOFOUTER
- ;;
+ ;;&
# per rubens suggestion to make a d16 more stable
kd|kw) cmdline+=" pci=realloc=off" ;;
esac
fi
- cat >$FAI_ROOT/etc/grub.d/40_custom <<EOF
-#!/bin/sh
-exec tail -n +3 \$0
-# This file provides an easy way to add custom menu entries. Simply type the
-# menu entries you want to add after this comment. Be careful not to change
-# the 'exec tail' line above.
-
-# https://www.coreboot.org/Serial_console # tty
-# but removed unneeded stuff
-
-serial --speed=$speed
-terminal_input --append serial
-terminal_output --append serial
-EOF
-
-
- chroot $FAI_ROOT bash <<EOF
-set -eE -o pipefail
-# https://askubuntu.com/questions/33416/how-do-i-disable-the-boot-splash-screen-and-only-show-kernel-and-boot-text-inst
-
-sed -ri 's/(^GRUB_CMDLINE_LINUX_DEFAULT=")quiet/\1/;s/^(GRUB_CMDLINE_LINUX_DEFAULT=".*) quiet([ "])/\1\2/' /etc/default/grub
-sed -ri 's/(^GRUB_CMDLINE_LINUX_DEFAULT=")splash/\1/;s/^(GRUB_CMDLINE_LINUX_DEFAULT=".*) splash([ "])/\1\2/' /etc/default/grub
-
-for arg in $cmdline; do
- if ! grep "^GRUB_CMDLINE_LINUX_DEFAULT=.*[\" ]${arg//./\\.}[\" ]" /etc/default/grub; then
- sed -ri "s/^GRUB_CMDLINE_LINUX_DEFAULT=\"(.*)/GRUB_CMDLINE_LINUX_DEFAULT=\"$arg \1/" /etc/default/grub
- fi
-done
-
-if grep -qF "$cmdline" /etc/default/grub; then
- # already set things, exit
- exit 0
-fi
-sed -ri 's/^ *GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT="$cmdline"/' /etc/default/grub
-# on xenial, no grub is displayed at all. fix that.
-# found just by noticing this in the config file, and a
-# warning about it in error.log
-sed -i '/^ *GRUB_HIDDEN_TIMEOUT/d' /etc/default/grub
-
-if type -P update-grub2 &>/dev/null; then
- update-grub2
-else
- update-grub
-fi
-
-EOF
fi ##### end != dirinstall && != NOCRYPT
# xorg stopped load nouveau
# https://www.linuxquestions.org/questions/slackware-14/kernel-modules-conflicting-with-nouveau-driver-4175623867/
# https://nouveau.freedesktop.org/InstallNouveau.html
-if lspci|grep -q 'GeForce GTX 6[0-9][0-9]\]'; then
+# And now in t11, things got worse with a newer card also not loading
+# nouveau when it did in t10.
+if lspci|grep -q 'VGA compatible controller: NVIDIA'; then
mkdir -p $target/etc/X11/xorg.conf.d/
cat >$target/etc/X11/xorg.conf.d/10-nouveau.conf <<'EOF'
Section "Device"
fi
# use networkmanager if this host has wireless.
-if [[ $HOSTNAME == bo ]] || type -p iw &>/dev/null && [[ $(iw dev) ]]; then
- chroot $FAI_ROOT bash <<EOF
+if [[ $(iw dev) || $HOSTNAME == so ]]; then
+ $ROOTCMD bash -xe <<EOF
apt-get -y install network-manager
EOF
# allow networkmanager to manage interfaces
#https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1638842
- touch $target/etc/NetworkManager/conf.d/10-globally-managed-devices.conf
+ # touch $target/etc/NetworkManager/conf.d/10-globally-managed-devices.conf
+ #
+ # in 24.04, netplan takes over and nm won't automatically connect any
+ # ethernet devices. Ya, man NetworkManager helpfully suggests the
+ # config setting device*.managed=1, but of course that isn't REAL
+ # setting, you go to man NetworkManager.conf and find that every
+ # setting has a section. So what section is that setting in? It
+ # doesn't tell you. You have to figure out that it is implied that a
+ # setting x.y means section x, setting y. Ok, but what section is
+ # device*? that isn't documented in the man page either (at least not
+ # properly). But if you read closely, you can intuit that device* is
+ # likely a valid section and then try it. Might as use this same magic
+ # config file name since it is supposed to exist, but I have no idea
+ # if it is still magic. note: In figuring this out, I also removed
+ # /etc/netplan/*, which seemed to have no effect. dunno if it matters.
+ cat >$target/etc/NetworkManager/conf.d/10-globally-managed-devices.conf <<'EOF'
+[device*]
+managed=1
+EOF
# in a default desktop install, it looks like netplan creates this file under
# run/NetworkManager/conf.d in early boot.
[main]
dns=systemd-resolved
EOF
- if [[ $HOSTNAME == frodo ]]; then
- cat > $target/etc/network/interfaces <<-EOF
-# generated by FAI
-auto lo eth0
-iface lo inet loopback
-iface eth0 inet static
-address 10.3.0.2/16
-source-directory /etc/network/interfaces.d
-EOF
+
+ if [[ ! $FAI_WRAPPER || $SSH_CLIENT ]]; then
+ # for running from fai or remote connections, don't kill the internet
+ ethusb_arg=-c
+ fi
+ if [[ $(dig +short @10.2.0.1 -x 10.2.0.2 2>&1 ||:) == kd.b8.nz. ]] \
+ && ip n show 10.2.0.1 | grep . &>/dev/null; then
+ # we are at_home
+ $FAI/distro-install-common/ethusb-static $ethusb_arg
+ else
+ $FAI/distro-install-common/ethusb-static off $ethusb_arg
fi
+
else
cat > $target/etc/network/interfaces <<-EOF
# generated by FAI
if ifclass LINODE; then
mkdir -p $target/etc/initramfs-tools/conf.d
+ # shellcheck disable=SC2154 # comes with LINODE environment
cat >$target/etc/initramfs-tools/conf.d/mine <<EOF
# dhcp in initramfs doesn't work on linode. i dunno why, whatever.
# man 5 initramfs.conf
if [[ $HOSTNAME == li ]]; then
-
cat > $target/etc/network/interfaces <<-EOF
# generated by FAI
auto lo eth0
fi
fi
-# I prefer to stick with ifup/down for now. a. networkd is not in its
-# own package, so cant use in other init systems. b. it works fine.
-chroot $FAI_ROOT bash <<EOF
-systemctl disable systemd-networkd.socket systemd-networkd networkd-dispatcher systemd-networkd-wait-online
-systemctl mask systemd-networkd.socket systemd-networkd networkd-dispatcher systemd-networkd-wait-online
-EOF
##### end network setup #####
-if ifclass VOL_BULLSEYE_BOOTSTRAP; then
+if ifclass VOL_BULLSEYE_BOOTSTRAP || ifclass VOL_BOOKWORM_BOOTSTRAP; then
fcopy /etc/systemd/system/faicheck.service
- chroot $FAI_ROOT bash <<'EOFOUTER'
+ $ROOTCMD bash <<'EOFOUTER'
systemctl enable faicheck.service
EOFOUTER
exit 0 # avoid unnecessary stuff in bootstrap vol
## misc settings
-chroot $FAI_ROOT bash <<'EOFOUTER'
+$ROOTCMD bash <<'EOFOUTER'
#### begin .ssh setup ###
set -x
set -eE -o pipefail
# but that made a service that started too soon and didn't pick up our
# x env vars. instead, copy from the root ssh-agent just the
# appropriate things into a new service.
-rm -f /home/iank/.config/systemd/user/default.target.wants/ssh-agent.service
rm -f /home/iank/.local/share/systemd/user/sshaiank.service \
/home/iank/.config/systemd/user/default.target.wants/sshaiank.service
for g in plugdev audio video cdrom; do
$ROOTCMD usermod -a -G $g user2
done
+
+## begin get new kernel and btrfs-progs ##
+case $HOSTNAME in
+ sy|so)
+ # on sy t11, severe wifi degredation on 6.8
+ # on so t11, no x11 display on 6.8
+ $FAI/distro-install-common/install-mainline-kernel-debs stable
+ ;;
+ *)
+ if ! $ROOTCMD dpkg -s -- freesh-archive-keyring 2>&1 | grep -Fx "Status: install ok installed" &>/dev/null; then
+ apt-get -y install wget
+ wget -O /target/tmp/x.deb https://linux-libre.fsfla.org/pub/linux-libre/freesh/pool/main/f/freesh-archive-keyring/freesh-archive-keyring_1.1_all.deb
+ $ROOTCMD dpkg -i /tmp/x.deb
+ $ROOTCMD apt-get update
+ $ROOTCMD apt-get -y install linux-libre
+ fi
+ ;;
+esac
+
+pre=https://mirrors.edge.kernel.org/pub/linux/kernel/people/kdave/btrfs-progs
+tarball=$(curl -s $pre/sha256sums.asc \
+ | awk '$2 ~ /^btrfs-progs-v/ { print $2 }' | grep -v -- -rc | grep "^btrfs-progs-v.*gz\$" | sort -V | tail -n1)
+url="$pre/$tarball"
+dir=${tarball%.tar.gz}
+ver=${dir#btrfs-progs-}
+cur_ver=$($ROOTCMD btrfs --version 2>/dev/null | awk '{print $2}') ||:
+
+if [[ $FAI_ROOT == / ]]; then
+ bp_dir=/a/opt/btrfs-progs-release
+else
+ bp_dir=$FAI/distro-install-common/btrfs-progs-release
+fi
+if [[ $ver != "$cur_ver" ]]; then
+ if [[ $ver != "$($bp_dir/btrfs --version 2>/dev/null | awk '{print $2}')" ]]; then
+ cd $target/tmp
+ wget $url
+ tar xzf $tarball
+ $ROOTCMD apt-get -y build-dep btrfs-progs
+ # no docs cuz I didn't want to bother fixing error of missing docs dependencies
+ $ROOTCMD bash -xe <<EOF
+cd /tmp/${tarball%.tar.gz}
+./configure --disable-documentation
+make
+make install
+EOF
+ # If our desktop is HOST2, will we btrbk this latest bprogs to other
+ # machines.
+ if [[ -s /a/bin/bash_unpublished/source-state ]]; then
+ source /a/bin/bash_unpublished/source-state
+ fi
+ if [[ $HOST2 == "$HOSTNAME" && $FAI_ROOT != / ]]; then
+ rm -rf $bp_dir
+ chown -R iank:iank $target/tmp/${tarball%.tar.gz}
+ mv $target/tmp/${tarball%.tar.gz} $bp_dir
+ fi
+ else
+ if ! $ROOTCMD dpkg -s -- build-essential 2>&1 | grep -Fx "Status: install ok installed" &>/dev/null; then
+ $ROOTCMD apt-get -y install build-essential
+ fi
+
+ if [[ $FAI_ROOT == / ]]; then
+ cd /a/opt/btrfs-progs-release
+ make install
+ else
+ mkdir -p $target/tmp/bprogs
+ mount -o bind $bp_dir $target/tmp/bprogs
+ $ROOTCMD bash -xe <<EOF
+cd /tmp/bprogs
+make install
+EOF
+ fi
+ fi
+fi
+## end get new kernel and btrfs-progs ##