readonly this_file="$(readlink -f -- "${BASH_SOURCE[0]}")"; cd "${this_file%/*}"
+source bash-trace
+
usage() {
cat <<EOF
usage: ${0##*/} [OPTIONS] [HOST]
##### end command line parsing ########
+m() { printf "$pre %s\n" "$*"; "$@"; }
+
# i use faiserver as a dns alias, but ssh key is associated with
# a canonical hostname and we will have ssh warning spam unless we
# use it, so look it up just to avoid the warning spam.
-faiserver_host=$(/a/exe/chost $host) || faiserver_host=$host
+faiserver_host=$(/a/exe/chost $host)
+# faiserver_host=$host
faiserver_addr=$(host $host | sed -rn 's/^\S+ has address //p;T;q' ||:)
if ! ip a | grep "^ *inet.\? $faiserver_addr" &>/dev/null; then
- rpre="-e 'ssh -F $HOME/.ssh/confighome' root@$faiserver_host:"
+ rpre=(-e "ssh -F $HOME/.ssh/confighome" root@$faiserver_host:)
faiserver_shell="ssh -F $HOME/.ssh/confighome root@$faiserver_host"
fi
# we hssh and ssh_filter_btrbk for the initial btrbk (alternatively, I could open up the
# permissions in authorized_keys, but that just seems lazy)
install --owner=iank --group=iank -d fai/config/files/usr/local/bin/hssh
-rsync -atL /a/bin/ds/hssh fai/config/files/usr/local/bin/hssh/STANDARD
install --owner=iank --group=iank -d fai/config/files/usr/local/bin/ssh_filter_btrbk.sh
rsync -atL /a/opt/btrbk/ssh_filter_btrbk.sh fai/config/files/usr/local/bin/ssh_filter_btrbk.sh/STANDARD
-rsync -rlpt --delete --relative --exclude /fai/config/basefiles/ fai/config $rpre/srv
+m rsync -rlpt --delete --relative --exclude /fai/config/basefiles/ fai/config /a/opt/btrfs-progs-release "${rpre[@]}"/srv
# todo: automatically disable faiserver after a period so
# these files are not available.
if [[ $target ]]; then
- if test -e /q/root/shadow/$target; then
- shadowfile=shadow/$target # empty otherwise
+ secret_files=(luks/$target luks/host-$target shadow/$target)
+ exists=false
+ secret_exists=()
+ for f in ${secret_files[@]}; do
+ if [[ -e /q/root/$f ]]; then
+ exists=true
+ secrets_to_send+=("$f")
+ fi
+ done
+ if $exists; then
+ {
+ for f in ${secrets_to_send[@]}; do
+ echo $f
+ done
+ } | rsync -lpt --files-from=- /q/root "${rpre[@]}"/srv/fai/config/distro-install-common
fi
- rsync -lpt --files-from=- /q/root $rpre/srv/fai/config/distro-install-common <<EOF
-luks/$target
-luks/host-$target
-$shadowfile
-EOF
else
- rsync -rlpt /q/root/shadow /q/root/luks $rpre/srv/fai/config/distro-install-common
+ rsync -rlpt /q/root/shadow /q/root/luks "${rpre[@]}"/srv/fai/config/distro-install-common
fi
dirs=(/p/c/machine_specific/${target:-*}/filesystem/etc/ssh)
if [[ -e ${dirs[0]} ]]; then
- rsync -rlpt --delete --relative ${dirs[@]} $rpre/srv/fai/config/distro-install-common
+ rsync -rlpt --delete --relative ${dirs[@]} "${rpre[@]}"/srv/fai/config/distro-install-common
fi
. /a/bin/distro-setup/pkgs
pall+=($(/a/bin/buildscripts/emacs -p; /a/bin/distro-setup/distro-pkgs $distro))
printf "%s\n%s\n" "PACKAGES install" ${pall[*]} | \
- $faiserver_shell dd of=/srv/fai/config/package_config/DESKTOP 2>/dev/null ||: # broken pipe
+ $faiserver_shell dd of=/srv/fai/config/package_config/DESKTOP status=none ||: # broken pipe
-rsync -rplt --include '/*.gz' --exclude '/**' --delete-excluded $BASEFILE_DIR/ $rpre/srv/fai/config/basefiles/
+rsync -rplt --include '/*.gz' --exclude '/**' --delete-excluded $BASEFILE_DIR/ "${rpre[@]}"/srv/fai/config/basefiles/