#!/bin/bash -l
# Copyright (C) 2016 Ian Kelling
-
+#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
-
+#
# http://www.apache.org/licenses/LICENSE-2.0
-
+#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
for f in iank-dev htpc treetowl x2 frodo tp li lj demohost; do
eval "$f() { [[ $HOSTNAME == $f ]]; }"
done
-has_p() { treetowl || iank-dev || x2 || frodo || tp || demohost; }
+has_p() { treetowl || x2 || frodo || tp || demohost; }
has_x() { ! linode; }
linode() { lj || li; }
has_btrfs() { ! linode; }
# generally, I don't think targets order shutdown like they do startup.
# So, I did systemd-analyze plot > something.svg, and picked a reliably started
# service that happens late in the game.
-After=postfix.service
+After=ntp.service
DefaultDependencies=no
# not sure if needed, makes sure we shut down before reboot.target
Conflicts=reboot.target
isfedora && tu /etc/sysctl.conf 'kernel.sysrq = 1'
-s lnf -T /q/p /p
# this needs to be before installing pacserve so we have gpg conf.
conflink
# for a while, firefox/unstable did not have
# dependencies satisfied by testing packages, and i hit
# a conflict, it wanted a newer libfontconfig1, but
- # emacs build-deps wanted an older one. note: They seem
+ # emacs build-deps wanted an older one. In this case,
+ # I switch to using firefox-esr. note: They seem
# to release a new esr version every 9 months or so.
pi firefox/unstable
fi
pi xkbset
else
# xkbset was in testing for quite a while, dunno
- # why it's not anymore. Sometime I should check and
- # see if it's back in testing, but the unstable package
- # doesn't upgrade anything form testing, and it's tiny
- # so I'm not bothering to automate it.
+ # why it\'s not anymore. Sometime I should check and
+ # see if it\'s back in testing, but the unstable package
+ # doesn\'t upgrade anything form testing, and it\'s tiny
+ # so I\'m not bothering to automate it.
pi xkbset/unstable
-fi
-fi
-;;&
+ fi
+ fi
+ ;;&
esac
if has_x; then
s mkdir -p "${dirs[@]}"
s chown ian:ian "${dirs[@]}"
-if [[ $HOSTNAME == treetowl ]]; then
- # partitioned it with fai partitioner outside of fai,
- # because it\'s worth it to have 1% space reserved for boot and
- # swap partitions in case I ever want to boot off those drives.
- # as root:
- # . /a/bin/fai/fai-wrapper
- # eval-fai-classfile /a/bin/fai/fai/config/class/51-multi-boot
- # fai-setclass ROTATIONAL
- # export LUKS_DIR=/q/root/luks/
- # # because the partition nums existed already
- # fai-setclass REPARTITION
- # /a/bin/fai/fai/config/hooks/partition.DEFAULT
-
- # just the first in the btrfs raid
- dev=ata-TOSHIBA_MD04ACA500_84REK6NTFS9A-part1
- tu /etc/fstab <<EOF
-/dev/mapper/crypt_dev_$dev /i btrfs noatime,subvol=i 0 0
-EOF
-
- tu /etc/crypttab <<EOF
-crypt_dev_$dev /dev/disk/by-id/$dev /q/root/luks/host-treetowl discard,luks
-EOF
-
-else
- tu /etc/fstab <<'EOF'
-/q/i /i none bind 0 0
-EOF
-
-fi
tu /etc/fstab <<'EOF'
-/i/w /w none bind 0 0
-/i/k /k none bind 0 0
+/i/w /w none bind,noauto 0 0
+/i/k /k none bind,noauto 0 0
EOF
-
if ! mountpoint /kr; then
s mkdir -p /kr
s chown ian:traci /kr
if home_network; then
if [[ $HOSTNAME == treetowl ]]; then
tu /etc/fstab <<'EOF'
-/k /kr none bind 0 0
+/k /kr none bind,noauto 0 0
EOF
else
tu /etc/fstab <<'EOF'
-treetowl:/k /kr nfs defaults 0 0
+treetowl:/k /kr nfs noauto 0 0
EOF
fi
fi
if mountpoint $dir; then continue; fi # already mounted
s mkdir -p $dir
s chown ian:ian $dir
- s mount $dir
done
+# not needed for all hosts, but rather just keep it uniform
+s mkdir -p /mnt/iroot
+
+# debian auto mounting of multi-disk encrypted btrfs is busted. It is
+# in jessie, and in stretch as of 11/26/2016 I have 4 disks in cryptab,
+# based on 3 of those, it creates .device units for /dev/mapper/dev...
+# then waits endlessly for them on bootup, after the /dev/mapper disks
+# have already been created and exist. todo: create a simple repro
+# for this in a vm and report it upstream.
+s dd of=/root/imount <<'EOF'
+#!/bin/bash
+[[ $EUID == 0 ]] || exec sudo -E "$BASH_SOURCE" "$@"
+set -eE -o pipefail
+trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+for dir in /i /mnt/iroot /w /k /kr; do
+ if ! mountpoint $dir &>/dev/null && \
+ awk '{print $2}' /etc/fstab | grep -xFq $dir; then
+ mount $dir
+ fi
+done
+EOF
+s chmod +x /root/imount
+
+s dd of=/etc/systemd/system/imount.service <<'EOF'
+[Unit]
+Description=Mount /i and related mountpoints
+
+[Service]
+Type=oneshot
+ExecStart=/root/imount
+
+[Install]
+WantedBy=multi-user.target
+EOF
+sudo systemctl daemon-reload # needed if the file was already there
+sudo systemctl enable imount.service
+sudo systemctl start imount.service
+
+
dir=/nocow
-l=$(sed -rn "s#^(\s*\S+\s+)/q(\s.*)(subvol=q)#\1$dir\2subvol=nocow#p" /etc/fstab)
-if [[ $l ]] && ! mountpoint $dir; then
+if ! mountpoint $dir; then
+ subvol=/mnt/root/nocow
+ if [[ ! -e $subvol ]]; then
+ s btrfs subvolume create $subvol
+ s chown root:1000 $subvol
+ s chattr +C $subvol
+ fi
+
+ first_root_crypt=$(awk '$2 == "/" {print $1}' /etc/mtab)
tu /etc/fstab <<EOF
-$l
+$first_root_crypt /nocow btrfs noatime,subvol=nocow 0 0
EOF
s mkdir -p $dir
s chown ian:ian $dir
EOF
-
-postfix-setup
-
-if isubuntu; then
- # disable crash report annoying crap
- s dd of=/etc/default/apport <<<'enabled=0'
+if isdeb; then
+ # I've had problems with postfix on debian:
+ # on stretch, a startup ordering issue caused all mail to fail.
+ # postfix changed defaults to only use ipv6 dns, causing all my mail to fail.
+ # exim4 is default on debian, so I assume it would
+ # be packaged better to avoid these types of things.
+ # I haven't gotten around to getting a non-debian exim
+ # setup.
+ mail-setup exim4
+ else
+ mail-setup postfix
fi
+ if isubuntu; then
+ # disable crash report annoying crap
+ s dd of=/etc/default/apport <<<'enabled=0'
+ fi
+
# fai sets this an old way that doesn't work for stretch.
# no harm in setting it universally here.
# using debconf-set-selection, the area gets reset to ETC
iankelling.org / git / distro-setup / blobdiff