for f in iank-dev htpc treetowl x2 frodo tp li lj demohost; do
eval "$f() { [[ $HOSTNAME == $f ]]; }"
done
-has_p() { treetowl || iank-dev || x2 || frodo || tp || demohost; }
-has_x() { ! { lj || li; }; }
+has_p() { treetowl || x2 || frodo || tp || demohost; }
+has_x() { ! linode; }
linode() { lj || li; }
+has_btrfs() { ! linode; }
+home_network() { ! linode; }
encrypted() { has_p; }
shopt -s extglob
# generally, I don't think targets order shutdown like they do startup.
# So, I did systemd-analyze plot > something.svg, and picked a reliably started
# service that happens late in the game.
-After=postfix.service
+After=ntp.service
DefaultDependencies=no
# not sure if needed, makes sure we shut down before reboot.target
Conflicts=reboot.target
isfedora && tu /etc/sysctl.conf 'kernel.sysrq = 1'
-s lnf -T /q/p /p
# this needs to be before installing pacserve so we have gpg conf.
conflink
if isdebian-stable; then
pi firefox/$codename-backports
else
- # for a while, firefox/unstable had all it\'s deps satisfied
- # by testing packages, but now i hit a conflict,
- # it wanted a newer libfontconfig1, but emacs build-deps
- # wanted an older one. Oh well, they seem to release
- # a new esr version every 9 months or so.
- pi firefox-esr
+ # for a while, firefox/unstable did not have
+ # dependencies satisfied by testing packages, and i hit
+ # a conflict, it wanted a newer libfontconfig1, but
+ # emacs build-deps wanted an older one. In this case,
+ # I switch to using firefox-esr. note: They seem
+ # to release a new esr version every 9 months or so.
+ pi firefox/unstable
fi
fi
# for hosts which require nonfree drivers
pi xkbset
else
# xkbset was in testing for quite a while, dunno
- # why it's not anymore. Sometime I should check and
- # see if it's back in testing, but the unstable package
- # doesn't upgrade anything form testing, and it's tiny
- # so I'm not bothering to automate it.
+ # why it\'s not anymore. Sometime I should check and
+ # see if it\'s back in testing, but the unstable package
+ # doesn\'t upgrade anything form testing, and it\'s tiny
+ # so I\'m not bothering to automate it.
pi xkbset/unstable
-fi
-fi
-;;&
+ fi
+ fi
+ ;;&
esac
if has_x; then
s mkdir -p "${dirs[@]}"
s chown ian:ian "${dirs[@]}"
-if [[ $HOSTNAME == treetowl ]]; then
- tu /etc/fstab <<'EOF'
-/dev/disk/by-id/ata-TOSHIBA_MD04ACA500_84REK6NTFS9A-part1 /i btrfs noatime,subvol=i 0 0
-EOF
-else
- tu /etc/fstab <<'EOF'
-/q/i /i none bind 0 0
-EOF
-fi
tu /etc/fstab <<'EOF'
-/i/w /w none bind 0 0
-/i/k /k none bind 0 0
+/i/w /w none bind,noauto 0 0
+/i/k /k none bind,noauto 0 0
EOF
+
if ! mountpoint /kr; then
s mkdir -p /kr
s chown ian:traci /kr
fi
-if [[ $HOSTNAME == treetowl ]]; then
- tu /etc/fstab <<'EOF'
-/k /kr none bind 0 0
+
+if home_network; then
+ if [[ $HOSTNAME == treetowl ]]; then
+ tu /etc/fstab <<'EOF'
+/k /kr none bind,noauto 0 0
EOF
-else
- tu /etc/fstab <<'EOF'
-treetowl:/k /kr nfs defaults 0 0
+ else
+ tu /etc/fstab <<'EOF'
+treetowl:/k /kr nfs noauto 0 0
EOF
+ fi
fi
s mkdir -p /q/i/{w,k}
for dir in /{i,w,k}; do
- if mountpoint $dir; then continue; fi
+ if mountpoint $dir; then continue; fi # already mounted
s mkdir -p $dir
s chown ian:ian $dir
- s mount $dir
done
+# not needed for all hosts, but rather just keep it uniform
+s mkdir -p /mnt/iroot
+
+# debian auto mounting of multi-disk encrypted btrfs is busted. It is
+# in jessie, and in stretch as of 11/26/2016 I have 4 disks in cryptab,
+# based on 3 of those, it creates .device units for /dev/mapper/dev...
+# then waits endlessly for them on bootup, after the /dev/mapper disks
+# have already been created and exist. todo: create a simple repro
+# for this in a vm and report it upstream.
+s dd of=/root/imount <<'EOF'
+#!/bin/bash
+[[ $EUID == 0 ]] || exec sudo -E "$BASH_SOURCE" "$@"
+set -eE -o pipefail
+trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+for dir in /i /mnt/iroot /w /k /kr; do
+ if ! mountpoint $dir &>/dev/null && \
+ awk '{print $2}' /etc/fstab | grep -xFq $dir; then
+ mount $dir
+ fi
+done
+EOF
+s chmod +x /root/imount
+
+s dd of=/etc/systemd/system/imount.service <<'EOF'
+[Unit]
+Description=Mount /i and related mountpoints
+
+[Service]
+Type=oneshot
+ExecStart=/root/imount
+
+[Install]
+WantedBy=multi-user.target
+EOF
+sudo systemctl daemon-reload # needed if the file was already there
+sudo systemctl enable imount.service
+sudo systemctl start imount.service
+
+
+dir=/nocow
+if ! mountpoint $dir; then
+ subvol=/mnt/root/nocow
+ if [[ ! -e $subvol ]]; then
+ s btrfs subvolume create $subvol
+ s chown root:1000 $subvol
+ s chattr +C $subvol
+ fi
+
+ first_root_crypt=$(awk '$2 == "/" {print $1}' /etc/mtab)
+ tu /etc/fstab <<EOF
+$first_root_crypt /nocow btrfs noatime,subvol=nocow 0 0
+EOF
+ s mkdir -p $dir
+ s chown ian:ian $dir
+ s mount $dir
+fi
+
# ssh and probably some other things care about parent directory
# ownership, and ssh doesn\'t allow any group writable parent
EOF
-
-postfix-setup
-
-if isubuntu; then
- # disable crash report annoying crap
- s dd of=/etc/default/apport <<<'enabled=0'
+if isdeb; then
+ # I've had problems with postfix on debian:
+ # on stretch, a startup ordering issue caused all mail to fail.
+ # postfix changed defaults to only use ipv6 dns, causing all my mail to fail.
+ # exim4 is default on debian, so I assume it would
+ # be packaged better to avoid these types of things.
+ # I haven't gotten around to getting a non-debian exim
+ # setup.
+ mail-setup exim4
+ else
+ mail-setup postfix
fi
+ if isubuntu; then
+ # disable crash report annoying crap
+ s dd of=/etc/default/apport <<<'enabled=0'
+ fi
+
# fai sets this an old way that doesn't work for stretch.
# no harm in setting it universally here.
# using debconf-set-selection, the area gets reset to ETC
iankelling.org / git / distro-setup / blobdiff