#!/bin/bash -l
# Copyright (C) 2016 Ian Kelling
-
+#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
-
+#
# http://www.apache.org/licenses/LICENSE-2.0
-
+#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# generally, I don't think targets order shutdown like they do startup.
# So, I did systemd-analyze plot > something.svg, and picked a reliably started
# service that happens late in the game.
-After=postfix.service
+After=ntp.service
DefaultDependencies=no
# not sure if needed, makes sure we shut down before reboot.target
Conflicts=reboot.target
s lnf -T /a/bin /b
if has_p; then
- lnf -T /p/offlineimap ~/Maildir
lnf -T /p/News ~/News
- # don't use /* because I don't want to require it to be mounted
fi
s lnf /q/root/.editor-backups /q/root/.undo-tree-history \
pi xkbset
else
# xkbset was in testing for quite a while, dunno
- # why it's not anymore. Sometime I should check and
- # see if it's back in testing, but the unstable package
- # doesn't upgrade anything form testing, and it's tiny
- # so I'm not bothering to automate it.
+ # why it\'s not anymore. Sometime I should check and
+ # see if it\'s back in testing, but the unstable package
+ # doesn\'t upgrade anything form testing, and it\'s tiny
+ # so I\'m not bothering to automate it.
pi xkbset/unstable
-fi
-fi
-;;&
+ fi
+ fi
+ ;;&
esac
if has_x; then
tu /etc/fstab <<'EOF'
-/i/w /w none bind 0 0
-/i/k /k none bind 0 0
+/i/w /w none bind,noauto 0 0
+/i/k /k none bind,noauto 0 0
EOF
-
if ! mountpoint /kr; then
s mkdir -p /kr
s chown ian:traci /kr
if home_network; then
if [[ $HOSTNAME == treetowl ]]; then
tu /etc/fstab <<'EOF'
-/k /kr none bind 0 0
+/k /kr none bind,noauto 0 0
EOF
else
tu /etc/fstab <<'EOF'
-treetowl:/k /kr nfs defaults 0 0
+treetowl:/k /kr nfs noauto 0 0
EOF
fi
fi
-s mkdir -p /q/i/{w,k}
+s mkdir -p /q /i/{w,k}
for dir in /{i,w,k}; do
if mountpoint $dir; then continue; fi # already mounted
s mkdir -p $dir
s chown ian:ian $dir
- s mount $dir
done
-dir=/nocow
-if ! mountpoint $dir; then
- subvol=/mnt/root/nocow
- if [[ ! -e nocow ]]; then
- btrfs subvolume create $subvol
- chown root:1000 $subvol
- chattr +C $subvol
+# not needed for all hosts, but rather just keep it uniform
+s mkdir -p /mnt/iroot
+
+# debian auto mounting of multi-disk encrypted btrfs is busted. It is
+# in jessie, and in stretch as of 11/26/2016 I have 4 disks in cryptab,
+# based on 3 of those, it creates .device units for /dev/mapper/dev...
+# then waits endlessly for them on bootup, after the /dev/mapper disks
+# have already been created and exist. todo: create a simple repro
+# for this in a vm and report it upstream.
+if has_btrfs || home_network; then
+ pi nfs-common
+ s dd of=/root/imount <<'EOF'
+#!/bin/bash
+[[ $EUID == 0 ]] || exec sudo -E "$BASH_SOURCE" "$@"
+set -eE -o pipefail
+trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+for dir in /i /mnt/iroot /k /kr /w; do
+ if ! mountpoint $dir &>/dev/null && \
+ awk '{print $2}' /etc/fstab | grep -xF $dir &>/dev/null; then
+ if awk '{print $3}' /etc/fstab | grep -xF nfs &>/dev/null; then
+ mount $dir || echo "warning: failed to mount nfs on $dir"
+ else
+ mount $dir
+ fi
fi
+done
+EOF
+ s chmod +x /root/imount
- first_root_crypt=$(awk '$2 == "/" {print $1}' /etc/mtab)
- tu /etc/fstab <<EOF
-$first_root_crypt /nocow btrfs noatime,subvol=nocow 0 0
+ s dd of=/etc/systemd/system/imount.service <<'EOF'
+[Unit]
+Description=Mount /i and related mountpoints
+
+[Service]
+Type=oneshot
+ExecStart=/root/imount
+
+[Install]
+# note /kr needs networking, this target is the simplest way to
+# time it when the network should be up, but not do something
+# dumb like delay startup until the network is up. It happens
+# at some time after network.target
+WantedBy=multi-user.target
EOF
- s mkdir -p $dir
- s chown ian:ian $dir
- s mount $dir
+ sudo systemctl daemon-reload # needed if the file was already there
+ sudo systemctl enable imount.service
+ sudo systemctl start imount.service
fi
+dir=/nocow
+if has_btrfs; then
+ if ! mountpoint $dir; then
+ subvol=/mnt/root/nocow
+ if [[ ! -e $subvol ]]; then
+ s btrfs subvolume create $subvol
+ s chown root:1000 $subvol
+ s chattr +C $subvol
+ fi
+
+ first_root_crypt=$(awk '$2 == "/" {print $1}' /etc/mtab)
+ tu /etc/fstab <<EOF
+$first_root_crypt /nocow btrfs noatime,subvol=nocow 0 0
+EOF
+ s mkdir -p $dir
+ s chown ian:ian $dir
+ s mount $dir
+ fi
+else
+ sudo mkdir -p $dir
+fi
# ssh and probably some other things care about parent directory
# ownership, and ssh doesn\'t allow any group writable parent
if isdeb; then
- # I've had problems with postfix on debian:
+ # I\'ve had problems with postfix on debian:
# on stretch, a startup ordering issue caused all mail to fail.
# postfix changed defaults to only use ipv6 dns, causing all my mail to fail.
# exim4 is default on debian, so I assume it would
# be packaged better to avoid these types of things.
- # I haven't gotten around to getting a non-debian exim
+ # I haven\'t gotten around to getting a non-debian exim
# setup.
mail-setup exim4
- else
- mail-setup postfix
+else
+ mail-setup postfix
fi
- if isubuntu; then
- # disable crash report annoying crap
- s dd of=/etc/default/apport <<<'enabled=0'
- fi
+if isubuntu; then
+ # disable crash report annoying crap
+ s dd of=/etc/default/apport <<<'enabled=0'
+fi
# fai sets this an old way that doesn't work for stretch.
# no harm in setting it universally here.
# using debconf-set-selection, the area gets reset to ETC
# on my linode test machine after doing a dpkg-reconfigure, or a reinstall,
# so we are using expect :(
+# I got a random error when running this, so I added a sleep
+# rather than trying to write a whole detect and wait loop.
+# E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable)
+# E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?
+sleep 1
s apt-get -y install --no-install-recommends expect
s expect <<EOF
set force_conservative 0
iankelling.org / git / distro-setup / blobdiff