various fixes

[distro-setup] / distro-end

diff --git a/distro-end b/distro-end
index 1878ebe31a6bea2b6337654cde3f90d0b7c5cd67..95a6e2ddd94de0c1b31b8b2cd0dd0538e0868e03 100755 (executable)
--- a/distro-end
+++ b/distro-end
@@ -32,7 +32,6 @@ spa() { # simple package add
     simple_packages+=($@)
 }
 
-
 distro=$(distro-name)
 
 pending_reboot=false
@@ -52,6 +51,7 @@ simple_packages=(
     ruby-rest-client
     tree
     vim
+    wcd
 )
 
 case $HOSTNAME in
@@ -77,6 +77,7 @@ case $HOSTNAME in
             gnome-screenshot
             i3lock
             jq
+            linux-doc
             locate
             manpages
             manpages-dev
@@ -97,7 +98,6 @@ case $HOSTNAME in
             tcpdump
             transmission-remote-gtk
             vlc
-            wcd
         )
         ;;
 esac
@@ -241,7 +241,7 @@ case $HOSTNAME in
     lj|li)
 
         case $HOSTNAME in
-            lj) domain=iank.bid ;;
+            lj) domain=iank.bid; exit 0 ;;
             li) domain=iankelling.org ;;
         esac
         /a/h/setup.sh $domain
@@ -251,9 +251,31 @@ case $HOSTNAME in
         #$src/phab-setup
 
         pi-nostart mumble-server
-        s sed -ri "s/^ *(serverpassword=).*/\1$(< /a/bin/bash_unpublished/mumble_pass)/" mumble-server.ini
+        s sed -ri "s/^ *(serverpassword=).*/\1$(< /a/bin/bash_unpublished/mumble_pass)/" /etc/mumble-server.ini
         sgo mumble-server
 
+        vpn-server-setup -d
+
+        sudo dd of=/etc/systemd/system/vpnmail.service <<EOF
+[Unit]
+Description=Turns on iptables mail nat
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 25 -j DNAT --to-destination 10.8.0.4:25
+ExecStop=/sbin/iptables -t nat -D PREROUTING -i eth0 -p tcp -m tcp --dport 25 -j DNAT --to-destination 10.8.0.4:25
+
+[Install]
+WantedBy=openvpn.service
+EOF
+        ser daemon-reload
+        ser enable vpnmail.service
+        acme-tiny-wrapper mail.iankelling.org
+        sgo openvpn
+        tu /etc/hosts <<<"mail.iankelling.org 10.8.0.4"
+
+
         echo "$0: $(date): ending now)"
         exit 0
         ;;
@@ -262,7 +284,15 @@ esac
 
 ########### end section including li/lj ###############
 
-
+if private-host; then
+    vpn-mk-client-cert -n mail li
+    echo "ifconfig-push 10.8.0.4 255.255.255.0" | ssh root@li dd of=/etc/openvpn/client-config/$(openssl x509 -noout -subject -in mail.crt | sed -r 's/.*CN *= *([^,]+).*/\1/')
+fi
+ser enable mailroute
+if [[ $HOSTNAME == treetowl ]]; then
+    # note, this will need to be changed when the mail host changes
+    sgo openvpn-client@mail
+fi
 
 ## android studio setup
 # this contains the setting for android sdk to point to
@@ -276,19 +306,6 @@ lnf /a/opt/.AndroidStudio2.2 ~
 spa lib32stdc++6 default-jdk
 
 
-if [[ $HOSTNAME == frodo ]]; then
-    case $distro in
-        ubunut|debian)
-            pi libsqlite3-dev
-            cd /a/opt/duperemove
-            make clean
-            make
-            s make install
-            ;;
-        #others unknown
-    esac
-fi
-
 case $distro in
     arch) pi syncthing ;;
     ubuntu|debian)
@@ -681,7 +698,7 @@ esac
 
 
 case $distro in
-    debian|ubuntu) spa android-tools-adb/unstable ;;
+    debian|ubuntu) spa android-tools-adbd/unstable ;;
     arch) spa android-tools ;;
     # other distros unknown
 esac
@@ -725,7 +742,7 @@ walletnotify=curl -sI --connect-timeout 1 http://localhost:62602/walletnotify?%s
 alertnotify=curl -sI --connect-timeout 1 http://localhost:62602/alertnotify?%s
 EOF
         ;;
-    # other distros unknown
+                        # other distros unknown
 esac
 if [[ $HOSTNAME == treetowl ]]; then
     pi libsodium-dev python3-pip
@@ -959,6 +976,10 @@ DEVICESCAN -a -o on -S on -n standby,q $sched \
 ########### misc stuff
 
 
+# the wiki backup script from ofswiki.org uses generic paths
+s lnf /p/c/machine_specific/li/mw_vars /root
+s lnf /k/backup/wiki_backup /root
+
 s cedit /etc/goaccess.conf <<'EOF' || [[ $? == 1 ]]
 # all things found from looking around the default config
 # copied existing NCSA Combined Log Format with Virtual Host, plus %L
@@ -1194,20 +1215,23 @@ if ! s virsh list --all --name | grep -xF win10 &>/dev/null; then
     # run "control userpasswords2", turn on automatic login.
     # note: when changing devices, I just undefine, the create the vm again.
 
-    s virt-install --noautoconsole --graphics spice,listen=0.0.0.0 \
-      --disk=/a/images/win10.qcow2,bus=virtio --vcpus 2 -r 4096 -w bridge=br0 \
-      -n win10 --import --os-variant $variant --cpu host-model-only
-
-    s virsh destroy win10
+    if [[ -e /a/images/win10.qcow2 ]]; then
+        s virt-install --noautoconsole --graphics spice,listen=0.0.0.0 \
+          --disk=/a/images/win10.qcow2,bus=virtio --vcpus 2 -r 4096 -w bridge=br0 \
+          -n win10 --import --os-variant $variant --cpu host-model-only
 
-    # this one hasn\'t had the virtio fix done yet.
-    s virt-install --noautoconsole --graphics spice,listen=0.0.0.0 \
-      --disk=/a/images/win7.qcow2 --vcpus 2 -r 4096 -w bridge=br0 \
-      -n win7 --import --os-variant win7 --cpu host-model-only
-    s virsh destroy win7
-    # had a problem with --cpu host, so trying out
-    # --cpu host-model-only
+        s virsh destroy win10
+    fi
 
+    if [[ -e /a/images/win7.qcow2 ]]; then
+        # this one hasn\'t had the virtio fix done yet.
+        s virt-install --noautoconsole --graphics spice,listen=0.0.0.0 \
+          --disk=/a/images/win7.qcow2 --vcpus 2 -r 4096 -w bridge=br0 \
+          -n win7 --import --os-variant win7 --cpu host-model-only
+        s virsh destroy win7
+        # had a problem with --cpu host, so trying out
+        # --cpu host-model-only
+    fi
 fi