X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;ds=inline;f=distro-begin;h=633e8d1e3c326085460c9e97784f9756a5c85a0e;hb=HEAD;hp=c5d10cc015727b4e8ad09474864022f42af8bcff;hpb=9a1c9e1c16555a4158cfd4044a615d89ab877abc;p=distro-setup

diff --git a/distro-begin b/distro-begin
index c5d10cc..86e41e6 100755
--- a/distro-begin
+++ b/distro-begin
@@ -1,17 +1,21 @@
 #!/bin/bash
-# Copyright (C) 2016 Ian Kelling
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# Setup Ian's computers
+# Copyright (C) 2024  Ian Kelling
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# SPDX-License-Identifier: GPL-3.0-or-later
 
 #### for setting up a new machine
 # usage: $0 [-r] [HOSTNAME]
@@ -21,6 +25,8 @@
 # /a/bin/ds/filesystem/etc/prometheus/rules/iank.yml
 #
 # Update hostnames in /b/ds/check-remote-mailqs
+# Update hostnames in /b/ds/machine_specific/*.hosts /p/c/machine_specific/*.hosts
+# Update hostnames in this file
 
 ### end new machine setup
 
@@ -49,9 +55,10 @@
 
 ####### begin setup environment #######
 
+# shellcheck disable=SC2317 # false positive
 
 ### make ssh interactive shell run better. for when running line interactively line by line
-sudo bash -c '/a/exe/ssh-emacs-setup'
+sudo bash -c '/a/exe/ssh-emacs-setup' || exit $?
 
 ##### setup error handling
 interactive=true  # set this to false to force set -x
@@ -59,7 +66,7 @@ interactive=true  # set this to false to force set -x
 if ! $interactive; then
   set -x
 fi
-source /a/bin/errhandle/err
+source /a/bin/bash-bear-trap/bash-bear
 
 mkdir -p ~/.local
 err-cleanup() {
@@ -107,7 +114,7 @@ source $script_dir/pkgs
 set +x
 source /a/bin/distro-functions/src/identify-distros
 $interactive || set -x
-for f in kd x2 x3 x8 frodo tp li bk je demohost kw sy bo; do
+for f in kd x2 x3 x8 frodo tp li bk je demohost kw sy bo so; do
   eval "$f() { [[ $HOSTNAME == $f ]]; }"
 done
 codename=$(debian-codename)
@@ -304,85 +311,11 @@ set +x
 err-allow
 source /etc/profile.d/environment.sh
 export LC_USEBASHRC=t
-# shellcheck source=./.bashrc
-source ~/.bashrc
+# shellcheck source=./brc
+source ~/brc
 err-catch
 $interactive || set -x
 
-##### use systemd-resolved for glibc resolutions
-
-pi libnss-resolve
-
-if [[ ! -L /etc/nsswitch.conf ]]; then
-  sudo mkdir -p /etc/resolved-nsswitch
-  sudo mv /etc/nsswitch.conf /etc/resolved-nsswitch
-  sudo ln -sf /etc/resolved-nsswitch/nsswitch.conf /etc
-fi
-
-f=/etc/basic-nsswitch/nsswitch.conf
-if [[ ! -e $f ]]; then
-  sudo mkdir -p ${f%/*}
-  sudo cp /etc/nsswitch.conf $f
-  sudo sed -i --follow-symlinks 's/^ *hosts:.*/hosts: files dns myhostname/' $f
-fi
-case $HOSTNAME in
-  bk|je)
-    # je should be able to get along systemd-resolved, but ive had some odd
-    # very intermittent dns failures with spamassassin, it seems it might only
-    # be happening with systemd-resolved, so just use unbound
-    # to make it consistent with the other hosts.
-    sudo sed -i --follow-symlinks 's/^ *hosts:.*/hosts: files dns myhostname/' /etc/nsswitch.conf
-    soff systemd-resolved
-    sudo ln -sf 127.0.0.1-resolv/stub-resolv.conf /etc/resolv.conf
-    sgo unbound
-    # cautious measure to make sure resolution is working
-    sleep 1
-    ;;
-  *)
-    # default is
-    # files mdns4_minimal [NOTFOUND=return] dns myhostname
-    # mdns4 is needed for my printer and for bbb webrtc, not sure exactly why.
-    # https://www.freedesktop.org/software/systemd/man/nss-resolve.html#
-    # seems more important than some potential use case.
-    # Interestingly, t9/t10 man page says use files before resolve, debian 10 says the opposite.
-    # removing files makes hostname -f not actually give the fully qualified domain name.
-    sudo sed -i --follow-symlinks 's/^ *hosts:.*/hosts: files resolve [!UNAVAIL=return] mdns4_minimal [NOTFOUND=return] myhostname/' /etc/resolved-nsswitch/nsswitch.conf
-    ;;
-esac
-
-case $HOSTNAME in
-  bk)
-    sgo named
-    ;;
-esac
-
-
-lines=(
-  "/etc/resolved-nsswitch/nsswitch.conf r,"
-  "/etc/basic-nsswitch/nsswitch.conf r,"
-  # Aug 06 23:09:11 kd audit[3995]: AVC apparmor="DENIED" operation="connect" profile="/usr/bin/freshclam" name="/run/systemd/resolve/io.systemd.Resolve" pid=3995 comm="freshclam" requested_mask="wr" denied_mask="wr" fsuid=109 ouid=101
-  # I dont know if this is quite the right fix, but I saw other sockets
-  # in the nameservice files that were rw, so figured it was ok to add this and it worked.
-  "/run/systemd/resolve/io.systemd.Resolve rw,"
-)
-f=/etc/apparmor.d/abstractions/nameservice
-apparmor_reload=false
-if [[ -e $f ]]; then
-  for l in "${lines[@]}"; do
-    if ! grep -qF "$l" $f; then
-      sudo sed -i "/\/nsswitch.conf/a $l" $f
-      apparmor_reload=true
-      if ! grep -qF "$l" $f; then
-        echo "$0: failed editing $f. investigate"
-        exit 1
-      fi
-    fi
-  done
-  if $apparmor_reload && systemctl is-enabled apparmor; then
-    m ser reload apparmor
-  fi
-fi
-
 
 
 if dpkg -s -- nscd &>/dev/null; then
@@ -481,6 +414,7 @@ if isarch; then
 fi
 
 #### update all packages
+# shellcheck disable=SC2119 # obvious
 pup
 
 
@@ -490,7 +424,7 @@ pi ${p1[@]}
 
 ######## fix evbug bug ######
 case $(debian-codename-compat) in
-  xenial|bionic|focal|jammy)
+  xenial|bionic|focal|jammy|noble)
     # noticed in flidas. dunno if it affects any others
     #https://bugs.launchpad.net/ubuntu/+source/module-init-tools/+bug/240553
     #https://wiki.debian.org/KernelModuleBlacklisting
@@ -546,7 +480,7 @@ fi
 # disabled temporarily
 ###### setup /i
 # if home_network; then
-#   tu /etc/fstab <<'EOF'
+#   sudo /a/exe/teeu /etc/fstab <<'EOF'
 # /i/w  /w  none  bind,noauto  0 0
 # /i/k  /k  none  bind,noauto  0 0
 # EOF
@@ -555,11 +489,11 @@ fi
 #     sudo chown $USER:user2 /kr
 #   fi
 #   if [[ $HOSTNAME == frodo ]]; then
-#     tu /etc/fstab <<'EOF'
+#     sudo /a/exe/teeu /etc/fstab <<'EOF'
 # /k  /kr  none  bind,noauto  0 0
 # EOF
 #   else
-#     tu /etc/fstab <<'EOF'
+#     sudo /a/exe/teeu /etc/fstab <<'EOF'
 # frodo:/k  /kr  nfs  noauto  0 0
 # EOF
 #   fi
@@ -629,7 +563,7 @@ if has_btrfs; then
     fi
 
     first_root_crypt=$(awk '$2 == "/" {print $1}' /etc/mtab)
-    tu /etc/fstab <<EOF
+    sudo /a/exe/teeu /etc/fstab <<EOF
 $first_root_crypt  /nocow  btrfs  noatime,subvol=nocow$( (( $(nproc) > 2)) && echo ,compress=zstd )  0 0
 EOF
     sudo mkdir -p $dir
@@ -642,7 +576,7 @@ fi
 
 case $HOSTNAME in
   kd)
-    tu /etc/fstab <<'EOF'
+    sudo /a/exe/teeu /etc/fstab <<'EOF'
 /dev/mapper/crypt_dev_ata-Samsung_SSD_870_QVO_8TB_S5VUNG0N900656V-part7  /d  btrfs  nofail,x-systemd.device-timeout=30s,x-systemd.mount-timeout=30s,noatime,compress=zstd,subvol=d  0 0
 /d/m /i  none  bind,compress=zstd  0 0
 EOF
@@ -658,7 +592,7 @@ EOF
     fi
     ;;
   frodo)
-    tu /etc/fstab <<'EOF'
+    sudo /a/exe/teeu /etc/fstab <<'EOF'
 /dev/mapper/crypt_dev_ata-ata-Hitachi_HDS722020ALA330_JK1121YAG7SXWS-part1  /i  btrfs  nofail,x-systemd.device-timeout=30s,x-systemd.mount-timeout=30s,noatime,subvol=i  0 0
 EOF
     if ! mountpoint /i &>/dev/null; then
@@ -708,8 +642,7 @@ if has_monitor; then
 
 
   ###### install X
-  # no recommends due to this bug: https://trisquel.info/en/issues/26525
-  pi --no-install-recommends i3
+  pi i3
 
   ##### install xinput
   case $(distro-name) in
@@ -718,28 +651,19 @@ if has_monitor; then
       ;;
   esac
 
-  # recommends gets us geoclue (for darkening automatically at night i assume),
-  # which recommends modemmanager, which is annoying to fix for the model01 keyboard.
-  # commented because I dont use it much, and in nabia its named changed to redshift-gtk
-  #pi --no-install-recommends gtk-redshift
-
   ##### setup X autostart
-  # install for multiple display managers in case we use one
-  dir=/etc/X11/xinit/xinitrc.d/
-  sudo mkdir -p $dir
-  sudo cp /a/bin/distro-setup/desktop-20-autostart.sh $dir
 
   ## disabled since i'm not using gdm atm
   # dir=/etc/gdm3
   # sudo mkdir -p $dir/PostLogin
-  # sudo cp /a/bin/distro-setup/desktop-20-autostart.sh $dir/PostLogin/Default
+  # sudo cp /a/bin/distro-setup/myx $dir/PostLogin/Default
   sudo mkdir -p /etc/lightdm/lightdm.conf.d
   # etiona lightdm.log:
   # [SeatDefaults] is now called [Seat:*], please update this configuration
   sudo dd of=/etc/lightdm/lightdm.conf.d/12-iank.conf <<'EOF'
 [Seat:*]
 # display-setup-script=/a/bin/ds/lightdm-start
-session-setup-script=/a/bin/distro-setup/desktop-20-autostart.sh
+session-setup-script=/a/bin/distro-setup/myx
 EOF