X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;ds=inline;f=distro-begin;h=74bbdffaae42ce830c1fa795bb966d8d7ecf4e3f;hb=7ed3b98c4d3678d982c33741f1f42727144e66ce;hp=25247dceaeda29c128307ea2d0c96fddd64a746c;hpb=e81ac02c3c177cdfb148395bd7fdba328361869d;p=distro-setup
diff --git a/distro-begin b/distro-begin
index 25247dc..74bbdff 100755
--- a/distro-begin
+++ b/distro-begin
@@ -1,22 +1,35 @@
#!/bin/bash
-# Copyright (C) 2016 Ian Kelling
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# Setup Ian's computers
+# Copyright (C) 2024 Ian Kelling
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
-# for setting up a new machine
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+#### for setting up a new machine
# usage: $0 [-r] [HOSTNAME]
# HOSTNAME changes the machine's hostname
+# Update target_down alerts in
+# /a/bin/ds/filesystem/etc/prometheus/rules/iank.yml
+#
+# Update hostnames in /b/ds/check-remote-mailqs
+# Update hostnames in /b/ds/machine_specific/*.hosts /p/c/machine_specific/*.hosts
+# Update hostnames in this file
+
+### end new machine setup
+
# tips:
# run any sudo command first so your pass is cached
# set the scrollback to unlimited in case something goes wrong
@@ -44,7 +57,7 @@
### make ssh interactive shell run better. for when running line interactively line by line
-sudo bash -c '/a/exe/ssh-emacs-setup'
+sudo bash -c '/a/exe/ssh-emacs-setup' || exit $?
##### setup error handling
interactive=true # set this to false to force set -x
@@ -52,7 +65,7 @@ interactive=true # set this to false to force set -x
if ! $interactive; then
set -x
fi
-source /a/bin/errhandle/err
+source /a/bin/bash-bear-trap/bash-bear
mkdir -p ~/.local
err-cleanup() {
@@ -100,7 +113,7 @@ source $script_dir/pkgs
set +x
source /a/bin/distro-functions/src/identify-distros
$interactive || set -x
-for f in kd x2 x3 frodo tp li bk je demohost kw sy bo; do
+for f in kd x2 x3 x8 frodo tp li bk je demohost kw sy bo so; do
eval "$f() { [[ $HOSTNAME == $f ]]; }"
done
codename=$(debian-codename)
@@ -297,8 +310,8 @@ set +x
err-allow
source /etc/profile.d/environment.sh
export LC_USEBASHRC=t
-# shellcheck source=./.bashrc
-source ~/.bashrc
+# shellcheck source=./brc
+source ~/brc
err-catch
$interactive || set -x
@@ -350,11 +363,28 @@ case $HOSTNAME in
esac
+lines=(
+ "/etc/resolved-nsswitch/nsswitch.conf r,"
+ "/etc/basic-nsswitch/nsswitch.conf r,"
+ # Aug 06 23:09:11 kd audit[3995]: AVC apparmor="DENIED" operation="connect" profile="/usr/bin/freshclam" name="/run/systemd/resolve/io.systemd.Resolve" pid=3995 comm="freshclam" requested_mask="wr" denied_mask="wr" fsuid=109 ouid=101
+ # I dont know if this is quite the right fix, but I saw other sockets
+ # in the nameservice files that were rw, so figured it was ok to add this and it worked.
+ "/run/systemd/resolve/io.systemd.Resolve rw,"
+)
f=/etc/apparmor.d/abstractions/nameservice
-if [[ -e $f ]] && ! grep -q /etc/resolved-nsswitch/nsswitch.conf $f; then
- sudo sed -i '/\/etc\/nsswitch.conf/a /etc/resolved-nsswitch/nsswitch.conf r,' $f
- sudo sed -i '/\/etc\/nsswitch.conf/a /etc/basic-nsswitch/nsswitch.conf r,' $f
- if sytemctl is-enabled apparmor; then
+apparmor_reload=false
+if [[ -e $f ]]; then
+ for l in "${lines[@]}"; do
+ if ! grep -qF "$l" $f; then
+ sudo sed -i "/\/nsswitch.conf/a $l" $f
+ apparmor_reload=true
+ if ! grep -qF "$l" $f; then
+ echo "$0: failed editing $f. investigate"
+ exit 1
+ fi
+ fi
+ done
+ if $apparmor_reload && systemctl is-active apparmor; then
m ser reload apparmor
fi
fi
@@ -377,6 +407,14 @@ if bitfolk; then
sudo sed -ri "/^127\./n;/[[:space:]]$HOSTNAME\$/d" /etc/hosts
fi
+if isdeb && [[ $(debian-codename) == aramo ]]; then
+ sudo dd of=/etc/apt/preferences.d/aramo-jammy-missing <<'EOF'
+Package: linux-libc-dev libmysqlclient21
+Pin: release n=jammy,o=Ubuntu
+Pin-Priority: 500
+EOF
+fi
+
# libfdk just has some patent worries.
# https://www.gnu.org/licenses/license-list.en.html#fdk
if isdeb && [[ $(debian-codename) == nabia ]]; then
@@ -449,6 +487,7 @@ if isarch; then
fi
#### update all packages
+# shellcheck disable=SC2119 # obvious
pup
@@ -458,7 +497,7 @@ pi ${p1[@]}
######## fix evbug bug ######
case $(debian-codename-compat) in
- xenial|bionic|focal)
+ xenial|bionic|focal|jammy)
# noticed in flidas. dunno if it affects any others
#https://bugs.launchpad.net/ubuntu/+source/module-init-tools/+bug/240553
#https://wiki.debian.org/KernelModuleBlacklisting
@@ -468,7 +507,7 @@ case $(debian-codename-compat) in
file=/etc/modprobe.d/evbug.conf
line="blacklist evbug"
if [[ $(cat $file) != "$line" ]]; then
- sudo dd of=$file 2>/dev/null <<<"$line"
+ sudo dd of=$file status=none <<<"$line"
sudo depmod -a
sudo update-initramfs -u
fi
@@ -514,7 +553,7 @@ fi
# disabled temporarily
###### setup /i
# if home_network; then
-# tu /etc/fstab <<'EOF'
+# sudo /a/exe/teeu /etc/fstab <<'EOF'
# /i/w /w none bind,noauto 0 0
# /i/k /k none bind,noauto 0 0
# EOF
@@ -523,11 +562,11 @@ fi
# sudo chown $USER:user2 /kr
# fi
# if [[ $HOSTNAME == frodo ]]; then
-# tu /etc/fstab <<'EOF'
+# sudo /a/exe/teeu /etc/fstab <<'EOF'
# /k /kr none bind,noauto 0 0
# EOF
# else
-# tu /etc/fstab <<'EOF'
+# sudo /a/exe/teeu /etc/fstab <<'EOF'
# frodo:/k /kr nfs noauto 0 0
# EOF
# fi
@@ -597,8 +636,8 @@ if has_btrfs; then
fi
first_root_crypt=$(awk '$2 == "/" {print $1}' /etc/mtab)
- tu /etc/fstab < 2)) && echo ,compress=zstd ) 0 0
+ sudo /a/exe/teeu /etc/fstab < 2)) && echo ,compress=zstd ) 0 0
EOF
sudo mkdir -p $dir
sudo chown $USER:$USER $dir
@@ -610,15 +649,31 @@ fi
case $HOSTNAME in
kd)
- tu /etc/fstab <<'EOF'
+ sudo /a/exe/teeu /etc/fstab <<'EOF'
/dev/mapper/crypt_dev_ata-Samsung_SSD_870_QVO_8TB_S5VUNG0N900656V-part7 /d btrfs nofail,x-systemd.device-timeout=30s,x-systemd.mount-timeout=30s,noatime,compress=zstd,subvol=d 0 0
+/d/m /i none bind,compress=zstd 0 0
EOF
if ! mountpoint /d &>/dev/null; then
- sudo mkdir /d
+ sudo mkdir -p /d
if [[ -d /mnt/r7/d ]]; then
sudo mount /d
fi
fi
+ if ! mountpoint /i &>/dev/null; then
+ sudo mkdir -p /i
+ sudo mount /i
+ fi
+ ;;
+ frodo)
+ sudo /a/exe/teeu /etc/fstab <<'EOF'
+/dev/mapper/crypt_dev_ata-ata-Hitachi_HDS722020ALA330_JK1121YAG7SXWS-part1 /i btrfs nofail,x-systemd.device-timeout=30s,x-systemd.mount-timeout=30s,noatime,subvol=i 0 0
+EOF
+ if ! mountpoint /i &>/dev/null; then
+ sudo mkdir -p /i
+ if [[ -d /mnt/i/i ]]; then
+ sudo mount /i
+ fi
+ fi
;;
esac
@@ -660,8 +715,7 @@ if has_monitor; then
###### install X
- # no recommends due to this bug: https://trisquel.info/en/issues/26525
- pi --no-install-recommends i3
+ pi i3
##### install xinput
case $(distro-name) in
@@ -680,20 +734,17 @@ if has_monitor; then
dir=/etc/X11/xinit/xinitrc.d/
sudo mkdir -p $dir
sudo cp /a/bin/distro-setup/desktop-20-autostart.sh $dir
- s teeu /etc/systemd/logind.conf <<'EOF'
-HandleLidSwitch=
-EOF
- # this works on
- dir=/etc/gdm3
- sudo mkdir -p $dir/PostLogin
- sudo cp /a/bin/distro-setup/desktop-20-autostart.sh $dir/PostLogin/Default
+ ## disabled since i'm not using gdm atm
+ # dir=/etc/gdm3
+ # sudo mkdir -p $dir/PostLogin
+ # sudo cp /a/bin/distro-setup/desktop-20-autostart.sh $dir/PostLogin/Default
sudo mkdir -p /etc/lightdm/lightdm.conf.d
# etiona lightdm.log:
# [SeatDefaults] is now called [Seat:*], please update this configuration
sudo dd of=/etc/lightdm/lightdm.conf.d/12-iank.conf <<'EOF'
[Seat:*]
-display-setup-script=/a/bin/ds/lightdm-start
+# display-setup-script=/a/bin/ds/lightdm-start
session-setup-script=/a/bin/distro-setup/desktop-20-autostart.sh
EOF
@@ -723,8 +774,10 @@ if $emacs; then
else
if $recompile; then
/a/bin/buildscripts/emacs
+ /a/bin/buildscripts/mu4e
else
/a/bin/buildscripts/emacs --no-r
+ /a/bin/buildscripts/mu4e --no-r
fi
fi
# the first pup command can kill off our /etc/ mod, so rerun this