X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=distro-end;h=7f2f371f9d0592b309914fa9d164a2352d083b47;hb=a108e4b381c380c0bc6be19f31f4f1d6d7d7b118;hp=51f4bc448b2eb41eb5f68bd896c9af97fa5f20f0;hpb=12cab163424e3a7b0815646d1d4407f9b5839bcb;p=distro-setup

diff --git a/distro-end b/distro-end
index 51f4bc4..7f2f371 100755
--- a/distro-end
+++ b/distro-end
@@ -573,6 +573,20 @@ sudo rm -f /etc/cron.d/unattended-upgrade-reboot /usr/local/bin/zelous-unattende
 # EOF
 
 if [[ -e /etc/wireguard/wghole.conf ]]; then
+  reload=false
+  if [[ ! -e /etc/systemd/system/wg-quick@wghole.service.d/override.conf ]]; then
+    reload=true
+  fi
+  sudo mkdir -p /etc/systemd/system/wg-quick@wghole.service.d
+  sd /etc/systemd/system/wg-quick@wghole.service.d/override.conf <<'EOF'
+[Unit]
+StartLimitIntervalSec=0
+
+[Service]
+Restart=on-failure
+RestartSec=20
+EOF
+  if $reload; then ser daemon-reload; fi
   sgo wg-quick@wghole
 fi
 
@@ -633,6 +647,9 @@ EOF
 
     sd /etc/openvpn/client-config-hole/onep9 <<'EOF'
 ifconfig-push 10.5.5.14 255.255.255.0
+EOF
+    sd /etc/openvpn/client-config-hole/bo <<'EOF'
+ifconfig-push 10.5.5.13 255.255.255.0
 EOF
     sd /etc/openvpn/client-config-hole/sy <<'EOF'
 ifconfig-push 10.5.5.12 255.255.255.0
@@ -830,7 +847,7 @@ esac
 
 ### system76 things ###
 case $HOSTNAME in
-  sy)
+  sy|bo)
     # note, i stored the initial popos packages at /a/bin/data/popos-pkgs
     if [[ ! -e /etc/apt/sources.list.d/system76.list ]]; then
       # https://blog.zackad.dev/en/2017/08/17/add-ppa-simple-way.html
@@ -848,7 +865,7 @@ EOF
       # Pin: release o=LP-PPA-system76-dev-stable
       # Pin-Priority: 1001
       # EOF
-      pi system76-driver system76-firmware-cli
+      pi system76-driver system76-firmware
       # if you get a notice about a firmware update, the notifier on i3
       # is too dumb to do anything when you click it. so to see
       # a changelog, cd to
@@ -1179,9 +1196,13 @@ case $HOSTNAME in
 esac
 
 # user for short term use dropping of privileges
-s groupadd -g 1023 zu
-s useradd -g 1023 -u 1023 -c zu -s /bin/bash zu
 
+if ! getent group zu &>/dev/null; then
+  s groupadd -g 1023 zu
+fi
+if ! getent passwd zu &>/dev/null; then
+  s useradd -g 1023 -u 1023 -c zu -s /bin/bash zu
+fi
 
 
 # these things persist in ~/.config/syncthing, which I save in