X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=distro-end;h=acc1507d18283fc0ae72a6b7155a04edb8a4142d;hb=86560196eb4ccc90a7c1d903de47fcb887656de4;hp=80aec6efad77b0ffbcb7cd11b3b9ac3983dc8850;hpb=46bcc5c1876aed04c2a4111a6ddd887951238ed6;p=distro-setup
diff --git a/distro-end b/distro-end
index 80aec6e..acc1507 100755
--- a/distro-end
+++ b/distro-end
@@ -6,7 +6,7 @@
export LC_USEBASHRC=t; if [[ -s ~/.bashrc ]]; then . ~/.bashrc; fi
### setup
-source /a/bin/errhandle/err
+source /a/bin/bash-bear-trap/bash-bear
src="$(readlink -f -- "${BASH_SOURCE[0]}")"; src=${src%/*} # directory of this file
if [[ $EUID == 0 ]]; then
@@ -123,39 +123,6 @@ esac
-
-# dogcam setup. not using atm
-# case $HOSTNAME in
-# lj|li)
-# /a/bin/webcam/install-server
-# ;;
-# kw)
-# /a/bin/webcam/install-client
-# ;;
-# esac
-
-
-## not actually using prometheus just yet
-# # office is not exposed to internet yet
-# if [[ $HOSTNAME != kw ]]; then
-# ## prometheus node exporter setup
-# web-conf -f 9100 -p 9101 apache2 $(hostname -f) <<'EOF'
-# #https://httpd.apache.org/docs/2.4/mod/mod_authn_core.html#authtype
-# # https://stackoverflow.com/questions/5011102/apache-reverse-proxy-with-basic-authentication
-#
-# AllowOverride None
-# AuthType basic
-# AuthName "Authentication Required"
-# # setup one time, with root:www-data, 640
-# AuthUserFile "/etc/prometheus-htpasswd"
-# Require valid-user
-#
-# EOF
-# fi
-
-
-
-
pi debootstrap
######### begin universal pinned packages ######
case $(debian-codename) in
@@ -166,205 +133,38 @@ Explanation: Debian* includes Debian + Debian Backports
Package: *
Pin: release o=Debian*
Pin-Priority: -100
-EOF
- ;;&
- # needed for debootstrap scripts for fai since fai requires debian
- flidas)
- # moved to fai
- #curl http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg | s apt-key add -
- sd /etc/apt/preferences.d/flidas-xenial </dev/null </dev/null; then
- # moved to fai
- #sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 3B4FE6ACC0B21F32
- sd /etc/apt/preferences.d/flidas-bionic <$t <$t <$t <<'EOF'
EOF
cat >$t <= 1 )); then
+ rm -f ${files[@]}
+ fi
+ ngreset
+ for host in ${!vpn_ips[@]}; do
+ sd /etc/openvpn/client-config-hole/$host <
AuthType Basic
@@ -2023,7 +1828,7 @@ EOF
ser restart prometheus-alertmanager
fi
- s /c/roles/prom-export/files/simple/usr/local/bin/fsf-install-node-exporter -l
+ s /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter -l 127.0.0.1
for ser in prometheus-node-exporter prometheus-alertmanager prometheus; do
sysd-prom-fail-install $ser
@@ -2031,7 +1836,7 @@ EOF
;;
*)
- s /c/roles/prom-export/files/simple/usr/local/bin/fsf-install-node-exporter
+ s /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter
;;
esac
@@ -2188,15 +1993,15 @@ esac
case $HOSTNAME in
sy|kd)
- sudo install -m 0755 -o root -g root -t /usr/bin /a/opt/bitcoin-24.0.1/bin/*
- sgo bitcoind
+ sudo install -m 0755 -o root -g root -t /usr/bin /a/opt/bitcoin-26.0/bin/*
+ # Note: i leave it to system-status to start and stop bitcoin.
# note: the bitcoin user & group are setup in fai
sudo usermod -a -G bitcoin iank
# todo: make bitcoin have a stable uid/gid
- if [[ ! $(readlink -f /var/lib/bitcoind/wallets) == /q/wallets ]]; then
- s lnf /q/wallets /var/lib/bitcoind
- sudo chown -h bitcoin:bitcoin /var/lib/bitcoind/wallets
- fi
+ sudo mkdir -p /var/lib/bitcoind
+ sudo chown bitcoin:bitcoin /var/lib/bitcoind
+ # 710 comes from the upstream bitcoin unit file
+ sudo chmod 710 /var/lib/bitcoind
# note, there exists
# /a/bin/ds/disabled/bitcoin
;;
@@ -2204,10 +2009,34 @@ esac
### end bitcoin
+### begin gh ####
+
+# from https://raw.githubusercontent.com/cli/cli/trunk/docs/install_linux.md
+# One time setup afterwards:
+# gh auth login
+#
+# When it gets to the page where it asks to authorize github, the button
+# is grayed out. You can just open browser dev tools, inspect the
+# button, remove disabled="", then click it and it works.
+#
+# Auth token gets saved into /p/c/subdir_files/.local/share/keyrings/
+#
+# initial config goes to /home/iank/.config/gh
+curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \
+ && sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \
+ && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null \
+ && sudo apt update \
+ && sudo apt install gh -y
+
+### end gh ####
+
+# remove trisquel banner. it is cool but takes up too much space.
+sudo rm -f /etc/update-motd.d/01-banner
+
case $HOSTNAME in
kw|x3)
sd /etc/cups/client.conf <<'EOF'
-ServerName printserver0.office.fsf.org
+ServerName printserver1.office.fsf.org
EOF
;;
esac