else
cd /
cmd="schroot -c bookworm chromium"
- CHROMIUM_FLAGS='--enable-remote-extensions' $cmd & r
+ CHROMIUM_FLAGS='--enable-remote-extensions' $cmd "$@" & r
fi
}
}
host-info-all() {
- host-info-update
+ hiup
bindpushb8
# for wireguard configs
-
## for updating host info like ip, location, update /p/c/host-info and
-## host_info below. the host_info array should probably be in its own
-## file that gets sourced so that it can be more easily updated.
+## /p/c/domain-info.
# todo: this is so long that it becomes confusing,
# try to split it up.
#
# To make some changes take effect, run host-info-all.
-host-info-update() {
+# hiup = host info update
+hiup() {
- local -A vpn_ips host_ips host_macs portfw_ips nonvpn_ips all_ips
+ # incomplete local vars list
+ local usb ip host mac opts
+ local -A vpn_ips host_ips host_macs portfw_ips nonvpn_ips all_ips root_hosts_a
local -a root_hosts nonroot_hosts
# the hosts with no mac
# opt parsing
vpn=false
root=false
+ usb=false
for opt in $opts; do
case $opt in
user=root)
esac
done
+ if [[ $mac == usb ]]; then
+ usb=true
+ fi
+
+
all_ips[$host]=$ip
- if $vpn; then
+ if $vpn || $usb; then
portfw_ips[$host]=$ip
+ fi
+ if $vpn; then
vpn_ips[$host]=$ip
else
nonvpn_ips[$host]=$ip
# hack to please emacs parser
here_begin="cat <<EOF"
echo "$here_begin"
- for host in ${!vpn_ips[@]}; do
- ipsuf=${vpn_ips[$host]}
+ for host in ${!portfw_ips[@]}; do
+ ipsuf=${portfw_ips[$host]}
i_port=$(( 2200 + ipsuf ))
cat <<EOF
config redirect
# shellcheck disable=SC2016 # shellcheck doesnt know this is sed
sedi '/edits below here are made automatically/,$d' /p/c/machine_specific/li/filesystem/etc/wireguard/wgmail.conf
+
for host in ${!vpn_ips[@]}; do
if [[ ${root_hosts_a[$host]} ]]; then
# root machines dont actually need vpn, but
EOF
done
+ for host in ${!vpn_ips[@]}; do
+ if [[ ${root_hosts_a[$host]} ]]; then
+ continue
+ fi
+ ipsuf=${vpn_ips[$host]}
+ cat <<EOF
+[Peer]
+PublicKey = $(cat /p/c/machine_specific/$host/filesystem/etc/wireguard/hole-pub.key)
+AllowedIPs = 10.8.0.$ipsuf/32,10.174.${vpn_ips[$host]}.2/32
+EOF
+ done | cedit /p/c/machine_specific/li/filesystem/etc/wireguard/wgmail.conf || [[ $? == 1 ]]
+
{
echo "cat <<EOF"
for host in ${!host_ips[@]}; do
# usage host ipsuf [extrahost]
#
-# If the keys already exist and you want new ones, remove them:
-# rm /p/c/machine_specific/$host/filesystem/etc/wireguard/hole-{priv,pub}.key
+# This doesn't do all the work, hiup is also needed, as it sets up
+# config on li.
#
# extrahost is a host/cidr that is allowed to go be routed through the
# vpn by this host.
umask $umask_orig
# old approach. systemd seems to work fine and cleaner.
rm -f ../network/interfaces.d/wghole
- cedit -q $host /p/c/machine_specific/li/filesystem/etc/wireguard/wgmail.conf <<EOF || [[ $? == 1 ]]
-[Peer]
-PublicKey = $(cat hole-pub.key)
-AllowedIPs = 10.8.0.$ipsuf/32,10.174.${vpn_ips[$host]}.2/32
-EOF
)
}
+++ /dev/null
-#!/bin/bash
-
-set -e
-
-# https://docs.docker.com/engine/install/ubuntu/
-
-# Add Docker's official GPG key:
-sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
-sudo chmod a+r /etc/apt/keyrings/docker.asc
-
-# Add the repository to Apt sources:
-echo \
- "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
- $(debian-codename-compat) stable" | \
- sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
-sudo apt-get update
-
-
-
-p update
-
-
-# docker eats up a fair amount of cpu when doing nothing, so don't enable it unless
-# we really need it.
-pi-nostart docker-ce
-# case $HOSTNAME in
-# li|lj) sgo docker ;;
-# *)
-# # and docker is even more crap, it ignores that it shouldnt start
-# ser stop docker
-# ser disable docker
-# ;;
-# esac
-### end docker install ####
iankelling.org / git / distro-setup / commitdiff