sd() {
- sudo dd of="$1" 2>/dev/null
+ sudo dd status=none of="$1"
}
ser() {
fi
##### make extra dirs
-dirs=(/mnt/{1,2,3,4,5,6,7,8,9} /nocow/t /bu/md /bu/md/{cur,tmp,new} /bu/mnt)
-sudo mkdir -p "${dirs[@]}"
-# allow to fail because they could have read-only mounts on them
-sudo chown $USER:$USER "${dirs[@]}" ||:
+dirs=()
+for dir in /mnt/{1,2,3,4,5,6,7,8,9} /nocow/t /bu/md /bu/md/{cur,tmp,new} /bu/mnt; do
+ [[ -e $dir ]] && continue
+ dirs+=($dir)
+done
+if (( ${#dirs[@]} )); then
+ # mkdir -p on a mounted directory will fail. so will chown if its an ro mount
+ sudo mkdir -p "${dirs[@]}"
+ sudo chown $USER:$USER "${dirs[@]}"
+fi
+
# disabled temporarily
###### setup /i
sudo rm -fv /etc/apache2/sites-enabled/mumble.iankelling.org
# general vpn for as needed use
- vpn-server-setup -d -r -4 10.2.2 -p 443 -n hole
+ vpn-server-setup -d -r -4 10.5.5 -p 443 -n hole
sd /etc/openvpn/client-config-hole/kw <<'EOF'
-ifconfig-push 10.2.2.9 255.255.255.0
+ifconfig-push 10.5.5.9 255.255.255.0
EOF
sd /etc/openvpn/client-config-hole/x3 <<'EOF'
-ifconfig-push 10.2.2.8 255.255.255.0
+ifconfig-push 10.5.5.8 255.255.255.0
EOF
sd /etc/openvpn/client-config-hole/x2 <<'EOF'
-ifconfig-push 10.2.2.7 255.255.255.0
+ifconfig-push 10.5.5.7 255.255.255.0
EOF
sd /etc/openvpn/client-config-hole/wclient <<'EOF'
-ifconfig-push 10.2.2.6 255.255.255.0
+ifconfig-push 10.5.5.6 255.255.255.0
EOF
sd /etc/openvpn/client-config-hole/frodo <<'EOF'
-ifconfig-push 10.2.2.5 255.255.255.0
+ifconfig-push 10.5.5.5 255.255.255.0
EOF
sd /etc/openvpn/client-config-hole/amy <<'EOF'
-ifconfig-push 10.2.2.3 255.255.255.0
+ifconfig-push 10.5.5.3 255.255.255.0
EOF
sd /etc/openvpn/client-config-hole/kd <<'EOF'
-ifconfig-push 10.2.2.2 255.255.255.0
+ifconfig-push 10.5.5.2 255.255.255.0
EOF
#vpn-mk-client-cert -s "" -n hole 72.14.176.105
frodo)
tdir=/i/k
;;
+ kd)
+ tdir=/d/tor
+ ;;
*)
tdir=/nocow/user
;;
"peer-port" => 61486,
"cache-size-mb" => 256,
"ratio-limit" => 5.0,
-"ratio-limit-enabled" => true,
+"ratio-limit-enabled" => false,
})) + "\n")
EOF
-####### end transmission
-
+####### end transmission
case $HOSTNAME in
kd)
+ # to persist upload/dl metadata. initially, moved all the stuff
+ # in /var/lib/transmission-daemon to /d/tor
+ s usermod --home /d/tor debian-transmission
sgo transmission-daemon-nn
;;
esac
if [[ $HOSTNAME != frodo ]]; then
s cedit hole /etc/hosts <<EOF ||:
-10.2.2.3 amy amy.b8.nz
-10.2.2.5 frodo frodo.b8.nz
-10.2.2.6 wclient wclient.b8.nz
+10.5.5.3 amy amy.b8.nz
+10.5.5.5 frodo frodo.b8.nz
+10.5.5.6 wclient wclient.b8.nz
EOF
fi
cur6="$(host -4 -t aaaa $fqdn iankelling.org | sed -rn 's/.*has IPv6 address (.*)/\1/p;T;q')" ||:
up6=false
-# maybe we dont have ipv6 working
-if out6=$(curl -s6 https://iankelling.org/cgi/pubip) && [[ $out6 ]]; then
+
+out6=$(curl -s6 https://iankelling.org/cgi/pubip) ||: # failure allowed if we have no ipv6
+
+if [[ $out6 ]]; then
dev=$(ip -o a show to $out6 | awk '{print $2}')
# we use slaac with privacy extension, so get our less private more permanent address
mac=$(cat /sys/class/net/$dev/address)
if ! ip a | grep "^ *inet6 $ip6/" &>/dev/null; then
ip6=$out6
fi
- if [[ $cur6 != $ip6 ]]; then
- up6=true
- fi
fi
+if [[ $cur6 != $ip6 ]]; then
+ up6=true
+fi
if ! $up4 && ! $up6; then
exit 0
fi
if $up6; then
- cat >>$f <<EOF
+ if [[ $ip6 ]]; then
+ cat >>$f <<EOF
update delete $fqdn. AAAA
update add $fqdn. 60 AAAA $ip6
EOF
-else
- cat >>$f <<EOF
+ else
+ cat >>$f <<EOF
update delete $fqdn. AAAA
EOF
+ fi
fi
cat >>$f <<EOF
--- /dev/null
+transaction_syslog local7
+
+lockfile /var/lock/btrbk-rust.lock
+
+timestamp_format long-iso
+
+snapshot_create onchange
+
+snapshot_preserve 18h 14d 8w 12m
+snapshot_preserve_min 2h
+snapshot_dir btrbk
+
+target_preserve 18h 14d 8w 12m
+target_preserve_min 2h
+
+rate_limit no
+volume /mnt/r6
+subvolume d
+target send-receive /mnt/rust/btrbk
--- /dev/null
+[Unit]
+Description=Btrbk to rust
+After=multi-user.target
+
+[Service]
+Type=oneshot
+ExecStart=/a/bin/log-quiet/sysd-mail-once btrbkrust btrbk -c /etc/btrbk/rust.conf run
--- /dev/null
+[Unit]
+Description=Btrbk rust timer
+
+[Timer]
+OnCalendar=*-*-* 05:00:00
+
+[Install]
+WantedBy=timers.target
# todo: auto restart of je on checkrestart
-# todo: remove old files from bk:/m/md/expertpathologyreview.com/testignore/cur
-
# todo: run mailping test after running, or otherwise
# clear out terminal alert
-# todo: in err can we print out variables?
-
-# todo setup better backup/sync of MAIL_HOST emails
-
# todo: reinstall bk with bigger filesystem
# todo: on bk, dont send email if mailvpn is not up
# this is just a bug fix for trisquel.
f=/etc/apparmor.d/usr.sbin.unbound
-line="/usr/sbin/unbound flags=(attach_disconnected) {"
-if ! grep -qFx "$line" $f; then
- badline="/usr/sbin/unbound {"
- if ! grep -qFx "$badline" $f; then
- err expected line in $f not found
+if [[ $f ]]; then
+ line="/usr/sbin/unbound flags=(attach_disconnected) {"
+ if ! grep -qFx "$line" $f; then
+ badline="/usr/sbin/unbound {"
+ if ! grep -qFx "$badline" $f; then
+ err expected line in $f not found
+ fi
+ sed -i "s,^$badline$,$line," $f
+ m systemctl reload apparmor
fi
- sed -i "s,^$badline$,$line," $f
- m systemctl reload apparmor
fi
# note: anything added to nn_progs needs corresponding rm
iankelling.org / git / distro-setup / commitdiff