After install, btrbk to setup data, and then distro-begin && distro end.
See notes in distro-begin for other configuration.
+# Per distro install/config
+
+./fai/config/package_config/CLASS.gpg
+
# Prerequesites:
<https://savannah.nongnu.org/git/?group=bash-bear-trap>
--- /dev/null
+#!/bin/bash
+# I, Ian Kelling, follow the GNU license recommendations at
+# https://www.gnu.org/licenses/license-recommendations.en.html. They
+# recommend that small programs, < 300 lines, be licensed under the
+# Apache License 2.0. This file contains or is part of one or more small
+# programs. If a small program grows beyond 300 lines, I plan to change
+# to a recommended GPL license.
+
+# Copyright 2024 Ian Kelling
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+# http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# usage: wrt-reip PATTERN
+# Removes pattern from dnsmasq leases file and restart dnsmasq.
+# PATTERN should generally be an ip or a mac.
+
+pattern=$1
+
+exit_code=0
+
+m() {
+ printf "%s\n" "$*";
+ "$@"
+}
+
+m /etc/init.d/dnsmasq stop
+
+tmp=/tmp/dhcp.leases.iank
+sed "/$pattern/d" /tmp/dhcp.leases >$tmp
+
+if (( $(wc -l /tmp/dhcp.leases | awk '{print $1}') - 1 == $(wc -l $tmp | awk '{print $1}') )); then
+ echo "info: found one less line after removing $pattern. installing new leases file"
+ cp /tmp/dhcp.leases /tmp/dhcp.leases.iank-backup
+ cat $tmp >/tmp/dhcp.leases
+ m rm -f $tmp
+else
+ exit_code=1
+ cat <<EOF
+error: unexpected line count in /tmp/dhcp.leases.iank"
+try diffing /tmp/dhcp.leases{,.iank}
+EOF
+fi
+
+m /etc/init.d/dnsmasq start
+
+m exit $exit_code
INCLUDE_ETIONA=ifupdown
INCLUDE_NABIA=ifupdown
INCLUDE_ARAMO=ifupdown
+INCLUDE_ECNE=ifupdown
setarch() {
# Set UTC=yes if your system clock is set to UTC (GMT), and UTC=no if not.
UTC=yes
## changed from upstream. found in /usr/share/zoneinfo/, via fai-guide
-TIMEZONE=US/Eastern
+TIMEZONE=America/New_York
# errors in tasks greater than this value will cause the installation to stop
STOP_ON_ERROR=700
# -c config only, don't tell networkmanager to change anything
# -f force interface reup
+# shellcheck disable=SC2317 # false positive
+
if ! test "$BASH_VERSION"; then echo "error: shell is not bash" >&2; exit 1; fi
shopt -s inherit_errexit 2>/dev/null ||: # ignore fail in bash < 4.4
set -eE -o pipefail
if ! type -p dig &>/dev/null; then
- apt-get install dig
+ apt-get -y install dig
+fi
+
+if ! type -p ethtool &>/dev/null; then
+ apt-get -y install ethtool
fi
+
get-cur
## end common setup / detection ##
--- /dev/null
+Package: *
+Pin: release n=noble,o=Ubuntu
+Pin-Priority: -100
--- /dev/null
+Package: firefox firefox-*
+Pin: release o=linuxmint
+Pin-Priority: 500
+
+Package: firefox firefox-*
+Pin: release o=ubuntu
+Pin-Priority: -20
+
+Package: *
+Pin: release o=linuxmint
+Pin-Priority: -20
deb-src http://archive.ubuntu.com/ubuntu/ noble-security main universe multiverse
deb-src http://archive.ubuntu.com/ubuntu/ noble-updates main universe multiverse
deb-src http://archive.ubuntu.com/ubuntu/ noble-backports main universe
+deb http://packages.linuxmint.com wilma upstream
#! /bin/bash
-# mk-basefile doesn't use the -updates suite, then we unpack it, then we
-# install sources.list that has -updates and we install random
-# packages. It might avoid a problem if we a dist-upgrade first.
-
-$ROOTCMD apt-get update
-$ROOTCMD apt-get -y dist-upgrade --purge --auto-remove
-
# https://lists.uni-koeln.de/pipermail/linux-fai/2016-July/011398.html
# In Ubuntu 16.04 (but not 14.04), the locales configuration mechanism has
# changed. There is a /var/lib/dpkg/info/locales.config file, which
# hook applies the debconf setting. It must run after FAI's debconf task
# but before dpkg gets a chance to clobber debconf with an empty setting.
+# todo: debconf-get-selections did not show our locale settings.
+#
+# this could be related in the fai.log
+#
+#Calling task_debconf
+# Adding debconf data from /var/lib/fai/config/debconf/DEBIAN
+# Reconfiguring package keyboard-configuration
+# Your console font configuration will be updated the next time your system
+# boots. If you want to update it now, run 'setupcon' from a virtual console.
+# debconf: DbDriver "_ENV_stack": unable to save changes to: console-setup/ask_detect keyboard-configuration/model keyboard-configuration/model keyboard-configuration/modelcode keyboard-configuration/variant keyboard-configuration/variant keyboard-configuration/optionscode keyboard-configuration/store_defaults_in_debconf_db
+# todo fix the dropbear cat not found issue.
+#
+#
if [ ! -f "$target/var/lib/locales/supported.d/local" ]; then
- $ROOTCMD debconf --owner=locales sh -c '
+ if $ROOTCMD debconf --owner=locales sh -c '
. /usr/share/debconf/confmodule
db_version 2.0
db_get locales/locales_to_be_generated &&
mkdir -p /var/lib/locales/supported.d &&
- echo "$RET" > /var/lib/locales/supported.d/local' &&
+ echo "$RET" > /var/lib/locales/supported.d/local'; then
$ROOTCMD dpkg-reconfigure locales
+ fi
fi
+
+
+# mk-basefile doesn't use the -updates suite, then we unpack it, then we
+# install sources.list that has -updates and we install random
+# packages. It might avoid a problem if we a dist-upgrade first.
+
+$ROOTCMD apt-get update
+$ROOTCMD apt-get -y dist-upgrade --purge --auto-remove
lsof
man-db
manpages
-mime-support
+# this split into mailcap and media-types in t12,
+# dunno that i need either of them at this stage
+#mime-support
ncurses-term
openssh-client
pciutils
fi
# use networkmanager if this host has wireless.
-if [[ $(iw dev) ]]; then
+if [[ $(iw dev) || $HOSTNAME == so ]]; then
$ROOTCMD bash -xe <<EOF
apt-get -y install network-manager
EOF
# allow networkmanager to manage interfaces
#https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1638842
- touch $target/etc/NetworkManager/conf.d/10-globally-managed-devices.conf
+ # touch $target/etc/NetworkManager/conf.d/10-globally-managed-devices.conf
+ #
+ # in 24.04, netplan takes over and nm won't automatically connect any
+ # ethernet devices. Ya, man NetworkManager helpfully suggests the
+ # config setting device*.managed=1, but of course that isn't REAL
+ # setting, you go to man NetworkManager.conf and find that every
+ # setting has a section. So what section is that setting in? It
+ # doesn't tell you. You have to figure out that it is implied that a
+ # setting x.y means section x, setting y. Ok, but what section is
+ # device*? that isn't documented in the man page either (at least not
+ # properly). But if you read closely, you can intuit that device* is
+ # likely a valid section and then try it. Might as use this same magic
+ # config file name since it is supposed to exist, but I have no idea
+ # if it is still magic. note: In figuring this out, I also removed
+ # /etc/netplan/*, which seemed to have no effect. dunno if it matters.
+ cat >$target/etc/NetworkManager/conf.d/10-globally-managed-devices.conf <<'EOF'
+[device*]
+managed=1
+EOF
# in a default desktop install, it looks like netplan creates this file under
# run/NetworkManager/conf.d in early boot.
echo "$0: h=$h"
# todo: ecdsa key not working with dropbear
cat ~/.ssh/{h,hrsa,home}.pub | ssh $h dd of=/etc/dropbear/authorized_keys
-scp /a/work/libremanage/libremanage /a/bin/fai/wrt-init /a/bin/fai/wrt-setup-local /a/bin/cedit/cedit $h:/usr/bin
+scp /a/work/libremanage/libremanage /a/bin/fai/wrt-init /a/bin/fai/wrt-setup-local /a/bin/fai/dnsmasq-end-lease /a/bin/cedit/cedit $h:/usr/bin
# relay is built for openwrt 18.06.2, r7676-cddd7b4c77
#/a/opt/openwrt/source/bin/packages/mips_24kc/mypackages/relay_1.0-1_mips_24kc.ipk \
scp /q/root/shadow/router /p/c/machine_specific/wrt/etc/dropbear/dropbear_rsa_host_key \
- /p/router-secrets /p/c/machine_specific/wrt/etc/wg.{key,psk} /p/c/ptr-data /p/c/{dnsmasq,cmc-firewall}-data /b/bash-bear-trap/bash-bear $h:
+ /p/router-secrets /p/c/machine_specific/wrt/etc/wg.{key,psk} /p/c/{ptr,dnsmasq,cmc-firewall}-data /b/bash-bear-trap/bash-bear $h:
scp ../openwrtkeyring/usign/* $h:/etc/opkg/keys
ssh $h wrt-init ${HOME_DOMAIN:-b8.nz} "$@"
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+# shellcheck disable=SC1091 # somewhat dynamic
set -e; . /usr/local/lib/bash-bear; set +e
ssid=${rssid[$h]}
fi
-: ${ssid:=librecmc}
+: "${ssid:=librecmc}"
if $secrets; then
esac
{
+ # shellcheck source=/p/c/cmc-firewall-data
. /root/cmc-firewall-data
cat <<EOF
## begin no external dns for ziva
qname-minimisation: yes
rrset-roundrobin: yes
use-caps-for-id: yes
-do-ip6: no
+do-ip6: yes
private-domain: b8.nz
local-zone: "10.in-addr.arpa." transparent
access-control-view: 10.2.0.31/32 "youtube"
{
+ # shellcheck source=/p/c/ptr-data
. /root/ptr-data
cat <<EOF
{
# generated with host-info-update
+ # shellcheck source=/p/c/dnsmasq-data
. /root/dnsmasq-data
cat <<EOF
# no dns
iankelling.org / git / automated-distro-installer / commitdiff