# See the License for the specific language governing permissions and
# limitations under the License.
+this_file="$(readlink -f -- "${BASH_SOURCE[0]}")"
+readonly this_file this_dir="${this_file%/*}"
+[[ $EUID == 0 ]] || exec sudo -E "$this_file" "$@"
source /a/bin/bash-bear-trap/bash-bear
err-cleanup() {
- echo 1 >~/.local/conflink
+ echo 1 >/var/local/conflink
}
+shopt -s nullglob
+shopt -s extglob
+shopt -s dotglob
+
usage() {
cat <<EOF
}
-s() { sudo "$@"; }
m() {
"$@"
}
"$@"
}
-lnf() { /a/exe/lnf "$@"; }
-
-
-
-##### begin command line parsing ########
-
-# ensure we can handle args with spaces or empty.
-ret=0; getopt -T || ret=$?
-[[ $ret == 4 ]] || { echo "Install util-linux for enhanced getopt" >&2; exit 1; }
-
-fast=false
-verbose=false
-temp=$(getopt -l help hvf "$@") || usage 1
-eval set -- "$temp"
-while true; do
- case $1 in
- -v) verbose=true ;;
- -f) fast=true ;;
- -h|--help) usage ;;
- --) shift; break ;;
- *) echo "$0: unexpected args: $*" >&2 ; usage 1 ;;
- esac
- shift
-done
-readonly fast verbose
-
-##### end command line parsing ########
+lnf() { sudo -u $user /a/exe/lnf "$@"; }
-tmpf=$(mktemp)
-if $fast; then
- lnf() { ln -sf "$@"; }
-fi
-
-if $verbose; then
- m() {
- echo "$*"
- "$@"
- }
-fi
-
-shopt -s nullglob
-shopt -s extglob
-shopt -s dotglob
-
# If we make a link back to the root, we stop going deeper into subdir_files.
# This makes it so we can do subdir directories. eg
# /p/c/subdir_files/.config/gajim -> ../../gagim
local fullpath
fullpath="$(readlink -f "$path")"
if [[ -f $path || $(dirname "$fullpath") == "$below" ]]; then
- lnf -T "$path" "$HOME/${path#"$root/"}"
+ lnf -T "$path" "/home/$user/${path#"$root/"}"
elif [[ -d "$path" ]]; then
subdir-link-r "$root" "$path"
fi
fi
link_glob=( $dir/!(binds|subdir_files|filesystem|machine_specific|..|.|.#*) )
(( ${#link_glob[@]} >= 1 )) || continue
- lnf ${link_glob[@]} ~
+ lnf ${link_glob[@]} /home/$user
done
-
}
old-files-cleanup() {
if [[ -e $f ]]; then
v systemctl stop $t.timer
v systemctl disable $t.timer
- s rm -fv $f
+ rm -fv $f
reload_systemd=true
fi
done
# old 2022-04
if [[ -e /etc/cron.daily/check-lets-encrypt-ssl-settings ]]; then
- s rm -f /etc/cron.daily/check-lets-encrypt-ssl-settings
+ rm -f /etc/cron.daily/check-lets-encrypt-ssl-settings
fi
# conversion from whole folder subdir to individual files.
if [[ -L /home/iank/.config/copyq ]]; then
fi
done
if (( ${#paths[@]} >= 1 )); then
- s find "${paths[@]}" "$@"
+ find "${paths[@]}" "$@"
fi
}
#### end function definitions, begin main script ####
+##### begin command line parsing ########
+
+# ensure we can handle args with spaces or empty.
+ret=0; getopt -T || ret=$?
+[[ $ret == 4 ]] || { echo "Install util-linux for enhanced getopt" >&2; exit 1; }
+
+fast=false
+verbose=false
+temp=$(getopt -l help hvf "$@") || usage 1
+eval set -- "$temp"
+while true; do
+ case $1 in
+ -v) verbose=true ;;
+ -f) fast=true ;;
+ -h|--help) usage ;;
+ --) shift; break ;;
+ *) echo "$0: unexpected args: $*" >&2 ; usage 1 ;;
+ esac
+ shift
+done
+readonly fast verbose
+
+##### end command line parsing ########
+
+tmpf=$(mktemp)
+if $fast; then
+ lnf() { sudo -u $user ln -sf "$@"; }
+fi
+
+if $verbose; then
+ m() {
+ echo "$*"
+ "$@"
+ }
+fi
+
+# todo: if we start using user2, make this get set
+# by SUDO_USER or command line arg
+user=iank
-user=$(id -un)
all_dirs=({/a/bin/ds,/p/c}{,/machine_specific/$HOSTNAME})
# note, we assume a group of hosts does not have the
# same name as a single host, which is no problem on our scale.
fi
done
- cmd=( s rsync -rclgoDiSAX --chown=root:root
+ cmd=( rsync -rclgoDiSAX --chown=root:root
--exclude=/etc/dovecot/users
--exclude='/etc/exim4/passwd*'
--exclude='/etc/exim4/*.pem'
case $HOSTNAME in
kd)
if systemctl is-active prometheus &>/dev/null; then
- v s systemctl reload prometheus
+ v systemctl reload prometheus
fi
;;
esac
done <$tmpf
if $reload_systemd; then
- v s systemctl daemon-reload
+ v systemctl daemon-reload
fi
for service in ${!restart_services[@]}; do
if systemctl is-active $service >/dev/null; then
- v s systemctl restart $service
+ v systemctl restart $service
fi
done
#### begin special extra stuff ####
- install -d -m700 ~/gpg-agent-socket
+ install -d -oiank -giank -m700 /home/iank/gpg-agent-socket
if [[ -e /p/c/user-specific/prometheus ]]; then
if getent passwd prometheus &>/dev/null; then
- v s rsync -clpgoDiSAX --chmod=g+r --chown=root:prometheus /p/c/user-specific/prometheus/prometheus-pass /etc
- v s rsync -clpgoDiSAX --chmod=g+r --chown=root:prometheus /p/c/user-specific/prometheus/prometheus/ssl/* /etc/prometheus/ssl
+ v rsync -clpgoDiSAX --chmod=g+r --chown=root:prometheus /p/c/user-specific/prometheus/prometheus-pass /etc
+ v rsync -clpgoDiSAX --chmod=g+r --chown=root:prometheus /p/c/user-specific/prometheus/prometheus/ssl/* /etc/prometheus/ssl
fi
fi
if [[ -e /p/c/user-specific/www-data ]]; then
if getent passwd www-data &>/dev/null; then
- v s rsync -clpgoDiSAX --chmod=g+r --chown=root:www-data /p/c/user-specific/www-data/* /etc
+ v rsync -clpgoDiSAX --chmod=g+r --chown=root:www-data /p/c/user-specific/www-data/* /etc
fi
fi
if [[ -e /p/c/user-specific/znc ]]; then
if getent group znc &>/dev/null; then
- v s rsync -rclpgoDiSAX --chown=znc:znc /p/c/user-specific/znc/ /var/lib/znc
+ v rsync -rclpgoDiSAX --chown=znc:znc /p/c/user-specific/znc/ /var/lib/znc
fi
fi
# "var/lib/bind/dsset-*"
if [[ -e /p/c/user-specific/bind ]]; then
if getent group bind &>/dev/null; then
- v s rsync -clpgoDiSAX --chmod=g+r --chown=root:bind /p/c/user-specific/bind/etc/bind/* /etc/bind
- v s rsync -clpgoDiSAX --chmod=g+r --chown=root:bind /p/c/user-specific/bind/var/lib/bind/* /var/lib/bind
+ v rsync -clpgoDiSAX --chmod=g+r --chown=root:bind /p/c/user-specific/bind/etc/bind/* /etc/bind
+ v rsync -clpgoDiSAX --chmod=g+r --chown=root:bind /p/c/user-specific/bind/var/lib/bind/* /var/lib/bind
fi
fi
# this folder strangely requires ownership as icecast2 (and icecast2 group is icecast without the 2).
if [[ -d /etc/icecast2 && -e /p/c/user-specific/icecast ]]; then
- v s rsync -clgoDiSAX --chmod=g+r --chown=root:icecast /p/c/user-specific/icecast2/icecast.xml /etc/icecast2
+ v rsync -clgoDiSAX --chmod=g+r --chown=root:icecast /p/c/user-specific/icecast2/icecast.xml /etc/icecast2
fi
# disabled
# fi
##### end special extra stuff #####
- if ! $fast; then
- s -H -u user2 "${BASH_SOURCE[0]}"
- fi
+ ## disabled, not using user2 for anything atm.
+ ## to enable this, we would need to create
+ ## a command line flag to set the target user.
+ # if ! $fast; then
+ # sudo -H -u user2 "${BASH_SOURCE[0]}"
+ # fi
- mkdir -p ~/.local
- echo 0 >~/.local/conflink
+ echo 0 >/var/local/conflink
# impatiently fixup system-status chars.
f=/a/bin/distro-setup/system-status
if [[ -x $f ]]; then
- $f _
+ sudo -u iank $f _
fi
;;
iankelling.org / git / distro-setup / commitdiff