From: Ian Kelling Date: Mon, 17 Jul 2023 07:05:39 +0000 (-0400) Subject: mostly a bunch of fixes X-Git-Url: https://iankelling.org/git/?a=commitdiff_plain;h=1b4699d0e925e873b88137b1e07dfd24bac0ac49;p=distro-setup mostly a bunch of fixes --- diff --git a/bitfolk-chroot-install b/bitfolk-chroot-install index a28efee..cbcb47e 100755 --- a/bitfolk-chroot-install +++ b/bitfolk-chroot-install @@ -59,10 +59,10 @@ iface eth0 inet6 static gateway $ip6::1 post-up echo 0 > /proc/sys/net/ipv6/conf/default/accept_ra post-up echo 0 > /proc/sys/net/ipv6/conf/all/accept_ra - post-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra + post-up echo 0 > /proc/sys/net/ipv6/conf/\$IFACE/accept_ra post-up echo 0 > /proc/sys/net/ipv6/conf/default/autoconf post-up echo 0 > /proc/sys/net/ipv6/conf/all/autoconf - post-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf + post-up echo 0 > /proc/sys/net/ipv6/conf/\$IFACE/autoconf EOF cat >/etc/fstab <<'EOF' diff --git a/brc b/brc index f2793e8..7dfaefc 100644 --- a/brc +++ b/brc @@ -1055,6 +1055,10 @@ etail2() { } ccomp tail etail etail2 +# ran into this online, trying it out +detach() { + ( "$@" &>/dev/null & disown ) +} showkeys() { ssh "$@" cat .ssh/authorized_keys{,2} diff --git a/brc2 b/brc2 index 1be253a..86512de 100644 --- a/brc2 +++ b/brc2 @@ -1618,7 +1618,7 @@ lipush() { local p a # excluding emacs for now #p=(/a/opt/{emacs-debian11{,-nox},mu,emacs} /a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts}) - p=(/a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts}) + p=(/a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts} /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter) a="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes" ret=0 for h in li je bk; do @@ -1631,14 +1631,14 @@ lipush() { return $ret } bkpush() { # no emacs. for running faster. - p=(/a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts}) + p=(/a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts} /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter) a="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes" ret=0 m rsync "$@" $a ${p[@]} /p/c/machine_specific/bk root@bk.b8.nz:/ || ret=$? return $ret } jepush() { # no emacs. for running faster. - p=(/a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts}) + p=(/a/bin /a/exe /a/h /a/c /p/c/machine_specific/vps{,.hosts} /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter) a="-ahviSAXPH --specials --devices --delete --relative --exclude-from=/p/c/li-rsync-excludes" ret=0 m rsync "$@" $a ${p[@]} /p/c/machine_specific/je root@je.b8.nz:/ || ret=$? @@ -2448,7 +2448,7 @@ wghole() { e expected 2-3 arg of hostname, ip suffix, and extrahost >&2 return 1 fi - local host ipsuf umask_orig + local host ipsuf umask_orig vpn_allowed host=$1 ipsuf=$2 if [[ $3 ]]; then @@ -3634,7 +3634,7 @@ rem() { paths="/p/c /b" find $paths -not \( -name .svn -prune -o -name .git -prune \ -o -name .hg -prune -o -name .editor-backups -prune \ - -o -name .undo-tree-history -prune \) 2>/dev/null | grep -iP --color=auto "$*" + -o -name .undo-tree-history -prune \) 2>/dev/null | grep -iP --color=auto "$*" ||: rgv -m 5 "$*" $paths ||: } diff --git a/check-remote-mailqs b/check-remote-mailqs index 2e98521..fa3dbf8 100755 --- a/check-remote-mailqs +++ b/check-remote-mailqs @@ -11,7 +11,7 @@ shopt -s dotglob # temp disabled: x2wg kwwg # this list duplicated in brc2 ralerts -for h in bk je li frodo x3wg kdwg sywg; do +for h in bk je li x3wg kdwg sywg; do statedir=/b/bash_unpublished/mailq-state statefile=$statedir/$h [[ -d $statedir ]] || continue diff --git a/check-stale-alerts b/check-stale-alerts index 88fa096..f0d8481 100755 --- a/check-stale-alerts +++ b/check-stale-alerts @@ -6,7 +6,15 @@ if [[ ! -e /dev/shm/iank-status ]]; then fi eval $(< /dev/shm/iank-status) -out=$(find /var/local/cron-errors /home/iank/cron-errors /sysd-mail-once-state -type f) +dirs=() +for d in /var/local/cron-errors /home/iank/cron-errors /sysd-mail-once-state; do + if [[ -e $d ]]; then + dirs+=($d) + fi +done +if (( ${#dirs[@]} >= 1 )); then + out=$(find ${dirs[@]} -type f) +fi if [[ $out ]]; then echo HOSTNAME: $HOSTNAME printf "%s\n" "$out" diff --git a/conflink b/conflink index e20da6e..18a6ed8 100755 --- a/conflink +++ b/conflink @@ -114,7 +114,8 @@ common-file-setup() { # we dont want t, instead c for checksum. # That way we dont set times on directories. # -a = -rlptgoD - cmd=( s rsync -rclpgoDiSAX --chmod=Dg-s --chown=root:root + # -A is acls, implies -p + cmd=( s rsync -rclgoDiSAX --chmod=Dg-s --chown=root:root --exclude=/etc/dovecot/users --exclude='/etc/exim4/passwd*' --exclude='/etc/exim4/*.pem' diff --git a/distro-end b/distro-end index 593e91e..855f937 100755 --- a/distro-end +++ b/distro-end @@ -619,7 +619,7 @@ case $HOSTNAME in dnsb8 fi - s /c/roles/prom-export/files/simple/usr/local/bin/fsf-install-node-exporter -l + s /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter -l 127.0.0.1:9100 # ex for exporter web-conf -p 9101 -f 9100 - apache2 ${HOSTNAME}ex.b8.nz <<'EOF' @@ -1689,7 +1689,7 @@ sudo gpasswd -a $USER lpadmin # based on ubuntu wiki m /a/bin/buildscripts/go # only needed for rg. cargo takes up 11 gigs, filled up the disk on je. -#m /a/bin/buildscripts/rust +m /a/bin/buildscripts/rust m /a/bin/buildscripts/misc m /a/bin/buildscripts/pithosfly #m /a/bin/buildscripts/alacritty @@ -2007,7 +2007,7 @@ EOF ser restart prometheus-alertmanager fi - s /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter -l + s /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter -l 127.0.0.1:9100 for ser in prometheus-node-exporter prometheus-alertmanager prometheus; do sysd-prom-fail-install $ser @@ -2015,7 +2015,7 @@ EOF ;; *) - s /c/roles/prom-export/files/simple/usr/local/bin/fsf-install-node-exporter + s /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter ;; esac diff --git a/filesystem/usr/local/bin/myupgrade b/filesystem/usr/local/bin/myupgrade index 7973d67..b86e418 100755 --- a/filesystem/usr/local/bin/myupgrade +++ b/filesystem/usr/local/bin/myupgrade @@ -50,7 +50,14 @@ myreboot() { case $HOSTNAME in kd) - /a/bin/buildscripts/prometheus + /c/roles/prom/files/simple/usr/local/bin/fsf-install-prometheus + /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter -l 127.0.0.1 + ;; + li|bk|je) + /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter -l 127.0.0.1 + ;; + *) + /c/roles/prom_export/files/simple/usr/local/bin/fsf-install-node-exporter ;; esac diff --git a/machine_specific/kd/filesystem/etc/cron.d/kd b/machine_specific/kd/filesystem/etc/cron.d/kd index b2c2b45..2efa212 100644 --- a/machine_specific/kd/filesystem/etc/cron.d/kd +++ b/machine_specific/kd/filesystem/etc/cron.d/kd @@ -1,12 +1,11 @@ SHELL=/bin/bash PATH=/usr/bin:/bin:/usr/local/bin:/a/exe:/a/bin/fai MAILTO=root -0 6 * * 1,2,3,4,5 root failmail wrt-setup -y -45 7 * * 1,2,3,4,5 root failmail wrt-setup -z -0 9 * * 1,2,3,4,5 root failmail wrt-setup -y -# old rule, 9:10 -#10 21 * * 1,2,3,4,5 root failmail wrt-setup -z -0 17 * * 1,2,3,4,5 root failmail wrt-setup -z + +## weekdays +# 0 6 * * 1,2,3,4,5 root failmail wrt-setup -y +# 45 7 * * 1,2,3,4,5 root failmail wrt-setup -z +# 0 9 * * 1,2,3,4,5 root failmail wrt-setup -y # weekends #0 6 * * 6,7 root failmail wrt-setup -y diff --git a/mail-setup b/mail-setup index 8da3a65..9dd5259 100755 --- a/mail-setup +++ b/mail-setup @@ -536,7 +536,7 @@ EOF # Aug 02 21:59:27 sy systemd[1]: wg-quick@wgmail.service: Failed with result 'exit-code'. # Aug 02 21:59:27 sy systemd[1]: Failed to start WireGuard via wg-quick(8) for wgmail. # Aug 02 21:59:47 sy systemd[1]: wg-quick@wgmail.service: Scheduled restart job, restart counter is at 1. -# Aug 02 21:59:47 sy systemd[1]: Stopped WireGuard via wg-quick(8) for wgmail. +# Aug 02 21:95:47 sy systemd[1]: Stopped WireGuard via wg-quick(8) for wgmail. # Aug 02 21:59:47 sy systemd[1]: Starting WireGuard via wg-quick(8) for wgmail... # Aug 02 21:59:47 sy wg-quick[3424]: wg-quick: `wgmail' already exists # Aug 02 21:59:47 sy systemd[1]: wg-quick@wgmail.service: Main process exited, code=exited, status=1/FAILURE @@ -2232,13 +2232,12 @@ if [[ $HOSTNAME == bk ]]; then rm composer-setup.php # based on error when running composer - mkdir /var/www/.composer + mkdir -p /var/www/.composer chown www-data:www-data /var/www/.composer ### end composer install rcdirs=(/usr/local/lib/rcexpertpath /usr/local/lib/rcninja) - ncdirs=(/var/www/ncninja) ncdirs=(/var/www/ncexpertpath /var/www/ncninja) # point debian cronjob to our local install, preventing daily cron error @@ -2270,8 +2269,6 @@ if [[ $HOSTNAME == bk ]]; then rcdir=${rcdirs[i]} rcbase=${rcdir##*/} ncdir=${ncdirs[i]} - myncdir=/root/${ncdir##*/} - mkdir -p $myncdir # copied from debians cronjob u /etc/cron.d/$rcbase <$myncdir/tmp.php <$myncdir/tmp.php <config.php + e running php $myncdir/tmp.php + # note: we leave it around place for debugging + # shellcheck disable=SC2024 # intended + sudo -u www-data php $myncdir/tmp.php >config.php + fi cd $ncdir m sudo -u www-data php occ maintenance:update:htaccess list=$(sudo -u www-data php $ncdir/occ --output=json_pretty app:list) @@ -2670,7 +2674,7 @@ cd /var/www/$ncbase m php /var/www/$ncbase/updater/updater.phar -n # throw a sleep in just because who knows what else is undocumented sleep 5 -./occ upgrade +m php occ upgrade EOFOUTER chmod +x /usr/local/bin/ncup