From: Ian Kelling Date: Thu, 2 Mar 2023 01:34:05 +0000 (-0500) Subject: catchup with lots of updates X-Git-Url: https://iankelling.org/git/?a=commitdiff_plain;h=2734f99556feff8f8861a193d77c438ac9b8aa11;p=buildscripts catchup with lots of updates --- diff --git a/bbb b/bbb new file mode 100755 index 0000000..73aac2a --- /dev/null +++ b/bbb @@ -0,0 +1,62 @@ +#!/bin/bash + +# misc interesting: +# https://github.com/sergeyksv/tingodb + + +#### begin bbb-docker-dev setup +mkc /a/opt/bbb-docker-dev-setup/ +ln -s $PWD ~ + + +### begin vm setup, a/v didnt work, probably a nat issue + +s virsh dumpxml ubuntu20.04-clone-bbb | gr mac +# use mac +virsh net-update default add ip-dhcp-host "" --live --config + +virsh start ubuntu20.04-clone-bbb + +iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 16384:32768 -j DNAT --to 192.168.122.17:16384-32768 +iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j DNAT --to 192.168.122.17:80 +iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 443 -j DNAT --to 192.168.122.17:443 +# based on https://serverfault.com/a/1083813 +iptables -I LIBVIRT_FWI -o virbr0 -d 192.168.122.17 -m conntrack --ctstate DNAT,RELATED,ESTABLISHED -j ACCEPT +# alternate would be to have matching rule like this: +#iptables -D LIBVIRT_FWI -o virbr0 -p tcp -d 192.168.122.17 --dport 443 -j ACCEPT +# the accept rule here doesnt work without -i, and it is in the wrong chain. +# https://wiki.libvirt.org/page/Networking#Forwarding_Incoming_Connections + + +# on router, forward 80, 443 and these: + +cat <<'EOF' +config redirect +option name bbbudp +option src wan +option src_dport 16384:32768 +option dest lan +option dest_ip $l.7 +option proto udp +config rule +option src wan +option target ACCEPT +option dest_port 16384:32768 +option proto udp +EOF + + +wget -qO- https://ubuntu.bigbluebutton.org/bbb-install-2.5.sh | bash -sxe -- -v focal-250 -s i.b8.nz -e letsencrypt@b8.nz -a -g + + + + +### failed systemd-nspawn steps (docker doesnt work inside) + +mkschroot -s /a/bin/fai/fai/config/files/etc/apt/sources.list.d/focal.list/FOCAL focal +s ln -s /nocow/schroot/focal /var/lib/machines +https://docs.bigbluebutton.org/2.5/install.html +apt-get install -y language-pack-en +update-locale LANG=en_US.UTF-8 +s systemd-nspawn -b -M focal --bind /a +s sed -i 's/^/#/' /etc/apache2/ports.conf diff --git a/emacs b/emacs index b9cc53b..f4444f8 100755 --- a/emacs +++ b/emacs @@ -97,6 +97,7 @@ last_build=$dir/iank-emacs-build dirs=($dir $dir-nox) +m cd /a/opt/emacs if [[ -e $dir ]]; then m cd $dir @@ -104,12 +105,12 @@ if [[ -e $dir ]]; then head=$(git rev-parse HEAD) if ! $recompile && ! $bootstrap && [[ $rev == "$head" ]]; then echo "already compiled, exiting" + exit 0 fi if [[ $rev != "$head" ]]; then bootstrap=true fi else - m cd /a/opt/emacs head=$(git rev-parse HEAD) bootstrap=true fi @@ -211,7 +212,6 @@ if $recompile; then fi nox=true done - echo $head >$last_build else m cd ${dirs[0]} logq sudo make install @@ -225,37 +225,6 @@ fi # from its HACKING file -cd /a/opt/mu - -last_build=$PWD/iank-mu-build - -rev=$(cat $last_build 2>/dev/null) ||: -head=$(git rev-parse HEAD) - -if [[ $(debian-codename) == flidas ]]; then - # use the flidas branch, stuck behind because - # needs newer crypt libraries that are too troublesome. - cd /a/opt/muflidas -else - # libgmime-3.0-dev is a newer version than build-dep installs for buster - m sudo apt-get -y install --purge --auto-remove libgmime-3.0-dev meson -fi -if $recompile || [[ $rev != "$head" ]]; then - m git clean -xfffd - m ./autogen.sh && make -j`nproc` - # note uninstall is implemented - m sudo make install - echo $head >$last_build -else - # Workaround for some indecipherable build error - # that only happens after syncing the mu dir and not building from - # scratch. It seems there is some state somewhere, like ~/.local - # that doesn't get copied. Found the workaround by reading the Makefile, - # then doing a more verbose build with: - # ninja -C $PWD/build -v -d explain - sudo touch -d @$(($(stat -c%Y build/build.ninja) - 100)) /usr/local/bin/emacs - m sudo make install -fi if $recompile; then # note, not totally sure its right to put this within recompile, but its taking up most of the time, so going for it. @@ -286,3 +255,5 @@ fi # logq make my-update-info-dir + +echo $head >$last_build diff --git a/esniper b/esniper new file mode 100755 index 0000000..a9bf588 --- /dev/null +++ b/esniper @@ -0,0 +1 @@ +#!/bin/bash diff --git a/go b/go index 547a134..d948b9d 100755 --- a/go +++ b/go @@ -9,16 +9,51 @@ if [ -z "$BASH_VERSION" ]; then echo "error: shell is not bash" >&2; exit 1; fi shopt -s inherit_errexit 2>/dev/null ||: # ignore fail in bash < 4.4 source /a/bin/errhandle/err +force=false +case $1 in + -f) force=true ;; +esac m() { printf "$pre %s\n" "$*"; "$@"; } e() { printf "$pre %s\n" "$*"; } err() { echo "[$(date +'%Y-%m-%d %H:%M:%S%z')]: $0: $*" >&2; } + + m cd /a/opt/go.git -# don't check for updates on go more than once a day -yesterday=$(( $(date +%s) - 60*60*24 )) -if (( $(stat -c %Y FETCH_HEAD) < yesterday )); then - m git fetch + +up=true +install=false + +if ! $force; then + yesterday=$(( $(date +%s) - 60*60*24 )) + # no need to check for updates on go more than once a day + if (( $(stat -c %Y FETCH_HEAD) > yesterday )); then + up=false + fi + + # update will get overwritten if we dont do it on central host. + if [[ -e /a/bin/bash_unpublished/source-state ]]; then + source /a/bin/bash_unpublished/source-state + if [[ $HOSTNAME != "$HOST2" ]]; then + up=false + fi + fi +fi + +shopt -s nullglob + +f=$( + for f in go*.tar.gz; do + echo $f + done | sort -Vr | head -n1 + ) +if [[ ! $f ]]; then + up=true +fi + +if $up; then + m git fetch --tags touch ~/.local/gofetch vers=($(git tag | sort -Vr | grep -E '^go[0-9.]+$' | head)) @@ -27,7 +62,6 @@ if (( $(stat -c %Y FETCH_HEAD) < yesterday )); then dl() { arch=$(dpkg --print-architecture) f=${ver}.linux-${arch}.tar.gz - if [[ -e $f ]]; then timestamp=$(stat -c %Y $f) else @@ -43,15 +77,17 @@ if (( $(stat -c %Y FETCH_HEAD) < yesterday )); then fi new_timestamp=$(stat -c %Y $f) - if [[ $timestamp != $new_timestamp || ! -e /usr/local/go/bin/go ]]; then - m sudo rm -rf /usr/local/go - m sudo tar -C /usr/local -xzf $f + if [[ $timestamp != $new_timestamp ]]; then + install=true fi +fi - shopt -s nullglob - for x in go*.tar.gz; do - if [[ $x == $f ]]; then continue; fi - rm -fv $x - done - +if $install || [[ ! -e /usr/local/go/bin/go ]]; then + m sudo rm -rf /usr/local/go + m sudo tar -C /usr/local -xzf $f fi + +for x in go*.tar.gz; do + if [[ $x == $f ]]; then continue; fi + rm -fv $x +done diff --git a/kitty b/kitty index ab611e6..2fa8372 100755 --- a/kitty +++ b/kitty @@ -27,9 +27,10 @@ deps=( pi ${deps[@]} +last_build=/a/opt/kitty-build-info/last-build cd /a/opt/kitty rev=$(cat $last_build 2>/dev/null) ||: -head=$(git rev-parse HEAD) +head=$(sudo -u zu git rev-parse HEAD) if ! $recompile && ! $bootstrap && [[ $rev == "$head" ]]; then : fi @@ -44,6 +45,12 @@ if ! $rebuild && ! /bin/true; then rebuild=true fi +err-cleanup() { + if mountpoint -q /usr/local/src/kitty; then + s umount /usr/local/src/kitty + fi +} + if $rebuild; then s mkdir -p /usr/local/src/kitty s mount -o bind /a/opt/kitty /usr/local/src/kitty @@ -51,8 +58,12 @@ if $rebuild; then s install -o zu -g zu -d /usr/local/src/kitty s chown -hR zu.zu /usr/local/src/kitty cd /usr/local/src/kitty - m sudo -u zu firejail --read-write=/usr/local/src/kitty --profile=makekitty make clean - m sudo -u zu firejail --read-write=/usr/local/src/kitty --profile=makekitty make + # default plus go + p=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:/usr/local/go/bin + gp=/usr/local/src/kitty/go + m sudo -u zu bash -c 'PATH=$PATH:/usr/local/go/bin; export GOPATH=/usr/local/src/kitty/go; go mod download -x' + m sudo -u zu firejail --read-write=/usr/local/src/kitty --profile=makekitty env PATH=$p make clean + m sudo -u zu firejail --read-write=/usr/local/src/kitty --profile=makekitty env PATH=$p GOPATH=$gp make cd / s umount /usr/local/src/kitty s chown -hR iank.iank /a/opt/kitty @@ -62,3 +73,5 @@ cd /a/opt/kitty s rsync -ar --chown root:root --delete __main__.py kitty logo kittens /usr/local/src/kitty s rsync -ar --chown root:root ./terminfo/x/xterm-kitty /usr/share/terminfo/x/xterm-kitty s ln -sf -T /usr/local/src/kitty/kitty/launcher/kitty /usr/local/bin/kitty + +echo $head >$last_build diff --git a/mblaze b/mblaze new file mode 100755 index 0000000..93226e4 --- /dev/null +++ b/mblaze @@ -0,0 +1,7 @@ +#!/bin/bash +f=/usr/local/lib/err;test -r $f || { echo "error: $0 no $f" >&2;exit 1;}; . $f + +cd /a/opt/mblaze +make +sudo make install +sudo systemctl start man-db diff --git a/mu4e b/mu4e new file mode 100755 index 0000000..b87990c --- /dev/null +++ b/mu4e @@ -0,0 +1,81 @@ +#!/bin/bash + +if [[ -s ~/.bashrc ]];then . ~/.bashrc;fi + + +cd /a/opt/mu + +recompile=false +dryrun=false + +while [[ $1 == -* ]]; do + case $1 in + -n) dryrun=true ;; + -r) recompile=true ;; + --no-r) recompile=false ;; + --) break ;; + *) echo "$0: error: bad arg: $1" >&2; exit 1 ;; + esac + shift +done + +bootstrap=false + +#git repo +dir=/a/opt/mu-$(distro-name)$(distro-num) +last_build=$dir/iank-mu-build + +if [[ -e $dir ]]; then + m cd $dir + rev=$(cat $last_build 2>/dev/null) ||: + head=$(git rev-parse HEAD) + if ! $recompile && ! $bootstrap && [[ $rev == "$head" ]]; then + echo "already compiled, exiting" + exit 0 + fi + echo rev=$rev head=$head + if [[ $rev != "$head" ]]; then + bootstrap=true + fi +else + head=$(git rev-parse HEAD) + bootstrap=true +fi + +if $dryrun; then + e recompile=$recompile bootstrap=$bootstrap + exit 0 +fi + +if $bootstrap; then + m rsync --delete -ra /a/opt/mu/ $dir + recompile=true + cd $dir +fi + + +if [[ $(debian-codename) == flidas ]]; then + # use the flidas branch, stuck behind because + # needs newer crypt libraries that are too troublesome. + cd /a/opt/muflidas +else + # libgmime-3.0-dev is a newer version than build-dep installs for buster + # note, currently, need newer meson than t10 + m pi libgmime-3.0-dev meson +fi +if $recompile; then + m git clean -xfffd + m ./autogen.sh && make -j`nproc` + # note uninstall is implemented + m sudo make install +else + # Workaround for some indecipherable build error + # that only happens after syncing the mu dir and not building from + # scratch. It seems there is some state somewhere, like ~/.local + # that doesn't get copied. Found the workaround by reading the Makefile, + # then doing a more verbose build with: + # ninja -C $PWD/build -v -d explain + sudo touch -d @$(($(stat -c%Y build/build.ninja) - 100)) /usr/local/bin/emacs + m sudo make install +fi +echo $head >$last_build diff --git a/navidrome b/navidrome new file mode 100755 index 0000000..16425d0 --- /dev/null +++ b/navidrome @@ -0,0 +1,17 @@ +#!/bin/bash + +# example https://github.com/navidrome/navidrome/releases/download/v0.48.0/navidrome_0.48.0_Linux_x86_64.tar.gz +up=$(wget -q -O- https://api.github.com/repos/navidrome/navidrome/releases/latest | jq -r .assets[].browser_download_url | grep Linux_x86_64) + +re='[[:space:]]' +if [[ ! $up || $up == $re ]]; then + echo "failed to get good update url. got: $up" +fi +uptar=${up##*/} +if [[ ! -e /a/opt/$uptar ]]; then + # kill off old version + rm -rf /a/opt/navidrome_* + wget -P /a/opt $up + # extracts to single binary + tar -C /a/opt -zxf /a/opt/$uptar +fi diff --git a/nodejs b/nodejs index ed8f199..fb3a4ec 100755 --- a/nodejs +++ b/nodejs @@ -2,7 +2,7 @@ #https://github.com/nodesource/distributions/blob/master/README.md KEYRING=/usr/share/keyrings/nodesource.gpg -curl -fsSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | gpg --dearmor | sudo dd of=$KEYRING 2>/dev/null +curl -fsSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | gpg --dearmor | sudo dd of=$KEYRING status=none # Replace with the branch of Node.js or io.js you want to install: node_6.x, node_8.x, etc... diff --git a/prom-node-exporter b/prom-node-exporter index 4263b3e..d46a4bf 100755 --- a/prom-node-exporter +++ b/prom-node-exporter @@ -127,12 +127,37 @@ i /etc/default/prometheus-node-exporter <&2; exit 1; fi - -shopt -s inherit_errexit 2>/dev/null ||: # ignore fail in bash < 4.4 -set -eE -o pipefail -trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR # alternatively, using https://iankelling.org/git/?p=errhandle;a=tree # source /path/errhandle/err # on my machine diff --git a/tor-browser b/tor-browser index 9b3212c..9883473 100755 --- a/tor-browser +++ b/tor-browser @@ -39,42 +39,51 @@ vers=($(printf "%s\n" "$c" | sed -rn 's#.*href="([0-9]+\.[0-9]+[.0-9]*)/.*#\1#p' cd /a/opt -ver=${vers[0]} dl() { - f=tor-browser-linux64-${ver}_en-US.tar.xz + f=tor-browser-linux64-${ver}_ALL.tar.xz if [[ -e $f ]]; then timestamp=$(stat -c %Y $f) else timestamp=0 fi + ret=0 echo wget -nv -N https://www.torproject.org/dist/torbrowser/$ver/$f wget -nv -N https://www.torproject.org/dist/torbrowser/$ver/$f || ret=$? } -dl -# 8 is return code for 404. for a new release, they might not have released to linux yet. -if [[ $ret == 8 ]]; then - ver=${vers[1]} + +# some releases are for specific non-gnu oses +for ((i=0; i<${#vers[@]}; i++)); do + ver=${vers[i]} dl -fi + # 8 is return code for 404. + if [[ $ret != 8 ]]; then + break + fi +done new_timestamp=$(stat -c %Y $f) -if [[ $timestamp != $new_timestamp || ! -e /a/opt/tor-browser_en-US/Browser/start-tor-browser ]]; then +if [[ $timestamp != $new_timestamp || ! -e /a/opt/tor-browser/Browser/start-tor-browser ]]; then # not already installed - rm -rf tor-browser_en-US + rm -rf tor-browser tar Jxf $f + + ## begin handlers customization - dest=/a/opt/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/handlers.json - orig=/p/c/tor-handlers-orig.json - src=/p/c/tor-handlers.json - if diff -q $src $dest; then - echo "Error: handlers file changed. adjust based on upstream" - exit 1 - fi - cp $src $dest + ## the default file doesn't exist anymore. i customized it to open magnet links, + ## it might work with removing the default stuff and keeping the magnet link part, + ## but I'd have to test and I don't care that much. + # dest=/a/opt/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/handlers.json + # orig=/p/c/tor-handlers-orig.json + # src=/p/c/tor-handlers.json + # if ! diff -q $src $dest &>/dev/null; then + # echo "Error: handlers file changed. adjust based on upstream" + # exit 1 + # fi + # cp $src $dest ## end handlers customization - cp /p/c/tor-user.js /a/opt/tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/user.js + cp /p/c/tor-user.js /a/opt/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/user.js fi