From: Ian Kelling Date: Wed, 12 Jun 2024 20:27:46 +0000 (-0400) Subject: t12 related changes X-Git-Url: https://iankelling.org/git/?a=commitdiff_plain;h=dce9fd7e6023976f6e9622f035d5cab34479a68d;p=automated-distro-installer t12 related changes --- diff --git a/README b/README index 5e01bb4..84a733e 100644 --- a/README +++ b/README @@ -109,6 +109,10 @@ Also, setup dns in /p/c/host-info and firewall redirects in wrt-setup-local. After install, btrbk to setup data, and then distro-begin && distro end. See notes in distro-begin for other configuration. +# Per distro install/config + +./fai/config/package_config/CLASS.gpg + # Prerequesites: diff --git a/dnsmasq-end-lease b/dnsmasq-end-lease new file mode 100644 index 0000000..0787335 --- /dev/null +++ b/dnsmasq-end-lease @@ -0,0 +1,57 @@ +#!/bin/bash +# I, Ian Kelling, follow the GNU license recommendations at +# https://www.gnu.org/licenses/license-recommendations.en.html. They +# recommend that small programs, < 300 lines, be licensed under the +# Apache License 2.0. This file contains or is part of one or more small +# programs. If a small program grows beyond 300 lines, I plan to change +# to a recommended GPL license. + +# Copyright 2024 Ian Kelling + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# usage: wrt-reip PATTERN +# Removes pattern from dnsmasq leases file and restart dnsmasq. +# PATTERN should generally be an ip or a mac. + +pattern=$1 + +exit_code=0 + +m() { + printf "%s\n" "$*"; + "$@" +} + +m /etc/init.d/dnsmasq stop + +tmp=/tmp/dhcp.leases.iank +sed "/$pattern/d" /tmp/dhcp.leases >$tmp + +if (( $(wc -l /tmp/dhcp.leases | awk '{print $1}') - 1 == $(wc -l $tmp | awk '{print $1}') )); then + echo "info: found one less line after removing $pattern. installing new leases file" + cp /tmp/dhcp.leases /tmp/dhcp.leases.iank-backup + cat $tmp >/tmp/dhcp.leases + m rm -f $tmp +else + exit_code=1 + cat <&2; exit 1; fi shopt -s inherit_errexit 2>/dev/null ||: # ignore fail in bash < 4.4 set -eE -o pipefail @@ -213,9 +215,14 @@ fi if ! type -p dig &>/dev/null; then - apt-get install dig + apt-get -y install dig +fi + +if ! type -p ethtool &>/dev/null; then + apt-get -y install ethtool fi + get-cur ## end common setup / detection ## diff --git a/fai/config/files/etc/apt/preferences.d/aramo-noble/ARAMO b/fai/config/files/etc/apt/preferences.d/aramo-noble/ARAMO new file mode 100644 index 0000000..4e12926 --- /dev/null +++ b/fai/config/files/etc/apt/preferences.d/aramo-noble/ARAMO @@ -0,0 +1,3 @@ +Package: * +Pin: release n=noble,o=Ubuntu +Pin-Priority: -100 diff --git a/fai/config/files/etc/apt/preferences.d/noble-mint/NOBLE b/fai/config/files/etc/apt/preferences.d/noble-mint/NOBLE new file mode 100644 index 0000000..a2644a7 --- /dev/null +++ b/fai/config/files/etc/apt/preferences.d/noble-mint/NOBLE @@ -0,0 +1,11 @@ +Package: firefox firefox-* +Pin: release o=linuxmint +Pin-Priority: 500 + +Package: firefox firefox-* +Pin: release o=ubuntu +Pin-Priority: -20 + +Package: * +Pin: release o=linuxmint +Pin-Priority: -20 diff --git a/fai/config/files/etc/apt/sources.list.d/noble.list/NOBLE b/fai/config/files/etc/apt/sources.list.d/noble.list/NOBLE index cda7d9c..140df90 100644 --- a/fai/config/files/etc/apt/sources.list.d/noble.list/NOBLE +++ b/fai/config/files/etc/apt/sources.list.d/noble.list/NOBLE @@ -12,3 +12,4 @@ deb http://archive.ubuntu.com/ubuntu/ noble-backports main universe deb-src http://archive.ubuntu.com/ubuntu/ noble-security main universe multiverse deb-src http://archive.ubuntu.com/ubuntu/ noble-updates main universe multiverse deb-src http://archive.ubuntu.com/ubuntu/ noble-backports main universe +deb http://packages.linuxmint.com wilma upstream diff --git a/fai/config/hooks/updatebase.UBUNTU b/fai/config/hooks/updatebase.UBUNTU index 98f775f..55971e8 100755 --- a/fai/config/hooks/updatebase.UBUNTU +++ b/fai/config/hooks/updatebase.UBUNTU @@ -1,12 +1,5 @@ #! /bin/bash -# mk-basefile doesn't use the -updates suite, then we unpack it, then we -# install sources.list that has -updates and we install random -# packages. It might avoid a problem if we a dist-upgrade first. - -$ROOTCMD apt-get update -$ROOTCMD apt-get -y dist-upgrade --purge --auto-remove - # https://lists.uni-koeln.de/pipermail/linux-fai/2016-July/011398.html # In Ubuntu 16.04 (but not 14.04), the locales configuration mechanism has # changed. There is a /var/lib/dpkg/info/locales.config file, which @@ -16,13 +9,35 @@ $ROOTCMD apt-get -y dist-upgrade --purge --auto-remove # hook applies the debconf setting. It must run after FAI's debconf task # but before dpkg gets a chance to clobber debconf with an empty setting. +# todo: debconf-get-selections did not show our locale settings. +# +# this could be related in the fai.log +# +#Calling task_debconf +# Adding debconf data from /var/lib/fai/config/debconf/DEBIAN +# Reconfiguring package keyboard-configuration +# Your console font configuration will be updated the next time your system +# boots. If you want to update it now, run 'setupcon' from a virtual console. +# debconf: DbDriver "_ENV_stack": unable to save changes to: console-setup/ask_detect keyboard-configuration/model keyboard-configuration/model keyboard-configuration/modelcode keyboard-configuration/variant keyboard-configuration/variant keyboard-configuration/optionscode keyboard-configuration/store_defaults_in_debconf_db +# todo fix the dropbear cat not found issue. +# +# if [ ! -f "$target/var/lib/locales/supported.d/local" ]; then - $ROOTCMD debconf --owner=locales sh -c ' + if $ROOTCMD debconf --owner=locales sh -c ' . /usr/share/debconf/confmodule db_version 2.0 db_get locales/locales_to_be_generated && mkdir -p /var/lib/locales/supported.d && - echo "$RET" > /var/lib/locales/supported.d/local' && + echo "$RET" > /var/lib/locales/supported.d/local'; then $ROOTCMD dpkg-reconfigure locales + fi fi + + +# mk-basefile doesn't use the -updates suite, then we unpack it, then we +# install sources.list that has -updates and we install random +# packages. It might avoid a problem if we a dist-upgrade first. + +$ROOTCMD apt-get update +$ROOTCMD apt-get -y dist-upgrade --purge --auto-remove diff --git a/fai/config/package_config/STANDARD b/fai/config/package_config/STANDARD index f55e664..091984c 100644 --- a/fai/config/package_config/STANDARD +++ b/fai/config/package_config/STANDARD @@ -16,7 +16,9 @@ locales lsof man-db manpages -mime-support +# this split into mailcap and media-types in t12, +# dunno that i need either of them at this stage +#mime-support ncurses-term openssh-client pciutils diff --git a/fai/config/package_config/UBUNTU_UP.gpg b/fai/config/package_config/UBUNTU_UP.gpg index 86214bd..ff1576e 100644 Binary files a/fai/config/package_config/UBUNTU_UP.gpg and b/fai/config/package_config/UBUNTU_UP.gpg differ diff --git a/fai/config/scripts/IANK/11-iank b/fai/config/scripts/IANK/11-iank index 99316b8..d7a5bd3 100755 --- a/fai/config/scripts/IANK/11-iank +++ b/fai/config/scripts/IANK/11-iank @@ -169,14 +169,32 @@ EOF fi # use networkmanager if this host has wireless. -if [[ $(iw dev) ]]; then +if [[ $(iw dev) || $HOSTNAME == so ]]; then $ROOTCMD bash -xe <$target/etc/NetworkManager/conf.d/10-globally-managed-devices.conf <<'EOF' +[device*] +managed=1 +EOF # in a default desktop install, it looks like netplan creates this file under # run/NetworkManager/conf.d in early boot. diff --git a/wrt-setup b/wrt-setup index 975a1dd..1a85864 100755 --- a/wrt-setup +++ b/wrt-setup @@ -73,13 +73,13 @@ fi echo "$0: h=$h" # todo: ecdsa key not working with dropbear cat ~/.ssh/{h,hrsa,home}.pub | ssh $h dd of=/etc/dropbear/authorized_keys -scp /a/work/libremanage/libremanage /a/bin/fai/wrt-init /a/bin/fai/wrt-setup-local /a/bin/cedit/cedit $h:/usr/bin +scp /a/work/libremanage/libremanage /a/bin/fai/wrt-init /a/bin/fai/wrt-setup-local /a/bin/fai/dnsmasq-end-lease /a/bin/cedit/cedit $h:/usr/bin # relay is built for openwrt 18.06.2, r7676-cddd7b4c77 #/a/opt/openwrt/source/bin/packages/mips_24kc/mypackages/relay_1.0-1_mips_24kc.ipk \ scp /q/root/shadow/router /p/c/machine_specific/wrt/etc/dropbear/dropbear_rsa_host_key \ - /p/router-secrets /p/c/machine_specific/wrt/etc/wg.{key,psk} /p/c/ptr-data /p/c/{dnsmasq,cmc-firewall}-data /b/bash-bear-trap/bash-bear $h: + /p/router-secrets /p/c/machine_specific/wrt/etc/wg.{key,psk} /p/c/{ptr,dnsmasq,cmc-firewall}-data /b/bash-bear-trap/bash-bear $h: scp ../openwrtkeyring/usign/* $h:/etc/opkg/keys ssh $h wrt-init ${HOME_DOMAIN:-b8.nz} "$@" diff --git a/wrt-setup-local b/wrt-setup-local index ac33e3a..d18d798 100755 --- a/wrt-setup-local +++ b/wrt-setup-local @@ -15,6 +15,7 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# shellcheck disable=SC1091 # somewhat dynamic set -e; . /usr/local/lib/bash-bear; set +e @@ -234,7 +235,7 @@ elif $secrets; then ssid=${rssid[$h]} fi -: ${ssid:=librecmc} +: "${ssid:=librecmc}" if $secrets; then @@ -617,6 +618,7 @@ EOF esac { + # shellcheck source=/p/c/cmc-firewall-data . /root/cmc-firewall-data cat <