From: Ian Kelling <iank@fsf.org>
Date: Wed, 12 Jun 2024 20:27:46 +0000 (-0400)
Subject: t12 related changes
X-Git-Url: https://iankelling.org/git/?a=commitdiff_plain;h=dce9fd7e6023976f6e9622f035d5cab34479a68d;p=automated-distro-installer

t12 related changes
---

diff --git a/README b/README
index 5e01bb4..84a733e 100644
--- a/README
+++ b/README
@@ -109,6 +109,10 @@ Also, setup dns in /p/c/host-info and firewall redirects in wrt-setup-local.
 After install, btrbk to setup data, and then distro-begin && distro end.
 See notes in distro-begin for other configuration.
 
+# Per distro install/config
+
+./fai/config/package_config/CLASS.gpg
+
 # Prerequesites:
 
 <https://savannah.nongnu.org/git/?group=bash-bear-trap>
diff --git a/dnsmasq-end-lease b/dnsmasq-end-lease
new file mode 100644
index 0000000..0787335
--- /dev/null
+++ b/dnsmasq-end-lease
@@ -0,0 +1,57 @@
+#!/bin/bash
+# I, Ian Kelling, follow the GNU license recommendations at
+# https://www.gnu.org/licenses/license-recommendations.en.html. They
+# recommend that small programs, < 300 lines, be licensed under the
+# Apache License 2.0. This file contains or is part of one or more small
+# programs. If a small program grows beyond 300 lines, I plan to change
+# to a recommended GPL license.
+
+# Copyright 2024 Ian Kelling
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+#     http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# usage: wrt-reip PATTERN
+# Removes pattern from dnsmasq leases file and restart dnsmasq.
+# PATTERN should generally be an ip or a mac.
+
+pattern=$1
+
+exit_code=0
+
+m() {
+    printf "%s\n" "$*";
+    "$@"
+}
+
+m /etc/init.d/dnsmasq stop
+
+tmp=/tmp/dhcp.leases.iank
+sed "/$pattern/d" /tmp/dhcp.leases >$tmp
+
+if (( $(wc -l /tmp/dhcp.leases | awk '{print $1}') - 1 == $(wc -l $tmp | awk '{print $1}') )); then
+  echo "info: found one less line after removing $pattern. installing new leases file"
+  cp /tmp/dhcp.leases /tmp/dhcp.leases.iank-backup
+  cat $tmp >/tmp/dhcp.leases
+  m rm -f $tmp
+else
+  exit_code=1
+  cat <<EOF
+error: unexpected line count in /tmp/dhcp.leases.iank"
+try diffing /tmp/dhcp.leases{,.iank}
+EOF
+fi
+
+m /etc/init.d/dnsmasq start
+
+m exit $exit_code
diff --git a/fai/config/basefiles/mk-basefile b/fai/config/basefiles/mk-basefile
index 91c4ea3..e6b73c4 100755
--- a/fai/config/basefiles/mk-basefile
+++ b/fai/config/basefiles/mk-basefile
@@ -55,6 +55,7 @@ INCLUDE_DEBIAN=
 INCLUDE_ETIONA=ifupdown
 INCLUDE_NABIA=ifupdown
 INCLUDE_ARAMO=ifupdown
+INCLUDE_ECNE=ifupdown
 
 setarch() {
 
diff --git a/fai/config/class/FAIBASE.var b/fai/config/class/FAIBASE.var
index 2492def..e5b0d7b 100644
--- a/fai/config/class/FAIBASE.var
+++ b/fai/config/class/FAIBASE.var
@@ -8,7 +8,7 @@ FAI_ALLOW_UNSIGNED=1
 # Set UTC=yes if your system clock is set to UTC (GMT), and UTC=no if not.
 UTC=yes
 ## changed from upstream. found in /usr/share/zoneinfo/, via fai-guide
-TIMEZONE=US/Eastern
+TIMEZONE=America/New_York
 
 # errors in tasks greater than this value will cause the installation to stop
 STOP_ON_ERROR=700
diff --git a/fai/config/distro-install-common/ethusb-static b/fai/config/distro-install-common/ethusb-static
index 0a6d1ae..5ca8b93 100755
--- a/fai/config/distro-install-common/ethusb-static
+++ b/fai/config/distro-install-common/ethusb-static
@@ -25,6 +25,8 @@
 # -c    config only, don't tell networkmanager to change anything
 # -f    force interface reup
 
+# shellcheck disable=SC2317 # false positive
+
 if ! test "$BASH_VERSION"; then echo "error: shell is not bash" >&2; exit 1; fi
 shopt -s inherit_errexit 2>/dev/null ||: # ignore fail in bash < 4.4
 set -eE -o pipefail
@@ -213,9 +215,14 @@ fi
 
 
 if ! type -p dig &>/dev/null; then
-  apt-get install dig
+  apt-get -y install dig
+fi
+
+if ! type -p ethtool &>/dev/null; then
+  apt-get -y install ethtool
 fi
 
+
 get-cur
 ## end common setup / detection ##
 
diff --git a/fai/config/files/etc/apt/preferences.d/aramo-noble/ARAMO b/fai/config/files/etc/apt/preferences.d/aramo-noble/ARAMO
new file mode 100644
index 0000000..4e12926
--- /dev/null
+++ b/fai/config/files/etc/apt/preferences.d/aramo-noble/ARAMO
@@ -0,0 +1,3 @@
+Package: *
+Pin: release n=noble,o=Ubuntu
+Pin-Priority: -100
diff --git a/fai/config/files/etc/apt/preferences.d/noble-mint/NOBLE b/fai/config/files/etc/apt/preferences.d/noble-mint/NOBLE
new file mode 100644
index 0000000..a2644a7
--- /dev/null
+++ b/fai/config/files/etc/apt/preferences.d/noble-mint/NOBLE
@@ -0,0 +1,11 @@
+Package: firefox firefox-*
+Pin: release o=linuxmint
+Pin-Priority: 500
+
+Package: firefox firefox-*
+Pin: release o=ubuntu
+Pin-Priority: -20
+
+Package: *
+Pin: release o=linuxmint
+Pin-Priority: -20
diff --git a/fai/config/files/etc/apt/sources.list.d/noble.list/NOBLE b/fai/config/files/etc/apt/sources.list.d/noble.list/NOBLE
index cda7d9c..140df90 100644
--- a/fai/config/files/etc/apt/sources.list.d/noble.list/NOBLE
+++ b/fai/config/files/etc/apt/sources.list.d/noble.list/NOBLE
@@ -12,3 +12,4 @@ deb http://archive.ubuntu.com/ubuntu/ noble-backports main universe
 deb-src http://archive.ubuntu.com/ubuntu/ noble-security main universe multiverse
 deb-src http://archive.ubuntu.com/ubuntu/ noble-updates main universe multiverse
 deb-src http://archive.ubuntu.com/ubuntu/ noble-backports main universe
+deb http://packages.linuxmint.com wilma upstream
diff --git a/fai/config/hooks/updatebase.UBUNTU b/fai/config/hooks/updatebase.UBUNTU
index 98f775f..55971e8 100755
--- a/fai/config/hooks/updatebase.UBUNTU
+++ b/fai/config/hooks/updatebase.UBUNTU
@@ -1,12 +1,5 @@
 #! /bin/bash
 
-# mk-basefile doesn't use the -updates suite, then we unpack it, then we
-# install sources.list that has -updates and we install random
-# packages. It might avoid a problem if we a dist-upgrade first.
-
-$ROOTCMD apt-get update
-$ROOTCMD apt-get -y dist-upgrade --purge --auto-remove
-
 # https://lists.uni-koeln.de/pipermail/linux-fai/2016-July/011398.html
 # In Ubuntu 16.04 (but not 14.04), the locales configuration mechanism has
 # changed.  There is a /var/lib/dpkg/info/locales.config file, which
@@ -16,13 +9,35 @@ $ROOTCMD apt-get -y dist-upgrade --purge --auto-remove
 # hook applies the debconf setting.  It must run after FAI's debconf task
 # but before dpkg gets a chance to clobber debconf with an empty setting.
 
+# todo: debconf-get-selections did not show our locale settings.
+#
+# this could be related in the fai.log
+#
+#Calling task_debconf
+# Adding debconf data from /var/lib/fai/config/debconf/DEBIAN
+# Reconfiguring package keyboard-configuration
+# Your console font configuration will be updated the next time your system
+# boots. If you want to update it now, run 'setupcon' from a virtual console.
+# debconf: DbDriver "_ENV_stack": unable to save changes to: console-setup/ask_detect keyboard-configuration/model keyboard-configuration/model keyboard-configuration/modelcode keyboard-configuration/variant keyboard-configuration/variant keyboard-configuration/optionscode keyboard-configuration/store_defaults_in_debconf_db
 
+# todo fix the dropbear cat not found issue.
+#
+#
 if [ ! -f "$target/var/lib/locales/supported.d/local" ]; then
-  $ROOTCMD debconf --owner=locales sh -c '
+  if $ROOTCMD debconf --owner=locales sh -c '
         . /usr/share/debconf/confmodule
         db_version 2.0
         db_get locales/locales_to_be_generated &&
         mkdir -p /var/lib/locales/supported.d &&
-        echo "$RET" > /var/lib/locales/supported.d/local' &&
+        echo "$RET" > /var/lib/locales/supported.d/local'; then
     $ROOTCMD dpkg-reconfigure locales
+  fi
 fi
+
+
+# mk-basefile doesn't use the -updates suite, then we unpack it, then we
+# install sources.list that has -updates and we install random
+# packages. It might avoid a problem if we a dist-upgrade first.
+
+$ROOTCMD apt-get update
+$ROOTCMD apt-get -y dist-upgrade --purge --auto-remove
diff --git a/fai/config/package_config/STANDARD b/fai/config/package_config/STANDARD
index f55e664..091984c 100644
--- a/fai/config/package_config/STANDARD
+++ b/fai/config/package_config/STANDARD
@@ -16,7 +16,9 @@ locales
 lsof
 man-db
 manpages
-mime-support
+# this split into mailcap and media-types in t12,
+# dunno that i need either of them at this stage
+#mime-support
 ncurses-term
 openssh-client
 pciutils
diff --git a/fai/config/package_config/UBUNTU_UP.gpg b/fai/config/package_config/UBUNTU_UP.gpg
index 86214bd..ff1576e 100644
Binary files a/fai/config/package_config/UBUNTU_UP.gpg and b/fai/config/package_config/UBUNTU_UP.gpg differ
diff --git a/fai/config/scripts/IANK/11-iank b/fai/config/scripts/IANK/11-iank
index 99316b8..d7a5bd3 100755
--- a/fai/config/scripts/IANK/11-iank
+++ b/fai/config/scripts/IANK/11-iank
@@ -169,14 +169,32 @@ EOF
 fi
 
 # use networkmanager if this host has wireless.
-if [[ $(iw dev) ]]; then
+if [[ $(iw dev) || $HOSTNAME == so ]]; then
   $ROOTCMD bash -xe <<EOF
 apt-get -y install network-manager
 EOF
 
   # allow networkmanager to manage interfaces
   #https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1638842
-  touch $target/etc/NetworkManager/conf.d/10-globally-managed-devices.conf
+  # touch $target/etc/NetworkManager/conf.d/10-globally-managed-devices.conf
+  #
+  # in 24.04, netplan takes over and nm won't automatically connect any
+  # ethernet devices. Ya, man NetworkManager helpfully suggests the
+  # config setting device*.managed=1, but of course that isn't REAL
+  # setting, you go to man NetworkManager.conf and find that every
+  # setting has a section.  So what section is that setting in? It
+  # doesn't tell you. You have to figure out that it is implied that a
+  # setting x.y means section x, setting y.  Ok, but what section is
+  # device*? that isn't documented in the man page either (at least not
+  # properly). But if you read closely, you can intuit that device* is
+  # likely a valid section and then try it. Might as use this same magic
+  # config file name since it is supposed to exist, but I have no idea
+  # if it is still magic. note: In figuring this out, I also removed
+  # /etc/netplan/*, which seemed to have no effect. dunno if it matters.
+  cat >$target/etc/NetworkManager/conf.d/10-globally-managed-devices.conf <<'EOF'
+[device*]
+managed=1
+EOF
   # in a default desktop install, it looks like netplan creates this file under
   # run/NetworkManager/conf.d in early boot.
 
diff --git a/wrt-setup b/wrt-setup
index 975a1dd..1a85864 100755
--- a/wrt-setup
+++ b/wrt-setup
@@ -73,13 +73,13 @@ fi
 echo "$0: h=$h"
 # todo: ecdsa key not working with dropbear
 cat ~/.ssh/{h,hrsa,home}.pub | ssh $h dd of=/etc/dropbear/authorized_keys
-scp /a/work/libremanage/libremanage /a/bin/fai/wrt-init /a/bin/fai/wrt-setup-local /a/bin/cedit/cedit $h:/usr/bin
+scp /a/work/libremanage/libremanage /a/bin/fai/wrt-init /a/bin/fai/wrt-setup-local /a/bin/fai/dnsmasq-end-lease /a/bin/cedit/cedit $h:/usr/bin
 # relay is built for openwrt 18.06.2, r7676-cddd7b4c77
 
 #/a/opt/openwrt/source/bin/packages/mips_24kc/mypackages/relay_1.0-1_mips_24kc.ipk \
 
 scp /q/root/shadow/router /p/c/machine_specific/wrt/etc/dropbear/dropbear_rsa_host_key \
-     /p/router-secrets /p/c/machine_specific/wrt/etc/wg.{key,psk} /p/c/ptr-data /p/c/{dnsmasq,cmc-firewall}-data /b/bash-bear-trap/bash-bear $h:
+     /p/router-secrets /p/c/machine_specific/wrt/etc/wg.{key,psk}  /p/c/{ptr,dnsmasq,cmc-firewall}-data /b/bash-bear-trap/bash-bear $h:
 scp ../openwrtkeyring/usign/* $h:/etc/opkg/keys
 
 ssh $h wrt-init ${HOME_DOMAIN:-b8.nz} "$@"
diff --git a/wrt-setup-local b/wrt-setup-local
index ac33e3a..d18d798 100755
--- a/wrt-setup-local
+++ b/wrt-setup-local
@@ -15,6 +15,7 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
+# shellcheck disable=SC1091 # somewhat dynamic
 
 set -e; . /usr/local/lib/bash-bear; set +e
 
@@ -234,7 +235,7 @@ elif $secrets; then
   ssid=${rssid[$h]}
 fi
 
-: ${ssid:=librecmc}
+: "${ssid:=librecmc}"
 
 
 if $secrets; then
@@ -617,6 +618,7 @@ EOF
 esac
 
 {
+  # shellcheck source=/p/c/cmc-firewall-data
   . /root/cmc-firewall-data
   cat <<EOF
 ## begin no external dns for ziva
@@ -1002,7 +1004,7 @@ prefetch: yes
 qname-minimisation: yes
 rrset-roundrobin: yes
 use-caps-for-id: yes
-do-ip6: no
+do-ip6: yes
 private-domain: b8.nz
 local-zone: "10.in-addr.arpa." transparent
 access-control-view: 10.2.0.31/32 "youtube"
@@ -1032,6 +1034,7 @@ EOF
 
 
   {
+    # shellcheck source=/p/c/ptr-data
     . /root/ptr-data
     cat  <<EOF
 
@@ -1110,6 +1113,7 @@ mkdir -p /mnt/usb/tftpboot
 
 {
   # generated with host-info-update
+  # shellcheck source=/p/c/dnsmasq-data
   . /root/dnsmasq-data
   cat <<EOF
 # no dns