From 2e975979fa5bad84f3d2a84a9d62fbfd8793374c Mon Sep 17 00:00:00 2001 From: Ian Kelling Date: Tue, 12 Jul 2016 07:47:24 -0700 Subject: [PATCH] various fixes --- README | 12 +++++ arch-init | 2 +- fai-wrapper | 4 +- fai/config/class/50-host-classes | 6 ++- fai/config/distro-install-common/end | 16 ++----- .../files/etc/apt/preferences/LINODESTABLE | 1 + .../linodestable.list/LINODESTABLE | 9 ++++ fai/config/hooks/instsoft.DEFAULT | 14 +++--- fai/config/scripts/GRUB_PC/11-ian | 30 +++++++----- faiserver-revm | 1 + pxe-server | 47 +++++++++++++------ wrt-setup | 21 +++++---- wrt-setup-remote | 2 +- 13 files changed, 106 insertions(+), 59 deletions(-) create mode 120000 fai/config/files/etc/apt/preferences/LINODESTABLE create mode 100644 fai/config/files/etc/apt/sources.list.d/linodestable.list/LINODESTABLE diff --git a/README b/README index f9137a0..e1ceffd 100644 --- a/README +++ b/README @@ -2,3 +2,15 @@ Scripts for initial setup of OSes on my home network. My network is a wndr3700v2 router with openwrt on it and a few pcs with various gnu/linux distros on them. + + +Scripts meant to be called interactively: + + +arch-init-remote # install arch (after it's been booted into it's setup env) +fai-revm # test fai on a fresh vm +faiserver-revm # create a vm which is a fai server +faiserver-uninstall +fresize # resize swap or boot partitions in a host created with my fai setup +pxe-server # temporarily enable (usually) fai or arch boot server +wrt-setup-remote # setup my router diff --git a/arch-init b/arch-init index 0077807..36b77c6 100755 --- a/arch-init +++ b/arch-init @@ -7,7 +7,7 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR cd $(dirname $(readlink -f "$BASH_SOURCE")) -export hostname="$1" +export HOSTNAME="$1" mirror=$2 TPPASS="$(cat /root/shadow/traci-simple)" diff --git a/fai-wrapper b/fai-wrapper index 8b44a6f..5a38b83 100644 --- a/fai-wrapper +++ b/fai-wrapper @@ -7,7 +7,7 @@ ifclass() { } export -f ifclass classes= # used by fcopy -for x in $(bash /a/bin/fai/config/class/50-host-classes); do +for x in $(bash /a/bin/fai/fai/config/class/50-host-classes); do # export class vars with CLASS_ in front to avoid name colissions. classes+=" $x" export CLASS_$x=true @@ -15,4 +15,4 @@ done classes="${classes# }" export classes export FAI_ROOT=/ -export FAI=/a/bin/fai/config +export FAI=/a/bin/fai/fai/config diff --git a/fai/config/class/50-host-classes b/fai/config/class/50-host-classes index 894261a..cc8e3de 100755 --- a/fai/config/class/50-host-classes +++ b/fai/config/class/50-host-classes @@ -12,11 +12,15 @@ case $HOSTNAME in x2) echo "FAIBASE DEBIAN DESKTOP PARTITION_PROMPT" ;; tp) - echo "FAIBASE DEBIAN DESKTOP PARTITION_PROMPT" ;; + echo "FAIBASE DEBIAN DESKTOP PARTITION_PROMPT STABLE" ;; frodo) echo "FAIBASE DEBIAN DESKTOP PARTITION_PROMPT" ;; treetowl) echo "FAIBASE DEBIAN DESKTOP PARTITION_PROMPT" ;; + lj) + echo "FAIBASE DEBIAN LINODESTABLE PARTITION_PROMPT" ;; + li) + echo "FAIBASE DEBIAN LINODESTABLE PARTITION_PROMPT" ;; # faiserver) # echo "FAIBASE DEBIAN DEMO FAISERVER" ;; # xfcehost) diff --git a/fai/config/distro-install-common/end b/fai/config/distro-install-common/end index b552952..6be266e 100755 --- a/fai/config/distro-install-common/end +++ b/fai/config/distro-install-common/end @@ -9,9 +9,9 @@ if [[ $EUID != 0 ]]; then fi ### begin set hostname -echo $hostname > /etc/hostname +echo $HOSTNAME > /etc/hostname sed -i '/^127\.0\.1\.1/d' /etc/hosts -echo "127.0.1.1 $hostname" >> /etc/hosts +echo "127.0.1.1 $HOSTNAME" >> /etc/hosts hostname -F /etc/hostname ### end set hostname @@ -33,19 +33,16 @@ chpw() { pwfile=$2 if [[ $pwfile && -e $pwfile ]]; then printf "$user:" | cat - "$pwfile" | $ROOTCMD chpasswd -e - else - echo "$0: warning: no pw set for $user" + else + echo "$0: warning: no pw set for $user" fi } au() { if ! $ROOTCMD getent passwd $1; then - $ROOTCMD useradd -m $1 -s /bin/bash || [[ $? == 9 ]] + $ROOTCMD useradd -m -s /bin/bash $1 || [[ $? == 9 ]] fi } -echo "IANNNNNNN 222222222, $ROOTPW" -ls -la $ROOTPW - chpw root "$ROOTPW" # 9 = user already exists. so we are idempotent. au ian @@ -80,10 +77,7 @@ fi dir=/q/p/c/machine_specific/$HOSTNAME/.unison $ROOTCMD mkdir -p $dir -$ROOTCMD rm -rf /root/.unison -$ROOTCMD ln -sf $dir /root $ROOTCMD ln -sf /q/p / - $ROOTCMD chown -R 1000:1000 $dir while true; do $ROOTCMD chown 1000:1000 $dir diff --git a/fai/config/files/etc/apt/preferences/LINODESTABLE b/fai/config/files/etc/apt/preferences/LINODESTABLE new file mode 120000 index 0000000..31109f8 --- /dev/null +++ b/fai/config/files/etc/apt/preferences/LINODESTABLE @@ -0,0 +1 @@ +STABLE \ No newline at end of file diff --git a/fai/config/files/etc/apt/sources.list.d/linodestable.list/LINODESTABLE b/fai/config/files/etc/apt/sources.list.d/linodestable.list/LINODESTABLE new file mode 100644 index 0000000..056de00 --- /dev/null +++ b/fai/config/files/etc/apt/sources.list.d/linodestable.list/LINODESTABLE @@ -0,0 +1,9 @@ +deb http://mirrors.linode.com/debian/ jessie main +deb-src http://mirrors.linode.com/debian/ jessie main + +deb http://security.debian.org/ jessie/updates main +deb-src http://security.debian.org/ jessie/updates main + +# jessie-updates, previously known as 'volatile' +deb http://mirrors.linode.com/debian/ jessie-updates main +deb-src http://mirrors.linode.com/debian/ jessie-updates main diff --git a/fai/config/hooks/instsoft.DEFAULT b/fai/config/hooks/instsoft.DEFAULT index 3eda00e..b4b3c10 100755 --- a/fai/config/hooks/instsoft.DEFAULT +++ b/fai/config/hooks/instsoft.DEFAULT @@ -29,14 +29,14 @@ EOF chmod +x $f -if ifclass tp; then - d=$target/q/root/shadow - mkdir -p $d - # ls -la /var/lib/fai/config/distro-install-common - cp /var/lib/fai/config/distro-install-common/traci{,-simple} $d - chmod -R o-rwx $d +if ifclass demohost; then + files=(/var/lib/fai/config/distro-install-common/luks/host-demohost) +elif ifclass tp; then + files=(/var/lib/fai/config/distro-install-common/luks/host-{tp,demohost}) +fi +if [[ ${files[0]} ]]; then d=$target/q/root/luks mkdir -p $d - cp /var/lib/fai/config/distro-install-common/luks/host-{tp,demohost} $d + cp ${files[@]} $d chmod -R o-rwx $d fi diff --git a/fai/config/scripts/GRUB_PC/11-ian b/fai/config/scripts/GRUB_PC/11-ian index 629d1bc..5d064be 100755 --- a/fai/config/scripts/GRUB_PC/11-ian +++ b/fai/config/scripts/GRUB_PC/11-ian @@ -8,40 +8,44 @@ if [[ $EUID != 0 ]]; then exit 1 fi +if ! type -t fcopy &>/dev/null; then + sudo apt-get -y install fai-client +fi dir=/q/root/shadow -if [[ ! -e $dir ]]; then +fai_shadow=$FAI/distro-install-common/shadow +if [[ ! -e $dir && -e $fai_shadow ]]; then mkdir -p $dir - echo "IANNNNNN 111" - ls -la $FAI/distro-install-common/shadow - mount -o bind $FAI/distro-install-common/shadow $dir + mount -o bind $fai_shadow $dir fi $FAI/distro-install-common/end -if ifclass STABLE; then +if ifclass STABLE || ifclass LINODESTABLE; then fcopy -M /etc/apt/preferences fi if ifclass DEBIAN; then fcopy -M /etc/apt/preferences.d/unstable fcopy -riM /etc/apt/sources.list.d + $ROOTCMD apt-get update fi # note: # fcopy -i = ignore nonmatching class error, always return 0. -f=$FAI_ROOT/home/ian/.ssh/authorized_keys -if [[ ! -L $f || -e $f ]]; then - fcopy -r -M /home/ian/.ssh -else - echo "$0: info: $f exists" -fi +# for lj, this will be empty and fail +fcopy -riM /home/ian/.ssh rm -f $FAI_ROOT/etc/apt/sources.list chroot $FAI_ROOT bash <<'EOF' set -eE -o pipefail +mkdir -p /home/ian/.ssh +f=/root/.ssh/authorized_keys +if [[ -e $f ]]; then + cp $f /home/ian/.ssh +fi chown -R 1000:1000 /home/ian/.ssh chmod -R u=Xrw,og= /home/ian/.ssh rm -rf /root/.ssh @@ -49,8 +53,8 @@ cp -rL /home/ian/.ssh /root chown -R root:root /root/.ssh chmod 700 /root/.ssh -# default jessie groups + kvm & systemd-journal -usermod -aG cdrom,floppy,sudo,audio,dip,video,plugdev,netdev,systemd-journal ian +# default jessie groups + kvm, systemd-journal, adm +usermod -aG adm,cdrom,floppy,sudo,audio,dip,video,plugdev,netdev,systemd-journal ian EOF diff --git a/faiserver-revm b/faiserver-revm index f546acc..1f84b0d 100755 --- a/faiserver-revm +++ b/faiserver-revm @@ -1,4 +1,5 @@ #!/bin/bash -l +# create a vm which is a fai server set -x set -eE -o pipefail diff --git a/pxe-server b/pxe-server index 574a896..6099ddb 100755 --- a/pxe-server +++ b/pxe-server @@ -22,6 +22,7 @@ HOST makes the pxe server only for that specific host -h|--help Print help and exit -- Subsequent arguments are never treated as options -p Persist. Otherwise, wait for 2 dhcp acks then remove. +-r Don't redeploy fai config. EOF exit $1 } @@ -30,12 +31,12 @@ EOF persist=false args=() -redep=false +redep=true while [[ $1 ]]; do case $1 in --) shift; break ;; -h|--help) usage ;; - -r) redep=true; shift ;; + -r) redep=false; shift ;; -p) persist=true; shift ;; *) args+=("$1"); shift ;; esac @@ -88,28 +89,46 @@ dhcp-boot=${host_tag}fai/pxelinux.0,faiserver.lan,faiserver.lan EOF } -echo "setting config type: $type" -$type | ssh wrt "cedit pxe-server /etc/dnsmasq.conf || /etc/init.d/dnsmasq restart # -if [[ $type == arch ]]; then arch-pxe-mount; fi" - - -if $redep && [[ $type == fai ]]; then - fai-redep -fi -if ! $persist; then - echo "waiting for 2 dhcp acks then disabling pxe" +ack-wait() { + wait_count=$1 if [[ $host ]]; then host_regex=" $host" fi regex=".*DHCPACK.*$host_regex$" i=0 tmp=$(mktemp) - while (( i != 2 )) && read line; do + while (( i != wait_count )) && read line; do if [[ $line =~ $regex ]]; then i=$((i+1)) echo $line fi done < <(ssh wrt logread -f) sv sleep 5 - sv "$BASH_SOURCE" : +} + +set-pxe() { + ${1:-$type} | ssh wrt "cedit pxe-server /etc/dnsmasq.conf || /etc/init.d/dnsmasq restart +if [[ $type == arch ]]; then arch-pxe-mount; fi" +} + +set-pxe + +if [[ $type == fai ]]; then + if $redep; then + fai-redep + fi + faiserver-enable +fi + +if ! $persist; then + echo "waiting for 2 dhcp acks then disabling pxe" + ack-wait 2 + set-pxe : + if [[ $type == fai ]]; then + # fai server can contain sensitive info, so turn it off + # when it's not in use. + echo "waiting for 1 dhcp ack then disabling fai server" + ack-wait 1 + faiserver-disable + fi fi diff --git a/wrt-setup b/wrt-setup index 7a68c49..beea6b1 100755 --- a/wrt-setup +++ b/wrt-setup @@ -232,7 +232,8 @@ cedit /etc/hosts <&2' ERR h=root@192.168.1.1 -scp /a/bin/fai/wrt-setup /a/bin/bash-programs-by-ian/repos/cedit/cedit $h:/usr/bin +scp /a/bin/fai/wrt-setup /a/bin/cedit/cedit $h:/usr/bin ssh $h <<'EOF' if ! opkg list-installed|grep bash; then opkg update -- 2.30.2