From 8fc5b100c203bda835d6870da4634a90c2cb25c8 Mon Sep 17 00:00:00 2001
From: Ian Kelling <iank@fsf.org>
Date: Mon, 23 Feb 2026 20:09:37 -0500
Subject: [PATCH] minor improvements

---
 README                             |  7 ++---
 bind/db.0.2.10.in-addr.arpa        |  5 ++--
 fai/config/hooks/partition.DEFAULT | 30 +++++++++++++--------
 fai/config/scripts/IANK/11-iank    | 42 ++++++++++++++++--------------
 4 files changed, 48 insertions(+), 36 deletions(-)

diff --git a/README b/README
index 06fc185..b40e600 100644
--- a/README
+++ b/README
@@ -88,7 +88,7 @@ Before doing a fai install, you will need to populate a class file.  I
 use one called 51-multi-boot, which you can see example of in
 fai/config/class/50-host-classes.
 
-Before doing a fai install, you will need to populate /q/root/luks and
+Before doing a fai install, you might need to add a file in
 /q/root/shadow, see their references. You might also want to copy
 existing /etc/ssh/*host* to
 /p/c/machine_specific/HOST/filesystem/etc/ssh
@@ -96,7 +96,7 @@ existing /etc/ssh/*host* to
 You will also want to populate a git ignored file like
 fai/config/files/root/.ssh/authorized_keys/STANDARD
 
-host-* luks keyfiles generated like:
+you will need to populate /q/root/luks. host-* luks keyfiles generated like:
 h=demohost; head -c 2048 /dev/urandom | od | se dd of=/q/root/luks/host-$h
 
 Configuration of which luks key to use is in
@@ -107,7 +107,8 @@ fai/config/distro-install-common/end
 and which shadow file / luks file(s) to copy into the new machine depends
 on fai-redep arguments.
 
-Also, setup dns in /p/c/host-info and firewall redirects in wrt-setup-local.
+Also, setup dns in /p/c/host-info then run hiup. run wrt-setup to get
+the correct ip address from dhcp. To update dns, run bindpushb8.
 
 After install, btrbk to setup data, and then distro-begin && distro end.
 See notes in distro-begin for other configuration.
diff --git a/bind/db.0.2.10.in-addr.arpa b/bind/db.0.2.10.in-addr.arpa
index 522be5a..c33fae6 100644
--- a/bind/db.0.2.10.in-addr.arpa
+++ b/bind/db.0.2.10.in-addr.arpa
@@ -1,7 +1,7 @@
 ; -*- zone -*-
 $TTL 30
 @ IN SOA cmc.b8.nz. postmaster.iankelling.org. (
-	2021030716 ; serial
+	2026022203 ; serial
         1d 1d 4w 1M ; refresh retry expire minimum
 	)
 @	NS	cmc.b8.nz.
@@ -14,10 +14,11 @@ $TTL 30
 6	PTR	x2w.b8.nz.
 7	PTR	syw.b8.nz.
 8	PTR	amy.b8.nz.
-9	PTR	bb8.b8.nz.
+9	PTR	sf.b8.nz.
 12	PTR	demohost.b8.nz.
 14	PTR	wrt3.b8.nz.
 19	PTR	brother.b8.nz.
 23	PTR	amyw.b8.nz.
 25	PTR	hp.b8.nz.
+34	PTR	frodo.b8.nz.
 ;; todo: add transmission
diff --git a/fai/config/hooks/partition.DEFAULT b/fai/config/hooks/partition.DEFAULT
index 82cc314..d210a9a 100755
--- a/fai/config/hooks/partition.DEFAULT
+++ b/fai/config/hooks/partition.DEFAULT
@@ -69,6 +69,8 @@ Options
 exit. This also sets REPARTITION & prompts. REMINDER! Collect /tmp/fai/{crypttab,fstab}
 before running the script again.
 
+-w SWAP_MIB   Meant for use with -s, set a static swap MiB.
+
 -y    Disable prompt from -s.
 
 ARGS (only 0 or 1 is valid). All args are for use outside of fai.
@@ -147,7 +149,7 @@ skip_o=false
 data_part=false
 max_size=false
 do_special_disk_prompt=true
-temp=$(getopt -l help hc:dms:y "$@") || usage 1
+temp=$(getopt -l help hc:dms:w:y "$@") || usage 1
 eval set -- "$temp"
 while true; do
   case $1 in
@@ -165,6 +167,7 @@ while true; do
       ;;
     -m) max_size=true ;;
     -s) special_disk="$2"; shift ;;
+    -w) swap_mib="$2"; shift ;;
     -y)
       do_special_disk_prompt=false
       ;;
@@ -640,6 +643,8 @@ if [[ $special_disk ]]; then
   short_devs=($special_disk)
   #tmps=$(devbyid $special_disk)
   #devs=("$tmps")
+elif [[ $HOSTNAME == kd ]]; then
+  short_devs=( $(readlink /dev/disk/by-id/ata-Samsung_SSD_870_EVO_250GB_S6PENL0T709966E) )
 else
 
   if ! $mkroot2 && ! $mkroot2tab && ! $mktab ! ifclass USE_MOUNTED; then
@@ -974,17 +979,20 @@ mem_gb=$(( mem_kb / 1024 / 1024 ))
 
 
 # somewhat random based on https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/managing_storage_devices/getting-started-with-swap_managing-storage-devices#recommended-system-swap-space_getting-started-with-swap
-if fsf; then
-  if (( mem_gb >= 64 )); then
-    swap_mib=6144
-  else
-    swap_mib=$(( mem_mib * raid_duplication / devs_count ))
-  fi
-else
-  if [[ -e /sys/class/power_supply/BAT0/capacity ]]; then
-    swap_mib=$(( mem_mib * 15 * raid_duplication / ( devs_count * 10 ) ))
+
+if [[ ! $swap_mib ]]; then
+  if fsf; then
+    if (( mem_gb >= 64 )); then
+      swap_mib=6144
+    else
+      swap_mib=$(( mem_mib / devs_count ))
+    fi
   else
-    swap_mib=$(( mem_mib * raid_duplication / devs_count ))
+    if [[ -e /sys/class/power_supply/BAT0/capacity ]]; then
+      swap_mib=$(( mem_mib * 15 / ( devs_count * 10 ) ))
+    else
+      swap_mib=$(( 8192 / devs_count ))
+    fi
   fi
 fi
 
diff --git a/fai/config/scripts/IANK/11-iank b/fai/config/scripts/IANK/11-iank
index c469efa..1386e11 100755
--- a/fai/config/scripts/IANK/11-iank
+++ b/fai/config/scripts/IANK/11-iank
@@ -94,18 +94,11 @@ fi
 
 #### misc configurations
 
-if [[ $FAI_ACTION != dirinstall ]] && ! ifclass NOCRYPT; then
-  if ifclass LINODE; then
-    speed=19200
-    cmdline="rd.luks.crypttab=no net.ifnames=0 console=ttyS0,${speed}n8"
-  else
-    speed=115200
-    cmdline="rd.luks.crypttab=no net.ifnames=0 console=ttyS0,${speed}n8 console=tty0"
-    case $HOSTNAME in
-      kd)
-        fcopy -v /usr/bin/myncq
+# disabled but left for documentation in case issues arise again.
+d16-old-hacks() {
+  fcopy -v /usr/bin/myncq
 
-        cat >$target/etc/systemd/system/myncq.service <<'EOF'
+  cat >$target/etc/systemd/system/myncq.service <<'EOF'
 [Unit]
 Description=fix ncq errors
 
@@ -119,17 +112,24 @@ TimeoutStartSec=20
 WantedBy=dev-disk-by\x2did-ata\x2dSamsung_SSD_870_QVO_8TB_S5VUNG0N900656V.device
 EOF
 
-        $ROOTCMD bash <<'EOFOUTER'
+  $ROOTCMD bash <<'EOFOUTER'
 systemctl enable myncq.service
 /usr/bin/myncq no-upgrub
 EOFOUTER
 
-        ;;&
-      # per rubens suggestion to make a d16 more stable
-      kd|kw) cmdline+=" pci=realloc=off" ;;
-    esac
-  fi
+  # per speculative advice from ruben.
+  cmdline+=" pci=realloc=off"
+}
 
+
+if [[ $FAI_ACTION != dirinstall ]] && ! ifclass NOCRYPT; then
+  if ifclass LINODE; then
+    speed=19200
+    cmdline="rd.luks.crypttab=no net.ifnames=0 console=ttyS0,${speed}n8"
+  elif ifclass D16; then
+    speed=115200
+    cmdline="rd.luks.crypttab=no net.ifnames=0 console=ttyS0,${speed}n8 console=tty0 mitigations=off"
+  fi
 fi ##### end != dirinstall && != NOCRYPT
 
 
@@ -168,7 +168,7 @@ EOF
 fi
 
 # use networkmanager if this host has wireless.
-if [[ ( $(iw dev) && $HOSTNAME != frodo ) || $HOSTNAME == so ]]; then
+if [[ ( $(iw dev) && $HOSTNAME != frodo ) || $HOSTNAME == so || $HOSTNAME == sf ]]; then
   $ROOTCMD bash -xe <<EOF
 apt-get -y install network-manager
 EOF
@@ -368,10 +368,12 @@ case $HOSTNAME in
         echo "error: check freesh keyring url at https://www.fsfla.org/ikiwiki/selibre/linux-libre/freesh.en.html" >&2
         exit 1
       fi
-      $ROOTCMD dpkg -i $target/tmp/x.deb
+      $ROOTCMD dpkg -i /tmp/x.deb
       $ROOTCMD apt-get update
-      $ROOTCMD apt-get -y install linux-libre
     fi
+   # as of feb 2025, linux-libre depends on a nonexistent 6.19 kernel. best we can do is this:
+    $ROOTCMD apt-get -y install linux-libre-6.18
+#    $ROOTCMD apt-get -y install linux-libre
     ;;
 esac
 
-- 
2.30.2