From d3fb9d4972142e5a1676435dfdefbe0ea821a201 Mon Sep 17 00:00:00 2001 From: Ian Kelling Date: Tue, 18 Jun 2024 19:31:52 -0400 Subject: [PATCH] improvements --- fai-redep | 2 +- fai/config/scripts/DEBIAN/11-iank | 53 ++++++++++------------------- myfai-chboot-local | 2 +- wrt-setup | 3 +- wrt-setup-local | 55 +++++++++++++++++-------------- 5 files changed, 52 insertions(+), 63 deletions(-) diff --git a/fai-redep b/fai-redep index 250b458..5498667 100755 --- a/fai-redep +++ b/fai-redep @@ -129,7 +129,7 @@ else rsrv -rlpt /q/root/shadow /q/root/luks /fai/config/distro-install-common fi -rsrv -rlpt --delete /a/opt/btrfs-progs-release /fai/config/distro-install-common +rsrv -rlpt --delete /a/bin/ds/bash-lib-u /a/opt/btrfs-progs-release /fai/config/distro-install-common dirs=(/p/c/machine_specific/${target:-*}/filesystem/etc/ssh) if [[ -e ${dirs[0]} ]]; then diff --git a/fai/config/scripts/DEBIAN/11-iank b/fai/config/scripts/DEBIAN/11-iank index 130c7e9..b2c5567 100755 --- a/fai/config/scripts/DEBIAN/11-iank +++ b/fai/config/scripts/DEBIAN/11-iank @@ -26,6 +26,7 @@ fi m() { printf "%s\n" "$*"; "$@"; } +source $FAI/distro-install-common/bash-misc-functions fcopy -riB /root @@ -70,7 +71,6 @@ apt-get install -y kexec-tools # that a non-root user can disrupt the system, eg cause a reboot. sed -i '$a kernel.sysrq=1 /^kernel.sysrq=/d' /etc/sysctl.conf - EOFOUTER cmdline_extra="$d16_cmdline $fsf_cmdline_extra" @@ -80,45 +80,28 @@ cmdline_extra="$d16_cmdline $fsf_cmdline_extra" # and with rd.luks.crypttab=no, it works. cmdline="rd.luks.crypttab=no net.ifnames=0 $cmdline_extra" -chroot $FAI_ROOT bash <>/etc/default/grub +u /etc/default/grub.d/iank.cfg <<'EOF' +# note: in git history, you can see code that modified the existing +# GRUB_CMDLINE_LINUX_DEFAULT. That was being cautious in case something +# else modified it, but experience has shown nothing else modifying it. -sed -ri 's/^ *GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT="$cmdline"/' /etc/default/grub -sed -ri 's/^ *GRUB_TIMEOUT_STYLE=.*/GRUB_TIMEOUT_STYLE=menu/' /etc/default/grub -sed -ri 's/^ *GRUB_TIMEOUT=.*/GRUB_TIMEOUT=6/' /etc/default/grub +GRUB_CMDLINE_LINUX_DEFAULT="$cmdline" +GRUB_TERMINAL=console # on xenial, no grub is displayed at all. fix that. -# found just by noticing this in the config file, and a -# warning about it in error.log -sed -i '/^ *GRUB_HIDDEN_TIMEOUT/d' /etc/default/grub - -if type -P update-grub2 &>/dev/null; then - update-grub2 -else - update-grub -fi - +# found just by noticing a warning about it in error.log +GRUB_HIDDEN_TIMEOUT= +GRUB_TIMEOUT_STYLE=menu +GRUB_TIMEOUT=4 +# grub tries to detect error in booting and then wait longer with this entry. +# but that detection doesn't work for us because we have btrfs /boot, and so it flags +# failure always. +GRUB_RECORDFAIL_TIMEOUT=4 EOF +if $ur; then + $ROOTCMD update-grub +fi # I prefer to stick with ifup/down or networkmanager: networkd is not in its # own package, so cant use in other init systems. b. it works fine. diff --git a/myfai-chboot-local b/myfai-chboot-local index ca4d32e..0f83ea0 100755 --- a/myfai-chboot-local +++ b/myfai-chboot-local @@ -111,7 +111,7 @@ if [[ $hostip ]]; then exit 1 fi else - my_ip=$(ip r show default | sed -r 's/.*via ([^ ]*).*/\1/' | head -n1) + my_ip=$(ip r show default | sed -r 's/.*src ([^ ]*).*/\1/' | head -n1) fi if [[ $host == default ]]; then diff --git a/wrt-setup b/wrt-setup index 55de769..8f94f71 100755 --- a/wrt-setup +++ b/wrt-setup @@ -79,7 +79,8 @@ rsync /a/work/libremanage/libremanage /a/bin/fai/wrt-init /a/bin/fai/wrt-setup-l #/a/opt/openwrt/source/bin/packages/mips_24kc/mypackages/relay_1.0-1_mips_24kc.ipk \ rsync /q/root/shadow/router /p/c/machine_specific/wrt/etc/dropbear/dropbear_rsa_host_key \ - /p/router-secrets /p/c/machine_specific/wrt/etc/wg.{key,psk} /p/c/{ptr,dnsmasq,cmc-firewall}-data /b/bash-bear-trap/bash-bear $h: + /p/router-secrets /p/c/machine_specific/wrt/etc/wg.{key,psk} \ + /p/c/{ptr,dnsmasq,cmc-firewall}-data /p/c/cmc-firewall-data-http /b/bash-bear-trap/bash-bear $h: rsync ../openwrtkeyring/usign/* $h:/etc/opkg/keys ssh $h wrt-init ${HOME_DOMAIN:-b8.nz} "$@" diff --git a/wrt-setup-local b/wrt-setup-local index c78fd90..11c9327 100755 --- a/wrt-setup-local +++ b/wrt-setup-local @@ -620,7 +620,37 @@ esac { # shellcheck source=/p/c/cmc-firewall-data . /root/cmc-firewall-data + # sets $http_ip + # shellcheck source=/p/c/cmc-firewall-data-http + . /root/cmc-firewall-data-http cat <