more complete copyright notices

[automated-distro-installer] / myfai-chboot-local

#!/bin/bash
# This file is part of Ian Kelling's automated-distro-installer
# Copyright (C) 2024 Ian Kelling

# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.

# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.

# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

# note, this script gets piped to bash, so cant cd to current dir

[[ $EUID == 0 ]] || exec sudo "${BASH_SOURCE}" "$@"

set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR

kgped16=false
bond=false
fai_action=install
fai_reboot_arg=,reboot
while [[ $1 == -* ]]; do
  case $1 in
    -h|--help)
      echo "see help from myfai-chboot"
      exit 0
      ;;
    -S)
      fai_action=sysinfo
      fai_reboot_arg=
      shift
      ;;
    -i) #inventory
      fai_action=inventory
      fai_reboot_arg=
      shift
      ;;
    -k)
      kgped16=true
      shift
      ;;
    -b)
      bond=true
      shift
      ;;
    --no-r)
      fai_reboot_arg=
      shift
      ;;
  esac
done

pre="${0##*/}:"
m() { printf "$pre %s\n"  "$*"; "$@"; }
e() { printf "$pre %s\n"  "$*"; }
err() { echo "[$(date +'%Y-%m-%d %H:%M:%S%z')]: $pre: $*" >&2; }

host=$1


rm -f /srv/tftp/fai/pxelinux.cfg/*
if [[ ! $1 ]]; then
  echo "$0: clearing pxe config and exiting"
  exit 0
fi

# somewhat duplicated in brc hostip()
case $host in
  default) : ;;
  [0-9:])
    hostip=$host
    ;;
  *)
    hostip=$(getent ahostsv4 "$host" | awk '{ print $1 }' | head -n1)
    ;;
esac

if [[ $hostip ]]; then

  # assuming ipv4, or else we might need to deal with multiple addresses
  # in an ipv4 + ipv6 network.
  my_ip=$(ip -4 route get $hostip | sed -nr 's,^.*src\s+(\S+).*,\1,p')
  if [[ ! $my_ip || $my_ip =~ [[:space:]] ]]; then
    echo "$0: error: failed to get \$my_ip, got: $my_ip"
    exit 1
  fi
else
  my_ip=$(ip r show default | sed -r 's/.*via ([^ ]*).*/\1/' | head -n1)
fi

if [[ $host == default ]]; then
  ip='*'
elif [[ $host == [0-9]*.[0-9]*.[0-9]*.[0-9]* ]]; then
  ip=$host/32
else
  type -t host &>/dev/null || apt-get -y install dnsutils
  ip=$(host $host | sed -rn 's/^\S+ has address //p;T;q' ||:)
  if [[ ! $ip || $ip =~ [[:space:]] ]]; then
    echo "$0: error: failed to get \$ip, got: $ip"
    exit 1
  fi
  ip=$ip/32
  echo "$0: found ip of $host: $ip"
fi

if modprobe nfsd &>/dev/null; then
  std_arg="-u nfs://faiserver/srv/fai/config"
  # nfsv4 wont do rw with overlayfs yet
  # https://lists.uni-koeln.de/pipermail/linux-fai/2017-March/011641.html
  root_arg="$my_ip:/srv/fai/nfsroot:vers=3"
  # fai-setup without -e sets the ip to the local_ip/local_network, eg 192.168.1.3/24
  # I restrict it to one ip as simple but imperfect access control.

  # we may chattr +i /etc/exports if we dun want it modified
  # for example, if we made these exports more widely available
  # while doing multiple installs or a recovery.
  if [[ -w /etc/exports ]]; then
    sed -ri --follow-symlinks '\%^/srv/fai/%d' /etc/exports
    cat >>/etc/exports <<EOF
/srv/fai/config $ip(async,ro,no_subtree_check,no_root_squash)
/srv/fai/nfsroot $ip(async,ro,no_subtree_check,no_root_squash)
EOF
    exportfs -ra
  fi
  systemctl start nfs-server # assumes recent os
else
  std_arg="-u http://faiserver:8080/config.tar.gz"
  root_arg="live:http://faiserver:8080/squash.img"
  /a/exe/web-conf -i -p 8080 - apache2 faiserver <<EOF
<Location />
    Deny from all
    Allow from $ip
</Location>
EOF
fi



# man page doesn't explain this, but this deletes & thus disables
# all chboot systems.
m fai-chboot -iv $std_arg default # set it to default to get a val out of it next
kernel=$(fai-chboot -L '^default$' | awk '{print $3}')
default_k_args=$(fai-chboot -L '^default$' | \
                   sed -r "s/^(\S+\s+){3}(.*)/\2/")
# example of default_k_args
# initrd=initrd.img-3.16.0-4-amd64 ip=dhcp root=192.168.1.3:/srv/fai/nfsroot FAI_CONFIG_SRC=nfs://faiserver/srv/fai/config FAI_ACTION=install

# https://wiki.archlinux.org/index.php/Solid_state_drive#Resolving_NCQ_errors
# currently on needed on d16 samsung 870 qvo, but better to have this
# and not wait for more conditions where its needed.
#k_args=(FAI_ACTION=$fai_action libata.force=noncq ifname:bootnet0:08:60:6e:10:f0:fe ifname:bootnet1:08:60:6e:10:f0:98 bond=bond0:bootnet0,bootnet1:mode=balance-rr)
#k_args=(FAI_ACTION=$fai_action libata.force=noncq ifname:bootnet0:08:60:6e:10:f0:fe biosdevname=0 bootdev=bootnet0)
k_args=(FAI_ACTION=$fai_action libata.force=noncq)
if $kgped16; then
  k_args+=(console=tty0 console=ttyS0,115200)
fi

for arg in $default_k_args; do
  case $arg in
    # default root arg is /srv/fai/nfsroot
    root=*) k_args+=(root=$root_arg) ;;
    # note: this works to only dhcp on one interface: ip=eth0:dhcp
    ip=*)
      if $bond; then
        k_args+=("bond=bond0:eth0,eth1:mode=balance-rr ip=bond0:dhcp")
      else
        k_args+=($arg)
      fi
      ;;
    *) k_args+=($arg) ;;
  esac
done
rm -f /srv/tftp/fai/pxelinux.cfg/*
m fai-chboot -k "${k_args[*]}" -v -f verbose,sshd,createvt$fai_reboot_arg $std_arg $kernel "$host"

# this is needed for autodiscover iso. i'm not sure, it might override
# the fai-chboot method of setting this, i'm not sure.
echo FAI_ACTION=$fai_action >> /srv/fai/config/class/LAST.var