#!/bin/bash
-# Copyright (C) 2016 Ian Kelling
-
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+# Copyright (C) 2019 Ian Kelling
+# SPDX-License-Identifier: AGPL-3.0-or-later
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
-x="$(readlink -f "$BASH_SOURCE")"; cd ${x%/*}
+readonly this_file="$(readlink -f -- "${BASH_SOURCE[0]}")"; cd "${this_file%/*}"
usage() {
- cat <<EOF
-usage: ${0##*/} [-h|--help] [HOST] [DISTRO]
+ cat <<EOF
+usage: ${0##*/} [OPTIONS] [HOST]
Deploy fai config (the one in nfs) to HOST or default faiserver
-Specify DISTRO for setting up DESKTOP packages.
+
+
+-d DISTRO DISTRO for setting up fai class DESKTOP packages, for preinstalling stuff.
+-t TARGET_HOST Copy only secrets for TARGET_HOST into the config space. Useful for virtual server
+ on hardware we don't control.
+-h|--help Print help and exit
Note: uses paths specific to authors machine.
EOF
- exit $1
+ exit $1
}
-case $1 in
- -h|--help) usage ;;
-esac
+##### begin command line parsing ########
+
+# ensure we can handle args with spaces or empty.
+ret=0; getopt -T || ret=$?
+[[ $ret == 4 ]] || { echo "Install util-linux for enhanced getopt" >&2; exit 1; }
+
+temp=$(getopt -l help hd:t: "$@") || usage 1
+eval set -- "$temp"
+while true; do
+ case $1 in
+ -d) distro=$2; shift ;;
+ -t) target=$2; shift ;;
+ -h|--help) usage ;;
+ --) shift; break ;;
+ *) echo "$0: unexpected args: $*" >&2 ; usage 1 ;;
+ esac
+ shift
+done
host=${1:-faiserver}
-distro=$2
+
+readonly host distro target
+
+##### end command line parsing ########
# i use faiserver as a dns alias, but ssh key is associated with
# a canonical hostname and we will have ssh warning spam unless we
rsync -rlpt --delete --relative --exclude /fai/config/basefiles/ fai/config root@$faiserver_host:/srv
-
-scp -q ~/.ssh/home.pub \
- root@$faiserver_host:/srv/fai/config/files/root/.ssh/authorized_keys/GRUB_PC
+sudo rsync -a /root/.ssh/home.pub \
+ root@$faiserver_host:/srv/fai/config/files/root/.ssh/authorized_keys/STANDARD
# todo: automatically disable faiserver after a period so
-# these files are not exposed.
-sudo scp -qr /q/root/luks /q/root/shadow \
- root@$faiserver_host:/srv/fai/config/distro-install-common
+# these files are not available.
-# should tar ssh all the files, but these ones really justified it
-tar -cz /p/c/machine_specific/*/filesystem/etc/ssh | \
- ssh root@$faiserver_host tar -xz -C /srv/fai/config/distro-install-common
+if [[ $target ]]; then
+ sudo rsync -lpt --files-from=- /q/root root@$faiserver_host:/srv/fai/config/distro-install-common <<EOF
+luks/$target
+luks/host-$target
+shadow/$target
+EOF
+else
+ sudo rsync -rlpt /q/root/shadow /q/root/luks root@$faiserver_host:/srv/fai/config/distro-install-common
+fi
+dirs=(/p/c/machine_specific/${target:-*}/filesystem/etc/ssh)
+if [[ -e ${dirs[0]} ]]; then
+ rsync -rlpt --delete --relative ${dirs[@]} root@$faiserver_host:/srv/fai/config/distro-install-common
+fi
. /a/bin/distro-setup/pkgs
pall+=($(/a/bin/buildscripts/emacs -p; /a/bin/distro-setup/distro-pkgs $distro))
-{ echo PACKAGES install; echo "${pall[*]}"|sed 's/ /\n/g'; } | \
+
+printf "%s\n%s\n" "PACKAGES install" ${pall[*]} | \
ssh root@$faiserver_host dd of=/srv/fai/config/package_config/DESKTOP 2>/dev/null ||: # broken pipe
# the other directory, so it's kind of a tossup, whatever.
sed -ri 's,^ *(TFTP_DIRECTORY=).*,\1"/srv/tftp/fai",' /etc/default/tftpd-hpa
systemctl restart tftpd-hpa
-chmod 644 /srv/fai/config/files/root/.ssh/authorized_keys/GRUB_PC
-chmod -R a+rX /srv/fai/config/distro-install-common
changed=false
f=/srv/fai/nfsroot/root/.ssh/known_hosts
iankelling.org / git / automated-distro-installer / blobdiff