various fixes for bullseye and new ssh key changes

[automated-distro-installer] / faiserver-setup

diff --git a/faiserver-setup b/faiserver-setup
index b6d36d01ec7abeaf0ed4c99e756694be4994f2fa..e1f744bcec9045c1a7c02e9285fadf21371de521 100755 (executable)
--- a/faiserver-setup
+++ b/faiserver-setup
@@ -31,7 +31,7 @@ as the tftp server. I vaguely remember that using a hostname does not
 work.  Separate from running this, faiserver needs to be setup in dns to
 point to whatever host this is run on.
 
 work.  Separate from running this, faiserver needs to be setup in dns to
 point to whatever host this is run on.
 

-Default BASE_CODENAME is buster. Default ARCH is 64. The script expects corresponding
+Default BASE_CODENAME is bullseye. Default ARCH is 64. The script expects corresponding

 $BASEFILE_DIR/${UPCASED_BASE_CODENAME}${ARCH}.tar.(gz|xz) to exist, and it must have been
 generated around the same time as the nfsroot, at least so it has the
 same kernel version.
 $BASEFILE_DIR/${UPCASED_BASE_CODENAME}${ARCH}.tar.(gz|xz) to exist, and it must have been
 generated around the same time as the nfsroot, at least so it has the
 same kernel version.


@@ -61,7 +61,7 @@ esac
 e() { echo "+ $@"; "$@"; }
 
 
 e() { echo "+ $@"; "$@"; }
 
 

-base=${1:-buster}
+base=${1:-bullseye}

 arch=${2:-64}
 
 if [[ $base == [[:upper:]] ]]; then
 arch=${2:-64}
 
 if [[ $base == [[:upper:]] ]]; then


@@ -97,7 +97,7 @@ wget -O - https://fai-project.org/download/2BF8D9FE074BCDE4.asc | apt-key add -
 
 update=false
 case $base in
 
 update=false
 case $base in

-  stretch|buster|bullseye)
+  stretch|bullseye|bullseye)

     if ! grep -qFx "deb https://fai-project.org/download $base koeln" /etc/apt/sources.list.d/fai.list; then
       update=true
     fi
     if ! grep -qFx "deb https://fai-project.org/download $base koeln" /etc/apt/sources.list.d/fai.list; then
       update=true
     fi


@@ -131,7 +131,7 @@ fi
 # kernel, or the ability to install it.
 # xorriso is for running fai-cd -a, not strictly need for fai-server
 # perl-tk is for fai-monitor-gui
 # kernel, or the ability to install it.
 # xorriso is for running fai-cd -a, not strictly need for fai-server
 # perl-tk is for fai-monitor-gui

-pkgs=(fai-doc tftpd-hpa tar reprepro squashfs-tools binutils xorriso)
+pkgs=(fai-doc tftpd-hpa tar reprepro squashfs-tools binutils xorriso perl-tk)

 if modprobe nfsd &>/dev/null; then
   pkgs+=(nfs-kernel-server)
 else
 if modprobe nfsd &>/dev/null; then
   pkgs+=(nfs-kernel-server)
 else


@@ -295,11 +295,22 @@ EOF
 fi
 
 rm -f /srv/fai/nfsroot/root/.ssh/known_hosts
 fi
 
 rm -f /srv/fai/nfsroot/root/.ssh/known_hosts

-key=$(ssh-keyscan localhost |& grep -o "ecdsa-sha2-nistp256.*")
+if [[ $HOSTNAME == kd ]]; then
+  keyscan_arg="-p 8989"
+  fi
+key=$(ssh-keyscan $keyscan_arg localhost |& grep -o "ecdsa-sha2-nistp256.*")

 for ip in faiserver $(ip addr show up| grep -w '^ *inet' | awk '{print $2}'| cut -d / -f 1 | grep -vF 127.0.0.1); do
   echo "$ip $key" >>/srv/fai/nfsroot/root/.ssh/known_hosts
 done
 
 for ip in faiserver $(ip addr show up| grep -w '^ *inet' | awk '{print $2}'| cut -d / -f 1 | grep -vF 127.0.0.1); do
   echo "$ip $key" >>/srv/fai/nfsroot/root/.ssh/known_hosts
 done
 

+# make it the root because pxe-kexec only looks there.
+# It wouldn't be too hard to change if we needed.
+# We could also just dump things in /srv/tftp, but fai
+# has some defaults, which I don't even use, which expect
+# the other directory, so it's kind of a tossup, whatever.
+sed -ri 's,^ *(TFTP_DIRECTORY=).*,\1"/srv/tftp/fai",' /etc/default/tftpd-hpa
+systemctl restart tftpd-hpa
+

 
 # serial console
 # mainly from
 
 # serial console
 # mainly from