#!/bin/bash
+# note, this script gets piped to bash, so cant cd to current dir
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+
+fai_action_arg=I
+fai_reboot_arg=,reboot
case $1 in
-h|--help)
echo "see help from myfai-chboot"
exit 0
;;
+ -S)
+ fai_action_arg=S
+ fai_reboot_arg=
+ shift
+ ;;
esac
[[ $EUID == 0 ]] || exec sudo "${BASH_SOURCE}" "$@"
-e() { echo "$@"; "$@"; }
+e() {
+ echo "$*"
+ if ! "$@"; then
+ echo "$0: error: exit code $? from: $*"
+ exit 1
+ fi
+}
host=$1
-type -t host &>/dev/null || apt-get -y install dnsutils
-ip=$(host $host | sed -rn 's/^\S+ has address //p;T;q')
-gateway_ip=$(route -n | sed -rn 's/^0\.0\.0\.0\s+(\S+).*/\1/p')
-my_ip=$(host faiserver $gateway_ip | sed -rn 's/^\S+ has address //p;T;q')
+# assuming ipv4, or else we might need to deal with multiple addresses
+# in an ipv4 + ipv6 network.
+my_ip=$(ip -4 route get 8.8.8.8 | sed -nr 's,^.*src\s+(\S+).*,\1,p')
+if [[ ! $my_ip || $my_ip =~ [[:space:]] ]]; then
+ echo "$0: error: failed to get \$my_ip, got: $my_ip"
+ exit 1
+fi
+
+if [[ $host == default ]]; then
+ ip='*'
+elif [[ $host == [0-9]*.[0-9]*.[0-9]*.[0-9]* ]]; then
+ ip=$host/32
+else
+ type -t host &>/dev/null || apt-get -y install dnsutils
+ ip=$(host $host | sed -rn 's/^\S+ has address //p;T;q')/32
+ if [[ ! $ip || $ip =~ [[:space:]] ]]; then
+ echo "$0: error: failed to get \$my_ip, got: $my_ip"
+ exit 1
+ fi
+
+fi
if modprobe nfsd &>/dev/null; then
std_arg="-u nfs://faiserver/srv/fai/config"
- root_arg="$my_ip:/srv/fai/nfsroot"
+ # nfsv4 wont do rw with overlayfs yet
+ # https://lists.uni-koeln.de/pipermail/linux-fai/2017-March/011641.html
+ root_arg="$my_ip:/srv/fai/nfsroot:vers=3"
# fai-setup without -e sets the ip to the local_ip/local_network, eg 192.168.1.3/24
# I restrict it to one ip as simple but imperfect access control.
sed -ri --follow-symlinks '\%^/srv/fai/%d' /etc/exports
cat >>/etc/exports <<EOF
-/srv/fai/config $ip/32(async,ro,no_subtree_check)
-/srv/fai/nfsroot $ip/32(async,ro,no_subtree_check,no_root_squash)
+/srv/fai/config $ip(async,ro,no_subtree_check)
+/srv/fai/nfsroot $ip(async,ro,no_subtree_check,no_root_squash)
EOF
exportfs -ra
+ systemctl start nfs-server # assumes recent os
else
std_arg="-u http://faiserver:8080/config.tar.gz"
root_arg="live:http://faiserver:8080/squash.img"
- /a/exe/apache-site -i -p 8080 - faiserver <<EOF
+ /a/exe/web-conf -i -p 8080 - apache2 faiserver <<EOF
<Location />
Deny from all
Allow from $ip
# man page doesn't explain this, but this deletes & thus disables
# all chboot systems.
-e fai-chboot -Iv $std_arg default # set it to default to get a val out of it next
+e fai-chboot -${fai_action_arg}v $std_arg default # set it to default to get a val out of it next
kernel=$(fai-chboot -L '^default$' | awk '{print $3}')
default_k_args=$(fai-chboot -L '^default$' | \
sed -r "s/^(\S+\s+){3}(.*)/\2/")
esac
done
rm -f /srv/tftp/fai/pxelinux.cfg/*
-e fai-chboot -k "${k_args[*]}" -v -f verbose,sshd,createvt,reboot $std_arg $kernel "$host"
+e fai-chboot -k "${k_args[*]}" -v -f verbose,sshd,createvt$fai_reboot_arg $std_arg $kernel "$host"
iankelling.org / git / automated-distro-installer / blobdiff