X-Git-Url: https://iankelling.org/git/?p=automated-distro-installer;a=blobdiff_plain;f=fai-redep;h=05414973ff69f9607fb7fec8f75897540cc5c2e4;hp=df08b7660a05331997010085c741d7a327c88062;hb=HEAD;hpb=051fc89e27bd812a1a45292f6d2a18803ce6f394

diff --git a/fai-redep b/fai-redep
index df08b76..250b458 100755
--- a/fai-redep
+++ b/fai-redep
@@ -1,16 +1,35 @@
 #!/bin/bash
-# Copyright (C) 2019 Ian Kelling
-# SPDX-License-Identifier: AGPL-3.0-or-later
+# This file is part of Ian Kelling's automated-distro-installer
+# Copyright (C) 2024 Ian Kelling
+
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+
+[[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@"
+
 set -eE -o pipefail
 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 
-[[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@"
+this_file="$(readlink -f -- "${BASH_SOURCE[0]}")"
+readonly this_file this_dir="${this_file%/*}"
+cd "$this_dir"
 
-readonly this_file="$(readlink -f -- "${BASH_SOURCE[0]}")"; cd "${this_file%/*}"
 
 usage() {
-  cat <<EOF
-usage: ${0##*/} [OPTIONS] [HOST]
+  cat <<'EOF'
+usage: fai-redep [OPTIONS] [HOST]
 Deploy fai config (the one in nfs) to HOST or default faiserver
 
 Note, for booting from fai-cd, this needs to be called from myfai-chboot or that via pxe-server,
@@ -40,26 +59,40 @@ while true; do
   case $1 in
     -d) distro=$2; shift ;;
     -t) target=$2; shift ;;
-    -h|--help) usage ;;
+    -h|--help) usage 0 ;;
     --) shift; break ;;
     *) echo "$0: unexpected args: $*" >&2 ; usage 1 ;;
   esac
   shift
 done
-host=${1:-faiserver}
+host=${1:-faiserver.b8.nz}
 
 readonly host distro target
 
 ##### end command line parsing ########
 
+m() { printf "fai-redep: %s\n"  "$*"; "$@"; }
+
 # i use faiserver as a dns alias, but ssh key is associated with
 # a canonical hostname and we will have ssh warning spam unless we
 # use it, so look it up just to avoid the warning spam.
-faiserver_host=$(/a/exe/chost $host) || faiserver_host=$host
+faiserver_host=$(/a/exe/chost $host)
+#  faiserver_host=$host
 
 faiserver_addr=$(host $host | sed -rn 's/^\S+ has address //p;T;q' ||:)
+
+rsrv() {
+  local -a opts
+  while [[ $2 ]]; do
+    opts+=("$1")
+    shift
+  done
+  m rsync "${ropts[@]}" "${opts[@]}" "$rpath$1"
+}
+rpath=/srv
 if ! ip a | grep "^ *inet.\? $faiserver_addr" &>/dev/null; then
-  rpre="-e 'ssh -F $HOME/.ssh/confighome' root@$faiserver_host:"
+  ropts=(-e "ssh -F $HOME/.ssh/confighome")
+  rpath="root@$faiserver_host:/srv"
   faiserver_shell="ssh -F $HOME/.ssh/confighome root@$faiserver_host"
 fi
 
@@ -68,38 +101,50 @@ rsync -atL /home/iank/.ssh/authorized_keys fai/config/files/root/.ssh/authorized
 # we hssh and ssh_filter_btrbk for the initial btrbk (alternatively, I could open up the
 # permissions in authorized_keys, but that just seems lazy)
 install --owner=iank --group=iank -d fai/config/files/usr/local/bin/hssh
-rsync -atL /a/bin/ds/hssh fai/config/files/usr/local/bin/hssh/STANDARD
 install --owner=iank --group=iank -d fai/config/files/usr/local/bin/ssh_filter_btrbk.sh
 rsync -atL /a/opt/btrbk/ssh_filter_btrbk.sh fai/config/files/usr/local/bin/ssh_filter_btrbk.sh/STANDARD
-
-rsync -rlpt --delete --relative --exclude /fai/config/basefiles/ fai/config $rpre/srv
+rsrv -rlpt --delete --relative --exclude /fai/config/basefiles/ fai/config /
 
 # todo: automatically disable faiserver after a period so
 # these files are not available.
 
+
 if [[ $target ]]; then
-  if test -e /q/root/shadow/$target; then
-    shadowfile=shadow/$target # empty otherwise
+  secret_files=(luks/$target luks/host-$target shadow/$target)
+  exists=false
+  for f in ${secret_files[@]}; do
+    if [[ -e /q/root/$f ]]; then
+      exists=true
+      secrets_to_send+=("$f")
+    fi
+  done
+  if $exists; then
+    {
+      for f in ${secrets_to_send[@]}; do
+        echo $f
+      done
+    } | rsrv -lpt --files-from=- /q/root /fai/config/distro-install-common
   fi
-  rsync -lpt --files-from=- /q/root $rpre/srv/fai/config/distro-install-common <<EOF
-luks/$target
-luks/host-$target
-$shadowfile
-EOF
 else
-  rsync -rlpt /q/root/shadow /q/root/luks $rpre/srv/fai/config/distro-install-common
+  rsrv -rlpt /q/root/shadow /q/root/luks /fai/config/distro-install-common
 fi
 
+rsrv -rlpt --delete /a/opt/btrfs-progs-release /fai/config/distro-install-common
+
 dirs=(/p/c/machine_specific/${target:-*}/filesystem/etc/ssh)
 if [[ -e ${dirs[0]} ]]; then
-  rsync -rlpt --delete --relative ${dirs[@]} $rpre/srv/fai/config/distro-install-common
+  rsrv -rlpt --delete --relative ${dirs[@]} /fai/config/distro-install-common
 fi
 
 . /a/bin/distro-setup/pkgs
-pall+=($(/a/bin/buildscripts/emacs -p; /a/bin/distro-setup/distro-pkgs $distro))
+tmpstr=$(/a/bin/buildscripts/emacs -p && /a/bin/distro-setup/distro-pkgs $distro)
+declare -a pall
+for p in $tmpstr; do
+  pall+=($p)
+done
 
 printf "%s\n%s\n" "PACKAGES install" ${pall[*]} | \
-  $faiserver_shell dd of=/srv/fai/config/package_config/DESKTOP 2>/dev/null ||: # broken pipe
+  $faiserver_shell dd of=/srv/fai/config/package_config/DESKTOP status=none ||: # broken pipe
 
 
-rsync -rplt --include '/*.gz' --exclude '/**' --delete-excluded $BASEFILE_DIR/ $rpre/srv/fai/config/basefiles/
+rsrv -rplt --include '/*.zst' --exclude '/**' --delete-excluded $BASEFILE_DIR/ /fai/config/basefiles/