shopt -s extglob
ssh root@$faiserver_host rm -rf /srv/fai/config/!(basefiles)
-scp -r fai/config root@$faiserver_host:/srv/fai
+scp -qr fai/config root@$faiserver_host:/srv/fai
-scp ~/.ssh/id_rsa.pub \
+scp -q ~/.ssh/id_rsa.pub \
root@$faiserver_host:/srv/fai/config/files/root/.ssh/authorized_keys/GRUB_PC
# todo: automatically disable faiserver after a period so
# these files are not exposed.
-s scp -r /q/root/luks /q/root/shadow \
+s scp -qr /q/root/luks /q/root/shadow \
root@$faiserver_host:/srv/fai/config/distro-install-common
-scp /a/bin/devbyid root@$faiserver_host:/srv/fai/nfsroot/usr/local/bin
-# built this with mk-basefile -J BELENOS64. it's stored in it's own repo which
-# is published alongside this one called fai-basefiles due
-# to being a large binary file.
-scp /a/bin/fai-basefiles/BELENOS64.tar.xz root@$faiserver_host:/srv/fai/config/basefiles
+scp -q /a/bin/devbyid root@$faiserver_host:/srv/fai/nfsroot/usr/local/bin
+
+# built BELANOS basefile with mk-basefile -J BELENOS64. it's stored in
+# it's own repo which is published alongside this one called
+# fai-basefiles due to being a large binary file.
+scp -q /a/bin/fai-basefiles/*.tar.xz root@$faiserver_host:/srv/fai/config/basefiles
ssh root@$faiserver_host bash <<'EOF'
set -eE -o pipefail
set -x
if [[ $base == jessie ]]; then
- wget -O - http://fai-project.org/download/074BCDE4.asc | apt-key add -
- cat >/etc/apt/sources.list.d/fai.list <<'EOF'
+ wget -O - http://fai-project.org/download/074BCDE4.asc | apt-key add -
+ cat >/etc/apt/sources.list.d/fai.list <<'EOF'
deb http://fai-project.org/download jessie koeln
EOF
else
# for debian:
+r=http://http.us.debian.org/debian
+# like default, but scrap httpredir, and nonfree.
+# All my systems should be able to get along without nonfree
+# for a base working system afaik.
+dd of=/etc/fai/apt/sources.list <<EOF
+deb $r $base main contrib
+deb http://security.debian.org/debian-security $base/updates main contrib
+EOF
+
+if [[ $base == jessie ]]; then
+ tee -a /etc/fai/apt/sources.list <<'EOF'
+# uncommenting this from the defaults. it's got bug fixes.
+# repository that may contain newer fai packages for jessie
+deb http://fai-project.org/download jessie koeln
+# fix tar https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819978
+deb http://ftp.debian.org/debian jessie-backports main
+EOF
+
+ # note, fai doesn't look at /etc/fai/apt/preferences.d
+ cat >/etc/fai/apt/preferences <<'EOF'
+Package: tar
+Pin: release a=jessie-backports
+Pin-Priority: 500
+EOF
+fi
+
apt-get update
# all the dependencies except the dhcp server
deps="$(apt-cache show fai-quickstart | grep ^Depends: |head -n 1|\
sed -r 's/^Depends:|,|\|[^,]+|isc-dhcp-server//g')"
-to_install=()
+to_install=(tar)
for pkg in $deps; do
dpkg -s $pkg &>/dev/null && continue ||:
to_install+=($pkg)
echo `date` $pkg >>/var/log/fai-manually-installed-packages.log
done
if [[ $to_install ]]; then
- apt-get -y install ${to_install[@]}
+ apt-get -y install ${to_install[@]}
fi
-r=http://http.us.debian.org/debian
-# like default, but scrap httpredir and add suggested newer pkgs in fai-project.org
-dd of=/etc/fai/apt/sources.list <<EOF
-deb $r $base main contrib non-free
-deb http://security.debian.org/debian-security $base/updates main contrib non-free
-EOF
-
-if [[ $base == jessie ]]; then
- tee -a /etc/fai/apt/sources.list <<'EOF'
-deb http://fai-project.org/download jessie koeln
-EOF
-fi
# tried out a stretch base, doesn't work yet.
$sed -f - /etc/fai/nfsroot.conf <<EOF
if ! grep cryptsetup /etc/fai/NFSROOT &>/dev/null; then
- $sed '/^PACKAGES install$/a cryptsetup' /etc/fai/NFSROOT
+ $sed '/^PACKAGES install$/a cryptsetup' /etc/fai/NFSROOT
fi
e fai-setup -vf
{ head -n 1 /srv/fai/nfsroot/root/.ssh/known_hosts | awk '{print $1}' \
- | tr '\n' ' '; ssh-keyscan localhost | grep -o "ecdsa-sha2-nistp256.*"; \
- } >>/srv/fai/nfsroot/root/.ssh/known_hosts
+ | tr '\n' ' '; ssh-keyscan localhost | grep -o "ecdsa-sha2-nistp256.*"; \
+ } >>/srv/fai/nfsroot/root/.ssh/known_hosts
# initially did the basic fai-chboot -Iv $std_arg default
# but found in console that it wanted to mount nfsroot
iankelling.org / git / automated-distro-installer / commitdiff