a bunch of fixes and improvements

diff --git a/README b/README
index da28e4e2f0a0ef933f72cc0949055eb864e0c208..6d097f9681dd9b4fcc4c4ffefad3902eef38feae 100644 (file)
--- a/README
+++ b/README
@@ -128,7 +128,7 @@ archlike-pxe # Setup pxe boot server from an archlike base image
 fai-redep # Deploy fai configuration to host "faiserver"
 faiserver-uninstall # uninstall fai-server
 faiserver-setup # install fai-server on the current machine
 fai-redep # Deploy fai configuration to host "faiserver"
 faiserver-uninstall # uninstall fai-server
 faiserver-setup # install fai-server on the current machine

-myfai-chboot # setup fai tftp and nfs. useful for doing pxe-kexec
+myfai-chboot # setup fai tftp and nfs. useful for doing pxe-kexec or booting from a fai-cd.

 pxe-server # disable/enable pxe dhcp, tfp, and nfs. calls myfai-chboot
 wrt-setup  # setup my router in general: dhcp, dns, etc.
 
 pxe-server # disable/enable pxe dhcp, tfp, and nfs. calls myfai-chboot
 wrt-setup  # setup my router in general: dhcp, dns, etc.
 


@@ -191,6 +191,24 @@ ERROR: Kernel modules directory /lib/modules/5.10.0-8-amd not available. Only fo
 
 solution: if running from fai-cd, recreate autodiscover cd as noted above in setup.
 
 
 solution: if running from fai-cd, recreate autodiscover cd as noted above in setup.
 

+## Weird package dependency errors
+
+for example: in fai.log, within instsoft.DEBIAN
+```
+The following packages have unmet dependencies:
+ libc6 : Breaks: locales (< 2.36) but 2.35-0ubuntu3.7+11.0trisquel1 is to be installed
+```
+
+In this case, it was because the basefile was missing, and so instead
+fai decided to use the wrong basefile.
+
+for example: in fai.log, within instsoft.DEBIAN
+
+```
+ftar: No matching class found in /var/lib/fai/config/basefiles//
+ftar: extracting /var/tmp/base.tar.zst to /target/
+```
+

 # What good logs look like:
 
 logging nfs traffic from server
 # What good logs look like:
 
 logging nfs traffic from server

diff --git a/fai-redep b/fai-redep
index 5e08b2f4b106329291c349b83b28607f60dccf3e..8e5919d9561ab05223a6cb18e4a01b9f38fcc8ff 100755 (executable)
--- a/fai-redep
+++ b/fai-redep
@@ -75,8 +75,7 @@ rsync -atL /home/iank/.ssh/authorized_keys fai/config/files/root/.ssh/authorized
 install --owner=iank --group=iank -d fai/config/files/usr/local/bin/hssh
 install --owner=iank --group=iank -d fai/config/files/usr/local/bin/ssh_filter_btrbk.sh
 rsync -atL /a/opt/btrbk/ssh_filter_btrbk.sh fai/config/files/usr/local/bin/ssh_filter_btrbk.sh/STANDARD
 install --owner=iank --group=iank -d fai/config/files/usr/local/bin/hssh
 install --owner=iank --group=iank -d fai/config/files/usr/local/bin/ssh_filter_btrbk.sh
 rsync -atL /a/opt/btrbk/ssh_filter_btrbk.sh fai/config/files/usr/local/bin/ssh_filter_btrbk.sh/STANDARD

-
-m rsync -rlpt --delete --relative --exclude /fai/config/basefiles/ fai/config /a/opt/btrfs-progs-release "${rpre[@]}"/srv
+m rsync -rlpt --delete --relative --exclude /fai/config/basefiles/ fai/config "${rpre[@]}"/srv

 
 # todo: automatically disable faiserver after a period so
 # these files are not available.
 
 # todo: automatically disable faiserver after a period so
 # these files are not available.


@@ -102,6 +101,8 @@ else
   rsync -rlpt /q/root/shadow /q/root/luks "${rpre[@]}"/srv/fai/config/distro-install-common
 fi
 
   rsync -rlpt /q/root/shadow /q/root/luks "${rpre[@]}"/srv/fai/config/distro-install-common
 fi
 

+rsync -rlpt --delete /a/opt/btrfs-progs-release "${rpre[@]}"/srv/fai/config/distro-install-common
+

 dirs=(/p/c/machine_specific/${target:-*}/filesystem/etc/ssh)
 if [[ -e ${dirs[0]} ]]; then
   rsync -rlpt --delete --relative ${dirs[@]} "${rpre[@]}"/srv/fai/config/distro-install-common
 dirs=(/p/c/machine_specific/${target:-*}/filesystem/etc/ssh)
 if [[ -e ${dirs[0]} ]]; then
   rsync -rlpt --delete --relative ${dirs[@]} "${rpre[@]}"/srv/fai/config/distro-install-common


@@ -114,4 +115,4 @@ printf "%s\n%s\n" "PACKAGES install" ${pall[*]} | \
   $faiserver_shell dd of=/srv/fai/config/package_config/DESKTOP status=none ||: # broken pipe
 
 
   $faiserver_shell dd of=/srv/fai/config/package_config/DESKTOP status=none ||: # broken pipe
 
 

-rsync -rplt --include '/*.gz' --exclude '/**' --delete-excluded $BASEFILE_DIR/ "${rpre[@]}"/srv/fai/config/basefiles/
+m rsync -rplt --include '/*.zst' --exclude '/**' --delete-excluded $BASEFILE_DIR/ "${rpre[@]}"/srv/fai/config/basefiles/

diff --git a/fai-revm b/fai-revm
index 050ecdaf90d1523891398ed4094396c1057fd934..2ce01027a58e63c2e3baa23de76f1c8ea9cf6d11 100755 (executable)
--- a/fai-revm
+++ b/fai-revm
@@ -140,7 +140,7 @@ else
       BASEFILE_DIR=/tmp
     fi
     isopath=$BASEFILE_DIR/$iso
       BASEFILE_DIR=/tmp
     fi
     isopath=$BASEFILE_DIR/$iso

-    isosrc=$BASEFILE_DIR/BOOKWORM64.tar.gz
+    isosrc=$BASEFILE_DIR/BOOKWORM64.tar.zst

     if [[ ! -e $isopath || $(stat -c %Y $isopath) -lt $(stat -c %Y $isosrc) ]]; then
       e fai-cd -g $(readlink -f grub.cfg.${iso%%.*}) -f -A $isopath
     fi
     if [[ ! -e $isopath || $(stat -c %Y $isopath) -lt $(stat -c %Y $isosrc) ]]; then
       e fai-cd -g $(readlink -f grub.cfg.${iso%%.*}) -f -A $isopath
     fi

diff --git a/fai/config/distro-install-common/end b/fai/config/distro-install-common/end
index f9a084030917a6ee4d6963b4d5a309dc47e7b46e..2455ece011a46266e2ce65e86abfbdf099e8bed2 100755 (executable)
--- a/fai/config/distro-install-common/end
+++ b/fai/config/distro-install-common/end
@@ -32,7 +32,9 @@ au() { # add user. i don't use adduser for portability
 
 
 # only setup root pass for bootstrap vol
 
 
 # only setup root pass for bootstrap vol

-if ifclass VOL_BULLSEYE_BOOTSTRAP || VOL_BOOKWORM_BOOTSTRAP; then
+# for bootstrap vol, we only use root user
+if ifclass VOL_BULLSEYE_BOOTSTRAP || ifclass VOL_BOOKWORM_BOOTSTRAP; then
+  sed 's/^/root:/' $root_pw_f | $ROOTCMD chpasswd -e

   exit 0
 fi
 
   exit 0
 fi
 


@@ -74,6 +76,7 @@ if getent group sudo >/dev/null; then
   $ROOTCMD usermod -aG sudo iank
 fi
 
   $ROOTCMD usermod -aG sudo iank
 fi
 

+mkdir -p $target/etc/sudoers.d

 cat >$target/etc/sudoers.d/ianksudoers <<'EOF'
 Defaults timestamp_timeout=1440
 # used in bashrc
 cat >$target/etc/sudoers.d/ianksudoers <<'EOF'
 Defaults timestamp_timeout=1440
 # used in bashrc

diff --git a/fai/config/distro-install-common/install-stable-kernel-debs b/fai/config/distro-install-common/install-stable-kernel-debs
index c0247969695e2bdb0d2ab9f13516432824eff05f..db7abcfc5d7af446118586ef4b707c10325df983 100755 (executable)
--- a/fai/config/distro-install-common/install-stable-kernel-debs
+++ b/fai/config/distro-install-common/install-stable-kernel-debs
@@ -1,4 +1,4 @@
-#!/bin/bash -x
+#!/bin/bash

 # This file is part of Ian Kelling's automated-distro-installer
 # Copyright (C) 2024 Ian Kelling
 
 # This file is part of Ian Kelling's automated-distro-installer
 # Copyright (C) 2024 Ian Kelling
 


@@ -21,13 +21,30 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 
 [[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@"
 
 
 [[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@"
 

-tmpdir=$(mktemp -d) || exit
-trap 'cd; rm -rf "$tmpdir"' EXIT
-cd $tmpdir
+set -x
+
+prereqs=()
+for p in wget curl; do
+  if ! type -p $p &>/dev/null; then
+    prereqs+=($p)
+  fi
+done
+if (( ${#prereqs[@]} >= 1 )); then
+  apt-get -y install ${prereqs[@]}
+fi
+
+
+tmpdir=$($ROOTCMD mktemp -d) || exit
+outertmp=$target/$tmpdir
+trap 'cd; rm -rf "$outertmp"' EXIT
+cd $outertmp

 
 # update stable_ver when we are ready to jump to a new stable kernel.
 # Stable kernels are listed here: https://www.kernel.org/category/releases.html
 stable_ver='6\.6'
 
 # update stable_ver when we are ready to jump to a new stable kernel.
 # Stable kernels are listed here: https://www.kernel.org/category/releases.html
 stable_ver='6\.6'

+# Actually, I dont want stable right now. comment this out to get stable
+# version.
+stable_ver='[1-9]'

 va=$(curl -s https://kernel.ubuntu.com/mainline/ | \
        sed -rn 's,.*alt="\[DIR\]".*href="([^/]+).*,\1,p' | \
        grep -v -- -rc | sed 's/^v//' | grep "^$stable_ver" | sort -V | tail -n1)
 va=$(curl -s https://kernel.ubuntu.com/mainline/ | \
        sed -rn 's,.*alt="\[DIR\]".*href="([^/]+).*,\1,p' | \
        grep -v -- -rc | sed 's/^v//' | grep "^$stable_ver" | sort -V | tail -n1)


@@ -45,11 +62,11 @@ fi
 
 urls=()
 for p in ${pkgs[@]}; do
 
 urls=()
 for p in ${pkgs[@]}; do

-  if ! dpkg -s -- "${p%%_*}"  2>&1 | grep -Fx "Status: install ok installed" &>/dev/null; then
+  if ! $ROOTCMD dpkg -s -- "${p%%_*}"  2>&1 | grep -Fx "Status: install ok installed" &>/dev/null; then

     urls+=(https://kernel.ubuntu.com/mainline/v$va/amd64/$p)
   fi
 done
 if (( ${#urls[@]} >= 1 )); then
     urls+=(https://kernel.ubuntu.com/mainline/v$va/amd64/$p)
   fi
 done
 if (( ${#urls[@]} >= 1 )); then

-  wget "${urls[@]}"
-  dpkg -i ./*.deb
+  wget -nv "${urls[@]}"
+  $ROOTCMD dpkg -i ${pkgs[@]/#/$tmpdir/}

 fi
 fi

diff --git a/fai/config/hooks/partition.DEFAULT b/fai/config/hooks/partition.DEFAULT
index 18f5a23a39f453d152c34a1d555b20b0d720761d..11a7ee51f57839a01d04bc1436601b0c4e310d7b 100755 (executable)
--- a/fai/config/hooks/partition.DEFAULT
+++ b/fai/config/hooks/partition.DEFAULT
@@ -885,10 +885,10 @@ if $partition; then
       # so use fixed sizes to allow both to grow
       # 600 = uefi 512 + grubext 8 + bios grub 3 + some extra cuz this is lvm
       #root_mib=$(( disk_mib - root2_part_mib - swap_mib - boot_part_mib - boot2_part_mib - 600 ))
       # so use fixed sizes to allow both to grow
       # 600 = uefi 512 + grubext 8 + bios grub 3 + some extra cuz this is lvm
       #root_mib=$(( disk_mib - root2_part_mib - swap_mib - boot_part_mib - boot2_part_mib - 600 ))

-      o_mib=$(( 120 * 1000 ))
+      o_mib=$(( 180 * 1000 ))

       # max minus o, minus a gig just for some extra space
       max_root_mib=$(( disk_mib - root2_part_mib - swap_mib - boot_part_mib - boot2_part_mib - 600 - o_mib - 1000 ))
       # max minus o, minus a gig just for some extra space
       max_root_mib=$(( disk_mib - root2_part_mib - swap_mib - boot_part_mib - boot2_part_mib - 600 - o_mib - 1000 ))

-      root_mib=$(( 1000 * 1000 )) # * 1000 to make it in gb.
+      root_mib=$(( 1700 * 1000 )) # * 1000 to make it in gb.

       if (( max_root_mib < root_mib )); then
         root_mib=$max_root_mib
       fi
       if (( max_root_mib < root_mib )); then
         root_mib=$max_root_mib
       fi

diff --git a/fai/config/hooks/updatebase.UBUNTU b/fai/config/hooks/updatebase.UBUNTU
index e5050cd12464bbfc6cbfa4d3fdb24715d39cd327..98f775f077c3d871191b9cb1a2bcae427ab5ff4e 100755 (executable)
--- a/fai/config/hooks/updatebase.UBUNTU
+++ b/fai/config/hooks/updatebase.UBUNTU
@@ -1,5 +1,12 @@
 #! /bin/bash
 
 #! /bin/bash
 

+# mk-basefile doesn't use the -updates suite, then we unpack it, then we
+# install sources.list that has -updates and we install random
+# packages. It might avoid a problem if we a dist-upgrade first.
+
+$ROOTCMD apt-get update
+$ROOTCMD apt-get -y dist-upgrade --purge --auto-remove
+

 # https://lists.uni-koeln.de/pipermail/linux-fai/2016-July/011398.html
 # In Ubuntu 16.04 (but not 14.04), the locales configuration mechanism has
 # changed.  There is a /var/lib/dpkg/info/locales.config file, which
 # https://lists.uni-koeln.de/pipermail/linux-fai/2016-July/011398.html
 # In Ubuntu 16.04 (but not 14.04), the locales configuration mechanism has
 # changed.  There is a /var/lib/dpkg/info/locales.config file, which


@@ -9,8 +16,9 @@
 # hook applies the debconf setting.  It must run after FAI's debconf task
 # but before dpkg gets a chance to clobber debconf with an empty setting.
 
 # hook applies the debconf setting.  It must run after FAI's debconf task
 # but before dpkg gets a chance to clobber debconf with an empty setting.
 

+

 if [ ! -f "$target/var/lib/locales/supported.d/local" ]; then
 if [ ! -f "$target/var/lib/locales/supported.d/local" ]; then

-    $ROOTCMD debconf --owner=locales sh -c '
+  $ROOTCMD debconf --owner=locales sh -c '

         . /usr/share/debconf/confmodule
         db_version 2.0
         db_get locales/locales_to_be_generated &&
         . /usr/share/debconf/confmodule
         db_version 2.0
         db_get locales/locales_to_be_generated &&

diff --git a/fai/config/package_config/ARAMO.gpg b/fai/config/package_config/ARAMO.gpg
new file mode 100644 (file)
index 0000000..58057f6
Binary files /dev/null and b/fai/config/package_config/ARAMO.gpg differ

diff --git a/fai/config/package_config/NABIA.gpg b/fai/config/package_config/NABIA.gpg
new file mode 120000 (symlink)
index 0000000..84bd61d
--- /dev/null
+++ b/fai/config/package_config/NABIA.gpg
@@ -0,0 +1 @@
+ARAMO.gpg
\ No newline at end of file

diff --git a/fai/config/package_config/STANDARD b/fai/config/package_config/STANDARD
index c0726e67b696d928b082d1faaa5df3d5d751c340..f55e6640380513a0f39c4a7a31259bc382af62d1 100644 (file)
--- a/fai/config/package_config/STANDARD
+++ b/fai/config/package_config/STANDARD
@@ -21,9 +21,6 @@ ncurses-term
 openssh-client
 pciutils
 perl
 openssh-client
 pciutils
 perl

-# ian: newer distros dont have python, it gets naturally removed
-python
-python-minimal

 python3
 python3-minimal
 reportbug
 python3
 python3-minimal
 reportbug


@@ -49,7 +46,6 @@ rsync
 openssh-client openssh-server
 time
 procinfo
 openssh-client openssh-server
 time
 procinfo

-locales

 console-setup kbd
 pciutils usbutils
 unattended-upgrades
 console-setup kbd
 pciutils usbutils
 unattended-upgrades


@@ -67,6 +63,8 @@ iso-codes
 cryptsetup-initramfs
 # for btrbk
 zstd
 cryptsetup-initramfs
 # for btrbk
 zstd

+# for detecting wireless
+iw

 
 # iank, copied from DEBIAN so it goes into ubuntu too
 PACKAGES install GRUB_PC
 
 # iank, copied from DEBIAN so it goes into ubuntu too
 PACKAGES install GRUB_PC

diff --git a/fai/config/package_config/readme b/fai/config/package_config/readme
new file mode 100644 (file)
index 0000000..abb42b7
--- /dev/null
+++ b/fai/config/package_config/readme
@@ -0,0 +1,2 @@
+ian: Ya, for each trisquel release, we need a new key symlink link, or
+new file if the key has changed.

diff --git a/fai/config/scripts/DEBIAN/11-iank b/fai/config/scripts/DEBIAN/11-iank
index 69b9afe7bc10c3f2d53a8999e2795ceb1439ca5c..130c7e95dc99ea9ffdab1d9cb094753a30053573 100755 (executable)
--- a/fai/config/scripts/DEBIAN/11-iank
+++ b/fai/config/scripts/DEBIAN/11-iank
@@ -24,12 +24,33 @@ if [[ $EUID != 0 ]]; then
   exit 1
 fi
 
   exit 1
 fi
 

+m() { printf "%s\n" "$*";  "$@"; }
+
+

 fcopy -riB /root
 
 fcopy -riB /root
 

+# in bullseye, installing systemd-resolved says: Converting
+# /etc/resolv.conf to a symlink to
+# /run/systemd/resolve/stub-resolv.conf...  which breaks
+# resolution. This happens to be the first script we install a package
+# after that. This should do nothing in a fai-wrapper situation.
+if [[ ! -s $target/etc/resolv.conf ]]; then
+  m ls -la $target/etc/resolv.conf ||:
+  # Keep the symlink in place, systemd-resolved should change the file
+  # when it runs.
+  mkdir -p $target/run/systemd/resolve
+  if [[ ! -s /etc/resolv.conf ]] && ! host google.com; then
+    echo "ERROR: empty resolv.conf & failed dns resolution. exiting 1" >&2
+    exit 1
+  fi
+  cat /etc/resolv.conf >$target/etc/resolv.conf
+fi
+
+

 
 #### misc configurations
 chroot $FAI_ROOT bash <<'EOFOUTER'
 
 #### misc configurations
 chroot $FAI_ROOT bash <<'EOFOUTER'

-set -x
+set -xe

 if getent group systemd-journal >/dev/null; then
   # makes the journal be saved to disk.
   mkdir -p /var/log/journal
 if getent group systemd-journal >/dev/null; then
   # makes the journal be saved to disk.
   mkdir -p /var/log/journal


@@ -38,7 +59,12 @@ fi
 debconf-set-selections <<EOF
 kexec-tools kexec-tools/load_kexec boolean false
 EOF
 debconf-set-selections <<EOF
 kexec-tools kexec-tools/load_kexec boolean false
 EOF

-apt-get install -y pxe-kexec
+
+# This used to be pxe-kexec. For some reason pxe-kexec is not in
+# bookworm. kexec-tools is
+# something pxe-kexec depended on and might be useful.
+# todo: figure out why and get it installed.
+apt-get install -y kexec-tools

 
 # this is usefull. Only thing reason I see this being disabled by default is
 # that a non-root user can disrupt the system, eg cause a reboot.
 
 # this is usefull. Only thing reason I see this being disabled by default is
 # that a non-root user can disrupt the system, eg cause a reboot.

diff --git a/fai/config/scripts/IANK/11-iank b/fai/config/scripts/IANK/11-iank
index 63c85f96e992452999a349210252fd05af96595a..ce0be4b5321fa9064258184a96c7b2eb3c409e9b 100755 (executable)
--- a/fai/config/scripts/IANK/11-iank
+++ b/fai/config/scripts/IANK/11-iank
@@ -28,21 +28,6 @@ if ! type -t fcopy &>/dev/null; then
   sudo apt-get -y install fai-client
 fi
 
   sudo apt-get -y install fai-client
 fi
 

-if [[ -e /a/bin/fai/fai-wrapper ]]; then
-  chroot() {
-    shift
-    "$@"
-  }
-fi
-
-if [[ $FAI_ROOT == / ]]; then
-  source /a/bin/bash_unpublished/source-state
-  bprogs_dir=/a/opt/btrfs-progs-release
-else
-  bprogs_dir=/srv/btrfs-progs-release
-  chroot="chroot $FAI_ROOT"
-fi
-

 # -r = recursive
 # -i = ignore non-matching class warnings, always exit 0
 # -B = no backup files
 # -r = recursive
 # -i = ignore non-matching class warnings, always exit 0
 # -B = no backup files


@@ -66,6 +51,8 @@ if [[ ! -e $dst && -e $src ]]; then
   mount -o bind $src $dst
 fi
 
   mount -o bind $src $dst
 fi
 

+
+

 $FAI/distro-install-common/end
 
 
 $FAI/distro-install-common/end
 
 


@@ -75,13 +62,13 @@ $FAI/distro-install-common/end
 # I run this as a single post-fai script to update things that have changed.
 tmpfile1=$(mktemp)
 # this can fail if we need an apt update
 # I run this as a single post-fai script to update things that have changed.
 tmpfile1=$(mktemp)
 # this can fail if we need an apt update

-$chroot /usr/bin/apt-cache policy >$tmpfile1 ||:
+$ROOTCMD /usr/bin/apt-cache policy >$tmpfile1 ||:

 fcopy -riB /etc/apt
 
 tmpfile2=$(mktemp)
 fcopy -riB /etc/apt
 
 tmpfile2=$(mktemp)

-$chroot /usr/bin/apt-cache policy >$tmpfile2
+$ROOTCMD /usr/bin/apt-cache policy >$tmpfile2

 if ! diff -q $tmpfile1 $tmpfile2; then
 if ! diff -q $tmpfile1 $tmpfile2; then

-  $chroot /usr/bin/apt update
+  $ROOTCMD /usr/bin/apt update

 fi
 # outside of fai, this seems to regularly lead to
 # E: Could not get lock /var/lib/apt/lists/lock - open (11: Resource temporarily unavailable)
 fi
 # outside of fai, this seems to regularly lead to
 # E: Could not get lock /var/lib/apt/lists/lock - open (11: Resource temporarily unavailable)


@@ -105,7 +92,6 @@ fi
 
 #### misc configurations
 
 
 #### misc configurations
 

-

 if [[ $FAI_ACTION != dirinstall ]] && ! ifclass NOCRYPT; then
   if ifclass LINODE; then
     speed=19200
 if [[ $FAI_ACTION != dirinstall ]] && ! ifclass NOCRYPT; then
   if ifclass LINODE; then
     speed=19200


@@ -131,7 +117,7 @@ TimeoutStartSec=20
 WantedBy=dev-disk-by\x2did-ata\x2dSamsung_SSD_870_QVO_8TB_S5VUNG0N900656V.device
 EOF
 
 WantedBy=dev-disk-by\x2did-ata\x2dSamsung_SSD_870_QVO_8TB_S5VUNG0N900656V.device
 EOF
 

-        $chroot bash <<'EOFOUTER'
+        $ROOTCMD bash <<'EOFOUTER'

 systemctl enable myncq.service
 /usr/bin/myncq no-upgrub
 EOFOUTER
 systemctl enable myncq.service
 /usr/bin/myncq no-upgrub
 EOFOUTER


@@ -180,8 +166,8 @@ EOF
 fi
 
 # use networkmanager if this host has wireless.
 fi
 
 # use networkmanager if this host has wireless.

-if [[ $HOSTNAME == bo ]] || type -p iw &>/dev/null && [[ $(iw dev) ]]; then
-  $chroot bash <<EOF
+if [[ $(iw dev) ]]; then
+  $ROOTCMD bash -xe <<EOF

 apt-get -y install network-manager
 EOF
 
 apt-get -y install network-manager
 EOF
 


@@ -224,42 +210,6 @@ EOF
 
 fi
 
 
 fi
 

-case $HOSTNAME in
-  sy)
-    $FAI/distro-install-common/install-stable-kernel-debs
-    ;;
-  *)
-    $chroot apt-get -y install linux-libre
-    ;;
-esac
-
-pre=https://mirrors.edge.kernel.org/pub/linux/kernel/people/kdave/btrfs-progs
-tarball=$(curl -s $pre/sha256sums.asc \
-            | awk '$2 ~ /^btrfs-progs-v/ { print $2 }' | grep -v -- -rc | grep "^btrfs-progs-v.*gz\$" | sort -V | tail -n1)
-url="$pre/$tarball"
-dir=${tarball%.tar.gz}
-ver=${dir#btrfs-progs-}
-cur_ver=$(btrfs --version 2>/dev/null | awk '{print $2}') ||:
-if [[ $ver != "$cur_ver" ]]; then
-  if [[ $HOST2 == "$HOSTNAME" && $ver != "$($bprogs_dir/btrfs --version 2>/dev/null | awk '{print $2}')" ]]; then
-    rm -rf $bprogs_dir
-    cd /tmp
-    wget $url
-    sudo -u iank tar xzf $tarball
-    mv ${tarball%.tar.gz} $bprogs_dir
-    cd $bprogs_dir
-    apt-get -y build-dep btrfs-progs
-    sudo -u iank ./configure --disable-documentation
-    sudo -u iank make
-    make install
-  else
-    $chroot bash -xe <<EOF
-cd $bprogs_dir
-make install
-EOF
-  fi
-fi
-

 if ifclass LINODE; then
   mkdir -p $target/etc/initramfs-tools/conf.d
   cat >$target/etc/initramfs-tools/conf.d/mine <<EOF
 if ifclass LINODE; then
   mkdir -p $target/etc/initramfs-tools/conf.d
   cat >$target/etc/initramfs-tools/conf.d/mine <<EOF


@@ -300,7 +250,7 @@ fi
 
 if ifclass VOL_BULLSEYE_BOOTSTRAP || ifclass VOL_BOOKWORM_BOOTSTRAP; then
   fcopy /etc/systemd/system/faicheck.service
 
 if ifclass VOL_BULLSEYE_BOOTSTRAP || ifclass VOL_BOOKWORM_BOOTSTRAP; then
   fcopy /etc/systemd/system/faicheck.service

-  $chroot bash <<'EOFOUTER'
+  $ROOTCMD bash <<'EOFOUTER'

 systemctl enable faicheck.service
 EOFOUTER
   exit 0 # avoid unnecessary stuff in bootstrap vol
 systemctl enable faicheck.service
 EOFOUTER
   exit 0 # avoid unnecessary stuff in bootstrap vol


@@ -308,7 +258,7 @@ fi
 
 
 ## misc settings
 
 
 ## misc settings

-$chroot bash <<'EOFOUTER'
+$ROOTCMD bash <<'EOFOUTER'

 #### begin .ssh setup ###
 set -x
 set -eE -o pipefail
 #### begin .ssh setup ###
 set -x
 set -eE -o pipefail


@@ -372,3 +322,70 @@ fi
 for g in plugdev audio video cdrom; do
   $ROOTCMD usermod -a -G $g user2
 done
 for g in plugdev audio video cdrom; do
   $ROOTCMD usermod -a -G $g user2
 done

+
+
+## begin get new kernel and btrfs-progs ##
+case $HOSTNAME in
+  sy|so)
+    $FAI/distro-install-common/install-stable-kernel-debs
+    ;;
+  *)
+    $ROOTCMD apt-get -y install linux-libre
+    ;;
+esac
+
+pre=https://mirrors.edge.kernel.org/pub/linux/kernel/people/kdave/btrfs-progs
+tarball=$(curl -s $pre/sha256sums.asc \
+            | awk '$2 ~ /^btrfs-progs-v/ { print $2 }' | grep -v -- -rc | grep "^btrfs-progs-v.*gz\$" | sort -V | tail -n1)
+url="$pre/$tarball"
+dir=${tarball%.tar.gz}
+ver=${dir#btrfs-progs-}
+cur_ver=$($ROOTCMD btrfs --version 2>/dev/null | awk '{print $2}') ||:
+
+if [[ $FAI_ROOT == / ]]; then
+  bp_dir=/a/opt/btrfs-progs-release
+else
+  bp_dir=$FAI/distro-install-common/btrfs-progs-release
+fi
+if [[ $ver != "$cur_ver" ]]; then
+  if [[ $ver != "$($bp_dir/btrfs --version 2>/dev/null | awk '{print $2}')" ]]; then
+    cd $target/tmp
+    wget $url
+    tar xzf $tarball
+    $ROOTCMD apt-get -y build-dep btrfs-progs
+    # no docs cuz I didn't want to bother fixing error of missing docs dependencies
+    $ROOTCMD bash -xe <<EOF
+cd /tmp/${tarball%.tar.gz}
+./configure --disable-documentation
+make
+make install
+EOF
+    # If our desktop is HOST2, will we btrbk this latest bprogs to other
+    # machines.
+    if [[ -s /a/bin/bash_unpublished/source-state ]]; then
+      source /a/bin/bash_unpublished/source-state
+    fi
+    if [[ $HOST2 == "$HOSTNAME" && $FAI_ROOT != / ]]; then
+      rm -rf $bp_dir
+      chown -R iank:iank $target/tmp/${tarball%.tar.gz}
+      mv $target/tmp/${tarball%.tar.gz} $bp_dir
+    fi
+  else
+    if ! $ROOTCMD dpkg -s -- build-essential  2>&1 | grep -Fx "Status: install ok installed" &>/dev/null; then
+      $ROOTCMD apt-get -y install build-essential
+    fi
+
+    if [[ $FAI_ROOT == / ]]; then
+      cd /a/opt/btrfs-progs-release
+      make install
+    else
+      mkdir -p $target/tmp/bprogs
+      mount -o bind $bp_dir $target/tmp/bprogs
+      $ROOTCMD bash -xe <<EOF
+cd /tmp/bprogs
+make install
+EOF
+    fi
+  fi
+fi
+## end get new kernel and btrfs-progs ##

diff --git a/faiserver-setup b/faiserver-setup
index 666774b7e8dff42dc32bc0341ec9b303db2e51b7..168dcda6d0518e09652ebfbb0c59fbbfcc4bd56d 100755 (executable)
--- a/faiserver-setup
+++ b/faiserver-setup
@@ -31,7 +31,7 @@ work.  Separate from running this, faiserver needs to be setup in dns to
 point to whatever host this is run on.
 
 Default BASE_CODENAME is bookworm. Default ARCH is 64. The script expects corresponding
 point to whatever host this is run on.
 
 Default BASE_CODENAME is bookworm. Default ARCH is 64. The script expects corresponding

-$BASEFILE_DIR/${UPCASED_BASE_CODENAME}${ARCH}.tar.(gz|xz) to exist, and it must have been
+$BASEFILE_DIR/${UPCASED_BASE_CODENAME}${ARCH}.tar.(zst|xz) to exist, and it must have been

 generated around the same time as the nfsroot, at least so it has the
 same kernel version.
 
 generated around the same time as the nfsroot, at least so it has the
 same kernel version.
 


@@ -73,7 +73,7 @@ if [[ $base == [[:upper:]] ]]; then
   exit 1
 fi
 
   exit 1
 fi
 

-basefile=($BASEFILE_DIR/${base^^}${arch^^}.tar.gz)
+basefile=($BASEFILE_DIR/${base^^}${arch^^}.tar.zst)

 sed="sed -ri --follow-symlinks"
 
 if [[ ! -e $basefile ]]; then
 sed="sed -ri --follow-symlinks"
 
 if [[ ! -e $basefile ]]; then


@@ -97,7 +97,7 @@ armhf() {
 
 # fai on ubuntu only has official support using the universe repo, but newer
 # tends to have less bugs.
 
 # fai on ubuntu only has official support using the universe repo, but newer
 # tends to have less bugs.

-wget -O - https://fai-project.org/download/2BF8D9FE074BCDE4.asc | apt-key add -
+wget -O - https://fai-project.org/download/fai-project.gpg | sudo dd of=/etc/apt/trusted.gpg.d/fai-project.gpg

 
 update=false
 case $base in
 
 update=false
 case $base in

diff --git a/mk-basefile-big b/mk-basefile-big
index 873b7ffb24be2b76aa1c297b7fb7f8f057c69541..95d2e9f2cd51f1e9f086f5a29ed405be05ffffbd 100755 (executable)
--- a/mk-basefile-big
+++ b/mk-basefile-big
@@ -100,7 +100,7 @@ rm -f $t/etc/hostname $t/etc/resolv.conf \
    $t/var/lib/apt/lists/*_* $t/usr/bin/qemu-*-static \
    $t/etc/udev/rules.d/70-persistent-net.rules
 echo | dd of=$t/etc/machine-id
    $t/var/lib/apt/lists/*_* $t/usr/bin/qemu-*-static \
    $t/etc/udev/rules.d/70-persistent-net.rules
 echo | dd of=$t/etc/machine-id

-tar --one-file-system -C $t -cf - . | gzip > /a/bin/fai-basefiles/basefiles/${distver^^}64BIG.tar.gz
+tar --one-file-system -C $t -cf - . | zstd -9 > /a/bin/fai-basefiles/basefiles/${distver^^}64BIG.tar.zst

 
 
 cleanup
 
 
 cleanup

diff --git a/myfai-chboot b/myfai-chboot
index 743859abcf803d65c7495a4424de204ca94adf7f..a653ae6a020240208dbb20913d1bcf5b673762f1 100755 (executable)
--- a/myfai-chboot
+++ b/myfai-chboot
@@ -31,18 +31,26 @@ If our kernel has no nfs support, uses apache intead of nfs, and depends
 on another repo of Ian Kelling, basic-https-conf, where the file is at
 /a/exe/web-conf.
 
 on another repo of Ian Kelling, basic-https-conf, where the file is at
 /a/exe/web-conf.
 

-Usng this, you can boot into fai with pxe-kexec without changing
-the dhcp server.
+Using this, you can boot into fai with pxe-kexec without changing the
+dhcp server. Note, if you are booting using fai-cd, the pxe config does
+nothing, and only flags affecting FAI_ACTION will have any affect. You
+can change the fai flags in the grub config, for example in
+./grub.cfg.autodiscover, or at runtime by editing a grub menu option.
+We could probably also set FAI_FLAGS the same way we set FAI_ACTION,
+but I haven't tried it.

 
 

-Argument sets the host to enable it for.  No argument disables pxe
-config for all hosts, but leaves nfs server alone. Use faiserver-disable
-to disable the nfs server.
+HOSTNAME|IP|default  Sets the host to enable it for.  No argument
+                     disables pxe config for all hosts, but leaves nfs
+                     server alone. Use faiserver-disable to disable the
+                     nfs server.

 
 -S          sets FAI_ACTION=sysinfo, and remove fai flag reboot.
             Usefull for doing a system recovery. It reboots automatically anyways :(
 -k          Add serial port output for kgped16
 -i          sets FAI_ACTION=inventory and remove fai flag reboot.
             I'm not sure what this is usefull for.
 
 -S          sets FAI_ACTION=sysinfo, and remove fai flag reboot.
             Usefull for doing a system recovery. It reboots automatically anyways :(
 -k          Add serial port output for kgped16
 -i          sets FAI_ACTION=inventory and remove fai flag reboot.
             I'm not sure what this is usefull for.

+-b          Setup bonded ethernet.
+--no-r      Tell fai-chboot not to reboot when its done. This is implied by -i and -S.

 -h|--help   Print help and exit.
 
 EOF
 -h|--help   Print help and exit.
 
 EOF

diff --git a/myfai-chboot-local b/myfai-chboot-local
index 4cef9a59638e22c06d718acd9dbf39fb4d39c68f..7dea8f2dbd174130a68da62ae2a44446e88f6338 100755 (executable)
--- a/myfai-chboot-local
+++ b/myfai-chboot-local
@@ -16,54 +16,72 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 

-# note, this script gets piped to bash, so cant cd to current dir

 
 

-[[ $EUID == 0 ]] || exec sudo "${BASH_SOURCE}" "$@"
+[[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@"
+
+set -x

 
 set -eE -o pipefail
 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 
 
 set -eE -o pipefail
 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 

+pre="${0##*/}:"
+m() { printf "$pre %s\n"  "$*"; "$@"; }
+e() { printf "$pre %s\n"  "$*"; }
+err() { echo "[$(date +'%Y-%m-%d %H:%M:%S%z')]: $pre: $*" >&2; }
+
+usage() {
+  cat <<EOF
+Usage: call from myfai-chboot, see its help
+
+# note, this script gets piped to bash, so cant cd to current dir
+
+-h|--help  Print help and exit.
+
+Note: Uses util-linux getopt option parsing: spaces between args and
+options, short options can be combined, options before args.
+EOF
+  exit $1
+}
+
+

 kgped16=false
 bond=false
 fai_action=install
 fai_reboot_arg=,reboot
 kgped16=false
 bond=false
 fai_action=install
 fai_reboot_arg=,reboot

-while [[ $1 == -* ]]; do
+
+# ensure we can handle args with spaces or empty.
+ret=0; getopt -T || ret=$?
+[[ $ret == 4 ]] || { echo "Install util-linux for enhanced getopt" >&2; exit 1; }
+
+temp=$(getopt -l help,no-r hSi "$@") || usage 1
+eval set -- "$temp"
+while true; do

   case $1 in
   case $1 in

-    -h|--help)
-      echo "see help from myfai-chboot"
-      exit 0
-      ;;

     -S)
       fai_action=sysinfo
       fai_reboot_arg=
     -S)
       fai_action=sysinfo
       fai_reboot_arg=

-      shift

       ;;
     -i) #inventory
       fai_action=inventory
       fai_reboot_arg=
       ;;
     -i) #inventory
       fai_action=inventory
       fai_reboot_arg=

-      shift

       ;;
     -k)
       kgped16=true
       ;;
     -k)
       kgped16=true

-      shift

       ;;
     -b)
       bond=true
       ;;
     -b)
       bond=true

-      shift

       ;;
     --no-r)
       fai_reboot_arg=
       ;;
     --no-r)
       fai_reboot_arg=

-      shift

       ;;
       ;;

+    -h|--help) usage ;;
+    --) shift; break ;;
+    *) echo "$0: unexpected args: $*" >&2 ; usage 1 ;;

   esac
   esac

+  shift

 done
 done

-
-pre="${0##*/}:"
-m() { printf "$pre %s\n"  "$*"; "$@"; }
-e() { printf "$pre %s\n"  "$*"; }
-err() { echo "[$(date +'%Y-%m-%d %H:%M:%S%z')]: $pre: $*" >&2; }
-
-host=$1
+read -r host <<<"$@"
+readonly host

 
 
 rm -f /srv/tftp/fai/pxelinux.cfg/*
 
 
 rm -f /srv/tftp/fai/pxelinux.cfg/*