chboot # Set grub to boot into a different distro (installed earlier)
install-chboot # reinstall chboot to /boot subvols, for when it changes
dsfull # install & setup a new fai distro (if data partition already synced)
-eboot # reboot and keep disks encrypted
+eboot # reboot without automatic disk decryption
fai-kexec # kexec to fai tftp server that pxe would normally point to
fai-revm # test fai on a fresh vm
faiserver-revm # create a vm which is a fai server using pxe & preseed file
# these files are not exposed.
s scp -qr /q/root/luks /q/root/shadow \
root@$faiserver_host:/srv/fai/config/distro-install-common
+
+# should tar ssh all the files, but these ones really justified it
+tar -cz /p/c/machine_specific/*/filesystem/etc/ssh | \
+ ssh root@$faiserver_host tar -xz -C /srv/fai/config/distro-install-common
scp -q /a/bin/fai/devbyid root@$faiserver_host:/srv/fai/nfsroot/usr/local/bin
+
# built BELANOS basefile with mk-basefile -J BELENOS64. it's stored in
# it's own repo which is published alongside this one called
# fai-basefiles due to being a large binary file.
# For multi-boot system.
-# Check that we aren't in a pxe boot environment.
+# We check that we aren't in a pxe boot environment.
# There is probably a better way to do this.
# We check the reverse condition in 51-multi-boot,
# and set what os we are installing, but don't check it
-# into git since it changes regularly. Each host needs
-# to have a class of either DEBIAN + (STABLE or STRETCH64 or STABLE_BOOTSTRAP),
-# or UBUNTU + XENIAL64.
+# into git since it changes regularly.
+# It's code looks like this:
+# if [[ ! -e /a/bin/fai/fai-wrapper ]]; then
+# case $HOSTNAME in
+# tp) DEBIAN STABLE VOL_STABLE STABLE_FREE;;
+# # add more multi-boot hostnames here
+# esac
+# fi
+#
+# Each host defines the base distro: UBUNTU or DEBIAN.
+# the disto version, also the basefile name if we aren't installing debian stable:
+# STABLE, STRETCH64, XENIAL64, BELANOS64
+# the distro subvol name, we can add as many of these as we want:
+# VOL_STABLE, VOL_STABLE_BOOTSTRAP, VOL_STRETCH, VOL_XENIAL, VOL_BELANOS
+# and the class which defines the apt sources files we want,
+# STABLE_FREE, STABLE_NONFREE, TESTING_FREE, TESTING_NONFREE,
+# XENIAL_FREE (no XENIAL_NONFREE setup yet), BELANOS, STABLE_LINODE.
+# This is a little redundant in some cases, but it keeps things
+# simpler.
+#
#
# Other notable classes:
#
#
# RAID0: Use raid 0 even if there are >= 4 disks with boot partititions.
#
-# It's shell looks like this:
-# if [[ ! -e /a/bin/fai/fai-wrapper ]]; then
-# case $HOSTNAME in
-# tp) DEBIAN STABLE ;;
-# # add more multi-boot hostnames here
-# esac
-# fi
#
if [[ -e /a/bin/fai/fai-wrapper ]]; then
source /a/bin/distro-functions/src/identify-distros
fi
# use a list of classes for our demo machine
-echo "FAIBASE PARTITION_PROMPT"
+echo "FAIBASE"
+
+#echo "PARTITION_PROMPT"
+#echo REPARTITION
+
case $HOSTNAME in
frodo|treetowl)
- echo "DEBIAN_NON_FREE"
if [[ -e /a/bin/fai/fai-wrapper ]] && isdebian-stable; then
- echo "STABLE_NON_FREE"
+ echo "STABLE_NONFREE"
fi
;;
lj|lj)
- echo "LINODESTABLE" ;;
+ echo "STABLE STABLE_LINODE" ;;
esac
if grep ^52:54:00: /sys/class/net/eth0/address &>/dev/null; then
+++ /dev/null
-STABLE
\ No newline at end of file
Package: tar linux-image-amd64 linux-base btrfs-tools
Pin: release a=jessie-backports
Pin-Priority: 500
+
+Package: *
+Pin: release a=testing
+Pin-Priority: -10
+
+Package: *
+Pin: release a=testing-updates
+Pin-Priority: -10
+++ /dev/null
-STABLE
\ No newline at end of file
+++ /dev/null
-Package: *
-Pin: release a=testing
-Pin-Priority: -10
-
-Package: *
-Pin: release a=testing-updates
-Pin-Priority: -10
+++ /dev/null
-deb http://http.us.debian.org/debian jessie contrib non-free
-deb-src http://http.us.debian.org/debian jessie contrib non-free
-
-deb http://security.debian.org/ jessie/updates contrib non-free
-deb-src http://security.debian.org/ jessie/updates contrib non-free
-
-deb http://http.us.debian.org/debian jessie-updates contrib non-free
-deb-src http://http.us.debian.org/debian jessie-updates contrib non-free
-
-deb http://http.debian.net/debian jessie-backports contrib non-free
-deb-src http://http.debian.net/debian jessie-backports contrib non-free
deb http://mirrors.linode.com/debian/ jessie-backports main
deb-src http://mirrors.linode.com/debian/ jessie-backports main
+
+deb http://mirrors.linode.com/debian testing main
+deb-src http://mirrors.linode.com/debian testing main
+
+deb http://security.debian.org/ testing/updates main
+deb-src http://security.debian.org/ testing/updates main
+
+deb http://mirrors.linode.com/debian testing-updates main
+deb-src http://mirrors.linode.com/debian testing-updates main
+
+deb http://mirrors.linode.com/debian unstable main
+deb-src http://mirrors.linode.com/debian unstable main
--- /dev/null
+deb http://http.us.debian.org/debian jessie main contrib non-free
+deb-src http://http.us.debian.org/debian jessie main contrib non-free
+
+deb http://security.debian.org/ jessie/updates main contrib non-free
+deb-src http://security.debian.org/ jessie/updates main contrib non-free
+
+deb http://http.us.debian.org/debian jessie-updates main contrib non-free
+deb-src http://http.us.debian.org/debian jessie-updates main contrib non-free
+
+deb http://http.debian.net/debian jessie-backports main contrib non-free
+deb-src http://http.debian.net/debian jessie-backports main contrib non-free
+++ /dev/null
-deb http://http.us.debian.org/debian testing contrib non-free
-deb-src http://http.us.debian.org/debian testing contrib non-free
-
-deb http://security.debian.org/ testing/updates contrib non-free
-deb-src http://security.debian.org/ testing/updates contrib non-free
-
-deb http://http.us.debian.org/debian testing-updates contrib non-free
-deb-src http://http.us.debian.org/debian testing-updates contrib non-free
--- /dev/null
+TESTING_FREE
\ No newline at end of file
--- /dev/null
+TESTING_NONFREE
\ No newline at end of file
deb http://http.us.debian.org/debian testing-updates main
deb-src http://http.us.debian.org/debian testing-updates main
+
+deb http://http.us.debian.org/debian unstable main
+deb-src http://http.us.debian.org/debian unstable main
--- /dev/null
+deb http://http.us.debian.org/debian testing main contrib non-free
+deb-src http://http.us.debian.org/debian testing main contrib non-free
+
+deb http://security.debian.org/ testing/updates main contrib non-free
+deb-src http://security.debian.org/ testing/updates main contrib non-free
+
+deb http://http.us.debian.org/debian testing-updates main contrib non-free
+deb-src http://http.us.debian.org/debian testing-updates main contrib non-free
+
+deb http://http.us.debian.org/debian unstable main contrib non-free
+deb-src http://http.us.debian.org/debian unstable main contrib non-free
+++ /dev/null
-deb http://http.us.debian.org/debian unstable contrib non-free
-deb-src http://http.us.debian.org/debian unstable contrib non-free
+++ /dev/null
-deb http://http.us.debian.org/debian unstable main
-deb-src http://http.us.debian.org/debian unstable main
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
-# keep it short so we don't delay too much wnen we don't have networking.
-NETWORK_TIMOUT_SECS=10
+# Keep it short so we don't delay too much wnen we don't have networking.
+# In practice, on my home network, on an x200, it took 15 seconds, so
+# give it an extra 10 seconds, which seems fairly short as I write this.
+NETWORK_TIMOUT_SECS=25
did_fai_check=false
+
+m() { printf "%s\n" "$*"; "$@"; }
+
check-fai() {
# we could just as well check if last_boot != /debianstable_boostrap
# the intent with this one is just a little clearer.
if [[ $did_fai_check == true ]]; then
grub-editenv /mnt/grubenv set did_fai_check=os_true
+ # our service does not wait for network-online.target,
+ # because it will wait for too long when we don't have a network
+ # connection. So, we wait for 10 seconds.
# ref: https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
deadline=$(( `date +%s` + NETWORK_TIMOUT_SECS ))
- while ! systemctl status network-online.target && \
- (( `date +%s` < deadline )); do
+ while ! nc -zu faiserver 69; do
+ if (( `date +%s` > deadline )); then
+ echo "fai-check: hit $NETWORK_TIMOUT_SECS s tftp server timeout"
+ return 0
+ fi
sleep 1
done
- pxe-kexec -n --ignore-whitelist -l fai-generated faiserver ||:
+ m pxe-kexec -n --ignore-whitelist -l fai-generated faiserver ||:
else
return 0
fi
mount $dev /mnt
if $first; then
if [[ -e /mnt/grubenv ]]; then
+ set -x
source <(grub-editenv /mnt/grubenv list)
+ set +x
fi
first=false
check-fai
if [[ ! $DISTRO ]]; then
- if ifclass STABLE_BOOTSTRAP; then
+ if ifclass VOL_STABLE_BOOTSTRAP; then
DISTRO=debianstable_bootstrap
- elif ifclass STRETCH64; then
+ elif ifclass VOL_STRETCH; then
DISTRO=debiantesting
- elif ifclass STABLE; then
+ elif ifclass VOL_STABLE; then
DISTRO=debianstable
- elif ifclass XENIAL64; then
+ elif ifclass VOL_XENIAL; then
DISTRO=ubuntuxenial
- elif ifclass BELENOS64; then
+ elif ifclass VOL_BELENOS; then
DISTRO=trisquelbelenos
else
echo "PARTITIONER ERROR: no distro class/var set" >&2
apt-get install -y pxe-kexec
EOFOUTER
-fcopy -r /boot # -r = recursive
-# note: # fcopy -i = ignore nonmatching class error, always return 0.
+# -r = recursive
+# -i = ignore non-matching class warnings, always exit 0
+# -B = no backup files
+fcopy -riB /boot
# this is also done by FABASE/10-misc by default.
-fcopy -ir /root
+fcopy -riB /root
if ifclass STABLE_BOOTSTRAP; then
fcopy -ri /etc/systemd/system
chroot $FAI_ROOT bash <<'EOFOUTER'
exit 0
fi
-dir=/q/root/shadow
-fai_shadow=$FAI/distro-install-common/shadow
-if [[ ! -e $dir && -e $fai_shadow ]]; then
- mkdir -p $dir
- mount -o bind $fai_shadow $dir
-fi
-$FAI/distro-install-common/end
+bind-common() {
+ src=$1
+ dst=$2
+ if [[ ! -e $dst && -e $src ]]; then
+ mkdir -p $dst
+ mount -o bind $src $dst
+ fi
+}
+bind-common $FAI/distro-install-common/shadow /q/root/shadow
+
+# todo, port this over to the arch install script.
+cp -rT $FAI/distro-install-common/p/c/machine_specific/$HOSTNAME/filesystem/etc/ssh /target/etc/ssh
+
+$FAI/distro-install-common/end
# these get copied in an earlier stage by fai, but leaving it here since
# I run this as a single post-fai script to update things that have changed.
-fcopy -ri /etc/apt/preferences.d
-fcopy -ri /etc/apt/sources.list.d
+fcopy -riB /etc/apt
$ROOTCMD apt-get update
-
-
-rm -f $FAI_ROOT/etc/apt/sources.list
+fcopy -riB /etc/ssh
chroot $FAI_ROOT bash <<'EOF'
set -eE -o pipefail
dnsmasq_restart=false
v cedit /etc/hosts <<EOF || dnsmasq_restart=true
192.168.1.1 wrt
-192.168.1.2 treetowl $IMPERSONAL_DOMAIN
+192.168.1.2 treetowl $IMPERSONAL_DOMAIN faiserver
192.168.1.3 frodo
192.168.1.4 htpc
-192.168.1.5 x2 faiserver
+192.168.1.5 x2
192.168.1.6 demohost
#192.168.1.7 faiserver
192.168.1.8 tp
# reformatted. The mac is from doing a virt-install, cancelling it,
# and copying the generated mac, so it should be randomish.
dhcp-host=52:54:00:9c:ef:ad,set:demohost,192.168.1.6,demohost
-dhcp-host=52:54:00:56:09:f9,set:faiserver,192.168.1.7,faiserver
+#dhcp-host=52:54:00:56:09:f9,set:faiserver,192.168.1.7,faiserver
dhcp-host=80:fa:5b:1c:6e:cf,set:tp,192.168.1.8,tp
# this is the ip it picks by default if dhcp fails,
# so might as well use it.
iankelling.org / git / automated-distro-installer / commitdiff