various fixes and improvements

diff --git a/chost b/chost
new file mode 100755 (executable)
index 0000000..9a0034f
--- /dev/null
+++ b/chost
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+# chost: get canonical hostname
+
+set -eE -o pipefail
+trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+
+host=$1
+addr=$(host $host)
+addr=${addr##* }
+h=$(host $addr)
+h=${h##* }
+echo ${h%%.*}

diff --git a/fai-redep b/fai-redep
index 29f4d158c5e832597e599db83cf97b408a0bbe12..97302608703b55acb479795740e663e12e3a79de 100755 (executable)
--- a/fai-redep
+++ b/fai-redep
@@ -10,21 +10,10 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 cd $(dirname $(readlink -f "$BASH_SOURCE"))
 
 
-faiserver_host=faiserver
 # i use faiserver as a dns alias, but ssh key is associated with
 # a canonical hostname and we will have ssh warning spam unless we
 # use it, so look it up.
-if addr=$(host faiserver); then
-    addr=${addr##* }
-    if h=$(host $addr); then
-        h=${h##* }
-        faiserver_host=${h%%.*}
-    else
-        echo "$0: warning: host \$addr($addr) failed"
-    fi
-else
-    echo "$0: warning: host faiserver failed"
-fi
+faiserver_host=$(chost faiserver) || faiserver_host=faiserver
 
 
 ssh root@$faiserver_host rm -rf /srv/fai/config

diff --git a/fai/config/distro-install-common/end b/fai/config/distro-install-common/end
index 79238a551213d54d33195b06719220c96bad1e83..cbe724de687fa57385e2ae9ddb49fab5ffae0526 100755 (executable)
--- a/fai/config/distro-install-common/end
+++ b/fai/config/distro-install-common/end
@@ -31,7 +31,7 @@ $ROOTCMD rm -rf /root/.unison
 $ROOTCMD ln -sf $dir /root
 $ROOTCMD ln -sf /q/p /
 
-chown -R 1000:1000 $dir
+$ROOTCMD chown -R 1000:1000 $dir
 while true; do
     $ROOTCMD chown 1000:1000 $dir
     $ROOTCMD chmod 700 $dir

diff --git a/fai/config/hooks/partition.DEFAULT b/fai/config/hooks/partition.DEFAULT
index e64f92b7d58d875daf1c3c77f7313fc979ec04a3..2dc6fd50776210ffa8ee80b88c059414b65f5f59 100755 (executable)
--- a/fai/config/hooks/partition.DEFAULT
+++ b/fai/config/hooks/partition.DEFAULT
@@ -287,15 +287,11 @@ for subvol in ${s[@]}; do btrfs subvolume delete /mnt/$subvol; done
 btrfs subvolume set-default 0 /mnt
 [[ ! -e /mnt/root_$DISTRO ]] || btrfs subvolume delete /mnt/root_$DISTRO
 
-
 ## create subvols ##
 cd /mnt
-for x in q home_$DISTRO root_$DISTRO; do
-    btrfs subvolume list . | grep "$x$" >/dev/null || btrfs subvolume create $x
-done
+btrfs subvolume create root_$DISTRO
 chown root:1000 q
 
-
 mkdir -p /mnt/root_$DISTRO/boot
 for x in root/a q/a; do
     mkdir -p $x
@@ -323,7 +319,6 @@ cat > /tmp/fai/fstab <<EOF
 $first_root_crypt  /  btrfs  noatime,subvol=root_$DISTRO  0 0
 $first_root_crypt  /q  btrfs  noatime,subvol=q  0 0
 /q/a  /a  none  bind  0 0
-$first_root_crypt  /home  btrfs  noatime,subvol=home_$DISTRO  0 0
 $first_boot_dev  /boot  btrfs  noatime,subvol=boot_$DISTRO  0 0
 EOF
 

diff --git a/fai/config/scripts/GRUB_PC/11-ian b/fai/config/scripts/GRUB_PC/11-ian
index 221b6d4da9277a9eb8a70dbef7df53052cc7570b..5dc250a74faf494db0fe33cf598c5197ec0b8e5d 100755 (executable)
--- a/fai/config/scripts/GRUB_PC/11-ian
+++ b/fai/config/scripts/GRUB_PC/11-ian
@@ -28,6 +28,8 @@ fi
 f=/target/home/ian/.ssh/authorized_keys
 if [[ ! -L $f || -e $f ]]; then
     fcopy -r -M /home/ian/.ssh
+else
+    echo "$0: info: $f exists"
 fi
 /var/lib/fai/config/distro-install-common/end
 
@@ -40,9 +42,10 @@ chmod -R u=Xrw,og= /home/ian/.ssh
 rm -rf /root/.ssh
 cp -rL /home/ian/.ssh /root
 chown -R root:root /root/.ssh
+chmod 700 /root/.ssh
 
 # default jessie groups + kvm & systemd-journal
-usermod -aG cdrom,floppy,sudo,audio,dip,video,plugdev,netdev,kvm,systemd-journal ian
+usermod -aG cdrom,floppy,sudo,audio,dip,video,plugdev,netdev,systemd-journal ian
 EOF
 
 
@@ -65,7 +68,7 @@ for g in plugdev audio video cdrom; do
 done
 
 if ifclass frodo; then
-    $ROOTCMD usermod -p "$(cat /var/lib/fai/config/distro-install-common/shadow/traci-simple)" traci
+    $ROOTCMD usermod -p "$(cat /var/lib/fai/config/distro-install-common/traci-simple)" traci
 fi
 
 

diff --git a/faiserver-disable b/faiserver-disable
new file mode 100755 (executable)
index 0000000..7893524
--- /dev/null
+++ b/faiserver-disable
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+set -eE -o pipefail
+trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+
+usage() {
+    cat <<EOF
+Usage: ${0##*/}
+Disable the fai nfs server.
+EOF
+    exit $1
+}
+
+if [[ $1 ]]; then
+    usage 1
+fi
+
+ssh root@$(chost faiserver) "sed -ri 's,^/srv/fai/,#\0,' /etc/exports; exportfs -ra"

diff --git a/faiserver-enable b/faiserver-enable
new file mode 100755 (executable)
index 0000000..a71227c
--- /dev/null
+++ b/faiserver-enable
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+set -eE -o pipefail
+trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+
+usage() {
+    cat <<EOF
+Usage: ${0##*/}
+Disable the fai nfs server.
+EOF
+    exit $1
+}
+
+if [[ $1 ]]; then
+    usage 1
+fi
+
+ssh root@$(chost faiserver) "sed -ri 's,^\s*#\s*(/srv/fai/.*),\1,' /etc/exports; exportfs -ra"

diff --git a/pxe-server b/pxe-server
index 4fcf40c134cd472d3ba50aaa26687298846c5da1..d3625d692cef0441f40be9ab032691c60bd73eb9 100755 (executable)
--- a/pxe-server
+++ b/pxe-server
@@ -1,4 +1,4 @@
-#!/bin/bash -x
+#!/bin/bash
 
 # Setup dhcp server to point to tftp server,
 # and depending on the type, setup the tftp server.
@@ -21,18 +21,20 @@ HOST makes the pxe server only for that specific host
 
 -h|--help  Print help and exit
 --         Subsequent arguments are never treated as options
+-p         Persist. Otherwise, wait for 2 dhcp acks then remove.
 EOF
     exit $1
 }
 
 ##### begin command line parsing ########
 
-
+persist=false
 args=()
 while [[ $1 ]]; do
     case $1 in
         --) shift; break ;;
         -h|--help) usage ;;
+        -p) persist=true; shift ;;
         *) args+=("$1"); shift ;;
     esac
 done
@@ -50,10 +52,18 @@ if [[ $host ]]; then
     host_tag="tag:$host,"
 fi
 
+case $type in
+    :|true) persist=true ;;
+esac
+
 ##### end command line parsing ########
 
+sv() {
+    echo "$@"
+    "$@"
+}
+
 arch() {
-    plain
     cat <<EOF
 dhcp-option-force=209,boot/syslinux/archiso.cfg
 dhcp-option-force=210,/arch/
@@ -65,8 +75,6 @@ plain() {
     # if arch was used before, this additionally needs
     # the tftp link in /mnt/usb to be changed.
     cat <<EOF
-enable-tftp
-tftp-root=/mnt/usb/tftpboot
 dhcp-boot=${host_tag}pxelinux.0
 EOF
 }
@@ -78,6 +86,24 @@ dhcp-boot=${host_tag}fai/pxelinux.0,faiserver.lan,faiserver.lan
 EOF
 }
 
-
-$type | ssh wrt "cedit pxe-server /etc/dnsmasq.conf || /etc/init.d/dnsmasq restart
+echo "setting config type: $type"
+$type | ssh wrt "cedit pxe-server /etc/dnsmasq.conf || /etc/init.d/dnsmasq restart #
 if [[ $type == arch ]]; then arch-pxe-mount; fi"
+
+
+if ! $persist; then
+    if [[ $host ]]; then
+        host_regex=" $host"
+    fi
+    regex=".*DHCPACK.*$host_regex$"
+    i=0
+    tmp=$(mktemp)
+    while (( i != 2 )) && read line; do
+        if [[ $line =~ $regex ]]; then
+            i=$((i+1))
+            echo $line
+        fi
+    done < <(ssh wrt logread -f)
+    sv sleep 5
+    sv "$BASH_SOURCE" :
+fi

diff --git a/wrt-setup b/wrt-setup
index 777eafdfbe092196e7fa784a0fd3d6be5322e8e8..0ee30092eca7b078e15719d80c6dd15ecc5edc58 100755 (executable)
--- a/wrt-setup
+++ b/wrt-setup
@@ -300,6 +300,11 @@ dhcp-host=b4:75:0e:94:29:ca,set:switch9429ca,192.168.1.251,switch9429ca
 
 # template
 # dhcp-host=,192.168.1.,
+
+# Just leave the tftp server up even if we aren't doing pxe boot.
+# It has no sensitive info.
+enable-tftp
+tftp-root=/mnt/usb/tftpboot
 EOF
 
 if $dnsmasq_restart; then