fixes and remove some jessie stuff

diff --git a/README b/README
index 5f780755ffa4702790b6bcda31e2aacff1fa8253..95eca1d4f00fce3ddcc1116e37e17964aa87dd75 100644 (file)
--- a/README
+++ b/README
@@ -76,7 +76,7 @@ fai/config/class/50-host-classes.
 Before doing a fai install, you will need to populate /q/root/luks and
 /q/root/shadow, see their references. You might also want to copy
 existing /etc/ssh/*host* to
 Before doing a fai install, you will need to populate /q/root/luks and
 /q/root/shadow, see their references. You might also want to copy
 existing /etc/ssh/*host* to

-/p/c/machine_specific/HOST/filesystem/etc/ssh.
+/p/c/machine_specific/HOST/filesystem/etc/ssh

 
 host-* luks keyfiles generated like:
 head -c 2048 /dev/urandom | od | s dd of=/q/root/luks/host-demohost
 
 host-* luks keyfiles generated like:
 head -c 2048 /dev/urandom | od | s dd of=/q/root/luks/host-demohost


@@ -186,6 +186,19 @@ a superflous upstream bug based on reading the post install script:
 addgroup: The group `systemd-journal' already exists as a system group. Exiting.
 Operation failed: No such file or directory
 
 addgroup: The group `systemd-journal' already exists as a system group. Exiting.
 Operation failed: No such file or directory
 

+On nabia/newer, python is removed, now its python3,
+and its easier to just let the package get removed than
+do host class package config.
+fai.log:WARNING: These unknown packages are removed from the installation list: python python-minimal
+
+Similar to python, linux-image-amd64 is the debian package name
+for the kernel, linux-image-generic is for ubuntu, but the
+DEBIAN class is defined on ubuntu and its easier to just let
+the package get removed with this warning:
+fai.log:WARNING: These unknown packages are removed from the installation list: linux-image-amd64
+Also, cryptsetup-initramfs is new to buster/nabia, it gets removed
+on earlier versions.
+

 
 # linode notes
 
 
 # linode notes
 

diff --git a/fai/config/files/root/fai-check/VOL_BUSTER_BOOTSTRAP b/fai/config/files/root/fai-check/VOL_BUSTER_BOOTSTRAP
index e96879ac8176da15f7bdf4bd3660c5ccca489759..283bbf66610efff9f2fc3cf4e11875d4cf48a3a0 100755 (executable)
--- a/fai/config/files/root/fai-check/VOL_BUSTER_BOOTSTRAP
+++ b/fai/config/files/root/fai-check/VOL_BUSTER_BOOTSTRAP
@@ -6,7 +6,7 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 
 
 usage() {
 
 
 usage() {

-    cat <<EOF
+  cat <<EOF

 Usage: ${0##*/} [OPTION]
 If grub var set, act like pxe rom and pxe-kexec to faiserver
 
 Usage: ${0##*/} [OPTION]
 If grub var set, act like pxe rom and pxe-kexec to faiserver
 


@@ -15,7 +15,7 @@ If grub var set, act like pxe rom and pxe-kexec to faiserver
 
 Note: Uses GNU getopt options parsing style
 EOF
 
 Note: Uses GNU getopt options parsing style
 EOF

-    exit $1
+  exit $1

 }
 
 
 }
 
 


@@ -29,59 +29,59 @@ did_fai_check=false
 m() { printf "%s\n" "$*";  "$@"; }
 
 try-kexec() {
 m() { printf "%s\n" "$*";  "$@"; }
 
 try-kexec() {

-    deadline=$(( `date +%s` + NETWORK_TIMOUT_SECS ))
-    while ! nc -zu faiserver 69; do
-        if (( `date +%s` > deadline )); then
-            echo "fai-check: hit $NETWORK_TIMOUT_SECS s tftp server timeout"
-            return 0
-        fi
-        sleep 1
-    done
-    m pxe-kexec -n --ignore-whitelist -l fai-generated faiserver ||:
+  deadline=$(( `date +%s` + NETWORK_TIMOUT_SECS ))
+  while ! timeout -s 9 3 nc -zu faiserver 69; do
+    if (( `date +%s` > deadline )); then
+      echo "fai-check: hit $NETWORK_TIMOUT_SECS s tftp server timeout"
+      return 0
+    fi
+    sleep 1
+  done
+  m pxe-kexec -n --ignore-whitelist -l fai-generated faiserver ||:

 }
 
 case $1 in
 }
 
 case $1 in

-    -f|--force)
-        try-kexec
-        exit
-        ;;
+  -f|--force)
+    try-kexec
+    exit
+    ;;

 esac
 
 first=true
 for dev in $(btrfs fi show / | sed -rn 's#^\s*devid\s.*\s([^0-9 ]+)\S+$#\1#p' \
 esac
 
 first=true
 for dev in $(btrfs fi show / | sed -rn 's#^\s*devid\s.*\s([^0-9 ]+)\S+$#\1#p' \

-                 |sort); do
-    dev+=4
-    mount $dev /mnt
-    if $first; then
-        if [[ -e /mnt/grubenv ]]; then
-            set -x
-            source <(grub-editenv /mnt/grubenv list)
-            set +x
-        fi
-        first=false
-        # we could just as well check if last_boot != /debianbuster_boostrap
-        # the intent with this one is just a little clearer.
-        if [[ $did_fai_check == true ]]; then
-            grub-editenv /mnt/grubenv set did_fai_check=os_true
-            # our service does not wait for network-online.target,
-            # because it will wait for too long when we don't have a network
-            # connection. So, we wait for 10 seconds.
-            # ref: https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
-            try-kexec ||:
-        fi
-    else
-        # we make sure there is only 1 grubenv,
-        # so grub can just find the first one, in whatever order
-        # if looks at them, which may not be the same as us.
-        # If the disk dies, we just lose the default boot option,
-        # we will have to do manual steps to replace it anyways.
-        rm -f /mnt/gruvenv
+               |sort); do
+  dev+=4
+  mount $dev /mnt
+  if $first; then
+    if [[ -e /mnt/grubenv ]]; then
+      set -x
+      source <(grub-editenv /mnt/grubenv list)
+      set +x
+    fi
+    first=false
+    # we could just as well check if last_boot != /debianbuster_boostrap
+    # the intent with this one is just a little clearer.
+    if [[ $did_fai_check == true ]]; then
+      grub-editenv /mnt/grubenv set did_fai_check=os_true
+      # our service does not wait for network-online.target,
+      # because it will wait for too long when we don't have a network
+      # connection. So, we wait for 10 seconds.
+      # ref: https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
+      try-kexec ||:

     fi
     fi

-    umount /mnt
+  else
+    # we make sure there is only 1 grubenv,
+    # so grub can just find the first one, in whatever order
+    # if looks at them, which may not be the same as us.
+    # If the disk dies, we just lose the default boot option,
+    # we will have to do manual steps to replace it anyways.
+    rm -f /mnt/gruvenv
+  fi
+  umount /mnt

 done
 
 # the check for last_boot is not needed afaik, just sanity check.
 done
 
 # the check for last_boot is not needed afaik, just sanity check.

-if [[ $did_fai_check == true && $last_boot != /debianstable_boostrap ]]; then
-    # no need to reboot if we actually want to boot into this os.
-    reboot
+if [[ $did_fai_check == true && $last_boot != /debianbuster_boostrap ]]; then
+  # no need to reboot if we actually want to boot into this os.
+  reboot

 fi
 fi

diff --git a/fai/config/hooks/partition.DEFAULT b/fai/config/hooks/partition.DEFAULT
index 4646e568f3cb710317e4fe7a2579dbb5a32b3aa9..988ce06f925d4abe1f84ac14031fb4337d3b590e 100755 (executable)
--- a/fai/config/hooks/partition.DEFAULT
+++ b/fai/config/hooks/partition.DEFAULT
@@ -120,12 +120,7 @@ add-part() { # add partition suffix to $dev
     d=$1
     part=$2
   fi
     d=$1
     part=$2
   fi

-  if [[ $d == /dev/disk/by-id/* ]]; then
-    ret=$d-part$part
-  else
-    ret=$d$part
-  fi
-  echo $ret
+  echo $d-part$part

 }
 
 bootdev() { add-part $@ $bootn; }
 }
 
 bootdev() { add-part $@ $bootn; }


@@ -142,6 +137,11 @@ swap-cryptdev() { crypt-dev $(swapdev $@); }
 root-cryptname() { crypt-name $(rootdev $@); }
 swap-cryptname() { crypt-name $(swapdev $@); }
 
 root-cryptname() { crypt-name $(rootdev $@); }
 swap-cryptname() { crypt-name $(swapdev $@); }
 

+dev-mib() {
+  echo $(( $(parted -m $dev unit MiB print | \
+               sed -nr "s#^/dev/[^:]+:([0-9]+).*#\1#p") - 1))
+}
+

 ##### end function defs
 
 if ifclass REPARTITION; then
 ##### end function defs
 
 if ifclass REPARTITION; then


@@ -203,11 +203,10 @@ fi
 for dev in ${short_devs[@]}; do
   if $partition; then break; fi
   y=$(readlink -f $dev)
 for dev in ${short_devs[@]}; do
   if $partition; then break; fi
   y=$(readlink -f $dev)

-  arr=($y[0-9])
-  [[ ${#arr[@]}  == "$lastn" ]] || partition=true
-  for (( i=1; i <= lastn; i++ )); do
-    [[ -e ${dev}$i ]] || partition=true
-  done
+  arr=($y?*)
+  if (( ${#arr[@]}  != lastn )); then
+    partition=true
+  fi

   # On one system, blkid is missing some partitions.
   # maybe we need a flag, like FUZZY_BLKID or something, so we
   # can check that at least some exist.
   # On one system, blkid is missing some partitions.
   # maybe we need a flag, like FUZZY_BLKID or something, so we
   # can check that at least some exist.


@@ -233,7 +232,7 @@ if [[ ! ${devs[0]} ]]; then
 fi
 
 boot_space=0
 fi
 
 boot_space=0

-first=false
+first=true

 boot_devs=()
 for dev in ${devs[@]}; do
   if ifclass frodo; then
 boot_devs=()
 for dev in ${devs[@]}; do
   if ifclass frodo; then


@@ -266,12 +265,13 @@ for dev in ${devs[@]}; do
                                     sed -nr "s#^/dev/[^:]+:([0-9]+).*#\1#p") - 1))
     boot_devs+=($(bootdev))
   fi
                                     sed -nr "s#^/dev/[^:]+:([0-9]+).*#\1#p") - 1))
     boot_devs+=($(bootdev))
   fi

-  if [[ $boot_devs && $first ]]; then
+  if $first && [[ $boot_devs ]]; then

     first_efi=$(efidev)
     first_grub_extdev=$(grub_extdev)
     first=false
   fi
 done
     first_efi=$(efidev)
     first_grub_extdev=$(grub_extdev)
     first=false
   fi
 done

+first_boot_dev=${boot_devs[0]}

 
 even_raid=false
 if ifclass RAID0 || (( ${#boot_devs[@]} == 1 )); then
 
 even_raid=false
 if ifclass RAID0 || (( ${#boot_devs[@]} == 1 )); then


@@ -339,7 +339,6 @@ if [[ ! $DISTRO ]]; then
     exit 1
   fi
 fi
     exit 1
   fi
 fi

-first_boot_dev=${boot_devs[0]}

 
 
 bpart() { # btrfs a partition
 
 
 bpart() { # btrfs a partition


@@ -399,7 +398,7 @@ if $partition; then
       # if we repartition to the same as an old partition,
       # we don't want any old fses hanging around.
       for (( i=1; i <= lastn; i++ )); do
       # if we repartition to the same as an old partition,
       # we don't want any old fses hanging around.
       for (( i=1; i <= lastn; i++ )); do

-        x=$(add-part $dev $i)
+        x=$(add-part $i)

         [[ -e $x ]] || continue
         count_down=10
         # wipefs has failed, manual run works, google suggests timing issue
         [[ -e $x ]] || continue
         count_down=10
         # wipefs has failed, manual run works, google suggests timing issue


@@ -416,10 +415,9 @@ if $partition; then
 
   if $even_raid; then
     for dev in ${devs[@]}; do
 
   if $even_raid; then
     for dev in ${devs[@]}; do

-      disk_mib=$(( $(parted -m $dev unit MiB print | \
-                       sed -nr "s#^/dev/[^:]+:([0-9]+).*#\1#p") - 1))
-      if [[ ! min_disk_mib ]] || (( disk_mib < min_disk_mib )); then
-        min_disk_mib=$disk_mib
+      cur_mib=$(dev-mib)
+      if [[ ! $disk_mib ]] || (( cur_mib < disk_mib )); then
+        disk_mib=$cur_mib

       fi
     done
   fi
       fi
     done
   fi


@@ -435,11 +433,8 @@ if $partition; then
     #
     # Note: parted print error output is expected. example:
     # Error: /dev/vda: unrecognised disk label
     #
     # Note: parted print error output is expected. example:
     # Error: /dev/vda: unrecognised disk label

-    if $even_raid; then
-      disk_mib=$min_disk_mib
-    else
-      disk_mib=$(( $(parted -m $dev unit MiB print | \
-                       sed -nr "s#^/dev/[^:]+:([0-9]+).*#\1#p") - 1))
+    if ! $even_raid; then
+      disk_mib=$(dev-mib)

     fi
     root_end=$(( disk_mib - swap_mib - boot_mib /  ${#boot_devs[@]} ))
     swap_end=$(( root_end + swap_mib))
     fi
     root_end=$(( disk_mib - swap_mib - boot_mib /  ${#boot_devs[@]} ))
     swap_end=$(( root_end + swap_mib))


@@ -614,6 +609,7 @@ umount /mnt
 if [[ $DISTRO == debianbuster_bootstrap ]]; then
   cat > /tmp/fai/fstab <<EOF
 $first_boot_dev  /  btrfs  noatime,subvol=$boot_vol  0 0
 if [[ $DISTRO == debianbuster_bootstrap ]]; then
   cat > /tmp/fai/fstab <<EOF
 $first_boot_dev  /  btrfs  noatime,subvol=$boot_vol  0 0

+$first_efi  /boot/efi  vfat          nofail  0 0

 EOF
   cat >/tmp/fai/disk_var.sh <<EOF
 BOOT_DEVICE="${short_devs[@]}"
 EOF
   cat >/tmp/fai/disk_var.sh <<EOF
 BOOT_DEVICE="${short_devs[@]}"

diff --git a/faiserver-setup b/faiserver-setup
index bce13d272662e6bd11e410eaf32c519afcfd0325..ccff89498b062b90d849fe916ca48da0c678ebac 100755 (executable)
--- a/faiserver-setup
+++ b/faiserver-setup
@@ -36,6 +36,13 @@ $BASEFILE_DIR/${UPCASED_BASE_CODENAME}${ARCH}.tar.(gz|xz) to exist, and it must
 generated around the same time as the nfsroot, at least so it has the
 same kernel version.
 
 generated around the same time as the nfsroot, at least so it has the
 same kernel version.
 

+
+Note: there is a bug in 5.9.4, fixed by adding
+    sleep 2
+
+/usr/sbin/fai-make-nfsroot:503, before apt-get update
+
+

 EOF
   exit $1
 }
 EOF
   exit $1
 }


@@ -77,32 +84,39 @@ armhf() {
   [[ $(dpkg --print-architecture) == armhf ]]
 }
 
   [[ $(dpkg --print-architecture) == armhf ]]
 }
 

-if grep -xFq 'VERSION="8 (jessie)"' /etc/os-release; then
-  gpg -a --recv-keys 2BF8D9FE074BCDE4; gpg -a --export 2BF8D9FE074BCDE4 | apt-key add -
-  cat >/etc/apt/sources.list.d/fai.list <<'EOF'
-deb https://fai-project.org/download jessie koeln
-EOF
-elif grep -iE 'VERSION=.*(stretch|flidas|xenail|buster|bullseye|etiona|nabia)' /etc/os-release; then
-  # fai on ubuntu only has official support using the universe repo, but newer
-  # tends to have less bugs.
-  wget -O - https://fai-project.org/download/2BF8D9FE074BCDE4.asc | apt-key add -
-
-  case $base in
-    stretch|buster|bullseye)
-      cat >/etc/apt/sources.list.d/fai.list <<EOF
+# fai on ubuntu only has official support using the universe repo, but newer
+# tends to have less bugs.
+wget -O - https://fai-project.org/download/2BF8D9FE074BCDE4.asc | apt-key add -
+
+update=false
+case $base in
+  stretch|buster|bullseye)
+    if ! grep -qFx "deb https://fai-project.org/download $base koeln" /etc/apt/sources.list.d/fai.list; then
+      update=true
+    fi
+    cat >/etc/apt/sources.list.d/fai.list <<EOF

 deb https://fai-project.org/download $base koeln
 EOF
 deb https://fai-project.org/download $base koeln
 EOF

-      ;;
-    *)
-      echo "$0: error: script needs updating for new base" >&2
-      exit 1
-      ;;
-  esac
-else
-  rm -f /etc/apt/sources.list.d/fai.list
+    ;;
+  *)
+    echo "$0: error: script needs updating for new base" >&2
+    exit 1
+    ;;
+esac
+
+f=/var/cache/apt/pkgcache.bin;
+if [[ -r $f ]]; then
+  cachetime=$(stat -c %Y $f );
+  now=$(date +%s)
+  limittime=$(( now - 60*60*2 ))
+  if (( cachtime > limittime )); then
+    update=true
+  fi

 fi
 
 fi
 

-apt-get update
+if $update; then
+  apt-get update
+fi

 
 # Relevant packages from fai-quickstart depends and fai-server recommends.
 # I especially do not wait isc-dhcp-server or an inetd. Also excludes
 
 # Relevant packages from fai-quickstart depends and fai-server recommends.
 # I especially do not wait isc-dhcp-server or an inetd. Also excludes


@@ -131,8 +145,10 @@ r=http://http.us.debian.org/debian
 cat >/etc/fai/apt/sources.list <<EOF
 deb $r $base main contrib
 EOF
 cat >/etc/fai/apt/sources.list <<EOF
 deb $r $base main contrib
 EOF

+
+### begin setup security repo ###

 case $base in
 case $base in

-  jessie|stretch|buster)
+  stretch|buster)

     cat >>/etc/fai/apt/sources.list <<EOF
 deb http://security.debian.org/debian-security $base/updates main contrib
 EOF
     cat >>/etc/fai/apt/sources.list <<EOF
 deb http://security.debian.org/debian-security $base/updates main contrib
 EOF


@@ -143,6 +159,7 @@ EOF
 deb http://security.debian.org/debian-security $base-security main contrib
 EOF
 esac
 deb http://security.debian.org/debian-security $base-security main contrib
 EOF
 esac

+### end setup security repo ###

 
 
 cat >>/etc/fai/apt/sources.list <<EOF
 
 
 cat >>/etc/fai/apt/sources.list <<EOF


@@ -151,18 +168,18 @@ cat >>/etc/fai/apt/sources.list <<EOF
 deb http://fai-project.org/download $base koeln
 EOF
 
 deb http://fai-project.org/download $base koeln
 EOF
 

-if [[ $base == jessie ]]; then
-  cat >>/etc/fai/apt/sources.list <<'EOF'
-# fix tar https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819978
-deb http://ftp.debian.org/debian jessie-backports main
-EOF
-  # note, fai doesn\'t look at /etc/fai/apt/preferences.d
-  cat >/etc/fai/apt/preferences <<'EOF'
-Package: tar
-Pin: release a=jessie-backports
-Pin-Priority: 500
-EOF
-fi
+## Get latest kernel and btrfs for dealing with btrfs issues.
+# if [[ $base == buster ]]; then
+#   cat >>/etc/fai/apt/sources.list <<'EOF'
+# deb http://ftp.debian.org/debian buster-backports main
+# EOF
+#   # note, fai doesn\'t look at /etc/fai/apt/preferences.d
+#   cat >/etc/fai/apt/preferences <<'EOF'
+# Package: linux-* firmware-linux-free btrfs-progs
+# Pin: release a=buster-backports
+# Pin-Priority: 500
+# EOF
+# fi

 
 
 $sed -f - /etc/fai/nfsroot.conf <<EOF
 
 
 $sed -f - /etc/fai/nfsroot.conf <<EOF


@@ -225,13 +242,8 @@ if armhf; then
     # tftp environment
     local pxebin
 
     # tftp environment
     local pxebin
 

-    # wheezy path
-    if [ -f $NFSROOT/usr/lib/PXELINUX/pxelinux.0 ]; then
-      pxebin=$NFSROOT/usr/lib/PXELINUX/pxelinux.0
-    else
-      # jessie+ path
-      pxebin=$NFSROOT/usr/lib/syslinux/pxelinux.0
-    fi
+    # jessie+ path
+    pxebin=$NFSROOT/usr/lib/syslinux/pxelinux.0

 
     rm -f $NFSROOT/boot/*.bak
     mkdir -p $TFTPROOT/pxelinux.cfg
 
     rm -f $NFSROOT/boot/*.bak
     mkdir -p $TFTPROOT/pxelinux.cfg