From 45a2a286083772abc0688e663a6ecc68af0a8d0e Mon Sep 17 00:00:00 2001
From: Ian Kelling <iank@fsf.org>
Date: Sun, 5 Apr 2020 16:32:59 -0400
Subject: [PATCH] various fixes, upgrade nfsroot to buster

---
 fai-revm                             | 13 ++--
 fai/config/files/boot/chboot/DEFAULT | 69 +++++++++++-----------
 fai/config/hooks/partition.DEFAULT   |  7 +--
 fai/config/scripts/GRUB_PC/11-iank   |  6 +-
 faiserver-setup                      |  8 +--
 grub.cfg.autodiscover                |  2 +-
 wrt-setup-local                      | 88 +++++++++++++++++++++-------
 7 files changed, 119 insertions(+), 74 deletions(-)

diff --git a/fai-revm b/fai-revm
index 9fa0787..acf0db2 100755
--- a/fai-revm
+++ b/fai-revm
@@ -110,7 +110,7 @@ else
       BASEFILE_DIR=/tmp
     fi
     isopath=$BASEFILE_DIR/$iso
-    isosrc=$BASEFILE_DIR/STRETCH64.tar.gz
+    isosrc=$BASEFILE_DIR/BUSTER64.tar.gz
     if [[ ! -e $isopath || $(stat -c %Y $isopath) -lt $(stat -c %Y $isosrc) ]]; then
       e sudo fai-cd -g $(readlink -f grub.cfg.${iso%%.*}) -f -A $isopath
     fi
@@ -127,7 +127,8 @@ fi
 
 name=demohost
 
-e sudo virshrm $name ||:
+e sudo virsh destroy $name ||:
+e sudo virsh undefine $name ||:
 
 
 disk_arg=()
@@ -145,7 +146,7 @@ if [[ $SSH_CLIENT ]]; then
 fi
 
 # docker makes forward default to drop, which blocks the vm pxe on flidas. easiest solution:
-s iptables -P FORWARD ACCEPT
+e sudo iptables -P FORWARD ACCEPT
 
 # --cpu host: this causes mkfs.btrfs to fail with a stack trace which began
 # something like:
@@ -156,7 +157,7 @@ s iptables -P FORWARD ACCEPT
   #   ${disk_arg[*]} -w bridge=br0,mac=52:54:00:9c:ef:ad $reboot_arg \
   #   --graphics spice,listen=0.0.0.0 $console_arg |& grep -v '^ *$' | uniq &
 
-
+e sudo systemctl start libvirtd
 e sudo virt-install --rng /dev/urandom --os-variant $variant  -n $name $boot_arg -r 2048 --vcpus 1 \
   ${disk_arg[*]} -w bridge=br0,mac=52:54:00:9c:ef:ad $reboot_arg \
   --graphics spice,listen=0.0.0.0 $console_arg |& grep -v '^ *$' | uniq &
@@ -166,11 +167,11 @@ if [[ $SSH_CLIENT ]]; then
   fg
 fi
 
-sleep 30
+sleep 90
 while ! timeout -s 9 10 ssh -oBatchMode=yes root@$name /bin/true; do
   e sleep 5
 done
-unset err-cleanup
+unset -f err-cleanup
 e ./pxe-server $dhcp_arg
 if is_arch_revm; then
   ./arch-init-remote $name
diff --git a/fai/config/files/boot/chboot/DEFAULT b/fai/config/files/boot/chboot/DEFAULT
index ed65c80..7800764 100755
--- a/fai/config/files/boot/chboot/DEFAULT
+++ b/fai/config/files/boot/chboot/DEFAULT
@@ -16,18 +16,20 @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
 
+[[ $EUID == 0 ]] || exec sudo "$BASH_SOURCE" "$@"
+
+
 x="$(readlink -f "$BASH_SOURCE")"
 f="${x%/*}/bash-trace"
 if [[ -e $f ]]; then
-    source $f
+  source $f
 else
-    source ${x%/*}/../bash-trace/DEFAULT
+  source ${x%/*}/../bash-trace/DEFAULT
 fi
 
-[[ $EUID == 0 ]] || exec sudo "$BASH_SOURCE" "$@"
 
 usage() {
-    cat <<EOF
+  cat <<EOF
 Usage: ${0##*/} [OPTIONS] DISTRO_NAME
 Set grub to boot into a different distro, and reboot unless -r
 
@@ -58,7 +60,7 @@ for non-libreboot systems
 
 Note: Uses GNU getopt options parsing style
 EOF
-    exit $1
+  exit $1
 }
 
 
@@ -69,13 +71,13 @@ reboot=true
 temp=$(getopt -l help hdr "$@") || usage 1
 eval set -- "$temp"
 while true; do
-    case $1 in
-        -d) set -x; shift ;;
-        -r) reboot=false; shift ;;
-        -h|--help) usage ;;
-        --) shift; break ;;
-        *) echo "$0: Internal error!" ; exit 1 ;;
-    esac
+  case $1 in
+    -d) set -x; shift ;;
+    -r) reboot=false; shift ;;
+    -h|--help) usage ;;
+    --) shift; break ;;
+    *) echo "$0: Internal error!" ; exit 1 ;;
+  esac
 done
 
 
@@ -83,14 +85,14 @@ distro=$1
 
 mnt=/boot
 if ! mountpoint $mnt &>/dev/null; then
-    mnt=/
+  mnt=/
 fi
 
 if [[ ! $distro ]]; then
-    echo "available distros:"
-    cur=$(btrfs subvol show $mnt| sed -rn 's/^.*Name:\s*(\S*).*/\1/p')
-    btrfs subvolume list $mnt | awk '{print $9}' | sed "s/$cur/$cur (current)/"
-    exit 0
+  echo "available distros:"
+  cur=$(btrfs subvol show $mnt| sed -rn 's/^.*Name:\s*(\S*).*/\1/p')
+  btrfs subvolume list $mnt | awk '{print $9}' | sed "s/$cur/$cur (current)/"
+  exit 0
 fi
 
 ###### end command line parsing #####
@@ -99,37 +101,36 @@ fi
 #### begin initial error checking #####
 
 if ! btrfs subvolume list $mnt | grep "$distro$" &>/dev/null; then
-    echo "$0: error: $distro not found in btrfs subvolume list $mnt:"
-    btrfs subvolume list $mnt
-    exit 1
+  echo "$0: error: $distro not found in btrfs subvolume list $mnt:"
+  btrfs subvolume list $mnt
+  exit 1
 fi
 
 #### end initial error checking #####
 
 e() { echo "$@"; "$@"; }
 
-boot_dev=$(mount | sed -rn "s#^(\S+) on $mnt .*#\1#p")
+for boot_dev in $(s btrfs fil show $mnt | sed -nr 's#.*path\s+(\S+)$#\1#p'); do
 
-mount_point=$(mktemp -d)
+  mount_point=$(mktemp -d)
 
-e mount -o subvol=$distro $boot_dev $mount_point
+  e mount -o subvol=$distro $boot_dev $mount_point
 
-boot_disk=${boot_dev%%[0-9]*}
+  boot_disk=${boot_dev%%[0-9]*}
 
-# arch doesn't have $mount_point/grub/device.map, accoring to the grub manual,
-# it just generates one if the file doesn't exist.
-# https://www.gnu.org/software/grub/manual/html_node/Device-map.html
-e grub-bios-setup -d $mount_point/grub/i386-pc -s -m $mount_point/grub/device.map $boot_disk
-
-e umount $mount_point
+  # arch doesn't have $mount_point/grub/device.map, accoring to the grub manual,
+  # it just generates one if the file doesn't exist.
+  # https://www.gnu.org/software/grub/manual/html_node/Device-map.html
+  e grub-bios-setup -d $mount_point/grub/i386-pc -s -m $mount_point/grub/device.map $boot_disk
+  e umount $mount_point
+done
 
 e mount $boot_disk$grub_extn $mount_point
 e grub-editenv $mount_point/grubenv set last_boot=/$distro
 e grub-editenv $mount_point/grubenv set did_fai_check=true
 e umount $mount_point
-e rmdir $mount_point
-
+y
 if $reboot; then
-    touch /tmp/keyscript-off
-    reboot now
+  touch /tmp/keyscript-off
+  reboot now
 fi
diff --git a/fai/config/hooks/partition.DEFAULT b/fai/config/hooks/partition.DEFAULT
index 28f37de..b961e62 100755
--- a/fai/config/hooks/partition.DEFAULT
+++ b/fai/config/hooks/partition.DEFAULT
@@ -512,7 +512,6 @@ if [[ $DISTRO != debianstretch_bootstrap ]]; then
 
   btrfs subvolume create root_$DISTRO
 
-  mkdir -p /mnt/root_$DISTRO/boot
   # could set default subvol like this, but no reason to.
   # btrfs subvolume set-default \
     #       $(btrfs subvolume list . | grep "root_$DISTRO$" | awk '{print $2}') .
@@ -565,10 +564,10 @@ EOF
 else
   # note, fai creates the mountpoints listed here
   cat > /tmp/fai/fstab <<EOF
-$first_root_crypt  /  btrfs  noatime,subvol=root_$DISTRO  0 0
+$first_root_crypt  /  btrfs          noatime,subvol=root_$DISTRO  0 0
 $first_root_crypt  /mnt/root  btrfs  nofail,noatime,subvolid=0  0 0
-$first_boot_dev  /boot  btrfs  nofail,noatime,subvol=$boot_vol  0 0
-$first_boot_dev  /mnt/boot  btrfs  nofail,noatime,subvol=subvolid=0  0 0
+$first_boot_dev  /boot  btrfs        nofail,noatime,subvol=$boot_vol  0 0
+$first_boot_dev  /mnt/boot  btrfs    nofail,noatime,subvolid=0  0 0
 EOF
   swaps=()
   for dev in ${devs[@]}; do
diff --git a/fai/config/scripts/GRUB_PC/11-iank b/fai/config/scripts/GRUB_PC/11-iank
index 485175f..b039227 100755
--- a/fai/config/scripts/GRUB_PC/11-iank
+++ b/fai/config/scripts/GRUB_PC/11-iank
@@ -138,14 +138,12 @@ if [[ $FAI_ACTION != dirinstall ]]; then
   # luks options, see man systemd-cryptsetup-generator
   # all i know is that with luks.crypttab=no, swap still timed out on boot.
   # and with rd.luks.crypttab=no, it works.
-  cmdline="rd.luks.crypttab=no console=ttyS0 net.ifnames=0"
   if ifclass LINODE; then
     speed=19200
-    cmdline+=",${speed}n8"
-    cmdline="rd.luks.crypttab=no console=ttyS0,${speed}n8"
+    cmdline="rd.luks.crypttab=no net.ifnames=0 console=ttyS0,${speed}n8"
   else
     speed=115200
-    cmdline+=",${speed}n8 console=tty0"
+   cmdline="rd.luks.crypttab=no net.ifnames=0 console=ttyS0,${speed}n8 console=tty0"
   fi
 
   cat >$FAI_ROOT/etc/grub.d/40_custom <<EOF
diff --git a/faiserver-setup b/faiserver-setup
index 2d76910..58d670d 100755
--- a/faiserver-setup
+++ b/faiserver-setup
@@ -29,7 +29,7 @@ as the tftp server. I vaguely remember that using a hostname does not
 work.  Separate from running this, faiserver needs to be setup in dns to
 point to whatever host this is run on.
 
-Default BASE_CODENAME is stretch. Default ARCH is 64. The script expects corresponding
+Default BASE_CODENAME is buster. Default ARCH is 64. The script expects corresponding
 $BASEFILE_DIR/${UPCASED_BASE_CODENAME}${ARCH}.tar.(gz|xz) to exist, and it must have been
 generated around the same time as the nfsroot, at least so it has the
 same kernel version.
@@ -45,9 +45,9 @@ esac
 e() { echo "+ $@"; "$@"; }
 
 
-base=${1:-stretch}
+base=${1:-buster}
 arch=${2:-64}
-basefile=($BASEFILE_DIR/${base^^}${arch^^}.tar.[gx]z)
+basefile=($BASEFILE_DIR/${base^^}${arch^^}.tar.gz)
 sed="sed -ri --follow-symlinks"
 
 if [[ ! -e $basefile ]]; then
@@ -114,7 +114,7 @@ fi
 e apt-get install -y ${pkgs[@]}
 # confnew since we edit /etc/fai/NFSROOT in an automated way
 # fai-client is already a fai-server dependency, but make sure it gets upgraded
-e apt-get install --no-install-recommends -y -o Dpkg::Options::="--force-confnew" fai-server fai-client
+e apt-get install --no-install-recommends -y -o Dpkg::Options::=--no-force-confdef -o Dpkg::Options::=--force-confnew fai-server fai-client
 
 r=http://http.us.debian.org/debian
 # like default, but scrap httpredir, and nonfree.
diff --git a/grub.cfg.autodiscover b/grub.cfg.autodiscover
index 9103e45..8d10268 100644
--- a/grub.cfg.autodiscover
+++ b/grub.cfg.autodiscover
@@ -62,7 +62,7 @@ menuentry "" --unrestricted {
 # after install is done
 menuentry "FAI server via dns" {
     set gfxpayload=$resolution
-    linux   /boot/vmlinuz FAI_FLAGS=verbose,sshd,createvt,reboot FAI_CONFIG_SRC=nfs://faiserver/srv/fai/config root=/dev/nfs rw nfsroot=faiserver:/srv/fai/nfsroot,vers=3,nolock aufs rootovl ip=dhcp FAI_FLAGS=verbose,sshd,createvt
+    linux   /boot/vmlinuz FAI_FLAGS=verbose,sshd,createvt,reboot FAI_CONFIG_SRC=nfs://faiserver/srv/fai/config root=/dev/nfs rw nfsroot=faiserver:/srv/fai/nfsroot,vers=3,nolock aufs rootvol ip=dhcp FAI_FLAGS=verbose,sshd,createvt
     initrd  /boot/initrd.img
 }
 
diff --git a/wrt-setup-local b/wrt-setup-local
index 38a276d..55ac7d7 100755
--- a/wrt-setup-local
+++ b/wrt-setup-local
@@ -21,7 +21,7 @@ trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 
 usage() {
   cat <<EOF
-usage: ${0##*/} [-h] [-t 2|test] [-m WIRELESS_MAC]
+usage: ${0##*/} [-h] [-t 2|3|test] [-m WIRELESS_MAC]
 setup my router in general: dhcp, dns, etc.
 
 Type 2 or 3 is for setting up a backup device, there are two kinds so
@@ -37,11 +37,22 @@ EOF
 }
 
 
+
+
 dev2=false
 test=false
-hostname=wrt
 libremanage_host=wrt2
 
+if [[ -e /p/router-secrets ]]; then
+  source /p/router-secrets
+fi
+rmac=$(cat /sys/class/net/eth0/address)
+if [[ $rhost ]]; then
+  hostname=${rhost[$rmac]}
+fi
+: ${hostname:=wrt}
+
+
 lanip=1
 while getopts hm:t: opt; do
   case $opt in
@@ -50,7 +61,7 @@ while getopts hm:t: opt; do
       case $2 in
         2|3)
           dev2=true
-          libremanage_host=wrt
+          libremanage_host=$hostname
           ;;&
         2)
           lanip=4
@@ -152,6 +163,23 @@ uset() {
   fi
 }
 
+udel() {
+  printf "+ udel %s\n" "$*"
+  local key="$1"
+  local val="$2"
+  local service="${key%%.*}"
+  restart_var=${service}_restart
+  if [[ ! ${!restart_var} ]]; then
+    eval $restart_var=false
+  fi
+  if uci get "$key" &>/dev/null; then
+    v uci set "$key"="$val"
+    uci commit $service
+    eval $restart_var=true
+  fi
+}
+
+
 
 ### network config
 ###
@@ -160,7 +188,16 @@ lan=10.0.0.0
 if $test; then
   ssid="gnuv3"
   lan=10.1.0.0
+elif [[ $hostname == cmc ]]; then
+  ssid=Svenska
+  lan=10.2.0.0
+fi
+
+if [[ $rkey ]]; then
+  key=${rkey[$rmac]}
 fi
+: ${key:=pictionary49}
+
 mask=255.255.0.0
 cidr=16
 l=${lan%.0}
@@ -284,7 +321,7 @@ if ! cmp -s /root/dropbear_rsa_host_key /etc/dropbear/dropbear_rsa_host_key; the
 fi
 
 wireless_restart=false
-key=pictionary49
+
 for x in 0 1; do
   uset wireless.default_radio$x.ssid "$ssid"
   uset wireless.default_radio$x.key $key
@@ -336,7 +373,6 @@ EOF
 firewall_restart=false
 v cedit /etc/config/firewall <<EOF || firewall_restart=true
 
-
 config redirect
  option name ssh
  option src              wan
@@ -519,18 +555,20 @@ EOF
 
 dnsmasq_restart=false
 v cedit /etc/hosts <<EOF || dnsmasq_restart=true
-127.0.1.1 wrt
-$l.1 wrt
+127.0.1.1 $hostname
+$l.1 $hostname
 $l.2 kd
 $l.3 frodo
 $l.4 wrt2
-$l.5 x2 faiserver
+$l.5 x2
 $l.6 demohost
-$l.7 x3
-$l.8 tp b8.nz
+#$l.7 x3
+$l.8 tp b8.nz faiserver
 $l.9 bb8
 $l.14 wrt3
+2600:3c00::f03c:91ff:fe6d:baf8 li
 72.14.176.105 li
+2a01:7e01::f03c:91ff:feb5:baec l2
 172.105.84.95 l2
 
 # netns creation looks for next free subnet starting at 10.173, but I only
@@ -544,15 +582,6 @@ EOF
 # fi
 
 
-# avoid using the dns servers that my isp tells me about.
-if [[ $(uci get dhcp.@dnsmasq[0].resolvfile 2>/dev/null) ]]; then
-  # default is '/tmp/resolv.conf.auto', we switch to the dnsmasq default of
-  # /etc/resolv.conf. not sure why I did this.
-  v uci delete dhcp.@dnsmasq[0].resolvfile
-  uci commit dhcp
-  dnsmasq_restart=true
-fi
-
 uset dhcp.@dnsmasq[0].domain b8.nz
 uset dhcp.@dnsmasq[0].local /b8.nz/
 uset system.@system[0].hostname $hostname
@@ -655,17 +684,34 @@ EOF
 
 uset network.lan.ipaddr $l.$lanip
 uset network.lan.netmask $mask
-uset dhcp.wan.ignore $dev2 # default is false
-uset dhcp.lan.ignore $dev2 # default is false
 if $dev2; then
   uset network.lan.gateway $l.1
   uset network.wan.proto none
   uset network.wan6.proto none
+  /etc/init.d/dnsmasq stop
+  /etc/init.d/dnsmasq disable
+  /etc/init.d/odhcpd stop
+  /etc/init.d/odhcpd disable
+  # things i tried to keep dnsmasq running but not enabled except local dns,
+  # but it didnt work right and i dont need it anyways.
+  # uset dhcp.wan.ignore $dev2 # default is false
+  # uset dhcp.lan.ignore $dev2 # default is false
+  # uset dhcp.@dnsmasq[0].interface lo
+  # uset dhcp.@dnsmasq[0].localuse 0
+  # uset dhcp.@dnsmasq[0].resolvfile /etc/dnsmasq.conf
+  # uset dhcp.@dnsmasq[0].noresolv 1
+  # todo: populate /etc/resolv.conf with a static value
+
 else
   # these are the defaults
   uset network.lan.gateway ''
   uset network.wan.proto dhcp
   uset network.wan6.proto dhcpv6
+  /etc/init.d/dnsmasq start
+  # todo: figure out why this returns 1
+  /etc/init.d/dnsmasq enable ||:
+  /etc/init.d/odhcpd start
+  /etc/init.d/odhcpd enable
 fi
 
 
-- 
2.30.2