From f74458d51ebaeba827307920c7a66ed2d69d6fbd Mon Sep 17 00:00:00 2001
From: Ian Kelling <ian@iankelling.org>
Date: Fri, 26 Aug 2016 19:38:13 -0700
Subject: [PATCH] better handling of home http server

---
 README                      | 27 +++++++++++++++++++--------
 chost                       |  3 +--
 wrt-disabled-firewall-rules | 26 ++++++++++++++++++++++++++
 wrt-setup                   | 26 +-------------------------
 wrt-setup-remote            |  1 +
 5 files changed, 48 insertions(+), 35 deletions(-)

diff --git a/README b/README
index 125d5d4..ba0a7bd 100644
--- a/README
+++ b/README
@@ -1,19 +1,30 @@
-Multi boot/distro bare metal provisioning
+Multi-boot/distro btrfs provisioning
 
-Some things are specific to my home network. Also provisions vms.
+Some things are specific to my home network. Uses PXE, designed for bare
+metal but also works for pxe booted VM.
 
 Features people may find useful: installs encrypted arch, debian stable,
 & debian testing all on the same btrfs filesystem, smartly utilizing
-multiple disks, with scripts to automatically decrypt on reboots. Other
-debian based distros should work fine, and I'm planning to add Fedora
-support. Disks are grouped as ssd or hdd and raided in raid 1 or raid 0
-per configuration. The os raid is partitioned into boot, swap, and root,
-(only boot is unencrypted) and there are scripts to resize those
-partitions post-install if needed.
+multiple disks, with scripts to automatically decrypt on reboots. The
+partititioning and filesystem script is the biggest part and is at
+fai/config/hooks/partition.DEFAULT. Other debian based distros should
+work fine, and I'm planning to add Fedora support. Disks are grouped as
+ssd or hdd and raided in raid 1 or raid 0 per configuration. The base
+partitions are divided into boot, swap, and root, (only boot is
+unencrypted). There are scripts to resize those partitions
+post-provision and while the system is running.
+
+The repo name fai is copied from a project of the same name which this
+project uses for debian installs. It stands for "fully automated
+installer."
 
 It also fully automates configuration of an openwrt router after manual
 initial installation.
 
+Provisionining is done, I sync files using unison, then automate further
+setup using a different set of scripts,
+https://iankelling.org/git/?p=distro-setup;a=tree.
+
 My network is a wndr3700v2 router with openwrt on it and a few pcs/laptops.
 
 Since fai requires a debian server as the fai server, there are also
diff --git a/chost b/chost
index 9fa57d0..3e1acd2 100755
--- a/chost
+++ b/chost
@@ -7,8 +7,7 @@ set -eE -o pipefail
 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 
 host=$1
-addr=$(host $host)
-addr=${addr##* }
+addr=$(host $host | sed -rn 's/^.*has address (.*)/\1/p;T;q')
 h=$(host $addr)
 h=${h##* }
 echo ${h%%.*}
diff --git a/wrt-disabled-firewall-rules b/wrt-disabled-firewall-rules
index a0041d7..3190f0b 100644
--- a/wrt-disabled-firewall-rules
+++ b/wrt-disabled-firewall-rules
@@ -5,6 +5,32 @@ firewall rules, temporarily disabled until I get them working
       # each port forward needs corresponding forward in the vpn server
 
 
+#http/https
+config redirect
+       option src              wan
+       option src_dport        443
+       option dest             lan
+       option dest_ip          192.168.1.2
+       option proto            tcp
+config rule
+       option src              wan
+       option target           ACCEPT
+       option dest_port        443
+       option proto            tcp
+
+config redirect
+       option src              wan
+       option src_dport        80
+       option dest             lan
+       option dest_ip          192.168.1.2
+       option proto            tcp
+config rule
+       option src              wan
+       option target           ACCEPT
+       option dest_port        80
+       option proto            tcp
+
+
 config redirect
     option name bittorrent
     option src              vpn
diff --git a/wrt-setup b/wrt-setup
index 3fa44d2..b437219 100755
--- a/wrt-setup
+++ b/wrt-setup
@@ -186,30 +186,6 @@ config rule
     option dest_port        22
 
 
-#http/https
-config redirect
-       option src              wan
-       option src_dport        443
-       option dest             lan
-       option dest_ip          192.168.1.2
-       option proto            tcp
-config rule
-       option src              wan
-       option target           ACCEPT
-       option dest_port        443
-       option proto            tcp
-
-config redirect
-       option src              wan
-       option src_dport        80
-       option dest             lan
-       option dest_ip          192.168.1.2
-       option proto            tcp
-config rule
-       option src              wan
-       option target           ACCEPT
-       option dest_port        80
-       option proto            tcp
 
 EOF
 
@@ -219,7 +195,7 @@ EOF
 dnsmasq_restart=false
 v cedit /etc/hosts <<EOF || dnsmasq_restart=true
 192.168.1.1 wrt
-192.168.1.2 treetowl faiserver
+192.168.1.2 treetowl faiserver $IMPERSONAL_DOMAIN
 192.168.1.3 frodo
 192.168.1.4 htpc
 192.168.1.5 x2
diff --git a/wrt-setup-remote b/wrt-setup-remote
index 089af15..408e0c3 100755
--- a/wrt-setup-remote
+++ b/wrt-setup-remote
@@ -27,5 +27,6 @@ if ! opkg list-installed|grep bash; then
     opkg update
     opkg install bash
 fi
+export IMPERSONAL_DOMAIN=$IMPERSONAL_DOMAIN`
 wrt-setup
 EOF
-- 
2.30.2