iankelling.org / git / distro-setup / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
bunch of updates and fixes
[distro-setup] / conflink
1 #!/bin/bash
2
3 source /a/bin/errhandle/err
4
5
6 usage() {
7 cat <<EOF
8 Usage: ${0##*/} [OPTIONS]
9 Link or otherwise install configuration files.
10
11 -f For fast. Dont use lnf, use ln -sf. Good for updating existing files.
12 EOF
13 exit $1
14 }
15
16
17 m() {
18 echo "$*"
19 "$@"
20 }
21 s() { sudo "$@"; }
22
23 lnf() { /a/exe/lnf "$@"; }
24 if [[ $1 == -f ]]; then
25 lnf() { ln -sf "$@"; }
26 fi
27
28 shopt -s nullglob
29 shopt -s extglob
30 shopt -s dotglob
31
32 # If we make a link back to the root, we stop going deeper into subdir_files.
33 # This makes it so we can do subdir directories.
34 #
35 # Also note, under filesystem/, symlinks are expanded.
36
37 subdir-link-r() {
38 local root="$1"
39 local targets=()
40 if [[ $2 ]]; then
41 targets=( "$2"/!(.git|..|.) )
42 else
43 for f in "$1"/!(.git|..|.); do
44 if [[ -d $f ]]; then targets+=("$f"); fi
45 done
46 fi
47 local below
48 below="$( readlink -f "$root/..")"
49 for path in "${targets[@]}"; do
50 local fullpath
51 fullpath="$(readlink -f "$path")"
52 #e $fullpath $below # debug
53 if [[ -f $path || $(dirname $(readlink -f "$fullpath")) == "$below" ]]; then
54 m lnf -T "$path" "$HOME/${path#$root/}"
55 elif [[ -d "$path" ]]; then
56 subdir-link-r "$root" "$path"
57 fi
58 done
59 }
60
61
62
63 common-file-setup() {
64 local dir fs x f
65 for dir in "$@"; do
66 fs=$dir/filesystem
67 if [[ -e $fs && $user =~ ^iank?$ ]]; then
68 # note, symlinks get resolved, not copied.
69 s tar --mode=g-s --owner=0 --group=0 -cz -C $fs . | s tar -xz -C /
70 fi
71
72 if [[ -e $dir/subdir_files ]]; then
73 m subdir-link-r $dir/subdir_files
74 fi
75 local x=( $dir/!(binds|subdir_files|filesystem|machine_specific|..|.) )
76 (( ${#x[@]} >= 1 )) || continue
77 m lnf ${x[@]} ~
78 done
79 }
80
81 user=$(id -un)
82 all_dirs=({/a/bin/ds,/p/c}{,/machine_specific/$HOSTNAME})
83 # note, we assume a group of hosts does not have the
84 # same name as a single host, which is no problem on our scale.
85 for x in /p/c/machine_specific/*.hosts /a/bin/ds/machine_specific/*.hosts; do
86 if grep -qxF $HOSTNAME $x; then all_dirs+=( ${x%.hosts} ); fi
87 done
88
89 c_dirs=(/a/c{,/machine_specific/$HOSTNAME})
90 case $user in
91 iank)
92 files=(/p/c/machine_specific/*/filesystem/etc/ssh/*_key
93 /p/c/filesystem/etc/openvpn/client/*.key
94 /p/c/filesystem/etc/openvpn/easy-rsa/keys/*.key
95 /p/c/machine_specific/kw/filesystem/etc/openvpn/client/*.key
96 )
97 if [[ -e ${files[0]} ]]; then
98 chmod 600 ${files[@]}
99 fi
100 # p needs to go first so .ssh link is created, then config link inside it
101 m common-file-setup ${all_dirs[@]}
102
103 #### begin special extra stuff ####
104 install -d -m700 ~/gpg-agent-socket
105
106 f=/var/lib/bind
107 if [[ -e $f ]]; then
108 # reset to the original permissions.
109 m s chgrp -R bind $f
110 m s chmod g+w $f
111 fi
112 sudo bash -c 'shopt -s nullglob; for f in /etc/bind/*.key /etc/bind/*.private /etc/bind/key.*; do chgrp bind $f; done'
113 if [[ -e /etc/davpass ]] && getent group www-data &>/dev/null; then
114 s chgrp www-data /etc/davpass
115 fi
116 if [[ -e /var/lib/znc ]] && getent group znc; then
117 s chown -R znc:znc /var/lib/znc
118 fi
119 /a/exe/lnf -T /p/arbtt-capture.log ~/.arbtt/capture.log
120 f=/etc/prometheus-htpasswd
121 if [[ -e $f ]]; then
122 s chmod 640 $f /etc/prometheus-pass
123 s chown root:www-data $f
124 if getent passwd prometheus; then
125 s chown root:prometheus /etc/prometheus-pass
126 fi
127 fi
128
129 ##### end special extra stuff #####
130
131 if [[ -e /etc/openvpn ]]; then
132 sudo bash -c 'shopt -s nullglob && cd /etc/openvpn && for f in client/* server/*; do ln -sf $f .; done'
133 fi
134
135 m sudo -H -u user2 "${BASH_SOURCE[0]}"
136 ;;
137 user2)
138 m common-file-setup ${c_dirs[@]}
139 ;;
140 *)
141 echo "$0: error: unexpected user"; exit 1
142 ;;
143 esac
~16k lines of my .bashrc + lots of my configs