#!/bin/bash -l
# Copyright (C) 2016 Ian Kelling
# This program is under GPL v. 3 or later, see
set -eE -o pipefail
trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?"' ERR
set -x
exec &> >(sudo tee -a /var/log/distro-end)
echo "$0: $(date): starting now)"
src="${BASH_SOURCE%/*}"
end_msg() {
= local y
IFS= read -r -d '' y ||:
end_msg_var+="$y"
}
spa() { # simple package add
simple_packages+=($@)
}
distro=$(distro-name)
pending_reboot=false
# template
case $distro in
esac
pup
simple_packages=(
mailutils
nmon
ruby
ruby-rest-client
tree
vim
)
if [[ $HOSTNAME != lj && $HOSTNAME != lk ]]; then
# universal packages
simple_packages+=(
apache2
bwm-ng
chromium
duplicity
evince
fdupes
filelight
gdb
gnome-screenshot
jq
locate
meld
offlineimap
p7zip
paprefs
pavucontrol
pdfgrep
pianobar
pidgin
rdiff-backup
slock
squashfs-tools
tcpdump
transmission-remote-gtk
vlc
)
fi
########### begin section including lj ################
case $distro in
fedora) spa unrar ;;
*) spa unrar-free ;;
esac
case $distro in
arch)
# ubuntu 14.04 uses b-cron,
# but its not maintained in arch.
# of the ones in the main repos, cronie is only one maintained.
# fcron appears abandoned software.
pi cronie
sgo cronie
;;
*) : ;; # other distros come with cron.
esac
case $distro in
debian|ubuntu)
pi debian-goodies
;;
esac
case $distro in
*) pi at ;;&
arch) sgo atd ;;
esac
case $distro in
debian) pi curl;;
arch) : ;;
# fedora: unknown
esac
case $distro in
# tk for gitk
arch) spa git tk ;;
*) spa git ;;
esac
case $distro in
arch) spa the_silver_searcher ;;
debian|ubuntu) spa silversearcher-ag ;;
# fedora unknown
esac
case $distro in
debian|ubuntu) spa ntp;;
arch)
pi ntp
sgo ntpd
;;
# others unknown
esac
# no equivalent in other distros:
case $distro in
debian|ubuntu)
pi apt-file aptitude
s apt-file update
# for debconf-get-selections
spa debconf-utils
;;
esac
case $distro in
ubuntu|debian) spa ack-grep ;;
arch|fedora) spa ack ;;
# fedora unknown
esac
case $distro in
arch|debian|ubuntu)
spa bash-completion
;;
# others unknown
esac
# disable motd junk.
case $(distro-name) in
debian)
# allows me to pipe with ssh -t, and gets rid of spam
# http://forums.debian.net/viewtopic.php?f=5&t=85822
# i'd rather disable the service than comment the init file
# this says disabling the service, it will still get restarted
# but this script doesn't do anything on restart, so it should be fine
s dd of=/var/run/motd.dynamic if=/dev/null
s update-rc.d motd disable
;;
ubuntu)
# this isn't a complete solution. It still shows me when updates are available,
# but it's no big deal.
s t /etc/update-motd.d/10-help-text /etc/update-motd.d/00-header
;;
esac
# automatic updates
# reference:
# https://debian-handbook.info/browse/stable/sect.regular-upgrades.html
# /etc/cron.daily/apt calls unattended-upgrades
# /usr/share/doc/unattended-upgrades# cat README.md
# /etc/apt/apt.conf.d/50unattended-upgrades
if isdebian; then
pi unattended-upgrades
s dd of=/etc/apt/apt.conf.d/10periodic <<'EOF'
# this file was mostly just comments.
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
EOF
{ cat <<'EOF'
Unattended-Upgrade::Mail "root";
Unattended-Upgrade::MailOnlyOnError "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Origins-Pattern {
# default is just upgrade main and security, not updates.
EOF
if isdebian-testing; then
cat <<'EOF'
# for testing, only do security updates.
"origin=Debian,codename=${distro_codename},label=Debian-Security";
EOF
else
cat <<'EOF'
# These are stable packages only getting bugfixes anyways.
"origin=*";
EOF
fi
cat <<'EOF'
};
EOF
} | s dd of=/etc/apt/apt.conf.d/50unattended-upgrades
echo $- > /tmp/x
fi
# cron
/a/bin/crons/all
case $HOSTNAME in
lj|lk)
pi "${simple_packages[@]}"
$src/homepage-setup
$src/
# start=' * *'
# end=' *<\/source> *'
# ruby <<'EOF' | sed -rn "/^$start$/,/^$end$/{s/^$start|$end$/# \0/;p}" | bash
# require 'json'
# puts JSON.parse(`curl 'https://ofswiki.org/w/api.php?\
# action=query&titles=Mediawiki_Setup_Guide&prop=revisions&rvprop=content&\
# format=json'`.chomp)['query']['pages'].values[0]['revisions'][0]['*']
# EOF
# nginx-site iankelling.org
echo "$0: $(date): ending now)"
exit 0
;;
esac
########### end section including lj ###############
case $distro in
arch) pi syncthing ;;
ubuntu|debian)
# google led me here:
# https://apt.syncthing.net/
curl -s https://syncthing.net/release-key.txt | sudo apt-key add -
s="deb http://apt.syncthing.net/ syncthing release"
if [[ $(cat /etc/apt/sources.list.d/syncthing.list) != $s ]]; then
echo "$s" | s dd of=/etc/apt/sources.list.d/syncthing.list
p update
fi
pi syncthing
;;
esac
# installed via f-droid
# top right, actions, device id
#
# for installing on a remote comp:
# ssh -L 8384:localhost:8384 -N frodo
# went to http://localhost:8384/
#
# add folder to sync phone,
# staggered file versioning would be my normal choice, but choose
# trash can versioning for sake of space on phone, with
# clean out after 7 days.
#
# did ser syncthing@ian start
# then on phone, add device, hit bar code icon,
# install bar code scanner.
# no equivalent in other distros:
case $distro in
debian|ubuntu)
# for gui bug reporting
spa python-vte
;;
esac
####### misc packages ###########
if [[ $HOSTNAME == frodo ]]; then
case $distro in
debian|ubuntu)
# note i had to do this, which is persistent:
# cd /i/k
# s chgrp debian-transmission torrents partial-torrents
# syslog says things like
# 'Failed to set receive buffer: requested 4194304, got 425984'
# google suggets giving it even more than that
tu /etc/sysctl.conf<<'EOF'
net.core.rmem_max = 67108864
net.core.wmem_max = 16777216
EOF
s sysctl -p
# some reason it doesn't seem to start automatically anyways
pi-nostart transmission-daemon
# config file documented here, and it's the same config
# for daemon vs client, so it's documented in the gui.
# https://trac.transmissionbt.com/wiki/EditConfigFiles#Options
s ruby <<'EOF'
require 'json'
p = '/etc/transmission-daemon/settings.json'
File.write(p, JSON.pretty_generate(JSON.parse(File.read(p)).merge({
'rpc-whitelist' => '127.0.0.1,192.168.1.*',
'rpc-authentication-required' => false,
'incomplete-dir' => '/i/k/partial-torrents',
'download-dir' => '/i/k/torrents',
"speed-limit-up" => 700,
"speed-limit-up-enabled" => true,
"ratio-limit" => 1.4000,
"ratio-limit-enabled" => true,
})) + "\n")
EOF
sgo transmission-daemon
;;
arch)
# todo, setup it's config file & daemon
pi transmission-cli
;;
esac
fi
# adapted from /var/lib/dpkg/info/transmission-daemon.postinst
if ! getent passwd debian-transmission > /dev/null; then
case $distro in
arch)
s useradd \
--system \
--create-home \
--home-dir /var/lib/transmission-daemon \
--shell /bin/false \
debian-transmission
;;
*)
s adduser --quiet \
--system \
--group \
--no-create-home \
--disabled-password \
--home /var/lib/transmission-daemon \
debian-transmission
;;
esac
fi
# arch had a default config,
# debian had nothing until you start it.
# With a little trial an error, here is a minimal config
# taken from the generated one, plus changes that the
# settings ui does, without a bunch of ui crap settings.
#
# only settings I set were
# hostname
# auto-connect
#
for f in /home/*; do
d=$f/.config/transmission-remote-gtk
u=${f##*/}
s -u $u mkdir -p $d
s -u $u dd of=$d/config.json <<'EOF'
{
"profiles" : [
{
"profile-name" : "Default",
"hostname" : "frodo",
"rpc-url-path" : "/transmission/rpc",
"username" : "",
"password" : "",
"auto-connect" : true,
"ssl" : false,
"timeout" : 40,
"retries" : 3,
"update-active-only" : false,
"activeonly-fullsync-enabled" : false,
"activeonly-fullsync-every" : 2,
"update-interval" : 3,
"min-update-interval" : 3,
"session-update-interval" : 60,
"exec-commands" : [
],
"destinations" : [
]
}
],
"profile-id" : 0,
"add-options-dialog" : false
}
EOF
done
case $distro in
debian|ubuntu)
pi-nostart openvpn
# pi-nostart this doesnt seem to be good enough?
ser disable openvpn@client
ser disable openvpn
;;
*) pi openvpn ;;
esac
pi wget
case $HOSTNAME in
tp|frodo)
case $distro in
debian|ubuntu)
log=$(mktemp)
cd /a/opt
wget -N https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
set +e
s dpkg -i google-chrome-stable_current_amd64.deb &> $log
code=$?
set -e
case $code in
1)
if grep '^dpkg: dependency problems prevent configuration of' \
$log &>/dev/null; then
s apt-get -fy install
else
exit 1
fi
;;
0) : ;;
*) exit $code
esac
;;
arch)
pi google-chrome
;;
esac
;;
esac
# printer
case $distro in
arch)
pi cups ghostscript gsfonts # from arch wiki cups page
pi hplip # from google
s gpasswd -a $USER sys # from arch wiki
sgo org.cups.cupsd.service
# goto http://127.0.0.1:631
# administration tab, add new printer button.
# In debian, I could use hte recommended driver,
# in arch, I had to pick out the 6L driver.
;;
debian|ubuntu)
spa hplip
;;
# other distros unknown
esac
case $distro in
ubuntu|debian) pi --no-install-recommends mairix notmuch ;;
fedora|arch) spa mairix notmuch ;;
esac
case $distro in
arch) spa nfs-utils ;;
ubuntu|debian) spa nfs-client ;;
esac
case $distro in
ubuntu|debian) spa par2 ;;
arch|fedora) spa par2cmdline ;;
esac
# needed for my tex resume
case $distro in
ubuntu|debian) spa texlive-full ;;
arch) spa texlive-most ;;
# fedora unknown
esac
case $distro in
ubuntu)
# flash, unrar, codecs, ms fonts.
# This has a manual prompt.
spa ubuntu-restricted-extras
;;
fedora)
pi yum-utils
# rpm fusion recommended codecs
s su -c "yum localinstall -y --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm"
pi gstreamer-plugins-ugly gstreamer-plugins-bad gstreamer-ffmpeg\
xine-lib-extras-freeworld
;;
esac
case $distro in
# optional dep for firefox for h.264 video
arch) spa gst-libav ;;
# other distros, probably come by default
esac
case $distro in
fedora|ubuntu|debian) spa gnupg-agent ;;
arch) : ;;
esac
case $distro in
fedora) spa pinentry-gtk ;;
*) : ;; # comes default or with other packages
esac
case $distro in
arch) spa firefox pulseaudio;;
*) : ;; # comes default or with other packages
esac
case $distro in
arch) spa ttf-dejavu;;
debian|ubuntu) spa fonts-dejavu ;;
# others unknown
esac
case $distro in
arch) spa xorg-xev;;
debian|ubuntu) spa x11-utils ;;
# others unknown
esac
case $distro in
arch) pi virt-install;;&
debian|ubuntu) pi virtinst ;;&
*) pi virt-manager ;; # creates the libvirt group in debian at least
# others unknown
esac
# allow user to run vms, from debian handbook
for x in ian traci; do s usermod -a -G libvirt,kvm $x; done
# bridge networking as user fails. google lead here, but it doesn't work:
# oh well, I give up.
# http://wiki.qemu.org/Features-Done/HelperNetworking
# s mkdir /etc/qemu
# f=/etc/qemu/bridge.conf
# s dd of=$f <<'EOF'
# allow br0
# EOF
# #s chown root:qemu $f # debian has somethig like qemu-libvirt. equivalent?
# s chmod 640 $f
case $distro in
arch) spa cdrkit;;
debian|ubuntu) spa genisoimage;;
# others unknown
esac
case $distro in
arch) spa spice-gtk3 ;;
debian|ubuntu) spa spice-client-gtk;;
# others unknown
esac
# general known for debian/ubuntu, not for fedora
case $distro in
arch)
# cdrkit for cloud-init isos
# dnsmasq & ebtables for nat networking in libvirt
# qemu for qemu-img, bind-tools for dig
# dmidecode just because syslog complains
pi unzip xorg-xmodmap dmidecode ebtables\
bridge-utils dnsmasq qemu bind-tools
# otherwise we get error about accessing kvm module.
# seems like there might be a better way, but google was a bit vague.
s sed -ri '/^ *user *=/d' /etc/libvirt/qemu.conf
echo 'user = "root"' | s tee -a /etc/libvirt/qemu.conf
# https://bbs.archlinux.org/viewtopic.php?id=206206
# # this should prolly go in the wiki
sgo virtlogd.socket
# guessing this is not needed
#sgo virtlogd.service
sgo libvirtd
;;
esac
case $distro in
arch) pi virtviewer ;;
*) : ;; # other distros have it as a dependency afaik.
esac
case $distro in
fedora) cabal install shellcheck ;;
*) spa shellcheck ;;
# unknown for older ubuntu
esac
case $distro in
arch|debian|ubuntu) spa pumpa ;;
# others unknown. do have a buildscript:
# /a/bin/buildscripts/pumpa ;;
esac
case $distro in
debian|ubuntu) spa android-tools-adb/unstable ;;
arch) spa android-tools ;;
# other distros unknown
esac
case $distro in
debian)
if [[ `debian-archive` == testing ]]; then
# has no unstable dependencies
spa bitcoin-qt/unstable
fi
;;
# other distros unknown
esac
# proprietary flash. going without for now
# case $distro in
# debian)
# pi flashplugin-nonfree
# esac
case $distro in
fedora)
cd $(mktemp -d)
wget http://tamacom.com/global/global-6.3.2.tar.gz
ex global*
cd global-6.3.2
# based on https://github.com/leoliu/ggtags
./configure --with-exuberant-ctags=/usr/bin/ctags
make
s make install
s pip install pygments
;;
*)
pi global
;;&
arch)
pi python2-pygments
;;
debian|ubuntu)
pi python-pygments
;;
esac
case $distro in
debian)
pi task-cinnamon-desktop
# in settings, change scrolling to two-finger,
# because the default edge scroll doesn\'t work.
pu transmission-gtk
;;
# others unknown
esac
case $distro in
arch) spa apg ;;
# already in debian jessie
esac
# note this failed running at the beginning of this file,
# because no systemd user instance was running.
# Doing systemd --user resulted in
# Trying to run as user instance, but $XDG_RUNTIME_DIR is not set
case $distro in
# ubuntu unknown. probably the same as debian, just check if the
# init scripts come with the package.
debian)
# copied from arch, but moved to etc
s dd of=/etc/systemd/user/synergys.service <<'EOF'
[Unit]
Description=Synergy Server Daemon
After=network.target
[Service]
User=%i
ExecStart=/usr/bin/synergys --no-daemon --config /etc/synergy.conf
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
s dd of=/etc/systemd/user/synergys.socket <<'EOF'
[Unit]
Conflicts=synergys@.service
[Socket]
ListenStream=24800
Accept=false
[Install]
WantedBy=sockets.target
EOF
;;&
*)
pi synergy
# taken from arch wiki.
s dd of=/etc/systemd/system/synergyc@.service <<'EOF'
[Unit]
Description=Synergy Client
After=network.target
[Service]
User=%i
ExecStart=/usr/bin/synergyc --no-daemon treetowl
Restart=on-failure
# per man systemd.unit, StartLimitInterval, by default we
# restart more than 5 times in 10 seconds.
# And this param defaults too 200 miliseconds.
RestartSec=3s
[Install]
WantedBy=multi-user.target
EOF
case $HOSTNAME in
frodo)
ser enable synergyc@ian
ser start synergyc@ian ||: # X might not be running yet
systemctl --user start synergys ||:
systemctl --user enable synergys
;;
treetowl) systemctl --user enable synergys ;;
esac
;;
esac
######### end misc packages #########
# packages I once used before and liked, but don't want installed now for
# various reasons:
# python-sqlite is used for offlineimap
# lxappearance python-sqlite dolphin paman dconf-editor
######## unfinished
# todo, finish configuring smart.
pi smartmontools
# mostly from https://wiki.archlinux.org/index.php/S.M.A.R.T.
# turn on smart. background on options:
# first line, -a = test everyting on all devices.
# -S on, turn on disk internal saving of vendor specific info,
# from google, seems like this is usually already on and fairly standard.
# -o on, turn on 4 hour period non-performance degrading testing.
# short test daily 2-3am, extended tests Saturdays between 3-4am:
sched="-s (S/../.././02|L/../../6/03)"
s sed -i "s#^[[:space:]]*DEVICESCAN.*#\
DEVICESCAN -a -o on -S on -n standby,q $sched\
-m ian@iankelling.org -M exec /usr/local/bin/smart-notify#" /etc/smartd.conf
# in the default configuration of at least ubuntu 14.04, resolvconf is
# configured to order any nameservers associated with tun* or tap*
# before the normal internet interfaces, which means they are always
# consulted first. This is often slower and undesirable, ie. local dns
# queries go from 0ms to 10+ or 100+ ms. To reverse the ordering, you
# can do:
#sudo sed -i '/tun\*\|tap\*/d' /etc/resolvconf/interface-order
# however, this breaks dns lookup for hosts on the openvpn lan.
# I can\'t figure out why hosts on the normal lan would not be
# broken under the default ordering, except the host I was
# testing with previously had an entry in /etc/hosts.
############# end unfinished
########### misc stuff
case $distro in
debian|ubuntu)
case `debian-archive` in
stable)
s dd of=/etc/apt/preferences.d/unison-gtk <<'EOF'
Explanation: Allow unison-gtk to be upgraded
Package: unison-gtk
Pin: release a=unstable
Pin-Priority: 500
EOF
# dont think using testing is needed since I figured out how to
# deal with mismatching unison compilers, but I dont
# see any reason to revert it, since it only installs
# a single package which is primarily a single binary
pi unison-gtk/testing unison/testing
;;
testing)
piunison unison-gtk
;;
esac
;;
arch)
pi unison gtk2
;;
esac
case $distro in
arch)
# default is alsa, doesn\'t work with with pianobar
s dd of=/etc/libao.conf <<'EOF'
default_driver=pulse
EOF
;;
esac
# not using it atm, and for jessie, it depends on a higher version of btrfs-tools
# case $distro in
# arch|debian|ubuntu) pi btrbk ;;
# # others unknown
# esac
if [[ $HOSTNAME == treetowl ]] && [[ `debian-archive` != testing ]]; then
# fail2 ban is broken, with a workaround, per
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770171
# ill wait a while to see if it gets fixed
pi fail2ban
sgo fail2ban
fi
case $distro in
debian|ubuntu) s gpasswd -a ian adm ;; #needed for reading logs
esac
# tor
case $distro in
# based on
# https://www.torproject.org/docs/rpms.html.en
# https://www.torproject.org/docs/debian.html.en
# todo: figure out if the running service needs to be restarted upon updates
# todo on fedora: setup non-dev packages
fedora)
s dd of=/etc/yum.repos.d/torproject.repo <<'EOF'
[tor]
name=Tor experimental repo
enabled=1
baseurl=http://deb.torproject.org/torproject.org/rpm/tor-testing/fc/20/$basearch/
gpgcheck=1
gpgkey=http://deb.torproject.org/torproject.org/rpm/RPM-GPG-KEY-torproject.org.asc
[tor-source]
name=Tor experimental source repo
enabled=1
autorefresh=0
baseurl=http://deb.torproject.org/torproject.org/rpm/tor-testing/fc/20/SRPMS
gpgcheck=1
gpgkey=http://deb.torproject.org/torproject.org/rpm/RPM-GPG-KEY-torproject.org.asc
EOF
# to be secure, take a look at the fingerprint reported from the following install, and see if it matches from the link above:
# 3B9E EEB9 7B1E 827B CF0A 0D96 8AF5 653C 5AC0 01F1
sgo tor
/a/bin/buildscripts/tor-browser
;;
ubuntu)
tu /etc/apt/sources.list "deb http://deb.torproject.org/torproject.org $(debian-codename) main"
gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
p update
pi deb.torproject.org-keyring
pi tor
/a/bin/buildscripts/tor-browser
;;
debian)
pi tor
/a/bin/buildscripts/tor-browser
;;
arch)
pi tor tor-browser-en
sgo tor
;;
# ubuntu unknown
esac
# nfs server
case $distro in
fedora)
end_msg <<'EOF'
fedora todo: disable the firewall or find a way to automate it.
there's an unused section in t.org for tramikssion firewall setup
fedora manual config for nfs:
s firewall-config
change to permanent configuration
check the box for nfs
was hard to figure this out, not sure if this is all needed, but
unblock these too
mountd: udp/tcp 20048
portmapper, in firewall-config its called rpc-bind: udp/tcp 111
troubleshooting, unblock things in rpcinfo -p
make sure to reload the firewall to load the persistent configuration
EOF
pi nfs-utils
sgo nfs-server
;;
debian|ubuntu)
pi nfs-server
;;
arch)
pi nfs-utils || pending_reboot=true
sgo rpcbind
# this failed until I rebooted
sgo nfs-server
;;
esac
if [[ $HOSTNAME == frodo ]]; then
tu /etc/exports <<'EOF'
/k 192.168.1.0/24(rw,nohide,no_subtree_check,insecure)
EOF
s exportfs -rav
fi
if [[ -e /k/video ]]; then
# nohide = export filesystems mounted deeper than the export point
# fsid=0 makes this export the "root" export
# not documented in the man page, but this means
# 1. it can be mounted with a shorthand of server:/
# 2. exports that are subdirectories of this one will automatically be mounted
tu /etc/exports '/i/video 192.168.1.0/24(rw,fsid=0,nohide,no_root_squash,async,no_subtree_check,insecure)'
s exportfs -rav
showmount -e localhost
fi
e "$end_msg_var"
# persistent virtual machines
case $distro in
debian|ubuntu)
pi libosinfo-bin;
;;
esac
# distro may not know about win 10 yet.
variant=win7
if ! virt-install --os-variant list &>/dev/null; then # we are using a newer virt-install
for v in 10 8.1 8; do
if osinfo-query os | gr "^\s*win${v/./\\.}\s" &>/dev/null; then
variant=win$v
break
fi
done
fi
if ! s virsh list --all --name | grep -xF win10 &>/dev/null; then
# created account with
# win10vmian@outlook.com, and easy to remember password
# win 10 virtio, makes disk way way way faster
# wget https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/latest-virtio/virtio-win.iso
# https://wiki.archlinux.org/index.php/QEMU#Change_Existing_Windows_VM_to_use_virtio
# for installing virtio after initial install instead of with initial iso:
# qemu-img create -f qcow2 fake.qcow2 1G
# --disk=/a/images/virtio-win.iso,device=cdrom \
# --disk=/a/images/fake.qcow2,bus=virtio
# Also,
# went to device manager, saw 2 pci devices with yellow !,
# did search for drivers, pick cdrom location, done.
#
# from http://www.tenforums.com/tutorials/4189-fast-startup-turn-off-windows-10-a.html.
# google said there was a control panel option for it, but
# that turned out to be a lie.
# Put this in a .bat file and run as administrator to turn off
# hyberboot which fucks things up.
# REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power" /V HiberbootEnabled /T REG_dWORD /D 0 /F
# power settings, turn off display: never
# run "control userpasswords2", turn on automatic login.
# note: when changing devices, I just undefine, the create the vm again.
s virt-install --noautoconsole --graphics spice,listen=0.0.0.0 \
--disk=/a/images/win10.qcow2,bus=virtio --vcpus 2 -r 4096 -w bridge=br0 \
-n win10 --import --os-variant $variant --cpu host-model-only
s virsh destroy win10
# this one hasn\'t had the virtio fix done yet.
s virt-install --noautoconsole --graphics spice,listen=0.0.0.0 \
--disk=/a/images/win7.qcow2 --vcpus 2 -r 4096 -w bridge=br0 \
-n win7 --import --os-variant win7 --cpu host-model-only
s virsh destroy win7
# had a problem with --cpu host, so trying out
# --cpu host-model-only
fi
pi samba
# note samba re-reads it's config every 1 minute
case $distro in
arch) s cp /etc/samba/smb.conf.default /etc/samba/smb.conf ;;
esac
# add 2 lines after workgroup option
s sed -ri '/^\s*encrypt passwords\s*=/d' /etc/samba/smb.conf
s sed -ri '/^\s*map to guest\s*=/d' /etc/samba/smb.conf
s sed -i 's/\(\s*workgroup\s*=\).*/\1 WORKGROUP\n\tencrypt passwords = yes\n\tmap to guest = bad password/' /etc/samba/smb.conf
# remove default homes section. not sharing that.
s sed -ri '/^\s*\[homes\]/,/\s*\[/d' /etc/samba/smb.conf
if ! grep -xF '[public]' /etc/samba/smb.conf &>/dev/null; then
s tee -a /etc/samba/smb.conf <<'EOF'
[public]
guest ok = yes
read only = no
path = /kfrodo
EOF
fi
case $distro in
debian|ubuntu)
# systemd claims it generates units from /etc/init.d, but it clearly doesn't
# in debian. I have no idea how they are related. fuck debian right now. It's
# not documented. samba has a systemd init file linked to /dev/null.
# There's this https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769714 which
# claims samba's sub-services will be started automatically by systemd... it
# didn't on install, wonder if it will on boot. It clued me in how to start
# it manually though. Nothing in /usr/share/doc/samba, debian admin guide
# says nothing about any of this. (this is in debian testing as of 4/2016).
s /etc/init.d/samba start
;;
arch)
sgo samba
;;
esac
tu /etc/hosts <<< "127.0.1.1 $(hostname).lan $(hostname)"
rootdev=$(mount | sed -rn 's#^(\S+) on / .*#\1#p')
s mkdir /mnt/root
tu /etc/fstab <<< "$rootdev /mnt/root btrfs noatime,subvolid=0 0 0"
mountpoint /mnt/root || s mount /mnt/root
idev=$(mount | sed -rn 's#^(\S+) on /i .*#\1#p')
if [[ $idev != $rootdev ]]; then
s mkdir /mnt/iroot
tu /etc/fstab <<< "$idev /mnt/iroot btrfs noatime,subvolid=0 0 0"
mountpoint /mnt/iroot || s mount /mnt/iroot
fi
######### begin stuff belonging at the end ##########
# Apps we want to override others for default file handler:
# simplest way in debian is to just install them last.
simple_packages+=(
mpv
)
case $distro in
ubuntu|debian)
spa spacefm-gtk3 ;;
arch)
spa spacefm ;;
esac
pi "${simple_packages[@]}"
if $pending_reboot; then
echo "$0: pending reboot and then finished. doing it now."
s reboot now
else
echo "$0: $(date): ending now)"
fi