xbacklight
xprintidle
xscreensaver
+ xscreensaver-data-extra
+ xscreensaver-gl
+ xscreensaver-gl-extra
)
spa $(apt-cache search ruby[.0-9]+-doc| awk '{print $1}')
;;
### end docker install ####
+### begin certbot install ###
case $distro in
debian)
# note, need python-certbot-nginx for nginx, but it depends on nginx,
else
pi certbot python-certbot-apache
fi
- # make a version of the certbot timer that emails me.
- x=/systemd/system/certbot
- $sed -r -f - /lib$x.timer <<'EOF' |s dd of=/etc${x}mail.timer
-s,^Description.*,\0 mail version,
-EOF
- $sed -r -f - /lib$x.service <<'EOF' |s dd of=/etc${x}mail.service
-s,(ExecStart=)(/usr/bin/certbot),\1/a/bin/log-quiet/sysd-mail-once certbotmail \2 --renew-hook /a/bin/distro-setup/certbot-renew-hook,
-EOF
- ser daemon-reload
- sgo certbotmail.timer
-
;;
trisquel|ubuntu)
# not packaged in xenial or flidas
pi software-properties-common
- s add-apt-repository -y ppa:certbot/certbot
+ # this fails with:
+ #
+ # gpg: key 75BCA694: public key "Launchpad PPA for certbot" imported
+ # gpg: Total number processed: 1
+ # gpg: imported: 1
+ # gpg: no valid OpenPGP data found.
+ # Failed to add key.
+ #
+ # but it seems to work fine, perhaps it's only failing on the second run.
+ s add-apt-repository -y ppa:certbot/certbot ||:
p update
pi python-certbot-apache
;;
# todo: other distros unknown
esac
+# make a version of the certbot timer that emails me.
+x=/systemd/system/certbot
+$sed -r -f - /lib$x.timer <<'EOF' |s dd of=/etc${x}mail.timer
+s,^Description.*,\0 mail version,
+EOF
+$sed -r -f - /lib$x.service <<'EOF' |s dd of=/etc${x}mail.service
+s,(ExecStart=)(/usr/bin/certbot),\1/a/bin/log-quiet/sysd-mail-once certbotmail \2 --renew-hook /a/bin/distro-setup/certbot-renew-hook,
+EOF
+ser daemon-reload
+sgo certbotmail.timer
+### end certbot install ###
+
# dogcam setup
case $HOSTNAME in
esac
+# needed for checkrestart
+if isdeb; then
+ spa debian-goodies
+fi
+
+
+
########### end section including li/lj ###############
case $distro in
esac
-if isdeb; then
- spa debian-goodies
-fi
-
case $distro in
debian)
esac
-
-
### begin home vpn server setup
# vpn-server-setup -rds
# s cp -r --parents /etc/openvpn/easy-rsa/keys /p/c/filesystem
# s chown -R 1000:1000 /p/c/filesystem/etc/openvpn/easy-rsa/keys
+# # kw = kgpe work machine.
# for host in x2 kw; do
-# vpn-mk-client-cert -b $host -n home b8.nz
-# dir=/p/c/machine_specific/$host/filesystem/etc/openvpn/client
-# mkdir -p $dir
-# s bash -c "cp /etc/openvpn/client/home* $dir"
+# vpn-mk-client-cert -b $host -n home b8.nz 1196
+# dir=/p/c/machine_specific/$host/filesystem/etc/openvpn/client
+# mkdir -p $dir
+# s bash -c "cp /etc/openvpn/client/home* $dir"
# # note: /etc/update-resolv-conf-home also exists for all systems with /p
# done
-
+# key already exists, so this won't generate one, just the configs.
vpn-server-setup -rds
s tee -a /etc/openvpn/server/server.conf <<'EOF'
push "dhcp-option DNS 192.168.1.1"
push "route 192.168.1.0 255.255.255.0"
client-connect /a/bin/distro-setup/vpn-client-connect
EOF
-s sed -i --follow-symlinks 's/10.8./10.9./g' /etc/openvpn/server/server.conf
+s sed -i --follow-symlinks 's/10.8./10.9./g;s/^\s*port\s.*/port 1196/' /etc/openvpn/server/server.conf
if [[ $HOSTNAME == tp ]]; then
if [[ -e /lib/systemd/system/openvpn-server@.service ]]; then
####### begin misc packages ###########
+if [[ ! -e ~/.linphonerc && -e /p/.linphonerc-initial ]]; then
+ cp /p/.linphonerc-initial ~/.linphonerc
+fi
-### begin spd install
+### begin spd install
pi libswitch-perl libdigest-md5-file-perl libgnupg-interface-perl
t=$(mktemp)
wget -O $t http://mirror.fsf.org/fsfsys-trisquel/fsfsys-trisquel/pool/main/s/spd-perl/spd-perl_0.2-1_amd64.deb
rm $t
# this guesses at the appropriate directory, adjust if needed
x=(/usr/lib/x86_64-linux-gnu/perl/5.*)
-sudo ln -s ../../../perl/5.18.2/SPD/ $x
+sudo ln -sf ../../../perl/5.18.2/SPD/ $x
# newer distro had gpg2 as default, older one, flidas, need to make it that way
x=$(which gpg2)
if [[ $x ]]; then
- lnf -T $x /usr/local/bin/gpg
+ s lnf -T $x /usr/local/bin/gpg
fi
### end spd install
# services on unreachable osts
# hosts in soft state
# services in soft state
-# in display tab: icon in systray.
+# in display tab: fullscreen
+
+# these translate to these settings I think
+# filter_acknowledged_hosts_services = True
+# filter_all_unknown_services = True
+# filter_all_warning_services = True
+# filter_hosts_in_soft_state = True
+# filter_hosts_services_maintenance = True
+# filter_services_in_soft_state = True
+# filter_services_on_down_hosts = True
+# filter_services_on_hosts_in_maintenance = True
+# filter_services_on_unreachable_hosts = True
+# notify_if_up = False
+# statusbar_floating = False
+# fullscreen = True
+# but i'm just going to rely on the webpage plus sms for now.
+
case $distro in
debian|trisquel|ubuntu)
/dev/shm /dev/shm none rw,bind 0 0
/run/shm /run/shm none rw,bind 0 0
/run/user/1000 /run/user/1000 none rw,bind 0 0
+/run/user/1001 /run/user/1001 none rw,bind 0 0
/run/user/0 /run/user/0 none rw,bind 0 0
EOF
cd; s schroot -c $n -- apt-get install --allow-unauthenticated -y ${apps[@]}
fi
s cp -P {,$d}/etc/localtime
-
}
+s dd of=/etc/systemd/system/schrootupdate.service <<'EOF'
+[Unit]
+Description=schrootupdate
+After=multi-user.target
+
+[Service]
+Type=oneshot
+ExecStart=/a/bin/log-quiet/sysd-mail-once schrootupdate /a/bin/distro-setup/schrootupdate
+EOF
+s dd of=/etc/systemd/system/schrootupdate.timer <<'EOF'
+[Unit]
+Description=schrootupdate
+
+[Timer]
+OnCalendar=*-*-* 04:20:00
+
+[Install]
+WantedBy=timers.target
+EOF
+s systemctl daemon-reload
+sgo schrootupdate.timer
+
+
+
# for my roommate
case $distro in
########### misc stuff
+/a/bin/distro-setup/mymimes
# stop autopoping windows when i plug in an android phone.
# dconf-WARNING **: failed to commit changes to dconf: Cannot autolaunch D-Bus without X11 $DISPLAY
dbus-launch gsettings set org.gnome.desktop.media-handling automount-open false
+
+# on grub upgrade, we get prompts unless we do this
devs=()
for dev in $(s btrfs fi show /boot | sed -nr 's#.*path\s+(\S+)$#\1#p'); do
devs+=($(devbyid $dev),)
done
devs[-1]=${devs[-1]%,} # jonied by commas
-
-# on grub upgrade, we get prompts unless we do this
s debconf-set-selections <<EOF
grub-pc grub-pc/install_devices multiselect ${devs[*]}
EOF
+# btrfs maintenance
+sgo btrfsmaint.timer
+sgo btrfsmaintstop.timer
+
# the wiki backup script from ofswiki.org uses generic paths
s lnf /p/c/machine_specific/li/mw_vars /root