### setup
source /a/bin/errhandle/err
-src="$(readlink -f -- "$BASH_SOURCE")"; src=${src%/*} # directory of this file
+src="$(readlink -f -- "${BASH_SOURCE[0]}")"; src=${src%/*} # directory of this file
+# shellcheck source=./pkgs
source $src/pkgs
set -x
simple_packages+=($@)
}
distro=$(distro-name)
+codename=$(debian-codename)
codename_compat=$(debian-codename-compat)
pending_reboot=false
sed="sed --follow-symlinks"
pi ${p1[@]}
##### begin automatic upgrades ####
-# this makes it so we upgrade everything
-s debconf-set-selections <<'EOF'
-unattended-upgrades unattended-upgrades/origins_pattern string "codename=${distro_codename}";
+
+s dd of=/etc/apt/apt.conf.d/10periodic <<'EOF'
+# this file was mostly just comments.
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::AutocleanInterval "7";
+APT::Periodic::Unattended-Upgrade "1";
+EOF
+
+s dd of=/etc/apt/apt.conf.d/50unattended-upgrades <<EOF
+# fyi: default file has comments about available options,
+# you may want to read that.
+Unattended-Upgrade::Mail "root";
+Unattended-Upgrade::MailOnlyOnError "true";
+Unattended-Upgrade::Remove-Unused-Dependencies "true";
+Unattended-Upgrade::Origins-Pattern {
+ # default is just security updates.
+ "origin=*";
+};
EOF
-s dpkg-reconfigure -u -fnoninteractive unattended-upgrades
-# Setup daily reboots, so all unattended upgrades go into affect
-# unattended upgrades happen at 6 am + rand(60 min).
-echo '20 7 * * * root /usr/local/bin/zelous-unattended-reboot' | s dd of=/etc/cron.d/unattended-upgrade-reboot
+# Setup reboots when running outdated stuff, unattended upgrades happen
+# at 6 am + rand(60 min).
+/usr/local/bin/log-once checkrestart
+
+# old names, too verbose
+s rm -f /etc/cron.d/unattended-upgrade-reboot /usr/local/bin/zelous-unattended-reboot
+
+s dd of=/etc/cron.d/myupgrade <<'EOF'
+20 7 * * * root /usr/local/bin/myupgrade | /usr/local/bin/log-once -1 myupgrade
+0 * * * * root /usr/local/bin/mycheckrestart | /usr/local/bin/log-once -1 mycheckrestart
+EOF
##### end automatic upgrades ####
# office is not exposed to internet yet
# s reboot now
# when running docker-compose run, kernel stack traces are printed to the journal.
# things seem to succeed, google says nothing, so ignoring them.
- curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` | s dd of=/usr/local/bin/docker-compose
+ curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-$(uname -s)-$(uname -m) | s dd of=/usr/local/bin/docker-compose
s chmod +x /usr/local/bin/docker-compose
printf "%s=%s\n" $key "$(docker-compose run --rm web rake secret|dos2unix|tail -n1)" >>.env.production
done
found=false
- while read -r domain port pass; do
+ while read -r domain _ pass; do
if [[ $domain == mail.iankelling.org ]]; then
found=true
# remove the username part
# newer version needed for false positive in checkrestart
p install -y --allow-unauthenticated debian-goodies
+ s dd of=/etc/apt/preferences.d/shellcheck <<EOF
+Package: shellcheck
+Pin: release a=etiona
+Pin-Priority: 1005
+
+Package: shellcheck
+Pin: release a=etiona-updates
+Pin-Priority: 1005
+
+Package: shellcheck
+Pin: release a=etiona-security
+Pin-Priority: 1005
+EOF
+
+
;;
esac
# https://apt.syncthing.net/
curl -s https://syncthing.net/release-key.txt | sudo apt-key add -
s="deb http://apt.syncthing.net/ syncthing release"
- if [[ $(cat /etc/apt/sources.list.d/syncthing.list) != $s ]]; then
+ if [[ $(cat /etc/apt/sources.list.d/syncthing.list) != "$s" ]]; then
echo "$s" | s dd of=/etc/apt/sources.list.d/syncthing.list
p update
fi
####### begin misc packages ###########
+case $codename in
+ flidas)
+
+ ;;
+esac
+
+
# sakura config is owned by ian
reset-sakura
reset-konsole
s dpkg -i $t
rm $t
# this guesses at the appropriate directory, adjust if needed
-x=(/usr/lib/x86_64-linux-gnu/perl/5.*)
-sudo ln -sf ../../../perl/5.18.2/SPD/ $x
+perldir=(/usr/lib/x86_64-linux-gnu/perl/5.*)
+sudo ln -sf ../../../perl/5.18.2/SPD/ ${perldir[0]}
# newer distro had gpg2 as default, older one, flidas, need to make it that way
-x=$(which gpg2)
+gpgpath=$(which gpg2)
if [[ $x ]]; then
s mkdir -p /usr/local/spdhackfix
- s lnf -T $x /usr/local/spdhackfix/gpg
+ s lnf -T $gpgpath /usr/local/spdhackfix/gpg
fi
### end spd install
# on grub upgrade, we get prompts unless we do this
devs=()
for dev in $(s btrfs fil show /boot | sed -nr 's#.*path\s+(\S+)$#\1#p'); do
- devs+=($(devbyid $dev),)
+ devs+=("$(devbyid $dev),")
done
devs[-1]=${devs[-1]%,} # jonied by commas
s debconf-set-selections <<EOF