set -x
-distro=$(distro-name)
+end_msg() {
+ local y
+ IFS= read -r -d '' y ||:
+ end_msg_var+="$y"
+}
+distro=$(distro-name)
-is_debian_testing() {
- grep -E '^[^#]debian.*\stesting\s+main\s*$' /etc/apt/sources.list &>/dev/null
-}
# template
case $distro in
duplicity
fail2ban
fdupes
+ filelight
gdb
gnome-screenshot
+ mailutils
meld
mpv
offlineimap
smartmontools
squashfs-tools
tree
+ virt-manager
)
pi "${x[@]}"
case $distro in
arch) pi the_silver_searcher ;;
- # others unknown
+ debian|ubuntu) pi silversearcher-ag ;;
+ # fedora unknown
esac
# printer
# In debian, I could use hte recommended driver,
# in arch, I had to pick out the 6L driver.
;;
+ debian|ubuntu)
+ pi hplip
+ ;;
# other distros unknown
esac
case $distro in
- ubuntu|debian) pi ack-grep nfs-client ;;
+ ubuntu|debian) pi ack-grep ;;
arch|fedora) pi ack ;;
# fedora unknown
esac
ubuntu|debian) pi par2 ;;
arch|fedora) pi par2cmdline ;;
esac
-case $distro in
- arch|fedora) pi unison ;;
- # deb/ubuntu, it depends what version they have.
- # arch and fedora have unison240 and unison-240-compat respectively,
- # but that failed to sync with an ubuntu 12.04 which had unson 2.40,
- # so I installed it manually, but hopefully never have to use it on 12.04 again.
-
- # wget http://caml.inria.fr/pub/distrib/ocaml-4.02/ocaml-4.02.3.tar.gz
- # ./configure
- # make world opt
- # s make install
-
- # wget http://www.seas.upenn.edu/~bcpierce/unison//download/releases/stable/unison-2.48.3.tar.gz
- # make
- # s cp unison /usr/local/bin
-esac
# needed for my tex resume
case $distro in
ubuntu|debian) pi texlive-full ;;
fedora)
pi yum-utils
# rpm fusion recommended codecs
- s su -c 'yum localinstall -y --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm'
+ s su -c "yum localinstall -y --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm"
pi gstreamer-plugins-ugly gstreamer-plugins-bad gstreamer-ffmpeg\
xine-lib-extras-freeworld
;;
esac
+
case $distro in
# optional dep for firefox for h.264 video
arch) pi gst-libav ;;
*) : ;; # comes default or with other packages
esac
-# general others are unknown bucket
+case $distro in
+ arch|debian|ubuntu)
+ pi bash-completion
+ ;;
+ # others unknown
+esac
+
+
+case $distro in
+ arch) pi ttf-dejavu;;
+ debian|ubuntu) pi fonts-dejavu ;;
+ # others unknown
+esac
+
+case $distro in
+ arch|debian|ubuntu) pi ntp;;
+ # others unknown
+esac
+
+case $distro in
+ arch) pi xorg-xev;;
+ debian|ubuntu) pi x11-utils ;;
+ # others unknown
+esac
+
+case $distro in
+ arch) pi virt-install;;
+ debian|ubuntu) pi virtinst ;;
+ # others unknown
+esac
+
+case $distro in
+ arch) pi cdrkit;;
+ debian|ubuntu) pi genisoimage;;
+ # others unknown
+esac
+
+case $distro in
+ arch) pi spice-gtk3 ;;
+ debian|ubuntu) pi spice-client-gtk;;
+ # others unknown
+esac
+
+# general known for debian/ubuntu, not for fedora
case $distro in
arch)
# cdrkit for cloud-init isos
# dnsmasq for nat networking in libvirt
# qemu for qemu-img, bind-tools for dig
- pi ttf-dejavu bash-completion unzip ntp wget xorg-xev xorg-xmodmap \
- virt-install bridge-utils cdrkit dnsmasq qemu spice-gtk3 bind-tools
+ pi unzip wget xorg-xmodmap \
+ bridge-utils dnsmasq qemu bind-tools
sgo ntpd
- s sed -ri '/^ *user *=/d' /etc/libvirt/qemu.conf
# otherwise we get error about accessing kvm module.
# seems like there might be a better way, but google was a bit vague.
+ s sed -ri '/^ *user *=/d' /etc/libvirt/qemu.conf
echo 'user = "root"' | s tee -a /etc/libvirt/qemu.conf
# https://bbs.archlinux.org/viewtopic.php?id=206206
# # this should prolly go in the wiki
esac
+
case $distro in
arch)
# ubuntu 14.04 uses b-cron,
case $distro in
- arch|arch) pi pumpa ;;
- *) /a/bin/buildscripts/pumpa ;;
+ arch|debian|ubuntu) pi pumpa ;;
+ # others unknown. do have a buildscript:
+ # /a/bin/buildscripts/pumpa ;;
esac
case $distro in
- ubuntu) pi android-tools-adb ;;
+ debian|ubuntu) pi android-tools-adb ;;
arch) pi android-tools ;;
# other distros unknown
esac
s pip install pygments
;;
*)
- pi global python2-pygments
+ pi global
+ ;;&
+ arch)
+ pi python2-pygments
+ ;;
+ debian|ubuntu)
+ pi python-pygments
;;
esac
-######### end misc packages #########
+# leave this for last so it doesn't do a bunch of other apps
+# which I want explicitly installed in case I switch DE's
+case $distro in
+ debian)
+ pi task-cinnamon-desktop
+ # in settings, change scrolling to two-finger,
+ # because the default edge scroll doesn\'t work.
+ ;;
+ # others unknown
+esac
+######### end misc packages #########
# packages I once used before and liked, but don't want installed now for
-# various reasons
+# various reasons:
# python-sqlite is used for offlineimap
# lxappearance python-sqlite dolphin paman dconf-editor
+
+
+######## unfinished
+
# todo, finish configuring smart.
# mostly from https://wiki.archlinux.org/index.php/S.M.A.R.T.
# turn on smart. background on options:
# broken under the default ordering, except the host I was
# testing with previously had an entry in /etc/hosts.
+############# end unfinished
case $distro in
arch)
esac
+case $distro in
+ arch|debian|ubuntu) pi btrbk ;;
+ # others unknown
+esac
+
if [[ $HOSTNAME == treetowl ]]; then
- case $distro in
- arch) pi btrbk ;;
- # others unknown
- esac
pi fail2ban
- s systemctl enable fail2ban
- s systemctl start fail2ban
+ sgo fail2ban
fi
# /usr/share/doc/unattended-upgrades# cat README.md
# /etc/apt/apt.conf.d/50unattended-upgrades
if isdebian; then
- pi unattended-upgrade
+ pi unattended-upgrades
s dd of=/etc/apt/apt.conf.d/10periodic <<'EOF'
+# this file was mostly just comments.
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
Unattended-Upgrade::Mail "root";
Unattended-Upgrade::MailOnlyOnError "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
+Unattended-Upgrade::Origins-Pattern {
+# default is just upgrade main and security, not updates.
+EOF
+ if isdebian-testing; then
+ cat <<'EOF'
+# for stable, only do security updates.
+ "origin=Debian,codename=${distro_codename},label=Debian-Security";
EOF
- if ! is_debian_testing; then
cat <<'EOF'
-# default is just upgrade main and security, not updates.
-# If it's not testing, just upgrade everything.
# These are stable packages only getting bugfixes anyways.
-Unattended-Upgrade::Origins-Pattern {
"origin=*";
+EOF
+ cat <<'EOF'
};
EOF
fi
- } >/etc/apt/apt.conf.d/50unattended-upgrades
+ } | s dd of=/etc/apt/apt.conf.d/50unattended-upgrades
+ echo $- > /tmp/x
fi
# but postfix didn't like that
if [[ ! -L /var/spool/postfix ]]; then
ser stop postfix
- s t /q/postfix
+ if [[ -e /q/postfix ]]; then
+ echo "$0: error: /q/postfix exists but not the link to it"
+ fi
s mv /var/spool/postfix /q
s lnf /q/postfix /var/spool
ser start postfix
journalctl -n 20
fi
-# send mail to a better place than /var/mail/ian
-s sed -i '/^root/d' /etc/aliases ||:
-echo "root: $HOSTNAME@bog.mm.st" | s tee -a /etc/aliases
+
+# This also works instead of ~/.forward
+# s sed -i '/^root/d' /etc/aliases ||:
+#echo "root: $HOSTNAME@bog.mm.st" | s tee -a /etc/aliases
# this can't be a symlink and has permission restrictions
# it might work in /etc/aliases, but this seems more proper.
-e "$HOSTNAME@bog.mm.st" > ~/.forward
+
+if s grep amazonaws /etc/postfix/sasl_passwd &>/dev/null; then
+ forward=x@sallymae.club
+else
+ forward=$HOSTNAME@bog.mm.st
+fi
+e $forward > ~/.forward
+e $forward | s tee /root/.forward
s newaliases
+# if I wanted the from address to be renamed and sent to a different address,
+# echo "sdx@localhost development@localhost" | sudo dd of=/etc/postfix/recipient_canonical
+# sudo postmap hash:/etc/postfix/recipient_canonical
+# sudo service postfix reload
+
+
# i'm assuming mail just won't work on systems without the sasl_passwd.
postconfin <<'EOF'
smtp_sasl_auth_enable = yes
-smtp_sasl_password_maps = hash:/q/root/sasl_passwd
+smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = secure
message_size_limit = 20480000
EOF
# ^ I ran into a log file not sending cuz of size. double from 10 to 20 meg limit
+s postmap hash:/etc/postfix/sasl_passwd
# offlineimap uses this too, it is much easier to use one location than to
# condition it's config and postfix's config
case $distro in
*) :
esac
-ser enable postfix
-ser start postfix
+s service postfix reload
+sgo postfix
############ end postfix #######
sgo tor
/a/bin/buildscripts/tor-browser
;;
- debian)
- tu /etc/apt/sources.list 'deb http://deb.torproject.org/torproject.org trusty main'
+ ubuntu)
+ tu /etc/apt/sources.list "deb http://deb.torproject.org/torproject.org $(debian-codename) main"
gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
p update
pi tor
/a/bin/buildscripts/tor-browser
;;
+ debian)
+ pi tor
+ /a/bin/buildscripts/tor-browser
+ ;;
arch)
pi tor tor-browser-en
sgo tor
# nfs server
case $distro in
fedora)
- read -r -d '' fedora_end_msg <<'EOF'
+ end_msg <<'EOF'
fedora todo: disable the firewall or find a way to automate it.
there's an unused section in t.org for tramikssion firewall setup
sgo nfs-server
;;
esac
-# nohide = export filesystems mounted deeper than the export point
-# fsid=0 makes this export the "root" export
-# not documented in the man page, but this means
-# 1. it can be mounted with a shorthand of server:/
-# 2. exports that are subdirectories of this one will automatically be mounted
-tu /etc/exports '/i/video 192.168.1.0/24(rw,fsid=0,nohide,no_root_squash,async,no_subtree_check,insecure)'
-s exportfs -rav
-showmount -e localhost
+if [[ -e /i/video ]]; then
+ # nohide = export filesystems mounted deeper than the export point
+ # fsid=0 makes this export the "root" export
+ # not documented in the man page, but this means
+ # 1. it can be mounted with a shorthand of server:/
+ # 2. exports that are subdirectories of this one will automatically be mounted
+ tu /etc/exports '/i/video 192.168.1.0/24(rw,fsid=0,nohide,no_root_squash,async,no_subtree_check,insecure)'
+ s exportfs -rav
+ showmount -e localhost
+fi
# cron
$f
fi
-
-if [[ ${distro}_end_msg ]]; then
- echo ${distro}_end_msg
-fi
+e "$end_msg_var"