########### begin section including vps ################
pi ${p2[@]}
-
conflink
sudo rm -fv
# for ziva
#p install --no-install-recommends minetest/buster libleveldb1d/buster libncursesw6/buster libtinfo6/buster
doupdate=false
+ # shellcheck disable=SC2043 # in case we want more than 1 in the loop later.
for n in bullseye; do
f=/etc/apt/sources.list.d/$n.list
t=$(mktemp)
deb http://us.archive.ubuntu.com/ubuntu/ focal-security main universe
EOF
if ! diff -q $t $f; then
- sudo dd if=$t of=$f 2>/dev/null
+ sudo dd if=$t of=$f status=none
p update
fi
deb-src http://mirror.fsf.org/trisquel/ nabia-backports main
EOF
if ! diff -q $t $f; then
- sudo dd if=$t of=$f 2>/dev/null
+ sudo dd if=$t of=$f status=none
p update
fi
deb-src http://mirror.fsf.org/trisquel/ aramo-backports main
EOF
if ! diff -q $t $f; then
- sudo dd if=$t of=$f 2>/dev/null
+ sudo dd if=$t of=$f status=none
p update
fi
#
# for wireguard hole vpn, use function:
# wghole
+ # eg:
+ # wghole bo 28
+ # if it is going to want to connect to transmission-daemon on ok
+ # wghole bo 28 10.173.0.2/32
# requested from linode via a support ticket.
# https://www.linode.com/docs/networking/an-overview-of-ipv6-on-linode/
end
;;
esac
+
+case $HOSTNAME in
+ bk)
+ pi icecast2
+ # todo, save the config
+ /etc/cron.daily/stream-cert
+ web-conf -c /etc/cert-live.fsf.org -p 443 -f 8000 apache2 live.fsf.org
+ ;;
+esac
+
###### end website setup
########### end section including li/lj ###############
# way to install suggests even if the main package is already
# installed. reinstall doesn't work, uninstalling can cause removing
# dependent packages.
+# shellcheck disable=SC2046 # word splitting is intended
pi ${pall[@]} $(apt-cache search ruby[.0-9]+-doc| awk '{print $1}') $($src/distro-pkgs)
# schroot service will restart schroot sessions after reboot.
######### begin transmission client setup ######
+# to connect from a remote client, trans-remote-route in brc2
+
+
if [[ -e /p/transmission-rpc-pass ]]; then
# arch had a default config,
# debian had nothing until you start it.
# general known for debian/ubuntu, not for fedora
m /a/bin/buildscripts/go
-m /a/bin/buildscripts/rust
+# only needed for rg. cargo takes up 11 gigs, filled up the disk on je.
+#m /a/bin/buildscripts/rust
m /a/bin/buildscripts/misc
m /a/bin/buildscripts/pithosfly
#m /a/bin/buildscripts/alacritty
rm -fv /home/iank/.mpv/watch_later
rm -rf /home/iank/.mpv
-
if [[ ! -e ~/.local/bin/pip ]]; then
tmp=$(mktemp)
wget -O$tmp https://bootstrap.pypa.io/get-pip.py
hash -r
fi
+## begin beets
+# soo, apt install beets fails due to wanting a pip package,
+# we find out why it wants this through
+# apt-cache depends --recurse --no-recommends --no-suggests --no-conflicts --no-breaks --no-replaces --no-enhances beets | less
+# python-mediafile requires tox, which requires virtualenv, which requires pip.
+# but, python-mediafile doesn't really require tox, it is specified in
+# ./usr/lib/python3/dist-packages/mediafile-0.9.0.dist-info/METADATA
+# as being required only for testing, but the debian package
+# included it anyways, due to a mistake or bad tooling or something.
+# I don't plan to use tox, so, according to https://serverfault.com/a/251091,
+# we can create and install a dummy package by:
+#
+# "equivs-control <name>, edit the file produced to provide the right
+# dependency and have a nice name, then run equivs-build <name> and
+# finally dpkg -i the resulting .deb file"
+# as of 2023-02, the tox dependency was removed in debian unstable, so
+# this hack will probably go away in t12.
+
+if pcheck beets; then
+ tmpdir="$(mktemp -d)"
+ cd "$tmpdir"
+ # edited from output of equivs-control tox
+ cat >tox <<'EOF'
+Section: python
+Priority: optional
+Standards-Version: 3.9.2
+Package: tox
+Description: tox-dummy
+EOF
+ equivs-build tox
+ sudo dpkg -i tox_1.0_all.deb
+ rm -rf ./tox*
+ pi beets python3-discogs-client
+ cd
+ rm -r "$tmpdir"
+fi
+
+# get rid of annoying message
+s sed -ri "s/^([[:space:]]*ui.print_\('Playing)/#\1/" /usr/share/beets/beetsplug/play.py
+
+
# notes about barrier
# run barrier, do the gui config,
# setup the 2 screens, using hostnames for the new screen.
if grep -xFq $HOSTNAME /a/bin/ds/machine_specific/btrbk.hosts; then
sgo btrbk.timer
fi
+if [[ $HOSTNAME == kd ]]; then
+ sgo btrbk-spread.timer
+fi
+
# note: to see when it was last run,
# ser list-timers
### begin prometheus ###
+
+
+pi prometheus-node-exporter-collectors
case $HOSTNAME in
kd)
# Font awesome is needed for the alertmanager ui.
- pi prometheus-alertmanager prometheus prometheus-node-exporter fonts-font-awesome
+ pi prometheus-alertmanager prometheus fonts-font-awesome
/a/bin/buildscripts/prometheus
web-conf -p 9091 -f 9090 - apache2 i.b8.nz <<'EOF'
<Location "/">
ser restart prometheus-alertmanager
fi
+ /a/bin/buildscripts/prom-node-exporter -l
+
for ser in prometheus-node-exporter prometheus-alertmanager prometheus; do
sysd-prom-fail-install $ser
done
;;
*)
- pi prometheus-node-exporter
+ /a/bin/buildscripts/prom-node-exporter
;;
esac
+# cleanup old files. 2023-02
+x=(/var/lib/prometheus/node-exporter/*.premerge)
+if [[ -e ${x[0]} ]]; then
+ s rm /var/lib/prometheus/node-exporter/*
+fi
+
+
case $HOSTNAME in
# todo, for limiting node exporter http,
# either use iptables or, in
### begin nagios ###
+pi nagios-nrpe-server
+
case $HOSTNAME in
kd)
- pi nagios4
+ # the backport is for this bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800345
+ pi nagios4 nagios-nrpe-plugin monitoring-plugins-basic/bullseye-backports
s rm -fv /etc/apache2/conf-enabled/nagios4-cgi.conf
# to add a password for admin:
#
AuthDigestDomain "Nagios4"
AuthDigestProvider file
- AuthUserFile "/etc/nagios4/htdigest.users"
+ AuthUserFile "/etc/nagios4-htdigest.users"
AuthGroupFile "/etc/group"
AuthName "Nagios4"
AuthType Digest
# 6 define timeperiod
+
+
### end nagios ###
### begin bitcoin ###
case $HOSTNAME in
- sy)
- f=$dir/bitcoin.conf
- sudo install -m 0755 -o root -g root -t /usr/bin /a/opt/bitcoin-23.0/bin/*
+ sy|kd)
+ sudo install -m 0755 -o root -g root -t /usr/bin /a/opt/bitcoin-24.0.1/bin/*
sgo bitcoind
+ # note: the bitcoin user & group are setup in fai
sudo usermod -a -G bitcoin iank
- # todo, link in wallet. see
+ # todo: make bitcoin have a stable uid/gid
+ if [[ ! $(readlink -f /var/lib/bitcoind/wallets) == /q/wallets ]]; then
+ s lnf /q/wallets /var/lib/bitcoind
+ sudo chown -h bitcoin:bitcoin /var/lib/bitcoind/wallets
+ fi
+ # note, there exists
# /a/bin/ds/disabled/bitcoin
;;
esac
### end bitcoin
+case $HOSTNAME in
+ kw|x3)
+ sd /etc/cups/client.conf <<'EOF'
+ServerName printserver0.office.fsf.org
+EOF
+ ;;
+esac
+
end_msg <<'EOF'
In mate settings settings, change scrolling to two-finger,
iankelling.org / git / distro-setup / blobdiff