# for ziva
#p install --no-install-recommends minetest/buster libleveldb1d/buster libncursesw6/buster libtinfo6/buster
doupdate=false
+ # shellcheck disable=SC2043 # in case we want more than 1 in the loop later.
for n in bullseye; do
f=/etc/apt/sources.list.d/$n.list
t=$(mktemp)
deb http://us.archive.ubuntu.com/ubuntu/ focal-security main universe
EOF
if ! diff -q $t $f; then
- sudo dd if=$t of=$f 2>/dev/null
+ sudo dd if=$t of=$f status=none
p update
fi
deb-src http://mirror.fsf.org/trisquel/ nabia-backports main
EOF
if ! diff -q $t $f; then
- sudo dd if=$t of=$f 2>/dev/null
+ sudo dd if=$t of=$f status=none
p update
fi
deb-src http://mirror.fsf.org/trisquel/ aramo-backports main
EOF
if ! diff -q $t $f; then
- sudo dd if=$t of=$f 2>/dev/null
+ sudo dd if=$t of=$f status=none
p update
fi
client-to-client
EOF
- # sullivan d8
- sd /etc/openvpn/client-config-hole/sd8 <<'EOF'
-ifconfig-push 10.5.5.41 255.255.255.0
-EOF
- # hsieh d8
- sd /etc/openvpn/client-config-hole/hd8 <<'EOF'
-ifconfig-push 10.5.5.42 255.255.255.0
-EOF
-
- sd /etc/openvpn/client-config-hole/onep9 <<'EOF'
-ifconfig-push 10.5.5.14 255.255.255.0
+ sd /etc/openvpn/client-config-hole/kd <<'EOF'
+ifconfig-push 10.5.5.2 255.255.255.0
EOF
- sd /etc/openvpn/client-config-hole/bo <<'EOF'
-ifconfig-push 10.5.5.13 255.255.255.0
+ sd /etc/openvpn/client-config-hole/tp <<'EOF'
+ifconfig-push 10.5.5.3 255.255.255.0
EOF
- sd /etc/openvpn/client-config-hole/sy <<'EOF'
-ifconfig-push 10.5.5.12 255.255.255.0
+ sd /etc/openvpn/client-config-hole/frodo <<'EOF'
+ifconfig-push 10.5.5.5 255.255.255.0
EOF
- sd /etc/openvpn/client-config-hole/kw <<'EOF'
-ifconfig-push 10.5.5.9 255.255.255.0
+ sd /etc/openvpn/client-config-hole/x2 <<'EOF'
+ifconfig-push 10.5.5.7 255.255.255.0
EOF
sd /etc/openvpn/client-config-hole/x3 <<'EOF'
ifconfig-push 10.5.5.8 255.255.255.0
EOF
- sd /etc/openvpn/client-config-hole/x2 <<'EOF'
-ifconfig-push 10.5.5.7 255.255.255.0
-EOF
- sd /etc/openvpn/client-config-hole/wclient <<'EOF'
-ifconfig-push 10.5.5.6 255.255.255.0
+ sd /etc/openvpn/client-config-hole/kw <<'EOF'
+ifconfig-push 10.5.5.9 255.255.255.0
EOF
- sd /etc/openvpn/client-config-hole/frodo <<'EOF'
-ifconfig-push 10.5.5.5 255.255.255.0
+ sd /etc/openvpn/client-config-hole/sy <<'EOF'
+ifconfig-push 10.5.5.12 255.255.255.0
EOF
- sd /etc/openvpn/client-config-hole/amy <<'EOF'
-ifconfig-push 10.5.5.3 255.255.255.0
+ sd /etc/openvpn/client-config-hole/bo <<'EOF'
+ifconfig-push 10.5.5.13 255.255.255.0
EOF
- sd /etc/openvpn/client-config-hole/kd <<'EOF'
-ifconfig-push 10.5.5.2 255.255.255.0
+ sd /etc/openvpn/client-config-hole/onep9 <<'EOF'
+ifconfig-push 10.5.5.14 255.255.255.0
EOF
+ # todo: add x8?
- # for adding to current system:
- #vpn-mk-client-cert -s "" -n hole 72.14.176.105
- # adding to remove system 107,
- #vpn-mk-client-cert -s "" -n hole -c 10.2.0.107 -b hd8 iankelling.org
+
+ # for adding cert to system with /p
+ #
+ # host=frodo
+ #mkc /p/c/machine_specific/$host/filesystem/etc/openvpn/client
+ #vpn-mk-client-cert -b $host -n hole -r iankelling.org
+ #s chown -R iank:iank .
+ #
+ # example of adding to remote system 107,
+ # vpn-mk-client-cert -n hole -c 10.2.0.107 -b hd8 iankelling.org
#
- # for wireguard hole vpn
+ # for wireguard hole vpn, use function:
# wghole
# requested from linode via a support ticket.
# way to install suggests even if the main package is already
# installed. reinstall doesn't work, uninstalling can cause removing
# dependent packages.
+# shellcheck disable=SC2046 # word splitting is intended
pi ${pall[@]} $(apt-cache search ruby[.0-9]+-doc| awk '{print $1}') $($src/distro-pkgs)
# schroot service will restart schroot sessions after reboot.
# esac
-### begin home vpn server setup
-
-
-# # this section done initially to make persistent keys.
-# # Also note, I temporarily set /etc/hosts so my host was
-# # b8.nz when running this, since the vpn client config
-# # generator assumes we need to go to that server to get
-# # server keys.
-# vpn-server-setup -rds
-# s cp -r --parents /etc/openvpn/easy-rsa/keys /p/c/filesystem
-# s chown -R 1000:1000 /p/c/filesystem/etc/openvpn/easy-rsa/keys
-# # kw = kgpe work machine.
-# for host in x2 x3 kw; do
-# vpn-mk-client-cert -b $host -n home b8.nz 1196
-# dir=/p/c/machine_specific/$host/filesystem/etc/openvpn/client
-# mkdir -p $dir
-# s bash -c "cp /etc/openvpn/client/home* $dir"
-# # note: /etc/update-resolv-conf-home also exists for all systems with /p
-# done
-
-# key already exists, so this won't generate one, just the configs.
-# m vpn-server-setup -rds
-# sudo tee -a /etc/openvpn/server/server.conf <<'EOF'
-# push "dhcp-option DNS 10.0.0.1"
-# push "route 10.0.0.0 255.255.0.0"
-# client-connect /a/bin/distro-setup/vpn-client-connect
-# EOF
-# sudo sed -i --follow-symlinks 's/10.8./10.9./g;s/^\s*port\s.*/port 1196/' /etc/openvpn/server/server.conf
-
-# if [[ $HOSTNAME == tp ]]; then
-# if [[ -e /lib/systemd/system/openvpn-server@.service ]]; then
-# vpn_service=openvpn-server@server
-# else
-# vpn_service=openvpn@server
-# fi
-# sgo $vpn_service
-# fi
-### end vpn server setup
-
##### rss2email
if mountpoint /p &>/dev/null; then
# note, see bashrc for more documentation.
sgo openvpn-client@hole
fi
-if [[ $HOSTNAME == frodo ]]; then
- vpn-mk-client-cert -b frodo -n hole iankelling.org
-fi
-
############# begin syncthing setup ###########
case $HOSTNAME in
kd|frodo)
;;
esac
-mkdir -p $tdir
+sudo mkdir -p $tdir
# adapted from /var/lib/dpkg/info/transmission-daemon.postinst
# 450 seems likely to be unused. we need to specify one or else
f=$tdir/transmission-daemon
for d in $tdir/partial-torrents $tdir/torrents $f; do
if [[ ! -d $d ]]; then
- mkdir $d
+ sudo mkdir -p $d
fi
sudo chown -R debian-transmission:user2 $d
done
# general known for debian/ubuntu, not for fedora
m /a/bin/buildscripts/go
-m /a/bin/buildscripts/rust
+# only needed for rg. cargo takes up 11 gigs, filled up the disk on je.
+#m /a/bin/buildscripts/rust
m /a/bin/buildscripts/misc
m /a/bin/buildscripts/pithosfly
#m /a/bin/buildscripts/alacritty
rm -fv /home/iank/.mpv/watch_later
rm -rf /home/iank/.mpv
-
-if [[ $HOSTNAME != frodo ]]; then
- # remove. i moved this into dns
- echo | s cedit hole /etc/hosts ||:
-fi
-
if [[ ! -e ~/.local/bin/pip ]]; then
tmp=$(mktemp)
wget -O$tmp https://bootstrap.pypa.io/get-pip.py
hash -r
fi
+## begin beets
+# soo, apt install beets fails due to wanting a pip package,
+# we find out why it wants this through
+# apt-cache depends --recurse --no-recommends --no-suggests --no-conflicts --no-breaks --no-replaces --no-enhances beets | less
+# python-mediafile requires tox, which requires virtualenv, which requires pip.
+# but, python-mediafile doesn't really require tox, it is specified in
+# ./usr/lib/python3/dist-packages/mediafile-0.9.0.dist-info/METADATA
+# as being required only for testing, but the debian package
+# included it anyways, due to a mistake or bad tooling or something.
+# I don't plan to use tox, so, according to https://serverfault.com/a/251091,
+# we can create and install a dummy package by:
+#
+# "equivs-control <name>, edit the file produced to provide the right
+# dependency and have a nice name, then run equivs-build <name> and
+# finally dpkg -i the resulting .deb file"
+# as of 2023-02, the tox dependency was removed in debian unstable, so
+# this hack will probably go away in t12.
+
+if pcheck beets; then
+ tmpdir="$(mktemp -d)"
+ cd "$tmpdir"
+ # edited from output of equivs-control tox
+ cat >tox <<'EOF'
+Section: python
+Priority: optional
+Standards-Version: 3.9.2
+Package: tox
+Description: tox-dummy
+EOF
+ equivs-build tox
+ sudo dpkg -i tox_1.0_all.deb
+ rm -rf ./tox*
+ pi beets python3-discogs-client
+ cd
+ rm -r "$tmpdir"
+fi
+
+# get rid of annoying message
+s sed -ri "s/^([[:space:]]*ui.print_\('Playing)/#\1/" /usr/share/beets/beetsplug/play.py
+
+
# notes about barrier
# run barrier, do the gui config,
# setup the 2 screens, using hostnames for the new screen.
pi desktop-file-utils
m /a/bin/distro-setup/mymimes
-
-# stop autopoping windows when i plug in an android phone.
-# dbus-launch makes this work within an ssh connection, otherwise you get this message,
-# with still 0 exit code.
-# dconf-WARNING **: failed to commit changes to dconf: Cannot autolaunch D-Bus without X11 $DISPLAY
-m dbus-launch gsettings set org.gnome.desktop.media-handling automount-open false
-
+if type -p dbus-launch >/dev/null; then
+ # stop autopoping windows when i plug in an android phone.
+ # dbus-launch makes this work within an ssh connection, otherwise you get this message,
+ # with still 0 exit code.
+ # dconf-WARNING **: failed to commit changes to dconf: Cannot autolaunch D-Bus without X11 $DISPLAY
+ m dbus-launch gsettings set org.gnome.desktop.media-handling automount-open false
+fi
# on grub upgrade, we get prompts unless we do this
devs=()
### begin prometheus ###
+
+
+pi prometheus-node-exporter-collectors
case $HOSTNAME in
kd)
# Font awesome is needed for the alertmanager ui.
- pi prometheus-alertmanager prometheus prometheus-node-exporter fonts-font-awesome
+ pi prometheus-alertmanager prometheus fonts-font-awesome
/a/bin/buildscripts/prometheus
web-conf -p 9091 -f 9090 - apache2 i.b8.nz <<'EOF'
<Location "/">
ser restart prometheus-alertmanager
fi
+ /a/bin/buildscripts/prom-node-exporter -l
+
for ser in prometheus-node-exporter prometheus-alertmanager prometheus; do
sysd-prom-fail-install $ser
done
;;
*)
- pi prometheus-node-exporter
+ /a/bin/buildscripts/prom-node-exporter
;;
esac
+# cleanup old files. 2023-02
+x=(/var/lib/prometheus/node-exporter/*.premerge)
+if [[ -e ${x[0]} ]]; then
+ s rm /var/lib/prometheus/node-exporter/*
+fi
+
+
case $HOSTNAME in
- # frodo needs upgrade first.
- frodo) : ;;
# todo, for limiting node exporter http,
# either use iptables or, in
# /etc/default/prometheus-node-exporter
sudo install -m 0755 -o root -g root -t /usr/bin /a/opt/bitcoin-23.0/bin/*
sgo bitcoind
sudo usermod -a -G bitcoin iank
- # todo, link in wallet. see
+ if [[ ! $(readlink -f /var/lib/bitcoind/wallets) == /q/wallets ]]; then
+ sudo lnf /q/wallets /var/lib/bitcoind
+ sudo chown -h bitcoin:bitcoin /var/lib/bitcoind/wallets
+ fi
+ # note, there exists
# /a/bin/ds/disabled/bitcoin
;;
esac
### end bitcoin
+case $HOSTNAME in
+ kw|x3)
+ sd /etc/cups/client.conf <<'EOF'
+ServerName printserver0.office.fsf.org
+EOF
+ ;;
+esac
+
end_msg <<'EOF'
In mate settings settings, change scrolling to two-finger,
pi tor
m /a/bin/buildscripts/tor-browser
# one root command needed to install
-s ln -sf /a/opt/tor-browser_en-US/Browser/start-tor-browser /usr/local/bin
+s ln -sf /a/opt/tor-browser/Browser/start-tor-browser /usr/local/bin
# nfs server
iankelling.org / git / distro-setup / blobdiff