;;
esac
-
# disable motd junk.
case $distro in
debian)
# docker eats up a fair amount of cpu when doing nothing, so don't enable it unless
# we really need it.
pi-nostart docker-ce
+ # and docker is even more crap, it ignores that it shouldnt start
+ ser stop docker
+ ser disable docker
case $HOSTNAME in
li|lj) sgo docker ;;
esac
;;
esac
+pi ${p1[@]}
+
# website setup
case $HOSTNAME in
lj|li)
########### end section including li/lj ###############
-pi ${p4[@]} $(apt-cache search ruby[.0-9]+-doc| awk '{print $1}')
+# depends gcc is a way to install suggests. this is apparently the only
+# way to install suggests even if the main package is already
+# installed. reinstall doesn't work, uninstalling can cause removing
+# dependent packages.
+pi ${pall[@]} $(apt-cache search ruby[.0-9]+-doc| awk '{print $1}') $(apt-cache depends gcc|grep -i suggests:| awk '{print $2}')
+sgo fsf-vpn-dns-cleanup
case $distro in
trisquel|ubuntu)
# s cp -r --parents /etc/openvpn/easy-rsa/keys /p/c/filesystem
# s chown -R 1000:1000 /p/c/filesystem/etc/openvpn/easy-rsa/keys
# # kw = kgpe work machine.
-# for host in x2 kw; do
+# for host in x2 x3 kw; do
# vpn-mk-client-cert -b $host -n home b8.nz 1196
# dir=/p/c/machine_specific/$host/filesystem/etc/openvpn/client
# mkdir -p $dir
case $distro in
debian|trisquel|ubuntu)
- # suggests because we want the resolvconf package. however, i install it earlier
- # as well, so this is redundant.
+ # suggests resolvconf package. installing it here is redundant, but make sure anyways.
# todo: check other distros to make sure it\'s installed
- pi-nostart --install-suggests openvpn
+ pi-nostart openvpn resolvconf
# pi-nostart does not disable
ser disable openvpn
;;
case $(debian-codename) in
# needed for debootstrap scripts for fai since fai requires debian
flidas)
+ curl http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg | s apt-key add -
s dd of=/etc/apt/preferences.d/flidas-xenial <<EOF
Package: *
Pin: release a=xenial
Package: *
Pin: release a=xenial-updates
Pin-Priority: -100
+
+Package: *
+Pin: release a=xenial-security
+Pin-Priority: -100
EOF
s dd of=/etc/apt/sources.list.d/xenial.list 2>/dev/null <<EOF
deb http://us.archive.ubuntu.com/ubuntu/ xenial main
deb http://us.archive.ubuntu.com/ubuntu/ xenial-updates main
+deb http://us.archive.ubuntu.com/ubuntu/ xenial-security main
EOF
- curl http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg | s apt-key add -
+
+ s apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 3B4FE6ACC0B21F32
+ s dd of=/etc/apt/preferences.d/flidas-bionic <<EOF
+Package: *
+Pin: release a=bionic
+Pin-Priority: -100
+
+Package: *
+Pin: release a=bionic-updates
+Pin-Priority: -100
+
+Package: *
+Pin: release a=bionic-security
+Pin-Priority: -100
+EOF
+
+ # better to run btrfs-progs which matches our kernel version
+ # (note, renamed from btrfs-tools)
+ s dd of=/etc/apt/preferences.d/btrfs-progs <<EOF
+Package: btrfs-progs libzstd1
+Pin: release a=bionic
+Pin-Priority: 1005
+
+Package: *
+Pin: release a=bionic-updates
+Pin-Priority: 1005
+
+Package: *
+Pin: release a=bionic-security
+Pin-Priority: 1005
+EOF
+
+
+ # this will be needed if we want to pin something, generally useful for investigating
+ s dd of=/etc/apt/sources.list.d/bionic.list 2>/dev/null <<EOF
+deb http://us.archive.ubuntu.com/ubuntu/ bionic main
+deb http://us.archive.ubuntu.com/ubuntu/ bionic-updates main
+deb http://us.archive.ubuntu.com/ubuntu/ bionic-security main
+EOF
+
+
p update
+ pi btrfs-progs
+
t=$(mktemp -d)
cd $t
- s dd of=/etc/apt/preferences.d/flidas-xenial <<EOF
-Package: debootstrap
-Pin: release a=xenial
-Pin-Priority: 1001
-
-Package: debootstrap
-Pin: release a=xenial-updates
-Pin-Priority: 1001
-EOF
- aptitude download debootstrap
+ aptitude download debootstrap/xenial
ex *
ex data.tar.gz
s cp ./usr/share/debootstrap/scripts/* /usr/share/debootstrap/scripts
# EOF
# s systemctl daemon-reload
# case $HOSTNAME in
-# x2|tp)
+# x2|x3|tp)
# ser enable synergyc@iank
# ser start synergyc@iank ||: # X might not be running yet
# ;;