important fixes for new and running systems

diff --git a/brc b/brc
index 2a1a0a79479dd7d2ba76d82beb394fe7bd629b6c..8c662c7a22a62130f51863c8e67f650c17b68242 100644 (file)
--- a/brc
+++ b/brc
@@ -153,7 +153,7 @@ HISTCONTROL=ignoredups
 # works in addition to HISTCONTROL to do more flexible things
 # it could also do the same things as HISTCONTROL and thus replace it,
 # but meh. dunno why, but just " *" does glob expansion, so use [ ] to avoid it.
-HISTIGNORE='pass *:[ ]*:lom '
+HISTIGNORE='pass *:[ ]*:lom*:gram*'
 
 export BC_LINE_LENGTH=0
 
@@ -181,6 +181,11 @@ if [[ -e /a/bin/errhandle/err ]]; then
   source /a/bin/errhandle/err
   err-allow
 fi
+# if someone exported $SOE (stop on error), catch errors
+if [[ $SOE ]]; then
+  err-catch
+fi
+
 path_add /a/exe
 # end just because it seems safer
 path_add --end node_modules/.bin
@@ -1124,9 +1129,12 @@ lld() { ll -d "$@"; }
 lom() {
   local l base
   if [[ $1 == /* ]]; then
+    base=${1##*/}
+    if mountpoint /mnt/$base; then
+      return 0
+    fi
     l=$(sudo losetup -f)
     sudo losetup $l $1
-    base=${1##*/}
     if ! sudo cryptsetup luksOpen $l $base; then
       sudo losetup -d $l
       return 1
@@ -1138,7 +1146,7 @@ lom() {
     base=$1
     sudo umount /mnt/$base
     l=$(sudo cryptsetup status /dev/mapper/$base|sed -rn 's/^\s*device:\s*(.*)/\1/p')
-    sudo cryptsetup luksClose /dev/mapper/$base
+    sudo cryptsetup luksClose /dev/mapper/$base || return 1
     sudo losetup -d $l
   fi
 }
@@ -1488,7 +1496,7 @@ srestart() {
   local service=$1
   if [[ $(s systemctl --no-pager show -p ActiveState $service ) == ActiveState=active ]]; then
     systemctl restart $service
-    fi
+  fi
 }
 serstopnm() {
   ser stop NetworkManager
@@ -2195,11 +2203,6 @@ fi
 unset IFS
 
 
-# if someone exported $SOE, catch errors
-if [[ $SOE ]]; then
-  errcatch
-fi
-
 # for mitmproxy to get a newer python.
 # commented until i want to use it because it
 # noticably slows bash startup
@@ -2226,6 +2229,8 @@ path_add --end $HOME/.rvm/bin
 
 export BASEFILE_DIR=/a/bin/fai-basefiles
 
+export ANDROID_HOME=/opt/android
+
 # didnt get drush working, if I did, this seems like the
 # only good thing to include for it.
 # Include Drush completion.

diff --git a/btrbk-run b/btrbk-run
index 5e1a8883c0beece80987269249b91dbb842262e2..50106a21df71e58de59c904e690fcb70ef1ad31d 100644 (file)
--- a/btrbk-run
+++ b/btrbk-run
@@ -214,8 +214,9 @@ ssh_identity /root/.ssh/home
 # transaction info.
 transaction_syslog local7
 
-# 20%ish speedup[]
-stream_buffer 512m
+# note, i had this because man said 20% speedup, but ran into
+# this issue, https://github.com/digint/btrbk/issues/275
+#stream_buffer 512m
 
 # so we only run one at a time
 lockfile                   /var/lock/btrbk.lock

diff --git a/conflink b/conflink
index 4e62edbcc39469d44b66336ba1dbff81321f094a..5ac563919661527a7242f42a60b7f37640064662 100755 (executable)
--- a/conflink
+++ b/conflink
@@ -91,8 +91,8 @@ case $USER in
     /a/exe/lnf -T /p/arbtt-capture.log ~/.arbtt/capture.log
     ##### end special extra stuff #####
 
-    sudo bash -c 'cd /etc/openvpn; for f in client/*; do ln -sf $f .; done'
-    sudo bash -c 'chmod 600 /etc/openvpn/client/*.key'
+    sudo bash -c 'cd /etc/openvpn; for f in client/* server/*; do ln -sf $f .; done'
+    sudo bash -c 'cd /etc/openvpn; for f in server/*.key client/*.key; do chmod 600 $f; done'
 
     m sudo -H -u traci "$BASH_SOURCE"
     ;;

diff --git a/distro-begin b/distro-begin
index 38fcd59c12b5564982ea08db8b1d0358eec892cc..c0c1f240cb494b14b0d41256b258aaa546f45ec5 100755 (executable)
--- a/distro-begin
+++ b/distro-begin
@@ -322,6 +322,7 @@ fi
 s lnf /q/root/.editor-backups /q/root/.undo-tree-history \
   /a/opt /a/c/.emacs.d $HOME/mw_vars /k/backup /root
 pi rsync # needed for rootsshsync
+/a/bin/ds/install-my-scripts # needed for rootsshsync
 rootsshsync
 s lnf /a/c/.vim /a/c/.vimrc /a/c/.gvimrc /root
 if has_p; then

diff --git a/distro-end b/distro-end
index 655ae7f4c19d68bf6f4aa1cb6c9ea25997f03b3b..c22e1130be39b67136dd60c5581f0776c1674771 100755 (executable)
--- a/distro-end
+++ b/distro-end
@@ -114,7 +114,7 @@ if isdeb; then
   l="deb [arch=amd64] $url $(debian-codename-compat) stable"
 
   if ! grep -xFq "$l" /etc/apt/sources.list{,.d/*.list}; then
-    sudo add-apt-repository $l
+    sudo add-apt-repository "$l"
     p update
   fi
   # docker eats up a fair amount of cpu when doing nothing, so don't enable it unless
@@ -604,8 +604,8 @@ deb [arch=amd64] https://downloads.iridiumbrowser.de/deb/ stable main
 EOF
     f=/etc/apt/sources.list.d/iridium-browser.list
     if ! diff -q $t $f; then
-      cp $t $f
-      chmod 644 $f
+      s cp $t $f
+      s chmod 644 $f
       p update
     fi
     pi iridium-browser
@@ -970,8 +970,8 @@ deb http://us.archive.ubuntu.com/ubuntu/ bionic-security main
 EOF
     f=/etc/apt/sources.list.d/bionic.list
     if ! diff -q $t $f; then
-      cp $t $f
-      chmod 644 $f
+      s cp $t $f
+      s chmod 644 $f
       p update
     fi
 
@@ -1089,9 +1089,9 @@ esac
 # 450 seems likely to be unused. we need to specify one or else
 # it won't be stable across installs.
 if ! getent passwd debian-transmission > /dev/null; then
+  s groupadd -g 450 debian-transmission
   case $distro in
     arch)
-      s groupadd -g 450 debian-transmission
       s useradd \
         --system \
         --create-home \
@@ -1106,7 +1106,6 @@ if ! getent passwd debian-transmission > /dev/null; then
         --gid 450 \
         --uid 450 \
         --system \
-        --group \
         --no-create-home \
         --disabled-password \
         --home /var/lib/transmission-daemon \
@@ -1339,7 +1338,7 @@ case $distro in
       # just the latest stable at the time of writing
       # TODO, maybe put this all into a build script,
       # and do some automatic updates
-      wget https://dl.google.com/go/go1.12.4.linux-amd64.tar.gz
+      wget -q https://dl.google.com/go/go1.12.4.linux-amd64.tar.gz
       s tar -C /usr/local -xzf go1.12.4.linux-amd64.tar.gz
       rm -f *
     fi

diff --git a/filesystem/etc/systemd/system/fsf-vpn-dns-cleanup.service b/filesystem/etc/systemd/system/fsf-vpn-dns-cleanup.service
index 50467f817c00df6921bbe5e03d4eab808b74ce3c..3e50599bc9d5f2a8e202d503e633be1ffc0425c6 100644 (file)
--- a/filesystem/etc/systemd/system/fsf-vpn-dns-cleanup.service
+++ b/filesystem/etc/systemd/system/fsf-vpn-dns-cleanup.service
@@ -3,7 +3,7 @@
 [Unit]
 Description=fsf-vpn-dns-cleanup
 After=multi-user.target
-Conflicts=openvpn-client@fsf80.service openvpn@fsf80.service openvpn-client@fsf802.service openvpn-client@fsf803.service
+Conflicts=openvpn-client@fsf80.service openvpn-client@fsf802.service openvpn-client@fsf803.service openvpn-client@fsf443.service openvpn-client@fsf4432.service openvpn-client@fsf4433.service
 
 [Service]
 Type=oneshot

diff --git a/pkgs b/pkgs
index 13c6ba9c81dcaa2fbde98ee27404749346bcf0ef..d83bf4af845b13f827a52c329b6375b742ce207b 100644 (file)
--- a/pkgs
+++ b/pkgs
@@ -155,6 +155,7 @@ p4=(
   pv
   python-autopep8
   python3-doc
+  qemu-user-static
   qrencode
   readline-doc
   reportbug

diff --git a/subdir_files/.gnupg/gpg.conf b/subdir_files/.gnupg/gpg.conf
index d5b5c41ea90e30985b977057ddf9f86e6da353d8..57c80646a2d51b79b7760e8b8f616cc01a607694 100644 (file)
--- a/subdir_files/.gnupg/gpg.conf
+++ b/subdir_files/.gnupg/gpg.conf
@@ -39,7 +39,9 @@ default-key B125F60B7B287FF6A2B7DF8F170AF0E2954295DF
 #keyserver hkp://pgp.mit.edu
 #keyserver hkp://pool.sks-keyservers.net
 #keyserver hkp://keyserver.pgp.com
-keyserver hkp://ipv4.pool.sks-keyservers.net
+#keyserver hkp://ipv4.pool.sks-keyservers.net
+keyserver hkp://keys.gnupg.net
+
 
 # more secure, but had problems with my gpg version
 #keyserver hkps://hkps.pool.sks-keyservers.net