src="${BASH_SOURCE%/*}"
+# see example of usage to understand.
end_msg() {
- = local y
+ local y
IFS= read -r -d '' y ||:
end_msg_var+="$y"
}
esac
pup
+pi aptitude
simple_packages=(
htop
+ iptables
mailutils
nmon
rdiff-backup
tree
vim
wcd
+ wget
)
case $HOSTNAME in
beets-doc
binutils-doc
bind9-doc
- bind9-utils
+ bind9utils
bwm-ng
- chromium
- cpio-doc
cloc
cpulimit
cron
glibc-doc
goaccess
gnome-screenshot
- gnome-session-flashback
guvcview
i3lock
inetutils-traceroute
make-doc
manpages
manpages-dev
+ mb2md
meld
mps-youtube
mumble
nagstamon
+ ncdu
nginx-doc
nmap
offlineimap
oathtool
+ opendkim-tools
p7zip
paprefs
parted-doc
########### begin section including li ################
-case $distro in
- fedora) spa unrar ;;
- *) spa unrar-free ;;
-esac
-
-
case $distro in
arch)
# ubuntu 14.04 uses b-cron,
esac
-if isdeb; then
- pi debian-goodies
-fi
-
case $distro in
*) pi at ;;&
case $distro in
arch) spa the_silver_searcher ;;
- debian|ubuntu|trisquel) spa silversearcher-ag ;;
+ debian|trisquel|ubuntu) spa silversearcher-ag ;;
# fedora unknown
esac
case $distro in
- debian|ubuntu|trisquel) spa ntp;;
+ debian|trisquel|ubuntu) spa ntp;;
arch)
pi ntp
sgo ntpd
# no equivalent in other distros:
case $distro in
- debian|ubuntu|trisquel)
+ debian|trisquel|ubuntu)
pi aptitude
if ! dpkg -s apt-file &>/dev/null; then
# this condition is just a speed optimization
;;
esac
-case $distro in
- ubuntu|trisquel|debian) spa ack-grep ;;
- arch|fedora) spa ack ;;
- # fedora unknown
-esac
case $distro in
- arch|debian|ubuntu|trisquel)
+ arch|debian|trisquel|ubuntu)
spa bash-completion
;;
# others unknown
s update-rc.d motd disable
fi
;;
- ubuntu|trisquel)
+ trisquel|ubuntu)
# this isn't a complete solution. It still shows me when updates are available,
# but it's no big deal.
s t /etc/update-motd.d/10-help-text /etc/update-motd.d/00-header
### begin docker install ####
-# https://store.docker.com/editions/community/docker-ce-server-debian?tab=description
-pi software-properties-common apt-transport-https
-curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
-sudo add-apt-repository \
- "deb [arch=amd64] https://download.docker.com/linux/debian \
- $(lsb_release -cs) \
+
+if isdeb; then
+ # https://store.docker.com/editions/community/docker-ce-server-debian?tab=description
+ pi software-properties-common apt-transport-https
+ curl -fsSL https://download.docker.com/linux/$(distro-name-compat)/gpg | sudo apt-key add -
+ sudo add-apt-repository \
+ "deb [arch=amd64] https://download.docker.com/linux/$(distro-name-compat) \
+ $(debian-codename-compat) \
stable"
-p update
-pi docker-ce
-sgo docker
+ p update
+ pi docker-ce
+ sgo docker
+ # other distros unknown
+fi
### end docker install ####
ser daemon-reload
sgo certbotmail.timer
+ ;;
+ trisquel|ubuntu)
+ # not packaged in xenial or flidas
+ pi software-properties-common
+ s add-apt-repository -y ppa:certbot/certbot
+ p update
+ pi python-certbot-apache
;;
# todo: other distros unknown
esac
########### end section including li/lj ###############
+case $distro in
+ debian) spa gnome-session-flashback ;;
+ # flidas is missing dependency gnome-panel. others unknown
+esac
+
+
+
+case $distro in
+ trisquel|ubuntu|debian) spa ack-grep ;;
+ arch|fedora) spa ack ;;
+ # fedora unknown
+esac
+
+
+if isdeb; then
+ spa debian-goodies
+fi
+
+
+case $distro in
+ debian)
+ pi chromium ;;
+ xenial|ubuntu)
+ wget -qO - https://downloads.iridiumbrowser.de/ubuntu/iridium-release-sign-01.pub|sudo apt-key add -
+ cat <<EOF | sudo tee /etc/apt/sources.list.d/iridium-browser.list
+deb [arch=amd64] https://downloads.iridiumbrowser.de/deb/ stable main
+#deb-src https://downloads.iridiumbrowser.de/deb/ stable main
+EOF
+ p update
+ pi iridium-browser
+ ;;
+esac
+
+case $distro in
+ debian)
+ spa cpio-doc ;;
+ # not packaged in flidas. others unknown. gfdl nonfree issue
+esac
+
+
+
+
+case $distro in
+ fedora) spa unrar ;;
+ *) spa unrar-free ;;
+esac
+
+
+
if [[ $HOSTNAME == treetowl ]]; then
# vpn-server setup via:
######### end pump.io periodic backup #############
case $distro in
- debian|ubuntu|trisquel)
+ debian|trisquel|ubuntu)
# suggests because we want the resolvconf package.
# todo: check other distros to make sure it\'s installed
pi-nostart --install-suggests openvpn
# syncs between comps.
case $distro in
arch) pi syncthing ;;
- ubuntu|trisquel|debian)
+ trisquel|ubuntu|debian)
# testing has relatively up to date packages
if ! isdebian-testing; then
# based on error when doing apt-get update:
# no equivalent in other distros:
case $distro in
- debian|ubuntu|trisquel)
+ debian|trisquel|ubuntu)
# for gui bug reporting
spa python-vte
;;
# in display tab: icon in systray.
case $distro in
- debian|ubuntu|trisquel)
+ debian|trisquel|ubuntu)
# it asks if it should make users in it's group capture packets without root,
# which is arguably more secure than running wireshark as root. default is no,
# which is what i prefer, since I plan to use tcpdump to input to wireshark.
case $distro in
- debian|ubuntu|trisquel)
+ debian)
# no recommends because it wanted some other unstable package, something to
# do with math or something, which I didn't want to deal with.
p -y --no-install-recommends install python3-send2trash/unstable anki/unstable
;;
+ trisquel|ubuntu)
+ pi anki
+ ;;
# others unknown
esac
case $distro in
- debian|ubuntu|trisquel)
+ debian|trisquel|ubuntu)
# note i had to do this, which is persistent:
# cd /i/k
# s chgrp debian-transmission torrents partial-torrents
# plus a simple symlink to the config file which it\'s
# not worth separating out.
s lnf -T /i/transmission-daemon /var/lib/transmission-daemon/.config/transmission-daemon
+ # between comps, the uid can change
+ s chown -R debian-transmission:debian-transmission /i/transmission-daemon /var/lib/transmission-daemon
+ s chown -R debian-transmission:traci /i/k/partial-torrents /i/k/torrents
#
# config file documented here, and it\'s the same config
# for daemon vs client, so it\'s documented in the gui.
;;
esac
fi
+
+
+# trisquel 8 = openvpn, debian stretch = openvpn-client
+vpn_ser=openvpn-client
+if [[ ! -e /lib/systemd/system/openvpn-client@.service ]]; then
+ vpn_ser=openvpn
+fi
+
+s dd of=/etc/systemd/system/transmission-daemon-nn.service <<EOF
+[Unit]
+Description=Transmission BitTorrent Daemon netns
+After=network.target
+Requires=${vpn_ser}-nn@client.service
+After=${vpn_ser}-nn@client.service
+JoinsNamespaceOf=${vpn_ser}-nn@client.service
+
+[Service]
+#User=debian-transmission
+# notify type doesn't work with sudo
+#Type=notify
+ExecStart=/usr/bin/nsenter --mount=/root/mount_namespaces/client sudo -u debian-transmission /usr/bin/transmission-daemon -f --log-error
+ExecReload=/bin/kill -s HUP \$MAINPID
+PrivateNetwork=true
+Nice=19
+
+[Install]
+WantedBy=multi-user.target
+EOF
+ser daemon-reload
+
if [[ $HOSTNAME == frodo ]]; then
sgo transmission-daemon-nn
fi
esac
-pi wget
-case $HOSTNAME in
- tp|frodo)
- case $distro in
- debian|ubuntu|trisquel)
- log=$(mktemp)
- cd /a/opt
- wget -nv -N https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
- errallow
- set -o pipefail
- s dpkg -i google-chrome-stable_current_amd64.deb |& tee $log
- code=$?
- errcatch
- case $code in
- 0) : ;;
- *)
- # previously I had a more specific search, but dpkg
- # changed it\'s output as of 7/2016
- if grep 'dependency problems' \
- $log &>/dev/null; then
- s apt-get -fy install
- else
- exit 1
- fi
- ;;
- esac
- ;;
- arch)
- pi google-chrome
- ;;
- esac
- ;;
-esac
-
# printer
case $distro in
arch)
# In debian, I could use hte recommended driver,
# in arch, I had to pick out the 6L driver.
;;
- debian|ubuntu|trisquel)
+ debian|trisquel|ubuntu)
spa hplip
;;
# other distros unknown
case $distro in
- ubuntu|debian) pi --no-install-recommends mairix notmuch ;;
+ trisquel|ubuntu|debian) pi --no-install-recommends mairix notmuch ;;
fedora|arch) spa mairix notmuch ;;
esac
case $distro in
arch) spa nfs-utils ;;
- ubuntu|debian) spa nfs-client ;;
+ trisquel|ubuntu|debian) spa nfs-client ;;
esac
case $distro in
- ubuntu|debian) spa par2 ;;
+ trisquel|ubuntu|debian) spa par2 ;;
arch|fedora) spa par2cmdline ;;
esac
# needed for my tex resume
case $distro in
- ubuntu|debian) spa texlive-full ;;
+ trisquel|ubuntu|debian) spa texlive-full ;;
arch) spa texlive-most ;;
# fedora unknown
esac
-case $distro in
- ubuntu)
- # flash, unrar, codecs, ms fonts.
- # This has a manual prompt.
- spa ubuntu-restricted-extras
- ;;
- fedora)
- pi yum-utils
- # rpm fusion recommended codecs
- s su -c "yum localinstall -y --nogpgcheck http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm"
- pi gstreamer-plugins-ugly gstreamer-plugins-bad gstreamer-ffmpeg\
- xine-lib-extras-freeworld
- ;;
-esac
case $distro in
# optional dep for firefox for h.264 video
esac
case $distro in
- fedora|ubuntu|trisquel|debian) spa gnupg-agent ;;
+ fedora|trisquel|ubuntu|debian) spa gnupg-agent ;;
arch) : ;;
esac
case $distro in
arch) spa ttf-dejavu;;
- debian|ubuntu|trisquel) spa fonts-dejavu ;;
+ debian|trisquel|ubuntu) spa fonts-dejavu ;;
# others unknown
esac
case $distro in
arch) spa xorg-xev;;
- debian|ubuntu|trisquel) spa x11-utils ;;
+ debian|trisquel|ubuntu) spa x11-utils ;;
# others unknown
esac
case $distro in
arch) pi virt-install;;&
- debian|ubuntu|trisquel) pi virtinst ;;&
+ debian|trisquel|ubuntu) pi virtinst ;;&
*) pi virt-manager ;; # creates the libvirt group in debian at least
# others unknown
esac
case $distro in
arch) spa cdrkit;;
- debian|ubuntu|trisquel) spa genisoimage;;
+ debian|trisquel|ubuntu) spa genisoimage;;
# others unknown
esac
case $distro in
arch) spa spice-gtk3 ;;
- debian|ubuntu|trisquel) spa spice-client-gtk;;
+ debian|trisquel|ubuntu) spa spice-client-gtk;;
# others unknown
esac
# general known for debian/ubuntu, not for fedora
case $distro in
- debian|ubuntu|trisquel)
+ debian|trisquel|ubuntu)
pi golang-go
# a bit of googling, and added settings to bashrc
go get -u github.com/mvdan/fdroidcl/cmd/fdroidcl
case $distro in
- arch|debian|ubuntu|trisquel) spa pumpa ;;
+ arch|debian|trisquel|ubuntu) spa pumpa ;;
# others unknown. do have a buildscript:
# /a/bin/buildscripts/pumpa ;;
esac
case $distro in
debian) pi adb ;;
- debian|ubuntu|trisquel) spa android-tools-adbd/unstable ;;
+ debian|trisquel|ubuntu) spa android-tools-adbd ;;
+ # todo: not sure this is needed anymore, or if trisqel etc works even
+# debian) spa android-tools-adbd/unstable ;;
arch) spa android-tools ;;
# other distros unknown
esac
if [[ $HOSTNAME == treetowl ]]; then
- case $distro in
- debian)
- if [[ `debian-archive` == testing ]]; then
- # has no unstable dependencies
- pi bitcoind/unstable
- src=/a/opt/bitcoin/contrib/init/bitcoind.service
- s cp $src /etc/systemd/system
- p=/etc/bitcoin/bitcoin
- dst=/etc/systemd/system/bitcoinjm.service
- # jm for joinmarket
- $sed -r "/^\s*ExecStart/s,${p}.conf,${p}jm.conf," $src \
- >/etc/systemd/system/bitcoinjm.service
-
- d=jm; jm=d # being clever for succinctness
- for s in d jm; do
- s $sed -ri "/^\s*\[Unit\]/a Conflicts=bitcoin${!s}.service" \
- /etc/systemd/system/bitcoin${s}.service
- done
-
- ser daemon-reload
-
- dir=/nocow/.bitcoin
- s mkdir -p $dir
- s chown -R bitcoin:bitcoin $dir
- dir=/etc/bitcoin
- s mkdir -p $dir
- s chown -R root:bitcoin $dir
- s chmod 750 $dir
-
- # pruning decreases the bitcoin dir to 2 gb, keeps
- # just the recent blocks. can\'t do a few things like
- # import a wallet dump.
- # pruning works, but people had to do
- # some manual stuff in joinmarket. I dun need the
- # disk space, so not bothering yet, maybe in a year or so.
- # https://github.com/JoinMarket-Org/joinmarket/issues/431
- #https://bitcoin.org/en/release/v0.12.0#wallet-pruning
- #prune=550
-
- f=$dir/bitcoin.conf
- s dd of=$f <<EOF
-server=1
-# necessary for joinmarket, not bad in general
-rpcpassword=$(openssl rand -base64 32)
-rpcuser=$(openssl rand -base64 32)
-EOF
-
- # dunno about sharing a wallet between multiple instances
- # manually did, wallet.dat symlinked in /nocow/.bitcoin
- sgo bitcoind
- fi
- ;;
- # other distros unknown
- esac
-
-# ## disabling joinmarket, its too expensive
-# ### begin joinmarket setup ###
-
-# case $distro in
-# debian)
-# f=$dir/bitcoin.conf
-# f2=$dir/bitcoinjm.conf
-# s cp $f $f2
-# s tee -a $f2 >/dev/null <<EOF
-# # Joinmarket
-# walletnotify=curl -sI --connect-timeout 1 http://localhost:62602/walletnotify?%s
-# alertnotify=curl -sI --connect-timeout 1 http://localhost:62602/alertnotify?%s
-# wallet=joinmarket.dat
-# EOF
-
-# ;;
-# # other distros unknown
-# esac
-
-# pi libsodium-dev python-pip
-# cd /a/opt/joinmarket
-# # using develop branch, as it seems to be mostly bug fixes,
-# # and this is quite new software.
-# # note: python3 does not work.
-# # has seg fault error due to some bug, but it still works
-# pip install -r requirements.txt || [[ $? == 139 ]]
-# # note, the target must exist ahead of time, or bitcoin
-# # just overwrites the link, and it\'s not happy with an empty file,
-# # so we have to create the wallet, then move and link it.
-# s lnf -T /q/bitcoin/wallet.dat /nocow/.bitcoin/wallet.dat
-# s lnf -T /q/bitcoin/joinmarket.dat /nocow/.bitcoin/joinmarket.dat
-# # not technically needed, but seems cleaner not to have
-# # symlinks be root owned unlike everything else
-# s chown -h bitcoin:bitcoin /nocow/.bitcoin/*
-
-# for var in rpcuser rpcpassword; do
-# u="$(s sed -rn "s/^$var=(.*)/\1/p" /etc/bitcoin/bitcoin.conf)"
-# # escape backslashes
-# u="${u//\\/\\\\\\\\}"
-# # escape commas
-# u="${u//,/\\,}"
-# sed -ri "s,^(rpc_${var#rpc}\s*=).*,\1 $u," joinmarket.cfg
-# done
-# sed -ri "s/^\s*(blockchain_source\s*=).*/\1 bitcoin-rpc/" joinmarket.cfg
-# ### end joinmarket setup ###
+ :
+ ## bitcoin disabled. fees too high
+ # case $distro in
+ # debian)
+ # if [[ `debian-archive` == testing ]]; then
+ # # has no unstable dependencies
+ # pi bitcoind/unstable
+ # src=/a/opt/bitcoin/contrib/init/bitcoind.service
+ # s cp $src /etc/systemd/system
+ # p=/etc/bitcoin/bitcoin
+ # dst=/etc/systemd/system/bitcoinjm.service
+ # # jm for joinmarket
+ # $sed -r "/^\s*ExecStart/s,${p}.conf,${p}jm.conf," $src \
+ # >/etc/systemd/system/bitcoinjm.service
+
+ # d=jm; jm=d # being clever for succinctness
+ # for s in d jm; do
+ # s $sed -ri "/^\s*\[Unit\]/a Conflicts=bitcoin${!s}.service" \
+ # /etc/systemd/system/bitcoin${s}.service
+ # done
+
+ # ser daemon-reload
+
+ # dir=/nocow/.bitcoin
+ # s mkdir -p $dir
+ # s chown -R bitcoin:bitcoin $dir
+ # dir=/etc/bitcoin
+ # s mkdir -p $dir
+ # s chown -R root:bitcoin $dir
+ # s chmod 750 $dir
+
+ # # pruning decreases the bitcoin dir to 2 gb, keeps
+ # # just the recent blocks. can\'t do a few things like
+ # # import a wallet dump.
+ # # pruning works, but people had to do
+ # # some manual stuff in joinmarket. I dun need the
+ # # disk space, so not bothering yet, maybe in a year or so.
+ # # https://github.com/JoinMarket-Org/joinmarket/issues/431
+ # #https://bitcoin.org/en/release/v0.12.0#wallet-pruning
+ # #prune=550
+
+ # f=$dir/bitcoin.conf
+ # s dd of=$f <<EOF
+ # server=1
+ # # necessary for joinmarket, not bad in general
+ # rpcpassword=$(openssl rand -base64 32)
+ # rpcuser=$(openssl rand -base64 32)
+ # EOF
+
+ # # dunno about sharing a wallet between multiple instances
+ # # manually did, wallet.dat symlinked in /nocow/.bitcoin
+ # sgo bitcoind
+ # fi
+ # ;;
+ # # other distros unknown
+ # esac
+
+
+
+ # ## disabling joinmarket, its too expensive
+ # ### begin joinmarket setup ###
+
+ # case $distro in
+ # debian)
+ # f=$dir/bitcoin.conf
+ # f2=$dir/bitcoinjm.conf
+ # s cp $f $f2
+ # s tee -a $f2 >/dev/null <<EOF
+ # # Joinmarket
+ # walletnotify=curl -sI --connect-timeout 1 http://localhost:62602/walletnotify?%s
+ # alertnotify=curl -sI --connect-timeout 1 http://localhost:62602/alertnotify?%s
+ # wallet=joinmarket.dat
+ # EOF
+
+ # ;;
+ # # other distros unknown
+ # esac
+
+ # pi libsodium-dev python-pip
+ # cd /a/opt/joinmarket
+ # # using develop branch, as it seems to be mostly bug fixes,
+ # # and this is quite new software.
+ # # note: python3 does not work.
+ # # has seg fault error due to some bug, but it still works
+ # pip install -r requirements.txt || [[ $? == 139 ]]
+ # # note, the target must exist ahead of time, or bitcoin
+ # # just overwrites the link, and it\'s not happy with an empty file,
+ # # so we have to create the wallet, then move and link it.
+ # s lnf -T /q/bitcoin/wallet.dat /nocow/.bitcoin/wallet.dat
+ # s lnf -T /q/bitcoin/joinmarket.dat /nocow/.bitcoin/joinmarket.dat
+ # # not technically needed, but seems cleaner not to have
+ # # symlinks be root owned unlike everything else
+ # s chown -h bitcoin:bitcoin /nocow/.bitcoin/*
+
+ # for var in rpcuser rpcpassword; do
+ # u="$(s sed -rn "s/^$var=(.*)/\1/p" /etc/bitcoin/bitcoin.conf)"
+ # # escape backslashes
+ # u="${u//\\/\\\\\\\\}"
+ # # escape commas
+ # u="${u//,/\\,}"
+ # sed -ri "s,^(rpc_${var#rpc}\s*=).*,\1 $u," joinmarket.cfg
+ # done
+ # sed -ri "s/^\s*(blockchain_source\s*=).*/\1 bitcoin-rpc/" joinmarket.cfg
+ # ### end joinmarket setup ###
fi
case $distro in
fedora)
cd $(mktemp -d)
- wget http://tamacom.com/global/global-6.3.2.tar.gz
+ wget ftp://ftp.gnu.org/pub/gnu/global/global-6.5.7.tar.gz
ex global*
- cd global-6.3.2
+ cd global-6.5.7
# based on https://github.com/leoliu/ggtags
./configure --with-exuberant-ctags=/usr/bin/ctags
make
arch)
pi python2-pygments
;;
- debian|ubuntu|trisquel)
+ debian|trisquel|ubuntu)
pi python-pygments
;;
esac
case $distro in
debian)
- pi task-mate-desktop
+ s eatmydata apt-get -y install --purge --auto-remove task-mate-desktop
# in settings, change scrolling to two-finger,
# because the default edge scroll doesn\'t work.
pu transmission-gtk
;;
+ trisquel)
+ # mate-indicator-applet and beyond are msc things I noticed diffing a
+ # standard install with mine.
+ s eatmydata apt-get -y install --purge --auto-remove xorg lightdm mate-desktop-environment mate-desktop-environment-extras mate-indicator-applet anacron
+ ;;
# others unknown
esac
### kdeconnect for gnome. started in /a/bin/distro-setup/desktop-20-autostart.sh
-pi libgtk-3-dev python3-requests-oauthlib valac cmake python-nautilus
+pi libgtk-3-dev python3-requests-oauthlib valac cmake python-nautilus libappindicator3-dev
cd /a/opt/indicator-kdeconnect
mkdir -p build
cd build
cmake .. -DCMAKE_INSTALL_PREFIX=/usr
make
sudo make install
-
+# we can start it manually with /usr/lib/x86_64-linux-gnu/libexec/kdeconnectd
+# it seems, according to
+# /etc/xdg/autostart/kdeconnectd.desktop
+# I'm not seeing the icon, but the clipboard replication is working
######### end misc packages #########
########### misc stuff
+# stop autopoping windows when i plug in an android phone.
+# dbus-launch makes this work within an ssh connection, otherwise you get this message,
+# with still 0 exit code.
+# dconf-WARNING **: failed to commit changes to dconf: Cannot autolaunch D-Bus without X11 $DISPLAY
+dbus-launch gsettings set org.gnome.desktop.media-handling automount-open false
+
devs=()
for dev in $(s btrfs fi show /boot | sed -nr 's#.*path\s+(\S+)$#\1#p'); do
devs+=($(devbyid $dev),)
# on grub upgrade, we get prompts unless we do this
s debconf-set-selections <<EOF
-grub-pc grub-pc/install_devices multiselect ${devs[*]}
+grub-pc grub-pc/install_devices multiselect ${devs[*]}
EOF
case $distro in
- debian|ubuntu|trisquel)
- case `debian-archive` in
- stable)
- s dd of=/etc/apt/preferences.d/unison-gtk <<'EOF'
-Explanation: Allow unison-gtk to be upgraded
-Package: unison-gtk
-Pin: release a=testing
-Pin-Priority: 500
-EOF
- # dont think using testing is needed since I figured out how to
- # deal with mismatching unison compilers, but I dont
- # see any reason to revert it, since it only installs
- # a single package which is primarily a single binary
- ;;
- esac
- pi unison/testing
- pi unison-gtk/testing # after to make it the default unison
+ trisquel|ubuntu|debian)
+ # unison-gtk second, i want it to be default, not sure if that works
+ # with spa. note, I used to install from testing repo when using stable,
+ # but it shouldn't be needed since I wrote a script to handle mismatching
+ # compilers.
+ spa unison unison-gtk
;;
arch)
- pi unison gtk2
+ spa unison gtk2
;;
esac
#
# # disabled due to my patch being in btrbk
# case $distro in
-# arch|debian|ubuntu|trisquel) pi btrbk ;;
+# arch|debian|trisquel|ubuntu) pi btrbk ;;
# # others unknown
# esac
cd /a/opt/btrbk
case $distro in
- debian|ubuntu|trisquel) s gpasswd -a iank adm ;; #needed for reading logs
+ debian|trisquel|ubuntu) s gpasswd -a iank adm ;; #needed for reading logs
esac
# tor
pi nfs-utils
sgo nfs-server
;;
- debian|ubuntu|trisquel)
+ debian|trisquel|ubuntu)
pi nfs-server
;;
arch)
esac
-########### begin kodi setup ############
-pi kodi
-# based on https://wiki.debian.org/SecuringNFS
-# but the quota stuff is either outdated or optional,
-# i guessed that it was not needed and it worked fine.
-s dd of=/etc/sysctl.d/nfs-static-ports.conf <<'EOF'
-fs.nfs.nfs_callback_tcpport = 32764
-fs.nfs.nlm_tcpport = 32768
-fs.nfs.nlm_udpport = 32768
-EOF
-s sysctl --system
-s $sed -ri -f - /etc/default/nfs-common <<'EOF'
-/^\s*STATDOPTS=/d
-$a STATDOPTS="--port 32765 --outgoing-port 32766"
-EOF
-
-s $sed -ri -f - /etc/default/nfs-kernel-server <<'EOF'
-/^\s*RPCMOUNTDOPTS=/d
-$a RPCMOUNTDOPTS="--manage-gids --port 32767"
-EOF
-ser restart nfs-kernel-server
-if [[ $HOSTNAME == treetowl ]]; then
- # persistent one time steps for webdav:
- # create persistent password, put it in ~/.kodi/userdata/advancedsettings.xml,
- # per http://kodi.wiki/view/MySQL/Sync_other_parts_of_Kodi
- # htpasswd -c /p/c/filesystem/etc/davpass dav
- # chmod 640 /p/c/filesystem/etc/davpass
- # in conflink, set group to www-data.
- # In kodi, i set the music source, server address: my domain,
- # path: k/music. Then copied the file
- # /p/c/subdir_files/.kodi/userdata/sources.xml to save that setting.
- s a2enmod dav dav_fs
- web-conf -r /a/c/playlists - apache2 dav.$HOME_DOMAIN <<'EOF'
-<Directory /a/c/playlists>
- DAV On
- AuthType Basic
- AuthName "Authentication Required"
- AuthUserFile "/etc/davpass"
- Require valid-user
-
-# outside the standard /var/www, so use this:
- Order allow,deny
- Allow from all
-</Directory>
-EOF
- s mkdir -p /var/www/davlock
- s chown www-data:www-data /var/www/davlock
- s sed -i "1i DavLockDB /var/www/davlock/davlock" /etc/apache2/sites-enabled/dav.$HOME_DOMAIN.conf
- ser reload apache2
-
- teeu /etc/exports "/k/music *(ro,nohide,async,no_subtree_check,insecure)"
- exportfs -ra
-
- # kodi uses sqlite by default, but supports mysql.
- pi mariadb-server
-
- # see ofswiki.org for explanation.
- dbpass="$(cat /p/mysql-root-pass)"
- if ! echo exit|mysql -uroot "-p$dbpass"; then
- echo -e "\n\n$dbpass\n$dbpass\n\n\n\n\n" | mysql_secure_installation
- fi
- mysql -uroot "-p$dbpass" <<EOF
-GRANT ALL PRIVILEGES ON *.* TO 'kodi' IDENTIFIED BY '$(</p/mysql-kodi-pass)';
-EOF
- s sed -ri 's/^(\s*bind-address\s*=).*/\1 0.0.0.0/' /etc/mysql/mariadb.conf.d/50-server.cnf
- ser restart mariadb
-
-fi
-
-########### end kodi setup ############
-
-
-if [[ $HOSTNAME == treetowl ]]; then
+if [[ $HOSTNAME == frodo ]]; then
# nohide = export filesystems mounted deeper than the export point
# fsid=0 makes this export the "root" export
# not documented in the man page, but this means
# persistent virtual machines
-
case $distro in
- debian|ubuntu|trisquel)
+ debian|trisquel|ubuntu)
pi libosinfo-bin;
;;
esac
+# if I was going to create a persistent vm, i might do it like this:
+# variant=something # from: virt-install --os-variant list
+# s virt-install --noautoconsole --graphics spice,listen=0.0.0.0 \
+ # --disk=/a/images/some_name.qcow2,bus=virtio --vcpus 2 -r 4096 -w bridge=br0 \
+ # -n some_name --import --os-variant $variant --cpu host-model-only
-# distro may not know about win 10 yet.
-variant=win7
-if ! virt-install --os-variant list &>/dev/null; then # we are using a newer virt-install
- for v in 10 8.1 8; do
- if osinfo-query os | gr "^\s*win${v/./\\.}\s" &>/dev/null; then
- variant=win$v
- break
- fi
- done
-fi
-
-if ! s virsh list --all --name | grep -xF win10 &>/dev/null; then
-
- # created account with
- # win10vmian@outlook.com, and easy to remember password
- # win 10 virtio, makes disk way way way faster
- # wget https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/latest-virtio/virtio-win.iso
- # https://wiki.archlinux.org/index.php/QEMU#Change_Existing_Windows_VM_to_use_virtio
- # for installing virtio after initial install instead of with initial iso:
- # qemu-img create -f qcow2 fake.qcow2 1G
- # --disk=/a/images/virtio-win.iso,device=cdrom \
- # --disk=/a/images/fake.qcow2,bus=virtio
- # Also,
- # went to device manager, saw 2 pci devices with yellow !,
- # did search for drivers, pick cdrom location, done.
- #
- # from http://www.tenforums.com/tutorials/4189-fast-startup-turn-off-windows-10-a.html.
- # google said there was a control panel option for it, but
- # that turned out to be a lie.
- # Put this in a .bat file and run as administrator to turn off
- # hyberboot which fucks things up.
- # REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power" /V HiberbootEnabled /T REG_dWORD /D 0 /F
- # power settings, turn off display: never
- # run "control userpasswords2", turn on automatic login.
- # note: when changing devices, I just undefine, the create the vm again.
-
- if [[ -e /nocow/user/vms/win10.qcow2 ]]; then
- s virt-install --noautoconsole --graphics spice,listen=0.0.0.0 \
- --disk=/a/images/win10.qcow2,bus=virtio --vcpus 2 -r 4096 -w bridge=br0 \
- -n win10 --import --os-variant $variant --cpu host-model-only
-
- s virsh destroy win10
- fi
-
- if [[ -e /nocow/user/vms/win7.qcow2 ]]; then
- # this one hasn\'t had the virtio fix done yet.
- s virt-install --noautoconsole --graphics spice,listen=0.0.0.0 \
- --disk=/a/images/win7.qcow2 --vcpus 2 -r 4096 -w bridge=br0 \
- -n win7 --import --os-variant win7 --cpu host-model-only
- s virsh destroy win7
- # had a problem with --cpu host, so trying out
- # --cpu host-model-only
- fi
-fi
-
-
-if [[ $HOSTNAME == treetowl ]]; then
- pi samba
- # note samba re-reads it\'s config every 1 minute
- case $distro in
- arch) s cp /etc/samba/smb.conf.default /etc/samba/smb.conf ;;
- esac
-
- # add 2 lines after workgroup option
- s sed -ri --follow-symlinks '/^\s*encrypt passwords\s*=/d' /etc/samba/smb.conf
- s sed -ri --follow-symlinks '/^\s*map to guest\s*=/d' /etc/samba/smb.conf
- s sed -i --follow-symlinks 's/\(\s*workgroup\s*=\).*/\1 WORKGROUP\n\tencrypt passwords = yes\n\tmap to guest = bad password/' /etc/samba/smb.conf
- # remove default homes section. not sharing that.
- s sed -ri --follow-symlinks '/^\s*\[homes\]/,/\s*\[/d' /etc/samba/smb.conf
-
- if ! grep -xF '[public]' /etc/samba/smb.conf &>/dev/null; then
- s tee -a /etc/samba/smb.conf <<'EOF'
-[public]
- guest ok = yes
- read only = no
- path = /kr
-EOF
- fi
-
- case $distro in
- debian|ubuntu|trisquel)
- # systemd claims it generates units from /etc/init.d, but it
- # clearly doesn\'t in debian. I have no idea how they are
- # related. fuck debian right now. It\'s not documented. samba
- # has a systemd init file linked to /dev/null. There\'s this
- # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769714 which
- # claims samba\'s sub-services will be started automatically by
- # systemd... it didn\'t on install, wonder if it will on
- # boot. It clued me in how to start it manually though. Nothing
- # in /usr/share/doc/samba, debian admin guide says nothing about
- # any of this. (this is in debian testing as of 4/2016).
-
- s /etc/init.d/samba start
- ;;
- arch)
- sgo samba
- ;;
- esac
-fi
-
-tu /etc/hosts <<< "127.0.1.1 $(hostname).lan $(hostname)"
######### begin stuff belonging at the end ##########
iankelling.org / git / distro-setup / commitdiff