various updates, add bind

diff --git a/conflink b/conflink
index 948d1a22694b89aa08b4b984b20b7f494713bb4c..6a9e4ff975c40de0ed248cde96a60a27475c249a 100755 (executable)
--- a/conflink
+++ b/conflink
@@ -92,6 +92,9 @@ case $USER in
     ian)
         # p needs to go first so .ssh link is created, then config link inside it
         common-file-setup ${all_dirs[@]}
+        if [[ -d /etc/bind/bind-writable ]]; then
+            s chgrp bind /etc/bind/bind-writable
+        fi
         sudo -u traci "$BASH_SOURCE"
         ;;
     traci)

diff --git a/distro-begin b/distro-begin
index 71e2a56d80c7e26bda12ee316b7b433061730d97..9e35654b9529f38ec1988d398af6824f4d583161 100755 (executable)
--- a/distro-begin
+++ b/distro-begin
@@ -594,6 +594,8 @@ EOF
     s dd of=/etc/systemd/system/imount.service <<'EOF'
 [Unit]
 Description=Mount /i and related mountpoints
+RequiredBy=syncthing@ian.service
+Before=syncthing@ian.service
 
 [Service]
 Type=oneshot

diff --git a/distro-end b/distro-end
index e0bf4f66fc936785a3fb7f50b2e716d79d949d54..52d02ff212fabab763e904b0478b58c8620c2c5e 100755 (executable)
--- a/distro-end
+++ b/distro-end
@@ -69,6 +69,7 @@ case $HOSTNAME in
             aptitude-doc-en
             bash-doc
             binutils-doc
+            bind9-doc
             bwm-ng
             chromium
             cpio-doc
@@ -529,6 +530,8 @@ EOF
 
         ############# end setup mastodon ##############
 
+        pi bind9
+
         echo "$0: $(date): ending now)"
         exit 0
         ;;

diff --git a/dynamic-ip-update.sh b/dynamic-ip-update.sh
index a2da871b722f8b1f408ced0bed04aa71f39f0722..923da11464a95fbbbbcdf96493baa88510e38022 100755 (executable)
--- a/dynamic-ip-update.sh
+++ b/dynamic-ip-update.sh
@@ -1,32 +1,39 @@
-#!/bin/bash -l
-
-
-# note: in practice, I've not seen my ip address change under comcast
-# for over a year. If the internet hadn't mislead me, I wouldn't have
-# bothered.
-
-
-
-
-# based on: https://www.namecheap.com/support/knowledgebase/article.aspx/36/11/how-do-i-start-using-dynamic-dns
-
-# go to advanced dns, enable the little slider checkbox for dynamic dns,
-# add dnynamic dns records for @ and * (not sure * will work, but eh),
-# with the initial ip you want. remove any other host records, for example
-# the initial default ones. copy the dynamic dns password to /p/dynamic-ip-pass.
-
-# other articles I found usefull previously, but not the last time
-#  http://mwholt.blogspot.com/2013/09/how-to-set-up-dynamic-dns-in-5-minutes.html
-# https://www.namecheap.com/support/knowledgebase/article.aspx/583/11/how-do-i-configure-ddclient
-
-ip=`curl -s4 echoip.com`
-curl -sS "https://dynamicdns.park-your-domain.com/update?host=@&domain=$HOME_DOMAIN&password=$(cat /p/dynamic-ip-pass)&ip=$ip" > /dev/null
-
-# an alternative, putting my ip on some known server,
-# allows ssh to home if I can access that server:
-# ssh -o "ProxyCommand ssh someserver -W desktop:22" desktop
-
-# ssh root@some_server bash <<'EOF' | log-once dynamic-ip
-# sed -i --follow-symlinks '/desktop$/d' /etc/hosts
-# echo "${SSH_CLIENT%% *} desktop" >> /etc/hosts
+#!/bin/bash
+
+set -eE -o pipefail
+trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
+
+
+cur="$(host -4 iank.pw iankelling.org | sed -rn 's/.*has address (.*)/\1/p;T;q')"
+ip=$(curl -s4 https://iankelling.org/cgi/pubip)
+
+# note, a simpler way to do this would be to ssh and use
+# "${SSH_CLIENT%% *}
+# to update bind if needed.
+
+if [[ $cur != $ip ]]; then
+    nsupdate -k /p/c/machine_specific/li/filesystem/etc/bind/Kiank.pw.*.private <<EOF
+server iankelling.org
+zone iank.pw
+update delete iank.pw. A
+update add iank.pw. 300 A $ip
+update delete *.iank.pw. A
+update add *.iank.pw. 300 A $ip
+show
+send
+EOF
+fi
+
+# persistent initial setup for this:
+# mkc /p/c/machine_specific/li/filesystem/etc/bind
+# s dnssec-keygen -a HMAC-MD5 -b 512 -n HOST iank.pw
+# s chown ian:ian *
+
+# f=key.iank.pw
+# cat >$f <<EOF
+# key iank.pw. {
+# algorithm HMAC-MD5;
+# secret "$(awk '$1 == "Key:" {print $2}' Kiank.pw.*.private)";
+# };
 # EOF
+# chmod 640 $f

diff --git a/guest-apt b/guest-apt
new file mode 100644 (file)
index 0000000..49be4c3
--- /dev/null
+++ b/guest-apt
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# script for guest accounts to install packages
+regex="^[A-Za-z]*$"
+for arg; do
+    if [[ ! $arg =~ $regex ]]; then
+        echo "expected only alphabetical arguments which are passed to apt get"
+        exit 1
+    fi
+done
+apt-get install "$@"

diff --git a/install-my-scripts b/install-my-scripts
index e2356ca3e70c13436d65cc0f26b3447628f079c9..278a3b051b058dea8ba6a6d50ff25eff857c9f47 100755 (executable)
--- a/install-my-scripts
+++ b/install-my-scripts
@@ -31,4 +31,4 @@ x="$(readlink -f "$BASH_SOURCE")"; cd ${x%/*}
 e() { echo "$*"; "$@"; }
 
 # scripts that would interfere with unmounting /a, put them elsewhere
-e install mount-latest-subvol check-subvol-stale /usr/local/bin
+e install guest-apt mount-latest-subvol check-subvol-stale /usr/local/bin

diff --git a/myunison b/myunison
index 2e0f14928f37ab4f294ae7f38a5d092150ef1ff8..493d79594de5177a87081da5e1c611e2fce55c52 100755 (executable)
--- a/myunison
+++ b/myunison
@@ -61,7 +61,7 @@ if [[ ! -e $push_path ]]; then
 fi
 # note, i'd prefer to use /usr/local/bin, but it's not in arch's default
 # path for root.
-scp /usr/bin/unison-latest-stable root@$host:/usr/bin/unison
+rsync -L /usr/bin/unison-latest-stable root@$host:/usr/bin/unison
 
 if $do_snapshot; then
     unison-snapshot