From 9e67b088b46c5c7f101679f791b60dc259f24bb1 Mon Sep 17 00:00:00 2001
From: Ian Kelling <ian@iankelling.org>
Date: Fri, 10 Feb 2017 20:33:28 -0800
Subject: [PATCH] various fixes after reinstalling treetowl

---
 check-subvol-stale  |   0
 distro-begin        |   2 +-
 distro-end          | 114 ++++++++++++++++++++++++++++----------------
 g                   |  22 ---------
 g2                  |   4 --
 mail-cert-cron      |   0
 mount-latest-subvol |   0
 7 files changed, 74 insertions(+), 68 deletions(-)
 mode change 100644 => 100755 check-subvol-stale
 delete mode 100755 g
 delete mode 100644 g2
 mode change 100644 => 100755 mail-cert-cron
 mode change 100644 => 100755 mount-latest-subvol

diff --git a/check-subvol-stale b/check-subvol-stale
old mode 100644
new mode 100755
diff --git a/distro-begin b/distro-begin
index d2b6e08..a762284 100755
--- a/distro-begin
+++ b/distro-begin
@@ -590,7 +590,7 @@ if has_btrfs || home_network; then
 [[ $EUID == 0 ]] || exec sudo -E "$BASH_SOURCE" "$@"
 set -eE -o pipefail
 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
-for dir in /i /mnt/iroot /k /kr; do
+for dir in /i /mnt/iroot /k /kr /w; do
     if ! mountpoint $dir &>/dev/null && \
             awk '{print $2}' /etc/fstab | grep -xF $dir &>/dev/null; then
         if awk '{print $3}' /etc/fstab | grep -xF nfs &>/dev/null; then
diff --git a/distro-end b/distro-end
index 920de7f..645f1d5 100755
--- a/distro-end
+++ b/distro-end
@@ -64,11 +64,13 @@ case $HOSTNAME in
             apache2
             bwm-ng
             chromium
+            cron
             debconf-doc
             duplicity
             eclipse
             evince
             fdupes
+            feh
             filelight
             gcc-doc
             gdb
@@ -177,8 +179,12 @@ esac
 # no equivalent in other distros:
 case $distro in
     debian|ubuntu)
-        pi apt-file aptitude
-        s apt-file update
+        pi aptitude
+        if ! dpkg -s apt-file &>/dev/null; then
+            # this condition is just a speed optimization
+            pi apt-file
+            s apt-file update
+        fi
         # for debconf-get-selections
         spa debconf-utils
         ;;
@@ -284,9 +290,24 @@ esac
 
 ########### end section including li/lj ###############
 
+case $distro in
+    debian|ubuntu)
+        # suggests because we want the resolvconf package.
+        # todo: check other distros to make sure it's installed
+        pi-nostart --install-suggests openvpn
+        # pi-nostart does not disable
+        ser disable openvpn
+        ;;
+    *) pi openvpn;;
+esac
+
 if private-host; then
     vpn-mk-client-cert -n mail li
-    echo "ifconfig-push 10.8.0.4 255.255.255.0" | ssh root@li dd of=/etc/openvpn/client-config/$(openssl x509 -noout -subject -in mail.crt | sed -r 's/.*CN *= *([^,]+).*/\1/')
+    cn=$(s openssl x509 -noout -nameopt multiline -subject \
+           -in /etc/openvpn/client/mail.crt | \
+             sed -rn 's/^\s*commonName\s*=\s*(.*)/\1/p')
+    echo "ifconfig-push 10.8.0.4 255.255.255.0" | \
+        ssh root@li dd of=/etc/openvpn/client-config/"$cn"
 fi
 ser enable mailroute
 if [[ $HOSTNAME == treetowl ]]; then
@@ -356,6 +377,9 @@ if [[ $HOSTNAME == treetowl ]]; then
     # add folder to sync phone, notification will appear on desktop
     # to set folder location.
     #
+    # On phone, set settings to run syncthing all the time, and
+    # show no notification.
+    #
     # Folder versioning would make sense if I didn\'t already use btrfs
     # for backups. I would choose staggered, or trash can for more space.
     #
@@ -398,6 +422,12 @@ EOF
 
             # some reason it doesn't seem to start automatically anyways
             pi-nostart transmission-daemon
+
+            # the folder was moved here after an install around 02/2017.
+            # it contains runtime data,
+            # plus a simple symlink to the config file which it's
+            # not worth separating out.
+            s lnf -T /q/transmission-daemon /var/lib/transmission-daemon/.config/transmission-daemon
             #
             # config file documented here, and it's the same config
             # for daemon vs client, so it's documented in the gui.
@@ -407,26 +437,24 @@ EOF
             # routing to a network namespace, it doesn't see the
             # real source address, so it's disabled.
             #
-            # Changed the cache-size to 128 mb, reduces disk use.
+            # Changed the cache-size to 256 mb, reduces disk use.
             # It is a read & write cache.
             #
-            # todo: setup a password.
             s ruby <<'EOF'
 require 'json'
 p = '/etc/transmission-daemon/settings.json'
 File.write(p, JSON.pretty_generate(JSON.parse(File.read(p)).merge({
 'rpc-whitelist-enabled' => false,
 'rpc-authentication-required' => false,
-'incomplete-dir' => '/k/partial-torrents',
+'incomplete-dir' => '/i/k/partial-torrents',
 'incomplete-dir-enabled' => true,
 'download-dir' => '/i/k/torrents',
 "speed-limit-up" => 800,
 "speed-limit-up-enabled" => true,
 "peer-port" => 61486,
-"cache-size-mb" => 128,
-"ratio-limit" => 1.4000,
-"ratio-limit-enabled" => false,
-"pidfile": "/var/lib/transmission-daemon/transmission-daemon.pid",
+"cache-size-mb" => 256,
+"ratio-limit" => 5.0,
+"ratio-limit-enabled" => true,
 })) + "\n")
 EOF
 
@@ -475,19 +503,30 @@ esac
 # only settings I set were
 # hostname
 # auto-connect
+# password
+
+
+# the password is randomly generated on first run
+rpc_pass=$(s ruby <<'EOF'
+require 'json'
+p = '/etc/transmission-daemon/settings.json'
+puts JSON.parse(File.read(p))["rpc-password"]
+EOF
+)
+
 for f in /home/*; do
     d=$f/.config/transmission-remote-gtk
     u=${f##*/}
     s -u $u mkdir -p $d
-    s -u $u dd of=$d/config.json <<'EOF'
+    s -u $u dd of=$d/config.json <<EOF
 {
   "profiles" : [
     {
       "profile-name" : "Default",
-      "hostname" : "treetowl",
+      "hostname" : "transmission",
       "rpc-url-path" : "/transmission/rpc",
       "username" : "",
-      "password" : "",
+      "password" : "$rpc_pass",
       "auto-connect" : true,
       "ssl" : false,
       "timeout" : 40,
@@ -510,18 +549,6 @@ for f in /home/*; do
 EOF
 done
 
-case $distro in
-    debian|ubuntu)
-        # suggests because we want the resolvconf package.
-        # todo: check other distros to make sure it's installed
-        pi-nostart --install-suggests openvpn
-        # pi-nostart this doesnt seem to be good enough?
-        ser disable openvpn@client
-        ser disable openvpn
-        ;;
-    *) pi openvpn;;
-esac
-
 pi wget
 case $HOSTNAME in
     tp|frodo)
@@ -730,10 +757,10 @@ esac
 
 case $distro in
     debian)
-        if [[ `debian-archive`  == testing ]]; then
-            # has no unstable dependencies
-            spa bitcoin-qt/unstable
-        fi
+        # if [[ `debian-archive`  == testing ]]; then
+        #     # has no unstable dependencies
+        #     pi bitcoind/unstable
+        # fi
         s cp /a/opt/bitcoin/contrib/init/bitcoind.service /etc/systemd/system
         ser daemon-reload
 
@@ -744,7 +771,7 @@ case $distro in
         s mkdir -p $dir
         s chown -R root:bitcoin $dir
         s chmod 750 $dir
-        f=$dir/bitcon.conf
+        f=$dir/bitcoin.conf
 
         # pruning decreases the bitcoin dir to 2 gb, keeps
         # just the recent blocks. can't do a few things like
@@ -770,12 +797,13 @@ EOF
                         # other distros unknown
 esac
 if [[ $HOSTNAME == treetowl ]]; then
-    pi libsodium-dev python3-pip
+    pi libsodium-dev python-pip
     cd /a/opt/joinmarket
     # using develop branch, as it seems to be mostly bug fixes,
     # and this is quite new software.
     # note: python3 does not work.
-    pip install -r requirements.txt
+    # has seg fault error due to some bug, but it still works
+    pip install -r requirements.txt || [[ $? == 139 ]]
     # we need bitcoin.conf in the data dir according to
     # https://github.com/JoinMarket-Org/joinmarket/wiki/Running-JoinMarket-with-Bitcoin-Core-full-node
     # following the example .service script, I don\'t have it there,
@@ -817,7 +845,7 @@ if [[ $HOSTNAME == treetowl ]]; then
 
     # dunno about sharing a wallet between multiple instances
     # manually did, wallet.dat symlinked in /nocow/.bitcoin
-    sgo bitcoind
+    #sgo bitcoind
 fi
 
 
@@ -1000,6 +1028,17 @@ DEVICESCAN -a -o on -S on -n standby,q $sched \
 
 ########### misc stuff
 
+devs=()
+for dev in $(s btrfs fi show /boot | sed -nr 's#.*path\s+(\S+)$#\1#p'); do
+    devs+=($(devbyid $dev),)
+done
+devs[-1]=${devs[-1]%,} # jonied by commas
+
+# on grub upgrade, we get prompts unless we do this
+s debconf-set-selections <<EOF
+grub-pc	grub-pc/install_devices	multiselect ${devs[*]}
+EOF
+
 
 # the wiki backup script from ofswiki.org uses generic paths
 s lnf /p/c/machine_specific/li/mw_vars /root
@@ -1021,13 +1060,6 @@ color-scheme 2
 EOF
 
 
-if [[ $HOSTNAME == treetowl ]] && ! sudo test -e /etc/openvpn/client.key; then
-    /a/bin/vpn-setup/vpn-mk-client-cert dopub
-    # route lan traffic from inside the network namespace.
-    tu /etc/openvpn/client.conf "route 192.168.1.0 255.255.255.0 net_gateway"
-fi
-
-
 case $distro in
     debian|ubuntu)
         case `debian-archive` in
@@ -1035,7 +1067,7 @@ case $distro in
                 s dd of=/etc/apt/preferences.d/unison-gtk <<'EOF'
 Explanation: Allow unison-gtk to be upgraded
 Package: unison-gtk
-Pin: release a=unstable
+Pin: release a=testing
 Pin-Priority: 500
 EOF
                 # dont think using testing is needed since I figured out how to
diff --git a/g b/g
deleted file mode 100755
index 0b5c901..0000000
--- a/g
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/bash
-
-# note: starting emacs server can hang due to errors in init files
-# which don't cause problems for non-server emacs. And things
-# that aren't errors can cause hang too, like when I added gnus
-# git to load path.
-
-# I was experimenting with running
-# under gdb always to diagnose any hangs/crashes
-# and it won't work due to a gdb crash:
-# gdb -ex="set follow-fork-mode child" -ex=r -ex=quit --args emacsclient -nc
-# -n = --no-wait, go into background
-# -c = create new frame instead of reusing the current frame
-# -a = alternate editor, empty string makes it start emacs daemon.
-# This is also set via env variable, but that doesn't propagate everywhere.
-
-
-if pgrep -u $EUID emacsclient && (( $# )); then
-    emacsclient -a "" -n "$@"
-else
-    emacsclient -a "" -nc "$@"
-fi
diff --git a/g2 b/g2
deleted file mode 100644
index a00227c..0000000
--- a/g2
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/bash
-
-# force creation of new frame.
-exec emacsclient -a "" -nc "$@"
diff --git a/mail-cert-cron b/mail-cert-cron
old mode 100644
new mode 100755
diff --git a/mount-latest-subvol b/mount-latest-subvol
old mode 100644
new mode 100755
-- 
2.30.2