Fixes.

diff --git a/bookworm/copy/all/etc/hosts b/bookworm/copy/all/etc/hosts
new file mode 100644 (file)
index 0000000..8937d24
--- /dev/null
+++ b/bookworm/copy/all/etc/hosts
@@ -0,0 +1,13 @@
+# any loopback address imaginable under the sun
+127.0.0.1  localhost localhost.local localhost.localdomain
+::1        localhost localhost.local localhost.localdomain ip6-localhost ip6-localhost.local ip6-localhost.localdomain ip6-loopback ip6-loopback.local ip6-loopback.localdomain
+
+# Debian wants this for some cases where software wants a non-loopback address
+# but we still don't want to rely on external DNS
+# (NB: replacement scripts may, for desktop systems without FQDN, before
+# actually replacing REPLACE_WITH_HOSTNAME, replace "REPLACE_WITH FQDN" with 
+# "REPLACE_WITH_HOSTNAME.local REPLACE_WITH_HOSTNAME.localdomain")
+127.0.1.1  REPLACE_WITH_FQDN REPLACE_WITH_HOSTNAME
+
+# If we *do* have an external FQDN …
+#REPLACE_WITH_EXTERNAL_IP  REPLACE_WITH_FQDN REPLACE_WITH_HOSTNAME

diff --git a/bookworm/preseed.cfg b/bookworm/preseed.cfg
index 36900925d42123a216dcff0722326735c8215cab..6b1938dafb87ba9f43e8a599b89340f3fb0959c4 100644 (file)
--- a/bookworm/preseed.cfg
+++ b/bookworm/preseed.cfg
@@ -37,9 +37,8 @@ user-setup-udeb       passwd/make-user boolean false
 # "Partition disks":"Partitioning method:"/"Guided - use entire disk and set up encrypted LVM"
 d-i partman-auto/init_automatically_partition select 70some_device_crypto__________crypto
 # "Partition disks":"Select disk to partition:"/"/dev/nvme0n1 - 512.1 GB SAMSUNG MZVLB512HBJQ-000L7"
-#d-i partman-auto/select_disk select /dev/nvme0n1
-d-i partman-auto/disk string /dev/nvme0n1p3
-#d-i partman-auto/select_disk select /var/lib/partman/devices/=dev=nvme0n1
+#d-i partman-auto/disk string /dev/nvme0n1p3
+#d-i partman-auto/select_disk select /var/lib/partman/devices/=dev=nvme0n1 
 # "Partition disks":"Partitioning scheme:"/"All files in one partition (recommended for new users)"
 d-i partman-auto/expert_recipe string custom-crypto :: \
 538 538 1075 free \
@@ -78,31 +77,9 @@ d-i partman-auto-crypto/erase_disks boolean false
 d-i partman-auto-lvm/new_vg_name string plomvg
 # "Partition disks"/"Amount of volume group to use for guided partitioning:"
 d-i partman-auto-lvm/guided_size string max
-# "Partition disks"/"Configure the logical volume manager"
-# "Partition disks"/"Write the changes to disks and configure LVM?"
-# "Partition disks"/"LVM configuration action:"/"Delete logical volume"
-# "Partition disks"/"Please select the logical volume to delete."/"Logical volume:"/"root"
-# "Partition disks"/"LVM configuration action:"/"Delete logical volume"
-# "Partition disks"/"Please select the logical volume to delete."/"Logical volume:"/"swap_1"
-# "Partition disks"/"LVM configuration action:"/"Create logical volume"
-# "Partition disks"/"Please select the volume group where the new logical volume should be created."/"Volume group:"
-# "Partition disks"/"Please enter the name you would like to use for the new logical volume."/"Logical volume name:"/"swap"
-# "Partition disks"/"Please enter the size …"/"Logical volume size:"/"48G"
-# "Partition disks"/"LVM configuration action:"/"Create logical volume"
-# "Partition disks"/"Please select the volume group where the new logical volume should be created."/"Volume group:"
-# "Partition disks"/"Please enter the name you would like to use for the new logical volume."/"Logical volume name:"/"root"
-# "Partition disks"/"Please enter the size …"/"Logical volume size:"/"463042MB"
-# "Partition disks"/"LVM configuration action:"/"Finish"
-# "Partition disks"/"You are editing partition #1 of …"/"Partition settings:"/"Use as"
-# "Partition disks"/"How to use this partition:"/"Ext4 journaling file system"
-# "Partition disks"/"You are editing partition #1 of …"/"Partition settings:"/"Mount point"
-# "Partition disks"/"Mount point for this partition:"/"/ - the root file system"
-# "Partition disks"/"You are editing partition #1 of …"/"Partition settings:"/"Done setting up the partition"
-# "Partition disks"/"You are editing partition #1 of …"/"Partition settings:"/"Use as"
-# "Partition disks"/"How to use this partition:"/"swap area"
-# "Partition disks"/"You are editing partition #1 of …"/"Partition settings:"/"Done setting up the partition"
 # "Partition disks"/"Finish partitioning and write changes to disk"
 # "Partition disks"/"Write the changes to disks?"
+d-i partman/confirm boolean true
 
 # "Install the base system"
 d-i base-installer/kernel/image string linux-image-amd64

diff --git a/bookworm/scripts/lib/determine_ip b/bookworm/scripts/lib/determine_ip
deleted file mode 100644 (file)
index 0fd0f09..0000000
--- a/bookworm/scripts/lib/determine_ip
+++ /dev/null
@@ -1,25 +0,0 @@
-determine_ip() {
-    FINAL_IP="127.0.1.1"
-    for IP in $(hostname -I); do
-        if [ $(echo "${IP}" | grep ':' | wc -l) -eq 1 ]; then
-            continue
-        fi
-        RANGE_1=$(echo "${IP}" | cut -d "." -f 1)
-        RANGE_2=$(echo "${IP}" | cut -d "." -f 2)
-        if [ "${RANGE_1}" -eq 127 ]; then
-            continue
-        elif [ "${RANGE_1}" -eq 10 ]; then
-            continue
-        elif [ "${RANGE_1}" -eq 172 ]; then
-            if [ "${RANGE_2}" -ge 16 ] && [ "${RANGE_2}" -le 31 ]; then
-                continue
-            fi
-        elif [ "${RANGE_1}" -eq 192 ]; then
-            if [ "${RANGE_2}" -eq 168 ]; then
-                continue
-            fi
-        fi
-        FINAL_IP="${IP}"
-    done
-    printf "${FINAL_IP}"
-}

diff --git a/bookworm/scripts/setup_server.sh b/bookworm/scripts/setup_server.sh
index 50a9ccd9e89797b4d0200fcc6b12794d0cd99d72..2d4d90d0c0a588196fb4bb0ce0494cfaf34b532a 100755 (executable)
--- a/bookworm/scripts/setup_server.sh
+++ b/bookworm/scripts/setup_server.sh
@@ -4,7 +4,6 @@ cd $(dirname "$0")
 . lib/constants_etc  # PATH_ETC
 . lib/constants_ssh  # PATH_REL_SSH, PATH_USER_SSH
 . lib/copy_dirtrees_of_tags
-. lib/determine_ip
 . lib/expect_n_args
 . lib/init_packages
 . lib/path_tmp_timestamped
@@ -13,19 +12,33 @@ cd $(dirname "$0")
 
 INSTALL_TAGS='all server caddy'
 
-expect_n_args 3 3 'HOSTNAME, FQDN, WEB_PASSWORD' $@
-HOSTNAME="$1"
-FQDN="$2"
-WEB_PASSWORD="$3"
+expect_n_args 2 3 'CADDY_PASSWORD, HOSTNAME, [FQDN]' $@
+CADDY_PASSWORD="$1"
+HOSTNAME="$2"
+FQDN="$3"
 
 PATH_HOSTS="${PATH_ETC}/hosts"
 PATH_BORG_HOME=/home/borg
 PATH_CADDYFILE="${PATH_ETC}/caddy/Caddyfile"
 PATH_CADDY_REPO='https://dl.cloudsmith.io/public/caddy/stable'
 
-echo '\nPreparing caddy install.'
+echo -n 'Determining IP …'
+EXTERNAL_IP=$(hostname -I | cut -d' ' -f1)
+echo " it's: ${EXTERNAP_IP}"
+
+if [ ! -z "FQDN" ]; then
+    echo "Ensuring provided FQDN ${FQDN} maps to it …"
+    IP_BY_DNS=$(getent ahostsv4 | head -1 | cut -d' ' -f1)
+    if [ ! "${IP_BY_DNS}" = "${EXTERNAL_IP}" ]; then
+        echo ""
+        abort "DNS mapping provided FQDN '${FQDN}' to ${IP_BY_DNS} rather than this system's external IP ${EXTERNAL_IP}."
+    fi
+fi
+
+echo 'Ensure we have curl (for caddy installation preparation) …'
 apt-get -y install curl > /dev/null
 PATH_CURL_ERROR="$(path_tmp_timestamped curl_error)"
+echo 'Retrieve caddy repo key …'
 set +e
 curl -1Lf "${PATH_CADDY_REPO}/gpg.key" 2> "${PATH_CURL_ERROR}" | gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
 RESULT="$?"
@@ -34,41 +47,56 @@ if [ "${RESULT}" != '0' ]; then
     cat "${PATH_CURL_ERROR}"
     exit 1
 fi
-curl -1LfsS "${PATH_CADDY_REPO}/debian.deb.txt" > /etc/apt/sources.list.d/caddy-stable.list
+PATH_APT_CADDY_REPO='/etc/apt/sources.list.d/caddy-stable.list'
+echo "Adding caddy repo to ${PATH_APT_CADDY_REPO} …"
+curl -1LfsS "${PATH_CADDY_REPO}/debian.deb.txt" > "${PATH_APT_CADDY_REPO}"
 
 init_packages "${INSTALL_TAGS}"
+setup_user
 
-echo '\nSetting hostname and FQDN.'
+echo '\nCopying over files, directories …'
+copy_dirtrees_of_tags ${INSTALL_TAGS}
+
+echo 'Setting hostname …' 
 echo "${HOSTNAME}" > "${PATH_ETC}/hostname"
 hostname "${HOSTNAME}"
-echo '127.0.0.1 localhost.localdomain localhost' > "${PATH_HOSTS}"
-echo "$(determine_ip) ${FQDN} ${HOSTNAME}" >> "${PATH_HOSTS}"
-
-setup_user
-echo '\nCopying over files, directories.'
-copy_dirtrees_of_tags ${INSTALL_TAGS}
+echo "Adapting ${PATH_HOSTS} …"
+sed -i 's/REPLACE_WITH_HOSTNAME/'"${HOSTNAME}"'/g' "${PATH_HOSTS}"
+sed -i 's/REPLACE_WITH_FQDN/'"${FQDN}"'/g' "${PATH_HOSTS}"
+if [ ! -z "${FQDN}" ]; then
+    sed -i "s/#REPLACE_WITH_EXTERNAL_IP/${EXTERNAL_IP}/g" "${PATH_HOSTS}"
+fi
 
-echo '\nSyncing clock.'
+echo 'Syncing clock …'
 ntpdate-debian
 
-echo '\nMoving SSH data from root to user.'
+echo 'Moving SSH data from root to user …'
 mkdir -p "${PATH_USER_SSH}"
 mv "/root/${PATH_REL_SSH}/authorized_keys" "${PATH_USER_SSH}/"
 chown -R "${USERNAME}:${USERNAME}" "${PATH_USER_SSH}"
 
-echo '\nSetting up minimal borg user.'
+echo '\nSetting up minimal borg user …'
 adduser --system --home "${PATH_BORG_HOME}" --shell /bin/sh borg
 cp -a "${PATH_USER_SSH}" "${PATH_BORG_HOME}/"
 chown -R borg:nogroup "${PATH_BORG_HOME}/${PATH_REL_SSH}"
 
-echo '\nEnabling the firewall.'
+echo 'Enabling firewall …'
 systemctl enable --now nftables
 
-echo "Adapting caddy's config and reloading it …"
-HASH=$(caddy hash-password --plaintext "${WEB_PASSWORD}")
-sed -i 's/REPLACE_WITH_HASH/'"${HASH}"'/g' "${PATH_CADDYFILE}"
-sed -i 's/REPLACE_WITH_FQDN/'"${FQDN}"'/g' "${PATH_CADDYFILE}"
+echo "Creating web-accessible directories …"
 mkdir -p /var/www/dump/private /var/www/dump/public
+
+echo "Adapting ${PATH_CADDYFILE} …"
+CADDY_PW_HASH=$(caddy hash-password --plaintext "${CADDY_PASSWORD}")
+if [ -z "${FQDN}" ]; then
+    ADDRESS_TO_CADDY="${EXTERNAL_IP}"
+else
+    ADDRESS_TO_CADDY="${FQDN}"
+fi
+sed -i 's/REPLACE_WITH_HASH/'"${CADDY_PW_HASH}"'/g' "${PATH_CADDYFILE}"
+sed -i 's/REPLACE_WITH_FQDN/'"${ADDRESS_TO_CADDY}"'/g' "${PATH_CADDYFILE}"
+
+echo "Restarting caddy …"
 systemctl reload caddy
 
 put_finished_marker 'setup_server'

diff --git a/testing/scripts/setup_desktop.sh b/testing/scripts/setup_desktop.sh
index e4f1c49864212063dab27abab3fc7fc39bc53716..e1ad5c8afe4d29c7b0d8799df3b6d28de95df033 100755 (executable)
--- a/testing/scripts/setup_desktop.sh
+++ b/testing/scripts/setup_desktop.sh
@@ -6,7 +6,6 @@ cd $(dirname "$0")
 . lib/constants_etc  # PATH_ETC
 . lib/constants_user  # USERNAME
 . lib/copy_dirtrees_of_tags
-. lib/determine_ip
 . lib/expect_n_args
 . lib/init_packages
 . lib/put_finished_marker
@@ -83,8 +82,9 @@ cp "${PATH_COPY_TAG_ALL}${PATH_ETC_APT_CONF}/99_minimize_dependencies" "${PATH_E
 upgrade_from_older_release
 
 init_packages "${INSTALL_TAGS}"
+setup_user
 
-# NB: This needs to come before steps potentially overwriting /etc/network/interfaces.
+# NB: This *needs* to come before steps potentially overwriting /etc/network/interfaces.
 if [ "$(nmcli -f TYPE conn | grep 'wifi' | wc -l)" = "0" ]; then
     echo "\nChecking for existing wifi config in ${PATH_NETWORK_INTERFACES}."
     adopt_wifi_connection
@@ -92,15 +92,14 @@ else
     echo "\nAlready know wifi connection, nothing to add."
 fi
 
+echo '\nCopying over files, directories.'
+copy_dirtrees_of_tags ${INSTALL_TAGS}
+
 echo "\nSetting hostname and FQDN."
 echo "${SYSTEM_NAME}" > "${PATH_ETC}/hostname"
 hostname "${SYSTEM_NAME}"
-echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
-echo "$(determine_ip) ${SYSTEM_NAME}" >> /etc/hosts
-
-setup_user
-echo '\nCopying over files, directories.'
-copy_dirtrees_of_tags ${INSTALL_TAGS}
+sed -i 's/REPLACE_WITH_FQDN/REPLACE_WITH_HOSTNAME.local REPLACE_WITH_HOSTNAME.localdomain/g' "${PATH_HOSTS}"
+sed -i 's/REPLACE_WITH_HOSTNAME/'"${SYSTEM_NAME}"'/g' "${PATH_HOSTS}"
 
 echo "\nEnsuring our desired locale is available."
 locale-gen