+++ /dev/null
-#!/bin/sh
-set -e
-
-PATH_REL_ETC=etc
-PATH_REL_APTMARK=aptmark
-PATH_REL_REPO=config
-PATH_REL_HOME=home
-PATH_MANY=../../many_releases
-PATH_MANY_MISC="${PATH_MANY}/scripts/_misc.sh"
-ROOTS_HERE_AND_MANY="${PATH_MANY} .."
-
-USERNAME=plom
-PATH_USER_HOME="/home/${USERNAME}"
-
-FILENAME_PRIVATE_KEY=id_rsa
-FILENAME_PUBLIC_KEY="${FILENAME_PRIVATE_KEY}.pub"
-URL_PUBLIC_KEY="https://dump.plomlompom.com/dump/${FILENAME_PUBLIC_KEY}"
-PATH_REL_LOCAL_SSH=.ssh
-PATH_REL_AUTHORIZED_KEYS="${PATH_REL_LOCAL_SSH}/authorized_keys"
-PATH_AUTHORIZED_KEYS="${HOME}/${PATH_REL_AUTHORIZED_KEYS}"
-PATH_USER_SSH="${PATH_USER_HOME}/${PATH_REL_LOCAL_SSH}"
-
+++ /dev/null
-# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client unpredictably so
-ifupdown
-isc-dhcp-client
-# git for the setup directory; cloning works with ca-certificates
-ca-certificates
-git
-# to avoid constant warnings about no locale being found
-locales
-# extremely useful for basic network debugging; missed these more than once in an emergency
-netcat-traditional
-iputils-ping
-
+++ /dev/null
-# so we can still connect
-openssh-server
-# this gotta be good for _something_ …
-raspi-firmware
-# to boot into a graphical environment
-greetd
-sway
-# for waybar script
-calc
-# for sound
-pulseaudio
-# for setting console keyboard via /etc/default/keyboard
-console-setup
-# for setting system time
-ntpsec-ntpdate
-# basic usage
-mpv
-firefox-esr
-# for convenience
-foot
-less
-sudo
-vim
-ack
-man-db
-# for ytplom
-python3-venv
-libmpv2
-ffmpeg
-
+++ /dev/null
-APT::AutoRemove::RecommendsImportant "false";
-APT::AutoRemove::SuggestsImportant "false";
-APT::Install-Recommends "false";
-APT::Install-Suggests "false";
+++ /dev/null
-LANG="en_US.UTF-8"
+++ /dev/null
-# This file lists locales that you wish to have built. You can find a list
-# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
-# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
-# this file, you need to rerun locale-gen.
-
-
-# aa_DJ ISO-8859-1
-# aa_DJ.UTF-8 UTF-8
-# aa_ER UTF-8
-# aa_ER@saaho UTF-8
-# aa_ET UTF-8
-# af_ZA ISO-8859-1
-# af_ZA.UTF-8 UTF-8
-# ak_GH UTF-8
-# am_ET UTF-8
-# an_ES ISO-8859-15
-# an_ES.UTF-8 UTF-8
-# anp_IN UTF-8
-# ar_AE ISO-8859-6
-# ar_AE.UTF-8 UTF-8
-# ar_BH ISO-8859-6
-# ar_BH.UTF-8 UTF-8
-# ar_DZ ISO-8859-6
-# ar_DZ.UTF-8 UTF-8
-# ar_EG ISO-8859-6
-# ar_EG.UTF-8 UTF-8
-# ar_IN UTF-8
-# ar_IQ ISO-8859-6
-# ar_IQ.UTF-8 UTF-8
-# ar_JO ISO-8859-6
-# ar_JO.UTF-8 UTF-8
-# ar_KW ISO-8859-6
-# ar_KW.UTF-8 UTF-8
-# ar_LB ISO-8859-6
-# ar_LB.UTF-8 UTF-8
-# ar_LY ISO-8859-6
-# ar_LY.UTF-8 UTF-8
-# ar_MA ISO-8859-6
-# ar_MA.UTF-8 UTF-8
-# ar_OM ISO-8859-6
-# ar_OM.UTF-8 UTF-8
-# ar_QA ISO-8859-6
-# ar_QA.UTF-8 UTF-8
-# ar_SA ISO-8859-6
-# ar_SA.UTF-8 UTF-8
-# ar_SD ISO-8859-6
-# ar_SD.UTF-8 UTF-8
-# ar_SS UTF-8
-# ar_SY ISO-8859-6
-# ar_SY.UTF-8 UTF-8
-# ar_TN ISO-8859-6
-# ar_TN.UTF-8 UTF-8
-# ar_YE ISO-8859-6
-# ar_YE.UTF-8 UTF-8
-# as_IN UTF-8
-# ast_ES ISO-8859-15
-# ast_ES.UTF-8 UTF-8
-# ayc_PE UTF-8
-# az_AZ UTF-8
-# be_BY CP1251
-# be_BY.UTF-8 UTF-8
-# be_BY@latin UTF-8
-# bem_ZM UTF-8
-# ber_DZ UTF-8
-# ber_MA UTF-8
-# bg_BG CP1251
-# bg_BG.UTF-8 UTF-8
-# bhb_IN.UTF-8 UTF-8
-# bho_IN UTF-8
-# bn_BD UTF-8
-# bn_IN UTF-8
-# bo_CN UTF-8
-# bo_IN UTF-8
-# br_FR ISO-8859-1
-# br_FR.UTF-8 UTF-8
-# br_FR@euro ISO-8859-15
-# brx_IN UTF-8
-# bs_BA ISO-8859-2
-# bs_BA.UTF-8 UTF-8
-# byn_ER UTF-8
-# ca_AD ISO-8859-15
-# ca_AD.UTF-8 UTF-8
-# ca_ES ISO-8859-1
-# ca_ES.UTF-8 UTF-8
-# ca_ES.UTF-8@valencia UTF-8
-# ca_ES@euro ISO-8859-15
-# ca_ES@valencia ISO-8859-15
-# ca_FR ISO-8859-15
-# ca_FR.UTF-8 UTF-8
-# ca_IT ISO-8859-15
-# ca_IT.UTF-8 UTF-8
-# ce_RU UTF-8
-# chr_US UTF-8
-# cmn_TW UTF-8
-# crh_UA UTF-8
-# cs_CZ ISO-8859-2
-# cs_CZ.UTF-8 UTF-8
-# csb_PL UTF-8
-# cv_RU UTF-8
-# cy_GB ISO-8859-14
-# cy_GB.UTF-8 UTF-8
-# da_DK ISO-8859-1
-# da_DK.UTF-8 UTF-8
-# de_AT ISO-8859-1
-# de_AT.UTF-8 UTF-8
-# de_AT@euro ISO-8859-15
-# de_BE ISO-8859-1
-# de_BE.UTF-8 UTF-8
-# de_BE@euro ISO-8859-15
-# de_CH ISO-8859-1
-# de_CH.UTF-8 UTF-8
-# de_DE ISO-8859-1
-# de_DE.UTF-8 UTF-8
-# de_DE@euro ISO-8859-15
-# de_IT ISO-8859-1
-# de_IT.UTF-8 UTF-8
-# de_LI.UTF-8 UTF-8
-# de_LU ISO-8859-1
-# de_LU.UTF-8 UTF-8
-# de_LU@euro ISO-8859-15
-# doi_IN UTF-8
-# dv_MV UTF-8
-# dz_BT UTF-8
-# el_CY ISO-8859-7
-# el_CY.UTF-8 UTF-8
-# el_GR ISO-8859-7
-# el_GR.UTF-8 UTF-8
-# en_AG UTF-8
-# en_AU ISO-8859-1
-# en_AU.UTF-8 UTF-8
-# en_BW ISO-8859-1
-# en_BW.UTF-8 UTF-8
-# en_CA ISO-8859-1
-# en_CA.UTF-8 UTF-8
-# en_DK ISO-8859-1
-# en_DK.ISO-8859-15 ISO-8859-15
-# en_DK.UTF-8 UTF-8
-# en_GB ISO-8859-1
-# en_GB.ISO-8859-15 ISO-8859-15
-# en_GB.UTF-8 UTF-8
-# en_HK ISO-8859-1
-# en_HK.UTF-8 UTF-8
-# en_IE ISO-8859-1
-# en_IE.UTF-8 UTF-8
-# en_IE@euro ISO-8859-15
-# en_IL UTF-8
-# en_IN UTF-8
-# en_NG UTF-8
-# en_NZ ISO-8859-1
-# en_NZ.UTF-8 UTF-8
-# en_PH ISO-8859-1
-# en_PH.UTF-8 UTF-8
-# en_SG ISO-8859-1
-# en_SG.UTF-8 UTF-8
-# en_US ISO-8859-1
-# en_US.ISO-8859-15 ISO-8859-15
-en_US.UTF-8 UTF-8
-# en_ZA ISO-8859-1
-# en_ZA.UTF-8 UTF-8
-# en_ZM UTF-8
-# en_ZW ISO-8859-1
-# en_ZW.UTF-8 UTF-8
-# eo UTF-8
-# es_AR ISO-8859-1
-# es_AR.UTF-8 UTF-8
-# es_BO ISO-8859-1
-# es_BO.UTF-8 UTF-8
-# es_CL ISO-8859-1
-# es_CL.UTF-8 UTF-8
-# es_CO ISO-8859-1
-# es_CO.UTF-8 UTF-8
-# es_CR ISO-8859-1
-# es_CR.UTF-8 UTF-8
-# es_CU UTF-8
-# es_DO ISO-8859-1
-# es_DO.UTF-8 UTF-8
-# es_EC ISO-8859-1
-# es_EC.UTF-8 UTF-8
-# es_ES ISO-8859-1
-# es_ES.UTF-8 UTF-8
-# es_ES@euro ISO-8859-15
-# es_GT ISO-8859-1
-# es_GT.UTF-8 UTF-8
-# es_HN ISO-8859-1
-# es_HN.UTF-8 UTF-8
-# es_MX ISO-8859-1
-# es_MX.UTF-8 UTF-8
-# es_NI ISO-8859-1
-# es_NI.UTF-8 UTF-8
-# es_PA ISO-8859-1
-# es_PA.UTF-8 UTF-8
-# es_PE ISO-8859-1
-# es_PE.UTF-8 UTF-8
-# es_PR ISO-8859-1
-# es_PR.UTF-8 UTF-8
-# es_PY ISO-8859-1
-# es_PY.UTF-8 UTF-8
-# es_SV ISO-8859-1
-# es_SV.UTF-8 UTF-8
-# es_US ISO-8859-1
-# es_US.UTF-8 UTF-8
-# es_UY ISO-8859-1
-# es_UY.UTF-8 UTF-8
-# es_VE ISO-8859-1
-# es_VE.UTF-8 UTF-8
-# et_EE ISO-8859-1
-# et_EE.ISO-8859-15 ISO-8859-15
-# et_EE.UTF-8 UTF-8
-# eu_ES ISO-8859-1
-# eu_ES.UTF-8 UTF-8
-# eu_ES@euro ISO-8859-15
-# eu_FR ISO-8859-1
-# eu_FR.UTF-8 UTF-8
-# eu_FR@euro ISO-8859-15
-# fa_IR UTF-8
-# ff_SN UTF-8
-# fi_FI ISO-8859-1
-# fi_FI.UTF-8 UTF-8
-# fi_FI@euro ISO-8859-15
-# fil_PH UTF-8
-# fo_FO ISO-8859-1
-# fo_FO.UTF-8 UTF-8
-# fr_BE ISO-8859-1
-# fr_BE.UTF-8 UTF-8
-# fr_BE@euro ISO-8859-15
-# fr_CA ISO-8859-1
-# fr_CA.UTF-8 UTF-8
-# fr_CH ISO-8859-1
-# fr_CH.UTF-8 UTF-8
-# fr_FR ISO-8859-1
-# fr_FR.UTF-8 UTF-8
-# fr_FR@euro ISO-8859-15
-# fr_LU ISO-8859-1
-# fr_LU.UTF-8 UTF-8
-# fr_LU@euro ISO-8859-15
-# fur_IT UTF-8
-# fy_DE UTF-8
-# fy_NL UTF-8
-# ga_IE ISO-8859-1
-# ga_IE.UTF-8 UTF-8
-# ga_IE@euro ISO-8859-15
-# gd_GB ISO-8859-15
-# gd_GB.UTF-8 UTF-8
-# gez_ER UTF-8
-# gez_ER@abegede UTF-8
-# gez_ET UTF-8
-# gez_ET@abegede UTF-8
-# gl_ES ISO-8859-1
-# gl_ES.UTF-8 UTF-8
-# gl_ES@euro ISO-8859-15
-# gu_IN UTF-8
-# gv_GB ISO-8859-1
-# gv_GB.UTF-8 UTF-8
-# ha_NG UTF-8
-# hak_TW UTF-8
-# he_IL ISO-8859-8
-# he_IL.UTF-8 UTF-8
-# hi_IN UTF-8
-# hne_IN UTF-8
-# hr_HR ISO-8859-2
-# hr_HR.UTF-8 UTF-8
-# hsb_DE ISO-8859-2
-# hsb_DE.UTF-8 UTF-8
-# ht_HT UTF-8
-# hu_HU ISO-8859-2
-# hu_HU.UTF-8 UTF-8
-# hy_AM UTF-8
-# hy_AM.ARMSCII-8 ARMSCII-8
-# ia_FR UTF-8
-# id_ID ISO-8859-1
-# id_ID.UTF-8 UTF-8
-# ig_NG UTF-8
-# ik_CA UTF-8
-# is_IS ISO-8859-1
-# is_IS.UTF-8 UTF-8
-# it_CH ISO-8859-1
-# it_CH.UTF-8 UTF-8
-# it_IT ISO-8859-1
-# it_IT.UTF-8 UTF-8
-# it_IT@euro ISO-8859-15
-# iu_CA UTF-8
-# ja_JP.EUC-JP EUC-JP
-# ja_JP.UTF-8 UTF-8
-# ka_GE GEORGIAN-PS
-# ka_GE.UTF-8 UTF-8
-# kk_KZ PT154
-# kk_KZ.RK1048 RK1048
-# kk_KZ.UTF-8 UTF-8
-# kl_GL ISO-8859-1
-# kl_GL.UTF-8 UTF-8
-# km_KH UTF-8
-# kn_IN UTF-8
-# ko_KR.EUC-KR EUC-KR
-# ko_KR.UTF-8 UTF-8
-# kok_IN UTF-8
-# ks_IN UTF-8
-# ks_IN@devanagari UTF-8
-# ku_TR ISO-8859-9
-# ku_TR.UTF-8 UTF-8
-# kw_GB ISO-8859-1
-# kw_GB.UTF-8 UTF-8
-# ky_KG UTF-8
-# lb_LU UTF-8
-# lg_UG ISO-8859-10
-# lg_UG.UTF-8 UTF-8
-# li_BE UTF-8
-# li_NL UTF-8
-# lij_IT UTF-8
-# ln_CD UTF-8
-# lo_LA UTF-8
-# lt_LT ISO-8859-13
-# lt_LT.UTF-8 UTF-8
-# lv_LV ISO-8859-13
-# lv_LV.UTF-8 UTF-8
-# lzh_TW UTF-8
-# mag_IN UTF-8
-# mai_IN UTF-8
-# mg_MG ISO-8859-15
-# mg_MG.UTF-8 UTF-8
-# mhr_RU UTF-8
-# mi_NZ ISO-8859-13
-# mi_NZ.UTF-8 UTF-8
-# mk_MK ISO-8859-5
-# mk_MK.UTF-8 UTF-8
-# ml_IN UTF-8
-# mn_MN UTF-8
-# mni_IN UTF-8
-# mr_IN UTF-8
-# ms_MY ISO-8859-1
-# ms_MY.UTF-8 UTF-8
-# mt_MT ISO-8859-3
-# mt_MT.UTF-8 UTF-8
-# my_MM UTF-8
-# nan_TW UTF-8
-# nan_TW@latin UTF-8
-# nb_NO ISO-8859-1
-# nb_NO.UTF-8 UTF-8
-# nds_DE UTF-8
-# nds_NL UTF-8
-# ne_NP UTF-8
-# nhn_MX UTF-8
-# niu_NU UTF-8
-# niu_NZ UTF-8
-# nl_AW UTF-8
-# nl_BE ISO-8859-1
-# nl_BE.UTF-8 UTF-8
-# nl_BE@euro ISO-8859-15
-# nl_NL ISO-8859-1
-# nl_NL.UTF-8 UTF-8
-# nl_NL@euro ISO-8859-15
-# nn_NO ISO-8859-1
-# nn_NO.UTF-8 UTF-8
-# nr_ZA UTF-8
-# nso_ZA UTF-8
-# oc_FR ISO-8859-1
-# oc_FR.UTF-8 UTF-8
-# om_ET UTF-8
-# om_KE ISO-8859-1
-# om_KE.UTF-8 UTF-8
-# or_IN UTF-8
-# os_RU UTF-8
-# pa_IN UTF-8
-# pa_PK UTF-8
-# pap_AW UTF-8
-# pap_CW UTF-8
-# pl_PL ISO-8859-2
-# pl_PL.UTF-8 UTF-8
-# ps_AF UTF-8
-# pt_BR ISO-8859-1
-# pt_BR.UTF-8 UTF-8
-# pt_PT ISO-8859-1
-# pt_PT.UTF-8 UTF-8
-# pt_PT@euro ISO-8859-15
-# quz_PE UTF-8
-# raj_IN UTF-8
-# ro_RO ISO-8859-2
-# ro_RO.UTF-8 UTF-8
-# ru_RU ISO-8859-5
-# ru_RU.CP1251 CP1251
-# ru_RU.KOI8-R KOI8-R
-# ru_RU.UTF-8 UTF-8
-# ru_UA KOI8-U
-# ru_UA.UTF-8 UTF-8
-# rw_RW UTF-8
-# sa_IN UTF-8
-# sat_IN UTF-8
-# sc_IT UTF-8
-# sd_IN UTF-8
-# sd_IN@devanagari UTF-8
-# se_NO UTF-8
-# sgs_LT UTF-8
-# shs_CA UTF-8
-# si_LK UTF-8
-# sid_ET UTF-8
-# sk_SK ISO-8859-2
-# sk_SK.UTF-8 UTF-8
-# sl_SI ISO-8859-2
-# sl_SI.UTF-8 UTF-8
-# so_DJ ISO-8859-1
-# so_DJ.UTF-8 UTF-8
-# so_ET UTF-8
-# so_KE ISO-8859-1
-# so_KE.UTF-8 UTF-8
-# so_SO ISO-8859-1
-# so_SO.UTF-8 UTF-8
-# sq_AL ISO-8859-1
-# sq_AL.UTF-8 UTF-8
-# sq_MK UTF-8
-# sr_ME UTF-8
-# sr_RS UTF-8
-# sr_RS@latin UTF-8
-# ss_ZA UTF-8
-# st_ZA ISO-8859-1
-# st_ZA.UTF-8 UTF-8
-# sv_FI ISO-8859-1
-# sv_FI.UTF-8 UTF-8
-# sv_FI@euro ISO-8859-15
-# sv_SE ISO-8859-1
-# sv_SE.ISO-8859-15 ISO-8859-15
-# sv_SE.UTF-8 UTF-8
-# sw_KE UTF-8
-# sw_TZ UTF-8
-# szl_PL UTF-8
-# ta_IN UTF-8
-# ta_LK UTF-8
-# tcy_IN.UTF-8 UTF-8
-# te_IN UTF-8
-# tg_TJ KOI8-T
-# tg_TJ.UTF-8 UTF-8
-# th_TH TIS-620
-# th_TH.UTF-8 UTF-8
-# the_NP UTF-8
-# ti_ER UTF-8
-# ti_ET UTF-8
-# tig_ER UTF-8
-# tk_TM UTF-8
-# tl_PH ISO-8859-1
-# tl_PH.UTF-8 UTF-8
-# tn_ZA UTF-8
-# tr_CY ISO-8859-9
-# tr_CY.UTF-8 UTF-8
-# tr_TR ISO-8859-9
-# tr_TR.UTF-8 UTF-8
-# ts_ZA UTF-8
-# tt_RU UTF-8
-# tt_RU@iqtelif UTF-8
-# ug_CN UTF-8
-# uk_UA KOI8-U
-# uk_UA.UTF-8 UTF-8
-# unm_US UTF-8
-# ur_IN UTF-8
-# ur_PK UTF-8
-# uz_UZ ISO-8859-1
-# uz_UZ.UTF-8 UTF-8
-# uz_UZ@cyrillic UTF-8
-# ve_ZA UTF-8
-# vi_VN UTF-8
-# wa_BE ISO-8859-1
-# wa_BE.UTF-8 UTF-8
-# wa_BE@euro ISO-8859-15
-# wae_CH UTF-8
-# wal_ET UTF-8
-# wo_SN UTF-8
-# xh_ZA ISO-8859-1
-# xh_ZA.UTF-8 UTF-8
-# yi_US CP1255
-# yi_US.UTF-8 UTF-8
-# yo_NG UTF-8
-# yue_HK UTF-8
-# zh_CN GB2312
-# zh_CN.GB18030 GB18030
-# zh_CN.GBK GBK
-# zh_CN.UTF-8 UTF-8
-# zh_HK BIG5-HKSCS
-# zh_HK.UTF-8 UTF-8
-# zh_SG GB2312
-# zh_SG.GBK GBK
-# zh_SG.UTF-8 UTF-8
-# zh_TW BIG5
-# zh_TW.EUC-TW EUC-TW
-# zh_TW.UTF-8 UTF-8
-# zu_ZA ISO-8859-1
-# zu_ZA.UTF-8 UTF-8
+++ /dev/null
-Europe/Berlin
+++ /dev/null
-[terminal]
-vt = 7
-[default_session]
-command = "~/.nonpath_bins/on_session_start.sh"
-user = "plom"
+++ /dev/null
-
-# This is the sshd server system-wide configuration file. See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented. Uncommented options override the
-# default value.
-
-Include /etc/ssh/sshd_config.d/*.conf
-
-#Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-#PermitRootLogin prohibit-password
-PermitRootLogin no # plomlompom's security rule
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#PubkeyAuthentication yes
-
-# Expect .ssh/authorized_keys2 to be disregarded by default in future.
-#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-PasswordAuthentication no
-#PermitEmptyPasswords no
-
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-KbdInteractiveAuthentication no
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-#GSSAPIStrictAcceptorCheck yes
-#GSSAPIKeyExchange no
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the KbdInteractiveAuthentication and
-# PasswordAuthentication. Depending on your PAM configuration,
-# PAM authentication via KbdInteractiveAuthentication may bypass
-# the setting of "PermitRootLogin prohibit-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and KbdInteractiveAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-X11Forwarding yes
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-PrintMotd no
-#PrintLastLog yes
-#TCPKeepAlive yes
-#PermitUserEnvironment no
-#Compression delayed
-ClientAliveInterval 15
-#ClientAliveCountMax 3
-#UseDNS no
-#PidFile /run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
-
-# override default of no subsystems
-Subsystem sftp /usr/lib/openssh/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-# X11Forwarding no
-# AllowTcpForwarding no
-# PermitTTY no
-# ForceCommand cvs server
+++ /dev/null
-[Unit]
-Description=Monitor temperature to throttle CPU if necessary
-After=network.target
-
-[Service]
-Type=simple
-ExecStart=/root/throttle_cpu.sh
-Restart=always
-RestartSec=10
-User=root
-
-[Install]
-WantedBy=multi-user.target
+++ /dev/null
-# Settings for interactive shells.
-
-# Fancy colors for ls.
-alias ls="ls --color=auto"
-
-# Other helpful aliases
-alias sshauth='eval $(ssh-agent) && ssh-add'
-
-# Use vim as default editor for anything.
-export VISUAL=vim
-export EDITOR=$VISUAL
-
-# Colored prompt with username, hostname, date/time, directory.
-colornumber=7 # Default to white if no color set via colornumber dotfile.
-colornumber_file=~/.shell_prompt_color
-if [ -f $colornumber_file ]; then
- colornumber=`cat $colornumber_file`
-fi
-tput_color="$(tput setaf $colornumber)$(tput bold)"
-tput_reset="$(tput sgr0)"
-# Bash confuses the line length when not told to not count escape sequences.
-if [ ! "$BASH" = "" ]; then
- tput_color="\[$tput_color\]"
- tput_reset="\[$tput_reset\]"
-fi
-PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset"
-PS2="${tput_color}> $tput_reset"
-PS3="${tput_color}select: $tput_reset"
-PS4="${tput_color}+ $tput_reset"
+++ /dev/null
-[user]
- email = c.heller@plomlompom.de
- name = Christian Heller
+++ /dev/null
-fullscreen=yes
-profile=fast
-vo=gpu
-ao=pulse
+++ /dev/null
-# because these are included by /etc/sway/config for probably good reason …
-include /etc/sway/config-vars.d/*
-include /etc/sway/config.d/*
-
-# simple green background
-output * background #559911 solid_color
-
-# keyboard layout
-input * xkb_layout "de"
-
-# waybar
-bar {
- position top
- status_command ~/.nonpath_bins/status.sh
-}
-
-# keybindings
-set $mod Mod4
-
-bindsym $mod+Return exec foot
-bindsym $mod+Shift+q kill
-bindsym $mod+Shift+p exit
-
-bindsym $mod+f fullscreen
-bindsym $mod+space focus mode_toggle
-bindsym $mod+Shift+space floating toggle
-
-bindsym $mod+Left focus left
-bindsym $mod+Down focus down
-bindsym $mod+Up focus up
-bindsym $mod+Right focus right
-
-bindsym $mod+Shift+Left move left
-bindsym $mod+Shift+Down move down
-bindsym $mod+Shift+Up move up
-bindsym $mod+Shift+Right move right
-
+++ /dev/null
-#!/usr/bin/sh
-# Iinitalize anything we want in our sessions opened by greetd.
-
-# Workaround to pulseaudio daemon somehow not respecting setting these with
-# ~/.config/pulse/default.pa – note that the first pactl call also seems
-# necessary, probably for forcing some init routines without which the pacmd
-# calls that follow won't work; TODO: find cleaner solutions
-pactl list sinks > /dev/null
-pacmd set-default-sink alsa_output.platform-fef05700.hdmi.hdmi-stereo
-pacmd set-sink-volume alsa_output.platform-fef05700.hdmi.hdmi-stereo 65536
-
-# Wayland environment.
-/usr/bin/sway
+++ /dev/null
-#!/bin/sh
-# see sway-bar(5) and swaybar-protocol(7)
-MEGA=1000
-GIGA=1000000
-printf '{ "version": 1 }\n[\n'
-while true; do
- printf ' [\n'
- printf ' {"full_text": "%s"},\n' "$(ip -4 addr show scope global | grep -oP '(?<=inet\s)\d+(\.\d+){3}')"
- printf ' {"full_text": "%d° C"},\n' $(calc "$(cat /sys/class/thermal/thermal_zone0/temp) // ${MEGA}")
- printf ' {"full_text": "%.1f/%.1f GHz"},\n' $(calc "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq) / ${GIGA}") $(calc "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq) / ${GIGA}")
- printf ' {"full_text": "%s"},\n' "$(date +'%Y-%m-%d %X')"
- printf ' ],\n'
- sleep 1
-done
+++ /dev/null
-# ~/.profile: executed by the command interpreter for login shells.
-
-# simplified defaults: read .bashrc, extend PATH by bin dirs
-. "$HOME/.bashrc"
-PATH="$HOME/.local/bin:$HOME/bin:$PATH"
-
-# to forward video on commands run via SSH login to screen we expect connected
-if [ -n "$SSH_CONNECTION" ]; then
- export WAYLAND_DISPLAY=wayland-1
-fi
+++ /dev/null
-#!/bin/sh
-set -e
-
-MED_TEMP=85000
-MAX_TEMP=95000
-
-MIN_FREQ=600000
-MED_FREQ=1000000
-MAX_FREQ=1500000
-
-PATH_TEMP='/sys/class/thermal/thermal_zone0/temp'
-
-set_max_freq() {
- for cpu in /sys/devices/system/cpu/cpu[0-9]*; do
- echo "$1" > "$cpu/cpufreq/scaling_max_freq"
- done
- echo "$1"
-}
-
-freq_set=$(set_max_freq "${MIN_FREQ}")
-while true; do
- temp=$(cat "${PATH_TEMP}")
- if [ "${temp}" -ge "${MAX_TEMP}" ]; then
- if [ "${freq_set}" -gt "${MIN_FREQ}" ]; then
- freq_set=$(set_max_freq "${MIN_FREQ}")
- fi
- elif [ "${temp}" -ge "${MED_TEMP}" ]; then
- if [ "${freq_set}" -gt "${MED_FREQ}" ]; then
- freq_set=$(set_max_freq "${MED_FREQ}")
- fi
- elif [ "${freq_set}" -lt "${MAX_FREQ}" ]; then
- freq_set=$(set_max_freq "${MAX_FREQ}")
- fi
- sleep 1
-done
+++ /dev/null
-#!/bin/sh
-set -e
-
-export DEBIAN_FRONTEND=noninteractive
-
-expect_min_n_args() {
- min_args="$1"
- explainer="$2"
- shift 2
- if [ "$#" -lt "${min_args}" ]; then
- echo "Need at least ${min_args} arguments … ${explainer}"
- false
- fi
-}
-
-copy_dirtree() {
- # Copy files in argument-selected subdirectories of $1 to subdirectories
- # of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2
- # of "" and $3 of "all", copy files below etc_files/all such as
- # etc_files/all/etc/foo/bar to equivalent locations below / such as
- # /etc/foo/bar. Create directories as necessary. Multiple arguments after
- # $3 are possible.
- #
- # CAUTION: This overwrites original files at the affected paths.
- expect_min_n_args 3 "(source root, target root, modules)" "$@"
- source_root="$1"
- target_root="$2"
- shift 2
- modules="$@"
- initial_directory="$(pwd)"
- for module in ${modules}; do
- module_path="${source_root}/${module}"
- if [ ! -d "${module_path}" ]; then
- continue
- fi
- cd "${module_path}"
- for path in $(find . -type f); do
- target_path="${target_root}"$(echo "${path}" | cut -c2-)
- source_path=$(realpath "${path}")
- dir=$(dirname "${target_path}")
- mkdir -p "${dir}"
- cp "${source_path}" "${target_path}"
- done
- cd "${initial_directory}"
- done
-}
-
-install_for_modules() {
- # Walk through the package names in the argument-selected files of
- # apt-mark/ and ensures the respective packages are installed.
- #
- # Caution: Ignores anything in an apt-mark/ file after the last newline,
- # so make sure there's nothing meaningful thereafter.
- expect_min_n_args 2 "(apt_mark_dir, modules)" "$@"
- apt_mark_dir="$1"
- shift 1
- modules="$@"
- for module in ${modules}; do
- path="${apt_mark_dir}/${module}"
- if [ ! -f "${path}" ]; then
- continue
- fi
- cat "${path}" | while read line; do
- echo "$line"
- if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
- apt-get -y -o Dpkg::Options::="--force-confnew" install "${line}"
- fi
- done
- done
-}
-
-mark_nonrequireds_auto() {
- path_list_unsorted='/tmp/list_unsorted'
- path_list_all_packages='/tmp/list_all_packages'
- path_list_white='/tmp/list_white'
- path_list_black='/tmp/list_black'
- dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > "${path_list_unsorted}"
- sort "${path_list_unsorted}" | uniq > "${path_list_white}"
- dpkg-query -Wf '${Package}\n' > "${path_list_unsorted}"
- sort "${path_list_unsorted}" | uniq > "${path_list_all_packages}"
- comm -3 "${path_list_all_packages}" "${path_list_white}" > "${path_list_black}"
- apt-mark auto `cat "${path_list_black}"`
- rm "${path_list_unsorted}" "${path_list_all_packages}" "${path_list_white}" "${path_list_black}"
-}
-
-upgrade_from_older_release() {
- # Upgrade system to calling context's Debian release.
- # Caution: Don't expect any customized /etc files to surivive this!
- path_sources_list='/apt/sources.list'
- apt update
- apt -y -o Dpkg::Options::='--force-confnew' upgrade
- apt -y -o Dpkg::Options::='--force-confnew' full-upgrade
- cp "../etc/all${path_sources_list}" "/etc${path_sources_list}"
- apt clean
- apt update
- apt -y -o Dpkg::Options::='--force-confnew' upgrade
- apt -y -o Dpkg::Options::='--force-confnew' full-upgrade
- apt -y autoremove
-}
-
-add_my_public_key() {
- # NB: vars expected to be pulled in from caller previously calling constants.sh!
- apt update
- apt -y install wget
- wget "${URL_PUBLIC_KEY}"
- cat "${FILENAME_PUBLIC_KEY}" >> "${PATH_AUTHORIZED_KEYS}"
- rm "${FILENAME_PUBLIC_KEY}"
-}
-
-setup_for_raspi() {
- # NB: vars expected to be pulled in from caller previously calling constants.sh!
-
- # ensure we can log in
- add_my_public_key
- # (alternatively, or preceding this to reduce non-remote typing, TEMPORARILY
- # (!) set password login:)
- # passwd
- # echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
-
- # migrate to testing
- upgrade_from_older_release
-
- # on installing console-setup, will guide it to do the right thing (including
- # re-writing /etc/default/keyboard)
- echo 'XKBLAYOUT=de' > /etc/default/keyboard
-
- # properly configure apt and reduce system to minimum that satisfies our own
- # aptmark/ package lists
- for root in ${ROOTS_HERE_AND_MANY}; do
- copy_dirtree "${root}/${PATH_REL_ETC}/all" '/etc/apt' apt
- done
- apt update
- mark_nonrequireds_auto
- for root in ${ROOTS_HERE_AND_MANY}; do
- install_for_modules "${root}/${PATH_REL_APTMARK}" all raspi
- done
- apt -y --purge autoremove
- for root in ${ROOTS_HERE_AND_MANY}; do
- copy_dirtree "${root}/${PATH_REL_ETC}" '/etc' all raspi
- done
-
- # Ensure our desired locale is available.
- locale-gen
-
- # Set Berlin localtime.
- ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
- ntpdate-debian
-
- # so Sway won't complain about failing to access non-existant background image file
- sed -i '/^output \* bg/ s/^/#/' /etc/sway/config
-
- # Set up root environment.
- for root in ${ROOTS_HERE_AND_MANY}; do
- copy_dirtree "${root}/${PATH_REL_HOME}" '/root' all root raspi_root
- done
-
- # Set up user and their environment.
- adduser --disabled-password --gecos "" "${USERNAME}"
- usermod -a -G sudo "${USERNAME}"
- for root in ${ROOTS_HERE_AND_MANY}; do
- copy_dirtree "${root}/${PATH_REL_HOME}" "${PATH_USER_HOME}" all desktop raspi
- done
- mkdir "${PATH_USER_SSH}"
- cp "${PATH_AUTHORIZED_KEYS}" "${PATH_USER_SSH}"
- chown -R "${USERNAME}:${USERNAME}" "${PATH_USER_HOME}"
- passwd "${USERNAME}"
- rm "${PATH_AUTHORIZED_KEYS}"
-
- # Activate /root/throttle_cpu.sh daemonization.
- systemctl enable throttle_cpu.service
- systemctl start throttle_cpu.service
-}
--- /dev/null
+#!/bin/sh
+set -e
+
+PATH_REL_ETC=etc
+PATH_REL_APTMARK=aptmark
+PATH_REL_REPO=config
+PATH_REL_HOME=home
+PATH_MANY=../../many_releases
+PATH_MANY_MISC="${PATH_MANY}/scripts/_misc.sh"
+ROOTS_HERE_AND_MANY="${PATH_MANY} .."
+
+USERNAME=plom
+PATH_USER_HOME="/home/${USERNAME}"
+
+FILENAME_PRIVATE_KEY=id_rsa
+FILENAME_PUBLIC_KEY="${FILENAME_PRIVATE_KEY}.pub"
+URL_PUBLIC_KEY="https://dump.plomlompom.com/dump/${FILENAME_PUBLIC_KEY}"
+PATH_REL_LOCAL_SSH=.ssh
+PATH_REL_AUTHORIZED_KEYS="${PATH_REL_LOCAL_SSH}/authorized_keys"
+PATH_AUTHORIZED_KEYS="${HOME}/${PATH_REL_AUTHORIZED_KEYS}"
+PATH_USER_SSH="${PATH_USER_HOME}/${PATH_REL_LOCAL_SSH}"
+
--- /dev/null
+# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client unpredictably so
+ifupdown
+isc-dhcp-client
+# git for the setup directory; cloning works with ca-certificates
+ca-certificates
+git
+# to avoid constant warnings about no locale being found
+locales
+# extremely useful for basic network debugging; missed these more than once in an emergency
+netcat-traditional
+iputils-ping
+
--- /dev/null
+# so we can still connect
+openssh-server
+# this gotta be good for _something_ …
+raspi-firmware
+# to boot into a graphical environment
+greetd
+sway
+# for waybar script
+calc
+# for sound
+pulseaudio
+# for setting console keyboard via /etc/default/keyboard
+console-setup
+# for setting system time
+ntpsec-ntpdate
+# basic usage
+mpv
+firefox-esr
+# for convenience
+foot
+less
+sudo
+vim
+ack
+man-db
+# for ytplom
+python3-venv
+libmpv2
+ffmpeg
+
--- /dev/null
+APT::AutoRemove::RecommendsImportant "false";
+APT::AutoRemove::SuggestsImportant "false";
+APT::Install-Recommends "false";
+APT::Install-Suggests "false";
--- /dev/null
+LANG="en_US.UTF-8"
--- /dev/null
+# This file lists locales that you wish to have built. You can find a list
+# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
+# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
+# this file, you need to rerun locale-gen.
+
+
+# aa_DJ ISO-8859-1
+# aa_DJ.UTF-8 UTF-8
+# aa_ER UTF-8
+# aa_ER@saaho UTF-8
+# aa_ET UTF-8
+# af_ZA ISO-8859-1
+# af_ZA.UTF-8 UTF-8
+# ak_GH UTF-8
+# am_ET UTF-8
+# an_ES ISO-8859-15
+# an_ES.UTF-8 UTF-8
+# anp_IN UTF-8
+# ar_AE ISO-8859-6
+# ar_AE.UTF-8 UTF-8
+# ar_BH ISO-8859-6
+# ar_BH.UTF-8 UTF-8
+# ar_DZ ISO-8859-6
+# ar_DZ.UTF-8 UTF-8
+# ar_EG ISO-8859-6
+# ar_EG.UTF-8 UTF-8
+# ar_IN UTF-8
+# ar_IQ ISO-8859-6
+# ar_IQ.UTF-8 UTF-8
+# ar_JO ISO-8859-6
+# ar_JO.UTF-8 UTF-8
+# ar_KW ISO-8859-6
+# ar_KW.UTF-8 UTF-8
+# ar_LB ISO-8859-6
+# ar_LB.UTF-8 UTF-8
+# ar_LY ISO-8859-6
+# ar_LY.UTF-8 UTF-8
+# ar_MA ISO-8859-6
+# ar_MA.UTF-8 UTF-8
+# ar_OM ISO-8859-6
+# ar_OM.UTF-8 UTF-8
+# ar_QA ISO-8859-6
+# ar_QA.UTF-8 UTF-8
+# ar_SA ISO-8859-6
+# ar_SA.UTF-8 UTF-8
+# ar_SD ISO-8859-6
+# ar_SD.UTF-8 UTF-8
+# ar_SS UTF-8
+# ar_SY ISO-8859-6
+# ar_SY.UTF-8 UTF-8
+# ar_TN ISO-8859-6
+# ar_TN.UTF-8 UTF-8
+# ar_YE ISO-8859-6
+# ar_YE.UTF-8 UTF-8
+# as_IN UTF-8
+# ast_ES ISO-8859-15
+# ast_ES.UTF-8 UTF-8
+# ayc_PE UTF-8
+# az_AZ UTF-8
+# be_BY CP1251
+# be_BY.UTF-8 UTF-8
+# be_BY@latin UTF-8
+# bem_ZM UTF-8
+# ber_DZ UTF-8
+# ber_MA UTF-8
+# bg_BG CP1251
+# bg_BG.UTF-8 UTF-8
+# bhb_IN.UTF-8 UTF-8
+# bho_IN UTF-8
+# bn_BD UTF-8
+# bn_IN UTF-8
+# bo_CN UTF-8
+# bo_IN UTF-8
+# br_FR ISO-8859-1
+# br_FR.UTF-8 UTF-8
+# br_FR@euro ISO-8859-15
+# brx_IN UTF-8
+# bs_BA ISO-8859-2
+# bs_BA.UTF-8 UTF-8
+# byn_ER UTF-8
+# ca_AD ISO-8859-15
+# ca_AD.UTF-8 UTF-8
+# ca_ES ISO-8859-1
+# ca_ES.UTF-8 UTF-8
+# ca_ES.UTF-8@valencia UTF-8
+# ca_ES@euro ISO-8859-15
+# ca_ES@valencia ISO-8859-15
+# ca_FR ISO-8859-15
+# ca_FR.UTF-8 UTF-8
+# ca_IT ISO-8859-15
+# ca_IT.UTF-8 UTF-8
+# ce_RU UTF-8
+# chr_US UTF-8
+# cmn_TW UTF-8
+# crh_UA UTF-8
+# cs_CZ ISO-8859-2
+# cs_CZ.UTF-8 UTF-8
+# csb_PL UTF-8
+# cv_RU UTF-8
+# cy_GB ISO-8859-14
+# cy_GB.UTF-8 UTF-8
+# da_DK ISO-8859-1
+# da_DK.UTF-8 UTF-8
+# de_AT ISO-8859-1
+# de_AT.UTF-8 UTF-8
+# de_AT@euro ISO-8859-15
+# de_BE ISO-8859-1
+# de_BE.UTF-8 UTF-8
+# de_BE@euro ISO-8859-15
+# de_CH ISO-8859-1
+# de_CH.UTF-8 UTF-8
+# de_DE ISO-8859-1
+# de_DE.UTF-8 UTF-8
+# de_DE@euro ISO-8859-15
+# de_IT ISO-8859-1
+# de_IT.UTF-8 UTF-8
+# de_LI.UTF-8 UTF-8
+# de_LU ISO-8859-1
+# de_LU.UTF-8 UTF-8
+# de_LU@euro ISO-8859-15
+# doi_IN UTF-8
+# dv_MV UTF-8
+# dz_BT UTF-8
+# el_CY ISO-8859-7
+# el_CY.UTF-8 UTF-8
+# el_GR ISO-8859-7
+# el_GR.UTF-8 UTF-8
+# en_AG UTF-8
+# en_AU ISO-8859-1
+# en_AU.UTF-8 UTF-8
+# en_BW ISO-8859-1
+# en_BW.UTF-8 UTF-8
+# en_CA ISO-8859-1
+# en_CA.UTF-8 UTF-8
+# en_DK ISO-8859-1
+# en_DK.ISO-8859-15 ISO-8859-15
+# en_DK.UTF-8 UTF-8
+# en_GB ISO-8859-1
+# en_GB.ISO-8859-15 ISO-8859-15
+# en_GB.UTF-8 UTF-8
+# en_HK ISO-8859-1
+# en_HK.UTF-8 UTF-8
+# en_IE ISO-8859-1
+# en_IE.UTF-8 UTF-8
+# en_IE@euro ISO-8859-15
+# en_IL UTF-8
+# en_IN UTF-8
+# en_NG UTF-8
+# en_NZ ISO-8859-1
+# en_NZ.UTF-8 UTF-8
+# en_PH ISO-8859-1
+# en_PH.UTF-8 UTF-8
+# en_SG ISO-8859-1
+# en_SG.UTF-8 UTF-8
+# en_US ISO-8859-1
+# en_US.ISO-8859-15 ISO-8859-15
+en_US.UTF-8 UTF-8
+# en_ZA ISO-8859-1
+# en_ZA.UTF-8 UTF-8
+# en_ZM UTF-8
+# en_ZW ISO-8859-1
+# en_ZW.UTF-8 UTF-8
+# eo UTF-8
+# es_AR ISO-8859-1
+# es_AR.UTF-8 UTF-8
+# es_BO ISO-8859-1
+# es_BO.UTF-8 UTF-8
+# es_CL ISO-8859-1
+# es_CL.UTF-8 UTF-8
+# es_CO ISO-8859-1
+# es_CO.UTF-8 UTF-8
+# es_CR ISO-8859-1
+# es_CR.UTF-8 UTF-8
+# es_CU UTF-8
+# es_DO ISO-8859-1
+# es_DO.UTF-8 UTF-8
+# es_EC ISO-8859-1
+# es_EC.UTF-8 UTF-8
+# es_ES ISO-8859-1
+# es_ES.UTF-8 UTF-8
+# es_ES@euro ISO-8859-15
+# es_GT ISO-8859-1
+# es_GT.UTF-8 UTF-8
+# es_HN ISO-8859-1
+# es_HN.UTF-8 UTF-8
+# es_MX ISO-8859-1
+# es_MX.UTF-8 UTF-8
+# es_NI ISO-8859-1
+# es_NI.UTF-8 UTF-8
+# es_PA ISO-8859-1
+# es_PA.UTF-8 UTF-8
+# es_PE ISO-8859-1
+# es_PE.UTF-8 UTF-8
+# es_PR ISO-8859-1
+# es_PR.UTF-8 UTF-8
+# es_PY ISO-8859-1
+# es_PY.UTF-8 UTF-8
+# es_SV ISO-8859-1
+# es_SV.UTF-8 UTF-8
+# es_US ISO-8859-1
+# es_US.UTF-8 UTF-8
+# es_UY ISO-8859-1
+# es_UY.UTF-8 UTF-8
+# es_VE ISO-8859-1
+# es_VE.UTF-8 UTF-8
+# et_EE ISO-8859-1
+# et_EE.ISO-8859-15 ISO-8859-15
+# et_EE.UTF-8 UTF-8
+# eu_ES ISO-8859-1
+# eu_ES.UTF-8 UTF-8
+# eu_ES@euro ISO-8859-15
+# eu_FR ISO-8859-1
+# eu_FR.UTF-8 UTF-8
+# eu_FR@euro ISO-8859-15
+# fa_IR UTF-8
+# ff_SN UTF-8
+# fi_FI ISO-8859-1
+# fi_FI.UTF-8 UTF-8
+# fi_FI@euro ISO-8859-15
+# fil_PH UTF-8
+# fo_FO ISO-8859-1
+# fo_FO.UTF-8 UTF-8
+# fr_BE ISO-8859-1
+# fr_BE.UTF-8 UTF-8
+# fr_BE@euro ISO-8859-15
+# fr_CA ISO-8859-1
+# fr_CA.UTF-8 UTF-8
+# fr_CH ISO-8859-1
+# fr_CH.UTF-8 UTF-8
+# fr_FR ISO-8859-1
+# fr_FR.UTF-8 UTF-8
+# fr_FR@euro ISO-8859-15
+# fr_LU ISO-8859-1
+# fr_LU.UTF-8 UTF-8
+# fr_LU@euro ISO-8859-15
+# fur_IT UTF-8
+# fy_DE UTF-8
+# fy_NL UTF-8
+# ga_IE ISO-8859-1
+# ga_IE.UTF-8 UTF-8
+# ga_IE@euro ISO-8859-15
+# gd_GB ISO-8859-15
+# gd_GB.UTF-8 UTF-8
+# gez_ER UTF-8
+# gez_ER@abegede UTF-8
+# gez_ET UTF-8
+# gez_ET@abegede UTF-8
+# gl_ES ISO-8859-1
+# gl_ES.UTF-8 UTF-8
+# gl_ES@euro ISO-8859-15
+# gu_IN UTF-8
+# gv_GB ISO-8859-1
+# gv_GB.UTF-8 UTF-8
+# ha_NG UTF-8
+# hak_TW UTF-8
+# he_IL ISO-8859-8
+# he_IL.UTF-8 UTF-8
+# hi_IN UTF-8
+# hne_IN UTF-8
+# hr_HR ISO-8859-2
+# hr_HR.UTF-8 UTF-8
+# hsb_DE ISO-8859-2
+# hsb_DE.UTF-8 UTF-8
+# ht_HT UTF-8
+# hu_HU ISO-8859-2
+# hu_HU.UTF-8 UTF-8
+# hy_AM UTF-8
+# hy_AM.ARMSCII-8 ARMSCII-8
+# ia_FR UTF-8
+# id_ID ISO-8859-1
+# id_ID.UTF-8 UTF-8
+# ig_NG UTF-8
+# ik_CA UTF-8
+# is_IS ISO-8859-1
+# is_IS.UTF-8 UTF-8
+# it_CH ISO-8859-1
+# it_CH.UTF-8 UTF-8
+# it_IT ISO-8859-1
+# it_IT.UTF-8 UTF-8
+# it_IT@euro ISO-8859-15
+# iu_CA UTF-8
+# ja_JP.EUC-JP EUC-JP
+# ja_JP.UTF-8 UTF-8
+# ka_GE GEORGIAN-PS
+# ka_GE.UTF-8 UTF-8
+# kk_KZ PT154
+# kk_KZ.RK1048 RK1048
+# kk_KZ.UTF-8 UTF-8
+# kl_GL ISO-8859-1
+# kl_GL.UTF-8 UTF-8
+# km_KH UTF-8
+# kn_IN UTF-8
+# ko_KR.EUC-KR EUC-KR
+# ko_KR.UTF-8 UTF-8
+# kok_IN UTF-8
+# ks_IN UTF-8
+# ks_IN@devanagari UTF-8
+# ku_TR ISO-8859-9
+# ku_TR.UTF-8 UTF-8
+# kw_GB ISO-8859-1
+# kw_GB.UTF-8 UTF-8
+# ky_KG UTF-8
+# lb_LU UTF-8
+# lg_UG ISO-8859-10
+# lg_UG.UTF-8 UTF-8
+# li_BE UTF-8
+# li_NL UTF-8
+# lij_IT UTF-8
+# ln_CD UTF-8
+# lo_LA UTF-8
+# lt_LT ISO-8859-13
+# lt_LT.UTF-8 UTF-8
+# lv_LV ISO-8859-13
+# lv_LV.UTF-8 UTF-8
+# lzh_TW UTF-8
+# mag_IN UTF-8
+# mai_IN UTF-8
+# mg_MG ISO-8859-15
+# mg_MG.UTF-8 UTF-8
+# mhr_RU UTF-8
+# mi_NZ ISO-8859-13
+# mi_NZ.UTF-8 UTF-8
+# mk_MK ISO-8859-5
+# mk_MK.UTF-8 UTF-8
+# ml_IN UTF-8
+# mn_MN UTF-8
+# mni_IN UTF-8
+# mr_IN UTF-8
+# ms_MY ISO-8859-1
+# ms_MY.UTF-8 UTF-8
+# mt_MT ISO-8859-3
+# mt_MT.UTF-8 UTF-8
+# my_MM UTF-8
+# nan_TW UTF-8
+# nan_TW@latin UTF-8
+# nb_NO ISO-8859-1
+# nb_NO.UTF-8 UTF-8
+# nds_DE UTF-8
+# nds_NL UTF-8
+# ne_NP UTF-8
+# nhn_MX UTF-8
+# niu_NU UTF-8
+# niu_NZ UTF-8
+# nl_AW UTF-8
+# nl_BE ISO-8859-1
+# nl_BE.UTF-8 UTF-8
+# nl_BE@euro ISO-8859-15
+# nl_NL ISO-8859-1
+# nl_NL.UTF-8 UTF-8
+# nl_NL@euro ISO-8859-15
+# nn_NO ISO-8859-1
+# nn_NO.UTF-8 UTF-8
+# nr_ZA UTF-8
+# nso_ZA UTF-8
+# oc_FR ISO-8859-1
+# oc_FR.UTF-8 UTF-8
+# om_ET UTF-8
+# om_KE ISO-8859-1
+# om_KE.UTF-8 UTF-8
+# or_IN UTF-8
+# os_RU UTF-8
+# pa_IN UTF-8
+# pa_PK UTF-8
+# pap_AW UTF-8
+# pap_CW UTF-8
+# pl_PL ISO-8859-2
+# pl_PL.UTF-8 UTF-8
+# ps_AF UTF-8
+# pt_BR ISO-8859-1
+# pt_BR.UTF-8 UTF-8
+# pt_PT ISO-8859-1
+# pt_PT.UTF-8 UTF-8
+# pt_PT@euro ISO-8859-15
+# quz_PE UTF-8
+# raj_IN UTF-8
+# ro_RO ISO-8859-2
+# ro_RO.UTF-8 UTF-8
+# ru_RU ISO-8859-5
+# ru_RU.CP1251 CP1251
+# ru_RU.KOI8-R KOI8-R
+# ru_RU.UTF-8 UTF-8
+# ru_UA KOI8-U
+# ru_UA.UTF-8 UTF-8
+# rw_RW UTF-8
+# sa_IN UTF-8
+# sat_IN UTF-8
+# sc_IT UTF-8
+# sd_IN UTF-8
+# sd_IN@devanagari UTF-8
+# se_NO UTF-8
+# sgs_LT UTF-8
+# shs_CA UTF-8
+# si_LK UTF-8
+# sid_ET UTF-8
+# sk_SK ISO-8859-2
+# sk_SK.UTF-8 UTF-8
+# sl_SI ISO-8859-2
+# sl_SI.UTF-8 UTF-8
+# so_DJ ISO-8859-1
+# so_DJ.UTF-8 UTF-8
+# so_ET UTF-8
+# so_KE ISO-8859-1
+# so_KE.UTF-8 UTF-8
+# so_SO ISO-8859-1
+# so_SO.UTF-8 UTF-8
+# sq_AL ISO-8859-1
+# sq_AL.UTF-8 UTF-8
+# sq_MK UTF-8
+# sr_ME UTF-8
+# sr_RS UTF-8
+# sr_RS@latin UTF-8
+# ss_ZA UTF-8
+# st_ZA ISO-8859-1
+# st_ZA.UTF-8 UTF-8
+# sv_FI ISO-8859-1
+# sv_FI.UTF-8 UTF-8
+# sv_FI@euro ISO-8859-15
+# sv_SE ISO-8859-1
+# sv_SE.ISO-8859-15 ISO-8859-15
+# sv_SE.UTF-8 UTF-8
+# sw_KE UTF-8
+# sw_TZ UTF-8
+# szl_PL UTF-8
+# ta_IN UTF-8
+# ta_LK UTF-8
+# tcy_IN.UTF-8 UTF-8
+# te_IN UTF-8
+# tg_TJ KOI8-T
+# tg_TJ.UTF-8 UTF-8
+# th_TH TIS-620
+# th_TH.UTF-8 UTF-8
+# the_NP UTF-8
+# ti_ER UTF-8
+# ti_ET UTF-8
+# tig_ER UTF-8
+# tk_TM UTF-8
+# tl_PH ISO-8859-1
+# tl_PH.UTF-8 UTF-8
+# tn_ZA UTF-8
+# tr_CY ISO-8859-9
+# tr_CY.UTF-8 UTF-8
+# tr_TR ISO-8859-9
+# tr_TR.UTF-8 UTF-8
+# ts_ZA UTF-8
+# tt_RU UTF-8
+# tt_RU@iqtelif UTF-8
+# ug_CN UTF-8
+# uk_UA KOI8-U
+# uk_UA.UTF-8 UTF-8
+# unm_US UTF-8
+# ur_IN UTF-8
+# ur_PK UTF-8
+# uz_UZ ISO-8859-1
+# uz_UZ.UTF-8 UTF-8
+# uz_UZ@cyrillic UTF-8
+# ve_ZA UTF-8
+# vi_VN UTF-8
+# wa_BE ISO-8859-1
+# wa_BE.UTF-8 UTF-8
+# wa_BE@euro ISO-8859-15
+# wae_CH UTF-8
+# wal_ET UTF-8
+# wo_SN UTF-8
+# xh_ZA ISO-8859-1
+# xh_ZA.UTF-8 UTF-8
+# yi_US CP1255
+# yi_US.UTF-8 UTF-8
+# yo_NG UTF-8
+# yue_HK UTF-8
+# zh_CN GB2312
+# zh_CN.GB18030 GB18030
+# zh_CN.GBK GBK
+# zh_CN.UTF-8 UTF-8
+# zh_HK BIG5-HKSCS
+# zh_HK.UTF-8 UTF-8
+# zh_SG GB2312
+# zh_SG.GBK GBK
+# zh_SG.UTF-8 UTF-8
+# zh_TW BIG5
+# zh_TW.EUC-TW EUC-TW
+# zh_TW.UTF-8 UTF-8
+# zu_ZA ISO-8859-1
+# zu_ZA.UTF-8 UTF-8
--- /dev/null
+Europe/Berlin
--- /dev/null
+[terminal]
+vt = 7
+[default_session]
+command = "~/.nonpath_bins/on_session_start.sh"
+user = "plom"
--- /dev/null
+
+# This is the sshd server system-wide configuration file. See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented. Uncommented options override the
+# default value.
+
+Include /etc/ssh/sshd_config.d/*.conf
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
+
+# Ciphers and keying
+#RekeyLimit default none
+
+# Logging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+#PermitRootLogin prohibit-password
+PermitRootLogin no # plomlompom's security rule
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+#PubkeyAuthentication yes
+
+# Expect .ssh/authorized_keys2 to be disregarded by default in future.
+#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
+
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+PasswordAuthentication no
+#PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+KbdInteractiveAuthentication no
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
+#GSSAPIKeyExchange no
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the KbdInteractiveAuthentication and
+# PasswordAuthentication. Depending on your PAM configuration,
+# PAM authentication via KbdInteractiveAuthentication may bypass
+# the setting of "PermitRootLogin prohibit-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and KbdInteractiveAuthentication to 'no'.
+UsePAM yes
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+X11Forwarding yes
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PermitTTY yes
+PrintMotd no
+#PrintLastLog yes
+#TCPKeepAlive yes
+#PermitUserEnvironment no
+#Compression delayed
+ClientAliveInterval 15
+#ClientAliveCountMax 3
+#UseDNS no
+#PidFile /run/sshd.pid
+#MaxStartups 10:30:100
+#PermitTunnel no
+#ChrootDirectory none
+#VersionAddendum none
+
+# no default banner path
+#Banner none
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+# override default of no subsystems
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+# X11Forwarding no
+# AllowTcpForwarding no
+# PermitTTY no
+# ForceCommand cvs server
--- /dev/null
+[Unit]
+Description=Monitor temperature to throttle CPU if necessary
+After=network.target
+
+[Service]
+Type=simple
+ExecStart=/root/throttle_cpu.sh
+Restart=always
+RestartSec=10
+User=root
+
+[Install]
+WantedBy=multi-user.target
--- /dev/null
+# Settings for interactive shells.
+
+# Fancy colors for ls.
+alias ls="ls --color=auto"
+
+# Other helpful aliases
+alias sshauth='eval $(ssh-agent) && ssh-add'
+
+# Use vim as default editor for anything.
+export VISUAL=vim
+export EDITOR=$VISUAL
+
+# Colored prompt with username, hostname, date/time, directory.
+colornumber=7 # Default to white if no color set via colornumber dotfile.
+colornumber_file=~/.shell_prompt_color
+if [ -f $colornumber_file ]; then
+ colornumber=`cat $colornumber_file`
+fi
+tput_color="$(tput setaf $colornumber)$(tput bold)"
+tput_reset="$(tput sgr0)"
+# Bash confuses the line length when not told to not count escape sequences.
+if [ ! "$BASH" = "" ]; then
+ tput_color="\[$tput_color\]"
+ tput_reset="\[$tput_reset\]"
+fi
+PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset"
+PS2="${tput_color}> $tput_reset"
+PS3="${tput_color}select: $tput_reset"
+PS4="${tput_color}+ $tput_reset"
--- /dev/null
+[user]
+ email = c.heller@plomlompom.de
+ name = Christian Heller
--- /dev/null
+fullscreen=yes
+profile=fast
+vo=gpu
+ao=pulse
--- /dev/null
+# because these are included by /etc/sway/config for probably good reason …
+include /etc/sway/config-vars.d/*
+include /etc/sway/config.d/*
+
+# simple green background
+output * background #559911 solid_color
+
+# keyboard layout
+input * xkb_layout "de"
+
+# waybar
+bar {
+ position top
+ status_command ~/.nonpath_bins/status.sh
+}
+
+# keybindings
+set $mod Mod4
+
+bindsym $mod+Return exec foot
+bindsym $mod+Shift+q kill
+bindsym $mod+Shift+p exit
+
+bindsym $mod+f fullscreen
+bindsym $mod+space focus mode_toggle
+bindsym $mod+Shift+space floating toggle
+
+bindsym $mod+Left focus left
+bindsym $mod+Down focus down
+bindsym $mod+Up focus up
+bindsym $mod+Right focus right
+
+bindsym $mod+Shift+Left move left
+bindsym $mod+Shift+Down move down
+bindsym $mod+Shift+Up move up
+bindsym $mod+Shift+Right move right
+
--- /dev/null
+#!/usr/bin/sh
+# Iinitalize anything we want in our sessions opened by greetd.
+
+# Workaround to pulseaudio daemon somehow not respecting setting these with
+# ~/.config/pulse/default.pa – note that the first pactl call also seems
+# necessary, probably for forcing some init routines without which the pacmd
+# calls that follow won't work; TODO: find cleaner solutions
+pactl list sinks > /dev/null
+pacmd set-default-sink alsa_output.platform-fef05700.hdmi.hdmi-stereo
+pacmd set-sink-volume alsa_output.platform-fef05700.hdmi.hdmi-stereo 65536
+
+# Wayland environment.
+/usr/bin/sway
--- /dev/null
+#!/bin/sh
+# see sway-bar(5) and swaybar-protocol(7)
+MEGA=1000
+GIGA=1000000
+printf '{ "version": 1 }\n[\n'
+while true; do
+ printf ' [\n'
+ printf ' {"full_text": "%s"},\n' "$(ip -4 addr show scope global | grep -oP '(?<=inet\s)\d+(\.\d+){3}')"
+ printf ' {"full_text": "%d° C"},\n' $(calc "$(cat /sys/class/thermal/thermal_zone0/temp) // ${MEGA}")
+ printf ' {"full_text": "%.1f/%.1f GHz"},\n' $(calc "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq) / ${GIGA}") $(calc "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq) / ${GIGA}")
+ printf ' {"full_text": "%s"},\n' "$(date +'%Y-%m-%d %X')"
+ printf ' ],\n'
+ sleep 1
+done
--- /dev/null
+# ~/.profile: executed by the command interpreter for login shells.
+
+# simplified defaults: read .bashrc, extend PATH by bin dirs
+. "$HOME/.bashrc"
+PATH="$HOME/.local/bin:$HOME/bin:$PATH"
+
+# to forward video on commands run via SSH login to screen we expect connected
+if [ -n "$SSH_CONNECTION" ]; then
+ export WAYLAND_DISPLAY=wayland-1
+fi
--- /dev/null
+#!/bin/sh
+set -e
+
+MED_TEMP=85000
+MAX_TEMP=95000
+
+MIN_FREQ=600000
+MED_FREQ=1000000
+MAX_FREQ=1500000
+
+PATH_TEMP='/sys/class/thermal/thermal_zone0/temp'
+
+set_max_freq() {
+ for cpu in /sys/devices/system/cpu/cpu[0-9]*; do
+ echo "$1" > "$cpu/cpufreq/scaling_max_freq"
+ done
+ echo "$1"
+}
+
+freq_set=$(set_max_freq "${MIN_FREQ}")
+while true; do
+ temp=$(cat "${PATH_TEMP}")
+ if [ "${temp}" -ge "${MAX_TEMP}" ]; then
+ if [ "${freq_set}" -gt "${MIN_FREQ}" ]; then
+ freq_set=$(set_max_freq "${MIN_FREQ}")
+ fi
+ elif [ "${temp}" -ge "${MED_TEMP}" ]; then
+ if [ "${freq_set}" -gt "${MED_FREQ}" ]; then
+ freq_set=$(set_max_freq "${MED_FREQ}")
+ fi
+ elif [ "${freq_set}" -lt "${MAX_FREQ}" ]; then
+ freq_set=$(set_max_freq "${MAX_FREQ}")
+ fi
+ sleep 1
+done
--- /dev/null
+#!/bin/sh
+set -e
+
+export DEBIAN_FRONTEND=noninteractive
+
+expect_min_n_args() {
+ min_args="$1"
+ explainer="$2"
+ shift 2
+ if [ "$#" -lt "${min_args}" ]; then
+ echo "Need at least ${min_args} arguments … ${explainer}"
+ false
+ fi
+}
+
+copy_dirtree() {
+ # Copy files in argument-selected subdirectories of $1 to subdirectories
+ # of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2
+ # of "" and $3 of "all", copy files below etc_files/all such as
+ # etc_files/all/etc/foo/bar to equivalent locations below / such as
+ # /etc/foo/bar. Create directories as necessary. Multiple arguments after
+ # $3 are possible.
+ #
+ # CAUTION: This overwrites original files at the affected paths.
+ expect_min_n_args 3 "(source root, target root, modules)" "$@"
+ source_root="$1"
+ target_root="$2"
+ shift 2
+ modules="$@"
+ initial_directory="$(pwd)"
+ for module in ${modules}; do
+ module_path="${source_root}/${module}"
+ if [ ! -d "${module_path}" ]; then
+ continue
+ fi
+ cd "${module_path}"
+ for path in $(find . -type f); do
+ target_path="${target_root}"$(echo "${path}" | cut -c2-)
+ source_path=$(realpath "${path}")
+ dir=$(dirname "${target_path}")
+ mkdir -p "${dir}"
+ cp "${source_path}" "${target_path}"
+ done
+ cd "${initial_directory}"
+ done
+}
+
+install_for_modules() {
+ # Walk through the package names in the argument-selected files of
+ # apt-mark/ and ensures the respective packages are installed.
+ #
+ # Caution: Ignores anything in an apt-mark/ file after the last newline,
+ # so make sure there's nothing meaningful thereafter.
+ expect_min_n_args 2 "(apt_mark_dir, modules)" "$@"
+ apt_mark_dir="$1"
+ shift 1
+ modules="$@"
+ for module in ${modules}; do
+ path="${apt_mark_dir}/${module}"
+ if [ ! -f "${path}" ]; then
+ continue
+ fi
+ cat "${path}" | while read line; do
+ echo "$line"
+ if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
+ apt-get -y -o Dpkg::Options::="--force-confnew" install "${line}"
+ fi
+ done
+ done
+}
+
+mark_nonrequireds_auto() {
+ path_list_unsorted='/tmp/list_unsorted'
+ path_list_all_packages='/tmp/list_all_packages'
+ path_list_white='/tmp/list_white'
+ path_list_black='/tmp/list_black'
+ dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > "${path_list_unsorted}"
+ sort "${path_list_unsorted}" | uniq > "${path_list_white}"
+ dpkg-query -Wf '${Package}\n' > "${path_list_unsorted}"
+ sort "${path_list_unsorted}" | uniq > "${path_list_all_packages}"
+ comm -3 "${path_list_all_packages}" "${path_list_white}" > "${path_list_black}"
+ apt-mark auto `cat "${path_list_black}"`
+ rm "${path_list_unsorted}" "${path_list_all_packages}" "${path_list_white}" "${path_list_black}"
+}
+
+upgrade_from_older_release() {
+ # Upgrade system to calling context's Debian release.
+ # Caution: Don't expect any customized /etc files to surivive this!
+ path_sources_list='/apt/sources.list'
+ apt update
+ apt -y -o Dpkg::Options::='--force-confnew' upgrade
+ apt -y -o Dpkg::Options::='--force-confnew' full-upgrade
+ cp "../etc/all${path_sources_list}" "/etc${path_sources_list}"
+ apt clean
+ apt update
+ apt -y -o Dpkg::Options::='--force-confnew' upgrade
+ apt -y -o Dpkg::Options::='--force-confnew' full-upgrade
+ apt -y autoremove
+}
+
+add_my_public_key() {
+ # NB: vars expected to be pulled in from caller previously calling constants.sh!
+ apt update
+ apt -y install wget
+ wget "${URL_PUBLIC_KEY}"
+ cat "${FILENAME_PUBLIC_KEY}" >> "${PATH_AUTHORIZED_KEYS}"
+ rm "${FILENAME_PUBLIC_KEY}"
+}
+
+setup_for_raspi() {
+ # NB: vars expected to be pulled in from caller previously calling constants.sh!
+
+ # ensure we can log in
+ add_my_public_key
+ # (alternatively, or preceding this to reduce non-remote typing, TEMPORARILY
+ # (!) set password login:)
+ # passwd
+ # echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
+
+ # migrate to testing
+ upgrade_from_older_release
+
+ # on installing console-setup, will guide it to do the right thing (including
+ # re-writing /etc/default/keyboard)
+ echo 'XKBLAYOUT=de' > /etc/default/keyboard
+
+ # properly configure apt and reduce system to minimum that satisfies our own
+ # aptmark/ package lists
+ for root in ${ROOTS_HERE_AND_MANY}; do
+ copy_dirtree "${root}/${PATH_REL_ETC}/all" '/etc/apt' apt
+ done
+ apt update
+ mark_nonrequireds_auto
+ for root in ${ROOTS_HERE_AND_MANY}; do
+ install_for_modules "${root}/${PATH_REL_APTMARK}" all raspi
+ done
+ apt -y --purge autoremove
+ for root in ${ROOTS_HERE_AND_MANY}; do
+ copy_dirtree "${root}/${PATH_REL_ETC}" '/etc' all raspi
+ done
+
+ # Ensure our desired locale is available.
+ locale-gen
+
+ # Set Berlin localtime.
+ ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
+ ntpdate-debian
+
+ # so Sway won't complain about failing to access non-existant background image file
+ sed -i '/^output \* bg/ s/^/#/' /etc/sway/config
+
+ # Set up root environment.
+ for root in ${ROOTS_HERE_AND_MANY}; do
+ copy_dirtree "${root}/${PATH_REL_HOME}" '/root' all root raspi_root
+ done
+
+ # Set up user and their environment.
+ adduser --disabled-password --gecos "" "${USERNAME}"
+ usermod -a -G sudo "${USERNAME}"
+ for root in ${ROOTS_HERE_AND_MANY}; do
+ copy_dirtree "${root}/${PATH_REL_HOME}" "${PATH_USER_HOME}" all desktop raspi
+ done
+ mkdir "${PATH_USER_SSH}"
+ cp "${PATH_AUTHORIZED_KEYS}" "${PATH_USER_SSH}"
+ chown -R "${USERNAME}:${USERNAME}" "${PATH_USER_HOME}"
+ passwd "${USERNAME}"
+ rm "${PATH_AUTHORIZED_KEYS}"
+
+ # Activate /root/throttle_cpu.sh daemonization.
+ systemctl enable throttle_cpu.service
+ systemctl start throttle_cpu.service
+}
projects / config / commitdiff