-if [ "$#" -ne 1 ]; then
- echo 'Need exactly one argument (system name).'
- false
-fi
-found=0
-for system_name_i in $legal_system_names; do
- if [ "$1" = "$system_name_i" ]; then
- found=1
- system_name="${system_name_i}"
- continue
+expect_n_args 1 "(system name)" "$@"
+get_system_name_arg "$1"
+
+cd $setup_scripts_dir
+./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}"
+
+secrets_dev="sdb"
+source_dir_secrets="/media/${secrets_dev}/to_usb"
+target_dir_secrets="${HOME}/tmp_secrets"
+echo "Put secrets drive into slot for /dev/${secrets_dev}."
+while [ ! -e /dev/"${secrets_dev}" ]; do
+ sleep 1
+done
+stty -echo
+printf "Secrets passphrase: "
+read SECRETS_PASS
+stty echo
+echo "" # newline so user knows their input return was accepted
+sudo -v
+echo "${SECRETS_PASS}" | sudo pmount /dev/"${secrets_dev}"
+cp -a "${source_dir_secrets}" "${target_dir_secrets}"
+sudo chown -R plom:plom "${target_dir_secrets}"
+sudo pumount "${secrets_dev}"
+echo "You can remove /dev/${secrets_dev} now."
+
+# Set up iniitial non-public parts of infrastructure: SSH authentication.
+ssh_dir=~/.ssh
+cd "${target_dir_secrets}"
+mkdir -p "${ssh_dir}"
+echo "Setting up .ssh"
+cp id_rsa ~/.ssh
+stty -echo
+ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
+stty echo
+eval $(ssh-agent)
+ssh-add
+ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts
+
+# Fill ~/public_repos.
+public_repos_dir="${HOME}/public_repos"
+repos_list_file="${public_repos_dir}/repos"
+mkdir -p "${public_repos_dir}"
+cat "${repos_list_file}" | while read line; do
+ first_char=$(echo "${line}" | cut -c1)
+ if [ "${first_char}" = "#" ]; then
+ continue
+ fi
+ repo_name="${line}"
+ if [ ! -d "${public_repos_dir}/${repo_name}" ]; then
+ cd "${public_repos_dir}"
+ git clone plom@plomlompom.com:/var/repos/${repo_name}