From 6203775f8d282f0db94b666a172b117231e90b32 Mon Sep 17 00:00:00 2001
From: Christian Heller <c.heller@plomlompom.de>
Date: Wed, 5 Mar 2025 19:59:29 +0100
Subject: [PATCH] Reorganize, add start of new borg script.
---
constants.sh | 18 +++++-----
many_releases/scripts/_misc.sh | 10 +++---
testing/home/desktop/.local/bin/borgplom | 13 +++++++
testing/scripts/{misc.sh => _misc.sh} | 0
testing/scripts/setup_desktop.sh | 12 +++----
testing/scripts/setup_secrets_root.sh | 12 +++----
testing/scripts/setup_secrets_user.sh | 43 ++++++++++++++++++++----
7 files changed, 76 insertions(+), 32 deletions(-)
mode change 100755 => 100644 many_releases/scripts/_misc.sh
create mode 100755 testing/home/desktop/.local/bin/borgplom
rename testing/scripts/{misc.sh => _misc.sh} (100%)
diff --git a/constants.sh b/constants.sh
index b653b1d..ac6dd89 100755
--- a/constants.sh
+++ b/constants.sh
@@ -1,21 +1,21 @@
#!/bin/sh
set -e
-PATH_REL_ETC="etc"
-PATH_REL_APTMARK="aptmark"
-PATH_REL_REPO="config"
-PATH_REL_HOME="home"
-PATH_REPO="${HOME}/${PATH_REL_REPO}"
-PATH_MANY="${PATH_REPO}/many_releases"
+PATH_REL_ETC=etc
+PATH_REL_APTMARK=aptmark
+PATH_REL_REPO=config
+PATH_REL_HOME=home
+PATH_MANY=../../many_releases
PATH_MANY_MISC="${PATH_MANY}/scripts/_misc.sh"
+ROOTS_HERE_AND_MANY="${PATH_MANY} .."
-USERNAME="plom"
+USERNAME=plom
PATH_USER_HOME="/home/${USERNAME}"
-FILENAME_PRIVATE_KEY='id_rsa'
+FILENAME_PRIVATE_KEY=id_rsa
FILENAME_PUBLIC_KEY="${FILENAME_PRIVATE_KEY}.pub"
URL_PUBLIC_KEY="https://dump.plomlompom.com/dump/${FILENAME_PUBLIC_KEY}"
-PATH_REL_LOCAL_SSH=".ssh"
+PATH_REL_LOCAL_SSH=.ssh
PATH_REL_AUTHORIZED_KEYS="${PATH_REL_LOCAL_SSH}/authorized_keys"
PATH_AUTHORIZED_KEYS="${HOME}/${PATH_REL_AUTHORIZED_KEYS}"
PATH_USER_SSH="${PATH_USER_HOME}/${PATH_REL_LOCAL_SSH}"
diff --git a/many_releases/scripts/_misc.sh b/many_releases/scripts/_misc.sh
old mode 100755
new mode 100644
index 5fd263e..941bc4d
--- a/many_releases/scripts/_misc.sh
+++ b/many_releases/scripts/_misc.sh
@@ -126,16 +126,16 @@ setup_for_raspi() {
# properly configure apt and reduce system to minimum that satisfies our own
# aptmark/ package lists
- for root in "${PATH_MANY}" '..'; do
+ for root in ${ROOTS_HERE_AND_MANY}; do
copy_dirtree "${root}/${PATH_REL_ETC}/all" '/etc/apt' apt
done
apt update
mark_nonrequireds_auto
- for root in "${PATH_MANY}" '..'; do
+ for root in ${ROOTS_HERE_AND_MANY}; do
install_for_modules "${root}/${PATH_REL_APTMARK}" all raspi
done
apt -y --purge autoremove
- for root in "${PATH_MANY}" '..'; do
+ for root in ${ROOTS_HERE_AND_MANY}; do
copy_dirtree "${root}/${PATH_REL_ETC}" '/etc' all raspi
done
@@ -150,14 +150,14 @@ setup_for_raspi() {
sed -i '/^output \* bg/ s/^/#/' /etc/sway/config
# Set up root environment.
- for root in "${PATH_MANY}" '..'; do
+ for root in ${ROOTS_HERE_AND_MANY}; do
copy_dirtree "${root}/${PATH_REL_HOME}" '/root' all root raspi_root
done
# Set up user and their environment.
adduser --disabled-password --gecos "" "${USERNAME}"
usermod -a -G sudo "${USERNAME}"
- for root in "${PATH_MANY}" '..'; do
+ for root in ${ROOTS_HERE_AND_MANY}; do
copy_dirtree "${root}/${PATH_REL_HOME}" "${PATH_USER_HOME}" all desktop raspi
done
mkdir "${PATH_USER_SSH}"
diff --git a/testing/home/desktop/.local/bin/borgplom b/testing/home/desktop/.local/bin/borgplom
new file mode 100755
index 0000000..edda582
--- /dev/null
+++ b/testing/home/desktop/.local/bin/borgplom
@@ -0,0 +1,13 @@
+#!/bin/sh
+PATH_BORGKEYS="${HOME}/.config/borg/keys"
+PATH_ORG="${HOME}/org"
+
+if [ "$1" = "orgpull" ]; then
+ cd /
+ echo "Pretending to do something."
+ FIRST_SERVER=$(ls -1 "${PATH_BORGKEYS}/" | head -1 | sed 's/.*@//')
+ REPO="${FIRST_SERVER}:borg"
+ ARCHIVE=$(borg list "${REPO}" | grep "${PATH_ORG}/" | tail -1 | cut -f1 -d' ')
+ echo "Pulling archive: ${ARCHIVE}"
+ borg extract --verbose "${REPO}::${ARCHIVE}"
+fi
diff --git a/testing/scripts/misc.sh b/testing/scripts/_misc.sh
similarity index 100%
rename from testing/scripts/misc.sh
rename to testing/scripts/_misc.sh
diff --git a/testing/scripts/setup_desktop.sh b/testing/scripts/setup_desktop.sh
index 20dd2af..d5b5b14 100755
--- a/testing/scripts/setup_desktop.sh
+++ b/testing/scripts/setup_desktop.sh
@@ -1,7 +1,7 @@
#!/bin/sh
set -e
set -x
-. ./misc.sh
+. ./_misc.sh
expect_min_n_args 1 "(system name)" "$@"
get_system_name_arg "$1"
@@ -57,13 +57,13 @@ if [ "$system_name" = "h610m" ]; then
# Hold kernel known to work with nvidia-drivers.
apt-mark hold linux-image-amd64 linux-headers-amd64
fi
-for root in "${PATH_MANY}" '..'; do
+for root in $ROOTS_HERE_AND_MANY; do
install_for_modules "${root}/${PATH_REL_APTMARK}" ${MIN_MODULES} user desktop
done
apt -y --purge autoremove
# Adapt /etc/ to our needs.
-for root in "${PATH_MANY}" '..'; do
+for root in $ROOTS_HERE_AND_MANY; do
copy_dirtree "${root}/${PATH_REL_ETC}" '/etc' ${MIN_MODULES} user desktop
done
@@ -75,16 +75,16 @@ ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
ntpdate-debian
# Set up root environment.
-for root in "${PATH_MANY}" '..'; do
+for root in $ROOTS_HERE_AND_MANY; do
copy_dirtree "${root}/${PATH_REL_HOME}" '/root' ${MIN_MODULES} minimal root
done
# Set up user and their environment.
adduser --disabled-password --gecos "" "${USERNAME}"
usermod -a -G sudo "${USERNAME}"
-for root in "${PATH_MANY}" '..'; do
+for root in $ROOTS_HERE_AND_MANY; do
copy_dirtree "${root}/${PATH_REL_HOME}" "${PATH_USER_HOME}" ${MIN_MODULES} user desktop
done
-cp -a "${PATH_REPO}" "${PATH_USER_HOME}/"
+cp -a "../../../${PATH_REL_REPO}" "${PATH_USER_HOME}/"
chown -R "${USERNAME}:${USERNAME}" "${PATH_USER_HOME}"
passwd "${USERNAME}"
diff --git a/testing/scripts/setup_secrets_root.sh b/testing/scripts/setup_secrets_root.sh
index 1e705e3..92f0c12 100755
--- a/testing/scripts/setup_secrets_root.sh
+++ b/testing/scripts/setup_secrets_root.sh
@@ -1,6 +1,6 @@
#!/bin/sh
set -e
-. ./misc.sh
+. ./_misc.sh
abort_if_not_user root
@@ -14,7 +14,7 @@ echo "Put secrets drive into slot for ${PATH_DEV}."
while [ ! -e "${PATH_DEV}" ]; do
sleep 0.1
done
-while [ true ]; do
+while true; do
stty -echo
printf "\nSecrets passphrase: "
read SECRETS_PASS
@@ -22,11 +22,11 @@ while [ true ]; do
echo "" # newline so user knows their input return was accepted
set +e
echo "${SECRETS_PASS}" | pmount "${PATH_DEV}"
- result=$?
+ RESULT=$?
set -e
- if [ "${result}" = "0" ]; then
+ if [ "${RESULT}" = "0" ]; then
break
- elif [ "${result}" != "100" ]; then
+ elif [ "${RESULT}" != "100" ]; then
echo "Aborting due to pmount error."
exit 1
fi
@@ -35,4 +35,4 @@ cp -a "${PATH_SOURCE}" "${PATH_SECRETS}"
pumount "${SECRETS_DEV}"
echo "You can remove ${PATH_DEV} now."
chown -R "${USERNAME}:${USERNAME}" "${PATH_SECRETS}"
-sudo -u "${USERNAME}" ./setup_secrets_user.sh
+sudo -u "${USERNAME}" ./setup_secrets_user.sh "${SECRETS_PASS}"
diff --git a/testing/scripts/setup_secrets_user.sh b/testing/scripts/setup_secrets_user.sh
index e4209b4..f2cd5b2 100755
--- a/testing/scripts/setup_secrets_user.sh
+++ b/testing/scripts/setup_secrets_user.sh
@@ -1,16 +1,24 @@
#!/bin/sh
set -e
-. ./misc.sh
+. ./_misc.sh
+
+BORG_PASSPHRASE="$1"
+PATH_REPOS="${HOME}/repos"
+PATH_BORGKEYS="${HOME}/.config/borg/keys"
+REPOS_SITE_DOMAIN=plomlompom.com
+REMOTE_PATH_REPOS=/var/repos
+NAME_BORGAPP=borgplom
abort_if_not_user "${USERNAME}"
abort_if_exists "${PATH_USER_SSH}"
-PATH_REPOS="${HOME}/repos"
abort_if_exists "${PATH_REPOS}"
+abort_if_exists "${PATH_BORGKEYS}"
echo "Setting up ~/.ssh"
PATH_PRIVATE_KEY="${PATH_USER_SSH}/${FILENAME_PRIVATE_KEY}"
PATH_PUBLIC_KEY="${PATH_USER_SSH}/${FILENAME_PUBLIC_KEY}"
-mkdir -p "${PATH_USER_SSH}" && cp "${PATH_SECRETS}/${FILENAME_PRIVATE_KEY}" "${PATH_PRIVATE_KEY}"
+mkdir -p "${PATH_USER_SSH}"
+cp "${PATH_SECRETS}/${FILENAME_PRIVATE_KEY}" "${PATH_PRIVATE_KEY}"
while [ ! -s "${PATH_PUBLIC_KEY}" ]; do
set +e
stty -echo
@@ -18,15 +26,38 @@ while [ ! -s "${PATH_PUBLIC_KEY}" ]; do
stty echo
set -e
done
+PATH_KNOWN_HOSTS="${PATH_USER_SSH}/known_hosts"
echo "Setting up ~/repos"
-REPOS_SITE_DOMAIN=plomlompom.com
REPOS_SITE_LOGIN="${USERNAME}@${REPOS_SITE_DOMAIN}"
-REMOTE_PATH_REPOS=/var/repos
eval $(ssh-agent) && ssh-add
-ssh-keyscan -H "${REPOS_SITE_DOMAIN}" >> "${PATH_USER_SSH}/known_hosts"
+ssh-keyscan "${REPOS_SITE_DOMAIN}" >> "${PATH_KNOWN_HOSTS}"
mkdir "${PATH_REPOS}"
cd "${PATH_REPOS}"
ssh ${REPOS_SITE_LOGIN} "cd $REMOTE_PATH_REPOS && ls -1" | while read REPO_NAME; do
git clone "${REPOS_SITE_LOGIN}:${REMOTE_PATH_REPOS}/${REPO_NAME}"
done
+
+echo "Set up borg and pull in ~/org"
+mkdir "${PATH_BORGKEYS}"
+tar xf "${PATH_SECRETS}/borg_keyfiles.tar" -C "${PATH_BORGKEYS}"
+ls -1 "${PATH_BORGKEYS}/" | while read FILENAME; do
+ SERVER_NAME=$(echo "${FILENAME}" | sed 's/.*@//')
+ ssh-keyscan "${SERVER_NAME}" >> "${PATH_KNOWN_HOSTS}"
+done
+while true; do
+ set +e
+ "${NAME_BORGAPP}" orgpull
+ RESULT=$?
+ set -e
+ if [ "${RESULT}" = "0" ]; then
+ break
+ elif [ "${RESULT}" != "2" ]; then
+ echo "Aborting due to unexpected ${NAME_BORGAPP} error."
+ exit 1
+ fi
+done
+
+PATH_REL_DEL_REPO="DELETE_${PATH_REL_REPO}"
+mv "${HOME}/${PATH_REL_REPO}" "${HOME}/${PATH_REL_DEL_REPO}"
+echo "With ~/repos set up, new reference be ~/repos/${PATH_REL_REPO}; moved ~/${PATH_REL_REPO} to ~/${PATH_REL_DEL_REPO}, ready to be deleted by you."
--
2.30.2