home · contact · privacy
Restructure and tabula rasa. master
authorChristian Heller <c.heller@plomlompom.de>
Fri, 21 Mar 2025 22:19:01 +0000 (23:19 +0100)
committerChristian Heller <c.heller@plomlompom.de>
Fri, 21 Mar 2025 22:19:01 +0000 (23:19 +0100)
754 files changed:
_bookworm/apt-mark/all [new file with mode: 0644]
_bookworm/apt-mark/h610m [new file with mode: 0644]
_bookworm/apt-mark/seedbox [new file with mode: 0644]
_bookworm/apt-mark/server [new file with mode: 0644]
_bookworm/apt-mark/thinkpad [new file with mode: 0644]
_bookworm/apt-mark/user [new file with mode: 0644]
_bookworm/apt-mark/w530 [new file with mode: 0644]
_bookworm/apt-mark/web [new file with mode: 0644]
_bookworm/borg.sh [new symlink]
_bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies [new file with mode: 0644]
_bookworm/etc_files/all/etc/apt/sources.list [new file with mode: 0644]
_bookworm/etc_files/all/etc/default/locale [new file with mode: 0644]
_bookworm/etc_files/all/etc/locale.gen [new file with mode: 0644]
_bookworm/etc_files/all/etc/timezone [new file with mode: 0644]
_bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service [new file with mode: 0644]
_bookworm/etc_files/server/etc/ssh/sshd_config [new file with mode: 0644]
_bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx [new file with mode: 0644]
_bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx [new file with mode: 0644]
_bookworm/etc_files/w530/etc/default/grub [new file with mode: 0644]
_bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf [new file with mode: 0644]
_bookworm/etc_files/web/etc/nftables.conf [new file with mode: 0755]
_bookworm/etc_files/web/etc/nginx/nginx.conf [new file with mode: 0644]
_bookworm/home_files/h610m/.xinitrc_bonus [new file with mode: 0644]
_bookworm/home_files/minimal/.bashrc [new file with mode: 0644]
_bookworm/home_files/root/.shell_prompt_color [new file with mode: 0644]
_bookworm/home_files/seedbox/.rtorrent.rc [new file with mode: 0644]
_bookworm/home_files/user/.Xresources [new file with mode: 0644]
_bookworm/home_files/user/.borgrepos [new file with mode: 0644]
_bookworm/home_files/user/.config/i3/config [new file with mode: 0644]
_bookworm/home_files/user/.config/i3status/config [new file with mode: 0644]
_bookworm/home_files/user/.emacs.d/init.el [new file with mode: 0644]
_bookworm/home_files/user/.gitconfig [new file with mode: 0644]
_bookworm/home_files/user/.mbsyncrc [new file with mode: 0644]
_bookworm/home_files/user/.notmuch-config [new file with mode: 0644]
_bookworm/home_files/user/.shell_prompt_color [new file with mode: 0644]
_bookworm/home_files/user/.tridactylrc [new file with mode: 0644]
_bookworm/home_files/user/.xinitrc [new file with mode: 0644]
_bookworm/home_files/user/mail_sync.sh [new file with mode: 0755]
_bookworm/home_files/user/public_repos/repos [new file with mode: 0644]
_bookworm/home_files/w530/.config/i3/config_bonus [new file with mode: 0644]
_bookworm/home_files/w530/.xinitrc_bonus [new file with mode: 0644]
_bookworm/setup_scripts/_setup.sh [new file with mode: 0755]
_bookworm/setup_scripts/copy_dirtree.sh [new file with mode: 0755]
_bookworm/setup_scripts/init_user_and_keybased_login.sh [new symlink]
_bookworm/setup_scripts/init_user_login.sh [new symlink]
_bookworm/setup_scripts/install_for_target.sh [new file with mode: 0755]
_bookworm/setup_scripts/migrate_borg.sh [new file with mode: 0755]
_bookworm/setup_scripts/mirror_dir.sh [new file with mode: 0755]
_bookworm/setup_scripts/misc.sh [new file with mode: 0644]
_bookworm/setup_scripts/prepare_to_meet_server.sh [new file with mode: 0755]
_bookworm/setup_scripts/purge_nonrequireds.sh [new file with mode: 0755]
_bookworm/setup_scripts/set_hostname_and_fqdn.sh [new file with mode: 0755]
_bookworm/setup_scripts/setup_desktop.sh [new file with mode: 0755]
_bookworm/setup_scripts/setup_firefox.sh [new file with mode: 0755]
_bookworm/setup_scripts/setup_home.sh [new file with mode: 0755]
_bookworm/setup_scripts/setup_nvidia.sh [new file with mode: 0755]
_bookworm/setup_scripts/setup_seedbox.sh [new file with mode: 0755]
_bookworm/setup_scripts/setup_server.sh [new file with mode: 0755]
_bookworm/setup_scripts/setup_static_website.sh [new file with mode: 0755]
_bookworm/setup_scripts/setup_web.sh [new file with mode: 0755]
_bookworm/setup_scripts/upgrade_from_older_release.sh [new file with mode: 0755]
archived/__constants.sh [new file with mode: 0755]
archived/__many_releases/aptmark/all [new file with mode: 0644]
archived/__many_releases/aptmark/raspi [new file with mode: 0644]
archived/__many_releases/etc/all/apt/apt.conf.d/99_minimize_dependencies [new file with mode: 0644]
archived/__many_releases/etc/all/locale.conf [new file with mode: 0644]
archived/__many_releases/etc/all/locale.gen [new file with mode: 0644]
archived/__many_releases/etc/all/timezone [new file with mode: 0644]
archived/__many_releases/etc/raspi/greetd/config.toml [new file with mode: 0644]
archived/__many_releases/etc/raspi/ssh/sshd_config [new file with mode: 0644]
archived/__many_releases/etc/raspi/systemd/system/throttle_cpu.service [new file with mode: 0644]
archived/__many_releases/home/all/.bashrc [new file with mode: 0644]
archived/__many_releases/home/all/.gitconfig [new file with mode: 0644]
archived/__many_releases/home/raspi/.config/mpv/mpv.conf [new file with mode: 0644]
archived/__many_releases/home/raspi/.config/sway/config [new file with mode: 0644]
archived/__many_releases/home/raspi/.nonpath_bins/on_session_start.sh [new file with mode: 0755]
archived/__many_releases/home/raspi/.nonpath_bins/status.sh [new file with mode: 0755]
archived/__many_releases/home/raspi/.profile [new file with mode: 0644]
archived/__many_releases/home/raspi_root/throttle_cpu.sh [new file with mode: 0755]
archived/__many_releases/home/root/.shell_prompt_color [new file with mode: 0644]
archived/__many_releases/scripts/_misc.sh [new file with mode: 0644]
archived/all_new_2018/apt-mark/all [deleted file]
archived/all_new_2018/apt-mark/server [deleted file]
archived/all_new_2018/borg.sh [deleted file]
archived/all_new_2018/linkable_etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies [deleted file]
archived/all_new_2018/linkable_etc_files/all/etc/apt/sources.list [deleted file]
archived/all_new_2018/linkable_etc_files/all/etc/locale.gen [deleted file]
archived/all_new_2018/linkable_etc_files/all/etc/timezone [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/aliases [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-auth.conf [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-lmtp.conf [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-mail.conf [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-master.conf [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-ssl.conf [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4 [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/mailutils.conf [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/opendkim.conf [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/postfix/main.cf [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/postfix/master.cf [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/fetchmail.service [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/pingmail.service [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/timers.target.wants/fetchmail.timer [deleted file]
archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/timers.target.wants/pingmail.timer [deleted file]
archived/all_new_2018/linkable_etc_files/play/etc/systemd/system/encrypt_chatlogs.service [deleted file]
archived/all_new_2018/linkable_etc_files/play/etc/systemd/system/timers.target.wants/encrypt_chatlogs.timer [deleted file]
archived/all_new_2018/linkable_etc_files/sendonly/etc/aliases [deleted file]
archived/all_new_2018/linkable_etc_files/sendonly/etc/postfix/main.cf [deleted file]
archived/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4 [deleted file]
archived/all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config [deleted file]
archived/all_new_2018/linkable_etc_files/web/etc/cron.d/certbot [deleted file]
archived/all_new_2018/linkable_etc_files/web/etc/gitweb.conf [deleted file]
archived/all_new_2018/linkable_etc_files/web/etc/iptables/rules.v4 [deleted file]
archived/all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf [deleted file]
archived/all_new_2018/linkable_etc_files/web/etc/systemd/system/certbot.service [deleted file]
archived/all_new_2018/linkable_etc_files/web/etc/systemd/system/plomlombot.service [deleted file]
archived/all_new_2018/setup_scripts/add_encryption_key.sh [deleted file]
archived/all_new_2018/setup_scripts/hardlink_etc.sh [deleted file]
archived/all_new_2018/setup_scripts/init_user_and_keybased_login.sh [deleted file]
archived/all_new_2018/setup_scripts/install_for_target.sh [deleted file]
archived/all_new_2018/setup_scripts/letsencrypt.sh [deleted file]
archived/all_new_2018/setup_scripts/letsencrypt_get.sh [deleted file]
archived/all_new_2018/setup_scripts/mirror_dir.sh [deleted file]
archived/all_new_2018/setup_scripts/prepare_to_meet_server.sh [deleted file]
archived/all_new_2018/setup_scripts/purge_nonrequireds.sh [deleted file]
archived/all_new_2018/setup_scripts/set_hostname_and_fqdn.sh [deleted file]
archived/all_new_2018/setup_scripts/setup_mail.sh [deleted file]
archived/all_new_2018/setup_scripts/setup_play.sh [deleted file]
archived/all_new_2018/setup_scripts/setup_plomlombot.sh [deleted file]
archived/all_new_2018/setup_scripts/setup_sendonly.sh [deleted file]
archived/all_new_2018/setup_scripts/setup_server.sh [deleted file]
archived/all_new_2018/setup_scripts/setup_web.sh [deleted file]
archived/all_new_2018/user_files/dovecot.sieve [deleted file]
archived/all_new_2018/user_files/encrypter.sh [deleted file]
archived/all_new_2018/user_files/fetchmailrc [deleted file]
archived/all_new_2018/user_files/pingmailrc [deleted file]
archived/all_new_2018/user_files/plomlombot_daemon.sh [deleted file]
archived/all_new_2018/user_files/weechat-wrapper.sh [deleted file]
archived/all_new_2018/user_files/weechatrc [deleted file]
archived/ansible/config.yml [deleted file]
archived/ansible/config_new.yml [deleted file]
archived/ansible/files/apt-mark/3d_acceleration [deleted file]
archived/ansible/files/apt-mark/basic_x_tools [deleted file]
archived/ansible/files/apt-mark/browser_environment [deleted file]
archived/ansible/files/apt-mark/console [deleted file]
archived/ansible/files/apt-mark/core [deleted file]
archived/ansible/files/apt-mark/hotkeys [deleted file]
archived/ansible/files/apt-mark/man [deleted file]
archived/ansible/files/apt-mark/minimal_ansible_environment [deleted file]
archived/ansible/files/apt-mark/minimal_x [deleted file]
archived/ansible/files/apt-mark/multimedia [deleted file]
archived/ansible/files/apt-mark/power_management [deleted file]
archived/ansible/files/apt-mark/various_useful [deleted file]
archived/ansible/files/apt-mark/wifi [deleted file]
archived/ansible/files/apt-mark_new/W530/3d_acceleration [deleted file]
archived/ansible/files/apt-mark_new/W530/browser_environment [deleted file]
archived/ansible/files/apt-mark_new/W530/hotkeys [deleted file]
archived/ansible/files/apt-mark_new/W530/multimedia [deleted file]
archived/ansible/files/apt-mark_new/W530/wicd [deleted file]
archived/ansible/files/apt-mark_new/X200s/multimedia [deleted file]
archived/ansible/files/apt-mark_new/X200s/power_management [deleted file]
archived/ansible/files/apt-mark_new/X200s/wifi [deleted file]
archived/ansible/files/apt-mark_new/minimal/3d_acceleration [deleted file]
archived/ansible/files/apt-mark_new/minimal/basic_x_tools [deleted file]
archived/ansible/files/apt-mark_new/minimal/browser_environment [deleted file]
archived/ansible/files/apt-mark_new/minimal/console [deleted file]
archived/ansible/files/apt-mark_new/minimal/core [deleted file]
archived/ansible/files/apt-mark_new/minimal/disk_encryption [deleted file]
archived/ansible/files/apt-mark_new/minimal/man [deleted file]
archived/ansible/files/apt-mark_new/minimal/minimal_ansible_environment [deleted file]
archived/ansible/files/apt-mark_new/minimal/minimal_x [deleted file]
archived/ansible/files/apt-mark_new/minimal/multimedia [deleted file]
archived/ansible/files/apt-mark_new/minimal/power_management [deleted file]
archived/ansible/files/apt-mark_new/minimal/various_useful [deleted file]
archived/ansible/files/apt-mark_new/minimal/wifi [deleted file]
archived/ansible/files/console/___etc___default___console-setup [deleted file]
archived/ansible/files/console/___etc___default___keyboard [deleted file]
archived/ansible/files/dirs [deleted file]
archived/ansible/files/dirs_new [deleted file]
archived/ansible/files/system/___etc___X11___xorg.conf.forced_nvidia [deleted file]
archived/ansible/files/system/___etc___acpi___events___plom-brightness-down [deleted file]
archived/ansible/files/system/___etc___acpi___events___plom-brightness-up [deleted file]
archived/ansible/files/system/___etc___acpi___events___plom-micmute [deleted file]
archived/ansible/files/system/___etc___acpi___events___plom-mute [deleted file]
archived/ansible/files/system/___etc___acpi___events___plom-volume-down [deleted file]
archived/ansible/files/system/___etc___acpi___events___plom-volume-up [deleted file]
archived/ansible/files/system/___etc___apt___apt.conf.d___99mindeps [deleted file]
archived/ansible/files/system/___etc___apt___sources.list [deleted file]
archived/ansible/files/system/___etc___default___tlp [deleted file]
archived/ansible/files/system/___etc___hostname [deleted file]
archived/ansible/files/system/___etc___hosts [deleted file]
archived/ansible/files/system/___etc___profile [deleted file]
archived/ansible/files/system/___etc___systemd___logind.conf [deleted file]
archived/ansible/files/system/___etc___timezone [deleted file]
archived/ansible/files/system/___etc___wicd___manager-settings.conf [deleted file]
archived/ansible/files/system_new/W530/___etc___X11___xorg.conf.forced_nvidia [deleted file]
archived/ansible/files/system_new/W530/___etc___hostname [deleted file]
archived/ansible/files/system_new/W530/___etc___hosts [deleted file]
archived/ansible/files/system_new/W530/___etc___wicd___manager-settings.conf [deleted file]
archived/ansible/files/system_new/X200s/___etc___hostname [deleted file]
archived/ansible/files/system_new/X200s/___etc___hosts [deleted file]
archived/ansible/files/system_new/minimal/___etc___apt___apt.conf.d___99mindeps [deleted file]
archived/ansible/files/system_new/minimal/___etc___apt___sources.list [deleted file]
archived/ansible/files/system_new/minimal/___etc___apt___sources.list.d___palemoon.list [deleted file]
archived/ansible/files/system_new/minimal/___etc___default___tlp [deleted file]
archived/ansible/files/system_new/minimal/___etc___profile [deleted file]
archived/ansible/files/system_new/minimal/___etc___systemd___logind.conf [deleted file]
archived/ansible/files/system_new/minimal/___etc___timezone [deleted file]
archived/ansible/run_root.sh [deleted file]
archived/ansible/run_root_new.sh [deleted file]
archived/ansible/run_user.sh [deleted file]
archived/ansible/run_user_new.sh [deleted file]
archived/ansible/tasks/initial_purge.yml [deleted file]
archived/ansible/tasks/qutebrowser.yml [deleted file]
archived/ansible/user.yml [deleted file]
archived/ansible/user_new.yml [deleted file]
archived/archive_plomroma.py [deleted file]
archived/bin/broiler_in.sh [deleted file]
archived/bin/hubbabubba.sh [deleted file]
archived/bin/i3status_wrapper.py [deleted file]
archived/bin/install_certs.sh [deleted file]
archived/bin/network.sh [deleted file]
archived/bin/plomlombot.sh [deleted file]
archived/bin/renew_certs.sh [deleted file]
archived/bin/setup_opendkim.sh [deleted file]
archived/bin/setup_starttls.sh [deleted file]
archived/bin/simplemail.sh [deleted file]
archived/bin/simplemail_out.sh [deleted file]
archived/bin/start_htwtxt.sh [deleted file]
archived/bin/symlink.sh [deleted file]
archived/bin/w530_backlight.sh [deleted file]
archived/bin/w530_startx_force_nvidia.sh [deleted file]
archived/bin/weechat-wrapper.sh [deleted file]
archived/bin/wicd-wrapper.sh [deleted file]
archived/bin/zinskritik.sh [deleted file]
archived/bullseye/apt-mark/all [new file with mode: 0644]
archived/bullseye/apt-mark/desktop [new file with mode: 0644]
archived/bullseye/apt-mark/dumpsite [new file with mode: 0644]
archived/bullseye/apt-mark/microblogpub [new file with mode: 0644]
archived/bullseye/apt-mark/play [new file with mode: 0644]
archived/bullseye/apt-mark/server [new file with mode: 0644]
archived/bullseye/apt-mark/thinkpad [new file with mode: 0644]
archived/bullseye/apt-mark/user [new file with mode: 0644]
archived/bullseye/apt-mark/w530 [new file with mode: 0644]
archived/bullseye/apt-mark/web [new file with mode: 0644]
archived/bullseye/apt-mark/website [new file with mode: 0644]
archived/bullseye/borg.sh [new file with mode: 0755]
archived/bullseye/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies [new file with mode: 0644]
archived/bullseye/etc_files/all/etc/apt/sources.list [new file with mode: 0644]
archived/bullseye/etc_files/all/etc/default/locale [new file with mode: 0644]
archived/bullseye/etc_files/all/etc/locale.gen [new file with mode: 0644]
archived/bullseye/etc_files/all/etc/timezone [new file with mode: 0644]
archived/bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.service [new file with mode: 0644]
archived/bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.timer [new file with mode: 0644]
archived/bullseye/etc_files/dumpsite/etc/nginx/sites-available/dumpsite.nginx [new file with mode: 0644]
archived/bullseye/etc_files/dumpsite/etc/systemd/system/url_catcher.service [new file with mode: 0644]
archived/bullseye/etc_files/microblogpub/etc/apt/sources.list [new file with mode: 0644]
archived/bullseye/etc_files/microblogpub/etc/nginx/sites-available/microblogpub.nginx [new file with mode: 0644]
archived/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub.service [new file with mode: 0644]
archived/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.service [new file with mode: 0644]
archived/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.timer [new file with mode: 0644]
archived/bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.service [new file with mode: 0644]
archived/bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer [new file with mode: 0644]
archived/bullseye/etc_files/server/etc/ssh/sshd_config [new file with mode: 0644]
archived/bullseye/etc_files/thinkpad/etc/default/tlp [new file with mode: 0644]
archived/bullseye/etc_files/thinkpad/etc/network/interfaces [new file with mode: 0644]
archived/bullseye/etc_files/thinkpad/etc/systemd/logind.conf [new file with mode: 0644]
archived/bullseye/etc_files/web/etc/nftables.conf [new file with mode: 0755]
archived/bullseye/etc_files/web/etc/nginx/nginx.conf [new file with mode: 0644]
archived/bullseye/etc_files/website/etc/gitweb.conf [new file with mode: 0644]
archived/bullseye/etc_files/website/etc/nginx/sites-available/website.nginx [new file with mode: 0644]
archived/bullseye/etc_files/website/etc/systemd/system/plomlombot.service [new file with mode: 0644]
archived/bullseye/home_files/minimal/.bashrc [new file with mode: 0644]
archived/bullseye/home_files/root/.shell_prompt_color [new file with mode: 0644]
archived/bullseye/home_files/user/.Xresources [new file with mode: 0644]
archived/bullseye/home_files/user/.borgrepos [new file with mode: 0644]
archived/bullseye/home_files/user/.config/i3/config [new file with mode: 0644]
archived/bullseye/home_files/user/.emacs.d/init.el [new file with mode: 0644]
archived/bullseye/home_files/user/.gitconfig [new file with mode: 0644]
archived/bullseye/home_files/user/.mbsyncrc [new file with mode: 0644]
archived/bullseye/home_files/user/.notmuch-config [new file with mode: 0644]
archived/bullseye/home_files/user/.shell_prompt_color [new file with mode: 0644]
archived/bullseye/home_files/user/.tridactylrc [new file with mode: 0644]
archived/bullseye/home_files/user/.xinitrc [new file with mode: 0644]
archived/bullseye/home_files/user/mail_sync.sh [new file with mode: 0755]
archived/bullseye/home_files/user/public_repos/repos [new file with mode: 0644]
archived/bullseye/home_files/w530/.config/i3status/config [new file with mode: 0644]
archived/bullseye/home_files/x220/.config/i3status/config [new file with mode: 0644]
archived/bullseye/other_files/blank.html [new file with mode: 0644]
archived/bullseye/other_files/blog_hook_post-receive [new file with mode: 0755]
archived/bullseye/other_files/dumpsite_index.html [new file with mode: 0644]
archived/bullseye/other_files/plomlombot_daemon.sh [new file with mode: 0755]
archived/bullseye/other_files/plomlombot_hook_post-receive [new file with mode: 0755]
archived/bullseye/other_files/prune_microblogpub.sh [new file with mode: 0644]
archived/bullseye/other_files/url-catcher_customizations.json [new file with mode: 0644]
archived/bullseye/other_files/website_hook_post-receive [new file with mode: 0755]
archived/bullseye/other_files/weechat-wrapper.sh [new file with mode: 0755]
archived/bullseye/other_files/weechatlogs_encrypter.sh [new file with mode: 0755]
archived/bullseye/other_files/weechatrc [new file with mode: 0644]
archived/bullseye/other_files/zettel_hook_post-receive [new file with mode: 0755]
archived/bullseye/setup_scripts/copy_dirtree.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/init_user_and_keybased_login.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/init_user_login.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/install_for_target.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/migrate_borg.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/mirror_dir.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/misc.sh [new file with mode: 0644]
archived/bullseye/setup_scripts/prepare_to_meet_server.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/purge_nonrequireds.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/set_hostname_and_fqdn.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/setup.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/setup_daily_reboot.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/setup_desktop.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/setup_dumpsite.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/setup_firefox.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/setup_home.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/setup_microblogpub.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/setup_play.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/setup_server.sh [new file with mode: 0755]
archived/bullseye/setup_scripts/setup_website.sh [new file with mode: 0755]
archived/buster/apt-mark/all [deleted file]
archived/buster/apt-mark/desktop [deleted file]
archived/buster/apt-mark/dumpsite [deleted file]
archived/buster/apt-mark/eeepc [deleted file]
archived/buster/apt-mark/mail [deleted file]
archived/buster/apt-mark/old_server [deleted file]
archived/buster/apt-mark/peertube [deleted file]
archived/buster/apt-mark/play [deleted file]
archived/buster/apt-mark/pleroma [deleted file]
archived/buster/apt-mark/pleroma_otp [deleted file]
archived/buster/apt-mark/pleroma_source [deleted file]
archived/buster/apt-mark/seedbox [deleted file]
archived/buster/apt-mark/server [deleted file]
archived/buster/apt-mark/thinkpad [deleted file]
archived/buster/apt-mark/user [deleted file]
archived/buster/apt-mark/w530 [deleted file]
archived/buster/apt-mark/web [deleted file]
archived/buster/apt-mark/website [deleted file]
archived/buster/apt-mark/x200s [deleted file]
archived/buster/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies [deleted file]
archived/buster/etc_files/all/etc/apt/sources.list [deleted file]
archived/buster/etc_files/all/etc/default/locale [deleted file]
archived/buster/etc_files/all/etc/locale.gen [deleted file]
archived/buster/etc_files/all/etc/timezone [deleted file]
archived/buster/etc_files/dumpsite/etc/nginx/sites-available/dumpsite.nginx [deleted file]
archived/buster/etc_files/dumpsite/etc/systemd/system/url_catcher.service [deleted file]
archived/buster/etc_files/eeepc/etc/systemd/logind.conf [deleted file]
archived/buster/etc_files/mail/etc/aliases [deleted file]
archived/buster/etc_files/mail/etc/dovecot/conf.d/99-lmtp-sieve-filtering.conf [deleted file]
archived/buster/etc_files/mail/etc/dovecot/conf.d/99-smtp-sasl.conf [deleted file]
archived/buster/etc_files/mail/etc/mailutils.conf [deleted file]
archived/buster/etc_files/mail/etc/nftables.conf [deleted file]
archived/buster/etc_files/mail/etc/systemd/system/fetchmail_old_account.service [deleted file]
archived/buster/etc_files/mail/etc/systemd/system/fetchmail_old_account.timer [deleted file]
archived/buster/etc_files/mail/etc/systemd/system/pingmail.service [deleted file]
archived/buster/etc_files/mail/etc/systemd/system/pingmail.timer [deleted file]
archived/buster/etc_files/old_server/etc/apt/sources.list [deleted file]
archived/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.service [deleted file]
archived/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer [deleted file]
archived/buster/etc_files/pleroma/var/lib/pleroma/static/instance/panel.html [deleted file]
archived/buster/etc_files/pleroma/var/lib/pleroma/static/robots.txt [deleted file]
archived/buster/etc_files/pleroma/var/lib/pleroma/static/static/terms-of-service.html [deleted file]
archived/buster/etc_files/server/etc/nftables.conf [deleted file]
archived/buster/etc_files/server/etc/ssh/sshd_config [deleted file]
archived/buster/etc_files/thinkpad/etc/default/tlp [deleted file]
archived/buster/etc_files/thinkpad/etc/systemd/logind.conf [deleted file]
archived/buster/etc_files/user/etc/cups/printers.conf [deleted file]
archived/buster/etc_files/user/etc/default/console-setup [deleted file]
archived/buster/etc_files/user/opt/firefox/blank.html [deleted file]
archived/buster/etc_files/user/opt/firefox/defaults/pref/autoconfig.js [deleted file]
archived/buster/etc_files/user/opt/firefox/firefox.cfg [deleted file]
archived/buster/etc_files/user/usr/share/applications/firefox.desktop [deleted file]
archived/buster/etc_files/web/etc/nftables.conf [deleted file]
archived/buster/etc_files/web/etc/nginx/nginx.conf [deleted file]
archived/buster/etc_files/website/etc/gitweb.conf [deleted file]
archived/buster/etc_files/website/etc/nginx/sites-available/website.nginx [deleted file]
archived/buster/etc_files/website/etc/systemd/system/plomlombot.service [deleted file]
archived/buster/etc_files/x200s/etc/wicd/manager-settings.conf [deleted file]
archived/buster/etc_files/x220/etc/wicd/manager-settings.conf [deleted file]
archived/buster/home_files/eeepc/.config/i3status/config [deleted file]
archived/buster/home_files/minimal/.bashrc [deleted file]
archived/buster/home_files/root/.shell_prompt_color [deleted file]
archived/buster/home_files/user/.Xresources [deleted file]
archived/buster/home_files/user/.borgrepos [deleted file]
archived/buster/home_files/user/.config/i3/config [deleted file]
archived/buster/home_files/user/.emacs.d/init.el [deleted file]
archived/buster/home_files/user/.gitconfig [deleted file]
archived/buster/home_files/user/.mbsyncrc [deleted file]
archived/buster/home_files/user/.notmuch-config [deleted file]
archived/buster/home_files/user/.shell_prompt_color [deleted file]
archived/buster/home_files/user/.tridactylrc [deleted file]
archived/buster/home_files/user/.xinitrc [deleted file]
archived/buster/home_files/user/mail_sync.sh [deleted file]
archived/buster/home_files/user/public_repos/repos [deleted file]
archived/buster/home_files/w530/.config/i3status/config [deleted file]
archived/buster/home_files/x200s/.config/i3status/config [deleted file]
archived/buster/home_files/x220/.config/i3status/config [deleted file]
archived/buster/other_files/append_opendkim.conf [deleted file]
archived/buster/other_files/append_pleroma_config [deleted file]
archived/buster/other_files/append_postfix_main.cf [deleted file]
archived/buster/other_files/append_postfix_master.cf [deleted file]
archived/buster/other_files/blog_hook_post-receive [deleted file]
archived/buster/other_files/dovecot.sieve [deleted file]
archived/buster/other_files/dumpsite_index.html [deleted file]
archived/buster/other_files/fetchmailrc [deleted file]
archived/buster/other_files/peertube_production.yaml [deleted file]
archived/buster/other_files/pingmailrc [deleted file]
archived/buster/other_files/pixel.png [deleted file]
archived/buster/other_files/pleroma_panel.html [deleted file]
archived/buster/other_files/pleroma_robots.txt [deleted file]
archived/buster/other_files/pleroma_terms-of-service.html [deleted file]
archived/buster/other_files/plomlombot_daemon.sh [deleted file]
archived/buster/other_files/plomlombot_hook_post-receive [deleted file]
archived/buster/other_files/url-catcher_customizations.json [deleted file]
archived/buster/other_files/website_hook_post-receive [deleted file]
archived/buster/other_files/weechat-wrapper.sh [deleted file]
archived/buster/other_files/weechatlogs_encrypter.sh [deleted file]
archived/buster/other_files/weechatrc [deleted file]
archived/buster/other_files/zettel_hook_post-receive [deleted file]
archived/buster/setup_scripts/backup_app.sh [deleted file]
archived/buster/setup_scripts/copy_dirtree.sh [deleted file]
archived/buster/setup_scripts/init_user_and_keybased_login.sh [deleted file]
archived/buster/setup_scripts/init_user_login.sh [deleted file]
archived/buster/setup_scripts/install_for_target.sh [deleted file]
archived/buster/setup_scripts/migrate_app.sh [deleted file]
archived/buster/setup_scripts/migrate_borg.sh [deleted file]
archived/buster/setup_scripts/mirror_dir.sh [deleted file]
archived/buster/setup_scripts/prepare_to_meet_server.sh [deleted file]
archived/buster/setup_scripts/purge_nonrequireds.sh [deleted file]
archived/buster/setup_scripts/restore_app.sh [deleted file]
archived/buster/setup_scripts/set_hostname_and_fqdn.sh [deleted file]
archived/buster/setup_scripts/setup.sh [deleted file]
archived/buster/setup_scripts/setup_desktop.sh [deleted file]
archived/buster/setup_scripts/setup_dumpsite.sh [deleted file]
archived/buster/setup_scripts/setup_home.sh [deleted file]
archived/buster/setup_scripts/setup_mail.sh [deleted file]
archived/buster/setup_scripts/setup_peertube.sh [deleted file]
archived/buster/setup_scripts/setup_play.sh [deleted file]
archived/buster/setup_scripts/setup_pleroma_otp.sh [deleted file]
archived/buster/setup_scripts/setup_pleroma_source.sh [deleted file]
archived/buster/setup_scripts/setup_seedbox.sh [deleted file]
archived/buster/setup_scripts/setup_server.sh [deleted file]
archived/buster/setup_scripts/setup_website.sh [deleted file]
archived/buster/setup_scripts/update_pleroma_source.sh [deleted file]
archived/buster/setup_scripts/upgrade_peertube.sh [deleted file]
archived/dotfiles/minimal/bashrc [deleted file]
archived/dotfiles/minimal/gitconfig [deleted file]
archived/dotfiles/minimal/profile [deleted file]
archived/dotfiles/minimal/shinit [deleted file]
archived/dotfiles/minimal/vimrc [deleted file]
archived/dotfiles/root/shinit_color [deleted file]
archived/dotfiles/root/vimrc_add [deleted file]
archived/dotfiles/user/server/minimal/mailfilter [deleted file]
archived/dotfiles/user/server/minimal/muttrc [deleted file]
archived/dotfiles/user/server/minimal/vimrc_add [deleted file]
archived/dotfiles/user/server/personal/minimal/getmail/getmailrc [deleted file]
archived/dotfiles/user/server/personal/minimal/procmailrc [deleted file]
archived/dotfiles/user/server/personal/minimal/shinit_add [deleted file]
archived/dotfiles/user/server/personal/minimal/weechatrc [deleted file]
archived/dotfiles/user/server/personal/plomlompom.com/shinit_color [deleted file]
archived/dotfiles/user/server/personal/test.plomlompom.com/shinit_color [deleted file]
archived/dotfiles/user/server/public/shinit_add [deleted file]
archived/dotfiles/user/server/public/shinit_color [deleted file]
archived/dotfiles/user/thinkpad/W530/Xresources-local [deleted file]
archived/dotfiles/user/thinkpad/W530/i3status.conf [deleted file]
archived/dotfiles/user/thinkpad/X200s/Xresources-local [deleted file]
archived/dotfiles/user/thinkpad/X200s/i3status.conf [deleted file]
archived/dotfiles/user/thinkpad/minimal/Xresources [deleted file]
archived/dotfiles/user/thinkpad/minimal/i3 [deleted file]
archived/dotfiles/user/thinkpad/minimal/pentadactylrc [deleted file]
archived/dotfiles/user/thinkpad/minimal/shinit_color [deleted file]
archived/dotfiles/user/thinkpad/minimal/vimrc_add [deleted file]
archived/dotfiles/user/thinkpad/minimal/xinitrc [deleted file]
archived/jessie_postinstall.sh [deleted file]
archived/mails/htwtxt_restart [deleted file]
archived/mails/server_postinstall_finished [deleted file]
archived/mails/update_reminder [deleted file]
archived/mails/weechat_restart_reminder [deleted file]
archived/misc.sh [new file with mode: 0644]
archived/notes [deleted file]
archived/raspbian/.alsoftrc [deleted file]
archived/raspbian/.asoundrc [deleted file]
archived/raspbian/.bash_aliases [deleted file]
archived/setup_go.sh [deleted file]
archived/stretch/apt-mark/seedbox [deleted file]
archived/stretch/etc_files/server/etc/ssh/sshd_config [deleted file]
archived/stretch/setup_scripts/init_user_and_keybased_login.sh [deleted file]
archived/stretch/setup_scripts/install_for_target.sh [deleted file]
archived/stretch/setup_scripts/setup_seedbox.sh [deleted file]
archived/systemfiles/aliases [deleted file]
archived/systemfiles/htwtxt_restart_reminder.service [deleted file]
archived/systemfiles/main.cf [deleted file]
archived/systemfiles/nginx.conf [deleted file]
archived/systemfiles/opendkim.conf [deleted file]
archived/systemfiles/plomlombot.service [deleted file]
archived/systemfiles/post-update [deleted file]
archived/systemfiles/weechat.service [deleted file]
archived/testing/apt-mark/all [new file with mode: 0644]
archived/testing/apt-mark/h610m [new file with mode: 0644]
archived/testing/apt-mark/t490s [new file with mode: 0644]
archived/testing/apt-mark/user [new file with mode: 0644]
archived/testing/aptmark/h610m [new file with mode: 0644]
archived/testing/aptmark/server [new file with mode: 0644]
archived/testing/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies [new file with mode: 0644]
archived/testing/etc_files/all/etc/apt/sources.list [new file with mode: 0644]
archived/testing/etc_files/all/etc/default/locale [new file with mode: 0644]
archived/testing/etc_files/all/etc/locale.gen [new file with mode: 0644]
archived/testing/etc_files/all/etc/timezone [new file with mode: 0644]
archived/testing/home_files/h610m/.xinitrc_bonus [new file with mode: 0644]
archived/testing/home_files/minimal/.bashrc [new file with mode: 0644]
archived/testing/home_files/root/.shell_prompt_color [new file with mode: 0644]
archived/testing/home_files/user/.Xresources [new file with mode: 0644]
archived/testing/home_files/user/.borgrepos [new file with mode: 0644]
archived/testing/home_files/user/.config/i3/config [new file with mode: 0644]
archived/testing/home_files/user/.config/i3status/config [new file with mode: 0644]
archived/testing/home_files/user/.emacs.d/init.el [new file with mode: 0644]
archived/testing/home_files/user/.gitconfig [new file with mode: 0644]
archived/testing/home_files/user/.mbsyncrc [new file with mode: 0644]
archived/testing/home_files/user/.notmuch-config [new file with mode: 0644]
archived/testing/home_files/user/.shell_prompt_color [new file with mode: 0644]
archived/testing/home_files/user/.tridactylrc [new file with mode: 0644]
archived/testing/home_files/user/.xinitrc [new file with mode: 0644]
archived/testing/home_files/user/mail_sync.sh [new file with mode: 0755]
archived/testing/home_files/user/public_repos/repos [new file with mode: 0644]
archived/testing/scripts/__setup_raspi.sh [new file with mode: 0755]
archived/testing/setup_scripts/_setup.sh [new file with mode: 0755]
archived/testing/setup_scripts/copy_dirtree.sh [new file with mode: 0755]
archived/testing/setup_scripts/install_for_target.sh [new file with mode: 0755]
archived/testing/setup_scripts/misc.sh [new file with mode: 0644]
archived/testing/setup_scripts/purge_nonrequireds.sh [new file with mode: 0755]
archived/testing/setup_scripts/set_hostname_and_fqdn.sh [new file with mode: 0755]
archived/testing/setup_scripts/setup_desktop.sh [new file with mode: 0755]
archived/testing/setup_scripts/setup_home.sh [new file with mode: 0755]
archived/update_key.sh [deleted file]
bookworm/apt-mark/all [deleted file]
bookworm/apt-mark/h610m [deleted file]
bookworm/apt-mark/seedbox [deleted file]
bookworm/apt-mark/server [deleted file]
bookworm/apt-mark/thinkpad [deleted file]
bookworm/apt-mark/user [deleted file]
bookworm/apt-mark/w530 [deleted file]
bookworm/apt-mark/web [deleted file]
bookworm/borg.sh [deleted symlink]
bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies [deleted file]
bookworm/etc_files/all/etc/apt/sources.list [deleted file]
bookworm/etc_files/all/etc/default/locale [deleted file]
bookworm/etc_files/all/etc/locale.gen [deleted file]
bookworm/etc_files/all/etc/timezone [deleted file]
bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service [deleted file]
bookworm/etc_files/server/etc/ssh/sshd_config [deleted file]
bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx [deleted file]
bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx [deleted file]
bookworm/etc_files/w530/etc/default/grub [deleted file]
bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf [deleted file]
bookworm/etc_files/web/etc/nftables.conf [deleted file]
bookworm/etc_files/web/etc/nginx/nginx.conf [deleted file]
bookworm/home_files/h610m/.xinitrc_bonus [deleted file]
bookworm/home_files/minimal/.bashrc [deleted file]
bookworm/home_files/root/.shell_prompt_color [deleted file]
bookworm/home_files/seedbox/.rtorrent.rc [deleted file]
bookworm/home_files/user/.Xresources [deleted file]
bookworm/home_files/user/.borgrepos [deleted file]
bookworm/home_files/user/.config/i3/config [deleted file]
bookworm/home_files/user/.config/i3status/config [deleted file]
bookworm/home_files/user/.emacs.d/init.el [deleted file]
bookworm/home_files/user/.gitconfig [deleted file]
bookworm/home_files/user/.mbsyncrc [deleted file]
bookworm/home_files/user/.notmuch-config [deleted file]
bookworm/home_files/user/.shell_prompt_color [deleted file]
bookworm/home_files/user/.tridactylrc [deleted file]
bookworm/home_files/user/.xinitrc [deleted file]
bookworm/home_files/user/mail_sync.sh [deleted file]
bookworm/home_files/user/public_repos/repos [deleted file]
bookworm/home_files/w530/.config/i3/config_bonus [deleted file]
bookworm/home_files/w530/.xinitrc_bonus [deleted file]
bookworm/setup_scripts/_setup.sh [deleted file]
bookworm/setup_scripts/copy_dirtree.sh [deleted file]
bookworm/setup_scripts/init_user_and_keybased_login.sh [deleted symlink]
bookworm/setup_scripts/init_user_login.sh [deleted symlink]
bookworm/setup_scripts/install_for_target.sh [deleted file]
bookworm/setup_scripts/migrate_borg.sh [deleted file]
bookworm/setup_scripts/mirror_dir.sh [deleted file]
bookworm/setup_scripts/misc.sh [deleted file]
bookworm/setup_scripts/prepare_to_meet_server.sh [deleted file]
bookworm/setup_scripts/purge_nonrequireds.sh [deleted file]
bookworm/setup_scripts/set_hostname_and_fqdn.sh [deleted file]
bookworm/setup_scripts/setup_desktop.sh [deleted file]
bookworm/setup_scripts/setup_firefox.sh [deleted file]
bookworm/setup_scripts/setup_home.sh [deleted file]
bookworm/setup_scripts/setup_nvidia.sh [deleted file]
bookworm/setup_scripts/setup_seedbox.sh [deleted file]
bookworm/setup_scripts/setup_server.sh [deleted file]
bookworm/setup_scripts/setup_static_website.sh [deleted file]
bookworm/setup_scripts/setup_web.sh [deleted file]
bookworm/setup_scripts/upgrade_from_older_release.sh [deleted file]
bullseye/apt-mark/all [deleted file]
bullseye/apt-mark/desktop [deleted file]
bullseye/apt-mark/dumpsite [deleted file]
bullseye/apt-mark/microblogpub [deleted file]
bullseye/apt-mark/play [deleted file]
bullseye/apt-mark/server [deleted file]
bullseye/apt-mark/thinkpad [deleted file]
bullseye/apt-mark/user [deleted file]
bullseye/apt-mark/w530 [deleted file]
bullseye/apt-mark/web [deleted file]
bullseye/apt-mark/website [deleted file]
bullseye/borg.sh [deleted file]
bullseye/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies [deleted file]
bullseye/etc_files/all/etc/apt/sources.list [deleted file]
bullseye/etc_files/all/etc/default/locale [deleted file]
bullseye/etc_files/all/etc/locale.gen [deleted file]
bullseye/etc_files/all/etc/timezone [deleted file]
bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.service [deleted file]
bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.timer [deleted file]
bullseye/etc_files/dumpsite/etc/nginx/sites-available/dumpsite.nginx [deleted file]
bullseye/etc_files/dumpsite/etc/systemd/system/url_catcher.service [deleted file]
bullseye/etc_files/microblogpub/etc/apt/sources.list [deleted file]
bullseye/etc_files/microblogpub/etc/nginx/sites-available/microblogpub.nginx [deleted file]
bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub.service [deleted file]
bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.service [deleted file]
bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.timer [deleted file]
bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.service [deleted file]
bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer [deleted file]
bullseye/etc_files/server/etc/ssh/sshd_config [deleted file]
bullseye/etc_files/thinkpad/etc/default/tlp [deleted file]
bullseye/etc_files/thinkpad/etc/network/interfaces [deleted file]
bullseye/etc_files/thinkpad/etc/systemd/logind.conf [deleted file]
bullseye/etc_files/web/etc/nftables.conf [deleted file]
bullseye/etc_files/web/etc/nginx/nginx.conf [deleted file]
bullseye/etc_files/website/etc/gitweb.conf [deleted file]
bullseye/etc_files/website/etc/nginx/sites-available/website.nginx [deleted file]
bullseye/etc_files/website/etc/systemd/system/plomlombot.service [deleted file]
bullseye/home_files/minimal/.bashrc [deleted file]
bullseye/home_files/root/.shell_prompt_color [deleted file]
bullseye/home_files/user/.Xresources [deleted file]
bullseye/home_files/user/.borgrepos [deleted file]
bullseye/home_files/user/.config/i3/config [deleted file]
bullseye/home_files/user/.emacs.d/init.el [deleted file]
bullseye/home_files/user/.gitconfig [deleted file]
bullseye/home_files/user/.mbsyncrc [deleted file]
bullseye/home_files/user/.notmuch-config [deleted file]
bullseye/home_files/user/.shell_prompt_color [deleted file]
bullseye/home_files/user/.tridactylrc [deleted file]
bullseye/home_files/user/.xinitrc [deleted file]
bullseye/home_files/user/mail_sync.sh [deleted file]
bullseye/home_files/user/public_repos/repos [deleted file]
bullseye/home_files/w530/.config/i3status/config [deleted file]
bullseye/home_files/x220/.config/i3status/config [deleted file]
bullseye/other_files/blank.html [deleted file]
bullseye/other_files/blog_hook_post-receive [deleted file]
bullseye/other_files/dumpsite_index.html [deleted file]
bullseye/other_files/plomlombot_daemon.sh [deleted file]
bullseye/other_files/plomlombot_hook_post-receive [deleted file]
bullseye/other_files/prune_microblogpub.sh [deleted file]
bullseye/other_files/url-catcher_customizations.json [deleted file]
bullseye/other_files/website_hook_post-receive [deleted file]
bullseye/other_files/weechat-wrapper.sh [deleted file]
bullseye/other_files/weechatlogs_encrypter.sh [deleted file]
bullseye/other_files/weechatrc [deleted file]
bullseye/other_files/zettel_hook_post-receive [deleted file]
bullseye/setup_scripts/copy_dirtree.sh [deleted file]
bullseye/setup_scripts/init_user_and_keybased_login.sh [deleted file]
bullseye/setup_scripts/init_user_login.sh [deleted file]
bullseye/setup_scripts/install_for_target.sh [deleted file]
bullseye/setup_scripts/migrate_borg.sh [deleted file]
bullseye/setup_scripts/mirror_dir.sh [deleted file]
bullseye/setup_scripts/misc.sh [deleted file]
bullseye/setup_scripts/prepare_to_meet_server.sh [deleted file]
bullseye/setup_scripts/purge_nonrequireds.sh [deleted file]
bullseye/setup_scripts/set_hostname_and_fqdn.sh [deleted file]
bullseye/setup_scripts/setup.sh [deleted file]
bullseye/setup_scripts/setup_daily_reboot.sh [deleted file]
bullseye/setup_scripts/setup_desktop.sh [deleted file]
bullseye/setup_scripts/setup_dumpsite.sh [deleted file]
bullseye/setup_scripts/setup_firefox.sh [deleted file]
bullseye/setup_scripts/setup_home.sh [deleted file]
bullseye/setup_scripts/setup_microblogpub.sh [deleted file]
bullseye/setup_scripts/setup_play.sh [deleted file]
bullseye/setup_scripts/setup_server.sh [deleted file]
bullseye/setup_scripts/setup_website.sh [deleted file]
constants.sh [deleted file]
many_releases/aptmark/all [deleted file]
many_releases/aptmark/raspi [deleted file]
many_releases/etc/all/apt/apt.conf.d/99_minimize_dependencies [deleted file]
many_releases/etc/all/locale.conf [deleted file]
many_releases/etc/all/locale.gen [deleted file]
many_releases/etc/all/timezone [deleted file]
many_releases/etc/raspi/greetd/config.toml [deleted file]
many_releases/etc/raspi/ssh/sshd_config [deleted file]
many_releases/etc/raspi/systemd/system/throttle_cpu.service [deleted file]
many_releases/home/all/.bashrc [deleted file]
many_releases/home/all/.gitconfig [deleted file]
many_releases/home/raspi/.config/mpv/mpv.conf [deleted file]
many_releases/home/raspi/.config/sway/config [deleted file]
many_releases/home/raspi/.nonpath_bins/on_session_start.sh [deleted file]
many_releases/home/raspi/.nonpath_bins/status.sh [deleted file]
many_releases/home/raspi/.profile [deleted file]
many_releases/home/raspi_root/throttle_cpu.sh [deleted file]
many_releases/home/root/.shell_prompt_color [deleted file]
many_releases/scripts/_misc.sh [deleted file]
misc.sh [deleted file]
testing/apt-mark/all [deleted file]
testing/apt-mark/h610m [deleted file]
testing/apt-mark/t490s [deleted file]
testing/apt-mark/user [deleted file]
testing/aptmark/all
testing/aptmark/desktop
testing/aptmark/h610m [deleted file]
testing/aptmark/server [deleted file]
testing/aptmark/user
testing/etc/all/apt/apt.conf.d/99_minimize_dependencies [new file with mode: 0644]
testing/etc/all/locale.conf [new file with mode: 0644]
testing/etc/all/locale.gen [new file with mode: 0644]
testing/etc/all/timezone [new file with mode: 0644]
testing/etc/desktop/network/interfaces [new file with mode: 0644]
testing/etc/t490s/network/interfaces [deleted file]
testing/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies [deleted file]
testing/etc_files/all/etc/apt/sources.list [deleted file]
testing/etc_files/all/etc/default/locale [deleted file]
testing/etc_files/all/etc/locale.gen [deleted file]
testing/etc_files/all/etc/timezone [deleted file]
testing/home/desktop/.nonpath_bins/plomlib.sh.desktop
testing/home/root/.shell_prompt_color [new file with mode: 0644]
testing/home/user/.gitconfig [new file with mode: 0644]
testing/home/user/.shell_prompt_color [new file with mode: 0644]
testing/home_files/h610m/.xinitrc_bonus [deleted file]
testing/home_files/minimal/.bashrc [deleted file]
testing/home_files/root/.shell_prompt_color [deleted file]
testing/home_files/user/.Xresources [deleted file]
testing/home_files/user/.borgrepos [deleted file]
testing/home_files/user/.config/i3/config [deleted file]
testing/home_files/user/.config/i3status/config [deleted file]
testing/home_files/user/.emacs.d/init.el [deleted file]
testing/home_files/user/.gitconfig [deleted file]
testing/home_files/user/.mbsyncrc [deleted file]
testing/home_files/user/.notmuch-config [deleted file]
testing/home_files/user/.shell_prompt_color [deleted file]
testing/home_files/user/.tridactylrc [deleted file]
testing/home_files/user/.xinitrc [deleted file]
testing/home_files/user/mail_sync.sh [deleted file]
testing/home_files/user/public_repos/repos [deleted file]
testing/scripts/_config_scripts_lib.sh [new file with mode: 0644]
testing/scripts/_misc.sh [deleted file]
testing/scripts/_setup_secrets_user.sh
testing/scripts/setup_desktop.sh
testing/scripts/setup_raspi.sh [deleted file]
testing/scripts/setup_secrets.sh
testing/setup_scripts/_setup.sh [deleted file]
testing/setup_scripts/copy_dirtree.sh [deleted file]
testing/setup_scripts/install_for_target.sh [deleted file]
testing/setup_scripts/misc.sh [deleted file]
testing/setup_scripts/purge_nonrequireds.sh [deleted file]
testing/setup_scripts/set_hostname_and_fqdn.sh [deleted file]
testing/setup_scripts/setup_desktop.sh [deleted file]
testing/setup_scripts/setup_home.sh [deleted file]

diff --git a/_bookworm/apt-mark/all b/_bookworm/apt-mark/all
new file mode 100644 (file)
index 0000000..abd02d6
--- /dev/null
@@ -0,0 +1,14 @@
+# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client
+# unpredictably so
+ifupdown
+isc-dhcp-client
+# git for the setup directory; cloning works with ca-certificates
+ca-certificates
+git
+# to avoid constant warnings about no locale being found
+locales
+# extremely useful for basic network debugging; missed these more than once in an emergency
+netcat-traditional
+iputils-ping
+# what would we do without this …
+apt
diff --git a/_bookworm/apt-mark/h610m b/_bookworm/apt-mark/h610m
new file mode 100644 (file)
index 0000000..02b95cc
--- /dev/null
@@ -0,0 +1,10 @@
+# for X to start at all
+linux-headers-amd64
+nvidia-driver
+firmware-misc-nonfree
+# X input: keyboard
+xserver-xorg-input-evdev
+# CUDA
+nvidia-cuda-dev
+nvidia-cuda-toolkit
+
diff --git a/_bookworm/apt-mark/seedbox b/_bookworm/apt-mark/seedbox
new file mode 100644 (file)
index 0000000..7129acf
--- /dev/null
@@ -0,0 +1,5 @@
+# needed for torrenting
+rtorrent
+# needed for torrenting session
+screen
+
diff --git a/_bookworm/apt-mark/server b/_bookworm/apt-mark/server
new file mode 100644 (file)
index 0000000..ecca45d
--- /dev/null
@@ -0,0 +1,12 @@
+# so we can login at all …
+openssh-server
+# firewalling
+nftables
+# We want to be able to use ALL our servers as borg backup destinations.
+borgbackup
+# not only pull in systemd, but also /sbin/reboot and /sbin/shutdown
+systemd-sysv
+# necessary on _some_ vservers
+net-tools
+quota
+
diff --git a/_bookworm/apt-mark/thinkpad b/_bookworm/apt-mark/thinkpad
new file mode 100644 (file)
index 0000000..fa7bd38
--- /dev/null
@@ -0,0 +1,16 @@
+# for wifi
+firmware-iwlwifi
+network-manager
+wpasupplicant
+# for tlp
+tlp
+tp-smapi-dkms
+# for X to start at all
+xserver-xorg-video-intel
+# X input: keyboard and touchpad
+xserver-xorg-input-evdev
+xserver-xorg-input-synaptics
+# to use printer
+cups
+#
+
diff --git a/_bookworm/apt-mark/user b/_bookworm/apt-mark/user
new file mode 100644 (file)
index 0000000..831b81c
--- /dev/null
@@ -0,0 +1,56 @@
+# to avoid booting problems with encrypted LVM, see <https://askubuntu.com/a/1105848>
+cryptsetup-initramfs
+lvm2
+# this provides setupcon which reads /etc/default/console-setup
+console-setup
+# for startx
+xinit
+# for xrdb
+x11-xserver-utils
+# for startx to run for non-root user
+libpam-systemd
+# window environment
+i3
+i3status
+suckless-tools
+xterm
+# to get sleepy at night
+redshift
+# for alsamixer
+alsa-utils
+# also useful
+vim
+sudo
+less
+man-db
+manpages
+procps
+# firefox install dependencies
+wget
+bzip2
+# firefox running dependencies
+libgtk-3-0
+libdbus-glib-1-2
+# tridactyl install recommendations
+vim-gtk3
+curl
+# for firefox to emit sound
+pulseaudio
+# emacs
+emacs
+emacs-common-non-dfsg
+emacs-el
+elpa-ledger
+ledger
+# to mount encrypted USB stick and use its contents
+pmount
+cryptsetup
+openssh-client
+# for syncing
+borgbackup
+# mail setup
+isync
+notmuch
+elpa-notmuch
+pinentry-gtk2
+#
diff --git a/_bookworm/apt-mark/w530 b/_bookworm/apt-mark/w530
new file mode 100644 (file)
index 0000000..6c2cfd7
--- /dev/null
@@ -0,0 +1,13 @@
+# for open-gpu-kernel-modules building
+gcc
+g++
+make
+linux-headers-amd64
+xz-utils
+# for NVIDIA driver .run --no-kernel-modules
+libvulkan1
+libglvnd-dev
+pkg-config
+# so we can add nvidia.NVreg_OpenRmEnableUnsupportedGpus=1 to default grub
+grub-efi-amd64
+
diff --git a/_bookworm/apt-mark/web b/_bookworm/apt-mark/web
new file mode 100644 (file)
index 0000000..4912b8a
--- /dev/null
@@ -0,0 +1,4 @@
+nginx-light
+# for SSL
+certbot
+python3-certbot-nginx
diff --git a/_bookworm/borg.sh b/_bookworm/borg.sh
new file mode 120000 (symlink)
index 0000000..358132c
--- /dev/null
@@ -0,0 +1 @@
+../bullseye/borg.sh
\ No newline at end of file
diff --git a/_bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies b/_bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies
new file mode 100644 (file)
index 0000000..4aaef79
--- /dev/null
@@ -0,0 +1,4 @@
+APT::AutoRemove::RecommendsImportant "false";
+APT::AutoRemove::SuggestsImportant "false";
+APT::Install-Recommends "false";
+APT::Install-Suggests "false";
diff --git a/_bookworm/etc_files/all/etc/apt/sources.list b/_bookworm/etc_files/all/etc/apt/sources.list
new file mode 100644 (file)
index 0000000..72b0ffb
--- /dev/null
@@ -0,0 +1,4 @@
+deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
+deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
+deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware
+deb http://ftp.debian.org/debian bookworm-backports main contrib non-free non-free-firmware
diff --git a/_bookworm/etc_files/all/etc/default/locale b/_bookworm/etc_files/all/etc/default/locale
new file mode 100644 (file)
index 0000000..dd6eee3
--- /dev/null
@@ -0,0 +1 @@
+LANG="en_US.UTF-8"
diff --git a/_bookworm/etc_files/all/etc/locale.gen b/_bookworm/etc_files/all/etc/locale.gen
new file mode 100644 (file)
index 0000000..a28cfa4
--- /dev/null
@@ -0,0 +1,483 @@
+# This file lists locales that you wish to have built. You can find a list
+# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
+# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
+# this file, you need to rerun locale-gen.
+
+
+# aa_DJ ISO-8859-1
+# aa_DJ.UTF-8 UTF-8
+# aa_ER UTF-8
+# aa_ER@saaho UTF-8
+# aa_ET UTF-8
+# af_ZA ISO-8859-1
+# af_ZA.UTF-8 UTF-8
+# ak_GH UTF-8
+# am_ET UTF-8
+# an_ES ISO-8859-15
+# an_ES.UTF-8 UTF-8
+# anp_IN UTF-8
+# ar_AE ISO-8859-6
+# ar_AE.UTF-8 UTF-8
+# ar_BH ISO-8859-6
+# ar_BH.UTF-8 UTF-8
+# ar_DZ ISO-8859-6
+# ar_DZ.UTF-8 UTF-8
+# ar_EG ISO-8859-6
+# ar_EG.UTF-8 UTF-8
+# ar_IN UTF-8
+# ar_IQ ISO-8859-6
+# ar_IQ.UTF-8 UTF-8
+# ar_JO ISO-8859-6
+# ar_JO.UTF-8 UTF-8
+# ar_KW ISO-8859-6
+# ar_KW.UTF-8 UTF-8
+# ar_LB ISO-8859-6
+# ar_LB.UTF-8 UTF-8
+# ar_LY ISO-8859-6
+# ar_LY.UTF-8 UTF-8
+# ar_MA ISO-8859-6
+# ar_MA.UTF-8 UTF-8
+# ar_OM ISO-8859-6
+# ar_OM.UTF-8 UTF-8
+# ar_QA ISO-8859-6
+# ar_QA.UTF-8 UTF-8
+# ar_SA ISO-8859-6
+# ar_SA.UTF-8 UTF-8
+# ar_SD ISO-8859-6
+# ar_SD.UTF-8 UTF-8
+# ar_SS UTF-8
+# ar_SY ISO-8859-6
+# ar_SY.UTF-8 UTF-8
+# ar_TN ISO-8859-6
+# ar_TN.UTF-8 UTF-8
+# ar_YE ISO-8859-6
+# ar_YE.UTF-8 UTF-8
+# as_IN UTF-8
+# ast_ES ISO-8859-15
+# ast_ES.UTF-8 UTF-8
+# ayc_PE UTF-8
+# az_AZ UTF-8
+# be_BY CP1251
+# be_BY.UTF-8 UTF-8
+# be_BY@latin UTF-8
+# bem_ZM UTF-8
+# ber_DZ UTF-8
+# ber_MA UTF-8
+# bg_BG CP1251
+# bg_BG.UTF-8 UTF-8
+# bhb_IN.UTF-8 UTF-8
+# bho_IN UTF-8
+# bn_BD UTF-8
+# bn_IN UTF-8
+# bo_CN UTF-8
+# bo_IN UTF-8
+# br_FR ISO-8859-1
+# br_FR.UTF-8 UTF-8
+# br_FR@euro ISO-8859-15
+# brx_IN UTF-8
+# bs_BA ISO-8859-2
+# bs_BA.UTF-8 UTF-8
+# byn_ER UTF-8
+# ca_AD ISO-8859-15
+# ca_AD.UTF-8 UTF-8
+# ca_ES ISO-8859-1
+# ca_ES.UTF-8 UTF-8
+# ca_ES.UTF-8@valencia UTF-8
+# ca_ES@euro ISO-8859-15
+# ca_ES@valencia ISO-8859-15
+# ca_FR ISO-8859-15
+# ca_FR.UTF-8 UTF-8
+# ca_IT ISO-8859-15
+# ca_IT.UTF-8 UTF-8
+# ce_RU UTF-8
+# chr_US UTF-8
+# cmn_TW UTF-8
+# crh_UA UTF-8
+# cs_CZ ISO-8859-2
+# cs_CZ.UTF-8 UTF-8
+# csb_PL UTF-8
+# cv_RU UTF-8
+# cy_GB ISO-8859-14
+# cy_GB.UTF-8 UTF-8
+# da_DK ISO-8859-1
+# da_DK.UTF-8 UTF-8
+# de_AT ISO-8859-1
+# de_AT.UTF-8 UTF-8
+# de_AT@euro ISO-8859-15
+# de_BE ISO-8859-1
+# de_BE.UTF-8 UTF-8
+# de_BE@euro ISO-8859-15
+# de_CH ISO-8859-1
+# de_CH.UTF-8 UTF-8
+# de_DE ISO-8859-1
+# de_DE.UTF-8 UTF-8
+# de_DE@euro ISO-8859-15
+# de_IT ISO-8859-1
+# de_IT.UTF-8 UTF-8
+# de_LI.UTF-8 UTF-8
+# de_LU ISO-8859-1
+# de_LU.UTF-8 UTF-8
+# de_LU@euro ISO-8859-15
+# doi_IN UTF-8
+# dv_MV UTF-8
+# dz_BT UTF-8
+# el_CY ISO-8859-7
+# el_CY.UTF-8 UTF-8
+# el_GR ISO-8859-7
+# el_GR.UTF-8 UTF-8
+# en_AG UTF-8
+# en_AU ISO-8859-1
+# en_AU.UTF-8 UTF-8
+# en_BW ISO-8859-1
+# en_BW.UTF-8 UTF-8
+# en_CA ISO-8859-1
+# en_CA.UTF-8 UTF-8
+# en_DK ISO-8859-1
+# en_DK.ISO-8859-15 ISO-8859-15
+# en_DK.UTF-8 UTF-8
+# en_GB ISO-8859-1
+# en_GB.ISO-8859-15 ISO-8859-15
+# en_GB.UTF-8 UTF-8
+# en_HK ISO-8859-1
+# en_HK.UTF-8 UTF-8
+# en_IE ISO-8859-1
+# en_IE.UTF-8 UTF-8
+# en_IE@euro ISO-8859-15
+# en_IL UTF-8
+# en_IN UTF-8
+# en_NG UTF-8
+# en_NZ ISO-8859-1
+# en_NZ.UTF-8 UTF-8
+# en_PH ISO-8859-1
+# en_PH.UTF-8 UTF-8
+# en_SG ISO-8859-1
+# en_SG.UTF-8 UTF-8
+# en_US ISO-8859-1
+# en_US.ISO-8859-15 ISO-8859-15
+en_US.UTF-8 UTF-8
+# en_ZA ISO-8859-1
+# en_ZA.UTF-8 UTF-8
+# en_ZM UTF-8
+# en_ZW ISO-8859-1
+# en_ZW.UTF-8 UTF-8
+# eo UTF-8
+# es_AR ISO-8859-1
+# es_AR.UTF-8 UTF-8
+# es_BO ISO-8859-1
+# es_BO.UTF-8 UTF-8
+# es_CL ISO-8859-1
+# es_CL.UTF-8 UTF-8
+# es_CO ISO-8859-1
+# es_CO.UTF-8 UTF-8
+# es_CR ISO-8859-1
+# es_CR.UTF-8 UTF-8
+# es_CU UTF-8
+# es_DO ISO-8859-1
+# es_DO.UTF-8 UTF-8
+# es_EC ISO-8859-1
+# es_EC.UTF-8 UTF-8
+# es_ES ISO-8859-1
+# es_ES.UTF-8 UTF-8
+# es_ES@euro ISO-8859-15
+# es_GT ISO-8859-1
+# es_GT.UTF-8 UTF-8
+# es_HN ISO-8859-1
+# es_HN.UTF-8 UTF-8
+# es_MX ISO-8859-1
+# es_MX.UTF-8 UTF-8
+# es_NI ISO-8859-1
+# es_NI.UTF-8 UTF-8
+# es_PA ISO-8859-1
+# es_PA.UTF-8 UTF-8
+# es_PE ISO-8859-1
+# es_PE.UTF-8 UTF-8
+# es_PR ISO-8859-1
+# es_PR.UTF-8 UTF-8
+# es_PY ISO-8859-1
+# es_PY.UTF-8 UTF-8
+# es_SV ISO-8859-1
+# es_SV.UTF-8 UTF-8
+# es_US ISO-8859-1
+# es_US.UTF-8 UTF-8
+# es_UY ISO-8859-1
+# es_UY.UTF-8 UTF-8
+# es_VE ISO-8859-1
+# es_VE.UTF-8 UTF-8
+# et_EE ISO-8859-1
+# et_EE.ISO-8859-15 ISO-8859-15
+# et_EE.UTF-8 UTF-8
+# eu_ES ISO-8859-1
+# eu_ES.UTF-8 UTF-8
+# eu_ES@euro ISO-8859-15
+# eu_FR ISO-8859-1
+# eu_FR.UTF-8 UTF-8
+# eu_FR@euro ISO-8859-15
+# fa_IR UTF-8
+# ff_SN UTF-8
+# fi_FI ISO-8859-1
+# fi_FI.UTF-8 UTF-8
+# fi_FI@euro ISO-8859-15
+# fil_PH UTF-8
+# fo_FO ISO-8859-1
+# fo_FO.UTF-8 UTF-8
+# fr_BE ISO-8859-1
+# fr_BE.UTF-8 UTF-8
+# fr_BE@euro ISO-8859-15
+# fr_CA ISO-8859-1
+# fr_CA.UTF-8 UTF-8
+# fr_CH ISO-8859-1
+# fr_CH.UTF-8 UTF-8
+# fr_FR ISO-8859-1
+# fr_FR.UTF-8 UTF-8
+# fr_FR@euro ISO-8859-15
+# fr_LU ISO-8859-1
+# fr_LU.UTF-8 UTF-8
+# fr_LU@euro ISO-8859-15
+# fur_IT UTF-8
+# fy_DE UTF-8
+# fy_NL UTF-8
+# ga_IE ISO-8859-1
+# ga_IE.UTF-8 UTF-8
+# ga_IE@euro ISO-8859-15
+# gd_GB ISO-8859-15
+# gd_GB.UTF-8 UTF-8
+# gez_ER UTF-8
+# gez_ER@abegede UTF-8
+# gez_ET UTF-8
+# gez_ET@abegede UTF-8
+# gl_ES ISO-8859-1
+# gl_ES.UTF-8 UTF-8
+# gl_ES@euro ISO-8859-15
+# gu_IN UTF-8
+# gv_GB ISO-8859-1
+# gv_GB.UTF-8 UTF-8
+# ha_NG UTF-8
+# hak_TW UTF-8
+# he_IL ISO-8859-8
+# he_IL.UTF-8 UTF-8
+# hi_IN UTF-8
+# hne_IN UTF-8
+# hr_HR ISO-8859-2
+# hr_HR.UTF-8 UTF-8
+# hsb_DE ISO-8859-2
+# hsb_DE.UTF-8 UTF-8
+# ht_HT UTF-8
+# hu_HU ISO-8859-2
+# hu_HU.UTF-8 UTF-8
+# hy_AM UTF-8
+# hy_AM.ARMSCII-8 ARMSCII-8
+# ia_FR UTF-8
+# id_ID ISO-8859-1
+# id_ID.UTF-8 UTF-8
+# ig_NG UTF-8
+# ik_CA UTF-8
+# is_IS ISO-8859-1
+# is_IS.UTF-8 UTF-8
+# it_CH ISO-8859-1
+# it_CH.UTF-8 UTF-8
+# it_IT ISO-8859-1
+# it_IT.UTF-8 UTF-8
+# it_IT@euro ISO-8859-15
+# iu_CA UTF-8
+# ja_JP.EUC-JP EUC-JP
+# ja_JP.UTF-8 UTF-8
+# ka_GE GEORGIAN-PS
+# ka_GE.UTF-8 UTF-8
+# kk_KZ PT154
+# kk_KZ.RK1048 RK1048
+# kk_KZ.UTF-8 UTF-8
+# kl_GL ISO-8859-1
+# kl_GL.UTF-8 UTF-8
+# km_KH UTF-8
+# kn_IN UTF-8
+# ko_KR.EUC-KR EUC-KR
+# ko_KR.UTF-8 UTF-8
+# kok_IN UTF-8
+# ks_IN UTF-8
+# ks_IN@devanagari UTF-8
+# ku_TR ISO-8859-9
+# ku_TR.UTF-8 UTF-8
+# kw_GB ISO-8859-1
+# kw_GB.UTF-8 UTF-8
+# ky_KG UTF-8
+# lb_LU UTF-8
+# lg_UG ISO-8859-10
+# lg_UG.UTF-8 UTF-8
+# li_BE UTF-8
+# li_NL UTF-8
+# lij_IT UTF-8
+# ln_CD UTF-8
+# lo_LA UTF-8
+# lt_LT ISO-8859-13
+# lt_LT.UTF-8 UTF-8
+# lv_LV ISO-8859-13
+# lv_LV.UTF-8 UTF-8
+# lzh_TW UTF-8
+# mag_IN UTF-8
+# mai_IN UTF-8
+# mg_MG ISO-8859-15
+# mg_MG.UTF-8 UTF-8
+# mhr_RU UTF-8
+# mi_NZ ISO-8859-13
+# mi_NZ.UTF-8 UTF-8
+# mk_MK ISO-8859-5
+# mk_MK.UTF-8 UTF-8
+# ml_IN UTF-8
+# mn_MN UTF-8
+# mni_IN UTF-8
+# mr_IN UTF-8
+# ms_MY ISO-8859-1
+# ms_MY.UTF-8 UTF-8
+# mt_MT ISO-8859-3
+# mt_MT.UTF-8 UTF-8
+# my_MM UTF-8
+# nan_TW UTF-8
+# nan_TW@latin UTF-8
+# nb_NO ISO-8859-1
+# nb_NO.UTF-8 UTF-8
+# nds_DE UTF-8
+# nds_NL UTF-8
+# ne_NP UTF-8
+# nhn_MX UTF-8
+# niu_NU UTF-8
+# niu_NZ UTF-8
+# nl_AW UTF-8
+# nl_BE ISO-8859-1
+# nl_BE.UTF-8 UTF-8
+# nl_BE@euro ISO-8859-15
+# nl_NL ISO-8859-1
+# nl_NL.UTF-8 UTF-8
+# nl_NL@euro ISO-8859-15
+# nn_NO ISO-8859-1
+# nn_NO.UTF-8 UTF-8
+# nr_ZA UTF-8
+# nso_ZA UTF-8
+# oc_FR ISO-8859-1
+# oc_FR.UTF-8 UTF-8
+# om_ET UTF-8
+# om_KE ISO-8859-1
+# om_KE.UTF-8 UTF-8
+# or_IN UTF-8
+# os_RU UTF-8
+# pa_IN UTF-8
+# pa_PK UTF-8
+# pap_AW UTF-8
+# pap_CW UTF-8
+# pl_PL ISO-8859-2
+# pl_PL.UTF-8 UTF-8
+# ps_AF UTF-8
+# pt_BR ISO-8859-1
+# pt_BR.UTF-8 UTF-8
+# pt_PT ISO-8859-1
+# pt_PT.UTF-8 UTF-8
+# pt_PT@euro ISO-8859-15
+# quz_PE UTF-8
+# raj_IN UTF-8
+# ro_RO ISO-8859-2
+# ro_RO.UTF-8 UTF-8
+# ru_RU ISO-8859-5
+# ru_RU.CP1251 CP1251
+# ru_RU.KOI8-R KOI8-R
+# ru_RU.UTF-8 UTF-8
+# ru_UA KOI8-U
+# ru_UA.UTF-8 UTF-8
+# rw_RW UTF-8
+# sa_IN UTF-8
+# sat_IN UTF-8
+# sc_IT UTF-8
+# sd_IN UTF-8
+# sd_IN@devanagari UTF-8
+# se_NO UTF-8
+# sgs_LT UTF-8
+# shs_CA UTF-8
+# si_LK UTF-8
+# sid_ET UTF-8
+# sk_SK ISO-8859-2
+# sk_SK.UTF-8 UTF-8
+# sl_SI ISO-8859-2
+# sl_SI.UTF-8 UTF-8
+# so_DJ ISO-8859-1
+# so_DJ.UTF-8 UTF-8
+# so_ET UTF-8
+# so_KE ISO-8859-1
+# so_KE.UTF-8 UTF-8
+# so_SO ISO-8859-1
+# so_SO.UTF-8 UTF-8
+# sq_AL ISO-8859-1
+# sq_AL.UTF-8 UTF-8
+# sq_MK UTF-8
+# sr_ME UTF-8
+# sr_RS UTF-8
+# sr_RS@latin UTF-8
+# ss_ZA UTF-8
+# st_ZA ISO-8859-1
+# st_ZA.UTF-8 UTF-8
+# sv_FI ISO-8859-1
+# sv_FI.UTF-8 UTF-8
+# sv_FI@euro ISO-8859-15
+# sv_SE ISO-8859-1
+# sv_SE.ISO-8859-15 ISO-8859-15
+# sv_SE.UTF-8 UTF-8
+# sw_KE UTF-8
+# sw_TZ UTF-8
+# szl_PL UTF-8
+# ta_IN UTF-8
+# ta_LK UTF-8
+# tcy_IN.UTF-8 UTF-8
+# te_IN UTF-8
+# tg_TJ KOI8-T
+# tg_TJ.UTF-8 UTF-8
+# th_TH TIS-620
+# th_TH.UTF-8 UTF-8
+# the_NP UTF-8
+# ti_ER UTF-8
+# ti_ET UTF-8
+# tig_ER UTF-8
+# tk_TM UTF-8
+# tl_PH ISO-8859-1
+# tl_PH.UTF-8 UTF-8
+# tn_ZA UTF-8
+# tr_CY ISO-8859-9
+# tr_CY.UTF-8 UTF-8
+# tr_TR ISO-8859-9
+# tr_TR.UTF-8 UTF-8
+# ts_ZA UTF-8
+# tt_RU UTF-8
+# tt_RU@iqtelif UTF-8
+# ug_CN UTF-8
+# uk_UA KOI8-U
+# uk_UA.UTF-8 UTF-8
+# unm_US UTF-8
+# ur_IN UTF-8
+# ur_PK UTF-8
+# uz_UZ ISO-8859-1
+# uz_UZ.UTF-8 UTF-8
+# uz_UZ@cyrillic UTF-8
+# ve_ZA UTF-8
+# vi_VN UTF-8
+# wa_BE ISO-8859-1
+# wa_BE.UTF-8 UTF-8
+# wa_BE@euro ISO-8859-15
+# wae_CH UTF-8
+# wal_ET UTF-8
+# wo_SN UTF-8
+# xh_ZA ISO-8859-1
+# xh_ZA.UTF-8 UTF-8
+# yi_US CP1255
+# yi_US.UTF-8 UTF-8
+# yo_NG UTF-8
+# yue_HK UTF-8
+# zh_CN GB2312
+# zh_CN.GB18030 GB18030
+# zh_CN.GBK GBK
+# zh_CN.UTF-8 UTF-8
+# zh_HK BIG5-HKSCS
+# zh_HK.UTF-8 UTF-8
+# zh_SG GB2312
+# zh_SG.GBK GBK
+# zh_SG.UTF-8 UTF-8
+# zh_TW BIG5
+# zh_TW.EUC-TW EUC-TW
+# zh_TW.UTF-8 UTF-8
+# zu_ZA ISO-8859-1
+# zu_ZA.UTF-8 UTF-8
diff --git a/_bookworm/etc_files/all/etc/timezone b/_bookworm/etc_files/all/etc/timezone
new file mode 100644 (file)
index 0000000..94d5acc
--- /dev/null
@@ -0,0 +1 @@
+Europe/Berlin
diff --git a/_bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service b/_bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service
new file mode 100644 (file)
index 0000000..babfd36
--- /dev/null
@@ -0,0 +1,17 @@
+[Unit]
+Description=rtorrent session
+After=network.target
+
+[Service]
+Type=simple
+User=plom
+Group=plom
+WorkingDirectory=/home/plom
+ExecStartPre=-/bin/rm -f /home/plom/session/rtorrent.lock
+ExecStart=/usr/bin/screen -S rtorrent -Dm /usr/bin/rtorrent
+ExecStop=/usr/bin/screen -S rtorrent -X quit
+Restart=on-failure
+RestartSec=3
+
+[Install]
+WantedBy=multi-user.target
diff --git a/_bookworm/etc_files/server/etc/ssh/sshd_config b/_bookworm/etc_files/server/etc/ssh/sshd_config
new file mode 100644 (file)
index 0000000..e952cb3
--- /dev/null
@@ -0,0 +1,123 @@
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented.  Uncommented options override the
+# default value.
+
+Include /etc/ssh/sshd_config.d/*.conf
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
+
+# Ciphers and keying
+#RekeyLimit default none
+
+# Logging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+#PermitRootLogin prohibit-password
+PermitRootLogin no  # plomlompom's security rule
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+#PubkeyAuthentication yes
+
+# Expect .ssh/authorized_keys2 to be disregarded by default in future.
+#AuthorizedKeysFile    .ssh/authorized_keys .ssh/authorized_keys2
+
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+PasswordAuthentication no
+#PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+KbdInteractiveAuthentication no
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
+#GSSAPIKeyExchange no
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the KbdInteractiveAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via KbdInteractiveAuthentication may bypass
+# the setting of "PermitRootLogin prohibit-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and KbdInteractiveAuthentication to 'no'.
+UsePAM yes
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+X11Forwarding yes
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PermitTTY yes
+PrintMotd no
+#PrintLastLog yes
+#TCPKeepAlive yes
+#PermitUserEnvironment no
+#Compression delayed
+ClientAliveInterval 15
+#ClientAliveCountMax 3
+#UseDNS no
+#PidFile /run/sshd.pid
+#MaxStartups 10:30:100
+#PermitTunnel no
+#ChrootDirectory none
+#VersionAddendum none
+
+# no default banner path
+#Banner none
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+# override default of no subsystems
+Subsystem      sftp    /usr/lib/openssh/sftp-server
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+#      X11Forwarding no
+#      AllowTcpForwarding no
+#      PermitTTY no
+#      ForceCommand cvs server
diff --git a/_bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx b/_bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx
new file mode 100644 (file)
index 0000000..99c19d2
--- /dev/null
@@ -0,0 +1,16 @@
+server {
+    listen 443 ssl;
+    server_name REPLACE_fqdn_ECALPER;
+    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
+    root /var/www/status.plomlompom.com/;
+
+    location = / {
+        return 301 /users/plomlompom.html;
+    } 
+
+    # re-direct to .html endings
+    location ~ ^/(notice|users)/([^\.]*)/?$ {
+        rewrite ^/(notice|users)/([^\./]*)/?$ /$1/$2.html permanent;
+    }
+}
diff --git a/_bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx b/_bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx
new file mode 100644 (file)
index 0000000..57b084a
--- /dev/null
@@ -0,0 +1,12 @@
+server {
+    listen 443 ssl;
+    server_name REPLACE_fqdn_ECALPER;
+    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
+    root /var/www/tube.plomlompom.com/;
+
+    # re-direct to .html endings
+    location ~ ^/videos/watch/([^\.]*)/?$ {
+        rewrite ^/videos/watch/([^\./]*)/?$ /videos/watch/$1.html permanent;
+    }
+}
diff --git a/_bookworm/etc_files/w530/etc/default/grub b/_bookworm/etc_files/w530/etc/default/grub
new file mode 100644 (file)
index 0000000..ff1b598
--- /dev/null
@@ -0,0 +1,32 @@
+# If you change this file, run 'update-grub' afterwards to update
+# /boot/grub/grub.cfg.
+# For full documentation of the options in this file, see:
+#   info -f grub -n 'Simple configuration'
+
+GRUB_DEFAULT=0
+GRUB_TIMEOUT=5
+GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
+GRUB_CMDLINE_LINUX_DEFAULT="quiet  nvidia.NVreg_OpenRmEnableUnsupportedGpus=1"
+GRUB_CMDLINE_LINUX=""
+
+# Uncomment to enable BadRAM filtering, modify to suit your needs
+# This works with Linux (no patch required) and with any kernel that obtains
+# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
+#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"
+
+# Uncomment to disable graphical terminal (grub-pc only)
+#GRUB_TERMINAL=console
+
+# The resolution used on graphical terminal
+# note that you can use only modes which your graphic card supports via VBE
+# you can see them in real GRUB with the command `vbeinfo'
+#GRUB_GFXMODE=640x480
+
+# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
+#GRUB_DISABLE_LINUX_UUID=true
+
+# Uncomment to disable generation of recovery mode menu entries
+#GRUB_DISABLE_RECOVERY="true"
+
+# Uncomment to get a beep at grub start
+#GRUB_INIT_TUNE="480 440 1"
diff --git a/_bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf b/_bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf
new file mode 100644 (file)
index 0000000..9699336
--- /dev/null
@@ -0,0 +1,3 @@
+blacklist nouveau
+options nouveau modeset=0
+
diff --git a/_bookworm/etc_files/web/etc/nftables.conf b/_bookworm/etc_files/web/etc/nftables.conf
new file mode 100755 (executable)
index 0000000..ec6732a
--- /dev/null
@@ -0,0 +1,22 @@
+#!/usr/sbin/nft -f
+
+flush ruleset
+
+table inet filter {
+       chain input {
+               type filter hook input priority 0; policy drop;
+               iif lo accept comment "accept localhost traffic"
+               ct state invalid drop comment "drop invalid connections"
+               ct state established, related accept comment "accept traffic originated from us"
+               tcp dport 22 accept comment "accept SSH on default port"
+               tcp dport 80 accept comment "accept HTTP on default port"
+               tcp dport 443 accept comment "accept HTTPS on default port"
+               ip protocol icmp icmp type echo-request accept comment "accept ICMP for pinging"
+       }
+       chain forward {
+               type filter hook forward priority 0; policy drop;
+       }
+       chain output {
+               type filter hook output priority 0; policy accept;
+       }
+}
diff --git a/_bookworm/etc_files/web/etc/nginx/nginx.conf b/_bookworm/etc_files/web/etc/nginx/nginx.conf
new file mode 100644 (file)
index 0000000..8320425
--- /dev/null
@@ -0,0 +1,38 @@
+# system integration
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+# is expected even if empty
+events {
+}
+
+http {
+    # define content-type headers
+    include /etc/nginx/mime.types;
+    charset utf-8;
+
+    # Some standard optimizations, i.e. Debian default. Explained in
+    # <https://thoughts.t37.net/nginx-optimization-understanding-sendfile-tcp-nodelay-and-tcp-nopush-c55cdd276765>
+    # Not that I understand it all …
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+
+    # logging deactivated due to GDPR
+    #access_log /var/log/nginx/access.log;
+    #error_log /var/log/nginx/error.log;
+    access_log off;
+    error_log off;
+
+    # virtual hosts: sites-enabled is the Debian way, conf.d the NGINX default
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+
+    # Redirect all HTTP requests to HTTPS.
+    server {
+        listen 80;
+        return 301 https://$host$request_uri;
+    }
+}
diff --git a/_bookworm/home_files/h610m/.xinitrc_bonus b/_bookworm/home_files/h610m/.xinitrc_bonus
new file mode 100644 (file)
index 0000000..1eaa7e8
--- /dev/null
@@ -0,0 +1,2 @@
+# Don't blank screen, as this will confuse the HDMI switch setup / lead to unrecoverable X sessions. 
+xset s noblank
diff --git a/_bookworm/home_files/minimal/.bashrc b/_bookworm/home_files/minimal/.bashrc
new file mode 100644 (file)
index 0000000..5c1d6b2
--- /dev/null
@@ -0,0 +1,30 @@
+# Settings for interactive shells.
+
+# Fancy colors for ls.
+alias ls="ls --color=auto"
+
+# Other helpful aliases
+alias sshauth='eval $(ssh-agent) && ssh-add'
+# alias xrandrbig='xrandr --output LVDS-1 --off'
+
+# Use vim as default editor for anything.
+export VISUAL=vim
+export EDITOR=$VISUAL
+
+# Colored prompt with username, hostname, date/time, directory.
+colornumber=7 # Default to white if no color set via colornumber dotfile.
+colornumber_file=~/.shell_prompt_color
+if [ -f $colornumber_file ]; then
+    colornumber=`cat $colornumber_file`
+fi
+tput_color="$(tput setaf $colornumber)$(tput bold)"
+tput_reset="$(tput sgr0)"
+# Bash confuses the line length when not told to not count escape sequences.
+if [ ! "$BASH" = "" ]; then
+    tput_color="\[$tput_color\]"
+    tput_reset="\[$tput_reset\]"
+fi
+PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset"
+PS2="${tput_color}> $tput_reset"
+PS3="${tput_color}select: $tput_reset"
+PS4="${tput_color}+ $tput_reset"
diff --git a/_bookworm/home_files/root/.shell_prompt_color b/_bookworm/home_files/root/.shell_prompt_color
new file mode 100644 (file)
index 0000000..d00491f
--- /dev/null
@@ -0,0 +1 @@
+1
diff --git a/_bookworm/home_files/seedbox/.rtorrent.rc b/_bookworm/home_files/seedbox/.rtorrent.rc
new file mode 100644 (file)
index 0000000..2513748
--- /dev/null
@@ -0,0 +1,11 @@
+# where to write downloads into
+directory.default.set = ~/downloads
+
+# rtorrent's memory 
+session.path.set = ~/session
+
+# security and paranoia
+dht.mode.set = disable
+protocol.pex.set = no
+protocol.encryption.set = require,require_RC4,allow_incoming,try_outgoing
+
diff --git a/_bookworm/home_files/user/.Xresources b/_bookworm/home_files/user/.Xresources
new file mode 100644 (file)
index 0000000..45b10af
--- /dev/null
@@ -0,0 +1,56 @@
+! otherwise various applications will assume merely 8 colors
+XTerm.termName: xterm-256color
+
+! font
+! actually, "mono" is already the default for faceName (it will
+! pick whatever fc-match mono delivers), but we need to set _some_
+! faceName to trigger XTerm activating TrueType fonts
+! (XTerm*fontRender by itself won't do the trick), and we want
+! TrueType fonts because, well, they scale better, and XTerm lets them
+! fall back on alternatives (hi there ttf-unifont) when a Unicode
+! glyph is not found
+XTerm*faceName: mono
+
+! white on black
+XTerm*reverseVideo: on
+
+! blink screen instead of sound
+XTerm*visualBell: on
+
+! proper ALT as META key treatment
+XTerm*eightBitInput: false
+
+! font sizes
+XTerm*faceSize: 8
+XTerm*faceSize1: 4
+XTerm*faceSize2: 5
+XTerm*faceSize3: 6
+XTerm*faceSize4: 8
+XTerm*faceSize5: 14
+XTerm*faceSize6: 25
+
+! colors
+! black
+XTerm*color0: #202020
+XTerm*color8: #3F3F3F
+! red
+XTerm*color1: #A82020
+XTerm*color9: #E82020
+! green
+XTerm*color2: #20A820
+XTerm*color10: #20E820
+! yellow
+XTerm*color3: #A8A820
+XTerm*color11: #E8E820
+! blue
+XTerm*color4: #3F3FFF
+XTerm*color12: #9F9FFF
+! magenta
+XTerm*color5: #A83FFF
+XTerm*color13: #E89FFF
+! cyan
+XTerm*color6: #3FA8FF
+XTerm*color14: #9FE8FF
+! white
+XTerm*color7: #A8A8A8
+XTerm*color15: #E8E8E8
diff --git a/_bookworm/home_files/user/.borgrepos b/_bookworm/home_files/user/.borgrepos
new file mode 100644 (file)
index 0000000..c40eee3
--- /dev/null
@@ -0,0 +1,4 @@
+plom@plomlompom.com
+plom@mail.plomlompom.com
+plom@play.plomlompom.com
+# file read ends at last newline
diff --git a/_bookworm/home_files/user/.config/i3/config b/_bookworm/home_files/user/.config/i3/config
new file mode 100644 (file)
index 0000000..7e4af34
--- /dev/null
@@ -0,0 +1,86 @@
+# plomlompom's i3-wm configuration
+
+# Font for i3 text
+font pango:Terminus 8px
+
+# Force "tabbed" as default layout for new windows.
+workspace_layout              tabbed
+
+# Make the Windows key the modifier key for all i3-wm actions.
+set                           $mod Mod4
+floating_modifier             $mod
+
+# Launch xterm.
+bindsym $mod+Return           exec xterm
+
+# Launch programs via dmenu.
+bindsym $mod+d                exec dmenu_run
+bindsym $mod+x                exec dmenu_run
+
+# Kill window.
+bindsym $mod+Shift+Q          kill
+
+# Move focus between windows.
+bindsym $mod+Left             focus left
+bindsym $mod+Down             focus down
+bindsym $mod+Up               focus up
+bindsym $mod+Right            focus right
+
+# Don't move focus with mouse.
+focus_follows_mouse           no
+
+# Move windows.
+bindsym $mod+Shift+Left       move left
+bindsym $mod+Shift+Down       move down
+bindsym $mod+Shift+Up         move up
+bindsym $mod+Shift+Right      move right
+
+# Resize windows
+bindsym $mod+h                resize shrink width 1 px or 1 ppt
+bindsym $mod+l                resize grow width 1 px or 1 ppt
+bindsym $mod+j                resize shrink height
+bindsym $mod+k                resize grow height
+
+# Toggle fullscreen for focused window.
+bindsym $mod+f                fullscreen
+
+# Toggle floating of window, focus on floating or tabbed windows.
+bindsym $mod+Shift+space      floating toggle
+bindsym $mod+space            focus mode_toggle
+
+# Switch to workspace x.
+bindsym $mod+1                workspace 1
+bindsym $mod+2                workspace 2
+bindsym $mod+3                workspace 3
+bindsym $mod+4                workspace 4
+bindsym $mod+5                workspace 5
+bindsym $mod+6                workspace 6
+bindsym $mod+7                workspace 7
+bindsym $mod+8                workspace 8
+bindsym $mod+9                workspace 9
+bindsym $mod+0                workspace 10
+
+# Move window to workspace x.
+bindsym $mod+Shift+exclam     move workspace 1
+bindsym $mod+Shift+quotedbl   move workspace 2
+bindsym $mod+Shift+section    move workspace 3
+bindsym $mod+Shift+dollar     move workspace 4
+bindsym $mod+Shift+percent    move workspace 5
+bindsym $mod+Shift+ampersand  move workspace 6
+bindsym $mod+Shift+slash      move workspace 7
+bindsym $mod+Shift+parenleft  move workspace 8
+bindsym $mod+Shift+parenright move workspace 9
+bindsym $mod+Shift+equal      move workspace 10
+
+# Reload i3 config file, restart (keeping sesion) i3, exit i3.
+bindsym $mod+Shift+C          reload
+bindsym $mod+Shift+R          restart
+bindsym $mod+Shift+P          exit
+
+# Select "i3status" as i3 status bar, hide systray icons.
+bar {
+  tray_output none
+  status_command i3status
+}
+
+include ~/.config/i3/config_bonus
diff --git a/_bookworm/home_files/user/.config/i3status/config b/_bookworm/home_files/user/.config/i3status/config
new file mode 100644 (file)
index 0000000..b9fb15f
--- /dev/null
@@ -0,0 +1,82 @@
+# plomlompom's i3 status bar configuration
+
+# Activate colors; set update interval of one second.
+general {
+  colors = true
+  interval = 1
+}
+
+# Selection / order of status elements.
+order += "disk /"
+order += "disk /home/"
+order += "wireless wlp3s0"
+order += "ethernet enp0s25"
+order += "battery 0"
+order += "cpu_usage"
+order += "load"
+order += "cpu_temperature 0"
+order += "time"
+order += "volume master"
+
+# How much space is left in / ?
+disk "/" {
+  format = "/: %avail available of %total"
+  separator_block_width = 25
+}
+
+# How much space is left in /home ?
+disk "/home/" {
+  format = "/home: %avail available of %total"
+  separator_block_width = 25
+}
+
+# WLAN status: show IP and connection quality or "down".
+wireless wlp3s0 {
+  format_up = "w: (%quality at %essid) %ip"
+  format_down = "w: down"
+  separator_block_width = 10
+}
+
+# Ethernet status: show IP or "down".
+ethernet enp0s25 {
+  format_up = "e: %ip"
+  format_down = "e: down"
+  separator_block_width = 25
+}
+
+# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
+battery 0 {
+  format = "b: %status %percentage %remaining"
+  separator_block_width = 25
+}
+
+# Show CPU usage.
+cpu_usage {
+  format = "cpu: %usage"
+  separator_block_width = 10
+}
+
+# Show system load during last 1/5/15 minutes.
+load {
+  format = "%1min %5min %15min"
+  separator_block_width = 25
+}
+
+# Show CPU temperature in degrees of celsius.
+cpu_temperature 0 {
+  format = "%degrees °C"
+  separator_block_width = 25
+}
+
+# Show date/time/timezone as "year-month-day hour:minute:second
+# timezone_numeric/timezone_alphabetic".
+time {
+  format = "%Y-%m-%d %H:%M:%S %z/%Z"
+  separator_block_width = 25
+}
+
+volume master {
+  format = "♪: %volume"
+  format_muted = "♪: muted (%volume)"
+  separator_block_width = 25
+}
diff --git a/_bookworm/home_files/user/.emacs.d/init.el b/_bookworm/home_files/user/.emacs.d/init.el
new file mode 100644 (file)
index 0000000..3868a75
--- /dev/null
@@ -0,0 +1,323 @@
+;; general layout
+;; ==============
+
+;; need no stinkin emacs help screen as start up, and no menu bar
+(setq inhibit-startup-screen t)
+(menu-bar-mode -1)
+
+;; highlight cursor line, parentheses
+(global-hl-line-mode 1)
+(show-paren-mode 1)
+
+;; show line numbers, use separator space
+(global-linum-mode)
+(setq linum-format "%d ")
+
+;; count cursor column, row in mode line
+(setq column-number-mode t)
+
+;; settings to make GUI tolerable
+(if window-system
+  (progn
+    (add-to-list 'default-frame-alist '(foreground-color . "white"))
+    (add-to-list 'default-frame-alist '(background-color . "black"))
+    (set-face-attribute 'default nil :height 80)
+    (scroll-bar-mode -1)
+    (setq visible-bell t)
+    (setq linum-format "%d")))
+
+;; use as default browser what XDG offers
+(setq-default browse-url-browser-function 'browse-url-xdg-open)
+
+
+
+;; general keybindings
+;; ===================
+
+;; create and use a minimal global map using just the self-insert command
+;; bindings and a selection of some to me very common keystrokes
+(setq minimal-map (make-sparse-keymap))
+(substitute-key-definition 'self-insert-command 'self-insert-command
+                           minimal-map global-map)
+(use-global-map minimal-map)
+(global-set-key (kbd "DEL") 'backward-delete-char-untabify)
+(global-set-key (kbd "RET") 'newline)
+(global-set-key (kbd "TAB") 'indent-for-tab-command)
+(global-set-key (kbd "<up>") 'previous-line)
+(global-set-key (kbd "<down>") 'next-line)
+(global-set-key (kbd "<left>") 'left-char)
+(global-set-key (kbd "<right>") 'right-char)
+(global-set-key (kbd "<prior>") 'scroll-down-command)
+(global-set-key (kbd "<next>") 'scroll-up-command)
+(global-set-key (kbd "M-x") 'execute-extended-command)
+(global-set-key (kbd "C-g") 'keyboard-quit)
+;(global-set-key (kbd "<f3>") 'kmacro-start-macro-or-insert-counter)
+;(global-set-key (kbd "<f4>") 'kmacro-end-or-call-macro)
+;; note how to switch back to the original map: (use-global-map global-map)
+(setq shr-map (make-sparse-keymap))  ; got annoying in elfeed-show on URLs
+
+
+
+;; minibuffer
+;; ==========
+
+;; incremental minibuffer completion
+(icomplete-mode 1)
+
+
+
+;; text editing
+;; ============
+
+;; tabs are evil
+(setq-default indent-tabs-mode nil)
+(setq-default tab-width 4)
+(setq indent-line-function 'insert-tab)
+
+;; show trailing whitespace
+(setq-default show-trailing-whitespace 1)
+
+;; on save, ask whether to ensure text file's last line ends in a
+;; newline character
+(setq require-final-newline 1)
+
+;; use dedicated directory for version-controlled, endless backups;
+;; never delete old versions
+(setq make-backup-files t
+      backup-directory-alist `(("." . "~/.emacs_backups"))
+      backup-by-copying t
+      version-control t
+      delete-old-versions 1)  ;; neither t nor nil: never delete
+
+
+;; package management
+;; ==================
+
+;; where we get packages from
+(setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/")
+                         ("melpa-unstable" . "https://melpa.org/packages/")
+                         ("melpa-stable" . "https://stable.melpa.org/packages/")))
+
+;; ensure certain packages are installed (actually, we use Debian repos here)
+;; credit to <https://stackoverflow.com/a/10093312>
+;(setq package-list '(elfeed ledger-mode))
+;(package-initialize)
+;(dolist (package package-list)
+;  (unless (package-installed-p package)
+;    (package-install package)))
+
+
+
+;;; window management
+;;; =================
+;
+;;; track window configurations to allow window config undo
+;(winner-mode 1)
+
+
+
+;; mail setup
+;; ==========
+
+(setq send-mail-function 'smtpmail-send-it)
+(setq smtpmail-smtp-server "mail.plomlompom.com")
+(setq smtpmail-smtp-service 465)
+(setq smtpmail-stream-type 'ssl)
+(setq smtpmail-smtp-user "plom")
+(setq mml-secure-openpgp-encrypt-to-self t)
+(add-hook 'message-setup-hook 'mml-secure-sign-pgpmime)
+
+;(setq gnutls-log-level 0)
+
+;; if we don't set this, we get this warning:
+;;   gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange
+;;   has been lowered to 256 bits and this may allow decryption of the session data
+(setq gnutls-min-prime-bits 1024)
+
+;; there is a WEIRD bug somewhere in /network-stream-open-tls/ that disappears the
+;; stream process, seemingly unless the /message/ function is called at the right
+;; place (earliest in /nsm-verify-connection/ right before the "cond" there, latest
+;; in /network-stream-get-response/ right after "(goto-char start)"; this works
+;; unless /inhibit_message/ is set, indicating that writing to the *Messages*
+;; buffer is not relevant, but maybe writing to the echo area is); activing the
+;; gnutls logging is just a hack to achieve such calls to /message/ in the
+;; /network-stream-open-tls/ flow.
+(setq gnutls-log-level 1) ; miraculously makes smtpmail work
+
+;; constructs From: domain if mail composer directly called (from without
+;; notmuch), but we don't actually intend to do that
+;(setq mail-host-address "plomlompom.com")
+
+;; otherwise notmuch becomes extremely slow in some cases
+(setq-default notmuch-show-indent-content nil)
+
+;; this only works if we use notmuch-mua-send instead of message-send
+(setq notmuch-fcc-dirs '(("plom@plomlompom.com" . "maildir/Sent")))
+
+;; this gets rid of "i-did-not-set--mail-host-address--so-tickle-me"
+;; in the message ID
+(setq mail-host-address "plomlompom.com")
+
+;; notmuch saved searches
+(setq notmuch-saved-searches
+      '((:name "inbox" :query "tag:unread and folder:inbox")
+        (:name "all" :query "tag:unread not folder:maildir/Trash")
+        (:name "plomlompom.de" :query "tag:unread and folder:maildir/plomlompom.de")
+        (:name "nebenan" :query "tag:unread and folder:maildir/nebenan")
+        (:name "reflect-info" :query "tag:unread and folder:maildir/reflect-info")
+        (:name "gmail" :query "tag:unread and folder:maildir/gmail.com")
+        (:name "mutter" :query "tag:unread and folder:maildir/mutter")))
+
+
+
+;; org mode
+;; ========
+
+;; unsure why, but to re-set the key map, we not only have to explicitely do it
+;; only after org-mode loading, but also have to explicitely overwrite the
+;; C-c keybinding; TODO: investigate
+(with-eval-after-load 'org
+    (setq org-mode-map (make-sparse-keymap))
+    (define-key org-mode-map (kbd "C-c") nil)
+    (define-key org-mode-map (kbd "TAB") 'org-cycle)
+    (define-key org-mode-map (kbd "<backtab>") 'org-shifttab))
+
+;; don't truncate lines by default
+(setq org-startup-truncated nil)
+
+;; basic org-capture config
+(setq org-capture-templates
+      '(("x" "test" plain (file "~/org/notes.org") "%T: %?")))
+(add-hook 'org-capture-mode-hook 'evil-insert-state)
+
+;; agenda view on startup
+(load-library "find-lisp")
+(setq org-agenda-files (find-lisp-find-files "~/org" "\.org$"))
+(setq org-agenda-span 90)
+(setq org-agenda-use-time-grid nil)
+(add-hook 'emacs-startup-hook (lambda ()
+                                 (org-agenda-list)
+                                 (switch-to-buffer "*Org Agenda*")
+                                 (other-window 1)))
+
+;;; for calendar, use ISO date style
+;(setq calendar-date-style 'iso)
+;(setq diary-number-of-entries 7)
+;(diary)
+;(setq org-agenda-time-grid '((today require-timed remove-match)
+;                             #("----------------" 0 16 (org-heading t))
+;                             (0 200 400 600 800 1000 1200
+;                                1400 1600 1800 2000 2200)))
+
+;; empty org-agenda-mode keybindings
+(add-hook 'org-agenda-mode-hook
+          (lambda ()
+            (setq org-agenda-mode-map (make-sparse-keymap))))
+(add-hook 'org-agenda-mode-hook
+          (lambda ()
+            (use-local-map (make-sparse-keymap))))
+
+;; org-publish-all
+(setq org-publish-project-alist
+      '(
+        ("website"
+         :base-directory "~/org/web/"
+         :base-extension "org"
+         :publishing-directory "~/html/"
+         :recursive t
+         :publishing-function org-html-publish-to-html
+         :headline-levels 4             ; Just the default for this project.
+         :auto-preamble t
+          )))
+
+;; use [ki:] syntax to hide stuff from exports
+(defun classify-information (text backend info)
+  "Replaces '[ki:WHATEVER]' with '[klassifizierte Information]'."
+  (replace-regexp-in-string "\\[ki:[^\]]*\]" "[klassifizierte Information]" text))
+(add-hook 'org-export-filter-plain-text-functions 'classify-information)
+
+;; add HTML validator link to exports
+(setq org-html-validation-link "<a href=\"https://validator.w3.org/check?uri=referer\">Validate</a>")
+
+
+
+;;; Info mode
+;;; =========
+
+(setq Info-mode-map (make-sparse-keymap))
+(define-key Info-mode-map (kbd "RET") 'Info-follow-nearest-node)
+(define-key Info-mode-map (kbd "u") 'Info-up)
+(define-key Info-mode-map (kbd "TAB") 'Info-next-reference)
+(define-key Info-mode-map (kbd "<backtab>") 'Info-prev-reference)
+(define-key Info-mode-map (kbd "H") 'Info-history-back)
+(define-key Info-mode-map (kbd "L") 'Info-history-forward)
+(define-key Info-mode-map (kbd "I") 'Info-goto-node)
+(define-key Info-mode-map (kbd "i") 'Info-index)
+
+
+
+;; help mode
+;; =========
+
+(setq help-mode-map (make-sparse-keymap))
+(define-key help-mode-map (kbd "TAB") 'forward-button)
+(define-key help-mode-map (kbd "RET") 'help-follow)
+(define-key help-mode-map (kbd "<backtab>") 'backward-button)
+
+
+
+; ;; elfeed
+; ;; ======
+; 
+; (require 'elfeed)  ; needed so we can set the font faces
+; (set-face-background 'elfeed-search-title-face "magenta")
+; (set-face-background 'elfeed-search-unread-count-face "magenta")
+; (setq elfeed-feeds
+;       '("https://capsurvival.blogspot.com/feeds/posts/default"
+;         "https://jungle.world/rss.xml"
+;         "http://news.dieweltistgarnichtso.net/bin/index.xml"
+;         "https://taz.de/!s=&ExportStatus=Intern&SuchRahmen=Online;rss/"
+;         "http://www.tagesschau.de/xml/atom"))
+; (setq elfeed-search-mode-map (make-sparse-keymap))
+; (define-key elfeed-search-mode-map (kbd "RET") 'elfeed-search-show-entry)
+; (defun elfeed-search-mark-as-read() (interactive)
+;   (elfeed-search-untag-all 'unread))
+; (define-key elfeed-search-mode-map (kbd "r") 'elfeed-search-mark-as-read)
+; (define-key elfeed-search-mode-map (kbd "R") 'elfeed-search-tag-all-unread)
+; (define-key elfeed-search-mode-map (kbd "f") 'elfeed-search-live-filter)
+; (define-key elfeed-search-mode-map (kbd "u") 'elfeed-update)
+; (setq elfeed-show-mode-map (make-sparse-keymap))
+; (define-key elfeed-show-mode-map (kbd "u") 'elfeed)
+; (define-key elfeed-show-mode-map (kbd "TAB") 'shr-next-link)
+; (define-key elfeed-show-mode-map (kbd "<backtab>") 'shr-previous-link)
+; (define-key elfeed-show-mode-map (kbd "a") 'elfeed-show-prev)
+; (define-key elfeed-show-mode-map (kbd "d") 'elfeed-show-next)
+; (define-key elfeed-show-mode-map (kbd "y") 'shr-copy-url)
+; (define-key elfeed-show-mode-map (kbd "RET") 'shr-browse-url)
+; 
+; 
+; 
+; ;; eww
+; ;; ===
+; 
+; (setq eww-mode-map (make-sparse-keymap))
+; (define-key eww-mode-map (kbd "TAB") 'shr-next-link)
+; (define-key eww-mode-map (kbd "<backtab>") 'shr-previous-link)
+; (define-key eww-mode-map (kbd "H") 'eww-back-url)
+; (define-key eww-mode-map (kbd "L") 'eww-forward-url)
+
+
+
+;; ledger
+;; ======
+(setq ledger-mode-map (make-sparse-keymap))
+(define-key ledger-mode-map (kbd "TAB") 'completion-at-point)
+
+
+
+;;; plomvi mode
+;;; ===========
+
+(defvar plomvi-return-combo (kbd "C-c"))
+(load "~/public_repos/plomvi.el/plomvi.el")
+(plomvi-global-mode 1)
diff --git a/_bookworm/home_files/user/.gitconfig b/_bookworm/home_files/user/.gitconfig
new file mode 100644 (file)
index 0000000..8967d25
--- /dev/null
@@ -0,0 +1,3 @@
+[user]
+       email = c.heller@plomlompom.de
+       name = Christian Heller
diff --git a/_bookworm/home_files/user/.mbsyncrc b/_bookworm/home_files/user/.mbsyncrc
new file mode 100644 (file)
index 0000000..59d01a9
--- /dev/null
@@ -0,0 +1,28 @@
+IMAPAccount plom
+# Address to connect to
+Host mail.plomlompom.com
+User plom
+# For some reason, mbsync doesn't accept a PassCmd output beyond 79 chars,
+# therefore the pw in ~/.authinfo should not be longer than that.
+PassCmd "cat ~/.authinfo | cut -d' ' -f8-"
+SSLType IMAPS
+AuthMechs LOGIN
+
+IMAPStore core-remote
+Account plom
+
+MaildirStore core-local
+# The trailing "/" is important
+Path ~/mail/maildir/
+Inbox ~/mail/inbox/
+
+Channel core
+Far :core-remote:
+Near :core-local:
+Patterns *
+# Automatically create missing mailboxes, both locally and on the server
+Create Both
+# Save the synchronization state files in the relevant directory
+SyncState *
+# If a mail is marked T ("Trashed") or deleted, remove it for real everywhere
+Expunge Both
diff --git a/_bookworm/home_files/user/.notmuch-config b/_bookworm/home_files/user/.notmuch-config
new file mode 100644 (file)
index 0000000..9532761
--- /dev/null
@@ -0,0 +1,9 @@
+[database]
+path=/home/plom/mail
+[search]
+exclude_tags=deleted;spam;
+# the fields below set the From: if the mail composer is called from
+# within notmuch
+[user]
+name=Christian Heller
+primary_email=plom@plomlompom.com
diff --git a/_bookworm/home_files/user/.shell_prompt_color b/_bookworm/home_files/user/.shell_prompt_color
new file mode 100644 (file)
index 0000000..0cfbf08
--- /dev/null
@@ -0,0 +1 @@
+2
diff --git a/_bookworm/home_files/user/.tridactylrc b/_bookworm/home_files/user/.tridactylrc
new file mode 100644 (file)
index 0000000..8da0831
--- /dev/null
@@ -0,0 +1,18 @@
+# sanitize tridactyllocal tridactylsync
+# guiset tabs always 
+# guiset hoverlink left
+# guiset statuspanel right 
+autocmd DocStart www.reddit.com urlmodify -t www.reddit old.reddit
+# bind ö fillcmdline find
+# bind n findnext 1
+# bind N findnext -1
+bind j scrollline 3
+bind k scrollline -3
+set hintuppercase false
+set searchengine duckduckgo
+set theme midnight 
+set searchurls.wiktionary https://en.wiktionary.org/w/index.php?search=
+set searchurls.dictcc https://www.dict.cc/?s=
+set hintchars 123456qwertasdfgyxcvb
+guiset gui none
+escapehatch
diff --git a/_bookworm/home_files/user/.xinitrc b/_bookworm/home_files/user/.xinitrc
new file mode 100644 (file)
index 0000000..e1cbd6a
--- /dev/null
@@ -0,0 +1,19 @@
+# X init configuration
+
+# Set keymap.
+setxkbmap de
+
+# Map CapsLock to Compose key.
+xmodmap -e "clear Lock"
+xmodmap -e "keycode 66 = Multi_key"
+
+# Load xterm settings
+xrdb -merge ~/.Xresources
+
+# Redshift to Berlin, Germany.
+redshift -rl 53:13 &
+
+sh .xinitrc_bonus
+
+# Launch window manager.
+i3
diff --git a/_bookworm/home_files/user/mail_sync.sh b/_bookworm/home_files/user/mail_sync.sh
new file mode 100755 (executable)
index 0000000..ffe6b4a
--- /dev/null
@@ -0,0 +1,44 @@
+#!/bin/sh
+set -e
+
+basedir="/home/plom/mail/maildir/"
+# Ensure directories exist for all "dir:*" tags.
+for tag in $(notmuch search --output=tags '*'); do
+    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
+        continue
+    fi
+    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
+    if [ ! -d "${target_dir}" ]; then
+        echo "Directory ${target_dir} does not exist."
+        exit 1
+    fi
+done
+
+# Ensure all "dir:*"-tagged mails are in proper directories,
+# remove all "dir:*" tags.
+for tag in $(notmuch search --output=tags '*'); do
+    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
+        continue
+    fi
+    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
+    for f in $(notmuch search --output=files tag:"${tag}"); do
+         new_name=$(basename "${f}" | sed -e 's/,U=[0-9]*//')
+         target_path="${target_dir}${new_name}"
+         if [ ! "${target_path}" = "${f}" ]; then
+             echo "Moving ${f} to ${target_path}."
+             mv "${f}" "${target_path}"
+            # NOTE: if we encounter an error here of ${f} not being findable, run "notmuch reindex tag:${tag}" to fix 
+         fi
+    done
+    notmuch tag -"${tag}" tag:"${tag}"
+done
+
+# Remove all "deleted"-tagged files from maildirs.
+notmuch search --output=files tag:deleted | while read f; do
+    echo "Deleting ${f}"
+    rm "${f}"
+done
+
+# Sync changes back to server and update notmuch index.
+mbsync -a
+notmuch new
diff --git a/_bookworm/home_files/user/public_repos/repos b/_bookworm/home_files/user/public_repos/repos
new file mode 100644 (file)
index 0000000..2414eec
--- /dev/null
@@ -0,0 +1,8 @@
+# List of repos we want cloned in ~/public_repos
+config
+pingmail.git
+plomlombot-irc.git
+plomrogue
+plomrogue2-experiments
+plomvi.el
+misc
diff --git a/_bookworm/home_files/w530/.config/i3/config_bonus b/_bookworm/home_files/w530/.config/i3/config_bonus
new file mode 100644 (file)
index 0000000..50af63e
--- /dev/null
@@ -0,0 +1,14 @@
+# put main workspaces on big monitor
+workspace 1 output LVDS-1
+workspace 2 output HDMI-1-0
+workspace 3 output HDMI-1-0
+workspace 4 output HDMI-1-0
+workspace 5 output HDMI-1-0
+workspace 6 output HDMI-1-0
+workspace 7 output HDMI-1-0
+workspace 8 output HDMI-1-0
+workspace 9 output HDMI-1-0
+workspace 10 output HDMI-1-0
+
+# default to big monitor's first workspace
+# exec "i3-msg 'workspace 1'"
diff --git a/_bookworm/home_files/w530/.xinitrc_bonus b/_bookworm/home_files/w530/.xinitrc_bonus
new file mode 100644 (file)
index 0000000..b3a221f
--- /dev/null
@@ -0,0 +1,2 @@
+# The extreme --pos disconnects the cursor movement spaces, so mouse stays inside selected screen.
+xrandr --output LVDS-1 --mode 1368x768 --output HDMI-1-0 --auto --pos 2000x2000
diff --git a/_bookworm/setup_scripts/_setup.sh b/_bookworm/setup_scripts/_setup.sh
new file mode 100755 (executable)
index 0000000..5f4bfda
--- /dev/null
@@ -0,0 +1,35 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 2 "(hostname, FQDN)" "$@"
+hostname="$1"
+fqdn="$2"
+shift 2
+
+cd "${setup_scripts_dir}"
+
+# Adapt /etc/ to our needs by copying from ./etc_files. This will set
+# basic configurations affecting following steps, such as setup of APT
+# and the locale selection, so needs to be right at the beginning.
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" all "$@"
+
+# Set hostname and FQDN.
+./set_hostname_and_fqdn.sh "${hostname}" "${fqdn}"
+
+# Ensure package installation state as defined by what packages are
+# defined as required by Debian policy and by settings in ./apt-mark/.
+apt update
+./install_for_target.sh all "$@"
+./purge_nonrequireds.sh all "$@"
+
+# Ensure our desired locale is available.
+locale-gen
+
+# Only upgrade after reducing the system to the desired minimum, so that
+# we don't need to get more data than necessary.
+apt -y dist-upgrade
+
+# Set Berlin localtime.
+ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
diff --git a/_bookworm/setup_scripts/copy_dirtree.sh b/_bookworm/setup_scripts/copy_dirtree.sh
new file mode 100755 (executable)
index 0000000..fbc3d9d
--- /dev/null
@@ -0,0 +1,30 @@
+#!/bin/sh
+# Copy files in argument-selected subdirectories of $1 to subdirectories
+# of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2
+# of "" and $3 of "all", copy files below etc_files/all such as
+# etc_files/all/etc/foo/bar to equivalent locations below / such as
+# /etc/foo/bar. Create directories as necessary. Multiple arguments after
+# $3 are possible.
+#
+# CAUTION: This removes original files at the affected paths.
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 3 "(source root, target root, modules)" "$@"
+
+source_root="$1"
+target_root="$2"
+shift 2
+
+for target_module in "$@"; do
+    mkdir -p "${source_root}/${target_module}"
+    cd "${source_root}/${target_module}"
+    for path in $(find . -type f); do
+        target_path="${target_root}"$(echo "${path}" | cut -c2-)
+        source_path=$(realpath "${path}")
+        dir=$(dirname "${target_path}")
+        mkdir -p "${dir}"
+        cp "${source_path}" "${target_path}"
+    done
+done
diff --git a/_bookworm/setup_scripts/init_user_and_keybased_login.sh b/_bookworm/setup_scripts/init_user_and_keybased_login.sh
new file mode 120000 (symlink)
index 0000000..f95539d
--- /dev/null
@@ -0,0 +1 @@
+../../bullseye/setup_scripts/init_user_and_keybased_login.sh
\ No newline at end of file
diff --git a/_bookworm/setup_scripts/init_user_login.sh b/_bookworm/setup_scripts/init_user_login.sh
new file mode 120000 (symlink)
index 0000000..0b0497d
--- /dev/null
@@ -0,0 +1 @@
+../../bullseye/setup_scripts/init_user_login.sh
\ No newline at end of file
diff --git a/_bookworm/setup_scripts/install_for_target.sh b/_bookworm/setup_scripts/install_for_target.sh
new file mode 100755 (executable)
index 0000000..6d04152
--- /dev/null
@@ -0,0 +1,18 @@
+#!/bin/sh
+# Walks through the package names in the argument-selected files of
+# apt-mark/ and ensures the respective packages are installed.
+#
+# Ignores anything in an apt-mark/ file after the last newline.
+set -e
+. ./misc.sh
+
+for target in "$@"; do
+    path="${aptmark_dir}/${target}"
+    # TODO: continue if file at $path not found, to get rid of dummy files
+    cat "${path}" | while read line; do
+        echo "$line"
+        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
+            DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=--force-confold install "${line}"
+        fi
+    done
+done
diff --git a/_bookworm/setup_scripts/migrate_borg.sh b/_bookworm/setup_scripts/migrate_borg.sh
new file mode 100755 (executable)
index 0000000..b08cf2d
--- /dev/null
@@ -0,0 +1,17 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 1 "(old server IP)" "$@"
+old_server="$1"
+cp "${setup_scripts_dir}/misc.sh" /home/plom/
+cp "${setup_scripts_dir}/prepare_to_meet_server.sh" /home/plom/
+chown plom:plom /home/plom/prepare_to_meet_server.sh
+su -lc "./prepare_to_meet_server.sh ${old_server}" plom
+read -p'Hit Enter when you are done.' ignore
+rm /home/plom/prepare_to_meet_server.sh
+cp "${setup_scripts_dir}/mirror_dir.sh" /home/plom/
+su -lc "./mirror_dir.sh ${old_server} /home/plom/borg" plom
+rm /home/plom/mirror_dir.sh
+rm /home/plom/misc.sh
diff --git a/_bookworm/setup_scripts/mirror_dir.sh b/_bookworm/setup_scripts/mirror_dir.sh
new file mode 100755 (executable)
index 0000000..d650165
--- /dev/null
@@ -0,0 +1,22 @@
+#!/bin/sh
+# Mirror directory tree from remote to local server, keeping the path.
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 2 "(server, directory)" "$@"
+server=$1
+dir=$2
+path_package=/tmp/delete.tar
+
+eval `ssh-agent`
+ssh-add
+cd
+ssh plom@"${server}" "cd \"${dir}\" && tar cf ${path_package} ."
+scp plom@"${server}":"${path_package}" "${path_package}"
+mkdir -p "${dir}"
+cd "${dir}"
+tar xf "${path_package}"
+cd
+rm "${path_package}"
+ssh plom@"${server}" rm "${path_package}"
diff --git a/_bookworm/setup_scripts/misc.sh b/_bookworm/setup_scripts/misc.sh
new file mode 100644 (file)
index 0000000..30f8e8c
--- /dev/null
@@ -0,0 +1,34 @@
+#!/bin/sh
+set -e
+debian_version="bookworm"
+legal_system_names="x220 w530 h610m"
+config_tree_prefix="${HOME}/public_repos/config/${debian_version}"
+if [ ! -d "${config_tree_prefix}" ]; then
+    config_tree_prefix="${HOME}/config/${debian_version}"
+fi
+setup_scripts_dir="${config_tree_prefix}/setup_scripts"
+aptmark_dir="${config_tree_prefix}/apt-mark"
+
+expect_setup_finished_file() {
+    filename="$1"
+    setup_script="$2"
+    if [ ! -f "${HOME}/${filename}" ]; then
+        echo "First need to run ${setup_script}."
+        false
+    fi
+}
+
+get_system_name_arg() {
+    found=0
+    for system_name_i in $legal_system_names; do
+        if [ "$1" = "$system_name_i" ]; then
+            found=1
+            system_name="${system_name_i}"
+            continue   
+        fi
+    done
+    if [ "$found" = 0 ]; then
+        echo "Need legal system name."
+        false
+    fi
+}
diff --git a/_bookworm/setup_scripts/prepare_to_meet_server.sh b/_bookworm/setup_scripts/prepare_to_meet_server.sh
new file mode 100755 (executable)
index 0000000..8e54ca5
--- /dev/null
@@ -0,0 +1,21 @@
+#!/bin/sh
+# Do some of the steps necessary to SSH (key-based) with another server.
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 1 "(server IP)" "$@"
+target="$1"
+
+# We need a public key to copy over, so generate it if not found.
+if [ ! -f ~/.ssh/id_rsa.pub ]; then
+    ssh-keygen -N ""
+fi
+
+# Add target to ~/.ssh/known_hosts so we don't get
+# asked for permission at inopportune moments.
+ssh-keyscan -H "$target" >> ~/.ssh/known_hosts
+
+# Tell user what to do.
+echo "APPEND FOLLOWING TO TARGET'S ~/.ssh/authorized_keys:"
+cat ~/.ssh/id_rsa.pub
diff --git a/_bookworm/setup_scripts/purge_nonrequireds.sh b/_bookworm/setup_scripts/purge_nonrequireds.sh
new file mode 100755 (executable)
index 0000000..95f2897
--- /dev/null
@@ -0,0 +1,26 @@
+#!/bin/sh
+# This script removes all Debian packages that are not of Priority
+# "required" or not depended on by packages of priority "required"
+# or not listed in the argument-selected files of apt-mark/.
+set -e
+. ./misc.sh
+
+# FIXME packages listed twice in the aptmark_dir get blacklisted?
+
+dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted
+for target in "$@"; do
+    path="${aptmark_dir}/${target}"
+    cat "${path}" | while read line; do
+        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
+            echo "${line}" >> /tmp/list_white_unsorted
+        fi
+    done
+done
+sort /tmp/list_white_unsorted > /tmp/list_white
+dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages
+sort /tmp/list_all_packages > /tmp/foo
+mv /tmp/foo /tmp/list_all_packages
+comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black
+apt-mark auto `cat /tmp/list_black`
+DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
+rm /tmp/list_all_packages /tmp/list_white_unsorted /tmp/list_white /tmp/list_black
diff --git a/_bookworm/setup_scripts/set_hostname_and_fqdn.sh b/_bookworm/setup_scripts/set_hostname_and_fqdn.sh
new file mode 100755 (executable)
index 0000000..929d8bc
--- /dev/null
@@ -0,0 +1,50 @@
+#!/bin/sh
+# Sets hostname and optionally FQDN.
+#
+# Calls hostname, writes to /etc/hostname and /etc/hosts. For /etc/hosts
+# writing follows recommendations from Debian manual at
+# <https://www.debian.org/doc/manuals/debian-reference/ch05.en.html>
+# (section "The hostname resolution") on how to map hostname and possibly
+# FQDN to a permanent IP if present (we assume here any non-private IP
+# and non-loopback IP returned by hostname -I to fulfill that criterion
+# on our systems) or to 127.0.1.1 if not. On the reasoning for separating
+# localhost and hostname mapping to different IPs, see
+# <https://unix.stackexchange.com/a/13087>.
+#
+# Ignores IPv6s.
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 1 "(hostname, fqdn)" "$@"
+
+hostname="$1"
+fqdn="$2"
+echo "${hostname}" > /etc/hostname
+hostname "${hostname}"
+
+final_ip="127.0.1.1"
+for ip in $(hostname -I); do
+    if [ $(echo "${ip}" | grep ':' | wc -l) -eq 1 ]; then
+        continue
+    fi
+    range_1=$(echo "${ip}" | cut -d "." -f 1)
+    range_2=$(echo "${ip}" | cut -d "." -f 2)
+    if [ "${range_1}" -eq 127 ]; then
+        continue
+    elif [ "${range_1}" -eq 10 ]; then
+        continue
+    elif [ "${range_1}" -eq 172 ]; then
+        if [ "${range_2}" -ge 16 ] && [ "${range_2}" -le 31 ]; then
+            continue
+        fi
+    elif [ "${range_1}" -eq 192 ]; then
+        if [ "${range_2}" -eq 168 ]; then
+            continue
+        fi
+    fi
+    final_ip="${ip}"
+done
+
+echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
+echo "${final_ip} ${fqdn} ${hostname}" >> /etc/hosts
diff --git a/_bookworm/setup_scripts/setup_desktop.sh b/_bookworm/setup_scripts/setup_desktop.sh
new file mode 100755 (executable)
index 0000000..fe11b83
--- /dev/null
@@ -0,0 +1,56 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 1 "(system name)" "$@"
+get_system_name_arg "$1"
+
+# Set up system without user environment.
+cd "${setup_scripts_dir}"
+if [ "$system_name" = "w530" || "$system_name" = "x220"]; then
+    ./_setup.sh "${system_name}" "" user desktop thinkpad "${system_name}"
+else
+    ./_setup.sh "${system_name}" "" user desktop "${system_name}"
+fi
+
+# # Set up printer.
+# ppd_deb="hll2350dwpdrv-4.0.0-1.i386.deb"
+# wget "https://download.brother.com/welcome/dlf103566/${ppd_deb}"
+# dpkg --add-architecture i386
+# apt update
+# apt install -y "./${ppd_deb}"
+# service cups restart
+# # lpadmin -p 'Brother_HLL2350DW' -m 'brother-HLL2350DW-cups-en.ppd'
+# rm "./${ppd_deb}"
+# # TODO explore potential lpadmin options like -o 'OutputMode=NormalGray'
+
+# Set up NVIDIA eGPU config.
+if [ "$system_name" = "w530" ]; then
+    cd
+    git clone https://github.com/NVIDIA/open-gpu-kernel-modules
+    cd open-gpu-kernel-modules
+    git checkout 337e28e
+    # git checkout 4c29105335610933e744f4ab2524ea63fc39edaf
+    make modules -j$(nproc)
+    make modules_install
+    cd
+    driver_version=535.86.05
+    # driver_version=545.29.06
+    runscript=NVIDIA-Linux-x86_64-${driver_version}.run
+    wget https://us.download.nvidia.com/XFree86/Linux-x86_64/${driver_version}/${runscript}
+    rmmod nouveau
+    chmod u+x ${runscript} 
+    ./${runscript} --no-kernel-modules --silent
+    depmod
+    # TODO I suspect that the GPU falling of the bus may be mildened by running nvidia-persistenced, check https://github.com/NVIDIA/nvidia-persistenced/tree/main/init  
+fi
+
+# Set up user environments.
+cd "${setup_scripts_dir}"
+./copy_dirtree.sh "${config_tree_prefix}/home_files" "/root" minimal root
+adduser --disabled-password --gecos "" plom
+usermod -a -G sudo plom
+passwd plom
+cp -a ~/config /home/plom
+chown -R plom:plom /home/plom/config
diff --git a/_bookworm/setup_scripts/setup_firefox.sh b/_bookworm/setup_scripts/setup_firefox.sh
new file mode 100755 (executable)
index 0000000..5466b67
--- /dev/null
@@ -0,0 +1,19 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+
+# Install Firefox directly from Mozilla.
+firefox_release="128.4.0esr"
+firefox_filename="firefox-${firefox_release}.tar.bz2"
+url_firefox="https://ftp.mozilla.org/pub/firefox/releases/${firefox_release}/linux-x86_64/en-US/${firefox_filename}"
+wget "${url_firefox}"
+mv "${firefox_filename}" /opt/
+cd /opt/
+tar xf "${firefox_filename}"
+rm "${firefox_filename}"
+ln -f -s /opt/firefox/firefox /usr/local/bin/
+update-alternatives --install /usr/bin/x-www-browser x-www-browser /opt/firefox/firefox 200
+update-alternatives --set x-www-browser /opt/firefox/firefox
+
+echo "TODO: Install uBlock Origin and tridactyl plugins, run :installnative and :source."
+
diff --git a/_bookworm/setup_scripts/setup_home.sh b/_bookworm/setup_scripts/setup_home.sh
new file mode 100755 (executable)
index 0000000..54f0db1
--- /dev/null
@@ -0,0 +1,109 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 1 "(system name)" "$@"
+get_system_name_arg "$1"
+
+cd $setup_scripts_dir
+./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}"
+
+secrets_dev="sdb"
+source_dir_secrets="/media/${secrets_dev}/to_usb"
+target_dir_secrets="${HOME}/tmp_secrets"
+echo "Put secrets drive into slot for /dev/${secrets_dev}."
+while [ ! -e /dev/"${secrets_dev}" ]; do
+    sleep 1
+done
+stty -echo
+printf "Secrets passphrase: "
+read SECRETS_PASS 
+stty echo
+echo "" # newline so user knows their input return was accepted
+sudo -v
+echo "${SECRETS_PASS}" | sudo pmount /dev/"${secrets_dev}"
+cp -a "${source_dir_secrets}" "${target_dir_secrets}"
+sudo chown -R plom:plom "${target_dir_secrets}"
+sudo pumount "${secrets_dev}"
+echo "You can remove /dev/${secrets_dev} now."
+
+# Set up iniitial non-public parts of infrastructure: SSH authentication.
+ssh_dir=~/.ssh
+cd "${target_dir_secrets}"
+mkdir -p "${ssh_dir}"
+echo "Setting up .ssh"
+cp id_rsa ~/.ssh
+stty -echo
+ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
+stty echo
+eval $(ssh-agent)
+ssh-add
+ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts
+
+# Fill ~/public_repos.
+public_repos_dir="${HOME}/public_repos"
+repos_list_file="${public_repos_dir}/repos"
+mkdir -p "${public_repos_dir}"
+cat "${repos_list_file}" | while read line; do
+    first_char=$(echo "${line}" | cut -c1)
+    if [ "${first_char}" = "#" ]; then
+        continue
+    fi
+    repo_name="${line}"
+    if [ ! -d "${public_repos_dir}/${repo_name}" ]; then
+        cd "${public_repos_dir}"
+        git clone plom@plomlompom.com:/var/repos/${repo_name}
+    fi
+done
+
+# Remove redundant config repo copy.
+config_tree_prefix="${public_repos_dir}/config/${debian_version}"
+rm -rf ~/config
+
+# # Set up native messenger for tridactyl.
+# version='ef9f02d0da258f68d7faf8898707f6d83d90d07a'
+# curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash
+
+# Set up further non-public parts of infrastructure.
+cd "${target_dir_secrets}"
+script -c 'gpg --import secret_keys.asc' /dev/null
+path_borgscript="${config_tree_prefix}//borg.sh"
+
+# borg setup
+borgkeys_dir=~/.config/borg/keys
+borgrepos_file=~/.borgrepos
+tar xf borg_keyfiles.tar
+mkdir -p "${borgkeys_dir}"
+mv borg_keyfiles/* "${borgkeys_dir}"
+# Sync org dir via borgbackup. For this we need the borgbackup servers
+# in our .ssh/known_hosts file.
+cat "${borgrepos_file}" | while read line; do
+    first_char=$(echo "${line}" | cut -c1)
+    if [ "${first_char}" = "#" ]; then
+        continue
+    fi
+    server=$(echo "${line}" | sed 's/.*@//')
+    ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts
+done
+BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull
+
+# .authinfo may not be present on every secrets drive yet
+authinfo_file=.authinfo
+if [ -f "${authinfo_file}" ]; then
+    cp "${authinfo_file}" ~
+fi
+cd
+
+maildir=~/mail/maildir
+# # Set up e-mail system. Note that we only do mbsync if the imap pass file
+# # is found. It may not be present on every secrets drive yet, so we have to
+# # deal with the possibility of it being absent at this point.
+mkdir -p "${maildir}"  # expected by mbsync/isync
+if [ -f "${HOME}/${authinfo_file}" ]; then
+    mbsync -a
+    notmuch new
+fi
+
+# # Final note on how to integrate tridactyl.
+# echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start."
diff --git a/_bookworm/setup_scripts/setup_nvidia.sh b/_bookworm/setup_scripts/setup_nvidia.sh
new file mode 100755 (executable)
index 0000000..d05c8d1
--- /dev/null
@@ -0,0 +1,24 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+
+# Set up NVIDIA eGPU config.
+cd
+# git clone https://github.com/NVIDIA/open-gpu-kernel-modules
+# cd open-gpu-kernel-modules
+# git checkout 337e28e
+# # git checkout 4c29105335610933e744f4ab2524ea63fc39edaf
+# make modules -j$(nproc)
+# make modules_install
+# cd
+driver_version=535.86.05
+# driver_version=545.29.06
+runscript=NVIDIA-Linux-x86_64-${driver_version}.run
+# wget https://us.download.nvidia.com/XFree86/Linux-x86_64/${driver_version}/${runscript}
+set +e
+rmmod nouveau
+set -e
+chmod u+x ${runscript} 
+./${runscript} --no-kernel-modules --silent
+depmod
+# TODO I suspect that the GPU falling of the bus may be mildened by running nvidia-persistenced, check https://github.com/NVIDIA/nvidia-persistenced/tree/main/init  
diff --git a/_bookworm/setup_scripts/setup_seedbox.sh b/_bookworm/setup_scripts/setup_seedbox.sh
new file mode 100755 (executable)
index 0000000..f641011
--- /dev/null
@@ -0,0 +1,19 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_setup_finished_file setup_server_has_been_run setup_server.sh
+
+plom_home_dir=/home/plom
+
+cd "${setup_scripts_dir}"
+cp "${config_tree_prefix}/home_files/seedbox/.rtorrent.rc" "${plom_home_dir}"
+chown plom:plom "${plom_home_dir}/.rtorrent.rc"
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" seedbox
+./install_for_target.sh seedbox
+mkdir "${plom_home_dir}/downloads"
+chown plom:plom "${plom_home_dir}/downloads"
+mkdir "${plom_home_dir}/session"
+chown plom:plom "${plom_home_dir}/session"
+systemctl enable rtorrent.service --now
diff --git a/_bookworm/setup_scripts/setup_server.sh b/_bookworm/setup_scripts/setup_server.sh
new file mode 100755 (executable)
index 0000000..c854b95
--- /dev/null
@@ -0,0 +1,24 @@
+#!/bin/sh
+# Next setup steps for a server whose login policy has just been set from
+# the outside via ./init_user_login.sh or ./init_user_and_keybased_login.sh
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 2 "(hostname, FQDN)" "$@"
+hostname="$1"
+fqdn="$2"
+additional_arg="$3"
+
+# Set up basic server system.
+cd "${setup_scripts_dir}"
+./_setup.sh "${hostname}" "${fqdn}" server "$@"
+
+# If we have not yet set the shell for user plom, ensure it here. This
+# is mostly for convenience.
+usermod -s /bin/bash plom
+
+# Enable firewall.
+systemctl enable nftables.service
+
+touch "$HOME/setup_server_has_been_run"
diff --git a/_bookworm/setup_scripts/setup_static_website.sh b/_bookworm/setup_scripts/setup_static_website.sh
new file mode 100755 (executable)
index 0000000..bdfb7d3
--- /dev/null
@@ -0,0 +1,60 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_setup_finished_file setup_web_has_been_run setup_web.sh
+
+expect_n_args 1 "(website template, i.e. status.plomlompom.com, tube.plomlompom.com …)" "$@"
+website_template="$1"
+shift 1
+
+mirror_ip=""
+mirror_state="not mirroring automatically, since no IP given"
+domain="${website_template}"
+mail="plom+webmaster@plomlompom.com"
+if [ "$#" -gt 0 ]; then
+    domain="$1"
+    if [ "$#" -gt 1 ]; then
+        mail="$2"
+       if [ "$#" -gt 2 ]; then
+           mirror_ip="$3"
+            mirror_state="mirroring automatically from ${mirror_ip}"
+        fi
+    fi
+fi
+echo "Assuming domain ${domain} and letsencrypt support mail address ${mail} and ${mirror_state}, abort and provide as arguments in this order if other desired! (Otherwise just hit Return.)"
+read _
+
+if [ ! -z "${mirror_ip}" ]; then
+    # Set up connection to old server.
+    cp "${setup_scripts_dir}/misc.sh" /home/plom/
+    cp "${setup_scripts_dir}/prepare_to_meet_server.sh" /home/plom/
+    chown plom:plom /home/plom/prepare_to_meet_server.sh
+    su -lc "./prepare_to_meet_server.sh ${mirror_ip}" plom
+    read -p 'Hit Enter when you are done.' ignore
+    rm /home/plom/prepare_to_meet_server.sh
+
+    # Mirror dirs.
+    cp "${setup_scripts_dir}/mirror_dir.sh" /home/plom/
+    su -lc "./mirror_dir.sh ${mirror_ip} /var/www/${website_template}" plom
+    rm /home/plom/mirror_dir.sh
+    rm /home/plom/misc.sh
+fi
+
+# Install configs, set up firewall.
+./install_for_target.sh "${website_template}" 
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" "${website_template}" 
+nft -f /etc/nftables.conf
+
+# Set up letsencrypt certificate. TODO: Is it auto-renewed?
+ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
+certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
+rm /etc/nginx/sites-enabled/default
+
+# Prepare NGINX.
+sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" "/etc/nginx/sites-available/${website_template}.nginx"
+ln -s "/etc/nginx/sites-available/${website_template}.nginx" "/etc/nginx/sites-enabled/${website_template}.nginx"
+
+service nginx restart
+
diff --git a/_bookworm/setup_scripts/setup_web.sh b/_bookworm/setup_scripts/setup_web.sh
new file mode 100755 (executable)
index 0000000..4807e8a
--- /dev/null
@@ -0,0 +1,29 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_setup_finished_file setup_server_has_been_run setup_server.sh
+
+expect_n_args 1 "(domain name)" "$@"
+domain="$1"
+
+# Install configs, set up firewall.
+./install_for_target.sh web
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web
+nft -f /etc/nftables.conf
+
+chown plom /var/www
+
+# # Set up letsencrypt certificate. TODO: Is it auto-renewed?
+# ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
+# certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
+# rm /etc/nginx/sites-enabled/default
+
+# # Prepare NGINX for status.plomlompom.com.
+# sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/status.plomlompom.com.nginx
+# ln -s /etc/nginx/sites-available/status.plomlompom.com.nginx /etc/nginx/sites-enabled/status.plomlompom.com.nginx
+# 
+# service nginx restart
+
+touch "$HOME/setup_web_has_been_run"
diff --git a/_bookworm/setup_scripts/upgrade_from_older_release.sh b/_bookworm/setup_scripts/upgrade_from_older_release.sh
new file mode 100755 (executable)
index 0000000..c13b8ca
--- /dev/null
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+# Upgrade a fresh (!) system to Bookworm, as per [1]. Fresh, because: Don't
+# expect any customized config files to survive this. If you run this on a
+# remote machine, take care not to loose anything you need to re-connect, e.g.
+# any relevant adaptations you did to /etc/ssh/sshd_config …
+
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+path_sources_list="/etc/apt/sources.list"
+
+export DEBIAN_FRONTEND=noninteractive
+apt update
+apt -y -o Dpkg::Options::="--force-confnew" upgrade
+apt -y -o Dpkg::Options::="--force-confnew" full-upgrade
+cp "${config_tree_prefix}/etc_files/all${path_sources_list}" "${path_sources_list}"
+apt clean
+apt update
+apt -y -o Dpkg::Options::="--force-confnew" upgrade
+apt -y -o Dpkg::Options::="--force-confnew" full-upgrade
+apt -y autoremove
+cp "${local_path_sshd_config}" "${system_path_sshd_config}"
diff --git a/archived/__constants.sh b/archived/__constants.sh
new file mode 100755 (executable)
index 0000000..ac6dd89
--- /dev/null
@@ -0,0 +1,22 @@
+#!/bin/sh
+set -e
+
+PATH_REL_ETC=etc
+PATH_REL_APTMARK=aptmark
+PATH_REL_REPO=config
+PATH_REL_HOME=home
+PATH_MANY=../../many_releases
+PATH_MANY_MISC="${PATH_MANY}/scripts/_misc.sh"
+ROOTS_HERE_AND_MANY="${PATH_MANY} .."
+
+USERNAME=plom
+PATH_USER_HOME="/home/${USERNAME}"
+
+FILENAME_PRIVATE_KEY=id_rsa
+FILENAME_PUBLIC_KEY="${FILENAME_PRIVATE_KEY}.pub"
+URL_PUBLIC_KEY="https://dump.plomlompom.com/dump/${FILENAME_PUBLIC_KEY}"
+PATH_REL_LOCAL_SSH=.ssh
+PATH_REL_AUTHORIZED_KEYS="${PATH_REL_LOCAL_SSH}/authorized_keys"
+PATH_AUTHORIZED_KEYS="${HOME}/${PATH_REL_AUTHORIZED_KEYS}"
+PATH_USER_SSH="${PATH_USER_HOME}/${PATH_REL_LOCAL_SSH}"
+
diff --git a/archived/__many_releases/aptmark/all b/archived/__many_releases/aptmark/all
new file mode 100644 (file)
index 0000000..41bd4a9
--- /dev/null
@@ -0,0 +1,12 @@
+# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client unpredictably so
+ifupdown
+isc-dhcp-client
+# git for the setup directory; cloning works with ca-certificates
+ca-certificates
+git
+# to avoid constant warnings about no locale being found
+locales
+# extremely useful for basic network debugging; missed these more than once in an emergency
+netcat-traditional
+iputils-ping
+
diff --git a/archived/__many_releases/aptmark/raspi b/archived/__many_releases/aptmark/raspi
new file mode 100644 (file)
index 0000000..a59c153
--- /dev/null
@@ -0,0 +1,30 @@
+# so we can still connect
+openssh-server
+# this gotta be good for _something_ …
+raspi-firmware
+# to boot into a graphical environment
+greetd
+sway
+# for waybar script
+calc
+# for sound
+pulseaudio
+# for setting console keyboard via /etc/default/keyboard 
+console-setup
+# for setting system time
+ntpsec-ntpdate
+# basic usage
+mpv
+firefox-esr
+# for convenience
+foot
+less
+sudo
+vim
+ack
+man-db
+# for ytplom
+python3-venv
+libmpv2
+ffmpeg
+
diff --git a/archived/__many_releases/etc/all/apt/apt.conf.d/99_minimize_dependencies b/archived/__many_releases/etc/all/apt/apt.conf.d/99_minimize_dependencies
new file mode 100644 (file)
index 0000000..4aaef79
--- /dev/null
@@ -0,0 +1,4 @@
+APT::AutoRemove::RecommendsImportant "false";
+APT::AutoRemove::SuggestsImportant "false";
+APT::Install-Recommends "false";
+APT::Install-Suggests "false";
diff --git a/archived/__many_releases/etc/all/locale.conf b/archived/__many_releases/etc/all/locale.conf
new file mode 100644 (file)
index 0000000..dd6eee3
--- /dev/null
@@ -0,0 +1 @@
+LANG="en_US.UTF-8"
diff --git a/archived/__many_releases/etc/all/locale.gen b/archived/__many_releases/etc/all/locale.gen
new file mode 100644 (file)
index 0000000..a28cfa4
--- /dev/null
@@ -0,0 +1,483 @@
+# This file lists locales that you wish to have built. You can find a list
+# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
+# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
+# this file, you need to rerun locale-gen.
+
+
+# aa_DJ ISO-8859-1
+# aa_DJ.UTF-8 UTF-8
+# aa_ER UTF-8
+# aa_ER@saaho UTF-8
+# aa_ET UTF-8
+# af_ZA ISO-8859-1
+# af_ZA.UTF-8 UTF-8
+# ak_GH UTF-8
+# am_ET UTF-8
+# an_ES ISO-8859-15
+# an_ES.UTF-8 UTF-8
+# anp_IN UTF-8
+# ar_AE ISO-8859-6
+# ar_AE.UTF-8 UTF-8
+# ar_BH ISO-8859-6
+# ar_BH.UTF-8 UTF-8
+# ar_DZ ISO-8859-6
+# ar_DZ.UTF-8 UTF-8
+# ar_EG ISO-8859-6
+# ar_EG.UTF-8 UTF-8
+# ar_IN UTF-8
+# ar_IQ ISO-8859-6
+# ar_IQ.UTF-8 UTF-8
+# ar_JO ISO-8859-6
+# ar_JO.UTF-8 UTF-8
+# ar_KW ISO-8859-6
+# ar_KW.UTF-8 UTF-8
+# ar_LB ISO-8859-6
+# ar_LB.UTF-8 UTF-8
+# ar_LY ISO-8859-6
+# ar_LY.UTF-8 UTF-8
+# ar_MA ISO-8859-6
+# ar_MA.UTF-8 UTF-8
+# ar_OM ISO-8859-6
+# ar_OM.UTF-8 UTF-8
+# ar_QA ISO-8859-6
+# ar_QA.UTF-8 UTF-8
+# ar_SA ISO-8859-6
+# ar_SA.UTF-8 UTF-8
+# ar_SD ISO-8859-6
+# ar_SD.UTF-8 UTF-8
+# ar_SS UTF-8
+# ar_SY ISO-8859-6
+# ar_SY.UTF-8 UTF-8
+# ar_TN ISO-8859-6
+# ar_TN.UTF-8 UTF-8
+# ar_YE ISO-8859-6
+# ar_YE.UTF-8 UTF-8
+# as_IN UTF-8
+# ast_ES ISO-8859-15
+# ast_ES.UTF-8 UTF-8
+# ayc_PE UTF-8
+# az_AZ UTF-8
+# be_BY CP1251
+# be_BY.UTF-8 UTF-8
+# be_BY@latin UTF-8
+# bem_ZM UTF-8
+# ber_DZ UTF-8
+# ber_MA UTF-8
+# bg_BG CP1251
+# bg_BG.UTF-8 UTF-8
+# bhb_IN.UTF-8 UTF-8
+# bho_IN UTF-8
+# bn_BD UTF-8
+# bn_IN UTF-8
+# bo_CN UTF-8
+# bo_IN UTF-8
+# br_FR ISO-8859-1
+# br_FR.UTF-8 UTF-8
+# br_FR@euro ISO-8859-15
+# brx_IN UTF-8
+# bs_BA ISO-8859-2
+# bs_BA.UTF-8 UTF-8
+# byn_ER UTF-8
+# ca_AD ISO-8859-15
+# ca_AD.UTF-8 UTF-8
+# ca_ES ISO-8859-1
+# ca_ES.UTF-8 UTF-8
+# ca_ES.UTF-8@valencia UTF-8
+# ca_ES@euro ISO-8859-15
+# ca_ES@valencia ISO-8859-15
+# ca_FR ISO-8859-15
+# ca_FR.UTF-8 UTF-8
+# ca_IT ISO-8859-15
+# ca_IT.UTF-8 UTF-8
+# ce_RU UTF-8
+# chr_US UTF-8
+# cmn_TW UTF-8
+# crh_UA UTF-8
+# cs_CZ ISO-8859-2
+# cs_CZ.UTF-8 UTF-8
+# csb_PL UTF-8
+# cv_RU UTF-8
+# cy_GB ISO-8859-14
+# cy_GB.UTF-8 UTF-8
+# da_DK ISO-8859-1
+# da_DK.UTF-8 UTF-8
+# de_AT ISO-8859-1
+# de_AT.UTF-8 UTF-8
+# de_AT@euro ISO-8859-15
+# de_BE ISO-8859-1
+# de_BE.UTF-8 UTF-8
+# de_BE@euro ISO-8859-15
+# de_CH ISO-8859-1
+# de_CH.UTF-8 UTF-8
+# de_DE ISO-8859-1
+# de_DE.UTF-8 UTF-8
+# de_DE@euro ISO-8859-15
+# de_IT ISO-8859-1
+# de_IT.UTF-8 UTF-8
+# de_LI.UTF-8 UTF-8
+# de_LU ISO-8859-1
+# de_LU.UTF-8 UTF-8
+# de_LU@euro ISO-8859-15
+# doi_IN UTF-8
+# dv_MV UTF-8
+# dz_BT UTF-8
+# el_CY ISO-8859-7
+# el_CY.UTF-8 UTF-8
+# el_GR ISO-8859-7
+# el_GR.UTF-8 UTF-8
+# en_AG UTF-8
+# en_AU ISO-8859-1
+# en_AU.UTF-8 UTF-8
+# en_BW ISO-8859-1
+# en_BW.UTF-8 UTF-8
+# en_CA ISO-8859-1
+# en_CA.UTF-8 UTF-8
+# en_DK ISO-8859-1
+# en_DK.ISO-8859-15 ISO-8859-15
+# en_DK.UTF-8 UTF-8
+# en_GB ISO-8859-1
+# en_GB.ISO-8859-15 ISO-8859-15
+# en_GB.UTF-8 UTF-8
+# en_HK ISO-8859-1
+# en_HK.UTF-8 UTF-8
+# en_IE ISO-8859-1
+# en_IE.UTF-8 UTF-8
+# en_IE@euro ISO-8859-15
+# en_IL UTF-8
+# en_IN UTF-8
+# en_NG UTF-8
+# en_NZ ISO-8859-1
+# en_NZ.UTF-8 UTF-8
+# en_PH ISO-8859-1
+# en_PH.UTF-8 UTF-8
+# en_SG ISO-8859-1
+# en_SG.UTF-8 UTF-8
+# en_US ISO-8859-1
+# en_US.ISO-8859-15 ISO-8859-15
+en_US.UTF-8 UTF-8
+# en_ZA ISO-8859-1
+# en_ZA.UTF-8 UTF-8
+# en_ZM UTF-8
+# en_ZW ISO-8859-1
+# en_ZW.UTF-8 UTF-8
+# eo UTF-8
+# es_AR ISO-8859-1
+# es_AR.UTF-8 UTF-8
+# es_BO ISO-8859-1
+# es_BO.UTF-8 UTF-8
+# es_CL ISO-8859-1
+# es_CL.UTF-8 UTF-8
+# es_CO ISO-8859-1
+# es_CO.UTF-8 UTF-8
+# es_CR ISO-8859-1
+# es_CR.UTF-8 UTF-8
+# es_CU UTF-8
+# es_DO ISO-8859-1
+# es_DO.UTF-8 UTF-8
+# es_EC ISO-8859-1
+# es_EC.UTF-8 UTF-8
+# es_ES ISO-8859-1
+# es_ES.UTF-8 UTF-8
+# es_ES@euro ISO-8859-15
+# es_GT ISO-8859-1
+# es_GT.UTF-8 UTF-8
+# es_HN ISO-8859-1
+# es_HN.UTF-8 UTF-8
+# es_MX ISO-8859-1
+# es_MX.UTF-8 UTF-8
+# es_NI ISO-8859-1
+# es_NI.UTF-8 UTF-8
+# es_PA ISO-8859-1
+# es_PA.UTF-8 UTF-8
+# es_PE ISO-8859-1
+# es_PE.UTF-8 UTF-8
+# es_PR ISO-8859-1
+# es_PR.UTF-8 UTF-8
+# es_PY ISO-8859-1
+# es_PY.UTF-8 UTF-8
+# es_SV ISO-8859-1
+# es_SV.UTF-8 UTF-8
+# es_US ISO-8859-1
+# es_US.UTF-8 UTF-8
+# es_UY ISO-8859-1
+# es_UY.UTF-8 UTF-8
+# es_VE ISO-8859-1
+# es_VE.UTF-8 UTF-8
+# et_EE ISO-8859-1
+# et_EE.ISO-8859-15 ISO-8859-15
+# et_EE.UTF-8 UTF-8
+# eu_ES ISO-8859-1
+# eu_ES.UTF-8 UTF-8
+# eu_ES@euro ISO-8859-15
+# eu_FR ISO-8859-1
+# eu_FR.UTF-8 UTF-8
+# eu_FR@euro ISO-8859-15
+# fa_IR UTF-8
+# ff_SN UTF-8
+# fi_FI ISO-8859-1
+# fi_FI.UTF-8 UTF-8
+# fi_FI@euro ISO-8859-15
+# fil_PH UTF-8
+# fo_FO ISO-8859-1
+# fo_FO.UTF-8 UTF-8
+# fr_BE ISO-8859-1
+# fr_BE.UTF-8 UTF-8
+# fr_BE@euro ISO-8859-15
+# fr_CA ISO-8859-1
+# fr_CA.UTF-8 UTF-8
+# fr_CH ISO-8859-1
+# fr_CH.UTF-8 UTF-8
+# fr_FR ISO-8859-1
+# fr_FR.UTF-8 UTF-8
+# fr_FR@euro ISO-8859-15
+# fr_LU ISO-8859-1
+# fr_LU.UTF-8 UTF-8
+# fr_LU@euro ISO-8859-15
+# fur_IT UTF-8
+# fy_DE UTF-8
+# fy_NL UTF-8
+# ga_IE ISO-8859-1
+# ga_IE.UTF-8 UTF-8
+# ga_IE@euro ISO-8859-15
+# gd_GB ISO-8859-15
+# gd_GB.UTF-8 UTF-8
+# gez_ER UTF-8
+# gez_ER@abegede UTF-8
+# gez_ET UTF-8
+# gez_ET@abegede UTF-8
+# gl_ES ISO-8859-1
+# gl_ES.UTF-8 UTF-8
+# gl_ES@euro ISO-8859-15
+# gu_IN UTF-8
+# gv_GB ISO-8859-1
+# gv_GB.UTF-8 UTF-8
+# ha_NG UTF-8
+# hak_TW UTF-8
+# he_IL ISO-8859-8
+# he_IL.UTF-8 UTF-8
+# hi_IN UTF-8
+# hne_IN UTF-8
+# hr_HR ISO-8859-2
+# hr_HR.UTF-8 UTF-8
+# hsb_DE ISO-8859-2
+# hsb_DE.UTF-8 UTF-8
+# ht_HT UTF-8
+# hu_HU ISO-8859-2
+# hu_HU.UTF-8 UTF-8
+# hy_AM UTF-8
+# hy_AM.ARMSCII-8 ARMSCII-8
+# ia_FR UTF-8
+# id_ID ISO-8859-1
+# id_ID.UTF-8 UTF-8
+# ig_NG UTF-8
+# ik_CA UTF-8
+# is_IS ISO-8859-1
+# is_IS.UTF-8 UTF-8
+# it_CH ISO-8859-1
+# it_CH.UTF-8 UTF-8
+# it_IT ISO-8859-1
+# it_IT.UTF-8 UTF-8
+# it_IT@euro ISO-8859-15
+# iu_CA UTF-8
+# ja_JP.EUC-JP EUC-JP
+# ja_JP.UTF-8 UTF-8
+# ka_GE GEORGIAN-PS
+# ka_GE.UTF-8 UTF-8
+# kk_KZ PT154
+# kk_KZ.RK1048 RK1048
+# kk_KZ.UTF-8 UTF-8
+# kl_GL ISO-8859-1
+# kl_GL.UTF-8 UTF-8
+# km_KH UTF-8
+# kn_IN UTF-8
+# ko_KR.EUC-KR EUC-KR
+# ko_KR.UTF-8 UTF-8
+# kok_IN UTF-8
+# ks_IN UTF-8
+# ks_IN@devanagari UTF-8
+# ku_TR ISO-8859-9
+# ku_TR.UTF-8 UTF-8
+# kw_GB ISO-8859-1
+# kw_GB.UTF-8 UTF-8
+# ky_KG UTF-8
+# lb_LU UTF-8
+# lg_UG ISO-8859-10
+# lg_UG.UTF-8 UTF-8
+# li_BE UTF-8
+# li_NL UTF-8
+# lij_IT UTF-8
+# ln_CD UTF-8
+# lo_LA UTF-8
+# lt_LT ISO-8859-13
+# lt_LT.UTF-8 UTF-8
+# lv_LV ISO-8859-13
+# lv_LV.UTF-8 UTF-8
+# lzh_TW UTF-8
+# mag_IN UTF-8
+# mai_IN UTF-8
+# mg_MG ISO-8859-15
+# mg_MG.UTF-8 UTF-8
+# mhr_RU UTF-8
+# mi_NZ ISO-8859-13
+# mi_NZ.UTF-8 UTF-8
+# mk_MK ISO-8859-5
+# mk_MK.UTF-8 UTF-8
+# ml_IN UTF-8
+# mn_MN UTF-8
+# mni_IN UTF-8
+# mr_IN UTF-8
+# ms_MY ISO-8859-1
+# ms_MY.UTF-8 UTF-8
+# mt_MT ISO-8859-3
+# mt_MT.UTF-8 UTF-8
+# my_MM UTF-8
+# nan_TW UTF-8
+# nan_TW@latin UTF-8
+# nb_NO ISO-8859-1
+# nb_NO.UTF-8 UTF-8
+# nds_DE UTF-8
+# nds_NL UTF-8
+# ne_NP UTF-8
+# nhn_MX UTF-8
+# niu_NU UTF-8
+# niu_NZ UTF-8
+# nl_AW UTF-8
+# nl_BE ISO-8859-1
+# nl_BE.UTF-8 UTF-8
+# nl_BE@euro ISO-8859-15
+# nl_NL ISO-8859-1
+# nl_NL.UTF-8 UTF-8
+# nl_NL@euro ISO-8859-15
+# nn_NO ISO-8859-1
+# nn_NO.UTF-8 UTF-8
+# nr_ZA UTF-8
+# nso_ZA UTF-8
+# oc_FR ISO-8859-1
+# oc_FR.UTF-8 UTF-8
+# om_ET UTF-8
+# om_KE ISO-8859-1
+# om_KE.UTF-8 UTF-8
+# or_IN UTF-8
+# os_RU UTF-8
+# pa_IN UTF-8
+# pa_PK UTF-8
+# pap_AW UTF-8
+# pap_CW UTF-8
+# pl_PL ISO-8859-2
+# pl_PL.UTF-8 UTF-8
+# ps_AF UTF-8
+# pt_BR ISO-8859-1
+# pt_BR.UTF-8 UTF-8
+# pt_PT ISO-8859-1
+# pt_PT.UTF-8 UTF-8
+# pt_PT@euro ISO-8859-15
+# quz_PE UTF-8
+# raj_IN UTF-8
+# ro_RO ISO-8859-2
+# ro_RO.UTF-8 UTF-8
+# ru_RU ISO-8859-5
+# ru_RU.CP1251 CP1251
+# ru_RU.KOI8-R KOI8-R
+# ru_RU.UTF-8 UTF-8
+# ru_UA KOI8-U
+# ru_UA.UTF-8 UTF-8
+# rw_RW UTF-8
+# sa_IN UTF-8
+# sat_IN UTF-8
+# sc_IT UTF-8
+# sd_IN UTF-8
+# sd_IN@devanagari UTF-8
+# se_NO UTF-8
+# sgs_LT UTF-8
+# shs_CA UTF-8
+# si_LK UTF-8
+# sid_ET UTF-8
+# sk_SK ISO-8859-2
+# sk_SK.UTF-8 UTF-8
+# sl_SI ISO-8859-2
+# sl_SI.UTF-8 UTF-8
+# so_DJ ISO-8859-1
+# so_DJ.UTF-8 UTF-8
+# so_ET UTF-8
+# so_KE ISO-8859-1
+# so_KE.UTF-8 UTF-8
+# so_SO ISO-8859-1
+# so_SO.UTF-8 UTF-8
+# sq_AL ISO-8859-1
+# sq_AL.UTF-8 UTF-8
+# sq_MK UTF-8
+# sr_ME UTF-8
+# sr_RS UTF-8
+# sr_RS@latin UTF-8
+# ss_ZA UTF-8
+# st_ZA ISO-8859-1
+# st_ZA.UTF-8 UTF-8
+# sv_FI ISO-8859-1
+# sv_FI.UTF-8 UTF-8
+# sv_FI@euro ISO-8859-15
+# sv_SE ISO-8859-1
+# sv_SE.ISO-8859-15 ISO-8859-15
+# sv_SE.UTF-8 UTF-8
+# sw_KE UTF-8
+# sw_TZ UTF-8
+# szl_PL UTF-8
+# ta_IN UTF-8
+# ta_LK UTF-8
+# tcy_IN.UTF-8 UTF-8
+# te_IN UTF-8
+# tg_TJ KOI8-T
+# tg_TJ.UTF-8 UTF-8
+# th_TH TIS-620
+# th_TH.UTF-8 UTF-8
+# the_NP UTF-8
+# ti_ER UTF-8
+# ti_ET UTF-8
+# tig_ER UTF-8
+# tk_TM UTF-8
+# tl_PH ISO-8859-1
+# tl_PH.UTF-8 UTF-8
+# tn_ZA UTF-8
+# tr_CY ISO-8859-9
+# tr_CY.UTF-8 UTF-8
+# tr_TR ISO-8859-9
+# tr_TR.UTF-8 UTF-8
+# ts_ZA UTF-8
+# tt_RU UTF-8
+# tt_RU@iqtelif UTF-8
+# ug_CN UTF-8
+# uk_UA KOI8-U
+# uk_UA.UTF-8 UTF-8
+# unm_US UTF-8
+# ur_IN UTF-8
+# ur_PK UTF-8
+# uz_UZ ISO-8859-1
+# uz_UZ.UTF-8 UTF-8
+# uz_UZ@cyrillic UTF-8
+# ve_ZA UTF-8
+# vi_VN UTF-8
+# wa_BE ISO-8859-1
+# wa_BE.UTF-8 UTF-8
+# wa_BE@euro ISO-8859-15
+# wae_CH UTF-8
+# wal_ET UTF-8
+# wo_SN UTF-8
+# xh_ZA ISO-8859-1
+# xh_ZA.UTF-8 UTF-8
+# yi_US CP1255
+# yi_US.UTF-8 UTF-8
+# yo_NG UTF-8
+# yue_HK UTF-8
+# zh_CN GB2312
+# zh_CN.GB18030 GB18030
+# zh_CN.GBK GBK
+# zh_CN.UTF-8 UTF-8
+# zh_HK BIG5-HKSCS
+# zh_HK.UTF-8 UTF-8
+# zh_SG GB2312
+# zh_SG.GBK GBK
+# zh_SG.UTF-8 UTF-8
+# zh_TW BIG5
+# zh_TW.EUC-TW EUC-TW
+# zh_TW.UTF-8 UTF-8
+# zu_ZA ISO-8859-1
+# zu_ZA.UTF-8 UTF-8
diff --git a/archived/__many_releases/etc/all/timezone b/archived/__many_releases/etc/all/timezone
new file mode 100644 (file)
index 0000000..94d5acc
--- /dev/null
@@ -0,0 +1 @@
+Europe/Berlin
diff --git a/archived/__many_releases/etc/raspi/greetd/config.toml b/archived/__many_releases/etc/raspi/greetd/config.toml
new file mode 100644 (file)
index 0000000..d7b50f8
--- /dev/null
@@ -0,0 +1,5 @@
+[terminal]
+vt = 7 
+[default_session]
+command = "~/.nonpath_bins/on_session_start.sh"
+user = "plom"
diff --git a/archived/__many_releases/etc/raspi/ssh/sshd_config b/archived/__many_releases/etc/raspi/ssh/sshd_config
new file mode 100644 (file)
index 0000000..e952cb3
--- /dev/null
@@ -0,0 +1,123 @@
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented.  Uncommented options override the
+# default value.
+
+Include /etc/ssh/sshd_config.d/*.conf
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
+
+# Ciphers and keying
+#RekeyLimit default none
+
+# Logging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+#PermitRootLogin prohibit-password
+PermitRootLogin no  # plomlompom's security rule
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+#PubkeyAuthentication yes
+
+# Expect .ssh/authorized_keys2 to be disregarded by default in future.
+#AuthorizedKeysFile    .ssh/authorized_keys .ssh/authorized_keys2
+
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+PasswordAuthentication no
+#PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+KbdInteractiveAuthentication no
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
+#GSSAPIKeyExchange no
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the KbdInteractiveAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via KbdInteractiveAuthentication may bypass
+# the setting of "PermitRootLogin prohibit-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and KbdInteractiveAuthentication to 'no'.
+UsePAM yes
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+X11Forwarding yes
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PermitTTY yes
+PrintMotd no
+#PrintLastLog yes
+#TCPKeepAlive yes
+#PermitUserEnvironment no
+#Compression delayed
+ClientAliveInterval 15
+#ClientAliveCountMax 3
+#UseDNS no
+#PidFile /run/sshd.pid
+#MaxStartups 10:30:100
+#PermitTunnel no
+#ChrootDirectory none
+#VersionAddendum none
+
+# no default banner path
+#Banner none
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+# override default of no subsystems
+Subsystem      sftp    /usr/lib/openssh/sftp-server
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+#      X11Forwarding no
+#      AllowTcpForwarding no
+#      PermitTTY no
+#      ForceCommand cvs server
diff --git a/archived/__many_releases/etc/raspi/systemd/system/throttle_cpu.service b/archived/__many_releases/etc/raspi/systemd/system/throttle_cpu.service
new file mode 100644 (file)
index 0000000..5b37f85
--- /dev/null
@@ -0,0 +1,13 @@
+[Unit]
+Description=Monitor temperature to throttle CPU if necessary
+After=network.target
+
+[Service]
+Type=simple
+ExecStart=/root/throttle_cpu.sh
+Restart=always
+RestartSec=10
+User=root
+
+[Install]
+WantedBy=multi-user.target
diff --git a/archived/__many_releases/home/all/.bashrc b/archived/__many_releases/home/all/.bashrc
new file mode 100644 (file)
index 0000000..1b592d8
--- /dev/null
@@ -0,0 +1,29 @@
+# Settings for interactive shells.
+
+# Fancy colors for ls.
+alias ls="ls --color=auto"
+
+# Other helpful aliases
+alias sshauth='eval $(ssh-agent) && ssh-add'
+
+# Use vim as default editor for anything.
+export VISUAL=vim
+export EDITOR=$VISUAL
+
+# Colored prompt with username, hostname, date/time, directory.
+colornumber=7 # Default to white if no color set via colornumber dotfile.
+colornumber_file=~/.shell_prompt_color
+if [ -f $colornumber_file ]; then
+    colornumber=`cat $colornumber_file`
+fi
+tput_color="$(tput setaf $colornumber)$(tput bold)"
+tput_reset="$(tput sgr0)"
+# Bash confuses the line length when not told to not count escape sequences.
+if [ ! "$BASH" = "" ]; then
+    tput_color="\[$tput_color\]"
+    tput_reset="\[$tput_reset\]"
+fi
+PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset"
+PS2="${tput_color}> $tput_reset"
+PS3="${tput_color}select: $tput_reset"
+PS4="${tput_color}+ $tput_reset"
diff --git a/archived/__many_releases/home/all/.gitconfig b/archived/__many_releases/home/all/.gitconfig
new file mode 100644 (file)
index 0000000..8967d25
--- /dev/null
@@ -0,0 +1,3 @@
+[user]
+       email = c.heller@plomlompom.de
+       name = Christian Heller
diff --git a/archived/__many_releases/home/raspi/.config/mpv/mpv.conf b/archived/__many_releases/home/raspi/.config/mpv/mpv.conf
new file mode 100644 (file)
index 0000000..1a4418e
--- /dev/null
@@ -0,0 +1,4 @@
+fullscreen=yes
+profile=fast
+vo=gpu
+ao=pulse
diff --git a/archived/__many_releases/home/raspi/.config/sway/config b/archived/__many_releases/home/raspi/.config/sway/config
new file mode 100644 (file)
index 0000000..e995681
--- /dev/null
@@ -0,0 +1,37 @@
+# because these are included by /etc/sway/config for probably good reason …
+include /etc/sway/config-vars.d/*
+include /etc/sway/config.d/*
+
+# simple green background
+output * background #559911 solid_color
+
+# keyboard layout
+input * xkb_layout "de"
+
+# waybar
+bar {
+  position top
+  status_command ~/.nonpath_bins/status.sh
+}
+
+# keybindings
+set $mod Mod4
+
+bindsym $mod+Return exec foot
+bindsym $mod+Shift+q kill
+bindsym $mod+Shift+p exit
+
+bindsym $mod+f fullscreen
+bindsym $mod+space focus mode_toggle
+bindsym $mod+Shift+space floating toggle
+
+bindsym $mod+Left focus left
+bindsym $mod+Down focus down
+bindsym $mod+Up focus up
+bindsym $mod+Right focus right
+
+bindsym $mod+Shift+Left move left
+bindsym $mod+Shift+Down move down
+bindsym $mod+Shift+Up move up
+bindsym $mod+Shift+Right move right
+
diff --git a/archived/__many_releases/home/raspi/.nonpath_bins/on_session_start.sh b/archived/__many_releases/home/raspi/.nonpath_bins/on_session_start.sh
new file mode 100755 (executable)
index 0000000..380e79f
--- /dev/null
@@ -0,0 +1,13 @@
+#!/usr/bin/sh
+# Iinitalize anything we want in our sessions opened by greetd.
+
+# Workaround to pulseaudio daemon somehow not respecting setting these with
+# ~/.config/pulse/default.pa – note that the first pactl call also seems
+# necessary, probably for forcing some init routines without which the pacmd
+# calls that follow won't work; TODO: find cleaner solutions 
+pactl list sinks > /dev/null
+pacmd set-default-sink alsa_output.platform-fef05700.hdmi.hdmi-stereo
+pacmd set-sink-volume alsa_output.platform-fef05700.hdmi.hdmi-stereo 65536 
+
+# Wayland environment.
+/usr/bin/sway
diff --git a/archived/__many_releases/home/raspi/.nonpath_bins/status.sh b/archived/__many_releases/home/raspi/.nonpath_bins/status.sh
new file mode 100755 (executable)
index 0000000..c58e8bf
--- /dev/null
@@ -0,0 +1,14 @@
+#!/bin/sh
+# see sway-bar(5) and swaybar-protocol(7)
+MEGA=1000
+GIGA=1000000
+printf '{ "version": 1 }\n[\n' 
+while true; do
+  printf '  [\n'
+  printf '    {"full_text": "%s"},\n' "$(ip -4 addr show scope global | grep -oP '(?<=inet\s)\d+(\.\d+){3}')"
+  printf '    {"full_text": "%d° C"},\n' $(calc "$(cat /sys/class/thermal/thermal_zone0/temp) // ${MEGA}")
+  printf '    {"full_text": "%.1f/%.1f GHz"},\n' $(calc "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq) / ${GIGA}") $(calc "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq) / ${GIGA}") 
+  printf '    {"full_text": "%s"},\n' "$(date +'%Y-%m-%d %X')"
+  printf '  ],\n'
+  sleep 1
+done
diff --git a/archived/__many_releases/home/raspi/.profile b/archived/__many_releases/home/raspi/.profile
new file mode 100644 (file)
index 0000000..d8c6f59
--- /dev/null
@@ -0,0 +1,10 @@
+# ~/.profile: executed by the command interpreter for login shells.
+
+# simplified defaults: read .bashrc, extend PATH by bin dirs
+. "$HOME/.bashrc"
+PATH="$HOME/.local/bin:$HOME/bin:$PATH"
+
+# to forward video on commands run via SSH login to screen we expect connected 
+if [ -n "$SSH_CONNECTION" ]; then
+  export WAYLAND_DISPLAY=wayland-1 
+fi
diff --git a/archived/__many_releases/home/raspi_root/throttle_cpu.sh b/archived/__many_releases/home/raspi_root/throttle_cpu.sh
new file mode 100755 (executable)
index 0000000..b5f533d
--- /dev/null
@@ -0,0 +1,35 @@
+#!/bin/sh
+set -e
+
+MED_TEMP=85000
+MAX_TEMP=95000
+
+MIN_FREQ=600000
+MED_FREQ=1000000
+MAX_FREQ=1500000
+
+PATH_TEMP='/sys/class/thermal/thermal_zone0/temp'
+
+set_max_freq() {
+  for cpu in /sys/devices/system/cpu/cpu[0-9]*; do
+    echo "$1" > "$cpu/cpufreq/scaling_max_freq" 
+  done
+  echo "$1"
+}
+
+freq_set=$(set_max_freq "${MIN_FREQ}")
+while true; do
+  temp=$(cat "${PATH_TEMP}")
+  if [ "${temp}" -ge "${MAX_TEMP}" ]; then
+    if [ "${freq_set}" -gt "${MIN_FREQ}" ]; then
+      freq_set=$(set_max_freq "${MIN_FREQ}")
+    fi
+  elif [ "${temp}" -ge "${MED_TEMP}" ]; then
+    if [ "${freq_set}" -gt "${MED_FREQ}" ]; then
+      freq_set=$(set_max_freq "${MED_FREQ}")
+    fi
+  elif [ "${freq_set}" -lt "${MAX_FREQ}" ]; then 
+    freq_set=$(set_max_freq "${MAX_FREQ}")
+  fi 
+  sleep 1
+done
diff --git a/archived/__many_releases/home/root/.shell_prompt_color b/archived/__many_releases/home/root/.shell_prompt_color
new file mode 100644 (file)
index 0000000..d00491f
--- /dev/null
@@ -0,0 +1 @@
+1
diff --git a/archived/__many_releases/scripts/_misc.sh b/archived/__many_releases/scripts/_misc.sh
new file mode 100644 (file)
index 0000000..941bc4d
--- /dev/null
@@ -0,0 +1,172 @@
+#!/bin/sh
+set -e
+
+export DEBIAN_FRONTEND=noninteractive
+
+expect_min_n_args() {
+    min_args="$1"
+    explainer="$2"
+    shift 2
+    if [ "$#" -lt "${min_args}" ]; then
+        echo "Need at least ${min_args} arguments … ${explainer}"
+        false
+    fi
+}
+
+copy_dirtree() {
+    # Copy files in argument-selected subdirectories of $1 to subdirectories
+    # of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2
+    # of "" and $3 of "all", copy files below etc_files/all such as
+    # etc_files/all/etc/foo/bar to equivalent locations below / such as
+    # /etc/foo/bar. Create directories as necessary. Multiple arguments after
+    # $3 are possible.
+    #
+    # CAUTION: This overwrites original files at the affected paths.
+    expect_min_n_args 3 "(source root, target root, modules)" "$@"
+    source_root="$1"
+    target_root="$2"
+    shift 2
+    modules="$@"
+    initial_directory="$(pwd)"
+    for module in ${modules}; do
+       module_path="${source_root}/${module}"
+       if [ ! -d "${module_path}" ]; then
+           continue
+       fi
+       cd "${module_path}"
+        for path in $(find . -type f); do
+            target_path="${target_root}"$(echo "${path}" | cut -c2-)
+            source_path=$(realpath "${path}")
+            dir=$(dirname "${target_path}")
+            mkdir -p "${dir}"
+            cp "${source_path}" "${target_path}"
+        done
+        cd "${initial_directory}"
+    done
+}
+
+install_for_modules() {
+    # Walk through the package names in the argument-selected files of
+    # apt-mark/ and ensures the respective packages are installed.
+    #
+    # Caution: Ignores anything in an apt-mark/ file after the last newline,
+    # so make sure there's nothing meaningful thereafter.
+    expect_min_n_args 2 "(apt_mark_dir, modules)" "$@"
+    apt_mark_dir="$1"
+    shift 1
+    modules="$@"
+    for module in ${modules}; do
+        path="${apt_mark_dir}/${module}"
+        if [ ! -f "${path}" ]; then
+            continue
+        fi
+        cat "${path}" | while read line; do
+            echo "$line"
+            if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
+                apt-get -y -o Dpkg::Options::="--force-confnew" install "${line}"
+            fi
+        done
+    done
+}
+
+mark_nonrequireds_auto() {
+    path_list_unsorted='/tmp/list_unsorted'
+    path_list_all_packages='/tmp/list_all_packages'
+    path_list_white='/tmp/list_white'
+    path_list_black='/tmp/list_black'
+    dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > "${path_list_unsorted}"
+    sort "${path_list_unsorted}" | uniq > "${path_list_white}"
+    dpkg-query -Wf '${Package}\n' > "${path_list_unsorted}"
+    sort "${path_list_unsorted}" | uniq > "${path_list_all_packages}"
+    comm -3 "${path_list_all_packages}" "${path_list_white}" > "${path_list_black}"
+    apt-mark auto `cat "${path_list_black}"`
+    rm "${path_list_unsorted}" "${path_list_all_packages}" "${path_list_white}" "${path_list_black}"
+}
+
+upgrade_from_older_release() {
+    # Upgrade system to calling context's Debian release.
+    # Caution: Don't expect any customized /etc files to surivive this!
+    path_sources_list='/apt/sources.list'
+    apt update
+    apt -y -o Dpkg::Options::='--force-confnew' upgrade
+    apt -y -o Dpkg::Options::='--force-confnew' full-upgrade
+    cp "../etc/all${path_sources_list}" "/etc${path_sources_list}"
+    apt clean
+    apt update
+    apt -y -o Dpkg::Options::='--force-confnew' upgrade
+    apt -y -o Dpkg::Options::='--force-confnew' full-upgrade
+    apt -y autoremove
+}
+
+add_my_public_key() {
+    # NB: vars expected to be pulled in from caller previously calling constants.sh!
+    apt update
+    apt -y install wget
+    wget "${URL_PUBLIC_KEY}"
+    cat "${FILENAME_PUBLIC_KEY}" >> "${PATH_AUTHORIZED_KEYS}"
+    rm "${FILENAME_PUBLIC_KEY}"
+}
+
+setup_for_raspi() {
+    # NB: vars expected to be pulled in from caller previously calling constants.sh!
+
+    # ensure we can log in
+    add_my_public_key
+    # (alternatively, or preceding this to reduce non-remote typing, TEMPORARILY
+    # (!) set password login:)
+    # passwd
+    # echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
+
+    # migrate to testing
+    upgrade_from_older_release
+
+    # on installing console-setup, will guide it to do the right thing (including
+    # re-writing /etc/default/keyboard)
+    echo 'XKBLAYOUT=de' > /etc/default/keyboard
+
+    # properly configure apt and reduce system to minimum that satisfies our own
+    # aptmark/ package lists
+    for root in ${ROOTS_HERE_AND_MANY}; do
+        copy_dirtree "${root}/${PATH_REL_ETC}/all" '/etc/apt' apt
+    done
+    apt update
+    mark_nonrequireds_auto
+    for root in ${ROOTS_HERE_AND_MANY}; do
+        install_for_modules "${root}/${PATH_REL_APTMARK}" all raspi
+    done
+    apt -y --purge autoremove
+    for root in ${ROOTS_HERE_AND_MANY}; do
+        copy_dirtree "${root}/${PATH_REL_ETC}" '/etc' all raspi
+    done
+
+    # Ensure our desired locale is available.
+    locale-gen
+
+    # Set Berlin localtime.
+    ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
+    ntpdate-debian
+
+    # so Sway won't complain about failing to access non-existant background image file
+    sed -i '/^output \* bg/ s/^/#/' /etc/sway/config
+
+    # Set up root environment.
+    for root in ${ROOTS_HERE_AND_MANY}; do
+        copy_dirtree "${root}/${PATH_REL_HOME}" '/root' all root raspi_root
+    done
+
+    # Set up user and their environment.
+    adduser --disabled-password --gecos "" "${USERNAME}"
+    usermod -a -G sudo "${USERNAME}"
+    for root in ${ROOTS_HERE_AND_MANY}; do
+        copy_dirtree "${root}/${PATH_REL_HOME}" "${PATH_USER_HOME}" all desktop raspi
+    done
+    mkdir "${PATH_USER_SSH}"
+    cp "${PATH_AUTHORIZED_KEYS}" "${PATH_USER_SSH}"
+    chown -R "${USERNAME}:${USERNAME}" "${PATH_USER_HOME}"
+    passwd "${USERNAME}"
+    rm "${PATH_AUTHORIZED_KEYS}"
+
+    # Activate /root/throttle_cpu.sh daemonization.
+    systemctl enable throttle_cpu.service
+    systemctl start throttle_cpu.service
+}
diff --git a/archived/all_new_2018/apt-mark/all b/archived/all_new_2018/apt-mark/all
deleted file mode 100644 (file)
index f748f3b..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client
-# unpredictably so
-ifupdown
-isc-dhcp-client
-# git for the setup directory; cloning works with ca-certificates
-ca-certificates
-git
-# to avoid constant warnings about no locale being found
-locales
diff --git a/archived/all_new_2018/apt-mark/server b/archived/all_new_2018/apt-mark/server
deleted file mode 100644 (file)
index 4f7fc5d..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-# needed to log in to server via ssh
-openssh-server
-# provides /etc/inputrc and understanding of ctrl+arrow key combos
-readline-common
-# provides systemd scripts that configure iptables via /etc/iptables/*
-iptables-persistent
-# this line is here because the shell "read" in install_for_target.sh ignores lines without final newline
\ No newline at end of file
diff --git a/archived/all_new_2018/borg.sh b/archived/all_new_2018/borg.sh
deleted file mode 100755 (executable)
index 18321b1..0000000
+++ /dev/null
@@ -1,145 +0,0 @@
-#!/bin/sh
-set -e
-
-standard_repo="borg"
-config_file="${HOME}/.borgrepos"
-
-usage() {
-    echo "Need operation as argument, one of:"
-    echo "init"
-    echo "store"
-    echo "check"
-    echo "export_keyfiles"
-    echo "orgpush"
-    echo "orgpull"
-    false
-}
-
-read_pw() {
-    if [ "${#SSH_AGENT_PID}" -eq 0 ]; then
-        eval $(ssh-agent)
-        echo "ssh-add"
-        stty -echo
-        ssh-add
-        stty echo
-    fi
-    if [ "${#BORG_PASSPHRASE}" -eq 0 ]; then
-        stty -echo
-        printf "Borg passphrase: "
-        read password
-        stty echo
-        printf "\n"
-        export BORG_PASSPHRASE="${password}"
-    fi
-}
-
-if [ ! -f "${config_file}" ]; then
-    echo '# file read ends at last newline' >> "${config_file}"
-fi
-if [ "$#" -lt 1 ]; then
-    usage
-fi
-first_arg="$1"
-shift
-if [ "${first_arg}" = "init" ]; then
-    if [ ! "$#" -eq 1 ]; then
-        echo "Need exactly one argument: target of form user@server"
-        false
-    fi
-    target="$1"
-    echo "Initializing: ${target}"
-    borg init --verbose --encryption=keyfile "${target}:${standard_repo}"
-    tmp_file="/tmp/new_borgrepos"
-    echo "${target}" > "${tmp_file}"
-    cat "${config_file}" >> "${tmp_file}"
-    cp "${tmp_file}" "${config_file}"
-elif [ "${first_arg}" = "store" ]; then
-    if [ ! "$#" -eq 2 ]; then
-        echo "Need precisely two arguments: archive name and path to archive."
-        false
-    fi
-    archive_name=$1
-    shift
-    to_backup="$@"
-    read_pw
-    cat "${config_file}" | while read line; do
-        first_char=$(echo "${line}" | cut -c1)
-        if [ "${first_char}" = "#" ]; then
-            continue
-        fi
-        repo="${line}:${standard_repo}"
-        archive="${repo}::${archive_name}-{utcnow:%Y-%m-%dT%H:%M}"
-        echo "Creating archive: ${archive}"
-        borg create --verbose --list "${archive}" "${to_backup}"
-    done
-elif [ "${first_arg}" = "check" ]; then
-    if [ ! "$#" -eq 0 ]; then
-        echo "Need no arguments"
-        false
-    fi
-    read_pw
-    cat "${config_file}" | while read line; do
-        first_char=$(echo "${line}" | cut -c1)
-        if [ "${first_char}" = "#" ]; then
-            continue
-        fi
-        repo="${line}:${standard_repo}"
-        echo "Checking repo: ${repo}"
-        borg check --verbose "${repo}"
-    done
-elif [ "${first_arg}" = "export_keyfiles" ]; then
-    if [ ! "$#" -eq 1 ]; then
-        echo "Need output tar file name."
-        false
-    fi
-    tar_target="${1}"
-    tmp_dir="${HOME}/.borgtmp"
-    keyfiles_dir="${tmp_dir}/borg_keyfiles"
-    mkdir -p "${keyfiles_dir}"
-    cat "${config_file}" | while read line; do
-        first_char=$(echo "${line}" | cut -c1)
-        if [ "${first_char}" = "#" ]; then
-            continue
-        fi
-        repo="${line}:${standard_repo}"
-        borg key export "${repo}" "${keyfiles_dir}/${line}"
-    done
-    cur_dir="$(pwd)"
-    cd "${tmp_dir}"
-    target=$(basename "${keyfiles_dir}")
-    tar cf "${tar_target}" "${target}"
-    mv "${tar_target}" "${cur_dir}"
-    cd
-    rm -rf "${tmp_dir}"
-elif [ "${first_arg}" = "orgpush" ]; then
-    archive_name="orgdir"
-    to_backup=~/org
-    read_pw
-    cat "${config_file}" | while read line; do
-        first_char=$(echo "${line}" | cut -c1)
-        if [ "${first_char}" = "#" ]; then
-            continue
-        fi
-        repo="${line}:${standard_repo}"
-        archive="${repo}::${archive_name}-{utcnow:%Y-%m-%dT%H:%M}"
-        echo "Creating archive: ${archive}"
-        borg create --verbose --list "${archive}" "${to_backup}" --exclude ~/org/.git
-    done
-elif [ "${first_arg}" = "orgpull" ]; then
-    archive_name="orgdir"
-    read_pw
-    cd /
-    cat "${config_file}" | while read line; do
-        first_char=$(echo "${line}" | cut -c1)
-        if [ "${first_char}" = "#" ]; then
-            continue
-        fi
-        repo="${line}:${standard_repo}"
-        archive=$(borg list "${repo}" | grep "${orgdir}" | tail -1 | cut -f1 -d' ')
-        echo "Pulling archive: ${archive}"
-        borg extract --verbose "${repo}::${archive}"
-        break
-    done
-else
-    usage
-fi
diff --git a/archived/all_new_2018/linkable_etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies b/archived/all_new_2018/linkable_etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies
deleted file mode 100644 (file)
index 4aaef79..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-APT::AutoRemove::RecommendsImportant "false";
-APT::AutoRemove::SuggestsImportant "false";
-APT::Install-Recommends "false";
-APT::Install-Suggests "false";
diff --git a/archived/all_new_2018/linkable_etc_files/all/etc/apt/sources.list b/archived/all_new_2018/linkable_etc_files/all/etc/apt/sources.list
deleted file mode 100644 (file)
index 68064c6..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-deb http://deb.debian.org/debian stretch main contrib non-free
-deb http://deb.debian.org/debian-security/ stretch/updates main contrib non-free
-deb http://deb.debian.org/debian stretch-updates main contrib non-free
-deb http://ftp.debian.org/debian stretch-backports main contrib non-free
\ No newline at end of file
diff --git a/archived/all_new_2018/linkable_etc_files/all/etc/locale.gen b/archived/all_new_2018/linkable_etc_files/all/etc/locale.gen
deleted file mode 100644 (file)
index a28cfa4..0000000
+++ /dev/null
@@ -1,483 +0,0 @@
-# This file lists locales that you wish to have built. You can find a list
-# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
-# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
-# this file, you need to rerun locale-gen.
-
-
-# aa_DJ ISO-8859-1
-# aa_DJ.UTF-8 UTF-8
-# aa_ER UTF-8
-# aa_ER@saaho UTF-8
-# aa_ET UTF-8
-# af_ZA ISO-8859-1
-# af_ZA.UTF-8 UTF-8
-# ak_GH UTF-8
-# am_ET UTF-8
-# an_ES ISO-8859-15
-# an_ES.UTF-8 UTF-8
-# anp_IN UTF-8
-# ar_AE ISO-8859-6
-# ar_AE.UTF-8 UTF-8
-# ar_BH ISO-8859-6
-# ar_BH.UTF-8 UTF-8
-# ar_DZ ISO-8859-6
-# ar_DZ.UTF-8 UTF-8
-# ar_EG ISO-8859-6
-# ar_EG.UTF-8 UTF-8
-# ar_IN UTF-8
-# ar_IQ ISO-8859-6
-# ar_IQ.UTF-8 UTF-8
-# ar_JO ISO-8859-6
-# ar_JO.UTF-8 UTF-8
-# ar_KW ISO-8859-6
-# ar_KW.UTF-8 UTF-8
-# ar_LB ISO-8859-6
-# ar_LB.UTF-8 UTF-8
-# ar_LY ISO-8859-6
-# ar_LY.UTF-8 UTF-8
-# ar_MA ISO-8859-6
-# ar_MA.UTF-8 UTF-8
-# ar_OM ISO-8859-6
-# ar_OM.UTF-8 UTF-8
-# ar_QA ISO-8859-6
-# ar_QA.UTF-8 UTF-8
-# ar_SA ISO-8859-6
-# ar_SA.UTF-8 UTF-8
-# ar_SD ISO-8859-6
-# ar_SD.UTF-8 UTF-8
-# ar_SS UTF-8
-# ar_SY ISO-8859-6
-# ar_SY.UTF-8 UTF-8
-# ar_TN ISO-8859-6
-# ar_TN.UTF-8 UTF-8
-# ar_YE ISO-8859-6
-# ar_YE.UTF-8 UTF-8
-# as_IN UTF-8
-# ast_ES ISO-8859-15
-# ast_ES.UTF-8 UTF-8
-# ayc_PE UTF-8
-# az_AZ UTF-8
-# be_BY CP1251
-# be_BY.UTF-8 UTF-8
-# be_BY@latin UTF-8
-# bem_ZM UTF-8
-# ber_DZ UTF-8
-# ber_MA UTF-8
-# bg_BG CP1251
-# bg_BG.UTF-8 UTF-8
-# bhb_IN.UTF-8 UTF-8
-# bho_IN UTF-8
-# bn_BD UTF-8
-# bn_IN UTF-8
-# bo_CN UTF-8
-# bo_IN UTF-8
-# br_FR ISO-8859-1
-# br_FR.UTF-8 UTF-8
-# br_FR@euro ISO-8859-15
-# brx_IN UTF-8
-# bs_BA ISO-8859-2
-# bs_BA.UTF-8 UTF-8
-# byn_ER UTF-8
-# ca_AD ISO-8859-15
-# ca_AD.UTF-8 UTF-8
-# ca_ES ISO-8859-1
-# ca_ES.UTF-8 UTF-8
-# ca_ES.UTF-8@valencia UTF-8
-# ca_ES@euro ISO-8859-15
-# ca_ES@valencia ISO-8859-15
-# ca_FR ISO-8859-15
-# ca_FR.UTF-8 UTF-8
-# ca_IT ISO-8859-15
-# ca_IT.UTF-8 UTF-8
-# ce_RU UTF-8
-# chr_US UTF-8
-# cmn_TW UTF-8
-# crh_UA UTF-8
-# cs_CZ ISO-8859-2
-# cs_CZ.UTF-8 UTF-8
-# csb_PL UTF-8
-# cv_RU UTF-8
-# cy_GB ISO-8859-14
-# cy_GB.UTF-8 UTF-8
-# da_DK ISO-8859-1
-# da_DK.UTF-8 UTF-8
-# de_AT ISO-8859-1
-# de_AT.UTF-8 UTF-8
-# de_AT@euro ISO-8859-15
-# de_BE ISO-8859-1
-# de_BE.UTF-8 UTF-8
-# de_BE@euro ISO-8859-15
-# de_CH ISO-8859-1
-# de_CH.UTF-8 UTF-8
-# de_DE ISO-8859-1
-# de_DE.UTF-8 UTF-8
-# de_DE@euro ISO-8859-15
-# de_IT ISO-8859-1
-# de_IT.UTF-8 UTF-8
-# de_LI.UTF-8 UTF-8
-# de_LU ISO-8859-1
-# de_LU.UTF-8 UTF-8
-# de_LU@euro ISO-8859-15
-# doi_IN UTF-8
-# dv_MV UTF-8
-# dz_BT UTF-8
-# el_CY ISO-8859-7
-# el_CY.UTF-8 UTF-8
-# el_GR ISO-8859-7
-# el_GR.UTF-8 UTF-8
-# en_AG UTF-8
-# en_AU ISO-8859-1
-# en_AU.UTF-8 UTF-8
-# en_BW ISO-8859-1
-# en_BW.UTF-8 UTF-8
-# en_CA ISO-8859-1
-# en_CA.UTF-8 UTF-8
-# en_DK ISO-8859-1
-# en_DK.ISO-8859-15 ISO-8859-15
-# en_DK.UTF-8 UTF-8
-# en_GB ISO-8859-1
-# en_GB.ISO-8859-15 ISO-8859-15
-# en_GB.UTF-8 UTF-8
-# en_HK ISO-8859-1
-# en_HK.UTF-8 UTF-8
-# en_IE ISO-8859-1
-# en_IE.UTF-8 UTF-8
-# en_IE@euro ISO-8859-15
-# en_IL UTF-8
-# en_IN UTF-8
-# en_NG UTF-8
-# en_NZ ISO-8859-1
-# en_NZ.UTF-8 UTF-8
-# en_PH ISO-8859-1
-# en_PH.UTF-8 UTF-8
-# en_SG ISO-8859-1
-# en_SG.UTF-8 UTF-8
-# en_US ISO-8859-1
-# en_US.ISO-8859-15 ISO-8859-15
-en_US.UTF-8 UTF-8
-# en_ZA ISO-8859-1
-# en_ZA.UTF-8 UTF-8
-# en_ZM UTF-8
-# en_ZW ISO-8859-1
-# en_ZW.UTF-8 UTF-8
-# eo UTF-8
-# es_AR ISO-8859-1
-# es_AR.UTF-8 UTF-8
-# es_BO ISO-8859-1
-# es_BO.UTF-8 UTF-8
-# es_CL ISO-8859-1
-# es_CL.UTF-8 UTF-8
-# es_CO ISO-8859-1
-# es_CO.UTF-8 UTF-8
-# es_CR ISO-8859-1
-# es_CR.UTF-8 UTF-8
-# es_CU UTF-8
-# es_DO ISO-8859-1
-# es_DO.UTF-8 UTF-8
-# es_EC ISO-8859-1
-# es_EC.UTF-8 UTF-8
-# es_ES ISO-8859-1
-# es_ES.UTF-8 UTF-8
-# es_ES@euro ISO-8859-15
-# es_GT ISO-8859-1
-# es_GT.UTF-8 UTF-8
-# es_HN ISO-8859-1
-# es_HN.UTF-8 UTF-8
-# es_MX ISO-8859-1
-# es_MX.UTF-8 UTF-8
-# es_NI ISO-8859-1
-# es_NI.UTF-8 UTF-8
-# es_PA ISO-8859-1
-# es_PA.UTF-8 UTF-8
-# es_PE ISO-8859-1
-# es_PE.UTF-8 UTF-8
-# es_PR ISO-8859-1
-# es_PR.UTF-8 UTF-8
-# es_PY ISO-8859-1
-# es_PY.UTF-8 UTF-8
-# es_SV ISO-8859-1
-# es_SV.UTF-8 UTF-8
-# es_US ISO-8859-1
-# es_US.UTF-8 UTF-8
-# es_UY ISO-8859-1
-# es_UY.UTF-8 UTF-8
-# es_VE ISO-8859-1
-# es_VE.UTF-8 UTF-8
-# et_EE ISO-8859-1
-# et_EE.ISO-8859-15 ISO-8859-15
-# et_EE.UTF-8 UTF-8
-# eu_ES ISO-8859-1
-# eu_ES.UTF-8 UTF-8
-# eu_ES@euro ISO-8859-15
-# eu_FR ISO-8859-1
-# eu_FR.UTF-8 UTF-8
-# eu_FR@euro ISO-8859-15
-# fa_IR UTF-8
-# ff_SN UTF-8
-# fi_FI ISO-8859-1
-# fi_FI.UTF-8 UTF-8
-# fi_FI@euro ISO-8859-15
-# fil_PH UTF-8
-# fo_FO ISO-8859-1
-# fo_FO.UTF-8 UTF-8
-# fr_BE ISO-8859-1
-# fr_BE.UTF-8 UTF-8
-# fr_BE@euro ISO-8859-15
-# fr_CA ISO-8859-1
-# fr_CA.UTF-8 UTF-8
-# fr_CH ISO-8859-1
-# fr_CH.UTF-8 UTF-8
-# fr_FR ISO-8859-1
-# fr_FR.UTF-8 UTF-8
-# fr_FR@euro ISO-8859-15
-# fr_LU ISO-8859-1
-# fr_LU.UTF-8 UTF-8
-# fr_LU@euro ISO-8859-15
-# fur_IT UTF-8
-# fy_DE UTF-8
-# fy_NL UTF-8
-# ga_IE ISO-8859-1
-# ga_IE.UTF-8 UTF-8
-# ga_IE@euro ISO-8859-15
-# gd_GB ISO-8859-15
-# gd_GB.UTF-8 UTF-8
-# gez_ER UTF-8
-# gez_ER@abegede UTF-8
-# gez_ET UTF-8
-# gez_ET@abegede UTF-8
-# gl_ES ISO-8859-1
-# gl_ES.UTF-8 UTF-8
-# gl_ES@euro ISO-8859-15
-# gu_IN UTF-8
-# gv_GB ISO-8859-1
-# gv_GB.UTF-8 UTF-8
-# ha_NG UTF-8
-# hak_TW UTF-8
-# he_IL ISO-8859-8
-# he_IL.UTF-8 UTF-8
-# hi_IN UTF-8
-# hne_IN UTF-8
-# hr_HR ISO-8859-2
-# hr_HR.UTF-8 UTF-8
-# hsb_DE ISO-8859-2
-# hsb_DE.UTF-8 UTF-8
-# ht_HT UTF-8
-# hu_HU ISO-8859-2
-# hu_HU.UTF-8 UTF-8
-# hy_AM UTF-8
-# hy_AM.ARMSCII-8 ARMSCII-8
-# ia_FR UTF-8
-# id_ID ISO-8859-1
-# id_ID.UTF-8 UTF-8
-# ig_NG UTF-8
-# ik_CA UTF-8
-# is_IS ISO-8859-1
-# is_IS.UTF-8 UTF-8
-# it_CH ISO-8859-1
-# it_CH.UTF-8 UTF-8
-# it_IT ISO-8859-1
-# it_IT.UTF-8 UTF-8
-# it_IT@euro ISO-8859-15
-# iu_CA UTF-8
-# ja_JP.EUC-JP EUC-JP
-# ja_JP.UTF-8 UTF-8
-# ka_GE GEORGIAN-PS
-# ka_GE.UTF-8 UTF-8
-# kk_KZ PT154
-# kk_KZ.RK1048 RK1048
-# kk_KZ.UTF-8 UTF-8
-# kl_GL ISO-8859-1
-# kl_GL.UTF-8 UTF-8
-# km_KH UTF-8
-# kn_IN UTF-8
-# ko_KR.EUC-KR EUC-KR
-# ko_KR.UTF-8 UTF-8
-# kok_IN UTF-8
-# ks_IN UTF-8
-# ks_IN@devanagari UTF-8
-# ku_TR ISO-8859-9
-# ku_TR.UTF-8 UTF-8
-# kw_GB ISO-8859-1
-# kw_GB.UTF-8 UTF-8
-# ky_KG UTF-8
-# lb_LU UTF-8
-# lg_UG ISO-8859-10
-# lg_UG.UTF-8 UTF-8
-# li_BE UTF-8
-# li_NL UTF-8
-# lij_IT UTF-8
-# ln_CD UTF-8
-# lo_LA UTF-8
-# lt_LT ISO-8859-13
-# lt_LT.UTF-8 UTF-8
-# lv_LV ISO-8859-13
-# lv_LV.UTF-8 UTF-8
-# lzh_TW UTF-8
-# mag_IN UTF-8
-# mai_IN UTF-8
-# mg_MG ISO-8859-15
-# mg_MG.UTF-8 UTF-8
-# mhr_RU UTF-8
-# mi_NZ ISO-8859-13
-# mi_NZ.UTF-8 UTF-8
-# mk_MK ISO-8859-5
-# mk_MK.UTF-8 UTF-8
-# ml_IN UTF-8
-# mn_MN UTF-8
-# mni_IN UTF-8
-# mr_IN UTF-8
-# ms_MY ISO-8859-1
-# ms_MY.UTF-8 UTF-8
-# mt_MT ISO-8859-3
-# mt_MT.UTF-8 UTF-8
-# my_MM UTF-8
-# nan_TW UTF-8
-# nan_TW@latin UTF-8
-# nb_NO ISO-8859-1
-# nb_NO.UTF-8 UTF-8
-# nds_DE UTF-8
-# nds_NL UTF-8
-# ne_NP UTF-8
-# nhn_MX UTF-8
-# niu_NU UTF-8
-# niu_NZ UTF-8
-# nl_AW UTF-8
-# nl_BE ISO-8859-1
-# nl_BE.UTF-8 UTF-8
-# nl_BE@euro ISO-8859-15
-# nl_NL ISO-8859-1
-# nl_NL.UTF-8 UTF-8
-# nl_NL@euro ISO-8859-15
-# nn_NO ISO-8859-1
-# nn_NO.UTF-8 UTF-8
-# nr_ZA UTF-8
-# nso_ZA UTF-8
-# oc_FR ISO-8859-1
-# oc_FR.UTF-8 UTF-8
-# om_ET UTF-8
-# om_KE ISO-8859-1
-# om_KE.UTF-8 UTF-8
-# or_IN UTF-8
-# os_RU UTF-8
-# pa_IN UTF-8
-# pa_PK UTF-8
-# pap_AW UTF-8
-# pap_CW UTF-8
-# pl_PL ISO-8859-2
-# pl_PL.UTF-8 UTF-8
-# ps_AF UTF-8
-# pt_BR ISO-8859-1
-# pt_BR.UTF-8 UTF-8
-# pt_PT ISO-8859-1
-# pt_PT.UTF-8 UTF-8
-# pt_PT@euro ISO-8859-15
-# quz_PE UTF-8
-# raj_IN UTF-8
-# ro_RO ISO-8859-2
-# ro_RO.UTF-8 UTF-8
-# ru_RU ISO-8859-5
-# ru_RU.CP1251 CP1251
-# ru_RU.KOI8-R KOI8-R
-# ru_RU.UTF-8 UTF-8
-# ru_UA KOI8-U
-# ru_UA.UTF-8 UTF-8
-# rw_RW UTF-8
-# sa_IN UTF-8
-# sat_IN UTF-8
-# sc_IT UTF-8
-# sd_IN UTF-8
-# sd_IN@devanagari UTF-8
-# se_NO UTF-8
-# sgs_LT UTF-8
-# shs_CA UTF-8
-# si_LK UTF-8
-# sid_ET UTF-8
-# sk_SK ISO-8859-2
-# sk_SK.UTF-8 UTF-8
-# sl_SI ISO-8859-2
-# sl_SI.UTF-8 UTF-8
-# so_DJ ISO-8859-1
-# so_DJ.UTF-8 UTF-8
-# so_ET UTF-8
-# so_KE ISO-8859-1
-# so_KE.UTF-8 UTF-8
-# so_SO ISO-8859-1
-# so_SO.UTF-8 UTF-8
-# sq_AL ISO-8859-1
-# sq_AL.UTF-8 UTF-8
-# sq_MK UTF-8
-# sr_ME UTF-8
-# sr_RS UTF-8
-# sr_RS@latin UTF-8
-# ss_ZA UTF-8
-# st_ZA ISO-8859-1
-# st_ZA.UTF-8 UTF-8
-# sv_FI ISO-8859-1
-# sv_FI.UTF-8 UTF-8
-# sv_FI@euro ISO-8859-15
-# sv_SE ISO-8859-1
-# sv_SE.ISO-8859-15 ISO-8859-15
-# sv_SE.UTF-8 UTF-8
-# sw_KE UTF-8
-# sw_TZ UTF-8
-# szl_PL UTF-8
-# ta_IN UTF-8
-# ta_LK UTF-8
-# tcy_IN.UTF-8 UTF-8
-# te_IN UTF-8
-# tg_TJ KOI8-T
-# tg_TJ.UTF-8 UTF-8
-# th_TH TIS-620
-# th_TH.UTF-8 UTF-8
-# the_NP UTF-8
-# ti_ER UTF-8
-# ti_ET UTF-8
-# tig_ER UTF-8
-# tk_TM UTF-8
-# tl_PH ISO-8859-1
-# tl_PH.UTF-8 UTF-8
-# tn_ZA UTF-8
-# tr_CY ISO-8859-9
-# tr_CY.UTF-8 UTF-8
-# tr_TR ISO-8859-9
-# tr_TR.UTF-8 UTF-8
-# ts_ZA UTF-8
-# tt_RU UTF-8
-# tt_RU@iqtelif UTF-8
-# ug_CN UTF-8
-# uk_UA KOI8-U
-# uk_UA.UTF-8 UTF-8
-# unm_US UTF-8
-# ur_IN UTF-8
-# ur_PK UTF-8
-# uz_UZ ISO-8859-1
-# uz_UZ.UTF-8 UTF-8
-# uz_UZ@cyrillic UTF-8
-# ve_ZA UTF-8
-# vi_VN UTF-8
-# wa_BE ISO-8859-1
-# wa_BE.UTF-8 UTF-8
-# wa_BE@euro ISO-8859-15
-# wae_CH UTF-8
-# wal_ET UTF-8
-# wo_SN UTF-8
-# xh_ZA ISO-8859-1
-# xh_ZA.UTF-8 UTF-8
-# yi_US CP1255
-# yi_US.UTF-8 UTF-8
-# yo_NG UTF-8
-# yue_HK UTF-8
-# zh_CN GB2312
-# zh_CN.GB18030 GB18030
-# zh_CN.GBK GBK
-# zh_CN.UTF-8 UTF-8
-# zh_HK BIG5-HKSCS
-# zh_HK.UTF-8 UTF-8
-# zh_SG GB2312
-# zh_SG.GBK GBK
-# zh_SG.UTF-8 UTF-8
-# zh_TW BIG5
-# zh_TW.EUC-TW EUC-TW
-# zh_TW.UTF-8 UTF-8
-# zu_ZA ISO-8859-1
-# zu_ZA.UTF-8 UTF-8
diff --git a/archived/all_new_2018/linkable_etc_files/all/etc/timezone b/archived/all_new_2018/linkable_etc_files/all/etc/timezone
deleted file mode 100644 (file)
index 94d5acc..0000000
+++ /dev/null
@@ -1 +0,0 @@
-Europe/Berlin
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/aliases b/archived/all_new_2018/linkable_etc_files/mail/etc/aliases
deleted file mode 100644 (file)
index 59c52b4..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-# /etc/aliases
-
-# As per RFC 2142.
-mailer-daemon: plom
-postmaster: plom
-hostmaster: plom
-usenet: plom
-news: plom
-webmaster: plom
-www: plom
-ftp: plom
-abuse: plom
-noc: plom
-security: plom
-root: plom
-
-# Personal aliases.
-plomlompom: plom
-christian.heller: plom
-christian_heller: plom
-christianheller: plom
-c.heller: plom
-heller: plom
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-auth.conf b/archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-auth.conf
deleted file mode 100644 (file)
index 4a8549c..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-# This is only necessary when we use dovecot's LMTP mechanism to receive
-# mail from postfix.
-auth_username_format = %Ln
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-lmtp.conf b/archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-lmtp.conf
deleted file mode 100644 (file)
index 097f04e..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-# Add sieve filtering.
-protocol lmtp {
-  mail_plugins = $mail_plugins sieve
-}
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-mail.conf b/archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-mail.conf
deleted file mode 100644 (file)
index 1ea9178..0000000
+++ /dev/null
@@ -1 +0,0 @@
-mail_privileged_group = mail
\ No newline at end of file
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-master.conf b/archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-master.conf
deleted file mode 100644 (file)
index f8c5b43..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-service auth {
-  unix_listener auth-userdb {
-  }
-
-  unix_listener /var/spool/postfix/private/auth {
-       mode = 0660
-       user = postfix
-       group = postfix
-  }
-}
-
-# We don't strictly need to provide a LMTP server to fetch mail from
-# postfix, but we do if we want to do sophisticated stuff like sieve
-# filtering on the way.
-service lmtp {
-  inet_listener lmtp {
-    address = 127.0.0.1
-    port = 2424
-  }
-}
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-ssl.conf b/archived/all_new_2018/linkable_etc_files/mail/etc/dovecot/conf.d/99-ssl.conf
deleted file mode 100644 (file)
index 7fa2f5f..0000000
+++ /dev/null
@@ -1 +0,0 @@
-ssl = required
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4 b/archived/all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4
deleted file mode 100644 (file)
index 2950321..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-*filter
-:INPUT DROP [0:0]
-:FORWARD DROP [0:0]
-:OUTPUT ACCEPT [0:0]
-# otherwise self-referential connections to local host will fail
--A INPUT -i lo -j ACCEPT
-# this enables ping etc.
--A INPUT -p icmp -j ACCEPT
-# tolerate any inbound connections requested by our server, no matter the port
--A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-# SSH
--A INPUT -p tcp --dport 22 -j ACCEPT
-# SMTP (allowing for STARTTLS); necessary for mail server to mail server banter
--A INPUT -p tcp --dport 25 -j ACCEPT
-# SMTPS, for mail server to mail user agent communication
--A INPUT -p tcp --dport 465 -j ACCEPT
-# IMAPS
--A INPUT -p tcp --dport 993 -j ACCEPT
-COMMIT
-# this last line is here because iptables-restore ignores the final command if no newline follows it
\ No newline at end of file
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/mailutils.conf b/archived/all_new_2018/linkable_etc_files/mail/etc/mailutils.conf
deleted file mode 100644 (file)
index 44efe26..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-# mailutils by default uses the FQDN as the mail domain name, fix this
-address {
-  email-domain REPLACE_maildomain_ECALPER;
-};
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/opendkim.conf b/archived/all_new_2018/linkable_etc_files/mail/etc/opendkim.conf
deleted file mode 100644 (file)
index dbd31b4..0000000
+++ /dev/null
@@ -1,86 +0,0 @@
-# This is a basic configuration that can easily be adapted to suit a standard
-# installation. For more advanced options, see opendkim.conf(5) and/or
-# /usr/share/doc/opendkim/examples/opendkim.conf.sample.
-
-# Log to syslog
-Syslog                 yes
-# Required to use local socket with MTAs that access the socket as a non-
-# privileged user (e.g. Postfix)
-UMask                  007
-
-# Sign for example.com with key in /etc/dkimkeys/dkim.key using
-# selector '2007' (e.g. 2007._domainkey.example.com)
-#Domain                        example.com
-#KeyFile               /etc/dkimkeys/dkim.key
-#Selector              2007
-Domain         REPLACE_Domain_ECALPER
-KeyFile                /etc/dkimkeys/REPLACE_Selector_ECALPER.private
-Selector       REPLACE_Selector_ECALPER
-
-# Commonly-used options; the commented-out versions show the defaults.
-#Canonicalization      simple
-#Mode                  sv
-#SubDomains            no
-#SubDomains    yes
-Canonicalization relaxed/simple
-
-# Socket smtp://localhost
-#
-# ##  Socket socketspec
-# ##
-# ##  Names the socket where this filter should listen for milter connections
-# ##  from the MTA.  Required.  Should be in one of these forms:
-# ##
-# ##  inet:port@address           to listen on a specific interface
-# ##  inet:port                   to listen on all interfaces
-# ##  local:/path/to/socket       to listen on a UNIX domain socket
-#
-#Socket                  inet:8892@localhost
-#Socket                        local:/var/run/opendkim/opendkim.sock
-Socket inet:12301@localhost
-
-##  PidFile filename
-###      default (none)
-###
-###  Name of the file where the filter should write its pid before beginning
-###  normal operations.
-#
-PidFile               /var/run/opendkim/opendkim.pid
-
-
-# Always oversign From (sign using actual From and a null From to prevent
-# malicious signatures header fields (From and/or others) between the signer
-# and the verifier.  From is oversigned by default in the Debian pacakge
-# because it is often the identity key used by reputation systems and thus
-# somewhat security sensitive.
-OversignHeaders                From
-
-##  ResolverConfiguration filename
-##      default (none)
-##
-##  Specifies a configuration file to be passed to the Unbound library that
-##  performs DNS queries applying the DNSSEC protocol.  See the Unbound
-##  documentation at http://unbound.net for the expected content of this file.
-##  The results of using this and the TrustAnchorFile setting at the same
-##  time are undefined.
-##  In Debian, /etc/unbound/unbound.conf is shipped as part of the Suggested
-##  unbound package
-
-# ResolverConfiguration     /etc/unbound/unbound.conf
-
-##  TrustAnchorFile filename
-##      default (none)
-##
-## Specifies a file from which trust anchor data should be read when doing
-## DNS queries and applying the DNSSEC protocol.  See the Unbound documentation
-## at http://unbound.net for the expected format of this file.
-
-TrustAnchorFile       /usr/share/dns/root.key
-
-##  Userid userid
-###      default (none)
-###
-###  Change to user "userid" before starting normal operation?  May include
-###  a group ID as well, separated from the userid by a colon.
-#
-UserID                opendkim
\ No newline at end of file
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/postfix/main.cf b/archived/all_new_2018/linkable_etc_files/mail/etc/postfix/main.cf
deleted file mode 100644 (file)
index 7074961..0000000
+++ /dev/null
@@ -1,59 +0,0 @@
-# See /usr/share/postfix/main.cf.dist for a commented, more complete version
-
-
-# Debian specific:  Specifying a file name will cause the first
-# line of that file to be used as the name.  The Debian default
-# is /etc/mailname.
-#myorigin = /etc/mailname
-
-smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
-biff = no
-
-# appending .domain is the MUA's job.
-append_dot_mydomain = no
-
-# Uncomment the next line to generate "delayed mail" warnings
-#delay_warning_time = 4h
-
-readme_directory = no
-
-# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
-# fresh installs.
-compatibility_level = 2
-
-# TLS parameters (excluding smtpd_tls_(cert|key)_file for own adaption below)
-smtpd_use_tls=yes
-smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
-smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
-
-# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
-# information on enabling SSL in the smtp client.
-
-smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
-myorigin = /etc/mailname
-myhostname = REPLACE_myhostname_ECALPER
-alias_maps = hash:/etc/aliases
-alias_database = hash:/etc/aliases
-mydestination = $myhostname localhost.$mydomain localhost REPLACE_mydomain_if_domainwide_ECALPER
-relayhost = 
-mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
-mailbox_size_limit = 0
-recipient_delimiter = +
-inet_interfaces = all
-inet_protocols = all
-
-# plomlompom-specific adaptions to allow TLS and SASL via LetsEncrypt/Dovecot.
-smtpd_tls_cert_file=/etc/letsencrypt/live/${myhostname}/fullchain.pem
-smtpd_tls_key_file=/etc/letsencrypt/live/${myhostname}/privkey.pem
-smtpd_sasl_type = dovecot
-smtpd_sasl_path = private/auth
-
-# connect to opendkim
-smtpd_milters = inet:localhost:12301
-non_smtpd_milters = inet:localhost:12301
-
-# transport mail to dovecot; not strictly needed, as even without this
-# postfix will throw mail to /var/mail/USER to be found by dovecot for
-# serving via IMAP etc.; but using dovecot's LMTP server for delivery
-# allows us to do stuff like dovecot-side sieve filtering.
-mailbox_transport = lmtp:inet:127.0.0.1:2424
\ No newline at end of file
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/postfix/master.cf b/archived/all_new_2018/linkable_etc_files/mail/etc/postfix/master.cf
deleted file mode 100644 (file)
index bce1262..0000000
+++ /dev/null
@@ -1,124 +0,0 @@
-#
-# Postfix master process configuration file.  For details on the format
-# of the file, see the master(5) manual page (command: "man 5 master" or
-# on-line: http://www.postfix.org/master.5.html).
-#
-# Do not forget to execute "postfix reload" after editing this file.
-#
-# ==========================================================================
-# service type  private unpriv  chroot  wakeup  maxproc command + args
-#               (yes)   (yes)   (no)    (never) (100)
-# ==========================================================================
-smtp      inet  n       -       y       -       -       smtpd
-#smtp      inet  n       -       y       -       1       postscreen
-#smtpd     pass  -       -       y       -       -       smtpd
-#dnsblog   unix  -       -       y       -       0       dnsblog
-#tlsproxy  unix  -       -       y       -       0       tlsproxy
-#submission inet n       -       y       -       -       smtpd
-#  -o syslog_name=postfix/submission
-#  -o smtpd_tls_security_level=encrypt
-#  -o smtpd_sasl_auth_enable=yes
-#  -o smtpd_reject_unlisted_recipient=no
-#  -o smtpd_client_restrictions=$mua_client_restrictions
-#  -o smtpd_helo_restrictions=$mua_helo_restrictions
-#  -o smtpd_sender_restrictions=$mua_sender_restrictions
-#  -o smtpd_recipient_restrictions=
-#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-#  -o milter_macro_daemon_name=ORIGINATING
-smtps     inet  n       -       y       -       -       smtpd
-  -o syslog_name=postfix/smtps
-  -o smtpd_tls_wrappermode=yes
-  -o smtpd_sasl_auth_enable=yes
-  -o smtpd_reject_unlisted_recipient=no
-#  -o smtpd_client_restrictions=$mua_client_restrictions
-#  -o smtpd_helo_restrictions=$mua_helo_restrictions
-#  -o smtpd_sender_restrictions=$mua_sender_restrictions
-#  -o smtpd_recipient_restrictions=
-#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-#  -o milter_macro_daemon_name=ORIGINATING
-#628       inet  n       -       y       -       -       qmqpd
-pickup    unix  n       -       y       60      1       pickup
-cleanup   unix  n       -       y       -       0       cleanup
-qmgr      unix  n       -       n       300     1       qmgr
-#qmgr     unix  n       -       n       300     1       oqmgr
-tlsmgr    unix  -       -       y       1000?   1       tlsmgr
-rewrite   unix  -       -       y       -       -       trivial-rewrite
-bounce    unix  -       -       y       -       0       bounce
-defer     unix  -       -       y       -       0       bounce
-trace     unix  -       -       y       -       0       bounce
-verify    unix  -       -       y       -       1       verify
-flush     unix  n       -       y       1000?   0       flush
-proxymap  unix  -       -       n       -       -       proxymap
-proxywrite unix -       -       n       -       1       proxymap
-smtp      unix  -       -       y       -       -       smtp
-relay     unix  -       -       y       -       -       smtp
-#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
-showq     unix  n       -       y       -       -       showq
-error     unix  -       -       y       -       -       error
-retry     unix  -       -       y       -       -       error
-discard   unix  -       -       y       -       -       discard
-local     unix  -       n       n       -       -       local
-virtual   unix  -       n       n       -       -       virtual
-lmtp      unix  -       -       y       -       -       lmtp
-anvil     unix  -       -       y       -       1       anvil
-scache    unix  -       -       y       -       1       scache
-#
-# ====================================================================
-# Interfaces to non-Postfix software. Be sure to examine the manual
-# pages of the non-Postfix software to find out what options it wants.
-#
-# Many of the following services use the Postfix pipe(8) delivery
-# agent.  See the pipe(8) man page for information about ${recipient}
-# and other message envelope options.
-# ====================================================================
-#
-# maildrop. See the Postfix MAILDROP_README file for details.
-# Also specify in main.cf: maildrop_destination_recipient_limit=1
-#
-maildrop  unix  -       n       n       -       -       pipe
-  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
-#
-# ====================================================================
-#
-# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
-#
-# Specify in cyrus.conf:
-#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
-#
-# Specify in main.cf one or more of the following:
-#  mailbox_transport = lmtp:inet:localhost
-#  virtual_transport = lmtp:inet:localhost
-#
-# ====================================================================
-#
-# Cyrus 2.1.5 (Amos Gouaux)
-# Also specify in main.cf: cyrus_destination_recipient_limit=1
-#
-#cyrus     unix  -       n       n       -       -       pipe
-#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
-#
-# ====================================================================
-# Old example of delivery via Cyrus.
-#
-#old-cyrus unix  -       n       n       -       -       pipe
-#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
-#
-# ====================================================================
-#
-# See the Postfix UUCP_README file for configuration details.
-#
-uucp      unix  -       n       n       -       -       pipe
-  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
-#
-# Other external delivery methods.
-#
-ifmail    unix  -       n       n       -       -       pipe
-  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
-bsmtp     unix  -       n       n       -       -       pipe
-  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
-scalemail-backend unix -       n       n       -       2       pipe
-  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
-mailman   unix  -       n       n       -       -       pipe
-  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
-  ${nexthop} ${user}
-
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/fetchmail.service b/archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/fetchmail.service
deleted file mode 100644 (file)
index dc8acb4..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=Run plom's fetchmail
-
-[Service]
-Type=oneshot
-User=plom
-# fetchmail returns 1 when no new mail, we want to catch that
-ExecStart=/bin/sh -c 'fetchmail || [ $? -eq 1 ]'
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/pingmail.service b/archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/pingmail.service
deleted file mode 100644 (file)
index e332114..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-[Unit]
-Description=Run pingmail check
-
-[Service]
-Type=oneshot
-User=plom
-ExecStart=/bin/sh -c '~/pingmail/pingmail check'
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/timers.target.wants/fetchmail.timer b/archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/timers.target.wants/fetchmail.timer
deleted file mode 100644 (file)
index c67e8e7..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=Run fetchmail once every minute
-
-[Timer]
-OnCalendar=*-*-* *:*:00
-
-[Install]
-WantedBy=timers.target
diff --git a/archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/timers.target.wants/pingmail.timer b/archived/all_new_2018/linkable_etc_files/mail/etc/systemd/system/timers.target.wants/pingmail.timer
deleted file mode 100644 (file)
index dba0c9f..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=Run pingmail check once every hour
-
-[Timer]
-OnCalendar=*-*-* *:00:00
-
-[Install]
-WantedBy=timers.target
diff --git a/archived/all_new_2018/linkable_etc_files/play/etc/systemd/system/encrypt_chatlogs.service b/archived/all_new_2018/linkable_etc_files/play/etc/systemd/system/encrypt_chatlogs.service
deleted file mode 100644 (file)
index d0fcb9c..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Pull website repo
-[Service]
-Type=oneshot
-User=plom
-ExecStart=/bin/sh -c '~/encrypter.sh'
diff --git a/archived/all_new_2018/linkable_etc_files/play/etc/systemd/system/timers.target.wants/encrypt_chatlogs.timer b/archived/all_new_2018/linkable_etc_files/play/etc/systemd/system/timers.target.wants/encrypt_chatlogs.timer
deleted file mode 100644 (file)
index 79a6e1e..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=Attempt encryption of old chatlogs once every minute.
-
-[Timer]
-OnCalendar=*-*-* *:*:00
-
-[Install]
-WantedBy=timers.target
\ No newline at end of file
diff --git a/archived/all_new_2018/linkable_etc_files/sendonly/etc/aliases b/archived/all_new_2018/linkable_etc_files/sendonly/etc/aliases
deleted file mode 100644 (file)
index 01e159c..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-# /etc/aliases
-postmaster: root
-root: plom@plomlompom.com
\ No newline at end of file
diff --git a/archived/all_new_2018/linkable_etc_files/sendonly/etc/postfix/main.cf b/archived/all_new_2018/linkable_etc_files/sendonly/etc/postfix/main.cf
deleted file mode 100644 (file)
index d081783..0000000
+++ /dev/null
@@ -1,38 +0,0 @@
-# See /usr/share/postfix/main.cf.dist for a commented, more complete version
-
-
-# Debian specific:  Specifying a file name will cause the first
-# line of that file to be used as the name.  The Debian default
-# is /etc/mailname.
-#myorigin = /etc/mailname
-
-smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
-biff = no
-
-# appending .domain is the MUA's job.
-append_dot_mydomain = no
-
-# Uncomment the next line to generate "delayed mail" warnings
-#delay_warning_time = 4h
-
-readme_directory = no
-
-# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
-# fresh installs.
-compatibility_level = 2
-
-# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
-# information on enabling SSL in the smtp client.
-
-smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
-myorigin = /etc/mailname
-myhostname = $myorigin
-alias_maps = hash:/etc/aliases
-alias_database = hash:/etc/aliases
-mydestination = $myhostname localhost.$mydomain localhost
-relayhost = 
-mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
-mailbox_size_limit = 0
-recipient_delimiter = +
-inet_interfaces = loopback-only
-inet_protocols = all
\ No newline at end of file
diff --git a/archived/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4 b/archived/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4
deleted file mode 100644 (file)
index 8e0b1f6..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-*filter
-:INPUT DROP [0:0]
-:FORWARD DROP [0:0]
-:OUTPUT ACCEPT [0:0]
-# otherwise self-referential connections to local host will fail
--A INPUT -i lo -j ACCEPT
-# tolerate any inbound connections requested by our server, no matter the port
--A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-# this enables ping etc.
--A INPUT -p icmp -j ACCEPT
-# SSH
--A INPUT -p tcp --dport 22 -j ACCEPT
-COMMIT
-# this last line is here because iptables-restore ignores the final command if no newline follows it
\ No newline at end of file
diff --git a/archived/all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config b/archived/all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config
deleted file mode 100644 (file)
index 89d08ac..0000000
+++ /dev/null
@@ -1,126 +0,0 @@
-#      $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
-
-# This is the sshd server system-wide configuration file.  See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented.  Uncommented options override the
-# default value.
-
-Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-PermitRootLogin no  # plomlompom's security rule
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#PubkeyAuthentication yes
-
-# Expect .ssh/authorized_keys2 to be disregarded by default in future.
-#AuthorizedKeysFile    .ssh/authorized_keys .ssh/authorized_keys2
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-#PasswordAuthentication yes
-#PermitEmptyPasswords no
-
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-ChallengeResponseAuthentication no
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-#GSSAPIStrictAcceptorCheck yes
-#GSSAPIKeyExchange no
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
-# PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin yes
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-X11Forwarding yes
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-PrintMotd no
-#PrintLastLog yes
-#TCPKeepAlive yes
-#UseLogin no
-#UsePrivilegeSeparation sandbox
-#PermitUserEnvironment no
-#Compression delayed
-#ClientAliveInterval 0
-#ClientAliveCountMax 3
-#UseDNS no
-#PidFile /var/run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
-
-# override default of no subsystems
-Subsystem sftp /usr/lib/openssh/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-#      X11Forwarding no
-#      AllowTcpForwarding no
-#      PermitTTY no
-#      ForceCommand cvs server
-
-ClientAliveInterval 120
-PasswordAuthentication no  # plomlompom's security rule
diff --git a/archived/all_new_2018/linkable_etc_files/web/etc/cron.d/certbot b/archived/all_new_2018/linkable_etc_files/web/etc/cron.d/certbot
deleted file mode 100644 (file)
index 1fd8aaf..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-# /etc/cron.d/certbot: crontab entries for the certbot package
-#
-# Upstream recommends attempting renewal twice a day
-#
-# Eventually, this will be an opportunity to validate certificates
-# haven't been revoked, etc.  Renewal will only occur if expiration
-# is within 30 days.
-SHELL=/bin/sh
-PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
-
-# plomlompom added the --webroot -w /var/www/html/ so that renewal
-# works with nginx running, and the nginx reload post-hook so that
-# the new certificates are linked to by nginx. Note that by default
-# we rely on the systemd timer service file instead of this cronjob,
-# but since both are installed by the certbot package to serve which
-# ever of the two is used, we cautiously adapt both of them too.
-0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(3600))' && certbot -q renew --webroot -w /var/www/html/ --post-hook "service nginx reload"
diff --git a/archived/all_new_2018/linkable_etc_files/web/etc/gitweb.conf b/archived/all_new_2018/linkable_etc_files/web/etc/gitweb.conf
deleted file mode 100644 (file)
index 71ce3c5..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
-# path to git projects (<project>.git)
-$projectroot = "/var/public_repos";
-
-# directory to use for temp files
-# explicitely set by Debian so it's probably a good choice
-$git_temp = "/tmp";
-
-# git-diff-tree(1) options to use for generated patches
-# we don't want to to guess renames, so empty
-@diff_opts = ();
-
-# Base path for where to find the repos for cloning.
-@git_base_url_list = ('https://REPLACE_fqdn_ECALPER/repos/clone');
-
-# allow snapshots
-$feature{'snapshot'}{'default'} = ['zip', 'tgz'];
-
-# insert header for GDPR compliance
-$site_header = "/var/www/header.html"
diff --git a/archived/all_new_2018/linkable_etc_files/web/etc/iptables/rules.v4 b/archived/all_new_2018/linkable_etc_files/web/etc/iptables/rules.v4
deleted file mode 100644 (file)
index 9b714c6..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-*filter
-:INPUT DROP [0:0]
-:FORWARD DROP [0:0]
-:OUTPUT ACCEPT [0:0]
-# otherwise self-referential connections to local host will fail
--A INPUT -i lo -j ACCEPT
-# tolerate any inbound connections requested by our server, no matter the port
--A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-# this enables ping etc.
--A INPUT -p icmp -j ACCEPT
-# SSH
--A INPUT -p tcp --dport 22 -j ACCEPT
-# HTTP
--A INPUT -p tcp --dport 80 -j ACCEPT
-# HTTPS
--A INPUT -p tcp --dport 443 -j ACCEPT
-COMMIT
-# this last line is here because iptables-restore ignores the final command if no newline follows it
\ No newline at end of file
diff --git a/archived/all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf b/archived/all_new_2018/linkable_etc_files/web/etc/nginx/nginx.conf
deleted file mode 100644 (file)
index f1be9e6..0000000
+++ /dev/null
@@ -1,84 +0,0 @@
-# system integration
-user www-data;
-worker_processes auto;
-pid /run/nginx.pid;
-
-# we need this for the xslt_stylesheet directive below
-#load_module modules/ngx_http_xslt_filter_module.so;
-
-# is expected even if empty
-events {
-}
-
-http {
-    # define content-type headers
-    types {
-        text/html html htm shtml;
-        text/css css;
-        text/xml xml;
-        text/plain txt sh rst md asc;
-        application/xhtml+xml xhtml;
-        application/pdf pdf;
-        image/jpeg jpg jpeg;
-        image/png png;
-    }
-    default_type application/octet_stream;
-    charset utf-8;
-
-    # logging deactivated due to GDPR
-    #access_log /var/log/nginx/access.log;
-    #error_log /var/log/nginx/error.log;
-
-    # HTTP server: only enforce HTTPS
-    server {
-        listen 80;
-        return 301 https://$host$request_uri;
-    }
-
-    # HTTPS server
-    server {
-        listen 443 ssl;
-        server_name REPLACE_fqdn_ECALPER;
-        ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
-        ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
-        root /var/www/html/;
-        index index.html index.htm index.nginx-debian.html;
-
-        # serve /var/www/public_repos/* for HTTPS git cloning
-        location ~ /repos/clone(/.*) {
-            include fastcgi_params;
-            fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
-            fastcgi_param GIT_HTTP_EXPORT_ALL "";
-            fastcgi_param GIT_PROJECT_ROOT /var/public_repos;
-            fastcgi_param PATH_INFO $1;
-            fastcgi_pass unix:/var/run/fcgiwrap.socket;
-        }
-
-        # gitweb static files
-        location /repos/static/ {
-            alias /usr/share/gitweb/static/;
-        }
-
-        # gitweb; this needs packages fcgiwrap and gitweb
-        location /repos/ {
-            include fastcgi_params;
-            fastcgi_param SCRIPT_FILENAME /usr/share/gitweb/gitweb.cgi;
-            fastcgi_param GITWEB_CONFIG /etc/gitweb.conf;
-            fastcgi_pass unix:/var/run/fcgiwrap.socket;
-        }
-
-        # login-protected IRC logs
-        location ~ /irclogs/([^/]+)/ {
-            auth_basic "$1 logs";
-            auth_basic_user_file /var/www/irclogs_pw/$1;
-            autoindex on;
-        }
-
-        ## entry for IRC logs
-        #location /irclogs/ {
-        #    autoindex on;
-        #    autoindex_format xml;
-        #    xslt_stylesheet /var/www/autoindex.xslt;
-        #}
-    }
-}
diff --git a/archived/all_new_2018/linkable_etc_files/web/etc/systemd/system/certbot.service b/archived/all_new_2018/linkable_etc_files/web/etc/systemd/system/certbot.service
deleted file mode 100644 (file)
index 0d20d1f..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=Certbot
-Documentation=file:///usr/share/doc/python-certbot-doc/html/index.html
-Documentation=https://letsencrypt.readthedocs.io/en/latest/
-[Service]
-# plomlompom added the --webroot -w /var/www/html/ so that renewal
-# works with nginx running, and the nginx reload post-hook so that
-# the new certificates are linked to by nginx.
-Type=oneshot
-ExecStart=/usr/bin/certbot -q renew --webroot -w /var/www/html/ --post-hook "service nginx reload"
-PrivateTmp=true
\ No newline at end of file
diff --git a/archived/all_new_2018/linkable_etc_files/web/etc/systemd/system/plomlombot.service b/archived/all_new_2018/linkable_etc_files/web/etc/systemd/system/plomlombot.service
deleted file mode 100644 (file)
index a4f6769..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=plomlombot screen
-
-[Service]
-Type=simple
-User=plom
-ExecStart=/bin/sh -c '~/plomlombot_daemon.sh'
-Restart=always
-
-[Install]
-WantedBy=multi-user.target
diff --git a/archived/all_new_2018/setup_scripts/add_encryption_key.sh b/archived/all_new_2018/setup_scripts/add_encryption_key.sh
deleted file mode 100755 (executable)
index 71a9488..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-set -e
-
-# Ensure we have a GPG target to encrypt to.
-if [ $# -lt 1 ]; then
-    echo "Need public key ID as argument."
-    false
-fi
-gpg_key="$1"
-
-config_tree_prefix="${HOME}/config/all_new_2018"
-apt -y install gnupg dirmngr
-keyservers='sks-keyservers.net/ keys.gnupg.net'
-set +e
-while true; do
-    do_break=0
-    for keyserver in $(echo "${keyservers}"); do
-        su plom -c "gpg --no-tty --keyserver $keyserver --recv-key ${gpg_key}"
-        if [ $? -eq "0" ]; then
-            do_break=1
-            break
-        fi
-        echo "Attempt with keyserver ${keyserver} unsuccessful, trying other."
-    done
-    if [ "${do_break}" -eq "1" ]; then
-        break
-    fi
-done
-set -e
-# TODO: We may remove dirmngr here if only this script installed it.
diff --git a/archived/all_new_2018/setup_scripts/hardlink_etc.sh b/archived/all_new_2018/setup_scripts/hardlink_etc.sh
deleted file mode 100755 (executable)
index 9d9acc2..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/sh
-# Hard link files to those in argument-selected subdirectories of
-# linkable_etc_files//, e.g. link /etc/foo/bar to
-# linkable_etc_files/$1/etc/foo/bar and so on. Create directories as
-# necessary. We do the hard linking so files that should be readable to
-# non-root in /etc/ remain so despite having a path below /root/, as
-# symbolic links point into /root/ without making the targets readable
-# to non-root.
-# CAUTION: This removes original files at the affected paths.
-set -e
-
-config_tree_prefix="${HOME}/config/all_new_2018"
-linkable_files_dir="${config_tree_prefix}/linkable_etc_files"
-
-for target in "$@"; do
-    cd "${linkable_files_dir}/${target}"
-    for path in $(find . -type f); do
-        linking=$(echo "${path}" | cut -c2-)
-        linked=$(realpath "${path}")
-        dir=$(dirname "${linking}")
-        mkdir -p "${dir}"
-        ln -f "${linked}" "${linking}"
-    done
-done
diff --git a/archived/all_new_2018/setup_scripts/init_user_and_keybased_login.sh b/archived/all_new_2018/setup_scripts/init_user_and_keybased_login.sh
deleted file mode 100755 (executable)
index 6a46c20..0000000
+++ /dev/null
@@ -1,52 +0,0 @@
-#!/bin/sh
-# This script turns a fresh server with password-based root access to
-# one of only key-based access and only to new non-root account plom.
-#
-# CAUTION: This is optimized for a *fresh* setup. It will overwrite any
-# pre-existing ~/.ssh/authorized_keys of user plom with one that solely
-# contains the local ~/.ssh/id_rsa.pub, and also any old
-# /etc/ssh/sshd_config.
-#
-# Dependencies: ssh, scp, sshpass, ~/.ssh/id_rsa.pub, properly
-# configured sshd_config file in reach.
-set -e
-
-# Location auf a sshd_config with "PermitRootLogin no" and
-# "PasswordAuthentication no".
-config_tree_prefix="${HOME}/config/all_new_2018"
-linkable_files_dir="${config_tree_prefix}/linkable_etc_files/server"
-system_path_sshd_config='/etc/ssh/sshd_config'
-local_path_sshd_config="${linkable_files_dir}/${system_path_sshd_config}"
-
-# Ensure we have a server name as argument.
-if [ $# -eq 0 ]; then
-    echo "Need server as argument."
-    false
-fi
-server="$1"
-
-# Ask for root password only once, sshpass will re-use it then often.
-stty -echo
-printf "Server root password: "
-read PW_ROOT
-stty echo
-printf "\n"
-export SSHPASS="${PW_ROOT}"
-
-# Create user plom, and his ~/.ssh/authorized_keys based on the local
-# ~/.ssh/id_rsa.pub; ensure the result has proper permissions and
-# ownerships. Then disable root and pw login by copying over the
-# sshd_config and restart ssh daemon.
-#
-# This could be a line or two shorter by using ssh-copy-id, but that
-# would require setting a password for user plom otherwise not needed.
-sshpass -e scp ~/.ssh/id_rsa.pub root@"${server}":/tmp/authorized_keys
-sshpass -e ssh root@"${server}" \
-        'useradd -m plom && '\
-        'mkdir /home/plom/.ssh && '\
-        'chown plom:plom /home/plom/.ssh && '\
-        'chown plom:plom /tmp/authorized_keys && '\
-        'chmod u=rw,go= /tmp/authorized_keys && '\
-        'mv /tmp/authorized_keys /home/plom/.ssh/'
-sshpass -e scp "${local_path_sshd_config}" root@"${server}":"${system_path_sshd_config}"
-sshpass -e ssh root@"${server}" 'service ssh restart'
diff --git a/archived/all_new_2018/setup_scripts/install_for_target.sh b/archived/all_new_2018/setup_scripts/install_for_target.sh
deleted file mode 100755 (executable)
index 53914d6..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/sh
-# Walks through the package names in the argument-selected files of
-# apt-mark/ and ensures the respective packages are installed.
-#
-# Ignores anything in an apt-mark/ file after the last newline.
-set -e
-
-config_tree_prefix="${HOME}/config/all_new_2018"
-aptmark_dir="${config_tree_prefix}/apt-mark"
-
-for target in "$@"; do
-    path="${aptmark_dir}/${target}"
-    cat "${path}" | while read line; do
-        echo "$line"
-        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-            apt-get -y install "${line}"
-        fi
-    done
-done
diff --git a/archived/all_new_2018/setup_scripts/letsencrypt.sh b/archived/all_new_2018/setup_scripts/letsencrypt.sh
deleted file mode 100755 (executable)
index 29ed3b6..0000000
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/bin/sh
-# Certify current server with LetsEncrypt.
-# Uses hostname -f for the domain we want to certify.
-set -e
-
-# Ensure we have a mail address as argument.
-if [ $# -lt 1 ]; then
-    echo "Need mail address as argument."
-    false
-fi
-mail_address="$1"
-
-# We need certbot to get LetsEncrypt certificates.
-apt install -y certbot
-
-# If port 80 blocked by iptables, open it.
-set +e
-iptables -C INPUT -p tcp --dport 80 -j ACCEPT
-open_iptables="$?"
-set -e
-if [ "${open_iptables}" -eq "1" ]; then
-    iptables -A INPUT -p tcp --dport 80 -j ACCEPT
-fi
-
-# Create new certificate and copy it to /etc/letsencrypt.
-certbot certonly --standalone --agree-tos -m "${mail_address}" -d "$(hostname -f)"
-
-# Remove iptables rule to open port 80 if we added it.
-if [ "${open_iptables}" -eq "1" ]; then
-    iptables -D INPUT -p tcp --dport 80 -j ACCEPT
-fi
diff --git a/archived/all_new_2018/setup_scripts/letsencrypt_get.sh b/archived/all_new_2018/setup_scripts/letsencrypt_get.sh
deleted file mode 100755 (executable)
index c2b3e9f..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/sh
-# Copy over LetsEncrypt certificates from another server.
-set -e
-
-# Ensure we have a server name as argument.
-if [ $# -lt 1 ]; then
-    echo "Need server as argument."
-    false
-fi
-server="$1"
-
-# Copy over.
-ssh -t plom@${server} 'su -c "cd /etc/ && tar cf letsencrypt.tar letsencrypt && chown plom:plom letsencrypt.tar && mv letsencrypt.tar /home/plom/"'
-scp plom@${server}:~/letsencrypt.tar .
-apt -y install certbot
-rmdir /etc/letsencrypt
-mv letsencrypt.tar /etc/
-cd /etc/
-tar xf letsencrypt.tar
-rm letsencrypt.tar
diff --git a/archived/all_new_2018/setup_scripts/mirror_dir.sh b/archived/all_new_2018/setup_scripts/mirror_dir.sh
deleted file mode 100755 (executable)
index 0fc03aa..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/sh
-# Mirror directory tree from remote to local server, keeping the path.
-set -e
-
-if [ $# -lt 2 ]; then
-    echo "Need server and directory as arguments."
-    false
-fi
-server=$1
-dir=$2
-path_package=/tmp/delete.tar
-
-eval `ssh-agent`
-ssh-add
-cd
-ssh plom@"${server}" "cd \"${dir}\" && tar cf ${path_package} ."
-scp plom@"${server}":"${path_package}" "${path_package}"
-mkdir -p "${dir}"
-cd "${dir}"
-tar xf "${path_package}"
-cd
-rm "${path_package}"
-ssh plom@"${server}" rm "${path_package}"
diff --git a/archived/all_new_2018/setup_scripts/prepare_to_meet_server.sh b/archived/all_new_2018/setup_scripts/prepare_to_meet_server.sh
deleted file mode 100755 (executable)
index 13d05ca..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-# Do some of the steps necessary to SSH (key-based) with another server.
-set -e
-
-target="$1"
-
-# We need a public key to copy over, so generate it if not found.
-if [ ! -f ~/.ssh/id_rsa.pub ]; then
-    ssh-keygen
-fi
-
-# Add target to ~/.ssh/known_hosts so we don't get
-# asked for permission at inopportune moments.
-ssh-keyscan -H "$target" >> ~/.ssh/known_hosts
-
-# Tell user what to do.
-echo "APPEND FOLLOWING TO TARGET'S ~/.ssh/authorized_keys:"
-cat ~/.ssh/id_rsa.pub
diff --git a/archived/all_new_2018/setup_scripts/purge_nonrequireds.sh b/archived/all_new_2018/setup_scripts/purge_nonrequireds.sh
deleted file mode 100755 (executable)
index e444a55..0000000
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh
-# This script removes all Debian packages that are not of Priority
-# "required" or not depended on by packages of priority "required"
-# or not listed in the argument-selected files of apt-mark/.
-set -e
-
-config_tree_prefix="${HOME}/config/all_new_2018"
-aptmark_dir="${config_tree_prefix}/apt-mark"
-
-dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted
-for target in "$@"; do
-    path="${aptmark_dir}/${target}"
-    cat "${path}" | while read line; do
-        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-            echo "${line}" >> /tmp/list_white_unsorted
-        fi
-    done
-done
-sort /tmp/list_white_unsorted > /tmp/list_white
-dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages
-sort /tmp/list_all_packages > /tmp/foo
-mv /tmp/foo /tmp/list_all_packages
-comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black
-apt-mark auto `cat /tmp/list_black`
-DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
-rm /tmp/list_all_packages /tmp/list_white_unsorted /tmp/list_white /tmp/list_black
diff --git a/archived/all_new_2018/setup_scripts/set_hostname_and_fqdn.sh b/archived/all_new_2018/setup_scripts/set_hostname_and_fqdn.sh
deleted file mode 100755 (executable)
index 3f95590..0000000
+++ /dev/null
@@ -1,45 +0,0 @@
-#!/bin/sh
-# Sets hostname and optionally FQDN.
-#
-# Calls hostname, writes to /etc/hostname and /etc/hosts. For /etc/hosts
-# writing follows recommendations from Debian manual at
-# <https://www.debian.org/doc/manuals/debian-reference/ch05.en.html>
-# (section "The hostname resolution") on how to map hostname and possibly
-# FQDN to a permanent IP if present (we assume here any non-private IP
-# and non-loopback IP returned by hostname -I to fulfill that criterion
-# on our systems) or to 127.0.1.1 if not. On the reasoning for separating
-# localhost and hostname mapping to different IPs, see
-# <https://unix.stackexchange.com/a/13087>.
-set -e
-
-hostname="$1"
-fqdn="$2"
-if [ "${hostname}" = "" ]; then
-    echo "Need hostname as argument."
-    false
-fi
-echo "${hostname}" > /etc/hostname
-hostname "${hostname}"
-
-final_ip="127.0.1.1"
-for ip in $(hostname -I); do
-    range_1=$(echo "${ip}" | cut -d "." -f 1)
-    range_2=$(echo "${ip}" | cut -d "." -f 2)
-    if [ "${range_1}" -eq 127 ]; then
-        continue
-    elif [ "${range_1}" -eq 10 ]; then
-        continue
-    elif [ "${range_1}" -eq 172 ]; then
-        if [ "${range_2}" -ge 16 ] && [ "${range_2}" -le 31 ]; then
-            continue
-        fi
-    elif [ "${range_1}" -eq 192 ]; then
-        if [ "${range_2}" -eq 168 ]; then
-            continue
-        fi
-    fi
-    final_ip="${ip}"
-done
-
-echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
-echo "${final_ip} ${fqdn} ${hostname}" >> /etc/hosts
diff --git a/archived/all_new_2018/setup_scripts/setup_mail.sh b/archived/all_new_2018/setup_scripts/setup_mail.sh
deleted file mode 100755 (executable)
index 2080705..0000000
+++ /dev/null
@@ -1,94 +0,0 @@
-#/bin/sh
-set -e
-
-# Check we have the necessary arguments.
-if [ $# -lt 2 ]; then
-    echo "Give arguments of mail domain and DKIM selector."
-    echo "Also, if hosting mail for entire domain, give third argument 'domainwide'."
-    false
-fi
-mail_domain="$1"
-dkim_selector="$2"
-domainwide="$3"
-
-config_tree_prefix="${HOME}/config/all_new_2018"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-cd "${setup_scripts_dir}"
-
-# Set up DKIM key. Only keep opendkim-tools on system if pre-installed.
-mkdir -p /etc/dkimkeys/
-set +e
-dpkg -s opendkim-tools &> /dev/null
-preinstalled="$?"
-set -e
-if [ ! "${preinstalled}" -eq "0" ]; then
-    apt install -y opendkim-tools
-fi
-opendkim-genkey -s "${dkim_selector}"
-mv "${dkim_selector}.private" /etc/dkimkeys/
-if [ ! "${preinstalled}" -eq "0" ]; then
-    apt -y --purge autoremove opendkim-tools
-fi
-
-# Link and adapt mail-server-specific /etc/ files.
-./hardlink_etc.sh mail
-sed -i "s/REPLACE_maildomain_ECALPER/${mail_domain}/g" /etc/mailutils.conf
-sed -i "s/REPLACE_Domain_ECALPER/${mail_domain}/g" /etc/opendkim.conf
-sed -i "s/REPLACE_Selector_ECALPER/${dkim_selector}/g" /etc/opendkim.conf
-sed -i "s/REPLACE_myhostname_ECALPER/$(hostname -f)/g" /etc/postfix/main.cf
-if [ "${domainwide}" = "domainwide" ]; then
-    sed -i 's/REPLACE_mydomain_if_domainwide_ECALPER/$mydomain/g' /etc/postfix/main.cf
-else
-    sed -i 's/REPLACE_mydomain_if_domainwide_ECALPER//g' /etc/postfix/main.cf
-fi
-# Since we re-set the iptables rules, we need to reload them.
-iptables-restore /etc/iptables/rules.v4
-
-# Some useful debconf selections.
-echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections
-echo "ssl_cert = </etc/letsencrypt/live/$(hostname -f)/fullchain.pem" > /etc/dovecot/conf.d/99-ssl-certs.conf
-echo "ssl_key = </etc/letsencrypt/live/$(hostname -f)/privkey.pem" >> /etc/dovecot/conf.d/99-ssl-certs.conf
-
-# The second line should not be necessary due to the first line, but for
-# some reason the installation forgets to set up /etc/mailname early
-# enough to not (when running newaliases) stumble over its absence.
-echo "postfix postfix/mailname string ${mail_domain}" | debconf-set-selections
-echo "${mail_domain}" > /etc/mailname
-
-# Everything should now be ready for installations. Note that we don't
-# strictly need dovecot-lmtpd, as postfix will deliver mail to /var/mail/USER
-# in any case, to be found by dovecot; we use it as a transport mechanism to
-# allow for sophisticated stuff like dovecot-side sieve filtering (installed
-# with dovecot-sieve).
-apt install -y -o Dpkg::Options::=--force-confold postfix dovecot-imapd dovecot-lmtpd dovecot-sieve opendkim
-cp "${config_tree_prefix}/user_files/dovecot.sieve" /home/plom/.dovecot.sieve
-chown plom:plom /home/plom/.dovecot.sieve
-
-# Pingmail setup.
-apt install -y mailutils
-cp "${config_tree_prefix}/user_files/pingmailrc" /home/plom/.pingmailrc
-chown plom:plom /home/plom/.pingmailrc
-su plom -c "cd && git clone https://plomlompom.com/repos/clone/pingmail.git"
-
-# In addition to our postfix server receiving mails, we funnel mails from a
-# POP3 account into dovecot via fetchmail. It might make sense to adapt the
-# ~/.dovecot.sieve to move mails targeted to the fetched mail account to their
-# own mbox.
-apt -y install fetchmail
-cp "${config_tree_prefix}/user_files/fetchmailrc" /home/plom/.fetchmailrc
-chown plom:plom /home/plom/.fetchmailrc
-chmod 0700 /home/plom/.fetchmailrc
-
-# Pingmail and fetchmail have some systemd timers waiting. To let systemd
-# know about them, do this.
-systemctl daemon-reload
-
-# Final advice to user.
-echo "TODO: Ensure MX entry for your system in your DNS configuration."
-echo "TODO: Ensure a proper SPF entry for this system in your DNS configuration; something like 'v=spf1 mx -all' mapped to your host."
-echo "TODO: passwd plom for IMAPS login"
-echo "TODO: adapt /home/plom/.fetchmailrc and then do: systemctl start fetchmail.timer"
-echo "TODO: adapt /home/plom/.dovecot.sieve and /home/plom/.pingmailrc (sieve mail by pingmail target person into mbox defined in .pingmailrc), then run: systemctl start pingmail.timer"
-echo "TODO: Add the follow DMARK entry as TXT to your DNS configugration: 'v=DMARC1; p=none; rua=mailto:plom+dmarc@plomlompom.com;' mapped to _dmarc"
-echo "TODO: Add the following DKIM entry to your DNS configuration (possibly with slightly changed host entry – if your mail domain includes a subdomain, append that with a dot):"
-cat "${dkim_selector}.txt"
diff --git a/archived/all_new_2018/setup_scripts/setup_play.sh b/archived/all_new_2018/setup_scripts/setup_play.sh
deleted file mode 100755 (executable)
index f37be49..0000000
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/sh
-set -e
-
-# Ensure we have a GPG target to encrypt to.
-if [ $# -lt 1 ]; then
-    echo "Need public key ID as argument."
-    false
-fi
-gpg_key="$1"
-
-config_tree_prefix="${HOME}/config/all_new_2018"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-cd "${setup_scripts_dir}"
-
-# If anything strange happens, let root send mail to us.
-./setup_sendonly.sh
-
-# Apart from weechat, vim and screen will also be useful for everyday activity.
-apt -y install weechat screen vim
-
-# Link and copy over files.
-./hardlink_etc.sh play
-cp "${config_tree_prefix}/user_files/encrypter.sh" /home/plom/
-chown plom:plom /home/plom/encrypter.sh
-cp "${config_tree_prefix}/user_files/weechat-wrapper.sh" /home/plom/
-chown plom:plom /home/plom/weechat-wrapper.sh
-cp "${config_tree_prefix}/user_files/weechatrc" /home/plom/.weechatrc
-chown plom:plom /home/plom/.weechatrc
-apt -y install screen
-echo "$gpg_key" > /home/plom/.encrypt_target
-chown plom:plom /home/plom/.encrypt_target
-
-# Start encrypt_chatlogs job.
-./add_encryption_key.sh "${gpg_key}"
-systemctl daemon-reload
-systemctl start encrypt_chatlogs.timer
diff --git a/archived/all_new_2018/setup_scripts/setup_plomlombot.sh b/archived/all_new_2018/setup_scripts/setup_plomlombot.sh
deleted file mode 100755 (executable)
index de22ef3..0000000
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-set -e
-
-# Ensure we have a GPG target to encrypt to.
-if [ $# -lt 1 ]; then
-    echo "Need public key ID as argument."
-    false
-fi
-gpg_key="$1"
-
-config_tree_prefix="${HOME}/config/all_new_2018"
-irclogs_dir=/var/www/html/irclogs
-irclogs_pw_dir=/var/www/irclogs_pw
-
-./add_encryption_key.sh "${gpg_key}"
-apt -y install screen python3-venv
-cp "${config_tree_prefix}"/user_files/plomlombot_daemon.sh /home/plom/
-chown plom:plom /home/plom/plomlombot_daemon.sh
-su plom -c "cd && git clone /var/public_repos/plomlombot-irc"
-systemctl enable /etc/systemd/system/plomlombot.service
-service plomlombot start
-mkdir -p "${irclogs_dir}"
-chown -R plom:plom "${irclogs_dir}"
-mkdir -p "${irclogs_pw_dir}"
-chown -R plom:plom "${irclogs_pw_dir}"
-echo "Don't forget to add a file ~/.plomlombot with content such as:"
-echo "gpg_key ${gpg_key}"
-echo "bot: SCREEN_SESSION_NAME BOT_NAME #CHANNEL_NAME IRC_SERVER_NAME LOGS_USER LOGS_PW"
-echo "# file should end in newline or non-interpreted line such as this"
diff --git a/archived/all_new_2018/setup_scripts/setup_sendonly.sh b/archived/all_new_2018/setup_scripts/setup_sendonly.sh
deleted file mode 100755 (executable)
index e761eeb..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/bin/sh
-# This sets up the minimum of a mail server necessary to send out mails
-# to the world.
-set -e
-
-config_tree_prefix="${HOME}/config/all_new_2018"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-cd "${setup_scripts_dir}"
-
-./hardlink_etc.sh sendonly
-echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections
-echo "postfix postfix/mailname string $(hostname -f)" | debconf-set-selections
-echo "$(hostname -f)" > /etc/mailname
-apt install -y postfix
diff --git a/archived/all_new_2018/setup_scripts/setup_server.sh b/archived/all_new_2018/setup_scripts/setup_server.sh
deleted file mode 100755 (executable)
index 172d8d2..0000000
+++ /dev/null
@@ -1,52 +0,0 @@
-#!/bin/sh
-# Next setup steps for a server whose login policy has just been set from
-# the outside via ./init_user_and_keybased_login.sh.
-set -e
-
-# Provide maximum input for set_hostname_and_fqdn.sh.
-if [ "$#" -ne 2 ]; then
-    echo 'Need exactly two arguments (hostname, FQDN).'
-    false
-fi
-hostname="$1"
-fqdn="$2"
-
-config_tree_prefix="${HOME}/config/all_new_2018"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-cd "${setup_scripts_dir}"
-
-# Adapt /etc/ to our needs by hardlinking into ./linkable_etc_files. This
-# will set basic configurations affecting following steps, such as setup
-# of APT and the locale selection, so needs to be right at the beginning.
-./hardlink_etc.sh all server
-
-# Set hostname and FQDN.
-./set_hostname_and_fqdn.sh "${hostname}" "${fqdn}"
-
-# Some debconf selections we don't want to get asked during coming
-# install actions.
-echo 'iptables-persistent iptables-persistent/autosave_v4 boolean false' | debconf-set-selections
-echo 'iptables-persistent iptables-persistent/autosave_v6 boolean false' | debconf-set-selections
-
-# Ensure package installation state as defined by what packages are
-# defined as required by Debian policy and by settings in ./apt-mark/.
-apt update
-./install_for_target.sh all server
-./purge_nonrequireds.sh all server
-
-# Ensure our desired locale is available.
-locale-gen
-
-# Only upgrade after reducing the system to the desired minimum, so that
-# we don't need to get more data than necessary.
-apt -y dist-upgrade
-
-# Set Berlin localtime.
-ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
-
-# If we have not yet set the shell for user plom, ensure it here. This
-# is mostly for convenience.
-usermod -s /bin/bash plom
-
-# We want to be able to use ALL our servers as borg backup destinations.
-apt -y install borgbackup
diff --git a/archived/all_new_2018/setup_scripts/setup_web.sh b/archived/all_new_2018/setup_scripts/setup_web.sh
deleted file mode 100755 (executable)
index 400aa22..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/sh
-# Set up plomlompom.com web server.
-set -e
-
-config_tree_prefix="${HOME}/config/all_new_2018"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-cd "${setup_scripts_dir}"
-
-./hardlink_etc.sh web
-./setup_sendonly.sh
-sed -i "s/REPLACE_fqdn_ECALPER/$(hostname -f)/g" /etc/nginx/nginx.conf
-sed -i "s/REPLACE_fqdn_ECALPER/$(hostname -f)/g" /etc/gitweb.conf
-cd /var/
-rm -rf www
-git clone plom@core.plomlompom.com:repos/website www
-apt -y -o Dpkg::Options::=--force-confold install nginx gitweb fcgiwrap
-mkdir /var/public_repos
-chown plom:plom /var/public_repos
-iptables-restore /etc/iptables/rules.v4
diff --git a/archived/all_new_2018/user_files/dovecot.sieve b/archived/all_new_2018/user_files/dovecot.sieve
deleted file mode 100644 (file)
index 5346309..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-require ["fileinto"];
-require ["mailbox"];
-if address :is "from" "foo@bar.com" {
-  fileinto :create "foo";
-}
-if address :is :domain "to" "example.com" {
-  fileinto :create "example.com";
-}
diff --git a/archived/all_new_2018/user_files/encrypter.sh b/archived/all_new_2018/user_files/encrypter.sh
deleted file mode 100755 (executable)
index e2ebd44..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-# Encrypt dated weechatlog files older than one day to GPG target defined in
-# ~/.encrypt_target
-set -e
-
-gpg_key=$(cat ~/.encrypt_target)
-cd ~/weechatlogs/irc/
-find . -regextype posix-egrep -regex '^.*/.*/.*\.[0-9]{4}-[0-9]{2}-[0-9]{2}\.weechatlog$' -type f -mtime +1 -exec gpg --recipient "${gpg_key}" --trust-model always --encrypt {} \; -exec rm {} \;
-
diff --git a/archived/all_new_2018/user_files/fetchmailrc b/archived/all_new_2018/user_files/fetchmailrc
deleted file mode 100755 (executable)
index b437563..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-# remove "keep" if you're sure about your setup; it keeps mails on server from getting deleted 
-poll mail.example.com protocol pop3 username "foo@example.com" password "PASSWORD" ssl keep
diff --git a/archived/all_new_2018/user_files/pingmailrc b/archived/all_new_2018/user_files/pingmailrc
deleted file mode 100644 (file)
index 46bcbfe..0000000
+++ /dev/null
@@ -1,45 +0,0 @@
-# place for test files whose modification times are used to track lifesigns
-testdir=$HOME'/.pingmail'
-
-# modification time is the last time a ping was sent or a lifetime received
-ping_touch=$testdir'/ping_touch'
-
-# modification time is when the count for sending checker a warning mail starts
-reminder_touch=$testdir'/reminder_touch'
-
-# how long to wait for lifesigns before sending a ping; double is time to wait
-# for a lifesign before sending a warning message to checker
-wait_time=86400
-
-# address of the checker, receives warning message after too long wait
-checker_address='bar@example.org'
-
-# address of the checked person, ping is sent here
-checked_address='foo@example.org'
-
-# content of ping message sent to checked person
-subj2checked='[pingmail] Ping!'
-msg2checked='Hi!\n
-\nThis is an automated mail ping from '$checker_address'.
-\nRespond to show that you are still alive!'
-
-# content of warning message sent to checker
-id_target='foo'
-subj2checker='[pingmail] No recent life signs from '$id_target
-reminder_time=`expr $wait_time \* 2`
-msg2checker='pingmail reporting in:\n
-\nNo life signs from '$id_target' for the last '$reminder_time' seconds.
-\nMaybe you should give them a call to check if they are okay.'
-
-# mail client command reading message body from stdin and subject from parameter
-mailclient_s='mail -s'
-
-# mailbox file to check for most recent life sign
-mbox=$HOME'/mail/foo'
-
-# to recursively search for most recent matches to $matchstring as lifesigns
-#maildir=$HOME'/mail'
-
-# pattern to search $maildir for recursively for lifesigns
-#checked_address_escaped=`echo $checked_address | sed 's/\./\\./g'`
-#matchstring='^From: .*('$checked_address_escaped'|alternate@example\.org)'
diff --git a/archived/all_new_2018/user_files/plomlombot_daemon.sh b/archived/all_new_2018/user_files/plomlombot_daemon.sh
deleted file mode 100755 (executable)
index 5cf1f6a..0000000
+++ /dev/null
@@ -1,55 +0,0 @@
-#!/bin/sh
-set -e
-
-# Repeatedly parse config file for GPG key and bot screen configs.
-path=~/.plomlombot
-db_dir="${HOME}/plomlombot_db"
-irclogs_dir=/var/www/html/irclogs
-irclogs_pw_dir=/var/www/irclogs_pw
-while true; do
-    if [ -f "${path}" ]; then
-        cat "${path}" | while read line; do
-            first_word=$(echo -n "${line}" | cut -d' ' -f1)
-
-            # Read "bot:" line, start bot screen session from it if not yet existing,
-            # set up irclogs dir if not yet existing.
-            if [ "${first_word}" = "bot:" ]; then
-                session_name=$(echo -n "${line}" | cut -d' ' -f2)
-                bot_name=$(echo -n "${line}" | cut -d' ' -f3)
-                channel_name=$(echo -n "${line}" | cut -d' ' -f4)
-                shortened_channel_name="${channel_name}"
-                first_char=$(echo -n "${channel_name}" | cut -c1)
-                if [ "${first_char}" = "#" ]; then
-                    shortened_channel_name=$(echo -n "${channel_name}" | cut -c2-)
-                fi
-                server_name=$(echo -n "${line}" | cut -d' ' -f5)
-                login_user=$(echo -n "${line}" | cut -d' ' -f6)
-                login_pw=$(echo -n "${line}" | cut -d' ' -f7)
-                set +e
-                screen -S "${session_name}" -Q select . > /dev/null
-                start_screen=$?
-                set -e
-                if [ "${start_screen}" -eq "1" ]; then
-                cd ~/plomlombot-irc
-                LANG="en_US.UTF-8" screen -d -m -S "${session_name}" ./run.sh -r 604800 -n "${bot_name}" -s "${server_name}" "${channel_name}"
-                fi
-                md5_server=$(echo -n "${server_name}" | md5sum | cut -d' ' -f1)
-                md5_channel=$(echo -n "${channel_name}" | md5sum | cut -d' ' -f1)
-                logs_dir="${db_dir}/${md5_server}/${md5_channel}/logs"
-                # FIXME: Note the trouble we will have if we have the same channel
-                # name on different servers …
-                ln -sfn "${logs_dir}" "${irclogs_dir}/${shortened_channel_name}"
-                echo "${login_user}":'{PLAIN}'"${login_pw}" > "${irclogs_pw_dir}/${shortened_channel_name}"
-
-            # If "gpg" line, encrypt old raw logs to that GPG key.
-            elif [ "${first_word}" = "gpg_key" ]; then
-                key=$(echo -n "${line}" | cut -d' ' -f2)
-                mkdir -p ~/plomlombot_db
-                cd ~/plomlombot_db
-                find . -path '*/*/raw_logs/*.txt' -mtime +1 -type f -exec gpg --recipient "${key}" --trust-model always --encrypt {} \; -exec rm {} \;
-            fi
-
-        done
-        sleep 1
-    fi
-done
diff --git a/archived/all_new_2018/user_files/weechat-wrapper.sh b/archived/all_new_2018/user_files/weechat-wrapper.sh
deleted file mode 100755 (executable)
index 4625dd8..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-# Enforce ~/.weechatrc as sole persistent weechat config file.
-#~/config/bin/simplemail.sh ~/config/mails/weechat_restart_reminder
-rm -rf ~/.weechat/
-WEECHATCONF=`tr '\n' ';' < ~/.weechatrc`
-weechat -r "$WEECHATCONF"
-rm -rf ~/.weechat/
diff --git a/archived/all_new_2018/user_files/weechatrc b/archived/all_new_2018/user_files/weechatrc
deleted file mode 100644 (file)
index ab30c17..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-/set logger.file.path ~/weechatlogs
-/set logger.file.flush_delay 0
-/set logger.mask.irc "irc/$server/$channel.%Y-%m-%d.weechatlog"
-/set weechat.bar.status.items "[time],[buffer_last_number],[buffer_plugin],buffer_number+:+buffer_name+(buffer_modes)+{buffer_nicklist_count}+buffer_zoom+buffer_filter,[lag],[hotlist],completion,scroll,[otr]"
-/set weechat.color.chat_nick_colors "lightcyan"
-/server add freenode irc.freenode.net -nicks=plimlompom,plimlomp0m,pliml0mp0m -realname="foo bar" -autojoin=#plomlompomtest
-/connect freenode
diff --git a/archived/ansible/config.yml b/archived/ansible/config.yml
deleted file mode 100644 (file)
index 3386c91..0000000
+++ /dev/null
@@ -1,117 +0,0 @@
----
-- hosts: all
-  user: root
-  become: yes
-  tasks:
-
-  - name: ensure directories for symlinks exist
-    file: state=directory dest={{item}}
-    with_lines: cat ~/config/ansible/files/dirs | sed -e 's/ *#.*$//'
-  - name: symlink system files
-    file: state=hard force=yes src={{item}} dest={{item|basename|regex_replace('___','/')}}
-    with_fileglob: ~/config/ansible/files/system/*
-  - name: set hostname for current session
-    shell: hostname w530
-
-  # Init package management.
-  - name: update package lists
-    apt: update_cache=yes
-  - name: APT - dist-upgrade
-    apt: upgrade=dist
-
-  # Ensure power management.
-  - name: ensure power management tools are installed
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark/power_management | sed -e 's/ *#.*$//'
-  - name: start TLP
-    shell: tlp start
-
-  # Configure console.
-  #
-  # For some reason, some settings are only applied two reboots after this.
-  - name: symlink console config files
-    file: state=link force=yes src={{item}} dest={{item|basename|regex_replace('___','/')}}
-    with_fileglob: ~/config/ansible/files/console/*
-  - name: ensure locales and console-setup are installed
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark/console | sed -e 's/ *#.*$//'
-  - name: generate en_US.UTF-8 locale
-    locale_gen: name=en_US.UTF-8 state=present
-  - name: run setupcon to apply console settings from /etc/default/
-    command: setupcon
-
-  # Miscellaneous.
-  - name: Ensure dotfile symlinks
-    file: state=link force=yes src={{item}} dest=~/.{{item|basename}}
-    with_fileglob:
-    - ~/config/dotfiles/minimal/*
-    - ~/config/dotfiles/root/*
-  - name: ensure ~/.vimbackups directory
-    file: state=directory dest=~/.vimbackups
-  - name: ensure man-db, manpages are installed
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark/man | sed -e 's/ *#.*$//'
-  - name: set /etc/localtime
-    file: state=link force=yes src=/usr/share/zoneinfo/Europe/Berlin dest=/etc/localtime
-  - name: ensure various useful tools are installed – sudo, git, vim, less, openssh
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark/various_useful | sed -e 's/ *#.*$//'
-  - name: ensure boot messages are not cleared on start up
-    replace: dest=/etc/systemd/system/getty.target.wants/getty@tty1.service regexp='^TTYVTDisallocate=yes.*$' replace='TTYVTDisallocate=no'
-
-  # Config user.
-  - name: create user plom with sudo privileges and bash shell
-    user: name=plom groups=sudo shell=/bin/bash
-  - name: have config repo in user directory
-    git: repo=https://github.com/plomlompom/config dest=/home/plom/config
-    become_user: plom
-    become_method: su
-
-  # Ensure X window environment.
-  - name: ensure minimal X window environment
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark/minimal_x | sed -e 's/ *#.*$//'
-  - name: ensure 3d acceleration and optimus switch
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark/3d_acceleration | sed -e 's/ *#.*$//'
-  - name: ensure user plom is in bumblebee group
-    user: name=plom groups=bumblebee append=yes
-  - name: ensure basic X tools
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark/basic_x_tools | sed -e 's/ *#.*$//'
-
-  # Set up pentadactyl.
-  - name: ensure browser environment
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark/browser_environment | sed -e 's/ *#.*$//'
-
-  # Ensure wifi.
-  - name: ensure wifi configuration
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark/wifi | sed -e 's/ *#.*$//'
-
-  # Ensure audio/video consumption necessities.
-  - name: ensure multimedia tools
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark/multimedia | sed -e 's/ *#.*$//'
-
-  # Ensure hotkeys.
-  #
-  # For some reason, the brightness hotkeys still won't be available unless acpid is restarted (yes, after reboot).
-  - name: ensure hotkeys 
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark/hotkeys | sed -e 's/ *#.*$//'
-
-  # Remove undesired packages
-  - name: collect desired packages
-    shell: cat files/apt-mark/*  | sed -e 's/ *#.*$//' > /tmp/white_list_unsorted && sort /tmp/white_list_unsorted > /tmp/white_list_sorted
-  - name: collect currently installed packages
-    shell: dpkg-query -Wf '${Package}\n' > /tmp/all_unsorted && sort /tmp/all_unsorted > /tmp/all_sorted
-  - name: create black list of packages to mark as automatically installed from the difference between the required packages and the packages currently installed
-    shell: comm -3 /tmp/all_sorted /tmp/white_list_sorted > /tmp/list_black
-  - name: mark all packages from black list as automatically installed
-    shell: apt-mark auto $(cat /tmp/list_black)
-  - name: mark all packages from white list as manually installed
-    shell: apt-mark manual $(cat /tmp/white_list_unsorted)
-  - name: purge all packages automatically installed that are not depended on
-    shell: DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
diff --git a/archived/ansible/config_new.yml b/archived/ansible/config_new.yml
deleted file mode 100644 (file)
index f3bd3f5..0000000
+++ /dev/null
@@ -1,147 +0,0 @@
----
-- hosts: all
-  user: root
-  become: yes
-  tasks:
-
-  - name: ensure directories for symlinks exist
-    file: state=directory dest={{item}}
-    with_lines: cat ~/config/ansible/files/dirs_new | sed -e 's/ *#.*$//'
-  - name: symlink system files
-    file: state=hard force=yes src={{item}} dest={{item|basename|regex_replace('___','/')}}
-    with_fileglob:
-    - ~/config/ansible/files/system_new/minimal/*
-    - ~/config/ansible/files/system_new/{{ system_name }}/*
-  - name: set hostname for current session
-    shell: hostname {{ system_name }} 
-
-  # Init package management.
-  - name: add palemoon repo signing key
-    apt_key:
-      url: https://download.opensuse.org/repositories/home:stevenpusser/Debian_9.0/Release.key
-      state: present
-  - name: update package lists
-    apt: update_cache=yes
-  - name: APT - dist-upgrade
-    apt: upgrade=dist
-
-  # Ensure packages needed for disk encryption on startup (how does this work?)
-  - name: ensure power management tools are installed
-    apt: name={{item}} state=present
-    with_lines:
-    - cat ~/config/ansible/files/apt-mark_new/minimal/disk_encryption | sed -e 's/ *#.*$//'
-
-  # Ensure power management.
-  - name: ensure power management tools are installed
-    apt: name={{item}} state=present
-    with_lines:
-    - cat ~/config/ansible/files/apt-mark_new/minimal/power_management | sed -e 's/ *#.*$//'
-    - cat ~/config/ansible/files/apt-mark_new/X200s/power_management | sed -e 's/ *#.*$//'
-  - name: start TLP
-    shell: tlp start
-
-  # Configure console.
-  #
-  # For some reason, some settings are only applied two reboots after this.
-  - name: symlink console config files
-    file: state=link force=yes src={{item}} dest={{item|basename|regex_replace('___','/')}}
-    with_fileglob: ~/config/ansible/files/console/*
-  - name: ensure locales and console-setup are installed
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark_new/minimal/console | sed -e 's/ *#.*$//'
-  - name: generate en_US.UTF-8 locale
-    locale_gen: name=en_US.UTF-8 state=present
-  - name: Touch keyboard config file so setupcon does not ignore it.
-    command: touch /etc/default/keyboard
-  - name: run setupcon to apply console settings from /etc/default/
-    command: setupcon
-
-  # Miscellaneous.
-  - name: Ensure dotfile symlinks
-    file: state=link force=yes src={{item}} dest=~/.{{item|basename}}
-    with_fileglob:
-    - ~/config/dotfiles/minimal/*
-    - ~/config/dotfiles/root/*
-  - name: ensure ~/.vimbackups directory
-    file: state=directory dest=~/.vimbackups
-  - name: ensure man-db, manpages are installed
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark_new/minimal/man | sed -e 's/ *#.*$//'
-  - name: set /etc/localtime
-    file: state=link force=yes src=/usr/share/zoneinfo/Europe/Berlin dest=/etc/localtime
-  - name: ensure various useful tools are installed – sudo, git, vim, less, openssh
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark_new/minimal/various_useful | sed -e 's/ *#.*$//'
-  - name: ensure boot messages are not cleared on start up
-    replace: dest=/etc/systemd/system/getty.target.wants/getty@tty1.service regexp='^TTYVTDisallocate=yes.*$' replace='TTYVTDisallocate=no'
-
-  # Config user.
-  - name: create user plom with sudo privileges and bash shell
-    user: name=plom groups=sudo shell=/bin/bash
-  #- name: have config repo in user directory
-  #  git: repo=https://github.com/plomlompom/config dest=/home/plom/config
-  #  become_user: plom
-  #  become_method: su
-
-  # Ensure X window environment.
-  - name: ensure minimal X window environment
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark_new/minimal/minimal_x | sed -e 's/ *#.*$//'
-  - name: ensure 3d acceleration
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark_new/minimal/3d_acceleration | sed -e 's/ *#.*$//'
-  #- name: ensure optimus switch
-  #  apt: name={{item}} state=present
-  #  with_lines: cat ~/config/ansible/files/apt-mark_new/W530/3d_acceleration | sed -e 's/ *#.*$//'
-  #- name: ensure user plom is in bumblebee group
-  #  user: name=plom groups=bumblebee append=yes
-  - name: ensure basic X tools
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark_new/minimal/basic_x_tools | sed -e 's/ *#.*$//'
-
-  ## Set up browser environment.
-  #- name: ensure qutebrowser
-  #  include: tasks/qutebrowser.yml
-  - name: ensure browser environment
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark_new/minimal/browser_environment | sed -e 's/ *#.*$//'
-
-  # Ensure wifi.
-  - name: ensure wifi configuration
-    apt: name={{item}} state=present
-    with_lines:
-    - cat ~/config/ansible/files/apt-mark_new/minimal/wifi | sed -e 's/ *#.*$//'
-    - cat ~/config/ansible/files/apt-mark_new/X200s/wifi | sed -e 's/ *#.*$//'
-  #- name: ensure wicd
-  #  apt: name={{item}} state=present
-  #  with_lines: cat ~/config/ansible/files/apt-mark_new/W530/wicd | sed -e 's/ *#.*$//'
-
-  # Ensure audio/video consumption necessities.
-  - name: ensure multimedia tools
-    apt: name={{item}} state=present
-    with_lines: cat ~/config/ansible/files/apt-mark_new/minimal/multimedia | sed -e 's/ *#.*$//'
-  #- name: ensure multimedia tools
-  #  apt: name={{item}} state=present
-  #  with_lines: cat ~/config/ansible/files/apt-mark_new/W530/multimedia | sed -e 's/ *#.*$//'
-
-  # Ensure hotkeys.
-  #
-  # For some reason, the brightness hotkeys still won't be available unless acpid is restarted (yes, after reboot).
-  #- name: ensure hotkeys 
-  #  apt: name={{item}} state=present
-  #  with_lines: cat ~/config/ansible/files/apt-mark/hotkeys | sed -e 's/ *#.*$//'
-
-  # Remove undesired packages
-  - name: collect desired packages
-    shell: cat files/apt-mark_new/minimal/* files/apt-mark_new/{{ system_name }}/*  | sed -e 's/ *#.*$//' > /tmp/white_list_unsorted && sort /tmp/white_list_unsorted > /tmp/white_list_sorted
-  - name: collect currently installed packages
-    shell: dpkg-query -Wf '${Package}\n' > /tmp/all_unsorted && sort /tmp/all_unsorted > /tmp/all_sorted
-  - name: create black list of packages to mark as automatically installed from the difference between the required packages and the packages currently installed
-    shell: comm -3 /tmp/all_sorted /tmp/white_list_sorted > /tmp/list_black
-  - name: mark all packages from black list as automatically installed
-    shell: apt-mark auto $(cat /tmp/list_black)
-  - name: mark all packages from white list as manually installed
-    shell: apt-mark manual $(cat /tmp/white_list_unsorted)
-  - name: purge all packages automatically installed that are not depended on
-    shell: DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
-
diff --git a/archived/ansible/files/apt-mark/3d_acceleration b/archived/ansible/files/apt-mark/3d_acceleration
deleted file mode 100644 (file)
index 7d0ba5b..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-bumblebee-nvidia
-libgl1-mesa-dri  # tested as necessary for OpenGL 3D acceleration to work
-libglu1-mesa  # tested as necessary for OpenGL 3D acceleration to work
-linux-headers-amd64  # tested as necessary to build proper nvidia-driver module
-primus  # bridge by which bumblebee will deliver Nvidia-renderend content to Intel card
diff --git a/archived/ansible/files/apt-mark/basic_x_tools b/archived/ansible/files/apt-mark/basic_x_tools
deleted file mode 100644 (file)
index 9c68622..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-i3
-i3status
-python3  # this is what the i3status wrapper is written in
-redshift
-suckless-tools  # contains dmenu; not using virtual packages as that won't be marked manually installed
-xterm
-x11-xserver-utils  # includes xrdb which applies .Xresources files
diff --git a/archived/ansible/files/apt-mark/browser_environment b/archived/ansible/files/apt-mark/browser_environment
deleted file mode 100644 (file)
index cc9575c..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-iceweasel
-vim-gtk  # used by pentadactyl for text editing
-xul-ext-noscript
-xul-ext-pentadactyl
diff --git a/archived/ansible/files/apt-mark/console b/archived/ansible/files/apt-mark/console
deleted file mode 100644 (file)
index 01bcbf8..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-console-setup
-locales
diff --git a/archived/ansible/files/apt-mark/core b/archived/ansible/files/apt-mark/core
deleted file mode 100644 (file)
index 43afba8..0000000
+++ /dev/null
@@ -1,55 +0,0 @@
-base-files
-base-passwd
-bash
-bsdutils
-coreutils
-dash
-debconf
-debianutils
-diffutils
-dpkg
-e2fslibs
-e2fsprogs
-findutils
-gcc-6-base
-grep
-gzip
-hostname
-init-system-helpers
-libacl1
-libattr1
-libblkid1
-libc6
-libc-bin
-libcomerr2
-libfdisk1
-libgcc1
-liblzma5
-libmount1
-libpam0g
-libpam-modules
-libpam-modules-bin
-libpam-runtime
-libpcre3
-libselinux1
-libsepol1
-libsmartcols1
-libss2
-libtinfo5
-libuuid1
-login
-lsb-base
-mawk
-mount
-multiarch-support
-ncurses-base
-ncurses-bin
-passwd
-perl-base
-sed
-sensible-utils
-sysvinit-utils
-tar
-tzdata
-util-linux
-zlib1g
diff --git a/archived/ansible/files/apt-mark/hotkeys b/archived/ansible/files/apt-mark/hotkeys
deleted file mode 100644 (file)
index f11bdfa..0000000
+++ /dev/null
@@ -1 +0,0 @@
-acpid  # captures hotkey presses and triggers respective /etc/acpi/events/*
diff --git a/archived/ansible/files/apt-mark/man b/archived/ansible/files/apt-mark/man
deleted file mode 100644 (file)
index f688e67..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-man-db
-manpages
diff --git a/archived/ansible/files/apt-mark/minimal_ansible_environment b/archived/ansible/files/apt-mark/minimal_ansible_environment
deleted file mode 100644 (file)
index f9f4097..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-ansible
-ifupdown  # needed for internet connectivity
-isc-dhcp-client  # needed for internet connectivity
diff --git a/archived/ansible/files/apt-mark/minimal_x b/archived/ansible/files/apt-mark/minimal_x
deleted file mode 100644 (file)
index f785794..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-libpam-systemd  # needed to start X as non-root
-xinit  # contains startx
-xserver-xorg-core
-xserver-xorg-input-evdev  # supports all input devices the kernel knows about
diff --git a/archived/ansible/files/apt-mark/multimedia b/archived/ansible/files/apt-mark/multimedia
deleted file mode 100644 (file)
index 0b6d9ef..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-alsa-utils
-eject
-ffmpeg  # somehow this is needed to make youtube-dl grab 1080p versions of videos
-libdvd-pkg  # decss stuff
-mpv
-youtube-dl  # needed by mpv to directly work YouTube URLs
diff --git a/archived/ansible/files/apt-mark/power_management b/archived/ansible/files/apt-mark/power_management
deleted file mode 100644 (file)
index 3dba602..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-acpi-call-dkms  # needed for tlp to access Thinkpad-specific features
-tlp
diff --git a/archived/ansible/files/apt-mark/various_useful b/archived/ansible/files/apt-mark/various_useful
deleted file mode 100644 (file)
index e37a898..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-git
-less
-openssh-client
-sudo
-vim
diff --git a/archived/ansible/files/apt-mark/wifi b/archived/ansible/files/apt-mark/wifi
deleted file mode 100644 (file)
index 0d9d93c..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-firmware-iwlwifi  # wifi driver
-wicd-cli  # thanks to my own wicd_wrapper.sh should be enough for most stuff
-wicd-curses  # although this currently is very buggy
-wicd-gtk  # workaround for when wicd-curses fails
diff --git a/archived/ansible/files/apt-mark_new/W530/3d_acceleration b/archived/ansible/files/apt-mark_new/W530/3d_acceleration
deleted file mode 100644 (file)
index 1b7e696..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-bumblebee-nvidia
-linux-headers-amd64  # tested as necessary to build proper nvidia-driver module
-primus  # bridge by which bumblebee will deliver Nvidia-renderend content to Intel card
diff --git a/archived/ansible/files/apt-mark_new/W530/browser_environment b/archived/ansible/files/apt-mark_new/W530/browser_environment
deleted file mode 100644 (file)
index cc9575c..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-iceweasel
-vim-gtk  # used by pentadactyl for text editing
-xul-ext-noscript
-xul-ext-pentadactyl
diff --git a/archived/ansible/files/apt-mark_new/W530/hotkeys b/archived/ansible/files/apt-mark_new/W530/hotkeys
deleted file mode 100644 (file)
index f11bdfa..0000000
+++ /dev/null
@@ -1 +0,0 @@
-acpid  # captures hotkey presses and triggers respective /etc/acpi/events/*
diff --git a/archived/ansible/files/apt-mark_new/W530/multimedia b/archived/ansible/files/apt-mark_new/W530/multimedia
deleted file mode 100644 (file)
index 219097d..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-eject
-ffmpeg  # somehow this is needed to make youtube-dl grab 1080p versions of videos
-libdvd-pkg  # decss stuff
diff --git a/archived/ansible/files/apt-mark_new/W530/wicd b/archived/ansible/files/apt-mark_new/W530/wicd
deleted file mode 100644 (file)
index 55d86fe..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-wicd-cli  # thanks to my own wicd_wrapper.sh should be enough for most stuff
-wicd-curses  # although this currently is very buggy
-wicd-gtk  # workaround for when wicd-curses fails
diff --git a/archived/ansible/files/apt-mark_new/X200s/multimedia b/archived/ansible/files/apt-mark_new/X200s/multimedia
deleted file mode 100644 (file)
index dbcf4ee..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-alsa-utils
-ffmpeg  # somehow this is needed to make youtube-dl grab 1080p versions of videos
-mpv
-youtube-dl  # needed by mpv to directly work YouTube URLs
diff --git a/archived/ansible/files/apt-mark_new/X200s/power_management b/archived/ansible/files/apt-mark_new/X200s/power_management
deleted file mode 100644 (file)
index f6954bf..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-tp-smapi-dkms
-linux-headers-amd64
diff --git a/archived/ansible/files/apt-mark_new/X200s/wifi b/archived/ansible/files/apt-mark_new/X200s/wifi
deleted file mode 100644 (file)
index a0e499d..0000000
+++ /dev/null
@@ -1 +0,0 @@
-wpasupplicant
diff --git a/archived/ansible/files/apt-mark_new/minimal/3d_acceleration b/archived/ansible/files/apt-mark_new/minimal/3d_acceleration
deleted file mode 100644 (file)
index aa318bd..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-libglu1-mesa  # tested as necessary for OpenGL 3D acceleration to work
-libgl1-mesa-dri  # tested as necessary for OpenGL 3D acceleration to work
diff --git a/archived/ansible/files/apt-mark_new/minimal/basic_x_tools b/archived/ansible/files/apt-mark_new/minimal/basic_x_tools
deleted file mode 100644 (file)
index 9c68622..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-i3
-i3status
-python3  # this is what the i3status wrapper is written in
-redshift
-suckless-tools  # contains dmenu; not using virtual packages as that won't be marked manually installed
-xterm
-x11-xserver-utils  # includes xrdb which applies .Xresources files
diff --git a/archived/ansible/files/apt-mark_new/minimal/browser_environment b/archived/ansible/files/apt-mark_new/minimal/browser_environment
deleted file mode 100644 (file)
index 536ea49..0000000
+++ /dev/null
@@ -1 +0,0 @@
-palemoon
diff --git a/archived/ansible/files/apt-mark_new/minimal/console b/archived/ansible/files/apt-mark_new/minimal/console
deleted file mode 100644 (file)
index 01bcbf8..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-console-setup
-locales
diff --git a/archived/ansible/files/apt-mark_new/minimal/core b/archived/ansible/files/apt-mark_new/minimal/core
deleted file mode 100644 (file)
index 43afba8..0000000
+++ /dev/null
@@ -1,55 +0,0 @@
-base-files
-base-passwd
-bash
-bsdutils
-coreutils
-dash
-debconf
-debianutils
-diffutils
-dpkg
-e2fslibs
-e2fsprogs
-findutils
-gcc-6-base
-grep
-gzip
-hostname
-init-system-helpers
-libacl1
-libattr1
-libblkid1
-libc6
-libc-bin
-libcomerr2
-libfdisk1
-libgcc1
-liblzma5
-libmount1
-libpam0g
-libpam-modules
-libpam-modules-bin
-libpam-runtime
-libpcre3
-libselinux1
-libsepol1
-libsmartcols1
-libss2
-libtinfo5
-libuuid1
-login
-lsb-base
-mawk
-mount
-multiarch-support
-ncurses-base
-ncurses-bin
-passwd
-perl-base
-sed
-sensible-utils
-sysvinit-utils
-tar
-tzdata
-util-linux
-zlib1g
diff --git a/archived/ansible/files/apt-mark_new/minimal/disk_encryption b/archived/ansible/files/apt-mark_new/minimal/disk_encryption
deleted file mode 100644 (file)
index 67ecd10..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-cryptsetup
-udev
diff --git a/archived/ansible/files/apt-mark_new/minimal/man b/archived/ansible/files/apt-mark_new/minimal/man
deleted file mode 100644 (file)
index f688e67..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-man-db
-manpages
diff --git a/archived/ansible/files/apt-mark_new/minimal/minimal_ansible_environment b/archived/ansible/files/apt-mark_new/minimal/minimal_ansible_environment
deleted file mode 100644 (file)
index f9f4097..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-ansible
-ifupdown  # needed for internet connectivity
-isc-dhcp-client  # needed for internet connectivity
diff --git a/archived/ansible/files/apt-mark_new/minimal/minimal_x b/archived/ansible/files/apt-mark_new/minimal/minimal_x
deleted file mode 100644 (file)
index f785794..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-libpam-systemd  # needed to start X as non-root
-xinit  # contains startx
-xserver-xorg-core
-xserver-xorg-input-evdev  # supports all input devices the kernel knows about
diff --git a/archived/ansible/files/apt-mark_new/minimal/multimedia b/archived/ansible/files/apt-mark_new/minimal/multimedia
deleted file mode 100644 (file)
index 0bcc060..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-alsa-utils
-mpv
-youtube-dl  # needed by mpv to directly work YouTube URLs
diff --git a/archived/ansible/files/apt-mark_new/minimal/power_management b/archived/ansible/files/apt-mark_new/minimal/power_management
deleted file mode 100644 (file)
index 3dba602..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-acpi-call-dkms  # needed for tlp to access Thinkpad-specific features
-tlp
diff --git a/archived/ansible/files/apt-mark_new/minimal/various_useful b/archived/ansible/files/apt-mark_new/minimal/various_useful
deleted file mode 100644 (file)
index e37a898..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-git
-less
-openssh-client
-sudo
-vim
diff --git a/archived/ansible/files/apt-mark_new/minimal/wifi b/archived/ansible/files/apt-mark_new/minimal/wifi
deleted file mode 100644 (file)
index 4b8432d..0000000
+++ /dev/null
@@ -1 +0,0 @@
-firmware-iwlwifi  # wifi driver
diff --git a/archived/ansible/files/console/___etc___default___console-setup b/archived/ansible/files/console/___etc___default___console-setup
deleted file mode 100644 (file)
index 090d241..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-CHARMAP="UTF-8"
-CODESET="Lat15"
-FONTFACE="Terminus"
-FONTSIZE="6x12"
diff --git a/archived/ansible/files/console/___etc___default___keyboard b/archived/ansible/files/console/___etc___default___keyboard
deleted file mode 100644 (file)
index 7f08e30..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-# setting XKBMODEL to the questionable default seems to be necessary and works nicely
-# curiously, putting a comment on the same line as a variable setting seems to break things
-XKBMODEL="pc105"
-XKBLAYOUT="de"
diff --git a/archived/ansible/files/dirs b/archived/ansible/files/dirs
deleted file mode 100644 (file)
index 269b746..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-/etc/wicd
-/etc/acpi/events
diff --git a/archived/ansible/files/dirs_new b/archived/ansible/files/dirs_new
deleted file mode 100644 (file)
index 0739bb8..0000000
+++ /dev/null
@@ -1 +0,0 @@
-/etc/wicd
diff --git a/archived/ansible/files/system/___etc___X11___xorg.conf.forced_nvidia b/archived/ansible/files/system/___etc___X11___xorg.conf.forced_nvidia
deleted file mode 100644 (file)
index 605a10d..0000000
+++ /dev/null
@@ -1,34 +0,0 @@
-# This is the Optimus-specific configuration recommended by the "NVIDIA
-# Accelerated Linux Graphics Drivre README and Installation Guide", Chapter 32
-# "Offloading Graphics Display with RandR 1.4" 
-# (<http://us.download.nvidia.com/XFree86/Linux-x86/346.35/README/randr14.html>)
-# with the "AllowEmptyInitialConfigratuion" added as described by
-# <http://us.download.nvidia.com/XFree86/Linux-x86/346.35/README/randr14.html>.
-
-Section "ServerLayout"
-    Identifier "layout"
-    Screen 0 "nvidia"
-    Inactive "intel"
-EndSection
-
-Section "Device"
-    Identifier "nvidia"
-    Driver "nvidia"
-    BusID "PCI:01:00:0"
-    Option "AllowEmptyInitialConfiguration"
-EndSection
-
-Section "Screen"
-    Identifier "nvidia"
-    Device "nvidia"
-EndSection
-
-Section "Device"
-    Identifier "intel"
-    Driver "modesetting"
-EndSection
-
-Section "Screen"
-    Identifier "intel"
-    Device "intel"
-EndSection
diff --git a/archived/ansible/files/system/___etc___acpi___events___plom-brightness-down b/archived/ansible/files/system/___etc___acpi___events___plom-brightness-down
deleted file mode 100644 (file)
index 8d718d2..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-event=video/brightnessdown
-action=/root/config/bin/w530_backlight.sh -
diff --git a/archived/ansible/files/system/___etc___acpi___events___plom-brightness-up b/archived/ansible/files/system/___etc___acpi___events___plom-brightness-up
deleted file mode 100644 (file)
index 864ce5f..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-event=video/brightnessup
-action=/root/config/bin/w530_backlight.sh +
diff --git a/archived/ansible/files/system/___etc___acpi___events___plom-micmute b/archived/ansible/files/system/___etc___acpi___events___plom-micmute
deleted file mode 100644 (file)
index 2aab48e..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-event=button/f20
-action=amixer set Mic toggle
diff --git a/archived/ansible/files/system/___etc___acpi___events___plom-mute b/archived/ansible/files/system/___etc___acpi___events___plom-mute
deleted file mode 100644 (file)
index 3c40988..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-event=button/mute
-action=amixer set Master toggle
diff --git a/archived/ansible/files/system/___etc___acpi___events___plom-volume-down b/archived/ansible/files/system/___etc___acpi___events___plom-volume-down
deleted file mode 100644 (file)
index 7658b1c..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-event=button/volumedown
-action=amixer set Master 10-
diff --git a/archived/ansible/files/system/___etc___acpi___events___plom-volume-up b/archived/ansible/files/system/___etc___acpi___events___plom-volume-up
deleted file mode 100644 (file)
index 9ba779f..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-event=button/volumeup
-action=amixer set Master 10+
diff --git a/archived/ansible/files/system/___etc___apt___apt.conf.d___99mindeps b/archived/ansible/files/system/___etc___apt___apt.conf.d___99mindeps
deleted file mode 100644 (file)
index 4aaef79..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-APT::AutoRemove::RecommendsImportant "false";
-APT::AutoRemove::SuggestsImportant "false";
-APT::Install-Recommends "false";
-APT::Install-Suggests "false";
diff --git a/archived/ansible/files/system/___etc___apt___sources.list b/archived/ansible/files/system/___etc___apt___sources.list
deleted file mode 100644 (file)
index e64d6ee..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-deb http://ftp.debian.org/debian/ stretch main contrib non-free
-deb http://ftp.debian.org/debian/ stretch-updates main contrib non-free
-deb http://ftp.debian.org/debian stretch-backports main contrib non-free
-deb http://security.debian.org/ stretch/updates main contrib non-free
diff --git a/archived/ansible/files/system/___etc___default___tlp b/archived/ansible/files/system/___etc___default___tlp
deleted file mode 100644 (file)
index 6db0f60..0000000
+++ /dev/null
@@ -1,278 +0,0 @@
-# ------------------------------------------------------------------------------
-# tlp - Parameters for power save
-# See full explanation: http://linrunner.de/en/tlp/docs/tlp-configuration.html
-
-# Hint: some features are disabled by default, remove the leading # to enable
-# them.
-
-# Set to 0 to disable, 1 to enable TLP.
-TLP_ENABLE=1
-
-# Operation mode when no power supply can be detected: AC, BAT
-# Concerns some desktop and embedded hardware only.
-TLP_DEFAULT_MODE=AC
-
-# Seconds laptop mode has to wait after the disk goes idle before doing a sync.
-# Non-zero value enables, zero disables laptop mode.
-DISK_IDLE_SECS_ON_AC=0
-DISK_IDLE_SECS_ON_BAT=2
-
-# Dirty page values (timeouts in secs).
-MAX_LOST_WORK_SECS_ON_AC=15
-MAX_LOST_WORK_SECS_ON_BAT=60
-
-# Hint: CPU parameters below are disabled by default, remove the leading #
-# to enable them, otherwise kernel default values are used.
-
-# Select a CPU frequency scaling governor.
-# Intel Core i processor with intel_pstate driver:
-#   powersave(*), performance
-# Older hardware with acpi-cpufreq driver:
-#   ondemand(*), powersave, performance, conservative
-# (*) is recommended.
-# Hint: use tlp-stat -p to show the active driver and available governors.
-# Important:
-#   You *must* disable your distribution's governor settings or conflicts will
-#   occur. ondemand is sufficient for *almost all* workloads, you should know
-#   what you're doing!
-#CPU_SCALING_GOVERNOR_ON_AC=powersave
-#CPU_SCALING_GOVERNOR_ON_BAT=powersave
-
-# Set the min/max frequency available for the scaling governor.
-# Possible values strongly depend on your CPU. For available frequencies see
-# the output of tlp-stat -p.
-#CPU_SCALING_MIN_FREQ_ON_AC=0
-#CPU_SCALING_MAX_FREQ_ON_AC=0
-#CPU_SCALING_MIN_FREQ_ON_BAT=0
-#CPU_SCALING_MAX_FREQ_ON_BAT=0
-
-# Set Intel P-state performance: 0..100 (%)
-# Limit the max/min P-state to control the power dissipation of the CPU.
-# Values are stated as a percentage of the available performance.
-# Requires an Intel Core i processor with intel_pstate driver.
-#CPU_MIN_PERF_ON_AC=0
-#CPU_MAX_PERF_ON_AC=100
-#CPU_MIN_PERF_ON_BAT=0
-#CPU_MAX_PERF_ON_BAT=30
-
-# Set the CPU "turbo boost" feature: 0=disable, 1=allow
-# Requires an Intel Core i processor.
-# Important:
-# - This may conflict with your distribution's governor settings
-# - A value of 1 does *not* activate boosting, it just allows it
-#CPU_BOOST_ON_AC=1
-#CPU_BOOST_ON_BAT=0
-
-# Minimize number of used CPU cores/hyper-threads under light load conditions
-SCHED_POWERSAVE_ON_AC=0
-SCHED_POWERSAVE_ON_BAT=1
-
-# Kernel NMI Watchdog:
-#   0=disable (default, saves power), 1=enable (for kernel debugging only)
-NMI_WATCHDOG=0
-
-# Change CPU voltages aka "undervolting" - Kernel with PHC patch required
-# Frequency voltage pairs are written to:
-#   /sys/devices/system/cpu/cpu0/cpufreq/phc_controls
-# CAUTION: only use this, if you thoroughly understand what you are doing!
-#PHC_CONTROLS="F:V F:V F:V F:V"
-
-# Set CPU performance versus energy savings policy:
-#   performance, normal, powersave
-# Requires kernel module msr and x86_energy_perf_policy from linux-tools
-ENERGY_PERF_POLICY_ON_AC=performance
-ENERGY_PERF_POLICY_ON_BAT=powersave
-
-# Hard disk devices; separate multiple devices with spaces (default: sda).
-# Devices can be specified by disk ID also (lookup with: tlp diskid).
-DISK_DEVICES="sda sdb"
-
-# Hard disk advanced power management level: 1..254, 255 (max saving, min, off)
-# Levels 1..127 may spin down the disk; 255 allowable on most drives.
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the hardware default for the particular disk.
-DISK_APM_LEVEL_ON_AC="254 254"
-DISK_APM_LEVEL_ON_BAT="128 128"
-
-# Hard disk spin down timeout:
-#   0:        spin down disabled
-#   1..240:   timeouts from 5s to 20min (in units of 5s)
-#   241..251: timeouts from 30min to 5.5 hours (in units of 30min)
-# See 'man hdparm' for details.
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the hardware default for the particular disk.
-#DISK_SPINDOWN_TIMEOUT_ON_AC="0 0"
-#DISK_SPINDOWN_TIMEOUT_ON_BAT="0 0"
-
-# Select IO scheduler for the disk devices: cfq, deadline, noop (Default: cfq);
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the kernel default scheduler for the particular disk.
-#DISK_IOSCHED="cfq cfq"
-
-# SATA aggressive link power management (ALPM):
-#   min_power, medium_power, max_performance
-SATA_LINKPWR_ON_AC=max_performance
-SATA_LINKPWR_ON_BAT=min_power
-
-# Exclude SATA host devices from link power management.
-# Separate multiple hosts with spaces.
-#SATA_LINKPWR_BLACKLIST="host1"
-
-# Runtime Power Management for AHCI controllers and disks:
-#   on=disable, auto=enable
-# EXPERIMENTAL ** WARNING: auto will most likely cause system lockups/data loss
-#AHCI_RUNTIME_PM_ON_AC=on
-#AHCI_RUNTIME_PM_ON_BAT=on
-
-# Seconds of inactivity before disk is suspended
-AHCI_RUNTIME_PM_TIMEOUT=15
-
-# PCI Express Active State Power Management (PCIe ASPM):
-#   default, performance, powersave
-PCIE_ASPM_ON_AC=performance
-PCIE_ASPM_ON_BAT=powersave
-
-# Radeon graphics clock speed (profile method): low, mid, high, auto, default;
-# auto = mid on BAT, high on AC; default = use hardware defaults.
-# (Kernel >= 2.6.35 only, open-source radeon driver explicitly)
-RADEON_POWER_PROFILE_ON_AC=high
-RADEON_POWER_PROFILE_ON_BAT=low
-
-# Radeon dynamic power management method (DPM): battery, performance
-# (Kernel >= 3.11 only, requires boot option radeon.dpm=1)
-RADEON_DPM_STATE_ON_AC=performance
-RADEON_DPM_STATE_ON_BAT=battery
-
-# Radeon DPM performance level: auto, low, high; auto is recommended.
-RADEON_DPM_PERF_LEVEL_ON_AC=auto
-RADEON_DPM_PERF_LEVEL_ON_BAT=auto
-
-# WiFi power saving mode: on=enable, off=disable; not supported by all adapters.
-WIFI_PWR_ON_AC=off
-WIFI_PWR_ON_BAT=on
-
-# Disable wake on LAN: Y/N
-WOL_DISABLE=Y
-
-# Enable audio power saving for Intel HDA, AC97 devices (timeout in secs).
-# A value of 0 disables, >=1 enables power save.
-SOUND_POWER_SAVE_ON_AC=0
-SOUND_POWER_SAVE_ON_BAT=1
-
-# Disable controller too (HDA only): Y/N
-SOUND_POWER_SAVE_CONTROLLER=Y
-
-# Set to 1 to power off optical drive in UltraBay/MediaBay when running on
-# battery. A value of 0 disables this feature (Default).
-# Drive can be powered on again by releasing (and reinserting) the eject lever
-# or by pressing the disc eject button on newer models.
-# Note: an UltraBay/MediaBay hard disk is never powered off.
-BAY_POWEROFF_ON_BAT=0
-# Optical drive device to power off (default sr0).
-BAY_DEVICE="sr0"
-
-# Runtime Power Management for PCI(e) bus devices: on=disable, auto=enable
-RUNTIME_PM_ON_AC=on
-RUNTIME_PM_ON_BAT=auto
-
-# Runtime PM for *all* PCI(e) bus devices, except blacklisted ones:
-#   0=disable, 1=enable
-RUNTIME_PM_ALL=1
-
-# Exclude PCI(e) device adresses the following list from Runtime PM
-# (separate with spaces). Use lspci to get the adresses (1st column).
-#RUNTIME_PM_BLACKLIST="bb:dd.f 11:22.3 44:55.6"
-
-# Exclude PCI(e) devices assigned to the listed drivers from Runtime PM
-# (should prevent accidential power on of hybrid graphics' discrete part).
-# Default is "radeon nouveau"; use "" to disable the feature completely.
-# Separate multiple drivers with spaces.
-RUNTIME_PM_DRIVER_BLACKLIST="radeon nouveau"
-
-# Set to 0 to disable, 1 to enable USB autosuspend feature.
-USB_AUTOSUSPEND=1
-
-# Exclude listed devices from USB autosuspend (separate with spaces).
-# Use lsusb to get the ids.
-# Note: input devices (usbhid) are excluded automatically (see below)
-#USB_BLACKLIST="1111:2222 3333:4444"
-
-# WWAN devices are excluded from USB autosuspend: 0=do not exclude / 1=exclude
-USB_BLACKLIST_WWAN=1
-
-# Include listed devices into USB autosuspend even if already excluded
-# by the driver or WWAN blacklists above (separate with spaces).
-# Use lsusb to get the ids.
-#USB_WHITELIST="1111:2222 3333:4444"
-
-# Set to 1 to disable autosuspend before shutdown, 0 to do nothing
-# (workaround for USB devices that cause shutdown problems).
-#USB_AUTOSUSPEND_DISABLE_ON_SHUTDOWN=1
-
-# Restore radio device state (Bluetooth, WiFi, WWAN) from previous shutdown
-# on system startup: 0=disable, 1=enable.
-# Hint: the parameters DEVICES_TO_DISABLE/ENABLE_ON_STARTUP/SHUTDOWN below
-#   are ignored when this is enabled!
-RESTORE_DEVICE_STATE_ON_STARTUP=0
-
-# Radio devices to disable on startup: bluetooth, wifi, wwan.
-# Separate multiple devices with spaces.
-DEVICES_TO_DISABLE_ON_STARTUP="bluetooth wifi wwan"
-
-# Radio devices to enable on startup: bluetooth, wifi, wwan.
-# Separate multiple devices with spaces.
-#DEVICES_TO_ENABLE_ON_STARTUP="wifi"
-
-# Radio devices to disable on shutdown: bluetooth, wifi, wwan
-# (workaround for devices that are blocking shutdown).
-#DEVICES_TO_DISABLE_ON_SHUTDOWN="bluetooth wifi wwan"
-
-# Radio devices to enable on shutdown: bluetooth, wifi, wwan
-# (to prevent other operating systems from missing radios).
-#DEVICES_TO_ENABLE_ON_SHUTDOWN="wwan"
-
-# Radio devices to enable on AC: bluetooth, wifi, wwan
-#DEVICES_TO_ENABLE_ON_AC="bluetooth wifi wwan"
-
-# Radio devices to disable on battery: bluetooth, wifi, wwan
-#DEVICES_TO_DISABLE_ON_BAT="bluetooth wifi wwan"
-
-# Radio devices to disable on battery when not in use (not connected):
-# bluetooth, wifi, wwan
-DEVICES_TO_DISABLE_ON_BAT_NOT_IN_USE="bluetooth wifi wwan"
-
-# Battery charge thresholds (ThinkPad only, tp-smapi or acpi-call kernel module
-# required). Charging starts when the remaining capacity falls below the
-# START_CHARGE_THRESH value and stops when exceeding the STOP_CHARGE_THRESH value.
-# Main / Internal battery (values in %)
-START_CHARGE_THRESH_BAT0=10
-STOP_CHARGE_THRESH_BAT0=95
-# Ultrabay / Slice / Replaceable battery (values in %)
-START_CHARGE_THRESH_BAT1=10
-STOP_CHARGE_THRESH_BAT1=95
-
-# ------------------------------------------------------------------------------
-# tlp-rdw - Parameters for the radio device wizard
-# Possible devices: bluetooth, wifi, wwan
-
-# Hints:
-# - Parameters are disabled by default, remove the leading # to enable them.
-# - Separate multiple radio devices with spaces.
-
-# Radio devices to disable on connect.
-#DEVICES_TO_DISABLE_ON_LAN_CONNECT="wifi wwan"
-#DEVICES_TO_DISABLE_ON_WIFI_CONNECT="wwan"
-#DEVICES_TO_DISABLE_ON_WWAN_CONNECT="wifi"
-
-# Radio devices to enable on disconnect.
-#DEVICES_TO_ENABLE_ON_LAN_DISCONNECT="wifi wwan"
-#DEVICES_TO_ENABLE_ON_WIFI_DISCONNECT=""
-#DEVICES_TO_ENABLE_ON_WWAN_DISCONNECT=""
-
-# Radio devices to enable/disable when docked.
-#DEVICES_TO_ENABLE_ON_DOCK=""
-#DEVICES_TO_DISABLE_ON_DOCK=""
-
-# Radio devices to enable/disable when undocked.
-#DEVICES_TO_ENABLE_ON_UNDOCK="wifi"
-#DEVICES_TO_DISABLE_ON_UNDOCK=""
diff --git a/archived/ansible/files/system/___etc___hostname b/archived/ansible/files/system/___etc___hostname
deleted file mode 100644 (file)
index 8769fca..0000000
+++ /dev/null
@@ -1 +0,0 @@
-w530
diff --git a/archived/ansible/files/system/___etc___hosts b/archived/ansible/files/system/___etc___hosts
deleted file mode 100644 (file)
index d920e4f..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-127.0.0.1      localhost
-127.0.1.1      w530
-
-# The following lines are desirable for IPv6 capable hosts
-::1     localhost ip6-localhost ip6-loopback
-ff02::1 ip6-allnodes
-ff02::2 ip6-allrouters
diff --git a/archived/ansible/files/system/___etc___profile b/archived/ansible/files/system/___etc___profile
deleted file mode 100644 (file)
index 5884d7b..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-# /etc/profile: system-wide .profile file for the Bourne shell (sh(1))
-# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).
-
-if [ "`id -u`" -eq 0 ]; then
-  PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
-else
-  PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games"
-fi
-export PATH
-
-if [ "${PS1-}" ]; then
-  if [ "${BASH-}" ] && [ "$BASH" != "/bin/sh" ]; then
-    # The file bash.bashrc already sets the default PS1.
-    # PS1='\h:\w\$ '
-    if [ -f /etc/bash.bashrc ]; then
-      . /etc/bash.bashrc
-    fi
-  else
-    if [ "`id -u`" -eq 0 ]; then
-      PS1='# '
-    else
-      PS1='$ '
-    fi
-  fi
-fi
-
-if [ -d /etc/profile.d ]; then
-  for i in /etc/profile.d/*.sh; do
-    if [ -r $i ]; then
-      . $i
-    fi
-  done
-  unset i
-fi
-export LC_ALL="en_US.UTF-8"
diff --git a/archived/ansible/files/system/___etc___systemd___logind.conf b/archived/ansible/files/system/___etc___systemd___logind.conf
deleted file mode 100644 (file)
index 7a9004a..0000000
+++ /dev/null
@@ -1,38 +0,0 @@
-#  This file is part of systemd.
-#
-#  systemd is free software; you can redistribute it and/or modify it
-#  under the terms of the GNU Lesser General Public License as published by
-#  the Free Software Foundation; either version 2.1 of the License, or
-#  (at your option) any later version.
-#
-# Entries in this file show the compile time defaults.
-# You can change settings by editing this file.
-# Defaults can be restored by simply deleting this file.
-#
-# See logind.conf(5) for details.
-
-[Login]
-#NAutoVTs=6
-#ReserveVT=6
-#KillUserProcesses=no
-#KillOnlyUsers=
-#KillExcludeUsers=root
-#InhibitDelayMaxSec=5
-#HandlePowerKey=poweroff
-#HandleSuspendKey=suspend
-#HandleHibernateKey=hibernate
-#HandleLidSwitch=suspend
-#HandleLidSwitchDocked=ignore
-#PowerKeyIgnoreInhibited=no
-#SuspendKeyIgnoreInhibited=no
-#HibernateKeyIgnoreInhibited=no
-#LidSwitchIgnoreInhibited=yes
-#HoldoffTimeoutSec=30s
-#IdleAction=ignore
-#IdleActionSec=30min
-#RuntimeDirectorySize=10%
-#RemoveIPC=yes
-#InhibitorsMax=8192
-#SessionsMax=8192
-#UserTasksMax=33%
-HandleLidSwitch=hibernate
diff --git a/archived/ansible/files/system/___etc___timezone b/archived/ansible/files/system/___etc___timezone
deleted file mode 100644 (file)
index 94d5acc..0000000
+++ /dev/null
@@ -1 +0,0 @@
-Europe/Berlin
diff --git a/archived/ansible/files/system/___etc___wicd___manager-settings.conf b/archived/ansible/files/system/___etc___wicd___manager-settings.conf
deleted file mode 100644 (file)
index d2ef3ee..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-[Settings]
-backend = external
-wireless_interface = wlp3s0
-wired_interface = enp0s25
-wpa_driver = wext
-always_show_wired_interface = False
-use_global_dns = False
-global_dns_1 = None
-global_dns_2 = None
-global_dns_3 = None
-global_dns_dom = None
-global_search_dom = None
-auto_reconnect = True
-debug_mode = False
-wired_connect_mode = 1
-signal_display_type = 0
-should_verify_ap = 1
-dhcp_client = 0
-link_detect_tool = 0
-flush_tool = 0
-sudo_app = 0
-prefer_wired = False
-show_never_connect = True
-
diff --git a/archived/ansible/files/system_new/W530/___etc___X11___xorg.conf.forced_nvidia b/archived/ansible/files/system_new/W530/___etc___X11___xorg.conf.forced_nvidia
deleted file mode 100644 (file)
index e651031..0000000
+++ /dev/null
@@ -1,34 +0,0 @@
-# This is the Optimus-specific configuration recommended by the "NVIDIA
-# Accelerated Linux Graphics Driver README and Installation Guide", Chapter 32
-# "Offloading Graphics Display with RandR 1.4" 
-# (<http://us.download.nvidia.com/XFree86/Linux-x86/346.35/README/randr14.html>)
-# with the "AllowEmptyInitialConfigratuion" added as described by
-# <http://us.download.nvidia.com/XFree86/Linux-x86/346.35/README/randr14.html>.
-
-Section "ServerLayout"
-    Identifier "layout"
-    Screen 0 "nvidia"
-    Inactive "intel"
-EndSection
-
-Section "Device"
-    Identifier "nvidia"
-    Driver "nvidia"
-    BusID "PCI:01:00:0"
-    Option "AllowEmptyInitialConfiguration"
-EndSection
-
-Section "Screen"
-    Identifier "nvidia"
-    Device "nvidia"
-EndSection
-
-Section "Device"
-    Identifier "intel"
-    Driver "modesetting"
-EndSection
-
-Section "Screen"
-    Identifier "intel"
-    Device "intel"
-EndSection
diff --git a/archived/ansible/files/system_new/W530/___etc___hostname b/archived/ansible/files/system_new/W530/___etc___hostname
deleted file mode 100644 (file)
index 4d385ae..0000000
+++ /dev/null
@@ -1 +0,0 @@
-W530
diff --git a/archived/ansible/files/system_new/W530/___etc___hosts b/archived/ansible/files/system_new/W530/___etc___hosts
deleted file mode 100644 (file)
index c6f72a5..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-127.0.0.1      localhost
-127.0.1.1      W530
-
-# The following lines are desirable for IPv6 capable hosts
-::1     localhost ip6-localhost ip6-loopback
-ff02::1 ip6-allnodes
-ff02::2 ip6-allrouters
diff --git a/archived/ansible/files/system_new/W530/___etc___wicd___manager-settings.conf b/archived/ansible/files/system_new/W530/___etc___wicd___manager-settings.conf
deleted file mode 100644 (file)
index d2ef3ee..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-[Settings]
-backend = external
-wireless_interface = wlp3s0
-wired_interface = enp0s25
-wpa_driver = wext
-always_show_wired_interface = False
-use_global_dns = False
-global_dns_1 = None
-global_dns_2 = None
-global_dns_3 = None
-global_dns_dom = None
-global_search_dom = None
-auto_reconnect = True
-debug_mode = False
-wired_connect_mode = 1
-signal_display_type = 0
-should_verify_ap = 1
-dhcp_client = 0
-link_detect_tool = 0
-flush_tool = 0
-sudo_app = 0
-prefer_wired = False
-show_never_connect = True
-
diff --git a/archived/ansible/files/system_new/X200s/___etc___hostname b/archived/ansible/files/system_new/X200s/___etc___hostname
deleted file mode 100644 (file)
index d241415..0000000
+++ /dev/null
@@ -1 +0,0 @@
-X200s
diff --git a/archived/ansible/files/system_new/X200s/___etc___hosts b/archived/ansible/files/system_new/X200s/___etc___hosts
deleted file mode 100644 (file)
index b275ecb..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-127.0.0.1      localhost
-127.0.1.1      X200s
-
-# The following lines are desirable for IPv6 capable hosts
-::1     localhost ip6-localhost ip6-loopback
-ff02::1 ip6-allnodes
-ff02::2 ip6-allrouters
diff --git a/archived/ansible/files/system_new/minimal/___etc___apt___apt.conf.d___99mindeps b/archived/ansible/files/system_new/minimal/___etc___apt___apt.conf.d___99mindeps
deleted file mode 100644 (file)
index 4aaef79..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-APT::AutoRemove::RecommendsImportant "false";
-APT::AutoRemove::SuggestsImportant "false";
-APT::Install-Recommends "false";
-APT::Install-Suggests "false";
diff --git a/archived/ansible/files/system_new/minimal/___etc___apt___sources.list b/archived/ansible/files/system_new/minimal/___etc___apt___sources.list
deleted file mode 100644 (file)
index e64d6ee..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-deb http://ftp.debian.org/debian/ stretch main contrib non-free
-deb http://ftp.debian.org/debian/ stretch-updates main contrib non-free
-deb http://ftp.debian.org/debian stretch-backports main contrib non-free
-deb http://security.debian.org/ stretch/updates main contrib non-free
diff --git a/archived/ansible/files/system_new/minimal/___etc___apt___sources.list.d___palemoon.list b/archived/ansible/files/system_new/minimal/___etc___apt___sources.list.d___palemoon.list
deleted file mode 100644 (file)
index f90488e..0000000
+++ /dev/null
@@ -1 +0,0 @@
-deb http://download.opensuse.org/repositories/home:/stevenpusser/Debian_9.0/ /
diff --git a/archived/ansible/files/system_new/minimal/___etc___default___tlp b/archived/ansible/files/system_new/minimal/___etc___default___tlp
deleted file mode 100644 (file)
index 6db0f60..0000000
+++ /dev/null
@@ -1,278 +0,0 @@
-# ------------------------------------------------------------------------------
-# tlp - Parameters for power save
-# See full explanation: http://linrunner.de/en/tlp/docs/tlp-configuration.html
-
-# Hint: some features are disabled by default, remove the leading # to enable
-# them.
-
-# Set to 0 to disable, 1 to enable TLP.
-TLP_ENABLE=1
-
-# Operation mode when no power supply can be detected: AC, BAT
-# Concerns some desktop and embedded hardware only.
-TLP_DEFAULT_MODE=AC
-
-# Seconds laptop mode has to wait after the disk goes idle before doing a sync.
-# Non-zero value enables, zero disables laptop mode.
-DISK_IDLE_SECS_ON_AC=0
-DISK_IDLE_SECS_ON_BAT=2
-
-# Dirty page values (timeouts in secs).
-MAX_LOST_WORK_SECS_ON_AC=15
-MAX_LOST_WORK_SECS_ON_BAT=60
-
-# Hint: CPU parameters below are disabled by default, remove the leading #
-# to enable them, otherwise kernel default values are used.
-
-# Select a CPU frequency scaling governor.
-# Intel Core i processor with intel_pstate driver:
-#   powersave(*), performance
-# Older hardware with acpi-cpufreq driver:
-#   ondemand(*), powersave, performance, conservative
-# (*) is recommended.
-# Hint: use tlp-stat -p to show the active driver and available governors.
-# Important:
-#   You *must* disable your distribution's governor settings or conflicts will
-#   occur. ondemand is sufficient for *almost all* workloads, you should know
-#   what you're doing!
-#CPU_SCALING_GOVERNOR_ON_AC=powersave
-#CPU_SCALING_GOVERNOR_ON_BAT=powersave
-
-# Set the min/max frequency available for the scaling governor.
-# Possible values strongly depend on your CPU. For available frequencies see
-# the output of tlp-stat -p.
-#CPU_SCALING_MIN_FREQ_ON_AC=0
-#CPU_SCALING_MAX_FREQ_ON_AC=0
-#CPU_SCALING_MIN_FREQ_ON_BAT=0
-#CPU_SCALING_MAX_FREQ_ON_BAT=0
-
-# Set Intel P-state performance: 0..100 (%)
-# Limit the max/min P-state to control the power dissipation of the CPU.
-# Values are stated as a percentage of the available performance.
-# Requires an Intel Core i processor with intel_pstate driver.
-#CPU_MIN_PERF_ON_AC=0
-#CPU_MAX_PERF_ON_AC=100
-#CPU_MIN_PERF_ON_BAT=0
-#CPU_MAX_PERF_ON_BAT=30
-
-# Set the CPU "turbo boost" feature: 0=disable, 1=allow
-# Requires an Intel Core i processor.
-# Important:
-# - This may conflict with your distribution's governor settings
-# - A value of 1 does *not* activate boosting, it just allows it
-#CPU_BOOST_ON_AC=1
-#CPU_BOOST_ON_BAT=0
-
-# Minimize number of used CPU cores/hyper-threads under light load conditions
-SCHED_POWERSAVE_ON_AC=0
-SCHED_POWERSAVE_ON_BAT=1
-
-# Kernel NMI Watchdog:
-#   0=disable (default, saves power), 1=enable (for kernel debugging only)
-NMI_WATCHDOG=0
-
-# Change CPU voltages aka "undervolting" - Kernel with PHC patch required
-# Frequency voltage pairs are written to:
-#   /sys/devices/system/cpu/cpu0/cpufreq/phc_controls
-# CAUTION: only use this, if you thoroughly understand what you are doing!
-#PHC_CONTROLS="F:V F:V F:V F:V"
-
-# Set CPU performance versus energy savings policy:
-#   performance, normal, powersave
-# Requires kernel module msr and x86_energy_perf_policy from linux-tools
-ENERGY_PERF_POLICY_ON_AC=performance
-ENERGY_PERF_POLICY_ON_BAT=powersave
-
-# Hard disk devices; separate multiple devices with spaces (default: sda).
-# Devices can be specified by disk ID also (lookup with: tlp diskid).
-DISK_DEVICES="sda sdb"
-
-# Hard disk advanced power management level: 1..254, 255 (max saving, min, off)
-# Levels 1..127 may spin down the disk; 255 allowable on most drives.
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the hardware default for the particular disk.
-DISK_APM_LEVEL_ON_AC="254 254"
-DISK_APM_LEVEL_ON_BAT="128 128"
-
-# Hard disk spin down timeout:
-#   0:        spin down disabled
-#   1..240:   timeouts from 5s to 20min (in units of 5s)
-#   241..251: timeouts from 30min to 5.5 hours (in units of 30min)
-# See 'man hdparm' for details.
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the hardware default for the particular disk.
-#DISK_SPINDOWN_TIMEOUT_ON_AC="0 0"
-#DISK_SPINDOWN_TIMEOUT_ON_BAT="0 0"
-
-# Select IO scheduler for the disk devices: cfq, deadline, noop (Default: cfq);
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the kernel default scheduler for the particular disk.
-#DISK_IOSCHED="cfq cfq"
-
-# SATA aggressive link power management (ALPM):
-#   min_power, medium_power, max_performance
-SATA_LINKPWR_ON_AC=max_performance
-SATA_LINKPWR_ON_BAT=min_power
-
-# Exclude SATA host devices from link power management.
-# Separate multiple hosts with spaces.
-#SATA_LINKPWR_BLACKLIST="host1"
-
-# Runtime Power Management for AHCI controllers and disks:
-#   on=disable, auto=enable
-# EXPERIMENTAL ** WARNING: auto will most likely cause system lockups/data loss
-#AHCI_RUNTIME_PM_ON_AC=on
-#AHCI_RUNTIME_PM_ON_BAT=on
-
-# Seconds of inactivity before disk is suspended
-AHCI_RUNTIME_PM_TIMEOUT=15
-
-# PCI Express Active State Power Management (PCIe ASPM):
-#   default, performance, powersave
-PCIE_ASPM_ON_AC=performance
-PCIE_ASPM_ON_BAT=powersave
-
-# Radeon graphics clock speed (profile method): low, mid, high, auto, default;
-# auto = mid on BAT, high on AC; default = use hardware defaults.
-# (Kernel >= 2.6.35 only, open-source radeon driver explicitly)
-RADEON_POWER_PROFILE_ON_AC=high
-RADEON_POWER_PROFILE_ON_BAT=low
-
-# Radeon dynamic power management method (DPM): battery, performance
-# (Kernel >= 3.11 only, requires boot option radeon.dpm=1)
-RADEON_DPM_STATE_ON_AC=performance
-RADEON_DPM_STATE_ON_BAT=battery
-
-# Radeon DPM performance level: auto, low, high; auto is recommended.
-RADEON_DPM_PERF_LEVEL_ON_AC=auto
-RADEON_DPM_PERF_LEVEL_ON_BAT=auto
-
-# WiFi power saving mode: on=enable, off=disable; not supported by all adapters.
-WIFI_PWR_ON_AC=off
-WIFI_PWR_ON_BAT=on
-
-# Disable wake on LAN: Y/N
-WOL_DISABLE=Y
-
-# Enable audio power saving for Intel HDA, AC97 devices (timeout in secs).
-# A value of 0 disables, >=1 enables power save.
-SOUND_POWER_SAVE_ON_AC=0
-SOUND_POWER_SAVE_ON_BAT=1
-
-# Disable controller too (HDA only): Y/N
-SOUND_POWER_SAVE_CONTROLLER=Y
-
-# Set to 1 to power off optical drive in UltraBay/MediaBay when running on
-# battery. A value of 0 disables this feature (Default).
-# Drive can be powered on again by releasing (and reinserting) the eject lever
-# or by pressing the disc eject button on newer models.
-# Note: an UltraBay/MediaBay hard disk is never powered off.
-BAY_POWEROFF_ON_BAT=0
-# Optical drive device to power off (default sr0).
-BAY_DEVICE="sr0"
-
-# Runtime Power Management for PCI(e) bus devices: on=disable, auto=enable
-RUNTIME_PM_ON_AC=on
-RUNTIME_PM_ON_BAT=auto
-
-# Runtime PM for *all* PCI(e) bus devices, except blacklisted ones:
-#   0=disable, 1=enable
-RUNTIME_PM_ALL=1
-
-# Exclude PCI(e) device adresses the following list from Runtime PM
-# (separate with spaces). Use lspci to get the adresses (1st column).
-#RUNTIME_PM_BLACKLIST="bb:dd.f 11:22.3 44:55.6"
-
-# Exclude PCI(e) devices assigned to the listed drivers from Runtime PM
-# (should prevent accidential power on of hybrid graphics' discrete part).
-# Default is "radeon nouveau"; use "" to disable the feature completely.
-# Separate multiple drivers with spaces.
-RUNTIME_PM_DRIVER_BLACKLIST="radeon nouveau"
-
-# Set to 0 to disable, 1 to enable USB autosuspend feature.
-USB_AUTOSUSPEND=1
-
-# Exclude listed devices from USB autosuspend (separate with spaces).
-# Use lsusb to get the ids.
-# Note: input devices (usbhid) are excluded automatically (see below)
-#USB_BLACKLIST="1111:2222 3333:4444"
-
-# WWAN devices are excluded from USB autosuspend: 0=do not exclude / 1=exclude
-USB_BLACKLIST_WWAN=1
-
-# Include listed devices into USB autosuspend even if already excluded
-# by the driver or WWAN blacklists above (separate with spaces).
-# Use lsusb to get the ids.
-#USB_WHITELIST="1111:2222 3333:4444"
-
-# Set to 1 to disable autosuspend before shutdown, 0 to do nothing
-# (workaround for USB devices that cause shutdown problems).
-#USB_AUTOSUSPEND_DISABLE_ON_SHUTDOWN=1
-
-# Restore radio device state (Bluetooth, WiFi, WWAN) from previous shutdown
-# on system startup: 0=disable, 1=enable.
-# Hint: the parameters DEVICES_TO_DISABLE/ENABLE_ON_STARTUP/SHUTDOWN below
-#   are ignored when this is enabled!
-RESTORE_DEVICE_STATE_ON_STARTUP=0
-
-# Radio devices to disable on startup: bluetooth, wifi, wwan.
-# Separate multiple devices with spaces.
-DEVICES_TO_DISABLE_ON_STARTUP="bluetooth wifi wwan"
-
-# Radio devices to enable on startup: bluetooth, wifi, wwan.
-# Separate multiple devices with spaces.
-#DEVICES_TO_ENABLE_ON_STARTUP="wifi"
-
-# Radio devices to disable on shutdown: bluetooth, wifi, wwan
-# (workaround for devices that are blocking shutdown).
-#DEVICES_TO_DISABLE_ON_SHUTDOWN="bluetooth wifi wwan"
-
-# Radio devices to enable on shutdown: bluetooth, wifi, wwan
-# (to prevent other operating systems from missing radios).
-#DEVICES_TO_ENABLE_ON_SHUTDOWN="wwan"
-
-# Radio devices to enable on AC: bluetooth, wifi, wwan
-#DEVICES_TO_ENABLE_ON_AC="bluetooth wifi wwan"
-
-# Radio devices to disable on battery: bluetooth, wifi, wwan
-#DEVICES_TO_DISABLE_ON_BAT="bluetooth wifi wwan"
-
-# Radio devices to disable on battery when not in use (not connected):
-# bluetooth, wifi, wwan
-DEVICES_TO_DISABLE_ON_BAT_NOT_IN_USE="bluetooth wifi wwan"
-
-# Battery charge thresholds (ThinkPad only, tp-smapi or acpi-call kernel module
-# required). Charging starts when the remaining capacity falls below the
-# START_CHARGE_THRESH value and stops when exceeding the STOP_CHARGE_THRESH value.
-# Main / Internal battery (values in %)
-START_CHARGE_THRESH_BAT0=10
-STOP_CHARGE_THRESH_BAT0=95
-# Ultrabay / Slice / Replaceable battery (values in %)
-START_CHARGE_THRESH_BAT1=10
-STOP_CHARGE_THRESH_BAT1=95
-
-# ------------------------------------------------------------------------------
-# tlp-rdw - Parameters for the radio device wizard
-# Possible devices: bluetooth, wifi, wwan
-
-# Hints:
-# - Parameters are disabled by default, remove the leading # to enable them.
-# - Separate multiple radio devices with spaces.
-
-# Radio devices to disable on connect.
-#DEVICES_TO_DISABLE_ON_LAN_CONNECT="wifi wwan"
-#DEVICES_TO_DISABLE_ON_WIFI_CONNECT="wwan"
-#DEVICES_TO_DISABLE_ON_WWAN_CONNECT="wifi"
-
-# Radio devices to enable on disconnect.
-#DEVICES_TO_ENABLE_ON_LAN_DISCONNECT="wifi wwan"
-#DEVICES_TO_ENABLE_ON_WIFI_DISCONNECT=""
-#DEVICES_TO_ENABLE_ON_WWAN_DISCONNECT=""
-
-# Radio devices to enable/disable when docked.
-#DEVICES_TO_ENABLE_ON_DOCK=""
-#DEVICES_TO_DISABLE_ON_DOCK=""
-
-# Radio devices to enable/disable when undocked.
-#DEVICES_TO_ENABLE_ON_UNDOCK="wifi"
-#DEVICES_TO_DISABLE_ON_UNDOCK=""
diff --git a/archived/ansible/files/system_new/minimal/___etc___profile b/archived/ansible/files/system_new/minimal/___etc___profile
deleted file mode 100644 (file)
index 5884d7b..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-# /etc/profile: system-wide .profile file for the Bourne shell (sh(1))
-# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).
-
-if [ "`id -u`" -eq 0 ]; then
-  PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
-else
-  PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games"
-fi
-export PATH
-
-if [ "${PS1-}" ]; then
-  if [ "${BASH-}" ] && [ "$BASH" != "/bin/sh" ]; then
-    # The file bash.bashrc already sets the default PS1.
-    # PS1='\h:\w\$ '
-    if [ -f /etc/bash.bashrc ]; then
-      . /etc/bash.bashrc
-    fi
-  else
-    if [ "`id -u`" -eq 0 ]; then
-      PS1='# '
-    else
-      PS1='$ '
-    fi
-  fi
-fi
-
-if [ -d /etc/profile.d ]; then
-  for i in /etc/profile.d/*.sh; do
-    if [ -r $i ]; then
-      . $i
-    fi
-  done
-  unset i
-fi
-export LC_ALL="en_US.UTF-8"
diff --git a/archived/ansible/files/system_new/minimal/___etc___systemd___logind.conf b/archived/ansible/files/system_new/minimal/___etc___systemd___logind.conf
deleted file mode 100644 (file)
index 7a9004a..0000000
+++ /dev/null
@@ -1,38 +0,0 @@
-#  This file is part of systemd.
-#
-#  systemd is free software; you can redistribute it and/or modify it
-#  under the terms of the GNU Lesser General Public License as published by
-#  the Free Software Foundation; either version 2.1 of the License, or
-#  (at your option) any later version.
-#
-# Entries in this file show the compile time defaults.
-# You can change settings by editing this file.
-# Defaults can be restored by simply deleting this file.
-#
-# See logind.conf(5) for details.
-
-[Login]
-#NAutoVTs=6
-#ReserveVT=6
-#KillUserProcesses=no
-#KillOnlyUsers=
-#KillExcludeUsers=root
-#InhibitDelayMaxSec=5
-#HandlePowerKey=poweroff
-#HandleSuspendKey=suspend
-#HandleHibernateKey=hibernate
-#HandleLidSwitch=suspend
-#HandleLidSwitchDocked=ignore
-#PowerKeyIgnoreInhibited=no
-#SuspendKeyIgnoreInhibited=no
-#HibernateKeyIgnoreInhibited=no
-#LidSwitchIgnoreInhibited=yes
-#HoldoffTimeoutSec=30s
-#IdleAction=ignore
-#IdleActionSec=30min
-#RuntimeDirectorySize=10%
-#RemoveIPC=yes
-#InhibitorsMax=8192
-#SessionsMax=8192
-#UserTasksMax=33%
-HandleLidSwitch=hibernate
diff --git a/archived/ansible/files/system_new/minimal/___etc___timezone b/archived/ansible/files/system_new/minimal/___etc___timezone
deleted file mode 100644 (file)
index 94d5acc..0000000
+++ /dev/null
@@ -1 +0,0 @@
-Europe/Berlin
diff --git a/archived/ansible/run_root.sh b/archived/ansible/run_root.sh
deleted file mode 100755 (executable)
index 02856c2..0000000
+++ /dev/null
@@ -1 +0,0 @@
-ansible-playbook -i 'localhost,' -c local config.yml
diff --git a/archived/ansible/run_root_new.sh b/archived/ansible/run_root_new.sh
deleted file mode 100755 (executable)
index 36408a8..0000000
+++ /dev/null
@@ -1 +0,0 @@
-ansible-playbook -i 'localhost,'  -e system_name=X200s -c local config_new.yml
diff --git a/archived/ansible/run_user.sh b/archived/ansible/run_user.sh
deleted file mode 100755 (executable)
index e52b521..0000000
+++ /dev/null
@@ -1 +0,0 @@
-ansible-playbook -i 'localhost,' -c local user.yml
diff --git a/archived/ansible/run_user_new.sh b/archived/ansible/run_user_new.sh
deleted file mode 100755 (executable)
index 510faad..0000000
+++ /dev/null
@@ -1 +0,0 @@
-ansible-playbook -i 'localhost,'  -e system_name=X200s -c local user_new.yml
diff --git a/archived/ansible/tasks/initial_purge.yml b/archived/ansible/tasks/initial_purge.yml
deleted file mode 100644 (file)
index 63fddd9..0000000
+++ /dev/null
@@ -1,25 +0,0 @@
----
-
-- name: collect officially required packages
-  shell: dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted
-
-- name: add "ifupdown" and "isc-dhcp-client" (to keep internet connection afterwards) and "ansible" (to keep its modules available for continuing the configuration) to required packages
-  shell: echo 'ifupdown' >> /tmp/list_white_unsorted && echo 'isc-dhcp-client' >> /tmp/list_white_unsorted && echo 'ansible' >> /tmp/list_white_unsorted && sort /tmp/list_white_unsorted > /tmp/list_white
-
-- name: collect currently installed packages
-  shell: dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages && sort /tmp/list_all_packages > /tmp/foo && mv /tmp/foo /tmp/list_all_packages
-
-- name: create black list of packages to mark as automatically installed from the difference between the required packages and the packages currently installed
-  shell: comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black
-
-- name: mark all packages from black list as automatically installed
-  shell: apt-mark auto $(cat /tmp/list_black)
-
-- name: purge all packages automatically installed that are not depended on
-  shell: DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
-
-- name: ensure flags directory exists
-  file: path=flags state=directory
-
-- name: set initial_purge_happened flag, so that this whole process does not get repeated
-  file: path=flags/initial_purge_happened state=touch
diff --git a/archived/ansible/tasks/qutebrowser.yml b/archived/ansible/tasks/qutebrowser.yml
deleted file mode 100644 (file)
index 916c854..0000000
+++ /dev/null
@@ -1,45 +0,0 @@
----
-
-- name: Set qutebrowser, python3-pypeg2 facts.
-  set_fact:
-    qutebrowser_deb_url: https://github.com/qutebrowser/qutebrowser/releases/download/v0.11.0/qutebrowser_0.11.0-1_all.deb
-    python3pypeg2_deb_url: https://qutebrowser.org/python3-pypeg2_2.15.2-1_all.deb
-    qutebrowser_deb_path: /tmp/qutebrowser.deb
-    python3pypeg2_deb_path: /tmp/python3-pypeg2.deb
-
-- name: Check if qutebrowser is installed.
-  command: dpkg-query -W qutebrowser
-  register: qutebrowser_debcheck
-  failed_when: qutebrowser_debcheck.rc > 1
-  changed_when: qutebrowser_debcheck.rc == 1
-
-- name: Check if qutebrowser-dependency python3-pypeg2 is installed.
-  command: dpkg-query -W python3-pypeg2 
-  register: python3pypeg2_debcheck
-  failed_when: python3pypeg2_debcheck.rc > 1
-  changed_when: python3pypeg2_debcheck.rc == 1
-  when: qutebrowser_debcheck.rc == 1
-
-- name: Download python3-pypeg2 package.
-  get_url: url={{ python3pypeg2_deb_url }} dest={{ python3pypeg2_deb_path }}
-  when: qutebrowser_debcheck.rc == 1 and python3pypeg2_debcheck.rc == 1
-
-- name: Download qutebrowser package.
-  get_url: url={{ qutebrowser_deb_url }} dest={{ qutebrowser_deb_path }}
-  when: qutebrowser_debcheck.rc == 1
-
-# We use command: apt as a workaround because the Ansible apt module installs
-# the Depends of the .deb marked as manual while we want them marked as auto.
-- name: Install python3-pypeg2 package,
-  command: apt install --yes "{{ python3pypeg2_deb_path}}"
-  when: qutebrowser_debcheck.rc == 1 and python3pypeg2_debcheck.rc == 1
-
-- name: Mark python3-pypeg2 package as automatically installed.
-  command: apt-mark auto python3-pypeg2
-  when: qutebrowser_debcheck.rc == 1 and python3pypeg2_debcheck.rc == 1
-
-# We use command: apt as a workaround because the Ansible apt module installs
-# the Depends of the .deb marked as manual while we want them marked as auto.
-- name: Install qutebrowser package.
-  command: apt install --yes "{{ qutebrowser_deb_path}}"
-  when: qutebrowser_debcheck.rc == 1
diff --git a/archived/ansible/user.yml b/archived/ansible/user.yml
deleted file mode 100644 (file)
index 07dd189..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-- hosts: all
-  tasks:
-
-  - name: ensure ~/.vimbackups directory
-    file: state=directory dest=~/.vimbackups
-  - name: Ensure dotfile symlinks
-    file: state=link force=yes src={{item}} dest=~/.{{item|basename}}
-    with_fileglob:
-    - ~/config/dotfiles/minimal/*
-    - ~/config/dotfiles/user/thinkpad/minimal/*
-    - ~/config/dotfiles/user/thinkpad/W530/*
-  - name: ensure ~/downloads directory
-    file: state=directory dest=~/downloads
diff --git a/archived/ansible/user_new.yml b/archived/ansible/user_new.yml
deleted file mode 100644 (file)
index d6f46af..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-- hosts: all
-  tasks:
-
-  - name: ensure ~/.vimbackups directory
-    file: state=directory dest=~/.vimbackups
-  - name: Ensure dotfile symlinks
-    file: state=link force=yes src={{item}} dest=~/.{{item|basename}}
-    with_fileglob:
-    - ~/config/dotfiles/minimal/*
-    - ~/config/dotfiles/user/thinkpad/minimal/*
-    - ~/config/dotfiles/user/thinkpad/{{ system_name }}/*
-  - name: ensure ~/downloads directory
-    file: state=directory dest=~/downloads
diff --git a/archived/archive_plomroma.py b/archived/archive_plomroma.py
deleted file mode 100755 (executable)
index 0ad89b7..0000000
+++ /dev/null
@@ -1,86 +0,0 @@
-#!/usr/bin/env python3
-import lxml
-import argparse
-# use with `find status.plomlompom.com -type f -name "*.html" -exec ./archive_plomroma.py -f {} \;`
-
-parser = argparse.ArgumentParser(description="archive plom's self-hosted pleroma feed")
-parser.add_argument("-f", "--file", dest="file", required=True, help="HTML file to process")
-args = parser.parse_args()
-print("processing", args.file)
-
-def print_tree(node, level=0):
-    tag = node.tag
-    id = node.get("id")
-    classes = node.get("class")
-    text = (node.text or "").strip()
-    attributes_info = []
-    if id:
-        attributes_info.append(f"id='{id}'")
-    if classes:
-        attributes_info.append(f"class='{classes}'")
-    attr_str = " ".join(attributes_info)
-    print("  " * level + f"<{tag} {attr_str}>", end="")
-    if text:
-        print(f" -> {text}")
-    else:
-        print()
-    for child in node:
-        print_tree(child, level + 1)
-
-with open(args.file, "r", encoding="utf-8") as file:
-    content = file.read()
-from lxml import html
-tree = html.fromstring(content)
-
-atom_links = tree.xpath('/html/head/link[@rel="alternate"]')
-for atom_link in atom_links:
-    atom_link.getparent().remove(atom_link)
-comments = tree.xpath('//comment()')
-for comment in comments:
-    comment.getparent().remove(comment)
-forms = tree.xpath('//form')
-for form in forms:
-    form.getparent().remove(form)
-
-
-def has_class(context, element, class_name):
-    classes = element[0].get('class', '').split()
-    return class_name in classes
-ns = lxml.etree.FunctionNamespace(None)
-ns['has-class'] = has_class
-matching_divs = tree.xpath('//div[has-class(., "activity") and .//div[has-class(., "p-author")] and .//bdi[has-class(., "p-name") and string()!="plomlompom"]]')
-imgs = tree.xpath('//img')
-for img in imgs:
-   src = img.get('src')
-   if src and not src.startswith('https://status.plomlompom.com/'):
-       img.attrib.pop('src', None)
-       alt = img.get('alt')
-       if alt and not alt.startswith('../'):
-           img.attrib.pop('alt', None)
-       title = img.get('title')
-       if title and not title.startswith('../'):
-           img.attrib.pop('title', None)
-removal_notice = "[Removed foreign content for static archive, follow permalink on date to see original.]"
-for activity_div in matching_divs:
-    details = activity_div.xpath('.//details[./div[has-class]]')
-    for detail in details: 
-        new_div = lxml.etree.Element("div")
-        new_div.text = removal_notice
-        detail.getparent().replace(detail, new_div)
-    e_contents = activity_div.xpath('.//div[has-class(., "e-content") or has-class(., "activity-content")]')
-    for content in e_contents: 
-        content.clear()
-        content.text = removal_notice
-
-header = """
-<p style="text-align: right;"><a href="https://plomlompom.com/contact.html">contact</a> / <a href="https://plomlompom.com/privacy.html">privacy</a></p>
-<p>plomroma (archived): This site is a static archive of a Pleroma instance formerly hosted by me, to preserve my own messages from that time. Foreign content has been removed, but may still be available via links.</p>
-<hr />
-"""
-tree.body.insert(0, html.fromstring(header))
-
-# print_tree(tree)
-with open(args.file, "w", encoding="utf-8") as file:
-    file.write(html.tostring(tree, pretty_print=True, encoding="utf-8").decode("utf-8"))
-
-print("done")
diff --git a/archived/bin/broiler_in.sh b/archived/bin/broiler_in.sh
deleted file mode 100755 (executable)
index 5b16ddd..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-cd ~/plomlombot-irc
-./run.sh -r 604800 -n broiler_in "#nodrama.de"
diff --git a/archived/bin/hubbabubba.sh b/archived/bin/hubbabubba.sh
deleted file mode 100755 (executable)
index 50cc0f6..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-cd ~/plomlombot-irc
-./run.sh -r 604800 -n hubbabubba "#freakazoid"
diff --git a/archived/bin/i3status_wrapper.py b/archived/bin/i3status_wrapper.py
deleted file mode 100755 (executable)
index aa7b7c2..0000000
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/usr/bin/env python3
-# -*- coding: utf-8 -*-
-
-# Inspired by http://code.stapelberg.de/git/i3status/tree/contrib/wrapper.py
-
-import sys
-import json
-import subprocess 
-
-def print_nonbuffered(message):
-    sys.stdout.write(message)
-    sys.stdout.flush()
-
-if __name__ == '__main__':
-    print_nonbuffered(sys.stdin.readline())
-    print_nonbuffered(sys.stdin.readline())
-    while True:
-        line, prefix = sys.stdin.readline(), ''
-        if line.startswith(','):
-            line, prefix = line[1:], ','
-        j = json.loads(line)
-        if '1' == subprocess.getoutput('xset q | grep LED')[65]:
-            j.insert(len(j), {'full_text' : 'CAPS',
-                              'separator_block_width': 40,
-                              'color': '#FF0000'})
-        print_nonbuffered(prefix+json.dumps(j))
diff --git a/archived/bin/install_certs.sh b/archived/bin/install_certs.sh
deleted file mode 100755 (executable)
index 5ef46b0..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-set -e
-set -x
-
-~/letsencrypt/letsencrypt-auto certonly --standalone -d dump.plomlompom.com
-~/letsencrypt/letsencrypt-auto certonly --standalone -d htwtxt.plomlompom.com 
diff --git a/archived/bin/network.sh b/archived/bin/network.sh
deleted file mode 100755 (executable)
index 5f88461..0000000
+++ /dev/null
@@ -1,65 +0,0 @@
-#!/bin/sh
-
-eth_interface=enp0s25
-wifi_interface=wls1
-
-ensure_wifi_on() {
-  if [ ! "$(wifi)" = "wifi      = on" ]; then
-    #wifi on
-    ip link set "$wifi_interface" up
-  fi
-}
-
-if ! echo "${1}"; then
-  echo 'No command given.'
-  print_usage
-  exit 1
-elif [ "${1}" = 'eth_connect' ]; then
-  ip link set "$eth_interface" up 
-  dhclient "$eth_interface"
-
-elif [ "${1}" = 'eth_disconnect' ]; then
-  ip link set "$eth_interface" down
-
-elif [ "${1}" = 'wifi_scan' ]; then
-  ensure_wifi_on
-  ip link set "$wifi_interface" up
-  iw dev "$wifi_interface" scan | grep SSID
-
-elif [ "${1}" = 'wifi_connect_open' ]; then
-  ensure_wifi_on
-  iw dev "$wifi_interface" connect "${2}"
-  dhclient "$wifi_interface" 
-  #ip route delete default
-  #ip route add default via 192.168.1.1 dev wls1
-
-elif [ "${1}" = 'wifi_connect_wep_ascii' ]; then
-  ensure_wifi_on
-  iw dev "$wifi_interface" connect "${2}" key 0:"${3}"
-  dhclient "$wifi_interface" 
-
-elif [ "${1}" = 'wifi_connect_wep_hex' ]; then
-  ensure_wifi_on
-  iw dev "$wifi_interface" connect "${2}" key d:0:"${3}"
-  dhclient "$wifi_interface" 
-
-elif [ "${1}" = 'wifi_connect_wpa' ]; then
-  ensure_wifi_on
-  wpa_passphrase "${2}" "${3}" > /tmp/wpa_supplicant.conf
-  wpa_supplicant -B -i "$wifi_interface" -c /tmp/wpa_supplicant.conf
-  dhclient "$wifi_interface" 
-
-elif [ "${1}" = 'wifi_disconnect' ]; then
-  ip link set "$wifi_interface" down
-
-else
-  echo 'Available commands:'
-  echo '  eth_connect'
-  echo '  eth_disconnect'
-  echo '  wifi_scan'
-  echo '  wifi_connect_open SSID'
-  echo '  wifi_connect_wep_ascii SSID KEY'
-  echo '  wifi_connect_wep_hex SSID KEY'
-  echo '  wifi_connect_wpa SSID KEY'
-  echo '  wifi_disconnect'
-fi
diff --git a/archived/bin/plomlombot.sh b/archived/bin/plomlombot.sh
deleted file mode 100755 (executable)
index 1153d2d..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-cd ~/plomlombot-irc
-./run.sh -r 604800 -n botlomplom "#zrolaps"
diff --git a/archived/bin/renew_certs.sh b/archived/bin/renew_certs.sh
deleted file mode 100755 (executable)
index d1853b5..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-
-service nginx stop
-~/letsencrypt/letsencrypt-auto renew
-service nginx restart
diff --git a/archived/bin/setup_opendkim.sh b/archived/bin/setup_opendkim.sh
deleted file mode 100755 (executable)
index ce1e3d5..0000000
+++ /dev/null
@@ -1,65 +0,0 @@
-#!/bin/sh
-set -e
-selector=$1
-file=$2
-
-if [ ! -n "$selector" ]; then
-    cat << EOF
-Usage: $0 SELECTOR [KEYFILE] - set up DKIM system and configuration
-
-If existing KEYFILE is given, set up DKIM to use SELECTOR and apply key from
-KEYFILE.
-
-If existing KEYFILE is not given, generate KEYFILE and DNS TXT file for
-SELECTOR.
-EOF
-    exit
-fi
-
-if [ ! "$(id -u)" -eq "0" ]; then
-    echo "Must be run as root."
-    exit 1
-fi
-
-set -x
-apt-get -y install opendkim
-
-if [ ! -n "$file" ]; then
-    apt-get -y install opendkim-tools
-    opendkim-genkey -d plomlompom.com -s $selector
-    apt-get -y --purge autoremove opendkim-tools
-    set +x
-    echo
-    echo 'Generated key file at '$selector'.private.'
-    echo 'Also generated '$selector'.txt, APPLY its content below to your DNS' \
-         'record.'
-    echo 'AFTER the waiting time for DNS propagation RERUN this script with' \
-          'the key file as SECOND parameter (still use selector as first one).'
-    echo
-    cat $selector.txt
-else
-    if [ ! -f "$file" ]; then
-        set +x
-        echo
-        echo "Keyfile $file does not exist."
-        exit 1
-    fi
-    cp ~/config/systemfiles/opendkim.conf /etc/opendkim.conf
-    sed -r -i 's/^#Selector .*$/Selector '$selector'/' /etc/opendkim.conf
-    mkdir -p /etc/opendkim
-    if [ -f /etc/opendkim/dkim.key ]; then
-        cp /etc/opendkim/dkim.key /etc/opendkim/dkim.key~
-    fi
-    cp $file /etc/opendkim/dkim.key
-    cp ~/config/systemfiles/main.cf /etc/postfix/main.cf
-    cat >> /etc/postfix/main.cf << EOF
-
-# Use opendkim at given port as mail filter.
-non_smtpd_milters = inet:localhost:12301
-EOF
-    service opendkim restart
-    service postfix restart
-    set +x
-    echo
-    echo 'Ensure the DKIM TXT entry in your DNS record matches!'
-fi
diff --git a/archived/bin/setup_starttls.sh b/archived/bin/setup_starttls.sh
deleted file mode 100755 (executable)
index 3b306c2..0000000
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/bin/sh
-set -x
-set -e
-key=$1
-cert=$2
-
-if [ ! "$(id -u)" -eq "0" ]; then
-  echo "Must be run as root."
-  exit 1
-fi
-
-key_target=/etc/postfix/key.pem
-if [ ! -n "$key" ]; then
-  if [ ! -f "${key_target}" ]; then
-    (umask 077; openssl genrsa -out "${key_target}" 2048)
-  fi
-else
-  cp "$key" "${key_target}"
-fi
-
-fqdn=$(postconf -h myhostname)
-cert_target=/etc/postfix/cert.pem
-if [ ! -n "$cert" ]; then
-  if [ ! -f "${cert_target}" ]; then
-    openssl req -new -key "${key_target}" -x509 -subj "/CN=${fqdn}" -days 3650 -out "${cert_target}"
-  fi
-else
-  cp "$cert" "${cert_target}"
-fi
-
-cat >> /etc/postfix/main.cf << EOF
-
-# Enable server-side STARTTLS. 
-smtpd_tls_cert_file = /etc/postfix/cert.pem
-smtpd_tls_key_file = /etc/postfix/key.pem
-smtpd_tls_security_level = may
-EOF
-service postfix restart
diff --git a/archived/bin/simplemail.sh b/archived/bin/simplemail.sh
deleted file mode 100755 (executable)
index af0eb1a..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-#
-# This mails to user plom the message in the file named by the first parameter,
-# decoded with the first line as subject and everything below the second line
-# as the message body.
-
-subject=`head -1 $1`
-body=`tail -n +3 $1`
-echo "$body" | mutt -s "$subject" plom
diff --git a/archived/bin/simplemail_out.sh b/archived/bin/simplemail_out.sh
deleted file mode 100755 (executable)
index 8340944..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-#
-# This mails to plom@plomlompom.com the message in the file named by the first
-# parameter, decoded with the first line as subject and everything below the
-# second line as the message body.
-
-subject=`head -1 $1`
-body=`tail -n +3 $1`
-echo "$body" | mutt -s "$subject" plom@plomlompom.com
diff --git a/archived/bin/start_htwtxt.sh b/archived/bin/start_htwtxt.sh
deleted file mode 100755 (executable)
index e5ee45a..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-$GOPATH/bin/htwtxt \
-    --contact 'see http://www.plomlompom.de/' \
-    --mailport 587 \
-    --mailserver smtp.gmail.com \
-    --mailuser christian.heller@gmail.com \
-    --port 8000 \
-    --signup
diff --git a/archived/bin/symlink.sh b/archived/bin/symlink.sh
deleted file mode 100755 (executable)
index d653a0b..0000000
+++ /dev/null
@@ -1,41 +0,0 @@
-#!/bin/sh
-
-set -x
-set -e
-
-dir_minimal=~/config/dotfiles/minimal
-dir_user_prefix=~/config/dotfiles/user
-dir_user_minimal=$dir_user_prefix/minimal
-dir_user_machine=$dir_user_prefix/$1/minimal
-if [ "$3" = "" ]; then
-    dir_user_variety=$dir_user_prefix/$1/$2
-else
-    dir_user_variety=$dir_user_prefix/$1/$2/minimal
-fi
-dir_user_subvariety=$dir_user_prefix/$1/$2/$3
-dir_root=~/config/dotfiles/root
-homedir=`echo ~`
-find ~ -lname $homedir'/config/*' -delete
-for file in `ls $dir_minimal`; do
-    ln -fs $dir_minimal/$file ~/.$file
-done
-if [ "$(id -u)" -eq "0" ]; then
-    for file in `ls $dir_root`; do
-        ln -fs $dir_root/$file ~/.$file
-    done
-else
-    for file in `ls $dir_user_minimal`; do
-        ln -fs $dir_user_minimal/$file ~/.$file
-    done
-    for file in `ls $dir_user_machine`; do
-        ln -fs $dir_user_machine/$file ~/.$file
-    done
-    for file in `ls $dir_user_variety`; do
-        ln -fs $dir_user_variety/$file ~/.$file
-    done
-    if [ ! "$3" = "" ]; then
-        for file in `ls $dir_user_subvariety`; do
-            ln -fs $dir_user_subvariety/$file ~/.$file
-        done
-    fi
-fi
diff --git a/archived/bin/w530_backlight.sh b/archived/bin/w530_backlight.sh
deleted file mode 100755 (executable)
index 5b24fa7..0000000
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/sh
-
-# A very primitive backlight setter with a hardcoded backlight path, to replace
-# xbacklight which currently does not work on my system.
-
-if ! echo "${1}" | egrep -q '^[0-9]+$' && ! [ "${1}" = "+" -o "${1}" = "-" ]; then
-  echo 'Argument must be a number, or "+", or "-".'
-  exit 1
-fi
-backlight_dir=/sys/class/backlight/intel_backlight
-max_brightness=$(cat "${backlight_dir}"/max_brightness)
-target="${backlight_dir}"/brightness
-if [ "${1}" = "+" -o "${1}" = "-" ]; then
-  fract=$(expr "${max_brightness}" / 20)
-  cur_brightness=$(cat "${backlight_dir}"/brightness)
-  brightness=$(expr "${cur_brightness}" "${1}" "${fract}")
-  if [ "${brightness}" -gt "${max_brightness}" ]; then
-    brightness="${max_brightness}"
-  elif [ "${brightness}" -lt "0" ]; then
-    brightness=0
-  fi
-  sudo sh -c 'echo '"${brightness}"' > '"${target}"
-  exit 0
-fi
-percentage=${1}
-if [ "${percentage}" = '100' ]; then
-  sudo sh -c 'echo '"${max_brightness}"' > '"${target}"
-else
-  fract=$(expr "${max_brightness}" / 100)
-  brightness=$(expr "${percentage}" \* "${fract}")
-  sudo sh -c 'echo '"${brightness}"' > '"${target}"
-fi
diff --git a/archived/bin/w530_startx_force_nvidia.sh b/archived/bin/w530_startx_force_nvidia.sh
deleted file mode 100755 (executable)
index 3c3ca59..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-
-# Undo bumblebee setup.
-sudo service bumblebeed stop
-sudo modprobe nvidia-drm
-sudo update-alternatives --set glx /usr/lib/nvidia
-
-# Use special xorg.conf and pass NVIDIA_DIRECT directive to .xinitrc.
-NVIDIA_DIRECT=1 startx -- -config xorg.conf.forced_nvidia
-
-# Recreate bumblebee setup.
-sudo service bumblebeed start
-sudo update-alternatives --auto glx 
diff --git a/archived/bin/weechat-wrapper.sh b/archived/bin/weechat-wrapper.sh
deleted file mode 100755 (executable)
index 333c9d1..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-# Enforce ~/.weechatrc as sole persistent weechat config file.
-~/config/bin/simplemail.sh ~/config/mails/weechat_restart_reminder
-rm -rf ~/.weechat/
-WEECHATCONF=`tr '\n' ';' < ~/.weechatrc`
-weechat -r "$WEECHATCONF"
-rm -rf ~/.weechat/
diff --git a/archived/bin/wicd-wrapper.sh b/archived/bin/wicd-wrapper.sh
deleted file mode 100755 (executable)
index 8ed74bd..0000000
+++ /dev/null
@@ -1,67 +0,0 @@
-#!/bin/sh
-
-check_wifi_id_set() {
-  if ! echo "${1}" | egrep -q '^[0-9]+$'; then
-    echo 'Wifi identifier must be integer.'
-    exit 1
-  fi
-}
-
-ensure_wifi_on() {
-  if [ ! "$(wifi)" = "wifi      = on" ]; then
-    sudo wifi on
-  fi
-}
-
-print_usage() {
-  echo 'Available commands:'
-  echo '  eth_connect'
-  echo '  eth_disconnect'
-  echo '  wifi_scan'
-  echo '  wifi_info WIFI_ID'
-  echo '  wifi_set_wpa WIFI_ID KEY'
-  echo '  wifi_connect WIFI_ID'
-  echo '  wifi_disconnect'
-}
-
-if ! echo "${1}"; then
-  echo 'No command given.'
-  print_usage
-  exit 1
-elif [ "${1}" = 'eth_connect' ]; then
-  wicd-cli --wired --connect
-
-elif [ "${1}" = 'eth_disconnect' ]; then
-  wicd-cli --wired --disconnect
-
-elif [ "${1}" = 'wifi_scan' ]; then
-  ensure_wifi_on
-  wicd-cli --wireless --scan
-  wicd-cli --wireless --list-networks
-
-elif [ "${1}" = 'wifi_info' ]; then
-  check_wifi_id_set "${2}"
-  wicd-cli --wireless --network="${2}" --network-details
-
-elif [ "${1}" = 'wifi_set_wpa' ]; then
-  check_wifi_id_set "${2}"
-  if ! echo "${3}" ; then
-    echo 'No key set.'
-    exit 1
-  fi
-  wicd-cli --wireless --network="${2}" --network-property=enctype --set-to=wpa
-  wicd-cli --wireless --network="${2}" --network-property=key --set-to="${3}"
-
-elif [ "${1}" = 'wifi_connect' ]; then
-  ensure_wifi_on
-  check_wifi_id_set "${2}"
-  wicd-cli --wireless --network="${2}" --connect
-
-elif [ "${1}" = 'wifi_disconnect' ]; then
-  wicd-cli --wireless --disconnect
-
-else
-  echo 'Unknown command.'
-  print_usage
-  exit 1
-fi
diff --git a/archived/bin/zinskritik.sh b/archived/bin/zinskritik.sh
deleted file mode 100755 (executable)
index 9ad293a..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-cd ~/plomlombot-irc
-./run.sh -r 604800 -n histomat "#freie-gesellschaft"
diff --git a/archived/bullseye/apt-mark/all b/archived/bullseye/apt-mark/all
new file mode 100644 (file)
index 0000000..4b760bc
--- /dev/null
@@ -0,0 +1,12 @@
+# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client
+# unpredictably so
+ifupdown
+isc-dhcp-client
+# git for the setup directory; cloning works with ca-certificates
+ca-certificates
+git
+# to avoid constant warnings about no locale being found
+locales
+# extremely useful for basic network debugging; missed these more than once in an emergency
+netcat
+iputils-ping
diff --git a/archived/bullseye/apt-mark/desktop b/archived/bullseye/apt-mark/desktop
new file mode 100644 (file)
index 0000000..f537318
--- /dev/null
@@ -0,0 +1,2 @@
+# so that grub learns about kernel updates
+grub-pc
diff --git a/archived/bullseye/apt-mark/dumpsite b/archived/bullseye/apt-mark/dumpsite
new file mode 100644 (file)
index 0000000..a87852a
--- /dev/null
@@ -0,0 +1,13 @@
+wget
+# for blog and zettel
+pandoc
+# for blog
+html2text
+uuid-runtime
+python3
+# for url_catcher daemon
+python3-venv
+build-essential
+python3-dev
+screen
+postfix
diff --git a/archived/bullseye/apt-mark/microblogpub b/archived/bullseye/apt-mark/microblogpub
new file mode 100644 (file)
index 0000000..e2688e8
--- /dev/null
@@ -0,0 +1,14 @@
+# to get python3.11 tgz
+wget
+build-essential
+zlib1g-dev
+libncurses5-dev
+libgdbm-dev
+libnss3-dev
+libssl-dev
+libreadline-dev
+libffi-dev
+libsqlite3-dev
+libbz2-dev
+# to set up poetry
+curl
diff --git a/archived/bullseye/apt-mark/play b/archived/bullseye/apt-mark/play
new file mode 100644 (file)
index 0000000..154f7e7
--- /dev/null
@@ -0,0 +1,4 @@
+weechat
+screen
+gnupg
+dirmngr
diff --git a/archived/bullseye/apt-mark/server b/archived/bullseye/apt-mark/server
new file mode 100644 (file)
index 0000000..2ab22d2
--- /dev/null
@@ -0,0 +1,6 @@
+# so we can login at all …
+openssh-server
+# firewalling
+nftables
+# We want to be able to use ALL our servers as borg backup destinations.
+borgbackup
diff --git a/archived/bullseye/apt-mark/thinkpad b/archived/bullseye/apt-mark/thinkpad
new file mode 100644 (file)
index 0000000..6a780f2
--- /dev/null
@@ -0,0 +1,7 @@
+# for wifi
+firmware-iwlwifi
+# for tlp
+tlp
+tp-smapi-dkms
+linux-headers-amd64
+#
diff --git a/archived/bullseye/apt-mark/user b/archived/bullseye/apt-mark/user
new file mode 100644 (file)
index 0000000..b35f7a8
--- /dev/null
@@ -0,0 +1,74 @@
+# to avoid booting problems with encrypted LVM, see <https://askubuntu.com/a/1105848>
+cryptsetup-initramfs
+lvm2
+# this provides setupcon which reads /etc/default/console-setup
+console-setup
+# without this, systemd-logind won't run, and so not detect lid close for hibernation
+dbus
+# for X to start at all
+xserver-xorg-video-intel
+# X input: keyboard and touchpad
+xserver-xorg-input-evdev
+xserver-xorg-input-synaptics
+# for startx
+xinit
+# for xrdb
+x11-xserver-utils
+# for startx to run for non-root user
+libpam-systemd
+# window environment
+i3
+i3status
+suckless-tools
+xterm
+# to get sleepy at night
+redshift
+# for alsamixer
+alsa-utils
+# for xterm and browser unicode display
+ttf-unifont
+# also useful
+vim
+sudo
+less
+man-db
+manpages
+procps
+# firefox dependencies
+libdbus-glib-1-2
+libgtk-3-0
+# firefox installation dependencies (remove later?)
+curl
+python3
+bzip2
+wget
+jq
+unzip
+# to mount encrypted USB stick and use its contents
+pmount
+cryptsetup
+openssh-client
+# for syncing
+borgbackup
+# emacs
+emacs
+emacs-common-non-dfsg
+emacs-el
+elpa-ledger
+ledger
+elpa-elfeed
+# mail setup
+isync
+notmuch
+elpa-notmuch
+pinentry-gtk2
+# to mount Android phone
+go-mtpfs
+# to use HP Deskjet F380 scanner from GIMP
+sane-utils
+xsane
+# to use HP Deskjet F380 printer
+cups
+# for wifi
+network-manager
+#
diff --git a/archived/bullseye/apt-mark/w530 b/archived/bullseye/apt-mark/w530
new file mode 100644 (file)
index 0000000..e69de29
diff --git a/archived/bullseye/apt-mark/web b/archived/bullseye/apt-mark/web
new file mode 100644 (file)
index 0000000..4912b8a
--- /dev/null
@@ -0,0 +1,4 @@
+nginx-light
+# for SSL
+certbot
+python3-certbot-nginx
diff --git a/archived/bullseye/apt-mark/website b/archived/bullseye/apt-mark/website
new file mode 100644 (file)
index 0000000..7bdd77f
--- /dev/null
@@ -0,0 +1,11 @@
+# for gitweb
+gitweb
+fcgiwrap
+# for plomlombot
+gnupg
+dirmngr
+python3-venv
+screen
+# for uwsgi
+build-essential
+python3-dev
diff --git a/archived/bullseye/borg.sh b/archived/bullseye/borg.sh
new file mode 100755 (executable)
index 0000000..0ff0c08
--- /dev/null
@@ -0,0 +1,147 @@
+#!/bin/sh
+set -e
+
+standard_repo="borg"
+config_file="${HOME}/.borgrepos"
+
+usage() {
+    echo "Need operation as argument, one of:"
+    echo "init"
+    echo "store"
+    echo "check"
+    echo "export_keyfiles"
+    echo "orgpush"
+    echo "orgpull"
+    false
+}
+
+read_pw() {
+    if [ "${#SSH_AGENT_PID}" -eq 0 ]; then
+        eval $(ssh-agent)
+        echo "ssh-add"
+        stty -echo
+        ssh-add
+        stty echo
+    fi
+    if [ "${#BORG_PASSPHRASE}" -eq 0 ]; then
+        stty -echo
+        printf "Borg passphrase: "
+        read password
+        stty echo
+        printf "\n"
+        export BORG_PASSPHRASE="${password}"
+    fi
+}
+
+if [ ! -f "${config_file}" ]; then
+    echo '# file read ends at last newline' >> "${config_file}"
+fi
+if [ "$#" -lt 1 ]; then
+    usage
+fi
+first_arg="$1"
+shift
+if [ "${first_arg}" = "init" ]; then
+    if [ ! "$#" -eq 1 ]; then
+        echo "Need exactly one argument: target of form user@server"
+        false
+    fi
+    target="$1"
+    echo "Initializing: ${target}"
+    borg init --verbose --encryption=keyfile "${target}:${standard_repo}"
+    tmp_file="/tmp/new_borgrepos"
+    echo "${target}" > "${tmp_file}"
+    cat "${config_file}" >> "${tmp_file}"
+    cp "${tmp_file}" "${config_file}"
+elif [ "${first_arg}" = "store" ]; then
+    if [ ! "$#" -eq 2 ]; then
+        echo "Need precisely two arguments: archive name and path to archive."
+        false
+    fi
+    archive_name=$1
+    shift
+    to_backup="$@"
+    read_pw
+    cat "${config_file}" | while read line; do
+        first_char=$(echo "${line}" | cut -c1)
+        if [ "${first_char}" = "#" ]; then
+            continue
+        fi
+        repo="${line}:${standard_repo}"
+        archive="${repo}::${archive_name}-{utcnow:%Y-%m-%dT%H:%M}"
+        echo "Creating archive: ${archive}"
+        borg create --verbose --list "${archive}" "${to_backup}"
+    done
+elif [ "${first_arg}" = "check" ]; then
+    if [ ! "$#" -eq 0 ]; then
+        echo "Need no arguments"
+        false
+    fi
+    read_pw
+    cat "${config_file}" | while read line; do
+        first_char=$(echo "${line}" | cut -c1)
+        if [ "${first_char}" = "#" ]; then
+            continue
+        fi
+        repo="${line}:${standard_repo}"
+        echo "Checking repo: ${repo}"
+        borg check --verbose "${repo}"
+    done
+elif [ "${first_arg}" = "export_keyfiles" ]; then
+    if [ ! "$#" -eq 1 ]; then
+        echo "Need output tar file name."
+        false
+    fi
+    tar_target="${1}"
+    tmp_dir="${HOME}/.borgtmp"
+    keyfiles_dir="${tmp_dir}/borg_keyfiles"
+    mkdir -p "${keyfiles_dir}"
+    cat "${config_file}" | while read line; do
+        first_char=$(echo "${line}" | cut -c1)
+        if [ "${first_char}" = "#" ]; then
+            continue
+        fi
+        repo="${line}:${standard_repo}"
+        borg key export "${repo}" "${keyfiles_dir}/${line}"
+    done
+    cur_dir="$(pwd)"
+    cd "${tmp_dir}"
+    target=$(basename "${keyfiles_dir}")
+    tar cf "${tar_target}" "${target}"
+    mv "${tar_target}" "${cur_dir}"
+    cd
+    rm -rf "${tmp_dir}"
+elif [ "${first_arg}" = "orgpush" ]; then
+    archive_name="orgdir"
+    to_backup=~/org
+    read_pw
+    cat "${config_file}" | while read line; do
+        first_char=$(echo "${line}" | cut -c1)
+        if [ "${first_char}" = "#" ]; then
+            continue
+        fi
+        repo="${line}:${standard_repo}"
+        archive="${repo}::${archive_name}-{utcnow:%Y-%m-%dT%H:%M}"
+        echo "Creating archive: ${archive}"
+        borg create --verbose --list "${archive}" "${to_backup}" --exclude ~/org/.git
+    done
+elif [ "${first_arg}" = "orgpull" ]; then
+    echo "Doing ORGPULL, potentially overwriting important data. Hit Return to continue, last chance to abort!"
+    read _
+    archive_name="orgdir"
+    read_pw
+    cd /
+    cat "${config_file}" | while read line; do
+        first_char=$(echo "${line}" | cut -c1)
+        if [ "${first_char}" = "#" ]; then
+            continue
+        fi
+        repo="${line}:${standard_repo}"
+        archive=$(borg list "${repo}" | grep "${orgdir}" | tail -1 | cut -f1 -d' ')
+        echo "Pulling archive: ${archive}"
+        borg extract --verbose "${repo}::${archive}"
+        break
+    done
+else
+    usage
+fi
diff --git a/archived/bullseye/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies b/archived/bullseye/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies
new file mode 100644 (file)
index 0000000..4aaef79
--- /dev/null
@@ -0,0 +1,4 @@
+APT::AutoRemove::RecommendsImportant "false";
+APT::AutoRemove::SuggestsImportant "false";
+APT::Install-Recommends "false";
+APT::Install-Suggests "false";
diff --git a/archived/bullseye/etc_files/all/etc/apt/sources.list b/archived/bullseye/etc_files/all/etc/apt/sources.list
new file mode 100644 (file)
index 0000000..55b1418
--- /dev/null
@@ -0,0 +1,4 @@
+deb http://deb.debian.org/debian bullseye main contrib non-free
+deb http://security.debian.org/debian-security bullseye-security main contrib non-free
+deb http://deb.debian.org/debian bullseye-updates main contrib non-free
+deb http://ftp.debian.org/debian bullseye-backports main contrib non-free
diff --git a/archived/bullseye/etc_files/all/etc/default/locale b/archived/bullseye/etc_files/all/etc/default/locale
new file mode 100644 (file)
index 0000000..dd6eee3
--- /dev/null
@@ -0,0 +1 @@
+LANG="en_US.UTF-8"
diff --git a/archived/bullseye/etc_files/all/etc/locale.gen b/archived/bullseye/etc_files/all/etc/locale.gen
new file mode 100644 (file)
index 0000000..a28cfa4
--- /dev/null
@@ -0,0 +1,483 @@
+# This file lists locales that you wish to have built. You can find a list
+# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
+# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
+# this file, you need to rerun locale-gen.
+
+
+# aa_DJ ISO-8859-1
+# aa_DJ.UTF-8 UTF-8
+# aa_ER UTF-8
+# aa_ER@saaho UTF-8
+# aa_ET UTF-8
+# af_ZA ISO-8859-1
+# af_ZA.UTF-8 UTF-8
+# ak_GH UTF-8
+# am_ET UTF-8
+# an_ES ISO-8859-15
+# an_ES.UTF-8 UTF-8
+# anp_IN UTF-8
+# ar_AE ISO-8859-6
+# ar_AE.UTF-8 UTF-8
+# ar_BH ISO-8859-6
+# ar_BH.UTF-8 UTF-8
+# ar_DZ ISO-8859-6
+# ar_DZ.UTF-8 UTF-8
+# ar_EG ISO-8859-6
+# ar_EG.UTF-8 UTF-8
+# ar_IN UTF-8
+# ar_IQ ISO-8859-6
+# ar_IQ.UTF-8 UTF-8
+# ar_JO ISO-8859-6
+# ar_JO.UTF-8 UTF-8
+# ar_KW ISO-8859-6
+# ar_KW.UTF-8 UTF-8
+# ar_LB ISO-8859-6
+# ar_LB.UTF-8 UTF-8
+# ar_LY ISO-8859-6
+# ar_LY.UTF-8 UTF-8
+# ar_MA ISO-8859-6
+# ar_MA.UTF-8 UTF-8
+# ar_OM ISO-8859-6
+# ar_OM.UTF-8 UTF-8
+# ar_QA ISO-8859-6
+# ar_QA.UTF-8 UTF-8
+# ar_SA ISO-8859-6
+# ar_SA.UTF-8 UTF-8
+# ar_SD ISO-8859-6
+# ar_SD.UTF-8 UTF-8
+# ar_SS UTF-8
+# ar_SY ISO-8859-6
+# ar_SY.UTF-8 UTF-8
+# ar_TN ISO-8859-6
+# ar_TN.UTF-8 UTF-8
+# ar_YE ISO-8859-6
+# ar_YE.UTF-8 UTF-8
+# as_IN UTF-8
+# ast_ES ISO-8859-15
+# ast_ES.UTF-8 UTF-8
+# ayc_PE UTF-8
+# az_AZ UTF-8
+# be_BY CP1251
+# be_BY.UTF-8 UTF-8
+# be_BY@latin UTF-8
+# bem_ZM UTF-8
+# ber_DZ UTF-8
+# ber_MA UTF-8
+# bg_BG CP1251
+# bg_BG.UTF-8 UTF-8
+# bhb_IN.UTF-8 UTF-8
+# bho_IN UTF-8
+# bn_BD UTF-8
+# bn_IN UTF-8
+# bo_CN UTF-8
+# bo_IN UTF-8
+# br_FR ISO-8859-1
+# br_FR.UTF-8 UTF-8
+# br_FR@euro ISO-8859-15
+# brx_IN UTF-8
+# bs_BA ISO-8859-2
+# bs_BA.UTF-8 UTF-8
+# byn_ER UTF-8
+# ca_AD ISO-8859-15
+# ca_AD.UTF-8 UTF-8
+# ca_ES ISO-8859-1
+# ca_ES.UTF-8 UTF-8
+# ca_ES.UTF-8@valencia UTF-8
+# ca_ES@euro ISO-8859-15
+# ca_ES@valencia ISO-8859-15
+# ca_FR ISO-8859-15
+# ca_FR.UTF-8 UTF-8
+# ca_IT ISO-8859-15
+# ca_IT.UTF-8 UTF-8
+# ce_RU UTF-8
+# chr_US UTF-8
+# cmn_TW UTF-8
+# crh_UA UTF-8
+# cs_CZ ISO-8859-2
+# cs_CZ.UTF-8 UTF-8
+# csb_PL UTF-8
+# cv_RU UTF-8
+# cy_GB ISO-8859-14
+# cy_GB.UTF-8 UTF-8
+# da_DK ISO-8859-1
+# da_DK.UTF-8 UTF-8
+# de_AT ISO-8859-1
+# de_AT.UTF-8 UTF-8
+# de_AT@euro ISO-8859-15
+# de_BE ISO-8859-1
+# de_BE.UTF-8 UTF-8
+# de_BE@euro ISO-8859-15
+# de_CH ISO-8859-1
+# de_CH.UTF-8 UTF-8
+# de_DE ISO-8859-1
+# de_DE.UTF-8 UTF-8
+# de_DE@euro ISO-8859-15
+# de_IT ISO-8859-1
+# de_IT.UTF-8 UTF-8
+# de_LI.UTF-8 UTF-8
+# de_LU ISO-8859-1
+# de_LU.UTF-8 UTF-8
+# de_LU@euro ISO-8859-15
+# doi_IN UTF-8
+# dv_MV UTF-8
+# dz_BT UTF-8
+# el_CY ISO-8859-7
+# el_CY.UTF-8 UTF-8
+# el_GR ISO-8859-7
+# el_GR.UTF-8 UTF-8
+# en_AG UTF-8
+# en_AU ISO-8859-1
+# en_AU.UTF-8 UTF-8
+# en_BW ISO-8859-1
+# en_BW.UTF-8 UTF-8
+# en_CA ISO-8859-1
+# en_CA.UTF-8 UTF-8
+# en_DK ISO-8859-1
+# en_DK.ISO-8859-15 ISO-8859-15
+# en_DK.UTF-8 UTF-8
+# en_GB ISO-8859-1
+# en_GB.ISO-8859-15 ISO-8859-15
+# en_GB.UTF-8 UTF-8
+# en_HK ISO-8859-1
+# en_HK.UTF-8 UTF-8
+# en_IE ISO-8859-1
+# en_IE.UTF-8 UTF-8
+# en_IE@euro ISO-8859-15
+# en_IL UTF-8
+# en_IN UTF-8
+# en_NG UTF-8
+# en_NZ ISO-8859-1
+# en_NZ.UTF-8 UTF-8
+# en_PH ISO-8859-1
+# en_PH.UTF-8 UTF-8
+# en_SG ISO-8859-1
+# en_SG.UTF-8 UTF-8
+# en_US ISO-8859-1
+# en_US.ISO-8859-15 ISO-8859-15
+en_US.UTF-8 UTF-8
+# en_ZA ISO-8859-1
+# en_ZA.UTF-8 UTF-8
+# en_ZM UTF-8
+# en_ZW ISO-8859-1
+# en_ZW.UTF-8 UTF-8
+# eo UTF-8
+# es_AR ISO-8859-1
+# es_AR.UTF-8 UTF-8
+# es_BO ISO-8859-1
+# es_BO.UTF-8 UTF-8
+# es_CL ISO-8859-1
+# es_CL.UTF-8 UTF-8
+# es_CO ISO-8859-1
+# es_CO.UTF-8 UTF-8
+# es_CR ISO-8859-1
+# es_CR.UTF-8 UTF-8
+# es_CU UTF-8
+# es_DO ISO-8859-1
+# es_DO.UTF-8 UTF-8
+# es_EC ISO-8859-1
+# es_EC.UTF-8 UTF-8
+# es_ES ISO-8859-1
+# es_ES.UTF-8 UTF-8
+# es_ES@euro ISO-8859-15
+# es_GT ISO-8859-1
+# es_GT.UTF-8 UTF-8
+# es_HN ISO-8859-1
+# es_HN.UTF-8 UTF-8
+# es_MX ISO-8859-1
+# es_MX.UTF-8 UTF-8
+# es_NI ISO-8859-1
+# es_NI.UTF-8 UTF-8
+# es_PA ISO-8859-1
+# es_PA.UTF-8 UTF-8
+# es_PE ISO-8859-1
+# es_PE.UTF-8 UTF-8
+# es_PR ISO-8859-1
+# es_PR.UTF-8 UTF-8
+# es_PY ISO-8859-1
+# es_PY.UTF-8 UTF-8
+# es_SV ISO-8859-1
+# es_SV.UTF-8 UTF-8
+# es_US ISO-8859-1
+# es_US.UTF-8 UTF-8
+# es_UY ISO-8859-1
+# es_UY.UTF-8 UTF-8
+# es_VE ISO-8859-1
+# es_VE.UTF-8 UTF-8
+# et_EE ISO-8859-1
+# et_EE.ISO-8859-15 ISO-8859-15
+# et_EE.UTF-8 UTF-8
+# eu_ES ISO-8859-1
+# eu_ES.UTF-8 UTF-8
+# eu_ES@euro ISO-8859-15
+# eu_FR ISO-8859-1
+# eu_FR.UTF-8 UTF-8
+# eu_FR@euro ISO-8859-15
+# fa_IR UTF-8
+# ff_SN UTF-8
+# fi_FI ISO-8859-1
+# fi_FI.UTF-8 UTF-8
+# fi_FI@euro ISO-8859-15
+# fil_PH UTF-8
+# fo_FO ISO-8859-1
+# fo_FO.UTF-8 UTF-8
+# fr_BE ISO-8859-1
+# fr_BE.UTF-8 UTF-8
+# fr_BE@euro ISO-8859-15
+# fr_CA ISO-8859-1
+# fr_CA.UTF-8 UTF-8
+# fr_CH ISO-8859-1
+# fr_CH.UTF-8 UTF-8
+# fr_FR ISO-8859-1
+# fr_FR.UTF-8 UTF-8
+# fr_FR@euro ISO-8859-15
+# fr_LU ISO-8859-1
+# fr_LU.UTF-8 UTF-8
+# fr_LU@euro ISO-8859-15
+# fur_IT UTF-8
+# fy_DE UTF-8
+# fy_NL UTF-8
+# ga_IE ISO-8859-1
+# ga_IE.UTF-8 UTF-8
+# ga_IE@euro ISO-8859-15
+# gd_GB ISO-8859-15
+# gd_GB.UTF-8 UTF-8
+# gez_ER UTF-8
+# gez_ER@abegede UTF-8
+# gez_ET UTF-8
+# gez_ET@abegede UTF-8
+# gl_ES ISO-8859-1
+# gl_ES.UTF-8 UTF-8
+# gl_ES@euro ISO-8859-15
+# gu_IN UTF-8
+# gv_GB ISO-8859-1
+# gv_GB.UTF-8 UTF-8
+# ha_NG UTF-8
+# hak_TW UTF-8
+# he_IL ISO-8859-8
+# he_IL.UTF-8 UTF-8
+# hi_IN UTF-8
+# hne_IN UTF-8
+# hr_HR ISO-8859-2
+# hr_HR.UTF-8 UTF-8
+# hsb_DE ISO-8859-2
+# hsb_DE.UTF-8 UTF-8
+# ht_HT UTF-8
+# hu_HU ISO-8859-2
+# hu_HU.UTF-8 UTF-8
+# hy_AM UTF-8
+# hy_AM.ARMSCII-8 ARMSCII-8
+# ia_FR UTF-8
+# id_ID ISO-8859-1
+# id_ID.UTF-8 UTF-8
+# ig_NG UTF-8
+# ik_CA UTF-8
+# is_IS ISO-8859-1
+# is_IS.UTF-8 UTF-8
+# it_CH ISO-8859-1
+# it_CH.UTF-8 UTF-8
+# it_IT ISO-8859-1
+# it_IT.UTF-8 UTF-8
+# it_IT@euro ISO-8859-15
+# iu_CA UTF-8
+# ja_JP.EUC-JP EUC-JP
+# ja_JP.UTF-8 UTF-8
+# ka_GE GEORGIAN-PS
+# ka_GE.UTF-8 UTF-8
+# kk_KZ PT154
+# kk_KZ.RK1048 RK1048
+# kk_KZ.UTF-8 UTF-8
+# kl_GL ISO-8859-1
+# kl_GL.UTF-8 UTF-8
+# km_KH UTF-8
+# kn_IN UTF-8
+# ko_KR.EUC-KR EUC-KR
+# ko_KR.UTF-8 UTF-8
+# kok_IN UTF-8
+# ks_IN UTF-8
+# ks_IN@devanagari UTF-8
+# ku_TR ISO-8859-9
+# ku_TR.UTF-8 UTF-8
+# kw_GB ISO-8859-1
+# kw_GB.UTF-8 UTF-8
+# ky_KG UTF-8
+# lb_LU UTF-8
+# lg_UG ISO-8859-10
+# lg_UG.UTF-8 UTF-8
+# li_BE UTF-8
+# li_NL UTF-8
+# lij_IT UTF-8
+# ln_CD UTF-8
+# lo_LA UTF-8
+# lt_LT ISO-8859-13
+# lt_LT.UTF-8 UTF-8
+# lv_LV ISO-8859-13
+# lv_LV.UTF-8 UTF-8
+# lzh_TW UTF-8
+# mag_IN UTF-8
+# mai_IN UTF-8
+# mg_MG ISO-8859-15
+# mg_MG.UTF-8 UTF-8
+# mhr_RU UTF-8
+# mi_NZ ISO-8859-13
+# mi_NZ.UTF-8 UTF-8
+# mk_MK ISO-8859-5
+# mk_MK.UTF-8 UTF-8
+# ml_IN UTF-8
+# mn_MN UTF-8
+# mni_IN UTF-8
+# mr_IN UTF-8
+# ms_MY ISO-8859-1
+# ms_MY.UTF-8 UTF-8
+# mt_MT ISO-8859-3
+# mt_MT.UTF-8 UTF-8
+# my_MM UTF-8
+# nan_TW UTF-8
+# nan_TW@latin UTF-8
+# nb_NO ISO-8859-1
+# nb_NO.UTF-8 UTF-8
+# nds_DE UTF-8
+# nds_NL UTF-8
+# ne_NP UTF-8
+# nhn_MX UTF-8
+# niu_NU UTF-8
+# niu_NZ UTF-8
+# nl_AW UTF-8
+# nl_BE ISO-8859-1
+# nl_BE.UTF-8 UTF-8
+# nl_BE@euro ISO-8859-15
+# nl_NL ISO-8859-1
+# nl_NL.UTF-8 UTF-8
+# nl_NL@euro ISO-8859-15
+# nn_NO ISO-8859-1
+# nn_NO.UTF-8 UTF-8
+# nr_ZA UTF-8
+# nso_ZA UTF-8
+# oc_FR ISO-8859-1
+# oc_FR.UTF-8 UTF-8
+# om_ET UTF-8
+# om_KE ISO-8859-1
+# om_KE.UTF-8 UTF-8
+# or_IN UTF-8
+# os_RU UTF-8
+# pa_IN UTF-8
+# pa_PK UTF-8
+# pap_AW UTF-8
+# pap_CW UTF-8
+# pl_PL ISO-8859-2
+# pl_PL.UTF-8 UTF-8
+# ps_AF UTF-8
+# pt_BR ISO-8859-1
+# pt_BR.UTF-8 UTF-8
+# pt_PT ISO-8859-1
+# pt_PT.UTF-8 UTF-8
+# pt_PT@euro ISO-8859-15
+# quz_PE UTF-8
+# raj_IN UTF-8
+# ro_RO ISO-8859-2
+# ro_RO.UTF-8 UTF-8
+# ru_RU ISO-8859-5
+# ru_RU.CP1251 CP1251
+# ru_RU.KOI8-R KOI8-R
+# ru_RU.UTF-8 UTF-8
+# ru_UA KOI8-U
+# ru_UA.UTF-8 UTF-8
+# rw_RW UTF-8
+# sa_IN UTF-8
+# sat_IN UTF-8
+# sc_IT UTF-8
+# sd_IN UTF-8
+# sd_IN@devanagari UTF-8
+# se_NO UTF-8
+# sgs_LT UTF-8
+# shs_CA UTF-8
+# si_LK UTF-8
+# sid_ET UTF-8
+# sk_SK ISO-8859-2
+# sk_SK.UTF-8 UTF-8
+# sl_SI ISO-8859-2
+# sl_SI.UTF-8 UTF-8
+# so_DJ ISO-8859-1
+# so_DJ.UTF-8 UTF-8
+# so_ET UTF-8
+# so_KE ISO-8859-1
+# so_KE.UTF-8 UTF-8
+# so_SO ISO-8859-1
+# so_SO.UTF-8 UTF-8
+# sq_AL ISO-8859-1
+# sq_AL.UTF-8 UTF-8
+# sq_MK UTF-8
+# sr_ME UTF-8
+# sr_RS UTF-8
+# sr_RS@latin UTF-8
+# ss_ZA UTF-8
+# st_ZA ISO-8859-1
+# st_ZA.UTF-8 UTF-8
+# sv_FI ISO-8859-1
+# sv_FI.UTF-8 UTF-8
+# sv_FI@euro ISO-8859-15
+# sv_SE ISO-8859-1
+# sv_SE.ISO-8859-15 ISO-8859-15
+# sv_SE.UTF-8 UTF-8
+# sw_KE UTF-8
+# sw_TZ UTF-8
+# szl_PL UTF-8
+# ta_IN UTF-8
+# ta_LK UTF-8
+# tcy_IN.UTF-8 UTF-8
+# te_IN UTF-8
+# tg_TJ KOI8-T
+# tg_TJ.UTF-8 UTF-8
+# th_TH TIS-620
+# th_TH.UTF-8 UTF-8
+# the_NP UTF-8
+# ti_ER UTF-8
+# ti_ET UTF-8
+# tig_ER UTF-8
+# tk_TM UTF-8
+# tl_PH ISO-8859-1
+# tl_PH.UTF-8 UTF-8
+# tn_ZA UTF-8
+# tr_CY ISO-8859-9
+# tr_CY.UTF-8 UTF-8
+# tr_TR ISO-8859-9
+# tr_TR.UTF-8 UTF-8
+# ts_ZA UTF-8
+# tt_RU UTF-8
+# tt_RU@iqtelif UTF-8
+# ug_CN UTF-8
+# uk_UA KOI8-U
+# uk_UA.UTF-8 UTF-8
+# unm_US UTF-8
+# ur_IN UTF-8
+# ur_PK UTF-8
+# uz_UZ ISO-8859-1
+# uz_UZ.UTF-8 UTF-8
+# uz_UZ@cyrillic UTF-8
+# ve_ZA UTF-8
+# vi_VN UTF-8
+# wa_BE ISO-8859-1
+# wa_BE.UTF-8 UTF-8
+# wa_BE@euro ISO-8859-15
+# wae_CH UTF-8
+# wal_ET UTF-8
+# wo_SN UTF-8
+# xh_ZA ISO-8859-1
+# xh_ZA.UTF-8 UTF-8
+# yi_US CP1255
+# yi_US.UTF-8 UTF-8
+# yo_NG UTF-8
+# yue_HK UTF-8
+# zh_CN GB2312
+# zh_CN.GB18030 GB18030
+# zh_CN.GBK GBK
+# zh_CN.UTF-8 UTF-8
+# zh_HK BIG5-HKSCS
+# zh_HK.UTF-8 UTF-8
+# zh_SG GB2312
+# zh_SG.GBK GBK
+# zh_SG.UTF-8 UTF-8
+# zh_TW BIG5
+# zh_TW.EUC-TW EUC-TW
+# zh_TW.UTF-8 UTF-8
+# zu_ZA ISO-8859-1
+# zu_ZA.UTF-8 UTF-8
diff --git a/archived/bullseye/etc_files/all/etc/timezone b/archived/bullseye/etc_files/all/etc/timezone
new file mode 100644 (file)
index 0000000..94d5acc
--- /dev/null
@@ -0,0 +1 @@
+Europe/Berlin
diff --git a/archived/bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.service b/archived/bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.service
new file mode 100644 (file)
index 0000000..6566a1a
--- /dev/null
@@ -0,0 +1,6 @@
+[Unit]
+Description=Scheduled Reboot
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/systemctl --force reboot
diff --git a/archived/bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.timer b/archived/bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.timer
new file mode 100644 (file)
index 0000000..741ff05
--- /dev/null
@@ -0,0 +1,9 @@
+[Unit]
+Description=schedule reboot
+
+[Timer]
+Unit=reboot.service
+OnCalendar=*-*-* 7:00:00
+
+[Install]
+WantedBy=timers.target
diff --git a/archived/bullseye/etc_files/dumpsite/etc/nginx/sites-available/dumpsite.nginx b/archived/bullseye/etc_files/dumpsite/etc/nginx/sites-available/dumpsite.nginx
new file mode 100644 (file)
index 0000000..9b57587
--- /dev/null
@@ -0,0 +1,29 @@
+server {
+    listen 443 ssl;
+    server_name REPLACE_fqdn_ECALPER;
+    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
+    root /var/www-dump/;
+
+    location /dump/ {
+        autoindex on;
+       # add_header "Access-Control-Allow-Origin" *;
+    }
+
+    location /geheim/ {
+        auth_basic "geheim geheim";
+        auth_basic_user_file /var/www-dump/password_geheim;
+        autoindex on;
+    }
+
+    location /zettel/ {
+        # rewrite non-suffixed filenames to .html ones
+        rewrite ^(/zettel/(.*/)*[^./]+)$ $1.html;
+        autoindex on;
+    }
+
+    location /uwsgi/ {
+        include uwsgi_params;
+        uwsgi_pass 127.0.0.1:3031;
+    }
+}
diff --git a/archived/bullseye/etc_files/dumpsite/etc/systemd/system/url_catcher.service b/archived/bullseye/etc_files/dumpsite/etc/systemd/system/url_catcher.service
new file mode 100644 (file)
index 0000000..45d079c
--- /dev/null
@@ -0,0 +1,12 @@
+[Unit]
+Description=url_catcher screen
+
+[Service]
+Type=forking
+User=plom
+# The LC_ALL fixes submission failing on some articles.
+ExecStart=/bin/sh -c 'LC_ALL=en_US.UTF8 cd ~/url-catcher && screen -d -m ./run.sh'
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/archived/bullseye/etc_files/microblogpub/etc/apt/sources.list b/archived/bullseye/etc_files/microblogpub/etc/apt/sources.list
new file mode 100644 (file)
index 0000000..1e7fd2e
--- /dev/null
@@ -0,0 +1,5 @@
+deb http://deb.debian.org/debian bullseye main contrib non-free
+deb-src http://deb.debian.org/debian bullseye main contrib non-free
+deb http://security.debian.org/debian-security bullseye-security main contrib non-free
+deb http://deb.debian.org/debian bullseye-updates main contrib non-free
+deb http://ftp.debian.org/debian bullseye-backports main contrib non-free
diff --git a/archived/bullseye/etc_files/microblogpub/etc/nginx/sites-available/microblogpub.nginx b/archived/bullseye/etc_files/microblogpub/etc/nginx/sites-available/microblogpub.nginx
new file mode 100644 (file)
index 0000000..6dfe4f1
--- /dev/null
@@ -0,0 +1,60 @@
+server {
+    listen 443 ssl;
+    client_max_body_size 4G;
+    server_name REPLACE_fqdn_ECALPER;
+    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
+
+    # via <https://www.digitalocean.com/community/tutorials/how-to-improve-website-performance-using-gzip-and-nginx-on-ubuntu-20-04>
+    # and https://docs.microblog.pub/installing.html#nginx-config-tips
+    gzip on;
+    gzip_disable "msie6";
+    gzip_vary on;
+    gzip_proxied any;
+    gzip_comp_level 6;
+    gzip_buffers 16 8k;
+    gzip_http_version 1.1;
+    gzip_min_length 256;
+    gzip_types
+      application/atom+xml
+      application/geo+json
+      application/javascript
+      application/x-javascript
+      application/json
+      application/ld+json
+      application/manifest+json
+      application/rdf+xml
+      application/rss+xml
+      application/xhtml+xml
+      application/xml
+      font/eot
+      font/otf
+      font/ttf
+      image/svg+xml
+      text/css
+      text/javascript
+      text/plain
+      text/xml
+
+      text/html
+
+      application/javascript
+      application/activity+json
+      application/octet-stream;
+
+    location / {
+      proxy_set_header Host $http_host;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_set_header Upgrade $http_upgrade;
+      proxy_set_header Connection $connection_upgrade;
+      proxy_redirect off;
+      proxy_buffering off;
+      proxy_pass http://localhost:8000;
+    }
+}
+
+map $http_upgrade $connection_upgrade {
+  default upgrade;
+  '' close;
+}
diff --git a/archived/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub.service b/archived/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub.service
new file mode 100644 (file)
index 0000000..966e58c
--- /dev/null
@@ -0,0 +1,13 @@
+[Unit]
+Description=microblog.pub
+
+[Service]
+Type=simple
+User=plom
+WorkingDirectory=/home/plom/testing.microblog.pub/
+ExecStart=/bin/sh -c '/home/plom/.local/bin/poetry run supervisord -c misc/supervisord.conf -n'
+Environment=VENV_DIR=/home/plom/.cache/pypoetry/virtualenvs/REPLACE_venv_dir_ECALPER
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/archived/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.service b/archived/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.service
new file mode 100644 (file)
index 0000000..9004cc5
--- /dev/null
@@ -0,0 +1,9 @@
+[Unit]
+Description=microblog.pub pruning
+
+[Service]
+Type=simple
+ExecStart=/bin/sh -c '.prune.sh'
+
+[Install]
+WantedBy=multi-user.target
diff --git a/archived/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.timer b/archived/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.timer
new file mode 100644 (file)
index 0000000..918a0c1
--- /dev/null
@@ -0,0 +1,9 @@
+[Unit]
+Description=schedule microblog.pub pruning 
+
+[Timer]
+Unit=microblogpub_prune.service
+OnCalendar=*-*-* 7:00:00
+
+[Install]
+WantedBy=timers.target
diff --git a/archived/bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.service b/archived/bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.service
new file mode 100644 (file)
index 0000000..bc81613
--- /dev/null
@@ -0,0 +1,6 @@
+[Unit]
+Description=Attempt encryption of old chat logs
+[Service]
+Type=oneshot
+User=plom
+ExecStart=/bin/sh -c '~/weechatlogs_encrypter.sh'
diff --git a/archived/bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer b/archived/bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer
new file mode 100644 (file)
index 0000000..79a6e1e
--- /dev/null
@@ -0,0 +1,8 @@
+[Unit]
+Description=Attempt encryption of old chatlogs once every minute.
+
+[Timer]
+OnCalendar=*-*-* *:*:00
+
+[Install]
+WantedBy=timers.target
\ No newline at end of file
diff --git a/archived/bullseye/etc_files/server/etc/ssh/sshd_config b/archived/bullseye/etc_files/server/etc/ssh/sshd_config
new file mode 100644 (file)
index 0000000..811e93a
--- /dev/null
@@ -0,0 +1,124 @@
+#      $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented.  Uncommented options override the
+# default value.
+
+Include /etc/ssh/sshd_config.d/*.conf
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
+
+# Ciphers and keying
+#RekeyLimit default none
+
+# Logging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+PermitRootLogin no  # plomlompom's security rule 
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+#PubkeyAuthentication yes
+
+# Expect .ssh/authorized_keys2 to be disregarded by default in future.
+#AuthorizedKeysFile    .ssh/authorized_keys .ssh/authorized_keys2
+
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+PasswordAuthentication no
+#PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+ChallengeResponseAuthentication no
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
+#GSSAPIKeyExchange no
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+UsePAM yes
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+X11Forwarding yes
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PermitTTY yes
+PrintMotd no
+#PrintLastLog yes
+#TCPKeepAlive yes
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+#UseDNS no
+#PidFile /var/run/sshd.pid
+#MaxStartups 10:30:100
+#PermitTunnel no
+#ChrootDirectory none
+#VersionAddendum none
+
+# no default banner path
+#Banner none
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+# override default of no subsystems
+Subsystem      sftp    /usr/lib/openssh/sftp-server
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+#      X11Forwarding no
+#      AllowTcpForwarding no
+#      PermitTTY no
+#      ForceCommand cvs server
+ClientAliveInterval 15
diff --git a/archived/bullseye/etc_files/thinkpad/etc/default/tlp b/archived/bullseye/etc_files/thinkpad/etc/default/tlp
new file mode 100644 (file)
index 0000000..b73846b
--- /dev/null
@@ -0,0 +1,306 @@
+# ------------------------------------------------------------------------------
+# tlp - Parameters for power saving
+# See full explanation: http://linrunner.de/en/tlp/docs/tlp-configuration.html
+
+# Hint: some features are disabled by default, remove the leading # to enable
+# them.
+
+# Set to 0 to disable, 1 to enable TLP.
+TLP_ENABLE=1
+
+# Operation mode when no power supply can be detected: AC, BAT.
+# Concerns some desktop and embedded hardware only.
+TLP_DEFAULT_MODE=AC
+
+# Operation mode select: 0=depend on power source, 1=always use TLP_DEFAULT_MODE
+# Hint: use in conjunction with TLP_DEFAULT_MODE=BAT for BAT settings on AC.
+TLP_PERSISTENT_DEFAULT=0
+
+# Seconds laptop mode has to wait after the disk goes idle before doing a sync.
+# Non-zero value enables, zero disables laptop mode.
+DISK_IDLE_SECS_ON_AC=0
+DISK_IDLE_SECS_ON_BAT=2
+
+# Dirty page values (timeouts in secs).
+MAX_LOST_WORK_SECS_ON_AC=15
+MAX_LOST_WORK_SECS_ON_BAT=60
+
+# Hint: CPU parameters below are disabled by default, remove the leading #
+# to enable them, otherwise kernel default values are used.
+
+# Select a CPU frequency scaling governor.
+# Intel Core i processor with intel_pstate driver:
+#   powersave(*), performance.
+# Older hardware with acpi-cpufreq driver:
+#   ondemand(*), powersave, performance, conservative, schedutil.
+# (*) is recommended.
+# Hint: use tlp-stat -p to show the active driver and available governors.
+# Important:
+#   powersave for intel_pstate and ondemand for acpi-cpufreq are power
+#   efficient for *almost all* workloads and therefore kernel and most
+#   distributions have chosen them as defaults. If you still want to change,
+#   you should know what you're doing! You *must* disable your distribution's
+#   governor settings or conflicts will occur.
+#CPU_SCALING_GOVERNOR_ON_AC=powersave
+#CPU_SCALING_GOVERNOR_ON_BAT=powersave
+
+# Set the min/max frequency available for the scaling governor.
+# Possible values strongly depend on your CPU. For available frequencies see
+# the output of tlp-stat -p.
+#CPU_SCALING_MIN_FREQ_ON_AC=0
+#CPU_SCALING_MAX_FREQ_ON_AC=0
+#CPU_SCALING_MIN_FREQ_ON_BAT=0
+#CPU_SCALING_MAX_FREQ_ON_BAT=0
+
+# Set energy performance hints (HWP) for Intel P-state governor:
+#   performance, balance_performance, default, balance_power, power
+# Values are given in order of increasing power saving.
+# Note: Intel Skylake or newer CPU and Kernel >= 4.10 required.
+CPU_HWP_ON_AC=balance_performance
+CPU_HWP_ON_BAT=balance_power
+
+# Set Intel P-state performance: 0..100 (%).
+# Limit the max/min P-state to control the power dissipation of the CPU.
+# Values are stated as a percentage of the available performance.
+# Requires an Intel Core i processor with intel_pstate driver.
+#CPU_MIN_PERF_ON_AC=0
+#CPU_MAX_PERF_ON_AC=100
+#CPU_MIN_PERF_ON_BAT=0
+#CPU_MAX_PERF_ON_BAT=30
+
+# Set the CPU "turbo boost" feature: 0=disable, 1=allow
+# Requires an Intel Core i processor.
+# Important:
+# - This may conflict with your distribution's governor settings
+# - A value of 1 does *not* activate boosting, it just allows it
+#CPU_BOOST_ON_AC=1
+#CPU_BOOST_ON_BAT=0
+
+# Minimize number of used CPU cores/hyper-threads under light load conditions:
+#   0=disable, 1=enable.
+SCHED_POWERSAVE_ON_AC=0
+SCHED_POWERSAVE_ON_BAT=1
+
+# Kernel NMI Watchdog:
+#   0=disable (default, saves power), 1=enable (for kernel debugging only).
+NMI_WATCHDOG=0
+
+# Change CPU voltages aka "undervolting" - Kernel with PHC patch required.
+# Frequency voltage pairs are written to:
+#   /sys/devices/system/cpu/cpu0/cpufreq/phc_controls
+# CAUTION: only use this, if you thoroughly understand what you are doing!
+#PHC_CONTROLS="F:V F:V F:V F:V"
+
+# Set CPU performance versus energy savings policy:
+#   performance, balance-performance, default, balance-power, power.
+# Values are given in order of increasing power saving.
+# Requires kernel module msr and x86_energy_perf_policy from linux-tools.
+ENERGY_PERF_POLICY_ON_AC=performance
+ENERGY_PERF_POLICY_ON_BAT=power
+
+# Disk devices; separate multiple devices with spaces (default: sda).
+# Devices can be specified by disk ID also (lookup with: tlp diskid).
+DISK_DEVICES="sda sdb"
+
+# Disk advanced power management level: 1..254, 255 (max saving, min, off).
+# Levels 1..127 may spin down the disk; 255 allowable on most drives.
+# Separate values for multiple disks with spaces. Use the special value 'keep'
+# to keep the hardware default for the particular disk.
+DISK_APM_LEVEL_ON_AC="254 254"
+DISK_APM_LEVEL_ON_BAT="128 128"
+
+# Hard disk spin down timeout:
+#   0:        spin down disabled
+#   1..240:   timeouts from 5s to 20min (in units of 5s)
+#   241..251: timeouts from 30min to 5.5 hours (in units of 30min)
+# See 'man hdparm' for details.
+# Separate values for multiple disks with spaces. Use the special value 'keep'
+# to keep the hardware default for the particular disk.
+#DISK_SPINDOWN_TIMEOUT_ON_AC="0 0"
+#DISK_SPINDOWN_TIMEOUT_ON_BAT="0 0"
+
+# Select IO scheduler for the disk devices: cfq, deadline, noop (Default: cfq).
+# Separate values for multiple disks with spaces. Use the special value 'keep'
+# to keep the kernel default scheduler for the particular disk.
+#DISK_IOSCHED="cfq cfq"
+
+# AHCI link power management (ALPM) for disk devices:
+#   min_power, med_power_with_dipm(*), medium_power, max_performance.
+# (*) Kernel >= 4.15 required, then recommended.
+# Multiple values separated with spaces are tried sequentially until success.
+SATA_LINKPWR_ON_AC="med_power_with_dipm max_performance"
+SATA_LINKPWR_ON_BAT="med_power_with_dipm min_power"
+
+# Exclude host devices from AHCI link power management.
+# Separate multiple hosts with spaces.
+#SATA_LINKPWR_BLACKLIST="host1"
+
+# Runtime Power Management for AHCI host and disks devices:
+#   on=disable, auto=enable.
+# EXPERIMENTAL ** WARNING: auto will most likely cause system lockups/data loss.
+#AHCI_RUNTIME_PM_ON_AC=on
+#AHCI_RUNTIME_PM_ON_BAT=on
+
+# Seconds of inactivity before disk is suspended.
+AHCI_RUNTIME_PM_TIMEOUT=15
+
+# PCI Express Active State Power Management (PCIe ASPM):
+#   default, performance, powersave.
+PCIE_ASPM_ON_AC=performance
+PCIE_ASPM_ON_BAT=powersave
+
+# Radeon graphics clock speed (profile method): low, mid, high, auto, default;
+# auto = mid on BAT, high on AC; default = use hardware defaults.
+RADEON_POWER_PROFILE_ON_AC=high
+RADEON_POWER_PROFILE_ON_BAT=low
+
+# Radeon dynamic power management method (DPM): battery, performance.
+RADEON_DPM_STATE_ON_AC=performance
+RADEON_DPM_STATE_ON_BAT=battery
+
+# Radeon DPM performance level: auto, low, high; auto is recommended.
+RADEON_DPM_PERF_LEVEL_ON_AC=auto
+RADEON_DPM_PERF_LEVEL_ON_BAT=auto
+
+# WiFi power saving mode: on=enable, off=disable; not supported by all adapters.
+WIFI_PWR_ON_AC=off
+WIFI_PWR_ON_BAT=on
+
+# Disable wake on LAN: Y/N.
+WOL_DISABLE=Y
+
+# Enable audio power saving for Intel HDA, AC97 devices (timeout in secs).
+# A value of 0 disables, >=1 enables power saving (recommended: 1).
+SOUND_POWER_SAVE_ON_AC=0
+SOUND_POWER_SAVE_ON_BAT=1
+
+# Disable controller too (HDA only): Y/N.
+SOUND_POWER_SAVE_CONTROLLER=Y
+
+# Power off optical drive in UltraBay/MediaBay: 0=disable, 1=enable.
+# Drive can be powered on again by releasing (and reinserting) the eject lever
+# or by pressing the disc eject button on newer models.
+# Note: an UltraBay/MediaBay hard disk is never powered off.
+BAY_POWEROFF_ON_AC=0
+BAY_POWEROFF_ON_BAT=0
+# Optical drive device to power off (default sr0).
+BAY_DEVICE="sr0"
+
+# Runtime Power Management for PCI(e) bus devices: on=disable, auto=enable.
+RUNTIME_PM_ON_AC=on
+RUNTIME_PM_ON_BAT=auto
+
+# Exclude PCI(e) device adresses the following list from Runtime PM
+# (separate with spaces). Use lspci to get the adresses (1st column).
+#RUNTIME_PM_BLACKLIST="bb:dd.f 11:22.3 44:55.6"
+
+# Exclude PCI(e) devices assigned to the listed drivers from Runtime PM.
+# Default when unconfigured is "amdgpu nouveau nvidia radeon" which
+# prevents accidential power-on of dGPU in hybrid graphics setups.
+# Use "" to disable the feature completely.
+# Separate multiple drivers with spaces.
+#RUNTIME_PM_DRIVER_BLACKLIST="amdgpu nouveau nvidia radeon"
+
+# Set to 0 to disable, 1 to enable USB autosuspend feature.
+USB_AUTOSUSPEND=1
+
+# Exclude listed devices from USB autosuspend (separate with spaces).
+# Use lsusb to get the ids.
+# Note: input devices (usbhid) are excluded automatically
+#USB_BLACKLIST="1111:2222 3333:4444"
+
+# Bluetooth devices are excluded from USB autosuspend:
+#   0=do not exclude, 1=exclude.
+USB_BLACKLIST_BTUSB=0
+
+# Phone devices are excluded from USB autosuspend:
+#   0=do not exclude, 1=exclude (enable charging).
+USB_BLACKLIST_PHONE=0
+
+# Printers are excluded from USB autosuspend:
+#   0=do not exclude, 1=exclude.
+USB_BLACKLIST_PRINTER=1
+
+# WWAN devices are excluded from USB autosuspend:
+#   0=do not exclude, 1=exclude.
+USB_BLACKLIST_WWAN=1
+
+# Include listed devices into USB autosuspend even if already excluded
+# by the blacklists above (separate with spaces).
+# Use lsusb to get the ids.
+#USB_WHITELIST="1111:2222 3333:4444"
+
+# Set to 1 to disable autosuspend before shutdown, 0 to do nothing
+# (workaround for USB devices that cause shutdown problems).
+#USB_AUTOSUSPEND_DISABLE_ON_SHUTDOWN=1
+
+# Restore radio device state (Bluetooth, WiFi, WWAN) from previous shutdown
+# on system startup: 0=disable, 1=enable.
+# Hint: the parameters DEVICES_TO_DISABLE/ENABLE_ON_STARTUP/SHUTDOWN below
+#   are ignored when this is enabled!
+RESTORE_DEVICE_STATE_ON_STARTUP=0
+
+# Radio devices to disable on startup: bluetooth, wifi, wwan.
+# Separate multiple devices with spaces.
+#DEVICES_TO_DISABLE_ON_STARTUP="bluetooth wifi wwan"
+
+# Radio devices to enable on startup: bluetooth, wifi, wwan.
+# Separate multiple devices with spaces.
+#DEVICES_TO_ENABLE_ON_STARTUP="wifi"
+
+# Radio devices to disable on shutdown: bluetooth, wifi, wwan.
+# (workaround for devices that are blocking shutdown).
+#DEVICES_TO_DISABLE_ON_SHUTDOWN="bluetooth wifi wwan"
+
+# Radio devices to enable on shutdown: bluetooth, wifi, wwan.
+# (to prevent other operating systems from missing radios).
+#DEVICES_TO_ENABLE_ON_SHUTDOWN="wwan"
+
+# Radio devices to enable on AC: bluetooth, wifi, wwan.
+#DEVICES_TO_ENABLE_ON_AC="bluetooth wifi wwan"
+
+# Radio devices to disable on battery: bluetooth, wifi, wwan.
+#DEVICES_TO_DISABLE_ON_BAT="bluetooth wifi wwan"
+
+# Radio devices to disable on battery when not in use (not connected):
+#   bluetooth, wifi, wwan.
+#DEVICES_TO_DISABLE_ON_BAT_NOT_IN_USE="bluetooth wifi wwan"
+
+# Battery charge thresholds (ThinkPad only, tp-smapi or acpi-call kernel module
+# required). Charging starts when the remaining capacity falls below the
+# START_CHARGE_THRESH value and stops when exceeding the STOP_CHARGE_THRESH value.
+# Main / Internal battery (values in %)
+START_CHARGE_THRESH_BAT0=75
+STOP_CHARGE_THRESH_BAT0=80
+# Ultrabay / Slice / Replaceable battery (values in %)
+#START_CHARGE_THRESH_BAT1=75
+#STOP_CHARGE_THRESH_BAT1=80
+
+# Restore charge thresholds when AC is unplugged: 0=disable, 1=enable.
+#RESTORE_THRESHOLDS_ON_BAT=1
+
+# ------------------------------------------------------------------------------
+# tlp-rdw - Parameters for the radio device wizard
+# Possible devices: bluetooth, wifi, wwan.
+
+# Hints:
+# - Parameters are disabled by default, remove the leading # to enable them
+# - Separate multiple radio devices with spaces
+
+# Radio devices to disable on connect.
+#DEVICES_TO_DISABLE_ON_LAN_CONNECT="wifi wwan"
+#DEVICES_TO_DISABLE_ON_WIFI_CONNECT="wwan"
+#DEVICES_TO_DISABLE_ON_WWAN_CONNECT="wifi"
+
+# Radio devices to enable on disconnect.
+#DEVICES_TO_ENABLE_ON_LAN_DISCONNECT="wifi wwan"
+#DEVICES_TO_ENABLE_ON_WIFI_DISCONNECT=""
+#DEVICES_TO_ENABLE_ON_WWAN_DISCONNECT=""
+
+# Radio devices to enable/disable when docked.
+#DEVICES_TO_ENABLE_ON_DOCK=""
+#DEVICES_TO_DISABLE_ON_DOCK=""
+
+# Radio devices to enable/disable when undocked.
+#DEVICES_TO_ENABLE_ON_UNDOCK="wifi"
+#DEVICES_TO_DISABLE_ON_UNDOCK=""
diff --git a/archived/bullseye/etc_files/thinkpad/etc/network/interfaces b/archived/bullseye/etc_files/thinkpad/etc/network/interfaces
new file mode 100644 (file)
index 0000000..9df66d5
--- /dev/null
@@ -0,0 +1,14 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# # The primary network interface – commented out so network-manager can handle this!
+# allow-hotplug enp0s25
+# iface enp0s25 inet dhcp
+# # This is an autoconfigured IPv6 interface
+# iface enp0s25 inet6 auto
diff --git a/archived/bullseye/etc_files/thinkpad/etc/systemd/logind.conf b/archived/bullseye/etc_files/thinkpad/etc/systemd/logind.conf
new file mode 100644 (file)
index 0000000..1098229
--- /dev/null
@@ -0,0 +1,6 @@
+#  This file is part of systemd.
+#
+# See logind.conf(5) for details.
+
+[Login]
+HandleLidSwitch=hibernate
diff --git a/archived/bullseye/etc_files/web/etc/nftables.conf b/archived/bullseye/etc_files/web/etc/nftables.conf
new file mode 100755 (executable)
index 0000000..ec6732a
--- /dev/null
@@ -0,0 +1,22 @@
+#!/usr/sbin/nft -f
+
+flush ruleset
+
+table inet filter {
+       chain input {
+               type filter hook input priority 0; policy drop;
+               iif lo accept comment "accept localhost traffic"
+               ct state invalid drop comment "drop invalid connections"
+               ct state established, related accept comment "accept traffic originated from us"
+               tcp dport 22 accept comment "accept SSH on default port"
+               tcp dport 80 accept comment "accept HTTP on default port"
+               tcp dport 443 accept comment "accept HTTPS on default port"
+               ip protocol icmp icmp type echo-request accept comment "accept ICMP for pinging"
+       }
+       chain forward {
+               type filter hook forward priority 0; policy drop;
+       }
+       chain output {
+               type filter hook output priority 0; policy accept;
+       }
+}
diff --git a/archived/bullseye/etc_files/web/etc/nginx/nginx.conf b/archived/bullseye/etc_files/web/etc/nginx/nginx.conf
new file mode 100644 (file)
index 0000000..8320425
--- /dev/null
@@ -0,0 +1,38 @@
+# system integration
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+# is expected even if empty
+events {
+}
+
+http {
+    # define content-type headers
+    include /etc/nginx/mime.types;
+    charset utf-8;
+
+    # Some standard optimizations, i.e. Debian default. Explained in
+    # <https://thoughts.t37.net/nginx-optimization-understanding-sendfile-tcp-nodelay-and-tcp-nopush-c55cdd276765>
+    # Not that I understand it all …
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+
+    # logging deactivated due to GDPR
+    #access_log /var/log/nginx/access.log;
+    #error_log /var/log/nginx/error.log;
+    access_log off;
+    error_log off;
+
+    # virtual hosts: sites-enabled is the Debian way, conf.d the NGINX default
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+
+    # Redirect all HTTP requests to HTTPS.
+    server {
+        listen 80;
+        return 301 https://$host$request_uri;
+    }
+}
diff --git a/archived/bullseye/etc_files/website/etc/gitweb.conf b/archived/bullseye/etc_files/website/etc/gitweb.conf
new file mode 100644 (file)
index 0000000..88dea47
--- /dev/null
@@ -0,0 +1,22 @@
+# path to git projects (<project>.git)
+$projectroot = "/var/repos";
+
+# don't show repos without git-daemon-export-ok file
+$export_ok = "git-daemon-export-ok";
+
+# directory to use for temp files
+# explicitely set by Debian so it's probably a good choice
+$git_temp = "/tmp";
+
+# git-diff-tree(1) options to use for generated patches
+# we don't want to to guess renames, so empty
+@diff_opts = ();
+
+# Base path for where to find the repos for cloning.
+@git_base_url_list = ('https://REPLACE_fqdn_ECALPER/repos/clone');
+
+# allow snapshots
+$feature{'snapshot'}{'default'} = ['zip', 'tgz'];
+
+# insert header for GDPR compliance
+$site_header = "/var/www/header.html"
diff --git a/archived/bullseye/etc_files/website/etc/nginx/sites-available/website.nginx b/archived/bullseye/etc_files/website/etc/nginx/sites-available/website.nginx
new file mode 100644 (file)
index 0000000..ad5abed
--- /dev/null
@@ -0,0 +1,45 @@
+server {
+    listen 443 ssl;
+    server_name REPLACE_fqdn_ECALPER;
+    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
+    root /var/www/html/;
+    index index.html index.htm index.nginx-debian.html;
+
+    # serve /var/repos/* for HTTPS git cloning
+    location ~ /repos/clone(/.*) {
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
+        # Commented out so only repos are served that contain a
+        # git-daemon-export-ok file.
+        # fastcgi_param GIT_HTTP_EXPORT_ALL "";
+        fastcgi_param GIT_PROJECT_ROOT /var/repos;
+        fastcgi_param PATH_INFO $1;
+        fastcgi_pass unix:/var/run/fcgiwrap.socket;
+    }
+
+    # gitweb static files
+    location /repos/static/ {
+        alias /usr/share/gitweb/static/;
+    }
+
+    # gitweb; this needs packages fcgiwrap and gitweb
+    location /repos/ {
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME /usr/share/gitweb/gitweb.cgi;
+        fastcgi_param GITWEB_CONFIG /etc/gitweb.conf;
+        fastcgi_pass unix:/var/run/fcgiwrap.socket;
+    }
+
+    # login-protected IRC logs
+    location ~ ^/irclogs/([^/]+)/ {
+        auth_basic "$1 logs";
+        auth_basic_user_file /var/www/irclogs_pw/$1;
+        autoindex on;
+    }
+
+    location /guiltcards/ {
+        include uwsgi_params;
+        uwsgi_pass 127.0.0.1:9000;
+    }
+}
diff --git a/archived/bullseye/etc_files/website/etc/systemd/system/plomlombot.service b/archived/bullseye/etc_files/website/etc/systemd/system/plomlombot.service
new file mode 100644 (file)
index 0000000..a4f6769
--- /dev/null
@@ -0,0 +1,11 @@
+[Unit]
+Description=plomlombot screen
+
+[Service]
+Type=simple
+User=plom
+ExecStart=/bin/sh -c '~/plomlombot_daemon.sh'
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/archived/bullseye/home_files/minimal/.bashrc b/archived/bullseye/home_files/minimal/.bashrc
new file mode 100644 (file)
index 0000000..e1d41d8
--- /dev/null
@@ -0,0 +1,30 @@
+# Settings for interactive shells.
+
+# Fancy colors for ls.
+alias ls="ls --color=auto"
+
+# Other helpful aliases
+alias sshauth='eval $(ssh-agent) && ssh-add'
+alias xrandrbig='xrandr --output LVDS-1 --off'
+
+# Use vim as default editor for anything.
+export VISUAL=vim
+export EDITOR=$VISUAL
+
+# Colored prompt with username, hostname, date/time, directory.
+colornumber=7 # Default to white if no color set via colornumber dotfile.
+colornumber_file=~/.shell_prompt_color
+if [ -f $colornumber_file ]; then
+    colornumber=`cat $colornumber_file`
+fi
+tput_color="$(tput setaf $colornumber)$(tput bold)"
+tput_reset="$(tput sgr0)"
+# Bash confuses the line length when not told to not count escape sequences.
+if [ ! "$BASH" = "" ]; then
+    tput_color="\[$tput_color\]"
+    tput_reset="\[$tput_reset\]"
+fi
+PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset"
+PS2="${tput_color}> $tput_reset"
+PS3="${tput_color}select: $tput_reset"
+PS4="${tput_color}+ $tput_reset"
diff --git a/archived/bullseye/home_files/root/.shell_prompt_color b/archived/bullseye/home_files/root/.shell_prompt_color
new file mode 100644 (file)
index 0000000..d00491f
--- /dev/null
@@ -0,0 +1 @@
+1
diff --git a/archived/bullseye/home_files/user/.Xresources b/archived/bullseye/home_files/user/.Xresources
new file mode 100644 (file)
index 0000000..45b10af
--- /dev/null
@@ -0,0 +1,56 @@
+! otherwise various applications will assume merely 8 colors
+XTerm.termName: xterm-256color
+
+! font
+! actually, "mono" is already the default for faceName (it will
+! pick whatever fc-match mono delivers), but we need to set _some_
+! faceName to trigger XTerm activating TrueType fonts
+! (XTerm*fontRender by itself won't do the trick), and we want
+! TrueType fonts because, well, they scale better, and XTerm lets them
+! fall back on alternatives (hi there ttf-unifont) when a Unicode
+! glyph is not found
+XTerm*faceName: mono
+
+! white on black
+XTerm*reverseVideo: on
+
+! blink screen instead of sound
+XTerm*visualBell: on
+
+! proper ALT as META key treatment
+XTerm*eightBitInput: false
+
+! font sizes
+XTerm*faceSize: 8
+XTerm*faceSize1: 4
+XTerm*faceSize2: 5
+XTerm*faceSize3: 6
+XTerm*faceSize4: 8
+XTerm*faceSize5: 14
+XTerm*faceSize6: 25
+
+! colors
+! black
+XTerm*color0: #202020
+XTerm*color8: #3F3F3F
+! red
+XTerm*color1: #A82020
+XTerm*color9: #E82020
+! green
+XTerm*color2: #20A820
+XTerm*color10: #20E820
+! yellow
+XTerm*color3: #A8A820
+XTerm*color11: #E8E820
+! blue
+XTerm*color4: #3F3FFF
+XTerm*color12: #9F9FFF
+! magenta
+XTerm*color5: #A83FFF
+XTerm*color13: #E89FFF
+! cyan
+XTerm*color6: #3FA8FF
+XTerm*color14: #9FE8FF
+! white
+XTerm*color7: #A8A8A8
+XTerm*color15: #E8E8E8
diff --git a/archived/bullseye/home_files/user/.borgrepos b/archived/bullseye/home_files/user/.borgrepos
new file mode 100644 (file)
index 0000000..c40eee3
--- /dev/null
@@ -0,0 +1,4 @@
+plom@plomlompom.com
+plom@mail.plomlompom.com
+plom@play.plomlompom.com
+# file read ends at last newline
diff --git a/archived/bullseye/home_files/user/.config/i3/config b/archived/bullseye/home_files/user/.config/i3/config
new file mode 100644 (file)
index 0000000..07332f3
--- /dev/null
@@ -0,0 +1,84 @@
+# plomlompom's i3-wm configuration
+
+# Font for i3 text
+font pango:Terminus 8px
+
+# Force "tabbed" as default layout for new windows.
+workspace_layout              tabbed
+
+# Make the Windows key the modifier key for all i3-wm actions.
+set                           $mod Mod4
+floating_modifier             $mod
+
+# Launch xterm.
+bindsym $mod+Return           exec xterm
+
+# Launch programs via dmenu.
+bindsym $mod+d                exec dmenu_run
+bindsym $mod+x                exec dmenu_run
+
+# Kill window.
+bindsym $mod+Shift+Q          kill
+
+# Move focus between windows.
+bindsym $mod+Left             focus left
+bindsym $mod+Down             focus down
+bindsym $mod+Up               focus up
+bindsym $mod+Right            focus right
+
+# Don't move focus with mouse.
+focus_follows_mouse           no
+
+# Move windows.
+bindsym $mod+Shift+Left       move left
+bindsym $mod+Shift+Down       move down
+bindsym $mod+Shift+Up         move up
+bindsym $mod+Shift+Right      move right
+
+# Resize windows
+bindsym $mod+h                resize shrink width 1 px or 1 ppt
+bindsym $mod+l                resize grow width 1 px or 1 ppt
+bindsym $mod+j                resize shrink height
+bindsym $mod+k                resize grow height
+
+# Toggle fullscreen for focused window.
+bindsym $mod+f                fullscreen
+
+# Toggle floating of window, focus on floating or tabbed windows.
+bindsym $mod+Shift+space      floating toggle
+bindsym $mod+space            focus mode_toggle
+
+# Switch to workspace x.
+bindsym $mod+1                workspace 1
+bindsym $mod+2                workspace 2
+bindsym $mod+3                workspace 3
+bindsym $mod+4                workspace 4
+bindsym $mod+5                workspace 5
+bindsym $mod+6                workspace 6
+bindsym $mod+7                workspace 7
+bindsym $mod+8                workspace 8
+bindsym $mod+9                workspace 9
+bindsym $mod+0                workspace 10
+
+# Move window to workspace x.
+bindsym $mod+Shift+exclam     move workspace 1
+bindsym $mod+Shift+quotedbl   move workspace 2
+bindsym $mod+Shift+section    move workspace 3
+bindsym $mod+Shift+dollar     move workspace 4
+bindsym $mod+Shift+percent    move workspace 5
+bindsym $mod+Shift+ampersand  move workspace 6
+bindsym $mod+Shift+slash      move workspace 7
+bindsym $mod+Shift+parenleft  move workspace 8
+bindsym $mod+Shift+parenright move workspace 9
+bindsym $mod+Shift+equal      move workspace 10
+
+# Reload i3 config file, restart (keeping sesion) i3, exit i3.
+bindsym $mod+Shift+C          reload
+bindsym $mod+Shift+R          restart
+bindsym $mod+Shift+P          exit
+
+# Select "i3status" as i3 status bar, hide systray icons.
+bar {
+  tray_output none
+  status_command i3status
+}
diff --git a/archived/bullseye/home_files/user/.emacs.d/init.el b/archived/bullseye/home_files/user/.emacs.d/init.el
new file mode 100644 (file)
index 0000000..9964c98
--- /dev/null
@@ -0,0 +1,323 @@
+;; general layout
+;; ==============
+
+;; need no stinkin emacs help screen as start up, and no menu bar
+(setq inhibit-startup-screen t)
+(menu-bar-mode -1)
+
+;; highlight cursor line, parentheses
+(global-hl-line-mode 1)
+(show-paren-mode 1)
+
+;; show line numbers, use separator space
+(global-linum-mode)
+(setq linum-format "%d ")
+
+;; count cursor column, row in mode line
+(setq column-number-mode t)
+
+;; settings to make GUI tolerable
+(if window-system
+  (progn
+    (add-to-list 'default-frame-alist '(foreground-color . "white"))
+    (add-to-list 'default-frame-alist '(background-color . "black"))
+    (set-face-attribute 'default nil :height 80)
+    (scroll-bar-mode -1)
+    (setq visible-bell t)
+    (setq linum-format "%d")))
+
+;; use as default browser what XDG offers
+(setq-default browse-url-browser-function 'browse-url-xdg-open)
+
+
+
+;; general keybindings
+;; ===================
+
+;; create and use a minimal global map using just the self-insert command
+;; bindings and a selection of some to me very common keystrokes
+(setq minimal-map (make-sparse-keymap))
+(substitute-key-definition 'self-insert-command 'self-insert-command
+                           minimal-map global-map)
+(use-global-map minimal-map)
+(global-set-key (kbd "DEL") 'backward-delete-char-untabify)
+(global-set-key (kbd "RET") 'newline)
+(global-set-key (kbd "TAB") 'indent-for-tab-command)
+(global-set-key (kbd "<up>") 'previous-line)
+(global-set-key (kbd "<down>") 'next-line)
+(global-set-key (kbd "<left>") 'left-char)
+(global-set-key (kbd "<right>") 'right-char)
+(global-set-key (kbd "<prior>") 'scroll-down-command)
+(global-set-key (kbd "<next>") 'scroll-up-command)
+(global-set-key (kbd "M-x") 'execute-extended-command)
+(global-set-key (kbd "C-g") 'keyboard-quit)
+;(global-set-key (kbd "<f3>") 'kmacro-start-macro-or-insert-counter)
+;(global-set-key (kbd "<f4>") 'kmacro-end-or-call-macro)
+;; note how to switch back to the original map: (use-global-map global-map)
+(setq shr-map (make-sparse-keymap))  ; got annoying in elfeed-show on URLs
+
+
+
+;; minibuffer
+;; ==========
+
+;; incremental minibuffer completion
+(icomplete-mode 1)
+
+
+
+;; text editing
+;; ============
+
+;; tabs are evil
+(setq-default indent-tabs-mode nil)
+(setq-default tab-width 4)
+(setq indent-line-function 'insert-tab)
+
+;; show trailing whitespace
+(setq-default show-trailing-whitespace 1)
+
+;; on save, ask whether to ensure text file's last line ends in a
+;; newline character
+(setq require-final-newline 1)
+
+;; use dedicated directory for version-controlled, endless backups;
+;; never delete old versions
+(setq make-backup-files t
+      backup-directory-alist `(("." . "~/.emacs_backups"))
+      backup-by-copying t
+      version-control t
+      delete-old-versions 1)  ;; neither t nor nil: never delete
+
+
+;; package management
+;; ==================
+
+;; where we get packages from
+(setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/")
+                         ("melpa-unstable" . "https://melpa.org/packages/")
+                         ("melpa-stable" . "https://stable.melpa.org/packages/")))
+
+;; ensure certain packages are installed (actually, we use Debian repos here)
+;; credit to <https://stackoverflow.com/a/10093312>
+;(setq package-list '(elfeed ledger-mode))
+;(package-initialize)
+;(dolist (package package-list)
+;  (unless (package-installed-p package)
+;    (package-install package)))
+
+
+
+;;; window management
+;;; =================
+;
+;;; track window configurations to allow window config undo
+;(winner-mode 1)
+
+
+
+;; mail setup
+;; ==========
+
+(setq send-mail-function 'smtpmail-send-it)
+(setq smtpmail-smtp-server "mail.plomlompom.com")
+(setq smtpmail-smtp-service 465)
+(setq smtpmail-stream-type 'ssl)
+(setq smtpmail-smtp-user "plom")
+(setq mml-secure-openpgp-encrypt-to-self t)
+(add-hook 'message-setup-hook 'mml-secure-sign-pgpmime)
+
+;(setq gnutls-log-level 0)
+
+;; if we don't set this, we get this warning:
+;;   gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange
+;;   has been lowered to 256 bits and this may allow decryption of the session data
+(setq gnutls-min-prime-bits 1024)
+
+;; there is a WEIRD bug somewhere in /network-stream-open-tls/ that disappears the
+;; stream process, seemingly unless the /message/ function is called at the right
+;; place (earliest in /nsm-verify-connection/ right before the "cond" there, latest
+;; in /network-stream-get-response/ right after "(goto-char start)"; this works
+;; unless /inhibit_message/ is set, indicating that writing to the *Messages*
+;; buffer is not relevant, but maybe writing to the echo area is); activing the
+;; gnutls logging is just a hack to achieve such calls to /message/ in the
+;; /network-stream-open-tls/ flow.
+(setq gnutls-log-level 1) ; miraculously makes smtpmail work
+
+;; constructs From: domain if mail composer directly called (from without
+;; notmuch), but we don't actually intend to do that
+;(setq mail-host-address "plomlompom.com")
+
+;; otherwise notmuch becomes extremely slow in some cases
+(setq-default notmuch-show-indent-content nil)
+
+;; this only works if we use notmuch-mua-send instead of message-send
+(setq notmuch-fcc-dirs '(("plom@plomlompom.com" . "maildir/Sent")))
+
+;; this gets rid of "i-did-not-set--mail-host-address--so-tickle-me"
+;; in the message ID
+(setq mail-host-address "plomlompom.com")
+
+;; notmuch saved searches
+(setq notmuch-saved-searches
+      '((:name "inbox" :query "tag:unread and folder:inbox")
+        (:name "all" :query "tag:unread not folder:maildir/Trash")
+        (:name "plomlompom.de" :query "tag:unread and folder:maildir/plomlompom.de")
+        (:name "nebenan" :query "tag:unread and folder:maildir/nebenan")
+        (:name "reflect-info" :query "tag:unread and folder:maildir/reflect-info")
+        (:name "gmail" :query "tag:unread and folder:maildir/gmail.com")
+        (:name "mutter" :query "tag:unread and folder:maildir/mutter")))
+
+
+
+;; org mode
+;; ========
+
+;; unsure why, but to re-set the key map, we not only have to explicitely do it
+;; only after org-mode loading, but also have to explicitely overwrite the
+;; C-c keybinding; TODO: investigate
+(with-eval-after-load 'org
+    (setq org-mode-map (make-sparse-keymap))
+    (define-key org-mode-map (kbd "C-c") nil)
+    (define-key org-mode-map (kbd "TAB") 'org-cycle)
+    (define-key org-mode-map (kbd "<backtab>") 'org-shifttab))
+
+;; don't truncate lines by default
+(setq org-startup-truncated nil)
+
+;; basic org-capture config
+(setq org-capture-templates
+      '(("x" "test" plain (file "~/org/notes.org") "%T: %?")))
+(add-hook 'org-capture-mode-hook 'evil-insert-state)
+
+;; agenda view on startup
+(load-library "find-lisp")
+(setq org-agenda-files (find-lisp-find-files "~/org" "\.org$"))
+(setq org-agenda-span 90)
+(setq org-agenda-use-time-grid nil)
+(add-hook 'emacs-startup-hook (lambda ()
+                                 (org-agenda-list)
+                                 (switch-to-buffer "*Org Agenda*")
+                                 (other-window 1)))
+
+;;; for calendar, use ISO date style
+;(setq calendar-date-style 'iso)
+;(setq diary-number-of-entries 7)
+;(diary)
+;(setq org-agenda-time-grid '((today require-timed remove-match)
+;                             #("----------------" 0 16 (org-heading t))
+;                             (0 200 400 600 800 1000 1200
+;                                1400 1600 1800 2000 2200)))
+
+;; empty org-agenda-mode keybindings
+(add-hook 'org-agenda-mode-hook
+          (lambda ()
+            (setq org-agenda-mode-map (make-sparse-keymap))))
+(add-hook 'org-agenda-mode-hook
+          (lambda ()
+            (use-local-map (make-sparse-keymap))))
+
+;; org-publish-all
+(setq org-publish-project-alist
+      '(
+        ("website"
+         :base-directory "~/org/web/"
+         :base-extension "org"
+         :publishing-directory "~/html/"
+         :recursive t
+         :publishing-function org-html-publish-to-html
+         :headline-levels 4             ; Just the default for this project.
+         :auto-preamble t
+          )))
+
+;; use [ki:] syntax to hide stuff from exports
+(defun classify-information (text backend info)
+  "Replaces '[ki:WHATEVER]' with '[klassifizierte Information]'."
+  (replace-regexp-in-string "\\[ki:[^\]]*\]" "[klassifizierte Information]" text))
+(add-hook 'org-export-filter-plain-text-functions 'classify-information)
+
+;; add HTML validator link to exports
+(setq org-html-validation-link "<a href=\"https://validator.w3.org/check?uri=referer\">Validate</a>")
+
+
+
+;;; Info mode
+;;; =========
+
+(setq Info-mode-map (make-sparse-keymap))
+(define-key Info-mode-map (kbd "RET") 'Info-follow-nearest-node)
+(define-key Info-mode-map (kbd "u") 'Info-up)
+(define-key Info-mode-map (kbd "TAB") 'Info-next-reference)
+(define-key Info-mode-map (kbd "<backtab>") 'Info-prev-reference)
+(define-key Info-mode-map (kbd "H") 'Info-history-back)
+(define-key Info-mode-map (kbd "L") 'Info-history-forward)
+(define-key Info-mode-map (kbd "I") 'Info-goto-node)
+(define-key Info-mode-map (kbd "i") 'Info-index)
+
+
+
+;; help mode
+;; =========
+
+(setq help-mode-map (make-sparse-keymap))
+(define-key help-mode-map (kbd "TAB") 'forward-button)
+(define-key help-mode-map (kbd "RET") 'help-follow)
+(define-key help-mode-map (kbd "<backtab>") 'backward-button)
+
+
+
+;; elfeed
+;; ======
+
+(require 'elfeed)  ; needed so we can set the font faces
+(set-face-background 'elfeed-search-title-face "magenta")
+(set-face-background 'elfeed-search-unread-count-face "magenta")
+(setq elfeed-feeds
+      '("https://capsurvival.blogspot.com/feeds/posts/default"
+        "https://jungle.world/rss.xml"
+        "http://news.dieweltistgarnichtso.net/bin/index.xml"
+        "https://taz.de/!s=&ExportStatus=Intern&SuchRahmen=Online;rss/"
+        "http://www.tagesschau.de/xml/atom"))
+(setq elfeed-search-mode-map (make-sparse-keymap))
+(define-key elfeed-search-mode-map (kbd "RET") 'elfeed-search-show-entry)
+(defun elfeed-search-mark-as-read() (interactive)
+  (elfeed-search-untag-all 'unread))
+(define-key elfeed-search-mode-map (kbd "r") 'elfeed-search-mark-as-read)
+(define-key elfeed-search-mode-map (kbd "R") 'elfeed-search-tag-all-unread)
+(define-key elfeed-search-mode-map (kbd "f") 'elfeed-search-live-filter)
+(define-key elfeed-search-mode-map (kbd "u") 'elfeed-update)
+(setq elfeed-show-mode-map (make-sparse-keymap))
+(define-key elfeed-show-mode-map (kbd "u") 'elfeed)
+(define-key elfeed-show-mode-map (kbd "TAB") 'shr-next-link)
+(define-key elfeed-show-mode-map (kbd "<backtab>") 'shr-previous-link)
+(define-key elfeed-show-mode-map (kbd "a") 'elfeed-show-prev)
+(define-key elfeed-show-mode-map (kbd "d") 'elfeed-show-next)
+(define-key elfeed-show-mode-map (kbd "y") 'shr-copy-url)
+(define-key elfeed-show-mode-map (kbd "RET") 'shr-browse-url)
+
+
+
+;; eww
+;; ===
+
+(setq eww-mode-map (make-sparse-keymap))
+(define-key eww-mode-map (kbd "TAB") 'shr-next-link)
+(define-key eww-mode-map (kbd "<backtab>") 'shr-previous-link)
+(define-key eww-mode-map (kbd "H") 'eww-back-url)
+(define-key eww-mode-map (kbd "L") 'eww-forward-url)
+
+
+
+;; ledger
+;; ======
+(setq ledger-mode-map (make-sparse-keymap))
+(define-key ledger-mode-map (kbd "TAB") 'completion-at-point)
+
+
+
+;;; plomvi mode
+;;; ===========
+
+(defvar plomvi-return-combo (kbd "C-c"))
+(load "~/public_repos/plomvi.el/plomvi.el")
+(plomvi-global-mode 1)
diff --git a/archived/bullseye/home_files/user/.gitconfig b/archived/bullseye/home_files/user/.gitconfig
new file mode 100644 (file)
index 0000000..8967d25
--- /dev/null
@@ -0,0 +1,3 @@
+[user]
+       email = c.heller@plomlompom.de
+       name = Christian Heller
diff --git a/archived/bullseye/home_files/user/.mbsyncrc b/archived/bullseye/home_files/user/.mbsyncrc
new file mode 100644 (file)
index 0000000..6a0e5cd
--- /dev/null
@@ -0,0 +1,28 @@
+IMAPAccount plom
+# Address to connect to
+Host mail.plomlompom.com
+User plom
+# For some reason, mbsync doesn't accept a PassCmd output beyond 79 chars,
+# therefore the pw in ~/.authinfo should not be longer than that.
+PassCmd "cat ~/.authinfo | cut -d' ' -f8-"
+SSLType IMAPS
+AuthMechs LOGIN
+
+IMAPStore core-remote
+Account plom
+
+MaildirStore core-local
+# The trailing "/" is important
+Path ~/mail/maildir/
+Inbox ~/mail/inbox/
+
+Channel core
+Master :core-remote:
+Slave :core-local:
+Patterns *
+# Automatically create missing mailboxes, both locally and on the server
+Create Both
+# Save the synchronization state files in the relevant directory
+SyncState *
+# If a mail is marked T ("Trashed") or deleted, remove it for real everywhere
+Expunge Both
diff --git a/archived/bullseye/home_files/user/.notmuch-config b/archived/bullseye/home_files/user/.notmuch-config
new file mode 100644 (file)
index 0000000..9532761
--- /dev/null
@@ -0,0 +1,9 @@
+[database]
+path=/home/plom/mail
+[search]
+exclude_tags=deleted;spam;
+# the fields below set the From: if the mail composer is called from
+# within notmuch
+[user]
+name=Christian Heller
+primary_email=plom@plomlompom.com
diff --git a/archived/bullseye/home_files/user/.shell_prompt_color b/archived/bullseye/home_files/user/.shell_prompt_color
new file mode 100644 (file)
index 0000000..0cfbf08
--- /dev/null
@@ -0,0 +1 @@
+2
diff --git a/archived/bullseye/home_files/user/.tridactylrc b/archived/bullseye/home_files/user/.tridactylrc
new file mode 100644 (file)
index 0000000..e39e5a0
--- /dev/null
@@ -0,0 +1,13 @@
+sanitize tridactyllocal tridactylsync
+guiset statuspanel top-right
+guiset tabs autohide 
+set newtab file:///opt/firefox/blank.html
+autocmd DocStart www.reddit.com urlmodify -t www.reddit old.reddit
+bind / fillcmdline find
+bind n findnext 1
+bind N findnext -1
+set findcase insensitive
+bind j scrollline 3
+bind k scrollline -3
+set hintuppercase false
+set searchengine duckduckgo
diff --git a/archived/bullseye/home_files/user/.xinitrc b/archived/bullseye/home_files/user/.xinitrc
new file mode 100644 (file)
index 0000000..c7a0a66
--- /dev/null
@@ -0,0 +1,17 @@
+# X init configuration
+
+# Set keymap.
+setxkbmap de
+
+# Map CapsLock to Compose key.
+xmodmap -e "clear Lock"
+xmodmap -e "keycode 66 = Multi_key"
+
+# Load xterm settings
+xrdb -merge ~/.Xresources
+
+# Redshift to Berlin, Germany.
+redshift -rl 53:13 &
+
+# Launch window manager.
+i3
diff --git a/archived/bullseye/home_files/user/mail_sync.sh b/archived/bullseye/home_files/user/mail_sync.sh
new file mode 100755 (executable)
index 0000000..6962800
--- /dev/null
@@ -0,0 +1,43 @@
+#!/bin/sh
+set -e
+
+basedir="/home/plom/mail/maildir/"
+# Ensure directories exist for all "dir:*" tags.
+for tag in $(notmuch search --output=tags '*'); do
+    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
+        continue
+    fi
+    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
+    if [ ! -d "${target_dir}" ]; then
+        echo "Directory ${target_dir} does not exist."
+        exit 1
+    fi
+done
+
+# Ensure all "dir:*"-tagged mails are in proper directories,
+# remove all "dir:*" tags.
+for tag in $(notmuch search --output=tags '*'); do
+    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
+        continue
+    fi
+    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
+    for f in $(notmuch search --output=files tag:"${tag}"); do
+         new_name=$(basename "${f}" | sed -e 's/,U=[0-9]*//')
+         target_path="${target_dir}${new_name}"
+         if [ ! "${target_path}" = "${f}" ]; then
+             echo "Moving ${f} to ${target_path}."
+             mv "${f}" "${target_path}"
+         fi
+    done
+    notmuch tag -"${tag}" tag:"${tag}"
+done
+
+# Remove all "deleted"-tagged files from maildirs.
+notmuch search --output=files tag:deleted | while read f; do
+    echo "Deleting ${f}"
+    rm "${f}"
+done
+
+# Sync changes back to server and update notmuch index.
+mbsync -a
+notmuch new
diff --git a/archived/bullseye/home_files/user/public_repos/repos b/archived/bullseye/home_files/user/public_repos/repos
new file mode 100644 (file)
index 0000000..27eb028
--- /dev/null
@@ -0,0 +1,7 @@
+# List of repos we want cloned in ~/public_repos
+config
+pingmail.git
+plomlombot-irc.git
+plomrogue
+plomrogue2-experiments
+plomvi.el
diff --git a/archived/bullseye/home_files/w530/.config/i3status/config b/archived/bullseye/home_files/w530/.config/i3status/config
new file mode 100644 (file)
index 0000000..b9fb15f
--- /dev/null
@@ -0,0 +1,82 @@
+# plomlompom's i3 status bar configuration
+
+# Activate colors; set update interval of one second.
+general {
+  colors = true
+  interval = 1
+}
+
+# Selection / order of status elements.
+order += "disk /"
+order += "disk /home/"
+order += "wireless wlp3s0"
+order += "ethernet enp0s25"
+order += "battery 0"
+order += "cpu_usage"
+order += "load"
+order += "cpu_temperature 0"
+order += "time"
+order += "volume master"
+
+# How much space is left in / ?
+disk "/" {
+  format = "/: %avail available of %total"
+  separator_block_width = 25
+}
+
+# How much space is left in /home ?
+disk "/home/" {
+  format = "/home: %avail available of %total"
+  separator_block_width = 25
+}
+
+# WLAN status: show IP and connection quality or "down".
+wireless wlp3s0 {
+  format_up = "w: (%quality at %essid) %ip"
+  format_down = "w: down"
+  separator_block_width = 10
+}
+
+# Ethernet status: show IP or "down".
+ethernet enp0s25 {
+  format_up = "e: %ip"
+  format_down = "e: down"
+  separator_block_width = 25
+}
+
+# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
+battery 0 {
+  format = "b: %status %percentage %remaining"
+  separator_block_width = 25
+}
+
+# Show CPU usage.
+cpu_usage {
+  format = "cpu: %usage"
+  separator_block_width = 10
+}
+
+# Show system load during last 1/5/15 minutes.
+load {
+  format = "%1min %5min %15min"
+  separator_block_width = 25
+}
+
+# Show CPU temperature in degrees of celsius.
+cpu_temperature 0 {
+  format = "%degrees °C"
+  separator_block_width = 25
+}
+
+# Show date/time/timezone as "year-month-day hour:minute:second
+# timezone_numeric/timezone_alphabetic".
+time {
+  format = "%Y-%m-%d %H:%M:%S %z/%Z"
+  separator_block_width = 25
+}
+
+volume master {
+  format = "♪: %volume"
+  format_muted = "♪: muted (%volume)"
+  separator_block_width = 25
+}
diff --git a/archived/bullseye/home_files/x220/.config/i3status/config b/archived/bullseye/home_files/x220/.config/i3status/config
new file mode 100644 (file)
index 0000000..a81a117
--- /dev/null
@@ -0,0 +1,79 @@
+# plomlompom's i3 status bar configuration
+
+# It is important that this file is edited as UTF-8.
+# The following line should contain a sharp s:
+# ß
+
+# Activate colors; set update interval of one second.
+general {
+  colors = true
+  interval = 1
+}
+
+# Selection / order of status elements.
+order += "disk /"
+order += "wireless _first_"
+order += "ethernet _first_"
+order += "battery all"
+order += "cpu_usage"
+order += "load"
+order += "cpu_temperature all"
+order += "time"
+order += "volume master"
+
+# How much space is left in / ?
+disk "/" {
+  format = "/: %avail available of %total"
+  separator_block_width = 25
+}
+
+# WLAN status: show IP and connection quality or "down".
+wireless _first_ {
+  format_up = "w: (%quality at %essid) %ip"
+  format_down = "w: down"
+  separator_block_width = 10
+}
+
+# Ethernet status: show IP or "down".
+ethernet _first_ {
+  format_up = "e: %ip"
+  format_down = "e: down"
+  separator_block_width = 25
+}
+
+# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
+battery all {
+  format = "b: %status %percentage %remaining"
+  separator_block_width = 25
+}
+
+# Show CPU usage.
+cpu_usage {
+  format = "cpu: %usage"
+  separator_block_width = 10
+}
+
+# Show system load during last 1/5/15 minutes.
+load {
+  format = "%1min %5min %15min"
+  separator_block_width = 25
+}
+
+# Show CPU temperature in degrees of celsius.
+cpu_temperature all {
+  format = "%degrees °C"
+  separator_block_width = 25
+}
+
+# Show date/time/timezone as "year-month-day hour:minute:second
+# timezone_numeric/timezone_alphabetic".
+time {
+  format = "%Y-%m-%d %H:%M:%S %z/%Z"
+  separator_block_width = 25
+}
+
+volume master {
+  format = "♪: %volume"
+  format_muted = "♪: muted (%volume)"
+  separator_block_width = 25
+}
diff --git a/archived/bullseye/other_files/blank.html b/archived/bullseye/other_files/blank.html
new file mode 100644 (file)
index 0000000..79e707e
--- /dev/null
@@ -0,0 +1 @@
+not quite blank
diff --git a/archived/bullseye/other_files/blog_hook_post-receive b/archived/bullseye/other_files/blog_hook_post-receive
new file mode 100755 (executable)
index 0000000..b671248
--- /dev/null
@@ -0,0 +1,17 @@
+#!/bin/sh
+blog_dir=~/blog
+export GIT_DIR=$(pwd)
+export GIT_WORK_TREE="$blog_dir"
+git checkout -f
+cd "$GIT_WORK_TREE"
+redo
+git add metadata/author metadata/url metadata/title metadata/*.tmpl metadata/automatic_metadata captchas/linkable/*
+count=$(ls -1 metadata/*.automatic_metadata 2>/dev/null | wc -l)
+if [ "$count" != 0 ]; then
+  git add metadata/*.automatic_metadata
+fi
+status=$(git status -s)
+n_updates=$(printf "$status" | grep -vE '^\?\?' | wc -l)
+if [ "$n_updates" -gt 0 ]; then
+  git commit -a -m 'Update metadata'
+fi
diff --git a/archived/bullseye/other_files/dumpsite_index.html b/archived/bullseye/other_files/dumpsite_index.html
new file mode 100644 (file)
index 0000000..0c2093f
--- /dev/null
@@ -0,0 +1,3 @@
+<!DOCTYPE html>
+<meta charset="UTF-8">
+<a href="blog">Zum Blog?</a>
diff --git a/archived/bullseye/other_files/plomlombot_daemon.sh b/archived/bullseye/other_files/plomlombot_daemon.sh
new file mode 100755 (executable)
index 0000000..9b9faee
--- /dev/null
@@ -0,0 +1,62 @@
+#!/bin/sh
+set -e
+
+# Repeatedly parse config file for GPG key and bot screen configs.
+path=~/.plomlombot
+db_dir="${HOME}/plomlombot_db"
+irclogs_dir=/var/www/html/irclogs
+irclogs_pw_dir=/var/www/irclogs_pw
+hostname_mod_epoch=$(stat -c%Y /etc/hostname)
+while true; do
+    if [ -f "${path}" ]; then
+        cat "${path}" | while read line; do
+            first_word=$(echo -n "${line}" | cut -d' ' -f1)
+
+            # Read "bot:" line, start bot screen session from it if not yet existing,
+            # set up irclogs dir if not yet existing.
+            if [ "${first_word}" = "bot:" ]; then
+                session_name=$(echo -n "${line}" | cut -d' ' -f2)
+                bot_name=$(echo -n "${line}" | cut -d' ' -f3)
+                channel_name=$(echo -n "${line}" | cut -d' ' -f4)
+                shortened_channel_name="${channel_name}"
+                first_char=$(echo -n "${channel_name}" | cut -c1)
+                if [ "${first_char}" = "#" ]; then
+                    shortened_channel_name=$(echo -n "${channel_name}" | cut -c2-)
+                fi
+                server_name=$(echo -n "${line}" | cut -d' ' -f5)
+                login_user=$(echo -n "${line}" | cut -d' ' -f6)
+                login_pw=$(echo -n "${line}" | cut -d' ' -f7)
+                add_option=$(echo -n "${line}" | cut -d' ' -f8-)
+                set +e
+                screen -S "${session_name}" -Q select . > /dev/null
+                start_screen=$?
+                set -e
+                if [ "${start_screen}" -eq "1" ]; then
+                    cd ~/plomlombot-irc
+                    LANG="en_US.UTF-8" screen -d -m -S "${session_name}" ./run.sh -r 604800 -n "${bot_name}" -u "${bot_name}" -s "${server_name}" -c "${channel_name}" ${add_option}
+                fi
+                md5_server=$(echo -n "${server_name}" | md5sum | cut -d' ' -f1)
+                md5_channel=$(echo -n "${channel_name}" | md5sum | cut -d' ' -f1)
+                logs_dir="${db_dir}/${md5_server}/${md5_channel}/logs"
+                # FIXME: Note the trouble we will have if we have the same channel
+                # name on different servers …
+                ln -sfn "${logs_dir}" "${irclogs_dir}/${shortened_channel_name}"
+                echo "${login_user}":'{PLAIN}'"${login_pw}" > "${irclogs_pw_dir}/${shortened_channel_name}"
+
+            # If "gpg_key" line, encrypt old raw logs to that GPG key.
+            elif [ "${first_word}" = "gpg_key" ]; then
+                key=$(echo -n "${line}" | cut -d' ' -f2)
+                mkdir -p ~/plomlombot_db
+                cd ~/plomlombot_db
+                # Dirty hack: To avoid trouble with GPG key expiration, fake
+                # system to something reasonbly old (younger than key creation,
+                # older than expiration) by taking the mod datetime of
+                # /etc/hostname, which should have last be changed when the
+                # system was set up.
+                find . -path '*/*/raw_logs/*.txt' -mtime +1 -type f -exec gpg --recipient "${key}" --trust-model always --faked-system-time="${hostname_mod_epoch}" --encrypt {} \; -exec rm {} \;
+            fi
+
+        done
+        sleep 1
+    fi
+done
diff --git a/archived/bullseye/other_files/plomlombot_hook_post-receive b/archived/bullseye/other_files/plomlombot_hook_post-receive
new file mode 100755 (executable)
index 0000000..c4627af
--- /dev/null
@@ -0,0 +1,2 @@
+#!/bin/sh
+GIT_WORK_TREE=/home/plom/plomlombot-irc git checkout -f
diff --git a/archived/bullseye/other_files/prune_microblogpub.sh b/archived/bullseye/other_files/prune_microblogpub.sh
new file mode 100644 (file)
index 0000000..8cfc385
--- /dev/null
@@ -0,0 +1,10 @@
+#!/bin/sh
+set -e
+set -x
+service microblogpub stop
+microblogdir=/home/plom/testing.microblog.pub
+cd "${microblogdir}"
+cp -r data/microblogpub.db data/microblogpub.db.bak.$(date +%a)
+su -lc "cd ${microblogdir} && poetry run inv prune-old-data" - plom
+service microblogpub start
+echo "last microblog pruning at $(date)" >> /home/plom/prune_log.txt
diff --git a/archived/bullseye/other_files/url-catcher_customizations.json b/archived/bullseye/other_files/url-catcher_customizations.json
new file mode 100644 (file)
index 0000000..acc4778
--- /dev/null
@@ -0,0 +1,13 @@
+{
+  "translations": {
+    "wrongCaptcha": "Captcha leider falsch.",
+    "invalidURL": "Falsch formatierte URL.",
+    "recordedURL": "URL aufgezeichnet (wird gesichtet und bei Angemessenheit dem Artikel angefügt): ",
+    "pleaseWait": "Zu viele Versuche von dieser IP. So viele Sekunden warten: "
+  },
+  "mailConfig": {
+    "to": "plom+url_catcher@plomlompom.com",
+    "from": "plom+url_catcher@plomlompom.com"
+  },
+  "slowdownReset": 3600
+}
diff --git a/archived/bullseye/other_files/website_hook_post-receive b/archived/bullseye/other_files/website_hook_post-receive
new file mode 100755 (executable)
index 0000000..26d1cce
--- /dev/null
@@ -0,0 +1,2 @@
+#!/bin/sh
+GIT_WORK_TREE=/var/www git checkout -f
diff --git a/archived/bullseye/other_files/weechat-wrapper.sh b/archived/bullseye/other_files/weechat-wrapper.sh
new file mode 100755 (executable)
index 0000000..b433574
--- /dev/null
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+# Enforce ~/.weechatrc as sole persistent weechat config file.
+rm -rf ~/.weechat/
+WEECHATCONF=`tr '\n' ';' < ~/.weechatrc`
+weechat -r "$WEECHATCONF"
+rm -rf ~/.weechat/
diff --git a/archived/bullseye/other_files/weechatlogs_encrypter.sh b/archived/bullseye/other_files/weechatlogs_encrypter.sh
new file mode 100755 (executable)
index 0000000..9e177d3
--- /dev/null
@@ -0,0 +1,16 @@
+#!/bin/sh
+# Encrypt dated weechatlog files older than one day to GPG target defined in
+# ~/.encrypt_target
+set -e
+
+gpg_key=$(cat ~/.encrypt_target)
+cd ~/weechatlogs/irc/
+
+# Dirty hack: To avoid trouble with GPG key expiration, fake
+# system to something reasonbly old (younger than key creation,
+# older than expiration) by taking the mod datetime of
+# /etc/hostname, which should have last be changed when the
+# system was set up.
+hostname_mod_epoch=$(stat -c%Y /etc/hostname)
+find . -regextype posix-egrep -regex '^.*/.*/.*\.[0-9]{4}-[0-9]{2}-[0-9]{2}\.weechatlog$' -type f -mtime +1 -exec gpg --recipient "${gpg_key}" --trust-model always --faked-system-time="${hostname_mod_epoch}" --encrypt {} \; -exec rm {} \;
+
diff --git a/archived/bullseye/other_files/weechatrc b/archived/bullseye/other_files/weechatrc
new file mode 100644 (file)
index 0000000..2673cb3
--- /dev/null
@@ -0,0 +1,11 @@
+/set logger.file.path ~/weechatlogs
+/set logger.file.flush_delay 0
+/set logger.mask.irc "irc/$server/$channel.%Y-%m-%d.weechatlog"
+/set weechat.bar.status.items "[time],[buffer_last_number],[buffer_plugin],buffer_number+:+buffer_name+(buffer_modes)+{buffer_nicklist_count}+buffer_zoom+buffer_filter,[lag],[hotlist],completion,scroll,[otr]"
+/set weechat.color.chat_nick_colors "lightcyan"
+/server add libera irc.libera.chat/6697 -nicks=plomlompom,plomlomp0m,ploml0mp0m,pl0ml0mp0m -realname="Christian Heller" -autojoin=#plomlomtest -ssl
+/set irc.server.libera.sasl_mechanism PLAIN
+/set irc.server.libera.sasl_username FOO
+/set irc.server.libera.sasl_password BAR
+/connect libera 
+/bar hide buflist
diff --git a/archived/bullseye/other_files/zettel_hook_post-receive b/archived/bullseye/other_files/zettel_hook_post-receive
new file mode 100755 (executable)
index 0000000..3bea5b2
--- /dev/null
@@ -0,0 +1,5 @@
+#!/bin/sh
+ZETTELDIR=/home/plom/zettel
+GIT_WORK_TREE=$ZETTELDIR git checkout -f
+cd $ZETTELDIR
+redo
diff --git a/archived/bullseye/setup_scripts/copy_dirtree.sh b/archived/bullseye/setup_scripts/copy_dirtree.sh
new file mode 100755 (executable)
index 0000000..c0cb9bf
--- /dev/null
@@ -0,0 +1,30 @@
+#!/bin/sh
+# Copy files in argument-selected subdirectories of $1 to subdirectories
+# of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2
+# of "" and $3 of "all", copy files below etc_files/all such as
+# etc_files/all/etc/foo/bar to equivalent locations below / such as
+# /etc/foo/bar. Create directories as necessary. Multiple arguments after
+# $3 are possible.
+#
+# CAUTION: This removes original files at the affected paths.
+set -e
+
+if [ "$#" -lt 3 ]; then
+    echo 'Need arguments: source root, target root, modules.'
+    false
+fi
+source_root="$1"
+target_root="$2"
+shift 2
+
+for target_module in "$@"; do
+    mkdir -p "${source_root}/${target_module}"
+    cd "${source_root}/${target_module}"
+    for path in $(find . -type f); do
+        target_path="${target_root}"$(echo "${path}" | cut -c2-)
+        source_path=$(realpath "${path}")
+        dir=$(dirname "${target_path}")
+        mkdir -p "${dir}"
+        cp "${source_path}" "${target_path}"
+    done
+done
diff --git a/archived/bullseye/setup_scripts/init_user_and_keybased_login.sh b/archived/bullseye/setup_scripts/init_user_and_keybased_login.sh
new file mode 100755 (executable)
index 0000000..358a37e
--- /dev/null
@@ -0,0 +1,50 @@
+#!/bin/sh
+# This script turns a fresh server with password-based root access into
+# one of only key-based access and only to new non-root account plom.
+#
+# CAUTION: This is optimized for a *fresh* setup. It will overwrite any
+# pre-existing ~/.ssh/authorized_keys of user plom with one that solely
+# contains the local ~/.ssh/id_rsa.pub, and also any old
+# /etc/ssh/sshd_config.
+#
+# Dependencies: ssh, scp, sshpass, ~/.ssh/id_rsa.pub, properly
+# configured sshd_config file in misc.sh:$local_etc_server
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 1 "(server)" "$@"
+server="$1"
+
+# If we already knew that host …
+ssh-keygen -f "/home/plom/.ssh/known_hosts" -R "${server}"
+
+# This will be used to log-in as root from plom account.
+printf '\nFirst, enter the old root password; then enter new password three times.\n\n'
+ssh root@"${server}" 'printf "\n\n" && passwd'
+
+# Save root password for sshpass
+stty -echo
+printf "Re-enter new server root password: "
+read PW_ROOT
+stty echo
+printf "\n"
+export SSHPASS="${PW_ROOT}"
+
+# Create user plom, and his ~/.ssh/authorized_keys based on the local
+# ~/.ssh/id_rsa.pub; ensure the result has proper permissions and
+# ownerships. Then disable root and pw login by copying over the
+# sshd_config and restart ssh daemon.
+#
+# This could be a line or two shorter by using ssh-copy-id, but that
+# would require setting a password for user plom otherwise not needed.
+sshpass -e scp ~/.ssh/id_rsa.pub root@"${server}":/tmp/authorized_keys
+sshpass -e ssh root@"${server}" \
+        'useradd -m plom && '\
+        'mkdir /home/plom/.ssh && '\
+        'chown plom:plom /home/plom/.ssh && '\
+        'chown plom:plom /tmp/authorized_keys && '\
+        'chmod u=rw,go= /tmp/authorized_keys && '\
+        'mv /tmp/authorized_keys /home/plom/.ssh/'
+sshpass -e scp "${local_path_sshd_config}" root@"${server}":"${system_path_sshd_config}"
+sshpass -e ssh root@"${server}" 'service ssh restart'
diff --git a/archived/bullseye/setup_scripts/init_user_login.sh b/archived/bullseye/setup_scripts/init_user_login.sh
new file mode 100755 (executable)
index 0000000..3dfc0d5
--- /dev/null
@@ -0,0 +1,39 @@
+#!/bin/sh
+# This script turns a fresh server with password-based root access into
+# one of only key-based access and only to new non-root account plom.
+#
+# CAUTION: This is optimized for a *fresh* setup. It will overwrite any
+# pre-existing ~/.ssh/authorized_keys of user plom with one that solely
+# contains the local ~/.ssh/id_rsa.pub, and also any old
+# /etc/ssh/sshd_config.
+#
+# Dependencies: ssh, scp, ~/.ssh/id_rsa.pub, properly configured sshd_config
+# file in misc.sh:$local_etc_server.
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 1 "(server)" "$@"
+server="$1"
+
+# If we already knew that host …
+ssh-keygen -f "/home/plom/.ssh/known_hosts" -R "${server}"
+
+# So we're only asked once …
+eval $(ssh-agent)
+ssh-add
+
+# This will be used to log-in as root from plom account.
+printf '\nAsking for new root password.\n\n'
+ssh root@"${server}" 'printf "\n\n" && passwd'
+
+# Set up plom's ~/.ssh/authorized_keys from root's.
+ssh root@"${server}" 'useradd -m plom'
+ssh root@"${server}" 'mkdir /home/plom/.ssh'
+ssh root@"${server}" 'chown plom:plom /home/plom/.ssh'
+ssh root@"${server}" 'cp /root/.ssh/authorized_keys /home/plom/.ssh/'
+ssh root@"${server}" 'chown plom:plom /home/plom/.ssh/authorized_keys'
+
+# Set up SSH config and remove direct SSH login to root.
+scp "${local_path_sshd_config}" root@"${server}":"${system_path_sshd_config}"
+ssh root@"${server}" 'rm -rf /root/.ssh && service ssh restart'
diff --git a/archived/bullseye/setup_scripts/install_for_target.sh b/archived/bullseye/setup_scripts/install_for_target.sh
new file mode 100755 (executable)
index 0000000..6f42b56
--- /dev/null
@@ -0,0 +1,20 @@
+#!/bin/sh
+# Walks through the package names in the argument-selected files of
+# apt-mark/ and ensures the respective packages are installed.
+#
+# Ignores anything in an apt-mark/ file after the last newline.
+set -e
+
+config_tree_prefix="${HOME}/config/bullseye"
+aptmark_dir="${config_tree_prefix}/apt-mark"
+
+for target in "$@"; do
+    path="${aptmark_dir}/${target}"
+    # TODO: continue if file at $path not found, to get rid of dummy files
+    cat "${path}" | while read line; do
+        echo "$line"
+        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
+            DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=--force-confold install "${line}"
+        fi
+    done
+done
diff --git a/archived/bullseye/setup_scripts/migrate_borg.sh b/archived/bullseye/setup_scripts/migrate_borg.sh
new file mode 100755 (executable)
index 0000000..28a0fd9
--- /dev/null
@@ -0,0 +1,17 @@
+#!/bin/sh
+set -e
+
+if [ "$#" -ne 1 ]; then
+    echo 'Need  old server IP.'
+    false
+fi
+old_server="$1"
+config_tree_prefix="${HOME}/config/bullseye"
+cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
+chown plom:plom /home/plom/prepare_to_meet_server.sh
+su -lc "./prepare_to_meet_server.sh ${old_server}" plom
+read -p'Hit Enter when you are done.' ignore
+rm /home/plom/prepare_to_meet_server.sh
+cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
+su -lc "./mirror_dir.sh ${old_server} /home/plom/borg" plom
+rm /home/plom/mirror_dir.sh
diff --git a/archived/bullseye/setup_scripts/mirror_dir.sh b/archived/bullseye/setup_scripts/mirror_dir.sh
new file mode 100755 (executable)
index 0000000..0fc03aa
--- /dev/null
@@ -0,0 +1,23 @@
+#!/bin/sh
+# Mirror directory tree from remote to local server, keeping the path.
+set -e
+
+if [ $# -lt 2 ]; then
+    echo "Need server and directory as arguments."
+    false
+fi
+server=$1
+dir=$2
+path_package=/tmp/delete.tar
+
+eval `ssh-agent`
+ssh-add
+cd
+ssh plom@"${server}" "cd \"${dir}\" && tar cf ${path_package} ."
+scp plom@"${server}":"${path_package}" "${path_package}"
+mkdir -p "${dir}"
+cd "${dir}"
+tar xf "${path_package}"
+cd
+rm "${path_package}"
+ssh plom@"${server}" rm "${path_package}"
diff --git a/archived/bullseye/setup_scripts/misc.sh b/archived/bullseye/setup_scripts/misc.sh
new file mode 100644 (file)
index 0000000..bf38bf6
--- /dev/null
@@ -0,0 +1,3 @@
+#!/bin/sh
+#set -e
+config_tree_prefix="${HOME}/public_repos/config/bullseye"
diff --git a/archived/bullseye/setup_scripts/prepare_to_meet_server.sh b/archived/bullseye/setup_scripts/prepare_to_meet_server.sh
new file mode 100755 (executable)
index 0000000..df2aa41
--- /dev/null
@@ -0,0 +1,22 @@
+#!/bin/sh
+# Do some of the steps necessary to SSH (key-based) with another server.
+set -e
+
+if [ "$#" -ne 1 ]; then
+    echo 'Need server IP as argument.'
+    false
+fi
+target="$1"
+
+# We need a public key to copy over, so generate it if not found.
+if [ ! -f ~/.ssh/id_rsa.pub ]; then
+    ssh-keygen -N ""
+fi
+
+# Add target to ~/.ssh/known_hosts so we don't get
+# asked for permission at inopportune moments.
+ssh-keyscan -H "$target" >> ~/.ssh/known_hosts
+
+# Tell user what to do.
+echo "APPEND FOLLOWING TO TARGET'S ~/.ssh/authorized_keys:"
+cat ~/.ssh/id_rsa.pub
diff --git a/archived/bullseye/setup_scripts/purge_nonrequireds.sh b/archived/bullseye/setup_scripts/purge_nonrequireds.sh
new file mode 100755 (executable)
index 0000000..135196b
--- /dev/null
@@ -0,0 +1,30 @@
+#!/bin/sh
+# This script removes all Debian packages that are not of Priority
+# "required" or not depended on by packages of priority "required"
+# or not listed in the argument-selected files of apt-mark/.
+set -e
+
+config_tree_prefix="${HOME}/config/bullseye"
+aptmark_dir="${config_tree_prefix}/apt-mark"
+
+dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted
+for target in "$@"; do
+    path="${aptmark_dir}/${target}"
+    cat "${path}" | while read line; do
+        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
+            echo "${line}" >> /tmp/list_white_unsorted
+        fi
+    done
+done
+sort /tmp/list_white_unsorted > /tmp/list_white
+dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages
+sort /tmp/list_all_packages > /tmp/foo
+mv /tmp/foo /tmp/list_all_packages
+comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black
+apt-mark auto `cat /tmp/list_black`
+DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
+rm /tmp/list_all_packages /tmp/list_white_unsorted /tmp/list_white /tmp/list_black
+
+# Somehow, auto-mounts get undone by all of this, so re-mount /etc/fstab.
+# TODO: Find out why.
+mount -a
diff --git a/archived/bullseye/setup_scripts/set_hostname_and_fqdn.sh b/archived/bullseye/setup_scripts/set_hostname_and_fqdn.sh
new file mode 100755 (executable)
index 0000000..a3b9f9a
--- /dev/null
@@ -0,0 +1,50 @@
+#!/bin/sh
+# Sets hostname and optionally FQDN.
+#
+# Calls hostname, writes to /etc/hostname and /etc/hosts. For /etc/hosts
+# writing follows recommendations from Debian manual at
+# <https://www.debian.org/doc/manuals/debian-reference/ch05.en.html>
+# (section "The hostname resolution") on how to map hostname and possibly
+# FQDN to a permanent IP if present (we assume here any non-private IP
+# and non-loopback IP returned by hostname -I to fulfill that criterion
+# on our systems) or to 127.0.1.1 if not. On the reasoning for separating
+# localhost and hostname mapping to different IPs, see
+# <https://unix.stackexchange.com/a/13087>.
+#
+# Ignores IPv6s.
+set -e
+
+hostname="$1"
+fqdn="$2"
+if [ "${hostname}" = "" ]; then
+    echo "Need hostname as argument."
+    false
+fi
+echo "${hostname}" > /etc/hostname
+hostname "${hostname}"
+
+final_ip="127.0.1.1"
+for ip in $(hostname -I); do
+    if [ $(echo "${ip}" | grep ':' | wc -l) -eq 1 ]; then
+        continue
+    fi
+    range_1=$(echo "${ip}" | cut -d "." -f 1)
+    range_2=$(echo "${ip}" | cut -d "." -f 2)
+    if [ "${range_1}" -eq 127 ]; then
+        continue
+    elif [ "${range_1}" -eq 10 ]; then
+        continue
+    elif [ "${range_1}" -eq 172 ]; then
+        if [ "${range_2}" -ge 16 ] && [ "${range_2}" -le 31 ]; then
+            continue
+        fi
+    elif [ "${range_1}" -eq 192 ]; then
+        if [ "${range_2}" -eq 168 ]; then
+            continue
+        fi
+    fi
+    final_ip="${ip}"
+done
+
+echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
+echo "${final_ip} ${fqdn} ${hostname}" >> /etc/hosts
diff --git a/archived/bullseye/setup_scripts/setup.sh b/archived/bullseye/setup_scripts/setup.sh
new file mode 100755 (executable)
index 0000000..aadfc25
--- /dev/null
@@ -0,0 +1,39 @@
+#!/bin/sh
+set -e
+
+# Provide maximum input for set_hostname_and_fqdn.sh.
+if [ "$#" -lt 2 ]; then
+    echo 'Need at least two arguments (hostname, FQDN).'
+    false
+fi
+hostname="$1"
+fqdn="$2"
+shift 2
+
+config_tree_prefix="${HOME}/config/bullseye"
+setup_scripts_dir="${config_tree_prefix}/setup_scripts"
+cd "${setup_scripts_dir}"
+
+# Adapt /etc/ to our needs by copying from ./etc_files. This will set
+# basic configurations affecting following steps, such as setup of APT
+# and the locale selection, so needs to be right at the beginning.
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" all "$@"
+
+# Set hostname and FQDN.
+./set_hostname_and_fqdn.sh "${hostname}" "${fqdn}"
+
+# Ensure package installation state as defined by what packages are
+# defined as required by Debian policy and by settings in ./apt-mark/.
+apt update
+./install_for_target.sh all "$@"
+./purge_nonrequireds.sh all "$@"
+
+# Ensure our desired locale is available.
+locale-gen
+
+# Only upgrade after reducing the system to the desired minimum, so that
+# we don't need to get more data than necessary.
+apt -y dist-upgrade
+
+# Set Berlin localtime.
+ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
diff --git a/archived/bullseye/setup_scripts/setup_daily_reboot.sh b/archived/bullseye/setup_scripts/setup_daily_reboot.sh
new file mode 100755 (executable)
index 0000000..f8ed183
--- /dev/null
@@ -0,0 +1,9 @@
+#!/bin/sh
+set -e
+
+# Set up system without user environment.
+config_tree_prefix="${HOME}/config/bullseye"
+
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" daily_reboot 
+systemctl enable reboot.timer 
+systemctl start reboot.timer 
diff --git a/archived/bullseye/setup_scripts/setup_desktop.sh b/archived/bullseye/setup_scripts/setup_desktop.sh
new file mode 100755 (executable)
index 0000000..329e6e2
--- /dev/null
@@ -0,0 +1,65 @@
+#!/bin/sh
+set -e
+
+if [ "$#" -ne 1 ]; then
+    echo 'Need exactly one argument (system name).'
+    false
+fi
+if [ ! "$1" = "x220" ] && [ ! "$1" = "w530" ]; then
+    echo "Need legal system name."
+    false
+fi
+system_name="$1"
+
+# Set up system without user environment.
+config_tree_prefix="${HOME}/config/bullseye"
+setup_scripts_dir="${config_tree_prefix}/setup_scripts"
+cd "${setup_scripts_dir}"
+if [ "$1" = "x200s" ] || [ "$1" = "x220" ] || [ "$1" = "w530" ]; then
+  ./setup.sh "${system_name}" "" user desktop thinkpad "${system_name}"
+else
+  ./setup.sh "${system_name}" "" user desktop "${system_name}"
+fi
+
+# # Set up printer.
+# ppd_deb="hll2350dwpdrv-4.0.0-1.i386.deb"
+# wget "https://download.brother.com/welcome/dlf103566/${ppd_deb}"
+# dpkg --add-architecture i386
+# apt update
+# apt install -y "./${ppd_deb}"
+# # lpadmin -p 'Brother_HLL2350DW' -m 'brother-HLL2350DW-cups-en.ppd'
+# # service cups restart
+# rm "./${ppd_deb}"
+# # TODO explore potential lpadmin options like -o 'OutputMode=NormalGray'
+
+# Set up user environments.
+secrets_dev="sdb"
+source_dir_secrets="/media/${secrets_dev}/to_usb"
+target_dir_secrets="/home/plom/tmp_secrets"
+cd "${setup_scripts_dir}"
+./copy_dirtree.sh "${config_tree_prefix}/home_files" "/root" minimal root
+set +e
+HOME_DIR_EXISTS=$([ ! -d "/home/plom" ]; echo $?)
+set -e
+adduser --disabled-password --gecos "" plom
+usermod -a -G sudo plom
+passwd plom
+if [ "${HOME_DIR_EXISTS}" -eq 0 ]; then
+    echo "Put secrets drive into slot for /dev/${secrets_dev}."
+    while [ ! -e /dev/"${secrets_dev}" ]; do
+        sleep 1
+    done
+    stty -echo
+    printf "Secrets passphrase: "
+    read secrets_pass
+    stty echo
+    echo "" # newline so user knows their input return was accepted
+    echo "${secrets_pass}" | pmount /dev/"${secrets_dev}"
+    cp -a "${source_dir_secrets}" "${target_dir_secrets}"
+    chown -R plom:plom "${target_dir_secrets}"
+    pumount "${secrets_dev}"
+    echo "You can remove /dev/${secrets_dev} now."
+    cp setup_home.sh /home/plom
+    chown plom:plom /home/plom/setup_home.sh
+    SECRETS_PASS="${secrets_pass}" su -c "cd && ./setup_home.sh ${system_name}" plom
+fi
diff --git a/archived/bullseye/setup_scripts/setup_dumpsite.sh b/archived/bullseye/setup_scripts/setup_dumpsite.sh
new file mode 100755 (executable)
index 0000000..35f7c8e
--- /dev/null
@@ -0,0 +1,102 @@
+#!/bin/sh
+set -e
+
+if [ "$#" -ne 4 ]; then
+    echo 'Need domain name and mail and old server and repos source ("local" or "remote"?).'
+    false
+fi
+if [ ! "$4" = "local" ] && [ ! "$4" = "remote" ]; then
+    echo "Need legal repo source name."
+    false
+fi
+domain="$1"
+mail="$2"
+old_server="$3"
+repos_source="$4"
+
+read -p"Only continue if hostname is not domain of url_catcher's target mail address, else abort!" ignore
+
+# Install configs, set up firewall.
+echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections
+echo "postfix postfix/mailname string $(hostname -f)" | debconf-set-selections
+config_tree_prefix="${HOME}/config/bullseye"
+./install_for_target.sh web dumpsite
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web dumpsite
+nft -f /etc/nftables.conf
+
+# Set up letsencrypt certificate. TODO: Is it auto-renewed?
+ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
+certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
+rm /etc/nginx/sites-enabled/default
+
+# Set up connection to old dump server.
+cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
+chown plom:plom /home/plom/prepare_to_meet_server.sh
+su -lc "./prepare_to_meet_server.sh ${old_server}" plom
+read -p'Hit Enter when you are done.' ignore
+rm /home/plom/prepare_to_meet_server.sh
+
+# Set up dump dirs.
+mkdir /var/www-dump
+chown plom:plom /var/www-dump
+dump_dir=dump
+geheim_dir=geheim
+su -lc "ln -s /home/plom/${dump_dir} /var/www-dump/${dump_dir}" plom
+su -lc "ln -s /home/plom/${geheim_dir} /var/www-dump/${geheim_dir}" plom
+cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
+su -lc "./mirror_dir.sh ${old_server} /home/plom/${dump_dir}" plom
+su -lc "./mirror_dir.sh ${old_server} /home/plom/${geheim_dir}" plom
+su -lc "scp plom@${old_server}:/var/www-dump/password_geheim ~" plom
+mv /home/plom/password_geheim /var/www-dump/password_geheim
+rm /home/plom/mirror_dir.sh
+
+# Set up redo.
+wget http://news.dieweltistgarnichtso.net/bin/archives/redo-sh.tar.gz
+tar -moxzf redo-sh.tar.gz -C /usr/local
+
+# Set up zettel.
+su -lc "git clone --mirror ${old_server}:zettel.git" plom
+cp "${config_tree_prefix}/other_files/zettel_hook_post-receive" /home/plom/zettel.git/hooks/post-receive
+su -lc "git clone ~/zettel.git && cd zettel && redo" plom
+su -lc "ln -s /home/plom/zettel /var/www-dump/zettel" plom
+# NOTE: Locally, to update content, clone zettel.git, not zettel.
+
+# Set up redo blog.
+su -lc "git clone --mirror ${old_server}:blog.git" plom
+cp "${config_tree_prefix}/other_files/blog_hook_post-receive" /home/plom/blog.git/hooks/post-receive
+su -lc "git clone ~/blog.git" plom
+# TODO: set up like plomlombot repo (with post-recieve hook)?
+if [ "$repos_source" = "local"]; then
+  su -lc "git clone /var/repos/redo-blog" plom
+else
+  su -lc "git clone https://plomlompom.com/repos/clone/redo-blog" plom
+fi
+su -lc "cd redo-blog && ./add_dir.sh ~/blog" plom
+su -lc "cd blog && redo" plom
+su -lc "ln -s /home/plom/blog/public /var/www-dump/blog" plom
+# NOTE: Locally, to update content, clone blog.git, not blog.
+
+# Set up url catcher.
+# TODO: set up like plomlombot repo (with post-recieve hook)?
+if [ "$repos_source" = "local" ]; then
+  su -lc "git clone /var/repos/url-catcher" plom
+else
+  su -lc "git clone https://plomlompom.com/repos/clone/url-catcher" plom
+fi
+su -lc "cd url-catcher && ln -s ../blog/captchas/linkable/ captchas" plom
+cp "${config_tree_prefix}/other_files/url-catcher_customizations.json" /home/plom/url-catcher/customizations.json
+systemctl enable url_catcher.service
+service url_catcher start
+cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
+su -lc "./mirror_dir.sh ${old_server} /home/plom/url-catcher/ips" plom
+su -lc "./mirror_dir.sh ${old_server} /home/plom/url-catcher/lists" plom
+rm /home/plom/mirror_dir.sh
+
+# Set up index.html
+cp "${config_tree_prefix}/other_files/dumpsite_index.html" /var/www-dump/index.html
+
+# Prepare NGINX.
+sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/dumpsite.nginx
+ln -s /etc/nginx/sites-available/dumpsite.nginx /etc/nginx/sites-enabled/dumpsite.nginx
+
+service nginx restart
diff --git a/archived/bullseye/setup_scripts/setup_firefox.sh b/archived/bullseye/setup_scripts/setup_firefox.sh
new file mode 100755 (executable)
index 0000000..1cc312f
--- /dev/null
@@ -0,0 +1,24 @@
+#!/bin/sh
+set -e
+
+# Set up system without user environment.
+config_tree_prefix="${HOME}/config/bullseye"
+
+# Install Firefox directly from Mozilla.
+firefox_release="91.5.1esr"
+firefox_filename="firefox-${firefox_release}.tar.bz2"
+url_firefox="https://ftp.mozilla.org/pub/firefox/releases/${firefox_release}/linux-x86_64/en-US/${firefox_filename}"
+wget "${url_firefox}"
+mv "${firefox_filename}" /opt/
+cd /opt/
+tar xf "${firefox_filename}"
+rm "${firefox_filename}"
+ln -f -s /opt/firefox/firefox /usr/local/bin/
+update-alternatives --install /usr/bin/x-www-browser x-www-browser /opt/firefox/firefox 200
+update-alternatives --set x-www-browser /opt/firefox/firefox
+
+# as default new tab content for tridactyl 
+cp "${config_tree_prefix}/other_files/blank.html" /opt/firefox/
+
+echo "TODO: Install uBlock Origin and tridactyl plugins, run :installnative and :source."
+
diff --git a/archived/bullseye/setup_scripts/setup_home.sh b/archived/bullseye/setup_scripts/setup_home.sh
new file mode 100755 (executable)
index 0000000..7471598
--- /dev/null
@@ -0,0 +1,101 @@
+#!/bin/sh
+set -e
+
+if [ "$#" -ne 1 ]; then
+    echo 'Need exactly one argument (system name).'
+    false
+fi
+if [ ! "$1" = "x220" ] && [ ! "$1" = "w530" ]; then
+    echo "Need legal system name."
+    false
+fi
+system_name="$1"
+
+public_repos_dir="${HOME}/public_repos"
+config_tree_prefix="${public_repos_dir}/config/bullseye"
+path_borgscript="${config_tree_prefix}//borg.sh"
+setup_scripts_dir="${config_tree_prefix}/setup_scripts"
+repos_list_file="${public_repos_dir}/repos"
+dir_secrets="${HOME}/tmp_secrets"
+borgkeys_dir=~/.config/borg/keys
+borgrepos_file=~/.borgrepos
+ssh_dir=~/.ssh
+authinfo_file=.authinfo
+maildir=~/mail/maildir
+
+ensure_repo() {
+    repo_name="${1}"
+    if [ ! -d "${public_repos_dir}/${repo_name}" ]; then
+        cd "${public_repos_dir}"
+        git clone plom@plomlompom.com:/var/repos/${repo_name}
+    fi
+}
+
+# Set up iniitial non-public parts of infrastructure: SSH authentication.
+cd "${dir_secrets}"
+mkdir -p "${ssh_dir}"
+echo "Setting up .ssh"
+cp id_rsa ~/.ssh
+stty -echo
+ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
+stty echo
+eval $(ssh-agent)
+ssh-add
+ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts
+
+# Clone config to copy dotfiles etc. from it.
+cd
+mkdir -p "${public_repos_dir}"
+ensure_repo config
+cd "${setup_scripts_dir}"
+./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}"
+
+# # Set up native messenger for tridactyl.
+# version='ef9f02d0da258f68d7faf8898707f6d83d90d07a'
+# curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash
+
+# Set up further non-public parts of infrastructure.
+cd "${dir_secrets}"
+script -c 'gpg --import secret_keys.asc' /dev/null
+tar xf borg_keyfiles.tar
+mkdir -p "${borgkeys_dir}"
+mv borg_keyfiles/* "${borgkeys_dir}"
+# .authinfo may not be present on every secrets drive yet
+if [ -f "${authinfo_file}" ]; then
+    cp "${authinfo_file}" ~
+fi
+cd
+rm -rf "${dir_secrets}"
+
+# Sync org dir via borgbackup. For this we need the borgbackup servers
+# in our .ssh/known_hosts file.
+cat "${borgrepos_file}" | while read line; do
+    first_char=$(echo "${line}" | cut -c1)
+    if [ "${first_char}" = "#" ]; then
+        continue
+    fi
+    server=$(echo "${line}" | sed 's/.*@//')
+    ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts
+done
+BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull
+
+# Fill ~/public_repos.
+cat "${repos_list_file}" | while read line; do
+    first_char=$(echo "${line}" | cut -c1)
+    if [ "${first_char}" = "#" ]; then
+        continue
+    fi
+    ensure_repo "${line}"
+done
+
+# Set up e-mail system. Note that we only do mbsync if the imap pass file
+# is found. It may not be present on every secrets drive yet, so we have to
+# deal with the possibility of it being absent at this point.
+mkdir -p "${maildir}"  # expected by mbsync/isync
+if [ -f "${HOME}/${authinfo_file}" ]; then
+    mbsync -a
+    notmuch new
+fi
+
+# # Final note on how to integrate tridactyl.
+# echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start."
diff --git a/archived/bullseye/setup_scripts/setup_microblogpub.sh b/archived/bullseye/setup_scripts/setup_microblogpub.sh
new file mode 100755 (executable)
index 0000000..d0f68c9
--- /dev/null
@@ -0,0 +1,58 @@
+#!/bin/sh
+set -e
+set -x
+
+if [ "$#" -ne 2 ]; then
+    echo 'Need domain name and mail.'
+    false
+fi
+domain="$1"
+mail="$2"
+
+# Install configs, set up firewall.
+config_tree_prefix="${HOME}/config/bullseye"
+./install_for_target.sh web microblogpub
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web microblogpub
+apt update  # since we just updated /etc/apt/sources.list
+nft -f /etc/nftables.conf
+
+# Set up letsencrypt certificate. TODO: Is it auto-renewed?
+ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
+certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
+rm /etc/nginx/sites-enabled/default
+
+# Install Python >=3.10 from source (Bullseye only has 3.9).
+python_version=3.11.1
+python_dirname="Python-${python_version}"
+su -lc "wget https://www.python.org/ftp/python/${python_version}/${python_dirname}.tgz" plom
+su -lc "tar -xvf ${python_dirname}.tgz" plom
+su -lc "cd /home/plom/${python_dirname} && ./configure --enable-optimizations && make"
+cd /home/plom/${python_dirname}/
+make altinstall
+cd
+rm -rf /home/plom/${python_dirname}
+
+# Configure/install Poetry and microblog.pub.
+su -lc "curl -sSL https://install.python-poetry.org | python3.11" - plom
+su -lc "git clone https://git.sr.ht/~tsileo/microblog.pub testing.microblog.pub" - plom
+su -lc "poetry config installer.parallel false" - plom
+su -lc "cd testing.microblog.pub && poetry install" - plom
+su -lPc "cd testing.microblog.pub && poetry run inv configuration-wizard" - plom
+su -lPc "cd testing.microblog.pub && poetry run inv migrate-db" - plom
+
+# Set up microblog.pub daemon service.
+venv_dir_path=$( su -lPc "cd testing.microblog.pub && poetry env info --path" - plom)
+venv_dir=$(basename ${venv_dir_path})
+sed -i "s/REPLACE_venv_dir_ECALPER/${venv_dir}/g" /etc/systemd/system/microblogpub.service
+systemctl enable microblogpub.service
+service microblogpub start
+
+# Prepare and start NGINX config.
+sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/microblogpub.nginx
+ln -s /etc/nginx/sites-available/microblogpub.nginx /etc/nginx/sites-enabled/microblogpub.nginx
+service nginx restart
+
+# Setup regular DB pruning
+cp "${config_tree_prefix}/other_files/prune_microblog.sh" /home/plom/
+systemctl enable microblogpub_prune.timer
+systemctl start microblogpub_prune.timer
diff --git a/archived/bullseye/setup_scripts/setup_play.sh b/archived/bullseye/setup_scripts/setup_play.sh
new file mode 100755 (executable)
index 0000000..a29b2f6
--- /dev/null
@@ -0,0 +1,54 @@
+#!/bin/sh
+set -e
+
+if [ "$#" -lt 1 ]; then
+  echo "Need public key ID and optionally old server IP."
+  false
+fi
+gpg_key="$1"
+old_server="$2"
+
+config_tree_prefix="${HOME}/config/bullseye"
+./install_for_target.sh play
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" play
+cp "${config_tree_prefix}/other_files/weechatrc" /home/plom/.weechatrc
+cp "${config_tree_prefix}/other_files/weechat-wrapper.sh" /home/plom/
+cp "${config_tree_prefix}/other_files/weechatlogs_encrypter.sh" /home/plom/
+chown plom:plom /home/plom/*weechat*
+chown plom:plom /home/plom/.weechatrc
+echo "${gpg_key}" > /home/plom/.encrypt_target
+chown plom:plom /home/plom/.encrypt_target
+
+# TODO refactor with setup_website.sh
+# Add encryption key.
+keyservers='keyserver.ubuntu.com pgp.surf.nl pgp.rediris.es'
+set +e
+while true; do
+    do_break=0
+    for keyserver in $(echo "${keyservers}"); do
+        su plom -c "gpg --no-tty --keyserver $keyserver --recv-key ${gpg_key}"
+        if [ $? -eq "0" ]; then
+            do_break=1
+            break
+        fi
+        echo "Attempt with keyserver ${keyserver} unsuccessful, trying other."
+    done
+    if [ "${do_break}" -eq "1" ]; then
+        break
+    fi
+done
+set -e
+
+if [ "${old_server}" != "" ]; then
+  cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
+  su -lc "./prepare_to_meet_server.sh ${old_server}" plom
+  read -p'Hit Enter when you are done.' ignore
+  rm /home/plom/prepare_to_meet_server.sh
+  su -lc "scp plom@${old_server}:.ssh/authorized_keys .ssh/authorized_keys" plom
+  su -lc "scp plom@${old_server}:.weechatrc ~" plom
+  cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
+  su -lc "./mirror_dir.sh ${old_server} /home/plom/weechatlogs" plom
+  rm /home/plom/mirror_dir.sh
+fi
+
+systemctl enable --now encrypt_chatlogs.timer
diff --git a/archived/bullseye/setup_scripts/setup_server.sh b/archived/bullseye/setup_scripts/setup_server.sh
new file mode 100755 (executable)
index 0000000..a05db18
--- /dev/null
@@ -0,0 +1,26 @@
+#!/bin/sh
+# Next setup steps for a server whose login policy has just been set from
+# the outside via ./init_user_and_keybased_login.sh.
+set -e
+
+# Provide maximum input for set_hostname_and_fqdn.sh.
+if [ "$#" -lt 2 ]; then
+    echo 'Need exactly two arguments (hostname, FQDN).'
+    false
+fi
+hostname="$1"
+fqdn="$2"
+additional_arg="$3"
+
+# Set up system without user environment.
+config_tree_prefix="${HOME}/config/bullseye"
+setup_scripts_dir="${config_tree_prefix}/setup_scripts"
+cd "${setup_scripts_dir}"
+./setup.sh "${hostname}" "${fqdn}" server "${additional_arg}"
+
+# If we have not yet set the shell for user plom, ensure it here. This
+# is mostly for convenience.
+usermod -s /bin/bash plom
+
+# Enable firewall.
+systemctl enable nftables.service
diff --git a/archived/bullseye/setup_scripts/setup_website.sh b/archived/bullseye/setup_scripts/setup_website.sh
new file mode 100755 (executable)
index 0000000..ad36796
--- /dev/null
@@ -0,0 +1,139 @@
+#!/bin/sh
+set -e
+
+if [ "$#" -ne 4 ] && [ "$#" -ne 5 ]; then
+    echo 'Need domain name and mail and key ID and init state and possibly old server IP as argument.'
+    false
+fi
+if [ ! "$4" = "copy" ] && [ ! "$4" = "new" ]; then
+    echo "Need init state to be either 'copy' or 'new'."
+    false
+fi
+if [ ! "$4" = "new" ] && [ "$#" -ne 5 ]; then
+    echo "With init state != 'new' need fifth argument old server IP."
+    false
+fi
+domain="$1"
+mail="$2"
+gpg_key="$3"
+init_state="$4"
+old_server="$5"
+
+# Install configs, set up firewall.
+config_tree_prefix="${HOME}/config/bullseye"
+./install_for_target.sh web website
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web website
+nft -f /etc/nftables.conf
+
+# Set up letsencrypt certificate. TODO: Is it auto-renewed?
+ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
+certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
+rm /etc/nginx/sites-enabled/default
+
+# Set up connection to old server.
+if [ ! "${init_state}" = "new" ]; then
+  cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
+  chown plom:plom /home/plom/prepare_to_meet_server.sh
+  su -lc "./prepare_to_meet_server.sh ${old_server}" plom
+  read -p'Hit Enter when you are done.' ignore
+  rm /home/plom/prepare_to_meet_server.sh
+fi
+
+# Set up repos dir.
+# To use this dir, "git clone --mirror" repo source paths into it as user plom.
+# As user plom, touch git-daemon-export-ok files into it to make the repo
+# publically available.
+if [ "${init_state}" = "new" ]; then
+  mkdir /var/repos
+  chown plom:plom /var/repos
+else
+  cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
+  chmod a+w /var
+  if [ "${init_state}" = "copy" ]; then
+    su -lc "./mirror_dir.sh ${old_server} /var/repos" plom
+  else
+    su -lc "./mirror_dir.sh ${old_server} /var/public_repos" plom
+  fi
+  chmod a-w /var
+  rm /home/plom/mirror_dir.sh
+fi
+
+# Prepare NGINX and GitWeb config.
+sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/gitweb.conf
+sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/website.nginx
+ln -s /etc/nginx/sites-available/website.nginx /etc/nginx/sites-enabled/website.nginx
+
+# Set up website. TODO: use non-/var/www dir for better separation to dump site
+rm -rf /var/www
+mkdir /var/www
+chown plom:plom /var/www
+if [ "${init_state}" = "new" ]; then
+  su -lc "cd /var/repos && git init --bare website.git" plom
+fi
+cp "${config_tree_prefix}/other_files/website_hook_post-receive" /var/repos/website.git/hooks/post-receive
+su -lc 'cd /var/www && git clone /var/repos/website.git .' plom
+
+# Add encryption key.
+keyservers='keyserver.ubuntu.com pgp.surf.nl pgp.rediris.es'
+set +e
+while true; do
+    do_break=0
+    for keyserver in $(echo "${keyservers}"); do
+        su plom -c "gpg --no-tty --keyserver $keyserver --recv-key ${gpg_key}"
+        if [ $? -eq "0" ]; then
+            do_break=1
+            break
+        fi
+        echo "Attempt with keyserver ${keyserver} unsuccessful, trying other."
+    done
+    if [ "${do_break}" -eq "1" ]; then
+        break
+    fi
+done
+set -e
+
+# Set up plomlombot.
+irclogs_dir=/var/www/html/irclogs
+irclogs_pw_dir=/var/www/irclogs_pw
+mkdir -p "${irclogs_dir}"
+chown -R plom:plom "${irclogs_dir}"
+mkdir -p "${irclogs_pw_dir}"
+chown -R plom:plom "${irclogs_pw_dir}"
+if [ "${init_state}" = "new" ]; then
+  # TODO investigate whether we can get rid of anything here
+  # Handle the case that the repo is in the old pre-buster server setup –
+  # even then, the URL should be the same.
+  su -lc "cd /var/repos && git clone --mirror https://plomlompom.com/repos/clone/plomlombot-irc" plom
+  su -lc "touch /var/repos/plomlombot-irc.git/git-daemon-export-ok" plom
+  cp "${config_tree_prefix}/other_files/plomlombot_hook_post-receive" /var/repos/plomlombot-irc.git/hooks/post-receive
+fi
+su -lc "git clone /var/repos/plomlombot-irc.git" plom
+cp "${config_tree_prefix}/other_files/plomlombot_daemon.sh" /home/plom/
+chown plom:plom /home/plom/plomlombot_daemon.sh
+if [ "${init_state}" = "new" ]; then
+  echo 'bot: plomlombog plomlombog #plomlomtest irc.freenode.net foo bar' >> /home/plom/.plomlombot
+  chown plom:plom /home/plom/.plomlombot
+else
+  cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
+  su -lc "./mirror_dir.sh ${old_server} /home/plom/plomlombot_db" plom
+  rm /home/plom/mirror_dir.sh
+  su -lc "scp plom@${old_server}:.plomlombot ~" plom
+  # TODO  su -lc "ssh plom@${old_server} \"su -lc 'service plomlombot stop'\"" plom
+fi
+# TODO systemctl enable plomlombot.service
+# TODO service plomlombot start
+
+# Set up guiltcards.
+su -lc "git clone /var/repos/guiltcards" plom
+cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
+su -lc "./mirror_dir.sh ${old_server} /home/plom/guiltcards/decks" plom
+rm /home/plom/mirror_dir.sh
+
+# In the above step, we might have created a root-owned /var/www/html –
+# fix this here.
+chown -R plom:plom /var/www/html
+
+# TODO:
+# - rename /home/plom/public_repos to /home/plom/repos
+
+service nginx restart
diff --git a/archived/buster/apt-mark/all b/archived/buster/apt-mark/all
deleted file mode 100644 (file)
index 4b760bc..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client
-# unpredictably so
-ifupdown
-isc-dhcp-client
-# git for the setup directory; cloning works with ca-certificates
-ca-certificates
-git
-# to avoid constant warnings about no locale being found
-locales
-# extremely useful for basic network debugging; missed these more than once in an emergency
-netcat
-iputils-ping
diff --git a/archived/buster/apt-mark/desktop b/archived/buster/apt-mark/desktop
deleted file mode 100644 (file)
index f537318..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-# so that grub learns about kernel updates
-grub-pc
diff --git a/archived/buster/apt-mark/dumpsite b/archived/buster/apt-mark/dumpsite
deleted file mode 100644 (file)
index a87852a..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-wget
-# for blog and zettel
-pandoc
-# for blog
-html2text
-uuid-runtime
-python3
-# for url_catcher daemon
-python3-venv
-build-essential
-python3-dev
-screen
-postfix
diff --git a/archived/buster/apt-mark/eeepc b/archived/buster/apt-mark/eeepc
deleted file mode 100644 (file)
index 73a755f..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-# for wifi
-firmware-ralink
-#
diff --git a/archived/buster/apt-mark/mail b/archived/buster/apt-mark/mail
deleted file mode 100644 (file)
index 1ef369d..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-# smtp server
-postfix
-# opendkim
-opendkim
-opendkim-tools
-# for pingmail
-mailutils
-# ssl
-certbot
-# IMAPS
-pwgen
-dovecot-imapd
-# sieve filtering
-dovecot-lmtpd
-dovecot-sieve
-# to funnel mail from additional server
-fetchmail
diff --git a/archived/buster/apt-mark/old_server b/archived/buster/apt-mark/old_server
deleted file mode 100644 (file)
index c3d995b..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-# because it contains ifconfig
-net-tools
diff --git a/archived/buster/apt-mark/peertube b/archived/buster/apt-mark/peertube
deleted file mode 100644 (file)
index 5b73bac..0000000
+++ /dev/null
@@ -1,15 +0,0 @@
-ffmpeg
-postgresql
-postgresql-contrib
-openssl
-redis-server
-python-dev
-# only needed for setup
-g++
-make
-git
-curl
-unzip
-libncurses5
-pwgen
-wget
diff --git a/archived/buster/apt-mark/play b/archived/buster/apt-mark/play
deleted file mode 100644 (file)
index 154f7e7..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-weechat
-screen
-gnupg
-dirmngr
diff --git a/archived/buster/apt-mark/pleroma b/archived/buster/apt-mark/pleroma
deleted file mode 100644 (file)
index ec7a134..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-# Pleroma DB
-postgresql
-postgresql-contrib
-# only needed for setup
-pwgen
diff --git a/archived/buster/apt-mark/pleroma_otp b/archived/buster/apt-mark/pleroma_otp
deleted file mode 100644 (file)
index 4805a43..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-# only needed for setup
-curl
-unzip
-libncurses5
diff --git a/archived/buster/apt-mark/pleroma_source b/archived/buster/apt-mark/pleroma_source
deleted file mode 100644 (file)
index 2b1cd35..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-# only needed for setup
-build-essential
-wget
-gnupg
diff --git a/archived/buster/apt-mark/seedbox b/archived/buster/apt-mark/seedbox
deleted file mode 100644 (file)
index 37b941e..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-# needed for rtorrent config setup
-curl
-# needed for torrenting
-rtorrent
-# needed for torrenting session
-screen
-# needed for upload/download
-rsync
diff --git a/archived/buster/apt-mark/server b/archived/buster/apt-mark/server
deleted file mode 100644 (file)
index 2ab22d2..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-# so we can login at all …
-openssh-server
-# firewalling
-nftables
-# We want to be able to use ALL our servers as borg backup destinations.
-borgbackup
diff --git a/archived/buster/apt-mark/thinkpad b/archived/buster/apt-mark/thinkpad
deleted file mode 100644 (file)
index 6a780f2..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-# for wifi
-firmware-iwlwifi
-# for tlp
-tlp
-tp-smapi-dkms
-linux-headers-amd64
-#
diff --git a/archived/buster/apt-mark/user b/archived/buster/apt-mark/user
deleted file mode 100644 (file)
index ece05a4..0000000
+++ /dev/null
@@ -1,77 +0,0 @@
-# to avoid booting problems with encrypted LVM, see <https://askubuntu.com/a/1105848>
-cryptsetup-initramfs
-lvm2
-# this provides setupcon which reads /etc/default/console-setup
-console-setup
-# without this, systemd-logind won't run, and so not detect lid close for hibernation
-dbus
-# for wifi
-wicd-curses
-wicd-gtk
-# for X to start at all
-xserver-xorg-video-intel
-# X input: keyboard and touchpad
-xserver-xorg-input-evdev
-xserver-xorg-input-synaptics
-# for startx
-xinit
-# for xrdb
-x11-xserver-utils
-# for startx to run for non-root user
-libpam-systemd
-# window environment
-i3
-i3status
-suckless-tools
-xterm
-# to get sleepy at night
-redshift
-# for alsamixer
-alsa-utils
-# for xterm and browser unicode display
-ttf-unifont
-# also useful
-vim
-sudo
-less
-man-db
-manpages
-procps
-# firefox dependencies
-libdbus-glib-1-2
-libgtk-3-0
-# firefox installation dependencies (remove later?)
-curl
-python3
-bzip2
-wget
-jq
-unzip
-# to mount encrypted USB stick and use its contents
-pmount
-cryptsetup
-openssh-client
-# for syncing
-borgbackup
-# emacs
-emacs25
-emacs-common-non-dfsg
-emacs-el
-elpa-ledger
-ledger
-elpa-elfeed
-# mail setup
-isync
-notmuch
-elpa-notmuch
-pinentry-gtk2
-# to mount Android phone
-go-mtpfs
-# to use HP Deskjet F380 scanner from GIMP
-sane-utils
-libsane-hpaio
-xsane
-# to use HP Deskjet F380 printer
-cups
-hplip
-#
diff --git a/archived/buster/apt-mark/w530 b/archived/buster/apt-mark/w530
deleted file mode 100644 (file)
index e69de29..0000000
diff --git a/archived/buster/apt-mark/web b/archived/buster/apt-mark/web
deleted file mode 100644 (file)
index 4912b8a..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-nginx-light
-# for SSL
-certbot
-python3-certbot-nginx
diff --git a/archived/buster/apt-mark/website b/archived/buster/apt-mark/website
deleted file mode 100644 (file)
index c046f50..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-# for gitweb
-gitweb
-fcgiwrap
-# for plomlombot
-gnupg
-dirmngr
-python3-venv
-screen
diff --git a/archived/buster/apt-mark/x200s b/archived/buster/apt-mark/x200s
deleted file mode 100644 (file)
index e69de29..0000000
diff --git a/archived/buster/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies b/archived/buster/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies
deleted file mode 100644 (file)
index 4aaef79..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-APT::AutoRemove::RecommendsImportant "false";
-APT::AutoRemove::SuggestsImportant "false";
-APT::Install-Recommends "false";
-APT::Install-Suggests "false";
diff --git a/archived/buster/etc_files/all/etc/apt/sources.list b/archived/buster/etc_files/all/etc/apt/sources.list
deleted file mode 100644 (file)
index 349e8a6..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-deb http://deb.debian.org/debian buster main contrib non-free
-deb http://deb.debian.org/debian-security/ buster/updates main contrib non-free
-deb http://deb.debian.org/debian buster-updates main contrib non-free
-deb http://ftp.debian.org/debian buster-backports main contrib non-free
diff --git a/archived/buster/etc_files/all/etc/default/locale b/archived/buster/etc_files/all/etc/default/locale
deleted file mode 100644 (file)
index dd6eee3..0000000
+++ /dev/null
@@ -1 +0,0 @@
-LANG="en_US.UTF-8"
diff --git a/archived/buster/etc_files/all/etc/locale.gen b/archived/buster/etc_files/all/etc/locale.gen
deleted file mode 100644 (file)
index a28cfa4..0000000
+++ /dev/null
@@ -1,483 +0,0 @@
-# This file lists locales that you wish to have built. You can find a list
-# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
-# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
-# this file, you need to rerun locale-gen.
-
-
-# aa_DJ ISO-8859-1
-# aa_DJ.UTF-8 UTF-8
-# aa_ER UTF-8
-# aa_ER@saaho UTF-8
-# aa_ET UTF-8
-# af_ZA ISO-8859-1
-# af_ZA.UTF-8 UTF-8
-# ak_GH UTF-8
-# am_ET UTF-8
-# an_ES ISO-8859-15
-# an_ES.UTF-8 UTF-8
-# anp_IN UTF-8
-# ar_AE ISO-8859-6
-# ar_AE.UTF-8 UTF-8
-# ar_BH ISO-8859-6
-# ar_BH.UTF-8 UTF-8
-# ar_DZ ISO-8859-6
-# ar_DZ.UTF-8 UTF-8
-# ar_EG ISO-8859-6
-# ar_EG.UTF-8 UTF-8
-# ar_IN UTF-8
-# ar_IQ ISO-8859-6
-# ar_IQ.UTF-8 UTF-8
-# ar_JO ISO-8859-6
-# ar_JO.UTF-8 UTF-8
-# ar_KW ISO-8859-6
-# ar_KW.UTF-8 UTF-8
-# ar_LB ISO-8859-6
-# ar_LB.UTF-8 UTF-8
-# ar_LY ISO-8859-6
-# ar_LY.UTF-8 UTF-8
-# ar_MA ISO-8859-6
-# ar_MA.UTF-8 UTF-8
-# ar_OM ISO-8859-6
-# ar_OM.UTF-8 UTF-8
-# ar_QA ISO-8859-6
-# ar_QA.UTF-8 UTF-8
-# ar_SA ISO-8859-6
-# ar_SA.UTF-8 UTF-8
-# ar_SD ISO-8859-6
-# ar_SD.UTF-8 UTF-8
-# ar_SS UTF-8
-# ar_SY ISO-8859-6
-# ar_SY.UTF-8 UTF-8
-# ar_TN ISO-8859-6
-# ar_TN.UTF-8 UTF-8
-# ar_YE ISO-8859-6
-# ar_YE.UTF-8 UTF-8
-# as_IN UTF-8
-# ast_ES ISO-8859-15
-# ast_ES.UTF-8 UTF-8
-# ayc_PE UTF-8
-# az_AZ UTF-8
-# be_BY CP1251
-# be_BY.UTF-8 UTF-8
-# be_BY@latin UTF-8
-# bem_ZM UTF-8
-# ber_DZ UTF-8
-# ber_MA UTF-8
-# bg_BG CP1251
-# bg_BG.UTF-8 UTF-8
-# bhb_IN.UTF-8 UTF-8
-# bho_IN UTF-8
-# bn_BD UTF-8
-# bn_IN UTF-8
-# bo_CN UTF-8
-# bo_IN UTF-8
-# br_FR ISO-8859-1
-# br_FR.UTF-8 UTF-8
-# br_FR@euro ISO-8859-15
-# brx_IN UTF-8
-# bs_BA ISO-8859-2
-# bs_BA.UTF-8 UTF-8
-# byn_ER UTF-8
-# ca_AD ISO-8859-15
-# ca_AD.UTF-8 UTF-8
-# ca_ES ISO-8859-1
-# ca_ES.UTF-8 UTF-8
-# ca_ES.UTF-8@valencia UTF-8
-# ca_ES@euro ISO-8859-15
-# ca_ES@valencia ISO-8859-15
-# ca_FR ISO-8859-15
-# ca_FR.UTF-8 UTF-8
-# ca_IT ISO-8859-15
-# ca_IT.UTF-8 UTF-8
-# ce_RU UTF-8
-# chr_US UTF-8
-# cmn_TW UTF-8
-# crh_UA UTF-8
-# cs_CZ ISO-8859-2
-# cs_CZ.UTF-8 UTF-8
-# csb_PL UTF-8
-# cv_RU UTF-8
-# cy_GB ISO-8859-14
-# cy_GB.UTF-8 UTF-8
-# da_DK ISO-8859-1
-# da_DK.UTF-8 UTF-8
-# de_AT ISO-8859-1
-# de_AT.UTF-8 UTF-8
-# de_AT@euro ISO-8859-15
-# de_BE ISO-8859-1
-# de_BE.UTF-8 UTF-8
-# de_BE@euro ISO-8859-15
-# de_CH ISO-8859-1
-# de_CH.UTF-8 UTF-8
-# de_DE ISO-8859-1
-# de_DE.UTF-8 UTF-8
-# de_DE@euro ISO-8859-15
-# de_IT ISO-8859-1
-# de_IT.UTF-8 UTF-8
-# de_LI.UTF-8 UTF-8
-# de_LU ISO-8859-1
-# de_LU.UTF-8 UTF-8
-# de_LU@euro ISO-8859-15
-# doi_IN UTF-8
-# dv_MV UTF-8
-# dz_BT UTF-8
-# el_CY ISO-8859-7
-# el_CY.UTF-8 UTF-8
-# el_GR ISO-8859-7
-# el_GR.UTF-8 UTF-8
-# en_AG UTF-8
-# en_AU ISO-8859-1
-# en_AU.UTF-8 UTF-8
-# en_BW ISO-8859-1
-# en_BW.UTF-8 UTF-8
-# en_CA ISO-8859-1
-# en_CA.UTF-8 UTF-8
-# en_DK ISO-8859-1
-# en_DK.ISO-8859-15 ISO-8859-15
-# en_DK.UTF-8 UTF-8
-# en_GB ISO-8859-1
-# en_GB.ISO-8859-15 ISO-8859-15
-# en_GB.UTF-8 UTF-8
-# en_HK ISO-8859-1
-# en_HK.UTF-8 UTF-8
-# en_IE ISO-8859-1
-# en_IE.UTF-8 UTF-8
-# en_IE@euro ISO-8859-15
-# en_IL UTF-8
-# en_IN UTF-8
-# en_NG UTF-8
-# en_NZ ISO-8859-1
-# en_NZ.UTF-8 UTF-8
-# en_PH ISO-8859-1
-# en_PH.UTF-8 UTF-8
-# en_SG ISO-8859-1
-# en_SG.UTF-8 UTF-8
-# en_US ISO-8859-1
-# en_US.ISO-8859-15 ISO-8859-15
-en_US.UTF-8 UTF-8
-# en_ZA ISO-8859-1
-# en_ZA.UTF-8 UTF-8
-# en_ZM UTF-8
-# en_ZW ISO-8859-1
-# en_ZW.UTF-8 UTF-8
-# eo UTF-8
-# es_AR ISO-8859-1
-# es_AR.UTF-8 UTF-8
-# es_BO ISO-8859-1
-# es_BO.UTF-8 UTF-8
-# es_CL ISO-8859-1
-# es_CL.UTF-8 UTF-8
-# es_CO ISO-8859-1
-# es_CO.UTF-8 UTF-8
-# es_CR ISO-8859-1
-# es_CR.UTF-8 UTF-8
-# es_CU UTF-8
-# es_DO ISO-8859-1
-# es_DO.UTF-8 UTF-8
-# es_EC ISO-8859-1
-# es_EC.UTF-8 UTF-8
-# es_ES ISO-8859-1
-# es_ES.UTF-8 UTF-8
-# es_ES@euro ISO-8859-15
-# es_GT ISO-8859-1
-# es_GT.UTF-8 UTF-8
-# es_HN ISO-8859-1
-# es_HN.UTF-8 UTF-8
-# es_MX ISO-8859-1
-# es_MX.UTF-8 UTF-8
-# es_NI ISO-8859-1
-# es_NI.UTF-8 UTF-8
-# es_PA ISO-8859-1
-# es_PA.UTF-8 UTF-8
-# es_PE ISO-8859-1
-# es_PE.UTF-8 UTF-8
-# es_PR ISO-8859-1
-# es_PR.UTF-8 UTF-8
-# es_PY ISO-8859-1
-# es_PY.UTF-8 UTF-8
-# es_SV ISO-8859-1
-# es_SV.UTF-8 UTF-8
-# es_US ISO-8859-1
-# es_US.UTF-8 UTF-8
-# es_UY ISO-8859-1
-# es_UY.UTF-8 UTF-8
-# es_VE ISO-8859-1
-# es_VE.UTF-8 UTF-8
-# et_EE ISO-8859-1
-# et_EE.ISO-8859-15 ISO-8859-15
-# et_EE.UTF-8 UTF-8
-# eu_ES ISO-8859-1
-# eu_ES.UTF-8 UTF-8
-# eu_ES@euro ISO-8859-15
-# eu_FR ISO-8859-1
-# eu_FR.UTF-8 UTF-8
-# eu_FR@euro ISO-8859-15
-# fa_IR UTF-8
-# ff_SN UTF-8
-# fi_FI ISO-8859-1
-# fi_FI.UTF-8 UTF-8
-# fi_FI@euro ISO-8859-15
-# fil_PH UTF-8
-# fo_FO ISO-8859-1
-# fo_FO.UTF-8 UTF-8
-# fr_BE ISO-8859-1
-# fr_BE.UTF-8 UTF-8
-# fr_BE@euro ISO-8859-15
-# fr_CA ISO-8859-1
-# fr_CA.UTF-8 UTF-8
-# fr_CH ISO-8859-1
-# fr_CH.UTF-8 UTF-8
-# fr_FR ISO-8859-1
-# fr_FR.UTF-8 UTF-8
-# fr_FR@euro ISO-8859-15
-# fr_LU ISO-8859-1
-# fr_LU.UTF-8 UTF-8
-# fr_LU@euro ISO-8859-15
-# fur_IT UTF-8
-# fy_DE UTF-8
-# fy_NL UTF-8
-# ga_IE ISO-8859-1
-# ga_IE.UTF-8 UTF-8
-# ga_IE@euro ISO-8859-15
-# gd_GB ISO-8859-15
-# gd_GB.UTF-8 UTF-8
-# gez_ER UTF-8
-# gez_ER@abegede UTF-8
-# gez_ET UTF-8
-# gez_ET@abegede UTF-8
-# gl_ES ISO-8859-1
-# gl_ES.UTF-8 UTF-8
-# gl_ES@euro ISO-8859-15
-# gu_IN UTF-8
-# gv_GB ISO-8859-1
-# gv_GB.UTF-8 UTF-8
-# ha_NG UTF-8
-# hak_TW UTF-8
-# he_IL ISO-8859-8
-# he_IL.UTF-8 UTF-8
-# hi_IN UTF-8
-# hne_IN UTF-8
-# hr_HR ISO-8859-2
-# hr_HR.UTF-8 UTF-8
-# hsb_DE ISO-8859-2
-# hsb_DE.UTF-8 UTF-8
-# ht_HT UTF-8
-# hu_HU ISO-8859-2
-# hu_HU.UTF-8 UTF-8
-# hy_AM UTF-8
-# hy_AM.ARMSCII-8 ARMSCII-8
-# ia_FR UTF-8
-# id_ID ISO-8859-1
-# id_ID.UTF-8 UTF-8
-# ig_NG UTF-8
-# ik_CA UTF-8
-# is_IS ISO-8859-1
-# is_IS.UTF-8 UTF-8
-# it_CH ISO-8859-1
-# it_CH.UTF-8 UTF-8
-# it_IT ISO-8859-1
-# it_IT.UTF-8 UTF-8
-# it_IT@euro ISO-8859-15
-# iu_CA UTF-8
-# ja_JP.EUC-JP EUC-JP
-# ja_JP.UTF-8 UTF-8
-# ka_GE GEORGIAN-PS
-# ka_GE.UTF-8 UTF-8
-# kk_KZ PT154
-# kk_KZ.RK1048 RK1048
-# kk_KZ.UTF-8 UTF-8
-# kl_GL ISO-8859-1
-# kl_GL.UTF-8 UTF-8
-# km_KH UTF-8
-# kn_IN UTF-8
-# ko_KR.EUC-KR EUC-KR
-# ko_KR.UTF-8 UTF-8
-# kok_IN UTF-8
-# ks_IN UTF-8
-# ks_IN@devanagari UTF-8
-# ku_TR ISO-8859-9
-# ku_TR.UTF-8 UTF-8
-# kw_GB ISO-8859-1
-# kw_GB.UTF-8 UTF-8
-# ky_KG UTF-8
-# lb_LU UTF-8
-# lg_UG ISO-8859-10
-# lg_UG.UTF-8 UTF-8
-# li_BE UTF-8
-# li_NL UTF-8
-# lij_IT UTF-8
-# ln_CD UTF-8
-# lo_LA UTF-8
-# lt_LT ISO-8859-13
-# lt_LT.UTF-8 UTF-8
-# lv_LV ISO-8859-13
-# lv_LV.UTF-8 UTF-8
-# lzh_TW UTF-8
-# mag_IN UTF-8
-# mai_IN UTF-8
-# mg_MG ISO-8859-15
-# mg_MG.UTF-8 UTF-8
-# mhr_RU UTF-8
-# mi_NZ ISO-8859-13
-# mi_NZ.UTF-8 UTF-8
-# mk_MK ISO-8859-5
-# mk_MK.UTF-8 UTF-8
-# ml_IN UTF-8
-# mn_MN UTF-8
-# mni_IN UTF-8
-# mr_IN UTF-8
-# ms_MY ISO-8859-1
-# ms_MY.UTF-8 UTF-8
-# mt_MT ISO-8859-3
-# mt_MT.UTF-8 UTF-8
-# my_MM UTF-8
-# nan_TW UTF-8
-# nan_TW@latin UTF-8
-# nb_NO ISO-8859-1
-# nb_NO.UTF-8 UTF-8
-# nds_DE UTF-8
-# nds_NL UTF-8
-# ne_NP UTF-8
-# nhn_MX UTF-8
-# niu_NU UTF-8
-# niu_NZ UTF-8
-# nl_AW UTF-8
-# nl_BE ISO-8859-1
-# nl_BE.UTF-8 UTF-8
-# nl_BE@euro ISO-8859-15
-# nl_NL ISO-8859-1
-# nl_NL.UTF-8 UTF-8
-# nl_NL@euro ISO-8859-15
-# nn_NO ISO-8859-1
-# nn_NO.UTF-8 UTF-8
-# nr_ZA UTF-8
-# nso_ZA UTF-8
-# oc_FR ISO-8859-1
-# oc_FR.UTF-8 UTF-8
-# om_ET UTF-8
-# om_KE ISO-8859-1
-# om_KE.UTF-8 UTF-8
-# or_IN UTF-8
-# os_RU UTF-8
-# pa_IN UTF-8
-# pa_PK UTF-8
-# pap_AW UTF-8
-# pap_CW UTF-8
-# pl_PL ISO-8859-2
-# pl_PL.UTF-8 UTF-8
-# ps_AF UTF-8
-# pt_BR ISO-8859-1
-# pt_BR.UTF-8 UTF-8
-# pt_PT ISO-8859-1
-# pt_PT.UTF-8 UTF-8
-# pt_PT@euro ISO-8859-15
-# quz_PE UTF-8
-# raj_IN UTF-8
-# ro_RO ISO-8859-2
-# ro_RO.UTF-8 UTF-8
-# ru_RU ISO-8859-5
-# ru_RU.CP1251 CP1251
-# ru_RU.KOI8-R KOI8-R
-# ru_RU.UTF-8 UTF-8
-# ru_UA KOI8-U
-# ru_UA.UTF-8 UTF-8
-# rw_RW UTF-8
-# sa_IN UTF-8
-# sat_IN UTF-8
-# sc_IT UTF-8
-# sd_IN UTF-8
-# sd_IN@devanagari UTF-8
-# se_NO UTF-8
-# sgs_LT UTF-8
-# shs_CA UTF-8
-# si_LK UTF-8
-# sid_ET UTF-8
-# sk_SK ISO-8859-2
-# sk_SK.UTF-8 UTF-8
-# sl_SI ISO-8859-2
-# sl_SI.UTF-8 UTF-8
-# so_DJ ISO-8859-1
-# so_DJ.UTF-8 UTF-8
-# so_ET UTF-8
-# so_KE ISO-8859-1
-# so_KE.UTF-8 UTF-8
-# so_SO ISO-8859-1
-# so_SO.UTF-8 UTF-8
-# sq_AL ISO-8859-1
-# sq_AL.UTF-8 UTF-8
-# sq_MK UTF-8
-# sr_ME UTF-8
-# sr_RS UTF-8
-# sr_RS@latin UTF-8
-# ss_ZA UTF-8
-# st_ZA ISO-8859-1
-# st_ZA.UTF-8 UTF-8
-# sv_FI ISO-8859-1
-# sv_FI.UTF-8 UTF-8
-# sv_FI@euro ISO-8859-15
-# sv_SE ISO-8859-1
-# sv_SE.ISO-8859-15 ISO-8859-15
-# sv_SE.UTF-8 UTF-8
-# sw_KE UTF-8
-# sw_TZ UTF-8
-# szl_PL UTF-8
-# ta_IN UTF-8
-# ta_LK UTF-8
-# tcy_IN.UTF-8 UTF-8
-# te_IN UTF-8
-# tg_TJ KOI8-T
-# tg_TJ.UTF-8 UTF-8
-# th_TH TIS-620
-# th_TH.UTF-8 UTF-8
-# the_NP UTF-8
-# ti_ER UTF-8
-# ti_ET UTF-8
-# tig_ER UTF-8
-# tk_TM UTF-8
-# tl_PH ISO-8859-1
-# tl_PH.UTF-8 UTF-8
-# tn_ZA UTF-8
-# tr_CY ISO-8859-9
-# tr_CY.UTF-8 UTF-8
-# tr_TR ISO-8859-9
-# tr_TR.UTF-8 UTF-8
-# ts_ZA UTF-8
-# tt_RU UTF-8
-# tt_RU@iqtelif UTF-8
-# ug_CN UTF-8
-# uk_UA KOI8-U
-# uk_UA.UTF-8 UTF-8
-# unm_US UTF-8
-# ur_IN UTF-8
-# ur_PK UTF-8
-# uz_UZ ISO-8859-1
-# uz_UZ.UTF-8 UTF-8
-# uz_UZ@cyrillic UTF-8
-# ve_ZA UTF-8
-# vi_VN UTF-8
-# wa_BE ISO-8859-1
-# wa_BE.UTF-8 UTF-8
-# wa_BE@euro ISO-8859-15
-# wae_CH UTF-8
-# wal_ET UTF-8
-# wo_SN UTF-8
-# xh_ZA ISO-8859-1
-# xh_ZA.UTF-8 UTF-8
-# yi_US CP1255
-# yi_US.UTF-8 UTF-8
-# yo_NG UTF-8
-# yue_HK UTF-8
-# zh_CN GB2312
-# zh_CN.GB18030 GB18030
-# zh_CN.GBK GBK
-# zh_CN.UTF-8 UTF-8
-# zh_HK BIG5-HKSCS
-# zh_HK.UTF-8 UTF-8
-# zh_SG GB2312
-# zh_SG.GBK GBK
-# zh_SG.UTF-8 UTF-8
-# zh_TW BIG5
-# zh_TW.EUC-TW EUC-TW
-# zh_TW.UTF-8 UTF-8
-# zu_ZA ISO-8859-1
-# zu_ZA.UTF-8 UTF-8
diff --git a/archived/buster/etc_files/all/etc/timezone b/archived/buster/etc_files/all/etc/timezone
deleted file mode 100644 (file)
index 94d5acc..0000000
+++ /dev/null
@@ -1 +0,0 @@
-Europe/Berlin
diff --git a/archived/buster/etc_files/dumpsite/etc/nginx/sites-available/dumpsite.nginx b/archived/buster/etc_files/dumpsite/etc/nginx/sites-available/dumpsite.nginx
deleted file mode 100644 (file)
index 25c2d62..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
-server {
-    listen 443 ssl;
-    server_name REPLACE_fqdn_ECALPER;
-    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
-    root /var/www-dump/;
-
-    location /dump/ {
-        autoindex on;
-    }
-
-    location /geheim/ {
-        auth_basic "geheim geheim";
-        auth_basic_user_file /var/www-dump/password_geheim;
-        autoindex on;
-    }
-
-    location /zettel/ {
-        # rewrite non-suffixed filenames to .html ones
-        rewrite ^(/zettel/(.*/)*[^./]+)$ $1.html;
-        autoindex on;
-    }
-
-    location /uwsgi/ {
-        include uwsgi_params;
-        uwsgi_pass 127.0.0.1:3031;
-    }
-}
diff --git a/archived/buster/etc_files/dumpsite/etc/systemd/system/url_catcher.service b/archived/buster/etc_files/dumpsite/etc/systemd/system/url_catcher.service
deleted file mode 100644 (file)
index 45d079c..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-[Unit]
-Description=url_catcher screen
-
-[Service]
-Type=forking
-User=plom
-# The LC_ALL fixes submission failing on some articles.
-ExecStart=/bin/sh -c 'LC_ALL=en_US.UTF8 cd ~/url-catcher && screen -d -m ./run.sh'
-Restart=always
-
-[Install]
-WantedBy=multi-user.target
diff --git a/archived/buster/etc_files/eeepc/etc/systemd/logind.conf b/archived/buster/etc_files/eeepc/etc/systemd/logind.conf
deleted file mode 100644 (file)
index 6a61f0b..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-#  This file is part of systemd.
-#
-# See logind.conf(5) for details.
-
-[Login]
-# Note that with the standard Buster kernel this won't work due to
-# <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919227>.
-HandleLidSwitch=hibernate
diff --git a/archived/buster/etc_files/mail/etc/aliases b/archived/buster/etc_files/mail/etc/aliases
deleted file mode 100644 (file)
index 5c52e6f..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-# /etc/aliases
-# maps whom what is sent to
-
-# As per RFC 2142.
-mailer-daemon: plom
-postmaster: plom
-hostmaster: plom
-usenet: plom
-news: plom
-webmaster: plom
-www: plom
-ftp: plom
-abuse: plom
-noc: plom
-security: plom
-root: plom
-
-# Personal aliases.
-plomlompom: plom
-christian.heller: plom
-christian_heller: plom
-christianheller: plom
-c.heller: plom
-heller: plom
diff --git a/archived/buster/etc_files/mail/etc/dovecot/conf.d/99-lmtp-sieve-filtering.conf b/archived/buster/etc_files/mail/etc/dovecot/conf.d/99-lmtp-sieve-filtering.conf
deleted file mode 100644 (file)
index eaf927b..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-# This is only necessary when we use dovecot's LMTP mechanism to receive
-# mail from postfix.
-auth_username_format = %Ln
-
-# Add sieve filtering.
-protocol lmtp {
-  mail_plugins = $mail_plugins sieve
-}
-
-# We don't strictly need to provide a LMTP server to fetch mail from
-# postfix, but we do if we want to do sophisticated stuff like sieve
-# filtering on the way.
-service lmtp {
-  inet_listener lmtp {
-    address = 127.0.0.1
-    port = 2424
-  }
-}
diff --git a/archived/buster/etc_files/mail/etc/dovecot/conf.d/99-smtp-sasl.conf b/archived/buster/etc_files/mail/etc/dovecot/conf.d/99-smtp-sasl.conf
deleted file mode 100644 (file)
index d076d63..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-service auth {
-  unix_listener auth-userdb {
-  }
-
-  unix_listener /var/spool/postfix/private/auth {
-        mode = 0660
-        user = postfix
-        group = postfix
-  }
-}
diff --git a/archived/buster/etc_files/mail/etc/mailutils.conf b/archived/buster/etc_files/mail/etc/mailutils.conf
deleted file mode 100644 (file)
index 44efe26..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-# mailutils by default uses the FQDN as the mail domain name, fix this
-address {
-  email-domain REPLACE_maildomain_ECALPER;
-};
diff --git a/archived/buster/etc_files/mail/etc/nftables.conf b/archived/buster/etc_files/mail/etc/nftables.conf
deleted file mode 100755 (executable)
index 747d214..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/usr/sbin/nft -f
-
-flush ruleset
-
-table inet filter {
-       chain input {
-               type filter hook input priority 0; policy drop;
-               iif lo accept comment "accept localhost traffic"
-               ct state invalid drop comment "drop invalid connections"
-               ct state established, related accept comment "accept traffic originated from us"
-               tcp dport 22 accept comment "accept SSH on default port"
-               tcp dport 25 accept comment "accept SMTP (allowing for STARTTLS); necessary for mail server to mail server banter, i.e. for receiving mails"
-               tcp dport 80 accept comment "accept HTTP; necessary for Certbot HTTP challenge"
-               tcp dport 465 accept comment "accept SMTPS; for mail user agent to mail server, i.e. for sending mails"
-               tcp dport 993 accept comment "accept IMAPS; for reading/downloading mails"
-               ip protocol icmp icmp type echo-request accept comment "accept ICMP for pinging"
-       }
-       chain forward {
-               type filter hook forward priority 0; policy drop;
-       }
-       chain output {
-               type filter hook output priority 0; policy accept;
-       }
-}
diff --git a/archived/buster/etc_files/mail/etc/systemd/system/fetchmail_old_account.service b/archived/buster/etc_files/mail/etc/systemd/system/fetchmail_old_account.service
deleted file mode 100644 (file)
index dc8acb4..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=Run plom's fetchmail
-
-[Service]
-Type=oneshot
-User=plom
-# fetchmail returns 1 when no new mail, we want to catch that
-ExecStart=/bin/sh -c 'fetchmail || [ $? -eq 1 ]'
diff --git a/archived/buster/etc_files/mail/etc/systemd/system/fetchmail_old_account.timer b/archived/buster/etc_files/mail/etc/systemd/system/fetchmail_old_account.timer
deleted file mode 100644 (file)
index 0568eeb..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=Run fetchmail once every minute
-
-[Timer]
-OnCalendar=minutely
-
-[Install]
-WantedBy=timers.target
diff --git a/archived/buster/etc_files/mail/etc/systemd/system/pingmail.service b/archived/buster/etc_files/mail/etc/systemd/system/pingmail.service
deleted file mode 100644 (file)
index e332114..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-[Unit]
-Description=Run pingmail check
-
-[Service]
-Type=oneshot
-User=plom
-ExecStart=/bin/sh -c '~/pingmail/pingmail check'
diff --git a/archived/buster/etc_files/mail/etc/systemd/system/pingmail.timer b/archived/buster/etc_files/mail/etc/systemd/system/pingmail.timer
deleted file mode 100644 (file)
index dba0c9f..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=Run pingmail check once every hour
-
-[Timer]
-OnCalendar=*-*-* *:00:00
-
-[Install]
-WantedBy=timers.target
diff --git a/archived/buster/etc_files/old_server/etc/apt/sources.list b/archived/buster/etc_files/old_server/etc/apt/sources.list
deleted file mode 100644 (file)
index a1fbdb0..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-deb http://deb.debian.org/debian stretch main contrib non-free
-deb http://deb.debian.org/debian-security/ stretch/updates main contrib non-free
-deb http://deb.debian.org/debian stretch-updates main contrib non-free
-deb http://ftp.debian.org/debian stretch-backports main contrib non-free
diff --git a/archived/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.service b/archived/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.service
deleted file mode 100644 (file)
index bc81613..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Attempt encryption of old chat logs
-[Service]
-Type=oneshot
-User=plom
-ExecStart=/bin/sh -c '~/weechatlogs_encrypter.sh'
diff --git a/archived/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer b/archived/buster/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer
deleted file mode 100644 (file)
index 79a6e1e..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=Attempt encryption of old chatlogs once every minute.
-
-[Timer]
-OnCalendar=*-*-* *:*:00
-
-[Install]
-WantedBy=timers.target
\ No newline at end of file
diff --git a/archived/buster/etc_files/pleroma/var/lib/pleroma/static/instance/panel.html b/archived/buster/etc_files/pleroma/var/lib/pleroma/static/instance/panel.html
deleted file mode 100644 (file)
index 8e2e67f..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-<div style="margin: 1em;">
-  <p>Privacy: Visitor IP addresses are anonymized in the logs.</p>
-  <p>Contact: See <a href="https://plomlompom.com/contact.html">plomlompom.com contact page</a>.</p>
-</div>
diff --git a/archived/buster/etc_files/pleroma/var/lib/pleroma/static/robots.txt b/archived/buster/etc_files/pleroma/var/lib/pleroma/static/robots.txt
deleted file mode 100644 (file)
index eb05362..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-User-agent: *
-Disallow:
diff --git a/archived/buster/etc_files/pleroma/var/lib/pleroma/static/static/terms-of-service.html b/archived/buster/etc_files/pleroma/var/lib/pleroma/static/static/terms-of-service.html
deleted file mode 100644 (file)
index 7268bac..0000000
+++ /dev/null
@@ -1 +0,0 @@
-This is <a href="https://plomlompom.com">plomlompom</a>'s personal single-user Pleroma instance.
diff --git a/archived/buster/etc_files/server/etc/nftables.conf b/archived/buster/etc_files/server/etc/nftables.conf
deleted file mode 100755 (executable)
index efbc182..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/usr/sbin/nft -f
-
-flush ruleset
-
-table inet filter {
-       chain input {
-               type filter hook input priority 0; policy drop;
-               iif lo accept comment "accept localhost traffic"
-               ct state invalid drop comment "drop invalid connections"
-               ct state established, related accept comment "accept traffic originated from us"
-               tcp dport 22 accept comment "accept SSH on default port"
-               ip protocol icmp icmp type echo-request accept comment "accept ICMP for pinging"
-       }
-       chain forward {
-               type filter hook forward priority 0; policy drop;
-       }
-       chain output {
-               type filter hook output priority 0; policy accept;
-       }
-}
diff --git a/archived/buster/etc_files/server/etc/ssh/sshd_config b/archived/buster/etc_files/server/etc/ssh/sshd_config
deleted file mode 100644 (file)
index 857962b..0000000
+++ /dev/null
@@ -1,124 +0,0 @@
-#      $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
-
-# This is the sshd server system-wide configuration file.  See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented.  Uncommented options override the
-# default value.
-
-Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-PermitRootLogin no  # plomlompom's security rule 
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#PubkeyAuthentication yes
-
-# Expect .ssh/authorized_keys2 to be disregarded by default in future.
-#AuthorizedKeysFile    .ssh/authorized_keys .ssh/authorized_keys2
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-#PasswordAuthentication yes
-#PermitEmptyPasswords no
-
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-ChallengeResponseAuthentication no
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-#GSSAPIStrictAcceptorCheck yes
-#GSSAPIKeyExchange no
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
-# PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin yes
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-X11Forwarding yes
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-PrintMotd no
-#PrintLastLog yes
-#TCPKeepAlive yes
-#PermitUserEnvironment no
-#Compression delayed
-#ClientAliveInterval 0
-#ClientAliveCountMax 3
-#UseDNS no
-#PidFile /var/run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
-
-# override default of no subsystems
-Subsystem sftp /usr/lib/openssh/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-#      X11Forwarding no
-#      AllowTcpForwarding no
-#      PermitTTY no
-#      ForceCommand cvs server
-
-ClientAliveInterval 120
-PasswordAuthentication no  # plomlompom's security rule
diff --git a/archived/buster/etc_files/thinkpad/etc/default/tlp b/archived/buster/etc_files/thinkpad/etc/default/tlp
deleted file mode 100644 (file)
index b73846b..0000000
+++ /dev/null
@@ -1,306 +0,0 @@
-# ------------------------------------------------------------------------------
-# tlp - Parameters for power saving
-# See full explanation: http://linrunner.de/en/tlp/docs/tlp-configuration.html
-
-# Hint: some features are disabled by default, remove the leading # to enable
-# them.
-
-# Set to 0 to disable, 1 to enable TLP.
-TLP_ENABLE=1
-
-# Operation mode when no power supply can be detected: AC, BAT.
-# Concerns some desktop and embedded hardware only.
-TLP_DEFAULT_MODE=AC
-
-# Operation mode select: 0=depend on power source, 1=always use TLP_DEFAULT_MODE
-# Hint: use in conjunction with TLP_DEFAULT_MODE=BAT for BAT settings on AC.
-TLP_PERSISTENT_DEFAULT=0
-
-# Seconds laptop mode has to wait after the disk goes idle before doing a sync.
-# Non-zero value enables, zero disables laptop mode.
-DISK_IDLE_SECS_ON_AC=0
-DISK_IDLE_SECS_ON_BAT=2
-
-# Dirty page values (timeouts in secs).
-MAX_LOST_WORK_SECS_ON_AC=15
-MAX_LOST_WORK_SECS_ON_BAT=60
-
-# Hint: CPU parameters below are disabled by default, remove the leading #
-# to enable them, otherwise kernel default values are used.
-
-# Select a CPU frequency scaling governor.
-# Intel Core i processor with intel_pstate driver:
-#   powersave(*), performance.
-# Older hardware with acpi-cpufreq driver:
-#   ondemand(*), powersave, performance, conservative, schedutil.
-# (*) is recommended.
-# Hint: use tlp-stat -p to show the active driver and available governors.
-# Important:
-#   powersave for intel_pstate and ondemand for acpi-cpufreq are power
-#   efficient for *almost all* workloads and therefore kernel and most
-#   distributions have chosen them as defaults. If you still want to change,
-#   you should know what you're doing! You *must* disable your distribution's
-#   governor settings or conflicts will occur.
-#CPU_SCALING_GOVERNOR_ON_AC=powersave
-#CPU_SCALING_GOVERNOR_ON_BAT=powersave
-
-# Set the min/max frequency available for the scaling governor.
-# Possible values strongly depend on your CPU. For available frequencies see
-# the output of tlp-stat -p.
-#CPU_SCALING_MIN_FREQ_ON_AC=0
-#CPU_SCALING_MAX_FREQ_ON_AC=0
-#CPU_SCALING_MIN_FREQ_ON_BAT=0
-#CPU_SCALING_MAX_FREQ_ON_BAT=0
-
-# Set energy performance hints (HWP) for Intel P-state governor:
-#   performance, balance_performance, default, balance_power, power
-# Values are given in order of increasing power saving.
-# Note: Intel Skylake or newer CPU and Kernel >= 4.10 required.
-CPU_HWP_ON_AC=balance_performance
-CPU_HWP_ON_BAT=balance_power
-
-# Set Intel P-state performance: 0..100 (%).
-# Limit the max/min P-state to control the power dissipation of the CPU.
-# Values are stated as a percentage of the available performance.
-# Requires an Intel Core i processor with intel_pstate driver.
-#CPU_MIN_PERF_ON_AC=0
-#CPU_MAX_PERF_ON_AC=100
-#CPU_MIN_PERF_ON_BAT=0
-#CPU_MAX_PERF_ON_BAT=30
-
-# Set the CPU "turbo boost" feature: 0=disable, 1=allow
-# Requires an Intel Core i processor.
-# Important:
-# - This may conflict with your distribution's governor settings
-# - A value of 1 does *not* activate boosting, it just allows it
-#CPU_BOOST_ON_AC=1
-#CPU_BOOST_ON_BAT=0
-
-# Minimize number of used CPU cores/hyper-threads under light load conditions:
-#   0=disable, 1=enable.
-SCHED_POWERSAVE_ON_AC=0
-SCHED_POWERSAVE_ON_BAT=1
-
-# Kernel NMI Watchdog:
-#   0=disable (default, saves power), 1=enable (for kernel debugging only).
-NMI_WATCHDOG=0
-
-# Change CPU voltages aka "undervolting" - Kernel with PHC patch required.
-# Frequency voltage pairs are written to:
-#   /sys/devices/system/cpu/cpu0/cpufreq/phc_controls
-# CAUTION: only use this, if you thoroughly understand what you are doing!
-#PHC_CONTROLS="F:V F:V F:V F:V"
-
-# Set CPU performance versus energy savings policy:
-#   performance, balance-performance, default, balance-power, power.
-# Values are given in order of increasing power saving.
-# Requires kernel module msr and x86_energy_perf_policy from linux-tools.
-ENERGY_PERF_POLICY_ON_AC=performance
-ENERGY_PERF_POLICY_ON_BAT=power
-
-# Disk devices; separate multiple devices with spaces (default: sda).
-# Devices can be specified by disk ID also (lookup with: tlp diskid).
-DISK_DEVICES="sda sdb"
-
-# Disk advanced power management level: 1..254, 255 (max saving, min, off).
-# Levels 1..127 may spin down the disk; 255 allowable on most drives.
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the hardware default for the particular disk.
-DISK_APM_LEVEL_ON_AC="254 254"
-DISK_APM_LEVEL_ON_BAT="128 128"
-
-# Hard disk spin down timeout:
-#   0:        spin down disabled
-#   1..240:   timeouts from 5s to 20min (in units of 5s)
-#   241..251: timeouts from 30min to 5.5 hours (in units of 30min)
-# See 'man hdparm' for details.
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the hardware default for the particular disk.
-#DISK_SPINDOWN_TIMEOUT_ON_AC="0 0"
-#DISK_SPINDOWN_TIMEOUT_ON_BAT="0 0"
-
-# Select IO scheduler for the disk devices: cfq, deadline, noop (Default: cfq).
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the kernel default scheduler for the particular disk.
-#DISK_IOSCHED="cfq cfq"
-
-# AHCI link power management (ALPM) for disk devices:
-#   min_power, med_power_with_dipm(*), medium_power, max_performance.
-# (*) Kernel >= 4.15 required, then recommended.
-# Multiple values separated with spaces are tried sequentially until success.
-SATA_LINKPWR_ON_AC="med_power_with_dipm max_performance"
-SATA_LINKPWR_ON_BAT="med_power_with_dipm min_power"
-
-# Exclude host devices from AHCI link power management.
-# Separate multiple hosts with spaces.
-#SATA_LINKPWR_BLACKLIST="host1"
-
-# Runtime Power Management for AHCI host and disks devices:
-#   on=disable, auto=enable.
-# EXPERIMENTAL ** WARNING: auto will most likely cause system lockups/data loss.
-#AHCI_RUNTIME_PM_ON_AC=on
-#AHCI_RUNTIME_PM_ON_BAT=on
-
-# Seconds of inactivity before disk is suspended.
-AHCI_RUNTIME_PM_TIMEOUT=15
-
-# PCI Express Active State Power Management (PCIe ASPM):
-#   default, performance, powersave.
-PCIE_ASPM_ON_AC=performance
-PCIE_ASPM_ON_BAT=powersave
-
-# Radeon graphics clock speed (profile method): low, mid, high, auto, default;
-# auto = mid on BAT, high on AC; default = use hardware defaults.
-RADEON_POWER_PROFILE_ON_AC=high
-RADEON_POWER_PROFILE_ON_BAT=low
-
-# Radeon dynamic power management method (DPM): battery, performance.
-RADEON_DPM_STATE_ON_AC=performance
-RADEON_DPM_STATE_ON_BAT=battery
-
-# Radeon DPM performance level: auto, low, high; auto is recommended.
-RADEON_DPM_PERF_LEVEL_ON_AC=auto
-RADEON_DPM_PERF_LEVEL_ON_BAT=auto
-
-# WiFi power saving mode: on=enable, off=disable; not supported by all adapters.
-WIFI_PWR_ON_AC=off
-WIFI_PWR_ON_BAT=on
-
-# Disable wake on LAN: Y/N.
-WOL_DISABLE=Y
-
-# Enable audio power saving for Intel HDA, AC97 devices (timeout in secs).
-# A value of 0 disables, >=1 enables power saving (recommended: 1).
-SOUND_POWER_SAVE_ON_AC=0
-SOUND_POWER_SAVE_ON_BAT=1
-
-# Disable controller too (HDA only): Y/N.
-SOUND_POWER_SAVE_CONTROLLER=Y
-
-# Power off optical drive in UltraBay/MediaBay: 0=disable, 1=enable.
-# Drive can be powered on again by releasing (and reinserting) the eject lever
-# or by pressing the disc eject button on newer models.
-# Note: an UltraBay/MediaBay hard disk is never powered off.
-BAY_POWEROFF_ON_AC=0
-BAY_POWEROFF_ON_BAT=0
-# Optical drive device to power off (default sr0).
-BAY_DEVICE="sr0"
-
-# Runtime Power Management for PCI(e) bus devices: on=disable, auto=enable.
-RUNTIME_PM_ON_AC=on
-RUNTIME_PM_ON_BAT=auto
-
-# Exclude PCI(e) device adresses the following list from Runtime PM
-# (separate with spaces). Use lspci to get the adresses (1st column).
-#RUNTIME_PM_BLACKLIST="bb:dd.f 11:22.3 44:55.6"
-
-# Exclude PCI(e) devices assigned to the listed drivers from Runtime PM.
-# Default when unconfigured is "amdgpu nouveau nvidia radeon" which
-# prevents accidential power-on of dGPU in hybrid graphics setups.
-# Use "" to disable the feature completely.
-# Separate multiple drivers with spaces.
-#RUNTIME_PM_DRIVER_BLACKLIST="amdgpu nouveau nvidia radeon"
-
-# Set to 0 to disable, 1 to enable USB autosuspend feature.
-USB_AUTOSUSPEND=1
-
-# Exclude listed devices from USB autosuspend (separate with spaces).
-# Use lsusb to get the ids.
-# Note: input devices (usbhid) are excluded automatically
-#USB_BLACKLIST="1111:2222 3333:4444"
-
-# Bluetooth devices are excluded from USB autosuspend:
-#   0=do not exclude, 1=exclude.
-USB_BLACKLIST_BTUSB=0
-
-# Phone devices are excluded from USB autosuspend:
-#   0=do not exclude, 1=exclude (enable charging).
-USB_BLACKLIST_PHONE=0
-
-# Printers are excluded from USB autosuspend:
-#   0=do not exclude, 1=exclude.
-USB_BLACKLIST_PRINTER=1
-
-# WWAN devices are excluded from USB autosuspend:
-#   0=do not exclude, 1=exclude.
-USB_BLACKLIST_WWAN=1
-
-# Include listed devices into USB autosuspend even if already excluded
-# by the blacklists above (separate with spaces).
-# Use lsusb to get the ids.
-#USB_WHITELIST="1111:2222 3333:4444"
-
-# Set to 1 to disable autosuspend before shutdown, 0 to do nothing
-# (workaround for USB devices that cause shutdown problems).
-#USB_AUTOSUSPEND_DISABLE_ON_SHUTDOWN=1
-
-# Restore radio device state (Bluetooth, WiFi, WWAN) from previous shutdown
-# on system startup: 0=disable, 1=enable.
-# Hint: the parameters DEVICES_TO_DISABLE/ENABLE_ON_STARTUP/SHUTDOWN below
-#   are ignored when this is enabled!
-RESTORE_DEVICE_STATE_ON_STARTUP=0
-
-# Radio devices to disable on startup: bluetooth, wifi, wwan.
-# Separate multiple devices with spaces.
-#DEVICES_TO_DISABLE_ON_STARTUP="bluetooth wifi wwan"
-
-# Radio devices to enable on startup: bluetooth, wifi, wwan.
-# Separate multiple devices with spaces.
-#DEVICES_TO_ENABLE_ON_STARTUP="wifi"
-
-# Radio devices to disable on shutdown: bluetooth, wifi, wwan.
-# (workaround for devices that are blocking shutdown).
-#DEVICES_TO_DISABLE_ON_SHUTDOWN="bluetooth wifi wwan"
-
-# Radio devices to enable on shutdown: bluetooth, wifi, wwan.
-# (to prevent other operating systems from missing radios).
-#DEVICES_TO_ENABLE_ON_SHUTDOWN="wwan"
-
-# Radio devices to enable on AC: bluetooth, wifi, wwan.
-#DEVICES_TO_ENABLE_ON_AC="bluetooth wifi wwan"
-
-# Radio devices to disable on battery: bluetooth, wifi, wwan.
-#DEVICES_TO_DISABLE_ON_BAT="bluetooth wifi wwan"
-
-# Radio devices to disable on battery when not in use (not connected):
-#   bluetooth, wifi, wwan.
-#DEVICES_TO_DISABLE_ON_BAT_NOT_IN_USE="bluetooth wifi wwan"
-
-# Battery charge thresholds (ThinkPad only, tp-smapi or acpi-call kernel module
-# required). Charging starts when the remaining capacity falls below the
-# START_CHARGE_THRESH value and stops when exceeding the STOP_CHARGE_THRESH value.
-# Main / Internal battery (values in %)
-START_CHARGE_THRESH_BAT0=75
-STOP_CHARGE_THRESH_BAT0=80
-# Ultrabay / Slice / Replaceable battery (values in %)
-#START_CHARGE_THRESH_BAT1=75
-#STOP_CHARGE_THRESH_BAT1=80
-
-# Restore charge thresholds when AC is unplugged: 0=disable, 1=enable.
-#RESTORE_THRESHOLDS_ON_BAT=1
-
-# ------------------------------------------------------------------------------
-# tlp-rdw - Parameters for the radio device wizard
-# Possible devices: bluetooth, wifi, wwan.
-
-# Hints:
-# - Parameters are disabled by default, remove the leading # to enable them
-# - Separate multiple radio devices with spaces
-
-# Radio devices to disable on connect.
-#DEVICES_TO_DISABLE_ON_LAN_CONNECT="wifi wwan"
-#DEVICES_TO_DISABLE_ON_WIFI_CONNECT="wwan"
-#DEVICES_TO_DISABLE_ON_WWAN_CONNECT="wifi"
-
-# Radio devices to enable on disconnect.
-#DEVICES_TO_ENABLE_ON_LAN_DISCONNECT="wifi wwan"
-#DEVICES_TO_ENABLE_ON_WIFI_DISCONNECT=""
-#DEVICES_TO_ENABLE_ON_WWAN_DISCONNECT=""
-
-# Radio devices to enable/disable when docked.
-#DEVICES_TO_ENABLE_ON_DOCK=""
-#DEVICES_TO_DISABLE_ON_DOCK=""
-
-# Radio devices to enable/disable when undocked.
-#DEVICES_TO_ENABLE_ON_UNDOCK="wifi"
-#DEVICES_TO_DISABLE_ON_UNDOCK=""
diff --git a/archived/buster/etc_files/thinkpad/etc/systemd/logind.conf b/archived/buster/etc_files/thinkpad/etc/systemd/logind.conf
deleted file mode 100644 (file)
index 1098229..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-#  This file is part of systemd.
-#
-# See logind.conf(5) for details.
-
-[Login]
-HandleLidSwitch=hibernate
diff --git a/archived/buster/etc_files/user/etc/cups/printers.conf b/archived/buster/etc_files/user/etc/cups/printers.conf
deleted file mode 100644 (file)
index 3475600..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-# Printer configuration file for CUPS v2.2.10
-# Written by cupsd
-# DO NOT EDIT THIS FILE WHEN CUPSD IS RUNNING
-<Printer HP_Deskjet_F300_series>
-UUID urn:uuid:e856a26d-66f8-327a-4dca-0d8a09f87a25
-Info HP Deskjet F300 series
-Location 
-MakeModel HP Deskjet f300 Series, hpcups 3.18.12
-DeviceURI hp:/usb/Deskjet_F300_series?serial=CN63VB21TM04KH
-State Idle
-Type 36892
-Accepting Yes
-Shared No
-JobSheets none none
-QuotaPeriod 0
-PageLimit 0
-KLimit 0
-OpPolicy default
-ErrorPolicy retry-job
-</Printer>
diff --git a/archived/buster/etc_files/user/etc/default/console-setup b/archived/buster/etc_files/user/etc/default/console-setup
deleted file mode 100644 (file)
index 090d241..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-CHARMAP="UTF-8"
-CODESET="Lat15"
-FONTFACE="Terminus"
-FONTSIZE="6x12"
diff --git a/archived/buster/etc_files/user/opt/firefox/blank.html b/archived/buster/etc_files/user/opt/firefox/blank.html
deleted file mode 100644 (file)
index 79e707e..0000000
+++ /dev/null
@@ -1 +0,0 @@
-not quite blank
diff --git a/archived/buster/etc_files/user/opt/firefox/defaults/pref/autoconfig.js b/archived/buster/etc_files/user/opt/firefox/defaults/pref/autoconfig.js
deleted file mode 100644 (file)
index cf8ea80..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-// We set up AutoConfig according to <https://support.mozilla.org/en-US/kb/customizing-firefox-using-autoconfig>, see firefox.cfg comments on why we need it
-pref("general.config.filename", "firefox.cfg");
-pref("general.config.obscure_value", 0);
-
diff --git a/archived/buster/etc_files/user/opt/firefox/firefox.cfg b/archived/buster/etc_files/user/opt/firefox/firefox.cfg
deleted file mode 100644 (file)
index b321153..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-// do not put any code into this first line, as it gets ignored by Firefox
-
-// we zero extensions.autoDisableScopes so our pre-installed extensions activate by default
-pref("extensions.autoDisableScopes", 0);
-
-// we turn off annoying setup popups and pages; these settings are the result more of trial and error than thorough understanding by me, so more research might be warranted to discipline them
-pref("startup.homepage_welcome_url", "file:///opt/firefox/blank.html");
-pref("browser.startup.homepage", "file:///opt/firefox/blank.html");
-pref("browser.startup.blankWindow", true);
-pref("datareporting.policy.firstRunURL", "");
-pref("browser.shell.checkDefaultBrowser", false);
-pref("datareporting.policy.dataSubmissionPolicyBypassNotification", true);
-
-// use socks proxy by default
-pref("network.proxy.type", 1);
-pref("network.proxy.socks", "localhost");
-pref("network.proxy.socks_port", 9999);
-pref("network.proxy.remote_dns", true);
diff --git a/archived/buster/etc_files/user/usr/share/applications/firefox.desktop b/archived/buster/etc_files/user/usr/share/applications/firefox.desktop
deleted file mode 100644 (file)
index cb8d354..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-[Desktop Entry]
-Name=Firefox
-Exec=/usr/local/bin/firefox %u
diff --git a/archived/buster/etc_files/web/etc/nftables.conf b/archived/buster/etc_files/web/etc/nftables.conf
deleted file mode 100755 (executable)
index ec6732a..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/usr/sbin/nft -f
-
-flush ruleset
-
-table inet filter {
-       chain input {
-               type filter hook input priority 0; policy drop;
-               iif lo accept comment "accept localhost traffic"
-               ct state invalid drop comment "drop invalid connections"
-               ct state established, related accept comment "accept traffic originated from us"
-               tcp dport 22 accept comment "accept SSH on default port"
-               tcp dport 80 accept comment "accept HTTP on default port"
-               tcp dport 443 accept comment "accept HTTPS on default port"
-               ip protocol icmp icmp type echo-request accept comment "accept ICMP for pinging"
-       }
-       chain forward {
-               type filter hook forward priority 0; policy drop;
-       }
-       chain output {
-               type filter hook output priority 0; policy accept;
-       }
-}
diff --git a/archived/buster/etc_files/web/etc/nginx/nginx.conf b/archived/buster/etc_files/web/etc/nginx/nginx.conf
deleted file mode 100644 (file)
index 8320425..0000000
+++ /dev/null
@@ -1,38 +0,0 @@
-# system integration
-user www-data;
-worker_processes auto;
-pid /run/nginx.pid;
-include /etc/nginx/modules-enabled/*.conf;
-
-# is expected even if empty
-events {
-}
-
-http {
-    # define content-type headers
-    include /etc/nginx/mime.types;
-    charset utf-8;
-
-    # Some standard optimizations, i.e. Debian default. Explained in
-    # <https://thoughts.t37.net/nginx-optimization-understanding-sendfile-tcp-nodelay-and-tcp-nopush-c55cdd276765>
-    # Not that I understand it all …
-    sendfile on;
-    tcp_nopush on;
-    tcp_nodelay on;
-
-    # logging deactivated due to GDPR
-    #access_log /var/log/nginx/access.log;
-    #error_log /var/log/nginx/error.log;
-    access_log off;
-    error_log off;
-
-    # virtual hosts: sites-enabled is the Debian way, conf.d the NGINX default
-    include /etc/nginx/conf.d/*.conf;
-    include /etc/nginx/sites-enabled/*;
-
-    # Redirect all HTTP requests to HTTPS.
-    server {
-        listen 80;
-        return 301 https://$host$request_uri;
-    }
-}
diff --git a/archived/buster/etc_files/website/etc/gitweb.conf b/archived/buster/etc_files/website/etc/gitweb.conf
deleted file mode 100644 (file)
index 88dea47..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-# path to git projects (<project>.git)
-$projectroot = "/var/repos";
-
-# don't show repos without git-daemon-export-ok file
-$export_ok = "git-daemon-export-ok";
-
-# directory to use for temp files
-# explicitely set by Debian so it's probably a good choice
-$git_temp = "/tmp";
-
-# git-diff-tree(1) options to use for generated patches
-# we don't want to to guess renames, so empty
-@diff_opts = ();
-
-# Base path for where to find the repos for cloning.
-@git_base_url_list = ('https://REPLACE_fqdn_ECALPER/repos/clone');
-
-# allow snapshots
-$feature{'snapshot'}{'default'} = ['zip', 'tgz'];
-
-# insert header for GDPR compliance
-$site_header = "/var/www/header.html"
diff --git a/archived/buster/etc_files/website/etc/nginx/sites-available/website.nginx b/archived/buster/etc_files/website/etc/nginx/sites-available/website.nginx
deleted file mode 100644 (file)
index cbad304..0000000
+++ /dev/null
@@ -1,40 +0,0 @@
-server {
-    listen 443 ssl;
-    server_name REPLACE_fqdn_ECALPER;
-    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
-    root /var/www/html/;
-    index index.html index.htm index.nginx-debian.html;
-
-    # serve /var/repos/* for HTTPS git cloning
-    location ~ /repos/clone(/.*) {
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
-        # Commented out so only repos are served that contain a
-        # git-daemon-export-ok file.
-        # fastcgi_param GIT_HTTP_EXPORT_ALL "";
-        fastcgi_param GIT_PROJECT_ROOT /var/repos;
-        fastcgi_param PATH_INFO $1;
-        fastcgi_pass unix:/var/run/fcgiwrap.socket;
-    }
-
-    # gitweb static files
-    location /repos/static/ {
-        alias /usr/share/gitweb/static/;
-    }
-
-    # gitweb; this needs packages fcgiwrap and gitweb
-    location /repos/ {
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME /usr/share/gitweb/gitweb.cgi;
-        fastcgi_param GITWEB_CONFIG /etc/gitweb.conf;
-        fastcgi_pass unix:/var/run/fcgiwrap.socket;
-    }
-
-    # login-protected IRC logs
-    location ~ ^/irclogs/([^/]+)/ {
-        auth_basic "$1 logs";
-        auth_basic_user_file /var/www/irclogs_pw/$1;
-        autoindex on;
-    }
-}
diff --git a/archived/buster/etc_files/website/etc/systemd/system/plomlombot.service b/archived/buster/etc_files/website/etc/systemd/system/plomlombot.service
deleted file mode 100644 (file)
index a4f6769..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=plomlombot screen
-
-[Service]
-Type=simple
-User=plom
-ExecStart=/bin/sh -c '~/plomlombot_daemon.sh'
-Restart=always
-
-[Install]
-WantedBy=multi-user.target
diff --git a/archived/buster/etc_files/x200s/etc/wicd/manager-settings.conf b/archived/buster/etc_files/x200s/etc/wicd/manager-settings.conf
deleted file mode 100644 (file)
index de12c6c..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-[Settings]
-backend = external
-wireless_interface = wls1
-wired_interface = enp0s25
-wpa_driver = wext
-always_show_wired_interface = False
-use_global_dns = False
-global_dns_1 = None
-global_dns_2 = None
-global_dns_3 = None
-global_dns_dom = None
-global_search_dom = None
-auto_reconnect = True
-debug_mode = 0
-wired_connect_mode = 1
-signal_display_type = 0
-should_verify_ap = 1
-dhcp_client = 0
-link_detect_tool = 0
-flush_tool = 0
-sudo_app = 0
-prefer_wired = False
-show_never_connect = True
-
diff --git a/archived/buster/etc_files/x220/etc/wicd/manager-settings.conf b/archived/buster/etc_files/x220/etc/wicd/manager-settings.conf
deleted file mode 100644 (file)
index 985df76..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-[Settings]
-backend = external
-wireless_interface = wlp3s0
-wired_interface = enp0s25
-wpa_driver = wext
-always_show_wired_interface = False
-use_global_dns = False
-global_dns_1 = None
-global_dns_2 = None
-global_dns_3 = None
-global_dns_dom = None
-global_search_dom = None
-auto_reconnect = True
-debug_mode = 0
-wired_connect_mode = 1
-signal_display_type = 0
-should_verify_ap = 1
-dhcp_client = 0
-link_detect_tool = 0
-flush_tool = 0
-sudo_app = 0
-prefer_wired = False
-show_never_connect = True
-
diff --git a/archived/buster/home_files/eeepc/.config/i3status/config b/archived/buster/home_files/eeepc/.config/i3status/config
deleted file mode 100644 (file)
index 207bef4..0000000
+++ /dev/null
@@ -1,82 +0,0 @@
-# plomlompom's i3 status bar configuration
-
-# Activate colors; set update interval of one second.
-general {
-  colors = true
-  interval = 1
-}
-
-# Selection / order of status elements.
-order += "disk /"
-order += "disk /home/"
-order += "wireless wlp2s0"
-order += "ethernet enp1s0"
-order += "battery 0"
-order += "cpu_usage"
-order += "load"
-order += "cpu_temperature 0"
-order += "time"
-order += "volume master"
-
-# How much space is left in / ?
-disk "/" {
-  format = "/: %avail of %total"
-  separator_block_width = 25
-}
-
-# How much space is left in /home/ ?
-disk "/home/" {
-  format = "/home: %avail of %total"
-  separator_block_width = 25
-}
-
-# WLAN status: show IP and connection quality or "down".
-wireless wlp2s0 {
-  format_up = "w: (%quality at %essid) %ip"
-  format_down = "w: down"
-  separator_block_width = 10
-}
-
-# Ethernet status: show IP or "down".
-ethernet enp1s0 {
-  format_up = "e: %ip"
-  format_down = "e: down"
-  separator_block_width = 25
-}
-
-# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
-battery 0 {
-  format = "b: %status %percentage %remaining"
-  separator_block_width = 25
-}
-
-# Show CPU usage.
-cpu_usage {
-  format = "cpu: %usage"
-  separator_block_width = 10
-}
-
-# Show system load during last 1/5/15 minutes.
-load {
-  format = "%1min %5min %15min"
-  separator_block_width = 25
-}
-
-# Show CPU temperature in degrees of celsius.
-cpu_temperature 0 {
-  format = "%degrees °C"
-  separator_block_width = 25
-}
-
-# Show date/time/timezone as "year-month-day hour:minute:second
-# timezone_numeric/timezone_alphabetic".
-time {
-  format = "%Y-%m-%d %H:%M:%S %z/%Z"
-  separator_block_width = 25
-}
-
-volume master {
-  format = "♪: %volume"
-  format_muted = "♪: muted (%volume)"
-  separator_block_width = 25
-}
diff --git a/archived/buster/home_files/minimal/.bashrc b/archived/buster/home_files/minimal/.bashrc
deleted file mode 100644 (file)
index 5ee9ad8..0000000
+++ /dev/null
@@ -1,26 +0,0 @@
-# Settings for interactive shells.
-
-# Fancy colors for ls.
-alias ls="ls --color=auto"
-
-# Use vim as default editor for anything.
-export VISUAL=vim
-export EDITOR=$VISUAL
-
-# Colored prompt with username, hostname, date/time, directory.
-colornumber=7 # Default to white if no color set via colornumber dotfile.
-colornumber_file=~/.shell_prompt_color
-if [ -f $colornumber_file ]; then
-    colornumber=`cat $colornumber_file`
-fi
-tput_color="$(tput setaf $colornumber)$(tput bold)"
-tput_reset="$(tput sgr0)"
-# Bash confuses the line length when not told to not count escape sequences.
-if [ ! "$BASH" = "" ]; then
-    tput_color="\[$tput_color\]"
-    tput_reset="\[$tput_reset\]"
-fi
-PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset"
-PS2="${tput_color}> $tput_reset"
-PS3="${tput_color}select: $tput_reset"
-PS4="${tput_color}+ $tput_reset"
diff --git a/archived/buster/home_files/root/.shell_prompt_color b/archived/buster/home_files/root/.shell_prompt_color
deleted file mode 100644 (file)
index d00491f..0000000
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/archived/buster/home_files/user/.Xresources b/archived/buster/home_files/user/.Xresources
deleted file mode 100644 (file)
index 45b10af..0000000
+++ /dev/null
@@ -1,56 +0,0 @@
-! otherwise various applications will assume merely 8 colors
-XTerm.termName: xterm-256color
-
-! font
-! actually, "mono" is already the default for faceName (it will
-! pick whatever fc-match mono delivers), but we need to set _some_
-! faceName to trigger XTerm activating TrueType fonts
-! (XTerm*fontRender by itself won't do the trick), and we want
-! TrueType fonts because, well, they scale better, and XTerm lets them
-! fall back on alternatives (hi there ttf-unifont) when a Unicode
-! glyph is not found
-XTerm*faceName: mono
-
-! white on black
-XTerm*reverseVideo: on
-
-! blink screen instead of sound
-XTerm*visualBell: on
-
-! proper ALT as META key treatment
-XTerm*eightBitInput: false
-
-! font sizes
-XTerm*faceSize: 8
-XTerm*faceSize1: 4
-XTerm*faceSize2: 5
-XTerm*faceSize3: 6
-XTerm*faceSize4: 8
-XTerm*faceSize5: 14
-XTerm*faceSize6: 25
-
-! colors
-! black
-XTerm*color0: #202020
-XTerm*color8: #3F3F3F
-! red
-XTerm*color1: #A82020
-XTerm*color9: #E82020
-! green
-XTerm*color2: #20A820
-XTerm*color10: #20E820
-! yellow
-XTerm*color3: #A8A820
-XTerm*color11: #E8E820
-! blue
-XTerm*color4: #3F3FFF
-XTerm*color12: #9F9FFF
-! magenta
-XTerm*color5: #A83FFF
-XTerm*color13: #E89FFF
-! cyan
-XTerm*color6: #3FA8FF
-XTerm*color14: #9FE8FF
-! white
-XTerm*color7: #A8A8A8
-XTerm*color15: #E8E8E8
diff --git a/archived/buster/home_files/user/.borgrepos b/archived/buster/home_files/user/.borgrepos
deleted file mode 100644 (file)
index c40eee3..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-plom@plomlompom.com
-plom@mail.plomlompom.com
-plom@play.plomlompom.com
-# file read ends at last newline
diff --git a/archived/buster/home_files/user/.config/i3/config b/archived/buster/home_files/user/.config/i3/config
deleted file mode 100644 (file)
index 19c654e..0000000
+++ /dev/null
@@ -1,83 +0,0 @@
-# plomlompom's i3-wm configuration
-
-# Font for i3 text
-font pango:Terminus 8px
-
-# Force "tabbed" as default layout for new windows.
-workspace_layout              tabbed
-
-# Make the Windows key the modifier key for all i3-wm actions.
-set                           $mod Mod4
-floating_modifier             $mod
-
-# Launch xterm.
-bindsym $mod+Return           exec xterm
-
-# Launch programs via dmenu.
-bindsym $mod+d                exec dmenu_run
-bindsym $mod+x                exec dmenu_run
-
-# Kill window.
-bindsym $mod+Shift+Q          kill
-
-# Move focus between windows.
-bindsym $mod+Left             focus left
-bindsym $mod+Down             focus down
-bindsym $mod+Up               focus up
-bindsym $mod+Right            focus right
-
-# Don't move focus with mouse.
-focus_follows_mouse           no
-
-# Move windows.
-bindsym $mod+Shift+Left       move left
-bindsym $mod+Shift+Down       move down
-bindsym $mod+Shift+Up         move up
-bindsym $mod+Shift+Right      move right
-
-# Resize windows
-bindsym $mod+h                resize shrink width 1 px or 1 ppt
-bindsym $mod+l                resize grow width 1 px or 1 ppt
-bindsym $mod+j                resize shrink height
-bindsym $mod+k                resize grow height
-
-# Toggle fullscreen for focused window.
-bindsym $mod+f                fullscreen
-
-# Toggle floating of window, focus on floating or tabbed windows.
-bindsym $mod+Shift+space      floating toggle
-bindsym $mod+space            focus mode_toggle
-
-# Switch to workspace x.
-bindsym $mod+1                workspace 1
-bindsym $mod+2                workspace 2
-bindsym $mod+3                workspace 3
-bindsym $mod+4                workspace 4
-bindsym $mod+5                workspace 5
-bindsym $mod+6                workspace 6
-bindsym $mod+7                workspace 7
-bindsym $mod+8                workspace 8
-bindsym $mod+9                workspace 9
-bindsym $mod+0                workspace 10
-
-# Move window to workspace x.
-bindsym $mod+Shift+exclam     move workspace 1
-bindsym $mod+Shift+quotedbl   move workspace 2
-bindsym $mod+Shift+section    move workspace 3
-bindsym $mod+Shift+dollar     move workspace 4
-bindsym $mod+Shift+percent    move workspace 5
-bindsym $mod+Shift+ampersand  move workspace 6
-bindsym $mod+Shift+slash      move workspace 7
-bindsym $mod+Shift+parenleft  move workspace 8
-bindsym $mod+Shift+parenright move workspace 9
-bindsym $mod+Shift+equal      move workspace 10
-
-# Reload i3 config file, restart (keeping sesion) i3, exit i3.
-bindsym $mod+Shift+C          reload
-bindsym $mod+Shift+R          restart
-bindsym $mod+Shift+P          exit
-
-# Select "i3status" as i3 status bar.
-bar {
-  status_command i3status
-}
diff --git a/archived/buster/home_files/user/.emacs.d/init.el b/archived/buster/home_files/user/.emacs.d/init.el
deleted file mode 100644 (file)
index fbec980..0000000
+++ /dev/null
@@ -1,323 +0,0 @@
-;; general layout
-;; ==============
-
-;; need no stinkin emacs help screen as start up, and no menu bar
-(setq inhibit-startup-screen t)
-(menu-bar-mode -1)
-
-;; highlight cursor line, parentheses
-(global-hl-line-mode 1)
-(show-paren-mode 1)
-
-;; show line numbers, use separator space
-(global-linum-mode)
-(setq linum-format "%d ")
-
-;; count cursor column, row in mode line
-(setq column-number-mode t)
-
-;; settings to make GUI tolerable
-(if window-system
-  (progn
-    (add-to-list 'default-frame-alist '(foreground-color . "white"))
-    (add-to-list 'default-frame-alist '(background-color . "black"))
-    (set-face-attribute 'default nil :height 80)
-    (scroll-bar-mode -1)
-    (setq visible-bell t)
-    (setq linum-format "%d")))
-
-;; use as default browser what XDG offers
-(setq-default browse-url-browser-function 'browse-url-xdg-open)
-
-
-
-;; general keybindings
-;; ===================
-
-;; create and use a minimal global map using just the self-insert command
-;; bindings and a selection of some to me very common keystrokes
-(setq minimal-map (make-sparse-keymap))
-(substitute-key-definition 'self-insert-command 'self-insert-command
-                           minimal-map global-map)
-(use-global-map minimal-map)
-(global-set-key (kbd "DEL") 'backward-delete-char-untabify)
-(global-set-key (kbd "RET") 'newline)
-(global-set-key (kbd "TAB") 'indent-for-tab-command)
-(global-set-key (kbd "<up>") 'previous-line)
-(global-set-key (kbd "<down>") 'next-line)
-(global-set-key (kbd "<left>") 'left-char)
-(global-set-key (kbd "<right>") 'right-char)
-(global-set-key (kbd "<prior>") 'scroll-down-command)
-(global-set-key (kbd "<next>") 'scroll-up-command)
-(global-set-key (kbd "M-x") 'execute-extended-command)
-(global-set-key (kbd "C-g") 'keyboard-quit)
-;(global-set-key (kbd "<f3>") 'kmacro-start-macro-or-insert-counter)
-;(global-set-key (kbd "<f4>") 'kmacro-end-or-call-macro)
-;; note how to switch back to the original map: (use-global-map global-map)
-(setq shr-map (make-sparse-keymap))  ; got annoying in elfeed-show on URLs
-
-
-
-;; minibuffer
-;; ==========
-
-;; incremental minibuffer completion
-(icomplete-mode 1)
-
-
-
-;; text editing
-;; ============
-
-;; tabs are evil
-(setq-default indent-tabs-mode nil)
-(setq-default tab-width 4)
-(setq indent-line-function 'insert-tab)
-
-;; show trailing whitespace
-(setq-default show-trailing-whitespace 1)
-
-;; on save, ask whether to ensure text file's last line ends in a
-;; newline character
-(setq require-final-newline 1)
-
-;; use dedicated directory for version-controlled, endless backups;
-;; never delete old versions
-(setq make-backup-files t
-      backup-directory-alist `(("." . "~/.emacs_backups"))
-      backup-by-copying t
-      version-control t
-      delete-old-versions 1)  ;; neither t nor nil: never delete
-
-
-;; package management
-;; ==================
-
-;; where we get packages from
-(setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/")
-                         ("melpa-unstable" . "https://melpa.org/packages/")
-                         ("melpa-stable" . "https://stable.melpa.org/packages/")))
-
-;; ensure certain packages are installed (actually, we use Debian repos here)
-;; credit to <https://stackoverflow.com/a/10093312>
-;(setq package-list '(elfeed ledger-mode))
-;(package-initialize)
-;(dolist (package package-list)
-;  (unless (package-installed-p package)
-;    (package-install package)))
-
-
-
-;;; window management
-;;; =================
-;
-;;; track window configurations to allow window config undo
-;(winner-mode 1)
-
-
-
-;; mail setup
-;; ==========
-
-(setq send-mail-function 'smtpmail-send-it)
-(setq smtpmail-smtp-server "mail.plomlompom.com")
-(setq smtpmail-smtp-service 465)
-(setq smtpmail-stream-type 'ssl)
-(setq smtpmail-smtp-user "plom")
-(setq mml-secure-openpgp-encrypt-to-self t)
-(add-hook 'message-setup-hook 'mml-secure-sign-pgpmime)
-
-;(setq gnutls-log-level 0)
-
-;; if we don't set this, we get this warning:
-;;   gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange
-;;   has been lowered to 256 bits and this may allow decryption of the session data
-(setq gnutls-min-prime-bits 1024)
-
-;; there is a WEIRD bug somewhere in /network-stream-open-tls/ that disappears the
-;; stream process, seemingly unless the /message/ function is called at the right
-;; place (earliest in /nsm-verify-connection/ right before the "cond" there, latest
-;; in /network-stream-get-response/ right after "(goto-char start)"; this works
-;; unless /inhibit_message/ is set, indicating that writing to the *Messages*
-;; buffer is not relevant, but maybe writing to the echo area is); activing the
-;; gnutls logging is just a hack to achieve such calls to /message/ in the
-;; /network-stream-open-tls/ flow.
-(setq gnutls-log-level 1) ; miraculously makes smtpmail work
-
-;; constructs From: domain if mail composer directly called (from without
-;; notmuch), but we don't actually intend to do that
-;(setq mail-host-address "plomlompom.com")
-
-;; otherwise notmuch becomes extremely slow in some cases
-(setq-default notmuch-show-indent-content nil)
-
-;; this only works if we use notmuch-mua-send instead of message-send
-(setq notmuch-fcc-dirs '(("plom@plomlompom.com" . "maildir/Sent")))
-
-;; this gets rid of "i-did-not-set--mail-host-address--so-tickle-me"
-;; in the message ID
-(setq mail-host-address "plomlompom.com")
-
-;; notmuch saved searches
-(setq notmuch-saved-searches
-      '((:name "inbox" :query "tag:unread and folder:inbox")
-        (:name "all" :query "tag:unread not folder:maildir/Trash")
-        (:name "plomlompom.de" :query "tag:unread and folder:maildir/plomlompom.de")
-        (:name "nebenan" :query "tag:unread and folder:maildir/nebenan")
-        (:name "reflect-info" :query "tag:unread and folder:maildir/reflect-info")
-        (:name "gmail" :query "tag:unread and folder:maildir/gmail.com")
-        (:name "mutter" :query "tag:unread and folder:maildir/mutter")))
-
-
-
-;; org mode
-;; ========
-
-;; unsure why, but to re-set the key map, we not only have to explicitely do it
-;; only after org-mode loading, but also have to explicitely overwrite the
-;; C-c keybinding; TODO: investigate
-(with-eval-after-load 'org
-    (setq org-mode-map (make-sparse-keymap))
-    (define-key org-mode-map (kbd "C-c") nil)
-    (define-key org-mode-map (kbd "TAB") 'org-cycle)
-    (define-key org-mode-map (kbd "<backtab>") 'org-shifttab))
-
-;; don't truncate lines by default
-(setq org-startup-truncated nil)
-
-;; basic org-capture config
-(setq org-capture-templates
-      '(("x" "test" plain (file "~/org/notes.org") "%T: %?")))
-(add-hook 'org-capture-mode-hook 'evil-insert-state)
-
-;; agenda view on startup
-(load-library "find-lisp")
-(setq org-agenda-files (find-lisp-find-files "~/org" "\.org$"))
-(setq org-agenda-span 90)
-(setq org-agenda-use-time-grid nil)
-(add-hook 'emacs-startup-hook (lambda ()
-                                 (org-agenda-list)
-                                 (switch-to-buffer "*Org Agenda*")
-                                 (other-window 1)))
-
-;;; for calendar, use ISO date style
-;(setq calendar-date-style 'iso)
-;(setq diary-number-of-entries 7)
-;(diary)
-;(setq org-agenda-time-grid '((today require-timed remove-match)
-;                             #("----------------" 0 16 (org-heading t))
-;                             (0 200 400 600 800 1000 1200
-;                                1400 1600 1800 2000 2200)))
-
-;; empty org-agenda-mode keybindings
-(add-hook 'org-agenda-mode-hook
-          (lambda ()
-            (setq org-agenda-mode-map (make-sparse-keymap))))
-(add-hook 'org-agenda-mode-hook
-          (lambda ()
-            (use-local-map (make-sparse-keymap))))
-
-;; org-publish-all
-(setq org-publish-project-alist
-      '(
-        ("website"
-         :base-directory "~/org/web/"
-         :base-extension "org"
-         :publishing-directory "~/html/"
-         :recursive t
-         :publishing-function org-html-publish-to-html
-         :headline-levels 4             ; Just the default for this project.
-         :auto-preamble t
-          )))
-
-;; use [ki:] syntax to hide stuff from exports
-(defun classify-information (text backend info)
-  "Replaces '[ki:WHATEVER]' with '[klassifizierte Information]'."
-  (replace-regexp-in-string "\\[ki:[^\]]*\]" "[klassifizierte Information]" text))
-(add-hook 'org-export-filter-plain-text-functions 'classify-information)
-
-;; add HTML validator link to exports
-(setq org-html-validation-link "<a href=\"https://validator.w3.org/check?uri=referer\">Validate</a>")
-
-
-
-;;; Info mode
-;;; =========
-
-(setq Info-mode-map (make-sparse-keymap))
-(define-key Info-mode-map (kbd "RET") 'Info-follow-nearest-node)
-(define-key Info-mode-map (kbd "u") 'Info-up)
-(define-key Info-mode-map (kbd "TAB") 'Info-next-reference)
-(define-key Info-mode-map (kbd "<backtab>") 'Info-prev-reference)
-(define-key Info-mode-map (kbd "H") 'Info-history-back)
-(define-key Info-mode-map (kbd "L") 'Info-history-forward)
-(define-key Info-mode-map (kbd "I") 'Info-goto-node)
-(define-key Info-mode-map (kbd "i") 'Info-index)
-
-
-
-;; help mode
-;; =========
-
-(setq help-mode-map (make-sparse-keymap))
-(define-key help-mode-map (kbd "TAB") 'forward-button)
-(define-key help-mode-map (kbd "RET") 'help-follow)
-(define-key help-mode-map (kbd "<backtab>") 'backward-button)
-
-
-
-;; elfeed
-;; ======
-
-(require 'elfeed)  ; needed so we can set the font faces
-(set-face-background 'elfeed-search-title-face "magenta")
-(set-face-background 'elfeed-search-unread-count-face "magenta")
-(setq elfeed-feeds
-      '("https://capsurvival.blogspot.com/feeds/posts/default"
-        "https://jungle.world/rss.xml"
-        "http://news.dieweltistgarnichtso.net/bin/index.xml"
-        "https://taz.de/!s=&ExportStatus=Intern&SuchRahmen=Online;rss/"
-        "http://www.tagesschau.de/xml/atom"))
-(setq elfeed-search-mode-map (make-sparse-keymap))
-(define-key elfeed-search-mode-map (kbd "RET") 'elfeed-search-show-entry)
-(defun elfeed-search-mark-as-read() (interactive)
-  (elfeed-search-untag-all 'unread))
-(define-key elfeed-search-mode-map (kbd "r") 'elfeed-search-mark-as-read)
-(define-key elfeed-search-mode-map (kbd "R") 'elfeed-search-tag-all-unread)
-(define-key elfeed-search-mode-map (kbd "f") 'elfeed-search-live-filter)
-(define-key elfeed-search-mode-map (kbd "u") 'elfeed-update)
-(setq elfeed-show-mode-map (make-sparse-keymap))
-(define-key elfeed-show-mode-map (kbd "u") 'elfeed)
-(define-key elfeed-show-mode-map (kbd "TAB") 'shr-next-link)
-(define-key elfeed-show-mode-map (kbd "<backtab>") 'shr-previous-link)
-(define-key elfeed-show-mode-map (kbd "a") 'elfeed-show-prev)
-(define-key elfeed-show-mode-map (kbd "d") 'elfeed-show-next)
-(define-key elfeed-show-mode-map (kbd "y") 'shr-copy-url)
-(define-key elfeed-show-mode-map (kbd "RET") 'shr-browse-url)
-
-
-
-;; eww
-;; ===
-
-(setq eww-mode-map (make-sparse-keymap))
-(define-key eww-mode-map (kbd "TAB") 'shr-next-link)
-(define-key eww-mode-map (kbd "<backtab>") 'shr-previous-link)
-(define-key eww-mode-map (kbd "H") 'eww-back-url)
-(define-key eww-mode-map (kbd "L") 'eww-forward-url)
-
-
-
-;; ledger
-;; ======
-(setq ledger-mode-map (make-sparse-keymap))
-(define-key ledger-mode-map (kbd "TAB") 'ledger-magic-tab)
-
-
-
-;;; plomvi mode
-;;; ===========
-
-(defvar plomvi-return-combo (kbd "C-c"))
-(load "~/public_repos/plomvi.el/plomvi.el")
-(plomvi-global-mode 1)
diff --git a/archived/buster/home_files/user/.gitconfig b/archived/buster/home_files/user/.gitconfig
deleted file mode 100644 (file)
index 8967d25..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-[user]
-       email = c.heller@plomlompom.de
-       name = Christian Heller
diff --git a/archived/buster/home_files/user/.mbsyncrc b/archived/buster/home_files/user/.mbsyncrc
deleted file mode 100644 (file)
index 6a0e5cd..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
-IMAPAccount plom
-# Address to connect to
-Host mail.plomlompom.com
-User plom
-# For some reason, mbsync doesn't accept a PassCmd output beyond 79 chars,
-# therefore the pw in ~/.authinfo should not be longer than that.
-PassCmd "cat ~/.authinfo | cut -d' ' -f8-"
-SSLType IMAPS
-AuthMechs LOGIN
-
-IMAPStore core-remote
-Account plom
-
-MaildirStore core-local
-# The trailing "/" is important
-Path ~/mail/maildir/
-Inbox ~/mail/inbox/
-
-Channel core
-Master :core-remote:
-Slave :core-local:
-Patterns *
-# Automatically create missing mailboxes, both locally and on the server
-Create Both
-# Save the synchronization state files in the relevant directory
-SyncState *
-# If a mail is marked T ("Trashed") or deleted, remove it for real everywhere
-Expunge Both
diff --git a/archived/buster/home_files/user/.notmuch-config b/archived/buster/home_files/user/.notmuch-config
deleted file mode 100644 (file)
index 9532761..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-[database]
-path=/home/plom/mail
-[search]
-exclude_tags=deleted;spam;
-# the fields below set the From: if the mail composer is called from
-# within notmuch
-[user]
-name=Christian Heller
-primary_email=plom@plomlompom.com
diff --git a/archived/buster/home_files/user/.shell_prompt_color b/archived/buster/home_files/user/.shell_prompt_color
deleted file mode 100644 (file)
index 0cfbf08..0000000
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/archived/buster/home_files/user/.tridactylrc b/archived/buster/home_files/user/.tridactylrc
deleted file mode 100644 (file)
index e39e5a0..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-sanitize tridactyllocal tridactylsync
-guiset statuspanel top-right
-guiset tabs autohide 
-set newtab file:///opt/firefox/blank.html
-autocmd DocStart www.reddit.com urlmodify -t www.reddit old.reddit
-bind / fillcmdline find
-bind n findnext 1
-bind N findnext -1
-set findcase insensitive
-bind j scrollline 3
-bind k scrollline -3
-set hintuppercase false
-set searchengine duckduckgo
diff --git a/archived/buster/home_files/user/.xinitrc b/archived/buster/home_files/user/.xinitrc
deleted file mode 100644 (file)
index c7a0a66..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-# X init configuration
-
-# Set keymap.
-setxkbmap de
-
-# Map CapsLock to Compose key.
-xmodmap -e "clear Lock"
-xmodmap -e "keycode 66 = Multi_key"
-
-# Load xterm settings
-xrdb -merge ~/.Xresources
-
-# Redshift to Berlin, Germany.
-redshift -rl 53:13 &
-
-# Launch window manager.
-i3
diff --git a/archived/buster/home_files/user/mail_sync.sh b/archived/buster/home_files/user/mail_sync.sh
deleted file mode 100755 (executable)
index 6962800..0000000
+++ /dev/null
@@ -1,43 +0,0 @@
-#!/bin/sh
-set -e
-
-basedir="/home/plom/mail/maildir/"
-# Ensure directories exist for all "dir:*" tags.
-for tag in $(notmuch search --output=tags '*'); do
-    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
-        continue
-    fi
-    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
-    if [ ! -d "${target_dir}" ]; then
-        echo "Directory ${target_dir} does not exist."
-        exit 1
-    fi
-done
-
-# Ensure all "dir:*"-tagged mails are in proper directories,
-# remove all "dir:*" tags.
-for tag in $(notmuch search --output=tags '*'); do
-    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
-        continue
-    fi
-    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
-    for f in $(notmuch search --output=files tag:"${tag}"); do
-         new_name=$(basename "${f}" | sed -e 's/,U=[0-9]*//')
-         target_path="${target_dir}${new_name}"
-         if [ ! "${target_path}" = "${f}" ]; then
-             echo "Moving ${f} to ${target_path}."
-             mv "${f}" "${target_path}"
-         fi
-    done
-    notmuch tag -"${tag}" tag:"${tag}"
-done
-
-# Remove all "deleted"-tagged files from maildirs.
-notmuch search --output=files tag:deleted | while read f; do
-    echo "Deleting ${f}"
-    rm "${f}"
-done
-
-# Sync changes back to server and update notmuch index.
-mbsync -a
-notmuch new
diff --git a/archived/buster/home_files/user/public_repos/repos b/archived/buster/home_files/user/public_repos/repos
deleted file mode 100644 (file)
index 27eb028..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-# List of repos we want cloned in ~/public_repos
-config
-pingmail.git
-plomlombot-irc.git
-plomrogue
-plomrogue2-experiments
-plomvi.el
diff --git a/archived/buster/home_files/w530/.config/i3status/config b/archived/buster/home_files/w530/.config/i3status/config
deleted file mode 100644 (file)
index b9fb15f..0000000
+++ /dev/null
@@ -1,82 +0,0 @@
-# plomlompom's i3 status bar configuration
-
-# Activate colors; set update interval of one second.
-general {
-  colors = true
-  interval = 1
-}
-
-# Selection / order of status elements.
-order += "disk /"
-order += "disk /home/"
-order += "wireless wlp3s0"
-order += "ethernet enp0s25"
-order += "battery 0"
-order += "cpu_usage"
-order += "load"
-order += "cpu_temperature 0"
-order += "time"
-order += "volume master"
-
-# How much space is left in / ?
-disk "/" {
-  format = "/: %avail available of %total"
-  separator_block_width = 25
-}
-
-# How much space is left in /home ?
-disk "/home/" {
-  format = "/home: %avail available of %total"
-  separator_block_width = 25
-}
-
-# WLAN status: show IP and connection quality or "down".
-wireless wlp3s0 {
-  format_up = "w: (%quality at %essid) %ip"
-  format_down = "w: down"
-  separator_block_width = 10
-}
-
-# Ethernet status: show IP or "down".
-ethernet enp0s25 {
-  format_up = "e: %ip"
-  format_down = "e: down"
-  separator_block_width = 25
-}
-
-# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
-battery 0 {
-  format = "b: %status %percentage %remaining"
-  separator_block_width = 25
-}
-
-# Show CPU usage.
-cpu_usage {
-  format = "cpu: %usage"
-  separator_block_width = 10
-}
-
-# Show system load during last 1/5/15 minutes.
-load {
-  format = "%1min %5min %15min"
-  separator_block_width = 25
-}
-
-# Show CPU temperature in degrees of celsius.
-cpu_temperature 0 {
-  format = "%degrees °C"
-  separator_block_width = 25
-}
-
-# Show date/time/timezone as "year-month-day hour:minute:second
-# timezone_numeric/timezone_alphabetic".
-time {
-  format = "%Y-%m-%d %H:%M:%S %z/%Z"
-  separator_block_width = 25
-}
-
-volume master {
-  format = "♪: %volume"
-  format_muted = "♪: muted (%volume)"
-  separator_block_width = 25
-}
diff --git a/archived/buster/home_files/x200s/.config/i3status/config b/archived/buster/home_files/x200s/.config/i3status/config
deleted file mode 100644 (file)
index 256f174..0000000
+++ /dev/null
@@ -1,82 +0,0 @@
-# plomlompom's i3 status bar configuration
-
-# Activate colors; set update interval of one second.
-general {
-  colors = true
-  interval = 1
-}
-
-# Selection / order of status elements.
-order += "disk /"
-order += "disk /home/"
-order += "wireless wls1"
-order += "ethernet enp0s25"
-order += "battery 0"
-order += "cpu_usage"
-order += "load"
-order += "cpu_temperature 0"
-order += "time"
-order += "volume master"
-
-# How much space is left in / ?
-disk "/" {
-  format = "/: %avail available of %total"
-  separator_block_width = 25
-}
-
-# How much space is left in /home ?
-disk "/home/" {
-  format = "/home: %avail available of %total"
-  separator_block_width = 25
-}
-
-# WLAN status: show IP and connection quality or "down".
-wireless wls1 {
-  format_up = "w: (%quality at %essid) %ip"
-  format_down = "w: down"
-  separator_block_width = 10
-}
-
-# Ethernet status: show IP or "down".
-ethernet enp0s25 {
-  format_up = "e: %ip"
-  format_down = "e: down"
-  separator_block_width = 25
-}
-
-# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
-battery 0 {
-  format = "b: %status %percentage %remaining"
-  separator_block_width = 25
-}
-
-# Show CPU usage.
-cpu_usage {
-  format = "cpu: %usage"
-  separator_block_width = 10
-}
-
-# Show system load during last 1/5/15 minutes.
-load {
-  format = "%1min %5min %15min"
-  separator_block_width = 25
-}
-
-# Show CPU temperature in degrees of celsius.
-cpu_temperature 0 {
-  format = "%degrees °C"
-  separator_block_width = 25
-}
-
-# Show date/time/timezone as "year-month-day hour:minute:second
-# timezone_numeric/timezone_alphabetic".
-time {
-  format = "%Y-%m-%d %H:%M:%S %z/%Z"
-  separator_block_width = 25
-}
-
-volume master {
-  format = "♪: %volume"
-  format_muted = "♪: muted (%volume)"
-  separator_block_width = 25
-}
diff --git a/archived/buster/home_files/x220/.config/i3status/config b/archived/buster/home_files/x220/.config/i3status/config
deleted file mode 100644 (file)
index b9fb15f..0000000
+++ /dev/null
@@ -1,82 +0,0 @@
-# plomlompom's i3 status bar configuration
-
-# Activate colors; set update interval of one second.
-general {
-  colors = true
-  interval = 1
-}
-
-# Selection / order of status elements.
-order += "disk /"
-order += "disk /home/"
-order += "wireless wlp3s0"
-order += "ethernet enp0s25"
-order += "battery 0"
-order += "cpu_usage"
-order += "load"
-order += "cpu_temperature 0"
-order += "time"
-order += "volume master"
-
-# How much space is left in / ?
-disk "/" {
-  format = "/: %avail available of %total"
-  separator_block_width = 25
-}
-
-# How much space is left in /home ?
-disk "/home/" {
-  format = "/home: %avail available of %total"
-  separator_block_width = 25
-}
-
-# WLAN status: show IP and connection quality or "down".
-wireless wlp3s0 {
-  format_up = "w: (%quality at %essid) %ip"
-  format_down = "w: down"
-  separator_block_width = 10
-}
-
-# Ethernet status: show IP or "down".
-ethernet enp0s25 {
-  format_up = "e: %ip"
-  format_down = "e: down"
-  separator_block_width = 25
-}
-
-# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
-battery 0 {
-  format = "b: %status %percentage %remaining"
-  separator_block_width = 25
-}
-
-# Show CPU usage.
-cpu_usage {
-  format = "cpu: %usage"
-  separator_block_width = 10
-}
-
-# Show system load during last 1/5/15 minutes.
-load {
-  format = "%1min %5min %15min"
-  separator_block_width = 25
-}
-
-# Show CPU temperature in degrees of celsius.
-cpu_temperature 0 {
-  format = "%degrees °C"
-  separator_block_width = 25
-}
-
-# Show date/time/timezone as "year-month-day hour:minute:second
-# timezone_numeric/timezone_alphabetic".
-time {
-  format = "%Y-%m-%d %H:%M:%S %z/%Z"
-  separator_block_width = 25
-}
-
-volume master {
-  format = "♪: %volume"
-  format_muted = "♪: muted (%volume)"
-  separator_block_width = 25
-}
diff --git a/archived/buster/other_files/append_opendkim.conf b/archived/buster/other_files/append_opendkim.conf
deleted file mode 100644 (file)
index ee5dc14..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-
-# plomlompom customizations
-Domain REPLACE_maildomain_ECALPER
-KeyFile /etc/dkimkeys/REPLACE_selector_ECALPER.private
-Selector REPLACE_selector_ECALPER
-Socket inet:8892@localhost
diff --git a/archived/buster/other_files/append_pleroma_config b/archived/buster/other_files/append_pleroma_config
deleted file mode 100644 (file)
index 54a65d0..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-
-##########################################
-# below this: customizations by plomlompom
-
-config :pleroma, :instance,
-    registrations_open: false,
-    safe_dm_mentions: true,
-    cleanup_attachments: true
-
-config :pleroma, :frontend_configurations,
-    pleroma_fe: %{
-        showInstanceSpecificPanel: true,
-        background: "/pixel.png",
-        logo: "/pixel.png"
-    }
-
-config :pleroma, :chat,
-    enabled: false
-
-config :pleroma, Pleroma.Captcha,
-    enabled: false
-
-config :pleroma, :static_fe,
-    enabled: true
diff --git a/archived/buster/other_files/append_postfix_main.cf b/archived/buster/other_files/append_postfix_main.cf
deleted file mode 100644 (file)
index 385058c..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-
-# TLS certs
-smtpd_tls_cert_file=/etc/letsencrypt/live/${myhostname}/fullchain.pem
-smtpd_tls_key_file=/etc/letsencrypt/live/${myhostname}/privkey.pem
-
-# OpenDKIM milter
-non_smtpd_milters = inet:localhost:8892
-smtpd_milters = inet:localhost:8892
-
-# transport mail to dovecot; not strictly needed, as even without this
-# postfix will throw mail to /var/mail/USER to be found by dovecot for
-# serving via IMAP etc.; but using dovecot's LMTP server for delivery
-# allows us to do stuff like dovecot-side sieve filtering.
-mailbox_transport = lmtp:inet:127.0.0.1:2424
-
-# to authenticate on SMTP, we need a SASL mechanism; we talk to dovecot
-# for this, since it provides one
-smtpd_sasl_type = dovecot
-smtpd_sasl_path = private/auth
-smtpd_sasl_auth_enable = yes
-
-# we append mail domain here for if it is different than $myhostname 
-mydestination = $myhostname localhost.$mydomain localhost REPLACE_maildomain_ECALPER 
diff --git a/archived/buster/other_files/append_postfix_master.cf b/archived/buster/other_files/append_postfix_master.cf
deleted file mode 100644 (file)
index 5d1aa3c..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-
-# Run SMTPS on port 465, enforce TLS there.
-smtps     inet  n       -       y       -       -       smtpd
-  -o smtpd_tls_wrappermode=yes
diff --git a/archived/buster/other_files/blog_hook_post-receive b/archived/buster/other_files/blog_hook_post-receive
deleted file mode 100755 (executable)
index b671248..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/bin/sh
-blog_dir=~/blog
-export GIT_DIR=$(pwd)
-export GIT_WORK_TREE="$blog_dir"
-git checkout -f
-cd "$GIT_WORK_TREE"
-redo
-git add metadata/author metadata/url metadata/title metadata/*.tmpl metadata/automatic_metadata captchas/linkable/*
-count=$(ls -1 metadata/*.automatic_metadata 2>/dev/null | wc -l)
-if [ "$count" != 0 ]; then
-  git add metadata/*.automatic_metadata
-fi
-status=$(git status -s)
-n_updates=$(printf "$status" | grep -vE '^\?\?' | wc -l)
-if [ "$n_updates" -gt 0 ]; then
-  git commit -a -m 'Update metadata'
-fi
diff --git a/archived/buster/other_files/dovecot.sieve b/archived/buster/other_files/dovecot.sieve
deleted file mode 100644 (file)
index 5346309..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-require ["fileinto"];
-require ["mailbox"];
-if address :is "from" "foo@bar.com" {
-  fileinto :create "foo";
-}
-if address :is :domain "to" "example.com" {
-  fileinto :create "example.com";
-}
diff --git a/archived/buster/other_files/dumpsite_index.html b/archived/buster/other_files/dumpsite_index.html
deleted file mode 100644 (file)
index 0c2093f..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-<!DOCTYPE html>
-<meta charset="UTF-8">
-<a href="blog">Zum Blog?</a>
diff --git a/archived/buster/other_files/fetchmailrc b/archived/buster/other_files/fetchmailrc
deleted file mode 100755 (executable)
index b437563..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-# remove "keep" if you're sure about your setup; it keeps mails on server from getting deleted 
-poll mail.example.com protocol pop3 username "foo@example.com" password "PASSWORD" ssl keep
diff --git a/archived/buster/other_files/peertube_production.yaml b/archived/buster/other_files/peertube_production.yaml
deleted file mode 100644 (file)
index 86804e2..0000000
+++ /dev/null
@@ -1,375 +0,0 @@
-listen:
-  hostname: 'localhost'
-  port: 9000
-
-# Correspond to your reverse proxy server_name/listen configuration
-webserver:
-  https: true
-  hostname: 'example.com'
-  port: 443
-
-rates_limit:
-  api:
-    # 50 attempts in 10 seconds
-    window: 10 seconds
-    max: 50
-  login:
-    # 15 attempts in 5 min
-    window: 5 minutes
-    max: 15
-  signup:
-    # 2 attempts in 5 min (only succeeded attempts are taken into account)
-    window: 5 minutes
-    max: 2
-  ask_send_email:
-    # 3 attempts in 5 min
-    window: 5 minutes
-    max: 3
-
-# Proxies to trust to get real client IP
-# If you run PeerTube just behind a local proxy (nginx), keep 'loopback'
-# If you run PeerTube behind a remote proxy, add the proxy IP address (or subnet)
-trust_proxy:
-  - 'loopback'
-
-# Your database name will be "peertube"+database.suffix
-database:
-  password: 'peertube'
-  hostname: 'localhost'
-  port: 5432
-  suffix: '_prod'
-  username: 'peertube'
-  pool:
-    max: 5
-
-# Redis server for short time storage
-# You can also specify a 'socket' path to a unix socket but first need to
-# comment out hostname and port
-redis:
-  hostname: 'localhost'
-  port: 6379
-  auth: null
-  db: 0
-
-# SMTP server to send emails
-smtp:
-  hostname: null
-  port: 465 # If you use StartTLS: 587
-  username: null
-  password: null
-  tls: true # If you use StartTLS: false
-  disable_starttls: false
-  ca_file: null # Used for self signed certificates
-  from_address: 'admin@example.com'
-
-email:
-  body:
-    signature: "PeerTube"
-  subject:
-    prefix: "[PeerTube]"
-
-# From the project root directory
-storage:
-  tmp: '/var/www/peertube/storage/tmp/' # Use to download data (imports etc), store uploaded files before processing...
-  avatars: '/var/www/peertube/storage/avatars/'
-  videos: '/var/www/peertube/storage/videos/'
-  streaming_playlists: '/var/www/peertube/storage/streaming-playlists/'
-  redundancy: '/var/www/peertube/storage/redundancy/'
-  logs: '/var/www/peertube/storage/logs/'
-  previews: '/var/www/peertube/storage/previews/'
-  thumbnails: '/var/www/peertube/storage/thumbnails/'
-  torrents: '/var/www/peertube/storage/torrents/'
-  captions: '/var/www/peertube/storage/captions/'
-  cache: '/var/www/peertube/storage/cache/'
-  plugins: '/var/www/peertube/storage/plugins/'
-
-log:
-  level: 'info' # debug/info/warning/error
-  rotation:
-    enabled : true # Enabled by default, if disabled make sure that 'storage.logs' is pointing to a folder handled by logrotate
-    maxFileSize: 12MB
-    maxFiles: 20
-  anonymizeIP: true
-
-search:
-  # Add ability to fetch remote videos/actors by their URI, that may not be federated with your instance
-  # If enabled, the associated group will be able to "escape" from the instance follows
-  # That means they will be able to follow channels, watch videos, list videos of non followed instances
-  remote_uri:
-    users: true
-    anonymous: false
-
-trending:
-  videos:
-    interval_days: 7 # Compute trending videos for the last x days
-
-# Cache remote videos on your server, to help other instances to broadcast the video
-# You can define multiple caches using different sizes/strategies
-# Once you have defined your strategies, choose which instances you want to cache in admin -> manage follows -> following
-redundancy:
-  videos:
-    check_interval: '1 hour' # How often you want to check new videos to cache
-    strategies: # Just uncomment strategies you want
-#      -
-#        size: '10GB'
-#        # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
-#        min_lifetime: '48 hours'
-#        strategy: 'most-views' # Cache videos that have the most views
-#      -
-#        size: '10GB'
-#        # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
-#        min_lifetime: '48 hours'
-#        strategy: 'trending' # Cache trending videos
-#      -
-#        size: '10GB'
-#        # Minimum time the video must remain in the cache. Only accept values > 10 hours (to not overload remote instances)
-#        min_lifetime: '48 hours'
-#        strategy: 'recently-added' # Cache recently added videos
-#        min_views: 10 # Having at least x views
-
-csp:
-  enabled: false
-  report_only: true # CSP directives are still being tested, so disable the report only mode at your own risk!
-  report_uri:
-
-tracker:
-  # If you disable the tracker, you disable the P2P aspect of PeerTube
-  enabled: true
-  # Only handle requests on your videos.
-  # If you set this to false it means you have a public tracker.
-  # Then, it is possible that clients overload your instance with external torrents
-  private: true
-  # Reject peers that do a lot of announces (could improve privacy of TCP/UDP peers)
-  reject_too_many_announces: false
-
-history:
-  videos:
-    # If you want to limit users videos history
-    # -1 means there is no limitations
-    # Other values could be '6 months' or '30 days' etc (PeerTube will periodically delete old entries from database)
-    max_age: -1
-
-views:
-  videos:
-    # PeerTube creates a database entry every hour for each video to track views over a period of time
-    # This is used in particular by the Trending page
-    # PeerTube could remove old remote video views if you want to reduce your database size (video view counter will not be altered)
-    # -1 means no cleanup
-    # Other values could be '6 months' or '30 days' etc (PeerTube will periodically delete old entries from database)
-    remote:
-      max_age: -1
-
-plugins:
-  # The website PeerTube will ask for available PeerTube plugins and themes
-  # This is an unmoderated plugin index, so only install plugins/themes you trust
-  index:
-    enabled: true
-    check_latest_versions_interval: '12 hours' # How often you want to check new plugins/themes versions
-    url: 'https://packages.joinpeertube.org'
-
-
-###############################################################################
-#
-# From this point, all the following keys can be overridden by the web interface
-# (local-production.json file). If you need to change some values, prefer to
-# use the web interface because the configuration will be automatically
-# reloaded without any need to restart PeerTube.
-#
-# /!\ If you already have a local-production.json file, the modification of the
-# following keys will have no effect /!\.
-#
-###############################################################################
-
-cache:
-  previews:
-    size: 500 # Max number of previews you want to cache
-  captions:
-    size: 500 # Max number of video captions/subtitles you want to cache
-
-admin:
-  # Used to generate the root user at first startup
-  # And to receive emails from the contact form
-  email: 'admin@example.com'
-
-contact_form:
-  enabled: true
-
-signup:
-  enabled: false
-  limit: 10 # When the limit is reached, registrations are disabled. -1 == unlimited
-  requires_email_verification: false
-  filters:
-    cidr: # You can specify CIDR ranges to whitelist (empty = no filtering) or blacklist
-      whitelist: []
-      blacklist: []
-
-user:
-  # Default value of maximum video BYTES the user can upload (does not take into account transcoded files).
-  # -1 == unlimited
-  video_quota: -1
-  video_quota_daily: -1
-
-# If enabled, the video will be transcoded to mp4 (x264) with "faststart" flag
-# In addition, if some resolutions are enabled the mp4 video file will be transcoded to these new resolutions.
-# Please, do not disable transcoding since many uploaded videos will not work
-transcoding:
-  enabled: true
-  # Allow your users to upload .mkv, .mov, .avi, .flv videos
-  allow_additional_extensions: true
-  # If a user uploads an audio file, PeerTube will create a video by merging the preview file and the audio file
-  allow_audio_files: true
-  threads: 1
-  resolutions: # Only created if the original video has a higher resolution, uses more storage!
-    0p: false # audio-only (creates mp4 without video stream, always created when enabled)
-    240p: true
-    360p: true
-    480p: true
-    720p: true
-    1080p: true
-    2160p: false
-
-  # Generate videos in a WebTorrent format (what we do since the first PeerTube release)
-  # If you also enabled the hls format, it will multiply videos storage by 2
-  # If disabled, breaks federation with PeerTube instances < 2.1
-  webtorrent:
-    enabled: true
-
-  # /!\ Requires ffmpeg >= 4.1
-  # Generate HLS playlists and fragmented MP4 files. Better playback than with WebTorrent:
-  #     * Resolution change is smoother
-  #     * Faster playback in particular with long videos
-  #     * More stable playback (less bugs/infinite loading)
-  # If you also enabled the webtorrent format, it will multiply videos storage by 2
-  hls:
-    enabled: true
-
-import:
-  # Add ability for your users to import remote videos (from YouTube, torrent...)
-  videos:
-    http: # Classic HTTP or all sites supported by youtube-dl https://rg3.github.io/youtube-dl/supportedsites.html
-      enabled: false
-      # You can use an HTTP/HTTPS/SOCKS proxy with youtube-dl
-      proxy:
-        enabled: false
-        url: ""
-    torrent: # Magnet URI or torrent file (use classic TCP/UDP/WebSeed to download the file)
-      enabled: false
-
-auto_blacklist:
-  # New videos automatically blacklisted so moderators can review before publishing
-  videos:
-    of_users:
-      enabled: false
-
-# Instance settings
-instance:
-  name: 'PlomTube'
-  short_description: ''
-  description: 'Personal PeerTube instance by plomlompom (see https://plomlompom.com) for his own videos.' # Support markdown
-  terms: '**Privacy**: Videos here are streamed via the BitTorrent protocol, which might expose your IP to other peers – see the "P2P & Privacy" section [here](/about/peertube). Internally, site visits are logged by the PeerTube software, but with IPs anonymized. **Contact**: See https://plomlompom.com/contact.html' # Support markdown
-  code_of_conduct: '' # Supports markdown
-
-  # Who moderates the instance? What is the policy regarding NSFW videos? Political videos? etc
-  moderation_information: '' # Supports markdown
-
-  # Why did you create this instance?
-  creation_reason: ''
-
-  # Who is behind the instance? A single person? A non profit?
-  administrator: ''
-
-  # How long do you plan to maintain this instance?
-  maintenance_lifetime: ''
-
-  # How will you pay the PeerTube instance server? With your own funds? With users donations? Advertising?
-  business_model: ''
-
-  # If you want to explain on what type of hardware your PeerTube instance runs
-  # Example: "2 vCore, 2GB RAM..."
-  hardware_information: '' # Supports Markdown
-
-  # What are the main languages of your instance? To interact with your users for example
-  # Uncomment or add the languages you want
-  # List of supported languages: https://peertube.cpy.re/api/v1/videos/languages
-  languages:
-#    - en
-#    - es
-#    - fr
-
-  # You can specify the main categories of your instance (dedicated to music, gaming or politics etc)
-  # Uncomment or add the category ids you want
-  # List of supported categories: https://peertube.cpy.re/api/v1/videos/categories
-  categories:
-#    - 1  # Music
-#    - 2  # Films
-#    - 3  # Vehicles
-#    - 4  # Art
-#    - 5  # Sports
-#    - 6  # Travels
-#    - 7  # Gaming
-#    - 8  # People
-#    - 9  # Comedy
-#    - 10 # Entertainment
-#    - 11 # News & Politics
-#    - 12 # How To
-#    - 13 # Education
-#    - 14 # Activism
-#    - 15 # Science & Technology
-#    - 16 # Animals
-#    - 17 # Kids
-#    - 18 # Food
-
-  default_client_route: '/videos/trending'
-
-  # Whether or not the instance is dedicated to NSFW content
-  # Enabling it will allow other administrators to know that you are mainly federating sensitive content
-  # Moreover, the NSFW checkbox on video upload will be automatically checked by default
-  is_nsfw: false
-  # By default, "do_not_list" or "blur" or "display" NSFW videos
-  # Could be overridden per user with a setting
-  default_nsfw_policy: 'do_not_list'
-
-  customizations:
-    javascript: '' # Directly your JavaScript code (without <script> tags). Will be eval at runtime
-    css: '' # Directly your CSS code (without <style> tags). Will be injected at runtime
-  # Robot.txt rules. To disallow robots to crawl your instance and disallow indexation of your site, add '/' to "Disallow:'
-  robots: |
-    User-agent: *
-    Disallow:
-  # Security.txt rules. To discourage researchers from testing your instance and disable security.txt integration, set this to an empty string.
-  securitytxt:
-    "# If you would like to report a security issue\n# you may report it to:\nContact: https://github.com/Chocobozzz/PeerTube/blob/develop/SECURITY.md\nContact: mailto:"
-
-services:
-  # Cards configuration to format video in Twitter
-  twitter:
-    username: '@Chocobozzz' # Indicates the Twitter account for the website or platform on which the content was published
-    # If true, a video player will be embedded in the Twitter feed on PeerTube video share
-    # If false, we use an image link card that will redirect on your PeerTube instance
-    # Change it to "true", and then test on https://cards-dev.twitter.com/validator to see if you are whitelisted
-    whitelisted: false
-
-followers:
-  instance:
-    # Allow or not other instances to follow yours
-    enabled: true
-    # Whether or not an administrator must manually validate a new follower
-    manual_approval: false
-
-followings:
-  instance:
-    # If you want to automatically follow back new instance followers
-    # If this option is enabled, use the mute feature instead of deleting followings
-    # /!\ Don't enable this if you don't have a reactive moderation team /!\
-    auto_follow_back:
-      enabled: false
-
-    # If you want to automatically follow instances of the public index
-    # If this option is enabled, use the mute feature instead of deleting followings
-    # /!\ Don't enable this if you don't have a reactive moderation team /!\
-    auto_follow_index:
-      enabled: false
-      index_url: 'https://instances.joinpeertube.org'
-
-theme:
-  default: 'default'
diff --git a/archived/buster/other_files/pingmailrc b/archived/buster/other_files/pingmailrc
deleted file mode 100644 (file)
index 46bcbfe..0000000
+++ /dev/null
@@ -1,45 +0,0 @@
-# place for test files whose modification times are used to track lifesigns
-testdir=$HOME'/.pingmail'
-
-# modification time is the last time a ping was sent or a lifetime received
-ping_touch=$testdir'/ping_touch'
-
-# modification time is when the count for sending checker a warning mail starts
-reminder_touch=$testdir'/reminder_touch'
-
-# how long to wait for lifesigns before sending a ping; double is time to wait
-# for a lifesign before sending a warning message to checker
-wait_time=86400
-
-# address of the checker, receives warning message after too long wait
-checker_address='bar@example.org'
-
-# address of the checked person, ping is sent here
-checked_address='foo@example.org'
-
-# content of ping message sent to checked person
-subj2checked='[pingmail] Ping!'
-msg2checked='Hi!\n
-\nThis is an automated mail ping from '$checker_address'.
-\nRespond to show that you are still alive!'
-
-# content of warning message sent to checker
-id_target='foo'
-subj2checker='[pingmail] No recent life signs from '$id_target
-reminder_time=`expr $wait_time \* 2`
-msg2checker='pingmail reporting in:\n
-\nNo life signs from '$id_target' for the last '$reminder_time' seconds.
-\nMaybe you should give them a call to check if they are okay.'
-
-# mail client command reading message body from stdin and subject from parameter
-mailclient_s='mail -s'
-
-# mailbox file to check for most recent life sign
-mbox=$HOME'/mail/foo'
-
-# to recursively search for most recent matches to $matchstring as lifesigns
-#maildir=$HOME'/mail'
-
-# pattern to search $maildir for recursively for lifesigns
-#checked_address_escaped=`echo $checked_address | sed 's/\./\\./g'`
-#matchstring='^From: .*('$checked_address_escaped'|alternate@example\.org)'
diff --git a/archived/buster/other_files/pixel.png b/archived/buster/other_files/pixel.png
deleted file mode 100644 (file)
index 45d6db2..0000000
Binary files a/archived/buster/other_files/pixel.png and /dev/null differ
diff --git a/archived/buster/other_files/pleroma_panel.html b/archived/buster/other_files/pleroma_panel.html
deleted file mode 100644 (file)
index 8e2e67f..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-<div style="margin: 1em;">
-  <p>Privacy: Visitor IP addresses are anonymized in the logs.</p>
-  <p>Contact: See <a href="https://plomlompom.com/contact.html">plomlompom.com contact page</a>.</p>
-</div>
diff --git a/archived/buster/other_files/pleroma_robots.txt b/archived/buster/other_files/pleroma_robots.txt
deleted file mode 100644 (file)
index eb05362..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-User-agent: *
-Disallow:
diff --git a/archived/buster/other_files/pleroma_terms-of-service.html b/archived/buster/other_files/pleroma_terms-of-service.html
deleted file mode 100644 (file)
index 7268bac..0000000
+++ /dev/null
@@ -1 +0,0 @@
-This is <a href="https://plomlompom.com">plomlompom</a>'s personal single-user Pleroma instance.
diff --git a/archived/buster/other_files/plomlombot_daemon.sh b/archived/buster/other_files/plomlombot_daemon.sh
deleted file mode 100755 (executable)
index a9285bf..0000000
+++ /dev/null
@@ -1,62 +0,0 @@
-#!/bin/sh
-set -e
-
-# Repeatedly parse config file for GPG key and bot screen configs.
-path=~/.plomlombot
-db_dir="${HOME}/plomlombot_db"
-irclogs_dir=/var/www/html/irclogs
-irclogs_pw_dir=/var/www/irclogs_pw
-hostname_mod_epoch=$(stat -c%Y /etc/hostname)
-while true; do
-    if [ -f "${path}" ]; then
-        cat "${path}" | while read line; do
-            first_word=$(echo -n "${line}" | cut -d' ' -f1)
-
-            # Read "bot:" line, start bot screen session from it if not yet existing,
-            # set up irclogs dir if not yet existing.
-            if [ "${first_word}" = "bot:" ]; then
-                session_name=$(echo -n "${line}" | cut -d' ' -f2)
-                bot_name=$(echo -n "${line}" | cut -d' ' -f3)
-                channel_name=$(echo -n "${line}" | cut -d' ' -f4)
-                shortened_channel_name="${channel_name}"
-                first_char=$(echo -n "${channel_name}" | cut -c1)
-                if [ "${first_char}" = "#" ]; then
-                    shortened_channel_name=$(echo -n "${channel_name}" | cut -c2-)
-                fi
-                server_name=$(echo -n "${line}" | cut -d' ' -f5)
-                login_user=$(echo -n "${line}" | cut -d' ' -f6)
-                login_pw=$(echo -n "${line}" | cut -d' ' -f7)
-                add_option=$(echo -n "${line}" | cut -d' ' -f8-)
-                set +e
-                screen -S "${session_name}" -Q select . > /dev/null
-                start_screen=$?
-                set -e
-                if [ "${start_screen}" -eq "1" ]; then
-                    cd ~/plomlombot-irc
-                    LANG="en_US.UTF-8" screen -d -m -S "${session_name}" ./run.sh -r 604800 -n "${bot_name}" -s "${server_name}" -c "${channel_name}" ${add_option}
-                fi
-                md5_server=$(echo -n "${server_name}" | md5sum | cut -d' ' -f1)
-                md5_channel=$(echo -n "${channel_name}" | md5sum | cut -d' ' -f1)
-                logs_dir="${db_dir}/${md5_server}/${md5_channel}/logs"
-                # FIXME: Note the trouble we will have if we have the same channel
-                # name on different servers …
-                ln -sfn "${logs_dir}" "${irclogs_dir}/${shortened_channel_name}"
-                echo "${login_user}":'{PLAIN}'"${login_pw}" > "${irclogs_pw_dir}/${shortened_channel_name}"
-
-            # If "gpg_key" line, encrypt old raw logs to that GPG key.
-            elif [ "${first_word}" = "gpg_key" ]; then
-                key=$(echo -n "${line}" | cut -d' ' -f2)
-                mkdir -p ~/plomlombot_db
-                cd ~/plomlombot_db
-                # Dirty hack: To avoid trouble with GPG key expiration, fake
-                # system to something reasonbly old (younger than key creation,
-                # older than expiration) by taking the mod datetime of
-                # /etc/hostname, which should have last be changed when the
-                # system was set up.
-                find . -path '*/*/raw_logs/*.txt' -mtime +1 -type f -exec gpg --recipient "${key}" --trust-model always --faked-system-time="${hostname_mod_epoch}" --encrypt {} \; -exec rm {} \;
-            fi
-
-        done
-        sleep 1
-    fi
-done
diff --git a/archived/buster/other_files/plomlombot_hook_post-receive b/archived/buster/other_files/plomlombot_hook_post-receive
deleted file mode 100755 (executable)
index c4627af..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-GIT_WORK_TREE=/home/plom/plomlombot-irc git checkout -f
diff --git a/archived/buster/other_files/url-catcher_customizations.json b/archived/buster/other_files/url-catcher_customizations.json
deleted file mode 100644 (file)
index acc4778..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-  "translations": {
-    "wrongCaptcha": "Captcha leider falsch.",
-    "invalidURL": "Falsch formatierte URL.",
-    "recordedURL": "URL aufgezeichnet (wird gesichtet und bei Angemessenheit dem Artikel angefügt): ",
-    "pleaseWait": "Zu viele Versuche von dieser IP. So viele Sekunden warten: "
-  },
-  "mailConfig": {
-    "to": "plom+url_catcher@plomlompom.com",
-    "from": "plom+url_catcher@plomlompom.com"
-  },
-  "slowdownReset": 3600
-}
diff --git a/archived/buster/other_files/website_hook_post-receive b/archived/buster/other_files/website_hook_post-receive
deleted file mode 100755 (executable)
index 26d1cce..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-GIT_WORK_TREE=/var/www git checkout -f
diff --git a/archived/buster/other_files/weechat-wrapper.sh b/archived/buster/other_files/weechat-wrapper.sh
deleted file mode 100755 (executable)
index b433574..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Enforce ~/.weechatrc as sole persistent weechat config file.
-rm -rf ~/.weechat/
-WEECHATCONF=`tr '\n' ';' < ~/.weechatrc`
-weechat -r "$WEECHATCONF"
-rm -rf ~/.weechat/
diff --git a/archived/buster/other_files/weechatlogs_encrypter.sh b/archived/buster/other_files/weechatlogs_encrypter.sh
deleted file mode 100755 (executable)
index 9e177d3..0000000
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/sh
-# Encrypt dated weechatlog files older than one day to GPG target defined in
-# ~/.encrypt_target
-set -e
-
-gpg_key=$(cat ~/.encrypt_target)
-cd ~/weechatlogs/irc/
-
-# Dirty hack: To avoid trouble with GPG key expiration, fake
-# system to something reasonbly old (younger than key creation,
-# older than expiration) by taking the mod datetime of
-# /etc/hostname, which should have last be changed when the
-# system was set up.
-hostname_mod_epoch=$(stat -c%Y /etc/hostname)
-find . -regextype posix-egrep -regex '^.*/.*/.*\.[0-9]{4}-[0-9]{2}-[0-9]{2}\.weechatlog$' -type f -mtime +1 -exec gpg --recipient "${gpg_key}" --trust-model always --faked-system-time="${hostname_mod_epoch}" --encrypt {} \; -exec rm {} \;
-
diff --git a/archived/buster/other_files/weechatrc b/archived/buster/other_files/weechatrc
deleted file mode 100644 (file)
index 089c441..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-/set logger.file.path ~/weechatlogs
-/set logger.file.flush_delay 0
-/set logger.mask.irc "irc/$server/$channel.%Y-%m-%d.weechatlog"
-/set weechat.bar.status.items "[time],[buffer_last_number],[buffer_plugin],buffer_number+:+buffer_name+(buffer_modes)+{buffer_nicklist_count}+buffer_zoom+buffer_filter,[lag],[hotlist],completion,scroll,[otr]"
-/set weechat.color.chat_nick_colors "lightcyan"
-/server add freenode irc.freenode.net -nicks=plimlompom,plimlomp0m,pliml0mp0m -realname="foo bar" -autojoin=#plomlompomtest
-/connect freenode
-/bar hide buflist
diff --git a/archived/buster/other_files/zettel_hook_post-receive b/archived/buster/other_files/zettel_hook_post-receive
deleted file mode 100755 (executable)
index 3bea5b2..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-ZETTELDIR=/home/plom/zettel
-GIT_WORK_TREE=$ZETTELDIR git checkout -f
-cd $ZETTELDIR
-redo
diff --git a/archived/buster/setup_scripts/backup_app.sh b/archived/buster/setup_scripts/backup_app.sh
deleted file mode 100755 (executable)
index 9b37b14..0000000
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-set -e
-set -x
-
-if [ "$#" -lt 3 ]; then
-    echo 'Need at least three arguments: service name, DB name, and backup directory names.'
-    false
-fi
-app="$1"
-db_name="$2"
-shift 2
-
-cd /tmp
-rm -rf "${app}_backup"
-mkdir "${app}_backup"
-chmod 777 "${app}_backup"
-
-service "${app}" stop
-
-su postgres -lc "pg_dump -d ${db_name} --format=custom -f /tmp/${app}_backup/${db_name}.pgdump"
-for target in "$@"; do
-    mkdir -p $(dirname "${app}_backup${target}")
-    cp -a "${target}" "${app}_backup${target}"
-done
-
-tar cf "${app}_backup.tar" "${app}_backup"
-rm -rf "${app}_backup"
-chown plom:plom "${app}_backup.tar"
-mv "${app}_backup.tar" /home/plom
diff --git a/archived/buster/setup_scripts/copy_dirtree.sh b/archived/buster/setup_scripts/copy_dirtree.sh
deleted file mode 100755 (executable)
index c0cb9bf..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-# Copy files in argument-selected subdirectories of $1 to subdirectories
-# of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2
-# of "" and $3 of "all", copy files below etc_files/all such as
-# etc_files/all/etc/foo/bar to equivalent locations below / such as
-# /etc/foo/bar. Create directories as necessary. Multiple arguments after
-# $3 are possible.
-#
-# CAUTION: This removes original files at the affected paths.
-set -e
-
-if [ "$#" -lt 3 ]; then
-    echo 'Need arguments: source root, target root, modules.'
-    false
-fi
-source_root="$1"
-target_root="$2"
-shift 2
-
-for target_module in "$@"; do
-    mkdir -p "${source_root}/${target_module}"
-    cd "${source_root}/${target_module}"
-    for path in $(find . -type f); do
-        target_path="${target_root}"$(echo "${path}" | cut -c2-)
-        source_path=$(realpath "${path}")
-        dir=$(dirname "${target_path}")
-        mkdir -p "${dir}"
-        cp "${source_path}" "${target_path}"
-    done
-done
diff --git a/archived/buster/setup_scripts/init_user_and_keybased_login.sh b/archived/buster/setup_scripts/init_user_and_keybased_login.sh
deleted file mode 100755 (executable)
index 298bafa..0000000
+++ /dev/null
@@ -1,56 +0,0 @@
-#!/bin/sh
-# This script turns a fresh server with password-based root access to
-# one of only key-based access and only to new non-root account plom.
-#
-# CAUTION: This is optimized for a *fresh* setup. It will overwrite any
-# pre-existing ~/.ssh/authorized_keys of user plom with one that solely
-# contains the local ~/.ssh/id_rsa.pub, and also any old
-# /etc/ssh/sshd_config.
-#
-# Dependencies: ssh, scp, sshpass, ~/.ssh/id_rsa.pub, properly
-# configured sshd_config file in reach.
-set -e
-
-# Location auf a sshd_config with "PermitRootLogin no" and
-# "PasswordAuthentication no".
-config_tree_prefix="${HOME}/public_repos/config/buster"
-linkable_files_dir="${config_tree_prefix}/etc_files/server"
-system_path_sshd_config='/etc/ssh/sshd_config'
-local_path_sshd_config="${linkable_files_dir}${system_path_sshd_config}"
-
-# Ensure we have a server name as argument.
-if [ $# -eq 0 ]; then
-    echo "Need server as argument."
-    false
-fi
-server="$1"
-
-# Ask for root password only once, sshpass will re-use it then often.
-stty -echo
-printf "(Old) server root password: "
-read PW_ROOT
-stty echo
-printf "\n"
-export SSHPASS="${PW_ROOT}"
-
-# This will be used to log-in as root from plom account.
-echo 'Asking for new root password.'
-ssh root@"${server}" "passwd"
-
-# Create user plom, and his ~/.ssh/authorized_keys based on the local
-# ~/.ssh/id_rsa.pub; ensure the result has proper permissions and
-# ownerships. Then disable root and pw login by copying over the
-# sshd_config and restart ssh daemon.
-#
-# This could be a line or two shorter by using ssh-copy-id, but that
-# would require setting a password for user plom otherwise not needed.
-sshpass -e scp ~/.ssh/id_rsa.pub root@"${server}":/tmp/authorized_keys
-sshpass -e ssh root@"${server}" \
-        'useradd -m plom && '\
-        'mkdir /home/plom/.ssh && '\
-        'chown plom:plom /home/plom/.ssh && '\
-        'chown plom:plom /tmp/authorized_keys && '\
-        'chmod u=rw,go= /tmp/authorized_keys && '\
-        'mv /tmp/authorized_keys /home/plom/.ssh/'
-sshpass -e scp "${local_path_sshd_config}" root@"${server}":"${system_path_sshd_config}"
-sshpass -e ssh root@"${server}" 'service ssh restart'
diff --git a/archived/buster/setup_scripts/init_user_login.sh b/archived/buster/setup_scripts/init_user_login.sh
deleted file mode 100755 (executable)
index 7f3536a..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/bin/sh
-set -e
-
-# Location auf a sshd_config with "PermitRootLogin no" and
-# "PasswordAuthentication no".
-config_tree_prefix="${HOME}/public_repos/config/buster"
-linkable_files_dir="${config_tree_prefix}/etc_files/server"
-system_path_sshd_config='/etc/ssh/sshd_config'
-local_path_sshd_config="${linkable_files_dir}${system_path_sshd_config}"
-
-# Ensure we have a server name as argument.
-if [ $# -eq 0 ]; then
-    echo "Need server as argument."
-    false
-fi
-server="$1"
-
-# So we're only asked once …
-eval $(ssh-agent)
-ssh-add
-
-# This will be used to log-in as root from plom account.
-echo 'Asking for new root password.'
-ssh root@"${server}" "passwd"
-
-# Set up plom's ~/.ssh/authorized_keys from root's.
-ssh root@"${server}" 'useradd -m plom'
-ssh root@"${server}" 'mkdir /home/plom/.ssh'
-ssh root@"${server}" 'chown plom:plom /home/plom/.ssh'
-ssh root@"${server}" 'cp /root/.ssh/authorized_keys /home/plom/.ssh/'
-ssh root@"${server}" 'chown plom:plom /home/plom/.ssh/authorized_keys'
-
-# Set up SSH config and remove direct SSH login to root.
-scp "${local_path_sshd_config}" root@"${server}":"${system_path_sshd_config}"
-ssh root@"${server}" 'rm -rf /root/.ssh && service ssh restart'
diff --git a/archived/buster/setup_scripts/install_for_target.sh b/archived/buster/setup_scripts/install_for_target.sh
deleted file mode 100755 (executable)
index 853a672..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/sh
-# Walks through the package names in the argument-selected files of
-# apt-mark/ and ensures the respective packages are installed.
-#
-# Ignores anything in an apt-mark/ file after the last newline.
-set -e
-
-config_tree_prefix="${HOME}/config/buster"
-aptmark_dir="${config_tree_prefix}/apt-mark"
-
-for target in "$@"; do
-    path="${aptmark_dir}/${target}"
-    # TODO: continue if file at $path not found, to get rid of dummy files
-    cat "${path}" | while read line; do
-        echo "$line"
-        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-            DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=--force-confold install "${line}"
-        fi
-    done
-done
diff --git a/archived/buster/setup_scripts/migrate_app.sh b/archived/buster/setup_scripts/migrate_app.sh
deleted file mode 100755 (executable)
index 9ae8c8d..0000000
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/sh
-set -e
-set -x
-
-if [ "$#" -lt 2 ]; then
-    echo 'Need two arguments: old server IP, and service name.'
-    false
-fi
-if [ ! "$2" = "pleroma_otp" ] && [ ! "$2" = "pleroma_source" ] && [ ! "$2" = "peertube" ]; then
-    echo "Need legal service name (pleroma_otp or pleroma_source or peertube)."
-    false
-fi
-server_ip="$1"
-app="$2"
-service="$2"
-if [ "${app}" = "pleroma_otp" ]; then
-    db_name="pleroma"
-    dirs="/var/lib/pleroma/uploads /etc/pleroma"
-    service=pleroma
-elif [ "${app}" = "pleroma_source" ]; then
-    db_name="pleroma"
-    dirs="/var/lib/pleroma/uploads /opt/pleroma/config"
-    service=pleroma
-elif [ "${app}" = "peertube" ]; then
-    db_name="peertube_prod"
-    dirs="/var/www/peertube/storage /var/www/peertube/config"
-fi
-
-config_tree_prefix="${HOME}/config/buster"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-
-cd "${setup_scripts_dir}"
-./prepare_to_meet_server.sh "${server_ip}"
-read -p'Hit Enter when you are done.' ignore
-eval $(ssh-agent) && ssh-add
-echo 'Enter password for root on target server next.'
-ssh plom@"${server_ip}" "su -lc \"cd config/buster/setup_scripts && git pull && ./backup_app.sh ${service} ${db_name} ${dirs}\""
-scp plom@"${server_ip}":~/${service}_backup.tar /home/plom/${service}_backup.tar
-./restore_app.sh "${app}" "${db_name}"
diff --git a/archived/buster/setup_scripts/migrate_borg.sh b/archived/buster/setup_scripts/migrate_borg.sh
deleted file mode 100755 (executable)
index a119b16..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -ne 1 ]; then
-    echo 'Need  old server IP.'
-    false
-fi
-old_server="$1"
-config_tree_prefix="${HOME}/config/buster"
-cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
-chown plom:plom /home/plom/prepare_to_meet_server.sh
-su -lc "./prepare_to_meet_server.sh ${old_server}" plom
-read -p'Hit Enter when you are done.' ignore
-rm /home/plom/prepare_to_meet_server.sh
-cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-su -lc "./mirror_dir.sh ${old_server} /home/plom/borg" plom
-rm /home/plom/mirror_dir.sh
diff --git a/archived/buster/setup_scripts/mirror_dir.sh b/archived/buster/setup_scripts/mirror_dir.sh
deleted file mode 100755 (executable)
index 0fc03aa..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/sh
-# Mirror directory tree from remote to local server, keeping the path.
-set -e
-
-if [ $# -lt 2 ]; then
-    echo "Need server and directory as arguments."
-    false
-fi
-server=$1
-dir=$2
-path_package=/tmp/delete.tar
-
-eval `ssh-agent`
-ssh-add
-cd
-ssh plom@"${server}" "cd \"${dir}\" && tar cf ${path_package} ."
-scp plom@"${server}":"${path_package}" "${path_package}"
-mkdir -p "${dir}"
-cd "${dir}"
-tar xf "${path_package}"
-cd
-rm "${path_package}"
-ssh plom@"${server}" rm "${path_package}"
diff --git a/archived/buster/setup_scripts/prepare_to_meet_server.sh b/archived/buster/setup_scripts/prepare_to_meet_server.sh
deleted file mode 100755 (executable)
index df2aa41..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/sh
-# Do some of the steps necessary to SSH (key-based) with another server.
-set -e
-
-if [ "$#" -ne 1 ]; then
-    echo 'Need server IP as argument.'
-    false
-fi
-target="$1"
-
-# We need a public key to copy over, so generate it if not found.
-if [ ! -f ~/.ssh/id_rsa.pub ]; then
-    ssh-keygen -N ""
-fi
-
-# Add target to ~/.ssh/known_hosts so we don't get
-# asked for permission at inopportune moments.
-ssh-keyscan -H "$target" >> ~/.ssh/known_hosts
-
-# Tell user what to do.
-echo "APPEND FOLLOWING TO TARGET'S ~/.ssh/authorized_keys:"
-cat ~/.ssh/id_rsa.pub
diff --git a/archived/buster/setup_scripts/purge_nonrequireds.sh b/archived/buster/setup_scripts/purge_nonrequireds.sh
deleted file mode 100755 (executable)
index af2d61b..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-# This script removes all Debian packages that are not of Priority
-# "required" or not depended on by packages of priority "required"
-# or not listed in the argument-selected files of apt-mark/.
-set -e
-
-config_tree_prefix="${HOME}/config/buster"
-aptmark_dir="${config_tree_prefix}/apt-mark"
-
-dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted
-for target in "$@"; do
-    path="${aptmark_dir}/${target}"
-    cat "${path}" | while read line; do
-        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-            echo "${line}" >> /tmp/list_white_unsorted
-        fi
-    done
-done
-sort /tmp/list_white_unsorted > /tmp/list_white
-dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages
-sort /tmp/list_all_packages > /tmp/foo
-mv /tmp/foo /tmp/list_all_packages
-comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black
-apt-mark auto `cat /tmp/list_black`
-DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
-rm /tmp/list_all_packages /tmp/list_white_unsorted /tmp/list_white /tmp/list_black
-
-# Somehow, auto-mounts get undone by all of this, so re-mount /etc/fstab.
-# TODO: Find out why.
-mount -a
diff --git a/archived/buster/setup_scripts/restore_app.sh b/archived/buster/setup_scripts/restore_app.sh
deleted file mode 100755 (executable)
index 817c07d..0000000
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/bin/sh
-set -e
-set -x
-
-if [ "$#" -lt 2 ]; then
-    echo 'Need two arguments: service name and DB name.'
-    false
-fi
-if [ ! "$1" = "pleroma_otp" ] && [ ! "$1" = "pleroma_source" ] && [ ! "$1" = "peertube" ]; then
-    echo "Need legal service name (pleroma_otp or pleroma_source or peertube)."
-    false
-fi
-app="$1"
-db_name="$2"
-service="$1"
-if [ "${app}" = "pleroma_source" ] || [ "${app}" = "pleroma_otp" ]; then
-    service=pleroma
-fi
-
-service "${service}" stop
-
-mv "/home/plom/${service}_backup.tar" /tmp/
-cd /tmp
-tar xf "${service}_backup.tar"
-
-su postgres -c "pg_restore -c -1 -d ${db_name} ${service}_backup/${db_name}.pgdump"
-rm "${service}_backup/${db_name}.pgdump"
-
-cd "${service}_backup"
-for path in $(find . -type f); do
-    if [ "${app}" = "pleroma_source" ]; then
-        if [ "${path}" = './opt/pleroma/config/prod.secret.exs' ]; then
-            continue  # skip file that contains passwords
-        fi
-    fi
-    target_path=$(echo "${path}" | cut -c2-)
-    source_path=$(realpath "${path}")
-    dir=$(dirname "${target_path}")
-    mkdir -p "${dir}"
-    cp -a "${source_path}" "${target_path}"
-done
-
-# TODO: Horrible hack, improve.
-if [ "${app}" = "pleroma_otp" ]; then
-    db_pw=$(cat /etc/pleroma/config.exs | grep password | sed 's/[ ]*password\: *//g' | sed 's/,//g' | sed 's/"//g')
-elif [ "${app}" = "peertube" ]; then
-    db_pw=$(cat /var/www/peertube/config/production.yaml | grep password | head -1 | sed "s/[ ]*password\: *//g" | sed "s/'//g")
-fi
-if [ "${app}" = "pleroma_otp" ] || [ "${app}" = "peertube" ]; then
-    su postgres -lc "psql -c \"ALTER USER ${service} WITH PASSWORD '${db_pw}';\""
-fi
-
-service "${service}" start
diff --git a/archived/buster/setup_scripts/set_hostname_and_fqdn.sh b/archived/buster/setup_scripts/set_hostname_and_fqdn.sh
deleted file mode 100755 (executable)
index a3b9f9a..0000000
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-# Sets hostname and optionally FQDN.
-#
-# Calls hostname, writes to /etc/hostname and /etc/hosts. For /etc/hosts
-# writing follows recommendations from Debian manual at
-# <https://www.debian.org/doc/manuals/debian-reference/ch05.en.html>
-# (section "The hostname resolution") on how to map hostname and possibly
-# FQDN to a permanent IP if present (we assume here any non-private IP
-# and non-loopback IP returned by hostname -I to fulfill that criterion
-# on our systems) or to 127.0.1.1 if not. On the reasoning for separating
-# localhost and hostname mapping to different IPs, see
-# <https://unix.stackexchange.com/a/13087>.
-#
-# Ignores IPv6s.
-set -e
-
-hostname="$1"
-fqdn="$2"
-if [ "${hostname}" = "" ]; then
-    echo "Need hostname as argument."
-    false
-fi
-echo "${hostname}" > /etc/hostname
-hostname "${hostname}"
-
-final_ip="127.0.1.1"
-for ip in $(hostname -I); do
-    if [ $(echo "${ip}" | grep ':' | wc -l) -eq 1 ]; then
-        continue
-    fi
-    range_1=$(echo "${ip}" | cut -d "." -f 1)
-    range_2=$(echo "${ip}" | cut -d "." -f 2)
-    if [ "${range_1}" -eq 127 ]; then
-        continue
-    elif [ "${range_1}" -eq 10 ]; then
-        continue
-    elif [ "${range_1}" -eq 172 ]; then
-        if [ "${range_2}" -ge 16 ] && [ "${range_2}" -le 31 ]; then
-            continue
-        fi
-    elif [ "${range_1}" -eq 192 ]; then
-        if [ "${range_2}" -eq 168 ]; then
-            continue
-        fi
-    fi
-    final_ip="${ip}"
-done
-
-echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
-echo "${final_ip} ${fqdn} ${hostname}" >> /etc/hosts
diff --git a/archived/buster/setup_scripts/setup.sh b/archived/buster/setup_scripts/setup.sh
deleted file mode 100755 (executable)
index cd120e9..0000000
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/sh
-set -e
-
-# Provide maximum input for set_hostname_and_fqdn.sh.
-if [ "$#" -lt 2 ]; then
-    echo 'Need at least two arguments (hostname, FQDN).'
-    false
-fi
-hostname="$1"
-fqdn="$2"
-shift 2
-
-config_tree_prefix="${HOME}/config/buster"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-cd "${setup_scripts_dir}"
-
-# Adapt /etc/ to our needs by copying from ./etc_files. This will set
-# basic configurations affecting following steps, such as setup of APT
-# and the locale selection, so needs to be right at the beginning.
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" all "$@"
-
-# Set hostname and FQDN.
-./set_hostname_and_fqdn.sh "${hostname}" "${fqdn}"
-
-# Ensure package installation state as defined by what packages are
-# defined as required by Debian policy and by settings in ./apt-mark/.
-apt update
-./install_for_target.sh all "$@"
-./purge_nonrequireds.sh all "$@"
-
-# Ensure our desired locale is available.
-locale-gen
-
-# Only upgrade after reducing the system to the desired minimum, so that
-# we don't need to get more data than necessary.
-apt -y dist-upgrade
-
-# Set Berlin localtime.
-ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
diff --git a/archived/buster/setup_scripts/setup_desktop.sh b/archived/buster/setup_scripts/setup_desktop.sh
deleted file mode 100755 (executable)
index 97488e1..0000000
+++ /dev/null
@@ -1,94 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -ne 1 ]; then
-    echo 'Need exactly one argument (system name).'
-    false
-fi
-if [ ! "$1" = "eeepc" ] && [ ! "$1" = "x200s" ] && [ ! "$1" = "x220" ] && [ ! "$1" = "w530" ]; then
-    echo "Need legal system name."
-    false
-fi
-system_name="$1"
-
-# Set up system without user environment.
-config_tree_prefix="${HOME}/config/buster"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-cd "${setup_scripts_dir}"
-if [ "$1" = "x200s" ] || [ "$1" = "x220" ] || [ "$1" = "w530" ]; then
-  ./setup.sh "${system_name}" "" user desktop thinkpad "${system_name}"
-else
-  ./setup.sh "${system_name}" "" user desktop "${system_name}"
-fi
-# For hibernation on lid switch to work, we need a newer kernel on the EeePC,
-# see <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919227>.
-if [ "${system_name}" = "eeepc" ]; then
-    apt -y install -t buster-backports linux-image-amd64
-fi
-
-# Set up printer.
-lpadmin -p 'HP_Deskjet_F300_series' -m 'drv:///hpcups.drv/hp-deskjet_f300_series.ppd' -o 'OutputMode=NormalGray' -E
-service cups restart
-
-# Install Firefox directly from Mozilla.
-firefox_release="68.4.1esr"
-firefox_filename="firefox-${firefox_release}.tar.bz2"
-url_firefox="https://ftp.mozilla.org/pub/firefox/releases/${firefox_release}/linux-x86_64/en-US/${firefox_filename}"
-wget "${url_firefox}"
-mv "${firefox_filename}" /opt/
-cd /opt/
-tar xf "${firefox_filename}"
-rm "${firefox_filename}"
-ln -s /opt/firefox/firefox /usr/local/bin/
-update-alternatives --install /usr/bin/x-www-browser x-www-browser /opt/firefox/firefox 200
-update-alternatives --set x-www-browser /opt/firefox/firefox
-
-# Install Firefox plugins.
-# See <https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Distribution_options/Sideloading_add-ons>
-extensions_dir="/usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/"
-mkdir -p "${extensions_dir}"
-umatrix_version="1.4.0"
-umatrix_xpi="uMatrix.firefox.xpi"
-url_umatrix="https://github.com/gorhill/uMatrix/releases/download/${umatrix_version}/${umatrix_xpi}"
-wget "${url_umatrix}"
-name=$(unzip -p "${umatrix_xpi}" manifest.json | jq -r .applications.gecko.id)
-mv "${umatrix_xpi}" "${name}".xpi
-tridactyl_version="1.17.1pre3355"
-tridactyl_xpi="tridactyl_beta-${tridactyl_version}-an+fx.xpi"
-url_tridactyl="https://tridactyl.cmcaine.co.uk/betas/${tridactyl_xpi}"
-wget "${url_tridactyl}"
-name=$(unzip -p "${tridactyl_xpi}" manifest.json | jq -r .applications.gecko.id)
-mv "${tridactyl_xpi}" "${name}.xpi"
-mv *.xpi "${extensions_dir}"
-
-# Set up user environments.
-secrets_dev="sdb"
-source_dir_secrets="/media/${secrets_dev}/to_usb"
-target_dir_secrets="/home/plom/tmp_secrets"
-cd "${setup_scripts_dir}"
-./copy_dirtree.sh "${config_tree_prefix}/home_files" "/root" minimal root
-set +e
-HOME_DIR_EXISTS=$([ ! -d "/home/plom" ]; echo $?)
-set -e
-adduser --disabled-password --gecos "" plom
-usermod -a -G sudo plom
-passwd plom
-if [ "${HOME_DIR_EXISTS}" -eq 0 ]; then
-    echo "Put secrets drive into slot for /dev/${secrets_dev}."
-    while [ ! -e /dev/"${secrets_dev}" ]; do
-        sleep 1
-    done
-    stty -echo
-    printf "Secrets passphrase: "
-    read secrets_pass
-    stty echo
-    echo "" # newline so user knows their input return was accepted
-    echo "${secrets_pass}" | pmount /dev/"${secrets_dev}"
-    cp -a "${source_dir_secrets}" "${target_dir_secrets}"
-    chown -R plom:plom "${target_dir_secrets}"
-    pumount "${secrets_dev}"
-    echo "You can remove /dev/${secrets_dev} now."
-    cp setup_home.sh /home/plom
-    chown plom:plom /home/plom/setup_home.sh
-    SECRETS_PASS="${secrets_pass}" su -c "cd && ./setup_home.sh ${system_name}" plom
-fi
diff --git a/archived/buster/setup_scripts/setup_dumpsite.sh b/archived/buster/setup_scripts/setup_dumpsite.sh
deleted file mode 100755 (executable)
index c2592d8..0000000
+++ /dev/null
@@ -1,102 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -ne 4 ]; then
-    echo 'Need domain name and mail and old server and repos source ("local" or "remote"?).'
-    false
-fi
-if [ ! "$4" = "local" ] && [ ! "$4" = "remote" ]; then
-    echo "Need legal repo source name."
-    false
-fi
-domain="$1"
-mail="$2"
-old_server="$3"
-repos_source="$4"
-
-read -p"Only continue if hostname is not domain of url_catcher's target mail address, else abort!" ignore
-
-# Install configs, set up firewall.
-echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections
-echo "postfix postfix/mailname string $(hostname -f)" | debconf-set-selections
-config_tree_prefix="${HOME}/config/buster"
-./install_for_target.sh web dumpsite
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web dumpsite
-nft -f /etc/nftables.conf
-
-# Set up letsencrypt certificate. TODO: Is it auto-renewed?
-ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-rm /etc/nginx/sites-enabled/default
-
-# Set up connection to old dump server.
-cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
-chown plom:plom /home/plom/prepare_to_meet_server.sh
-su -lc "./prepare_to_meet_server.sh ${old_server}" plom
-read -p'Hit Enter when you are done.' ignore
-rm /home/plom/prepare_to_meet_server.sh
-
-# Set up dump dirs.
-mkdir /var/www-dump
-chown plom:plom /var/www-dump
-dump_dir=dump
-geheim_dir=geheim
-su -lc "ln -s /home/plom/${dump_dir} /var/www-dump/${dump_dir}" plom
-su -lc "ln -s /home/plom/${geheim_dir} /var/www-dump/${geheim_dir}" plom
-cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-su -lc "./mirror_dir.sh ${old_server} /home/plom/${dump_dir}" plom
-su -lc "./mirror_dir.sh ${old_server} /home/plom/${geheim_dir}" plom
-su -lc "scp plom@${old_server}:/var/www-dump/password_geheim ~" plom
-mv /home/plom/password_geheim /var/www-dump/password_geheim
-rm /home/plom/mirror_dir.sh
-
-# Set up redo.
-wget http://news.dieweltistgarnichtso.net/bin/archives/redo-sh.tar.gz
-tar -moxzf redo-sh.tar.gz -C /usr/local
-
-# Set up zettel.
-su -lc "git clone --mirror ${old_server}:zettel.git" plom
-cp "${config_tree_prefix}/other_files/zettel_hook_post-receive" /home/plom/zettel.git/hooks/post-receive
-su -lc "git clone ~/zettel.git && cd zettel && redo" plom
-su -lc "ln -s /home/plom/zettel /var/www-dump/zettel" plom
-# NOTE: Locally, to update content, clone zettel.git, not zettel.
-
-# Set up redo blog.
-su -lc "git clone --mirror ${old_server}:blog.git" plom
-cp "${config_tree_prefix}/other_files/blog_hook_post-receive" /home/plom/blog.git/hooks/post-receive
-su -lc "git clone ~/blog.git" plom
-# TODO: set up like plomlombot repo (with post-recieve hook)?
-if [ "$repo_source" = "local"]; then
-  su -lc "git clone /var/repos/redo-blog" plom
-else
-  su -lc "git clone https://plomlompom.com/repos/clone/redo-blog" plom
-fi
-su -lc "cd redo-blog && ./add_dir.sh ~/blog" plom
-su -lc "cd blog && redo" plom
-su -lc "ln -s /home/plom/blog/public /var/www-dump/blog" plom
-# NOTE: Locally, to update content, clone blog.git, not blog.
-
-# Set up url catcher.
-# TODO: set up like plomlombot repo (with post-recieve hook)?
-if [ "$repo_source" = "local"]; then
-  su -lc "git clone /var/repos/url-catcher" plom
-else
-  su -lc "git clone https://plomlompom.com/repos/clone/url-catcher" plom
-fi
-su -lc "cd url-catcher && ln -s ../blog/captchas/linkable/ captchas" plom
-cp "${config_tree_prefix}/other_files/url-catcher_customizations.json" /home/plom/url-catcher/customizations.json
-systemctl enable url_catcher.service
-service url_catcher start
-cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-su -lc "./mirror_dir.sh ${old_server} /home/plom/url-catcher/ips" plom
-su -lc "./mirror_dir.sh ${old_server} /home/plom/url-catcher/lists" plom
-rm /home/plom/mirror_dir.sh
-
-# Set up index.html
-cp "${config_tree_prefix}/other_files/dumpsite_index.html" /var/www-dump/index.html
-
-# Prepare NGINX.
-sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/dumpsite.nginx
-ln -s /etc/nginx/sites-available/dumpsite.nginx /etc/nginx/sites-enabled/dumpsite.nginx
-
-service nginx restart
diff --git a/archived/buster/setup_scripts/setup_home.sh b/archived/buster/setup_scripts/setup_home.sh
deleted file mode 100755 (executable)
index 24f4c67..0000000
+++ /dev/null
@@ -1,102 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -ne 1 ]; then
-    echo 'Need exactly one argument (system name).'
-    false
-fi
-if [ ! "$1" = "eeepc" ] && [ ! "$1" = "x200s" ]&& [ ! "$1" = "x220" ]; then
-    echo "Need legal system name."
-    false
-fi
-system_name="$1"
-
-public_repos_dir="${HOME}/public_repos"
-config_tree_prefix="${public_repos_dir}/config"
-path_borgscript="${config_tree_prefix}/all_new_2018/borg.sh"
-config_tree_buster="${config_tree_prefix}/buster"
-setup_scripts_dir="${config_tree_buster}/setup_scripts"
-repos_list_file="${public_repos_dir}/repos"
-dir_secrets="${HOME}/tmp_secrets"
-borgkeys_dir=~/.config/borg/keys
-borgrepos_file=~/.borgrepos
-ssh_dir=~/.ssh
-authinfo_file=.authinfo
-maildir=~/mail/maildir
-
-ensure_repo() {
-    repo_name="${1}"
-    if [ ! -d "${public_repos_dir}/${repo_name}" ]; then
-        cd "${public_repos_dir}"
-        git clone plom@plomlompom.com:/var/repos/${repo_name}
-    fi
-}
-
-# Set up iniitial non-public parts of infrastructure: SSH authentication.
-cd "${dir_secrets}"
-mkdir -p "${ssh_dir}"
-echo "Setting up .ssh"
-cp id_rsa ~/.ssh
-stty -echo
-ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
-stty echo
-eval $(ssh-agent)
-ssh-add
-ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts
-
-# Clone config to copy dotfiles etc. from it.
-cd
-mkdir -p "${public_repos_dir}"
-ensure_repo config
-cd "${setup_scripts_dir}"
-./copy_dirtree.sh "${config_tree_buster}/home_files" "${HOME}" minimal user "${system_name}"
-
-# Set up native messenger for tridactyl.
-version='ef9f02d0da258f68d7faf8898707f6d83d90d07a'
-curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash
-
-# Set up further non-public parts of infrastructure.
-cd "${dir_secrets}"
-script -c 'gpg --import secret_keys.asc' /dev/null
-tar xf borg_keyfiles.tar
-mkdir -p "${borgkeys_dir}"
-mv borg_keyfiles/* "${borgkeys_dir}"
-# .authinfo may not be present on every secrets drive yet
-if [ -f "${authinfo_file}" ]; then
-    cp "${authinfo_file}" ~
-fi
-cd
-rm -rf "${dir_secrets}"
-
-# Sync org dir via borgbackup. For this we need the borgbackup servers
-# in our .ssh/known_hosts file.
-cat "${borgrepos_file}" | while read line; do
-    first_char=$(echo "${line}" | cut -c1)
-    if [ "${first_char}" = "#" ]; then
-        continue
-    fi
-    server=$(echo "${line}" | sed 's/.*@//')
-    ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts
-done
-BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull
-
-# Fill ~/public_repos.
-cat "${repos_list_file}" | while read line; do
-    first_char=$(echo "${line}" | cut -c1)
-    if [ "${first_char}" = "#" ]; then
-        continue
-    fi
-    ensure_repo "${line}"
-done
-
-# Set up e-mail system. Note that we only do mbsync if the imap pass file
-# is found. It may not be present on every secrets drive yet, so we have to
-# deal with the possibility of it being absent at this point.
-mkdir -p "${maildir}"  # expected by mbsync/isync
-if [ -f "${HOME}/${authinfo_file}" ]; then
-    mbsync -a
-    notmuch new
-fi
-
-# Final note on how to integrate tridactyl.
-echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start."
diff --git a/archived/buster/setup_scripts/setup_mail.sh b/archived/buster/setup_scripts/setup_mail.sh
deleted file mode 100755 (executable)
index c749f27..0000000
+++ /dev/null
@@ -1,121 +0,0 @@
-#!/bin/sh
-set -e
-
-# Check we have the necessary arguments.
-if [ "$#" -lt 1 ]; then
-    echo 'Need mail for letsencrypt, mail domain, and optionally old server IP.'
-    false
-fi
-mail="$1"
-mail_domain="$2"
-old_server="$3"
-
-read -p'You sure you entered the correct mail domain? (not the server domain, but what comes after the @ in your mail addresses) If not, abort here!' ignore
-
-config_tree_prefix="${HOME}/config/buster"
-echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections
-echo "postfix postfix/mailname string ${mail_domain}" | debconf-set-selections
-./install_for_target.sh mail
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" mail
-nft -f /etc/nftables.conf
-
-# Rebuild aliases DB from /etc/aliases
-newaliases
-
-# Update config files without overwriting defaults.
-cat "${config_tree_prefix}/other_files/append_postfix_main.cf" >> /etc/postfix/main.cf
-cat "${config_tree_prefix}/other_files/append_postfix_master.cf" >> /etc/postfix/master.cf
-cat "${config_tree_prefix}/other_files/append_opendkim.conf" >> /etc/opendkim.conf
-
-# Set up letsencrypt certificate.  We need this for STARTTLS on port
-# 25/SMTP (some mail servers refuse delivering mails here if no
-# STARTTLS available) and transport-layer TLS on port 465 (for
-# user-to-server SMTPS)
-# TODO: Is it auto-renewed?
-certbot certonly --standalone --agree-tos --no-eff-email -m "${mail}" -d "$(hostname -f)"
-
-# For if FQDN != mail domain name.
-sed -i "s/REPLACE_maildomain_ECALPER/${mail_domain}/g" /etc/mailutils.conf
-sed -i "s/REPLACE_maildomain_ECALPER/${mail_domain}/g" /etc/postfix/main.cf
-
-# OpenDKIM setup.
-selector=$(hostname)$(date +%Y%m%d)
-opendkim-genkey -d "${mail_domain}" -D /etc/dkimkeys -s "${selector}"
-sed -i "s/REPLACE_maildomain_ECALPER/${mail_domain}/g" /etc/opendkim.conf
-sed -i "s/REPLACE_selector_ECALPER/${selector}/g" /etc/opendkim.conf
-
-# Dovecot sieve filtering via LMTP.  Without this, mail only gets
-# delivered to /var/mail/…, with it /var/mail/… remains the fallback
-# inbox, but all else is sieve-filtered to ~/mail/.
-cp "${config_tree_prefix}/other_files/dovecot.sieve" /home/plom/.dovecot.sieve
-chown plom:plom /home/plom/.dovecot.sieve
-
-# In addition to our postfix server receiving mails, we funnel mails from a
-# POP3 account into dovecot via fetchmail. It might make sense to adapt the
-# ~/.dovecot.sieve to move mails targeted to the fetched mail account to their
-# own mbox.
-cp "${config_tree_prefix}/other_files/fetchmailrc" /home/plom/.fetchmailrc
-chown plom:plom /home/plom/.fetchmailrc
-chmod 0700 /home/plom/.fetchmailrc
-
-# Pingmail setup.
-cp "${config_tree_prefix}/other_files/pingmailrc" /home/plom/.pingmailrc
-chown plom:plom /home/plom/.pingmailrc
-su -lc "cd && git clone https://plomlompom.com/repos/clone/pingmail" plom
-
-# To allow IMAPS access.
-echo "ssl_cert = </etc/letsencrypt/live/$(hostname -f)/fullchain.pem" > /etc/dovecot/conf.d/99-ssl-certs.conf
-echo "ssl_key = </etc/letsencrypt/live/$(hostname -f)/privkey.pem" >> /etc/dovecot/conf.d/99-ssl-certs.conf
-password=$(pwgen -s 100 1)
-echo "plom:${password}" | chpasswd
-
-# Get old mail data, shutdown old postfix server.
-if [ "${old_server}" != "" ]; then
-  cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
-  su -lc "./prepare_to_meet_server.sh ${old_server}" plom
-  read -p'Hit Enter when you are done.' ignore
-  rm /home/plom/prepare_to_meet_server.sh
-  su -lc "scp plom@${old_server}:.dovecot.sieve ~" plom
-  su -lc "scp plom@${old_server}:.fetchmailrc ~" plom
-  su -lc "scp plom@${old_server}:.pingmailrc ~" plom
-  su -lc "ssh -t plom@${old_server} \"su -lc 'service postfix stop'\"" plom
-  su -lc "ssh plom@${old_server} \"su -lc 'systemctl disable fetchmail_old_account.timer'\"" plom
-  su -lc "ssh plom@${old_server} \"su -lc 'service fetchmail_old_account stop'\"" plom
-  #su -lc "ssh -t plom@${old_server} \"su -lc 'service fetchmail stop'\"" plom
-  cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-  su -lc "./mirror_dir.sh ${old_server} /home/plom/mail" plom
-  rm /home/plom/mirror_dir.sh
-  touch /var/mail/plom
-  chown plom:mail /var/mail/plom
-  chmod 0600 /var/mail/plom
-  su -lc "scp plom@${old_server}:/var/mail/plom /var/mail/plom" plom
-fi
-
-# Start everything anew to ensure new configurations.
-service opendkim restart
-service postfix restart
-service dovecot restart
-
-# Pingmail and fetchmail have some systemd timers waiting. To let systemd
-# know about them, do this.
-systemctl daemon-reload
-systemctl enable --now fetchmail_old_account.timer
-systemctl enable --now pingmail.timer
-
-# Final advice to user.
-echo "To put into DNS:"
-cat "/etc/dkimkeys/${selector}.txt"
-echo "If subdomain, append .subdomain to _domainkeys!"
-echo "Also ensure DMARC record of 'v=DMARC1; p=none; rua=mailto:plom+dmarc@plomlompom.com;' as TXT entry at _dmarc or, if subdomain, _dmarc.subdomain"
-echo "Also ensure SPF record of 'v=spf1 mx -all' as TXT entry at @ or subdomain"
-echo "Also ensure reverse DNS lookup for our IP points to $(hostname -f)"
-echo "Also ensure MX record of priority 10 for @ or subdomain pointing to $(hostname -f)"
-echo "IMAPS password for user plom is: ${password}"
-echo "Also don't forget borgbackup migration …"
-
-# todo just for proper mail /sending/:
-# * how to check IP safety
-# https://talosintelligence.com/reputation_center/lookup?search=$IP
-# http://www.anti-abuse.org/multi-rbl-check-results/?host=
-# https://www.dnsbl.info/dnsbl-database-check.php
-# note that none of these catch the IPs that gmx etc. reject
diff --git a/archived/buster/setup_scripts/setup_peertube.sh b/archived/buster/setup_scripts/setup_peertube.sh
deleted file mode 100755 (executable)
index fb9afc9..0000000
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/bin/sh
-set -e
-
-# Heavily inspired by
-# <https://github.com/Chocobozzz/PeerTube/blob/develop/support/doc/production.md>
-# and
-# <https://github.com/Chocobozzz/PeerTube/blob/develop/support/doc/dependencies.md>
-
-if [ "$#" -ne 2 ]; then
-    echo 'Need domain name, mail_address as arguments.'
-    false
-fi
-domain="$1"
-mail="$2"
-
-# Install dependencies, set up firewall.
-config_tree_prefix="${HOME}/config/buster"
-./install_for_target.sh web peertube
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web
-nft -f /etc/nftables.conf
-
-# Get NodeJS. See
-# <https://github.com/nodesource/distributions/blob/master/README.md>
-curl -sL https://deb.nodesource.com/setup_10.x | bash -
-apt-get install -y nodejs
-
-# Get Yarn. See
-# <https://classic.yarnpkg.com/en/docs/install#debian-stable>
-curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
-echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
-apt update && apt install yarn
-
-systemctl start redis postgresql
-
-# Prepare user and DB.
-useradd -m -d /var/www/peertube -s /bin/bash -p peertube peertube
-db_pw=$(pwgen -s 100 1)
-su postgres -lc "psql -c \"CREATE USER peertube WITH PASSWORD '${db_pw}';\""
-su -l postgres -c 'createdb -O peertube -E UTF8 -T template0 peertube_prod'
-su -l postgres -c 'psql -c "CREATE EXTENSION pg_trgm;" peertube_prod'
-su -l postgres -c 'psql -c "CREATE EXTENSION unaccent;" peertube_prod'
-
-# Install and configure PeerTube from latest version.
-VERSION=$(curl -s https://api.github.com/repos/chocobozzz/peertube/releases/latest | grep tag_name | cut -d '"' -f 4) && echo "Latest Peertube version is $VERSION"
-cd /var/www/peertube && su -l peertube -c "mkdir config storage versions && cd versions"
-su -l peertube -c "wget -q 'https://github.com/Chocobozzz/PeerTube/releases/download/${VERSION}/peertube-${VERSION}.zip'"
-su -l peertube -c "unzip peertube-${VERSION}.zip && rm peertube-${VERSION}.zip"
-su -l peertube -c "ln -s peertube-${VERSION} ./peertube-latest"
-su -l peertube -c "cd peertube-latest && yarn install --production --pure-lockfile"
-
-# Configure PeerTube.
-cp "${config_tree_prefix}/other_files/peertube_production.yaml" /var/www/peertube/config/production.yaml
-chown peertube:peertube /var/www/peertube/config/production.yaml
-sed -i "s/admin\@example\.com/${mail}/g" config/production.yaml
-sed -i "s/example\.com/${domain}/g" config/production.yaml
-sed -i "s/password: 'peertube'/password: '${db_pw}'/g" config/production.yaml
-
-# Set up letsencrypt certificate. TODO: Is it auto-renewed?
-ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-rm /etc/nginx/sites-enabled/default
-
-# Configure NGINX.
-cp /var/www/peertube/peertube-latest/support/nginx/peertube /etc/nginx/sites-available/peertube
-sed -i "s/peertube.example.com/${domain}/g" /etc/nginx/sites-available/peertube
-sed -i -E 's/^([[:space:]]*)(access_log|error_log)([[:space:]])/\1# \2\3/g' /etc/nginx/sites-available/peertube
-ln -s /etc/nginx/sites-available/peertube /etc/nginx/sites-enabled/peertube
-
-# Configure systemd and start PeerTube through it.
-cp /var/www/peertube/peertube-latest/support/systemd/peertube.service /etc/systemd/system/
-systemctl daemon-reload
-systemctl enable peertube
-systemctl start peertube
-
-# Restart NGINX.
-service nginx restart
diff --git a/archived/buster/setup_scripts/setup_play.sh b/archived/buster/setup_scripts/setup_play.sh
deleted file mode 100755 (executable)
index 2f3cb7d..0000000
+++ /dev/null
@@ -1,55 +0,0 @@
-#!/bin/sh
-set -e
-set -x
-
-if [ "$#" -lt 1 ]; then
-  echo "Need public key ID and optionally old server IP."
-  false
-fi
-gpg_key="$1"
-old_server="$2"
-
-config_tree_prefix="${HOME}/config/buster"
-./install_for_target.sh play
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" play
-cp "${config_tree_prefix}/other_files/weechatrc" /home/plom/.weechatrc
-cp "${config_tree_prefix}/other_files/weechat-wrapper.sh" /home/plom/
-cp "${config_tree_prefix}/other_files/weechatlogs_encrypter.sh" /home/plom/
-chown plom:plom /home/plom/*weechat*
-chown plom:plom /home/plom/.weechatrc
-echo "${gpg_key}" > /home/plom/.encrypt_target
-chown plom:plom /home/plom/.encrypt_target
-
-# TODO refactor with setup_website.sh
-# Add encryption key.
-keyservers='sks-keyservers.net/ keys.gnupg.net'
-set +e
-while true; do
-    do_break=0
-    for keyserver in $(echo "${keyservers}"); do
-        su plom -c "gpg --no-tty --keyserver $keyserver --recv-key ${gpg_key}"
-        if [ $? -eq "0" ]; then
-            do_break=1
-            break
-        fi
-        echo "Attempt with keyserver ${keyserver} unsuccessful, trying other."
-    done
-    if [ "${do_break}" -eq "1" ]; then
-        break
-    fi
-done
-set -e
-
-if [ "${old_server}" != "" ]; then
-  cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
-  su -lc "./prepare_to_meet_server.sh ${old_server}" plom
-  read -p'Hit Enter when you are done.' ignore
-  rm /home/plom/prepare_to_meet_server.sh
-  su -lc "scp plom@${old_server}:.ssh/authorized_keys .ssh/authorized_keys" plom
-  su -lc "scp plom@${old_server}:.weechatrc ~" plom
-  cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-  su -lc "./mirror_dir.sh ${old_server} /home/plom/weechatlogs" plom
-  rm /home/plom/mirror_dir.sh
-fi
-
-systemctl enable --now encrypt_chatlogs.timer
diff --git a/archived/buster/setup_scripts/setup_pleroma_otp.sh b/archived/buster/setup_scripts/setup_pleroma_otp.sh
deleted file mode 100755 (executable)
index 7a38d79..0000000
+++ /dev/null
@@ -1,94 +0,0 @@
-#!/bin/sh
-set -e
-# Heavily inspired by <https://docs.pleroma.social/otp_en.html>
-
-if [ "$#" -ne 2 ]; then
-    echo 'Need domain name, mail_address as arguments.'
-    false
-fi
-domain="$1"
-mail="$2"
-
-# Install dependencies, set up firewall.
-config_tree_prefix="${HOME}/config/buster"
-./install_for_target.sh web pleroma pleroma_otp
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web pleroma
-nft -f /etc/nftables.conf
-
-# Set up letsencrypt certificate. TODO: Is it auto-renewed?
-ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-rm /etc/nginx/sites-enabled/default
-
-# Prepare user.
-adduser --system --shell  /bin/false --home /opt/pleroma pleroma
-
-# Download and unzip latest stable release, set up Pleroma dirs.
-export FLAVOUR='amd64'
-su pleroma -s $SHELL -lc "
-curl 'https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=$FLAVOUR' -o /tmp/pleroma.zip
-unzip /tmp/pleroma.zip -d /tmp/
-"
-su pleroma -s $SHELL -lc "
-mv /tmp/release/* /opt/pleroma
-rmdir /tmp/release
-rm /tmp/pleroma.zip
-"
-mkdir -p /var/lib/pleroma/uploads
-chown -R pleroma /var/lib/pleroma
-mkdir -p /etc/pleroma
-chown -R pleroma /etc/pleroma
-
-# Configure and set up DB.
-su pleroma -s $SHELL -lc "./bin/pleroma_ctl instance gen \
---output /etc/pleroma/config.exs \
---output-psql /tmp/setup_db.psql \
---domain ${domain} \
---instance-name plom-roma \
---admin-email ${mail} \
---notify-email ${mail} \
---dbhost localhost \
---dbname pleroma \
---dbuser pleroma \
---db-configurable N \
---rum N \
---indexable Y \
---uploads-dir /var/lib/pleroma/uploads \
---static-dir /var/lib/pleroma/static \
---listen-ip 127.0.0.1 \
---listen-port 4000 \
---dbpass $(pwgen -s 100 1)"
-su postgres -s $SHELL -lc "psql -f /tmp/setup_db.psql"
-su pleroma -s $SHELL -lc "./bin/pleroma_ctl migrate"
-
-# Since the OTP release does not support .secret.exs configuration
-# files, we hack our own alternative by simply appending custom
-# configurations to /etc/config.exs.
-cat "${config_tree_prefix}/other_files/append_pleroma_config" >> /etc/pleroma/config.exs
-
-# Single-pixel picture hack for removing Pleroma FE images.
-cp "${config_tree_prefix}/other_files/pixel.png" /var/lib/pleroma/static/
-chown pleroma:nogroup /var/lib/pleroma/static/pixel.png
-
-# Info panel and TOS.
-#mkdir -p /var/lib/pleroma/static/instance
-#mkdir -p /var/lib/pleroma/static/static
-#cp "${config_tree_prefix}/other_files/pleroma_panel.html" /var/lib/pleroma/static/instance/panel.html
-#cp "${config_tree_prefix}/other_files/pleroma_terms-of-service.html" /var/lib/pleroma/static/static/terms-of-service.html
-#cp "${config_tree_prefix}/other_files/pleroma_robots.txt" /var/lib/pleroma/static/robots.txt
-
-# Hack to fix <https://git.pleroma.social/pleroma/pleroma/issues/1616>
-curl https://git.pleroma.social/pleroma/pleroma/-/raw/4271cfb81a8983f5ec6a878cab1fb3fbd164245d/priv/static/static/static-fe.css?inline=false >> /var/lib/pleroma/static/static/static-fe.css
-
-# Prepare NGINX config for Pleroma.
-cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx
-sed -i "s/example\.tld/${domain}/g" /etc/nginx/sites-available/pleroma.nginx
-ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx
-
-# Systemd integration.
-cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service
-systemctl start pleroma
-systemctl enable pleroma
-
-# Only restart NGINX with Pleroma running.
-service nginx restart
diff --git a/archived/buster/setup_scripts/setup_pleroma_source.sh b/archived/buster/setup_scripts/setup_pleroma_source.sh
deleted file mode 100755 (executable)
index 2385fb4..0000000
+++ /dev/null
@@ -1,94 +0,0 @@
-#!/bin/sh
-set -e
-set -x
-# Heavily inspired by <https://docs-develop.pleroma.social/backend/installation/debian_based_en/>
-
-if [ "$#" -ne 2 ]; then
-    echo 'Need domain name, mail_address as arguments.'
-    false
-fi
-domain="$1"
-mail="$2"
-
-# Install dependencies, configs, set up firewall.
-config_tree_prefix="${HOME}/config/buster"
-./install_for_target.sh web pleroma pleroma_source
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web pleroma
-nft -f /etc/nftables.conf
-
-# Prepare user.
-adduser --system --group --shell /bin/false --home /var/lib/pleroma pleroma
-
-# Setup Erlang.
-wget -P /tmp/ https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb
-dpkg -i /tmp/erlang-solutions_1.0_all.deb
-apt update
-apt -y install elixir erlang-dev erlang-tools erlang-parsetools erlang-eldap erlang-ssh erlang-xmerl
-
-mkdir -p /opt/pleroma
-chown -R pleroma:pleroma /opt/pleroma
-su pleroma -s $SHELL -lc 'git clone -b develop https://git.pleroma.social/pleroma/pleroma /opt/pleroma'
-su pleroma -s $SHELL -lc 'mix local.hex --force'
-su pleroma -s $SHELL -lc 'mix local.rebar --force'
-su pleroma -s $SHELL -lc "cd /opt/pleroma &&\
-mix deps.get &&\
-mix pleroma.instance gen \
---output config/generated_config.exs \
---output-psql /tmp/setup_db.psql \
---domain ${domain} \
---instance-name plomroma \
---admin-email ${mail} \
---notify-email ${mail} \
---dbhost localhost \
---dbname pleroma \
---dbuser pleroma \
---db-configurable N \
---rum N \
---indexable Y \
---uploads-dir /var/lib/pleroma/uploads \
---static-dir /var/lib/pleroma/static \
---listen-ip 127.0.0.1 \
---listen-port 4000 \
---dbpass $(pwgen -s 100 1) &&\
-mv config/{generated_config.exs,prod.secret.exs}"
-su postgres -s $SHELL -lc 'psql -f /tmp/setup_db.psql'
-su pleroma -s $SHELL -lc 'cd /opt/pleroma && MIX_ENV=prod mix ecto.migrate'
-
-# Add our own plom.exs and import it to prod.secret.exs
-echo '' >> /opt/pleroma/config/prod.secret.exs
-echo 'import_config "plom.exs"' >> /opt/pleroma/config/prod.secret.exs
-echo 'import Config' > /opt/pleroma/config/plom.exs
-cat "${config_tree_prefix}/other_files/append_pleroma_config" >> /opt/pleroma/config/plom.exs
-
-# Single-pixel picture hack for removing Pleroma FE images.
-cp "${config_tree_prefix}/other_files/pixel.png" /var/lib/pleroma/static/
-chown pleroma:nogroup /var/lib/pleroma/static/pixel.png
-
-# Info panel and TOS.
-#mkdir -p /var/lib/pleroma/static/instance
-#mkdir -p /var/lib/pleroma/static/static
-#cp "${config_tree_prefix}/other_files/pleroma_panel.html" /var/lib/pleroma/static/instance/panel.html
-#cp "${config_tree_prefix}/other_files/pleroma_terms-of-service.html" /var/lib/pleroma/static/static/terms-of-service.html
-#cp "${config_tree_prefix}/other_files/pleroma_robots.txt" /var/lib/pleroma/static/robots.txt
-
-# Upload directory. For some reason this does not exist yet here.
-mkdir -p /var/lib/pleroma/uploads
-chown pleroma:nogroup /var/lib/pleroma/uploads
-
-# Set up letsencrypt certificate. TODO: Is it auto-renewed?
-ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-rm /etc/nginx/sites-enabled/default
-
-# Prepare NGINX config for Pleroma.
-cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx
-sed -i "s/example\.tld/${domain}/g" /etc/nginx/sites-available/pleroma.nginx
-ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx
-
-# Systemd integration.
-cp /opt/pleroma/installation/pleroma.service /etc/systemd/system/pleroma.service
-systemctl start pleroma
-systemctl enable pleroma
-
-# Only restart NGINX with Pleroma running.
-service nginx restart
diff --git a/archived/buster/setup_scripts/setup_seedbox.sh b/archived/buster/setup_scripts/setup_seedbox.sh
deleted file mode 100755 (executable)
index 32c7791..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-set -e
-
-./install_for_target.sh seedbox
-
-# As according to <https://rtorrent-docs.readthedocs.io/en/latest/cookbook.html#modernized-configuration-template>
-su -lc "curl -Ls 'https://raw.githubusercontent.com/wiki/rakshasa/rtorrent/CONFIG-Template.md' | grep -A9999 '^######' | grep -B9999 '^### END' | sed -re \"s:/home/USERNAME:\$HOME:\" >~/.rtorrent.rc" plom
-su -lc "mkdir ~/rtorrent" plom
-
-# As according to <https://unix.stackexchange.com/a/475485>
-chmod u+s /usr/bin/screen
-chmod 755 /var/run/screen
diff --git a/archived/buster/setup_scripts/setup_server.sh b/archived/buster/setup_scripts/setup_server.sh
deleted file mode 100755 (executable)
index fa4cc6e..0000000
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh
-# Next setup steps for a server whose login policy has just been set from
-# the outside via ./init_user_and_keybased_login.sh.
-set -e
-
-# Provide maximum input for set_hostname_and_fqdn.sh.
-if [ "$#" -lt 2 ]; then
-    echo 'Need exactly two arguments (hostname, FQDN).'
-    false
-fi
-hostname="$1"
-fqdn="$2"
-additional_arg="$3"
-
-# Set up system without user environment.
-config_tree_prefix="${HOME}/config/buster"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-cd "${setup_scripts_dir}"
-./setup.sh "${hostname}" "${fqdn}" server "${additional_arg}"
-
-# If we have not yet set the shell for user plom, ensure it here. This
-# is mostly for convenience.
-usermod -s /bin/bash plom
-
-# Enable firewall.
-systemctl enable nftables.service
diff --git a/archived/buster/setup_scripts/setup_website.sh b/archived/buster/setup_scripts/setup_website.sh
deleted file mode 100755 (executable)
index d1dc91d..0000000
+++ /dev/null
@@ -1,137 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -ne 4 ] && [ "$#" -ne 5 ]; then
-    echo 'Need domain name and mail and key ID and init state and possibly old server IP as argument.'
-    false
-fi
-if [ ! "$4" = "copy" ] && [ ! "$4" = "new" ] && [ ! "$4" = "upgrade" ]; then
-    echo "Need init state to be either 'copy' or 'new' or 'upgrade'"
-    false
-fi
-if [ ! "$4" = "new" ] && [ "$#" -ne 5 ]; then
-    echo "With init state != 'new' need fifth argument old server IP."
-    false
-fi
-domain="$1"
-mail="$2"
-gpg_key="$3"
-init_state="$4"
-old_server="$5"
-
-# NOTE: init_state=upgrade is for migration from older stretch server setup
-
-# Install configs, set up firewall.
-config_tree_prefix="${HOME}/config/buster"
-./install_for_target.sh web website
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web website
-nft -f /etc/nftables.conf
-
-# Set up letsencrypt certificate. TODO: Is it auto-renewed?
-ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-rm /etc/nginx/sites-enabled/default
-
-# Set up connection to old server.
-if [ ! "${init_state}" = "new" ]; then
-  cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
-  chown plom:plom /home/plom/prepare_to_meet_server.sh
-  su -lc "./prepare_to_meet_server.sh ${old_server}" plom
-  read -p'Hit Enter when you are done.' ignore
-  rm /home/plom/prepare_to_meet_server.sh
-fi
-
-# Set up repos dir.
-# To use this dir, "git clone --mirror" repo source paths into it as user plom.
-# As user plom, touch git-daemon-export-ok files into it to make the repo
-# publically available.
-if [ "${init_state}" = "new" ]; then
-  mkdir /var/repos
-  chown plom:plom /var/repos
-else
-  cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-  chmod a+w /var
-  if [ "${init_state}" = "copy" ]; then
-    su -lc "./mirror_dir.sh ${old_server} /var/repos" plom
-  else
-    su -lc "./mirror_dir.sh ${old_server} /var/public_repos" plom
-  fi
-  chmod a-w /var
-  rm /home/plom/mirror_dir.sh
-fi
-
-# Prepare NGINX and GitWeb config.
-sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/gitweb.conf
-sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/website.nginx
-ln -s /etc/nginx/sites-available/website.nginx /etc/nginx/sites-enabled/website.nginx
-
-# Set up website. TODO: use non-/var/www dir for better separation to dump site
-rm -rf /var/www
-mkdir /var/www
-chown plom:plom /var/www
-if [ "${init_state}" = "upgrade" ]; then
-  # This assumes the old core.plomlompom.com filesystem hierarchy.
-  su -lc "cd /var/repos && git clone --mirror plom@core.plomlompom.com:repos/website" plom
-elif [ "${init_state}" = "new" ]; then
-  su -lc "cd /var/repos && git init --bare website.git" plom
-fi
-cp "${config_tree_prefix}/other_files/website_hook_post-receive" /var/repos/website.git/hooks/post-receive
-su -lc 'cd /var/www && git clone /var/repos/website.git .' plom
-
-# Add encryption key.
-keyservers='sks-keyservers.net/ keys.gnupg.net'
-set +e
-while true; do
-    do_break=0
-    for keyserver in $(echo "${keyservers}"); do
-        su plom -c "gpg --no-tty --keyserver $keyserver --recv-key ${gpg_key}"
-        if [ $? -eq "0" ]; then
-            do_break=1
-            break
-        fi
-        echo "Attempt with keyserver ${keyserver} unsuccessful, trying other."
-    done
-    if [ "${do_break}" -eq "1" ]; then
-        break
-    fi
-done
-set -e
-
-# Set up plomlombot.
-irclogs_dir=/var/www/html/irclogs
-irclogs_pw_dir=/var/www/irclogs_pw
-mkdir -p "${irclogs_dir}"
-chown -R plom:plom "${irclogs_dir}"
-mkdir -p "${irclogs_pw_dir}"
-chown -R plom:plom "${irclogs_pw_dir}"
-if [ "${init_state}" = "new" ]; then
-    # Handle the case that the repo is in the old pre-buster server setup –
-    # even then, the URL should be the same.
-  su -lc "cd /var/repos && git clone --mirror https://plomlompom.com/repos/clone/plomlombot-irc" plom
-  su -lc "touch /var/repos/plomlombot-irc.git/git-daemon-export-ok" plom
-  cp "${config_tree_prefix}/other_files/plomlombot_hook_post-receive" /var/repos/plomlombot-irc.git/hooks/post-receive
-fi
-su -lc "git clone /var/repos/plomlombot-irc.git" plom
-cp "${config_tree_prefix}/other_files/plomlombot_daemon.sh" /home/plom/
-chown plom:plom /home/plom/plomlombot_daemon.sh
-if [ "${init_state}" = "new" ]; then
-  echo 'bot: plomlombog plomlombog #plomlomtest irc.freenode.net foo bar' >> /home/plom/.plomlombot
-  chown plom:plom /home/plom/.plomlombot
-else
-  cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-  su -lc "./mirror_dir.sh ${old_server} /home/plom/plomlombot_db" plom
-  rm /home/plom/mirror_dir.sh
-  su -lc "scp plom@${old_server}:.plomlombot ~" plom
-  su -lc "ssh plom@${old_server} \"su -lc 'service plomlombot stop'\"" plom
-fi
-systemctl enable plomlombot.service
-service plomlombot start
-
-# In the above step, we might have created a root-owned /var/www/html –
-# fix this here.
-chown -R plom:plom /var/www/html
-
-# TODO:
-# - rename /home/plom/public_repos to /home/plom/repos
-
-service nginx restart
diff --git a/archived/buster/setup_scripts/update_pleroma_source.sh b/archived/buster/setup_scripts/update_pleroma_source.sh
deleted file mode 100755 (executable)
index cf63eb8..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-set -e
-set -x
-
-# Heavily inspired by <https://docs-develop.pleroma.social/backend/administration/updating/>
-su pleroma -s $SHELL -lc 'cd /opt/pleroma && git pull && mix deps.get'
-service pleroma stop
-su pleroma -s $SHELL -lc 'MIX_ENV=prod cd /opt/pleroma && mix ecto.migrate'
-service pleroma start
diff --git a/archived/buster/setup_scripts/upgrade_peertube.sh b/archived/buster/setup_scripts/upgrade_peertube.sh
deleted file mode 100755 (executable)
index 2f434a7..0000000
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/sh
-set -e
-
-# Heavily inspired by
-# <https://docs.joinpeertube.org/#/install-any-os?id=upgrade>
-
-# backup DB
-SQL_BACKUP_PATH="backup/sql-peertube_prod-$(date -Im).bak"
-cd /var/www/peertube/
-su peertube -c 'mkdir -p backup'
-su postgres -c "pg_dump -F c peertube_prod" | su peertube -c "tee ${SQL_BACKUP_PATH}" > /dev/null
-
-# Get new PeerTube version.
-VERSION=$(curl -s https://api.github.com/repos/chocobozzz/peertube/releases/latest | grep tag_name | cut -d '"' -f 4) && echo "Latest Peertube version is $VERSION"
-cd /var/www/peertube/versions
-su peertube -c "wget -q \"https://github.com/Chocobozzz/PeerTube/releases/download/${VERSION}/peertube-${VERSION}.zip\""
-su peertube -c "unzip -o peertube-${VERSION}.zip && rm peertube-${VERSION}.zip"
-
-# Yarn new PeerTube.
-su -l peertube -c "cd /var/www/peertube/versions/peertube-${VERSION} && yarn install --production --pure-lockfile"
-
-# Copy new default.yaml (TODO: find out what it does)
-su peertube -c "cp /var/www/peertube/versions/peertube-${VERSION}/config/default.yaml /var/www/peertube/config/default.yaml"
-
-set +e
-echo
-echo "Check differences between new and old production.yaml[.example]"
-diff /var/www/peertube/versions/peertube-${VERSION}/config/production.yaml.example /var/www/peertube/config/production.yaml
-echo
-set -e
-
-# Link new PeerTube as latest one.
-cd /var/www/peertube
-unlink ./peertube-latest
-su peertube -c "ln -s versions/peertube-${VERSION} ./peertube-latest"
-
-set +e
-echo
-echo "Check differences between new and old NGINX files"
-cd /var/www/peertube/versions
-diff "$(ls --sort=t | head -2 | tail -1)/support/nginx/peertube" "$(ls --sort=t | head -1)/support/nginx/peertube"
-echo
-echo "Check differences between new and old systemd unit files"
-diff "$(ls --sort=t | head -2 | tail -1)/support/systemd/peertube.service" "$(ls --sort=t | head -1)/support/systemd/peertube.service"
-echo
-set -e
-
-service peertube restart
diff --git a/archived/dotfiles/minimal/bashrc b/archived/dotfiles/minimal/bashrc
deleted file mode 100644 (file)
index 4a80025..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-# Bash as a non-login shell in non-POSIX-mode does not read in the startup
-# script at the path in $ENV. This forces it to still read in the ~/.shinit
-# startup script for non-login shells.
-
-. ~/.shinit
-
-export NVM_DIR="$HOME/.nvm"
-[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"  # This loads nvm
-[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion"  # This loads nvm bash_completion
diff --git a/archived/dotfiles/minimal/gitconfig b/archived/dotfiles/minimal/gitconfig
deleted file mode 100644 (file)
index 5cdc162..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-[user]
-       name = Christian Heller
-       email = c.heller@plomlompom.de
diff --git a/archived/dotfiles/minimal/profile b/archived/dotfiles/minimal/profile
deleted file mode 100644 (file)
index c39fc53..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-# Initialization for login shells.
-
-# Tell interactive shells to look in ~/.shinit for setup.
-ENV=$HOME/.shinit
-export ENV
-. $ENV
-
-export PATH="$HOME/.cargo/bin:$PATH"
diff --git a/archived/dotfiles/minimal/shinit b/archived/dotfiles/minimal/shinit
deleted file mode 100644 (file)
index 25d1396..0000000
+++ /dev/null
@@ -1,37 +0,0 @@
-# Settings for interactive shells.
-
-# Ensure shell truly is interactive to avoid confusing non-interactive shells.
-if [[ $- == *i* ]]; then
-
-    # Fancy colors for ls.
-    alias ls="ls --color=auto"
-
-    # Use vim as default editor for anything.
-    export VISUAL=vim
-    export EDITOR=$VISUAL
-
-    # Colored prompt with username, hostname, date/time, directory.
-    colornumber=7 # Default to white if no color set via colornumber dotfile.
-    colornumber_file=~/.shinit_color
-    if [ -f $colornumber_file ]; then
-        colornumber=`cat $colornumber_file`
-    fi
-    tput_color="$(tput setaf $colornumber)$(tput bold)"
-    tput_reset="$(tput sgr0)"
-    # Bash confuses the line length when not told to not count escape sequences.
-    if [ ! "$BASH" = "" ]; then
-        tput_color="\[$tput_color\]"
-        tput_reset="\[$tput_reset\]"
-    fi
-    PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $USER@$(hostname):"\$\(pwd\)"]$ $tput_reset"
-    PS2="${tput_color}> $tput_reset"
-    PS3="${tput_color}select: $tput_reset"
-    PS4="${tput_color}+ $tput_reset"
-
-    # Add local additions.
-    local_shinit_file=~/.shinit_add
-    if [ -f $local_shinit_file ]; then
-        . $local_shinit_file
-    fi
-
-fi
diff --git a/archived/dotfiles/minimal/vimrc b/archived/dotfiles/minimal/vimrc
deleted file mode 100644 (file)
index 8c923e6..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-" Activate syntax highlighting.
-syntax on
-filetype plugin on
-
-" Number lines.
-set number
-
-"" Don't add unsolicited final newline.
-"set binary
-
-" Indentation rules (tabs to 4 spaces).
-set expandtab
-set shiftwidth=2
-set softtabstop=2
-
-" Backups.
-set backup
-set backupdir=~/.vimbackups
-let myvar = strftime("%Y-%m-%d_%H-%M-%S")
-let myvar = "set backupext=_". myvar
-execute myvar
-
-" Keep syntax highlighting healthy.
-autocmd BufEnter * :syntax sync fromstart
-
-" Mark the 80-th column.
-set colorcolumn=80
-
-" Source additions
-source ~/.vimrc_add
diff --git a/archived/dotfiles/root/shinit_color b/archived/dotfiles/root/shinit_color
deleted file mode 100644 (file)
index d00491f..0000000
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/archived/dotfiles/root/vimrc_add b/archived/dotfiles/root/vimrc_add
deleted file mode 100644 (file)
index e69de29..0000000
diff --git a/archived/dotfiles/user/server/minimal/mailfilter b/archived/dotfiles/user/server/minimal/mailfilter
deleted file mode 100644 (file)
index ca0ef47..0000000
+++ /dev/null
@@ -1,25 +0,0 @@
-DEFAULT="$HOME/mail/new_inbox/"
-logfile "$HOME/.mailfilter.log"
-
-if ( /^To: .*heller@talon\.one.*/:D || /^Subject: .*Talon*/:D )
-{
-    DIR="$HOME/mail/talonone/"
-    `mkdir -p $DIR/{cur,new,tmp}`
-    to $DIR
-}
-
-if ( /^Subject: Postfix SMTP server: errors from /:D && \
-    /^From: Mail Delivery System <MAILER-DAEMON@plomlompom\.com>/:D && \
-    /^To: Postmaster <postmaster@plomlompom\.com>/:D )
-{
-    DIR="$HOME/mail/new_postfix_smtp_server_errors_from/"
-    `mkdir -p $DIR/{cur,new,tmp}`
-    to $DIR
-}
-
-if ( /^From: \"Nebenan\.de\" \<noreply@nebenan\.de\>/:D )
-{
-    DIR="$HOME/mail/nebenan_de/"
-    `mkdir -p $DIR/{cur,new,tmp}`
-    to $DIR
-}
diff --git a/archived/dotfiles/user/server/minimal/muttrc b/archived/dotfiles/user/server/minimal/muttrc
deleted file mode 100644 (file)
index d87fc08..0000000
+++ /dev/null
@@ -1,66 +0,0 @@
-# plomlompom's mutt configuration file
-
-# Define mailboxes.
-set mbox_type=Maildir
-set folder=/home/plom/mail
-set spoolfile=$folder/inbox
-set mbox=$folder/archive
-set record=$folder/sent
-set postponed=$folder/postponed
-
-# Move read messages from $spoolfile to $mbox.
-set move=yes
-
-# Macro to a mailboxes view built from all folders below ~/mail.
-macro index,pager y <change-folder>?<toggle-mailboxes>
-mailboxes `ls /home/plom/mail | sed -e 's/^/=/' | tr "\n" " "`
-
-# What goes into the default header display.
-ignore *
-unignore from: subject to cc date
-
-# Force some variables for From: and Message-ID: generation.
-set realname="Christian Heller"
-
-# Allow me to reply myself.
-set reply_self = yes
-
-# Only scroll in the current message, not across messages.
-set pager_stop = yes
-
-# Sort message top-down new-old.
-set sort=reverse-date
-
-# Ensure visibility of attachments. The second line handles (in an ugly way) the
-# issue of mails that use the content-type of multipart/alternative wrongly, by
-# omitting from the text/plain alternative relevant multimedia files attached to
-# the multipart/related alternative that contains text/html and said files. This
-# will in certain cases make the pager default to displaying the HTML variant of
-# a mail when a plain text one is available, but this is preferable to hiding
-# potentially important attachments.
-set index_format="%4C %Z %?X?[%X]&   ? %{%b %d} %-15.15L (%?l?%4l&%4c?) %s"
-alternative_order multipart/related text/plain text/html
-
-# Defaults from /usr/share/doc/mutt/examples/gpg.rc
-set pgp_decode_command="gpg --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f"
-set pgp_verify_command="gpg --status-fd=2 --no-verbose --quiet --batch --output - --verify %s %f"
-set pgp_decrypt_command="gpg --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f"
-set pgp_sign_command="gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --detach-sign --textmode %?a?-u %a? %f"
-set pgp_clearsign_command="gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f"
-set pgp_encrypt_only_command="/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f"
-set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
-set pgp_import_command="gpg --no-verbose --import %f"
-set pgp_export_command="gpg --no-verbose --export --armor %r"
-set pgp_verify_key_command="gpg --verbose --batch --fingerprint --check-sigs %r"
-set pgp_list_pubring_command="gpg --no-verbose --batch --quiet --with-colons --list-keys %r"
-set pgp_list_secring_command="gpg --no-verbose --batch --quiet --with-colons --list-secret-keys %r"
-set pgp_good_sign="^\\[GNUPG:\\] GOODSIG"
-
-# Further stuff from http://codesorcery.net/old/mutt/mutt-gnupg-howto
-set pgp_autosign=yes
-set pgp_sign_as=0x98F64A5F
-set pgp_replyencrypt=yes
-set pgp_timeout=1800
-
-# Promoting my public key.
-my_hdr X-PGP-Key: https://dump.plomlompom.com/dump/plomlompom.asc
diff --git a/archived/dotfiles/user/server/minimal/vimrc_add b/archived/dotfiles/user/server/minimal/vimrc_add
deleted file mode 100644 (file)
index e69de29..0000000
diff --git a/archived/dotfiles/user/server/personal/minimal/getmail/getmailrc b/archived/dotfiles/user/server/personal/minimal/getmail/getmailrc
deleted file mode 100644 (file)
index 0f89085..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-# plomlompom's getmail configuration
-
-# Where and how to get mail from.
-[retriever]
-type = SimplePOP3SSLRetriever
-server = mail.klostein.com
-username = c.heller@plomlompom.de
-
-# Let procmail take charge of incoming mail. Use user-defined rc file.
-[destination]
-type = MDA_external
-path = /usr/bin/procmail
-arguments = ("-m", "/home/plom/.procmailrc")
-
-# Delete retrieved mail from server.
-[options]
-delete = false
diff --git a/archived/dotfiles/user/server/personal/minimal/procmailrc b/archived/dotfiles/user/server/personal/minimal/procmailrc
deleted file mode 100644 (file)
index 91bcd36..0000000
+++ /dev/null
@@ -1,72 +0,0 @@
-# plomlompom's procmail configuration
-
-MAILDIR=/home/plom/mail
-DEFAULT=$MAILDIR/inbox/
-
-:0
-* ^To: Bisdahin <termin@bisdahin.de>
-bisdahin/
-
-:0
-* ^From: Doodle <mailer@doodle.com>
-doodle/
-
-:0
-* ^From: FetLife <donotreply@fetlifemail\.com>
-fetlife/
-
-:0
-* ^From: Flattr <no-reply@flattr.com>
-flattr/
-
-:0
-* ^From: noreply@statusnetondemand.net
-identica/
-
-:0
-* ^From: .*@linkedin\.com
-linkedin/
-
-:0
-* ^To: .*forum@detrans.de
-ML-detrans/
-
-:0
-* ^To: .*liste-ff-medien@gruene-jugend.de
-ML-gj-medien/
-
-:0
-* ^To: wann-klettern-wir@googlegroups\.com
-ML-klettern/
-
-:0
-* ^Subject: \[schildower-kreis-info\]
-schildower_kreis/
-
-:0
-* ^Subject: .*\[reflect-info\]
-reflect-info/
-
-:0
-* ^To: .*st-berlin@smjg.org
-ML-smjg-berlin/
-
-:0
-* ^Subject: Logwatch for plomlompom\.com \(Linux\)
-serverlogs/
-
-:0
-* ^Subject: ***SPAM***
-spam-suspect/
-
-:0
-* ^Subject: .*talon.*
-talonone/
-
-:0
-* ^From: Twitter 
-twitter/
-
-:0
-* ^From: Computerspielemuseum
-computerspielemuseum/
diff --git a/archived/dotfiles/user/server/personal/minimal/shinit_add b/archived/dotfiles/user/server/personal/minimal/shinit_add
deleted file mode 100644 (file)
index 02d6a99..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-# Server-specific .shinit additions. 
-
-# Wrapper for weechat to force local config file on it anew on each run.
-alias weechat="~/config/bin/weechat-wrapper.sh"
diff --git a/archived/dotfiles/user/server/personal/minimal/weechatrc b/archived/dotfiles/user/server/personal/minimal/weechatrc
deleted file mode 100644 (file)
index 3601d48..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-/set logger.file.path ~/weechatlogs
-/set logger.file.flush_delay 0
-/script install otr.py
-/set weechat.bar.status.items "[time],[buffer_last_number],[buffer_plugin],buffer_number+:+buffer_name+(buffer_modes)+{buffer_nicklist_count}+buffer_zoom+buffer_filter,[lag],[hotlist],completion,scroll,[otr]"
-/set weechat.color.chat_nick_colors "lightcyan"
-/server add localhost localhost
-/connect localhost
-/server del freenode
-/server add freenode irc.freenode.net -nicks=plomlompom,plomlomp0m,ploml0mp0m,pl0ml0mp0m -realname="Christian Heller" -autojoin=#nodrama.de,#twitter.de,#freie-gesellschaft,#zrolaps,#twtxt,#freakazoid,#nodrama.finance,#unordentlich
-/server add rizon irc.rizon.net -nicks=AlfredEdel,AlfredEde1,A1fredEdel,A1fredEde1 -autojoin=#8chan-deutsch,#mememagic -username=foo
-/server add quakenet irc.quakenet.org -nicks=plomlompom,plomlomp0m,ploml0mp0m,pl0ml0mp0m -realname="Christian Heller" -autojoin=#rgrd
-/connect freenode
-/connect rizon
diff --git a/archived/dotfiles/user/server/personal/plomlompom.com/shinit_color b/archived/dotfiles/user/server/personal/plomlompom.com/shinit_color
deleted file mode 100644 (file)
index b8626c4..0000000
+++ /dev/null
@@ -1 +0,0 @@
-4
diff --git a/archived/dotfiles/user/server/personal/test.plomlompom.com/shinit_color b/archived/dotfiles/user/server/personal/test.plomlompom.com/shinit_color
deleted file mode 100644 (file)
index 00750ed..0000000
+++ /dev/null
@@ -1 +0,0 @@
-3
diff --git a/archived/dotfiles/user/server/public/shinit_add b/archived/dotfiles/user/server/public/shinit_add
deleted file mode 100644 (file)
index 6db1bac..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-# Server-specific .shinit additions. 
-
-# Golang dev environment
-export GOPATH=~/gopath
diff --git a/archived/dotfiles/user/server/public/shinit_color b/archived/dotfiles/user/server/public/shinit_color
deleted file mode 100644 (file)
index 1e8b314..0000000
+++ /dev/null
@@ -1 +0,0 @@
-6
diff --git a/archived/dotfiles/user/thinkpad/W530/Xresources-local b/archived/dotfiles/user/thinkpad/W530/Xresources-local
deleted file mode 100644 (file)
index c0418e5..0000000
+++ /dev/null
@@ -1,40 +0,0 @@
-! font size
-XTerm*faceSize: 8
-xterm*VT100*faceSize1: 7
-xterm*VT100*faceSize2: 8
-xterm*VT100*faceSize3: 9
-xterm*VT100*faceSize4: 10
-xterm*VT100*faceSize5: 12
-xterm*VT100*faceSize6: 15
-
-! black
-*color0: #202020
-*color8: #3F3F3F
-
-! red
-*color1: #A82020 
-*color9: #E82020
-
-! green
-*color2: #20A820
-*color10: #20E820
-
-! yellow
-*color3: #A8A820
-*color11: #E8E820 
-
-! blue
-*color4: #3F3FFF
-*color12: #9F9FFF
-
-! magenta
-*color5: #A83FFF
-*color13: #E89FFF
-
-! cyan
-*color6: #3FA8FF
-*color14: #9FE8FF
-
-! white
-*color7: #A8A8A8
-*color15: #E8E8E8
diff --git a/archived/dotfiles/user/thinkpad/W530/i3status.conf b/archived/dotfiles/user/thinkpad/W530/i3status.conf
deleted file mode 100644 (file)
index f566ffe..0000000
+++ /dev/null
@@ -1,88 +0,0 @@
-# plomlompom's i3 status bar configuration
-
-# Activate colors; set update interval of one second.
-general {
-  colors = true
-  interval = 1
-}
-
-# Selection / order of status elements.
-order += "disk /"
-order += "disk /home"
-order += "wireless wlp3s0"
-order += "ethernet enp0s25"
-order += "battery 0"
-order += "cpu_usage"
-order += "load"
-order += "cpu_temperature 0"
-order += "cpu_temperature 1"
-order += "time"
-order += "volume master"
-
-# How much space is left in / ?
-disk "/" {
-  format = "/: %avail available of %total"
-  separator_block_width = 10
-}
-
-# How much space is left in /home ?
-disk "/home" {
-  format = "/home: %avail available of %total"
-  separator_block_width = 40
-}
-
-
-# WLAN status: show IP and connection quality or "down".
-wireless wlp3s0 {
-  format_up = "w: (%quality at %essid) %ip"
-  format_down = "w: down"
-  separator_block_width = 10
-}
-
-# Ethernet status: show IP or "down".
-ethernet enp0s25 {
-  format_up = "e: %ip"
-  format_down = "e: down"
-  separator_block_width = 40
-}
-
-# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
-battery 0 {
-  format = "b: %status %percentage %remaining"
-  separator_block_width = 40
-}
-
-# Show CPU usage.
-cpu_usage {
-  format = "cpu: %usage"
-  separator_block_width = 10
-}
-
-# Show system load during last 1/5/15 minutes.
-load {
-  format = "%1min %5min %15min"
-  separator_block_width = 40
-}
-
-# Show CPU temperature in degrees of celsius.
-cpu_temperature 0 {
-  format = "%degrees °C"
-  separator_block_width = 10
-}
-cpu_temperature 1 {
-  format = "%degrees °C"
-  separator_block_width = 40
-}
-
-# Show date/time/timezone as "year-month-day hour:minute:second
-# timezone_numeric/timezone_alphabetic".
-time {
-  format = "%Y-%m-%d %H:%M:%S %z/%Z"
-  separator_block_width = 40
-}
-
-volume master {
-  format = "♪: %volume"
-  format_muted = "♪: muted (%volume)"
-  separator_block_width = 40
-}
diff --git a/archived/dotfiles/user/thinkpad/X200s/Xresources-local b/archived/dotfiles/user/thinkpad/X200s/Xresources-local
deleted file mode 100644 (file)
index 32c741c..0000000
+++ /dev/null
@@ -1,34 +0,0 @@
-! font size
-XTerm*faceSize: 8
-
-! black
-*color0: #000000
-*color8: #3F3F3F
-
-! red
-*color1: #BF0000
-*color9: #FF0000
-
-! green
-*color2: #00BF00
-*color10: #00FF00
-
-! yellow
-*color3: #BFBF00
-*color11: #FFFF00
-
-! blue
-*color4: #3F3FFF
-*color12: #9F9FFF
-
-! magenta
-*color5: #BF3FFF
-*color13: #FFF9FF
-
-! cyan
-*color6: #3FBFFF
-*color14: #9FFFFF
-
-! white
-*color7: #BFBFBF
-*color15: #FFFFFF
diff --git a/archived/dotfiles/user/thinkpad/X200s/i3status.conf b/archived/dotfiles/user/thinkpad/X200s/i3status.conf
deleted file mode 100644 (file)
index dcc1ad0..0000000
+++ /dev/null
@@ -1,62 +0,0 @@
-# plomlompom's i3 status bar configuration
-
-# Activate colors; set update interval of one second.
-general {
-        colors = true
-        interval = 1
-}
-
-# Selection / order of status elements.
-order += "disk /"
-order += "disk /home"
-order += "wireless wls1"
-order += "ethernet enp0s25"
-order += "battery 0"
-order += "cpu_temperature 0"
-order += "load"
-order += "time"
-
-# How much space is left in / ?
-disk "/" {
-    format = "%free"
-}
-
-# How much space is left in /home ?
-disk "/home" {
-    format = "%free"
-}
-
-
-# WLAN status: show IP and connection quality or "down".
-wireless wls1 {
-        format_up = "W: (%quality at %essid) %ip"
-        format_down = "W: down"
-}
-
-# Ethernet status: show IP or "down".
-ethernet enp0s25 {
-        format_up = "E: %ip"
-        format_down = "E: down"
-}
-
-# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
-battery 0 {
-        format = "%status %percentage %remaining"
-}
-
-# Show CPU temperature in degrees of celsius.
-cpu_temperature 0 {
-        format = "T: %degrees °C"
-}
-
-# Show system load during last 1/5/15 minutes.
-load {
-    format = "L: %1min %5min %15min"
-}
-
-# Show date/time/timezone as "year-month-day hour:minute:second
-# timezone_numeric/timezone_alphabetic".
-time {
-
-    format = "%Y-%m-%d %H:%M:%S %z/%Z"
-}
diff --git a/archived/dotfiles/user/thinkpad/minimal/Xresources b/archived/dotfiles/user/thinkpad/minimal/Xresources
deleted file mode 100644 (file)
index a7d31f3..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-! font
-XTerm*faceName: -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1
-XTerm*reverseVideo: on
-XTerm*visualBell: on
-
-! proper ALT as META key treatment
-XTerm*eightBitInput:   false
diff --git a/archived/dotfiles/user/thinkpad/minimal/i3 b/archived/dotfiles/user/thinkpad/minimal/i3
deleted file mode 100644 (file)
index d388a23..0000000
+++ /dev/null
@@ -1,84 +0,0 @@
-# plomlompom's i3-wm configuration
-
-# Font for i3 text
-font pango:Terminus 11px
-#font -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1
-
-# Force "tabbed" as default layout for new windows.
-workspace_layout              tabbed
-
-# Make the Windows key the modifier key for all i3-wm actions.
-set                           $mod Mod4
-floating_modifier             $mod
-
-# Launch xterm.
-bindsym $mod+Return           exec xterm -r
-
-# Launch programs via dmenu.
-bindsym $mod+d                exec dmenu_run
-bindsym $mod+x                exec dmenu_run
-
-# Kill window.
-bindsym $mod+Shift+Q          kill
-
-# Move focus between windows.
-bindsym $mod+Left             focus left
-bindsym $mod+Down             focus down
-bindsym $mod+Up               focus up
-bindsym $mod+Right            focus right
-
-# Don't move focus with mouse.
-focus_follows_mouse           no
-
-# Move windows.
-bindsym $mod+Shift+Left       move left
-bindsym $mod+Shift+Down       move down
-bindsym $mod+Shift+Up         move up
-bindsym $mod+Shift+Right      move right
-
-# Resize windows
-bindsym $mod+h                resize shrink width 1 px or 1 ppt
-bindsym $mod+l                resize grow width 1 px or 1 ppt
-bindsym $mod+j                resize shrink height
-bindsym $mod+k                resize grow height
-
-# Toggle fullscreen for focused window.
-bindsym $mod+f                fullscreen
-
-# Toggle floating of window, focus on floating or tabbed windows.
-bindsym $mod+Shift+space      floating toggle
-bindsym $mod+space            focus mode_toggle
-
-# Switch to workspace x.
-bindsym $mod+1                workspace 1
-bindsym $mod+2                workspace 2
-bindsym $mod+3                workspace 3
-bindsym $mod+4                workspace 4
-bindsym $mod+5                workspace 5
-bindsym $mod+6                workspace 6
-bindsym $mod+7                workspace 7
-bindsym $mod+8                workspace 8
-bindsym $mod+9                workspace 9
-bindsym $mod+0                workspace 10
-
-# Move window to workspace x.
-bindsym $mod+Shift+exclam     move workspace 1
-bindsym $mod+Shift+quotedbl   move workspace 2
-bindsym $mod+Shift+section    move workspace 3
-bindsym $mod+Shift+dollar     move workspace 4
-bindsym $mod+Shift+percent    move workspace 5
-bindsym $mod+Shift+ampersand  move workspace 6
-bindsym $mod+Shift+slash      move workspace 7
-bindsym $mod+Shift+parenleft  move workspace 8
-bindsym $mod+Shift+parenright move workspace 9
-bindsym $mod+Shift+equal      move workspace 10
-
-# Reload i3 config file, restart (keeping sesion) i3, exit i3.
-bindsym $mod+Shift+C          reload
-bindsym $mod+Shift+R          restart
-bindsym $mod+Shift+P          exit
-
-# Select "i3status" as i3 status bar.
-bar {
-  status_command i3status | ~/config/bin/i3status_wrapper.py
-}
diff --git a/archived/dotfiles/user/thinkpad/minimal/pentadactylrc b/archived/dotfiles/user/thinkpad/minimal/pentadactylrc
deleted file mode 100644 (file)
index 5f62966..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-set! browser.startup.page=3
-set! privacy.donottrackheader.enabled=true
-set! network.cookie.lifetimePolicy=2
-set! browser.formfill.enable=false
-set! browser.block.target_new_window=true
-set! browser.download.lastDir=~/downloads
-"set! javascript.enabled=false
-"set! permissions.default.image=2
-set! general.useragent.override=foo
-set! signon.rememberSignons=false
-set! network.proxy.socks=localhost
-set! network.proxy.socks_port=9999
-set! network.proxy.type=1
-set go=CMsbr
-set showtabline=never
-highlight Hint -append font: "Droid Sans Mono"; margin: 0em; padding: 0.1em; padding-right: 0.2em; 
-command plom open http://www.plomlompom.de/PlomWiki/plomwiki.php?title=Start
-set fc=ignore
-set ds=duckduckgo
-set visualbell
diff --git a/archived/dotfiles/user/thinkpad/minimal/shinit_color b/archived/dotfiles/user/thinkpad/minimal/shinit_color
deleted file mode 100644 (file)
index 0cfbf08..0000000
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/archived/dotfiles/user/thinkpad/minimal/vimrc_add b/archived/dotfiles/user/thinkpad/minimal/vimrc_add
deleted file mode 100644 (file)
index 96acb52..0000000
+++ /dev/null
@@ -1 +0,0 @@
-" source ~/.vimrc_vimgo
diff --git a/archived/dotfiles/user/thinkpad/minimal/xinitrc b/archived/dotfiles/user/thinkpad/minimal/xinitrc
deleted file mode 100644 (file)
index 44d3822..0000000
+++ /dev/null
@@ -1,32 +0,0 @@
-# X init configuration
-
-# Set keymap.
-setxkbmap de
-
-# Read in X configuration.
-xrdb -merge ~/.Xresources
-xrdb -merge ~/.Xresources-local
-
-# Redshift to Berlin, Germany.
-redshift -rl 53:13 &
-
-# Enforce QWERTZ. (Why twice?)
-setxkbmap de
-
-# Use CapsLock as Ctrl, against the Emacs pinky.
-setxkbmap -option caps:ctrl_modifier
-
-# Set up compose key.
-xmodmap ~/.Xmodmap
-
-# Optionally, for certain Optimus systems with a first GPU connected to the
-# display and a second (NVidia) GPU providing 3D acceleration, use the first GPU
-# as sink for the second. This may confuse DPI settings, so re-set those.
-if [ "${NVIDIA_DIRECT}" ]; then
-  xrandr --setprovideroutputsource modesetting NVIDIA-0
-  xrandr --auto
-  xrandr --dpi 96
-fi
-
-# Launch window manager.
-i3 -c ~/.i3
diff --git a/archived/jessie_postinstall.sh b/archived/jessie_postinstall.sh
deleted file mode 100755 (executable)
index 0b628e5..0000000
+++ /dev/null
@@ -1,338 +0,0 @@
-#!/bin/sh
-set -x
-set -e
-
-if [ ! "$1" = "thinkpad" ] && [ ! "$1" = "server" ]; then
-    echo "Need argument."
-    false
-fi
-if [ "$1" = "thinkpad" ] && [ ! "$2" = "X200s" ] && [ ! "$2" = "T450s" ]; then
-    echo "Need Thinkpad type."
-    false
-fi
-if [ "$1" = "server" ] && [ ! "$2" = "personal" ] && [ ! "$2" = "public" ]; then
-    echo "Need server purpose."
-    false
-fi
-if [ "$2" = "personal" ] && [ ! "$3" = "test.plomlompom.com" ] && \
-    [ ! "$3" = "plomlompom.com" ]; then
-    echo "Need server domain"
-    false
-fi
-
-# Some important variables
-if [ "$3" = "plomlompom.com" ]; then
-    hostname="plomlompom"
-elif [ "$3" = "test.plomlompom.com" ]; then
-    hostname="test.plomlompom"
-elif [ "$2" = "public" ]; then
-    hostname="htwtxt.plomlompom"
-elif [ "$2" = "X200s" ]; then
-    hostname="X200s"
-elif [ "$2" = "T450s" ]; then
-    hostname="T450s"
-fi
-
-if [ "$1" = "server" ]; then
-    # Set root pw.
-    passwd
-fi
-
-# Post-installation reduction.
-dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed \
-    's/ required//' > list_white_unsorted 
-echo 'ifupdown' >> list_white_unsorted 
-echo 'isc-dhcp-client' >> list_white_unsorted
-sort list_white_unsorted > list_white
-dpkg-query -Wf '${Package}\n' > list_all_packages
-sort list_all_packages > foo
-mv foo list_all_packages
-comm -3 list_all_packages list_white > list_black
-apt-mark auto `cat list_black`
-echo 'APT::AutoRemove::RecommendsImportant "false";' > /etc/apt/apt.conf.d/99mindeps
-echo 'APT::AutoRemove::SuggestsImportant "false";' >> /etc/apt/apt.conf.d/99mindeps 
-DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
-rm list_all_packages list_white_unsorted list_white list_black 
-echo 'APT::Install-Recommends "false";' >> /etc/apt/apt.conf.d/99mindeps
-echo 'APT::Install-Suggests "false";' >> /etc/apt/apt.conf.d/99mindeps
-
-# Set hostname and FQDN.
-echo $hostname > /etc/hostname
-hostname $hostname
-if [ "$1" = "server" ]; then
-    echo '127.0.0.1 localhost' > /etc/hosts
-    ip=`hostname -I | cut -d " " -f 1`
-    echo "$ip $hostname.com $hostname" >> /etc/hosts
-
-    # Call dhclient on startup.
-    cat > /etc/systemd/system/dhclient.service << EOF
-[Unit]
-Description=Ethernet connection
-
-[Service]
-ExecStart=/sbin/dhclient eth0
-
-[Install]
-WantedBy=multi-user.target
-EOF
-    systemctl enable /etc/systemd/system/dhclient.service
-fi
-
-# Package management config, system upgrade.
-echo 'deb http://ftp.debian.org/debian/ jessie main contrib non-free' \
-    > /etc/apt/sources.list
-echo 'deb http://security.debian.org/ jessie/updates main contrib non-free' \
-    >> /etc/apt/sources.list
-echo 'deb http://ftp.debian.org/debian/ jessie-updates main contrib non-free' \
-    >> /etc/apt/sources.list
-if [ "$1" = "thinkpad" ] || [ "$2" = "public" ]; then
-    echo 'deb http://ftp.debian.org/debian/ jessie-backports main contrib' \
-' non-free' >> /etc/apt/sources.list
-    echo 'deb http://ftp.debian.org/debian/ testing main contrib non-free' \
-        >> /etc/apt/sources.list
-    echo 'deb http://security.debian.org/ testing/updates main contrib' \
-' non-free' >> /etc/apt/sources.list
-    echo 'deb http://ftp.debian.org/debian/ testing-updates main contrib' \
-' non-free' >> /etc/apt/sources.list
-    echo 'APT::Default-Release "stable";' \
-        >> /etc/apt/apt.conf.d/99defaultrelease
-fi
-if [ "$1" = "thinkpad" ]; then
-    dhclient eth0
-fi
-apt-get update
-apt-get -y dist-upgrade
-
-# Set up manuals.
-apt-get -y install man-db manpages less
-
-if [ "$1" = "thinkpad" ]; then
-    # Power management as per <http://thinkwiki.de/TLP_-_Linux_Stromsparen>.
-    echo '' >> /etc/apt/sources.list
-    echo 'deb http://repo.linrunner.de/debian jessie main' \
-        >> /etc/apt/sources.list
-    apt-key adv --keyserver pool.sks-keyservers.net --recv-keys CD4E8809
-    apt-get update
-    apt-get -y install linux-headers-amd64 tlp tp-smapi-dkms
-    sed -i 's/^#START_CHARGE_THRESH_BAT0/START_CHARGE_THRESH_BAT0=10 '\
-'#START_CHARGE_THRESH_BAT0/' /etc/default/tlp
-    sed -i 's/^#STOP_CHARGE_THRESH_BAT0/STOP_CHARGE_THRESH_BAT0=95 '\
-'#STOP_CHARGE_THRESH_BAT0/' /etc/default/tlp
-    sed -i 's/^#START_CHARGE_THRESH_BAT1/START_CHARGE_THRESH_BAT0=10 '\
-'#START_CHARGE_THRESH_BAT1/' /etc/default/tlp
-    sed -i 's/^#STOP_CHARGE_THRESH_BAT1/STOP_CHARGE_THRESH_BAT0=95 '\
-'#STOP_CHARGE_THRESH_BAT1/' /etc/default/tlp
-    sed -i 's/^#DEVICES_TO_DISABLE_ON_STARTUP/DEVICES_TO_DISABLE_ON_STARTUP='\
-'"bluetooth wifi wwan" #DEVICES_TO_DISABLE_ON_STARTUP/' /etc/default/tlp
-    tlp start
-fi
-
-# Don't clear boot messages on start up.
-sed -i 's/^TTYVTDisallocate=yes$/TTYVTDisallocate=no/g' \
-    /etc/systemd/system/getty.target.wants/getty\@tty1.service
-
-# Set up timezone.
-echo 'Europe/Berlin' > /etc/timezone
-cp /usr/share/zoneinfo/Europe/Berlin /etc/localtime
-
-# Locale config.
-apt-get -y install locales
-echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen
-locale-gen
-
-if [ "$1" = "thinkpad" ]; then
-    # Console config.
-    DEBIAN_FRONTEND=nointeractive apt-get -y install console-setup
-    echo 'ACTIVE_CONSOLES="/dev/tty[1-6]"' > /etc/default/console-setup
-    echo 'CHARMAP="UTF-8"' >> /etc/default/console-setup
-    echo 'CODESET="Lat15"' >> /etc/default/console-setup
-    echo 'FONTFACE="TerminusBold"' >> /etc/default/console-setup
-    echo 'FONTSIZE="8x16"' >> /etc/default/console-setup
-    echo 'export LC_ALL="en_US.UTF-8"' >> /etc/profile
-    sed -i 's/^XKBLAYOUT/XKBLAYOUT="de" # XKBLAYOUT/g' /etc/default/keyboard
-    service keyboard-setup restart
-fi
-
-# Clone git repository.
-apt-get -y install ca-certificates
-apt-get -y install git
-git clone http://github.com/plomlompom/config
-config/bin/symlink.sh
-
-# Add user. Remove old user's config/ if it exists.
-useradd -m -s /bin/bash plom
-rm -rf /home/plom/config
-su - plom -c 'git clone http://github.com/plomlompom/config /home/plom/config'
-su plom -c '/home/plom/config/bin/symlink.sh '$1' '$2' '$3
-
-# Allow user to sudo.
-if [ "$1" = "thinkpad" ]; then
-    apt-get -y install sudo
-    adduser plom sudo
-fi
-
-# Set up editor.
-mkdir -p .vimbackups
-su plom -c 'mkdir -p /home/plom/.vimbackups/'
-apt-get -y install vim
-
-if [ "$1" = "server" ]; then
-    # Set up ssh-guard.
-    apt-get -y install sshguard rsyslog
-
-    # Set up openssh-server.
-    apt-get -y install openssh-server
-
-    # Set up mail system.
-    su plom -c 'mkdir -p /home/plom/mail/'
-    su plom -c 'mkdir -p /home/plom/mail/inbox/{cur,new,tmp}'
-    su plom -c 'mkdir -p /home/plom/mail/new_inbox/{cur,new,tmp}'
-    sed -i 's/^delete = true$/delete = false/g' \
-        /home/plom/config/dotfiles/user/server/personal/minimal/getmail/getmailrc
-    DEBIAN_FRONTEND=noninteractive apt-get -y install mutt postfix maildrop
-    cp config/systemfiles/main.cf /etc/postfix/main.cf
-    sed -i 's/HOSTNAME/'$hostname.com'/g' /etc/postfix/main.cf
-    cp config/systemfiles/aliases /etc/aliases
-    newaliases
-    service postfix restart
-    if [ "$2" = "personal" ]; then
-        apt-get -y install getmail4 procmail
-    fi
-
-    # Set up regular system update reminder.
-    apt-get -y install cron
-    su plom -c "echo '0 18 * * 0 ~/config/bin/simplemail.sh '\
-        '~/config/mails/update_reminder' | crontab -"
-
-    if [ "$2" = "personal" ]; then
-        # Set up screen/weechat/OTR/bitlbee. Make bitlbee listen only locally.
-        apt-get -y install screen weechat-plugins python-potr bitlbee
-        sed -i 's/^# DaemonInterface/DaemonInterface = 127.0.0.1 '\
-'# DaemonInterface/' /etc/bitlbee/bitlbee.conf
-        sedtest=`grep -E '^DaemonInterface = 127.0.0.1 #' \
-            /etc/bitlbee/bitlbee.conf | wc -l | cut -d ' ' -f 1`
-        if [ 0 -eq $sedtest ]; then
-            false
-        fi
-        cp config/systemfiles/weechat.service \
-            /etc/systemd/system/weechat.service
-        systemctl enable /etc/systemd/system/weechat.service
-
-        # Send instructions mail.
-        config/bin/simplemail.sh config/mails/server_postinstall_finished
-
-    elif [ "$2" = "public" ]; then
-
-        # Set up htwtxt and environment.
-        apt-get -y install screen
-        apt-get -y -t jessie-backports install golang
-        su - plom -c 'git clone https://github.com/plomlompom/htwtxt $GOPATH/src/htwtxt'
-        su - plom -c 'go get htwtxt'
-        path=`su - plom -c 'echo $GOPATH/bin/htwtxt'`
-        su - plom -c 'mkdir -p ~/htwtxt'
-        cp config/systemfiles/htwtxt_restart_reminder.service \
-            /etc/systemd/system/htwtxt_restart_reminder.service
-        systemctl enable /etc/systemd/system/htwtxt_restart_reminder.service
-
-        # Set up nginx and letsencrypt.
-        apt-get -y install nginx
-        cp config/systemfiles/nginx.conf /etc/nginx/nginx.conf
-        cd ~
-        git clone https://github.com/letsencrypt/letsencrypt
-        echo '0 18 * * 0 ~/config/bin/renew_certs.sh' | crontab -
-
-        # Set up plomlombot.
-        apt-get -y install python3 python3-venv python3-pip
-        su - plom -c 'cd && git clone http://github.com/plomlompom/plomlombot-irc'
-        su - plom -c 'mkdir -p ~/plomlombot_db'
-        cp config/systemfiles/plomlombot.service \
-            /etc/systemd/system/plomlombot.service
-        systemctl enable /etc/systemd/system/plomlombot.service
-
-        # Set up plomlombot logging infrastructure.
-        mkdir -p /var/www/html/irclogs/
-        ln -s /home/plom/plomlombot_db/6f322d574618816aa2d6d1ceb4fd2551/3c0248e76a1de3a6ee5bf3421f7379b0/logs/ /var/www/html/irclogs/zrolaps
-        touch /var/www/password_irclogs_zrolaps
-        ln -s /home/plom/plomlombot_db/6f322d574618816aa2d6d1ceb4fd2551/657eea42f86866f2954d39f92a6c71ff/logs/ /var/www/html/irclogs/nodrama.de
-        touch /var/www/password_irclogs_nodrama_de
-        ln -s /home/plom/plomlombot_db/6f322d574618816aa2d6d1ceb4fd2551/a083c5d5efca3734294fa656692990b6/logs/ /var/www/html/irclogs/freakazoid
-        touch /var/www/password_irclogs_freakazoid
-
-        # Set up other web-served directories.
-        su - plom -c 'mkdir -p /home/plom/dump'
-        ln -s /home/plom/dump/ /var/www/html/dump
-        su - plom -c 'mkdir -p /home/plom/geheim'
-        ln -s /home/plom/geheim/ /var/www/html/geheim
-        su - plom -c 'mkdir -p /home/plom/lesekreis'
-        ln -s /home/plom/geheim/ /var/www/html/lesekreis
-        su - plom -c 'mkdir -p /home/plom/zettel'
-        ln -s /home/plom/zettel/ /var/www/html/zettel
-        su - plom -c 'git init --bare /home/plom/zettel.git'
-        su - plom -c 'cp ~/config/systemfiles/post-update ~/zettel.git/hooks/'
-        su - plom -c 'chmod a+x /home/plom/zettel.git/hooks/post-update'
-
-        # Install website generator tools
-        apt-get -y install pandoc wget
-        wget http://news.dieweltistgarnichtso.net/bin/archives/redo-sh.tar.gz
-        tar -oxzf redo-sh.tar.gz -C /usr/local
-        rm redo-sh.tar.gz
-        apt-get --purge autoremove wget
-    fi
-
-elif [ "$1" = "thinkpad" ]; then
-    # Set up networking (wifi!).
-    apt-get -y install firmware-iwlwifi
-    DEBIAN_FRONTEND=noninteractive apt-get -y install wicd-curses
-    sed -i 's/^wired_interface = .*$/wired_interface = eth0/g' \
-        /etc/wicd/manager-settings.conf
-    sed -i 's/^wireless_interface = .*$/wireless_interface = wlan0/g' \
-        /etc/wicd/manager-settings.conf
-    systemctl restart wicd
-
-    # Set up hibernation on lid close.
-    echo 'HandleLidSwitch=hibernate' >> /etc/systemd/logind.conf
-
-    # Set up sound.
-    usermod -aG audio plom
-    apt-get -y install alsa-utils
-    if [ "$2" = "X200s" ]; then
-        amixer -c 0 sset Master playback 100% unmute
-    elif [ "$2" = "T450s" ]; then
-        amixer -c 1 sset Master playback 100% unmute
-        # Re-order souncards so the commonly used one is the first one.
-        echo 'options snd_hda_intel index=1,0' >> /etc/modprobe.d/sound.conf
-    fi
-
-    # Set up window system, i3, redshift.
-    apt-get -y install xserver-xorg xinit xterm i3 i3status dmenu redshift
-
-    # Set up OpenGL and hardware acceleration.
-    if [ "$2" = "X200s" ]; then
-        apt-get -y install i965-va-driver
-    elif [ "$2" = "T450s" ]; then
-        apt-get -y -t jessie-backports install xserver-xorg-video-intel
-    fi
-    apt-get -y install libgl1-mesa-dri
-    usermod -aG video plom
-
-    # Install xrandr.
-    apt-get -y install x11-xserver-utils
-
-    # Set up pentadactyl. 
-    apt-get -y install iceweasel xul-ext-noscript
-    apt-get -y -t jessie-backports install xul-ext-pentadactyl
-    apt-get -y install vim-gtk
-    su plom -c 'mkdir -p /home/plom/downloads/'
-
-    # Set up openssh-client.
-    apt-get -y install openssh-client
-fi
-
-# Set password for user.
-passwd plom
-
-# Clean up.
-rm jessie_postinstall.sh
-
-# Finalize everything with a reboot.
-echo "You may reboot now with the 'reboot' command unless there's more to do."
diff --git a/archived/mails/htwtxt_restart b/archived/mails/htwtxt_restart
deleted file mode 100644 (file)
index 8247df9..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-[SYSADMIN] [HTWTXT] Restart reminder
-
-The virtual server hosting the htwtxt server was restarted, so the htwtxt server
-itself needs to be restarted too, via (in screen) its
-~/config/bin/start_htwtxt.sh.
diff --git a/archived/mails/server_postinstall_finished b/archived/mails/server_postinstall_finished
deleted file mode 100644 (file)
index 75253c9..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-[SYSADMIN] Server post-installation TODO
-
-The server post-installation script seems to have run successfully. Remember to
-perform the following tasks:
-
-- once when mail system set-up seems stable, in
-  config/dotfiles_user_server/getmail/getmailrc, set [options] delete = true
-
-- ensure the following DNS TXT record for @: v=spf1 mx -all
-
-- run (as root) config/bin/setup_opendkim.sh $selector to set up system for DKIM
-  key signing, with a second parameter $keyfile if a key already exists; without
-  second parameter, this will generate a new key and print the DNS record to add
-
-- run (as root) config/bin/setup_starttls.sh to set up server-side STARTTLS for
-  mail; optionally run with paths to 1) a key file and 2) a cert file as
-  arguments if those exist to re-use existing ones
-
-- in the screen weechat/bitlbee session (run "screen -dr"), switch to the
-  &bitlbee channel, register with a password ("register", "/oper . [password]"),
-  and set up Jabber account with password ("account add jabber
-  plomlompom@jabber.ccc.de", "/oper . [password]"), then activate it ("account
-  on")
diff --git a/archived/mails/update_reminder b/archived/mails/update_reminder
deleted file mode 100644 (file)
index 81dd02c..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-[SYSADMIN] System updating reminder
-
-This is your regular reminder to run:
-
-apt-get update
-apt-get upgrade
-apt-get dist-upgrade
diff --git a/archived/mails/weechat_restart_reminder b/archived/mails/weechat_restart_reminder
deleted file mode 100644 (file)
index 3aecea2..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-[SYSADMIN] weechat restarted, re-identify!
-
-Your weechat was restarted, so don't forget to re-identify on freenode to
-nickserv via "/msg nickserv identify [password]", and on bitlbee by joining
-&bitlbee, "identify", "/oper . [password]", and "account on".
diff --git a/archived/misc.sh b/archived/misc.sh
new file mode 100644 (file)
index 0000000..61ad026
--- /dev/null
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+local_etc_server="${config_tree_prefix}/etc_files/server"
+system_path_sshd_config='/etc/ssh/sshd_config'
+local_path_sshd_config="${local_etc_server}${system_path_sshd_config}"
+
+expect_n_args() {
+    min_args="$1"
+    explainer="$2"
+    shift 2
+    if [ "$#" -lt "${min_args}" ]; then
+        echo "Need at least ${min_args} arguments … ${explainer}"
+        false
+    fi
+}
+
diff --git a/archived/notes b/archived/notes
deleted file mode 100644 (file)
index 1dcf1b4..0000000
+++ /dev/null
@@ -1,54 +0,0 @@
-some stuff I need to incorporate later on:
-
-the blog post-update git hook:
-
-
-
-#!/bin/sh
-blog_dir=~/blog
-export GIT_DIR=$(pwd)
-export GIT_WORK_TREE="$blog_dir"
-git checkout -f
-cd "$GIT_WORK_TREE"
-redo
-git add metadata/author metadata/url metadata/title metadata/*.tmpl metadata/automatic_metadata captchas/linkable/*
-count=$(ls -1 metadata/*.automatic_metadata 2>/dev/null | wc -l)
-if [ "$count" != 0 ]; then
-  git add metadata/*.automatic_metadata
-fi
-status=$(git status -s)
-n_updates=$(printf "$status" | grep -vE '^\?\?' | wc -l)
-if [ "$n_updates" -gt 0 ]; then
-  git commit -a -m 'Update metadata'
-fi
-
-
-furthermore, the url_catcher virtualenv run.sh script needs this (to compile uwsgi):
-
-apt-get install python3.4-dev
-
-
-also, these:
-
-# /etc/systemd/system/url_catcher.service
-
-[Unit]
-Description=URL catcher
-
-[Service]
-Type=forking
-User=plom
-ExecStart=/bin/sh -c 'LC_ALL=en_US.UTF8 screen -d -m ~/url_catcher.sh'
-
-[Install]
-WantedBy=multi-user.target
-
-
-
-and url_catcher.sh:
-
-#!/bin/sh
-
-cd ~
-cd url-catcher
-./run.sh
diff --git a/archived/raspbian/.alsoftrc b/archived/raspbian/.alsoftrc
deleted file mode 100644 (file)
index 21db2a5..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-# for minetest sound to work
-[alsa]
-mmap = false
diff --git a/archived/raspbian/.asoundrc b/archived/raspbian/.asoundrc
deleted file mode 100644 (file)
index 46eb301..0000000
+++ /dev/null
@@ -1,73 +0,0 @@
-# using hdmi0 for TV stereo, hdmi1 for a 5.1 speaker set-up
-# unfortunately, a non-square speaker number creates some noise
-# therefore for hdmi1 we declare 8 speakers, but re-map them to 6 speakers 
-pcm.hdmi0 {
-  type hw
-  card 0
-}
-pcm.hdmi1 {
-  type route
-  slave {
-    pcm "hw:1,0"
-    channels 8
-  }
-  ttable {
-    0.0 = 1
-    1.1 = 1
-    2.2 = 1
-    3.3 = 1
-    4.4 = 1
-    5.5 = 1
-    6.0 = 0.5
-    6.2 = 0.5
-    7.1 = 0.5
-    7.3 = 0.5
-  }
-}
-
-# upmix stereo to 5.1 – so we can watch stereo YouTube on all speakers
-# with this: $ chromium-browser --alsa-output-device=stereo51
-# (numbers taken from <https://www.volkerschatz.com/noise/alsa.html>)   
-pcm.stereo51  {
-  type route
-  slave {
-    pcm "hw:1,0"
-    channels 8
-  }
-  ttable {
-    0.0 = 1
-    0.2 = -0.6
-    0.3 = -0.39
-    0.4 = 0.5
-    0.5 = 0.5
-    1.1 = 1
-    1.2 = -0.6
-    1.3 = -0.39
-    1.4 = 0.5
-    1.5 = 0.5
-  }
-}
-
-# default to hdmi0, overwrite with AUDIO_HDMI=1 env prefix
-pcm.!default {
-  type plug 
-  slave.pcm {
-    @func concat
-    strings [
-      "hdmi"
-      {
-        @func getenv
-        vars [ AUDIO_HDMI ]
-        default "0"
-      }
-    ]
-  } 
-}
-ctl.!default {
-  type hw 
-  card {
-    @func getenv
-    vars [ AUDIO_HDMI ]
-    default 0 
-  }
-}
diff --git a/archived/raspbian/.bash_aliases b/archived/raspbian/.bash_aliases
deleted file mode 100644 (file)
index 5036cb4..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-# for whatever reason, emulationstation gets some strange screen flicker issues
-# if the second display is activated, so ensure it is only started with that off
-alias emulationstation="xrandr --output HDMI-2 --off && emulationstation"
-
-# since the second HDMI only outputs sound with video, we have to ensure it's
-# activated with xrandr if we want to use it for surround sound setup
-alias mpv51="xrandr --output HDMI-2 --auto && AUDIO_HDMI=1 mpv --alsa-ignore-chmap '--audio-channels=5.1(alsa)'"
-alias chromium-upmix="xrandr --output HDMI-2 --auto && chromium-browser --alsa-output-device=stereo51"
-alias alsamixer51="AUDIO_HDMI=1 alsamixer"
-# see vlc -H why these
-alias vlc51="xrandr --output HDMI-2 --auto && vlc --alsa-audio-device=hdmi1 --alsa-audio-channels=4199"
diff --git a/archived/setup_go.sh b/archived/setup_go.sh
deleted file mode 100755 (executable)
index fc2f344..0000000
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-
-set -e
-set -x
-
-url=$1
-
-ensure_line() {
-    add_string="$1"
-    file="$2"
-    test=`grep "$add_string" "$file" | wc -l`
-    if [ $test -lt 1 ]; then
-        echo "$add_string" >> "$file"
-    fi
-}
-
-filename=temp_golang_binary
-
-if [ "$url" = "" ]; then
-    echo 'Need URL of current go package'
-    exit 1
-fi
-sudo rm -rf /usr/local/go
-sudo apt-get -y install wget
-wget -O $filename $url
-sudo tar -C /usr/local -xzf $filename
-rm $filename
-ensure_line 'export PATH=$PATH:/usr/local/go/bin' ~/.shinit_add
-ensure_line 'export GOPATH=~/gopath' ~/.shinit_add
-sudo apt-get -y install vim-pathogen
-rm -rf ~/.vim/bundle/vim-go
-git clone https://github.com/fatih/vim-go.git ~/.vim/bundle/vim-go
-ensure_line 'source ~/.vimrc_vimgo' ~/.vimrc_add
-cat << EOF > ~/.vimrc_vimgo
-" vim-go: Make vim-go run.
-call pathogen#infect()
-let g:go_disable_autoinstall = 0
-" vim-go: Highlight
-let g:go_highlight_functions = 1
-let g:go_highlight_methods = 1
-let g:go_highlight_structs = 1
-let g:go_highlight_operators = 1
-let g:go_highlight_build_constraints = 1
-EOF
diff --git a/archived/stretch/apt-mark/seedbox b/archived/stretch/apt-mark/seedbox
deleted file mode 100644 (file)
index 37b941e..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-# needed for rtorrent config setup
-curl
-# needed for torrenting
-rtorrent
-# needed for torrenting session
-screen
-# needed for upload/download
-rsync
diff --git a/archived/stretch/etc_files/server/etc/ssh/sshd_config b/archived/stretch/etc_files/server/etc/ssh/sshd_config
deleted file mode 100644 (file)
index 89d08ac..0000000
+++ /dev/null
@@ -1,126 +0,0 @@
-#      $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
-
-# This is the sshd server system-wide configuration file.  See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented.  Uncommented options override the
-# default value.
-
-Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-PermitRootLogin no  # plomlompom's security rule
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#PubkeyAuthentication yes
-
-# Expect .ssh/authorized_keys2 to be disregarded by default in future.
-#AuthorizedKeysFile    .ssh/authorized_keys .ssh/authorized_keys2
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-#PasswordAuthentication yes
-#PermitEmptyPasswords no
-
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-ChallengeResponseAuthentication no
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-#GSSAPIStrictAcceptorCheck yes
-#GSSAPIKeyExchange no
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
-# PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin yes
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-X11Forwarding yes
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-PrintMotd no
-#PrintLastLog yes
-#TCPKeepAlive yes
-#UseLogin no
-#UsePrivilegeSeparation sandbox
-#PermitUserEnvironment no
-#Compression delayed
-#ClientAliveInterval 0
-#ClientAliveCountMax 3
-#UseDNS no
-#PidFile /var/run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
-
-# override default of no subsystems
-Subsystem sftp /usr/lib/openssh/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-#      X11Forwarding no
-#      AllowTcpForwarding no
-#      PermitTTY no
-#      ForceCommand cvs server
-
-ClientAliveInterval 120
-PasswordAuthentication no  # plomlompom's security rule
diff --git a/archived/stretch/setup_scripts/init_user_and_keybased_login.sh b/archived/stretch/setup_scripts/init_user_and_keybased_login.sh
deleted file mode 100755 (executable)
index cea582f..0000000
+++ /dev/null
@@ -1,56 +0,0 @@
-#!/bin/sh
-# This script turns a fresh server with password-based root access into
-# one of only key-based access and only to new non-root account plom.
-#
-# CAUTION: This is optimized for a *fresh* setup. It will overwrite any
-# pre-existing ~/.ssh/authorized_keys of user plom with one that solely
-# contains the local ~/.ssh/id_rsa.pub, and also any old
-# /etc/ssh/sshd_config.
-#
-# Dependencies: ssh, scp, sshpass, ~/.ssh/id_rsa.pub, properly
-# configured sshd_config file in reach.
-set -e
-
-# Location of an sshd_config with "PermitRootLogin no" and
-# "PasswordAuthentication no".
-config_tree_prefix="${HOME}/public_repos/config/stretch"
-linkable_files_dir="${config_tree_prefix}/etc_files/server"
-system_path_sshd_config='/etc/ssh/sshd_config'
-local_path_sshd_config="${linkable_files_dir}${system_path_sshd_config}"
-
-# Ensure we have a server name as argument.
-if [ $# -eq 0 ]; then
-    echo "Need server as argument."
-    false
-fi
-server="$1"
-
-# This will be used to log-in as root from plom account.
-echo 'First, enter the old root password; then enter new password twice.'
-ssh root@"${server}" "passwd"
-
-# Save root password for sshpass
-stty -echo
-printf "Re-enter new server root password: "
-read PW_ROOT
-stty echo
-printf "\n"
-export SSHPASS="${PW_ROOT}"
-
-# Create user plom, and his ~/.ssh/authorized_keys based on the local
-# ~/.ssh/id_rsa.pub; ensure the result has proper permissions and
-# ownerships. Then disable root and pw login by copying over the
-# sshd_config and restart ssh daemon.
-#
-# This could be a line or two shorter by using ssh-copy-id, but that
-# would require setting a password for user plom otherwise not needed.
-sshpass -e scp ~/.ssh/id_rsa.pub root@"${server}":/tmp/authorized_keys
-sshpass -e ssh root@"${server}" \
-        'useradd -m plom && '\
-        'mkdir /home/plom/.ssh && '\
-        'chown plom:plom /home/plom/.ssh && '\
-        'chown plom:plom /tmp/authorized_keys && '\
-        'chmod u=rw,go= /tmp/authorized_keys && '\
-        'mv /tmp/authorized_keys /home/plom/.ssh/'
-sshpass -e scp "${local_path_sshd_config}" root@"${server}":"${system_path_sshd_config}"
-sshpass -e ssh root@"${server}" 'service ssh restart'
diff --git a/archived/stretch/setup_scripts/install_for_target.sh b/archived/stretch/setup_scripts/install_for_target.sh
deleted file mode 100755 (executable)
index 3a42c4d..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/sh
-# Walks through the package names in the argument-selected files of
-# apt-mark/ and ensures the respective packages are installed.
-#
-# Ignores anything in an apt-mark/ file after the last newline.
-set -e
-
-config_tree_prefix="${HOME}/config/stretch"
-aptmark_dir="${config_tree_prefix}/apt-mark"
-
-for target in "$@"; do
-    path="${aptmark_dir}/${target}"
-    # TODO: continue if file at $path not found, to get rid of dummy files
-    cat "${path}" | while read line; do
-        echo "$line"
-        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-            DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=--force-confold install "${line}"
-        fi
-    done
-done
diff --git a/archived/stretch/setup_scripts/setup_seedbox.sh b/archived/stretch/setup_scripts/setup_seedbox.sh
deleted file mode 100755 (executable)
index a2d2187..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-set -e
-
-./install_for_target.sh seedbox
-
-# As according to <https://rtorrent-docs.readthedocs.io/en/latest/cookbook.html#modernized-configuration-template>
-su -lc "curl -Ls 'https://raw.githubusercontent.com/wiki/rakshasa/rtorrent/CONFIG-Template.md' | grep -A9999 '^######' | grep -B9999 '^### END' | sed -re \"s:/home/USERNAME:\$HOME:\" >~/.rtorrent.rc" plom
-su -lc "echo 'pieces.hash.on_completion.set = no' >> ~/.rtorrent.rc" plom
-su -lc "mkdir ~/rtorrent" plom
-
-# As according to <https://unix.stackexchange.com/a/475485>
-chmod u+s /usr/bin/screen
-chmod 755 /var/run/screen
diff --git a/archived/systemfiles/aliases b/archived/systemfiles/aliases
deleted file mode 100644 (file)
index 59c52b4..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-# /etc/aliases
-
-# As per RFC 2142.
-mailer-daemon: plom
-postmaster: plom
-hostmaster: plom
-usenet: plom
-news: plom
-webmaster: plom
-www: plom
-ftp: plom
-abuse: plom
-noc: plom
-security: plom
-root: plom
-
-# Personal aliases.
-plomlompom: plom
-christian.heller: plom
-christian_heller: plom
-christianheller: plom
-c.heller: plom
-heller: plom
diff --git a/archived/systemfiles/htwtxt_restart_reminder.service b/archived/systemfiles/htwtxt_restart_reminder.service
deleted file mode 100644 (file)
index a1e0ad8..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-# /etc/systemd/system/weechat.service
-
-[Unit]
-Description=htwtxt restart reminder
-
-[Service]
-Type=forking
-User=plom
-ExecStart=/bin/sh -c '~/config/bin/simplemail_out.sh ~/config/mails/htwtxt_restart'
-
-[Install]
-WantedBy=multi-user.target
diff --git a/archived/systemfiles/main.cf b/archived/systemfiles/main.cf
deleted file mode 100644 (file)
index f1a7a8d..0000000
+++ /dev/null
@@ -1,16 +0,0 @@
-# /etc/postfix/main.cf
-
-# Use maildrop as MDA.
-mailbox_command = /usr/bin/maildrop
-
-# Restrictive relaying policy.
-smtpd_relay_restrictions = permit_mynetworks defer_unauth_destination
-
-# What domains to receive mail for: names of local server.
-mydestination = HOSTNAME, localhost
-
-# What clients to relay mail from: only local server.
-mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
-
-# Paranoid maximum error notification.
-notify_classes=2bounce, bounce, data, delay, policy, protocol, resource, software
diff --git a/archived/systemfiles/nginx.conf b/archived/systemfiles/nginx.conf
deleted file mode 100644 (file)
index 3def78d..0000000
+++ /dev/null
@@ -1,90 +0,0 @@
-# system integration
-user www-data;
-pid /run/nginx.pid;
-
-# is expected even if empty
-events {
-}
-
-http {
-        # define content-type headers
-        types {
-            text/html                             html htm shtml;
-            text/css                              css;
-            text/xml                              xml;
-            text/plain                            txt sh rst md;
-            application/xhtml+xml                 xhtml;
-            application/pdf                       pdf;
-            image/jpeg                            jpg jpeg;
-            image/png                             png;
-        }
-        default_type application/octet_stream;
-        charset utf-8;
-
-        # logging
-       access_log /var/log/nginx/access.log;
-       error_log /var/log/nginx/error.log;
-
-        # enforce https
-        server {
-                listen 80;
-                return 301 https://$host$request_uri;
-        }
-
-        # IRC logs
-        server {
-                listen 443 ssl;
-                server_name dump.plomlompom.com;
-                ssl_certificate /etc/letsencrypt/live/dump.plomlompom.com/fullchain.pem;
-                ssl_certificate_key /etc/letsencrypt/live/dump.plomlompom.com/privkey.pem;
-                root /var/www/html/;
-                location /zettel/ {
-                        # rewrite non-suffixed filenames to .html ones 
-                        rewrite ^(/zettel/(.*/)*[^./]+)$ $1.html;
-                        autoindex on;
-                }
-                location /dump/ {
-                        autoindex on;
-                }
-                location /geheim/ {
-                        auth_basic "geheim geheim";
-                        auth_basic_user_file /var/www/password_geheim;
-                        autoindex on;
-                }
-                location /irclogs/zrolaps/ {
-                        auth_basic "#zrolaps logs";
-                        auth_basic_user_file /var/www/password_irclogs_zrolaps;
-                        autoindex on;
-                }
-                location /irclogs/nodrama.de/ {
-                        auth_basic "#nodrama.de logs";
-                        auth_basic_user_file /var/www/password_irclogs_nodrama_de;
-                        autoindex on;
-                }
-                location /irclogs/freakazoid/ {
-                        auth_basic "#freakazoid logs";
-                        auth_basic_user_file /var/www/password_irclogs_freakazoid;
-                        autoindex on;
-                }
-                location /lesekreis/ {
-                        auth_basic "Quellen Lesekreis";
-                        auth_basic_user_file /var/www/password_lesekreis;
-                        autoindex on;
-                }
-                location /uwsgi/ {
-                        include uwsgi_params;
-                        uwsgi_pass 127.0.0.1:3031;
-                }
-        }
-
-        # htwtxt
-        server {
-                listen 443 ssl;
-                server_name htwtxt.plomlompom.com;
-                ssl_certificate /etc/letsencrypt/live/htwtxt.plomlompom.com/fullchain.pem;
-                ssl_certificate_key /etc/letsencrypt/live/htwtxt.plomlompom.com/privkey.pem;
-                location / {
-                        proxy_pass http://127.0.0.1:8000;
-                }
-        }
-}
diff --git a/archived/systemfiles/opendkim.conf b/archived/systemfiles/opendkim.conf
deleted file mode 100644 (file)
index 2bd3c19..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-# The domain for which mails are signed.
-Domain plomlompom.com
-
-# Location of the private key to sign mails with.
-KeyFile /etc/opendkim/dkim.key
-
-# Identifies the signing key; useful when replacing it.
-#Selector keyname
-
-# Canonicalize the body strictly for signing, but the header (more legitimately
-# subject to reformatting by forwarding servers) less so.
-Canonicalization relaxed/simple
-
-# Invalidate the signature of mails to which additional From fields were added
-# after the signing. (See RFC for details on how this works.)
-OversignHeaders From
-
-# Where to communicate with the MTA.
-Socket inet:12301@localhost
-
-# Don't act as root.
-UserID opendkim:opendkim
diff --git a/archived/systemfiles/plomlombot.service b/archived/systemfiles/plomlombot.service
deleted file mode 100644 (file)
index 8c992d8..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-# /etc/systemd/system/plomlombot.service
-
-[Unit]
-Description=plomlombot screen
-
-[Service]
-Type=forking
-User=plom
-ExecStart=/bin/sh -c 'LC_ALL=en_US.UTF8 screen -d -m ~/config/bin/plomlombot.sh && screen -d -m ~/config/bin/broiler_in.sh && screen -d -m ~/config/bin/hubbabubba.sh && screen -d -m ~/config/bin/zinskritik.sh'
-
-[Install]
-WantedBy=multi-user.target
diff --git a/archived/systemfiles/post-update b/archived/systemfiles/post-update
deleted file mode 100755 (executable)
index 3bea5b2..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-ZETTELDIR=/home/plom/zettel
-GIT_WORK_TREE=$ZETTELDIR git checkout -f
-cd $ZETTELDIR
-redo
diff --git a/archived/systemfiles/weechat.service b/archived/systemfiles/weechat.service
deleted file mode 100644 (file)
index 5fb3e0f..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-# /etc/systemd/system/weechat.service
-
-[Unit]
-Description=weechat screen
-
-[Service]
-Type=forking
-User=plom
-ExecStart=/bin/sh -c 'LC_ALL=en_US.UTF8 screen -d -m ~/config/bin/weechat-wrapper.sh'
-
-[Install]
-WantedBy=multi-user.target
diff --git a/archived/testing/apt-mark/all b/archived/testing/apt-mark/all
new file mode 100644 (file)
index 0000000..cf4af24
--- /dev/null
@@ -0,0 +1,14 @@
+# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client
+# unpredictably so
+ifupdown
+isc-dhcp-client
+# git for the setup directory; cloning works with ca-certificates
+ca-certificates
+git
+# to avoid constant warnings about no locale being found
+locales
+# extremely useful for basic network debugging; missed these more than once in an emergency
+netcat-traditional
+iputils-ping
+# to set the time
+ntpsec-ntpdate
diff --git a/archived/testing/apt-mark/h610m b/archived/testing/apt-mark/h610m
new file mode 100644 (file)
index 0000000..645086f
--- /dev/null
@@ -0,0 +1,10 @@
+# for X to start at all
+linux-headers-amd64
+nvidia-driver
+firmware-misc-nonfree
+# X input: keyboard
+xserver-xorg-input-evdev
+## CUDA
+#nvidia-cuda-dev
+#nvidia-cuda-toolkit
+
diff --git a/archived/testing/apt-mark/t490s b/archived/testing/apt-mark/t490s
new file mode 100644 (file)
index 0000000..9be8397
--- /dev/null
@@ -0,0 +1,3 @@
+# so we can work without the Ethernet adapter
+network-manager
+
diff --git a/archived/testing/apt-mark/user b/archived/testing/apt-mark/user
new file mode 100644 (file)
index 0000000..c390f17
--- /dev/null
@@ -0,0 +1,53 @@
+# to avoid booting problems with encrypted LVM, see <https://askubuntu.com/a/1105848>
+cryptsetup-initramfs
+lvm2
+# this provides setupcon which reads /etc/default/console-setup
+console-setup
+# for startx
+xinit
+# for xrdb
+x11-xserver-utils
+# for startx to run for non-root user
+libpam-systemd
+# window environment
+i3
+i3status
+suckless-tools
+xterm
+# to get sleepy at night
+redshift
+# for alsamixer
+alsa-utils
+# also useful
+vim
+sudo
+less
+man-db
+manpages
+procps
+# browsers
+firefox-esr
+chromium
+# tridactyl install recommendations
+vim-gtk3
+curl
+## for firefox to emit sound
+#pulseaudio
+# emacs
+emacs
+emacs-common-non-dfsg
+emacs-el
+elpa-ledger
+ledger
+# to mount encrypted USB stick and use its contents
+pmount
+cryptsetup
+openssh-client
+# for syncing
+borgbackup
+# mail setup
+isync
+notmuch
+elpa-notmuch
+pinentry-gtk2
+#
diff --git a/archived/testing/aptmark/h610m b/archived/testing/aptmark/h610m
new file mode 100644 (file)
index 0000000..645086f
--- /dev/null
@@ -0,0 +1,10 @@
+# for X to start at all
+linux-headers-amd64
+nvidia-driver
+firmware-misc-nonfree
+# X input: keyboard
+xserver-xorg-input-evdev
+## CUDA
+#nvidia-cuda-dev
+#nvidia-cuda-toolkit
+
diff --git a/archived/testing/aptmark/server b/archived/testing/aptmark/server
new file mode 100644 (file)
index 0000000..26e9be3
--- /dev/null
@@ -0,0 +1,3 @@
+# technically not necessarily anymore, but on older servers needed for playing nicely with foot, kept here more as a reminder than for any specific use
+foot-terminfo
+#
diff --git a/archived/testing/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies b/archived/testing/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies
new file mode 100644 (file)
index 0000000..4aaef79
--- /dev/null
@@ -0,0 +1,4 @@
+APT::AutoRemove::RecommendsImportant "false";
+APT::AutoRemove::SuggestsImportant "false";
+APT::Install-Recommends "false";
+APT::Install-Suggests "false";
diff --git a/archived/testing/etc_files/all/etc/apt/sources.list b/archived/testing/etc_files/all/etc/apt/sources.list
new file mode 100644 (file)
index 0000000..a270a56
--- /dev/null
@@ -0,0 +1,2 @@
+deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
+deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
diff --git a/archived/testing/etc_files/all/etc/default/locale b/archived/testing/etc_files/all/etc/default/locale
new file mode 100644 (file)
index 0000000..dd6eee3
--- /dev/null
@@ -0,0 +1 @@
+LANG="en_US.UTF-8"
diff --git a/archived/testing/etc_files/all/etc/locale.gen b/archived/testing/etc_files/all/etc/locale.gen
new file mode 100644 (file)
index 0000000..a28cfa4
--- /dev/null
@@ -0,0 +1,483 @@
+# This file lists locales that you wish to have built. You can find a list
+# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
+# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
+# this file, you need to rerun locale-gen.
+
+
+# aa_DJ ISO-8859-1
+# aa_DJ.UTF-8 UTF-8
+# aa_ER UTF-8
+# aa_ER@saaho UTF-8
+# aa_ET UTF-8
+# af_ZA ISO-8859-1
+# af_ZA.UTF-8 UTF-8
+# ak_GH UTF-8
+# am_ET UTF-8
+# an_ES ISO-8859-15
+# an_ES.UTF-8 UTF-8
+# anp_IN UTF-8
+# ar_AE ISO-8859-6
+# ar_AE.UTF-8 UTF-8
+# ar_BH ISO-8859-6
+# ar_BH.UTF-8 UTF-8
+# ar_DZ ISO-8859-6
+# ar_DZ.UTF-8 UTF-8
+# ar_EG ISO-8859-6
+# ar_EG.UTF-8 UTF-8
+# ar_IN UTF-8
+# ar_IQ ISO-8859-6
+# ar_IQ.UTF-8 UTF-8
+# ar_JO ISO-8859-6
+# ar_JO.UTF-8 UTF-8
+# ar_KW ISO-8859-6
+# ar_KW.UTF-8 UTF-8
+# ar_LB ISO-8859-6
+# ar_LB.UTF-8 UTF-8
+# ar_LY ISO-8859-6
+# ar_LY.UTF-8 UTF-8
+# ar_MA ISO-8859-6
+# ar_MA.UTF-8 UTF-8
+# ar_OM ISO-8859-6
+# ar_OM.UTF-8 UTF-8
+# ar_QA ISO-8859-6
+# ar_QA.UTF-8 UTF-8
+# ar_SA ISO-8859-6
+# ar_SA.UTF-8 UTF-8
+# ar_SD ISO-8859-6
+# ar_SD.UTF-8 UTF-8
+# ar_SS UTF-8
+# ar_SY ISO-8859-6
+# ar_SY.UTF-8 UTF-8
+# ar_TN ISO-8859-6
+# ar_TN.UTF-8 UTF-8
+# ar_YE ISO-8859-6
+# ar_YE.UTF-8 UTF-8
+# as_IN UTF-8
+# ast_ES ISO-8859-15
+# ast_ES.UTF-8 UTF-8
+# ayc_PE UTF-8
+# az_AZ UTF-8
+# be_BY CP1251
+# be_BY.UTF-8 UTF-8
+# be_BY@latin UTF-8
+# bem_ZM UTF-8
+# ber_DZ UTF-8
+# ber_MA UTF-8
+# bg_BG CP1251
+# bg_BG.UTF-8 UTF-8
+# bhb_IN.UTF-8 UTF-8
+# bho_IN UTF-8
+# bn_BD UTF-8
+# bn_IN UTF-8
+# bo_CN UTF-8
+# bo_IN UTF-8
+# br_FR ISO-8859-1
+# br_FR.UTF-8 UTF-8
+# br_FR@euro ISO-8859-15
+# brx_IN UTF-8
+# bs_BA ISO-8859-2
+# bs_BA.UTF-8 UTF-8
+# byn_ER UTF-8
+# ca_AD ISO-8859-15
+# ca_AD.UTF-8 UTF-8
+# ca_ES ISO-8859-1
+# ca_ES.UTF-8 UTF-8
+# ca_ES.UTF-8@valencia UTF-8
+# ca_ES@euro ISO-8859-15
+# ca_ES@valencia ISO-8859-15
+# ca_FR ISO-8859-15
+# ca_FR.UTF-8 UTF-8
+# ca_IT ISO-8859-15
+# ca_IT.UTF-8 UTF-8
+# ce_RU UTF-8
+# chr_US UTF-8
+# cmn_TW UTF-8
+# crh_UA UTF-8
+# cs_CZ ISO-8859-2
+# cs_CZ.UTF-8 UTF-8
+# csb_PL UTF-8
+# cv_RU UTF-8
+# cy_GB ISO-8859-14
+# cy_GB.UTF-8 UTF-8
+# da_DK ISO-8859-1
+# da_DK.UTF-8 UTF-8
+# de_AT ISO-8859-1
+# de_AT.UTF-8 UTF-8
+# de_AT@euro ISO-8859-15
+# de_BE ISO-8859-1
+# de_BE.UTF-8 UTF-8
+# de_BE@euro ISO-8859-15
+# de_CH ISO-8859-1
+# de_CH.UTF-8 UTF-8
+# de_DE ISO-8859-1
+# de_DE.UTF-8 UTF-8
+# de_DE@euro ISO-8859-15
+# de_IT ISO-8859-1
+# de_IT.UTF-8 UTF-8
+# de_LI.UTF-8 UTF-8
+# de_LU ISO-8859-1
+# de_LU.UTF-8 UTF-8
+# de_LU@euro ISO-8859-15
+# doi_IN UTF-8
+# dv_MV UTF-8
+# dz_BT UTF-8
+# el_CY ISO-8859-7
+# el_CY.UTF-8 UTF-8
+# el_GR ISO-8859-7
+# el_GR.UTF-8 UTF-8
+# en_AG UTF-8
+# en_AU ISO-8859-1
+# en_AU.UTF-8 UTF-8
+# en_BW ISO-8859-1
+# en_BW.UTF-8 UTF-8
+# en_CA ISO-8859-1
+# en_CA.UTF-8 UTF-8
+# en_DK ISO-8859-1
+# en_DK.ISO-8859-15 ISO-8859-15
+# en_DK.UTF-8 UTF-8
+# en_GB ISO-8859-1
+# en_GB.ISO-8859-15 ISO-8859-15
+# en_GB.UTF-8 UTF-8
+# en_HK ISO-8859-1
+# en_HK.UTF-8 UTF-8
+# en_IE ISO-8859-1
+# en_IE.UTF-8 UTF-8
+# en_IE@euro ISO-8859-15
+# en_IL UTF-8
+# en_IN UTF-8
+# en_NG UTF-8
+# en_NZ ISO-8859-1
+# en_NZ.UTF-8 UTF-8
+# en_PH ISO-8859-1
+# en_PH.UTF-8 UTF-8
+# en_SG ISO-8859-1
+# en_SG.UTF-8 UTF-8
+# en_US ISO-8859-1
+# en_US.ISO-8859-15 ISO-8859-15
+en_US.UTF-8 UTF-8
+# en_ZA ISO-8859-1
+# en_ZA.UTF-8 UTF-8
+# en_ZM UTF-8
+# en_ZW ISO-8859-1
+# en_ZW.UTF-8 UTF-8
+# eo UTF-8
+# es_AR ISO-8859-1
+# es_AR.UTF-8 UTF-8
+# es_BO ISO-8859-1
+# es_BO.UTF-8 UTF-8
+# es_CL ISO-8859-1
+# es_CL.UTF-8 UTF-8
+# es_CO ISO-8859-1
+# es_CO.UTF-8 UTF-8
+# es_CR ISO-8859-1
+# es_CR.UTF-8 UTF-8
+# es_CU UTF-8
+# es_DO ISO-8859-1
+# es_DO.UTF-8 UTF-8
+# es_EC ISO-8859-1
+# es_EC.UTF-8 UTF-8
+# es_ES ISO-8859-1
+# es_ES.UTF-8 UTF-8
+# es_ES@euro ISO-8859-15
+# es_GT ISO-8859-1
+# es_GT.UTF-8 UTF-8
+# es_HN ISO-8859-1
+# es_HN.UTF-8 UTF-8
+# es_MX ISO-8859-1
+# es_MX.UTF-8 UTF-8
+# es_NI ISO-8859-1
+# es_NI.UTF-8 UTF-8
+# es_PA ISO-8859-1
+# es_PA.UTF-8 UTF-8
+# es_PE ISO-8859-1
+# es_PE.UTF-8 UTF-8
+# es_PR ISO-8859-1
+# es_PR.UTF-8 UTF-8
+# es_PY ISO-8859-1
+# es_PY.UTF-8 UTF-8
+# es_SV ISO-8859-1
+# es_SV.UTF-8 UTF-8
+# es_US ISO-8859-1
+# es_US.UTF-8 UTF-8
+# es_UY ISO-8859-1
+# es_UY.UTF-8 UTF-8
+# es_VE ISO-8859-1
+# es_VE.UTF-8 UTF-8
+# et_EE ISO-8859-1
+# et_EE.ISO-8859-15 ISO-8859-15
+# et_EE.UTF-8 UTF-8
+# eu_ES ISO-8859-1
+# eu_ES.UTF-8 UTF-8
+# eu_ES@euro ISO-8859-15
+# eu_FR ISO-8859-1
+# eu_FR.UTF-8 UTF-8
+# eu_FR@euro ISO-8859-15
+# fa_IR UTF-8
+# ff_SN UTF-8
+# fi_FI ISO-8859-1
+# fi_FI.UTF-8 UTF-8
+# fi_FI@euro ISO-8859-15
+# fil_PH UTF-8
+# fo_FO ISO-8859-1
+# fo_FO.UTF-8 UTF-8
+# fr_BE ISO-8859-1
+# fr_BE.UTF-8 UTF-8
+# fr_BE@euro ISO-8859-15
+# fr_CA ISO-8859-1
+# fr_CA.UTF-8 UTF-8
+# fr_CH ISO-8859-1
+# fr_CH.UTF-8 UTF-8
+# fr_FR ISO-8859-1
+# fr_FR.UTF-8 UTF-8
+# fr_FR@euro ISO-8859-15
+# fr_LU ISO-8859-1
+# fr_LU.UTF-8 UTF-8
+# fr_LU@euro ISO-8859-15
+# fur_IT UTF-8
+# fy_DE UTF-8
+# fy_NL UTF-8
+# ga_IE ISO-8859-1
+# ga_IE.UTF-8 UTF-8
+# ga_IE@euro ISO-8859-15
+# gd_GB ISO-8859-15
+# gd_GB.UTF-8 UTF-8
+# gez_ER UTF-8
+# gez_ER@abegede UTF-8
+# gez_ET UTF-8
+# gez_ET@abegede UTF-8
+# gl_ES ISO-8859-1
+# gl_ES.UTF-8 UTF-8
+# gl_ES@euro ISO-8859-15
+# gu_IN UTF-8
+# gv_GB ISO-8859-1
+# gv_GB.UTF-8 UTF-8
+# ha_NG UTF-8
+# hak_TW UTF-8
+# he_IL ISO-8859-8
+# he_IL.UTF-8 UTF-8
+# hi_IN UTF-8
+# hne_IN UTF-8
+# hr_HR ISO-8859-2
+# hr_HR.UTF-8 UTF-8
+# hsb_DE ISO-8859-2
+# hsb_DE.UTF-8 UTF-8
+# ht_HT UTF-8
+# hu_HU ISO-8859-2
+# hu_HU.UTF-8 UTF-8
+# hy_AM UTF-8
+# hy_AM.ARMSCII-8 ARMSCII-8
+# ia_FR UTF-8
+# id_ID ISO-8859-1
+# id_ID.UTF-8 UTF-8
+# ig_NG UTF-8
+# ik_CA UTF-8
+# is_IS ISO-8859-1
+# is_IS.UTF-8 UTF-8
+# it_CH ISO-8859-1
+# it_CH.UTF-8 UTF-8
+# it_IT ISO-8859-1
+# it_IT.UTF-8 UTF-8
+# it_IT@euro ISO-8859-15
+# iu_CA UTF-8
+# ja_JP.EUC-JP EUC-JP
+# ja_JP.UTF-8 UTF-8
+# ka_GE GEORGIAN-PS
+# ka_GE.UTF-8 UTF-8
+# kk_KZ PT154
+# kk_KZ.RK1048 RK1048
+# kk_KZ.UTF-8 UTF-8
+# kl_GL ISO-8859-1
+# kl_GL.UTF-8 UTF-8
+# km_KH UTF-8
+# kn_IN UTF-8
+# ko_KR.EUC-KR EUC-KR
+# ko_KR.UTF-8 UTF-8
+# kok_IN UTF-8
+# ks_IN UTF-8
+# ks_IN@devanagari UTF-8
+# ku_TR ISO-8859-9
+# ku_TR.UTF-8 UTF-8
+# kw_GB ISO-8859-1
+# kw_GB.UTF-8 UTF-8
+# ky_KG UTF-8
+# lb_LU UTF-8
+# lg_UG ISO-8859-10
+# lg_UG.UTF-8 UTF-8
+# li_BE UTF-8
+# li_NL UTF-8
+# lij_IT UTF-8
+# ln_CD UTF-8
+# lo_LA UTF-8
+# lt_LT ISO-8859-13
+# lt_LT.UTF-8 UTF-8
+# lv_LV ISO-8859-13
+# lv_LV.UTF-8 UTF-8
+# lzh_TW UTF-8
+# mag_IN UTF-8
+# mai_IN UTF-8
+# mg_MG ISO-8859-15
+# mg_MG.UTF-8 UTF-8
+# mhr_RU UTF-8
+# mi_NZ ISO-8859-13
+# mi_NZ.UTF-8 UTF-8
+# mk_MK ISO-8859-5
+# mk_MK.UTF-8 UTF-8
+# ml_IN UTF-8
+# mn_MN UTF-8
+# mni_IN UTF-8
+# mr_IN UTF-8
+# ms_MY ISO-8859-1
+# ms_MY.UTF-8 UTF-8
+# mt_MT ISO-8859-3
+# mt_MT.UTF-8 UTF-8
+# my_MM UTF-8
+# nan_TW UTF-8
+# nan_TW@latin UTF-8
+# nb_NO ISO-8859-1
+# nb_NO.UTF-8 UTF-8
+# nds_DE UTF-8
+# nds_NL UTF-8
+# ne_NP UTF-8
+# nhn_MX UTF-8
+# niu_NU UTF-8
+# niu_NZ UTF-8
+# nl_AW UTF-8
+# nl_BE ISO-8859-1
+# nl_BE.UTF-8 UTF-8
+# nl_BE@euro ISO-8859-15
+# nl_NL ISO-8859-1
+# nl_NL.UTF-8 UTF-8
+# nl_NL@euro ISO-8859-15
+# nn_NO ISO-8859-1
+# nn_NO.UTF-8 UTF-8
+# nr_ZA UTF-8
+# nso_ZA UTF-8
+# oc_FR ISO-8859-1
+# oc_FR.UTF-8 UTF-8
+# om_ET UTF-8
+# om_KE ISO-8859-1
+# om_KE.UTF-8 UTF-8
+# or_IN UTF-8
+# os_RU UTF-8
+# pa_IN UTF-8
+# pa_PK UTF-8
+# pap_AW UTF-8
+# pap_CW UTF-8
+# pl_PL ISO-8859-2
+# pl_PL.UTF-8 UTF-8
+# ps_AF UTF-8
+# pt_BR ISO-8859-1
+# pt_BR.UTF-8 UTF-8
+# pt_PT ISO-8859-1
+# pt_PT.UTF-8 UTF-8
+# pt_PT@euro ISO-8859-15
+# quz_PE UTF-8
+# raj_IN UTF-8
+# ro_RO ISO-8859-2
+# ro_RO.UTF-8 UTF-8
+# ru_RU ISO-8859-5
+# ru_RU.CP1251 CP1251
+# ru_RU.KOI8-R KOI8-R
+# ru_RU.UTF-8 UTF-8
+# ru_UA KOI8-U
+# ru_UA.UTF-8 UTF-8
+# rw_RW UTF-8
+# sa_IN UTF-8
+# sat_IN UTF-8
+# sc_IT UTF-8
+# sd_IN UTF-8
+# sd_IN@devanagari UTF-8
+# se_NO UTF-8
+# sgs_LT UTF-8
+# shs_CA UTF-8
+# si_LK UTF-8
+# sid_ET UTF-8
+# sk_SK ISO-8859-2
+# sk_SK.UTF-8 UTF-8
+# sl_SI ISO-8859-2
+# sl_SI.UTF-8 UTF-8
+# so_DJ ISO-8859-1
+# so_DJ.UTF-8 UTF-8
+# so_ET UTF-8
+# so_KE ISO-8859-1
+# so_KE.UTF-8 UTF-8
+# so_SO ISO-8859-1
+# so_SO.UTF-8 UTF-8
+# sq_AL ISO-8859-1
+# sq_AL.UTF-8 UTF-8
+# sq_MK UTF-8
+# sr_ME UTF-8
+# sr_RS UTF-8
+# sr_RS@latin UTF-8
+# ss_ZA UTF-8
+# st_ZA ISO-8859-1
+# st_ZA.UTF-8 UTF-8
+# sv_FI ISO-8859-1
+# sv_FI.UTF-8 UTF-8
+# sv_FI@euro ISO-8859-15
+# sv_SE ISO-8859-1
+# sv_SE.ISO-8859-15 ISO-8859-15
+# sv_SE.UTF-8 UTF-8
+# sw_KE UTF-8
+# sw_TZ UTF-8
+# szl_PL UTF-8
+# ta_IN UTF-8
+# ta_LK UTF-8
+# tcy_IN.UTF-8 UTF-8
+# te_IN UTF-8
+# tg_TJ KOI8-T
+# tg_TJ.UTF-8 UTF-8
+# th_TH TIS-620
+# th_TH.UTF-8 UTF-8
+# the_NP UTF-8
+# ti_ER UTF-8
+# ti_ET UTF-8
+# tig_ER UTF-8
+# tk_TM UTF-8
+# tl_PH ISO-8859-1
+# tl_PH.UTF-8 UTF-8
+# tn_ZA UTF-8
+# tr_CY ISO-8859-9
+# tr_CY.UTF-8 UTF-8
+# tr_TR ISO-8859-9
+# tr_TR.UTF-8 UTF-8
+# ts_ZA UTF-8
+# tt_RU UTF-8
+# tt_RU@iqtelif UTF-8
+# ug_CN UTF-8
+# uk_UA KOI8-U
+# uk_UA.UTF-8 UTF-8
+# unm_US UTF-8
+# ur_IN UTF-8
+# ur_PK UTF-8
+# uz_UZ ISO-8859-1
+# uz_UZ.UTF-8 UTF-8
+# uz_UZ@cyrillic UTF-8
+# ve_ZA UTF-8
+# vi_VN UTF-8
+# wa_BE ISO-8859-1
+# wa_BE.UTF-8 UTF-8
+# wa_BE@euro ISO-8859-15
+# wae_CH UTF-8
+# wal_ET UTF-8
+# wo_SN UTF-8
+# xh_ZA ISO-8859-1
+# xh_ZA.UTF-8 UTF-8
+# yi_US CP1255
+# yi_US.UTF-8 UTF-8
+# yo_NG UTF-8
+# yue_HK UTF-8
+# zh_CN GB2312
+# zh_CN.GB18030 GB18030
+# zh_CN.GBK GBK
+# zh_CN.UTF-8 UTF-8
+# zh_HK BIG5-HKSCS
+# zh_HK.UTF-8 UTF-8
+# zh_SG GB2312
+# zh_SG.GBK GBK
+# zh_SG.UTF-8 UTF-8
+# zh_TW BIG5
+# zh_TW.EUC-TW EUC-TW
+# zh_TW.UTF-8 UTF-8
+# zu_ZA ISO-8859-1
+# zu_ZA.UTF-8 UTF-8
diff --git a/archived/testing/etc_files/all/etc/timezone b/archived/testing/etc_files/all/etc/timezone
new file mode 100644 (file)
index 0000000..94d5acc
--- /dev/null
@@ -0,0 +1 @@
+Europe/Berlin
diff --git a/archived/testing/home_files/h610m/.xinitrc_bonus b/archived/testing/home_files/h610m/.xinitrc_bonus
new file mode 100644 (file)
index 0000000..1eaa7e8
--- /dev/null
@@ -0,0 +1,2 @@
+# Don't blank screen, as this will confuse the HDMI switch setup / lead to unrecoverable X sessions. 
+xset s noblank
diff --git a/archived/testing/home_files/minimal/.bashrc b/archived/testing/home_files/minimal/.bashrc
new file mode 100644 (file)
index 0000000..5c1d6b2
--- /dev/null
@@ -0,0 +1,30 @@
+# Settings for interactive shells.
+
+# Fancy colors for ls.
+alias ls="ls --color=auto"
+
+# Other helpful aliases
+alias sshauth='eval $(ssh-agent) && ssh-add'
+# alias xrandrbig='xrandr --output LVDS-1 --off'
+
+# Use vim as default editor for anything.
+export VISUAL=vim
+export EDITOR=$VISUAL
+
+# Colored prompt with username, hostname, date/time, directory.
+colornumber=7 # Default to white if no color set via colornumber dotfile.
+colornumber_file=~/.shell_prompt_color
+if [ -f $colornumber_file ]; then
+    colornumber=`cat $colornumber_file`
+fi
+tput_color="$(tput setaf $colornumber)$(tput bold)"
+tput_reset="$(tput sgr0)"
+# Bash confuses the line length when not told to not count escape sequences.
+if [ ! "$BASH" = "" ]; then
+    tput_color="\[$tput_color\]"
+    tput_reset="\[$tput_reset\]"
+fi
+PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset"
+PS2="${tput_color}> $tput_reset"
+PS3="${tput_color}select: $tput_reset"
+PS4="${tput_color}+ $tput_reset"
diff --git a/archived/testing/home_files/root/.shell_prompt_color b/archived/testing/home_files/root/.shell_prompt_color
new file mode 100644 (file)
index 0000000..d00491f
--- /dev/null
@@ -0,0 +1 @@
+1
diff --git a/archived/testing/home_files/user/.Xresources b/archived/testing/home_files/user/.Xresources
new file mode 100644 (file)
index 0000000..45b10af
--- /dev/null
@@ -0,0 +1,56 @@
+! otherwise various applications will assume merely 8 colors
+XTerm.termName: xterm-256color
+
+! font
+! actually, "mono" is already the default for faceName (it will
+! pick whatever fc-match mono delivers), but we need to set _some_
+! faceName to trigger XTerm activating TrueType fonts
+! (XTerm*fontRender by itself won't do the trick), and we want
+! TrueType fonts because, well, they scale better, and XTerm lets them
+! fall back on alternatives (hi there ttf-unifont) when a Unicode
+! glyph is not found
+XTerm*faceName: mono
+
+! white on black
+XTerm*reverseVideo: on
+
+! blink screen instead of sound
+XTerm*visualBell: on
+
+! proper ALT as META key treatment
+XTerm*eightBitInput: false
+
+! font sizes
+XTerm*faceSize: 8
+XTerm*faceSize1: 4
+XTerm*faceSize2: 5
+XTerm*faceSize3: 6
+XTerm*faceSize4: 8
+XTerm*faceSize5: 14
+XTerm*faceSize6: 25
+
+! colors
+! black
+XTerm*color0: #202020
+XTerm*color8: #3F3F3F
+! red
+XTerm*color1: #A82020
+XTerm*color9: #E82020
+! green
+XTerm*color2: #20A820
+XTerm*color10: #20E820
+! yellow
+XTerm*color3: #A8A820
+XTerm*color11: #E8E820
+! blue
+XTerm*color4: #3F3FFF
+XTerm*color12: #9F9FFF
+! magenta
+XTerm*color5: #A83FFF
+XTerm*color13: #E89FFF
+! cyan
+XTerm*color6: #3FA8FF
+XTerm*color14: #9FE8FF
+! white
+XTerm*color7: #A8A8A8
+XTerm*color15: #E8E8E8
diff --git a/archived/testing/home_files/user/.borgrepos b/archived/testing/home_files/user/.borgrepos
new file mode 100644 (file)
index 0000000..c40eee3
--- /dev/null
@@ -0,0 +1,4 @@
+plom@plomlompom.com
+plom@mail.plomlompom.com
+plom@play.plomlompom.com
+# file read ends at last newline
diff --git a/archived/testing/home_files/user/.config/i3/config b/archived/testing/home_files/user/.config/i3/config
new file mode 100644 (file)
index 0000000..7e4af34
--- /dev/null
@@ -0,0 +1,86 @@
+# plomlompom's i3-wm configuration
+
+# Font for i3 text
+font pango:Terminus 8px
+
+# Force "tabbed" as default layout for new windows.
+workspace_layout              tabbed
+
+# Make the Windows key the modifier key for all i3-wm actions.
+set                           $mod Mod4
+floating_modifier             $mod
+
+# Launch xterm.
+bindsym $mod+Return           exec xterm
+
+# Launch programs via dmenu.
+bindsym $mod+d                exec dmenu_run
+bindsym $mod+x                exec dmenu_run
+
+# Kill window.
+bindsym $mod+Shift+Q          kill
+
+# Move focus between windows.
+bindsym $mod+Left             focus left
+bindsym $mod+Down             focus down
+bindsym $mod+Up               focus up
+bindsym $mod+Right            focus right
+
+# Don't move focus with mouse.
+focus_follows_mouse           no
+
+# Move windows.
+bindsym $mod+Shift+Left       move left
+bindsym $mod+Shift+Down       move down
+bindsym $mod+Shift+Up         move up
+bindsym $mod+Shift+Right      move right
+
+# Resize windows
+bindsym $mod+h                resize shrink width 1 px or 1 ppt
+bindsym $mod+l                resize grow width 1 px or 1 ppt
+bindsym $mod+j                resize shrink height
+bindsym $mod+k                resize grow height
+
+# Toggle fullscreen for focused window.
+bindsym $mod+f                fullscreen
+
+# Toggle floating of window, focus on floating or tabbed windows.
+bindsym $mod+Shift+space      floating toggle
+bindsym $mod+space            focus mode_toggle
+
+# Switch to workspace x.
+bindsym $mod+1                workspace 1
+bindsym $mod+2                workspace 2
+bindsym $mod+3                workspace 3
+bindsym $mod+4                workspace 4
+bindsym $mod+5                workspace 5
+bindsym $mod+6                workspace 6
+bindsym $mod+7                workspace 7
+bindsym $mod+8                workspace 8
+bindsym $mod+9                workspace 9
+bindsym $mod+0                workspace 10
+
+# Move window to workspace x.
+bindsym $mod+Shift+exclam     move workspace 1
+bindsym $mod+Shift+quotedbl   move workspace 2
+bindsym $mod+Shift+section    move workspace 3
+bindsym $mod+Shift+dollar     move workspace 4
+bindsym $mod+Shift+percent    move workspace 5
+bindsym $mod+Shift+ampersand  move workspace 6
+bindsym $mod+Shift+slash      move workspace 7
+bindsym $mod+Shift+parenleft  move workspace 8
+bindsym $mod+Shift+parenright move workspace 9
+bindsym $mod+Shift+equal      move workspace 10
+
+# Reload i3 config file, restart (keeping sesion) i3, exit i3.
+bindsym $mod+Shift+C          reload
+bindsym $mod+Shift+R          restart
+bindsym $mod+Shift+P          exit
+
+# Select "i3status" as i3 status bar, hide systray icons.
+bar {
+  tray_output none
+  status_command i3status
+}
+
+include ~/.config/i3/config_bonus
diff --git a/archived/testing/home_files/user/.config/i3status/config b/archived/testing/home_files/user/.config/i3status/config
new file mode 100644 (file)
index 0000000..b9fb15f
--- /dev/null
@@ -0,0 +1,82 @@
+# plomlompom's i3 status bar configuration
+
+# Activate colors; set update interval of one second.
+general {
+  colors = true
+  interval = 1
+}
+
+# Selection / order of status elements.
+order += "disk /"
+order += "disk /home/"
+order += "wireless wlp3s0"
+order += "ethernet enp0s25"
+order += "battery 0"
+order += "cpu_usage"
+order += "load"
+order += "cpu_temperature 0"
+order += "time"
+order += "volume master"
+
+# How much space is left in / ?
+disk "/" {
+  format = "/: %avail available of %total"
+  separator_block_width = 25
+}
+
+# How much space is left in /home ?
+disk "/home/" {
+  format = "/home: %avail available of %total"
+  separator_block_width = 25
+}
+
+# WLAN status: show IP and connection quality or "down".
+wireless wlp3s0 {
+  format_up = "w: (%quality at %essid) %ip"
+  format_down = "w: down"
+  separator_block_width = 10
+}
+
+# Ethernet status: show IP or "down".
+ethernet enp0s25 {
+  format_up = "e: %ip"
+  format_down = "e: down"
+  separator_block_width = 25
+}
+
+# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
+battery 0 {
+  format = "b: %status %percentage %remaining"
+  separator_block_width = 25
+}
+
+# Show CPU usage.
+cpu_usage {
+  format = "cpu: %usage"
+  separator_block_width = 10
+}
+
+# Show system load during last 1/5/15 minutes.
+load {
+  format = "%1min %5min %15min"
+  separator_block_width = 25
+}
+
+# Show CPU temperature in degrees of celsius.
+cpu_temperature 0 {
+  format = "%degrees °C"
+  separator_block_width = 25
+}
+
+# Show date/time/timezone as "year-month-day hour:minute:second
+# timezone_numeric/timezone_alphabetic".
+time {
+  format = "%Y-%m-%d %H:%M:%S %z/%Z"
+  separator_block_width = 25
+}
+
+volume master {
+  format = "♪: %volume"
+  format_muted = "♪: muted (%volume)"
+  separator_block_width = 25
+}
diff --git a/archived/testing/home_files/user/.emacs.d/init.el b/archived/testing/home_files/user/.emacs.d/init.el
new file mode 100644 (file)
index 0000000..3868a75
--- /dev/null
@@ -0,0 +1,323 @@
+;; general layout
+;; ==============
+
+;; need no stinkin emacs help screen as start up, and no menu bar
+(setq inhibit-startup-screen t)
+(menu-bar-mode -1)
+
+;; highlight cursor line, parentheses
+(global-hl-line-mode 1)
+(show-paren-mode 1)
+
+;; show line numbers, use separator space
+(global-linum-mode)
+(setq linum-format "%d ")
+
+;; count cursor column, row in mode line
+(setq column-number-mode t)
+
+;; settings to make GUI tolerable
+(if window-system
+  (progn
+    (add-to-list 'default-frame-alist '(foreground-color . "white"))
+    (add-to-list 'default-frame-alist '(background-color . "black"))
+    (set-face-attribute 'default nil :height 80)
+    (scroll-bar-mode -1)
+    (setq visible-bell t)
+    (setq linum-format "%d")))
+
+;; use as default browser what XDG offers
+(setq-default browse-url-browser-function 'browse-url-xdg-open)
+
+
+
+;; general keybindings
+;; ===================
+
+;; create and use a minimal global map using just the self-insert command
+;; bindings and a selection of some to me very common keystrokes
+(setq minimal-map (make-sparse-keymap))
+(substitute-key-definition 'self-insert-command 'self-insert-command
+                           minimal-map global-map)
+(use-global-map minimal-map)
+(global-set-key (kbd "DEL") 'backward-delete-char-untabify)
+(global-set-key (kbd "RET") 'newline)
+(global-set-key (kbd "TAB") 'indent-for-tab-command)
+(global-set-key (kbd "<up>") 'previous-line)
+(global-set-key (kbd "<down>") 'next-line)
+(global-set-key (kbd "<left>") 'left-char)
+(global-set-key (kbd "<right>") 'right-char)
+(global-set-key (kbd "<prior>") 'scroll-down-command)
+(global-set-key (kbd "<next>") 'scroll-up-command)
+(global-set-key (kbd "M-x") 'execute-extended-command)
+(global-set-key (kbd "C-g") 'keyboard-quit)
+;(global-set-key (kbd "<f3>") 'kmacro-start-macro-or-insert-counter)
+;(global-set-key (kbd "<f4>") 'kmacro-end-or-call-macro)
+;; note how to switch back to the original map: (use-global-map global-map)
+(setq shr-map (make-sparse-keymap))  ; got annoying in elfeed-show on URLs
+
+
+
+;; minibuffer
+;; ==========
+
+;; incremental minibuffer completion
+(icomplete-mode 1)
+
+
+
+;; text editing
+;; ============
+
+;; tabs are evil
+(setq-default indent-tabs-mode nil)
+(setq-default tab-width 4)
+(setq indent-line-function 'insert-tab)
+
+;; show trailing whitespace
+(setq-default show-trailing-whitespace 1)
+
+;; on save, ask whether to ensure text file's last line ends in a
+;; newline character
+(setq require-final-newline 1)
+
+;; use dedicated directory for version-controlled, endless backups;
+;; never delete old versions
+(setq make-backup-files t
+      backup-directory-alist `(("." . "~/.emacs_backups"))
+      backup-by-copying t
+      version-control t
+      delete-old-versions 1)  ;; neither t nor nil: never delete
+
+
+;; package management
+;; ==================
+
+;; where we get packages from
+(setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/")
+                         ("melpa-unstable" . "https://melpa.org/packages/")
+                         ("melpa-stable" . "https://stable.melpa.org/packages/")))
+
+;; ensure certain packages are installed (actually, we use Debian repos here)
+;; credit to <https://stackoverflow.com/a/10093312>
+;(setq package-list '(elfeed ledger-mode))
+;(package-initialize)
+;(dolist (package package-list)
+;  (unless (package-installed-p package)
+;    (package-install package)))
+
+
+
+;;; window management
+;;; =================
+;
+;;; track window configurations to allow window config undo
+;(winner-mode 1)
+
+
+
+;; mail setup
+;; ==========
+
+(setq send-mail-function 'smtpmail-send-it)
+(setq smtpmail-smtp-server "mail.plomlompom.com")
+(setq smtpmail-smtp-service 465)
+(setq smtpmail-stream-type 'ssl)
+(setq smtpmail-smtp-user "plom")
+(setq mml-secure-openpgp-encrypt-to-self t)
+(add-hook 'message-setup-hook 'mml-secure-sign-pgpmime)
+
+;(setq gnutls-log-level 0)
+
+;; if we don't set this, we get this warning:
+;;   gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange
+;;   has been lowered to 256 bits and this may allow decryption of the session data
+(setq gnutls-min-prime-bits 1024)
+
+;; there is a WEIRD bug somewhere in /network-stream-open-tls/ that disappears the
+;; stream process, seemingly unless the /message/ function is called at the right
+;; place (earliest in /nsm-verify-connection/ right before the "cond" there, latest
+;; in /network-stream-get-response/ right after "(goto-char start)"; this works
+;; unless /inhibit_message/ is set, indicating that writing to the *Messages*
+;; buffer is not relevant, but maybe writing to the echo area is); activing the
+;; gnutls logging is just a hack to achieve such calls to /message/ in the
+;; /network-stream-open-tls/ flow.
+(setq gnutls-log-level 1) ; miraculously makes smtpmail work
+
+;; constructs From: domain if mail composer directly called (from without
+;; notmuch), but we don't actually intend to do that
+;(setq mail-host-address "plomlompom.com")
+
+;; otherwise notmuch becomes extremely slow in some cases
+(setq-default notmuch-show-indent-content nil)
+
+;; this only works if we use notmuch-mua-send instead of message-send
+(setq notmuch-fcc-dirs '(("plom@plomlompom.com" . "maildir/Sent")))
+
+;; this gets rid of "i-did-not-set--mail-host-address--so-tickle-me"
+;; in the message ID
+(setq mail-host-address "plomlompom.com")
+
+;; notmuch saved searches
+(setq notmuch-saved-searches
+      '((:name "inbox" :query "tag:unread and folder:inbox")
+        (:name "all" :query "tag:unread not folder:maildir/Trash")
+        (:name "plomlompom.de" :query "tag:unread and folder:maildir/plomlompom.de")
+        (:name "nebenan" :query "tag:unread and folder:maildir/nebenan")
+        (:name "reflect-info" :query "tag:unread and folder:maildir/reflect-info")
+        (:name "gmail" :query "tag:unread and folder:maildir/gmail.com")
+        (:name "mutter" :query "tag:unread and folder:maildir/mutter")))
+
+
+
+;; org mode
+;; ========
+
+;; unsure why, but to re-set the key map, we not only have to explicitely do it
+;; only after org-mode loading, but also have to explicitely overwrite the
+;; C-c keybinding; TODO: investigate
+(with-eval-after-load 'org
+    (setq org-mode-map (make-sparse-keymap))
+    (define-key org-mode-map (kbd "C-c") nil)
+    (define-key org-mode-map (kbd "TAB") 'org-cycle)
+    (define-key org-mode-map (kbd "<backtab>") 'org-shifttab))
+
+;; don't truncate lines by default
+(setq org-startup-truncated nil)
+
+;; basic org-capture config
+(setq org-capture-templates
+      '(("x" "test" plain (file "~/org/notes.org") "%T: %?")))
+(add-hook 'org-capture-mode-hook 'evil-insert-state)
+
+;; agenda view on startup
+(load-library "find-lisp")
+(setq org-agenda-files (find-lisp-find-files "~/org" "\.org$"))
+(setq org-agenda-span 90)
+(setq org-agenda-use-time-grid nil)
+(add-hook 'emacs-startup-hook (lambda ()
+                                 (org-agenda-list)
+                                 (switch-to-buffer "*Org Agenda*")
+                                 (other-window 1)))
+
+;;; for calendar, use ISO date style
+;(setq calendar-date-style 'iso)
+;(setq diary-number-of-entries 7)
+;(diary)
+;(setq org-agenda-time-grid '((today require-timed remove-match)
+;                             #("----------------" 0 16 (org-heading t))
+;                             (0 200 400 600 800 1000 1200
+;                                1400 1600 1800 2000 2200)))
+
+;; empty org-agenda-mode keybindings
+(add-hook 'org-agenda-mode-hook
+          (lambda ()
+            (setq org-agenda-mode-map (make-sparse-keymap))))
+(add-hook 'org-agenda-mode-hook
+          (lambda ()
+            (use-local-map (make-sparse-keymap))))
+
+;; org-publish-all
+(setq org-publish-project-alist
+      '(
+        ("website"
+         :base-directory "~/org/web/"
+         :base-extension "org"
+         :publishing-directory "~/html/"
+         :recursive t
+         :publishing-function org-html-publish-to-html
+         :headline-levels 4             ; Just the default for this project.
+         :auto-preamble t
+          )))
+
+;; use [ki:] syntax to hide stuff from exports
+(defun classify-information (text backend info)
+  "Replaces '[ki:WHATEVER]' with '[klassifizierte Information]'."
+  (replace-regexp-in-string "\\[ki:[^\]]*\]" "[klassifizierte Information]" text))
+(add-hook 'org-export-filter-plain-text-functions 'classify-information)
+
+;; add HTML validator link to exports
+(setq org-html-validation-link "<a href=\"https://validator.w3.org/check?uri=referer\">Validate</a>")
+
+
+
+;;; Info mode
+;;; =========
+
+(setq Info-mode-map (make-sparse-keymap))
+(define-key Info-mode-map (kbd "RET") 'Info-follow-nearest-node)
+(define-key Info-mode-map (kbd "u") 'Info-up)
+(define-key Info-mode-map (kbd "TAB") 'Info-next-reference)
+(define-key Info-mode-map (kbd "<backtab>") 'Info-prev-reference)
+(define-key Info-mode-map (kbd "H") 'Info-history-back)
+(define-key Info-mode-map (kbd "L") 'Info-history-forward)
+(define-key Info-mode-map (kbd "I") 'Info-goto-node)
+(define-key Info-mode-map (kbd "i") 'Info-index)
+
+
+
+;; help mode
+;; =========
+
+(setq help-mode-map (make-sparse-keymap))
+(define-key help-mode-map (kbd "TAB") 'forward-button)
+(define-key help-mode-map (kbd "RET") 'help-follow)
+(define-key help-mode-map (kbd "<backtab>") 'backward-button)
+
+
+
+; ;; elfeed
+; ;; ======
+; 
+; (require 'elfeed)  ; needed so we can set the font faces
+; (set-face-background 'elfeed-search-title-face "magenta")
+; (set-face-background 'elfeed-search-unread-count-face "magenta")
+; (setq elfeed-feeds
+;       '("https://capsurvival.blogspot.com/feeds/posts/default"
+;         "https://jungle.world/rss.xml"
+;         "http://news.dieweltistgarnichtso.net/bin/index.xml"
+;         "https://taz.de/!s=&ExportStatus=Intern&SuchRahmen=Online;rss/"
+;         "http://www.tagesschau.de/xml/atom"))
+; (setq elfeed-search-mode-map (make-sparse-keymap))
+; (define-key elfeed-search-mode-map (kbd "RET") 'elfeed-search-show-entry)
+; (defun elfeed-search-mark-as-read() (interactive)
+;   (elfeed-search-untag-all 'unread))
+; (define-key elfeed-search-mode-map (kbd "r") 'elfeed-search-mark-as-read)
+; (define-key elfeed-search-mode-map (kbd "R") 'elfeed-search-tag-all-unread)
+; (define-key elfeed-search-mode-map (kbd "f") 'elfeed-search-live-filter)
+; (define-key elfeed-search-mode-map (kbd "u") 'elfeed-update)
+; (setq elfeed-show-mode-map (make-sparse-keymap))
+; (define-key elfeed-show-mode-map (kbd "u") 'elfeed)
+; (define-key elfeed-show-mode-map (kbd "TAB") 'shr-next-link)
+; (define-key elfeed-show-mode-map (kbd "<backtab>") 'shr-previous-link)
+; (define-key elfeed-show-mode-map (kbd "a") 'elfeed-show-prev)
+; (define-key elfeed-show-mode-map (kbd "d") 'elfeed-show-next)
+; (define-key elfeed-show-mode-map (kbd "y") 'shr-copy-url)
+; (define-key elfeed-show-mode-map (kbd "RET") 'shr-browse-url)
+; 
+; 
+; 
+; ;; eww
+; ;; ===
+; 
+; (setq eww-mode-map (make-sparse-keymap))
+; (define-key eww-mode-map (kbd "TAB") 'shr-next-link)
+; (define-key eww-mode-map (kbd "<backtab>") 'shr-previous-link)
+; (define-key eww-mode-map (kbd "H") 'eww-back-url)
+; (define-key eww-mode-map (kbd "L") 'eww-forward-url)
+
+
+
+;; ledger
+;; ======
+(setq ledger-mode-map (make-sparse-keymap))
+(define-key ledger-mode-map (kbd "TAB") 'completion-at-point)
+
+
+
+;;; plomvi mode
+;;; ===========
+
+(defvar plomvi-return-combo (kbd "C-c"))
+(load "~/public_repos/plomvi.el/plomvi.el")
+(plomvi-global-mode 1)
diff --git a/archived/testing/home_files/user/.gitconfig b/archived/testing/home_files/user/.gitconfig
new file mode 100644 (file)
index 0000000..8967d25
--- /dev/null
@@ -0,0 +1,3 @@
+[user]
+       email = c.heller@plomlompom.de
+       name = Christian Heller
diff --git a/archived/testing/home_files/user/.mbsyncrc b/archived/testing/home_files/user/.mbsyncrc
new file mode 100644 (file)
index 0000000..59d01a9
--- /dev/null
@@ -0,0 +1,28 @@
+IMAPAccount plom
+# Address to connect to
+Host mail.plomlompom.com
+User plom
+# For some reason, mbsync doesn't accept a PassCmd output beyond 79 chars,
+# therefore the pw in ~/.authinfo should not be longer than that.
+PassCmd "cat ~/.authinfo | cut -d' ' -f8-"
+SSLType IMAPS
+AuthMechs LOGIN
+
+IMAPStore core-remote
+Account plom
+
+MaildirStore core-local
+# The trailing "/" is important
+Path ~/mail/maildir/
+Inbox ~/mail/inbox/
+
+Channel core
+Far :core-remote:
+Near :core-local:
+Patterns *
+# Automatically create missing mailboxes, both locally and on the server
+Create Both
+# Save the synchronization state files in the relevant directory
+SyncState *
+# If a mail is marked T ("Trashed") or deleted, remove it for real everywhere
+Expunge Both
diff --git a/archived/testing/home_files/user/.notmuch-config b/archived/testing/home_files/user/.notmuch-config
new file mode 100644 (file)
index 0000000..9532761
--- /dev/null
@@ -0,0 +1,9 @@
+[database]
+path=/home/plom/mail
+[search]
+exclude_tags=deleted;spam;
+# the fields below set the From: if the mail composer is called from
+# within notmuch
+[user]
+name=Christian Heller
+primary_email=plom@plomlompom.com
diff --git a/archived/testing/home_files/user/.shell_prompt_color b/archived/testing/home_files/user/.shell_prompt_color
new file mode 100644 (file)
index 0000000..0cfbf08
--- /dev/null
@@ -0,0 +1 @@
+2
diff --git a/archived/testing/home_files/user/.tridactylrc b/archived/testing/home_files/user/.tridactylrc
new file mode 100644 (file)
index 0000000..8da0831
--- /dev/null
@@ -0,0 +1,18 @@
+# sanitize tridactyllocal tridactylsync
+# guiset tabs always 
+# guiset hoverlink left
+# guiset statuspanel right 
+autocmd DocStart www.reddit.com urlmodify -t www.reddit old.reddit
+# bind ö fillcmdline find
+# bind n findnext 1
+# bind N findnext -1
+bind j scrollline 3
+bind k scrollline -3
+set hintuppercase false
+set searchengine duckduckgo
+set theme midnight 
+set searchurls.wiktionary https://en.wiktionary.org/w/index.php?search=
+set searchurls.dictcc https://www.dict.cc/?s=
+set hintchars 123456qwertasdfgyxcvb
+guiset gui none
+escapehatch
diff --git a/archived/testing/home_files/user/.xinitrc b/archived/testing/home_files/user/.xinitrc
new file mode 100644 (file)
index 0000000..e1cbd6a
--- /dev/null
@@ -0,0 +1,19 @@
+# X init configuration
+
+# Set keymap.
+setxkbmap de
+
+# Map CapsLock to Compose key.
+xmodmap -e "clear Lock"
+xmodmap -e "keycode 66 = Multi_key"
+
+# Load xterm settings
+xrdb -merge ~/.Xresources
+
+# Redshift to Berlin, Germany.
+redshift -rl 53:13 &
+
+sh .xinitrc_bonus
+
+# Launch window manager.
+i3
diff --git a/archived/testing/home_files/user/mail_sync.sh b/archived/testing/home_files/user/mail_sync.sh
new file mode 100755 (executable)
index 0000000..ffe6b4a
--- /dev/null
@@ -0,0 +1,44 @@
+#!/bin/sh
+set -e
+
+basedir="/home/plom/mail/maildir/"
+# Ensure directories exist for all "dir:*" tags.
+for tag in $(notmuch search --output=tags '*'); do
+    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
+        continue
+    fi
+    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
+    if [ ! -d "${target_dir}" ]; then
+        echo "Directory ${target_dir} does not exist."
+        exit 1
+    fi
+done
+
+# Ensure all "dir:*"-tagged mails are in proper directories,
+# remove all "dir:*" tags.
+for tag in $(notmuch search --output=tags '*'); do
+    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
+        continue
+    fi
+    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
+    for f in $(notmuch search --output=files tag:"${tag}"); do
+         new_name=$(basename "${f}" | sed -e 's/,U=[0-9]*//')
+         target_path="${target_dir}${new_name}"
+         if [ ! "${target_path}" = "${f}" ]; then
+             echo "Moving ${f} to ${target_path}."
+             mv "${f}" "${target_path}"
+            # NOTE: if we encounter an error here of ${f} not being findable, run "notmuch reindex tag:${tag}" to fix 
+         fi
+    done
+    notmuch tag -"${tag}" tag:"${tag}"
+done
+
+# Remove all "deleted"-tagged files from maildirs.
+notmuch search --output=files tag:deleted | while read f; do
+    echo "Deleting ${f}"
+    rm "${f}"
+done
+
+# Sync changes back to server and update notmuch index.
+mbsync -a
+notmuch new
diff --git a/archived/testing/home_files/user/public_repos/repos b/archived/testing/home_files/user/public_repos/repos
new file mode 100644 (file)
index 0000000..2414eec
--- /dev/null
@@ -0,0 +1,8 @@
+# List of repos we want cloned in ~/public_repos
+config
+pingmail.git
+plomlombot-irc.git
+plomrogue
+plomrogue2-experiments
+plomvi.el
+misc
diff --git a/archived/testing/scripts/__setup_raspi.sh b/archived/testing/scripts/__setup_raspi.sh
new file mode 100755 (executable)
index 0000000..812f5b5
--- /dev/null
@@ -0,0 +1,7 @@
+#!/bin/sh
+set -e
+set -x
+. ../../constants.sh
+. "${PATH_MANY_MISC}"
+
+setup_for_raspi
diff --git a/archived/testing/setup_scripts/_setup.sh b/archived/testing/setup_scripts/_setup.sh
new file mode 100755 (executable)
index 0000000..0c28d60
--- /dev/null
@@ -0,0 +1,34 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+
+expect_n_args 2 "(hostname, FQDN)" "$@"
+hostname="$1"
+fqdn="$2"
+shift 2
+
+cd "${setup_scripts_dir}"
+
+# Adapt /etc/ to our needs by copying from ./etc_files. This will set
+# basic configurations affecting following steps, such as setup of APT
+# and the locale selection, so needs to be right at the beginning.
+./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" all "$@"
+
+# Set hostname and FQDN.
+./set_hostname_and_fqdn.sh "${hostname}" "${fqdn}"
+
+# Ensure package installation state as defined by what packages are
+# defined as required by Debian policy and by settings in ./apt-mark/.
+apt update
+./install_for_target.sh all "$@"
+./purge_nonrequireds.sh all "$@"
+
+# Ensure our desired locale is available.
+locale-gen
+
+# Only upgrade after reducing the system to the desired minimum, so that
+# we don't need to get more data than necessary.
+apt -y dist-upgrade
+
+# Set Berlin localtime.
+ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
diff --git a/archived/testing/setup_scripts/copy_dirtree.sh b/archived/testing/setup_scripts/copy_dirtree.sh
new file mode 100755 (executable)
index 0000000..2c385f0
--- /dev/null
@@ -0,0 +1,29 @@
+#!/bin/sh
+# Copy files in argument-selected subdirectories of $1 to subdirectories
+# of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2
+# of "" and $3 of "all", copy files below etc_files/all such as
+# etc_files/all/etc/foo/bar to equivalent locations below / such as
+# /etc/foo/bar. Create directories as necessary. Multiple arguments after
+# $3 are possible.
+#
+# CAUTION: This removes original files at the affected paths.
+set -e
+. ./misc.sh
+
+expect_n_args 3 "(source root, target root, modules)" "$@"
+
+source_root="$1"
+target_root="$2"
+shift 2
+
+for target_module in "$@"; do
+    mkdir -p "${source_root}/${target_module}"
+    cd "${source_root}/${target_module}"
+    for path in $(find . -type f); do
+        target_path="${target_root}"$(echo "${path}" | cut -c2-)
+        source_path=$(realpath "${path}")
+        dir=$(dirname "${target_path}")
+        mkdir -p "${dir}"
+        cp "${source_path}" "${target_path}"
+    done
+done
diff --git a/archived/testing/setup_scripts/install_for_target.sh b/archived/testing/setup_scripts/install_for_target.sh
new file mode 100755 (executable)
index 0000000..6d04152
--- /dev/null
@@ -0,0 +1,18 @@
+#!/bin/sh
+# Walks through the package names in the argument-selected files of
+# apt-mark/ and ensures the respective packages are installed.
+#
+# Ignores anything in an apt-mark/ file after the last newline.
+set -e
+. ./misc.sh
+
+for target in "$@"; do
+    path="${aptmark_dir}/${target}"
+    # TODO: continue if file at $path not found, to get rid of dummy files
+    cat "${path}" | while read line; do
+        echo "$line"
+        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
+            DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=--force-confold install "${line}"
+        fi
+    done
+done
diff --git a/archived/testing/setup_scripts/misc.sh b/archived/testing/setup_scripts/misc.sh
new file mode 100644 (file)
index 0000000..f6d2367
--- /dev/null
@@ -0,0 +1,44 @@
+#!/bin/sh
+set -e
+debian_version="testing"
+legal_system_names="x220 w530 h610m"
+config_tree_prefix="${HOME}/public_repos/config/${debian_version}"
+if [ ! -d "${config_tree_prefix}" ]; then
+    config_tree_prefix="${HOME}/config/${debian_version}"
+fi
+setup_scripts_dir="${config_tree_prefix}/setup_scripts"
+aptmark_dir="${config_tree_prefix}/apt-mark"
+
+expect_n_args() {
+    min_args="$1"
+    explainer="$2"
+    shift 2
+    if [ "$#" -lt "${min_args}" ]; then
+        echo "Need at least ${min_args} arguments … ${explainer}"
+        false
+    fi
+}
+
+expect_setup_finished_file() {
+    filename="$1"
+    setup_script="$2"
+    if [ ! -f "${HOME}/${filename}" ]; then
+        echo "First need to run ${setup_script}."
+        false
+    fi
+}
+
+get_system_name_arg() {
+    found=0
+    for system_name_i in $legal_system_names; do
+        if [ "$1" = "$system_name_i" ]; then
+            found=1
+            system_name="${system_name_i}"
+            continue   
+        fi
+    done
+    if [ "$found" = 0 ]; then
+        echo "Need legal system name."
+        false
+    fi
+}
diff --git a/archived/testing/setup_scripts/purge_nonrequireds.sh b/archived/testing/setup_scripts/purge_nonrequireds.sh
new file mode 100755 (executable)
index 0000000..48065fc
--- /dev/null
@@ -0,0 +1,30 @@
+#!/bin/sh
+# This script removes all Debian packages that are not of Priority
+# "required" or not depended on by packages of priority "required"
+# or not listed in the argument-selected files of apt-mark/.
+set -e
+. ./misc.sh
+
+# FIXME packages listed twice in the aptmark_dir get blacklisted?
+
+dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted
+for target in "$@"; do
+    path="${aptmark_dir}/${target}"
+    cat "${path}" | while read line; do
+        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
+            echo "${line}" >> /tmp/list_white_unsorted
+        fi
+    done
+done
+sort /tmp/list_white_unsorted > /tmp/list_white
+dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages
+sort /tmp/list_all_packages > /tmp/foo
+mv /tmp/foo /tmp/list_all_packages
+comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black
+apt-mark auto `cat /tmp/list_black`
+DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
+rm /tmp/list_all_packages /tmp/list_white_unsorted /tmp/list_white /tmp/list_black
+
+# Somehow, auto-mounts get undone by all of this, so re-mount /etc/fstab.
+# TODO: Find out why.
+mount -a
diff --git a/archived/testing/setup_scripts/set_hostname_and_fqdn.sh b/archived/testing/setup_scripts/set_hostname_and_fqdn.sh
new file mode 100755 (executable)
index 0000000..b367906
--- /dev/null
@@ -0,0 +1,49 @@
+#!/bin/sh
+# Sets hostname and optionally FQDN.
+#
+# Calls hostname, writes to /etc/hostname and /etc/hosts. For /etc/hosts
+# writing follows recommendations from Debian manual at
+# <https://www.debian.org/doc/manuals/debian-reference/ch05.en.html>
+# (section "The hostname resolution") on how to map hostname and possibly
+# FQDN to a permanent IP if present (we assume here any non-private IP
+# and non-loopback IP returned by hostname -I to fulfill that criterion
+# on our systems) or to 127.0.1.1 if not. On the reasoning for separating
+# localhost and hostname mapping to different IPs, see
+# <https://unix.stackexchange.com/a/13087>.
+#
+# Ignores IPv6s.
+set -e
+. ./misc.sh
+
+expect_n_args 1 "(hostname, fqdn)" "$@"
+
+hostname="$1"
+fqdn="$2"
+echo "${hostname}" > /etc/hostname
+hostname "${hostname}"
+
+final_ip="127.0.1.1"
+for ip in $(hostname -I); do
+    if [ $(echo "${ip}" | grep ':' | wc -l) -eq 1 ]; then
+        continue
+    fi
+    range_1=$(echo "${ip}" | cut -d "." -f 1)
+    range_2=$(echo "${ip}" | cut -d "." -f 2)
+    if [ "${range_1}" -eq 127 ]; then
+        continue
+    elif [ "${range_1}" -eq 10 ]; then
+        continue
+    elif [ "${range_1}" -eq 172 ]; then
+        if [ "${range_2}" -ge 16 ] && [ "${range_2}" -le 31 ]; then
+            continue
+        fi
+    elif [ "${range_1}" -eq 192 ]; then
+        if [ "${range_2}" -eq 168 ]; then
+            continue
+        fi
+    fi
+    final_ip="${ip}"
+done
+
+echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
+echo "${final_ip} ${fqdn} ${hostname}" >> /etc/hosts
diff --git a/archived/testing/setup_scripts/setup_desktop.sh b/archived/testing/setup_scripts/setup_desktop.sh
new file mode 100755 (executable)
index 0000000..b9eba61
--- /dev/null
@@ -0,0 +1,31 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+
+expect_n_args 1 "(system name)" "$@"
+get_system_name_arg "$1"
+
+# Set up system without user environment.
+cd "${setup_scripts_dir}"
+if [ "$system_name" = "w530" ] || [ "$system_name" = "x220" ]; then
+    ./_setup.sh "${system_name}" "" user desktop thinkpad "${system_name}"
+else
+    ./_setup.sh "${system_name}" "" user desktop "${system_name}"
+fi
+
+# Upgrade to testing, but hold kernel known to work with nvidia-drivers.
+sed -i 's/bookworm/testing/g' /etc/apt/sources.list
+if [ "$system_name" = "h610m" ]; then
+    apt-mark hold linux-image-amd64 linux-headers-amd64
+fi
+apt update
+apt dist-upgrade
+
+# Set up user environments.
+cd "${setup_scripts_dir}"
+./copy_dirtree.sh "${config_tree_prefix}/home_files" "/root" minimal root
+adduser --disabled-password --gecos "" plom
+usermod -a -G sudo plom
+passwd plom
+cp -a ~/config /home/plom
+chown -R plom:plom /home/plom/config
diff --git a/archived/testing/setup_scripts/setup_home.sh b/archived/testing/setup_scripts/setup_home.sh
new file mode 100755 (executable)
index 0000000..592573a
--- /dev/null
@@ -0,0 +1,108 @@
+#!/bin/sh
+set -e
+. ./misc.sh
+
+expect_n_args 1 "(system name)" "$@"
+get_system_name_arg "$1"
+
+cd $setup_scripts_dir
+./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}"
+
+# secrets_dev="sdb"
+# source_dir_secrets="/media/${secrets_dev}/to_usb"
+# target_dir_secrets="${HOME}/tmp_secrets"
+# echo "Put secrets drive into slot for /dev/${secrets_dev}."
+# while [ ! -e /dev/"${secrets_dev}" ]; do
+#     sleep 1
+# done
+# stty -echo
+# printf "Secrets passphrase: "
+# read SECRETS_PASS 
+# stty echo
+# echo "" # newline so user knows their input return was accepted
+# sudo -v
+# echo "${SECRETS_PASS}" | sudo pmount /dev/"${secrets_dev}"
+# cp -a "${source_dir_secrets}" "${target_dir_secrets}"
+# sudo chown -R plom:plom "${target_dir_secrets}"
+# sudo pumount "${secrets_dev}"
+# echo "You can remove /dev/${secrets_dev} now."
+# 
+# # Set up iniitial non-public parts of infrastructure: SSH authentication.
+# ssh_dir=~/.ssh
+# cd "${target_dir_secrets}"
+# mkdir -p "${ssh_dir}"
+# echo "Setting up .ssh"
+# cp id_rsa ~/.ssh
+# stty -echo
+# ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
+# stty echo
+# eval $(ssh-agent)
+# ssh-add
+# ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts
+# 
+# # Fill ~/public_repos.
+# public_repos_dir="${HOME}/public_repos"
+# repos_list_file="${public_repos_dir}/repos"
+# mkdir -p "${public_repos_dir}"
+# cat "${repos_list_file}" | while read line; do
+#     first_char=$(echo "${line}" | cut -c1)
+#     if [ "${first_char}" = "#" ]; then
+#         continue
+#     fi
+#     repo_name="${line}"
+#     if [ ! -d "${public_repos_dir}/${repo_name}" ]; then
+#         cd "${public_repos_dir}"
+#         git clone plom@plomlompom.com:/var/repos/${repo_name}
+#     fi
+# done
+# 
+# # Remove redundant config repo copy.
+# config_tree_prefix="${public_repos_dir}/config/${debian_version}"
+# rm -rf ~/config
+# 
+# # Set up native messenger for tridactyl.
+# version='ef9f02d0da258f68d7faf8898707f6d83d90d07a'
+# curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash
+# 
+# # Set up further non-public parts of infrastructure.
+# cd "${target_dir_secrets}"
+# script -c 'gpg --import secret_keys.asc' /dev/null
+# path_borgscript="${config_tree_prefix}//borg.sh"
+# 
+# # borg setup
+# borgkeys_dir=~/.config/borg/keys
+# borgrepos_file=~/.borgrepos
+# tar xf borg_keyfiles.tar
+# mkdir -p "${borgkeys_dir}"
+# mv borg_keyfiles/* "${borgkeys_dir}"
+# # Sync org dir via borgbackup. For this we need the borgbackup servers
+# # in our .ssh/known_hosts file.
+# cat "${borgrepos_file}" | while read line; do
+#     first_char=$(echo "${line}" | cut -c1)
+#     if [ "${first_char}" = "#" ]; then
+#         continue
+#     fi
+#     server=$(echo "${line}" | sed 's/.*@//')
+#     ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts
+# done
+# BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull
+# 
+# # .authinfo may not be present on every secrets drive yet
+# authinfo_file=.authinfo
+# if [ -f "${authinfo_file}" ]; then
+#     cp "${authinfo_file}" ~
+# fi
+# cd
+# 
+# maildir=~/mail/maildir
+# # # Set up e-mail system. Note that we only do mbsync if the imap pass file
+# # # is found. It may not be present on every secrets drive yet, so we have to
+# # # deal with the possibility of it being absent at this point.
+# mkdir -p "${maildir}"  # expected by mbsync/isync
+# if [ -f "${HOME}/${authinfo_file}" ]; then
+#     mbsync -a
+#     notmuch new
+# fi
+# 
+# # # Final note on how to integrate tridactyl.
+# # echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start."
diff --git a/archived/update_key.sh b/archived/update_key.sh
deleted file mode 100755 (executable)
index 23b07ca..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -ne 1 ]; then
-  echo "Need exactly one argument: public key ID."
-  false
-fi
-gpg_key="$1"
-keyservers='keyserver.ubuntu.com pgp.surf.nl pgp.rediris.es'
-set +e
-for keyserver in $(echo "${keyservers}"); do
-    gpg --no-tty --keyserver $keyserver --send-key "${gpg_key}"
-done
-set -e
diff --git a/bookworm/apt-mark/all b/bookworm/apt-mark/all
deleted file mode 100644 (file)
index abd02d6..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client
-# unpredictably so
-ifupdown
-isc-dhcp-client
-# git for the setup directory; cloning works with ca-certificates
-ca-certificates
-git
-# to avoid constant warnings about no locale being found
-locales
-# extremely useful for basic network debugging; missed these more than once in an emergency
-netcat-traditional
-iputils-ping
-# what would we do without this …
-apt
diff --git a/bookworm/apt-mark/h610m b/bookworm/apt-mark/h610m
deleted file mode 100644 (file)
index 02b95cc..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-# for X to start at all
-linux-headers-amd64
-nvidia-driver
-firmware-misc-nonfree
-# X input: keyboard
-xserver-xorg-input-evdev
-# CUDA
-nvidia-cuda-dev
-nvidia-cuda-toolkit
-
diff --git a/bookworm/apt-mark/seedbox b/bookworm/apt-mark/seedbox
deleted file mode 100644 (file)
index 7129acf..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-# needed for torrenting
-rtorrent
-# needed for torrenting session
-screen
-
diff --git a/bookworm/apt-mark/server b/bookworm/apt-mark/server
deleted file mode 100644 (file)
index ecca45d..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-# so we can login at all …
-openssh-server
-# firewalling
-nftables
-# We want to be able to use ALL our servers as borg backup destinations.
-borgbackup
-# not only pull in systemd, but also /sbin/reboot and /sbin/shutdown
-systemd-sysv
-# necessary on _some_ vservers
-net-tools
-quota
-
diff --git a/bookworm/apt-mark/thinkpad b/bookworm/apt-mark/thinkpad
deleted file mode 100644 (file)
index fa7bd38..0000000
+++ /dev/null
@@ -1,16 +0,0 @@
-# for wifi
-firmware-iwlwifi
-network-manager
-wpasupplicant
-# for tlp
-tlp
-tp-smapi-dkms
-# for X to start at all
-xserver-xorg-video-intel
-# X input: keyboard and touchpad
-xserver-xorg-input-evdev
-xserver-xorg-input-synaptics
-# to use printer
-cups
-#
-
diff --git a/bookworm/apt-mark/user b/bookworm/apt-mark/user
deleted file mode 100644 (file)
index 831b81c..0000000
+++ /dev/null
@@ -1,56 +0,0 @@
-# to avoid booting problems with encrypted LVM, see <https://askubuntu.com/a/1105848>
-cryptsetup-initramfs
-lvm2
-# this provides setupcon which reads /etc/default/console-setup
-console-setup
-# for startx
-xinit
-# for xrdb
-x11-xserver-utils
-# for startx to run for non-root user
-libpam-systemd
-# window environment
-i3
-i3status
-suckless-tools
-xterm
-# to get sleepy at night
-redshift
-# for alsamixer
-alsa-utils
-# also useful
-vim
-sudo
-less
-man-db
-manpages
-procps
-# firefox install dependencies
-wget
-bzip2
-# firefox running dependencies
-libgtk-3-0
-libdbus-glib-1-2
-# tridactyl install recommendations
-vim-gtk3
-curl
-# for firefox to emit sound
-pulseaudio
-# emacs
-emacs
-emacs-common-non-dfsg
-emacs-el
-elpa-ledger
-ledger
-# to mount encrypted USB stick and use its contents
-pmount
-cryptsetup
-openssh-client
-# for syncing
-borgbackup
-# mail setup
-isync
-notmuch
-elpa-notmuch
-pinentry-gtk2
-#
diff --git a/bookworm/apt-mark/w530 b/bookworm/apt-mark/w530
deleted file mode 100644 (file)
index 6c2cfd7..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-# for open-gpu-kernel-modules building
-gcc
-g++
-make
-linux-headers-amd64
-xz-utils
-# for NVIDIA driver .run --no-kernel-modules
-libvulkan1
-libglvnd-dev
-pkg-config
-# so we can add nvidia.NVreg_OpenRmEnableUnsupportedGpus=1 to default grub
-grub-efi-amd64
-
diff --git a/bookworm/apt-mark/web b/bookworm/apt-mark/web
deleted file mode 100644 (file)
index 4912b8a..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-nginx-light
-# for SSL
-certbot
-python3-certbot-nginx
diff --git a/bookworm/borg.sh b/bookworm/borg.sh
deleted file mode 120000 (symlink)
index 358132c..0000000
+++ /dev/null
@@ -1 +0,0 @@
-../bullseye/borg.sh
\ No newline at end of file
diff --git a/bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies b/bookworm/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies
deleted file mode 100644 (file)
index 4aaef79..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-APT::AutoRemove::RecommendsImportant "false";
-APT::AutoRemove::SuggestsImportant "false";
-APT::Install-Recommends "false";
-APT::Install-Suggests "false";
diff --git a/bookworm/etc_files/all/etc/apt/sources.list b/bookworm/etc_files/all/etc/apt/sources.list
deleted file mode 100644 (file)
index 72b0ffb..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
-deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
-deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware
-deb http://ftp.debian.org/debian bookworm-backports main contrib non-free non-free-firmware
diff --git a/bookworm/etc_files/all/etc/default/locale b/bookworm/etc_files/all/etc/default/locale
deleted file mode 100644 (file)
index dd6eee3..0000000
+++ /dev/null
@@ -1 +0,0 @@
-LANG="en_US.UTF-8"
diff --git a/bookworm/etc_files/all/etc/locale.gen b/bookworm/etc_files/all/etc/locale.gen
deleted file mode 100644 (file)
index a28cfa4..0000000
+++ /dev/null
@@ -1,483 +0,0 @@
-# This file lists locales that you wish to have built. You can find a list
-# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
-# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
-# this file, you need to rerun locale-gen.
-
-
-# aa_DJ ISO-8859-1
-# aa_DJ.UTF-8 UTF-8
-# aa_ER UTF-8
-# aa_ER@saaho UTF-8
-# aa_ET UTF-8
-# af_ZA ISO-8859-1
-# af_ZA.UTF-8 UTF-8
-# ak_GH UTF-8
-# am_ET UTF-8
-# an_ES ISO-8859-15
-# an_ES.UTF-8 UTF-8
-# anp_IN UTF-8
-# ar_AE ISO-8859-6
-# ar_AE.UTF-8 UTF-8
-# ar_BH ISO-8859-6
-# ar_BH.UTF-8 UTF-8
-# ar_DZ ISO-8859-6
-# ar_DZ.UTF-8 UTF-8
-# ar_EG ISO-8859-6
-# ar_EG.UTF-8 UTF-8
-# ar_IN UTF-8
-# ar_IQ ISO-8859-6
-# ar_IQ.UTF-8 UTF-8
-# ar_JO ISO-8859-6
-# ar_JO.UTF-8 UTF-8
-# ar_KW ISO-8859-6
-# ar_KW.UTF-8 UTF-8
-# ar_LB ISO-8859-6
-# ar_LB.UTF-8 UTF-8
-# ar_LY ISO-8859-6
-# ar_LY.UTF-8 UTF-8
-# ar_MA ISO-8859-6
-# ar_MA.UTF-8 UTF-8
-# ar_OM ISO-8859-6
-# ar_OM.UTF-8 UTF-8
-# ar_QA ISO-8859-6
-# ar_QA.UTF-8 UTF-8
-# ar_SA ISO-8859-6
-# ar_SA.UTF-8 UTF-8
-# ar_SD ISO-8859-6
-# ar_SD.UTF-8 UTF-8
-# ar_SS UTF-8
-# ar_SY ISO-8859-6
-# ar_SY.UTF-8 UTF-8
-# ar_TN ISO-8859-6
-# ar_TN.UTF-8 UTF-8
-# ar_YE ISO-8859-6
-# ar_YE.UTF-8 UTF-8
-# as_IN UTF-8
-# ast_ES ISO-8859-15
-# ast_ES.UTF-8 UTF-8
-# ayc_PE UTF-8
-# az_AZ UTF-8
-# be_BY CP1251
-# be_BY.UTF-8 UTF-8
-# be_BY@latin UTF-8
-# bem_ZM UTF-8
-# ber_DZ UTF-8
-# ber_MA UTF-8
-# bg_BG CP1251
-# bg_BG.UTF-8 UTF-8
-# bhb_IN.UTF-8 UTF-8
-# bho_IN UTF-8
-# bn_BD UTF-8
-# bn_IN UTF-8
-# bo_CN UTF-8
-# bo_IN UTF-8
-# br_FR ISO-8859-1
-# br_FR.UTF-8 UTF-8
-# br_FR@euro ISO-8859-15
-# brx_IN UTF-8
-# bs_BA ISO-8859-2
-# bs_BA.UTF-8 UTF-8
-# byn_ER UTF-8
-# ca_AD ISO-8859-15
-# ca_AD.UTF-8 UTF-8
-# ca_ES ISO-8859-1
-# ca_ES.UTF-8 UTF-8
-# ca_ES.UTF-8@valencia UTF-8
-# ca_ES@euro ISO-8859-15
-# ca_ES@valencia ISO-8859-15
-# ca_FR ISO-8859-15
-# ca_FR.UTF-8 UTF-8
-# ca_IT ISO-8859-15
-# ca_IT.UTF-8 UTF-8
-# ce_RU UTF-8
-# chr_US UTF-8
-# cmn_TW UTF-8
-# crh_UA UTF-8
-# cs_CZ ISO-8859-2
-# cs_CZ.UTF-8 UTF-8
-# csb_PL UTF-8
-# cv_RU UTF-8
-# cy_GB ISO-8859-14
-# cy_GB.UTF-8 UTF-8
-# da_DK ISO-8859-1
-# da_DK.UTF-8 UTF-8
-# de_AT ISO-8859-1
-# de_AT.UTF-8 UTF-8
-# de_AT@euro ISO-8859-15
-# de_BE ISO-8859-1
-# de_BE.UTF-8 UTF-8
-# de_BE@euro ISO-8859-15
-# de_CH ISO-8859-1
-# de_CH.UTF-8 UTF-8
-# de_DE ISO-8859-1
-# de_DE.UTF-8 UTF-8
-# de_DE@euro ISO-8859-15
-# de_IT ISO-8859-1
-# de_IT.UTF-8 UTF-8
-# de_LI.UTF-8 UTF-8
-# de_LU ISO-8859-1
-# de_LU.UTF-8 UTF-8
-# de_LU@euro ISO-8859-15
-# doi_IN UTF-8
-# dv_MV UTF-8
-# dz_BT UTF-8
-# el_CY ISO-8859-7
-# el_CY.UTF-8 UTF-8
-# el_GR ISO-8859-7
-# el_GR.UTF-8 UTF-8
-# en_AG UTF-8
-# en_AU ISO-8859-1
-# en_AU.UTF-8 UTF-8
-# en_BW ISO-8859-1
-# en_BW.UTF-8 UTF-8
-# en_CA ISO-8859-1
-# en_CA.UTF-8 UTF-8
-# en_DK ISO-8859-1
-# en_DK.ISO-8859-15 ISO-8859-15
-# en_DK.UTF-8 UTF-8
-# en_GB ISO-8859-1
-# en_GB.ISO-8859-15 ISO-8859-15
-# en_GB.UTF-8 UTF-8
-# en_HK ISO-8859-1
-# en_HK.UTF-8 UTF-8
-# en_IE ISO-8859-1
-# en_IE.UTF-8 UTF-8
-# en_IE@euro ISO-8859-15
-# en_IL UTF-8
-# en_IN UTF-8
-# en_NG UTF-8
-# en_NZ ISO-8859-1
-# en_NZ.UTF-8 UTF-8
-# en_PH ISO-8859-1
-# en_PH.UTF-8 UTF-8
-# en_SG ISO-8859-1
-# en_SG.UTF-8 UTF-8
-# en_US ISO-8859-1
-# en_US.ISO-8859-15 ISO-8859-15
-en_US.UTF-8 UTF-8
-# en_ZA ISO-8859-1
-# en_ZA.UTF-8 UTF-8
-# en_ZM UTF-8
-# en_ZW ISO-8859-1
-# en_ZW.UTF-8 UTF-8
-# eo UTF-8
-# es_AR ISO-8859-1
-# es_AR.UTF-8 UTF-8
-# es_BO ISO-8859-1
-# es_BO.UTF-8 UTF-8
-# es_CL ISO-8859-1
-# es_CL.UTF-8 UTF-8
-# es_CO ISO-8859-1
-# es_CO.UTF-8 UTF-8
-# es_CR ISO-8859-1
-# es_CR.UTF-8 UTF-8
-# es_CU UTF-8
-# es_DO ISO-8859-1
-# es_DO.UTF-8 UTF-8
-# es_EC ISO-8859-1
-# es_EC.UTF-8 UTF-8
-# es_ES ISO-8859-1
-# es_ES.UTF-8 UTF-8
-# es_ES@euro ISO-8859-15
-# es_GT ISO-8859-1
-# es_GT.UTF-8 UTF-8
-# es_HN ISO-8859-1
-# es_HN.UTF-8 UTF-8
-# es_MX ISO-8859-1
-# es_MX.UTF-8 UTF-8
-# es_NI ISO-8859-1
-# es_NI.UTF-8 UTF-8
-# es_PA ISO-8859-1
-# es_PA.UTF-8 UTF-8
-# es_PE ISO-8859-1
-# es_PE.UTF-8 UTF-8
-# es_PR ISO-8859-1
-# es_PR.UTF-8 UTF-8
-# es_PY ISO-8859-1
-# es_PY.UTF-8 UTF-8
-# es_SV ISO-8859-1
-# es_SV.UTF-8 UTF-8
-# es_US ISO-8859-1
-# es_US.UTF-8 UTF-8
-# es_UY ISO-8859-1
-# es_UY.UTF-8 UTF-8
-# es_VE ISO-8859-1
-# es_VE.UTF-8 UTF-8
-# et_EE ISO-8859-1
-# et_EE.ISO-8859-15 ISO-8859-15
-# et_EE.UTF-8 UTF-8
-# eu_ES ISO-8859-1
-# eu_ES.UTF-8 UTF-8
-# eu_ES@euro ISO-8859-15
-# eu_FR ISO-8859-1
-# eu_FR.UTF-8 UTF-8
-# eu_FR@euro ISO-8859-15
-# fa_IR UTF-8
-# ff_SN UTF-8
-# fi_FI ISO-8859-1
-# fi_FI.UTF-8 UTF-8
-# fi_FI@euro ISO-8859-15
-# fil_PH UTF-8
-# fo_FO ISO-8859-1
-# fo_FO.UTF-8 UTF-8
-# fr_BE ISO-8859-1
-# fr_BE.UTF-8 UTF-8
-# fr_BE@euro ISO-8859-15
-# fr_CA ISO-8859-1
-# fr_CA.UTF-8 UTF-8
-# fr_CH ISO-8859-1
-# fr_CH.UTF-8 UTF-8
-# fr_FR ISO-8859-1
-# fr_FR.UTF-8 UTF-8
-# fr_FR@euro ISO-8859-15
-# fr_LU ISO-8859-1
-# fr_LU.UTF-8 UTF-8
-# fr_LU@euro ISO-8859-15
-# fur_IT UTF-8
-# fy_DE UTF-8
-# fy_NL UTF-8
-# ga_IE ISO-8859-1
-# ga_IE.UTF-8 UTF-8
-# ga_IE@euro ISO-8859-15
-# gd_GB ISO-8859-15
-# gd_GB.UTF-8 UTF-8
-# gez_ER UTF-8
-# gez_ER@abegede UTF-8
-# gez_ET UTF-8
-# gez_ET@abegede UTF-8
-# gl_ES ISO-8859-1
-# gl_ES.UTF-8 UTF-8
-# gl_ES@euro ISO-8859-15
-# gu_IN UTF-8
-# gv_GB ISO-8859-1
-# gv_GB.UTF-8 UTF-8
-# ha_NG UTF-8
-# hak_TW UTF-8
-# he_IL ISO-8859-8
-# he_IL.UTF-8 UTF-8
-# hi_IN UTF-8
-# hne_IN UTF-8
-# hr_HR ISO-8859-2
-# hr_HR.UTF-8 UTF-8
-# hsb_DE ISO-8859-2
-# hsb_DE.UTF-8 UTF-8
-# ht_HT UTF-8
-# hu_HU ISO-8859-2
-# hu_HU.UTF-8 UTF-8
-# hy_AM UTF-8
-# hy_AM.ARMSCII-8 ARMSCII-8
-# ia_FR UTF-8
-# id_ID ISO-8859-1
-# id_ID.UTF-8 UTF-8
-# ig_NG UTF-8
-# ik_CA UTF-8
-# is_IS ISO-8859-1
-# is_IS.UTF-8 UTF-8
-# it_CH ISO-8859-1
-# it_CH.UTF-8 UTF-8
-# it_IT ISO-8859-1
-# it_IT.UTF-8 UTF-8
-# it_IT@euro ISO-8859-15
-# iu_CA UTF-8
-# ja_JP.EUC-JP EUC-JP
-# ja_JP.UTF-8 UTF-8
-# ka_GE GEORGIAN-PS
-# ka_GE.UTF-8 UTF-8
-# kk_KZ PT154
-# kk_KZ.RK1048 RK1048
-# kk_KZ.UTF-8 UTF-8
-# kl_GL ISO-8859-1
-# kl_GL.UTF-8 UTF-8
-# km_KH UTF-8
-# kn_IN UTF-8
-# ko_KR.EUC-KR EUC-KR
-# ko_KR.UTF-8 UTF-8
-# kok_IN UTF-8
-# ks_IN UTF-8
-# ks_IN@devanagari UTF-8
-# ku_TR ISO-8859-9
-# ku_TR.UTF-8 UTF-8
-# kw_GB ISO-8859-1
-# kw_GB.UTF-8 UTF-8
-# ky_KG UTF-8
-# lb_LU UTF-8
-# lg_UG ISO-8859-10
-# lg_UG.UTF-8 UTF-8
-# li_BE UTF-8
-# li_NL UTF-8
-# lij_IT UTF-8
-# ln_CD UTF-8
-# lo_LA UTF-8
-# lt_LT ISO-8859-13
-# lt_LT.UTF-8 UTF-8
-# lv_LV ISO-8859-13
-# lv_LV.UTF-8 UTF-8
-# lzh_TW UTF-8
-# mag_IN UTF-8
-# mai_IN UTF-8
-# mg_MG ISO-8859-15
-# mg_MG.UTF-8 UTF-8
-# mhr_RU UTF-8
-# mi_NZ ISO-8859-13
-# mi_NZ.UTF-8 UTF-8
-# mk_MK ISO-8859-5
-# mk_MK.UTF-8 UTF-8
-# ml_IN UTF-8
-# mn_MN UTF-8
-# mni_IN UTF-8
-# mr_IN UTF-8
-# ms_MY ISO-8859-1
-# ms_MY.UTF-8 UTF-8
-# mt_MT ISO-8859-3
-# mt_MT.UTF-8 UTF-8
-# my_MM UTF-8
-# nan_TW UTF-8
-# nan_TW@latin UTF-8
-# nb_NO ISO-8859-1
-# nb_NO.UTF-8 UTF-8
-# nds_DE UTF-8
-# nds_NL UTF-8
-# ne_NP UTF-8
-# nhn_MX UTF-8
-# niu_NU UTF-8
-# niu_NZ UTF-8
-# nl_AW UTF-8
-# nl_BE ISO-8859-1
-# nl_BE.UTF-8 UTF-8
-# nl_BE@euro ISO-8859-15
-# nl_NL ISO-8859-1
-# nl_NL.UTF-8 UTF-8
-# nl_NL@euro ISO-8859-15
-# nn_NO ISO-8859-1
-# nn_NO.UTF-8 UTF-8
-# nr_ZA UTF-8
-# nso_ZA UTF-8
-# oc_FR ISO-8859-1
-# oc_FR.UTF-8 UTF-8
-# om_ET UTF-8
-# om_KE ISO-8859-1
-# om_KE.UTF-8 UTF-8
-# or_IN UTF-8
-# os_RU UTF-8
-# pa_IN UTF-8
-# pa_PK UTF-8
-# pap_AW UTF-8
-# pap_CW UTF-8
-# pl_PL ISO-8859-2
-# pl_PL.UTF-8 UTF-8
-# ps_AF UTF-8
-# pt_BR ISO-8859-1
-# pt_BR.UTF-8 UTF-8
-# pt_PT ISO-8859-1
-# pt_PT.UTF-8 UTF-8
-# pt_PT@euro ISO-8859-15
-# quz_PE UTF-8
-# raj_IN UTF-8
-# ro_RO ISO-8859-2
-# ro_RO.UTF-8 UTF-8
-# ru_RU ISO-8859-5
-# ru_RU.CP1251 CP1251
-# ru_RU.KOI8-R KOI8-R
-# ru_RU.UTF-8 UTF-8
-# ru_UA KOI8-U
-# ru_UA.UTF-8 UTF-8
-# rw_RW UTF-8
-# sa_IN UTF-8
-# sat_IN UTF-8
-# sc_IT UTF-8
-# sd_IN UTF-8
-# sd_IN@devanagari UTF-8
-# se_NO UTF-8
-# sgs_LT UTF-8
-# shs_CA UTF-8
-# si_LK UTF-8
-# sid_ET UTF-8
-# sk_SK ISO-8859-2
-# sk_SK.UTF-8 UTF-8
-# sl_SI ISO-8859-2
-# sl_SI.UTF-8 UTF-8
-# so_DJ ISO-8859-1
-# so_DJ.UTF-8 UTF-8
-# so_ET UTF-8
-# so_KE ISO-8859-1
-# so_KE.UTF-8 UTF-8
-# so_SO ISO-8859-1
-# so_SO.UTF-8 UTF-8
-# sq_AL ISO-8859-1
-# sq_AL.UTF-8 UTF-8
-# sq_MK UTF-8
-# sr_ME UTF-8
-# sr_RS UTF-8
-# sr_RS@latin UTF-8
-# ss_ZA UTF-8
-# st_ZA ISO-8859-1
-# st_ZA.UTF-8 UTF-8
-# sv_FI ISO-8859-1
-# sv_FI.UTF-8 UTF-8
-# sv_FI@euro ISO-8859-15
-# sv_SE ISO-8859-1
-# sv_SE.ISO-8859-15 ISO-8859-15
-# sv_SE.UTF-8 UTF-8
-# sw_KE UTF-8
-# sw_TZ UTF-8
-# szl_PL UTF-8
-# ta_IN UTF-8
-# ta_LK UTF-8
-# tcy_IN.UTF-8 UTF-8
-# te_IN UTF-8
-# tg_TJ KOI8-T
-# tg_TJ.UTF-8 UTF-8
-# th_TH TIS-620
-# th_TH.UTF-8 UTF-8
-# the_NP UTF-8
-# ti_ER UTF-8
-# ti_ET UTF-8
-# tig_ER UTF-8
-# tk_TM UTF-8
-# tl_PH ISO-8859-1
-# tl_PH.UTF-8 UTF-8
-# tn_ZA UTF-8
-# tr_CY ISO-8859-9
-# tr_CY.UTF-8 UTF-8
-# tr_TR ISO-8859-9
-# tr_TR.UTF-8 UTF-8
-# ts_ZA UTF-8
-# tt_RU UTF-8
-# tt_RU@iqtelif UTF-8
-# ug_CN UTF-8
-# uk_UA KOI8-U
-# uk_UA.UTF-8 UTF-8
-# unm_US UTF-8
-# ur_IN UTF-8
-# ur_PK UTF-8
-# uz_UZ ISO-8859-1
-# uz_UZ.UTF-8 UTF-8
-# uz_UZ@cyrillic UTF-8
-# ve_ZA UTF-8
-# vi_VN UTF-8
-# wa_BE ISO-8859-1
-# wa_BE.UTF-8 UTF-8
-# wa_BE@euro ISO-8859-15
-# wae_CH UTF-8
-# wal_ET UTF-8
-# wo_SN UTF-8
-# xh_ZA ISO-8859-1
-# xh_ZA.UTF-8 UTF-8
-# yi_US CP1255
-# yi_US.UTF-8 UTF-8
-# yo_NG UTF-8
-# yue_HK UTF-8
-# zh_CN GB2312
-# zh_CN.GB18030 GB18030
-# zh_CN.GBK GBK
-# zh_CN.UTF-8 UTF-8
-# zh_HK BIG5-HKSCS
-# zh_HK.UTF-8 UTF-8
-# zh_SG GB2312
-# zh_SG.GBK GBK
-# zh_SG.UTF-8 UTF-8
-# zh_TW BIG5
-# zh_TW.EUC-TW EUC-TW
-# zh_TW.UTF-8 UTF-8
-# zu_ZA ISO-8859-1
-# zu_ZA.UTF-8 UTF-8
diff --git a/bookworm/etc_files/all/etc/timezone b/bookworm/etc_files/all/etc/timezone
deleted file mode 100644 (file)
index 94d5acc..0000000
+++ /dev/null
@@ -1 +0,0 @@
-Europe/Berlin
diff --git a/bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service b/bookworm/etc_files/seedbox/etc/systemd/system/rtorrent.service
deleted file mode 100644 (file)
index babfd36..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-[Unit]
-Description=rtorrent session
-After=network.target
-
-[Service]
-Type=simple
-User=plom
-Group=plom
-WorkingDirectory=/home/plom
-ExecStartPre=-/bin/rm -f /home/plom/session/rtorrent.lock
-ExecStart=/usr/bin/screen -S rtorrent -Dm /usr/bin/rtorrent
-ExecStop=/usr/bin/screen -S rtorrent -X quit
-Restart=on-failure
-RestartSec=3
-
-[Install]
-WantedBy=multi-user.target
diff --git a/bookworm/etc_files/server/etc/ssh/sshd_config b/bookworm/etc_files/server/etc/ssh/sshd_config
deleted file mode 100644 (file)
index e952cb3..0000000
+++ /dev/null
@@ -1,123 +0,0 @@
-
-# This is the sshd server system-wide configuration file.  See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented.  Uncommented options override the
-# default value.
-
-Include /etc/ssh/sshd_config.d/*.conf
-
-#Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-#PermitRootLogin prohibit-password
-PermitRootLogin no  # plomlompom's security rule
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#PubkeyAuthentication yes
-
-# Expect .ssh/authorized_keys2 to be disregarded by default in future.
-#AuthorizedKeysFile    .ssh/authorized_keys .ssh/authorized_keys2
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-PasswordAuthentication no
-#PermitEmptyPasswords no
-
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-KbdInteractiveAuthentication no
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-#GSSAPIStrictAcceptorCheck yes
-#GSSAPIKeyExchange no
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the KbdInteractiveAuthentication and
-# PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via KbdInteractiveAuthentication may bypass
-# the setting of "PermitRootLogin prohibit-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and KbdInteractiveAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-X11Forwarding yes
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-PrintMotd no
-#PrintLastLog yes
-#TCPKeepAlive yes
-#PermitUserEnvironment no
-#Compression delayed
-ClientAliveInterval 15
-#ClientAliveCountMax 3
-#UseDNS no
-#PidFile /run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
-
-# override default of no subsystems
-Subsystem      sftp    /usr/lib/openssh/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-#      X11Forwarding no
-#      AllowTcpForwarding no
-#      PermitTTY no
-#      ForceCommand cvs server
diff --git a/bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx b/bookworm/etc_files/status.plomlompom.com/etc/nginx/sites-available/status.plomlompom.com.nginx
deleted file mode 100644 (file)
index 99c19d2..0000000
+++ /dev/null
@@ -1,16 +0,0 @@
-server {
-    listen 443 ssl;
-    server_name REPLACE_fqdn_ECALPER;
-    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
-    root /var/www/status.plomlompom.com/;
-
-    location = / {
-        return 301 /users/plomlompom.html;
-    } 
-
-    # re-direct to .html endings
-    location ~ ^/(notice|users)/([^\.]*)/?$ {
-        rewrite ^/(notice|users)/([^\./]*)/?$ /$1/$2.html permanent;
-    }
-}
diff --git a/bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx b/bookworm/etc_files/tube.plomlompom.com/etc/nginx/sites-available/tube.plomlompom.com.nginx
deleted file mode 100644 (file)
index 57b084a..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-server {
-    listen 443 ssl;
-    server_name REPLACE_fqdn_ECALPER;
-    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
-    root /var/www/tube.plomlompom.com/;
-
-    # re-direct to .html endings
-    location ~ ^/videos/watch/([^\.]*)/?$ {
-        rewrite ^/videos/watch/([^\./]*)/?$ /videos/watch/$1.html permanent;
-    }
-}
diff --git a/bookworm/etc_files/w530/etc/default/grub b/bookworm/etc_files/w530/etc/default/grub
deleted file mode 100644 (file)
index ff1b598..0000000
+++ /dev/null
@@ -1,32 +0,0 @@
-# If you change this file, run 'update-grub' afterwards to update
-# /boot/grub/grub.cfg.
-# For full documentation of the options in this file, see:
-#   info -f grub -n 'Simple configuration'
-
-GRUB_DEFAULT=0
-GRUB_TIMEOUT=5
-GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
-GRUB_CMDLINE_LINUX_DEFAULT="quiet  nvidia.NVreg_OpenRmEnableUnsupportedGpus=1"
-GRUB_CMDLINE_LINUX=""
-
-# Uncomment to enable BadRAM filtering, modify to suit your needs
-# This works with Linux (no patch required) and with any kernel that obtains
-# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
-#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"
-
-# Uncomment to disable graphical terminal (grub-pc only)
-#GRUB_TERMINAL=console
-
-# The resolution used on graphical terminal
-# note that you can use only modes which your graphic card supports via VBE
-# you can see them in real GRUB with the command `vbeinfo'
-#GRUB_GFXMODE=640x480
-
-# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
-#GRUB_DISABLE_LINUX_UUID=true
-
-# Uncomment to disable generation of recovery mode menu entries
-#GRUB_DISABLE_RECOVERY="true"
-
-# Uncomment to get a beep at grub start
-#GRUB_INIT_TUNE="480 440 1"
diff --git a/bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf b/bookworm/etc_files/w530/etc/modprobe.d/blacklist-nouveau.conf
deleted file mode 100644 (file)
index 9699336..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-blacklist nouveau
-options nouveau modeset=0
-
diff --git a/bookworm/etc_files/web/etc/nftables.conf b/bookworm/etc_files/web/etc/nftables.conf
deleted file mode 100755 (executable)
index ec6732a..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/usr/sbin/nft -f
-
-flush ruleset
-
-table inet filter {
-       chain input {
-               type filter hook input priority 0; policy drop;
-               iif lo accept comment "accept localhost traffic"
-               ct state invalid drop comment "drop invalid connections"
-               ct state established, related accept comment "accept traffic originated from us"
-               tcp dport 22 accept comment "accept SSH on default port"
-               tcp dport 80 accept comment "accept HTTP on default port"
-               tcp dport 443 accept comment "accept HTTPS on default port"
-               ip protocol icmp icmp type echo-request accept comment "accept ICMP for pinging"
-       }
-       chain forward {
-               type filter hook forward priority 0; policy drop;
-       }
-       chain output {
-               type filter hook output priority 0; policy accept;
-       }
-}
diff --git a/bookworm/etc_files/web/etc/nginx/nginx.conf b/bookworm/etc_files/web/etc/nginx/nginx.conf
deleted file mode 100644 (file)
index 8320425..0000000
+++ /dev/null
@@ -1,38 +0,0 @@
-# system integration
-user www-data;
-worker_processes auto;
-pid /run/nginx.pid;
-include /etc/nginx/modules-enabled/*.conf;
-
-# is expected even if empty
-events {
-}
-
-http {
-    # define content-type headers
-    include /etc/nginx/mime.types;
-    charset utf-8;
-
-    # Some standard optimizations, i.e. Debian default. Explained in
-    # <https://thoughts.t37.net/nginx-optimization-understanding-sendfile-tcp-nodelay-and-tcp-nopush-c55cdd276765>
-    # Not that I understand it all …
-    sendfile on;
-    tcp_nopush on;
-    tcp_nodelay on;
-
-    # logging deactivated due to GDPR
-    #access_log /var/log/nginx/access.log;
-    #error_log /var/log/nginx/error.log;
-    access_log off;
-    error_log off;
-
-    # virtual hosts: sites-enabled is the Debian way, conf.d the NGINX default
-    include /etc/nginx/conf.d/*.conf;
-    include /etc/nginx/sites-enabled/*;
-
-    # Redirect all HTTP requests to HTTPS.
-    server {
-        listen 80;
-        return 301 https://$host$request_uri;
-    }
-}
diff --git a/bookworm/home_files/h610m/.xinitrc_bonus b/bookworm/home_files/h610m/.xinitrc_bonus
deleted file mode 100644 (file)
index 1eaa7e8..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-# Don't blank screen, as this will confuse the HDMI switch setup / lead to unrecoverable X sessions. 
-xset s noblank
diff --git a/bookworm/home_files/minimal/.bashrc b/bookworm/home_files/minimal/.bashrc
deleted file mode 100644 (file)
index 5c1d6b2..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-# Settings for interactive shells.
-
-# Fancy colors for ls.
-alias ls="ls --color=auto"
-
-# Other helpful aliases
-alias sshauth='eval $(ssh-agent) && ssh-add'
-# alias xrandrbig='xrandr --output LVDS-1 --off'
-
-# Use vim as default editor for anything.
-export VISUAL=vim
-export EDITOR=$VISUAL
-
-# Colored prompt with username, hostname, date/time, directory.
-colornumber=7 # Default to white if no color set via colornumber dotfile.
-colornumber_file=~/.shell_prompt_color
-if [ -f $colornumber_file ]; then
-    colornumber=`cat $colornumber_file`
-fi
-tput_color="$(tput setaf $colornumber)$(tput bold)"
-tput_reset="$(tput sgr0)"
-# Bash confuses the line length when not told to not count escape sequences.
-if [ ! "$BASH" = "" ]; then
-    tput_color="\[$tput_color\]"
-    tput_reset="\[$tput_reset\]"
-fi
-PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset"
-PS2="${tput_color}> $tput_reset"
-PS3="${tput_color}select: $tput_reset"
-PS4="${tput_color}+ $tput_reset"
diff --git a/bookworm/home_files/root/.shell_prompt_color b/bookworm/home_files/root/.shell_prompt_color
deleted file mode 100644 (file)
index d00491f..0000000
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/bookworm/home_files/seedbox/.rtorrent.rc b/bookworm/home_files/seedbox/.rtorrent.rc
deleted file mode 100644 (file)
index 2513748..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-# where to write downloads into
-directory.default.set = ~/downloads
-
-# rtorrent's memory 
-session.path.set = ~/session
-
-# security and paranoia
-dht.mode.set = disable
-protocol.pex.set = no
-protocol.encryption.set = require,require_RC4,allow_incoming,try_outgoing
-
diff --git a/bookworm/home_files/user/.Xresources b/bookworm/home_files/user/.Xresources
deleted file mode 100644 (file)
index 45b10af..0000000
+++ /dev/null
@@ -1,56 +0,0 @@
-! otherwise various applications will assume merely 8 colors
-XTerm.termName: xterm-256color
-
-! font
-! actually, "mono" is already the default for faceName (it will
-! pick whatever fc-match mono delivers), but we need to set _some_
-! faceName to trigger XTerm activating TrueType fonts
-! (XTerm*fontRender by itself won't do the trick), and we want
-! TrueType fonts because, well, they scale better, and XTerm lets them
-! fall back on alternatives (hi there ttf-unifont) when a Unicode
-! glyph is not found
-XTerm*faceName: mono
-
-! white on black
-XTerm*reverseVideo: on
-
-! blink screen instead of sound
-XTerm*visualBell: on
-
-! proper ALT as META key treatment
-XTerm*eightBitInput: false
-
-! font sizes
-XTerm*faceSize: 8
-XTerm*faceSize1: 4
-XTerm*faceSize2: 5
-XTerm*faceSize3: 6
-XTerm*faceSize4: 8
-XTerm*faceSize5: 14
-XTerm*faceSize6: 25
-
-! colors
-! black
-XTerm*color0: #202020
-XTerm*color8: #3F3F3F
-! red
-XTerm*color1: #A82020
-XTerm*color9: #E82020
-! green
-XTerm*color2: #20A820
-XTerm*color10: #20E820
-! yellow
-XTerm*color3: #A8A820
-XTerm*color11: #E8E820
-! blue
-XTerm*color4: #3F3FFF
-XTerm*color12: #9F9FFF
-! magenta
-XTerm*color5: #A83FFF
-XTerm*color13: #E89FFF
-! cyan
-XTerm*color6: #3FA8FF
-XTerm*color14: #9FE8FF
-! white
-XTerm*color7: #A8A8A8
-XTerm*color15: #E8E8E8
diff --git a/bookworm/home_files/user/.borgrepos b/bookworm/home_files/user/.borgrepos
deleted file mode 100644 (file)
index c40eee3..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-plom@plomlompom.com
-plom@mail.plomlompom.com
-plom@play.plomlompom.com
-# file read ends at last newline
diff --git a/bookworm/home_files/user/.config/i3/config b/bookworm/home_files/user/.config/i3/config
deleted file mode 100644 (file)
index 7e4af34..0000000
+++ /dev/null
@@ -1,86 +0,0 @@
-# plomlompom's i3-wm configuration
-
-# Font for i3 text
-font pango:Terminus 8px
-
-# Force "tabbed" as default layout for new windows.
-workspace_layout              tabbed
-
-# Make the Windows key the modifier key for all i3-wm actions.
-set                           $mod Mod4
-floating_modifier             $mod
-
-# Launch xterm.
-bindsym $mod+Return           exec xterm
-
-# Launch programs via dmenu.
-bindsym $mod+d                exec dmenu_run
-bindsym $mod+x                exec dmenu_run
-
-# Kill window.
-bindsym $mod+Shift+Q          kill
-
-# Move focus between windows.
-bindsym $mod+Left             focus left
-bindsym $mod+Down             focus down
-bindsym $mod+Up               focus up
-bindsym $mod+Right            focus right
-
-# Don't move focus with mouse.
-focus_follows_mouse           no
-
-# Move windows.
-bindsym $mod+Shift+Left       move left
-bindsym $mod+Shift+Down       move down
-bindsym $mod+Shift+Up         move up
-bindsym $mod+Shift+Right      move right
-
-# Resize windows
-bindsym $mod+h                resize shrink width 1 px or 1 ppt
-bindsym $mod+l                resize grow width 1 px or 1 ppt
-bindsym $mod+j                resize shrink height
-bindsym $mod+k                resize grow height
-
-# Toggle fullscreen for focused window.
-bindsym $mod+f                fullscreen
-
-# Toggle floating of window, focus on floating or tabbed windows.
-bindsym $mod+Shift+space      floating toggle
-bindsym $mod+space            focus mode_toggle
-
-# Switch to workspace x.
-bindsym $mod+1                workspace 1
-bindsym $mod+2                workspace 2
-bindsym $mod+3                workspace 3
-bindsym $mod+4                workspace 4
-bindsym $mod+5                workspace 5
-bindsym $mod+6                workspace 6
-bindsym $mod+7                workspace 7
-bindsym $mod+8                workspace 8
-bindsym $mod+9                workspace 9
-bindsym $mod+0                workspace 10
-
-# Move window to workspace x.
-bindsym $mod+Shift+exclam     move workspace 1
-bindsym $mod+Shift+quotedbl   move workspace 2
-bindsym $mod+Shift+section    move workspace 3
-bindsym $mod+Shift+dollar     move workspace 4
-bindsym $mod+Shift+percent    move workspace 5
-bindsym $mod+Shift+ampersand  move workspace 6
-bindsym $mod+Shift+slash      move workspace 7
-bindsym $mod+Shift+parenleft  move workspace 8
-bindsym $mod+Shift+parenright move workspace 9
-bindsym $mod+Shift+equal      move workspace 10
-
-# Reload i3 config file, restart (keeping sesion) i3, exit i3.
-bindsym $mod+Shift+C          reload
-bindsym $mod+Shift+R          restart
-bindsym $mod+Shift+P          exit
-
-# Select "i3status" as i3 status bar, hide systray icons.
-bar {
-  tray_output none
-  status_command i3status
-}
-
-include ~/.config/i3/config_bonus
diff --git a/bookworm/home_files/user/.config/i3status/config b/bookworm/home_files/user/.config/i3status/config
deleted file mode 100644 (file)
index b9fb15f..0000000
+++ /dev/null
@@ -1,82 +0,0 @@
-# plomlompom's i3 status bar configuration
-
-# Activate colors; set update interval of one second.
-general {
-  colors = true
-  interval = 1
-}
-
-# Selection / order of status elements.
-order += "disk /"
-order += "disk /home/"
-order += "wireless wlp3s0"
-order += "ethernet enp0s25"
-order += "battery 0"
-order += "cpu_usage"
-order += "load"
-order += "cpu_temperature 0"
-order += "time"
-order += "volume master"
-
-# How much space is left in / ?
-disk "/" {
-  format = "/: %avail available of %total"
-  separator_block_width = 25
-}
-
-# How much space is left in /home ?
-disk "/home/" {
-  format = "/home: %avail available of %total"
-  separator_block_width = 25
-}
-
-# WLAN status: show IP and connection quality or "down".
-wireless wlp3s0 {
-  format_up = "w: (%quality at %essid) %ip"
-  format_down = "w: down"
-  separator_block_width = 10
-}
-
-# Ethernet status: show IP or "down".
-ethernet enp0s25 {
-  format_up = "e: %ip"
-  format_down = "e: down"
-  separator_block_width = 25
-}
-
-# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
-battery 0 {
-  format = "b: %status %percentage %remaining"
-  separator_block_width = 25
-}
-
-# Show CPU usage.
-cpu_usage {
-  format = "cpu: %usage"
-  separator_block_width = 10
-}
-
-# Show system load during last 1/5/15 minutes.
-load {
-  format = "%1min %5min %15min"
-  separator_block_width = 25
-}
-
-# Show CPU temperature in degrees of celsius.
-cpu_temperature 0 {
-  format = "%degrees °C"
-  separator_block_width = 25
-}
-
-# Show date/time/timezone as "year-month-day hour:minute:second
-# timezone_numeric/timezone_alphabetic".
-time {
-  format = "%Y-%m-%d %H:%M:%S %z/%Z"
-  separator_block_width = 25
-}
-
-volume master {
-  format = "♪: %volume"
-  format_muted = "♪: muted (%volume)"
-  separator_block_width = 25
-}
diff --git a/bookworm/home_files/user/.emacs.d/init.el b/bookworm/home_files/user/.emacs.d/init.el
deleted file mode 100644 (file)
index 3868a75..0000000
+++ /dev/null
@@ -1,323 +0,0 @@
-;; general layout
-;; ==============
-
-;; need no stinkin emacs help screen as start up, and no menu bar
-(setq inhibit-startup-screen t)
-(menu-bar-mode -1)
-
-;; highlight cursor line, parentheses
-(global-hl-line-mode 1)
-(show-paren-mode 1)
-
-;; show line numbers, use separator space
-(global-linum-mode)
-(setq linum-format "%d ")
-
-;; count cursor column, row in mode line
-(setq column-number-mode t)
-
-;; settings to make GUI tolerable
-(if window-system
-  (progn
-    (add-to-list 'default-frame-alist '(foreground-color . "white"))
-    (add-to-list 'default-frame-alist '(background-color . "black"))
-    (set-face-attribute 'default nil :height 80)
-    (scroll-bar-mode -1)
-    (setq visible-bell t)
-    (setq linum-format "%d")))
-
-;; use as default browser what XDG offers
-(setq-default browse-url-browser-function 'browse-url-xdg-open)
-
-
-
-;; general keybindings
-;; ===================
-
-;; create and use a minimal global map using just the self-insert command
-;; bindings and a selection of some to me very common keystrokes
-(setq minimal-map (make-sparse-keymap))
-(substitute-key-definition 'self-insert-command 'self-insert-command
-                           minimal-map global-map)
-(use-global-map minimal-map)
-(global-set-key (kbd "DEL") 'backward-delete-char-untabify)
-(global-set-key (kbd "RET") 'newline)
-(global-set-key (kbd "TAB") 'indent-for-tab-command)
-(global-set-key (kbd "<up>") 'previous-line)
-(global-set-key (kbd "<down>") 'next-line)
-(global-set-key (kbd "<left>") 'left-char)
-(global-set-key (kbd "<right>") 'right-char)
-(global-set-key (kbd "<prior>") 'scroll-down-command)
-(global-set-key (kbd "<next>") 'scroll-up-command)
-(global-set-key (kbd "M-x") 'execute-extended-command)
-(global-set-key (kbd "C-g") 'keyboard-quit)
-;(global-set-key (kbd "<f3>") 'kmacro-start-macro-or-insert-counter)
-;(global-set-key (kbd "<f4>") 'kmacro-end-or-call-macro)
-;; note how to switch back to the original map: (use-global-map global-map)
-(setq shr-map (make-sparse-keymap))  ; got annoying in elfeed-show on URLs
-
-
-
-;; minibuffer
-;; ==========
-
-;; incremental minibuffer completion
-(icomplete-mode 1)
-
-
-
-;; text editing
-;; ============
-
-;; tabs are evil
-(setq-default indent-tabs-mode nil)
-(setq-default tab-width 4)
-(setq indent-line-function 'insert-tab)
-
-;; show trailing whitespace
-(setq-default show-trailing-whitespace 1)
-
-;; on save, ask whether to ensure text file's last line ends in a
-;; newline character
-(setq require-final-newline 1)
-
-;; use dedicated directory for version-controlled, endless backups;
-;; never delete old versions
-(setq make-backup-files t
-      backup-directory-alist `(("." . "~/.emacs_backups"))
-      backup-by-copying t
-      version-control t
-      delete-old-versions 1)  ;; neither t nor nil: never delete
-
-
-;; package management
-;; ==================
-
-;; where we get packages from
-(setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/")
-                         ("melpa-unstable" . "https://melpa.org/packages/")
-                         ("melpa-stable" . "https://stable.melpa.org/packages/")))
-
-;; ensure certain packages are installed (actually, we use Debian repos here)
-;; credit to <https://stackoverflow.com/a/10093312>
-;(setq package-list '(elfeed ledger-mode))
-;(package-initialize)
-;(dolist (package package-list)
-;  (unless (package-installed-p package)
-;    (package-install package)))
-
-
-
-;;; window management
-;;; =================
-;
-;;; track window configurations to allow window config undo
-;(winner-mode 1)
-
-
-
-;; mail setup
-;; ==========
-
-(setq send-mail-function 'smtpmail-send-it)
-(setq smtpmail-smtp-server "mail.plomlompom.com")
-(setq smtpmail-smtp-service 465)
-(setq smtpmail-stream-type 'ssl)
-(setq smtpmail-smtp-user "plom")
-(setq mml-secure-openpgp-encrypt-to-self t)
-(add-hook 'message-setup-hook 'mml-secure-sign-pgpmime)
-
-;(setq gnutls-log-level 0)
-
-;; if we don't set this, we get this warning:
-;;   gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange
-;;   has been lowered to 256 bits and this may allow decryption of the session data
-(setq gnutls-min-prime-bits 1024)
-
-;; there is a WEIRD bug somewhere in /network-stream-open-tls/ that disappears the
-;; stream process, seemingly unless the /message/ function is called at the right
-;; place (earliest in /nsm-verify-connection/ right before the "cond" there, latest
-;; in /network-stream-get-response/ right after "(goto-char start)"; this works
-;; unless /inhibit_message/ is set, indicating that writing to the *Messages*
-;; buffer is not relevant, but maybe writing to the echo area is); activing the
-;; gnutls logging is just a hack to achieve such calls to /message/ in the
-;; /network-stream-open-tls/ flow.
-(setq gnutls-log-level 1) ; miraculously makes smtpmail work
-
-;; constructs From: domain if mail composer directly called (from without
-;; notmuch), but we don't actually intend to do that
-;(setq mail-host-address "plomlompom.com")
-
-;; otherwise notmuch becomes extremely slow in some cases
-(setq-default notmuch-show-indent-content nil)
-
-;; this only works if we use notmuch-mua-send instead of message-send
-(setq notmuch-fcc-dirs '(("plom@plomlompom.com" . "maildir/Sent")))
-
-;; this gets rid of "i-did-not-set--mail-host-address--so-tickle-me"
-;; in the message ID
-(setq mail-host-address "plomlompom.com")
-
-;; notmuch saved searches
-(setq notmuch-saved-searches
-      '((:name "inbox" :query "tag:unread and folder:inbox")
-        (:name "all" :query "tag:unread not folder:maildir/Trash")
-        (:name "plomlompom.de" :query "tag:unread and folder:maildir/plomlompom.de")
-        (:name "nebenan" :query "tag:unread and folder:maildir/nebenan")
-        (:name "reflect-info" :query "tag:unread and folder:maildir/reflect-info")
-        (:name "gmail" :query "tag:unread and folder:maildir/gmail.com")
-        (:name "mutter" :query "tag:unread and folder:maildir/mutter")))
-
-
-
-;; org mode
-;; ========
-
-;; unsure why, but to re-set the key map, we not only have to explicitely do it
-;; only after org-mode loading, but also have to explicitely overwrite the
-;; C-c keybinding; TODO: investigate
-(with-eval-after-load 'org
-    (setq org-mode-map (make-sparse-keymap))
-    (define-key org-mode-map (kbd "C-c") nil)
-    (define-key org-mode-map (kbd "TAB") 'org-cycle)
-    (define-key org-mode-map (kbd "<backtab>") 'org-shifttab))
-
-;; don't truncate lines by default
-(setq org-startup-truncated nil)
-
-;; basic org-capture config
-(setq org-capture-templates
-      '(("x" "test" plain (file "~/org/notes.org") "%T: %?")))
-(add-hook 'org-capture-mode-hook 'evil-insert-state)
-
-;; agenda view on startup
-(load-library "find-lisp")
-(setq org-agenda-files (find-lisp-find-files "~/org" "\.org$"))
-(setq org-agenda-span 90)
-(setq org-agenda-use-time-grid nil)
-(add-hook 'emacs-startup-hook (lambda ()
-                                 (org-agenda-list)
-                                 (switch-to-buffer "*Org Agenda*")
-                                 (other-window 1)))
-
-;;; for calendar, use ISO date style
-;(setq calendar-date-style 'iso)
-;(setq diary-number-of-entries 7)
-;(diary)
-;(setq org-agenda-time-grid '((today require-timed remove-match)
-;                             #("----------------" 0 16 (org-heading t))
-;                             (0 200 400 600 800 1000 1200
-;                                1400 1600 1800 2000 2200)))
-
-;; empty org-agenda-mode keybindings
-(add-hook 'org-agenda-mode-hook
-          (lambda ()
-            (setq org-agenda-mode-map (make-sparse-keymap))))
-(add-hook 'org-agenda-mode-hook
-          (lambda ()
-            (use-local-map (make-sparse-keymap))))
-
-;; org-publish-all
-(setq org-publish-project-alist
-      '(
-        ("website"
-         :base-directory "~/org/web/"
-         :base-extension "org"
-         :publishing-directory "~/html/"
-         :recursive t
-         :publishing-function org-html-publish-to-html
-         :headline-levels 4             ; Just the default for this project.
-         :auto-preamble t
-          )))
-
-;; use [ki:] syntax to hide stuff from exports
-(defun classify-information (text backend info)
-  "Replaces '[ki:WHATEVER]' with '[klassifizierte Information]'."
-  (replace-regexp-in-string "\\[ki:[^\]]*\]" "[klassifizierte Information]" text))
-(add-hook 'org-export-filter-plain-text-functions 'classify-information)
-
-;; add HTML validator link to exports
-(setq org-html-validation-link "<a href=\"https://validator.w3.org/check?uri=referer\">Validate</a>")
-
-
-
-;;; Info mode
-;;; =========
-
-(setq Info-mode-map (make-sparse-keymap))
-(define-key Info-mode-map (kbd "RET") 'Info-follow-nearest-node)
-(define-key Info-mode-map (kbd "u") 'Info-up)
-(define-key Info-mode-map (kbd "TAB") 'Info-next-reference)
-(define-key Info-mode-map (kbd "<backtab>") 'Info-prev-reference)
-(define-key Info-mode-map (kbd "H") 'Info-history-back)
-(define-key Info-mode-map (kbd "L") 'Info-history-forward)
-(define-key Info-mode-map (kbd "I") 'Info-goto-node)
-(define-key Info-mode-map (kbd "i") 'Info-index)
-
-
-
-;; help mode
-;; =========
-
-(setq help-mode-map (make-sparse-keymap))
-(define-key help-mode-map (kbd "TAB") 'forward-button)
-(define-key help-mode-map (kbd "RET") 'help-follow)
-(define-key help-mode-map (kbd "<backtab>") 'backward-button)
-
-
-
-; ;; elfeed
-; ;; ======
-; 
-; (require 'elfeed)  ; needed so we can set the font faces
-; (set-face-background 'elfeed-search-title-face "magenta")
-; (set-face-background 'elfeed-search-unread-count-face "magenta")
-; (setq elfeed-feeds
-;       '("https://capsurvival.blogspot.com/feeds/posts/default"
-;         "https://jungle.world/rss.xml"
-;         "http://news.dieweltistgarnichtso.net/bin/index.xml"
-;         "https://taz.de/!s=&ExportStatus=Intern&SuchRahmen=Online;rss/"
-;         "http://www.tagesschau.de/xml/atom"))
-; (setq elfeed-search-mode-map (make-sparse-keymap))
-; (define-key elfeed-search-mode-map (kbd "RET") 'elfeed-search-show-entry)
-; (defun elfeed-search-mark-as-read() (interactive)
-;   (elfeed-search-untag-all 'unread))
-; (define-key elfeed-search-mode-map (kbd "r") 'elfeed-search-mark-as-read)
-; (define-key elfeed-search-mode-map (kbd "R") 'elfeed-search-tag-all-unread)
-; (define-key elfeed-search-mode-map (kbd "f") 'elfeed-search-live-filter)
-; (define-key elfeed-search-mode-map (kbd "u") 'elfeed-update)
-; (setq elfeed-show-mode-map (make-sparse-keymap))
-; (define-key elfeed-show-mode-map (kbd "u") 'elfeed)
-; (define-key elfeed-show-mode-map (kbd "TAB") 'shr-next-link)
-; (define-key elfeed-show-mode-map (kbd "<backtab>") 'shr-previous-link)
-; (define-key elfeed-show-mode-map (kbd "a") 'elfeed-show-prev)
-; (define-key elfeed-show-mode-map (kbd "d") 'elfeed-show-next)
-; (define-key elfeed-show-mode-map (kbd "y") 'shr-copy-url)
-; (define-key elfeed-show-mode-map (kbd "RET") 'shr-browse-url)
-; 
-; 
-; 
-; ;; eww
-; ;; ===
-; 
-; (setq eww-mode-map (make-sparse-keymap))
-; (define-key eww-mode-map (kbd "TAB") 'shr-next-link)
-; (define-key eww-mode-map (kbd "<backtab>") 'shr-previous-link)
-; (define-key eww-mode-map (kbd "H") 'eww-back-url)
-; (define-key eww-mode-map (kbd "L") 'eww-forward-url)
-
-
-
-;; ledger
-;; ======
-(setq ledger-mode-map (make-sparse-keymap))
-(define-key ledger-mode-map (kbd "TAB") 'completion-at-point)
-
-
-
-;;; plomvi mode
-;;; ===========
-
-(defvar plomvi-return-combo (kbd "C-c"))
-(load "~/public_repos/plomvi.el/plomvi.el")
-(plomvi-global-mode 1)
diff --git a/bookworm/home_files/user/.gitconfig b/bookworm/home_files/user/.gitconfig
deleted file mode 100644 (file)
index 8967d25..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-[user]
-       email = c.heller@plomlompom.de
-       name = Christian Heller
diff --git a/bookworm/home_files/user/.mbsyncrc b/bookworm/home_files/user/.mbsyncrc
deleted file mode 100644 (file)
index 59d01a9..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
-IMAPAccount plom
-# Address to connect to
-Host mail.plomlompom.com
-User plom
-# For some reason, mbsync doesn't accept a PassCmd output beyond 79 chars,
-# therefore the pw in ~/.authinfo should not be longer than that.
-PassCmd "cat ~/.authinfo | cut -d' ' -f8-"
-SSLType IMAPS
-AuthMechs LOGIN
-
-IMAPStore core-remote
-Account plom
-
-MaildirStore core-local
-# The trailing "/" is important
-Path ~/mail/maildir/
-Inbox ~/mail/inbox/
-
-Channel core
-Far :core-remote:
-Near :core-local:
-Patterns *
-# Automatically create missing mailboxes, both locally and on the server
-Create Both
-# Save the synchronization state files in the relevant directory
-SyncState *
-# If a mail is marked T ("Trashed") or deleted, remove it for real everywhere
-Expunge Both
diff --git a/bookworm/home_files/user/.notmuch-config b/bookworm/home_files/user/.notmuch-config
deleted file mode 100644 (file)
index 9532761..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-[database]
-path=/home/plom/mail
-[search]
-exclude_tags=deleted;spam;
-# the fields below set the From: if the mail composer is called from
-# within notmuch
-[user]
-name=Christian Heller
-primary_email=plom@plomlompom.com
diff --git a/bookworm/home_files/user/.shell_prompt_color b/bookworm/home_files/user/.shell_prompt_color
deleted file mode 100644 (file)
index 0cfbf08..0000000
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/bookworm/home_files/user/.tridactylrc b/bookworm/home_files/user/.tridactylrc
deleted file mode 100644 (file)
index 8da0831..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-# sanitize tridactyllocal tridactylsync
-# guiset tabs always 
-# guiset hoverlink left
-# guiset statuspanel right 
-autocmd DocStart www.reddit.com urlmodify -t www.reddit old.reddit
-# bind ö fillcmdline find
-# bind n findnext 1
-# bind N findnext -1
-bind j scrollline 3
-bind k scrollline -3
-set hintuppercase false
-set searchengine duckduckgo
-set theme midnight 
-set searchurls.wiktionary https://en.wiktionary.org/w/index.php?search=
-set searchurls.dictcc https://www.dict.cc/?s=
-set hintchars 123456qwertasdfgyxcvb
-guiset gui none
-escapehatch
diff --git a/bookworm/home_files/user/.xinitrc b/bookworm/home_files/user/.xinitrc
deleted file mode 100644 (file)
index e1cbd6a..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
-# X init configuration
-
-# Set keymap.
-setxkbmap de
-
-# Map CapsLock to Compose key.
-xmodmap -e "clear Lock"
-xmodmap -e "keycode 66 = Multi_key"
-
-# Load xterm settings
-xrdb -merge ~/.Xresources
-
-# Redshift to Berlin, Germany.
-redshift -rl 53:13 &
-
-sh .xinitrc_bonus
-
-# Launch window manager.
-i3
diff --git a/bookworm/home_files/user/mail_sync.sh b/bookworm/home_files/user/mail_sync.sh
deleted file mode 100755 (executable)
index ffe6b4a..0000000
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-set -e
-
-basedir="/home/plom/mail/maildir/"
-# Ensure directories exist for all "dir:*" tags.
-for tag in $(notmuch search --output=tags '*'); do
-    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
-        continue
-    fi
-    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
-    if [ ! -d "${target_dir}" ]; then
-        echo "Directory ${target_dir} does not exist."
-        exit 1
-    fi
-done
-
-# Ensure all "dir:*"-tagged mails are in proper directories,
-# remove all "dir:*" tags.
-for tag in $(notmuch search --output=tags '*'); do
-    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
-        continue
-    fi
-    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
-    for f in $(notmuch search --output=files tag:"${tag}"); do
-         new_name=$(basename "${f}" | sed -e 's/,U=[0-9]*//')
-         target_path="${target_dir}${new_name}"
-         if [ ! "${target_path}" = "${f}" ]; then
-             echo "Moving ${f} to ${target_path}."
-             mv "${f}" "${target_path}"
-            # NOTE: if we encounter an error here of ${f} not being findable, run "notmuch reindex tag:${tag}" to fix 
-         fi
-    done
-    notmuch tag -"${tag}" tag:"${tag}"
-done
-
-# Remove all "deleted"-tagged files from maildirs.
-notmuch search --output=files tag:deleted | while read f; do
-    echo "Deleting ${f}"
-    rm "${f}"
-done
-
-# Sync changes back to server and update notmuch index.
-mbsync -a
-notmuch new
diff --git a/bookworm/home_files/user/public_repos/repos b/bookworm/home_files/user/public_repos/repos
deleted file mode 100644 (file)
index 2414eec..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-# List of repos we want cloned in ~/public_repos
-config
-pingmail.git
-plomlombot-irc.git
-plomrogue
-plomrogue2-experiments
-plomvi.el
-misc
diff --git a/bookworm/home_files/w530/.config/i3/config_bonus b/bookworm/home_files/w530/.config/i3/config_bonus
deleted file mode 100644 (file)
index 50af63e..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-# put main workspaces on big monitor
-workspace 1 output LVDS-1
-workspace 2 output HDMI-1-0
-workspace 3 output HDMI-1-0
-workspace 4 output HDMI-1-0
-workspace 5 output HDMI-1-0
-workspace 6 output HDMI-1-0
-workspace 7 output HDMI-1-0
-workspace 8 output HDMI-1-0
-workspace 9 output HDMI-1-0
-workspace 10 output HDMI-1-0
-
-# default to big monitor's first workspace
-# exec "i3-msg 'workspace 1'"
diff --git a/bookworm/home_files/w530/.xinitrc_bonus b/bookworm/home_files/w530/.xinitrc_bonus
deleted file mode 100644 (file)
index b3a221f..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-# The extreme --pos disconnects the cursor movement spaces, so mouse stays inside selected screen.
-xrandr --output LVDS-1 --mode 1368x768 --output HDMI-1-0 --auto --pos 2000x2000
diff --git a/bookworm/setup_scripts/_setup.sh b/bookworm/setup_scripts/_setup.sh
deleted file mode 100755 (executable)
index 5f4bfda..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_n_args 2 "(hostname, FQDN)" "$@"
-hostname="$1"
-fqdn="$2"
-shift 2
-
-cd "${setup_scripts_dir}"
-
-# Adapt /etc/ to our needs by copying from ./etc_files. This will set
-# basic configurations affecting following steps, such as setup of APT
-# and the locale selection, so needs to be right at the beginning.
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" all "$@"
-
-# Set hostname and FQDN.
-./set_hostname_and_fqdn.sh "${hostname}" "${fqdn}"
-
-# Ensure package installation state as defined by what packages are
-# defined as required by Debian policy and by settings in ./apt-mark/.
-apt update
-./install_for_target.sh all "$@"
-./purge_nonrequireds.sh all "$@"
-
-# Ensure our desired locale is available.
-locale-gen
-
-# Only upgrade after reducing the system to the desired minimum, so that
-# we don't need to get more data than necessary.
-apt -y dist-upgrade
-
-# Set Berlin localtime.
-ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
diff --git a/bookworm/setup_scripts/copy_dirtree.sh b/bookworm/setup_scripts/copy_dirtree.sh
deleted file mode 100755 (executable)
index fbc3d9d..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-# Copy files in argument-selected subdirectories of $1 to subdirectories
-# of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2
-# of "" and $3 of "all", copy files below etc_files/all such as
-# etc_files/all/etc/foo/bar to equivalent locations below / such as
-# /etc/foo/bar. Create directories as necessary. Multiple arguments after
-# $3 are possible.
-#
-# CAUTION: This removes original files at the affected paths.
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_n_args 3 "(source root, target root, modules)" "$@"
-
-source_root="$1"
-target_root="$2"
-shift 2
-
-for target_module in "$@"; do
-    mkdir -p "${source_root}/${target_module}"
-    cd "${source_root}/${target_module}"
-    for path in $(find . -type f); do
-        target_path="${target_root}"$(echo "${path}" | cut -c2-)
-        source_path=$(realpath "${path}")
-        dir=$(dirname "${target_path}")
-        mkdir -p "${dir}"
-        cp "${source_path}" "${target_path}"
-    done
-done
diff --git a/bookworm/setup_scripts/init_user_and_keybased_login.sh b/bookworm/setup_scripts/init_user_and_keybased_login.sh
deleted file mode 120000 (symlink)
index f95539d..0000000
+++ /dev/null
@@ -1 +0,0 @@
-../../bullseye/setup_scripts/init_user_and_keybased_login.sh
\ No newline at end of file
diff --git a/bookworm/setup_scripts/init_user_login.sh b/bookworm/setup_scripts/init_user_login.sh
deleted file mode 120000 (symlink)
index 0b0497d..0000000
+++ /dev/null
@@ -1 +0,0 @@
-../../bullseye/setup_scripts/init_user_login.sh
\ No newline at end of file
diff --git a/bookworm/setup_scripts/install_for_target.sh b/bookworm/setup_scripts/install_for_target.sh
deleted file mode 100755 (executable)
index 6d04152..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-# Walks through the package names in the argument-selected files of
-# apt-mark/ and ensures the respective packages are installed.
-#
-# Ignores anything in an apt-mark/ file after the last newline.
-set -e
-. ./misc.sh
-
-for target in "$@"; do
-    path="${aptmark_dir}/${target}"
-    # TODO: continue if file at $path not found, to get rid of dummy files
-    cat "${path}" | while read line; do
-        echo "$line"
-        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-            DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=--force-confold install "${line}"
-        fi
-    done
-done
diff --git a/bookworm/setup_scripts/migrate_borg.sh b/bookworm/setup_scripts/migrate_borg.sh
deleted file mode 100755 (executable)
index b08cf2d..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_n_args 1 "(old server IP)" "$@"
-old_server="$1"
-cp "${setup_scripts_dir}/misc.sh" /home/plom/
-cp "${setup_scripts_dir}/prepare_to_meet_server.sh" /home/plom/
-chown plom:plom /home/plom/prepare_to_meet_server.sh
-su -lc "./prepare_to_meet_server.sh ${old_server}" plom
-read -p'Hit Enter when you are done.' ignore
-rm /home/plom/prepare_to_meet_server.sh
-cp "${setup_scripts_dir}/mirror_dir.sh" /home/plom/
-su -lc "./mirror_dir.sh ${old_server} /home/plom/borg" plom
-rm /home/plom/mirror_dir.sh
-rm /home/plom/misc.sh
diff --git a/bookworm/setup_scripts/mirror_dir.sh b/bookworm/setup_scripts/mirror_dir.sh
deleted file mode 100755 (executable)
index d650165..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/sh
-# Mirror directory tree from remote to local server, keeping the path.
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_n_args 2 "(server, directory)" "$@"
-server=$1
-dir=$2
-path_package=/tmp/delete.tar
-
-eval `ssh-agent`
-ssh-add
-cd
-ssh plom@"${server}" "cd \"${dir}\" && tar cf ${path_package} ."
-scp plom@"${server}":"${path_package}" "${path_package}"
-mkdir -p "${dir}"
-cd "${dir}"
-tar xf "${path_package}"
-cd
-rm "${path_package}"
-ssh plom@"${server}" rm "${path_package}"
diff --git a/bookworm/setup_scripts/misc.sh b/bookworm/setup_scripts/misc.sh
deleted file mode 100644 (file)
index 30f8e8c..0000000
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/sh
-set -e
-debian_version="bookworm"
-legal_system_names="x220 w530 h610m"
-config_tree_prefix="${HOME}/public_repos/config/${debian_version}"
-if [ ! -d "${config_tree_prefix}" ]; then
-    config_tree_prefix="${HOME}/config/${debian_version}"
-fi
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-aptmark_dir="${config_tree_prefix}/apt-mark"
-
-expect_setup_finished_file() {
-    filename="$1"
-    setup_script="$2"
-    if [ ! -f "${HOME}/${filename}" ]; then
-        echo "First need to run ${setup_script}."
-        false
-    fi
-}
-
-get_system_name_arg() {
-    found=0
-    for system_name_i in $legal_system_names; do
-        if [ "$1" = "$system_name_i" ]; then
-            found=1
-            system_name="${system_name_i}"
-            continue   
-        fi
-    done
-    if [ "$found" = 0 ]; then
-        echo "Need legal system name."
-        false
-    fi
-}
diff --git a/bookworm/setup_scripts/prepare_to_meet_server.sh b/bookworm/setup_scripts/prepare_to_meet_server.sh
deleted file mode 100755 (executable)
index 8e54ca5..0000000
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/sh
-# Do some of the steps necessary to SSH (key-based) with another server.
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_n_args 1 "(server IP)" "$@"
-target="$1"
-
-# We need a public key to copy over, so generate it if not found.
-if [ ! -f ~/.ssh/id_rsa.pub ]; then
-    ssh-keygen -N ""
-fi
-
-# Add target to ~/.ssh/known_hosts so we don't get
-# asked for permission at inopportune moments.
-ssh-keyscan -H "$target" >> ~/.ssh/known_hosts
-
-# Tell user what to do.
-echo "APPEND FOLLOWING TO TARGET'S ~/.ssh/authorized_keys:"
-cat ~/.ssh/id_rsa.pub
diff --git a/bookworm/setup_scripts/purge_nonrequireds.sh b/bookworm/setup_scripts/purge_nonrequireds.sh
deleted file mode 100755 (executable)
index 95f2897..0000000
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh
-# This script removes all Debian packages that are not of Priority
-# "required" or not depended on by packages of priority "required"
-# or not listed in the argument-selected files of apt-mark/.
-set -e
-. ./misc.sh
-
-# FIXME packages listed twice in the aptmark_dir get blacklisted?
-
-dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted
-for target in "$@"; do
-    path="${aptmark_dir}/${target}"
-    cat "${path}" | while read line; do
-        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-            echo "${line}" >> /tmp/list_white_unsorted
-        fi
-    done
-done
-sort /tmp/list_white_unsorted > /tmp/list_white
-dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages
-sort /tmp/list_all_packages > /tmp/foo
-mv /tmp/foo /tmp/list_all_packages
-comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black
-apt-mark auto `cat /tmp/list_black`
-DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
-rm /tmp/list_all_packages /tmp/list_white_unsorted /tmp/list_white /tmp/list_black
diff --git a/bookworm/setup_scripts/set_hostname_and_fqdn.sh b/bookworm/setup_scripts/set_hostname_and_fqdn.sh
deleted file mode 100755 (executable)
index 929d8bc..0000000
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-# Sets hostname and optionally FQDN.
-#
-# Calls hostname, writes to /etc/hostname and /etc/hosts. For /etc/hosts
-# writing follows recommendations from Debian manual at
-# <https://www.debian.org/doc/manuals/debian-reference/ch05.en.html>
-# (section "The hostname resolution") on how to map hostname and possibly
-# FQDN to a permanent IP if present (we assume here any non-private IP
-# and non-loopback IP returned by hostname -I to fulfill that criterion
-# on our systems) or to 127.0.1.1 if not. On the reasoning for separating
-# localhost and hostname mapping to different IPs, see
-# <https://unix.stackexchange.com/a/13087>.
-#
-# Ignores IPv6s.
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_n_args 1 "(hostname, fqdn)" "$@"
-
-hostname="$1"
-fqdn="$2"
-echo "${hostname}" > /etc/hostname
-hostname "${hostname}"
-
-final_ip="127.0.1.1"
-for ip in $(hostname -I); do
-    if [ $(echo "${ip}" | grep ':' | wc -l) -eq 1 ]; then
-        continue
-    fi
-    range_1=$(echo "${ip}" | cut -d "." -f 1)
-    range_2=$(echo "${ip}" | cut -d "." -f 2)
-    if [ "${range_1}" -eq 127 ]; then
-        continue
-    elif [ "${range_1}" -eq 10 ]; then
-        continue
-    elif [ "${range_1}" -eq 172 ]; then
-        if [ "${range_2}" -ge 16 ] && [ "${range_2}" -le 31 ]; then
-            continue
-        fi
-    elif [ "${range_1}" -eq 192 ]; then
-        if [ "${range_2}" -eq 168 ]; then
-            continue
-        fi
-    fi
-    final_ip="${ip}"
-done
-
-echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
-echo "${final_ip} ${fqdn} ${hostname}" >> /etc/hosts
diff --git a/bookworm/setup_scripts/setup_desktop.sh b/bookworm/setup_scripts/setup_desktop.sh
deleted file mode 100755 (executable)
index fe11b83..0000000
+++ /dev/null
@@ -1,56 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_n_args 1 "(system name)" "$@"
-get_system_name_arg "$1"
-
-# Set up system without user environment.
-cd "${setup_scripts_dir}"
-if [ "$system_name" = "w530" || "$system_name" = "x220"]; then
-    ./_setup.sh "${system_name}" "" user desktop thinkpad "${system_name}"
-else
-    ./_setup.sh "${system_name}" "" user desktop "${system_name}"
-fi
-
-# # Set up printer.
-# ppd_deb="hll2350dwpdrv-4.0.0-1.i386.deb"
-# wget "https://download.brother.com/welcome/dlf103566/${ppd_deb}"
-# dpkg --add-architecture i386
-# apt update
-# apt install -y "./${ppd_deb}"
-# service cups restart
-# # lpadmin -p 'Brother_HLL2350DW' -m 'brother-HLL2350DW-cups-en.ppd'
-# rm "./${ppd_deb}"
-# # TODO explore potential lpadmin options like -o 'OutputMode=NormalGray'
-
-# Set up NVIDIA eGPU config.
-if [ "$system_name" = "w530" ]; then
-    cd
-    git clone https://github.com/NVIDIA/open-gpu-kernel-modules
-    cd open-gpu-kernel-modules
-    git checkout 337e28e
-    # git checkout 4c29105335610933e744f4ab2524ea63fc39edaf
-    make modules -j$(nproc)
-    make modules_install
-    cd
-    driver_version=535.86.05
-    # driver_version=545.29.06
-    runscript=NVIDIA-Linux-x86_64-${driver_version}.run
-    wget https://us.download.nvidia.com/XFree86/Linux-x86_64/${driver_version}/${runscript}
-    rmmod nouveau
-    chmod u+x ${runscript} 
-    ./${runscript} --no-kernel-modules --silent
-    depmod
-    # TODO I suspect that the GPU falling of the bus may be mildened by running nvidia-persistenced, check https://github.com/NVIDIA/nvidia-persistenced/tree/main/init  
-fi
-
-# Set up user environments.
-cd "${setup_scripts_dir}"
-./copy_dirtree.sh "${config_tree_prefix}/home_files" "/root" minimal root
-adduser --disabled-password --gecos "" plom
-usermod -a -G sudo plom
-passwd plom
-cp -a ~/config /home/plom
-chown -R plom:plom /home/plom/config
diff --git a/bookworm/setup_scripts/setup_firefox.sh b/bookworm/setup_scripts/setup_firefox.sh
deleted file mode 100755 (executable)
index 5466b67..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-
-# Install Firefox directly from Mozilla.
-firefox_release="128.4.0esr"
-firefox_filename="firefox-${firefox_release}.tar.bz2"
-url_firefox="https://ftp.mozilla.org/pub/firefox/releases/${firefox_release}/linux-x86_64/en-US/${firefox_filename}"
-wget "${url_firefox}"
-mv "${firefox_filename}" /opt/
-cd /opt/
-tar xf "${firefox_filename}"
-rm "${firefox_filename}"
-ln -f -s /opt/firefox/firefox /usr/local/bin/
-update-alternatives --install /usr/bin/x-www-browser x-www-browser /opt/firefox/firefox 200
-update-alternatives --set x-www-browser /opt/firefox/firefox
-
-echo "TODO: Install uBlock Origin and tridactyl plugins, run :installnative and :source."
-
diff --git a/bookworm/setup_scripts/setup_home.sh b/bookworm/setup_scripts/setup_home.sh
deleted file mode 100755 (executable)
index 54f0db1..0000000
+++ /dev/null
@@ -1,109 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_n_args 1 "(system name)" "$@"
-get_system_name_arg "$1"
-
-cd $setup_scripts_dir
-./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}"
-
-secrets_dev="sdb"
-source_dir_secrets="/media/${secrets_dev}/to_usb"
-target_dir_secrets="${HOME}/tmp_secrets"
-echo "Put secrets drive into slot for /dev/${secrets_dev}."
-while [ ! -e /dev/"${secrets_dev}" ]; do
-    sleep 1
-done
-stty -echo
-printf "Secrets passphrase: "
-read SECRETS_PASS 
-stty echo
-echo "" # newline so user knows their input return was accepted
-sudo -v
-echo "${SECRETS_PASS}" | sudo pmount /dev/"${secrets_dev}"
-cp -a "${source_dir_secrets}" "${target_dir_secrets}"
-sudo chown -R plom:plom "${target_dir_secrets}"
-sudo pumount "${secrets_dev}"
-echo "You can remove /dev/${secrets_dev} now."
-
-# Set up iniitial non-public parts of infrastructure: SSH authentication.
-ssh_dir=~/.ssh
-cd "${target_dir_secrets}"
-mkdir -p "${ssh_dir}"
-echo "Setting up .ssh"
-cp id_rsa ~/.ssh
-stty -echo
-ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
-stty echo
-eval $(ssh-agent)
-ssh-add
-ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts
-
-# Fill ~/public_repos.
-public_repos_dir="${HOME}/public_repos"
-repos_list_file="${public_repos_dir}/repos"
-mkdir -p "${public_repos_dir}"
-cat "${repos_list_file}" | while read line; do
-    first_char=$(echo "${line}" | cut -c1)
-    if [ "${first_char}" = "#" ]; then
-        continue
-    fi
-    repo_name="${line}"
-    if [ ! -d "${public_repos_dir}/${repo_name}" ]; then
-        cd "${public_repos_dir}"
-        git clone plom@plomlompom.com:/var/repos/${repo_name}
-    fi
-done
-
-# Remove redundant config repo copy.
-config_tree_prefix="${public_repos_dir}/config/${debian_version}"
-rm -rf ~/config
-
-# # Set up native messenger for tridactyl.
-# version='ef9f02d0da258f68d7faf8898707f6d83d90d07a'
-# curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash
-
-# Set up further non-public parts of infrastructure.
-cd "${target_dir_secrets}"
-script -c 'gpg --import secret_keys.asc' /dev/null
-path_borgscript="${config_tree_prefix}//borg.sh"
-
-# borg setup
-borgkeys_dir=~/.config/borg/keys
-borgrepos_file=~/.borgrepos
-tar xf borg_keyfiles.tar
-mkdir -p "${borgkeys_dir}"
-mv borg_keyfiles/* "${borgkeys_dir}"
-# Sync org dir via borgbackup. For this we need the borgbackup servers
-# in our .ssh/known_hosts file.
-cat "${borgrepos_file}" | while read line; do
-    first_char=$(echo "${line}" | cut -c1)
-    if [ "${first_char}" = "#" ]; then
-        continue
-    fi
-    server=$(echo "${line}" | sed 's/.*@//')
-    ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts
-done
-BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull
-
-# .authinfo may not be present on every secrets drive yet
-authinfo_file=.authinfo
-if [ -f "${authinfo_file}" ]; then
-    cp "${authinfo_file}" ~
-fi
-cd
-
-maildir=~/mail/maildir
-# # Set up e-mail system. Note that we only do mbsync if the imap pass file
-# # is found. It may not be present on every secrets drive yet, so we have to
-# # deal with the possibility of it being absent at this point.
-mkdir -p "${maildir}"  # expected by mbsync/isync
-if [ -f "${HOME}/${authinfo_file}" ]; then
-    mbsync -a
-    notmuch new
-fi
-
-# # Final note on how to integrate tridactyl.
-# echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start."
diff --git a/bookworm/setup_scripts/setup_nvidia.sh b/bookworm/setup_scripts/setup_nvidia.sh
deleted file mode 100755 (executable)
index d05c8d1..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-
-# Set up NVIDIA eGPU config.
-cd
-# git clone https://github.com/NVIDIA/open-gpu-kernel-modules
-# cd open-gpu-kernel-modules
-# git checkout 337e28e
-# # git checkout 4c29105335610933e744f4ab2524ea63fc39edaf
-# make modules -j$(nproc)
-# make modules_install
-# cd
-driver_version=535.86.05
-# driver_version=545.29.06
-runscript=NVIDIA-Linux-x86_64-${driver_version}.run
-# wget https://us.download.nvidia.com/XFree86/Linux-x86_64/${driver_version}/${runscript}
-set +e
-rmmod nouveau
-set -e
-chmod u+x ${runscript} 
-./${runscript} --no-kernel-modules --silent
-depmod
-# TODO I suspect that the GPU falling of the bus may be mildened by running nvidia-persistenced, check https://github.com/NVIDIA/nvidia-persistenced/tree/main/init  
diff --git a/bookworm/setup_scripts/setup_seedbox.sh b/bookworm/setup_scripts/setup_seedbox.sh
deleted file mode 100755 (executable)
index f641011..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_setup_finished_file setup_server_has_been_run setup_server.sh
-
-plom_home_dir=/home/plom
-
-cd "${setup_scripts_dir}"
-cp "${config_tree_prefix}/home_files/seedbox/.rtorrent.rc" "${plom_home_dir}"
-chown plom:plom "${plom_home_dir}/.rtorrent.rc"
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" seedbox
-./install_for_target.sh seedbox
-mkdir "${plom_home_dir}/downloads"
-chown plom:plom "${plom_home_dir}/downloads"
-mkdir "${plom_home_dir}/session"
-chown plom:plom "${plom_home_dir}/session"
-systemctl enable rtorrent.service --now
diff --git a/bookworm/setup_scripts/setup_server.sh b/bookworm/setup_scripts/setup_server.sh
deleted file mode 100755 (executable)
index c854b95..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/sh
-# Next setup steps for a server whose login policy has just been set from
-# the outside via ./init_user_login.sh or ./init_user_and_keybased_login.sh
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_n_args 2 "(hostname, FQDN)" "$@"
-hostname="$1"
-fqdn="$2"
-additional_arg="$3"
-
-# Set up basic server system.
-cd "${setup_scripts_dir}"
-./_setup.sh "${hostname}" "${fqdn}" server "$@"
-
-# If we have not yet set the shell for user plom, ensure it here. This
-# is mostly for convenience.
-usermod -s /bin/bash plom
-
-# Enable firewall.
-systemctl enable nftables.service
-
-touch "$HOME/setup_server_has_been_run"
diff --git a/bookworm/setup_scripts/setup_static_website.sh b/bookworm/setup_scripts/setup_static_website.sh
deleted file mode 100755 (executable)
index bdfb7d3..0000000
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_setup_finished_file setup_web_has_been_run setup_web.sh
-
-expect_n_args 1 "(website template, i.e. status.plomlompom.com, tube.plomlompom.com …)" "$@"
-website_template="$1"
-shift 1
-
-mirror_ip=""
-mirror_state="not mirroring automatically, since no IP given"
-domain="${website_template}"
-mail="plom+webmaster@plomlompom.com"
-if [ "$#" -gt 0 ]; then
-    domain="$1"
-    if [ "$#" -gt 1 ]; then
-        mail="$2"
-       if [ "$#" -gt 2 ]; then
-           mirror_ip="$3"
-            mirror_state="mirroring automatically from ${mirror_ip}"
-        fi
-    fi
-fi
-echo "Assuming domain ${domain} and letsencrypt support mail address ${mail} and ${mirror_state}, abort and provide as arguments in this order if other desired! (Otherwise just hit Return.)"
-read _
-
-if [ ! -z "${mirror_ip}" ]; then
-    # Set up connection to old server.
-    cp "${setup_scripts_dir}/misc.sh" /home/plom/
-    cp "${setup_scripts_dir}/prepare_to_meet_server.sh" /home/plom/
-    chown plom:plom /home/plom/prepare_to_meet_server.sh
-    su -lc "./prepare_to_meet_server.sh ${mirror_ip}" plom
-    read -p 'Hit Enter when you are done.' ignore
-    rm /home/plom/prepare_to_meet_server.sh
-
-    # Mirror dirs.
-    cp "${setup_scripts_dir}/mirror_dir.sh" /home/plom/
-    su -lc "./mirror_dir.sh ${mirror_ip} /var/www/${website_template}" plom
-    rm /home/plom/mirror_dir.sh
-    rm /home/plom/misc.sh
-fi
-
-# Install configs, set up firewall.
-./install_for_target.sh "${website_template}" 
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" "${website_template}" 
-nft -f /etc/nftables.conf
-
-# Set up letsencrypt certificate. TODO: Is it auto-renewed?
-ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-rm /etc/nginx/sites-enabled/default
-
-# Prepare NGINX.
-sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" "/etc/nginx/sites-available/${website_template}.nginx"
-ln -s "/etc/nginx/sites-available/${website_template}.nginx" "/etc/nginx/sites-enabled/${website_template}.nginx"
-
-service nginx restart
-
diff --git a/bookworm/setup_scripts/setup_web.sh b/bookworm/setup_scripts/setup_web.sh
deleted file mode 100755 (executable)
index 4807e8a..0000000
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_setup_finished_file setup_server_has_been_run setup_server.sh
-
-expect_n_args 1 "(domain name)" "$@"
-domain="$1"
-
-# Install configs, set up firewall.
-./install_for_target.sh web
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web
-nft -f /etc/nftables.conf
-
-chown plom /var/www
-
-# # Set up letsencrypt certificate. TODO: Is it auto-renewed?
-# ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-# certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-# rm /etc/nginx/sites-enabled/default
-
-# # Prepare NGINX for status.plomlompom.com.
-# sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/status.plomlompom.com.nginx
-# ln -s /etc/nginx/sites-available/status.plomlompom.com.nginx /etc/nginx/sites-enabled/status.plomlompom.com.nginx
-# 
-# service nginx restart
-
-touch "$HOME/setup_web_has_been_run"
diff --git a/bookworm/setup_scripts/upgrade_from_older_release.sh b/bookworm/setup_scripts/upgrade_from_older_release.sh
deleted file mode 100755 (executable)
index c13b8ca..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/sh
-
-# Upgrade a fresh (!) system to Bookworm, as per [1]. Fresh, because: Don't
-# expect any customized config files to survive this. If you run this on a
-# remote machine, take care not to loose anything you need to re-connect, e.g.
-# any relevant adaptations you did to /etc/ssh/sshd_config …
-
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-path_sources_list="/etc/apt/sources.list"
-
-export DEBIAN_FRONTEND=noninteractive
-apt update
-apt -y -o Dpkg::Options::="--force-confnew" upgrade
-apt -y -o Dpkg::Options::="--force-confnew" full-upgrade
-cp "${config_tree_prefix}/etc_files/all${path_sources_list}" "${path_sources_list}"
-apt clean
-apt update
-apt -y -o Dpkg::Options::="--force-confnew" upgrade
-apt -y -o Dpkg::Options::="--force-confnew" full-upgrade
-apt -y autoremove
-cp "${local_path_sshd_config}" "${system_path_sshd_config}"
diff --git a/bullseye/apt-mark/all b/bullseye/apt-mark/all
deleted file mode 100644 (file)
index 4b760bc..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client
-# unpredictably so
-ifupdown
-isc-dhcp-client
-# git for the setup directory; cloning works with ca-certificates
-ca-certificates
-git
-# to avoid constant warnings about no locale being found
-locales
-# extremely useful for basic network debugging; missed these more than once in an emergency
-netcat
-iputils-ping
diff --git a/bullseye/apt-mark/desktop b/bullseye/apt-mark/desktop
deleted file mode 100644 (file)
index f537318..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-# so that grub learns about kernel updates
-grub-pc
diff --git a/bullseye/apt-mark/dumpsite b/bullseye/apt-mark/dumpsite
deleted file mode 100644 (file)
index a87852a..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-wget
-# for blog and zettel
-pandoc
-# for blog
-html2text
-uuid-runtime
-python3
-# for url_catcher daemon
-python3-venv
-build-essential
-python3-dev
-screen
-postfix
diff --git a/bullseye/apt-mark/microblogpub b/bullseye/apt-mark/microblogpub
deleted file mode 100644 (file)
index e2688e8..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-# to get python3.11 tgz
-wget
-build-essential
-zlib1g-dev
-libncurses5-dev
-libgdbm-dev
-libnss3-dev
-libssl-dev
-libreadline-dev
-libffi-dev
-libsqlite3-dev
-libbz2-dev
-# to set up poetry
-curl
diff --git a/bullseye/apt-mark/play b/bullseye/apt-mark/play
deleted file mode 100644 (file)
index 154f7e7..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-weechat
-screen
-gnupg
-dirmngr
diff --git a/bullseye/apt-mark/server b/bullseye/apt-mark/server
deleted file mode 100644 (file)
index 2ab22d2..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-# so we can login at all …
-openssh-server
-# firewalling
-nftables
-# We want to be able to use ALL our servers as borg backup destinations.
-borgbackup
diff --git a/bullseye/apt-mark/thinkpad b/bullseye/apt-mark/thinkpad
deleted file mode 100644 (file)
index 6a780f2..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-# for wifi
-firmware-iwlwifi
-# for tlp
-tlp
-tp-smapi-dkms
-linux-headers-amd64
-#
diff --git a/bullseye/apt-mark/user b/bullseye/apt-mark/user
deleted file mode 100644 (file)
index b35f7a8..0000000
+++ /dev/null
@@ -1,74 +0,0 @@
-# to avoid booting problems with encrypted LVM, see <https://askubuntu.com/a/1105848>
-cryptsetup-initramfs
-lvm2
-# this provides setupcon which reads /etc/default/console-setup
-console-setup
-# without this, systemd-logind won't run, and so not detect lid close for hibernation
-dbus
-# for X to start at all
-xserver-xorg-video-intel
-# X input: keyboard and touchpad
-xserver-xorg-input-evdev
-xserver-xorg-input-synaptics
-# for startx
-xinit
-# for xrdb
-x11-xserver-utils
-# for startx to run for non-root user
-libpam-systemd
-# window environment
-i3
-i3status
-suckless-tools
-xterm
-# to get sleepy at night
-redshift
-# for alsamixer
-alsa-utils
-# for xterm and browser unicode display
-ttf-unifont
-# also useful
-vim
-sudo
-less
-man-db
-manpages
-procps
-# firefox dependencies
-libdbus-glib-1-2
-libgtk-3-0
-# firefox installation dependencies (remove later?)
-curl
-python3
-bzip2
-wget
-jq
-unzip
-# to mount encrypted USB stick and use its contents
-pmount
-cryptsetup
-openssh-client
-# for syncing
-borgbackup
-# emacs
-emacs
-emacs-common-non-dfsg
-emacs-el
-elpa-ledger
-ledger
-elpa-elfeed
-# mail setup
-isync
-notmuch
-elpa-notmuch
-pinentry-gtk2
-# to mount Android phone
-go-mtpfs
-# to use HP Deskjet F380 scanner from GIMP
-sane-utils
-xsane
-# to use HP Deskjet F380 printer
-cups
-# for wifi
-network-manager
-#
diff --git a/bullseye/apt-mark/w530 b/bullseye/apt-mark/w530
deleted file mode 100644 (file)
index e69de29..0000000
diff --git a/bullseye/apt-mark/web b/bullseye/apt-mark/web
deleted file mode 100644 (file)
index 4912b8a..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-nginx-light
-# for SSL
-certbot
-python3-certbot-nginx
diff --git a/bullseye/apt-mark/website b/bullseye/apt-mark/website
deleted file mode 100644 (file)
index 7bdd77f..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-# for gitweb
-gitweb
-fcgiwrap
-# for plomlombot
-gnupg
-dirmngr
-python3-venv
-screen
-# for uwsgi
-build-essential
-python3-dev
diff --git a/bullseye/borg.sh b/bullseye/borg.sh
deleted file mode 100755 (executable)
index 0ff0c08..0000000
+++ /dev/null
@@ -1,147 +0,0 @@
-#!/bin/sh
-set -e
-
-standard_repo="borg"
-config_file="${HOME}/.borgrepos"
-
-usage() {
-    echo "Need operation as argument, one of:"
-    echo "init"
-    echo "store"
-    echo "check"
-    echo "export_keyfiles"
-    echo "orgpush"
-    echo "orgpull"
-    false
-}
-
-read_pw() {
-    if [ "${#SSH_AGENT_PID}" -eq 0 ]; then
-        eval $(ssh-agent)
-        echo "ssh-add"
-        stty -echo
-        ssh-add
-        stty echo
-    fi
-    if [ "${#BORG_PASSPHRASE}" -eq 0 ]; then
-        stty -echo
-        printf "Borg passphrase: "
-        read password
-        stty echo
-        printf "\n"
-        export BORG_PASSPHRASE="${password}"
-    fi
-}
-
-if [ ! -f "${config_file}" ]; then
-    echo '# file read ends at last newline' >> "${config_file}"
-fi
-if [ "$#" -lt 1 ]; then
-    usage
-fi
-first_arg="$1"
-shift
-if [ "${first_arg}" = "init" ]; then
-    if [ ! "$#" -eq 1 ]; then
-        echo "Need exactly one argument: target of form user@server"
-        false
-    fi
-    target="$1"
-    echo "Initializing: ${target}"
-    borg init --verbose --encryption=keyfile "${target}:${standard_repo}"
-    tmp_file="/tmp/new_borgrepos"
-    echo "${target}" > "${tmp_file}"
-    cat "${config_file}" >> "${tmp_file}"
-    cp "${tmp_file}" "${config_file}"
-elif [ "${first_arg}" = "store" ]; then
-    if [ ! "$#" -eq 2 ]; then
-        echo "Need precisely two arguments: archive name and path to archive."
-        false
-    fi
-    archive_name=$1
-    shift
-    to_backup="$@"
-    read_pw
-    cat "${config_file}" | while read line; do
-        first_char=$(echo "${line}" | cut -c1)
-        if [ "${first_char}" = "#" ]; then
-            continue
-        fi
-        repo="${line}:${standard_repo}"
-        archive="${repo}::${archive_name}-{utcnow:%Y-%m-%dT%H:%M}"
-        echo "Creating archive: ${archive}"
-        borg create --verbose --list "${archive}" "${to_backup}"
-    done
-elif [ "${first_arg}" = "check" ]; then
-    if [ ! "$#" -eq 0 ]; then
-        echo "Need no arguments"
-        false
-    fi
-    read_pw
-    cat "${config_file}" | while read line; do
-        first_char=$(echo "${line}" | cut -c1)
-        if [ "${first_char}" = "#" ]; then
-            continue
-        fi
-        repo="${line}:${standard_repo}"
-        echo "Checking repo: ${repo}"
-        borg check --verbose "${repo}"
-    done
-elif [ "${first_arg}" = "export_keyfiles" ]; then
-    if [ ! "$#" -eq 1 ]; then
-        echo "Need output tar file name."
-        false
-    fi
-    tar_target="${1}"
-    tmp_dir="${HOME}/.borgtmp"
-    keyfiles_dir="${tmp_dir}/borg_keyfiles"
-    mkdir -p "${keyfiles_dir}"
-    cat "${config_file}" | while read line; do
-        first_char=$(echo "${line}" | cut -c1)
-        if [ "${first_char}" = "#" ]; then
-            continue
-        fi
-        repo="${line}:${standard_repo}"
-        borg key export "${repo}" "${keyfiles_dir}/${line}"
-    done
-    cur_dir="$(pwd)"
-    cd "${tmp_dir}"
-    target=$(basename "${keyfiles_dir}")
-    tar cf "${tar_target}" "${target}"
-    mv "${tar_target}" "${cur_dir}"
-    cd
-    rm -rf "${tmp_dir}"
-elif [ "${first_arg}" = "orgpush" ]; then
-    archive_name="orgdir"
-    to_backup=~/org
-    read_pw
-    cat "${config_file}" | while read line; do
-        first_char=$(echo "${line}" | cut -c1)
-        if [ "${first_char}" = "#" ]; then
-            continue
-        fi
-        repo="${line}:${standard_repo}"
-        archive="${repo}::${archive_name}-{utcnow:%Y-%m-%dT%H:%M}"
-        echo "Creating archive: ${archive}"
-        borg create --verbose --list "${archive}" "${to_backup}" --exclude ~/org/.git
-    done
-elif [ "${first_arg}" = "orgpull" ]; then
-    echo "Doing ORGPULL, potentially overwriting important data. Hit Return to continue, last chance to abort!"
-    read _
-    archive_name="orgdir"
-    read_pw
-    cd /
-    cat "${config_file}" | while read line; do
-        first_char=$(echo "${line}" | cut -c1)
-        if [ "${first_char}" = "#" ]; then
-            continue
-        fi
-        repo="${line}:${standard_repo}"
-        archive=$(borg list "${repo}" | grep "${orgdir}" | tail -1 | cut -f1 -d' ')
-        echo "Pulling archive: ${archive}"
-        borg extract --verbose "${repo}::${archive}"
-        break
-    done
-else
-    usage
-fi
diff --git a/bullseye/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies b/bullseye/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies
deleted file mode 100644 (file)
index 4aaef79..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-APT::AutoRemove::RecommendsImportant "false";
-APT::AutoRemove::SuggestsImportant "false";
-APT::Install-Recommends "false";
-APT::Install-Suggests "false";
diff --git a/bullseye/etc_files/all/etc/apt/sources.list b/bullseye/etc_files/all/etc/apt/sources.list
deleted file mode 100644 (file)
index 55b1418..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-deb http://deb.debian.org/debian bullseye main contrib non-free
-deb http://security.debian.org/debian-security bullseye-security main contrib non-free
-deb http://deb.debian.org/debian bullseye-updates main contrib non-free
-deb http://ftp.debian.org/debian bullseye-backports main contrib non-free
diff --git a/bullseye/etc_files/all/etc/default/locale b/bullseye/etc_files/all/etc/default/locale
deleted file mode 100644 (file)
index dd6eee3..0000000
+++ /dev/null
@@ -1 +0,0 @@
-LANG="en_US.UTF-8"
diff --git a/bullseye/etc_files/all/etc/locale.gen b/bullseye/etc_files/all/etc/locale.gen
deleted file mode 100644 (file)
index a28cfa4..0000000
+++ /dev/null
@@ -1,483 +0,0 @@
-# This file lists locales that you wish to have built. You can find a list
-# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
-# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
-# this file, you need to rerun locale-gen.
-
-
-# aa_DJ ISO-8859-1
-# aa_DJ.UTF-8 UTF-8
-# aa_ER UTF-8
-# aa_ER@saaho UTF-8
-# aa_ET UTF-8
-# af_ZA ISO-8859-1
-# af_ZA.UTF-8 UTF-8
-# ak_GH UTF-8
-# am_ET UTF-8
-# an_ES ISO-8859-15
-# an_ES.UTF-8 UTF-8
-# anp_IN UTF-8
-# ar_AE ISO-8859-6
-# ar_AE.UTF-8 UTF-8
-# ar_BH ISO-8859-6
-# ar_BH.UTF-8 UTF-8
-# ar_DZ ISO-8859-6
-# ar_DZ.UTF-8 UTF-8
-# ar_EG ISO-8859-6
-# ar_EG.UTF-8 UTF-8
-# ar_IN UTF-8
-# ar_IQ ISO-8859-6
-# ar_IQ.UTF-8 UTF-8
-# ar_JO ISO-8859-6
-# ar_JO.UTF-8 UTF-8
-# ar_KW ISO-8859-6
-# ar_KW.UTF-8 UTF-8
-# ar_LB ISO-8859-6
-# ar_LB.UTF-8 UTF-8
-# ar_LY ISO-8859-6
-# ar_LY.UTF-8 UTF-8
-# ar_MA ISO-8859-6
-# ar_MA.UTF-8 UTF-8
-# ar_OM ISO-8859-6
-# ar_OM.UTF-8 UTF-8
-# ar_QA ISO-8859-6
-# ar_QA.UTF-8 UTF-8
-# ar_SA ISO-8859-6
-# ar_SA.UTF-8 UTF-8
-# ar_SD ISO-8859-6
-# ar_SD.UTF-8 UTF-8
-# ar_SS UTF-8
-# ar_SY ISO-8859-6
-# ar_SY.UTF-8 UTF-8
-# ar_TN ISO-8859-6
-# ar_TN.UTF-8 UTF-8
-# ar_YE ISO-8859-6
-# ar_YE.UTF-8 UTF-8
-# as_IN UTF-8
-# ast_ES ISO-8859-15
-# ast_ES.UTF-8 UTF-8
-# ayc_PE UTF-8
-# az_AZ UTF-8
-# be_BY CP1251
-# be_BY.UTF-8 UTF-8
-# be_BY@latin UTF-8
-# bem_ZM UTF-8
-# ber_DZ UTF-8
-# ber_MA UTF-8
-# bg_BG CP1251
-# bg_BG.UTF-8 UTF-8
-# bhb_IN.UTF-8 UTF-8
-# bho_IN UTF-8
-# bn_BD UTF-8
-# bn_IN UTF-8
-# bo_CN UTF-8
-# bo_IN UTF-8
-# br_FR ISO-8859-1
-# br_FR.UTF-8 UTF-8
-# br_FR@euro ISO-8859-15
-# brx_IN UTF-8
-# bs_BA ISO-8859-2
-# bs_BA.UTF-8 UTF-8
-# byn_ER UTF-8
-# ca_AD ISO-8859-15
-# ca_AD.UTF-8 UTF-8
-# ca_ES ISO-8859-1
-# ca_ES.UTF-8 UTF-8
-# ca_ES.UTF-8@valencia UTF-8
-# ca_ES@euro ISO-8859-15
-# ca_ES@valencia ISO-8859-15
-# ca_FR ISO-8859-15
-# ca_FR.UTF-8 UTF-8
-# ca_IT ISO-8859-15
-# ca_IT.UTF-8 UTF-8
-# ce_RU UTF-8
-# chr_US UTF-8
-# cmn_TW UTF-8
-# crh_UA UTF-8
-# cs_CZ ISO-8859-2
-# cs_CZ.UTF-8 UTF-8
-# csb_PL UTF-8
-# cv_RU UTF-8
-# cy_GB ISO-8859-14
-# cy_GB.UTF-8 UTF-8
-# da_DK ISO-8859-1
-# da_DK.UTF-8 UTF-8
-# de_AT ISO-8859-1
-# de_AT.UTF-8 UTF-8
-# de_AT@euro ISO-8859-15
-# de_BE ISO-8859-1
-# de_BE.UTF-8 UTF-8
-# de_BE@euro ISO-8859-15
-# de_CH ISO-8859-1
-# de_CH.UTF-8 UTF-8
-# de_DE ISO-8859-1
-# de_DE.UTF-8 UTF-8
-# de_DE@euro ISO-8859-15
-# de_IT ISO-8859-1
-# de_IT.UTF-8 UTF-8
-# de_LI.UTF-8 UTF-8
-# de_LU ISO-8859-1
-# de_LU.UTF-8 UTF-8
-# de_LU@euro ISO-8859-15
-# doi_IN UTF-8
-# dv_MV UTF-8
-# dz_BT UTF-8
-# el_CY ISO-8859-7
-# el_CY.UTF-8 UTF-8
-# el_GR ISO-8859-7
-# el_GR.UTF-8 UTF-8
-# en_AG UTF-8
-# en_AU ISO-8859-1
-# en_AU.UTF-8 UTF-8
-# en_BW ISO-8859-1
-# en_BW.UTF-8 UTF-8
-# en_CA ISO-8859-1
-# en_CA.UTF-8 UTF-8
-# en_DK ISO-8859-1
-# en_DK.ISO-8859-15 ISO-8859-15
-# en_DK.UTF-8 UTF-8
-# en_GB ISO-8859-1
-# en_GB.ISO-8859-15 ISO-8859-15
-# en_GB.UTF-8 UTF-8
-# en_HK ISO-8859-1
-# en_HK.UTF-8 UTF-8
-# en_IE ISO-8859-1
-# en_IE.UTF-8 UTF-8
-# en_IE@euro ISO-8859-15
-# en_IL UTF-8
-# en_IN UTF-8
-# en_NG UTF-8
-# en_NZ ISO-8859-1
-# en_NZ.UTF-8 UTF-8
-# en_PH ISO-8859-1
-# en_PH.UTF-8 UTF-8
-# en_SG ISO-8859-1
-# en_SG.UTF-8 UTF-8
-# en_US ISO-8859-1
-# en_US.ISO-8859-15 ISO-8859-15
-en_US.UTF-8 UTF-8
-# en_ZA ISO-8859-1
-# en_ZA.UTF-8 UTF-8
-# en_ZM UTF-8
-# en_ZW ISO-8859-1
-# en_ZW.UTF-8 UTF-8
-# eo UTF-8
-# es_AR ISO-8859-1
-# es_AR.UTF-8 UTF-8
-# es_BO ISO-8859-1
-# es_BO.UTF-8 UTF-8
-# es_CL ISO-8859-1
-# es_CL.UTF-8 UTF-8
-# es_CO ISO-8859-1
-# es_CO.UTF-8 UTF-8
-# es_CR ISO-8859-1
-# es_CR.UTF-8 UTF-8
-# es_CU UTF-8
-# es_DO ISO-8859-1
-# es_DO.UTF-8 UTF-8
-# es_EC ISO-8859-1
-# es_EC.UTF-8 UTF-8
-# es_ES ISO-8859-1
-# es_ES.UTF-8 UTF-8
-# es_ES@euro ISO-8859-15
-# es_GT ISO-8859-1
-# es_GT.UTF-8 UTF-8
-# es_HN ISO-8859-1
-# es_HN.UTF-8 UTF-8
-# es_MX ISO-8859-1
-# es_MX.UTF-8 UTF-8
-# es_NI ISO-8859-1
-# es_NI.UTF-8 UTF-8
-# es_PA ISO-8859-1
-# es_PA.UTF-8 UTF-8
-# es_PE ISO-8859-1
-# es_PE.UTF-8 UTF-8
-# es_PR ISO-8859-1
-# es_PR.UTF-8 UTF-8
-# es_PY ISO-8859-1
-# es_PY.UTF-8 UTF-8
-# es_SV ISO-8859-1
-# es_SV.UTF-8 UTF-8
-# es_US ISO-8859-1
-# es_US.UTF-8 UTF-8
-# es_UY ISO-8859-1
-# es_UY.UTF-8 UTF-8
-# es_VE ISO-8859-1
-# es_VE.UTF-8 UTF-8
-# et_EE ISO-8859-1
-# et_EE.ISO-8859-15 ISO-8859-15
-# et_EE.UTF-8 UTF-8
-# eu_ES ISO-8859-1
-# eu_ES.UTF-8 UTF-8
-# eu_ES@euro ISO-8859-15
-# eu_FR ISO-8859-1
-# eu_FR.UTF-8 UTF-8
-# eu_FR@euro ISO-8859-15
-# fa_IR UTF-8
-# ff_SN UTF-8
-# fi_FI ISO-8859-1
-# fi_FI.UTF-8 UTF-8
-# fi_FI@euro ISO-8859-15
-# fil_PH UTF-8
-# fo_FO ISO-8859-1
-# fo_FO.UTF-8 UTF-8
-# fr_BE ISO-8859-1
-# fr_BE.UTF-8 UTF-8
-# fr_BE@euro ISO-8859-15
-# fr_CA ISO-8859-1
-# fr_CA.UTF-8 UTF-8
-# fr_CH ISO-8859-1
-# fr_CH.UTF-8 UTF-8
-# fr_FR ISO-8859-1
-# fr_FR.UTF-8 UTF-8
-# fr_FR@euro ISO-8859-15
-# fr_LU ISO-8859-1
-# fr_LU.UTF-8 UTF-8
-# fr_LU@euro ISO-8859-15
-# fur_IT UTF-8
-# fy_DE UTF-8
-# fy_NL UTF-8
-# ga_IE ISO-8859-1
-# ga_IE.UTF-8 UTF-8
-# ga_IE@euro ISO-8859-15
-# gd_GB ISO-8859-15
-# gd_GB.UTF-8 UTF-8
-# gez_ER UTF-8
-# gez_ER@abegede UTF-8
-# gez_ET UTF-8
-# gez_ET@abegede UTF-8
-# gl_ES ISO-8859-1
-# gl_ES.UTF-8 UTF-8
-# gl_ES@euro ISO-8859-15
-# gu_IN UTF-8
-# gv_GB ISO-8859-1
-# gv_GB.UTF-8 UTF-8
-# ha_NG UTF-8
-# hak_TW UTF-8
-# he_IL ISO-8859-8
-# he_IL.UTF-8 UTF-8
-# hi_IN UTF-8
-# hne_IN UTF-8
-# hr_HR ISO-8859-2
-# hr_HR.UTF-8 UTF-8
-# hsb_DE ISO-8859-2
-# hsb_DE.UTF-8 UTF-8
-# ht_HT UTF-8
-# hu_HU ISO-8859-2
-# hu_HU.UTF-8 UTF-8
-# hy_AM UTF-8
-# hy_AM.ARMSCII-8 ARMSCII-8
-# ia_FR UTF-8
-# id_ID ISO-8859-1
-# id_ID.UTF-8 UTF-8
-# ig_NG UTF-8
-# ik_CA UTF-8
-# is_IS ISO-8859-1
-# is_IS.UTF-8 UTF-8
-# it_CH ISO-8859-1
-# it_CH.UTF-8 UTF-8
-# it_IT ISO-8859-1
-# it_IT.UTF-8 UTF-8
-# it_IT@euro ISO-8859-15
-# iu_CA UTF-8
-# ja_JP.EUC-JP EUC-JP
-# ja_JP.UTF-8 UTF-8
-# ka_GE GEORGIAN-PS
-# ka_GE.UTF-8 UTF-8
-# kk_KZ PT154
-# kk_KZ.RK1048 RK1048
-# kk_KZ.UTF-8 UTF-8
-# kl_GL ISO-8859-1
-# kl_GL.UTF-8 UTF-8
-# km_KH UTF-8
-# kn_IN UTF-8
-# ko_KR.EUC-KR EUC-KR
-# ko_KR.UTF-8 UTF-8
-# kok_IN UTF-8
-# ks_IN UTF-8
-# ks_IN@devanagari UTF-8
-# ku_TR ISO-8859-9
-# ku_TR.UTF-8 UTF-8
-# kw_GB ISO-8859-1
-# kw_GB.UTF-8 UTF-8
-# ky_KG UTF-8
-# lb_LU UTF-8
-# lg_UG ISO-8859-10
-# lg_UG.UTF-8 UTF-8
-# li_BE UTF-8
-# li_NL UTF-8
-# lij_IT UTF-8
-# ln_CD UTF-8
-# lo_LA UTF-8
-# lt_LT ISO-8859-13
-# lt_LT.UTF-8 UTF-8
-# lv_LV ISO-8859-13
-# lv_LV.UTF-8 UTF-8
-# lzh_TW UTF-8
-# mag_IN UTF-8
-# mai_IN UTF-8
-# mg_MG ISO-8859-15
-# mg_MG.UTF-8 UTF-8
-# mhr_RU UTF-8
-# mi_NZ ISO-8859-13
-# mi_NZ.UTF-8 UTF-8
-# mk_MK ISO-8859-5
-# mk_MK.UTF-8 UTF-8
-# ml_IN UTF-8
-# mn_MN UTF-8
-# mni_IN UTF-8
-# mr_IN UTF-8
-# ms_MY ISO-8859-1
-# ms_MY.UTF-8 UTF-8
-# mt_MT ISO-8859-3
-# mt_MT.UTF-8 UTF-8
-# my_MM UTF-8
-# nan_TW UTF-8
-# nan_TW@latin UTF-8
-# nb_NO ISO-8859-1
-# nb_NO.UTF-8 UTF-8
-# nds_DE UTF-8
-# nds_NL UTF-8
-# ne_NP UTF-8
-# nhn_MX UTF-8
-# niu_NU UTF-8
-# niu_NZ UTF-8
-# nl_AW UTF-8
-# nl_BE ISO-8859-1
-# nl_BE.UTF-8 UTF-8
-# nl_BE@euro ISO-8859-15
-# nl_NL ISO-8859-1
-# nl_NL.UTF-8 UTF-8
-# nl_NL@euro ISO-8859-15
-# nn_NO ISO-8859-1
-# nn_NO.UTF-8 UTF-8
-# nr_ZA UTF-8
-# nso_ZA UTF-8
-# oc_FR ISO-8859-1
-# oc_FR.UTF-8 UTF-8
-# om_ET UTF-8
-# om_KE ISO-8859-1
-# om_KE.UTF-8 UTF-8
-# or_IN UTF-8
-# os_RU UTF-8
-# pa_IN UTF-8
-# pa_PK UTF-8
-# pap_AW UTF-8
-# pap_CW UTF-8
-# pl_PL ISO-8859-2
-# pl_PL.UTF-8 UTF-8
-# ps_AF UTF-8
-# pt_BR ISO-8859-1
-# pt_BR.UTF-8 UTF-8
-# pt_PT ISO-8859-1
-# pt_PT.UTF-8 UTF-8
-# pt_PT@euro ISO-8859-15
-# quz_PE UTF-8
-# raj_IN UTF-8
-# ro_RO ISO-8859-2
-# ro_RO.UTF-8 UTF-8
-# ru_RU ISO-8859-5
-# ru_RU.CP1251 CP1251
-# ru_RU.KOI8-R KOI8-R
-# ru_RU.UTF-8 UTF-8
-# ru_UA KOI8-U
-# ru_UA.UTF-8 UTF-8
-# rw_RW UTF-8
-# sa_IN UTF-8
-# sat_IN UTF-8
-# sc_IT UTF-8
-# sd_IN UTF-8
-# sd_IN@devanagari UTF-8
-# se_NO UTF-8
-# sgs_LT UTF-8
-# shs_CA UTF-8
-# si_LK UTF-8
-# sid_ET UTF-8
-# sk_SK ISO-8859-2
-# sk_SK.UTF-8 UTF-8
-# sl_SI ISO-8859-2
-# sl_SI.UTF-8 UTF-8
-# so_DJ ISO-8859-1
-# so_DJ.UTF-8 UTF-8
-# so_ET UTF-8
-# so_KE ISO-8859-1
-# so_KE.UTF-8 UTF-8
-# so_SO ISO-8859-1
-# so_SO.UTF-8 UTF-8
-# sq_AL ISO-8859-1
-# sq_AL.UTF-8 UTF-8
-# sq_MK UTF-8
-# sr_ME UTF-8
-# sr_RS UTF-8
-# sr_RS@latin UTF-8
-# ss_ZA UTF-8
-# st_ZA ISO-8859-1
-# st_ZA.UTF-8 UTF-8
-# sv_FI ISO-8859-1
-# sv_FI.UTF-8 UTF-8
-# sv_FI@euro ISO-8859-15
-# sv_SE ISO-8859-1
-# sv_SE.ISO-8859-15 ISO-8859-15
-# sv_SE.UTF-8 UTF-8
-# sw_KE UTF-8
-# sw_TZ UTF-8
-# szl_PL UTF-8
-# ta_IN UTF-8
-# ta_LK UTF-8
-# tcy_IN.UTF-8 UTF-8
-# te_IN UTF-8
-# tg_TJ KOI8-T
-# tg_TJ.UTF-8 UTF-8
-# th_TH TIS-620
-# th_TH.UTF-8 UTF-8
-# the_NP UTF-8
-# ti_ER UTF-8
-# ti_ET UTF-8
-# tig_ER UTF-8
-# tk_TM UTF-8
-# tl_PH ISO-8859-1
-# tl_PH.UTF-8 UTF-8
-# tn_ZA UTF-8
-# tr_CY ISO-8859-9
-# tr_CY.UTF-8 UTF-8
-# tr_TR ISO-8859-9
-# tr_TR.UTF-8 UTF-8
-# ts_ZA UTF-8
-# tt_RU UTF-8
-# tt_RU@iqtelif UTF-8
-# ug_CN UTF-8
-# uk_UA KOI8-U
-# uk_UA.UTF-8 UTF-8
-# unm_US UTF-8
-# ur_IN UTF-8
-# ur_PK UTF-8
-# uz_UZ ISO-8859-1
-# uz_UZ.UTF-8 UTF-8
-# uz_UZ@cyrillic UTF-8
-# ve_ZA UTF-8
-# vi_VN UTF-8
-# wa_BE ISO-8859-1
-# wa_BE.UTF-8 UTF-8
-# wa_BE@euro ISO-8859-15
-# wae_CH UTF-8
-# wal_ET UTF-8
-# wo_SN UTF-8
-# xh_ZA ISO-8859-1
-# xh_ZA.UTF-8 UTF-8
-# yi_US CP1255
-# yi_US.UTF-8 UTF-8
-# yo_NG UTF-8
-# yue_HK UTF-8
-# zh_CN GB2312
-# zh_CN.GB18030 GB18030
-# zh_CN.GBK GBK
-# zh_CN.UTF-8 UTF-8
-# zh_HK BIG5-HKSCS
-# zh_HK.UTF-8 UTF-8
-# zh_SG GB2312
-# zh_SG.GBK GBK
-# zh_SG.UTF-8 UTF-8
-# zh_TW BIG5
-# zh_TW.EUC-TW EUC-TW
-# zh_TW.UTF-8 UTF-8
-# zu_ZA ISO-8859-1
-# zu_ZA.UTF-8 UTF-8
diff --git a/bullseye/etc_files/all/etc/timezone b/bullseye/etc_files/all/etc/timezone
deleted file mode 100644 (file)
index 94d5acc..0000000
+++ /dev/null
@@ -1 +0,0 @@
-Europe/Berlin
diff --git a/bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.service b/bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.service
deleted file mode 100644 (file)
index 6566a1a..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Scheduled Reboot
-
-[Service]
-Type=simple
-ExecStart=/usr/bin/systemctl --force reboot
diff --git a/bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.timer b/bullseye/etc_files/daily_reboot/etc/systemd/system/reboot.timer
deleted file mode 100644 (file)
index 741ff05..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-[Unit]
-Description=schedule reboot
-
-[Timer]
-Unit=reboot.service
-OnCalendar=*-*-* 7:00:00
-
-[Install]
-WantedBy=timers.target
diff --git a/bullseye/etc_files/dumpsite/etc/nginx/sites-available/dumpsite.nginx b/bullseye/etc_files/dumpsite/etc/nginx/sites-available/dumpsite.nginx
deleted file mode 100644 (file)
index 9b57587..0000000
+++ /dev/null
@@ -1,29 +0,0 @@
-server {
-    listen 443 ssl;
-    server_name REPLACE_fqdn_ECALPER;
-    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
-    root /var/www-dump/;
-
-    location /dump/ {
-        autoindex on;
-       # add_header "Access-Control-Allow-Origin" *;
-    }
-
-    location /geheim/ {
-        auth_basic "geheim geheim";
-        auth_basic_user_file /var/www-dump/password_geheim;
-        autoindex on;
-    }
-
-    location /zettel/ {
-        # rewrite non-suffixed filenames to .html ones
-        rewrite ^(/zettel/(.*/)*[^./]+)$ $1.html;
-        autoindex on;
-    }
-
-    location /uwsgi/ {
-        include uwsgi_params;
-        uwsgi_pass 127.0.0.1:3031;
-    }
-}
diff --git a/bullseye/etc_files/dumpsite/etc/systemd/system/url_catcher.service b/bullseye/etc_files/dumpsite/etc/systemd/system/url_catcher.service
deleted file mode 100644 (file)
index 45d079c..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-[Unit]
-Description=url_catcher screen
-
-[Service]
-Type=forking
-User=plom
-# The LC_ALL fixes submission failing on some articles.
-ExecStart=/bin/sh -c 'LC_ALL=en_US.UTF8 cd ~/url-catcher && screen -d -m ./run.sh'
-Restart=always
-
-[Install]
-WantedBy=multi-user.target
diff --git a/bullseye/etc_files/microblogpub/etc/apt/sources.list b/bullseye/etc_files/microblogpub/etc/apt/sources.list
deleted file mode 100644 (file)
index 1e7fd2e..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-deb http://deb.debian.org/debian bullseye main contrib non-free
-deb-src http://deb.debian.org/debian bullseye main contrib non-free
-deb http://security.debian.org/debian-security bullseye-security main contrib non-free
-deb http://deb.debian.org/debian bullseye-updates main contrib non-free
-deb http://ftp.debian.org/debian bullseye-backports main contrib non-free
diff --git a/bullseye/etc_files/microblogpub/etc/nginx/sites-available/microblogpub.nginx b/bullseye/etc_files/microblogpub/etc/nginx/sites-available/microblogpub.nginx
deleted file mode 100644 (file)
index 6dfe4f1..0000000
+++ /dev/null
@@ -1,60 +0,0 @@
-server {
-    listen 443 ssl;
-    client_max_body_size 4G;
-    server_name REPLACE_fqdn_ECALPER;
-    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
-
-    # via <https://www.digitalocean.com/community/tutorials/how-to-improve-website-performance-using-gzip-and-nginx-on-ubuntu-20-04>
-    # and https://docs.microblog.pub/installing.html#nginx-config-tips
-    gzip on;
-    gzip_disable "msie6";
-    gzip_vary on;
-    gzip_proxied any;
-    gzip_comp_level 6;
-    gzip_buffers 16 8k;
-    gzip_http_version 1.1;
-    gzip_min_length 256;
-    gzip_types
-      application/atom+xml
-      application/geo+json
-      application/javascript
-      application/x-javascript
-      application/json
-      application/ld+json
-      application/manifest+json
-      application/rdf+xml
-      application/rss+xml
-      application/xhtml+xml
-      application/xml
-      font/eot
-      font/otf
-      font/ttf
-      image/svg+xml
-      text/css
-      text/javascript
-      text/plain
-      text/xml
-
-      text/html
-
-      application/javascript
-      application/activity+json
-      application/octet-stream;
-
-    location / {
-      proxy_set_header Host $http_host;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-      proxy_set_header X-Forwarded-Proto $scheme;
-      proxy_set_header Upgrade $http_upgrade;
-      proxy_set_header Connection $connection_upgrade;
-      proxy_redirect off;
-      proxy_buffering off;
-      proxy_pass http://localhost:8000;
-    }
-}
-
-map $http_upgrade $connection_upgrade {
-  default upgrade;
-  '' close;
-}
diff --git a/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub.service b/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub.service
deleted file mode 100644 (file)
index 966e58c..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-[Unit]
-Description=microblog.pub
-
-[Service]
-Type=simple
-User=plom
-WorkingDirectory=/home/plom/testing.microblog.pub/
-ExecStart=/bin/sh -c '/home/plom/.local/bin/poetry run supervisord -c misc/supervisord.conf -n'
-Environment=VENV_DIR=/home/plom/.cache/pypoetry/virtualenvs/REPLACE_venv_dir_ECALPER
-Restart=always
-
-[Install]
-WantedBy=multi-user.target
diff --git a/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.service b/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.service
deleted file mode 100644 (file)
index 9004cc5..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-[Unit]
-Description=microblog.pub pruning
-
-[Service]
-Type=simple
-ExecStart=/bin/sh -c '.prune.sh'
-
-[Install]
-WantedBy=multi-user.target
diff --git a/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.timer b/bullseye/etc_files/microblogpub/etc/systemd/system/microblogpub_prune.timer
deleted file mode 100644 (file)
index 918a0c1..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-[Unit]
-Description=schedule microblog.pub pruning 
-
-[Timer]
-Unit=microblogpub_prune.service
-OnCalendar=*-*-* 7:00:00
-
-[Install]
-WantedBy=timers.target
diff --git a/bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.service b/bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.service
deleted file mode 100644 (file)
index bc81613..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Attempt encryption of old chat logs
-[Service]
-Type=oneshot
-User=plom
-ExecStart=/bin/sh -c '~/weechatlogs_encrypter.sh'
diff --git a/bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer b/bullseye/etc_files/play/etc/systemd/system/encrypt_chatlogs.timer
deleted file mode 100644 (file)
index 79a6e1e..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=Attempt encryption of old chatlogs once every minute.
-
-[Timer]
-OnCalendar=*-*-* *:*:00
-
-[Install]
-WantedBy=timers.target
\ No newline at end of file
diff --git a/bullseye/etc_files/server/etc/ssh/sshd_config b/bullseye/etc_files/server/etc/ssh/sshd_config
deleted file mode 100644 (file)
index 811e93a..0000000
+++ /dev/null
@@ -1,124 +0,0 @@
-#      $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
-
-# This is the sshd server system-wide configuration file.  See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented.  Uncommented options override the
-# default value.
-
-Include /etc/ssh/sshd_config.d/*.conf
-
-#Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-PermitRootLogin no  # plomlompom's security rule 
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#PubkeyAuthentication yes
-
-# Expect .ssh/authorized_keys2 to be disregarded by default in future.
-#AuthorizedKeysFile    .ssh/authorized_keys .ssh/authorized_keys2
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-PasswordAuthentication no
-#PermitEmptyPasswords no
-
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-ChallengeResponseAuthentication no
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-#GSSAPIStrictAcceptorCheck yes
-#GSSAPIKeyExchange no
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
-# PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin without-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-X11Forwarding yes
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-PrintMotd no
-#PrintLastLog yes
-#TCPKeepAlive yes
-#PermitUserEnvironment no
-#Compression delayed
-#ClientAliveInterval 0
-#ClientAliveCountMax 3
-#UseDNS no
-#PidFile /var/run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
-
-# override default of no subsystems
-Subsystem      sftp    /usr/lib/openssh/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-#      X11Forwarding no
-#      AllowTcpForwarding no
-#      PermitTTY no
-#      ForceCommand cvs server
-ClientAliveInterval 15
diff --git a/bullseye/etc_files/thinkpad/etc/default/tlp b/bullseye/etc_files/thinkpad/etc/default/tlp
deleted file mode 100644 (file)
index b73846b..0000000
+++ /dev/null
@@ -1,306 +0,0 @@
-# ------------------------------------------------------------------------------
-# tlp - Parameters for power saving
-# See full explanation: http://linrunner.de/en/tlp/docs/tlp-configuration.html
-
-# Hint: some features are disabled by default, remove the leading # to enable
-# them.
-
-# Set to 0 to disable, 1 to enable TLP.
-TLP_ENABLE=1
-
-# Operation mode when no power supply can be detected: AC, BAT.
-# Concerns some desktop and embedded hardware only.
-TLP_DEFAULT_MODE=AC
-
-# Operation mode select: 0=depend on power source, 1=always use TLP_DEFAULT_MODE
-# Hint: use in conjunction with TLP_DEFAULT_MODE=BAT for BAT settings on AC.
-TLP_PERSISTENT_DEFAULT=0
-
-# Seconds laptop mode has to wait after the disk goes idle before doing a sync.
-# Non-zero value enables, zero disables laptop mode.
-DISK_IDLE_SECS_ON_AC=0
-DISK_IDLE_SECS_ON_BAT=2
-
-# Dirty page values (timeouts in secs).
-MAX_LOST_WORK_SECS_ON_AC=15
-MAX_LOST_WORK_SECS_ON_BAT=60
-
-# Hint: CPU parameters below are disabled by default, remove the leading #
-# to enable them, otherwise kernel default values are used.
-
-# Select a CPU frequency scaling governor.
-# Intel Core i processor with intel_pstate driver:
-#   powersave(*), performance.
-# Older hardware with acpi-cpufreq driver:
-#   ondemand(*), powersave, performance, conservative, schedutil.
-# (*) is recommended.
-# Hint: use tlp-stat -p to show the active driver and available governors.
-# Important:
-#   powersave for intel_pstate and ondemand for acpi-cpufreq are power
-#   efficient for *almost all* workloads and therefore kernel and most
-#   distributions have chosen them as defaults. If you still want to change,
-#   you should know what you're doing! You *must* disable your distribution's
-#   governor settings or conflicts will occur.
-#CPU_SCALING_GOVERNOR_ON_AC=powersave
-#CPU_SCALING_GOVERNOR_ON_BAT=powersave
-
-# Set the min/max frequency available for the scaling governor.
-# Possible values strongly depend on your CPU. For available frequencies see
-# the output of tlp-stat -p.
-#CPU_SCALING_MIN_FREQ_ON_AC=0
-#CPU_SCALING_MAX_FREQ_ON_AC=0
-#CPU_SCALING_MIN_FREQ_ON_BAT=0
-#CPU_SCALING_MAX_FREQ_ON_BAT=0
-
-# Set energy performance hints (HWP) for Intel P-state governor:
-#   performance, balance_performance, default, balance_power, power
-# Values are given in order of increasing power saving.
-# Note: Intel Skylake or newer CPU and Kernel >= 4.10 required.
-CPU_HWP_ON_AC=balance_performance
-CPU_HWP_ON_BAT=balance_power
-
-# Set Intel P-state performance: 0..100 (%).
-# Limit the max/min P-state to control the power dissipation of the CPU.
-# Values are stated as a percentage of the available performance.
-# Requires an Intel Core i processor with intel_pstate driver.
-#CPU_MIN_PERF_ON_AC=0
-#CPU_MAX_PERF_ON_AC=100
-#CPU_MIN_PERF_ON_BAT=0
-#CPU_MAX_PERF_ON_BAT=30
-
-# Set the CPU "turbo boost" feature: 0=disable, 1=allow
-# Requires an Intel Core i processor.
-# Important:
-# - This may conflict with your distribution's governor settings
-# - A value of 1 does *not* activate boosting, it just allows it
-#CPU_BOOST_ON_AC=1
-#CPU_BOOST_ON_BAT=0
-
-# Minimize number of used CPU cores/hyper-threads under light load conditions:
-#   0=disable, 1=enable.
-SCHED_POWERSAVE_ON_AC=0
-SCHED_POWERSAVE_ON_BAT=1
-
-# Kernel NMI Watchdog:
-#   0=disable (default, saves power), 1=enable (for kernel debugging only).
-NMI_WATCHDOG=0
-
-# Change CPU voltages aka "undervolting" - Kernel with PHC patch required.
-# Frequency voltage pairs are written to:
-#   /sys/devices/system/cpu/cpu0/cpufreq/phc_controls
-# CAUTION: only use this, if you thoroughly understand what you are doing!
-#PHC_CONTROLS="F:V F:V F:V F:V"
-
-# Set CPU performance versus energy savings policy:
-#   performance, balance-performance, default, balance-power, power.
-# Values are given in order of increasing power saving.
-# Requires kernel module msr and x86_energy_perf_policy from linux-tools.
-ENERGY_PERF_POLICY_ON_AC=performance
-ENERGY_PERF_POLICY_ON_BAT=power
-
-# Disk devices; separate multiple devices with spaces (default: sda).
-# Devices can be specified by disk ID also (lookup with: tlp diskid).
-DISK_DEVICES="sda sdb"
-
-# Disk advanced power management level: 1..254, 255 (max saving, min, off).
-# Levels 1..127 may spin down the disk; 255 allowable on most drives.
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the hardware default for the particular disk.
-DISK_APM_LEVEL_ON_AC="254 254"
-DISK_APM_LEVEL_ON_BAT="128 128"
-
-# Hard disk spin down timeout:
-#   0:        spin down disabled
-#   1..240:   timeouts from 5s to 20min (in units of 5s)
-#   241..251: timeouts from 30min to 5.5 hours (in units of 30min)
-# See 'man hdparm' for details.
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the hardware default for the particular disk.
-#DISK_SPINDOWN_TIMEOUT_ON_AC="0 0"
-#DISK_SPINDOWN_TIMEOUT_ON_BAT="0 0"
-
-# Select IO scheduler for the disk devices: cfq, deadline, noop (Default: cfq).
-# Separate values for multiple disks with spaces. Use the special value 'keep'
-# to keep the kernel default scheduler for the particular disk.
-#DISK_IOSCHED="cfq cfq"
-
-# AHCI link power management (ALPM) for disk devices:
-#   min_power, med_power_with_dipm(*), medium_power, max_performance.
-# (*) Kernel >= 4.15 required, then recommended.
-# Multiple values separated with spaces are tried sequentially until success.
-SATA_LINKPWR_ON_AC="med_power_with_dipm max_performance"
-SATA_LINKPWR_ON_BAT="med_power_with_dipm min_power"
-
-# Exclude host devices from AHCI link power management.
-# Separate multiple hosts with spaces.
-#SATA_LINKPWR_BLACKLIST="host1"
-
-# Runtime Power Management for AHCI host and disks devices:
-#   on=disable, auto=enable.
-# EXPERIMENTAL ** WARNING: auto will most likely cause system lockups/data loss.
-#AHCI_RUNTIME_PM_ON_AC=on
-#AHCI_RUNTIME_PM_ON_BAT=on
-
-# Seconds of inactivity before disk is suspended.
-AHCI_RUNTIME_PM_TIMEOUT=15
-
-# PCI Express Active State Power Management (PCIe ASPM):
-#   default, performance, powersave.
-PCIE_ASPM_ON_AC=performance
-PCIE_ASPM_ON_BAT=powersave
-
-# Radeon graphics clock speed (profile method): low, mid, high, auto, default;
-# auto = mid on BAT, high on AC; default = use hardware defaults.
-RADEON_POWER_PROFILE_ON_AC=high
-RADEON_POWER_PROFILE_ON_BAT=low
-
-# Radeon dynamic power management method (DPM): battery, performance.
-RADEON_DPM_STATE_ON_AC=performance
-RADEON_DPM_STATE_ON_BAT=battery
-
-# Radeon DPM performance level: auto, low, high; auto is recommended.
-RADEON_DPM_PERF_LEVEL_ON_AC=auto
-RADEON_DPM_PERF_LEVEL_ON_BAT=auto
-
-# WiFi power saving mode: on=enable, off=disable; not supported by all adapters.
-WIFI_PWR_ON_AC=off
-WIFI_PWR_ON_BAT=on
-
-# Disable wake on LAN: Y/N.
-WOL_DISABLE=Y
-
-# Enable audio power saving for Intel HDA, AC97 devices (timeout in secs).
-# A value of 0 disables, >=1 enables power saving (recommended: 1).
-SOUND_POWER_SAVE_ON_AC=0
-SOUND_POWER_SAVE_ON_BAT=1
-
-# Disable controller too (HDA only): Y/N.
-SOUND_POWER_SAVE_CONTROLLER=Y
-
-# Power off optical drive in UltraBay/MediaBay: 0=disable, 1=enable.
-# Drive can be powered on again by releasing (and reinserting) the eject lever
-# or by pressing the disc eject button on newer models.
-# Note: an UltraBay/MediaBay hard disk is never powered off.
-BAY_POWEROFF_ON_AC=0
-BAY_POWEROFF_ON_BAT=0
-# Optical drive device to power off (default sr0).
-BAY_DEVICE="sr0"
-
-# Runtime Power Management for PCI(e) bus devices: on=disable, auto=enable.
-RUNTIME_PM_ON_AC=on
-RUNTIME_PM_ON_BAT=auto
-
-# Exclude PCI(e) device adresses the following list from Runtime PM
-# (separate with spaces). Use lspci to get the adresses (1st column).
-#RUNTIME_PM_BLACKLIST="bb:dd.f 11:22.3 44:55.6"
-
-# Exclude PCI(e) devices assigned to the listed drivers from Runtime PM.
-# Default when unconfigured is "amdgpu nouveau nvidia radeon" which
-# prevents accidential power-on of dGPU in hybrid graphics setups.
-# Use "" to disable the feature completely.
-# Separate multiple drivers with spaces.
-#RUNTIME_PM_DRIVER_BLACKLIST="amdgpu nouveau nvidia radeon"
-
-# Set to 0 to disable, 1 to enable USB autosuspend feature.
-USB_AUTOSUSPEND=1
-
-# Exclude listed devices from USB autosuspend (separate with spaces).
-# Use lsusb to get the ids.
-# Note: input devices (usbhid) are excluded automatically
-#USB_BLACKLIST="1111:2222 3333:4444"
-
-# Bluetooth devices are excluded from USB autosuspend:
-#   0=do not exclude, 1=exclude.
-USB_BLACKLIST_BTUSB=0
-
-# Phone devices are excluded from USB autosuspend:
-#   0=do not exclude, 1=exclude (enable charging).
-USB_BLACKLIST_PHONE=0
-
-# Printers are excluded from USB autosuspend:
-#   0=do not exclude, 1=exclude.
-USB_BLACKLIST_PRINTER=1
-
-# WWAN devices are excluded from USB autosuspend:
-#   0=do not exclude, 1=exclude.
-USB_BLACKLIST_WWAN=1
-
-# Include listed devices into USB autosuspend even if already excluded
-# by the blacklists above (separate with spaces).
-# Use lsusb to get the ids.
-#USB_WHITELIST="1111:2222 3333:4444"
-
-# Set to 1 to disable autosuspend before shutdown, 0 to do nothing
-# (workaround for USB devices that cause shutdown problems).
-#USB_AUTOSUSPEND_DISABLE_ON_SHUTDOWN=1
-
-# Restore radio device state (Bluetooth, WiFi, WWAN) from previous shutdown
-# on system startup: 0=disable, 1=enable.
-# Hint: the parameters DEVICES_TO_DISABLE/ENABLE_ON_STARTUP/SHUTDOWN below
-#   are ignored when this is enabled!
-RESTORE_DEVICE_STATE_ON_STARTUP=0
-
-# Radio devices to disable on startup: bluetooth, wifi, wwan.
-# Separate multiple devices with spaces.
-#DEVICES_TO_DISABLE_ON_STARTUP="bluetooth wifi wwan"
-
-# Radio devices to enable on startup: bluetooth, wifi, wwan.
-# Separate multiple devices with spaces.
-#DEVICES_TO_ENABLE_ON_STARTUP="wifi"
-
-# Radio devices to disable on shutdown: bluetooth, wifi, wwan.
-# (workaround for devices that are blocking shutdown).
-#DEVICES_TO_DISABLE_ON_SHUTDOWN="bluetooth wifi wwan"
-
-# Radio devices to enable on shutdown: bluetooth, wifi, wwan.
-# (to prevent other operating systems from missing radios).
-#DEVICES_TO_ENABLE_ON_SHUTDOWN="wwan"
-
-# Radio devices to enable on AC: bluetooth, wifi, wwan.
-#DEVICES_TO_ENABLE_ON_AC="bluetooth wifi wwan"
-
-# Radio devices to disable on battery: bluetooth, wifi, wwan.
-#DEVICES_TO_DISABLE_ON_BAT="bluetooth wifi wwan"
-
-# Radio devices to disable on battery when not in use (not connected):
-#   bluetooth, wifi, wwan.
-#DEVICES_TO_DISABLE_ON_BAT_NOT_IN_USE="bluetooth wifi wwan"
-
-# Battery charge thresholds (ThinkPad only, tp-smapi or acpi-call kernel module
-# required). Charging starts when the remaining capacity falls below the
-# START_CHARGE_THRESH value and stops when exceeding the STOP_CHARGE_THRESH value.
-# Main / Internal battery (values in %)
-START_CHARGE_THRESH_BAT0=75
-STOP_CHARGE_THRESH_BAT0=80
-# Ultrabay / Slice / Replaceable battery (values in %)
-#START_CHARGE_THRESH_BAT1=75
-#STOP_CHARGE_THRESH_BAT1=80
-
-# Restore charge thresholds when AC is unplugged: 0=disable, 1=enable.
-#RESTORE_THRESHOLDS_ON_BAT=1
-
-# ------------------------------------------------------------------------------
-# tlp-rdw - Parameters for the radio device wizard
-# Possible devices: bluetooth, wifi, wwan.
-
-# Hints:
-# - Parameters are disabled by default, remove the leading # to enable them
-# - Separate multiple radio devices with spaces
-
-# Radio devices to disable on connect.
-#DEVICES_TO_DISABLE_ON_LAN_CONNECT="wifi wwan"
-#DEVICES_TO_DISABLE_ON_WIFI_CONNECT="wwan"
-#DEVICES_TO_DISABLE_ON_WWAN_CONNECT="wifi"
-
-# Radio devices to enable on disconnect.
-#DEVICES_TO_ENABLE_ON_LAN_DISCONNECT="wifi wwan"
-#DEVICES_TO_ENABLE_ON_WIFI_DISCONNECT=""
-#DEVICES_TO_ENABLE_ON_WWAN_DISCONNECT=""
-
-# Radio devices to enable/disable when docked.
-#DEVICES_TO_ENABLE_ON_DOCK=""
-#DEVICES_TO_DISABLE_ON_DOCK=""
-
-# Radio devices to enable/disable when undocked.
-#DEVICES_TO_ENABLE_ON_UNDOCK="wifi"
-#DEVICES_TO_DISABLE_ON_UNDOCK=""
diff --git a/bullseye/etc_files/thinkpad/etc/network/interfaces b/bullseye/etc_files/thinkpad/etc/network/interfaces
deleted file mode 100644 (file)
index 9df66d5..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-# This file describes the network interfaces available on your system
-# and how to activate them. For more information, see interfaces(5).
-
-source /etc/network/interfaces.d/*
-
-# The loopback network interface
-auto lo
-iface lo inet loopback
-
-# # The primary network interface – commented out so network-manager can handle this!
-# allow-hotplug enp0s25
-# iface enp0s25 inet dhcp
-# # This is an autoconfigured IPv6 interface
-# iface enp0s25 inet6 auto
diff --git a/bullseye/etc_files/thinkpad/etc/systemd/logind.conf b/bullseye/etc_files/thinkpad/etc/systemd/logind.conf
deleted file mode 100644 (file)
index 1098229..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-#  This file is part of systemd.
-#
-# See logind.conf(5) for details.
-
-[Login]
-HandleLidSwitch=hibernate
diff --git a/bullseye/etc_files/web/etc/nftables.conf b/bullseye/etc_files/web/etc/nftables.conf
deleted file mode 100755 (executable)
index ec6732a..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/usr/sbin/nft -f
-
-flush ruleset
-
-table inet filter {
-       chain input {
-               type filter hook input priority 0; policy drop;
-               iif lo accept comment "accept localhost traffic"
-               ct state invalid drop comment "drop invalid connections"
-               ct state established, related accept comment "accept traffic originated from us"
-               tcp dport 22 accept comment "accept SSH on default port"
-               tcp dport 80 accept comment "accept HTTP on default port"
-               tcp dport 443 accept comment "accept HTTPS on default port"
-               ip protocol icmp icmp type echo-request accept comment "accept ICMP for pinging"
-       }
-       chain forward {
-               type filter hook forward priority 0; policy drop;
-       }
-       chain output {
-               type filter hook output priority 0; policy accept;
-       }
-}
diff --git a/bullseye/etc_files/web/etc/nginx/nginx.conf b/bullseye/etc_files/web/etc/nginx/nginx.conf
deleted file mode 100644 (file)
index 8320425..0000000
+++ /dev/null
@@ -1,38 +0,0 @@
-# system integration
-user www-data;
-worker_processes auto;
-pid /run/nginx.pid;
-include /etc/nginx/modules-enabled/*.conf;
-
-# is expected even if empty
-events {
-}
-
-http {
-    # define content-type headers
-    include /etc/nginx/mime.types;
-    charset utf-8;
-
-    # Some standard optimizations, i.e. Debian default. Explained in
-    # <https://thoughts.t37.net/nginx-optimization-understanding-sendfile-tcp-nodelay-and-tcp-nopush-c55cdd276765>
-    # Not that I understand it all …
-    sendfile on;
-    tcp_nopush on;
-    tcp_nodelay on;
-
-    # logging deactivated due to GDPR
-    #access_log /var/log/nginx/access.log;
-    #error_log /var/log/nginx/error.log;
-    access_log off;
-    error_log off;
-
-    # virtual hosts: sites-enabled is the Debian way, conf.d the NGINX default
-    include /etc/nginx/conf.d/*.conf;
-    include /etc/nginx/sites-enabled/*;
-
-    # Redirect all HTTP requests to HTTPS.
-    server {
-        listen 80;
-        return 301 https://$host$request_uri;
-    }
-}
diff --git a/bullseye/etc_files/website/etc/gitweb.conf b/bullseye/etc_files/website/etc/gitweb.conf
deleted file mode 100644 (file)
index 88dea47..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-# path to git projects (<project>.git)
-$projectroot = "/var/repos";
-
-# don't show repos without git-daemon-export-ok file
-$export_ok = "git-daemon-export-ok";
-
-# directory to use for temp files
-# explicitely set by Debian so it's probably a good choice
-$git_temp = "/tmp";
-
-# git-diff-tree(1) options to use for generated patches
-# we don't want to to guess renames, so empty
-@diff_opts = ();
-
-# Base path for where to find the repos for cloning.
-@git_base_url_list = ('https://REPLACE_fqdn_ECALPER/repos/clone');
-
-# allow snapshots
-$feature{'snapshot'}{'default'} = ['zip', 'tgz'];
-
-# insert header for GDPR compliance
-$site_header = "/var/www/header.html"
diff --git a/bullseye/etc_files/website/etc/nginx/sites-available/website.nginx b/bullseye/etc_files/website/etc/nginx/sites-available/website.nginx
deleted file mode 100644 (file)
index ad5abed..0000000
+++ /dev/null
@@ -1,45 +0,0 @@
-server {
-    listen 443 ssl;
-    server_name REPLACE_fqdn_ECALPER;
-    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
-    root /var/www/html/;
-    index index.html index.htm index.nginx-debian.html;
-
-    # serve /var/repos/* for HTTPS git cloning
-    location ~ /repos/clone(/.*) {
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
-        # Commented out so only repos are served that contain a
-        # git-daemon-export-ok file.
-        # fastcgi_param GIT_HTTP_EXPORT_ALL "";
-        fastcgi_param GIT_PROJECT_ROOT /var/repos;
-        fastcgi_param PATH_INFO $1;
-        fastcgi_pass unix:/var/run/fcgiwrap.socket;
-    }
-
-    # gitweb static files
-    location /repos/static/ {
-        alias /usr/share/gitweb/static/;
-    }
-
-    # gitweb; this needs packages fcgiwrap and gitweb
-    location /repos/ {
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME /usr/share/gitweb/gitweb.cgi;
-        fastcgi_param GITWEB_CONFIG /etc/gitweb.conf;
-        fastcgi_pass unix:/var/run/fcgiwrap.socket;
-    }
-
-    # login-protected IRC logs
-    location ~ ^/irclogs/([^/]+)/ {
-        auth_basic "$1 logs";
-        auth_basic_user_file /var/www/irclogs_pw/$1;
-        autoindex on;
-    }
-
-    location /guiltcards/ {
-        include uwsgi_params;
-        uwsgi_pass 127.0.0.1:9000;
-    }
-}
diff --git a/bullseye/etc_files/website/etc/systemd/system/plomlombot.service b/bullseye/etc_files/website/etc/systemd/system/plomlombot.service
deleted file mode 100644 (file)
index a4f6769..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=plomlombot screen
-
-[Service]
-Type=simple
-User=plom
-ExecStart=/bin/sh -c '~/plomlombot_daemon.sh'
-Restart=always
-
-[Install]
-WantedBy=multi-user.target
diff --git a/bullseye/home_files/minimal/.bashrc b/bullseye/home_files/minimal/.bashrc
deleted file mode 100644 (file)
index e1d41d8..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-# Settings for interactive shells.
-
-# Fancy colors for ls.
-alias ls="ls --color=auto"
-
-# Other helpful aliases
-alias sshauth='eval $(ssh-agent) && ssh-add'
-alias xrandrbig='xrandr --output LVDS-1 --off'
-
-# Use vim as default editor for anything.
-export VISUAL=vim
-export EDITOR=$VISUAL
-
-# Colored prompt with username, hostname, date/time, directory.
-colornumber=7 # Default to white if no color set via colornumber dotfile.
-colornumber_file=~/.shell_prompt_color
-if [ -f $colornumber_file ]; then
-    colornumber=`cat $colornumber_file`
-fi
-tput_color="$(tput setaf $colornumber)$(tput bold)"
-tput_reset="$(tput sgr0)"
-# Bash confuses the line length when not told to not count escape sequences.
-if [ ! "$BASH" = "" ]; then
-    tput_color="\[$tput_color\]"
-    tput_reset="\[$tput_reset\]"
-fi
-PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset"
-PS2="${tput_color}> $tput_reset"
-PS3="${tput_color}select: $tput_reset"
-PS4="${tput_color}+ $tput_reset"
diff --git a/bullseye/home_files/root/.shell_prompt_color b/bullseye/home_files/root/.shell_prompt_color
deleted file mode 100644 (file)
index d00491f..0000000
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/bullseye/home_files/user/.Xresources b/bullseye/home_files/user/.Xresources
deleted file mode 100644 (file)
index 45b10af..0000000
+++ /dev/null
@@ -1,56 +0,0 @@
-! otherwise various applications will assume merely 8 colors
-XTerm.termName: xterm-256color
-
-! font
-! actually, "mono" is already the default for faceName (it will
-! pick whatever fc-match mono delivers), but we need to set _some_
-! faceName to trigger XTerm activating TrueType fonts
-! (XTerm*fontRender by itself won't do the trick), and we want
-! TrueType fonts because, well, they scale better, and XTerm lets them
-! fall back on alternatives (hi there ttf-unifont) when a Unicode
-! glyph is not found
-XTerm*faceName: mono
-
-! white on black
-XTerm*reverseVideo: on
-
-! blink screen instead of sound
-XTerm*visualBell: on
-
-! proper ALT as META key treatment
-XTerm*eightBitInput: false
-
-! font sizes
-XTerm*faceSize: 8
-XTerm*faceSize1: 4
-XTerm*faceSize2: 5
-XTerm*faceSize3: 6
-XTerm*faceSize4: 8
-XTerm*faceSize5: 14
-XTerm*faceSize6: 25
-
-! colors
-! black
-XTerm*color0: #202020
-XTerm*color8: #3F3F3F
-! red
-XTerm*color1: #A82020
-XTerm*color9: #E82020
-! green
-XTerm*color2: #20A820
-XTerm*color10: #20E820
-! yellow
-XTerm*color3: #A8A820
-XTerm*color11: #E8E820
-! blue
-XTerm*color4: #3F3FFF
-XTerm*color12: #9F9FFF
-! magenta
-XTerm*color5: #A83FFF
-XTerm*color13: #E89FFF
-! cyan
-XTerm*color6: #3FA8FF
-XTerm*color14: #9FE8FF
-! white
-XTerm*color7: #A8A8A8
-XTerm*color15: #E8E8E8
diff --git a/bullseye/home_files/user/.borgrepos b/bullseye/home_files/user/.borgrepos
deleted file mode 100644 (file)
index c40eee3..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-plom@plomlompom.com
-plom@mail.plomlompom.com
-plom@play.plomlompom.com
-# file read ends at last newline
diff --git a/bullseye/home_files/user/.config/i3/config b/bullseye/home_files/user/.config/i3/config
deleted file mode 100644 (file)
index 07332f3..0000000
+++ /dev/null
@@ -1,84 +0,0 @@
-# plomlompom's i3-wm configuration
-
-# Font for i3 text
-font pango:Terminus 8px
-
-# Force "tabbed" as default layout for new windows.
-workspace_layout              tabbed
-
-# Make the Windows key the modifier key for all i3-wm actions.
-set                           $mod Mod4
-floating_modifier             $mod
-
-# Launch xterm.
-bindsym $mod+Return           exec xterm
-
-# Launch programs via dmenu.
-bindsym $mod+d                exec dmenu_run
-bindsym $mod+x                exec dmenu_run
-
-# Kill window.
-bindsym $mod+Shift+Q          kill
-
-# Move focus between windows.
-bindsym $mod+Left             focus left
-bindsym $mod+Down             focus down
-bindsym $mod+Up               focus up
-bindsym $mod+Right            focus right
-
-# Don't move focus with mouse.
-focus_follows_mouse           no
-
-# Move windows.
-bindsym $mod+Shift+Left       move left
-bindsym $mod+Shift+Down       move down
-bindsym $mod+Shift+Up         move up
-bindsym $mod+Shift+Right      move right
-
-# Resize windows
-bindsym $mod+h                resize shrink width 1 px or 1 ppt
-bindsym $mod+l                resize grow width 1 px or 1 ppt
-bindsym $mod+j                resize shrink height
-bindsym $mod+k                resize grow height
-
-# Toggle fullscreen for focused window.
-bindsym $mod+f                fullscreen
-
-# Toggle floating of window, focus on floating or tabbed windows.
-bindsym $mod+Shift+space      floating toggle
-bindsym $mod+space            focus mode_toggle
-
-# Switch to workspace x.
-bindsym $mod+1                workspace 1
-bindsym $mod+2                workspace 2
-bindsym $mod+3                workspace 3
-bindsym $mod+4                workspace 4
-bindsym $mod+5                workspace 5
-bindsym $mod+6                workspace 6
-bindsym $mod+7                workspace 7
-bindsym $mod+8                workspace 8
-bindsym $mod+9                workspace 9
-bindsym $mod+0                workspace 10
-
-# Move window to workspace x.
-bindsym $mod+Shift+exclam     move workspace 1
-bindsym $mod+Shift+quotedbl   move workspace 2
-bindsym $mod+Shift+section    move workspace 3
-bindsym $mod+Shift+dollar     move workspace 4
-bindsym $mod+Shift+percent    move workspace 5
-bindsym $mod+Shift+ampersand  move workspace 6
-bindsym $mod+Shift+slash      move workspace 7
-bindsym $mod+Shift+parenleft  move workspace 8
-bindsym $mod+Shift+parenright move workspace 9
-bindsym $mod+Shift+equal      move workspace 10
-
-# Reload i3 config file, restart (keeping sesion) i3, exit i3.
-bindsym $mod+Shift+C          reload
-bindsym $mod+Shift+R          restart
-bindsym $mod+Shift+P          exit
-
-# Select "i3status" as i3 status bar, hide systray icons.
-bar {
-  tray_output none
-  status_command i3status
-}
diff --git a/bullseye/home_files/user/.emacs.d/init.el b/bullseye/home_files/user/.emacs.d/init.el
deleted file mode 100644 (file)
index 9964c98..0000000
+++ /dev/null
@@ -1,323 +0,0 @@
-;; general layout
-;; ==============
-
-;; need no stinkin emacs help screen as start up, and no menu bar
-(setq inhibit-startup-screen t)
-(menu-bar-mode -1)
-
-;; highlight cursor line, parentheses
-(global-hl-line-mode 1)
-(show-paren-mode 1)
-
-;; show line numbers, use separator space
-(global-linum-mode)
-(setq linum-format "%d ")
-
-;; count cursor column, row in mode line
-(setq column-number-mode t)
-
-;; settings to make GUI tolerable
-(if window-system
-  (progn
-    (add-to-list 'default-frame-alist '(foreground-color . "white"))
-    (add-to-list 'default-frame-alist '(background-color . "black"))
-    (set-face-attribute 'default nil :height 80)
-    (scroll-bar-mode -1)
-    (setq visible-bell t)
-    (setq linum-format "%d")))
-
-;; use as default browser what XDG offers
-(setq-default browse-url-browser-function 'browse-url-xdg-open)
-
-
-
-;; general keybindings
-;; ===================
-
-;; create and use a minimal global map using just the self-insert command
-;; bindings and a selection of some to me very common keystrokes
-(setq minimal-map (make-sparse-keymap))
-(substitute-key-definition 'self-insert-command 'self-insert-command
-                           minimal-map global-map)
-(use-global-map minimal-map)
-(global-set-key (kbd "DEL") 'backward-delete-char-untabify)
-(global-set-key (kbd "RET") 'newline)
-(global-set-key (kbd "TAB") 'indent-for-tab-command)
-(global-set-key (kbd "<up>") 'previous-line)
-(global-set-key (kbd "<down>") 'next-line)
-(global-set-key (kbd "<left>") 'left-char)
-(global-set-key (kbd "<right>") 'right-char)
-(global-set-key (kbd "<prior>") 'scroll-down-command)
-(global-set-key (kbd "<next>") 'scroll-up-command)
-(global-set-key (kbd "M-x") 'execute-extended-command)
-(global-set-key (kbd "C-g") 'keyboard-quit)
-;(global-set-key (kbd "<f3>") 'kmacro-start-macro-or-insert-counter)
-;(global-set-key (kbd "<f4>") 'kmacro-end-or-call-macro)
-;; note how to switch back to the original map: (use-global-map global-map)
-(setq shr-map (make-sparse-keymap))  ; got annoying in elfeed-show on URLs
-
-
-
-;; minibuffer
-;; ==========
-
-;; incremental minibuffer completion
-(icomplete-mode 1)
-
-
-
-;; text editing
-;; ============
-
-;; tabs are evil
-(setq-default indent-tabs-mode nil)
-(setq-default tab-width 4)
-(setq indent-line-function 'insert-tab)
-
-;; show trailing whitespace
-(setq-default show-trailing-whitespace 1)
-
-;; on save, ask whether to ensure text file's last line ends in a
-;; newline character
-(setq require-final-newline 1)
-
-;; use dedicated directory for version-controlled, endless backups;
-;; never delete old versions
-(setq make-backup-files t
-      backup-directory-alist `(("." . "~/.emacs_backups"))
-      backup-by-copying t
-      version-control t
-      delete-old-versions 1)  ;; neither t nor nil: never delete
-
-
-;; package management
-;; ==================
-
-;; where we get packages from
-(setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/")
-                         ("melpa-unstable" . "https://melpa.org/packages/")
-                         ("melpa-stable" . "https://stable.melpa.org/packages/")))
-
-;; ensure certain packages are installed (actually, we use Debian repos here)
-;; credit to <https://stackoverflow.com/a/10093312>
-;(setq package-list '(elfeed ledger-mode))
-;(package-initialize)
-;(dolist (package package-list)
-;  (unless (package-installed-p package)
-;    (package-install package)))
-
-
-
-;;; window management
-;;; =================
-;
-;;; track window configurations to allow window config undo
-;(winner-mode 1)
-
-
-
-;; mail setup
-;; ==========
-
-(setq send-mail-function 'smtpmail-send-it)
-(setq smtpmail-smtp-server "mail.plomlompom.com")
-(setq smtpmail-smtp-service 465)
-(setq smtpmail-stream-type 'ssl)
-(setq smtpmail-smtp-user "plom")
-(setq mml-secure-openpgp-encrypt-to-self t)
-(add-hook 'message-setup-hook 'mml-secure-sign-pgpmime)
-
-;(setq gnutls-log-level 0)
-
-;; if we don't set this, we get this warning:
-;;   gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange
-;;   has been lowered to 256 bits and this may allow decryption of the session data
-(setq gnutls-min-prime-bits 1024)
-
-;; there is a WEIRD bug somewhere in /network-stream-open-tls/ that disappears the
-;; stream process, seemingly unless the /message/ function is called at the right
-;; place (earliest in /nsm-verify-connection/ right before the "cond" there, latest
-;; in /network-stream-get-response/ right after "(goto-char start)"; this works
-;; unless /inhibit_message/ is set, indicating that writing to the *Messages*
-;; buffer is not relevant, but maybe writing to the echo area is); activing the
-;; gnutls logging is just a hack to achieve such calls to /message/ in the
-;; /network-stream-open-tls/ flow.
-(setq gnutls-log-level 1) ; miraculously makes smtpmail work
-
-;; constructs From: domain if mail composer directly called (from without
-;; notmuch), but we don't actually intend to do that
-;(setq mail-host-address "plomlompom.com")
-
-;; otherwise notmuch becomes extremely slow in some cases
-(setq-default notmuch-show-indent-content nil)
-
-;; this only works if we use notmuch-mua-send instead of message-send
-(setq notmuch-fcc-dirs '(("plom@plomlompom.com" . "maildir/Sent")))
-
-;; this gets rid of "i-did-not-set--mail-host-address--so-tickle-me"
-;; in the message ID
-(setq mail-host-address "plomlompom.com")
-
-;; notmuch saved searches
-(setq notmuch-saved-searches
-      '((:name "inbox" :query "tag:unread and folder:inbox")
-        (:name "all" :query "tag:unread not folder:maildir/Trash")
-        (:name "plomlompom.de" :query "tag:unread and folder:maildir/plomlompom.de")
-        (:name "nebenan" :query "tag:unread and folder:maildir/nebenan")
-        (:name "reflect-info" :query "tag:unread and folder:maildir/reflect-info")
-        (:name "gmail" :query "tag:unread and folder:maildir/gmail.com")
-        (:name "mutter" :query "tag:unread and folder:maildir/mutter")))
-
-
-
-;; org mode
-;; ========
-
-;; unsure why, but to re-set the key map, we not only have to explicitely do it
-;; only after org-mode loading, but also have to explicitely overwrite the
-;; C-c keybinding; TODO: investigate
-(with-eval-after-load 'org
-    (setq org-mode-map (make-sparse-keymap))
-    (define-key org-mode-map (kbd "C-c") nil)
-    (define-key org-mode-map (kbd "TAB") 'org-cycle)
-    (define-key org-mode-map (kbd "<backtab>") 'org-shifttab))
-
-;; don't truncate lines by default
-(setq org-startup-truncated nil)
-
-;; basic org-capture config
-(setq org-capture-templates
-      '(("x" "test" plain (file "~/org/notes.org") "%T: %?")))
-(add-hook 'org-capture-mode-hook 'evil-insert-state)
-
-;; agenda view on startup
-(load-library "find-lisp")
-(setq org-agenda-files (find-lisp-find-files "~/org" "\.org$"))
-(setq org-agenda-span 90)
-(setq org-agenda-use-time-grid nil)
-(add-hook 'emacs-startup-hook (lambda ()
-                                 (org-agenda-list)
-                                 (switch-to-buffer "*Org Agenda*")
-                                 (other-window 1)))
-
-;;; for calendar, use ISO date style
-;(setq calendar-date-style 'iso)
-;(setq diary-number-of-entries 7)
-;(diary)
-;(setq org-agenda-time-grid '((today require-timed remove-match)
-;                             #("----------------" 0 16 (org-heading t))
-;                             (0 200 400 600 800 1000 1200
-;                                1400 1600 1800 2000 2200)))
-
-;; empty org-agenda-mode keybindings
-(add-hook 'org-agenda-mode-hook
-          (lambda ()
-            (setq org-agenda-mode-map (make-sparse-keymap))))
-(add-hook 'org-agenda-mode-hook
-          (lambda ()
-            (use-local-map (make-sparse-keymap))))
-
-;; org-publish-all
-(setq org-publish-project-alist
-      '(
-        ("website"
-         :base-directory "~/org/web/"
-         :base-extension "org"
-         :publishing-directory "~/html/"
-         :recursive t
-         :publishing-function org-html-publish-to-html
-         :headline-levels 4             ; Just the default for this project.
-         :auto-preamble t
-          )))
-
-;; use [ki:] syntax to hide stuff from exports
-(defun classify-information (text backend info)
-  "Replaces '[ki:WHATEVER]' with '[klassifizierte Information]'."
-  (replace-regexp-in-string "\\[ki:[^\]]*\]" "[klassifizierte Information]" text))
-(add-hook 'org-export-filter-plain-text-functions 'classify-information)
-
-;; add HTML validator link to exports
-(setq org-html-validation-link "<a href=\"https://validator.w3.org/check?uri=referer\">Validate</a>")
-
-
-
-;;; Info mode
-;;; =========
-
-(setq Info-mode-map (make-sparse-keymap))
-(define-key Info-mode-map (kbd "RET") 'Info-follow-nearest-node)
-(define-key Info-mode-map (kbd "u") 'Info-up)
-(define-key Info-mode-map (kbd "TAB") 'Info-next-reference)
-(define-key Info-mode-map (kbd "<backtab>") 'Info-prev-reference)
-(define-key Info-mode-map (kbd "H") 'Info-history-back)
-(define-key Info-mode-map (kbd "L") 'Info-history-forward)
-(define-key Info-mode-map (kbd "I") 'Info-goto-node)
-(define-key Info-mode-map (kbd "i") 'Info-index)
-
-
-
-;; help mode
-;; =========
-
-(setq help-mode-map (make-sparse-keymap))
-(define-key help-mode-map (kbd "TAB") 'forward-button)
-(define-key help-mode-map (kbd "RET") 'help-follow)
-(define-key help-mode-map (kbd "<backtab>") 'backward-button)
-
-
-
-;; elfeed
-;; ======
-
-(require 'elfeed)  ; needed so we can set the font faces
-(set-face-background 'elfeed-search-title-face "magenta")
-(set-face-background 'elfeed-search-unread-count-face "magenta")
-(setq elfeed-feeds
-      '("https://capsurvival.blogspot.com/feeds/posts/default"
-        "https://jungle.world/rss.xml"
-        "http://news.dieweltistgarnichtso.net/bin/index.xml"
-        "https://taz.de/!s=&ExportStatus=Intern&SuchRahmen=Online;rss/"
-        "http://www.tagesschau.de/xml/atom"))
-(setq elfeed-search-mode-map (make-sparse-keymap))
-(define-key elfeed-search-mode-map (kbd "RET") 'elfeed-search-show-entry)
-(defun elfeed-search-mark-as-read() (interactive)
-  (elfeed-search-untag-all 'unread))
-(define-key elfeed-search-mode-map (kbd "r") 'elfeed-search-mark-as-read)
-(define-key elfeed-search-mode-map (kbd "R") 'elfeed-search-tag-all-unread)
-(define-key elfeed-search-mode-map (kbd "f") 'elfeed-search-live-filter)
-(define-key elfeed-search-mode-map (kbd "u") 'elfeed-update)
-(setq elfeed-show-mode-map (make-sparse-keymap))
-(define-key elfeed-show-mode-map (kbd "u") 'elfeed)
-(define-key elfeed-show-mode-map (kbd "TAB") 'shr-next-link)
-(define-key elfeed-show-mode-map (kbd "<backtab>") 'shr-previous-link)
-(define-key elfeed-show-mode-map (kbd "a") 'elfeed-show-prev)
-(define-key elfeed-show-mode-map (kbd "d") 'elfeed-show-next)
-(define-key elfeed-show-mode-map (kbd "y") 'shr-copy-url)
-(define-key elfeed-show-mode-map (kbd "RET") 'shr-browse-url)
-
-
-
-;; eww
-;; ===
-
-(setq eww-mode-map (make-sparse-keymap))
-(define-key eww-mode-map (kbd "TAB") 'shr-next-link)
-(define-key eww-mode-map (kbd "<backtab>") 'shr-previous-link)
-(define-key eww-mode-map (kbd "H") 'eww-back-url)
-(define-key eww-mode-map (kbd "L") 'eww-forward-url)
-
-
-
-;; ledger
-;; ======
-(setq ledger-mode-map (make-sparse-keymap))
-(define-key ledger-mode-map (kbd "TAB") 'completion-at-point)
-
-
-
-;;; plomvi mode
-;;; ===========
-
-(defvar plomvi-return-combo (kbd "C-c"))
-(load "~/public_repos/plomvi.el/plomvi.el")
-(plomvi-global-mode 1)
diff --git a/bullseye/home_files/user/.gitconfig b/bullseye/home_files/user/.gitconfig
deleted file mode 100644 (file)
index 8967d25..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-[user]
-       email = c.heller@plomlompom.de
-       name = Christian Heller
diff --git a/bullseye/home_files/user/.mbsyncrc b/bullseye/home_files/user/.mbsyncrc
deleted file mode 100644 (file)
index 6a0e5cd..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
-IMAPAccount plom
-# Address to connect to
-Host mail.plomlompom.com
-User plom
-# For some reason, mbsync doesn't accept a PassCmd output beyond 79 chars,
-# therefore the pw in ~/.authinfo should not be longer than that.
-PassCmd "cat ~/.authinfo | cut -d' ' -f8-"
-SSLType IMAPS
-AuthMechs LOGIN
-
-IMAPStore core-remote
-Account plom
-
-MaildirStore core-local
-# The trailing "/" is important
-Path ~/mail/maildir/
-Inbox ~/mail/inbox/
-
-Channel core
-Master :core-remote:
-Slave :core-local:
-Patterns *
-# Automatically create missing mailboxes, both locally and on the server
-Create Both
-# Save the synchronization state files in the relevant directory
-SyncState *
-# If a mail is marked T ("Trashed") or deleted, remove it for real everywhere
-Expunge Both
diff --git a/bullseye/home_files/user/.notmuch-config b/bullseye/home_files/user/.notmuch-config
deleted file mode 100644 (file)
index 9532761..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-[database]
-path=/home/plom/mail
-[search]
-exclude_tags=deleted;spam;
-# the fields below set the From: if the mail composer is called from
-# within notmuch
-[user]
-name=Christian Heller
-primary_email=plom@plomlompom.com
diff --git a/bullseye/home_files/user/.shell_prompt_color b/bullseye/home_files/user/.shell_prompt_color
deleted file mode 100644 (file)
index 0cfbf08..0000000
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/bullseye/home_files/user/.tridactylrc b/bullseye/home_files/user/.tridactylrc
deleted file mode 100644 (file)
index e39e5a0..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-sanitize tridactyllocal tridactylsync
-guiset statuspanel top-right
-guiset tabs autohide 
-set newtab file:///opt/firefox/blank.html
-autocmd DocStart www.reddit.com urlmodify -t www.reddit old.reddit
-bind / fillcmdline find
-bind n findnext 1
-bind N findnext -1
-set findcase insensitive
-bind j scrollline 3
-bind k scrollline -3
-set hintuppercase false
-set searchengine duckduckgo
diff --git a/bullseye/home_files/user/.xinitrc b/bullseye/home_files/user/.xinitrc
deleted file mode 100644 (file)
index c7a0a66..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-# X init configuration
-
-# Set keymap.
-setxkbmap de
-
-# Map CapsLock to Compose key.
-xmodmap -e "clear Lock"
-xmodmap -e "keycode 66 = Multi_key"
-
-# Load xterm settings
-xrdb -merge ~/.Xresources
-
-# Redshift to Berlin, Germany.
-redshift -rl 53:13 &
-
-# Launch window manager.
-i3
diff --git a/bullseye/home_files/user/mail_sync.sh b/bullseye/home_files/user/mail_sync.sh
deleted file mode 100755 (executable)
index 6962800..0000000
+++ /dev/null
@@ -1,43 +0,0 @@
-#!/bin/sh
-set -e
-
-basedir="/home/plom/mail/maildir/"
-# Ensure directories exist for all "dir:*" tags.
-for tag in $(notmuch search --output=tags '*'); do
-    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
-        continue
-    fi
-    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
-    if [ ! -d "${target_dir}" ]; then
-        echo "Directory ${target_dir} does not exist."
-        exit 1
-    fi
-done
-
-# Ensure all "dir:*"-tagged mails are in proper directories,
-# remove all "dir:*" tags.
-for tag in $(notmuch search --output=tags '*'); do
-    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
-        continue
-    fi
-    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
-    for f in $(notmuch search --output=files tag:"${tag}"); do
-         new_name=$(basename "${f}" | sed -e 's/,U=[0-9]*//')
-         target_path="${target_dir}${new_name}"
-         if [ ! "${target_path}" = "${f}" ]; then
-             echo "Moving ${f} to ${target_path}."
-             mv "${f}" "${target_path}"
-         fi
-    done
-    notmuch tag -"${tag}" tag:"${tag}"
-done
-
-# Remove all "deleted"-tagged files from maildirs.
-notmuch search --output=files tag:deleted | while read f; do
-    echo "Deleting ${f}"
-    rm "${f}"
-done
-
-# Sync changes back to server and update notmuch index.
-mbsync -a
-notmuch new
diff --git a/bullseye/home_files/user/public_repos/repos b/bullseye/home_files/user/public_repos/repos
deleted file mode 100644 (file)
index 27eb028..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-# List of repos we want cloned in ~/public_repos
-config
-pingmail.git
-plomlombot-irc.git
-plomrogue
-plomrogue2-experiments
-plomvi.el
diff --git a/bullseye/home_files/w530/.config/i3status/config b/bullseye/home_files/w530/.config/i3status/config
deleted file mode 100644 (file)
index b9fb15f..0000000
+++ /dev/null
@@ -1,82 +0,0 @@
-# plomlompom's i3 status bar configuration
-
-# Activate colors; set update interval of one second.
-general {
-  colors = true
-  interval = 1
-}
-
-# Selection / order of status elements.
-order += "disk /"
-order += "disk /home/"
-order += "wireless wlp3s0"
-order += "ethernet enp0s25"
-order += "battery 0"
-order += "cpu_usage"
-order += "load"
-order += "cpu_temperature 0"
-order += "time"
-order += "volume master"
-
-# How much space is left in / ?
-disk "/" {
-  format = "/: %avail available of %total"
-  separator_block_width = 25
-}
-
-# How much space is left in /home ?
-disk "/home/" {
-  format = "/home: %avail available of %total"
-  separator_block_width = 25
-}
-
-# WLAN status: show IP and connection quality or "down".
-wireless wlp3s0 {
-  format_up = "w: (%quality at %essid) %ip"
-  format_down = "w: down"
-  separator_block_width = 10
-}
-
-# Ethernet status: show IP or "down".
-ethernet enp0s25 {
-  format_up = "e: %ip"
-  format_down = "e: down"
-  separator_block_width = 25
-}
-
-# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
-battery 0 {
-  format = "b: %status %percentage %remaining"
-  separator_block_width = 25
-}
-
-# Show CPU usage.
-cpu_usage {
-  format = "cpu: %usage"
-  separator_block_width = 10
-}
-
-# Show system load during last 1/5/15 minutes.
-load {
-  format = "%1min %5min %15min"
-  separator_block_width = 25
-}
-
-# Show CPU temperature in degrees of celsius.
-cpu_temperature 0 {
-  format = "%degrees °C"
-  separator_block_width = 25
-}
-
-# Show date/time/timezone as "year-month-day hour:minute:second
-# timezone_numeric/timezone_alphabetic".
-time {
-  format = "%Y-%m-%d %H:%M:%S %z/%Z"
-  separator_block_width = 25
-}
-
-volume master {
-  format = "♪: %volume"
-  format_muted = "♪: muted (%volume)"
-  separator_block_width = 25
-}
diff --git a/bullseye/home_files/x220/.config/i3status/config b/bullseye/home_files/x220/.config/i3status/config
deleted file mode 100644 (file)
index a81a117..0000000
+++ /dev/null
@@ -1,79 +0,0 @@
-# plomlompom's i3 status bar configuration
-
-# It is important that this file is edited as UTF-8.
-# The following line should contain a sharp s:
-# ß
-
-# Activate colors; set update interval of one second.
-general {
-  colors = true
-  interval = 1
-}
-
-# Selection / order of status elements.
-order += "disk /"
-order += "wireless _first_"
-order += "ethernet _first_"
-order += "battery all"
-order += "cpu_usage"
-order += "load"
-order += "cpu_temperature all"
-order += "time"
-order += "volume master"
-
-# How much space is left in / ?
-disk "/" {
-  format = "/: %avail available of %total"
-  separator_block_width = 25
-}
-
-# WLAN status: show IP and connection quality or "down".
-wireless _first_ {
-  format_up = "w: (%quality at %essid) %ip"
-  format_down = "w: down"
-  separator_block_width = 10
-}
-
-# Ethernet status: show IP or "down".
-ethernet _first_ {
-  format_up = "e: %ip"
-  format_down = "e: down"
-  separator_block_width = 25
-}
-
-# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
-battery all {
-  format = "b: %status %percentage %remaining"
-  separator_block_width = 25
-}
-
-# Show CPU usage.
-cpu_usage {
-  format = "cpu: %usage"
-  separator_block_width = 10
-}
-
-# Show system load during last 1/5/15 minutes.
-load {
-  format = "%1min %5min %15min"
-  separator_block_width = 25
-}
-
-# Show CPU temperature in degrees of celsius.
-cpu_temperature all {
-  format = "%degrees °C"
-  separator_block_width = 25
-}
-
-# Show date/time/timezone as "year-month-day hour:minute:second
-# timezone_numeric/timezone_alphabetic".
-time {
-  format = "%Y-%m-%d %H:%M:%S %z/%Z"
-  separator_block_width = 25
-}
-
-volume master {
-  format = "♪: %volume"
-  format_muted = "♪: muted (%volume)"
-  separator_block_width = 25
-}
diff --git a/bullseye/other_files/blank.html b/bullseye/other_files/blank.html
deleted file mode 100644 (file)
index 79e707e..0000000
+++ /dev/null
@@ -1 +0,0 @@
-not quite blank
diff --git a/bullseye/other_files/blog_hook_post-receive b/bullseye/other_files/blog_hook_post-receive
deleted file mode 100755 (executable)
index b671248..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/bin/sh
-blog_dir=~/blog
-export GIT_DIR=$(pwd)
-export GIT_WORK_TREE="$blog_dir"
-git checkout -f
-cd "$GIT_WORK_TREE"
-redo
-git add metadata/author metadata/url metadata/title metadata/*.tmpl metadata/automatic_metadata captchas/linkable/*
-count=$(ls -1 metadata/*.automatic_metadata 2>/dev/null | wc -l)
-if [ "$count" != 0 ]; then
-  git add metadata/*.automatic_metadata
-fi
-status=$(git status -s)
-n_updates=$(printf "$status" | grep -vE '^\?\?' | wc -l)
-if [ "$n_updates" -gt 0 ]; then
-  git commit -a -m 'Update metadata'
-fi
diff --git a/bullseye/other_files/dumpsite_index.html b/bullseye/other_files/dumpsite_index.html
deleted file mode 100644 (file)
index 0c2093f..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-<!DOCTYPE html>
-<meta charset="UTF-8">
-<a href="blog">Zum Blog?</a>
diff --git a/bullseye/other_files/plomlombot_daemon.sh b/bullseye/other_files/plomlombot_daemon.sh
deleted file mode 100755 (executable)
index 9b9faee..0000000
+++ /dev/null
@@ -1,62 +0,0 @@
-#!/bin/sh
-set -e
-
-# Repeatedly parse config file for GPG key and bot screen configs.
-path=~/.plomlombot
-db_dir="${HOME}/plomlombot_db"
-irclogs_dir=/var/www/html/irclogs
-irclogs_pw_dir=/var/www/irclogs_pw
-hostname_mod_epoch=$(stat -c%Y /etc/hostname)
-while true; do
-    if [ -f "${path}" ]; then
-        cat "${path}" | while read line; do
-            first_word=$(echo -n "${line}" | cut -d' ' -f1)
-
-            # Read "bot:" line, start bot screen session from it if not yet existing,
-            # set up irclogs dir if not yet existing.
-            if [ "${first_word}" = "bot:" ]; then
-                session_name=$(echo -n "${line}" | cut -d' ' -f2)
-                bot_name=$(echo -n "${line}" | cut -d' ' -f3)
-                channel_name=$(echo -n "${line}" | cut -d' ' -f4)
-                shortened_channel_name="${channel_name}"
-                first_char=$(echo -n "${channel_name}" | cut -c1)
-                if [ "${first_char}" = "#" ]; then
-                    shortened_channel_name=$(echo -n "${channel_name}" | cut -c2-)
-                fi
-                server_name=$(echo -n "${line}" | cut -d' ' -f5)
-                login_user=$(echo -n "${line}" | cut -d' ' -f6)
-                login_pw=$(echo -n "${line}" | cut -d' ' -f7)
-                add_option=$(echo -n "${line}" | cut -d' ' -f8-)
-                set +e
-                screen -S "${session_name}" -Q select . > /dev/null
-                start_screen=$?
-                set -e
-                if [ "${start_screen}" -eq "1" ]; then
-                    cd ~/plomlombot-irc
-                    LANG="en_US.UTF-8" screen -d -m -S "${session_name}" ./run.sh -r 604800 -n "${bot_name}" -u "${bot_name}" -s "${server_name}" -c "${channel_name}" ${add_option}
-                fi
-                md5_server=$(echo -n "${server_name}" | md5sum | cut -d' ' -f1)
-                md5_channel=$(echo -n "${channel_name}" | md5sum | cut -d' ' -f1)
-                logs_dir="${db_dir}/${md5_server}/${md5_channel}/logs"
-                # FIXME: Note the trouble we will have if we have the same channel
-                # name on different servers …
-                ln -sfn "${logs_dir}" "${irclogs_dir}/${shortened_channel_name}"
-                echo "${login_user}":'{PLAIN}'"${login_pw}" > "${irclogs_pw_dir}/${shortened_channel_name}"
-
-            # If "gpg_key" line, encrypt old raw logs to that GPG key.
-            elif [ "${first_word}" = "gpg_key" ]; then
-                key=$(echo -n "${line}" | cut -d' ' -f2)
-                mkdir -p ~/plomlombot_db
-                cd ~/plomlombot_db
-                # Dirty hack: To avoid trouble with GPG key expiration, fake
-                # system to something reasonbly old (younger than key creation,
-                # older than expiration) by taking the mod datetime of
-                # /etc/hostname, which should have last be changed when the
-                # system was set up.
-                find . -path '*/*/raw_logs/*.txt' -mtime +1 -type f -exec gpg --recipient "${key}" --trust-model always --faked-system-time="${hostname_mod_epoch}" --encrypt {} \; -exec rm {} \;
-            fi
-
-        done
-        sleep 1
-    fi
-done
diff --git a/bullseye/other_files/plomlombot_hook_post-receive b/bullseye/other_files/plomlombot_hook_post-receive
deleted file mode 100755 (executable)
index c4627af..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-GIT_WORK_TREE=/home/plom/plomlombot-irc git checkout -f
diff --git a/bullseye/other_files/prune_microblogpub.sh b/bullseye/other_files/prune_microblogpub.sh
deleted file mode 100644 (file)
index 8cfc385..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-set -e
-set -x
-service microblogpub stop
-microblogdir=/home/plom/testing.microblog.pub
-cd "${microblogdir}"
-cp -r data/microblogpub.db data/microblogpub.db.bak.$(date +%a)
-su -lc "cd ${microblogdir} && poetry run inv prune-old-data" - plom
-service microblogpub start
-echo "last microblog pruning at $(date)" >> /home/plom/prune_log.txt
diff --git a/bullseye/other_files/url-catcher_customizations.json b/bullseye/other_files/url-catcher_customizations.json
deleted file mode 100644 (file)
index acc4778..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-  "translations": {
-    "wrongCaptcha": "Captcha leider falsch.",
-    "invalidURL": "Falsch formatierte URL.",
-    "recordedURL": "URL aufgezeichnet (wird gesichtet und bei Angemessenheit dem Artikel angefügt): ",
-    "pleaseWait": "Zu viele Versuche von dieser IP. So viele Sekunden warten: "
-  },
-  "mailConfig": {
-    "to": "plom+url_catcher@plomlompom.com",
-    "from": "plom+url_catcher@plomlompom.com"
-  },
-  "slowdownReset": 3600
-}
diff --git a/bullseye/other_files/website_hook_post-receive b/bullseye/other_files/website_hook_post-receive
deleted file mode 100755 (executable)
index 26d1cce..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-GIT_WORK_TREE=/var/www git checkout -f
diff --git a/bullseye/other_files/weechat-wrapper.sh b/bullseye/other_files/weechat-wrapper.sh
deleted file mode 100755 (executable)
index b433574..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-# Enforce ~/.weechatrc as sole persistent weechat config file.
-rm -rf ~/.weechat/
-WEECHATCONF=`tr '\n' ';' < ~/.weechatrc`
-weechat -r "$WEECHATCONF"
-rm -rf ~/.weechat/
diff --git a/bullseye/other_files/weechatlogs_encrypter.sh b/bullseye/other_files/weechatlogs_encrypter.sh
deleted file mode 100755 (executable)
index 9e177d3..0000000
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/sh
-# Encrypt dated weechatlog files older than one day to GPG target defined in
-# ~/.encrypt_target
-set -e
-
-gpg_key=$(cat ~/.encrypt_target)
-cd ~/weechatlogs/irc/
-
-# Dirty hack: To avoid trouble with GPG key expiration, fake
-# system to something reasonbly old (younger than key creation,
-# older than expiration) by taking the mod datetime of
-# /etc/hostname, which should have last be changed when the
-# system was set up.
-hostname_mod_epoch=$(stat -c%Y /etc/hostname)
-find . -regextype posix-egrep -regex '^.*/.*/.*\.[0-9]{4}-[0-9]{2}-[0-9]{2}\.weechatlog$' -type f -mtime +1 -exec gpg --recipient "${gpg_key}" --trust-model always --faked-system-time="${hostname_mod_epoch}" --encrypt {} \; -exec rm {} \;
-
diff --git a/bullseye/other_files/weechatrc b/bullseye/other_files/weechatrc
deleted file mode 100644 (file)
index 2673cb3..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-/set logger.file.path ~/weechatlogs
-/set logger.file.flush_delay 0
-/set logger.mask.irc "irc/$server/$channel.%Y-%m-%d.weechatlog"
-/set weechat.bar.status.items "[time],[buffer_last_number],[buffer_plugin],buffer_number+:+buffer_name+(buffer_modes)+{buffer_nicklist_count}+buffer_zoom+buffer_filter,[lag],[hotlist],completion,scroll,[otr]"
-/set weechat.color.chat_nick_colors "lightcyan"
-/server add libera irc.libera.chat/6697 -nicks=plomlompom,plomlomp0m,ploml0mp0m,pl0ml0mp0m -realname="Christian Heller" -autojoin=#plomlomtest -ssl
-/set irc.server.libera.sasl_mechanism PLAIN
-/set irc.server.libera.sasl_username FOO
-/set irc.server.libera.sasl_password BAR
-/connect libera 
-/bar hide buflist
diff --git a/bullseye/other_files/zettel_hook_post-receive b/bullseye/other_files/zettel_hook_post-receive
deleted file mode 100755 (executable)
index 3bea5b2..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-ZETTELDIR=/home/plom/zettel
-GIT_WORK_TREE=$ZETTELDIR git checkout -f
-cd $ZETTELDIR
-redo
diff --git a/bullseye/setup_scripts/copy_dirtree.sh b/bullseye/setup_scripts/copy_dirtree.sh
deleted file mode 100755 (executable)
index c0cb9bf..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-# Copy files in argument-selected subdirectories of $1 to subdirectories
-# of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2
-# of "" and $3 of "all", copy files below etc_files/all such as
-# etc_files/all/etc/foo/bar to equivalent locations below / such as
-# /etc/foo/bar. Create directories as necessary. Multiple arguments after
-# $3 are possible.
-#
-# CAUTION: This removes original files at the affected paths.
-set -e
-
-if [ "$#" -lt 3 ]; then
-    echo 'Need arguments: source root, target root, modules.'
-    false
-fi
-source_root="$1"
-target_root="$2"
-shift 2
-
-for target_module in "$@"; do
-    mkdir -p "${source_root}/${target_module}"
-    cd "${source_root}/${target_module}"
-    for path in $(find . -type f); do
-        target_path="${target_root}"$(echo "${path}" | cut -c2-)
-        source_path=$(realpath "${path}")
-        dir=$(dirname "${target_path}")
-        mkdir -p "${dir}"
-        cp "${source_path}" "${target_path}"
-    done
-done
diff --git a/bullseye/setup_scripts/init_user_and_keybased_login.sh b/bullseye/setup_scripts/init_user_and_keybased_login.sh
deleted file mode 100755 (executable)
index 358a37e..0000000
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-# This script turns a fresh server with password-based root access into
-# one of only key-based access and only to new non-root account plom.
-#
-# CAUTION: This is optimized for a *fresh* setup. It will overwrite any
-# pre-existing ~/.ssh/authorized_keys of user plom with one that solely
-# contains the local ~/.ssh/id_rsa.pub, and also any old
-# /etc/ssh/sshd_config.
-#
-# Dependencies: ssh, scp, sshpass, ~/.ssh/id_rsa.pub, properly
-# configured sshd_config file in misc.sh:$local_etc_server
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_n_args 1 "(server)" "$@"
-server="$1"
-
-# If we already knew that host …
-ssh-keygen -f "/home/plom/.ssh/known_hosts" -R "${server}"
-
-# This will be used to log-in as root from plom account.
-printf '\nFirst, enter the old root password; then enter new password three times.\n\n'
-ssh root@"${server}" 'printf "\n\n" && passwd'
-
-# Save root password for sshpass
-stty -echo
-printf "Re-enter new server root password: "
-read PW_ROOT
-stty echo
-printf "\n"
-export SSHPASS="${PW_ROOT}"
-
-# Create user plom, and his ~/.ssh/authorized_keys based on the local
-# ~/.ssh/id_rsa.pub; ensure the result has proper permissions and
-# ownerships. Then disable root and pw login by copying over the
-# sshd_config and restart ssh daemon.
-#
-# This could be a line or two shorter by using ssh-copy-id, but that
-# would require setting a password for user plom otherwise not needed.
-sshpass -e scp ~/.ssh/id_rsa.pub root@"${server}":/tmp/authorized_keys
-sshpass -e ssh root@"${server}" \
-        'useradd -m plom && '\
-        'mkdir /home/plom/.ssh && '\
-        'chown plom:plom /home/plom/.ssh && '\
-        'chown plom:plom /tmp/authorized_keys && '\
-        'chmod u=rw,go= /tmp/authorized_keys && '\
-        'mv /tmp/authorized_keys /home/plom/.ssh/'
-sshpass -e scp "${local_path_sshd_config}" root@"${server}":"${system_path_sshd_config}"
-sshpass -e ssh root@"${server}" 'service ssh restart'
diff --git a/bullseye/setup_scripts/init_user_login.sh b/bullseye/setup_scripts/init_user_login.sh
deleted file mode 100755 (executable)
index 3dfc0d5..0000000
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/sh
-# This script turns a fresh server with password-based root access into
-# one of only key-based access and only to new non-root account plom.
-#
-# CAUTION: This is optimized for a *fresh* setup. It will overwrite any
-# pre-existing ~/.ssh/authorized_keys of user plom with one that solely
-# contains the local ~/.ssh/id_rsa.pub, and also any old
-# /etc/ssh/sshd_config.
-#
-# Dependencies: ssh, scp, ~/.ssh/id_rsa.pub, properly configured sshd_config
-# file in misc.sh:$local_etc_server.
-set -e
-. ./misc.sh
-. ../../misc.sh
-
-expect_n_args 1 "(server)" "$@"
-server="$1"
-
-# If we already knew that host …
-ssh-keygen -f "/home/plom/.ssh/known_hosts" -R "${server}"
-
-# So we're only asked once …
-eval $(ssh-agent)
-ssh-add
-
-# This will be used to log-in as root from plom account.
-printf '\nAsking for new root password.\n\n'
-ssh root@"${server}" 'printf "\n\n" && passwd'
-
-# Set up plom's ~/.ssh/authorized_keys from root's.
-ssh root@"${server}" 'useradd -m plom'
-ssh root@"${server}" 'mkdir /home/plom/.ssh'
-ssh root@"${server}" 'chown plom:plom /home/plom/.ssh'
-ssh root@"${server}" 'cp /root/.ssh/authorized_keys /home/plom/.ssh/'
-ssh root@"${server}" 'chown plom:plom /home/plom/.ssh/authorized_keys'
-
-# Set up SSH config and remove direct SSH login to root.
-scp "${local_path_sshd_config}" root@"${server}":"${system_path_sshd_config}"
-ssh root@"${server}" 'rm -rf /root/.ssh && service ssh restart'
diff --git a/bullseye/setup_scripts/install_for_target.sh b/bullseye/setup_scripts/install_for_target.sh
deleted file mode 100755 (executable)
index 6f42b56..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/sh
-# Walks through the package names in the argument-selected files of
-# apt-mark/ and ensures the respective packages are installed.
-#
-# Ignores anything in an apt-mark/ file after the last newline.
-set -e
-
-config_tree_prefix="${HOME}/config/bullseye"
-aptmark_dir="${config_tree_prefix}/apt-mark"
-
-for target in "$@"; do
-    path="${aptmark_dir}/${target}"
-    # TODO: continue if file at $path not found, to get rid of dummy files
-    cat "${path}" | while read line; do
-        echo "$line"
-        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-            DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=--force-confold install "${line}"
-        fi
-    done
-done
diff --git a/bullseye/setup_scripts/migrate_borg.sh b/bullseye/setup_scripts/migrate_borg.sh
deleted file mode 100755 (executable)
index 28a0fd9..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -ne 1 ]; then
-    echo 'Need  old server IP.'
-    false
-fi
-old_server="$1"
-config_tree_prefix="${HOME}/config/bullseye"
-cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
-chown plom:plom /home/plom/prepare_to_meet_server.sh
-su -lc "./prepare_to_meet_server.sh ${old_server}" plom
-read -p'Hit Enter when you are done.' ignore
-rm /home/plom/prepare_to_meet_server.sh
-cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-su -lc "./mirror_dir.sh ${old_server} /home/plom/borg" plom
-rm /home/plom/mirror_dir.sh
diff --git a/bullseye/setup_scripts/mirror_dir.sh b/bullseye/setup_scripts/mirror_dir.sh
deleted file mode 100755 (executable)
index 0fc03aa..0000000
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/sh
-# Mirror directory tree from remote to local server, keeping the path.
-set -e
-
-if [ $# -lt 2 ]; then
-    echo "Need server and directory as arguments."
-    false
-fi
-server=$1
-dir=$2
-path_package=/tmp/delete.tar
-
-eval `ssh-agent`
-ssh-add
-cd
-ssh plom@"${server}" "cd \"${dir}\" && tar cf ${path_package} ."
-scp plom@"${server}":"${path_package}" "${path_package}"
-mkdir -p "${dir}"
-cd "${dir}"
-tar xf "${path_package}"
-cd
-rm "${path_package}"
-ssh plom@"${server}" rm "${path_package}"
diff --git a/bullseye/setup_scripts/misc.sh b/bullseye/setup_scripts/misc.sh
deleted file mode 100644 (file)
index bf38bf6..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-#set -e
-config_tree_prefix="${HOME}/public_repos/config/bullseye"
diff --git a/bullseye/setup_scripts/prepare_to_meet_server.sh b/bullseye/setup_scripts/prepare_to_meet_server.sh
deleted file mode 100755 (executable)
index df2aa41..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/sh
-# Do some of the steps necessary to SSH (key-based) with another server.
-set -e
-
-if [ "$#" -ne 1 ]; then
-    echo 'Need server IP as argument.'
-    false
-fi
-target="$1"
-
-# We need a public key to copy over, so generate it if not found.
-if [ ! -f ~/.ssh/id_rsa.pub ]; then
-    ssh-keygen -N ""
-fi
-
-# Add target to ~/.ssh/known_hosts so we don't get
-# asked for permission at inopportune moments.
-ssh-keyscan -H "$target" >> ~/.ssh/known_hosts
-
-# Tell user what to do.
-echo "APPEND FOLLOWING TO TARGET'S ~/.ssh/authorized_keys:"
-cat ~/.ssh/id_rsa.pub
diff --git a/bullseye/setup_scripts/purge_nonrequireds.sh b/bullseye/setup_scripts/purge_nonrequireds.sh
deleted file mode 100755 (executable)
index 135196b..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-# This script removes all Debian packages that are not of Priority
-# "required" or not depended on by packages of priority "required"
-# or not listed in the argument-selected files of apt-mark/.
-set -e
-
-config_tree_prefix="${HOME}/config/bullseye"
-aptmark_dir="${config_tree_prefix}/apt-mark"
-
-dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted
-for target in "$@"; do
-    path="${aptmark_dir}/${target}"
-    cat "${path}" | while read line; do
-        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-            echo "${line}" >> /tmp/list_white_unsorted
-        fi
-    done
-done
-sort /tmp/list_white_unsorted > /tmp/list_white
-dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages
-sort /tmp/list_all_packages > /tmp/foo
-mv /tmp/foo /tmp/list_all_packages
-comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black
-apt-mark auto `cat /tmp/list_black`
-DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
-rm /tmp/list_all_packages /tmp/list_white_unsorted /tmp/list_white /tmp/list_black
-
-# Somehow, auto-mounts get undone by all of this, so re-mount /etc/fstab.
-# TODO: Find out why.
-mount -a
diff --git a/bullseye/setup_scripts/set_hostname_and_fqdn.sh b/bullseye/setup_scripts/set_hostname_and_fqdn.sh
deleted file mode 100755 (executable)
index a3b9f9a..0000000
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-# Sets hostname and optionally FQDN.
-#
-# Calls hostname, writes to /etc/hostname and /etc/hosts. For /etc/hosts
-# writing follows recommendations from Debian manual at
-# <https://www.debian.org/doc/manuals/debian-reference/ch05.en.html>
-# (section "The hostname resolution") on how to map hostname and possibly
-# FQDN to a permanent IP if present (we assume here any non-private IP
-# and non-loopback IP returned by hostname -I to fulfill that criterion
-# on our systems) or to 127.0.1.1 if not. On the reasoning for separating
-# localhost and hostname mapping to different IPs, see
-# <https://unix.stackexchange.com/a/13087>.
-#
-# Ignores IPv6s.
-set -e
-
-hostname="$1"
-fqdn="$2"
-if [ "${hostname}" = "" ]; then
-    echo "Need hostname as argument."
-    false
-fi
-echo "${hostname}" > /etc/hostname
-hostname "${hostname}"
-
-final_ip="127.0.1.1"
-for ip in $(hostname -I); do
-    if [ $(echo "${ip}" | grep ':' | wc -l) -eq 1 ]; then
-        continue
-    fi
-    range_1=$(echo "${ip}" | cut -d "." -f 1)
-    range_2=$(echo "${ip}" | cut -d "." -f 2)
-    if [ "${range_1}" -eq 127 ]; then
-        continue
-    elif [ "${range_1}" -eq 10 ]; then
-        continue
-    elif [ "${range_1}" -eq 172 ]; then
-        if [ "${range_2}" -ge 16 ] && [ "${range_2}" -le 31 ]; then
-            continue
-        fi
-    elif [ "${range_1}" -eq 192 ]; then
-        if [ "${range_2}" -eq 168 ]; then
-            continue
-        fi
-    fi
-    final_ip="${ip}"
-done
-
-echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
-echo "${final_ip} ${fqdn} ${hostname}" >> /etc/hosts
diff --git a/bullseye/setup_scripts/setup.sh b/bullseye/setup_scripts/setup.sh
deleted file mode 100755 (executable)
index aadfc25..0000000
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/sh
-set -e
-
-# Provide maximum input for set_hostname_and_fqdn.sh.
-if [ "$#" -lt 2 ]; then
-    echo 'Need at least two arguments (hostname, FQDN).'
-    false
-fi
-hostname="$1"
-fqdn="$2"
-shift 2
-
-config_tree_prefix="${HOME}/config/bullseye"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-cd "${setup_scripts_dir}"
-
-# Adapt /etc/ to our needs by copying from ./etc_files. This will set
-# basic configurations affecting following steps, such as setup of APT
-# and the locale selection, so needs to be right at the beginning.
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" all "$@"
-
-# Set hostname and FQDN.
-./set_hostname_and_fqdn.sh "${hostname}" "${fqdn}"
-
-# Ensure package installation state as defined by what packages are
-# defined as required by Debian policy and by settings in ./apt-mark/.
-apt update
-./install_for_target.sh all "$@"
-./purge_nonrequireds.sh all "$@"
-
-# Ensure our desired locale is available.
-locale-gen
-
-# Only upgrade after reducing the system to the desired minimum, so that
-# we don't need to get more data than necessary.
-apt -y dist-upgrade
-
-# Set Berlin localtime.
-ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
diff --git a/bullseye/setup_scripts/setup_daily_reboot.sh b/bullseye/setup_scripts/setup_daily_reboot.sh
deleted file mode 100755 (executable)
index f8ed183..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/sh
-set -e
-
-# Set up system without user environment.
-config_tree_prefix="${HOME}/config/bullseye"
-
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" daily_reboot 
-systemctl enable reboot.timer 
-systemctl start reboot.timer 
diff --git a/bullseye/setup_scripts/setup_desktop.sh b/bullseye/setup_scripts/setup_desktop.sh
deleted file mode 100755 (executable)
index 329e6e2..0000000
+++ /dev/null
@@ -1,65 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -ne 1 ]; then
-    echo 'Need exactly one argument (system name).'
-    false
-fi
-if [ ! "$1" = "x220" ] && [ ! "$1" = "w530" ]; then
-    echo "Need legal system name."
-    false
-fi
-system_name="$1"
-
-# Set up system without user environment.
-config_tree_prefix="${HOME}/config/bullseye"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-cd "${setup_scripts_dir}"
-if [ "$1" = "x200s" ] || [ "$1" = "x220" ] || [ "$1" = "w530" ]; then
-  ./setup.sh "${system_name}" "" user desktop thinkpad "${system_name}"
-else
-  ./setup.sh "${system_name}" "" user desktop "${system_name}"
-fi
-
-# # Set up printer.
-# ppd_deb="hll2350dwpdrv-4.0.0-1.i386.deb"
-# wget "https://download.brother.com/welcome/dlf103566/${ppd_deb}"
-# dpkg --add-architecture i386
-# apt update
-# apt install -y "./${ppd_deb}"
-# # lpadmin -p 'Brother_HLL2350DW' -m 'brother-HLL2350DW-cups-en.ppd'
-# # service cups restart
-# rm "./${ppd_deb}"
-# # TODO explore potential lpadmin options like -o 'OutputMode=NormalGray'
-
-# Set up user environments.
-secrets_dev="sdb"
-source_dir_secrets="/media/${secrets_dev}/to_usb"
-target_dir_secrets="/home/plom/tmp_secrets"
-cd "${setup_scripts_dir}"
-./copy_dirtree.sh "${config_tree_prefix}/home_files" "/root" minimal root
-set +e
-HOME_DIR_EXISTS=$([ ! -d "/home/plom" ]; echo $?)
-set -e
-adduser --disabled-password --gecos "" plom
-usermod -a -G sudo plom
-passwd plom
-if [ "${HOME_DIR_EXISTS}" -eq 0 ]; then
-    echo "Put secrets drive into slot for /dev/${secrets_dev}."
-    while [ ! -e /dev/"${secrets_dev}" ]; do
-        sleep 1
-    done
-    stty -echo
-    printf "Secrets passphrase: "
-    read secrets_pass
-    stty echo
-    echo "" # newline so user knows their input return was accepted
-    echo "${secrets_pass}" | pmount /dev/"${secrets_dev}"
-    cp -a "${source_dir_secrets}" "${target_dir_secrets}"
-    chown -R plom:plom "${target_dir_secrets}"
-    pumount "${secrets_dev}"
-    echo "You can remove /dev/${secrets_dev} now."
-    cp setup_home.sh /home/plom
-    chown plom:plom /home/plom/setup_home.sh
-    SECRETS_PASS="${secrets_pass}" su -c "cd && ./setup_home.sh ${system_name}" plom
-fi
diff --git a/bullseye/setup_scripts/setup_dumpsite.sh b/bullseye/setup_scripts/setup_dumpsite.sh
deleted file mode 100755 (executable)
index 35f7c8e..0000000
+++ /dev/null
@@ -1,102 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -ne 4 ]; then
-    echo 'Need domain name and mail and old server and repos source ("local" or "remote"?).'
-    false
-fi
-if [ ! "$4" = "local" ] && [ ! "$4" = "remote" ]; then
-    echo "Need legal repo source name."
-    false
-fi
-domain="$1"
-mail="$2"
-old_server="$3"
-repos_source="$4"
-
-read -p"Only continue if hostname is not domain of url_catcher's target mail address, else abort!" ignore
-
-# Install configs, set up firewall.
-echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections
-echo "postfix postfix/mailname string $(hostname -f)" | debconf-set-selections
-config_tree_prefix="${HOME}/config/bullseye"
-./install_for_target.sh web dumpsite
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web dumpsite
-nft -f /etc/nftables.conf
-
-# Set up letsencrypt certificate. TODO: Is it auto-renewed?
-ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-rm /etc/nginx/sites-enabled/default
-
-# Set up connection to old dump server.
-cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
-chown plom:plom /home/plom/prepare_to_meet_server.sh
-su -lc "./prepare_to_meet_server.sh ${old_server}" plom
-read -p'Hit Enter when you are done.' ignore
-rm /home/plom/prepare_to_meet_server.sh
-
-# Set up dump dirs.
-mkdir /var/www-dump
-chown plom:plom /var/www-dump
-dump_dir=dump
-geheim_dir=geheim
-su -lc "ln -s /home/plom/${dump_dir} /var/www-dump/${dump_dir}" plom
-su -lc "ln -s /home/plom/${geheim_dir} /var/www-dump/${geheim_dir}" plom
-cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-su -lc "./mirror_dir.sh ${old_server} /home/plom/${dump_dir}" plom
-su -lc "./mirror_dir.sh ${old_server} /home/plom/${geheim_dir}" plom
-su -lc "scp plom@${old_server}:/var/www-dump/password_geheim ~" plom
-mv /home/plom/password_geheim /var/www-dump/password_geheim
-rm /home/plom/mirror_dir.sh
-
-# Set up redo.
-wget http://news.dieweltistgarnichtso.net/bin/archives/redo-sh.tar.gz
-tar -moxzf redo-sh.tar.gz -C /usr/local
-
-# Set up zettel.
-su -lc "git clone --mirror ${old_server}:zettel.git" plom
-cp "${config_tree_prefix}/other_files/zettel_hook_post-receive" /home/plom/zettel.git/hooks/post-receive
-su -lc "git clone ~/zettel.git && cd zettel && redo" plom
-su -lc "ln -s /home/plom/zettel /var/www-dump/zettel" plom
-# NOTE: Locally, to update content, clone zettel.git, not zettel.
-
-# Set up redo blog.
-su -lc "git clone --mirror ${old_server}:blog.git" plom
-cp "${config_tree_prefix}/other_files/blog_hook_post-receive" /home/plom/blog.git/hooks/post-receive
-su -lc "git clone ~/blog.git" plom
-# TODO: set up like plomlombot repo (with post-recieve hook)?
-if [ "$repos_source" = "local"]; then
-  su -lc "git clone /var/repos/redo-blog" plom
-else
-  su -lc "git clone https://plomlompom.com/repos/clone/redo-blog" plom
-fi
-su -lc "cd redo-blog && ./add_dir.sh ~/blog" plom
-su -lc "cd blog && redo" plom
-su -lc "ln -s /home/plom/blog/public /var/www-dump/blog" plom
-# NOTE: Locally, to update content, clone blog.git, not blog.
-
-# Set up url catcher.
-# TODO: set up like plomlombot repo (with post-recieve hook)?
-if [ "$repos_source" = "local" ]; then
-  su -lc "git clone /var/repos/url-catcher" plom
-else
-  su -lc "git clone https://plomlompom.com/repos/clone/url-catcher" plom
-fi
-su -lc "cd url-catcher && ln -s ../blog/captchas/linkable/ captchas" plom
-cp "${config_tree_prefix}/other_files/url-catcher_customizations.json" /home/plom/url-catcher/customizations.json
-systemctl enable url_catcher.service
-service url_catcher start
-cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-su -lc "./mirror_dir.sh ${old_server} /home/plom/url-catcher/ips" plom
-su -lc "./mirror_dir.sh ${old_server} /home/plom/url-catcher/lists" plom
-rm /home/plom/mirror_dir.sh
-
-# Set up index.html
-cp "${config_tree_prefix}/other_files/dumpsite_index.html" /var/www-dump/index.html
-
-# Prepare NGINX.
-sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/dumpsite.nginx
-ln -s /etc/nginx/sites-available/dumpsite.nginx /etc/nginx/sites-enabled/dumpsite.nginx
-
-service nginx restart
diff --git a/bullseye/setup_scripts/setup_firefox.sh b/bullseye/setup_scripts/setup_firefox.sh
deleted file mode 100755 (executable)
index 1cc312f..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/sh
-set -e
-
-# Set up system without user environment.
-config_tree_prefix="${HOME}/config/bullseye"
-
-# Install Firefox directly from Mozilla.
-firefox_release="91.5.1esr"
-firefox_filename="firefox-${firefox_release}.tar.bz2"
-url_firefox="https://ftp.mozilla.org/pub/firefox/releases/${firefox_release}/linux-x86_64/en-US/${firefox_filename}"
-wget "${url_firefox}"
-mv "${firefox_filename}" /opt/
-cd /opt/
-tar xf "${firefox_filename}"
-rm "${firefox_filename}"
-ln -f -s /opt/firefox/firefox /usr/local/bin/
-update-alternatives --install /usr/bin/x-www-browser x-www-browser /opt/firefox/firefox 200
-update-alternatives --set x-www-browser /opt/firefox/firefox
-
-# as default new tab content for tridactyl 
-cp "${config_tree_prefix}/other_files/blank.html" /opt/firefox/
-
-echo "TODO: Install uBlock Origin and tridactyl plugins, run :installnative and :source."
-
diff --git a/bullseye/setup_scripts/setup_home.sh b/bullseye/setup_scripts/setup_home.sh
deleted file mode 100755 (executable)
index 7471598..0000000
+++ /dev/null
@@ -1,101 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -ne 1 ]; then
-    echo 'Need exactly one argument (system name).'
-    false
-fi
-if [ ! "$1" = "x220" ] && [ ! "$1" = "w530" ]; then
-    echo "Need legal system name."
-    false
-fi
-system_name="$1"
-
-public_repos_dir="${HOME}/public_repos"
-config_tree_prefix="${public_repos_dir}/config/bullseye"
-path_borgscript="${config_tree_prefix}//borg.sh"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-repos_list_file="${public_repos_dir}/repos"
-dir_secrets="${HOME}/tmp_secrets"
-borgkeys_dir=~/.config/borg/keys
-borgrepos_file=~/.borgrepos
-ssh_dir=~/.ssh
-authinfo_file=.authinfo
-maildir=~/mail/maildir
-
-ensure_repo() {
-    repo_name="${1}"
-    if [ ! -d "${public_repos_dir}/${repo_name}" ]; then
-        cd "${public_repos_dir}"
-        git clone plom@plomlompom.com:/var/repos/${repo_name}
-    fi
-}
-
-# Set up iniitial non-public parts of infrastructure: SSH authentication.
-cd "${dir_secrets}"
-mkdir -p "${ssh_dir}"
-echo "Setting up .ssh"
-cp id_rsa ~/.ssh
-stty -echo
-ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
-stty echo
-eval $(ssh-agent)
-ssh-add
-ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts
-
-# Clone config to copy dotfiles etc. from it.
-cd
-mkdir -p "${public_repos_dir}"
-ensure_repo config
-cd "${setup_scripts_dir}"
-./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}"
-
-# # Set up native messenger for tridactyl.
-# version='ef9f02d0da258f68d7faf8898707f6d83d90d07a'
-# curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash
-
-# Set up further non-public parts of infrastructure.
-cd "${dir_secrets}"
-script -c 'gpg --import secret_keys.asc' /dev/null
-tar xf borg_keyfiles.tar
-mkdir -p "${borgkeys_dir}"
-mv borg_keyfiles/* "${borgkeys_dir}"
-# .authinfo may not be present on every secrets drive yet
-if [ -f "${authinfo_file}" ]; then
-    cp "${authinfo_file}" ~
-fi
-cd
-rm -rf "${dir_secrets}"
-
-# Sync org dir via borgbackup. For this we need the borgbackup servers
-# in our .ssh/known_hosts file.
-cat "${borgrepos_file}" | while read line; do
-    first_char=$(echo "${line}" | cut -c1)
-    if [ "${first_char}" = "#" ]; then
-        continue
-    fi
-    server=$(echo "${line}" | sed 's/.*@//')
-    ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts
-done
-BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull
-
-# Fill ~/public_repos.
-cat "${repos_list_file}" | while read line; do
-    first_char=$(echo "${line}" | cut -c1)
-    if [ "${first_char}" = "#" ]; then
-        continue
-    fi
-    ensure_repo "${line}"
-done
-
-# Set up e-mail system. Note that we only do mbsync if the imap pass file
-# is found. It may not be present on every secrets drive yet, so we have to
-# deal with the possibility of it being absent at this point.
-mkdir -p "${maildir}"  # expected by mbsync/isync
-if [ -f "${HOME}/${authinfo_file}" ]; then
-    mbsync -a
-    notmuch new
-fi
-
-# # Final note on how to integrate tridactyl.
-# echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start."
diff --git a/bullseye/setup_scripts/setup_microblogpub.sh b/bullseye/setup_scripts/setup_microblogpub.sh
deleted file mode 100755 (executable)
index d0f68c9..0000000
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/bin/sh
-set -e
-set -x
-
-if [ "$#" -ne 2 ]; then
-    echo 'Need domain name and mail.'
-    false
-fi
-domain="$1"
-mail="$2"
-
-# Install configs, set up firewall.
-config_tree_prefix="${HOME}/config/bullseye"
-./install_for_target.sh web microblogpub
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web microblogpub
-apt update  # since we just updated /etc/apt/sources.list
-nft -f /etc/nftables.conf
-
-# Set up letsencrypt certificate. TODO: Is it auto-renewed?
-ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-rm /etc/nginx/sites-enabled/default
-
-# Install Python >=3.10 from source (Bullseye only has 3.9).
-python_version=3.11.1
-python_dirname="Python-${python_version}"
-su -lc "wget https://www.python.org/ftp/python/${python_version}/${python_dirname}.tgz" plom
-su -lc "tar -xvf ${python_dirname}.tgz" plom
-su -lc "cd /home/plom/${python_dirname} && ./configure --enable-optimizations && make"
-cd /home/plom/${python_dirname}/
-make altinstall
-cd
-rm -rf /home/plom/${python_dirname}
-
-# Configure/install Poetry and microblog.pub.
-su -lc "curl -sSL https://install.python-poetry.org | python3.11" - plom
-su -lc "git clone https://git.sr.ht/~tsileo/microblog.pub testing.microblog.pub" - plom
-su -lc "poetry config installer.parallel false" - plom
-su -lc "cd testing.microblog.pub && poetry install" - plom
-su -lPc "cd testing.microblog.pub && poetry run inv configuration-wizard" - plom
-su -lPc "cd testing.microblog.pub && poetry run inv migrate-db" - plom
-
-# Set up microblog.pub daemon service.
-venv_dir_path=$( su -lPc "cd testing.microblog.pub && poetry env info --path" - plom)
-venv_dir=$(basename ${venv_dir_path})
-sed -i "s/REPLACE_venv_dir_ECALPER/${venv_dir}/g" /etc/systemd/system/microblogpub.service
-systemctl enable microblogpub.service
-service microblogpub start
-
-# Prepare and start NGINX config.
-sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/microblogpub.nginx
-ln -s /etc/nginx/sites-available/microblogpub.nginx /etc/nginx/sites-enabled/microblogpub.nginx
-service nginx restart
-
-# Setup regular DB pruning
-cp "${config_tree_prefix}/other_files/prune_microblog.sh" /home/plom/
-systemctl enable microblogpub_prune.timer
-systemctl start microblogpub_prune.timer
diff --git a/bullseye/setup_scripts/setup_play.sh b/bullseye/setup_scripts/setup_play.sh
deleted file mode 100755 (executable)
index a29b2f6..0000000
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -lt 1 ]; then
-  echo "Need public key ID and optionally old server IP."
-  false
-fi
-gpg_key="$1"
-old_server="$2"
-
-config_tree_prefix="${HOME}/config/bullseye"
-./install_for_target.sh play
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" play
-cp "${config_tree_prefix}/other_files/weechatrc" /home/plom/.weechatrc
-cp "${config_tree_prefix}/other_files/weechat-wrapper.sh" /home/plom/
-cp "${config_tree_prefix}/other_files/weechatlogs_encrypter.sh" /home/plom/
-chown plom:plom /home/plom/*weechat*
-chown plom:plom /home/plom/.weechatrc
-echo "${gpg_key}" > /home/plom/.encrypt_target
-chown plom:plom /home/plom/.encrypt_target
-
-# TODO refactor with setup_website.sh
-# Add encryption key.
-keyservers='keyserver.ubuntu.com pgp.surf.nl pgp.rediris.es'
-set +e
-while true; do
-    do_break=0
-    for keyserver in $(echo "${keyservers}"); do
-        su plom -c "gpg --no-tty --keyserver $keyserver --recv-key ${gpg_key}"
-        if [ $? -eq "0" ]; then
-            do_break=1
-            break
-        fi
-        echo "Attempt with keyserver ${keyserver} unsuccessful, trying other."
-    done
-    if [ "${do_break}" -eq "1" ]; then
-        break
-    fi
-done
-set -e
-
-if [ "${old_server}" != "" ]; then
-  cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
-  su -lc "./prepare_to_meet_server.sh ${old_server}" plom
-  read -p'Hit Enter when you are done.' ignore
-  rm /home/plom/prepare_to_meet_server.sh
-  su -lc "scp plom@${old_server}:.ssh/authorized_keys .ssh/authorized_keys" plom
-  su -lc "scp plom@${old_server}:.weechatrc ~" plom
-  cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-  su -lc "./mirror_dir.sh ${old_server} /home/plom/weechatlogs" plom
-  rm /home/plom/mirror_dir.sh
-fi
-
-systemctl enable --now encrypt_chatlogs.timer
diff --git a/bullseye/setup_scripts/setup_server.sh b/bullseye/setup_scripts/setup_server.sh
deleted file mode 100755 (executable)
index a05db18..0000000
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh
-# Next setup steps for a server whose login policy has just been set from
-# the outside via ./init_user_and_keybased_login.sh.
-set -e
-
-# Provide maximum input for set_hostname_and_fqdn.sh.
-if [ "$#" -lt 2 ]; then
-    echo 'Need exactly two arguments (hostname, FQDN).'
-    false
-fi
-hostname="$1"
-fqdn="$2"
-additional_arg="$3"
-
-# Set up system without user environment.
-config_tree_prefix="${HOME}/config/bullseye"
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-cd "${setup_scripts_dir}"
-./setup.sh "${hostname}" "${fqdn}" server "${additional_arg}"
-
-# If we have not yet set the shell for user plom, ensure it here. This
-# is mostly for convenience.
-usermod -s /bin/bash plom
-
-# Enable firewall.
-systemctl enable nftables.service
diff --git a/bullseye/setup_scripts/setup_website.sh b/bullseye/setup_scripts/setup_website.sh
deleted file mode 100755 (executable)
index ad36796..0000000
+++ /dev/null
@@ -1,139 +0,0 @@
-#!/bin/sh
-set -e
-
-if [ "$#" -ne 4 ] && [ "$#" -ne 5 ]; then
-    echo 'Need domain name and mail and key ID and init state and possibly old server IP as argument.'
-    false
-fi
-if [ ! "$4" = "copy" ] && [ ! "$4" = "new" ]; then
-    echo "Need init state to be either 'copy' or 'new'."
-    false
-fi
-if [ ! "$4" = "new" ] && [ "$#" -ne 5 ]; then
-    echo "With init state != 'new' need fifth argument old server IP."
-    false
-fi
-domain="$1"
-mail="$2"
-gpg_key="$3"
-init_state="$4"
-old_server="$5"
-
-# Install configs, set up firewall.
-config_tree_prefix="${HOME}/config/bullseye"
-./install_for_target.sh web website
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" web website
-nft -f /etc/nftables.conf
-
-# Set up letsencrypt certificate. TODO: Is it auto-renewed?
-ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
-certbot --nginx --agree-tos --redirect --no-eff-email -m "${mail}" -d "${domain}"
-rm /etc/nginx/sites-enabled/default
-
-# Set up connection to old server.
-if [ ! "${init_state}" = "new" ]; then
-  cp "${config_tree_prefix}/setup_scripts/prepare_to_meet_server.sh" /home/plom/
-  chown plom:plom /home/plom/prepare_to_meet_server.sh
-  su -lc "./prepare_to_meet_server.sh ${old_server}" plom
-  read -p'Hit Enter when you are done.' ignore
-  rm /home/plom/prepare_to_meet_server.sh
-fi
-
-# Set up repos dir.
-# To use this dir, "git clone --mirror" repo source paths into it as user plom.
-# As user plom, touch git-daemon-export-ok files into it to make the repo
-# publically available.
-if [ "${init_state}" = "new" ]; then
-  mkdir /var/repos
-  chown plom:plom /var/repos
-else
-  cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-  chmod a+w /var
-  if [ "${init_state}" = "copy" ]; then
-    su -lc "./mirror_dir.sh ${old_server} /var/repos" plom
-  else
-    su -lc "./mirror_dir.sh ${old_server} /var/public_repos" plom
-  fi
-  chmod a-w /var
-  rm /home/plom/mirror_dir.sh
-fi
-
-# Prepare NGINX and GitWeb config.
-sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/gitweb.conf
-sed -i "s/REPLACE_fqdn_ECALPER/${domain}/g" /etc/nginx/sites-available/website.nginx
-ln -s /etc/nginx/sites-available/website.nginx /etc/nginx/sites-enabled/website.nginx
-
-# Set up website. TODO: use non-/var/www dir for better separation to dump site
-rm -rf /var/www
-mkdir /var/www
-chown plom:plom /var/www
-if [ "${init_state}" = "new" ]; then
-  su -lc "cd /var/repos && git init --bare website.git" plom
-fi
-cp "${config_tree_prefix}/other_files/website_hook_post-receive" /var/repos/website.git/hooks/post-receive
-su -lc 'cd /var/www && git clone /var/repos/website.git .' plom
-
-# Add encryption key.
-keyservers='keyserver.ubuntu.com pgp.surf.nl pgp.rediris.es'
-set +e
-while true; do
-    do_break=0
-    for keyserver in $(echo "${keyservers}"); do
-        su plom -c "gpg --no-tty --keyserver $keyserver --recv-key ${gpg_key}"
-        if [ $? -eq "0" ]; then
-            do_break=1
-            break
-        fi
-        echo "Attempt with keyserver ${keyserver} unsuccessful, trying other."
-    done
-    if [ "${do_break}" -eq "1" ]; then
-        break
-    fi
-done
-set -e
-
-# Set up plomlombot.
-irclogs_dir=/var/www/html/irclogs
-irclogs_pw_dir=/var/www/irclogs_pw
-mkdir -p "${irclogs_dir}"
-chown -R plom:plom "${irclogs_dir}"
-mkdir -p "${irclogs_pw_dir}"
-chown -R plom:plom "${irclogs_pw_dir}"
-if [ "${init_state}" = "new" ]; then
-  # TODO investigate whether we can get rid of anything here
-  # Handle the case that the repo is in the old pre-buster server setup –
-  # even then, the URL should be the same.
-  su -lc "cd /var/repos && git clone --mirror https://plomlompom.com/repos/clone/plomlombot-irc" plom
-  su -lc "touch /var/repos/plomlombot-irc.git/git-daemon-export-ok" plom
-  cp "${config_tree_prefix}/other_files/plomlombot_hook_post-receive" /var/repos/plomlombot-irc.git/hooks/post-receive
-fi
-su -lc "git clone /var/repos/plomlombot-irc.git" plom
-cp "${config_tree_prefix}/other_files/plomlombot_daemon.sh" /home/plom/
-chown plom:plom /home/plom/plomlombot_daemon.sh
-if [ "${init_state}" = "new" ]; then
-  echo 'bot: plomlombog plomlombog #plomlomtest irc.freenode.net foo bar' >> /home/plom/.plomlombot
-  chown plom:plom /home/plom/.plomlombot
-else
-  cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-  su -lc "./mirror_dir.sh ${old_server} /home/plom/plomlombot_db" plom
-  rm /home/plom/mirror_dir.sh
-  su -lc "scp plom@${old_server}:.plomlombot ~" plom
-  # TODO  su -lc "ssh plom@${old_server} \"su -lc 'service plomlombot stop'\"" plom
-fi
-# TODO systemctl enable plomlombot.service
-# TODO service plomlombot start
-
-# Set up guiltcards.
-su -lc "git clone /var/repos/guiltcards" plom
-cp "${config_tree_prefix}/setup_scripts/mirror_dir.sh" /home/plom/
-su -lc "./mirror_dir.sh ${old_server} /home/plom/guiltcards/decks" plom
-rm /home/plom/mirror_dir.sh
-
-# In the above step, we might have created a root-owned /var/www/html –
-# fix this here.
-chown -R plom:plom /var/www/html
-
-# TODO:
-# - rename /home/plom/public_repos to /home/plom/repos
-
-service nginx restart
diff --git a/constants.sh b/constants.sh
deleted file mode 100755 (executable)
index ac6dd89..0000000
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/sh
-set -e
-
-PATH_REL_ETC=etc
-PATH_REL_APTMARK=aptmark
-PATH_REL_REPO=config
-PATH_REL_HOME=home
-PATH_MANY=../../many_releases
-PATH_MANY_MISC="${PATH_MANY}/scripts/_misc.sh"
-ROOTS_HERE_AND_MANY="${PATH_MANY} .."
-
-USERNAME=plom
-PATH_USER_HOME="/home/${USERNAME}"
-
-FILENAME_PRIVATE_KEY=id_rsa
-FILENAME_PUBLIC_KEY="${FILENAME_PRIVATE_KEY}.pub"
-URL_PUBLIC_KEY="https://dump.plomlompom.com/dump/${FILENAME_PUBLIC_KEY}"
-PATH_REL_LOCAL_SSH=.ssh
-PATH_REL_AUTHORIZED_KEYS="${PATH_REL_LOCAL_SSH}/authorized_keys"
-PATH_AUTHORIZED_KEYS="${HOME}/${PATH_REL_AUTHORIZED_KEYS}"
-PATH_USER_SSH="${PATH_USER_HOME}/${PATH_REL_LOCAL_SSH}"
-
diff --git a/many_releases/aptmark/all b/many_releases/aptmark/all
deleted file mode 100644 (file)
index 41bd4a9..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client unpredictably so
-ifupdown
-isc-dhcp-client
-# git for the setup directory; cloning works with ca-certificates
-ca-certificates
-git
-# to avoid constant warnings about no locale being found
-locales
-# extremely useful for basic network debugging; missed these more than once in an emergency
-netcat-traditional
-iputils-ping
-
diff --git a/many_releases/aptmark/raspi b/many_releases/aptmark/raspi
deleted file mode 100644 (file)
index a59c153..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-# so we can still connect
-openssh-server
-# this gotta be good for _something_ …
-raspi-firmware
-# to boot into a graphical environment
-greetd
-sway
-# for waybar script
-calc
-# for sound
-pulseaudio
-# for setting console keyboard via /etc/default/keyboard 
-console-setup
-# for setting system time
-ntpsec-ntpdate
-# basic usage
-mpv
-firefox-esr
-# for convenience
-foot
-less
-sudo
-vim
-ack
-man-db
-# for ytplom
-python3-venv
-libmpv2
-ffmpeg
-
diff --git a/many_releases/etc/all/apt/apt.conf.d/99_minimize_dependencies b/many_releases/etc/all/apt/apt.conf.d/99_minimize_dependencies
deleted file mode 100644 (file)
index 4aaef79..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-APT::AutoRemove::RecommendsImportant "false";
-APT::AutoRemove::SuggestsImportant "false";
-APT::Install-Recommends "false";
-APT::Install-Suggests "false";
diff --git a/many_releases/etc/all/locale.conf b/many_releases/etc/all/locale.conf
deleted file mode 100644 (file)
index dd6eee3..0000000
+++ /dev/null
@@ -1 +0,0 @@
-LANG="en_US.UTF-8"
diff --git a/many_releases/etc/all/locale.gen b/many_releases/etc/all/locale.gen
deleted file mode 100644 (file)
index a28cfa4..0000000
+++ /dev/null
@@ -1,483 +0,0 @@
-# This file lists locales that you wish to have built. You can find a list
-# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
-# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
-# this file, you need to rerun locale-gen.
-
-
-# aa_DJ ISO-8859-1
-# aa_DJ.UTF-8 UTF-8
-# aa_ER UTF-8
-# aa_ER@saaho UTF-8
-# aa_ET UTF-8
-# af_ZA ISO-8859-1
-# af_ZA.UTF-8 UTF-8
-# ak_GH UTF-8
-# am_ET UTF-8
-# an_ES ISO-8859-15
-# an_ES.UTF-8 UTF-8
-# anp_IN UTF-8
-# ar_AE ISO-8859-6
-# ar_AE.UTF-8 UTF-8
-# ar_BH ISO-8859-6
-# ar_BH.UTF-8 UTF-8
-# ar_DZ ISO-8859-6
-# ar_DZ.UTF-8 UTF-8
-# ar_EG ISO-8859-6
-# ar_EG.UTF-8 UTF-8
-# ar_IN UTF-8
-# ar_IQ ISO-8859-6
-# ar_IQ.UTF-8 UTF-8
-# ar_JO ISO-8859-6
-# ar_JO.UTF-8 UTF-8
-# ar_KW ISO-8859-6
-# ar_KW.UTF-8 UTF-8
-# ar_LB ISO-8859-6
-# ar_LB.UTF-8 UTF-8
-# ar_LY ISO-8859-6
-# ar_LY.UTF-8 UTF-8
-# ar_MA ISO-8859-6
-# ar_MA.UTF-8 UTF-8
-# ar_OM ISO-8859-6
-# ar_OM.UTF-8 UTF-8
-# ar_QA ISO-8859-6
-# ar_QA.UTF-8 UTF-8
-# ar_SA ISO-8859-6
-# ar_SA.UTF-8 UTF-8
-# ar_SD ISO-8859-6
-# ar_SD.UTF-8 UTF-8
-# ar_SS UTF-8
-# ar_SY ISO-8859-6
-# ar_SY.UTF-8 UTF-8
-# ar_TN ISO-8859-6
-# ar_TN.UTF-8 UTF-8
-# ar_YE ISO-8859-6
-# ar_YE.UTF-8 UTF-8
-# as_IN UTF-8
-# ast_ES ISO-8859-15
-# ast_ES.UTF-8 UTF-8
-# ayc_PE UTF-8
-# az_AZ UTF-8
-# be_BY CP1251
-# be_BY.UTF-8 UTF-8
-# be_BY@latin UTF-8
-# bem_ZM UTF-8
-# ber_DZ UTF-8
-# ber_MA UTF-8
-# bg_BG CP1251
-# bg_BG.UTF-8 UTF-8
-# bhb_IN.UTF-8 UTF-8
-# bho_IN UTF-8
-# bn_BD UTF-8
-# bn_IN UTF-8
-# bo_CN UTF-8
-# bo_IN UTF-8
-# br_FR ISO-8859-1
-# br_FR.UTF-8 UTF-8
-# br_FR@euro ISO-8859-15
-# brx_IN UTF-8
-# bs_BA ISO-8859-2
-# bs_BA.UTF-8 UTF-8
-# byn_ER UTF-8
-# ca_AD ISO-8859-15
-# ca_AD.UTF-8 UTF-8
-# ca_ES ISO-8859-1
-# ca_ES.UTF-8 UTF-8
-# ca_ES.UTF-8@valencia UTF-8
-# ca_ES@euro ISO-8859-15
-# ca_ES@valencia ISO-8859-15
-# ca_FR ISO-8859-15
-# ca_FR.UTF-8 UTF-8
-# ca_IT ISO-8859-15
-# ca_IT.UTF-8 UTF-8
-# ce_RU UTF-8
-# chr_US UTF-8
-# cmn_TW UTF-8
-# crh_UA UTF-8
-# cs_CZ ISO-8859-2
-# cs_CZ.UTF-8 UTF-8
-# csb_PL UTF-8
-# cv_RU UTF-8
-# cy_GB ISO-8859-14
-# cy_GB.UTF-8 UTF-8
-# da_DK ISO-8859-1
-# da_DK.UTF-8 UTF-8
-# de_AT ISO-8859-1
-# de_AT.UTF-8 UTF-8
-# de_AT@euro ISO-8859-15
-# de_BE ISO-8859-1
-# de_BE.UTF-8 UTF-8
-# de_BE@euro ISO-8859-15
-# de_CH ISO-8859-1
-# de_CH.UTF-8 UTF-8
-# de_DE ISO-8859-1
-# de_DE.UTF-8 UTF-8
-# de_DE@euro ISO-8859-15
-# de_IT ISO-8859-1
-# de_IT.UTF-8 UTF-8
-# de_LI.UTF-8 UTF-8
-# de_LU ISO-8859-1
-# de_LU.UTF-8 UTF-8
-# de_LU@euro ISO-8859-15
-# doi_IN UTF-8
-# dv_MV UTF-8
-# dz_BT UTF-8
-# el_CY ISO-8859-7
-# el_CY.UTF-8 UTF-8
-# el_GR ISO-8859-7
-# el_GR.UTF-8 UTF-8
-# en_AG UTF-8
-# en_AU ISO-8859-1
-# en_AU.UTF-8 UTF-8
-# en_BW ISO-8859-1
-# en_BW.UTF-8 UTF-8
-# en_CA ISO-8859-1
-# en_CA.UTF-8 UTF-8
-# en_DK ISO-8859-1
-# en_DK.ISO-8859-15 ISO-8859-15
-# en_DK.UTF-8 UTF-8
-# en_GB ISO-8859-1
-# en_GB.ISO-8859-15 ISO-8859-15
-# en_GB.UTF-8 UTF-8
-# en_HK ISO-8859-1
-# en_HK.UTF-8 UTF-8
-# en_IE ISO-8859-1
-# en_IE.UTF-8 UTF-8
-# en_IE@euro ISO-8859-15
-# en_IL UTF-8
-# en_IN UTF-8
-# en_NG UTF-8
-# en_NZ ISO-8859-1
-# en_NZ.UTF-8 UTF-8
-# en_PH ISO-8859-1
-# en_PH.UTF-8 UTF-8
-# en_SG ISO-8859-1
-# en_SG.UTF-8 UTF-8
-# en_US ISO-8859-1
-# en_US.ISO-8859-15 ISO-8859-15
-en_US.UTF-8 UTF-8
-# en_ZA ISO-8859-1
-# en_ZA.UTF-8 UTF-8
-# en_ZM UTF-8
-# en_ZW ISO-8859-1
-# en_ZW.UTF-8 UTF-8
-# eo UTF-8
-# es_AR ISO-8859-1
-# es_AR.UTF-8 UTF-8
-# es_BO ISO-8859-1
-# es_BO.UTF-8 UTF-8
-# es_CL ISO-8859-1
-# es_CL.UTF-8 UTF-8
-# es_CO ISO-8859-1
-# es_CO.UTF-8 UTF-8
-# es_CR ISO-8859-1
-# es_CR.UTF-8 UTF-8
-# es_CU UTF-8
-# es_DO ISO-8859-1
-# es_DO.UTF-8 UTF-8
-# es_EC ISO-8859-1
-# es_EC.UTF-8 UTF-8
-# es_ES ISO-8859-1
-# es_ES.UTF-8 UTF-8
-# es_ES@euro ISO-8859-15
-# es_GT ISO-8859-1
-# es_GT.UTF-8 UTF-8
-# es_HN ISO-8859-1
-# es_HN.UTF-8 UTF-8
-# es_MX ISO-8859-1
-# es_MX.UTF-8 UTF-8
-# es_NI ISO-8859-1
-# es_NI.UTF-8 UTF-8
-# es_PA ISO-8859-1
-# es_PA.UTF-8 UTF-8
-# es_PE ISO-8859-1
-# es_PE.UTF-8 UTF-8
-# es_PR ISO-8859-1
-# es_PR.UTF-8 UTF-8
-# es_PY ISO-8859-1
-# es_PY.UTF-8 UTF-8
-# es_SV ISO-8859-1
-# es_SV.UTF-8 UTF-8
-# es_US ISO-8859-1
-# es_US.UTF-8 UTF-8
-# es_UY ISO-8859-1
-# es_UY.UTF-8 UTF-8
-# es_VE ISO-8859-1
-# es_VE.UTF-8 UTF-8
-# et_EE ISO-8859-1
-# et_EE.ISO-8859-15 ISO-8859-15
-# et_EE.UTF-8 UTF-8
-# eu_ES ISO-8859-1
-# eu_ES.UTF-8 UTF-8
-# eu_ES@euro ISO-8859-15
-# eu_FR ISO-8859-1
-# eu_FR.UTF-8 UTF-8
-# eu_FR@euro ISO-8859-15
-# fa_IR UTF-8
-# ff_SN UTF-8
-# fi_FI ISO-8859-1
-# fi_FI.UTF-8 UTF-8
-# fi_FI@euro ISO-8859-15
-# fil_PH UTF-8
-# fo_FO ISO-8859-1
-# fo_FO.UTF-8 UTF-8
-# fr_BE ISO-8859-1
-# fr_BE.UTF-8 UTF-8
-# fr_BE@euro ISO-8859-15
-# fr_CA ISO-8859-1
-# fr_CA.UTF-8 UTF-8
-# fr_CH ISO-8859-1
-# fr_CH.UTF-8 UTF-8
-# fr_FR ISO-8859-1
-# fr_FR.UTF-8 UTF-8
-# fr_FR@euro ISO-8859-15
-# fr_LU ISO-8859-1
-# fr_LU.UTF-8 UTF-8
-# fr_LU@euro ISO-8859-15
-# fur_IT UTF-8
-# fy_DE UTF-8
-# fy_NL UTF-8
-# ga_IE ISO-8859-1
-# ga_IE.UTF-8 UTF-8
-# ga_IE@euro ISO-8859-15
-# gd_GB ISO-8859-15
-# gd_GB.UTF-8 UTF-8
-# gez_ER UTF-8
-# gez_ER@abegede UTF-8
-# gez_ET UTF-8
-# gez_ET@abegede UTF-8
-# gl_ES ISO-8859-1
-# gl_ES.UTF-8 UTF-8
-# gl_ES@euro ISO-8859-15
-# gu_IN UTF-8
-# gv_GB ISO-8859-1
-# gv_GB.UTF-8 UTF-8
-# ha_NG UTF-8
-# hak_TW UTF-8
-# he_IL ISO-8859-8
-# he_IL.UTF-8 UTF-8
-# hi_IN UTF-8
-# hne_IN UTF-8
-# hr_HR ISO-8859-2
-# hr_HR.UTF-8 UTF-8
-# hsb_DE ISO-8859-2
-# hsb_DE.UTF-8 UTF-8
-# ht_HT UTF-8
-# hu_HU ISO-8859-2
-# hu_HU.UTF-8 UTF-8
-# hy_AM UTF-8
-# hy_AM.ARMSCII-8 ARMSCII-8
-# ia_FR UTF-8
-# id_ID ISO-8859-1
-# id_ID.UTF-8 UTF-8
-# ig_NG UTF-8
-# ik_CA UTF-8
-# is_IS ISO-8859-1
-# is_IS.UTF-8 UTF-8
-# it_CH ISO-8859-1
-# it_CH.UTF-8 UTF-8
-# it_IT ISO-8859-1
-# it_IT.UTF-8 UTF-8
-# it_IT@euro ISO-8859-15
-# iu_CA UTF-8
-# ja_JP.EUC-JP EUC-JP
-# ja_JP.UTF-8 UTF-8
-# ka_GE GEORGIAN-PS
-# ka_GE.UTF-8 UTF-8
-# kk_KZ PT154
-# kk_KZ.RK1048 RK1048
-# kk_KZ.UTF-8 UTF-8
-# kl_GL ISO-8859-1
-# kl_GL.UTF-8 UTF-8
-# km_KH UTF-8
-# kn_IN UTF-8
-# ko_KR.EUC-KR EUC-KR
-# ko_KR.UTF-8 UTF-8
-# kok_IN UTF-8
-# ks_IN UTF-8
-# ks_IN@devanagari UTF-8
-# ku_TR ISO-8859-9
-# ku_TR.UTF-8 UTF-8
-# kw_GB ISO-8859-1
-# kw_GB.UTF-8 UTF-8
-# ky_KG UTF-8
-# lb_LU UTF-8
-# lg_UG ISO-8859-10
-# lg_UG.UTF-8 UTF-8
-# li_BE UTF-8
-# li_NL UTF-8
-# lij_IT UTF-8
-# ln_CD UTF-8
-# lo_LA UTF-8
-# lt_LT ISO-8859-13
-# lt_LT.UTF-8 UTF-8
-# lv_LV ISO-8859-13
-# lv_LV.UTF-8 UTF-8
-# lzh_TW UTF-8
-# mag_IN UTF-8
-# mai_IN UTF-8
-# mg_MG ISO-8859-15
-# mg_MG.UTF-8 UTF-8
-# mhr_RU UTF-8
-# mi_NZ ISO-8859-13
-# mi_NZ.UTF-8 UTF-8
-# mk_MK ISO-8859-5
-# mk_MK.UTF-8 UTF-8
-# ml_IN UTF-8
-# mn_MN UTF-8
-# mni_IN UTF-8
-# mr_IN UTF-8
-# ms_MY ISO-8859-1
-# ms_MY.UTF-8 UTF-8
-# mt_MT ISO-8859-3
-# mt_MT.UTF-8 UTF-8
-# my_MM UTF-8
-# nan_TW UTF-8
-# nan_TW@latin UTF-8
-# nb_NO ISO-8859-1
-# nb_NO.UTF-8 UTF-8
-# nds_DE UTF-8
-# nds_NL UTF-8
-# ne_NP UTF-8
-# nhn_MX UTF-8
-# niu_NU UTF-8
-# niu_NZ UTF-8
-# nl_AW UTF-8
-# nl_BE ISO-8859-1
-# nl_BE.UTF-8 UTF-8
-# nl_BE@euro ISO-8859-15
-# nl_NL ISO-8859-1
-# nl_NL.UTF-8 UTF-8
-# nl_NL@euro ISO-8859-15
-# nn_NO ISO-8859-1
-# nn_NO.UTF-8 UTF-8
-# nr_ZA UTF-8
-# nso_ZA UTF-8
-# oc_FR ISO-8859-1
-# oc_FR.UTF-8 UTF-8
-# om_ET UTF-8
-# om_KE ISO-8859-1
-# om_KE.UTF-8 UTF-8
-# or_IN UTF-8
-# os_RU UTF-8
-# pa_IN UTF-8
-# pa_PK UTF-8
-# pap_AW UTF-8
-# pap_CW UTF-8
-# pl_PL ISO-8859-2
-# pl_PL.UTF-8 UTF-8
-# ps_AF UTF-8
-# pt_BR ISO-8859-1
-# pt_BR.UTF-8 UTF-8
-# pt_PT ISO-8859-1
-# pt_PT.UTF-8 UTF-8
-# pt_PT@euro ISO-8859-15
-# quz_PE UTF-8
-# raj_IN UTF-8
-# ro_RO ISO-8859-2
-# ro_RO.UTF-8 UTF-8
-# ru_RU ISO-8859-5
-# ru_RU.CP1251 CP1251
-# ru_RU.KOI8-R KOI8-R
-# ru_RU.UTF-8 UTF-8
-# ru_UA KOI8-U
-# ru_UA.UTF-8 UTF-8
-# rw_RW UTF-8
-# sa_IN UTF-8
-# sat_IN UTF-8
-# sc_IT UTF-8
-# sd_IN UTF-8
-# sd_IN@devanagari UTF-8
-# se_NO UTF-8
-# sgs_LT UTF-8
-# shs_CA UTF-8
-# si_LK UTF-8
-# sid_ET UTF-8
-# sk_SK ISO-8859-2
-# sk_SK.UTF-8 UTF-8
-# sl_SI ISO-8859-2
-# sl_SI.UTF-8 UTF-8
-# so_DJ ISO-8859-1
-# so_DJ.UTF-8 UTF-8
-# so_ET UTF-8
-# so_KE ISO-8859-1
-# so_KE.UTF-8 UTF-8
-# so_SO ISO-8859-1
-# so_SO.UTF-8 UTF-8
-# sq_AL ISO-8859-1
-# sq_AL.UTF-8 UTF-8
-# sq_MK UTF-8
-# sr_ME UTF-8
-# sr_RS UTF-8
-# sr_RS@latin UTF-8
-# ss_ZA UTF-8
-# st_ZA ISO-8859-1
-# st_ZA.UTF-8 UTF-8
-# sv_FI ISO-8859-1
-# sv_FI.UTF-8 UTF-8
-# sv_FI@euro ISO-8859-15
-# sv_SE ISO-8859-1
-# sv_SE.ISO-8859-15 ISO-8859-15
-# sv_SE.UTF-8 UTF-8
-# sw_KE UTF-8
-# sw_TZ UTF-8
-# szl_PL UTF-8
-# ta_IN UTF-8
-# ta_LK UTF-8
-# tcy_IN.UTF-8 UTF-8
-# te_IN UTF-8
-# tg_TJ KOI8-T
-# tg_TJ.UTF-8 UTF-8
-# th_TH TIS-620
-# th_TH.UTF-8 UTF-8
-# the_NP UTF-8
-# ti_ER UTF-8
-# ti_ET UTF-8
-# tig_ER UTF-8
-# tk_TM UTF-8
-# tl_PH ISO-8859-1
-# tl_PH.UTF-8 UTF-8
-# tn_ZA UTF-8
-# tr_CY ISO-8859-9
-# tr_CY.UTF-8 UTF-8
-# tr_TR ISO-8859-9
-# tr_TR.UTF-8 UTF-8
-# ts_ZA UTF-8
-# tt_RU UTF-8
-# tt_RU@iqtelif UTF-8
-# ug_CN UTF-8
-# uk_UA KOI8-U
-# uk_UA.UTF-8 UTF-8
-# unm_US UTF-8
-# ur_IN UTF-8
-# ur_PK UTF-8
-# uz_UZ ISO-8859-1
-# uz_UZ.UTF-8 UTF-8
-# uz_UZ@cyrillic UTF-8
-# ve_ZA UTF-8
-# vi_VN UTF-8
-# wa_BE ISO-8859-1
-# wa_BE.UTF-8 UTF-8
-# wa_BE@euro ISO-8859-15
-# wae_CH UTF-8
-# wal_ET UTF-8
-# wo_SN UTF-8
-# xh_ZA ISO-8859-1
-# xh_ZA.UTF-8 UTF-8
-# yi_US CP1255
-# yi_US.UTF-8 UTF-8
-# yo_NG UTF-8
-# yue_HK UTF-8
-# zh_CN GB2312
-# zh_CN.GB18030 GB18030
-# zh_CN.GBK GBK
-# zh_CN.UTF-8 UTF-8
-# zh_HK BIG5-HKSCS
-# zh_HK.UTF-8 UTF-8
-# zh_SG GB2312
-# zh_SG.GBK GBK
-# zh_SG.UTF-8 UTF-8
-# zh_TW BIG5
-# zh_TW.EUC-TW EUC-TW
-# zh_TW.UTF-8 UTF-8
-# zu_ZA ISO-8859-1
-# zu_ZA.UTF-8 UTF-8
diff --git a/many_releases/etc/all/timezone b/many_releases/etc/all/timezone
deleted file mode 100644 (file)
index 94d5acc..0000000
+++ /dev/null
@@ -1 +0,0 @@
-Europe/Berlin
diff --git a/many_releases/etc/raspi/greetd/config.toml b/many_releases/etc/raspi/greetd/config.toml
deleted file mode 100644 (file)
index d7b50f8..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-[terminal]
-vt = 7 
-[default_session]
-command = "~/.nonpath_bins/on_session_start.sh"
-user = "plom"
diff --git a/many_releases/etc/raspi/ssh/sshd_config b/many_releases/etc/raspi/ssh/sshd_config
deleted file mode 100644 (file)
index e952cb3..0000000
+++ /dev/null
@@ -1,123 +0,0 @@
-
-# This is the sshd server system-wide configuration file.  See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented.  Uncommented options override the
-# default value.
-
-Include /etc/ssh/sshd_config.d/*.conf
-
-#Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-#PermitRootLogin prohibit-password
-PermitRootLogin no  # plomlompom's security rule
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#PubkeyAuthentication yes
-
-# Expect .ssh/authorized_keys2 to be disregarded by default in future.
-#AuthorizedKeysFile    .ssh/authorized_keys .ssh/authorized_keys2
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-PasswordAuthentication no
-#PermitEmptyPasswords no
-
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-KbdInteractiveAuthentication no
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-#GSSAPIStrictAcceptorCheck yes
-#GSSAPIKeyExchange no
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the KbdInteractiveAuthentication and
-# PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via KbdInteractiveAuthentication may bypass
-# the setting of "PermitRootLogin prohibit-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and KbdInteractiveAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-X11Forwarding yes
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-PrintMotd no
-#PrintLastLog yes
-#TCPKeepAlive yes
-#PermitUserEnvironment no
-#Compression delayed
-ClientAliveInterval 15
-#ClientAliveCountMax 3
-#UseDNS no
-#PidFile /run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
-
-# override default of no subsystems
-Subsystem      sftp    /usr/lib/openssh/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-#      X11Forwarding no
-#      AllowTcpForwarding no
-#      PermitTTY no
-#      ForceCommand cvs server
diff --git a/many_releases/etc/raspi/systemd/system/throttle_cpu.service b/many_releases/etc/raspi/systemd/system/throttle_cpu.service
deleted file mode 100644 (file)
index 5b37f85..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-[Unit]
-Description=Monitor temperature to throttle CPU if necessary
-After=network.target
-
-[Service]
-Type=simple
-ExecStart=/root/throttle_cpu.sh
-Restart=always
-RestartSec=10
-User=root
-
-[Install]
-WantedBy=multi-user.target
diff --git a/many_releases/home/all/.bashrc b/many_releases/home/all/.bashrc
deleted file mode 100644 (file)
index 1b592d8..0000000
+++ /dev/null
@@ -1,29 +0,0 @@
-# Settings for interactive shells.
-
-# Fancy colors for ls.
-alias ls="ls --color=auto"
-
-# Other helpful aliases
-alias sshauth='eval $(ssh-agent) && ssh-add'
-
-# Use vim as default editor for anything.
-export VISUAL=vim
-export EDITOR=$VISUAL
-
-# Colored prompt with username, hostname, date/time, directory.
-colornumber=7 # Default to white if no color set via colornumber dotfile.
-colornumber_file=~/.shell_prompt_color
-if [ -f $colornumber_file ]; then
-    colornumber=`cat $colornumber_file`
-fi
-tput_color="$(tput setaf $colornumber)$(tput bold)"
-tput_reset="$(tput sgr0)"
-# Bash confuses the line length when not told to not count escape sequences.
-if [ ! "$BASH" = "" ]; then
-    tput_color="\[$tput_color\]"
-    tput_reset="\[$tput_reset\]"
-fi
-PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset"
-PS2="${tput_color}> $tput_reset"
-PS3="${tput_color}select: $tput_reset"
-PS4="${tput_color}+ $tput_reset"
diff --git a/many_releases/home/all/.gitconfig b/many_releases/home/all/.gitconfig
deleted file mode 100644 (file)
index 8967d25..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-[user]
-       email = c.heller@plomlompom.de
-       name = Christian Heller
diff --git a/many_releases/home/raspi/.config/mpv/mpv.conf b/many_releases/home/raspi/.config/mpv/mpv.conf
deleted file mode 100644 (file)
index 1a4418e..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-fullscreen=yes
-profile=fast
-vo=gpu
-ao=pulse
diff --git a/many_releases/home/raspi/.config/sway/config b/many_releases/home/raspi/.config/sway/config
deleted file mode 100644 (file)
index e995681..0000000
+++ /dev/null
@@ -1,37 +0,0 @@
-# because these are included by /etc/sway/config for probably good reason …
-include /etc/sway/config-vars.d/*
-include /etc/sway/config.d/*
-
-# simple green background
-output * background #559911 solid_color
-
-# keyboard layout
-input * xkb_layout "de"
-
-# waybar
-bar {
-  position top
-  status_command ~/.nonpath_bins/status.sh
-}
-
-# keybindings
-set $mod Mod4
-
-bindsym $mod+Return exec foot
-bindsym $mod+Shift+q kill
-bindsym $mod+Shift+p exit
-
-bindsym $mod+f fullscreen
-bindsym $mod+space focus mode_toggle
-bindsym $mod+Shift+space floating toggle
-
-bindsym $mod+Left focus left
-bindsym $mod+Down focus down
-bindsym $mod+Up focus up
-bindsym $mod+Right focus right
-
-bindsym $mod+Shift+Left move left
-bindsym $mod+Shift+Down move down
-bindsym $mod+Shift+Up move up
-bindsym $mod+Shift+Right move right
-
diff --git a/many_releases/home/raspi/.nonpath_bins/on_session_start.sh b/many_releases/home/raspi/.nonpath_bins/on_session_start.sh
deleted file mode 100755 (executable)
index 380e79f..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/usr/bin/sh
-# Iinitalize anything we want in our sessions opened by greetd.
-
-# Workaround to pulseaudio daemon somehow not respecting setting these with
-# ~/.config/pulse/default.pa – note that the first pactl call also seems
-# necessary, probably for forcing some init routines without which the pacmd
-# calls that follow won't work; TODO: find cleaner solutions 
-pactl list sinks > /dev/null
-pacmd set-default-sink alsa_output.platform-fef05700.hdmi.hdmi-stereo
-pacmd set-sink-volume alsa_output.platform-fef05700.hdmi.hdmi-stereo 65536 
-
-# Wayland environment.
-/usr/bin/sway
diff --git a/many_releases/home/raspi/.nonpath_bins/status.sh b/many_releases/home/raspi/.nonpath_bins/status.sh
deleted file mode 100755 (executable)
index c58e8bf..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/bin/sh
-# see sway-bar(5) and swaybar-protocol(7)
-MEGA=1000
-GIGA=1000000
-printf '{ "version": 1 }\n[\n' 
-while true; do
-  printf '  [\n'
-  printf '    {"full_text": "%s"},\n' "$(ip -4 addr show scope global | grep -oP '(?<=inet\s)\d+(\.\d+){3}')"
-  printf '    {"full_text": "%d° C"},\n' $(calc "$(cat /sys/class/thermal/thermal_zone0/temp) // ${MEGA}")
-  printf '    {"full_text": "%.1f/%.1f GHz"},\n' $(calc "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq) / ${GIGA}") $(calc "$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq) / ${GIGA}") 
-  printf '    {"full_text": "%s"},\n' "$(date +'%Y-%m-%d %X')"
-  printf '  ],\n'
-  sleep 1
-done
diff --git a/many_releases/home/raspi/.profile b/many_releases/home/raspi/.profile
deleted file mode 100644 (file)
index d8c6f59..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-# ~/.profile: executed by the command interpreter for login shells.
-
-# simplified defaults: read .bashrc, extend PATH by bin dirs
-. "$HOME/.bashrc"
-PATH="$HOME/.local/bin:$HOME/bin:$PATH"
-
-# to forward video on commands run via SSH login to screen we expect connected 
-if [ -n "$SSH_CONNECTION" ]; then
-  export WAYLAND_DISPLAY=wayland-1 
-fi
diff --git a/many_releases/home/raspi_root/throttle_cpu.sh b/many_releases/home/raspi_root/throttle_cpu.sh
deleted file mode 100755 (executable)
index b5f533d..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/bin/sh
-set -e
-
-MED_TEMP=85000
-MAX_TEMP=95000
-
-MIN_FREQ=600000
-MED_FREQ=1000000
-MAX_FREQ=1500000
-
-PATH_TEMP='/sys/class/thermal/thermal_zone0/temp'
-
-set_max_freq() {
-  for cpu in /sys/devices/system/cpu/cpu[0-9]*; do
-    echo "$1" > "$cpu/cpufreq/scaling_max_freq" 
-  done
-  echo "$1"
-}
-
-freq_set=$(set_max_freq "${MIN_FREQ}")
-while true; do
-  temp=$(cat "${PATH_TEMP}")
-  if [ "${temp}" -ge "${MAX_TEMP}" ]; then
-    if [ "${freq_set}" -gt "${MIN_FREQ}" ]; then
-      freq_set=$(set_max_freq "${MIN_FREQ}")
-    fi
-  elif [ "${temp}" -ge "${MED_TEMP}" ]; then
-    if [ "${freq_set}" -gt "${MED_FREQ}" ]; then
-      freq_set=$(set_max_freq "${MED_FREQ}")
-    fi
-  elif [ "${freq_set}" -lt "${MAX_FREQ}" ]; then 
-    freq_set=$(set_max_freq "${MAX_FREQ}")
-  fi 
-  sleep 1
-done
diff --git a/many_releases/home/root/.shell_prompt_color b/many_releases/home/root/.shell_prompt_color
deleted file mode 100644 (file)
index d00491f..0000000
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/many_releases/scripts/_misc.sh b/many_releases/scripts/_misc.sh
deleted file mode 100644 (file)
index 941bc4d..0000000
+++ /dev/null
@@ -1,172 +0,0 @@
-#!/bin/sh
-set -e
-
-export DEBIAN_FRONTEND=noninteractive
-
-expect_min_n_args() {
-    min_args="$1"
-    explainer="$2"
-    shift 2
-    if [ "$#" -lt "${min_args}" ]; then
-        echo "Need at least ${min_args} arguments … ${explainer}"
-        false
-    fi
-}
-
-copy_dirtree() {
-    # Copy files in argument-selected subdirectories of $1 to subdirectories
-    # of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2
-    # of "" and $3 of "all", copy files below etc_files/all such as
-    # etc_files/all/etc/foo/bar to equivalent locations below / such as
-    # /etc/foo/bar. Create directories as necessary. Multiple arguments after
-    # $3 are possible.
-    #
-    # CAUTION: This overwrites original files at the affected paths.
-    expect_min_n_args 3 "(source root, target root, modules)" "$@"
-    source_root="$1"
-    target_root="$2"
-    shift 2
-    modules="$@"
-    initial_directory="$(pwd)"
-    for module in ${modules}; do
-       module_path="${source_root}/${module}"
-       if [ ! -d "${module_path}" ]; then
-           continue
-       fi
-       cd "${module_path}"
-        for path in $(find . -type f); do
-            target_path="${target_root}"$(echo "${path}" | cut -c2-)
-            source_path=$(realpath "${path}")
-            dir=$(dirname "${target_path}")
-            mkdir -p "${dir}"
-            cp "${source_path}" "${target_path}"
-        done
-        cd "${initial_directory}"
-    done
-}
-
-install_for_modules() {
-    # Walk through the package names in the argument-selected files of
-    # apt-mark/ and ensures the respective packages are installed.
-    #
-    # Caution: Ignores anything in an apt-mark/ file after the last newline,
-    # so make sure there's nothing meaningful thereafter.
-    expect_min_n_args 2 "(apt_mark_dir, modules)" "$@"
-    apt_mark_dir="$1"
-    shift 1
-    modules="$@"
-    for module in ${modules}; do
-        path="${apt_mark_dir}/${module}"
-        if [ ! -f "${path}" ]; then
-            continue
-        fi
-        cat "${path}" | while read line; do
-            echo "$line"
-            if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-                apt-get -y -o Dpkg::Options::="--force-confnew" install "${line}"
-            fi
-        done
-    done
-}
-
-mark_nonrequireds_auto() {
-    path_list_unsorted='/tmp/list_unsorted'
-    path_list_all_packages='/tmp/list_all_packages'
-    path_list_white='/tmp/list_white'
-    path_list_black='/tmp/list_black'
-    dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > "${path_list_unsorted}"
-    sort "${path_list_unsorted}" | uniq > "${path_list_white}"
-    dpkg-query -Wf '${Package}\n' > "${path_list_unsorted}"
-    sort "${path_list_unsorted}" | uniq > "${path_list_all_packages}"
-    comm -3 "${path_list_all_packages}" "${path_list_white}" > "${path_list_black}"
-    apt-mark auto `cat "${path_list_black}"`
-    rm "${path_list_unsorted}" "${path_list_all_packages}" "${path_list_white}" "${path_list_black}"
-}
-
-upgrade_from_older_release() {
-    # Upgrade system to calling context's Debian release.
-    # Caution: Don't expect any customized /etc files to surivive this!
-    path_sources_list='/apt/sources.list'
-    apt update
-    apt -y -o Dpkg::Options::='--force-confnew' upgrade
-    apt -y -o Dpkg::Options::='--force-confnew' full-upgrade
-    cp "../etc/all${path_sources_list}" "/etc${path_sources_list}"
-    apt clean
-    apt update
-    apt -y -o Dpkg::Options::='--force-confnew' upgrade
-    apt -y -o Dpkg::Options::='--force-confnew' full-upgrade
-    apt -y autoremove
-}
-
-add_my_public_key() {
-    # NB: vars expected to be pulled in from caller previously calling constants.sh!
-    apt update
-    apt -y install wget
-    wget "${URL_PUBLIC_KEY}"
-    cat "${FILENAME_PUBLIC_KEY}" >> "${PATH_AUTHORIZED_KEYS}"
-    rm "${FILENAME_PUBLIC_KEY}"
-}
-
-setup_for_raspi() {
-    # NB: vars expected to be pulled in from caller previously calling constants.sh!
-
-    # ensure we can log in
-    add_my_public_key
-    # (alternatively, or preceding this to reduce non-remote typing, TEMPORARILY
-    # (!) set password login:)
-    # passwd
-    # echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
-
-    # migrate to testing
-    upgrade_from_older_release
-
-    # on installing console-setup, will guide it to do the right thing (including
-    # re-writing /etc/default/keyboard)
-    echo 'XKBLAYOUT=de' > /etc/default/keyboard
-
-    # properly configure apt and reduce system to minimum that satisfies our own
-    # aptmark/ package lists
-    for root in ${ROOTS_HERE_AND_MANY}; do
-        copy_dirtree "${root}/${PATH_REL_ETC}/all" '/etc/apt' apt
-    done
-    apt update
-    mark_nonrequireds_auto
-    for root in ${ROOTS_HERE_AND_MANY}; do
-        install_for_modules "${root}/${PATH_REL_APTMARK}" all raspi
-    done
-    apt -y --purge autoremove
-    for root in ${ROOTS_HERE_AND_MANY}; do
-        copy_dirtree "${root}/${PATH_REL_ETC}" '/etc' all raspi
-    done
-
-    # Ensure our desired locale is available.
-    locale-gen
-
-    # Set Berlin localtime.
-    ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
-    ntpdate-debian
-
-    # so Sway won't complain about failing to access non-existant background image file
-    sed -i '/^output \* bg/ s/^/#/' /etc/sway/config
-
-    # Set up root environment.
-    for root in ${ROOTS_HERE_AND_MANY}; do
-        copy_dirtree "${root}/${PATH_REL_HOME}" '/root' all root raspi_root
-    done
-
-    # Set up user and their environment.
-    adduser --disabled-password --gecos "" "${USERNAME}"
-    usermod -a -G sudo "${USERNAME}"
-    for root in ${ROOTS_HERE_AND_MANY}; do
-        copy_dirtree "${root}/${PATH_REL_HOME}" "${PATH_USER_HOME}" all desktop raspi
-    done
-    mkdir "${PATH_USER_SSH}"
-    cp "${PATH_AUTHORIZED_KEYS}" "${PATH_USER_SSH}"
-    chown -R "${USERNAME}:${USERNAME}" "${PATH_USER_HOME}"
-    passwd "${USERNAME}"
-    rm "${PATH_AUTHORIZED_KEYS}"
-
-    # Activate /root/throttle_cpu.sh daemonization.
-    systemctl enable throttle_cpu.service
-    systemctl start throttle_cpu.service
-}
diff --git a/misc.sh b/misc.sh
deleted file mode 100644 (file)
index 61ad026..0000000
--- a/misc.sh
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/sh
-
-local_etc_server="${config_tree_prefix}/etc_files/server"
-system_path_sshd_config='/etc/ssh/sshd_config'
-local_path_sshd_config="${local_etc_server}${system_path_sshd_config}"
-
-expect_n_args() {
-    min_args="$1"
-    explainer="$2"
-    shift 2
-    if [ "$#" -lt "${min_args}" ]; then
-        echo "Need at least ${min_args} arguments … ${explainer}"
-        false
-    fi
-}
-
diff --git a/testing/apt-mark/all b/testing/apt-mark/all
deleted file mode 100644 (file)
index cf4af24..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client
-# unpredictably so
-ifupdown
-isc-dhcp-client
-# git for the setup directory; cloning works with ca-certificates
-ca-certificates
-git
-# to avoid constant warnings about no locale being found
-locales
-# extremely useful for basic network debugging; missed these more than once in an emergency
-netcat-traditional
-iputils-ping
-# to set the time
-ntpsec-ntpdate
diff --git a/testing/apt-mark/h610m b/testing/apt-mark/h610m
deleted file mode 100644 (file)
index 645086f..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-# for X to start at all
-linux-headers-amd64
-nvidia-driver
-firmware-misc-nonfree
-# X input: keyboard
-xserver-xorg-input-evdev
-## CUDA
-#nvidia-cuda-dev
-#nvidia-cuda-toolkit
-
diff --git a/testing/apt-mark/t490s b/testing/apt-mark/t490s
deleted file mode 100644 (file)
index 9be8397..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-# so we can work without the Ethernet adapter
-network-manager
-
diff --git a/testing/apt-mark/user b/testing/apt-mark/user
deleted file mode 100644 (file)
index c390f17..0000000
+++ /dev/null
@@ -1,53 +0,0 @@
-# to avoid booting problems with encrypted LVM, see <https://askubuntu.com/a/1105848>
-cryptsetup-initramfs
-lvm2
-# this provides setupcon which reads /etc/default/console-setup
-console-setup
-# for startx
-xinit
-# for xrdb
-x11-xserver-utils
-# for startx to run for non-root user
-libpam-systemd
-# window environment
-i3
-i3status
-suckless-tools
-xterm
-# to get sleepy at night
-redshift
-# for alsamixer
-alsa-utils
-# also useful
-vim
-sudo
-less
-man-db
-manpages
-procps
-# browsers
-firefox-esr
-chromium
-# tridactyl install recommendations
-vim-gtk3
-curl
-## for firefox to emit sound
-#pulseaudio
-# emacs
-emacs
-emacs-common-non-dfsg
-emacs-el
-elpa-ledger
-ledger
-# to mount encrypted USB stick and use its contents
-pmount
-cryptsetup
-openssh-client
-# for syncing
-borgbackup
-# mail setup
-isync
-notmuch
-elpa-notmuch
-pinentry-gtk2
-#
index 37d8809396a085b37f4fa1a487e7f6894146d30f..3605a65c62cb6cb426b5afd665965c5398564a97 100644 (file)
@@ -1,5 +1,4 @@
-# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client
-# unpredictably so
+# connectivity: ifupdown seems necessary everyhwere, isc-dhcp-client unpredictably so
 ifupdown
 isc-dhcp-client
 # git for the setup directory; cloning works with ca-certificates
index 32b6aa7178de2f739229cb2aa977d9f7ddc82e27..294d76c9c648c4c98d34e650c7fc908ae0cee45e 100644 (file)
@@ -1,6 +1,10 @@
 # to avoid booting problems with encrypted LVM, see <https://askubuntu.com/a/1105848>
 cryptsetup-initramfs
 lvm2
+# for secrets
+pmount
+# for accessing remote machines
+openssh-client
 # wayland usage essentials
 sway
 # at a minimum sets env stuff without which sway won't start 
diff --git a/testing/aptmark/h610m b/testing/aptmark/h610m
deleted file mode 100644 (file)
index 645086f..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-# for X to start at all
-linux-headers-amd64
-nvidia-driver
-firmware-misc-nonfree
-# X input: keyboard
-xserver-xorg-input-evdev
-## CUDA
-#nvidia-cuda-dev
-#nvidia-cuda-toolkit
-
diff --git a/testing/aptmark/server b/testing/aptmark/server
deleted file mode 100644 (file)
index 26e9be3..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-# technically not necessarily anymore, but on older servers needed for playing nicely with foot, kept here more as a reminder than for any specific use
-foot-terminfo
-#
index fed4d1839723dc50dfa01abc5b2b7a435068cac7..e4588c7e253fafe63d65737e1b4974dcb7e1e135 100644 (file)
@@ -1,5 +1,3 @@
-# for secrets
-pmount
 # ping won't work for user without this – see <https://shallowsky.com/blog/linux/ping-permissions.html>
 linux-sysctl-defaults
 # generally useful
@@ -10,7 +8,6 @@ less
 man-db
 manpages
 procps
-openssh-client
 # for syncing
 borgbackup
 # for my own scripts to run
diff --git a/testing/etc/all/apt/apt.conf.d/99_minimize_dependencies b/testing/etc/all/apt/apt.conf.d/99_minimize_dependencies
new file mode 100644 (file)
index 0000000..4aaef79
--- /dev/null
@@ -0,0 +1,4 @@
+APT::AutoRemove::RecommendsImportant "false";
+APT::AutoRemove::SuggestsImportant "false";
+APT::Install-Recommends "false";
+APT::Install-Suggests "false";
diff --git a/testing/etc/all/locale.conf b/testing/etc/all/locale.conf
new file mode 100644 (file)
index 0000000..dd6eee3
--- /dev/null
@@ -0,0 +1 @@
+LANG="en_US.UTF-8"
diff --git a/testing/etc/all/locale.gen b/testing/etc/all/locale.gen
new file mode 100644 (file)
index 0000000..a28cfa4
--- /dev/null
@@ -0,0 +1,483 @@
+# This file lists locales that you wish to have built. You can find a list
+# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
+# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
+# this file, you need to rerun locale-gen.
+
+
+# aa_DJ ISO-8859-1
+# aa_DJ.UTF-8 UTF-8
+# aa_ER UTF-8
+# aa_ER@saaho UTF-8
+# aa_ET UTF-8
+# af_ZA ISO-8859-1
+# af_ZA.UTF-8 UTF-8
+# ak_GH UTF-8
+# am_ET UTF-8
+# an_ES ISO-8859-15
+# an_ES.UTF-8 UTF-8
+# anp_IN UTF-8
+# ar_AE ISO-8859-6
+# ar_AE.UTF-8 UTF-8
+# ar_BH ISO-8859-6
+# ar_BH.UTF-8 UTF-8
+# ar_DZ ISO-8859-6
+# ar_DZ.UTF-8 UTF-8
+# ar_EG ISO-8859-6
+# ar_EG.UTF-8 UTF-8
+# ar_IN UTF-8
+# ar_IQ ISO-8859-6
+# ar_IQ.UTF-8 UTF-8
+# ar_JO ISO-8859-6
+# ar_JO.UTF-8 UTF-8
+# ar_KW ISO-8859-6
+# ar_KW.UTF-8 UTF-8
+# ar_LB ISO-8859-6
+# ar_LB.UTF-8 UTF-8
+# ar_LY ISO-8859-6
+# ar_LY.UTF-8 UTF-8
+# ar_MA ISO-8859-6
+# ar_MA.UTF-8 UTF-8
+# ar_OM ISO-8859-6
+# ar_OM.UTF-8 UTF-8
+# ar_QA ISO-8859-6
+# ar_QA.UTF-8 UTF-8
+# ar_SA ISO-8859-6
+# ar_SA.UTF-8 UTF-8
+# ar_SD ISO-8859-6
+# ar_SD.UTF-8 UTF-8
+# ar_SS UTF-8
+# ar_SY ISO-8859-6
+# ar_SY.UTF-8 UTF-8
+# ar_TN ISO-8859-6
+# ar_TN.UTF-8 UTF-8
+# ar_YE ISO-8859-6
+# ar_YE.UTF-8 UTF-8
+# as_IN UTF-8
+# ast_ES ISO-8859-15
+# ast_ES.UTF-8 UTF-8
+# ayc_PE UTF-8
+# az_AZ UTF-8
+# be_BY CP1251
+# be_BY.UTF-8 UTF-8
+# be_BY@latin UTF-8
+# bem_ZM UTF-8
+# ber_DZ UTF-8
+# ber_MA UTF-8
+# bg_BG CP1251
+# bg_BG.UTF-8 UTF-8
+# bhb_IN.UTF-8 UTF-8
+# bho_IN UTF-8
+# bn_BD UTF-8
+# bn_IN UTF-8
+# bo_CN UTF-8
+# bo_IN UTF-8
+# br_FR ISO-8859-1
+# br_FR.UTF-8 UTF-8
+# br_FR@euro ISO-8859-15
+# brx_IN UTF-8
+# bs_BA ISO-8859-2
+# bs_BA.UTF-8 UTF-8
+# byn_ER UTF-8
+# ca_AD ISO-8859-15
+# ca_AD.UTF-8 UTF-8
+# ca_ES ISO-8859-1
+# ca_ES.UTF-8 UTF-8
+# ca_ES.UTF-8@valencia UTF-8
+# ca_ES@euro ISO-8859-15
+# ca_ES@valencia ISO-8859-15
+# ca_FR ISO-8859-15
+# ca_FR.UTF-8 UTF-8
+# ca_IT ISO-8859-15
+# ca_IT.UTF-8 UTF-8
+# ce_RU UTF-8
+# chr_US UTF-8
+# cmn_TW UTF-8
+# crh_UA UTF-8
+# cs_CZ ISO-8859-2
+# cs_CZ.UTF-8 UTF-8
+# csb_PL UTF-8
+# cv_RU UTF-8
+# cy_GB ISO-8859-14
+# cy_GB.UTF-8 UTF-8
+# da_DK ISO-8859-1
+# da_DK.UTF-8 UTF-8
+# de_AT ISO-8859-1
+# de_AT.UTF-8 UTF-8
+# de_AT@euro ISO-8859-15
+# de_BE ISO-8859-1
+# de_BE.UTF-8 UTF-8
+# de_BE@euro ISO-8859-15
+# de_CH ISO-8859-1
+# de_CH.UTF-8 UTF-8
+# de_DE ISO-8859-1
+# de_DE.UTF-8 UTF-8
+# de_DE@euro ISO-8859-15
+# de_IT ISO-8859-1
+# de_IT.UTF-8 UTF-8
+# de_LI.UTF-8 UTF-8
+# de_LU ISO-8859-1
+# de_LU.UTF-8 UTF-8
+# de_LU@euro ISO-8859-15
+# doi_IN UTF-8
+# dv_MV UTF-8
+# dz_BT UTF-8
+# el_CY ISO-8859-7
+# el_CY.UTF-8 UTF-8
+# el_GR ISO-8859-7
+# el_GR.UTF-8 UTF-8
+# en_AG UTF-8
+# en_AU ISO-8859-1
+# en_AU.UTF-8 UTF-8
+# en_BW ISO-8859-1
+# en_BW.UTF-8 UTF-8
+# en_CA ISO-8859-1
+# en_CA.UTF-8 UTF-8
+# en_DK ISO-8859-1
+# en_DK.ISO-8859-15 ISO-8859-15
+# en_DK.UTF-8 UTF-8
+# en_GB ISO-8859-1
+# en_GB.ISO-8859-15 ISO-8859-15
+# en_GB.UTF-8 UTF-8
+# en_HK ISO-8859-1
+# en_HK.UTF-8 UTF-8
+# en_IE ISO-8859-1
+# en_IE.UTF-8 UTF-8
+# en_IE@euro ISO-8859-15
+# en_IL UTF-8
+# en_IN UTF-8
+# en_NG UTF-8
+# en_NZ ISO-8859-1
+# en_NZ.UTF-8 UTF-8
+# en_PH ISO-8859-1
+# en_PH.UTF-8 UTF-8
+# en_SG ISO-8859-1
+# en_SG.UTF-8 UTF-8
+# en_US ISO-8859-1
+# en_US.ISO-8859-15 ISO-8859-15
+en_US.UTF-8 UTF-8
+# en_ZA ISO-8859-1
+# en_ZA.UTF-8 UTF-8
+# en_ZM UTF-8
+# en_ZW ISO-8859-1
+# en_ZW.UTF-8 UTF-8
+# eo UTF-8
+# es_AR ISO-8859-1
+# es_AR.UTF-8 UTF-8
+# es_BO ISO-8859-1
+# es_BO.UTF-8 UTF-8
+# es_CL ISO-8859-1
+# es_CL.UTF-8 UTF-8
+# es_CO ISO-8859-1
+# es_CO.UTF-8 UTF-8
+# es_CR ISO-8859-1
+# es_CR.UTF-8 UTF-8
+# es_CU UTF-8
+# es_DO ISO-8859-1
+# es_DO.UTF-8 UTF-8
+# es_EC ISO-8859-1
+# es_EC.UTF-8 UTF-8
+# es_ES ISO-8859-1
+# es_ES.UTF-8 UTF-8
+# es_ES@euro ISO-8859-15
+# es_GT ISO-8859-1
+# es_GT.UTF-8 UTF-8
+# es_HN ISO-8859-1
+# es_HN.UTF-8 UTF-8
+# es_MX ISO-8859-1
+# es_MX.UTF-8 UTF-8
+# es_NI ISO-8859-1
+# es_NI.UTF-8 UTF-8
+# es_PA ISO-8859-1
+# es_PA.UTF-8 UTF-8
+# es_PE ISO-8859-1
+# es_PE.UTF-8 UTF-8
+# es_PR ISO-8859-1
+# es_PR.UTF-8 UTF-8
+# es_PY ISO-8859-1
+# es_PY.UTF-8 UTF-8
+# es_SV ISO-8859-1
+# es_SV.UTF-8 UTF-8
+# es_US ISO-8859-1
+# es_US.UTF-8 UTF-8
+# es_UY ISO-8859-1
+# es_UY.UTF-8 UTF-8
+# es_VE ISO-8859-1
+# es_VE.UTF-8 UTF-8
+# et_EE ISO-8859-1
+# et_EE.ISO-8859-15 ISO-8859-15
+# et_EE.UTF-8 UTF-8
+# eu_ES ISO-8859-1
+# eu_ES.UTF-8 UTF-8
+# eu_ES@euro ISO-8859-15
+# eu_FR ISO-8859-1
+# eu_FR.UTF-8 UTF-8
+# eu_FR@euro ISO-8859-15
+# fa_IR UTF-8
+# ff_SN UTF-8
+# fi_FI ISO-8859-1
+# fi_FI.UTF-8 UTF-8
+# fi_FI@euro ISO-8859-15
+# fil_PH UTF-8
+# fo_FO ISO-8859-1
+# fo_FO.UTF-8 UTF-8
+# fr_BE ISO-8859-1
+# fr_BE.UTF-8 UTF-8
+# fr_BE@euro ISO-8859-15
+# fr_CA ISO-8859-1
+# fr_CA.UTF-8 UTF-8
+# fr_CH ISO-8859-1
+# fr_CH.UTF-8 UTF-8
+# fr_FR ISO-8859-1
+# fr_FR.UTF-8 UTF-8
+# fr_FR@euro ISO-8859-15
+# fr_LU ISO-8859-1
+# fr_LU.UTF-8 UTF-8
+# fr_LU@euro ISO-8859-15
+# fur_IT UTF-8
+# fy_DE UTF-8
+# fy_NL UTF-8
+# ga_IE ISO-8859-1
+# ga_IE.UTF-8 UTF-8
+# ga_IE@euro ISO-8859-15
+# gd_GB ISO-8859-15
+# gd_GB.UTF-8 UTF-8
+# gez_ER UTF-8
+# gez_ER@abegede UTF-8
+# gez_ET UTF-8
+# gez_ET@abegede UTF-8
+# gl_ES ISO-8859-1
+# gl_ES.UTF-8 UTF-8
+# gl_ES@euro ISO-8859-15
+# gu_IN UTF-8
+# gv_GB ISO-8859-1
+# gv_GB.UTF-8 UTF-8
+# ha_NG UTF-8
+# hak_TW UTF-8
+# he_IL ISO-8859-8
+# he_IL.UTF-8 UTF-8
+# hi_IN UTF-8
+# hne_IN UTF-8
+# hr_HR ISO-8859-2
+# hr_HR.UTF-8 UTF-8
+# hsb_DE ISO-8859-2
+# hsb_DE.UTF-8 UTF-8
+# ht_HT UTF-8
+# hu_HU ISO-8859-2
+# hu_HU.UTF-8 UTF-8
+# hy_AM UTF-8
+# hy_AM.ARMSCII-8 ARMSCII-8
+# ia_FR UTF-8
+# id_ID ISO-8859-1
+# id_ID.UTF-8 UTF-8
+# ig_NG UTF-8
+# ik_CA UTF-8
+# is_IS ISO-8859-1
+# is_IS.UTF-8 UTF-8
+# it_CH ISO-8859-1
+# it_CH.UTF-8 UTF-8
+# it_IT ISO-8859-1
+# it_IT.UTF-8 UTF-8
+# it_IT@euro ISO-8859-15
+# iu_CA UTF-8
+# ja_JP.EUC-JP EUC-JP
+# ja_JP.UTF-8 UTF-8
+# ka_GE GEORGIAN-PS
+# ka_GE.UTF-8 UTF-8
+# kk_KZ PT154
+# kk_KZ.RK1048 RK1048
+# kk_KZ.UTF-8 UTF-8
+# kl_GL ISO-8859-1
+# kl_GL.UTF-8 UTF-8
+# km_KH UTF-8
+# kn_IN UTF-8
+# ko_KR.EUC-KR EUC-KR
+# ko_KR.UTF-8 UTF-8
+# kok_IN UTF-8
+# ks_IN UTF-8
+# ks_IN@devanagari UTF-8
+# ku_TR ISO-8859-9
+# ku_TR.UTF-8 UTF-8
+# kw_GB ISO-8859-1
+# kw_GB.UTF-8 UTF-8
+# ky_KG UTF-8
+# lb_LU UTF-8
+# lg_UG ISO-8859-10
+# lg_UG.UTF-8 UTF-8
+# li_BE UTF-8
+# li_NL UTF-8
+# lij_IT UTF-8
+# ln_CD UTF-8
+# lo_LA UTF-8
+# lt_LT ISO-8859-13
+# lt_LT.UTF-8 UTF-8
+# lv_LV ISO-8859-13
+# lv_LV.UTF-8 UTF-8
+# lzh_TW UTF-8
+# mag_IN UTF-8
+# mai_IN UTF-8
+# mg_MG ISO-8859-15
+# mg_MG.UTF-8 UTF-8
+# mhr_RU UTF-8
+# mi_NZ ISO-8859-13
+# mi_NZ.UTF-8 UTF-8
+# mk_MK ISO-8859-5
+# mk_MK.UTF-8 UTF-8
+# ml_IN UTF-8
+# mn_MN UTF-8
+# mni_IN UTF-8
+# mr_IN UTF-8
+# ms_MY ISO-8859-1
+# ms_MY.UTF-8 UTF-8
+# mt_MT ISO-8859-3
+# mt_MT.UTF-8 UTF-8
+# my_MM UTF-8
+# nan_TW UTF-8
+# nan_TW@latin UTF-8
+# nb_NO ISO-8859-1
+# nb_NO.UTF-8 UTF-8
+# nds_DE UTF-8
+# nds_NL UTF-8
+# ne_NP UTF-8
+# nhn_MX UTF-8
+# niu_NU UTF-8
+# niu_NZ UTF-8
+# nl_AW UTF-8
+# nl_BE ISO-8859-1
+# nl_BE.UTF-8 UTF-8
+# nl_BE@euro ISO-8859-15
+# nl_NL ISO-8859-1
+# nl_NL.UTF-8 UTF-8
+# nl_NL@euro ISO-8859-15
+# nn_NO ISO-8859-1
+# nn_NO.UTF-8 UTF-8
+# nr_ZA UTF-8
+# nso_ZA UTF-8
+# oc_FR ISO-8859-1
+# oc_FR.UTF-8 UTF-8
+# om_ET UTF-8
+# om_KE ISO-8859-1
+# om_KE.UTF-8 UTF-8
+# or_IN UTF-8
+# os_RU UTF-8
+# pa_IN UTF-8
+# pa_PK UTF-8
+# pap_AW UTF-8
+# pap_CW UTF-8
+# pl_PL ISO-8859-2
+# pl_PL.UTF-8 UTF-8
+# ps_AF UTF-8
+# pt_BR ISO-8859-1
+# pt_BR.UTF-8 UTF-8
+# pt_PT ISO-8859-1
+# pt_PT.UTF-8 UTF-8
+# pt_PT@euro ISO-8859-15
+# quz_PE UTF-8
+# raj_IN UTF-8
+# ro_RO ISO-8859-2
+# ro_RO.UTF-8 UTF-8
+# ru_RU ISO-8859-5
+# ru_RU.CP1251 CP1251
+# ru_RU.KOI8-R KOI8-R
+# ru_RU.UTF-8 UTF-8
+# ru_UA KOI8-U
+# ru_UA.UTF-8 UTF-8
+# rw_RW UTF-8
+# sa_IN UTF-8
+# sat_IN UTF-8
+# sc_IT UTF-8
+# sd_IN UTF-8
+# sd_IN@devanagari UTF-8
+# se_NO UTF-8
+# sgs_LT UTF-8
+# shs_CA UTF-8
+# si_LK UTF-8
+# sid_ET UTF-8
+# sk_SK ISO-8859-2
+# sk_SK.UTF-8 UTF-8
+# sl_SI ISO-8859-2
+# sl_SI.UTF-8 UTF-8
+# so_DJ ISO-8859-1
+# so_DJ.UTF-8 UTF-8
+# so_ET UTF-8
+# so_KE ISO-8859-1
+# so_KE.UTF-8 UTF-8
+# so_SO ISO-8859-1
+# so_SO.UTF-8 UTF-8
+# sq_AL ISO-8859-1
+# sq_AL.UTF-8 UTF-8
+# sq_MK UTF-8
+# sr_ME UTF-8
+# sr_RS UTF-8
+# sr_RS@latin UTF-8
+# ss_ZA UTF-8
+# st_ZA ISO-8859-1
+# st_ZA.UTF-8 UTF-8
+# sv_FI ISO-8859-1
+# sv_FI.UTF-8 UTF-8
+# sv_FI@euro ISO-8859-15
+# sv_SE ISO-8859-1
+# sv_SE.ISO-8859-15 ISO-8859-15
+# sv_SE.UTF-8 UTF-8
+# sw_KE UTF-8
+# sw_TZ UTF-8
+# szl_PL UTF-8
+# ta_IN UTF-8
+# ta_LK UTF-8
+# tcy_IN.UTF-8 UTF-8
+# te_IN UTF-8
+# tg_TJ KOI8-T
+# tg_TJ.UTF-8 UTF-8
+# th_TH TIS-620
+# th_TH.UTF-8 UTF-8
+# the_NP UTF-8
+# ti_ER UTF-8
+# ti_ET UTF-8
+# tig_ER UTF-8
+# tk_TM UTF-8
+# tl_PH ISO-8859-1
+# tl_PH.UTF-8 UTF-8
+# tn_ZA UTF-8
+# tr_CY ISO-8859-9
+# tr_CY.UTF-8 UTF-8
+# tr_TR ISO-8859-9
+# tr_TR.UTF-8 UTF-8
+# ts_ZA UTF-8
+# tt_RU UTF-8
+# tt_RU@iqtelif UTF-8
+# ug_CN UTF-8
+# uk_UA KOI8-U
+# uk_UA.UTF-8 UTF-8
+# unm_US UTF-8
+# ur_IN UTF-8
+# ur_PK UTF-8
+# uz_UZ ISO-8859-1
+# uz_UZ.UTF-8 UTF-8
+# uz_UZ@cyrillic UTF-8
+# ve_ZA UTF-8
+# vi_VN UTF-8
+# wa_BE ISO-8859-1
+# wa_BE.UTF-8 UTF-8
+# wa_BE@euro ISO-8859-15
+# wae_CH UTF-8
+# wal_ET UTF-8
+# wo_SN UTF-8
+# xh_ZA ISO-8859-1
+# xh_ZA.UTF-8 UTF-8
+# yi_US CP1255
+# yi_US.UTF-8 UTF-8
+# yo_NG UTF-8
+# yue_HK UTF-8
+# zh_CN GB2312
+# zh_CN.GB18030 GB18030
+# zh_CN.GBK GBK
+# zh_CN.UTF-8 UTF-8
+# zh_HK BIG5-HKSCS
+# zh_HK.UTF-8 UTF-8
+# zh_SG GB2312
+# zh_SG.GBK GBK
+# zh_SG.UTF-8 UTF-8
+# zh_TW BIG5
+# zh_TW.EUC-TW EUC-TW
+# zh_TW.UTF-8 UTF-8
+# zu_ZA ISO-8859-1
+# zu_ZA.UTF-8 UTF-8
diff --git a/testing/etc/all/timezone b/testing/etc/all/timezone
new file mode 100644 (file)
index 0000000..94d5acc
--- /dev/null
@@ -0,0 +1 @@
+Europe/Berlin
diff --git a/testing/etc/desktop/network/interfaces b/testing/etc/desktop/network/interfaces
new file mode 100644 (file)
index 0000000..303ee92
--- /dev/null
@@ -0,0 +1,10 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# anything more would only confuse NetworkManager
diff --git a/testing/etc/t490s/network/interfaces b/testing/etc/t490s/network/interfaces
deleted file mode 100644 (file)
index 303ee92..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-# This file describes the network interfaces available on your system
-# and how to activate them. For more information, see interfaces(5).
-
-source /etc/network/interfaces.d/*
-
-# The loopback network interface
-auto lo
-iface lo inet loopback
-
-# anything more would only confuse NetworkManager
diff --git a/testing/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies b/testing/etc_files/all/etc/apt/apt.conf.d/99_minimize_dependencies
deleted file mode 100644 (file)
index 4aaef79..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-APT::AutoRemove::RecommendsImportant "false";
-APT::AutoRemove::SuggestsImportant "false";
-APT::Install-Recommends "false";
-APT::Install-Suggests "false";
diff --git a/testing/etc_files/all/etc/apt/sources.list b/testing/etc_files/all/etc/apt/sources.list
deleted file mode 100644 (file)
index a270a56..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
-deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
diff --git a/testing/etc_files/all/etc/default/locale b/testing/etc_files/all/etc/default/locale
deleted file mode 100644 (file)
index dd6eee3..0000000
+++ /dev/null
@@ -1 +0,0 @@
-LANG="en_US.UTF-8"
diff --git a/testing/etc_files/all/etc/locale.gen b/testing/etc_files/all/etc/locale.gen
deleted file mode 100644 (file)
index a28cfa4..0000000
+++ /dev/null
@@ -1,483 +0,0 @@
-# This file lists locales that you wish to have built. You can find a list
-# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add
-# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change
-# this file, you need to rerun locale-gen.
-
-
-# aa_DJ ISO-8859-1
-# aa_DJ.UTF-8 UTF-8
-# aa_ER UTF-8
-# aa_ER@saaho UTF-8
-# aa_ET UTF-8
-# af_ZA ISO-8859-1
-# af_ZA.UTF-8 UTF-8
-# ak_GH UTF-8
-# am_ET UTF-8
-# an_ES ISO-8859-15
-# an_ES.UTF-8 UTF-8
-# anp_IN UTF-8
-# ar_AE ISO-8859-6
-# ar_AE.UTF-8 UTF-8
-# ar_BH ISO-8859-6
-# ar_BH.UTF-8 UTF-8
-# ar_DZ ISO-8859-6
-# ar_DZ.UTF-8 UTF-8
-# ar_EG ISO-8859-6
-# ar_EG.UTF-8 UTF-8
-# ar_IN UTF-8
-# ar_IQ ISO-8859-6
-# ar_IQ.UTF-8 UTF-8
-# ar_JO ISO-8859-6
-# ar_JO.UTF-8 UTF-8
-# ar_KW ISO-8859-6
-# ar_KW.UTF-8 UTF-8
-# ar_LB ISO-8859-6
-# ar_LB.UTF-8 UTF-8
-# ar_LY ISO-8859-6
-# ar_LY.UTF-8 UTF-8
-# ar_MA ISO-8859-6
-# ar_MA.UTF-8 UTF-8
-# ar_OM ISO-8859-6
-# ar_OM.UTF-8 UTF-8
-# ar_QA ISO-8859-6
-# ar_QA.UTF-8 UTF-8
-# ar_SA ISO-8859-6
-# ar_SA.UTF-8 UTF-8
-# ar_SD ISO-8859-6
-# ar_SD.UTF-8 UTF-8
-# ar_SS UTF-8
-# ar_SY ISO-8859-6
-# ar_SY.UTF-8 UTF-8
-# ar_TN ISO-8859-6
-# ar_TN.UTF-8 UTF-8
-# ar_YE ISO-8859-6
-# ar_YE.UTF-8 UTF-8
-# as_IN UTF-8
-# ast_ES ISO-8859-15
-# ast_ES.UTF-8 UTF-8
-# ayc_PE UTF-8
-# az_AZ UTF-8
-# be_BY CP1251
-# be_BY.UTF-8 UTF-8
-# be_BY@latin UTF-8
-# bem_ZM UTF-8
-# ber_DZ UTF-8
-# ber_MA UTF-8
-# bg_BG CP1251
-# bg_BG.UTF-8 UTF-8
-# bhb_IN.UTF-8 UTF-8
-# bho_IN UTF-8
-# bn_BD UTF-8
-# bn_IN UTF-8
-# bo_CN UTF-8
-# bo_IN UTF-8
-# br_FR ISO-8859-1
-# br_FR.UTF-8 UTF-8
-# br_FR@euro ISO-8859-15
-# brx_IN UTF-8
-# bs_BA ISO-8859-2
-# bs_BA.UTF-8 UTF-8
-# byn_ER UTF-8
-# ca_AD ISO-8859-15
-# ca_AD.UTF-8 UTF-8
-# ca_ES ISO-8859-1
-# ca_ES.UTF-8 UTF-8
-# ca_ES.UTF-8@valencia UTF-8
-# ca_ES@euro ISO-8859-15
-# ca_ES@valencia ISO-8859-15
-# ca_FR ISO-8859-15
-# ca_FR.UTF-8 UTF-8
-# ca_IT ISO-8859-15
-# ca_IT.UTF-8 UTF-8
-# ce_RU UTF-8
-# chr_US UTF-8
-# cmn_TW UTF-8
-# crh_UA UTF-8
-# cs_CZ ISO-8859-2
-# cs_CZ.UTF-8 UTF-8
-# csb_PL UTF-8
-# cv_RU UTF-8
-# cy_GB ISO-8859-14
-# cy_GB.UTF-8 UTF-8
-# da_DK ISO-8859-1
-# da_DK.UTF-8 UTF-8
-# de_AT ISO-8859-1
-# de_AT.UTF-8 UTF-8
-# de_AT@euro ISO-8859-15
-# de_BE ISO-8859-1
-# de_BE.UTF-8 UTF-8
-# de_BE@euro ISO-8859-15
-# de_CH ISO-8859-1
-# de_CH.UTF-8 UTF-8
-# de_DE ISO-8859-1
-# de_DE.UTF-8 UTF-8
-# de_DE@euro ISO-8859-15
-# de_IT ISO-8859-1
-# de_IT.UTF-8 UTF-8
-# de_LI.UTF-8 UTF-8
-# de_LU ISO-8859-1
-# de_LU.UTF-8 UTF-8
-# de_LU@euro ISO-8859-15
-# doi_IN UTF-8
-# dv_MV UTF-8
-# dz_BT UTF-8
-# el_CY ISO-8859-7
-# el_CY.UTF-8 UTF-8
-# el_GR ISO-8859-7
-# el_GR.UTF-8 UTF-8
-# en_AG UTF-8
-# en_AU ISO-8859-1
-# en_AU.UTF-8 UTF-8
-# en_BW ISO-8859-1
-# en_BW.UTF-8 UTF-8
-# en_CA ISO-8859-1
-# en_CA.UTF-8 UTF-8
-# en_DK ISO-8859-1
-# en_DK.ISO-8859-15 ISO-8859-15
-# en_DK.UTF-8 UTF-8
-# en_GB ISO-8859-1
-# en_GB.ISO-8859-15 ISO-8859-15
-# en_GB.UTF-8 UTF-8
-# en_HK ISO-8859-1
-# en_HK.UTF-8 UTF-8
-# en_IE ISO-8859-1
-# en_IE.UTF-8 UTF-8
-# en_IE@euro ISO-8859-15
-# en_IL UTF-8
-# en_IN UTF-8
-# en_NG UTF-8
-# en_NZ ISO-8859-1
-# en_NZ.UTF-8 UTF-8
-# en_PH ISO-8859-1
-# en_PH.UTF-8 UTF-8
-# en_SG ISO-8859-1
-# en_SG.UTF-8 UTF-8
-# en_US ISO-8859-1
-# en_US.ISO-8859-15 ISO-8859-15
-en_US.UTF-8 UTF-8
-# en_ZA ISO-8859-1
-# en_ZA.UTF-8 UTF-8
-# en_ZM UTF-8
-# en_ZW ISO-8859-1
-# en_ZW.UTF-8 UTF-8
-# eo UTF-8
-# es_AR ISO-8859-1
-# es_AR.UTF-8 UTF-8
-# es_BO ISO-8859-1
-# es_BO.UTF-8 UTF-8
-# es_CL ISO-8859-1
-# es_CL.UTF-8 UTF-8
-# es_CO ISO-8859-1
-# es_CO.UTF-8 UTF-8
-# es_CR ISO-8859-1
-# es_CR.UTF-8 UTF-8
-# es_CU UTF-8
-# es_DO ISO-8859-1
-# es_DO.UTF-8 UTF-8
-# es_EC ISO-8859-1
-# es_EC.UTF-8 UTF-8
-# es_ES ISO-8859-1
-# es_ES.UTF-8 UTF-8
-# es_ES@euro ISO-8859-15
-# es_GT ISO-8859-1
-# es_GT.UTF-8 UTF-8
-# es_HN ISO-8859-1
-# es_HN.UTF-8 UTF-8
-# es_MX ISO-8859-1
-# es_MX.UTF-8 UTF-8
-# es_NI ISO-8859-1
-# es_NI.UTF-8 UTF-8
-# es_PA ISO-8859-1
-# es_PA.UTF-8 UTF-8
-# es_PE ISO-8859-1
-# es_PE.UTF-8 UTF-8
-# es_PR ISO-8859-1
-# es_PR.UTF-8 UTF-8
-# es_PY ISO-8859-1
-# es_PY.UTF-8 UTF-8
-# es_SV ISO-8859-1
-# es_SV.UTF-8 UTF-8
-# es_US ISO-8859-1
-# es_US.UTF-8 UTF-8
-# es_UY ISO-8859-1
-# es_UY.UTF-8 UTF-8
-# es_VE ISO-8859-1
-# es_VE.UTF-8 UTF-8
-# et_EE ISO-8859-1
-# et_EE.ISO-8859-15 ISO-8859-15
-# et_EE.UTF-8 UTF-8
-# eu_ES ISO-8859-1
-# eu_ES.UTF-8 UTF-8
-# eu_ES@euro ISO-8859-15
-# eu_FR ISO-8859-1
-# eu_FR.UTF-8 UTF-8
-# eu_FR@euro ISO-8859-15
-# fa_IR UTF-8
-# ff_SN UTF-8
-# fi_FI ISO-8859-1
-# fi_FI.UTF-8 UTF-8
-# fi_FI@euro ISO-8859-15
-# fil_PH UTF-8
-# fo_FO ISO-8859-1
-# fo_FO.UTF-8 UTF-8
-# fr_BE ISO-8859-1
-# fr_BE.UTF-8 UTF-8
-# fr_BE@euro ISO-8859-15
-# fr_CA ISO-8859-1
-# fr_CA.UTF-8 UTF-8
-# fr_CH ISO-8859-1
-# fr_CH.UTF-8 UTF-8
-# fr_FR ISO-8859-1
-# fr_FR.UTF-8 UTF-8
-# fr_FR@euro ISO-8859-15
-# fr_LU ISO-8859-1
-# fr_LU.UTF-8 UTF-8
-# fr_LU@euro ISO-8859-15
-# fur_IT UTF-8
-# fy_DE UTF-8
-# fy_NL UTF-8
-# ga_IE ISO-8859-1
-# ga_IE.UTF-8 UTF-8
-# ga_IE@euro ISO-8859-15
-# gd_GB ISO-8859-15
-# gd_GB.UTF-8 UTF-8
-# gez_ER UTF-8
-# gez_ER@abegede UTF-8
-# gez_ET UTF-8
-# gez_ET@abegede UTF-8
-# gl_ES ISO-8859-1
-# gl_ES.UTF-8 UTF-8
-# gl_ES@euro ISO-8859-15
-# gu_IN UTF-8
-# gv_GB ISO-8859-1
-# gv_GB.UTF-8 UTF-8
-# ha_NG UTF-8
-# hak_TW UTF-8
-# he_IL ISO-8859-8
-# he_IL.UTF-8 UTF-8
-# hi_IN UTF-8
-# hne_IN UTF-8
-# hr_HR ISO-8859-2
-# hr_HR.UTF-8 UTF-8
-# hsb_DE ISO-8859-2
-# hsb_DE.UTF-8 UTF-8
-# ht_HT UTF-8
-# hu_HU ISO-8859-2
-# hu_HU.UTF-8 UTF-8
-# hy_AM UTF-8
-# hy_AM.ARMSCII-8 ARMSCII-8
-# ia_FR UTF-8
-# id_ID ISO-8859-1
-# id_ID.UTF-8 UTF-8
-# ig_NG UTF-8
-# ik_CA UTF-8
-# is_IS ISO-8859-1
-# is_IS.UTF-8 UTF-8
-# it_CH ISO-8859-1
-# it_CH.UTF-8 UTF-8
-# it_IT ISO-8859-1
-# it_IT.UTF-8 UTF-8
-# it_IT@euro ISO-8859-15
-# iu_CA UTF-8
-# ja_JP.EUC-JP EUC-JP
-# ja_JP.UTF-8 UTF-8
-# ka_GE GEORGIAN-PS
-# ka_GE.UTF-8 UTF-8
-# kk_KZ PT154
-# kk_KZ.RK1048 RK1048
-# kk_KZ.UTF-8 UTF-8
-# kl_GL ISO-8859-1
-# kl_GL.UTF-8 UTF-8
-# km_KH UTF-8
-# kn_IN UTF-8
-# ko_KR.EUC-KR EUC-KR
-# ko_KR.UTF-8 UTF-8
-# kok_IN UTF-8
-# ks_IN UTF-8
-# ks_IN@devanagari UTF-8
-# ku_TR ISO-8859-9
-# ku_TR.UTF-8 UTF-8
-# kw_GB ISO-8859-1
-# kw_GB.UTF-8 UTF-8
-# ky_KG UTF-8
-# lb_LU UTF-8
-# lg_UG ISO-8859-10
-# lg_UG.UTF-8 UTF-8
-# li_BE UTF-8
-# li_NL UTF-8
-# lij_IT UTF-8
-# ln_CD UTF-8
-# lo_LA UTF-8
-# lt_LT ISO-8859-13
-# lt_LT.UTF-8 UTF-8
-# lv_LV ISO-8859-13
-# lv_LV.UTF-8 UTF-8
-# lzh_TW UTF-8
-# mag_IN UTF-8
-# mai_IN UTF-8
-# mg_MG ISO-8859-15
-# mg_MG.UTF-8 UTF-8
-# mhr_RU UTF-8
-# mi_NZ ISO-8859-13
-# mi_NZ.UTF-8 UTF-8
-# mk_MK ISO-8859-5
-# mk_MK.UTF-8 UTF-8
-# ml_IN UTF-8
-# mn_MN UTF-8
-# mni_IN UTF-8
-# mr_IN UTF-8
-# ms_MY ISO-8859-1
-# ms_MY.UTF-8 UTF-8
-# mt_MT ISO-8859-3
-# mt_MT.UTF-8 UTF-8
-# my_MM UTF-8
-# nan_TW UTF-8
-# nan_TW@latin UTF-8
-# nb_NO ISO-8859-1
-# nb_NO.UTF-8 UTF-8
-# nds_DE UTF-8
-# nds_NL UTF-8
-# ne_NP UTF-8
-# nhn_MX UTF-8
-# niu_NU UTF-8
-# niu_NZ UTF-8
-# nl_AW UTF-8
-# nl_BE ISO-8859-1
-# nl_BE.UTF-8 UTF-8
-# nl_BE@euro ISO-8859-15
-# nl_NL ISO-8859-1
-# nl_NL.UTF-8 UTF-8
-# nl_NL@euro ISO-8859-15
-# nn_NO ISO-8859-1
-# nn_NO.UTF-8 UTF-8
-# nr_ZA UTF-8
-# nso_ZA UTF-8
-# oc_FR ISO-8859-1
-# oc_FR.UTF-8 UTF-8
-# om_ET UTF-8
-# om_KE ISO-8859-1
-# om_KE.UTF-8 UTF-8
-# or_IN UTF-8
-# os_RU UTF-8
-# pa_IN UTF-8
-# pa_PK UTF-8
-# pap_AW UTF-8
-# pap_CW UTF-8
-# pl_PL ISO-8859-2
-# pl_PL.UTF-8 UTF-8
-# ps_AF UTF-8
-# pt_BR ISO-8859-1
-# pt_BR.UTF-8 UTF-8
-# pt_PT ISO-8859-1
-# pt_PT.UTF-8 UTF-8
-# pt_PT@euro ISO-8859-15
-# quz_PE UTF-8
-# raj_IN UTF-8
-# ro_RO ISO-8859-2
-# ro_RO.UTF-8 UTF-8
-# ru_RU ISO-8859-5
-# ru_RU.CP1251 CP1251
-# ru_RU.KOI8-R KOI8-R
-# ru_RU.UTF-8 UTF-8
-# ru_UA KOI8-U
-# ru_UA.UTF-8 UTF-8
-# rw_RW UTF-8
-# sa_IN UTF-8
-# sat_IN UTF-8
-# sc_IT UTF-8
-# sd_IN UTF-8
-# sd_IN@devanagari UTF-8
-# se_NO UTF-8
-# sgs_LT UTF-8
-# shs_CA UTF-8
-# si_LK UTF-8
-# sid_ET UTF-8
-# sk_SK ISO-8859-2
-# sk_SK.UTF-8 UTF-8
-# sl_SI ISO-8859-2
-# sl_SI.UTF-8 UTF-8
-# so_DJ ISO-8859-1
-# so_DJ.UTF-8 UTF-8
-# so_ET UTF-8
-# so_KE ISO-8859-1
-# so_KE.UTF-8 UTF-8
-# so_SO ISO-8859-1
-# so_SO.UTF-8 UTF-8
-# sq_AL ISO-8859-1
-# sq_AL.UTF-8 UTF-8
-# sq_MK UTF-8
-# sr_ME UTF-8
-# sr_RS UTF-8
-# sr_RS@latin UTF-8
-# ss_ZA UTF-8
-# st_ZA ISO-8859-1
-# st_ZA.UTF-8 UTF-8
-# sv_FI ISO-8859-1
-# sv_FI.UTF-8 UTF-8
-# sv_FI@euro ISO-8859-15
-# sv_SE ISO-8859-1
-# sv_SE.ISO-8859-15 ISO-8859-15
-# sv_SE.UTF-8 UTF-8
-# sw_KE UTF-8
-# sw_TZ UTF-8
-# szl_PL UTF-8
-# ta_IN UTF-8
-# ta_LK UTF-8
-# tcy_IN.UTF-8 UTF-8
-# te_IN UTF-8
-# tg_TJ KOI8-T
-# tg_TJ.UTF-8 UTF-8
-# th_TH TIS-620
-# th_TH.UTF-8 UTF-8
-# the_NP UTF-8
-# ti_ER UTF-8
-# ti_ET UTF-8
-# tig_ER UTF-8
-# tk_TM UTF-8
-# tl_PH ISO-8859-1
-# tl_PH.UTF-8 UTF-8
-# tn_ZA UTF-8
-# tr_CY ISO-8859-9
-# tr_CY.UTF-8 UTF-8
-# tr_TR ISO-8859-9
-# tr_TR.UTF-8 UTF-8
-# ts_ZA UTF-8
-# tt_RU UTF-8
-# tt_RU@iqtelif UTF-8
-# ug_CN UTF-8
-# uk_UA KOI8-U
-# uk_UA.UTF-8 UTF-8
-# unm_US UTF-8
-# ur_IN UTF-8
-# ur_PK UTF-8
-# uz_UZ ISO-8859-1
-# uz_UZ.UTF-8 UTF-8
-# uz_UZ@cyrillic UTF-8
-# ve_ZA UTF-8
-# vi_VN UTF-8
-# wa_BE ISO-8859-1
-# wa_BE.UTF-8 UTF-8
-# wa_BE@euro ISO-8859-15
-# wae_CH UTF-8
-# wal_ET UTF-8
-# wo_SN UTF-8
-# xh_ZA ISO-8859-1
-# xh_ZA.UTF-8 UTF-8
-# yi_US CP1255
-# yi_US.UTF-8 UTF-8
-# yo_NG UTF-8
-# yue_HK UTF-8
-# zh_CN GB2312
-# zh_CN.GB18030 GB18030
-# zh_CN.GBK GBK
-# zh_CN.UTF-8 UTF-8
-# zh_HK BIG5-HKSCS
-# zh_HK.UTF-8 UTF-8
-# zh_SG GB2312
-# zh_SG.GBK GBK
-# zh_SG.UTF-8 UTF-8
-# zh_TW BIG5
-# zh_TW.EUC-TW EUC-TW
-# zh_TW.UTF-8 UTF-8
-# zu_ZA ISO-8859-1
-# zu_ZA.UTF-8 UTF-8
diff --git a/testing/etc_files/all/etc/timezone b/testing/etc_files/all/etc/timezone
deleted file mode 100644 (file)
index 94d5acc..0000000
+++ /dev/null
@@ -1 +0,0 @@
-Europe/Berlin
index 556fbb4fc998d2086ae816698e58520a9f8406d1..43acf0073bfbe6fcc3a0b8a41c21ee3d44186a0a 100644 (file)
@@ -9,4 +9,3 @@ get_passphrase() {
 audio_dev_is_mute() {
     [ "$(pactl get-sink-mute 0)" = "Mute: yes" ]
 }
-
diff --git a/testing/home/root/.shell_prompt_color b/testing/home/root/.shell_prompt_color
new file mode 100644 (file)
index 0000000..d00491f
--- /dev/null
@@ -0,0 +1 @@
+1
diff --git a/testing/home/user/.gitconfig b/testing/home/user/.gitconfig
new file mode 100644 (file)
index 0000000..8967d25
--- /dev/null
@@ -0,0 +1,3 @@
+[user]
+       email = c.heller@plomlompom.de
+       name = Christian Heller
diff --git a/testing/home/user/.shell_prompt_color b/testing/home/user/.shell_prompt_color
new file mode 100644 (file)
index 0000000..0cfbf08
--- /dev/null
@@ -0,0 +1 @@
+2
diff --git a/testing/home_files/h610m/.xinitrc_bonus b/testing/home_files/h610m/.xinitrc_bonus
deleted file mode 100644 (file)
index 1eaa7e8..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-# Don't blank screen, as this will confuse the HDMI switch setup / lead to unrecoverable X sessions. 
-xset s noblank
diff --git a/testing/home_files/minimal/.bashrc b/testing/home_files/minimal/.bashrc
deleted file mode 100644 (file)
index 5c1d6b2..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-# Settings for interactive shells.
-
-# Fancy colors for ls.
-alias ls="ls --color=auto"
-
-# Other helpful aliases
-alias sshauth='eval $(ssh-agent) && ssh-add'
-# alias xrandrbig='xrandr --output LVDS-1 --off'
-
-# Use vim as default editor for anything.
-export VISUAL=vim
-export EDITOR=$VISUAL
-
-# Colored prompt with username, hostname, date/time, directory.
-colornumber=7 # Default to white if no color set via colornumber dotfile.
-colornumber_file=~/.shell_prompt_color
-if [ -f $colornumber_file ]; then
-    colornumber=`cat $colornumber_file`
-fi
-tput_color="$(tput setaf $colornumber)$(tput bold)"
-tput_reset="$(tput sgr0)"
-# Bash confuses the line length when not told to not count escape sequences.
-if [ ! "$BASH" = "" ]; then
-    tput_color="\[$tput_color\]"
-    tput_reset="\[$tput_reset\]"
-fi
-PS1="${tput_color}["\$\(date\ +%Y-%m-%d/%H:%M:%S/%Z\)" $(whoami)@$(hostname):"\$\(pwd\)"]$ $tput_reset"
-PS2="${tput_color}> $tput_reset"
-PS3="${tput_color}select: $tput_reset"
-PS4="${tput_color}+ $tput_reset"
diff --git a/testing/home_files/root/.shell_prompt_color b/testing/home_files/root/.shell_prompt_color
deleted file mode 100644 (file)
index d00491f..0000000
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/testing/home_files/user/.Xresources b/testing/home_files/user/.Xresources
deleted file mode 100644 (file)
index 45b10af..0000000
+++ /dev/null
@@ -1,56 +0,0 @@
-! otherwise various applications will assume merely 8 colors
-XTerm.termName: xterm-256color
-
-! font
-! actually, "mono" is already the default for faceName (it will
-! pick whatever fc-match mono delivers), but we need to set _some_
-! faceName to trigger XTerm activating TrueType fonts
-! (XTerm*fontRender by itself won't do the trick), and we want
-! TrueType fonts because, well, they scale better, and XTerm lets them
-! fall back on alternatives (hi there ttf-unifont) when a Unicode
-! glyph is not found
-XTerm*faceName: mono
-
-! white on black
-XTerm*reverseVideo: on
-
-! blink screen instead of sound
-XTerm*visualBell: on
-
-! proper ALT as META key treatment
-XTerm*eightBitInput: false
-
-! font sizes
-XTerm*faceSize: 8
-XTerm*faceSize1: 4
-XTerm*faceSize2: 5
-XTerm*faceSize3: 6
-XTerm*faceSize4: 8
-XTerm*faceSize5: 14
-XTerm*faceSize6: 25
-
-! colors
-! black
-XTerm*color0: #202020
-XTerm*color8: #3F3F3F
-! red
-XTerm*color1: #A82020
-XTerm*color9: #E82020
-! green
-XTerm*color2: #20A820
-XTerm*color10: #20E820
-! yellow
-XTerm*color3: #A8A820
-XTerm*color11: #E8E820
-! blue
-XTerm*color4: #3F3FFF
-XTerm*color12: #9F9FFF
-! magenta
-XTerm*color5: #A83FFF
-XTerm*color13: #E89FFF
-! cyan
-XTerm*color6: #3FA8FF
-XTerm*color14: #9FE8FF
-! white
-XTerm*color7: #A8A8A8
-XTerm*color15: #E8E8E8
diff --git a/testing/home_files/user/.borgrepos b/testing/home_files/user/.borgrepos
deleted file mode 100644 (file)
index c40eee3..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-plom@plomlompom.com
-plom@mail.plomlompom.com
-plom@play.plomlompom.com
-# file read ends at last newline
diff --git a/testing/home_files/user/.config/i3/config b/testing/home_files/user/.config/i3/config
deleted file mode 100644 (file)
index 7e4af34..0000000
+++ /dev/null
@@ -1,86 +0,0 @@
-# plomlompom's i3-wm configuration
-
-# Font for i3 text
-font pango:Terminus 8px
-
-# Force "tabbed" as default layout for new windows.
-workspace_layout              tabbed
-
-# Make the Windows key the modifier key for all i3-wm actions.
-set                           $mod Mod4
-floating_modifier             $mod
-
-# Launch xterm.
-bindsym $mod+Return           exec xterm
-
-# Launch programs via dmenu.
-bindsym $mod+d                exec dmenu_run
-bindsym $mod+x                exec dmenu_run
-
-# Kill window.
-bindsym $mod+Shift+Q          kill
-
-# Move focus between windows.
-bindsym $mod+Left             focus left
-bindsym $mod+Down             focus down
-bindsym $mod+Up               focus up
-bindsym $mod+Right            focus right
-
-# Don't move focus with mouse.
-focus_follows_mouse           no
-
-# Move windows.
-bindsym $mod+Shift+Left       move left
-bindsym $mod+Shift+Down       move down
-bindsym $mod+Shift+Up         move up
-bindsym $mod+Shift+Right      move right
-
-# Resize windows
-bindsym $mod+h                resize shrink width 1 px or 1 ppt
-bindsym $mod+l                resize grow width 1 px or 1 ppt
-bindsym $mod+j                resize shrink height
-bindsym $mod+k                resize grow height
-
-# Toggle fullscreen for focused window.
-bindsym $mod+f                fullscreen
-
-# Toggle floating of window, focus on floating or tabbed windows.
-bindsym $mod+Shift+space      floating toggle
-bindsym $mod+space            focus mode_toggle
-
-# Switch to workspace x.
-bindsym $mod+1                workspace 1
-bindsym $mod+2                workspace 2
-bindsym $mod+3                workspace 3
-bindsym $mod+4                workspace 4
-bindsym $mod+5                workspace 5
-bindsym $mod+6                workspace 6
-bindsym $mod+7                workspace 7
-bindsym $mod+8                workspace 8
-bindsym $mod+9                workspace 9
-bindsym $mod+0                workspace 10
-
-# Move window to workspace x.
-bindsym $mod+Shift+exclam     move workspace 1
-bindsym $mod+Shift+quotedbl   move workspace 2
-bindsym $mod+Shift+section    move workspace 3
-bindsym $mod+Shift+dollar     move workspace 4
-bindsym $mod+Shift+percent    move workspace 5
-bindsym $mod+Shift+ampersand  move workspace 6
-bindsym $mod+Shift+slash      move workspace 7
-bindsym $mod+Shift+parenleft  move workspace 8
-bindsym $mod+Shift+parenright move workspace 9
-bindsym $mod+Shift+equal      move workspace 10
-
-# Reload i3 config file, restart (keeping sesion) i3, exit i3.
-bindsym $mod+Shift+C          reload
-bindsym $mod+Shift+R          restart
-bindsym $mod+Shift+P          exit
-
-# Select "i3status" as i3 status bar, hide systray icons.
-bar {
-  tray_output none
-  status_command i3status
-}
-
-include ~/.config/i3/config_bonus
diff --git a/testing/home_files/user/.config/i3status/config b/testing/home_files/user/.config/i3status/config
deleted file mode 100644 (file)
index b9fb15f..0000000
+++ /dev/null
@@ -1,82 +0,0 @@
-# plomlompom's i3 status bar configuration
-
-# Activate colors; set update interval of one second.
-general {
-  colors = true
-  interval = 1
-}
-
-# Selection / order of status elements.
-order += "disk /"
-order += "disk /home/"
-order += "wireless wlp3s0"
-order += "ethernet enp0s25"
-order += "battery 0"
-order += "cpu_usage"
-order += "load"
-order += "cpu_temperature 0"
-order += "time"
-order += "volume master"
-
-# How much space is left in / ?
-disk "/" {
-  format = "/: %avail available of %total"
-  separator_block_width = 25
-}
-
-# How much space is left in /home ?
-disk "/home/" {
-  format = "/home: %avail available of %total"
-  separator_block_width = 25
-}
-
-# WLAN status: show IP and connection quality or "down".
-wireless wlp3s0 {
-  format_up = "w: (%quality at %essid) %ip"
-  format_down = "w: down"
-  separator_block_width = 10
-}
-
-# Ethernet status: show IP or "down".
-ethernet enp0s25 {
-  format_up = "e: %ip"
-  format_down = "e: down"
-  separator_block_width = 25
-}
-
-# Battery status: show FULL/CHARGING/BATTERY, storage, time left.
-battery 0 {
-  format = "b: %status %percentage %remaining"
-  separator_block_width = 25
-}
-
-# Show CPU usage.
-cpu_usage {
-  format = "cpu: %usage"
-  separator_block_width = 10
-}
-
-# Show system load during last 1/5/15 minutes.
-load {
-  format = "%1min %5min %15min"
-  separator_block_width = 25
-}
-
-# Show CPU temperature in degrees of celsius.
-cpu_temperature 0 {
-  format = "%degrees °C"
-  separator_block_width = 25
-}
-
-# Show date/time/timezone as "year-month-day hour:minute:second
-# timezone_numeric/timezone_alphabetic".
-time {
-  format = "%Y-%m-%d %H:%M:%S %z/%Z"
-  separator_block_width = 25
-}
-
-volume master {
-  format = "♪: %volume"
-  format_muted = "♪: muted (%volume)"
-  separator_block_width = 25
-}
diff --git a/testing/home_files/user/.emacs.d/init.el b/testing/home_files/user/.emacs.d/init.el
deleted file mode 100644 (file)
index 3868a75..0000000
+++ /dev/null
@@ -1,323 +0,0 @@
-;; general layout
-;; ==============
-
-;; need no stinkin emacs help screen as start up, and no menu bar
-(setq inhibit-startup-screen t)
-(menu-bar-mode -1)
-
-;; highlight cursor line, parentheses
-(global-hl-line-mode 1)
-(show-paren-mode 1)
-
-;; show line numbers, use separator space
-(global-linum-mode)
-(setq linum-format "%d ")
-
-;; count cursor column, row in mode line
-(setq column-number-mode t)
-
-;; settings to make GUI tolerable
-(if window-system
-  (progn
-    (add-to-list 'default-frame-alist '(foreground-color . "white"))
-    (add-to-list 'default-frame-alist '(background-color . "black"))
-    (set-face-attribute 'default nil :height 80)
-    (scroll-bar-mode -1)
-    (setq visible-bell t)
-    (setq linum-format "%d")))
-
-;; use as default browser what XDG offers
-(setq-default browse-url-browser-function 'browse-url-xdg-open)
-
-
-
-;; general keybindings
-;; ===================
-
-;; create and use a minimal global map using just the self-insert command
-;; bindings and a selection of some to me very common keystrokes
-(setq minimal-map (make-sparse-keymap))
-(substitute-key-definition 'self-insert-command 'self-insert-command
-                           minimal-map global-map)
-(use-global-map minimal-map)
-(global-set-key (kbd "DEL") 'backward-delete-char-untabify)
-(global-set-key (kbd "RET") 'newline)
-(global-set-key (kbd "TAB") 'indent-for-tab-command)
-(global-set-key (kbd "<up>") 'previous-line)
-(global-set-key (kbd "<down>") 'next-line)
-(global-set-key (kbd "<left>") 'left-char)
-(global-set-key (kbd "<right>") 'right-char)
-(global-set-key (kbd "<prior>") 'scroll-down-command)
-(global-set-key (kbd "<next>") 'scroll-up-command)
-(global-set-key (kbd "M-x") 'execute-extended-command)
-(global-set-key (kbd "C-g") 'keyboard-quit)
-;(global-set-key (kbd "<f3>") 'kmacro-start-macro-or-insert-counter)
-;(global-set-key (kbd "<f4>") 'kmacro-end-or-call-macro)
-;; note how to switch back to the original map: (use-global-map global-map)
-(setq shr-map (make-sparse-keymap))  ; got annoying in elfeed-show on URLs
-
-
-
-;; minibuffer
-;; ==========
-
-;; incremental minibuffer completion
-(icomplete-mode 1)
-
-
-
-;; text editing
-;; ============
-
-;; tabs are evil
-(setq-default indent-tabs-mode nil)
-(setq-default tab-width 4)
-(setq indent-line-function 'insert-tab)
-
-;; show trailing whitespace
-(setq-default show-trailing-whitespace 1)
-
-;; on save, ask whether to ensure text file's last line ends in a
-;; newline character
-(setq require-final-newline 1)
-
-;; use dedicated directory for version-controlled, endless backups;
-;; never delete old versions
-(setq make-backup-files t
-      backup-directory-alist `(("." . "~/.emacs_backups"))
-      backup-by-copying t
-      version-control t
-      delete-old-versions 1)  ;; neither t nor nil: never delete
-
-
-;; package management
-;; ==================
-
-;; where we get packages from
-(setq package-archives '(("gnu" . "https://elpa.gnu.org/packages/")
-                         ("melpa-unstable" . "https://melpa.org/packages/")
-                         ("melpa-stable" . "https://stable.melpa.org/packages/")))
-
-;; ensure certain packages are installed (actually, we use Debian repos here)
-;; credit to <https://stackoverflow.com/a/10093312>
-;(setq package-list '(elfeed ledger-mode))
-;(package-initialize)
-;(dolist (package package-list)
-;  (unless (package-installed-p package)
-;    (package-install package)))
-
-
-
-;;; window management
-;;; =================
-;
-;;; track window configurations to allow window config undo
-;(winner-mode 1)
-
-
-
-;; mail setup
-;; ==========
-
-(setq send-mail-function 'smtpmail-send-it)
-(setq smtpmail-smtp-server "mail.plomlompom.com")
-(setq smtpmail-smtp-service 465)
-(setq smtpmail-stream-type 'ssl)
-(setq smtpmail-smtp-user "plom")
-(setq mml-secure-openpgp-encrypt-to-self t)
-(add-hook 'message-setup-hook 'mml-secure-sign-pgpmime)
-
-;(setq gnutls-log-level 0)
-
-;; if we don't set this, we get this warning:
-;;   gnutls.c: [1] Note that the security level of the Diffie-Hellman key exchange
-;;   has been lowered to 256 bits and this may allow decryption of the session data
-(setq gnutls-min-prime-bits 1024)
-
-;; there is a WEIRD bug somewhere in /network-stream-open-tls/ that disappears the
-;; stream process, seemingly unless the /message/ function is called at the right
-;; place (earliest in /nsm-verify-connection/ right before the "cond" there, latest
-;; in /network-stream-get-response/ right after "(goto-char start)"; this works
-;; unless /inhibit_message/ is set, indicating that writing to the *Messages*
-;; buffer is not relevant, but maybe writing to the echo area is); activing the
-;; gnutls logging is just a hack to achieve such calls to /message/ in the
-;; /network-stream-open-tls/ flow.
-(setq gnutls-log-level 1) ; miraculously makes smtpmail work
-
-;; constructs From: domain if mail composer directly called (from without
-;; notmuch), but we don't actually intend to do that
-;(setq mail-host-address "plomlompom.com")
-
-;; otherwise notmuch becomes extremely slow in some cases
-(setq-default notmuch-show-indent-content nil)
-
-;; this only works if we use notmuch-mua-send instead of message-send
-(setq notmuch-fcc-dirs '(("plom@plomlompom.com" . "maildir/Sent")))
-
-;; this gets rid of "i-did-not-set--mail-host-address--so-tickle-me"
-;; in the message ID
-(setq mail-host-address "plomlompom.com")
-
-;; notmuch saved searches
-(setq notmuch-saved-searches
-      '((:name "inbox" :query "tag:unread and folder:inbox")
-        (:name "all" :query "tag:unread not folder:maildir/Trash")
-        (:name "plomlompom.de" :query "tag:unread and folder:maildir/plomlompom.de")
-        (:name "nebenan" :query "tag:unread and folder:maildir/nebenan")
-        (:name "reflect-info" :query "tag:unread and folder:maildir/reflect-info")
-        (:name "gmail" :query "tag:unread and folder:maildir/gmail.com")
-        (:name "mutter" :query "tag:unread and folder:maildir/mutter")))
-
-
-
-;; org mode
-;; ========
-
-;; unsure why, but to re-set the key map, we not only have to explicitely do it
-;; only after org-mode loading, but also have to explicitely overwrite the
-;; C-c keybinding; TODO: investigate
-(with-eval-after-load 'org
-    (setq org-mode-map (make-sparse-keymap))
-    (define-key org-mode-map (kbd "C-c") nil)
-    (define-key org-mode-map (kbd "TAB") 'org-cycle)
-    (define-key org-mode-map (kbd "<backtab>") 'org-shifttab))
-
-;; don't truncate lines by default
-(setq org-startup-truncated nil)
-
-;; basic org-capture config
-(setq org-capture-templates
-      '(("x" "test" plain (file "~/org/notes.org") "%T: %?")))
-(add-hook 'org-capture-mode-hook 'evil-insert-state)
-
-;; agenda view on startup
-(load-library "find-lisp")
-(setq org-agenda-files (find-lisp-find-files "~/org" "\.org$"))
-(setq org-agenda-span 90)
-(setq org-agenda-use-time-grid nil)
-(add-hook 'emacs-startup-hook (lambda ()
-                                 (org-agenda-list)
-                                 (switch-to-buffer "*Org Agenda*")
-                                 (other-window 1)))
-
-;;; for calendar, use ISO date style
-;(setq calendar-date-style 'iso)
-;(setq diary-number-of-entries 7)
-;(diary)
-;(setq org-agenda-time-grid '((today require-timed remove-match)
-;                             #("----------------" 0 16 (org-heading t))
-;                             (0 200 400 600 800 1000 1200
-;                                1400 1600 1800 2000 2200)))
-
-;; empty org-agenda-mode keybindings
-(add-hook 'org-agenda-mode-hook
-          (lambda ()
-            (setq org-agenda-mode-map (make-sparse-keymap))))
-(add-hook 'org-agenda-mode-hook
-          (lambda ()
-            (use-local-map (make-sparse-keymap))))
-
-;; org-publish-all
-(setq org-publish-project-alist
-      '(
-        ("website"
-         :base-directory "~/org/web/"
-         :base-extension "org"
-         :publishing-directory "~/html/"
-         :recursive t
-         :publishing-function org-html-publish-to-html
-         :headline-levels 4             ; Just the default for this project.
-         :auto-preamble t
-          )))
-
-;; use [ki:] syntax to hide stuff from exports
-(defun classify-information (text backend info)
-  "Replaces '[ki:WHATEVER]' with '[klassifizierte Information]'."
-  (replace-regexp-in-string "\\[ki:[^\]]*\]" "[klassifizierte Information]" text))
-(add-hook 'org-export-filter-plain-text-functions 'classify-information)
-
-;; add HTML validator link to exports
-(setq org-html-validation-link "<a href=\"https://validator.w3.org/check?uri=referer\">Validate</a>")
-
-
-
-;;; Info mode
-;;; =========
-
-(setq Info-mode-map (make-sparse-keymap))
-(define-key Info-mode-map (kbd "RET") 'Info-follow-nearest-node)
-(define-key Info-mode-map (kbd "u") 'Info-up)
-(define-key Info-mode-map (kbd "TAB") 'Info-next-reference)
-(define-key Info-mode-map (kbd "<backtab>") 'Info-prev-reference)
-(define-key Info-mode-map (kbd "H") 'Info-history-back)
-(define-key Info-mode-map (kbd "L") 'Info-history-forward)
-(define-key Info-mode-map (kbd "I") 'Info-goto-node)
-(define-key Info-mode-map (kbd "i") 'Info-index)
-
-
-
-;; help mode
-;; =========
-
-(setq help-mode-map (make-sparse-keymap))
-(define-key help-mode-map (kbd "TAB") 'forward-button)
-(define-key help-mode-map (kbd "RET") 'help-follow)
-(define-key help-mode-map (kbd "<backtab>") 'backward-button)
-
-
-
-; ;; elfeed
-; ;; ======
-; 
-; (require 'elfeed)  ; needed so we can set the font faces
-; (set-face-background 'elfeed-search-title-face "magenta")
-; (set-face-background 'elfeed-search-unread-count-face "magenta")
-; (setq elfeed-feeds
-;       '("https://capsurvival.blogspot.com/feeds/posts/default"
-;         "https://jungle.world/rss.xml"
-;         "http://news.dieweltistgarnichtso.net/bin/index.xml"
-;         "https://taz.de/!s=&ExportStatus=Intern&SuchRahmen=Online;rss/"
-;         "http://www.tagesschau.de/xml/atom"))
-; (setq elfeed-search-mode-map (make-sparse-keymap))
-; (define-key elfeed-search-mode-map (kbd "RET") 'elfeed-search-show-entry)
-; (defun elfeed-search-mark-as-read() (interactive)
-;   (elfeed-search-untag-all 'unread))
-; (define-key elfeed-search-mode-map (kbd "r") 'elfeed-search-mark-as-read)
-; (define-key elfeed-search-mode-map (kbd "R") 'elfeed-search-tag-all-unread)
-; (define-key elfeed-search-mode-map (kbd "f") 'elfeed-search-live-filter)
-; (define-key elfeed-search-mode-map (kbd "u") 'elfeed-update)
-; (setq elfeed-show-mode-map (make-sparse-keymap))
-; (define-key elfeed-show-mode-map (kbd "u") 'elfeed)
-; (define-key elfeed-show-mode-map (kbd "TAB") 'shr-next-link)
-; (define-key elfeed-show-mode-map (kbd "<backtab>") 'shr-previous-link)
-; (define-key elfeed-show-mode-map (kbd "a") 'elfeed-show-prev)
-; (define-key elfeed-show-mode-map (kbd "d") 'elfeed-show-next)
-; (define-key elfeed-show-mode-map (kbd "y") 'shr-copy-url)
-; (define-key elfeed-show-mode-map (kbd "RET") 'shr-browse-url)
-; 
-; 
-; 
-; ;; eww
-; ;; ===
-; 
-; (setq eww-mode-map (make-sparse-keymap))
-; (define-key eww-mode-map (kbd "TAB") 'shr-next-link)
-; (define-key eww-mode-map (kbd "<backtab>") 'shr-previous-link)
-; (define-key eww-mode-map (kbd "H") 'eww-back-url)
-; (define-key eww-mode-map (kbd "L") 'eww-forward-url)
-
-
-
-;; ledger
-;; ======
-(setq ledger-mode-map (make-sparse-keymap))
-(define-key ledger-mode-map (kbd "TAB") 'completion-at-point)
-
-
-
-;;; plomvi mode
-;;; ===========
-
-(defvar plomvi-return-combo (kbd "C-c"))
-(load "~/public_repos/plomvi.el/plomvi.el")
-(plomvi-global-mode 1)
diff --git a/testing/home_files/user/.gitconfig b/testing/home_files/user/.gitconfig
deleted file mode 100644 (file)
index 8967d25..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-[user]
-       email = c.heller@plomlompom.de
-       name = Christian Heller
diff --git a/testing/home_files/user/.mbsyncrc b/testing/home_files/user/.mbsyncrc
deleted file mode 100644 (file)
index 59d01a9..0000000
+++ /dev/null
@@ -1,28 +0,0 @@
-IMAPAccount plom
-# Address to connect to
-Host mail.plomlompom.com
-User plom
-# For some reason, mbsync doesn't accept a PassCmd output beyond 79 chars,
-# therefore the pw in ~/.authinfo should not be longer than that.
-PassCmd "cat ~/.authinfo | cut -d' ' -f8-"
-SSLType IMAPS
-AuthMechs LOGIN
-
-IMAPStore core-remote
-Account plom
-
-MaildirStore core-local
-# The trailing "/" is important
-Path ~/mail/maildir/
-Inbox ~/mail/inbox/
-
-Channel core
-Far :core-remote:
-Near :core-local:
-Patterns *
-# Automatically create missing mailboxes, both locally and on the server
-Create Both
-# Save the synchronization state files in the relevant directory
-SyncState *
-# If a mail is marked T ("Trashed") or deleted, remove it for real everywhere
-Expunge Both
diff --git a/testing/home_files/user/.notmuch-config b/testing/home_files/user/.notmuch-config
deleted file mode 100644 (file)
index 9532761..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-[database]
-path=/home/plom/mail
-[search]
-exclude_tags=deleted;spam;
-# the fields below set the From: if the mail composer is called from
-# within notmuch
-[user]
-name=Christian Heller
-primary_email=plom@plomlompom.com
diff --git a/testing/home_files/user/.shell_prompt_color b/testing/home_files/user/.shell_prompt_color
deleted file mode 100644 (file)
index 0cfbf08..0000000
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/testing/home_files/user/.tridactylrc b/testing/home_files/user/.tridactylrc
deleted file mode 100644 (file)
index 8da0831..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-# sanitize tridactyllocal tridactylsync
-# guiset tabs always 
-# guiset hoverlink left
-# guiset statuspanel right 
-autocmd DocStart www.reddit.com urlmodify -t www.reddit old.reddit
-# bind ö fillcmdline find
-# bind n findnext 1
-# bind N findnext -1
-bind j scrollline 3
-bind k scrollline -3
-set hintuppercase false
-set searchengine duckduckgo
-set theme midnight 
-set searchurls.wiktionary https://en.wiktionary.org/w/index.php?search=
-set searchurls.dictcc https://www.dict.cc/?s=
-set hintchars 123456qwertasdfgyxcvb
-guiset gui none
-escapehatch
diff --git a/testing/home_files/user/.xinitrc b/testing/home_files/user/.xinitrc
deleted file mode 100644 (file)
index e1cbd6a..0000000
+++ /dev/null
@@ -1,19 +0,0 @@
-# X init configuration
-
-# Set keymap.
-setxkbmap de
-
-# Map CapsLock to Compose key.
-xmodmap -e "clear Lock"
-xmodmap -e "keycode 66 = Multi_key"
-
-# Load xterm settings
-xrdb -merge ~/.Xresources
-
-# Redshift to Berlin, Germany.
-redshift -rl 53:13 &
-
-sh .xinitrc_bonus
-
-# Launch window manager.
-i3
diff --git a/testing/home_files/user/mail_sync.sh b/testing/home_files/user/mail_sync.sh
deleted file mode 100755 (executable)
index ffe6b4a..0000000
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-set -e
-
-basedir="/home/plom/mail/maildir/"
-# Ensure directories exist for all "dir:*" tags.
-for tag in $(notmuch search --output=tags '*'); do
-    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
-        continue
-    fi
-    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
-    if [ ! -d "${target_dir}" ]; then
-        echo "Directory ${target_dir} does not exist."
-        exit 1
-    fi
-done
-
-# Ensure all "dir:*"-tagged mails are in proper directories,
-# remove all "dir:*" tags.
-for tag in $(notmuch search --output=tags '*'); do
-    if [ ! $(echo "${tag}" | cut -c-4) = "dir:" ]; then
-        continue
-    fi
-    target_dir="${basedir}"$(echo "${tag}" | cut -c5-)"/cur/"
-    for f in $(notmuch search --output=files tag:"${tag}"); do
-         new_name=$(basename "${f}" | sed -e 's/,U=[0-9]*//')
-         target_path="${target_dir}${new_name}"
-         if [ ! "${target_path}" = "${f}" ]; then
-             echo "Moving ${f} to ${target_path}."
-             mv "${f}" "${target_path}"
-            # NOTE: if we encounter an error here of ${f} not being findable, run "notmuch reindex tag:${tag}" to fix 
-         fi
-    done
-    notmuch tag -"${tag}" tag:"${tag}"
-done
-
-# Remove all "deleted"-tagged files from maildirs.
-notmuch search --output=files tag:deleted | while read f; do
-    echo "Deleting ${f}"
-    rm "${f}"
-done
-
-# Sync changes back to server and update notmuch index.
-mbsync -a
-notmuch new
diff --git a/testing/home_files/user/public_repos/repos b/testing/home_files/user/public_repos/repos
deleted file mode 100644 (file)
index 2414eec..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-# List of repos we want cloned in ~/public_repos
-config
-pingmail.git
-plomlombot-irc.git
-plomrogue
-plomrogue2-experiments
-plomvi.el
-misc
diff --git a/testing/scripts/_config_scripts_lib.sh b/testing/scripts/_config_scripts_lib.sh
new file mode 100644 (file)
index 0000000..c41cf4a
--- /dev/null
@@ -0,0 +1,42 @@
+export DEBIAN_FRONTEND=noninteractive
+
+USERNAME=plom
+PATH_USER_HOME="/home/${USERNAME}"
+
+# NB: this assume we're run from script's parent directory
+cd ../..
+PATH_REPO=$(pwd)
+cd -
+PATH_CONF="${PATH_REPO}/testing"
+PATH_CONF_HOME="${PATH_CONF}/home"
+
+expect_min_n_args() {
+    MIN_ARGS="$1"
+    EXPLAINER="$2"
+    shift 2
+    if [ "$#" -lt "${MIN_ARGS}" ]; then
+        echo "Need at least ${MIN_ARGS} arguments … ${EXPLAINER}"
+        false
+    fi
+}
+
+abort_if_exists() {
+    if [ -e "$1" ]; then
+        echo "Aborting because $1 already exists."
+        exit 1
+    fi
+}
+
+abort_if_not_user() {
+    if [ "$(whoami)" != "$1" ]; then
+        echo "Must be run as ${1}."
+        exit 1
+    fi
+}
+
+abort_if_offline() {
+    if ! ping -c1 -W2 1.1.1.1 > /dev/null 2>&1; then
+        echo "Must be run online."
+        exit 1
+    fi
+}
diff --git a/testing/scripts/_misc.sh b/testing/scripts/_misc.sh
deleted file mode 100644 (file)
index 779fedb..0000000
+++ /dev/null
@@ -1,50 +0,0 @@
-. ../../constants.sh
-. "${PATH_MANY_MISC}"
-
-PATH_REL_SECRETS=to_usb
-PATH_SECRETS=${PATH_USER_HOME}/${PATH_REL_SECRETS}
-
-get_system_name_arg() {
-    THINKPAD_NAMES="x220 w530 t490s"
-    LEGAL_SYSTEM_NAMES="${THINKPAD_NAMES} h610m"
-    FOUND=0
-    for SYSTEM_NAME_I in $LEGAL_SYSTEM_NAMES; do
-        if [ "$1" = "$SYSTEM_NAME_I" ]; then
-            FOUND=1
-            SYSTEM_NAME="${SYSTEM_NAME_I}"
-           break
-        fi
-    done
-    if [ "${FOUND}" = 0 ]; then
-        echo "Need legal system name."
-        false
-    fi
-    SYSTEM_CLASS_NAME=
-    for THINKPAD_NAME in $THINKPAD_NAMES; do
-        if [ "${SYSTEM_NAME}" = "${THINKPAD_NAME}" ]; then
-           SYSTEM_CLASS_NAME=thinkpad
-           break
-       fi
-    done
-}
-
-abort_if_exists() {
-    if [ -e "${1}" ]; then
-        echo "Aborting because $1 already exists."
-        exit 1
-    fi
-}
-
-abort_if_not_user() {
-    if [ `whoami` != "$1" ]; then
-        echo "Must be run as ${1}."
-        exit 1
-    fi
-}
-
-abort_if_offline() {
-    if ! ping -c1 -W2 1.1.1.1 > /dev/null 2>&1; then
-        echo "Must be run online."
-        exit 1
-    fi
-}
index a0d2464ad473101f90469c1fff881b786342af66..44de80948c81d4b17702282babe3261a368d8fdd 100644 (file)
@@ -1,8 +1,14 @@
 set -e
-. ./_misc.sh
+
+# NB: this assume we're run from script's parent directory
+. ./_config_scripts_lib.sh
 
 PATH_REPOS="${HOME}/repos"
 PATH_BORGKEYS="${HOME}/.config/borg/keys"
+PATH_USER_SSH="${PATH_USER_HOME}/.ssh"
+FILENAME_KEY=id_rsa
+PATH_PRIVATE_KEY="${PATH_USER_SSH}/${FILENAME_KEY}"
+PATH_KNOWN_HOSTS="${PATH_USER_SSH}/known_hosts"
 REPOS_SITE_DOMAIN=plomlompom.com
 REMOTE_PATH_REPOS=/var/repos
 NAME_BORGAPP=borgplom
@@ -17,11 +23,9 @@ abort_if_exists "${PATH_REPOS}"
 abort_if_exists "${PATH_BORGKEYS}"
 
 echo "\nSetting up ~/.ssh"
-PATH_PRIVATE_KEY="${PATH_USER_SSH}/${FILENAME_PRIVATE_KEY}"
-PATH_PUBLIC_KEY="${PATH_USER_SSH}/${FILENAME_PUBLIC_KEY}"
-PATH_KNOWN_HOSTS="${PATH_USER_SSH}/known_hosts"
+PATH_PUBLIC_KEY="${PATH_PRIVATE_KEY}.pub"
 mkdir -p "${PATH_USER_SSH}"
-cp "${PATH_SECRETS}/${FILENAME_PRIVATE_KEY}" "${PATH_PRIVATE_KEY}"
+cp "${PATH_SECRETS}/${FILENAME_KEY}" "${PATH_KEY}"
 stty -echo
 while [ ! -s "${PATH_PUBLIC_KEY}" ]; do
     set +e
@@ -65,6 +69,7 @@ while true; do
     fi
 done
 
+PATH_REL_REPO=$(basename "${PATH_REPO}")
 PATH_REL_DEL_REPO="DELETE_${PATH_REL_REPO}"
 mv "${HOME}/${PATH_REL_REPO}" "${HOME}/${PATH_REL_DEL_REPO}"
 echo "\nWith ~/repos set up, new reference be ~/repos/${PATH_REL_REPO}; moved ~/${PATH_REL_REPO} to ~/${PATH_REL_DEL_REPO}, ready to be deleted by you."
index 725430bf199e0c01da2904c1b32ee57dddf249f0..725ce6a3c4c98ae76d4218a4bf339d48a1f8ccee 100755 (executable)
 #!/bin/sh
 set -e
-. ./_misc.sh
 
-expect_min_n_args 1 "(system name)" "$@"
-abort_if_offline
-get_system_name_arg "$1"
-MIN_MODULES="all ${SYSTEM_CLASS_NAME} ${SYSTEM_NAME}"
+# NB: this assume we're run from script's parent directory
+. ./_config_scripts_lib.sh
 
-echo "\nUpgrading to testing."
-# For this step only very selectively prepare /etc/ files.
+PATH_REL_ETC=etc
+PATH_CONF_ETC="${PATH_CONF}/${PATH_REL_ETC}"
+PATH_ETC="/${PATH_REL_ETC}"
+PATH_NETWORK_INTERFACES="${PATH_ETC}/network/interfaces"
 PATH_REL_APT=apt
 PATH_REL_APT_CONF=${PATH_REL_APT}/apt.conf.d
-PATH_REL_SOURCES_LIST=${PATH_REL_APT}/sources.list
-cp ${PATH_MANY}/${PATH_REL_ETC}/all/${PATH_REL_APT_CONF}/* /${PATH_REL_ETC}/${PATH_REL_APT_CONF}/
-apt update
-apt -y -o Dpkg::Options::='--force-confnew' upgrade
-apt -y -o Dpkg::Options::='--force-confnew' full-upgrade
-cp ../${PATH_REL_ETC}/all/${PATH_REL_SOURCES_LIST} /${PATH_REL_ETC}/${PATH_REL_APT}/
-apt clean
-apt update
-apt -y -o Dpkg::Options::='--force-confnew' upgrade
-apt -y -o Dpkg::Options::='--force-confnew' full-upgrade
-apt -y autoremove
+TAG_ALL=all
+TAGS_USER='user desktop'
 
-echo "\nSetting hostname and FQDN."
-echo "${SYSTEM_NAME}" > /etc/hostname
-hostname "${SYSTEM_NAME}"
-final_ip="127.0.1.1"
-for ip in $(hostname -I); do
-    if [ $(echo "${ip}" | grep ':' | wc -l) -eq 1 ]; then
-        continue
-    fi
-    range_1=$(echo "${ip}" | cut -d "." -f 1)
-    range_2=$(echo "${ip}" | cut -d "." -f 2)
-    if [ "${range_1}" -eq 127 ]; then
-        continue
-    elif [ "${range_1}" -eq 10 ]; then
-        continue
-    elif [ "${range_1}" -eq 172 ]; then
-        if [ "${range_2}" -ge 16 ] && [ "${range_2}" -le 31 ]; then
+copy_dirtree() {
+    expect_min_n_args 3 "(source root, target root, tags)" "$@"
+    SOURCE_ROOT="$1"
+    TARGET_ROOT="$2"
+    shift 2
+    modules="$@"
+    INITIAL_DIRECTORY="$(pwd)"
+    for TAG in ${TAGS}; do
+       TAG_PATH="${SOURCE_ROOT}/${TAG}"
+       if [ ! -d "${TAG_PATH}" ]; then
+           continue
+       fi
+       cd "${TAG_PATH}"
+        for PATH in $(find . -type f); do
+            TARGET_PATH="${TARGET_ROOT}"$(echo "${PATH}" | cut -c2-)
+            SOURCE_PATH=$(realpath "${PATH}")
+            DIRECTORY=$(dirname "${TARGET_PATH}")
+            mkdir -p "${DIRECTORY}"
+            cp "${SOURCE_PATH}" "${TARGET_PATH}"
+        done
+        cd "${INITIAL_DIRECTORY}"
+    done
+}
+
+get_system_class_for() {
+    THINKPAD_NAMES="x220 w530 t490s"
+    for THINKPAD_NAME in $THINKPAD_NAMES; do
+        if [ "$1" = "${THINKPAD_NAME}" ]; then
+            printf 'thinkpad'
+           break
+       fi
+    done
+    printf ''
+}
+
+abort_if_illegal_system_name() {
+    LEGAL_SYSTEM_NAMES="${THINKPAD_NAMES} h610m"
+    for SYSTEM_NAME_I in $LEGAL_SYSTEM_NAMES; do
+        if [ "$1" = "$SYSTEM_NAME_I" ]; then
+           return 0
+        fi
+    done
+    echo "Need legal system name."
+    exit 1
+}
+
+upgrade_from_older_release() {
+    apt_update_to_full_upgrade() {
+        apt update
+        apt -y -o Dpkg::Options::='--force-confnew' upgrade
+        apt -y -o Dpkg::Options::='--force-confnew' full-upgrade
+    }
+    apt_update_to_full_upgrade
+    cp "${PATH_CONF_ETC}/${TAG_ALL}/${PATH_REL_APT}/sources.list" "${PATH_ETC}/${PATH_REL_APT}/"
+    apt clean
+    apt_update_to_full_upgrade
+    apt -y autoremove
+}
+
+determine_ip() {
+    FINAL_IP="127.0.1.1"
+    for IP in $(hostname -I); do
+        if [ $(echo "${IP}" | grep ':' | wc -l) -eq 1 ]; then
             continue
         fi
-    elif [ "${range_1}" -eq 192 ]; then
-        if [ "${range_2}" -eq 168 ]; then
+        RANGE_1=$(echo "${IP}" | cut -d "." -f 1)
+        RANGE_2=$(echo "${IP}" | cut -d "." -f 2)
+        if [ "${RANGE_1}" -eq 127 ]; then
+            continue
+        elif [ "${RANGE_1}" -eq 10 ]; then
+            continue
+        elif [ "${RANGE_1}" -eq 172 ]; then
+            if [ "${RANGE_2}" -ge 16 ] && [ "${RANGE_2}" -le 31 ]; then
+                continue
+            fi
+        elif [ "${RANGE_1}" -eq 192 ]; then
+            if [ "${RANGE_2}" -eq 168 ]; then
+                continue
+            fi
+        fi
+        FINAL_IP="${IP}"
+    done
+    printf "${FINAL_IP}"
+}
+
+mark_nonrequireds_auto() {
+    PATH_LIST_PREFIX=/tmp/list_
+    PATH_LIST_UNSORTED="${PATH_LIST_PREFIX}unsorted"
+    PATH_LIST_ALL_PACKAGES="${PATH_LIST_PREFIX}all_packages"
+    PATH_LIST_WHITE="${PATH_LIST_PREFIX}white"
+    PATH_LIST_BLACK="${PATH_LIST_PREFIX}black"
+    TOK_REQ=" required"
+    dpkg-query -Wf '${Package} ${Priority}\n' | grep "${TOK_REQ}" | sed "s/${TOK_REQ}//" > "${PATH_LIST_UNSORTED}"
+    sort "${PATH_LIST_UNSORTED}" | uniq > "${PATH_LIST_WHITE}"
+    dpkg-query -Wf '${Package}\n' > "${PATH_LIST_UNSORTED}"
+    sort "${PATH_LIST_UNSORTED}" | uniq > "${PATH_LIST_ALL_PACKAGES}"
+    comm -3 "${PATH_LIST_ALL_PACKAGES}" "${PATH_LIST_WHITE}" > "${PATH_LIST_BLACK}"
+    apt-mark auto `cat "${PATH_LIST_BLACK}"`
+    rm "${PATH_LIST_UNSORTED}" "${PATH_LIST_ALL_PACKAGES}" "${PATH_LIST_WHITE}" "${PATH_LIST_BLACK}"
+}
+
+install_aptmarkeds() {
+    # Walk through the package names in ../aptmark/ files to ensure the respective
+    # packages are installed.
+    for TAG in ${MIN_TAGS} user desktop; do
+        PATH="${PATH_CONF}/aptmark/${TAG}"
+        if [ ! -f "${PATH}" ]; then
             continue
         fi
+        cat "${PATH}" | while read line; do
+            echo "$LINE"
+            if [ ! $(echo "${LINE}" | cut -c1) = "#" ]; then
+                apt-get -y -o Dpkg::Options::="--force-confnew" install "${LINE}"
+            fi
+        done
+    done
+}
+
+adopt_wifi_connection() {
+    get_network_interfaces_last_wpa_value() {
+        REGEX="^\s+wpa-${1}\s+"
+        cat "${PATH_NETWORK_INTERFACES}" | grep -E "${REGEX}" | sed -E "s/${REGEX}//g" | tail -1
+    }
+    WLAN_SSID=$(get_network_interfaces_last_wpa_value 'ssid')
+    WLAN_PSK=$(get_network_interfaces_last_wpa_value 'psk')
+    if [ ! -z "${WLAN_SSID}" ]; then
+        echo "Found, adding to NetworkManager."
+        if [ -z "${WLAN_PSK}" ]; then
+            nmcli connection add type wifi wifi.ssid "${WLAN_SSID}"
+        else  # NB: assumes last (collected with tail -1) wpa-psk that of last wlan-ssid
+            nmcli connection add type wifi wifi.ssid "${WLAN_SSID}" wifi-sec.key-mgmt wpa-psk wifi-sec.psk "${WLAN_PSK}"
+        fi
     fi
-    final_ip="${ip}"
-done
-echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
-echo "${final_ip} ${SYSTEM_NAME}" >> /etc/hosts
+}
+
+expect_min_n_args 1 "(system name)" "$@"
+abort_if_offline
+SYSTEM_NAME="$1"
+abort_if_illegal_system_name "${SYSTEM_NAME}"
+SYSTEM_CLASS_NAME="$(get_system_class_for ${SYSTEM_NAME})"
+MIN_TAGS="${TAG_ALL} ${SYSTEM_CLASS_NAME} ${SYSTEM_NAME}"
+
+echo "\nUpgrading to testing."
+# For this step only very selectively prepare /etc/ files.
+cp "${PATH_CONF_ETC}/${TAG_ALL}/${PATH_REL_APT_CONF}/99_minimize_dependencies" "${PATH_ETC}/${PATH_REL_APT_CONF}/"
+upgrade_from_older_release
 
 echo "\nInstalling and/or keeping only what's required by us or Debian."
 # Ensure package installation state as defined by what packages are
-# defined as required by Debian policy and by settings in ./apt-mark/.
+# defined as required by Debian policy and by settings in ./aptmark.
 mark_nonrequireds_auto
 if [ "${SYSTEM_NAME}" = "h610m" ]; then
     # Hold kernel known to work with nvidia-drivers.
     apt-mark hold linux-image-amd64 linux-headers-amd64
 fi
-for root in $ROOTS_HERE_AND_MANY; do
-    install_for_modules "${root}/${PATH_REL_APTMARK}" ${MIN_MODULES} user desktop
-done
+install_aptmarkeds
 apt -y --purge autoremove
 
-echo "\nChecking for existing wifi config in ${PATH_NETWORK_INTERFACES}."
 # NB: This needs to come before steps potentially overwriting /etc/network/interfaces.
-PATH_NETWORK_INTERFACES=/etc/network/interfaces
-get_network_interfaces_last_wpa_value() {
-    REGEX="^\s+wpa-${1}\s+"
-    cat "${PATH_NETWORK_INTERFACES}" | grep -E "${REGEX}" | sed -E "s/${REGEX}//g" | tail -1
-}
-WLAN_SSID=$(get_network_interfaces_last_wpa_value 'ssid')
-WLAN_PSK=$(get_network_interfaces_last_wpa_value 'psk')
-if [ ! -z "${WLAN_SSID}" ]; then
-    echo "Found, adding to NetworkManager."
-    if [ -z "${WLAN_PSK}" ]; then
-        nmcli connection add type wifi wifi.ssid "${WLAN_SSID}"
-    else  # NB: assumes last (collected with tail -1) wpa-psk that of last wlan-ssid
-        nmcli connection add type wifi wifi.ssid "${WLAN_SSID}" wifi-sec.key-mgmt wpa-psk wifi-sec.psk "${WLAN_PSK}"
-    fi
-fi
+echo "\nChecking for existing wifi config in ${PATH_NETWORK_INTERFACES}."
+adopt_wifi_connection
 
-echo "\nAdapting /etc to our needs."
-for root in $ROOTS_HERE_AND_MANY; do
-    copy_dirtree "${root}/${PATH_REL_ETC}" '/etc' ${MIN_MODULES} user desktop
-done
+echo "\nSetting hostname and FQDN."
+echo "${SYSTEM_NAME}" > "${PATH_ETC}/hostname"
+hostname "${SYSTEM_NAME}"
+echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
+echo "$(determine_ip) ${SYSTEM_NAME}" >> /etc/hosts
 
+echo "\nAdapting /etc to our needs."
+copy_dirtree "${PATH_CONF_ETC}" '/etc' ${MIN_TAGS} ${TAGS_USER}
 echo "\nEnsuring our desired locale is available."
 locale-gen
-
 echo "\nSetting Berlin localtime."
 ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
 ntpdate-debian
 
 echo "\nSetting up root user's home directory."
-for root in $ROOTS_HERE_AND_MANY; do
-    copy_dirtree "${root}/${PATH_REL_HOME}" '/root' ${MIN_MODULES} minimal root
-done
+copy_dirtree "${PATH_CONF_HOME}" '/root' ${MIN_TAGS} root
 
 echo "\nSetting up user ${USERNAME}."
 adduser --disabled-password --gecos "" "${USERNAME}"
 usermod -a -G sudo "${USERNAME}"
-for root in $ROOTS_HERE_AND_MANY; do
-    copy_dirtree "${root}/${PATH_REL_HOME}" "${PATH_USER_HOME}" ${MIN_MODULES} user desktop
-done
-cp -a "../../../${PATH_REL_REPO}" "${PATH_USER_HOME}/"
+copy_dirtree "${PATH_CONF_HOME}" "${PATH_USER_HOME}" ${MIN_TAGS} ${TAGS_USER}
+cp -a "${PATH_REPO}" "${PATH_USER_HOME}/"
 chown -R "${USERNAME}:${USERNAME}" "${PATH_USER_HOME}"
 passwd "${USERNAME}"
diff --git a/testing/scripts/setup_raspi.sh b/testing/scripts/setup_raspi.sh
deleted file mode 100755 (executable)
index 812f5b5..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-set -e
-set -x
-. ../../constants.sh
-. "${PATH_MANY_MISC}"
-
-setup_for_raspi
index a70673922feb6fac6d5a0b474d8637ee2f666e80..a72f4c50e69f0c85fcc4d8d7c15fea61b6a9d6ad 100755 (executable)
@@ -1,7 +1,11 @@
 #!/bin/sh
 set -e
-. ./_misc.sh
-. ../home/desktop/.nonpath_bins/plomlib.sh
+
+# NB: this assume we're run from script's parent directory
+. ./_config_scripts_lib.sh
+. "${PATH_CONF_HOME}"/desktop/.nonpath_bins/plomlib.sh
+
+export PATH_SECRETS=${PATH_USER_HOME}/to_usb
 
 abort_if_not_user root
 abort_if_offline
@@ -34,8 +38,6 @@ pumount "${SECRETS_DEV}"
 echo "You can remove ${PATH_DEV} now."
 chown -R "${USERNAME}:${USERNAME}" "${PATH_SECRETS}"
 
-cd ../..
-PATH_REPO=$(pwd)
 CONTAINS_TICK=$(echo "${PASSPHRASE}" | grep "'" | wc -l)
 if [ "${CONTAINS_TICK}" = "1" ]; then
   echo "Cannot pass to user script passphrase with illegal character, aborting."
diff --git a/testing/setup_scripts/_setup.sh b/testing/setup_scripts/_setup.sh
deleted file mode 100755 (executable)
index 0c28d60..0000000
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-
-expect_n_args 2 "(hostname, FQDN)" "$@"
-hostname="$1"
-fqdn="$2"
-shift 2
-
-cd "${setup_scripts_dir}"
-
-# Adapt /etc/ to our needs by copying from ./etc_files. This will set
-# basic configurations affecting following steps, such as setup of APT
-# and the locale selection, so needs to be right at the beginning.
-./copy_dirtree.sh "${config_tree_prefix}/etc_files" "" all "$@"
-
-# Set hostname and FQDN.
-./set_hostname_and_fqdn.sh "${hostname}" "${fqdn}"
-
-# Ensure package installation state as defined by what packages are
-# defined as required by Debian policy and by settings in ./apt-mark/.
-apt update
-./install_for_target.sh all "$@"
-./purge_nonrequireds.sh all "$@"
-
-# Ensure our desired locale is available.
-locale-gen
-
-# Only upgrade after reducing the system to the desired minimum, so that
-# we don't need to get more data than necessary.
-apt -y dist-upgrade
-
-# Set Berlin localtime.
-ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
diff --git a/testing/setup_scripts/copy_dirtree.sh b/testing/setup_scripts/copy_dirtree.sh
deleted file mode 100755 (executable)
index 2c385f0..0000000
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-# Copy files in argument-selected subdirectories of $1 to subdirectories
-# of $2 (which may be an empty string), e.g. with $1 of "etc_files", $2
-# of "" and $3 of "all", copy files below etc_files/all such as
-# etc_files/all/etc/foo/bar to equivalent locations below / such as
-# /etc/foo/bar. Create directories as necessary. Multiple arguments after
-# $3 are possible.
-#
-# CAUTION: This removes original files at the affected paths.
-set -e
-. ./misc.sh
-
-expect_n_args 3 "(source root, target root, modules)" "$@"
-
-source_root="$1"
-target_root="$2"
-shift 2
-
-for target_module in "$@"; do
-    mkdir -p "${source_root}/${target_module}"
-    cd "${source_root}/${target_module}"
-    for path in $(find . -type f); do
-        target_path="${target_root}"$(echo "${path}" | cut -c2-)
-        source_path=$(realpath "${path}")
-        dir=$(dirname "${target_path}")
-        mkdir -p "${dir}"
-        cp "${source_path}" "${target_path}"
-    done
-done
diff --git a/testing/setup_scripts/install_for_target.sh b/testing/setup_scripts/install_for_target.sh
deleted file mode 100755 (executable)
index 6d04152..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh
-# Walks through the package names in the argument-selected files of
-# apt-mark/ and ensures the respective packages are installed.
-#
-# Ignores anything in an apt-mark/ file after the last newline.
-set -e
-. ./misc.sh
-
-for target in "$@"; do
-    path="${aptmark_dir}/${target}"
-    # TODO: continue if file at $path not found, to get rid of dummy files
-    cat "${path}" | while read line; do
-        echo "$line"
-        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-            DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=--force-confold install "${line}"
-        fi
-    done
-done
diff --git a/testing/setup_scripts/misc.sh b/testing/setup_scripts/misc.sh
deleted file mode 100644 (file)
index f6d2367..0000000
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-set -e
-debian_version="testing"
-legal_system_names="x220 w530 h610m"
-config_tree_prefix="${HOME}/public_repos/config/${debian_version}"
-if [ ! -d "${config_tree_prefix}" ]; then
-    config_tree_prefix="${HOME}/config/${debian_version}"
-fi
-setup_scripts_dir="${config_tree_prefix}/setup_scripts"
-aptmark_dir="${config_tree_prefix}/apt-mark"
-
-expect_n_args() {
-    min_args="$1"
-    explainer="$2"
-    shift 2
-    if [ "$#" -lt "${min_args}" ]; then
-        echo "Need at least ${min_args} arguments … ${explainer}"
-        false
-    fi
-}
-
-expect_setup_finished_file() {
-    filename="$1"
-    setup_script="$2"
-    if [ ! -f "${HOME}/${filename}" ]; then
-        echo "First need to run ${setup_script}."
-        false
-    fi
-}
-
-get_system_name_arg() {
-    found=0
-    for system_name_i in $legal_system_names; do
-        if [ "$1" = "$system_name_i" ]; then
-            found=1
-            system_name="${system_name_i}"
-            continue   
-        fi
-    done
-    if [ "$found" = 0 ]; then
-        echo "Need legal system name."
-        false
-    fi
-}
diff --git a/testing/setup_scripts/purge_nonrequireds.sh b/testing/setup_scripts/purge_nonrequireds.sh
deleted file mode 100755 (executable)
index 48065fc..0000000
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/sh
-# This script removes all Debian packages that are not of Priority
-# "required" or not depended on by packages of priority "required"
-# or not listed in the argument-selected files of apt-mark/.
-set -e
-. ./misc.sh
-
-# FIXME packages listed twice in the aptmark_dir get blacklisted?
-
-dpkg-query -Wf '${Package} ${Priority}\n' | grep ' required' | sed 's/ required//' > /tmp/list_white_unsorted
-for target in "$@"; do
-    path="${aptmark_dir}/${target}"
-    cat "${path}" | while read line; do
-        if [ ! $(echo "${line}" | cut -c1) = "#" ]; then
-            echo "${line}" >> /tmp/list_white_unsorted
-        fi
-    done
-done
-sort /tmp/list_white_unsorted > /tmp/list_white
-dpkg-query -Wf '${Package}\n' > /tmp/list_all_packages
-sort /tmp/list_all_packages > /tmp/foo
-mv /tmp/foo /tmp/list_all_packages
-comm -3 /tmp/list_all_packages /tmp/list_white > /tmp/list_black
-apt-mark auto `cat /tmp/list_black`
-DEBIAN_FRONTEND=noninteractive apt-get -y --purge autoremove
-rm /tmp/list_all_packages /tmp/list_white_unsorted /tmp/list_white /tmp/list_black
-
-# Somehow, auto-mounts get undone by all of this, so re-mount /etc/fstab.
-# TODO: Find out why.
-mount -a
diff --git a/testing/setup_scripts/set_hostname_and_fqdn.sh b/testing/setup_scripts/set_hostname_and_fqdn.sh
deleted file mode 100755 (executable)
index b367906..0000000
+++ /dev/null
@@ -1,49 +0,0 @@
-#!/bin/sh
-# Sets hostname and optionally FQDN.
-#
-# Calls hostname, writes to /etc/hostname and /etc/hosts. For /etc/hosts
-# writing follows recommendations from Debian manual at
-# <https://www.debian.org/doc/manuals/debian-reference/ch05.en.html>
-# (section "The hostname resolution") on how to map hostname and possibly
-# FQDN to a permanent IP if present (we assume here any non-private IP
-# and non-loopback IP returned by hostname -I to fulfill that criterion
-# on our systems) or to 127.0.1.1 if not. On the reasoning for separating
-# localhost and hostname mapping to different IPs, see
-# <https://unix.stackexchange.com/a/13087>.
-#
-# Ignores IPv6s.
-set -e
-. ./misc.sh
-
-expect_n_args 1 "(hostname, fqdn)" "$@"
-
-hostname="$1"
-fqdn="$2"
-echo "${hostname}" > /etc/hostname
-hostname "${hostname}"
-
-final_ip="127.0.1.1"
-for ip in $(hostname -I); do
-    if [ $(echo "${ip}" | grep ':' | wc -l) -eq 1 ]; then
-        continue
-    fi
-    range_1=$(echo "${ip}" | cut -d "." -f 1)
-    range_2=$(echo "${ip}" | cut -d "." -f 2)
-    if [ "${range_1}" -eq 127 ]; then
-        continue
-    elif [ "${range_1}" -eq 10 ]; then
-        continue
-    elif [ "${range_1}" -eq 172 ]; then
-        if [ "${range_2}" -ge 16 ] && [ "${range_2}" -le 31 ]; then
-            continue
-        fi
-    elif [ "${range_1}" -eq 192 ]; then
-        if [ "${range_2}" -eq 168 ]; then
-            continue
-        fi
-    fi
-    final_ip="${ip}"
-done
-
-echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
-echo "${final_ip} ${fqdn} ${hostname}" >> /etc/hosts
diff --git a/testing/setup_scripts/setup_desktop.sh b/testing/setup_scripts/setup_desktop.sh
deleted file mode 100755 (executable)
index b9eba61..0000000
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-
-expect_n_args 1 "(system name)" "$@"
-get_system_name_arg "$1"
-
-# Set up system without user environment.
-cd "${setup_scripts_dir}"
-if [ "$system_name" = "w530" ] || [ "$system_name" = "x220" ]; then
-    ./_setup.sh "${system_name}" "" user desktop thinkpad "${system_name}"
-else
-    ./_setup.sh "${system_name}" "" user desktop "${system_name}"
-fi
-
-# Upgrade to testing, but hold kernel known to work with nvidia-drivers.
-sed -i 's/bookworm/testing/g' /etc/apt/sources.list
-if [ "$system_name" = "h610m" ]; then
-    apt-mark hold linux-image-amd64 linux-headers-amd64
-fi
-apt update
-apt dist-upgrade
-
-# Set up user environments.
-cd "${setup_scripts_dir}"
-./copy_dirtree.sh "${config_tree_prefix}/home_files" "/root" minimal root
-adduser --disabled-password --gecos "" plom
-usermod -a -G sudo plom
-passwd plom
-cp -a ~/config /home/plom
-chown -R plom:plom /home/plom/config
diff --git a/testing/setup_scripts/setup_home.sh b/testing/setup_scripts/setup_home.sh
deleted file mode 100755 (executable)
index 592573a..0000000
+++ /dev/null
@@ -1,108 +0,0 @@
-#!/bin/sh
-set -e
-. ./misc.sh
-
-expect_n_args 1 "(system name)" "$@"
-get_system_name_arg "$1"
-
-cd $setup_scripts_dir
-./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}"
-
-# secrets_dev="sdb"
-# source_dir_secrets="/media/${secrets_dev}/to_usb"
-# target_dir_secrets="${HOME}/tmp_secrets"
-# echo "Put secrets drive into slot for /dev/${secrets_dev}."
-# while [ ! -e /dev/"${secrets_dev}" ]; do
-#     sleep 1
-# done
-# stty -echo
-# printf "Secrets passphrase: "
-# read SECRETS_PASS 
-# stty echo
-# echo "" # newline so user knows their input return was accepted
-# sudo -v
-# echo "${SECRETS_PASS}" | sudo pmount /dev/"${secrets_dev}"
-# cp -a "${source_dir_secrets}" "${target_dir_secrets}"
-# sudo chown -R plom:plom "${target_dir_secrets}"
-# sudo pumount "${secrets_dev}"
-# echo "You can remove /dev/${secrets_dev} now."
-# 
-# # Set up iniitial non-public parts of infrastructure: SSH authentication.
-# ssh_dir=~/.ssh
-# cd "${target_dir_secrets}"
-# mkdir -p "${ssh_dir}"
-# echo "Setting up .ssh"
-# cp id_rsa ~/.ssh
-# stty -echo
-# ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
-# stty echo
-# eval $(ssh-agent)
-# ssh-add
-# ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts
-# 
-# # Fill ~/public_repos.
-# public_repos_dir="${HOME}/public_repos"
-# repos_list_file="${public_repos_dir}/repos"
-# mkdir -p "${public_repos_dir}"
-# cat "${repos_list_file}" | while read line; do
-#     first_char=$(echo "${line}" | cut -c1)
-#     if [ "${first_char}" = "#" ]; then
-#         continue
-#     fi
-#     repo_name="${line}"
-#     if [ ! -d "${public_repos_dir}/${repo_name}" ]; then
-#         cd "${public_repos_dir}"
-#         git clone plom@plomlompom.com:/var/repos/${repo_name}
-#     fi
-# done
-# 
-# # Remove redundant config repo copy.
-# config_tree_prefix="${public_repos_dir}/config/${debian_version}"
-# rm -rf ~/config
-# 
-# # Set up native messenger for tridactyl.
-# version='ef9f02d0da258f68d7faf8898707f6d83d90d07a'
-# curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash
-# 
-# # Set up further non-public parts of infrastructure.
-# cd "${target_dir_secrets}"
-# script -c 'gpg --import secret_keys.asc' /dev/null
-# path_borgscript="${config_tree_prefix}//borg.sh"
-# 
-# # borg setup
-# borgkeys_dir=~/.config/borg/keys
-# borgrepos_file=~/.borgrepos
-# tar xf borg_keyfiles.tar
-# mkdir -p "${borgkeys_dir}"
-# mv borg_keyfiles/* "${borgkeys_dir}"
-# # Sync org dir via borgbackup. For this we need the borgbackup servers
-# # in our .ssh/known_hosts file.
-# cat "${borgrepos_file}" | while read line; do
-#     first_char=$(echo "${line}" | cut -c1)
-#     if [ "${first_char}" = "#" ]; then
-#         continue
-#     fi
-#     server=$(echo "${line}" | sed 's/.*@//')
-#     ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts
-# done
-# BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull
-# 
-# # .authinfo may not be present on every secrets drive yet
-# authinfo_file=.authinfo
-# if [ -f "${authinfo_file}" ]; then
-#     cp "${authinfo_file}" ~
-# fi
-# cd
-# 
-# maildir=~/mail/maildir
-# # # Set up e-mail system. Note that we only do mbsync if the imap pass file
-# # # is found. It may not be present on every secrets drive yet, so we have to
-# # # deal with the possibility of it being absent at this point.
-# mkdir -p "${maildir}"  # expected by mbsync/isync
-# if [ -f "${HOME}/${authinfo_file}" ]; then
-#     mbsync -a
-#     notmuch new
-# fi
-# 
-# # # Final note on how to integrate tridactyl.
-# # echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start."