From 6203775f8d282f0db94b666a172b117231e90b32 Mon Sep 17 00:00:00 2001
From: Christian Heller <c.heller@plomlompom.de>
Date: Wed, 5 Mar 2025 19:59:29 +0100
Subject: [PATCH] Reorganize, add start of new borg script.

---
 constants.sh                             | 18 +++++-----
 many_releases/scripts/_misc.sh           | 10 +++---
 testing/home/desktop/.local/bin/borgplom | 13 +++++++
 testing/scripts/{misc.sh => _misc.sh}    |  0
 testing/scripts/setup_desktop.sh         | 12 +++----
 testing/scripts/setup_secrets_root.sh    | 12 +++----
 testing/scripts/setup_secrets_user.sh    | 43 ++++++++++++++++++++----
 7 files changed, 76 insertions(+), 32 deletions(-)
 mode change 100755 => 100644 many_releases/scripts/_misc.sh
 create mode 100755 testing/home/desktop/.local/bin/borgplom
 rename testing/scripts/{misc.sh => _misc.sh} (100%)

diff --git a/constants.sh b/constants.sh
index b653b1d..ac6dd89 100755
--- a/constants.sh
+++ b/constants.sh
@@ -1,21 +1,21 @@
 #!/bin/sh
 set -e
 
-PATH_REL_ETC="etc"
-PATH_REL_APTMARK="aptmark"
-PATH_REL_REPO="config"
-PATH_REL_HOME="home"
-PATH_REPO="${HOME}/${PATH_REL_REPO}"
-PATH_MANY="${PATH_REPO}/many_releases"
+PATH_REL_ETC=etc
+PATH_REL_APTMARK=aptmark
+PATH_REL_REPO=config
+PATH_REL_HOME=home
+PATH_MANY=../../many_releases
 PATH_MANY_MISC="${PATH_MANY}/scripts/_misc.sh"
+ROOTS_HERE_AND_MANY="${PATH_MANY} .."
 
-USERNAME="plom"
+USERNAME=plom
 PATH_USER_HOME="/home/${USERNAME}"
 
-FILENAME_PRIVATE_KEY='id_rsa'
+FILENAME_PRIVATE_KEY=id_rsa
 FILENAME_PUBLIC_KEY="${FILENAME_PRIVATE_KEY}.pub"
 URL_PUBLIC_KEY="https://dump.plomlompom.com/dump/${FILENAME_PUBLIC_KEY}"
-PATH_REL_LOCAL_SSH=".ssh"
+PATH_REL_LOCAL_SSH=.ssh
 PATH_REL_AUTHORIZED_KEYS="${PATH_REL_LOCAL_SSH}/authorized_keys"
 PATH_AUTHORIZED_KEYS="${HOME}/${PATH_REL_AUTHORIZED_KEYS}"
 PATH_USER_SSH="${PATH_USER_HOME}/${PATH_REL_LOCAL_SSH}"
diff --git a/many_releases/scripts/_misc.sh b/many_releases/scripts/_misc.sh
old mode 100755
new mode 100644
index 5fd263e..941bc4d
--- a/many_releases/scripts/_misc.sh
+++ b/many_releases/scripts/_misc.sh
@@ -126,16 +126,16 @@ setup_for_raspi() {
 
     # properly configure apt and reduce system to minimum that satisfies our own
     # aptmark/ package lists
-    for root in "${PATH_MANY}" '..'; do
+    for root in ${ROOTS_HERE_AND_MANY}; do
         copy_dirtree "${root}/${PATH_REL_ETC}/all" '/etc/apt' apt
     done
     apt update
     mark_nonrequireds_auto
-    for root in "${PATH_MANY}" '..'; do
+    for root in ${ROOTS_HERE_AND_MANY}; do
         install_for_modules "${root}/${PATH_REL_APTMARK}" all raspi
     done
     apt -y --purge autoremove
-    for root in "${PATH_MANY}" '..'; do
+    for root in ${ROOTS_HERE_AND_MANY}; do
         copy_dirtree "${root}/${PATH_REL_ETC}" '/etc' all raspi
     done
 
@@ -150,14 +150,14 @@ setup_for_raspi() {
     sed -i '/^output \* bg/ s/^/#/' /etc/sway/config
 
     # Set up root environment.
-    for root in "${PATH_MANY}" '..'; do
+    for root in ${ROOTS_HERE_AND_MANY}; do
         copy_dirtree "${root}/${PATH_REL_HOME}" '/root' all root raspi_root
     done
 
     # Set up user and their environment.
     adduser --disabled-password --gecos "" "${USERNAME}"
     usermod -a -G sudo "${USERNAME}"
-    for root in "${PATH_MANY}" '..'; do
+    for root in ${ROOTS_HERE_AND_MANY}; do
         copy_dirtree "${root}/${PATH_REL_HOME}" "${PATH_USER_HOME}" all desktop raspi
     done
     mkdir "${PATH_USER_SSH}"
diff --git a/testing/home/desktop/.local/bin/borgplom b/testing/home/desktop/.local/bin/borgplom
new file mode 100755
index 0000000..edda582
--- /dev/null
+++ b/testing/home/desktop/.local/bin/borgplom
@@ -0,0 +1,13 @@
+#!/bin/sh
+PATH_BORGKEYS="${HOME}/.config/borg/keys"
+PATH_ORG="${HOME}/org"
+
+if [ "$1" = "orgpull" ]; then
+    cd /
+    echo "Pretending to do something."
+    FIRST_SERVER=$(ls -1 "${PATH_BORGKEYS}/" | head -1 | sed 's/.*@//')
+    REPO="${FIRST_SERVER}:borg"
+    ARCHIVE=$(borg list "${REPO}" | grep "${PATH_ORG}/" | tail -1 | cut -f1 -d' ')
+    echo "Pulling archive: ${ARCHIVE}"
+    borg extract --verbose "${REPO}::${ARCHIVE}"
+fi
diff --git a/testing/scripts/misc.sh b/testing/scripts/_misc.sh
similarity index 100%
rename from testing/scripts/misc.sh
rename to testing/scripts/_misc.sh
diff --git a/testing/scripts/setup_desktop.sh b/testing/scripts/setup_desktop.sh
index 20dd2af..d5b5b14 100755
--- a/testing/scripts/setup_desktop.sh
+++ b/testing/scripts/setup_desktop.sh
@@ -1,7 +1,7 @@
 #!/bin/sh
 set -e
 set -x
-. ./misc.sh
+. ./_misc.sh
 
 expect_min_n_args 1 "(system name)" "$@"
 get_system_name_arg "$1"
@@ -57,13 +57,13 @@ if [ "$system_name" = "h610m" ]; then
     # Hold kernel known to work with nvidia-drivers.
     apt-mark hold linux-image-amd64 linux-headers-amd64
 fi
-for root in "${PATH_MANY}" '..'; do
+for root in $ROOTS_HERE_AND_MANY; do
     install_for_modules "${root}/${PATH_REL_APTMARK}" ${MIN_MODULES} user desktop
 done
 apt -y --purge autoremove
 
 # Adapt /etc/ to our needs.
-for root in "${PATH_MANY}" '..'; do
+for root in $ROOTS_HERE_AND_MANY; do
     copy_dirtree "${root}/${PATH_REL_ETC}" '/etc' ${MIN_MODULES} user desktop
 done
 
@@ -75,16 +75,16 @@ ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
 ntpdate-debian
 
 # Set up root environment.
-for root in "${PATH_MANY}" '..'; do
+for root in $ROOTS_HERE_AND_MANY; do
     copy_dirtree "${root}/${PATH_REL_HOME}" '/root' ${MIN_MODULES} minimal root
 done
 
 # Set up user and their environment.
 adduser --disabled-password --gecos "" "${USERNAME}"
 usermod -a -G sudo "${USERNAME}"
-for root in "${PATH_MANY}" '..'; do
+for root in $ROOTS_HERE_AND_MANY; do
     copy_dirtree "${root}/${PATH_REL_HOME}" "${PATH_USER_HOME}" ${MIN_MODULES} user desktop
 done
-cp -a "${PATH_REPO}" "${PATH_USER_HOME}/"
+cp -a "../../../${PATH_REL_REPO}" "${PATH_USER_HOME}/"
 chown -R "${USERNAME}:${USERNAME}" "${PATH_USER_HOME}"
 passwd "${USERNAME}"
diff --git a/testing/scripts/setup_secrets_root.sh b/testing/scripts/setup_secrets_root.sh
index 1e705e3..92f0c12 100755
--- a/testing/scripts/setup_secrets_root.sh
+++ b/testing/scripts/setup_secrets_root.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 set -e
-. ./misc.sh
+. ./_misc.sh
 
 abort_if_not_user root
 
@@ -14,7 +14,7 @@ echo "Put secrets drive into slot for ${PATH_DEV}."
 while [ ! -e "${PATH_DEV}" ]; do
     sleep 0.1
 done
-while [ true ]; do
+while true; do
     stty -echo
     printf "\nSecrets passphrase: "
     read SECRETS_PASS 
@@ -22,11 +22,11 @@ while [ true ]; do
     echo "" # newline so user knows their input return was accepted
     set +e
     echo "${SECRETS_PASS}" | pmount "${PATH_DEV}"
-    result=$?
+    RESULT=$?
     set -e
-    if [ "${result}" = "0" ]; then
+    if [ "${RESULT}" = "0" ]; then
         break
-    elif [ "${result}" != "100" ]; then
+    elif [ "${RESULT}" != "100" ]; then
         echo "Aborting due to pmount error."
 	exit 1
     fi
@@ -35,4 +35,4 @@ cp -a "${PATH_SOURCE}" "${PATH_SECRETS}"
 pumount "${SECRETS_DEV}"
 echo "You can remove ${PATH_DEV} now."
 chown -R "${USERNAME}:${USERNAME}" "${PATH_SECRETS}"
-sudo -u "${USERNAME}" ./setup_secrets_user.sh
+sudo -u "${USERNAME}" ./setup_secrets_user.sh "${SECRETS_PASS}"
diff --git a/testing/scripts/setup_secrets_user.sh b/testing/scripts/setup_secrets_user.sh
index e4209b4..f2cd5b2 100755
--- a/testing/scripts/setup_secrets_user.sh
+++ b/testing/scripts/setup_secrets_user.sh
@@ -1,16 +1,24 @@
 #!/bin/sh
 set -e
-. ./misc.sh
+. ./_misc.sh
+
+BORG_PASSPHRASE="$1"
+PATH_REPOS="${HOME}/repos"
+PATH_BORGKEYS="${HOME}/.config/borg/keys"
+REPOS_SITE_DOMAIN=plomlompom.com
+REMOTE_PATH_REPOS=/var/repos
+NAME_BORGAPP=borgplom
 
 abort_if_not_user "${USERNAME}"
 abort_if_exists "${PATH_USER_SSH}"
-PATH_REPOS="${HOME}/repos"
 abort_if_exists "${PATH_REPOS}"
+abort_if_exists "${PATH_BORGKEYS}"
 
 echo "Setting up ~/.ssh"
 PATH_PRIVATE_KEY="${PATH_USER_SSH}/${FILENAME_PRIVATE_KEY}"
 PATH_PUBLIC_KEY="${PATH_USER_SSH}/${FILENAME_PUBLIC_KEY}"
-mkdir -p "${PATH_USER_SSH}" && cp "${PATH_SECRETS}/${FILENAME_PRIVATE_KEY}" "${PATH_PRIVATE_KEY}"
+mkdir -p "${PATH_USER_SSH}"
+cp "${PATH_SECRETS}/${FILENAME_PRIVATE_KEY}" "${PATH_PRIVATE_KEY}"
 while [ ! -s "${PATH_PUBLIC_KEY}" ]; do
     set +e
     stty -echo
@@ -18,15 +26,38 @@ while [ ! -s "${PATH_PUBLIC_KEY}" ]; do
     stty echo
     set -e
 done
+PATH_KNOWN_HOSTS="${PATH_USER_SSH}/known_hosts"
 
 echo "Setting up ~/repos"
-REPOS_SITE_DOMAIN=plomlompom.com
 REPOS_SITE_LOGIN="${USERNAME}@${REPOS_SITE_DOMAIN}"
-REMOTE_PATH_REPOS=/var/repos
 eval $(ssh-agent) && ssh-add
-ssh-keyscan -H "${REPOS_SITE_DOMAIN}" >> "${PATH_USER_SSH}/known_hosts"
+ssh-keyscan "${REPOS_SITE_DOMAIN}" >> "${PATH_KNOWN_HOSTS}"
 mkdir "${PATH_REPOS}"
 cd "${PATH_REPOS}"
 ssh ${REPOS_SITE_LOGIN} "cd $REMOTE_PATH_REPOS && ls -1" | while read REPO_NAME; do
     git clone "${REPOS_SITE_LOGIN}:${REMOTE_PATH_REPOS}/${REPO_NAME}"
 done
+
+echo "Set up borg and pull in ~/org"
+mkdir "${PATH_BORGKEYS}"
+tar xf "${PATH_SECRETS}/borg_keyfiles.tar" -C "${PATH_BORGKEYS}"
+ls -1 "${PATH_BORGKEYS}/" | while read FILENAME; do
+    SERVER_NAME=$(echo "${FILENAME}" | sed 's/.*@//')
+    ssh-keyscan "${SERVER_NAME}" >> "${PATH_KNOWN_HOSTS}"
+done
+while true; do
+    set +e
+    "${NAME_BORGAPP}" orgpull
+    RESULT=$?
+    set -e
+    if [ "${RESULT}" = "0" ]; then
+        break
+    elif [ "${RESULT}" != "2" ]; then
+        echo "Aborting due to unexpected ${NAME_BORGAPP} error."
+	exit 1
+    fi
+done
+
+PATH_REL_DEL_REPO="DELETE_${PATH_REL_REPO}"
+mv "${HOME}/${PATH_REL_REPO}" "${HOME}/${PATH_REL_DEL_REPO}"
+echo "With ~/repos set up, new reference be ~/repos/${PATH_REL_REPO}; moved ~/${PATH_REL_REPO} to ~/${PATH_REL_DEL_REPO}, ready to be deleted by you."
-- 
2.30.2