From: Christian Heller Date: Mon, 3 Mar 2025 23:16:56 +0000 (+0100) Subject: Improve setup scripts. X-Git-Url: https://plomlompom.com/repos/%7B%7Bprefix%7D%7D/%7B%7B%20web_path%20%7D%7D/decks/%7B%7Bdb.prefix%7D%7D/task?a=commitdiff_plain;h=1904961a1713819e672abc2699e958882090b828;p=config Improve setup scripts. --- diff --git a/testing/home/t490s/.nonpath_bins/status.sh b/testing/home/t490s/.nonpath_bins/status.sh index 17a5fa0..740bc7a 100755 --- a/testing/home/t490s/.nonpath_bins/status.sh +++ b/testing/home/t490s/.nonpath_bins/status.sh @@ -6,7 +6,7 @@ while true; do printf ' [\n' printf ' {"full_text": "%s"},\n' "$(ip -4 addr show scope global | grep -oP '(?<=inet\s)\d+(\.\d+){3}')" printf ' {"full_text": "%d° C"},\n' $(calc "$(cat /sys/class/thermal/thermal_zone0/temp) // ${MEGA}") - printf ' {"full_text": "%s"},\n' "$(date +'%Y-%m-%d %X')" + printf ' {"full_text": "%s"},\n' "$(date +'%Y-%m-%d %H:%M:%S/%Z')" printf ' ],\n' sleep 1 done diff --git a/testing/scripts/misc.sh b/testing/scripts/misc.sh index 71f8ba8..cbf0c5c 100644 --- a/testing/scripts/misc.sh +++ b/testing/scripts/misc.sh @@ -1,6 +1,5 @@ #!/bin/sh set -e -set -x . ../../constants.sh . "${PATH_MANY_MISC}" @@ -35,3 +34,17 @@ get_system_name_arg() { fi done } + +abort_if_exists() { + if [ -e "${1}" ]; then + echo "Aborting because ${1} already exists." + exit 1 + fi +} + +abort_if_not_user() { +if [ `whoami` != "$1" ]; then + echo "Must be run as $1." + exit 1 +fi +} diff --git a/testing/scripts/setup_desktop.sh b/testing/scripts/setup_desktop.sh index c4cc7ed..20dd2af 100755 --- a/testing/scripts/setup_desktop.sh +++ b/testing/scripts/setup_desktop.sh @@ -85,5 +85,6 @@ usermod -a -G sudo "${USERNAME}" for root in "${PATH_MANY}" '..'; do copy_dirtree "${root}/${PATH_REL_HOME}" "${PATH_USER_HOME}" ${MIN_MODULES} user desktop done +cp -a "${PATH_REPO}" "${PATH_USER_HOME}/" chown -R "${USERNAME}:${USERNAME}" "${PATH_USER_HOME}" passwd "${USERNAME}" diff --git a/testing/scripts/setup_secrets.sh b/testing/scripts/setup_secrets.sh deleted file mode 100755 index f8e25aa..0000000 --- a/testing/scripts/setup_secrets.sh +++ /dev/null @@ -1,65 +0,0 @@ -#!/bin/sh -set -e -set -x -. ./misc.sh - -# Ensure we're running as root. -if [ `whoami` != "root" ]; then - echo "Must be run as root." - exit 1 -fi - -# Ensure we're not overwriting anything. -abort_if_exists() { - if [ -e "${1}" ]; then - echo "Aborting because ${1} already exists." - exit 1 - fi -} -PATH_REL_SECRETS=to_usb -PATH_SECRETS=${PATH_USER_HOME}/${PATH_REL_SECRETS} -PATH_SSH=${PATH_USER_HOME}/${PATH_REL_LOCAL_SSH} -abort_if_exists "${PATH_SECRETS}" -abort_if_exists "${PATH_USER_SSH}" - -# Mount secrets device and copy over its content. -expect_min_n_args 1 "(device name)" "$@" -SECRETS_DEV=$1 -PATH_SOURCE=/media/${SECRETS_DEV}/${PATH_REL_SECRETS} -PATH_DEV=/dev/${SECRETS_DEV} -echo "Put secrets drive into slot for ${PATH_DEV}." -while [ ! -e "${PATH_DEV}" ]; do - sleep 0.1 -done -while [ true ]; do - stty -echo - printf "Secrets passphrase: " - read SECRETS_PASS - stty echo - echo "" # newline so user knows their input return was accepted - set +e - echo "${SECRETS_PASS}" | pmount "${PATH_DEV}" - result=$? - set -e - if [ "${result}" = "0" ]; then - break - elif [ "${result}" != "100" ]; then - echo "Aborting due to pmount error." - exit 1 - fi -done -cp -a "${PATH_SOURCE}" "${PATH_SECRETS}" -chown -R plom:plom "${PATH_SECRETS}" -pumount "${SECRETS_DEV}" -echo "You can remove ${PATH_DEV} now." - -# Set up SSH authentication. -echo "Setting up .ssh" -PATH_PRIVATE_KEY=${PATH_USER_SSH}/${FILENAME_PRIVATE_KEY} -PATH_PUBLIC_KEY=${PATH_USER_SSH}/${FILENAME_PUBLIC_KEY} -su -lc "mkdir -p ${PATH_USER_SSH} && cp ${PATH_SECRETS}/${FILENAME_PRIVATE_KEY} ${PATH_PRIVATE_KEY}" plom -while [ ! -s "${PATH_PUBLIC_KEY}" ]; do - set +e - su -lc "ssh-keygen -y -f ${PATH_PRIVATE_KEY} > ${PATH_PUBLIC_KEY}" plom - set -e -done diff --git a/testing/scripts/setup_secrets_root.sh b/testing/scripts/setup_secrets_root.sh new file mode 100755 index 0000000..1171043 --- /dev/null +++ b/testing/scripts/setup_secrets_root.sh @@ -0,0 +1,41 @@ +#!/bin/sh +set -e +. ./misc.sh + +abort_if_not_user root + +# Mount secrets device and copy over its content. +PATH_REL_SECRETS=to_usb +PATH_SECRETS=${PATH_USER_HOME}/${PATH_REL_SECRETS} +abort_if_exists "${PATH_SECRETS}" +expect_min_n_args 1 "(device name)" "$@" +SECRETS_DEV=$1 +PATH_SOURCE=/media/${SECRETS_DEV}/${PATH_REL_SECRETS} +PATH_DEV=/dev/${SECRETS_DEV} +echo "Put secrets drive into slot for ${PATH_DEV}." +while [ ! -e "${PATH_DEV}" ]; do + sleep 0.1 +done +while [ true ]; do + stty -echo + printf "Secrets passphrase: " + read SECRETS_PASS + stty echo + echo "" # newline so user knows their input return was accepted + set +e + echo "${SECRETS_PASS}" | pmount "${PATH_DEV}" + result=$? + set -e + if [ "${result}" = "0" ]; then + break + elif [ "${result}" != "100" ]; then + echo "Aborting due to pmount error." + exit 1 + fi +done +cp -a "${PATH_SOURCE}" "${PATH_SECRETS}" +pumount "${SECRETS_DEV}" +echo "You can remove ${PATH_DEV} now." +chown -R "${USERNAME}:${USERNAME}" "${PATH_SECRETS}" + +echo "Do run setup_secrets_user.sh now as user." diff --git a/testing/scripts/setup_secrets_user.sh b/testing/scripts/setup_secrets_user.sh new file mode 100755 index 0000000..76e7e83 --- /dev/null +++ b/testing/scripts/setup_secrets_user.sh @@ -0,0 +1,32 @@ +#!/bin/sh +set -e +. ./misc.sh + +abort_if_not_user "${USERNAME}" +abort_if_exists "${PATH_USER_SSH}" +PATH_REPOS="${HOME}/repos" +abort_if_exists "${PATH_REPOS}" + +echo "Setting up ~/.ssh" +PATH_PRIVATE_KEY="${PATH_USER_SSH}/${FILENAME_PRIVATE_KEY}" +PATH_PUBLIC_KEY="${PATH_USER_SSH}/${FILENAME_PUBLIC_KEY}" +mkdir -p "${PATH_USER_SSH}" && cp "${PATH_SECRETS}/${FILENAME_PRIVATE_KEY}" "${PATH_PRIVATE_KEY}" +while [ ! -s "${PATH_PUBLIC_KEY}" ]; do + stty -echo + set +e + ssh-keygen -y -f "${PATH_PRIVATE_KEY}" > "${PATH_PUBLIC_KEY}" + set -e + stty +echo +done + +echo "Setting up ~/repos" +REPOS_SITE_DOMAIN=plomlompom.com +REPOS_SITE_LOGIN="${USERNAME}@${REPOS_SITE_DOMAIN}" +REMOTE_PATH_REPOS=/var/repos +eval $(ssh-agent) && ssh-add +ssh-keyscan -H "${REPOS_SITE_DOMAIN}" >> "${PATH_USER_SSH}/known_hosts" +mkdir "${PATH_REPOS}" +REPO_NAMES=$(ssh ${REPOS_SITE_LOGIN} "cd $REMOTE_PATH_REPOS && ls -1") +cat "${REPO_NAMES}" | while read REPO_NAME; do + git clone "${REPOS_SITE_LOGIN}:${REMOTE_PATH_REPOS}/${REPO_NAME}" +done