From f741879b9686ecd1d9286ff88cadde40339c4d9a Mon Sep 17 00:00:00 2001
From: Christian Heller <c.heller@plomlompom.de>
Date: Tue, 1 Aug 2023 22:32:14 +0200
Subject: [PATCH] Enhance w530 bookworm setup.

---
 bookworm/apt-mark/w530                       |   1 +
 bookworm/etc_files/w530/etc/default/grub     |  32 ++++++
 bookworm/setup_scripts/.setup_desktop.sh.swp | Bin 0 -> 12288 bytes
 bookworm/setup_scripts/.setup_home.sh.swp    | Bin 0 -> 16384 bytes
 bookworm/setup_scripts/setup_desktop.sh      |  11 +-
 bookworm/setup_scripts/setup_home.sh         | 115 +++++++++++++++++++
 6 files changed, 158 insertions(+), 1 deletion(-)
 create mode 100644 bookworm/etc_files/w530/etc/default/grub
 create mode 100644 bookworm/setup_scripts/.setup_desktop.sh.swp
 create mode 100644 bookworm/setup_scripts/.setup_home.sh.swp
 create mode 100755 bookworm/setup_scripts/setup_home.sh

diff --git a/bookworm/apt-mark/w530 b/bookworm/apt-mark/w530
index 46d4321..f61c1d1 100644
--- a/bookworm/apt-mark/w530
+++ b/bookworm/apt-mark/w530
@@ -5,6 +5,7 @@ make
 linux-headers-6.1.0-10-amd64
 xz-utils
 # for NVIDIA driver .run --no-kernel-modules
+wget
 libvulkan1
 libglvnd-dev
 pkg-config
diff --git a/bookworm/etc_files/w530/etc/default/grub b/bookworm/etc_files/w530/etc/default/grub
new file mode 100644
index 0000000..ff1b598
--- /dev/null
+++ b/bookworm/etc_files/w530/etc/default/grub
@@ -0,0 +1,32 @@
+# If you change this file, run 'update-grub' afterwards to update
+# /boot/grub/grub.cfg.
+# For full documentation of the options in this file, see:
+#   info -f grub -n 'Simple configuration'
+
+GRUB_DEFAULT=0
+GRUB_TIMEOUT=5
+GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
+GRUB_CMDLINE_LINUX_DEFAULT="quiet  nvidia.NVreg_OpenRmEnableUnsupportedGpus=1"
+GRUB_CMDLINE_LINUX=""
+
+# Uncomment to enable BadRAM filtering, modify to suit your needs
+# This works with Linux (no patch required) and with any kernel that obtains
+# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
+#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"
+
+# Uncomment to disable graphical terminal (grub-pc only)
+#GRUB_TERMINAL=console
+
+# The resolution used on graphical terminal
+# note that you can use only modes which your graphic card supports via VBE
+# you can see them in real GRUB with the command `vbeinfo'
+#GRUB_GFXMODE=640x480
+
+# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
+#GRUB_DISABLE_LINUX_UUID=true
+
+# Uncomment to disable generation of recovery mode menu entries
+#GRUB_DISABLE_RECOVERY="true"
+
+# Uncomment to get a beep at grub start
+#GRUB_INIT_TUNE="480 440 1"
diff --git a/bookworm/setup_scripts/.setup_desktop.sh.swp b/bookworm/setup_scripts/.setup_desktop.sh.swp
new file mode 100644
index 0000000000000000000000000000000000000000..099e6cdbc211fceaf3878402d1bd67771397daf5
GIT binary patch
literal 12288
zcmeI2&yU+g6vw9=kQOK)_y?xWO6>~S&StwyXq5vJzgA)k656s-1(xHPB-1!E#$z{G
zRVk+e;t$}!fddlaR>Xw^7Z4{nz=aFqAAlQ(1HJN{v9s%JTFQ0NSo+5C%$qm!KJPiw
zYG1#7b$5?;gAT#<Bq7P*2bTX5knjIoBU!2@X81wZtkY>f$i~dyG7iJ6?584$a-Jz2
zCQ1&(FzhQeo~nEjYF?CCq?24^g|43%*W*HEfgb&rO`MG*;0UY|D2svLJ-ffv*|hI!
z%R5J(erkW!&W$(%j({WJ2si?cfFs}tI0BBq|CT_Jogwccx`*lrFV^=nC+_v5yEy`m
zfFs}tI0BA<Bj5-)0*-(q;0QPZj=(7-5Hmt<uMzUjBRD+%|G)VA|L-RV`2+eL`U(01
zx&wU#^`Qf3AKHT`boX&WeuKV+?m(YIpF$r%9J&S_KyN}mboVSF-$0*15%f0n9MpmS
zdW?{tp|7D&pxe+bD26tmA0H*;OXx%Beds;tI`lg9F!U>8`40LD`WUjYox<F>BRc|)
zfFs}tI0BA<BXH^ov|25ijMP+8(+PUXe9&;DCOovAp;hyzc{aVCNk*3j8kQuBwVpET
zg_N4-6UC?>Q~zbEOQx#vm@zX&eV+*(_fyV%yG-S<^@luBntEPk8=w(2JB*mfi=3O?
zskeT!>P?NzNR;J#AZBxW*k~Y9u0867xl)BkCqjxzoKo{d5@wbzwXqtvbC0y>8@!-p
zM(wG%ydiQWCtMafAY>p2#TA6>H}g_f{jYNzQ!0PVbIDU5A(q(Ink6F>aQV!PE}7f8
z=@7e&iXzjO!m!i<1MXDCEWn0L#6f}<+=G`8Q+FqPRmgJY&$>I&&PD9Za&d#_5u}BZ
z^QE&`-$zI5UAemZ!tV2a(}BO@Ab`DHx9qsLy|o>5cY^kI6%4btNj&DX4l)u_7jc@d
zOi=&&`URQgD%r4eLs6ihcrsRHLASP^<()3Col=!?=?}B=UI6X7R7rkB3L~SkZ|PLA
zh5xobVMGk*HKbY}>Vi)q8Be%Jd(@k5Z?!%8)@53ZxFjT~dYJ2qY8cN^KVDS|b$>Hf
z2szH;s(_B&qIB+GR4awnyHDXR8N#FOyKdIDS@_CpdoRuxJ=sVn?~7O-)kC9%t3c=!
z&<y#L6@6ULgE-YyMmS!4>RsWS(UcGIy3{@lxxicC9H>$<1G0U@kReSrr}aBRapCv{
zYL~Cs2{Y0_Ya(epMgjzliMg!*-X<~M>kMw%yfqUUiQ^0oRNnL*2`VIAw-H2*P4s2T
z6sf$o7jN^4;LqFO`7BO~^pKk3i}PV=egWu(28@m1{DMZyqdv?wk64h^jeDMHzo)kD
d$a2Pd-lDJGBgjAXXVs09*151RWQbqce*kWCB!2(^

literal 0
HcmV?d00001

diff --git a/bookworm/setup_scripts/.setup_home.sh.swp b/bookworm/setup_scripts/.setup_home.sh.swp
new file mode 100644
index 0000000000000000000000000000000000000000..571101ae910a25b8ded33836fc775f3c6f719475
GIT binary patch
literal 16384
zcmeI2ZHOIL8OO(Ho1`@=3M#E7PwrjWq~y-r-H>FHupu#~NyH>28!N%+b?(fWdrx=X
zm~&=#uX(9jDiowrK`ep@>W3;=^g|1Zf>o$59~3N6!GMKQ`lU2hQlX&H|8r*U-MRZ>
z6e5buWq-SO=Df@~|9Q@H&U5y3+Yg*LNi+7eh0i-I>j(3{@bCGZZT<XDo2@iVBEEgI
z&(idC`(}AK{W4eRq<J@#UMCZ2q8u-Y1KD%BNix5fWRatU&eM+aGMQ>sUiFhm*sA}p
zJfY50D^M%2rUJPRS~FX$UDH!$tTr3l=w0vp$eLN}o3#S90<{9Q0<{9Q0<{9Q0<{9Q
z0{@>1=yZei5W2RZ?A~4F-#4xJ`{wfc+&cNn+x4GXfm(rDfm(rDfm(rDfm(rDfm(rD
zfm(rDfm(t8K?PjjvaY|?vX-`>arpoLF#i9`+b!!FxB{L5PlK-l2|D0BI147hjkj6W
ztKetgY48;I7We`PK^JtuDR2^O23PPre&)A94i11V;AOPsC*bSgagc-a;2byx+Tis&
zE$cVni{Mf42>2}60|;ya*Y2>atKiq*E8sEkDUgC0up8V4Ebzz8mi0^U6gUk&47Pz+
zHd)rg;M3p)*adEEw5%7wbKq;h0|x<tyTQA`UvIapH^6tnW8f2D3Ty(e--dd@kHEv=
zA~*nMz*g|;TP*8Y@C0}STm+v4=fDHt4)8;4##{u)!QJ3a@CG(;u7lUWv)~3caDI%x
zp9kxIn$#rW^%H8GJ^jJc`{}SEok`#I^dO{MiEJnNNj#}3NV1;Lq!V1zewE~zCn$+Y
z_XPzqQ=0CRnFx|4%JO(8ExJ;ZOQF;{6tviv_`Ut?sODG*A5Th<FPujmS(5kq<c1-6
zNffy;5@k`hJ!($o?I5J^6JyFmOKCULcEjQ>H1YJ<4Jl5vX;nX2<l1GdMK5!4Z&Zto
z{P+nZe(?t-qTK6KEEdZ<QCAIOk6JFSWk4UJRzQu33&&5NJbKBQxZvixFXJHT1nASH
z27Ua1X%R9<^S;cem2&RLl_9Q>P7ru06`mG8bq7?`?nr(H$~4IrX!oMjeIq4~#3<R7
z&}~3TKoGGjWZWaSt3(V%@do-*QJSD@+!ZuY;oao1Z_^1)kvrfXp%A5+Fh%f=#Dd5M
zq=c6Vt;o;hf}nxWJ4xXM2<p4I)`_WY4(~WmNwl~Fqy|ch$fi>)tM23J$ezUEfQ_Kk
z2@<gl$jD78bro6zT~HT(U^)DaKO$CnCd`>1mM4@kv@6p_?}9VpJdl=gJ}hTm016lr
z>v(;aC7q>4vno87Th1^$vAwY9;bZ6`dAX*RH?;##^w0}bXigt>LaFrdMP4k;G!w25
z!;QrObN~g|wqTf-$IdO4X7qv6XO4C5KRh>g|M4@2=Z?;z;<=+o&Kx~EXYQh{xRbiN
z-|1rf6sMYS6W`N33{iPSBBlDRc`;C)8*?d)J-jw#K6ubvs(!~9lrtYEi*cu)D6LQd
ze~PSY^;^N{CY58~d&qGnx%d3}ujtMFFElU5&H8d<<iov?4MD1%HHKB#{2UKZR7gDF
z7NkpDd)M{m^VFvMlB^gcuvPXm#ypoZlxned_{kz_WoCS%s!lmXjAeR0l1EZ`W>l{n
z`<IcW;v!ZiFS~{&*~7$tZ;avr(Sqq-2e!e|Dd%3c2ksDCOJNk8t>S%FCBjwGQZQbR
zjhiS}7$rsrP4?0rwOTStlT4THf}g5vS9z1<_+r6{3$yinZo^8+npC=vAkW|vGPt6+
zRh;&NYslbx*rmlm<|>`#o`y##$B~z3A^fbG3#rl9I#v4}Cvz9=9{gh7<#~wx0z9CN
z`N0`E^UAl03m7d*Ch;XFb~QYlBV)`EVTgl+4S0aAivxsBDl^SaieO*Rp7z_mJH2}*
z*fZnr4cuU6X5Y--_TFHRKeNl<*Y?|c-ANQ0^{c3vBB9_~d*~o$#Z^;_jWdnufZvPG
z1fN@EsfuHc9lq0nXAb1jC5MkS8t0>on=lhhgCZHjmll(+8TiHrcVagxJZ2&N*fGhG
z4OG2s@kF$~Y8cg{m!nd~(wlT7gu7<{i}RQ~d2%n{pR_SL656vV$dU+iQu)%V4y$#X
z8hp4DKWP&2TQZL8va@m&qd{EG^?7)S1$1;`ySdTB+hq@>G^Rdw;AKu2Ad;vx;CZ;L
zPx_rqxpZ*++D7k&6|~A4FmB7tMNxjJS?<76G0*gPvg0Q5TvQbbw<`MlQ)9>bl3JR@
z$IYyLKh4b@C-wyBti((Ndo9Jhga)i~&M<%S%xht74~+}F-&t@or#MAh%x8s>lofGh
zg{`dl(mC0<u5HvZgLzdhtaZ5Z(()?n94<Oa;VEy*ILwOiZQnr`&<xhJSO?8scKDn5
zg@J*DrjcQ^keVI&N2HbFqY%FulbJo*^7O$eqdTMYp*!T%!i;gOIO{ol-(;%zD{gkN
zqSFzM8y8C>HiF_Iqjdr2Tdj=A#JN`uL(ad}SRc#CC7b_IH?eFuLvK26JEhqe+bWM>
zqfM(DzIOLZaWMgiu5{zh(DODdt5`7_n?c#BhJ_iF?ImzSCCs;C_?_a3ITSq%o1zG@
zgTrdRT=1DCEwA+2Bf~RGB~w>XC4WUr%xZD7shaPMH{e3$vLj)poP|H8{@E#uzn71k
zG7HOzu@cLxO!o9+NgSX|m>zU0_mx>R7PYt6>HMVWyjVhzg_SfrT{r9H5wGvJ7gZTC
zcG#0cHL%)kA=}hQ3v2a*XB&J9pB8uTYB#L$7c<)!9<Og$Fhpu$b-m5$%Gkl^;`m=|
zu&kF5Lvs8-{Qv&n5!Z9<|2W`SzX7fzZvPeF*#1$l1kQsa;1ICEd%#u1@!tmnkb)3M
za1YoBt|5m1E%+&T27Cr^obQ5<g00|v;1$I2FN5d6_rR9`$N0Md$N0}9c7G7`KpWfz
zUP9c?vHW+y=fH=+`@u%A0sIXy{EOfP@MVyLqu{;Z8e;dW;Cb*(@F3v$z5%v^+rbsY
z@K1t=KnOf=3>*Tp;5EeX-vAzPzy|PV#OyDCKY-tZCxOv>{lL6VsTH_&3Shpew|VMq
zo_d>yL&0J<vfk#wQgwOP>=tdSjaKD1-&L!(d6u_gvG}gHdFpMRs0_9_7BfNlSlBq)
zkf=o3Wz5F*Q`!Gp6|r)}S#R^y+dOM+X4Km}p;&vL<5q0*VB>r2zd!435Sgti-mB)3
eYW85Oo5gFlZ~c9kCarV<Ttl(pRZYQ;%|8Gg^CzqT

literal 0
HcmV?d00001

diff --git a/bookworm/setup_scripts/setup_desktop.sh b/bookworm/setup_scripts/setup_desktop.sh
index 4b5a554..c306dbe 100755
--- a/bookworm/setup_scripts/setup_desktop.sh
+++ b/bookworm/setup_scripts/setup_desktop.sh
@@ -32,7 +32,7 @@ if [ "$system_name" = "w530" ]; then
     git clone https://github.com/NVIDIA/open-gpu-kernel-modules
     cd open-gpu-kernel-modules
     git checkout 337e28e
-    make modules -j($nproc)
+    make modules -j$(nproc)
     make modules_install
     cd
     driver_version=535.86.05
@@ -41,3 +41,12 @@ if [ "$system_name" = "w530" ]; then
     chmod u+x ${runscript} 
     ./${runscript} --no-kernel-modules
 fi
+
+# Set up user environments.
+cd "${setup_scripts_dir}"
+./copy_dirtree.sh "${config_tree_prefix}/home_files" "/root" minimal root
+adduser --disabled-password --gecos "" plom
+usermod -a -G sudo plom
+passwd plom
+cp setup_home.sh /home/plom
+chown plom:plom /home/plom/setup_home.sh
diff --git a/bookworm/setup_scripts/setup_home.sh b/bookworm/setup_scripts/setup_home.sh
new file mode 100755
index 0000000..31418ee
--- /dev/null
+++ b/bookworm/setup_scripts/setup_home.sh
@@ -0,0 +1,115 @@
+#!/bin/sh
+set -e
+debian_version="bookworm"
+legal_system_names="x220 w530"
+
+if [ "$#" -ne 1 ]; then
+    echo 'Need exactly one argument (system name).'
+    false
+fi
+found=0
+for system_name_i in $legal_system_names; do
+    if [ "$1" = "$system_name_i" ]; then
+        found=1
+        system_name="${system_name_i}"
+        continue	
+    fi
+done
+if [ "$found" = 0 ]; then
+    echo "Need legal system name."
+    false
+fi
+system_name="$1"
+
+# config_tree_prefix="${public_repos_dir}/config/${debian_version}"
+git clone https://plomlompom.com/repos/clone/config
+./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}"
+
+# public_repos_dir="${HOME}/public_repos"
+# config_tree_prefix="${public_repos_dir}/config/${debian_version}"
+# # path_borgscript="${config_tree_prefix}//borg.sh"
+# setup_scripts_dir="${config_tree_prefix}/setup_scripts"
+# repos_list_file="${public_repos_dir}/repos"
+# # dir_secrets="${HOME}/tmp_secrets"
+# # borgkeys_dir=~/.config/borg/keys
+# # borgrepos_file=~/.borgrepos
+# ssh_dir=~/.ssh
+# # authinfo_file=.authinfo
+# maildir=~/mail/maildir
+# 
+# ensure_repo() {
+#     repo_name="${1}"
+#     if [ ! -d "${public_repos_dir}/${repo_name}" ]; then
+#         cd "${public_repos_dir}"
+#         git clone plom@plomlompom.com:/var/repos/${repo_name}
+#     fi
+# }
+# 
+# # Set up iniitial non-public parts of infrastructure: SSH authentication.
+# cd "${dir_secrets}"
+# mkdir -p "${ssh_dir}"
+# echo "Setting up .ssh"
+# cp id_rsa ~/.ssh
+# stty -echo
+# ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
+# stty echo
+# eval $(ssh-agent)
+# ssh-add
+# ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts
+# 
+# # Clone config to copy dotfiles etc. from it.
+# cd
+# mkdir -p "${public_repos_dir}"
+# ensure_repo config
+# cd "${setup_scripts_dir}"
+# ./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}"
+# 
+# # Set up native messenger for tridactyl.
+# version='ef9f02d0da258f68d7faf8898707f6d83d90d07a'
+# curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash
+# 
+# # Set up further non-public parts of infrastructure.
+# cd "${dir_secrets}"
+# script -c 'gpg --import secret_keys.asc' /dev/null
+# tar xf borg_keyfiles.tar
+# mkdir -p "${borgkeys_dir}"
+# mv borg_keyfiles/* "${borgkeys_dir}"
+# # .authinfo may not be present on every secrets drive yet
+# if [ -f "${authinfo_file}" ]; then
+#     cp "${authinfo_file}" ~
+# fi
+# cd
+# rm -rf "${dir_secrets}"
+# 
+# # Sync org dir via borgbackup. For this we need the borgbackup servers
+# # in our .ssh/known_hosts file.
+# cat "${borgrepos_file}" | while read line; do
+#     first_char=$(echo "${line}" | cut -c1)
+#     if [ "${first_char}" = "#" ]; then
+#         continue
+#     fi
+#     server=$(echo "${line}" | sed 's/.*@//')
+#     ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts
+# done
+# BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull
+# 
+# # Fill ~/public_repos.
+# cat "${repos_list_file}" | while read line; do
+#     first_char=$(echo "${line}" | cut -c1)
+#     if [ "${first_char}" = "#" ]; then
+#         continue
+#     fi
+#     ensure_repo "${line}"
+# done
+# 
+# # Set up e-mail system. Note that we only do mbsync if the imap pass file
+# # is found. It may not be present on every secrets drive yet, so we have to
+# # deal with the possibility of it being absent at this point.
+# mkdir -p "${maildir}"  # expected by mbsync/isync
+# if [ -f "${HOME}/${authinfo_file}" ]; then
+#     mbsync -a
+#     notmuch new
+# fi
+# 
+# # # Final note on how to integrate tridactyl.
+# # echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start."
-- 
2.30.2