plomlompom.com Git - config/blob - bookworm/setup_scripts/setup_home.sh

   1 #!/bin/sh
   2 set -e
   3 debian_version="bookworm"
   4 . ./misc.sh
   5
   6 expect_n_args 1 "(system name)" "$@"
   7 get_system_name_arg "$1"
   8
   9 git clone https://plomlompom.com/repos/clone/config
  10 cd $setup_scripts_dir
  11 ./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}"
  12
  13 secrets_dev="sdb"
  14 source_dir_secrets="/media/${secrets_dev}/to_usb"
  15 target_dir_secrets="${HOME}/tmp_secrets"
  16 echo "Put secrets drive into slot for /dev/${secrets_dev}."
  17 while [ ! -e /dev/"${secrets_dev}" ]; do
  18     sleep 1
  19 done
  20 stty -echo
  21 printf "Secrets passphrase: "
  22 read SECRETS_PASS
  23 stty echo
  24 echo "" # newline so user knows their input return was accepted
  25 sudo -v
  26 echo "${SECRETS_PASS}" | sudo pmount /dev/"${secrets_dev}"
  27 cp -a "${source_dir_secrets}" "${target_dir_secrets}"
  28 sudo chown -R plom:plom "${target_dir_secrets}"
  29 sudo pumount "${secrets_dev}"
  30 echo "You can remove /dev/${secrets_dev} now."
  31
  32 # Set up iniitial non-public parts of infrastructure: SSH authentication.
  33 ssh_dir=~/.ssh
  34 cd "${target_dir_secrets}"
  35 mkdir -p "${ssh_dir}"
  36 echo "Setting up .ssh"
  37 cp id_rsa ~/.ssh
  38 stty -echo
  39 ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
  40 stty echo
  41 eval $(ssh-agent)
  42 ssh-add
  43 ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts
  44
  45 # Fill ~/public_repos.
  46 public_repos_dir="${HOME}/public_repos"
  47 repos_list_file="${public_repos_dir}/repos"
  48 mkdir -p "${public_repos_dir}"
  49 cat "${repos_list_file}" | while read line; do
  50     first_char=$(echo "${line}" | cut -c1)
  51     if [ "${first_char}" = "#" ]; then
  52         continue
  53     fi
  54     repo_name="${line}"
  55     if [ ! -d "${public_repos_dir}/${repo_name}" ]; then
  56         cd "${public_repos_dir}"
  57         git clone plom@plomlompom.com:/var/repos/${repo_name}
  58     fi
  59 done
  60
  61 # # Set up native messenger for tridactyl.
  62 # version='ef9f02d0da258f68d7faf8898707f6d83d90d07a'
  63 # curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash
  64
  65 # Set up further non-public parts of infrastructure.
  66 cd "${target_dir_secrets}"
  67 script -c 'gpg --import secret_keys.asc' /dev/null
  68 path_borgscript="${config_tree_prefix}//borg.sh"
  69
  70 # borg setup
  71 borgkeys_dir=~/.config/borg/keys
  72 borgrepos_file=~/.borgrepos
  73 tar xf borg_keyfiles.tar
  74 mkdir -p "${borgkeys_dir}"
  75 mv borg_keyfiles/* "${borgkeys_dir}"
  76 # Sync org dir via borgbackup. For this we need the borgbackup servers
  77 # in our .ssh/known_hosts file.
  78 cat "${borgrepos_file}" | while read line; do
  79     first_char=$(echo "${line}" | cut -c1)
  80     if [ "${first_char}" = "#" ]; then
  81         continue
  82     fi
  83     server=$(echo "${line}" | sed 's/.*@//')
  84     ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts
  85 done
  86 BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull
  87
  88 # .authinfo may not be present on every secrets drive yet
  89 authinfo_file=.authinfo
  90 if [ -f "${authinfo_file}" ]; then
  91     cp "${authinfo_file}" ~
  92 fi
  93 cd
  94
  95 # rm -rf "${dir_secrets}"
  96
  97 maildir=~/mail/maildir
  98 # # Set up e-mail system. Note that we only do mbsync if the imap pass file
  99 # # is found. It may not be present on every secrets drive yet, so we have to
 100 # # deal with the possibility of it being absent at this point.
 101 mkdir -p "${maildir}"  # expected by mbsync/isync
 102 if [ -f "${HOME}/${authinfo_file}" ]; then
 103     mbsync -a
 104     notmuch new
 105 fi
 106
 107 # # Final note on how to integrate tridactyl.
 108 # echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start."