From 0fff0efb3f0a03d0f39a311caf643e57825e6367 Mon Sep 17 00:00:00 2001 From: Christian Heller Date: Mon, 11 Aug 2025 05:38:53 +0200 Subject: [PATCH] New Debian release! --- testing/aptmark/desktop | 38 +------- testing/aptmark/t490s | 8 +- testing/copy/desktop | 1 + testing/copy/t490s | 1 + testing/scripts/_setup_secrets_user.sh | 67 +------------ testing/scripts/lib/abort_if_exists | 8 +- testing/scripts/lib/abort_if_offline | 8 +- testing/scripts/lib/constants_borg | 3 +- testing/scripts/lib/constants_installer | 3 +- testing/scripts/lib/constants_releases | 2 - testing/scripts/lib/constants_secrets | 10 +- testing/scripts/lib/copy_and_unmount_secrets | 19 +--- testing/scripts/lib/get_mountable_device_path | 12 +-- testing/scripts/lib/get_passphrase | 7 +- testing/scripts/lib/mount_secrets | 30 +----- testing/scripts/lib/path_tmp_timestamped | 4 +- testing/scripts/lib/retry_until | 28 +----- testing/scripts/make_writable_installer.sh | 80 +--------------- testing/scripts/setup_desktop.sh | 88 +----------------- testing/scripts/setup_secrets.sh | 26 +----- trixie/aptmark/desktop | 37 ++++++++ trixie/aptmark/t490s | 7 ++ .../copy/desktop/etc/network/interfaces | 0 .../copy/desktop/home/plom/.bashrc.desktop | 0 .../desktop/home/plom/.config/sway/config | 0 .../copy/desktop/home/plom/.gitconfig | 0 .../desktop/home/plom/.local/bin/backlight | 0 .../desktop/home/plom/.local/bin/borgplom | 0 .../desktop/home/plom/.local/bin/make_secrets | 0 .../copy/desktop/home/plom/.local/bin/vol | 0 .../copy/desktop/home/plom/.plomlib/abort | 0 .../home/plom/.plomlib/abort_if_exists | 0 .../home/plom/.plomlib/audio_dev_is_mute | 0 .../desktop/home/plom/.plomlib/constants_borg | 0 .../home/plom/.plomlib/constants_secrets | 0 .../desktop/home/plom/.plomlib/constants_ssh | 0 .../desktop/home/plom/.plomlib/constants_user | 0 .../plom/.plomlib/copy_and_unmount_secrets | 0 .../desktop/home/plom/.plomlib/expect_n_args | 0 .../desktop/home/plom/.plomlib/get_passphrase | 0 .../desktop/home/plom/.plomlib/mount_secrets | 0 .../home/plom/.plomlib/path_tmp_timestamped | 0 .../desktop/home/plom/.plomlib/prefixed_msg | 0 .../desktop/home/plom/.plomlib/print_usage | 0 .../desktop/home/plom/.plomlib/retry_until | 0 .../copy/desktop/home/plom/.profile.desktop | 0 .../desktop/home/plom/.shell_prompt_color | 0 .../copy/desktop/home/plom/.tridactylrc | 0 .../t490s/home/plom/.nonpath_bins/status.sh | 0 trixie/scripts/_setup_secrets_user.sh | 66 +++++++++++++ trixie/scripts/lib/INSTALLER_VERSION | 1 + trixie/scripts/lib/abort_if_exists | 7 ++ trixie/scripts/lib/abort_if_offline | 7 ++ trixie/scripts/lib/constants_borg | 2 + trixie/scripts/lib/constants_installer | 2 + trixie/scripts/lib/constants_secrets | 9 ++ trixie/scripts/lib/copy_and_unmount_secrets | 18 ++++ trixie/scripts/lib/get_mountable_device_path | 11 +++ trixie/scripts/lib/get_passphrase | 6 ++ trixie/scripts/lib/mount_secrets | 29 ++++++ trixie/scripts/lib/path_tmp_timestamped | 3 + trixie/scripts/lib/retry_until | 27 ++++++ trixie/scripts/make_writable_installer.sh | 93 +++++++++++++++++++ trixie/scripts/setup_desktop.sh | 87 +++++++++++++++++ trixie/scripts/setup_secrets.sh | 25 +++++ 65 files changed, 456 insertions(+), 424 deletions(-) mode change 100644 => 120000 testing/aptmark/desktop mode change 100644 => 120000 testing/aptmark/t490s create mode 120000 testing/copy/desktop create mode 120000 testing/copy/t490s mode change 100644 => 120000 testing/scripts/_setup_secrets_user.sh mode change 100644 => 120000 testing/scripts/lib/abort_if_exists mode change 100644 => 120000 testing/scripts/lib/abort_if_offline mode change 100644 => 120000 testing/scripts/lib/constants_borg mode change 100644 => 120000 testing/scripts/lib/constants_installer delete mode 100644 testing/scripts/lib/constants_releases mode change 100644 => 120000 testing/scripts/lib/constants_secrets mode change 100644 => 120000 testing/scripts/lib/copy_and_unmount_secrets mode change 100644 => 120000 testing/scripts/lib/get_mountable_device_path mode change 100644 => 120000 testing/scripts/lib/get_passphrase mode change 100644 => 120000 testing/scripts/lib/mount_secrets mode change 100644 => 120000 testing/scripts/lib/path_tmp_timestamped mode change 100644 => 120000 testing/scripts/lib/retry_until mode change 100755 => 120000 testing/scripts/make_writable_installer.sh mode change 100755 => 120000 testing/scripts/setup_desktop.sh mode change 100755 => 120000 testing/scripts/setup_secrets.sh create mode 100644 trixie/aptmark/desktop create mode 100644 trixie/aptmark/t490s rename {testing => trixie}/copy/desktop/etc/network/interfaces (100%) rename {testing => trixie}/copy/desktop/home/plom/.bashrc.desktop (100%) rename {testing => trixie}/copy/desktop/home/plom/.config/sway/config (100%) rename {testing => trixie}/copy/desktop/home/plom/.gitconfig (100%) rename {testing => trixie}/copy/desktop/home/plom/.local/bin/backlight (100%) rename {testing => trixie}/copy/desktop/home/plom/.local/bin/borgplom (100%) rename {testing => trixie}/copy/desktop/home/plom/.local/bin/make_secrets (100%) rename {testing => trixie}/copy/desktop/home/plom/.local/bin/vol (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/abort (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/abort_if_exists (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/audio_dev_is_mute (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/constants_borg (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/constants_secrets (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/constants_ssh (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/constants_user (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/copy_and_unmount_secrets (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/expect_n_args (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/get_passphrase (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/mount_secrets (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/path_tmp_timestamped (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/prefixed_msg (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/print_usage (100%) rename {testing => trixie}/copy/desktop/home/plom/.plomlib/retry_until (100%) rename {testing => trixie}/copy/desktop/home/plom/.profile.desktop (100%) rename {testing => trixie}/copy/desktop/home/plom/.shell_prompt_color (100%) rename {testing => trixie}/copy/desktop/home/plom/.tridactylrc (100%) rename {testing => trixie}/copy/t490s/home/plom/.nonpath_bins/status.sh (100%) create mode 100644 trixie/scripts/_setup_secrets_user.sh create mode 100644 trixie/scripts/lib/INSTALLER_VERSION create mode 100644 trixie/scripts/lib/abort_if_exists create mode 100644 trixie/scripts/lib/abort_if_offline create mode 100644 trixie/scripts/lib/constants_borg create mode 100644 trixie/scripts/lib/constants_installer create mode 100644 trixie/scripts/lib/constants_secrets create mode 100644 trixie/scripts/lib/copy_and_unmount_secrets create mode 100644 trixie/scripts/lib/get_mountable_device_path create mode 100644 trixie/scripts/lib/get_passphrase create mode 100644 trixie/scripts/lib/mount_secrets create mode 100644 trixie/scripts/lib/path_tmp_timestamped create mode 100644 trixie/scripts/lib/retry_until create mode 100755 trixie/scripts/make_writable_installer.sh create mode 100755 trixie/scripts/setup_desktop.sh create mode 100755 trixie/scripts/setup_secrets.sh diff --git a/testing/aptmark/desktop b/testing/aptmark/desktop deleted file mode 100644 index 1454ff3..0000000 --- a/testing/aptmark/desktop +++ /dev/null @@ -1,37 +0,0 @@ -# to avoid booting problems with encrypted LVM, see -cryptsetup-initramfs -lvm2 -# for secrets -pmount -# for my own scripts to run -python3-venv -# for syncing -borgbackup -# for accessing remote machines -openssh-client -# wayland usage essentials -sway -wl-clipboard -# at a minimum sets env stuff without which sway won't start -dbus-user-session -# for sound -pulseaudio -# dmenu replacement -wmenu -# for status.sh to work -calc -# xterm replacement -foot -# for e.g. chromium to work (and to disappear certain error messages) -xwayland -# for firefox and tridactyl -curl -firefox-esr -# for using Google services -chromium -# for passwords -keepassxc -# for installing Signal -gpg -wget -# diff --git a/testing/aptmark/desktop b/testing/aptmark/desktop new file mode 120000 index 0000000..a42b415 --- /dev/null +++ b/testing/aptmark/desktop @@ -0,0 +1 @@ +../../trixie/aptmark/desktop \ No newline at end of file diff --git a/testing/aptmark/t490s b/testing/aptmark/t490s deleted file mode 100644 index 7d0d722..0000000 --- a/testing/aptmark/t490s +++ /dev/null @@ -1,7 +0,0 @@ -# so we can work without the Ethernet adapter -network-manager -wpasupplicant -firmware-iwlwifi -# for battery management, we assume good defaults -tlp - diff --git a/testing/aptmark/t490s b/testing/aptmark/t490s new file mode 120000 index 0000000..0ebfe44 --- /dev/null +++ b/testing/aptmark/t490s @@ -0,0 +1 @@ +../../trixie/aptmark/t490s \ No newline at end of file diff --git a/testing/copy/desktop b/testing/copy/desktop new file mode 120000 index 0000000..73d049c --- /dev/null +++ b/testing/copy/desktop @@ -0,0 +1 @@ +../../trixie/copy/desktop \ No newline at end of file diff --git a/testing/copy/t490s b/testing/copy/t490s new file mode 120000 index 0000000..dbd851d --- /dev/null +++ b/testing/copy/t490s @@ -0,0 +1 @@ +../../trixie/copy/t490s \ No newline at end of file diff --git a/testing/scripts/_setup_secrets_user.sh b/testing/scripts/_setup_secrets_user.sh deleted file mode 100644 index f46d693..0000000 --- a/testing/scripts/_setup_secrets_user.sh +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/sh -set -e -cd $(dirname "$0") -. lib/abort -. lib/abort_if_exists -. lib/abort_if_not_user -. lib/abort_if_offline -. lib/constants_secrets # PATH_SECRETS, PATH_SECRETS_KDBX, PATH_SECRETS_SSH, PATH_SECRETS_BORGKEYS, PATH_USER_KDBX -. lib/constants_ssh # PATH_USER_SSH -. lib/constants_user # USERNAME -. lib/constants_borg # NAME_BORGAPP -. lib/copy_and_unmount_secrets -. lib/expect_n_args -. lib/mount_secrets -. lib/prefixed_msg -. lib/retry_until -. lib/trapp - -prefixed_msg_init -PATH_REPOS="${HOME}/repos" -REPOS_SITE_DOMAIN=plomlompom.com -REMOTE_PATH_REPOS=/var/repos - -expect_n_args 1 1 "(device name, e.g. 'sda')" $@ -abort_if_offline -abort_if_not_user "${USERNAME}" -abort_if_exists "${PATH_SECRETS}" -abort_if_exists "${PATH_USER_SSH}" -abort_if_exists "${PATH_REPOS}" - -mount_secrets "$1" # sets PASSPHRASE -copy_and_unmount_secrets 'in' -export BORG_PASSPHRASE="${PASSPHRASE}" - -prefixed_msg 'Copying passwords DB …' -cp -a "${PATH_SECRETS_KDBX}" "${PATH_USER_KDBX}" - -prefixed_msg 'Setting up ~/.ssh …' -cp -a "${PATH_SECRETS_SSH}" "${PATH_USER_SSH}" -stty -echo -trapp stty echo -retry_until 1 'echo ""' 'ssh-add -q' 'prefixed_msg "Aborting due to ssh-add error"' -stty echo -trapp - -printf '\n' -prefixed_msg 'Setting up ~/repos …' -REPOS_SITE_LOGIN="${USERNAME}@${REPOS_SITE_DOMAIN}" -mkdir "${PATH_REPOS}" -cd "${PATH_REPOS}" -ssh ${REPOS_SITE_LOGIN} "cd ${REMOTE_PATH_REPOS} && ls -1" | while read REPO_NAME; do - prefixed_msg "Cloning ${REPO_NAME} …" - git clone --quiet --recurse "${REPOS_SITE_LOGIN}:${REMOTE_PATH_REPOS}/${REPO_NAME}" -done -cd - > /dev/null - -prefixed_msg 'Setting up borg and pull in ~/org …' -cd "${PATH_SECRETS_BORGKEYS}" -ls -1 | while read _FILENAME; do - "${NAME_BORGAPP}" claim "${_FILENAME}" -done -cd - -retry_until 2 '' "${NAME_BORGAPP} orgpull" "prefixed_msg 'Aborting due to unexpected ${NAME_BORGAPP} error.'" '' 'direct' -prefixed_msg "${_OUTPUT}" - -prefixed_msg_exit diff --git a/testing/scripts/_setup_secrets_user.sh b/testing/scripts/_setup_secrets_user.sh new file mode 120000 index 0000000..e5bd52f --- /dev/null +++ b/testing/scripts/_setup_secrets_user.sh @@ -0,0 +1 @@ +../../trixie/scripts/_setup_secrets_user.sh \ No newline at end of file diff --git a/testing/scripts/lib/abort_if_exists b/testing/scripts/lib/abort_if_exists deleted file mode 100644 index 33f49d5..0000000 --- a/testing/scripts/lib/abort_if_exists +++ /dev/null @@ -1,7 +0,0 @@ -. lib/abort - -abort_if_exists() { - if [ -e "$1" ]; then - abort "Aborting since $1 already exists." - fi -} diff --git a/testing/scripts/lib/abort_if_exists b/testing/scripts/lib/abort_if_exists new file mode 120000 index 0000000..ff35025 --- /dev/null +++ b/testing/scripts/lib/abort_if_exists @@ -0,0 +1 @@ +../../../trixie/scripts/lib/abort_if_exists \ No newline at end of file diff --git a/testing/scripts/lib/abort_if_offline b/testing/scripts/lib/abort_if_offline deleted file mode 100644 index b81c784..0000000 --- a/testing/scripts/lib/abort_if_offline +++ /dev/null @@ -1,7 +0,0 @@ -. lib/abort - -abort_if_offline() { - if ! ping -c1 -W2 1.1.1.1 > /dev/null 2>&1; then - abort 'Must be run online.' - fi -} diff --git a/testing/scripts/lib/abort_if_offline b/testing/scripts/lib/abort_if_offline new file mode 120000 index 0000000..919ba38 --- /dev/null +++ b/testing/scripts/lib/abort_if_offline @@ -0,0 +1 @@ +../../../trixie/scripts/lib/abort_if_offline \ No newline at end of file diff --git a/testing/scripts/lib/constants_borg b/testing/scripts/lib/constants_borg deleted file mode 100644 index befcb4a..0000000 --- a/testing/scripts/lib/constants_borg +++ /dev/null @@ -1,2 +0,0 @@ -NAME_BORGAPP=borgplom -PATH_BORG_CONF="${HOME}/.config/borg" diff --git a/testing/scripts/lib/constants_borg b/testing/scripts/lib/constants_borg new file mode 120000 index 0000000..c4c8e4e --- /dev/null +++ b/testing/scripts/lib/constants_borg @@ -0,0 +1 @@ +../../../trixie/scripts/lib/constants_borg \ No newline at end of file diff --git a/testing/scripts/lib/constants_installer b/testing/scripts/lib/constants_installer deleted file mode 100644 index 76e1589..0000000 --- a/testing/scripts/lib/constants_installer +++ /dev/null @@ -1,2 +0,0 @@ -FILENAME_PRESEED_CFG=preseed.cfg -PATH_PRESEED_CFG=$(realpath "../${FILENAME_PRESEED_CFG}") diff --git a/testing/scripts/lib/constants_installer b/testing/scripts/lib/constants_installer new file mode 120000 index 0000000..e665bda --- /dev/null +++ b/testing/scripts/lib/constants_installer @@ -0,0 +1 @@ +../../../trixie/scripts/lib/constants_installer \ No newline at end of file diff --git a/testing/scripts/lib/constants_releases b/testing/scripts/lib/constants_releases deleted file mode 100644 index a0bd0b0..0000000 --- a/testing/scripts/lib/constants_releases +++ /dev/null @@ -1,2 +0,0 @@ -PREV_RELEASE=trixie -THIS_RELEASE=testing diff --git a/testing/scripts/lib/constants_secrets b/testing/scripts/lib/constants_secrets deleted file mode 100644 index 9b0cf7e..0000000 --- a/testing/scripts/lib/constants_secrets +++ /dev/null @@ -1,9 +0,0 @@ -. lib/constants_user -PATH_MEDIA=/media -PATH_REL_SECRETS=.secrets -PATH_SECRETS="${PATH_USER_HOME}/${PATH_REL_SECRETS}" -PATH_SECRETS_SSH="${PATH_SECRETS}/ssh" -PATH_SECRETS_BORGKEYS="${PATH_SECRETS}/borgkeys" -FILENAME_KDBX=Passwords.kdbx -PATH_SECRETS_KDBX="${PATH_SECRETS}/${FILENAME_KDBX}" -PATH_USER_KDBX="${PATH_USER_HOME}/${FILENAME_KDBX}" diff --git a/testing/scripts/lib/constants_secrets b/testing/scripts/lib/constants_secrets new file mode 120000 index 0000000..cc75532 --- /dev/null +++ b/testing/scripts/lib/constants_secrets @@ -0,0 +1 @@ +../../../trixie/scripts/lib/constants_secrets \ No newline at end of file diff --git a/testing/scripts/lib/copy_and_unmount_secrets b/testing/scripts/lib/copy_and_unmount_secrets deleted file mode 100644 index 8d203c9..0000000 --- a/testing/scripts/lib/copy_and_unmount_secrets +++ /dev/null @@ -1,18 +0,0 @@ -. lib/constants_secrets # PATH_REL_SECRETS, PATH_SECRETS - -copy_and_unmount_secrets() { -prefixed_msg_init copy_and_unmount_secrets - -prefixed_msg "Copying over ${PATH_REL_SECRETS}." -if [ "$1" = "out" ]; then - cp -a "${PATH_SECRETS}" "${PATH_MOUNTED_SECRETS}" -elif [ "$1" = "in" ]; then - cp -a "${PATH_MOUNTED_SECRETS}" "${PATH_SECRETS}" -else - abort "Illegal argument to unmount_secrets." -fi -pumount "${SECRETS_DEV}" -prefixed_msg "You can remove device ${SECRETS_DEV} now." - -prefixed_msg_exit -} diff --git a/testing/scripts/lib/copy_and_unmount_secrets b/testing/scripts/lib/copy_and_unmount_secrets new file mode 120000 index 0000000..901c52f --- /dev/null +++ b/testing/scripts/lib/copy_and_unmount_secrets @@ -0,0 +1 @@ +../../../trixie/scripts/lib/copy_and_unmount_secrets \ No newline at end of file diff --git a/testing/scripts/lib/get_mountable_device_path b/testing/scripts/lib/get_mountable_device_path deleted file mode 100644 index b0a1cd5..0000000 --- a/testing/scripts/lib/get_mountable_device_path +++ /dev/null @@ -1,11 +0,0 @@ -. lib/abort - -get_mountable_device_path() { - _PATH_DEV="/dev/$1" - if [ ! -b "${_PATH_DEV}" ]; then - abort "No block device at ${_PATH_DEV}." - elif [ $(mount | grep -E "^${_PATH_DEV}" | wc -l) -gt 0 ]; then - abort "${_PATH_DEV} already mounted." - fi - printf "${_PATH_DEV}" -} diff --git a/testing/scripts/lib/get_mountable_device_path b/testing/scripts/lib/get_mountable_device_path new file mode 120000 index 0000000..15645f9 --- /dev/null +++ b/testing/scripts/lib/get_mountable_device_path @@ -0,0 +1 @@ +../../../trixie/scripts/lib/get_mountable_device_path \ No newline at end of file diff --git a/testing/scripts/lib/get_passphrase b/testing/scripts/lib/get_passphrase deleted file mode 100644 index 6e3f0ff..0000000 --- a/testing/scripts/lib/get_passphrase +++ /dev/null @@ -1,6 +0,0 @@ -get_passphrase() { - stty -echo - read PASSPHRASE - stty echo - printf "${PASSPHRASE}" -} diff --git a/testing/scripts/lib/get_passphrase b/testing/scripts/lib/get_passphrase new file mode 120000 index 0000000..f38d6ac --- /dev/null +++ b/testing/scripts/lib/get_passphrase @@ -0,0 +1 @@ +../../../trixie/scripts/lib/get_passphrase \ No newline at end of file diff --git a/testing/scripts/lib/mount_secrets b/testing/scripts/lib/mount_secrets deleted file mode 100644 index 7012dab..0000000 --- a/testing/scripts/lib/mount_secrets +++ /dev/null @@ -1,29 +0,0 @@ -. lib/constants_secrets # PATH_MEDIA, PATH_REL_SECRETS -. lib/expect_n_args -. lib/get_passphrase -. lib/path_tmp_timestamped -. lib/prefixed_msg -. lib/retry_until - -mount_secrets() { -prefixed_msg_init mount_secrets - -SECRETS_DEV=$1 -if [ -z "${SECRETS_DEV}" ]; then - abort "Aborting due to empty device argument." -fi -PATH_MOUNTED_SECRETS="${PATH_MEDIA}/${SECRETS_DEV}/${PATH_REL_SECRETS}" -PATH_DEV="/dev/${SECRETS_DEV}" -PATH_PMOUNT_ERR="$(path_tmp_timestamped 'err_mount')" -prefixed_msg "Put secrets drive into slot for ${PATH_DEV}." -while [ ! -e "${PATH_DEV}" ]; do - sleep 0.1 -done -_ON_LOOP_START='prefixed_msg_no_nl "Passphrase: "; PASSPHRASE=$(get_passphrase); echo ""' -_TO_TEST='echo "${PASSPHRASE}" | pmount "${PATH_DEV}" 2>&1' -_ON_FAIL='prefixed_msg "Aborting due to pmount error:"' -retry_until 100 "${_ON_LOOP_START}" "${_TO_TEST}" "${_ON_FAIL}" -prefixed_msg "${_OUTPUT}" - -prefixed_msg_exit -} diff --git a/testing/scripts/lib/mount_secrets b/testing/scripts/lib/mount_secrets new file mode 120000 index 0000000..d358809 --- /dev/null +++ b/testing/scripts/lib/mount_secrets @@ -0,0 +1 @@ +../../../trixie/scripts/lib/mount_secrets \ No newline at end of file diff --git a/testing/scripts/lib/path_tmp_timestamped b/testing/scripts/lib/path_tmp_timestamped deleted file mode 100644 index 7ae63cd..0000000 --- a/testing/scripts/lib/path_tmp_timestamped +++ /dev/null @@ -1,3 +0,0 @@ -path_tmp_timestamped () { - printf "/tmp/${1}_$(date +'%s')" -} diff --git a/testing/scripts/lib/path_tmp_timestamped b/testing/scripts/lib/path_tmp_timestamped new file mode 120000 index 0000000..a7ae07c --- /dev/null +++ b/testing/scripts/lib/path_tmp_timestamped @@ -0,0 +1 @@ +../../../trixie/scripts/lib/path_tmp_timestamped \ No newline at end of file diff --git a/testing/scripts/lib/retry_until b/testing/scripts/lib/retry_until deleted file mode 100644 index 5179ba1..0000000 --- a/testing/scripts/lib/retry_until +++ /dev/null @@ -1,27 +0,0 @@ -retry_until() { - _CODE_FOR_CONTINUE="$1" - _ON_LOOP_START="$2" - _TO_TEST="$3" - _ON_FAIL="$4" - _ON_LOOP_END="$5" - _OUTPUT_MODE="$6" - while true; do - eval "${_ON_LOOP_START}" - set +e - if [ "${_OUTPUT_MODE}" = 'direct' ]; then - eval ${_TO_TEST} - _RESULT=$? - else - _OUTPUT="$(eval ${_TO_TEST})" - _RESULT=$? - fi - set -e - if [ "${_RESULT}" = '0' ]; then - break - elif [ "${_RESULT}" != "${_CODE_FOR_CONTINUE}" ]; then - eval "${_ON_FAIL}" - abort - fi - eval "${_ON_LOOP_END}" - done -} diff --git a/testing/scripts/lib/retry_until b/testing/scripts/lib/retry_until new file mode 120000 index 0000000..0b0c894 --- /dev/null +++ b/testing/scripts/lib/retry_until @@ -0,0 +1 @@ +../../../trixie/scripts/lib/retry_until \ No newline at end of file diff --git a/testing/scripts/make_writable_installer.sh b/testing/scripts/make_writable_installer.sh deleted file mode 100755 index 59b9805..0000000 --- a/testing/scripts/make_writable_installer.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/sh -# based on -set -e -cd $(dirname "$0") -. lib/INSTALLER_VERSION -. lib/abort -. lib/abort_if_command_unknown -. lib/abort_if_not_user -. lib/abort_if_offline -. lib/constants_installer # FILENAME_PRESEED_CFG, PATH_PRESEED_CFG -. lib/expect_n_args -. lib/get_mountable_device_path -. lib/path_tmp_timestamped -. lib/trapp - -expect_n_args 1 1 'DEVICE (e.g. "sdb")' $@ -abort_if_not_user root -abort_if_offline -abort_if_command_unknown mkfs.vfat -abort_if_command_unknown parted -abort_if_command_unknown rsync -abort_if_command_unknown wget -PATH_DEV="$(get_mountable_device_path $1)" -PATH_MNT_ISO=/mnt/iso - -PATH_PROCESSING="$(path_tmp_timestamped make_writable_installer)" -RM_PROCESSING="rm -rf ${PATH_PROCESSING}" -echo "Setting up processing directory at ${PATH_PROCESSING} …" -mkdir "${PATH_PROCESSING}" -trapp "${RM_PROCESSING}" -cd "${PATH_PROCESSING}" - -FILENAME_ISO="debian-${INSTALLER_VERSION}-amd64-netinst.iso" -echo "Retrieving ${FILENAME_ISO} …" -URL_ISO="https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/${FILENAME_ISO}" -wget --quiet --output-document "${FILENAME_ISO}" "${URL_ISO}" - -echo "Preparing partition/filesystem on ${PATH_DEV} …" -parted --script "${PATH_DEV}" mklabel msdos -parted --script "${PATH_DEV}" mkpart primary fat32 0% 100% -PATH_PARTITION="${PATH_DEV}1" -mkfs.vfat "${PATH_PARTITION}" > /dev/null - -PATH_MNT_DEV='/mnt/'$(basename "${PATH_PARTITION}") -echo -n "Mounting ${PATH_MNT_ISO} and ${PATH_MNT_DEV} …" -mkdir -p "${PATH_MNT_ISO}" "${PATH_MNT_DEV}" -do_umount() { - echo "Unmounting $1 …" - set +e - umount "$1" - set -e -} -mount "${PATH_PARTITION}" "${PATH_MNT_DEV}" -trapp "${RM_PROCESSING}; do_umount ${PATH_MNT_DEV}" -mount -o loop "${FILENAME_ISO}" "${PATH_MNT_ISO}" 2>&1 | sed 's|mount: /mnt/iso: WARNING: source write-protected, mounted read-only.||' -trapp "${RM_PROCESSING}; do_umount ${PATH_MNT_DEV}; do_umount ${PATH_MNT_ISO}" - -echo "Copying contents of ${PATH_MNT_ISO} to ${PATH_MNT_DEV}/ …" -FILENAME_RSYNC_ERRORS="rsync_errors" -set +e -rsync -a "${PATH_MNT_ISO}/" "${PATH_MNT_DEV}/" 2> "${FILENAME_RSYNC_ERRORS}" -RESULT=$? -set -e -if [ "${RESULT}" != "0" ]; then - echo 'RSYNC ERRORS:' - cat "${FILENAME_RSYNC_ERRORS}" - echo '\nrsync encountered errors, see above – continue? (Y/N)' - read ANSWER - FIRST_CHAR=$(echo "${ANSWER}" | cut -c1) - if ! [ "${FIRST_CHAR}" = 'y' -o "${FIRST_CHAR}" = 'Y' ]; then - abort 'as requested' - fi -fi - -echo "Installing preseed file …" -cp "${PATH_PRESEED_CFG}" "${PATH_MNT_DEV}/" -sed --in-place 's/ --- / --- preseed\/file=\/cdrom\/'"${FILENAME_PRESEED_CFG}"' /g' "${PATH_MNT_DEV}/boot/grub/grub.cfg" - -echo "Done!" diff --git a/testing/scripts/make_writable_installer.sh b/testing/scripts/make_writable_installer.sh new file mode 120000 index 0000000..e3dfcb6 --- /dev/null +++ b/testing/scripts/make_writable_installer.sh @@ -0,0 +1 @@ +../../trixie/scripts/make_writable_installer.sh \ No newline at end of file diff --git a/testing/scripts/setup_desktop.sh b/testing/scripts/setup_desktop.sh deleted file mode 100755 index 7820dff..0000000 --- a/testing/scripts/setup_desktop.sh +++ /dev/null @@ -1,87 +0,0 @@ -#!/bin/sh -set -e -cd $(dirname "$0") -. lib/abort -. lib/abort_if_offline -. lib/apt_get_digested -. lib/constants_etc # PATH_ETC -. lib/constants_user # USERNAME -. lib/copy_dirtrees_of_tags -. lib/core_setup -. lib/expect_n_args -. lib/prefixed_msg -. lib/put_finished_marker - -prefixed_msg_init -prefixed_msg 'starting …' - -PATH_NETWORK_INTERFACES="${PATH_ETC}/network/interfaces" -THINKPAD_NAMES="x220 w530 t490s" - -abort_if_offline - -get_system_class_for() { - for THINKPAD_NAME in $THINKPAD_NAMES; do - if [ "$1" = "${THINKPAD_NAME}" ]; then - printf 'thinkpad' - break - fi - done - printf '' -} -abort_if_illegal_system_name() { - LEGAL_SYSTEM_NAMES="${THINKPAD_NAMES} h610m" - for SYSTEM_NAME_I in $LEGAL_SYSTEM_NAMES; do - if [ "$1" = "$SYSTEM_NAME_I" ]; then - return 0 - fi - done - abort 'Need legal system name.' -} -expect_n_args 2 2 "SYSTEM_NAME, USER_PW" $@ -SYSTEM_NAME="$1" -USER_PW="$2" -abort_if_illegal_system_name "${SYSTEM_NAME}" -SYSTEM_CLASS_NAME="$(get_system_class_for ${SYSTEM_NAME})" -INSTALL_TAGS="all ${SYSTEM_CLASS_NAME} ${SYSTEM_NAME} user desktop" - -adopt_wifi_connection() { - get_network_interfaces_last_wpa_value() { - REGEX="^\s+wpa-${1}\s+" - cat "${PATH_NETWORK_INTERFACES}" | grep -E "${REGEX}" | sed -E "s/${REGEX}//g" | tail -1 - } - WLAN_SSID=$(get_network_interfaces_last_wpa_value 'ssid') - WLAN_PSK=$(get_network_interfaces_last_wpa_value 'psk') - if [ ! -z "${WLAN_SSID}" ]; then - prefixed_msg_no_nl "Found, adding to NetworkManager: " - if [ -z "${WLAN_PSK}" ]; then - nmcli connection add type wifi wifi.ssid "${WLAN_SSID}" - else # NB: assumes last (collected with tail -1) wpa-psk that of last wlan-ssid - nmcli connection add type wifi wifi.ssid "${WLAN_SSID}" wifi-sec.key-mgmt wpa-psk wifi-sec.psk "${WLAN_PSK}" - fi - fi -} - -../../trixie/scripts/from_older_upgrade.sh desktop -./from_older_upgrade.sh desktop - -# NB: This needs to come before steps potentially overwriting /etc/network/interfaces. -apt_get_digested '-q -q install network-manager' -if [ "$(nmcli -f TYPE conn | grep 'wifi' | wc -l)" = "0" ]; then - prefixed_msg "Checking for existing wifi config in ${PATH_NETWORK_INTERFACES} …" - adopt_wifi_connection -else - prefixed_msg 'Already know wifi connection, nothing to add …' -fi - -core_setup "${SYSTEM_NAME}" "" "" "${INSTALL_TAGS}" - -prefixed_msg 'Ensuring our desired locale is available …' -locale-gen - -prefixed_msg 'Final user setup …' -adduser --quiet "${USERNAME}" plugdev # so user may use pmount -echo "${USERNAME}:${USER_PW}" | chpasswd - -put_finished_marker 'setup_desktop' -prefixed_msg_exit diff --git a/testing/scripts/setup_desktop.sh b/testing/scripts/setup_desktop.sh new file mode 120000 index 0000000..44e3f06 --- /dev/null +++ b/testing/scripts/setup_desktop.sh @@ -0,0 +1 @@ +../../trixie/scripts/setup_desktop.sh \ No newline at end of file diff --git a/testing/scripts/setup_secrets.sh b/testing/scripts/setup_secrets.sh deleted file mode 100755 index f50ed96..0000000 --- a/testing/scripts/setup_secrets.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/sh -set -e -cd $(dirname "$0") -. lib/abort_if_not_user -. lib/check_finished_marker -. lib/constants_repopaths # PATH_CONF, PATH_SCRIPTS -. lib/constants_user # USERNAME -. lib/path_tmp_timestamped -. lib/prefixed_msg - -prefixed_msg_init - -check_finished_marker 'setup_desktop' -abort_if_not_user root -PATH_REL_SETUP_SECRETS_USER="$(basename ${PATH_CONF})/$(basename ${PATH_SCRIPTS})/_setup_secrets_user.sh" -PATH_REPO="$(dirname ${PATH_CONF})" -PATH_TMP_REPO="$(path_tmp_timestamped configrepo)" - -prefixed_msg "Setting up config repo copy for user at ${PATH_TMP_REPO} …" -cp -a "${PATH_REPO}" "${PATH_TMP_REPO}" -chown -R "${USERNAME}:${USERNAME}" "${PATH_TMP_REPO}" -su -l "${USERNAME}" -c "/bin/sh ${PATH_TMP_REPO}/${PATH_REL_SETUP_SECRETS_USER} $1" -rm -rf "${PATH_TMP_REPO}" - -prefixed_msg_exit diff --git a/testing/scripts/setup_secrets.sh b/testing/scripts/setup_secrets.sh new file mode 120000 index 0000000..520fed5 --- /dev/null +++ b/testing/scripts/setup_secrets.sh @@ -0,0 +1 @@ +../../trixie/scripts/setup_secrets.sh \ No newline at end of file diff --git a/trixie/aptmark/desktop b/trixie/aptmark/desktop new file mode 100644 index 0000000..1454ff3 --- /dev/null +++ b/trixie/aptmark/desktop @@ -0,0 +1,37 @@ +# to avoid booting problems with encrypted LVM, see +cryptsetup-initramfs +lvm2 +# for secrets +pmount +# for my own scripts to run +python3-venv +# for syncing +borgbackup +# for accessing remote machines +openssh-client +# wayland usage essentials +sway +wl-clipboard +# at a minimum sets env stuff without which sway won't start +dbus-user-session +# for sound +pulseaudio +# dmenu replacement +wmenu +# for status.sh to work +calc +# xterm replacement +foot +# for e.g. chromium to work (and to disappear certain error messages) +xwayland +# for firefox and tridactyl +curl +firefox-esr +# for using Google services +chromium +# for passwords +keepassxc +# for installing Signal +gpg +wget +# diff --git a/trixie/aptmark/t490s b/trixie/aptmark/t490s new file mode 100644 index 0000000..7d0d722 --- /dev/null +++ b/trixie/aptmark/t490s @@ -0,0 +1,7 @@ +# so we can work without the Ethernet adapter +network-manager +wpasupplicant +firmware-iwlwifi +# for battery management, we assume good defaults +tlp + diff --git a/testing/copy/desktop/etc/network/interfaces b/trixie/copy/desktop/etc/network/interfaces similarity index 100% rename from testing/copy/desktop/etc/network/interfaces rename to trixie/copy/desktop/etc/network/interfaces diff --git a/testing/copy/desktop/home/plom/.bashrc.desktop b/trixie/copy/desktop/home/plom/.bashrc.desktop similarity index 100% rename from testing/copy/desktop/home/plom/.bashrc.desktop rename to trixie/copy/desktop/home/plom/.bashrc.desktop diff --git a/testing/copy/desktop/home/plom/.config/sway/config b/trixie/copy/desktop/home/plom/.config/sway/config similarity index 100% rename from testing/copy/desktop/home/plom/.config/sway/config rename to trixie/copy/desktop/home/plom/.config/sway/config diff --git a/testing/copy/desktop/home/plom/.gitconfig b/trixie/copy/desktop/home/plom/.gitconfig similarity index 100% rename from testing/copy/desktop/home/plom/.gitconfig rename to trixie/copy/desktop/home/plom/.gitconfig diff --git a/testing/copy/desktop/home/plom/.local/bin/backlight b/trixie/copy/desktop/home/plom/.local/bin/backlight similarity index 100% rename from testing/copy/desktop/home/plom/.local/bin/backlight rename to trixie/copy/desktop/home/plom/.local/bin/backlight diff --git a/testing/copy/desktop/home/plom/.local/bin/borgplom b/trixie/copy/desktop/home/plom/.local/bin/borgplom similarity index 100% rename from testing/copy/desktop/home/plom/.local/bin/borgplom rename to trixie/copy/desktop/home/plom/.local/bin/borgplom diff --git a/testing/copy/desktop/home/plom/.local/bin/make_secrets b/trixie/copy/desktop/home/plom/.local/bin/make_secrets similarity index 100% rename from testing/copy/desktop/home/plom/.local/bin/make_secrets rename to trixie/copy/desktop/home/plom/.local/bin/make_secrets diff --git a/testing/copy/desktop/home/plom/.local/bin/vol b/trixie/copy/desktop/home/plom/.local/bin/vol similarity index 100% rename from testing/copy/desktop/home/plom/.local/bin/vol rename to trixie/copy/desktop/home/plom/.local/bin/vol diff --git a/testing/copy/desktop/home/plom/.plomlib/abort b/trixie/copy/desktop/home/plom/.plomlib/abort similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/abort rename to trixie/copy/desktop/home/plom/.plomlib/abort diff --git a/testing/copy/desktop/home/plom/.plomlib/abort_if_exists b/trixie/copy/desktop/home/plom/.plomlib/abort_if_exists similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/abort_if_exists rename to trixie/copy/desktop/home/plom/.plomlib/abort_if_exists diff --git a/testing/copy/desktop/home/plom/.plomlib/audio_dev_is_mute b/trixie/copy/desktop/home/plom/.plomlib/audio_dev_is_mute similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/audio_dev_is_mute rename to trixie/copy/desktop/home/plom/.plomlib/audio_dev_is_mute diff --git a/testing/copy/desktop/home/plom/.plomlib/constants_borg b/trixie/copy/desktop/home/plom/.plomlib/constants_borg similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/constants_borg rename to trixie/copy/desktop/home/plom/.plomlib/constants_borg diff --git a/testing/copy/desktop/home/plom/.plomlib/constants_secrets b/trixie/copy/desktop/home/plom/.plomlib/constants_secrets similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/constants_secrets rename to trixie/copy/desktop/home/plom/.plomlib/constants_secrets diff --git a/testing/copy/desktop/home/plom/.plomlib/constants_ssh b/trixie/copy/desktop/home/plom/.plomlib/constants_ssh similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/constants_ssh rename to trixie/copy/desktop/home/plom/.plomlib/constants_ssh diff --git a/testing/copy/desktop/home/plom/.plomlib/constants_user b/trixie/copy/desktop/home/plom/.plomlib/constants_user similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/constants_user rename to trixie/copy/desktop/home/plom/.plomlib/constants_user diff --git a/testing/copy/desktop/home/plom/.plomlib/copy_and_unmount_secrets b/trixie/copy/desktop/home/plom/.plomlib/copy_and_unmount_secrets similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/copy_and_unmount_secrets rename to trixie/copy/desktop/home/plom/.plomlib/copy_and_unmount_secrets diff --git a/testing/copy/desktop/home/plom/.plomlib/expect_n_args b/trixie/copy/desktop/home/plom/.plomlib/expect_n_args similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/expect_n_args rename to trixie/copy/desktop/home/plom/.plomlib/expect_n_args diff --git a/testing/copy/desktop/home/plom/.plomlib/get_passphrase b/trixie/copy/desktop/home/plom/.plomlib/get_passphrase similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/get_passphrase rename to trixie/copy/desktop/home/plom/.plomlib/get_passphrase diff --git a/testing/copy/desktop/home/plom/.plomlib/mount_secrets b/trixie/copy/desktop/home/plom/.plomlib/mount_secrets similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/mount_secrets rename to trixie/copy/desktop/home/plom/.plomlib/mount_secrets diff --git a/testing/copy/desktop/home/plom/.plomlib/path_tmp_timestamped b/trixie/copy/desktop/home/plom/.plomlib/path_tmp_timestamped similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/path_tmp_timestamped rename to trixie/copy/desktop/home/plom/.plomlib/path_tmp_timestamped diff --git a/testing/copy/desktop/home/plom/.plomlib/prefixed_msg b/trixie/copy/desktop/home/plom/.plomlib/prefixed_msg similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/prefixed_msg rename to trixie/copy/desktop/home/plom/.plomlib/prefixed_msg diff --git a/testing/copy/desktop/home/plom/.plomlib/print_usage b/trixie/copy/desktop/home/plom/.plomlib/print_usage similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/print_usage rename to trixie/copy/desktop/home/plom/.plomlib/print_usage diff --git a/testing/copy/desktop/home/plom/.plomlib/retry_until b/trixie/copy/desktop/home/plom/.plomlib/retry_until similarity index 100% rename from testing/copy/desktop/home/plom/.plomlib/retry_until rename to trixie/copy/desktop/home/plom/.plomlib/retry_until diff --git a/testing/copy/desktop/home/plom/.profile.desktop b/trixie/copy/desktop/home/plom/.profile.desktop similarity index 100% rename from testing/copy/desktop/home/plom/.profile.desktop rename to trixie/copy/desktop/home/plom/.profile.desktop diff --git a/testing/copy/desktop/home/plom/.shell_prompt_color b/trixie/copy/desktop/home/plom/.shell_prompt_color similarity index 100% rename from testing/copy/desktop/home/plom/.shell_prompt_color rename to trixie/copy/desktop/home/plom/.shell_prompt_color diff --git a/testing/copy/desktop/home/plom/.tridactylrc b/trixie/copy/desktop/home/plom/.tridactylrc similarity index 100% rename from testing/copy/desktop/home/plom/.tridactylrc rename to trixie/copy/desktop/home/plom/.tridactylrc diff --git a/testing/copy/t490s/home/plom/.nonpath_bins/status.sh b/trixie/copy/t490s/home/plom/.nonpath_bins/status.sh similarity index 100% rename from testing/copy/t490s/home/plom/.nonpath_bins/status.sh rename to trixie/copy/t490s/home/plom/.nonpath_bins/status.sh diff --git a/trixie/scripts/_setup_secrets_user.sh b/trixie/scripts/_setup_secrets_user.sh new file mode 100644 index 0000000..60fc651 --- /dev/null +++ b/trixie/scripts/_setup_secrets_user.sh @@ -0,0 +1,66 @@ +#!/bin/sh +set -e +cd $(dirname "$0") +. lib/abort +# . lib/abort_if_exists +. lib/abort_if_not_user +. lib/abort_if_offline +# . lib/constants_secrets # PATH_SECRETS, PATH_SECRETS_KDBX, PATH_SECRETS_SSH, PATH_SECRETS_BORGKEYS, PATH_USER_KDBX +. lib/constants_ssh # PATH_USER_SSH +. lib/constants_user # USERNAME +# . lib/constants_borg # NAME_BORGAPP +# . lib/copy_and_unmount_secrets +. lib/expect_n_args +# . lib/mount_secrets +. lib/prefixed_msg +# . lib/retry_until +. lib/trapp + +prefixed_msg_init +PATH_REPOS="${HOME}/repos" +REPOS_SITE_DOMAIN=plomlompom.com +REMOTE_PATH_REPOS=/var/repos + +expect_n_args 1 1 "(device name, e.g. 'sda')" $@ +abort_if_offline +abort_if_not_user "${USERNAME}" +abort_if_exists "${PATH_SECRETS}" +abort_if_exists "${PATH_USER_SSH}" +abort_if_exists "${PATH_REPOS}" + +mount_secrets "$1" # sets PASSPHRASE +copy_and_unmount_secrets 'in' +export BORG_PASSPHRASE="${PASSPHRASE}" + +prefixed_msg 'Copying passwords DB …' +cp -a "${PATH_SECRETS_KDBX}" "${PATH_USER_KDBX}" + +prefixed_msg 'Setting up ~/.ssh …' +cp -a "${PATH_SECRETS_SSH}" "${PATH_USER_SSH}" +stty -echo +trapp stty echo +retry_until 1 'echo ""' 'ssh-add -q' 'prefixed_msg "Aborting due to ssh-add error"' +stty echo +trapp + +printf '\n' +prefixed_msg 'Setting up ~/repos …' +REPOS_SITE_LOGIN="${USERNAME}@${REPOS_SITE_DOMAIN}" +mkdir "${PATH_REPOS}" +cd "${PATH_REPOS}" +ssh ${REPOS_SITE_LOGIN} "cd ${REMOTE_PATH_REPOS} && ls -1" | while read REPO_NAME; do + prefixed_msg "Cloning ${REPO_NAME} …" + git clone --quiet --recurse "${REPOS_SITE_LOGIN}:${REMOTE_PATH_REPOS}/${REPO_NAME}" +done +cd - > /dev/null + +prefixed_msg 'Setting up borg and pull in ~/org …' +cd "${PATH_SECRETS_BORGKEYS}" +ls -1 | while read _FILENAME; do + "${NAME_BORGAPP}" claim "${_FILENAME}" +done +cd - +retry_until 2 '' "${NAME_BORGAPP} orgpull" "prefixed_msg 'Aborting due to unexpected ${NAME_BORGAPP} error.'" '' 'direct' +prefixed_msg "${_OUTPUT}" + +prefixed_msg_exit diff --git a/trixie/scripts/lib/INSTALLER_VERSION b/trixie/scripts/lib/INSTALLER_VERSION new file mode 100644 index 0000000..d9aceff --- /dev/null +++ b/trixie/scripts/lib/INSTALLER_VERSION @@ -0,0 +1 @@ +INSTALLER_VERSION=13.0.0 diff --git a/trixie/scripts/lib/abort_if_exists b/trixie/scripts/lib/abort_if_exists new file mode 100644 index 0000000..33f49d5 --- /dev/null +++ b/trixie/scripts/lib/abort_if_exists @@ -0,0 +1,7 @@ +. lib/abort + +abort_if_exists() { + if [ -e "$1" ]; then + abort "Aborting since $1 already exists." + fi +} diff --git a/trixie/scripts/lib/abort_if_offline b/trixie/scripts/lib/abort_if_offline new file mode 100644 index 0000000..b81c784 --- /dev/null +++ b/trixie/scripts/lib/abort_if_offline @@ -0,0 +1,7 @@ +. lib/abort + +abort_if_offline() { + if ! ping -c1 -W2 1.1.1.1 > /dev/null 2>&1; then + abort 'Must be run online.' + fi +} diff --git a/trixie/scripts/lib/constants_borg b/trixie/scripts/lib/constants_borg new file mode 100644 index 0000000..befcb4a --- /dev/null +++ b/trixie/scripts/lib/constants_borg @@ -0,0 +1,2 @@ +NAME_BORGAPP=borgplom +PATH_BORG_CONF="${HOME}/.config/borg" diff --git a/trixie/scripts/lib/constants_installer b/trixie/scripts/lib/constants_installer new file mode 100644 index 0000000..76e1589 --- /dev/null +++ b/trixie/scripts/lib/constants_installer @@ -0,0 +1,2 @@ +FILENAME_PRESEED_CFG=preseed.cfg +PATH_PRESEED_CFG=$(realpath "../${FILENAME_PRESEED_CFG}") diff --git a/trixie/scripts/lib/constants_secrets b/trixie/scripts/lib/constants_secrets new file mode 100644 index 0000000..9b0cf7e --- /dev/null +++ b/trixie/scripts/lib/constants_secrets @@ -0,0 +1,9 @@ +. lib/constants_user +PATH_MEDIA=/media +PATH_REL_SECRETS=.secrets +PATH_SECRETS="${PATH_USER_HOME}/${PATH_REL_SECRETS}" +PATH_SECRETS_SSH="${PATH_SECRETS}/ssh" +PATH_SECRETS_BORGKEYS="${PATH_SECRETS}/borgkeys" +FILENAME_KDBX=Passwords.kdbx +PATH_SECRETS_KDBX="${PATH_SECRETS}/${FILENAME_KDBX}" +PATH_USER_KDBX="${PATH_USER_HOME}/${FILENAME_KDBX}" diff --git a/trixie/scripts/lib/copy_and_unmount_secrets b/trixie/scripts/lib/copy_and_unmount_secrets new file mode 100644 index 0000000..8d203c9 --- /dev/null +++ b/trixie/scripts/lib/copy_and_unmount_secrets @@ -0,0 +1,18 @@ +. lib/constants_secrets # PATH_REL_SECRETS, PATH_SECRETS + +copy_and_unmount_secrets() { +prefixed_msg_init copy_and_unmount_secrets + +prefixed_msg "Copying over ${PATH_REL_SECRETS}." +if [ "$1" = "out" ]; then + cp -a "${PATH_SECRETS}" "${PATH_MOUNTED_SECRETS}" +elif [ "$1" = "in" ]; then + cp -a "${PATH_MOUNTED_SECRETS}" "${PATH_SECRETS}" +else + abort "Illegal argument to unmount_secrets." +fi +pumount "${SECRETS_DEV}" +prefixed_msg "You can remove device ${SECRETS_DEV} now." + +prefixed_msg_exit +} diff --git a/trixie/scripts/lib/get_mountable_device_path b/trixie/scripts/lib/get_mountable_device_path new file mode 100644 index 0000000..b0a1cd5 --- /dev/null +++ b/trixie/scripts/lib/get_mountable_device_path @@ -0,0 +1,11 @@ +. lib/abort + +get_mountable_device_path() { + _PATH_DEV="/dev/$1" + if [ ! -b "${_PATH_DEV}" ]; then + abort "No block device at ${_PATH_DEV}." + elif [ $(mount | grep -E "^${_PATH_DEV}" | wc -l) -gt 0 ]; then + abort "${_PATH_DEV} already mounted." + fi + printf "${_PATH_DEV}" +} diff --git a/trixie/scripts/lib/get_passphrase b/trixie/scripts/lib/get_passphrase new file mode 100644 index 0000000..6e3f0ff --- /dev/null +++ b/trixie/scripts/lib/get_passphrase @@ -0,0 +1,6 @@ +get_passphrase() { + stty -echo + read PASSPHRASE + stty echo + printf "${PASSPHRASE}" +} diff --git a/trixie/scripts/lib/mount_secrets b/trixie/scripts/lib/mount_secrets new file mode 100644 index 0000000..7012dab --- /dev/null +++ b/trixie/scripts/lib/mount_secrets @@ -0,0 +1,29 @@ +. lib/constants_secrets # PATH_MEDIA, PATH_REL_SECRETS +. lib/expect_n_args +. lib/get_passphrase +. lib/path_tmp_timestamped +. lib/prefixed_msg +. lib/retry_until + +mount_secrets() { +prefixed_msg_init mount_secrets + +SECRETS_DEV=$1 +if [ -z "${SECRETS_DEV}" ]; then + abort "Aborting due to empty device argument." +fi +PATH_MOUNTED_SECRETS="${PATH_MEDIA}/${SECRETS_DEV}/${PATH_REL_SECRETS}" +PATH_DEV="/dev/${SECRETS_DEV}" +PATH_PMOUNT_ERR="$(path_tmp_timestamped 'err_mount')" +prefixed_msg "Put secrets drive into slot for ${PATH_DEV}." +while [ ! -e "${PATH_DEV}" ]; do + sleep 0.1 +done +_ON_LOOP_START='prefixed_msg_no_nl "Passphrase: "; PASSPHRASE=$(get_passphrase); echo ""' +_TO_TEST='echo "${PASSPHRASE}" | pmount "${PATH_DEV}" 2>&1' +_ON_FAIL='prefixed_msg "Aborting due to pmount error:"' +retry_until 100 "${_ON_LOOP_START}" "${_TO_TEST}" "${_ON_FAIL}" +prefixed_msg "${_OUTPUT}" + +prefixed_msg_exit +} diff --git a/trixie/scripts/lib/path_tmp_timestamped b/trixie/scripts/lib/path_tmp_timestamped new file mode 100644 index 0000000..7ae63cd --- /dev/null +++ b/trixie/scripts/lib/path_tmp_timestamped @@ -0,0 +1,3 @@ +path_tmp_timestamped () { + printf "/tmp/${1}_$(date +'%s')" +} diff --git a/trixie/scripts/lib/retry_until b/trixie/scripts/lib/retry_until new file mode 100644 index 0000000..5179ba1 --- /dev/null +++ b/trixie/scripts/lib/retry_until @@ -0,0 +1,27 @@ +retry_until() { + _CODE_FOR_CONTINUE="$1" + _ON_LOOP_START="$2" + _TO_TEST="$3" + _ON_FAIL="$4" + _ON_LOOP_END="$5" + _OUTPUT_MODE="$6" + while true; do + eval "${_ON_LOOP_START}" + set +e + if [ "${_OUTPUT_MODE}" = 'direct' ]; then + eval ${_TO_TEST} + _RESULT=$? + else + _OUTPUT="$(eval ${_TO_TEST})" + _RESULT=$? + fi + set -e + if [ "${_RESULT}" = '0' ]; then + break + elif [ "${_RESULT}" != "${_CODE_FOR_CONTINUE}" ]; then + eval "${_ON_FAIL}" + abort + fi + eval "${_ON_LOOP_END}" + done +} diff --git a/trixie/scripts/make_writable_installer.sh b/trixie/scripts/make_writable_installer.sh new file mode 100755 index 0000000..844d1f7 --- /dev/null +++ b/trixie/scripts/make_writable_installer.sh @@ -0,0 +1,93 @@ +#!/bin/sh +# based on +set -e +cd $(dirname "$0") +. lib/INSTALLER_VERSION +. lib/abort +. lib/abort_if_command_unknown +. lib/abort_if_not_user +. lib/abort_if_offline +. lib/constants_installer # FILENAME_PRESEED_CFG, PATH_PRESEED_CFG +. lib/expect_n_args +. lib/get_mountable_device_path +. lib/path_tmp_timestamped +. lib/trapp + +expect_n_args 1 2 'DEVICE (e.g. "sdb") [PATH_FILE_ISO]' $@ +abort_if_not_user root +abort_if_command_unknown mkfs.vfat +abort_if_command_unknown parted +abort_if_command_unknown rsync +abort_if_command_unknown wget +FILENAME_ISO="debian-${INSTALLER_VERSION}-amd64-netinst.iso" +if [ -z "$2" ]; then + abort_if_offline +else + PATH_FILE_ISO=$(realpath "$2") + if [ ! "${FILENAME_ISO}" = $(basename "${PATH_FILE_ISO}") ]; then + abort "basename of PATH_FILE_ISO != expected ${FILENAME_ISO}" + elif [ ! -f "${PATH_FILE_ISO}" ]; then + abort 'no file found at PATH_FILE_ISO' + fi +fi +PATH_DEV="$(get_mountable_device_path $1)" +PATH_MNT_ISO=/mnt/iso + +PATH_PROCESSING="$(path_tmp_timestamped make_writable_installer)" +RM_PROCESSING="rm -rf ${PATH_PROCESSING}" +echo "Setting up processing directory at ${PATH_PROCESSING} …" +mkdir "${PATH_PROCESSING}" +trapp "${RM_PROCESSING}" +cd "${PATH_PROCESSING}" + +if [ -z "${PATH_FILE_ISO}" ]; then + echo "Retrieving ${FILENAME_ISO} …" + URL_ISO="https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/${FILENAME_ISO}" + wget --quiet --output-document "${FILENAME_ISO}" "${URL_ISO}" +else + echo "Linking to ${PATH_FILE_ISO} …" + ln -s "${PATH_FILE_ISO}" +fi + +echo "Preparing partition/filesystem on ${PATH_DEV} …" +parted --script "${PATH_DEV}" mklabel msdos +parted --script "${PATH_DEV}" mkpart primary fat32 0% 100% +PATH_PARTITION="${PATH_DEV}1" +mkfs.vfat "${PATH_PARTITION}" > /dev/null + +PATH_MNT_DEV='/mnt/'$(basename "${PATH_PARTITION}") +echo -n "Mounting ${PATH_MNT_ISO} and ${PATH_MNT_DEV} …" +mkdir -p "${PATH_MNT_ISO}" "${PATH_MNT_DEV}" +do_umount() { + echo "Unmounting $1 …" + set +e + umount "$1" + set -e +} +mount "${PATH_PARTITION}" "${PATH_MNT_DEV}" +trapp "${RM_PROCESSING}; do_umount ${PATH_MNT_DEV}" +mount -o loop "${FILENAME_ISO}" "${PATH_MNT_ISO}" 2>&1 | sed 's|mount: /mnt/iso: WARNING: source write-protected, mounted read-only.||' +trapp "${RM_PROCESSING}; do_umount ${PATH_MNT_DEV}; do_umount ${PATH_MNT_ISO}" + +echo "Copying contents of ${PATH_MNT_ISO} to ${PATH_MNT_DEV}/ …" +FILENAME_RSYNC_ERRORS="rsync_errors" +set +e +rsync -a "${PATH_MNT_ISO}/" "${PATH_MNT_DEV}/" 2> "${FILENAME_RSYNC_ERRORS}" +RESULT=$? +set -e +if [ "${RESULT}" != "0" ]; then + echo 'RSYNC ERRORS:' + cat "${FILENAME_RSYNC_ERRORS}" + echo '\nrsync encountered errors, see above – continue? (Y/N)' + read ANSWER + FIRST_CHAR=$(echo "${ANSWER}" | cut -c1) + if ! [ "${FIRST_CHAR}" = 'y' -o "${FIRST_CHAR}" = 'Y' ]; then + abort 'as requested' + fi +fi + +echo "Installing preseed file …" +cp "${PATH_PRESEED_CFG}" "${PATH_MNT_DEV}/" +sed --in-place 's/ --- / --- preseed\/file=\/cdrom\/'"${FILENAME_PRESEED_CFG}"' /g' "${PATH_MNT_DEV}/boot/grub/grub.cfg" + +echo "Done!" diff --git a/trixie/scripts/setup_desktop.sh b/trixie/scripts/setup_desktop.sh new file mode 100755 index 0000000..7820dff --- /dev/null +++ b/trixie/scripts/setup_desktop.sh @@ -0,0 +1,87 @@ +#!/bin/sh +set -e +cd $(dirname "$0") +. lib/abort +. lib/abort_if_offline +. lib/apt_get_digested +. lib/constants_etc # PATH_ETC +. lib/constants_user # USERNAME +. lib/copy_dirtrees_of_tags +. lib/core_setup +. lib/expect_n_args +. lib/prefixed_msg +. lib/put_finished_marker + +prefixed_msg_init +prefixed_msg 'starting …' + +PATH_NETWORK_INTERFACES="${PATH_ETC}/network/interfaces" +THINKPAD_NAMES="x220 w530 t490s" + +abort_if_offline + +get_system_class_for() { + for THINKPAD_NAME in $THINKPAD_NAMES; do + if [ "$1" = "${THINKPAD_NAME}" ]; then + printf 'thinkpad' + break + fi + done + printf '' +} +abort_if_illegal_system_name() { + LEGAL_SYSTEM_NAMES="${THINKPAD_NAMES} h610m" + for SYSTEM_NAME_I in $LEGAL_SYSTEM_NAMES; do + if [ "$1" = "$SYSTEM_NAME_I" ]; then + return 0 + fi + done + abort 'Need legal system name.' +} +expect_n_args 2 2 "SYSTEM_NAME, USER_PW" $@ +SYSTEM_NAME="$1" +USER_PW="$2" +abort_if_illegal_system_name "${SYSTEM_NAME}" +SYSTEM_CLASS_NAME="$(get_system_class_for ${SYSTEM_NAME})" +INSTALL_TAGS="all ${SYSTEM_CLASS_NAME} ${SYSTEM_NAME} user desktop" + +adopt_wifi_connection() { + get_network_interfaces_last_wpa_value() { + REGEX="^\s+wpa-${1}\s+" + cat "${PATH_NETWORK_INTERFACES}" | grep -E "${REGEX}" | sed -E "s/${REGEX}//g" | tail -1 + } + WLAN_SSID=$(get_network_interfaces_last_wpa_value 'ssid') + WLAN_PSK=$(get_network_interfaces_last_wpa_value 'psk') + if [ ! -z "${WLAN_SSID}" ]; then + prefixed_msg_no_nl "Found, adding to NetworkManager: " + if [ -z "${WLAN_PSK}" ]; then + nmcli connection add type wifi wifi.ssid "${WLAN_SSID}" + else # NB: assumes last (collected with tail -1) wpa-psk that of last wlan-ssid + nmcli connection add type wifi wifi.ssid "${WLAN_SSID}" wifi-sec.key-mgmt wpa-psk wifi-sec.psk "${WLAN_PSK}" + fi + fi +} + +../../trixie/scripts/from_older_upgrade.sh desktop +./from_older_upgrade.sh desktop + +# NB: This needs to come before steps potentially overwriting /etc/network/interfaces. +apt_get_digested '-q -q install network-manager' +if [ "$(nmcli -f TYPE conn | grep 'wifi' | wc -l)" = "0" ]; then + prefixed_msg "Checking for existing wifi config in ${PATH_NETWORK_INTERFACES} …" + adopt_wifi_connection +else + prefixed_msg 'Already know wifi connection, nothing to add …' +fi + +core_setup "${SYSTEM_NAME}" "" "" "${INSTALL_TAGS}" + +prefixed_msg 'Ensuring our desired locale is available …' +locale-gen + +prefixed_msg 'Final user setup …' +adduser --quiet "${USERNAME}" plugdev # so user may use pmount +echo "${USERNAME}:${USER_PW}" | chpasswd + +put_finished_marker 'setup_desktop' +prefixed_msg_exit diff --git a/trixie/scripts/setup_secrets.sh b/trixie/scripts/setup_secrets.sh new file mode 100755 index 0000000..f50ed96 --- /dev/null +++ b/trixie/scripts/setup_secrets.sh @@ -0,0 +1,25 @@ +#!/bin/sh +set -e +cd $(dirname "$0") +. lib/abort_if_not_user +. lib/check_finished_marker +. lib/constants_repopaths # PATH_CONF, PATH_SCRIPTS +. lib/constants_user # USERNAME +. lib/path_tmp_timestamped +. lib/prefixed_msg + +prefixed_msg_init + +check_finished_marker 'setup_desktop' +abort_if_not_user root +PATH_REL_SETUP_SECRETS_USER="$(basename ${PATH_CONF})/$(basename ${PATH_SCRIPTS})/_setup_secrets_user.sh" +PATH_REPO="$(dirname ${PATH_CONF})" +PATH_TMP_REPO="$(path_tmp_timestamped configrepo)" + +prefixed_msg "Setting up config repo copy for user at ${PATH_TMP_REPO} …" +cp -a "${PATH_REPO}" "${PATH_TMP_REPO}" +chown -R "${USERNAME}:${USERNAME}" "${PATH_TMP_REPO}" +su -l "${USERNAME}" -c "/bin/sh ${PATH_TMP_REPO}/${PATH_REL_SETUP_SECRETS_USER} $1" +rm -rf "${PATH_TMP_REPO}" + +prefixed_msg_exit -- 2.30.2