plomlompom.com Git - config/blob - bullseye/setup_scripts/setup_home.sh

   1 #!/bin/sh
   2 set -e
   3
   4 if [ "$#" -ne 1 ]; then
   5     echo 'Need exactly one argument (system name).'
   6     false
   7 fi
   8 if [ ! "$1" = "x220" ] && [ ! "$1" = "w530" ]; then
   9     echo "Need legal system name."
  10     false
  11 fi
  12 system_name="$1"
  13
  14 public_repos_dir="${HOME}/public_repos"
  15 config_tree_prefix="${public_repos_dir}/config/bullseye"
  16 path_borgscript="${config_tree_prefix}//borg.sh"
  17 setup_scripts_dir="${config_tree_prefix}/setup_scripts"
  18 repos_list_file="${public_repos_dir}/repos"
  19 dir_secrets="${HOME}/tmp_secrets"
  20 borgkeys_dir=~/.config/borg/keys
  21 borgrepos_file=~/.borgrepos
  22 ssh_dir=~/.ssh
  23 authinfo_file=.authinfo
  24 maildir=~/mail/maildir
  25
  26 ensure_repo() {
  27     repo_name="${1}"
  28     if [ ! -d "${public_repos_dir}/${repo_name}" ]; then
  29         cd "${public_repos_dir}"
  30         git clone plom@plomlompom.com:/var/repos/${repo_name}
  31     fi
  32 }
  33
  34 # Set up iniitial non-public parts of infrastructure: SSH authentication.
  35 cd "${dir_secrets}"
  36 mkdir -p "${ssh_dir}"
  37 echo "Setting up .ssh"
  38 cp id_rsa ~/.ssh
  39 stty -echo
  40 ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
  41 stty echo
  42 eval $(ssh-agent)
  43 ssh-add
  44 ssh-keyscan -H "plomlompom.com" >> ~/.ssh/known_hosts
  45
  46 # Clone config to copy dotfiles etc. from it.
  47 cd
  48 mkdir -p "${public_repos_dir}"
  49 ensure_repo config
  50 cd "${setup_scripts_dir}"
  51 ./copy_dirtree.sh "${config_tree_prefix}/home_files" "${HOME}" minimal user "${system_name}"
  52
  53 # # Set up native messenger for tridactyl.
  54 # version='ef9f02d0da258f68d7faf8898707f6d83d90d07a'
  55 # curl -fsSl "https://raw.githubusercontent.com/tridactyl/tridactyl/${version}/native/install.sh" | bash
  56
  57 # Set up further non-public parts of infrastructure.
  58 cd "${dir_secrets}"
  59 script -c 'gpg --import secret_keys.asc' /dev/null
  60 tar xf borg_keyfiles.tar
  61 mkdir -p "${borgkeys_dir}"
  62 mv borg_keyfiles/* "${borgkeys_dir}"
  63 # .authinfo may not be present on every secrets drive yet
  64 if [ -f "${authinfo_file}" ]; then
  65     cp "${authinfo_file}" ~
  66 fi
  67 cd
  68 rm -rf "${dir_secrets}"
  69
  70 # Sync org dir via borgbackup. For this we need the borgbackup servers
  71 # in our .ssh/known_hosts file.
  72 cat "${borgrepos_file}" | while read line; do
  73     first_char=$(echo "${line}" | cut -c1)
  74     if [ "${first_char}" = "#" ]; then
  75         continue
  76     fi
  77     server=$(echo "${line}" | sed 's/.*@//')
  78     ssh-keyscan "${server}" >> "${ssh_dir}"/known_hosts
  79 done
  80 BORG_PASSPHRASE="${SECRETS_PASS}" "${path_borgscript}" orgpull
  81
  82 # Fill ~/public_repos.
  83 cat "${repos_list_file}" | while read line; do
  84     first_char=$(echo "${line}" | cut -c1)
  85     if [ "${first_char}" = "#" ]; then
  86         continue
  87     fi
  88     ensure_repo "${line}"
  89 done
  90
  91 # Set up e-mail system. Note that we only do mbsync if the imap pass file
  92 # is found. It may not be present on every secrets drive yet, so we have to
  93 # deal with the possibility of it being absent at this point.
  94 mkdir -p "${maildir}"  # expected by mbsync/isync
  95 if [ -f "${HOME}/${authinfo_file}" ]; then
  96     mbsync -a
  97     notmuch new
  98 fi
  99
 100 # # Final note on how to integrate tridactyl.
 101 # echo "TODO: As tridactyl user, don't forget to do :source on the first Firefox run, wait a little while (Tridactyl needs to walk through all commands in the .tridactylrc) and then re-start."