#!/bin/sh
set -e
. ./misc.sh
+. ./../misc.sh
expect_n_args 2 "(hostname, FQDN)" "$@"
hostname="$1"
# CAUTION: This removes original files at the affected paths.
set -e
. ./misc.sh
+. ./../misc.sh
expect_n_args 3 "(source root, target root, modules)" "$@"
--- /dev/null
+#!/bin/sh
+# This script turns a fresh server with password-based root access into
+# one of only key-based access and only to new non-root account plom.
+#
+# CAUTION: This is optimized for a *fresh* setup. It will overwrite any
+# pre-existing ~/.ssh/authorized_keys of user plom with one that solely
+# contains the local ~/.ssh/id_rsa.pub, and also any old
+# /etc/ssh/sshd_config.
+#
+# Dependencies: ssh, scp, sshpass, ~/.ssh/id_rsa.pub, properly
+# configured sshd_config file in reach.
+set -e
+. ./misc.sh
+. ../../misc.sh
+
+expect_n_args 1 "(server)" "$@"
+server="$1"
+linkable_files_dir="${config_tree_prefix}/etc_files/server"
+system_path_sshd_config='/etc/ssh/sshd_config'
+# has "PermitRootLogin no" and "PasswordAuthentication no".
+local_path_sshd_config="${linkable_files_dir}${system_path_sshd_config}"
+
+# This will be used to log-in as root from plom account.
+echo 'First, enter the old root password; then enter new password twice.'
+ssh root@"${server}" "passwd"
+
+# Save root password for sshpass
+stty -echo
+printf "Re-enter new server root password: "
+read PW_ROOT
+stty echo
+printf "\n"
+export SSHPASS="${PW_ROOT}"
+
+# Create user plom, and his ~/.ssh/authorized_keys based on the local
+# ~/.ssh/id_rsa.pub; ensure the result has proper permissions and
+# ownerships. Then disable root and pw login by copying over the
+# sshd_config and restart ssh daemon.
+#
+# This could be a line or two shorter by using ssh-copy-id, but that
+# would require setting a password for user plom otherwise not needed.
+sshpass -e scp ~/.ssh/id_rsa.pub root@"${server}":/tmp/authorized_keys
+sshpass -e ssh root@"${server}" \
+ 'useradd -m plom && '\
+ 'mkdir /home/plom/.ssh && '\
+ 'chown plom:plom /home/plom/.ssh && '\
+ 'chown plom:plom /tmp/authorized_keys && '\
+ 'chmod u=rw,go= /tmp/authorized_keys && '\
+ 'mv /tmp/authorized_keys /home/plom/.ssh/'
+sshpass -e scp "${local_path_sshd_config}" root@"${server}":"${system_path_sshd_config}"
+sshpass -e ssh root@"${server}" 'service ssh restart'
#!/bin/sh
-# This script assumes a server with key-based root access into one of
-# key-based access only to a new non-root account plom.
#
# CAUTION: This is optimized for a *fresh* setup. It will overwrite any
# old /etc/ssh/sshd_config.
# Dependencies: ssh, scp, properly configured sshd_config file in reach.
set -e
. ./misc.sh
+. ../../misc.sh
-# Location of an sshd_config with "PermitRootLogin no" and
-# "PasswordAuthentication no".
+expect_n_args 1 "(server)" "$@"
+server="$1"
linkable_files_dir="${config_tree_prefix}/etc_files/server"
system_path_sshd_config='/etc/ssh/sshd_config'
+# has "PermitRootLogin no" and "PasswordAuthentication no".
local_path_sshd_config="${linkable_files_dir}${system_path_sshd_config}"
-expect_n_args 1 "(server)" "$@"
-server="$1"
-
# If we already knew that host …
ssh-keygen -f "/home/plom/.ssh/known_hosts" -R "${server}"
#!/bin/sh
set -e
. ./misc.sh
+. ./../misc.sh
expect_n_args 1 "(old server IP)" "$@"
old_server="$1"
# Mirror directory tree from remote to local server, keeping the path.
set -e
. ./misc.sh
+. ./../misc.sh
expect_n_args 2 "(server, directory)" "$@"
server=$1
setup_scripts_dir="${config_tree_prefix}/setup_scripts"
aptmark_dir="${config_tree_prefix}/apt-mark"
-expect_n_args() {
- min_args="$1"
- explainer="$2"
- shift 2
- if [ "$#" -lt "${min_args}" ]; then
- echo "Need at least ${1} arguments … ${explainer}"
- false
- fi
-}
-
expect_setup_finished_file() {
filename="$1"
setup_script="$2"
# Do some of the steps necessary to SSH (key-based) with another server.
set -e
. ./misc.sh
+. ./../misc.sh
expect_n_args 1 "(server IP)" "$@"
target="$1"
# Ignores IPv6s.
set -e
. ./misc.sh
+. ./../misc.sh
expect_n_args 1 "(hostname, fqdn)" "$@"
#!/bin/sh
set -e
. ./misc.sh
+. ./../misc.sh
expect_n_args 1 "(system name)" "$@"
get_system_name_arg "$1"
#!/bin/sh
set -e
. ./misc.sh
+. ./../misc.sh
expect_n_args 1 "(system name)" "$@"
get_system_name_arg "$1"
--- /dev/null
+#!/bin/sh
+set -e
+. ./misc.sh
+
+# Set up NVIDIA eGPU config.
+cd
+# git clone https://github.com/NVIDIA/open-gpu-kernel-modules
+# cd open-gpu-kernel-modules
+# git checkout 337e28e
+# # git checkout 4c29105335610933e744f4ab2524ea63fc39edaf
+# make modules -j$(nproc)
+# make modules_install
+# cd
+driver_version=535.86.05
+# driver_version=545.29.06
+runscript=NVIDIA-Linux-x86_64-${driver_version}.run
+# wget https://us.download.nvidia.com/XFree86/Linux-x86_64/${driver_version}/${runscript}
+set +e
+rmmod nouveau
+set -e
+chmod u+x ${runscript}
+./${runscript} --no-kernel-modules --silent
+depmod
+# TODO I suspect that the GPU falling of the bus may be mildened by running nvidia-persistenced, check https://github.com/NVIDIA/nvidia-persistenced/tree/main/init
# the outside via ./init_user_login.sh.
set -e
. ./misc.sh
+. ./../misc.sh
expect_n_args 2 "(hostname, FQDN)" "$@"
hostname="$1"
#!/bin/sh
set -e
. ./misc.sh
+. ../../misc.sh
expect_setup_finished_file setup_web_has_been_run setup_web.sh
#!/bin/sh
set -e
. ./misc.sh
+. ./../misc.sh
expect_setup_finished_file setup_server_has_been_run setup_server.sh
--- /dev/null
+#!/bin/sh
+apt update
+apt -y upgrade
+apt -y full-upgrade
+path_sources_list="/etc/apt/sources.list"
+cp "${config_tree_prefix}/etc_files/all${path_sources_list}" "${path_sources_list}"
+apt clean
+apt update
+apt -y upgrade
+apt --force-yes full-upgrade
+apt -y autoremove
# Dependencies: ssh, scp, sshpass, ~/.ssh/id_rsa.pub, properly
# configured sshd_config file in reach.
set -e
+. ./misc.sh
+. ../../misc.sh
-# Location of an sshd_config with "PermitRootLogin no" and
-# "PasswordAuthentication no".
-config_tree_prefix="${HOME}/public_repos/config/bullseye"
-linkable_files_dir="${config_tree_prefix}/etc_files/server"
-system_path_sshd_config='/etc/ssh/sshd_config'
-local_path_sshd_config="${linkable_files_dir}${system_path_sshd_config}"
-
-# Ensure we have a server name as argument.
-if [ $# -eq 0 ]; then
- echo "Need server as argument."
- false
-fi
+expect_n_args 1 "(server)" "$@"
server="$1"
+# If we already knew that host …
+ssh-keygen -f "/home/plom/.ssh/known_hosts" -R "${server}"
+
# This will be used to log-in as root from plom account.
echo 'First, enter the old root password; then enter new password twice.'
ssh root@"${server}" "passwd"
#!/bin/sh
-# This script assumes a server with key-based root access into one of
-# key-based access only to a new non-root account plom.
#
# CAUTION: This is optimized for a *fresh* setup. It will overwrite any
# old /etc/ssh/sshd_config.
#
# Dependencies: ssh, scp, properly configured sshd_config file in reach.
set -e
+. ./misc.sh
+. ../../misc.sh
-# Location of an sshd_config with "PermitRootLogin no" and
-# "PasswordAuthentication no".
-config_tree_prefix="${HOME}/public_repos/config/bullseye"
-linkable_files_dir="${config_tree_prefix}/etc_files/server"
-system_path_sshd_config='/etc/ssh/sshd_config'
-local_path_sshd_config="${linkable_files_dir}${system_path_sshd_config}"
-
-# Ensure we have a server name as argument.
-if [ $# -eq 0 ]; then
- echo "Need server as argument."
- false
-fi
+expect_n_args 1 "(server)" "$@"
server="$1"
+# If we already knew that host …
+ssh-keygen -f "/home/plom/.ssh/known_hosts" -R "${server}"
+
# So we're only asked once …
eval $(ssh-agent)
ssh-add
--- /dev/null
+#!/bin/sh
+
+linkable_files_dir="${config_tree_prefix}/etc_files/server"
+system_path_sshd_config='/etc/ssh/sshd_config'
+local_path_sshd_config="${linkable_files_dir}${system_path_sshd_config}"
+
+expect_n_args() {
+ min_args="$1"
+ explainer="$2"
+ shift 2
+ if [ "$#" -lt "${min_args}" ]; then
+ echo "Need at least ${min_args} arguments … ${explainer}"
+ false
+ fi
+}
+
projects / config / commitdiff