# CAUTION: This removes original files at the affected paths.
set -e
. ./misc.sh
-. ./../misc.sh
+. ../../misc.sh
expect_n_args 3 "(source root, target root, modules)" "$@"
#!/bin/sh
set -e
. ./misc.sh
-. ./../misc.sh
+. ../../misc.sh
expect_n_args 1 "(old server IP)" "$@"
old_server="$1"
# Mirror directory tree from remote to local server, keeping the path.
set -e
. ./misc.sh
-. ./../misc.sh
+. ../../misc.sh
expect_n_args 2 "(server, directory)" "$@"
server=$1
# Do some of the steps necessary to SSH (key-based) with another server.
set -e
. ./misc.sh
-. ./../misc.sh
+. ../../misc.sh
expect_n_args 1 "(server IP)" "$@"
target="$1"
# Ignores IPv6s.
set -e
. ./misc.sh
-. ./../misc.sh
+. ../../misc.sh
expect_n_args 1 "(hostname, fqdn)" "$@"
#!/bin/sh
set -e
. ./misc.sh
-. ./../misc.sh
+. ../../misc.sh
expect_n_args 1 "(system name)" "$@"
get_system_name_arg "$1"
#!/bin/sh
set -e
. ./misc.sh
-. ./../misc.sh
+. ../../misc.sh
expect_n_args 1 "(system name)" "$@"
get_system_name_arg "$1"
# the outside via ./init_user_login.sh or ./init_user_and_keybased_login.sh
set -e
. ./misc.sh
-. ./../misc.sh
+. ../../misc.sh
expect_n_args 2 "(hostname, FQDN)" "$@"
hostname="$1"
#!/bin/sh
set -e
. ./misc.sh
-. ./../misc.sh
+. ../../misc.sh
expect_setup_finished_file setup_server_has_been_run setup_server.sh
#!/bin/sh
-# as per https://wiki.debian.org/DebianUpgrade
+# Upgrade a fresh (!) system to Bookworm, as per [1]. Fresh, because: Don't
+# expect any customized config files to survive this. If you run this on a
+# remote machine, take care not to loose anything you need to re-connect, e.g.
+# any relevant adaptations you did to /etc/ssh/sshd_config …
+
set -e
. ./misc.sh
apt update
-apt -y -o Dpkg::Options::="--force-confnew" upgrade
-apt -y full-upgrade
+apt -y upgrade
+apt -y -o Dpkg::Options::="--force-confnew" full-upgrade
path_sources_list="/etc/apt/sources.list"
cp "${config_tree_prefix}/etc_files/all${path_sources_list}" "${path_sources_list}"
apt clean
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin yes
+# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
-ClientAliveInterval 120
+ClientAliveInterval 15
# This will be used to log-in as root from plom account.
echo 'First, enter the old root password; then enter new password three times.'
-ssh root@"${server}" "passwd"
+#ssh root@"${server}" "passwd"
+ssh root@"${server}" "ls"
# Save root password for sshpass
stty -echo
# would require setting a password for user plom otherwise not needed.
sshpass -e scp ~/.ssh/id_rsa.pub root@"${server}":/tmp/authorized_keys
sshpass -e ssh root@"${server}" \
- 'useradd -m plom && '\
'mkdir /home/plom/.ssh && '\
'chown plom:plom /home/plom/.ssh && '\
'chown plom:plom /tmp/authorized_keys && '\