diff --git a/README.md b/README.md index 80a7cd5..e0cb61e 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ # init.sh -**init.sh** is an automated configurator for system administrators. It's fully -written using Bash scripting and aims to be platform independent. Nevertheless, -its requirements turn it naturally to Linux systems. It has long been tested -using Debian GNU/Linux, Devuan and different flavors of Ubuntu. +**init.sh** is an automated configuratinon software for system administrators. +It's fully written using Bash scripting and aims to be platform independent. +Nevertheless, its requirements turn it naturally to Linux systems. It has long +been tested using Debian GNU/Linux, Devuan and different flavors of Ubuntu. ## Table of content - [init.sh](#initsh) @@ -33,26 +33,27 @@ Short answer: why not? Long answer: Even if I value tools like Puppet or Ansible, I always thought that such great and complex systems are very nice for big infrastructures. But, on a -much smaller scale like small business, or if you need something fast to deploy -and easy to adapt to your needs, such great tools are somehow overkill. +much smaller scale like small business, or if you require something fast to +deploy and easy to adapt to your needs, such great tools are somehow +overkilling. -I wanted something simple and as universal as possible to manage many different -unique servers in my small local foundations. I started with a lot of long -hardcoded monolitic scripts where I had to rewritte many things on every new +I wanted something simple and as universal as possible to manage many unique +servers in my small local foundations. I started with a lot of long hard-coded +monolithic scripts where I had to rewrite many things on every new infrastructures I wanted to manage. As it was a fastidious job, I started to rewritte and redesign everything with a common architecture and code, modular -and easily adaptative. As I don't know any tools in that market scale, I decided -to publish and share that work, in the hope it can be usefull. +and easily adaptive. As I don't know any tools in that market scale, I decided +to publish and share that work, in the hope it can be useful. ## 3. Design **init.sh** relies on three different elements to work: -- the ```init.sh``` script and libraries, which provide a simple framework to do +- The ```init.sh``` script and libraries, which provide a simple framework to do simple tasks and embed system dependent tools to provide system independent function calls. -- modules that actually do the job, as possible on a system independent way -through the use of the framework and consisting of very small and simple tasks. -- multilevel configuration files, being simply Bash variables declaration. +- Modules that actually do the job, as possible on a system independent way +through the use of the framework, and consisting of very small and simple tasks. +- Multilevel configuration files, being simply Bash variables declaration. Additionally, some module might be run regularly, so it could be integrated in a cron-like service using the provided cron mode with the benefits of ```init.sh``` @@ -75,7 +76,7 @@ separated module name. If that option is provided, the module list is mandatory. - **-c, --check-only**: Do not launch any actions, only the checks are launched. In that situation, no change should be done to the system. - **-j, --jump**: Jump the checks and goes directly to system transformation. -That option should only be run after successful checks (e.g. after using the +That option should only be run after successful checks (e.g., after using the \--check-only option). - **-k, --keep-going**: The scripts will try to continue even if errors occurs. Thus, some unrecoverable errors might stop the script anyway if it's not @@ -85,14 +86,14 @@ results. that failed. - **-R, --no-root-check**: Disable checks on root rights (or the 0 UID). - **-D, --no-deps**: Disable module dependencies checks. -- **-P, --no-proxy**: Do not hot apply proxy setting to the running system even +- **-P, --no-proxy**: Do not hot apply proxy setting to the running system, even if system proxy is set in configuration files. - **-h, --help**: Display information on command line usage. - **-s, --shell**: Launch a shell with entire script's environment for debugging purpose. No action or modification is made to the system unless you launch commands manually doing some. -- **--chroot \**: Allows you to apply init.sh test or modification on a non -running system, mounted in the given path. +- **--chroot \**: Allows you to apply init.sh test or modification on a +non-running system, mounted in the given path. - **--cron**: execute init.sh in cron mode. Check [cron subsystem documentation](./doc/cron.md) for more details. @@ -103,7 +104,7 @@ be customized using the ```LOGFILE``` environment variable. list and their version. The options cannot be concatenated like most of Unix binaries allows. For -example you cannot write ```-rR```, you have to write ```-r -R```. +example, you cannot write ```-rR```, you have to write ```-r -R```. ### 3.2. Loading order and process @@ -111,40 +112,38 @@ The first thing the script do is loading its libraries contained in the "*lib*" directory. Any file situated in that directory ending with the .sh extension will be loaded in alphabetical order. For that reason, error management functions are placed in a file called aaa_error.sh, so it can be loaded first -and catch errors that could occur while loading other library files. In the -opposite the zzz_main_fct.sh file have to be loaded last, because it's widely -using previously declared libraries. +and catch errors that could occur while loading other library files. -After that, a basic command line parameter treatment is done. That allows the -use of ```--version``` and ```--help``` options in user space. Those options -display information and don't require any superuser rights and exit at that +After that, a basic command line parameter treatment will be done. That allows +the use of ```--version``` and ```--help``` options in user space. Those options +display information and don't require any superuser rights, and exit at that point of execution. Everything after that will require administrator rights and the script will exit with error at that point if not superuser, unless the -```--no-root-check``` option have been given. +```--no-root-check``` option was given. Next will be the log file creation and the loading of configuration files. -Configuration files exists in two distinct categories. First system dependant +Configuration files exist in two distinct categories. First system dependent configuration will be loaded automatically depending on your platform, then -your own configuration. At this point a deeper analysis of command line option +your own configuration. At this point, a deeper analysis of command line option will be done, triggering errors in case of inconsistency or incompatible options. -After that all the configured modules with the ```$MODULE_LIST``` variable are -loaded to be availble for execution. Note that even function that might not be -used will be loaded. At this point everything that will be necessary for checks -and modification will be available in the scripts execution environment. If the -```--shell``` command line option is given, the subshell is loaded just after +After that, all the configured modules with the ```$MODULE_LIST``` variable are +loaded to be available for execution. Note that even function that might not be +used will be loaded. At this point, everything that will be necessary for checks +and modification will be available in the scripts' execution environment. If the +```--shell``` command line option was given, the sub-shell is loaded just after this point. Finally, checking processes are launched in their declaration order (cf. -configuration file). A module depency check is made prior to the module specific -checks unless the ```--no-deps``` option is given or if a manual module list -have been transmited. If no error occurs and after a confirmation prompt, final +configuration file). A module dependency check is made prior to the module specific +checks unless the ```--no-deps``` option was given or if a manual module list +was transmitted. If no error occurs and after a confirmation prompt, final treatment processes, those that actually makes changes, are launched. Without the ```--keep-going``` option, any error will immediately stop execution. Some errors that could make the script impossible to execute will stop -execution, even if the ```--keep-going``` option is provided. +execution, even if the ```--keep-going``` option was provided. ### 3.3. Configuration files #### 3.3.1. Main configuration file @@ -162,21 +161,21 @@ your use case. After a module version upgrade, you should check again headers as variable name or structure might change. A variable can also be deleted, new variables could -appears, and so on. +appear, and so on. It is heavily recommended to use includes technique to shorten your configuration file and make a file for your organization and another one for the Linux distribution you use. Remember that the declaration order matters, -so you can declare something on your organization configuration file and +so you can declare something in your organization configuration file and supersede it in your host configuration file. The only limit will be Bash capabilities in terms of variable manipulation. #### 3.3.2. Automatically loaded configuration files -Those file are basically the system dependent part that assure compatibility +Those files are basically the system dependent part that assure compatibility with different Linux distributions. Some of those files are shipped with -init.sh but you can add what you want to improve possibilities or to add support -for a new distribution. init.sh understand the following possibilities in terms -of OS detection: +init.sh, but you can add what you want to improve possibilities or to add +support for a new distribution. init.sh understand the following possibilities +in terms of OS detection: | Name | Variable | Description | |:------------|:---------------|:----------------------------------------------| @@ -185,14 +184,14 @@ of OS detection: | **version** | ```SYS_VER``` | Version of the distribution. If you run a rolling release and no version is provided by your */etc/os-release* file, the main version of the Linux kernel will be used (e.g. 5.4 for any version of 5.4.x kernel branch). | | **codename**| ```SYS_CODE``` | If your distribution provide a version codename, it will be set with it, elsewhere it will remain unset. | -The configuration files are loaded if exists in the following order: +The configuration files loads if exists in the following order: 1. arch.conf.sh 2. distro.conf.sh 3. distro-arch.conf.sh 4. distro-version.conf.sh - 5. distro-codename.conf.sh (only if ```$SYS_CODE``` is defined) + 5. distro-codename.conf.sh (only if ```$SYS_CODE``` defined) 6. distro-version-arch.conf.sh - 7. distro-codename-arch.conf.sh (only if ```$SYS_CODE``` is defined) + 7. distro-codename-arch.conf.sh (only if ```$SYS_CODE``` defined) The loading of those files, if one exists, cannot be avoided. They all must be located in the ```conf/auto``` directory of the init.sh tree. @@ -203,10 +202,10 @@ Because of internal mechanics, the dash character is forbidden in module names. Thus, Bash language also forbid that character in variable name. Another limit is, even if digits are allowed in module names and variable, they -can't be used as a leading character or worse the full name being only made of -digits. You can use as many digits you want in names, but with at least a -leading alphabetical (or underscore) character, whatever the case of that -character will be. +can't be used as a leading character or worse the full name only made of digits. +You can use as many digits you want in names, but with at least a leading +alphabetical (or underscore) character, whatever the case of that character will +be. You can use upper case and lower case as you wish, with underscore character, even as leading character. Any other special character than alphanumerical or @@ -236,30 +235,30 @@ sed -e "s/@template@/module_name/g" -e "/^# .*/d" -e "s/^##/# /" template > \ Versioning modules is up to you, but the recommended behavior follows some standard rules, not artificially increasing version numbers in a stupid fight of -who will have the biggest like Google or Firefox. Considering a numbering as +who will have the biggest, like Google or Firefox. Considering a numbering as x.y.z: -- x might be incremented in case of major change, rewriting or different -approach on the way to have the job done, the used variable could massively -change and jeoppardy compatibility; -- y might be incremented in case of simple functionality addition or basic +- x might increment in case of major change, rewriting or different approach on +the way to have the job done, the used variable could massively change and +jeopardy compatibility; +- y might increment in case of simple functionality addition or basic improvements, existing variable might not change, but new ones could appear; -- z might be incremented only when correcting problems and/or bugs (+n fix ⇒ +n -to increment), variable should not change unless this is the only way to fix a +- z might increment only when correcting problems and/or bugs (+n fix ⇒ +n to +increment), variable should not change unless this is the only way to fix a problem. -Unless only configuration files have been changed, any change in the code -implies an increment of a version number in the code **and** a git commit. +Unless only configuration files has changed, any change in the code implies an +increment of a version number in the code **and** a "git" commit. ```shell # ------------------------------------------------------------------------------ # Description @template@ module # Copyright (c) Year Your Name # ------------------------------------------------------------------------------ -# +# # ------------------------------------------------------------------------------ # Variable list: -# * : role explaination +# * : role explanation # ------------------------------------------------------------------------------ # Module version @@ -280,13 +279,13 @@ precheck_@template@() : # Code } -# Optionnaly, cron mode code +# Optionnally, cron mode code cron_@template@() { : # Code } -# Any public fonction have to be exported +# Any public function have to be exported export -f @template@ export -f precheck_@template@ @@ -294,17 +293,17 @@ export -f precheck_@template@ export -f cron_@template@ ``` -Unexported template function will work but won't be available in the integrated -debugging shell (see ```--shell``` option), so it's not encouraged. +Unexported template function will not work as any module execute in a sub-shell +in order to protect ```init.sh``` script environment. -The optionnal ```cron_@template@``` function allows you to define code that will +The optional ```cron_@template@``` function allows you to define code that will be executed in cron mode. Check [cron documentation](./doc/cron.md) for more details. ## 4. Error code table -The following table is giving a list of error code with explanation: +The following table is giving a list of error codes with explanation: | Code | Meaning | |:----------|:------------------------------------------------------------| @@ -344,55 +343,56 @@ how to solve problems. ## 5. Contact and more information ### 5.1. New users -As this project is very new and as I have no idea of who will use it, if you do -so, I'll be very happy if you simply mail me to let me know, especially if you -don't plan to contribute. +This project is very new in terms of publication, and I have no idea of who will +use it, if any does. If you use (or plan to use) ```init.sh```, I'll be very +happy if you simply mail me to let me know, especially if you don't plan to +contribute. If you plan to contribute, I'll be twice happier for sure! ### 5.2. Bugs **init.sh** have no bug tracker yet. For now, if you find a bug, please submit a -bug report to the maintenor mentionned at the end of that document. A bug report +bug report to the maintainer mentioned at the end of that document. A bug report may contain the command line parameters where the bug happens, OS details, -the module that trigger it if any, and the log file containing the error. +the module that trigger it, if any, and the log file containing the error. -Please check the to do list before sending any report as the problem might +Please check the to-do list before sending any report, as the problem might already be known. ### 5.3. How to contribute? You are free to improve and contribute as you wish. If you have no idea what to -do or want some direction, you can check the [to do list](./doc/todo.md), +do or want some direction, you can check the [to-do list](./doc/todo.md), containing desired future improvements. Make sure you always have the latest development version before starting your work. -It's heavily recommended to use git to obtain latest copy of init.sh tree. Make -sure your git is configured for contribution. Please contact me to obtain push -authorisations, or, if you want to submit a patch, you can send it by mail to -the maintainor of init.sh. +It's heavily recommended to use git to obtain the latest copy of init.sh tree. +Make sure your git configuration is correct in order to contribute. Please +contact me to obtain push authorizations, or, if you want to submit a patch, you +can send it by mail to the maintainer of init.sh. You can improve anything you want, but keep in mind init.sh have to stay small and simple. If your idea cannot be written using Bash scripting, maybe that -means you're going to far in the improvement. +means you're going too far in the improvement. Code written in Python or Perl might be accepted as long as it's not mobilizing -a lot of dependencies (forget big framework). Anything that need installing -packages not provided in minimal Debian installation will be rejected. Anyway, -core scripts will remain in Bash whatever the evolutions of ```init.sh``` will -be. +a lot of dependencies (forget big framework). Anything that need the +installation of packages not provided in minimal Debian installation will be +rejected in the libraries. For module, the KISS philosophy is the one promoted. +Anyway, core scripts will remain in Bash whatever the evolutions of +```init.sh``` will be. If you want to make a financial contribution, please contact me by mail. -### 5.4. License, website and maintainor +### 5.4. License, website, and maintainer Everything except configuration files is licensed under BSD-3 license. Please check license file allong this one. Please check [https://www.geoffray-levasseur.org/init](https://www.geoffray-levasseur.org/init). -Please note that this website is still under construction and needs some more -care. +Note that this website is still under construction and needs some more care. You can mail author to fatalerrors \ geoffray-levasseur \ org. ----------------------------------------------------------------------------- -Documentation (c) 2019-2021 Geoffray Levasseur. +Documentation (c) 2019-2022 Geoffray Levasseur. This file is distributed under3-clause BSD license. The complete license agreement can be obtained at: https://opensource.org/licenses/BSD-3-Clause diff --git a/bash.rc b/bash.rc index ed8414f..de2bfa5 100644 --- a/bash.rc +++ b/bash.rc @@ -1,2 +1,5 @@ # Very simple bash RC for interactive script debugging +export HISTSIZE=5000 +export HISTIGNORE="&:[bf]g:exit" + PS1='(init.sh) \u@\h:\w\$ ' diff --git a/conf/apagado.conf.sh b/conf/apagado.conf.sh new file mode 100644 index 0000000..d4f8c1c --- /dev/null +++ b/conf/apagado.conf.sh @@ -0,0 +1,50 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres pour le lan E-3S +. $MYPATH/conf/includes/e3s.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Network +IPV4_IFACES="ens192" + +NET4_MODE_ens192="static" +NET4_IP_ens192="192.168.111.210/24" +NET4_GW_ens192="192.168.111.254" +NET4_NS_ens192="192.168.111.254" +NET4_NS_SEARCH_ens192=$REALM + +IPV6_IFACES="" + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL unbound" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \ + install_pkg install_profile conf_network" diff --git a/conf/croscat.conf.sh b/conf/croscat.conf.sh new file mode 100644 index 0000000..e508fcf --- /dev/null +++ b/conf/croscat.conf.sh @@ -0,0 +1,59 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres geoffray-levasseur.org +. $MYPATH/conf/includes/tetalab.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Users to create, add or remove +REMOVE_USERS=fatal + +# Network +IPV4_IFACES="eth0" + +NET4_MODE_eth0="static" +NET4_IP_eth0="192.168.107.50/24" +NET4_GW_eth0="192.168.107.1" +NET4_NS_eth0="192.168.107.10" +NET4_NS_SEARCH_eth0=$REALM + +IPV6_IFACES="eth0" + +NET6_MODE_eth0="static" +NET6_IP_eth0="2a03:7220:8085:6b01::32/64" +NET6_GW_eth0="2a03:7220:8085:6b01::1" +NET6_NS_eth0="2a03:7220:8085:6b01::a" +NET6_NS_SEARCH_eth0=$REALM + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL nfs-common munin apache2" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \ + install_pkg install_profile patch_snmp conf_network" diff --git a/conf/disk_exemple.conf.sh b/conf/disk_exemple.conf.sh index 876c412..84b5994 100644 --- a/conf/disk_exemple.conf.sh +++ b/conf/disk_exemple.conf.sh @@ -4,41 +4,44 @@ export CONF_DISK="sdc sdd" export DISK_PART_sdc="512M 1G 0" export DISK_TYPE_sdc1="raid" export DISK_TYPE_sdc2="ext4" -export DISK_MP_sdc2="/somewhere/here" +export DISK_MOUNTPOINT_sdc2="/somewhere/here" export DISK_TYPE_sdc3="raid" export DISK_PART_sdd=$DISK_PART_sdc export DISK_TYPE_sdd1=$DISK_TYPE_sdc1 export DISK_TYPE_sdd2=$DISK_TYPE_sdc2 -export DISK_MD_sdd2="/somewhere/else" +export DISK_MOUNTPOINT_sdd2="/somewhere/else" export DISK_TYPE_sdd3=$DISK_TYPE_sdc3 # RAID exemple export CONF_RAID="md0 md1" export RAID_DISKS_md0="sdc0 sdd0" +# equivalent to raid1, could be raid0, raid10, raid5, raid6, maybe more: +export RAID_TYPE_md0="mirror" export RAID_FORMAT_md0="ext4" -export RAID_MP_md0="/raid/is" +export RAID_MOUNTPOINT_md0="/raid/is" export RAID_DISKS_md1="sdc2 sdd2" +export RAID_TYPE_md1="mirror" export RAID_FORMAT_md1="xfs" export RAID_MP_md1="/raid/other" # ZFS exemple export ZPOOL_LIST="calcul local" -export ZPOOL_OPTIONS_calcul="mirror" -export ZPOOL_MP_calcul="/local" -export ZPOOL_DRV_calcul="sdc sdd" +export ZPOOL_TYPE_calcul="mirror" +export ZPOOL_MOUNTPOINT_calcul="/local" +export ZPOOL_DISKS_calcul="sdc sdd" export ZPOOL_FS_calcul="vm debian data" -export ZPOOL_MP_calcul_vm="/local/vm" # We could avoid that declaration -export ZPOOL_MP_calcul_debian="/usr/local" -export ZPOOL_MP_calcul_data="/data" +export ZPOOL_MOUNTPOUNT_calcul_vm="/local/vm" # We could avoid that declaration +export ZPOOL_MOUNTPOINT_calcul_debian="/usr/local" +export ZPOOL_MOUNTPOINT_calcul_data="/data" export ZPOOL_OPTIONS_local="raidz1" -export ZPOOL_MP_local="/share" -export ZPOOL_DRV_local="sdc sdd sde" +export ZPOOL_MOUNTPOINT_local="/share" +export ZPOOL_DISKS_local="sdc sdd sde" export ZPOOL_FS_local="video music books" -#export ZPOOL_MP_local_video="/share/video" # Uneeded as it's ZFS default behavour -#export ZPOOL_MP_local_music="/share/music" -#export ZPOOL_MP_local_books="/share/books" +#export ZPOOL_MOUNTPOINT_local_video="/share/video" # Uneeded as it's ZFS default behavour +#export ZPOOL_MOUNTPOINT_local_music="/share/music" +#export ZPOOL_MOUNTPOINT_local_books="/share/books" diff --git a/conf/etna.conf.sh b/conf/etna.conf.sh new file mode 100644 index 0000000..442eada --- /dev/null +++ b/conf/etna.conf.sh @@ -0,0 +1,59 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres geoffray-levasseur.org +. $MYPATH/conf/includes/tetalab.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Users to create, add or remove +REMOVE_USERS=fatal + +# Network +IPV4_IFACES="eth0" + +NET4_MODE_eth0="static" +NET4_IP_eth0="10.0.254.10/24" +NET4_GW_eth0="10.0.254.254" +NET4_NS_eth0="10.0.254.250" +NET4_NS_SEARCH_eth0=$REALM + +#IPV6_IFACES="eth0" + +NET6_MODE_eth0="static" +NET6_IP_eth0="2a03:7220:8085:6b01::a/64" +NET6_GW_eth0="2a03:7220:8085:6b01::1" +NET6_NS_eth0="2a03:7220:8085:6b01::a" +NET6_NS_SEARCH_eth0=$REALM + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL iptables fail2ban curl nfs-common" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \ + install_pkg install_profile patch_snmp conf_network" diff --git a/conf/includes/e3s.conf.sh b/conf/includes/e3s.conf.sh new file mode 100644 index 0000000..ec2ddc1 --- /dev/null +++ b/conf/includes/e3s.conf.sh @@ -0,0 +1,22 @@ +# Domaine geoffray-levasseur.org +export REALM="e-3s.lan" + +# Proxy apt-cacher-ng +#export PROXY_APT="balut.$REALM" +#export PROXY_APT_PORT="3142" + +# Available languanges and system language +export LOCALESET="en_US.UTF-8 fr_FR.UTF-8" +export SYSLOCALE="fr_FR.UTF-8" + +# Default Shell, for new users +export DEFAULT_SHELL="/bin/bash" + +# User created by installer, unneeded +export REMOVE_USERS="geoffray" + +# NTP server list +export NTP_SERVERS="cloud.e-3s.lan" + +# SSH +export SSHD_PERMITROOT_RANGE="192.168.111.0/24" diff --git a/conf/includes/gl.conf.sh b/conf/includes/gl.conf.sh index 11c84d5..2a3abdb 100644 --- a/conf/includes/gl.conf.sh +++ b/conf/includes/gl.conf.sh @@ -37,7 +37,7 @@ export MK_URL="https://nagios.geoffray-levasseur.org/check_mk/check_mk/agents/ch export MK_SERVER_IP="192.168.1.201" # Samba -export SMBSRV="silay" +export SMBSRV="silay.$REALM" # Syslog export SYSLOG_SRV="biliran.$REALM" diff --git a/conf/includes/legos.conf.sh b/conf/includes/legos.conf.sh index 0485685..9444007 100644 --- a/conf/includes/legos.conf.sh +++ b/conf/includes/legos.conf.sh @@ -15,8 +15,12 @@ export SYSLOCALE="fr_FR.UTF-8" export DEFAULT_SHELL="/bin/bash" # Configuration du disque de calcul : zfs, ext4 et xfs accepté -export CALCTYPE="zfs" -export CALCMOUNTPOINT="/calcul/$HOSTNAME" +# se conformer à la réécriture en cours +#export CALCTYPE="zfs" +#export CALCMOUNTPOINT="/calcul/$HOSTNAME" + +# SSH +export SSHD_PERMITROOT_RANGE="10.3.0.0/16" # Liste des serveurs NTP export NTP_SERVERS="ntp1.$REALM ntp2.$REALM" diff --git a/conf/includes/tetalab.conf.sh b/conf/includes/tetalab.conf.sh new file mode 100644 index 0000000..0d77352 --- /dev/null +++ b/conf/includes/tetalab.conf.sh @@ -0,0 +1,19 @@ +# Genral use variables +# Domaine Mixart Myrys +export REALM="tetalab.local" + +# Conf_ntp variables +export NTP_SERVERS="ntp1.$REALM" + +# Upgrade_dist variables +#export PROXYAPT="acng.$REALM" +#export PROXYAPTPORT="3142" + +# Authnz variables +export DEFAULT_SHELL="/bin/bash" + +# Conf_locales viriables +export LOCALESET="en_US.UTF-8 fr_FR.UTF-8" +export SYSLOCALE="fr_FR.UTF-8" + +export SSHD_PERMITROOT_RANGE="192.168.107.0/24" diff --git a/conf/ischia.conf.sh b/conf/ischia.conf.sh new file mode 100644 index 0000000..e2dbd85 --- /dev/null +++ b/conf/ischia.conf.sh @@ -0,0 +1,59 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres geoffray-levasseur.org +. $MYPATH/conf/includes/tetalab.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Users to create, add or remove +REMOVE_USERS=fatal + +# Network +IPV4_IFACES="eth0" + +NET4_MODE_eth0="static" +NET4_IP_eth0="192.168.107.25/24" +NET4_GW_eth0="192.168.107.1" +NET4_NS_eth0="192.168.107.10" +NET4_NS_SEARCH_eth0=$REALM + +IPV6_IFACES="eth0" + +NET6_MODE_eth0="static" +NET6_IP_eth0="2a03:7220:8085:6b01::19/64" +NET6_GW_eth0="2a03:7220:8085:6b01::1" +NET6_NS_eth0="2a03:7220:8085:6b01::a" +NET6_NS_SEARCH_eth0=$REALM + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL nfs-kernel-server" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \ + install_pkg install_profile patch_snmp conf_network" diff --git a/conf/kanaga.conf.sh b/conf/kanaga.conf.sh new file mode 100644 index 0000000..b919818 --- /dev/null +++ b/conf/kanaga.conf.sh @@ -0,0 +1,64 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres mixart-myrys.org +. $MYPATH/conf/includes/mam.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Users to create, add or remove +#LOCAL_USERS="$MAINUSER" +#REMOTE_USERS="kroot" +REMOVE_USERS=fatal + +# Network +IPV4_IFACES="eth0 eth1" + +NET4_MODE_eth0="static" +NET4_IP_eth0="10.0.254.50/16" + +NET4_MODE_eth1="static" +NET4_IP_eth1="10.0.254.50/24" +NET4_GW_eth1="10.0.254.254" +NET4_NS_eth1="10.0.254.250 10.0.254.251" +NET4_NS_SEARCH_eth1=$REALM + +IPV6_IFACES="eth1" + +NET6_MODE_eth1="static" +NET6_IP_eth1="2a03:7220:8081:2ff::32/64" +NET6_GW_eth1="2a03:7220:8081:2ff::fd" +NET6_NS_eth1="2a03:7220:8081:2ff::fa 2a03:7220:8081:2ff::fb" +NET6_NS_SEARCH_eth1=$REALM + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL python-virtualenv python-pip" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \ + install_pkg install_profile patch_snmp install_mkagent conf_syslog conf_network" diff --git a/conf/kos.conf.sh b/conf/kos.conf.sh new file mode 100644 index 0000000..61982dd --- /dev/null +++ b/conf/kos.conf.sh @@ -0,0 +1,44 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres geoffray-levasseur.org +. $MYPATH/conf/includes/tetalab.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Users to create, add or remove +REMOVE_USERS=fatal + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL nfs-kernel-server tftp-hpa-server isc-dhcp-server" +PKGS_RMLIST="" +PKGS_BLACKLIST="" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \ + install_pkg install_profile" diff --git a/conf/mariveles.conf.sh b/conf/mariveles.conf.sh index cc75cb0..771fda7 100644 --- a/conf/mariveles.conf.sh +++ b/conf/mariveles.conf.sh @@ -31,21 +31,21 @@ WITH_LDAP_KERB=no REMOVE_USERS=fatal # Network -IPV4_IFACES="eth0 eth1" +IPV4_IFACES="eth0" NET4_MODE_eth0="static" -NET4_IP_eth0="192.168.1./24" +NET4_IP_eth0="192.168.1.241/24" NET4_GW_eth0="192.168.1.230" NET4_NS_eth0="192.168.1.205 192.168.1.206" NET4_NS_SEARCH_eth0=$REALM NET4_MODE_eth1="static" -NET4_IP_eth1="10.0.254./16" +NET4_IP_eth1="10.0.254.241/16" IPV6_IFACES="eth0" NET6_MODE_eth0="static" -NET6_IP_eth0="2a03:7220:8081:b301::/64" +NET6_IP_eth0="2a03:7220:8081:b301::f1/64" NET6_GW_eth0="2a03:7220:8081:b301::e6" NET6_NS_eth0="2a03:7220:8081:b301::cd 2a03:7220:8081:b301::ce" NET6_NS_SEARCH_eth0=$REALM @@ -56,7 +56,7 @@ NET6_NS_SEARCH_eth0=$REALM INTALL_MODE=full # Paquets additionnels -PKGSEL="$PKGSEL iptables fail2ban curl" +PKGSEL="$PKGSEL cups printer-driver-hpcups printer-driver-postscript-hp hplip avahi-daemon printer-driver-gutenprint cups-browsed policykit-1" # ------------------------------------------------------------------------------ # -------------------------- Section modules d'init ---------------------------- diff --git a/conf/milos.conf.sh b/conf/milos.conf.sh new file mode 100644 index 0000000..be3b01c --- /dev/null +++ b/conf/milos.conf.sh @@ -0,0 +1,59 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres geoffray-levasseur.org +. $MYPATH/conf/includes/tetalab.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base_ttl.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Users to create, add or remove +REMOVE_USERS=fatal + +# Network +IPV4_IFACES="eth0" + +NET4_MODE_eth0="static" +NET4_IP_eth0="192.168.107.20/24" +NET4_GW_eth0="192.168.107.1" +NET4_NS_eth0="192.168.107.10" +NET4_NS_SEARCH_eth0=$REALM + +IPV6_IFACES="eth0" + +NET6_MODE_eth0="static" +NET6_IP_eth0="2a03:7220:8085:6b01::14/64" +NET6_GW_eth0="2a03:7220:8085:6b01::1" +NET6_NS_eth0="2a03:7220:8085:6b01::a" +NET6_NS_SEARCH_eth0=$REALM + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL nfs-kernel-server tftp-hpa-server isc-dhcp-server" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \ + install_pkg install_profile patch_snmp conf_network" diff --git a/conf/santorini.conf.sh b/conf/santorini.conf.sh new file mode 100644 index 0000000..be3b01c --- /dev/null +++ b/conf/santorini.conf.sh @@ -0,0 +1,59 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres geoffray-levasseur.org +. $MYPATH/conf/includes/tetalab.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base_ttl.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Users to create, add or remove +REMOVE_USERS=fatal + +# Network +IPV4_IFACES="eth0" + +NET4_MODE_eth0="static" +NET4_IP_eth0="192.168.107.20/24" +NET4_GW_eth0="192.168.107.1" +NET4_NS_eth0="192.168.107.10" +NET4_NS_SEARCH_eth0=$REALM + +IPV6_IFACES="eth0" + +NET6_MODE_eth0="static" +NET6_IP_eth0="2a03:7220:8085:6b01::14/64" +NET6_GW_eth0="2a03:7220:8085:6b01::1" +NET6_NS_eth0="2a03:7220:8085:6b01::a" +NET6_NS_SEARCH_eth0=$REALM + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL nfs-kernel-server tftp-hpa-server isc-dhcp-server" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \ + install_pkg install_profile patch_snmp conf_network" diff --git a/conf/sokol.conf.sh b/conf/sokol.conf.sh new file mode 100644 index 0000000..2424ef1 --- /dev/null +++ b/conf/sokol.conf.sh @@ -0,0 +1,50 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres pour le lan E-3S +. $MYPATH/conf/includes/e3s.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Network +IPV4_IFACES="ens192" + +NET4_MODE_ens192="static" +NET4_IP_ens192="192.168.111.211/24" +NET4_GW_ens192="192.168.111.254" +NET4_NS_ens192="192.168.111.254" +NET4_NS_SEARCH_ens192=$REALM + +IPV6_IFACES="" + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL unbound" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \ + install_pkg install_profile conf_network" diff --git a/conf/stromboli.conf.sh b/conf/stromboli.conf.sh new file mode 100644 index 0000000..acf14fd --- /dev/null +++ b/conf/stromboli.conf.sh @@ -0,0 +1,59 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres geoffray-levasseur.org +. $MYPATH/conf/includes/tetalab.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Users to create, add or remove +REMOVE_USERS=fatal + +# Network +IPV4_IFACES="ens18" + +NET4_MODE_ens18="static" +NET4_IP_ens18="192.168.107.40/24" +NET4_GW_ens18="192.168.107.1" +NET4_NS_ens18="192.168.107.10" +NET4_NS_SEARCH_ens18=$REALM + +IPV6_IFACES="ens18" + +NET6_MODE_ens18="static" +NET6_IP_ens18="2a03:7220:8085:6b01::28/64" +NET6_GW_ens18="2a03:7220:8085:6b01::1" +NET6_NS_ens18="2a03:7220:8085:6b01::a" +NET6_NS_SEARCH_ens18=$REALM + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL munin-node" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \ + install_pkg install_profile patch_snmp conf_network" diff --git a/conf/vesuvius.conf.sh b/conf/vesuvius.conf.sh new file mode 100644 index 0000000..604afad --- /dev/null +++ b/conf/vesuvius.conf.sh @@ -0,0 +1,59 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres geoffray-levasseur.org +. $MYPATH/conf/includes/tetalab.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Users to create, add or remove +REMOVE_USERS=fatal + +# Network +IPV4_IFACES="eth0" + +NET4_MODE_eth0="static" +NET4_IP_eth0="192.168.107.30/24" +NET4_GW_eth0="192.168.107.1" +NET4_NS_eth0="192.168.107.10" +NET4_NS_SEARCH_eth0=$REALM + +IPV6_IFACES="eth0" + +NET6_MODE_eth0="static" +NET6_IP_eth0="2a03:7220:8085:6b01::1e/64" +NET6_GW_eth0="2a03:7220:8085:6b01::1" +NET6_NS_eth0="2a03:7220:8085:6b01::a" +NET6_NS_SEARCH_eth0=$REALM + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL cups hplip printer-driver-gutenprint avahi-daemon" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \ + install_pkg install_profile patch_snmp conf_network" diff --git a/conf/vm-levasseur.conf.sh b/conf/vm-levasseur.conf.sh new file mode 100644 index 0000000..2a697b0 --- /dev/null +++ b/conf/vm-levasseur.conf.sh @@ -0,0 +1,71 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres spécifiques LEGOS +. $MYPATH/conf/includes/legos.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.full.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ----------------------------- Section générale ------------------------------- +# ------------------------------------------------------------------------------ + +# Utilisateur de la machine (doit exister) +MAINUSER=levasseur + +# Pilotes X11 non libre à installer ? +X11_DRV="nvidia-driver-470" + +# Authentification: utiliser LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Utilisateurs à créer ou ajouter +LOCAL_USERS="$MAINUSER" +#REMOTE_USERS="kroot" + +# Indique la déclinaison d'Ubuntu à installer +# * xubuntu : bureau XFCE léger (par défaut) +# * ubuntu : bureau Gnome lourd, très peu configurable +# * kubuntu : bureau KDE lourd, très configurable +# * ubuntu-mate : bureau Mate intermédiaire légèrement configurable +# * lubuntu : bureau LXQT très léger +UBUNTU_FLAVOR= + +# Booléen indiquant une ou plusieurs futures VM +# Les lignes suivantes devraient être commentés si à false +#WITH_VM=yes +#. $MYPATH/conf/includes/legos_vm_win7.conf.sh + +# Nom de la VM +#VM_NAME=vm-levasseur + +# Logiciels optionnels non packagé Debian +# export WITH_MATLAB="true" +# export WITH_IDL="true" +# export WITH_="true" + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# ------------------------------------------------------------------------------ +# ------------------------- Section disque de calcul --------------------------- +# ------------------------------------------------------------------------------ + +# À réécrire avec le nouveau mode de fonctionnement + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="upgrade_dist authnz conf_locale conf_ssh \ + install_desktop install_pkg install_chromium \ + install_profile select_system_proxy" diff --git a/doc/dev.md b/doc/dev.md index 39fb3c2..5bc610b 100644 --- a/doc/dev.md +++ b/doc/dev.md @@ -87,7 +87,9 @@ - [13.1.1. ```get_os_version```](#1311-get_os_version) - [13.1.2. ```set_sys_var ```](#1312-set_sys_var-arch-dist-version-codename) - [13.2. Other functionnalities](#132-other-functionnalities) - - [14. Writing conventions](#14-writing-conventions) + - [14. Global variables](#14-global-variables) + - [15. Writing conventions](#15-writing-conventions) + ## 1. Getting started This is a developer's reference. It's not intended to be a manual, but a reference for all internal functions, so you can easily build your own modules. @@ -95,16 +97,19 @@ This supposes you already read the [README file](../README.md). Creating modules will also require some good knowledge of Bash programming. Writing conventions are the classical ones: - * ``````: writen like this, the parameter is mandatory - * ```[param]```: that parameter is optionnal - * ```[ab|cd]```: optionnal parmeter have to be "ab" or "cd" + * ``````: written like this, the parameter is mandatory + * ```[param]```: that parameter is optional + * ```[ab|cd]```: optional parameter have to be "ab" or "cd" * ```[0..15,20]```: acceptable values start at 0 and goes up to 15 or be 20. +Boolean values have to be set as ```true``` or ```false``` for test to succeed. +Any unset boolean is always interpreted as ```false```. + ## 2. The aaa_error.sh file ### 2.1. Functions #### 2.1.1. ```check_root``` -Check if user is root. If the user is not root, script execution is interrupted -and exit with error. +Check if user is root. If the user is not root, script execution interrupts and +exit with error. This function has no parameter. @@ -154,30 +159,30 @@ through the use of a *kill* command. The script will exit after cleanup. #### 3.1.1. ```chroot_bootstrap``` That function is called if a chroot option have been given. It's in charge of performing the chroot, copying a full working directory structure of init.sh -tree. After that copy, a chroot command is runned launching that new copy of +tree. After that copy, a chroot command is run, launching that new copy of init.sh. If the child init.sh end with error, the stage file is gathered in parent directory tree to allow launching again the chrooted init.sh with the resume option. -At the end the function will clean up removing the second copy of init.sh. +At the end, the function will clean up, removing the second copy of init.sh. ### 3.2. Other functionnalities So far, only one function is provided in this file. ## 4. The diskman.sh file -### 4.1. Global warning -The goal of that unit is to provide disk manipulation function, like -partitionning, blanking or formative. All those functions are potentially very +### 4.1. Warning about that unit +The goal of that unit is to provide disks manipulation function, like +partitioning, blanking or format. All those functions are potentially very destructive. Please use with extra care and do not hesitate to highly protect -your code when using those. By defaults the functions try to be as conservative -as they can, triguering errors on the smallest doubt. +your code when using those. By defaults, the functions try to be as conservative +as they can, triggering errors on the smallest doubt. ### 4.2. Function #### 4.2.1. ```blank_disk [--full]``` Blank a block device using two different method to be sure it's all clear. First -we use the *wipefs* method specialized in reseting all possible flags on the +we use the *wipefs* method, specialized in resetting all possible flags on the drive and it's partitions. It will also blank the partition table. A second pass will fill the first 512 MB with zeroes to also blank MBR and other parts of the drive wipefs would have ignored. @@ -186,61 +191,61 @@ If the parameter ```--full``` is provided as second parameter, the entire disk will be filled with zeroes. Please consider that such operation might take a very long time (can be several hours). -That function only take parameter which must be a bloc device. +That function only take parameter which must be a block device. #### 4.2.2. ```is_blank ``` -That function will try to detect if a drive is blank of not. It will return 0 if +That function will try to detect if a drive is blank or not. It will return 0 if the drive is blank, and return 1 otherwise. If the function return 2, either the -provided parameter is not a block device or that block device do not exists. +provided parameter is not a block device or that block device do not exist. Please consider that special drive configuration could be detected as blank -while it's not. Only one parameter will be accepted, a bloc device. +while it's not. Only one parameter will be accepted, a block device. -The function will give different information depending on the bloc device you +The function will give different information depending on the block device you test: - - on a whole disk drive it while return 0 if the drive is blank, meaning no MBR - and no partition table (either GTP or DOS); - - on a partition it will tell if it's formated or not. Beware that an erased - then recreated partion will continue to have old partition data available and - will be shown as non blank. + - On a whole disk drive, it while return 0 if the drive is blank, meaning no + MBR and no partition table (either GTP or DOS); + - On a partition, it will tell if that partition is formatted or not. Beware + that an erased then recreated partition will continue to have old data + available and will be shown as non-blank. #### 4.2.3. ```mkparts [dos|gpt] [size_part1 [... size_partN]]``` This function create partitions on the disk given as the first parameter. The -second parameter can be gpt or dos, respectively to instruct the creation of a +second parameter can be gpt or dos, respectively, to instruct the creation of a GPT partition table (which is default when not mentioned) or a DOS partition -table, deprecated but suported for compatibility purposes. Then a list of size +table, deprecated but supported for compatibility purposes. Then a list of size can be given to generate more than one partition. In the case of a DOS partition -table, only primary partition are possible, four of it maximum. +table, only primary partition are possible, four of, maximum. Partition size can be : - - simple number: will be interpreted as a precise number of cylinder, this is + - Simple number: will be interpreted as a precise number of cylinders, this is the only method that will be precise; - 100M: will create a 100 MiB partition, more or less to the nearest cylinder; - 100G: will create a 100 GiB partition, more or less to the nearest cylinder; - - 100T: same again 100 TiB, ang you really have a lot of space... + - 100T: same again 100 TiB, and you really have a lot of space... - 0: will be interpreted as all remaining space in the final partition scheme. It must come only once. Be warned that a size (whatever the unit is) can result in slightly different space depending on the drive model and cylinder size. -### 4.3. Other functionnalities +### 4.3. Other functionalities That file don't provide any other things that the previously listed functions. ## 5. The command_line.sh file ### 5.1. Functions #### 5.1.1. ```read_commandline``` -That function consist in a loop that analyse command line one parameter after -the other. Most of command line parameters will result in the positionning of +That function consist in a loop that analyze command line one parameter after +the other. Most of command line parameters will result in the positioning of some global variables. The following table details the variable with their type associated to the corresponding parameter: -| Parameter | Variable | Type | Descrition | +| Parameter | Variable | Type | Description | |:--------------|:-------------------|:--------|:------------------------------| | --help | *none* | *n/a* | Trigger help display directly and exit | | --version | *none* | *n/a* | Trigger version display directly and exit | | --module | MANUAL_MODULE_LIST | string | The following parameter will set a list of module to use | | --check-only | CHECK_ONLY | boolean | Activate check only mode | -| --jump | JUMP | boolean | Activate no checks mode | +| --jump | JUMP | boolean | Activate no check mode | | --keep-going | KEEPGOING | boolean | Activate keep going option | | --resume | RESUME | boolean | Activate resume mode if stage file exists | | --no-root-check | NO_ROOT_CHECK | boolean | Activate option to not check if user is root | @@ -251,22 +256,23 @@ associated to the corresponding parameter: | --chroot | CHROOT_PATH | string | The following parameter will be the path to chroot in | | --cron | CRON_MODE | boolean | Activate cron mode | -The function will do some basinc synthax checks. For exemple if you put an -option just after one supposing a value declaration, an error will be trigered +The function will do some basic syntax checks. For example, if you put an option +just after one supposing a value declaration, an error will be triggered directly. #### 5.1.5. ```process_commandline_and_vars``` -That function have the role to check the concistancy of command line parameters. -It will triger errors if incompatible parameters have been given or if those -parameters might lead to a non predictable situation. +That function has the role to check the concistency of command line parameters. +It will trigger errors if incompatible parameters have been given or if those +parameters might lead to a non-predictable situation. When those checks are done, the definitive module list to load is created. With that list we then checks the modules are available and do not contain the dash character. -That function will also triger an error if the definitive module list is empty. +That function will also trigger an error if the resulting module list appears to +be empty. -### 5.2. Other functionnalities +### 5.2. Other functionalities That file don't provide any other things that the previously listed functions. ## 6. The display.sh file @@ -291,28 +297,29 @@ The second parameter is the message to display. As this function is widely used almost everywhere in the code at runtime, consider it as being a base dependency of all libraries and modules. -Consequently that function can only contain code that cannot trigger errors or -fail as it's also used to display errors. Thus it only contains echoes and some -variables manipulation. +Consequently, that function can only contain code that cannot trigger errors or +fail, as it's also used to display errors. Thus, it only contains echoes and +some variables manipulation. #### 6.1.2. ```separator``` -That function display a seprator made with dash, to fill the length of the -screen minus one character if screen length is 80 character or less. If more -than 80 the lenght of the separator will be 80 plus half of additionnal length. +That function display a separator made with dash, filling the screen length minus +one character if screen length is 80 character or less. If the screen length is +above 80 characters, the length of the separator will be 80 plus half of +additional length. It takes no parameters and return no value. #### 6.1.3. ```dsleep [char]``` That function is an equivalent to *sleep* bash command but will display a -countdown every second until it reaches zero. Optionnally a character (or a +countdown every second until it reaches zero. Optionally, a character (or a string) can be given as a second parameter to replace the countdown by that -character. For exemple, you can use a dot to display a dot every second until +character. For example, you can use a dot to display a dot every second until the wait is over. The function returns nothing useful. #### 6.1.4. ```dump_key_buffer``` -That function dumps keyboard's buffer. It's used to clear eventual key press +That function dumps the keyboard's buffer. It's used to clear eventual key press before any critical keyboard action. That function takes no parameter and returns no useful value. @@ -348,12 +355,12 @@ ending will be filled with background color. ## 7. The filefct.sh file ### 7.1. Common behavior -In our terminology a source file can be of three different origins, selected +In our terminology, a source file can be of three different origins, selected automatically from highest to lowest priority: - **```repo/hosts/$HOSTNAME```**: this allows to provide system specific files. Use only relative path to access it. - **```repo/common```**: this one will provide files suitable for your entire - infrastructure. Yet again provide a relative path to access it. + infrastructure. Yet again, provide a relative path to access it. - **Any path**: You can give fully qualified path names to access resources from other locations. @@ -365,42 +372,43 @@ original file or directory name and timestamp the date and time of the backup as retuned by the ```stdtime``` function. If a file given in parameter don't exists, the function will issue a warning and continue to the next. -If target file or directory is a symbolic link, the link will be resolved -recursively until we backup the final target on its side. +If the target file or directory is a symbolic link, the link will be resolved +recursively until we backup in the backup destination. The function don't take any other parameters than file and/or directory names. #### 7.2.2. ```select_file ``` -Returns the best match in our priority system returning on ```stdout``` the -resulting fully qualified path name as a result. The priorities applies on file -existance. +Returns the best match in our priority system, returning on ```stdout``` the +resulting fully qualified path name as a result. The priorities apply on file +existence. -Many functions manipullating files in ```init.sh``` depends on that function. +Many functions manipulating files in ```init.sh``` depends on that function. #### 7.2.2. ```install_file [source2 [... sourceN]] ``` Install a list of source files to the given destination using our priority system. -Wildcards are not allowed in file names, so an error will occurs if you try to +Wildcards are not allowed in file names, so an error will occur if you try to use any. It's also not yet possible to give an entire directory as a source. The last parameter is always the destination. If the destination path does not -exists, it will be created automatically. +exists, it will be created automatically. The destination must be a fully +qualified file name (and consequently, begin with "/"). #### 7.2.3. ```append_file ``` That function add the content of source file to destination file. The source file can have different origins, following the same path priority as the *install_file* function. -The destination file must exist and be on the root filesystem. Only two +The destination file must exist and be on the root file system. Only two parameters are accepted, the source and destination files. #### 7.2.4. ```is_dir_empty ``` That function take only one parameter, a path name and return 0 if the given -path don't exists or is empty. It will return one if there's at least one file +path doesn't exist or is empty. It will return one if there's at least one file in the given directory. -If the given parametter is a file (or a symlink to a file), it will terminate +If the given parameter is a file (or a symlink to a file), it will terminate with an error. #### 7.2.5. ```patch_file [VAR1 [VAR2 [... VARN]]]``` @@ -411,48 +419,56 @@ exact same name without the trailing @. Variables will be either the given list or, if nothing is given in parameter, in the global system variables, in the context of the *init.sh* execution. -Source file must exists and not be empty. The function returns nothing +The source file must exist and not be empty. The function returns nothing useful. #### 7.2.6. ```tag_file [file2 [... fileN]]``` That function add a tag to the first line of the given files. If one file -allready exists, the added line will be in the form: +already exists, the added line will be in the form: ``` # File automatically modified by init.sh on $(stdtime).``` -If it don't exists it is created with the line: +If it doesn't exist, it is created with the line: ```# File automatically generated by init.sh on $(stdtime).``` -It's not using the file selection system as our source file are not suposed to +```stdtime``` is the timestamps function in the ```utils.sh``` library file. + +It's not using the file selection system, as our source file are not supposed to be modified directly. In consequence, you should always provide fully qualified path names to it. #### 7.2.7. ```file_exists [file2 [... fileN]]``` -That function check files existance within our file selection system. If one +That function check files existence within our file selection system. If one source file is missing it will return 1 and echo the first file name that have -not been found in the list. If all the given files exists, it returns 0. +not been found in the list. If all the given files exists, it returns 0 and +echoes nothing. #### 7.2.8. ```file_must_exists [file2 [... fileN]]``` -That function check files existance within our file selection system. If one -source file is missing it will return an error and stop execution. That function -is logicaly massively used during check phase to verify all source files are in +That function check files existence within our file selection system. If one +source file is missing, it will return an error and stop execution. That function +is logically massively used during check phase to verify all source files are in place. #### 7.2.9. ```directory_exists [directory2 [... directoryN]]``` -That function check directories existance within our file selection system. If -one source directory is missing it will return 1 and echo the first directory +That function check directories' existence within our file selection system. If +one source directory is missing, it will return 1 and echo the first directory name that have not been found in the list. If all the given directories exists, it returns 0. #### 7.2.10. ```directory_must_exists [directory2 [... directoryN]]``` -That function check directories existance within our file selection system. If -one source directory is missing it will return an error and stop execution. That -function is logicaly massively used during check phase to verify all source -directories are in place. +That function check directories' existence within our file selection system. If +one source directory is missing, it will return an error and stop execution. +That function is useful during check phase to verify all source directories are +in place. -### 7.3. Other functionnalities -That file don't provide any other things that the previously listed functions. +### 7.3. Other functionalities +That library initialize a couple of variables possibly useful in modules: + * ```HOST_REPO_PATH```: path where source files specific to the host will be + stored. Default is ```repo/hosts/$HOSTNAME``` under the ```init.sh``` script + directory; + * ```COMM_REPO_PATH```: path where common source files will be stored. Default + is ```repo/common``` under the ```init.sh``` script directory. ## 8. The loaders.sh file ### 8.1. Functions @@ -467,20 +483,20 @@ exist in the following order: 6) ```auto/distro-version-arch.conf.sh``` 7) ```auto/distro-codename-arch.conf.sh``` (if ```SYS_CODE``` defined) -Plaese note that a situation where no such file exists would lead to error. Most -of the time a basic package manager configuration will be required to make it +Please note that a situation where no such file exists would lead to error. Most +of the time, a basic package manager configuration will be required to make it work. #### 8.1.4. ```load_configuration``` That function loads configuration files. It will first check for configuration given as command line parameter. If no such parameter exists, it will try to -load a file named ```conf/${HOSTNAME}.conf.sh```. If that file don't exists, the +load a file named ```conf/${HOSTNAME}.conf.sh```. If that file don't exist, the generic configuration will be loaded in the file ```conf/init.conf.sh```. -If no configuration file can be found the function will trigger an error and +If no configuration file can be found, the function will trigger an error and exit the script. -### 8.2. Other functionnalities +### 8.2. Other functionalities That file don't provide any other things that the previously listed functions. ## 9. The pkgman.sh file @@ -488,96 +504,97 @@ That file don't provide any other things that the previously listed functions. Because it gives system independent function to the system dependent package manager, the entire file depends on ```PKG_MAN``` variable, defining the package manager executable to use. Other variables giving command line parameters to -use for the different function will also be nedeed and detailed for every -function. All those variable are defined in a system dependant configuration -file automatically called on script startup. +use for the different function will also be needed and detailed for every +function. All those variable have to be defined in a system dependent +configuration file automatically called on script startup. ### 9.2. Functions #### 9.2.1. ```pkgupdt``` -That function calls the package manager to update package database. +That function calls the package manager to update the package database. -It depends on the ```COM_UPDATE``` variable wich define the parameters to use to -accomplish that function. +It depends on the ```COM_UPDATE``` variable which define the parameters to use +to accomplish that function. That function takes no parameters and any given parameters will be ignored. #### 9.2.2. ```pkginst [package2 [... packageN]]``` That function installs using the package manager the packages given in -parameters. The list of parameters are all considered as package names. +parameters. The list of parameters will be entirely considered as package names. Before installation, the list of package to be installed by the package -manager will be extracted to allow execution of pre installation scripts -and post installation scripts, even for dependencies (ie: packages not parts of -the given parameters). +manager will be extracted to allow execution of pre-installation scripts +and post-installation scripts, even for dependencies (i.e.: packages not parts +of the given parameters). -Preinstallation scripts have to be named ```preinst_```. Post -installation script will be in the form ```postinst_```. +Pre-installation scripts have to be named ```preinst_```. +Post-installation script will be in the form ```postinst_```. -If the ```INSTALL_MODE``` variable is set to ```dev``` the package manger will +If the ```INSTALL_MODE``` variable is set to ```dev``` the package manager will be called surrounded by eventual pre and post install scripts, one package -after the other. Elsewhere, all pre installation scripts are executed, followed +after the other. Elsewhere, all pre-installation scripts are executed, followed by the package manager with the entire package list as parameter and finally -all the post installation scripts. +all the post-installation scripts. -The function depends on the ```COM_INSTALL``` variable wich define the parameter -to use to accomplish that package manager function. +The function depends on the ```COM_INSTALL``` variable which define the +parameter to use to accomplish that package manager function. #### 9.2.3. ```pkgupgd``` -That function calls the package manager to upgrade system. If pre upgrade -scripts exists, they will be executed if the corresponding package are being -upgraded. After the upgrade, the same behaviour will trigger post upgrade +That function calls the package manager to upgrade the system. If pre-upgrade +scripts exist, they will be executed if the corresponding package are being +upgraded. After the upgrade, the same behavior will trigger post-upgrade scripts. -Pre upgrade scripts have to be named ```preupgd_```. Post -upgrade script will be in the form ```postupgd_```. +Pre-upgrade scripts have to be named ```preupgd_```. Post-upgrade +scripts will be in the form ```postupgd_```. -It depends on the ```COM_UPGRADE``` variable wich define the parameters to use +It depends on the ```COM_UPGRADE``` variable which define the parameters to use to accomplish that function. That function takes no parameters and any given parameters will be ignored. #### 9.2.4. ```pkgrm [package2 [... packageN]]``` That function uninstalls using the package manager the packages given in -parameters. The list of parameters are all considered as package names. +parameters. The list of parameters will be entirely considered as package names. Before removal, the list of package to be uninstalled by the package -manager will be extracted to allow execution of pre removal scripts -and post removal scripts, even for dependencies (ie: packages not parts of +manager will be extracted to allow execution of pre-removal scripts +and post-removal scripts, even for dependencies (i.e.: packages not parts of the given parameters). -If the ```INSTALL_MODE``` variable is set to ```dev``` the package manger will -be called one package after the other (allong with pre and post remove scripts). -Elsewhere all pre removal scripts are executed, followed by the package manager -with the entire package list as parameter and finally all the post removal +If the ```INSTALL_MODE``` variable is set to ```dev``` the package manager will +be called one package after the other (along with pre and post-remove scripts). +Elsewhere, all pre-removal scripts are executed, followed by the package manager +with the entire package list as parameter and finally all the post-removal scripts. -Pre remove scripts have to be named ```prerm_```. Post remove +Pre-remove scripts have to be named ```prerm_```. Post-remove script will be in the form ```postrm_```. -The function depends on the ```COM_REMOVE``` variable wich define the parameter +The function depends on the ```COM_REMOVE``` variable which define the parameter to use to accomplish that function. #### 9.2.5. ```pkgautorm``` -That function calls the package manager to remove no longer needed installed -dependencies. Any package not manually installed is considered as a depndency. +That function calls the package manager to remove no longer needed dependencies +still installed. Any package not manually installed is considered as a +dependency. -Pre removal and post removal scripts will be executed accordingly if any -matching package is to be removed. It's the same as the ones executed by +Pre-removal and post-removal scripts will be executed accordingly if any +matching package is to be removed. It will be the same as the ones executed by ```pkgrm``` function. -It depends on the ```COM_AUTOREM``` variable wich define the parameters to use +It depends on the ```COM_AUTOREM``` variable which define the parameters to use to accomplish that function. That function takes no parameters and any given parameters will be ignored. -### 9.3. Other functionnalities -Other functions are declared to call pre and post actions for the corresponding +### 9.3. Other functionalities +Other functions are declared to call pre- and post-actions for the corresponding package manager events. It doesn't make sense those functions to be called -outside of the integrated package manager mechanisms as their functionnalities +outside the integrated package manager mechanisms as their functionalities depends on variables managed by their respective package manager functions. The following table resume those function sorted with their respective caller: -| Pre/post functions | Caller | Required var | Package triger | Description | +| Pre/post-functions | Caller | Required var | Package trigger | Description | |:-------------------|:--------|:-------------|:---------------|:--------------| | ```exec_preinst``` | ```pkginst``` | ```GET_INTALLLIST``` | ```preinst_@pkgname@``` | ```GET_INTALLLIST``` variable defines the command that allows us to obtain the list of package that will be installed with ```@pkg@``` as a substitute to the list given as ```pkginst``` parameters. | | ```exec_postinst``` | ```pkginst``` | ```POSTINSTLIST``` | ```postinst_@pkgname@``` | ```POSTINSTLIST``` is generated by ```exec_preinst``` and destroyed after ```exec_postinst``` execution. | @@ -593,7 +610,7 @@ The following table resume those function sorted with their respective caller: That script relies on the ```INIT_COM``` variable, defining the program to use to manipulate services. It is defined in configuration file automatically called depending on your distribution. Nevertheless, even if it's system dependent, -some distributions offers you to choose between different services call (and +some distributions offer you to choose between different services call (and init system). If you're not using the standard init system of your distribution, you'll need to overload the ```INIT_COM``` variable in your configuration files. @@ -611,31 +628,31 @@ With the tested init systems, and considering ```%srv%``` the service name and #### 10.2.1. ```exec_serv ``` That function execute the given action to the given service. The service have to be the first parameter and the action, the second parameter. No more -parameter will be acceted and an error will be triggered if there's any more +parameter will be accepted and an error will be triggered if there's any more than two. The function returns the exit code of the service command. #### 10.2.2. ```svc_start [service2 [... serviceN]]``` -Start the services given in parmeters. You can give as many services you want. +Start the services given in parameters. You can give as many services you want. That function relies on the previously documented exec_serv function. #### 10.2.3. ```svc_reload [service2 [... serviceN]]``` -Reload the configuration of the services given in parmeters. You can give as +Reload the configuration of the services given in parameters. You can give as many services you want. Be careful using this as some services don't have that capability. That function relies on the previously documented exec_serv function. #### 10.2.2. ```svc_restart [service2 [... serviceN]]``` -Restart the services given in parmeters. It consist generally in a stop +Restart the services given in parameters. It consists generally in a stop immediately followed by a start. You can give as many services you want. That function relies on the previously documented exec_serv function. #### 10.2.3. ```svc_stop [service2 [... serviceN]]``` -Stop the services given in parmeters. You can give as many services you want. +Stop the services given in parameters. You can give as many services you want. That function relies on the previously documented exec_serv function. @@ -643,9 +660,9 @@ That function relies on the previously documented exec_serv function. That file don't provide any other thing that the previously listed functions. ## 11. The support.sh file -### 11.1. Global behaviour +### 11.1. Global behavior That file is designed to just display information. It only contains code that -don't requires any special rights, and do nothing to the system. The idea is to +doesn't require any special rights, and do nothing to the system. The idea is to have the minimal sets of dependencies. As it's sometimes using colors to display results, it depends only on color code declaration in the ```display.sh``` file. @@ -657,111 +674,135 @@ It's not taking any parameter and return nothing but help text. #### 11.2.2. ```show_version``` That function display the version of init.sh. It will also parse all the -available modules to display a table with their respecting versions. +available modules to display a table with their respective versions. -If user is not root an additionnal warning will be displayed to warn the fact -the script requires root privileges to work properly. +If the user is not root, an additional warning will be displayed to warn the +fact the script requires root privileges to work properly. -### 11.3. Other functionnalities +### 11.3. Other functionalities That file don't provide any other thing that the previously listed functions. ## 12. The utils.sh file ### 12.1. Functions #### 12.1.1. ```stdtime``` -Display date and time based on RFC 3339 standard but slightly modified so it can -be used in filename. Thus spaces are replaced by dash, and comas between hours, -minutes and seconds are removed. +Display date and time based on RFC 3339 standard but slightly modified, so it +can be used in filename. Thus, spaces are replaced by dash, and comas between +hours, minutes and seconds are just removed. That function takes no parameters and return its result on standard output. #### 12.1.2. ```function_exists ``` That function checks if the given name is a defined function in the execution -environment. It returns 0 if yes and an undefined non zero value if not. +environment. It returns 0 if yes and 1 value if not. The function name is +mandatory and an error will be triggered if no function name is given. That functions prints nothing. #### 12.1.3. ```get_mod_name ``` That function return the name of the module file given in parameter. It takes -only one parameter: the module file name. +only one parameter: a module file name. -Result is sent to ```stdout```. +Result will be sent to ```stdout```. #### 12.1.4. ```set_system_proxy``` That function applies proxy settings in the configuration files to the system proxy configuration, unless the ```--no-proxy``` parameters have been given -command line. +command line or if proxy settings are already set. That function takes no parameters and only change ```http_proxy``` and -```https_proxy``` standard POSIX variables. No usefull result will be returned. +```https_proxy``` standard POSIX variables in the script environment. No useful +result will be returned. -### 12.2. Other functionnalities +### 12.2. Other functionalities That file don't provide any other thing that the previously listed functions. ## 13. The version.sh file ### 13.1. Functions #### 13.1.1. ```get_os_version``` That function takes no parameters and will return three values in order: - 1. Distribution ID, in lowcase, usually equivalent to the distribution name. - 2. Distribution version, if available, elsewhere kernel version with it's major. - 3. Distribution codename (eg. buster for Debian 10) in lowercase if available. If not, the generic "null" value is returned instead. + 1. Distribution ID, in low case, usually equivalent to the distribution name. + 2. Distribution version, if available, elsewhere kernel version (only major and + minor, release will be ignored). + 3. Distribution code-name (e.g., buster for Debian 10) in lowercase if + available. If not, the generic "null" value is returned instead. The function mainly relies on the "*/etc/os-release*" new standard file. If your -distribution do not provide that file it is required you generate it yourself +distribution do not provide that file, it is required you generate it yourself before using init.sh. If you need help with the *os-release* file you can check the [official documentation](https://www.freedesktop.org/software/systemd/man/os-release.html). In "*/etc/os-release*" the variables *ID*, *VERSION_ID* and *VERSION_CODENAME* -will be the ones being analysed. Only the *ID* variable is mandatory. +will be the ones being analyzed. Only the *ID* variable is mandatory. #### 13.1.2. ```set_sys_var ``` -That function sets important variable that will store the system architecture. -It will allow the automatic loading of mandatory system dependent code and -variables. For debugging purpose it will be possible to call it manually. +That function sets some important variables that will store the system +architecture. It allows the automatic loading of mandatory system dependent code +and variables. For debugging purpose it's be possible to call it manually. -Inside the init.sh initiallisation, it's called that way: +Inside the init.sh initialization, it's called that way: ```shell set_sys_vars $(uname -m) $(get_os_version) ``` All the four parameters have to be given in that order: - 1. System architecture (eg. x86_64, i386, arm64...) - 2. Distribution name (eg. debian, centos, ubuntu...) + 1. System architecture (e.g., x86_64, i386, arm64...) + 2. Distribution name (e.g., debian, centos, ubuntu...) 3. Distribution version (or kernel version for rolling releases) - 4. Distribution codename if available (eg. jessie, buster, bulleyes...) + 4. Distribution code-name if available (e.g., jessie, buster, bulleyes...) -If your distribution do not provide any codename, you have to give "null" as a +If your distribution do not provide any code-name, you have to give "null" as a replacement parameter. The following global variables will be set at the end of the execution: - **```SYS_ARCH```** for the system architecture - **```SYS_DIST```** for the distribution name - **```SYS_VER```** for the distribution version - - **```SYS_CODE```** for the distribution codename + - **```SYS_CODE```** for the distribution code-name The ```SYS_CODE``` variable won't be set if your distribution provides no -codename. +code-name. ### 13.2. Other functionnalities That file don't provide any other thing that the previously listed functions. -## 14. Writing conventions +## 14. Global variables +Here is the table of the global variable, that could be usefull either to change +script behavior, or because those variables could be useful in many modules. +| Varaible | Type | Use | +|:-------------|:-------|:-----------------------------------------------| +| HOSTNAME | string, automatic | Define the name of the host | +| MODULE_LIST | comma separated string list, configuration file | The module list to execute | + +## 15. Writing conventions For readability and compatibility purpose, I adopted some writing conventions. -First of all indentation is made with space only, as different editors can have -a very different approach on tabs management. Please configure your editor -accordingly if you want to share your work. +First, indentation is made with space only, as different editors can have a very +different approach on tabs management. I honestly really love the "Emacs" tab +management style, but I must recognize most editor are not behaving correctly +with tabs. Consequently, please configure your editor to replace tabs with four +spaces, if you want to share your work. If, for and while statement are all written in that way: ```shell +# if exemple if [[ condition ]]; then something +elif [[ condition ]]; then + something +else + something fi + +# for exemple for var in range; do something done + +# while exemple while condition; do something done ``` + Case statement will look like this: ```shell case var in @@ -777,12 +818,19 @@ case var in esac ``` -Tests have to be done using if. Writting ```[[ test ]] && action``` is not -encouraged even if elegant. It makes reading harder for beginners. +Tests have to be done using if. Writing ```[[ test ]] && action``` is not +encouraged, even if I personally think it's a very elegant writing. It makes +reading and comprehension harder for beginners. + +A much more accepted behavior is the following two rules with tests: + * Don't write ```[[ $VAR ]]``` to test variable existance, write + ```[[ -n $VAR ]]``` instead. + * Don't write ```[[ ! $VAR ]]``` to test if a variable is undeclared, write + ```[[ -z $VAR ]]``` instead. ----------------------------------------------------------------------------- -Documentation (c) 2019-2021 Geoffray Levasseur. +Documentation (c) 2019-2022 Geoffray Levasseur. This file is distributed under3-clause BSD license. The complete license agreement can be obtained at: https://opensource.org/licenses/BSD-3-Clause diff --git a/doc/errors.md b/doc/errors.md index 0bb1ae1..9fac5f4 100644 --- a/doc/errors.md +++ b/doc/errors.md @@ -33,17 +33,18 @@ You've called the **init.sh** script with command line syntax error or options that are not compatible together. Some options exclude each others or trigger opposite events. -To fix it check your command line taking into account of the detailled error +To fix it check your command line taking into account of the detailed error message displayed together with that error. ## Error #2: Misuse of Bash built-in -A Bash builtin function is uncorrectly called. +A Bash built-in function is incorrectly called. If that error happens on the execution of a module you made yourself, you might -check the code of your module and fix what goes wrong. +check the code of your module and fix what goes wrong. The backtrace will help +you to find what line is in cause of it. If it happens on the execution of **init.sh** or a builtin module, please send a -bug repport. +bug report. ## Error #3: Missing library file or function One of the internal vital function of **init.sh** is missing. @@ -52,19 +53,19 @@ Most of the time that error happens when one of the library files of **init.sh** is missing. Please check your directory tree and all files are available. Use git as a reference if you have some doubts. -If you have all the files, make sure they are not truncated (it can happens, for -example, if disk is full), that you use consistant versions (yet again, git is -the reference) or you didn't modified something accidentally in libraries or +If you have all the files, make sure they are not truncated (it can happen, for +example, if disk is full), that you use consistent versions (yet again, git is +the reference) or you didn't modify something accidentally in libraries or **init.sh** script. ## Error #4: No root right You tried to execute **init.sh** without administrative rights. -As **init.sh** goal is to transform system, administrative rights are absolutely -necessary. To fix this, run **init.sh** as superuser, using ```sudo``` or -```su```. +As **init.sh** goal is to transform the system, administrative rights are +absolutely necessary. To fix this, run **init.sh** as superuser, using +```sudo``` or ```su```. -If you run as non UID #0 user but you're certain to have all the necessary +If you run as non UID #0 user, but you're certain to have all the necessary rights, you have to use the ```--no-check-root``` option. ## Error #5: Malformed module list @@ -72,9 +73,9 @@ The module list you provided is malformed or contains forbidden characters. To fix this, check your module list in your configuration file or in your command line if you passed it manually. If you created a module you added in the -list, make sure your module does not contain a dash '-' character, or any non -alphanumeric character other than underscore. If you use a number in your module -name, make sure it's not begining with. +list, make sure your module does not contain a dash '-' character, or any +non-alphanumeric character other than underscore. If you use a number in your +module name, make sure it's not beginning with. ## Error #6: Unable to find configuration That error happens when no configuration file suitable for your machine have @@ -82,84 +83,86 @@ been found. To fix this, make sure you have a configuration file named after the lowercase hostname of the computer you run on in the ```conf/``` directory of your -**init.sh** tree. Alternatively you can use a generic file named +**init.sh** tree. Alternatively, you can use a generic file named ```init.conf.sh``` in that same directory. -If you gave manual configuration files, check they all exists. +If you gave manual configuration files, check they all exist. ## Error #7: Misuse of script internal function One of the base function of **init.sh** libraries is not being used correctly. -If that error happens while executing one of your module, please check your code -especially when you use a **init.sh** internal. The -[developper documentation](dev.md) will help you about synthax. Check your +If that error happens while executing one of your module, please check your +code, especially when you use an **init.sh** internal. The +[developer's documentation](dev.md) will help you about syntax. Check your parameters are correctly passed in the good format and do not use wildcards in file names. -If it happens on the execution of **init.sh** or a builtin module, please send a -bug repport. +If it happens on the execution of **init.sh** or a built-in module, please send +a bug report. ## Error #8: Can't determine OS type or version As **init.sh** relies on some specific operating system commands (like package manager) the detection system must be able to obtain OS characteristics. -To fix this you must check the ```/etc/os-release``` file availability for your +To fix this, you must check the ```/etc/os-release``` file availability for your distribution. If your distribution do not provide that file, you'll have to -create it yourself providing on the bare minimum an ``ID`` entry. Check the +create it yourself, providing on the bare minimum an ``ID`` entry. Check the [```/etc/os-release``` file documentation](https://www.freedesktop.org/software/systemd/man/os-release.html) for details. ## Error #9: Unsatisfied dependency -That error can happens in two cases scenario. One case is one or more of your +That error can happen in two cases scenario. One case is one or more of your modules depends on another which is not part of the module to execute. The other -case is when you call a module too early. +case is when you call a module too early in the list. -To fix this, check your module list order. Check also your modules dependenies -are in the list before they are called themself. +To fix this, check your module list order. Check also your module's dependencies +are in the list before they are called themselves. If you wrote your own module, make sure you have no circular dependencies. ## Error #10: File missing or empty -You have refered a file that don't exists or is empty, if the file is required +You have referred a file that don't exist or is empty, if the file is required to have a content. Check your filename and path in modules and/or configuration files. ## Error #11: Bad function call -That error is trigered when an internal function is called with a wrong number +That error is triggered when an internal function is called with a wrong number of parameters. -If that error happens while executing one of your module, please check your code -especially when you use a **init.sh** internal. The -[developper documentation](dev.md) will help you about synthax. +If that error happens while executing one of your module, please check your +code, especially when you use an **init.sh** internal. The +[developer's documentation](dev.md) will help you about syntax. Check also if a +required variable is properly set. It's always a good idea to test if all needed +variables are set properly in the checks, before applying any changes. -If it happens on the execution of **init.sh** or a builtin module, please send a bug -repport. +If it happens on the execution of **init.sh** or a built-in module, please send +a bug report. ## Error 12: Error copying files -A file copy opperation have failed. +A file copy operation has failed. Make sure your source path exists and is readable and destination is writable -and target directory exists. Chack also if target do not contain a symbolic link +and target directory exists. Check also if target do not contain a symbolic link or a directory with the same name. ## Error #13: Bad target file system -The target file system you provided is not part of the root filesystem, is not -accessible or is not an absolute path. +The target file system you provided is not part of the root file system, is not +accessible, or is not an absolute path. -Make sure your destination paths are fully qualified paths names (begining with +Make sure your destination path is a fully qualified paths names (beginning with "/"), is writable and the destination path exists. ## Error #14: Impossible to chroot -That error occurs when the chroot target don't exists. +That error occurs when the chroot target don't exist. -Check your target filesystem, make sure it's mounted. +Check your target file system, make sure it's mounted. ## Error #15: Bad chrooted installation, destination OS needs to be fixed The target installation is incomplete or not usable in a chrooted environment. -Check all the filesystems needed to perform the chroot are mounted correctly. If -your target installation is damaged, you have to fix it before running +Check all the file systems needed to perform the chroot are mounted correctly. +If your target installation is damaged, you have to fix it before running **init.sh**. ## Error #16: Invalid options provided with cron mode activated @@ -174,44 +177,49 @@ You asked to resume on last error, but no status file can be found. To fix this, remove the ```--resume``` option. You can use the ```--modules``` option instead to ask for a limited range of modules. -## Error #18: Module file don't exists or is empty +## Error #18: Module file don't exist or is empty The module list contains an entry that correspond to no module in the "modules" -directory or the corresponding file is actually empty. +directory, or the corresponding file is actually empty. Check the spelling of the incriminated module. If spelling is correct, check the -file name of that module. If it don't exists, create the module or remove it -from the module list. +file name of that module. If it don't exist, create the module or remove it from +the module list. ## Error #50 to #100: Error in module execution -A module trigered an internal error while executing change to the system. You +A module triggered an internal error while executing changes to the system. You need to check the concerned module documentation. As the module may have done some unfinished changes to the system, it will be -safer to resume after fixing the problem before rebooting. +safer to resume after fixing the problem before rebooting. If you need to +reboot, please check your system is still bootable. ## Error #126: Command exists but is not executable You try to execute a command that is not executable for you. -Check your rights to execute the so said command. Check also the excutable is -valid if the command is external. +Check your rights to execute the so said command. Check also the executable file +is valid if the command is external. ## Error #127: Command not found -You try to call a command that do not exists. +You try to call a command that do not exist. -If taht error comes from one of your modules, check the spelling of the -command. Check also if the program you need is installed and think about -installing it through the provided **init.sh** builtin functions. +If that error comes from one of your modules, check the spelling of the +command. Check also if the program you need is installed, and think about +installing it through the provided **init.sh** built-in functions before using +it in your module. -If that occurs with a builtin module or in **init.sh** code or libraries please -fill a bug repport. +If that occurs with a built-in module or in **init.sh** code or libraries, +please fill a bug report. ## Error #128: Abortion due to external cause -That error happens when an exeternal signal is triggering a stop in the +That error happens when an external signal is triggering the interuption of the execution of **init.sh**. -Do not halt or restart the computer before the end of **init.sh** execution. -Using Ctrl + C sequence or the kill command on the bash process running the -script will lead to that error too. +Do not halt or restart the computer before the end of **init.sh** execution. If +one of your module requires a reboot, please use the built-in ```need_reboot``` +command. + +Note that using Ctrl + C sequence or the kill command on the bash process +running the script will lead to that error too. ## Error #150 to #200: Error in module checks One of the checks executed prior **init.sh** actions did not pass. @@ -223,12 +231,12 @@ the associated error message. That error is a special case when the exit status of a program is above 255 as authorized by many high level programming languages. -Check the error in the program emiting it and the associated program +Check the error in the program emitting it and the associated program documentation. ----------------------------------------------------------------------------- -Documentation (c) 2019-2021 Geoffray Levasseur. +Documentation (c) 2019-2022 Geoffray Levasseur. This file is distributed under3-clause BSD license. The complete license agreement can be obtained at: https://opensource.org/licenses/BSD-3-Clause diff --git a/doc/todo.md b/doc/todo.md index 214edd2..78a6856 100644 --- a/doc/todo.md +++ b/doc/todo.md @@ -1,11 +1,11 @@ -# init.sh to do list +# init.sh to-do list There's no specific order in that list. All that is subject to appear in version 1.x.y of ```init.sh```. * Better error management system * Fix ```--keep-going``` option not properly working - * Add a function for booleans to accept true, yes and 1, and false, no and 0 answers + * Add a function for boolean variables to accept true, yes and 1, and false, no and 0 answers * More modules * Add support for CentOS * Add support for Slackware @@ -14,25 +14,26 @@ There's no specific order in that list. All that is subject to appear in version * Improve output * Add ```--quiet``` option to hide run commands output -Here is ideas for version 2 of ```init.sh```: +Here are ideas for version 2 of ```init.sh```: - * Support for system dependant modules - * Idempotency (if possible) + * Support for system dependent modules + * Idem potency (if possible) * Better configuration file design with a proper parser (ini style maybe) * Configuration designer (CCmake style maybe), can't be done in Bash + * Language support and translations? What will never appear in that todo list (so don't ask) : - * Windows: don't ask for Windows support, it will never happens + * Windows: don't ask for Windows support, it will never happen, and don't make any sense * MacOS: same as above * Base language change: the heart of init.sh is BASH, and will always be -Knowing all that, you can still send feature request if a deasired feature do -not appears in that list. +Knowing all that, you can still send feature request if a desired feature do not +appears in that list. ----------------------------------------------------------------------------- -Documentation (c) 2019-2021 Geoffray Levasseur. +Documentation (c) 2019-2022 Geoffray Levasseur. This file is distributed under3-clause BSD license. The complete license agreement can be obtained at: https://opensource.org/licenses/BSD-3-Clause diff --git a/init.sh b/init.sh index 3cc70f1..f761f6c 100755 --- a/init.sh +++ b/init.sh @@ -36,7 +36,7 @@ export LC_ALL=C export LANG=C # Version of init -export VERSION="0.99.17" +export VERSION="0.99.18" # Store script's path (realpath -s resolve symlinks if init.sh is a symlink) export MYPATH=$(dirname $(realpath -s $0)) diff --git a/lib/aaa_errors.sh b/lib/aaa_errors.sh index 39ea266..e907d32 100644 --- a/lib/aaa_errors.sh +++ b/lib/aaa_errors.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Error management functions # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/lib/chroot.sh b/lib/chroot.sh index 9814e94..12aaf4c 100644 --- a/lib/chroot.sh +++ b/lib/chroot.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Chroot system functions # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/lib/command_line.sh b/lib/command_line.sh index 6ebb90e..e603fb5 100644 --- a/lib/command_line.sh +++ b/lib/command_line.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Main program functions # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/lib/diskman.sh b/lib/diskman.sh index fa97f70..991ff16 100644 --- a/lib/diskman.sh +++ b/lib/diskman.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Disks and partitions manipulation function # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/lib/display.sh b/lib/display.sh index 7ffe37b..9e23664 100644 --- a/lib/display.sh +++ b/lib/display.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Some display functions and defines color codes # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/lib/filefct.sh b/lib/filefct.sh index 78865e8..b92b763 100644 --- a/lib/filefct.sh +++ b/lib/filefct.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # File manipulation function # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: @@ -9,6 +9,12 @@ # ------------------------------------------------------------------------------ +# Some useful variables: +export HOST_REPO_PATH=${HOST_REPO_PATH:-"$MYPATH/repo/hosts/$HOSTNAME"} +export GROUP_REPO_PATH=${GROUP_REPO_PATH:-"$MYPATH/repo/groups"} +export COMM_REPO_PATH=${COMM_REPO_PATH:-"$MYPATH/repo/common"} + + # ------------------------------------------------------------------------------ # Backup original installation files # (or any old files if runned several time on same file) @@ -55,10 +61,10 @@ export -f backup_dist select_file() { local infile=$1 - if [[ -f $MYPATH/repo/hosts/$HOSTNAME/$infile ]]; then - local source="$MYPATH/repo/hosts/$HOSTNAME/$infile" - elif [[ -f $MYPATH/repo/common/$infile ]]; then - local source="$MYPATH/repo/common/$infile" + if [[ -f $HOST_REPO_PATH/$infile ]]; then + local source="$HOST_REPO_PATH/$infile" + elif [[ -f $COMM_REPO_PATH/$infile ]]; then + local source="$COMM_REPO_PATH/$infile" else # Not found in repository, we expect full name local source="$infile" @@ -75,10 +81,10 @@ export -f select_file select_directory() { local indir=$1 - if [[ -d $MYPATH/repo/hosts/$HOSTNAME/$indir ]]; then - local source="$MYPATH/repo/hosts/$HOSTNAME/$indir" - elif [[ -d $MYPATH/repo/common/$indir ]]; then - local source="$MYPATH/repo/common/$indir" + if [[ -d $HOST_REPO_PATH/$indir ]]; then + local source="$HOST_REPO_PATH/$indir" + elif [[ -d $COMM_REPO_PATH/$indir ]]; then + local source="$COMM_REPO_PATH/$indir" else # Not found in repository, we expect full name local source="$indir" @@ -309,5 +315,7 @@ directory_must_exists() fi unset md } + + export -f directory_must_exists # EOF diff --git a/lib/loaders.sh b/lib/loaders.sh index 0ab96b0..9a3de4a 100644 --- a/lib/loaders.sh +++ b/lib/loaders.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Loaders for conf and prepost functions # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/lib/pkgman.sh b/lib/pkgman.sh index 6b2c68e..6c33c17 100644 --- a/lib/pkgman.sh +++ b/lib/pkgman.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Package manager integration # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/lib/services.sh b/lib/services.sh index 9a0d0cc..55c157a 100644 --- a/lib/services.sh +++ b/lib/services.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Services manipulation functions # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/lib/support.sh b/lib/support.sh index ecc401e..7d1ed50 100644 --- a/lib/support.sh +++ b/lib/support.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Base support function # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/lib/utils.sh b/lib/utils.sh index e266e29..80db1d7 100644 --- a/lib/utils.sh +++ b/lib/utils.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Various utilitary functions # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/lib/version.sh b/lib/version.sh index c0f1d63..77c281d 100644 --- a/lib/version.sh +++ b/lib/version.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Version determination function # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/modules/authnz.sh b/modules/authnz.sh index 2a16c69..b04cb13 100644 --- a/modules/authnz.sh +++ b/modules/authnz.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Add local or remote users # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: @@ -13,14 +13,14 @@ # * KDC_SERVER: Kerberos domain controler KADM_SERVER # * KADM_SERVER: Administrative Kerberos KADM_SERVER # * BASE_DC: Domain in LDAP format -# * LDAP_SERVER: LDAP server +# * LDAP_SERVER: LDAP server name or address # * REMOTE_USERS: List of remote users to add # * LOCAL_USERS: List of local users to create # * REMOVE_USERS: List of username to remove # * DEFAULT_SHELL: The shell to use when creating new users # ------------------------------------------------------------------------------ -export VER_authnz=0.2.1 +export VER_authnz=0.2.2 export DEP_authnz="upgrade_dist" # Users (from Ldap) @@ -35,7 +35,7 @@ add_remote_user() echo "+$1::::::" >> /etc/passwd prnt I "User $1 added to passwd..." fi - if [[ $(grep "^+$1:" /etc/passwd) ]]; then + if [[ $(grep "^+$1:" /etc/shadow) ]]; then prnt W "The remote user $1 is already connectable, nothing to do in shadow." else echo "+$1::::::::" >> /etc/shadow @@ -47,8 +47,11 @@ add_remote_user() remove_user() { if [[ $(grep "^$1:" /etc/{passwd,shadow,group,gshadow}) ]]; then - # Using sed is more universal than any distro commands + # Using sed is more universal than any distro commands - local case sed -i -e "/^$1:/d" /etc/{passwd,shadow,group,gshadow} + elif [[ $(grep "^+$1:" /etc/{passwd,shadow,group,gshadow}) ]]; then + # remote case + sed -i -e "/^+$1:/d" /etc/{passwd,shadow,group,gshadow} else prnt W "User $1 don't exists in auth files, nothing to do." fi @@ -73,8 +76,8 @@ create_local_user() # Authentication authnz() { - backup_dist /etc/passwd /etc/shadow /etc/group - tag_file /etc/passwd /etc/shadow /etc/group + backup_dist /etc/{passwd,shadow,group,gshadow} + tag_file /etc/{passwd,shadow,group,gshadow} for usr in $REMOVE_USERS; do prnt I "Removing user $usr..." remove_user $usr @@ -111,14 +114,13 @@ authnz() done fi - if [[ -z $LOCAL_USERS ]]; then - return 0 + if [[ -n $LOCAL_USERS ]]; then + for usr in $LOCAL_USERS; do + prnt I "Creating user $usr..." + create_local_user $usr + done fi - for usr in $LOCAL_USERS; do - prnt I "Creating user $usr..." - create_local_user $usr - done NEED_REBOOT=true } diff --git a/modules/conf_locale.sh b/modules/conf_locale.sh index 9561864..0dfcc70 100644 --- a/modules/conf_locale.sh +++ b/modules/conf_locale.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Configure locale # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: @@ -11,7 +11,7 @@ # * LOCALESET: List of locale that will be supported by system # * SYSLOCALE: Default system wide locale # -# Both case will be formated in that way (with exemple for French: +# Both case will be formated in that way (with exemple for French): # fr_FR.UTF-8 # ^ ^ ^ # | | | @@ -20,7 +20,7 @@ # Character table (ISO or UTF) # ------------------------------------------------------------------------------ -export VER_conf_locale="0.1.5" +export VER_conf_locale="0.1.6" conf_locale() { @@ -50,15 +50,16 @@ conf_locale() locale-gen prnt I "Defining system language..." - [[ -z $SYSLOCALE ]] && + if [[ -z $SYSLOCALE ]]; then export SYSLOCALE=C + fi local sys_fname=/etc/default/locale backup_dist $sys_fname tag_file $sys_fname echo "LANG=$SYSLOCALE" >> $sys_fname - # We define all LC_* but LC_ALL as recommended by GNU + # We define all LC_* but not LC_ALL as recommended by GNU for cfg in ADDRESS IDENTIFICATION MEASUREMENT MONETARY NAME NUMERIC PAPER \ TELEPHONE TIME; do echo "LC_$cfg=$SYSLOCALE" >> $sys_fname @@ -68,7 +69,7 @@ conf_locale() precheck_conf_locale() { if [[ -z $LOCALESET ]]; then - prnt W "No locales definition!" + prnt W "No locales definition! No locale other than C will be avialable!" else prnt m "Available locales will be: $LOCALESET" fi diff --git a/modules/conf_mail.sh b/modules/conf_mail.sh index 0b39a24..1632aa8 100644 --- a/modules/conf_mail.sh +++ b/modules/conf_mail.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Mail system # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: @@ -13,24 +13,24 @@ # * MAIL_RELAY: Name of the mail relay server # ------------------------------------------------------------------------------ -export VER_conf_mail="0.0.6" +export VER_conf_mail="0.0.7" export DEP_conf_mail="upgrade_dist" conf_mail() { - prnt I "Installation de postfix..." + prnt I "Installing postfix..." pkginst postfix local pfmain="/etc/postfix/main.cf" - prnt I "Configuration de postfix..." + prnt I "Configuring postfix..." install_file postfix/main.cf $pfmain tag_file $pfmain sed -i -e "s/@HOSTNAME@/$HOSTNAME/" -e "s/@REALM@/$REALM/" \ -e "s/@MAIL_RELAY@/$MAIL_RELAY/" $pfmain - tag_file /etc/mailname echo $HOSTNAME.$REALM > /etc/mailname + tag_file /etc/mailname svc_restart postfix } @@ -38,7 +38,7 @@ conf_mail() precheck_conf_mail() { if [[ -z $REALM ]]; then - prnt E "Aucun domaine principal renseigné." + prnt E "No main domain configured, can't continue." die 158 fi file_must_exists postfix/main.cf diff --git a/modules/conf_network.sh b/modules/conf_network.sh index 81ee6eb..be0ec38 100644 --- a/modules/conf_network.sh +++ b/modules/conf_network.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Configure network # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: @@ -111,8 +111,17 @@ precheck_conf_network() prnt W "No IPv4 interfaces to configure." else for iface in $IPV4_IFACES; do + if [[ ! -d /sys/class/net/$iface ]]; then + prnt E "The iface $iface, asked to configure, do not exist!" + die 175 + else + if [[ $(grep "up" /sys/class/net/$iface/operstate) ]]; then + prnt W "The IPv4 iface $iface, is already configured, a reboot will be required." + fi + fi if [[ -z $(eval echo \$NET4_MODE_$iface) ]]; then prnt E "Interfaces $iface have no mode set!" + die 175 else case $(eval echo \$NET4_MODE_$iface) in "static") @@ -140,8 +149,17 @@ precheck_conf_network() prnt W "No IPv6 interfaces to configure." else for iface in $IPV6_IFACES; do + if [[ ! -d /sys/class/net/$iface ]]; then + prnt E "The iface $iface, asked to configure, do not exist!" + die 175 + else + if [[ $(grep "up" /sys/class/net/$iface/operstate) ]]; then + prnt W "The IPv6 iface $iface, is already configured, a reboot will be required." + fi + fi if [[ -z $(eval echo \$NET6_MODE_$iface) ]]; then prnt E "Interfaces $iface have no mode set!" + die 175 else case $(eval echo \$NET6_MODE_$iface) in "static") diff --git a/modules/conf_ntp.sh b/modules/conf_ntp.sh index 174f82c..c987240 100644 --- a/modules/conf_ntp.sh +++ b/modules/conf_ntp.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Configure NTP # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: @@ -11,13 +11,13 @@ # * NTPSERVERS: list of NTP servers # ------------------------------------------------------------------------------ -export VER_conf_ntp="0.1.5" +export VER_conf_ntp="0.1.6" export DEP_conf_ntp="" conf_ntp() { if [[ $(pidof systemd) ]]; then - prnt I "Désactivation de Systemd-timesyncd..." + prnt I "Disabling Systemd-timesyncd..." systemctl disable systemd-timesyncd || true fi @@ -26,7 +26,7 @@ conf_ntp() prnt I "Stopping service ntp..." svc_stop ntp - prnt I "Installation du fichier de configuration de NTP." + prnt I "Installing NTP configuration file..." local dest="/etc/ntp.conf.work" backup_dist /etc/ntp.conf tag_file $dest diff --git a/modules/conf_ssh.sh b/modules/conf_ssh.sh index d354abc..c8db509 100644 --- a/modules/conf_ssh.sh +++ b/modules/conf_ssh.sh @@ -11,18 +11,18 @@ # none # ------------------------------------------------------------------------------ -export VER_conf_ssh="0.1.3" +export VER_conf_ssh="0.1.4" export DEP_conf_ssh="upgrade_dist" conf_ssh() { - prnt I "Installation du serveur OpenSSH..." + prnt I "Installing OpenSSH server..." pkginst openssh-server - prnt I "Arrêt du service SSH..." + prnt I "Stopping SSH server service..." svc_stop ssh - prnt I "Installation des fichiers de configuration de SSH..." + prnt I "Installating OpenSSH configuration files..." for f in /etc/ssh/ssh{,d}_config; do backup_dist $f install_file ssh/$(basename $f) $f @@ -30,7 +30,7 @@ conf_ssh() done sed -i -e "s#@SSHD_PERMITROOT_RANGE@#$SSHD_PERMITROOT_RANGE#" /etc/ssh/sshd_config - prnt I "Démarrage du sevice ssh..." + prnt I "Starting SSH server service..." svc_start ssh } diff --git a/modules/conf_syslog.sh b/modules/conf_syslog.sh index a1622df..8afd9cf 100644 --- a/modules/conf_syslog.sh +++ b/modules/conf_syslog.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Configure Rsyslog # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: @@ -11,12 +11,12 @@ # * SYSLOG_SRV: the syslog server name # ------------------------------------------------------------------------------ -export VER_conf_syslog="0.0.4" +export VER_conf_syslog="0.0.5" conf_syslog() { local syslogconf=/etc/rsyslog.conf - prnt I "Configuration de rsyslog..." + prnt I "Configuring rsyslog..." backup_dist $syslogconf install_file rsyslog.conf $syslogconf tag_file $syslogconf @@ -27,7 +27,7 @@ conf_syslog() precheck_conf_syslog() { if [[ -z $SYSLOG_SRV ]]; then - prnt E "Undeclared syslog server name !" + prnt E "Undeclared syslog server name!" die 181 else file_must_exists rsyslog.conf diff --git a/modules/create_vm.sh b/modules/create_vm.sh index 5e5d53f..0d563d4 100644 --- a/modules/create_vm.sh +++ b/modules/create_vm.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Create VBox VM # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: @@ -11,13 +11,13 @@ # To be defined # ------------------------------------------------------------------------------ -export VER_create_vm="0.0.1" +export VER_create_vm="0.0.2" export DEP_create_vm="upgrade_dist install_pkg" create_vm() { if [[ $WITH_VM != "yes" ]]; then - prnt I "Cette machine n'est pas configurée pour la virtualisation, rien à faire." + prnt W "That computer is not configured for virtualisation, nothing to do." return 0 fi @@ -94,16 +94,16 @@ precheck_create_vm() { if [[ $WITH_VM == "yes" ]]; then if [[ -z $VM_NAME ]]; then - prnt E "La machine virtuelle à créer doit avoir un nom." + prnt E "The virtual machine must have a name." die 181 fi if [[ -z VM_CPU || -z VM_MEM || -z VM_OS || -z VM_ROOT || \ -z VM_BOOT1 || -z VM_BOOT2 || -z VM_BOOT3 || -z VM_VID_MEM || -z VM_IF_BRIDGE || -z VM_DISK_SIZE ]]; then - prnt E "Une variable de description de la machine virtuelle n'est pas déclarée !" + prnt E "A necessary declaration for the virtual machine is absent!" die 181 else - prnt I "La machine virtuelle \"$VM_NAME\" sera crée dans $VM_ROOT..." + prnt I "The virtual machine \"$VM_NAME\" will be created in $VM_ROOT..." fi local share= i=0 j=0 @@ -115,13 +115,13 @@ precheck_create_vm() done unset share if [[ $i -eq $j ]]; then - prnt I "La machine virtuelle aura accès à $i répertoires de l'hôte." + prnt I "The virtual machine will access $i directories from the host." else - prnt E "Le nombre de partage et de chemin à partager diffère !" + prnt E "The number of share and path to share is different!" die 182 fi else - prnt I "Aucune machine virtuelle à installer." + prnt I "No virtual machine to create." fi } diff --git a/modules/hardenning_vm.sh b/modules/hardenning_vm.sh index 127fa4d..a7cb239 100644 --- a/modules/hardenning_vm.sh +++ b/modules/hardenning_vm.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Hardenning for VM/Cloud kind of machine # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: @@ -11,7 +11,7 @@ # * WITH_ROUTING: if yes, kernel routing capabilities will not be disabled # ------------------------------------------------------------------------------ -export VER_vm_hardenning="0.0.1" +export VER_hardenning_vm="0.0.1" vm_hardenning() { diff --git a/modules/install_chromium.sh b/modules/install_chromium.sh index e87c3cb..453ea83 100644 --- a/modules/install_chromium.sh +++ b/modules/install_chromium.sh @@ -3,7 +3,7 @@ # we need a special procedure to install Debian Buster version. # Consequently that module is *Ubuntu centric. # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/modules/install_desktop.sh b/modules/install_desktop.sh index 797cc52..a3d2940 100644 --- a/modules/install_desktop.sh +++ b/modules/install_desktop.sh @@ -2,7 +2,7 @@ # Install desktop environment -- Ubuntu only # Debian version might ask for task-$FLAVOR # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/modules/install_mkagent.sh b/modules/install_mkagent.sh index 33062ac..b8c41b8 100644 --- a/modules/install_mkagent.sh +++ b/modules/install_mkagent.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Install check_mk agent using xinetd superserver # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/modules/install_pkg.sh b/modules/install_pkg.sh index 76e7f31..9735b17 100644 --- a/modules/install_pkg.sh +++ b/modules/install_pkg.sh @@ -1,7 +1,7 @@ # ------------------------------------------------------------------------------ # Install or remove packages # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: diff --git a/modules/install_profile.sh b/modules/install_profile.sh index 71f63ac..043d569 100644 --- a/modules/install_profile.sh +++ b/modules/install_profile.sh @@ -8,11 +8,12 @@ # https://opensource.org/licenses/BSD-3-Clause # ------------------------------------------------------------------------------ -export VER_install_profile="0.0.6" +export VER_install_profile="0.0.7" export DEP_install_profile="install_pkg" install_profile() { + prnt I "Installing ansi_shadow font for figlet..." install_file profile/ansi_shadow.flf /usr/share/figlet/ansi_shadow.flf local usrlist="/root" @@ -21,6 +22,7 @@ install_profile() fi for usr in $usrlist; do + prnt I "Installing profile for user $usr..." backup_dist $usr/{.,}profile $usr/.bashrc install_file profile/{{.,}profile,.bashrc} $usr/ tag_file $usr/{{.,}profile,.bashrc} @@ -29,6 +31,7 @@ install_profile() done unset usrlist + prnt I "Installing motd..." backup_dist /etc/motd install_file profile/motd /etc/motd tag_file /etc/motd @@ -36,7 +39,7 @@ install_profile() precheck_install_profile() { - file_must_exists profile/{{.,}profile,.bashrc,.tmux/.tmux.conf{,.local}} + file_must_exists profile/{motd,{.,}profile,.bashrc,.tmux/.tmux.conf{,.local}} } export -f install_profile diff --git a/modules/patch_snmp.sh b/modules/patch_snmp.sh index b55dd5c..87cb578 100644 --- a/modules/patch_snmp.sh +++ b/modules/patch_snmp.sh @@ -1,19 +1,20 @@ # ------------------------------------------------------------------------------ # SNMP monitoring conf # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: # https://opensource.org/licenses/BSD-3-Clause # ------------------------------------------------------------------------------ -export VER_patch_snmp="0.1.1" +export VER_patch_snmp="0.1.2" export DEP_patch_snmp="install_pkg" patch_snmp() { pkginst snmpd + prnt I "Configuring SNMP daemon..." backup_dist /etc/snmp/snmpd.conf /etc/default/snmpd \ /lib/systemd/system/snmpd.service /etc/init.d/snmpd install_file snmpd/snmpd.conf /etc/snmp/snmpd.conf diff --git a/modules/select_system_proxy.sh b/modules/select_system_proxy.sh index e57dce2..e427319 100644 --- a/modules/select_system_proxy.sh +++ b/modules/select_system_proxy.sh @@ -1,24 +1,24 @@ # ------------------------------------------------------------------------------ # Set system wide proxy if on the good network # This file is part of the init.sh project -# Copyright (c) 2019-2021 Geoffray Levasseur +# Copyright (c) 2019-2022 Geoffray Levasseur # ------------------------------------------------------------------------------ # This file is distributed under 3-clause BSD license. # The complete license agreement can be obtained at: # https://opensource.org/licenses/BSD-3-Clause # ------------------------------------------------------------------------------ -export VER_select_system_proxy="0.0.3" +export VER_select_system_proxy="0.0.5" export DEP_select_system_proxy="upgrade_dist" select_system_proxy() { - if [[ -e /etc/apt/apt.conf.d/00proxy ]]; then - prnt I "Configuration proxy trouvé, on ajoute le switch." + if [[ -e /etc/apt/apt.conf.d/00proxy || -n $http_proxy ]]; then + prnt I "Proxy configuration found, adding the switcher for laptops." backupdist /etc/rc.local appendfile proxy.rc.local /etc/rc.local else - prnt I "Pas de configurtion proxy, rien à faire." + prnt I "No proxy configuration set, nothing to do." fi NEED_REBOOT=true }