fatalerrors/init.sh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: fatalerrors:709598629aaf27a33a2830033883009c09a0311d
Branches Tags
fatalerrors:master
..
compare: fatalerrors:master
Branches Tags
fatalerrors:master

92 Commits
709598629a ... master

Author SHA1 Message Date
fatalerrors
a229263c25 reconfigure arayat 2025-10-30 15:56:40 +01:00
fatalerrors
6865b4f967 fix download file name 2025-10-30 15:56:40 +01:00
fatalerrors
cbea670dd8 conf update 2025-10-18 10:58:39 +02:00
fatalerrors
cf76b4e7c3 typos 2025-10-16 18:05:27 +02:00
fatalerrors
900801e27c remove way too long ago obsolete file 2025-10-16 16:09:05 +02:00
fatalerrors
f7bdab1bdb created var management lib, embryo removed from filefct lib 2025-10-16 15:36:35 +02:00
fatalerrors
1132d20796 detect mk version if latest not provided, install xinetd before agent where required 2025-10-16 15:28:46 +02:00
root
cf631ea9a3 adapted to devuan excalibur 2025-10-02 21:33:32 +02:00
fatalerrors
8985f3114f added new debian/devuan versions 2025-10-02 19:38:30 +02:00
fatalerrors
aea656675b add output, made some command verbose 2025-09-25 22:37:58 +02:00
fatalerrors
fdce8fd76d typo 2025-09-25 22:24:23 +02:00
fatalerrors
f2e3d3e3b9 latest not provided, back to fixed version 2025-09-25 22:22:18 +02:00
fatalerrors
6343d4185d premature ip change 2025-09-25 22:16:14 +02:00
fatalerrors
717b240d02 fix ceph mount point creation 2025-09-25 22:13:30 +02:00
fatalerrors
3e4ac11d5b fix typo 2025-09-25 22:02:48 +02:00
fatalerrors
5dfcfb383a typo 2025-09-25 22:01:51 +02:00
fatalerrors
1251ae519f fix comment 2025-09-25 21:55:38 +02:00
fatalerrors
7c5f280039 test over 2025-09-25 21:55:06 +02:00
fatalerrors
6538bb0305 test 2025-09-25 21:44:15 +02:00
fatalerrors
59acdb2ac8 typo 2025-09-25 21:37:32 +02:00
fatalerrors
e3714fb61d conf updated 2025-09-25 21:36:24 +02:00
fatalerrors
850831f51c restart network will have better success 2025-09-25 21:35:59 +02:00
fatalerrors
57cf93ac41 rework conf_ntp module 2025-09-25 20:44:35 +02:00
fatalerrors
e32501537d fusion commit 2025-09-25 20:42:59 +02:00
fatalerrors
b894c793c1 fix variable name 2025-09-25 10:54:18 +02:00
fatalerrors
7e8b3fb656 fix typo 2025-09-24 18:37:27 +02:00
fatalerrors
a05f3b25ab depends on ceph to install ceph... 2025-09-24 18:05:23 +02:00
fatalerrors
624b8d4c6e revert redirection change, change approach 2025-09-24 18:01:27 +02:00
fatalerrors
da53bfd721 version bump 2025-09-24 17:24:55 +02:00
fatalerrors
834cb9d307 prnt now output to STDERR allowing printing in functions returning results on STDOUT 2025-09-24 17:23:22 +02:00
fatalerrors
90be985777 fixed error on file detection 2025-09-24 17:00:56 +02:00
fatalerrors
ccc973c5ef check secret availability before run 2025-09-24 16:51:25 +02:00
fatalerrors
9803c4b312 added secrets availability checks 2025-09-24 16:50:42 +02:00
fatalerrors
a3b69a7c88 updated README file 2025-09-24 15:41:04 +02:00
fatalerrors
1e277ac209 fixed secret lib 2025-09-24 15:40:29 +02:00
fatalerrors
a02cb3b3bd prepare for rework, in near future, typo 2025-09-24 15:17:14 +02:00
fatalerrors
1d45ceec9b fix typo, minor optimisation, identation fix 2025-09-24 12:32:00 +02:00
fatalerrors
453c2d84f7 conf change 2025-09-24 12:23:38 +02:00
fatalerrors
af0d6c51a8 updated conf to new version of ceph module 2025-09-24 12:20:17 +02:00
fatalerrors
5ae7fd861b optimisation and correction 2025-09-24 12:08:09 +02:00
fatalerrors
34c917d2d2 use fetch_secret for ceph secret 2025-09-22 18:37:42 +02:00
fatalerrors
1a23968a9d updated gl.conf to new checkmk module 2025-09-22 18:35:37 +02:00
fatalerrors
dab7132d31 reworked the checkmk module 2025-09-22 18:34:48 +02:00
fatalerrors
d292e0e486 added secret management lib 2025-09-22 18:33:55 +02:00
fatalerrors
10e2150353 updated ntp.conf to modern ntpsec serveur 2025-09-19 15:31:29 +02:00
fatalerrors
9144f48000 adapt to modern ntp.conf file used by ntpsec 2025-09-16 12:10:30 +02:00
fatalerrors
a0889fe3ee add ntpsec specific configuration 2025-09-16 12:06:13 +02:00
fatalerrors
40b4428ebc first shot of Ceph rework 2025-08-11 20:04:58 +02:00
fatalerrors
bb53e99894 made user manipulation functions usable for a list of users 2025-08-11 20:03:46 +02:00
fatalerrors
7319aec087 moved user manipulation functions in lib 2025-08-11 20:02:42 +02:00
root
450c74e1b1 conf: added nisyros 2025-04-24 22:17:52 +02:00
fatalerrors
c4d891bdf9 conf update 2 2025-03-25 12:16:25 +01:00
fatalerrors
63bd14a221 conf update 2025-03-25 11:20:37 +01:00
fatalerrors
84a90cefaa Updated copyright info, added separators and missing exports 2024-11-01 22:25:15 +01:00
fatalerrors
ee28727313 Merge branch 'master' of https://git.geoffray-levasseur.org/fatalerrors/init.sh 2024-10-23 20:09:05 +02:00
fatalerrors
dfb05f40fd fix bug when giving config file through command line 2024-10-23 20:07:50 +02:00
fatalerrors
c258e698ab added proxy cleanup before changing it 2024-10-23 20:02:08 +02:00
fatalerrors
81d7f68a19 cleaned debian and devuan repository mess 2024-09-20 19:05:29 +02:00
fatalerrors
7ed72e1c70 long ago, upgrade_dist was required, not any more some module unmaintained marked obsolete 2024-09-20 18:53:56 +02:00
fatalerrors
b244ad8ef3 fixed conf on latukan 2024-09-20 18:08:47 +02:00
fatalerrors
66dd6f2843 updated check_mk version 2024-09-20 17:04:06 +02:00
fatalerrors
574b57001e bugfix on install_mkagent and patch_snmp 2024-09-20 16:38:26 +02:00
fatalerrors
092dd214c1 latukan conf change 2024-09-20 16:36:58 +02:00
fatalerrors
ba112e9ed9 some checkmk installation adjustment 2024-02-06 11:48:22 +01:00
fatalerrors
e207168ae7 configuration changes 2024-02-06 11:47:46 +01:00
fatalerrors
a23fb505b3 fixed module list 2024-02-04 19:04:38 +01:00
fatalerrors
8de818a3d0 updated mk agent version 2024-02-04 18:46:57 +01:00
root
15ac387271 removed sysbench, do not uninstall xauth, too dangerous on some confs 2024-01-30 10:37:32 +01:00
fatalerrors
cc76af7367 added new server 2024-01-23 01:08:10 +01:00
fatalerrors
57a92bf640 add support for check_mk >= 2.1 with registration 2023-10-27 22:46:11 +02:00
fatalerrors
89fcbd4f05 remove debug 2023-10-23 00:40:28 +02:00
fatalerrors
3fb06c257c implemented realm detection and improved configuration files loading 2023-10-23 00:00:27 +02:00
fatalerrors
7464ad6555 moved conf file in their realm directory 2023-10-22 23:09:10 +02:00
fatalerrors
cbf2117266 fix nfs_opts default application 2023-10-22 21:22:22 +02:00
root
6e1344691d add ca-certificates to package base 2023-10-20 19:34:55 +02:00
Geoffray Levasseur
c95af2a1e3 fix typo and conflict 2023-10-06 11:01:55 +02:00
fatalerrors
0eba77e3d5 hardening code and moved stage file removal later 2023-09-08 20:16:35 +02:00
root
264537e9ea removed obsolete profile file 2023-09-08 20:11:52 +02:00
Geoffray Levasseur
cd35f52509 improved code quality, few bug fixes 2023-08-02 11:36:01 +02:00
fatalerrors
e16ce485f9 fix chaotic codium tabs management 2023-05-16 11:05:20 +02:00
fatalerrors
2293fdde90 pkgsel.base.conf.sh: removed duplicate "whois" in list 2023-05-16 10:57:42 +02:00
fatalerrors
e56dadbc2b conf_nfs: modernised code, added possibility to pass mount options 2023-05-16 10:55:36 +02:00
fatalerrors
90e603be0c moved stage file deletion so resume can be used after using --shell or --check-only options 2023-05-16 10:52:56 +02:00
fatalerrors
e5429bee9d prepare check_mk agents upgrade 2023-05-10 19:43:36 +02:00
fatalerrors
dd1d97e625 conf change 2023-05-05 20:37:36 +02:00
fatalerrors
7542fba94e fixed few minor issues 2023-05-05 19:50:16 +02:00
fatalerrors
23d36cc8af added group and domain support for conf file and repository 2023-05-05 19:49:13 +02:00
fatalerrors
c2751bf9eb new conf files + fix bug in conf_ntp with devuan 5, fix a bug with early debian/devuan version, added git support for profile 2023-05-05 19:06:07 +02:00
fatalerrors
a33726fba8 fixed indentation 2022-12-17 20:19:03 +01:00
fatalerrors
2a05bc8392 disp_help(): fixed some space/tabs unconsistency 2022-12-17 19:52:45 +01:00
fatalerrors
d15a98a7d1 moved dump_key_buffer() from display to utils 2022-12-17 19:29:20 +01:00
fatalerrors
4c11fbe410 stdtime(): removed timezone in our standard date format, useless 2022-12-17 19:11:51 +01:00
105 changed files with 3302 additions and 2184 deletions
Expand all files Collapse all files

10
README.md
View File

@@ -326,6 +326,14 @@ The following table is giving a list of error codes with explanation:
| 16 | Invalid options provided with cron mode activated |
| 17 | Missing or invalid status file, can't resume |
| 18 | Module file don't exists or is empty |
| 20 | Ambigous realm with autodetection |
| 21 | Unconsistant directory structure with configured realm |
| 22 | Required secret management software missing |
| 23 | Secret key not found in secret database |
| 24 | File is not readable |
| 25 | Needed variable not set or not declared |
| 26 | Secret reference missing or malformed |
| 27 | Unknown secret reference |
| 50..100 | Error in module execution |
| 126 | Command exists but is not executable |
| 127 | Command not found |
@@ -392,7 +400,7 @@ You can mail author to fatalerrors \<at\> geoffray-levasseur \<dot\> org.
-----------------------------------------------------------------------------
Documentation (c) 2019-2022 Geoffray Levasseur.
Documentation (c) 2019-2025 Geoffray Levasseur.
This file is distributed under3-clause BSD license. The complete license
agreement can be obtained at: https://opensource.org/licenses/BSD-3-Clause

4
README.txt
View File

@@ -1,4 +0,0 @@
This is deployment scripts for LEGOS git repository created on 2021-05-31-11:31:04
An english version for general purpose is available at https://www.geoffray-levasseur.org/init
Check README.md for details.

4
conf/auto/debian-12.conf.sh Normal file
View File

@@ -0,0 +1,4 @@
# Check debian.conf file for general declaration
# This is specific for version 12
export NTP_SERV=ntpsec

6
conf/auto/debian-13.conf.sh Normal file
View File

@@ -0,0 +1,6 @@
# Check debian.conf file for general declaration
# This is specific for version 13
export NTP_SERV=ntpsec
export SOURCE_EXT=source
export NO_MAIN_SOURCE=true

3
conf/auto/debian.conf.sh
View File

@@ -19,6 +19,9 @@ export COM_AUTOREM="autoremove --purge -y"
# This is not used by init.sh
export DEBIAN_FRONTEND=noninteractive
# Configure how apt behave regarding source.list files
export NO_MAIN_SOURCE=false
# Conf chemin
export RC_SCRIPTS_PATH="/etc/init.d"

4
conf/auto/devuan-5.conf.sh Normal file
View File

@@ -0,0 +1,4 @@
# Check devuan.conf file for general declaration
# This is specific for version 5
export NTP_SERV=ntpsec

4
conf/auto/devuan-6.conf.sh Normal file
View File

@@ -0,0 +1,4 @@
# Check devuan.conf file for general declaration
# This is specific for version 6
export NTP_SERV=ntpsec

3
conf/auto/devuan.conf.sh
View File

@@ -11,9 +11,12 @@
. $MYPATH/conf/auto/debian.conf.sh
# Except init system :
# Note that as Devuan allow also Runit, we should be able to detect correct init system.
# Init SystemV ou OpenRC:
export INIT_COM="$RC_SCRIPTS_PATH/%srv% %com%"
# Init Systemd:
#export INIT_COM="systemctl %comm% %srv%"
# Init Upstart (plus ou moins universel)
#export INIT_COM="service %srv% %com%"

0
conf/apagado.conf.sh → conf/e-3s.lan/apagado.conf.sh
View File

0
conf/sokol.conf.sh → conf/e-3s.lan/sokol.conf.sh
View File

0
conf/apo.conf.sh → conf/geoffray-levasseur.org/apo.conf.sh
View File

6
conf/arayat.conf.sh → conf/geoffray-levasseur.org/arayat.conf.sh
View File

@@ -41,10 +41,10 @@ NET4_NS_eth0="192.168.1.205 192.168.1.206"
NET4_NS_SEARCH_eth0=$REALM
NET4_MODE_eth1="static"
NET4_IP_eth1="192.168.74.220/24"
NET4_IP_eth1="192.168.74.100/24"
NET4_MODE_eth2="static"
NET4_IP_eth2="10.0.254.220/16"
NET4_IP_eth2="10.42.250.100/16"
IPV6_IFACES="eth0 eth1"
@@ -63,7 +63,7 @@ NET6_IP_eth1="2a03:7220:8081:b34a::dc/64"
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL iptables fail2ban curl"
PKGSEL="$PKGSEL iptables curl"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------

73
conf/geoffray-levasseur.org/balut.conf.sh Normal file
View File

@@ -0,0 +1,73 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/gl.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
IPV4_IFACES="eth0 eth1 eth2"
NET4_MODE_eth0="static"
NET4_IP_eth0="192.168.1.221/24"
NET4_GW_eth0="192.168.1.231"
NET4_NS_eth0="192.168.1.206 192.168.1.205"
NET4_NS_SEARCH_eth0=$REALM
NET4_MODE_eth1="static"
NET4_IP_eth1="192.168.74.221/24"
NET4_MODE_eth2="static"
NET4_IP_eth2="10.0.254.221/16"
IPV6_IFACES="eth0 eth1"
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8081:b301::dd/64"
NET6_GW_eth0="2a03:7220:8081:b301::e7"
NET6_NS_eth0="2a03:7220:8081:b301::ce 2a03:7220:8081:b301::cd"
NET6_NS_SEARCH_eth0=$REALM
NET6_MODE_eth1="static"
NET6_IP_eth1="2a03:7220:8081:b34a::dd/64"
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL iptables fail2ban curl"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

71
conf/geoffray-levasseur.org/banahaw.conf.sh Normal file
View File

@@ -0,0 +1,71 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/gl.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
IPV4_IFACES="eth0 eth1"
NET4_MODE_eth0="static"
NET4_IP_eth0="192.168.1.201/24"
NET4_GW_eth0="192.168.1.230"
NET4_NS_eth0="192.168.1.205 192.168.1.206"
NET4_NS_SEARCH_eth0=$REALM
NET4_MODE_eth1="static"
NET4_IP_eth1="10.42.0.201/16"
IPV6_IFACES=""
#NET6_MODE_eth0="static"
#NET6_IP_eth0="2a03:7220:8081:b301::dd/64"
#NET6_GW_eth0="2a03:7220:8081:b301::e7"
#NET6_NS_eth0="2a03:7220:8081:b301::ce 2a03:7220:8081:b301::cd"
#NET6_NS_SEARCH_eth0=$REALM
#NET6_MODE_eth1="static"
#NET6_IP_eth1="2a03:7220:8081:b34a::dd/64"
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL time traceroute apache2 graphviz php smbclient poppler-utils \
php-cgi php-cli php-gd php-sqlite3 php-pear rsync"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

74
conf/geoffray-levasseur.org/biliran.conf.sh Normal file
View File

@@ -0,0 +1,74 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/gl.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Users to create, add or remove
#LOCAL_USERS="$MAINUSER"
#REMOTE_USERS="kroot"
REMOVE_USERS=fatal
# Network
IPV4_IFACES="eth0 eth1 eth2"
NET4_MODE_eth0="static"
NET4_IP_eth0="192.168.1.202/24"
NET4_GW_eth0="192.168.1.230"
NET4_NS_eth0="192.168.1.205 192.168.1.206"
NET4_NS_SEARCH_eth0=$REALM
NET4_MODE_eth1="static"
NET4_IP_eth1="192.168.74.220/24"
NET4_MODE_eth2="static"
NET4_IP_eth2="10.42.250.220/16"
IPV6_IFACES=""
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8081:b301::cd/64"
NET6_GW_eth0="2a03:7220:8081:b301::e6"
NET6_NS_eth0="2a03:7220:8081:b301::cd 2a03:7220:8081:b301::ce"
NET6_NS_SEARCH_eth0=$REALM
NET6_MODE_eth1="static"
NET6_IP_eth1="2a03:7220:8081:b34a::ce/64"
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

0
conf/cagua.conf.sh → conf/geoffray-levasseur.org/cagua.conf.sh
View File

0
conf/didicas.conf.sh → conf/geoffray-levasseur.org/didicas.conf.sh
View File

22
conf/labo.conf.sh → conf/geoffray-levasseur.org/labo.conf.sh
View File

@@ -26,12 +26,10 @@ MAINUSER=root
WITH_LDAP_KERB=no
# Users to create, add or remove
#LOCAL_USERS="$MAINUSER"
#REMOTE_USERS="kroot"
REMOVE_USERS="fatal"
# Network
IPV4_IFACES="eth0 eth1 eth2"
IPV4_IFACES="eth0 eth1"
NET4_MODE_eth0="static"
NET4_IP_eth0="192.168.1.207/24"
@@ -40,15 +38,15 @@ NET4_NS_eth0="192.168.1.205 192.168.1.206"
NET4_NS_SEARCH_eth0=$REALM
NET4_MODE_eth1="static"
NET4_IP_eth1="10.0.254.207/16"
NET4_IP_eth1="10.42.250.180/16"
IPV6_IFACES="eth0"
IPV6_IFACES=""
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8081:b301::cf/64"
NET6_GW_eth0="2a03:7220:8081:b301::e6"
NET6_NS_eth0="2a03:7220:8081:b301::cd 2a03:7220:8081:b301::ce"
NET6_NS_SEARCH_eth0=$REALM
#NET6_MODE_eth0="static"
#NET6_IP_eth0="2a03:7220:8081:b301::cf/64"
#NET6_GW_eth0="2a03:7220:8081:b301::e6"
#NET6_NS_eth0="2a03:7220:8081:b301::cd 2a03:7220:8081:b301::ce"
#NET6_NS_SEARCH_eth0=$REALM
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
@@ -56,7 +54,7 @@ NET6_NS_SEARCH_eth0=$REALM
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL nsd"
PKGSEL="$PKGSEL nsd ldnsutils haveged"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
@@ -64,5 +62,5 @@ PKGSEL="$PKGSEL nsd"
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_mail install_pkg install_profile patch_snmp \
conf_syslog conf_network"

9
conf/latukan.conf.sh → conf/geoffray-levasseur.org/latukan.conf.sh
View File

@@ -31,7 +31,7 @@ WITH_LDAP_KERB=no
REMOVE_USERS=
# Network
IPV4_IFACES="ens18 ens19"
IPV4_IFACES="eth0 eth1"
NET4_MODE_eth0="static"
NET4_IP_eth0="192.168.1.235/24"
@@ -40,20 +40,21 @@ NET4_NS_eth0="192.168.1.205 192.168.1.206"
NET4_NS_SEARCH_eth0=$REALM
NET4_MODE_eth1="static"
NET4_IP_eth1="10.0.254.235/16"
NET4_IP_eth1="10.42.250.30/24"
IPV6_IFACES="eth0"
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8081:b301::eb/64"
NET6_IP_eth0="2a03:7220:8081:b301::1e/64"
NET6_GW_eth0="2a03:7220:8081:b301::e7"
NET6_NS_eth0="2a03:7220:8081:b301::cd 2a03:7220:8081:b301::ce"
NET6_NS_SEARCH_eth0=$REALM
# Gestionnaire de paquet :
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
NO_MAIN_SOURCE=false
INTALL_MODE=full
# Paquets additionnels

21
conf/mariveles.conf.sh → conf/geoffray-levasseur.org/mariveles.conf.sh
View File

@@ -26,37 +26,24 @@ MAINUSER=root
WITH_LDAP_KERB=no
# Users to create, add or remove
#LOCAL_USERS="$MAINUSER"
#REMOTE_USERS="kroot"
REMOVE_USERS=fatal
# Network
IPV4_IFACES="eth0"
IPV4_IFACES="eth0 "
NET4_MODE_eth0="static"
NET4_IP_eth0="192.168.1.241/24"
NET4_GW_eth0="192.168.1.230"
NET4_NS_eth0="192.168.1.205 192.168.1.206"
NET4_GW_eth0="192.168.1.232"
NET4_NS_eth0="192.168.1.202 192.168.1.206"
NET4_NS_SEARCH_eth0=$REALM
NET4_MODE_eth1="static"
NET4_IP_eth1="10.0.254.241/16"
IPV6_IFACES="eth0"
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8081:b301::f1/64"
NET6_GW_eth0="2a03:7220:8081:b301::e6"
NET6_NS_eth0="2a03:7220:8081:b301::cd 2a03:7220:8081:b301::ce"
NET6_NS_SEARCH_eth0=$REALM
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL cups printer-driver-hpcups printer-driver-postscript-hp hplip avahi-daemon printer-driver-gutenprint cups-browsed policykit-1"
PKGSEL="$PKGSEL qbittorrent xhost falkon"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------

6
conf/natib.conf.sh → conf/geoffray-levasseur.org/natib.conf.sh
View File

@@ -40,9 +40,9 @@ NET4_NS_eth0="192.168.1.206 192.168.1.205"
NET4_NS_SEARCH_eth0=$REALM
NET4_MODE_eth1="static"
NET4_IP_eth1="10.0.254.208/16"
NET4_IP_eth1="10.42.0.208/16"
IPV6_IFACES="eth0"
IPV6_IFACES=""
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8081:b301::d0/64"
@@ -56,7 +56,7 @@ NET6_NS_SEARCH_eth0=$REALM
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL nsd"
PKGSEL="$PKGSEL nsd ldnsutils haveged"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------

0
conf/panay.conf.sh → conf/geoffray-levasseur.org/panay.conf.sh
View File

0
conf/silay.conf.sh → conf/geoffray-levasseur.org/silay.conf.sh
View File

15
conf/includes/gl.conf.sh
View File

@@ -19,22 +19,27 @@ export REMOVE_USERS="fatal"
export NTP_SERVERS="didicas.$REALM cagua.$REALM"
# Ceph share
export CEPH_SRV_NAMES="mayon pinatubo ragang taal jolo"
export CEPH_SRV_NAMES="mayon pinatubo ragang taal"
export CEPHIP_mayon="192.168.1.254"
export CEPHIP_pinatubo="192.168.1.253"
export CEPHIP_ragang="192.168.1.252"
export CEPHIP_taal="192.168.1.251"
export CEPHIP_jolo="192.168.1.30"
export CEPH_SECRET="AQAxSf5c2A/CMxAAnOu1RrSf7Yr2h60CLttq4g=="
export CEPH_SECRET="file:/tmp/ceph_secret"
export CEPH_MOUNTS="datastore mediastore"
export CEPH_MP_datastore="/srv/ceph"
export CEPH_MP_mediastore="/srv/media"
export SHARED_HOME="false"
# SSH
export SSHD_PERMITROOT_RANGE="192.168.1.0/24"
# Check MK
export MK_VERSION="2.0.0p20-1"
export MK_URL="https://nagios.geoffray-levasseur.org/check_mk/check_mk/agents/check-mk-agent_${MK_VERSION}_all.deb"
#export MK_VERSION="2.4.0p12-1" #shoud be autodetected now
export MK_SERVER_IP="192.168.1.201"
export MK_SITE="check_mk"
export MK_URL="http://$MK_SERVER_IP/$MK_SITE/check_mk/agents/check-mk-agent_latest_all.deb"
export MK_SECRET="file:/share/services/gestparc/mk_secret"
export MK_USER="cmk-agent"
# Samba
export SMBSRV="silay.$REALM"

39
conf/includes/mam.conf.sh
View File

@@ -6,8 +6,8 @@ export REALM="mixart-myrys.org"
export NTP_SERVERS="ntp1.$REALM ntp2.$REALM"
# Upgrade_dist variables
export PROXYAPT="acng.$REALM"
export PROXYAPTPORT="3142"
export PROXY_APT="acng.$REALM"
export PROXY_APT_PORT="3142"
# Authnz variables
export DEFAULT_SHELL="/bin/bash"
@@ -17,28 +17,33 @@ export LOCALESET="en_US.UTF-8 fr_FR.UTF-8"
export SYSLOCALE="fr_FR.UTF-8"
# Authentification
export BASE_DC="dc=mixart-myrys,dc=org"
export KDC_SERVER="kerb.$REALM"
export KADM_SERVER="kerb.$REALM"
export LDAP_SERVER="ldap.$REALM"
export LDAP_ADM="admin"
#export BASE_DC="dc=mixart-myrys,dc=org"
#export KDC_SERVER="kerb.$REALM"
#export KADM_SERVER="kerb.$REALM"
#export LDAP_SERVER="ldap.$REALM"
#export LDAP_ADM="admin"
# Ceph share
export CEPH_SRV_NAMES="augustine dana douglas gilbert"
export CEPHIP_augustine="10.254.1.1"
export CEPHIP_dana="10.254.1.2"
export CEPHIP_douglas="10.254.1.3"
export CEPHIP_gilbert="10.254.1.4"
export CEPH_SECRET="AQBC1MVdUl2HIBAAPT+BP6pOImuTK/0ayYDMTw=="
export SHARED_HOME="false"
#export CEPH_SRV_NAMES="augustine dana douglas gilbert"
#export CEPHIP_augustine="10.254.1.1"
#export CEPHIP_dana="10.254.1.2"
#export CEPHIP_douglas="10.254.1.3"
#export CEPHIP_gilbert="10.254.1.4"
#export CEPH_SECRET="AQBC1MVdUl2HIBAAPT+BP6pOImuTK/0ayYDMTw=="
#export SHARED_HOME="false"
# NFS
export NFS_MOUNTS="data"
export MOUNTSERV_data="10.254.1.1:/data"
export MOUNTPOINT_data="/data"
# SSH
export SSHD_PERMITROOT_RANGE="10.254.1.0/24"
# Check MK
export MK_VERSION="2.0.0p20-1"
export MK_URL="https://cmk.mixart-myrys.org/cmk/check_mk/agents/check-mk-agent_${MK_VERSION}_all.deb"
export MK_SERVER_IP="10.254.1.65"
export MK_VERSION="2.2.0p21-1"
export MK_URL="http://192.168.1.201/check_mk/check_mk/agents/check-mk-agent_${MK_VERSION}_all.deb"
export MK_SERVER_IP="192.168.1.201"
# Syslog
export SYSLOG_SRV="syslog.$REALM"

12
conf/includes/pkgsel.base.conf.sh
View File

@@ -1,19 +1,19 @@
# List of package to install - Minimal server
# Packages to remove after installation
export PKGS_RMLIST="apparmor laptop-detect resolvconf snapd xauth wamerican chafa"
export PKGS_RMLIST="apparmor laptop-detect resolvconf snapd wamerican chafa"
# Packages where installation is forbidden
export PKGS_BLACKLIST="apparmor resolvconf chafa snapd"
# Base
export PKGS_BASE="debconf-utils debhelper deborphan ethtool cpufrequtils \
hwinfo lm-sensors libatasmart-bin lsscsi pciutils vim emacs-nox \
export PKGS_BASE="debconf-utils debhelper ethtool \
curl hwinfo lm-sensors libatasmart-bin lsscsi pciutils vim emacs-nox \
mailutils htop lsof ltrace strace bash-completion host dnsutils \
sysbench sysstat ifstat iftop iotop mtr-tiny tcpdump mc pbzip2 pigz \
sysstat ifstat iftop iotop mtr-tiny tcpdump mc pbzip2 pigz \
xz-utils zip unzip plzip lzip ftp lftp bc dc dos2unix psmisc udunits-bin \
whois tmux screen debconf-doc dump figlet gawk gpm multitail neofetch nmap \
oping pv whois traceroute rsync tree"
whois tmux screen debconf-doc dump figlet gawk multitail fastfetch nmap \
oping pv traceroute rsync tree git qemu-guest-agent ca-certificates"
# Agregation of the package lists
export PKGSEL="$PKGS_BASE"

4
conf/includes/tetalab.conf.sh
View File

@@ -6,8 +6,8 @@ export REALM="tetalab.local"
export NTP_SERVERS="ntp1.$REALM"
# Upgrade_dist variables
#export PROXYAPT="acng.$REALM"
#export PROXYAPTPORT="3142"
export PROXYAPT="acng.$REALM"
export PROXYAPTPORT="3142"
# Authnz variables
export DEFAULT_SHELL="/bin/bash"

66
conf/mixart-myrys.org/amak.conf.sh Normal file
View File

@@ -0,0 +1,66 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
IPV4_IFACES="eth0 eth1"
NET4_MODE_eth0="static"
NET4_IP_eth0="10.254.1.250/24"
NET4_MODE_eth1="static"
NET4_IP_eth1="10.0.254.250/16"
NET4_GW_eth1="10.0.254.254"
NET4_NS_eth1="10.0.254.250"
NET4_NS_SEARCH_eth1=$REALM
#IPV6_IFACES="eth0"
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8085:6b01::a/64"
NET6_GW_eth0="2a03:7220:8085:6b01::1"
NET6_NS_eth0="2a03:7220:8085:6b01::a"
NET6_NS_SEARCH_eth0=$REALM
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile \
conf_syslog conf_network"

48
conf/mixart-myrys.org/amukta.conf.sh Normal file
View File

@@ -0,0 +1,48 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=yes
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

48
conf/mixart-myrys.org/augustine.conf.sh Normal file
View File

@@ -0,0 +1,48 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=yes
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

48
conf/mixart-myrys.org/carlisle.conf.sh Normal file
View File

@@ -0,0 +1,48 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=yes
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

48
conf/mixart-myrys.org/dana.conf.sh Normal file
View File

@@ -0,0 +1,48 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=yes
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

47
conf/mixart-myrys.org/fuji.conf.sh Normal file
View File

@@ -0,0 +1,47 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
#Network conf managed by proxmox
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
PKGS_RMLIST=""
PKGS_BLACKLIST=""
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_locale conf_ssh \
conf_mail install_pkg install_profile" #patch_snmp install_mkagent \
#conf_syslog conf_network"

48
conf/mixart-myrys.org/gilbert.conf.sh Normal file
View File

@@ -0,0 +1,48 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=yes
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

0
conf/kanaga.conf.sh → conf/mixart-myrys.org/kanaga.conf.sh
View File

48
conf/mixart-myrys.org/katmai.conf.sh Normal file
View File

@@ -0,0 +1,48 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=yes
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

48
conf/mixart-myrys.org/kiska.conf.sh Normal file
View File

@@ -0,0 +1,48 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=yes
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

62
conf/mixart-myrys.org/kronotsky.conf.sh Normal file
View File

@@ -0,0 +1,62 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Users to create, add or remove
#REMOVE_USERS=fatal
# Network
IPV4_IFACES="eth0 eth1"
NET4_MODE_eth0="static"
NET4_IP_eth0="10.254.1.20/24"
NET4_MODE_eth1="static"
NET4_IP_eth1="10.0.254.20/16"
NET4_GW_eth1="10.0.254.254"
NET4_NS_eth1="10.0.254.250"
NET4_NS_SEARCH_eth1=$REALM
#IPV6_IFACES="eth0"
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8085:6b01::a/64"
NET6_GW_eth0="2a03:7220:8085:6b01::1"
NET6_NS_eth0="2a03:7220:8085:6b01::a"
NET6_NS_SEARCH_eth0=$REALM
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh conf_syslog \
install_pkg install_profile conf_network conf_nfs"

48
conf/mixart-myrys.org/mageik.conf.sh Normal file
View File

@@ -0,0 +1,48 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=yes
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

48
conf/mixart-myrys.org/okmok.conf.sh Normal file
View File

@@ -0,0 +1,48 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=yes
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

64
conf/mixart-myrys.org/ontake.conf.sh Normal file
View File

@@ -0,0 +1,64 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
IPV4_IFACES="eth0 eth1"
NET4_MODE_eth0="static"
NET4_IP_eth0="10.254.1.20/24"
NET4_MODE_eth1="static"
NET4_IP_eth1="10.0.254.20/16"
NET4_GW_eth1="10.0.254.254"
NET4_NS_eth1="10.0.254.250"
NET4_NS_SEARCH_eth1=$REALM
#IPV6_IFACES="eth0"
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8085:6b01::a/64"
NET6_GW_eth0="2a03:7220:8085:6b01::1"
NET6_NS_eth0="2a03:7220:8085:6b01::a"
NET6_NS_SEARCH_eth0=$REALM
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh conf_syslog \
conf_mail install_pkg install_profile conf_network conf_nfs"
#patch_snmp install_mkagent \

67
conf/mixart-myrys.org/seguam.conf.sh Normal file
View File

@@ -0,0 +1,67 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
IPV4_IFACES="eth0 eth1"
NET4_MODE_eth0="static"
NET4_IP_eth0="10.254.1.240/24"
NET4_MODE_eth1="static"
NET4_IP_eth1="10.0.254.240/16"
NET4_GW_eth1="10.0.254.254"
NET4_NS_eth1="10.0.254.250"
NET4_NS_SEARCH_eth1=$REALM
#IPV6_IFACES="eth0"
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8085:6b01::a/64"
NET6_GW_eth0="2a03:7220:8085:6b01::1"
NET6_NS_eth0="2a03:7220:8085:6b01::a"
NET6_NS_SEARCH_eth0=$REALM
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh conf_syslog \
conf_mail install_pkg install_profile conf_network conf_nfs"
#patch_snmp install_mkagent \

48
conf/mixart-myrys.org/segula.conf.sh Normal file
View File

@@ -0,0 +1,48 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=yes
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile patch_snmp install_mkagent \
conf_syslog conf_network"

66
conf/mixart-myrys.org/spurr.conf.sh Normal file
View File

@@ -0,0 +1,66 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
IPV4_IFACES="eth0 eth1"
NET4_MODE_eth0="static"
NET4_IP_eth0="10.254.1.100/24"
NET4_MODE_eth1="static"
NET4_IP_eth1="10.0.254.100/16"
NET4_GW_eth1="10.0.254.254"
NET4_NS_eth1="10.0.254.250"
NET4_NS_SEARCH_eth1=$REALM
#IPV6_IFACES="eth0"
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8085:6b01::a/64"
NET6_GW_eth0="2a03:7220:8085:6b01::1"
NET6_NS_eth0="2a03:7220:8085:6b01::a"
NET6_NS_SEARCH_eth0=$REALM
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile conf_nfs"
#conf_syslog conf_network"

66
conf/mixart-myrys.org/trident.conf.sh Normal file
View File

@@ -0,0 +1,66 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres geoffray-levasseur.org
. $MYPATH/conf/includes/mam.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Pilotes X11 non libre à installer ?
#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11"
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Users to create, add or remove
REMOVE_USERS=fatal
# Network
IPV4_IFACES="eth0 eth1"
NET4_MODE_eth0="static"
NET4_IP_eth0="10.254.1.70/24"
NET4_MODE_eth1="static"
NET4_IP_eth1="10.0.254.70/16"
NET4_GW_eth1="10.0.254.254"
NET4_NS_eth1="10.0.254.250"
NET4_NS_SEARCH_eth1=$REALM
#IPV6_IFACES="eth0"
NET6_MODE_eth0="static"
NET6_IP_eth0="2a03:7220:8085:6b01::a/64"
NET6_GW_eth0="2a03:7220:8085:6b01::1"
NET6_NS_eth0="2a03:7220:8085:6b01::a"
NET6_NS_SEARCH_eth0=$REALM
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale conf_ssh \
conf_mail install_pkg install_profile \
conf_syslog conf_network"

46
conf/pcp-e3s.conf.sh Normal file
View File

@@ -0,0 +1,46 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les paramètres pour le lan E-3S
. $MYPATH/conf/includes/e3s.conf.sh
# Importe la sélection de paquets par défaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Network
IPV4_IFACES="ens192"
NET4_MODE_ens192="dhcp"
IPV6_IFACES=""
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL"
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist conf_locale conf_ssh \
install_pkg install_profile"

0
conf/croscat.conf.sh → conf/tetalab.local/croscat.conf.sh
View File

0
conf/etna.conf.sh → conf/tetalab.local/etna.conf.sh
View File

0
conf/ischia.conf.sh → conf/tetalab.local/ischia.conf.sh
View File

0
conf/kos.conf.sh → conf/tetalab.local/kos.conf.sh
View File

0
conf/milos.conf.sh → conf/tetalab.local/milos.conf.sh
View File

44
conf/tetalab.local/nisyros.conf.sh Normal file
View File

@@ -0,0 +1,44 @@
# Fichier de configuration principal
# ------------------------------------------------------------------------------
# -------------------- Importation de paramêtres globaux -----------------------
# ------------------------------------------------------------------------------
# Importe les parametres tetalab.local
. $MYPATH/conf/includes/tetalab.conf.sh
# Importe la selection de paquets par defaut
. $MYPATH/conf/includes/pkgsel.base.conf.sh
# Les paramètres précédemment importés sont surchargeable après cette ligne
# ------------------------------------------------------------------------------
# ------------------------------ General Section -------------------------------
# ------------------------------------------------------------------------------
# User of the machine (must exists)
MAINUSER=root
# Authentication: use LDAP+Kerberos ?
WITH_LDAP_KERB=no
# Users to create, add or remove
REMOVE_USERS=fatal
# Mode d'installation :
# * dev : installe les paquets un par un avec apt (lent)
# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide)
INTALL_MODE=full
# Paquets additionnels
PKGSEL="$PKGSEL nfs-kernel-server"
PKGS_RMLIST=""
PKGS_BLACKLIST=""
# ------------------------------------------------------------------------------
# -------------------------- Section modules d'init ----------------------------
# ------------------------------------------------------------------------------
# Liste des modules à executer (surchargeable en ligne de commande)
MODULE_LIST="conf_ntp upgrade_dist authnz conf_locale \
install_pkg install_profile patch_snmp"

0
conf/santorini.conf.sh → conf/tetalab.local/santorini.conf.sh
View File

0
conf/stromboli.conf.sh → conf/tetalab.local/stromboli.conf.sh
View File

0
conf/vesuvius.conf.sh → conf/tetalab.local/vesuvius.conf.sh
View File

1
conf/tetamix.local Symbolic link
View File

@@ -0,0 +1 @@
/share/services/scripts/init.sh/conf/mixart-myrys.org

151
init.sh
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env bash
# ------------------------------------------------------------------------------
# Init.sh: initialise a computer and conform it
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2025 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -36,17 +36,20 @@ export LC_ALL=C
export LANG=C
# Version of init
export VERSION="0.99.18"
export VERSION="0.99.24"
# Store script's path (realpath -s resolve symlinks if init.sh is a symlink)
export MYPATH=$(dirname $(realpath -s $0))
export MYPATH=$(dirname "$(realpath -s "$0")")
# Get hostname
export HOSTNAME=$(hostname)
# Get realm or domain name
export REALM=${REALM:-$(hostname -d)}
# Load libraries
for lib in $MYPATH/lib/*.sh; do
. $lib
. "$lib"
done
unset lib
@@ -65,7 +68,7 @@ function_exists prnt || (
# ==== Main Program ====
# ======================
# Set system dependent vars (OS, distro and version)
# Set system dependent vars (arch, OS, distro and version)
set_sys_vars $(uname -m) $(get_os_version)
# Initializing global variables
@@ -84,22 +87,22 @@ check_root
# ------------------------------------------------------------------------------
# Logfile variable treatment -- cannot be a function
if [[ -n $NEW_LOGFILE ]]; then
export LOGFILE=$NEW_LOGFILE
if [[ -n "$NEW_LOGFILE" ]]; then
export LOGFILE="$NEW_LOGFILE"
else
export LOGFILE=${LOGFILE:-"$MYPATH/log/init-$(uname -n)-$(stdtime).log"}
fi
prnt I "Creating log files welcoming directory..."
if [[ ! -d $(dirname $LOGFILE) ]]; then
mkdir -pv $(dirname $LOGFILE)
if [[ ! -d $(dirname "$LOGFILE") ]]; then
mkdir -pv $(dirname "$LOGFILE")
fi
# Log all outputs to the logfile
exec 3>&1 4>&2
trap 'exec 2>&4 1>&3' 0 1 2 3
exec > >(tee -a $LOGFILE)
exec 2> >(tee -a $LOGFILE >&2)
exec > >(tee -a "$LOGFILE")
exec 2> >(tee -a "$LOGFILE" >&2)
prnt I "Starting init.sh version $VERSION."
prnt I "The log file is $LOGFILE."
if [[ -n $SYS_CODE ]]; then
@@ -113,7 +116,7 @@ fi
separator
if [[ -n $CHROOT_PATH && -z $CHROOT_DONE ]]; then
if [[ -n "$CHROOT_PATH" && -z $CHROOT_DONE ]]; then
chroot_bootstrap $@
prnt I "Normal end of chrooted execution!"
exit 0
@@ -129,11 +132,6 @@ process_commandline_and_vars
set_system_proxy
# Reinit stage file if no resuming
if [[ $RESUME != true ]] && [[ -f $STAGE_FILE ]]; then
rm -f $STAGE_FILE
fi
# Loading activated modules
for mod in $MODULE_LIST; do
. modules/$mod.sh
@@ -144,7 +142,7 @@ separator
if [[ $RUN_SHELL == true ]]; then
prnt I "Launching an interactive shell..."
bash --rcfile $MYPATH/bash.rc -i
bash --rcfile "$MYPATH/bash.rc" -i
prnt I "Script execution terminated after interactive shell execution."
exit 0
fi
@@ -152,12 +150,12 @@ fi
# If cron mode, run cron tasks then exit
if [[ $CRON_MODE == true ]]; then
for mod in $MODULE_LIST; do
if [[ $(function_exists cron_$mod) ]]; then
prnt I "Running cron task for module $mod ..."
cron_$mod
else
prnt I "No cron task for module $mod."
fi
if [[ $(function_exists cron_$mod) ]]; then
prnt I "Running cron task for module $mod ..."
cron_$mod
else
prnt I "No cron task for module $mod."
fi
done
prnt I "All cron executed successfully!"
exit 0
@@ -170,42 +168,42 @@ if ! command -v wget &> /dev/null; then
fi
# Run prechecks
if [[ JUMP != true ]]; then
tmpfile=$(mktemp /tmp/init-XXXXXX)
if [[ $JUMP != true ]]; then
tmpfile="$(mktemp /tmp/init-XXXXXX)"
if [[ -n $MANUAL_MODULE_LIST ]]; then
prnt W "Dependency checks are deactivated with a manual module list."
prnt W "Dependency checks are deactivated with a manual module list."
fi
if [[ $NO_DEPS == true ]]; then
prnt W "Dependency checks have been deactivated manually."
prnt W "Dependency checks have been deactivated manually."
fi
if [[ $RESUME == true ]]; then
cat $STAGE_FILE >> $tmpfile
cat "$STAGE_FILE" >> $tmpfile
fi
for mod in $MODULE_LIST; do
version=VER_$mod
if [[ $RESUME == true ]] && [[ $(grep $mod $STAGE_FILE) ]]; then
prnt I "Checks previously executed for $mod version ${!version}."
continue
fi
prnt I "Running initial checks for $mod version ${!version}..."
if [[ -z $MANUAL_MODULE_LIST && $NO_DEPS != true ]]; then
deps=DEP_$mod
for dep in ${!deps}; do
if [[ ! $(grep $dep $tmpfile) ]]; then
prnt E "Module $mod have unsatisfied dependencies or is executed too early."
prnt E " * $dep must be executed before $mod, please check your module list."
die 9
fi
done
unset deps
fi
# We run in a subshell to protect main environment
(
precheck_$mod
)
echo $mod >> $tmpfile
version=VER_$mod
if [[ $RESUME == true ]] && [[ $(grep $mod "$STAGE_FILE") ]]; then
prnt I "Checks previously executed for $mod version ${!version}."
continue
fi
prnt I "Running initial checks for $mod version ${!version}..."
if [[ -z $MANUAL_MODULE_LIST && $NO_DEPS != true ]]; then
deps=DEP_$mod
for dep in ${!deps}; do
if [[ ! $(grep $dep "$tmpfile") ]]; then
prnt E "Module $mod have unsatisfied dependencies or is executed too early."
prnt E " * $dep must be executed before $mod, please check your module list."
die 9
fi
done
unset deps
fi
# We run in a subshell to protect main environment
(
precheck_$mod
)
echo $mod >> "$tmpfile"
done
rm -f $tmpfile
rm -f "$tmpfile"
unset mod
fi
@@ -237,25 +235,30 @@ read -n 1 -rsp $"Press <C> key to continue or an other one to stop now..." key &
echo && separator && echo
if [[ $key == "C" || $key == 'c' ]]; then
# Reinit stage file if no resuming
if [[ $RESUME != true ]] && [[ -f $STAGE_FILE ]]; then
rm -f "$STAGE_FILE"
fi
# We launch modules one after one
for mod in $MODULE_LIST; do
if [[ $RESUME == true ]] && [[ $(grep $mod $STAGE_FILE) ]]; then
continue
fi
# We need this only if JUMP is set but doesn't matter if it's done again
version=VER_$mod
prnt I "Applying changes for $mod version ${!version}..."
# Yet again, executed in a subshell
(
export REBOOT_NEEDED=false
$mod
if [[ $REBOOT_NEEDED == true ]]; then
echo "$mod reboot" >> $STAGE_FILE # Mark as done for resuming
else
echo $mod >> $STAGE_FILE # Mark as done for resuming function
fi
)
separator
if [[ $RESUME == true ]] && [[ $(grep $mod "$STAGE_FILE") ]]; then
continue
fi
# We need this only if JUMP is set but doesn't matter if it's done again
version=VER_$mod
prnt I "Applying changes for $mod version ${!version}..."
# Yet again, executed in a subshell
(
export REBOOT_NEEDED=false
$mod
if [[ $REBOOT_NEEDED == true ]]; then
echo "$mod reboot" >> "$STAGE_FILE" # Mark as done for resuming
else
echo "$mod" >> "$STAGE_FILE" # Mark as done for resuming function
fi
)
separator
done
unset mod
else
@@ -265,15 +268,15 @@ fi
prnt I "That's all folks !"
echo
if [[ -s $STAGE_FILE && $(grep " reboot" $STAGE_FILE) ]]; then
if [[ -s "$STAGE_FILE" && $(grep " reboot" "$STAGE_FILE") ]]; then
prnt W "A reboot is required to apply some changes by the following packages:"
prnt m " * $(grep ' reboot' $STAGE_FILE | \
sed 's/ reboot//' | \
sed ':a' -e 'N' -e '$!ba' -e 's/\n/ /g')"
prnt m " * $(grep ' reboot' "$STAGE_FILE" | \
sed 's/ reboot//' | \
sed ':a' -e 'N' -e '$!ba' -e 's/\n/ /g')"
prnt I "Please reboot now or as soon as possible!"
echo
fi
rm -f $STAGEFILE
rm -f "$STAGE_FILE"
exit 0
# EOF

27
lib/aaa_errors.sh
View File

@@ -1,13 +1,14 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Error management functions
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
# https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Exit with error
@@ -29,9 +30,10 @@ function die()
unset errorcode
# Put the trigger back (only executed with --keepgoing)
trap "error ${LINENO}" ERR
trap 'error ${LINENO}' ERR
}
export -f die
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -41,8 +43,10 @@ function terminate()
prnt E "$1 recieved, exiting at once."
die 128 --force
}
export -f terminate
trap "terminate 'Ctrl + C'" SIGINT
trap "terminate 'SIGTERM'" SIGTERM
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -64,8 +68,10 @@ function error()
fi
unset parent_lineno message code
}
export -f error
# Trigger error function on error
trap "error ${LINENO}; backtrace; err_exit" ERR
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -73,12 +79,14 @@ trap "error ${LINENO}; backtrace; err_exit" ERR
function err_exit
{
if [[ $KEEPGOING != true ]]; then
if [[ -f $tmpfile ]]; then
rm -f $tmpfile
if [[ -f "$tmpfile" ]]; then
rm -f "$tmpfile"
fi
exit 255
fi
}
export -f err_exit
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -94,11 +102,14 @@ function backtrace
printf '%15s() %s:%d\n' \
"$func" "${BASH_SOURCE[$i]}" "${BASH_LINENO[ (( $i - 1)) ]}"
fi
let i++ || true
(( i++ )) || true
done
unset func i
echo "=============================="
}
export -f backtrace
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -120,10 +131,11 @@ noerror()
fi
echo $?
trap "error ${LINENO}" ERR
trap 'error ${LINENO}' ERR
set -o errexit
}
export -f noerror
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -139,5 +151,6 @@ check_root()
fi
}
export -f check_root
# ------------------------------------------------------------------------------
# EOF

23
lib/chroot.sh
View File

@@ -1,7 +1,8 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Chroot system functions
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -13,34 +14,38 @@
# If chrooted, we need to bootstrap to a new copy of our directory tree
chroot_bootstrap()
{
if [[ ! -d $CHROOT_PATH ]]; then
if [[ ! -d "$CHROOT_PATH" ]]; then
prnt E "The path given to chroot don't exists."
die 14
fi
if [[ ! -d $CHROOT_PATH/tmp ]]; then
if [[ ! -d "$CHROOT_PATH/tmp" ]]; then
prnt E "The target filesystem doesn't seems to be a valid installation."
die 15
fi
local tmpdir=$(mktemp -d $CHROOT_PATH/tmp/init.sh-XXXX)
local tmpdir=$(mktemp -d "$CHROOT_PATH/tmp/init.sh-XXXX")
local bootstrap_items="conf lib modules repo bash.rc init.sh prepost.d"
if [[ $RESUME == true ]]; then
bootstrap_items="$bootstrap_items $STAGE_FILE"
fi
prnt I "Preparing root change."
cp -av $bootstrap_items $tmpdir
cp -av $bootstrap_items "$tmpdir"
prnt I "Changing root and starting a fork of init.sh..."
chroot $CHROOT_PATH /bin/bash -c 'CHROOT_DONE=true; $tmpdir/init.sh $@'
# on the following line, true allows to correctly exit in case of error since
# errors are managed by the chrooted environment
chroot "$CHROOT_PATH" /bin/bash -c 'CHROOT_DONE=true; "$tmpdir/init.sh" "$@"' || true
# If stage file still exists we copy it to be able to resume later
if [[ -e $tmpdir/$(basename $STAGE_FILE) ]]; then
cp $tmpdir/$(basename $STAGE_FILE) $STAGE_FILE
if [[ -e "$tmpdir/$(basename "$STAGE_FILE")" ]]; then
cp "$tmpdir/$(basename "$STAGE_FILE")" "$STAGE_FILE"
fi
prnt I "Back to host system and clean up."
rm -rf $tmpdir
rm -rf "$tmpdir"
}
export -f chroot_bootstrap
# ------------------------------------------------------------------------------
# EOF

306
lib/command_line.sh
View File

@@ -1,7 +1,8 @@
#!/bin/env bash
# ------------------------------------------------------------------------------
# Main program functions
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -14,135 +15,120 @@
# errors with immediate exit.
read_commandline()
{
syntax_error()
{
prnt E "Error while analysing command line parameters."
die 1 --force
}
# Processing command line options
local want_module=false
local want_logfile=false
local want_conffile=false
local want_chroot=false
local opt=
for opt in $@; do
case $opt in
"-h"|"--help")
disp_help
exit 0
;;
"-v"|"--version")
show_version
exit 0
;;
"-m"|"--module")
local want_module=true
;;
"-c"|"--check-only")
export CHECK_ONLY=true
;;
"-j"|"--jump")
export JUMP=true
;;
"-k"|"--keep-going")
export KEEPGOING=true
;;
"-r"|"--resume")
if [[ -s $STAGE_FILE ]]; then
export RESUME=true
else
prnt E "The status file doesn't exists or is empty!"
prnt E "Without it, resuming is impossible."
die 17 --force
local params=''
params=$(getopt -n init.sh -o hvm:cjkrRDoPl:f:s \
--long help,version,module:,check-only,jump,keep-going,resume,no-root-check,no-deps,offline,no-proxy,logfile:,file:,shell,chroot,cron \
-- "$@")
eval set -- "$params"
while true; do
case $1 in
"-h"|"--help")
disp_help
shift
exit 0
;;
"-v"|"--version")
show_version
shift
exit 0
;;
"-m"|"--module")
if [[ -z $MANUAL_MODULE_LIST ]]; then
export MANUAL_MODULE_LIST="$2"
else
prnt E "A module list have already been given!"
prnt E "Commande line only tolerate one --module parameter."
die 1 --force
fi
shift 2
;;
"-c"|"--check-only")
export CHECK_ONLY=true
shift
;;
"-j"|"--jump")
export JUMP=true
shift
;;
"-k"|"--keep-going")
export KEEPGOING=true
shift
;;
"-r"|"--resume")
if [[ -s $STAGE_FILE ]]; then
export RESUME=true
else
prnt E "The status file doesn't exists or is empty!"
prnt E "Without it, resuming is impossible."
die 17 --force
fi
shift
;;
"-R"|"--no-root-check")
export NO_ROOT_CHECK=true
shift
;;
"-D"|"--no-deps")
export NO_DEPS=true
shift
;;
"-o"|"--offline")
export OFFLINE=true
shift
;;
"-P"|"--no-proxy")
export NO_PROXY=true
shift
;;
"-l"|"--logfile")
if [[ -z $NEW_LOGFILE ]]; then
export NEW_LOGFILE=$2
else
prnt E "Impossible to specify several log files."
die 1 --force
fi
shift 2
;;
"-f"|"--file")
export CONFFILES="$CONFFILES $2"
shift 2
;;
"-s"|"--shell")
export RUN_SHELL=true
shift
;;
"--chroot")
if [[ -z $CHROOT_PATH ]]; then
export CHROOT_PATH=$2
else
prnt E "A chroot path have already been given."
die 1 --force
fi
shift 2
;;
"--cron")
export CRON_MODE=true
shift
;;
--)
shift
break
;;
*)
if [[ -n $1 ]]; then
prnt E "Unknow parameter \"$1\" !"
die 1
fi
;;
"-R"|"--no-root-check")
export NO_ROOT_CHECK=true
;;
"-D"|"--no-deps")
export NO_DEPS=true
;;
"-o"|"--offline")
export OFFLINE=true
;;
"-P"|"--no-proxy")
export NO_PROXY=true
;;
"-l"|"--logfile")
local want_logfile=true
;;
"-f"|"--file")
local want_conffile=true
;;
"-s"|"--shell")
export RUN_SHELL=true
;;
"--chroot")
local want_chroot=true
;;
"--cron")
export CRON_MODE=true
;;
*)
if [[ $want_module == true ]]; then
[[ $want_logfile == true ]] && synthax_error
[[ $want_conffile == true ]] && synthax_error
[[ $want_chroot == true ]] && synthax_error
if [[ -z $MANUAL_MODULE_LIST ]]; then
export MANUAL_MODULE_LIST=$opt
want_module=false
else
prnt E "A module list have already been given!"
prnt E "Commande line only tolerate one --module parameter."
die 1 --force
fi
elif [[ $want_logfile == true ]]; then
[[ $want_module == true ]] && synthax_error
[[ $want_conffile == true ]] && synthax_error
[[ $want_chroot == true ]] && synthax_error
if [[ -z $NEW_LOGFILE ]]; then
export NEW_LOGFILE=$opt
want_logfile=false
else
prnt E "Impossible to specify several log files."
die 1 --force
fi
elif [[ $want_conffile == true ]]; then
[[ $want_module == true ]] && synthax_error
[[ $want_logfile == true ]] && synthax_error
[[ $want_chroot == true ]] && synthax_error
export CONFFILES="$CONFFILES $opt"
want_logfile=false
elif [[ $want_chroot == true ]]; then
[[ $want_module == true ]] && synthax_error
[[ $want_logfile == true ]] && synthax_error
[[ $want_conffile == true ]] && synthax_error
if [[ -z $CHROOT_PATH ]]; then
export CHROOT_PATH=$opt
want_chroot=false
else
prnt E "A chroot path have already been given."
die 1 --force
fi
else
prnt E "Unknow parameter \"$opt\"."
die 1 --force
fi
;;
esac
break
;;
esac
done
unset opt
# If those var are true at that point, something is wrong
if [[ $want_logfile == true ]] || [[ $want_module == true ]] ||
[[ $want_conffile == true ]] || [[ $want_chroot == true ]]; then
syntax_error
fi
unset want_conffile want_logfile want_module
}
export -f read_commandline
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -151,56 +137,58 @@ process_commandline_and_vars()
{
# Check unconsistant parameters
if [[ $CHECK_ONLY == true ]]; then
if [[ $JUMP == true ]]; then
prnt E "The options --check-only and --jump are mutually exclusive!"
die 1 --force
fi
if [[ $KEEPGOING == true ]]; then
prnt E "The options --keep-going and --check-only are not compatible!"
die 1 --force
fi
if [[ $JUMP == true ]]; then
prnt E "The options --check-only and --jump are mutually exclusive!"
die 1 --force
fi
if [[ $KEEPGOING == true ]]; then
prnt E "The options --keep-going and --check-only are not compatible!"
die 1 --force
fi
fi
if [[ $RESUME == true ]]; then
if [[ $CHECK_ONLY == true ]]; then
prnt E "Resuming doesn't make sense with --check-only."
die 1 --force
fi
if [[ $MANUAL_MODULE_LIST ]]; then
prnt E "Recovery mode can't work with a manual module list."
die 1 --force
fi
if [[ $CHECK_ONLY == true ]]; then
prnt E "Resuming doesn't make sense with --check-only."
die 1 --force
fi
if [[ -n $MANUAL_MODULE_LIST ]]; then
prnt E "Resume mode can't work with a manual module list."
die 1 --force
fi
fi
if [[ $CRON_MODE == true ]]; then
if [[ $CHECK_ONLY == true || $JUMP == true ]]; then
prnt E "Some parameters are incompatible with cron mode."
die 16 --force
fi
if [[ $CHECK_ONLY == true || $JUMP == true ]]; then
prnt E "Some parameters are incompatible with cron mode."
die 16 --force
fi
fi
# Configure module list
if [[ -n $MANUAL_MODULE_LIST ]]; then
prnt W "A manual module list will be used."
export MODULE_LIST=$(echo $MANUAL_MODULE_LIST | sed "s/,/ /g")
prnt W "A manual module list will be used:"
export MODULE_LIST=${MANUAL_MODULE_LIST//,/ }
prnt m " * $MODULE_LIST"
fi
# Check for module list existance and basic syntax
# Check for module list exis<tance and basic syntax
if [[ -n $MODULE_LIST ]]; then
for mod in $MODULE_LIST; do
if [[ $mod =~ ['-!@#$%\&*=+'] ]]; then
prnt E "The module \"$mod\" contains a forbidden character in its name."
die 5
fi
if [[ ! -s "modules/$mod.sh" ]]; then
prnt E "The asked module \"$mod\", doesn't have any module file or module file is empty."
die 18
fi
done
else
prnt E "No module to execute!"
die 5
for mod in $MODULE_LIST; do
if [[ $mod =~ ['-!@#$%\&*=+'] ]]; then
prnt E "The module \"$mod\" contains a forbidden character in its name."
die 5
fi
if [[ ! -s "modules/$mod.sh" ]]; then
prnt E "The asked module \"$mod\", doesn't have any module file or module file is empty."
die 18
fi
done
elif [[ $RUN_SHELL != "true" ]]; then
prnt E "No module to execute!"
die 5
fi
}
export -f process_commandline_and_vars
# ------------------------------------------------------------------------------
# EOF

157
lib/diskman.sh
View File

@@ -1,7 +1,8 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Disks and partitions manipulation function
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -14,26 +15,27 @@
blank_disk()
{
if [[ -b /dev/$1 ]]; then
prnt I "Wipping $1 drive signature (a backup is made in /root)..."
wipefs --force --all --backup /dev/$1
prnt I "Filling beginning of $1 drive with zeroes..."
if [[ $2 == "--full" ]]; then
# If full we display progress as it might take a very long time
# Need true to avoid error as the last byte will generate a disk
# full error
dd if="/dev/zero" of="$1" bs="512" status=progress || true
else
dd if="/dev/zero" of="$1" bs="512" count="1024"
fi
prnt I "Wipping $1 drive signature (a backup is made in /root)..."
wipefs --force --all --backup /dev/$1
prnt I "Filling beginning of $1 drive with zeroes..."
if [[ $2 == "--full" ]]; then
# If full we display progress as it might take a very long time
# Need true to avoid error as the last byte will generate a disk
# full error
dd if="/dev/zero" of="$1" bs="512" status=progress || true
else
dd if="/dev/zero" of="$1" bs="512" count="1024"
fi
# Update kernel partition scheme
partprobe
# Update kernel partition scheme
partprobe
else
prnt E "The /dev/$1 file is not a bloc device!"
die 19
prnt E "The /dev/$1 file is not a bloc device!"
die 19
fi
}
export -f blank_disk
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -44,19 +46,20 @@ export -f blank_disk
is_blank()
{
if [[ -b /dev/$1 ]]; then
# That technique is fast but might not be relayable enough if we are on
# exotic data structure or filesystem...
local devstat=$(file /dev/$1 | sed "s@/dev/$1: @@")
if [[ $devstat == 'data' ]]; then
return 0
else
return 1
fi
# That technique is fast but might not be relayable enough if we are on
# exotic data structure or filesystem...
local devstat=$(file /dev/$1 | sed "s@/dev/$1: @@")
if [[ $devstat == 'data' ]]; then
return 0
else
return 1
fi
else
return 2
return 2
fi
}
export -f is_blank
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -65,45 +68,48 @@ export -f is_blank
# Partition size like 10G for 10 GiB, 600M for 600 MiB and so on... Without unit
# it will use a number of cylinder. 0 will stand for all remaining size.
# If no partition size is provided we create a single whole disk partition.
# TODO: support extended partition for DOS type, add error if trying to create
# more than 4 primary partitions
mkparts()
{
local device=$1 && shit
if [[ $1 == "gtp" || $1 == "dos" ]]; then
local parttype=$1 && shift
local parttype=$1 && shift
else
# Default is GPT
local parttype="gpt"
# Default is GPT
local parttype="gpt"
fi
if [[ $(is_blank $device) ]]; then
prnt I "Creating a new ${parttype^^} partition table on $device..."
sfdisk -label /dev/$device $parttype
prnt I "Creating a new partition scheme on /dev/$1..."
local tmpfile=$(mktemp sfd.XXXX)
if [[ -n $1 ]]; then
# For each given size we make a partition
for $part in $@; do
# If size is zero we interpret it as all available space
if [[ $part == 0 ]]; then
echo ",,L" >> $tmpfile
else
echo ",$part,L" >> $tmpfile
fi
done
else
echo ",,L" >> $tmpfile
fi
echo "write" >> $tmpfile
sfdisk "/dev/$device" < $tmpfile
rm $tmpfile
unset tmpfile
prnt I "Creating a new ${parttype^^} partition table on $device..."
sfdisk -label /dev/$device $parttype
prnt I "Creating a new partition scheme on /dev/$1..."
local tmpfile=$(mktemp sfd.XXXX)
if [[ -n $1 ]]; then
# For each given size we make a partition
for part in $@; do
# If size is zero we interpret it as all available space
if [[ $part == 0 ]]; then
echo ",,L" >> $tmpfile
else
echo ",$part,L" >> $tmpfile
fi
done
else
echo ",,L" >> $tmpfile
fi
echo "write" >> $tmpfile
sfdisk "/dev/$device" < $tmpfile
rm $tmpfile
unset tmpfile
else
prnt E "The $1 block device is not blank, for security we won't proceed!"
die 20
prnt E "The $1 block device is not blank, for security we won't proceed!"
die 20
fi
unset device parttype
}
export -f mkparts
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -111,69 +117,76 @@ export -f mkparts
mkfs_gen()
{
for drv in $@; do
if [[ -b /dev/$drv ]]; then
$mkfstool $MKFSOPT /dev/$drv
else
prnt E "/dev/$drv is not a bloc device!"
die 18
fi
if [[ -b /dev/$drv ]]; then
$mkfstool $MKFSOPT /dev/$drv
else
prnt E "/dev/$drv is not a bloc device!"
die 18
fi
done
}
export -f mkfs_gen
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Format drive using ext4 filesystem, parameters will be a list of block device
mkext4()
{
export mkfstool="mkfs.ext4"
mkfs_gen $@
unset mkfstool
export mkfstool="mkfs.ext4"
mkfs_gen $@
unset mkfstool
}
export -f mkext4
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Format a XFS filesystem...
mkxfs()
{
export mkfstool="mkfs.xfs"
mkfs_gen $@
unset mkfstool
export mkfstool="mkfs.xfs"
mkfs_gen $@
unset mkfstool
}
export -f mkxfs
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# ... NTFS ...
mkntfs()
{
export mkfstool="mkfs.ntfs"
mkfs_gen $@
unset mkfstool
export mkfstool="mkfs.ntfs"
mkfs_gen $@
unset mkfstool
}
export -f mkntfs
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# ... FAT32 ...
mkfat32()
{
export mkfstool="mkfs.vfat"
mkfs_gen $@
unset mkfstool
export mkfstool="mkfs.vfat"
mkfs_gen $@
unset mkfstool
}
export -f mkfat32
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# ... BTRFS ...
mkbtrfs()
{
export mkfstool="mkfs.btrfs"
mkfs_gen $@
unset mkfstool
export mkfstool="mkfs.btrfs"
mkfs_gen $@
unset mkfstool
}
export -f mkbtrfs
# ------------------------------------------------------------------------------
# EOF

39
lib/display.sh
View File

@@ -1,7 +1,8 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Some display functions and defines color codes
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -106,7 +107,7 @@ prnt()
;;
"W")
local heads="[${IYellow}Warning${DEFAULTFG}]"
shift
shift
;;
"E")
local heads="[ ${IRed}ERROR${DEFAULTFG} ]"
@@ -122,6 +123,7 @@ prnt()
unset heads echoopt
}
export -f prnt
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -132,15 +134,16 @@ separator()
local i=0
declare -li length=$(( $(tput cols) - 1 ))
if [[ $length -gt 80 ]]; then
length=$(( $length - (($length - 80) / 2) ))
length=$(( $length - (($length - 80) / 2) ))
fi
for i in $(seq 1 $length); do
echo -n "-"
echo -n "-"
done
echo -e "$DEFAULTCOL"
unset i length
}
export -f separator
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -148,29 +151,19 @@ export -f separator
dsleep()
{
i=$1
while test $i -gt 0
do
if [[ -n $2 ]]; then
echo -n "$2"
else
echo -n " ${i}"
fi
(( i=i-1 ))
sleep 1
while test $i -gt 0; do
if [[ -n $2 ]]; then
echo -n "$2"
else
echo -n " ${i}"
fi
(( i=i-1 ))
sleep 1
done
echo
}
export -f dsleep
# ------------------------------------------------------------------------------
# Dump the keyboard's buffer
dump_key_buffer()
{
while read -r -t 0.001; do
:
done
}
export -f dump_key_buffer
# EOF

138
lib/filefct.sh
View File

@@ -1,7 +1,8 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# File manipulation function
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -10,9 +11,12 @@
# Some useful variables:
export HOST_REPO_PATH=${HOST_REPO_PATH:-"$MYPATH/repo/hosts/$HOSTNAME"}
export GROUP_REPO_PATH=${GROUP_REPO_PATH:-"$MYPATH/repo/groups"}
export COMM_REPO_PATH=${COMM_REPO_PATH:-"$MYPATH/repo/common"}
export HOST_REPO_PATH=${HOST_REPO_PATH:-"$MYPATH/repo/hosts/$HOSTNAME"}
export REALM_REPO_PATH=${REALM_REPO_PATH:-"$MYPATH/repo/realms/$REALM"}
export GROUP_REPO_PATH=${GROUP_REPO_PATH:-"$MYPATH/repo/groups/$GROUPNAME"}
export RLMGRP_REPO_PATH=${RLMGRP_REPO_PATH:-"$MYPATH/repo/realms/$REALM/groups/$GROUPNAME"}
export RLMHST_REPO_PATH=${RLMHST_REPO_PATH:-"$MYPATH/repo/realms/$REALM/hosts/$HOSTNAME"}
export COMM_REPO_PATH=${COMM_REPO_PATH:-"$MYPATH/repo/common"}
# ------------------------------------------------------------------------------
@@ -30,8 +34,8 @@ backup_dist()
local tmstmp=$(stdtime)
if [[ -L ${file} ]]; then
# With symbolik links we call again backup_dist to treat target
prnt I "Following the symbolic link $file to do a proper backup..."
backup_dist $(readlink -f ${file})
prnt I "Following the symbolic link $file to do a proper backup..."
backup_dist $(readlink -f "${file}")
elif [[ -f ${file} ]]; then
prnt I "Creating a backup of ${file} on $tmstmp..."
cp -av $file ${file}.dist.${tmstmp}
@@ -40,10 +44,10 @@ backup_dist()
die 12
fi
elif [[ -d ${file} ]]; then
prnt I "Creation a backup of the directory ${file} on $tmstmp..."
prnt I "Creating a backup of the directory ${file} on $tmstmp..."
cp -av $file ${file}.dist.${tmstmp}
if [[ $? -ne 0 ]]; then
prnt E "backup_dist(): Failed copyind directory recursively."
prnt E "backup_dist(): Failed copying directory recursively."
die 12
fi
else
@@ -54,15 +58,31 @@ backup_dist()
unset file
}
export -f backup_dist
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Select source file according to our priority mechanism
# 1) repo/<realm>/hosts/<hostname>/ => specific hostname in specific realm
# 2) repo/<realm>/groups/<groupname>/ => specific group in specific realm
# 3) repo/hosts/<hostname>/ => specific hostname in any realm
# 4) repo/groups/<groupname>/ => specific group in any realm
# 5) repo/<realm>/ => any hostname in specific realm
# 6) repo/common => any hostname any realm
# Note: if a specific hostname is provided it makes unecessary to find a group.
select_file()
{
local infile=$1
if [[ -f $HOST_REPO_PATH/$infile ]]; then
if [[ -f $RLMHST_REPO_PATH/$infile ]]; then
local source="$RLMHST_REPO_PATH/$infile"
elif [[ -f $RLMGRP_REPO_PATH/$infile ]]; then
local source="$RLMGRP_REPO_PATH/$infile"
elif [[ -f $HOST_REPO_PATH/$infile ]]; then
local source="$HOST_REPO_PATH/$infile"
elif [[ -f $GROUP_REPO_PATH/$infile ]]; then
local source="$GROUP_REPO_PATH/$infile"
elif [[ -f $REALM_REPO_PATH/$infile ]]; then
local source="$REALM_REPO_PATH/$infile"
elif [[ -f $COMM_REPO_PATH/$infile ]]; then
local source="$COMM_REPO_PATH/$infile"
else
@@ -74,15 +94,24 @@ select_file()
unset source
}
export -f select_file
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Select source directory according to our priority mechanism
# Select source directory according to our priority mechanism (same as above)
select_directory()
{
local indir=$1
if [[ -d $HOST_REPO_PATH/$indir ]]; then
if [[ -d $RLMHST_REPO_PATH/$indir ]]; then
local source="$RLMHST_REPO_PATH/$indir"
elif [[ -d $RLMGRP_REPO_PATH/$indir ]]; then
local source="$RLMGRP_REPO_PATH/$indir"
elif [[ -d $HOST_REPO_PATH/$indir ]]; then
local source="$HOST_REPO_PATH/$indir"
elif [[ -d $GROUP_REPO_PATH/$indir ]]; then
local source="$GROUP_REPO_PATH/$indir"
elif [[ -d $REALM_REPO_PATH/$indir ]]; then
local source="$REALM_REPO_PATH/$indir"
elif [[ -d $COMM_REPO_PATH/$indir ]]; then
local source="$COMM_REPO_PATH/$indir"
else
@@ -94,6 +123,7 @@ select_directory()
unset source
}
export -f select_directory
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -108,7 +138,7 @@ install_file()
prnt E "install_file(): At least two arguments are required."
die 11
fi
if [[ $(echo $@ | grep "\*\|\?") ]]; then
if [[ -n $(echo $@ | grep "\*\|\?") ]]; then
prnt E "install_file(): Wildcards are not authorized."
die 7
fi
@@ -116,19 +146,16 @@ install_file()
local arg=
for arg in $@; do
filelist="$filelist $(select_file $arg)"
# We always replace until the last argument being the target
target="$arg"
done
unset arg
# Empty to just obtain the target which is the last element of the list
local file=
for file in $filelist; do
:
done
if [[ ! $file == /* ]]; then
if [[ ! $target == /* ]]; then
prnt E "install_file(): Target must be on the root filesystem and full path must be provided."
die 13
fi
unset file
unset target
if [[ -d $(dirname $i) ]]; then
prnt I "Creating required target directory $(dirname $i)..."
@@ -146,20 +173,26 @@ install_file()
fi
}
export -f install_file
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Add the content of a file at the end of an other
append_file()
{
if [[ $# -ne 2 ]]; then
prnt E "append_file(): Two arguments are required, source and destination."
die 11
fi
local srcfile=$(select_file $1)
local dstfile=$2
if [[ -e $dstfile ]]; then
if [[ ! $dstfile == /* ]]; then
prnt E "append_file(): Target must be on the root filesystem and full path must be provided."
die 13
fi
if [[ ! $dstfile == /* ]]; then
prnt E "append_file(): Target file must exist."
if [[ -e $dstfile ]]; then
prnt E "append_file(): Target file must exist (use touch first to create it if required)."
die 13
fi
@@ -171,6 +204,7 @@ append_file()
fi
}
export -f append_file
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -187,59 +221,14 @@ is_dir_empty()
return 0
fi
nbfiles=$(ls -a1 $dir | egrep -v '^.$|^..$' | wc -l)
nbfiles=$(ls -a1 $dir | grep -Evc '^.$|^..$')
if [[ $nbfiles -eq 0 ]]; then
return 0
fi
return 1
}
export -f is_dir_empty
# ------------------------------------------------------------------------------
# copy and patch a file replacing all @var@ by the corresponding value in
# the environment or the variable list given in parameter
patch_file()
{
local srcfile=$(select_file $1) && shift
local dstfile=$1 && shift
local workfile=${dstfile}.work
if [[ ! -s $srcfile ]]; then
prnt E "patch_file(): Source file is empty, is not a file or don't exists!"
die 10
fi
# Create a sub-process, to avoid bash environment pollution
(
local varlist= pattern=
if [[ $# -eq 0 ]] ; then
pattern="-e s/<\(.*\)>/\$\1\$\1/g"
else
local var=
for var in $* ; do
if ! declare -p $var >/dev/null 2>&1 ; then
local $var=$(eval echo \$$var)
fi
export $var
pattern="$pattern -e s/@$var@/\$$var/g"
varlist=$varlist\$$var
done
fi
# sed replace <VAR> with \$$VAR and envsubst do the replace by value
sed $pattern $srcfile | envsubst ${varlist:+"$varlist"} > "$workfile"
)
local -a rights=( $(stat --printf="%a %u %g" "$srcfile") )
unset srcfile
mv "$workfile" "$dstfile"
chmod ${rights[0]} "$dstfile"
chown ${rights[1]}:${rights[2]} "$dstfile"
unset rights dstfile
}
export -f patch_file
# ------------------------------------------------------------------------------
@@ -251,12 +240,12 @@ tag_file()
if [[ -e $f ]]; then
sed -i "1s/^/$text\n/" $f
else
echo $text > $f
sed -i -e "s/modified/generated/" $f
echo $text | sed "s/modified/generated/" > $f
fi
done
}
export -f tag_file
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -272,6 +261,7 @@ file_exists()
return 0
}
export -f file_exists
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -287,6 +277,7 @@ file_must_exists()
unset mf
}
export -f file_must_exists
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -302,6 +293,8 @@ directory_exists()
return 0
}
export -f directory_exists
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# check if file exists and return error if not
@@ -315,7 +308,8 @@ directory_must_exists()
fi
unset md
}
export -f directory_must_exists
# ------------------------------------------------------------------------------
# EOF

118
lib/loaders.sh
View File

@@ -1,7 +1,8 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Loaders for conf and prepost functions
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -24,68 +25,112 @@ load_autoconf()
local prefix="$MYPATH/conf/auto"
if [[ -e $prefix/$SYS_ARCH.conf.sh ]]; then
. $prefix/$SYS_ARCH.conf.sh
. $prefix/$SYS_ARCH.conf.sh
fi
if [[ -e $prefix/$SYS_DIST.conf.sh ]]; then
. $prefix/$SYS_DIST.conf.sh
. $prefix/$SYS_DIST.conf.sh
fi
if [[ -e $prefix/$SYS_DIST-$SYS_ARCH.conf.sh ]]; then
. $prefix/$SYS_DIST-$SYS_ARCH.conf.sh
. $prefix/$SYS_DIST-$SYS_ARCH.conf.sh
fi
if [[ -e $prefix/$SYS_DIST-$SYS_VER.conf.sh ]]; then
. $prefix/$SYS_DIST-$SYS_VER.conf.sh
. $prefix/$SYS_DIST-$SYS_VER.conf.sh
fi
if [[ -n $SYS_CODE && -e $prefix/$SYS_DIST-$SYS_CODE.conf.sh ]]; then
. $prefix/$SYS_DIST-$SYS_CODE.conf.sh
. $prefix/$SYS_DIST-$SYS_CODE.conf.sh
fi
if [[ -e $prefix/$SYS_DIST-$SYS_VER-$SYS_ARCH.conf.sh ]]; then
. $prefix/$SYS_DIST-$SYS_VER-$SYS_ARCH.conf.sh
. $prefix/$SYS_DIST-$SYS_VER-$SYS_ARCH.conf.sh
fi
if [[ -n $SYS_CODE && -e $prefix/$SYS_DIST-$SYS_CODE-$SYS_ARCH.conf.sh ]]; then
. $prefix/$SYS_DIST-$SYS_CODE-$SYS_ARCH.conf.sh
. $prefix/$SYS_DIST-$SYS_CODE-$SYS_ARCH.conf.sh
fi
unset prefix
}
export -f load_autoconf
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Load configuration with the following priorities:
# 1) Those given on command line, if any
# 2) <workingdir>/conf/<hostname>.conf (Hostname based and specific)
# 3) <workingdir>/conf/init.conf.sh (Generic default)
# 2) <workingdir>/conf/<realm>/<hostname>.conf (Hostname based and specific)
# 2) <workingdir>/conf/<hostname>.conf (Hostname based and specific)
# 3) <workingdir>/conf/init.conf.sh (Generic default, for testing)
load_configuration()
{
# --------------------------------------------------------------------------
# Get list of possible files to load when REALM is not declared
get_files()
{
for d in $MYPATH/conf/*; do
if [[ -d $d ]]; then
find $d -maxdepth 1 -name "$HOSTNAME.conf.sh"
fi
done
}
if [[ -n $CONFFILES ]]; then
local f=
for f in $CONFFILES; do
prnt I "Loading $f manually specified."
if [[ -s $f ]]; then
. $f
else
prnt E "The $f file doesn't exists or is empty."
die 6 --force
fi
done
unset f
local f=
for f in $CONFFILES; do
prnt I "Loading $f manually specified."
if [[ -s $f ]]; then
. $f
else
prnt E "The $f file doesn't exists or is empty."
die 6 --force
fi
done
unset f
else
prnt I "Loading configuration..."
if [[ -e $MYPATH/conf/$HOSTNAME.conf.sh ]]; then
prnt I "A specific configuration will be used."
. $MYPATH/conf/$HOSTNAME.conf.sh
else
if [[ -e $MYPATH/conf/init.conf.sh ]]; then
prnt I "A generic configuration will be used."
. $MYPATH/conf/init.conf.sh
else
prnt E "No configuration found, impossible to continue."
die 6 --force
fi
fi
prnt I "Loading configuration..."
if [[ -z $REALM ]]; then
prnt W "REALM is undeclared, trying to scan configuration subdirectories for this host..."
local found_realms=$(get_files)
case "$(echo $found_realms | wc -w)" in
"0")
: # We do nothing as we'll check for other scenario
;;
"1")
export REALM="$(basename $(dirname $found_realms))"
local auto_realm="$REALM"
;;
*)
prnt E "More than one file correspond to that host. This is ambigous and need to be fixed."
prnt m "You can fix that situation with one of those actions:"
prnt m "\t * Declare a REALM variable with the actual domain name of the host."
prnt m "\t * Give manually the configuration file using the --file option."
prnt m "\t * Configure the domain name of the host."
die 20 --force
;;
esac
fi
if [[ -e $MYPATH/conf/$REALM/$HOSTNAME.conf.sh ]]; then
prnt I "A specific configuration will be used."
local cnffile=$MYPATH/conf/$REALM/$HOSTNAME.conf.sh
if [[ -n $auto_realm && $REALM != $auto_realm ]]; then
prnt E "The domain name in the confinguration file don't correspond to the detected domain through directory structure."
die 21 --force
fi
elif [[ -e $MYPATH/conf/$HOSTNAME.conf.sh ]]; then
prnt I "A specific configuration will be used."
local cnffile=$MYPATH/conf/$HOSTNAME.conf.sh
else
if [[ -e $MYPATH/conf/init.conf.sh ]]; then
prnt I "A generic configuration will be used."
local cnffile=$MYPATH/conf/init.conf.sh
else
prnt E "No configuration found, impossible to continue."
die 6 --force
fi
fi
prnt I "Loading $cnffile ..."
. $cnffile
fi
}
export -f load_configuration
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -94,11 +139,12 @@ load_prepost_actions()
{
local prepost=
for prepost in $MYPATH/prepost.d/*.sh; do
prnt I "Loading prepost actions in $prepost ..."
. $prepost
prnt I "Loading prepost actions in $prepost ..."
. $prepost
done
unset prepost
}
export -f load_prepost_actions
# ------------------------------------------------------------------------------
# EOF

12
lib/net.sh
View File

@@ -1,7 +1,8 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Network functions
# This file is part of the init.sh project
# Copyright (c) 2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -33,6 +34,7 @@ set_system_proxy()
fi
}
export -f set_system_proxy
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -46,6 +48,7 @@ mask2cidr4()
echo $(( $2 + (${#x}/4) ))
}
export -f mask2cidr4
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -58,6 +61,7 @@ cidr2mask4()
echo ${1-0}.${2-0}.${3-0}.${4-0}
}
export -f cidr2mask4
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -81,6 +85,7 @@ isipv4 ()
return 1
}
export -f isipv4
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -95,6 +100,7 @@ isipv6 ()
return 1
}
export -f isipv6
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -134,6 +140,7 @@ get_network_info()
done
}
export -f get_network_info
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -175,3 +182,6 @@ check_network()
esac
}
export -f check_network
# ------------------------------------------------------------------------------
# EOF

125
lib/pkgman.sh
View File

@@ -1,7 +1,8 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Package manager integration
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -17,6 +18,7 @@ pkgupdt()
$PKG_MAN $COM_UPDATE
}
export -f pkgupdt
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -25,21 +27,21 @@ pkginst()
{
prnt I "Installing packages..."
if [[ $# -lt 1 ]]; then
prnt E "pkginst(): some required parameters are missing."
exit 11
prnt E "pkginst(): some required parameters are missing."
exit 11
fi
if [[ ! $INSTALL_MODE == dev ]]; then
exec_preinst $@
$PKG_MAN $COM_INSTALL $@
exec_postinst
exec_preinst $@
$PKG_MAN $COM_INSTALL $@
exec_postinst
else
local pkg=
for pkg in $@; do
exec_preinst $pkg
$PKG_MAN $COM_INSTALL $pkg
exec_postinst
done
unset pkg
local pkg=
for pkg in $@; do
exec_preinst $pkg
$PKG_MAN $COM_INSTALL $pkg
exec_postinst
done
unset pkg
fi
}
export -f pkginst
@@ -55,6 +57,7 @@ pkgupgd()
exec_postupgd
}
export -f pkgupgd
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -63,24 +66,25 @@ pkgrm()
{
prnt I "Uninstalling packages..."
if [[ $# -lt 1 ]]; then
prnt E "pkgrem(): some required parameters are missing."
exit 11
prnt E "pkgrem(): some required parameters are missing."
exit 11
fi
if [[ ! $INSTALL_MODE == dev ]]; then
exec_prerm $@
$PKG_MAN $COM_REMOVE $@
exec_postrm
exec_prerm $@
$PKG_MAN $COM_REMOVE $@
exec_postrm
else
local pkg=
for pkg in $@; do
exec_prerm $pkg
$PKG_MAN $COM_REMOVE $pkg
exec_postrm
done
uset pkg
local pkg=
for pkg in $@; do
exec_prerm $pkg
$PKG_MAN $COM_REMOVE $pkg
exec_postrm
done
uset pkg
fi
}
export -f pkgrm
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -93,6 +97,7 @@ pkgautorm()
exec_postautorm
}
export -f pkgautorm
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -101,15 +106,16 @@ exec_preinst()
{
local pkglist=$(get_install_list $@)
for pkg in $pkglist; do
if [[ $(function_exists preinst_$pkg) ]]; then
prnt I "Running $pkg preinstallation script..."
preinst_$pkg
fi
if [[ $(function_exists preinst_$pkg) ]]; then
prnt I "Running $pkg preinstallation script..."
preinst_$pkg
fi
done
export POSTINSTLIST=$pkglist
unset pkglist
}
export -f exec_preinst
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -117,17 +123,18 @@ export -f exec_preinst
exec_postinst()
{
if [[ -z $POSTINSTLIST ]]; then
return 0
return 0
fi
for pkg in $POSTINSTLIST; do
if [[ $(function_exists postinst_$pkg) ]]; then
prnt I "Running $pkg postinstallation script..."
postinst_$pkg
fi
if [[ $(function_exists postinst_$pkg) ]]; then
prnt I "Running $pkg postinstallation script..."
postinst_$pkg
fi
done
unset POSTINSTLIST
}
export -f exec_postinst
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -137,15 +144,16 @@ exec_prerm()
local pkglist=$(get_remove_list $@)
unset $cmd
for pkg in $pkglist; do
if [[ $(function_exists prerm_$pkg) ]]; then
prnt I "Running $pkg preremove script..."
prerm_$pkg
fi
if [[ $(function_exists prerm_$pkg) ]]; then
prnt I "Running $pkg preremove script..."
prerm_$pkg
fi
done
export POSTRMLIST=$pkglist
unset pkglist
}
export -f exec_prerm
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -153,17 +161,18 @@ export -f exec_prerm
exec_postrm()
{
if [[ -z $POSTRMLIST ]]; then
return 0
return 0
fi
for pkg in $POSTRMLIST; do
if [[ $(function_exists postrm_$pkg) ]]; then
prnt I "Running $pkg postremove script..."
postrm_$pkg
fi
if [[ $(function_exists postrm_$pkg) ]]; then
prnt I "Running $pkg postremove script..."
postrm_$pkg
fi
done
unset POSTRMLIST
}
export -f exec_postrm
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -172,15 +181,16 @@ exec_preupgd()
{
local pkglist=$(get_upgrade_list)
for pkg in $pkglist; do
if [[ $(function_exists preupgd_$pkg) ]]; then
prnt I "Running $pkg preupgrade script..."
preupgd_$pkg
fi
if [[ $(function_exists preupgd_$pkg) ]]; then
prnt I "Running $pkg preupgrade script..."
preupgd_$pkg
fi
done
export POSTUPGDLIST=$pkglist
unset pkglist
}
export -f exec_preupgd
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -188,17 +198,18 @@ export -f exec_preupgd
exec_postupgd()
{
if [[ -z $POSTUPGDLIST ]]; then
return 0
return 0
fi
for pkg in $POSTUPGDLIST; do
if [[ $(function_exists postupgd_$pkg) ]]; then
prnt I "Running $pkg postupgrade script..."
postupgd_$pkg
fi
if [[ $(function_exists postupgd_$pkg) ]]; then
prnt I "Running $pkg postupgrade script..."
postupgd_$pkg
fi
done
unset POSTUPGDLIST
}
export -f exec_postupgd
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -207,15 +218,16 @@ exec_preautorm()
{
local pkglist=$(get_autorem_list)
for pkg in $pkglist; do
if [[ $(function_exists prerm_$pkg) ]]; then
prnt I "Running $pkg preremove script..."
prerm_$pkg
fi
if [[ $(function_exists prerm_$pkg) ]]; then
prnt I "Running $pkg preremove script..."
prerm_$pkg
fi
done
export POSTRMLIST=$pkglist
unset pkglist
}
export -f exec_preautorm
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -225,6 +237,7 @@ exec_postautorm()
exec_postrm
}
export -f exec_postautorm
# ------------------------------------------------------------------------------
# EOF

194
lib/secret.sh Normal file
View File

@@ -0,0 +1,194 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Secret management functions
# This file is part of the init.sh project
# Copyright (c) 2025 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
# https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Get Passbolt
get_passbolt_secret()
{
local name="$1" secret
if ! command -v passbolt >/dev/null 2>&1; then
prnt E "Passbolt CLI not found (required to fetch passbolt:$name)."
die 22
fi
# Exemple basé sur CLI Passbolt + jq
secret=$(passbolt secret list --json 2>/dev/null | jq -r --arg NAME "$name" \
'.[] | select(.name == $NAME) | .secrets[0].data' 2>/dev/null)
if [[ -z "$secret" || "$secret" == "null" ]]; then
prnt E "Secret '$name' not found in Passbolt."
die 23
fi
printf '%s' "$secret"
}
export -f get_passbolt_secret
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Get File
get_file_secret()
{
local path="$1" secret
if [[ ! -s "$path" ]]; then
prnt E "get_file_secret: missing secret file"
die 10
fi
if [[ ! -r "$path" ]]; then
prnt E "get_file_secret: '$path' not readable"
die 24
fi
secret=$(<"$path")
secret="${secret%$'\r'}"
secret="${secret%$'\n'}"
printf '%s' "$secret"
}
export -f get_file_secret
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Get Environment variable
get_var_secret()
{
local var="$1" secret
if [[ -z "$var" ]]; then
prnt E "get_var_secret: missing variable name"
die 25
fi
if ! printenv "$var" >/dev/null 2>&1; then
prnt E "get_var_secret: variable '$var' not set"
die 25
fi
secret="$(printenv "$var")"
secret="${secret%$'\r'}"
secret="${secret%$'\n'}"
printf '%s' "$secret"
}
export -f get_var_secret
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Main get dispatcher
# Usage: fetch_secret "scheme:identifier"
fetch_secret()
{
local ref="$1"
local scheme identifier func
if [[ -z "$ref" ]]; then
prnt E "fetch_secret: no reference provided"
die 26
fi
# par défaut, si pas de scheme -> "file"
if [[ "$ref" != *:* ]]; then
scheme="file"
identifier="$ref"
else
scheme="${ref%%:*}"
identifier="${ref#*:}"
fi
func="get_${scheme}_secret"
if ! declare -f "$func" >/dev/null 2>&1; then
prnt E "fetch_secret: unsupported scheme '$scheme' (no function $func)"
die 27
fi
"$func" "$identifier"
}
export -f fetch_secret
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Check Passbolt
check_passbolt_secret() {
local name="$1" found
if ! command -v passbolt >/dev/null 2>&1; then
return 1
fi
found=$(passbolt secret list --json 2>/dev/null | jq -e --arg NAME "$name" \
'.[] | select(.name == $NAME) | .secrets[0].data' 2>/dev/null)
[[ -n "$found" && "$found" != "null" ]]
}
export -f check_passbolt_secret
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Check File
check_file_secret() {
local path="$1"
[[ -r "$path" && -s "$path" ]]
}
export -f check_file_secret
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Check Environment variable
check_var_secret() {
local var="$1"
[[ -n "$var" ]] && printenv "$var" >/dev/null 2>&1
}
export -f check_var_secret
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Check Dispatcher
check_secret() {
local ref="$1"
local scheme identifier func
if [[ -z "$ref" ]]; then
prnt E "check_secret: no reference provided"
return 1
fi
if [[ "$ref" != *:* ]]; then
scheme="file"
identifier="$ref"
else
scheme="${ref%%:*}"
identifier="${ref#*:}"
fi
func="check_${scheme}_secret"
if ! declare -f "$func" >/dev/null 2>&1; then
prnt E "check_secret: unsupported scheme '$scheme' (no function $func)"
return 1
fi
"$func" "$identifier"
}
export -f check_secret
# ------------------------------------------------------------------------------
# EOF

24
lib/services.sh
View File

@@ -1,7 +1,8 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Services manipulation functions
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -15,16 +16,16 @@
exec_serv()
{
if [[ $# -lt 2 ]]; then
prnt E "exec_serv(): Syntax error (parameters: $@)!"
exit 11
prnt E "exec_serv(): Syntax error (parameters: $@)!"
exit 11
fi
local svcname=$1 command=$2
shift 2
local lineexec=$(echo $INIT_COM |
sed -e s/%srv%/$svcname/ \
-e s/%com%/$command/)
sed -e s/%srv%/$svcname/ \
-e s/%com%/$command/)
unset svcname command
prnt I "Launching command $command for the service $svcname"
@@ -33,6 +34,7 @@ exec_serv()
unset lineexec
}
export exec_serv
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -41,11 +43,12 @@ svc_start()
{
local svc=
for svc in $@; do
exec_serv $svc start
exec_serv $svc start
done
unset svc
}
export -f svc_start
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -53,10 +56,11 @@ export -f svc_start
svc_reload()
{
for svc in $@; do
exec_serv $svc reload
exec_serv $svc reload
done
}
export -f svc_reload
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -65,11 +69,12 @@ svc_restart()
{
local svc=
for svc in $@; do
exec_serv $svc restart
exec_serv $svc restart
done
unset svc
}
export -f svc_restart
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -78,10 +83,11 @@ svc_stop()
{
local svc=
for svc in $@; do
exec_serv $svc stop
exec_serv $svc stop
done
unset svc
}
export -f svc_stop
# ------------------------------------------------------------------------------
# EOF

47
lib/support.sh
View File

@@ -1,7 +1,8 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Base support function
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -20,34 +21,34 @@ Initialise une machine pour l'intégrer à un réseau.
Options :
-f, --file <fichier> Permet de spécifier un fichier de configuration
à charger manuellement. Cette option peut être répétée
à charger manuellement. Cette option peut être répétée
pour permettre le chargement de plusieurs fichiers de
configuration, le dernier surchargeant les précédants.
-m, --module <liste> Lance les modules indiqués même s'il ne sont pas
dans les fichiers de configuration. Les noms des
modules doivent être séparés par des virgules.
dans les fichiers de configuration. Les noms des
modules doivent être séparés par des virgules.
-c, --check-only Lance les procédures de vérification sans rien
modifier.
modifier.
-j, --jump Saute les procédures de vérification des
modules.
modules.
-k, --keep-going Continue l'execution en cas d'erreur.
-r, --resume Reprend l'execution là ou elle s'est arrêté.
-R, --no-root-check Ne pas vérifier les droits root (ou UID 0)
-o, --offline Assume that all needed resource are available on a LAN
and avoid any Internet connectivity checks.
and avoid any Internet connectivity checks.
-P, --no-proxy Ne pas utiliser de proxy lors de l'utilisation de
ce script (n'empêche pas leur configuration via modules)
ce script (n'empêche pas leur configuration via modules)
-D, --no-deps Ne pas vérifier les dépendances entre les modules.
-h, --help Affiche ce texte d'aide.
-s, --shell Lance un shell avec tout l'environnement du script pour
débogage. Aucune action ou vérification n'est faite en
dehors des commandes lancées dans le shell.
débogage. Aucune action ou vérification n'est faite en
dehors des commandes lancées dans le shell.
--chroot <chemin> Permet à init de ne pas appliquer les modifications au
système de fichier racine mais à un système différent.
système de fichier racine mais à un système différent.
-l, --logfile <nom> Nom du fichier de log. Peut aussi être changé
via la variable d'environnement LOGFILE.
via la variable d'environnement LOGFILE.
-v, --version Affiche la version de ce script et celles de
tous les modules disponibles.
tous les modules disponibles.
Attention : les options courtes ne sont pas concaténable.
@@ -72,6 +73,7 @@ Fichiers de configuration :
EOF
}
export -f disp_help
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -84,23 +86,24 @@ show_version()
local mod=
for mod in $MYPATH/modules/*.sh; do
# Ran in a subshell to not pollute environment
(
. $mod
local modname=$(get_mod_name $mod)
local version=VER_$modname
# Ran in a subshell to not pollute environment
(
. $mod
local modname=$(get_mod_name $mod)
local version=VER_$modname
echo -e "\t$BWhite$modname${DEFAULTCOL}: $BGreen${!version}$DEFAULTCOL"
echo -e "\t$BWhite$modname${DEFAULTCOL}: $BGreen${!version}$DEFAULTCOL"
unset modname version
)
unset modname version
)
done
unset mod
if [[ $(id -u) -ne 0 ]]; then
echo -e "\n${BYellow}Warning:$DEFAULTCOL That script requires superuser rights to work."
echo -e "\n${BYellow}Warning:$DEFAULTCOL That script requires superuser rights to work."
fi
}
export -f show_version
# ------------------------------------------------------------------------------
# EOF

82
lib/users.sh Normal file
View File

@@ -0,0 +1,82 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Users related functions
# This file is part of the init.sh project
# Copyright (c) 2019-2025 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
# https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Users (from Ldap)
add_remote_user()
{
local users=$@
for usr in ${users[@]}; do
if [[ -n $(grep "^$usr:" /etc/passwd) ]]; then
prnt W "A local user with name $usr already exists, adding anyway!"
fi
if [[ -n $(grep "^+$usr:" /etc/passwd) ]]; then
prnt W "The remote user $usr is already declared, nothing to do in passwd."
else
echo "+$usr::::::" >> /etc/passwd
prnt I "User $usr added to passwd..."
fi
if [[ -n $(grep "^+$usr:" /etc/shadow) ]]; then
prnt W "The remote user $usr is already connectable, nothing to do in shadow."
else
echo "+$usr::::::::" >> /etc/shadow
prnt I "User $usr added to shadow..."
fi
done
}
export -f add_remote_user
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Remove users
remove_user()
{
local users=$@
for usr in ${users[@]}; do
if [[ -n $(grep "^$usr:" /etc/{passwd,shadow,group,gshadow}) ]]; then
# Using sed is more universal than any distro commands - local case
sed -i -e "/^$usr:/d" /etc/{passwd,shadow,group,gshadow}
elif [[ -n $(grep "^+$usr:" /etc/{passwd,shadow,group,gshadow}) ]]; then
# remote case
sed -i -e "/^+$usr:/d" /etc/{passwd,shadow,group,gshadow}
else
prnt W "User $usr don't exists in auth files, nothing to do."
fi
done
}
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Create a local user
create_local_user()
{
local users=$@
for usr in ${users[@]}; do
if [[ $(noerror --noout id $usr) != 0 ]]; then
prnt I "Creating user $usr..."
if [[ $(directory_exists home_skell) ]]; then
useradd --create-home --shell $DEFAULT_SHELL \
--user-group $usr \
--skell $(select_directory home_skell)
else
useradd --create-home --shell $DEFAULT_SHELL --user-group $usr
fi
else
prnt W "The user $usr already exists. Nothing to do..."
fi
done
}
# ------------------------------------------------------------------------------
# EOF

40
lib/utils.sh
View File

@@ -1,7 +1,8 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Various utilitary functions
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -12,26 +13,28 @@
# Define normalised time display, filename friendly
stdtime()
{
date --rfc-3339=seconds | sed -e 's/ /-/' -e 's/://g'
date --rfc-3339=seconds | sed -e 's/ /-/' -e 's/://g' | cut -d'+' -f1
}
export -f stdtime
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Check if a function exists, return 0 if so
function_exists() {
if [[ $# -ne 1 ]]; then
prnt E "function_exists(): A function name is required!"
die 11 --force
prnt E "function_exists(): A function name is required!"
die 11 --force
fi
if [[ $(LC_ALL=C type -t $1 | grep function) ]]; then
return 0
if [[ -n $(LC_ALL=C type -t $1 | grep function) ]]; then
return 0
else
return 1
return 1
fi
}
export -f function_exists
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -39,12 +42,13 @@ export -f function_exists
get_mod_name()
{
if [[ $# -ne 1 ]]; then
prnt E "get_mod_name(): Bad number of parameters."
die 11 --force
prnt E "get_mod_name(): Bad number of parameters."
die 11 --force
fi
echo $(basename $1 | cut -f 1 -d '.')
basename $1 | cut -f 1 -d '.'
}
export -f get_mod_name
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -52,9 +56,23 @@ export -f get_mod_name
trim()
{
local string="$@"
echo "$(sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//'<<<"${string}")"
sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//'<<<"${string}"
unset string
}
export -f trim
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Dump the keyboard's buffer
dump_key_buffer()
{
while read -r -t 0.001; do
:
done
}
export -f dump_key_buffer
# ------------------------------------------------------------------------------
# EOF

108
lib/vars.sh Normal file
View File

@@ -0,0 +1,108 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Variables substitution function
# This file is part of the init.sh project
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
# https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Replace @VAR@ in a text file by the corresponding $VAR value
# The --delimiter or -d option allow to use something else than @
setvar()
{
local delimiter="@"
local vars=()
local file
# Parse arguments
while [[ $# -gt 0 ]]; do
case "$1" in
--delimiter|-d)
shift
delimiter="${1:-@}"
;;
-*)
prnt E "setvar(): Unknown option: $1"
die 7
;;
*)
if [[ -f $1 && $# -eq 1 ]]; then
file="$1"
else
vars+=("$1")
fi
;;
esac
shift
done
if [[ -z $file ]]; then
prnt E "Usage: setvar [--delimiter D] VAR1 [VAR2 ...] <file>"
die 7
fi
if [[ ${#vars[@]} -eq 0 ]]; then
prnt E "No variable name(s) provided."
die 7
fi
local var val escaped pattern
for var in "${vars[@]}"; do
val="${!var}"
if [[ -z $val ]]; then
prnt W "Variable '$var' is unset or empty; skipped."
continue
fi
# Échapper les caractères spéciaux pour sed
escaped=$(printf '%s' "$val" | sed -e 's/[\/&]/\\&/g')
pattern="${delimiter}${var}${delimiter}"
prnt I "Replacing $pattern with $val in $file"
sed -i -e "s|$pattern|$escaped|g" "$file"
done
}
export -f setvar
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Replace @VAR@ in a text file by the corresponding values available in the
# environment. The --delimiter or -d option allow to use something else than @
setvars_from_env()
{
local file delimiter="@"
while [[ $# -gt 0 ]]; do
case "$1" in
-d|--delimiter)
shift
delimiter="${1:-@}"
;;
*)
file="$1"
;;
esac
shift
done
[[ -f $file ]] || {
prnt E "File not found: $file"
die 10
}
local vars
vars=$(grep -o "${delimiter}[A-Z0-9_]\+${delimiter}" "$file" | sort -u | tr -d "$delimiter")
[[ -z $vars ]] && return 0
setvar --delimiter "$delimiter" $vars "$file"
}
export -f setvars_from_env
# ------------------------------------------------------------------------------
# EOF

51
lib/version.sh
View File

@@ -1,7 +1,8 @@
#!/bin/bash
# ------------------------------------------------------------------------------
# Version determination function
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2024 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -13,35 +14,38 @@
get_os_version()
{
if [[ ! -f /etc/os-release ]]; then
prnt E "get_os_version(): Your distribution doesn't have the needed os-release file."
die 8 --force
prnt E "get_os_version(): Your distribution doesn't have the needed os-release file."
die 8 --force
fi
# Create a sub-shell to avoid polluting the environnement
(
# Iniitalise version codename in case the var don't exists
VERSION_CODENAME="NULL"
# Iniitalise version codename in case the var don't exists
VERSION_CODENAME="NULL"
# Import the file in the environment
source /etc/os-release
# Import the file in the environment
source /etc/os-release
if [[ -z $ID ]]; then
prnt E "get_os_version(): Your /etc/os-release file mises some vital information."
die 8 --force
fi
if [[ -z $ID ]]; then
prnt E "get_os_version(): Your /etc/os-release file mises some vital information."
die 8 --force
fi
if [[ -z $VERSION_ID ]]; then
local maj=$(uname -r | cut -d'.' -f1)
local min=$(uname -r | cut -d'.' -f2)
VERSION_ID="$maj.$min"
unset maj min
fi
# Return values on stdout (awk used to retreave primary codename when using testing or unstable)
echo ${ID,,} ${VERSION_ID} $(echo ${VERSION_CODENAME,,} | awk '{print $1}')
if [[ -z $VERSION_ID ]]; then
local maj=$(uname -r | cut -d'.' -f1)
local min=$(uname -r | cut -d'.' -f2)
VERSION_ID="$maj.$min"
unset maj min
fi
# Return values on stdout
echo ${ID,,} ${VERSION_ID} ${VERSION_CODENAME,,}
)
}
export read_os_release
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
@@ -50,19 +54,20 @@ export read_os_release
set_sys_vars()
{
if [[ $# -ne 4 ]]; then
prnt E "set_sys_vars(): Incorrect number of parameters ($@)."
die 7 --force
prnt E "set_sys_vars(): Incorrect number of parameters ($@)."
die 7 --force
fi
export SYS_ARCH=$1
export SYS_DIST=$2
export SYS_VER=$3
if [[ $4 != "null" ]]; then
export SYS_CODE=$4
export SYS_CODE=$4
elif [[ -n $SYS_CODE ]]; then
unset SYS_CODE
unset SYS_CODE
fi
}
export -f get_os_version
# ------------------------------------------------------------------------------
# EOF

55
modules/authnz.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Add local or remote users
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2025 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -20,58 +20,9 @@
# * DEFAULT_SHELL: The shell to use when creating new users
# ------------------------------------------------------------------------------
export VER_authnz=0.2.2
export DEP_authnz="upgrade_dist"
export VER_authnz="0.2.2"
export DEP_authnz=""
# Users (from Ldap)
add_remote_user()
{
if [[ $(grep "^$1:" /etc/passwd) ]]; then
prnt W "A local user with name $1 already exists, adding anyway!"
fi
if [[ $(grep "^+$1:" /etc/passwd) ]]; then
prnt W "The remote user $1 is already declared, nothing to do in passwd."
else
echo "+$1::::::" >> /etc/passwd
prnt I "User $1 added to passwd..."
fi
if [[ $(grep "^+$1:" /etc/shadow) ]]; then
prnt W "The remote user $1 is already connectable, nothing to do in shadow."
else
echo "+$1::::::::" >> /etc/shadow
prnt I "User $1 added to shadow..."
fi
}
# Remove users
remove_user()
{
if [[ $(grep "^$1:" /etc/{passwd,shadow,group,gshadow}) ]]; then
# Using sed is more universal than any distro commands - local case
sed -i -e "/^$1:/d" /etc/{passwd,shadow,group,gshadow}
elif [[ $(grep "^+$1:" /etc/{passwd,shadow,group,gshadow}) ]]; then
# remote case
sed -i -e "/^+$1:/d" /etc/{passwd,shadow,group,gshadow}
else
prnt W "User $1 don't exists in auth files, nothing to do."
fi
}
# Create a local user
create_local_user()
{
if [[ $(noerror --noout id $1) != 0 ]]; then
prnt I "Creating user $1..."
if [[ $(directory_exists home_skell) ]]; then
useradd --create-home --shell $DEFAULT_SHELL --user-group $1 \
--skell $(select_directory home_skell)
else
useradd --create-home --shell $DEFAULT_SHELL --user-group $1
fi
else
prnt W "The user $1 already exists. Nothing to do..."
fi
}
# Authentication
authnz()

113
modules/conf_ceph.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Configure machine for ceph (or samba) mount
# Configure machine for ceph (or samba / NFS) mount
# This file is part of the init.sh project
# Copyright (c) 2019-2021 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2025 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -10,43 +10,52 @@
# Variable:
# * CEPH_SRV_NAMES: hosts names of ceph servers
# * CEPHIP_srv: with "srv" being a ceph server hostname, its corresponding IP
# * SHARED_HOME: Set at yes if homedir is a directory of the ceph mount
# * SMBSRV: Fallback samba server on unsupported architectures
# Mount points are hardcoded and should bet set differently
# * CEPH_MOUNTS: list of mounts to create
# * CEPH_MP_mount: mount point for the given "mount"
# * SHARED_HOME: Set at yes if homedir is a directory of the ceph mount (to be removed)
# * SMBSRV: Fallback samba server on unsupported architectures (not doing
# anything if undeclared)
# * NFSSRV: Fallback NFS server on unsupported architectures (not doing
# anything if undeclared)
# If both SMBSRV and NFSSRV are set on unsupported hardware, Samba will have a
# higher priority.
# ------------------------------------------------------------------------------
export VER_conf_ceph="0.0.5"
export DEP_conf_ceph="upgrade_dist"
export VER_conf_ceph="1.0.2"
export DEP_conf_ceph=""
conf_ceph()
{
# Create mount point directories
echo "Creating mount points"
mkdir -pv /srv/ceph/share
mkdir -pv /share
local success=undef
local fstabchanged=false
# Determine the type of installation
if [[ $SYS_ARCH == "x86_64" || $SYS_ARCH == "i386" ]]; then
export CEPH_STATUS=ceph
else
elif [[ -n $SMBSRV ]]; then
export CEPH_STATUS=smb
elif [[ -n $NFSSRV ]]; then
export CEPH_STATUS=nfs
else
export CEPH_STATUS=none
fi
if [[ $CEPH_STATUS == ceph ]]; then
# Install ceph package
pkginst ceph-common
# hosts files required for Ceph bootstrap when DNS not yet started
if [[ ! $(grep "# Ceph" /etc/hosts) ]]; then
if ! grep -q "^# Ceph" /etc/hosts; then
prnt I "Adding server list to /etc/hosts"
backup_dist /etc/hosts
tag_file /etc/hosts
echo >> /etc/hosts
echo "# Ceph servers:" >> /etc/hosts
for srv in $CEPH_SRV_NAMES; do
local line="$(eval echo \$CEPHIP_$srv) $srv.$REALM $srv"
local line
line="$(eval echo \$CEPHIP_$srv) $srv.$REALM $srv"
prnt m " - Adding line $line to /etc/hosts"
echo "$line" >> /etc/hosts
unset line
done
else
prnt W "Ceph servers already in /etc/hosts, nothing to do"
@@ -54,37 +63,59 @@ conf_ceph()
backup_dist /etc/fstab
prnt I "Adding ceph entries to /etc/fstab"
fstabchanged=true
tag_file /etc/fstab
echo >> /etc/fstab
local srvlist=$(echo $CEPH_SRV_NAMES | sed "s/ /,/g")
if [[ ! $(grep $srvlist /etc/fstab) ]]; then
local srvlist=${CEPH_SRV_NAMES// /,}
prnt I "Fetching secret $CEPH_SECRET..."
local secret
secret=$(fetch_secret "$CEPH_SECRET")
if ! grep -q "$srvlist" /etc/fstab; then
echo "# Ceph :" >> /etc/fstab
echo "$srvlist:/ /srv/ceph ceph defaults,_netdev,name=admin,secret=$CEPH_SECRET 0 0" >> /etc/fstab
for mnt in $CEPH_MOUNTS; do
local mp=$(eval echo \$CEPH_MP_$mnt)
mkdir -pv "$mp"
echo "$srvlist:/ $mp ceph defaults,_netdev,name=admin,secret=$secret,mds_namespace=$mnt 0 0" >> /etc/fstab
unset mp
done
else
prnt W "Ceph entry already in /etc/fstab, nothing to do"
fi
unset srvlist
unset srvlist secret
success=yes
elif [[ $CEPH_STATUS == smb ]]; then
pkginst smbclient
backup_dist /etc/fstab
prnt I "Adding Samba entries to /etc/fstab"
fstabchanged=true
echo >> /etc/fstab
if [[ ! $(grep $SMBSRV /etc/fstab) ]]; then
tag_file /etc/fstab
if ! grep -q "$SMBSRV" /etc/fstab; then
echo "# Samba:" >> /etc/fstab
echo "//$SMBSRV/share /srv/ceph/share cifs defaults,_netdev,username=root,password= 0 0" >> /etc/fstab
for mnt in $CEPH_MOUNTS; do
local mp=$(eval echo \$CEPH_MP_$mnt)
mkdir -pv $mp
echo "//$SMBSRV/$mnt $mp cifs defaults,_netdev,username=root,password= 0 0" >> /etc/fstab
unset $mp
done
else
prnt W "Samba entry already in /etc/fstab, nothing to do"
fi
success=yes
elif [[ $CEPH_STATUS == nfs ]]; then
tag_file /etc/fstab
# To be implemented
elif [[ $CEPH_STATUS == none ]]; then
prnt W "No alternative set for unsuported hardware, nothing will be done."
return 0
else
prnt E "Ceph status not understood, the next tasks will probably fail"
prnt E "Ceph status not understood, something is wrong."
return 1
fi
if [[ $success == yes ]]; then
if [[ ! $(grep "^/srv/ceph/share" /etc/fstab) ]]; then
fstabchanged=true
# Create some mount binds for convenience
# TODO: That part should be a different module with own configuration
if grep -q "^/srv/ceph/share" /etc/fstab; then
echo "/srv/ceph/share /share none defaults,_netdev,bind 0 0" >> /etc/fstab
if [[ $SHARED_HOME == 1 ]]; then
echo "/srv/ceph/share/home /home none defaults,_netdev,bind 0 0" >> /etc/fstab
@@ -94,18 +125,15 @@ conf_ceph()
prnt E "Failed creating original mount, not adding binded ones"
fi
if [[ $fstabchanged == true ]]; then
tag_file /etc/fstab
fi
unset fstabchanged
# Mount Ceph volumes if required
prnt I "Mounting ceph volumes"
[[ ! $(mount | grep "on /srv/ceph") ]] && mount -v /srv/ceph || mount -v /srv/ceph/share
[[ ! $(mount | grep "on /share") ]] && mount -v /share
if [[ $SHARED_HOME == "true" ]]; then
[[ ! $(mount | grep "on /home") ]] && mount -v /home
fi
for mnt in $CEPH_MOUNTS; do
if ! mountpoint -q "$(eval echo \$CEPH_MP_$mnt)"; then
mount -v "$(eval echo \$CEPH_MP_$mnt)" ||
prnt W "Error while mounting CEPH filesystem (check CEPH logs), ignoring"
fi
done
}
precheck_conf_ceph()
@@ -124,17 +152,24 @@ precheck_conf_ceph()
done
if [[ -z $CEPH_SECRET ]]; then
prnt E "CEPH secret key is not declared, can't continue!"
prnt I "If you don't want to put tour CEPH secret in configuration file,"
prnt I "If you don't want to put a CEPH secret var in configuration file,"
prnt m "you need to export it temporarily in your environment, using the"
prnt m "\"CEPH_SECRET\" variable."
exit 181
die 181
elif ! check_secret $CEPH_SECRET; then
prnt E "The declared $CEPH_SECRET is not accessible."
die 183
fi
if [[ -z $CEPH_MOUNTS ]]; then
prnt E "No CEPH mounts declared, despite reachable servers."
die 182
fi
else
prnt E "No CEPH server declared!"
die 182
fi
else
prnt W "System incompatible with ceph, falling back to samba..."
prnt W "System incompatible with ceph, falling back to Samba or NFS..."
fi
}

8
modules/conf_disks.sh
View File

@@ -16,7 +16,7 @@
# * CALCDRV: Target drives, preferably through ID.
# ------------------------------------------------------------------------------
export VER_conf_disks="0.0.9"
export VER_conf_disks="0.0.9-obsolete"
export DEP_conf_disks="upgrade_dist"
# ------------------------------------------------------------------------------
@@ -96,7 +96,7 @@ precheck_conf_disks()
prnt E "Format de disque inconnu ($CALCTYPE) !"
die 150
fi
prnt I "Vérification des lecteurs pour disque de calcul."
local drvcount=0
for drv in $CALCDRV; do
@@ -105,7 +105,7 @@ precheck_conf_disks()
prnt I "Le dique $drv est vierge, il sera formaté en $CALCTYPE."
else
prnt W "Le disque $drv n'est pas vierge !"
if [[ $FORCEBLANK==true ]]; then
if [[ $FORCEBLANK == true ]]; then
prnt W "Le disque $drv sera réinitialisé !"
else
prnt E "La réinitialisation de $drv n'est pas autorisé, rien ne sera fait !"
@@ -119,7 +119,7 @@ precheck_conf_disks()
(( drvcount+=1 ))
done
if [[ ! $CALCTYPE=="zfs" && drvcount -gt 1 ]]; then
if [[ ! $CALCTYPE == "zfs" && drvcount -gt 1 ]]; then
prnt E "Plusieurs diques impossibles avec Ext4 ou XFS !"
die 150
fi

2
modules/conf_locale.sh
View File

@@ -31,7 +31,7 @@ conf_locale()
# Removing locales not in the list
prnt I "Deactivating initial locales from installation..."
if [[ $(grep -v '^#' $gen_fname | grep -v -e '^[[:space:]]*$') ]]; then
if [[ -n $(grep -v '^#' $gen_fname | grep -v -e '^[[:space:]]*$') ]]; then
grep -v '^#' $gen_fname | grep -v -e '^[[:space:]]*$' |
while read -r line; do
sed -i "s/$line/# $line/" $gen_fname

6
modules/conf_mail.sh
View File

@@ -13,8 +13,8 @@
# * MAIL_RELAY: Name of the mail relay server
# ------------------------------------------------------------------------------
export VER_conf_mail="0.0.7"
export DEP_conf_mail="upgrade_dist"
export VER_conf_mail="0.0.8"
export DEP_conf_mail=""
conf_mail()
{
@@ -30,7 +30,7 @@ conf_mail()
-e "s/@MAIL_RELAY@/$MAIL_RELAY/" $pfmain
echo $HOSTNAME.$REALM > /etc/mailname
tag_file /etc/mailname
#tag_file /etc/mailname
svc_restart postfix
}

242
modules/conf_network.sh
View File

@@ -21,7 +21,7 @@
# ------------------------------------------------------------------------------
export VER_conf_network="0.0.8"
export DEP_conf_network="install_pkg"
export DEP_conf_network=""
conf_network()
{
@@ -35,153 +35,155 @@ conf_network()
# First configure IPv4 ifaces
local iface=
for iface in $IPV4_IFACES; do
echo -e "\n# --------------------------------\n" >> $if_file
echo -e "\n# --------------------------------\n" >> $if_file
if [[ $(eval echo \$NET4_MODE_$iface) == static ]]; then
prnt I "Configuring IPv4 network interface $iface in static mode..."
echo "auto $iface" >> $if_file
echo "iface $iface inet static" >> $if_file
echo -e "\taddress $(eval echo \$NET4_IP_$iface)" >> $if_file
if [[ $(eval echo \$NET4_MODE_$iface) == static ]]; then
prnt I "Configuring IPv4 network interface $iface in static mode..."
echo "auto $iface" >> $if_file
echo "iface $iface inet static" >> $if_file
echo -e "\taddress $(eval echo \$NET4_IP_$iface)" >> $if_file
if [[ -n $(eval echo \$NET4_GW_$iface) ]]; then
echo -e "\tgateway $(eval echo \$NET4_GW_$iface)" >> $if_file
fi
if [[ -n $(eval echo \$NET4_GW_$iface) ]]; then
echo -e "\tgateway $(eval echo \$NET4_GW_$iface)" >> $if_file
fi
if [[ -n $(eval echo \$NET4_NS_$iface) ]]; then
echo -e "\tdns_nameservers $(eval echo \$NET4_NS_$iface)" >> $if_file
fi
if [[ -n $(eval echo \$NET4_NS_$iface) ]]; then
echo -e "\tdns_nameservers $(eval echo \$NET4_NS_$iface)" >> $if_file
fi
if [[ -n $(eval echo \$NET4_NS_SEARCH_$iface) ]]; then
echo -e "\tdns_search $(eval echo \$NET4_NS_SEARCH_$iface)" >> $if_file
fi
if [[ -n $(eval echo \$NET4_NS_SEARCH_$iface) ]]; then
echo -e "\tdns_search $(eval echo \$NET4_NS_SEARCH_$iface)" >> $if_file
fi
elif [[ $(eval echo \$NET4_MODE_$iface) == dhcp ]]; then
prnt I "Configuring IPv4 network interface $iface in DHCP mode..."
echo "auto $iface" >> $if_file
echo "iface $iface inet dhcp" >> $if_file
elif [[ $(eval echo \$NET4_MODE_$iface) == dhcp ]]; then
prnt I "Configuring IPv4 network interface $iface in DHCP mode..."
echo "auto $iface" >> $if_file
echo "iface $iface inet dhcp" >> $if_file
elif [[ $(eval echo \$NET4_MODE_$iface) == manual ]]; then
local fname=$(eval echo \$NET4_MANUAL_FILE_$iface)
append_file $fname $if_file
unset fname
fi
elif [[ $(eval echo \$NET4_MODE_$iface) == manual ]]; then
local fname=$(eval echo \$NET4_MANUAL_FILE_$iface)
append_file $fname $if_file
unset fname
fi
done
for iface in $IPV6_IFACES; do
echo -e "\n# --------------------------------\n" >> $if_file
echo -e "\n# --------------------------------\n" >> $if_file
if [[ $(eval echo \$NET6_MODE_$iface) == static ]]; then
prnt I "Configuring IPv6 network interface $iface in static mode..."
echo "auto $iface" >> $if_file
echo "iface $iface inet6 static" >> $if_file
echo -e "\taddress $(eval echo \$NET6_IP_$iface)" >> $if_file
if [[ $(eval echo \$NET6_MODE_$iface) == static ]]; then
prnt I "Configuring IPv6 network interface $iface in static mode..."
echo "auto $iface" >> $if_file
echo "iface $iface inet6 static" >> $if_file
echo -e "\taddress $(eval echo \$NET6_IP_$iface)" >> $if_file
if [[ -n $(eval echo \$NET6_GW_$iface) ]]; then
echo -e "\tgateway $(eval echo \$NET6_GW_$iface)" >> $if_file
fi
if [[ -n $(eval echo \$NET6_GW_$iface) ]]; then
echo -e "\tgateway $(eval echo \$NET6_GW_$iface)" >> $if_file
fi
if [[ -n $(eval echo \$NET6_NS_$iface) ]]; then
echo -e "\tdns_nameservers $(eval echo \$NET6_NS_$iface)" >> $if_file
fi
if [[ -n $(eval echo \$NET6_NS_$iface) ]]; then
echo -e "\tdns_nameservers $(eval echo \$NET6_NS_$iface)" >> $if_file
fi
if [[ -n $(eval echo \$NET6_NS_SEARCH_$iface) ]]; then
echo -e "\tdns_search $(eval echo \$NET6_NS_SEARCH_$iface)" >> $if_file
fi
if [[ -n $(eval echo \$NET6_NS_SEARCH_$iface) ]]; then
echo -e "\tdns_search $(eval echo \$NET6_NS_SEARCH_$iface)" >> $if_file
fi
elif [[ $(eval echo \$NET6_MODE_$iface) == dhcp ]]; then
prnt I "Configuring IPv6 network interface $iface in DHCP mode..."
echo "auto $iface" >> $if_file
echo "iface $iface inet6 dhcp" >> $if_file
elif [[ $(eval echo \$NET6_MODE_$iface) == dhcp ]]; then
prnt I "Configuring IPv6 network interface $iface in DHCP mode..."
echo "auto $iface" >> $if_file
echo "iface $iface inet6 dhcp" >> $if_file
elif [[ $(eval echo \$NET6_MODE_$iface) == manual ]]; then
local fname=$(eval echo \$NET6_MANUAL_FILE_$iface)
append_file $fname $if_file
unset fname
fi
elif [[ $(eval echo \$NET6_MODE_$iface) == manual ]]; then
local fname=$(eval echo \$NET6_MANUAL_FILE_$iface)
append_file $fname $if_file
unset fname
fi
done
prnt I "Restart network to apply changes"
svc_restart networking || true && prnt W "Ignoring errors here."
unset iface if_file
NEED_REBOOT=true
}
precheck_conf_network()
{
file_must_exists interfaces.head
if [[ -z $IPV4_IFACES ]]; then
prnt W "No IPv4 interfaces to configure."
prnt W "No IPv4 interfaces to configure."
else
for iface in $IPV4_IFACES; do
if [[ ! -d /sys/class/net/$iface ]]; then
prnt E "The iface $iface, asked to configure, do not exist!"
die 175
else
if [[ $(grep "up" /sys/class/net/$iface/operstate) ]]; then
prnt W "The IPv4 iface $iface, is already configured, a reboot will be required."
fi
fi
if [[ -z $(eval echo \$NET4_MODE_$iface) ]]; then
prnt E "Interfaces $iface have no mode set!"
die 175
else
case $(eval echo \$NET4_MODE_$iface) in
"static")
if [[ -z $(eval echo \$NET4_IP_$iface) ]]; then
prnt E "No IPv4 have been assigned to static interface $iface!"
fi
prnt m " * Interface $iface will have $(eval echo \$NET4_IP_$iface) static IPv4 address."
;;
"dhcp")
prnt m " * Interface $iface will use DHCP."
;;
"manual")
file_must_exists $(eval echo \$NET4_MANUAL_FILE_$iface)
prnt m " * Interface $iface will use manual IPv4 configuration in a file."
;;
*)
prnt E "Interfaces mode \"$(eval echo \$NET4_MODE_$iface)\" unsuported!"
die 175
;;
esac
fi
done
for iface in $IPV4_IFACES; do
if [[ ! -d /sys/class/net/$iface ]]; then
prnt E "The iface $iface, asked to configure, do not exist!"
die 175
else
if [[ $(grep "up" /sys/class/net/$iface/operstate) ]]; then
prnt W "The IPv4 iface $iface, is already configured, a reboot could be required."
fi
fi
if [[ -z $(eval echo \$NET4_MODE_$iface) ]]; then
prnt E "Interfaces $iface have no mode set!"
die 175
else
case $(eval echo \$NET4_MODE_$iface) in
"static")
if [[ -z $(eval echo \$NET4_IP_$iface) ]]; then
prnt E "No IPv4 have been assigned to static interface $iface!"
fi
prnt m " * Interface $iface will have $(eval echo \$NET4_IP_$iface) static IPv4 address."
;;
"dhcp")
prnt m " * Interface $iface will use DHCP."
;;
"manual")
file_must_exists $(eval echo \$NET4_MANUAL_FILE_$iface)
prnt m " * Interface $iface will use manual IPv4 configuration in a file."
;;
*)
prnt E "Interfaces mode \"$(eval echo \$NET4_MODE_$iface)\" unsuported!"
die 175
;;
esac
fi
done
fi
if [[ -z $IPV6_IFACES ]]; then
prnt W "No IPv6 interfaces to configure."
prnt W "No IPv6 interfaces to configure."
else
for iface in $IPV6_IFACES; do
if [[ ! -d /sys/class/net/$iface ]]; then
prnt E "The iface $iface, asked to configure, do not exist!"
die 175
else
if [[ $(grep "up" /sys/class/net/$iface/operstate) ]]; then
prnt W "The IPv6 iface $iface, is already configured, a reboot will be required."
fi
fi
if [[ -z $(eval echo \$NET6_MODE_$iface) ]]; then
prnt E "Interfaces $iface have no mode set!"
die 175
else
case $(eval echo \$NET6_MODE_$iface) in
"static")
if [[ -z $(eval echo \$NET6_IP_$iface) ]]; then
prnt E "No IPv6 have been assigned to static interface $iface!"
fi
prnt m " * Interface $iface will have $(eval echo \$NET6_IP_$iface) static IPv6 address."
;;
"dhcp")
prnt m " * Interface $iface will use DHCPv6."
;;
"manual")
file_must_exists $(eval echo \$NET6_MANUAL_FILE_$iface)
prnt m " * Interface $iface will use manual IPv6 configuration in a file."
;;
*)
prnt E "Interfaces mode \"$(eval echo \$NET6_MODE_$iface)\" unsuported!"
die 175
;;
esac
fi
done
for iface in $IPV6_IFACES; do
if [[ ! -d /sys/class/net/$iface ]]; then
prnt E "The iface $iface, asked to configure, do not exist!"
die 175
else
if [[ $(grep "up" /sys/class/net/$iface/operstate) ]]; then
prnt W "The IPv6 iface $iface, is already configured, a reboot could be required."
fi
fi
if [[ -z $(eval echo \$NET6_MODE_$iface) ]]; then
prnt E "Interfaces $iface have no mode set!"
die 175
else
case $(eval echo \$NET6_MODE_$iface) in
"static")
if [[ -z $(eval echo \$NET6_IP_$iface) ]]; then
prnt E "No IPv6 have been assigned to static interface $iface!"
fi
prnt m " * Interface $iface will have $(eval echo \$NET6_IP_$iface) static IPv6 address."
;;
"dhcp")
prnt m " * Interface $iface will use DHCPv6."
;;
"manual")
file_must_exists $(eval echo \$NET6_MANUAL_FILE_$iface)
prnt m " * Interface $iface will use manual IPv6 configuration in a file."
;;
*)
prnt E "Interfaces mode \"$(eval echo \$NET6_MODE_$iface)\" unsuported!"
die 175
;;
esac
fi
done
fi
}

66
modules/conf_nfs.sh Normal file
View File

@@ -0,0 +1,66 @@
# ------------------------------------------------------------------------------
# Configure NFS mounts
# This file is part of the init.sh project
# Copyright (c) 2019-2023 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
# https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------
# Variable list:
# * NFS_MOUNTS: list of mounts used in other variable names
# * MOUNTSERV_<mnt>: server acces to mount <mnt>
# * MOUNTPOINT_<mnt>: mount point for <mnt>
# * MOUNTOPTS_<mnt>: optionnaly, extra mount options for <mnt>
# ("defaults,_netdev" by default)
# ------------------------------------------------------------------------------
# Module version
export VER_conf_nfs="0.0.3"
# Module's code
conf_nfs()
{
pkginst nfs-common
for mnt in $NFS_MOUNTS; do
local mnt_serv=$(eval echo \$MOUNTSERV_$mnt)
local mnt_point=$(eval echo \$MOUNTPOINT_$mnt)
local mnt_opts=$(eval echo \$MOUNTOPTS_$mnt)
if [[ $(echo $mnt_opts | wc -w) == "0" ]]; then
mnt_opts="defaults,_netdev"
fi
if [[ -z $(grep "$mnt_serv" /etc/fstab) ]]; then
echo -e "${mnt_serv}\t${mnt_point}\tnfs4\t${mnt_opts}\t0\t0" >> /etc/fstab
fi
unset mnt_serv
if [[ ! -d $mnt_point ]]; then
mkdir -pv "$mnt_point"
fi
mount -v "$mnt_point"
unset mnt_point
done
}
# Preliminary checks code for the module
precheck_conf_nfs()
{
if [[ -n $NFS_MOUNTS ]]; then
for mnt in $NFS_MOUNTS; do
if [[ -z $(eval echo \$MOUNTSERV_$mnt) ]]; then
prnt E "The server mount for $NFS_MOUNT is not declared."
die 182
fi
if [[ -z $(eval echo \$MOUNTPOINT_$mnt) ]]; then
prnt E "The mountpoint for $NFS_MOUNT is not declared."
die 183
fi
prnt I "NFS server $(eval echo \$MOUNTSERV_$mnt) will be mounted on $(eval echo \$MOUNTPOINT_$mnt)."
done
fi
}
# Public functions might be exported
export -f conf_nfs
export -f precheck_conf_nfs
# EOF

57
modules/conf_ntp.sh
View File

@@ -11,36 +11,51 @@
# * NTPSERVERS: list of NTP servers
# ------------------------------------------------------------------------------
export VER_conf_ntp="0.1.6"
export VER_conf_ntp="0.2.0"
export DEP_conf_ntp=""
conf_ntp()
{
if [[ $(pidof systemd) ]]; then
prnt I "Disabling Systemd-timesyncd..."
systemctl disable systemd-timesyncd || true
prnt I "Disabling Systemd-timesyncd..."
systemctl disable systemd-timesyncd || true
fi
NTP_SERV=${NTP_SERV:-ntp}
prnt I "Installing ntp daemon..."
pkginst ntp
pkginst $NTP_SERV
prnt I "Stopping service ntp..."
svc_stop ntp
svc_stop $NTP_SERV
if [[ $NTP_SERV == ntpsec ]]; then
local conf_file="/etc/$NTP_SERV/ntp.conf"
else
local conf_file="/etc/ntp.conf"
fi
prnt I "Installing NTP configuration file..."
local dest="/etc/ntp.conf.work"
backup_dist /etc/ntp.conf
tag_file $dest
install_file ntp.conf $dest
local dest="${conf_file}.work"
backup_dist "$conf_file"
if [[ -s $NTP_SERV ]]; then
install_file ${NTP_SERV}.conf "$dest"
else
install_file ntp.conf "$dest"
fi
tag_file "$dest"
local line=""
for srv in $NTP_SERVERS; do
line="${line}server $srv iburst\n"
line="${line}server $srv iburst\n"
done
sed -i -e "s/@SERVERLIST@/$line/" $dest &&
echo "# Generated on $(stdtime)" >> $dest &&
mv -fv $dest /etc/ntp.conf
sed -i -e "s/@SERVERLIST@/$line/" "$dest" &&
mv -fv "$dest" "$conf_file"
prnt I "Starting service ntp..."
svc_start ntp
if [[ -n $NTP_SERV ]]; then
svc_start $NTP_SERV
else
svc_start ntp
fi
sleep 2 # short sleep so we're sure daemon is ready
ntptime
}
@@ -49,14 +64,14 @@ conf_ntp()
precheck_conf_ntp()
{
if [[ -z $NTP_SERVERS ]]; then
prnt E "No configured NTP server!"
die 151
prnt E "No configured NTP server!"
die 151
else
file_must_exists ntp.conf
prnt m "The NTP servers to be used will be:"
for srv in $NTP_SERVERS; do
prnt m " * $srv"
done
file_must_exists ntp.conf
prnt m "The NTP servers to be used will be:"
for srv in $NTP_SERVERS; do
prnt m " * $srv"
done
fi
}

8
modules/conf_ssh.sh
View File

@@ -12,7 +12,7 @@
# ------------------------------------------------------------------------------
export VER_conf_ssh="0.1.4"
export DEP_conf_ssh="upgrade_dist"
export DEP_conf_ssh=""
conf_ssh()
{
@@ -24,9 +24,9 @@ conf_ssh()
prnt I "Installating OpenSSH configuration files..."
for f in /etc/ssh/ssh{,d}_config; do
backup_dist $f
install_file ssh/$(basename $f) $f
tag_file $f
backup_dist $f
install_file ssh/$(basename $f) $f
tag_file $f
done
sed -i -e "s#@SSHD_PERMITROOT_RANGE@#$SSHD_PERMITROOT_RANGE#" /etc/ssh/sshd_config

1
modules/conf_syslog.sh
View File

@@ -15,6 +15,7 @@ export VER_conf_syslog="0.0.5"
conf_syslog()
{
pkginst rsyslog
local syslogconf=/etc/rsyslog.conf
prnt I "Configuring rsyslog..."
backup_dist $syslogconf

112
modules/create_vm.sh
View File

@@ -11,14 +11,14 @@
# To be defined
# ------------------------------------------------------------------------------
export VER_create_vm="0.0.2"
export VER_create_vm="0.0.2-obsolete"
export DEP_create_vm="upgrade_dist install_pkg"
create_vm()
{
if [[ $WITH_VM != "yes" ]]; then
prnt W "That computer is not configured for virtualisation, nothing to do."
return 0
prnt W "That computer is not configured for virtualisation, nothing to do."
return 0
fi
pkginst virtualbox
@@ -32,60 +32,60 @@ create_vm()
local accel_2d=off
case $VM_OS in
Windows*)
accel_2d=on
;;
Windows*)
accel_2d=on
;;
esac
# Create emty VM
local targetdir=$VM_ROOT/vms/$VM_NAME
vboxmanage createvm --ostype $VM_OS --basefolder $targetdir \
--name $VM_NAME --register
--name $VM_NAME --register
# Give main caracteristics
vboxmanage modifyvm $VM_NAME \
--cpus $VM_CPU --memory $VM_MEM --vram $VM_VID_MEM \
--boot1 $VM_BOOT1 --VM_BOOT2 $VM_BOOT2 --boot3 $VM_BOOT3 \
--nic1 bridged --bridgeadapter1 $VM_IF_BRIDGE \
--accelerate2dvideo $accel_2d \
--clipboard bidirectional --draganddrop disabled
--cpus $VM_CPU --memory $VM_MEM --vram $VM_VID_MEM \
--boot1 $VM_BOOT1 --VM_BOOT2 $VM_BOOT2 --boot3 $VM_BOOT3 \
--nic1 bridged --bridgeadapter1 $VM_IF_BRIDGE \
--accelerate2dvideo $accel_2d \
--clipboard bidirectional --draganddrop disabled
# Add a SATA controler
vboxmanage storagectl $VM_NAME \
--name sata0 --add sata --controller IntelAHCI --bootable on \
--hostiocache on --portcount 6
--name sata0 --add sata --controller IntelAHCI --bootable on \
--hostiocache on --portcount 6
# Create a virtual HDD
vboxmanage createmedium \
--size $VM_DISK_SIZE --variant Fixed --filename $targetdir/$VM_NAME.vdi
--size $VM_DISK_SIZE --variant Fixed --filename $targetdir/$VM_NAME.vdi
# Connect the created HDD to the VM
vboxmanage storageattach $VM_NAME \
--storagectl sata0 --port 1 --device 0 --type hdd \
--medium $targetdir/$VM_NAME.vdi
--storagectl sata0 --port 1 --device 0 --type hdd \
--medium $targetdir/$VM_NAME.vdi
unset targetdir accel_2d
# Add empty DVD
vboxmanage storageattach $VM_NAME --storagectl sata0 --port 2 --device 0 \
--medium emptydrive
--medium emptydrive
# Add shares
local share= i=0
for share in $VM_SHARES_NAME; do
(( i+=1 ))
(( i+=1 ))
local j=0 hostpath=""
for path in $VM_SHARES_PATH; do
(( j+=1 ))
if [[ $i -eq $j ]]; then
hostpath=$path
fi
done
unset j
local j=0 hostpath=""
for path in $VM_SHARES_PATH; do
(( j+=1 ))
if [[ $i -eq $j ]]; then
hostpath=$path
fi
done
unset j
vboxmanage sharedfolder add $VM_NAME \
--name ${VM_SHARES_NAME,,} --hostpath $hostpath
vboxmanage sharedfolder add $VM_NAME \
--name ${VM_SHARES_NAME,,} --hostpath $hostpath
done
unset share i
}
@@ -93,35 +93,35 @@ create_vm()
precheck_create_vm()
{
if [[ $WITH_VM == "yes" ]]; then
if [[ -z $VM_NAME ]]; then
prnt E "The virtual machine must have a name."
die 181
fi
if [[ -z VM_CPU || -z VM_MEM || -z VM_OS || -z VM_ROOT || \
-z VM_BOOT1 || -z VM_BOOT2 || -z VM_BOOT3 || -z VM_VID_MEM ||
-z VM_IF_BRIDGE || -z VM_DISK_SIZE ]]; then
prnt E "A necessary declaration for the virtual machine is absent!"
die 181
else
prnt I "The virtual machine \"$VM_NAME\" will be created in $VM_ROOT..."
fi
if [[ -z $VM_NAME ]]; then
prnt E "The virtual machine must have a name."
die 181
fi
if [[ -z VM_CPU || -z VM_MEM || -z VM_OS || -z VM_ROOT || \
-z VM_BOOT1 || -z VM_BOOT2 || -z VM_BOOT3 || -z VM_VID_MEM ||
-z VM_IF_BRIDGE || -z VM_DISK_SIZE ]]; then
prnt E "A necessary declaration for the virtual machine is absent!"
die 181
else
prnt I "The virtual machine \"$VM_NAME\" will be created in $VM_ROOT..."
fi
local share= i=0 j=0
for share in $VM_SHARES_NAME; do
(( i+=1 ))
done
for share in $VM_SHARES_PATH; do
(( j+=1 ))
done
unset share
if [[ $i -eq $j ]]; then
prnt I "The virtual machine will access $i directories from the host."
else
prnt E "The number of share and path to share is different!"
die 182
fi
local share= i=0 j=0
for share in $VM_SHARES_NAME; do
(( i+=1 ))
done
for share in $VM_SHARES_PATH; do
(( j+=1 ))
done
unset share
if [[ $i -eq $j ]]; then
prnt I "The virtual machine will access $i directories from the host."
else
prnt E "The number of share and path to share is different!"
die 182
fi
else
prnt I "No virtual machine to create."
prnt I "No virtual machine to create."
fi
}

69
modules/install_chromium.sh
View File

@@ -20,25 +20,29 @@ install_chromium()
{
# Add Debian repo to sources.list.d directory depending on Ubuntu version
case $SYS_VER in
16.04|16.10|17.04|17.10)
prnt I "Adding Debian Stretch repository to software sources..."
install_file debian_stretch.list /etc/apt/sources.list.d/
;;
18.04|18.10|19.04|19.10)
prnt I "Adding Debian Buster repository to software sources..."
install_file debian_buster.list /etc/apt/sources.list.d/
;;
20.04|20.10|21.04|21.10)
prnt I "Adding Debian Bullseye repository to software sources..."
install_file debian_bullseye.list /etc/apt/sources.list.d/
;;
16.04|16.10|17.04|17.10)
prnt I "Adding Debian Stretch repository to software sources..."
install_file debian_stretch.list /etc/apt/sources.list.d/
;;
18.04|18.10|19.04|19.10)
prnt I "Adding Debian Buster repository to software sources..."
install_file debian_buster.list /etc/apt/sources.list.d/
;;
20.04|20.10|21.04|21.10)
prnt I "Adding Debian Bullseye repository to software sources..."
install_file debian_bullseye.list /etc/apt/sources.list.d/
;;
22.04|22.10|23.04|23.10)
prnt I "Adding Debian Bookworm repository to software sources..."
install_file debian_bookworm.list /etc/apt/sources.list.d/
;;
esac
# Install Debian GPG keys
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys DCC9EFBF77E11517
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys AA8E81B4331F7F50
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 112695A0E562B32A
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys "DCC9EFBF77E11517"
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys "648ACFD622F3D138"
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys "AA8E81B4331F7F50"
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys "112695A0E562B32A"
# Install package manager conf file for Chromium
install_file apt_chromium.conf /etc/apt/preferences.d/
@@ -56,23 +60,26 @@ precheck_install_chromium()
{
# Check we run Ubuntu
if [[ $SYS_DIST != "ubuntu" ]]; then
prnt E "The install_chromium module is a Ubuntu only workaround."
die 165
prnt E "The install_chromium module is a Ubuntu only workaround."
die 165
fi
case $SYS_VER in
16.04|16.10|17.04|17.10)
prnt m " * Detected Ubuntu $SYS_VER, will install Stretch version of Chromium"
;;
18.04|18.10|19.04|19.10)
prnt m " * Detected Ubuntu $SYS_VER, will install Buster version of Chromium"
;;
20.04|20.10|21.04|21.10)
prnt m " * Detected Ubuntu $SYS_VER, will install Bullseye version of Chromium"
;;
*)
prnt E "Unable to determine the corresponding Debian version."
die 165
;;
16.04|16.10|17.04|17.10)
prnt m " * Detected Ubuntu $SYS_VER, will install Stretch version of Chromium"
;;
18.04|18.10|19.04|19.10)
prnt m " * Detected Ubuntu $SYS_VER, will install Buster version of Chromium"
;;
20.04|20.10|21.04|21.10)
prnt m " * Detected Ubuntu $SYS_VER, will install Bullseye version of Chromium"
;;
22.04|22.10|23.04|23.10)
prnt m " * Detected Ubuntu $SYS_VER, will install Bookworm version of Chromium"
;;
*)
prnt E "Unable to determine the corresponding Debian version."
die 165
;;
esac
}

20
modules/install_desktop.sh
View File

@@ -16,31 +16,31 @@
# ------------------------------------------------------------------------------
export VER_install_desktop="0.0.5"
export DEP_install_desktop="upgrade_dist"
export DEP_install_desktop=""
install_desktop()
{
if [[ -n $X11_DRV ]]; then
prnt I "Installing additionnal X11 drivers..."
pkginst $X11_DRV
prnt I "Installing additionnal X11 drivers..."
pkginst $X11_DRV
fi
if [[ $UBUNTU_FLAVOR ]]; then
prnt I "Installing $UBUNTU_FLAVOR environment..."
pkginst ${UBUNTU_FLAVOR}-desktop
if [[ -n $UBUNTU_FLAVOR ]]; then
prnt I "Installing $UBUNTU_FLAVOR environment..."
pkginst ${UBUNTU_FLAVOR}-desktop
fi
# Because we're lazy but manual actions can avoid reboot...
NEED_REBOOT=true
export NEED_REBOOT=true
}
precheck_install_desktop()
{
if [[ -z $UBUNTU_FLAVOR ]]; then
prnt W "No Ubuntu flavor chosen, no desktop environment will be installed!"
prnt W "No Ubuntu flavor chosen, no desktop environment will be installed!"
else
prnt m " * The flavor $UBUNTU_FLAVOR will be installed..."
prnt m " * The flavor $UBUNTU_FLAVOR will be installed..."
fi
if [[ -n $X11_DRV ]]; then
prnt W "Non free drivers will be installed."
prnt W "Non free drivers will be installed."
fi
}

154
modules/install_mkagent.sh
View File

@@ -1,7 +1,7 @@
# ------------------------------------------------------------------------------
# Install check_mk agent using xinetd superserver
# This file is part of the init.sh project
# Copyright (c) 2019-2022 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# Copyright (c) 2019-2023 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
# ------------------------------------------------------------------------------
# This file is distributed under 3-clause BSD license.
# The complete license agreement can be obtained at:
@@ -9,33 +9,144 @@
# ------------------------------------------------------------------------------
# Variable:
# * MK_SERVER: Server IP address
# * MK_PORT: Port check_mk agent will use to communicate with server
# * MK_SITE: The check_mk site (or instance) to use
# * MK_URL: The URL to use to download the agent
# * MK_SECRET: The secret to use to register the agent
# * MK_USER: The user to use to register
# ------------------------------------------------------------------------------
export VER_install_mkagent="0.0.6"
export DEP_install_mkagent="upgrade_dist install_pkg"
export VER_install_mkagent="0.1.0"
export DEP_install_mkagent=""
# ------------------------------------------------------------------------------
# Extract CheckMK version from the server
get_checkmk_version_from_server()
{
local ip="$1"
local site="${2:-$MK_SITE}"
local proto out v header
local re_version='[0-9]+\.[0-9]+(\.[0-9]+)?p?[0-9]+'
[[ -n "$MK_VERSION" ]] && { printf '%s' "$MK_VERSION"; return 0; }
for proto in http https; do
# 1) Tentative via version.py (souvent non protégée)
if out=$(curl -fsS --max-time 3 "$proto://$ip/$site/check_mk/version.py" 2>/dev/null); then
v=$(grep -oE "$re_version" <<<"$out" | head -n1)
[[ -n "$v" ]] && { printf '%s' "$v"; return 0; }
fi
# 2) Tentative via login.py (page de connexion)
if out=$(curl -fsS --max-time 3 "$proto://$ip/$site/check_mk/login.py" 2>/dev/null); then
v=$(grep -oE "$re_version" <<<"$out" | grep -vE '2\.[0-9]{1,3}\.[0-9]{2,3}' | head -n1)
[[ -n "$v" ]] && { printf '%s' "$v"; return 0; }
fi
# 3) En-têtes HTTP éventuels
header=$(curl -fsSI --max-time 3 "$proto://$ip/$site/" 2>/dev/null || true)
if [[ -n "$header" ]]; then
v=$(grep -oiE "$re_version" <<<"$header" | head -n1)
[[ -n "$v" ]] && { printf '%s' "$v"; return 0; }
fi
# 4) Fallback : page d'accueil, mais filtrer les faux positifs du JS
out=$(curl -fsS --max-time 5 "$proto://$ip/$site/" 2>/dev/null || true)
if [[ -n "$out" ]]; then
# Filtre plus strict : commence par 1.x ou 2.x et max 2 chiffres après le point
v=$(grep -oE "$re_version" <<<"$out" \
| grep -E '^2\.[0-9]+(\.[0-9]+)?p?[0-9]*$' \
| grep -vE '\.[0-9]{3,}' \
| head -n1)
[[ -n "$v" ]] && { printf '%s' "$v"; return 0; }
fi
done
return 1
}
install_mkagent()
{
wget $MK_URL -O /tmp/check-mk-agent_${MK_VERSION}_all.deb
pkginst xinetd /tmp/check-mk-agent_${MK_VERSION}_all.deb
rm /tmp/check-mk-agent_${MK_VERSION}_all.deb
local debfile="/tmp/check-mk-agent_latest_all.deb"
prnt I "Downloading CheckMK agent from: $MK_URL"
backup_dist /etc/xinetd.d/check_mk
install_file cmk/check_mk /etc/xinetd.d/check_mk
tag_file /etc/xinetd.d/check_mk
sed -i -e "s/@MK_SERVER_IP@/$MK_SERVER_IP/" /etc/xinetd.d/check_mk
# try primary URL
if ! wget -q "$MK_URL" -O "$debfile"; then
prnt W "Primary download failed. Attempting to detect server version and fallback..."
local mkver
mkver=$(get_checkmk_version_from_server "$MK_SERVER_IP" 2>/dev/null || true)
mkdir -pv /usr/lib/check_mk_agent/plugins/28800
install_file cmk/mk_apt /usr/lib/check_mk_agent/plugins/28800/mk_apt
if [[ -n "$mkver" ]]; then
prnt I "Detected Check_MK version: $mkver — building fallback URL"
# replace the literal 'latest' token in MK_URL with the detected version
local fallback_url
fallback_url="${MK_URL/latest/$mkver-1}"
prnt I "Trying fallback URL: $fallback_url"
if ! wget -q "$fallback_url" -O "$debfile"; then
prnt E "Fallback download with version $mkver failed."
die 163
fi
else
prnt E "Unable to detect Check_MK version on $MK_SERVER_IP and primary download failed."
die 163
fi
fi
svc_restart xinetd
# On non-systemd systems, install xinetd before the .deb to avoid postinst failures
if ! pidof systemd >/dev/null; then
pkginst xinetd
fi
# Install agent package
pkginst "$debfile"
rm -f "$debfile"
# Enable service depending on init system
if pidof systemd >/dev/null; then
systemctl enable --now check-mk-agent.socket
else
backup_dist /etc/xinetd.d/check-mk-agent
install_file cmk/check_mk /etc/xinetd.d/check-mk-agent
tag_file /etc/xinetd.d/check-mk-agent
sed -i -e "s/@MK_SERVER_IP@/$MK_SERVER_IP/" /etc/xinetd.d/check-mk-agent
svc_restart xinetd
fi
# Debian plugin
if [[ $PKG_MAN == "apt-get" ]]; then
mkdir -pv /usr/lib/check_mk_agent/plugins/3600
install_file cmk/mk_apt /usr/lib/check_mk_agent/plugins/3600/mk_apt
fi
# Registration (if secret provided)
if [[ -n $MK_SECRET ]]; then
local secret
prnt I "Fetching secret $MK_SECRET..."
secret=$(fetch_secret "$MK_SECRET")
if [[ -e /var/lib/cmk-agent/cmk-agent-ctl.gz ]]; then
gunzip -v -f /var/lib/cmk-agent/cmk-agent-ctl.gz
chmod -v +x /var/lib/cmk-agent/cmk-agent-ctl
fi
if [[ -x /var/lib/cmk-agent/cmk-agent-ctl ]]; then
/var/lib/cmk-agent/cmk-agent-ctl register \
--hostname "$HOSTNAME" \
--server "$MK_SERVER_IP" \
--site "$MK_SITE" \
--user "$MK_USER" \
--password "$secret"
else
prnt W "Agent control tool not found; skipping registration."
fi
unset secret
else
prnt W "No secret configured, agent cannot be registered."
fi
}
precheck_install_mkagent()
{
if [[ -z $MK_VERSION ]]; then
prnt E "Undeclared check_mk version of the agent to install."
if [[ -z $MK_SITE ]]; then
prnt E "Undeclared check_mk site to use."
die 162
fi
if [[ -z $MK_URL ]]; then
@@ -46,7 +157,16 @@ precheck_install_mkagent()
prnt E "Undeclared check_mk server."
die 162
fi
file_must_exists cmk/check_mk cmk/mk_apt
if [[ $PKG_MAN == "apt-get" ]]; then
file_must_exists cmk/check_mk cmk/mk_apt
fi
if [[ -z $MK_SECRET ]]; then
prnt W "No secret set for CheckMK, registration won't be possible."
if [[ -z $MK_USER ]]; then
prnt E "A CheckMK user is required to register."
die 162
fi
fi
}
export -f install_mkagent

46
modules/install_pkg.sh
View File

@@ -20,28 +20,28 @@ install_pkg()
{
# Remove unnecessary packages
if [[ -n $PKGS_RMLIST ]]; then
prnt I "Removing some undesired packages..."
pkgrm $PKGS_RMLIST
prnt I "Removing some undesired packages..."
pkgrm $PKGS_RMLIST
fi
# Blacklist some anoying packages (and remove them if needed)
if [[ -n PKGS_BLACKLIST ]]; then
for pkg in $PKGS_BLACKLIST; do
prnt I "Placing $pkg into the blacklist..."
local dest=/etc/apt/preferences.d/blacklist_$pkg
install_file pkgman/blacklist.conf $dest &&
sed -i -e "s/@pkg@/pkg/" $dest
tag_file $dest
if [[ -n $PKGS_BLACKLIST ]]; then
for pkg in $PKGS_BLACKLIST; do
prnt I "Placing $pkg into the blacklist..."
local dest=/etc/apt/preferences.d/blacklist_$pkg
install_file pkgman/blacklist.conf $dest &&
sed -i -e "s/@pkg@/pkg/" $dest
tag_file $dest
# If blacklisted we suppose uninstall as well (if neeeded)
pkgrm $pkg
done
# If blacklisted we suppose uninstall as well (if neeeded)
pkgrm $pkg
done
fi
# Install all the configured packages
if [[ -n $PKGSEL ]]; then
prnt I "Installing the package selection..."
pkginst $PKGSEL
prnt I "Installing the package selection..."
pkginst $PKGSEL
fi
# Cleaning
@@ -51,23 +51,23 @@ install_pkg()
precheck_install_pkg()
{
if [[ -z PKGS_RMLIST ]]; then
prnt m " * No package to remove."
if [[ -z $PKGS_RMLIST ]]; then
prnt m " * No package to remove."
else
prnt m " * $(echo $PKGS_RMLIST | wc -w) package to remove."
prnt m " * $(echo $PKGS_RMLIST | wc -w) package to remove."
fi
if [[ -z PKGS_BLACKLIST ]]; then
prnt m " * The packages $pkg will be placed into the blacklist !"
file_must_exists pkgman/blacklist.conf
if [[ -z $PKGS_BLACKLIST ]]; then
prnt m " * The packages $pkg will be placed into the blacklist !"
file_must_exists pkgman/blacklist.conf
else
prnt m " * No package to blacklist."
prnt m " * No package to blacklist."
fi
if [[ -z $PKGSEL ]]; then
prnt m " * No additionnal package to install !"
prnt m " * No additionnal package to install !"
else
prnt m " * $(echo $PKGSEL | wc -w) additionnal package have to be installed."
prnt m " * $(echo $PKGSEL | wc -w) additionnal package have to be installed."
fi
}

26
modules/install_profile.sh
View File

@@ -8,7 +8,7 @@
# https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------
export VER_install_profile="0.0.7"
export VER_install_profile="0.1.0"
export DEP_install_profile="install_pkg"
install_profile()
@@ -18,16 +18,24 @@ install_profile()
local usrlist="/root"
if find /home -mindepth 1 -maxdepth 1 -type d | read; then
usrlist="$usrlist /home/*"
usrlist="$usrlist /home/*"
fi
for usr in $usrlist; do
prnt I "Installing profile for user $usr..."
backup_dist $usr/{.,}profile $usr/.bashrc
install_file profile/{{.,}profile,.bashrc} $usr/
tag_file $usr/{{.,}profile,.bashrc}
install_file profile/.tmux/.tmux.conf{,.local} $usr/
tag_file $usr/.tmux.conf{,.local}
prnt I "Installing profile for user $usr..."
backup_dist $usr/{.profile,.bashrc}
install_file profile/{.profile,.bashrc} $usr/
tag_file $usr/{.profile,.bashrc}
#install_file profile/.tmux/.tmux.conf{,.local} $usr/
#tag_file $usr/.tmux.conf{,.local}
if [[ ! -d $usr/profile ]]; then
(
cd $usr || return 205
git config --global http.sslverify false
git clone https://git.geoffray-levasseur.org/fatalerrors/profile.git
git config --global http.sslverify true
)
fi
done
unset usrlist
@@ -39,7 +47,7 @@ install_profile()
precheck_install_profile()
{
file_must_exists profile/{motd,{.,}profile,.bashrc,.tmux/.tmux.conf{,.local}}
file_must_exists profile/{motd,{.profile,.bashrc,.tmux/.tmux.conf{,.local}}
}
export -f install_profile

20
modules/patch_snmp.sh
View File

@@ -8,29 +8,29 @@
# https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------
export VER_patch_snmp="0.1.2"
export DEP_patch_snmp="install_pkg"
export VER_patch_snmp="0.1.3"
export DEP_patch_snmp=""
patch_snmp()
{
pkginst snmpd
prnt I "Configuring SNMP daemon..."
backup_dist /etc/snmp/snmpd.conf /etc/default/snmpd \
/lib/systemd/system/snmpd.service /etc/init.d/snmpd
/lib/systemd/system/snmpd.service /etc/init.d/snmpd
install_file snmpd/snmpd.conf /etc/snmp/snmpd.conf
tag_file /etc/snmp/snmpd.conf
# No longer required with Debian >= 11 or Devuan >= 4
if [[ ($SYS_DIST == 'debian' && $SYS_VER -lt 11) ||
($SYS_DIST == 'devuan' && $SYS_VER -lt 4) ]]; then
install_file snmpd/snmpd.init /etc/init.d/snmpd
($SYS_DIST == 'devuan' && $SYS_VER -lt 4) ]]; then
install_file snmpd/snmpd.init /etc/init.d/snmpd
fi
install_file snmpd/snmpd.default /etc/default/snmpd
tag_file /etc/default/snmpd
if [[ -e /lib/systemd/system/snmpd.service ]]; then
install_file snmpd/snmpd.service /lib/systemd/system/snmpd.service
if command -v systemctl &> /dev/null; then
systemctl daemon-reload
fi
install_file snmpd/snmpd.service /lib/systemd/system/snmpd.service
if command -v systemctl &> /dev/null; then
systemctl daemon-reload
fi
fi
svc_restart snmpd
}
@@ -39,7 +39,7 @@ precheck_patch_snmp()
{
file_must_exists snmpd/snmpd.{conf,default}
if [[ -e /lib/systemd/system/snmpd.service ]]; then
file_must_exists snmpd/snmpd.service
file_must_exists snmpd/snmpd.service
fi
}

4
modules/select_system_proxy.sh
View File

@@ -9,7 +9,7 @@
# ------------------------------------------------------------------------------
export VER_select_system_proxy="0.0.5"
export DEP_select_system_proxy="upgrade_dist"
export DEP_select_system_proxy=""
select_system_proxy()
{
@@ -20,7 +20,7 @@ select_system_proxy()
else
prnt I "No proxy configuration set, nothing to do."
fi
NEED_REBOOT=true
export NEED_REBOOT=true
}
precheck_select_system_proxy()

40
modules/upgrade_dist.sh
View File

@@ -13,14 +13,19 @@
# * PROXY_APT_PORT: Working port for APT proxy if one declared
# * PROXY_SRV: General purpose proxy if PROXY_APT is undefined
# * PROXY_SRV_PORT: Working port for general purpose proxy if one declared
# TODO: Split apt conf and actuel update to avoid repeating configuration if
# for a reason apt fail
# TODO: This is Debian only, make this universal (at least yum/dnf compatible)
# ------------------------------------------------------------------------------
export VER_upgrade_dist="0.2.3"
export VER_upgrade_dist="0.3.0"
# As aptitude might fail if clock is too far from real time, we need to depend
# on ntp
export DEP_upgrade_dist="conf_ntp"
export SOURCE_EXT="${SOURCE_EXT:-list}"
upgrade_dist()
{
local proxyfile=/etc/apt/apt.conf.d/00proxy
@@ -29,18 +34,30 @@ upgrade_dist()
# We backup entire apt dir
backup_dist /etc/apt
prnt I "Basic apt configuration..."
tag_file $norecommend
echo 'APT::Install-Recommends "false";' >> $norecommends
echo 'APT::AutoRemove::RecommendsImportant "false";' >> $norecommends
echo 'APT::AutoRemove::SuggestsImportant "false";' >> $norecommends
# TODO: No recommend section should be optionnal
tag_file $norecommends
{
echo 'APT::Install-Recommends "false";'
echo 'APT::AutoRemove::RecommendsImportant "false";'
echo 'APT::AutoRemove::SuggestsImportant "false";'
} >> $norecommends
prnt I "Configuring proxy for APT..."
if [[ -n $PROXY_APT ]]; then
if [[ ! -d $(dirname $proxyfile) ]]; then
mkdir -pv $(dirname $proxyfile) || (
mkdir -pv "$(dirname $proxyfile)" || (
prnt E "Impossible to create directory to receive APT configuration."
die 60
)
else
# Cleanup
if [[ -s $proxyfile ]]; then
true > "$proxyfile"
fi
if grep -q "^Acquire::http::Proxy" /etc/apt/apt.conf; then
sed -i -e "/^Acquire::http::Proxy/d" /etc/apt/apt.conf
fi
fi
tag_file $proxyfile
echo "Acquire::http::Proxy \"http://${PROXY_APT}:${PROXY_APT_PORT}\";" >> $proxyfile
@@ -52,7 +69,12 @@ upgrade_dist()
fi
# Remplace source.list from dist with ours (be smarter)
install_file "pkgman/${SYS_DIST}_${SYS_VER}.list" /etc/apt/sources.list
if [[ NO_MAIN_SOURCE == true ]]; then
install_file "pkgman/${SYS_DIST}_${SYS_VER}.list" "/etc/apt/sources.list.d/debian.${SOURCE_EXT}"
else
# We don't use SOURCE_EXT
install_file "pkgman/${SYS_DIST}_${SYS_VER}.list" "/etc/apt/sources.list"
fi
prnt I "Updating package list..."
pkgupdt
@@ -81,6 +103,10 @@ precheck_upgrade_dist()
die 160
fi
file_must_exists pkgman/${SYS_DIST}_${SYS_VER}.list
if [[ -z $NO_MAIN_SOURCE ]]; then
prnt E "A required variable to configure apt is not defined."
die 160
fi
}
cron_upgrade_dist()

53
repo/common/ntpsec.conf Normal file
View File

@@ -0,0 +1,53 @@
# /etc/ntpsec/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntpsec/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list
# To enable Network Time Security support as a server, obtain a certificate
# (e.g., with Let's Encrypt), place the cert and key in the paths below, and
# uncomment:
# nts cert /etc/ntpsec/cert-chain.pem
# nts key /etc/ntpsec/key.pem
# nts enable
# You must create /var/log/ntpsec (owned by ntpsec:ntpsec) to enable logging.
#statsdir /var/log/ntpsec/
#statistics loopstats peerstats clockstats
#filegen loopstats file loopstats type day enable
#filegen peerstats file peerstats type day enable
#filegen clockstats file clockstats type day enable
# This should be maxclock 7, but the pool entries count towards maxclock.
tos maxclock 11
# Comment this out if you have a refclock and want it to be able to discipline
# the clock by itself (e.g. if the system is not connected to the network).
tos minclock 4 minsane 3
# Specify one or more NTP servers.
# Public NTP servers supporting Network Time Security:
# server time.cloudflare.com nts
@SERVERLIST@
# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will
# pick a different set every time it starts up. Please consider joining the
# pool: <https://www.pool.ntp.org/join.html>
#pool 0.debian.pool.ntp.org iburst
#pool 1.debian.pool.ntp.org iburst
#pool 2.debian.pool.ntp.org iburst
#pool 3.debian.pool.ntp.org iburst
# Access control configuration; see /usr/share/doc/ntpsec-doc/html/accopt.html
# for details.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict default kod nomodify noquery limited
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

15
repo/common/pkgman/debian_10.list
View File

@@ -1,5 +1,10 @@
# Basic Debian Buster repositories
deb http://deb.debian.org/debian buster main
deb http://deb.debian.org/debian buster-updates main
deb http://deb.debian.org/debian-security buster/updates main
# Basic Debian Buster repositories
deb http://deb.debian.org/debian buster main contrib non-free
deb-src http://deb.debian.org/debian buster main contrib non-free
deb http://deb.debian.org/debian buster-updates main contrib non-free
deb-src http://deb.debian.org/debian buster-updates main contrib non-free
deb http://deb.debian.org/debian-security buster/updates main contrib non-free
deb-src http://deb.debian.org/debian-security buster/updates main contrib non-free

24
repo/common/pkgman/debian_11.list
View File

@@ -1,20 +1,10 @@
# deb cdrom:[Debian GNU/Linux 11.0.0 _Bullseye_ - Official amd64 NETINST 20210814-10:07]/ bullseye main
# Basic debian Bullseye reop
#deb cdrom:[Debian GNU/Linux 11.0.0 _Bullseye_ - Official amd64 NETINST 20210814-10:07]/ bullseye main
deb http://debian.univ-tlse2.fr/debian/ bullseye main contrib non-free
deb-src http://debian.univ-tlse2.fr/debian/ bullseye main contrib non-free
deb http://debian.univ-tlse2.fr/debian/ bullseye main contrib
deb-src http://debian.univ-tlse2.fr/debian/ bullseye main contrib
deb http://security.debian.org/debian-security bullseye-security main contrib non-free
deb-src http://security.debian.org/debian-security bullseye-security main contrib non-free
deb http://security.debian.org/debian-security bullseye-security main contrib
deb-src http://security.debian.org/debian-security bullseye-security main contrib
# bullseye-updates, to get updates before a point release is made;
# see https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports
deb http://debian.univ-tlse2.fr/debian/ bullseye-updates main contrib
deb-src http://debian.univ-tlse2.fr/debian/ bullseye-updates main contrib
# This system was installed using small removable media
# (e.g. netinst, live or single CD). The matching "deb cdrom"
# entries were disabled at the end of the installation process.
# For information about how to configure apt package sources,
# see the sources.list(5) manual.
deb http://debian.univ-tlse2.fr/debian/ bullseye-updates main contrib non-free
deb-src http://debian.univ-tlse2.fr/debian/ bullseye-updates main contrib non-free

10
repo/common/pkgman/debian_12.list Normal file
View File

@@ -0,0 +1,10 @@
# Basic Debian Bookworm repo
deb http://debian.univ-tlse2.fr/debian/ bookworm main contrib non-free non-free-firmware
deb-src http://debian.univ-tlse2.fr/debian/ bookworm main contrib non-free non-free-firmware
deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
deb-src http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
deb http://debian.univ-tlse2.fr/debian/ bookworm-updates main contrib non-free non-free-firmware
deb-src http://debian.univ-tlse2.fr/debian/ bookworm-updates main contrib non-free non-free-firmware

4
repo/common/pkgman/devuan_3.list
View File

@@ -5,5 +5,5 @@ deb-src http://fr.deb.devuan.org/merged beowulf main contrib non-free
deb http://fr.deb.devuan.org/merged beowulf-updates main contrib non-free
deb-src http://fr.deb.devuan.org/merged beowulf-updates main contrib non-free
deb http://fr.deb.devuan.org/merged beowulf-backports main contrib non-free
deb-src http://fr.deb.devuan.org/merged beowulf-backports main contrib non-free
deb http://fr.deb.devuan.org/merged beowulf-security main contrib non-free
deb-src http://fr.deb.devuan.org/merged beowulf-security main contrib non-free

4
repo/common/pkgman/devuan_4.list
View File

@@ -5,5 +5,5 @@ deb-src http://fr.deb.devuan.org/merged chimaera main contrib non-free
deb http://fr.deb.devuan.org/merged chimaera-updates main contrib non-free
deb-src http://fr.deb.devuan.org/merged chimaera-updates main contrib non-free
deb http://fr.deb.devuan.org/merged chimaera-backports main contrib non-free
deb-src http://fr.deb.devuan.org/merged chimaera-backports main contrib non-free
deb http://fr.deb.devuan.org/merged chimaera-security main contrib non-free
deb-src http://fr.deb.devuan.org/merged chimaera-security main contrib non-free

9
repo/common/pkgman/devuan_5.list Normal file
View File

@@ -0,0 +1,9 @@
#
deb http://fr.deb.devuan.org/merged daedalus main contrib non-free non-free-firmware
deb-src http://fr.deb.devuan.org/merged daedalus main contrib non-free non-free-firmware
deb http://fr.deb.devuan.org/merged daedalus-updates main contrib non-free non-free-firmware
deb-src http://fr.deb.devuan.org/merged daedalus-updates main contrib non-free non-free-firmware
deb http://fr.deb.devuan.org/merged daedalus-security main contrib non-free non-free-firmware
deb-src http://fr.deb.devuan.org/merged daedalus-security main contrib non-free non-free-firmware

10
repo/common/pkgman/devuan_6.list Normal file
View File

@@ -0,0 +1,10 @@
deb http://fr.deb.devuan.org/merged excalibur main non-free-firmware contrib
deb-src http://fr.deb.devuan.org/merged excalibur main non-free-firmware contrib
deb http://fr.deb.devuan.org/merged excalibur-security main non-free-firmware contrib
deb-src http://fr.deb.devuan.org/merged excalibur-security main non-free-firmware contrib
# excalibur-updates, to get updates before a point release is made;
# see https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports
deb http://fr.deb.devuan.org/merged excalibur-updates main non-free-firmware contrib
deb-src http://fr.deb.devuan.org/merged excalibur-updates main non-free-firmware contrib

Some files were not shown because too many files have changed in this diff Show More