postinst-setup-fedora: major fixes
authorMartin Pitt <martin@piware.de>
Sat, 5 Aug 2017 12:11:36 +0000 (14:11 +0200)
committerMartin Pitt <martin@piware.de>
Sat, 5 Aug 2017 12:11:36 +0000 (14:11 +0200)
postinst-setup-fedora

index 5e6a0be5f3d7c7fc1fb63d78f24f728f78b587aa..86017022c2e747d93e416323275a184395768a1b 100755 (executable)
@@ -1,42 +1,36 @@
 #!/bin/sh
 set -e
 
-# remove stuff that we do not need
-dnf remove -y mdadm mlocate nano rsyslog sssd telnet trousers rxvt-unicode abrt plymouth linux-atm-libs quota realmd selinux-policy || true
+if ! type offlineimap >/dev/null 2>&1; then
+    # remove stuff that we do not need
+    dnf remove -y mdadm mlocate nano rsyslog sssd telnet trousers rxvt-unicode abrt plymouth linux-atm-libs quota realmd selinux-policy audit || true
 
-# install stuff that we do want
-dnf install -y iwl6000g2a-firmware NetworkManager-wifi \
-    sudo ecryptfs-utils vim-enhanced iwl6000g2a-firmware \
-    xorg-x11-server-Xorg xorg-x11-drv-libinput xorg-x11-drv-intel \
-    dejavu-sans-fonts dejavu-serif-fonts dejavu-sans-mono-fonts \
-    xorg-x11-server-utils xorg-x11-utils xbacklight \
-    i3 i3lock lxdm wmctrl dunst pcmanfm gvfs-mtp \
-    pavucontrol pulseaudio-utils alsa-plugins-pulseaudio \
-    gstreamer1-plugin-mpg123 gstreamer1-plugins-good \
-    qemu-kvm qemu-img openvpn mutt weechat pidgin-otr \
-    simple-scan sane-backends sane-backends-drivers-scanners \
-    pandoc texlive-beamer texlive-latex-bin texlive-collection-fontsrecommended \
-    texlive-hyphen-german texlive-hyphen-english texlive-fancyhdr texlive-dinbrief \
-    texlive-german \
-    gnome-terminal firefox network-manager-applet evince shotwell rhythmbox \
-    offlineimap gnome-keyring pinentry-gnome3 \
-    postfix duplicity systemd-container gnome-disk-utility powertop \
-    git gtimelog libappindicator-gtk3 \
-    schroot mock \
+    # install stuff that we do want
+    dnf install -y iwl6000g2a-firmware NetworkManager-wifi \
+        sudo ecryptfs-utils vim-enhanced iwl6000g2a-firmware \
+        xorg-x11-server-Xorg xorg-x11-drv-libinput xorg-x11-drv-intel \
+        mesa-dri-drivers lxrandr \
+        dejavu-sans-fonts dejavu-serif-fonts dejavu-sans-mono-fonts \
+        xorg-x11-server-utils xorg-x11-utils xbacklight \
+        i3 i3lock lxdm wmctrl dunst pcmanfm gvfs-mtp \
+        pavucontrol pulseaudio-utils alsa-plugins-pulseaudio \
+        gstreamer1-plugin-mpg123 gstreamer1-plugins-good \
+        qemu-kvm qemu-img openvpn mutt weechat pidgin-otr \
+        simple-scan sane-backends sane-backends-drivers-scanners \
+        pandoc texlive-beamer texlive-latex-bin texlive-collection-fontsrecommended \
+        texlive-hyphen-german texlive-hyphen-english texlive-fancyhdr texlive-dinbrief \
+        texlive-german \
+        gnome-terminal firefox network-manager-applet evince shotwell rhythmbox \
+        offlineimap gnome-keyring pinentry-gnome3 \
+        postfix duplicity systemd-container gnome-disk-utility powertop \
+        git gtimelog libappindicator-gtk3 \
+        schroot mock \
 
-# codecs
-dnf install -y http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
-dnf install -y gstreamer1-{libav,plugins-{ugly,bad-free}} --setopt=strict=0
-
-# restore /etc git branch
-if [ ! -d /etc/.git ]; then
-    [ -e /backup-etc ] || git clone git+ssh://martin@piware.de/home/martin/backup/`hostname`-etc-fedora/ /backup-etc
-    cp -av /backup-etc/* /etc/
-    cp -av /backup-etc/.git/ /etc/
-    rm -rf /backup-etc
+    # codecs
+    dnf install -y http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
+    dnf install -y gstreamer1-{libav,plugins-{ugly,bad-free}} --setopt=strict=0
 fi
 
-
 # other setup
 grep -q lib/mock /etc/fstab || cat << EOF >> /etc/fstab
 
@@ -52,17 +46,10 @@ EOF
 
 # have schroot use tmpfs
 if [ ! -L /var/lib/schroot/unpack ]; then
-    rmdir /var/lib/schroot/unpack
+    rmdir /var/lib/schroot/unpack || true
     ln -s /tmp /var/lib/schroot/unpack
 fi
 
-# root's ssh stuff
-if [ ! -d /root/.ssh ] && [ -d /home/martin/.ssh ]; then
-    mkdir -p /root/.ssh
-    chmod 700 /root/.ssh
-    cp /home/martin/.ssh/id_rsa* /home/martin/.ssh/known_hosts /home/martin/.ssh/config /root/.ssh/
-fi
-
 # disable SELinux to unbreak ecryptfs
 sed -i '/^SELINUX=/ s/=.*$/=disabled/' /etc/selinux/config
 setenforce 0 || true
@@ -70,18 +57,39 @@ setenforce 0 || true
 rm -f /etc/systemd/system/default.target
 systemctl set-default graphical.target
 
-systemctl enable --now postfix
+# create user
+if ! getent passwd martin >/dev/null; then
+    groupadd --gid 1000 martin
+    useradd --comment "Martin Pitt" --uid 1000 --gid 1000 --groups wheel,ecryptfs,mock martin
+    passwd martin
+fi
 
-# Red Hat VPN certs and connections
-rpm -i ~martin/Dokumente/Arbeit/RedHat/redhat-internal*.rpm
+if [ ! -d /home/martin/bin ]; then
+    echo "log in as martin on another terminal to decrypt home directory; press Enter to continue"
+    read
+fi
 
-# create user
-groupadd --gid 1000 martin
-useradd --comment "Martin Pitt" --uid 1000 --gid 1000 --groups wheel,ecryptfs,mock martin
-passwd martin
+# root's ssh stuff
+if [ ! -d /root/.ssh ] && [ -d /home/martin/.ssh ]; then
+    mkdir -p /root/.ssh
+    chmod 700 /root/.ssh
+    cp /home/martin/.ssh/id_rsa* /home/martin/.ssh/known_hosts /home/martin/.ssh/config /root/.ssh/
+fi
+
+# restore /etc git branch
+if [ ! -d /etc/.git ]; then
+    [ -e /backup-etc ] || git clone git+ssh://martin@piware.de/home/martin/backup/`hostname`-etc-fedora/ /backup-etc
+    cp -av /backup-etc/* /etc/
+    cp -av /backup-etc/.git/ /etc/
+    rm -rf /backup-etc
+fi
+systemctl enable --now postfix
 
 # crontabs
 crontab -u martin - <<EOF
 # m h  dom mon dow   command
 05 * * * * \$HOME/bin/backup >/dev/null
 EOF
+
+# Red Hat VPN certs and connections
+dnf install ~martin/Dokumente/Arbeit/RedHat/redhat-internal*.rpm