[debian-edu-commits] [Git][debian-edu/debian-edu-config][master] 6 commits: Improve the share/debian-edu-config/tools/edu-icinga-setup script.

WolfgangSchweer gitlab at salsa.debian.org
Sun Apr 12 21:07:33 BST 2020 


WolfgangSchweer pushed to branch master at Debian Edu / debian-edu-config


Commits:
49d91c7f by Wolfgang Schweer at 2020-04-12T21:55:17+02:00
Improve the share/debian-edu-config/tools/edu-icinga-setup script.

Adjust for execution within the Debian Installer environment.

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -
dab432c3 by Wolfgang Schweer at 2020-04-12T21:56:50+02:00
Improve the share/debian-edu-config/tools/edu-ltsp-install script.

Determine dist and arch values from the server system instead of using fixed ones.

Make resolv.conf generation inside the SquashFS image more robust.

Also mask the cfengine3 servive.

Adjust for execution within the Debian Installer environment.

Improve inline documentation.

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -
f09c1572 by Wolfgang Schweer at 2020-04-12T21:59:24+02:00
Improve the share/debian-edu-config/d-i/finish-install script.

Don't generate the diskless workstation SquashFS image within the Debian
Installer environment, it doesn't work. Let the xdebian-edu-firstboot
init script (shipped with the debian-edu-install package) do this job
instead (via running tools/run-at-firstboot). All re-configuration needing
daemons are running then and all needed information is available.

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -
bf1d6e40 by Wolfgang Schweer at 2020-04-12T22:01:49+02:00
Improve the share/debian-edu-config/tools/run-at-firstboot script.

Generate the diskless workstation SquashFS image conditionally.

Cleanup from outdated, LTSP5 related code.

Whitespace fixes.

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -
cd7d3377 by Wolfgang Schweer at 2020-04-12T22:03:26+02:00
Improve the sbin/debian-edu-pxeinstall script.

Determine dist value for both testing and stable release cases from different,
release specific sources.

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -
8c02fe39 by Wolfgang Schweer at 2020-04-12T22:04:43+02:00
Add changelog entries for last commits.

Signed-off-by: Wolfgang Schweer <wschweer at arcor.de>

- - - - -


6 changed files:

- debian/changelog
- sbin/debian-edu-pxeinstall
- share/debian-edu-config/d-i/finish-install
- share/debian-edu-config/tools/edu-icinga-setup
- share/debian-edu-config/tools/edu-ltsp-install
- share/debian-edu-config/tools/run-at-firstboot


Changes:

=====================================
debian/changelog
=====================================
@@ -1,3 +1,31 @@
+debian-edu-config (2.11.20) UNRELEASED; urgency=medium
+
+  * Improve Icinga 2, LTSP and iPXE installation and setup.
+   - share/debian-edu-config/tools/edu-icinga-setup:
+     + Adjust for execution within the Debian Installer environment.
+   - share/debian-edu-config/tools/edu-ltsp-install:
+     + Determine dist and arch values from the server system instead of using
+       fixed ones.
+     + Make resolv.conf generation inside the SquashFS image more robust.
+     + Also mask the cfengine3 servive.
+     + Adjust for execution within the Debian Installer environment.
+     + Improve inline documentation.
+   - share/debian-edu-config/d-i/finish-install:
+     + Don't generate the diskless workstation SquashFS image within the Debian
+       Installer environment, it doesn't work. Let the xdebian-edu-firstboot
+       init script (shipped with the debian-edu-install package) do this job
+       instead (via running tools/run-at-firstboot). All re-configuration
+       needing daemons are running then and all needed information is available.
+   - share/debian-edu-config/tools/run-at-firstboot:
+     + Generate the diskless workstation SquashFS image conditionally.
+     + Cleanup from outdated, LTSP5 related code.
+     + Whitespace fixes.
+   - sbin/debian-edu-pxeinstall:
+     + Determine dist value for both testing and stable release cases from
+       different, release specific sources.
+
+ -- Wolfgang Schweer <wschweer at arcor.de>  Sun, 12 Apr 2020 21:01:56 +0200
+
 debian-edu-config (2.11.19) unstable; urgency=medium
 
   [ Wolfgang Schweer ]


=====================================
sbin/debian-edu-pxeinstall
=====================================
@@ -50,7 +50,13 @@ if [ -f /etc/environment ] ; then
 	. /etc/environment
 fi
 
-[ "$dist" ]       || dist=$(lsb_release -sc)
+# Grab dist value for both testing and stable release cases.
+if grep -q / /etc/debian_version ; then
+	dist=$(cat /etc/debian_version | cut -d/ -f1)
+else
+	dist=$(lsb_release -sc)
+fi
+
 [ "$archs" ]      || archs="amd64 i386"
 [ "$mirrorurl" ]  || mirrorurl=http://deb.debian.org/debian
 [ "$hostname" ]   || hostname=pxeinstall


=====================================
share/debian-edu-config/d-i/finish-install
=====================================
@@ -38,7 +38,7 @@ if echo $PROFILE | grep -q LTSP-Server ; then
 	in-target /bin/sh -c "modprobe squashfs"
 	in-target /bin/sh -c "modprobe loop"
 	in-target /bin/sh -c "modprobe overlay"
-	if in-target /bin/sh -c "/usr/share/debian-edu-config/tools/edu-ltsp-install --arch amd64 --dist bullseye --thin_type bare" ; then
+	if in-target /bin/sh -c "/usr/share/debian-edu-config/tools/edu-ltsp-install --diskless_workstation no --thin_type bare" ; then
 		log "info: Running '/usr/share/debian-edu-config/tools/edu-ltsp-install' succeeded"
 	else
 		log "error: '/usr/share/debian-edu-config/tools/edu-ltsp-install' failed"


=====================================
share/debian-edu-config/tools/edu-icinga-setup
=====================================
@@ -7,6 +7,7 @@
 # Author/Copyright:	Wolfgang Schweer <wschweer at arcor.de>
 # Licence:			GPL2+
 # first edited:		2020-03-23
+# last edited:		2020-04-11
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -18,167 +19,195 @@
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 
-set -ex
+set -e
 
 . /usr/share/debconf/confmodule
 
 db_get debian-edu-config/first-user-name
 FIRSTUSERNAME="$RET"
 
-# Secure the MariaDB installation, see the next mysql commands.
-# Also, the automatically generated initial database incinga2 will be removed
-# at the end of the script.
+# Secure the MariaDB installation, see the first four mysql commands in the
+# setup_icinga function. Also, the automatically generated initial database
+# 'icinga2' will be removed at the end of the function.
 # TODO: Set mysql root password after first reboot of a main server.
 # (Add instruction to the manual's 'Getting started' chapter, i.e.
 # run 'mysql_secure_installation'.)
 
-# Delete anonymous users
-mysql -e "DELETE FROM mysql.user WHERE User='';"
-# Ensure the root user can not log in remotely
-mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
-# Remove the test database
-mysql -e "DROP DATABASE IF EXISTS test;"
-mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
-# Make the changes take effect
-mysql -e "FLUSH PRIVILEGES"
-
-# Enable command feature and modules
-icinga2 feature enable command
-icingacli module enable monitoring
-
-# Create the Icinga 2 application database with all privileges for the first user
-
-mysql <<< "
-    CREATE DATABASE icingadb;
-    GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE
-    ON icingadb.*
-    TO 'icinga2'@'localhost'
-    IDENTIFIED BY 'v64nhbe27dfBjR3T';
-    FLUSH PRIVILEGES;
-"
-#Install the MySQL schema required for the Icinga 2 database
-mysql icingadb < /usr/share/icinga2-ido-mysql/schema/mysql.sql
-
-# Adjust the Icinga 2 MySQL IDO configuration
-#sed -i "/user/ s%icinga2%$FIRSTUSERNAME%" "/etc/icinga2/features-available/ido-mysql.conf"
-sed -i "/password/ s%\".*\"%\"v64nhbe27dfBjR3T\"%" "/etc/icinga2/features-available/ido-mysql.conf"
-sed -i '/database/ s%icinga2%icingadb%' /etc/icinga2/features-available/ido-mysql.conf
-
-# Enable ido-mysql feature
-icinga2 feature enable ido-mysql
-
-# Add icinga2 configuration files (content gathered from manual setup procedure)
-#
-# authentication.ini
-cat << EOF > /etc/icingaweb2/authentication.ini
-[icingaweb2]
-user_class = "inetOrgPerson"
-filter = ""
-user_name_attribute = "uid"
-backend = "ldap"
-base_dn = "dc=skole,dc=skolelinux,dc=no"
-domain = ""
-resource = "icingaweb_ldap"
-EOF
-
-# config.ini
-cat << EOF > /etc/icingaweb2/config.ini
-[global]
-show_stacktraces = "1"
-show_application_state_messages = "1"
-config_backend = "ini"
-
-[logging]
-log = "file"
-level = "ERROR"
-file = "/var/log/icingaweb2/icingaweb2.log"
-EOF
-
-# groups.ini
-cat << EOF > /etc/icingaweb2/groups.ini
-[icingaweb2]
-resource = "icingaweb_ldap"
-user_backend = "icingaweb2"
-group_class = "group"
-group_filter = ""
-group_name_attribute = "gid"
-group_member_attribute = "member"
-base_dn = ""
-backend = "ldap"
-EOF
-
-# roles.ini
-cat << EOF > /etc/icingaweb2/roles.ini
-[Administrators]
-users = "$FIRSTUSERNAME"
-permissions = "*"
-EOF
-
-# resources.ini
-cat << EOF > /etc/icingaweb2/resources.ini
-[icingaweb_ldap]
-type = "ldap"
-hostname = "tjener.intern"
-port = "389"
-encryption = "starttls"
-root_dn = "dc=skole,dc=skolelinux,dc=no"
-bind_dn = ""
-bind_pw = ""
-timeout = "5"
-
-[icinga_ido]
-type = "db"
-db = "mysql"
-host = "localhost"
-port = ""
-dbname = "icingadb"
-username = "icinga2"
-password = "v64nhbe27dfBjR3T"
-charset = ""
-use_ssl = "0"
-EOF
-
-# Add icingaweb2 configuration files (content gathered from manual setup procedure)
-#
-# Just in case the directory is still missing
-mkdir -p /etc/icingaweb2/modules/monitoring/
-
-# config.ini
-cat << EOF > /etc/icingaweb2/modules/monitoring/config.ini
-[security]
-protected_customvars = "*pw*,*pass*,community"
-EOF
-
-# commandtransports.ini
-cat << EOF > /etc/icingaweb2/modules/monitoring/commandtransports.ini
-[icinga2]
-transport = "local"
-path = "/var/run/icinga2/cmd/icinga2.cmd"
-EOF
-
-# backends.ini
-cat << EOF > /etc/icingaweb2/modules/monitoring/backends.ini
-[icinga]
-type = "ido"
-resource = "icinga_ido"
-EOF
-
-# Let the changes take effect
-service icinga2 restart
-
-# Adjusts rights to get the web interface working
-chmod 660 /etc/icingaweb2/*.ini
-chmod g+rwx /etc/icingaweb2/enabledModules/
-chmod g+rwx /etc/icingaweb2/modules/monitoring/
-chmod o+x /etc/icingaweb2/modules/monitoring/
-chmod 660 /etc/icingaweb2/modules/monitoring/*.ini
-
-# Create icingaweb2 log directory
-mkdir -p /var/log/icingaweb2/
-chgrp -R icingaweb2 /var/log/icingaweb2/
-chmod -R 775 /var/log/icingaweb2/
-
-# Remove now obsoleted initial database
-mysql -e "DROP DATABASE IF EXISTS icinga2;"
-mysql -e "DELETE FROM mysql.db WHERE Db='icinga2' OR Db='icinga2\_%';"
-mysql -e "FLUSH PRIVILEGES"
+setup_icinga() {
+	# Delete anonymous users
+	mysql -e "DELETE FROM mysql.user WHERE User='';"
+	# Ensure the root user can not log in remotely
+	mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
+	# Remove the test database
+	mysql -e "DROP DATABASE IF EXISTS test;"
+	mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
+	# Make the changes take effect
+	mysql -e "FLUSH PRIVILEGES"
+
+	# Enable command feature and modules
+	icinga2 feature enable command
+	icingacli module enable monitoring
+
+	# Create the Icinga 2 application database with all privileges for the first user
+
+	mysql <<< "
+	CREATE DATABASE icingadb;
+	GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE
+	ON icingadb.*
+	TO 'icinga2'@'localhost'
+	IDENTIFIED BY 'v64nhbe27dfBjR3T';
+	FLUSH PRIVILEGES;
+	"
+	# Install the MySQL schema required for the Icinga 2 database
+	mysql icingadb < /usr/share/icinga2-ido-mysql/schema/mysql.sql
+
+	# Adjust the Icinga 2 MySQL IDO configuration
+	#sed -i "/user/ s%icinga2%$FIRSTUSERNAME%" "/etc/icinga2/features-available/ido-mysql.conf"
+	sed -i "/password/ s%\".*\"%\"v64nhbe27dfBjR3T\"%" "/etc/icinga2/features-available/ido-mysql.conf"
+	sed -i '/database/ s%icinga2%icingadb%' /etc/icinga2/features-available/ido-mysql.conf
+
+	# Enable ido-mysql feature
+	icinga2 feature enable ido-mysql
+
+	# Add icinga2 configuration files (content gathered from manual setup procedure)
+	#
+	# authentication.ini
+	cat <<- EOF > /etc/icingaweb2/authentication.ini
+	[icingaweb2]
+	user_class = "inetOrgPerson"
+	filter = ""
+	user_name_attribute = "uid"
+	backend = "ldap"
+	base_dn = "dc=skole,dc=skolelinux,dc=no"
+	domain = ""
+	resource = "icingaweb_ldap"
+	EOF
+
+	# config.ini
+	cat <<- EOF > /etc/icingaweb2/config.ini
+	[global]
+	show_stacktraces = "1"
+	show_application_state_messages = "1"
+	config_backend = "ini"
+
+	[logging]
+	log = "file"
+	level = "ERROR"
+	file = "/var/log/icingaweb2/icingaweb2.log"
+	EOF
+
+	# groups.ini
+	cat <<- EOF > /etc/icingaweb2/groups.ini
+	[icingaweb2]
+	resource = "icingaweb_ldap"
+	user_backend = "icingaweb2"
+	group_class = "group"
+	group_filter = ""
+	group_name_attribute = "gid"
+	group_member_attribute = "member"
+	base_dn = ""
+	backend = "ldap"
+	EOF
+
+	# roles.ini
+	cat <<- EOF > /etc/icingaweb2/roles.ini
+	[Administrators]
+	users = "$FIRSTUSERNAME"
+	permissions = "*"
+	EOF
+
+	# resources.ini
+	cat <<- EOF > /etc/icingaweb2/resources.ini
+	[icingaweb_ldap]
+	type = "ldap"
+	hostname = "tjener.intern"
+	port = "389"
+	encryption = "starttls"
+	root_dn = "dc=skole,dc=skolelinux,dc=no"
+	bind_dn = ""
+	bind_pw = ""
+	timeout = "5"
+
+	[icinga_ido]
+	type = "db"
+	db = "mysql"
+	host = "localhost"
+	port = ""
+	dbname = "icingadb"
+	username = "icinga2"
+	password = "v64nhbe27dfBjR3T"
+	charset = ""
+	use_ssl = "0"
+	EOF
+
+	# Add icingaweb2 configuration files (content gathered from manual setup procedure)
+	#
+	# Just in case the directory is still missing
+	mkdir -p /etc/icingaweb2/modules/monitoring/
+
+	# config.ini
+	cat <<- EOF > /etc/icingaweb2/modules/monitoring/config.ini
+	[security]
+	protected_customvars = "*pw*,*pass*,community"
+	EOF
+
+	# commandtransports.ini
+	cat <<- EOF > /etc/icingaweb2/modules/monitoring/commandtransports.ini
+	[icinga2]
+	transport = "local"
+	path = "/var/run/icinga2/cmd/icinga2.cmd"
+	EOF
+
+	# backends.ini
+	cat <<- EOF > /etc/icingaweb2/modules/monitoring/backends.ini
+	[icinga]
+	type = "ido"
+	resource = "icinga_ido"
+	EOF
+
+	# Adjusts rights to get the web interface working
+	chmod 660 /etc/icingaweb2/*.ini
+	chmod g+rwx /etc/icingaweb2/enabledModules/
+	chmod g+rwx /etc/icingaweb2/modules/monitoring/
+	chmod o+x /etc/icingaweb2/modules/monitoring/
+	chmod 660 /etc/icingaweb2/modules/monitoring/*.ini
+
+	# Create icingaweb2 log directory
+	mkdir -p /var/log/icingaweb2/
+	chgrp -R icingaweb2 /var/log/icingaweb2/
+	chmod -R 775 /var/log/icingaweb2/
+
+	# Remove now obsoleted initial database
+	mysql -e "DROP DATABASE IF EXISTS icinga2;"
+	mysql -e "DELETE FROM mysql.db WHERE Db='icinga2' OR Db='icinga2\_%';"
+	mysql -e "FLUSH PRIVILEGES"
+}
+
+## Check if MariaDB server is running; please note that the init script is named
+## mysql while systemd has mariadb.service; we need the init script inside d-i:
+PID=$(pidof mysqld || /bin/true)
+if [ -z "$PID" ]; then
+	echo "The MariaDB server doesn't seem to be running. Trying to start it." 1>&2
+	if [ -x /sbin/start-stop-daemon.REAL ] ; then
+		## we need this to start MariaDB server during installation
+		mv /sbin/start-stop-daemon /sbin/start-stop-daemon.FAKE
+		cp /sbin/start-stop-daemon.REAL /sbin/start-stop-daemon
+	fi
+	service mysql start
+	mariadb_started=true
+fi
+
+PID=$(pidof mysqld || /bin/true)
+if [ -z "$PID" ]; then
+	echo "error: the MariaDB server is not running. Skipping Icinga 2 setup." 1>&2
+	exit 1
+else
+	setup_icinga || echo "error: unable to set up Icinga 2."
+fi
+
+if [ true = "$mariadb_started" ] ; then
+	service mysql stop
+	if [ -x /sbin/start-stop-daemon.REAL ] ; then
+		mv /sbin/start-stop-daemon.FAKE /sbin/start-stop-daemon
+    fi
+fi


=====================================
share/debian-edu-config/tools/edu-ltsp-install
=====================================
@@ -13,7 +13,7 @@
 # Author/Copyright:	Wolfgang Schweer <wschweer at arcor.de>
 # Licence:			GPL2+
 # first edited:		2019-11-21
-# last edited:		2020-03-24
+# last edited:		2020-04-11
 # 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -43,19 +43,21 @@ $0 --arch <amd64|i386> --dist <stable|testing|sid> --dns_server <10.0.2.2|dns se
 Turn a Debian Edu workstation into an LTSP server for both diskless
 workstations and thin clients.
 
---arch takes effect for a thin client chroot setup, default value is i386.
---dist takes effect for thin client chroot setup, default value is stable.
+--arch takes effect for a thin client chroot setup, default value is the system
+  architecture one.
+--dist takes effect for a thin client chroot setup, default value is the one the
+  LTSP server is running.
 --dns_server defaults to 10.0.2.2 if unset.
 --diskless_workstation defaults to yes if unset.
---thin_type has no default value.
+--thin_type has no default value. These are available:
     bare:    preconfigured x2go client running via 'startx' as user 'thin' with sound and
              client side mass storage support.
     display: x2gothinclient running in display mode.
     desktop: x2gothinclient running in minidesktop mode.
 
 Example 1: '/path/to/edu-ltsp-install --arch amd64' creates diskless workstation support.
-Example 1: '/path/to/edu-ltsp-install --arch amd64' --dist bullseye --thin_type bare'
-           creates diskless workstation and thin client support; boot defaults to diskless ws. 
+Example 2: '/path/to/edu-ltsp-install --arch amd64' --dist bullseye --thin_type bare'
+           creates diskless workstation and thin client support; boot defaults to diskless ws.
 
 This script applies to a system with two NICs, located inside the internal backbone network.
 
@@ -67,8 +69,14 @@ if [ -r /etc/debian-edu/config ] ; then
     . /etc/debian-edu/config
 fi
 
-arch="amd64"
-dist="stable"
+# Grab dist value for both testing and stable release cases.
+if grep -q / /etc/debian_version ; then
+	dist=$(cat /etc/debian_version | cut -d/ -f1)
+else
+	dist=$(lsb_release -sc)
+fi
+# Set default values.
+arch="$(dpkg --print-architecture)"
 dns_server="10.0.2.2"
 diskless_workstation="yes"
 thin_type=""
@@ -94,7 +102,7 @@ fi
 
 # FIXME: dnsmasq (restricted to eth1), comes in handy for easy LTSP setup. Maybe
 # it would be better to use isc-dhcp-server (config in LDAP) everywhere. 
-apt -yq install dnsmasq
+DEBIAN_FRONTEND=noninteractive apt -yq install dnsmasq
 
 # Modify /etc/default/dnsmasq to be compliant with the resolvconf package.
 sed -i 's%#IGNORE_RE%IGNORE_RE%' /etc/default/dnsmasq
@@ -148,7 +156,7 @@ fi
 
 # Debian Edu specific common additional image excludes; for diskless
 # workstations the /skole mountpoint (for autofs) needs to be clean.
-# This applies for both a combined server and 'a normal' LTSP server.
+# This applies for both a combined server and a separate LTSP server.
 # For a combined server image the autofs service needs to be enabled (see below).
 if echo "$PROFILE" | grep -Eq 'Workstation' ; then
 	cat <<EOF > /etc/ltsp/image-local.excludes
@@ -415,11 +423,19 @@ if [ "yes" == "$diskless_workstation"  ] ; then
 		cat <<EOF >> /etc/ltsp/ltsp.conf
 PRE_INIT_MAIN_SERVER="systemctl enable autofs"
 MASK_SYSTEM_SERVICES="apache2 bind9 cups dovecot etckeeper exim4 squid tftpd-hpa \
-icinga2 nmbd smbd systemd-journald xrdp krb5-kdc mariadb"
+icinga2 nmbd smbd systemd-journald xrdp krb5-kdc mariadb cfengine3"
 EOF
 	fi
-	sed -i 's/127.0.0.1/10.0.2.2/' /etc/resolv.conf
+	# Temporary workaround needed in some cases for configuring the resolver inside
+	# the SquashFS image.
+	rm -f /etc/resolv.conf
+	echo "nameserver $dns_server" > /etc/resolv.conf
+	echo "search intern" >> /etc/resolv.conf
+	# Create SqashFS image.
 	ltsp image /,,/boot,subdir=boot,,/usr,subdir=usr,,/var,subdir=var
+	# Revert resolver workaround from above.
+	rm -f /etc/resolv.conf
+	ln -s /run/resolvconf/resolv.conf /etc/resolv.conf
 	# next modification avoids ltsp command error if lot of images are available.
 	ALL_IMAGES=1 ltsp kernel
 	ltsp initrd
@@ -484,8 +500,11 @@ else
 	ltsp dnsmasq -d0 -p0 --dns-server="$dns_server"
 fi
 
-# FIXME: next line is a workaround until involved packages are fixed.
+# Next line is needed upon upgrade from LTSP5.
 sed -i '/ltsp/d' /etc/exports
 
-# Restart nfs-kernel-server and give feedback about exports. 
-exportfs -rav
+# Restart nfs-kernel-server and give feedback about exports if running this
+# script outside of the Debian Installer environment.
+if [ ! -x /sbin/start-stop-daemon.REAL ] ; then
+	exportfs -rav
+fi


=====================================
share/debian-edu-config/tools/run-at-firstboot
=====================================
@@ -4,81 +4,80 @@
 # debian-edu-install on the first boot after installation.
 
 if [ -f /etc/debian-edu/config ] ; then
-    . /etc/debian-edu/config
+	. /etc/debian-edu/config
+fi
+
+# Grab dist value for both testing and stable release cases.
+if grep -q / /etc/debian_version ; then
+	dist=$(cat /etc/debian_version | cut -d/ -f1)
+else
+	dist=$(lsb_release -sc)
 fi
 
 log() { logger -t debian-edu-config "$@"; }
 info() { log "info: $@"; }
 error() { log "error: $@"; }
 at_exit() {
-    error "script $0 terminated unexpectedly."
+	error "script $0 terminated unexpectedly."
 }
 disable_exception() { trap - INT TERM EXIT; }
 trap at_exit INT TERM EXIT
 
 info "Executing run-at-firstboot script."
 
-# Make sure resolv.conf in LTSP chroot are updated also on the main
-# server where the DNS resolver do not change that often.
-if [ -x /usr/share/debian-edu-config/tools/ltsp-update-resolvconf ] ; then
-    /usr/share/debian-edu-config/tools/ltsp-update-resolvconf
-fi
-
 # Enable all relevant munin plugins now the machine is completely
 # configured.  Some of the plugins are not enabled when munin-node is
 # installed, because their service is installed after munin-node.
 if [ -x /usr/sbin/munin-node-configure ] ; then
-    /usr/sbin/munin-node-configure -shell 2>/dev/null | sh || true
-    invoke-rc.d munin-node restart || true
+	/usr/sbin/munin-node-configure -shell 2>/dev/null | sh || true
+	invoke-rc.d munin-node restart || true
 fi
 
 # Update sitesummary and munin configuration quickly
 if [ -x /usr/sbin/sitesummary-client ] ; then
-    info "submitting sitesummary information to server"
-    sitesummary-client
-    if [ -x /etc/cron.daily/sitesummary ] ; then
-	info "updating sitesummary server information"
-	/etc/cron.daily/sitesummary
-
-	# Update the munin web pages too
-	if [ -x /usr/bin/munin-cron ] ; then
-	    info "updating munin web pages"
-	    su munin -s /usr/bin/munin-cron
-	fi
-
-	# Icinga needs a restart to find the new configuration
-	if [ -x /etc/init.d/icinga ] ; then
-	    info "restarting icinga service"
-	    service icinga restart
+	info "submitting sitesummary information to server"
+	sitesummary-client
+	if [ -x /etc/cron.daily/sitesummary ] ; then
+		info "updating sitesummary server information"
+		/etc/cron.daily/sitesummary
+		# Update the munin web pages too
+		if [ -x /usr/bin/munin-cron ] ; then
+			info "updating munin web pages"
+			su munin -s /usr/bin/munin-cron
+		fi
 	fi
-    fi
 fi
 
 # Update Squid to use all the available space (aka 80% of the partition)
 if echo "$PROFILE" | grep -q Main-Server ; then
-    /usr/share/debian-edu-config/tools/squid-update-cachedir
+	/usr/share/debian-edu-config/tools/squid-update-cachedir
 fi
 
-# Update PXE setup on Main-server with proxy values set in environment
-# to make sure the proxy values are passed on to clients.  When set up
+# Create SquashFS image for diskless workstations. This is done here because
+# information from some daemons isn't yet inside of the Debian Installer
+# environment.
+if echo "$PROFILE" | grep -q LTSP-Server ; then
+	/usr/share/debian-edu-config/tools/edu-ltsp-install --dist $dist
+fi
+
+# Update PXE setup on LTSP servers with proxy values set in environment
+# to make sure the proxy values are passed on to clients. When set up
 # from cfengine, the proxy values are not passed on and missing from
-# /etc/debian-edu/www/debian-edu-install.dat
-if echo "$PROFILE" | grep -q Main-Server && \
-    [ -x /usr/sbin/debian-edu-pxeinstall ] ; then
-    if [ -e /etc/environment ] ; then
-	. /etc/environment
-	export http_proxy ftp_proxy
-    fi
-
-    # Try to set from wpad file, as this normally is called from
-    # dhcp, and the main-server have static IP setup.
-    if ! echo "$http_proxy" | grep -q webcache ; then
-	/usr/share/debian-edu-config/tools/update-proxy-from-wpad
-	. /etc/environment
-	export http_proxy ftp_proxy
-    fi
-
-    /usr/sbin/debian-edu-pxeinstall
+# /etc/debian-edu/www/debian-edu-install.dat in case of a combined server.
+if echo "$PROFILE" | grep -q LTSP-Server && \
+	[ -x /usr/sbin/debian-edu-pxeinstall ] ; then
+	if [ -e /etc/environment ] ; then
+		. /etc/environment
+		export http_proxy ftp_proxy
+	fi
+	# Try to set from wpad file, as this normally is called from
+	# dhcp, and the main server has a static IP setup.
+	if ! echo "$http_proxy" | grep -q webcache ; then
+		/usr/share/debian-edu-config/tools/update-proxy-from-wpad
+		. /etc/environment
+		export http_proxy ftp_proxy
+	fi
+	/usr/sbin/debian-edu-pxeinstall
 fi
 
 # Make sure goplay/golearn index is generated on first boot, in case
@@ -86,9 +85,9 @@ fi
 # we would have to wait for the weekly cron job to run before golearn
 # was usable.
 if [ -x /usr/sbin/update-apt-xapian-index ] ; then
-    dpkg-reconfigure apt-xapian-index
+	dpkg-reconfigure apt-xapian-index
 else
-    info "apt-xapian-index/goplay is not installed"
+	info "apt-xapian-index/goplay is not installed"
 fi
 
 # Send mail to the first user to avoid the Dovecot permission pitfall
@@ -104,28 +103,15 @@ Hello $FIRSTUSER,
 
 welcome to the mail-system.
 
-Your userID is $FIRSTUSER, and your email address is:
-
-    $FIRSTUSER at postoffice.intern
-
-Regards,
-
-    Debian-Edu SysAdmin
+(Sent from the Debian Edu first boot script.)
 
 EOF
-    logger -t exim-create-environment -p notice Sent mail to first-user.
+	logger -t exim-create-environment -p notice Sent mail to first-user.
 fi
 if [ -x /usr/bin/etckeeper ] ; then
-    etckeeper commit "End of first boot" > /dev/null 2>&1 || true
+	etckeeper commit "End of first boot" > /dev/null 2>&1 || true
 fi
 
-for f in /opt/ltsp/*/usr/bin/etckeeper ; do
-    if [ -x "$f" ] ; then
-	arch=$(echo $f | cut -d/ -f4)
-	ltsp-chroot -a "$arch" etckeeper commit "End of first boot" > /dev/null 2>&1 || true
-    fi
-done
-
 info "done executing run-at-firstboot script."
 
 disable_exception



View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/compare/9a87e6ecbeae36e161e06accf3299738a4f1c2f4...8c02fe394a0df23488f69f063df46e962b2f1923

-- 
View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/compare/9a87e6ecbeae36e161e06accf3299738a4f1c2f4...8c02fe394a0df23488f69f063df46e962b2f1923
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-edu-commits/attachments/20200412/038aa2e0/attachment-0001.html>

More information about the debian-edu-commits mailing list