unbrot/fedora-OEMDRV
1
0
Fork 0
forked from obel1x/fedora-OEMDRV
Code Pull Requests Activity

Merge pull request 'Add configure.sh wizard, server checks, KS profile selection, and install improvements' (#16) from unbrot/fedora-OEMDRV:main into devel

Browse Source 
Reviewed-on: obel1x/fedora-OEMDRV#16
This commit is contained in:
Daniel Pätzold
2026-04-29 22:13:45 +02:00
parent f4e5de2f5a 0721550e9c
commit 92453699a8
13 changed files with 382 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitignore
+2
View File
@@ -9,3 +9,5 @@ config/skel.tar.zst
config/.sync_*.db
config/.sync_*.db
config.d/*.conf
ks_pc_prof/*
ks.cfg
CLAUDE.md
-1
View File
@@ -70,7 +70,6 @@ ${CLIENT_SOFTWARE_DST}/install.sh 0010_kwallet
- `ks.cfg` — the primary kickstart used for production installs (Fedora 43, KDE, x86_64, German locale/keyboard)
- `ks_base_profiles/kde_fullsetup.cfg` — an alternate/reference profile generated by Anaconda
- `ks_base_profiles/minimal_setup.cfg`, `part_sda.cfg` — additional profile fragments
- `ks_pc_prof/` — per-machine kickstart overrides, named by system UUID suffix (e.g. `pc-9cdb93ef7c20.cfg`)
## Sudo rule required for logon_script
README.md
+7 -12
View File
@@ -1,23 +1,18 @@
# Fedora OEMDRV
# Fedora automated install script collection
an automated massinstallation scripting collection for Fedora and Anaconda
IN DEVELOPMENT !
This Software is very Specific, it needs at least:
- A Free IPA Server with IP Clients enrolled to the Domain
- A Nextcloud instance, connected to the Domain
- A Free IPA Server in which IP Clients can be enrolled to
- An Admin that has the rights to do so
- A Nextcloud instance, connected to the Domain which should have Software Configuration and Reository Paths setup
- A client pc that will use this software to automate install and setup the PC
## Install
1. Create Partition named "OEMDRV", at least 1 GByte in size on a local disk that will be readable when starting installation from stick
2. Format it BTRFS and mount it to "/opt/sys_config"
3. Copy git files in it with "git clone --progress --depth 1 https://gitea.dtext.online/obel1x/fedora-OEMDRV.git /opt/sys_config"
1. or for developement "git clone --progress https://gitea.dtext.online/obel1x/fedora-OEMDRV.git /opt/sys_config"
- Look at the file [install.md](install.md)
Setup
- Make a copy of /opt/sys_config/system_setup/setup_system.conf.dist, name it /opt/sys_config/system_setup/setup_system.conf
- Check the settings in it and change to your needs before running
More to come...
more to come
configure.md
+34
View File
@@ -0,0 +1,34 @@
# configure.sh — First-time setup wizard
Run `system_setup/configure.sh` as a **normal user** (not root) on the machine that has the OEMDRV partition mounted. It guides you through all site-specific settings, tests the configuration, and leaves the system ready for a Fedora installation.
```bash
bash /opt/sys_config/system_setup/configure.sh
```
## What it does
1. **Edits configuration values** — prompts for each setting below. Press Enter to keep the shown default, or type a new value. Derived values (e.g. `SERVERFQDN_IPA`) are updated immediately when you change `TLDOMAIN`, so subsequent prompts always reflect your latest input.
| Variable | Description |
|---|---|
| `TLDOMAIN` | Top-level domain of your infrastructure (e.g. `company.tld`) |
| `SERVERFQDN_IPA` | FQDN of the FreeIPA server (default: `ipa.<TLDOMAIN>`) |
| `SERVERFQDN_NC` | FQDN of the Nextcloud server (default: `nextcloud.<TLDOMAIN>`) |
| `CLIENTADMINGROUP` | IPA group that receives sudo rights on clients |
| `DECRYPTEDDATADIR` | Mount point for the decrypted user data directory |
| `ENCRYPTEDDATADIR` | Path of the gocryptfs-encrypted data directory |
| `IPAVAULTUSE` | `true` to use IPA KRA vault for the encryption key, `false` to disable encryption |
| `IPAVAULTNAME` | Name of the IPA vault entry (default: `CLIENT_FILEENCRYPTION_<hostname>`) |
2. **Confirms the FQDN** — shows the computed `FQDN` (`<hostname>.clients.<TLDOMAIN>`) and lets you override the hostname part if needed.
3. **Tests the encrypted home mount** — runs `mount_ecrypt_home.sh`. On failure you can restart the wizard or quit.
4. **Obtains a Nextcloud WebDAV token** — calls `get_nc_token`, which opens Firefox for login. Verifies that the returned token belongs to the current user. You can retry or quit on failure.
5. On success, the written config file `config.d/configure.conf` is picked up automatically by all other scripts instead of `config/setup_system.conf`.
## After the wizard completes
Boot the target machine from the Fedora USB installer. Anaconda detects the OEMDRV partition and runs the Kickstart automatically.
ks.cfg → ks_base_profiles/cinnamon_fullsetup.cfg
+5 -17
View File
@@ -1,4 +1,6 @@
#Basic settings:
# Full Cinnamon Setup
#Basic settings
graphical
text
@@ -25,13 +27,11 @@ mount -L OEMDRV /mnt/anaconda_pre
%end
%packages
@^kde-desktop-environment
@^cinnamon-desktop-environment
@core
@admin-tools
@domain-client
@system-tools
@kde-media
@kde-spin-initial-setup
@libreoffice
@office
@sound-and-video
@@ -57,29 +57,17 @@ pykickstart
xrdp
xorgxrdp
libxcb-doc
plasma-workspace-x11
xterm
wmctrl
flatpak
btrfs-assistant
btrbk
ktorrent
transmission-gtk
cadaver
kdevelop
git
diffuse
remmina
android-tools
-kpat
-kmines
#Annoying plasmoids
-kdeplasma-addons
#Search - Powerful, but slow
-akonadi-server
-akonadi-server-mysql
-dragon
-kdeconnectd
-kde-connect
-samba
-samba-client
-samba-usershares
ks_base_profiles/kde_fullsetup.cfg
+87 -19
View File
@@ -1,47 +1,115 @@
# Generated by Anaconda 43.44
# Full KDE Wayland Setup
%pre
/bin/sh /mnt/tmp/ks_base_profiles/basic_pre_script.inc
%end
#Basic settings
graphical
text
# Configure installation method
url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-43&arch=x86_64"
repo --name=fedora-updates --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f43&arch=x86_64" --cost=0
repo --name=fedora-cisco-openh264 --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-cisco-openh264-43&arch=x86_64" --install
repo --name=rpmfusion-free --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=free-fedora-43&arch=x86_64"
repo --name=rpmfusion-free-updates --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=free-fedora-updates-released-43&arch=x86_64" --cost=0
repo --name=rpmfusion-nonfree --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=nonfree-fedora-43&arch=x86_64"
repo --name=rpmfusion-nonfree-updates --mirrorlist="https://mirrors.rpmfusion.org/mirrorlist?repo=nonfree-fedora-updates-released-43&arch=x86_64" --cost=0
# Keyboard layouts
keyboard --vckeymap=de-nodeadkeys --xlayouts='de (nodeadkeys)'
# System language
lang de_DE.UTF-8
# System timezone
timezone Europe/Berlin --utc
%pre --log=/root/ks-pre.log
mkdir /mnt/anaconda_pre
mount -L OEMDRV /mnt/anaconda_pre
/bin/sh /mnt/anaconda_pre/ks_base_profiles/basic_pre_script.inc
%end
%packages
@^kde-desktop-environment
@core
@admin-tools
@development-tools
@domain-client
@editors
@firefox
@kde-apps
@kde-desktop
@system-tools
@kde-media
@kde-spin-initial-setup
@libreoffice
@office
@sound-and-video
@system-tools
libva-utils
libavcodec-freeworld
mesa-va-drivers-freeworld
ffmpeg
@vlc
python-vlc
@firefox
thunderbird
openssh-server
bash
sudo
gocryptfs
htop
mc
mediawriter
python-pip
pykickstart
xrdp
xorgxrdp
libxcb-doc
plasma-workspace-x11
xterm
wmctrl
flatpak
btrfs-assistant
btrbk
ktorrent
cadaver
kdevelop
git
diffuse
remmina
android-tools
-kpat
-kmines
#Annoying plasmoids
-kdeplasma-addons
#Search - Powerful, but slow
-akonadi-server
-akonadi-server-mysql
-dragon
-kdeconnectd
-kde-connect
-samba
-samba-client
-samba-usershares
-BackupPC
#Needed by SSSD
oddjob-mkhomedir
nss-pam-ldapd
%end
# System authorization information
authselect enable-feature with-fingerprint
# Run the Setup Agent on first boot
firstboot --enable
timesource --ntp-server=_gateway
# System timezone
timezone Europe/Berlin --utc
# Generated using Blivet version 3.12.1
ignoredisk --only-use=sda
# Partition clearing information
#clearpart --none --initlabel
clearpart --none
autopart --type=btrfs
# Root password
# This Password is completely unknown to anyone. After installation, the PC should be Member of Domain and the users may use sudo to become superuser.
rootpw --iscrypted $y$j9T$jpKVkxaFqL6GH6GAgB0Yb/$oc.rfZgnHNlTAIj/boJeI.ZFf1QHvMF7fymZww9bzE3
#user --name=none
%post
/bin/sh /mnt/tmp/system_setup/setup_system_full.sh install
# Do not run the Setup Agent on first boot because it will complain about missing user account which we dont want
firstboot --disable
%post --log=/root/ks-post.log
mkdir /opt/sys_config
mount -L OEMDRV /opt/sys_config
/bin/sh /opt/sys_config/system_setup/setup_system_full.sh install
umount /opt/sys_config
%end
ks_base_profiles/minimal_setup.cfg
-50
View File
@@ -1,50 +0,0 @@
# Generated by Anaconda 43.44
# Keyboard layouts
keyboard --vckeymap=de-nodeadkeys --xlayouts='de (nodeadkeys)'
# System language
lang de_DE.UTF-8
%packages
@^kde-desktop-environment
@admin-tools
@development-tools
@domain-client
@editors
@firefox
@kde-apps
@kde-desktop
@kde-media
@kde-spin-initial-setup
@libreoffice
@office
@sound-and-video
@system-tools
@vlc
%end
# System authorization information
authselect enable-feature with-fingerprint
# Run the Setup Agent on first boot
firstboot --enable
# Generated using Blivet version 3.12.1
ignoredisk --only-use=nvme0n1
# Partition clearing information
clearpart --none --initlabel
# Disk partitioning information
part /boot/efi --fstype="efi" --ondisk=nvme0n1 --size=600 --fsoptions="umask=0077,shortname=winnt"
part /sys_config --fstype="ext4" --noformat --onpart=UUID=3f9837da-5a46-4da1-a98b-62a8899e63cb --label=OEMDRV
part /boot --fstype="ext4" --ondisk=nvme0n1 --size=2048
part btrfs.115 --fstype="btrfs" --ondisk=nvme0n1 --size=485249
btrfs none --label=fedora_fedora btrfs.115
btrfs / --subvol --name=root LABEL=fedora_fedora
btrfs /home --subvol --name=home LABEL=fedora_fedora
timesource --ntp-server=_gateway
# System timezone
timezone Europe/Berlin --utc
# Root password
rootpw --iscrypted $y$j9T$SYQgSGCnU.FUaT7BKMEI9TKz$nLPf1uHlzpoBCmEndvVRK2FnY67wUY2TyxiMUIufH7A
ks_base_profiles/part_sda.cfg
-10
View File
@@ -1,10 +0,0 @@
# Generated using Blivet version 3.12.1
ignoredisk --only-use=sda
# Partition clearing information
clearpart --none --initlabel
# Disk partitioning information
part biosboot --fstype="biosboot" --ondisk=sda --size=1
part btrfs.69 --fstype="btrfs" --ondisk=sda --size=80000
part /boot --fstype="xfs" --ondisk=sda --size=2048
btrfs none --label=fedora btrfs.69
btrfs / --subvol --name=root LABEL=fedora
ks_pc_prof/pc-9cdb93ef7c20.cfg
-1
View File
@@ -1 +0,0 @@
%include ../ks_base_profiles/kde_fullsetup.cfg
system_setup/configure.sh
Executable
+141
View File
@@ -0,0 +1,141 @@
#!/usr/bin/env bash
# configure.sh - Interactive first-time configuration wizard
#
# SPDX-FileCopyrightText: Daniel Pätzold
# SPDX-License-Identifier: AGPL-3.0-or-later
SCRIPTDIR="$(cd "$(dirname "$0")" && pwd)"
CONF_DIST="${SCRIPTDIR}/../config/setup_system.conf.dist"
CONF_FILE="${SCRIPTDIR}/../config.d/configure.conf"
if [[ "$EUID" -eq 0 ]]; then
echo "ERROR: This script must not be run as root." >&2
exit 1
fi
# Prompt for a single value; returns the old value unchanged if the user presses Enter.
prompt_value() {
local name="$1" current="$2" new_val
printf ' %-28s [%s]: ' "$name" "$current" >&2
read -r new_val
printf '%s' "${new_val:-$current}"
}
# Replace the first matching simple export line in configure.conf.
set_conf_var() {
local varname="$1" value="$2"
sed -i "s|^[[:space:]]*export ${varname}=.*|export ${varname}=\"${value}\"|" "$CONF_FILE"
}
# Update an existing bare "export VAR=…" line at the top level, or append one.
override_conf_var() {
local varname="$1" value="$2"
if grep -q "^export ${varname}=" "$CONF_FILE"; then
sed -i "s|^export ${varname}=.*|export ${varname}=\"${value}\"|" "$CONF_FILE"
else
printf 'export %s="%s"\n' "$varname" "$value" >> "$CONF_FILE"
fi
}
do_configure() {
mkdir -p "$(dirname "$CONF_FILE")"
cp "$CONF_DIST" "$CONF_FILE"
# Source the dist defaults (unset computed vars first so they are re-evaluated).
unset TLDOMAIN DOMAIN SERVERFQDN_IPA SERVERFQDN_NC CLIENTADMINGROUP \
DECRYPTEDDATADIR ENCRYPTEDDATADIR IPAVAULTUSE IPAVAULTNAME HOSTNM FQDN
# shellcheck disable=SC1090
echo ""
echo "=== System Configuration ==="
echo "Press Enter to keep the current value, or type a new one."
echo ""
source "$CONF_FILE"
VARS=("TLDOMAIN" "DOMAIN" "SERVERFQDN_IPA" "SERVERFQDN_NC" "CLIENTADMINGROUP" "IPAVAULTUSE" )
for ELE in "${VARS[@]}"
do
new_ELE=$(prompt_value "${ELE}" "${!ELE}")
set_conf_var "${ELE}" "${new_ELE}"
source "$CONF_FILE"
done
echo ""
echo "Configuration written to: ${CONF_FILE}"
}
while true; do
do_configure
echo ""
echo "=== Testing: Nextcloud server ==="
NC_STATUS=$(curl -fsSL "https://${SERVERFQDN_NC}/status.php" 2>/dev/null)
if echo "$NC_STATUS" | grep -q '"installed":true'; then
NC_VERSION=$(echo "$NC_STATUS" | grep -oP '(?<="versionstring":")[^"]+')
echo "Nextcloud confirmed at ${SERVERFQDN_NC} (version ${NC_VERSION})."
else
echo ""
echo "WARNING: '${SERVERFQDN_NC}' does not appear to be a valid Nextcloud server."
echo " Could not reach https://${SERVERFQDN_NC}/status.php or response was unexpected."
read -rp "Start configuration again (a) or quit (q)? [a/q]: " ans
if [[ "${ans,,}" == "q" ]]; then
echo "Quitting."
exit 1
fi
continue
fi
echo ""
echo "=== Testing: FreeIPA server ==="
IPA_CODE=$(curl -s -o /dev/null -w "%{http_code}" \
"https://${SERVERFQDN_IPA}/ipa/session/json" 2>/dev/null)
if [[ "$IPA_CODE" == "200" || "$IPA_CODE" == "401" ]]; then
echo "FreeIPA server confirmed at ${SERVERFQDN_IPA}."
else
echo ""
echo "WARNING: '${SERVERFQDN_IPA}' does not appear to be a valid FreeIPA server."
echo " https://${SERVERFQDN_IPA}/ipa/session/json returned: ${IPA_CODE:-no response}"
read -rp "Start configuration again (a) or quit (q)? [a/q]: " ans
if [[ "${ans,,}" == "q" ]]; then
echo "Quitting."
exit 1
fi
continue
fi
echo ""
echo "=== Select Kickstart Profile ==="
KS_DIR="${SCRIPTDIR}/../ks_base_profiles"
KS_DEST="${SCRIPTDIR}/../ks.cfg"
mapfile -t KS_FILES < <(find "$KS_DIR" -maxdepth 1 -name "*.cfg" | sort)
if [[ ${#KS_FILES[@]} -eq 0 ]]; then
echo "No kickstart profiles found in ${KS_DIR}."
exit 1
fi
echo ""
for i in "${!KS_FILES[@]}"; do
desc=$(awk '/^$/{exit} {print}' "${KS_FILES[$i]}" \
| sed 's/^#[[:space:]]*//' | tr '\n' ' ' | xargs)
printf " %d) %-36s %s\n" "$((i+1))" "$(basename "${KS_FILES[$i]}")" "$desc"
done
echo ""
while true; do
read -rp "Select profile [1-${#KS_FILES[@]}]: " sel
[[ "$sel" =~ ^[0-9]+$ ]] && (( sel >= 1 && sel <= ${#KS_FILES[@]} )) && break
echo " Invalid selection, please enter a number between 1 and ${#KS_FILES[@]}."
done
cp "${KS_FILES[$((sel-1))]}" "$KS_DEST"
echo "Copied '$(basename "${KS_FILES[$((sel-1))]}")' to ${KS_DEST}."
echo ""
echo "=== Configuration complete ==="
echo "All values have been configured and verified successfully."
echo "The system is now ready for the new installation."
echo "Boot from the Fedora USB installer — Anaconda will detect the OEMDRV partition"
echo "and run the Kickstart automatically."
exit 0
done
system_setup/install.sh
+63 -6
View File
@@ -14,7 +14,7 @@ SHRINK_MIB=4096
OEMDRV_LABEL="OEMDRV"
MOUNT_POINT="/opt/sys_config"
MOUNT_OPTS="compress=zstd:6"
REPO_URL="https://gitea.dtext.online/obel1x/fedora-OEMDRV.git"
REPO_URL="${1:-https://gitea.dtext.online/obel1x/fedora-OEMDRV.git}"
MIN_FREE_MIB=$(( SHRINK_MIB + 512 )) # require 512 MiB headroom above the shrink size
# ── Helpers ───────────────────────────────────────────────────────────────────
@@ -35,6 +35,28 @@ check_tools() {
[[ ${#missing[@]} -eq 0 ]] || die "Missing required tools: ${missing[*]}"
}
# Returns 0 if the remote install.sh matches this script's checksum,
# 1 if the URL is unreachable or the file cannot be downloaded,
# 2 if the checksum does not match.
check_repo_url() {
local tmpdir sum_remote sum_local
tmpdir=$(mktemp -d /tmp/oemdrv_repocheck.XXXXXX)
if ! curl -fsSL "${REPO_URL%.git}/raw/branch/main/system_setup/install.sh" \
-o "$tmpdir/install.sh" 2>/dev/null; then
rm -rf "$tmpdir"
return 1
fi
sum_remote=$(sha256sum "$tmpdir/install.sh" | awk '{print $1}')
sum_local=$(sha256sum "$0" | awk '{print $1}')
rm -rf "$tmpdir"
[[ "$sum_remote" == "$sum_local" ]] || return 2
return 0
}
# ── Free-space helpers ────────────────────────────────────────────────────────
# Free MiB for a mounted device via df
@@ -241,6 +263,23 @@ new_part_device() {
require_root
check_tools
info "Verifying repository URL..."
check_repo_url
case $? in
1) echo
echo "WARNING: '$REPO_URL' is not a reachable git repository."
read -r -p " Continue anyway? [y/N]: " ans
[[ "${ans,,}" == "y" ]] || { echo "Aborted."; exit 0; }
;;
2) echo
echo "WARNING: The checksum of this script does not match 'system_setup/install.sh'"
echo " at '$REPO_URL'."
echo " You may be running an outdated or modified version of install.sh."
read -r -p " Continue anyway? [y/N]: " ans
[[ "${ans,,}" == "y" ]] || { echo "Aborted."; exit 0; }
;;
esac
info "Scanning for shrinkable partitions and unpartitioned free space..."
collect_partitions
collect_free_space
@@ -432,6 +471,7 @@ mount -o "$MOUNT_OPTS" "$OEMDRV_DEV" "$MOUNT_POINT" || die "mount failed."
info "Cloning $REPO_URL into $MOUNT_POINT..."
cd "$MOUNT_POINT" || die "Cannot cd to $MOUNT_POINT."
git clone --progress --depth 1 "$REPO_URL" . || die "git clone failed."
chmod o=rwX . -R # to make changes to the configuration possible after install
# ── Done ──────────────────────────────────────────────────────────────────────
@@ -440,9 +480,26 @@ echo
echo " OEMDRV device : $OEMDRV_DEV"
echo " Mounted at : $MOUNT_POINT"
echo
echo "Next steps:"
echo " 1. cp $MOUNT_POINT/config/setup_system.conf.dist \\"
echo " $MOUNT_POINT/config/setup_system.conf"
echo " 2. Edit setup_system.conf with your domain, IPA/Nextcloud FQDNs, and paths."
echo " 3. Boot the Kickstart installer — it will detect the OEMDRV partition automatically."
# ── Optionally run configure.sh ───────────────────────────────────────────────
CONF_SCRIPT="$MOUNT_POINT/system_setup/configure.sh"
echo
read -r -p "Run configure.sh now to set up your environment? [y/N]: " RUN_CONF
if [[ "${RUN_CONF,,}" == "y" ]]; then
if [[ -n "$SUDO_USER" ]]; then
info "Running configure.sh as user '$SUDO_USER'..."
su - "$SUDO_USER" -c "DISPLAY='${DISPLAY}' WAYLAND_DISPLAY='${WAYLAND_DISPLAY}' bash '$CONF_SCRIPT'"
else
echo
echo "configure.sh must be run as a non-root user. Please run:"
echo " bash $CONF_SCRIPT"
fi
else
echo
echo "Next steps:"
echo " 1. Run: bash $CONF_SCRIPT"
echo " 2. Boot the Kickstart installer — it will detect the OEMDRV partition automatically."
echo
fi
system_setup/setup_system.inc.sh
+25 -12
View File
@@ -15,15 +15,23 @@
# fi
# return 0
#}
if [ ! -f $(dirname "$0")/../config/setup_system.conf ]; then
echo "System configuration not found. Please make a copy of setup_system.conf.dist, name it setup_system.conf and check the settings in it before running."
echo "Press any key to continue" && read -n 1 -s -r && exit 1
fi
source $(dirname "$0")/../config/setup_system.conf
#Parse additional client-configs
if [[ `ls -1 $(dirname "$0")/../config.d/*.conf 2>/dev/null | wc -l ` -gt 0 ]]; then
source $(dirname "$0")/../config.d/*.conf
#Check for configure.conf - used for frist setup of system
if [[ -f $(dirname "$0")/../config.d/configure.conf ]]; then
echo "System in configure-mode. Will use $(dirname "$0")/../config.d/configure.conf for setup."
source $(dirname "$0")/../config.d/configure.conf
else
#Load default system setup file
if [[ ! -f $(dirname "$0")/../config/setup_system.conf ]]; then
echo "System configuration not found. Please make a copy of setup_system.conf.dist, name it setup_system.conf and check the settings in it before running."
echo "Press any key to continue" && read -n 1 -s -r && exit 1
fi
source $(dirname "$0")/../config/setup_system.conf
#Parse additional client-configs
if [[ `ls -1 $(dirname "$0")/../config.d/*.conf 2>/dev/null | wc -l ` -gt 0 ]]; then
source $(dirname "$0")/../config.d/*.conf
fi
fi
#Check if the Data- Directory is encrypted
@@ -74,7 +82,8 @@ get_nc_token() {
return 1 # Token for Superuser makes no sense and cannot work
fi
if [ ${IPAVAULTUSE} == "true" ]; then
# If Filename is given andf encryption is turned on, than first check for encrypted Directory
if [ ${IPAVAULTUSE} == "true" ] && [ ! -z ${DAVTOKENFILENAME} ]; then
check_data_isecrypted
if [ $? -ne 0 ]; then
echo "Data Directory is not encrypted. Please mount it first."
@@ -82,7 +91,7 @@ get_nc_token() {
fi
fi
if [ ! -f ${DAVTOKENFILENAME} ]; then
if [ ! -f ${DAVTOKENFILENAME} ] || [ -z ${DAVTOKENFILENAME} ]; then
echo "No token found here. Getting a new WEBDAV Token for this Device."
echo "Please logon to your Nextcloud instance via SSO/kerberos"
@@ -102,8 +111,12 @@ get_nc_token() {
echo -n "Poll Number ${i}..."
POLLJSON=$( curl -s -X POST "https://${SERVERFQDN_NC}/login/v2/poll" -d "token=${REQTOKEN}" )
if [[ "${POLLJSON}" == *"appPassword"* ]]; then
echo "${POLLJSON}" > ${DAVTOKENFILENAME}
echo "found token. Token has been written to ${DAVTOKENFILENAME}"
if [ ! -z ${DAVTOKENFILENAME} ]; then
echo "${POLLJSON}" > ${DAVTOKENFILENAME}
echo "Token has been written to ${DAVTOKENFILENAME}"
else
echo "Temporary token was obtained."
fi
pkill firefox
break
else
system_setup/sync_client_software.sh
+18
View File
@@ -72,6 +72,24 @@ if [[ ! -z "${DISTCONFIGPATH_SRC}" ]]; then
fi
echo "Sucessfully synced."
echo ""
# Check, if we are in configure-mode and if so, remove the file and reread the now new synced configuration
if [ -f $(dirname "$0")/../config.d/configure.conf ]; then
#Check if configuration was obtained by sync
if [ -f $(dirname "$0")/../config/setup_system.conf ]; then
echo "Existing configuration found in Repository, removing configure-mode and reread the configuration."
rm -f $(dirname "$0")/../config.d/configure.conf.bak >/dev/null
mv $(dirname "$0")/../config.d/configure.conf $(dirname "$0")/../config.d/configure.conf.bak
source $(dirname "$0")/../config/setup_system.conf
else
echo "System is in configure-mode and configuration repository was found and synced, but still not configuration was found"
echo "checking file $(dirname "$0")/../config/setup_system.conf"
echo ""
echo "Please make a inital copy of config/setup_system.conf.dist to config/setup_system.conf and check all settings there."
echo "Then rerun the logon script to sync the file to your repository."
echo "Press any key to continue" && read -n 1 -s -r && exit 1
fi
fi
fi
#Check if Repository is defined
if [ "${CLIENT_SOFTWARE_DST}." == "." ]; then