git clean -fd scopes to the current directory and below, so running it
from the system_setup/ subdirectory missed untracked files in sibling
dirs like config/. Use -C "${SYSCONFIGPATH}" to always clean from the
repo root regardless of invocation directory.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace the broken `git rebase HEAD^` with a proper shallow fetch:
- `git fetch --depth=1` limits local history to one commit, regardless of server history
- `git reset --hard FETCH_HEAD` syncs the working tree to the fetched tip
- `git clean -fd` removes untracked non-ignored files left by old versions
- `git gc --prune=now` immediately purges unreachable history objects
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Set _nc_first=0 in the already-found branch so that a configured folder
prevents subsequent entries from wiping the Nextcloud config.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Before the sync loop, find all *.bak directories in the parent dirs of
configured sync paths, list them with their size, and ask the user to
delete them with a y/N prompt.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace static _bak suffix with _YYYYMMDDhhmmss.bak so repeated runs
never fail trying to overwrite an existing backup directory.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Config wipe now guarded by _nc_wipe_done flag so subsequent new entries
do not destroy the previous setup. _nc_first logic kept as comments for
later activation when multi-folder support is confirmed working.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Shebang changed to sh; replace all [[ ]] with [ ], == with = in [ ]
- Loop over CLIENT_DATA_SYNC[@] directly instead of counting to 100;
replace index-based first-entry check with a _nc_first flag
- Fix missing fi before done, remove stray fi after KWallet block
- Dedent KWallet block to top level (was left indented from inside the loop)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- sync_client_software.sh: add system-wide flatpak session-bus override for
Nextcloud so KWallet D-Bus access works for all users; fix broken compound
test ([ a || b ] → [ a ] || [ b ])
- user_run.sh: check KWallet entries with hasEntry before writing — skip write
and print info message when both passwords are already present; remove stale
commented-out code
- install.sh: forward REPO_URL and REPO_BRANCH into configure.sh environment
for both the su- and direct-bash invocation paths
- configure.sh: simplify do_configure (user cleanup)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add source_fedora_44.inc with verified mirror URLs for Fedora 44 base,
updates, cisco-openh264, and RPM Fusion free/nonfree. Both kde_fullsetup.cfg
and cinnamon_fullsetup.cfg now %include this file instead of inlining the
repo lines. Fix stale comment in source_fedora_44.inc (said Fedora 43).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
cinnamon_fullsetup.cfg: add xapps package so the xapp-gtk3-module GTK
module referenced in Cinnamon's GTK settings is present for Flatpak apps.
user_run.sh: pass --setenv=SESSION_MANAGER= to systemd-run so Qt does not
try to connect to an X11 session manager socket that may not exist (fixes
"Could not open network socket" on Wayland and non-KDE desktops).
Guard the KWallet D-Bus block behind a session-bus presence check
(qdbus | grep org.kde.kwalletd) so it is skipped entirely on Cinnamon and
other non-KDE desktops instead of producing D-Bus errors.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
setup_system.inc.sh: replace $(dirname "$0") with $(dirname "${BASH_SOURCE[0]:-$0}") so
paths resolve correctly whether the file is sourced or executed directly. Add --missingconfok
flag to warn-and-continue instead of prompting+aborting when config is missing. Fix machine_uuid
path (missing ../). Move `source config` into the else branch so it is not reached when
missingconfok skips the exit.
install.sh: source inc.sh instead of executing it as a subprocess so exported variables
(REPO_URL etc.) propagate back to the caller. Fix git-origin conflict handling: when reusing
an existing OEMDRV partition the user has already confirmed they want to keep it, so remove
the "fresh clone / wipe" option entirely. Now always pulls (fetch+checkout) when a git repo
is present; clears and fresh-clones only when no git repo exists on the partition.
basic_pre_script.inc: dot-source inc.sh so INSTALLDOCS and other config vars are available.
config.dist, sync_client_software.sh: rename UPGRADEURL/UPGRADEBRANCH to REPO_URL/REPO_BRANCH
to match the variable names already used in install.sh.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
basic_pre_script.inc already identifies the disk holding OEMDRV
($SYSDRIVE). Write its short name to /tmp/disk-include.cfg after the
GPT check so both cinnamon and KDE profiles can %include it instead of
the hardcoded 'ignoredisk --only-use=sda,nvme0n1' that fails on
systems without an NVMe drive (or without sda).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Use config/setup_system.conf as the template for configure.conf when
present, so existing values appear as defaults. Falls back to the dist
file on a fresh install.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- install.sh: pre-create ks.cfg with o+w after permission setup so
non-root users can overwrite it (OEMDRV root itself stays o=rX)
- install.sh: restore su drop to $SUDO_USER when it is set and not
root; fall back to direct root execution otherwise
- configure.sh: remove the hard root check so both cases work
- configure.md: update docs to reflect root/non-root support
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Move setup_system.conf.dist to system_setup/config.dist/ and
skel.tar.zst.dist + pack_skel.sh to system_setup/skel/; config/ now
holds only gitignored local files
- Fix configure.sh CONF_DIST path (was pointing at non-existent
config/setup_system.conf.dist)
- Fix skel/pack_skel.sh: remove vestigial source line whose path was
wrong in both old and new location
- Update error messages in setup_system.inc.sh and
sync_client_software.sh to reference new dist file location
- Move machine_uuid reading/writing into setup_system.inc.sh so all
scripts have MACHINEID available; setup_system.conf.dist now uses
MACHINEID conditionally with a hostname fallback
- sync_client_software.sh: fix && / typo (should be && \) that broke
the flatpak remote-add → install chain; add network error handling
after flatpak install; cleanup upgrade logic and chown placement
- Update CLAUDE.md and install.md to reflect new dist file locations
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Detect existing OEMDRV partition at startup; offer to reuse it
instead of creating a new one (mounts if needed, sources existing
setup_system.inc.sh before cloning)
- When existing repo origin/branch differs from REPO_URL/REPO_BRANCH,
offer to pull from existing origin, migrate to new origin (preserving
gitignored local files), or fall through to fresh clone
- Extract finish_install() and do_clone_and_done() helpers to share
clone, permissions, and configure.sh prompt across all paths
- Replace generic chmod with chown root:root + chmod ug=rwX,o=rX
recursively, plus o+w on config/ and config.d/
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Fetches user_full_name (givenname + sn) and user_email from FreeIPA via
ipalib and writes them into the Thunderbird IMAP account prefs. Adds
ipalib availability check to logon_script.sh. Drops TB_MAIL_FULLNAME
config variable.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds SERVERFQDN_IMAP and TB_MAIL_FULLNAME to setup_system.conf.dist.
On each logon the script checks if an IMAP account for DAVTOKEN_USER@TLDOMAIN
already exists in prefs.js; if not it writes the server, identity, and account
entries and registers it with accountmanager. Idempotent — skipped when the
account is already present.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Ensures session bus socket and kwalletd5/6 talk permissions are set at
logon, so Flatseal or a missing manifest entry cannot silently break
Talk's credential storage and Plasma integration.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
--scope ... & had two problems:
1. systemd-run stayed alive in the autostart service cgroup;
KillMode=control-group sent it SIGTERM when logon_script.sh exited,
tearing down the scope and killing Talk mid-initialization.
2. The scope lacked Delegate=yes, preventing Electron's zygote from
creating sub-cgroups for the GPU/renderer processes.
The previous commit added Delegate=yes but kept --scope, so problem 1
remained: the scope was still torn down on service exit, causing the
GPU/network service crash visible in talk.log.
Switch to a transient service unit identical to the Nextcloud Desktop
Client fix: --no-block returns immediately so systemd-run is gone from
the cgroup before the service ends; --property=Delegate=yes is retained
for Electron's zygote. Tested: service active, zygote and network
service running, no GPU crash.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
obel1x
Daniel unbrot Pätzold
unbrot