dwallraff · March 7, 2025 21:55
diff --git a/bootstrap.sh b/bootstrap.sh
 #! /usr/bin/env bash
 #-- Dave Wallraff

 # First things first, I'm the realest...

 ### bootstrap crostini container
 # curl -sL dwallraff.com/bootstrap | bash

 # wrap in a function for curl|bash
 do_stuff() {

  ######
  ## Prep and upgrade apt repos
  ######
  sudo apt update --allow-releaseinfo-change -y
  
  ######
  ## Add other repos and tools
  ######

  DEBIAN_VER="$(grep VERSION= /etc/os-release | awk -F "[()]" '{print $2}')"
  export DEBIAN_VER

  # vs-code
  wget -O- https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -
  echo "deb https://packages.microsoft.com/repos/vscode stable main" | sudo tee /etc/apt/sources.list.d/vscode.list

  # signal
  wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > signal-desktop-keyring.gpg
  sudo mv -f signal-desktop-keyring.gpg /usr/share/keyrings/
  echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' | sudo tee /etc/apt/sources.list.d/signal-xenial.list
 
  # 1Password
  curl -sS https://downloads.1password.com/linux/keys/1password.asc | sudo gpg --batch --yes --dearmor --output /usr/share/keyrings/1password-archive-keyring.gpg
  echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/$(dpkg --print-architecture) stable main" | sudo tee /etc/apt/sources.list.d/1password.list
  sudo mkdir -p /etc/debsig/policies/AC2D62742012EA22/
  curl -sS https://downloads.1password.com/linux/debian/debsig/1password.pol | sudo tee /etc/debsig/policies/AC2D62742012EA22/1password.pol
  sudo mkdir -p /usr/share/debsig/keyrings/AC2D62742012EA22
  curl -sS https://downloads.1password.com/linux/keys/1password.asc | sudo gpg --batch --yes --dearmor --output /usr/share/debsig/keyrings/AC2D62742012EA22/debsig.gpg
  
  ######
  ## Install tools
  ######

  export DEBIAN_FRONTEND=noninteractive

  #https://www.linuxuprising.com/2019/06/fix-missing-gpg-key-apt-repository.html
  sudo apt update 2>&1 1>/dev/null | sed -ne 's/.*NO_PUBKEY //p' | while read -r key; do if ! [[ ${keys[*]} =~ $key ]]; then sudo apt-key adv --keyserver https://keyserver.ubuntu.com --recv-keys "$key"; keys+=("$key"); fi; done
  sudo apt update --fix-missing -y
  sudo apt dist-upgrade -y
  
  # apt install the things
  sudo apt install -y \
    1password-cli \
    apt-transport-https \
    autoconf \
    bison \
    build-essential \
    bzip2 \
    ca-certificates \
    cmake \
    code \
    conntrack \
    coreutils \
    curl \
    dnsutils \
    file \
    git \
    git-lfs \
    gnome-keyring \
    gnupg2 \
    hping3 \
    httpie \
    img2pdf \
    iperf \
    iputils-ping \
    iputils-tracepath \
    jq \
    less \
    libffi-dev \
    libgdbm-dev \
    libkrb5-3 \
    libnss3 \
    libopengl0 \
    libncurses5-dev \
    libreadline-dev \
    libsecret-1-0 \
    libssl-dev \
    lsof \
    man \
    mosh \
    mtr \
    ncat \
    nmap \
    ocrmypdf \
    openssl \
    python3 \
    python3-pip \
    screen \
    signal-desktop \
    software-properties-common \
    tcpdump \
    tmate \
    traceroute \
    unzip \
    vim \
    wget \
    whois \
    zlib1g \
    zlib1g-dev

  ######
  ## Software not in repos
  ######
  
  # shell check
  cd /usr/local/bin && sudo wget -O shellcheck.tar.xz \
    "$(curl -s https://api.github.com/repos/koalaman/shellcheck/releases/latest \
    | jq --raw-output '.assets[] | .browser_download_url' | grep --color=never linux.x86)" && sudo xz -d shellcheck.tar.xz \
    && sudo tar xf shellcheck.tar --wildcards --strip-components 1 shellcheck*/shellcheck && sudo rm shellcheck.tar \
    && sudo chmod +x shellcheck
    
  # rMAPI
  cd /usr/local/bin && sudo wget -O rmapi.tar.gz \
    "$(curl -s https://api.github.com/repos/juruen/rmapi/releases/latest \
    | jq --raw-output '.assets[] | .browser_download_url' | grep --color=never linux)" \
    && sudo tar xzf rmapi.tar.gz && sudo rm rmapi.tar.gz \
    && sudo chmod +x rmapi 

  # calibre
  wget -nv -O- https://download.calibre-ebook.com/linux-installer.sh | sudo sh /dev/stdin

  # docker cli
  TEMP=$(mktemp -d)
  cd "$TEMP" || return
  DOCKER_VER=$(curl https://download.docker.com/linux/static/stable/x86_64/index.html | grep -v rootless | grep docker | sort -ru | head -n 1 | sed -n 's/.*href="\([^"]*\).*/\1/p')
  wget -O docker.tgz https://download.docker.com/linux/static/stable/x86_64/"$DOCKER_VER"
  tar xzvf docker.tgz
  chmod +x docker/docker
  sudo mv docker/docker /usr/local/bin/.
  
  # kubectl cli
  cd /usr/local/bin \
  && sudo curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" \
  && sudo chmod +x kubectl

  ### cleanup
  sudo apt update && sudo apt upgrade -y
  sudo apt autoremove
  sudo sh -c 'echo "" > /etc/motd'
  sudo rm -f /etc/update-motd.d/10-uname 2> /dev/null || true
  

  ######
  ## Clone my stuffs
  ######
  
  if [ ! -d ~/code/dotfiles ]; then
    git clone https://github.com/dwallraff/dotfiles ~/code/dotfiles
    cd ~/code/dotfiles || return
    git remote set-url origin [email protected]:dwallraff/dotfiles.git
  fi
  
  if [ ! -d ~/code/dwallraff.github.io ]; then
    git clone https://github.com/dwallraff/dwallraff.github.io ~/code/dwallraff.github.io
    cd ~/code/dwallraff.github.io || return
    git remote set-url origin [email protected]:dwallraff/dwallraff.github.io.git
  fi
  
  if [ ! -d ~/code/calibre-config ]; then
    git clone https://github.com/dwallraff/calibre-config ~/code/calibre-config
    cd ~/code/calibre-config || return
    git lfs install
    git remote set-url origin [email protected]:dwallraff/calibre-config
  fi
  
  cd ~ || return

  ######
  ## Link stuffs up
  ######

  mkdir -p ~/.ssh/configs
  mkdir -p ~/.gnupg
  mkdir -p ~/code/work
  mkdir -p ~/.config
  chmod 700 ~/.gnupg
  ln -snf ~/code/dotfiles/bashrc ~/.bashrc
  ln -snf ~/code/dotfiles/vimrc ~/.vimrc
  ln -snf ~/code/dotfiles/screenrc ~/.screenrc
  ln -snf ~/code/dotfiles/gitconfig ~/.gitconfig
  ln -snf ~/code/dotfiles/gitconfig_work ~/code/work/.gitconfig
  ln -snf ~/code/dotfiles/authorized_keys ~/.ssh/authorized_keys
  ln -snf ~/code/dotfiles/ssh_config ~/.ssh/config
  ln -snf ~/code/dotfiles/ssh_config_includes/* ~/.ssh/configs
  ln -snf /mnt/chromeos/MyFiles/ ~/MyFiles
  ln -snf /mnt/chromeos/GoogleDrive/MyDrive/ ~/GoogleDrive
  ln -snf /mnt/chromeos/GoogleDrive/MyDrive/books/library ~/library
  ln -snf ~/code/calibre-config ~/.config/calibre
  
  # Add public key to keychain
  gpg --recv 86E3A6538517BCC6F7140CF926E38F79A25C6B83
  echo -e "5\ny\n" |  gpg --command-fd 0 --expert --edit-key 86E3A6538517BCC6F7140CF926E38F79A25C6B83 trust
  

  #####
  ## Start crostini SSH server
  #####
  
  if [ -f /etc/ssh/sshd_not_to_be_run ]; then
    sudo mv /etc/ssh/sshd_not_to_be_run /etc/ssh/sshd_to_be_run
  fi
  sudo sed -i '/#PasswordAuthentication yes/ c\PasswordAuthentication no' /etc/ssh/sshd_config
  sudo systemctl restart ssh

 }

 do_stuff

 ######
 ## Afterwords
 ######

 # Termina Color Scheme backup
 cat << 'EOF' > ~/termina_config_backup.json
 {
  "magic": "nassh-prefs",
  "version": 1,
  "nassh": {
    "profile-ids": [
      {
        "id": "4998",
        "json": {
          "description": "localhost",
          "username": "dwallraff",
          "hostname": "penguin.linux.test",
          "port": 22,
          "nassh-options": "--ssh-agent=gsc",
          "argstr": "-A"
        }
      },
      {
        "id": "1026",
        "json": {
          "description": "pi-hole",
          "username": "pi",
          "hostname": "192.168.86.32",
          "port": 22
        }
      }
    ],
    "welcome/notes-version": 137,
    "welcome/show-count": 10
  },
  "hterm": {
    "default": {
      "audible-bell-sound": "",
      "background-color": "#fdf6e3",
      "cursor-color": "rgba(101, 123, 131, 0.5)",
      "color-palette-overrides": [
        "#073642",
        "#dc322f",
        "#859900",
        "#b58900",
        "#268bd2",
        "#d33682",
        "#2aa198",
        "#eee8d5",
        "#002b36",
        "#cb4b16",
        "#586e75",
        "#657b83",
        "#839496",
        "#6c71c4",
        "#93a1a1",
        "#fdf6e3"
      ],
      "use-default-window-copy": true,
      "ctrl-c-copy": true,
      "ctrl-v-paste": true,
      "enable-bold": true,
      "enable-bold-as-bright": false,
      "environment": {
        "TERM": "xterm-16color"
      },
      "font-family": "\"Source Code Pro\", monospace",
      "font-size": 14,
      "font-smoothing": "subpixel-antialiased",
      "foreground-color": "#657b83",
      "keybindings-os-defaults": true,
      "pass-ctrl-n": true,
      "pass-ctrl-t": true,
      "pass-ctrl-tab": true,
      "pass-ctrl-w": true,
      "user-css": "http://fonts.googleapis.com/css?family=Source+Code+Pro"
    }
  }
 }
 EOF

 # Restoration instructions
 cat << 'EOF' > ~/README.txt
 If this is a completely new install:

 ## Restore settings to Termina
 -----

 - Right-click Secure Shell app icon
  - Select options
  - Restore backup
  - Select termina_config_backup.json

 - Create shortcut
  - triple dot -> More tools -> Create shortcut -> New window
 EOF
	#! /usr/bin/env bash
	#-- Dave Wallraff

	# First things first, I'm the realest...

	### bootstrap crostini container
	# curl -sL dwallraff.com/bootstrap \| bash

	# wrap in a function for curl\|bash
	do_stuff() {

	######
	## Prep and upgrade apt repos
	######
	sudo apt update --allow-releaseinfo-change -y

	######
	## Add other repos and tools
	######

	DEBIAN_VER="$(grep VERSION= /etc/os-release \| awk -F "[()]" '{print $2}')"
	export DEBIAN_VER

	# vs-code
	wget -O- https://packages.microsoft.com/keys/microsoft.asc \| sudo apt-key add -
	echo "deb https://packages.microsoft.com/repos/vscode stable main" \| sudo tee /etc/apt/sources.list.d/vscode.list

	# signal
	wget -O- https://updates.signal.org/desktop/apt/keys.asc \| gpg --dearmor > signal-desktop-keyring.gpg
	sudo mv -f signal-desktop-keyring.gpg /usr/share/keyrings/
	echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' \| sudo tee /etc/apt/sources.list.d/signal-xenial.list

	# 1Password
	curl -sS https://downloads.1password.com/linux/keys/1password.asc \| sudo gpg --batch --yes --dearmor --output /usr/share/keyrings/1password-archive-keyring.gpg
	echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/$(dpkg --print-architecture) stable main" \| sudo tee /etc/apt/sources.list.d/1password.list
	sudo mkdir -p /etc/debsig/policies/AC2D62742012EA22/
	curl -sS https://downloads.1password.com/linux/debian/debsig/1password.pol \| sudo tee /etc/debsig/policies/AC2D62742012EA22/1password.pol
	sudo mkdir -p /usr/share/debsig/keyrings/AC2D62742012EA22
	curl -sS https://downloads.1password.com/linux/keys/1password.asc \| sudo gpg --batch --yes --dearmor --output /usr/share/debsig/keyrings/AC2D62742012EA22/debsig.gpg

	######
	## Install tools
	######

	export DEBIAN_FRONTEND=noninteractive

	#https://www.linuxuprising.com/2019/06/fix-missing-gpg-key-apt-repository.html
	sudo apt update 2>&1 1>/dev/null \| sed -ne 's/.NO_PUBKEY //p' \| while read -r key; do if ! [[ ${keys[]} =~ $key ]]; then sudo apt-key adv --keyserver https://keyserver.ubuntu.com --recv-keys "$key"; keys+=("$key"); fi; done
	sudo apt update --fix-missing -y
	sudo apt dist-upgrade -y

	# apt install the things
	sudo apt install -y \
	1password-cli \
	apt-transport-https \
	autoconf \
	bison \
	build-essential \
	bzip2 \
	ca-certificates \
	cmake \
	code \
	conntrack \
	coreutils \
	curl \
	dnsutils \
	file \
	git \
	git-lfs \
	gnome-keyring \
	gnupg2 \
	hping3 \
	httpie \
	img2pdf \
	iperf \
	iputils-ping \
	iputils-tracepath \
	jq \
	less \
	libffi-dev \
	libgdbm-dev \
	libkrb5-3 \
	libnss3 \
	libopengl0 \
	libncurses5-dev \
	libreadline-dev \
	libsecret-1-0 \
	libssl-dev \
	lsof \
	man \
	mosh \
	mtr \
	ncat \
	nmap \
	ocrmypdf \
	openssl \
	python3 \
	python3-pip \
	screen \
	signal-desktop \
	software-properties-common \
	tcpdump \
	tmate \
	traceroute \
	unzip \
	vim \
	wget \
	whois \
	zlib1g \
	zlib1g-dev

	######
	## Software not in repos
	######

	# shell check
	cd /usr/local/bin && sudo wget -O shellcheck.tar.xz \
	"$(curl -s https://api.github.com/repos/koalaman/shellcheck/releases/latest \
	\| jq --raw-output '.assets[] \| .browser_download_url' \| grep --color=never linux.x86)" && sudo xz -d shellcheck.tar.xz \
	&& sudo tar xf shellcheck.tar --wildcards --strip-components 1 shellcheck*/shellcheck && sudo rm shellcheck.tar \
	&& sudo chmod +x shellcheck

	# rMAPI
	cd /usr/local/bin && sudo wget -O rmapi.tar.gz \
	"$(curl -s https://api.github.com/repos/juruen/rmapi/releases/latest \
	\| jq --raw-output '.assets[] \| .browser_download_url' \| grep --color=never linux)" \
	&& sudo tar xzf rmapi.tar.gz && sudo rm rmapi.tar.gz \
	&& sudo chmod +x rmapi

	# calibre
	wget -nv -O- https://download.calibre-ebook.com/linux-installer.sh \| sudo sh /dev/stdin

	# docker cli
	TEMP=$(mktemp -d)
	cd "$TEMP" \|\| return
	DOCKER_VER=$(curl https://download.docker.com/linux/static/stable/x86_64/index.html \| grep -v rootless \| grep docker \| sort -ru \| head -n 1 \| sed -n 's/.href="\([^"]\).*/\1/p')
	wget -O docker.tgz https://download.docker.com/linux/static/stable/x86_64/"$DOCKER_VER"
	tar xzvf docker.tgz
	chmod +x docker/docker
	sudo mv docker/docker /usr/local/bin/.

	# kubectl cli
	cd /usr/local/bin \
	&& sudo curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" \
	&& sudo chmod +x kubectl

	### cleanup
	sudo apt update && sudo apt upgrade -y
	sudo apt autoremove
	sudo sh -c 'echo "" > /etc/motd'
	sudo rm -f /etc/update-motd.d/10-uname 2> /dev/null \|\| true


	######
	## Clone my stuffs
	######

	if [ ! -d ~/code/dotfiles ]; then
	git clone https://github.com/dwallraff/dotfiles ~/code/dotfiles
	cd ~/code/dotfiles \|\| return
	git remote set-url origin [email protected]:dwallraff/dotfiles.git
	fi

	if [ ! -d ~/code/dwallraff.github.io ]; then
	git clone https://github.com/dwallraff/dwallraff.github.io ~/code/dwallraff.github.io
	cd ~/code/dwallraff.github.io \|\| return
	git remote set-url origin [email protected]:dwallraff/dwallraff.github.io.git
	fi

	if [ ! -d ~/code/calibre-config ]; then
	git clone https://github.com/dwallraff/calibre-config ~/code/calibre-config
	cd ~/code/calibre-config \|\| return
	git lfs install
	git remote set-url origin [email protected]:dwallraff/calibre-config
	fi

	cd ~ \|\| return

	######
	## Link stuffs up
	######

	mkdir -p ~/.ssh/configs
	mkdir -p ~/.gnupg
	mkdir -p ~/code/work
	mkdir -p ~/.config
	chmod 700 ~/.gnupg
	ln -snf ~/code/dotfiles/bashrc ~/.bashrc
	ln -snf ~/code/dotfiles/vimrc ~/.vimrc
	ln -snf ~/code/dotfiles/screenrc ~/.screenrc
	ln -snf ~/code/dotfiles/gitconfig ~/.gitconfig
	ln -snf ~/code/dotfiles/gitconfig_work ~/code/work/.gitconfig
	ln -snf ~/code/dotfiles/authorized_keys ~/.ssh/authorized_keys
	ln -snf ~/code/dotfiles/ssh_config ~/.ssh/config
	ln -snf ~/code/dotfiles/ssh_config_includes/* ~/.ssh/configs
	ln -snf /mnt/chromeos/MyFiles/ ~/MyFiles
	ln -snf /mnt/chromeos/GoogleDrive/MyDrive/ ~/GoogleDrive
	ln -snf /mnt/chromeos/GoogleDrive/MyDrive/books/library ~/library
	ln -snf ~/code/calibre-config ~/.config/calibre

	# Add public key to keychain
	gpg --recv 86E3A6538517BCC6F7140CF926E38F79A25C6B83
	echo -e "5\ny\n" \| gpg --command-fd 0 --expert --edit-key 86E3A6538517BCC6F7140CF926E38F79A25C6B83 trust


	#####
	## Start crostini SSH server
	#####

	if [ -f /etc/ssh/sshd_not_to_be_run ]; then
	sudo mv /etc/ssh/sshd_not_to_be_run /etc/ssh/sshd_to_be_run
	fi
	sudo sed -i '/#PasswordAuthentication yes/ c\PasswordAuthentication no' /etc/ssh/sshd_config
	sudo systemctl restart ssh

	}

	do_stuff

	######
	## Afterwords
	######

	# Termina Color Scheme backup
	cat << 'EOF' > ~/termina_config_backup.json
	{
	"magic": "nassh-prefs",
	"version": 1,
	"nassh": {
	"profile-ids": [
	{
	"id": "4998",
	"json": {
	"description": "localhost",
	"username": "dwallraff",
	"hostname": "penguin.linux.test",
	"port": 22,
	"nassh-options": "--ssh-agent=gsc",
	"argstr": "-A"
	}
	},
	{
	"id": "1026",
	"json": {
	"description": "pi-hole",
	"username": "pi",
	"hostname": "192.168.86.32",
	"port": 22
	}
	}
	],
	"welcome/notes-version": 137,
	"welcome/show-count": 10
	},
	"hterm": {
	"default": {
	"audible-bell-sound": "",
	"background-color": "#fdf6e3",
	"cursor-color": "rgba(101, 123, 131, 0.5)",
	"color-palette-overrides": [
	"#073642",
	"#dc322f",
	"#859900",
	"#b58900",
	"#268bd2",
	"#d33682",
	"#2aa198",
	"#eee8d5",
	"#002b36",
	"#cb4b16",
	"#586e75",
	"#657b83",
	"#839496",
	"#6c71c4",
	"#93a1a1",
	"#fdf6e3"
	],
	"use-default-window-copy": true,
	"ctrl-c-copy": true,
	"ctrl-v-paste": true,
	"enable-bold": true,
	"enable-bold-as-bright": false,
	"environment": {
	"TERM": "xterm-16color"
	},
	"font-family": "\"Source Code Pro\", monospace",
	"font-size": 14,
	"font-smoothing": "subpixel-antialiased",
	"foreground-color": "#657b83",
	"keybindings-os-defaults": true,
	"pass-ctrl-n": true,
	"pass-ctrl-t": true,
	"pass-ctrl-tab": true,
	"pass-ctrl-w": true,
	"user-css": "http://fonts.googleapis.com/css?family=Source+Code+Pro"
	}
	}
	}
	EOF

	# Restoration instructions
	cat << 'EOF' > ~/README.txt
	If this is a completely new install:

	## Restore settings to Termina
	-----

	- Right-click Secure Shell app icon
	- Select options
	- Restore backup
	- Select termina_config_backup.json

	- Create shortcut
	- triple dot -> More tools -> Create shortcut -> New window
	EOF