#!/bin/bash set -e [[ -z $2 ]] && echo timezone and country_code? && exit 1 timezone=$1 country_code=$2 [[ ! -x `which timedatectl` ]] && echo error: timedatectl executable not found && exit 1 [[ ! -x `which systemctl` ]] && echo error: systemctl executable not found && exit 1 export DEBIAN_FRONTEND=noninteractive export SYSTEMD_COLORS=0 export SYSTEMD_URLIFY=0 export LANG=en_US.UTF-8 export LANGUAGE=en_US:en export LC_ALL=en_US.UTF-8 echo -n setting up time-zone $timezone ... timedatectl set-timezone $timezone && echo done available_clocks=`cat /sys/devices/system/clocksource/clocksource0/available_clocksource` echo available clocks are $available_clocks current_clock=`cat /sys/devices/system/clocksource/clocksource0/current_clocksource` echo current clock is $current_clock # select the right clock in order of preference if [[ -n `echo $available_clocks | grep kvm-clock` ]]; then if [[ $current_clock != kvm-clock ]]; then echo -n enable kvm-clock ... echo kvm-clock > /sys/devices/system/clocksource/clocksource0/current_clocksource && echo done fi elif [[ -n `echo $available_clocks | grep hpet` ]]; then if [[ $current_clock != hpet ]]; then echo -n enable hpet ... echo hpet > /sys/devices/system/clocksource/clocksource0/current_clocksource && echo done fi fi echo -n current boot args are\ cat /proc/cmdline | sed -r ' s/BOOT_IMAGE=[^ ]* //; s/root=[^ ]* //; s/ro //; ' echo -n tuning grub2 ... if [[ ! -f /etc/default/grub.dist ]]; then if [[ $ansible_group != stations ]]; then cmdline_def="net.ifnames=0 biosdevname=0 console=ttyS0" else cmdline_def="net.ifnames=0 biosdevname=0" fi echo -n " $cmdline_def " if [[ -n `echo $available_clocks | grep kvm-clock` ]]; then cmdline="notsc clocksource=kvm-clock" echo -n " $cmdline " elif [[ -n `echo $available_clocks | grep hpet` ]]; then cmdline="notsc clocksource=hpet" echo -n " $cmdline " fi [[ -f /etc/grub.d/30_os-prober ]] && rm -f /etc/grub.d/30_os-prober [[ -d /etc/default/grub.d/ && ! -d /etc/default/grub.d.disabled/ ]] && mv -i /etc/default/grub.d/ /etc/default/grub.d.disabled/ mv -i /etc/default/grub /etc/default/grub.dist grep -vE '^$|^#' /etc/default/grub.dist > /etc/default/grub.clean # warning escapes are in there cat > /etc/default/grub < /dev/null || echo Debian\` GRUB_CMDLINE_LINUX_DEFAULT="$cmdline_def" GRUB_CMDLINE_LINUX="$cmdline" GRUB_DISABLE_OS_PROBER=true EOF # mitigations=0 # note linux mint has GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" # note yandex cloud images have GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=0 biosdevname=0 console=ttyS0" update-grub2 >/dev/null 2>&1 && echo done || echo FAIL changed=1 unset cmdline_def cmdline else echo already fi echo -n "is some ntpd running? " tmp=`pgrep -a ntpd | head -1; pgrep -a chronyd | head -1` || true if [[ -n $tmp ]]; then echo $tmp else echo no fi echo -n checking for openntpd ... if dpkg -s openntpd >/dev/null 2>&1; then echo already there else echo missing # disable legacy ntp no matter what systemctl stop ntp >/dev/null 2>&1 || true systemctl disable ntp >/dev/null 2>&1 || true echo -n update package cache \(/var/tmp/debian-time.log\) ... apt-get -q -y update > /var/tmp/debian-time.log 2>&1 && echo done || echo FAIL echo '' >> /var/tmp/debian-time.log echo -n purge legacy ntp tools \(/var/tmp/debian-time.log\) ... apt-get -q -y purge ntp ntpdate ntpsec ntpsec-ntpdate ntpsec-ntpdig python3-ntp \ >> /var/tmp/debian-time.log 2>&1 && echo done || echo FAIL echo '' >> /var/tmp/debian-time.log echo -n install openntpd \(/var/tmp/debian-time.log\) ... apt-get -q -y install openntpd >> /var/tmp/debian-time.log 2>&1 && echo done || echo FAIL echo '' >> /var/tmp/debian-time.log mv -f /etc/openntpd/ntpd.conf /etc/openntpd/ntpd.conf.dist grep -vE '^#|^$' /etc/openntpd/ntpd.conf.dist > /etc/openntpd/ntpd.conf.clean grep -vE '^#|^$' /etc/openntpd/ntpd.conf.dist > /etc/openntpd/ntpd.conf changed=1 fi (( changed == 1 )) && echo changed - all done && exit 0 echo all done - nothing changed