This commit is contained in:
parent
1399f66200
commit
6eb0ca5e6e
|
@ -1,5 +1,13 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Some Global Variables
|
||||
|
||||
ssh_authorized_keys_path='/root/.ssh/authorized_keys'
|
||||
ssh_config_path='/etc/ssh/ssh_config'
|
||||
sshd_config_path='/etc/ssh/sshd_config'
|
||||
etc_resolv_path='/etc/resolv.conf'
|
||||
|
||||
|
||||
# Functions
|
||||
|
||||
get_distro() {
|
||||
|
@ -7,77 +15,84 @@ get_distro() {
|
|||
echo $OS
|
||||
}
|
||||
|
||||
|
||||
# Main Code Starts here
|
||||
|
||||
# Some common path variables and command flags
|
||||
|
||||
ssh_authorized_keys_path='/root/.ssh/authorized_keys'
|
||||
ssh_config_path='/etc/ssh/ssh_config'
|
||||
sshd_config_path='/etc/ssh/sshd_config'
|
||||
etc_resolv_path='/etc/resolv.conf'
|
||||
edge_package_flags='--update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted'
|
||||
|
||||
# Show output of this script
|
||||
if [[ ! -e /etc/conf.d/local ]] && ! grep -q "rc_verbose=yes" /etc/conf.d/local; then
|
||||
echo "rc_verbose=yes" >> /etc/conf.d/local
|
||||
fi
|
||||
|
||||
|
||||
# Check if rdnssd is installed, if not put ungleich DNS
|
||||
# into /etc/resolv.conf and install rdnssd for the next time
|
||||
if ! $(which rdnssd); then
|
||||
echo "nameserver 2001:4860:4860::8888" >> $etc_resolv_path
|
||||
echo "nameserver 2001:4860:4860::8844" >> $etc_resolv_path
|
||||
echo "nameserver 8.8.8.8" >> $etc_resolv_path
|
||||
echo "nameserver 8.8.4.4" >> $etc_resolv_path
|
||||
|
||||
apk add ndisc6 $edge_package_flags
|
||||
fi
|
||||
|
||||
# Start rdnssd to get DNS
|
||||
rdnssd -u root -r /etc/resolv.conf
|
||||
|
||||
|
||||
# Initial Package Intallation
|
||||
if [[ $(get_distro) = "alpine" ]]; then
|
||||
apk update
|
||||
apk add openssh-server sfdisk util-linux jq curl
|
||||
|
||||
setup_ssh() {
|
||||
mkdir -p $(dirname $ssh_authorized_keys_path)
|
||||
touch $ssh_authorized_keys_path
|
||||
|
||||
if ! grep -q "PasswordAuthentication no" $sshd_config_path; then
|
||||
echo "PasswordAuthentication no" >> $sshd_config_path
|
||||
fi
|
||||
|
||||
|
||||
if ! grep -q "PermitRootLogin yes" $sshd_config_path; then
|
||||
echo "PermitRootLogin yes" >> $sshd_config_path
|
||||
fi
|
||||
|
||||
# TODO: Make sure to replace the following address with http://metadata
|
||||
# whenever we got http://metadata resolving to url work successfully.
|
||||
|
||||
metadata=$(curl http://[2a0a:e5c1:144::]:5000)
|
||||
echo "$metadata" | jq -r '.["ssh-key-list"] | .[]' > ssh-key-list.txt
|
||||
while read ssh_key; do
|
||||
if ! grep -q "$ssh_key" $ssh_authorized_keys_path; then
|
||||
echo $ssh_key >> $ssh_authorized_keys_path
|
||||
fi
|
||||
|
||||
done < ssh-key-list.txt
|
||||
rm -f ssh-key-list.txt
|
||||
|
||||
service sshd restart
|
||||
}
|
||||
|
||||
grow_partition() {
|
||||
# TODO: Try to replace the growpart to parted
|
||||
wget https://git.launchpad.net/ubuntu/+source/cloud-utils/plain/bin/growpart
|
||||
if [ -e growpart ]; then
|
||||
sh ./growpart /dev/vda 3; rm growpart
|
||||
else
|
||||
tput setaf 1; echo "growpart couldn't be downloaded"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
make_script_verbose() {
|
||||
# Show output of this script
|
||||
if [[ ! -e /etc/conf.d/local ]] && ! grep -q "rc_verbose=yes" /etc/conf.d/local; then
|
||||
echo "rc_verbose=yes" >> /etc/conf.d/local
|
||||
fi
|
||||
}
|
||||
|
||||
setup_dns() {
|
||||
# Check if rdnssd is installed, if not put Google's DNS
|
||||
# into /etc/resolv.conf and install rdnssd for the next time
|
||||
if ! $(which rdnssd); then
|
||||
echo "nameserver 2001:4860:4860::8888" >> $etc_resolv_path
|
||||
echo "nameserver 2001:4860:4860::8844" >> $etc_resolv_path
|
||||
echo "nameserver 8.8.8.8" >> $etc_resolv_path
|
||||
echo "nameserver 8.8.4.4" >> $etc_resolv_path
|
||||
fi
|
||||
}
|
||||
|
||||
# Main Code Starts here
|
||||
|
||||
make_script_verbose
|
||||
setup_dns
|
||||
|
||||
# Initial Package Installation
|
||||
if [[ $(get_distro) = "alpine" ]]; then
|
||||
edge_package_flags='--update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted'
|
||||
|
||||
apk update
|
||||
apk add ndisc6 $edge_package_flags
|
||||
apk add openssh-server sfdisk util-linux jq curl ncurses
|
||||
else
|
||||
echo "Unsupported OS"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# TODO: Try to replace the growpart to parted
|
||||
|
||||
wget https://git.launchpad.net/ubuntu/+source/cloud-utils/plain/bin/growpart
|
||||
if [ -e growpart ]; then
|
||||
sh ./growpart /dev/vda 3; rm growpart
|
||||
fi
|
||||
service enable rdnssd
|
||||
service start rdnssd
|
||||
|
||||
setup_ssh
|
||||
|
||||
# TODO: Make sure to replace the following address with http://metadata
|
||||
# whenever we got http://metadata resolving to url work successfully.
|
||||
|
||||
metadata=$(curl http://[2a0a:e5c1:144::]:5000)
|
||||
echo "$metadata" | jq -r '.["ssh-key-list"] | .[]' > ssh-key-list.txt
|
||||
while read ssh_key; do
|
||||
if ! grep -q "$ssh_key" $ssh_authorized_keys_path; then
|
||||
echo $ssh_key >> $ssh_authorized_keys_path
|
||||
fi
|
||||
|
||||
done < ssh-key-list.txt
|
||||
rm -f ssh-key-list.txt
|
||||
|
||||
service sshd restart
|
||||
grow_partition
|
||||
|
|
Loading…
Reference in New Issue