Insert Google DNS Server instead of ungleich's
Put ssh configuration in sshd_config instead of ssh_config Fix growpart command argument Correctly, insert ssh keys
This commit is contained in:
parent
3d3d83ad07
commit
793056b72b
|
@ -14,6 +14,7 @@ get_distro() {
|
|||
ssh_authorized_keys_path='/root/.ssh/authorized_keys'
|
||||
ssh_config_path='/etc/ssh/ssh_config'
|
||||
sshd_config_path='/etc/ssh/sshd_config'
|
||||
etc_resolv_path='/etc/resolv.conf'
|
||||
|
||||
# Show output of this script
|
||||
if [[ ! -e /etc/conf.d/local ]] && ! grep -q "rc_verbose=yes" /etc/conf.d/local; then
|
||||
|
@ -23,8 +24,10 @@ fi
|
|||
# Check if rdnssd is installed, if not put ungleich DNS
|
||||
# into /etc/resolv.conf and install rdnssd for the next time
|
||||
if ! $(which rdnssd); then
|
||||
echo "nameserver 2a0a:e5c0::3" >> /etc/resolv.conf
|
||||
echo "nameserver 2a0a:e5c0::4" >> /etc/resolv.conf
|
||||
echo "nameserver 2001:4860:4860::8888" >> $etc_resolv_path
|
||||
echo "nameserver 2001:4860:4860::8844" >> $etc_resolv_path
|
||||
echo "nameserver 8.8.8.8" >> $etc_resolv_path
|
||||
echo "nameserver 8.8.4.4" >> $etc_resolv_path
|
||||
|
||||
apk add ndisc6
|
||||
fi
|
||||
|
@ -39,14 +42,13 @@ if [[ $(get_distro) = "alpine" ]]; then
|
|||
apk add openssh-server sfdisk util-linux jq
|
||||
touch $ssh_authorized_keys_path
|
||||
|
||||
if ! grep -q "PasswordAuthentication no" $ssh_config_path; then
|
||||
echo "PasswordAuthentication no" >> $ssh_config_path
|
||||
if ! grep -q "PasswordAuthentication no" $sshd_config_path; then
|
||||
echo "PasswordAuthentication no" >> $sshd_config_path
|
||||
fi
|
||||
|
||||
if ! grep -q "PermitRootLogin prohibit-password" $sshd_config_path; then
|
||||
echo "PermitRootLogin prohibit-password" >> $sshd_config_path
|
||||
if ! grep -q "PermitRootLogin yes" $sshd_config_path; then
|
||||
echo "PermitRootLogin yes" >> $sshd_config_path
|
||||
fi
|
||||
service sshd restart
|
||||
else
|
||||
echo "Unsupported OS"
|
||||
exit 1
|
||||
|
@ -56,19 +58,21 @@ fi
|
|||
|
||||
wget https://git.launchpad.net/ubuntu/+source/cloud-utils/plain/bin/growpart
|
||||
if [ -e growpart ]; then
|
||||
sh ./growpart /dev/vda3; rm growpart
|
||||
sh ./growpart /dev/vda 3; rm growpart
|
||||
fi
|
||||
|
||||
|
||||
# TODO: Make sure to replace the following address with http://metadata
|
||||
# whenever we got http://metadata resolving to url work successfully.
|
||||
|
||||
metadata=$(curl http://[2a0a:e5c1:144::]:5000)
|
||||
echo "$metadata" | jq -r '.["ssh-key-list"] | .[]' > ssh-key-list.txt
|
||||
while read ssh_key; do
|
||||
if ! grep -q "$ssh_key" $ssh_authorized_keys_path; then
|
||||
echo $ssh_key >> $ssh_authorized_keys_path
|
||||
fi
|
||||
|
||||
ssh_key=$(echo $metadata | jq '.["ssh-key"]')
|
||||
ssh_key=echo $metadata | sed 's/"//g' # Removes quotation marks
|
||||
done < ssh-key-list.txt
|
||||
rm -f ssh-key-list.txt
|
||||
|
||||
# ssh_key="${ssh_key:1:-1}" # Removes quotation marks
|
||||
|
||||
if ! grep -q "$ssh_key" $ssh_authorized_keys_path; then
|
||||
echo $ssh_key >> $ssh_authorized_keys_path
|
||||
fi
|
||||
service sshd restart
|
||||
|
|
Loading…
Reference in New Issue