From ee5d485deb99aceec3f946343d519eab04fe114e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timoth=C3=A9e=20Floure?= Date: Thu, 23 Jan 2020 14:58:27 +0100 Subject: [PATCH] Add support for interfaces, safety checks, fix shellcheck errors --- README.md | 1 + uncloud-init | 68 +++++++++++++++++++++++++++++++++++++++------------- 2 files changed, 53 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 8a7f285..df45517 100644 --- a/README.md +++ b/README.md @@ -5,3 +5,4 @@ This tool takes care of initializing and maintaining virtual machines in * Growing root partition/filesystem when the underlying disk is expanded. * Fetch and deploy SSH keys. + * UP networks interfaces. diff --git a/uncloud-init b/uncloud-init index 0654060..d58374c 100755 --- a/uncloud-init +++ b/uncloud-init @@ -3,9 +3,19 @@ # Initialize an uncloud VM. This script depends on: # curl grep getent (i.e. glibc) curl,dirname (i.e. coreutils) +# TODO: complete other tasks even if one fail. +# TODO: do not up ALL network interfaces. +# TODO: write configuration instead of manually setting interfaces up? + +if [ "$(whoami)" != 'root' ]; then + echo "This script must be run as root." >&2 + exit 1 +fi + ### # TODO: handle command-line parameters. +ENABLE_NETWORKING=1 DEPLOY_SSH_AUTHORIZED_KEYS=1 OVERRIDE_EXISTING_SSH_AUTHORIZED_KEYS=0 GROW_ROOT_PARTITION=0 @@ -14,8 +24,14 @@ SSH_USER=root SSH_DAEMON_CONFIG=/etc/ssh/sshd_config UNCLOUD_METADATA_SERVER=https://key.wf +if [ ! $ENABLE_NETWORKING ] && [ $DEPLOY_SSH_AUTHORIZED_KEYS ]; then + echo "SSH key deployment requires networking, please review uncloud-init \ + configuration." >&2 + exit 1 +fi + ### -# SSH key deployment logic. +# Internal logic. deploy_ssh_authorized_keys () { # Ensure SSHD configuration can be found. @@ -31,46 +47,66 @@ deploy_ssh_authorized_keys () { fi fi - # Get home directory of SSH_USER. + # Get home directory of SSH_USER. User might not exist or have a home + # directory. homedir=$(getent passwd "$SSH_USER" | cut -d: -f6) - if [ $? != 0 ]; then - echo "Could not resolve user $SSH_USER." >&2 + if [ "$homedir" = "" ]; then + echo "Could not resolve home directory of user $SSH_USER." >&2 exit 1 fi # Fetch and deploy SSH keys from metadata server. authorized_keys_file="$homedir/.ssh/authorized_keys" - mkdir -p $(dirname "$authorized_keys_file") + mkdir -p "$(dirname "$authorized_keys_file")" if [ -f "$authorized_keys_file" ] \ - && if [ ! $OVERRIDE_EXISTING_SSH_AUTHORIZED_KEYS ]; + && [ ! $OVERRIDE_EXISTING_SSH_AUTHORIZED_KEYS ]; then echo "Aborting SSH key deployement to not override existing $authorized_keys_file." echo "You can change this behavior with the OVERRIDE_EXISTING_SSH_AUTHORIZED_KEYS flag." return fi - curl "$METDATA_SERVER/fnux" --output $authorized_keys_file + curl "$UNCLOUD_METADATA_SERVER/fnux" --output "$authorized_keys_file" } -### -# Partition/filesystem growth logic. - grow_root_partition () { - # TODO + growpart_script='uncloud-init-growpart' + if [ -x "$(command -v "$growpart_script")" ]; then + # TODO: this command seems quite fragile... + # sh growpart -q /dev/vda 3 > /dev/null; + true # no-op + else + echo "Could not find or execute $growpart_script." >&2 + exit 1 + fi +} + +up_network_interfaces () { + interfaces=$(ip -o link | cut -d: -f2 | grep -v '^ lo') + for i in $interfaces; do + ip link set dev "$i" up + done } ### # Entrypoint. -if [ $DEPLOY_SSH_AUTHORIZED_KEYS ]; then - routine='SSH authorized_keys deployment routine' +if [ $ENABLE_NETWORKING ]; then + routine='up main network interface' echo "--- RUNNING $routine..." - deploy_ssh_authorized_keys() + up_network_interfaces echo "--- DONE with $routine." fi -if [ $GROW_ROOT_PARTITION ]: then +if [ $DEPLOY_SSH_AUTHORIZED_KEYS ]; then routine='SSH authorized_keys deployment routine' echo "--- RUNNING $routine..." - grow_root_partition() + deploy_ssh_authorized_keys + echo "--- DONE with $routine." +fi + +if [ $GROW_ROOT_PARTITION ]; then + routine='growing root partition and filesystem' + echo "--- RUNNING $routine..." + grow_root_partition echo "--- DONE with $routine." fi