77 lines
1.9 KiB
Bash
Executable File
77 lines
1.9 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# Initialize an uncloud VM. This script depends on:
|
|
# curl grep getent (i.e. glibc) curl,dirname (i.e. coreutils)
|
|
|
|
###
|
|
# TODO: handle command-line parameters.
|
|
|
|
DEPLOY_SSH_AUTHORIZED_KEYS=1
|
|
OVERRIDE_EXISTING_SSH_AUTHORIZED_KEYS=0
|
|
GROW_ROOT_PARTITION=0
|
|
|
|
SSH_USER=root
|
|
SSH_DAEMON_CONFIG=/etc/ssh/sshd_config
|
|
UNCLOUD_METADATA_SERVER=https://key.wf
|
|
|
|
###
|
|
# SSH key deployment logic.
|
|
|
|
deploy_ssh_authorized_keys () {
|
|
# Ensure SSHD configuration can be found.
|
|
if [ ! -f "$SSH_DAEMON_CONFIG" ]; then
|
|
echo "Could not find SSHD configuration at $SSH_DAEMON_CONFIG" >&2
|
|
exit 1
|
|
fi
|
|
|
|
# Ensure that login is not prevented by SSHD configuration.
|
|
if [ "$SSH_USER" = "root" ]; then
|
|
if grep -q -e "^PermitRootLogin no$" "$SSH_DAEMON_CONFIG"; then
|
|
echo "PermitRootLogin yes" >> "$SSH_DAEMON_CONFIG"
|
|
fi
|
|
fi
|
|
|
|
# Get home directory of SSH_USER.
|
|
homedir=$(getent passwd "$SSH_USER" | cut -d: -f6)
|
|
if [ $? != 0 ]; then
|
|
echo "Could not resolve user $SSH_USER." >&2
|
|
exit 1
|
|
fi
|
|
|
|
# Fetch and deploy SSH keys from metadata server.
|
|
authorized_keys_file="$homedir/.ssh/authorized_keys"
|
|
mkdir -p $(dirname "$authorized_keys_file")
|
|
if [ -f "$authorized_keys_file" ] \
|
|
&& if [ ! $OVERRIDE_EXISTING_SSH_AUTHORIZED_KEYS ];
|
|
echo "Aborting SSH key deployement to not override existing $authorized_keys_file."
|
|
echo "You can change this behavior with the OVERRIDE_EXISTING_SSH_AUTHORIZED_KEYS flag."
|
|
return
|
|
fi
|
|
|
|
curl "$METDATA_SERVER/fnux" --output $authorized_keys_file
|
|
}
|
|
|
|
###
|
|
# Partition/filesystem growth logic.
|
|
|
|
grow_root_partition () {
|
|
# TODO
|
|
}
|
|
|
|
###
|
|
# Entrypoint.
|
|
|
|
if [ $DEPLOY_SSH_AUTHORIZED_KEYS ]; then
|
|
routine='SSH authorized_keys deployment routine'
|
|
echo "--- RUNNING $routine..."
|
|
deploy_ssh_authorized_keys()
|
|
echo "--- DONE with $routine."
|
|
fi
|
|
|
|
if [ $GROW_ROOT_PARTITION ]: then
|
|
routine='SSH authorized_keys deployment routine'
|
|
echo "--- RUNNING $routine..."
|
|
grow_root_partition()
|
|
echo "--- DONE with $routine."
|
|
fi
|