From: Ismaël Bouya Date: Thu, 15 Mar 2018 23:22:38 +0000 (+0100) Subject: Move scripts to separate chunks X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=c15f2234474ff8a8266e26856702b3c561050667;p=perso%2FImmae%2FProjets%2FPuppet.git Move scripts to separate chunks --- diff --git a/bin/install_script_ovh_cloud_instance.sh b/bin/install_script_ovh_cloud_instance.sh index 26e410e..e1c8a54 100755 --- a/bin/install_script_ovh_cloud_instance.sh +++ b/bin/install_script_ovh_cloud_instance.sh @@ -62,6 +62,7 @@ done DIRECTORY=$(cd `dirname $0` && pwd) PYTHON_DIRECTORY="$DIRECTORY/../python" +SCRIPTS="$DIRECTORY/../scripts" if [ -z "$instance_id" ]; then read -p "Id de l'instance : " instance_id @@ -82,10 +83,10 @@ if [ -z "$no_reboot" -a -z "$no_reboot_start" ]; then fi ARCH_DIR=`mktemp -d` -ARCH_HOST_SCRIPT="$ARCH_DIR/arch_host_script.sh" -ARCH_INSTALL_SCRIPT="$ARCH_DIR/arch_install_script.sh" -ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT="$ARCH_DIR/arch_host_puppet_configuration_script.sh" -ARCH_PUPPET_CONFIGURATION_SCRIPT="$ARCH_DIR/arch_puppet_configuration_script.sh" +ARCH_HOST_SCRIPT="$SCRIPTS/ovh_cloud_instance/arch_host_script.sh" +ARCH_INSTALL_SCRIPT="$SCRIPTS/arch_install_script.sh" +ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT="$SCRIPTS/ovh_cloud_instance/arch_host_puppet_configuration_script.sh" +ARCH_PUPPET_CONFIGURATION_SCRIPT="$SCRIPTS/arch_puppet_configuration_script.sh" ARCH_PUPPET_INITIAL_CONFIGURATION="$ARCH_DIR/puppet_variables.json" trap "rm -rf $ARCH_DIR" EXIT @@ -94,86 +95,17 @@ trap "rm -rf $ARCH_DIR" EXIT python $PYTHON_DIRECTORY/get_initial_configuration_cloud_instance.py $instance_id > $ARCH_PUPPET_INITIAL_CONFIGURATION host_address=$(python $PYTHON_DIRECTORY/get_initial_configuration_cloud_instance.py $instance_id | jq -r '.ips.v4.ipAddress') -cat > $ARCH_HOST_SCRIPT < $ARCH_INSTALL_SCRIPT < $ARCH_PUPPET_CONFIGURATION_SCRIPT < $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT < $ARCH_PUPPET_INITIAL_CONFIGURATION -cat > $ARCH_HOST_SCRIPT < /tmp/root.x86_64/etc/pacman.d/mirrorlist - -DEVICE_STR=\$(cat /proc/mounts | grep "/dev/[sv]d.. /mnt/") -DEVICE=\$(echo "\$DEVICE_STR" | cut -d' ' -f1) -MOUNTPOINT=\$(echo "\$DEVICE_STR" | cut -d' ' -f2) - -umount "\$DEVICE" -UUID=\$(lsblk -rno UUID "\$DEVICE") - -echo "\$UUID" > /tmp/root.x86_64/device_uuid - -cp /tmp/arch_chroot_script.sh /tmp/root.x86_64/ - -/tmp/root.x86_64/bin/arch-chroot /tmp/root.x86_64/ /arch_chroot_script.sh - -mount "\$DEVICE" - -cp /tmp/arch_install_script.sh "\$MOUNTPOINT/root/" -cp /tmp/puppet_variables.json "\$MOUNTPOINT/root/" - -/tmp/root.x86_64/bin/arch-chroot "\$MOUNTPOINT" /root/arch_install_script.sh -EOF - - -cat > $ARCH_CHROOT_SCRIPT < /mnt/etc/fstab - -umount /mnt -EOF - -cat > $ARCH_INSTALL_SCRIPT < $ARCH_PUPPET_CONFIGURATION_SCRIPT < $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT <" -W << 'EOF' dn: <%= @ldap_dn %> cn: <%= @ldap_cn %> @@ -14,12 +14,13 @@ objectclass: ipHost environment: <%= @environment %> userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> EOF -#### Or modify an existing entry: +#### Or modify an existing entry: ldapmodify -D "cn=root,<%= @ldap_base %>" -W << 'EOF' dn: <%= @ldap_dn %> changetype: modify replace: userPassword userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> +- replace: environment environment: <%= @environment %> <%- unless @ips.empty? -%> diff --git a/scripts/arch_install_script.sh b/scripts/arch_install_script.sh new file mode 100755 index 0000000..21e202f --- /dev/null +++ b/scripts/arch_install_script.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +git_branch="$1" +environment="$2" +CODE_PATH="/etc/puppetlabs/code" + +rm -rf $CODE_PATH + +git clone -b $git_branch --recursive https://git.immae.eu/perso/Immae/Projets/Puppet.git $CODE_PATH +puppet apply --environment $environment --tags base_installation --test $CODE_PATH/manifests/site.pp +# The password seed requires puppet to be run twice +puppet apply --environment $environment --tags base_installation --test $CODE_PATH/manifests/site.pp + diff --git a/scripts/arch_puppet_configuration_script.sh b/scripts/arch_puppet_configuration_script.sh new file mode 100755 index 0000000..caf8987 --- /dev/null +++ b/scripts/arch_puppet_configuration_script.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +git_branch="$1" +environment="$2" +CODE_PATH="/etc/puppetlabs/code" + +puppet apply --environment $environment --tags base_installation --test $CODE_PATH/manifests/site.pp + diff --git a/scripts/ovh_cloud_instance/arch_host_puppet_configuration_script.sh b/scripts/ovh_cloud_instance/arch_host_puppet_configuration_script.sh new file mode 100755 index 0000000..b58e255 --- /dev/null +++ b/scripts/ovh_cloud_instance/arch_host_puppet_configuration_script.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +git_branch="$1" +environment="$2" + +MOUNTPOINT=/mnt + +sudo cp /tmp/arch_puppet_configuration_script.sh "$MOUNTPOINT/root/" + +sudo arch-chroot "$MOUNTPOINT" /root/arch_puppet_configuration_script.sh "$git_branch" "$environment" + diff --git a/scripts/ovh_cloud_instance/arch_host_script.sh b/scripts/ovh_cloud_instance/arch_host_script.sh new file mode 100755 index 0000000..c188514 --- /dev/null +++ b/scripts/ovh_cloud_instance/arch_host_script.sh @@ -0,0 +1,50 @@ +#!/bin/bash + +set -e + +git_branch="$1" +environment="$2" + +# Randomizer +sudo haveged & +# /Randomizer + +# Prepare an arch chroot +sudo pacman -Sy --noconfirm arch-install-scripts +# /Prepare an arch chroot + +# Prepare device information +DEVICE=/dev/vdb1 +MOUNTPOINT=/mnt + +UUID=$(lsblk -rno UUID "$DEVICE") +PART="/dev/disk/by-uuid/$UUID" +# /Prepare device information + +# Install very basic system (base git puppet) +# mkfs.ext4 -F -U "$UUID" "$DEVICE" +sudo mount "$DEVICE" /mnt + +##### FIXME: mkfs.ext4 would be better #### +for i in /mnt/*; do + if [ "$i" = "/mnt/boot" ]; then + # keep /boot/grub + sudo rm -f $i/* + else + sudo rm -rf $i + fi +done +##### /FIXME #### + +sudo pacstrap /mnt base git puppet + +echo "$PART / auto defaults 0 1" | sudo tee /mnt/etc/fstab +# /Install very basic system + +# Install rest of system (via puppet) +sudo cp /tmp/arch_install_script.sh "$MOUNTPOINT/root/" +sudo cp /tmp/puppet_variables.json "$MOUNTPOINT/root/" + +sudo arch-chroot "$MOUNTPOINT" /root/arch_install_script.sh "$git_branch" "$environment" +# /Install rest of system + diff --git a/scripts/ovh_vps_ssd/arch_chroot_script.sh b/scripts/ovh_vps_ssd/arch_chroot_script.sh new file mode 100755 index 0000000..9dc5c46 --- /dev/null +++ b/scripts/ovh_vps_ssd/arch_chroot_script.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +pacman-key --init +pacman-key --populate archlinux + +UUID=$(cat /device_uuid) +PART="/dev/disk/by-uuid/$UUID" +DEVICE=$(realpath "$PART") + +# mkfs.ext4 -F -U "$UUID" "$DEVICE" +mount "$DEVICE" /mnt + +##### FIXME: mkfs.ext4 would be better #### +for i in /mnt/*; do + if [ "$i" = "/mnt/boot" ]; then + # keep /boot/grub + rm -f $i/* + else + rm -rf $i + fi +done +##### /FIXME #### + +pacstrap /mnt base git puppet + +echo "$PART / auto defaults 0 1" > /mnt/etc/fstab + +umount /mnt + diff --git a/scripts/ovh_vps_ssd/arch_host_puppet_configuration_script.sh b/scripts/ovh_vps_ssd/arch_host_puppet_configuration_script.sh new file mode 100755 index 0000000..dab8fac --- /dev/null +++ b/scripts/ovh_vps_ssd/arch_host_puppet_configuration_script.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +git_branch="$1" +environment="$2" + +DEVICE_STR=$(cat /proc/mounts | grep "/dev/[sv]d.. /mnt/") +DEVICE=$(echo "$DEVICE_STR" | cut -d' ' -f1) +MOUNTPOINT=$(echo "$DEVICE_STR" | cut -d' ' -f2) + +cp /tmp/arch_puppet_configuration_script.sh "$MOUNTPOINT/root/" + +/tmp/root.x86_64/bin/arch-chroot "$MOUNTPOINT" /root/arch_puppet_configuration_script.sh "$git_branch" "$environment" + diff --git a/scripts/ovh_vps_ssd/arch_host_script.sh b/scripts/ovh_vps_ssd/arch_host_script.sh new file mode 100755 index 0000000..8eecae4 --- /dev/null +++ b/scripts/ovh_vps_ssd/arch_host_script.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +set -e + +git_branch="$1" +environment="$2" + +# Randomizer +apt-get update +apt-get install -y haveged +haveged & +# /Randomizer + +# Prepare an arch chroot +cd /tmp + +LATEST=$(curl -L https://mirrors.kernel.org/archlinux/iso/latest/sha1sums.txt | grep "bootstrap" | head -n1) +SHA1=$(echo "$LATEST" | cut -d' ' -f1) +NAME=$(echo "$LATEST" | cut -d' ' -f3) + +curl -L -O "https://mirrors.kernel.org/archlinux/iso/latest/$NAME" + +tar -xzf "$NAME" + +echo 'Server = http://archlinux.mirrors.ovh.net/archlinux/$repo/os/$arch' > /tmp/root.x86_64/etc/pacman.d/mirrorlist +# /Prepare an arch chroot + +# Prepare device information (not available in chroot) +DEVICE_STR=$(cat /proc/mounts | grep "/dev/[sv]d.. /mnt/") +DEVICE=$(echo "$DEVICE_STR" | cut -d' ' -f1) +MOUNTPOINT=$(echo "$DEVICE_STR" | cut -d' ' -f2) + +umount "$DEVICE" +UUID=$(lsblk -rno UUID "$DEVICE") + +echo "$UUID" > /tmp/root.x86_64/device_uuid +# /Prepare device information + +# Install very basic system via chroot (base git puppet) +cp /tmp/arch_chroot_script.sh /tmp/root.x86_64/ + +/tmp/root.x86_64/bin/arch-chroot /tmp/root.x86_64/ /arch_chroot_script.sh +# /Install very basic system via chroot + +# Mount and install rest of system (via puppet) +mount "$DEVICE" + +cp /tmp/arch_install_script.sh "$MOUNTPOINT/root/" +cp /tmp/puppet_variables.json "$MOUNTPOINT/root/" + +/tmp/root.x86_64/bin/arch-chroot "$MOUNTPOINT" /root/arch_install_script.sh "$git_branch" "$environment" +# /Mount and install rest of system + diff --git a/scripts/send_and_run.tcl b/scripts/send_and_run.tcl new file mode 100755 index 0000000..a087a2d --- /dev/null +++ b/scripts/send_and_run.tcl @@ -0,0 +1,31 @@ +#!/usr/bin/expect -f +set dest [lindex $argv 0] +set password [lindex $argv 1] +set git_branch [lindex $argv 2] +set environment [lindex $argv 3] +set script [lindex $argv 4] +set files [lrange $argv 4 end] + +if {$password == ""} { + set ask_password 0 +} else { + set ask_password 1 +} + +set scriptname [file tail $script] + +set sshopts [split "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no"] + +set timeout -1 +spawn scp {*}$sshopts {*}$files $dest:/tmp +if {$ask_password} { + expect "assword:" + send "$password\n" +} +expect eof +spawn ssh {*}$sshopts $dest /tmp/$scriptname $git_branch $environment +if {$ask_password} { + expect "assword:" + send "$password\n" +} +expect eof