[perso/Immae/Projets/Puppet.git] / bin / install_script.sh

#!/bin/bash

usage() {
cat <<EOF
  $0 [options]
  --help,-h               This help
  --vps vps_name          Name of the vps
  --password password     Password of the vps (only useful in case of no reboot)
  --reinstall-first       Start with reinstalling the vps
  --host-user user        Use another user (default: root)
  --no-reboot             Don't reboot
  --no-reboot-start       Don't reboot to rescue at the beginning
  --no-reboot-end         Don't reboot to normal at the end
  --git-branch            Use another puppet branch (default: master)
  --environment           Environment to use for the installl (default: production)
EOF
}

set -e

host_user=root
git_branch=master
environment=production

while [ -n "$1" ]; do
  case "$1" in
    --vps)
      vps_name="$2"
      shift
      ;;
    --reinstall-first)
      reinstall_first=1
      ;;
    --password)
      password="$2"
      shift
      ;;
    --host-user)
      host_user="$2"
      shift
      ;;
    --no-reboot)
      no_reboot=1
      ;;
    --no-reboot-start)
      no_reboot_start=1
      ;;
    --no-reboot-end)
      no_reboot_end=1
      ;;
    --git-branch)
      git_branch="$2"
      shift
      ;;
    --environment)
      environment="$2"
      shift
      ;;
    --help|-h)
      usage
      exit 0
      ;;
  esac

  shift
done

DIRECTORY=$(cd `dirname $0` && pwd)
PYTHON_DIRECTORY="$DIRECTORY/../python"

if [ -z "$vps_name" ]; then
  read -p "Nom du vps : " vps_name
fi

if [ -n "$reinstall_first" ]; then
  echo "Réinstallation du système"
  python $PYTHON_DIRECTORY/reinstall_vps_server.py --use-current "$vps_name"

  read -p "Appuyer sur une touche quand le serveur est prêt" ready
fi

if [ -z "$no_reboot" -a -z "$no_reboot_start" ]; then
  echo "Patienter le temps du reboot"
  python $PYTHON_DIRECTORY/reboot_vps_server.py --rescue "$vps_name"
fi

if [ -z "$password" ]; then
  stty -echo
  read -p "Mot de passe reçu par e-mail : " password; echo
  stty echo
fi

ARCH_DIR=`mktemp -d`
ARCH_HOST_SCRIPT="$ARCH_DIR/arch_host_script.sh"
ARCH_CHROOT_SCRIPT="$ARCH_DIR/arch_chroot_script.sh"
ARCH_INSTALL_SCRIPT="$ARCH_DIR/arch_install_script.sh"
ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT="$ARCH_DIR/arch_host_puppet_configuration_script.sh"
ARCH_PUPPET_CONFIGURATION_SCRIPT="$ARCH_DIR/arch_puppet_configuration_script.sh"
ARCH_PUPPET_INITIAL_CONFIGURATION="$ARCH_DIR/puppet_variables.json"

trap "rm -rf $ARCH_DIR" EXIT

#### Base installation stage
python $PYTHON_DIRECTORY/get_initial_configuration.py $vps_name > $ARCH_PUPPET_INITIAL_CONFIGURATION

cat > $ARCH_HOST_SCRIPT <<EOF
#!/bin/bash

apt-get update
apt-get install -y haveged
haveged &

cd /tmp

LATEST=\$(curl https://mirrors.kernel.org/archlinux/iso/latest/sha1sums.txt | grep "bootstrap" | head -n1)
SHA1=\$(echo "\$LATEST" | cut -d' ' -f1)
NAME=\$(echo "\$LATEST" | cut -d' ' -f3)

curl -O "https://mirrors.kernel.org/archlinux/iso/latest/\$NAME"

tar -xzf "\$NAME"

echo 'Server = http://archlinux.mirrors.ovh.net/archlinux/\$repo/os/\$arch' > /tmp/root.x86_64/etc/pacman.d/mirrorlist

DEVICE_STR=\$(cat /proc/mounts | grep "/dev/[sv]d.. /mnt/")
DEVICE=\$(echo "\$DEVICE_STR" | cut -d' ' -f1)
MOUNTPOINT=\$(echo "\$DEVICE_STR" | cut -d' ' -f2)

umount "\$DEVICE"
UUID=\$(lsblk -rno UUID "\$DEVICE")

echo "\$UUID" > /tmp/root.x86_64/device_uuid

cp /tmp/arch_chroot_script.sh /tmp/root.x86_64/

/tmp/root.x86_64/bin/arch-chroot /tmp/root.x86_64/ /arch_chroot_script.sh

mount "\$DEVICE"

cp /tmp/arch_install_script.sh "\$MOUNTPOINT/root/"
cp /tmp/puppet_variables.json "\$MOUNTPOINT/root/"

/tmp/root.x86_64/bin/arch-chroot "\$MOUNTPOINT" /root/arch_install_script.sh
EOF


cat > $ARCH_CHROOT_SCRIPT <<EOF
#!/bin/bash

pacman-key --init
pacman-key --populate archlinux

UUID=\$(cat /device_uuid)
PART="/dev/disk/by-uuid/\$UUID"
DEVICE=\$(realpath "\$PART")

# mkfs.ext4 -F -U "\$UUID" "\$DEVICE"
mount "\$DEVICE" /mnt

##### FIXME: mkfs.ext4 would be better ####
for i in /mnt/*; do
  if [ "\$i" = "/mnt/boot" ]; then
    # keep /boot/grub
    rm -f \$i/*
  else
    rm -rf \$i
  fi
done
##### /FIXME ####

pacstrap /mnt base git puppet

echo "\$PART / auto defaults 0 1" > /mnt/etc/fstab

umount /mnt
EOF

cat > $ARCH_INSTALL_SCRIPT <<EOF
CODE_PATH="/etc/puppetlabs/code"
rm -rf \$CODE_PATH
git clone -b $git_branch --recursive https://git.immae.eu/perso/Immae/Projets/Puppet.git \$CODE_PATH
puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp
# The password seed requires puppet to be run twice
puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp
EOF

chmod a+x $ARCH_HOST_SCRIPT $ARCH_CHROOT_SCRIPT $ARCH_INSTALL_SCRIPT

expect -f - <<EOF
set timeout -1
spawn scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $ARCH_PUPPET_INITIAL_CONFIGURATION $ARCH_HOST_SCRIPT $ARCH_CHROOT_SCRIPT $ARCH_INSTALL_SCRIPT $host_user@$vps_name:/tmp
expect "assword:"
send "$password\n"
expect eof
spawn ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $host_user@$vps_name /tmp/arch_host_script.sh
expect "assword:"
send "$password\r"
expect eof
EOF

### Role specific stage
read -p "Press key when LDAP is configured" i

cat > $ARCH_PUPPET_CONFIGURATION_SCRIPT <<EOF
CODE_PATH="/etc/puppetlabs/code"
puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp
EOF

cat > $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT <<EOF
DEVICE_STR=\$(cat /proc/mounts | grep "/dev/[sv]d.. /mnt/")
DEVICE=\$(echo "\$DEVICE_STR" | cut -d' ' -f1)
MOUNTPOINT=\$(echo "\$DEVICE_STR" | cut -d' ' -f2)

cp /tmp/arch_puppet_configuration_script.sh "\$MOUNTPOINT/root/"

/tmp/root.x86_64/bin/arch-chroot "\$MOUNTPOINT" /root/arch_puppet_configuration_script.sh
EOF

chmod a+x $ARCH_PUPPET_CONFIGURATION_SCRIPT $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT

expect -f - <<EOF
set timeout -1
spawn scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $ARCH_PUPPET_CONFIGURATION_SCRIPT $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT $host_user@$vps_name:/tmp
expect "assword:"
send "$password\n"
expect eof
spawn ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $host_user@$vps_name /tmp/arch_host_puppet_configuration_script.sh
expect "assword:"
send "$password\r"
expect eof
EOF

### Installation finished
if [ -z "$no_reboot" -a -z "$no_reboot_end" ]; then
  echo "Rebooting"
  python $PYTHON_DIRECTORY/reboot_vps_server.py --local "$vps_name"
fi
Commit	Line	Data
ec1096d8 IB	1	#!/bin/bash
ec1096d8 IB	2
3babc2c6 IB	3	usage() {
	4	cat <<EOF
	5	$0 [options]
	6	--help,-h This help
	7	--vps vps_name Name of the vps
	8	--password password Password of the vps (only useful in case of no reboot)
	9	--reinstall-first Start with reinstalling the vps
	10	--host-user user Use another user (default: root)
	11	--no-reboot Don't reboot
	12	--no-reboot-start Don't reboot to rescue at the beginning
	13	--no-reboot-end Don't reboot to normal at the end
	14	--git-branch Use another puppet branch (default: master)
85abd2fd	15	--environment Environment to use for the installl (default: production)
3babc2c6 IB	16	EOF
	17	}
	18
248bd83e IB	19	set -e
	20
	21	host_user=root
	22	git_branch=master
85abd2fd	23	environment=production
248bd83e IB	24
	25	while [ -n "$1" ]; do
	26	case "$1" in
	27	--vps)
	28	vps_name="$2"
	29	shift
	30	;;
	31	--reinstall-first)
	32	reinstall_first=1
	33	;;
	34	--password)
	35	password="$2"
	36	shift
	37	;;
	38	--host-user)
	39	host_user="$2"
	40	shift
	41	;;
	42	--no-reboot)
	43	no_reboot=1
	44	;;
	45	--no-reboot-start)
	46	no_reboot_start=1
	47	;;
	48	--no-reboot-end)
	49	no_reboot_end=1
	50	;;
	51	--git-branch)
	52	git_branch="$2"
	53	shift
	54	;;
85abd2fd IB	55	--environment)
	56	environment="$2"
	57	shift
	58	;;
3babc2c6 IB	59	--help\|-h)
	60	usage
	61	exit 0
	62	;;
248bd83e IB	63	esac
	64
	65	shift
	66	done
	67
ec1096d8 IB	68	DIRECTORY=$(cd `dirname $0` && pwd)
	69	PYTHON_DIRECTORY="$DIRECTORY/../python"
	70
248bd83e	71	if [ -z "$vps_name" ]; then
ec1096d8 IB	72	read -p "Nom du vps : " vps_name
	73	fi
	74
248bd83e IB	75	if [ -n "$reinstall_first" ]; then
	76	echo "Réinstallation du système"
	77	python $PYTHON_DIRECTORY/reinstall_vps_server.py --use-current "$vps_name"
	78
	79	read -p "Appuyer sur une touche quand le serveur est prêt" ready
	80	fi
	81
	82	if [ -z "$no_reboot" -a -z "$no_reboot_start" ]; then
	83	echo "Patienter le temps du reboot"
	84	python $PYTHON_DIRECTORY/reboot_vps_server.py --rescue "$vps_name"
	85	fi
ec1096d8	86
248bd83e IB	87	if [ -z "$password" ]; then
	88	stty -echo
	89	read -p "Mot de passe reçu par e-mail : " password; echo
	90	stty echo
	91	fi
ec1096d8 IB	92
	93	ARCH_DIR=`mktemp -d`
	94	ARCH_HOST_SCRIPT="$ARCH_DIR/arch_host_script.sh"
	95	ARCH_CHROOT_SCRIPT="$ARCH_DIR/arch_chroot_script.sh"
	96	ARCH_INSTALL_SCRIPT="$ARCH_DIR/arch_install_script.sh"
503e4cf5 IB	97	ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT="$ARCH_DIR/arch_host_puppet_configuration_script.sh"
503e4cf5 IB	98	ARCH_PUPPET_CONFIGURATION_SCRIPT="$ARCH_DIR/arch_puppet_configuration_script.sh"
248bd83e	99	ARCH_PUPPET_INITIAL_CONFIGURATION="$ARCH_DIR/puppet_variables.json"
ec1096d8 IB	100
	101	trap "rm -rf $ARCH_DIR" EXIT
	102
503e4cf5	103	#### Base installation stage
248bd83e IB	104	python $PYTHON_DIRECTORY/get_initial_configuration.py $vps_name > $ARCH_PUPPET_INITIAL_CONFIGURATION
248bd83e IB	105
ec1096d8 IB	106	cat > $ARCH_HOST_SCRIPT <<EOF
	107	#!/bin/bash
	108
	109	apt-get update
	110	apt-get install -y haveged
	111	haveged &
	112
	113	cd /tmp
	114
	115	LATEST=\$(curl https://mirrors.kernel.org/archlinux/iso/latest/sha1sums.txt \| grep "bootstrap" \| head -n1)
	116	SHA1=\$(echo "\$LATEST" \| cut -d' ' -f1)
	117	NAME=\$(echo "\$LATEST" \| cut -d' ' -f3)
	118
	119	curl -O "https://mirrors.kernel.org/archlinux/iso/latest/\$NAME"
	120
	121	tar -xzf "\$NAME"
	122
	123	echo 'Server = http://archlinux.mirrors.ovh.net/archlinux/\$repo/os/\$arch' > /tmp/root.x86_64/etc/pacman.d/mirrorlist
	124
28f9451d	125	DEVICE_STR=\$(cat /proc/mounts \| grep "/dev/[sv]d.. /mnt/")
ec1096d8 IB	126	DEVICE=\$(echo "\$DEVICE_STR" \| cut -d' ' -f1)
	127	MOUNTPOINT=\$(echo "\$DEVICE_STR" \| cut -d' ' -f2)
	128
	129	umount "\$DEVICE"
	130	UUID=\$(lsblk -rno UUID "\$DEVICE")
	131
	132	echo "\$UUID" > /tmp/root.x86_64/device_uuid
	133
	134	cp /tmp/arch_chroot_script.sh /tmp/root.x86_64/
	135
	136	/tmp/root.x86_64/bin/arch-chroot /tmp/root.x86_64/ /arch_chroot_script.sh
	137
	138	mount "\$DEVICE"
	139
	140	cp /tmp/arch_install_script.sh "\$MOUNTPOINT/root/"
248bd83e	141	cp /tmp/puppet_variables.json "\$MOUNTPOINT/root/"
ec1096d8 IB	142
	143	/tmp/root.x86_64/bin/arch-chroot "\$MOUNTPOINT" /root/arch_install_script.sh
	144	EOF
	145
	146
	147	cat > $ARCH_CHROOT_SCRIPT <<EOF
	148	#!/bin/bash
	149
	150	pacman-key --init
	151	pacman-key --populate archlinux
	152
	153	UUID=\$(cat /device_uuid)
	154	PART="/dev/disk/by-uuid/\$UUID"
	155	DEVICE=\$(realpath "\$PART")
	156
	157	# mkfs.ext4 -F -U "\$UUID" "\$DEVICE"
	158	mount "\$DEVICE" /mnt
	159
	160	##### FIXME: mkfs.ext4 would be better ####
	161	for i in /mnt/*; do
	162	if [ "\$i" = "/mnt/boot" ]; then
	163	# keep /boot/grub
	164	rm -f \$i/*
	165	else
	166	rm -rf \$i
	167	fi
	168	done
	169	##### /FIXME ####
	170
	171	pacstrap /mnt base git puppet
	172
	173	echo "\$PART / auto defaults 0 1" > /mnt/etc/fstab
	174
	175	umount /mnt
	176	EOF
	177
	178	cat > $ARCH_INSTALL_SCRIPT <<EOF
	179	CODE_PATH="/etc/puppetlabs/code"
	180	rm -rf \$CODE_PATH
248bd83e	181	git clone -b $git_branch --recursive https://git.immae.eu/perso/Immae/Projets/Puppet.git \$CODE_PATH
85abd2fd	182	puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp
ec1096d8	183	# The password seed requires puppet to be run twice
85abd2fd	184	puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp
ec1096d8 IB	185	EOF
	186
	187	chmod a+x $ARCH_HOST_SCRIPT $ARCH_CHROOT_SCRIPT $ARCH_INSTALL_SCRIPT
	188
	189	expect -f - <<EOF
	190	set timeout -1
248bd83e	191	spawn scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $ARCH_PUPPET_INITIAL_CONFIGURATION $ARCH_HOST_SCRIPT $ARCH_CHROOT_SCRIPT $ARCH_INSTALL_SCRIPT $host_user@$vps_name:/tmp
ec1096d8 IB	192	expect "assword:"
	193	send "$password\n"
	194	expect eof
248bd83e	195	spawn ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $host_user@$vps_name /tmp/arch_host_script.sh
ec1096d8 IB	196	expect "assword:"
	197	send "$password\r"
	198	expect eof
	199	EOF
	200
503e4cf5 IB	201	### Role specific stage
	202	read -p "Press key when LDAP is configured" i
	203
	204	cat > $ARCH_PUPPET_CONFIGURATION_SCRIPT <<EOF
	205	CODE_PATH="/etc/puppetlabs/code"
85abd2fd	206	puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp
503e4cf5 IB	207	EOF
	208
	209	cat > $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT <<EOF
28f9451d	210	DEVICE_STR=\$(cat /proc/mounts \| grep "/dev/[sv]d.. /mnt/")
503e4cf5 IB	211	DEVICE=\$(echo "\$DEVICE_STR" \| cut -d' ' -f1)
	212	MOUNTPOINT=\$(echo "\$DEVICE_STR" \| cut -d' ' -f2)
	213
	214	cp /tmp/arch_puppet_configuration_script.sh "\$MOUNTPOINT/root/"
	215
	216	/tmp/root.x86_64/bin/arch-chroot "\$MOUNTPOINT" /root/arch_puppet_configuration_script.sh
	217	EOF
	218
	219	chmod a+x $ARCH_PUPPET_CONFIGURATION_SCRIPT $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT
	220
	221	expect -f - <<EOF
	222	set timeout -1
248bd83e	223	spawn scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $ARCH_PUPPET_CONFIGURATION_SCRIPT $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT $host_user@$vps_name:/tmp
503e4cf5 IB	224	expect "assword:"
	225	send "$password\n"
	226	expect eof
248bd83e	227	spawn ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $host_user@$vps_name /tmp/arch_host_puppet_configuration_script.sh
503e4cf5 IB	228	expect "assword:"
	229	send "$password\r"
	230	expect eof
	231	EOF
	232
	233	### Installation finished
248bd83e	234	if [ -z "$no_reboot" -a -z "$no_reboot_end" ]; then
ec1096d8 IB	235	echo "Rebooting"
	236	python $PYTHON_DIRECTORY/reboot_vps_server.py --local "$vps_name"
	237	fi