diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-03-16 00:22:38 +0100 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-03-16 18:08:12 +0100 |
commit | c15f2234474ff8a8266e26856702b3c561050667 (patch) | |
tree | 5df6dfb44ee2d37fbd9cf7b701bdc7881c575857 | |
parent | 985b53a258ee18eaca8d437ae532c232a6d19921 (diff) | |
download | Puppet-c15f2234474ff8a8266e26856702b3c561050667.tar.gz Puppet-c15f2234474ff8a8266e26856702b3c561050667.tar.zst Puppet-c15f2234474ff8a8266e26856702b3c561050667.zip |
Move scripts to separate chunks
-rwxr-xr-x | bin/install_script_ovh_cloud_instance.sh | 88 | ||||
-rwxr-xr-x | bin/install_script_ovh_vps_ssd.sh | 136 | ||||
-rw-r--r-- | modules/base_installation/templates/puppet/host_ldap.info.erb | 5 | ||||
-rwxr-xr-x | scripts/arch_install_script.sh | 13 | ||||
-rwxr-xr-x | scripts/arch_puppet_configuration_script.sh | 8 | ||||
-rwxr-xr-x | scripts/ovh_cloud_instance/arch_host_puppet_configuration_script.sh | 11 | ||||
-rwxr-xr-x | scripts/ovh_cloud_instance/arch_host_script.sh | 50 | ||||
-rwxr-xr-x | scripts/ovh_vps_ssd/arch_chroot_script.sh | 29 | ||||
-rwxr-xr-x | scripts/ovh_vps_ssd/arch_host_puppet_configuration_script.sh | 13 | ||||
-rwxr-xr-x | scripts/ovh_vps_ssd/arch_host_script.sh | 53 | ||||
-rwxr-xr-x | scripts/send_and_run.tcl | 31 |
11 files changed, 232 insertions, 205 deletions
diff --git a/bin/install_script_ovh_cloud_instance.sh b/bin/install_script_ovh_cloud_instance.sh index 26e410e..e1c8a54 100755 --- a/bin/install_script_ovh_cloud_instance.sh +++ b/bin/install_script_ovh_cloud_instance.sh | |||
@@ -62,6 +62,7 @@ done | |||
62 | 62 | ||
63 | DIRECTORY=$(cd `dirname $0` && pwd) | 63 | DIRECTORY=$(cd `dirname $0` && pwd) |
64 | PYTHON_DIRECTORY="$DIRECTORY/../python" | 64 | PYTHON_DIRECTORY="$DIRECTORY/../python" |
65 | SCRIPTS="$DIRECTORY/../scripts" | ||
65 | 66 | ||
66 | if [ -z "$instance_id" ]; then | 67 | if [ -z "$instance_id" ]; then |
67 | read -p "Id de l'instance : " instance_id | 68 | read -p "Id de l'instance : " instance_id |
@@ -82,10 +83,10 @@ if [ -z "$no_reboot" -a -z "$no_reboot_start" ]; then | |||
82 | fi | 83 | fi |
83 | 84 | ||
84 | ARCH_DIR=`mktemp -d` | 85 | ARCH_DIR=`mktemp -d` |
85 | ARCH_HOST_SCRIPT="$ARCH_DIR/arch_host_script.sh" | 86 | ARCH_HOST_SCRIPT="$SCRIPTS/ovh_cloud_instance/arch_host_script.sh" |
86 | ARCH_INSTALL_SCRIPT="$ARCH_DIR/arch_install_script.sh" | 87 | ARCH_INSTALL_SCRIPT="$SCRIPTS/arch_install_script.sh" |
87 | ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT="$ARCH_DIR/arch_host_puppet_configuration_script.sh" | 88 | ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT="$SCRIPTS/ovh_cloud_instance/arch_host_puppet_configuration_script.sh" |
88 | ARCH_PUPPET_CONFIGURATION_SCRIPT="$ARCH_DIR/arch_puppet_configuration_script.sh" | 89 | ARCH_PUPPET_CONFIGURATION_SCRIPT="$SCRIPTS/arch_puppet_configuration_script.sh" |
89 | ARCH_PUPPET_INITIAL_CONFIGURATION="$ARCH_DIR/puppet_variables.json" | 90 | ARCH_PUPPET_INITIAL_CONFIGURATION="$ARCH_DIR/puppet_variables.json" |
90 | 91 | ||
91 | trap "rm -rf $ARCH_DIR" EXIT | 92 | trap "rm -rf $ARCH_DIR" EXIT |
@@ -94,86 +95,17 @@ trap "rm -rf $ARCH_DIR" EXIT | |||
94 | python $PYTHON_DIRECTORY/get_initial_configuration_cloud_instance.py $instance_id > $ARCH_PUPPET_INITIAL_CONFIGURATION | 95 | python $PYTHON_DIRECTORY/get_initial_configuration_cloud_instance.py $instance_id > $ARCH_PUPPET_INITIAL_CONFIGURATION |
95 | host_address=$(python $PYTHON_DIRECTORY/get_initial_configuration_cloud_instance.py $instance_id | jq -r '.ips.v4.ipAddress') | 96 | host_address=$(python $PYTHON_DIRECTORY/get_initial_configuration_cloud_instance.py $instance_id | jq -r '.ips.v4.ipAddress') |
96 | 97 | ||
97 | cat > $ARCH_HOST_SCRIPT <<EOF | 98 | dest="$host_user@$host_address" |
98 | #!/bin/bash | 99 | files="$ARCH_HOST_SCRIPT $ARCH_PUPPET_INITIAL_CONFIGURATION $ARCH_INSTALL_SCRIPT" |
99 | |||
100 | sudo haveged & | ||
101 | sudo pacman -Sy --noconfirm arch-install-scripts | ||
102 | |||
103 | DEVICE=/dev/vdb1 | ||
104 | MOUNTPOINT=/mnt | ||
105 | |||
106 | UUID=\$(lsblk -rno UUID "\$DEVICE") | ||
107 | PART="/dev/disk/by-uuid/\$UUID" | ||
108 | |||
109 | # mkfs.ext4 -F -U "\$UUID" "\$DEVICE" | ||
110 | sudo mount "\$DEVICE" /mnt | ||
111 | |||
112 | ##### FIXME: mkfs.ext4 would be better #### | ||
113 | for i in /mnt/*; do | ||
114 | if [ "\$i" = "/mnt/boot" ]; then | ||
115 | # keep /boot/grub | ||
116 | sudo rm -f \$i/* | ||
117 | else | ||
118 | sudo rm -rf \$i | ||
119 | fi | ||
120 | done | ||
121 | ##### /FIXME #### | ||
122 | |||
123 | sudo pacstrap /mnt base git puppet | ||
124 | |||
125 | echo "\$PART / auto defaults 0 1" | sudo tee /mnt/etc/fstab | ||
126 | 100 | ||
127 | sudo cp /tmp/arch_install_script.sh "\$MOUNTPOINT/root/" | 101 | $SCRIPTS/send_and_run.tcl "$dest" "" "$git_branch" "$environment" $files |
128 | sudo cp /tmp/puppet_variables.json "\$MOUNTPOINT/root/" | ||
129 | |||
130 | sudo arch-chroot "\$MOUNTPOINT" /root/arch_install_script.sh | ||
131 | EOF | ||
132 | |||
133 | cat > $ARCH_INSTALL_SCRIPT <<EOF | ||
134 | CODE_PATH="/etc/puppetlabs/code" | ||
135 | rm -rf \$CODE_PATH | ||
136 | git clone -b $git_branch --recursive https://git.immae.eu/perso/Immae/Projets/Puppet.git \$CODE_PATH | ||
137 | puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp | ||
138 | # The password seed requires puppet to be run twice | ||
139 | puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp | ||
140 | EOF | ||
141 | |||
142 | chmod a+x $ARCH_HOST_SCRIPT $ARCH_INSTALL_SCRIPT | ||
143 | |||
144 | expect -f - <<EOF | ||
145 | set timeout -1 | ||
146 | spawn scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $ARCH_PUPPET_INITIAL_CONFIGURATION $ARCH_HOST_SCRIPT $ARCH_INSTALL_SCRIPT $host_user@$host_address:/tmp | ||
147 | expect eof | ||
148 | spawn ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $host_user@$host_address /tmp/arch_host_script.sh | ||
149 | expect eof | ||
150 | EOF | ||
151 | 102 | ||
152 | ### Role specific stage | 103 | ### Role specific stage |
153 | read -p "Press key when LDAP is configured" i | 104 | read -p "Press key when LDAP is configured" i |
154 | 105 | ||
155 | cat > $ARCH_PUPPET_CONFIGURATION_SCRIPT <<EOF | 106 | files="$ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT $ARCH_PUPPET_CONFIGURATION_SCRIPT" |
156 | CODE_PATH="/etc/puppetlabs/code" | ||
157 | puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp | ||
158 | EOF | ||
159 | |||
160 | cat > $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT <<EOF | ||
161 | MOUNTPOINT=/mnt | ||
162 | 107 | ||
163 | sudo cp /tmp/arch_puppet_configuration_script.sh "\$MOUNTPOINT/root/" | 108 | $SCRIPTS/send_and_run.tcl "$dest" "" "$git_branch" "$environment" $files |
164 | |||
165 | sudo arch-chroot "\$MOUNTPOINT" /root/arch_puppet_configuration_script.sh | ||
166 | EOF | ||
167 | |||
168 | chmod a+x $ARCH_PUPPET_CONFIGURATION_SCRIPT $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT | ||
169 | |||
170 | expect -f - <<EOF | ||
171 | set timeout -1 | ||
172 | spawn scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $ARCH_PUPPET_CONFIGURATION_SCRIPT $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT $host_user@$host_address:/tmp | ||
173 | expect eof | ||
174 | spawn ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $host_user@$host_address /tmp/arch_host_puppet_configuration_script.sh | ||
175 | expect eof | ||
176 | EOF | ||
177 | 109 | ||
178 | ### Installation finished | 110 | ### Installation finished |
179 | if [ -z "$no_reboot" -a -z "$no_reboot_end" ]; then | 111 | if [ -z "$no_reboot" -a -z "$no_reboot_end" ]; then |
diff --git a/bin/install_script_ovh_vps_ssd.sh b/bin/install_script_ovh_vps_ssd.sh index 6b1aa39..b5b0efb 100755 --- a/bin/install_script_ovh_vps_ssd.sh +++ b/bin/install_script_ovh_vps_ssd.sh | |||
@@ -67,6 +67,7 @@ done | |||
67 | 67 | ||
68 | DIRECTORY=$(cd `dirname $0` && pwd) | 68 | DIRECTORY=$(cd `dirname $0` && pwd) |
69 | PYTHON_DIRECTORY="$DIRECTORY/../python" | 69 | PYTHON_DIRECTORY="$DIRECTORY/../python" |
70 | SCRIPTS="$DIRECTORY/../scripts" | ||
70 | 71 | ||
71 | if [ -z "$vps_name" ]; then | 72 | if [ -z "$vps_name" ]; then |
72 | read -p "Nom du vps : " vps_name | 73 | read -p "Nom du vps : " vps_name |
@@ -91,11 +92,11 @@ if [ -z "$password" ]; then | |||
91 | fi | 92 | fi |
92 | 93 | ||
93 | ARCH_DIR=`mktemp -d` | 94 | ARCH_DIR=`mktemp -d` |
94 | ARCH_HOST_SCRIPT="$ARCH_DIR/arch_host_script.sh" | 95 | ARCH_HOST_SCRIPT="$SCRIPTS/ovh_vps_ssd/arch_host_script.sh" |
95 | ARCH_CHROOT_SCRIPT="$ARCH_DIR/arch_chroot_script.sh" | 96 | ARCH_CHROOT_SCRIPT="$SCRIPTS/ovh_vps_ssd/arch_chroot_script.sh" |
96 | ARCH_INSTALL_SCRIPT="$ARCH_DIR/arch_install_script.sh" | 97 | ARCH_INSTALL_SCRIPT="$SCRIPTS/arch_install_script.sh" |
97 | ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT="$ARCH_DIR/arch_host_puppet_configuration_script.sh" | 98 | ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT="$SCRIPTS/ovh_vps_ssd/arch_host_puppet_configuration_script.sh" |
98 | ARCH_PUPPET_CONFIGURATION_SCRIPT="$ARCH_DIR/arch_puppet_configuration_script.sh" | 99 | ARCH_PUPPET_CONFIGURATION_SCRIPT="$SCRIPTS/arch_puppet_configuration_script.sh" |
99 | ARCH_PUPPET_INITIAL_CONFIGURATION="$ARCH_DIR/puppet_variables.json" | 100 | ARCH_PUPPET_INITIAL_CONFIGURATION="$ARCH_DIR/puppet_variables.json" |
100 | 101 | ||
101 | trap "rm -rf $ARCH_DIR" EXIT | 102 | trap "rm -rf $ARCH_DIR" EXIT |
@@ -103,132 +104,17 @@ trap "rm -rf $ARCH_DIR" EXIT | |||
103 | #### Base installation stage | 104 | #### Base installation stage |
104 | python $PYTHON_DIRECTORY/get_initial_configuration.py $vps_name > $ARCH_PUPPET_INITIAL_CONFIGURATION | 105 | python $PYTHON_DIRECTORY/get_initial_configuration.py $vps_name > $ARCH_PUPPET_INITIAL_CONFIGURATION |
105 | 106 | ||
106 | cat > $ARCH_HOST_SCRIPT <<EOF | 107 | dest="$host_user@$vps_name" |
107 | #!/bin/bash | 108 | files="$ARCH_HOST_SCRIPT $ARCH_CHROOT_SCRIPT $ARCH_PUPPET_INITIAL_CONFIGURATION $ARCH_INSTALL_SCRIPT" |
108 | |||
109 | apt-get update | ||
110 | apt-get install -y haveged | ||
111 | haveged & | ||
112 | |||
113 | cd /tmp | ||
114 | |||
115 | LATEST=\$(curl https://mirrors.kernel.org/archlinux/iso/latest/sha1sums.txt | grep "bootstrap" | head -n1) | ||
116 | SHA1=\$(echo "\$LATEST" | cut -d' ' -f1) | ||
117 | NAME=\$(echo "\$LATEST" | cut -d' ' -f3) | ||
118 | |||
119 | curl -O "https://mirrors.kernel.org/archlinux/iso/latest/\$NAME" | ||
120 | |||
121 | tar -xzf "\$NAME" | ||
122 | |||
123 | echo 'Server = http://archlinux.mirrors.ovh.net/archlinux/\$repo/os/\$arch' > /tmp/root.x86_64/etc/pacman.d/mirrorlist | ||
124 | |||
125 | DEVICE_STR=\$(cat /proc/mounts | grep "/dev/[sv]d.. /mnt/") | ||
126 | DEVICE=\$(echo "\$DEVICE_STR" | cut -d' ' -f1) | ||
127 | MOUNTPOINT=\$(echo "\$DEVICE_STR" | cut -d' ' -f2) | ||
128 | |||
129 | umount "\$DEVICE" | ||
130 | UUID=\$(lsblk -rno UUID "\$DEVICE") | ||
131 | |||
132 | echo "\$UUID" > /tmp/root.x86_64/device_uuid | ||
133 | |||
134 | cp /tmp/arch_chroot_script.sh /tmp/root.x86_64/ | ||
135 | |||
136 | /tmp/root.x86_64/bin/arch-chroot /tmp/root.x86_64/ /arch_chroot_script.sh | ||
137 | |||
138 | mount "\$DEVICE" | ||
139 | |||
140 | cp /tmp/arch_install_script.sh "\$MOUNTPOINT/root/" | ||
141 | cp /tmp/puppet_variables.json "\$MOUNTPOINT/root/" | ||
142 | |||
143 | /tmp/root.x86_64/bin/arch-chroot "\$MOUNTPOINT" /root/arch_install_script.sh | ||
144 | EOF | ||
145 | |||
146 | |||
147 | cat > $ARCH_CHROOT_SCRIPT <<EOF | ||
148 | #!/bin/bash | ||
149 | 109 | ||
150 | pacman-key --init | 110 | $SCRIPTS/send_and_run.tcl "$dest" "$password" "$git_branch" "$environment" $files |
151 | pacman-key --populate archlinux | ||
152 | |||
153 | UUID=\$(cat /device_uuid) | ||
154 | PART="/dev/disk/by-uuid/\$UUID" | ||
155 | DEVICE=\$(realpath "\$PART") | ||
156 | |||
157 | # mkfs.ext4 -F -U "\$UUID" "\$DEVICE" | ||
158 | mount "\$DEVICE" /mnt | ||
159 | |||
160 | ##### FIXME: mkfs.ext4 would be better #### | ||
161 | for i in /mnt/*; do | ||
162 | if [ "\$i" = "/mnt/boot" ]; then | ||
163 | # keep /boot/grub | ||
164 | rm -f \$i/* | ||
165 | else | ||
166 | rm -rf \$i | ||
167 | fi | ||
168 | done | ||
169 | ##### /FIXME #### | ||
170 | |||
171 | pacstrap /mnt base git puppet | ||
172 | |||
173 | echo "\$PART / auto defaults 0 1" > /mnt/etc/fstab | ||
174 | |||
175 | umount /mnt | ||
176 | EOF | ||
177 | |||
178 | cat > $ARCH_INSTALL_SCRIPT <<EOF | ||
179 | CODE_PATH="/etc/puppetlabs/code" | ||
180 | rm -rf \$CODE_PATH | ||
181 | git clone -b $git_branch --recursive https://git.immae.eu/perso/Immae/Projets/Puppet.git \$CODE_PATH | ||
182 | puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp | ||
183 | # The password seed requires puppet to be run twice | ||
184 | puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp | ||
185 | EOF | ||
186 | |||
187 | chmod a+x $ARCH_HOST_SCRIPT $ARCH_CHROOT_SCRIPT $ARCH_INSTALL_SCRIPT | ||
188 | |||
189 | expect -f - <<EOF | ||
190 | set timeout -1 | ||
191 | spawn scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $ARCH_PUPPET_INITIAL_CONFIGURATION $ARCH_HOST_SCRIPT $ARCH_CHROOT_SCRIPT $ARCH_INSTALL_SCRIPT $host_user@$vps_name:/tmp | ||
192 | expect "assword:" | ||
193 | send "$password\n" | ||
194 | expect eof | ||
195 | spawn ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $host_user@$vps_name /tmp/arch_host_script.sh | ||
196 | expect "assword:" | ||
197 | send "$password\r" | ||
198 | expect eof | ||
199 | EOF | ||
200 | 111 | ||
201 | ### Role specific stage | 112 | ### Role specific stage |
202 | read -p "Press key when LDAP is configured" i | 113 | read -p "Press key when LDAP is configured" i |
203 | 114 | ||
204 | cat > $ARCH_PUPPET_CONFIGURATION_SCRIPT <<EOF | 115 | files="$ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT $ARCH_PUPPET_CONFIGURATION_SCRIPT" |
205 | CODE_PATH="/etc/puppetlabs/code" | ||
206 | puppet apply --environment $environment --tags base_installation --test \$CODE_PATH/manifests/site.pp | ||
207 | EOF | ||
208 | |||
209 | cat > $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT <<EOF | ||
210 | DEVICE_STR=\$(cat /proc/mounts | grep "/dev/[sv]d.. /mnt/") | ||
211 | DEVICE=\$(echo "\$DEVICE_STR" | cut -d' ' -f1) | ||
212 | MOUNTPOINT=\$(echo "\$DEVICE_STR" | cut -d' ' -f2) | ||
213 | 116 | ||
214 | cp /tmp/arch_puppet_configuration_script.sh "\$MOUNTPOINT/root/" | 117 | $SCRIPTS/send_and_run.tcl "$dest" "$password" "$git_branch" "$environment" $files |
215 | |||
216 | /tmp/root.x86_64/bin/arch-chroot "\$MOUNTPOINT" /root/arch_puppet_configuration_script.sh | ||
217 | EOF | ||
218 | |||
219 | chmod a+x $ARCH_PUPPET_CONFIGURATION_SCRIPT $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT | ||
220 | |||
221 | expect -f - <<EOF | ||
222 | set timeout -1 | ||
223 | spawn scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $ARCH_PUPPET_CONFIGURATION_SCRIPT $ARCH_HOST_PUPPET_CONFIGURATION_SCRIPT $host_user@$vps_name:/tmp | ||
224 | expect "assword:" | ||
225 | send "$password\n" | ||
226 | expect eof | ||
227 | spawn ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no $host_user@$vps_name /tmp/arch_host_puppet_configuration_script.sh | ||
228 | expect "assword:" | ||
229 | send "$password\r" | ||
230 | expect eof | ||
231 | EOF | ||
232 | 118 | ||
233 | ### Installation finished | 119 | ### Installation finished |
234 | if [ -z "$no_reboot" -a -z "$no_reboot_end" ]; then | 120 | if [ -z "$no_reboot" -a -z "$no_reboot_end" ]; then |
diff --git a/modules/base_installation/templates/puppet/host_ldap.info.erb b/modules/base_installation/templates/puppet/host_ldap.info.erb index a71c6f3..9c79d3c 100644 --- a/modules/base_installation/templates/puppet/host_ldap.info.erb +++ b/modules/base_installation/templates/puppet/host_ldap.info.erb | |||
@@ -1,4 +1,4 @@ | |||
1 | #### Please add this node to LDAP: | 1 | [0;35m#### Please add this node to LDAP:[0m |
2 | ldapadd -D "cn=root,<%= @ldap_base %>" -W << 'EOF' | 2 | ldapadd -D "cn=root,<%= @ldap_base %>" -W << 'EOF' |
3 | dn: <%= @ldap_dn %> | 3 | dn: <%= @ldap_dn %> |
4 | cn: <%= @ldap_cn %> | 4 | cn: <%= @ldap_cn %> |
@@ -14,12 +14,13 @@ objectclass: ipHost | |||
14 | environment: <%= @environment %> | 14 | environment: <%= @environment %> |
15 | userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> | 15 | userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> |
16 | EOF | 16 | EOF |
17 | #### Or modify an existing entry: | 17 | [0;35m#### Or modify an existing entry:[0m |
18 | ldapmodify -D "cn=root,<%= @ldap_base %>" -W << 'EOF' | 18 | ldapmodify -D "cn=root,<%= @ldap_base %>" -W << 'EOF' |
19 | dn: <%= @ldap_dn %> | 19 | dn: <%= @ldap_dn %> |
20 | changetype: modify | 20 | changetype: modify |
21 | replace: userPassword | 21 | replace: userPassword |
22 | userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> | 22 | userpassword: {SSHA}<%= Base64.encode64(Digest::SHA1.digest(@ldap_password+@ssha_ldap_seed)+@ssha_ldap_seed).chomp! %> |
23 | - | ||
23 | replace: environment | 24 | replace: environment |
24 | environment: <%= @environment %> | 25 | environment: <%= @environment %> |
25 | <%- unless @ips.empty? -%> | 26 | <%- unless @ips.empty? -%> |
diff --git a/scripts/arch_install_script.sh b/scripts/arch_install_script.sh new file mode 100755 index 0000000..21e202f --- /dev/null +++ b/scripts/arch_install_script.sh | |||
@@ -0,0 +1,13 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | git_branch="$1" | ||
4 | environment="$2" | ||
5 | CODE_PATH="/etc/puppetlabs/code" | ||
6 | |||
7 | rm -rf $CODE_PATH | ||
8 | |||
9 | git clone -b $git_branch --recursive https://git.immae.eu/perso/Immae/Projets/Puppet.git $CODE_PATH | ||
10 | puppet apply --environment $environment --tags base_installation --test $CODE_PATH/manifests/site.pp | ||
11 | # The password seed requires puppet to be run twice | ||
12 | puppet apply --environment $environment --tags base_installation --test $CODE_PATH/manifests/site.pp | ||
13 | |||
diff --git a/scripts/arch_puppet_configuration_script.sh b/scripts/arch_puppet_configuration_script.sh new file mode 100755 index 0000000..caf8987 --- /dev/null +++ b/scripts/arch_puppet_configuration_script.sh | |||
@@ -0,0 +1,8 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | git_branch="$1" | ||
4 | environment="$2" | ||
5 | CODE_PATH="/etc/puppetlabs/code" | ||
6 | |||
7 | puppet apply --environment $environment --tags base_installation --test $CODE_PATH/manifests/site.pp | ||
8 | |||
diff --git a/scripts/ovh_cloud_instance/arch_host_puppet_configuration_script.sh b/scripts/ovh_cloud_instance/arch_host_puppet_configuration_script.sh new file mode 100755 index 0000000..b58e255 --- /dev/null +++ b/scripts/ovh_cloud_instance/arch_host_puppet_configuration_script.sh | |||
@@ -0,0 +1,11 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | git_branch="$1" | ||
4 | environment="$2" | ||
5 | |||
6 | MOUNTPOINT=/mnt | ||
7 | |||
8 | sudo cp /tmp/arch_puppet_configuration_script.sh "$MOUNTPOINT/root/" | ||
9 | |||
10 | sudo arch-chroot "$MOUNTPOINT" /root/arch_puppet_configuration_script.sh "$git_branch" "$environment" | ||
11 | |||
diff --git a/scripts/ovh_cloud_instance/arch_host_script.sh b/scripts/ovh_cloud_instance/arch_host_script.sh new file mode 100755 index 0000000..c188514 --- /dev/null +++ b/scripts/ovh_cloud_instance/arch_host_script.sh | |||
@@ -0,0 +1,50 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | set -e | ||
4 | |||
5 | git_branch="$1" | ||
6 | environment="$2" | ||
7 | |||
8 | # Randomizer | ||
9 | sudo haveged & | ||
10 | # /Randomizer | ||
11 | |||
12 | # Prepare an arch chroot | ||
13 | sudo pacman -Sy --noconfirm arch-install-scripts | ||
14 | # /Prepare an arch chroot | ||
15 | |||
16 | # Prepare device information | ||
17 | DEVICE=/dev/vdb1 | ||
18 | MOUNTPOINT=/mnt | ||
19 | |||
20 | UUID=$(lsblk -rno UUID "$DEVICE") | ||
21 | PART="/dev/disk/by-uuid/$UUID" | ||
22 | # /Prepare device information | ||
23 | |||
24 | # Install very basic system (base git puppet) | ||
25 | # mkfs.ext4 -F -U "$UUID" "$DEVICE" | ||
26 | sudo mount "$DEVICE" /mnt | ||
27 | |||
28 | ##### FIXME: mkfs.ext4 would be better #### | ||
29 | for i in /mnt/*; do | ||
30 | if [ "$i" = "/mnt/boot" ]; then | ||
31 | # keep /boot/grub | ||
32 | sudo rm -f $i/* | ||
33 | else | ||
34 | sudo rm -rf $i | ||
35 | fi | ||
36 | done | ||
37 | ##### /FIXME #### | ||
38 | |||
39 | sudo pacstrap /mnt base git puppet | ||
40 | |||
41 | echo "$PART / auto defaults 0 1" | sudo tee /mnt/etc/fstab | ||
42 | # /Install very basic system | ||
43 | |||
44 | # Install rest of system (via puppet) | ||
45 | sudo cp /tmp/arch_install_script.sh "$MOUNTPOINT/root/" | ||
46 | sudo cp /tmp/puppet_variables.json "$MOUNTPOINT/root/" | ||
47 | |||
48 | sudo arch-chroot "$MOUNTPOINT" /root/arch_install_script.sh "$git_branch" "$environment" | ||
49 | # /Install rest of system | ||
50 | |||
diff --git a/scripts/ovh_vps_ssd/arch_chroot_script.sh b/scripts/ovh_vps_ssd/arch_chroot_script.sh new file mode 100755 index 0000000..9dc5c46 --- /dev/null +++ b/scripts/ovh_vps_ssd/arch_chroot_script.sh | |||
@@ -0,0 +1,29 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | pacman-key --init | ||
4 | pacman-key --populate archlinux | ||
5 | |||
6 | UUID=$(cat /device_uuid) | ||
7 | PART="/dev/disk/by-uuid/$UUID" | ||
8 | DEVICE=$(realpath "$PART") | ||
9 | |||
10 | # mkfs.ext4 -F -U "$UUID" "$DEVICE" | ||
11 | mount "$DEVICE" /mnt | ||
12 | |||
13 | ##### FIXME: mkfs.ext4 would be better #### | ||
14 | for i in /mnt/*; do | ||
15 | if [ "$i" = "/mnt/boot" ]; then | ||
16 | # keep /boot/grub | ||
17 | rm -f $i/* | ||
18 | else | ||
19 | rm -rf $i | ||
20 | fi | ||
21 | done | ||
22 | ##### /FIXME #### | ||
23 | |||
24 | pacstrap /mnt base git puppet | ||
25 | |||
26 | echo "$PART / auto defaults 0 1" > /mnt/etc/fstab | ||
27 | |||
28 | umount /mnt | ||
29 | |||
diff --git a/scripts/ovh_vps_ssd/arch_host_puppet_configuration_script.sh b/scripts/ovh_vps_ssd/arch_host_puppet_configuration_script.sh new file mode 100755 index 0000000..dab8fac --- /dev/null +++ b/scripts/ovh_vps_ssd/arch_host_puppet_configuration_script.sh | |||
@@ -0,0 +1,13 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | git_branch="$1" | ||
4 | environment="$2" | ||
5 | |||
6 | DEVICE_STR=$(cat /proc/mounts | grep "/dev/[sv]d.. /mnt/") | ||
7 | DEVICE=$(echo "$DEVICE_STR" | cut -d' ' -f1) | ||
8 | MOUNTPOINT=$(echo "$DEVICE_STR" | cut -d' ' -f2) | ||
9 | |||
10 | cp /tmp/arch_puppet_configuration_script.sh "$MOUNTPOINT/root/" | ||
11 | |||
12 | /tmp/root.x86_64/bin/arch-chroot "$MOUNTPOINT" /root/arch_puppet_configuration_script.sh "$git_branch" "$environment" | ||
13 | |||
diff --git a/scripts/ovh_vps_ssd/arch_host_script.sh b/scripts/ovh_vps_ssd/arch_host_script.sh new file mode 100755 index 0000000..8eecae4 --- /dev/null +++ b/scripts/ovh_vps_ssd/arch_host_script.sh | |||
@@ -0,0 +1,53 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | set -e | ||
4 | |||
5 | git_branch="$1" | ||
6 | environment="$2" | ||
7 | |||
8 | # Randomizer | ||
9 | apt-get update | ||
10 | apt-get install -y haveged | ||
11 | haveged & | ||
12 | # /Randomizer | ||
13 | |||
14 | # Prepare an arch chroot | ||
15 | cd /tmp | ||
16 | |||
17 | LATEST=$(curl -L https://mirrors.kernel.org/archlinux/iso/latest/sha1sums.txt | grep "bootstrap" | head -n1) | ||
18 | SHA1=$(echo "$LATEST" | cut -d' ' -f1) | ||
19 | NAME=$(echo "$LATEST" | cut -d' ' -f3) | ||
20 | |||
21 | curl -L -O "https://mirrors.kernel.org/archlinux/iso/latest/$NAME" | ||
22 | |||
23 | tar -xzf "$NAME" | ||
24 | |||
25 | echo 'Server = http://archlinux.mirrors.ovh.net/archlinux/$repo/os/$arch' > /tmp/root.x86_64/etc/pacman.d/mirrorlist | ||
26 | # /Prepare an arch chroot | ||
27 | |||
28 | # Prepare device information (not available in chroot) | ||
29 | DEVICE_STR=$(cat /proc/mounts | grep "/dev/[sv]d.. /mnt/") | ||
30 | DEVICE=$(echo "$DEVICE_STR" | cut -d' ' -f1) | ||
31 | MOUNTPOINT=$(echo "$DEVICE_STR" | cut -d' ' -f2) | ||
32 | |||
33 | umount "$DEVICE" | ||
34 | UUID=$(lsblk -rno UUID "$DEVICE") | ||
35 | |||
36 | echo "$UUID" > /tmp/root.x86_64/device_uuid | ||
37 | # /Prepare device information | ||
38 | |||
39 | # Install very basic system via chroot (base git puppet) | ||
40 | cp /tmp/arch_chroot_script.sh /tmp/root.x86_64/ | ||
41 | |||
42 | /tmp/root.x86_64/bin/arch-chroot /tmp/root.x86_64/ /arch_chroot_script.sh | ||
43 | # /Install very basic system via chroot | ||
44 | |||
45 | # Mount and install rest of system (via puppet) | ||
46 | mount "$DEVICE" | ||
47 | |||
48 | cp /tmp/arch_install_script.sh "$MOUNTPOINT/root/" | ||
49 | cp /tmp/puppet_variables.json "$MOUNTPOINT/root/" | ||
50 | |||
51 | /tmp/root.x86_64/bin/arch-chroot "$MOUNTPOINT" /root/arch_install_script.sh "$git_branch" "$environment" | ||
52 | # /Mount and install rest of system | ||
53 | |||
diff --git a/scripts/send_and_run.tcl b/scripts/send_and_run.tcl new file mode 100755 index 0000000..a087a2d --- /dev/null +++ b/scripts/send_and_run.tcl | |||
@@ -0,0 +1,31 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | set dest [lindex $argv 0] | ||
3 | set password [lindex $argv 1] | ||
4 | set git_branch [lindex $argv 2] | ||
5 | set environment [lindex $argv 3] | ||
6 | set script [lindex $argv 4] | ||
7 | set files [lrange $argv 4 end] | ||
8 | |||
9 | if {$password == ""} { | ||
10 | set ask_password 0 | ||
11 | } else { | ||
12 | set ask_password 1 | ||
13 | } | ||
14 | |||
15 | set scriptname [file tail $script] | ||
16 | |||
17 | set sshopts [split "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no"] | ||
18 | |||
19 | set timeout -1 | ||
20 | spawn scp {*}$sshopts {*}$files $dest:/tmp | ||
21 | if {$ask_password} { | ||
22 | expect "assword:" | ||
23 | send "$password\n" | ||
24 | } | ||
25 | expect eof | ||
26 | spawn ssh {*}$sshopts $dest /tmp/$scriptname $git_branch $environment | ||
27 | if {$ask_password} { | ||
28 | expect "assword:" | ||
29 | send "$password\n" | ||
30 | } | ||
31 | expect eof | ||