tombstones
/
kickstarts
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Cleaned up & commented. 

Annotated lines so that it's more obvious to their workings.
darren-patch-1
dave 3 years ago
parent
a35d808bcc
commit
d6114c5213
1 changed files with 14 additions and 13 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 27
      common/post.cfg

27
common/post.cfg
View File

@ -1,11 +1,14 @@
##
## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
##
## Note: these commands are all run by "root"
## Note: these commands are all run by "root" on the VM itself
## .. the finished file is found at /root/anaconda-ks.cfg
##
## adding "echo" lines in here don't actually write anything to the screen
##
## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
##
echo "Beginning common/post.cfg"
## -- UMASK
# strengthen the default umask
# we do this post-deploy so all users inherit the setting after modifying
@ -13,20 +16,20 @@ echo "Beginning common/post.cfg"
#
# resulting permissions is: 700 dirs, 600 files
#
echo "common/post.cfg: tightening umask"
sed -i 's/umask\s022/umask 077/' /etc/bashrc
sed -i 's/umask\s022/umask 077/' /etc/profile
sed -i 's/umask\s022/umask 077/' /etc/csh.cshrc
## -- create SSH keys in root's home dir:
# DEPLOY_S
# DEPLOY account. This key is pushed to gitea for puppet to use - the install actually uses hal's key first
ssh-keygen -q -b 4096 -t rsa -f /root/.ssh/id_rsa_deploy -N "" -C"deploy@$(hostname -s)"
# ROOT
# ROOT's key...
ssh-keygen -q -b 4096 -t rsa -f /root/.ssh/id_rsa -N ""
### Add "DEPLOY" alias to the SSH CONFIG file - this will be used to pull down Puppet updates
cat << EODEP > /root/.ssh/config
## -- used for puppet to pull down manifests --
Host deploy
User git
Hostname config.tombstones.org.uk
@ -35,26 +38,24 @@ Host deploy
IdentityFile /root/.ssh/id_rsa_deploy
EODEP
echo "common/post.cfg: registering deploy key"
### Register DEPLOY key with gitea
### Register this "deploy" account with gitea
curl -X POST "https://config.tombstones.org.uk:23000/api/v1/user/keys" \
-H "accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: token 2b2182bbbb7e52b3193c4c9718c6e96c372f8156" \
-d "{ \"key\": \"$(cat /root/.ssh/id_rsa_deploy.pub)\", \"read_only\": true, \"title\": \"$(hostname -s)-deploy-$(date +'%s')\"}"
## .. note: this key shows up in the list of keys for the "deploy" gitea user
## ...but also means files can be fetched over ssh using "git@deploy" as an alias
## -- REGISTER GIT HOST KEY AS KNOWN HOST
#ssh -o 'StrictHostKeyChecking no' config.tombstones.org.uk -p 22022 2>/dev/null | echo > /dev/null
ssh -o 'StrictHostKeyChecking no' deploy 2>/dev/null | echo > /dev/null
echo "common/post.cfg: installing git"
### PACKAGES
### install git and use that to begin deploying puppet configs
yum -y install git
echo "common/post.cfg: initial puppet configuration"
### -- begin Puppet common stuff (uses "deploy" key)
#
mkdir -p /var/lib/puppet/manifests
cd /var/lib/puppet/manifests
git clone git@deploy:/tombstones/puppet-common.git
#git clone ssh://git@config.tombstones.org.uk:22022/tombstones/puppet-common.git
git clone git@deploy:/tombstones/puppet-common.git
Write Preview
Loading…
Cancel
Save