From e4065465210632a02d57b63c35886e7683a4199b Mon Sep 17 00:00:00 2001 From: dave Date: Sun, 15 Sep 2024 16:21:05 +0100 Subject: [PATCH] Delete 'albert/kickstart-post.cfg' --- albert/kickstart-post.cfg | 80 ----------------------------------------------- 1 file changed, 80 deletions(-) delete mode 100644 albert/kickstart-post.cfg diff --git a/albert/kickstart-post.cfg b/albert/kickstart-post.cfg deleted file mode 100644 index e10e4b4..0000000 --- a/albert/kickstart-post.cfg +++ /dev/null @@ -1,80 +0,0 @@ -## -## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -## -## Note: these commands are all run by "root" on the VM itself -## .. the finished file is found at /root/anaconda-ks.cfg -## -## adding "echo" lines in here don't actually write anything to the screen -## -## ... these are new commands to test out the puppet-common-albert configs -## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -## - -## -- for increased logging: -#set -x - -## -- UMASK -# strengthen the default umask -# we do this post-deploy so all users inherit the setting after modifying -# /etc/bashrc -# -# resulting permissions is: 700 dirs, 600 files -# -sed -i 's/umask\s022/umask 077/' /etc/bashrc -sed -i 's/umask\s022/umask 077/' /etc/profile -sed -i 's/umask\s022/umask 077/' /etc/csh.cshrc - -#echo "yum exists in: $(which yum)" - -### install git and use that to begin deploying puppet configs -## -- doesn't seem to fully like the -y here... keeps pausing and asking to continue -#dnf -y install wget -#yum -y install wget -#yum -y install git - - -## -- create SSH keys in root's home dir: -# DEPLOY account. This key is pushed to gitea for puppet to use - the install actually uses hal's key first -ssh-keygen -q -b 4096 -t rsa -f /root/.ssh/id_rsa_deploy -N "" -C"deploy@$(hostname -s)" -# ROOT's key... -ssh-keygen -q -b 4096 -t rsa -f /root/.ssh/id_rsa -N "" - -### Add "DEPLOY" alias to the SSH CONFIG file - this will be used to pull down Puppet updates -cat << EODEP > /root/.ssh/config -Host deploy - User git - Hostname config.tombstones.org.uk - Port 22022 - ## port 23000 - StrictHostKeyChecking no - IdentityFile /root/.ssh/id_rsa_deploy -EODEP - -### Register this "deploy" account with gitea -curl -X POST "https://config.tombstones.org.uk:23000/api/v1/user/keys" \ --H "accept: application/json" \ --H "Content-Type: application/json" \ --H "Authorization: token 2b2182bbbb7e52b3193c4c9718c6e96c372f8156" \ --d "{ \"key\": \"$(cat /root/.ssh/id_rsa_deploy.pub)\", \"read_only\": true, \"title\": \"$(hostname -s)-deploy-$(date +'%s')\"}" - -## .. note: this key shows up in the list of keys for the "deploy" gitea user -## ...but also means files can be fetched over ssh using "git@deploy" as an alias - -## -- REGISTER GIT HOST KEY AS KNOWN HOST -#ssh -o 'StrictHostKeyChecking no' config.tombstones.org.uk -p 22022 2>/dev/null | echo > /dev/null -ssh -o 'StrictHostKeyChecking no' deploy 2>/dev/null | echo > /dev/null - - - -### -- begin Puppet common stuff (uses "deploy" key) -#mkdir -p /var/lib/puppet/manifests -#cd /var/lib/puppet/manifests -## -- may be an issue with this syntax, not sure... -#git clone git@deploy:/tombstones/puppet-common.git -#git clone ssh://deploy:/tombstones/puppet-common.git - -## -- using puppet-common-albert instead. -#git clone deploy:/tombstones/puppet-common-albert.git - -## ============ end of kickstarts/albert/kickstart-post.cfg ================= -