blob: 488f189bbab4e345bf4fe58cd22142ec2001f0e6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
#!/bin/bash
#
# LEAP Platform node initialization.
# This script is run on the target server when `leap node init` is run.
#
DEBIAN_JESSIE="^(jessie|8\.)"
DEBIAN_STRETCH="^(stretch|9\.)"
LEAP_DIR="/srv/leap"
HIERA_DIR="/etc/leap"
INIT_FILE="/srv/leap/initialized"
REQUIRED_PACKAGES="puppet rsync lsb-release locales"
PATH="/bin:/sbin:/usr/sbin:/usr/bin"
APT_GET="apt-get -q -y -o DPkg::Options::=--force-confold"
APT_GET_UPDATE="apt-get update -o Acquire::Languages=none"
BAD_APT_RESPONSE="(BADSIG|NO_PUBKEY|KEYEXPIRED|REVKEYSIG|NODATA|Could not resolve|failed to fetch)"
export DEBIAN_FRONTEND=noninteractive
test -f $INIT_FILE && rm $INIT_FILE
if egrep -q "$DEBIAN_STRETCH" /etc/debian_version; then
echo "WARNING: This operating system is under development. The file /etc/debian_version must match /$DEBIAN_JESSIE/ but is: `cat /etc/debian_version`"
elif ! egrep -q "$DEBIAN_JESSIE" /etc/debian_version; then
echo "ERROR: This operating system is not supported. The file /etc/debian_version must match /$DEBIAN_JESSIE/ but is: `cat /etc/debian_version`"
exit 1
fi
mkdir -p $LEAP_DIR
#
# UPDATE PACKAGES
# (exit code is not reliable, sadly)
#
echo "updating package list"
error_count=0
while read line; do
error=$(echo $line | egrep "$BAD_APT_RESPONSE")
if [[ $error ]]; then
errors[error_count]=$error
((error_count++))
break # should we halt on first error?
fi
echo $line
done < <($APT_GET_UPDATE 2>&1)
if [[ $error_count > 0 ]]; then
echo "ERROR: fatal error in 'apt-get update', bailing out."
for e in "${errors[@]}"; do
echo " $e"
done
exit 1
fi
/usr/bin/apt-get -q -y -o 'DPkg::Options::=--force-confold' dist-upgrade
#
# UPDATE TIME
#
if [[ ! $(which ntpd) ]]; then
echo "installing ntpd"
$APT_GET install ntp
exit_code=$?
if [[ $exit_code -ne 0 ]]; then
echo "ERROR: bailing out."
exit $exit_code
fi
fi
echo "updating server time"
systemctl -q is-active ntp.service && systemctl stop ntp.service
ntpd -gxq
systemctl -q is-active ntp.service || systemctl start ntp.service
#
# INSTALL PACKAGES
#
echo "installing required packages"
$APT_GET install $REQUIRED_PACKAGES
exit_code=$?
if [[ $exit_code -ne 0 ]]; then
echo "ERROR: bailing out."
exit $exit_code
fi
# need to have the locales package from above
if ! grep -q -e '^en_US.UTF-8' /etc/locale.gen 2> /dev/null; then
echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
/usr/sbin/locale-gen
fi
#
# FINALIZE
#
mkdir -p $HIERA_DIR
chmod 0755 $HIERA_DIR
touch $INIT_FILE
# Sometimes not all keys are already generated, happens more often
# with VMs
# that would give us errors in the get_ssh_keys_cmd during node init
/usr/bin/ssh-keygen -A
|