Make debian iaas prepare scripts handle ubuntu
Now ubuntu also uses the updated way of preparing iaas instances like debian did before, actually the debian scripts have been remade to also handle ubuntu so we use a common code path. Usage (what scripts to call) stay the same, but the underlying operations takes less logins to complete.
This commit is contained in:
parent
6c621aa5f1
commit
16a6a67fd1
|
@ -1,11 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
#
|
|
||||||
# This script is called from prepare-iaas-debian after logging in via ssh as
|
|
||||||
# the default "debian" user
|
|
||||||
#
|
|
||||||
set -ex
|
|
||||||
|
|
||||||
sudo cp -r /home/debian/.ssh /root/
|
|
||||||
sudo chown -R root:root /root/.ssh
|
|
||||||
sudo chmod 700 /root/.ssh
|
|
||||||
sudo chmod 600 /root/.ssh/authorized_keys
|
|
17
iaas-enable-root.sh
Executable file
17
iaas-enable-root.sh
Executable file
|
@ -0,0 +1,17 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
#
|
||||||
|
# This script is called from prepare-iaas-$os after logging in via ssh as
|
||||||
|
# the default user existing in cloud images
|
||||||
|
#
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
os=$(lsb_release -si | tr '[:upper:]' '[:lower:]')
|
||||||
|
if [ "$os" != "ubuntu" ] && [ "$os" != "debian" ]; then
|
||||||
|
echo "unsupported os: '$os'"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
sudo cp -r /home/"$os"/.ssh /root/
|
||||||
|
sudo chown -R root:root /root/.ssh
|
||||||
|
sudo chmod 700 /root/.ssh
|
||||||
|
sudo chmod 600 /root/.ssh/authorized_keys
|
|
@ -1,10 +1,16 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
#
|
#
|
||||||
# This script is called from prepare-iaas-debian after logging in over ssh as
|
# This script is called from prepare-iaas-$os after logging in over ssh as
|
||||||
# the root user
|
# the root user
|
||||||
#
|
#
|
||||||
set -x
|
set -x
|
||||||
|
|
||||||
|
os=$(lsb_release -si | tr '[:upper:]' '[:lower:]')
|
||||||
|
if [ "$os" != "ubuntu" ] && [ "$os" != "debian" ]; then
|
||||||
|
echo "unsupported os: '$os'"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
# Get rid of ugly perl messages when running from macOS:
|
# Get rid of ugly perl messages when running from macOS:
|
||||||
# ===
|
# ===
|
||||||
# apt-listchanges: Reading changelogs...
|
# apt-listchanges: Reading changelogs...
|
||||||
|
@ -20,26 +26,27 @@ set -x
|
||||||
# ===
|
# ===
|
||||||
export LC_CTYPE=C.UTF-8
|
export LC_CTYPE=C.UTF-8
|
||||||
|
|
||||||
# Make sure there is no systemd process running as "debian" after the "enable
|
# Make sure there is no systemd process running as the initial cloud image user
|
||||||
# root" step in prepare-iaas-debian. If there are any proceses still running as
|
# # after the "enable root" step in prepare-iaas-$os. If there are any #
|
||||||
# the "debian" user the "userdel" command below will fail.
|
# proceses still running as the specified user the "userdel" command # below
|
||||||
|
# will fail.
|
||||||
#
|
#
|
||||||
# Depending on how long we have waited between running the "enable root"
|
# Depending on how long we have waited between running the "enable root"
|
||||||
# script and this one it is possible the process has timed out on its own,
|
# script and this one it is possible the process has timed out on its own,
|
||||||
# so run this command before doing "set -e" in case there is no process
|
# so run this command before doing "set -e" in case there is no process
|
||||||
# to match.
|
# to match.
|
||||||
pkill -u debian -xf "/lib/systemd/systemd --user"
|
pkill -u "$os" -xf "/lib/systemd/systemd --user"
|
||||||
|
|
||||||
# Make sure the process has gone away before continuing
|
# Make sure the process has gone away before continuing
|
||||||
sleep_seconds=1
|
sleep_seconds=1
|
||||||
attempt=1
|
attempt=1
|
||||||
max_attempts=10
|
max_attempts=10
|
||||||
while pgrep -u debian -xf "/lib/systemd/systemd --user"; do
|
while pgrep -u "$os" -xf "/lib/systemd/systemd --user"; do
|
||||||
if [ $attempt -gt $max_attempts ]; then
|
if [ $attempt -gt $max_attempts ]; then
|
||||||
echo "failed waiting for systemd process to exit, please investigate"
|
echo "failed waiting for systemd process to exit, please investigate"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
echo "systemd process still running as debian user, this is attempt $attempt out of $max_attempts, sleeping for $sleep_seconds seconds..."
|
echo "systemd process still running as '$os' user, this is attempt $attempt out of $max_attempts, sleeping for $sleep_seconds seconds..."
|
||||||
sleep $sleep_seconds
|
sleep $sleep_seconds
|
||||||
attempt=$((attempt + 1))
|
attempt=$((attempt + 1))
|
||||||
done
|
done
|
||||||
|
@ -49,9 +56,9 @@ set -e
|
||||||
|
|
||||||
# While the man page for "userdel" recommends using "deluser" we can not
|
# While the man page for "userdel" recommends using "deluser" we can not
|
||||||
# run "deluser" with "--remove-home" without installing more than the
|
# run "deluser" with "--remove-home" without installing more than the
|
||||||
# already included `perl-base` package, so stick with the low level
|
# already included `perl-base` package on debian, so stick with the low
|
||||||
# utility.
|
# level utility.
|
||||||
userdel --remove debian
|
userdel --remove "$os"
|
||||||
rm /etc/sudoers.d/*
|
rm /etc/sudoers.d/*
|
||||||
|
|
||||||
# Make sure en_US.UTF-8 is present in the system, expected by at least
|
# Make sure en_US.UTF-8 is present in the system, expected by at least
|
|
@ -17,12 +17,9 @@ set -x
|
||||||
script_dir=$(dirname "$0")
|
script_dir=$(dirname "$0")
|
||||||
|
|
||||||
# The reason for running two separate logins is that it is tricky to
|
# The reason for running two separate logins is that it is tricky to
|
||||||
# remove the initial debian user while logged in as that same user:
|
# remove the initial user while logged in as that same user:
|
||||||
# ===
|
# ===
|
||||||
# Removing user `debian' ...
|
# userdel: user debian is currently used by process 1082
|
||||||
# Warning: group `debian' has no more members.
|
|
||||||
# userdel: user debian is currently used by process 12081
|
|
||||||
# /usr/sbin/deluser: `/sbin/userdel debian' returned error code 8. Exiting.
|
|
||||||
# ===
|
# ===
|
||||||
ssh "debian@${ip}" "bash -s" < "$script_dir"/debian-enable-root.sh
|
ssh "debian@${ip}" "bash -s" < "$script_dir"/iaas-enable-root.sh
|
||||||
ssh "root@${ip}" "bash -s" < "$script_dir"/debian-setup.sh
|
ssh "root@${ip}" "bash -s" < "$script_dir"/iaas-setup.sh
|
||||||
|
|
|
@ -12,13 +12,14 @@ fi
|
||||||
|
|
||||||
set -x
|
set -x
|
||||||
|
|
||||||
ssh "ubuntu@${ip}" sudo cp -r /home/ubuntu/.ssh /root/
|
# Make sure we read the additional scripts from the same directory as
|
||||||
ssh "ubuntu@${ip}" sudo chown -R root:root /root/.ssh
|
# this script is located at
|
||||||
ssh "ubuntu@${ip}" sudo chmod 700 /root/.ssh
|
script_dir=$(dirname "$0")
|
||||||
ssh "ubuntu@${ip}" sudo chmod 600 /root/.ssh/authorized_keys
|
|
||||||
ssh "root@${ip}" deluser ubuntu
|
# The reason for running two separate logins is that it is tricky to
|
||||||
ssh "root@${ip}" rm /home/ubuntu -rf
|
# remove the initial user while logged in as that same user:
|
||||||
ssh "root@${ip}" rm /etc/sudoers.d/*
|
# ===
|
||||||
ssh "root@${ip}" DEBIAN_FRONTEND="noninteractive" apt-get -y update
|
# userdel: user ubuntu is currently used by process 44063
|
||||||
ssh "root@${ip}" DEBIAN_FRONTEND="noninteractive" apt-get -o Dpkg::Options::="--force-confnew" --fix-broken --assume-yes dist-upgrade
|
# ===
|
||||||
ssh "root@${ip}" reboot
|
ssh "ubuntu@${ip}" "bash -s" < "$script_dir"/iaas-enable-root.sh
|
||||||
|
ssh "root@${ip}" "bash -s" < "$script_dir"/iaas-setup.sh
|
||||||
|
|
Loading…
Reference in a new issue