Add user-data.sh
This commit is contained in:
parent
33e7efe3bb
commit
72f5b33226
1 changed files with 109 additions and 0 deletions
109
user-data.sh
Normal file
109
user-data.sh
Normal file
|
@ -0,0 +1,109 @@
|
|||
#!/bin/bash
|
||||
set -e # Exit on any error
|
||||
|
||||
# Define user and flag locations
|
||||
USRNAME=fastsoul
|
||||
FLAG_DIR=/var/lib/cloud/scripts/user
|
||||
mkdir -p "$FLAG_DIR"
|
||||
|
||||
# --- Step 1: Create user ---
|
||||
if [ ! -f "$FLAG_DIR/.user_created.flag" ]; then
|
||||
echo "Creating user: $USRNAME"
|
||||
if ! id "$USRNAME" &>/dev/null; then
|
||||
useradd "$USRNAME" -s /bin/bash -d /home/"$USRNAME" -m || { echo "User creation failed"; exit 1; }
|
||||
chown -R "$USRNAME":"$USRNAME" /home/"$USRNAME"
|
||||
else
|
||||
echo "User $USRNAME already exists. Skipping creation."
|
||||
fi
|
||||
touch "$FLAG_DIR/.user_created.flag"
|
||||
fi
|
||||
|
||||
# --- Step 2: Create SSH directory and authorized_keys file ---
|
||||
if [ ! -f "$FLAG_DIR/.ssh_setup.flag" ]; then
|
||||
echo "Setting up SSH for $USRNAME"
|
||||
mkdir -p "/home/$USRNAME/.ssh"
|
||||
touch "/home/$USRNAME/.ssh/authorized_keys"
|
||||
chown -R "$USRNAME":"$USRNAME" "/home/$USRNAME/.ssh"
|
||||
chmod 700 "/home/$USRNAME/.ssh"
|
||||
chmod 600 "/home/$USRNAME/.ssh/authorized_keys"
|
||||
touch "$FLAG_DIR/.ssh_setup.flag"
|
||||
fi
|
||||
|
||||
# --- Step 3: Add SSH keys to authorized_keys ---
|
||||
if [ ! -f "$FLAG_DIR/.ssh_keys_added.flag" ]; then
|
||||
echo "Adding SSH keys to authorized_keys"
|
||||
cat << EOF >> /home/$USRNAME/.ssh/authorized_keys
|
||||
cert-authority ssh-rsa AAAAB3NzaXXXX== user@example.com
|
||||
|
||||
ssh-rsa AAAAB3NzaYYYYYYYYYYYYYYYYYYYYYYYYYYYYQ==
|
||||
|
||||
ssh-rsa AAAAB3NzaXXXXXXXXXXXXXXXXXXXXXXXXXXXXQ==
|
||||
EOF
|
||||
|
||||
if [ $? -eq 0 ]; then
|
||||
chown -R "$USRNAME":"$USRNAME" "/home/$USRNAME/.ssh/authorized_keys"
|
||||
touch "$FLAG_DIR/.ssh_keys_added.flag"
|
||||
else
|
||||
echo "Failed to write SSH keys to authorized_keys"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# --- Step 4: Set NOPASSWD sudoers ---
|
||||
if [ ! -f "$FLAG_DIR/.sudoers_set.flag" ]; then
|
||||
echo "Setting up NOPASSWD sudo for $USRNAME"
|
||||
echo "$USRNAME ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/"$USRNAME" || { echo "Failed to write sudoers file"; exit 1; }
|
||||
touch "$FLAG_DIR/.sudoers_set.flag"
|
||||
fi
|
||||
|
||||
# --- Step 5: Install python3-apt for Ansible support ---
|
||||
if [ ! -f "$FLAG_DIR/.python_installed.flag" ]; then
|
||||
echo "Updating APT and installing python3-apt"
|
||||
apt update -y || { echo "APT update failed"; exit 1; }
|
||||
apt install -y python3-apt || { echo "Failed to install python3-apt"; exit 1; }
|
||||
touch "$FLAG_DIR/.python_installed.flag"
|
||||
fi
|
||||
|
||||
# --- Step 6: Download Ripcord and SYNterloper from Git ---
|
||||
if [ ! -f "$FLAG_DIR/.scripts_downloaded.flag" ]; then
|
||||
echo "Downloading Ripcord and SYNterloper scripts"
|
||||
curl -fsSL -o /usr/local/sbin/ripcord.sh https://git.r21.io/primemover/user-data/raw/branch/master/ripcord/ripcord.sh || { echo "Ripcord download failed"; exit 1; }
|
||||
curl -fsSL -o /usr/local/sbin/synterloper.sh https://git.r21.io/primemover/user-data/raw/branch/master/synterloper/synterloper.sh || { echo "SYNterloper download failed"; exit 1; }
|
||||
chmod +x /usr/local/sbin/ripcord.sh /usr/local/sbin/synterloper.sh || { echo "chmod failed"; exit 1; }
|
||||
touch "$FLAG_DIR/.scripts_downloaded.flag"
|
||||
fi
|
||||
|
||||
# --- Step 7: Setup Ripcord systemd service ---
|
||||
if [ ! -f "$FLAG_DIR/.ripcord_setup.flag" ]; then
|
||||
echo "Setting up Ripcord systemd service"
|
||||
cat << EOF | sudo tee /etc/systemd/system/ripcord.service
|
||||
[Unit]
|
||||
Description=Ripcord Emergency Disk Space Reserve
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/usr/local/sbin/ripcord.sh
|
||||
ExecStartPost=/bin/sh -c "systemctl disable ripcord.service"
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
|
||||
systemctl enable ripcord.service || { echo "Failed to enable Ripcord service"; exit 1; }
|
||||
touch "$FLAG_DIR/.ripcord_setup.flag"
|
||||
fi
|
||||
|
||||
# --- Step 8: Install SYNterloper ---
|
||||
if [ ! -f "$FLAG_DIR/.synterloper_installed.flag" ]; then
|
||||
echo "Installing SYNterloper"
|
||||
/usr/local/sbin/synterloper.sh install || { echo "SYNterloper install failed"; exit 1; }
|
||||
touch "$FLAG_DIR/.synterloper_installed.flag"
|
||||
fi
|
||||
|
||||
# --- Final Step: Mark completion ---
|
||||
if [ ! -f "$FLAG_DIR/.user_data_complete.flag" ]; then
|
||||
echo "Marking user-data completion"
|
||||
touch /root/user_data_completed.txt
|
||||
touch "$FLAG_DIR/.user_data_complete.flag"
|
||||
fi
|
||||
|
||||
echo "All steps completed successfully."
|
||||
exit 0
|
Loading…
Add table
Add a link
Reference in a new issue