#!/bin/sh set -e export NACL_URL="{{ nacl_url }}" SCRIPT_DIR="/opt/ffho/sbin" export PATH="${PATH}:${SCRIPT_DIR}" apt install -y \ python3-netifaces \ salt-minion \ screen \ vim echo # Download scripts echo "Downloading scripts to ${SCRIPT_DIR}... " for script in register_ssh_keys get_fqdn ffho-first-boot.sh ; do echo " * ${script} " rm -f -- "${SCRIPT_DIR}/${script}" wget -q -P "${SCRIPT_DIR}" "http://noc.ffho.net/provision/${script}" chmod +x "${SCRIPT_DIR}/${script}" done echo "done." echo "" # Register SSH keys of this node echo "Registering SSH keys..." register_ssh_keys --mac echo "" ################################################################################ # Set hostname # ################################################################################ fqdn="$(${SCRIPT_DIR}/get_fqdn --mac)" if [ $? != 0 ]; then echo "Failed to get FQDN, dying of shame." >&2 exit 1 fi echo "According to NACL we are ${fqdn}, hi there!" hostname=$(echo $fqdn | cut -d. -f1) echo -n "Checking hostname... " if [ "$(hostname -f)" = "${fqdn}" ]; then echo "OK." else echo -n "fixing... " echo "${hostname}" > /etc/hostname sed -i -e "s/^127.0.1.1.*/127.0.1.1 ${fqdn} ${hostname}/" /etc/hosts echo "done." fi echo ################################################################################ # Set up Salt minion # ################################################################################ echo -n "Configuring Salt minion..." echo "${fqdn}" > /etc/salt/minion_id cat << EOF > /etc/salt/minion # # Salt minion config (Salt managed) # master: {{ salt_master_fqdn }} master_port: 4506 ipv6: True # When waiting for a master to accept the minion's public key, salt will # continuously attempt to reconnect until successful. This is the time, in # seconds, between those reconnection attempts. acceptance_wait_time: 10 # If this is nonzero, the time between reconnection attempts will increase by # acceptance_wait_time seconds per iteration, up to this maximum. If this is # set to zero, the time between reconnection attempts will stay constant. acceptance_wait_time_max: 0 # Cache rendered pillar data on the minion. Default is False. # This may cause 'cachedir'/pillar to contain sensitive data that should be # protected accordingly. minion_pillar_cache: False # Set this option to 'True' to force a 'KeyError' to be raised whenever an # attempt to retrieve a named value from pillar fails. When this option is set # to 'False', the failed attempt returns an empty string. Default is 'False'. pillar_raise_on_missing: True # The state_verbose and state_output settings can be used to change the way # state system data is printed to the display. By default all data is printed. # The state_verbose setting can be set to True or False, when set to False # all data that has a result of True and no changes will be suppressed. state_verbose: False # The state_output_diff setting changes whether or not the output from # successful states is returned. Useful when even the terse output of these # states is cluttering the logs. Set it to True to ignore them. #state_output_diff: False # The state_output_profile setting changes whether profile information # will be shown for each state run. #state_output_profile: True EOF echo "done." echo ################################################################################ # Set up first boot service # ################################################################################ wget -q -P /etc/systemd/system/ http://noc.ffho.net/provision/ffho-first-boot.service rm -f -- /etc/systemd/system/multi-user.target.wants/ffho-first-boot.service ln -s /etc/systemd/system/ffho-first-boot.service /etc/systemd/system/multi-user.target.wants # Cool, we're done here mkdir -p /etc/freifunk touch /etc/freifunk/late-command-OK