|
#!/bin/bash
|
|
set -e
|
|
|
|
echo "# Running [fqdn] host initial configuration"
|
|
|
|
|
|
|
|
foreman_curl() {
|
|
curl --silent --show-error -o /dev/null --noproxy \* "$@"
|
|
}
|
|
|
|
exit_and_cancel_build() {
|
|
echo 'Host [fqdn] initial configuration failed'
|
|
foreman_curl --request POST 'http://foreman.domain.tld/unattended/failed?token=65bf52b0-c7a0-4d7e-8236-3eac52699149' \
|
|
--data 'Host initial configuration failed, please see the registration log for more details.'
|
|
exit 1
|
|
}
|
|
|
|
set +e
|
|
trap 'exit_and_cancel_build' ERR
|
|
|
|
|
|
if [ -f /usr/bin/dnf ]; then
|
|
dnf -y install puppet-agent
|
|
else
|
|
yum -t -y install puppet-agent
|
|
fi
|
|
|
|
cat > /etc/puppetlabs/puppet/puppet.conf << EOF
|
|
[main]
|
|
|
|
[agent]
|
|
pluginsync = true
|
|
report = true
|
|
certname = fqdn
|
|
|
|
EOF
|
|
|
|
|
|
puppet_unit=puppet
|
|
/usr/bin/systemctl list-unit-files | grep -q puppetagent && puppet_unit=puppetagent
|
|
/usr/bin/systemctl enable ${puppet_unit}
|
|
|
|
# export a custom fact called 'is_installer' to allow detection of the installer environment in Puppet modules
|
|
export FACTER_is_installer=true
|
|
# passing a non-existent tag like "no_such_tag" to the puppet agent only initializes the node
|
|
# You can select specific tag(s) with the "run-puppet-in-installer-tags" parameter
|
|
# or set a full puppet run by setting "run-puppet-in-installer" = true
|
|
echo "Performing initial puppet run for --tags no_such_tag"
|
|
/opt/puppetlabs/bin/puppet agent --config /etc/puppetlabs/puppet/puppet.conf --onetime --tags no_such_tag --no-daemonize
|
|
|
|
|
|
|
|
|
|
|
|
|
|
user_exists=false
|
|
getent passwd root >/dev/null 2>&1 && user_exists=true
|
|
|
|
|
|
if $user_exists; then
|
|
|
|
|
|
mkdir -p ~root/.ssh
|
|
|
|
cat << EOF >> ~root/.ssh/authorized_keys
|
|
ssh-rsa ... foreman-proxy@fontana
|
|
EOF
|
|
|
|
chmod 0700 ~root/.ssh
|
|
chmod 0600 ~root/.ssh/authorized_keys
|
|
chown -R root: ~root/.ssh
|
|
|
|
# Restore SELinux context with restorecon, if it's available:
|
|
command -v restorecon && restorecon -RvF ~root/.ssh || true
|
|
|
|
else
|
|
echo 'The remote_execution_ssh_user does not exist and remote_execution_create_user is not set to true. remote_execution_ssh_keys snippet will not install keys'
|
|
fi
|
|
|
|
|
|
|
|
|
|
echo '#'
|
|
echo '# Installing Insights client'
|
|
echo '#'
|
|
|
|
yum install -y insights-client
|
|
insights-client --register
|
|
|
|
|
|
|
|
|
|
if command -v subscription-manager &>/dev/null; then
|
|
echo "Refreshing subscription data"
|
|
subscription-manager refresh
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
# Call home to exit build mode
|
|
|
|
trap - ERR
|
|
foreman_curl 'http://foreman.domain.tld/unattended/built?token=...'
|
|
|
|
if [[ $? == 0 ]] ; then
|
|
echo "Host [fqdn] successfully configured."
|
|
else
|
|
echo "Host [fqdn] successfully configured, but failed to set built status."
|
|
fi
|
|
|
|
subscription-manager facts --update
|
|
|
|
|
|
exit 0
|
|
|