diff --git a/setup.sh b/setup.sh deleted file mode 100644 index 81a1c3b..0000000 --- a/setup.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/sh - -# setup new server - -## PREFLIGHT - -ORIGIN_PWD="$PWD" - -if ! [ "$UID" = "0" ]; then - echo "please perform as root, attempting to escalate privileges..." - exec sudo $(cat /proc/$$/cmdline | sed 's/\x00/ /g') - exit 1 -fi - -if ! ssh git@git.ixvd.net; then - echo "can't connect to git, please setup ssh" - exit 1 -fi - -## MAIN - -set -e - -if ! [ -f "/etc/ixvd/version" ]; then - echo "applying overlay..." - cp -r skel/. / -fi - -if ! [ -d "/etc/ixvd/secrets" ]; then - echo "setting up ixvd/secrets" - git clone git@git.ixvd.net:ixvd/secrets /etc/ixvd/secrets -fi - -if ! [ -f "/root/.ssh/authorized_keys" ]; then - echo "importing authorized_keys..." - mkdir -p /root/.ssh - cp /etc/ixvd/secrets/ssh/authorized_keys /root/.ssh/authorized_keys -else - if ! grep -q "# IXVD keys" /root/.ssh/authorized_keys; then - echo "importing authorized_keys..." - cat /etc/ixvd/secrets/ssh/authorized_keys >> /root/.ssh/authorized_keys - fi -fi - -if ! grep -q "# cifs mount backups" /etc/fstab; then - echo "modifying fstab..." - cp /etc/fstab /etc/fstab.$(date +"%H-%M-%S_%d-%m-%y").bak - . /etc/ixvd/secrets/backups.cifs -cat<>/etc/fstab -# cifs mount backups -//$domain/backup /mnt/backups cifs credentials=/etc/ixvd/secrets/backups.cifs,file_mode=0777,dir_mode=0777,noperm 0 0 -EOF -fi - -if ! [ -d "/mnt/backups" ]; then - echo "mounting share..." - mkdir /mnt/backups - mount /mnt/backups -fi \ No newline at end of file diff --git a/tools/README.md b/tools/README.md new file mode 100644 index 0000000..455bf8d --- /dev/null +++ b/tools/README.md @@ -0,0 +1,5 @@ +> **Warning** +> Do **NOT** run these tools in this directory. +> Run them from the *main* directory. + +Tools used for the IXVD infra \ No newline at end of file diff --git a/tools/remove-skel.sh b/tools/remove-skel.sh new file mode 100644 index 0000000..0dc95dd --- /dev/null +++ b/tools/remove-skel.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +# remove skeleton **files** + +if ! [ "$UID" = "0" ]; then + echo "not root" + exit 1 +fi + +echo "WARNING; this will remove neb's skel **files**, not it's directories!" +echo "WARNING; you will have to remove those manually" + +cd skel/ +for f in $(find . -type f | sed 's|.\/|\/|'); do + printf "\r\033[2KRM $f" + [ -f $f ] && rm $f +done +echo -e "\r\033[2KDONE!" \ No newline at end of file diff --git a/tools/setup-server.sh b/tools/setup-server.sh new file mode 100644 index 0000000..4f9a456 --- /dev/null +++ b/tools/setup-server.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +# setup server + +## PREFLIGHT + +ORIGIN_PWD="$PWD" + +if ! [ "$UID" = "0" ]; then + echo "please perform as root, attempting to escalate privileges..." + exec sudo $(cat /proc/$$/cmdline | sed 's/\x00/ /g') + exit 1 +fi + +echo "testing git connection..." +if ! ssh -Tq git@git.ixvd.net &> /dev/null; then + echo "can't connect to git, please setup ssh" + exit 1 +fi + +## MAIN + +set -e + +for s in tools/setup/*; do + echo "running $s..." + sh $s +done \ No newline at end of file diff --git a/tools/setup/00-apply-skel.sh b/tools/setup/00-apply-skel.sh new file mode 100644 index 0000000..2f78c04 --- /dev/null +++ b/tools/setup/00-apply-skel.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +if ! [ -f "/etc/ixvd/version" ]; then + echo "applying overlay..." + cp -r skel/. / +fi \ No newline at end of file diff --git a/tools/setup/10-clone-ixvd-secrets.sh b/tools/setup/10-clone-ixvd-secrets.sh new file mode 100644 index 0000000..a1994f7 --- /dev/null +++ b/tools/setup/10-clone-ixvd-secrets.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +if ! [ -d "/etc/ixvd/secrets" ]; then + echo "setting up ixvd/secrets" + git clone git@git.ixvd.net:ixvd/secrets /etc/ixvd/secrets +fi \ No newline at end of file diff --git a/tools/setup/20-ssh-authorized-keys.sh b/tools/setup/20-ssh-authorized-keys.sh new file mode 100644 index 0000000..ab54595 --- /dev/null +++ b/tools/setup/20-ssh-authorized-keys.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +if ! [ -f "/root/.ssh/authorized_keys" ]; then + echo "importing authorized_keys..." + mkdir -p /root/.ssh + cp /etc/ixvd/secrets/ssh/authorized_keys /root/.ssh/authorized_keys +else + if ! grep -q "# IXVD keys" /root/.ssh/authorized_keys; then + echo "importing authorized_keys..." + cat /etc/ixvd/secrets/ssh/authorized_keys >> /root/.ssh/authorized_keys + fi +fi \ No newline at end of file diff --git a/tools/setup/30-cifs.sh b/tools/setup/30-cifs.sh new file mode 100644 index 0000000..19ad479 --- /dev/null +++ b/tools/setup/30-cifs.sh @@ -0,0 +1,17 @@ +#!/bin/sh + +if ! grep -q "# cifs mount backups" /etc/fstab; then + echo "modifying fstab..." + cp /etc/fstab /etc/fstab.$(date +"%H-%M-%S_%d-%m-%y").bak + . /etc/ixvd/secrets/backups.cifs +cat<>/etc/fstab +# cifs mount backups +//$domain/backup /mnt/backups cifs credentials=/etc/ixvd/secrets/backups.cifs,file_mode=0777,dir_mode=0777,noperm 0 0 +EOF +fi + +if ! [ -d "/mnt/backups" ]; then + echo "mounting share..." + mkdir /mnt/backups + mount /mnt/backups +fi \ No newline at end of file diff --git a/tools/update-server.sh b/tools/update-server.sh new file mode 100644 index 0000000..fe66018 --- /dev/null +++ b/tools/update-server.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +if cd /etc/ixvd/secrets; then + git pull + cd - +fi + +sh tools/remove-skel.sh +git pull +sh tools/setup-server.sh \ No newline at end of file