Initial version for Ubuntu deployment scripts

init.sh

@@ -0,0 +1,307 @@
+#!/bin/bash
+
+# Check gestparc native directory
+#export REPO="/share/services/gestparc"
+
+export HOSTNAME=$(hostname)
+
+export DATEFORMAT=${DATEFORMAT:-"+%Y/%m/%d-%H:%M:%S-%N"}
+export LOGFILE=${LOGFILE:-"/var/log/$(uname -n)-$(date +%Y%m%d-%H%M).log"}
+
+# Define colors codes used while displaying
+colorcodes() {
+        DEFAULTFG="\e[0;39m"
+        DEFAULTBG="\e[0;49m"
+        DEFAULTCOL=${DEFAULTBG}${DEFAULTFG}
+        # Regular Colors
+        Black='\e[0;30m'
+        Red='\e[0;31m'
+        Green='\e[0;32m'
+        Yellow='\e[0;33m'
+        Blue='\e[0;34m'
+        Purple='\e[0;35m'
+        Cyan='\e[0;36m'
+        White='\e[0;37m'
+        # Bold
+        BBlack='\e[1;30m'
+        BRed='\e[1;31m'
+        BGreen='\e[1;32m'
+        BYellow='\e[1;33m'
+        BBlue='\e[1;34m'
+        BPurple='\e[1;35m'
+        BCyan='\e[1;36m'
+        BWhite='\e[1;37m'
+        # Underline
+        UBlack='\e[4;30m'
+        URed='\e[4;31m'
+        UGreen='\e[4;32m'
+        UYellow='\e[4;33m'
+        UBlue='\e[4;34m'
+        UPurple='\e[4;35m'
+        UCyan='\e[4;36m'
+        UWhite='\e[4;37m'
+        # Background
+        On_Black='\e[40m'
+        On_Red='\e[41m'
+        On_Green='\e[42m'
+        On_Yellow='\e[43m'
+        On_Blue='\e[44m'
+        On_Purple='\e[45m'
+        On_Cyan='\e[46m'
+        On_White='\e[47m'
+        # High Intensity
+        IBlack='\e[0;90m'
+        IRed='\e[0;91m'
+        IGreen='\e[0;92m'
+        IYellow='\e[0;93m'
+        IBlue='\e[0;94m'
+        IPurple='\e[0;95m'
+        ICyan='\e[0;96m'
+        IWhite='\e[0;97m'
+        # Bold High Intensity
+        BIBlack='\e[1;90m'
+        BIRed='\e[1;91m'
+        BIGreen='\e[1;92m'
+        BIYellow='\e[1;93m'
+        BIBlue='\e[1;94m'
+        BIPurple='\e[1;95m'
+        BICyan='\e[1;96m'
+        BIWhite='\e[1;97m'
+        # High Intensity backgrounds
+        On_IBlack='\e[0;100m'
+        On_IRed='\e[0;101m'
+        On_IGreen='\e[0;102m'
+        On_IYellow='\e[0;103m'
+        On_IBlue='\e[0;104m'
+        On_IPurple='\e[0;105m'
+        On_ICyan='\e[0;106m'
+        On_IWhite='\e[0;107m'
+}
+
+# Affiche le status avec en-tête coloré et timestamp
+# (valeur de $1 : I=info, W=warning, E=error, pas d'entête si différent)
+prnt() {
+        case $1 in
+        "I")
+              HEADS="[  ${IGreen}info${DEFAULTFG}  ]"
+		shift
+        ;;
+        "W")
+              HEADS="[ ${IYellow}Attention${DEFAULTFG} ]"
+		shift
+        ;;
+        "E")
+              HEADS="[ ${IRed}ERREUR${DEFAULTFG} ]"
+		shift
+        ;;
+        esac
+        echo -e "${IWhite}$(date $DATEFORMAT)${DEFAULTFG} ${HEADS} $@"
+}
+
+
+# Backup original installation files (or any old files if runned several time on same file)
+backupdist()
+{
+    [[ $# -lt 1 ]] && prnt E "backupdist(): Au moins un argument requis." && return 1
+
+    for file in $@; do
+	if [[ -e ${file} ]]; then
+	    cp -av $file $file.dist.$(date --rfc-3339=seconds | sed -e 's/ /-/' -e 's/://g')
+     	fi
+    done
+}
+
+# Install file to the host (specific first then general)
+installfile()
+{
+    local filelist=""
+    local i=0
+
+    [[ $# -lt 2 ]] && (
+	prnt E "installfile(): Au moins deux arguments requis."
+	return 1
+    )
+    [[ $(echo $@ | grep "\*\|\?") ]] && (
+	 prnt E "installfile(): Les wildcards sont interdits."
+	 return 2
+    )
+
+    for arg in $@; do
+	if [[ -f $BASEGPDIR/profile/$HOSTNAME/$arg ]]; then
+	    filelist="$filelist $BASEGPDIR/profile/$HOSTNAME/$arg"
+	elif [[ -f $BASEGPDIR/profile/$arg ]]; then
+	    filelist="$filelist $BASEGPDIR/profile/$arg"
+	else
+	    filelist="$filelist $arg"
+	fi
+    done
+    for i in $filelist; do :; done
+    if [[ ! $i==/* ]]; then
+	prnt E "installfile(): Target must be on the root filesystem."
+	exit 3
+    fi
+    prnt I "Création su répertoire $(dirname $i) si nécessaire..."
+    mkdir -pv $(dirname $i)
+    prnt I "Copie des fichiers ${filelist}..."
+    cp -av $filelist
+}
+
+# Configuration du disque de calcul
+conf_zfs()
+{
+    # On crée les répertoires d'accueil
+    mkdir -pv /srv/ceph
+    mkdir -pv /share
+
+    # Upgrade of fstab file
+
+    # Mount Ceph volumes if required
+    [[ ! $(mount | grep "on /srv/ceph") ]] && mount -v /srv/ceph
+    [[ ! $(mount | grep "on /share") ]] && mount -v /share
+}
+
+
+# Blacklist some unwanted packages...
+apt_blacklist()
+{
+    [[ ! -d /etc/apt/preferences.d ]] && mkdir -pv /etc/apt/preferences.d
+    installfile avoid-apparmor avoid-chafa avoid-resolvconf /etc/apt/preferences.d
+}
+
+# Authentication
+#FUNCLIST="$FUNCLIST authnz"
+#authnz()
+#{
+#    apt-get install nscd libpam-krb5 libnss-ldap libpam-ldap
+#
+#    backupdist /etc/krb5.conf /etc/libnss-ldap.conf /etc/pam_ldap.conf /etc/nsswitch.conf \
+#	       /etc/pam.d/common-session /etc/pam.d/common-account /etc/pam.d/common-password \
+#	       /etc/pam.d/common-auth
+#    installfile krb5.conf libnss-ldap.conf pam_ldap.conf nsswitch.conf /etc
+#    installfile common-session common-account common-password common-auth /etc/pam.d
+#
+#    /etc/init.d/nscd restart
+#}
+
+# Users (from Ldap)
+#FUNCLIST="$FUNCLIST add_user"
+#add_users()
+#{
+#    backupdist /etc/passwd /etc/shadow /etc/group
+#    sed -i -e '/^fatal/d' /etc/passwd /etc/shadow /etc/group
+#    echo "+kroot::::::" >> /etc/passwd
+#    echo "+kroot::::::::" >> /etc/shadow
+#}
+
+# Locale
+FUNCLIST="$FUNCLIST conf_locale"
+conf_locale()
+{
+    backupdist /etc/locale.gen
+    sed -i "/^# en_US.UTF-8 /s/^# //" /etc/locale.gen
+    locale-gen
+}
+
+# Additionnal packages (some are necessary to that script to end successfully)
+install_pkg()
+{
+    apt install -y $INSTLIST
+}
+
+# NTP
+conf_ntp()
+{
+    backupdist /etc/ntp.conf
+    installfile ntp.conf /etc/ntp.conf
+}
+
+# SSH server
+conf_ssh()
+{
+    backupdist /etc/ssh/ssh{,d}_config
+    sed -i -e '/^#PermitRootLogin/s/^#//' /etc/ssh/sshd_config
+    sed -i -e '/^PermitRootLogin /s/ .*/ yes/' /etc/ssh/sshd_config
+    /etc/init.d/ssh restart || true
+    $BASEGPDIR/ssh/getpubkey.sh
+    installfile ssh_config /etc/ssh/ssh_config
+}
+
+# Profile
+install_profile()
+{
+    installfile ansi_shadow.flf /usr/share/figlet/ansi_shadow.flf
+    for usr in /root /home/*; do
+	backupdist $usr/{,.}profile $usr/.bashrc
+	installfile {{.,}profile,.bashrc} $usr/
+    done
+    backupdist /etc/motd
+    installfile motd /etc/motd
+}
+
+# Supervision
+patch_snmp()
+{
+    backupdist /etc/snmp/snmpd.conf /etc/default/snmpd /lib/systemd/system/snmpd.service /etc/init.d/snmpd
+    installfile snmpd.conf /etc/snmp/snmpd.conf
+    installfile snmpd.init /etc/init.d/snmpd
+    [[ -e /lib/systemd/system/snmpd.service ]] &&
+        installfile snmpd.service /lib/systemd/system/snmpd.service
+    /etc/init.d/snmpd restart || true # error on systemd systems requiring reboot wich we'll do anyway after that script
+}
+
+install_mk-agent()
+{
+    apt install -y $BASEGPDIR/mk_agents/check-mk-agent_${MKVERSION}_all.deb
+    backupdist /etc/xinetd.d/check_mk
+    installfile check_mk /etc/xinetd.d/check_mk
+    /etc/init.d/xinetd restart
+}
+
+# Syslog
+conf_syslog()
+{
+    backupdist /etc/rsyslog.conf
+    installfile rsyslog.conf /etc/rsyslog.conf
+    /etc/init.d/rsyslog restart
+}
+
+# Mail
+conf_mail()
+{
+    installfile postfix.cf /etc/postfix/main.cf
+    sed -i -e "s/#HOSTNAME#/$HOSTNAME/g" /etc/postfix/main.cf
+    /etc/init.d/postfix restart
+}
+
+
+# ======================
+# ==== Main Program ====
+# ======================
+
+# Vérifie qu'on soit root
+if [[  $
+
+# Chargement de la configuration
+[[ -s init.sh.conf ]] && . init.sh.conf || (
+
+)
+
+
+
+upgrade_dist
+[[ ! $PVEHST ]] && install_ceph && conf_ceph
+[[ ! $PVEHST ]] && apt_blacklist
+#[[ ! $PVEHST ]] && authnz
+#[[ ! $PVEHST ]] && add_users
+conf_locale
+install_pkg
+conf_ntp
+conf_ssh
+install_profile
+patch_snmp
+install_mk-agent
+conf_syslog
+conf_mail
+
+echo "That's all folks !"
+echo "Après vérification des logs, il est recommandé de redémarrer la machine..."