Allow customizing the deployment username
Defaulted to 'deploy' but should be overrideable.
This commit is contained in:
parent
808bdae92c
commit
ae83721be9
|
@ -25,6 +25,7 @@ isofilename="pvc-installer_$(date +%Y-%m-%d).iso"
|
||||||
srcliveisopath="https://cdimage.debian.org/mirror/cdimage/release/current-live/amd64/iso-hybrid"
|
srcliveisopath="https://cdimage.debian.org/mirror/cdimage/release/current-live/amd64/iso-hybrid"
|
||||||
srcliveisofilename="$( wget -O- ${srcliveisopath}/ | grep 'debian-live-.*-amd64-standard.iso' | awk -F '"' '{ print $6 }' )"
|
srcliveisofilename="$( wget -O- ${srcliveisopath}/ | grep 'debian-live-.*-amd64-standard.iso' | awk -F '"' '{ print $6 }' )"
|
||||||
srcliveisourl="${srcliveisopath}/${srcliveisofilename}"
|
srcliveisourl="${srcliveisopath}/${srcliveisofilename}"
|
||||||
|
deployusername="deploy"
|
||||||
|
|
||||||
show_help() {
|
show_help() {
|
||||||
echo -e "PVC install ISO generator"
|
echo -e "PVC install ISO generator"
|
||||||
|
@ -45,6 +46,7 @@ show_help() {
|
||||||
echo -e " the default."
|
echo -e " the default."
|
||||||
echo -e " -a: Use cached squashfs artifact during rebuild (cached ISO and debootstrap"
|
echo -e " -a: Use cached squashfs artifact during rebuild (cached ISO and debootstrap"
|
||||||
echo -e " artifacts are always used)."
|
echo -e " artifacts are always used)."
|
||||||
|
echo -e " -u: Change 'deploy' user to a new username."
|
||||||
}
|
}
|
||||||
|
|
||||||
while getopts "h?o:s:a" opt; do
|
while getopts "h?o:s:a" opt; do
|
||||||
|
@ -62,6 +64,9 @@ while getopts "h?o:s:a" opt; do
|
||||||
a)
|
a)
|
||||||
usecachedsquashfs='y'
|
usecachedsquashfs='y'
|
||||||
;;
|
;;
|
||||||
|
u)
|
||||||
|
deployusername=$OPTARG
|
||||||
|
;;
|
||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
|
|
||||||
|
@ -143,6 +148,7 @@ prepare_rootfs() {
|
||||||
sudo chroot ${tempdir}/rootfs/ /usr/bin/passwd -d root &>/dev/null || fail "Error disabling root password."
|
sudo chroot ${tempdir}/rootfs/ /usr/bin/passwd -d root &>/dev/null || fail "Error disabling root password."
|
||||||
sudo cp install.sh ${tempdir}/rootfs/ &>/dev/null || fail "Error copying install.sh to tempdir."
|
sudo cp install.sh ${tempdir}/rootfs/ &>/dev/null || fail "Error copying install.sh to tempdir."
|
||||||
sudo sed -i "s/XXISOXX/${isofilename}/g" ${tempdir}/rootfs/install.sh &>/dev/null || fail "Error editing install.sh script."
|
sudo sed -i "s/XXISOXX/${isofilename}/g" ${tempdir}/rootfs/install.sh &>/dev/null || fail "Error editing install.sh script."
|
||||||
|
sudo sed -i "s/XXDEPLOYUSERXX/${deployusername}/g" ${tempdir}/rootfs/install.sh &>/dev/null || fail "Error editing install.sh script."
|
||||||
echo "done."
|
echo "done."
|
||||||
|
|
||||||
echo -n "Generating squashfs image of live installation... "
|
echo -n "Generating squashfs image of live installation... "
|
||||||
|
|
20
install.sh
20
install.sh
|
@ -198,7 +198,9 @@ echo "done."
|
||||||
echo
|
echo
|
||||||
|
|
||||||
echo "4) Please enter an HTTP URL containing a text list of SSH authorized keys to"
|
echo "4) Please enter an HTTP URL containing a text list of SSH authorized keys to"
|
||||||
echo "fetch. These keys will be allowed access to the 'deploy' user via SSH."
|
echo "fetch. These keys will be allowed access to the deployment user 'XXDEPLOYUSER'"
|
||||||
|
echo "via SSH."
|
||||||
|
echo ""
|
||||||
echo "Leave blank to bypass this and use a password instead."
|
echo "Leave blank to bypass this and use a password instead."
|
||||||
echo
|
echo
|
||||||
echo -n "> "
|
echo -n "> "
|
||||||
|
@ -207,7 +209,7 @@ if [[ -z ${target_keys_url} ]]; then
|
||||||
echo
|
echo
|
||||||
echo "No SSH keys URL specified. Falling back to password configuration."
|
echo "No SSH keys URL specified. Falling back to password configuration."
|
||||||
echo
|
echo
|
||||||
echo "5) Please enter a password (hidden), twice, for the 'deploy' user."
|
echo "5) Please enter a password (hidden), twice, for the deployment user 'XXDEPLOYUSERXX'."
|
||||||
while [[ -z "${target_password}" ]]; do
|
while [[ -z "${target_password}" ]]; do
|
||||||
echo
|
echo
|
||||||
echo -n "> "
|
echo -n "> "
|
||||||
|
@ -407,16 +409,16 @@ echo -n "Setting temporary 'root' password... "
|
||||||
echo "root:${root_password}" | chroot ${target} chpasswd >&2
|
echo "root:${root_password}" | chroot ${target} chpasswd >&2
|
||||||
echo "done."
|
echo "done."
|
||||||
|
|
||||||
echo -n "Adding 'deploy' user... "
|
echo -n "Adding deployment user... "
|
||||||
mv ${target}/home ${target}/var/home >&2
|
mv ${target}/home ${target}/var/home >&2
|
||||||
chroot ${target} useradd -u 200 -d /var/home/deploy -m -s /bin/bash -g operator -G sudo deploy >&2
|
chroot ${target} useradd -u 200 -d /var/home/XXDEPLOYUSERXX -m -s /bin/bash -g operator -G sudo XXDEPLOYUSERXX >&2
|
||||||
chroot ${target} mkdir -p /var/home/deploy/.ssh
|
chroot ${target} mkdir -p /var/home/XXDEPLOYUSERXX/.ssh
|
||||||
if [[ -n ${target_keys_url} ]]; then
|
if [[ -n ${target_keys_url} ]]; then
|
||||||
wget -O ${target}/var/home/deploy/.ssh/authorized_keys ${target_keys_url}
|
wget -O ${target}/var/home/XXDEPLOYUSERXX/.ssh/authorized_keys ${target_keys_url}
|
||||||
chroot ${target} chmod 0600 /var/home/deploy/.ssh/authorized_keys
|
chroot ${target} chmod 0600 /var/home/XXDEPLOYUSERXX/.ssh/authorized_keys
|
||||||
chroot ${target} chown -R deploy:operator /var/home/deploy
|
chroot ${target} chown -R XXDEPLOYUSERXX:operator /var/home/XXDEPLOYUSERXX
|
||||||
else
|
else
|
||||||
echo "deploy:${target_password}" | chroot ${target} chpasswd >&2
|
echo "XXDEPLOYUSERXX:${target_password}" | chroot ${target} chpasswd >&2
|
||||||
fi
|
fi
|
||||||
echo "done."
|
echo "done."
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue