forked from jeremymv2/chef-server-gcp
-
Notifications
You must be signed in to change notification settings - Fork 1
/
script.sh
executable file
·95 lines (80 loc) · 4.03 KB
/
script.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#!/bin/bash
export PATH=/opt/opscode/embedded/bin:/usr/sbin:$PATH
export CHEFSERVER=$2
export AUTOMATESERVER=$3
export RUNNER=$4
. $(dirname "$0")/variables.sh
random_string () {
cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1
}
setup_chef_user () {
if [ ! -f /home/$CHEF_SYS_USER ]; then
useradd $CHEF_SYS_USER -m
mkdir /home/$CHEF_SYS_USER/.chef
fi
}
install_chef_server () {
rpm -Uvh `curl -s https://downloads.chef.io/chef-server/stable | grep -o '</strong> https:[^<]*[^<]*el7.x86_64.rpm' | grep -o 'https.*' | sed -e 's/\&\#x2F;/\\//g' | head -1`
kniferb="/home/$CHEF_SYS_USER/.chef/knife.rb"
echo "current_dir = File.dirname(__FILE__)" | tee -a $kniferb
echo "log_level :info" | tee -a $kniferb
echo "log_location STDOUT" | tee -a $kniferb
echo "node_name '$CHEF_WF_USER'" | tee -a $kniferb
echo "client_key \"#{current_dir}/$CHEF_WF_USER.pem\"" | tee -a $kniferb
echo "ssl_verify_mode :verify_none" | tee -a $kniferb
echo "chef_server_url 'https://$CHEFSERVER/organizations/$CHEF_ORG'" | tee -a $kniferb
token=$(random_string)$(random_string)
echo $token > /home/$CHEF_SYS_USER/.chef/dctoken
serverrb="/etc/opscode/chef-server.rb"
echo "api_fqdn \"$CHEFSERVER\"" | tee -a $serverrb
# echo "data_collector['root_url'] = 'https://$AUTOMATESERVER/data-collector/v0/'" | tee -a $serverrb
# echo "data_collector['token'] = '$token'" | tee -a $serverrb
# echo "profiles['root_url'] = 'https://$AUTOMATESERVER'" | tee -a $serverrb
chef-server-ctl reconfigure
chef-server-ctl user-create admin the admin admin@the.admin.io $(random_string) --filename /home/$CHEF_SYS_USER/admin.pem
chef-server-ctl org-create $CHEF_ORG "$CHEF_ORG" --association_user admin --filename /home/$CHEF_SYS_USER/$CHEF_ORG-validator.pem
chef-server-ctl user-create $CHEF_WF_USER $CHEF_WF_USER User $CHEF_WF_USER@example.com $(random_string) --filename /home/$CHEF_SYS_USER/.chef/$CHEF_WF_USER.pem
chef-server-ctl org-user-add $CHEF_ORG $CHEF_WF_USER --admin
}
chef_wf_user_pem () {
scp -oStrictHostKeyChecking=no -i /home/$CHEF_SYS_USER/.ssh/id_rsa $CHEF_SYS_USER@$1:/home/$CHEF_SYS_USER/.chef/$CHEF_WF_USER.pem /etc/delivery/$CHEF_WF_USER.pem >/dev/null 2>&1
}
dc_token () {
ssh -t -oStrictHostKeyChecking=no -i /home/$CHEF_SYS_USER/.ssh/id_rsa $CHEF_SYS_USER@$1 "cat /home/$CHEF_SYS_USER/.chef/dctoken | tr -d \"\n\""
}
install_automate_server () {
rpm -Uvh `curl -s https://downloads.chef.io/automate/stable | grep -o '</strong> https:[^<]*[^<]*el7.x86_64.rpm' | grep -o 'https.*' | sed -e 's/\&\#x2F;/\\//g' | head -1`
mkdir -p /var/opt/delivery/license
mv /home/$CHEF_SYS_USER/delivery.license /var/opt/delivery/license
mkdir -p /etc/delivery
chmod 0644 /etc/delivery
chef_wf_user_pem $CHEFSERVER
while [ $? -ne 0 ]; do
echo "Automate Server: interrogtating the Chef Server for a $CHEF_WF_USER.pem.."
sleep 10
chef_wf_user_pem $CHEFSERVER
done
automate-ctl setup --license /var/opt/delivery/license/delivery.license --enterprise $WF_ENT --no-build-node --key /etc/delivery/$CHEF_WF_USER.pem --server-url https://$CHEFSERVER/organizations/$CHEF_ORG --fqdn $AUTOMATESERVER --no-configure
echo "data_collector['token'] = '$(dc_token $CHEFSERVER)'" | tee -a /etc/delivery/delivery.rb
automate-ctl reconfigure
sleep 15
pass=$(random_string)
automate-ctl create-enterprise $WF_ENT --ssh-pub-key-file /etc/delivery/builder_key.pub
automate-ctl install-runner $RUNNER $CHEF_SYS_USER --ssh-identity-file /home/$CHEF_SYS_USER/.ssh/id_rsa -y
automate-ctl reset-password $WF_ENT admin $pass
echo "NEW LOGIN (/etc/delivery/ui_login.info): admin / $pass" > /etc/delivery/ui_login.info
chmod 600 /etc/delivery/ui_login.info
cat /etc/delivery/ui_login.info
}
install_runner () {
echo "Installing Runner.."
echo "$CHEF_SYS_USER ALL=(ALL) NOPASSWD:ALL" | tee -a /etc/sudoers.d/90-cloud-init-users
}
setup_chef_user
if [ $1 -eq 0 ]; then
install_runner
elif [ $1 -eq 1 ]; then
install_chef_server
else
install_automate_server
fi