-
Notifications
You must be signed in to change notification settings - Fork 0
/
bootstrap.sh
executable file
·124 lines (101 loc) · 3.56 KB
/
bootstrap.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
#!/bin/bash
#ansible_ver=2.9
gitrepo=https://github.com/janth/jtm-ansible-initial.git
script_name=${0##*/} # Basename, or drop /path/to/file
script=${script_name%%.*} # Drop .ext.a.b
script_path=${0%/*} # Dirname, or only /path/to
script_path=$( [[ -d ${script_path} ]] && cd ${script_path} ; pwd) # Absolute path
script_path_name="${script_path}/${script_name}" # Full path and full filename to $0
absolute_script_path_name=$( /bin/readlink --canonicalize ${script_path}/${script_name}) # Full absolute path and filename to $0
absolute_script_path=${absolute_script_path_name%/*} # Dirname, or only /path/to, now absolute
script_basedir=${script_path%/*} # basedir, if script_path is .../bin/
set -o pipefail
set -o braceexpand
set -o allexport
set -o noclobber
set -o errexit
if [[ -n ${SUDO_USER} ]] ; then
echo "ERROR: This script must not be run using sudo."
echo "Please re-run as yourself"
exit 1
fi
log () {
echo "$@"
}
declare -a pkgs=( python3-pip aptitude git wget )
for p in ${pkgs[*]} ; do
/usr/bin/dpkg -l ${p} >/dev/null 2>&1 || {
log "Installing ${p}"
/usr/bin/sudo DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get install -qq ${p} >/dev/null
}
done
# sudo pip3 install 'ansible==2.7.2'
log "Installing ansible (if not already installed)"
#/usr/bin/pip3 list | /usr/bin/grep '^ansible\s' > /dev/null || /usr/bin/sudo /usr/bin/pip3 install "ansible==${ansible_ver}" --progress-bar off
/usr/bin/pip3 list | /usr/bin/grep '^ansible\s' > /dev/null || /usr/bin/sudo /usr/bin/pip3 install ansible --progress-bar off
/usr/local/bin/ansible --version
# set -o errexit
set -o nounset
MYSUDO=/etc/sudoers.d/00-sudoers-defaults
echo "Install ${MYSUDO}"
/usr/bin/sudo -v
{
cat << SUDOERS
# This file is managed by Ansibel/Puppet/TBD
### JanThM added
Defaults insults
Defaults !requiretty
Defaults log_year
Defaults log_host
Defaults syslog=authpriv
Defaults root_sudo
Defaults set_home
Defaults set_utmp
Defaults loglinelen=0
#Defaults passprompt="Sir/Madam, please provide [sudo] password for %p@%h (for running as %U): "
#Defaults passprompt=“[sudo] password for %p:”
#Defaults badpass_message="Sorry, try again."
Defaults listpw=never
Defaults logfile=/var/log/sudo.log
###
centos ALL=(ALL:ALL) NOPASSWD:ALL
vagrant ALL=(ALL:ALL) NOPASSWD:ALL
# Allow members of group wheek to execute any command
%wheel ALL=(ALL:ALL) NOPASSWD:ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) NOPASSWD:ALL
SUDOERS
} | /usr/bin/sudo /usr/bin/tee ${MYSUDO} > /dev/null
/usr/bin/sudo /bin/chmod --verbose 0440 ${MYSUDO}
/usr/bin/sudo /bin/chown --verbose root:root ${MYSUDO}
#/bin/ls -l ${MYSUDO}
/usr/bin/sudo /usr/sbin/visudo --check --strict --file=${MYSUDO}
ssh_id=${HOME}/.ssh/id_ed25519
umask 0022
[[ ! -d ${ssh_id%/*} ]] && mkdir ${ssh_id%/*}
if [[ ! -r ${ssh_id} ]] ; then
log "Generating ssh id for you (${ssh_id} does not exists)"
/usr/bin/ssh-keygen -a 100 -t ed25519 -f ${ssh_id}
fi
if [[ ! -r ${ssh_id%/*}/authorized_keys ]] ; then
/usr/bin/cp ${ssh_id}.pub ${ssh_id%/*}/authorized_keys
else
/usr/bin/cat ${ssh_id}.pub >> ${ssh_id%/*}/authorized_keys
fi
repodir=${gitrepo##*/}
repodir=${repodir%.*}
git clone ${gitrepo} ${repodir}
cat << X
Now do:
cd ${repodir} && ./run-eg.sh
to get some examples of how to run ansible
Config files:
ansible.cfg
hosts
Playbook (what to run):
plays/base.yml
Varialbles ( = puppet hieradata):
group_vars/all.yml
Ansible code:
roles/jtm.base/tasks/main.yml
X