2016-07-12 01:26:07 +02:00
|
|
|
#!/usr/bin/env bash
|
2016-07-21 06:33:16 +02:00
|
|
|
set -e
|
2016-07-12 01:26:07 +02:00
|
|
|
|
|
|
|
server=$1
|
|
|
|
type=$2
|
|
|
|
hostname=$3
|
|
|
|
branch=$4
|
|
|
|
if [ -z "$hostname" ]; then
|
|
|
|
echo "USAGE: $0 server type hostname [branch]"
|
|
|
|
echo "Installs an empty Ubuntu server in AWS with a Zulip server role."
|
|
|
|
echo "* hostname is the current hostname/IP of the server"
|
|
|
|
echo "* type is a list of puppet rules to be passed to scripts/lib/install"
|
|
|
|
echo " E.g. 'zulip::base,zulip::apt_repository,zulip::postgres_common'"
|
|
|
|
echo "* hostname is to be the server's external hostname."
|
|
|
|
echo "* branch is used to override the default branch to install from."
|
|
|
|
echo "Reads configuration from $HOME/.zulip-install-server.conf."
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
if ! echo "$hostname" | grep -q zulip; then
|
|
|
|
echo "USAGE: $0 server type hostname [branch]"
|
|
|
|
echo "Hostname must have zulip in it."
|
|
|
|
exit 1
|
|
|
|
fi
|
2016-07-21 06:33:16 +02:00
|
|
|
set -x
|
2016-07-12 01:26:07 +02:00
|
|
|
zulip_root=${ZULIP_ROOT:-$HOME/zulip}
|
|
|
|
|
|
|
|
zulip_ssh_config_file="$HOME/.zulip-install-server.conf"
|
|
|
|
amazon_key_file=$(crudini --get "$zulip_ssh_config_file" ssh amazon_key_file)
|
|
|
|
if ! [ -e "$amazon_key_file" ]; then
|
|
|
|
echo "You need the amazon ssh key at $amazon_key_file"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
server_private_key_file=$(crudini --get "$zulip_ssh_config_file" ssh server_private_key_file)
|
|
|
|
if ! [ -e "$server_private_key_file" ]; then
|
|
|
|
echo "You need a server ssh key at $server_private_key_file"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2016-07-31 19:17:48 +02:00
|
|
|
if [ -n "$zulip_confdir" ]; then
|
|
|
|
zulipconf_file="$zulip_confdir/zulip.conf"
|
|
|
|
secrets_file="$zulip_confdir/zulip-secrets.conf"
|
|
|
|
fi
|
2016-07-21 06:33:36 +02:00
|
|
|
if [ -z "$secrets_file" ]; then
|
|
|
|
echo "Specify secrets_file via environment."
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2016-07-12 01:26:07 +02:00
|
|
|
zulip_repo=$(crudini --get "$zulip_ssh_config_file" repo repo_url)
|
|
|
|
|
|
|
|
if [ -z "$branch" ]; then
|
|
|
|
branch=$(crudini --get "$zulip_ssh_config_file" repo default_branch)
|
|
|
|
fi
|
|
|
|
|
|
|
|
VIRTUALENV_NEEDED=$(if $(echo "$type" | grep -q ::app); then echo -n yes; else echo -n no; fi)
|
|
|
|
|
|
|
|
# Force RSA keys. We do this because the ECDSA key is not printed on syslog,
|
|
|
|
# and our puppet configuration does not use ECDSA. If we don't do this,
|
|
|
|
# we'll get key errors after puppet apply.
|
|
|
|
SSH_OPTS=(-o HostKeyAlgorithms=ssh-rsa)
|
|
|
|
|
|
|
|
set +e
|
|
|
|
|
|
|
|
ssh "${SSH_OPTS[@]}" "$server" -t -i "$amazon_key_file" -lubuntu -o "ControlMaster=no" <<EOF
|
|
|
|
sudo mkdir -p ~root/.ssh && sudo cp .ssh/authorized_keys /root/.ssh/authorized_keys
|
|
|
|
sudo sed -i 's/disable_root: true/disable_root: false/' /etc/cloud/cloud.cfg
|
2016-07-21 06:33:36 +02:00
|
|
|
mkdir -p /etc/zulip
|
2016-07-12 01:26:07 +02:00
|
|
|
EOF
|
|
|
|
|
|
|
|
set -e
|
|
|
|
|
|
|
|
# Give server its SSH keys
|
|
|
|
scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$server_private_key_file" root@"$server":/root/.ssh/id_rsa
|
|
|
|
scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$server_private_key_file".pub root@"$server":/root/.ssh/id_rsa.pub
|
2016-07-21 06:33:36 +02:00
|
|
|
scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$secrets_file" root@"$server":/etc/zulip/zulip-secrets.conf
|
2016-07-31 19:17:48 +02:00
|
|
|
if [ -e "$zulipconf_file" ]; then
|
|
|
|
scp "${SSH_OPTS[@]}" -i "$amazon_key_file" "$zulipconf_file" root@"$server":/etc/zulip/zulip.conf
|
|
|
|
fi
|
2016-07-12 01:26:07 +02:00
|
|
|
|
|
|
|
ssh "${SSH_OPTS[@]}" "$server" -t -i "$amazon_key_file" -lroot <<EOF
|
|
|
|
# Finish setting up the SSH private key
|
|
|
|
chmod 600 /root/.ssh/id_rsa
|
|
|
|
# Delete the ubuntu user
|
|
|
|
userdel ubuntu
|
|
|
|
# Make sure root doesn't have a password
|
|
|
|
passwd -d root
|
|
|
|
|
|
|
|
# Set the hostname
|
|
|
|
echo "$hostname" > /etc/hostname
|
|
|
|
sed -i 's/localhost$/localhost $hostname/' /etc/hosts
|
|
|
|
|
|
|
|
apt-get update
|
|
|
|
apt-get -y upgrade
|
|
|
|
|
|
|
|
cd /root
|
|
|
|
if ! [ -e "zulip" ]; then
|
|
|
|
# need to install git to clone the repo
|
2016-07-21 06:33:36 +02:00
|
|
|
apt-get install -y git crudini
|
2016-07-12 01:26:07 +02:00
|
|
|
git clone $zulip_repo
|
|
|
|
fi
|
|
|
|
cd zulip
|
|
|
|
git fetch
|
|
|
|
git checkout origin/$branch
|
|
|
|
# The main Zulip production install script can take things from here!
|
|
|
|
env VIRTUALENV_NEEDED=$VIRTUALENV_NEEDED PUPPET_CLASSES="$type" /root/zulip/scripts/setup/install
|
|
|
|
EOF
|
|
|
|
|
|
|
|
set +x
|
|
|
|
cat <<EOF
|
|
|
|
|
|
|
|
Done.
|
|
|
|
|
|
|
|
EOF
|