#!/bin/bash -xe server=$1 type=$2 hostname=$3 if [ -z "$hostname" ]; then echo "USAGE: $0 server type hostname" exit 1 fi if ! $(echo "$hostname" | grep -q zulip); then echo "USAGE: $0 server type hostname" echo "Hostname must have zulip in it." exit 1 fi zulip_root=${ZULIP_ROOT:-$HOME/zulip} amazon_key_file=$zulip_root/zulip.pem if ! [ -e "$amazon_key_file" ]; then echo "You need zulip.pem at $amazon_key_file; ask tabbott for it" exit 1 fi server_private_key_file=$zulip_root/puppet/zulip-internal/files/id_rsa if ! [ -e "$server_private_key_file" ]; then echo "You need a server ssh key at $server_private_key_file" exit 1 fi # Force RSA keys. We do this because the ECDSA key is not printed on syslog, # and our puppet configuration does not use ECDSA. If we don't do this, # we'll get key errors after puppet apply. SSH_OPTS="-o HostKeyAlgorithms=ssh-rsa" set +e ssh $SSH_OPTS "$server" -t -i "$amazon_key_file" -ladmin < /etc/hostname sed -i 's/localhost$/localhost $hostname/' /etc/hosts /etc/init.d/hostname.sh start # First, install any updates from the apt repo that may be needed cat >/etc/apt/sources.list.d/zulip.list < /root/.ssh/known_hosts < "$type"}' cp -a /root/zulip /home/zulip/zulip chown -R zulip:zulip /home/zulip/zulip # These server restarting bits should be moveable into puppet-land, ideally apt-get -y upgrade if [ -e "/etc/init.d/nginx" ]; then service nginx restart fi if [ -e "/etc/init.d/apache2" ]; then service apache2 restart fi EOF # TODO: Don't give servers push access to our git! scp $SSH_OPTS -i "$amazon_key_file" "$server_private_key_file" zulip@"$server":/home/zulip/.ssh/id_rsa ssh $SSH_OPTS "$server" -t -i "$amazon_key_file" -lzulip <