2022-09-26 13:44:36 +00:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
###################################################################
|
|
|
|
## Vultr Marketplace Helper Functions
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
inherit_errexit()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
if ! shopt -sq inherit_errexit > /dev/null 2>&1; then
|
|
|
|
echo "Unable to enable inherit_errexit"
|
|
|
|
fi
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
error_detect_on()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
set -euo pipefail
|
|
|
|
inherit_errexit
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
error_detect_off()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
set +euo pipefail
|
|
|
|
inherit_errexit
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
enable_verbose_commands()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
set -x
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
disable_verbose_commands()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
set +x
|
|
|
|
}
|
2022-09-26 13:44:36 +00:00
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
get_metadata_item()
|
|
|
|
{
|
|
|
|
local item_value
|
|
|
|
item_value="$(curl --fail --silent --header "Metadata-Token: vultr" "http://169.254.169.254/${1:-}")"
|
2022-09-26 13:44:36 +00:00
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
echo "${item_value}"
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
get_hostname()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
get_metadata_item "latest/meta-data/hostname"
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
get_userdata()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
get_metadata_item "latest/user-data"
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
get_sshkeys()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
get_metadata_item "current/ssh-keys"
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
# shellcheck disable=SC2034
|
|
|
|
get_var()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
local var_name="${1:-}" var_path="${2:-}" var_val
|
|
|
|
var_val="$(get_metadata_item "${var_path:-"v1/internal/app-${var_name}"}" 2> /dev/null)"
|
2022-09-26 13:44:36 +00:00
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
eval "${var_name}=\${var_val}"
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
# shellcheck disable=SC2034
|
|
|
|
get_ip()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
local ip_var="${1:-}" ip_val
|
|
|
|
ip_val="$(get_var "${ip_var}" "latest/meta-data/public-ipv4")"
|
2022-09-26 13:44:36 +00:00
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
eval "${ip_var}=\${ip_val}"
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
wait_on_apt_lock()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
until ! lsof -t /var/cache/apt/archives/lock /var/lib/apt/lists/lock /var/lib/dpkg/lock > /dev/null 2>&1; do
|
|
|
|
echo "Waiting 3 for apt lock currently held by another process."
|
|
|
|
sleep 3
|
|
|
|
done
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
apt_safe()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
wait_on_apt_lock
|
|
|
|
apt install -y "$@"
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
apt_update_safe()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
wait_on_apt_lock
|
|
|
|
apt update -y
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
apt_upgrade_safe()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
wait_on_apt_lock
|
|
|
|
DEBIAN_FRONTEND=noninteractive apt upgrade -y
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
apt_remove_safe()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
wait_on_apt_lock
|
|
|
|
apt remove -y --auto-remove "$@"
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
apt_clean_safe()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
wait_on_apt_lock
|
|
|
|
apt autoremove -y
|
2022-09-26 13:44:36 +00:00
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
wait_on_apt_lock
|
|
|
|
apt autoclean -y
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
update_and_clean_packages()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
# RHEL/CentOS
|
|
|
|
if [[ -f /etc/redhat-release ]]; then
|
|
|
|
yum update -y
|
|
|
|
yum clean all
|
|
|
|
# Ubuntu / Debian
|
|
|
|
elif grep -qs "debian" /etc/os-release 2> /dev/null; then
|
|
|
|
apt_update_safe
|
|
|
|
apt_upgrade_safe
|
|
|
|
apt_clean_safe
|
|
|
|
fi
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
set_vultr_kernel_option()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
# RHEL/CentOS
|
|
|
|
if [[ -f /etc/redhat-release ]]; then
|
|
|
|
/sbin/grubby --update-kernel=ALL --args vultr
|
|
|
|
# Ubuntu / Debian
|
|
|
|
elif grep -qs "debian" /etc/os-release 2> /dev/null; then
|
|
|
|
sed -i -e "/^GRUB_CMDLINE_LINUX_DEFAULT=/ s/\"$/ vultr\"/" /etc/default/grub
|
|
|
|
update-grub
|
|
|
|
fi
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
install_cloud_init()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
local cloudinit_exe=""
|
|
|
|
if cloudinit_exe="$(command -v cloud-init 2> /dev/null)" && [[ -x "${cloudinit_exe}" ]]; then
|
|
|
|
echo "cloud-init is already installed."
|
|
|
|
return
|
|
|
|
fi
|
2022-09-26 13:44:36 +00:00
|
|
|
|
|
|
|
local release_version="${1:-"latest"}"
|
2023-02-23 08:42:55 +00:00
|
|
|
if [[ "${release_version}" != "latest" && "${release_version}" != "nightly" ]]; then
|
|
|
|
echo "${release_version} is an invalid release option. Allowed: latest, nightly"
|
|
|
|
exit 255
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Lets remove all traces of previously installed cloud-init
|
|
|
|
# Ubuntu installs have proven problematic with their left over
|
|
|
|
# configs for the installer in recent versions
|
|
|
|
cleanup_cloudinit
|
|
|
|
|
|
|
|
update_and_clean_packages
|
|
|
|
|
|
|
|
local build_type
|
|
|
|
local package_ext
|
2022-09-26 13:44:36 +00:00
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
[[ -e /etc/os-release ]] && . /etc/os-release
|
|
|
|
case "${ID:-}" in
|
|
|
|
debian)
|
|
|
|
build_type="debian"
|
|
|
|
package_ext="deb"
|
|
|
|
;;
|
|
|
|
fedora)
|
|
|
|
build_type="rhel"
|
|
|
|
package_ext="rpm"
|
|
|
|
;;
|
|
|
|
ubuntu)
|
|
|
|
build_type="universal"
|
|
|
|
package_ext="deb"
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
case "${ID_LIKE:-}" in
|
|
|
|
*rhel*)
|
|
|
|
build_type="rhel"
|
|
|
|
package_ext="rpm"
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo "Unable to determine OS. Please install from source!"
|
|
|
|
exit 255
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
;;
|
|
|
|
esac
|
2022-09-26 13:44:36 +00:00
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
local cloud_init_package="cloud-init_${build_type}_${release_version}.${package_ext}"
|
|
|
|
wget -O "/tmp/${cloud_init_package}" "https://ewr1.vultrobjects.com/cloud_init_beta/${cloud_init_package}"
|
2022-09-26 13:44:36 +00:00
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
case "${package_ext}" in
|
|
|
|
rpm)
|
|
|
|
yum install -y "/tmp/${cloud_init_package}"
|
|
|
|
;;
|
|
|
|
deb)
|
|
|
|
apt_safe "/tmp/${cloud_init_package}"
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo "Unable to determine package installation method."
|
|
|
|
exit 255
|
|
|
|
;;
|
|
|
|
esac
|
2022-09-26 13:44:36 +00:00
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
rm -f "/tmp/${cloud_init_package}"
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
cleanup_cloudinit()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
rm -rf \
|
|
|
|
/etc/cloud \
|
|
|
|
/etc/systemd/system/cloud-init.target.wants/* \
|
|
|
|
/lib/systemd/system/cloud* \
|
|
|
|
/run/cloud-init \
|
|
|
|
/usr/bin/cloud* \
|
|
|
|
/usr/lib/cloud* \
|
|
|
|
/usr/local/bin/cloud* \
|
|
|
|
/usr/src/cloud* \
|
|
|
|
/var/log/cloud*
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
clean_tmp()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
mkdir -p /tmp
|
|
|
|
chmod 1777 /tmp
|
|
|
|
rm -rf /tmp/* /var/tmp/*
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
clean_keys()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
rm -f /root/.ssh/authorized_keys /etc/ssh/*key*
|
|
|
|
touch /etc/ssh/revoked_keys
|
|
|
|
chmod 600 /etc/ssh/revoked_keys
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
clean_logs()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
find /var/log -mtime -1 -type f -exec truncate -s 0 {} \;
|
|
|
|
rm -rf \
|
|
|
|
/var/log/*.[0-9] \
|
|
|
|
/var/log/*.gz \
|
|
|
|
/var/log/*.log \
|
|
|
|
/var/log/lastlog \
|
|
|
|
/var/log/wtmp
|
2022-09-26 13:44:36 +00:00
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
: > /var/log/auth.log
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
clean_history()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
history -c
|
|
|
|
: > /root/.bash_history
|
|
|
|
unset HISTFILE
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
clean_mloc()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
/usr/bin/updatedb || true
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
clean_random()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
rm -f /var/lib/systemd/random-seed
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
clean_machine_id()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
[[ -e /etc/machine-id ]] && : > /etc/machine-id
|
|
|
|
[[ -e /var/lib/dbus/machine-id ]] && : > /var/lib/dbus/machine-id
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
clean_free_space()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
dd if=/dev/zero of=/zerofile || true
|
|
|
|
sync
|
|
|
|
rm -f /zerofile
|
|
|
|
sync
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
trim_ssd()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
fstrim / || true
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
cleanup_marketplace_scripts()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
rm -f /root/*.sh
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
disable_network_manager()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
2023-02-23 08:42:55 +00:00
|
|
|
## Disable NetworkManager, replace with network-scripts
|
|
|
|
systemctl disable --now NetworkManager
|
|
|
|
sed -i \
|
|
|
|
-e 's/^ONBOOT.*/ONBOOT=yes/g' \
|
|
|
|
-e 's/^NM_CONTROLLED.*/NM_CONTROLLED=no/g' /etc/sysconfig/network-scripts/ifcfg-*
|
|
|
|
yum install -y network-scripts
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
clean_system()
|
2022-09-26 13:44:36 +00:00
|
|
|
{
|
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
update_and_clean_packages
|
|
|
|
set_vultr_kernel_option
|
|
|
|
clean_tmp
|
|
|
|
clean_keys
|
|
|
|
clean_logs
|
|
|
|
clean_history
|
|
|
|
clean_random
|
|
|
|
clean_machine_id
|
|
|
|
clean_mloc
|
|
|
|
clean_free_space
|
|
|
|
trim_ssd
|
2022-09-26 13:44:36 +00:00
|
|
|
|
2023-02-23 08:42:55 +00:00
|
|
|
cleanup_marketplace_scripts
|
2022-09-26 13:44:36 +00:00
|
|
|
}
|