#!/bin/bash # Task to Configure the System on Alpine (alpine::system_setup) # Using Bolt's environment variables IP="${PT_ip_with_cidr}" HOSTNAME="${PT_hostname}" DHCP="${PT_dhcp}" GATEWAY_IP="${PT_gateway_ip}" NAMESERVER1="${PT_nameserver1}" NAMESERVER2="${PT_nameserver2}" NAMESERVER3="${PT_nameserver3}" STAGING_IP="${PT_staging_ip}" # Check if all required parameters are provided if [ -z "$IP" ] || [ -z "$HOSTNAME" ] || [ -z "$DHCP" ] || [ -z "$GATEWAY_IP" ] || [ -z "$NAMESERVER1" ] || [ -z "$NAMESERVER2" ] || [ -z "$NAMESERVER3" ]; then echo '{"status": "failure", "message": "Missing required parameters. All parameters must be provided."}' exit 1 fi # Install required packages ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "apk add --no-cache iptables" # Configure iptables rules ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "iptables -A INPUT -p tcp --dport 22 -s 100.40.223.128/26 -j ACCEPT && \ iptables -A INPUT -p tcp --dport 22 -s 10.0.0.0/8 -j ACCEPT && \ iptables -A INPUT -p tcp --dport 22 -j DROP" # Save iptables rules ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rc-service iptables save" # Configure network if [ "$DHCP" = "false" ]; then # Create network configuration directly on VM ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "cat > /etc/network/interfaces << 'EOF' auto eth0 iface eth0 inet static address ${IP} gateway ${GATEWAY_IP} EOF" fi # Configure DNS directly on VM ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "cat > /etc/resolv.conf << 'EOF' nameserver ${NAMESERVER1} nameserver ${NAMESERVER2} nameserver ${NAMESERVER3} EOF" # Set hostname ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "echo '${HOSTNAME}' > /etc/hostname" # Update /etc/hosts ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "sed -i 's/127.0.0.1.*/127.0.0.1\t${HOSTNAME}/' /etc/hosts" # Enable and start iptables service ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rc-update add iptables default && rc-service iptables start" # Generate new SSH host keys ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rm /etc/ssh/ssh_host_* && \ ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N \"\" && \ ssh-keygen -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_key -N \"\" && \ ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N \"\"" echo '{"status": "success", "message": "System configuration completed successfully"}' # Reboot the system ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "nohup sh -c '(sleep 2 && reboot) &' > /dev/null 2>&1" exit 0