kvm/bolt/vm_automation/alpine/tasks/system_setup.sh

#!/bin/bash
# Task to Configure the System on Alpine (alpine::system_setup)

# Using Bolt's environment variables
IP="${PT_ip_with_cidr}"
HOSTNAME="${PT_hostname}"
DHCP="${PT_dhcp}"
GATEWAY_IP="${PT_gateway_ip}"
NAMESERVER1="${PT_nameserver1}"
NAMESERVER2="${PT_nameserver2}"
NAMESERVER3="${PT_nameserver3}"
STAGING_IP="${PT_staging_ip}"

# Check if all required parameters are provided
if [ -z "$IP" ] || [ -z "$HOSTNAME" ] || [ -z "$DHCP" ] || [ -z "$GATEWAY_IP" ] || [ -z "$NAMESERVER1" ] || [ -z "$NAMESERVER2" ] || [ -z "$NAMESERVER3" ]; then
  echo '{"status": "failure", "message": "Missing required parameters. All parameters must be provided."}'
  exit 1
fi

# Install required packages
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "apk add --no-cache iptables"

# Configure iptables rules
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "iptables -A INPUT -p tcp --dport 22 -s 100.40.223.128/26 -j ACCEPT && \
  iptables -A INPUT -p tcp --dport 22 -s 10.0.0.0/8 -j ACCEPT && \
  iptables -A INPUT -p tcp --dport 22 -j DROP"

# Save iptables rules
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rc-service iptables save"

# Configure network
if [ "$DHCP" = "false" ]; then
  # Create network configuration directly on VM
  ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "cat > /etc/network/interfaces << 'EOF'
auto eth0
iface eth0 inet static
  address ${IP}
  gateway ${GATEWAY_IP}
EOF"
fi

# Configure DNS directly on VM
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "cat > /etc/resolv.conf << 'EOF'
nameserver ${NAMESERVER1}
nameserver ${NAMESERVER2}
nameserver ${NAMESERVER3}
EOF"

# Set hostname
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "echo '${HOSTNAME}' > /etc/hostname"

# Update /etc/hosts
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "sed -i 's/127.0.0.1.*/127.0.0.1\t${HOSTNAME}/' /etc/hosts"

# Enable and start iptables service
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rc-update add iptables default && rc-service iptables start"

# Generate new SSH host keys
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rm /etc/ssh/ssh_host_* && \
  ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N \"\" && \
  ssh-keygen -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_key -N \"\" && \
  ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N \"\""

echo '{"status": "success", "message": "System configuration completed successfully"}'

# Reboot the system
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "nohup sh -c '(sleep 2 && reboot) &' > /dev/null 2>&1"
exit 0