moeny/kvm
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
f2a9bfe8d5
kvm/bolt_vm_automation/tasks/system_setup_alpine.sh

68 lines
2.5 KiB
Bash
Raw Blame History

#!/bin/bash
# Using Bolt's environment variables
IP="${PT_ip_with_cidr}"
HOSTNAME="${PT_hostname}"
DHCP="${PT_dhcp}"
GATEWAY_IP="${PT_gateway_ip}"
NAMESERVER1="${PT_nameserver1}"
NAMESERVER2="${PT_nameserver2}"
NAMESERVER3="${PT_nameserver3}"
STAGING_IP="${PT_staging_ip}"
# Check if all required parameters are provided
if [ -z "$IP" ] || [ -z "$HOSTNAME" ] || [ -z "$DHCP" ] || [ -z "$GATEWAY_IP" ] || [ -z "$NAMESERVER1" ] || [ -z "$NAMESERVER2" ] || [ -z "$NAMESERVER3" ]; then
echo '{"status": "failure", "message": "Missing required parameters. All parameters must be provided."}'
exit 1
fi
# Install required packages
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "apk add --no-cache iptables"
# Configure iptables rules
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "iptables -A INPUT -p tcp --dport 22 -s 100.40.223.128/26 -j ACCEPT && \
iptables -A INPUT -p tcp --dport 22 -s 173.62.109.73/32 -j ACCEPT && \
iptables -A INPUT -p tcp --dport 22 -s 10.0.0.0/8 -j ACCEPT && \
iptables -A INPUT -p tcp --dport 22 -j DROP"
# Save iptables rules
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rc-service iptables save"
# Configure network
if [ "$DHCP" = "false" ]; then
# Create network configuration directly on VM
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "cat > /etc/network/interfaces << 'EOF'
auto eth0
iface eth0 inet static
address ${IP}
gateway ${GATEWAY_IP}
EOF"
fi
# Configure DNS directly on VM
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "cat > /etc/resolv.conf << 'EOF'
nameserver ${NAMESERVER1}
nameserver ${NAMESERVER2}
nameserver ${NAMESERVER3}
EOF"
# Set hostname
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "echo '${HOSTNAME}' > /etc/hostname"
# Update /etc/hosts
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "sed -i 's/127.0.0.1.*/127.0.0.1\t${HOSTNAME}/' /etc/hosts"
# Enable and start iptables service
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rc-update add iptables default && rc-service iptables start"
# Generate new SSH host keys
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rm /etc/ssh/ssh_host_* && \
ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N \"\" && \
ssh-keygen -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_key -N \"\" && \
ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N \"\""
echo '{"status": "success", "message": "System configuration completed successfully"}'
# Reboot the system
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "nohup sh -c '(sleep 2 && reboot) &' > /dev/null 2>&1"
exit 0
Reference in New Issue View Git Blame Copy Permalink