From 1125e4c712cf1122649fefad2e19963bbd8de5a3 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 8 Aug 2022 14:23:01 -0400 Subject: [PATCH] Advance concetpual debian support --- .../S25confluentinit | 2 +- .../debian/profiles/default/scripts/pre.sh | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 confluent_osdeploy/debian/profiles/default/scripts/pre.sh diff --git a/confluent_osdeploy/debian/initramfs/lib/debian-installer-startup.d/S25confluentinit b/confluent_osdeploy/debian/initramfs/lib/debian-installer-startup.d/S25confluentinit index f5b0c350..64859809 100644 --- a/confluent_osdeploy/debian/initramfs/lib/debian-installer-startup.d/S25confluentinit +++ b/confluent_osdeploy/debian/initramfs/lib/debian-installer-startup.d/S25confluentinit @@ -42,10 +42,10 @@ cd $predir profile=$(grep ^profile: /etc/confluent/deploycfg|cut -d ' ' -f 2) wget https://$mgr/confluent-public/os/$profile/scripts/pre.sh chmod u+x pre.sh -setdebopt preseed/early_command $predir/pre.sh string wget https://$mgr/confluent-public/os/$profile/preseed.cfg mv preseed.cfg / setdebopt auto-install/enable true boolean +setdebopt partman/early_command $predir/pre.sh string cd - ip -4 a flush dev $nic setdebopt netcfg/choose_interface $nic select diff --git a/confluent_osdeploy/debian/profiles/default/scripts/pre.sh b/confluent_osdeploy/debian/profiles/default/scripts/pre.sh new file mode 100644 index 00000000..85347f59 --- /dev/null +++ b/confluent_osdeploy/debian/profiles/default/scripts/pre.sh @@ -0,0 +1,18 @@ +anna-install openssh-server-udeb +mkdir -p ~/.ssh/ +cat /ssh/*pubkey > ~/.ssh/authorized_keys +ssh-keygen -A +mgr=$(grep ^MANAGER:.*\\. /etc/confluent/confluent.info|head -n 1|cut -d: -f 2|sed -e 's/ //') +nodename=$(grep ^NODENAME: /etc/confluent/confluent.info|head -n 1|cut -d: -f 2|sed -e 's/ //') +apikey=$(cat /etc/confluent/confluent.apikey) +for pubkey in /etc/ssh/ssh_host*key.pub; do + certfile=${pubkey%.pub}-cert.pub + keyfile=${pubkey%.pub} + wget --post-file=$pubkey --header='CONFLUENT_NODENAME: '$nodename --header="CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/sshcert -O $certfile + echo HostKey $keyfile >> /etc/ssh/sshd_config + echo HostCertificate $certfile >> /etc/ssh/sshd_config +done + +echo sshd:x:939:939::/: >> /etc/passwd +/usr/sbin/sshd +