2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-12-25 12:41:39 +00:00

Fix more RHV4 issues with the profile

This commit is contained in:
Jarrod Johnson 2020-06-18 14:28:44 -04:00
parent b6c017ef1a
commit ad5faf144e
2 changed files with 6 additions and 3 deletions

View File

@ -10,15 +10,17 @@ cp -a /tls /sysroot/etc/confluent
sed -i 's/install::/install:*:/' /sysroot/etc/shadow
sed -i 's/root::/root:*:/' /sysroot/etc/shadow
mkdir -p /sysroot/root/.ssh
chmod 700 /sysroot/root/.ssh
#chmod 700 /sysroot/root/.ssh
cat /ssh/*.rootpubkey > /sysroot/root/.ssh/authorized_keys
chmod 600 /sysroot/root/.ssh/authorized_keys
#chmod 600 /sysroot/root/.ssh/authorized_keys
mkdir -p /sysroot/etc/ssh/
for i in /ssh/*.ca; do
echo '@cert-authority *' $(cat $i) >> /sysroot/etc/ssh/ssh_known_hosts
done
cp /etc/confluent/confluent.apikey /sysroot/etc/
cp /etc/confluent/confluent.apikey /sysroot/etc/confluent/
cp /etc/confluent/confluent.deploycfg /sysroot/etc/
cp /tmp/confluent.deploycfg /sysroot/etc/
cp /tmp/confluent.deploycfg /sysroot/etc/confluent
cp /opt/confluent/bin/apiclient /sysroot/etc/confluent
cp /tmp/confluent.deploycfg /etc/confluent/* /sysroot/etc/confluent
cp /etc/confluent/confluent.info /sysroot/etc/

View File

@ -30,6 +30,7 @@ if [ "$grubpw" = "null" ]; then
else
echo "bootloader --iscrypted --password=$grubpw" > /tmp/grubpw
fi
ssh-keygen -A
for pubkey in /etc/ssh/ssh_host*key.pub; do
certfile=${pubkey/.pub/-cert.pub}
curl -f -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $(cat /etc/confluent.apikey)" -d @$pubkey https://$mgr/confluent-api/self/sshcert > $certfile