Fix osdeploy initialize dependency on master key

Make sure confluent has made /etc/confluent, and further always initialize the encryption key, as it will almost certainly be needed and easiest to just always generate on first startup.
2024-11-22 01:22:00 +00:00 · 2022-02-08 16:40:41 -05:00 · 2022-02-08 16:40:41 -05:00 · b809514ef9
commit b809514ef9
parent b1032d8c4c
2 changed files with 16 additions and 8 deletions
--- a/confluent_server/bin/osdeploy
+++ b/confluent_server/bin/osdeploy
@ -121,6 +121,9 @@ def init_confluent_myname():
        return
    mynamedone = True
    hasconfluentuser = None
+    neededuid = os.stat('/etc/confluent').st_uid
+    if neededuid == 0:
+        return
    try:
        hasconfluentuser = pwd.getpwnam('confluent')
    except KeyError:
@ -247,6 +250,17 @@ def initialize(cmdset):
                'subject.')
    else:
        didsomething = False
+    if not os.path.exists('/etc/confluent'):
+        sys.stderr.write('Start confluent service prior to initializng OS deployment\n')
+        sys.exit(1)
+    if cmdset.t or cmdset.s or cmdset.a or cmdset.u:
+        neededuid = os.stat('/etc/confluent').st_uid
+        try:
+            os.makedirs('/var/lib/confluent')
+            os.chown('/var/lib/confluent', neededuid, -1)
+        except OSError as e:
+            if e.errno != 17:
+                raise
    if cmdset.u:
        didsomething = True
        if not glob.glob('/root/.ssh/*.pub'):
@ -258,14 +272,6 @@ def initialize(cmdset):
            sys.exit(1)
        init_confluent_myname()
        sshutil.initialize_root_key(False)
-    if cmdset.t or cmdset.s or cmdset.a or cmdset.u:
-        neededuid = os.stat('/etc/confluent').st_uid
-        try:
-            os.makedirs('/var/lib/confluent')
-            os.chown('/var/lib/confluent', neededuid, -1)
-        except OSError as e:
-            if e.errno != 17:
-                raise
    if cmdset.t:
        didsomething = True
        init_confluent_myname()
--- a/confluent_server/confluent/main.py
+++ b/confluent_server/confluent/main.py
@ -272,6 +272,8 @@ def run(args):
    if not confluentuuid:
        confluentuuid = str(uuid.uuid4())
        configmanager.set_global('confluent_uuid', confluentuuid)
+    if not configmanager._masterkey:
+        configmanager.init_masterkey()
    if dbgif:
        oumask = os.umask(0o077)
        try: