mirror of
https://github.com/xcat2/confluent.git
synced 2024-11-27 03:49:57 +00:00
b67140248e
Use a more neutral name for the deployment server target. It is still ipv4 only for the moment, but easier to pull in ipv6 support when not having to change paths that don't care.
22 lines
1.3 KiB
Bash
Executable File
22 lines
1.3 KiB
Bash
Executable File
#!/bin/bash
|
|
deploycfg=/custom-installation/confluent/confluent.deploycfg
|
|
mgr=$(grep ^deploy_server $deploycfg|awk '{print $2}')
|
|
cat /custom-installation/ssh/*.rootpubkey > /root/.ssh/authorized_keys
|
|
nodename=$(grep ^NODENAME: /custom-installation/confluent/confluent.info|awk '{print $2}')
|
|
apikey=$(cat /custom-installation/confluent/confluent.apikey)
|
|
for pubkey in /etc/ssh/ssh_host*key.pub; do
|
|
certfile=${pubkey/.pub/-cert.pub}
|
|
keyfile=${pubkey%.pub}
|
|
curl -f -X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" -d @$pubkey https://$mgr/confluent-api/self/sshcert > $certfile
|
|
echo HostKey $keyfile >> /etc/ssh/sshd_config.d/confluent.conf
|
|
echo HostCertificate $certfile >> /etc/ssh/sshd_config.d/confluent.conf
|
|
done
|
|
echo HostbasedAuthentication yes >> /etc/ssh/sshd_config.d/confluent.conf
|
|
echo HostbasedUsesNameFromPacketOnly yes >> /etc/ssh/sshd_config.d/confluent.conf
|
|
echo IgnoreRhosts no >> /etc/ssh/sshd_config.d/confluent.conf
|
|
systemctl restart sshd
|
|
curl -f X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/nodelist > /tmp/allnodes
|
|
curl https://$mgr/confluent-public/confluent/util/getinstalldisk > /custom-installation/getinstalldisk
|
|
python3 /custom-installation/getinstalldisk
|
|
sed -i s!%%INSTALLDISK%%!/dev/$(cat /tmp/installdisk)! /autoinstall.yaml
|