Everbrent/cis
9
0
Fork 0
mirror of https://github.com/m8tin/cis.git synced 2025-12-06 15:58:26 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f1df97c5b714bea0b321c7f1420dd3c4a2e56ba4
cis/prepareDefinitionsRepository.sh
m8in 4f31db9237 execution bit added
2025-02-15 18:44:09 +01:00

84 lines
2.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
[ "$(id -u)" == "0" ] \
&& echo "This script prepares the content of the repository for the definitions." \
&& echo "You have run it as root, please run it with a user who has write access to the Git server." \
&& echo \
&& echo "Do not use the SSH key of root for this." \
&& echo \
&& exit 1
_BOOT_HOSTNAME="$(hostname -b)"
_BOOT_DOMAIN="${_BOOT_HOSTNAME#*.}" #Removes shortest matching pattern '*.' from the begin to get the domain
[ -z "${_BOOT_DOMAIN}" ] \
&& echo "It was impossible to find out the domain of this host, please prepare this host first." \
&& exit 1
_REOPSITORY_NAME="cis-definition-${_BOOT_DOMAIN}"
#Generate file 'README.md'
mkdir -p /tmp/skeleton/definition
cat << EOF > /tmp/skeleton/definition/README.md
#$_REOPSITORY_NAME
Central Infrastructure System's definition of domain $_BOOT_DOMAIN
EOF
#Generate sudoers file 'allow-jenkins-updateRepositories'
mkdir -p /tmp/skeleton/definition/core/all/etc/sudoers.d
cat << EOF > /tmp/skeleton/definition/core/all/etc/sudoers.d/allow-jenkins-updateRepositories
Cmnd_Alias C_JENKINS = \\
/cis/updateRepositories.sh --core, \\
/cis/updateRepositories.sh --scripts, \\
/cis/updateRepositories.sh --definitions, \\
/cis/updateRepositories.sh --states
jenkins ALL = (root) NOPASSWD: C_JENKINS
EOF
#Generate file 'authorized_keys' for user jenkins
mkdir -p /tmp/skeleton/definition/core/all/home/jenkins/.ssh
cat << EOF > /tmp/skeleton/definition/core/all/home/jenkins/.ssh/authorized_keys
#------------------------------------------------------
# Enter the public ssh key of your jenkins server here.
#------------------------------------------------------
EOF
#Use current file 'authorized_keys' of root as definition
mkdir -p /tmp/skeleton/definition/core/all/root/.ssh
cp /root/.ssh/authorized_keys /tmp/skeleton/definition/core/all/root/.ssh/authorized_keys
cat << EOF
The first content for your repository for the definitions of the '$_BOOT_DOMAIN' domain has been created.
Please create a definition repository.
To follow the naming convention name it '$_REOPSITORY_NAME'
Go to folder '/tmp/skeleton/definition' and check the content of all 'authorized_keys' files,
correct them if required to prevent losing access to your hosts.
The public ssh key of your jenkins server has to be added.
Only now follow the instructions as our git server shows.
For example:
git init
git checkout -b main
git add .
git commit -m "first core definitions"
git remote add origin ssh://git@git.example.dev:22448/$_REOPSITORY_NAME.git
git push -u origin main
EOF
Reference in New Issue View Git Blame Copy Permalink