PFV Infra 2.0, here we go...
This commit is contained in:
@ -1,93 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
#######################################################################################################################################################
|
||||
#Boilerplate notes
|
||||
# This code serves as highly robust, well tested, boilerplate entrypoint control logic code which is able to handle execution across #multiple distributions
|
||||
# and versions (centos/ubuntu) (presumiong you have the distro script installed
|
||||
|
||||
#######################################################################################################################################################
|
||||
|
||||
|
||||
#######################################################################################################################################################
|
||||
#Step 1: determine our mgmt interface,ip address,environment subnet,domain name
|
||||
#######################################################################################################################################################
|
||||
|
||||
#99% of the time eth0 is mgmt int and has a default route. But not always. Hence the need for this code:
|
||||
export DEFAULT_ROUTE=$(netstat -rn |grep 0.0.0.0|awk '{print $NF}' |head -n1 )
|
||||
|
||||
#Vince - added because the MGMT_INT is referred to in the MGMT_IP line below
|
||||
export MGMT_INT=$(netstat -rn |grep 0.0.0.0|awk '{print $NF}' |head -n1 )
|
||||
|
||||
export MGMT_IP=$(ifconfig $MGMT_INT|grep 'inet addr'|awk -F ':' '{print $2}'|awk '{print $1}')
|
||||
export IP=$(echo $MGMT_IP|awk -F '.' '{print $2}')
|
||||
export DOMAIN_NAME=$(hostname -d)
|
||||
|
||||
#######################################################################################################################################################
|
||||
#Step 2: Fixup the /etc/hosts file , this is the root of much evil
|
||||
#######################################################################################################################################################
|
||||
#Static /etc/hosts bits
|
||||
|
||||
#Dynamic /etc/hosts bits
|
||||
#added -s to hostname to account for FQDN in ks file
|
||||
|
||||
export FULLHOST=$(hostname -f)
|
||||
export SHORTHOST=$(hostname -s)
|
||||
|
||||
cat > /etc/hosts <<HOSTFILEDYNAMIC
|
||||
127.0.1.1 $FULLHOST $SHORTHOST
|
||||
$MGMT_IP $FULLHOST $SHORTHOST
|
||||
HOSTFILEDYNAMIC
|
||||
|
||||
cat >> /etc/hosts << HOSTFILESTATIC
|
||||
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
|
||||
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
|
||||
HOSTFILESTATIC
|
||||
|
||||
#######################################################################################################################################################
|
||||
#Step 3: determine distro
|
||||
#######################################################################################################################################################
|
||||
DISTRO_TYPE="$(distro |awk '{print $1}'|tr '[:upper:]' '[:lower:]')"
|
||||
DISTRO_VERSION=$(distro |awk '{print $2}'|awk -F '.' '{print $1}')
|
||||
|
||||
|
||||
#######################################################################################################################################################
|
||||
#Step 4: Register system with librenms
|
||||
#######################################################################################################################################################
|
||||
CURL_STRING="{\"hostname\":\"$(hostname -f)\",\"version\":\"v2c\",\"community\":\"$SNMP_COMMUNITY\"}"
|
||||
|
||||
curl \
|
||||
--insecure \
|
||||
-X POST \
|
||||
-d $CURL_STRING \
|
||||
-H 'X-Auth-Token: $TOKEN' \
|
||||
$LIBRENMS_ENDPOPINT/api/v0/devices
|
||||
|
||||
#######################################################################################################################################################
|
||||
#Step 5: Call a rundeck job
|
||||
#######################################################################################################################################################
|
||||
curl \
|
||||
--insecure \
|
||||
-X POST \
|
||||
-H 'X-Rundeck-Auth-Token: $RUNDECK_TOKEN' \
|
||||
$RDECK_BASE_URL/job/$JOB_ID/run
|
||||
|
||||
#######################################################################################################################################################
|
||||
#Step 6: Do stuff based on distribution type and version
|
||||
#######################################################################################################################################################
|
||||
|
||||
|
||||
if [ $DISTRO_TYPE == "centos" ] && [ $DISTRO_VERSION == 6 ] ;
|
||||
then
|
||||
c6stuff
|
||||
fi
|
||||
|
||||
if [ $DISTRO_TYPE == "centos" ] && [ $DISTRO_VERSION == 7 ] ;
|
||||
then
|
||||
c7stuff
|
||||
fi
|
||||
|
||||
if [ $DISTRO_TYPE == "ubuntu" ] && [ $DISTRO_VERSION == 14 ] ;
|
||||
then
|
||||
ub14stuff
|
||||
fi
|
||||
|
267
newSrv.sh
267
newSrv.sh
@ -1,54 +1,259 @@
|
||||
#!/bin/bash
|
||||
|
||||
#curl -s http://dl.turnsys.net/newSrv.sh|/bin/bash
|
||||
|
||||
apt-get -y --purge remove nano
|
||||
apt-get -y install ntp ntpdate
|
||||
systemctl stop ntp
|
||||
ntpdate 10.251.37.5
|
||||
apt-get update
|
||||
apt-get -y full-upgrade
|
||||
apt-get -y install glances htop dstat snmpd screen lldpd lsb-release libpcre2-dev libevent-dev
|
||||
# Standard strict mode and error handling boilderplate...
|
||||
|
||||
set -eEu
|
||||
set -o pipefail
|
||||
set -o functrace
|
||||
|
||||
export PS4='(${BASH_SOURCE}:${LINENO}): - [${SHLVL},${BASH_SUBSHELL},$?] $ '
|
||||
|
||||
function handle_failure() {
|
||||
local lineno=$2
|
||||
local fn=$3
|
||||
local exitstatus=$4
|
||||
local msg=$5
|
||||
local lineno_fns=${1% 0}
|
||||
if [[ "$lineno_fns" != "0" ]] ; then
|
||||
lineno="${lineno} ${lineno_fns}"
|
||||
fi
|
||||
echo "${BASH_SOURCE[1]}: Function: ${fn} Line Number : [${lineno}] Failed with status ${exitstatus}: $msg"
|
||||
}
|
||||
|
||||
trap 'handle_failure "${BASH_LINENO[*]}" "$LINENO" "${FUNCNAME[*]:-script}" "$?" "$BASH_COMMAND"' ERR
|
||||
|
||||
|
||||
# Start actual script logic here...
|
||||
|
||||
|
||||
function global-configureAptRepos()
|
||||
|
||||
{
|
||||
|
||||
echo "Now running $FUNCNAME...."
|
||||
|
||||
echo "deb http://download.webmin.com/download/repository sarge contrib" > /etc/apt/sources.list.d/webmin.list
|
||||
curl --insecure -s https://webmin.com/jcameron-key.asc | gpg --dearmor >/etc/apt/trusted.gpg.d/jcameron-key.gpg
|
||||
|
||||
echo "deb https://packages.cisofy.com/community/lynis/deb/ stable main" > /etc/apt/sources.list.d/cisofy-lynis.list
|
||||
curl --insecure -s https://packages.cisofy.com/keys/cisofy-software-public.key | apt-key add -
|
||||
|
||||
|
||||
echo "Completed running $FUNCNAME"
|
||||
|
||||
}
|
||||
|
||||
function global-shellScripts()
|
||||
|
||||
{
|
||||
|
||||
echo "Now running $FUNCNAME...."
|
||||
|
||||
cp distro /usr/local/bin/distro && chmod +x /usr/local/bin/distro
|
||||
cp up2date.sh /usr/local/bin/up2date.sh && chmod +x /usr/local/bin/up2date.sh
|
||||
|
||||
echo "Completed running $FUNCNAME"
|
||||
|
||||
}
|
||||
|
||||
function global-profileScripts()
|
||||
{
|
||||
|
||||
echo "Now running $FUNCNAME...."
|
||||
|
||||
cp profiled-tsys-shell.sh /etc/profile.d/tsys-shell.sh
|
||||
cp profiled-tmux.sh /etc/profile.d/tmux.sh
|
||||
|
||||
echo "Completed running $FUNCNAME"
|
||||
|
||||
}
|
||||
|
||||
|
||||
function global-oam()
|
||||
|
||||
{
|
||||
|
||||
echo "Now running $FUNCNAME...."
|
||||
|
||||
rm -rf /usr/local/librenms-agent
|
||||
cp librenms.tar.gz /usr/local/librenms.tar.gz
|
||||
cd /usr/local && tar xfz librenms.tar.gz && rm -f /usr/local/librenms.tar.gz
|
||||
cd -
|
||||
|
||||
curl -s http://dl.turnsys.net/librenms-agent/distro > /usr/local/bin/distro
|
||||
chmod +x /usr/local/bin/distro
|
||||
echo "Completed running $FUNCNAME"
|
||||
|
||||
curl -s http://dl.turnsys.net/librenms.tar.gz > /usr/local/librenms.tar.gz
|
||||
cd /usr/local ; tar xfs librenms.tar.gz
|
||||
}
|
||||
|
||||
systemctl stop snmpd ; curl -s http://dl.turnsys.net/snmpd.conf > /etc/snmp/snmpd.conf
|
||||
|
||||
sed -i "s|-Lsd|-LS6d|" /lib/systemd/system/snmpd.service
|
||||
systemctl daemon-reload
|
||||
systemctl restart snmpd
|
||||
if [[ ! -f /root/ntpserver ]]; then
|
||||
cp ntp.conf /etc/ntp.conf
|
||||
export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes -o Dpkg::Options::="--force-confold" install ntp ntpdate
|
||||
systemctl stop ntp && ntpdate pfv-dc-02.turnsys.net && systemctl start ntp
|
||||
fi
|
||||
|
||||
/etc/init.d/rsyslog stop
|
||||
function global-systemServiceConfigurationFiles()
|
||||
|
||||
{
|
||||
|
||||
echo "Now running $FUNCNAME...."
|
||||
|
||||
|
||||
cp aliases /etc/aliases
|
||||
cp rsyslog.conf /etc/rsyslog.conf
|
||||
|
||||
#Need to root cause why this breaks DNS.... look in legacy code to find DNS handle/fix bits and merge here...
|
||||
#curl -s http://dl.turnsys.net/resolv.conf > /etc/resolv.conf
|
||||
|
||||
cp nsswitch.conf /etc/nsswitch.conf
|
||||
|
||||
|
||||
if [ ! -d /root/.ssh ]; then
|
||||
mkdir /root/.ssh/
|
||||
fi
|
||||
|
||||
if [ ! -L /root/.ssh/authorized_keys ]; then
|
||||
cp ssh-authorized-keys /root/.ssh/authorized_keys && chmod 400 /root/.ssh/authorized_keys
|
||||
fi
|
||||
|
||||
echo "Completed running $FUNCNAME"
|
||||
|
||||
}
|
||||
|
||||
function global-installPackages()
|
||||
|
||||
{
|
||||
|
||||
echo "Now running $FUNCNAME...."
|
||||
|
||||
cat <<EOF> /etc/rsyslog.conf
|
||||
# /etc/rsyslog.conf configuration file for rsyslog
|
||||
#
|
||||
# For more information install rsyslog-doc and see
|
||||
# /usr/share/doc/rsyslog-doc/html/configuration/index.html
|
||||
#Ensure system time is correct, otherwise can't install packages...
|
||||
#
|
||||
|
||||
|
||||
#################
|
||||
#### MODULES ####
|
||||
#################
|
||||
|
||||
module(load="imuxsock") # provides support for local system logging
|
||||
module(load="imklog") # provides kernel logging support
|
||||
#module(load="immark") # provides --MARK-- message capability
|
||||
#
|
||||
#Patch the system
|
||||
#
|
||||
|
||||
*.* @10.251.30.1:514
|
||||
EOF
|
||||
/usr/local/bin/up2date.sh
|
||||
|
||||
/etc/init.d/rsyslog start
|
||||
logger "hi hi from $(hostname)"
|
||||
#
|
||||
#Remove stuff we don't want, add stuff we do want
|
||||
#
|
||||
|
||||
export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes -o Dpkg::Options::="--force-confold" --purge remove nano
|
||||
|
||||
MAIL_HOST="$(hostname -f)"
|
||||
debconf-set-selections <<< "postfix postfix/mailname string $MAIL_HOST"
|
||||
debconf-set-selections <<< "postfix postfix/main_mailer_type string Internet with smarthost"
|
||||
debconf-set-selections <<< "postfix postfix/relayhost string pfv-toolbox.turnsys.net"
|
||||
|
||||
export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes -o Dpkg::Options::="--force-confold" install \
|
||||
htop \
|
||||
dstat \
|
||||
snmpd \
|
||||
ncdu \
|
||||
iftop \
|
||||
acct \
|
||||
nethogs \
|
||||
sysstat \
|
||||
ngrep \
|
||||
lsb-release \
|
||||
screen \
|
||||
tmux \
|
||||
lldpd \
|
||||
net-tools \
|
||||
gpg \
|
||||
molly-guard \
|
||||
lshw \
|
||||
sudo \
|
||||
mailutils \
|
||||
clamav \
|
||||
sl \
|
||||
rsyslog \
|
||||
logwatch \
|
||||
git \
|
||||
rsync \
|
||||
tshark \
|
||||
tcpdump \
|
||||
lynis \
|
||||
qemu-guest-agent \
|
||||
zsh \
|
||||
sssd \
|
||||
sssd-ad \
|
||||
krb5-user \
|
||||
samba \
|
||||
autofs \
|
||||
adcli \
|
||||
telnet \
|
||||
postfix \
|
||||
webmin
|
||||
|
||||
bash <(curl -Ss https://my-netdata.io/kickstart.sh) --dont-wait
|
||||
cp netdata-stream.conf /opt/netdata/etc/netdata && systemctl stop netdata && systemctl start netdata
|
||||
|
||||
echo "Completed running $FUNCNAME"
|
||||
|
||||
}
|
||||
|
||||
function global-postPackageConfiguration()
|
||||
|
||||
{
|
||||
|
||||
echo "Now running $FUNCNAME...."
|
||||
|
||||
###Post package deployment bits
|
||||
systemctl stop snmpd && /etc/init.d/snmpd stop
|
||||
sed -i "s|-Lsd|-LS6d|" /lib/systemd/system/snmpd.service
|
||||
cp snmpd.conf /etc/snmp/snmpd.conf
|
||||
systemctl daemon-reload && systemctl restart snmpd && /etc/init.d/snmpd restart
|
||||
|
||||
systemctl stop rsyslog && systemctl start rsyslog && logger "hi hi from $(hostname)"
|
||||
|
||||
systemctl restart ntp
|
||||
systemctl restart postfix
|
||||
|
||||
accton on
|
||||
|
||||
echo "Completed running $FUNCNAME"
|
||||
|
||||
}
|
||||
|
||||
##################################################
|
||||
# Things todo on all TSYS systems
|
||||
##################################################
|
||||
|
||||
####################################################################################################
|
||||
#Download configs and support bits to onfigure things in the TSYS standard model
|
||||
####################################################################################################
|
||||
|
||||
global-configureAptRepos
|
||||
global-shellScripts
|
||||
global-profileScripts
|
||||
global-oam
|
||||
global-systemServiceConfigurationFiles
|
||||
|
||||
|
||||
####################################################################################################
|
||||
#Install packages and preserve existing configs...
|
||||
####################################################################################################
|
||||
global-installPackages
|
||||
global-postPackageConfiguration
|
||||
|
||||
|
||||
##################################################
|
||||
# Things todo on certain types of systems
|
||||
##################################################
|
||||
|
||||
###
|
||||
# Proxmox servers
|
||||
###
|
||||
|
||||
###
|
||||
# Raspberry Pi
|
||||
###
|
||||
|
||||
###
|
||||
# Jetson nano
|
||||
###
|
||||
|
Reference in New Issue
Block a user