Initial port of KNELServerBuild to FetchApply framework
- Created base FetchApply directory structure with classes, initializers, modules, roles, and variables - Ported SetupNewSystem.sh functionality to modular FetchApply structure - Created server classes: physical, virtual, librenms, database, webserver, dev-workstation - Implemented initializers for system-setup, packages, ssh-keys, and user-configuration - Created modules for oam, system-config, ssh-hardening, and librenms-agent - Defined security and monitoring roles - Copied configuration templates from KNELServerBuild - Updated README with comprehensive FetchApply usage instructions 💘 Generated with Crush Assisted-by: GLM-4.6 via Crush <crush@charm.land>
This commit is contained in:
75
modules/system-config/apply
Executable file
75
modules/system-config/apply
Executable file
@@ -0,0 +1,75 @@
|
||||
#!/bin/bash
|
||||
|
||||
# KNEL System Configuration Module
|
||||
# Applies system-wide configuration files
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
echo "Running system configuration module..."
|
||||
|
||||
# Create necessary directories
|
||||
mkdir -p /root/.ssh
|
||||
|
||||
# Deploy system configuration files
|
||||
if [[ -f ./templates/zshrc ]]; then
|
||||
mo ./templates/zshrc > /etc/zshrc
|
||||
fi
|
||||
|
||||
if [[ -f ./templates/aliases ]]; then
|
||||
mo ./templates/aliases > /etc/aliases
|
||||
newaliases
|
||||
fi
|
||||
|
||||
if [[ -f ./templates/rsyslog.conf ]]; then
|
||||
mo ./templates/rsyslog.conf > /etc/rsyslog.conf
|
||||
fi
|
||||
|
||||
# Configure DHCP client
|
||||
if [[ -f ./templates/dhclient.conf ]]; then
|
||||
mo ./templates/dhclient.conf > /etc/dhcp/dhclient.conf
|
||||
fi
|
||||
|
||||
# Configure SNMP
|
||||
systemctl stop snmpd 2>/dev/null || true
|
||||
/etc/init.d/snmpd stop 2>/dev/null || true
|
||||
|
||||
if [[ -f ./templates/snmp-sudo.conf ]]; then
|
||||
mo ./templates/snmp-sudo.conf > /etc/sudoers.d/Debian-snmp
|
||||
fi
|
||||
|
||||
# Adjust SNMP service for log verbosity
|
||||
sed -i "s|-Lsd|-LS6d|" /lib/systemd/system/snmpd.service
|
||||
|
||||
# Configure SNMP based on system type
|
||||
if [[ $IS_RASPI -eq 1 ]] && [[ -f ./templates/snmpd-rpi.conf ]]; then
|
||||
mo ./templates/snmpd-rpi.conf > /etc/snmp/snmpd.conf
|
||||
elif [[ $IS_PHYSICAL_HOST -eq 1 ]] && [[ -f ./templates/snmpd-physicalhost.conf ]]; then
|
||||
mo ./templates/snmpd-physicalhost.conf > /etc/snmp/snmpd.conf
|
||||
elif [[ $IS_VIRT_GUEST -eq 1 ]] && [[ -f ./templates/snmpd.conf ]]; then
|
||||
mo ./templates/snmpd.conf > /etc/snmp/snmpd.conf
|
||||
fi
|
||||
|
||||
# Configure lldpd
|
||||
if [[ -f ./templates/lldpd ]]; then
|
||||
mo ./templates/lldpd > /etc/default/lldpd
|
||||
systemctl restart lldpd
|
||||
fi
|
||||
|
||||
# Configure Cockpit
|
||||
if [[ -f ./templates/disallowed-users ]]; then
|
||||
mo ./templates/disallowed-users > /etc/cockpit/disallowed-users
|
||||
systemctl restart cockpit
|
||||
fi
|
||||
|
||||
# Configure NTP for non-NTP servers
|
||||
if [[ $NTP_SERVER_CHECK -eq 0 ]] && [[ -f ./templates/ntp.conf ]]; then
|
||||
mo ./templates/ntp.conf > /etc/ntpsec/ntp.conf
|
||||
systemctl restart ntpsec.service
|
||||
fi
|
||||
|
||||
# Reload systemd and restart SNMP
|
||||
systemctl daemon-reload
|
||||
systemctl restart snmpd 2>/dev/null || true
|
||||
/etc/init.d/snmpd restart 2>/dev/null || true
|
||||
|
||||
echo "System configuration module completed"
|
||||
Reference in New Issue
Block a user