KNEL/LegacyTechops
2
0
Fork 0
Code Pull Requests Actions Packages Projects Releases Activity

lots of slack stuff

Browse Source
This commit is contained in:
Charles N Wyble - admin
2019-04-21 12:09:51 -05:00
parent 9b2a6b3e2b
commit e7e5b7567a
4 changed files with 86 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
slack/prod/tsys-base/files/root/.ssh/authorized_keys Normal file
View File

@@ -0,0 +1,9 @@
# GSA key
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1LqY098c3Hsjs0UkqbXyi/r+k3iDEFAXkUWKx0vvp/HboRaOFPc6+GqYuD4t3gPs38eKg/8fjyc1bVgDtF+tCz+gsp+qF9GaVXVCyCz5wJ3qICnoJLqEej17xBFZwGyFYuZXnGGyng8Hw1reRCN9v8eOLWyPXot7gfwnv+doT41T9kpvIP+vjsvjkyAlw50Yk+vWQDnhZtw8DeS8N/+eglqJ7DTZ8/77tPMeXZ/I+mQNcRa0CUDXC5OB7YRKto+i+mPCKCD/utA3BH7cDBvBvBi+jnkN7sR4Wi2Bi18JD2P/nLzx06h5Fv1YRE/hZ4bBLurEFF7FTqDKk0TebKhCV
#TSYS service key
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGIzki6Xxyyih5HWMXR/uWLGgJprDGEBWC3JX8G7562zcx3eKDl0GKmZv4cl0AZZUwLATvpks8w2Bk6BL7cDvgUkmgpawHgGeRCjLi19/gG8t6M7k+U/rw6uu5SeaFXy5q22zkkE2TDTotWsoa6NE59Gc5/dNgQkYC0r1adD/J2+A6XgxoHdAEVX7gkFhBhXJKTkCYgatDzyE1IUoWLYAQpnMPcBUwK/i7qrcrVYqz0IS6p3MuYYS1+hr1MbMd5bX+Gm6PB6zf/CKhJkUFvaYS+QkVCMzQKrxNRuCs7ULyYvvi9EfxcCow06LuYvslMpEMIfJp8zKX9rhlvu9tuOkF librenms@toolbox

28
slack/prod/tsys-base/files/usr/local/share/ca-certificates/chain.cert.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN CERTIFICATE-----
MIICNTCCAdygAwIBAgICEAAwCgYIKoZIzj0EAwIwbDELMAkGA1UEBhMCVVMxDjAM
BgNVBAgMBVRleGFzMRcwFQYDVQQKDA5UdXJuTmV0U3lzdGVtczEdMBsGA1UECwwU
Q2VydGlmaWNhdGUgU2VydmljZXMxFTATBgNVBAMMDFRTWVMgUm9vdCBDQTAeFw0x
ODA1MjYwMTM1NTNaFw0yODA1MjMwMTM1NTNaMHQxCzAJBgNVBAYTAlVTMQ4wDAYD
VQQIDAVUZXhhczEXMBUGA1UECgwOVHVybk5ldFN5c3RlbXMxHTAbBgNVBAsMFENl
cnRpZmljYXRlIFNlcnZpY2VzMR0wGwYDVQQDDBRUU1lTIEludGVybWVkaWF0ZSBD
QTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOvDEmYWB9j42XbS8vreHl6V7jx7
eAw7uJGx80NwnUxDNsr+mTlSUMB3Z+7ppAG8q56AYaYCmJ0EeLquI4j48cyjZjBk
MB0GA1UdDgQWBBS/2ufN7K3FSVsaRdOyVtRD0j+ZhzAfBgNVHSMEGDAWgBREJ92X
kahcElWwHaNEYzJ6jbHU+TASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQE
AwIBhjAKBggqhkjOPQQDAgNHADBEAiB0Szlopj/4m5Gh10GM3cJVIKSaIEhpbZn1
e9DDh6boWwIgHmZUCaDV1F+3yAHC2Ua+bJPKkmcsmGWc956F76mj21E=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICMTCCAdigAwIBAgIJAP0coUv+FyQYMAoGCCqGSM49BAMCMGwxCzAJBgNVBAYT
AlVTMQ4wDAYDVQQIDAVUZXhhczEXMBUGA1UECgwOVHVybk5ldFN5c3RlbXMxHTAb
BgNVBAsMFENlcnRpZmljYXRlIFNlcnZpY2VzMRUwEwYDVQQDDAxUU1lTIFJvb3Qg
Q0EwHhcNMTgwNTI2MDEzMjUzWhcNNDYwNjE3MDEzMjUzWjBsMQswCQYDVQQGEwJV
UzEOMAwGA1UECAwFVGV4YXMxFzAVBgNVBAoMDlR1cm5OZXRTeXN0ZW1zMR0wGwYD
VQQLDBRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEVMBMGA1UEAwwMVFNZUyBSb290IENB
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQwCbkoUzB2WRAP4JgXzBQ/0qrXKV
LfSAzr6MH9Y8SsIIgE4YBd3ROiudAcUjIObbfJcgZTmjkDtig+hHRCwMa6NjMGEw
HQYDVR0OBBYEFEQn3ZeRqFwSVbAdo0RjMnqNsdT5MB8GA1UdIwQYMBaAFEQn3ZeR
qFwSVbAdo0RjMnqNsdT5MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGG
MAoGCCqGSM49BAMCA0cAMEQCICw1tWHkvCwo6FJrmWqLlzrR3AsZaU0Fv7sL2GTE
R06yAiBAsiGtwNTaN+L3wgyhMt+ybmNlrDpgqFJVzKrfbGbQCA==
-----END CERTIFICATE-----

14
slack/prod/tsys-base/files/usr/local/share/ca-certificates/root.cert.pem Normal file
View File

@@ -0,0 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICMTCCAdigAwIBAgIJAP0coUv+FyQYMAoGCCqGSM49BAMCMGwxCzAJBgNVBAYT
AlVTMQ4wDAYDVQQIDAVUZXhhczEXMBUGA1UECgwOVHVybk5ldFN5c3RlbXMxHTAb
BgNVBAsMFENlcnRpZmljYXRlIFNlcnZpY2VzMRUwEwYDVQQDDAxUU1lTIFJvb3Qg
Q0EwHhcNMTgwNTI2MDEzMjUzWhcNNDYwNjE3MDEzMjUzWjBsMQswCQYDVQQGEwJV
UzEOMAwGA1UECAwFVGV4YXMxFzAVBgNVBAoMDlR1cm5OZXRTeXN0ZW1zMR0wGwYD
VQQLDBRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEVMBMGA1UEAwwMVFNZUyBSb290IENB
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQwCbkoUzB2WRAP4JgXzBQ/0qrXKV
LfSAzr6MH9Y8SsIIgE4YBd3ROiudAcUjIObbfJcgZTmjkDtig+hHRCwMa6NjMGEw
HQYDVR0OBBYEFEQn3ZeRqFwSVbAdo0RjMnqNsdT5MB8GA1UdIwQYMBaAFEQn3ZeR
qFwSVbAdo0RjMnqNsdT5MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGG
MAoGCCqGSM49BAMCA0cAMEQCICw1tWHkvCwo6FJrmWqLlzrR3AsZaU0Fv7sL2GTE
R06yAiBAsiGtwNTaN+L3wgyhMt+ybmNlrDpgqFJVzKrfbGbQCA==
-----END CERTIFICATE-----

36
slack/prod/tsys-base/scripts/postinstall
View File

@@ -17,7 +17,6 @@ fi
unlink /etc/localtime unlink /etc/localtime
ln -s /usr/share/zoneinfo/America/Chicago /etc/localtime ln -s /usr/share/zoneinfo/America/Chicago /etc/localtime
apt -y install htop glances dstat ladvd snmpd ntp tcpdump autofs logwatch molly-guard etckeeper auditd rkhunter rsyslog ngrep screen
MGMT_INT=$(netstat -rn|grep 0.0.0.0|head -n1|awk '{print $NF}') MGMT_INT=$(netstat -rn|grep 0.0.0.0|head -n1|awk '{print $NF}')
PFV_MGMT_IP=$(ifconfig $MGMT_INT|grep inet|grep 10.251 -c) PFV_MGMT_IP=$(ifconfig $MGMT_INT|grep inet|grep 10.251 -c)
@@ -32,10 +31,45 @@ if [ $OVH_MGMT_IP -eq 1 ]; then
fi fi
#/usr/local/bin/up2date.sh #/usr/local/bin/up2date.sh
#apt-get update #apt-get update
#apt-get -y --purge autoremove #apt-get -y --purge autoremove
#apt-get -y autoclean #apt-get -y autoclean
#apt-get -y upgrade #apt-get -y upgrade
#apt-get -y dist-upgrade #apt-get -y dist-upgrade
#Step 1: Update the cache and apply all vendor patches
echo "Running apt-get update"
export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes update
echo "Running apt-get dist-upgrade"
export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes dist-upgrade
echo "Running apt-get upgrade"
export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes upgrade
echo "Running apt-get purge"
export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --purge autoremove --yes
#Step 2: Cleanup default cruft
echo "removing evil from the world, one nano install at a time"
export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes --purge remove nano
if [ $UBUNTU_SERVER -eq 0 ]; then
sed -i "s/dns=dnsmasq/#dns=dnsmasq/" /etc/NetworkManager/NetworkManager.conf
fi
unlink /etc/resolv.conf
ln -s /etc/tplab-resolv.conf /etc/resolv.conf
#Step 3: The usual suspects
export DEBIAN_FRONTEND="noninteractive" && apt-get -qq --yes -o Dpkg::Options::="--force-confold" install snmpd sssd sssd-ad ncdu iftop nethogs screen open-vm-tools acct tshark tcpdump glances dstat htop sysdig sysstat rsync clamav logwatch zsh sl postfix molly-guard git mailutils ladvd etckeeper auditd rkhunter rsyslog ngrep ntp
#Turn on process accounting
echo "Turning on process accounting..."
accton on
slack tsys-$tsysSysLocation slack tsys-$tsysSysLocation