Fix passwordless ssh, add onedns
parent
741c31d2d0
commit
3424e7fde1
|
|
@ -0,0 +1,19 @@
|
|||
[Unit]
|
||||
Description=Dynamic DNS for OpenNebula
|
||||
Wants=local-fs.target network.target opennebula.service
|
||||
After=local-fs.target network.target opennebula.service
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
WorkingDirectory=/
|
||||
Environment=HOME=/var/lib/one
|
||||
ExecStart=/usr/local/bin/onedns --domain=$one_domain --one-secret= daemon --dns-address=$keepalived_virtual_ip --dns-port=53 --sync-interval=60
|
||||
KillMode=process
|
||||
Restart=always
|
||||
StartLimitInterval=3
|
||||
StartLimitIntervalSec=3
|
||||
PrivateTmp=true
|
||||
StandardOutput=syslog
|
||||
|
|
@ -153,17 +153,41 @@ systemctl enable opennebula
|
|||
systemctl enable opennebula-sunstone
|
||||
systemctl restart opennebula
|
||||
systemctl restart opennebula-sunstone
|
||||
EOF
|
||||
|
||||
# Setup onedns
|
||||
envsubst < ./etc/systemd/system/onedns.service.env | \
|
||||
ssh root@$play_host 'cat > /etc/systemd/system/onedns.service'
|
||||
scp etc/sysctl.conf root@$play_host:/etc/
|
||||
ssh root@$play_host <<EOF
|
||||
set -e -x
|
||||
[ -e onedns ] || git clone https://github.com/vitalif/onedns
|
||||
cd onedns
|
||||
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confdef" \
|
||||
-o Dpkg::Options::="--force-confold" install -y \
|
||||
python-setuptools
|
||||
python setup.py install
|
||||
sysctl --load=/etc/sysctl.conf
|
||||
systemctl enable onedns
|
||||
systemctl restart onedns
|
||||
EOF
|
||||
|
||||
# Setup passwordless ssh for `oneadmin` (authorized_keys and known_hosts)
|
||||
ssh root@$play_host <<EOF
|
||||
set -e -x
|
||||
|
||||
if [ ! -f /var/lib/one/.ssh/id_rsa.pub ]; then
|
||||
su - oneadmin -c ssh-keygen
|
||||
su - oneadmin -c 'ssh-keygen -t rsa -f /root/.ssh/id_rsa -q -P ""'
|
||||
fi
|
||||
|
||||
if [ ! -f /var/lib/one/.ssh/known_hosts ]; then
|
||||
su - oneadmin -c 'ssh-keyscan localhost >> /var/lib/one/.ssh/known_hosts'
|
||||
for host in $opennebula_hosts; do
|
||||
su - oneadmin -c "ssh-keyscan $host >> /var/lib/one/.ssh/known_hosts"
|
||||
su - oneadmin -c "ssh-keyscan \$host >> /var/lib/one/.ssh/known_hosts"
|
||||
done
|
||||
fi
|
||||
EOF
|
||||
|
||||
# Setup passwordless ssh for `oneadmin`
|
||||
> tmp$$
|
||||
for host in $opennebula_hosts; do
|
||||
ssh root@$host 'cat /var/lib/one/.ssh/id_rsa.pub' >> tmp$$
|
||||
|
|
|
|||
Loading…
Reference in New Issue