OpenNebula key setup script
parent
f39b6269df
commit
fcdc552895
|
|
@ -0,0 +1,40 @@
|
|||
#!/bin/bash
|
||||
# Setup passwordless ssh for `oneadmin` (authorized_keys and known_hosts)
|
||||
|
||||
set -e -x -a
|
||||
|
||||
# Include config
|
||||
. config/all_vars
|
||||
|
||||
key_hosts=${key_hosts:-$opennebula_hosts}
|
||||
|
||||
# Generate keys if not yet
|
||||
for play_host in $key_hosts; do
|
||||
ssh root@$play_host <<EOF
|
||||
set -e -x
|
||||
if [ ! -f /var/lib/one/.ssh/id_rsa.pub ]; then
|
||||
su - oneadmin -c 'ssh-keygen -t rsa -f /var/lib/one/.ssh/id_rsa -q -P ""'
|
||||
fi
|
||||
EOF
|
||||
done
|
||||
|
||||
# Gather host keys
|
||||
ssh-keyscan $opennebula_hosts > tmp$$
|
||||
for play_host in $key_hosts; do
|
||||
cat tmp$$ > hostkeys$$
|
||||
ssh root@$play_host 'cat /var/lib/one/.ssh/known_hosts || true' >> hostkeys$$
|
||||
cat hostkeys$$ | sort | uniq | ssh root@$play_host 'cat > /var/lib/one/.ssh/known_hosts'
|
||||
rm hostkeys$$
|
||||
done
|
||||
rm tmp$$
|
||||
|
||||
# Gather oneadmin keys
|
||||
> tmp$$
|
||||
for host in $opennebula_hosts; do
|
||||
ssh root@$host 'cat /var/lib/one/.ssh/id_rsa.pub' >> tmp$$
|
||||
done
|
||||
for play_host in $key_hosts; do
|
||||
ssh root@$play_host 'cat /var/lib/one/.ssh/authorized_keys || true' >> tmp$$
|
||||
cat tmp$$ | sort | uniq | ssh root@$play_host 'cat > /var/lib/one/.ssh/authorized_keys'
|
||||
done
|
||||
rm tmp$$
|
||||
|
|
@ -144,29 +144,7 @@ systemctl restart onedns
|
|||
EOF
|
||||
|
||||
# Setup passwordless ssh for `oneadmin` (authorized_keys and known_hosts)
|
||||
# FIXME: Maybe extract to separate script
|
||||
ssh root@$play_host <<EOF
|
||||
set -e -x
|
||||
|
||||
if [ ! -f /var/lib/one/.ssh/id_rsa.pub ]; then
|
||||
su - oneadmin -c 'ssh-keygen -t rsa -f /var/lib/one/.ssh/id_rsa -q -P ""'
|
||||
fi
|
||||
|
||||
if [ ! -f /var/lib/one/.ssh/known_hosts ]; then
|
||||
su - oneadmin -c 'ssh-keyscan localhost >> /var/lib/one/.ssh/known_hosts'
|
||||
for host in $opennebula_hosts; do
|
||||
su - oneadmin -c "ssh-keyscan \$host >> /var/lib/one/.ssh/known_hosts"
|
||||
done
|
||||
fi
|
||||
EOF
|
||||
|
||||
> tmp$$
|
||||
for host in $opennebula_hosts; do
|
||||
ssh root@$host 'cat /var/lib/one/.ssh/id_rsa.pub' >> tmp$$
|
||||
done
|
||||
ssh root@$play_host 'cat /var/lib/one/.ssh/authorized_keys || true' >> tmp$$
|
||||
cat tmp$$ | sort | uniq | ssh root@$play_host 'cat > /var/lib/one/.ssh/authorized_keys'
|
||||
rm tmp$$
|
||||
key_hosts=$play_host ./opennebula_keys.sh
|
||||
|
||||
# Add a host to OpenNebula and set reserved memory to 16G
|
||||
ssh root@$play_host <<EOF
|
||||
|
|
|
|||
Loading…
Reference in New Issue