81 lines
2.2 KiB
Bash
Executable File
81 lines
2.2 KiB
Bash
Executable File
#!/bin/bash
|
|
# Setup passwordless ssh for `oneadmin` (authorized_keys and known_hosts)
|
|
|
|
set -e -a
|
|
|
|
# Include config
|
|
. ./load-config.sh
|
|
|
|
key_hosts=${key_hosts:-$opennebula_hosts}
|
|
|
|
# Add everyone to /etc/hosts
|
|
add_etc_hosts=""
|
|
for node_name in $all_node_names; do
|
|
. config/inventory/$node_name
|
|
add_etc_hosts="$add_etc_hosts""$int_ip $node_name"$'\n'
|
|
done
|
|
|
|
for node_name in $all_node_names; do
|
|
. config/inventory/$node_name
|
|
(ssh root@$play_host 'cat /etc/hosts'; echo -n "$add_etc_hosts" | grep -v $node_name) | sort | uniq > tmp$$
|
|
scp tmp$$ root@$play_host:/etc/hosts
|
|
rm tmp$$
|
|
done
|
|
|
|
# Generate keys for oneadmin if not yet
|
|
for play_host in $key_hosts; do
|
|
ssh root@$play_host <<EOF
|
|
set -e -x
|
|
if [ ! -f /var/lib/one/.ssh/id_rsa.pub ]; then
|
|
su - oneadmin -c 'ssh-keygen -t rsa -f /var/lib/one/.ssh/id_rsa -q -P ""'
|
|
fi
|
|
EOF
|
|
done
|
|
|
|
# Gather & distribute host keys
|
|
ssh-keyscan $opennebula_hosts > tmp$$
|
|
for play_host in $key_hosts; do
|
|
ssh root@$play_host "ssh-keyscan $int_ips" >> tmp$$
|
|
break
|
|
done
|
|
for play_host in $key_hosts; do
|
|
cat tmp$$ > hostkeys$$
|
|
ssh root@$play_host 'cat /var/lib/one/.ssh/known_hosts || true' >> hostkeys$$
|
|
ssh root@$play_host 'ssh-keyscan localhost' >> hostkeys$$
|
|
cat hostkeys$$ | sort | uniq | ssh root@$play_host 'cat > /var/lib/one/.ssh/known_hosts'
|
|
rm hostkeys$$
|
|
done
|
|
rm tmp$$
|
|
|
|
# Gather & distribute oneadmin keys
|
|
> tmp$$
|
|
for host in $opennebula_hosts; do
|
|
ssh root@$host 'cat /var/lib/one/.ssh/id_rsa.pub' >> tmp$$
|
|
done
|
|
for play_host in $key_hosts; do
|
|
ssh root@$play_host 'cat /var/lib/one/.ssh/authorized_keys || true' >> tmp$$
|
|
cat tmp$$ | sort | uniq | ssh root@$play_host 'cat > /var/lib/one/.ssh/authorized_keys'
|
|
done
|
|
rm tmp$$
|
|
|
|
# Generate keys for root if not yet
|
|
for play_host in $key_hosts; do
|
|
ssh root@$play_host <<EOF
|
|
set -e -x
|
|
if [ ! -f /root/.ssh/id_rsa.pub ]; then
|
|
ssh-keygen -t rsa -f /root/.ssh/id_rsa -q -P ""
|
|
fi
|
|
EOF
|
|
done
|
|
|
|
# Gather & distribute root keys
|
|
> tmp$$
|
|
for host in $opennebula_hosts; do
|
|
ssh root@$host 'cat /root/.ssh/id_rsa.pub' >> tmp$$
|
|
done
|
|
for play_host in $key_hosts; do
|
|
ssh root@$play_host 'cat /root/.ssh/authorized_keys || true' >> tmp$$
|
|
cat tmp$$ | sort | uniq | ssh root@$play_host 'cat > /root/.ssh/authorized_keys'
|
|
done
|
|
rm tmp$$
|