Last active
April 13, 2021 17:30
Star
You must be signed in to star a gist
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
if ! test "$(whoami)" = "root"; then | |
echo "You're not running this as root" | |
exit 1 | |
fi | |
INSTALL="apt-get install -y" | |
if type -P dnf >/dev/null 2>/dev/null; then INSTALL="dnf -y install"; fi | |
if type -P pacman >/dev/null 2>/dev/null; then INSTALL="pacman -S"; fi | |
# echo the commands run below, abort on failiure | |
set -xe | |
# allow you to login as root with ssh | |
sed -i 's/.*PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config | |
# install needed unix utilities | |
$INSTALL curl wget git dnsutils rwho tmate rsync sudo | |
# salt setup | |
$INSTALL salt-minion | |
test "$(hostname -d)" = "pvv.ntnu.no" || | |
sed -i 's/.*master:.*/master: salt.pvv.ntnu.no/g' /etc/salt/minion | |
tee /etc/salt/minion.d/pvv.conf <<EOF | |
# Use base if nothing was specified on the command line | |
saltenv: base | |
pillarenv: base | |
state_output: mixed | |
state_verbose: False | |
EOF | |
tee /etc/salt/grains <<EOF | |
roles: | |
- standard | |
EOF | |
systemctl enable salt-minion.service | |
systemctl restart salt-minion.service | |
# join the salt pki | |
systemctl restart salt-minion | |
salt-call state.highstate saltenv=base pillarenv=base || true # should fail, caches the minions key on master | |
ssh root@salt.pvv.ntnu.no \ | |
salt-key -a $(hostname).pvv.ntnu.no # accept the new minion public key | |
echo "THIS WILL TAKE A WHILE" | |
salt-call state.highstate saltenv=base pillarenv=base || # we don't have a good order between installing groups and users first, making running salt multiple times neccesary | |
salt-call state.highstate saltenv=base pillarenv=base || | |
salt-call state.highstate saltenv=base pillarenv=base |
todo, update/ensure hostname is in salt:salt/standard/passwd/netgroup
todo: Add scratch
todo: ensure hostname and dns search domain is set
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
todo: install and enable sshd