Last active
April 13, 2021 17:30
-
-
Save pbsds/7aff00a88f6e36b6b5c7e5ff21af2630 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
if ! test "$(whoami)" = "root"; then | |
echo "You're not running this as root" | |
exit 1 | |
fi | |
INSTALL="apt-get install -y" | |
if type -P dnf >/dev/null 2>/dev/null; then INSTALL="dnf -y install"; fi | |
if type -P pacman >/dev/null 2>/dev/null; then INSTALL="pacman -S"; fi | |
# echo the commands run below, abort on failiure | |
set -xe | |
# allow you to login as root with ssh | |
sed -i 's/.*PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config | |
# install needed unix utilities | |
$INSTALL curl wget git dnsutils rwho tmate rsync sudo | |
# salt setup | |
$INSTALL salt-minion | |
test "$(hostname -d)" = "pvv.ntnu.no" || | |
sed -i 's/.*master:.*/master: salt.pvv.ntnu.no/g' /etc/salt/minion | |
tee /etc/salt/minion.d/pvv.conf <<EOF | |
# Use base if nothing was specified on the command line | |
saltenv: base | |
pillarenv: base | |
state_output: mixed | |
state_verbose: False | |
EOF | |
tee /etc/salt/grains <<EOF | |
roles: | |
- standard | |
EOF | |
systemctl enable salt-minion.service | |
systemctl restart salt-minion.service | |
# join the salt pki | |
systemctl restart salt-minion | |
salt-call state.highstate saltenv=base pillarenv=base || true # should fail, caches the minions key on master | |
ssh root@salt.pvv.ntnu.no \ | |
salt-key -a $(hostname).pvv.ntnu.no # accept the new minion public key | |
echo "THIS WILL TAKE A WHILE" | |
salt-call state.highstate saltenv=base pillarenv=base || # we don't have a good order between installing groups and users first, making running salt multiple times neccesary | |
salt-call state.highstate saltenv=base pillarenv=base || | |
salt-call state.highstate saltenv=base pillarenv=base |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
todo: ensure hostname and dns search domain is set