From: Andy Witter Date: Tue, 3 Dec 2019 07:42:33 +0000 (-0500) Subject: Correct the installation of SSH keys from utility -> all opensrf node to utility... X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=63d1c1204fdaef383c0f514b4327a15054120472;p=contrib%2Fpines%2Fgenasys.git Correct the installation of SSH keys from utility -> all opensrf node to utility -> brick heads only and now we setup the keys after the utility node is restart and on first logon of user opensrf --- diff --git a/GenaSYS.sh b/GenaSYS.sh index 411c497..67721fa 100755 --- a/GenaSYS.sh +++ b/GenaSYS.sh @@ -1,7 +1,7 @@ ############################################################################## -# Copyright (c) 2010-2013 Georgia Public Library Service." +# Copyright (c) 2010-2019 Georgia Public Library Service." # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -25,8 +25,8 @@ PURPOSE_="Generate config files needed for Evergreen-ILS Cluster" SYNOPSIS_="$NAME_" REQUIRES_="standard GNU commands, apt, dpkg" - VERSION_="2.00" - DATE_="2010-11-23; last update: 2019-11-11" + VERSION_="2.01" + DATE_="2010-11-23; last update: 2019-12-03" AUTHOR_="Andy Witter " URL_="http://evergreen-ils.org" CATEGORY_="devel" @@ -3357,8 +3357,14 @@ if echo ${NODE_FOLDER} | grep -q utility0 then cp -f "$TMPOSRFNODES" "setup_${NODE_FOLDER}/opensrf_nodes.txt" cp -f "$TEMPLATEDIR/setup_sshkeys.sh" "setup_${NODE_FOLDER}" + cp -f "$TEMPLATEDIR/utility/utility_head_ssh_keys.sh" "setup_${NODE_FOLDER}" + cp -f "$TEMPLATEDIR/GenaSYS_FirstRun" "setup_${NODE_FOLDER}" cp -f "$TEMPLATEDIR/utility/opensrf-crontab" "setup_${NODE_FOLDER}" cp -f "$TEMPLATEDIR/Net-Z3950-SimpleServer-1.12.tar.gz" "setup_${NODE_FOLDER}" + for BRICKHEAD in ${BRICKHEADLIST} + do + echo "$BRICKHEAD" >> "setup_${NODE_FOLDER}/brickhead_nodes.txt" + done #cp -rf "$TEMPLATEDIR/apache2/websockets" "setup_${NODE_FOLDER}" fi if echo ${NODE_FOLDER} | grep -q sip0 @@ -3480,4 +3486,6 @@ echo echo -e $COL_BR_CYAN"A new config file for GenaSYS has been created and" echo -e "saved as $COL_YELLOW${NEW_CONFIG_FILE}"$COL_RESET +echo "DEBUG: BRICKHEADLIST is: ${BRICKHEADLIST}" + #rm -rf $TMPFOLDER diff --git a/templates/.GenaSYS_FirstRun b/templates/.GenaSYS_FirstRun new file mode 100644 index 0000000..e69de29 diff --git a/templates/setup.sh b/templates/setup.sh index 92b76af..f15efed 100755 --- a/templates/setup.sh +++ b/templates/setup.sh @@ -493,13 +493,25 @@ cat utility_options.txt >> /etc/profile echo "Failed to install new crontab for tar_file" sleep 3 fi - if [ -e ./setup_sshkeys.sh ] + if [ -e ./utility_head_ssh_keys.sh ] then - echo;echo;echo "Setting up ssh keys" - sleep 3 - ./setup_sshkeys.sh + echo;echo;echo -e $COL_BR_BLUE"Setting up ssh keys" + echo -e $COL_BR_GREEN"*** PLEASE NOTE..." + echo "You will have to login as user opensrf" + echo "Or su - opensrf from root to complete" + echo "the setup of SSH keys to brick heads"$COL_RESET + sleep 4 + cp ./utility_head_ssh_keys.sh /home/opensrf + echo >> /home/opensrf/.bashrc >> /home/opensrf/.bashrc + echo '### Added by GenaSYS' >> /home/opensrf/.bashrc >> /home/opensrf/.bashrc + echo 'if [ -e ./utility_head_ssh_keys.sh ];then' >> /home/opensrf/.bashrc >> /home/opensrf/.bashrc + echo ' if [ -e ./.GenaSYS_FirstRun ];then' >> /home/opensrf/.bashrc + echo ' ./utility_head_ssh_keys.sh' >> /home/opensrf/.bashrc + echo ' rm ./.GenaSYS_FirstRun' >> /home/opensrf/.bashrc + echo ' fi' >> /home/opensrf/.bashrc + echo 'fi' >> /home/opensrf/.bashrc else - echo -e COL_BR_RED"***Warning.. setup_sshkeys.sh is missing" + echo -e COL_BR_RED"***Warning.. utility_head_ssh_keys.sh is missing" fi else diff --git a/templates/utility/utility_head_ssh_keys.sh b/templates/utility/utility_head_ssh_keys.sh new file mode 100755 index 0000000..5a007aa --- /dev/null +++ b/templates/utility/utility_head_ssh_keys.sh @@ -0,0 +1,60 @@ +#!/bin/bash + +OPENSRF_HOME="/home/opensrf" +PUB_KEY="${OPENSRF_HOME}/.ssh/id_rsa.pub" + +echo +echo +echo +echo "_______Evergreen Multi-host SSH Key Configuration________" +echo +echo "This will generate a ssh key for this host $(hostname) and" +echo "copy it to all hosts running OpenSRF in this cluster." +echo +echo "(1) The user opensrf *MUST* exist on all the target nodes including this one." +echo "(2) The hostnames for all the nodes in the cluster *MUST* be resolvable on this host." +echo "(3) All the nodes *MUST* be reachable with SSH from this host." +echo + +read -p "Press [ENTER] to continue or [Ctrl-C] to quit" CONTINUE + +if cat /etc/passwd |grep -q opensrf +then + if [ ! -e "$PUB_KEY" ] + then + echo "Generating Key for this host" + echo "Leave passphrase blank. just" + echo "press [Enter] when prompted." + echo + sleep 3 + su - opensrf -c "ssh-keygen -t rsa" + else + echo + echo "Using existing public key" + sleep 1 + echo + fi + + if [ ! -d "$HOME/.ssh" ] ### Workaround for ssh-copy-id mktemp errors. + then + mkdir ~/.ssh + if [ ! -z $SUDO_USER ] + then + chown $SUDO_USER.$SUDO_USER ~/.ssh + fi + + fi + + for NODE in $(cat brick_heads.txt) + do + echo + echo Setting up SSH keys for OpenSRF node: $NODE + echo + #su - opensrf -c "ssh-copy-id -i $PUB_KEY opensrf@$NODE" + ssh-copy-id -i $PUB_KEY opensrf@$NODE -o StrictHostKeyChecking=no + su - opensrf -c "ssh $NODE -o StrictHostKeyChecking=no -C 'echo $NODE OK'" + done +else + echo "user opensrf does not exist create the user" + echo "before running this program." +fi