From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 1/3] cloud: Execute user-data scripts at the end of initialization
Date: Thu, 19 May 2022 09:40:25 +0000 [thread overview]
Message-ID: <20220519094027.200441-1-michael.tremer@ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 10178 bytes --]
This is useful when the user-data needs to reboot an instance.
Previously, some initialization did not happen which is now being done
first before the user-data script is being executed.
This gives users more flexibility about what they are doing in those
scripts.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
src/initscripts/helper/aws-setup | 35 +++++++++++------------
src/initscripts/helper/azure-setup | 35 +++++++++++------------
src/initscripts/helper/exoscale-setup | 35 +++++++++++------------
src/initscripts/helper/gcp-setup | 35 +++++++++++------------
src/initscripts/helper/oci-setup | 41 +++++++++++++--------------
5 files changed, 83 insertions(+), 98 deletions(-)
diff --git a/src/initscripts/helper/aws-setup b/src/initscripts/helper/aws-setup
index a40d4beeb..f14f4eb57 100644
--- a/src/initscripts/helper/aws-setup
+++ b/src/initscripts/helper/aws-setup
@@ -118,25 +118,6 @@ import_aws_configuration() {
fi
done
- # Download the user-data script only on the first boot
- if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
- # Download user-data
- local user_data="$(get user-data)"
-
- # Save user-data script to be executed later
- if [ "${user_data:0:2}" = "#!" ]; then
- echo "${user_data}" > /tmp/aws-user-data.script
- chmod 700 /tmp/aws-user-data.script
-
- # Run the user-data script
- local now="$(date -u +"%s")"
- /tmp/aws-user-data.script &>/var/log/user-data.log.${now}
-
- # Delete the script right away
- rm /tmp/aws-user-data.script
- fi
- fi
-
# Import network configuration
# After this, no network connectivity will be available from this script due to the
# renaming of the network interfaces for which they have to be shut down
@@ -259,6 +240,22 @@ import_aws_configuration() {
echo "2,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,TGT_PORT,444,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"
) >> /var/ipfire/firewall/input
+ # Download user-data
+ local user_data="$(get user-data)"
+
+ # Save user-data script to be executed later
+ if [ "${user_data:0:2}" = "#!" ]; then
+ echo "${user_data}" > /tmp/aws-user-data.script
+ chmod 700 /tmp/aws-user-data.script
+
+ # Run the user-data script
+ local now="$(date -u +"%s")"
+ /tmp/aws-user-data.script &>/var/log/user-data.log.${now}
+
+ # Delete the script right away
+ rm /tmp/aws-user-data.script
+ fi
+
# This script has now completed the first steps of setup
touch /var/ipfire/main/firstsetup_ok
fi
diff --git a/src/initscripts/helper/azure-setup b/src/initscripts/helper/azure-setup
index 1eff57799..7a4422a35 100644
--- a/src/initscripts/helper/azure-setup
+++ b/src/initscripts/helper/azure-setup
@@ -141,25 +141,6 @@ import_azure_configuration() {
fi
done
- # Download the user-data script only on the first boot
- if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
- # Download user-data
- local user_data="$(get customData)"
-
- # Save user-data script to be executed later
- if [ "${user_data:0:2}" = "#!" ]; then
- echo "${user_data}" > /tmp/azure-user-data.script
- chmod 700 /tmp/azure-user-data.script
-
- # Run the user-data script
- local now="$(date -u +"%s")"
- /tmp/azure-user-data.script &>/var/log/user-data.log.${now}
-
- # Delete the script right away
- rm /tmp/azure-user-data.script
- fi
- fi
-
# Import network configuration
# After this, no network connectivity will be available from this script due to the
# renaming of the network interfaces for which they have to be shut down
@@ -279,6 +260,22 @@ import_azure_configuration() {
echo "2,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,TGT_PORT,444,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"
) >> /var/ipfire/firewall/input
+ # Download user-data
+ local user_data="$(get customData)"
+
+ # Save user-data script to be executed later
+ if [ "${user_data:0:2}" = "#!" ]; then
+ echo "${user_data}" > /tmp/azure-user-data.script
+ chmod 700 /tmp/azure-user-data.script
+
+ # Run the user-data script
+ local now="$(date -u +"%s")"
+ /tmp/azure-user-data.script &>/var/log/user-data.log.${now}
+
+ # Delete the script right away
+ rm /tmp/azure-user-data.script
+ fi
+
# This script has now completed the first steps of setup
touch /var/ipfire/main/firstsetup_ok
fi
diff --git a/src/initscripts/helper/exoscale-setup b/src/initscripts/helper/exoscale-setup
index e9295cc9c..02fdda2a3 100644
--- a/src/initscripts/helper/exoscale-setup
+++ b/src/initscripts/helper/exoscale-setup
@@ -83,25 +83,6 @@ import_exoscale_configuration() {
chown setup.nobody "/home/setup/.ssh/authorized_keys"
fi
- # Download the user-data script only on the first boot
- if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
- # Download user-data
- local user_data="$(get user-data)"
-
- # Save user-data script to be executed later
- if [ "${user_data:0:2}" = "#!" ]; then
- echo "${user_data}" > /tmp/user-data.script
- chmod 700 /tmp/user-data.script
-
- # Run the user-data script
- local now="$(date -u +"%s")"
- /tmp/user-data.script &>/var/log/user-data.log.${now}
-
- # Delete the script right away
- rm /tmp/user-data.script
- fi
- fi
-
# Import any previous settings for the local interfaces
eval $(/usr/local/bin/readhash <(grep -E "^(GREEN|ORANGE)_.*=" /var/ipfire/ethernet/settings 2>/dev/null))
@@ -208,6 +189,22 @@ import_exoscale_configuration() {
echo "2,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,TGT_PORT,444,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"
) >> /var/ipfire/firewall/input
+ # Download user-data
+ local user_data="$(get user-data)"
+
+ # Save user-data script to be executed later
+ if [ "${user_data:0:2}" = "#!" ]; then
+ echo "${user_data}" > /tmp/user-data.script
+ chmod 700 /tmp/user-data.script
+
+ # Run the user-data script
+ local now="$(date -u +"%s")"
+ /tmp/user-data.script &>/var/log/user-data.log.${now}
+
+ # Delete the script right away
+ rm /tmp/user-data.script
+ fi
+
# This script has now completed the first steps of setup
touch /var/ipfire/main/firstsetup_ok
fi
diff --git a/src/initscripts/helper/gcp-setup b/src/initscripts/helper/gcp-setup
index 935194931..4f5148c3e 100644
--- a/src/initscripts/helper/gcp-setup
+++ b/src/initscripts/helper/gcp-setup
@@ -118,25 +118,6 @@ import_gcp_configuration() {
fi
done <<<"$(get instance/attributes/ssh-keys)"
- # Download the user-data script only on the first boot
- if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
- # Download a startup script
- local script="$(get instance/attributes/startup-script)"
-
- # Execute the script
- if [ "${script:0:2}" = "#!" ]; then
- echo "${script}" > /tmp/gcp-startup.script
- chmod 700 /tmp/gcp-startup.script
-
- # Run the script
- local now="$(date -u +"%s")"
- /tmp/gcp-startup.script &>/var/log/startup-script.log.${now}
-
- # Delete the script right away
- rm /tmp/gcp-startup.script
- fi
- fi
-
# Import network configuration
# After this, no network connectivity will be available from this script due to the
# renaming of the network interfaces for which they have to be shut down
@@ -249,6 +230,22 @@ import_gcp_configuration() {
echo "2,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,TGT_PORT,444,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"
) >> /var/ipfire/firewall/input
+ # Download a startup script
+ local script="$(get instance/attributes/startup-script)"
+
+ # Execute the script
+ if [ "${script:0:2}" = "#!" ]; then
+ echo "${script}" > /tmp/gcp-startup.script
+ chmod 700 /tmp/gcp-startup.script
+
+ # Run the script
+ local now="$(date -u +"%s")"
+ /tmp/gcp-startup.script &>/var/log/startup-script.log.${now}
+
+ # Delete the script right away
+ rm /tmp/gcp-startup.script
+ fi
+
# This script has now completed the first steps of setup
touch /var/ipfire/main/firstsetup_ok
fi
diff --git a/src/initscripts/helper/oci-setup b/src/initscripts/helper/oci-setup
index 782fde5a2..312014b74 100644
--- a/src/initscripts/helper/oci-setup
+++ b/src/initscripts/helper/oci-setup
@@ -147,28 +147,6 @@ import_oci_configuration() {
fi
done <<<"$(get instance/metadata/ssh_authorized_keys)"
- # Download the user-data script only on the first boot
- if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
- # Download a startup script
- local script="$(get instance/metadata/user_data)"
-
- # Try to decode this
- script="$(try_base64_decode "${script}")"
-
- # Execute the script
- if [ "${script:0:2}" = "#!" ]; then
- echo "${script}" > /tmp/user-data.script
- chmod 700 /tmp/user-data.script
-
- # Run the script
- local now="$(date -u +"%s")"
- /tmp/user-data.script &>/var/log/user-data.log.${now}
-
- # Delete the script right away
- rm /tmp/user-data.script
- fi
- fi
-
# Import network configuration
# After this, no network connectivity will be available from this script due to the
# renaming of the network interfaces for which they have to be shut down
@@ -285,6 +263,25 @@ import_oci_configuration() {
echo "2,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,TGT_PORT,444,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"
) >> /var/ipfire/firewall/input
+ # Download a startup script
+ local script="$(get instance/metadata/user_data)"
+
+ # Try to decode this
+ script="$(try_base64_decode "${script}")"
+
+ # Execute the script
+ if [ "${script:0:2}" = "#!" ]; then
+ echo "${script}" > /tmp/user-data.script
+ chmod 700 /tmp/user-data.script
+
+ # Run the script
+ local now="$(date -u +"%s")"
+ /tmp/user-data.script &>/var/log/user-data.log.${now}
+
+ # Delete the script right away
+ rm /tmp/user-data.script
+ fi
+
# This script has now completed the first steps of setup
touch /var/ipfire/main/firstsetup_ok
fi
--
2.30.2
next reply other threads:[~2022-05-19 9:40 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-19 9:40 Michael Tremer [this message]
2022-05-19 9:40 ` [PATCH 2/3] python3-botocore: Update to 1.25.12 Michael Tremer
2022-06-20 15:03 ` jose.dias
2022-05-19 9:40 ` [PATCH 3/3] aws-cli: Update to 1.23.12 Michael Tremer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220519094027.200441-1-michael.tremer@ipfire.org \
--to=michael.tremer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox