feat: add sysyadm initialization script

This commit is contained in:
Emil Dabrowski 2024-12-17 14:40:36 +01:00
parent f6672dcfc5
commit cd58bf97b0
2 changed files with 133 additions and 2 deletions

View file

@ -1,3 +1,28 @@
# sysfiles
# JILITS System Files Repository
YADM repo for system level files
This repository contains system configuration files managed by `yadm` for simplified deployment and bootstrap of system files.
## System Initialization Instructions
To set up the repository on a fresh system, use the provided one-liner below to download and execute the initialization script.The script initializes, clones, and configures `yadm` for system-wide usage.
```bash
curl -fsSL https://git.jilits.se/JILITS/sysfiles/raw/branch/main/usr/local/jilits/sysyadm-init.sh -o /tmp/sysyadm-init.sh && bash /tmp/sysyadm-init.sh
```
### Initialization Prerequisites
- **System Requirements**: A Debian-based system (Ubuntu, Debian, etc.).
- **Git Access**: Ensure you can add the SSH key to the Git server (`git.jilits.se`).
### Generated SSH Key
The script generates an SSH key for the root user if it does not already exist. The public key will be printed during execution. Make sure to add the SSH key to the Git server to allow cloning.
## Troubleshooting
If the script fails:
1. Ensure you are not running the script as the root user.
2. Verify internet connectivity and access to the Git repository.
3. Check that you have permissions to install packages using `sudo`.

View file

@ -0,0 +1,106 @@
#!/bin/bash
# Exit immediately if a command exits with a non-zero status
set -e
# Google Bash Script Guidelines: All static variables are defined at the top and marked readonly.
readonly REPO_URL="ssh://git@git.jilits.se:2222/JILITS/sysfiles.git"
readonly YADM_DIR="/etc/yadm"
readonly YADM_DATA_DIR="$YADM_DIR/data"
readonly YADM_REPO_PATH="$YADM_DATA_DIR/repo.git"
readonly ROOT_SSH_KEY="/root/.ssh/id_rsa"
readonly ALIASES_FILE="$HOME/.bash_aliases"
readonly -A ALIASES=(
["y"]="yadm"
["sysyadm"]="sudo yadm --yadm-dir '$YADM_DIR' --yadm-data '$YADM_DATA_DIR'"
["s"]="sysyadm"
)
# Function to print messages
function iprint() {
echo -e "\e[32m[INFO]\e[0m $1"
}
function eprint() {
echo -e "\e[31m[ERROR]\e[0m $1" >&2
}
# Function to run sysyadm commands
function sysyadm() {
sudo yadm --yadm-dir "$YADM_DIR" --yadm-data "$YADM_DATA_DIR" "$@"
}
if [ "$EUID" -eq 0 ]; then
eprint "This script must be run as a non-root user. Exiting."
exit 1
fi
if ! command -v apt &>/dev/null; then
eprint "This script is intended for Debian-based systems. Exiting."
exit 1
fi
iprint "System is Debian-compatible. Proceeding..."
if ! command -v yadm &>/dev/null; then
iprint "Installing yadm..."
sudo apt update && sudo apt install -y yadm
else
iprint "yadm is already installed."
fi
iprint "Ensuring aliases are in $ALIASES_FILE..."
for alias_name in "${!ALIASES[@]}"; do
alias_cmd="alias $alias_name=\"${ALIASES[$alias_name]}\""
grep -qxF "$alias_cmd" "$ALIASES_FILE" 2>/dev/null || echo "$alias_cmd" >>"$ALIASES_FILE"
done
iprint "Aliases added. Reloading bash aliases."
# shellcheck disable=SC1090
source "$ALIASES_FILE"
if sudo test -f "$ROOT_SSH_KEY"; then
iprint "SSH key for root already exists. Skipping key generation."
else
iprint "Generating SSH key for root..."
sudo ssh-keygen -t rsa -N "" -f "$ROOT_SSH_KEY"
iprint "Printing the public SSH key for root:"
sudo cat "$ROOT_SSH_KEY.pub"
while true; do
read -p "Has the SSH key been added to the Git server? (y/n): " CONFIRM
case $CONFIRM in
[Yy])
break
;;
[Nn])
iprint "Please add the key to the Git server and confirm when done."
;;
*)
iprint "Please answer y or n."
;;
esac
done
fi
iprint "Using repository URL: $REPO_URL"
if [ -d "$YADM_REPO_PATH" ]; then
iprint "Yadm repository already exists at $YADM_REPO_PATH. Skipping initialization and clone."
else
iprint "Initializing sysyadm with root privileges..."
sysyadm init -w /
iprint "Cloning sysyadm repository..."
sysyadm clone -f -w / "$REPO_URL"
fi
iprint "Running sysyadm alts..."
sysyadm alt
iprint "Running sysyadm bootstrap..."
sysyadm bootstrap
iprint "Script completed successfully."