forked from rundeck/anvils-demo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathadd-project.sh
160 lines (129 loc) · 4.66 KB
/
add-project.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
#!/usr/bin/env bash
set -eu
if (( $# != 1 ))
then
echo >&2 "usage: add-project project"
exit 1
fi
PROJECT=$1
fwk_prop_read() {
local propkey=$1
value=$(awk -F= "/framework.$propkey/ {print \$2}" /etc/rundeck/framework.properties)
printf "%s" "${value//[[:space:]]/}"
}
RDECK_URL=$(fwk_prop_read server.url)
#RDECK_USER=$(fwk_prop_read server.username)
RDECK_USER=admin
#RDECK_PASS=$(fwk_prop_read server.password)
RDECK_PASS=admin
RDECK_NAME=$(fwk_prop_read server.name)
RDECK_HOST=$(fwk_prop_read server.hostname)
# Create a directory for the resource model
ETC=/var/rundeck/projects/${PROJECT}/etc
RESOURCES_D=$ETC/resources.d
mkdir -p "$RESOURCES_D"
# Fictitious hosts that mascarade as nodes
RESOURCES=( www{1,2} app{1,2} db1 )
# Add a user account and node entry for each resource.
# -------------------------------------
for NAME in ${RESOURCES[*]:-}
do
# Create local host account
if ! id $NAME
then :
else continue
fi
echo "Add host user ${NAME}."
useradd -d /home/$NAME -m $NAME
# Generate an SSH key for this user
echo "Generate SSH key for user $NAME"
su - $NAME -c "ssh-keygen -b 2048 -t rsa -f /home/$NAME/.ssh/id_rsa -q -N ''"
cat /home/$NAME/.ssh/id_rsa.pub >> /home/$NAME/.ssh/authorized_keys
chmod 600 /home/$NAME/.ssh/authorized_keys
chown -R $NAME:$NAME /home/$NAME/.ssh
# Upload SSH key
# --------------
# key-path convention: {org}/{app}/{user}
#
KEYPATH="acme/${PROJECT}/${NAME}/id_rsa"
rerun rundeck-admin: key-upload \
--keypath $KEYPATH --format private --file /home/$NAME/.ssh/id_rsa \
--user $RDECK_USER --password $RDECK_PASS --url ${RDECK_URL}
rerun rundeck-admin: key-upload \
--keypath $KEYPATH.pub --format public --file /home/$NAME/.ssh/id_rsa.pub \
--user $RDECK_USER --password $RDECK_PASS --url ${RDECK_URL}
# List the keys
rerun rundeck-admin: key-list \
--keypath acme/${PROJECT}/${NAME} \
--user $RDECK_USER --password $RDECK_PASS --url ${RDECK_URL}
# Add node definition
# --------------
ROLE= INDEX=
[[ $NAME =~ ([^0-9]+)([0-9]+) ]] && { ROLE=${BASH_REMATCH[1]} INDEX=${BASH_REMATCH[2]} ; }
cat > $RESOURCES_D/$NAME.xml <<EOF
<?xml version="1.0" encoding="UTF-8"?>
<project>
<node name="${NAME}.anvils.com" hostname="localhost" username="${NAME}"
description="A $ROLE server node." tags="${ROLE},anvils"
osFamily="unix" osName="$(uname -s)" osArch="$(uname -m)" osVersion="$(uname -r)"
ssh-key-storage-path="/keys/$KEYPATH"
>
<!-- anvils specific attributes -->
<attribute name="anvils:server-pool" value="$ROLE"/>
<attribute name="anvils:server-pool-id" value="$INDEX"/>
<attribute name="anvils:location" value="US-East"/>
<attribute name="anvils:customer" value="acme.com"/>
</node>
</project>
EOF
echo "Added node: ${NAME} [role: $ROLE]."
done
chown -R rundeck:rundeck $RESOURCES_D
# Configure SSHD to pass RD environment variables through.
if ! grep -q "^AcceptEnv RD_" /etc/ssh/sshd_config
then
echo 'AcceptEnv RD_*' >> /etc/ssh/sshd_config
/etc/init.d/sshd stop
/etc/init.d/sshd start
fi
# Create an example project
# --------------------------
echo "Creating project $PROJECT..."
chown -R rundeck:rundeck /var/rundeck
#
# Create the project
su - rundeck -c "rd projects create -p $PROJECT -- --resources.source.2.type=directory --resources.source.2.config.directory=$RESOURCES_D"
cat > $ETC/resources.xml <<EOF
<?xml version="1.0" encoding="UTF-8"?>
<project>
<node name="$RDECK_NAME" hostname="$RDECK_HOST" username="rundeck"
description="Rundeck server node." tags=""
osFamily="unix" osName="$(uname -s)" osArch="$(uname -m)" osVersion="$(uname -r)"
>
<!-- configure bash as the local node executor -->
<attribute name="script-exec-shell" value="bash -c"/>
<attribute name="script-exec" value="\${exec.command}"/>
<attribute name="local-node-executor" value="script-exec"/>
</node>
</project>
EOF
# Run a local ad-hoc command for sanity checking.
#su - rundeck -c "rd adhoc -p $PROJECT -- "
# Run a distributed ad-hoc command across all nodes
su - rundeck -c "rd adhoc -p $PROJECT -F '.*' -- whoami"
# Add jobs, scripts and options
# -----------------------------
mkdir -p /var/www/html/$PROJECT/{scripts,options,jobs}
cp -r /vagrant/jobs/* /var/www/html/$PROJECT/jobs/
cp -r /vagrant/scripts/* /var/www/html/$PROJECT/scripts/
cp -r /vagrant/options/* /var/www/html/$PROJECT/options/
chown -R apache:rundeck /var/www/html/$PROJECT/{scripts,options,jobs}
chmod 640 /var/www/html/$PROJECT/jobs/*
# Load the jobs
for job in /var/www/html/$PROJECT/jobs/*.xml
do
su - rundeck -c "rd jobs load -p $PROJECT -f $job"
done
# List the jobs
su - rundeck -c "rd jobs list -p $PROJECT"
exit $?