forked from projectpotos/potos-iso-builder
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfinish.sh.j2
executable file
·85 lines (64 loc) · 2.92 KB
/
finish.sh.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/bin/bash
{# When Develop envitonment copy setup as backup #}
{% if POTOS_ENV is defined and POTOS_ENV == 'develop' %}
mkdir /opt/tmp
cp -R /setup/* /opt/tmp
{% endif %}
# Define temporary work directory and
ANSIBLE_WORKDIR='/tmp/potos_ansible'
ANSIBLE_GIT_URL='https://github.com/projectpotos/ansible-plays-potos.git'
ANSIBLE_GIT_BRANCH='main'
mkdir -p "/etc/potos"
mkdir -p "/var/log/{{ config['client_name']['short']}}"
cat > /etc/potos/specs_repo.yml <<EOF
---
client_name: "{{ config['client_name']['long'] }}"
client_short_name: "{{ config['client_name']['short'] }}"
git_url: "{{ config['specs']['url'] }}"
git_repo: "{{ config['specs']['repo'] }}"
git_branch: "{{ config['specs']['branch'] }}"
git_ssh_key: "{{ config['specs']['ssh_key'] != "" }}"
git_ansible_vault: "{{ config['specs']['ansible_vault_key_file'] != "" }}"
EOF
chown 0:0 /etc/potos/specs_repo.yml && chmod 0400 /etc/potos/specs_repo.yml
if [[ -d "${ANSIBLE_WORKDIR}" ]]; then
rm -rf "${ANSIBLE_WORKDIR}"
fi
mkdir -p "${ANSIBLE_WORKDIR}"
{% if config['specs']['ssh_key'] != "" %}
GIT_SSH_COMMAND='ssh -i /etc/potos/specs_key -o StrictHostKeyChecking=accept-new' git clone --single-branch --branch "${ANSIBLE_GIT_BRANCH}" "${ANSIBLE_GIT_URL}" "${ANSIBLE_WORKDIR}"
{% else %}
git clone --single-branch --branch "${ANSIBLE_GIT_BRANCH}" "${ANSIBLE_GIT_URL}" "${ANSIBLE_WORKDIR}"
{% endif %}
if [[ $? -ne 0 ]]; then
echo "# ERROR: Failed to clone the git repository"
exit 1
fi
################################################################################
# Apply the ansible prepare.yml
################################################################################
cd "${ANSIBLE_WORKDIR}"
virtualenv .
source bin/activate
pip3 install ansible-core==2.12.3
{# Verbose ansible if develop #}
ansible-playbook prepare.yml {% if config['specs']['ansible_vault_key_file'] != "" %}--vault-password-file=/etc/potos/ansible_vault_key {% endif %}{% if POTOS_ENV is defined and POTOS_ENV == 'develop' %}-vvv {% endif %}| sed -u 's/^/# /'
ansible-playbook playbook.yml {% if config['specs']['ansible_vault_key_file'] != "" %}--vault-password-file=/etc/potos/ansible_vault_key {% endif %}{% if POTOS_ENV is defined and POTOS_ENV == 'develop' %}-vvv {% endif %}-e "{{ config['client_name']['short'] }}_runtype"="{{ config['first_boot_ansible']['runtype'] }}" | sed -u 's/^/# /'
deactivate
################################################################################
# Finalize the installation
################################################################################
sed -ie 's/GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"/' /etc/default/grub
/usr/sbin/update-grub
cat > /var/lib/AccountsService/users/admin <<EOF
[User]
SystemAccount=true
EOF
echo "# Cleaning up ... please wait"
rm -f /etc/sudoers.d/01_gnome-initial-setup
apt purge -y gnome-initial-setup
userdel -rf gnome-initial-setup
rm -rf /setup
rm -rf "${ANSIBLE_WORKDIR}"
sleep 5s
systemctl reboot