aws: Write user-data log to file only

[people/pmueller/ipfire-2.x.git] / src / initscripts / helper / aws-setup
diff --git a/src/initscripts/helper/aws-setup b/src/initscripts/helper/aws-setup

index e16678339ace508afde72f15c8a8741d52f4ce58..d40534f9a0c9974eadde4fda7be952e847b06605 100644 (file)
--- a/src/initscripts/helper/aws-setup
+++ b/src/initscripts/helper/aws-setup
@@ -3,6 +3,9 @@
  . /etc/sysconfig/rc
  . ${rc_functions}
  
+# Set PATH to find our own executables
+export PATH=/usr/local/sbin:/usr/local/bin:${PATH}
+
  get() {
         local file="${1}"
  
@@ -109,8 +112,35 @@ import_aws_configuration() {
                 fi
         done
  
-       # Download user-data
-       local user_data="$(get user-data)"
+       # Download the user-data script only on the first boot
+       if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
+               # Initialize pakfire
+               /etc/init.d/pakfire start
+
+               # Install all available updates
+               pakfire update && pakfire upgrade -y
+
+               # If an update requires a reboot, we will do it
+               if [ -e "/var/run/need_reboot" ]; then
+                       reboot
+                       exit 1
+               fi
+
+               # Download user-data
+               local user_data="$(get user-data)"
+
+               # Save user-data script to be executed later
+               if [ "${user_data:0:2}" = "#!" ]; then
+                       echo "${user_data}" > /tmp/aws-user-data.script
+                       chmod 700 /tmp/aws-user-data.script
+
+                       # Run the user-data script
+                       /tmp/aws-user-data.script &>/root/user-data.log
+
+                       # Delete the script right away
+                       rm /tmp/aws-user-data.script
+               fi
+       fi
  
         # Import any DNS server settings
         eval $(/usr/local/bin/readhash <(grep -E "^DNS([0-9])=" /var/ipfire/ethernet/settings 2>/dev/null))
@@ -231,6 +261,9 @@ import_aws_configuration() {
                 # Enable SSH
                 sed -e "s/ENABLE_SSH=.*/ENABLE_SSH=on/g" -i /var/ipfire/remote/settings
  
+               # Disable SSH password authentication
+               sed -e "s/^ENABLE_SSH_PASSWORDS=.*/ENABLE_SSH_PASSWORDS=off/" -i /var/ipfire/remote/settings
+
                 # Enable SSH key authentication
                 sed -e "s/^ENABLE_SSH_KEYS=.*/ENABLE_SSH_KEYS=on/" -i /var/ipfire/remote/settings
  
@@ -249,12 +282,6 @@ import_aws_configuration() {
  
                 # This script has now completed the first steps of setup
                 touch /var/ipfire/main/firstsetup_ok
-
-               # Save user-data script to be executed later
-               if [ "${user_data:0:2}" = "#!" ]; then
-                       echo "${user_data}" > /tmp/aws-user-data.script
-                       chmod 700 /tmp/aws-user-data.script
-               fi
         fi
  
         # All done
@@ -277,11 +304,22 @@ case "${reason}" in
                 # Add the default route
                 ip route add default via "${new_routers}"
  
+               # Setup DNS
+               for domain_name_server in ${new_domain_name_servers}; do
+                       echo "nameserver ${domain_name_server}"
+               done > /etc/resolv.conf
+
+               # The system is online now
+               touch /var/ipfire/red/active
+
                 # Import AWS configuration
                 import_aws_configuration
                 ;;
  
         EXPIRE|FAIL|RELEASE|STOP)
+               # The system is no longer online
+               rm -f /var/ipfire/red/active
+
                 # Remove all IP addresses
                 ip addr flush dev "${interface}"
                 ;;