2023-09-01 00:53:11 +02:00
|
|
|
#!/bin/bash
|
|
|
|
|
2023-09-01 08:59:55 +02:00
|
|
|
DEBUG=
|
|
|
|
for param in $1 $2 $3 ; do
|
2023-09-01 06:07:07 +02:00
|
|
|
if [ $param ] ; then
|
|
|
|
case $param in
|
|
|
|
debug )
|
|
|
|
DEBUG=true ;;
|
|
|
|
esac
|
|
|
|
else
|
|
|
|
break
|
|
|
|
fi
|
|
|
|
done
|
2023-09-01 00:53:11 +02:00
|
|
|
|
2023-09-01 08:59:55 +02:00
|
|
|
SILENT="-s"
|
|
|
|
QUIET="-q"
|
2023-09-01 06:07:07 +02:00
|
|
|
if [ $DEBUG ] ; then
|
|
|
|
set -xe
|
2023-09-01 08:59:55 +02:00
|
|
|
SILENT=
|
|
|
|
QUIET="-v"
|
2023-09-01 06:07:07 +02:00
|
|
|
else
|
|
|
|
set -e
|
|
|
|
fi
|
|
|
|
|
|
|
|
# pull down the deploy scripts
|
|
|
|
SCRIPT_GIT="https://src.koozali.org/smedev/smeserver-koji/raw/branch/master/koji-setup"
|
|
|
|
SCRIPT_DIR="$(echo ~)/bin"
|
2023-09-02 06:37:19 +02:00
|
|
|
KOJI_PKI_DIR="/etc/pki/koji"
|
|
|
|
|
2023-09-01 06:07:07 +02:00
|
|
|
mkdir -p $SCRIPT_DIR
|
2023-09-01 08:59:55 +02:00
|
|
|
curl $SILENT $SCRIPT_GIT/gencert.sh > $SCRIPT_DIR/gencert.sh
|
|
|
|
curl $SILENT $SCRIPT_GIT/deploy-koji.sh > $SCRIPT_DIR/deploy-koji.sh
|
|
|
|
curl $SILENT $SCRIPT_GIT/bootstrap-build.sh > $SCRIPT_DIR/bootstrap-build.sh
|
2023-09-01 06:26:34 +02:00
|
|
|
chmod o+x $SCRIPT_DIR/*.sh
|
2023-09-01 06:07:07 +02:00
|
|
|
|
2023-09-02 07:39:30 +02:00
|
|
|
# install any required packages
|
2023-09-02 08:16:17 +02:00
|
|
|
dnf install -y epel-release $QUIET
|
2023-09-02 07:39:30 +02:00
|
|
|
dnf install -y netcat $QUIET
|
|
|
|
|
2023-09-01 06:07:07 +02:00
|
|
|
# ask for required parameters (ssh settings and build server FQDN)
|
2023-09-02 07:39:30 +02:00
|
|
|
KOJID_CAPACITY=16
|
2023-09-01 01:44:52 +02:00
|
|
|
KOJI_HUB_FQDN="$(hostname -f)"
|
2023-09-01 06:07:07 +02:00
|
|
|
while true ; do
|
2023-09-01 06:23:15 +02:00
|
|
|
read -p "Country Code (eg, US) " COUNTRY_CODE
|
|
|
|
if [ ${#COUNTRY_CODE} -ne 2 ] ; then
|
2023-09-01 06:07:07 +02:00
|
|
|
echo "You must enter a 2 character country code"
|
|
|
|
else
|
|
|
|
break
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
while true ; do
|
|
|
|
read -p "State (eg. Ohio) " STATE
|
|
|
|
if [ $STATE ] ; then break ; else echo "State MUST be entered" ; fi
|
|
|
|
done
|
|
|
|
while true ; do
|
|
|
|
read -p "City (eg. Columbus) " LOCATION
|
|
|
|
if [ $LOCATION ] ; then break ; else echo "City MUST be entered" ; fi
|
|
|
|
done
|
|
|
|
while true ; do
|
|
|
|
read -p "Organisation (eg. Koozali) " ORGANIZATION
|
|
|
|
if [ $ORGANIZATION ] ; then break ; else echo "Organization MUST be entered" ; fi
|
|
|
|
done
|
|
|
|
while true ; do
|
|
|
|
read -p "Org Unit (eg. Koji) " ORG_UNIT
|
|
|
|
if [ $ORG_UNIT ] ; then break ; else echo "Organizational Unit MUST be entered" ; fi
|
|
|
|
done
|
2023-09-01 00:53:11 +02:00
|
|
|
|
2023-09-01 06:07:07 +02:00
|
|
|
# create the parameter scripts used by deploy scripts
|
|
|
|
cat > $SCRIPT_DIR/globals.sh <<- EOT
|
2023-09-01 01:44:52 +02:00
|
|
|
#!/bin/bash
|
2023-09-01 06:07:07 +02:00
|
|
|
# Copyright (C) 2019 Intel Corporation
|
|
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
|
|
|
#### START DO NOT EDIT ####
|
2023-09-01 01:44:52 +02:00
|
|
|
export POSTGRES_USER=postgres
|
|
|
|
export POSTGRES_DEFAULT_DIR=/var/lib/pgsql
|
|
|
|
export HTTPD_USER=apache
|
|
|
|
export HTTPD_DOCUMENT_ROOT=/var/www/html
|
|
|
|
export KOJI_PKI_DIR=/etc/pki/koji
|
2023-09-01 06:07:07 +02:00
|
|
|
#### END DO NOT EDIT
|
|
|
|
EOT
|
|
|
|
|
|
|
|
cat > $SCRIPT_DIR/parameters.sh <<- EOT
|
|
|
|
#!/bin/bash
|
2023-09-01 01:44:52 +02:00
|
|
|
## KOJI RPM BUILD AND TRACKER
|
|
|
|
export KOJI_DIR=/mnt/koji
|
2023-09-01 06:07:07 +02:00
|
|
|
export KOJI_HUB_FQDN="$KOJI_HUB_FQDN"
|
2023-09-01 01:44:52 +02:00
|
|
|
export KOJI_URL=http://"$KOJI_HUB_FQDN"
|
2023-09-02 07:39:30 +02:00
|
|
|
export KOJID_CAPACITY=$KOJID_CAPACITY
|
2023-09-01 01:44:52 +02:00
|
|
|
export TAG_NAME=sme
|
|
|
|
# Use for koji SSL certificates
|
|
|
|
export COUNTRY_CODE='$COUNTRY_CODE'
|
|
|
|
export STATE='$STATE'
|
|
|
|
export LOCATION='$LOCATION'
|
|
|
|
export ORGANIZATION='$ORGANIZATION'
|
|
|
|
export ORG_UNIT='$ORG_UNIT'
|
|
|
|
# Use for importing existing RPMs
|
|
|
|
export RPM_ARCH='x86_64'
|
|
|
|
export SRC_RPM_DIR=
|
|
|
|
export BIN_RPM_DIR=
|
|
|
|
export DEBUG_RPM_DIR=
|
|
|
|
# Comment the following if supplying all RPMs as an upstream and not a downstream
|
|
|
|
export EXTERNAL_REPO=http://mirrorlist.centos.org/releases/10/smeos/
|
|
|
|
## POSTGRESQL DATABASE
|
|
|
|
export POSTGRES_DIR=/var/lib/pgsql
|
|
|
|
EOT
|
2023-09-01 06:07:07 +02:00
|
|
|
|
|
|
|
# deploy thecentral koji components
|
|
|
|
deploy-koji.sh
|
|
|
|
|
|
|
|
# if there is a separate koji builder deploy that
|
2023-09-02 06:37:19 +02:00
|
|
|
PROMPT="Build server FQDN (will default to hub FQDN '$KOJI_HUB_FQDN' if left blank) "
|
|
|
|
BSNO=1
|
|
|
|
while true ; do
|
|
|
|
read -p "$PROMPT" KOJI_BUILD_FQDN
|
|
|
|
PROMPT="Build server FQDN. (will stop asking if left blank) "
|
|
|
|
if [ -z $KOJI_BUILD_FQDN ] ; then
|
|
|
|
if [[ $BSNO -gt 1 ]] ; then
|
|
|
|
break
|
|
|
|
else
|
|
|
|
KOJI_BUILD_FQDN=$KOJI_HUB_FQDN
|
|
|
|
echo "All-in-one: Hub will now be a build server as well"
|
|
|
|
curl $SILENT $SCRIPT_GIT/deploy-koji-builder.sh > $SCRIPT_DIR/deploy-koji-builder.sh
|
|
|
|
chmod o+x $SDRIPT_DIR/deploy-koji-builder.sh
|
|
|
|
deploy-koji-builder.sh
|
|
|
|
break
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
# check if server available on port 22
|
|
|
|
until (nc -z $KOJI_BUILD_FQDN 22)
|
|
|
|
do
|
|
|
|
echo "I cannot connect to $KOJI_BUILD_FQDN! Is it online? "
|
|
|
|
echo "Options:"
|
|
|
|
echo "- FQDN=<FQDN of build server> # if you've mis-typed the name"
|
|
|
|
echo "- IP=<IP of build server> # I'll add this to your /etc/hosts file"
|
|
|
|
echo "- <enter> # try again (I've started the server)"
|
|
|
|
echo "- Q # quit this loop"
|
|
|
|
read RESPONSE
|
|
|
|
case $RESPONSE in
|
|
|
|
Q | q )
|
|
|
|
break
|
|
|
|
;;
|
|
|
|
null )
|
|
|
|
continue
|
|
|
|
;;
|
|
|
|
IP=* )
|
|
|
|
BIP=${RESPONSE#*=}
|
2023-09-02 07:39:30 +02:00
|
|
|
# add this builder into the hosts file
|
2023-09-02 06:37:19 +02:00
|
|
|
echo "$BIP $KOJI_BUILD_FQDN\n" >> /etc/hosts
|
|
|
|
continue
|
|
|
|
;;
|
|
|
|
FQDN=* )
|
|
|
|
KOJI_BUILD_FQDN=${RESPONSE#*=}
|
2023-09-02 07:39:30 +02:00
|
|
|
continue
|
2023-09-02 06:37:19 +02:00
|
|
|
;;
|
|
|
|
*)
|
|
|
|
continue
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
# we found the server and will deploy to it
|
|
|
|
echo "$KOJI_BUILD_FQDN will be Koji Build server No. $BSNO"
|
|
|
|
((BSNO=BSNO+1))
|
|
|
|
|
|
|
|
## On the HUB
|
|
|
|
# Add the host entry for the koji builder to the database
|
|
|
|
sudo -u kojiadmin koji add-host "$KOJI_BUILD_FQDN" "$RPM_ARCH"
|
|
|
|
# Add the host to the createrepo channel
|
|
|
|
sudo -u kojiadmin koji add-host-to-channel "$KOJI_BUILD_FQDN" createrepo
|
|
|
|
# A note on capacity
|
|
|
|
sudo -u kojiadmin koji edit-host --capacity="$KOJID_CAPACITY" "$KOJI_BUILD_FQDN"
|
2023-09-03 00:01:23 +02:00
|
|
|
if [ $KOJI_BUILD_FQDN eq $KOJI_HUB_FQDN ] ; then
|
|
|
|
deploy-koji-builder.sh
|
|
|
|
else
|
|
|
|
## On the HUB
|
|
|
|
# check if nfs has been installed on the hub (only need to install once)
|
|
|
|
if [ ! -s /etc/exports ] ; then
|
|
|
|
# add nfs share for koji files direcory to hub
|
|
|
|
curl $SILENT $SCRIPT_GIT/deploy-koji-nfs-server.sh > $SCRIPT_DIR/deploy-koji-nfs-server.sh
|
|
|
|
chmod o+x $SCRIPT_DIR/deploy-koji-nfs-server.sh
|
|
|
|
deploy-koji-nfs-server.sh $KOJI_BUILD_FQDN
|
|
|
|
else
|
|
|
|
# add build server to nfs exports line
|
|
|
|
echo " $KOJI_BUILD_FQDN(ro,no_root_squash)" >> /etc/exports
|
|
|
|
fi
|
|
|
|
# Generate a certificate for the builder
|
|
|
|
pushd "$KOJI_PKI_DIR"
|
|
|
|
./gencert.sh "$KOJI_BUILD_FQDN" "/C=$COUNTRY_CODE/ST=$STATE/L=$LOCATION/O=$ORGANIZATION/CN=$KOJI_BUILD_FQDN"
|
|
|
|
popd
|
|
|
|
# generate a hub ssl key if there isn't one already (for scp & ssh to builders)
|
|
|
|
if [ ! -f /root/.ssh/id-rsa ] ; then
|
|
|
|
# create a ssh key on build server
|
|
|
|
mkdir -p ~/.ssh
|
|
|
|
ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ""
|
|
|
|
fi
|
2023-09-02 06:37:19 +02:00
|
|
|
|
2023-09-03 00:01:23 +02:00
|
|
|
## On the BUILDER
|
|
|
|
# copy the server key into authorized keys on the build server
|
|
|
|
ssh-copy-id -i ~/.ssh/id_rsa.pub $KOJI_BUILD_FQDN
|
|
|
|
# copy across the ssl keys
|
|
|
|
ssh $QUIET root@$KOJI_BUILD_FQDN mkdir $KOJI_PKI_DIR
|
|
|
|
scp $QUIET $KOJI_PKI_DIR/$KOJI_BUILD_FQDN.pem root@$KOJI_BUILD_FQDN:$KOJI_PKI_DIR/.
|
|
|
|
scp $QUIET $KOJI_PKI_DIR/koji_ca_cert.crt root@$KOJI_BUILD_FQDN:$KOJI_PKI_DIR/.
|
|
|
|
# copy across the parameter files (we built them on the hub)
|
|
|
|
ssh $QUIET root@$KOJI_BUILD_FQDN mkdir -p $SCRIPT_DIR
|
|
|
|
scp $QUIET $SCRIPT_DIR/globals.sh root@$KOJI_BUILD_FQDN:$SCRIPT_DIR/globals.sh
|
|
|
|
scp $QUIET $SCRIPT_DIR/parameters.sh root@$KOJI_BUILD_FQDN:$SCRIPT_DIR/parameters.sh
|
|
|
|
# pull down the required scripts
|
|
|
|
ssh $QUIET root@$KOJI_BUILD_FQDN "curl $SILENT $SCRIPT_GIT/deploy-koji-nfs-client.sh > $SCRIPT_DIR/deploy-koji-nfs-client.sh"
|
|
|
|
ssh $QUIET root@$KOJI_BUILD_FQDN "curl $SILENT $SCRIPT_GIT/deploy-koji-builder.sh > $SCRIPT_DIR/deploy-koji-builder.sh"
|
|
|
|
# make them executeable
|
|
|
|
ssh $QUIET root@$KOJI_BUILD_FQDN "chmod o+x $SCRIPT_DIR/*"
|
|
|
|
# connect to nfs share
|
|
|
|
ssh $QUIET root@$KOJI_BUILD_FQDN $SCRIPT_DIR/deploy-koji-nfs-client.sh
|
|
|
|
# deploy koji builder
|
|
|
|
ssh $QUIET root@$KOJI_BUILD_FQDN $SCRIPT_DIR/deploy-koji-builder.sh
|
|
|
|
done
|
|
|
|
fi
|
2023-09-01 06:07:07 +02:00
|
|
|
|
|
|
|
#
|
|
|
|
bootstrap-build.sh
|