smeserver-koji/install-koji-farm.sh

#!/bin/bash

DEBUG=
for param in $1 $2 $3 ; do
  if [ $param ] ; then
    case $param in
	  debug )
		DEBUG=true ;;
    esac
  else
	  break
  fi
done

SILENT="-s"
QUIET="-q"
if [ $DEBUG ] ; then
    set -xe
    SILENT=
    QUIET="-v"
else
    set -e
fi

# pull down the deploy scripts
SCRIPT_GIT="https://src.koozali.org/smedev/smeserver-koji/raw/branch/master/koji-setup"
SCRIPT_DIR="$(echo ~)/bin"
KOJI_PKI_DIR="/etc/pki/koji"

mkdir -p $SCRIPT_DIR
curl $SILENT $SCRIPT_GIT/gencert.sh > $SCRIPT_DIR/gencert.sh
curl $SILENT $SCRIPT_GIT/deploy-koji.sh > $SCRIPT_DIR/deploy-koji.sh
curl $SILENT $SCRIPT_GIT/bootstrap-build.sh > $SCRIPT_DIR/bootstrap-build.sh
chmod o+x $SCRIPT_DIR/*.sh

# install any required packages
dnf install -y epel-release $QUIET
dnf install -y netcat $QUIET

# ask for required parameters (ssh settings and build server FQDN)
KOJID_CAPACITY=16
KOJI_HUB_FQDN="$(hostname -f)"
while true ; do
    read -p "Country Code (eg, US) " COUNTRY_CODE
    if [ ${#COUNTRY_CODE} -ne 2 ] ; then
        echo "You must enter a 2 character country code"
    else
        break
    fi
done
while true ; do
    read -p "State (eg. Ohio) " STATE
    if [ $STATE ] ; then break ; else echo "State MUST be entered" ; fi
done
while true ; do
    read -p "City (eg. Columbus) " LOCATION
    if [ $LOCATION ] ; then break ; else echo "City MUST be entered" ; fi
done
while true ; do
    read -p "Organisation (eg. Koozali) " ORGANIZATION
    if [ $ORGANIZATION ] ; then break ; else echo "Organization MUST be entered" ; fi
done
while true ; do
    read -p "Org Unit (eg. Koji) " ORG_UNIT
    if [ $ORG_UNIT ] ; then break ; else echo "Organizational Unit MUST be entered" ; fi
done

# create the parameter scripts used by deploy scripts
cat > $SCRIPT_DIR/globals.sh <<- EOT
#!/bin/bash
# Copyright (C) 2019 Intel Corporation
# SPDX-License-Identifier: Apache-2.0

#### START DO NOT EDIT ####
export POSTGRES_USER=postgres
export POSTGRES_DEFAULT_DIR=/var/lib/pgsql
export HTTPD_USER=apache
export HTTPD_DOCUMENT_ROOT=/var/www/html
export KOJI_PKI_DIR=/etc/pki/koji
#### END DO NOT EDIT
EOT

cat > $SCRIPT_DIR/parameters.sh <<- EOT
#!/bin/bash
## KOJI RPM BUILD AND TRACKER
export KOJI_DIR=/mnt/koji
export KOJI_HUB_FQDN="$KOJI_HUB_FQDN"
export KOJI_URL=http://"$KOJI_HUB_FQDN"
export KOJID_CAPACITY=$KOJID_CAPACITY
export TAG_NAME=sme
# Use for koji SSL certificates
export COUNTRY_CODE='$COUNTRY_CODE'
export STATE='$STATE'
export LOCATION='$LOCATION'
export ORGANIZATION='$ORGANIZATION'
export ORG_UNIT='$ORG_UNIT'
# Use for importing existing RPMs
export RPM_ARCH='x86_64'
export SRC_RPM_DIR=
export BIN_RPM_DIR=
export DEBUG_RPM_DIR=
# Comment the following if supplying all RPMs as an upstream and not a downstream
export EXTERNAL_REPO=http://mirrorlist.centos.org/releases/10/smeos/
## POSTGRESQL DATABASE
export POSTGRES_DIR=/var/lib/pgsql
EOT

# deploy thecentral koji components
deploy-koji.sh

# if there is a separate koji builder deploy that
PROMPT="Build server FQDN (will default to hub FQDN '$KOJI_HUB_FQDN' if left blank) "
BSNO=1
while true ; do
    read -p "$PROMPT" KOJI_BUILD_FQDN
    PROMPT="Build server FQDN. (will stop asking if left blank) "
    if [ -z $KOJI_BUILD_FQDN ] ; then
        if [[ $BSNO -gt 1 ]] ; then
            break
        else
            KOJI_BUILD_FQDN=$KOJI_HUB_FQDN
            echo "All-in-one: Hub will now be a build server as well" 
            curl $SILENT $SCRIPT_GIT/deploy-koji-builder.sh > $SCRIPT_DIR/deploy-koji-builder.sh
            chmod o+x $SDRIPT_DIR/deploy-koji-builder.sh
            deploy-koji-builder.sh
            break
        fi
    fi
    # check if server available on port 22
    until (nc -z $KOJI_BUILD_FQDN 22)
    do
        echo "I cannot connect to $KOJI_BUILD_FQDN! Is it online? "
        echo "Options:"
        echo "- FQDN=<FQDN of build server> # if you've mis-typed the name"
        echo "- IP=<IP of build server> # I'll add this to your /etc/hosts file"
        echo "- <enter> # try again (I've started the server)"
        echo "- Q # quit this loop"
        read RESPONSE
        case $RESPONSE in
            Q | q )
                break
                ;;
            null )
                continue
                ;;
            IP=* )
                BIP=${RESPONSE#*=}
                # add this builder into the hosts file
                echo "$BIP  $KOJI_BUILD_FQDN\n" >> /etc/hosts
                continue 
                ;;
            FQDN=* )
                KOJI_BUILD_FQDN=${RESPONSE#*=}
                continue
                ;;
            *)
                continue
                ;;
            esac
    done
    # we found the server and will deploy to it
    echo "$KOJI_BUILD_FQDN will be Koji Build server No. $BSNO"
    ((BSNO=BSNO+1))

    ## On the HUB
    # Add the host entry for the koji builder to the database
    sudo -u kojiadmin koji add-host "$KOJI_BUILD_FQDN" "$RPM_ARCH"
    # Add the host to the createrepo channel
    sudo -u kojiadmin koji add-host-to-channel "$KOJI_BUILD_FQDN" createrepo
    # A note on capacity
    sudo -u kojiadmin koji edit-host --capacity="$KOJID_CAPACITY" "$KOJI_BUILD_FQDN"
    if [ $KOJI_BUILD_FQDN eq $KOJI_HUB_FQDN ] ; then
        deploy-koji-builder.sh
    else
        ## On the HUB
        # check if nfs has been installed on the hub (only need to install once) 
        if [ ! -s /etc/exports ] ; then
            # add nfs share for koji files direcory to hub
            curl $SILENT $SCRIPT_GIT/deploy-koji-nfs-server.sh > $SCRIPT_DIR/deploy-koji-nfs-server.sh
            chmod o+x $SCRIPT_DIR/deploy-koji-nfs-server.sh
            deploy-koji-nfs-server.sh $KOJI_BUILD_FQDN
        else
            # add build server to nfs exports line
            echo " $KOJI_BUILD_FQDN(ro,no_root_squash)" >> /etc/exports
        fi
        # Generate a certificate for the builder
        pushd "$KOJI_PKI_DIR"
        ./gencert.sh "$KOJI_BUILD_FQDN" "/C=$COUNTRY_CODE/ST=$STATE/L=$LOCATION/O=$ORGANIZATION/CN=$KOJI_BUILD_FQDN"
        popd
        # generate a hub ssl key if there isn't one already (for scp & ssh to builders)
        if [ ! -f /root/.ssh/id-rsa ] ; then
            # create a ssh key on build server
            mkdir -p ~/.ssh
            ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ""
        fi
    
        ## On the BUILDER
        # copy the server key into authorized keys on the build server
        ssh-copy-id -i ~/.ssh/id_rsa.pub $KOJI_BUILD_FQDN
        # copy across the ssl keys
        ssh $QUIET root@$KOJI_BUILD_FQDN mkdir $KOJI_PKI_DIR
        scp $QUIET $KOJI_PKI_DIR/$KOJI_BUILD_FQDN.pem root@$KOJI_BUILD_FQDN:$KOJI_PKI_DIR/.
        scp $QUIET $KOJI_PKI_DIR/koji_ca_cert.crt root@$KOJI_BUILD_FQDN:$KOJI_PKI_DIR/.
        # copy across the parameter files (we built them on the hub)
        ssh $QUIET root@$KOJI_BUILD_FQDN mkdir -p $SCRIPT_DIR
        scp $QUIET $SCRIPT_DIR/globals.sh root@$KOJI_BUILD_FQDN:$SCRIPT_DIR/globals.sh
        scp $QUIET $SCRIPT_DIR/parameters.sh root@$KOJI_BUILD_FQDN:$SCRIPT_DIR/parameters.sh
        # pull down the required scripts
        ssh $QUIET root@$KOJI_BUILD_FQDN "curl $SILENT $SCRIPT_GIT/deploy-koji-nfs-client.sh > $SCRIPT_DIR/deploy-koji-nfs-client.sh"
        ssh $QUIET root@$KOJI_BUILD_FQDN "curl $SILENT $SCRIPT_GIT/deploy-koji-builder.sh > $SCRIPT_DIR/deploy-koji-builder.sh"
        # make them executeable
        ssh $QUIET root@$KOJI_BUILD_FQDN "chmod o+x $SCRIPT_DIR/*"
        # connect to nfs share
        ssh $QUIET root@$KOJI_BUILD_FQDN $SCRIPT_DIR/deploy-koji-nfs-client.sh
        # deploy koji builder
        ssh $QUIET root@$KOJI_BUILD_FQDN $SCRIPT_DIR/deploy-koji-builder.sh
    done
fi

# 
bootstrap-build.sh