#!/bin/bash set -e DEBUG= KOJI_HUB_FQDN="$(hostname -f)" KOJI_WEB_FQDN=$KOJI_HUB_FQDN KOJI_BUILD_FQDNS= for param in "$@"; do if [ $param ] ; then case $param in debug ) DEBUG="debug" ;; web=* ) KOJI_WEB_FQDN=${param#*=} ;; build=* ) KOJI_BUILD_FQDNS=$KOJI_BUILD_FQDNS" "${param#*=} ;; esac else break fi done SILENT="-s" QUIET="-q" if [ $DEBUG ] ; then set -xe SILENT= QUIET="-v" fi echo "Checking connectivity..." # install any required packages if [[ -z $(dnf list installed | grep epel-release) ]] ; then dnf install -y epel-release $QUIET fi if [[ -z $(dnf list installed | grep netcat) ]] ; then dnf install -y netcat $QUIET fi if [[ ! $KOJI_WEB_FQDN = $KOJI_HUB_FQDN ]] ; then # check that I can conmnect if [[ -z $(nc -z $KOJI_WEB_FQDN 22 2>&1 | grep succeeded) ]] ; then echo "I cannot connect to the web server at $KOJI_WEB_FQDN! Is it online? " echo "Options:" echo "- turn on the server" echo "- add this server into the /etc/hosts file on this server" exit 1 fi fi for FQDN in ${KOJI_BUILD_FQDNS} ; do # check that I can conmnect if [[ -z $(nc -z $FQDN 22 2>&1 | grep succeeded) ]] ; then echo "I cannot connect to builder at $FQDN! Is it online? " echo "Options:" echo "- turn on the server" echo "- add this server into the /etc/hosts file on this server" exit 1 fi done # pull down the deploy scripts SCRIPT_GIT="https://src.koozali.org/smedev/smeserver-koji/raw/branch/master/koji-setup" SCRIPT_DIR="$(echo ~)/bin" echo "Loading required scripts and packages...." mkdir -p $SCRIPT_DIR curl $SILENT $SCRIPT_GIT/koji-deploy-hub.sh > $SCRIPT_DIR/koji-deploy-hub.sh curl $SILENT $SCRIPT_GIT/koji-deploy-web.sh > $SCRIPT_DIR/koji-deploy-web.sh curl $SILENT $SCRIPT_GIT/koji-add-builder.sh > $SCRIPT_DIR/koji-add-builder.sh curl $SILENT $SCRIPT_GIT/koji-bootstrap-build.sh > $SCRIPT_DIR/koji-bootstrap-build.sh curl $SILENT $SCRIPT_GIT/koji-add-user.sh > $SCRIPT_DIR/koji-add-user.sh chmod o+x $SCRIPT_DIR/*.sh # ask for required parameters (ssh settings and build server FQDN) echo "Please enter the following details for generating your SSL keys" while true ; do read -p "Country Code (eg, US): " COUNTRY_CODE if [ ${#COUNTRY_CODE} -ne 2 ] ; then echo "You must enter a 2 character country code" else break fi done while true ; do read -p "State/Region (eg. Ohio): " STATE if [ $STATE ] ; then break ; else echo "State MUST be entered" ; fi done while true ; do read -p "City/Location (eg. Columbus): " LOCATION if [ $LOCATION ] ; then break ; else echo "City MUST be entered" ; fi done while true ; do read -p "Organisation (eg. Koozali): " ORGANIZATION if [ $ORGANIZATION ] ; then break ; else echo "Organization MUST be entered" ; fi done while true ; do read -p "Org Unit (eg. Koji): " ORG_UNIT if [ $ORG_UNIT ] ; then break ; else echo "Organizational Unit MUST be entered" ; fi done # setup default parameters HTTPD_USER=apache HTTPD_DOCUMENT_ROOT=/var/www/html KOJI_DIR="/mnt/koji" TAG_NAME='smeos11 smecontribs11' KOJI_PKI_DIR=/etc/pki/koji RPM_ARCH="x86_64 noarch" KOJID_CAPACITY=16 SRC_RPM_DIR= BIN_RPM_DIR= DEBUG_RPM_DIR= EXTERNAL_REPO='http://mirror.contribs.org/smeserver/releases/10/smeos/\$arch/' POSTGRES_USER=postgres POSTGRES_DIR=/var/lib/pgsql # create the parameter script used by koji scripts cat > $SCRIPT_DIR/koji-parameters.sh <<- EOT #!/bin/bash ## HTTPD settings export HTTPD_USER=$HTTPD_USER export HTTPD_DOCUMENT_ROOT=$HTTPD_DOCUMENT_ROOT ## KOJI RPM BUILD AND TRACKER export SCRIPT_GIT=$SCRIPT_GIT export KOJI_DIR=$KOJI_DIR export KOJI_HUB_FQDN=$KOJI_HUB_FQDN export KOJI_URL=http://$KOJI_HUB_FQDN export KOJI_WEB_URL=http://$KOJI_WEB_FQDN export KOJID_CAPACITY=$KOJID_CAPACITY export TAG_NAME='$TAG_NAME' # Use for koji SSL certificates export KOJI_PKI_DIR=$KOJI_PKI_DIR export COUNTRY_CODE='$COUNTRY_CODE' export STATE='$STATE' export LOCATION='$LOCATION' export ORGANIZATION='$ORGANIZATION' export ORG_UNIT='$ORG_UNIT' # Use for importing existing RPMs export RPM_ARCH='$RPM_ARCH' export SRC_RPM_DIR=$SRC_RPM_DIR export BIN_RPM_DIR=$BIN_RPM_DIR export DEBUG_RPM_DIR=$DEBUG_PRM_DIR # Comment the following if supplying all RPMs as an upstream and not a downstream export EXTERNAL_REPO=${EXTERNAL_REPO} ## POSTGRESQL DATABASE export POSTGRES_USER=$POSTGRES_USER export POSTGRES_DIR=$POSTGRES_DIR EOT chmod o+x $SCRIPT_DIR/koji-parameters.sh # deploy the central koji components koji-deploy-hub.sh $DEBUG # deploy the web koji components if [[ $KOJI_WEB_FQDN = $KOJI_HUB_FQDN ]] ; then # deploy locally (default) koji-deploy-web.sh $KOJI_WEB_FQDN $DEBUG else # deploy remotely to $KOJI_WEB_FQDN # check that I can conmnect if [ ! $(nc -z $KOJI_WEB_FQDN 22 2>&1 | grep succeeded) ] ; then echo "I cannot connect to $KOJI_WEB_FQDN! Is it online? " echo "Options:" echo "- turn on the server" echo "- add this server into the /etc/hosts file on this server" exit 1 fi # update hub config files to point at web server sed -i 's,KojiWebURL.*,KojiWebURL = http://$KOJI_WEB_FQDN/koji,g' /etc/koji-hub/hub.conf sed -i 's,weburl.*,weburl = http://$KOJI_WEB_FQDN/koji,g' /etc/koji.conf # check if nfs has been installed on the hub (only need to install once) if [[ -z $(dnf list installed | grep nfs-server) ]] ; then # add nfs share for koji files direcory to hub curl $SILENT $SCRIPT_GIT/koji-deploy-nfs-server.sh > $SCRIPT_DIR/koji-deploy-nfs-server.sh chmod o+x $SCRIPT_DIR/koji-deploy-nfs-server.sh koji-deploy-nfs-server.sh $DEBUG fi # add web server to nfs exports line for /mnt/koji sed -i '/^\/mnt\/koji/ s/$/ $KOJI_WEB_FQDN(ro,no_root_squash)/g' /etc/exports # generate a hub ssh key if there isn't one already (for scp & ssh to web server) if [ ! -f /root/.ssh/id-rsa ] ; then # create a ssh key on build server mkdir -p ~/.ssh ssh-keygen -t rsa -f /root/.ssh/id_rsa -N "" fi # copy the server key into authorized keys on the web server ssh-copy-id -i ~/.ssh/id_rsa.pub $KOJI_WEB_FQDN # find the IP of the web server WEB_IP=$(ssh root@$KOJI_WEB_FQDN "hostname -I") # add web server into allowed access to db cat >> "$POSTGRES_DIR"/data/pg_hba.conf <<- EOF host koji koji $WEB_IP/32 scram-sha-256 EOF systemctl reload postgresql # copy across the ssl keys ssh $QUIET root@$KOJI_WEB_FQDN mkdir -p $KOJI_PKI_DIR/private scp $QUIET $KOJI_PKI_DIR/kojiweb.pem root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/. scp $QUIET $KOJI_PKI_DIR/kojihub.pem root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/. scp $QUIET $KOJI_PKI_DIR/private/kojihub.key root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/private/. scp $QUIET $KOJI_PKI_DIR/koji_ca_cert.crt root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/. # copy across the parameter files (we built them on the hub) ssh $QUIET root@$KOJI_WEB_FQDN mkdir -p $SCRIPT_DIR scp $QUIET $SCRIPT_DIR/koji-parameters.sh root@$KOJI_WEB_FQDN:$SCRIPT_DIR/koji-parameters.sh # pull down the required scripts ssh $QUIET root@$KOJI_WEB_FQDN "curl $SILENT $SCRIPT_GIT/koji-deploy-nfs-client.sh > $SCRIPT_DIR/koji-deploy-nfs-client.sh" ssh $QUIET root@$KOJI_WEB_FQDN "curl $SILENT $SCRIPT_GIT/koji-deploy-web.sh > $SCRIPT_DIR/koji-deploy-web.sh" # make them executeable ssh $QUIET root@$KOJI_WEB_FQDN "chmod o+x $SCRIPT_DIR/*" # connect to nfs share ssh $QUIET root@$KOJI_WEB_FQDN $SCRIPT_DIR/koji-deploy-nfs-client.sh $DEBUG # deploy koji builder ssh $QUIET root@$KOJI_WEB_FQDN $SCRIPT_DIR/koji-deploy-web.sh $KOJI_WEB_FQDN $DEBUG fi # add builders deploy_builder () { local FQDN=$1 # check if server available on port 22 until (nc -z $FQDN 22 2>/dev/null) do echo "I cannot connect to $FQDN! Is it online? " echo "Options:" echo "- FQDN= # if you've mis-typed the name" echo "- IP= # I'll add this to your /etc/hosts file" echo "- # try again (I've started the server)" echo "- Q # quit this loop (give up)" read RESPONSE case $RESPONSE in Q | q ) break ;; null ) continue ;; IP=* ) BIP=${RESPONSE#*=} # add this builder into the hosts file echo "$BIP $FQDN\n" >> /etc/hosts continue ;; FQDN=* ) FQDN=${RESPONSE#*=} continue ;; *) continue ;; esac done # we found the server and will deploy to it koji-add-builder.sh $FQDN $DEBUG } if [ -z $KOJI_BUILD_FQDNS ] ; then # use hub if no builders entered deploy_builder $KOJI_HUB_FQDN else # use builders added as command line parameters for FQDN in ${KOJI_BUILD_FQDNS} ; do deploy_builder $FQDN done fi # bootstrap the targets etc. koji-bootstrap-build.sh