diff options
author | Simon Rettberg | 2023-10-23 12:23:51 +0200 |
---|---|---|
committer | Simon Rettberg | 2023-10-23 12:23:51 +0200 |
commit | c253075f696612cb136fbc2fe8bc005eb045eb6f (patch) | |
tree | db8ca55d162f2563086fd1e09293966eba05bedf | |
parent | [SSPS] Remove unused constant (diff) | |
download | setup-scripts-c253075f696612cb136fbc2fe8bc005eb045eb6f.tar.gz setup-scripts-c253075f696612cb136fbc2fe8bc005eb045eb6f.tar.xz setup-scripts-c253075f696612cb136fbc2fe8bc005eb045eb6f.zip |
[SSPS] Change firstboot/run logic once again
truncating the currently running script is not too clever, since
it just ends the script after the current line... Do a two-staged
approach now, and also make sure the user cannot login on the web
interface before finishing the firstrun.sh script, by disabling
lighttpd.
4 files changed, 37 insertions, 18 deletions
diff --git a/satellit_installer/static_files/system/etc/issue b/satellit_installer/static_files/system/etc/issue index 90e548a..286fcf6 100644 --- a/satellit_installer/static_files/system/etc/issue +++ b/satellit_installer/static_files/system/etc/issue @@ -1,9 +1,7 @@ ------------------------------------------------- -bwLehrpool Satelliteserver (Debian \S{VERSION_ID}) + bwLehrpool Satellite Server (Debian \S{VERSION_ID}) ------------------------------------------------- -Web interface for configuration: - -\e{lightred}http(s)://\4/\e{reset} -\e{lightred}http(s)://\n.\O/\e{reset} - +Bitte loggen Sie sich als Nutzer "openslx" ein, um die +Einrichtung des Systems abzuschließen. + diff --git a/satellit_installer/static_files/system/etc/issue.disabled b/satellit_installer/static_files/system/etc/issue.disabled new file mode 100644 index 0000000..857ec97 --- /dev/null +++ b/satellit_installer/static_files/system/etc/issue.disabled @@ -0,0 +1,9 @@ +------------------------------------------------- + bwLehrpool Satellite Server (Debian \S{VERSION_ID}) +------------------------------------------------- + +Web interface for configuration: + +\e{lightred}http(s)://\4/\e{reset} +\e{lightred}http(s)://\n.\O/\e{reset} + diff --git a/satellit_installer/static_files/system/opt/openslx/firstboot.sh b/satellit_installer/static_files/system/opt/openslx/firstboot.sh index 9c3c1cf..c8a6a36 100755 --- a/satellit_installer/static_files/system/opt/openslx/firstboot.sh +++ b/satellit_installer/static_files/system/opt/openslx/firstboot.sh @@ -1,6 +1,11 @@ #!/bin/bash MY_PID=$$ +conf="/opt/openslx/config.install" + +# Logfile +exec &>> /opt/openslx/firstboot.log + perror() { echo "[ERROR] $*" [ "$MY_PID" != "$$" ] && kill "$MY_PID" @@ -19,12 +24,26 @@ perror() { exit 5 } -# Logfile -exec &> /opt/openslx/firstboot.log +if ! [ -e "$conf" ]; then + # First time this script runs, it will delete the config at the end; this + # means this has to be the second bootup, after the user finished the + # firstrun.sh script on first login as "openslx". + # Completely delete the script now, and also firstrun.sh + unlink "/opt/openslx/firstrun.sh" + unlink "/opt/openslx/firstboot.sh" + unlink "/etc/systemd/system/firstboot.service" + unlink "/etc/systemd/system/multi-user.target.wants/firstboot.service" + # Only now enable the web interface, so the user cannot login via browser + # before finishing the firstrun.sh script via ssh/tty login + systemctl enable lighttpd.service || perror "Konnte systemd-Service lighttpd nicht aktivieren!" + systemctl --no-block start lighttpd.service + # Also activate our issue that hints at the webif URL + mv /etc/issue.disabled /etc/issue + exit 0 +fi echo "+++ $(basename "$0") gestartet: $(date "+%Y-%m-%d %H:%m:%S")" -conf="/opt/openslx/config.install" [ -s "$conf" ] || perror "Config file $conf missing" bash -n "$conf" || perror "Config file $conf has errors" . "$conf" @@ -36,8 +55,8 @@ generate_password() { patchfiles() { # <find> <replace> <file1> <file2> ... <fileN> # Warning: does not escape! - FIND=$1 - REPLACE=$2 + local FIND="$1" + local REPLACE="$2" shift 2 while [ $# -gt 0 ]; do sed -i "s/${FIND}/${REPLACE}/g" "$1" @@ -54,8 +73,6 @@ ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N "" -t dsa -q ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -N "" -t ecdsa -q ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519 -q -export LANG=de_DE.UTF-8 - echo "+++ Generiere intern genutzte Passwörter (z.B. MySQL-Zugänge) neu ..." umask 0077 @@ -114,9 +131,6 @@ cat > /etc/motd <<THEREDOC THEREDOC echo "+++ Daten des Firstrun-Scripts werden aufgeräumt..." -unlink "/opt/openslx/firstboot.sh" unlink "$conf" -unlink "/etc/systemd/system/firstboot.service" -unlink "/etc/systemd/system/multi-user.target.wants/firstboot.service" exit 0 diff --git a/satellit_installer/static_files/system/opt/openslx/firstrun.sh b/satellit_installer/static_files/system/opt/openslx/firstrun.sh index 951fa8e..41e386c 100755 --- a/satellit_installer/static_files/system/opt/openslx/firstrun.sh +++ b/satellit_installer/static_files/system/opt/openslx/firstrun.sh @@ -48,7 +48,5 @@ cat <<YONDERDOC YONDERDOC sed -i "/opt.openslx.firstrun.sh/d" ~/.profile -# Just to be safe, empty script... Cannot delete as dir is owned by root -truncate -s0 /opt/openslx/firstrun.sh sudo reboot |