Outsource and translate firstrun.sh, rename variables

- Moved the firstrun script to a static file to make its handling easier (no more escaping hell)
- firstrun.sh is now in German, as it will be run by the end user
- Also renamed some variables to better fit their purpose (LOGDIR, INSTALLDIR)

1 files changed, 13 insertions, 176 deletions

diff --git a/satellit_installer/includes/10-script_dropper.inc b/satellit_installer/includes/10-script_dropper.inc
index 703ff2e..ac6ed03 100644
--- a/satellit_installer/includes/10-script_dropper.inc
+++ b/satellit_installer/includes/10-script_dropper.inc
@@ -1,185 +1,22 @@
-patch_bashrc() {
-	if [ $(grep -c $(echo "^${INSTALLDIR}.*first_run") /root/.bashrc) -gt 0 ]; then
-		echo "# first_run script already in root's bashrc, doing nothing."
+patch_profile() {
+	if grep -q "/root/installer/firstrun.sh" /root/.profile; then
+		echo "# first_run script already in root's .profile, doing nothing."
 	else
-		echo "# Patching root's bashrc...) "
-		echo "${INSTALLDIR}/first_run" >> /root/.bashrc
+		echo "# Patching root's .profile"
+		echo "/root/installer/firstrun.sh" >> /root/.profile
 	fi
 }
 
-copy_public_key() {
-	cp -p "${BASEDIR}/static_files/finish_setup_public_key.pem" ${INSTALLDIR} \
-		|| echo "Warning: Could not copy public key to ${INSTALLDIR}!"
-}
-
 drop_script() {
-	cat >"${INSTALLDIR}/first_run"<<-EOF
-	#!/bin/bash
-	
-	generate_password() {
-        	local password="\$(< /dev/urandom tr -dc _A-Za-z0-9 | head -c${1:-16};)"
-		echo "\$password"
-	}
-
-	LANG=en_US.UTF-8
-	echo
-	echo "Satellite server install post-install script"
-	echo
-	echo "This script will set safe password for root, the mysql root user,"
-	echo 'two mysql user accounts (openslx and bwLehrpool) and debian-sys-maint.'
-	echo
-	echo "We recommend you choose a secure password for root. The other"
-	echo "passwords will be auto generated."
-	echo ""
-	echo "Please set a secure password for root:"
-	echo ""
-	passwd
-	echo 
-	echo "Thank you."
-	echo
-	echo "Now we will auto-generate new passwords for the mentioned mysql users:"
-	echo
-	MYSQL_ROOT_PASS="\$(grep MYSQL_ROOT_PASS "$LOGDIR/config"|cut -f 2 -d "=")"
-	umask 0066
-
-	MYSQL_ROOT_NEW=\$(generate_password)
-	mysqladmin -u root -p\${MYSQL_ROOT_PASS} password \${MYSQL_ROOT_NEW} 
-	echo "MYSQL_ROOT_PASS=\$MYSQL_ROOT_NEW" > /root/new_passwords
-	echo "Mysql root password,"
-
-	MYSQL_BWLEHRPOOL_NEW=\$(generate_password)
-	echo "SET PASSWORD FOR 'bwLehrpool'@'localhost' = PASSWORD('\$MYSQL_BWLEHRPOOL_NEW');" | mysql -u root -p\${MYSQL_ROOT_NEW}
-	echo "MYSQL_BWLEHRPOOL_PASS=\$MYSQL_BWLEHRPOOL_NEW" >> /root/new_passwords
-	echo "Mysql bwLehrpool password,"
-
-	MYSQL_OPENSLX_NEW=\$(generate_password)
-	echo "SET PASSWORD FOR 'openslx'@'localhost' = PASSWORD('\$MYSQL_OPENSLX_NEW');" | mysql -u root -p\${MYSQL_ROOT_NEW}
-	echo "MYSQL_OPENSLX_PASS=\$MYSQL_OPENSLX_NEW" >> /root/new_passwords
-	echo "mysql openslx password,"
-
-	MYSQL_SYSMAINT_NEW=\$(generate_password)
-	echo "SET PASSWORD FOR 'debian-sys-maint'@'localhost' = PASSWORD('\$MYSQL_SYSMAINT_NEW');" | mysql -u root -p\${MYSQL_ROOT_NEW}
-	echo "and debian-sys-maint."
-
-	echo "... done."
-	echo
-	echo "Now we will save the newly set passwords (save debian-sys-maint)"
-	echo "in an encrypted file..."
-
-	cat /root/new_passwords | openssl rsautl -encrypt -pubin -inkey ${BASEDIR}/static_files/finish_setup_public_key.pem > \
-		${BASEDIR}/static_files/new_passwords.encrypted
-	rm -f /root/new_passwords 2>/dev/null
-	echo "...ok."
-
-	echo "And due to popular demand we will save the mysql root password also "
-	echo "in the file /root/mysqlpass (and set it to 600, of course)... "
-	echo "\$MYSQL_ROOT_NEW" > /root/mysqlpass
-	chmod 600 /root/mysqlpass
-
-	# Patching bwLehrpool-mysql-userpass into bwSuite Server config:
-	sed -i "s/%MYSQL_BWLEHRPOOL_PASS%/\$MYSQL_BWLEHRPOOL_NEW/g" "$INSTALLDIR/Server_Config.ini"
-
-	# Patching bwLehrpool-mysql-userpass into pureftpd config:
-	sed -i "s/MYSQLPassword.*$/MYSQLPassword    \$MYSQL_BWLEHRPOOL_NEW/g" /etc/pure-ftpd/db/mysql.conf
-
-	# Patching bwLehrpool-mysql-userpass into satellite-daemon config:
-	sed -i "s/%MYSQL_BWLEHRPOOL_PASS%/\$MYSQL_BWLEHRPOOL_NEW/g" /opt/syncdaemon/config/mysql.properties
-
-	# Patching bwLehrpool-mysql-userpass into vmchooser list.php:
-	sed -i "s/%MYSQL_BWLEHRPOOL_PASS%/\$MYSQL_BWLEHRPOOL_NEW/g" /srv/openslx/www/vmchooser/list.php
-
-	# Patching openslx-mysql-userpass into slx-admin config:
-	sed -i "s/%MYSQL_OPENSLX_PASS%/\$MYSQL_OPENSLX_NEW/g" "$WWWDIR/slx-admin/config.php"
-
-	# Patching debian-sys-maint password into /etc/mysql/debian.cnf:
-	sed -i "s/password = .*/password = \$MYSQL_SYSMAINT_NEW/g" "/etc/mysql/debian.cnf"
-
-	# inittab-entry dmsd:
-	if [ \$(grep -c "dmsd.*respawn" /etc/inittab) -gt 0 ]; then
-		echo "bwLehrpool Suite inittab entry detected, doing nothing. "
-	else
-		echo -n "bwLehrpool Suite: patching inittab..."
-		echo "dmsd:2345:respawn:$INSTALLDIR/dmsd.sh" >> /etc/inittab
-		echo "ok."
-	fi
-
-	# inittab-entry taskmanager:
-	if [ \$(grep -c "tman.*respawn" /etc/inittab) -gt 0 ]; then
-		echo "Taskmanager inittab entry detected, doing nothing."
-	else
-		echo -n "bwLehrpool Suite: patching inittab..."
-		echo "tman:2345:respawn:$TASKMANDIR/taskmanager.sh" >> /etc/inittab
-		echo "ok."
-	fi
-
-	# inittab-entry syncdaemon:
-	if [ \$(grep -c "synd.*respawn" /etc/inittab) -gt 0 ]; then
-		echo "syncdaemon inittab entry detected, doing nothing. "
-	else
-		echo -n "syncdaemon: patching inittab..."
-		echo "synd:2345:respawn:/opt/syncdaemon/syncdaemon.sh" >> /etc/inittab
-		echo "ok."
-	fi
-
-	echo "Now, nearing the end, we generate new sshd identities for root."
-	echo "Old identity files id_rsa and id_rsa.pub will be backed up to .bak."
-	echo "These keys will not carry a passphrase. Delete it if you do not want this."
-	echo "Generating keys... "
-
-	[ -f /etc/ssh/ssh_host_rsa_key ] && mv /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.bak
-	[ -f /etc/ssh/ssh_host_rsa_key.pub ] && mv /etc/ssh/ssh_host_rsa_key.pub /etc/ssh/ssh_host_rsa_key.pub.bak
-	[ -f /etc/ssh/ssh_host_dsa_key ] && mv /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.bak
-	[ -f /etc/ssh/ssh_host_dsa_key.pub ] && mv /etc/ssh/ssh_host_dsa_key.pub /etc/ssh/ssh_host_dsa_key.pub.bak
-	[ -f /etc/ssh/ssh_host_ecdsa_key ] && mv /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key.bak
-	[ -f /etc/ssh/ssh_host_ecdsa_key.pub ] && mv /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub.bak
-
-	echo -n "... RSA ... "
-	ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N "" -t rsa -q
-	ERR=\$?
-	if [ \$ERR -ne 0 ]; then
-		echo "Error while generating sshd rsa host key. Please check and generate manually, if wanted."
-	else
-		echo "ok."
-	fi
-
-	echo -n "... DSA ... " 
-	ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N "" -t dsa -q
-	ERR=\$?
-	if [ \$ERR -ne 0 ]; then
-		echo "Error while generating sshd dsa host key. Please check and generate manually, if wanted."
-	else
-		echo "ok."
-	fi
-
-	echo -n "... ECDSA ... "
-	ssh-keygen -f /etc/ssh/ssh_host_ecdsa -N "" -t ecdsa -q
-	ERR=\$?
-	if [ \$ERR -ne 0 ]; then
-		echo "Error while generating sshd ecdsa host key. Please check and generate manually, if wanted."
-	else
-		echo "ok."
-	fi
-
-	echo
-	echo "Due to popular demand we will now start a script to configure a static IP, if wanted."
-	echo
-	/usr/local/sbin/config_static_ip
-
-	echo "Last thing to is to delete the script starter from root's .bashrc..."
-	sed -i "/first_run/d" /root/.bashrc
-	echo "...done."
-	echo
-	echo "Please reboot the server. Do you want me to reboot it now?"
-	echo
-	echo "(Press 'y' to reboot, any other key to end script)"
-	read REBOOT
-	[[ "\$REBOOT" == "y" ]] && reboot
-	EOF
-	chmod u+x ${INSTALLDIR}/first_run
+	mkdir -p "/root/installer"
+	# So we know all the paths and the mysql password
+	cat "${BASEDIR}/includes/00-dirs.inc" "${CONFIGDIR}/config" > "/root/installer/config"
+	chmod 0600 "/root/installer/config"
+	cp "${BASEDIR}/firstrun_script.sh" "/root/installer/firstrun.sh"
+	chmod u+x "/root/installer/firstrun.sh"
 }
 
-script_dropper () {
-	copy_public_key
-	patch_bashrc
+drop_firstrun_script () {
+	patch_profile
 	drop_script
 }