do marketplace fabric scripts

2024-11-25 12:45:18 +01:00 · 2019-02-21 12:39:02 -05:00 · 2019-02-21 12:39:02 -05:00 · fa60241c9c
commit fa60241c9c
parent 9c5fde35f5
8 changed files with 265 additions and 0 deletions
--- a/util/DigitalOceanMarketplace/fabfile.py
+++ b/util/DigitalOceanMarketplace/fabfile.py
@ -0,0 +1,130 @@
+ #!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+from fabric.api import *
+import os
+
+f = open("./packages.txt","r")
+APT_PACKAGES = f.read()
+
+env.user = "root"
+
+
+def clean_up():
+    """
+    Clean up remote machine before taking snapshot.
+    """
+    run("rm -rf /tmp/* /var/tmp/*")
+    run("history -c")
+    run("cat /dev/null > /root/.bash_history")
+    run("unset HISTFILE")
+    run("apt-get -y autoremove")
+    run("apt-get -y autoclean")
+    run("find /var/log -mtime -1 -type f -exec truncate -s 0 {} \;")
+    run("rm -rf /var/log/*.gz /var/log/*.[0-9] /var/log/*-????????")
+    run("rm -rf /var/lib/cloud/instances/*")
+    run("rm -rf /var/lib/cloud/instance")
+    puts("Removing keys...")
+    run("rm -f /root/.ssh/authorized_keys /etc/ssh/*key*")
+    run("dd if=/dev/zero of=/zerofile; sync; rm /zerofile; sync")
+    run("cat /dev/null > /var/log/lastlog; cat /dev/null > /var/log/wtmp")
+    run("cat /dev/null > /var/log/auth.log")
+
+
+
+def install_files():
+    """
+    Install files onto remote machine.
+    Walk through the files in the "files" directory and copy them to the build system.
+    File permissions will be inherited.  If you need to change permissions on uploaded files
+    you can do so in a script placed in the "scripts" directory.
+    """
+    print "--------------------------------------------------"
+    print "Copying files in ./files to remote server"
+    print "--------------------------------------------------"
+    rootDir = './files'
+    for dirName, subdirList, fileList in os.walk(rootDir):
+        #print('Found directory: %s' % dirName)
+        cDir = dirName.replace("./files","")
+        print("Entering Directory: %s" % cDir)
+        if cDir:
+            run("mkdir -p %s" % cDir)
+        for fname in fileList:
+            cwd = os.getcwd()
+            rpath = cDir + "/" + fname
+            lpath = cwd + "/files" + cDir + "/" + fname
+            print('Moving File: %s' % lpath)
+            put(lpath,rpath,mirror_local_mode=True)
+
+
+    
+
+def install_pkgs():
+    """
+    Install apt packages listed in APT_PACKAGES
+    """
+    #Postfix won't install without a prompt without setting some things
+    #run("debconf-set-selections <<< \"postfix postfix/main_mailer_type string 'No Configuration'\"")
+    #run("debconf-set-selections <<< \"postfix postfix/mailname string localhost.local\"")
+    run("DEBIAN_FRONTEND=noninteractive")
+    print "--------------------------------------------------"
+    print "Installing apt packages in packages.txt"
+    print "--------------------------------------------------"
+    run("apt-get -qqy update")
+    run("apt-get -qqy -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\" upgrade")
+    run("apt-get -qqy -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\" install {}".format(APT_PACKAGES))
+
+    # example 3rd paty repo and install certbot
+    #run("apt-get -qqy install software-properties-common")
+    #run("add-apt-repository ppa:certbot/certbot -y")
+    #run("apt-get -qqy update")
+    #run("apt-get -qqy install python-certbot-apache")
+
+def run_scripts():
+    """
+    Run all scripts in the "scripts" directory on the build system
+    Scripts are run in alpha-numeric order.  We recommend naming your scripts
+    with a name that starts with a two digit number 01-99 to ensure run order.
+    """
+    print "--------------------------------------------------"
+    print "Running scripts in ./scripts"
+    print "--------------------------------------------------"
+    
+    cwd = os.getcwd()
+    directory = cwd + "/scripts"
+
+    for f in os.listdir(directory):
+        
+        lfile = cwd + "/scripts/" + f
+        rfile = "/tmp/" + f
+        print("Processing script in %s" % lfile)
+        put(lfile,rfile)
+        run("chmod +x %s" % rfile)
+        run(rfile)
+
+
+@task
+def build_image():
+    """
+    Configure the build droplet, clean up and shut down for snapshotting
+    """
+    #install_pkgs()
+    install_files()
+    run_scripts()
+    clean_up()
+    run("exit")
+    print "----------------------------------------------------------------"
+    print " Build Complete.  Shut down your build droplet from the control"
+    print " panel before creating your snapshot."
+    print "----------------------------------------------------------------"
+    
+
+@task
+def build_test():
+    """
+    Configure the build droplet, but do not clean up or shut down
+    """
+    #install_pkgs()
+    install_files()
+    run_scripts()
+    print "Build complete.  This droplet is NOT ready for use.  Use build_image instead of build_test for your final build"
--- a/util/DigitalOceanMarketplace/files/etc/update-motd.d/99-one-click
+++ b/util/DigitalOceanMarketplace/files/etc/update-motd.d/99-one-click
@ -0,0 +1,18 @@
+#!/bin/sh
+#
+# Configured as part of the DigitalOcean 1-Click Image build process
+
+myip=$(hostname -I | awk '{print$1}')
+cat <<EOF
+********************************************************************************
+
+Welcome to your Bitwarden server
+  https://bitwarden.com
+
+Self-hosted documentation:
+  https://help.bitwarden.com/article/install-on-premise/
+  https://help.bitwarden.com/hosting/
+
+********************************************************************************
+To delete this message of the day: rm -rf $(readlink -f ${0})
+EOF
--- a/util/DigitalOceanMarketplace/files/opt/bitwarden/install-bitwarden.sh
+++ b/util/DigitalOceanMarketplace/files/opt/bitwarden/install-bitwarden.sh
@ -0,0 +1,32 @@
+#!/bin/bash
+
+#
+# Install Bitwarden
+# ref: https://help.bitwarden.com/article/install-on-premise/
+#
+
+/root/bitwarden.sh install
+
+/root/bitwarden.sh start
+
+echo -e 'Waiting for Bitwarden database container to come online...'
+
+sleep 60s
+
+/root/bitwarden.sh updatedb
+
+#
+# Setup Bitwarden update cron
+# ref: https://help.bitwarden.com/article/updating-on-premise/
+#
+
+echo -e '#!/usr/bin/env bash\n/root/bitwarden.sh updateself\n/root/bitwarden.sh update' \
+    > /etc/cron.weekly/bitwarden-update.sh
+
+chmod +x /etc/cron.weekly/bitwarden-update.sh
+
+#
+# Cleanup .bashrc
+#
+
+cp -f /etc/skel/.bashrc /root/.bashrc
--- a/util/DigitalOceanMarketplace/files/var/lib/cloud/scripts/per-instance/001_onboot
+++ b/util/DigitalOceanMarketplace/files/var/lib/cloud/scripts/per-instance/001_onboot
@ -0,0 +1,17 @@
+#!/bin/bash
+
+# Scripts in this directory will be executed by cloud-init on the first boot of droplets
+# created from your image.  Things like generating passwords, configuration requiring IP address
+# or other items that will be unique to each instance should be done in scripts here.
+
+#
+# Setup Bitwarden Installer
+# ref: https://help.bitwarden.com/article/install-on-premise/
+#
+
+docker pull bitwarden/setup
+
+curl -s -o /root/bitwarden.sh \
+    https://raw.githubusercontent.com/bitwarden/server/master/scripts/bitwarden.sh
+
+chmod +x /root/bitwarden.sh
--- a/util/DigitalOceanMarketplace/packages.txt
+++ b/util/DigitalOceanMarketplace/packages.txt
--- a/util/DigitalOceanMarketplace/scripts/01-install-docker
+++ b/util/DigitalOceanMarketplace/scripts/01-install-docker
@ -0,0 +1,33 @@
+#!/bin/bash
+#
+# Scripts in this directory are run during the build process.
+# each script will be uploaded to /tmp on your build droplet, 
+# given execute permissions and run.  The cleanup process will
+# remove the scripts from your build system after they have run
+# if you use the build_image task.
+#
+
+#
+# Install Docker CE
+# ref: https://docs.docker.com/install/linux/docker-ce/ubuntu/
+#
+
+apt-get -y update
+
+apt-get -y install \
+    apt-transport-https \
+    ca-certificates \
+    curl \
+    gnupg-agent \
+    software-properties-common
+
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
+
+add-apt-repository \
+    "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
+    $(lsb_release -cs) \
+    stable"
+
+apt-get -y update
+
+apt-get -y install docker-ce docker-ce-cli containerd.io
--- a/util/DigitalOceanMarketplace/scripts/02-install-docker-compose
+++ b/util/DigitalOceanMarketplace/scripts/02-install-docker-compose
@ -0,0 +1,18 @@
+#!/bin/bash
+#
+# Scripts in this directory are run during the build process.
+# each script will be uploaded to /tmp on your build droplet, 
+# given execute permissions and run.  The cleanup process will
+# remove the scripts from your build system after they have run
+# if you use the build_image task.
+#
+
+#
+# Install Docker Compose
+# ref: https://docs.docker.com/compose/install/
+#
+
+curl -L https://github.com/docker/compose/releases/download/1.23.2/docker-compose-`uname -s`-`uname -m` \
+    -o /usr/local/bin/docker-compose
+
+chmod +x /usr/local/bin/docker-compose
--- a/util/DigitalOceanMarketplace/scripts/03-setup-first-run
+++ b/util/DigitalOceanMarketplace/scripts/03-setup-first-run
@ -0,0 +1,17 @@
+#!/bin/bash
+#
+# Scripts in this directory are run during the build process.
+# each script will be uploaded to /tmp on your build droplet, 
+# given execute permissions and run.  The cleanup process will
+# remove the scripts from your build system after they have run
+# if you use the build_image task.
+#
+
+#
+# Setup First Run Script
+# ref: https://github.com/digitalocean/marketplace-partners/blob/master/marketplace_docs/build-an-image-fabric.md#running-commands-on-first-login
+#
+
+chmod +x /opt/bitwarden/install-bitwarden.sh
+
+echo '/opt/bitwarden/install-bitwarden.sh' >> /root/.bashrc