Home | History | Annotate | Line # | Download | only in files 
      1 #!/bin/sh
      2 #
      3 # $NetBSD: ec2_init,v 1.7 2026/02/01 22:57:34 jschauma Exp $
      4 #
      5 # PROVIDE: ec2_init
      6 # REQUIRE: NETWORKING
      7 # BEFORE:  LOGIN
      8 
      9 $_rc_subr_loaded . /etc/rc.subr
     10 
     11 name="ec2_init"
     12 rcvar=${name}
     13 start_cmd="ec2_init"
     14 stop_cmd=":"
     15 
     16 IMDS_IP="169.254.169.254"
     17 if ! route get default >/dev/null 2>&1; then
     18 	IMDS_IP="[fd00:ec2::254]"
     19 fi
     20 
     21 METADATA_URL="http://${IMDS_IP}/latest/meta-data/"
     22 CLOUD_TYPE=EC2	# default
     23 
     24 case "$(/sbin/sysctl -n machdep.dmi.chassis-asset-tag 2>/dev/null)" in
     25 OracleCloud*)
     26 	CLOUD_TYPE=OCI
     27 	;;
     28 esac
     29 
     30 case ${CLOUD_TYPE} in
     31 EC2)
     32 	EC2_USER="ec2-user"
     33 	METADATA_URL="http://${IMDS_IP}/latest/meta-data/"
     34 	SSH_KEY_URL="public-keys/0/openssh-key"
     35 	;;
     36 OCI)
     37 	EC2_USER="opc"
     38 	METADATA_URL="http://${IMDS_IP}/opc/v1/instance/"
     39 	SSH_KEY_URL="metadata/ssh_authorized_keys"
     40 	;;
     41 esac
     42 
     43 HOSTNAME_URL="hostname"
     44 
     45 SSH_KEY_FILE="/home/${EC2_USER}/.ssh/authorized_keys"
     46 
     47 OS_METADATA_URL="http://${IMDS_IP}/openstack/latest/meta_data.json"
     48 
     49 ec2_newuser()
     50 {
     51 	echo "Creating ${CLOUD_TYPE} user account ${EC2_USER}"
     52 	useradd -g users -G wheel,operator -m "${EC2_USER}"
     53 }
     54 
     55 extract_random_seed()
     56 {
     57 	sed -n -e '/random_seed/s/.*"random_seed": *"\([A-Za-z0-9+/=]*\)".*/\1/p'
     58 }
     59 
     60 ec2_init()
     61 {
     62 	(
     63 	umask 022
     64 
     65 	# set hostname; it may be 5-10 seconds for the metadata service
     66 	# to become reachable.
     67 	try=0
     68 	while [ $((try++)) -lt 20 ]
     69 	do
     70 		HOSTNAME=$(ftp -o - -q 2 "${METADATA_URL}${HOSTNAME_URL}")
     71 		if [ -n "$HOSTNAME" ]; then
     72 			echo "Setting ${CLOUD_TYPE} hostname: ${HOSTNAME}"
     73 			echo "$HOSTNAME" > /etc/myname
     74 			hostname "$HOSTNAME"
     75 			break
     76 		fi
     77 		echo "${CLOUD_TYPE} hostname not available yet (try $try)"
     78 		sleep 1
     79 	done
     80 
     81 	# create cloud user
     82 	id "${EC2_USER}" >/dev/null 2>&1 || ec2_newuser
     83 
     84 	# fetch the public key from the metadata service
     85 	EC2_SSH_KEY=$(ftp -o - -q 2 "${METADATA_URL}${SSH_KEY_URL}")
     86 
     87 	if [ -n "$EC2_SSH_KEY" ]; then
     88 		# A key pair is associated with this instance, add it
     89 		# to EC2_USER's 'authorized_keys' file
     90 		mkdir -p $(dirname "$SSH_KEY_FILE")
     91 		chown "${EC2_USER}:users" $(dirname "$SSH_KEY_FILE")
     92 		touch "$SSH_KEY_FILE"
     93 		chown "${EC2_USER}:users" "$SSH_KEY_FILE"
     94 		cd $(dirname "$SSH_KEY_FILE")
     95 
     96 		grep -q "$EC2_SSH_KEY" "$SSH_KEY_FILE"
     97 		if [ $? -ne 0 ]; then
     98 			echo "Setting ${CLOUD_TYPE} SSH public key for user ${EC2_USER}: ${EC2_SSH_KEY##* }"
     99 			echo "$EC2_SSH_KEY" >> "$SSH_KEY_FILE"
    100 		fi
    101 	fi
    102 
    103 	# May contain a "random_seed".
    104 	OS_METADATA="$(ftp -o - -q 2 ${OS_METADATA_URL} 2>/dev/null)"
    105 	if echo "$OS_METADATA" | grep -q random_seed; then
    106 		echo "$OS_METADATA" | extract_random_seed |
    107 		    base64 -di >> /dev/urandom
    108 	fi
    109 	)
    110 }
    111 
    112 load_rc_config $name
    113 run_rc_command "$1"
    114