Home | History | Annotate | Line # | Download | only in files 
      1  1.1  jmcneill #!/bin/sh
      2  1.1  jmcneill #
      3  1.7  jschauma # $NetBSD: ec2_init,v 1.7 2026/02/01 22:57:34 jschauma Exp $
      4  1.1  jmcneill #
      5  1.1  jmcneill # PROVIDE: ec2_init
      6  1.1  jmcneill # REQUIRE: NETWORKING
      7  1.1  jmcneill # BEFORE:  LOGIN
      8  1.1  jmcneill 
      9  1.1  jmcneill $_rc_subr_loaded . /etc/rc.subr
     10  1.1  jmcneill 
     11  1.1  jmcneill name="ec2_init"
     12  1.1  jmcneill rcvar=${name}
     13  1.1  jmcneill start_cmd="ec2_init"
     14  1.1  jmcneill stop_cmd=":"
     15  1.1  jmcneill 
     16  1.7  jschauma IMDS_IP="169.254.169.254"
     17  1.7  jschauma if ! route get default >/dev/null 2>&1; then
     18  1.7  jschauma 	IMDS_IP="[fd00:ec2::254]"
     19  1.7  jschauma fi
     20  1.7  jschauma 
     21  1.7  jschauma METADATA_URL="http://${IMDS_IP}/latest/meta-data/"
     22  1.5  jmcneill CLOUD_TYPE=EC2	# default
     23  1.5  jmcneill 
     24  1.6  riastrad case "$(/sbin/sysctl -n machdep.dmi.chassis-asset-tag 2>/dev/null)" in
     25  1.5  jmcneill OracleCloud*)
     26  1.5  jmcneill 	CLOUD_TYPE=OCI
     27  1.5  jmcneill 	;;
     28  1.5  jmcneill esac
     29  1.5  jmcneill 
     30  1.5  jmcneill case ${CLOUD_TYPE} in
     31  1.5  jmcneill EC2)
     32  1.5  jmcneill 	EC2_USER="ec2-user"
     33  1.7  jschauma 	METADATA_URL="http://${IMDS_IP}/latest/meta-data/"
     34  1.5  jmcneill 	SSH_KEY_URL="public-keys/0/openssh-key"
     35  1.5  jmcneill 	;;
     36  1.5  jmcneill OCI)
     37  1.5  jmcneill 	EC2_USER="opc"
     38  1.7  jschauma 	METADATA_URL="http://${IMDS_IP}/opc/v1/instance/"
     39  1.5  jmcneill 	SSH_KEY_URL="metadata/ssh_authorized_keys"
     40  1.5  jmcneill 	;;
     41  1.5  jmcneill esac
     42  1.5  jmcneill 
     43  1.1  jmcneill HOSTNAME_URL="hostname"
     44  1.1  jmcneill 
     45  1.2  jmcneill SSH_KEY_FILE="/home/${EC2_USER}/.ssh/authorized_keys"
     46  1.2  jmcneill 
     47  1.7  jschauma OS_METADATA_URL="http://${IMDS_IP}/openstack/latest/meta_data.json"
     48  1.3   rhialto 
     49  1.2  jmcneill ec2_newuser()
     50  1.2  jmcneill {
     51  1.5  jmcneill 	echo "Creating ${CLOUD_TYPE} user account ${EC2_USER}"
     52  1.2  jmcneill 	useradd -g users -G wheel,operator -m "${EC2_USER}"
     53  1.2  jmcneill }
     54  1.1  jmcneill 
     55  1.4   rhialto extract_random_seed()
     56  1.4   rhialto {
     57  1.4   rhialto 	sed -n -e '/random_seed/s/.*"random_seed": *"\([A-Za-z0-9+/=]*\)".*/\1/p'
     58  1.4   rhialto }
     59  1.4   rhialto 
     60  1.1  jmcneill ec2_init()
     61  1.1  jmcneill {
     62  1.1  jmcneill 	(
     63  1.1  jmcneill 	umask 022
     64  1.2  jmcneill 
     65  1.3   rhialto 	# set hostname; it may be 5-10 seconds for the metadata service
     66  1.5  jmcneill 	# to become reachable.
     67  1.3   rhialto 	try=0
     68  1.3   rhialto 	while [ $((try++)) -lt 20 ]
     69  1.3   rhialto 	do
     70  1.4   rhialto 		HOSTNAME=$(ftp -o - -q 2 "${METADATA_URL}${HOSTNAME_URL}")
     71  1.3   rhialto 		if [ -n "$HOSTNAME" ]; then
     72  1.5  jmcneill 			echo "Setting ${CLOUD_TYPE} hostname: ${HOSTNAME}"
     73  1.3   rhialto 			echo "$HOSTNAME" > /etc/myname
     74  1.3   rhialto 			hostname "$HOSTNAME"
     75  1.3   rhialto 			break
     76  1.3   rhialto 		fi
     77  1.5  jmcneill 		echo "${CLOUD_TYPE} hostname not available yet (try $try)"
     78  1.3   rhialto 		sleep 1
     79  1.3   rhialto 	done
     80  1.3   rhialto 
     81  1.5  jmcneill 	# create cloud user
     82  1.2  jmcneill 	id "${EC2_USER}" >/dev/null 2>&1 || ec2_newuser
     83  1.2  jmcneill 
     84  1.5  jmcneill 	# fetch the public key from the metadata service
     85  1.4   rhialto 	EC2_SSH_KEY=$(ftp -o - -q 2 "${METADATA_URL}${SSH_KEY_URL}")
     86  1.1  jmcneill 
     87  1.1  jmcneill 	if [ -n "$EC2_SSH_KEY" ]; then
     88  1.1  jmcneill 		# A key pair is associated with this instance, add it
     89  1.2  jmcneill 		# to EC2_USER's 'authorized_keys' file
     90  1.1  jmcneill 		mkdir -p $(dirname "$SSH_KEY_FILE")
     91  1.2  jmcneill 		chown "${EC2_USER}:users" $(dirname "$SSH_KEY_FILE")
     92  1.1  jmcneill 		touch "$SSH_KEY_FILE"
     93  1.2  jmcneill 		chown "${EC2_USER}:users" "$SSH_KEY_FILE"
     94  1.1  jmcneill 		cd $(dirname "$SSH_KEY_FILE")
     95  1.1  jmcneill 
     96  1.1  jmcneill 		grep -q "$EC2_SSH_KEY" "$SSH_KEY_FILE"
     97  1.1  jmcneill 		if [ $? -ne 0 ]; then
     98  1.5  jmcneill 			echo "Setting ${CLOUD_TYPE} SSH public key for user ${EC2_USER}: ${EC2_SSH_KEY##* }"
     99  1.1  jmcneill 			echo "$EC2_SSH_KEY" >> "$SSH_KEY_FILE"
    100  1.1  jmcneill 		fi
    101  1.1  jmcneill 	fi
    102  1.1  jmcneill 
    103  1.4   rhialto 	# May contain a "random_seed".
    104  1.7  jschauma 	OS_METADATA="$(ftp -o - -q 2 ${OS_METADATA_URL} 2>/dev/null)"
    105  1.3   rhialto 	if echo "$OS_METADATA" | grep -q random_seed; then
    106  1.4   rhialto 		echo "$OS_METADATA" | extract_random_seed |
    107  1.4   rhialto 		    base64 -di >> /dev/urandom
    108  1.3   rhialto 	fi
    109  1.1  jmcneill 	)
    110  1.1  jmcneill }
    111  1.1  jmcneill 
    112  1.1  jmcneill load_rc_config $name
    113  1.1  jmcneill run_rc_command "$1"
    114