1 1.1 jmcneill #!/bin/sh 2 1.1 jmcneill # 3 1.6 riastrad # $NetBSD: ec2_init,v 1.6 2023/09/27 00:27:07 riastradh Exp $ 4 1.1 jmcneill # 5 1.1 jmcneill # PROVIDE: ec2_init 6 1.1 jmcneill # REQUIRE: NETWORKING 7 1.1 jmcneill # BEFORE: LOGIN 8 1.1 jmcneill 9 1.1 jmcneill $_rc_subr_loaded . /etc/rc.subr 10 1.1 jmcneill 11 1.1 jmcneill name="ec2_init" 12 1.1 jmcneill rcvar=${name} 13 1.1 jmcneill start_cmd="ec2_init" 14 1.1 jmcneill stop_cmd=":" 15 1.1 jmcneill 16 1.5 jmcneill CLOUD_TYPE=EC2 # default 17 1.5 jmcneill 18 1.6 riastrad case "$(/sbin/sysctl -n machdep.dmi.chassis-asset-tag 2>/dev/null)" in 19 1.5 jmcneill OracleCloud*) 20 1.5 jmcneill CLOUD_TYPE=OCI 21 1.5 jmcneill ;; 22 1.5 jmcneill esac 23 1.5 jmcneill 24 1.5 jmcneill case ${CLOUD_TYPE} in 25 1.5 jmcneill EC2) 26 1.5 jmcneill EC2_USER="ec2-user" 27 1.5 jmcneill METADATA_URL="http://169.254.169.254/latest/meta-data/" 28 1.5 jmcneill SSH_KEY_URL="public-keys/0/openssh-key" 29 1.5 jmcneill ;; 30 1.5 jmcneill OCI) 31 1.5 jmcneill EC2_USER="opc" 32 1.5 jmcneill METADATA_URL="http://169.254.169.254/opc/v1/instance/" 33 1.5 jmcneill SSH_KEY_URL="metadata/ssh_authorized_keys" 34 1.5 jmcneill ;; 35 1.5 jmcneill esac 36 1.5 jmcneill 37 1.1 jmcneill HOSTNAME_URL="hostname" 38 1.1 jmcneill 39 1.2 jmcneill SSH_KEY_FILE="/home/${EC2_USER}/.ssh/authorized_keys" 40 1.2 jmcneill 41 1.3 rhialto OS_METADATA_URL="http://169.254.169.254/openstack/latest/meta_data.json" 42 1.3 rhialto 43 1.2 jmcneill ec2_newuser() 44 1.2 jmcneill { 45 1.5 jmcneill echo "Creating ${CLOUD_TYPE} user account ${EC2_USER}" 46 1.2 jmcneill useradd -g users -G wheel,operator -m "${EC2_USER}" 47 1.2 jmcneill } 48 1.1 jmcneill 49 1.4 rhialto extract_random_seed() 50 1.4 rhialto { 51 1.4 rhialto sed -n -e '/random_seed/s/.*"random_seed": *"\([A-Za-z0-9+/=]*\)".*/\1/p' 52 1.4 rhialto } 53 1.4 rhialto 54 1.1 jmcneill ec2_init() 55 1.1 jmcneill { 56 1.1 jmcneill ( 57 1.1 jmcneill umask 022 58 1.2 jmcneill 59 1.3 rhialto # set hostname; it may be 5-10 seconds for the metadata service 60 1.5 jmcneill # to become reachable. 61 1.3 rhialto try=0 62 1.3 rhialto while [ $((try++)) -lt 20 ] 63 1.3 rhialto do 64 1.4 rhialto HOSTNAME=$(ftp -o - -q 2 "${METADATA_URL}${HOSTNAME_URL}") 65 1.3 rhialto if [ -n "$HOSTNAME" ]; then 66 1.5 jmcneill echo "Setting ${CLOUD_TYPE} hostname: ${HOSTNAME}" 67 1.3 rhialto echo "$HOSTNAME" > /etc/myname 68 1.3 rhialto hostname "$HOSTNAME" 69 1.3 rhialto break 70 1.3 rhialto fi 71 1.5 jmcneill echo "${CLOUD_TYPE} hostname not available yet (try $try)" 72 1.3 rhialto sleep 1 73 1.3 rhialto done 74 1.3 rhialto 75 1.5 jmcneill # create cloud user 76 1.2 jmcneill id "${EC2_USER}" >/dev/null 2>&1 || ec2_newuser 77 1.2 jmcneill 78 1.5 jmcneill # fetch the public key from the metadata service 79 1.4 rhialto EC2_SSH_KEY=$(ftp -o - -q 2 "${METADATA_URL}${SSH_KEY_URL}") 80 1.1 jmcneill 81 1.1 jmcneill if [ -n "$EC2_SSH_KEY" ]; then 82 1.1 jmcneill # A key pair is associated with this instance, add it 83 1.2 jmcneill # to EC2_USER's 'authorized_keys' file 84 1.1 jmcneill mkdir -p $(dirname "$SSH_KEY_FILE") 85 1.2 jmcneill chown "${EC2_USER}:users" $(dirname "$SSH_KEY_FILE") 86 1.1 jmcneill touch "$SSH_KEY_FILE" 87 1.2 jmcneill chown "${EC2_USER}:users" "$SSH_KEY_FILE" 88 1.1 jmcneill cd $(dirname "$SSH_KEY_FILE") 89 1.1 jmcneill 90 1.1 jmcneill grep -q "$EC2_SSH_KEY" "$SSH_KEY_FILE" 91 1.1 jmcneill if [ $? -ne 0 ]; then 92 1.5 jmcneill echo "Setting ${CLOUD_TYPE} SSH public key for user ${EC2_USER}: ${EC2_SSH_KEY##* }" 93 1.1 jmcneill echo "$EC2_SSH_KEY" >> "$SSH_KEY_FILE" 94 1.1 jmcneill fi 95 1.1 jmcneill fi 96 1.1 jmcneill 97 1.4 rhialto # May contain a "random_seed". 98 1.4 rhialto OS_METADATA="$(ftp -o - -q 2 ${OS_METADATA_URL})" 99 1.3 rhialto if echo "$OS_METADATA" | grep -q random_seed; then 100 1.4 rhialto echo "$OS_METADATA" | extract_random_seed | 101 1.4 rhialto base64 -di >> /dev/urandom 102 1.3 rhialto fi 103 1.1 jmcneill ) 104 1.1 jmcneill } 105 1.1 jmcneill 106 1.1 jmcneill load_rc_config $name 107 1.1 jmcneill run_rc_command "$1" 108
Indexes created Mon Sep 22 13:09:51 GMT 2025