ec2_init revision 1.3 
11.1Sjmcneill#!/bin/sh
21.1Sjmcneill#
31.3Srhialto# $NetBSD: ec2_init,v 1.3 2021/07/15 19:03:17 rhialto Exp $
41.1Sjmcneill#
51.1Sjmcneill# PROVIDE: ec2_init
61.1Sjmcneill# REQUIRE: NETWORKING
71.1Sjmcneill# BEFORE:  LOGIN
81.1Sjmcneill
91.1Sjmcneill$_rc_subr_loaded . /etc/rc.subr
101.1Sjmcneill
111.1Sjmcneillname="ec2_init"
121.1Sjmcneillrcvar=${name}
131.1Sjmcneillstart_cmd="ec2_init"
141.1Sjmcneillstop_cmd=":"
151.1Sjmcneill
161.2SjmcneillEC2_USER="ec2-user"
171.1SjmcneillMETADATA_URL="http://169.254.169.254/latest/meta-data/"
181.1SjmcneillSSH_KEY_URL="public-keys/0/openssh-key"
191.1SjmcneillHOSTNAME_URL="hostname"
201.1Sjmcneill
211.2SjmcneillSSH_KEY_FILE="/home/${EC2_USER}/.ssh/authorized_keys"
221.2Sjmcneill
231.3SrhialtoOS_METADATA_URL="http://169.254.169.254/openstack/latest/meta_data.json"
241.3Srhialto
251.2Sjmcneillec2_newuser()
261.2Sjmcneill{
271.2Sjmcneill	echo "Creating EC2 user account ${EC2_USER}"
281.2Sjmcneill	useradd -g users -G wheel,operator -m "${EC2_USER}"
291.2Sjmcneill}
301.1Sjmcneill
311.1Sjmcneillec2_init()
321.1Sjmcneill{
331.1Sjmcneill	(
341.1Sjmcneill	umask 022
351.2Sjmcneill
361.3Srhialto	# set hostname; it may be 5-10 seconds for the metadata service
371.3Srhialto	# to  become reachable.
381.3Srhialto	try=0
391.3Srhialto	while [ $((try++)) -lt 20 ]
401.3Srhialto	do
411.3Srhialto		HOSTNAME=$(ftp -o - -q 1 "${METADATA_URL}${HOSTNAME_URL}")
421.3Srhialto		if [ -n "$HOSTNAME" ]; then
431.3Srhialto			echo "Setting EC2 hostname: ${HOSTNAME}"
441.3Srhialto			echo "$HOSTNAME" > /etc/myname
451.3Srhialto			hostname "$HOSTNAME"
461.3Srhialto			break
471.3Srhialto		fi
481.3Srhialto		echo "EC2 hostname not available yet (try $try)"
491.3Srhialto		sleep 1
501.3Srhialto	done
511.3Srhialto
521.2Sjmcneill	# create EC2 user
531.2Sjmcneill	id "${EC2_USER}" >/dev/null 2>&1 || ec2_newuser
541.2Sjmcneill
551.3Srhialto	# fetch the public key from Amazon Web Services
561.3Srhialto	EC2_SSH_KEY=$(ftp -o - -q 1 "${METADATA_URL}${SSH_KEY_URL}")
571.1Sjmcneill
581.1Sjmcneill	if [ -n "$EC2_SSH_KEY" ]; then
591.1Sjmcneill		# A key pair is associated with this instance, add it
601.2Sjmcneill		# to EC2_USER's 'authorized_keys' file
611.1Sjmcneill		mkdir -p $(dirname "$SSH_KEY_FILE")
621.2Sjmcneill		chown "${EC2_USER}:users" $(dirname "$SSH_KEY_FILE")
631.1Sjmcneill		touch "$SSH_KEY_FILE"
641.2Sjmcneill		chown "${EC2_USER}:users" "$SSH_KEY_FILE"
651.1Sjmcneill		cd $(dirname "$SSH_KEY_FILE")
661.1Sjmcneill
671.1Sjmcneill		grep -q "$EC2_SSH_KEY" "$SSH_KEY_FILE"
681.1Sjmcneill		if [ $? -ne 0 ]; then
691.3Srhialto			echo "Setting EC2 SSH public key for user ${EC2_USER}: ${EC2_SSH_KEY##* }"
701.1Sjmcneill			echo "$EC2_SSH_KEY" >> "$SSH_KEY_FILE"
711.1Sjmcneill		fi
721.1Sjmcneill	fi
731.1Sjmcneill
741.3Srhialto	# May contain a "random_seed". Everything else doesn't matter.
751.3Srhialto	OS_METADATA="$(ftp -o - -q 1 ${OS_METADATA_URL})"
761.3Srhialto	if echo "$OS_METADATA" | grep -q random_seed; then
771.3Srhialto		echo "$OS_METADATA" >> /dev/urandom
781.3Srhialto	fi
791.1Sjmcneill	)
801.1Sjmcneill}
811.1Sjmcneill
821.1Sjmcneillload_rc_config $name
831.1Sjmcneillrun_rc_command "$1"
84