Home | History | Annotate | Line # | Download | only in files
ec2_init revision 1.4 
      1 #!/bin/sh
      2 #
      3 # $NetBSD: ec2_init,v 1.4 2021/07/20 19:31:23 rhialto Exp $
      4 #
      5 # PROVIDE: ec2_init
      6 # REQUIRE: NETWORKING
      7 # BEFORE:  LOGIN
      8 
      9 $_rc_subr_loaded . /etc/rc.subr
     10 
     11 name="ec2_init"
     12 rcvar=${name}
     13 start_cmd="ec2_init"
     14 stop_cmd=":"
     15 
     16 EC2_USER="ec2-user"
     17 METADATA_URL="http://169.254.169.254/latest/meta-data/"
     18 SSH_KEY_URL="public-keys/0/openssh-key"
     19 HOSTNAME_URL="hostname"
     20 
     21 SSH_KEY_FILE="/home/${EC2_USER}/.ssh/authorized_keys"
     22 
     23 OS_METADATA_URL="http://169.254.169.254/openstack/latest/meta_data.json"
     24 
     25 ec2_newuser()
     26 {
     27 	echo "Creating EC2 user account ${EC2_USER}"
     28 	useradd -g users -G wheel,operator -m "${EC2_USER}"
     29 }
     30 
     31 extract_random_seed()
     32 {
     33 	sed -n -e '/random_seed/s/.*"random_seed": *"\([A-Za-z0-9+/=]*\)".*/\1/p'
     34 }
     35 
     36 ec2_init()
     37 {
     38 	(
     39 	umask 022
     40 
     41 	# set hostname; it may be 5-10 seconds for the metadata service
     42 	# to  become reachable.
     43 	try=0
     44 	while [ $((try++)) -lt 20 ]
     45 	do
     46 		HOSTNAME=$(ftp -o - -q 2 "${METADATA_URL}${HOSTNAME_URL}")
     47 		if [ -n "$HOSTNAME" ]; then
     48 			echo "Setting EC2 hostname: ${HOSTNAME}"
     49 			echo "$HOSTNAME" > /etc/myname
     50 			hostname "$HOSTNAME"
     51 			break
     52 		fi
     53 		echo "EC2 hostname not available yet (try $try)"
     54 		sleep 1
     55 	done
     56 
     57 	# create EC2 user
     58 	id "${EC2_USER}" >/dev/null 2>&1 || ec2_newuser
     59 
     60 	# fetch the public key from Amazon Web Services
     61 	EC2_SSH_KEY=$(ftp -o - -q 2 "${METADATA_URL}${SSH_KEY_URL}")
     62 
     63 	if [ -n "$EC2_SSH_KEY" ]; then
     64 		# A key pair is associated with this instance, add it
     65 		# to EC2_USER's 'authorized_keys' file
     66 		mkdir -p $(dirname "$SSH_KEY_FILE")
     67 		chown "${EC2_USER}:users" $(dirname "$SSH_KEY_FILE")
     68 		touch "$SSH_KEY_FILE"
     69 		chown "${EC2_USER}:users" "$SSH_KEY_FILE"
     70 		cd $(dirname "$SSH_KEY_FILE")
     71 
     72 		grep -q "$EC2_SSH_KEY" "$SSH_KEY_FILE"
     73 		if [ $? -ne 0 ]; then
     74 			echo "Setting EC2 SSH public key for user ${EC2_USER}: ${EC2_SSH_KEY##* }"
     75 			echo "$EC2_SSH_KEY" >> "$SSH_KEY_FILE"
     76 		fi
     77 	fi
     78 
     79 	# May contain a "random_seed".
     80 	OS_METADATA="$(ftp -o - -q 2 ${OS_METADATA_URL})"
     81 	if echo "$OS_METADATA" | grep -q random_seed; then
     82 		echo "$OS_METADATA" | extract_random_seed |
     83 		    base64 -di >> /dev/urandom
     84 	fi
     85 	)
     86 }
     87 
     88 load_rc_config $name
     89 run_rc_command "$1"
     90