diff options
Diffstat (limited to 'global/post-tasks.d')
| -rwxr-xr-x | global/post-tasks.d/010fix-ssh-perms | 23 | ||||
| -rwxr-xr-x | global/post-tasks.d/015cosmos-trust | 16 | ||||
| -rwxr-xr-x | global/post-tasks.d/020reports | 4 | ||||
| -rwxr-xr-x | global/post-tasks.d/030puppet | 13 | ||||
| -rwxr-xr-x | global/post-tasks.d/099autoremove | 4 | ||||
| -rwxr-xr-x | global/post-tasks.d/999reboot | 3 |
6 files changed, 63 insertions, 0 deletions
diff --git a/global/post-tasks.d/010fix-ssh-perms b/global/post-tasks.d/010fix-ssh-perms new file mode 100755 index 0000000..87636d7 --- /dev/null +++ b/global/post-tasks.d/010fix-ssh-perms @@ -0,0 +1,23 @@ +#!/bin/sh +# +# Re-used example from SJD +# + +if test -d /root/.ssh && \ + test `stat -t /root/.ssh | cut -d\ -f5` != 0; then + chown root.root /root/.ssh +fi + +if test -d /root/.ssh && \ + test `stat -c %a /root/.ssh` != 700; then + chmod 700 /root/.ssh +fi + +if test -f /root/.ssh/authorized_keys; then + if test `stat -t /root/.ssh/authorized_keys | cut -d\ -f5` != 0; then + chown root.root /root/.ssh/authorized_keys + fi + if test `stat --printf=%a /root/.ssh/authorized_keys` != 600; then + chmod 600 /root/.ssh/authorized_keys + fi +fi diff --git a/global/post-tasks.d/015cosmos-trust b/global/post-tasks.d/015cosmos-trust new file mode 100755 index 0000000..ad2c066 --- /dev/null +++ b/global/post-tasks.d/015cosmos-trust @@ -0,0 +1,16 @@ +#!/bin/sh + +for k in /etc/cosmos/keys/*.pub; do + fp=`cosmos gpg --with-colons --with-fingerprint < $k| awk -F: '$1 == "pub" {print $5}'` + cosmos gpg --with-colons --fingerprint | grep -q ":$fp:" || cosmos gpg --import < $k +done + +for fp in `cosmos gpg --with-colons --fingerprint | awk -F: '$1 == "pub" {print $5}'`; do + seen="no" + for k in /etc/cosmos/keys/*.pub; do + cosmos gpg --with-colons --with-fingerprint < $k | grep -q ":$fp:" && seen="yes" + done + if [ "x$seen" = "xno" ]; then + cosmos gpg --yes --batch --delete-key $fp || true + fi +done diff --git a/global/post-tasks.d/020reports b/global/post-tasks.d/020reports new file mode 100755 index 0000000..091a236 --- /dev/null +++ b/global/post-tasks.d/020reports @@ -0,0 +1,4 @@ +#!/bin/sh + +rm -f /var/run/facts.json +facter -p -y > /var/run/facts.yaml diff --git a/global/post-tasks.d/030puppet b/global/post-tasks.d/030puppet new file mode 100755 index 0000000..6b1d33a --- /dev/null +++ b/global/post-tasks.d/030puppet @@ -0,0 +1,13 @@ +#!/bin/sh + +if [ "x$COSMOS_VERBOSE" = "xy" ]; then + args="--verbose" +else + args="--logdest=syslog" +fi + +if [ -f /usr/bin/puppet -a -d /etc/puppet/manifests ]; then + for m in `find /etc/puppet/manifests -name \*.pp`; do + puppet apply $args $m + done +fi diff --git a/global/post-tasks.d/099autoremove b/global/post-tasks.d/099autoremove new file mode 100755 index 0000000..2cc6996 --- /dev/null +++ b/global/post-tasks.d/099autoremove @@ -0,0 +1,4 @@ +#!/bin/sh + +apt-get -qq update +apt-get -qq -y autoremove diff --git a/global/post-tasks.d/999reboot b/global/post-tasks.d/999reboot new file mode 100755 index 0000000..5331446 --- /dev/null +++ b/global/post-tasks.d/999reboot @@ -0,0 +1,3 @@ +#!/bin/sh + +test -f /var/run/reboot-required -a ! -f /etc/cosmos-manual-reboot && reboot |