From e9b7fde44fa4ebc1a85c6d4d87116475007dc218 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Mon, 8 Aug 2016 18:30:09 +0300 Subject: Initial installer.conf/customize --- installer.customize | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 installer.customize (limited to 'installer.customize') diff --git a/installer.customize b/installer.customize new file mode 100644 index 0000000..8649abf --- /dev/null +++ b/installer.customize @@ -0,0 +1,42 @@ +#!/bin/sh +# +# installer.customize - configure installer image +# +# Copyright 2016 Lars Wirzenius +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + + +set -eu + +# Avoid any problems (mainly weird perl warnings) from inherited +# locale from user. +export LC_ALL=C + +rootdir="$1" + +# Create an account for ansible. +chroot "$rootdir" adduser --gecos 'Installer' --disabled-password installer + +# Install an authorize_keys file so that ansible can access the account. +chroot "$rootdir" install -d -o ansible -g ansible -m 0700 /home/ansible/.ssh +install -m 0600 authorized_keys "$rootdir/home/ansible/.ssh/authorized_keys" +chroot "$rootdir" chown ansible:ansible /home/ansible/.ssh/authorized_keys + +# Add ansible to sudoers, without password. +cat <> "$rootdir/etc/sudoers.d/installer" +installer ALL=(ALL:ALL) NOPASSWD: ALL +EOF +chroot "$rootdir" chown root:root /etc/sudoers.d/installer +chroot "$rootdir" chmod 0440 /etc/sudoers.d/installer -- cgit v1.2.1