| 1 | #!/bin/bash |
| 2 | |
| 3 | # Run on newly created node as a kerberos/afs admin with local sudo rights |
| 4 | |
| 5 | set -e |
| 6 | set -v |
| 7 | set -x |
| 8 | |
| 9 | # Misc postinst stuff |
| 10 | # Unfortunately has to be run after the first reboot by an admin user |
| 11 | |
| 12 | # Extract host keytab |
| 13 | sudo kadmin -p ${USER}@HCOOP.NET -r HCOOP.NET -q "ktadd -k /etc/krb5.keytab host/outpost.hcoop.net@HCOOP.NET" |
| 14 | sudo chown root:root /etc/krb5.keytab |
| 15 | sudo chmod go-rwx /etc/krb5.keytab |
| 16 | |
| 17 | # Sync initial set of keytabs |
| 18 | sudo mkdir -p /etc/keytabs |
| 19 | |
| 20 | (ssh fritz.hcoop.net cd /etc/keytabs \; sudo tar clpf - . | \ |
| 21 | (cd /etc/keytabs; sudo tar xlpf -)) |
| 22 | |
| 23 | # deploy domtool locally |
| 24 | sudo touch /var/log/domtool.log |
| 25 | sudo chown domtool:nogroup /var/log/domtool.log |
| 26 | sudo chmod 600 /var/log/domtool.log |
| 27 | |
| 28 | sudo mkdir -p /var/domtool |
| 29 | sudo chown domtool:nogroup /var/domtool |
| 30 | sudo chmod 755 /var/domtool |
| 31 | |
| 32 | #sudo mkdir -p /var/log/apache2 |
| 33 | #sudo mkdir -p /var/log/apache2/user |
| 34 | #sudo chown domtool:nogroup /var/log/apache2/user |
| 35 | #sudo chmod 755 /var/log/apache2/user |
| 36 | #sudo -u domtool mkdir -p /var/domtool/vhosts |
| 37 | |
| 38 | sudo -u domtool touch /var/domtool/local_domains.cfg |
| 39 | |
| 40 | sudo -u domtool mkdir -p /var/domtool/firewall |
| 41 | sudo -u domtool mkdir -p /var/domtool/zones |
| 42 | |
| 43 | # FIXME: move this script to the common scripts volume |
| 44 | ~clinton_admin/deploy-domtool-on-host.sh --slave --bootstrap |
| 45 | |
| 46 | fwtool regen outpost |
| 47 | |
| 48 | # Basic Packages Needed for Web Serving |
| 49 | #sudo apt-get install apache2-mpm-prefork hcoop-apache2-config |
| 50 | |
| 51 | echo "Manually run 'domtool-admin regen' if needed" |