From 7b2223d9eeefa92ea968836d6c65c4d96461cdf7 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 26 Dec 2019 03:35:16 +0100 Subject: openbsd: add site.tgz to further customize the installation --- .../autoinstall/templates/auto_install.conf.j2 | 4 ++-- .../openbsd/autoinstall/templates/install.site.j2 | 21 +++++++++++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) create mode 100644 roles/installer/openbsd/autoinstall/templates/install.site.j2 (limited to 'roles/installer/openbsd/autoinstall/templates') diff --git a/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2 b/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2 index 46a87cc8..18e85a80 100644 --- a/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2 +++ b/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2 @@ -16,9 +16,9 @@ Change the default console to {{ obsd_autoinstall_serial_device }} = yes Which speed should {{ obsd_autoinstall_serial_device }} use = {{ obsd_autoinstall_tty_serial | default(115200) }} {% endif %} -{# TODO: what if there are more than one ssh keys? #} +{# we will install only one key for now, install.site will install the rest #} Public ssh key for root account = {{ ssh_keys_root[0] }} -Password for root = ! +Password for root = this-very-very-secure-password-will-be-overwritten-by-install.site Setup a user = no Start sshd(8) by default = yes Allow root ssh login = prohibit-password diff --git a/roles/installer/openbsd/autoinstall/templates/install.site.j2 b/roles/installer/openbsd/autoinstall/templates/install.site.j2 new file mode 100644 index 00000000..f4f9524d --- /dev/null +++ b/roles/installer/openbsd/autoinstall/templates/install.site.j2 @@ -0,0 +1,21 @@ +#!/bin/sh + +## TODO: enable this once we know how this works +## echo "Generating random root pasword" +## openssl rand -base64 24 | passwd root + +echo "Installing SSH keys for root" +cat < /root/.ssh/authorized_keys +{{ ssh_keys_root | join('\n') }} +EOF + +{% if hostvars[hostname].ansible_port is defined %} +echo "Setting SSH port to {{ hostvars[hostname].ansible_port }}" +sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config +{% endif %} + +echo "Installing python" +pkg_add -Im python%3.7 + + +rm /install.site -- cgit v1.2.3