Kickstart install script
Jump to navigation
Jump to search
This script is used to provide a 'headless' install on NEXS from the usb key:
#!/bin/bash set -x set -o nounset set -o errexit echo "install.sh version 2.0" > /tmp/summary.log #complete install and configuration of XS #get command line arguments school, server USAGE="usage: ./XSinstall school server" set +o errexit if [ -z $1 ]; then echo $USAGE; exit 1;fi if [ -z $2 ]; then echo $USAGE; exit 1;fi if [ -n $1 ] then SCHOOL=$1 else echo $USAGE; exit 1 fi if [ -n $2 ] then SERVER=$2 else echo $USAGE; exit 1 fi set +o errexit echo "school is $SCHOOL" >> /tmp/summary.log echo "server is $SERVER" >> /tmp/summary.log echo "execute olpc domain_config script" >> /tmp/summary.log /etc/sysconfig/olpc-scripts/domain_config schoolnet.gov.np echo "fix dhcp range" >> /tmp/summary.log sed 's/172.18.0.2 /172.18.0.12 /g' /etc/dhcpd-xs.conf > /tmp/work cp /tmp/work /etc/dhcpd-xs.conf echo "Edit /etc/hosts" >> /tmp/summary.log #edit /etc/hosts LINE1=" 192.168.5.$SERVER schoolserver1.$SCHOOL.schoolnet.gov.np" LINE2=" 172.18.0.1 schoolserver" sed "s/conference.schoolserver/conference.schoolserver\n$LINE1\n$LINE2/g" /etc/hosts > /tmp/hosts cp /tmp/hosts /etc/hosts echo "/tmp/hosts" >> /tmp/summary.log cat /tmp/hosts >> /tmp/summary.log echo "remove unused interfaces" >>/tmp/summary.log #remove unused interfaces service network stop rm /etc/sysconfig/network-scripts/ifcfg-msh* rm /etc/sysconfig/network-scripts/ifcfg-br* rm /etc/sysconfig/network-scripts/ifcfg-eth1:1 rm /etc/sysconfig/network-scripts/ifcfg-eth2 rm /etc/sysconfig/network-scripts/ifcfg-eth3 rm /etc/sysconfig/network-scripts/ifcfg-eth4 echo "edit ifcfg-eth0" >> /tmp/summary.log #change eth0 to use static address: 192.168.5.$SERVER cd /etc/sysconfig/network-scripts sed 's/BOOTPROTO=dhcp/#BOOTPROTO=dhcp/g' /etc/sysconfig/network-scripts/ifcfg-eth0 > /tmp/work cp /tmp/work /tmp/eth0 SEARCH='a static address is assigned' sed "s/$SEARCH/$SEARCH\nIPADDR=192.168.5.$SERVER\nNETMASK=255.255.255.0\nGATEWAY=192.168.5.1\nBOOTPROTO=static/g" /tmp/eth0 >/tmp/work cp /tmp/work /tmp/eth0 sed 's/HWADDR/#HWADDR/g' /tmp/eth0 /tmp/work cp /tmp/work /etc/sysconfig/network-scripts/ifcfg-eth0 echo "ifcfg-eth0" >> /tmp/summary.log cat ifcfg-eth0 >>/tmp/summary.log echo "restart eth0" >>/tmp/summary.log echo "edit ifcfg-eth1" >> /tmp/summary.log #change eth1 to use static address 172.18.0.1 sed 's/DEVICE=eth1/DEVICE=eth1\nBOOTPROTO=static/g' /etc/sysconfig/network-scripts/ifcfg-eth1 > /tmp/work cp /tmp/work /tmp/eth1 sed 's/IPADDR.*$/IPADDR=172.18.0.1/g' /tmp/eth1 /tmp/work cp /tmp/work /tmp/eth1 sed 's/NETMASK.*$/NETMASK=255.255.254.0/g' /tmp/eth1 /tmp/work cp /tmp/work /tmp/eth1 sed 's/NETWORK.*$/NETWORK=172.18.0.0/g' /tmp/eth1 /tmp/work cp /tmp/work /tmp/eth1 sed "s/BROADCAST.*$/BROADCAST=172.18.1.255\nGATEWAY=192.168.5.$SERVER/g" /tmp/eth1 /tmp/work cp /tmp/work /tmp/eth1 sed 's/HWADDR/#HWADDR/g' /tmp/eth1 >/tmp/work cp /tmp/work /etc/sysconfig/network-scripts/ifcfg-eth1 echo "ifcfg-eth1" >>/tmp/summary.log cat ifcfg-eth1 >> /tmp/summary.log echo "restart eth1" >> /tmp/summary.log echo "disable IPV6" >> /tmp/summary.log #check that IPV6 is disabled: #confirm that /etc/sysconfig/network contains the lines: sed 's/NETWORKING=.*$/NETWORKING=yes/g' /etc/sysconfig/network >/tmp/work cp /tmp/work /tmp/network sed 's/NETWORKING_IPV6.*$/NETWORKING_IPV6=no/g' /tmp/network >/tmp/work cp /tmp/work /tmp/network sed 's/IPV6FORWARDING.*$/IPV6FORWARDING=no/g' /tmp/network > /tmp/work cp /tmp/work /tmp/network sed "s/IPV6_AUTOCONF.*$/IPV6_AUTOCONF=no\nHOSTNAME=schoolserver1.$SCHOOL.schoolnet.gov.np/g" /tmp/network > /tmp/work cp /tmp/work /etc/sysconfig/network echo "/etc/sysconfig/network" >> /tmp/summary.log cat /etc/sysconfig/network >> /tmp/summary.log echo "fix resolv.conf" >> /tmp/summary.log sed "s/nameserver.*$/nameserver 172.18.0.1\nnameserver 192.168.5.1/g" /etc/resolv.conf > /tmp/work cp /tmp/work /etc/resolv.conf service network restart echo "ifconfig" >> /tmp/summary.log ifconfig >> /tmp/summary.log echo "Setup SSH access" >> /tmp/summary.log #setup SSH access #provide admin user since SSH cannot log in as root useradd admin echo "admin"|passwd --stdin admin usermod -a -G wheel admin sed 's/^PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config > /tmp/work cp /tmp/work /etc/ssh/sshd_config service sshd restart
####configure MySQL PASSWORD=mysqlroot service mysqld restart (mysqld_safe --skip-grant-tables &) echo "mysqld_safe started" >> /tmp/summary.log sleep 8 mysql -u root -e "use mysql; update user set password = PASSWORD(\"$PASSWORD\") where user = \"root\"" |tee >> /tmp/summary.log echo "mysql update successful" service mysqld stop sleep 8
## migrate mysql-data to a new place /bin/mv /var/lib/mysql /library/mysql-data chown mysql:mysql -R /library/mysql-data cp -varfp my.cnf /etc/my.cnf chkconfig --level 345 mysqld on echo '## migrating mysql-data to a new place [done]'
################# SQUID ############################### cat /root/squid-xs.conf > /etc/squid/squid-xs.conf cat /root/squid-xs.conf > /etc/squid/squid.conf echo "change cache owner" >> /tmp/summary.log chown -R squid:squid /library/cache echo "start iptables and squid" >> /tmp/summary.log chkconfig --level 345 iptables off chkconfig --level 345 squid on
############## making data dir for moodle echo '############## making data dir for moodle' mkdir /library/moodledata chown -R apache:apache /library/moodledata mkdir /library/Activities/ ln -s /library/Activities /var/www/moodle/Activities chown -R apache:apache /library/Activities
############ TURN ON some services chkconfig --level 345 named on chkconfig --level 345 network on chkconfig --level 345 squid on chkconfig --level 345 httpd on chkconfig --level 345 dhcpd on
#configure ejabberd #reset to be sure service ejabberd stop echo "configure ejabberd" >> /tmp/summary.log cp -varf /root/ejabberd.cfg /etc/ejabberd/ service ejabberd restart sleep 6 ejabberdctl ejabberd@schoolserver register admin schoolserver admin
sed -i 's/8080/12121/' /etc/dansguardian/dansguardian.conf sed -i '/root/d' /etc/rc.local echo 'iptables -t filter -F' >> /etc/rc.local echo 'iptables -t nat -F' >> /etc/rc.local echo 'iptables -t mangle -F' >> /etc/rc.local echo 'iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE' >> /etc/rc.local echo 'iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-ports 12121' >> /etc/rc.local echo 'dansguardian -Q' >> /etc/rc.local ##eject reboot