mirror of
https://github.com/VictoriaMetrics/VictoriaMetrics.git
synced 2025-01-07 08:32:18 +01:00
318 lines
6.2 KiB
Bash
318 lines
6.2 KiB
Bash
|
#!/bin/bash
|
||
|
|
||
|
# shopt -s inherit_errexit
|
||
|
set -o errexit
|
||
|
|
||
|
###################################################################
|
||
|
## Vultr Marketplace Helper Functions
|
||
|
|
||
|
function error_detect_on()
|
||
|
{
|
||
|
set -euo pipefail
|
||
|
}
|
||
|
|
||
|
function error_detect_off()
|
||
|
{
|
||
|
set +euo pipefail
|
||
|
}
|
||
|
|
||
|
function enable_verbose_commands()
|
||
|
{
|
||
|
set -x
|
||
|
}
|
||
|
|
||
|
function disable_verbose_commands()
|
||
|
{
|
||
|
set +x
|
||
|
}
|
||
|
|
||
|
function get_metadata_item()
|
||
|
{
|
||
|
local item_path="${1:-}"
|
||
|
local item_value
|
||
|
|
||
|
item_value="$(curl --fail --silent --header "Metadata-Token: vultr" "http://169.254.169.254/${item_path}")"
|
||
|
|
||
|
echo "${item_value}"
|
||
|
}
|
||
|
|
||
|
function get_hostname()
|
||
|
{
|
||
|
get_metadata_item "latest/meta-data/hostname"
|
||
|
}
|
||
|
|
||
|
function get_userdata()
|
||
|
{
|
||
|
get_metadata_item "latest/user-data"
|
||
|
}
|
||
|
|
||
|
function get_sshkeys()
|
||
|
{
|
||
|
get_metadata_item "current/ssh-keys"
|
||
|
}
|
||
|
|
||
|
function get_var()
|
||
|
{
|
||
|
local var_name="${1:-}"
|
||
|
local var_val
|
||
|
var_val="$(get_metadata_item "v1/internal/app-${var_name}" 2>/dev/null)"
|
||
|
|
||
|
eval "${var_name}='${var_val}'"
|
||
|
}
|
||
|
|
||
|
function get_ip()
|
||
|
{
|
||
|
local ip_var="${1:-}"
|
||
|
local ip_val
|
||
|
ip_val="$(get_metadata_item "latest/meta-data/public-ipv4" 2>/dev/null)"
|
||
|
|
||
|
eval "${ip_var}='${ip_val}'"
|
||
|
}
|
||
|
|
||
|
function wait_on_apt_lock()
|
||
|
{
|
||
|
until ! lsof -t /var/cache/apt/archives/lock /var/lib/apt/lists/lock /var/lib/dpkg/lock >/dev/null 2>&1
|
||
|
do
|
||
|
echo "Waiting 3 for apt lock currently held by another process."
|
||
|
sleep 3
|
||
|
done
|
||
|
}
|
||
|
|
||
|
function apt_safe()
|
||
|
{
|
||
|
wait_on_apt_lock
|
||
|
apt install -y "$@"
|
||
|
}
|
||
|
|
||
|
function apt_update_safe()
|
||
|
{
|
||
|
wait_on_apt_lock
|
||
|
apt update -y
|
||
|
}
|
||
|
|
||
|
function apt_upgrade_safe()
|
||
|
{
|
||
|
wait_on_apt_lock
|
||
|
DEBIAN_FRONTEND=noninteractive apt upgrade -y
|
||
|
}
|
||
|
|
||
|
function apt_remove_safe()
|
||
|
{
|
||
|
wait_on_apt_lock
|
||
|
apt remove -y --auto-remove "$@"
|
||
|
}
|
||
|
|
||
|
function apt_clean_safe()
|
||
|
{
|
||
|
wait_on_apt_lock
|
||
|
apt autoremove -y
|
||
|
|
||
|
wait_on_apt_lock
|
||
|
apt autoclean -y
|
||
|
}
|
||
|
|
||
|
function update_and_clean_packages()
|
||
|
{
|
||
|
# RHEL/CentOS
|
||
|
if [[ -f /etc/redhat-release ]]; then
|
||
|
yum update -y
|
||
|
yum clean all
|
||
|
# Ubuntu / Debian
|
||
|
elif grep -qs "debian" /etc/os-release 2>/dev/null; then
|
||
|
apt_update_safe
|
||
|
apt_upgrade_safe
|
||
|
apt_clean_safe
|
||
|
fi
|
||
|
}
|
||
|
|
||
|
function set_vultr_kernel_option()
|
||
|
{
|
||
|
# RHEL/CentOS
|
||
|
if [[ -f /etc/redhat-release ]]; then
|
||
|
/sbin/grubby --update-kernel=ALL --args vultr
|
||
|
# Ubuntu / Debian
|
||
|
elif grep -qs "debian" /etc/os-release 2>/dev/null; then
|
||
|
sed -i -e "/^GRUB_CMDLINE_LINUX_DEFAULT=/ s/\"$/ vultr\"/" /etc/default/grub
|
||
|
update-grub
|
||
|
fi
|
||
|
}
|
||
|
|
||
|
function install_cloud_init()
|
||
|
{
|
||
|
local cloud_init_exe
|
||
|
cloud_init_exe="$(command -v cloud-init >/dev/null 2>&1)"
|
||
|
if [[ -x "${cloud_init_exe}" ]]; then
|
||
|
echo "cloud-init is already installed."
|
||
|
return
|
||
|
fi
|
||
|
|
||
|
local release_version="${1:-"latest"}"
|
||
|
if [[ "${release_version}" != "latest" && "${release_version}" != "nightly" ]]; then
|
||
|
echo "${release_version} is an invalid release option. Allowed: latest, nightly"
|
||
|
exit 255
|
||
|
fi
|
||
|
|
||
|
# Lets remove all traces of previously installed cloud-init
|
||
|
# Ubuntu installs have proven problematic with their left over
|
||
|
# configs for the installer in recent versions
|
||
|
cleanup_cloudinit
|
||
|
|
||
|
update_and_clean_packages
|
||
|
|
||
|
local build_type
|
||
|
local package_ext
|
||
|
|
||
|
[[ -e /etc/os-release ]] && . /etc/os-release
|
||
|
case "${ID:-}" in
|
||
|
debian)
|
||
|
build_type="debian"
|
||
|
package_ext="deb"
|
||
|
;;
|
||
|
fedora)
|
||
|
build_type="rhel"
|
||
|
package_ext="rpm"
|
||
|
;;
|
||
|
ubuntu)
|
||
|
build_type="universal"
|
||
|
package_ext="deb"
|
||
|
;;
|
||
|
*)
|
||
|
case "${ID_LIKE:-}" in
|
||
|
*rhel*)
|
||
|
build_type="rhel"
|
||
|
package_ext="rpm"
|
||
|
;;
|
||
|
*)
|
||
|
echo "Unable to determine OS. Please install from source!"
|
||
|
exit 255
|
||
|
esac
|
||
|
esac
|
||
|
|
||
|
local cloud_init_package="cloud-init_${build_type}_${release_version}.${package_ext}"
|
||
|
wget -O "/tmp/${cloud_init_package}" "https://ewr1.vultrobjects.com/cloud_init_beta/${cloud_init_package}"
|
||
|
|
||
|
case "${package_ext}" in
|
||
|
rpm)
|
||
|
yum install -y "/tmp/${cloud_init_package}"
|
||
|
;;
|
||
|
deb)
|
||
|
apt_safe "/tmp/${cloud_init_package}"
|
||
|
;;
|
||
|
*)
|
||
|
echo "Unable to determine package installation method."
|
||
|
exit 255
|
||
|
esac
|
||
|
|
||
|
rm -f "/tmp/${cloud_init_package}"
|
||
|
}
|
||
|
|
||
|
function cleanup_cloudinit()
|
||
|
{
|
||
|
rm -rf \
|
||
|
/etc/cloud \
|
||
|
/etc/systemd/system/cloud-init.target.wants/* \
|
||
|
/lib/systemd/system/cloud* \
|
||
|
/run/cloud-init \
|
||
|
/usr/bin/cloud* \
|
||
|
/usr/lib/cloud* \
|
||
|
/usr/local/bin/cloud* \
|
||
|
/usr/src/cloud* \
|
||
|
/var/log/cloud*
|
||
|
}
|
||
|
|
||
|
function clean_tmp()
|
||
|
{
|
||
|
mkdir -p /tmp
|
||
|
chmod 1777 /tmp
|
||
|
rm -rf /tmp/* /var/tmp/*
|
||
|
}
|
||
|
|
||
|
function clean_keys()
|
||
|
{
|
||
|
rm -f /root/.ssh/authorized_keys /etc/ssh/*key*
|
||
|
touch /etc/ssh/revoked_keys
|
||
|
chmod 600 /etc/ssh/revoked_keys
|
||
|
}
|
||
|
|
||
|
function clean_logs()
|
||
|
{
|
||
|
find /var/log -mtime -1 -type f -exec truncate -s 0 {} \;
|
||
|
rm -rf \
|
||
|
/var/log/*.[0-9] \
|
||
|
/var/log/*.gz \
|
||
|
/var/log/*.log \
|
||
|
/var/log/lastlog \
|
||
|
/var/log/wtmp
|
||
|
|
||
|
: > /var/log/auth.log
|
||
|
}
|
||
|
|
||
|
function clean_history()
|
||
|
{
|
||
|
history -c
|
||
|
: > /root/.bash_history
|
||
|
unset HISTFILE
|
||
|
}
|
||
|
|
||
|
function clean_mloc()
|
||
|
{
|
||
|
/usr/bin/updatedb || true
|
||
|
}
|
||
|
|
||
|
function clean_random()
|
||
|
{
|
||
|
rm -f /var/lib/systemd/random-seed
|
||
|
}
|
||
|
|
||
|
function clean_machine_id()
|
||
|
{
|
||
|
[[ -e /etc/machine-id ]] && : > /etc/machine-id
|
||
|
[[ -e /var/lib/dbus/machine-id ]] && : > /var/lib/dbus/machine-id
|
||
|
}
|
||
|
|
||
|
function clean_free_space()
|
||
|
{
|
||
|
dd if=/dev/zero of=/zerofile || true
|
||
|
sync
|
||
|
rm -f /zerofile
|
||
|
sync
|
||
|
}
|
||
|
|
||
|
function trim_ssd()
|
||
|
{
|
||
|
fstrim / || true
|
||
|
}
|
||
|
|
||
|
function cleanup_marketplace_scripts()
|
||
|
{
|
||
|
rm -f /root/*.sh
|
||
|
}
|
||
|
|
||
|
function disable_network_manager()
|
||
|
{
|
||
|
## Disable NetworkManager, replace with network-scripts
|
||
|
systemctl disable --now NetworkManager
|
||
|
sed -i \
|
||
|
-e 's/^ONBOOT.*/ONBOOT=yes/g' \
|
||
|
-e 's/^NM_CONTROLLED.*/NM_CONTROLLED=no/g' /etc/sysconfig/network-scripts/ifcfg-*
|
||
|
yum install -y network-scripts
|
||
|
}
|
||
|
|
||
|
function clean_system()
|
||
|
{
|
||
|
|
||
|
update_and_clean_packages
|
||
|
set_vultr_kernel_option
|
||
|
clean_tmp
|
||
|
clean_keys
|
||
|
clean_logs
|
||
|
clean_history
|
||
|
clean_random
|
||
|
clean_machine_id
|
||
|
clean_mloc
|
||
|
clean_free_space
|
||
|
trim_ssd
|
||
|
|
||
|
cleanup_marketplace_scripts
|
||
|
}
|