xref: /netbsd-src/distrib/utils/embedded/files/ec2_init (revision c2966121dc43598c9ebaf304b0b768f8e0d91972) 
1#!/bin/sh
2#
3# $NetBSD: ec2_init,v 1.6 2023/09/27 00:27:07 riastradh Exp $
4#
5# PROVIDE: ec2_init
6# REQUIRE: NETWORKING
7# BEFORE:  LOGIN
8
9$_rc_subr_loaded . /etc/rc.subr
10
11name="ec2_init"
12rcvar=${name}
13start_cmd="ec2_init"
14stop_cmd=":"
15
16CLOUD_TYPE=EC2	# default
17
18case "$(/sbin/sysctl -n machdep.dmi.chassis-asset-tag 2>/dev/null)" in
19OracleCloud*)
20	CLOUD_TYPE=OCI
21	;;
22esac
23
24case ${CLOUD_TYPE} in
25EC2)
26	EC2_USER="ec2-user"
27	METADATA_URL="http://169.254.169.254/latest/meta-data/"
28	SSH_KEY_URL="public-keys/0/openssh-key"
29	;;
30OCI)
31	EC2_USER="opc"
32	METADATA_URL="http://169.254.169.254/opc/v1/instance/"
33	SSH_KEY_URL="metadata/ssh_authorized_keys"
34	;;
35esac
36
37HOSTNAME_URL="hostname"
38
39SSH_KEY_FILE="/home/${EC2_USER}/.ssh/authorized_keys"
40
41OS_METADATA_URL="http://169.254.169.254/openstack/latest/meta_data.json"
42
43ec2_newuser()
44{
45	echo "Creating ${CLOUD_TYPE} user account ${EC2_USER}"
46	useradd -g users -G wheel,operator -m "${EC2_USER}"
47}
48
49extract_random_seed()
50{
51	sed -n -e '/random_seed/s/.*"random_seed": *"\([A-Za-z0-9+/=]*\)".*/\1/p'
52}
53
54ec2_init()
55{
56	(
57	umask 022
58
59	# set hostname; it may be 5-10 seconds for the metadata service
60	# to become reachable.
61	try=0
62	while [ $((try++)) -lt 20 ]
63	do
64		HOSTNAME=$(ftp -o - -q 2 "${METADATA_URL}${HOSTNAME_URL}")
65		if [ -n "$HOSTNAME" ]; then
66			echo "Setting ${CLOUD_TYPE} hostname: ${HOSTNAME}"
67			echo "$HOSTNAME" > /etc/myname
68			hostname "$HOSTNAME"
69			break
70		fi
71		echo "${CLOUD_TYPE} hostname not available yet (try $try)"
72		sleep 1
73	done
74
75	# create cloud user
76	id "${EC2_USER}" >/dev/null 2>&1 || ec2_newuser
77
78	# fetch the public key from the metadata service
79	EC2_SSH_KEY=$(ftp -o - -q 2 "${METADATA_URL}${SSH_KEY_URL}")
80
81	if [ -n "$EC2_SSH_KEY" ]; then
82		# A key pair is associated with this instance, add it
83		# to EC2_USER's 'authorized_keys' file
84		mkdir -p $(dirname "$SSH_KEY_FILE")
85		chown "${EC2_USER}:users" $(dirname "$SSH_KEY_FILE")
86		touch "$SSH_KEY_FILE"
87		chown "${EC2_USER}:users" "$SSH_KEY_FILE"
88		cd $(dirname "$SSH_KEY_FILE")
89
90		grep -q "$EC2_SSH_KEY" "$SSH_KEY_FILE"
91		if [ $? -ne 0 ]; then
92			echo "Setting ${CLOUD_TYPE} SSH public key for user ${EC2_USER}: ${EC2_SSH_KEY##* }"
93			echo "$EC2_SSH_KEY" >> "$SSH_KEY_FILE"
94		fi
95	fi
96
97	# May contain a "random_seed".
98	OS_METADATA="$(ftp -o - -q 2 ${OS_METADATA_URL})"
99	if echo "$OS_METADATA" | grep -q random_seed; then
100		echo "$OS_METADATA" | extract_random_seed |
101		    base64 -di >> /dev/urandom
102	fi
103	)
104}
105
106load_rc_config $name
107run_rc_command "$1"
108