xref: /netbsd-src/distrib/utils/embedded/files/ec2_init (revision 7a21ea705ef5f638d9e0461117e90ba12154a268) 
1#!/bin/sh
2#
3# $NetBSD: ec2_init,v 1.3 2021/07/15 19:03:17 rhialto Exp $
4#
5# PROVIDE: ec2_init
6# REQUIRE: NETWORKING
7# BEFORE:  LOGIN
8
9$_rc_subr_loaded . /etc/rc.subr
10
11name="ec2_init"
12rcvar=${name}
13start_cmd="ec2_init"
14stop_cmd=":"
15
16EC2_USER="ec2-user"
17METADATA_URL="http://169.254.169.254/latest/meta-data/"
18SSH_KEY_URL="public-keys/0/openssh-key"
19HOSTNAME_URL="hostname"
20
21SSH_KEY_FILE="/home/${EC2_USER}/.ssh/authorized_keys"
22
23OS_METADATA_URL="http://169.254.169.254/openstack/latest/meta_data.json"
24
25ec2_newuser()
26{
27	echo "Creating EC2 user account ${EC2_USER}"
28	useradd -g users -G wheel,operator -m "${EC2_USER}"
29}
30
31ec2_init()
32{
33	(
34	umask 022
35
36	# set hostname; it may be 5-10 seconds for the metadata service
37	# to  become reachable.
38	try=0
39	while [ $((try++)) -lt 20 ]
40	do
41		HOSTNAME=$(ftp -o - -q 1 "${METADATA_URL}${HOSTNAME_URL}")
42		if [ -n "$HOSTNAME" ]; then
43			echo "Setting EC2 hostname: ${HOSTNAME}"
44			echo "$HOSTNAME" > /etc/myname
45			hostname "$HOSTNAME"
46			break
47		fi
48		echo "EC2 hostname not available yet (try $try)"
49		sleep 1
50	done
51
52	# create EC2 user
53	id "${EC2_USER}" >/dev/null 2>&1 || ec2_newuser
54
55	# fetch the public key from Amazon Web Services
56	EC2_SSH_KEY=$(ftp -o - -q 1 "${METADATA_URL}${SSH_KEY_URL}")
57
58	if [ -n "$EC2_SSH_KEY" ]; then
59		# A key pair is associated with this instance, add it
60		# to EC2_USER's 'authorized_keys' file
61		mkdir -p $(dirname "$SSH_KEY_FILE")
62		chown "${EC2_USER}:users" $(dirname "$SSH_KEY_FILE")
63		touch "$SSH_KEY_FILE"
64		chown "${EC2_USER}:users" "$SSH_KEY_FILE"
65		cd $(dirname "$SSH_KEY_FILE")
66
67		grep -q "$EC2_SSH_KEY" "$SSH_KEY_FILE"
68		if [ $? -ne 0 ]; then
69			echo "Setting EC2 SSH public key for user ${EC2_USER}: ${EC2_SSH_KEY##* }"
70			echo "$EC2_SSH_KEY" >> "$SSH_KEY_FILE"
71		fi
72	fi
73
74	# May contain a "random_seed". Everything else doesn't matter.
75	OS_METADATA="$(ftp -o - -q 1 ${OS_METADATA_URL})"
76	if echo "$OS_METADATA" | grep -q random_seed; then
77		echo "$OS_METADATA" >> /dev/urandom
78	fi
79	)
80}
81
82load_rc_config $name
83run_rc_command "$1"
84