xref: /netbsd-src/distrib/utils/embedded/files/ec2_init (revision aef5eb5f59cdfe8314f1b5f78ac04eb144e44010) 
1#!/bin/sh
2#
3# $NetBSD: ec2_init,v 1.4 2021/07/20 19:31:23 rhialto Exp $
4#
5# PROVIDE: ec2_init
6# REQUIRE: NETWORKING
7# BEFORE:  LOGIN
8
9$_rc_subr_loaded . /etc/rc.subr
10
11name="ec2_init"
12rcvar=${name}
13start_cmd="ec2_init"
14stop_cmd=":"
15
16EC2_USER="ec2-user"
17METADATA_URL="http://169.254.169.254/latest/meta-data/"
18SSH_KEY_URL="public-keys/0/openssh-key"
19HOSTNAME_URL="hostname"
20
21SSH_KEY_FILE="/home/${EC2_USER}/.ssh/authorized_keys"
22
23OS_METADATA_URL="http://169.254.169.254/openstack/latest/meta_data.json"
24
25ec2_newuser()
26{
27	echo "Creating EC2 user account ${EC2_USER}"
28	useradd -g users -G wheel,operator -m "${EC2_USER}"
29}
30
31extract_random_seed()
32{
33	sed -n -e '/random_seed/s/.*"random_seed": *"\([A-Za-z0-9+/=]*\)".*/\1/p'
34}
35
36ec2_init()
37{
38	(
39	umask 022
40
41	# set hostname; it may be 5-10 seconds for the metadata service
42	# to  become reachable.
43	try=0
44	while [ $((try++)) -lt 20 ]
45	do
46		HOSTNAME=$(ftp -o - -q 2 "${METADATA_URL}${HOSTNAME_URL}")
47		if [ -n "$HOSTNAME" ]; then
48			echo "Setting EC2 hostname: ${HOSTNAME}"
49			echo "$HOSTNAME" > /etc/myname
50			hostname "$HOSTNAME"
51			break
52		fi
53		echo "EC2 hostname not available yet (try $try)"
54		sleep 1
55	done
56
57	# create EC2 user
58	id "${EC2_USER}" >/dev/null 2>&1 || ec2_newuser
59
60	# fetch the public key from Amazon Web Services
61	EC2_SSH_KEY=$(ftp -o - -q 2 "${METADATA_URL}${SSH_KEY_URL}")
62
63	if [ -n "$EC2_SSH_KEY" ]; then
64		# A key pair is associated with this instance, add it
65		# to EC2_USER's 'authorized_keys' file
66		mkdir -p $(dirname "$SSH_KEY_FILE")
67		chown "${EC2_USER}:users" $(dirname "$SSH_KEY_FILE")
68		touch "$SSH_KEY_FILE"
69		chown "${EC2_USER}:users" "$SSH_KEY_FILE"
70		cd $(dirname "$SSH_KEY_FILE")
71
72		grep -q "$EC2_SSH_KEY" "$SSH_KEY_FILE"
73		if [ $? -ne 0 ]; then
74			echo "Setting EC2 SSH public key for user ${EC2_USER}: ${EC2_SSH_KEY##* }"
75			echo "$EC2_SSH_KEY" >> "$SSH_KEY_FILE"
76		fi
77	fi
78
79	# May contain a "random_seed".
80	OS_METADATA="$(ftp -o - -q 2 ${OS_METADATA_URL})"
81	if echo "$OS_METADATA" | grep -q random_seed; then
82		echo "$OS_METADATA" | extract_random_seed |
83		    base64 -di >> /dev/urandom
84	fi
85	)
86}
87
88load_rc_config $name
89run_rc_command "$1"
90