Merge pull request #40 from redBorder/development

Release 0.5.0
redBorder · Aug 16, 2024 · 4344eeb · 4344eeb
2 parents ec02f58 + 28f7dcc
commit 4344eeb
Show file tree

Hide file tree

Showing 5 changed files with 88 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,15 @@
 cookbook-rb-ips CHANGELOG
 ===============
 
+## 0.5.0
+
+  - Miguel Álvarez
+    - [8bb737e] Update system_health.rb
+    - [6d1f480] Fix motd when ssh version
+    - [3b39cfa] Only create ssh user if not cloud registration
+    - [fabdd03] Add rsa pub key
+    - [01a3935] Configure redBorder user
+
 ## 0.4.0
 
   - Miguel Álvarez

diff --git a/resources/metadata.rb b/resources/metadata.rb
@@ -3,7 +3,7 @@
 maintainer_email 'git@redborder.com'
 license          'AGPL-3.0'
 description      'Installs/Configures redborder ips'
-version          '0.4.0'
+version          '0.5.0'
 
 depends 'rb-common'
 depends 'geoip'

diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb
@@ -144,7 +144,12 @@
 # end
 
 # Motd
-manager = `grep "cloud_address" /etc/redborder/rb_init_conf.yml | cut -d' ' -f2`
+
+manager = if node['redborder']['cloud']
+            `grep "cloud_address" /etc/redborder/rb_init_conf.yml | cut -d' ' -f2`
+          else
+            `grep "webui_host" /etc/redborder/rb_init_conf.yml | cut -d' ' -f2`
+          end
 
 template '/etc/motd' do
   source 'motd.erb'
@@ -194,6 +199,39 @@
   retries 2
 end
 
+begin
+  ssh_secrets = data_bag_item('passwords', 'ssh')
+rescue
+  ssh_secrets = {}
+end
+
+unless node['redborder']['cloud']
+  # ssh user for webui execute commands on
+  execute 'create_user_redBorder' do
+    command 'sudo useradd -m -s /bin/bash redBorder'
+    not_if 'getent passwd redBorder'
+  end
+
+  directory '/home/redBorder/.ssh' do
+    owner 'redBorder'
+    group 'redBorder'
+    mode '0755'
+    action :create
+  end
+
+  unless ssh_secrets.empty? || ssh_secrets['public_rsa'].nil?
+    template '/home/redBorder/.ssh/authorized_keys' do
+      source 'rsa.pub.erb'
+      owner 'redBorder'
+      group 'redBorder'
+      mode '0600'
+      variables(
+        public_rsa: ssh_secrets['public_rsa']
+      )
+      action :create
+    end
+  end
+end
 # template "/opt/rb/etc/sysconfig/iptables" do
 #   source "iptables.erb"
 #   owner "root"

diff --git a/resources/recipes/system_health.rb b/resources/recipes/system_health.rb
@@ -10,6 +10,44 @@
   action :nothing
 end
 
+# Add manager node ip addr to /etc/hosts
+ruby_block 'update_hosts_file_if_needed' do
+  block do
+    def managerToIp(str)
+      ipv4_regex = /\A(\d{1,3}\.){3}\d{1,3}\z/
+      ipv6_regex = /\A(?:[A-Fa-f0-9]{1,4}:){7}[A-Fa-f0-9]{1,4}\z/
+      dns_regex = /\A[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+\z/
+
+      return str if str =~ ipv4_regex || str =~ ipv6_regex
+
+      if str =~ dns_regex
+        ip = `dig +short #{str}`.strip
+        return ip unless ip.empty?
+      end
+    end
+
+    unless node['redborder']['cloud']
+      # Read webui_host from the rb_init_conf.yml file
+      webui_host_command = "grep '^webui_host:' /etc/redborder/rb_init_conf.yml | awk '{print $2}'"
+      webui_host = managerToIp `#{webui_host_command}`.strip
+
+      # Search for a node matching the webui_host IP address
+      matching_node_name = search(:node, "ipaddress:#{webui_host}").first&.name
+
+      # Update /etc/hosts if a matching node is found
+      if matching_node_name
+        node_name_with_suffix = "#{matching_node_name}.node"
+        hosts_file = '/etc/hosts'
+
+        unless ::File.readlines(hosts_file).grep(/#{Regexp.escape(node_name_with_suffix)}/).any?
+          ::File.open(hosts_file, 'a') { |file| file.puts "#{webui_host} #{node_name_with_suffix}" }
+        end
+      end
+    end
+  end
+  action :run
+end
+
 # Check barnyard2 health
 ruby_block 'check_barnyard2_health' do
   block do

diff --git a/resources/templates/default/rsa.pub.erb b/resources/templates/default/rsa.pub.erb
@@ -0,0 +1 @@
+<%= @public_rsa %>