Gentoo salt bootstrap

by regna
24 deployments · 5 still active · last rev. 1 month ago

Compatible with: No distros currently supported
Includes: functions.sh
						#!/bin/bash
# <UDF name="fqdn" label="FQDN (Don't forget about PTR)">
# FQDN=
# <UDF name="salt_master" label="Salt master server">
# SALT_MASTER=

# include functions.sh
source <ssinclude StackScriptID="10248">

einfo "This is ${LINODE_LISHUSERNAME}, RAM: ${LINODE_RAM}MiB"

ebegin "Testing the network: ipv4"
ping -c 6 -f bakka.su
eend $? "Failed"
ebegin "Testing the network: ipv6"
ping6 -c 6 -f bakka.su
eend $? "Failed"

ebegin "Setting hostname to ${FQDN}"
hostname "${FQDN}"
echo "hostname=\"${FQDN}\"" > /etc/conf.d/hostname
eend $? "Failed to set hostname"

ebegin "Testing the DNS"
test "$(hostname -f)" == "${FQDN}"
eend $? "Failed, hostname -f does not match my FQDN"

ebegin "Removing the hwclock service"
rc-update del hwclock boot
service hwclock zap
eend $? "Failed"

BAKKA_CA_FAILED=0
export EMERGE="emerge -q"

ebegin "Creating basic make.conf"
cat <<EOF> /etc/portage/make.conf
CFLAGS="-march=corei7-avx -mtune=corei7-avx -O2 -pipe -mfpmath=sse -mno-fma -mno-fma4 -mno-avx2 -mno-xop"
CXXFLAGS="${CFLAGS}"
CHOST="x86_64-pc-linux-gnu"
PORTDIR="/usr/portage"
DISTDIR="/var/tmp/distfiles"
PKGDIR="/var/tmp/packages"
MAKEOPTS="-j4"
FEATURES="xattr sandbox userfetch parallel-fetch parallel-install clean-logs compress-build-logs splitdebug compressdebug fail-clean unmerge-orphans getbinpkg -news"
EMERGE_DEFAULT_OPTS="--quiet-build --verbose --keep-going"
PORT_LOGDIR="/var/log/portage"
# sed-remove GENTOO_MIRRORS="https://gentoo.bakka.su/gentoo-distfiles"
# sed-remove PORTAGE_BINHOST="https://gentoo.bakka.su/gentoo-packages/amd64/corei7-avx/packages"
PORTAGE_SSH_OPTS=""
ACCEPT_KEYWORDS="amd64"
L10N="en"

CPU_FLAGS_X86="mmx mmxext sse sse2 sse3 ssse3 sse4 sse4_1 sse4_2 avx"
USE_SALT="smp sctp xattr ssl openssl vhosts -gnutls -tcpd -doc -examples"
USE="${USE_SALT}"
EOF
eend $? "Failed to create make.conf"

ebegin "Setting locales to generate"
cat <<EOF> /etc/locale.gen
en_DK.UTF-8 UTF-8
EOF
eend $? "Failed" || exit $?
ebegin "Setting locales to preserve"
cat <<EOF> /etc/locale.nopurge
MANDELETE
SHOWFREEDSPACE
en_DK.UTF-8 UTF-8
EOF
eend $? "Failed" || exit $?

locale-gen || exit $?

eselect locale set en_DK.utf8 || exit $?

einfo "Downloading CA for the package repository"
(
    set -e
    mkdir -p /usr/local/share/ca-certificates
    wget http://bakka.su/ca/baka_bakka.crt -O /usr/local/share/ca-certificates/baka_bakka.crt
    update-ca-certificates --fresh > /dev/null
)
ret=$?
if [ $ret -ne 0 ]; then
    export BAKKA_CA_FAILED=1
    ewarn "Package repository CA download failed, not using the package repository"
fi

ebegin "Adding repos.conf/gentoo"
mkdir -p /etc/portage/repos.conf \
    && cat <<EOF> /etc/portage/repos.conf/gentoo.conf
[DEFAULT]
main-repo = gentoo

[gentoo]
location = /usr/portage
sync-type = rsync
auto-sync = false
EOF
eend $? "Failed" || exit $?

ebegin "Downloading the portage tree"
emerge-webrsync -q > /dev/null
eend $? "Failed"

ebegin "Selecting profile"
eselect profile set hardened/linux/amd64/no-multilib
eend $? "Failed" || exit $?

ebegin "Setting bootstrap flags"
mkdir -p /etc/portage/package.{accept_keywords,keywords,use,env} \
    && cat <<'EOF'>> /etc/portage/package.keywords/bootstrap
=app-admin/salt-2015.8.11 ~amd64
net-libs/zeromq:0/5 ~amd64
<dev-python/pyzmq-16 ~amd64
dev-python/cffi ~amd64
EOF
eend $? "Failed" || exit $?

ebegin "Rebuilding openssl,openssh,wget with -bindist"
FEATURES="-getbinpkg" ${EMERGE} openssl openssh wget
eend $? "Failed" || exit $?

if [ ! ${BAKKA_CA_FAILED} -eq 1 ]; then
    ebegin "Uncommenting GENTOO_MIRRORS and other vars in make.conf"
    sed -i "s|\# sed-remove||g" /etc/portage/make.conf
    eend $? "Failed" || exit $?
else
    ewarn "Package repository CA download failed, not using the package repository"
fi
ebegin "Updating portage"
${EMERGE} portage
eend $? "Failed" || exit $?

ebegin "Updating OpenRC"
${EMERGE} --backtrack=50 openrc sys-fs/udev-init-scripts procps
eend $? "Failed" || exit $?

ebegin "Updating perl"
(
    set -e
    emerge --deselect $(qlist -IC 'perl-core/*')
    emerge -uD1 $(qlist -IC 'virtual/perl-*')
    perl-cleaner -q --reallyall -- --backtrack 50
)
eend $? "perl-cleaner failed"

ebegin "Getting rid of the old news"
eselect news read > /dev/null
eend $? "Failed"
eselect news read # No news is good news

ebegin "Updating @system"
emerge --update --deep --newuse --backtrack=50 @system
eend $? "Failed to update @system"

ebegin "Updating @world"
emerge --update --deep --newuse --backtrack=50 @world
eend $? "Failed to update @world, this is fine for an old system"

ebegin "Updating @preserved-rebuild"
emerge @preserved-rebuild
eend $? "Failed to update @preserved-rebuild"

ebegin "Re-emerging eselect"
emerge -q --oneshot --getbinpkg=n app-admin/eselect
eend $? "Failed to re-emerge eselect"

ebegin "Eselecting python interpreter"
eselect python set python3.4
eend $? "Failed to eselect python interpreter"

ebegin "Updating @world again"
emerge -q --update --deep --newuse @world
eend $? "Failed to update @world, that's unusual"

ebegin "Depcleaning"
emerge -q --depclean
eend $? "Depclean failed, that's unusual"

ebegin "Emerging localepurge salt qemacs nvi openssh"
${EMERGE} app-admin/localepurge
eend $? "Failed" || exit $?

einfo "Purging extra locales"
localepurge || exit $?

ebegin "Updating gcc-config"
gcc-config 1
. /etc/profile
eend $? "Failed to update profile"

ebegin "Selecting pager"
eselect pager set /usr/bin/less
eend $? "Failed" || exit $?

ebegin "Emerging and configuring Salt"
emerge -q '=app-admin/salt-2015.8.11'
eend $? "Failed to emerge Salt"

ebegin "Bootstraping from ${SALT_MASTER}"
sed -i "s|#master: salt|master: ${SALT_MASTER}|g" /etc/salt/minion
service salt-minion start
while sleep 5; do
  salt-call state.sls salt.patch
  ret=$?; test $ret -eq 2 && continue
  break
done
salt-call state.sls salt.minion
eend $? "Bootstrap failed"

ebegin "Running highstate"
salt-call state.highstate
eend $? "State execution failed somewhere"