Gentoo salt bootstrap, no world update

by regna
6 deployments · 0 still active · last rev. 7 months ago

Compatible with: Gentoo 2014.12
Includes: functions.sh
						#!/bin/bash
# <UDF name="fqdn" label="FQDN (Don't forget about PTR)">
# FQDN=
# <UDF name="salt_master" label="Salt master server">
# SALT_MASTER=

# include functions.sh
source <ssinclude StackScriptID="10248">

einfo "This is ${LINODE_LISHUSERNAME}, RAM: ${LINODE_RAM}MiB"

ebegin "Testing the network: ipv4"
ping -c 6 -f bakka.su
eend $? "Failed"
ebegin "Testing the network: ipv6"
ping6 -c 6 -f bakka.su
eend $? "Failed"

ebegin "Setting hostname to ${FQDN}"
hostname "${FQDN}"
echo "hostname=\"${FQDN}\"" > /etc/conf.d/hostname
eend $? "Failed to set hostname"

ebegin "Testing the DNS"
test "$(hostname -f)" == "${FQDN}"
eend $? "Failed, hostname -f does not match my FQDN"

ebegin "Removing the hwclock service"
rc-update del hwclock boot
service hwclock zap
eend $? "Failed"

ebegin "Creating basic make.conf"
cat <<EOF> /etc/portage/make.conf
CFLAGS="-march=corei7-avx -mtune=corei7-avx -O2 -pipe -mfpmath=sse -mno-fma -mno-fma4 -mno-avx2 -mno-xop"
CXXFLAGS="\${CFLAGS}"
CHOST="x86_64-pc-linux-gnu"
PORTDIR="/usr/portage"
DISTDIR="/var/tmp/distfiles"
PKGDIR="/var/tmp/packages"
PORTAGE_BINHOST="http://gentoo.bakka.su/gentoo-packages/amd64/corei7-avx/packages"
GENTOO_MIRRORS="http://gentoo.bakka.su/gentoo-distfiles"
EMERGE_DEFAULT_OPTS="--verbose --quiet-build --keep-going --getbinpkg"
MAKEOPTS="-j1 --load-average 1"

CPU_FLAGS_X86="mmx mmxext sse sse2 sse3 ssse3 sse4 sse4_1 sse4_2 aes avx"

USE_SALT="smp icu sqlite sctp xattr syslog ssl openssl -gnutls -tcpd"
USE="\${USE_SALT}"
EOF
eend $? "Failed to create make.conf"

ebegin "Making some folders"
mkdir -p /var/tmp/{distfiles,packages} \
      /etc/portage/package.{keywords,use} \
      /usr/local/share/ca-certificates
eend $? "Failed to create folders"

ebegin "Downloading bakka.su CA"
wget -q "http://bakka.su/ca/baka_bakka.crt" \
      -O /usr/local/share/ca-certificates/baka_bakka.crt
eend $? "Failed"

ebegin "Updating CA certificates"
update-ca-certificates --fresh > /dev/null
eend $? "Failed"

ebegin "Downloading the portage tree"
emerge-webrsync
eend $? "Failed"

ebegin "Getting rid of the old news"
eselect news read > /dev/null
eend $? "Failed"
eselect news read # No news is good news

ebegin "Eselecting profile"
eselect profile set hardened/linux/amd64/no-multilib 
eend $? "Failed to select profile"

ebegin "Setting individual keywords and use flags"
cat <<EOF> /etc/portage/package.keywords/bootstrap
net-misc/wget ~amd64
net-libs/zeromq ~amd64
dev-python/cffi ~amd64
app-admin/salt ~amd64
EOF
cat <<EOF> /etc/portage/package.use/bootstrap
app-admin/salt openssl zeromq
EOF
eend $? "Failed"

ebegin "Emerging new wget, openssl, openssh, ca-certificates"
emerge --getbinpkg=n --newuse --noreplace '>=net-misc/wget-1.16.3' \
     '>=dev-libs/openssl-1.0.2d' app-misc/ca-certificates \
     net-misc/openssh
eend $? "Failed"

service sshd restart

ebegin "Emerging and configuring Salt"
emerge -q '=app-admin/salt-2015.8.3'
eend $? "Failed to emerge Salt"

ebegin "Bootstraping from ${SALT_MASTER}"
sed -i "s|#master: salt|master: ${SALT_MASTER}|g" /etc/salt/minion
service salt-minion start
while sleep 5; do
  salt-call state.sls salt.patch
  ret=$?; test $ret -eq 2 && continue
  break
done
salt-call state.sls salt.bootstrap 
eend $? "Bootstrap failed"

ebegin "Running highstate"
salt-call state.highstate
eend $? "State execution failed somewhere"