commit e2ac9a1472beed9fcab19695a99794ac4c738d38 Author: Paolo Dongilli Date: Sun May 19 04:27:11 2019 +0200 Initial Commit diff --git a/CartellaPerClient-Via-Clonezilla.ssh/id_rsa b/CartellaPerClient-Via-Clonezilla.ssh/id_rsa new file mode 100644 index 0000000..f0d8dd0 --- /dev/null +++ b/CartellaPerClient-Via-Clonezilla.ssh/id_rsa @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAxUgKLKJTcAakRIcHqbh4XbpdKSv+OPzVwBi0/hZ1Sa9tjaND +gmyIzqTzaeRjIfGCSPqNePutvG/shcAcLG+fX+50Mqm8xLn9gMRf7ty/ojWSaTDn +tdxapcHMQ6vNu5CxRrLOLgtSN8molM+XPsjzuMbX7qOmOoLulpQwqKRnarYiZKcQ +lzyKSjrzdmm9g6FKvWnBlgc/3QP2r3jxs2D+beE9QooXbGmyiyG+1DEus1U2/vUA +xLrF/xsZ7cCSUTWMm3zubSTyKCW0bUn33I1KnUlh7QTvHxWiVjCVUVGqOY2O8KOE +rf4pDDOm75e0xlnlCoeoLKu3nPfZXS9gKWcpFwIDAQABAoIBAA2JePFBHjqUqhbt +sQ/rUY8U56mYlDQy3TP2Pg0lW1z4BatvZYWAjw6m8PD2M/szSD5buvNvSaehgnhX +C1fdPPFnOl/zl7lkDcoVL4QDb77gsDA5o9ytxyaSmsKV+mMBdbilMlKkgjrDwqab +bARp45dtRYnhftmK/HYmqwQXa+U9hUfKMbLjumQksbpHBOd14CSCeMYsXWO6Y1Fq +3bAUn5gG6hmehKFIdQCYRZ/15jG/Ci+XfmIW2LC3x+AUEmPii1k+vr6AyUkDDunD +3heWlxrFj2TB/YTFysGBscsY/8fFWyE7T5vzVsmrWlpnW86foixliNQyKwOs6SSz +IxQ3K6ECgYEA8ef0JSXCFwcHit7APSDyh6fzsOBwvH03Dlvs+AjRcRE4V2VFSQsu +Ecv577ePmfz3WVgQe8zVCTLsX68rUeoIPnpfW24rqHPltPbU6ODzcOLuZJ1t+9cl +/2q/1jlY82vEy96+Nae1RI45z5JHnpCSZ95Flku6r9wBsfbssNcMgIcCgYEA0MaB +iUvwcY/gXBH0k+JTPwxuiObvg8R1sWctEn1JRB30UZixlETSTAlfW2xbGL7zBJxh +IjlZpzCwQl1Tlpe9Qoc8qCidMTyvH5RbOMxQFz7JTea1Y/Pk9gQQaL9ZJ7Pugphj +hkkeqvBG6z7uKRxdY43Y6cK2qxX1I7issfopBvECgYBf1T9wc/vnOX6wcjyAOww5 +17x/5vpigcyM4LgJLx0iCOtkHBeNr2Mp47/5SqQWIhQvjebB1MzU3xqrcW7c/bUU +Y1BhnUyoaHmo7lw8gdmPcCd3LrMCoSJJhJXJHWDy1k/ZYD3EbdMu/JVEeTPsSmPl +yDWTLB8iSitVwHfWOuuWAwKBgDbyB2V69uzsUL/qedPx3LbbLrwZCzBCpDbsUJBt +KLskpwhSh2neMvqP/Oiyu8bnek3cWjQHo/C8f6b3qOgZR1YbAXvANJ6gufY1tUxd +eTak75XxAgwsRDX7G9Z1haFNWZhFQuw0kj2qvv9qsINhU7K/wjbDaA/e14VvNQQi +MmoBAoGAOER5lSRUoDpRctB5zgWkug92MdPLbL52R2X+JI1pJ6nHNOTXtaHeNhPn +zTraPMBj2i9Ivic9fP2yCYFNuZydGymbeq6w6m5/qv33WZTLXFPADxVV9Zj1VdnC +BUm7u+3SNXSRRHQEZHMzJKlBzk0xKEZ5V8XAJcf3kOhzBOZsmiE= +-----END RSA PRIVATE KEY----- diff --git a/CartellaPerClient-Via-Clonezilla.ssh/id_rsa.pub b/CartellaPerClient-Via-Clonezilla.ssh/id_rsa.pub new file mode 100644 index 0000000..5b002a0 --- /dev/null +++ b/CartellaPerClient-Via-Clonezilla.ssh/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFSAosolNwBqREhwepuHhdul0pK/44/NXAGLT+FnVJr22No0OCbIjOpPNp5GMh8YJI+o14+628b+yFwBwsb59f7nQyqbzEuf2AxF/u3L+iNZJpMOe13FqlwcxDq827kLFGss4uC1I3yaiUz5c+yPO4xtfuo6Y6gu6WlDCopGdqtiJkpxCXPIpKOvN2ab2DoUq9acGWBz/dA/avePGzYP5t4T1CihdsabKLIb7UMS6zVTb+9QDEusX/GxntwJJRNYybfO5tJPIoJbRtSffcjUqdSWHtBO8fFaJWMJVRUao5jY7wo4St/ikMM6bvl7TGWeUKh6gsq7ec99ldL2ApZykX root@g450ddd diff --git a/ListaPc.txt b/ListaPc.txt new file mode 100644 index 0000000..5303a47 --- /dev/null +++ b/ListaPc.txt @@ -0,0 +1,7 @@ +alfredo 83:dd:1d:37:40:d6 devuan-img +zorro 08:00:27:ab:5a:a2 fuss9-64bit-sept-2018-grubSec-img join +bubba 83:dd:1d:37:40:d4 devuan-img +mirco 83:d2:1d:37:40:d4 devuan-img +pippo 83:dd:1d:37:40:e4 devuan-img +tozzi e3:e7:49:44:f7:11 ProBook-Modello-2019-img +g450-ugly e4:e7:49:44:f7:11 G450-Prova-img join diff --git a/authorized_keys-da-APPENDARE-a-root-del-Fuss-Server b/authorized_keys-da-APPENDARE-a-root-del-Fuss-Server new file mode 100644 index 0000000..78d4798 --- /dev/null +++ b/authorized_keys-da-APPENDARE-a-root-del-Fuss-Server @@ -0,0 +1 @@ +command="if [[ \"$SSH_ORIGINAL_COMMAND\" =~ ^scp[[:space:]]-f ]] || [[ \"$SSH_ORIGINAL_COMMAND\" =~ ^add_client_principal ]] || [[ \"$SSH_ORIGINAL_COMMAND\" =~ rm[[:space:]]/root/ ]]; then $SSH_ORIGINAL_COMMAND; else echo \"Access Denied $SSH_ORIGINAL_COMMAND\"; fi" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDFSAosolNwBqREhwepuHhdul0pK/44/NXAGLT+FnVJr22No0OCbIjOpPNp5GMh8YJI+o14+628b+yFwBwsb59f7nQyqbzEuf2AxF/u3L+iNZJpMOe13FqlwcxDq827kLFGss4uC1I3yaiUz5c+yPO4xtfuo6Y6gu6WlDCopGdqtiJkpxCXPIpKOvN2ab2DoUq9acGWBz/dA/avePGzYP5t4T1CihdsabKLIb7UMS6zVTb+9QDEusX/GxntwJJRNYybfO5tJPIoJbRtSffcjUqdSWHtBO8fFaJWMJVRUao5jY7wo4St/ikMM6bvl7TGWeUKh6gsq7ec99ldL2ApZykX root@g450ddd diff --git a/clientScripts/clientScript b/clientScripts/clientScript new file mode 100644 index 0000000..d185934 --- /dev/null +++ b/clientScripts/clientScript @@ -0,0 +1,25 @@ +#!/bin/bash + +myNic="$(ls /sys/class/net/ -1 | grep -v lo | grep -v wlan)" + +if [ -e /root/reboot ];then + rm /root/reboot + touch /root/join + shutdown -r now +fi + +if [ -e /root/join ];then + dhclient $myNic + screen -d -m -S XY + screen -S XY -X stuff "fuss-client -av && rm /root/join ; reboot\n" +else + rm /etc/rc.local + rm /root/clientScript + rm -fr /root/.ssh + +fi + + + + + diff --git a/clientScripts/rc.local b/clientScripts/rc.local new file mode 100644 index 0000000..8df1342 --- /dev/null +++ b/clientScripts/rc.local @@ -0,0 +1,3 @@ +#!/bin/bash -e +su -c /root/clientScript root || exit 1 +exit 0 diff --git a/default b/default new file mode 100644 index 0000000..998e81f --- /dev/null +++ b/default @@ -0,0 +1,16 @@ +# BEGIN ANSIBLE MANAGED (default) +DEFAULT menu.c32 +# END ANSIBLE MANAGED (default) +# BEGIN ANSIBLE MANAGED (clonezilla) +timeout 300 +label Clonezilla-unattended +MENU LABEL Clonezilla Automatico (Ramdisk) +KERNEL clonezilla/live/vmlinuz +APPEND initrd=clonezilla/live/initrd.img boot=live username=clonezilla union=overlay config components quiet noswap edd=on nomodeset nodmraid locales= keyboard-layouts=NONE ocs_live_batch=no net.ifnames=0 nosplash noprompt keyboard-layouts=it locales=it_IT.UTF-8 ocs_prerun1="sshfs clonezilla@proxy:/srv/clonezilla /home/partimag" ocs_prerun2="screen -S XY '/home/partimag/script' " fetch=tftp://proxy/clonezilla/live/filesystem.squashfs +# END ANSIBLE MANAGED (clonezilla) + +label Clonezilla-Manuale +MENU LABEL Clonezilla Manuale (Ramdisk) +KERNEL clonezilla/live/vmlinuz +APPEND initrd=clonezilla/live/initrd.img boot=live username=clonezilla union=overlay config components quiet noswap edd=on nomodeset nodmraid locales= keyboard-layouts=NONE ocs_live_run="ocs-live-general" ocs_live_extra_param="" ocs_live_batch=no net.ifnames=0 nosplash noprompt keyboard-layouts=it locales=it_IT.UTF-8 ocs_repository="ssh://clonezilla@proxy/srv/clonezilla" fetch=tftp://proxy/clonezilla/live/filesystem.squashfs +# END ANSIBLE MANAGED (clonezilla) diff --git a/installazioneAutomatizzata.sh b/installazioneAutomatizzata.sh new file mode 100644 index 0000000..1b89d3b --- /dev/null +++ b/installazioneAutomatizzata.sh @@ -0,0 +1,51 @@ +#!/bin/bash + +DATUM="$(date +%d-%b-%Y-ore-%H-%M)" + + +if [ -e /root/.ssh/authorized_keys ];then + cp /root/.ssh/authorized_keys /root/.ssh/authorized_keys.BKP-$DATUM +fi + +grep root@g450ddd /root/.ssh/authorized_keys >/dev/null + +if [ $? -eq 0 ]; then + echo "authorized keys already there" +else + cat authorized_keys-da-APPENDARE-a-root-del-Fuss-Server >> /root/.ssh/authorized_keys +fi + +cp -r CartellaPerClient-Via-Clonezilla.ssh /srv/clonezilla/.ssh + +chown -R clonezilla. /srv/clonezilla/.ssh + +chmod 400 /srv/clonezilla/.ssh/id_rsa* + +cp -r clientScripts /srv/clonezilla + +chmod -R 770 /srv/clonezilla/clientScripts + + +if [ -e /srv/tftp/pxelinux.cfg/default ];then + mv /srv/tftp/pxelinux.cfg/default /srv/tftp/pxelinux.cfg/default.BKP-$DATUM +fi + +cp default /srv/tftp/pxelinux.cfg + +if [ -e /srv/clonezilla/ListaPc.txt ];then + mv /srv/clonezilla/ListaPc.txt /srv/clonezilla/ListaPc.txt.BKP-$DATUM +fi + +cp ListaPc.txt /srv/clonezilla + +if [ -e /srv/clonezilla/script ];then + mv /srv/clonezilla/script /srv/clonezilla/script.BKP-$DATUM +fi + +cp script /srv/clonezilla + +chmod 770 /srv/clonezilla/script + +chown -R clonezilla. /srv/clonezilla/* + +exit 0 diff --git a/script b/script new file mode 100644 index 0000000..f7c1432 --- /dev/null +++ b/script @@ -0,0 +1,96 @@ +#!/bin/bash +# +# Script for automated cloning and renaming of Fuss 9 client computers +# using mac-address as unique identifier. +# Donato Florio 11 April 2019 +# +# Last modified 02 May 2019 --> added modification to support cloning on nvme* devices (HP G450) +# Last modified 07 May 2019 --> added various stuff for experimental autojoin +# +# PRT 1 --------------------------- + + +# La funzione getNetStuff serve per recuperare il nome della NIC in uso sul sistema attuale. +getNetStuff(){ + if [ $1 -eq 1 ];then + ls /sys/class/net/ -1 | grep -v lo | grep -v wlan + else + cat /sys/class/net/$(getNetStuff 1)/address + fi +} + +getDisk(){ + diskCount="$(ls /sys/block -1 | grep -Ev '(loop|sr|dvd|cd)' | wc -l)" + + if [ $diskCount -gt 1 ];then + echo "ATTENZIONE! Questo computer sembra provvisto di più di un disco!" + echo "" + echo "La procedura automatica non prevede l'installazione su sistemi" + echo "multidisco. Contattare il tecnico informatico." + echo "" + echo "Per sicurezza il computer verrà spento tra 10 secondi." + sleep 10 + shutdown -h now + else + diskVar="$(ls /sys/block -1 | grep -Ev '(loop|sr|dvd|cd)')" + fi + + # SSD portatili HP g450 + if [ $diskVar == "nvme0n1" ];then + rootPartition="p$rootPartition" + fi + # FINE g450 +} + +rootPartition=2 +getDisk +rootDisk="/dev/$diskVar" +mountPoint="/mnt" +computerList="/home/partimag/ListaPc.txt" +macAddress=$(getNetStuff 2) +imageName=$(cat $computerList | grep "$macAddress" | awk '{print $3}') + +ocs-sr -b -g auto -e1 auto -e2 -r -j2 -scr -p true restoredisk $imageName $diskVar + +# # PRT 2 --------------------------- +mount $rootDisk$rootPartition $mountPoint + +currentName="$(cat $mountPoint/etc/hostname)" +newName="$(grep "$macAddress" $computerList | awk '{print $1}')" + +echo "SETTING HOSTNAME" + +for i in hostname hosts mailname + +do + if [ -e $mountPoint/etc/$i ]; then + sed -ie "s/$currentName/$newName/g" $mountPoint/etc/$i + else + echo "The file $i is not present on this system" + fi +done + + + +# ### Here I insert the part for the joining preparation of the machine + +# Veriy whether the machine has to be joined to the domain or not. +# If so the .ssh keys are needed and also a script ..... + +joinVar="$(cat $computerList | grep "$macAddress" | awk '{print $4}')" + +if [ "$joinVar" == "join" ];then + rsync -a /home/partimag/.ssh/ /mnt/root/.ssh/ + cp /root/.ssh/known_hosts /mnt/root/.ssh/known_hosts + cp /home/partimag/clientScripts/rc.local /mnt/etc/ + chmod 770 /mnt/etc/rc.local + cp /home/partimag/clientScripts/clientScript /mnt/root/ + chmod 770 /mnt/root/clientScript + touch /mnt/root/reboot +fi +# ### END of the preparation stuff + + +reboot + +