blob: 0c9b9155469132c3c031d696331516f22e0c218d (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
#!/usr/bin/env bash
set -eu
set -o pipefail
host="${1:-partofme}"
conf_location="/usr/local/share/puppet-tozt"
conf_repo="git://github.com/doy/puppet-tozt"
ssh_opts="-o ControlMaster=auto -o ControlPath=~/.ssh/puppet-tozt-%r-%h-%p -o ControlPersist=5"
run() {
# shellcheck disable=SC2086,SC2029
ssh $ssh_opts root@"$host" "$@"
}
copy() {
# shellcheck disable=SC2086,SC2029
scp -r $ssh_opts "$1" root@"$host":"$2"
}
# ensure we have the latest linux version, and that we're actually running that
# kernel, otherwise wireguard will fail to build and install the correct kernel
# modules
run "pacman -Syu --noconfirm"
run "reboot"
while ! run true; do
sleep 5
done
run "pacman -S --noconfirm git puppet ruby-shadow"
run "mkdir -p '$conf_location'"
run "cd '$conf_location' && git clone '$conf_repo' ."
run "cd '$conf_location' && git submodule update --init --recursive"
copy /mnt/puppet/partofme/ /usr/local/share/puppet-tozt/modules/secret/files
run "cd '$conf_location' && puppet apply --modulepath=./modules manifests"
echo "Done"
|
