From 3ceb90d1ffdce6c878cb0afcdfe76a9f4cc4cc79 Mon Sep 17 00:00:00 2001 From: Jake Buchholz Date: Mon, 3 Jun 2019 21:19:59 -0700 Subject: make ec2 user configurable --- README.md | 26 +++++++++++++++++--------- tiny-ec2-bootstrap | 8 ++++++-- 2 files changed, 23 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 1e6e655..91df54c 100644 --- a/README.md +++ b/README.md @@ -9,8 +9,8 @@ and cloud platform support for small size and limited external dependencies. ## Requirements The most important feature of this bootstrapper is the very limited set of -dependencies. In-fact this works with just busybox provided the wget applet is -built-in. The only required dependencies are: +dependencies. In-fact, this works with just busybox -- provided the wget applet +is built-in. The only required dependencies are: - bash-like shell (e.g. bash, dash, ash) - wget @@ -30,15 +30,23 @@ installing packages, and many other things. This bootstrap does not support those things. Instead it supports: - setting system hostname -- install user's configured SSH keys to the alpine user's authorized_keys file -- run any script-like user data (must start with #!) -- disable root and alpine password -- resize root partition to available disk space +- installing the instance's SSH keys in the EC2 user's authorized_keys file +- running any script-like user data (must start with #!) +- disabling root and the EC2 user's password +- resizing root partition to available disk space These steps only run once. After the initial bootstrap the bootstrapper script is a no-op. To force the script to run again at boot time remove the file `/var/lib/cloud/.bootstrap-complete` and reboot the instance. +The default EC2 user is `alpine`; this can be overriden with a +`/etc/conf.d/tiny-ec2-bootstrap` containing... +``` +EC2-USER="otheruser" +``` +The EC2 user *must* already exist in the AMI -- `tiny-ec2-bootstrap` will +**NOT** add the user automatically. + ## User Data User data is provided at instance boot time and can be any arbitrary string of @@ -53,7 +61,7 @@ made at the point the script runs. ## Assumptions -- This was written for Alpine Linux and thus assumes that the login user is - called alpine. This could be configurable in the future but currently is not. +- This was written for Alpine Linux; use on other distributions has not been +tested. -- The script is run by OpenRC +- The script is run by OpenRC. diff --git a/tiny-ec2-bootstrap b/tiny-ec2-bootstrap index c03fcd3..83aeba7 100644 --- a/tiny-ec2-bootstrap +++ b/tiny-ec2-bootstrap @@ -64,13 +64,17 @@ start() { # Don't bootstrap if the host has already been bootstrapped [ -f "/var/lib/cloud/.bootstrap-complete" ] && return 0 + # load configuration, set defaults + [ -f "/etc/conf.d/tiny-ec2-bootstrap" ] && . /etc/conf.d/tiny-ec2-bootstrap + EC2_USER=${EC2_USER:-alpine} + [ -d "/var/lib/cloud" ] || mkdir -p /var/lib/cloud ebegin "Disabling root password"; _disable_password root; eend $? - ebegin "Disabling alpine password"; _disable_password alpine; eend $? + ebegin "Disabling $EC2_USER password"; _disable_password "$EC2_USER"; eend $? ebegin "Resizing root partition"; _resize_root_partition; eend $? ebegin "Setting ec2 hostname"; _update_hostname; eend $? - ebegin "Setting ec2 user ssh keys"; _set_ssh_keys "alpine"; eend $? + ebegin "Setting ec2 user ssh keys"; _set_ssh_keys "$EC2_USER"; eend $? ebegin "Running ec2 user data script"; _run_userdata; eend $? touch "/var/lib/cloud/.bootstrap-complete" -- cgit v1.2.3