VA/va-netbox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
va-netbox/appliance/02firstboot.start
Joerg Deckert 92650a89cf first release
2025-03-05 12:29:24 +01:00

81 lines
3.0 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
# variables
LABEL="DATA"
HOST="netbox"
TLD="example.com"
ORGNAME="Netbox example"
DATABASE_PASS=$(head -c 300 /dev/urandom | tr -cd 'a-zA-Z0-9' | head -c 16)
# start
set -e
PGVER=$(eselect postgresql show)
[ -e /01firstboot ] && exit 0
[ -e /02firstboot ] || exit 0
# Database
systemctl stop postgresql-$PGVER
if [ ! -d "/$LABEL/var/lib/postgresql" ]; then
echo 'Create database directory...'
mkdir -p "/$LABEL/var/lib"
rm -rf "/$LABEL/var/lib/postgresql.orig"
cp -a "/var/lib/postgresql" "/$LABEL/var/lib/postgresql.orig"
mv "/var/lib/postgresql" "/$LABEL/var/lib/postgresql"
ln -s "/$LABEL/var/lib/postgresql" "/var/lib/postgresql"
else
echo 'start PostgreSQL DB...'
if [ ! -L /var/lib/postgresql ]; then
rm -rf "/$LABEL/var/lib/postgresql.orig"
mv "/var/lib/postgresql" "/$LABEL/var/lib/postgresql.orig"
ln -s "/$LABEL/var/lib/postgresql" "/var/lib/postgresql"
fi
fi
systemctl start postgresql-$PGVER
# Certificate
if [ ! -f "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" ]; then
echo 'Create certificates...'
mkdir -p "/$LABEL/CERTS/KEYS/"
mkdir -p "/$LABEL/CERTS/$HOST.$TLD"
echo "FQDN = $HOST.$TLD" > "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
echo "ORGNAME = $ORGNAME" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
echo "ALTNAMES = DNS:$HOST.$TLD , DNS:$TLD" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
echo -e "\n[ req ]\ndefault_bits = 4096\ndefault_md = sha256\nprompt = no\nencrypt_key = no\ndistinguished_name = dn\nreq_extensions = req_ext\ndefault_keyfile = ../KEYS/\$FQDN-key.pem\n" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
echo -e "\n[ dn ]\nC = DE\nO = \$ORGNAME\nCN = \$FQDN\n" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
echo -e "\n[ req_ext ]\nsubjectAltName = \$ALTNAMES" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
openssl req -x509 -new -config "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf" -out "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" -keyout "/$LABEL/CERTS/KEYS/$HOST.$TLD-key.pem"
cp "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-fullchain.pem"
touch "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-chain.pem"
fi
rm -rf /etc/ssl/nginx
mkdir -p /etc/ssl
ln -sf "/$LABEL/etc/ssl/nginx" "/etc/ssl/nginx"
/etc/ssl/cert-renew.sh
# Netbox configuration
if [ -f "/$LABEL/etc/netbox/configuration.py" ]; then
ln -sf "/$LABEL/etc/netbox/configuration.py" "/etc/netbox/configuration.py"
fi
emerge --config www-apps/netbox
if [ ! -f "/$LABEL/etc/netbox/configuration.py" ]; then
mkdir -p "/$LABEL/etc/netbox"
mv "/etc/netbox/configuration.py" "/$LABEL/etc/netbox/configuration.py"
ln -sf "/$LABEL/etc/netbox/configuration.py" "/etc/netbox/configuration.py"
fi
# Service enabling
systemctl enable postgresql-$PGVER
systemctl enable redis.service
systemctl enable netbox.service
systemctl enable netbox-rq.service
systemctl enable netbox-housekeeping.timer
systemctl enable nginx.service
systemctl restart redis.service
systemctl restart netbox.service netbox-rq.service
systemctl restart nginx.service
rm /02firstboot
Reference in New Issue View Git Blame Copy Permalink