Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- FQDN=ub0.dev.local
- PASS=pass
- IPAHOST=ipa.dev.local
- IPA_IP=192.168.20.17
- DNS_SEARCH=dev.local
- ###########################################################
- ## set apt to use fastest mirror.
- ## http://askubuntu.com/questions/39922/how-do-you-select-the-fastest-mirror-from-the-command-line #39
- #mv /etc/apt/sources.list{,.dist}
- echo -e "deb mirror://mirrors.ubuntu.com/mirrors.txt precise main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt precise-updates main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt precise-backports main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt precise-security main restricted universe multiverse" >> /etc/apt/sources.list
- apt-get -y install python-software-properties
- apt-add-repository http://ppa.launchpad.net/freeipa/ppa/ubuntu
- apt-add-repository http://ppa.launchpad.net/sssd/updates/ubuntu
- apt-get update && apt-get -y upgrade
- # krb5-config asks for a default realm so supress interactive apt prompts
- DEBIAN_FRONTEND=noninteractive apt-get install -y krb5-config sssd libnss3-tools openssh-server \
- openssh-client freeipa-client nscd libpam-ldapd libpam-krb5 libpam-ccreds \
- libpam-foreground libnss-ldap nss-updatedb libnss-db nscd ldap-utils ntp
- #get hostname from FQDN
- HOSTNAME=`echo $FQDN | cut -d'.' -f1 - `
- echo "FQDN=$FQDN"
- echo "HOSTNAME=$HOSTNAME"
- #set hostname
- echo $HOSTNAME > /etc/hostname
- hostname $HOSTNAME
- #edit resolv.conf to point to IPA: X.X.X.X
- #echo "nameserver $IPA_IP" >> /etc/resolvconf/resolv.conf.d/head
- #resolvconf -u
- #IPAHOSTIP=`host -t A $IPAHOST | awk -F' ' '{print$4}'`
- #make resolv.conf that isn't stupid
- rm -f /etc/resolv.conf && echo -e "nameserver $IPA_IP\nsearch $DNS_SEARCH" > /etc/resolv.conf
- # remove any lines that start 127.0.0.1
- sed -i 's:127.0.0.1.*$::g' /etc/hosts
- # Set /etc/hostname and add FQDN to /etc/hosts
- sed -i "1i127.0.0.1\t$FQDN $HOSTNAME" /etc/hosts
- # remove default conf file or clint install script won't run
- rm /etc/ipa/default.conf
- # install script dies if this folder doesnt exist.
- mkdir /var/run/ipa
- # certutil error (SEC_ERROR_LEGACY_DATABASE) if this folder doesnt exist
- mkdir -p /etc/pki/nssdb
- # configure ntpd
- #sed -i 's/0.ubuntu.pool.ntp.org/vanipa.appnovation.com/g' /etc/ntp.conf
- # stop ntp so install script can sync time using ntpdate.
- /etc/init.d/ntp stop
- #ntpdate ipa.appno.net
- #revert reported version of ipapython so keys will upload properly (backup first tho)
- #cp /usr/share/pyshared/ipapython/version.py /usr/share/pyshared/ipapython/version.py.bak
- #sed -i "s/API_VERSION=.*/API_VERSION=u'2.49'/g" /usr/share/pyshared/ipapython/version.py
- echo "about to install client, any key to ocntinue..."
- read
- #install the client! (note: have to pre-create in web interface and add OTP of secpass)
- # or use `ipa host-add --force --password=$PASS $FQDN` on an authorised machine.
- # [TODO] wtf is candlepin? see error during install:
- # skipping plugin module ipalib.plugins.entitle: No module named rhsm.connection
- # error required https://github.com/candlepin/python-rhsm
- # candlepin module. No ubuntu package exists & it doesn't look important
- ipa-client-install -d --enable-dns-updates --hostname=$FQDN --mkhomedir --password=$PASS
- #revert thei revert to change to the ipapython version back again ([TODO] is this a good idea?)
- #rm -f /usr/share/pyshared/ipapython/version.py && mv /usr/share/pyshared/ipapython/version.py.bak /usr/share/pyshared/ipapython/version.py
- # [TODO] add additonal stuff from https://bugs.launchpad.net/bugs/1280215
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement