AWS: Newer better workstation user-data

1. #!/bin/bash
2.  
3.  
4. # Please, update this variables with the relevant information
5.  
6. R53_ZONE=<The zone id for your domain, like Z2O1E40J43Y93G>
7. EMAIL=<Your email>
8. PASS_PREFIX=<Some very secret prefix for generating passwords>
9.  
10. # Getting the instance name tag
11.  
12. TAG_NAME="Name"
13. INSTANCE_ID="`wget -qO- http://instance-data/latest/meta-data/instance-id`"
14. REGION="`wget -qO- http://instance-data/latest/meta-data/placement/availability-zone | sed -e 's:\([0-9][0-9]*\)[a-z]*\$:\\1:'`"
15. WORKSTATION_NAME="`aws ec2 describe-tags --filters "Name=resource-id,Values=$INSTANCE_ID" "Name=key,Values=$TAG_NAME" --region $REGION --output=text | cut -f5`"
16.  
17. # Updating the system
18.  
19. apt update
20. apt upgrade -y
21. snap install core; snap refresh core
22.  
23. # Configuring skel for tmux
24.  
25. wget -P /etc/skel https://gist.githubusercontent.com/ciberado/601b0fad4d3eea3a086124aa68942830/raw/8154c6dfc5429aa7c0bf077fa36c8f259526a366/.tmux.conf
26. wget -P /etc/skel https://gist.githubusercontent.com/ciberado/601b0fad4d3eea3a086124aa68942830/raw/8154c6dfc5429aa7c0bf077fa36c8f259526a366/.tmux.conf.local
27.  
28. cat << EOF >> /etc/skel/.tmux.conf
29. set -g status-interval 1
30. set -g status-right '%H:%M:%S'
31. EOF
32.  
33. # Creating users
34.  
35. groupadd students
36. for i in $(seq 1 10); do
37. userdel student${i}
38. rm -fr /home/student${i}
39. useradd -g students -s /bin/bash -m student${i}
40. usermod -aG student${i}
41. echo "student${i}:${PASS_PREFIX}1234"|chpasswd
42. done
43.  
44. # Updating R53 with the name of the workstation
45.  
46. PUBLIC_IP=$(curl http://169.254.169.254/latest/meta-data/public-ipv4)
47. DOMAIN=aprender.cloud
48.  
49. cat << EOF > dns.json
50. {
51. "Changes":[
52. {
53. "Action":"CREATE",
54. "ResourceRecordSet":{
55. "Name":"$WORKSTATION_NAME.$DOMAIN",
56. "Type":"A",
57. "TTL":300,
58. "ResourceRecords":[
59. {
60. "Value":"$PUBLIC_IP"
61. }
62. ]
63. }
64. }
65. ]
66. }
67. EOF
68.  
69. apt install awscli -y
70. aws route53 change-resource-record-sets \
71. --hosted-zone-id $R53_ZONE \
72. --change-batch file://dns.json
73.  
74. sleep 30
75.  
76. # Generating TLS certificates, thanks to Letsencrypt
77.  
78. snap install --classic certbot
79. ln -s /snap/bin/certbot /usr/bin/certbot
80.  
81. certbot certonly -n --standalone --agree-tos --email $EMAIL -d $WORKSTATION_NAME.aprender.cloud
82.  
83. # Installing ttyd
84.  
85. CERT_PATH=/etc/letsencrypt/live/$WORKSTATION_NAME.$DOMAIN/
86.  
87. wget https://github.com/tsl0922/ttyd/releases/download/1.6.3/ttyd.x86_64
88. mv ttyd.x86_64 /usr/local/bin/ttyd
89. chmod +x /usr/local/bin/ttyd
90.  
91. # ttyd -p 443 --ssl --ssl-cert $CERT_PATH/fullchain.pem --ssl-key $CERT_PATH/privkey.pem --ssl-ca $CERT_PATH/chain.pem bash
92.  
93.  
94. cat << EOF > /etc/systemd/system/ttyd.service
95. [Unit]
96. Description=TTYD
97. After=syslog.target
98. After=network.target
99.  
100. [Service]
101. ExecStart=/usr/local/bin/ttyd -p 443 --ssl --ssl-cert $CERT_PATH/fullchain.pem --ssl-key $CERT_PATH/privkey.pem --ssl-ca $CERT_PATH/chain.pem login
102. Type=simple
103. Restart=always
104. User=root
105. Group=root
106.  
107. [Install]
108. WantedBy=multi-user.target
109. EOF
110.  
111. service ttyd start
112.  
113.