50 lines
1.7 KiB
Bash
Executable File
50 lines
1.7 KiB
Bash
Executable File
#!/usr/bin/bash
|
|
# This script will print a message in the serial console
|
|
# if no ssh keys were added by Ignition/Afterburn.
|
|
main() {
|
|
# Change the output color to yellow
|
|
warn='\033[0;33m'
|
|
# No color
|
|
nc='\033[0m'
|
|
|
|
# See https://github.com/coreos/ignition/pull/964 for the MESSAGE_ID
|
|
# source. It will track the authorized-ssh-keys entries in journald
|
|
# provided via Ignition. Limit journal output to the most recent boot
|
|
# so we don't get output from re-used /var/ partitions.
|
|
ignitionusers=$(
|
|
journalctl -b 0 -o json-pretty MESSAGE_ID=225067b87bbd4a0cb6ab151f82fa364b | \
|
|
jq -r '.MESSAGE' | \
|
|
xargs -I{} echo "Ignition: {}")
|
|
|
|
# See https://github.com/coreos/afterburn/pull/397 for the MESSAGE_ID
|
|
# source. It will track the authorized-ssh-keys entries in journald
|
|
# provided via Afterburn.Limit journal output to the most recent boot
|
|
# so we don't get output from re-used /var/ partitions.
|
|
|
|
afterburnusers=$(
|
|
journalctl -b 0 -o json-pretty MESSAGE_ID=0f7d7a502f2d433caa1323440a6b4190 | \
|
|
jq -r '.MESSAGE' | \
|
|
xargs -I{} echo "Afterburn: {}")
|
|
|
|
output=''
|
|
if [ -n "$ignitionusers" ]; then
|
|
output+="$ignitionusers"
|
|
fi
|
|
if [ -n "$afterburnusers" ]; then
|
|
# add newline if needed
|
|
if [ -n "$output" ]; then
|
|
output+=$'\n'
|
|
fi
|
|
output+="$afterburnusers"
|
|
fi
|
|
|
|
if [ -n "$output" ]; then
|
|
echo "$output" > /etc/issue.d/30_ssh_authorized_keys.issue
|
|
else
|
|
echo -e "${warn}No SSH authorized keys provided by Ignition or Afterburn${nc}" \
|
|
> /etc/issue.d/30_ssh_authorized_keys.issue
|
|
fi
|
|
}
|
|
|
|
main
|