github.com/swiftstack/ProxyFS@v0.0.0-20210203235616-4017c267d62f/samba-dc/vagrant_provision.sh

github.com/swiftstack/ProxyFS@v0.0.0-20210203235616-4017c267d62f/samba-dc/vagrant_provision.sh (about)

     1  #!/bin/bash
     2  #
     3  # Copyright (c) 2015-2021, NVIDIA CORPORATION.
     4  # SPDX-License-Identifier: Apache-2.0
     5  #
     6  # Notes:
     7  #   1) This script assumes it is being run as root
     8  #   2) This script assumes the 1st arg is to be the hostname
     9  #   3) This script assumes the 2nd arg is to be the IP Addr exposed by DC
    10  #   4) This script assumes the 3rd arg is to be the domain & netbios name
    11  
    12  set -e
    13  set -x
    14  
    15  # Canonicalize hostname and domain
    16  
    17  hostnameLC=`echo $1 | tr A-Z a-z`
    18  hostnameUC=`echo $1 | tr a-z A-Z`
    19  
    20  domainLC=`echo $3 | tr A-Z a-z`
    21  domainUC=`echo $3 | tr a-z A-Z`
    22  
    23  # Preserve IP Addr exposed by DC
    24  
    25  ipAddr=$2
    26  
    27  # Preserve current nameserver
    28  
    29  currentNameserver=`nmcli dev show | grep DNS | awk '{print $2}'`
    30  
    31  # Set hostname and update /etc/hosts
    32  
    33  hostnamectl set-hostname $hostnameLC
    34  echo "$ipAddr $hostnameLC $hostnameLC.$domainLC.local" >> /etc/hosts
    35  
    36  # Fixup /etc/resolv.conf & prevent NetworkManager from modifying it
    37  
    38  mv /etc/resolv.conf /etc/resolv.conf_ORIGINAL
    39  
    40  cat > /etc/resolv.conf_MODIFIED <<EOF
    41  # Provisioned by Vagrant launching vagrant_provision.sh
    42  nameserver $ipAddr
    43  nameserver $currentNameserver
    44  EOF
    45  
    46  ln -s /etc/resolv.conf_MODIFIED /etc/resolv.conf
    47  
    48  # Install Development Tools
    49  
    50  yum -y --disableexcludes=all group install "Development Tools"
    51  # yum -y --setopt=group_package_types=mandatory,default,optional --disableexcludes=all groupinstall "Development Tools"
    52  
    53  yum -y install \
    54    iniparser \
    55    libldb \
    56    libtalloc \
    57    libtdb \
    58    libtevent \
    59    python-devel \
    60    gnutls-devel \
    61    libacl-devel \
    62    openldap-devel \
    63    pam-devel \
    64    readline-devel \
    65    krb5-devel \
    66    cups-devel
    67  
    68  # Install Samba
    69  
    70  cd /tmp
    71  
    72  curl -O https://download.samba.org/pub/samba/stable/samba-4.8.3.tar.gz
    73  tar -zxvf samba-4.8.3.tar.gz
    74  
    75  cd samba-4.8.3
    76  
    77  ./configure \
    78  --prefix=/usr \
    79  --localstatedir=/var \
    80  --with-configdir=/etc/samba \
    81  --libdir=/usr/lib64 \
    82  --with-modulesdir=/usr/lib64/samba \
    83  --with-pammodulesdir=/lib64/security \
    84  --with-lockdir=/var/lib/samba \
    85  --with-logfilebase=/var/log/samba \
    86  --with-piddir=/run/samba \
    87  --with-privatedir=/etc/samba \
    88  --enable-cups \
    89  --with-acl-support \
    90  --with-ads \
    91  --with-automount \
    92  --enable-fhs \
    93  --with-pam \
    94  --with-quotas \
    95  --with-shared-modules=idmap_rid,idmap_ad,idmap_hash,idmap_adex \
    96  --with-syslog \
    97  --with-utmp \
    98  --with-dnsupdate
    99  
   100  make
   101  make install
   102  
   103  cd /tmp
   104  
   105  rm -rf samba-4.8.3*
   106  
   107  # Prepare Samba Domain
   108  
   109  rm -rf /run/samba /etc/samba/smb.conf
   110  mkdir -p /run/samba /etc/samba
   111  
   112  samba-tool domain provision --domain=$domainUC --realm=$domainUC.LOCAL --host-ip=$ipAddr --adminpass=ProxyFS$
   113  samba-tool user setexpiry --noexpiry Administrator
   114  
   115  mv /etc/samba/krb5.conf /etc/krb5.conf
   116  
   117  # Adjust dns-forwarder to be currentNameserver in smb.conf
   118  
   119  mv /etc/samba/smb.conf /etc/samba/smb.conf_ORIGINAL
   120  
   121  sed "s/$ipAddr/$currentNameserver/" /etc/samba/smb.conf_ORIGINAL > /etc/samba/smb.conf
   122  
   123  # Configure systemd to manage Samba DC
   124  
   125  cat > /usr/lib/systemd/system/samba.service <<EOF
   126  [Unit]
   127  Description=Samba AD Daemon
   128  Wants=network-online.target
   129  After=network.target network-online.target rsyslog.service
   130  
   131  [Service]
   132  Type=forking
   133  PIDFile=/run/samba/samba.pid
   134  LimitNOFILE=16384
   135  ExecStart=/usr/sbin/samba --daemon
   136  ExecReload=/bin/kill -HUP $MAINPID
   137  
   138  [Install]
   139  WantedBy=multi-user.target
   140  EOF
   141  
   142  cat > /etc/tmpfiles.d/samba.conf <<EOF
   143  d /var/run/samba 0755 root root -
   144  EOF
   145  
   146  # Start-up Samba (now and each reboot)
   147  
   148  systemctl start samba
   149  systemctl enable samba
   150  
   151  # TODO: List existing zones
   152  
   153  # samba-tool dns zonelist $hostnameLC.$domainLC.local --username Administrator --password=ProxyFS$
   154  
   155  # TODO: Add an AD User (needed for other samba-tool commands)
   156  
   157  # samba-tool user create user1 ProxyFS$
   158  
   159  # TODO: List Zones
   160  
   161  # samba-tool dns zonelist $hostnameLC.$domainLC.local --username user1 --password=ProxyFS$
   162  
   163  # TODO: Add a Zone
   164  
   165  # samba-tool dns zonecreate $hostnameLC.$domainLC.local 128.28.172.in-addr-arpa --username user1 --password ProxyFS$
   166  
   167  # TODO: Add an A Record
   168  
   169  # samba-tool dns add $hostnameLC.$domainLC.local $domainLC.local machine1 A 172.28.128.21 --username user1 --password ProxyFS$
   170  
   171  # All done
   172  
   173  echo "Samba DC provisioned"