|
|
|
|
@ -12,28 +12,41 @@ SSHD_CONFIG="/etc/ssh/sshd_config"
|
|
|
|
|
USER_HOME=$(getent passwd "$(whoami)" | cut -d: -f6)
|
|
|
|
|
KUBECONFIG_PATH="$USER_HOME/.kube/config"
|
|
|
|
|
|
|
|
|
|
# --- ANSI Color Definitions (Portable across BusyBox) ---
|
|
|
|
|
# Use %b in printf to interpret these backslash escapes
|
|
|
|
|
RED='\033[31m'
|
|
|
|
|
GREEN='\033[32m'
|
|
|
|
|
YELLOW='\033[33m'
|
|
|
|
|
BLUE='\033[34m'
|
|
|
|
|
MAGENTA='\033[35m'
|
|
|
|
|
CYAN='\033[36m'
|
|
|
|
|
BOLD='\033[1m'
|
|
|
|
|
BG_BLUE='\033[44;1m'
|
|
|
|
|
NC='\033[0m' # No Color
|
|
|
|
|
|
|
|
|
|
# --- Utility Functions ---
|
|
|
|
|
|
|
|
|
|
# Function to display system status indicators
|
|
|
|
|
show_status() {
|
|
|
|
|
printf "\n"
|
|
|
|
|
printf "\033[44;1m--- K3OS Node Status ---\033[0m\n"
|
|
|
|
|
printf '\n'
|
|
|
|
|
printf '%b\n' "${BG_BLUE}--- K3OS Node Status ---${NC}"
|
|
|
|
|
|
|
|
|
|
# 1. Hostname
|
|
|
|
|
CURRENT_HOSTNAME=$(hostname)
|
|
|
|
|
|
|
|
|
|
# 2. SSHD Password Auth Status (Requires reading a root-owned file, so we use sudo or check existence)
|
|
|
|
|
SSHD_STATUS="\033[31mError (Need Sudo)\033[0m"
|
|
|
|
|
if [ -f "$SSHD_CONFIG" ] && grep -q '^PasswordAuthentication yes' "$SSHD_CONFIG" 2>/dev/null; then
|
|
|
|
|
SSHD_STATUS="\033[32mEnabled\033[0m"
|
|
|
|
|
elif [ -f "$SSHD_CONFIG" ]; then
|
|
|
|
|
SSHD_STATUS="\033[33mDisabled\033[0m"
|
|
|
|
|
# 2. SSHD Password Auth Status
|
|
|
|
|
SSHD_STATUS="${RED}Error (Need Sudo)${NC}"
|
|
|
|
|
if sudo test -f "$SSHD_CONFIG"; then
|
|
|
|
|
if sudo grep -q '^PasswordAuthentication yes' "$SSHD_CONFIG"; then
|
|
|
|
|
SSHD_STATUS="${GREEN}Enabled${NC}"
|
|
|
|
|
else
|
|
|
|
|
SSHD_STATUS="${YELLOW}Disabled${NC}"
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# 3. Static IP Configuration Check (from Connman config)
|
|
|
|
|
STATIC_IP=""
|
|
|
|
|
CONFIG_IFACE=""
|
|
|
|
|
# Use 'sudo cat' to read the root-owned config file
|
|
|
|
|
if sudo test -f "$CONNMAN_CONFIG"; then
|
|
|
|
|
CONNMAN_CONTENT=$(sudo cat "$CONNMAN_CONFIG" 2>/dev/null)
|
|
|
|
|
CONFIG_IFACE=$(echo "$CONNMAN_CONTENT" | grep '^\[service_' | head -n 1 | sed -e 's/^\[service_\(.*\)\].*$/\1/' | tr -d '[]')
|
|
|
|
|
@ -41,51 +54,51 @@ show_status() {
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# 4. Current/Active IP and DHCP status - Use the default route interface
|
|
|
|
|
ACTIVE_IFACE=$(ip route get 1.1.1.1 | grep -o 'dev [^ ]*' | awk '{print $2}' | head -n 1)
|
|
|
|
|
ACTIVE_IFACE=$(ip route get 1.1.1.1 2>/dev/null | grep -o 'dev [^ ]*' | awk '{print $2}' | head -n 1)
|
|
|
|
|
if [ -z "$ACTIVE_IFACE" ]; then
|
|
|
|
|
ACTIVE_IFACE="eth0"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
CURRENT_IP=$(ip addr show "$ACTIVE_IFACE" 2>/dev/null | grep 'inet ' | awk '{print $2}' | cut -d/ -f1 | head -n 1)
|
|
|
|
|
|
|
|
|
|
DHCP_STATUS="\033[31mN/A\033[0m"
|
|
|
|
|
IP_ADDRESS_STATUS="\033[31mNo Active Link\033[0m"
|
|
|
|
|
DHCP_STATUS="${RED}N/A${NC}"
|
|
|
|
|
IP_ADDRESS_STATUS="${RED}No Active Link${NC}"
|
|
|
|
|
|
|
|
|
|
if [ -n "$CURRENT_IP" ]; then
|
|
|
|
|
IP_ADDRESS_STATUS="$CURRENT_IP (\033[36m$ACTIVE_IFACE\033[0m)"
|
|
|
|
|
IP_ADDRESS_STATUS="$CURRENT_IP (${CYAN}$ACTIVE_IFACE${NC})"
|
|
|
|
|
if [ -n "$STATIC_IP" ] && [ "$STATIC_IP" = "$CURRENT_IP" ]; then
|
|
|
|
|
DHCP_STATUS="\033[33mNo\033[0m (\033[36mStatic Configured\033[0m: $CONFIG_IFACE)"
|
|
|
|
|
DHCP_STATUS="${YELLOW}No${NC} (${CYAN}Static Configured${NC}: $CONFIG_IFACE)"
|
|
|
|
|
else
|
|
|
|
|
DHCP_STATUS="\033[32mYes\033[0m (or Link-Local)"
|
|
|
|
|
DHCP_STATUS="${GREEN}Yes${NC} (or Link-Local)"
|
|
|
|
|
fi
|
|
|
|
|
elif [ -n "$STATIC_IP" ]; then
|
|
|
|
|
IP_ADDRESS_STATUS="\033[33mStatic Configured\033[0m: $STATIC_IP (Inactive)"
|
|
|
|
|
DHCP_STATUS="\033[33mNo\033[0m (Check Link)"
|
|
|
|
|
IP_ADDRESS_STATUS="${YELLOW}Static Configured${NC}: $STATIC_IP (Inactive)"
|
|
|
|
|
DHCP_STATUS="${YELLOW}No${NC} (Check Link)"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Display results using printf for aligned columns
|
|
|
|
|
printf "\033[1m%-30s\033[0m: %s\n" "Hostname" "$CURRENT_HOSTNAME"
|
|
|
|
|
printf "\033[1m%-30s\033[0m: %s\n" "Active IP Address (Interface)" "$IP_ADDRESS_STATUS"
|
|
|
|
|
printf "\033[1m%-30s\033[0m: %s\n" "DHCP Assigned" "$DHCP_STATUS"
|
|
|
|
|
printf "\033[1m%-30s\033[0m: %s\n" "SSHD Password Authentication" "$SSHD_STATUS"
|
|
|
|
|
printf "\n"
|
|
|
|
|
printf '%b%-30s%b: %s\n' "$BOLD" "Hostname" "$NC" "$CURRENT_HOSTNAME"
|
|
|
|
|
printf '%b%-30s%b: %s\n' "$BOLD" "Active IP Address (Interface)" "$NC" "$IP_ADDRESS_STATUS"
|
|
|
|
|
printf '%b%-30s%b: %s\n' "$BOLD" "DHCP Assigned" "$NC" "$DHCP_STATUS"
|
|
|
|
|
printf '%b%-30s%b: %s\n' "$BOLD" "SSHD Password Authentication" "$NC" "$SSHD_STATUS"
|
|
|
|
|
printf '\n'
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# Function to notify user about reboot
|
|
|
|
|
notify_reboot() {
|
|
|
|
|
printf "\n\033[33;1m*** Configuration Applied ***\033[0m\n"
|
|
|
|
|
printf "For the new settings (Hostname, IP) to take full effect, you must reboot.\n"
|
|
|
|
|
printf "\033[36m(Note: SSH changes are active, but a reboot is safer).\033[0m\n"
|
|
|
|
|
printf '\n%b*** Configuration Applied ***%b\n' "${YELLOW}${BOLD}" "${NC}"
|
|
|
|
|
printf 'For the new settings (Hostname, IP) to take full effect, you must reboot.\n'
|
|
|
|
|
printf '%b(Note: SSH changes are active, but a reboot is safer).%b\n' "$CYAN" "$NC"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# Helper to run a command that modifies a root-owned file
|
|
|
|
|
run_privileged() {
|
|
|
|
|
printf "\n\033[34;1m[ACTION REQUIRING SUDO]\033[0m\n"
|
|
|
|
|
printf '\n%b[ACTION REQUIRING SUDO]%b\n' "${BLUE}${BOLD}" "${NC}"
|
|
|
|
|
# Use sudo sh -c to execute the command as root
|
|
|
|
|
if sudo sh -c "$1"; then
|
|
|
|
|
return 0
|
|
|
|
|
else
|
|
|
|
|
printf "\n\033[31mError: Sudo command failed. Check password or permissions.\033[0m\n"
|
|
|
|
|
printf '\n%bError: Sudo command failed. Check password or permissions.%b\n' "${RED}" "${NC}"
|
|
|
|
|
return 1
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
@ -95,12 +108,12 @@ run_privileged() {
|
|
|
|
|
# a. Update hostname
|
|
|
|
|
update_hostname() {
|
|
|
|
|
printf "\n--- Update Hostname ---\n"
|
|
|
|
|
printf "The current hostname is: \033[36m%s\033[0m\n" "$(hostname)"
|
|
|
|
|
printf "The current hostname is: %b%s%b\n" "$CYAN" "$(hostname)" "$NC"
|
|
|
|
|
printf "Enter new hostname: "
|
|
|
|
|
read NEW_HOSTNAME
|
|
|
|
|
|
|
|
|
|
if [ -z "$NEW_HOSTNAME" ]; then
|
|
|
|
|
printf "\033[31mHostname cannot be empty. Aborting.\033[0m\n"
|
|
|
|
|
printf '%b\n' "${RED}Hostname cannot be empty. Aborting.${NC}"
|
|
|
|
|
return
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
@ -108,7 +121,7 @@ update_hostname() {
|
|
|
|
|
if run_privileged "echo '$NEW_HOSTNAME' > $HOSTNAME_FILE"; then
|
|
|
|
|
# This updates the *runtime* hostname, not just the file
|
|
|
|
|
hostname "$NEW_HOSTNAME"
|
|
|
|
|
printf "\n\033[32mSuccessfully updated hostname to: %s\033[0m\n" "$NEW_HOSTNAME"
|
|
|
|
|
printf '\n%bSuccessfully updated hostname to: %s%b\n' "$GREEN" "$NEW_HOSTNAME" "$NC"
|
|
|
|
|
notify_reboot
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
@ -121,10 +134,10 @@ configure_ip() {
|
|
|
|
|
IFACE=$(ip route get 1.1.1.1 2>/dev/null | grep -o 'dev [^ ]*' | awk '{print $2}' | head -n 1)
|
|
|
|
|
|
|
|
|
|
if [ -z "$IFACE" ]; then
|
|
|
|
|
printf "\033[31mCould not detect a default network interface. Aborting.\033[0m\n"
|
|
|
|
|
printf '%b\n' "${RED}Could not detect a default network interface. Aborting.${NC}"
|
|
|
|
|
return
|
|
|
|
|
fi
|
|
|
|
|
printf "Detected primary network interface: \033[36m%s\033[0m\n" "$IFACE"
|
|
|
|
|
printf "Detected primary network interface: %b%s%b\n" "$CYAN" "$IFACE" "$NC"
|
|
|
|
|
|
|
|
|
|
printf "Enter static IP address (e.g., 192.168.1.10): "
|
|
|
|
|
read IP_ADDR
|
|
|
|
|
@ -139,7 +152,7 @@ configure_ip() {
|
|
|
|
|
read NAMESERVER
|
|
|
|
|
|
|
|
|
|
if [ -z "$IP_ADDR" ] || [ -z "$MASK_PREFIX" ] || [ -z "$GATEWAY" ] || [ -z "$NAMESERVER" ]; then
|
|
|
|
|
printf "\033[31mAll fields are required. Aborting.\033[0m\n"
|
|
|
|
|
printf '%b\n' "${RED}All fields are required. Aborting.${NC}"
|
|
|
|
|
return
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
@ -153,12 +166,12 @@ configure_ip() {
|
|
|
|
|
# Use run_privileged to write the configuration content
|
|
|
|
|
printf "Writing static configuration to %s...\n" "$CONNMAN_CONFIG"
|
|
|
|
|
|
|
|
|
|
# We must escape the content slightly to pass it through 'sh -c'
|
|
|
|
|
# Use tee to safely overwrite the file as root.
|
|
|
|
|
PRIV_CMD="printf \"%b\" \"$CONFIG_CONTENT\" | tee $CONNMAN_CONFIG >/dev/null"
|
|
|
|
|
# Note: We use single quotes around $CONNMAN_CONFIG for safety, but double quotes around $CONFIG_CONTENT to allow variable expansion.
|
|
|
|
|
PRIV_CMD="printf \"\%b\" \"$CONFIG_CONTENT\" | tee \"$CONNMAN_CONFIG\" >/dev/null"
|
|
|
|
|
|
|
|
|
|
if run_privileged "$PRIV_CMD"; then
|
|
|
|
|
printf "\n\033[32mStatic IP configuration saved for interface %s.\033[0m\n" "$IFACE"
|
|
|
|
|
printf '\n%bStatic IP configuration saved for interface %s.%b\n' "$GREEN" "$IFACE" "$NC"
|
|
|
|
|
printf "IP: %s/%s, Gateway: %s, Nameserver: %s\n" "$IP_ADDR" "$MASK_PREFIX" "$GATEWAY" "$NAMESERVER"
|
|
|
|
|
notify_reboot
|
|
|
|
|
fi
|
|
|
|
|
@ -177,9 +190,8 @@ toggle_ssh_auth() {
|
|
|
|
|
NEW_SETTING="yes"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
printf "Current setting: \033[36m%s\033[0m\n" "$CURRENT_SETTING"
|
|
|
|
|
printf "Current setting: %b%s%b\n" "$CYAN" "$CURRENT_SETTING" "$NC"
|
|
|
|
|
|
|
|
|
|
# The sed command needs to run as root
|
|
|
|
|
# 1. Check if line exists (commented or not) and replace it
|
|
|
|
|
# 2. If it doesn't exist, append it
|
|
|
|
|
|
|
|
|
|
@ -191,12 +203,12 @@ toggle_ssh_auth() {
|
|
|
|
|
fi"
|
|
|
|
|
|
|
|
|
|
if run_privileged "$PRIV_CMD"; then
|
|
|
|
|
printf "Setting changed to: \033[32m%s\033[0m\n" "$NEW_SETTING"
|
|
|
|
|
printf "Setting changed to: %b%s%b\n" "$GREEN" "$NEW_SETTING" "$NC"
|
|
|
|
|
|
|
|
|
|
printf "Restarting SSH service...\n"
|
|
|
|
|
# Restarting the service also requires sudo
|
|
|
|
|
if run_privileged "/etc/init.d/sshd restart"; then
|
|
|
|
|
printf "\n\033[32mSSHD service restarted. Password authentication is now set to %s.\033[0m\n" "$NEW_SETTING"
|
|
|
|
|
printf '\n%bSSHD service restarted. Password authentication is now set to %s.%b\n' "$GREEN" "$NEW_SETTING" "$NC"
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
@ -208,7 +220,7 @@ download_kubeconfig() {
|
|
|
|
|
read MASTER_IP
|
|
|
|
|
|
|
|
|
|
if [ -z "$MASTER_IP" ]; then
|
|
|
|
|
printf "\033[31mMaster IP cannot be empty. Aborting.\033[0m\n"
|
|
|
|
|
printf '%b\n' "${RED}Master IP cannot be empty. Aborting.${NC}"
|
|
|
|
|
return
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
@ -220,10 +232,10 @@ download_kubeconfig() {
|
|
|
|
|
|
|
|
|
|
# Use scp to copy the file to the user's local path
|
|
|
|
|
if scp "rancher@$MASTER_IP:/etc/rancher/k3s/k3s.yaml" "$KUBECONFIG_PATH"; then
|
|
|
|
|
printf "\n\033[32mSuccessfully downloaded kubeconfig to %s\033[0m\n" "$KUBECONFIG_PATH"
|
|
|
|
|
printf '\n%bSuccessfully downloaded kubeconfig to %s%b\n' "$GREEN" "$KUBECONFIG_PATH" "$NC"
|
|
|
|
|
printf "The config file is ready for use by 'kubectl' or 'k3s kubectl'.\n"
|
|
|
|
|
else
|
|
|
|
|
printf "\n\033[31mError: Kubeconfig download failed.\033[0m\n"
|
|
|
|
|
printf '\n%bError: Kubeconfig download failed.%b\n' "${RED}" "${NC}"
|
|
|
|
|
printf "Check the master IP, password for 'rancher', and SSH connectivity.\n"
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
@ -233,12 +245,12 @@ download_kubeconfig() {
|
|
|
|
|
main_menu() {
|
|
|
|
|
while true; do
|
|
|
|
|
show_status
|
|
|
|
|
printf "\033[1mSelect an option (1, 2, 3 require sudo):\033[0m\n"
|
|
|
|
|
printf " \033[36m1\033[0m) Update hostname (k3os reboot required)\n"
|
|
|
|
|
printf " \033[36m2\033[0m) Configure static IP (k3os reboot required)\n"
|
|
|
|
|
printf " \033[36m3\033[0m) Toggle sshd PasswordAuthentication (SSHD service restart)\n"
|
|
|
|
|
printf " \033[36m4\033[0m) Download kubeconfig from master (Runs as user, NO local sudo)\n"
|
|
|
|
|
printf " \033[31mQ\033[0m) Quit\n"
|
|
|
|
|
printf '%bSelect an option (1, 2, 3 require sudo):%b\n' "$BOLD" "$NC"
|
|
|
|
|
printf ' %b1%b) Update hostname (k3os reboot required)\n' "$CYAN" "$NC"
|
|
|
|
|
printf ' %b2%b) Configure static IP (k3os reboot required)\n' "$CYAN" "$NC"
|
|
|
|
|
printf ' %b3%b) Toggle sshd PasswordAuthentication (SSHD service restart)\n' "$CYAN" "$NC"
|
|
|
|
|
printf ' %b4%b) Download kubeconfig from master (Runs as user, NO local sudo)\n' "$CYAN" "$NC"
|
|
|
|
|
printf ' %bQ%b) Quit\n' "$RED" "$NC"
|
|
|
|
|
printf "\nOption: "
|
|
|
|
|
read CHOICE
|
|
|
|
|
|
|
|
|
|
@ -248,7 +260,7 @@ main_menu() {
|
|
|
|
|
3) toggle_ssh_auth ;;
|
|
|
|
|
4) download_kubeconfig ;;
|
|
|
|
|
[Qq]*) printf "\nExiting K3OS configuration utility. Goodbye.\n"; exit 0 ;;
|
|
|
|
|
*) printf "\n\033[31mInvalid option. Please choose 1, 2, 3, 4, or Q.\033[0m\n" ;;
|
|
|
|
|
*) printf '\n%bInvalid option. Please choose 1, 2, 3, 4, or Q.%b\n' "${RED}" "${NC}" ;;
|
|
|
|
|
esac
|
|
|
|
|
printf "\nPress ENTER to return to the menu...\n"
|
|
|
|
|
read DUMMY
|
|
|
|
|
|
