Skip to content

Instantly share code, notes, and snippets.

@j3tm0t0

j3tm0t0/customization.md

Last active December 22, 2017 00:34
Show Gist options
  • Save j3tm0t0/9966092 to your computer and use it in GitHub Desktop.
Save j3tm0t0/9966092 to your computer and use it in GitHub Desktop.
Download ZIP
VyOS EC2 customization
Raw
customization.md

VyOS AMI Customization

rl-system.init

comment-out followings

  • update_interface_config
    to prevent new interface is added when stop/start instance in EC2 classic or create imaage with existing interface

  • add_new_serial_if || log_failure_msg "can't add serial interfaces"
    no serial interface in EC2

vyatta-postconfig-bootup.script

see attached file.

Raw
vyatta-postconfig-bootup.script
#!/bin/sh
# This script is called from /etc/rc.local on boot after the Vyatta
# configuration is fully applied. Any modifications done to work around
# unfixed bugs and implement enhancements which are not complete in the Vyatta
# system can be placed here.
# expand volume and enable swap if exists
resize2fs /dev/xvda1
[ -f /dev/xvda3 ] && swapon /dev/xvda3
# run once per instance
instanceId=$( curl -s http://169.254.169.254/latest/meta-data/instance-id )
[ -f /opt/vyatta/tmp/$instanceId ] && exit
# apply config from user-data
sudo -u vyos /usr/bin/expect << EOF
set timeout 60
spawn \$env(SHELL)
send "configure\r"
expect -re ".*# $"
send "merge http://169.254.169.254/latest/user-data \r"
expect {
"\[no\] " {send "Y\r"}
timeout {send_user "Error: timeout\n"; exit}
eof {send_user "Error: eof\n"; exit}
}
expect {
"Merge complete." {send "commit\r"}
timeout {send_user "Error: timeout\n"; exit}
eof {send_user "Error: eof\n"; exit}
}
expect -re ".*# $"
send "save\r"
expect -re ".*# $"
send "exit\r"
expect {
-re ":\[~/\]\[#$\] " {send "exit\r"}
timeout {send_user "timeout @3\n"; exit}
eof {send_user "eof @3\n"; exit}
}
EOF
# import ssh key from meta-data server
sudo -u vyos /usr/bin/expect << EOF
set timeout 30
spawn \$env(SHELL)
send "configure\r"
expect -re ".*# $"
send "loadkey vyos http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key \r"
expect {
-re "### 100.0%.*# $" {send "set service ssh disable-password-authentication \r"}
timeout {send_user "timeout @1\n"; exit}
eof {send_user "eof @1\n"; exit}
}
expect -re ".*# $"
send "commit\r"
expect -re ".*# $"
send "save\r"
expect -re ".*# $"
send "exit\r"
expect {
-re ":\[~/\]\[#$\] " {send "cat ~vyos/.ssh/authorized_keys\r"}
timeout {send_user "timeout @2\n"; exit}
eof {send_user "eof @2\n"; exit}
}
expect {
-re ":\[~/\]\[#$\] " {send "exit\r"}
timeout {send_user "timeout @3\n"; exit}
eof {send_user "eof @3\n"; exit}
}
EOF
touch /opt/vyatta/tmp/$instanceId
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment