#!/usr/bin/expect -f # -*- mode:shell-script -*- # # Expect script for automatically building an ESGF node # # To use, copy the file esg-autoinstall.template (either in # /usr/local/etc from the boostrapper or from the Git repository) to # /usr/local/etc/esg-autoinstall.conf and edit it to reflect your site # settings, then run 'esg-autoinstall' # source /usr/local/etc/esg-autoinstall.conf ### Expect script begins here ### spawn ${ESGNODESCRIPT} --type ${NODETYPE} --install ${INSTALLFLAGS} expect { # Error messages cause instant abort # ERROR and FATAL are found even in working installs # "ERROR:" { exit 1 } "could not change directory to" { exit 1 } "No space left on device" { exit 1 } "Permission denied" { exit 1 } "This action did not complete successfully" { exit 1 } # Actual script responses "Please select the ESGF distribution mirror for this installation" { send \n ; exp_continue } "Are you ready to begin the installation?" { send y\n ; exp_continue } "Please select the IP address to use for this installation" { send 0\n ; exp_continue } "What is the fully qualified domain name of this node?" { send ${FQDN}\n ; exp_continue } "What is the admin password to use for this installation?" { send ${ADMINPASS}\n ; exp_continue } "Please re-enter password:" { send ${ADMINPASS}\n ; exp_continue } "What is the name of your organization?" { send ${ORGNAME}\n ; exp_continue } "Please give this node a \"short\" name" { send ${SHORTNAME}\n ; exp_continue } "Please give this node a more descriptive \"long\" name" { send ${LONGNAME}\n ; exp_continue } "What is the namespace to use for this node?" { send ${NAMESPACE}\n ; exp_continue } "What peer group(s) will this node participate in?" { send ${PEERGROUP}\n ; exp_continue } "What is the default peer to this node?" { send ${DEFAULTPEER}\n ; exp_continue } "What is the hostname of the node do you plan to publish to?" { send ${PUBLISHNODE}\n ; exp_continue } "What email address should notifications be sent as?" { send ${ADMINEMAIL}\n ; exp_continue } "Is the database external to this node?" { send \n ; exp_continue } "What is the database connection string?" { send ${DBSTRING}\n ; exp_continue } "Is the database external to this node?" { send ${DBEXTERNAL}\n ; exp_continue } "What is the (low priv) db account for publisher?" { send ${DBLOWUSER}\n ; exp_continue } "What is the db password for publisher user" { send ${DBLOWPASS}\n ; exp_continue } "Enter password for postgres user dbsuper:" { send ${ADMINPASS}\n ; exp_continue } "Re-enter password for postgres user dbsuper:" { send ${ADMINPASS}\n ; exp_continue } "Please Enter PostgreSQL port number" { send ${PGPORT}\n ; exp_continue } "Would you like a \"system\" or \"user\" publisher configuration" { send \n ; exp_continue } "Is this correct?" { send Y\n ; exp_continue } "What is your organization's id?" { send ${ORGNAME}\n ; exp_continue } "Do you want to continue with Tomcat installation and setup?" { send \n ; exp_continue } "Do you want to continue with esgcet installation and setup?" { send \n ; exp_continue } "Do you want to continue with thredds installation and setup?" { send \n ; exp_continue } "Do you want to continue with ESGF Dashboard IP installation and setup?" { send \n ; exp_continue } "Do you want to continue with LAS installation and setup?" { send \n ; exp_continue } "Would you like to use the DN: (OU=ESGF.ORG, O=ESGF)" { send \n ; exp_continue } "Please enter the password for this keystore" { send ${ADMINPASS}\n ; exp_continue } "Please re-enter the password for this keystore" { send ${ADMINPASS}\n ; exp_continue } "Enter a single ip address which would be cleared to access admin restricted pages." { send ${ADMINIP}\n ; exp_continue } "Do you wish to allow further ips?" { send n\n ; exp_continue } "Please enter username for tomcat" { send \n ; exp_continue } "Please enter password for user, " { send \n ; exp_continue } "Would you like to add another user?" { send \n ; exp_continue } "Do you wish to setup the redirect to the esgf-node-manager's page?" { send \n ; exp_continue } "(RETURN if same as keystore password)" { send \n ; exp_continue } "Do you wish to generate a Certificate Signing Request at this time?" { send \n ; exp_continue } "Please Enter the IP address of this host" { send \n ; exp_continue } "Please Enter the public (i.e. routable) IP address of this host" { send \n ; exp_continue } "Do you wish to use an external IDP peer?" { send ${EXTERNALIDP}\n ; exp_continue } "Please specify your IDP peer node's FQDN:" { send ${IDPPEER}\n ; exp_continue } "Enter certificate to add to trusted keystore" { send \n ; exp_continue } "Would you like to configure this node for CMIP6 publishing" { send Y\n ; exp_continue } "Would you like to install the SLCS OAuth server on this node" { send Y\n ; exp_continue } # For --type all, Globus is set up twice, once as a gateway, and # once as a datanode. Unfortunately, on the second pass of this # the prompt defaults to N because it detects the installation of # the previous type, so we have to always force it to Y, or key # packages will not be installed and the globus user will be # missing. # # This means that it will always be forcibly reinstalled upon # upgrade even if it doesn't need to be, but there is no way # around that at this time without changing the detection in the # esg-node script. "Do you want to continue with the Globus installation and setup?" { send Y\n ; exp_continue } "Do you want to make a back up of the existing Globus distribution (datanode)?" { send \n ; exp_continue } "Do you want to register the GridFTP server with Globus?" { send Y\n ; exp_continue } "Do you want to register the MyProxy server with Globus?" { send Y\n ; exp_continue } "Please provide a Globus username" { send ${GLOBUSUSER}\n ; exp_continue } "Globus password" { send ${GLOBUSPASS}\n ; exp_continue } "Globus Username:" { send ${GLOBUSUSER}\n ; exp_continue } "Globus Password:" { send ${GLOBUSPASS}\n ; exp_continue } "Enter password for new role:" { send ${ADMINPASS}\n ; exp_continue } "Enter it again:" { send ${ADMINPASS}\n ; exp_continue } # This prompt is causing problems -- apparently it's either not a real # stopping point, or there is an errant \n before this prompt is # reached. Removing it fixes a known installation problem, however. # "Is this ok" { # send Y\n ; exp_continue # } "Add new line:" { send \n ; exp_continue } "Do you still wish to continue?" { send Y\n ; exp_continue } "Do you want to continue with openid relying party installation and setup?" { send \n ; exp_continue } "Do you want to make a back up of the existing distribution?" { send Y\n ; exp_continue } "Do you want to continue with security services installation and setup?" { send \n ; exp_continue } "Do you want to continue with idp services installation and setup?" { send \n ; exp_continue } "Do you want to continue with search services installation and setup?" { send \n ; exp_continue } "Do you want to continue with security schema setup?" { send \n ; exp_continue } "Do you want to make a back up of the existing database schema" { send \n ; exp_continue } "Do you still wish to (re)GENERATE self signed certs (and usurp what is present)?" { send \n ; exp_continue } "Do you want to overwrite this CA?" { send \n ; exp_continue } "Enter (simple) CA's certificate password" { send ${CACERTPASS}\n ; exp_continue } "Do you want to make a back up of the existing MyProxy SimpleCA (gateway)?" { send Y\n ; exp_continue } # This prompt in theory should only appear if you in fact already # have a simple CA, and the default will be 'N', correct for # upgrades. "Do you wish to install a simple CA?" { send \n ; exp_continue } "Would you like to remove the current CA setup?" { send \n ; exp_continue } "Do you want to keep this as the CA subject" { send Y\n ; exp_continue } "Enter the email of the CA" { send ${ADMINEMAIL}\n ; exp_continue } "default: 5 years" { send \n ; exp_continue } "Enter PEM pass phrase:" { send ${CACERTPASS}\n ; exp_continue } "please enter the password for the CA key" { send ${CACERTPASS}\n ; exp_continue } "Enter (simple) CA's certificate password" { send ${CACERTPASS}\n ; exp_continue } "Are you sure you wish to add a NEW replica index" { send ${SOLRREINDEX}\n ; exp_continue } "Automatic peer with super-node" { send \n ; exp_continue } # Victory conditions "Node installation is complete." { exit 0 } }