Move testnet ssh key (#5770)

* Factor out hardcoded testnet ssh key path * Build/create test net ssh key path * Rename testnet ssh dir * Give testnetSSHDir a more generic name * shellcheck * favor hardcoded paths over `paths.sh` * Put instance-startup-complete stamp in the scratch dir as well * Rename `/solana` > `/solana-scratch`
2019-09-03 18:51:16 -06:00
parent 62f6a78ccd
commit 8362b408d9
3 changed files with 16 additions and 17 deletions
--- a/net/gce.sh
+++ b/net/gce.sh
@ -387,8 +387,8 @@ EOF
        set -o pipefail
        for i in $(seq 1 60); do
          set -x
-          cloud_FetchFile "$nodeName" "$nodeIp" /solana-id_ecdsa "$sshPrivateKey" "$nodeZone" &&
+          cloud_FetchFile "$nodeName" "$nodeIp" /solana-scratch/id_ecdsa "$sshPrivateKey" "$nodeZone" &&
-            cloud_FetchFile "$nodeName" "$nodeIp" /solana-id_ecdsa.pub "$sshPrivateKey.pub" "$nodeZone" &&
+            cloud_FetchFile "$nodeName" "$nodeIp" /solana-scratch/id_ecdsa.pub "$sshPrivateKey.pub" "$nodeZone" &&
              break
          set +x
@ -428,7 +428,7 @@ EOF
      for i in $(seq 1 60); do
        (
          set -x
-          timeout --preserve-status --foreground 20s ssh "${sshOptions[@]}" "$publicIp" "ls -l /.instance-startup-complete"
+          timeout --preserve-status --foreground 20s ssh "${sshOptions[@]}" "$publicIp" "ls -l /solana-scratch/.instance-startup-complete"
        )
        ret=$?
        if [[ $ret -eq 0 ]]; then
@ -607,21 +607,22 @@ cat > /etc/motd <<EOM
    $ sudo cat /var/log/syslog | egrep \\(startup-script\\|cloud-init\)
  To block until setup is complete, run:
-    $ until [[ -f /.instance-startup-complete ]]; do sleep 1; done
+    $ until [[ -f /solana-scratch/.instance-startup-complete ]]; do sleep 1; done
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 $(creationInfo)
 EOM
-# Place the generated private key at /solana-id_ecdsa so it's retrievable by anybody
+# Place the generated private key at /solana-scratch/id_ecdsa so it's retrievable by anybody
 # who is able to log into this machine
-cat > /solana-id_ecdsa <<EOK
+mkdir -p -m 0777 "/solana-scratch"
 cat > /solana-scratch/id_ecdsa <<EOK
 $(cat "$sshPrivateKey")
 EOK
-cat > /solana-id_ecdsa.pub <<EOK
+cat > /solana-scratch/id_ecdsa.pub <<EOK
 $(cat "$sshPrivateKey.pub")
 EOK
-chmod 444 /solana-id_ecdsa
+chmod 444 /solana-scratch/id_ecdsa
 USER=\$(id -un)
 export DEBIAN_FRONTEND=noninteractive
@ -657,7 +658,7 @@ $(printNetworkInfo)
 $(creationInfo)
 EOM
-touch /.instance-startup-complete
+touch /solana-scratch/.instance-startup-complete
 EOF
--- a/net/scripts/add-testnet-solana-user-authorized_keys.sh
+++ b/net/scripts/add-testnet-solana-user-authorized_keys.sh
@ -6,8 +6,6 @@ set -ex
 [[ -d /home/solana/.ssh ]] || exit 1
 if [[ -z $SOLANA_PUBKEYS ]]; then
  echo "Warning: source solana-user-authorized_keys.sh first"
 fi
@ -15,9 +13,9 @@ fi
 # solana-user-authorized_keys.sh defines the public keys for users that should
 # automatically be granted access to ALL testnets
 for key in "${SOLANA_PUBKEYS[@]}"; do
-  echo "$key" >> /solana-authorized_keys
+  echo "$key" >> /solana-scratch/authorized_keys
 done
 sudo -u solana bash -c "
-  cat /solana-authorized_keys >> /home/solana/.ssh/authorized_keys
+  cat /solana-scratch/authorized_keys >> /home/solana/.ssh/authorized_keys
 "
--- a/net/scripts/create-solana-user.sh
+++ b/net/scripts/create-solana-user.sh
@ -13,15 +13,15 @@ else
  echo "solana ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
  id solana
-  [[ -r /solana-id_ecdsa ]] || exit 1
+  [[ -r /solana-scratch/id_ecdsa ]] || exit 1
-  [[ -r /solana-id_ecdsa.pub ]] || exit 1
+  [[ -r /solana-scratch/id_ecdsa.pub ]] || exit 1
  sudo -u solana bash -c "
    mkdir -p /home/solana/.ssh/
    cd /home/solana/.ssh/
-    cp /solana-id_ecdsa.pub authorized_keys
+    cp /solana-scratch/id_ecdsa.pub authorized_keys
    umask 377
-    cp /solana-id_ecdsa id_ecdsa
+    cp /solana-scratch/id_ecdsa id_ecdsa
    echo \"
      Host *
      BatchMode yes