48 lines
1.7 KiB
Bash
48 lines
1.7 KiB
Bash
|
#!/bin/bash
|
||
|
|
# apply-enhancements.sh
|
||
|
|
# Apply enhancements to remaining VM files using sed
|
||
|
|
|
||
|
|
set -euo pipefail
|
||
|
|
|
||
|
|
apply_enhancements() {
|
||
|
|
local file=$1
|
||
|
|
|
||
|
|
if grep -q "chrony" "$file"; then
|
||
|
|
echo " ⚠️ Already enhanced, skipping"
|
||
|
|
return 0
|
||
|
|
fi
|
||
|
|
|
||
|
|
# Create backup
|
||
|
|
cp "$file" "${file}.backup3"
|
||
|
|
|
||
|
|
# Add packages after lsb-release
|
||
|
|
sed -i '/- lsb-release$/a\ - chrony\n - unattended-upgrades\n - apt-listchanges' "$file"
|
||
|
|
|
||
|
|
# Add NTP configuration after package_upgrade
|
||
|
|
sed -i '/package_upgrade: true/a\ \n # Time synchronization (NTP)\n ntp:\n enabled: true\n ntp_client: chrony\n servers:\n - 0.pool.ntp.org\n - 1.pool.ntp.org\n - 2.pool.ntp.org\n - 3.pool.ntp.org' "$file"
|
||
|
|
|
||
|
|
# Update package verification
|
||
|
|
sed -i 's/for pkg in qemu-guest-agent curl wget net-tools; do/for pkg in qemu-guest-agent curl wget net-tools chrony unattended-upgrades; do/' "$file"
|
||
|
|
|
||
|
|
# Add security config before final_message (complex, will do manually for key files)
|
||
|
|
# This requires careful insertion
|
||
|
|
|
||
|
|
echo " ✅ Enhanced (partial - manual final_message update needed)"
|
||
|
|
}
|
||
|
|
|
||
|
|
echo "Applying enhancements to remaining files..."
|
||
|
|
echo ""
|
||
|
|
|
||
|
|
# Process remaining SMOM-DBIS-138 files
|
||
|
|
for file in examples/production/smom-dbis-138/{sentry-{02,03,04},rpc-node-{01,02,03,04},services,blockscout,monitoring,management}.yaml; do
|
||
|
|
if [ -f "$file" ]; then
|
||
|
|
echo "Processing $(basename $file)..."
|
||
|
|
apply_enhancements "$file"
|
||
|
|
fi
|
||
|
|
done
|
||
|
|
|
||
|
|
echo ""
|
||
|
|
echo "Note: final_message and security configs need manual update"
|
||
|
|
echo "Use sentry-01.yaml as template"
|
||
|
|
|