cloud: Execute user-data scripts at the end of initialization

This is useful when the user-data needs to reboot an instance. Previously, some initialization did not happen which is now being done first before the user-data script is being executed. This gives users more flexibility about what they are doing in those scripts. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2026-04-09 18:45:54 +02:00 · 2022-05-19 09:40:25 +00:00
parent 4aab717c07
commit 9e41373213
5 changed files with 83 additions and 98 deletions
--- a/src/initscripts/helper/aws-setup
+++ b/src/initscripts/helper/aws-setup
@@ -118,25 +118,6 @@ import_aws_configuration() {
 		fi
 	done

-	# Download the user-data script only on the first boot
-	if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
-		# Download user-data
-		local user_data="$(get user-data)"
-
-		# Save user-data script to be executed later
-		if [ "${user_data:0:2}" = "#!" ]; then
-			echo "${user_data}" > /tmp/aws-user-data.script
-			chmod 700 /tmp/aws-user-data.script
-
-			# Run the user-data script
-			local now="$(date -u +"%s")"
-			/tmp/aws-user-data.script &>/var/log/user-data.log.${now}
-
-			# Delete the script right away
-			rm /tmp/aws-user-data.script
-		fi
-	fi
-
 	# Import network configuration
 	# After this, no network connectivity will be available from this script due to the
 	# renaming of the network interfaces for which they have to be shut down
@@ -259,6 +240,22 @@ import_aws_configuration() {
 			echo "2,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,TGT_PORT,444,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"
 		) >> /var/ipfire/firewall/input

+		# Download user-data
+		local user_data="$(get user-data)"
+
+		# Save user-data script to be executed later
+		if [ "${user_data:0:2}" = "#!" ]; then
+			echo "${user_data}" > /tmp/aws-user-data.script
+			chmod 700 /tmp/aws-user-data.script
+
+			# Run the user-data script
+			local now="$(date -u +"%s")"
+			/tmp/aws-user-data.script &>/var/log/user-data.log.${now}
+
+			# Delete the script right away
+			rm /tmp/aws-user-data.script
+		fi
+
 		# This script has now completed the first steps of setup
 		touch /var/ipfire/main/firstsetup_ok
 	fi
--- a/src/initscripts/helper/azure-setup
+++ b/src/initscripts/helper/azure-setup
@@ -141,25 +141,6 @@ import_azure_configuration() {
 		fi
 	done

-	# Download the user-data script only on the first boot
-	if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
-		# Download user-data
-		local user_data="$(get customData)"
-
-		# Save user-data script to be executed later
-		if [ "${user_data:0:2}" = "#!" ]; then
-			echo "${user_data}" > /tmp/azure-user-data.script
-			chmod 700 /tmp/azure-user-data.script
-
-			# Run the user-data script
-			local now="$(date -u +"%s")"
-			/tmp/azure-user-data.script &>/var/log/user-data.log.${now}
-
-			# Delete the script right away
-			rm /tmp/azure-user-data.script
-		fi
-	fi
-
 	# Import network configuration
 	# After this, no network connectivity will be available from this script due to the
 	# renaming of the network interfaces for which they have to be shut down
@@ -279,6 +260,22 @@ import_azure_configuration() {
 			echo "2,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,TGT_PORT,444,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"
 		) >> /var/ipfire/firewall/input

+		# Download user-data
+		local user_data="$(get customData)"
+
+		# Save user-data script to be executed later
+		if [ "${user_data:0:2}" = "#!" ]; then
+			echo "${user_data}" > /tmp/azure-user-data.script
+			chmod 700 /tmp/azure-user-data.script
+
+			# Run the user-data script
+			local now="$(date -u +"%s")"
+			/tmp/azure-user-data.script &>/var/log/user-data.log.${now}
+
+			# Delete the script right away
+			rm /tmp/azure-user-data.script
+		fi
+
 		# This script has now completed the first steps of setup
 		touch /var/ipfire/main/firstsetup_ok
 	fi
--- a/src/initscripts/helper/exoscale-setup
+++ b/src/initscripts/helper/exoscale-setup
@@ -83,25 +83,6 @@ import_exoscale_configuration() {
 		chown setup.nobody "/home/setup/.ssh/authorized_keys"
 	fi

-	# Download the user-data script only on the first boot
-	if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
-		# Download user-data
-		local user_data="$(get user-data)"
-
-		# Save user-data script to be executed later
-		if [ "${user_data:0:2}" = "#!" ]; then
-			echo "${user_data}" > /tmp/user-data.script
-			chmod 700 /tmp/user-data.script
-
-			# Run the user-data script
-			local now="$(date -u +"%s")"
-			/tmp/user-data.script &>/var/log/user-data.log.${now}
-
-			# Delete the script right away
-			rm /tmp/user-data.script
-		fi
-	fi
-
 	# Import any previous settings for the local interfaces
 	 eval $(/usr/local/bin/readhash <(grep -E "^(GREEN|ORANGE)_.*=" /var/ipfire/ethernet/settings 2>/dev/null))

@@ -208,6 +189,22 @@ import_exoscale_configuration() {
 			echo "2,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,TGT_PORT,444,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"
 		) >> /var/ipfire/firewall/input

+		# Download user-data
+		local user_data="$(get user-data)"
+
+		# Save user-data script to be executed later
+		if [ "${user_data:0:2}" = "#!" ]; then
+			echo "${user_data}" > /tmp/user-data.script
+			chmod 700 /tmp/user-data.script
+
+			# Run the user-data script
+			local now="$(date -u +"%s")"
+			/tmp/user-data.script &>/var/log/user-data.log.${now}
+
+			# Delete the script right away
+			rm /tmp/user-data.script
+		fi
+
 		# This script has now completed the first steps of setup
 		touch /var/ipfire/main/firstsetup_ok
 	fi
--- a/src/initscripts/helper/gcp-setup
+++ b/src/initscripts/helper/gcp-setup
@@ -118,25 +118,6 @@ import_gcp_configuration() {
 		fi
 	done <<<"$(get instance/attributes/ssh-keys)"

-	# Download the user-data script only on the first boot
-	if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
-		# Download a startup script
-		local script="$(get instance/attributes/startup-script)"
-
-		# Execute the script
-		if [ "${script:0:2}" = "#!" ]; then
-			echo "${script}" > /tmp/gcp-startup.script
-			chmod 700 /tmp/gcp-startup.script
-
-			# Run the script
-			local now="$(date -u +"%s")"
-			/tmp/gcp-startup.script &>/var/log/startup-script.log.${now}
-
-			# Delete the script right away
-			rm /tmp/gcp-startup.script
-		fi
-	fi
-
 	# Import network configuration
 	# After this, no network connectivity will be available from this script due to the
 	# renaming of the network interfaces for which they have to be shut down
@@ -249,6 +230,22 @@ import_gcp_configuration() {
 			echo "2,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,TGT_PORT,444,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"
 		) >> /var/ipfire/firewall/input

+		# Download a startup script
+		local script="$(get instance/attributes/startup-script)"
+
+		# Execute the script
+		if [ "${script:0:2}" = "#!" ]; then
+			echo "${script}" > /tmp/gcp-startup.script
+			chmod 700 /tmp/gcp-startup.script
+
+			# Run the script
+			local now="$(date -u +"%s")"
+			/tmp/gcp-startup.script &>/var/log/startup-script.log.${now}
+
+			# Delete the script right away
+			rm /tmp/gcp-startup.script
+		fi
+
 		# This script has now completed the first steps of setup
 		touch /var/ipfire/main/firstsetup_ok
 	fi
--- a/src/initscripts/helper/oci-setup
+++ b/src/initscripts/helper/oci-setup
@@ -147,28 +147,6 @@ import_oci_configuration() {
 		fi
 	done <<<"$(get instance/metadata/ssh_authorized_keys)"

-	# Download the user-data script only on the first boot
-	if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
-		# Download a startup script
-		local script="$(get instance/metadata/user_data)"
-
-		# Try to decode this
-		script="$(try_base64_decode "${script}")"
-
-		# Execute the script
-		if [ "${script:0:2}" = "#!" ]; then
-			echo "${script}" > /tmp/user-data.script
-			chmod 700 /tmp/user-data.script
-
-			# Run the script
-			local now="$(date -u +"%s")"
-			/tmp/user-data.script &>/var/log/user-data.log.${now}
-
-			# Delete the script right away
-			rm /tmp/user-data.script
-		fi
-	fi
-
 	# Import network configuration
 	# After this, no network connectivity will be available from this script due to the
 	# renaming of the network interfaces for which they have to be shut down
@@ -285,6 +263,25 @@ import_oci_configuration() {
 			echo "2,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,TGT_PORT,444,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"
 		) >> /var/ipfire/firewall/input

+		# Download a startup script
+		local script="$(get instance/metadata/user_data)"
+
+		# Try to decode this
+		script="$(try_base64_decode "${script}")"
+
+		# Execute the script
+		if [ "${script:0:2}" = "#!" ]; then
+			echo "${script}" > /tmp/user-data.script
+			chmod 700 /tmp/user-data.script
+
+			# Run the script
+			local now="$(date -u +"%s")"
+			/tmp/user-data.script &>/var/log/user-data.log.${now}
+
+			# Delete the script right away
+			rm /tmp/user-data.script
+		fi
+
 		# This script has now completed the first steps of setup
 		touch /var/ipfire/main/firstsetup_ok
 	fi