From 0e3e6b14a7ede0e8d2aca5957bd302025bf56d95 Mon Sep 17 00:00:00 2001 From: deathbybandaid Date: Fri, 18 Feb 2022 10:48:33 -0500 Subject: [PATCH] add realm checks --- template_setup.sh | 31 +++++++++++++++++++++++++++---- 1 file changed, 27 insertions(+), 4 deletions(-) diff --git a/template_setup.sh b/template_setup.sh index 10788cf..c1149ff 100644 --- a/template_setup.sh +++ b/template_setup.sh @@ -3,7 +3,30 @@ echo "Setting up template environment" echo "Running topgrade" topgrade -echo "Setting up ipa-client to join FreeIPA Server Realm" -freeipa_admin=$(whiptail --passwordbox "Please enter the user authorized to join FreeIPA realm: $freeipa_admin" 8 78 --title "FreeIPA Admin User Prompt" 3>&1 1>&2 2>&3) -freeipa_password=$(whiptail --passwordbox "Please enter the password for the FreeIPA admin user: $freeipa_admin" 8 78 --title "FreeIPA Password Prompt" 3>&1 1>&2 2>&3) -ipa-client-install --mkhomedir --no-ntp --principal="$freeipa_admin" --password="$freeipa_password" --enable-dns-updates --unattended +nssdb_dir="/etc/ipa/nssdb" +echo "Checking if Directory $nssdb_dir contains Membership to FreeIPA Realm" +realm_join = 0 +if [ -d "$nssdb_dir" ] +then + if [ "$(ls -A $nssdb_dir)" ]; then + echo "Directory $nssdb_dir is not Empty." + realm_join = 1 + echo "ipa-client appears to already be joined to FreeIPA Server Realm" + else + echo "$nssdb_dir is Empty" + fi +else + echo "Directory $nssdb_dir not found." +fi + +if [[ $HOSTNAME == *template* ]]; then + echo "Hostname $HOSTNAME contains the word 'template', skipping realm joining" + realm_join = 0 +fi + +if [ realm_join == 1 ] + echo "Setting up ipa-client to join FreeIPA Server Realm" + freeipa_admin=$(whiptail --passwordbox "Please enter the user authorized to join FreeIPA realm: $freeipa_admin" 8 78 --title "FreeIPA Admin User Prompt" 3>&1 1>&2 2>&3) + freeipa_password=$(whiptail --passwordbox "Please enter the password for the FreeIPA admin user: $freeipa_admin" 8 78 --title "FreeIPA Password Prompt" 3>&1 1>&2 2>&3) + ipa-client-install --mkhomedir --no-ntp --principal="$freeipa_admin" --password="$freeipa_password" --enable-dns-updates --unattended +fi