cd /ti pwd > /tmp/ud_pwd.txt # these are settings to enable multicast in AWS see SERV-234 echo "net.ipv4.conf.eth0.force_igmp_version = 2" >> /etc/sysctl.d/99-sysctl.conf echo "net.ipv4.conf.default.force_igmp.version = 2" >> /etc/sysctl.d/99-sysctl.conf sudo sysctl net.ipv4.conf.eth0.force_igmp_version=2 sudo ip link set multicast off dev eth0 sudo ip link set multicast on dev eth0 if [[ -d /ti/cpp_alert_server ]] then echo "Deleting /ti/cpp_alert_server to start fresh" rm -rf /ti/cpp_alert_server fi git clone git@github.com:TI-Pro/cpp_alert_server.git > /tmp/ud_git_clone.txt cd cpp_alert_server git checkout {GIT_BRANCH} > /tmp/ud_git_checkout.txt INSTANCE_ID=$(curl -s http://instance-data/latest/meta-data/instance-id) # I tried getting this command to work, but I think $HOSTNAME isn't set just right at this point so # it's still set from the base build which is ti-test-*. Probably better to hard code this as # create_instance.php is run. In that script it replaces {ENVIRONMENT} with test or prod depending # on where you run the create_instance.php command. # ENVIRONMENT=$(echo $HOSTNAME | awk -F "-" '{print $2}') ENVIRONMENT={ENVIRONMENT} ENVIRONMENT_UCFIRST="${ENVIRONMENT^}" # DNS resolution is different per environment. There's a file in cpp_alert_server/source/local/configs # called resolved.$ENVIRONMENT.conf that we copy to /etc/systemd/resolved.conf that sets the # settings permanently. After you do that you have to restart systemd-resolved to get the settings # to take right now. RESOLVED_CONF_FILE=source/local/configs/resolved.$ENVIRONMENT.conf echo "Copying $RESOLVED_CONF_FILE to /etc/systemd/resolved.conf" cp $RESOLVED_CONF_FILE /etc/systemd/resolved.conf systemctl restart systemd-resolved.service # Update Message Of the Say script cp source/local/configs/motd.sh /etc/ chmod a+x /etc/motd.sh cp source/local/configs/11-tradeideas.$ENVIRONMENT /etc/sudoers.d/11-tradeideas {TARGET_GROUP_COMMANDS} cd source/local # cloud watch configuration # There are two aspects to cloudwatch: metrics and logs. We've configured the same metrics config file for all # server types. This can be overridden by adding a file called cloudwatch.$role.$environment.json if we ever # want to have custom metrics for a particular server type this way. e.g. cloudwatch.marketexplorer.prod.json # For sending logs to cloudwatch, there are two config files and a command to run for each of them. The first is # the standard log files that all server types will send (/var/log/messages, etc). # The second file is optional and includes specific locations that we want to capture for different server types. # If the file called cpp_alert_server/source/local/configs/cloudwatch.logs.$role.json exists, then we copy it and # run the command to include it. If the file doesn't exist we only use the default logs configuration. CLOUDWATCH_FOLDER="/opt/aws/amazon-cloudwatch-agent" CLOUDWATCH_CONFIG_FOLDER="$CLOUDWATCH_FOLDER/etc" #ls -al $CLOUDWATCH_FOLDER #echo "Removing cloud watch in case it's installed" #yum -y remove amazon-cloudwatch-agent.x86_64 #echo "Removing cloud watch folder" #rm -rf $CLOUDWATCH_FOLDER sudo yum install -y https://s3.amazonaws.com/amazoncloudwatch-agent/centos/amd64/latest/amazon-cloudwatch-agent.rpm namespace_metrics="ti/{ROLE}/os" namespace_logs="ti/{ROLE}/logs" /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a remove-config -m ec2 -c all CUSTOM_CLOUDWATCH_CONFIG_FOR_ROLE="configs/cloudwatch.{ROLE}.$ENVIRONMENT.json" CLOUDWATCH_METRICS_CONFIG_FILE="configs/cloudwatch.$ENVIRONMENT.json" if [[ -f $CUSTOM_CLOUDWATCH_CONFIG_FOR_ROLE ]] then CLOUDWATCH_METRICS_CONFIG_FILE=$CUSTOM_CLOUDWATCH_CONFIG_FOR_ROLE fi CLOUDWATCH_METRICS_CONFIG_PATH="$CLOUDWATCH_CONFIG_FOLDER/ti-$ENVIRONMENT-use1-linux-cwagentconfig.json" cat $CLOUDWATCH_METRICS_CONFIG_FILE | sed "s|ti_metrics_namespace|$namespace_metrics|" > $CLOUDWATCH_METRICS_CONFIG_PATH cp $CLOUDWATCH_METRICS_CONFIG_PATH /tmp echo "Calling amazon-cloudwatch-agent-ctl with file $CLOUDWATCH_METRICS_CONFIG_PATH" /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c file:$CLOUDWATCH_METRICS_CONFIG_PATH CLOUDWATCH_LOGS_DEFAULT_CONFIG_FILE="configs/cloudwatch.logs.json" CLOUDWATCH_LOGS_DEFAULT_CONFIG_PATH="$CLOUDWATCH_CONFIG_FOLDER/ti-$ENVIRONMENT-use1-linux-cwsyslogsconfig.json" cat $CLOUDWATCH_LOGS_DEFAULT_CONFIG_FILE | sed "s|ti_loggroup_prefix|$namespace_logs|" > $CLOUDWATCH_LOGS_DEFAULT_CONFIG_PATH cp $CLOUDWATCH_LOGS_DEFAULT_CONFIG_PATH /tmp echo "Calling amazon-cloudwatch-agent-ctl with file $CLOUDWATCH_LOGS_DEFAULT_CONFIG_PATH" /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a append-config -m ec2 -s -c file:$CLOUDWATCH_LOGS_DEFAULT_CONFIG_PATH CLOUDWATCH_LOGS_CUSTOM_CONFIG_FILE="configs/cloudwatch.logs.{ROLE}.json" if [[ -f $CLOUDWATCH_LOGS_CUSTOM_CONFIG_FILE ]] then echo "Found custom cloudwatch logs config file $CLOUDWATCH_LOGS_CUSTOM_CONFIG_FILE"; CLOUDWATCH_LOGS_CUSTOM_CONFIG_PATH="$CLOUDWATCH_CONFIG_FOLDER/ti-$ENVIRONMENT-use1-linux-cwservicelogsconfig.json" cat $CLOUDWATCH_LOGS_CUSTOM_CONFIG_FILE | sed "s|ti_loggroup_prefix|$namespace_logs|" > $CLOUDWATCH_LOGS_CUSTOM_CONFIG_PATH cp $CLOUDWATCH_LOGS_CUSTOM_CONFIG_PATH /tmp echo "Calling amazon-cloudwatch-agent-ctl with file $CLOUDWATCH_LOGS_CUSTOM_CONFIG_PATH" /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a append-config -m ec2 -s -c file:$CLOUDWATCH_LOGS_CUSTOM_CONFIG_PATH fi grep -r namespace $CLOUDWATCH_CONFIG_FOLDER systemctl stop amazon-cloudwatch-agent systemctl start amazon-cloudwatch-agent echo "Done with cloudwatch config, going to set_up_dir now." echo "Configuring SendMail" cp configs/sendmail.$ENVIRONMENT.cf /etc/mail/sendmail.cf cp configs/sendmail.$ENVIRONMENT.mc /etc/mail/sendmail.mc cp configs/access.$ENVIRONMENT /etc/mail/access cp configs/generics-domains.$ENVIRONMENT /etc/mail/generics-domains cp configs/genericstable.$ENVIRONMENT /etc/mail/genericstable cp configs/domaintable.$ENVIRONMENT /etc/mail/domaintable cd /etc/mail echo -e "{HOSTNAME}.{PRIVATE_DNS_SUFFIX} \t trade-ideas.com" >> domaintable makemap hash genericstable < genericstable make m4 sendmail.mc >sendmail.cf echo "Starting Sendmail" systemctl enable sendmail systemctl restart sendmail cd /ti/cpp_alert_server/source/local # do ansible/login configuration # the default.$ENVIRONMENT.yml file runs across all server roles yum -y install ansible echo "Running default playbook for all server roles: default.$ENVIRONMENT.yml" ansible-playbook configs/ansible/default.$ENVIRONMENT.yml ROLE_SPECIFIC_PLAYBOOK=configs/ansible/{ROLE}.$ENVIRONMENT.yml if [[ -f $ROLE_SPECIFIC_PLAYBOOK ]] then echo "Running playbook for {ROLE} server role: $ROLE_SPECIFIC_PLAYBOOK" ansible-playbook $ROLE_SPECIFIC_PLAYBOOK else echo "Didn't find a playbook for {ROLE} server role. Looked for file: $ROLE_SPECIFIC_PLAYBOOK" fi sudo dnf install tree -y sudo dnf install screenfetch -y sudo dnf install cronie -y # custom server role configuration steps here bash set_up_dir chown -R root /ti/cpp_alert_server git checkout {GIT_BRANCH} >> /tmp/ud_git_checkout.txt {SET_IS_DEV} if [[ $IS_DEV == 1 ]] then bash ./role_setup_scripts/setup_dev_microproxy.sh fi