Add spec file so we can create RPM packages. (#37)

mvanbaak · michaelwittig · commit 97d1d0fb9641 · 2017-05-03T17:44:42.000+02:00
* change install.sh so it does not run sed on the scripts, but creates a config file * use the config file if it exists, falling back to the same defaults as we had before if the config file is not present or an option is not set in it * Document config file * Create first version of a rpm spec file and config * Change location of the configuration file so its no longer redhad/centos/awslinux specific * Add config file to repo, and fix spec file so version is correct according to https://fedoraproject.org/wiki/Packaging:Versioning
diff --git a/aws-ec2-ssh.conf b/aws-ec2-ssh.conf
@@ -0,0 +1,5 @@
+IAM_AUTHORIZED_GROUPS=""
+LOCAL_MARKER_GROUP="iam-synced-users"
+LOCAL_GROUPS=""
+SUDOERSGROUP=""
+ASSUMEROLE=""
diff --git a/aws-ec2-ssh.spec b/aws-ec2-ssh.spec
@@ -0,0 +1,72 @@
+%define name aws-ec2-ssh
+%define version 0
+%define unmangled_version 0
+%define release 1.20170427.git.5a15fc6%{?dist}
+
+
+Name:       %{name}
+Summary:    Manage AWS EC2 SSH access with IAM
+Version:    %{version}
+Release:    %{release}
+
+Group:      System/Administration
+License:    MIT
+URL:        https://cloudonaut.io/manage-aws-ec2-ssh-access-with-iam/
+Source0:    %{name}-%{unmangled_version}.tar.gz
+BuildRoot:  %{_tmppath}/%{name}-%{version}-%{release}-buildroot
+BuildArch:  noarch
+BuildRoot:  %{_tmppath}/%{name}-root}
+Vendor:     widdix GmbH
+Packager:   Michiel van Baak
+
+Requires:   bash
+
+%description
+Use your IAM user's public SSH key to get access via SSH to an EC2 instance.
+
+
+%prep
+%setup -q
+
+
+%build
+
+
+%install
+rm -rf ${RPM_BUILD_ROOT}
+mkdir -p ${RPM_BUILD_ROOT}%{_bindir}
+mkdir -p ${RPM_BUILD_ROOT}/etc/sysconfig
+install -m 755 import_users.sh ${RPM_BUILD_ROOT}%{_bindir}
+install -m 755 authorized_keys_command.sh ${RPM_BUILD_ROOT}%{_bindir}
+install -m 755 aws-ec2-ssh.conf ${RPM_BUILD_ROOT}/etc/aws-ec2-ssh.conf
+
+%post
+sed -i 's:#AuthorizedKeysCommand none:AuthorizedKeysCommand /usr/bin/authorized_keys_command.sh:g' /etc/ssh/sshd_config
+sed -i 's:#AuthorizedKeysCommandUser nobody:AuthorizedKeysCommandUser nobody:g' /etc/ssh/sshd_config
+/etc/init.d/sshd restart
+
+
+%postun
+sed -i 's:AuthorizedKeysCommand /usr/bin/authorized_keys_command.sh:#AuthorizedKeysCommand none:g' /etc/ssh/sshd_config
+sed -i 's:AuthorizedKeysCommandUser nobody:#AuthorizedKeysCommandUser nobody:g' /etc/ssh/sshd_config
+/etc/init.d/sshd restart
+
+
+%clean
+rm -rf ${RPM_BUILD_ROOT}
+
+
+%files
+%defattr(-,root,root)
+%attr(755,root,root) %{_bindir}/import_users.sh
+%attr(755,root,root) %{_bindir}/authorized_keys_command.sh
+%config /etc/aws-ec2-ssh.conf
+
+
+%changelog
+
+* Thu Apr 27 2017 Michiel van Baak <michiel@vanbaak.eu> - post-1.0-master
+- use correct versioning based on fedora package versioning guide
+
+* Sat Apr 15 2017 Michiel van Baak <michiel@vanbaak.eu> - pre-1.0
+- Initial RPM spec file
