From c4a8a321b33f0b3e67997220eabaf8cb57918adc Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Fri, 14 Oct 2016 11:02:17 -0300
Subject: Provision: openssh-server installation should be optional and
 disabled for TPC profile

---
 doc/todo.rst                    |  1 -
 share/config/provision/tpc.conf |  1 +
 share/hydractl/provision        | 13 +++++++++----
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/doc/todo.rst b/doc/todo.rst
index 62256b4..0f14d45 100644
--- a/doc/todo.rst
+++ b/doc/todo.rst
@@ -4,4 +4,3 @@ TODO
 * import-keys: do not use ssh if host is localhost.
 * import-certs: concat.pem; cert.pem and cert.crt symlinks; restart services.
 * compile: automatic definitions for per-node backup::users.
-* provision: openssh-server installation should be optional and disabled for TPC profile.
diff --git a/share/config/provision/tpc.conf b/share/config/provision/tpc.conf
index 5b9b932..5c209a0 100644
--- a/share/config/provision/tpc.conf
+++ b/share/config/provision/tpc.conf
@@ -16,3 +16,4 @@ arch="amd64"                            # System arch
 version="jessie"                        # Distro version
 grub="y"                                # Setup GRUB?
 mirror="http://http.debian.net/debian/" # Debian mirror
+ssh="n"                                 # Install openssh-server?
diff --git a/share/hydractl/provision b/share/hydractl/provision
index 415c0c0..7ed066a 100755
--- a/share/hydractl/provision
+++ b/share/hydractl/provision
@@ -109,6 +109,7 @@ function hydra_provision_config {
   hydra_user_config   vg                $hostname                        "Install vg"
   hydra_user_config   grub              y                                "Setup GRUB? (y/n)"
   hydra_user_config   mirror            http://http.debian.net/debian/   "Debian mirror"
+  hydra_user_config   ssh               y                                "Install openssh-server? (y/n)"
 
   # Check arch
   if [ "$arch" == "armel" ] || [ "$arch" == "armhf" ]; then
@@ -477,9 +478,11 @@ $APT_INSTALL screen cron lsb-release openssl -y
 hydra_provision_networking
 
 # SSH.
-echo "Installing OpenSSH daemon..."
-$APT_INSTALL openssh-server -y
-hydra_sudo_run chroot $WORK/ service ssh stop
+if [ "$ssh" == "y" ]; then
+  echo "Installing OpenSSH daemon..."
+  $APT_INSTALL openssh-server -y
+  hydra_sudo_run chroot $WORK/ service ssh stop
+fi
 
 # Sudo.
 echo "Installing sudo..."
@@ -491,7 +494,9 @@ echo "Choose a root password."
 hydra_sudo_run chroot $WORK passwd root
 
 # Fingerprints
-hydra_provision_fingerprints
+if [ "$ssh" == "y" ]; then
+  hydra_provision_fingerprints
+fi
 
 echo "Umounting installation device..."
 hydra_sudo_run umount $WORK/sys $WORK/proc $WORK/dev $WORK
-- 
cgit v1.2.3