-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcloud-init.yaml
84 lines (68 loc) · 2.39 KB
/
cloud-init.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
#cloud-config
disable_root: true
chpasswd:
list: |
root:!
expire: false
ssh_pwauth: false
users:
- name: gameshell
homedir: /home/gameshell
gecos: "Gameshell User"
lock_passwd: false
shell: "/home/gameshell/game_data/gameshell_wrapper.sh"
package_update: true
package_upgrade: true
packages:
- wget
- curl
- tar
- gettext-base
- man-db
- procps
- psmisc
- nano
- tree
- ncal
- x11-apps
- sudo
write_files:
- path: /etc/sudoers.d/10-gameshell-proc1
permissions: '0440'
owner: root:root
content: |
# This file grants the 'gameshell' user permission to run exactly one command as root:
# xargs -0 -L1 -a /proc/1/environ
# without requiring a sudo password.
gameshell ALL=(root) NOPASSWD: "xargs -0 -L1 -a /proc/1/environ"
runcmd:
# Prepare environment, etc.
- sed -i 's/^# *\(en_US.UTF-8\)/\1/' /etc/locale.gen
- sed -i 's/^# *\(fr_FR.UTF-8\)/\1/' /etc/locale.gen
- locale-gen
- update-locale LANG=fr_FR.UTF-8
- mkdir -p /home/gameshell/game_data/
- wget https://github.com/phyver/GameShell/releases/download/latest/gameshell.sh -O /home/gameshell/game_data/gameshell.sh
- chmod +x /home/gameshell/game_data/gameshell.sh
# Create a wrapper script that reads GAMESHELL_LANG
- |
cat << 'EOF' > /home/gameshell/game_data/gameshell_wrapper.sh
#!/usr/bin/env bash
# /home/gameshell/game_data/gameshell_wrapper.sh
# This script serves as the login shell for user 'gameshell'.
# It retrieves the environment variable GAMESHELL_LANG from /proc/1/environ
# via 'sudo xargs -0 -L1 -a', which is allowed by a sudoers rule.
# 1) Use sudo to read /proc/1/environ (only command allowed by our sudoers file).
RAW_ENV="$(sudo xargs -0 -L1 -a /proc/1/environ 2>/dev/null || true)"
# Attempt to read the environment variable from /proc/1/environ
# 2) Convert null chars to newlines, grep for GAMESHELL_LANG
LANG_VAL="$(echo "$RAW_ENV" | tr '\0' '\n' | grep '^GAMESHELL_LANG=' | cut -d= -f2)"
if [ -z "$LANG_VAL" ]; then
LANG_VAL="fr" # fallback if nothing was found
fi
echo "[INFO] Detected GAMESHELL_LANG='$LANG_VAL'. Launching GameShell..."
# Pass that to GameShell with the -L option
exec /home/gameshell/game_data/gameshell.sh -L "$LANG_VAL"
EOF
- chmod +x /home/gameshell/game_data/gameshell_wrapper.sh
- chown -R gameshell:gameshell /home/gameshell/