탐색 도움말
로그인
txlyre
/
3x-ui
의 미러 https://github.com/MHSanaei/3x-ui
1
0
포크 0
파일 이슈 0 위키
트리: 7c2598fae9
브랜치 태그
3x-ui
/
deploy
/
packer
/
scripts
/
cleanup.sh

cleanup.sh 2.3 KB
히스토리 Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 
  1. #!/usr/bin/env bash
    2. 

  2. #
    3. 

  3. # cleanup.sh — strip all instance-specific state and secrets from the image.
    4. 

  4. #
    5. 

  5. # Runs LAST. The output image must contain no panel database, no credentials,
    6. 

  6. # no SSH host keys, and no baked authorized_keys. Fails the build if any of
    7. 

  7. # those survive.
    8. 

  8. set -euo pipefail
    9. 

  9. 

  10. echo "[cleanup] removing panel database, credentials and first-boot sentinel..."
    11. 

  11. rm -f /etc/x-ui/x-ui.db /etc/x-ui/x-ui.db-* 2> /dev/null || true
    12. 

  12. rm -f /etc/x-ui/install-result.env /etc/x-ui/credentials.txt 2> /dev/null || true
    13. 

  13. rm -f /etc/x-ui/.firstboot-done 2> /dev/null || true
    14. 

  14. 

  15. echo "[cleanup] removing SSH host keys (regenerated on first boot)..."
    16. 

  16. rm -f /etc/ssh/ssh_host_* 2> /dev/null || true
    17. 

  17. 

  18. echo "[cleanup] removing any baked authorized_keys..."
    19. 

  19. rm -f /root/.ssh/authorized_keys 2> /dev/null || true
    20. 

  20. find /home -maxdepth 3 -name authorized_keys -type f -delete 2> /dev/null || true
    21. 

  21. 

  22. echo "[cleanup] resetting machine-id..."
    23. 

  23. truncate -s 0 /etc/machine-id 2> /dev/null || true
    24. 

  24. rm -f /var/lib/dbus/machine-id 2> /dev/null || true
    25. 

  25. ln -sf /etc/machine-id /var/lib/dbus/machine-id 2> /dev/null || true
    26. 

  26. 

  27. echo "[cleanup] resetting cloud-init so it re-runs on the real first boot..."
    28. 

  28. cloud-init clean --logs --seed > /dev/null 2>&1 || rm -rf /var/lib/cloud/* 2> /dev/null || true
    29. 

  29. 

  30. echo "[cleanup] truncating logs, history and package caches..."
    31. 

  31. find /var/log -type f -exec truncate -s 0 {} + 2> /dev/null || true
    32. 

  32. rm -rf /var/lib/x-ui /var/log/x-ui/* 2> /dev/null || true
    33. 

  33. apt-get clean || true
    34. 

  34. rm -rf /var/lib/apt/lists/* 2> /dev/null || true
    35. 

  35. rm -f /root/.bash_history 2> /dev/null || true
    36. 

  36. find /home -maxdepth 3 -name .bash_history -type f -delete 2> /dev/null || true
    37. 

  37. rm -rf /tmp/firstboot 2> /dev/null || true
    38. 

  38. 

  39. echo "[cleanup] verifying the image is clean..."
    40. 

  40. fail=0
    41. 

  41. for f in /etc/x-ui/x-ui.db /etc/x-ui/credentials.txt /etc/x-ui/install-result.env /etc/x-ui/.firstboot-done; do
    42. 

  42.     if [ -e "$f" ]; then
    43. 

  43.         echo "[cleanup] FATAL: $f is present in the image" >&2
    44. 

  44.         fail=1
    45. 

  45.     fi
    46. 

  46. done
    47. 

  47. if ls /etc/ssh/ssh_host_* > /dev/null 2>&1; then
    48. 

  48.     echo "[cleanup] FATAL: SSH host keys present in the image" >&2
    49. 

  49.     fail=1
    50. 

  50. fi
    51. 

  51. if [ -e /root/.ssh/authorized_keys ]; then
    52. 

  52.     echo "[cleanup] FATAL: /root/.ssh/authorized_keys present in the image" >&2
    53. 

  53.     fail=1
    54. 

  54. fi
    55. 

  55. if [ "$fail" -ne 0 ]; then
    56. 

  56.     exit 1
    57. 

  57. fi
    58. 

  58. 

  59. echo "[cleanup] OK — no DB, no credentials, no host keys, no authorized_keys."
    60.