Ceph preflight: init ceph-deploy user on a new Debian server which will become a new ceph-node, also ensure sudo and ntp are installed

ceph-preflight-init-debian-node.sh

#!/bin/bash

set -euo pipefail

function usage() {
        echo "${0} <node-name>"
        exit 1
}

function usageError() {
        echo "Error: $1" >&2
        usage
}

[ ${#@} -eq 1 ] || usageError 'Invalid argument count, expected 1, found '"${#@}"

[ -z "$1" ] && usageError 'Missing node-name argument'
node="$1"

deployKeyFile='id_rsa'
deployKeyPath="$HOME"'/.ssh/'"$deployKeyFile"
[ -e "$deployKeyPath" ] || ssh-keygen -b 2048 -f "$deployKeyPath"

distUser='ceph-deploy'

scp "${deployKeyPath}.pub" root@"$node":
ssh root@"$node" <<-EOF
        set -euo pipefail
        apt-get install -y ntp sudo
        id "$distUser" >/dev/null || useradd -d /home/"$distUser" -m "$distUser"
        [ -e /home/"$distUser"/.ssh ] || sudo -u "$distUser" mkdir -m 0700 /home/"$distUser"/.ssh
        if ! [ -f /home/"$distUser"/.ssh/authorized_keys ]; then
                sudo -u "$distUser" touch /home/"$distUser"/.ssh/authorized_keys
                sudo -u "$distUser" chmod 0600 /home/"$distUser"/.ssh/authorized_keys
        fi
        tmpfile=\$(UMASK=0177 mktemp)
        cat /home/"$distUser"/.ssh/authorized_keys "${deployKeyFile}.pub" | sort | uniq >"\$tmpfile"
        rm "${deployKeyFile}.pub"
        cat "\$tmpfile" > /home/"$distUser"/.ssh/authorized_keys
        rm "\$tmpfile"
        echo "$distUser"' ALL = (root) NOPASSWD:ALL' > /etc/sudoers.d/"$distUser"
        chmod 0440 /etc/sudoers.d/"$distUser"
EOF

if ! [ -e "$HOME"'/.ssh/config' ] || ! grep -Ee '^Host '"$node"'$' "$HOME"'/.ssh/config' >/dev/null; then
        cat >> "$HOME"'/.ssh/config' <<-EOF
                Host $node
                  User $distUser
                  IdentityFile $deployKeyPath
        EOF
fi