dmitriysafronov/initial.sh

## initial.sh
#!/bin/bash

export ACCOUNT_ROOT='ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAh0nhE6s0TpO7peXsDEl/kRJ8afzOfp8NAcDD32jTXf8RuRDb90P6T1wfpo4w1zonr5UPdlTxCezO5IwlA4KZOF5DOoYgOSsBM8uJZ2iD0YPM7isc/7oVX1MyipMlDnenoMsLUNvogO9hGgiJKs42AQyl+7TMTeAPQJinxjd2b9IJEVOb7YpxkJKBKQwwCEU0LrfyW8d8YeGmDZtbPj5UFFwtAAhM9zbwCyB/pbpvapL8Xtnhr0EOLif0luLRVTIFY5Y+DSeMldDl95IKWtUY7g/1e9pwLGo9wXC0KBJQJ4qdkbg9k5tNU0w6YSrs0Wi5q4MW7Us8Xe0o3JK3mYzqDv8Dejun4HThJlBCNS1AU84+UpJargQrjAg1sGxyiYs0fg7Jz7I1LqG9GDPFG1LTEbSzt6fdmF/JvNw4nY3+krjpYL72LLNARLEHeRI+pItnZl/2R8BPyue5XbOITW08tcf6tVY8qARXCfGN1whfjLRqzn3MvXqFLRQwVKb9I4qp4EhqfpGaxeFE3mehCl72fNSgyb8WFwrBi3yHPsh64WN1Tfyqk1+NHWCkpJk8eo2SHhSPqw7prpRp+ILb/g5S6iLYlSnHvsCTtKQ4q5jci2fFNSQX0PZmEWjEVe7YALqfJ4Z7dzaziX2YKpih7SJ2fUaIu25h679FeX5hx/A6KqE= Emergency account'

#######

export ACCOUNT_MAINTENANCE='ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAgP64MdanvFbH3oc2oPLWfJmHYFkJKyvmh7GKxMa9PHHfPVC4ybePTJ0YXNpb0VO+RiBMFGPIs20R6TGT81hgnzxL0M7w2D1+LRcBGj2cU36QAq499VjXvRw6F/4/da7x4O6ZioQ+ZNpwWKfrzXH1EQqtwjydjnFqqwwiNywiFOBkIfslWJQcBibBf8QDbRsH9WtvuYq7iKwY9wNWeutV2AfHefEGZdEm0k8guf3gs6UfIdVNoTH5ulzbKdt6HeEycpHqxCPQJZJKqtlHBZbsQONuAA8UbjyEV+S4HMh2UTZn8sWG5K89f1mpBiKGPs2H4sUqSrnzHmaMbcqPOF65l3xlXDa0OMmO5vCWEzeMTuehN8JeKqpxqHpUELSeGJs5GoJHpUdCPvnzmKCqehpFUeI8vmAwbFhkiGZJBuAufs59PnpxQd8Ee4i6s7vdPsWCYi5mQTsjUpZlseuUYJJAtw62tnl8YqUhw1fgKwNfZ1LHsrAXoWLrophk4XpKWrsZ32bL0JBrzQs2SKNDbxP4btxr4sw3s7wSFCl2JLmL7WCf1mTTxXXWhNvn3bTEOYF/sc/CD03P6qWNtgsb4q/mBdO13mu70eMs8qMeC6UGFATxOFAipAcXw0iyirtCv09FaEaabZuMHAsf4PG8jQJCqB2Mm8yU1rOulX2sznLfCAk= Maintenance account'
export MAINTENANCE_HOME='/var/opt/maintenance'

#################################################

chattr -i /root/.ssh 2> /dev/null
chattr -i /root/.ssh/authorized_keys 2> /dev/null
rm -rf /root/* /root/.* 2> /dev/null
cp -rT /etc/skel /root
mkdir -p /root/.ssh
echo "${ACCOUNT_ROOT}" > /root/.ssh/authorized_keys
chown -R root:root /root
chmod 0700 /root/.ssh
chmod 0600 /root/.ssh/authorized_keys
if [[ -n "$(which restorecon)" ]]; then restorecon -Rv /root/.ssh; fi
#chattr +i /root/.ssh/authorized_keys

#######

chattr -i "${MAINTENANCE_HOME}/.ssh" 2> /dev/null
chattr -i "${MAINTENANCE_HOME}/.ssh/authorized_keys" 2> /dev/null
userdel -rf maintenance 2> /dev/null
useradd --system -d "${MAINTENANCE_HOME}" -m -g nogroup -s /bin/bash -c "Maintenance account" -N maintenance 2> /dev/null
mkdir -p "${MAINTENANCE_HOME}/.ssh"
echo "${ACCOUNT_MAINTENANCE}" > "${MAINTENANCE_HOME}/.ssh/authorized_keys"
chown -R maintenance:nogroup "${MAINTENANCE_HOME}"
chmod -R 0700 "${MAINTENANCE_HOME}"
chmod 0600 "${MAINTENANCE_HOME}/.ssh/authorized_keys"
if [[ -n "$(which restorecon)" ]]; then restorecon -Rv "${MAINTENANCE_HOME}/.ssh"; fi
#chattr +i "${MAINTENANCE_HOME}/.ssh/authorized_keys"

if [[ -z "$(which sudo)" ]]; then (apt-get update -y && apt-get install sudo -y); fi
chattr -i /etc/sudoers.d/maintenance 2> /dev/null
echo 'maintenance  ALL=(ALL:ALL) NOPASSWD:ALL' > /etc/sudoers.d/maintenance
#chattr +i /etc/sudoers.d/maintenance

#################################################

echo "Done!"
	#!/bin/bash

	export ACCOUNT_ROOT='ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAh0nhE6s0TpO7peXsDEl/kRJ8afzOfp8NAcDD32jTXf8RuRDb90P6T1wfpo4w1zonr5UPdlTxCezO5IwlA4KZOF5DOoYgOSsBM8uJZ2iD0YPM7isc/7oVX1MyipMlDnenoMsLUNvogO9hGgiJKs42AQyl+7TMTeAPQJinxjd2b9IJEVOb7YpxkJKBKQwwCEU0LrfyW8d8YeGmDZtbPj5UFFwtAAhM9zbwCyB/pbpvapL8Xtnhr0EOLif0luLRVTIFY5Y+DSeMldDl95IKWtUY7g/1e9pwLGo9wXC0KBJQJ4qdkbg9k5tNU0w6YSrs0Wi5q4MW7Us8Xe0o3JK3mYzqDv8Dejun4HThJlBCNS1AU84+UpJargQrjAg1sGxyiYs0fg7Jz7I1LqG9GDPFG1LTEbSzt6fdmF/JvNw4nY3+krjpYL72LLNARLEHeRI+pItnZl/2R8BPyue5XbOITW08tcf6tVY8qARXCfGN1whfjLRqzn3MvXqFLRQwVKb9I4qp4EhqfpGaxeFE3mehCl72fNSgyb8WFwrBi3yHPsh64WN1Tfyqk1+NHWCkpJk8eo2SHhSPqw7prpRp+ILb/g5S6iLYlSnHvsCTtKQ4q5jci2fFNSQX0PZmEWjEVe7YALqfJ4Z7dzaziX2YKpih7SJ2fUaIu25h679FeX5hx/A6KqE= Emergency account'

	#######

	export ACCOUNT_MAINTENANCE='ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAgP64MdanvFbH3oc2oPLWfJmHYFkJKyvmh7GKxMa9PHHfPVC4ybePTJ0YXNpb0VO+RiBMFGPIs20R6TGT81hgnzxL0M7w2D1+LRcBGj2cU36QAq499VjXvRw6F/4/da7x4O6ZioQ+ZNpwWKfrzXH1EQqtwjydjnFqqwwiNywiFOBkIfslWJQcBibBf8QDbRsH9WtvuYq7iKwY9wNWeutV2AfHefEGZdEm0k8guf3gs6UfIdVNoTH5ulzbKdt6HeEycpHqxCPQJZJKqtlHBZbsQONuAA8UbjyEV+S4HMh2UTZn8sWG5K89f1mpBiKGPs2H4sUqSrnzHmaMbcqPOF65l3xlXDa0OMmO5vCWEzeMTuehN8JeKqpxqHpUELSeGJs5GoJHpUdCPvnzmKCqehpFUeI8vmAwbFhkiGZJBuAufs59PnpxQd8Ee4i6s7vdPsWCYi5mQTsjUpZlseuUYJJAtw62tnl8YqUhw1fgKwNfZ1LHsrAXoWLrophk4XpKWrsZ32bL0JBrzQs2SKNDbxP4btxr4sw3s7wSFCl2JLmL7WCf1mTTxXXWhNvn3bTEOYF/sc/CD03P6qWNtgsb4q/mBdO13mu70eMs8qMeC6UGFATxOFAipAcXw0iyirtCv09FaEaabZuMHAsf4PG8jQJCqB2Mm8yU1rOulX2sznLfCAk= Maintenance account'
	export MAINTENANCE_HOME='/var/opt/maintenance'

	#################################################

	chattr -i /root/.ssh 2> /dev/null
	chattr -i /root/.ssh/authorized_keys 2> /dev/null
	rm -rf /root/* /root/.* 2> /dev/null
	cp -rT /etc/skel /root
	mkdir -p /root/.ssh
	echo "${ACCOUNT_ROOT}" > /root/.ssh/authorized_keys
	chown -R root:root /root
	chmod 0700 /root/.ssh
	chmod 0600 /root/.ssh/authorized_keys
	if [[ -n "$(which restorecon)" ]]; then restorecon -Rv /root/.ssh; fi
	#chattr +i /root/.ssh/authorized_keys

	#######

	chattr -i "${MAINTENANCE_HOME}/.ssh" 2> /dev/null
	chattr -i "${MAINTENANCE_HOME}/.ssh/authorized_keys" 2> /dev/null
	userdel -rf maintenance 2> /dev/null
	useradd --system -d "${MAINTENANCE_HOME}" -m -g nogroup -s /bin/bash -c "Maintenance account" -N maintenance 2> /dev/null
	mkdir -p "${MAINTENANCE_HOME}/.ssh"
	echo "${ACCOUNT_MAINTENANCE}" > "${MAINTENANCE_HOME}/.ssh/authorized_keys"
	chown -R maintenance:nogroup "${MAINTENANCE_HOME}"
	chmod -R 0700 "${MAINTENANCE_HOME}"
	chmod 0600 "${MAINTENANCE_HOME}/.ssh/authorized_keys"
	if [[ -n "$(which restorecon)" ]]; then restorecon -Rv "${MAINTENANCE_HOME}/.ssh"; fi
	#chattr +i "${MAINTENANCE_HOME}/.ssh/authorized_keys"

	if [[ -z "$(which sudo)" ]]; then (apt-get update -y && apt-get install sudo -y); fi
	chattr -i /etc/sudoers.d/maintenance 2> /dev/null
	echo 'maintenance ALL=(ALL:ALL) NOPASSWD:ALL' > /etc/sudoers.d/maintenance
	#chattr +i /etc/sudoers.d/maintenance

	#################################################

	echo "Done!"