Created
April 18, 2011 21:21
-
-
Save glebm/926212 to your computer and use it in GitHub Desktop.
Capistrano recipe to create a user on EC2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
set :aws_private_key_path, "~/.ec2/mrkey.pem" | |
namespace :setup_server do | |
desc "adds a user and uploads his id_rsa.pub to the EC2 instance's deploy users authorized_keys2 file" | |
task :create_deploy_user do | |
# \\n becomes \n | |
commands = <<-SH.split("\n").map(&:strip).join(";") | |
sudo echo hi | |
sudo groupadd admin | |
sudo useradd -d /home/#{user} -s /bin/bash -m #{user} | |
echo #{user}:#{password} | sudo chpasswd | |
sudo usermod -a -G admin deploy | |
echo '%admin ALL=(ALL) ALL' | sudo tee -a /etc/sudoers | |
sudo mkdir /home/#{user}/.ssh | |
sudo chmod 700 /home/#{user}.ssh | |
sudo chown #{user} /home/#{user}/.ssh | |
sudo chgrp #{user} /home/#{user}/.ssh | |
SH | |
setup_user = <<-SH | |
ssh -i #{aws_private_key_path} ec2-user@#{domain} "script -c \\"#{commands}\\" /dev/null" | |
SH | |
puts setup_user | |
system setup_user | |
add_my_ssh_key | |
end | |
task :add_my_ssh_key do | |
ssh_options[:keys].each do |key| | |
authorized_keys2 = "/home/#{user}/.ssh/authorized_keys2" | |
commands = <<-SH.split("\n").map(&:strip).join(";") | |
sudo touch #{authorized_keys2} | |
sudo cat /tmp/my_key.pub | sudo tee -a #{authorized_keys2} | |
sudo rm /tmp/my_key.pub | |
sudo chmod 600 #{authorized_keys2} | |
sudo chown #{user} #{authorized_keys2} | |
sudo chgrp #{user} #{authorized_keys2} | |
SH | |
setup_keys = <<-SH.strip | |
scp -i #{aws_private_key_path} #{key} ec2-user@#{domain}:/tmp/my_key.pub | |
ssh -i #{aws_private_key_path} ec2-user@#{domain} "script -c \\"#{commands}\\" /dev/null" | |
SH | |
puts setup_keys | |
system setup_keys | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment