Last active
July 7, 2023 20:52
-
-
Save ilobmirt/57c009c3e28cf168bb2467da118587e0 to your computer and use it in GitHub Desktop.
Provisions the Debian Host to allow for SSH from Github user public key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #=================================================================================================# | |
| #provision_deploy_env.sh | |
| #---------- | |
| #by: ilobmirt @ 2023_JUL_07 | |
| # | |
| #Sets up this node | |
| #=================================================================================================# | |
| function include_git_libs(){ | |
| local git_user="$1" | |
| local git_lib_id="$2" | |
| #If either is blank because it wasn't inputted, include my own | |
| if [ ${#git_user} -eq 0 ] || [ ${#git_lib_id} -eq 0 ]; then | |
| git_user='ilobmirt' | |
| git_lib_id='4852e33aaf0fbb064c2a3b6141ed5172' | |
| fi | |
| local lib_dir="/tmp/gists/${git_user}" | |
| local lib_file="shared_functs_${git_lib_id}.lib" | |
| local lib_source="https://gist.githubusercontent.com/${git_user}/${git_lib_id}/raw" | |
| if [ ! -d "${lib_dir}" ]; then | |
| mkdir -p $lib_dir | |
| fi | |
| if [ ! -f "${lib_dir}/${lib_file}" ]; then | |
| wget -q --output-document="${lib_dir}/${lib_file}" $lib_source | |
| fi | |
| source "${lib_dir}/${lib_file}" | |
| } | |
| function nm_set(){ | |
| #EXAMPLES: | |
| # nm_set eth0 192.168.1.69/24 1.1.1.1,1.0.0.1 | |
| # nm_set eth0 dhcp | |
| # nm_set eth0 del | |
| local target_dev="$1" | |
| local target_state="$2" | |
| local target_dns="$3" | |
| #Do nothing if device and state is not defined | |
| if [ ${#target_dev} -eq 0 ] || [ ${#target_state} ] ; then | |
| return | |
| fi | |
| local connection_exists=$(nmcli con | grep "autoconfig-${target_dev}") | |
| #If we just wanna delete the connection, lets be done with it | |
| if [ ${#connection_exists} -gt 0 ] && [[ "${target_state}"=='del' ]] ; then | |
| sudo nmcli con del "autoconfig-${target_dev}" | |
| return | |
| fi | |
| #create the connection if it did not exist | |
| local target_type='' | |
| case "${target_dev:0:3}" in | |
| 'eth' | 'enp') | |
| target_type='ethernet' | |
| ;; | |
| 'wla' | 'wlp') | |
| target_type='wifi' | |
| ;; | |
| *) | |
| ;; | |
| esac | |
| if [ ${#connection_exists} -eq 0 ] ; then | |
| sudo nmcli con add type "${target_type}" ifname "${target_interface}" con-name "${static_interface}" | |
| fi | |
| #Our target states are up / down / dhcp / (some ipv4 address) | |
| case "${target_state}" in | |
| 'up') | |
| sudo nmcli con up "autoconfig-${target_dev}" | |
| ;; | |
| 'down') | |
| sudo nmcli con down "autoconfig-${target_dev}" | |
| ;; | |
| 'dhcp') | |
| sudo nmcli con mod "autoconfig-${target_dev}" ipv4.method auto | |
| sudo nmcli con mod "autoconfig-${target_dev}" ipv6.method disabled | |
| sudo nmcli con up "autoconfig-${target_dev}" | |
| ;; | |
| *) | |
| sudo nmcli con mod "autoconfig-${target_dev}" ipv4.method manual ipv4.addr "${target_state}" | |
| if [ ${#target_dns} -gt 0 ] ; then | |
| sudo nmcli con mod "autoconfig-${target_dev}" ipv4.dns "${target_dns}" | |
| fi | |
| sudo nmcli con up "autoconfig-${target_dev}" | |
| ;; | |
| esac | |
| } | |
| main(){ | |
| #Install network Manager if not already installed | |
| if [[ "$(which nmcli)" == '' ]]; then | |
| echo "NMCLI not installed, installing" | |
| sudo apt update | |
| sudo apt-get install network-manager -y | |
| echo "Granting control to nmcli by cleaning up network interfaces" | |
| sudo mv -f /etc/network/interfaces /etc/network/interfaces.old | |
| sudo touch /etc/network/interfaces | |
| sudo systemctl restart NetworkManager | |
| fi | |
| local eth_dev=$(nmcli dev | sed -r 's/\s/###/g;s/###.*//g;/^(eth|enp)/!d;1,1! d') | |
| nm_set "${eth_dev}" dhcp | |
| include_git_libs | |
| local func_input="$(l2s "$@")" | |
| local target_user='' | |
| local target_hostname='' | |
| local target_git_sources='' | |
| fill_params --input "${func_input}" --var target_user --search user --default 'example_user' > /dev/null | |
| fill_params --input "${func_input}" --var target_hostname --search hostname --default 'example_host' > /dev/null | |
| fill_params --input "${func_input}" --var target_git_sources --search git --default 'ilobmirt' > /dev/null | |
| #We split the git sources list by comma (no spaces) | |
| #target_git_sources=$(echo "${target_git_sources}" | readarray -d ',') | |
| readarray -t target_git_sources <<< $(echo "${target_git_sources}" | sed 's/,/\n/g') | |
| local out_txt=$(cat <<EOF | |
| ╔═════════════════════════════╗ | |
| ║We have passed the following:║ | |
| ╚═════════════════════════════╝ | |
| ▻ USERNAME: ${target_user} | |
| ▔▔▔▔▔▔▔▔▔ | |
| ▻ HOSTNAME: ${target_hostname} | |
| ▔▔▔▔▔▔▔▔▔ | |
| ▻ GIT KEY SOURCES: | |
| ▔▔▔ ▔▔▔ ▔▔▔▔▔▔▔▔ | |
| $(printf "\t[%s]\n" "${target_git_sources[@]}") | |
| EOF | |
| ) | |
| printf "%s\n\n\n" "${out_txt}" | |
| #PREREQ - CURL + OPENSSH-SERVER | |
| printf "\tSTEP 1> SETUP PREREQ PACKAGES\n\n" | |
| setup_packages curl openssh-server > /dev/null | |
| #Set our desired hostname | |
| printf "\tSTEP 2> SETUP HOSTNAME\n\n" | |
| set_hostname ${target_hostname} > /dev/null | |
| #Establish github keys from the following people | |
| printf "\tSTEP 3> ADD GITHUB PUBLIC KEYS\n" | |
| for input_git_user in "${target_git_sources[@]}" ; do | |
| printf "\t\t> ${input_git_user}\n" | |
| github_ssh_key --user "${target_user}" --github "${input_git_user}" --method 'add' > /dev/null | |
| done | |
| printf "\n\n" | |
| out_txt=$(cat <<EOF | |
| ╔══════════════╗ | |
| ║End of Script:║ | |
| ╚══════════════╝ | |
| The host \"$(hostname)\" has been set up for the user \"${target_user}\" | |
| It should now be accessible over ssh using the github keys | |
| EOF | |
| ) | |
| printf "%s\n\n\n" "${out_txt}" | |
| } | |
| main $@ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment