sovcik/create_installer_account.sh

## create_installer_account.sh
#!/bin/bash
###############################################
#
# Script creates system user account, configures it for SSH access
# and gives it "root" access via SUDO.
# Intention is to pass it as "user-data" to Amazon AWS instance, which will
# execute it during its start-up.
#
# Copyright (c) 2010 by Jozef Sovcik, http://www.vanilladesk.com
# Feel free to modify it as necessary.
#
#---------------------------------------------
# How to use:
# 1) set INSTALLER_ACCOUNT to account name you would like to use for login
# 2) set PUB_KEY_URL to point to dowloadable file containing public key in SSH format
# 3) pass it as "user-data" to AWS instance and wait until it is started
# 4) connect to instance using SSH and account set in INSTALLER_ACCOUNT using private key
#    relevant for public key specified in PUB_KEY_URL
#
###############################################

INSTALLER_ACCOUNT="installer"
PUB_KEY_URL="https://s3.amazonaws.com/mybucket/my_installer_public_key.pub"

# Install required packages
function install_packages() {

  # update packages
  echo "Updating APT repositories."
  apt-get --yes update
  [ $? -ne 0 ] && echo "Error: apt-get update failed." && return 1

  # install required packages, no harm in case following packages are already installed
  echo "Installing required packages."
  apt-get --yes install sudo wget sed
  [ $? -ne 0 ] && echo "Error: apt-get install failed." && return 1

  return 0

}

# Create installer account and create its authorized_keys
function create_account() {
  local _account="$1"
  local _key_url="$2"
  local _tmpkey="/tmp/public_key.pub"

  # create account
  echo "Creating an account."
  [ -d /home/${_account} ] || ${SUDO} useradd --create-home ${_account}
  [ $? -ne 0 ] && echo "Error: Account creation failed." && return 1

  # create ssh folder for newly created account
  echo "Creating folder for ssh"
  [ -d /home/${_account}/.ssh ] || ${SUDO} mkdir /home/${_account}/.ssh
  [ $? -ne 0 ] && echo "Error: Not possible to create folder /home/${_account}/.ssh" && return 1
  ${SUDO} chown -R ${_account}:${_account} /home/${_account}/.ssh
  ${SUDO} chmod -R 700 /home/${_account}/.ssh

  # get public key from spcified url
  echo "Getting public key from ${_key_url}"
  [ -e ${_tmpkey} ] && ${SUDO} rm ${_tmpkey}
  ${SUDO} ${WGET} -O ${_tmpkey} -q -nc --no-check-certificate "${_key_url}"
  [ $? -ne 0 ] && echo "Error: Unable to download public key from ${_key_url}" && return 1

  # append public key to ~/.ssh/authorized_keys in order to allow newly created user to log-in
  echo "Adding public key to authorized_keys for created account."
  ${SUDO} cat ${_tmpkey} >> /home/${_account}/.ssh/authorized_keys
  [ ! -e "/home/${_account}/.ssh/authorized_keys" ] && echo "Error: Creating of /home/${_account}/.ssh/authorized_keys failed." && return 1

  return 0
}

# Configure SUDOERS so newly created account will get necessary permissions
function configure_sudoers() {
  local _account="$1"
  local _sudoers="/etc/sudoers"
  local _sudo_permissions="ALL=NOPASSWD: ALL"

  [ ! -e $_sudoers ] && echo "Error: File ${_sudoers} does not exist." && return 1

  if [ ! "`${SUDO} ${SED} -n -e ""/^${_account}/p"" ${_sudoers}`" ]; then
    ${SUDO} ${SED} -i -e "\$a${_account} ${_sudo_permissions}" ${_sudoers}
    [ $? -ne 0 ] && echo "Error: Not possible to modify ${_sudoers}." && return 1
  fi

  return 0
}

[ ! "$(which apt-get)" ] && echo "Error: APT-GET not installed." && exit 1

install_packages

SUDO="$(which sudo)"
WGET="$(which wget)"
SED="$(which sed)"

[ ! "${SUDO}" ] && echo "Error: SUDO not installed." && exit 1
[ ! "${WGET}" ] && echo "Error: WGET not installed." && exit 1
[ ! "${SED}" ] && echo "Error: SED not installed." && exit 1

create_account ${INSTALLER_ACCOUNT} ${PUB_KEY_URL}
[ $? -ne 0 ] && echo "Error: Account creation failed." && exit 1

configure_sudoers ${INSTALLER_ACCOUNT}
[ $? -ne 0 ] && echo "Error: Unable to configure sudoers for ${INSTALLER_ACCOUNT} account." && exit 1

echo "*** Installer account ''${INSTALLER_ACCOUNT}'' created."
	#!/bin/bash
	###############################################
	#
	# Script creates system user account, configures it for SSH access
	# and gives it "root" access via SUDO.
	# Intention is to pass it as "user-data" to Amazon AWS instance, which will
	# execute it during its start-up.
	#
	# Copyright (c) 2010 by Jozef Sovcik, http://www.vanilladesk.com
	# Feel free to modify it as necessary.
	#
	#---------------------------------------------
	# How to use:
	# 1) set INSTALLER_ACCOUNT to account name you would like to use for login
	# 2) set PUB_KEY_URL to point to dowloadable file containing public key in SSH format
	# 3) pass it as "user-data" to AWS instance and wait until it is started
	# 4) connect to instance using SSH and account set in INSTALLER_ACCOUNT using private key
	# relevant for public key specified in PUB_KEY_URL
	#
	###############################################

	INSTALLER_ACCOUNT="installer"
	PUB_KEY_URL="https://s3.amazonaws.com/mybucket/my_installer_public_key.pub"

	# Install required packages
	function install_packages() {

	# update packages
	echo "Updating APT repositories."
	apt-get --yes update
	[ $? -ne 0 ] && echo "Error: apt-get update failed." && return 1

	# install required packages, no harm in case following packages are already installed
	echo "Installing required packages."
	apt-get --yes install sudo wget sed
	[ $? -ne 0 ] && echo "Error: apt-get install failed." && return 1

	return 0

	}

	# Create installer account and create its authorized_keys
	function create_account() {
	local _account="$1"
	local _key_url="$2"
	local _tmpkey="/tmp/public_key.pub"

	# create account
	echo "Creating an account."
	[ -d /home/${_account} ] \|\| ${SUDO} useradd --create-home ${_account}
	[ $? -ne 0 ] && echo "Error: Account creation failed." && return 1

	# create ssh folder for newly created account
	echo "Creating folder for ssh"
	[ -d /home/${_account}/.ssh ] \|\| ${SUDO} mkdir /home/${_account}/.ssh
	[ $? -ne 0 ] && echo "Error: Not possible to create folder /home/${_account}/.ssh" && return 1
	${SUDO} chown -R ${_account}:${_account} /home/${_account}/.ssh
	${SUDO} chmod -R 700 /home/${_account}/.ssh

	# get public key from spcified url
	echo "Getting public key from ${_key_url}"
	[ -e ${_tmpkey} ] && ${SUDO} rm ${_tmpkey}
	${SUDO} ${WGET} -O ${_tmpkey} -q -nc --no-check-certificate "${_key_url}"
	[ $? -ne 0 ] && echo "Error: Unable to download public key from ${_key_url}" && return 1

	# append public key to ~/.ssh/authorized_keys in order to allow newly created user to log-in
	echo "Adding public key to authorized_keys for created account."
	${SUDO} cat ${_tmpkey} >> /home/${_account}/.ssh/authorized_keys
	[ ! -e "/home/${_account}/.ssh/authorized_keys" ] && echo "Error: Creating of /home/${_account}/.ssh/authorized_keys failed." && return 1

	return 0
	}

	# Configure SUDOERS so newly created account will get necessary permissions
	function configure_sudoers() {
	local _account="$1"
	local _sudoers="/etc/sudoers"
	local _sudo_permissions="ALL=NOPASSWD: ALL"

	[ ! -e $_sudoers ] && echo "Error: File ${_sudoers} does not exist." && return 1

	if [ ! "`${SUDO} ${SED} -n -e ""/^${_account}/p"" ${_sudoers}`" ]; then
	${SUDO} ${SED} -i -e "\$a${_account} ${_sudo_permissions}" ${_sudoers}
	[ $? -ne 0 ] && echo "Error: Not possible to modify ${_sudoers}." && return 1
	fi

	return 0
	}

	[ ! "$(which apt-get)" ] && echo "Error: APT-GET not installed." && exit 1

	install_packages

	SUDO="$(which sudo)"
	WGET="$(which wget)"
	SED="$(which sed)"

	[ ! "${SUDO}" ] && echo "Error: SUDO not installed." && exit 1
	[ ! "${WGET}" ] && echo "Error: WGET not installed." && exit 1
	[ ! "${SED}" ] && echo "Error: SED not installed." && exit 1

	create_account ${INSTALLER_ACCOUNT} ${PUB_KEY_URL}
	[ $? -ne 0 ] && echo "Error: Account creation failed." && exit 1

	configure_sudoers ${INSTALLER_ACCOUNT}
	[ $? -ne 0 ] && echo "Error: Unable to configure sudoers for ${INSTALLER_ACCOUNT} account." && exit 1

	echo "*** Installer account ''${INSTALLER_ACCOUNT}'' created."