Created
August 23, 2017 12:36
-
-
Save vglebov/7b8fbca3a0858ff885a13598576dd287 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ConfigureAccessFromUserGit () { | |
if ! getent passwd git >/dev/null 2>&1; then | |
adduser git | |
su - -s /bin/bash git <<SU | |
mkdir .ssh | |
chmod 700 .ssh | |
touch .ssh/authorized_keys | |
chmod 600 .ssh/authorized_keys | |
SU | |
git_shell=$(which git-shell) | |
set +e | |
if ! grep ${git_shell} /etc/shells >/dev/null ; then | |
echo ${git_shell} >> /etc/shells | |
fi | |
set -e | |
chsh -s ${git_shell} git | |
su - -s /bin/bash git <<SU | |
mkdir git-shell-commands | |
touch git-shell-commands/no-interactive-login | |
SU | |
cat >/home/git/git-shell-commands/no-interactive-login <<'EOF' | |
#!/bin/sh | |
printf '%s\n' "Hi $USER! You've successfully authenticated, but I do not" | |
printf '%s\n' "provide interactive shell access." | |
exit 128 | |
EOF | |
chmod +x /home/git/git-shell-commands/no-interactive-login | |
else | |
echo "User git already exists" | |
fi | |
} | |
GrantAccessProjectRootToGitAndViceVersa () { | |
if [ ! -f "/home/git/.ssh/id_rsa.pub" ]; then | |
su - -s /bin/bash git <<SU | |
ssh-keygen -t rsa -f ~/.ssh/id_rsa -N '' | |
SU | |
git_key=$(cat /home/git/.ssh/id_rsa.pub) | |
echo "# git@${host_name}" >> ~/.ssh/authorized_keys | |
echo ${git_key} >> ~/.ssh/authorized_keys | |
root_key=$(cat ~/.ssh/id_rsa.pub) | |
echo "# root@${host_name}" >> /home/git/.ssh/authorized_keys | |
echo ${root_key} >> /home/git/.ssh/authorized_keys | |
ssh -o StrictHostKeyChecking=no git@${host_name} <<SSH | |
echo "loggined in as git user" | |
SSH | |
else | |
echo "SSH key /home/git/.ssh/id_rsa.pub already exists" | |
fi | |
} | |
CreateReposDir () { | |
if [ ! -d "${repos_dir}" ]; then | |
mkdir -p ${repos_dir} | |
chown git:git ${repos_dir} | |
else | |
echo "Dir ${repos_dir} already exists" | |
fi | |
} | |
PutFileUnderVersionControl () { | |
target_file=$1 | |
versioned_file=$2 | |
if [ ! -f "${target_file}" ]; then | |
echo "file ${target_file} not found" | |
exit 1 | |
fi | |
if [ ! -h "${target_file}" ]; then | |
mv ${target_file} ${configs_dir}/${versioned_file} | |
ln -s ${configs_dir}/${versioned_file} ${target_file} | |
cd ${configs_dir} | |
git add ${versioned_file} | |
git commit -m "File ${target_file} linked as file ${configs_dir}/${versioned_file}" | |
git pull --rebase | |
git push | |
else | |
echo "File ${target_file} already linked as $(ls -al ${target_file})" | |
fi | |
} | |
InitGitRepos () { | |
ConfigureAccessFromUserGit | |
GrantAccessProjectRootToGitAndViceVersa | |
CreateReposDir | |
PutFileUnderVersionControl /home/git/.ssh/authorized_keys git_authorized_keys | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment