1
0
Fork 0
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

87 lines
2.4 KiB

#!/bin/sh
set -ex
if [ -n "$ROOT_AUTHORIZED_KEYS" ]; then
if [ -f "$ROOT_AUTHORIZED_KEYS" ]; then
mkdir -p /root/.ssh
cp "$ROOT_AUTHORIZED_KEYS" /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
fi
fi
if [ -z "$BASE_DIR" ]; then
BASE_DIR="/home"
fi
if [ ! -d "$BASE_DIR" ]; then
echo "BASE_DIR $BASE_DIR does not exist, creating..."
mkdir -p $BASE_DIR
fi
# GROUPADD="group1:1000;group2:1001;group3:1002"
i=""
while [ "$GROUPADD" != "$i" ] ;do
i=${GROUPADD%%;*}
GROUPADD="${GROUPADD#$i;}"
GROUP_NAME=${i%%:*}
GROUP_GID="${i#$GROUP_NAME:}"
groupadd --gid "$GROUP_GID" "$GROUP_NAME"
done
# USERADD="user1:1000:1000:/bin/bash;user2:1001:1000:/bin/sh;user3:1002:1002:/bin/sh"
i=""
j=""
while [ "$USERADD" != "$i" ] ;do
i=${USERADD%%;*}
USERADD="${USERADD#$i;}"
USER_NAME=${i%%:*}
j="${i#$USER_NAME:}"
USER_UID="${j%%:*}"
j="${j#$USER_UID:}"
USER_GID="${j%%:*}"
j="${j#$USER_GID:}"
USER_SHELL=$j
useradd --home-dir "$BASE_DIR/$USER_NAME" --shell "$USER_SHELL" --uid "$USER_UID" --gid "$USER_GID" "$USER_NAME"
echo "$USER_NAME ALL=(ALL) NOPASSWD:ALL" > "/etc/sudoers.d/$USER_NAME"
done
# HOSTKEYS="/var/lib/jumpbox/ssh_host_ed25519_key;/var/lib/jumpbox/ssh_host_rsa_key"
i=""
if [ -n "$HOSTKEYS" ]; then
while [ "$HOSTKEYS" != "$i" ]; do
i=${HOSTKEYS%%;*}
HOSTKEYS="${HOSTKEYS#$i;}"
if [ ! -e "$i" ]; then
echo "Could not read $i, file is missing"
continue
else
echo "Configuring HostKey $i"
fi
FILENAME=$(basename "$i")
if [ ! -e "/etc/ssh/$FILENAME" ]; then
install -m 0600 "$i" "/etc/ssh/$FILENAME"
ssh-keygen -y -f "$i" > "/etc/ssh/$FILENAME.pub"
ssh-keygen -l -f "/etc/ssh/$FILENAME.pub"
fi
if ! grep "^HostKey /etc/ssh/$FILENAME" /etc/ssh/sshd_config; then
echo "HostKey /etc/ssh/$FILENAME" >> /etc/ssh/sshd_config
fi
done
fi
if [ -z "$(find /etc/ssh/ -maxdepth 1 -name 'ssh_host_*_key' -print -quit)" ]; then
echo "Creating SSH2 ED25519 key; this may take some time ..."
ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519
ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub
echo "HostKey /etc/ssh/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
fi
touch /var/tmp/jumpbox.done