From 3e167269c6eab02cc112015394d941914a223ce5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maximilian=20Ke=C3=9Fler?= <git@maximilian-kessler.de>
Date: Tue, 17 Oct 2023 17:28:19 +0200
Subject: [PATCH] initial commit: add scritps

---
 deploy.sh    | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 setup-key.sh | 43 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 99 insertions(+)
 create mode 100755 deploy.sh
 create mode 100755 setup-key.sh

diff --git a/deploy.sh b/deploy.sh
new file mode 100755
index 0000000..07f17b8
--- /dev/null
+++ b/deploy.sh
@@ -0,0 +1,56 @@
+#! /bin/bash
+#
+# This script reads a gzipped tar archive from stdin and deploys it to a
+# specified location. Contents of the archive are assumed to be relative to
+# some root, and will be deployed relative to the specified path in the first argument.
+#
+# Example usage:
+# tar -C <deploy_root> -cf - <list of files> | ./deploy.sh <path>
+
+# Abort deploy on any mistake
+set -e
+
+WEB_ROOT=/var/www/pages.abstractnonsen.se/
+STORAGE_ROOT=/var/lib/pages/
+PAGES_USER=pages
+
+if [ "$#" -ne 1 ]; then
+  echo "Usage: $0 DEPLOY_SUBDIR"
+  exit 1
+fi
+
+if [ "$(whoami)" != "${PAGES_USER}" ]; then
+  echo "Script must be run as user '${PAGES_USER}'"
+  exit 1
+fi
+
+LINK="${WEB_ROOT}/$1"
+LINK_DIRECTORY=$(dirname "${LINK}")
+STORAGE_NEW="${STORAGE_ROOT}/$1/$(date +%s)"
+
+# ensure root paths exist
+mkdir -p "${LINK_DIRECTORY}"
+mkdir -p "${STORAGE_NEW}"
+
+# extract to new storage location (this reads from stdin)
+echo "Extracting tar files..."
+tar -C "${STORAGE_NEW}" -xvzf -
+echo "...extracting done"
+
+if [ ! -e "${LINK}" ]; then
+  # link does not exist, create it
+  ln -s "${STORAGE_NEW}" "${LINK}"
+else
+  # read old link
+  STORAGE_OLD=$(readlink "${LINK}")
+
+  # link already exists, repoint it
+  rm -f "${LINK_DIRECTORY}/tmp"
+  ln -s "${STORAGE_NEW}" "${LINK_DIRECTORY}/tmp"
+  mv -T "${LINK_DIRECTORY}/tmp" "${LINK}"
+
+  # remove old deployment
+  rm -rf "${STORAGE_OLD}"
+fi
+
+echo "Successfully deployed to https://pages.abstractnonsen.se/$1"
diff --git a/setup-key.sh b/setup-key.sh
new file mode 100755
index 0000000..3eb4808
--- /dev/null
+++ b/setup-key.sh
@@ -0,0 +1,43 @@
+#! /bin/bash
+# This script creates a new ssh key-pair and sets it up to be able to deploy to a specific directory only
+
+# Abort on any mistake
+set -e
+
+# configurable constants for this script
+KEY_DIR=/var/lib/pages-manager/keys/
+PAGES_USER=pages
+DEPLOY_SCRIPT=/home/${PAGES_USER}/deploy.sh
+
+mkdir -p "${KEY_DIR}"
+
+
+if [ "$#" -ne 1 ]; then
+	echo "Usage: $0 DEPLOY_SUBDIR"
+fi
+
+KEYNAME=$1
+
+KEYFILE="${KEY_DIR}/id_${KEYNAME/\//.}"
+
+if [ -e "${KEYFILE}" ]; then
+	echo "Found existing key in ${KEYFILE}, aborting."
+	echo "Printing private key:"
+	cat "${KEYFILE}"
+	exit 1
+fi
+
+mkdir -p "${KEY_DIR}"
+chmod 700 "${KEY_DIR}"
+
+# generate key
+ssh-keygen -t ed25519 -f "${KEYFILE}" -N "" -C "deployment key for ${KEYNAME}" > /dev/null
+
+# add public key
+echo "command=\"${DEPLOY_SCRIPT} ${KEYNAME}\",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty,no-user-rc,restrict $(cat ${KEYFILE}.pub)" >> "/home/${PAGES_USER}/.ssh/authorized_keys"
+
+echo "Generate and configured new key in ${KEYFILE}"
+echo "Printing private key:"
+cat "${KEYFILE}"
+exit 0
+