pages/setup-key.sh

43 lines
1 KiB
Bash
Executable file

#! /bin/bash
# This script creates a new ssh key-pair and sets it up to be able to deploy to a specific directory only
# Abort on any mistake
set -e
# configurable constants for this script
KEY_DIR=/var/lib/pages-manager/keys/
PAGES_USER=pages
DEPLOY_SCRIPT=/home/${PAGES_USER}/deploy.sh
mkdir -p "${KEY_DIR}"
if [ "$#" -ne 1 ]; then
echo "Usage: $0 DEPLOY_SUBDIR"
fi
KEYNAME=$1
KEYFILE="${KEY_DIR}/id_${KEYNAME/\//.}"
if [ -e "${KEYFILE}" ]; then
echo "Found existing key in ${KEYFILE}, aborting."
echo "Printing private key:"
cat "${KEYFILE}"
exit 1
fi
mkdir -p "${KEY_DIR}"
chmod 700 "${KEY_DIR}"
# generate key
ssh-keygen -t ed25519 -f "${KEYFILE}" -N "" -C "deployment key for ${KEYNAME}" > /dev/null
# add public key
echo "command=\"${DEPLOY_SCRIPT} ${KEYNAME}\",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty,no-user-rc,restrict $(cat ${KEYFILE}.pub)" >> "/home/${PAGES_USER}/.ssh/authorized_keys"
echo "Generate and configured new key in ${KEYFILE}"
echo "Printing private key:"
cat "${KEYFILE}"
exit 0