quico-os-setup/arch-zbm
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity

19-define-os-ip #24

Merged
hygienic-books merged 23 commits from 19-define-os-ip into main 2023-11-12 03:26:37 +00:00
Conversation 0 Commits 23 Files Changed 2 +60
1 changed files with 60 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit acc6b2c721 - Show all commits

60
setup.sh
View File

@ -282,6 +282,48 @@ function setup_env_vars () {
fi
fi
if [[ "${want_ssh_in_zbm}" ]]; then
echo 'Do you want to define OS root user'"'"'s SSH pub key?'
select arg_root_pub_keys in 'Yes (let me specify)' 'Yes (use ZBM pub keys)' 'No (don'"'"'t enable sshd.service)'; do
case "${arg_root_pub_keys}" in
'Yes (let me specify)')
want_custom_pub_keys_in_os='true'
break
;;
'Yes (use ZBM pub keys)')
ARCHZBM_OS_SSH_AUTH_KEYS="${ARCHZBM_SSH_AUTH_KEYS}"
break
;;
'No (don'"'"'t enable sshd.service)')
break
;;
esac
done <&3 && echo
if [[ "${want_custom_pub_keys_in_os}" ]]; then
read -u3 -p 'Please type SSH pub keys on one line separated by double-commas (,,) and confirm with <Enter>: ' ARCHZBM_OS_SSH_AUTH_KEYS
echo
fi
else
echo 'Do you want to define OS root user'"'"'s SSH pub key?'
select arg_root_pub_keys in 'Yes (let me specify)' 'No (don'"'"'t enable sshd.service)'; do
case "${arg_root_pub_keys}" in
'Yes (let me specify)')
want_own_pub_key_in_os='true'
break
;;
'No (don'"'"'t enable sshd.service)')
break
;;
esac
done <&3 && echo
if [[ "${want_own_pub_key_in_os}" ]]; then
read -u3 -p 'Please type SSH pub keys on one line separated by double-commas (,,) and confirm with <Enter>: ' ARCHZBM_OS_SSH_AUTH_KEYS
echo
fi
fi
if [[ "${want_dns_and_ntp}" ]]; then
read -u3 -p 'Specify one or more comma-separated DNS IPs: ' ARCHZBM_OS_DNS_IP
echo
@ -1366,6 +1408,21 @@ EOF
systemctl disable 'systemd-networkd-wait-online' --root='/mnt'
}
function configure_sshd () {
local pub_key_line
cat >> '/mnt/etc/ssh/sshd_config.d/40-defaults.conf' <<"EOF"
PasswordAuthentication no
PermitRootLogin yes
EOF
while IFS= read -r pub_key_line; do
printf -- '%s\n' "${pub_key_line}" >> '/mnt/root/.ssh/authorized_keys'
done < <(<<<"${ARCHZBM_OS_SSH_AUTH_KEYS}" sed -r -e 's/,,/\n/g')
systemctl enable 'sshd.service' --root='/mnt'
}
function configure_dns () {
#3.4
rm '/mnt/etc/resolv.conf'
@ -1453,6 +1510,9 @@ function finalize_os_setup () {
#3.1
set_root_pw #3.2
configure_networking #3.3
if [[ "${ARCHZBM_OS_SSH_AUTH_KEYS}" ]]; then
configure_sshd
fi
configure_dns #3.4
configure_reflector #3.5
configure_zfs #3.6