-
Notifications
You must be signed in to change notification settings - Fork 0
/
setup
executable file
·218 lines (167 loc) · 6.25 KB
/
setup
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
#!/usr/bin/env bash
# Error logging.
function e_error() {
printf "$(tput setaf 1)✘ %s$(tput sgr0)\n" "$@"
}
# Header logging.
function e_header() {
printf "$(tput setaf 5)%s$(tput sgr0)\n" "$@"
}
# Info logging.
function e_info() {
printf "$(tput setaf 6)%s$(tput sgr0)\n" "$@"
}
# Success logging.
function e_success() {
printf "$(tput setaf 2)✔ %s$(tput sgr0)\n" "$@"
}
# If we are trying to clone the repo into the $HOME directory, clone it into
# `~/ssh` instead.
if [ "$PWD" == "$HOME" ]; then
mkdir "$HOME/ssh"
cd $HOME/ssh
fi
# Initialize the git repository if it's missing.
if [ ! -d .git ]; then
# Fetch the repo.
e_header "Fetching repo..."
git clone https://github.com/whitneyit/ssh.git temp
# Info the user where the repo is located.
e_info "Repo located at: \"$PWD\""
# If we are running inside a `cygwin` environment, we need to change the
# "group" on the files so that we can change the permissions of the files.
if [ "$(uname -s | grep -c CYGWIN)" -gt 0 ]; then
chgrp -R Users $PWD
# And here we do the same for a `vagrant` environment.
elif [ -d /home/vagrant ]; then
chown -R vagrant:vagrant $PWD
fi
# Do some fancy footwork to move the repo into this given directory. This
# works even if the directory is not empty, so a point of caution there...
mv temp/.git ./.git
rm -rf temp
# Now we restore the repo.
git reset --hard
# And remove old files.
git clean -dfx
# Now we modify the origin url to use our `ssh` address. We do this so that
# when we modify the repo we don't have to worry about passwords.
e_info "Updating origin url..."
git remote set-url origin [email protected]:whitneyit/ssh.git
fi
# If the `~/.ssh` folder doesn't already exist, create it now.
if [ ! -d $HOME/.ssh ]; then
mkdir -p $HOME/.ssh
fi
# Open up the `~/.ssh` folder for editing. We do this outside of the check
# above so that even when the directory does exist, we will reset the folders
# permissions and ensure that we can edit the contents.
chmod 755 $HOME/.ssh
# If a previous `~/.ssh/config` file exists, back it up now.
if [ -f $HOME/.ssh/config ]; then
# Define our directories to work with
TIMESTAMP_DIRECTORY="$(date +%Y-%m-%d_%H-%M-%S)"
BACKUP_DIRECTORY="$HOME/.ssh/backups/$TIMESTAMP_DIRECTORY"
# If the user is spamming this command more than once per second, we should
# just bail now. What this is actually saying is if the directory already
# exists, (defined down to the second), when then just kill the shell.
if [ -d "$BACKUP_DIRECTORY" ]; then
exit 0
fi
# Create the timestamped backup directory.
mkdir -p "$BACKUP_DIRECTORY"
# Test to make sure that our directory was created.
if [ ! -d "$BACKUP_DIRECTORY" ]; then
e_error "Unable to create \"Backup directory\": $BACKUP_DIRECTORY. Aborting"
exit 0
fi
# Backup the file.
mv $HOME/.ssh/config "$BACKUP_DIRECTORY"
# Inform the user that we are backing up the `config` file.
e_info "Backed up \"~/.ssh/config\" to \"~/.ssh/backups/$TIMESTAMP_DIRECTORY/config\""
fi
# If we are running inside a vagrant box we do not need to create any ssh keys
# because they should already be forwarded from the host box.
if [ ! -d /home/vagrant ]; then
# Read the keys.
KEYS="$(cat "$HOME/.keys")"
# Here we loop over each line in the file.
for line in $KEYS; do
# Here we convert the line of the file into a real variable.
key=$(eval echo "$line")
# Handle empty lines or comments
if [ -z "$key" ]; then
continue
fi
# See if the key exists.
if [ -f "$HOME/.ssh/$key" ]; then
# If we are running inside a cygwin box, we need to set the group.
if [ "$(uname -s | grep -c CYGWIN)" -gt 0 ]; then
chgrp Users "$HOME/.ssh/$key"
chgrp Users "$HOME/.ssh/$key.pub"
fi
# If the $key doesn't exist.
else
# Generate a new key.
ssh-keygen -t rsa -C "$key" -f "$key" -N ""
mv "$key" "$HOME/.ssh"
mv "$key.pub" "$HOME/.ssh"
e_info "Created key: $key at $HOME/.ssh/$key"
fi
# Set the permissions of the key.
chmod 600 "$HOME/.ssh/$key"
chmod 600 "$HOME/.ssh/$key.pub"
# Add the key to the `ssh-agent`.
eval ssh-add "$HOME/.ssh/$key"
done
fi
# If we are missing a `authorized_keys` file, create one now.
if [ ! -f $HOME/.ssh/authorized_keys ]; then
touch $HOME/.ssh/authorized_keys
fi
chmod 644 $HOME/.ssh/authorized_keys
# Same goes with `hosts_file` file.
if [ ! -f $HOME/.ssh/known_hosts ]; then
touch $HOME/.ssh/known_hosts
fi
chmod 644 $HOME/.ssh/known_hosts
# Copy over the new `config` file and set its permissions.
cp config $HOME/.ssh/config
chmod 644 $HOME/.ssh/config
# When running in `cygwin`, change the group of the `~/.ssh` folder and all of
# its children folders and files. More information on why you need to change the
# group can be found here:
# http://superuser.com/questions/397288
if [ "$(uname -s | grep -c CYGWIN)" -gt 0 ]; then
chgrp -R Users $HOME/.ssh
elif [ -d /home/vagrant ]; then
chown -R vagrant:vagrant $HOME/.ssh
fi
# If we are using vagrant change the group for vagrant's main ssh key.
if [ -f $HOME/.vagrant.d/insecure_private_key ]; then
chgrp Users $HOME/.vagrant.d/insecure_private_key
chmod 600 $HOME/.vagrant.d/insecure_private_key
fi
# Ensure that we have a folder for our soon to be created `ssh_setup` file.
if [ ! -d /usr/local/bin ]; then
# User sudo if it is available.
if [ "$(type -P sudo)" ]; then
sudo mkdir -p /usr/local/bin
else
mkdir -p /usr/local/bin
fi
fi
# Set the ownership of `/usr/local/bin` correctly.
if [ "$(uname -s | grep -c CYGWIN)" -gt 0 ]; then
chgrp Users /usr/local/bin
elif [ -d /home/vagrant ]; then
sudo chown vagrant:vagrant /usr/local/bin
fi
# With everything now complete, we can "close" the `~/.ssh` folder. The `~/.ssh`
# folder needs to be 700 and any ssh keys as well as the config file must, be
# set to 600.
chmod 700 $HOME/.ssh
chmod 600 $HOME/.ssh/config
# And finally that's it. Repo updated!
e_success "SSH setup complete"
# vim: set syn=sh :