Small fixes to setup script.
This commit is contained in:
parent
87641a0714
commit
f35b108e17
3 changed files with 14 additions and 23 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1,2 +1,3 @@
|
||||||
etc/ssh/*key*
|
etc/ssh/*key*
|
||||||
etc/ssh/.ssh/
|
etc/ssh/.ssh/
|
||||||
|
config/
|
||||||
|
|
34
setup.sh
34
setup.sh
|
@ -19,16 +19,22 @@ check() {
|
||||||
}
|
}
|
||||||
|
|
||||||
setup_base() {
|
setup_base() {
|
||||||
mkdir -p "${PROJECT_PATH}/config" "${PROJECT_PATH}/caddy_data"
|
printf 'Change ownership of "%s" to "%s"? (setup may fail otherwise)\n' "${PROJECT_PATH}" "${WHOAMI}"
|
||||||
|
printf 'running: "sudo chown -R %s %s"\n' "${WHOAMI}:${WHOAMI}" "${PROJECT_PATH}"
|
||||||
|
if check 'Continue? [Y/n] '
|
||||||
|
then
|
||||||
|
sudo chown -R "${WHOAMI}:${WHOAMI}" "${PROJECT_PATH}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
mkdir -p "${PROJECT_PATH}/config" "${PROJECT_PATH}/caddy_data" "${PROJECT_PATH}/etc/ssh/.ssh"
|
||||||
|
touch "${PROJECT_PATH}/config/Caddyfile" "${PROJECT_PATH}/etc/ssh/.ssh/authorized_keys"
|
||||||
if [ "$(uname -s)" = 'Darwin' ] && [ ! -w '/etc/hosts' ]
|
if [ "$(uname -s)" = 'Darwin' ] && [ ! -w '/etc/hosts' ]
|
||||||
then
|
then
|
||||||
printf 'On MacOS docker is run by your local user (not root).\nYour user has no write permission for "/etc/hosts".\nRunning: "sudo chown %s /etc/hosts"\n' "${WHOAMI}"
|
printf 'On MacOS docker is run by your local user (not root).\nYour user has no write permission for "/etc/hosts".\nRunning: "sudo chown %s /etc/hosts"\n' "${WHOAMI}"
|
||||||
if check 'Continue? [Y/n] '
|
if check 'Continue? [Y/n] '
|
||||||
then
|
then
|
||||||
sudo chown "${WHOAMI}" '/etc/hosts'
|
sudo chown "${WHOAMI}" '/etc/hosts'
|
||||||
else
|
|
||||||
printf 'Setup Aborted!\n'
|
|
||||||
exit 1
|
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
@ -91,31 +97,15 @@ setup_sqlproxy() {
|
||||||
printf '"""\nHost %s\n Port 3022\n User sqlproxy\n IdentityFile ~/.ssh/%s\n"""\n' "${HOST_NAME}" "${KEY_NAME}"
|
printf '"""\nHost %s\n Port 3022\n User sqlproxy\n IdentityFile ~/.ssh/%s\n"""\n' "${HOST_NAME}" "${KEY_NAME}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Fix permssions if necessary
|
|
||||||
if [[ ! -w "${PROJECT_PATH}/etc/ssh/.ssh" ]] || [[ ! -w "${PROJECT_PATH}/etc/ssh/.ssh/authorized_keys" ]]
|
|
||||||
then
|
|
||||||
printf 'Missing file permissions for authorized key file\nrunning: "sudo chown -R %s %s"\n' "${WHOAMI}:${WHOAMI}" "${PROJECT_PATH}"
|
|
||||||
if check 'Continue? [Y/n] '
|
|
||||||
then
|
|
||||||
sudo chown -R "${WHOAMI}:${WHOAMI}" "${PROJECT_PATH}"
|
|
||||||
else
|
|
||||||
printf 'Setup Aborted!\n'
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Check if public key is already in the containers authorized_keys file
|
# Check if public key is already in the containers authorized_keys file
|
||||||
PUB_KEY="$(cat ${HOME}/.ssh/${KEY_NAME}.pub)"
|
PUB_KEY="$(cat ${HOME}/.ssh/${KEY_NAME}.pub)"
|
||||||
if ! grep -qe "$(printf '%s$' "${PUB_KEY}")" "${PROJECT_PATH}/etc/ssh/.ssh/authorized_keys"
|
if ! grep -qe "$(printf '%s$' "${PUB_KEY}")" "${PROJECT_PATH}/etc/ssh/.ssh/authorized_keys"
|
||||||
then
|
then
|
||||||
printf 'command="/sqlproxy_cli.sh" %s' "${PUB_KEY}" >> "${PROJECT_PATH}/etc/ssh/.ssh/authorized_keys"
|
printf 'command="/sqlproxy_cli.sh" %s' "${PUB_KEY}" >> "${PROJECT_PATH}/etc/ssh/.ssh/authorized_keys"
|
||||||
fi
|
fi
|
||||||
# Restart sshd if permissions were changed
|
|
||||||
if [ ! -z "${WHOAMI}" ]
|
|
||||||
then
|
|
||||||
printf 'Restarting sql proxy (if running) to fix permissions.\n'
|
printf 'Restarting sql proxy (if running) to fix permissions.\n'
|
||||||
docker compose --project-directory "${PROJECT_PATH}" -f "${PROJECT_PATH}/docker-compose.yml" -f "${PROJECT_PATH}/docker-compose-sqlproxy.yml" restart sshd
|
docker compose --project-directory "${PROJECT_PATH}" -f "${PROJECT_PATH}/docker-compose.yml" restart sshd
|
||||||
fi
|
|
||||||
else
|
else
|
||||||
printf 'Not generating client ssh key.\nPlease put your desired public keys into %s\nAlso add %s in front of your key\n' "${PROJECT_PATH}/etc/ssh/.ssh/authorized_keys" "'command=\"/sqlproxy_cli.sh\" '"
|
printf 'Not generating client ssh key.\nPlease put your desired public keys into %s\nAlso add %s in front of your key\n' "${PROJECT_PATH}/etc/ssh/.ssh/authorized_keys" "'command=\"/sqlproxy_cli.sh\" '"
|
||||||
fi
|
fi
|
||||||
|
|
Loading…
Reference in a new issue