greyn/deployment
2
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases 3 Wiki Activity

send the .pub separately
All checks were successful
gitea.arg.rip/deployment/pipeline/head This commit looks good
Details

Browse Source
This commit is contained in:
adam 2024-12-06 20:19:28 -05:00
parent 76bb0ad258
commit 616f560e7b
2 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
scripts/1clickservice.groovy
View File

@ -204,7 +204,7 @@ pipeline {
rm cookies.txt rm cookies.txt
pushd ${servicename} pushd ${servicename}
git -c core.sshCommand="ssh -i '$PK'\" push git -c core.sshCommand="ssh -i '${PK}'\" push
""" """
} }
} }
@ -215,20 +215,18 @@ pipeline {
script { script {
withCredentials([sshUserPrivateKey(credentialsId: env.SUDOERSSHID, keyFileVariable: 'PK')]) withCredentials([sshUserPrivateKey(credentialsId: env.SUDOERSSHID, keyFileVariable: 'PK')])
{ {
sh 'scp ${servicename}-ssh.pub -i \"${PK}\" ${SUDOER_USR}@${targetHost}:~/ssh.pub'
sh """#!/bin/bash sh """#!/bin/bash
ssh-keyscan -t ed25519 ${targetHost} >> ~/.ssh/known_hosts ssh-keyscan -t ed25519 ${targetHost} >> ~/.ssh/known_hosts
cat "${PK}"
curl -u '${env.GITEA_USR}:${env.GITEATOKEN}' https://gitea.arg.rip/greyn/deployment/raw/branch/service/scripts/serviceaccount.sh --output serviceaccount.sh curl -u '${env.GITEA_USR}:${env.GITEATOKEN}' https://gitea.arg.rip/greyn/deployment/raw/branch/service/scripts/serviceaccount.sh --output serviceaccount.sh
sed -i 's/USERNAMETOADD=/USERNAMETOADD="${servicename}"/' serviceaccount.sh sed -i 's/USERNAMETOADD=/USERNAMETOADD="${servicename}"/' serviceaccount.sh
sed -i 's/PASSWORDTOADD=/PASSWORDTOADD="${env.pw_linuxserviceaccount}"/' serviceaccount.sh sed -i 's/PASSWORDTOADD=/PASSWORDTOADD="${env.pw_linuxserviceaccount}"/' serviceaccount.sh
sed -i "s/PUBKEYCONTENT=/PUBKEYCONTENT=\"\$(cat ${servicename}-ssh.pub)"/\" serviceaccount.sh
sed -i 's/SUDOER_PSW=/SUDOER_PSW="${SUDOER_PSW}"/' serviceaccount.sh sed -i 's/SUDOER_PSW=/SUDOER_PSW="${SUDOER_PSW}"/' serviceaccount.sh
echo "serviceaccount :)" echo "serviceaccount :)"
pwd
ls
cat serviceaccount.sh cat serviceaccount.sh
ssh -i \"${PK}\" -tt ${SUDOER_USR}@${targetHost} <serviceaccount.sh ssh -i \"${PK}\" -tt ${SUDOER_USR}@${targetHost} <serviceaccount.sh

6
scripts/serviceaccount.sh
View File

@ -12,10 +12,10 @@ function restofscript(){
cd /home/${USERNAMETOADD} cd /home/${USERNAMETOADD}
mkdir .ssh mkdir .ssh
pushd .ssh pushd .ssh
pwd touch authorized_keys
echo ${PUBKEYCONTENT} >> authorized_keys
chmod 600 authorized_keys
popd popd
cat ssh.pub >> .ssh/authorized_keys
chmod 600 authorized_keys
chown -R "${USERNAMETOADD}:${USERNAMETOADD}" .ssh chown -R "${USERNAMETOADD}:${USERNAMETOADD}" .ssh
} }