greyn/deployment
2
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases 3 Wiki Activity

don't command from within the new user's directory
All checks were successful
gitea.arg.rip/deployment/pipeline/head This commit looks good
Details

Browse Source
This commit is contained in:
adam 2024-12-06 20:39:16 -05:00
parent 616f560e7b
commit 69a74f1855
2 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/1clickservice.groovy
View File

@ -215,7 +215,9 @@ pipeline {
script { script {
withCredentials([sshUserPrivateKey(credentialsId: env.SUDOERSSHID, keyFileVariable: 'PK')]) withCredentials([sshUserPrivateKey(credentialsId: env.SUDOERSSHID, keyFileVariable: 'PK')])
{ {
sh 'scp ${servicename}-ssh.pub -i \"${PK}\" ${SUDOER_USR}@${targetHost}:~/ssh.pub' sh """#!/bin/bash
scp -i \"${PK}\" ${servicename}-ssh.pub ${SUDOER_USR}@${targetHost}:~/ssh.pub
"""
sh """#!/bin/bash sh """#!/bin/bash
ssh-keyscan -t ed25519 ${targetHost} >> ~/.ssh/known_hosts ssh-keyscan -t ed25519 ${targetHost} >> ~/.ssh/known_hosts

14
scripts/serviceaccount.sh
View File

@ -5,18 +5,14 @@ SUDOER_PSW=
function restofscript(){ function restofscript(){
USERNAMETOADD= USERNAMETOADD=
PASSWORDTOADD= PASSWORDTOADD=
PUBKEYCONTENT=
useradd -m -s /bin/bash ${USERNAMETOADD} useradd -m -s /bin/bash ${USERNAMETOADD}
echo "${USERNAMETOADD}:${PASSWORDTOADD}" | chpasswd echo "${USERNAMETOADD}:${PASSWORDTOADD}" | chpasswd
loginctl enable-linger ${USERNAMETOADD} loginctl enable-linger ${USERNAMETOADD}
cd /home/${USERNAMETOADD} mkdir /home/${USERNAMETOADD}/.ssh
mkdir .ssh touch /home/${USERNAMETOADD}/authorized_keys
pushd .ssh cat ssh.pub >> /home/${USERNAMETOADD}/.ssh/authorized_keys
touch authorized_keys chmod 600 /home/${USERNAMETOADD}/authorized_keys
popd chown -R "${USERNAMETOADD}:${USERNAMETOADD}" /home/${USERNAMETOADD}/.ssh
cat ssh.pub >> .ssh/authorized_keys
chmod 600 authorized_keys
chown -R "${USERNAMETOADD}:${USERNAMETOADD}" .ssh
} }
echo "${SUDOER_PSW}" | sudo -S bash -c "$(declare -f restofscript); restofscript" echo "${SUDOER_PSW}" | sudo -S bash -c "$(declare -f restofscript); restofscript"