service account needs exit
All checks were successful
gitea.arg.rip/deployment/pipeline/head This commit looks good

This commit is contained in:
adam 2024-12-06 18:04:58 -05:00
parent 4a4fb4158f
commit f609d41c51
2 changed files with 14 additions and 6 deletions

View File

@ -220,12 +220,18 @@ pipeline {
ssh-keyscan -t ed25519 ${targetHost} >> ~/.ssh/known_hosts ssh-keyscan -t ed25519 ${targetHost} >> ~/.ssh/known_hosts
cat "${PK}" cat "${PK}"
curl -u '${env.GITEA_USR}:${env.GITEATOKEN}' https://gitea.arg.rip/greyn/deployment/raw/branch/main/scripts/serviceaccount.sh --output serviceaccount.sh curl -u '${env.GITEA_USR}:${env.GITEATOKEN}' https://gitea.arg.rip/greyn/deployment/raw/branch/service/scripts/serviceaccount.sh --output serviceaccount.sh
sed -i 's/USERNAMETOADD=/USERNAMETOADD="${servicename}"/' serviceaccount.sh sed -i 's/USERNAMETOADD=/USERNAMETOADD="${servicename}"/' serviceaccount.sh
sed -i 's/PASSWORDTOADD=/PASSWORDTOADD="${env.pw_linuxserviceaccount}"/' serviceaccount.sh sed -i 's/PASSWORDTOADD=/PASSWORDTOADD="${env.pw_linuxserviceaccount}"/' serviceaccount.sh
sed -i 's/PUBKEYCONTENT=/PUBKEYCONTENT="${env.pubkeycontent}"/' serviceaccount.sh sed -i 's/PUBKEYCONTENT=/PUBKEYCONTENT="${env.pubkeycontent}"/' serviceaccount.sh
sed -i 's/SUDOER_PSW=/SUDOER_PSW="${SUDOER_PSW}"/' serviceaccount.sh sed -i 's/SUDOER_PSW=/SUDOER_PSW="${SUDOER_PSW}"/' serviceaccount.sh
echo "serviceaccount :)"
pwd
ls
cat serviceaccount.sh
ssh -i \"${PK}\" -tt ${SUDOER_USR}@${targetHost} <serviceaccount.sh ssh -i \"${PK}\" -tt ${SUDOER_USR}@${targetHost} <serviceaccount.sh
rm serviceaccount.sh rm serviceaccount.sh
""" """

View File

@ -1,11 +1,11 @@
#!/bin/bash #!/bin/bash
USERNAMETOADD=
PASSWORDTOADD=
PUBKEYCONTENT=
SUDOER_PSW= SUDOER_PSW=
function restofscript(){ function restofscript(){
USERNAMETOADD=
PASSWORDTOADD=
PUBKEYCONTENT=
useradd -m -s /bin/bash ${USERNAMETOADD} useradd -m -s /bin/bash ${USERNAMETOADD}
echo "${USERNAMETOADD}:${PASSWORDTOADD}" | chpasswd echo "${USERNAMETOADD}:${PASSWORDTOADD}" | chpasswd
loginctl enable-linger ${USERNAMETOADD} loginctl enable-linger ${USERNAMETOADD}
@ -13,8 +13,10 @@ function restofscript(){
mkdir .ssh mkdir .ssh
pushd .ssh pushd .ssh
echo ${PUBKEYCONTENT} > authorized_keys echo ${PUBKEYCONTENT} > authorized_keys
chmod 600 authorized_keys
popd popd
chown -R "${USERNAMETOADD}:${USERNAMETOADD}' .ssh chown -R '${USERNAMETOADD}:${USERNAMETOADD}' .ssh
} }
echo "${SUDOER_PSW}" | sudo -S restofscript echo "${SUDOER_PSW}" | sudo -S bash -c "$(declare -f restofscript); restofscript"
exit