greyn/deployment
2
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Compare commits

base: greyn:main
Branches Tags
greyn:main
greyn:release
greyn:service
greyn:predev
greyn:3
greyn:2
greyn:1
..
compare: greyn:predev
Branches Tags
greyn:main
greyn:release
greyn:service
greyn:predev
greyn:3
greyn:2
greyn:1

No commits in common. "main" and "predev" have entirely different histories.
main ... predev

8 changed files with 1 additions and 603 deletions
Show Stats Expand all files Collapse all files

2
Deployment/greyn.Deployment.csproj → Deployment/Deployment.csproj
View File

@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk"> <Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup> <PropertyGroup>
<TargetFramework>net7.0</TargetFramework> <TargetFramework>net8.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings> <ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable> <Nullable>enable</Nullable>
<IsPackable>true</IsPackable> <IsPackable>true</IsPackable>

78
Jenkinsfile vendored
View File

@ -1,78 +0,0 @@
pipeline {
agent any
stages {
stage('nuget pack'){
steps{
dotnetPack(outputDirectory: "./", project: "Deployment/greyn.Deployment.csproj")
}
}
stage('build numberify'){
steps{
//sed -i 's/<Version>\\([0-9]\\+\\.[0-9]\\)\\.[0-9]\\+<\\/Version>/<Version>\\1.$BUILD_NUMBER<\\/Version>/' nugettest/nugettest.csproj
sh """
filename=\$(ls ./*.nupkg | head -1)
fullfilename=\$(basename -- \$filename)
noext=\${fullfilename%.*}
mv "\$filename" \$noext-\$BUILD_NUMBER.nupkg
filename=null
fullfilename=null
noext=null
"""
}
}
stage('release'){
when {
branch "release"
}
environment {
GITEA = credentials('0bd7c8f5-046c-44b9-9c77-7a28a219ae31')
}
steps{
sh """
filename=\$(ls ./*.nupkg | head -1)
fullfilename=\$(basename -- \$filename)
noext=\${fullfilename%.*}
curl -X 'POST' \
-o release.json \
'https://gitea.arg.rip/api/v1/repos/greyn/deployment/releases' \
-H 'accept: application/json' \
-H 'Authorization: token $GITEA_PSW' \
-H 'Content-Type: application/json' \
-d '{
"body": "automatic build at '"\$(date)"'",
"draft": false,
"name": "$BUILD_NUMBER",
"prerelease": false,
"tag_name": "$BUILD_NUMBER",
"target_commitish": "$GIT_COMMIT"
}'
cat release.json
releaseid=\$(cat release.json | jq .id)
postURL="https://gitea.arg.rip/api/v1/repos/greyn/deployment/releases/\$releaseid/assets?name=\$noext"
curl -X 'POST' \
\$postURL \
-H 'accept: application/json' \
-H 'Authorization: token $GITEA_PSW' \
-H 'Content-Type: multipart/form-data' \
-F "attachment=@\$fullfilename;type=application/nupkg"
releaseid=null
filename=null
fullfilename=null
noext=null
postURL=null
"""
dotnetNuGetPush(root: "./*.nupkg", source:"greyngitea", skipDuplicate:true)
}
}
}
post {
always {
cleanWs()
}
}
}

299
scripts/1clickservice.groovy
View File

@ -1,299 +0,0 @@
pipeline {
agent any
parameters {
string(name: 'servicename', description: "service name")
string(name: 'svcdesc', description: "service description")
string(name: 'targetHost', description: "system to live on", defaultValue: "moloryb.lan")
}
environment {
SUDOER_ALLOCES = credentials('a674f816-2b35-4d60-ba60-7b66e86f3c5c')
SUDOER_MOLORYB = credentials('1f3b965e-bcc0-4074-99f2-b64dddbf7de7')
SUDOERSSHID = '2c48e1a9-22b2-455c-9959-6b29e86d3fb5'
SUDOERSSH = credentials('2c48e1a9-22b2-455c-9959-6b29e86d3fb5')
JENKINS = credentials('68391381-e095-4b47-b956-d23055b0808e')
GITEATOKEN = credentials('d0e86441-2157-405f-8539-a9a9010c6ecf')
GITEA_USR='jenkins'
}
stages {
stage("environment setup") { //my environment, here.
steps {
script {
if (servicename.isEmpty()) {
error("servicename mandatory")
}
if (servicename.contains(' ')) {
error("servicename cannot have spaces. try dashes.")
}
sh """#!/bin/bash
function testcmd(){
if ! command -v \$1 2>&1 >/dev/null
then
echo "this agent doesn't have \$1"
exit 1
fi
}
testcmd mktemp
testcmd curl
testcmd git
testcmd sed
testcmd ssh
testcmd ssh-keyscan
testcmd ssh-keygen
testcmd scp
testcmd jq
"""
switch (targetHost) {
case "alloces.lan":
SUDOER_USR = SUDOER_ALLOCES_USR
SUDOER_PSW = SUDOER_ALLOCES_PSW
case "moloryb.lan":
SUDOER_USR=SUDOER_MOLORYB_USR
SUDOER_PSW=SUDOER_MOLORYB_PSW
break
default:
error("target host not recognized. btw: yes .lan, all lowercase.")
}
env.pw_linuxserviceaccount=sh(returnStdout: true, script: "mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX").trim()
echo env.pw_linuxserviceaccount
env.pw_productiondatabase=sh(returnStdout: true, script: "mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX").trim()
echo env.pw_productiondatabase
env.pw_developmentdatabase=sh(returnStdout: true, script: "mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX").trim()
echo env.pw_developmentdatabase
}
}
}
stage("gitea project"){
steps{
sh """
curl -X 'POST' \
'https://gitea.arg.rip/api/v1/repos/greyn/_template-service/generate' \
-H 'accept: application/json' \
-H 'Authorization: token ${env.GITEATOKEN}' \
-H 'Content-Type: application/json' \
-d '{
"description": "${svcdesc}",
"git_content": true,
"git_hooks": true,
"labels": true,
"name": "${servicename}",
"owner": "greyn",
"private": false,
"protected_branch": true,
"topics": true,
"webhooks": true
}'
"""
}
}
stage("jenkins pipeline"){
steps{
//the bad news is that it looks like it's not allowed to trigger just any old job remotely
//the good news is that this seems to pick it up pretty reliably
//sh """
// curl -X POST -L --user ${env.JENKINS_USR}:${env.JENKINS_PSW} \
// alloces.lan:8080/job/gitea.arg.rip/build
// """
timeout(time: 5, unit: 'MINUTES') {
sh """
strRes=""
while [ -z "\$strRes" ];
do
sleep 5;
#curl -X GET ${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/api/json
curl -X GET -s ${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/api/json > f.json
strRes=\$(jq '.jobs' f.json | jq '.[] | select(.name==\"${env.servicename}\")')
rm f.json
done
"""
}
withCredentials([sshUserPrivateKey(credentialsId: 'f42347e9-e3b5-44af-a1af-c5e7b9775fee', keyFileVariable: 'PK')]) {
sh """#!/bin/bash
#mkdir -p ~/.ssh
ssh-keyscan -t ed25519 gitea.arg.rip >> ~/.ssh/known_hosts
#cat ~/.ssh/known_hosts
#shit doesn't work. ssh in, git clone, get your shit set up for keys.
git -c core.sshCommand="ssh -i '$PK'\" clone ssh://git@gitea.arg.rip:8022/greyn/${servicename}.git
#fyi, future me: pushd is useless here, it pops out. Like it's loading a script and exiting.
"""
script {
sh """#!/bin/bash
pushd ${servicename}
databaseString="Host=${targetHost};Database=${servicename};Username=${servicename};Password=${env.pw_productiondatabase};IncludeErrorDetail=true;"
databasecredsid=\$(uuidgen)
httpBasicAuth=\"http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/\"
urlGetData=\"crumbIssuer/api/xml?xpath=concat(//crumbRequestField,\\":\\",//crumb)\"
CRUMB=\$(curl -s -c cookies.txt \"\${httpBasicAuth}\${urlGetData}\")
curl -H \$CRUMB -X POST \"http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/job/${servicename}/credentials/store/folder/domain/_/createCredentials\" \
--data-urlencode 'json={
"": "0",
"credentials": {
"scope": "GLOBAL",
"id": "'"\$databasecredsid"'",
"secret": "\$databaseString",
"description": "database connection string",
"\$class": "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl"
}
}'
credsStr="productiondatabase_connectionString=credentials(\\"\$databasecredsid\\")"
sed -i "s/productiondatabase_connectionString=creds/\$credsStr/" Jenkinsfile
rm cookies.txt
git add .
git commit -m \"set up for database\"
cp appsettings.sample.json appsettings.json
sed -i "s/\\"DBConnectionString\\" *: *\\"[^\\"]*\\"/\\"DBConnectionString\\":\\"\${databaseString}\\"/" appsettings.json
"""
sh """#!/bin/bash
usernameCredsId=\$(uuidgen)
CRUMB=\$(curl -c cookies.txt 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
echo \$CRUMB
curl -X POST 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/job/${servicename}/credentials/store/folder/domain/_/createCredentials' \
--data-urlencode 'json={
"": "0",
"credentials": {
"scope": "GLOBAL",
"id": "'"\$usernameCredsId"'",
"username": "${servicename}",
"password": "${env.pw_linuxserviceaccount}",
"description": "service account login",
"\$class": "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl"
}
}'
certCredsId=\$(uuidgen)
ssh-keygen -t ed25519 -f "${servicename}-ssh" -N ""
privatekeycontent=\$(cat ${servicename}-ssh)\$'\\n'
privatekeycontent="\$privatekeycontent
"
echo "private key content: \$privatekeycontent hopefully newline isn't the issue."
pubkeycontent=\$(cat ${servicename}-ssh.pub)
CRUMB=\$(curl -s 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
echo \$CRUMB
curl -X POST 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/job/${servicename}/credentials/store/folder/domain/_/createCredentials' \
--data-urlencode 'json={
"": "0",
"credentials": {
"scope": "GLOBAL",
"id": "'"\$certCredsId"'",
"username": "${servicename}",
"password": "",
"privateKeySource": {
"stapler-class": "com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey\$DirectEntryPrivateKeySource",
"privateKey": "\$privatekeycontent",
},
"description": "${servicename}",
"stapler-class": "com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey"
},
"description": "service account ssh",
"\$class": "com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey"
}
}'
rm cookies.txt
pushd ${servicename}
linuxServiceAccountStr="linuxServiceAccount=credentials(\\"\$usernameCredsId\\")"
linuxServiceAccountIDStr="linuxServiceAccountID=\\"\$certCredsId\\""
sed -i "s/linuxServiceAccount=creds/\$linuxServiceAccountStr/" Jenkinsfile
sed -i "s/linuxServiceAccountID=string/\$linuxServiceAccountIDStr/" Jenkinsfile
sed -i 's/targetHost=string/targetHost="${targetHost}"/' Jenkinsfile
git add .
git commit -m "linux account, service host"
git -c core.sshCommand="ssh -i '${PK}'\" push
"""
}
}
}
}
stage("service account"){
steps{
script {
withCredentials([sshUserPrivateKey(credentialsId: env.SUDOERSSHID, keyFileVariable: 'PK')])
{
sh """#!/bin/bash
ssh-keyscan -t ed25519 ${targetHost} >> ~/.ssh/known_hosts
"""
sh """#!/bin/bash
scp -i \"${PK}\" ${servicename}-ssh.pub ${SUDOER_USR}@${targetHost}:~/ssh.pub
"""
sh """#!/bin/bash
curl -u '${env.GITEA_USR}:${env.GITEATOKEN}' https://gitea.arg.rip/greyn/deployment/raw/branch/main/scripts/serviceaccount.sh --output serviceaccount.sh
sed -i 's/USERNAMETOADD=/USERNAMETOADD="${servicename}"/' serviceaccount.sh
sed -i 's/PASSWORDTOADD=/PASSWORDTOADD="${env.pw_linuxserviceaccount}"/' serviceaccount.sh
sed -i 's/SUDOER_PSW=/SUDOER_PSW="${SUDOER_PSW}"/' serviceaccount.sh
ssh -i \"${PK}\" -tt ${SUDOER_USR}@${targetHost} <serviceaccount.sh
rm serviceaccount.sh
"""
}
}
}
}
stage("db init"){
steps {
//i'm pretty sure "update" with nothing will init?
//meaning we don't have to init, first update will init
script {
withCredentials([sshUserPrivateKey(credentialsId: env.SUDOERSSHID, keyFileVariable: 'PK')])
{
sh """#!/bin/bash
curl -u '${env.GITEA_USR}:${env.GITEATOKEN}' https://gitea.arg.rip/greyn/deployment/raw/branch/main/scripts/databases.sh --output databases.sh
sed -i 's/SUDOER_PSW=/SUDOER_PSW="${SUDOER_PSW}"/' databases.sh
sed -i 's/pw_productiondatabase=/pw_productiondatabase="${env.pw_productiondatabase}/' databases.sh
sed -i 's/pw_developmentdatabase=/pw_developmentdatabase="${env.pw_developmentdatabase}/' databases.sh
sed -i 's/servicename=/servicename="${servicename}"/' databases.sh
ssh -i \"${PK}\" -tt ${SUDOER_USR}@${targetHost} <databases.sh
rm databases.sh
"""
}
}
}
}
stage("initial service setup"){
steps{
sh """#!/bin/bash
ssh -i "${servicename}-ssh" -tt ${servicename}@${targetHost} "mkdir -p ~/dist"
scp -i "${servicename}-ssh" ${servicename}/appsettings.json ${servicename}@${targetHost}:~/dist/appsettings.json
ssh -i "${servicename}-ssh" -tt ${servicename}@${targetHost} "mkdir -p ~/.config/systemd/user/"
scp -i "${servicename}-ssh" ${servicename}/${servicename}.service ${servicename}@${targetHost}:~/.config/systemd/user/${servicename}.service
ssh -i "${servicename}-ssh" -tt ${servicename}@${targetHost} 'systemctl --user daemon-reload'
ssh -i "${servicename}-ssh" -tt ${servicename}@${targetHost} 'systemctl --user enable ${servicename}.service'
"""
}
}
}
post {
failure {
matrixSendMessage https:true, hostname: 'greyn.club', port:8448, accessTokenCredentialsId: '040b63d1-2f14-4692-badb-114bddd7c5a5', roomId: '!QmOCACetHdGDlNFsZP:greyn.club', body: '1-click service failed :(', formattedBody: "1-click service <b>failed</b> :("
}
success {
matrixSendMessage https:true, hostname: 'greyn.club', port:8448, accessTokenCredentialsId: '040b63d1-2f14-4692-badb-114bddd7c5a5', roomId: '!QmOCACetHdGDlNFsZP:greyn.club', body: "${servicename} ready to go on ${targetHost}. username: ${servicename}, password: ${env.pw_linuxserviceaccount}. if db, prod db pw: ${env.pw_productiondatabase} and dev pw: ${env.pw_developmentdatabase}"
//TODO: archiveArtifacts the password data, then store them somewhere
}
}
}

189
scripts/beefhaving_video.groovy
View File

@ -1,189 +0,0 @@
pipeline {
agent any
parameters {
string(name: 'videoname', description: "video name")
string(name: 'videodesc', description: "video description")
}
environment {
JENKINSONGITEA=credentials('d0e86441-2157-405f-8539-a9a9010c6ecf')
JENKINSONMATRIXTOKEN=credentials('17d18fd7-29eb-4957-9532-ce42aaa9b4ec')
GITEAONMATRIXTOKEN=credentials('10bc888a-cb19-456e-b793-f85ee465d58e')
}
stages {
stage("environment setup") {
steps{
script{
if (videoname.isEmpty()) {
error("videoname mandatory")
}
if (videoname.contains(' ')) {
error("videoname cannot have spaces. try dashes.")
}
}
}
}
stage("create gitea project"){
steps{
script{
env.giteaCreateEvent=sh(returnStdout: true, script: """
curl -X 'POST' \
'https://gitea.arg.rip/api/v1/repos/beefhavers/_videotemplate/generate' \
-H 'accept: application/json' \
-H 'Authorization: token ${env.JENKINSONGITEA}' \
-H 'Content-Type: application/json' \
-d '{
"description": "${videodesc}",
"git_content": true,
"git_hooks": true,
"labels": true,
"name": "${videoname}",
"owner": "beefhavers",
"private": false,
"protected_branch": true,
"topics": true,
"webhooks": true
}'
""").trim()
if (!env.giteaCreateEvent?.trim()) {
error "couldn't make gitea repo, apparently"
}
}
}
}
stage("create matrix room"){
steps{
script{
env.roomcreationevent=sh(returnStdout: true, script: """
curl -X 'POST' \
'https://greyn.club:8448/_matrix/client/v3/createRoom' \
-H 'accept: application/json' \
-H 'Authorization: Bearer ${JENKINSONMATRIXTOKEN}' \
-H 'Content-Type: application/json' \
-d '{
"creation_content": {
"m.federate": false
},
"name": "${videoname}",
"preset": "public_chat",
"invite": ["@adam:greyn.club", "@gitea:greyn.club"],
"topic": "https://gitea.arg.rip/beefhavers/${videoname}"
}'
"""
).trim()
if (!env.roomcreationevent?.trim()) {
error "couldn't make matrix room, apparently"
}
echo "roomcreationevent:"
echo env.roomcreationevent
def jsonObj = readJSON text: env.roomcreationevent
env.room_id =jsonObj.room_id
if(!env.room_id?.trim()){
error "couldn't make matrix room, apparently"
}
env.spaceaddevent=sh(returnStdout: true, script: """
curl -X 'PUT' 'https://greyn.club:8448/_matrix/client/r0/rooms/!xLgVvcqtVzquTkCQGx:greyn.club/state/m.space.child/${env.room_id}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer ${JENKINSONMATRIXTOKEN}' \
-H 'Content-Type: application/json' \
-d '{
"via": ["greyn.club"]
}'
""").trim()
echo "spaceaddevent:"
echo env.spaceaddevent
env.elevatePrivsEvent=sh(returnStdout: true, script: """
curl -X 'PUT' 'https://greyn.club:8448/_matrix/client/v3/rooms/${env.room_id}/state/m.room.power_levels' \
-H 'accept: application/json' \
-H 'Authorization: Bearer ${JENKINSONMATRIXTOKEN}' \
-H 'Content-Type: application/json' \
-d '{
"users": {
"@adam:greyn.club": 100,
"@jenkins:greyn.club": 50
}
}'
""").trim()
echo "elevatePrivsEvent:"
echo env.elevatePrivsEvent
}
}
}
stage("tweak Jenkinsfile"){
steps{
withCredentials([sshUserPrivateKey(credentialsId: 'f42347e9-e3b5-44af-a1af-c5e7b9775fee', keyFileVariable: 'PK')]) {
sh """#!/bin/bash
#mkdir -p ~/.ssh
ssh-keyscan -t ed25519 gitea.arg.rip >> ~/.ssh/known_hosts
#cat ~/.ssh/known_hosts
#shit doesn't work. ssh in, git clone, get your shit set up for keys.
git -c core.sshCommand="ssh -i '$PK'\" clone ssh://git@gitea.arg.rip:8022/beefhavers/${videoname}.git
"""
script {
sh """#!/bin/bash
pushd ${videoname}
sed -i 's/MATRIX_ROOMID="todo"/MATRIX_ROOMID="${env.room_id}"/' Jenkinsfile
git add .
git commit -m "matrix room configured in jenkinsfile"
git -c core.sshCommand="ssh -i '${PK}'\" push
"""
}
}
}
}
stage("link gitea webhook"){
steps{
sh """
curl -X 'GET' 'https://gitea.arg.rip/api/v1/repos/beefhavers/${videoname}/hooks' \
-H 'accept: application/json' \
-H 'authorization: token ${env.JENKINSONGITEA}' \
>reporesponse.json
cat reporesponse.json
cat reporesponse.json | jq '.[] | select(.type=="matrix")' >matrixhook.json
cat matrixhook.json
"""
sh """
echo '{
"active": true,
"authorization_header": "Bearer ${env.GITEAONMATRIXTOKEN}",
"branch_filter": "*",
"config": {
"content_type": "json",' >request.json
echo "\\"url\\": \\"https://greyn.club:8448/_matrix/client/r0/rooms/\$(echo ${env.room_id} | sed 's/!/%21/')/send/m.room.message\\"" >>request.json
echo "}," >>request.json
echo "\\"events\\": \$(cat matrixhook.json | jq .[0].events)" >>request.json
echo '}' >>request.json
cat request.json
"""
//delete old
sh """
curl -X 'DELETE' "https://gitea.arg.rip/api/v1/repos/beefhavers/${videoname}/hooks/\$(cat matrixhook.json | jq .[0].id)" \
-H 'accept: application/json' \
-H 'authorization: token ${env.JENKINSONGITEA}' \
"""
//make a new one
sh """
curl -X 'POST' "https://gitea.arg.rip/api/v1/repos/beefhavers/${videoname}/hooks" \
-H 'accept: application/json' \
-H 'authorization: token ${env.JENKINSONGITEA}' \
-H 'Content-Type: application/json' \
-d @request.json
rm request.json
rm reporesponse.json
rm matrixhook.json
"""
}
}
}
}

15
scripts/databases.sh
View File

@ -1,15 +0,0 @@
#!/bin/bash
SUDOER_PSW=
function restofscript(){
pw_productiondatabase=
pw_developmentdatabase=
servicename=
service_dev="${servicename}_dev"
sudo -u postgres psql -c "create database $servicename;"
sudo -u postgres psql -c "create user $servicename with encrypted password '$pw_productiondatabase';"
sudo -u postgres psql -c "grant all privileges on database $servicename to $servicename;"
}
echo "${SUDOER_PSW}" | sudo -S bash -c "$(declare -f restofscript); restofscript"
exit

1
scripts/dotnet_binary.groovy
View File

@ -1 +0,0 @@
//TODO

1
scripts/nupkg.groovy
View File

@ -1 +0,0 @@
//TODO

19
scripts/serviceaccount.sh
View File

@ -1,19 +0,0 @@
#!/bin/bash
SUDOER_PSW=
function restofscript(){
USERNAMETOADD=
PASSWORDTOADD=
useradd -m -s /bin/bash ${USERNAMETOADD}
echo "${USERNAMETOADD}:${PASSWORDTOADD}" | chpasswd
loginctl enable-linger ${USERNAMETOADD}
mkdir /home/${USERNAMETOADD}/.ssh
touch /home/${USERNAMETOADD}/.ssh/authorized_keys
cat ssh.pub >> /home/${USERNAMETOADD}/.ssh/authorized_keys
chmod 600 /home/${USERNAMETOADD}/authorized_keys
chown -R "${USERNAMETOADD}:${USERNAMETOADD}" /home/${USERNAMETOADD}/.ssh
}
echo "${SUDOER_PSW}" | sudo -S bash -c "$(declare -f restofscript); restofscript"
exit