From 465c4ea4d0b4ef63a9a4410d84586832f6e11f76 Mon Sep 17 00:00:00 2001 From: Adam Bolsover <13262235+bowseruk@users.noreply.github.com> Date: Thu, 21 Oct 2021 06:31:17 +0100 Subject: [PATCH] Add public keys from github (#254) I've added a script that downloads keys from either a line separated file or github public keys into the authorized keys file. I've tested that it's working sucessfully on my UDM Pro while it was running, and with a reset. --- .../on_boot.d/15-add-github-ssh-keys.sh | 63 +++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 on-boot-script/examples/udm-files/on_boot.d/15-add-github-ssh-keys.sh diff --git a/on-boot-script/examples/udm-files/on_boot.d/15-add-github-ssh-keys.sh b/on-boot-script/examples/udm-files/on_boot.d/15-add-github-ssh-keys.sh new file mode 100644 index 0000000..1eb301e --- /dev/null +++ b/on-boot-script/examples/udm-files/on_boot.d/15-add-github-ssh-keys.sh @@ -0,0 +1,63 @@ +#!/bin/sh +## Config Variables - please edit these +# Set to true to download public keys from a github user account +USE_GITHUB_KEYS=true +# Enter your username on github to get the public keys for +GITHUB_USER="" +# File location for the output of the git download +GITHUB_KEY_PATH="/mnt/data/podman/ssh" +GITHUB_KEY_FILE="${GITHUB_KEY_PATH}/github.keys" +# Set to true to use a file containing a key per line in the format ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAA...\n +USE_KEY_FILE=true +# IF using an input file, list it here +INPUT_KEY_PATH="/mnt/data/podman/ssh" +INPUT_KEY_FILE="${INPUT_KEY_PATH}/ssh.keys" +# The target key file for the script +OUTPUT_KEY_PATH="/root/.ssh" +OUTPUT_KEY_FILE="${OUTPUT_KEY_PATH}/authorized_keys" + +## Functions +# This function downloads the keys from the selected github user +download_from_github(){ + if curl --output /dev/null --silent --head --fail https://github.com/${GITHUB_USER}.keys; then + curl https://github.com/${GITHUB_USER}.keys -o ${GITHUB_KEY_FILE} + echo "Downloaded keys from Github" + else + echo "Could not download ${GITHUB_USER}'s key file from github" + fi +} +# Write line to the output line. Add the input line as an arguement. +write_to_output(){ + # Check the file exits + if ! test -f ${OUTPUT_KEY_FILE}; then + echo "File at ${OUTPUT_KEY_FILE} does not exist, creating it" + touch ${OUTPUT_KEY_FILE} + fi + echo "${1}" >> ${OUTPUT_KEY_FILE} +} +# This function reads keys from a file into the requested file. The arguement is the input file. +use_key_from_file(){ + if ! test -f $1; then + echo "File $1 does not exist" + return + fi + counter=0; + while IFS= read -r line; + do + write_to_output "${line}" + let "counter++" + done < $1 + echo "${counter} number of entries read from " +} + +## Script +# Makes paths if they don't exit +mkdir -p ${GITHUB_KEY_PATH} ${INPUT_KEY_PATH} ${OUTPUT_KEY_PATH} +#Check flags to see which files to use +if [ ${USE_GITHUB_KEYS} = true ]; then + download_from_github + use_key_from_file ${GITHUB_KEY_FILE} +fi +if [ ${USE_KEY_FILE} = true ]; then + use_key_from_file ${INPUT_KEY_FILE} +fi