diff --git a/clone/clone b/clone/clone index ce80edd..e54ae8f 100755 --- a/clone/clone +++ b/clone/clone @@ -1,5 +1,11 @@ #!/bin/sh +[ ! -e ./tmp -o ! -d ./tmp ] && mkdir ./tmp; +[ ! -e ./server -o ! -d ./server ] && mkdir ./server; +[ ! -e ./server/maintenance -o ! -d ./server/maintenance ] && mkdir ./server/maintenance; + + + # [!] Check parameter : device file #========================================================# @@ -34,7 +40,7 @@ step1(){ read -p " (!) umount $mounted (y/n) [n]" unmount; - test -n "$unmount" && test $unmount = "y" && sudo umount $mounted 2>> /dev/null >> /dev/null && echo " > unmounted"; + test -n "$unmount" && test $unmount = "y" && sudo umount $mounted 2> /dev/null > /dev/null && echo " > unmounted"; done; echo "<<< done"; @@ -57,7 +63,7 @@ step2(){ # (2) Init gpt entry # # echo " ))) replace by real code ((("; - echo -e "g\nw" | sudo fdisk $DEV 2>> /dev/null >> /dev/null; + echo -e "g\nw" | sudo fdisk $DEV 2> /dev/null > /dev/null; echo "<<< done"; @@ -111,7 +117,7 @@ step4(){ step5(){ echo "\n>>> [5] Updating users"; - echo " (.) Adding user satsuser"; + echo " (.) Adding user satsuser"; # shadow echo " /etc/shadow"; ## TODO: Manage default password ## @@ -123,7 +129,7 @@ step5(){ echo "satsuser:x:666:666:sats-user,,,:/home/sats-user:/bin/sh" | sudo tee -a /mnt/etc/passwd > /dev/null; echo "satsuser:x:666:666:sats-user,,,:/home/sats-user:/bin/sh" | sudo tee -a /mnt/etc/passwd- > /dev/null; - echo " (.) Removing pi's login password"; + echo " (.) Removing pi's login password"; # create temp file without pi's password #sudo cat /mnt/etc/shadow | sed 's/pi:[^:]\+:/pi:*:/' | sudo tee /mnt/etc/shadow.tmp > /dev/null; # write original files @@ -143,13 +149,13 @@ step5(){ step6(){ echo "\n>>> [6] Updating groups"; - echo " (.) Adding group ssh-key"; + echo " (.) Adding group ssh-key"; # group echo " /etc/group"; echo "ssh-key:x:555:pi,sats-user" | sudo tee -a /mnt/etc/group > /dev/null; echo "ssh-key:x:555:pi,sats-user" | sudo tee -a /mnt/etc/group- > /dev/null; - echo " (.) Adding group sats-user"; + echo " (.) Adding group sats-user"; # group echo " /etc/group"; echo "sats-user:x:666:sats-user" | sudo tee -a /mnt/etc/group > /dev/null; @@ -166,33 +172,35 @@ step6(){ # [7] Manage SSH keys # #========================================================# step7(){ - echo "\n>>> [7] Create ssh keys"; + echo "\n>>> [7] Manage ssh keys"; # (1) Create ssh key pair # - echo " (.) Create ssh key [ecdsa:521]"; - echo -e "\n\n" | ssh-keygen -t ecdsa -b 521 -C "[ECDSA:521] SATS" -f tmp/id_ecdsa; + echo " (.) Create ssh key [ecdsa:521]"; + ssh-keygen -t ecdsa -b 521 -C "[ECDSA:521] SATS" -f ./tmp/id_ecdsa -P "" 2> /dev/null > /dev/null; # (2) Add public key to server's `authorized_keys` file # - echo " (.) Add public key to server's list"; - cat tmp/id_ecdsa.pub >> server/authorized_keys; + echo " (.) Add public key to server's list"; + test ! -e ./server/authorized_keys && touch ./server/authorized_keys; + cat ./tmp/id_ecdsa.pub >> ./server/authorized_keys; # (3) Create ssh file system # - echo " (.) init ssh folder (/home/sats-user/.ssh)"; - sudo mkdir /mnt/home/sats-user/.ssh; + echo " (.) Init ssh folder (/home/sats-user/.ssh)"; + sudo mkdir -p /mnt/home/sats-user/.ssh; # (4) Add both keys to sats-user files # - echo " (.) add keys to ssh folder"; - sudo mv tmp/id_ecdsa /mnt/home/sats-user/.ssh/id_ecdsa; - sudo mv tmp/id_ecdsa.pub /mnt/home/sats-user/.ssh/id_ecdsa.pub; + echo " (.) Add keys to ssh folder"; + sudo mv ./tmp/id_ecdsa /mnt/home/sats-user/.ssh/id_ecdsa; + sudo mv ./tmp/id_ecdsa.pub /mnt/home/sats-user/.ssh/id_ecdsa.pub; # (5) Add maintenance keys # echo " (.) Add maintenance keys'"; - cat server/maintenance/*.pub | sudo tee /mnt/home/sats-user/.ssh/authorized_keys; + sudo touch /mnt/home/sats-user/.ssh/authorized_keys; + cat ./server/maintenance/*.pub | sudo tee /mnt/home/sats-user/.ssh/authorized_keys > /dev/null; # (6) Set up permissions # - echo " (.) Set up permissions"; + echo " (.) Set up permissions"; sudo chown -R 666:666 /mnt/home/sats-user/.ssh/; sudo chmod 400 /mnt/home/sats-user/.ssh/*;