add some vps setup utils

diff --git a/adduser/README.md b/adduser/README.md
new file mode 100644 (file)
index 0000000..76f1543
--- /dev/null
+++ b/adduser/README.md
@@ -0,0 +1,15 @@
+---
+title: Adduser
+homepage: https://webinstall.dev/adduser
+tagline: |
+  Because friends don't let friends run as root
+linux: true
+description: |
+  Adds user `bob` with the same **`~/.ssh/authorized_keys`** as the root user, exiting early if run by a non-root user.
+---
+
+Check that `bob` exists
+
+```bash
+ls /home/
+```

diff --git a/adduser/install.sh b/adduser/install.sh
new file mode 100644 (file)
index 0000000..9b40446
--- /dev/null
+++ b/adduser/install.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+set -e
+set -u
+
+# TODO: a more complete VPS setup
+
+# TODO would $EUID be better?
+if [ "root" != "$(whoami)" ]; then
+  echo "webi adduser: running user is already a non-root user"
+  exit 0
+fi
+
+#apt-get -y update
+#apt-get -y install curl wget rsync git
+
+# Add User
+adduser --disabled-password --gecos "" bob
+my_password=$(openssl rand -hex 16)
+printf "$my_password"'\n'"$my_password" | passwd bob
+adduser bob sudo
+echo "bob ALL=(ALL:ALL) NOPASSWD: ALL" | tee /etc/sudoers.d/bob
+sudo -i -u bob bash -c 'ssh-keygen -b 2048 -t rsa -f /home/bob/.ssh/id_rsa -q -N ""'
+mkdir -p /home/bob/.ssh/
+cp -r $HOME/.ssh/authorized_keys /home/bob/.ssh/
+chmod 0600 bob:bob /home/bob/.ssh/authorized_keys
+chown -R bob:bob /home/bob/.ssh/
+
+# Install webi for the new user
+sudo -i -u bob bash -c 'curl -fsSL https://webinstall.dev/webi | bash' \
+    || sudo -i -u bob bash -c 'wget -q -O - https://webinstall.dev/webi | bash'
+
+# TODO ensure that ssh-password login is off
+
+echo "Created user 'bob' with password '$my_password'"

diff --git a/ssh-pubkey/README.md b/ssh-pubkey/README.md
new file mode 100644 (file)
index 0000000..8514a9d
--- /dev/null
+++ b/ssh-pubkey/README.md
@@ -0,0 +1,9 @@
+---
+title: SSH Pub Key
+homepage: https://webinstall.dev/ssh-pubkey
+tagline: |
+  Get your SSH public key.
+linux: true
+description: |
+  `ssh-pubkey` will make sure you have an SSH key, and then print it to the screen and place it in `~/Downloads`
+---

diff --git a/ssh-pubkey/install.sh b/ssh-pubkey/install.sh
new file mode 100644 (file)
index 0000000..044e1e1
--- /dev/null
+++ b/ssh-pubkey/install.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+set -e
+set -u
+
+mkdir -p "$HOME/.ssh/"
+
+if [ ! -f "$HOME/.ssh/id_rsa" ]; then
+    ssh-keygen -b 2048 -t rsa -f "$HOME/.ssh/id_rsa" -q -N ""
+    echo ""
+fi
+
+if [ ! -f "$HOME/.ssh/id_rsa.pub" ]; then
+    ssh-keygen -y -f "$HOME/.ssh/id_rsa" > "$HOME/.ssh/id_rsa.pub"
+    echo ""
+fi
+
+# TODO use the comment (if any) for the name of the file
+echo ""
+echo "~/Downloads/id_rsa.$(whoami).pub":
+echo ""
+rm -f "$HOME/Downloads/id_rsa.$(whoami).pub":
+cp -r "$HOME/.ssh/id_rsa.pub" "$HOME/Downloads/id_rsa.$(whoami).pub"
+cat "$HOME/Downloads/id_rsa.$(whoami).pub"
+echo ""

diff --git a/ssh-setpass/README.md b/ssh-setpass/README.md
new file mode 100644 (file)
index 0000000..8d3ac04
--- /dev/null
+++ b/ssh-setpass/README.md
@@ -0,0 +1,9 @@
+---
+title: SSH setpass
+homepage: https://webinstall.dev/ssh-setpass
+tagline: |
+  Set a new passphrase on your SSH Private Key.
+linux: true
+description: |
+  `ssh-setpass` will ask you for your old passphrase and then for the new one to reset it with.
+---

diff --git a/ssh-setpass/install.sh b/ssh-setpass/install.sh
new file mode 100644 (file)
index 0000000..014b68a
--- /dev/null
+++ b/ssh-setpass/install.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+set -e
+set -u
+
+ssh-keygen -p -f "$HOME/.ssh/id_rsa"