adduser -> ssh-adduser

diff --git a/adduser/README.md b/adduser/README.md
deleted file mode 100644 (file)
index 76f1543..0000000
--- a/adduser/README.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-title: Adduser
-homepage: https://webinstall.dev/adduser
-tagline: |
-  Because friends don't let friends run as root
-linux: true
-description: |
-  Adds user `bob` with the same **`~/.ssh/authorized_keys`** as the root user, exiting early if run by a non-root user.
----
-
-Check that `bob` exists
-
-```bash
-ls /home/
-```

diff --git a/adduser/install.sh b/adduser/install.sh
deleted file mode 100644 (file)
index 9b40446..0000000
--- a/adduser/install.sh
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/bin/bash
-
-set -e
-set -u
-
-# TODO: a more complete VPS setup
-
-# TODO would $EUID be better?
-if [ "root" != "$(whoami)" ]; then
-  echo "webi adduser: running user is already a non-root user"
-  exit 0
-fi
-
-#apt-get -y update
-#apt-get -y install curl wget rsync git
-
-# Add User
-adduser --disabled-password --gecos "" bob
-my_password=$(openssl rand -hex 16)
-printf "$my_password"'\n'"$my_password" | passwd bob
-adduser bob sudo
-echo "bob ALL=(ALL:ALL) NOPASSWD: ALL" | tee /etc/sudoers.d/bob
-sudo -i -u bob bash -c 'ssh-keygen -b 2048 -t rsa -f /home/bob/.ssh/id_rsa -q -N ""'
-mkdir -p /home/bob/.ssh/
-cp -r $HOME/.ssh/authorized_keys /home/bob/.ssh/
-chmod 0600 bob:bob /home/bob/.ssh/authorized_keys
-chown -R bob:bob /home/bob/.ssh/
-
-# Install webi for the new user
-sudo -i -u bob bash -c 'curl -fsSL https://webinstall.dev/webi | bash' \
-    || sudo -i -u bob bash -c 'wget -q -O - https://webinstall.dev/webi | bash'
-
-# TODO ensure that ssh-password login is off
-
-echo "Created user 'bob' with password '$my_password'"

diff --git a/ssh-adduser/README.md b/ssh-adduser/README.md
new file mode 100644 (file)
index 0000000..804a1fb
--- /dev/null
+++ b/ssh-adduser/README.md
@@ -0,0 +1,9 @@
+---
+title: SSH adduser
+homepage: https://webinstall.dev/ssh-adduser
+tagline: |
+  SSH adduser: Because friends don't let friends login or run stuff as root
+linux: true
+description: |
+  Many modern web programs (`npm` and `postgres`, for example) will not function correctly if run as root. `ssh-adduser` adds user `me` with the same **`~/.ssh/authorized_keys`** as the `root` user, with a long random password, and gives `me` `sudo` privileges.
+---

diff --git a/ssh-adduser/install.sh b/ssh-adduser/install.sh
new file mode 100644 (file)
index 0000000..6400a0c
--- /dev/null
+++ b/ssh-adduser/install.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+set -e
+set -u
+
+# TODO: a more complete VPS setup
+
+# TODO would $EUID be better?
+if [ "root" != "$(whoami)" ]; then
+  echo "webi adduser: running user is already a non-root user"
+  exit 0
+fi
+
+#apt-get -y update
+#apt-get -y install curl wget rsync git
+
+# Add User
+# TODO: might there be a better name?
+# me, this, user, self, person, i, who, do, tron
+adduser --disabled-password --gecos "" me
+my_password=$(openssl rand -hex 16)
+printf "$my_password"'\n'"$my_password" | passwd me
+adduser me sudo
+echo "me ALL=(ALL:ALL) NOPASSWD: ALL" | tee /etc/sudoers.d/me
+sudo -i -u me bash -c 'ssh-keygen -b 2048 -t rsa -f /home/me/.ssh/id_rsa -q -N ""'
+mkdir -p /home/me/.ssh/
+cp -r $HOME/.ssh/authorized_keys /home/me/.ssh/
+chmod 0600 me:me /home/me/.ssh/authorized_keys
+chown -R me:me /home/me/.ssh/
+
+# Install webi for the new user
+sudo -i -u me bash -c 'curl -fsSL https://webinstall.dev/webi | bash' \
+    || sudo -i -u me bash -c 'wget -q -O - https://webinstall.dev/webi | bash'
+
+# TODO ensure that ssh-password login is off
+
+echo "Created user 'me' with password '$my_password'"