From 9fb20aeb9d72ac401164508ae017b221e27ed5f2 Mon Sep 17 00:00:00 2001
From: "xiongdian.me" <xiongdian.me@bytedance.com>
Date: Thu, 30 Mar 2023 14:04:03 +0800
Subject: [PATCH] --wip-- [skip ci]

---
 scripts/jumpserver_deploy.sh |  4 ++-
 scripts/testbed_deploy.sh    | 49 ++++++++++++++++++++++++++++++++++++
 2 files changed, 52 insertions(+), 1 deletion(-)
 mode change 100644 => 100755 scripts/jumpserver_deploy.sh
 mode change 100644 => 100755 scripts/testbed_deploy.sh

diff --git a/scripts/jumpserver_deploy.sh b/scripts/jumpserver_deploy.sh
old mode 100644
new mode 100755
index 8b019b8..3d50534
--- a/scripts/jumpserver_deploy.sh
+++ b/scripts/jumpserver_deploy.sh
@@ -7,8 +7,10 @@ dest_path="/home/ssh/.ssh/authorized_keys"
 echo "# This file is autoly generated. Changes here will not work." > "$tmp_path"
 
 for file in $(find "$THIS_DIR/../authorized_keys" -type f); do
-    (cat "$file"; echo) >> "$tmp_path"
+    (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path"
 done
 
 cat "$tmp_path" > "$dest_path"
 rm "$tmp_path"
+chown ssh:ssh "$dest_path"
+chmod 600 "$dest_path"
diff --git a/scripts/testbed_deploy.sh b/scripts/testbed_deploy.sh
old mode 100644
new mode 100755
index e69de29..72c0541
--- a/scripts/testbed_deploy.sh
+++ b/scripts/testbed_deploy.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+set -ex
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+
+touch_user() {
+    test -n "$1"
+    if id -u $1 1>/dev/null 2>&1; then
+        return
+    fi
+    if ! id -g nasp 1>/dev/null 2>&1; then
+        echo "Group 'nasp' does not exist\!"
+        exit 1
+    fi
+
+    adduser \
+        --shell /bin/bash \
+        --disabled-password \
+        --home /home/$1 \
+        $1
+    usermod -a -G nasp $1
+}
+
+update_key() {
+    tmp_path="/tmp/authorized_keys_$1"
+    dest_path="/home/$1/.ssh/authorized_keys"
+    echo "# This file is autoly generated. Changes here will not work." > "$tmp_path"
+
+    for file in $(find "$THIS_DIR/../authorized_keys/$1" -type f); do
+        (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path"
+    done
+
+    cat "$tmp_path" > "$dest_path"
+    rm "$tmp_path"
+    chown $1:$1 "$dest_path"
+    chmod 600 "$dest_path"
+}
+
+main() {
+    for file in "$THIS_DIR"/../authorized_keys/* ; do
+        if ! test -d "$file"; then
+            continue
+        fi
+        username=$(basename $file)
+        touch_user $username
+        update_key $username
+    done
+}
+
+main