From 310dac2125bce5391c68ebdad1fb48df28582ce8 Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Thu, 30 Mar 2023 01:39:08 +0800 Subject: [PATCH 01/21] jumpserver_deploy.sh init --- scripts/jumpserver_deploy.sh | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/scripts/jumpserver_deploy.sh b/scripts/jumpserver_deploy.sh index e69de29..8b019b8 100644 --- a/scripts/jumpserver_deploy.sh +++ b/scripts/jumpserver_deploy.sh @@ -0,0 +1,14 @@ +#!/bin/bash +set -ex +THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd ) + +tmp_path="/tmp/authorized_keys" +dest_path="/home/ssh/.ssh/authorized_keys" +echo "# This file is autoly generated. Changes here will not work." > "$tmp_path" + +for file in $(find "$THIS_DIR/../authorized_keys" -type f); do + (cat "$file"; echo) >> "$tmp_path" +done + +cat "$tmp_path" > "$dest_path" +rm "$tmp_path" -- 2.45.1 From 9fb20aeb9d72ac401164508ae017b221e27ed5f2 Mon Sep 17 00:00:00 2001 From: "xiongdian.me" Date: Thu, 30 Mar 2023 14:04:03 +0800 Subject: [PATCH 02/21] --wip-- [skip ci] --- scripts/jumpserver_deploy.sh | 4 ++- scripts/testbed_deploy.sh | 49 ++++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+), 1 deletion(-) mode change 100644 => 100755 scripts/jumpserver_deploy.sh mode change 100644 => 100755 scripts/testbed_deploy.sh diff --git a/scripts/jumpserver_deploy.sh b/scripts/jumpserver_deploy.sh old mode 100644 new mode 100755 index 8b019b8..3d50534 --- a/scripts/jumpserver_deploy.sh +++ b/scripts/jumpserver_deploy.sh @@ -7,8 +7,10 @@ dest_path="/home/ssh/.ssh/authorized_keys" echo "# This file is autoly generated. Changes here will not work." > "$tmp_path" for file in $(find "$THIS_DIR/../authorized_keys" -type f); do - (cat "$file"; echo) >> "$tmp_path" + (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path" done cat "$tmp_path" > "$dest_path" rm "$tmp_path" +chown ssh:ssh "$dest_path" +chmod 600 "$dest_path" diff --git a/scripts/testbed_deploy.sh b/scripts/testbed_deploy.sh old mode 100644 new mode 100755 index e69de29..72c0541 --- a/scripts/testbed_deploy.sh +++ b/scripts/testbed_deploy.sh @@ -0,0 +1,49 @@ +#!/bin/bash +set -ex +THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd ) + +touch_user() { + test -n "$1" + if id -u $1 1>/dev/null 2>&1; then + return + fi + if ! id -g nasp 1>/dev/null 2>&1; then + echo "Group 'nasp' does not exist\!" + exit 1 + fi + + adduser \ + --shell /bin/bash \ + --disabled-password \ + --home /home/$1 \ + $1 + usermod -a -G nasp $1 +} + +update_key() { + tmp_path="/tmp/authorized_keys_$1" + dest_path="/home/$1/.ssh/authorized_keys" + echo "# This file is autoly generated. Changes here will not work." > "$tmp_path" + + for file in $(find "$THIS_DIR/../authorized_keys/$1" -type f); do + (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path" + done + + cat "$tmp_path" > "$dest_path" + rm "$tmp_path" + chown $1:$1 "$dest_path" + chmod 600 "$dest_path" +} + +main() { + for file in "$THIS_DIR"/../authorized_keys/* ; do + if ! test -d "$file"; then + continue + fi + username=$(basename $file) + touch_user $username + update_key $username + done +} + +main -- 2.45.1 From b29880ff81439bbc21cf9c3ccef5436b1afca5c9 Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Fri, 21 Apr 2023 16:31:57 +0800 Subject: [PATCH 03/21] jumpserver_deploy.sh --- scripts/jumpserver_cron.sh | 16 +++++++++++++ scripts/jumpserver_deploy.sh | 24 +++++++++++-------- .../{testbed_deploy.sh => testbed_cron.sh} | 0 3 files changed, 30 insertions(+), 10 deletions(-) create mode 100755 scripts/jumpserver_cron.sh rename scripts/{testbed_deploy.sh => testbed_cron.sh} (100%) diff --git a/scripts/jumpserver_cron.sh b/scripts/jumpserver_cron.sh new file mode 100755 index 0000000..3d50534 --- /dev/null +++ b/scripts/jumpserver_cron.sh @@ -0,0 +1,16 @@ +#!/bin/bash +set -ex +THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd ) + +tmp_path="/tmp/authorized_keys" +dest_path="/home/ssh/.ssh/authorized_keys" +echo "# This file is autoly generated. Changes here will not work." > "$tmp_path" + +for file in $(find "$THIS_DIR/../authorized_keys" -type f); do + (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path" +done + +cat "$tmp_path" > "$dest_path" +rm "$tmp_path" +chown ssh:ssh "$dest_path" +chmod 600 "$dest_path" diff --git a/scripts/jumpserver_deploy.sh b/scripts/jumpserver_deploy.sh index 3d50534..420a06f 100755 --- a/scripts/jumpserver_deploy.sh +++ b/scripts/jumpserver_deploy.sh @@ -2,15 +2,19 @@ set -ex THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd ) -tmp_path="/tmp/authorized_keys" -dest_path="/home/ssh/.ssh/authorized_keys" -echo "# This file is autoly generated. Changes here will not work." > "$tmp_path" +adduser \ + --disabled-password \ + --home /home/ssh \ + ssh -for file in $(find "$THIS_DIR/../authorized_keys" -type f); do - (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path" -done +insert_if_not_exist() +{ + filename=$1 + line=$2 + if [ ! -f "$filename" ]; then + touch $filename + fi + grep -qxF -- "$line" "$filename" || echo "$line" >> "$filename" +} -cat "$tmp_path" > "$dest_path" -rm "$tmp_path" -chown ssh:ssh "$dest_path" -chmod 600 "$dest_path" +insert_if_not_exist "/etc/crontab" "*/5 0 0 0 0 cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh" diff --git a/scripts/testbed_deploy.sh b/scripts/testbed_cron.sh similarity index 100% rename from scripts/testbed_deploy.sh rename to scripts/testbed_cron.sh -- 2.45.1 From 1621cddf38c32db6736003229fa0c701a203199e Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Fri, 21 Apr 2023 16:46:37 +0800 Subject: [PATCH 04/21] debug --- scripts/jumpserver_cron.sh | 5 +++++ scripts/jumpserver_deploy.sh | 3 ++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/scripts/jumpserver_cron.sh b/scripts/jumpserver_cron.sh index 3d50534..38cc4b3 100755 --- a/scripts/jumpserver_cron.sh +++ b/scripts/jumpserver_cron.sh @@ -10,6 +10,11 @@ for file in $(find "$THIS_DIR/../authorized_keys" -type f); do (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path" done +if [[ ! -d "/home/ssh/.ssh" ]]; then + mkdir -p "/home/ssh/.ssh" + chown ssh:ssh "/home/ssh/.ssh" + chmod 700 "/home/ssh/.ssh" +fi cat "$tmp_path" > "$dest_path" rm "$tmp_path" chown ssh:ssh "$dest_path" diff --git a/scripts/jumpserver_deploy.sh b/scripts/jumpserver_deploy.sh index 420a06f..746406d 100755 --- a/scripts/jumpserver_deploy.sh +++ b/scripts/jumpserver_deploy.sh @@ -5,6 +5,7 @@ THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd ) adduser \ --disabled-password \ --home /home/ssh \ + --gecos "jumpserver user ssh" \ ssh insert_if_not_exist() @@ -17,4 +18,4 @@ insert_if_not_exist() grep -qxF -- "$line" "$filename" || echo "$line" >> "$filename" } -insert_if_not_exist "/etc/crontab" "*/5 0 0 0 0 cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh" +insert_if_not_exist "/etc/crontab" "*/5 * * * * cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh" -- 2.45.1 From 0ca082e81bf336a8d75053548d1eb89660835c9d Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Fri, 21 Apr 2023 16:49:31 +0800 Subject: [PATCH 05/21] sync ssh key --- authorized_keys/authorized_keys | 2 ++ 1 file changed, 2 insertions(+) diff --git a/authorized_keys/authorized_keys b/authorized_keys/authorized_keys index df254eb..4daf9b4 100644 --- a/authorized_keys/authorized_keys +++ b/authorized_keys/authorized_keys @@ -85,3 +85,5 @@ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzmgYN5tcYKL8wd9pELVuA/wb+mku7wrlc4kF28jvP ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCnUV3RkX7xpvRdLWBk/HAvIQM/vtCz0IJN95EQexIcgm7LVDKYEKp4YgCirqfyJm05i+92rwlcnkDuOTkmDXiypcFYnoPdqhyh7q54J+YSJmkXF5RLRmn+m+bH4L+wi8R0cOeAImAFQ8/F+R9cQRxGLGPb8ebXBO/oUCk2KkYdbehKFmz6E2pKV4CGRDpuxA/3JiPlNtNF0xL826+K0jkn/nZ8NsU7v2WpJxITcVvJdKHx9jtOy4Ta8w0Rdvs5YIgJrxTAYZFHmXUaI3DTZDF7qbW/OIM4T5gFUq8G8xVZtdH2u/pL1wgTa3zFMQkaN3c5zCKHm+9E7lt+LW7C0GY5AMkmNgwZe/D83nEUNjK7QB5ULjhULwhKeIlghdfly6mM6+oQ56eLH3fMMA2UalcrCm7RQqILFpv8OXSQ9iQJCPJ5PS3pABpgvc2YF9H1Pu+r/sgK1efQzop5NlT+wXVoKt64px/AUDcKucPlDUg52GEt3EsJUcSMXlIewgPGUU0= ustb_yhb@163.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDg1kImE4U+ySXkqZNrlrsSwyATOKEyRRTQ8lAYhdI1OsMM3WhxCNKDdYPoFUJgZwio5JqBHe6UBLOfL/B+Muh0PYH0+jofIJoWe4grS10zZifisjayrhu0zfWfiGzyLUQY85nUuprUQPvC4qbI1DEspOCoZAE3Q0fjNz6Et3V3j7HLtJLRLZ1unsb5bnV4kf8sbFBxoSqJg9Ut0WBYcWfCW4zReRglJUxSZ6Hux8jHdZ7DGmyAndxBbu4gpzgsyZ8qPq+o4v/J2jYqKUN/6cnJ12hMF7UEsqDntX4JnZhRu8M7VgsNmb1ST9CW/P7X74tY0PGndlf8W0znb4imoBMZY+EMausZGI4ozbYZ5pttU7zCKxHVBO7mUyaRYUeYlo1ZTBUTNxH8lLLHu26LcSyVfuiYG6buQ4FnfM1bb8spckgokzH1+Bq3AtgDIpQEHNiFoh0cekIOtNqfJnJk/wOkWvlstB9YGevN2TQ5Y3VPt6grZyijHDaWOxdXJNHcW3U= lichuanlong@LAPTOP-QEAOKK4F + +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDO9l6MmdGJo4aR/ej7quGpRrfmlAsCTZraxQqmbJaoHXTDyJEtxr4jeejkpkjizpfI6Nj8LfeEYXJABdRTMU1otHuQljwVR+dUN/GBcACq7JCXNjeT9R64JyEIrhVuMtiXUcXHHf7n9z7qZotdhOyvS6KGSnG9V4m5qnCkXxEyBcEQC0I9qqPt0RFpWx/XGOUuwxx2sdr56eXMFOk0W55FIbYVF0m8xVcYFmXawVFTlz5G+Yt8t/WiFAI3b4PzLfkObSucryr+dPqczOHE/2NYaOmDSS2Eh7Tz2PNP7sIjQpIKWZYQRAWCGcrqENEisTiiPKyzMaaynl6U23LmjuqYjTIuEWrJouSs10ivLeMfhqDbtDG+cRBX6hLW51uiScV324ci/Qd8P+6Dg9oeuHxP34Qy94QXbVNrX9z2Qok2gd+LOlrw9pFu0+M51Gqi2X4Qxr6xNQcdfnCivz9CsLWyewHHb1POTNVtgDKWotUJpelCn+OksUB3sgXSSBccVOk= hotfe@LAPTOP-PEKL7TRE -- 2.45.1 From cce4a4c5bcf31b2e87b988ec8e532b598ca8507f Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Fri, 21 Apr 2023 17:12:36 +0800 Subject: [PATCH 06/21] testbed_deploy.sh --- scripts/jumpserver_deploy.sh | 2 ++ scripts/nasp | 4 ++++ scripts/testbed_cron.sh | 12 ++++++++++-- scripts/testbed_deploy.sh | 20 ++++++++++++++++++++ 4 files changed, 36 insertions(+), 2 deletions(-) create mode 100755 scripts/nasp create mode 100755 scripts/testbed_deploy.sh diff --git a/scripts/jumpserver_deploy.sh b/scripts/jumpserver_deploy.sh index 746406d..5fe22c8 100755 --- a/scripts/jumpserver_deploy.sh +++ b/scripts/jumpserver_deploy.sh @@ -19,3 +19,5 @@ insert_if_not_exist() } insert_if_not_exist "/etc/crontab" "*/5 * * * * cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh" + +\"$THIS_DIR\"/jumpserver_cron.sh diff --git a/scripts/nasp b/scripts/nasp new file mode 100755 index 0000000..d54a2da --- /dev/null +++ b/scripts/nasp @@ -0,0 +1,4 @@ +%nasp ALL = (root) NOPASSWD: /usr/bin/docker +%nasp ALL = (root) NOPASSWD: /usr/sbin/reboot +%nasp ALL = (root) NOPASSWD: /usr/bin/whoami + diff --git a/scripts/testbed_cron.sh b/scripts/testbed_cron.sh index 72c0541..b061946 100755 --- a/scripts/testbed_cron.sh +++ b/scripts/testbed_cron.sh @@ -16,6 +16,7 @@ touch_user() { --shell /bin/bash \ --disabled-password \ --home /home/$1 \ + --gecos "nasp member" \ $1 usermod -a -G nasp $1 } @@ -23,12 +24,18 @@ touch_user() { update_key() { tmp_path="/tmp/authorized_keys_$1" dest_path="/home/$1/.ssh/authorized_keys" - echo "# This file is autoly generated. Changes here will not work." > "$tmp_path" + dest_dir=$(dirname "$dest_path") + echo "# This file is autoly generated. Changes here will not work." > "$tmp_path" for file in $(find "$THIS_DIR/../authorized_keys/$1" -type f); do (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path" done + if [[ ! -d "$dest_dir" ]]; then + mkdir -p "$dest_dir" + chown $1:$1 "$dest_dir" + chmod 700 "$dest_dir" + fi cat "$tmp_path" > "$dest_path" rm "$tmp_path" chown $1:$1 "$dest_path" @@ -36,8 +43,9 @@ update_key() { } main() { + cp "$THIS_DIR/nasp /etc/sudoers.d/nasp" for file in "$THIS_DIR"/../authorized_keys/* ; do - if ! test -d "$file"; then + if [[ ! -d "$file" ]]; then continue fi username=$(basename $file) diff --git a/scripts/testbed_deploy.sh b/scripts/testbed_deploy.sh new file mode 100755 index 0000000..ed75701 --- /dev/null +++ b/scripts/testbed_deploy.sh @@ -0,0 +1,20 @@ +#!/bin/bash +set -ex +THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd ) + +apt update && apt install sudo +addgroup nasp + +insert_if_not_exist() +{ + filename=$1 + line=$2 + if [ ! -f "$filename" ]; then + touch $filename + fi + grep -qxF -- "$line" "$filename" || echo "$line" >> "$filename" +} + +insert_if_not_exist "/etc/crontab" "*/5 * * * * cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/testbed_cron.sh" + +\"$THIS_DIR\"/testbed_cron.sh -- 2.45.1 From 9fa560e5c2472ee4267241760110234e90dc64c2 Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Fri, 21 Apr 2023 17:23:04 +0800 Subject: [PATCH 07/21] bug fix (Fri Apr 21 17:23:03 CST 2023) --- scripts/jumpserver_deploy.sh | 2 +- scripts/testbed_cron.sh | 4 ++-- scripts/testbed_deploy.sh | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/jumpserver_deploy.sh b/scripts/jumpserver_deploy.sh index 5fe22c8..0f4ee0c 100755 --- a/scripts/jumpserver_deploy.sh +++ b/scripts/jumpserver_deploy.sh @@ -20,4 +20,4 @@ insert_if_not_exist() insert_if_not_exist "/etc/crontab" "*/5 * * * * cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh" -\"$THIS_DIR\"/jumpserver_cron.sh +"$THIS_DIR"/jumpserver_cron.sh diff --git a/scripts/testbed_cron.sh b/scripts/testbed_cron.sh index b061946..ed2f833 100755 --- a/scripts/testbed_cron.sh +++ b/scripts/testbed_cron.sh @@ -7,7 +7,7 @@ touch_user() { if id -u $1 1>/dev/null 2>&1; then return fi - if ! id -g nasp 1>/dev/null 2>&1; then + if ! getent group nasp ; then echo "Group 'nasp' does not exist\!" exit 1 fi @@ -43,7 +43,7 @@ update_key() { } main() { - cp "$THIS_DIR/nasp /etc/sudoers.d/nasp" + cp "$THIS_DIR/nasp" "/etc/sudoers.d/nasp" for file in "$THIS_DIR"/../authorized_keys/* ; do if [[ ! -d "$file" ]]; then continue diff --git a/scripts/testbed_deploy.sh b/scripts/testbed_deploy.sh index ed75701..1a77072 100755 --- a/scripts/testbed_deploy.sh +++ b/scripts/testbed_deploy.sh @@ -17,4 +17,4 @@ insert_if_not_exist() insert_if_not_exist "/etc/crontab" "*/5 * * * * cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/testbed_cron.sh" -\"$THIS_DIR\"/testbed_cron.sh +"$THIS_DIR"/testbed_cron.sh -- 2.45.1 From f7fa5afce2e867f4656f143d86c067df4afe82cb Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Fri, 21 Apr 2023 17:27:48 +0800 Subject: [PATCH 08/21] try: adding a new key pc1 --- authorized_keys/dictxiong/pc1 | 1 + scripts/nasp | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 authorized_keys/dictxiong/pc1 diff --git a/authorized_keys/dictxiong/pc1 b/authorized_keys/dictxiong/pc1 new file mode 100644 index 0000000..4ab70b0 --- /dev/null +++ b/authorized_keys/dictxiong/pc1 @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID8WHIpwdZl7+HIZfQpwIAhpxT1huI9sd6Ydeokilg5l pc1 \ No newline at end of file diff --git a/scripts/nasp b/scripts/nasp index d54a2da..1e12740 100755 --- a/scripts/nasp +++ b/scripts/nasp @@ -1,4 +1,3 @@ %nasp ALL = (root) NOPASSWD: /usr/bin/docker %nasp ALL = (root) NOPASSWD: /usr/sbin/reboot %nasp ALL = (root) NOPASSWD: /usr/bin/whoami - -- 2.45.1 From 179eac4dc64124e65abaed8501defd6c62e6ede6 Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Fri, 21 Apr 2023 17:36:01 +0800 Subject: [PATCH 09/21] bug fix (Fri Apr 21 17:36:00 CST 2023) --- scripts/jumpserver_deploy.sh | 2 +- scripts/testbed_deploy.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/jumpserver_deploy.sh b/scripts/jumpserver_deploy.sh index 0f4ee0c..3db278a 100755 --- a/scripts/jumpserver_deploy.sh +++ b/scripts/jumpserver_deploy.sh @@ -18,6 +18,6 @@ insert_if_not_exist() grep -qxF -- "$line" "$filename" || echo "$line" >> "$filename" } -insert_if_not_exist "/etc/crontab" "*/5 * * * * cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh" +insert_if_not_exist "/etc/crontab" "*/5 * * * * root cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh" "$THIS_DIR"/jumpserver_cron.sh diff --git a/scripts/testbed_deploy.sh b/scripts/testbed_deploy.sh index 1a77072..d43a7c7 100755 --- a/scripts/testbed_deploy.sh +++ b/scripts/testbed_deploy.sh @@ -15,6 +15,6 @@ insert_if_not_exist() grep -qxF -- "$line" "$filename" || echo "$line" >> "$filename" } -insert_if_not_exist "/etc/crontab" "*/5 * * * * cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/testbed_cron.sh" +insert_if_not_exist "/etc/crontab" "*/5 * * * * root cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/testbed_cron.sh" "$THIS_DIR"/testbed_cron.sh -- 2.45.1 From a11b2b60c7768e16ac2dcc77a586ee506367187a Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Fri, 21 Apr 2023 17:56:16 +0800 Subject: [PATCH 10/21] jumpserver use /etc/crontabs/root instead of /etc/crontab --- scripts/jumpserver_deploy.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/jumpserver_deploy.sh b/scripts/jumpserver_deploy.sh index 3db278a..1b2b8ae 100755 --- a/scripts/jumpserver_deploy.sh +++ b/scripts/jumpserver_deploy.sh @@ -18,6 +18,6 @@ insert_if_not_exist() grep -qxF -- "$line" "$filename" || echo "$line" >> "$filename" } -insert_if_not_exist "/etc/crontab" "*/5 * * * * root cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh" +insert_if_not_exist "/etc/crontabs/root" "*/5 * * * * cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh" "$THIS_DIR"/jumpserver_cron.sh -- 2.45.1 From 5965fc742fcfddc09812126d1a96d6eb0811ea21 Mon Sep 17 00:00:00 2001 From: "xiongdian.me" Date: Sun, 23 Apr 2023 16:03:56 +0800 Subject: [PATCH 11/21] key: dictxiong/ltp1-bd --- authorized_keys/dictxiong/ltp1-bd | 1 + 1 file changed, 1 insertion(+) create mode 100644 authorized_keys/dictxiong/ltp1-bd diff --git a/authorized_keys/dictxiong/ltp1-bd b/authorized_keys/dictxiong/ltp1-bd new file mode 100644 index 0000000..159be11 --- /dev/null +++ b/authorized_keys/dictxiong/ltp1-bd @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhS4voo3K/Dvzqckr0bouO1WkCI5XxswstHWnuuyKBz ltp1-bd -- 2.45.1 From 4026106afb1349e6516ead0949cbde90c0993270 Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Mon, 24 Apr 2023 21:20:12 +0800 Subject: [PATCH 12/21] init README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..1e35bb6 --- /dev/null +++ b/README.md @@ -0,0 +1,2 @@ +# The NASP Cluster Registry + -- 2.45.1 From 746d326356cf917e6909102d8e98f7bd95c167a3 Mon Sep 17 00:00:00 2001 From: "xiongdian.me" Date: Fri, 28 Apr 2023 16:41:20 +0800 Subject: [PATCH 13/21] sudo /usr/bin/nvidia-smi --- scripts/nasp | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/nasp b/scripts/nasp index 1e12740..db12120 100755 --- a/scripts/nasp +++ b/scripts/nasp @@ -1,3 +1,4 @@ %nasp ALL = (root) NOPASSWD: /usr/bin/docker %nasp ALL = (root) NOPASSWD: /usr/sbin/reboot %nasp ALL = (root) NOPASSWD: /usr/bin/whoami +%nasp ALL = (root) NOPASSWD: /usr/bin/nvidia-smi -- 2.45.1 From bbc8d974229c7864c3c84cfa40f3aa388e416aea Mon Sep 17 00:00:00 2001 From: "xiongdian.me" Date: Fri, 28 Apr 2023 16:42:01 +0800 Subject: [PATCH 14/21] sudo /usr/sbin/shutdown --- scripts/nasp | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/nasp b/scripts/nasp index db12120..0ef8cd0 100755 --- a/scripts/nasp +++ b/scripts/nasp @@ -2,3 +2,4 @@ %nasp ALL = (root) NOPASSWD: /usr/sbin/reboot %nasp ALL = (root) NOPASSWD: /usr/bin/whoami %nasp ALL = (root) NOPASSWD: /usr/bin/nvidia-smi +%nasp ALL = (root) NOPASSWD: /usr/sbin/shutdown -- 2.45.1 From 891d6cd73ffc8d49e6355469fcb45dd7b3e68615 Mon Sep 17 00:00:00 2001 From: "xiongdian.me" Date: Fri, 28 Apr 2023 16:43:41 +0800 Subject: [PATCH 15/21] file nasp mod -x --- scripts/nasp | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 scripts/nasp diff --git a/scripts/nasp b/scripts/nasp old mode 100755 new mode 100644 -- 2.45.1 From 930deb13492227cea8fa125a4d78b15e85e50b15 Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Thu, 4 May 2023 15:10:48 +0800 Subject: [PATCH 16/21] debug --- scripts/jumpserver_deploy.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/jumpserver_deploy.sh b/scripts/jumpserver_deploy.sh index 1b2b8ae..ef3f45e 100755 --- a/scripts/jumpserver_deploy.sh +++ b/scripts/jumpserver_deploy.sh @@ -8,6 +8,8 @@ adduser \ --gecos "jumpserver user ssh" \ ssh +usermod -p '*' ssh + insert_if_not_exist() { filename=$1 -- 2.45.1 From 0cfb4bc2bea55340ab3756a33fcc557e9dc62807 Mon Sep 17 00:00:00 2001 From: Dict Xiong Date: Thu, 4 May 2023 16:12:16 +0800 Subject: [PATCH 17/21] key: dictxiong/pc1 --- authorized_keys/dictxiong/pc1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/authorized_keys/dictxiong/pc1 b/authorized_keys/dictxiong/pc1 index 4ab70b0..f2d5ea1 100644 --- a/authorized_keys/dictxiong/pc1 +++ b/authorized_keys/dictxiong/pc1 @@ -1 +1 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID8WHIpwdZl7+HIZfQpwIAhpxT1huI9sd6Ydeokilg5l pc1 \ No newline at end of file +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHLYgVj+NPino6sOmahULN7SbAMaVAgzqPfDjz2S8zDv pc1 -- 2.45.1 From d47b0b122bea34f4d1cd6b01134012fdd1c7883f Mon Sep 17 00:00:00 2001 From: "xiuting.xu" Date: Mon, 15 May 2023 10:40:49 +0800 Subject: [PATCH 18/21] add baiyu's pubkey (#1) Co-authored-by: xiuting.xu Reviewed-on: https://git.nasp.ob.ac.cn/NASP/registry/pulls/1 Co-authored-by: xiuting.xu Co-committed-by: xiuting.xu --- authorized_keys/onelearn/ybai | 1 + 1 file changed, 1 insertion(+) create mode 100644 authorized_keys/onelearn/ybai diff --git a/authorized_keys/onelearn/ybai b/authorized_keys/onelearn/ybai new file mode 100644 index 0000000..5bc1e2f --- /dev/null +++ b/authorized_keys/onelearn/ybai @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHgZS2qE1AD1JlXNqqutryNolj+kwNIAxFIFU2vpSEk7 hit_ybai@163.com -- 2.45.1 From e64bfc0c48efe0c60df25fa78cd999038f16fdce Mon Sep 17 00:00:00 2001 From: lintaothu Date: Wed, 24 May 2023 19:19:47 +0800 Subject: [PATCH 19/21] lintaothu res public (#2) Co-authored-by: linsir Reviewed-on: https://git.nasp.ob.ac.cn/NASP/registry/pulls/2 Co-authored-by: lintaothu Co-committed-by: lintaothu --- authorized_keys/lintaothu/id_rsa.pub | 1 + 1 file changed, 1 insertion(+) create mode 100644 authorized_keys/lintaothu/id_rsa.pub diff --git a/authorized_keys/lintaothu/id_rsa.pub b/authorized_keys/lintaothu/id_rsa.pub new file mode 100644 index 0000000..490ac15 --- /dev/null +++ b/authorized_keys/lintaothu/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDL4XOqHcUdI6zCDv89jwIcmPKEMLMgtaYknRQxEI9CIB0JzP8fVWy7dIh1I/HQ49SoXprgQxlkeKm1bYZ6J399c1MqtA6cdpWdxL4bd0CqVDOFalHL7YFcF1iw509NByTM67U/t3vIVyAtF+2PyeZnt7BSg71QP5yaNtIPIJwUm33BnkFZS81y2wL2MTSlvooc0vpCFS5aE5amQAqLXkkfMhm5g17rHRc/4lxnEx0G1/+Hq+AuIAGRWk6vQP4SJx08XQeXMfL67nLusKcJk+RnapNUfCXF0FSh10W1v3B6+m37Z7MLNwFu9xVYg24t9o2kIhi12x4bLs/B80ogM8P7GyS1SqW6Pj6XV9TdBG9cUqknqHTaWDiWrzmvqPYko6wml4R+UcE9zInsfG+W4AJfsEdytEAG9GYMwEupnkNumUjGXnGoHTbEhG2fvHznhs4y/I8JfyEy6NlPHFNfCLy1c0ZGrPFvODsJALBVvHJsBnaHHTReoIXM9CVRWFeZf0s= linsir@StarLight -- 2.45.1 From 3bee8f1def422312560638785913dcbec0768cbd Mon Sep 17 00:00:00 2001 From: toghrul Date: Thu, 25 May 2023 10:41:33 +0800 Subject: [PATCH 20/21] Add ssh key for toghrul (#3) Adding ssh key lab cluster usage! Co-authored-by: Abbasli Toghrul Reviewed-on: https://git.nasp.ob.ac.cn/NASP/registry/pulls/3 Co-authored-by: toghrul Co-committed-by: toghrul --- authorized_keys/toghrul/sk0 | 1 + 1 file changed, 1 insertion(+) create mode 100644 authorized_keys/toghrul/sk0 diff --git a/authorized_keys/toghrul/sk0 b/authorized_keys/toghrul/sk0 new file mode 100644 index 0000000..0f863df --- /dev/null +++ b/authorized_keys/toghrul/sk0 @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDP8JSCeZDkV/9oq8vUtmnEw7qe3nv9RrChH5LFNHO4Ds71L01ZyzVdsIkOzpxcAdFLJiV5pLVDtBAufEtH1uSIKcbVbDvcoaQAJhJGL90B9NlW8S8hbqBRfJWLAZlFNf/6pEIyRhW5xO/2x3SY2LvjJa7U90wP+XQqSPhol62qeWrGH+UxwQSiqQcfPb209F7n9qSeoROz1tpdtjWTLIKmkhVSG786tEX0eCUK3NqSli95uLfKMWQzw6poscE7PycyUTbUDj2kj2rrNFExDrYyz136hfIIMVmQF9LL8uemqZifQCIZgTkkeVQbn8CuCu7VaJysjcKaHOitgcaulss7GP3t5+DU5dT4VOnE+r7i/TXsVZvVpKKNXEX6vzus5R+7eEO3k+lS/xSNv2qy1XM7c6C0PWTuL+RFaxOq+hDsVkXJRo1BGlqkxJK1G0dG6l/4QD/75tbPi0bbemT2PKbpbu8+PVlR1Zba0OpnsLn3OQOscDZNbcwIT2001TmnDW0= togrul@Abbaslis-MacBook-Pro.local \ No newline at end of file -- 2.45.1 From 8bfa59d33a3dabf05d29a72de5c5914637c75f1a Mon Sep 17 00:00:00 2001 From: baiyu Date: Tue, 30 May 2023 10:31:46 +0800 Subject: [PATCH 21/21] Update Public Key for Dev Environment Login (#5) I have updated my public key in this pull request for the purpose of logging into our development environment. Please review and merge this change. Co-authored-by: Bai Yu Reviewed-on: https://git.nasp.ob.ac.cn/NASP/registry/pulls/5 Co-authored-by: baiyu Co-committed-by: baiyu --- authorized_keys/onelearn/ybai | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/authorized_keys/onelearn/ybai b/authorized_keys/onelearn/ybai index 5bc1e2f..3848bb8 100644 --- a/authorized_keys/onelearn/ybai +++ b/authorized_keys/onelearn/ybai @@ -1 +1 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHgZS2qE1AD1JlXNqqutryNolj+kwNIAxFIFU2vpSEk7 hit_ybai@163.com +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMi6FE3bVJfpBkBnHE/LcddAgV7JQAqRdADJMH+0/cbc baiyu0325@gmail.com -- 2.45.1