--wip-- [skip ci]

scripts/jumpserver_deploy.sh

@@ -7,8 +7,10 @@ dest_path="/home/ssh/.ssh/authorized_keys"
 echo "# This file is autoly generated. Changes here will not work." > "$tmp_path"
 
 for file in $(find "$THIS_DIR/../authorized_keys" -type f); do
-    (cat "$file"; echo) >> "$tmp_path"
+    (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path"
 done
 
 cat "$tmp_path" > "$dest_path"
 rm "$tmp_path"
+chown ssh:ssh "$dest_path"
+chmod 600 "$dest_path"

scripts/testbed_deploy.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+set -ex
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+
+touch_user() {
+    test -n "$1"
+    if id -u $1 1>/dev/null 2>&1; then
+        return
+    fi
+    if ! id -g nasp 1>/dev/null 2>&1; then
+        echo "Group 'nasp' does not exist\!"
+        exit 1
+    fi
+
+    adduser \
+        --shell /bin/bash \
+        --disabled-password \
+        --home /home/$1 \
+        $1
+    usermod -a -G nasp $1
+}
+
+update_key() {
+    tmp_path="/tmp/authorized_keys_$1"
+    dest_path="/home/$1/.ssh/authorized_keys"
+    echo "# This file is autoly generated. Changes here will not work." > "$tmp_path"
+
+    for file in $(find "$THIS_DIR/../authorized_keys/$1" -type f); do
+        (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path"
+    done
+
+    cat "$tmp_path" > "$dest_path"
+    rm "$tmp_path"
+    chown $1:$1 "$dest_path"
+    chmod 600 "$dest_path"
+}
+
+main() {
+    for file in "$THIS_DIR"/../authorized_keys/* ; do
+        if ! test -d "$file"; then
+            continue
+        fi
+        username=$(basename $file)
+        touch_user $username
+        update_key $username
+    done
+}
+
+main