jumpserver_deploy.sh

scripts/jumpserver_cron.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+set -ex
+THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
+
+tmp_path="/tmp/authorized_keys"
+dest_path="/home/ssh/.ssh/authorized_keys"
+echo "# This file is autoly generated. Changes here will not work." > "$tmp_path"
+
+for file in $(find "$THIS_DIR/../authorized_keys" -type f); do
+    (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path"
+done
+
+cat "$tmp_path" > "$dest_path"
+rm "$tmp_path"
+chown ssh:ssh "$dest_path"
+chmod 600 "$dest_path"

scripts/jumpserver_deploy.sh

@@ -2,15 +2,19 @@
 set -ex
 THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd )
 
-tmp_path="/tmp/authorized_keys"
+adduser \
-dest_path="/home/ssh/.ssh/authorized_keys"
+   --disabled-password \
-echo "# This file is autoly generated. Changes here will not work." > "$tmp_path"
+   --home /home/ssh \
+   ssh
 
-for file in $(find "$THIS_DIR/../authorized_keys" -type f); do
+insert_if_not_exist()
-    (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path"
+{
-done
+    filename=$1
+    line=$2
+    if [ ! -f "$filename" ]; then
+        touch $filename
+    fi
+    grep -qxF -- "$line" "$filename" || echo "$line" >> "$filename"
+}
 
-cat "$tmp_path" > "$dest_path"
+insert_if_not_exist "/etc/crontab" "*/5 0 0 0 0 cd \"$THIS_DIR\" && git pull && \"$THIS_DIR\"/jumpserver_cron.sh"
-rm "$tmp_path"
-chown ssh:ssh "$dest_path"
-chmod 600 "$dest_path"