From e5e4e9232aacfdd6e71e6c57fb68a64d402d7b5a Mon Sep 17 00:00:00 2001
From: idanoo <daniel@m2.nz>
Date: Tue, 11 Oct 2022 22:25:55 +1300
Subject: [PATCH] Add SSH keys

---
 static/authorized_keys |  3 +++
 static/setup.sh        | 41 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+)
 create mode 100644 static/authorized_keys
 create mode 100644 static/setup.sh

diff --git a/static/authorized_keys b/static/authorized_keys
new file mode 100644
index 0000000..c7a7c03
--- /dev/null
+++ b/static/authorized_keys
@@ -0,0 +1,3 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBwm+4i0Ql1OYXfOpEUrFjC/XpiI5yxBBU3iH4QOKRpN daniel@m2.nz
+
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqGnqkZWJLfZmu9elk0qQPixaSaQ8XTw8qdIu/UTck5DfwFOIvteNXksmyH2kg7VqAv5uhLmIVldxooCMS6NPQzwLO13pDY2eOEmlZDz/c262bLBGOPXD73h9JcIityUpnyNsuDooe+DreiH9EmMTsENp3OCZ428dAEFMlxcBQdtd3ky3vOWV5ZCFbBRGbIPCWfC3JNweSH9ZXHf3Q9jhqUzHTltcBpFKGWb4aojTITarfkHrbM3iIi4R2GpSyp/qTMHEaywMlssqXHOJ31h8uFcHwi1tI+e+rgKxIskXgdshGNnjavNT6OfpCfuTZeUG11fi4zsaRi3gGVFYgtIYEdoL5SWLWByN9VnvydGWOcanJkQP9kAwhfSppF13Ae5p1PWJXLgz3bWVpQ27+991eGttRZTSPn//0++jJhwAgNxCGZojbIS3X7OhISKm5KJ/uIJOh7JEVVqhbaiUDZqcznpyMkf+2V5xpVzj+/TkoHPKVLHsvBWBZrw87Qx3TKKthyIkkDdWmtctycUWKywcTqq7lnqM6p/JpZ8PQGKJljVDz93UyfPQX4QBm0C88SM3EsiXZP31ImTqke453rVlgBu9GY9mcY0OxllJjEQPoGlI2sa7BS9o3J+c9Qt5SxHvrHNwubsbULtJW7J9VUit9pG8C8Gsh2UmUQYGf40N96Q==
diff --git a/static/setup.sh b/static/setup.sh
new file mode 100644
index 0000000..459736b
--- /dev/null
+++ b/static/setup.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# wget -q -O - "http://m2.nz/setup.sh" | bash
+# curl "http://m2.nz/setup.sh" | bash
+
+# Clean up if needed
+if [[ "$1" == "uninstall" ]]; then
+    sudo rm -fr /tmp/authorized_keys
+    sudo rm -fr /usr/local/bin/check_keys
+    sed -i 's/^AuthorizedKeysCommand/#&/' /etc/ssh/sshd_config
+    sed -i 's/^AuthorizedKeysCommandUser/#&/' /etc/ssh/sshd_config
+    exit;
+fi
+
+# Write script
+sudo cat << EOF > /usr/local/bin/check_keys
+#!/bin/bash
+
+# Check if we have in tmp, if so use that then pull new ones, else just pull new ones
+if test -f "/tmp/authorized_keys"; then
+    cat /tmp/authorized_keys
+    (wget -O /tmp/authorized_keys https://m2.nz/authorized_keys || curl -o /tmp/authorized_keys https://m2.nz/authorized_keys) &
+else 
+    wget -O /tmp/authorized_keys https://m2.nz/authorized_keys || curl -o /tmp/authorized_keys https://m2.nz/authorized_keys
+    cat /tmp/authorized_keys
+fi
+
+EOF
+
+# Make executable
+sudo chmod +x /usr/local/bin/check_keys
+
+# Trigger on initial run
+/usr/local/bin/check_keys
+
+# Update SSHD to use it..
+sudo cat "AuthorizedKeysCommand      /usr/local/bin/check_keys" >> /etc/ssh/sshd_config
+sudo cat "AuthorizedKeysCommandUser      nobody" >> /etc/ssh/sshd_config
+
+# Restart for good luck
+sudo systemctl restart {sshd,ssh}