Add deployment user with authorized keys
parent
07eff6d20e
commit
d4e9969996
|
@ -0,0 +1,9 @@
|
|||
# do not remove! required for automation
|
||||
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFkGqrbgoDtjB1sJ4HKdgMiC3KJl6m8JQ7naB7mUwUIqVVnVcPnXMQX9jlElZ11OPLGI0Ih6KAiT2iwVnCqFrlw= deploy
|
||||
|
||||
# admin users
|
||||
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFkGqrbgoDtjB1sJ4HKdgMiC3KJl6m8JQ7naB7mUwUIqVVnVcPnXMQX9jlElZ11OPLGI0Ih6KAiT2iwVnCqFrlw= alex
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdnrK3VE2WHPQ7VygeMUonRRsQjZw3EO6pW0rANSISN therojam
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAugLnOhEzJ8gGy0LzHiUpe18pyXoaw/b54gD+m+ua9XJLqmakgOllizKDoeqSrLtOBfL1Pqm78qDMNUaddBSMGUj9f6PaqQflNZIcghFQ8jIfSEstXVDdeBD97X+ngBLClWeQeYoOOox2H3P7NL45OD/NYHKuHX9zlWP2iPXlhWmjVJQdV/gdPciaT8nTMm0epAWwLwBTa502JVYPYdFH/rBggxLjuiXx0xR3XtXq149sEq9rNxaVEZohrVH5uOTiZtKUOkSAPwIfmPno+ekRC3DvnV8erqMoiUIc8osVrLhWWdvFfVQcqEJEjjk/Aih8mAprn/DaHOMnUZdh2US1pw== rockstable
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDA97i0en3wdYnzad3vbOfvBSNul2EgtR/hZQXF7dOqLmX7neiT82MDrensDBlUeFO756nHcWr42a1/g3nMYTrmuz89GkZLo+O27R+xWklzBYEu0hZ3L7kliHy4Fl9WU1cp5EVGAJZDgwO9RQfYD9puqnX520OQcD1BOTrjnZVxJGKJ7UM0oIyYfWNkQPYosv6oZ6caiBsBPaYprKnp/JbXsaRz1qKEPZ7BDH+94XwWj8ItGKnH460MxyaMOHdT2ThvAfAy3QXRtbgyxc59WjBDQjcJVpdYscIB2/hRwkIC6KfQSoeq8XiV1v3vrMqTmESQqvL+p9+tJC6nImk8aU7H6eCMvU6xsYlL9NlngTJWBPYVdrwaLJwrebeiFoF3+RiB9uq5W23ZxnXMOPxCag7XGaDShVHqECBHYPGSqPFdlILUy7MoO9l9SJpv0gTc+iJ7cfEhqk4VPK6a/c1xKSilr1DarOqdYB8860LFX+QMaGNo/yYjXAXlu4c67HTF6KsxlHjlqPodA4BUvK1RwPMT0Ja1t+KawWmxxMBJP8r1d8GYhklDt/cvYzKkRYlhKuJSNpLDBRvq7xM55uzneX9ZZO7D54FxLAqUJOBcH+EzvV/ViMXNnBTuCpo+/4hRIihJH2TASWViTzexUFblC44INmOcc18hUk28xlj1oi1KXw== drbroiler
|
||||
|
16
debian.cfg
16
debian.cfg
|
@ -149,7 +149,7 @@ tasksel tasksel/first multiselect none
|
|||
|
||||
# Individual additional packages to install
|
||||
#d-i pkgsel/include string openssh-server build-essential
|
||||
d-i pkgsel/include string bind9-dnsutils, ca-certificates, curl, gnupg, inetutils-ping, mc, openssh-server, qemu-guest-agent, python3, rsync, tree, vim
|
||||
d-i pkgsel/include string bind9-dnsutils, ca-certificates, curl, gnupg, inetutils-ping, mc, openssh-server, qemu-guest-agent, python3, rsync, sudo, tree, vim
|
||||
# Whether to upgrade packages after debootstrap.
|
||||
# Allowed values: none, safe-upgrade, full-upgrade
|
||||
d-i pkgsel/upgrade select full-upgrade
|
||||
|
@ -158,7 +158,7 @@ d-i pkgsel/upgrade select full-upgrade
|
|||
# installed, and what software you use. The default is not to report back,
|
||||
# but sending reports helps the project determine what software is most
|
||||
# popular and include it on CDs.
|
||||
popularity-contest popularity-contest/participate boolean false
|
||||
popularity-contest popularity-contest/participate boolean true
|
||||
|
||||
# This is fairly safe to set, it makes grub install automatically to the MBR
|
||||
# if no other operating system is detected on the machine.
|
||||
|
@ -184,5 +184,13 @@ d-i debian-installer/exit/poweroff boolean true
|
|||
# still a usable /target directory. You can chroot to /target and use it
|
||||
# directly, or use the apt-install and in-target commands to easily install
|
||||
# packages and run commands in the target system.
|
||||
#d-i preseed/late_command string apt-install zsh; in-target chsh -s /bin/zsh
|
||||
|
||||
d-i preseed/late_command string \
|
||||
in-target useradd -s /bin/sh -m -U -G sudo deploy; \
|
||||
in-target passwd -l deploy; \
|
||||
in-target mkdir -p "/home/deploy/.ssh"; \
|
||||
in-target curl -o /home/deploy/.ssh/authorized_keys https://git.dezentrale.cloud/services/preseed/raw/branch/main/authorized_keys; \
|
||||
in-target chown -R "deploy:deploy" "/home/deploy"; \
|
||||
in-target chmod 700 "/home/deploy"; \
|
||||
in-target chmod 700 "/home/deploy/.ssh"; \
|
||||
in-target chmod 600 "/home/deploy/.ssh/authorized_keys"; \
|
||||
true
|
||||
|
|
Loading…
Reference in New Issue