Add deployment user with authorized keys

Alexander Böhm 2022-07-02 21:38:47 +02:00
parent 07eff6d20e
commit d4e9969996
2 changed files with 21 additions and 4 deletions

authorized_keys Normal file
View File

@ -0,0 +1,9 @@
# do not remove! required for automation
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFkGqrbgoDtjB1sJ4HKdgMiC3KJl6m8JQ7naB7mUwUIqVVnVcPnXMQX9jlElZ11OPLGI0Ih6KAiT2iwVnCqFrlw= deploy
# admin users
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFkGqrbgoDtjB1sJ4HKdgMiC3KJl6m8JQ7naB7mUwUIqVVnVcPnXMQX9jlElZ11OPLGI0Ih6KAiT2iwVnCqFrlw= alex
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdnrK3VE2WHPQ7VygeMUonRRsQjZw3EO6pW0rANSISN therojam
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAugLnOhEzJ8gGy0LzHiUpe18pyXoaw/b54gD+m+ua9XJLqmakgOllizKDoeqSrLtOBfL1Pqm78qDMNUaddBSMGUj9f6PaqQflNZIcghFQ8jIfSEstXVDdeBD97X+ngBLClWeQeYoOOox2H3P7NL45OD/NYHKuHX9zlWP2iPXlhWmjVJQdV/gdPciaT8nTMm0epAWwLwBTa502JVYPYdFH/rBggxLjuiXx0xR3XtXq149sEq9rNxaVEZohrVH5uOTiZtKUOkSAPwIfmPno+ekRC3DvnV8erqMoiUIc8osVrLhWWdvFfVQcqEJEjjk/Aih8mAprn/DaHOMnUZdh2US1pw== rockstable
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDA97i0en3wdYnzad3vbOfvBSNul2EgtR/hZQXF7dOqLmX7neiT82MDrensDBlUeFO756nHcWr42a1/g3nMYTrmuz89GkZLo+O27R+xWklzBYEu0hZ3L7kliHy4Fl9WU1cp5EVGAJZDgwO9RQfYD9puqnX520OQcD1BOTrjnZVxJGKJ7UM0oIyYfWNkQPYosv6oZ6caiBsBPaYprKnp/JbXsaRz1qKEPZ7BDH+94XwWj8ItGKnH460MxyaMOHdT2ThvAfAy3QXRtbgyxc59WjBDQjcJVpdYscIB2/hRwkIC6KfQSoeq8XiV1v3vrMqTmESQqvL+p9+tJC6nImk8aU7H6eCMvU6xsYlL9NlngTJWBPYVdrwaLJwrebeiFoF3+RiB9uq5W23ZxnXMOPxCag7XGaDShVHqECBHYPGSqPFdlILUy7MoO9l9SJpv0gTc+iJ7cfEhqk4VPK6a/c1xKSilr1DarOqdYB8860LFX+QMaGNo/yYjXAXlu4c67HTF6KsxlHjlqPodA4BUvK1RwPMT0Ja1t+KawWmxxMBJP8r1d8GYhklDt/cvYzKkRYlhKuJSNpLDBRvq7xM55uzneX9ZZO7D54FxLAqUJOBcH+EzvV/ViMXNnBTuCpo+/4hRIihJH2TASWViTzexUFblC44INmOcc18hUk28xlj1oi1KXw== drbroiler

View File

@ -149,7 +149,7 @@ tasksel tasksel/first multiselect none
# Individual additional packages to install # Individual additional packages to install
#d-i pkgsel/include string openssh-server build-essential #d-i pkgsel/include string openssh-server build-essential
d-i pkgsel/include string bind9-dnsutils, ca-certificates, curl, gnupg, inetutils-ping, mc, openssh-server, qemu-guest-agent, python3, rsync, tree, vim d-i pkgsel/include string bind9-dnsutils, ca-certificates, curl, gnupg, inetutils-ping, mc, openssh-server, qemu-guest-agent, python3, rsync, sudo, tree, vim
# Whether to upgrade packages after debootstrap. # Whether to upgrade packages after debootstrap.
# Allowed values: none, safe-upgrade, full-upgrade # Allowed values: none, safe-upgrade, full-upgrade
d-i pkgsel/upgrade select full-upgrade d-i pkgsel/upgrade select full-upgrade
@ -158,7 +158,7 @@ d-i pkgsel/upgrade select full-upgrade
# installed, and what software you use. The default is not to report back, # installed, and what software you use. The default is not to report back,
# but sending reports helps the project determine what software is most # but sending reports helps the project determine what software is most
# popular and include it on CDs. # popular and include it on CDs.
popularity-contest popularity-contest/participate boolean false popularity-contest popularity-contest/participate boolean true
# This is fairly safe to set, it makes grub install automatically to the MBR # This is fairly safe to set, it makes grub install automatically to the MBR
# if no other operating system is detected on the machine. # if no other operating system is detected on the machine.
@ -184,5 +184,13 @@ d-i debian-installer/exit/poweroff boolean true
# still a usable /target directory. You can chroot to /target and use it # still a usable /target directory. You can chroot to /target and use it
# directly, or use the apt-install and in-target commands to easily install # directly, or use the apt-install and in-target commands to easily install
# packages and run commands in the target system. # packages and run commands in the target system.
#d-i preseed/late_command string apt-install zsh; in-target chsh -s /bin/zsh d-i preseed/late_command string \
in-target useradd -s /bin/sh -m -U -G sudo deploy; \
in-target passwd -l deploy; \
in-target mkdir -p "/home/deploy/.ssh"; \
in-target curl -o /home/deploy/.ssh/authorized_keys; \
in-target chown -R "deploy:deploy" "/home/deploy"; \
in-target chmod 700 "/home/deploy"; \
in-target chmod 700 "/home/deploy/.ssh"; \
in-target chmod 600 "/home/deploy/.ssh/authorized_keys"; \