NelisVolschenk/server_init
0
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
server_init/scripts/01_create_user.sh

25 lines
784 B
Bash
Raw Permalink Normal View History

Initial server init setup with Ansible playbook Automated server provisioning with Pangolin reverse proxy, Forgejo git server with SSH passthrough, and OpenCode dev environment. Includes server hardening (UFW, fail2ban, SSH lockdown), Docker, Rust, Python/uv, and unattended security upgrades. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-28 10:34:20 +00:00
#!/bin/bash
set -e
echo "=== Phase 1: Creating user '$NEW_USER' on $SSH_TARGET ==="
PUBKEY_B64=$(echo "$PUBKEY" | base64 -w 0)
PASS_B64=$(echo "$USER_PASSWORD" | base64 -w 0)
ssh -o StrictHostKeyChecking=accept-new "$SSH_TARGET" bash -s -- "$NEW_USER" "$PUBKEY_B64" "$PASS_B64" <<'REMOTE'
set -e
NEW_USER="$1"
PUBKEY=$(echo "$2" | base64 -d)
USER_PASSWORD=$(echo "$3" | base64 -d)
sudo adduser --disabled-password --gecos "" "$NEW_USER"
echo "$NEW_USER:$USER_PASSWORD" | sudo chpasswd
sudo usermod -aG sudo "$NEW_USER"
sudo mkdir -p /home/$NEW_USER/.ssh
echo "$PUBKEY" | sudo tee /home/$NEW_USER/.ssh/authorized_keys > /dev/null
sudo chmod 700 /home/$NEW_USER/.ssh
sudo chmod 600 /home/$NEW_USER/.ssh/authorized_keys
sudo chown -R $NEW_USER:$NEW_USER /home/$NEW_USER/.ssh
REMOTE
Reference in a new issue Copy permalink