Added SSH configuration support
This commit is contained in:
parent
f2b1a43f62
commit
e892136c14
GPG key ID:
901B2ADDF27C2263
4 changed files with 61 additions and 0 deletions
|
|
@ -44,3 +44,13 @@ password = "testpass"
|
||||||
|
|
||||||
# Allow user to use doas as root
|
# Allow user to use doas as root
|
||||||
doas_root= true
|
doas_root= true
|
||||||
|
|
||||||
|
# SSH Configuration
|
||||||
|
[ssh]
|
||||||
|
# Config file for sshd
|
||||||
|
sshd_config = "/etc/ssh/sshd_config"
|
||||||
|
|
||||||
|
# Install a SSH key for the user as `authorized_keys`
|
||||||
|
[[ssh.key]]
|
||||||
|
key = "ssh-rsa ... user@host"
|
||||||
|
users = ["testuser", "root"]
|
||||||
|
|
|
||||||
|
|
@ -11,6 +11,20 @@ pub struct InstallConfig {
|
||||||
pub pkg: PackageConfig,
|
pub pkg: PackageConfig,
|
||||||
/// User Configuration
|
/// User Configuration
|
||||||
pub user: Vec<UserConfig>,
|
pub user: Vec<UserConfig>,
|
||||||
|
/// SSH Configuration
|
||||||
|
pub ssh: Option<SSHConfig>,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Debug, Deserialize)]
|
||||||
|
pub struct SSHConfig {
|
||||||
|
pub sshd_config: Option<String>,
|
||||||
|
pub key: Vec<SSHKey>,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Debug, Deserialize)]
|
||||||
|
pub struct SSHKey {
|
||||||
|
pub key: String,
|
||||||
|
pub users: Vec<String>,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Deserialize)]
|
#[derive(Debug, Deserialize)]
|
||||||
|
|
|
||||||
|
|
@ -11,6 +11,7 @@ use drives::{format_drives, mount_drives};
|
||||||
use first_boot::{first_boot_values, genfstab};
|
use first_boot::{first_boot_values, genfstab};
|
||||||
use kernel::setup_mkinitcpio;
|
use kernel::setup_mkinitcpio;
|
||||||
use security::{setup_secure_boot, setup_tpm_unlock};
|
use security::{setup_secure_boot, setup_tpm_unlock};
|
||||||
|
use ssh::setup_ssh;
|
||||||
use user::setup_users;
|
use user::setup_users;
|
||||||
use yansi::{Color, Paint};
|
use yansi::{Color, Paint};
|
||||||
use zram::setup_zram;
|
use zram::setup_zram;
|
||||||
|
|
@ -20,6 +21,7 @@ pub mod drives;
|
||||||
pub mod first_boot;
|
pub mod first_boot;
|
||||||
pub mod kernel;
|
pub mod kernel;
|
||||||
pub mod security;
|
pub mod security;
|
||||||
|
pub mod ssh;
|
||||||
pub mod user;
|
pub mod user;
|
||||||
pub mod zram;
|
pub mod zram;
|
||||||
|
|
||||||
|
|
@ -65,6 +67,8 @@ pub fn install(conf: InstallConfig) {
|
||||||
first_boot_values(&conf.general);
|
first_boot_values(&conf.general);
|
||||||
setup_users(&conf.user);
|
setup_users(&conf.user);
|
||||||
|
|
||||||
|
setup_ssh(&conf.ssh);
|
||||||
|
|
||||||
setup_bootloader();
|
setup_bootloader();
|
||||||
|
|
||||||
match conf.general.mode {
|
match conf.general.mode {
|
||||||
|
|
|
||||||
33
src/install/ssh.rs
Normal file
33
src/install/ssh.rs
Normal file
|
|
@ -0,0 +1,33 @@
|
||||||
|
use crate::{config::SSHConfig, pkg::install_pkgs};
|
||||||
|
use std::io::Write;
|
||||||
|
|
||||||
|
pub fn setup_ssh(conf: &Option<SSHConfig>) {
|
||||||
|
if let Some(conf) = conf {
|
||||||
|
install_pkgs(&["openssh"]);
|
||||||
|
|
||||||
|
if let Some(sshd_config) = &conf.sshd_config {
|
||||||
|
let content = std::fs::read_to_string(sshd_config).unwrap();
|
||||||
|
std::fs::write("/mnt/etc/ssh/sshd_config", content).unwrap();
|
||||||
|
}
|
||||||
|
|
||||||
|
for key in &conf.key {
|
||||||
|
for user in &key.users {
|
||||||
|
let path = if user == "root" {
|
||||||
|
std::fs::create_dir_all("/root/.ssh").unwrap();
|
||||||
|
"/root/.ssh/authorized_keys".to_string()
|
||||||
|
} else {
|
||||||
|
std::fs::create_dir_all(&format!("/home/{user}/.ssh")).unwrap();
|
||||||
|
format!("/home/{user}/.ssh/authorized_keys")
|
||||||
|
};
|
||||||
|
|
||||||
|
let mut authorized_keys = std::fs::OpenOptions::new()
|
||||||
|
.append(true)
|
||||||
|
.create(true)
|
||||||
|
.open(path)
|
||||||
|
.unwrap();
|
||||||
|
|
||||||
|
writeln!(authorized_keys, "{}", format!("{}\n", key.key)).unwrap();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Add table
Reference in a new issue