orion/srv
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: shellcheck

Browse Source
This commit is contained in:
Orion Kindel 2023-05-20 19:20:53 -05:00
parent 6d86bbb538
commit 4e7c9aaf8a
Signed by untrusted user who does not match committer: orion
GPG Key ID: 6D4165AE4C928719
7 changed files with 36 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/000-entry.sh
View File

@ -3,7 +3,6 @@
set -xo pipefail set -xo pipefail
domain_root="${DOMAIN_ROOT:-orionkindel.com}" domain_root="${DOMAIN_ROOT:-orionkindel.com}"
subdomain_gitea="${SUBDOMAIN_GITEA:-git}"
uid_git="${UID_GIT:-1000}" uid_git="${UID_GIT:-1000}"
@ -27,7 +26,7 @@ uid_git="${UID_GIT:-1000}"
# ... # ...
# ``` # ```
function doas { function doas {
ssh -F /dev/null -o IdentitiesOnly=yes -i /root/.ssh/local_ed25519 $1@localhost "set -xo pipefail; $2" ssh -F /dev/null -o IdentitiesOnly=yes -i /root/.ssh/local_ed25519 "$1@localhost" "set -xo pipefail; $2"
} }
rm /root/.ssh/local_ed25519 || true; rm /root/.ssh/local_ed25519 || true;

2
src/010-system-apt.sh
View File

@ -24,6 +24,8 @@ install -m 0755 -d /etc/apt/keyrings
rm /etc/apt/keyrings/docker.gpg || true; rm /etc/apt/keyrings/docker.gpg || true;
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg chmod a+r /etc/apt/keyrings/docker.gpg
# shellcheck disable=SC2027,SC2046
echo \ echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \ "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \

28
src/011-system-users.sh
View File

@ -3,29 +3,29 @@
function user_del_if_exist { function user_del_if_exist {
if id "$1" &>/dev/null; then if id "$1" &>/dev/null; then
set +x set +x
grp=`id -g $1` grp=$(id -g "$1")
# https://i.imgflip.com/3ggbcq.jpg # https://i.imgflip.com/3ggbcq.jpg
until userdel $1; do pkill -eU $1 || true; done; until userdel "$1"; do pkill -eU "$1" || true; done;
set -x set -x
groupdel $grp || true groupdel "$grp" || true
rm -rf /home/$1 || true rm -rf "/home/${1:?}" || true
fi fi
} }
function user_init { function user_init {
loginctl enable-linger $1 loginctl enable-linger "$1"
rm -r /home/$1/.ssh || true rm -r "/home/$1/.ssh" || true
mkdir /home/$1/.ssh mkdir "/home/$1/.ssh"
chown $1:$1 /home/$1/.ssh chown "$1:$1" "/home/$1/.ssh"
cp /root/.ssh/local_ed25519.pub /home/$1/.ssh/authorized_keys cp /root/.ssh/local_ed25519.pub "/home/$1/.ssh/authorized_keys"
chown $1:$1 /home/$1/.ssh/authorized_keys chown "$1:$1" "/home/$1/.ssh/authorized_keys"
chmod 600 /home/$1/.ssh/authorized_keys chmod 600 "/home/$1/.ssh/authorized_keys"
doas $1 " doas "$1" "
echo $2 >> ~/.ssh/authorized_keys; echo \"$2\" >> ~/.ssh/authorized_keys;
echo \"export DOCKER_HOST=unix:///run/user/`id -u $1`/docker.sock\" > ~/.bashrc; echo \"export DOCKER_HOST=unix:///run/user/$(id -u "$1")/docker.sock\" > ~/.bashrc;
echo \"export PATH=/usr/bin:/usr/sbin:$PATH\" >> ~/.bashrc; echo \"export PATH=/usr/bin:/usr/sbin:$PATH\" >> ~/.bashrc;
source ~/.bashrc; source ~/.bashrc;
dockerd-rootless-setuptool.sh install; dockerd-rootless-setuptool.sh install;

14
src/012-system-users-gitea.sh
View File

@ -1,5 +1,7 @@
#! /usr/bin/bash #! /usr/bin/bash
uid_git=${uid_git:-}
## backup gitea data to /tmp ## backup gitea data to /tmp
mkdir -p /tmp/git mkdir -p /tmp/git
if id git &>/dev/null; then if id git &>/dev/null; then
@ -17,17 +19,17 @@ fi
## delete and recreate `git` user ## delete and recreate `git` user
user_del_if_exist git user_del_if_exist git
echo $uid_git echo "$uid_git"
groupadd --gid $uid_git git groupadd --gid "$uid_git" git
useradd \ useradd \
--gid $uid_git \ --gid "$uid_git" \
--uid $uid_git \ --uid "$uid_git" \
--create-home \ --create-home \
--shell /bin/bash \ --shell /bin/bash \
git git
read -p 'enter public ssh key allowing sessions as `git`:' git_ssh_pub read -rp "enter public ssh key allowing sessions as \`git\`:" git_ssh_pub
user_init git $git_ssh_pub user_init git "$git_ssh_pub"
## restore homedir ## restore homedir
mv /tmp/git/data /home/git/ mv /tmp/git/data /home/git/

4
src/013-system-users-other.sh
View File

@ -2,5 +2,5 @@
user_del_if_exist orion user_del_if_exist orion
useradd --create-home --shell /bin/bash orion useradd --create-home --shell /bin/bash orion
read -p 'enter public ssh key allowing sessions as `orion`:' orion_ssh_pub read -rp "enter public ssh key allowing sessions as \`orion\`:" orion_ssh_pub
user_init orion $orion_ssh_pub user_init orion "$orion_ssh_pub"

14
src/021-net-routing.sh
View File

@ -1,16 +1,18 @@
#! /usr/bin/bash #! /usr/bin/bash
domain_root=${domain_root:-}
mkdir -p /etc/nginx/sites-available mkdir -p /etc/nginx/sites-available
mkdir -p /etc/nginx/sites-enabled mkdir -p /etc/nginx/sites-enabled
rm -r /etc/nginx/sites-available/$domain_root 2>/dev/null || true rm -r "/etc/nginx/sites-available/$domain_root" 2>/dev/null || true
rm -r /etc/nginx/sites-enabled/$domain_root 2>/dev/null || true rm -r "/etc/nginx/sites-enabled/$domain_root" 2>/dev/null || true
touch /etc/nginx/sites-available/$domain_root touch "/etc/nginx/sites-available/$domain_root"
ln -s /etc/nginx/sites-available/$domain_root /etc/nginx/sites-enabled/$domain_root ln -s "/etc/nginx/sites-available/$domain_root" "/etc/nginx/sites-enabled/$domain_root"
cp ./nginx.conf /etc/nginx/sites-available/$domain_root cp ./nginx.conf "/etc/nginx/sites-available/$domain_root"
chmod 777 /etc/nginx/sites-available/$domain_root chmod 777 "/etc/nginx/sites-available/$domain_root"
systemctl enable nginx systemctl enable nginx
systemctl start nginx systemctl start nginx

2
src/030-gitea-actions.sh
View File

@ -1,6 +1,6 @@
#! /usr/bin/bash #! /usr/bin/bash
read -p 'enter action runner token: ' token read -rp 'enter action runner token: ' token
cp ./gitea-actions-runner-config.yml /home/git/runner-config.yml cp ./gitea-actions-runner-config.yml /home/git/runner-config.yml