summaryrefslogtreecommitdiff
path: root/playbooks.d/ssh/playbook.bash
blob: 12f6bb6bbc0e46bfe6cb59ff53ff76a99dfbfacb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/usr/bin/env bash

playbook_add() {
	pkg install "mosh"

	mkdir -pv "/etc/ssh"

	svc enable "sshd"
	svc start "sshd"

	playbook_sync
}

playbook_sync() {
	info "$BASHTARD_PLAYBOOK" "Templating sshd_config"
	file_template "sshd_config" \
		"sftp=$(config "ssh.sftp")" \
		> /etc/ssh/sshd_config

	# Generate stronger keys if needed
	if (( $(ssh_key_size "$(config "fs.etcdir")/ssh/ssh_host_rsa_key") < 4096 ))
	then
		warn "$BASHTARD_PLAYBOOK" "Generating new RSA SSH host key"
		rm -f -- "$(config "fs.etcdir")/ssh/ssh_host_rsa_key"
		ssh-keygen -t rsa -b 4096 -f "$(config "fs.etcdir")/ssh/ssh_host_rsa_key" -N ""
	fi

	info "$BASHTARD_PLAYBOOK" "Generating MotD"
	file_template "motd" \
		"fqdn=${BASHTARD_PLATFORM[fqdn]}" \
		"time=$(date -u "+%FT%T")" \
		> /etc/motd

	[[ $BASHTARD_COMMAND == "add" ]] && return

	svc reload "sshd"
}

playbook_del() {
	svc stop "sshd"
	svc disable "sshd"
}

ssh_key_size() {
	if [[ ! -f "$1" ]]
	then
		printf "0"
		return
	fi

	ssh-keygen -l -f "$1" | awk '{ print $1 }'
}