mirror of
https://github.com/elitak/nixos-infect.git
synced 2024-12-22 08:08:29 +03:00
improve authorized_keys parsing (#46)
This commit is contained in:
parent
9198c51f05
commit
613fa20813
1 changed files with 8 additions and 3 deletions
11
nixos-infect
11
nixos-infect
|
@ -10,7 +10,12 @@ makeConf() {
|
|||
# NB <<"EOF" quotes / $ ` in heredocs, <<EOF does not
|
||||
mkdir -p /etc/nixos
|
||||
# Prevent grep for sending error code 1 (and halting execution) when no lines are selected : https://www.unix.com/man-page/posix/1P/grep
|
||||
local IFS=$'\n'; keys=($(grep -vE '^[[:space:]]*(#|$)' /root/.ssh/authorized_keys || [[ $? == 1 ]]))
|
||||
local IFS=$'\n'
|
||||
for trypath in /root/.ssh/authorized_keys $HOME/.ssh/authorized_keys; do
|
||||
[[ -r "$trypath" ]] \
|
||||
&& keys=$(sed -E 's/^.*((ssh|ecdsa)-[^[:space:]]+)[[:space:]]+([^[:space:]]+)([[:space:]]*.*)$/\1 \3\4/' "$trypath") \
|
||||
&& break
|
||||
done
|
||||
local network_import=""
|
||||
|
||||
[ "$PROVIDER" = "digitalocean" ] && network_import="./networking.nix # generated at runtime by nixos-infect"
|
||||
|
@ -26,8 +31,8 @@ makeConf() {
|
|||
networking.hostName = "$(hostname)";
|
||||
networking.firewall.allowPing = true;
|
||||
services.openssh.enable = true;
|
||||
users.users.root.openssh.authorizedKeys.keys = [$(for key in "${keys[@]}"; do echo -n "
|
||||
\"$key\""; done)
|
||||
users.users.root.openssh.authorizedKeys.keys = [$(while read -r line; do echo -n "
|
||||
\"$line\" "; done <<< "$keys")
|
||||
];
|
||||
}
|
||||
EOF
|
||||
|
|
Loading…
Reference in a new issue