53 lines
1.5 KiB
Bash
53 lines
1.5 KiB
Bash
#!/bin/sh
|
|
|
|
set -x
|
|
|
|
if ! (id -u "${WEECHAT_USER}" 2>/dev/null); then
|
|
adduser -u "${WEECHAT_UID}" -D -H "${WEECHAT_USER}"
|
|
sed -i 's/^'"${WEECHAT_UID}"':!:/'"${WEECHAT_UID}"':*:/' /etc/shadow
|
|
USER_RANDOM_PASS=$(tr -dc '_A-Z-a-z-0-9$§%&/()!;:_,.-' < /dev/urandom | head -c${1:-64};echo;)
|
|
echo "${WEECHAT_USER}:${USER_RANDOM_PASS}" | chpasswd
|
|
fi
|
|
|
|
WEECHAT_HOME="${WEECHAT_BASE}/.weechat"
|
|
if [ ! -d "${WEECHAT_HOME}" ]; then
|
|
mkdir -vp "${WEECHAT_HOME}"
|
|
chown -R "${WEECHAT_UID}" "${WEECHAT_HOME}"
|
|
fi
|
|
|
|
for KEY_TYPE in rsa dsa ed25519 ecdsa; do
|
|
KEY_FILE="/etc/ssh/ssh_host_${KEY_TYPE}_key"
|
|
if [ ! -f "${KEY_FILE}" ]; then
|
|
ssh-keygen -f "${KEY_FILE}" -N '' -t "${KEY_TYPE}"
|
|
fi
|
|
done
|
|
|
|
if [ ! -d "/var/run/sshd" ]; then
|
|
mkdir -p /var/run/sshd
|
|
fi
|
|
|
|
if [ -f /config/sshd_config ] ; then
|
|
SSHD_CONFIG=/config/sshd_config
|
|
else
|
|
SSHD_CONFIG=/etc/ssh/sshd_config
|
|
fi
|
|
|
|
/usr/sbin/sshd -f "${SSHD_CONFIG}" -p "${SSH_PORT}" -D &
|
|
|
|
cd "${WEECHAT_BASE}"
|
|
test -d .ssh || mkdir -vp .ssh
|
|
|
|
if [ -f /config/authorized_keys ] ; then
|
|
touch .ssh/authorized_keys
|
|
while read SSH_KEY ; do
|
|
if ! grep -q $(echo "${SSH_KEY}" | awk '{ print $2 }') .ssh/authorized_keys ; then
|
|
echo 'no-agent-forwarding,no-X11-forwarding,permitopen="localhost:'"${SSH_PORT}"'",command="echo '\''This account can only be used for WeeChat relays'\''" '"${SSH_KEY}" >> .ssh/authorized_keys
|
|
fi
|
|
done < /config/authorized_keys
|
|
fi
|
|
chown -R "${WEECHAT_UID}" .ssh
|
|
|
|
cd "${WEECHAT_HOME}"
|
|
exec su "${WEECHAT_USER}" -c 'weechat-headless --stdout'
|
|
|