WIP keyfile stuff

2023-03-04 00:15:12 +00:00 · 2023-03-04 00:15:12 +00:00 · e5cf8a5521
parent 2acc042fe7
commit e5cf8a5521
2 changed files with 36 additions and 4 deletions
--- a/cmd/createkeyfile/main.go
+++ b/cmd/createkeyfile/main.go
@ -21,6 +21,7 @@ import (
 	"os"
 	"os/user"
 	"path"
+	"strings"
 )

 const keyfileName = "authorized_keys2"
@ -39,10 +40,15 @@ func main() {
 	sshPath := path.Join("/home", u.Username, ".ssh")
 	keyfilePath := path.Join(sshPath, keyfileName)

-	if err = os.Mkdir(sshPath, os.FileMode(0600)); err != nil {
+	if err = os.Mkdir(sshPath, os.FileMode(0700)); err != nil {
 		quit(err.Error())
 	}

+	_, err := os.Open(keyfileName)
+	if err == nil {
+		quit(fmt.Sprintf("%s already exists", keyfileName))
+	}
+
 	f, err := os.Create(keyfilePath)
 	if err != nil {
 		quit(err.Error())
@ -54,7 +60,7 @@ func main() {
 		quit(err.Error())
 	}

-	stdin := []byte{}
+	stdin := make([]byte, 90000) // arbitrary limit

 	n, err := os.Stdin.Read(stdin)
 	if err != nil {
@ -63,6 +69,13 @@ func main() {
 		quit("nothing passed on STDIN")
 	}

+	stdin = stdin[0:n]
+
+	if !strings.HasPrefix(string(stdin), "########## GREETINGS! ##########") {
+		// TODO further validation?
+		quit(fmt.Sprintf("file contents look wrong: %s", string(stdin)))
+	}
+
 	n, err = f.Write(stdin)
 	if err != nil {
 		quit(err.Error())
--- a/cmd/welcome/main.go
+++ b/cmd/welcome/main.go
@ -1,6 +1,7 @@
 package main

 import (
+	"bytes"
 	"errors"
 	"fmt"
 	"net/mail"
@ -274,12 +275,30 @@ func createUser(data newUserData) (err error) {
 		return fmt.Errorf("usermod failed: %w", err)
 	}

-	// TODO create keyfile by running helper (helper should also make ~/.ssh)
-	// TODO generate welcome gift
+	cmd = exec.Command("sudo", "/town/bin/createkeyfile")
+	cmd.Stdin = bytes.NewBufferString(keyfileText(data))
+	if err = cmd.Run(); err != nil {
+		return fmt.Errorf("createkeyfile failed: %w", err)
+	}
+
+	cmd = exec.Command("sudo", "/town/bin/generate_welcome_present.sh", data.Username)
+	if err = cmd.Run(); err != nil {
+		// TODO log this. no reason to bail out.
+	}
+
 	// TODO any alerts
 	return errors.New("not implemented")
 }

+func keyfileText(data newUserData) string {
+	header := `########## GREETINGS! ##########
+# Hi! This file was automatically generated by tilde.town when
+# your account was created. You can edit it if you want, but we
+# recommend adding stuff to ~/.ssh/authorized_keys instead.`
+
+	return fmt.Sprintf("%s\n%s", header, data.PubKey)
+}
+
 func main() {
 	// TODO friendlier error handling
 	err := _main()