debian-first-boot-setup/costumize.sh

#!/bin/bash

# Server Customization Script
# Run this script to set hostname and create Git deploy keys

set -euo pipefail

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color

# Logging functions
log() {
    echo -e "${GREEN}[$(date +'%Y-%m-%d %H:%M:%S')] $1${NC}"
}

warn() {
    echo -e "${YELLOW}[WARNING] $1${NC}"
}

error() {
    echo -e "${RED}[ERROR] $1${NC}"
    exit 1
}

# Check if running as non-root user
check_user() {
    if [[ $EUID -eq 0 ]]; then
       error "This script should be run as a regular user (not root)"
    fi
}

# Set server hostname
set_hostname() {
    echo ""
    echo -e "${BLUE}=== Server Hostname Configuration ===${NC}"
    local current_hostname=$(hostname)
    echo "Current hostname: $current_hostname"
    echo ""
    
    read -p "Enter hostname for this server (press Enter to keep '$current_hostname'): " new_hostname
    
    # If empty, keep current hostname
    if [[ -z "$new_hostname" ]]; then
        log "Keeping current hostname: $current_hostname"
        return 0
    fi
    
    # Validate hostname format
    if [[ ! "$new_hostname" =~ ^[a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?$ ]]; then
        error "Invalid hostname format. Use only letters, numbers, and hyphens."
    fi
    
    log "Setting hostname to: $new_hostname"
    
    # Update /etc/hosts first to avoid hostname resolution issues
    sudo sed -i "s/127.0.1.1.*/127.0.1.1\t$new_hostname/" /etc/hosts
    
    # Add entry if it doesn't exist
    if ! grep -q "127.0.1.1" /etc/hosts; then
        echo -e "127.0.1.1\t$new_hostname" | sudo tee -a /etc/hosts
    fi
    
    # Update hostname after /etc/hosts is configured
    sudo hostnamectl set-hostname "$new_hostname"
    
    log "Hostname updated successfully"
    echo "New hostname: $(hostname)"
    
    return 0
}

# Create Git deploy keys
create_deploy_keys() {
    echo ""
    echo -e "${BLUE}=== Git Deploy Keys Setup ===${NC}"
    echo "Deploy keys allow secure Git access for deployments and automation."
    echo ""
    
    read -p "How many Git deploy keys would you like to create? (0-10): " num_keys
    
    # Validate number
    if ! [[ "$num_keys" =~ ^[0-9]+$ ]] || [ "$num_keys" -lt 0 ] || [ "$num_keys" -gt 10 ]; then
        error "Please enter a number between 0 and 10"
    fi
    
    if [ "$num_keys" -eq 0 ]; then
        log "No deploy keys will be created"
        return
    fi
    
    local server_name=$(hostname)
    local created_keys=()
    
    # Create SSH directory if it doesn't exist
    mkdir -p ~/.ssh
    chmod 700 ~/.ssh
    
    # Create each deploy key
    for ((i=1; i<=num_keys; i++)); do
        echo ""
        echo -e "${YELLOW}--- Deploy Key $i of $num_keys ---${NC}"
        
        while true; do
            read -p "Enter project name for deploy key $i: " project_name
            
            if [[ -z "$project_name" ]]; then
                echo -e "${RED}Project name cannot be empty${NC}"
                continue
            fi
            
            # Sanitize project name (remove spaces, special chars)
            project_name=$(echo "$project_name" | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9-]//g')
            
            if [[ -z "$project_name" ]]; then
                echo -e "${RED}Invalid project name. Use only letters, numbers, and hyphens.${NC}"
                continue
            fi
            
            # Check if key already exists
            if [[ -f ~/.ssh/deploy_key_$project_name ]]; then
                echo -e "${RED}Deploy key for project '$project_name' already exists${NC}"
                continue
            fi
            
            break
        done
        
        local key_file="~/.ssh/deploy_key_$project_name"
        local comment="deploy-key-$project_name-$server_name"
        
        log "Creating deploy key for project: $project_name"
        
        # Generate SSH key
        ssh-keygen -t ed25519 -f ~/.ssh/deploy_key_$project_name -C "$comment" -N ""
        
        # Set proper permissions
        chmod 600 ~/.ssh/deploy_key_$project_name
        chmod 644 ~/.ssh/deploy_key_$project_name.pub
        
        created_keys+=("$project_name")
        log "Deploy key created: ~/.ssh/deploy_key_$project_name"
    done
    
    # Configure SSH config
    configure_ssh_config "${created_keys[@]}"
    
    # Show public keys and instructions
    show_deploy_instructions "${created_keys[@]}"
}

# Configure SSH config file
configure_ssh_config() {
    local projects=("$@")
    local ssh_config="$HOME/.ssh/config"
    
    log "Configuring SSH config..."
    
    # Backup existing config
    if [[ -f "$ssh_config" ]]; then
        cp "$ssh_config" "$ssh_config.backup.$(date +%Y%m%d_%H%M%S)"
    fi
    
    echo ""
    read -p "Enter your Git server domain (e.g., git.example.com): " git_domain
    
    if [[ -z "$git_domain" ]]; then
        error "Git server domain cannot be empty"
    fi
    
    # Add SSH config entries
    for project in "${projects[@]}"; do
        echo "" >> "$ssh_config"
        echo "Host gitea-$project" >> "$ssh_config"
        echo "    HostName $git_domain" >> "$ssh_config"
        echo "    User git" >> "$ssh_config"
        echo "    Port 22" >> "$ssh_config"
        echo "    IdentityFile ~/.ssh/deploy_key_$project" >> "$ssh_config"
        echo "    IdentitiesOnly yes" >> "$ssh_config"
    done
    
    chmod 600 "$ssh_config"
    log "SSH config updated with ${#projects[@]} deploy key entries"
}

# Show deploy key public keys and usage instructions
show_deploy_instructions() {
    local projects=("$@")
    
    echo ""
    echo -e "${BLUE}=== Deploy Keys Created ===${NC}"
    echo ""
    
    for project in "${projects[@]}"; do
        echo -e "${YELLOW}--- Project: $project ---${NC}"
        echo "Public key (copy this to your Git server):"
        echo ""
        cat ~/.ssh/deploy_key_$project.pub
        echo ""
        echo -e "${GREEN}Add this key to your Git repository's deploy keys section${NC}"
        echo ""
        
        echo "Clone/configure repository:"
        echo -e "${YELLOW}# For new clones:${NC}"
        echo "git clone git@gitea-$project:username/repository.git"
        echo ""
        echo -e "${YELLOW}# For existing repos, update the remote:${NC}"
        echo "git remote set-url origin git@gitea-$project:username/repository.git"
        echo ""
        echo "================================"
        echo ""
    done
    
    echo -e "${BLUE}=== Important Notes ===${NC}"
    echo "• Deploy keys are stored in ~/.ssh/deploy_key_<project>"
    echo "• SSH config entries created as 'gitea-<project>'"
    echo "• Replace 'username/repository.git' with your actual repository path"
    echo "• Keys are ready for use after adding public keys to your Git server"
    echo ""
    echo -e "${GREEN}Setup completed successfully!${NC}"
}

# Main function
main() {
    echo -e "${BLUE}=== Server Customization Script ===${NC}"
    echo "This script will:"
    echo "1. Optionally set server hostname"
    echo "2. Create Git deploy keys"
    echo "3. Configure SSH for Git repositories"
    echo ""
    
    read -p "Continue with server customization? (y/N): " confirm
    
    if [[ ! "$confirm" =~ ^[Yy]$ ]]; then
        echo "Customization cancelled."
        exit 0
    fi
    
    # Check prerequisites
    check_user
    
    # Set hostname
    set_hostname
    
    # Create deploy keys
    create_deploy_keys
    
    echo ""
    echo -e "${GREEN}Server customization completed!${NC}"
    echo -e "${YELLOW}You may need to log out and back in to see the hostname change.${NC}"
}

main "$@"