Improved appearance. Added error checking.

2025-12-14 21:03:24 -05:00
parent ff6e1ddeb3
commit ae8c5d9c3e
1 changed files with 160 additions and 16 deletions
--- a/scripts/bootstrap-vps-debian12.sh
+++ b/scripts/bootstrap-vps-debian12.sh
@@ -9,33 +9,152 @@ if [[ "${UID}" -ne 0 ]]; then
    exit 1
 fi

-ANSIUSER=ansiuser
+ANSIUSER=${1:-ansiuser}
 ANSIUSERDIR=/home/$ANSIUSER
-TMP_PORT=46347
+TMP_PORT=${2:-46347}
+
+cat << EOF
+
+
+#####################
+#  Updating System  #
+#####################
+
+EOF

 # Update to current
 apt update && apt upgrade -y
+err=$?
+# Was there an error
+if [ $err -ne 0 ]; then
+    cat << EOF

-# Install requirements
-apt install -y --no-install-recommends openssh-client openssh-server sudo git curl wget
+###########################################
+# # # # # # # # # # # # # # # # # # # # # #
+###  ERROR while updating the system!   ###
+# # # # # # # # # # # # # # # # # # # # # #
+###########################################

-# Create a user for Ansible
+Correct the issues and try again. Exiting.
+
+EOF
+    exit $err
+fi
+
+cat << EOF
+
+
+#############################
+#  Installing ssh and sudo  #
+#############################
+
+EOF
+
+apt install -y --no-install-recommends openssh-client openssh-server sudo
+err=$?
+
+if [ $err -ne 0 ]; then
+    cat << EOF
+
+###############################################
+# # # # # # # # # # # # # # # # # # # # # # # #
+###  ERROR while installing ssh and sudo!   ###
+# # # # # # # # # # # # # # # # # # # # # # # #
+###############################################
+
+Correct the issues and try again. Exiting.
+
+EOF
+    exit $err
+fi
+
+cat << EOF
+
+
+###################################
+#  Creating and configuring user  #
+###################################
+
+EOF
+
+echo -e "- Creating user '$ANSIUSER'..."
 useradd -m -s /bin/bash -c "Ansible User" $ANSIUSER

-echo "Configuring sudo for user $ANSIUSER"
+echo "- Configuring sudo for user '$ANSIUSER'..."
 usermod -aG sudo $ANSIUSER
 mkdir -p /etc/sudoers.d
 cat << EOF > /etc/sudoers.d/99-ansible-user
 $ANSIUSER ALL=(ALL) NOPASSWD:ALL
 EOF
+
 echo ""

 mkdir -p $ANSIUSERDIR/.ssh
-# Prompt to paste public key
-echo "Paste public key for $ANSIUSER. Ctl+d when done." ; cat >> $ANSIUSERDIR/.ssh/authorized_keys
-echo ""

-echo "Configuring ssh..."
+# Prompt to paste public key
+cat << EOF
+
+
+########################################################
+#  IMPORTANT! |                                        #
+#-------------+                                        #
+#                                                      #
+#  Past public key for '$ANSIUSER'.                    #
+#    Ctrl+d when done.                                 #
+#                                                      #
+########################################################
+
+EOF
+
+if [ -f "$ANSIUSERDIR/.ssh/authorized_keys" ]; then
+    BEFORESZ=$(wc -c "$ANSIUSERDIR/.ssh/authorized_keys")
+else
+    BEFORESZ=0
+fi
+
+cat >> $ANSIUSERDIR/.ssh/authorized_keys
+err=$?
+
+if [ -f "$ANSIUSERDIR/.ssh/authorized_keys" ]; then
+    AFTERSZ=$(wc -c "$ANSIUSERDIR/.ssh/authorized_keys")
+    if [ ! $AFTERSZ -gt $BEFORESZ ]; then
+        cat << EOF
+
+###############################################
+# # # # # # # # # # # # # # # # # # # # # # # #
+###  ERROR authorized_keys did not change   ###
+# # # # # # # # # # # # # # # # # # # # # # # #
+###############################################
+
+Exiting!
+
+EOF
+        exit $?
+    fi
+else
+    cat << EOF
+
+#####################################################
+# # # # # # # # # # # # # # # # # # # # # # # # # # #
+###  ERROR could not append to authorized_keys!   ###
+# # # # # # # # # # # # # # # # # # # # # # # # # # #
+#####################################################
+
+Exiting!
+
+EOF
+    exit $err
+fi
+
+cat << EOF
+
+
+###################################
+#  (Re)setting SSH configuration  #
+###################################
+
+EOF
+
 chown -Rc ${ANSIUSER}:${ANSIUSER} $ANSIUSERDIR/.ssh
 chmod 700 $ANSIUSERDIR/.ssh && chmod 600 $ANSIUSERDIR/.ssh/authorized_keys

@@ -61,20 +180,43 @@ cat << EOF > /etc/ssh/sshd_config.d/enable_$ANSIUSER.conf
 AllowUsers $ANSIUSER
 EOF

+cat << EOF
+
+
+################################
+#  Opening a port (if needed)  #
+################################
+
+EOF
+
 if command -v ufw &> /dev/null; then
    echo "Opening port $TMP_PORT with ufw..."
-    ufw allow $TMP_PORT/tcp comment 'Allow temporary SSH port'
+    ufw allow $TMP_PORT/tcp comment 'Allow temporary SSH port' || echo "## WARNING error occurred while openning a port ##"
 elif command -v firewall-cmd &> /dev/null; then
    echo "Opening port $TMP_PORT with firewalld..."
-    firewall-cmd --permanent --add-port=$TMP_PORT/tcp
+    firewall-cmd --permanent --add-port=$TMP_PORT/tcp || echo "## WARNING error occurred while openning a port ##"
    firewall-cmd --reload
 elif command -v iptables &> /dev/null; then
    echo "Temporarily opening port $TMP_PORT with iptables (this session only)..."
-    iptables -I INPUT -p tcp --dport $TMP_PORT -j ACCEPT
+    iptables -I INPUT -p tcp --dport $TMP_PORT -j ACCEPT || echo "## WARNING error occurred while openning a port ##"
 fi

-echo "User:  $ANSIUSER"
-echo "Port:  $TMP_PORT"
+cat << EOF
+
+
+###################################
+#  Complete |                     #
+#-----------+                     #
+#                                 #
+#  Process completed.             #
+#    After action summary below:  #
+#                                 #
+###################################
+
+EOF
+
+echo " - User:  $ANSIUSER"
+echo " - Port:  $TMP_PORT"
 echo ""

 # Partially redact authorized_keys
@@ -83,6 +225,8 @@ grep -Poi 'ssh\-.*' $ANSIUSERDIR/.ssh/authorized_keys | awk '{ print $1, substr(
 echo "-----------------------"

 echo ""
-echo "Restarting SSH server and ending script"
+echo "Restarting SSH server in 10 seconds and ending script"
+sleep 10

+systemctl enable sshd
 systemctl restart sshd