ssh-bastion/entrypoint.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

#!/bin/sh

if [ ! -d /srv/ssh/hostkeys ]; then
    echo "No host keys found... generating"
    mkdir -p /srv/ssh/hostkeys

    ssh-keygen -f /srv/ssh/hostkeys/rsa_key -N '' -t rsa
    ssh-keygen -f /srv/ssh/hostkeys/ed25519_key -N '' -t ed25519
    ssh-keygen -f /srv/ssh/hostkeys/ecdsa_key -N '' -t ecdsa

    rm *.pub
fi

if [ ! -d /srv/ssh/users ]; then
    echo "No users directory found... creating"
    mkdir -p /srv/ssh/users
fi

for path in /srv/ssh/users/*; do
    user=$(basename $path)
    if [ "$user" = "*" ]; then
        break
    fi

    if getent passwd $user 2>&1 >/dev/null; then
        echo "User $user already exists"
        continue
    fi

    uid=$(cat /srv/ssh/users/$user/uid)
    if [[ -z "$uid" ]]; then
        echo "No UID for $user"
        exit 1
    fi

    echo "Creating user ${user}(${uid})"
    adduser -DH -s /sbin/nologin -u $uid $user
done

exec "$@"