From 8f4f868216f5fba62011040b4502943e20dffae4 Mon Sep 17 00:00:00 2001 From: Morten Strandbo Date: Wed, 10 Apr 2024 15:12:44 +0200 Subject: [PATCH 1/2] Upload files to "/" --- getitdone.sh | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 getitdone.sh diff --git a/getitdone.sh b/getitdone.sh new file mode 100644 index 0000000..9eb6759 --- /dev/null +++ b/getitdone.sh @@ -0,0 +1,34 @@ +# Setup LDAP-logon on ubuntu-servers +# + +# Install dependencies +sudo nala install sssd -y + +# Download configs and scripts +mkdir -p /tmp/ldapsetup/ +wget -q -O --show-progress /tmp/ldapsetup/authentik_customcert.pem https://code.strandbo.no/morten/ubuntu-ldap-integration/raw/branch/main/authentik_customcert.pem +wget -q -O --show-progress /tmp/ldapsetup/ldap.conf https://code.strandbo.no/morten/ubuntu-ldap-integration/raw/branch/main/ldap.conf +wget -q -O --show-progress /tmp/ldapsetup/nsswitch.conf https://code.strandbo.no/morten/ubuntu-ldap-integration/raw/branch/main/nsswitch.conf +wget -q -O --show-progress /tmp/ldapsetup/ssh-getkey-ldap.sh https://code.strandbo.no/morten/ubuntu-ldap-integration/raw/branch/main/ssh-getkey-ldap.sh +wget -q -O --show-progress /tmp/ldapsetup/sssd.conf https://code.strandbo.no/morten/ubuntu-ldap-integration/raw/branch/main/sssd.conf + +# Move them about and rub +echo "## Placing files and rubbing 'em" +mv /tmp/ldapsetup/sssd.conf /etc/sssd/ +mv /tmp/ldapsetup/authentik_customcert.pem /etc/ssl/certs/ +mv -f /tmp/ldapsetup/ldap.conf /etc/ldap/ +mv /tmp/ldapsetup/ssh-getkey-ldap.sh /etc/ldap +mv -f /tmp/ldapsetup/nsswitch.conf /etc/ + +chmod 0600 /etc/sssd/sssd.conf +pam-auth-update --enable mkhomedir + +# Insert sshd_config +echo "# SS//Login specific info" >> /etc/ssh/sshd_config +echo "PubkeyAuthentication yes" >> /etc/ssh/sshd_config +echo "AuthorizedKeysCommand /etc/ldap/ssh-getkey-ldap.sh" >> /etc/ssh/sshd_config +echo "AuthorizedKeysCommandUser nobody" >> /etc/ssh/sshd_config + + +echo "###" +echo "And we're done. Have a quick reboot and login with your SS//Login Credentials" \ No newline at end of file From e8bf39438a302c87045cf601f174cee74f71df18 Mon Sep 17 00:00:00 2001 From: Morten Strandbo Date: Wed, 10 Apr 2024 15:12:55 +0200 Subject: [PATCH 2/2] Delete getitdone.sh --- getitdone.sh | 34 ---------------------------------- 1 file changed, 34 deletions(-) delete mode 100644 getitdone.sh diff --git a/getitdone.sh b/getitdone.sh deleted file mode 100644 index 9eb6759..0000000 --- a/getitdone.sh +++ /dev/null @@ -1,34 +0,0 @@ -# Setup LDAP-logon on ubuntu-servers -# - -# Install dependencies -sudo nala install sssd -y - -# Download configs and scripts -mkdir -p /tmp/ldapsetup/ -wget -q -O --show-progress /tmp/ldapsetup/authentik_customcert.pem https://code.strandbo.no/morten/ubuntu-ldap-integration/raw/branch/main/authentik_customcert.pem -wget -q -O --show-progress /tmp/ldapsetup/ldap.conf https://code.strandbo.no/morten/ubuntu-ldap-integration/raw/branch/main/ldap.conf -wget -q -O --show-progress /tmp/ldapsetup/nsswitch.conf https://code.strandbo.no/morten/ubuntu-ldap-integration/raw/branch/main/nsswitch.conf -wget -q -O --show-progress /tmp/ldapsetup/ssh-getkey-ldap.sh https://code.strandbo.no/morten/ubuntu-ldap-integration/raw/branch/main/ssh-getkey-ldap.sh -wget -q -O --show-progress /tmp/ldapsetup/sssd.conf https://code.strandbo.no/morten/ubuntu-ldap-integration/raw/branch/main/sssd.conf - -# Move them about and rub -echo "## Placing files and rubbing 'em" -mv /tmp/ldapsetup/sssd.conf /etc/sssd/ -mv /tmp/ldapsetup/authentik_customcert.pem /etc/ssl/certs/ -mv -f /tmp/ldapsetup/ldap.conf /etc/ldap/ -mv /tmp/ldapsetup/ssh-getkey-ldap.sh /etc/ldap -mv -f /tmp/ldapsetup/nsswitch.conf /etc/ - -chmod 0600 /etc/sssd/sssd.conf -pam-auth-update --enable mkhomedir - -# Insert sshd_config -echo "# SS//Login specific info" >> /etc/ssh/sshd_config -echo "PubkeyAuthentication yes" >> /etc/ssh/sshd_config -echo "AuthorizedKeysCommand /etc/ldap/ssh-getkey-ldap.sh" >> /etc/ssh/sshd_config -echo "AuthorizedKeysCommandUser nobody" >> /etc/ssh/sshd_config - - -echo "###" -echo "And we're done. Have a quick reboot and login with your SS//Login Credentials" \ No newline at end of file