Skip to content
This repository was archived by the owner on Nov 8, 2021. It is now read-only.

Commit 9446065

Browse files
michaelwittigmichaelwittig
committed
source install script from github
1 parent c8c406e commit 9446065

File tree

1 file changed

+1
-106
lines changed

1 file changed

+1
-106
lines changed

showcase.yaml

Lines changed: 1 addition & 106 deletions
Original file line numberDiff line numberDiff line change
@@ -123,112 +123,7 @@ Resources:
123123
git: []
124124
files:
125125
'/opt/install.sh':
126-
content: |
127-
#!/bin/bash -e
128-
129-
show_help() {
130-
cat << EOF
131-
Usage: ${0##*/} [-hv] [-a ARN] [-i GROUP,GROUP,...] [-l GROUP,GROUP,...] [-s GROUP]
132-
Install import_users.sh and authorized_key_commands.
133-
134-
-h display this help and exit
135-
-v verbose mode.
136-
137-
-a arn Assume a role before contacting AWS IAM to get users and keys.
138-
This can be used if you define your users in one AWS account, while the EC2
139-
instance you use this script runs in another.
140-
-i group,group Which IAM groups have access to this instance
141-
Comma seperated list of IAM groups. Leave empty for all available IAM users
142-
-l group,group Give the users these local UNIX groups
143-
Comma seperated list
144-
-s group,group Specify IAM group(s) for users who should be given sudo privileges, or leave
145-
empty to not change sudo access, or give it the value '##ALL##' to have all
146-
users be given sudo rights.
147-
Comma seperated list
148-
149-
150-
EOF
151-
}
152-
153-
IAM_GROUPS=""
154-
SUDO_GROUPS=""
155-
LOCAL_GROUPS=""
156-
ASSUME_ROLE=""
157-
158-
while getopts :hva:i:l:s: opt
159-
do
160-
case $opt in
161-
h)
162-
show_help
163-
exit 0
164-
;;
165-
i)
166-
IAM_GROUPS="$OPTARG"
167-
;;
168-
s)
169-
SUDO_GROUPS="$OPTARG"
170-
;;
171-
l)
172-
LOCAL_GROUPS="$OPTARG"
173-
;;
174-
v)
175-
set -x
176-
;;
177-
a)
178-
ASSUME_ROLE="$OPTARG"
179-
;;
180-
\?)
181-
echo "Invalid option: -$OPTARG" >&2
182-
show_help
183-
exit 1
184-
;;
185-
:)
186-
echo "Option -$OPTARG requires an argument." >&2
187-
show_help
188-
exit 1
189-
esac
190-
done
191-
192-
tmpdir=$(mktemp -d)
193-
194-
cd "$tmpdir"
195-
196-
git clone https://github.com/widdix/aws-ec2-ssh.git
197-
198-
cd "$tmpdir/aws-ec2-ssh"
199-
200-
cp authorized_keys_command.sh /opt/authorized_keys_command.sh
201-
cp import_users.sh /opt/import_users.sh
202-
203-
if [ "${IAM_GROUPS}" != "" ]
204-
then
205-
echo "IAM_AUTHORIZED_GROUPS=\"${IAM_GROUPS}\"" >> /etc/aws-ec2-ssh.conf
206-
fi
207-
208-
if [ "${SUDO_GROUPS}" != "" ]
209-
then
210-
echo "SUDOERS_GROUPS=\"${SUDO_GROUPS}\"" >> /etc/aws-ec2-ssh.conf
211-
fi
212-
213-
if [ "${LOCAL_GROUPS}" != "" ]
214-
then
215-
echo "LOCAL_GROUPS=\"${LOCAL_GROUPS}\"" >> /etc/aws-ec2-ssh.conf
216-
fi
217-
218-
if [ "${ASSUME_ROLE}" != "" ]
219-
then
220-
echo "ASSUMEROLE=\"${ASSUME_ROLE}\"" >> /etc/aws-ec2-ssh.conf
221-
fi
222-
223-
sed -i 's:#AuthorizedKeysCommand none:AuthorizedKeysCommand /opt/authorized_keys_command.sh:g' /etc/ssh/sshd_config
224-
sed -i 's:#AuthorizedKeysCommandUser nobody:AuthorizedKeysCommandUser nobody:g' /etc/ssh/sshd_config
225-
226-
echo "*/10 * * * * root /opt/import_users.sh" > /etc/cron.d/import_users
227-
chmod 0644 /etc/cron.d/import_users
228-
229-
/opt/import_users.sh
230-
231-
service sshd restart
126+
source: 'https://raw.githubusercontent.com/widdix/aws-ec2-ssh/master/install.sh'
232127
mode: '000755'
233128
owner: root
234129
group: root

0 commit comments

Comments
 (0)