diff --git a/script/deploy.sh b/script/deploy.sh index 1a224e4..b134a0d 100755 --- a/script/deploy.sh +++ b/script/deploy.sh @@ -110,76 +110,20 @@ hierarchy_preparation() { } setup_ssh() { - edit_var() { - local ERROR_CODE=${1} - if [[ "${ERROR_CODE}" == "225" ]]; then - echo -e "\n ❌ Invalid password for ${TARGET_USER}@${LIVE_TARGET_IP}." - elif [[ "${ERROR_CODE}" == "226" ]]; then - echo -e "\n ❌ The IP address you specified cannot be reached." - else - echo -e "\n ❌ An unexpected SSH error occurred (Code: ${ERROR_CODE})." - fi + echod "\n ✅ Generating new SSH key for numbus-admin..." - echo -e " Please check the credentials provided in the configuration." - echo -e "\n Here are the current settings : - Target IP address : $(gum style --italic \"${LIVE_TARGET_IP}\") - Target password : $(gum style --italic \"${LIVE_TARGET_PASSWORD}\")" + chmod 700 ${EXTRA_FILES_PATH}/home/numbus-admin/.ssh/ + ssh-keygen -t "ed25519" -C "numbus-admin@numbus-server" -f "${EXTRA_FILES_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q - if ! gum confirm "Are these correct ?"; then - get_valid_input "LIVE_TARGET_IP" "\n ➡️ Provide the IP address of your machine in a NixOS live environment :" "192.168.1.100" "${IP_REGEX}" - get_valid_input "LIVE_TARGET_PASSWORD" "\n ➡️ Provide the password of your machine in a NixOS live environment :" "password" "" "true" "true" - fi + echod "\n ➡️ Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..." - if ! gum confirm "Retry connection ?"; then - echo -e "\n ❌ Aborted by user." - exit 1 - fi - } + if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -i "${EXTRA_FILES_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}"; then + echod "\n ✅ SSH key copied successfully" + else + echo -e "\n ❌ Failed to copy SSH key. Please check the host IP and password." + exit 1 + fi - local KNOWN_HOSTS="${HOME}/.ssh/known_hosts" - - echod "\n ➡️ Generating new SSH key for numbus-admin..." - - mkdir -p "$(dirname "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519")" - chmod 700 "$(dirname "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519")" - ssh-keygen -t "ed25519" -C "numbus-admin@numbus-${DEVICE_TYPE}" -f "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" -N "" -q - - echod "\n ➡️ Copying SSH key to target host '${TARGET_USER}@${LIVE_TARGET_IP}'..." - - while true; do - if sshpass -p "${LIVE_TARGET_PASSWORD}" ssh-copy-id -o StrictHostKeyChecking=no -o ConnectTimeout=5 -i "${TMP_EXTRA_PATH}/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then - echod "\n ✅ SSH key copied successfully" - return 0 - else - local EXIT_CODE=$? - - if [[ ${EXIT_CODE} -eq 5 ]]; then - edit_var "225" - elif ! ping -c 1 -W 2 "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}"; then - edit_var "226" - elif [[ -f "${KNOWN_HOSTS}" ]] && ssh-keygen -F "${LIVE_TARGET_IP}" -f "${KNOWN_HOSTS}" > /dev/null 2>&1; then - echo -e "\n ⚠️ The SSH fingerprint for the selected IP address $(gum style --italic "\"${LIVE_TARGET_IP}\"") is not the same as the one in $(gum style --italic "\".ssh/known_hosts\""). - - This could occur for multiple reasons : - - You ran this script multiple times - - Your live machine uses an IP address that was used by another devices you SSHed in - - You are under a Man-In-The-Middle attack - - Other - - The script $(gum style --bold "cannot continue") without the correct fingerprint installed. - If you are unsure, it is always better to check manually.\n" - - gum confirm "Remove the old fingerprint and accept the new one ?" || { - echo -e "\n ❌ SSH fingerprints don't match."; - exit 22; - } - ssh-keygen -f "${KNOWN_HOSTS}" -R "${LIVE_TARGET_IP}" >> "${STDOUT}" 2>> "${STDERR}" - else - # Catch-all for other SSH failures (Permission denied, Connection refused, etc) - edit_var "${EXIT_CODE}" - fi - fi - done } hardware_detection() {