add dserver configs

author: Paul Buetow <paul@buetow.org> 2022-10-28 10:30:45 +0300
committer: Paul Buetow <paul@buetow.org> 2022-10-28 10:30:45 +0300
commit: 7b71623df33336f8c69b2f6d12c9cf7230e1f6e6 (patch)
tree: 3443ff2e59999fa68d2c27e02ccdd70f3f667de7 /frontends/scripts
parent: 0f9b7d69be4931f87d8513fab498311c9388f567 (diff)
1 files changed, 34 insertions, 0 deletions
diff --git a/frontends/scripts/dserver-update-key-cache.sh.tpl b/frontends/scripts/dserver-update-key-cache.sh.tpl
new file mode 100644
index 0000000..86b5ecf
--- /dev/null
+++ b/frontends/scripts/dserver-update-key-cache.sh.tpl
@@ -0,0 +1,34 @@
+#!/bin/ksh
+
+CACHEDIR=/var/run/dserver/cache
+DSERVER_USER=_dserver
+DSERVER_GROUP=_dserver
+
+echo 'Updating SSH key cache'
+
+ls /home/ | while read remoteuser; do
+    keysfile=/home/$remoteuser/.ssh/authorized_keys
+
+    if [ -f $keysfile ]; then
+        cachefile=$CACHEDIR/$remoteuser.authorized_keys
+        echo "Caching $keysfile -> $cachefile"
+
+        cp $keysfile $cachefile
+        chown $DSERVER_USER:$DSERVER_GROUP $cachefile
+        chmod 600 $cachefile
+    fi
+done
+
+# Cleanup obsolete public SSH keys
+find $CACHEDIR -name \*.authorized_keys -type f |
+while read cachefile; do
+    remoteuser=$(basename $cachefile | cut -d. -f1)
+    keysfile=/home/$remoteuser/.ssh/authorized_keys
+
+    if [ ! -f $keysfile ]; then
+        echo 'Deleting obsolete cache file $cachefile'
+        rm $cachefile
+    fi
+done
+
+echo 'All set...'
author	Paul Buetow <paul@buetow.org>	2022-10-28 10:30:45 +0300
committer	Paul Buetow <paul@buetow.org>	2022-10-28 10:30:45 +0300
commit	7b71623df33336f8c69b2f6d12c9cf7230e1f6e6 (patch)
tree	3443ff2e59999fa68d2c27e02ccdd70f3f667de7 /frontends/scripts
parent	0f9b7d69be4931f87d8513fab498311c9388f567 (diff)