homelab/recipes/borg-auth.bash

#!/usr/bin/env bash

get_key() {
  hostname=$1
  ip=$2
  ssh "admin@$ip" -- 'if [ ! -f /home/admin/.ssh/id_ed25519.pub ]; then ssh-keygen -t ed25519; fi'
  pubkey=$(ssh "admin@$ip" cat '$HOME/.ssh/id*.pub')
  echo 'command="mkdir -p /borg/'"$hostname"'; cd /borg/'"$hostname"'; borg serve --restrict-to-path /borg/'"$hostname"'", restrict '"$pubkey"
}

put_key() {
  hostname=$1
  ip=$2
  line=$(get_key "$hostname" "$ip")
  ssh -t robert@xalicas "sudo -u backup mkdir -p ~backup/.ssh; echo '$line' | sudo -u backup tee -a ~backup/.ssh/authorized_keys"
}

"$@"
docs: add recipes 2025-08-25 15:13:10 -05:00			`#!/usr/bin/env bash`

			`get_key() {`
			`hostname=$1`
			`ip=$2`
			`ssh "admin@$ip" -- 'if [ ! -f /home/admin/.ssh/id_ed25519.pub ]; then ssh-keygen -t ed25519; fi'`
			`pubkey=$(ssh "admin@$ip" cat '$HOME/.ssh/id*.pub')`
			`echo 'command="mkdir -p /borg/'"$hostname"'; cd /borg/'"$hostname"'; borg serve --restrict-to-path /borg/'"$hostname"'", restrict '"$pubkey"`
			`}`

			`put_key() {`
			`hostname=$1`
			`ip=$2`
			`line=$(get_key "$hostname" "$ip")`
			`ssh -t robert@xalicas "sudo -u backup mkdir -p ~backup/.ssh; echo '$line' \| sudo -u backup tee -a ~backup/.ssh/authorized_keys"`
			`}`

			`"$@"`