#!/usr/bin/env bash
set +xe

username=user
ssh_login_key="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOLFCOqpPOTZEQiWcY9TyVQnMoc5bCYlxLaRKhiB/uxo xbr 2024-06-16"
projects_c3l_pubkey="|1|X2M4bHKf8E+plhJ6KoDZzCfw5LI=|EpHLDWOmOq4SLelYTGd8SH+7hvU= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIXfRmGmfbxPoErs5lpTnz+PZRQdh0QvPGTiswxFkXOx"

log() {
    printf "[-] %s\n" "$@"
}

install_packages() {
    log "Installing packages..."

    apt update && apt upgrade -y
    # Installing QoL packages (1) then gluon deps (2)
    # ! Debian 13-specific !
    apt install -y htop tmux vim sudo mosh \
                git python3 python-is-python3 python3-setuptools build-essential ecdsautils gawk unzip libncurses5-dev zlib1g-dev libssl-dev libelf-dev wget rsync time qemu-utils
}

create_user() {
    log "Creating user..."

    # user: forcing bash, and needs (passwordless) sudo
    useradd -ms /bin/bash -G sudo $username
    # enabling passwordless sudo
    sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g'
}

ssh_setup() {
    log "Setting up SSH..."

    sudo -u user ssh-keygen -t ed25519 -N '' -C 'freifunk-builder' < /dev/zero

    home_dir=""; eval home_dir=~$username
    echo "$ssh_login_key" >> "$home_dir/.ssh/authorized_keys"
    chmod -v 600 "$home_dir/.ssh/authorized_keys"
    echo "$projects_c3l_pubkey" >> "$home_dir/.ssh/known_hosts"
    chmod -v 644 "$home_dir/.ssh/known_hosts"

    echo "The user's SSH pubkey is the following:"
    cat "$home_dir/.ssh/id_ed25519.pub"
    echo
    echo "Do not forget to add it to projects.c3l.lu"
}

install_packages
create_user
ssh_setup