From 158d369a5bbb45feeba07cb092bbed6c171a53d3 Mon Sep 17 00:00:00 2001
From: jirka1324 <jirka@krausj.cz>
Date: Sun, 2 Feb 2025 13:26:17 +0100
Subject: [PATCH] added automatic force of ssh key login added script for
 loading ssh keys from git

---
 install.sh         | 15 +++++++++++----
 update-ssh-keys.sh | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+), 4 deletions(-)
 create mode 100644 update-ssh-keys.sh

diff --git a/install.sh b/install.sh
index 71a37df..fcb997f 100644
--- a/install.sh
+++ b/install.sh
@@ -6,9 +6,16 @@ if [[ -z "$idk" ]]; then
    echo 'alias sudo=""' >> ~/.bashrc
 fi
 
-apt install -y caddy
+CONFIG_FILE="/etc/ssh/sshd_config"
+
+# Upraví konfiguraci SSH pro povolení pouze přihlašování pomocí klíčů
+sed -i 's/^#\?\(PasswordAuthentication\) .*/\1 no/' "$CONFIG_FILE"
+sed -i 's/^#\?\(PermitRootLogin\) .*/\1 prohibit-password/' "$CONFIG_FILE"
+sed -i 's/^#\?\(PubkeyAuthentication\) .*/\1 yes/' "$CONFIG_FILE"
+
+# Restart SSH, aby se změny projevily
+systemctl restart sshd
+
+echo "SSH je nyní nastaveno pouze pro přihlašování pomocí klíčů."
 
-cp /etc/caddy/Caddyfile /etc/caddy/Caddyfile.bak 
 
-cp ./config/Caddyfile /etc/caddy/Caddyfile
-systemctl reload caddy
diff --git a/update-ssh-keys.sh b/update-ssh-keys.sh
new file mode 100644
index 0000000..6377599
--- /dev/null
+++ b/update-ssh-keys.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+if [ "$EUID" -eq 0 ]; then
+   KEYS_DIR="/root/ssh-keys"
+   AUTHORIZED_KEYS="/root/.ssh/authorized_keys"
+else
+   if [ -z "$1" ]; then
+      USER='whoami'
+   else
+      USER='$1'
+   fi
+   KEYS_DIR="/home/${USER}/ssh-keys"
+   AUTHORIZED_KEYS="/home/${USER}/.ssh/authorized_keys"
+fi
+
+# Git repo
+GIT_REPO="https://git.chillplace.beer/jirka1324/ssh-keys.git"
+
+# Logování
+LOG_FILE="/var/log/update-ssh-keys.log"
+
+# Pokud repo neexistuje, naklonovat
+if [ ! -d "$KEYS_DIR" ]; then
+    git clone "$GIT_REPO" "$KEYS_DIR" >> "$LOG_FILE" 2>&1
+fi
+
+# Stáhnout nové změny
+cd "$KEYS_DIR" || exit
+git pull origin main >> "$LOG_FILE" 2>&1
+
+# Zkopírovat do ~/.ssh
+cp "$KEYS_DIR/authorized_keys" "$AUTHORIZED_KEYS"
+chown "$USER:$USER" "$AUTHORIZED_KEYS"
+chmod 600 "$AUTHORIZED_KEYS"
+
+echo "Klíče aktualizovány: $(date)" >> "$LOG_FILE"
+