From 34dd7d9344807f46290107f2869a23efe8871757 Mon Sep 17 00:00:00 2001
From: Nick Hepler <nick@nickhepler.com>
Date: Fri, 11 Oct 2024 18:58:06 -0400
Subject: [PATCH] Add prompt for limited account user. Add prompt for SSH key
 copy.

---
 setup.sh | 85 +++++++++++++++++++++++++++++++++-----------------------
 1 file changed, 51 insertions(+), 34 deletions(-)

diff --git a/setup.sh b/setup.sh
index 8d46908..9a863d6 100644
--- a/setup.sh
+++ b/setup.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # Script to update a RHEL-based Linux system, set the timezone, change the hostname,
-# update /etc/hosts, modify sshd_config settings, and optionally install Docker CE
+# add a limited user account, modify sshd_config settings, and optionally install Docker CE
 
 # Variables
 timezone="America/New_York"
@@ -12,15 +12,6 @@ prompt_for_hostname() {
     read -p "Please enter the desired hostname: " hostname
 }
 
-# Function to prompt for SSH key
-prompt_for_ssh_key() {
-    read -p "Please enter your public SSH key (or press Enter to skip): " ssh_key
-    if [ -z "$ssh_key" ]; then
-        echo "No SSH key provided. Exiting."
-        exit 1
-    fi
-}
-
 # Function to prompt for Docker installation
 prompt_for_docker_install() {
     read -p "Would you like to install Docker CE? (y/n): " install_docker
@@ -43,18 +34,34 @@ install_docker() {
     echo "Docker installation complete."
 }
 
+# Function to create a limited user account
+create_user_account() {
+    read -p "Please enter the username for the new user account: " username
+    read -sp "Please enter the password for the new user account: " password
+    echo
+
+    # Create the user and add to the wheel group
+    if id "$username" &>/dev/null; then
+        echo "User $username already exists."
+    else
+        useradd -m -G wheel "$username"
+        echo "$username:$password" | chpasswd
+        echo "User $username created and added to the wheel group."
+        
+        # Check if Docker is installed and add the user to the docker group
+        if command -v docker &> /dev/null; then
+            usermod -aG docker "$username"
+            echo "User $username added to the docker group."
+        fi
+    fi
+}
+
 # Check if the script is run as root
 if [ "$(id -u)" -ne 0 ]; then
     echo "This script must be run as root. Please use sudo or switch to root."
     exit 1
 fi
 
-# Prompt for hostname
-prompt_for_hostname
-
-# Prompt for SSH key
-prompt_for_ssh_key
-
 # Update the package manager
 echo "Updating package manager..."
 if command -v dnf &> /dev/null; then
@@ -79,19 +86,12 @@ echo "Setting timezone to $timezone..."
 timedatectl set-timezone "$timezone"
 
 # Change the hostname
+prompt_for_hostname
 echo "Setting hostname to $hostname..."
 hostnamectl set-hostname "$hostname"
 
-# Get the IP address of the machine
-ip_address=$(hostname -I | awk '{print $1}')
-
-# Add an entry to /etc/hosts
-echo "Updating /etc/hosts with IP address $ip_address and hostname $hostname..."
-if ! grep -q "$ip_address" /etc/hosts; then
-    echo "$ip_address $hostname" >> /etc/hosts
-else
-    echo "Entry for $ip_address already exists in /etc/hosts."
-fi
+# Create a limited user account
+create_user_account
 
 # Modify sshd_config
 echo "Modifying SSH configuration..."
@@ -117,13 +117,22 @@ else
     exit 1
 fi
 
-# Clean up
-echo "Cleaning up..."
-if command -v dnf &> /dev/null; then
-    dnf -y autoremove
-elif command -v yum &> /dev/null; then
-    yum -y autoremove
-fi
+# Get the IP address of the machine
+ip_address=$(hostname -I | awk '{print $1}')
+
+# Prompt the user to copy their public key
+echo "Please copy your public SSH key to the server using the following command:"
+echo "ssh-copy-id $username@$ip_address"
+
+# Wait until the authorized_keys file is no longer empty
+echo "Waiting for your public key to be copied..."
+while true; do
+    if [ -s "/home/$username/.ssh/authorized_keys" ]; then
+        echo "Public key has been successfully copied."
+        break
+    fi
+    sleep 2
+done
 
 # Restart SSH service to apply changes
 echo "Restarting SSH service..."
@@ -132,4 +141,12 @@ systemctl restart sshd
 # Prompt for Docker installation
 prompt_for_docker_install
 
-echo "System update complete! Timezone set to $timezone, hostname set to $hostname, /etc/hosts updated, and sshd_config modified."
+# Clean up
+echo "Cleaning up..."
+if command -v dnf &> /dev/null; then
+    dnf -y autoremove
+elif command -v yum &> /dev/null; then
+    yum -y autoremove
+fi
+
+echo "System update complete! Timezone set to $timezone, hostname set to $hostname, limited user created, sshd_config modified, and Docker installation completed if selected."