#!/bin/sh -e

# Usages:
# wget -O - https://gist.github.com/piihuynh/xxx/raw/yyy/add-user-on-ubuntu.sh | bash -s username
# bash -c "$(wget -qO - 'https://gist.github.com/piihuynh/xxx/raw/587yyy/add-user-on-ubuntu.sh')" '' username

[ $EUID -ne 0 ] && echo "This script must be run as root" 1>&2 && exit 1
[ -z "$1" ] && echo "Please provide a username in 1st param" && exit 1

# Define username from param
USER_NAME=$1
HOST_IP=`ip -o route get to 8.8.8.8 | sed -n 's/.*src \([0-9.]\+\).*/\1/p'`
PEM_FILENAME=$USER_NAME.$HOSTNAME.pem

# Fix hostname
echo ""
echo "Fixing hostname: $HOSTNAME"
echo "---"
sed -i "s/127\.0\.1\.1.*/127.0.1.1 $HOSTNAME/" /etc/hosts

echo ""
echo "Adding user: $USER_NAME"
echo "---"
# new user will be all '$USER_NAME'
sudo adduser --disabled-password --gecos "" $USER_NAME

# Make new user sudoer
sudo usermod -aG sudo $USER_NAME
sudo echo "$USER_NAME ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

# Backup sshd_config
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.origin

# Enable ssh login
sudo sed -i 's/PubkeyAuthentication no/PubkeyAuthentication yes/' /etc/ssh/sshd_config
sudo sed -i 's/#PubkeyAuthentication/PubkeyAuthentication/' /etc/ssh/sshd_config
sudo sed -i 's/#AuthorizedKeysFile/AuthorizedKeysFile/' /etc/ssh/sshd_config

# Generate ssh share key for origin user
mkdir ~/.ssh
chmod 700 ~/.ssh
ssh-keygen -b 4096 -C $PEM_FILENAME -f ~/.ssh/$PEM_FILENAME -N ""
cat ~/.ssh/$PEM_FILENAME.pub >> ~/.ssh/authorized_keys

# Clone for new user
sudo mkdir /home/$USER_NAME/.ssh
sudo chmod 700 ~/.ssh
sudo cp ~/.ssh/$PEM_FILENAME /home/$USER_NAME/.ssh/
cat ~/.ssh/$PEM_FILENAME.pub | sudo tee -a /home/$USER_NAME/.ssh/authorized_keys
sudo chown -R $USER_NAME /home/$USER_NAME/.ssh

# Restart sshd
sudo service sshd restart

echo 'Use below command to download PEM file:'
echo "rsync -av root@$HOST_IP:/home/$USER_NAME/.ssh/$PEM_FILENAME ~/.ssh/"
echo ''
echo 'Then use below command to connect:'
echo "ssh -i ~/.ssh/$PEM_FILENAME $USER_NAME@$HOST_IP"
echo ''

# Add the docker group if it doesn't already exist:
sudo groupadd docker

# Add the connected user "$USER" to the docker group. Change the user name to match your preferred user if you do not want to use your current user:
sudo gpasswd -a $USER_NAME docker

# Refresh by exit & re-connect later