From 5fc738ba8b2fb3bfbf14e1087ec5fb7d2f225d0d Mon Sep 17 00:00:00 2001
From: Jack Ivanov <17044561+jackivanov@users.noreply.github.com>
Date: Tue, 4 Aug 2020 18:34:06 +0100
Subject: [PATCH] Revert "Refactor cloud-init/base.sh (#1797)" (#1856)

This reverts commit f0d0e91be05f74ebb5b0b9e1c4564383614dfb04.
---
 files/cloud-init/base.sh | 46 +++++++++++++---------------------------
 1 file changed, 15 insertions(+), 31 deletions(-)

diff --git a/files/cloud-init/base.sh b/files/cloud-init/base.sh
index a91f317..414a222 100644
--- a/files/cloud-init/base.sh
+++ b/files/cloud-init/base.sh
@@ -1,41 +1,25 @@
 #!/bin/bash
-set -euxo pipefail
+set -eux
 
-readonly user='algo'
-
-export DEBIAN_FRONTEND='noninteractive'
-
-until which sudo; do
-    apt-get update -qq
-    apt-get install -qqf --install-suggests sudo
-    sleep 3
+which sudo || until \
+  apt-get update -y && \
+  apt-get install sudo -yf --install-suggests; do
+  sleep 3
 done
 
-getent passwd "${user}" \
-    || useradd -m -d "/home/${user}" -s /bin/bash -G adm -p '!' "${user}"
-
-(
-    umask 0337 \
-        && printf '%s\n' "${user} ALL=(ALL) NOPASSWD:ALL" \
-        >"/etc/sudoers.d/10-algo-user"
-)
-
-printf "{{ lookup('template', 'files/cloud-init/sshd_config') }}\n" \
-    >/etc/ssh/sshd_config
+getent passwd algo || useradd -m -d /home/algo -s /bin/bash -G adm -p '!' algo
 
-# This should be idempotent; correct permsission on .ssh dir if exists
-install -o "${user}" -g "${user}" -m 0700 -d "/home/${user}/.ssh"
+(umask 337 && echo "algo ALL=(ALL) NOPASSWD:ALL" >/etc/sudoers.d/10-algo-user)
 
-# umask does not reliably work with sudo
-install -o "${user}" -g "${user}" -m 0600 \
-    /dev/null "/home/${user}/.ssh/authorized_keys"
+cat <<EOF >/etc/ssh/sshd_config
+{{ lookup('template', 'files/cloud-init/sshd_config') }}
+EOF
 
-printf "{{ lookup('file', '{{ SSH_keys.public }}') }}\n" \
-    >"/home/${user}/.ssh/authorized_keys"
+test -d /home/algo/.ssh || (umask 077 && sudo -u algo mkdir -p /home/algo/.ssh/)
+echo "{{ lookup('file', '{{ SSH_keys.public }}') }}" | (umask 177 && sudo -u algo tee /home/algo/.ssh/authorized_keys)
 
-until ! dpkg -l sshguard; do
-    apt-get remove -qq --purge sshguard
-    sleep 3
-done || :
+dpkg -l sshguard && until apt-get remove -y --purge sshguard; do
+  sleep 3
+done || true
 
 systemctl restart sshd.service