#!/bin/bash
# this script assists in adding an svn user to a hostmonster account.
# they have to authenticate each with their own ssh key than only allows ssh access for their
# svn username as we're only allowed one ssh login for root
# and this prevents people give svn accounts having root access to the hostmonster account!
# written by Jon Booth see www.sharpstep.com/Articles/HostMonster-svn

# check for an argument - the username to add
if [ "$1" == "" ]; then
	echo Usage $0 [username] [public key file]
	exit
fi

#check for the second argument - the public key file.
if [ "$2" == "" ]; then
	echo Usage $0 [username] [public key file]
	exit
fi

if [ -f "$2" ]; then
	echo public keyfile "$2" found
else
	echo unable to find public key "$2"
	echo Usage $0 [username] [public key file]
	exit
fi

# check to see if the given username already exists in the keys (only works if added with this script).
if [ -f  ~/.ssh/authorized_keys ]; then
	if [ "$(cat ~/.ssh/authorized_keys | grep svnrepos | grep \\-\\-tunnel-user=$1\\\" | egrep $1\$)" != "" ]; then
		echo it appears svn user \"$1\" already exists
		exit
	fi
else 
	echo no authorized keys file found... skipping existing check
fi
# check that svnserve is properly in the path
if [ "$(which svnserve)" == "" ]; then
	echo
	echo Can\'t continue as svnserve doesn\'t appear to be installed on the path.
	echo it\'s part of the svn package
	exit
fi

echo Creating svn user $1
# create the keys
# this is no good as putty on windows won't use them - also it's safer for the users to provide the key files so now
# I'm checking them as the second argument.
#ssh-keygen -q -t rsa -f $1_key -N "" -C "svn user $1"
# append the user line to the authorised keys
echo command=\"$(which svnserve) -t -r ~/svnrepos --tunnel-user=$1\",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty $(cat "$2") svn user $1 >> ~/.ssh/authorized_keys
# remove the public key now it's in the authorized_keys file
rm $2
echo user $1 now added and authenticated