#!/bin/bash
# Preseed user creation script
# This script creates a user with sudo privileges and sets up SSH key authentication
# To be used in a preseed late_command

set -e  # Exit on error
log_file="/var/log/user-setup.log"

# Configuration - modify as needed
HIVE_USER="hivecompute"
SSH_KEY="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHiDIvi9n3J6hUj01y0325Zr2UVPgbqT/90qa3BWgTBC"  # Replace with your actual public key content

echo "Starting user setup process at $(date)" | tee -a "$log_file"

# Create the user
echo "Creating user $HIVE_USER..." | tee -a "$log_file"
if id "$HIVE_USER" &>/dev/null; then
    echo "User $HIVE_USER already exists" | tee -a "$log_file"
else
    useradd -m -s /bin/bash "$HIVE_USER"
    echo "User $HIVE_USER created successfully" | tee -a "$log_file"
fi

# Add user to sudo group
echo "Adding $HIVE_USER to sudo group..." | tee -a "$log_file"
usermod -aG sudo "$HIVE_USER"

# Create .ssh directory
echo "Creating .ssh directory..." | tee -a "$log_file"
SSH_DIR="/home/$HIVE_USER/.ssh"
mkdir -p "$SSH_DIR"

# Add the SSH public key
echo "Adding SSH public key..." | tee -a "$log_file"
echo "$SSH_KEY" > "$SSH_DIR/authorized_keys"

# Set proper permissions
echo "Setting proper permissions..." | tee -a "$log_file"
chmod 700 "$SSH_DIR"
chmod 600 "$SSH_DIR/authorized_keys"
chown -R "$HIVE_USER:$HIVE_USER" "$SSH_DIR"

# Configure sudo without password using /etc/sudoers.d/
echo "Configuring sudo without password..." | tee -a "$log_file"

SUDOERS_FILE="/etc/sudoers.d/$HIVE_USER"
SUDOERS_LINE="$HIVE_USER ALL=(ALL) NOPASSWD: ALL"

if [ ! -f "$SUDOERS_FILE" ] || ! grep -Fxq "$SUDOERS_LINE" "$SUDOERS_FILE"; then
    echo "$SUDOERS_LINE" | sudo tee "$SUDOERS_FILE" > /dev/null
    sudo chmod 440 "$SUDOERS_FILE"
    echo "Created $SUDOERS_FILE and added sudo privileges for $HIVE_USER" | tee -a "$log_file"
else
    echo "Sudo privileges already configured in $SUDOERS_FILE for $HIVE_USER" | tee -a "$log_file"
fi
# Exit successfully
exit 0