#!/bin/bash
# Preseed user creation script
# This script creates a user with sudo privileges and sets up SSH key authentication
# To be used in a preseed late_command

set -e  # Exit on error
log_file="/var/log/user-setup.log"

# Configuration - modify as needed
FAL_USER="fal"
SSH_KEY="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF67KkiDGMGkRhd9t/Gzbe1hV06l433QzcX4TtlDUh5z"  # Replace with your actual public key content

echo "Starting user setup process at $(date)" | tee -a "$log_file"

# Create the user
echo "Creating user $FAL_USER..." | tee -a "$log_file"
if id "$FAL_USER" &>/dev/null; then
    echo "User $FAL_USER already exists" | tee -a "$log_file"
else
    useradd -m -s /bin/bash "$FAL_USER"
    echo "User $FAL_USER created successfully" | tee -a "$log_file"
fi

# Add user to sudo group
echo "Adding $FAL_USER to sudo group..." | tee -a "$log_file"
usermod -aG sudo "$FAL_USER"

# Create .ssh directory
echo "Creating .ssh directory..." | tee -a "$log_file"
SSH_DIR="/home/$FAL_USER/.ssh"
mkdir -p "$SSH_DIR"

# Add the SSH public key
echo "Adding SSH public key..." | tee -a "$log_file"
echo "$SSH_KEY" > "$SSH_DIR/authorized_keys"

# Set proper permissions
echo "Setting proper permissions..." | tee -a "$log_file"
chmod 700 "$SSH_DIR"
chmod 600 "$SSH_DIR/authorized_keys"
chown -R "$FAL_USER:$FAL_USER" "$SSH_DIR"

# Configure sudo without password using /etc/sudoers.d/
echo "Configuring sudo without password..." | tee -a "$log_file"

SUDOERS_FILE="/etc/sudoers.d/$FAL_USER"
SUDOERS_LINE="$FAL_USER ALL=(ALL) NOPASSWD: ALL"

if [ ! -f "$SUDOERS_FILE" ] || ! grep -Fxq "$SUDOERS_LINE" "$SUDOERS_FILE"; then
    echo "$SUDOERS_LINE" | sudo tee "$SUDOERS_FILE" > /dev/null
    sudo chmod 440 "$SUDOERS_FILE"
    echo "Created $SUDOERS_FILE and added sudo privileges for $FAL_USER" | tee -a "$log_file"
else
    echo "Sudo privileges already configured in $SUDOERS_FILE for $FAL_USER" | tee -a "$log_file"
fi
# Exit successfully
exit 0