refactor: properly setup ssh

tools/migration/setup-keys-from-link.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+if ! [ "$(id -u)" = "0" ]; then
+    echo "please perform as root, attempting to escalate privileges..."
+    exec sudo $(cat /proc/$$/cmdline | sed 's/\x00/ /g')
+    exit 1
+fi
+
+scp root@link.ixvd.net:/etc/ixvd/secrets/ssh/keys/master/ixvd-master /root/.ssh/id_rsa
+chmod 600 /root/.ssh/id_rsa

tools/server-setup.d/20-automation-user.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+if ! cat -q "automation" /etc/passwd; then
+    echo "setting up automation user..."
+    useradd -m automation
+    
+    mkdir -p /home/automation/.ssh
+
+    cat /etc/ixvd/secrets/ssh/keys/$HOSTNAME/id_rsa.pub > /home/automation/.ssh/authorized_keys
+    chown automation:automation /home/automation/.ssh/authorized_keys
+
+    cp /etc/ixvd/secrets/ssh/keys/$HOSTNAME/id_rsa /home/automation/.ssh/id_rsa
+    chown automation:automation /home/automation/.ssh/id_rsa
+    chmod 600 /home/automation/.ssh/id_rsa
+
+    cp /etc/ixvd/secrets/ssh/keys/$HOSTNAME/id_rsa.pub /home/automation/.ssh/id_rsa.pub
+    chown automation:automation /home/automation/.ssh/id_rsa.pub
+    chmod 600 /home/automation/.ssh/id_rsa.pub
+fi

tools/server-setup.d/20-ssh-authorized-keys.sh

@@ -1,12 +0,0 @@
-#!/bin/sh
-
-if ! [ -f "/root/.ssh/authorized_keys" ]; then
-    echo "importing authorized_keys..."
-    mkdir -p /root/.ssh
-    cp /etc/ixvd/secrets/ssh/authorized_keys /root/.ssh/authorized_keys
-else
-    if ! grep -q "# IXVD keys" /root/.ssh/authorized_keys; then
-        echo "importing authorized_keys..."
-        cat /etc/ixvd/secrets/ssh/authorized_keys >> /root/.ssh/authorized_keys
-    fi
-fi