Automatic key generation

install.org

@@ -105,6 +105,12 @@ i3-msg restart 2>/dev/null || echo "  (i3 not running, config will apply on next
 
 #+begin_src bash
 set -euo pipefail
+
+DOTFILES="${HOME}/.config/literate-dotfiles"
+
+tangle() {
+    emacs --batch -l org --eval "(org-babel-tangle-file \"${DOTFILES}/$1\")"
+}
 #+end_src
 
 ** Shell and Terminal
@@ -337,12 +343,79 @@ paru -S --needed \
     mpd
 #+end_src
 
+** SSH Keys for Tunnels
+
+#+begin_src bash
+setup_ssh_key() {
+    local key_name="$1"
+    local remote_host="$2"
+    local remote_port="${3:-22}"
+    local key_file="$HOME/.ssh/id_ed25519_${key_name}"
+
+    echo ""
+    echo "==> Setting up SSH key for ${key_name}"
+
+    # Generate key if it doesn't exist
+    if [ ! -f "${key_file}" ]; then
+        read -p "Generate new SSH key for ${key_name}? [y/N] " -n 1 -r
+        echo
+        if [[ $REPLY =~ ^[Yy]$ ]]; then
+            ssh-keygen -t ed25519 -C "${key_name}-tunnel" -f "${key_file}" -N ""
+        else
+            echo "Skipping ${key_name} key generation"
+            return 1
+        fi
+    fi
+
+    # Check if we can connect without password
+    if ssh -o BatchMode=yes -o ConnectTimeout=5 -p "${remote_port}" -i "${key_file}" "${remote_host}" exit 2>/dev/null; then
+        echo "SSH key for ${key_name} is already deployed ✓"
+        return 0
+    fi
+
+    # Prompt to deploy key
+    read -p "Deploy SSH key to ${remote_host}? [y/N] " -n 1 -r
+    echo
+    if [[ $REPLY =~ ^[Yy]$ ]]; then
+        ssh-copy-id -i "${key_file}.pub" -p "${remote_port}" "${remote_host}"
+    else
+        echo "Skipping ${key_name} key deployment"
+        return 1
+    fi
+}
+
+# Setup homelab key
+setup_ssh_key "homelab" "homelab" 22
+HOMELAB_OK=$?
+
+# Setup ESRF key
+setup_ssh_key "esrf" "dehaeze@firewall.esrf.fr" 8022
+ESRF_OK=$?
+#+end_src
+
 ** Systemd Services
 
-Enable custom systemd services (tangle [[file:systemd.org][systemd.org]] first):
+#+begin_src bash
-#+begin_src bash :tangle no
+echo "==> Tangling systemd configs"
+tangle "systemd.org"
+#+end_src
+
+Enable custom =systemd= services:
+#+begin_src bash
+echo "==> Enabling systemd services"
+
+if [ $HOMELAB_OK -eq 0 ]; then
     systemctl --user enable --now homelab-tunnel
+else
+    echo "  Skipping homelab-tunnel (SSH key not configured)"
+fi
+
+if [ $ESRF_OK -eq 0 ]; then
     systemctl --user enable --now esrf-tunnel
+else
+    echo "  Skipping esrf-tunnel (SSH key not configured)"
+fi
+
 systemctl --user enable --now syncthing
 #+end_src
 
@@ -399,35 +472,6 @@ systemctl --user enable --now checkmail.timer
 systemctl --user enable --now syncmail.timer
 #+end_src
 
-* Calendar Install Script
-:PROPERTIES:
-:header-args:bash: :tangle scripts/install-calendar.sh :shebang "#!/bin/bash" :mkdirp yes
-:END:
-
-Calendar/contact documentation: [[file:calendar-contact.org][calendar-contact.org]]
-
-#+begin_src bash
-set -euo pipefail
-#+end_src
-
-** Packages
-
-#+begin_src bash
-echo "==> Calendar and contacts packages"
-paru -S --needed \
-    vdirsyncer \
-    khal \
-    khard \
-    mu
-#+end_src
-
-** Systemd Timer
-
-#+begin_src bash :tangle no
-echo "==> Enabling vdirsyncer timer"
-systemctl --user enable --now vdirsyncer.timer
-#+end_src
-
 * LaTeX Install Script
 :PROPERTIES:
 :header-args:bash: :tangle scripts/install-latex.sh :shebang "#!/bin/bash" :mkdirp yes