diff --git a/setup-nas-poweroff.sh b/setup-nas-poweroff.sh index b7f1299..91f5c90 100644 --- a/setup-nas-poweroff.sh +++ b/setup-nas-poweroff.sh @@ -1,17 +1,17 @@ #!/bin/bash set -e -echo "== NAS SSH 远程关机初始化脚本 ==" +echo "== NAS SSH 远程关机初始化脚本(Root 模式) ==" echo "作者: wukongdaily" -echo "用途: 允许 OpenWrt 通过 SSH 安全关机 NAS" +echo "用途: 允许 OpenWrt 通过 SSH 密钥安全关机 NAS(fnOS 兼容)" echo -if [ "$EUID" -eq 0 ]; then - echo "❌ 请不要使用 root 运行此脚本" +# 必须使用 root +if [ "$EUID" -ne 0 ]; then + echo "❌ 请使用 root 用户运行此脚本" exit 1 fi -USER_NAME="$(whoami)" SYSTEMCTL_PATH="$(command -v systemctl)" if [ -z "$SYSTEMCTL_PATH" ]; then @@ -19,47 +19,42 @@ if [ -z "$SYSTEMCTL_PATH" ]; then exit 1 fi -# 自动检测可写家目录 -TEST_DIR="$HOME" -if [ ! -w "$TEST_DIR" ]; then - echo "⚠ 当前 \$HOME ($HOME) 不可写,尝试使用 /vol1/1000" - TEST_DIR="/vol1/1000" - if [ ! -w "$TEST_DIR" ]; then - echo "❌ 没有可写目录,请手动设置 NAS_HOME 变量" - exit 1 - fi -fi +SSH_DIR="/root/.ssh" +AUTH_KEYS="$SSH_DIR/authorized_keys" -NAS_HOME="$TEST_DIR" - -echo "当前用户: $USER_NAME" -echo "systemctl: $SYSTEMCTL_PATH" -echo "将使用目录: $NAS_HOME" +echo "当前用户: root" +echo "systemctl 路径: $SYSTEMCTL_PATH" +echo "SSH 公钥文件: $AUTH_KEYS" echo -echo "将执行:" -echo " - 初始化 ~/.ssh 权限" -echo " - 配置 sudo 允许 poweroff" +echo "将执行以下操作:" +echo " - 创建 /root/.ssh(如不存在)" +echo " - 初始化 authorized_keys 权限" +echo " - 不修改 sudoers(直接使用 root)" echo read -p "是否继续?[y/N]: " CONFIRM [[ "$CONFIRM" =~ ^[Yy]$ ]] || exit 0 -# SSH 目录 -mkdir -p "$NAS_HOME/.ssh" -chmod 700 "$NAS_HOME/.ssh" -touch "$NAS_HOME/.ssh/authorized_keys" -chmod 600 "$NAS_HOME/.ssh/authorized_keys" +echo +echo "== 初始化 SSH 目录 ==" -# sudo 规则 -SUDO_RULE="$USER_NAME ALL=(root) NOPASSWD:$SYSTEMCTL_PATH poweroff" +mkdir -p "$SSH_DIR" +chmod 700 "$SSH_DIR" -if sudo grep -qF "$SUDO_RULE" /etc/sudoers; then - echo "✔ sudo 规则已存在" -else - echo "$SUDO_RULE" | sudo tee -a /etc/sudoers >/dev/null - echo "✔ sudo 规则已写入" -fi +touch "$AUTH_KEYS" +chmod 600 "$AUTH_KEYS" + +echo "✔ SSH 目录与权限已设置" echo echo "🎉 初始化完成" -echo "测试命令:" -echo " sudo $SYSTEMCTL_PATH poweroff" +echo +echo "下一步你需要做的:" +echo "1️⃣ 将 OpenWrt 的 SSH 公钥追加到:" +echo " $AUTH_KEYS" +echo +echo "2️⃣ OpenWrt 侧测试命令:" +echo " ssh root@ \"$SYSTEMCTL_PATH poweroff\"" +echo +echo "⚠️ 建议:" +echo " - 该 key 只用于 OpenWrt 自动化" +echo " - 不要用于人工登录"