#!/bin/sh

echo "# Configuring ssh"

for keytype in ecdsa rsa ed25519 ; do
  if [ ! -r "/ssh/ssh_host_${keytype}_key" ] ; then
    /usr/bin/ssh-keygen -t "${keytype}" -f "/ssh/ssh_host_${keytype}_key" -N ""
  fi
  chmod 0600 "/ssh/ssh_host_${keytype}_key"
  chmod 0644 "/ssh/ssh_host_${keytype}_key.pub"
done

# set authorized_keys permissions
if [ -f /ssh/authorized_keys ] ; then
  chmod 0600 /ssh/authorized_keys
  chown "${USERNAME}:${GROUPNAME}" /ssh/authorized_keys
fi

chmod 0700 "${PATH_WEBROOT}/.ssh"