#!/bin/bash
set -euo pipefail

# Check for root privileges
if [ "$(id -u)" -ne 0 ]; then
    echo "[✗] Dieses Skript muss als root ausgeführt werden." >&2
    exit 1
fi

# Prompt for username input
read -p "Bitte geben Sie den Benutzernamen ein: " USERNAME

# Check if the username is not empty
if [ -z "$USERNAME" ]; then
    echo "[✗] Kein Benutzername eingegeben." >&2
    exit 1
fi

SSH_KEY_URL="https://skulldev.de/Skull-IT/trusted-ssh-keys/raw/branch/main/trusted-ssh-keys"
SSH_DIR="/home/$USERNAME/.ssh"

# Update package list and install necessary packages
echo "[+] Updating package list and installing essential packages..."
apt-get update
apt-get install -y wget

# Setting up SSH directory and authorized keys
echo "[+] Setting up SSH directory..."
mkdir -p "$SSH_DIR"
wget -O "$SSH_DIR/authorized_keys" "$SSH_KEY_URL"
chown -R "$USERNAME:$USERNAME" "$SSH_DIR"
chmod 700 "$SSH_DIR"
chmod 600 "$SSH_DIR/authorized_keys"

# Adding user to sudo group
echo "[+] Adding user to sudo group..."
apt-get install -y sudo
usermod -aG sudo "$USERNAME"

# Configuring passwordless sudo for the user
echo "[+] Configuring passwordless sudo for $USERNAME..."
echo "$USERNAME ALL=(ALL) NOPASSWD:ALL" | tee "/etc/sudoers.d/$USERNAME" > /dev/null
chmod 440 "/etc/sudoers.d/$USERNAME"

# Setting timezone
echo "[+] Setting timezone to Europe/Berlin..."
apt-get install -y tzdata
ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime

echo "[✓] Bootstrap complete."