fix function ordering, permission check chains, and known_hosts check timing in setup-spoke.sh

2026-04-16 13:14:27 -07:00
parent ae49c58b13
commit 664bdeaed4
1 changed files with 21 additions and 20 deletions
--- a/spoke/setup-spoke.sh
+++ b/spoke/setup-spoke.sh
@@ -15,6 +15,23 @@ YELLOW='\033[1;33m'
 CYAN='\033[0;36m'
 NC='\033[0m'

+info()   { echo -e "${GREEN}[+]${NC} $*"; }
+warn()   { echo -e "${YELLOW}[!]${NC} $*"; }
+die()    { echo -e "${RED}[ERROR]${NC} $*" >&2; exit 1; }
+header() { echo -e "\n${CYAN}══════════════════════════════════════════${NC}"; echo -e "${CYAN}  $*${NC}"; echo -e "${CYAN}══════════════════════════════════════════${NC}"; }
+
+check_deps() {
+    local missing=()
+    for cmd in "$@"; do
+        if ! command -v "$cmd" >/dev/null 2>&1; then
+            missing+=("$cmd")
+        fi
+    done
+    if [ ${#missing[@]} -gt 0 ]; then
+        die "Missing required dependencies: ${missing[*]}"
+    fi
+}
+
 retry_or_abort() {
    local test_cmd="$1"
    local fail_msg="$2"
@@ -59,24 +76,6 @@ check_permissions() {
    fi
 }

-info()   { echo -e "${GREEN}[+]${NC} $*"; }
-check_deps() {
-    local missing=()
-    for cmd in "$@"; do
-        if ! command -v "$cmd" >/dev/null 2>&1; then
-            missing+=("$cmd")
-        fi
-    done
-    if [ ${#missing[@]} -gt 0 ]; then
-        die "Missing required dependencies: ${missing[*]}"
-    fi
-}
-
-
-warn()   { echo -e "${YELLOW}[!]${NC} $*"; }
-die()    { echo -e "${RED}[ERROR]${NC} $*" >&2; exit 1; }
-header() { echo -e "\n${CYAN}══════════════════════════════════════════${NC}"; echo -e "${CYAN}  $*${NC}"; echo -e "${CYAN}══════════════════════════════════════════${NC}"; }
-
 [ "$(id -u)" -eq 0 ] || die "Run as root"

 check_deps ip ssh ssh-keygen ssh-keyscan systemctl hostnamectl
@@ -266,14 +265,16 @@ fi

 info "Checking SSH key permissions..."
 check_permissions "$KEY_PATH" "spoke SSH private key"
-[ -f "$KEY_PATH.pub" ] && check_permissions "$KEY_PATH.pub" "spoke SSH public key" || true
-check_permissions "$SSH_DIR/known_hosts" "known_hosts" || true
+if [ -f "$KEY_PATH.pub" ]; then
+    check_permissions "$KEY_PATH.pub" "spoke SSH public key"
+fi

 info "Scanning hub host key..."
 sudo -u "$SPOKE_USER" touch "$SSH_DIR/known_hosts"
 chown "$SPOKE_USER":"$SPOKE_USER" "$SSH_DIR/known_hosts"
 chmod 600 "$SSH_DIR/known_hosts"
 sudo -u "$SPOKE_USER" ssh-keyscan -H "$HUB_HOST" >> "$SSH_DIR/known_hosts" 2>/dev/null
+check_permissions "$SSH_DIR/known_hosts" "known_hosts"

 header "Testing SSH Connection"
 info "Testing connection to $HUB_HOST..."