#!/bin/bash
#Funtions
Help()
{
   # Display Help
   echo "Add user to backupserver"
   echo
   echo "Syntax: adduserutil [-a|v|s|ts] <NewUserName>"
   echo "options:"
   echo "-h, --help     Print this Help."
   echo 
   echo "Set user type for new user"
   echo "-a, --admin  #Backup Admin"
   echo "-v, --viewer #Backup Viewer "
   echo "-s, --source #Backup Source (ex:a webserver)"
   echo 
   echo "Set backup source options for new user"
   echo "-ts, --sftp  #Backup source will use sftp/rsync to upload files"
   echo "-tf, --ftp   #Backup source will use ftp to upload files"
   echo
}

Keyer()
{
echo 'Please paste in the public ssh key without ""'
read sshkey
echo
echo
echo "The following key was received"
echo "$sshkey"
echo
while true; do
    read -p "Is this key correct? " yn
    case $yn in
        [Yy]* ) break;;
        [Nn]* ) exit;;
        * ) echo "Please answer yes or no.";;
    esac
done
}


#Input Handeler
POSITIONAL=()
while [[ $# -gt 0 ]]
do
key="$1"

case $key in
    -h | --help)
    Help
    exit
    ;;
    -v | --viewer)
    USERTYPE=viewer
    shift
    ;;
    -a |--admin)
    USERTYPE=admin
    shift
    ;;
    -s|--source)
    USERTYPE=source
    shift
    ;;
    -tf|--ftp )
    UPTYPE=FTP
    shift 
    ;;
    -ts|--sftp )
    UPTYPE=SFTP
    shift 
    ;;
    *)    # unknown option
    POSITIONAL+=("$1") # save it in an array for later
    shift # past argument
    ;;
esac
done
set -- "${POSITIONAL[@]}" # restore positional parameters

username="$1"


#Input Check
if [ -z "$username" ]
then
    echo "Please provide a username"
    echo "For more information type adduserutil -h"
    echo
    exit
fi

if [ "$username" = "root" ]; then
    echo "Root is not allowed"
    exit
fi

getent passwd $username  > /dev/null
if [ $? -eq 0 ]; then
    echo "This username already exists"
    exit
fi

if [ -z "$USERTYPE" ]
then
    echo "Please provide user type"
    echo "For more information type adduserutil -h"
    echo
    exit
fi
if [ "$USERTYPE" = "source" ]; then
if [ -z "$UPTYPE" ]
then
    echo "Please provide upload methode"
    echo "For more information type adduserutil -h"
    echo
    exit
fi
fi


#Confirmation before setting user
echo "Create user with the following information"
echo "Username: $username"
echo "User type: $USERTYPE"
if [ "$USERTYPE" = "source" ]; then
echo "Upload methode $UPTYPE"
fi
while true; do
    read -p "Do you wish to add this user? " yn
    case $yn in
        [Yy]* ) break;;
        [Nn]* ) exit;;
        * ) echo "Please answer yes or no.";;
    esac
done


#Add Admin user
if [ "$USERTYPE" = "admin" ]; then
Keyer

useradd -g BCKadmin -s /bin/bash -m -d /home/"$username" "$username"
passwd --expire -d "$username"
sudo -u "$username" mkdir /home/$username/.ssh
echo "$sshkey" | sudo -u "$username" tee /home/"$username"/.ssh/authorized_keys
fi


#Add Viewer user
if [ "$USERTYPE" = "viewer" ]; then
Keyer

useradd -g BCKviewer -s /usr/sbin/nologin  -d / "$username"
mkdir -p /vhome/"$username"/.ssh
mkdir -p /vhome/"$username"/backups
chown root: /vhome/"$username"
chmod 755 /vhome/"$username"
chown root: /vhome/"$username"
chown -R  $username: /vhome/"$username"/.ssh
chmod 750 -R /vhome/"$username"/.ssh
echo "$sshkey" | sudo -u "$username" tee /vhome/"$username"/.ssh/authorized_keys
echo "/backups /vhome/$username/backups none defaults,bind 0 0" >>/etc/fstab
mount -a
fi


#Add sftp source user
if [ "$USERTYPE" = "source" ] && [ "$UPTYPE" = "SFTP" ]; then
Keyer

mkdir -p /backups/sftp/"$username"
useradd -M -N -r "$username"
usermod -g sftpusers "$username"
python3 /opt/grequalizer/grequalizer.py /opt/grequalizer/conf/grequalizer-sftp.conf -O
mkdir -p /backups/sftp/"$username"/home/.ssh
echo "$sshkey" > /backups/sftp/"$username"/home/.ssh/authorized_keys
chown -R $username: /backups/sftp/"$username"/home
chmod -R 700 /backups/sftp/"$username"/home
setfacl -R -m g:BCKadmin:rwx /backups/sftp/"$username"/home
setfacl -R -d -m g:BCKadmin:rwx /backups/sftp/"$username"/home
fi



#Add ftp source user
if [ "$USERTYPE" = "source" ] && [ "$UPTYPE" = "FTP" ]; then
password=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 18 | head -n 1)
useradd -M -N -r "$username"
usermod -g ftpusers "$username"
echo "$username" | tee -a /etc/vsftpd.user_list
python3 /opt/grequalizer/grequalizer.py /opt/grequalizer/conf/grequalizer-ftp.conf -O
setfacl -R -m g:BCKadmin:rwx /backups/ftp/"$username"
setfacl -R -d -m g:BCKadmin:rwx /backups/ftp/"$username"
echo $username:$password | chpasswd
echo "The password for $username is: $password"
fi
