Initial commit
This commit is contained in:
198
Tools/adduserutil
Executable file
198
Tools/adduserutil
Executable file
@@ -0,0 +1,198 @@
|
||||
#!/bin/bash
|
||||
#Funtions
|
||||
Help()
|
||||
{
|
||||
# Display Help
|
||||
echo "Add user to backupserver"
|
||||
echo
|
||||
echo "Syntax: adduserutil [-a|v|s|ts] <NewUserName>"
|
||||
echo "options:"
|
||||
echo "-h, --help Print this Help."
|
||||
echo
|
||||
echo "Set user type for new user"
|
||||
echo "-a, --admin #Backup Admin"
|
||||
echo "-v, --viewer #Backup Viewer "
|
||||
echo "-s, --source #Backup Source (ex:a webserver)"
|
||||
echo
|
||||
echo "Set backup source options for new user"
|
||||
echo "-ts, --sftp #Backup source will use sftp/rsync to upload files"
|
||||
echo "-tf, --ftp #Backup source will use ftp to upload files"
|
||||
echo
|
||||
}
|
||||
|
||||
Keyer()
|
||||
{
|
||||
echo 'Please paste in the public ssh key without ""'
|
||||
read sshkey
|
||||
echo
|
||||
echo
|
||||
echo "The following key was received"
|
||||
echo "$sshkey"
|
||||
echo
|
||||
while true; do
|
||||
read -p "Is this key correct? " yn
|
||||
case $yn in
|
||||
[Yy]* ) break;;
|
||||
[Nn]* ) exit;;
|
||||
* ) echo "Please answer yes or no.";;
|
||||
esac
|
||||
done
|
||||
}
|
||||
|
||||
|
||||
#Input Handeler
|
||||
POSITIONAL=()
|
||||
while [[ $# -gt 0 ]]
|
||||
do
|
||||
key="$1"
|
||||
|
||||
case $key in
|
||||
-h | --help)
|
||||
Help
|
||||
exit
|
||||
;;
|
||||
-v | --viewer)
|
||||
USERTYPE=viewer
|
||||
shift
|
||||
;;
|
||||
-a |--admin)
|
||||
USERTYPE=admin
|
||||
shift
|
||||
;;
|
||||
-s|--source)
|
||||
USERTYPE=source
|
||||
shift
|
||||
;;
|
||||
-tf|--ftp )
|
||||
UPTYPE=FTP
|
||||
shift
|
||||
;;
|
||||
-ts|--sftp )
|
||||
UPTYPE=SFTP
|
||||
shift
|
||||
;;
|
||||
*) # unknown option
|
||||
POSITIONAL+=("$1") # save it in an array for later
|
||||
shift # past argument
|
||||
;;
|
||||
esac
|
||||
done
|
||||
set -- "${POSITIONAL[@]}" # restore positional parameters
|
||||
|
||||
username="$1"
|
||||
|
||||
|
||||
#Input Check
|
||||
if [ -z "$username" ]
|
||||
then
|
||||
echo "Please provide a username"
|
||||
echo "For more information type adduserutil -h"
|
||||
echo
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ "$username" = "root" ]; then
|
||||
echo "Root is not allowed"
|
||||
exit
|
||||
fi
|
||||
|
||||
getent passwd $username > /dev/null
|
||||
if [ $? -eq 0 ]; then
|
||||
echo "This username already exists"
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ -z "$USERTYPE" ]
|
||||
then
|
||||
echo "Please provide user type"
|
||||
echo "For more information type adduserutil -h"
|
||||
echo
|
||||
exit
|
||||
fi
|
||||
if [ "$USERTYPE" = "source" ]; then
|
||||
if [ -z "$UPTYPE" ]
|
||||
then
|
||||
echo "Please provide upload methode"
|
||||
echo "For more information type adduserutil -h"
|
||||
echo
|
||||
exit
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
#Confirmation before setting user
|
||||
echo "Create user with the following information"
|
||||
echo "Username: $username"
|
||||
echo "User type: $USERTYPE"
|
||||
if [ "$USERTYPE" = "source" ]; then
|
||||
echo "Upload methode $UPTYPE"
|
||||
fi
|
||||
while true; do
|
||||
read -p "Do you wish to add this user? " yn
|
||||
case $yn in
|
||||
[Yy]* ) break;;
|
||||
[Nn]* ) exit;;
|
||||
* ) echo "Please answer yes or no.";;
|
||||
esac
|
||||
done
|
||||
|
||||
|
||||
#Add Admin user
|
||||
if [ "$USERTYPE" = "admin" ]; then
|
||||
Keyer
|
||||
|
||||
useradd -g BCKadmin -s /bin/bash -m -d /home/"$username" "$username"
|
||||
passwd --expire -d "$username"
|
||||
sudo -u "$username" mkdir /home/$username/.ssh
|
||||
echo "$sshkey" | sudo -u "$username" tee /home/"$username"/.ssh/authorized_keys
|
||||
fi
|
||||
|
||||
|
||||
#Add Viewer user
|
||||
if [ "$USERTYPE" = "viewer" ]; then
|
||||
Keyer
|
||||
|
||||
useradd -g BCKviewer -s /usr/sbin/nologin -d / "$username"
|
||||
mkdir -p /vhome/"$username"/.ssh
|
||||
mkdir -p /vhome/"$username"/backups
|
||||
chown root: /vhome/"$username"
|
||||
chmod 755 /vhome/"$username"
|
||||
chown root: /vhome/"$username"
|
||||
chown -R $username: /vhome/"$username"/.ssh
|
||||
chmod 750 -R /vhome/"$username"/.ssh
|
||||
echo "$sshkey" | sudo -u "$username" tee /vhome/"$username"/.ssh/authorized_keys
|
||||
echo "/backups /vhome/$username/backups none defaults,bind 0 0" >>/etc/fstab
|
||||
mount -a
|
||||
fi
|
||||
|
||||
|
||||
#Add sftp source user
|
||||
if [ "$USERTYPE" = "source" ] && [ "$UPTYPE" = "SFTP" ]; then
|
||||
Keyer
|
||||
|
||||
mkdir -p /backups/sftp/"$username"
|
||||
useradd -M -N -r "$username"
|
||||
usermod -g sftpusers "$username"
|
||||
python3 /opt/grequalizer/grequalizer.py /opt/grequalizer/conf/grequalizer-sftp.conf -O
|
||||
mkdir -p /backups/sftp/"$username"/home/.ssh
|
||||
echo "$sshkey" > /backups/sftp/"$username"/home/.ssh/authorized_keys
|
||||
chown -R $username: /backups/sftp/"$username"/home
|
||||
chmod -R 700 /backups/sftp/"$username"/home
|
||||
setfacl -R -m g:BCKadmin:rwx /backups/sftp/"$username"/home
|
||||
setfacl -R -d -m g:BCKadmin:rwx /backups/sftp/"$username"/home
|
||||
fi
|
||||
|
||||
|
||||
|
||||
#Add ftp source user
|
||||
if [ "$USERTYPE" = "source" ] && [ "$UPTYPE" = "FTP" ]; then
|
||||
password=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 18 | head -n 1)
|
||||
useradd -M -N -r "$username"
|
||||
usermod -g ftpusers "$username"
|
||||
echo "$username" | tee -a /etc/vsftpd.user_list
|
||||
python3 /opt/grequalizer/grequalizer.py /opt/grequalizer/conf/grequalizer-ftp.conf -O
|
||||
setfacl -R -m g:BCKadmin:rwx /backups/ftp/"$username"
|
||||
setfacl -R -d -m g:BCKadmin:rwx /backups/ftp/"$username"
|
||||
echo $username:$password | chpasswd
|
||||
echo "The password for $username is: $password"
|
||||
fi
|
||||
Reference in New Issue
Block a user