#!/bin/bash #Funtions Help() { # Display Help echo "Add user to backupserver" echo echo "Syntax: adduserutil [-a|v|s|ts] " echo "options:" echo "-h, --help Print this Help." echo echo "Set user type for new user" echo "-a, --admin #Backup Admin" echo "-v, --viewer #Backup Viewer " echo "-s, --source #Backup Source (ex:a webserver)" echo echo "Set backup source options for new user" echo "-ts, --sftp #Backup source will use sftp/rsync to upload files" echo "-tf, --ftp #Backup source will use ftp to upload files" echo } Keyer() { echo 'Please paste in the public ssh key without ""' read sshkey echo echo echo "The following key was received" echo "$sshkey" echo while true; do read -p "Is this key correct? " yn case $yn in [Yy]* ) break;; [Nn]* ) exit;; * ) echo "Please answer yes or no.";; esac done } #Input Handeler POSITIONAL=() while [[ $# -gt 0 ]] do key="$1" case $key in -h | --help) Help exit ;; -v | --viewer) USERTYPE=viewer shift ;; -a |--admin) USERTYPE=admin shift ;; -s|--source) USERTYPE=source shift ;; -tf|--ftp ) UPTYPE=FTP shift ;; -ts|--sftp ) UPTYPE=SFTP shift ;; *) # unknown option POSITIONAL+=("$1") # save it in an array for later shift # past argument ;; esac done set -- "${POSITIONAL[@]}" # restore positional parameters username="$1" #Input Check if [ -z "$username" ] then echo "Please provide a username" echo "For more information type adduserutil -h" echo exit fi if [ "$username" = "root" ]; then echo "Root is not allowed" exit fi getent passwd $username > /dev/null if [ $? -eq 0 ]; then echo "This username already exists" exit fi if [ -z "$USERTYPE" ] then echo "Please provide user type" echo "For more information type adduserutil -h" echo exit fi if [ "$USERTYPE" = "source" ]; then if [ -z "$UPTYPE" ] then echo "Please provide upload methode" echo "For more information type adduserutil -h" echo exit fi fi #Confirmation before setting user echo "Create user with the following information" echo "Username: $username" echo "User type: $USERTYPE" if [ "$USERTYPE" = "source" ]; then echo "Upload methode $UPTYPE" fi while true; do read -p "Do you wish to add this user? " yn case $yn in [Yy]* ) break;; [Nn]* ) exit;; * ) echo "Please answer yes or no.";; esac done #Add Admin user if [ "$USERTYPE" = "admin" ]; then Keyer useradd -g BCKadmin -s /bin/bash -m -d /home/"$username" "$username" passwd --expire -d "$username" sudo -u "$username" mkdir /home/$username/.ssh echo "$sshkey" | sudo -u "$username" tee /home/"$username"/.ssh/authorized_keys fi #Add Viewer user if [ "$USERTYPE" = "viewer" ]; then Keyer useradd -g BCKviewer -s /usr/sbin/nologin -d / "$username" mkdir -p /vhome/"$username"/.ssh mkdir -p /vhome/"$username"/backups chown root: /vhome/"$username" chmod 755 /vhome/"$username" chown root: /vhome/"$username" chown -R $username: /vhome/"$username"/.ssh chmod 750 -R /vhome/"$username"/.ssh echo "$sshkey" | sudo -u "$username" tee /vhome/"$username"/.ssh/authorized_keys echo "/backups /vhome/$username/backups none defaults,bind 0 0" >>/etc/fstab mount -a fi #Add sftp source user if [ "$USERTYPE" = "source" ] && [ "$UPTYPE" = "SFTP" ]; then Keyer mkdir -p /backups/sftp/"$username" useradd -M -N -r "$username" usermod -g sftpusers "$username" python3 /opt/grequalizer/grequalizer.py /opt/grequalizer/conf/grequalizer-sftp.conf -O mkdir -p /backups/sftp/"$username"/home/.ssh echo "$sshkey" > /backups/sftp/"$username"/home/.ssh/authorized_keys chown -R $username: /backups/sftp/"$username"/home chmod -R 700 /backups/sftp/"$username"/home setfacl -R -m g:BCKadmin:rwx /backups/sftp/"$username"/home setfacl -R -d -m g:BCKadmin:rwx /backups/sftp/"$username"/home fi #Add ftp source user if [ "$USERTYPE" = "source" ] && [ "$UPTYPE" = "FTP" ]; then password=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 18 | head -n 1) useradd -M -N -r "$username" usermod -g ftpusers "$username" echo "$username" | tee -a /etc/vsftpd.user_list python3 /opt/grequalizer/grequalizer.py /opt/grequalizer/conf/grequalizer-ftp.conf -O setfacl -R -m g:BCKadmin:rwx /backups/ftp/"$username" setfacl -R -d -m g:BCKadmin:rwx /backups/ftp/"$username" echo $username:$password | chpasswd echo "The password for $username is: $password" fi