mrepo=https://git.ictmaatwerk.com/VPS-scripts/UBU-Backup-SRV
mbranch=master

#install needed packages
apt install rssh vsftpd openssh-server -y
apt-get install --no-install-recommends  eiciel
#Setup groups
groupadd sftpusers
groupadd ftpusers
groupadd BCKviewer
groupadd BCKadmin

#setup Folders
mkdir -p /backups/ftp/
mkdir -p /backups/sftp/
mkdir -p /vhome
mkdir /tools

#setup tools
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/Tools/aclutil -O /tools/aclutil
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/Tools/adduserutil -O /tools/adduserutil
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/Tools/deluserutil -O /tools/deluserutil
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/Tools/ez-aclutil -O /tools/ez-aclutil
chmod 700 /tools/deluserutil
chmod 700 /tools/adduserutil
chmod 700 /tools/aclutil
chmod 700 /tools/ez-aclutil

#SSH Config
sed -i -e '/Subsystem\ssftp/c\Subsystem sftp internal-sftp' /etc/ssh/sshd_config
curl --silent --show-error "$mrepo"/raw/branch/"$mbranch"/config/sshd_append.conf >>/etc/ssh/sshd_config

#rssh Config
curl --silent --show-error "$mrepo"/raw/branch/"$mbranch"/config/rssh_append.conf >>/etc/rssh.conf

#vsftp Config
openssl req -new -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem -subj "/C=NL/ST=Gelderland/L=Arnhem/O=ICT Maatwerk B.V./CN=$(hostname -f)"
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/config/vsftpd.conf -O /etc/vsftpd.conf

#sudo Config
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/config/sudo.conf -O /etc/sudoers.d/BCKadmin

#Setup grequalizer
git clone https://github.com/lpirl/grequalizer.git /opt/grequalizer
mkdir /opt/grequalizer/conf/
echo "/opt/grequalizer" > /opt/grequalizer/conf/files_to_chroots.txt
echo "/usr/bin/rsync" > /opt/grequalizer/conf/binaries_to_chroots.txt
echo "/usr/bin/rssh" >> /opt/grequalizer/conf/binaries_to_chroots.txt
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/config/grequalizer-sftp.conf -O /opt/grequalizer/conf/grequalizer-sftp.conf
wget -q -t7 "$mrepo"/raw/branch/"$mbranch"/config/grequalizer-ftp.conf -O /opt/grequalizer/conf/grequalizer-ftp.conf

#UFW Config
##FTP
ufw allow 20:21/tcp
ufw allow 30000:31000/tcp
#SSH/SFTP
ufw limit 22/tcp
echo "y" | ufw enable

#Restarting and enableing services
systemctl enable vsftpd sshd 
systemctl restart vsftpd sshd