Compare commits
98 Commits
Author | SHA1 | Date |
---|---|---|
deepend | 3b845f2ab8 | |
deepend | 9bd4030bd9 | |
deepend | 5ec8a4c9bb | |
deepend | b941b76b27 | |
deepend | 0da9e022d6 | |
deepend | e76e3c243a | |
deepend | b5a58f3c75 | |
deepend | 6d34df05e3 | |
deepend | 124e2da9fa | |
deepend | 7b2fff09b3 | |
deepend | d17c5c45d1 | |
deepend | 06f1d1b97e | |
deepend | 3bf8601281 | |
Blade of Darkness | c8d74e219b | |
Blade of Darkness | fd8641f4c3 | |
Blade of Darkness | fb849b1032 | |
Blade of Darkness | 14c099b5fb | |
Blade of Darkness | 6936609ff1 | |
Blade of Darkness | 8c672caabf | |
Blade of Darkness | 62ba8078bd | |
Blade of Darkness | e270446e84 | |
Blade of Darkness | a87fad8bba | |
Blade of Darkness | 5e6cdbcc3f | |
Blade of Darkness | 15d5a8795e | |
Blade of Darkness | aca1918b1a | |
Blade of Darkness | 931e27817b | |
Blade of Darkness | 21d8613b53 | |
Blade of Darkness | 0d9cb09675 | |
Blade of Darkness | bd75aee404 | |
Blade of Darkness | 9260fcd6cb | |
Blade of Darkness | fa2b0006d2 | |
Blade of Darkness | 77642a9c1b | |
Blade of Darkness | a705b5cdc3 | |
Blade of Darkness | 23e14fa75b | |
Blade of Darkness | 8fd0421e7b | |
Blade of Darkness | 93ffa85803 | |
Blade of Darkness | 6e01b8dbbf | |
Blade of Darkness | cebb380022 | |
Blade of Darkness | bc4e2dc31c | |
Blade of Darkness | 6ab305d094 | |
Blade of Darkness | 4f55bd736b | |
Blade of Darkness | 79e7cfb13f | |
Blade of Darkness | 35cff1a7b9 | |
Blade of Darkness | 35cc77bca6 | |
Blade of Darkness | 4acb88e843 | |
Ubergeek | 3f68c82de8 | |
Blade of Darkness | 5f218c20bb | |
Ubergeek | b6bf5d4c39 | |
Blade of Darkness | 43e4711c69 | |
Blade of Darkness | 75ea7695ca | |
Blade of Darkness | 75c4dc712d | |
Blade of Darkness | 2e73d2585f | |
Blade of Darkness | 694cd17843 | |
Blade of Darkness | ba830c97ec | |
Blade of Darkness | 334f222e3d | |
Blade of Darkness | f9c526342e | |
Ubergeek | e74b9287dc | |
Ubergeek | b38c5462fa | |
Ubergeek | f1a8ddbe96 | |
Blade of Darkness | 3fc04817f3 | |
Blade of Darkness | cfaa559559 | |
Blade of Darkness | d6e3f49216 | |
Blade of Darkness | f69281a0d7 | |
Blade of Darkness | ea619e7a23 | |
Blade of Darkness | 017872be5d | |
Blade of Darkness | a03c58b202 | |
Ubergeek | 2faf2d9d0a | |
Blade of Darkness | 64cdfacdb2 | |
Blade of Darkness | 4574a848a1 | |
Blade of Darkness | de5d356d9c | |
Blade of Darkness | 9026f181f8 | |
Blade of Darkness | f3a9e42163 | |
Blade of Darkness | 3c779185d4 | |
Blade of Darkness | 29902891c0 | |
Blade of Darkness | ae758c6f1a | |
Blade of Darkness | 3bff655fbc | |
Ubergeek | 01683bb523 | |
Blade of Darkness | 2f22ceacef | |
Blade of Darkness | 6942fb76d6 | |
Blade of Darkness | 4cc31809f4 | |
Ubergeek | 01818e1a25 | |
Ubergeek | 2c8c3bdfb0 | |
Ubergeek | 0d26c64916 | |
Ubergeek | d076f4908b | |
Ubergeek | 3e3838aef2 | |
Ubergeek | 9bf8982535 | |
Ubergeek | cbcb6d2e0e | |
Ubergeek | 703152887c | |
Ubergeek | 6cb4e90d5b | |
Ubergeek | dd223d8a8e | |
Ubergeek | 578fc43d2a | |
Ubergeek | d65faae958 | |
Ubergeek | 092cbdf86f | |
Ubergeek | 1bc4d9715b | |
Ubergeek | 5f10b2f431 | |
Ubergeek | 330b7b96bd | |
Ubergeek | 2d0ba2f250 | |
Ubergeek | 82ce5d58ad |
24
README.md
24
README.md
|
@ -1,3 +1,25 @@
|
|||
# makeuser
|
||||
|
||||
A script that allows admins of tilde.team to make user accounts easily.
|
||||
A script that allows admins of thunix to make user accounts easily.
|
||||
|
||||
Forked from tilde.team's makeuser repo.
|
||||
|
||||
``makeuser {username} {email} {ssh key}
|
||||
|
||||
# rmuser
|
||||
|
||||
This tool archives the user's home dir, and removes the system account. It is assume that beforehand, the user is un-enforced in ansible.
|
||||
|
||||
``rmuser {username}
|
||||
|
||||
# makedb
|
||||
|
||||
Upon request, this tool provisions a database for users on the system MySQL/MariaDB instance.
|
||||
|
||||
``makedb {username}
|
||||
|
||||
# dbremove
|
||||
|
||||
Removes user dbs.
|
||||
|
||||
``dbremove {username}
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
#!/bin/bash
|
||||
|
||||
CONFIG=./setenv
|
||||
. $CONFIG
|
||||
. include/functions
|
||||
|
||||
USER=$1
|
||||
|
||||
if [ -z "$1" ]
|
||||
then
|
||||
echo -e "delete database/s for given username."
|
||||
echo -e "usage: $(basename $0) <username>"
|
||||
else
|
||||
for DATABASE in $(mysql -u root -sN -e "SELECT Db FROM mysql.db WHERE User='$USER';")
|
||||
do
|
||||
database_backup
|
||||
database_remove
|
||||
done
|
||||
|
||||
echo "The databases for $USER has been archived, and removed." | sudo mail -s "Database for $USER has been removed" $ADMIN_EMAIL
|
||||
fi
|
43
email.tmpl
43
email.tmpl
|
@ -1,43 +0,0 @@
|
|||
Subject: welcome to tilde.team!
|
||||
|
||||
hey ~newusername,
|
||||
|
||||
welcome to tilde.team!
|
||||
|
||||
your new account has been established. you can ssh into tilde.team with
|
||||
the ssh key you supplied on registration.
|
||||
|
||||
your password is "newpassword". please change it when you log in for
|
||||
the first time. the password is used for imap/smtp auth, not shell login,
|
||||
which is set to only use ssh key authentication.
|
||||
|
||||
to get started, type `motd` at the command prompt to see a few ways to
|
||||
get started. have fun!
|
||||
|
||||
the greatest value of tilde.team is not the services provided by the
|
||||
server, but rather the interesting and welcoming community built by its
|
||||
users. this is possible because of people like you who choose to make
|
||||
this a great place. the best way you can help tilde.team is by working
|
||||
to support a great system culture. chat on irc; build cool programs and
|
||||
share them with others; focus on learning, and help others learn; be a
|
||||
good example for others; have fun!
|
||||
|
||||
also, your ~/public_html directory is served at
|
||||
https://tilde.team/~newusername/
|
||||
(you can also use https://newusername.tilde.team)
|
||||
|
||||
check out our wiki at https://tilde.team/wiki/ for more information (and
|
||||
maybe help us write a new wiki article:)
|
||||
|
||||
our irc is tilde.chat, an irc network connecting several
|
||||
tilde servers. the `chat` command on your ~team shell will open up
|
||||
weechat with some nice default configs and plugins.
|
||||
see our wiki article (https://tilde.team/wiki/?page=irc)
|
||||
or https://tilde.chat site for information on how to connect from elsewhere.
|
||||
we also have a webclient at https://irc.tilde.team that you can
|
||||
register for by running the `webirc` command from a shell session.
|
||||
|
||||
we look forward to seeing you around! welcome to the ~team!
|
||||
|
||||
~tilde.team admins
|
||||
|
|
@ -0,0 +1,62 @@
|
|||
#!/bin/bash
|
||||
###############################################################################
|
||||
#
|
||||
# $0 A bash script to generate the tilde.json file as described by
|
||||
# http://protocol.club/~datagrok/beta-wiki/tdp.html
|
||||
#
|
||||
# This command takes no arguments, and sends outputs to stdout.
|
||||
# Version 1.2
|
||||
#
|
||||
# Licensed under a the AGPL 3.0 or later, by Ubergeek (ubergeek@thunix.net)
|
||||
# https://www.gnu.org/licenses/gpl-3.0.en.html
|
||||
#
|
||||
###############################################################################
|
||||
|
||||
CONFIG=./setenv
|
||||
|
||||
if [ ! -f "$CONFIG" ]; then
|
||||
echo "Config file does not exist, or not at the location specified. Please create the file, or correct the location."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
. $CONFIG
|
||||
|
||||
cat << _EOF
|
||||
{
|
||||
"name" : "$SITE_TITLE",
|
||||
"url" : "$SITE",
|
||||
"want_users":$WANT_USERS,
|
||||
"admin_email": "$ADMIN_EMAIL",
|
||||
"signup_url": "$SIGNUP_URL",
|
||||
"description": "$DESCRIPTION",
|
||||
_EOF
|
||||
|
||||
echo -ne "\t\"user_count\":"
|
||||
echo $(for i in $(members tilde); do echo $i; done | sort | uniq | wc -l)","
|
||||
echo -e "\t\"generated_at\" : \"$(date)\","
|
||||
echo -e "\t\"uptime\" : \"$(uptime | cut -f1 -d,)\","
|
||||
|
||||
member_count=$(for i in $(members tilde); do echo $i; done | sort | uniq | wc -l)
|
||||
|
||||
echo -e "\t\"users\": ["
|
||||
|
||||
for i in $(for i in $(members tilde); do echo $i; done | sort | uniq); do
|
||||
let count=$count+1
|
||||
echo -e "\t{\n\t\t\"user_name\": \"$i\","
|
||||
set mod_time= "$(stat -c '%Y' /home/$i/public_html/index.* 2> /dev/null | head -n1)"
|
||||
if [ ! "$mod_time" == "" ]; then
|
||||
echo -e "\t\t\"mtime\" : \"0\","
|
||||
else
|
||||
echo -e "\t\t\"mtime\" : \"$(stat -c '%Y' /home/$i/public_html/index.* 2> /dev/null | head -n1)\","
|
||||
fi
|
||||
echo -e "\t\t\"title\" : \""$(curl -L $SITE/~$i -so - |grep -iPo '(?<=<title>)(.*)(?=</title>)')"\""
|
||||
if [ $count -eq $(for i in $(members tilde); do echo $i; done | sort | uniq | wc -l) ]; then
|
||||
echo -e "\t}"
|
||||
else
|
||||
echo -e "\t},"
|
||||
fi
|
||||
done
|
||||
echo -e "\t],"
|
||||
echo -e "\t\"generated_by\":\"bash_tdp\""
|
||||
echo "}"
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
Hello _username_;
|
||||
|
||||
Please click the following link to recover your account:
|
||||
|
||||
https://thunix.net/user/recover_account?code=CODE
|
||||
|
||||
Not working? Try copying and pasting it to your browser.
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
Hello _username_;
|
||||
|
||||
Your database has been provisioned. Information below should be used to connect to it:
|
||||
|
||||
Database name: _databasename_
|
||||
Database user: _username_
|
||||
Password: _password_
|
|
@ -0,0 +1,30 @@
|
|||
Subject: welcome to thunix!
|
||||
|
||||
Welcome to thunix, newusername!
|
||||
|
||||
Your account has been provisioned, and should be available in a few
|
||||
minutes for login. Your password is newpassword
|
||||
|
||||
Any questions, concerns, comments, etc etc? Join us
|
||||
in IRC at irc.tilde.chat/6697, in #thunix, or via webchat:
|
||||
https://web.tilde.chat/?join=thunix
|
||||
|
||||
Also, check out our git repos, that pretty much manage the whole of the
|
||||
system at https://tildegit.org/thunix, and feel free to open issues and PRs.
|
||||
|
||||
Also, there is system documentation available via 'man thunix', from the
|
||||
command line.
|
||||
|
||||
Also, we do expect you periodically check your email, as that is where
|
||||
you'll be able to get updates and announcements. You can do so via
|
||||
webmail, or by using mutt from the command line (Or, the imap client of
|
||||
your choice.
|
||||
|
||||
A recovery file has been written at ~/.thunix/recovery. This file
|
||||
currently contains your email address. You can remove this file at any
|
||||
time, or change it to whatever email address you would like to use to
|
||||
recover your account. You can also replace the email with a passphrase.
|
||||
However, if this file does not exist, or contains outdated information, we
|
||||
will not be able to assist in recovering your account.
|
||||
|
||||
Finally, welcome aboard!
|
|
@ -0,0 +1,59 @@
|
|||
#!/bin/bash
|
||||
#Common functions used for several makeuser scripts
|
||||
|
||||
error_exit() {
|
||||
echo -e "${PROGNAME}: ${1:-"Unknown Error"}" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
usage() {
|
||||
echo -e "usage: $PROGNAME [-h|--help] <username> <email> <pubkey>"
|
||||
}
|
||||
|
||||
sub_to_list() {
|
||||
echo "From: $1 Subject: subscribe" | sudo -u $1 mail $LIST_NAME
|
||||
}
|
||||
|
||||
remove_user()
|
||||
{
|
||||
echo "Unsubscribe from this list..."
|
||||
echo "From: $1 Subject: unsubscribe " | sudo -u $1 mail $LIST_NAME
|
||||
|
||||
echo "Deleting account from system..."
|
||||
sudo userdel $1
|
||||
sudo rm -rf /home/$1
|
||||
|
||||
echo "User $1 removed from system." | sudo mail -s "User Account $1 removed from Thunix" $ADMIN_EMAIL
|
||||
}
|
||||
|
||||
backup_user_data()
|
||||
{
|
||||
echo "Archiving home dir..."
|
||||
sudo tar cfz $BACKUP_USER_DATA/$1.tgz /home/$1
|
||||
}
|
||||
|
||||
#Common functions used for Databases management scripts
|
||||
|
||||
database_create()
|
||||
{
|
||||
sudo mysql -u root << _EOF
|
||||
CREATE DATABASE $DATABASE;
|
||||
GRANT ALL PRIVILEGES ON $DATABASE.* TO '$USER'@'localhost' IDENTIFIED BY '$PASSWORD';
|
||||
FLUSH PRIVILEGES;
|
||||
_EOF
|
||||
}
|
||||
|
||||
database_backup()
|
||||
{
|
||||
sudo mysqldump -u root $DATABASE | gzip > /tmp/$DATABASE.sql.gz
|
||||
sudo mv /tmp/$DATABASE.sql.gz $BACKUP_USER_DATA/
|
||||
}
|
||||
|
||||
database_remove()
|
||||
{
|
||||
sudo mysql -u root << _EOF
|
||||
DROP DATABASE $DATABASE;
|
||||
REVOKE ALL PRIVILEGES ON $DATABASE.* FROM '$USER'@'localhost';
|
||||
FLUSH PRIVILEGES;
|
||||
_EOF
|
||||
}
|
|
@ -0,0 +1,25 @@
|
|||
#!/bin/bash
|
||||
|
||||
CONFIG=./setenv
|
||||
. $CONFIG
|
||||
. include/functions
|
||||
|
||||
USER=$1
|
||||
PASSWORD=`pwgen -1B 24`
|
||||
|
||||
if [ $# -eq 2 ]
|
||||
then
|
||||
DATABASE=$2
|
||||
else
|
||||
DATABASE=$1
|
||||
fi
|
||||
|
||||
if [ -z "$1" ]
|
||||
then
|
||||
echo -e "adding a new database for given username."
|
||||
echo -e "usage: $(basename $0) <user name> [database name]"
|
||||
else
|
||||
database_create
|
||||
sed -e "s/_username_/$USER/g" -e "s/_databasename_/$DATABASE/g" -e "s/_password_/$PASSWORD/g" include/dbemail.tmpl | sudo mail -s "Your database has been provisioned" $USER@thunix.net
|
||||
sed -e "s/_username_/$USER/g" -e "s/_databasename_/$DATABASE/g" -e "s/_password_/$PASSWORD/g" include/dbemail.tmpl | sudo mail -s "Your database has been provisioned" $ADMIN_EMAIL
|
||||
fi
|
48
makeuser
48
makeuser
|
@ -1,11 +1,12 @@
|
|||
#!/bin/bash
|
||||
# ---------------------------------------------------------------------------
|
||||
# makeuser - tilde.team new user creation
|
||||
# makeuser - thunix.net new user creation
|
||||
# Usage: makeuser [-h|--help] <username> <email> "<pubkey>"
|
||||
# ---------------------------------------------------------------------------
|
||||
|
||||
PROGNAME=${0##*/}
|
||||
VERSION="0.1"
|
||||
CONFIG=./setenv
|
||||
|
||||
error_exit() {
|
||||
echo -e "${PROGNAME}: ${1:-"Unknown Error"}" >&2
|
||||
|
@ -20,11 +21,9 @@ sub_to_list() {
|
|||
echo "
|
||||
From: $1
|
||||
Subject: subscribe
|
||||
" | sudo -u $1 sendmail tildeteam-join@lists.tildeverse.org
|
||||
" | sudo -u $1 sendmail thunix-join@lists.tildeverse.org
|
||||
}
|
||||
|
||||
[[ $(id -u) != 0 ]] && error_exit "you must be the superuser to run this script."
|
||||
|
||||
case $1 in
|
||||
-h | --help)
|
||||
usage; exit ;;
|
||||
|
@ -32,16 +31,43 @@ case $1 in
|
|||
usage; error_exit "unknown option $1" ;;
|
||||
*)
|
||||
[[ $# -ne 3 ]] && error_exit "not enough args"
|
||||
|
||||
$(sudo grep -qiw $1 $BANNED) && error_exit "$1 is on the ban list!"
|
||||
|
||||
if id $1 > /dev/null 2>&1; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "adding new user $1"
|
||||
newpw=$(pwgen -1B 10)
|
||||
pwcrypt=$(perl -e "print crypt('${newpw}', 'sa');")
|
||||
useradd -m -g 100 -p $pwcrypt -s /bin/bash $1 || exit 1
|
||||
sudo useradd -m -g 100 -s /usr/bin/bash $1 \
|
||||
|| error_exit "couldn't add user"
|
||||
echo "$1:$newpw" | sudo chpasswd
|
||||
|
||||
sed -e "s/newusername/$1/g" -e "s/newpassword/$newpw/" email.tmpl | sendmail $1 $2 sudoers@tilde.team
|
||||
echo "sending welcome mail"
|
||||
sed -e "s/newusername/$1/g" -e "s/newpassword/$newpw/" ./include/email.tmpl \
|
||||
| /usr/sbin/sendmail $1 $2 root
|
||||
|
||||
echo "subscribing to mailing list"
|
||||
sub_to_list $1
|
||||
sudo -u znc /home/znc/add_znc_user.sh $1
|
||||
|
||||
echo "$3" | tee /home/$1/.ssh/authorized_keys
|
||||
toot "welcome new user ~$1!" ;;
|
||||
echo "removing .git and README.md from new homedir"
|
||||
sudo rm -rf /home/$1/.git
|
||||
sudo rm -rf /home/$1/README.md
|
||||
|
||||
echo "adding ssh pubkey"
|
||||
echo "$3" | sudo tee /home/$1/.ssh/authorized_keys
|
||||
|
||||
echo "adding account recovery"
|
||||
sudo mkdir -p --mode=700 /home/$1/.thunix
|
||||
echo $2 | sudo tee /home/$1/.thunix/recovery
|
||||
sudo chmod 600 /home/$1/.thunix/recovery
|
||||
sudo chown -R $1 /home/$1/.thunix
|
||||
|
||||
echo "making znc user"
|
||||
# znccreate.py "$1" "$newpw"
|
||||
|
||||
echo "announcing new user on mastodon"
|
||||
# toot "welcome new user ~$1!"
|
||||
|
||||
esac
|
||||
|
||||
|
|
|
@ -0,0 +1,25 @@
|
|||
#!/bin/bash
|
||||
CONFIG=./setenv
|
||||
|
||||
. $CONFIG
|
||||
|
||||
source include/functions
|
||||
|
||||
if [ -z $1 ]
|
||||
then
|
||||
echo -e "Usage: `basename $0` username [ --banned ][ --backup ]"
|
||||
else
|
||||
echo "This will remove user account $1 from Thunix."
|
||||
|
||||
echo "Killing user processes..."
|
||||
sudo pkill -9 -U $1
|
||||
|
||||
if [ -n $2 ]
|
||||
then
|
||||
[ "$2" = "--backup" ] && backup_user_data $1
|
||||
[ "$2" = "--banned" ] && echo $1 | sudo tee -a $BANNED
|
||||
fi
|
||||
|
||||
remove_user $1
|
||||
fi
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
# Set location to your repo for ansible here
|
||||
# It is only needed for thunix
|
||||
export SITE_TITLE="Thunix"
|
||||
export SITE="https://thunix.net"
|
||||
export WANT_USERS="true"
|
||||
export ADMIN_EMAIL="root@thunix.net"
|
||||
export SIGNUP_URL="https://thunix.net/signup"
|
||||
export DESCRIPTION="Thunix is a community, centered around access to a public *nix system. Thunix offers shell accounts with complete set of programming tools, and follows a continuous integration-continuous deployment of system configuration."
|
||||
export LIST_NAME="thunix-join@lists.tildeverse.org"
|
||||
export EMAIL_TEMPLATE="include/email.tmpl"
|
||||
export TILDE_JSON="/var/www/thunix.cf/tilde.json"
|
||||
export YAML_FILE="$1.yml"
|
||||
export BANNED="/root/users.banned"
|
||||
export BACKUP_USER_DATA="/root/backups"
|
||||
export USERQUEUE="/dev/shm/userqueue"
|
Loading…
Reference in New Issue