From 3b845f2ab85fea9d8abb61a7fa1d90a7a1d940e5 Mon Sep 17 00:00:00 2001 From: deepend Date: Wed, 3 Jan 2024 08:10:07 -0700 Subject: [PATCH] makeuser script changes to remove ansible. --- include/email.tmpl | 2 ++ include/functions | 34 ------------------------ makeuser | 65 ++++++++++++++++++++++++++++++++++++---------- rmuser | 1 - userqueue | 28 -------------------- 5 files changed, 54 insertions(+), 76 deletions(-) delete mode 100755 userqueue diff --git a/include/email.tmpl b/include/email.tmpl index 1b1e6eb..ac98b59 100644 --- a/include/email.tmpl +++ b/include/email.tmpl @@ -1,3 +1,5 @@ +Subject: welcome to thunix! + Welcome to thunix, newusername! Your account has been provisioned, and should be available in a few diff --git a/include/functions b/include/functions index 92535e5..2d7eb51 100644 --- a/include/functions +++ b/include/functions @@ -14,31 +14,6 @@ sub_to_list() { echo "From: $1 Subject: subscribe" | sudo -u $1 mail $LIST_NAME } -makeuser_no_ansible() -{ - echo "adding new user $1" - newpw=`pwgen -1B 10` - pwcrypt=$(perl -e "print crypt('${newpw}', 'sa');") - sudo useradd -m -g 1001 -p $pwcrypt -s /bin/bash $1 || exit 1 - - #This is the welcome email for thunix - sed -e "s/newusername/$1/g" -e "s/newpassword/$newpw/g" include/email.tmpl | sudo mail -s "Welcome to Thunix!" $2,$ADMIN_EMAIL - sub_to_list $1 - - echo "$3" | sudo tee /home/$1/.ssh/authorized_keys - - #If root doesn't have a fediverse account, comment this out - #sudo toot "welcome new user ~$1!" -} - -add_account_recovery() -{ - sudo mkdir -p --mode=700 /home/$1/.thunix - echo $2 | sudo tee /home/$1/.thunix/recovery - sudo chmod 600 /home/$1/.thunix/recovery - sudo chown -R $1 /home/$1/.thunix -} - remove_user() { echo "Unsubscribe from this list..." @@ -48,15 +23,6 @@ remove_user() sudo userdel $1 sudo rm -rf /home/$1 - echo "$1 user account is unenforced in ansible..." - currdir=`pwd` - cd $REPO_LOCATION; git pull - sed -i "/$1/d" $REPO_LOCATION/roles/shell/tasks/users.yml - rm $REPO_LOCATION/roles/shell/tasks/users/$YAML_FILE - git commit -am "$1 account unenforced in ansible" - git push - cd $currdir - echo "User $1 removed from system." | sudo mail -s "User Account $1 removed from Thunix" $ADMIN_EMAIL } diff --git a/makeuser b/makeuser index 1a15647..fe1021b 100755 --- a/makeuser +++ b/makeuser @@ -1,19 +1,28 @@ #!/bin/bash # --------------------------------------------------------------------------- -# makeuser - tilde new user creation +# makeuser - thunix.net new user creation # Usage: makeuser [-h|--help] "" # --------------------------------------------------------------------------- -# -# Forked from tilde.team's make user script ( + PROGNAME=${0##*/} -VERSION="0.4" +VERSION="0.1" CONFIG=./setenv -. $CONFIG +error_exit() { + echo -e "${PROGNAME}: ${1:-"Unknown Error"}" >&2 + exit 1 +} -source include/functions +usage() { + echo -e "usage: $PROGNAME [-h|--help] \"\"" +} -[[ $(id -u) == 0 ]] && error_exit "Do not run this script as root." +sub_to_list() { + echo " +From: $1 +Subject: subscribe +" | sudo -u $1 sendmail thunix-join@lists.tildeverse.org +} case $1 in -h | --help) @@ -22,13 +31,43 @@ case $1 in usage; error_exit "unknown option $1" ;; *) [[ $# -ne 3 ]] && error_exit "not enough args" + $(sudo grep -qiw $1 $BANNED) && error_exit "$1 is on the ban list!" - #adding new user - makeuser_no_ansible $1 $2 - add_account_recovery $1 $2 + if id $1 > /dev/null 2>&1; then + exit 0 + fi + + echo "adding new user $1" + newpw=$(pwgen -1B 10) + sudo useradd -m -g 100 -s /usr/bin/bash $1 \ + || error_exit "couldn't add user" + echo "$1:$newpw" | sudo chpasswd + + echo "sending welcome mail" + sed -e "s/newusername/$1/g" -e "s/newpassword/$newpw/" ./include/email.tmpl \ + | /usr/sbin/sendmail $1 $2 root + + echo "subscribing to mailing list" + sub_to_list $1 + + echo "removing .git and README.md from new homedir" + sudo rm -rf /home/$1/.git + sudo rm -rf /home/$1/README.md + + echo "adding ssh pubkey" + echo "$3" | sudo tee /home/$1/.ssh/authorized_keys + + echo "adding account recovery" + sudo mkdir -p --mode=700 /home/$1/.thunix + echo $2 | sudo tee /home/$1/.thunix/recovery + sudo chmod 600 /home/$1/.thunix/recovery + sudo chown -R $1 /home/$1/.thunix + + echo "making znc user" +# znccreate.py "$1" "$newpw" + + echo "announcing new user on mastodon" +# toot "welcome new user ~$1!" - ;; - esac - diff --git a/rmuser b/rmuser index 19c7a3e..19fb7fe 100755 --- a/rmuser +++ b/rmuser @@ -10,7 +10,6 @@ then echo -e "Usage: `basename $0` username [ --banned ][ --backup ]" else echo "This will remove user account $1 from Thunix." - echo "It is assumed the user account has been un-enforced in Ansible as well." echo "Killing user processes..." sudo pkill -9 -U $1 diff --git a/userqueue b/userqueue deleted file mode 100755 index 029f1d7..0000000 --- a/userqueue +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# --------------------------------------------------------------------------- -# Thunix user queue management -# --------------------------------------------------------------------------- - -source setenv - -if [ $# -eq 0 ] -then - echo -e "usage: $0 [u][f][d][a] username" - echo "(u) Print users in queue" - echo "(f) Shows the fields of the selected user" - echo "(a) Accept sign up request" - echo "(d) Delete selected user from queue" -else - if [ $1 = "u" ] - then - awk -F, '{print $1}' $USERQUEUE - else - if [ $# -ne 2 ] - then - echo -e "usage: $0 <$1> " - else - [ $1 = "f" ] && grep -w $2 $USERQUEUE | awk -F, '{print $1, $2, $3}' - [ $1 = "d" ] && sudo sed "/$2/d" -i $USERQUEUE - fi - fi -fi