actually copy the ssh key over

this fixes a recurring issue where i expect the newline to already
be there. i've added new pubkeys for users and it ends up on the
same line, breaking both keys.

Makefile

@@ -0,0 +1,16 @@
+PREFIX ?= /usr/local
+BINDIR ?= $(PREFIX)/bin
+
+install:
+	$(info installing the executable to $(BINDIR))
+	@mkdir -p $(BINDIR)
+	@install -m 755 makeuser $(BINDIR)
+	@install -m 644 welcome-email.tmpl $(BINDIR)
+
+uninstall:
+	$(info removing the executable from $(BINDIR))
+	@rm -f $(BINDIR)/makeuser
+	@rm -f $(BINDIR)/welcome-email.tmpl
+
+.PHONY: install uninstall
+

README.md

@@ -1,25 +1,3 @@
 # makeuser
 
-A script that allows admins of thunix to make user accounts easily.
-
-Forked from tilde.team's makeuser repo.
-
-``makeuser {username} {email} {ssh key}
-
-# rmuser
-
-This tool archives the user's home dir, and removes the system account.  It is assume that beforehand, the user is un-enforced in ansible.
-
-``rmuser {username}
-
-# makedb
-
-Upon request, this tool provisions a database for users on the system MySQL/MariaDB instance.
-
-``makedb {username}
-
-# dbremove
-
-Removes user dbs.
-
-``dbremove {username} 
+A script that allows admins of tilde.team to make user accounts easily.

dbremove

@@ -1,21 +0,0 @@
-#!/bin/bash
-
-CONFIG=./setenv
-. $CONFIG
-. include/functions
-
-USER=$1
-
-if [ -z "$1" ]
-then
-  echo -e "delete database/s for given username."
-  echo -e "usage: $(basename $0) <username>"
-else
-  for DATABASE in $(mysql -u root -sN -e "SELECT Db FROM mysql.db WHERE User='$USER';")
-  do
-    database_backup
-    database_remove
-  done
-
-  echo "The databases for $USER has been archived, and removed." | sudo mail -s "Database for $USER has been removed" $ADMIN_EMAIL
-fi

gen_tdp

@@ -1,62 +0,0 @@
-#!/bin/bash
-###############################################################################
-#
-# $0              A bash script to generate the tilde.json file as described by
-#                 http://protocol.club/~datagrok/beta-wiki/tdp.html
-#
-#                 This command takes no arguments, and sends outputs to stdout.
-# Version         1.2
-#
-# Licensed under a the AGPL 3.0 or later, by Ubergeek (ubergeek@thunix.net)
-# https://www.gnu.org/licenses/gpl-3.0.en.html
-#
-###############################################################################
-
-CONFIG=./setenv
-
-if [ ! -f "$CONFIG" ]; then
-	echo "Config file does not exist, or not at the location specified.  Please create the file, or correct the location."
-	exit 1
-fi
-
-. $CONFIG
-
-cat << _EOF
-{
-	"name" : "$SITE_TITLE",
-	"url" : "$SITE",
-	"want_users":$WANT_USERS,
-	"admin_email": "$ADMIN_EMAIL", 
-	"signup_url": "$SIGNUP_URL",
-	"description": "$DESCRIPTION",
-_EOF
-
-echo -ne "\t\"user_count\":"
-echo $(for i in $(members tilde); do echo $i; done | sort | uniq | wc -l)","
-echo -e "\t\"generated_at\" : \"$(date)\","
-echo -e "\t\"uptime\" : \"$(uptime | cut -f1 -d,)\","
-
-member_count=$(for i in $(members tilde); do echo $i; done | sort | uniq | wc -l)
-
-echo -e "\t\"users\":  ["
-
-for i in $(for i in $(members tilde); do echo $i; done | sort | uniq); do
-	let count=$count+1
-	echo -e "\t{\n\t\t\"user_name\": \"$i\","
-	set mod_time= "$(stat -c '%Y' /home/$i/public_html/index.* 2> /dev/null | head -n1)"
-	if [ ! "$mod_time" == "" ]; then
-		echo -e "\t\t\"mtime\" : \"0\","
-	else
-		echo -e "\t\t\"mtime\" : \"$(stat -c '%Y' /home/$i/public_html/index.* 2> /dev/null | head -n1)\","
-	fi
-	echo -e "\t\t\"title\" : \""$(curl -L $SITE/~$i -so - |grep -iPo '(?<=<title>)(.*)(?=</title>)')"\""
-	if [ $count -eq $(for i in $(members tilde); do echo $i; done | sort | uniq | wc -l) ]; then
-		echo -e "\t}"
-	else
-		echo -e "\t},"
-	fi
-done
-echo -e "\t],"
-echo -e "\t\"generated_by\":\"bash_tdp\""
-echo "}"
-

include/account_recovery.tmpl

@@ -1,8 +0,0 @@
-Hello _username_;
-
-Please click the following link to recover your account:
-
-https://thunix.net/user/recover_account?code=CODE
-
-Not working? Try copying and pasting it to your browser.
-

include/dbemail.tmpl

@@ -1,7 +0,0 @@
-Hello _username_;
-
-Your database has been provisioned.  Information below should be used to connect to it:
-
-Database name: _databasename_
-Database user: _username_
-Password: _password_

include/email.tmpl

@@ -1,30 +0,0 @@
-Subject: welcome to thunix!
-
-Welcome to thunix, newusername!
-
-Your account has been provisioned, and should be available in a few
-minutes for login.  Your password is newpassword
-
-Any questions, concerns, comments, etc etc?  Join us
-in IRC at irc.tilde.chat/6697, in #thunix, or via webchat:
-https://web.tilde.chat/?join=thunix
-
-Also, check out our git repos, that pretty much manage the whole of the
-system at https://tildegit.org/thunix, and feel free to open issues and PRs.
-
-Also, there is system documentation available via 'man thunix', from the
-command line.
-
-Also, we do expect you periodically check your email, as that is where
-you'll be able to get updates and announcements.  You can do so via
-webmail, or by using mutt from the command line (Or, the imap client of
-your choice.
-
-A recovery file has been written at ~/.thunix/recovery.  This file
-currently contains your email address.  You can remove this file at any
-time, or change it to whatever email address you would like to use to
-recover your account.  You can also replace the email with a passphrase.
-However, if this file does not exist, or contains outdated information, we
-will not be able to assist in recovering your account.
-
-Finally, welcome aboard!

include/functions

@@ -1,59 +0,0 @@
-#!/bin/bash
-#Common functions used for several makeuser scripts
-
-error_exit() {
-  echo -e "${PROGNAME}: ${1:-"Unknown Error"}" >&2
-  exit 1
-}
-
-usage() {
-  echo -e "usage: $PROGNAME [-h|--help] <username> <email> <pubkey>"
-}
-
-sub_to_list() {
-  echo "From: $1 Subject: subscribe" | sudo -u $1 mail $LIST_NAME
-}
-
-remove_user()
-{
-  echo "Unsubscribe from this list..."
-  echo "From: $1 Subject: unsubscribe " | sudo -u $1 mail $LIST_NAME
-
-  echo "Deleting account from system..."
-  sudo userdel $1
-  sudo rm -rf /home/$1
-
-  echo "User $1 removed from system." | sudo mail -s "User Account $1 removed from Thunix" $ADMIN_EMAIL
-}
-
-backup_user_data()
-{
-  echo "Archiving home dir..."
-  sudo tar cfz $BACKUP_USER_DATA/$1.tgz /home/$1
-}
-
-#Common functions used for Databases management scripts
-
-database_create()
-{
-sudo mysql -u root << _EOF
-CREATE DATABASE $DATABASE;
-GRANT ALL PRIVILEGES ON $DATABASE.* TO '$USER'@'localhost' IDENTIFIED BY '$PASSWORD';
-FLUSH PRIVILEGES;
-_EOF
-}
-
-database_backup()
-{
-  sudo mysqldump -u root $DATABASE | gzip > /tmp/$DATABASE.sql.gz
-  sudo mv /tmp/$DATABASE.sql.gz $BACKUP_USER_DATA/
-}
-
-database_remove()
-{
-sudo mysql -u root << _EOF
-DROP DATABASE $DATABASE;
-REVOKE ALL PRIVILEGES ON $DATABASE.* FROM '$USER'@'localhost';
-FLUSH PRIVILEGES;
-_EOF
-}

makedb

@@ -1,25 +0,0 @@
-#!/bin/bash
-
-CONFIG=./setenv
-. $CONFIG
-. include/functions
-
-USER=$1
-PASSWORD=`pwgen -1B 24`
-
-if [ $# -eq 2 ]
-then
-  DATABASE=$2
-else
-  DATABASE=$1
-fi
-
-if [ -z "$1" ]
-then
-  echo -e "adding a new database for given username."
-  echo -e "usage: $(basename $0) <user name> [database name]"
-else
-  database_create
-  sed -e "s/_username_/$USER/g" -e "s/_databasename_/$DATABASE/g" -e "s/_password_/$PASSWORD/g" include/dbemail.tmpl | sudo mail -s "Your database has been provisioned" $USER@thunix.net
-  sed -e "s/_username_/$USER/g" -e "s/_databasename_/$DATABASE/g" -e "s/_password_/$PASSWORD/g" include/dbemail.tmpl | sudo mail -s "Your database has been provisioned" $ADMIN_EMAIL
-fi

makeuser

@@ -1,73 +1,78 @@
-#!/bin/bash
+#!/bin/sh
 # ---------------------------------------------------------------------------
-# makeuser - thunix.net new user creation
+# makeuser - tilde.team new user creation
 # Usage: makeuser [-h|--help] <username> <email> "<pubkey>"
 # ---------------------------------------------------------------------------
 
 PROGNAME=${0##*/}
-VERSION="0.1"
-CONFIG=./setenv
+VERSION="0.2"
 
 error_exit() {
-  echo -e "${PROGNAME}: ${1:-"Unknown Error"}" >&2
-  exit 1
+    printf "%s: %s\n" "$PROGNAME" "${1:-"Unknown Error"}" >&2
+    exit 1
 }
 
 usage() {
-  echo -e "usage: $PROGNAME [-h|--help] <username> <email> \"<pubkey>\""
+    printf "usage: %s %s [-h|--help] <username> <email> \"<pubkey>\"\n" "$PROGNAME" "$VERSION"
 }
 
 sub_to_list() {
-  echo "
+    sudo -u "$1" sendmail tildeteam-join@lists.tildeverse.org << MAIL
 From: $1
 Subject: subscribe
-" | sudo -u $1 sendmail thunix-join@lists.tildeverse.org
+MAIL
 }
 
 case $1 in
-  -h | --help)
-    usage; exit ;;
-  -* | --*)
-    usage; error_exit "unknown option $1" ;;
-  *)
-    [[ $# -ne 3 ]] && error_exit "not enough args"
+    -h | --help)
+        usage; exit ;;
+    -* | --*)
+        usage; error_exit "unknown option $1" ;;
+    *)
+        if [ $# -ne 3 ]; then
+            error_exit "not enough args"
+        fi
 
-    $(sudo grep -qiw $1 $BANNED) && error_exit "$1 is on the ban list!"
+        if id "$1" > /dev/null 2>&1; then
+            exit 0
+        fi
 
-    if id $1 > /dev/null 2>&1; then
-	exit 0
-    fi
+        printf "adding new user %s\n" "$1"
+        newpw=$(pwgen -1B 20)
+        sudo useradd -m -g 100 -s /bin/bash "$1" \
+            || error_exit "couldn't add user"
+        printf "%s:%s\n" "$1" "$newpw" | sudo chpasswd
 
-    echo "adding new user $1"
-    newpw=$(pwgen -1B 10)
-    sudo useradd -m -g 100 -s /usr/bin/bash $1 \
-        || error_exit "couldn't add user"
-    echo "$1:$newpw" | sudo chpasswd
+        printf "sending welcome mail\n"
+        sed -e "s/newusername/$1/g" \
+            -e "s/newpassword/$newpw/" \
+            -e "s/newtoemail/$2/" \
+            /usr/local/bin/welcome-email.tmpl \
+            | sendmail "$1" "$2" sudoers@tilde.team
 
-    echo "sending welcome mail"
-    sed -e "s/newusername/$1/g" -e "s/newpassword/$newpw/" ./include/email.tmpl \
-        | /usr/sbin/sendmail $1 $2 root
+        printf "subscribing to mailing list\n"
+        sub_to_list "$1"
 
-    echo "subscribing to mailing list"
-    sub_to_list $1
+        printf "adding ssh pubkey\n"
+        printf "%s\n" "$3" | sudo tee "/home/$1/.ssh/authorized_keys"
 
-    echo "removing .git and README.md from new homedir"
-    sudo rm -rf /home/$1/.git
-    sudo rm -rf /home/$1/README.md
+        printf "\nannouncing new user on mastodon\n"
+        /usr/local/bin/toot "welcome new user ~$1!"
 
-    echo "adding ssh pubkey"
-    echo "$3" | sudo tee /home/$1/.ssh/authorized_keys
+        printf "cleanup current signup\n"
+        sudo sed -i"" "/\b$1\b/d" /var/signups_current
 
-    echo "adding account recovery"
-    sudo mkdir -p --mode=700 /home/$1/.thunix
-    echo $2 | sudo tee /home/$1/.thunix/recovery
-    sudo chmod 600 /home/$1/.thunix/recovery
-    sudo chown -R $1 /home/$1/.thunix
+        printf "fix sorting in /etc/passwd\n"
+        sudo pwck -s
 
-    echo "making znc user"
-#    znccreate.py "$1" "$newpw"
-
-    echo "announcing new user on mastodon"
-#    toot "welcome new user ~$1!"
+        printf "applying disk quota\n"
+        sudo setquota -u "$1" 1048576 3145728 0 0 /home
 
+        printf "copying user to bsd.tilde.team\n"
+        newid=$(id -u "$1")
+        printf %s "$newpw" | sudo ssh bsd.tilde.team -- pw useradd -n "$1" -u "$newid" -g team -md /home/"$1" -h0
+        sudo ssh bsd.tilde.team -- mkdir -p /home/"$1"/.ssh
+        printf "%s\n" "$3" | sudo ssh bsd.tilde.team -- tee /home/"$1"/.ssh/authorized_keys
+        sudo ssh bsd.tilde.team -- chown -R "$1":team /home/"$1"/.ssh
+        ;;
 esac

rmuser

@@ -1,25 +0,0 @@
-#!/bin/bash
-CONFIG=./setenv
-
-. $CONFIG
-
-source include/functions
-
-if [ -z $1 ]
-then
-  echo -e "Usage: `basename $0` username [ --banned ][ --backup ]"
-else
-  echo "This will remove user account $1 from Thunix."
-
-  echo "Killing user processes..."
-  sudo pkill -9 -U $1
-  
-  if [ -n $2 ]
-  then
-    [ "$2" = "--backup" ] && backup_user_data $1
-    [ "$2" = "--banned" ] && echo $1 |  sudo tee -a $BANNED
-  fi
-
-  remove_user $1
-fi
-

setenv

@@ -1,15 +0,0 @@
-# Set location to your repo for ansible here
-# It is only needed for thunix
-export SITE_TITLE="Thunix"
-export SITE="https://thunix.net"
-export WANT_USERS="true"
-export ADMIN_EMAIL="root@thunix.net"
-export SIGNUP_URL="https://thunix.net/signup"
-export DESCRIPTION="Thunix is a community, centered around access to a public *nix system.  Thunix offers shell accounts with complete set of programming tools, and follows a continuous integration-continuous deployment of system configuration."
-export LIST_NAME="thunix-join@lists.tildeverse.org"
-export EMAIL_TEMPLATE="include/email.tmpl"
-export TILDE_JSON="/var/www/thunix.cf/tilde.json"
-export YAML_FILE="$1.yml"
-export BANNED="/root/users.banned"
-export BACKUP_USER_DATA="/root/backups"
-export USERQUEUE="/dev/shm/userqueue"

welcome-email.tmpl

@@ -0,0 +1,48 @@
+To: newtoemail
+Subject: welcome to tilde.team!
+
+hey ~newusername,
+
+welcome to tilde.team!
+
+your new account has been established. you can ssh into tilde.team with
+the ssh key you supplied on registration.
+
+your password is "newpassword". please change it when you log in for
+the first time. the password is used for imap/smtp auth, not shell login,
+which is set to only use ssh key authentication.
+
+the greatest value of tilde.team is not the services provided by the
+server, but rather the interesting and welcoming community built by its
+users. this is possible because of people like you who choose to make
+this a great place. the best way you can help tilde.team is by working
+to support a great system culture. chat on irc; build cool programs and
+share them with others; focus on learning, and help others learn; be a
+good example for others; have fun!
+
+your ~/public_html directory is served at https://tilde.team/~newusername/
+(you can also use https://newusername.tilde.team). see https://tilde.team/wiki/tildepages
+for more info.
+
+check out our wiki at https://tilde.team/wiki/ for more information (and
+maybe help us write a new wiki article:)
+
+our irc is tilde.chat, an irc network connecting several
+tilde servers. see our wiki article (https://tilde.team/wiki/irc)
+or https://tilde.chat site for information on how to connect from elsewhere.
+
+note that when you first log in, you'll enter a byobu session, which is a terminal
+multiplexer (see https://superuser.com/a/423397/866501 for info) with weechat and
+mutt already open for you. if you're familiar with tmux, you can use it as usual,
+replacing ctrl-b with ctrl-a. otherwise, you can disable the autolaunch with the
+byobu-disable command. feel free to holler on the mailing list or on irc if you
+have any questions or need help!
+
+our ssh fingerprints can be found in our sshfp dns records.
+add -o 'VerifyHostKeyDNS=yes' to your ssh command or set it in
+your local ~/.ssh/config.
+
+we look forward to seeing you around! welcome to the ~team!
+
+~tilde.team admins
+