diff --git a/manifest.jps b/manifest.jps index 964b895..0002b1a 100644 --- a/manifest.jps +++ b/manifest.jps @@ -68,25 +68,59 @@ onInstall: - cmd[cp]: user: root commands: |- - # Create required directories and files - mkdir -p /home/jelastic/add-sftp-user-addon/logs/{operations,errors,debug} - mkdir -p /home/jelastic/add-sftp-user-addon/scripts - chmod -R 755 /home/jelastic/add-sftp-user-addon/logs - touch /home/jelastic/add-sftp-user-addon/logs/script_output.log - chmod 644 /home/jelastic/add-sftp-user-addon/logs/script_output.log + # Create required directories and files in persistent location + mkdir -p /opt/add-sftp-user-addon/logs/{operations,errors,debug} + mkdir -p /opt/add-sftp-user-addon/scripts + chmod -R 755 /opt/add-sftp-user-addon/logs + touch /opt/add-sftp-user-addon/logs/script_output.log + chmod 644 /opt/add-sftp-user-addon/logs/script_output.log - # Download scripts (fail fast if any download fails) + # Download scripts with proper error handling set -e - wget -O /home/jelastic/add-sftp-user-addon/add-sftp.sh "https://deploy-proxy.mightybox.io/addons/add-sftp-user/raw/branch/main/add-sftp.sh" - wget -O /home/jelastic/add-sftp-user-addon/scripts/logging.sh "https://deploy-proxy.mightybox.io/addons/add-sftp-user/raw/branch/main/scripts/logging.sh" - wget -O /home/jelastic/add-sftp-user-addon/scripts/system_prep.sh "https://deploy-proxy.mightybox.io/addons/add-sftp-user/raw/branch/main/scripts/system_prep.sh" - chmod +x /home/jelastic/add-sftp-user-addon/add-sftp.sh - chmod +x /home/jelastic/add-sftp-user-addon/scripts/*.sh + echo "Downloading add-sftp.sh..." >> /opt/add-sftp-user-addon/logs/script_output.log + if ! wget --no-check-certificate -O /opt/add-sftp-user-addon/add-sftp.sh "https://deploy-proxy.mightybox.io/addons/add-sftp-user/raw/branch/main/add-sftp.sh" 2>&1 | tee -a /opt/add-sftp-user-addon/logs/script_output.log; then + echo "ERROR: Failed to download add-sftp.sh" >> /opt/add-sftp-user-addon/logs/script_output.log + exit 1 + fi + + echo "Downloading logging.sh..." >> /opt/add-sftp-user-addon/logs/script_output.log + if ! wget --no-check-certificate -O /opt/add-sftp-user-addon/scripts/logging.sh "https://deploy-proxy.mightybox.io/addons/add-sftp-user/raw/branch/main/scripts/logging.sh" 2>&1 | tee -a /opt/add-sftp-user-addon/logs/script_output.log; then + echo "ERROR: Failed to download logging.sh" >> /opt/add-sftp-user-addon/logs/script_output.log + exit 1 + fi + + echo "Downloading system_prep.sh..." >> /opt/add-sftp-user-addon/logs/script_output.log + if ! wget --no-check-certificate -O /opt/add-sftp-user-addon/scripts/system_prep.sh "https://deploy-proxy.mightybox.io/addons/add-sftp-user/raw/branch/main/scripts/system_prep.sh" 2>&1 | tee -a /opt/add-sftp-user-addon/logs/script_output.log; then + echo "ERROR: Failed to download system_prep.sh" >> /opt/add-sftp-user-addon/logs/script_output.log + exit 1 + fi + + # Verify files were downloaded and are not empty + for file in /opt/add-sftp-user-addon/add-sftp.sh /opt/add-sftp-user-addon/scripts/logging.sh /opt/add-sftp-user-addon/scripts/system_prep.sh; do + if [ ! -f "$file" ]; then + echo "ERROR: File not found: $file" >> /opt/add-sftp-user-addon/logs/script_output.log + exit 1 + fi + if [ ! -s "$file" ]; then + echo "ERROR: File is empty: $file" >> /opt/add-sftp-user-addon/logs/script_output.log + exit 1 + fi + # Check if file is actually a bash script and not an HTML error page + if head -n 1 "$file" | grep -q "> /opt/add-sftp-user-addon/logs/script_output.log + cat "$file" >> /opt/add-sftp-user-addon/logs/script_output.log + exit 1 + fi + echo "Verified: $file exists and is not empty" >> /opt/add-sftp-user-addon/logs/script_output.log + done + + chmod +x /opt/add-sftp-user-addon/add-sftp.sh + chmod +x /opt/add-sftp-user-addon/scripts/*.sh # Source libraries and run the system preparation function - source /home/jelastic/add-sftp-user-addon/scripts/logging.sh - source /home/jelastic/add-sftp-user-addon/scripts/system_prep.sh + source /opt/add-sftp-user-addon/scripts/logging.sh + source /opt/add-sftp-user-addon/scripts/system_prep.sh log "======== STARTING ADDON INSTALLATION ========" @@ -102,24 +136,24 @@ onInstall: commands: |- # Create backup of original sshd_config cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak.$(date +%Y%m%d%H%M%S) - echo "Created backup of original sshd_config" >> /home/jelastic/add-sftp-user-addon/logs/script_output.log + echo "Created backup of original sshd_config" >> /opt/add-sftp-user-addon/logs/script_output.log # Fix SFTP subsystem configuration if grep -q "Subsystemsftp" /etc/ssh/sshd_config; then sed -i 's|Subsystemsftp/usr/libexec/openssh/sftp-server|Subsystem sftp /usr/libexec/openssh/sftp-server|g' /etc/ssh/sshd_config - echo "Fixed malformed SFTP subsystem configuration" >> /home/jelastic/add-sftp-user-addon/logs/script_output.log + echo "Fixed malformed SFTP subsystem configuration" >> /opt/add-sftp-user-addon/logs/script_output.log fi # Enable password authentication globally if it's set to no if grep -q "^PasswordAuthentication no" /etc/ssh/sshd_config; then sed -i 's/^PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config - echo "Enabled global password authentication" >> /home/jelastic/add-sftp-user-addon/logs/script_output.log + echo "Enabled global password authentication" >> /opt/add-sftp-user-addon/logs/script_output.log fi # Configure SFTP chroot jail if ! grep -q "^Match Group sftpusers" /etc/ssh/sshd_config; then echo -e "\n# SFTP chroot configuration for Jelastic Virtuozzo\nMatch Group sftpusers\n ChrootDirectory /home/sftpusers/%u\n ForceCommand internal-sftp\n PasswordAuthentication yes\n AllowTcpForwarding no\n X11Forwarding no" >> /etc/ssh/sshd_config - echo "Added SFTP chroot configuration" >> /home/jelastic/add-sftp-user-addon/logs/script_output.log + echo "Added SFTP chroot configuration" >> /opt/add-sftp-user-addon/logs/script_output.log fi # Create sftpusers group and directory @@ -127,18 +161,18 @@ onInstall: mkdir -p /home/sftpusers chown root:root /home/sftpusers chmod 755 /home/sftpusers - echo "Created sftpusers group and directory with proper permissions" >> /home/jelastic/add-sftp-user-addon/logs/script_output.log + echo "Created sftpusers group and directory with proper permissions" >> /opt/add-sftp-user-addon/logs/script_output.log # Clean up configuration - remove duplicate lines awk '!seen[$0]++' /etc/ssh/sshd_config > /etc/ssh/sshd_config.tmp && mv /etc/ssh/sshd_config.tmp /etc/ssh/sshd_config - echo "Cleaned up sshd_config file" >> /home/jelastic/add-sftp-user-addon/logs/script_output.log + echo "Cleaned up sshd_config file" >> /opt/add-sftp-user-addon/logs/script_output.log # Verify configuration if sshd -t; then - echo "SSH configuration is valid, applying changes" >> /home/jelastic/add-sftp-user-addon/logs/script_output.log + echo "SSH configuration is valid, applying changes" >> /opt/add-sftp-user-addon/logs/script_output.log systemctl restart sshd else - echo "ERROR: SSH configuration is INVALID, reverting to backup" >> /home/jelastic/add-sftp-user-addon/logs/script_output.log + echo "ERROR: SSH configuration is INVALID, reverting to backup" >> /opt/add-sftp-user-addon/logs/script_output.log cp /etc/ssh/sshd_config.bak.$(ls -t /etc/ssh/sshd_config.bak.* | head -1 | awk -F/ '{print $NF}') /etc/ssh/sshd_config systemctl restart sshd fi @@ -170,11 +204,11 @@ actions: user: root commands: |- # Create unique log file for this operation - OUTPUT_LOG="/home/jelastic/add-sftp-user-addon/logs/user_creation-$(date +%Y%m%d%H%M%S).log" + OUTPUT_LOG="/opt/add-sftp-user-addon/logs/user_creation-$(date +%Y%m%d%H%M%S).log" touch "$OUTPUT_LOG" # Execute the script and capture exit status - /home/jelastic/add-sftp-user-addon/add-sftp.sh "${globals.username}" "${globals.password}" "${globals.ssh_enabled}" >> "$OUTPUT_LOG" 2>&1 + /opt/add-sftp-user-addon/add-sftp.sh "${globals.username}" "${globals.password}" "${globals.ssh_enabled}" >> "$OUTPUT_LOG" 2>&1 SCRIPT_EXIT_STATUS=$? # Log the exit status @@ -207,11 +241,11 @@ actions: user: root commands: |- # Create log file for this run - LOG_FILE="/home/jelastic/add-sftp-user-addon/logs/password_change.log" + LOG_FILE="/opt/add-sftp-user-addon/logs/password_change.log" touch "$LOG_FILE" # Source the logging helper - source /home/jelastic/add-sftp-user-addon/scripts/logging.sh + source /opt/add-sftp-user-addon/scripts/logging.sh # Log start of process log "======== STARTING PASSWORD CHANGE ========" @@ -244,14 +278,14 @@ actions: user: root commands: |- # Source the logging helper - source /home/jelastic/add-sftp-user-addon/scripts/logging.sh + source /opt/add-sftp-user-addon/scripts/logging.sh log "Changing password for user: ${settings.manage_username}" # Change password using echo and chpasswd if echo "${settings.manage_username}:${globals.password}" | /usr/sbin/chpasswd; then log_success "Password changed successfully for ${settings.manage_username}" - echo "Password changed for ${settings.manage_username} at $(date)" >> /home/jelastic/add-sftp-user-addon/logs/script_output.log + echo "Password changed for ${settings.manage_username} at $(date)" >> /opt/add-sftp-user-addon/logs/script_output.log exit 0 else log_error "Failed to change password for ${settings.manage_username}" @@ -268,11 +302,11 @@ actions: user: root commands: |- # Create log file for this run - LOG_FILE="/home/jelastic/add-sftp-user-addon/logs/user_deletion.log" + LOG_FILE="/opt/add-sftp-user-addon/logs/user_deletion.log" touch "$LOG_FILE" # Source the logging helper - source /home/jelastic/add-sftp-user-addon/scripts/logging.sh + source /opt/add-sftp-user-addon/scripts/logging.sh # Log start of process log "======== STARTING USER DELETION ========" @@ -297,7 +331,7 @@ actions: user: root commands: |- # Source the logging helper - source /home/jelastic/add-sftp-user-addon/scripts/logging.sh + source /opt/add-sftp-user-addon/scripts/logging.sh log "Checking home directory for: ${settings.manage_username}" @@ -319,7 +353,7 @@ actions: user: root commands: |- # Source the logging helper - source /home/jelastic/add-sftp-user-addon/scripts/logging.sh + source /opt/add-sftp-user-addon/scripts/logging.sh log "Starting deletion of user: ${settings.manage_username}" @@ -372,11 +406,11 @@ actions: user: root commands: |- # Create log file for this run - LOG_FILE="/home/jelastic/add-sftp-user-addon/logs/list_users.log" + LOG_FILE="/opt/add-sftp-user-addon/logs/list_users.log" touch "$LOG_FILE" # Source the logging helper - source /home/jelastic/add-sftp-user-addon/scripts/logging.sh + source /opt/add-sftp-user-addon/scripts/logging.sh # Log start of process log "======== LISTING SFTP USERS ========" @@ -452,4 +486,4 @@ onUninstall: - cmd[cp]: user: root commands: - - rm -rf /home/jelastic/add-sftp-user-addon/ \ No newline at end of file + - rm -rf /opt/add-sftp-user-addon/ \ No newline at end of file diff --git a/scripts/logging.sh b/scripts/logging.sh index 9c582d0..e7b1d19 100644 --- a/scripts/logging.sh +++ b/scripts/logging.sh @@ -11,7 +11,7 @@ # ------------------------------------------------------------------------------ # Log Configuration # ------------------------------------------------------------------------------ -LOG_DIR="/home/jelastic/add-sftp-user-addon/logs" +LOG_DIR="/opt/add-sftp-user-addon/logs" LOG_FILE="$LOG_DIR/script_output.log" ERROR_LOG="$LOG_DIR/errors.log" OPERATION_LOG="$LOG_DIR/operations.log"