diff --git a/README.md b/README.md index 8dc0a2e..5dc9f84 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,18 @@ +Version 0.4 Changelogs: +- Replaced auto-generated usernames with user-defined usernames +- Added username validation (3-32 characters, alphanumeric + underscore only) +- Implemented duplicate username checking +- Enhanced error handling for invalid username formats +- Added user-friendly error messages for username validation +- Maintained backward compatibility with existing user management + +Version 0.3 Changelogs: +- Fixed SSH configuration handling to prevent duplicate Match User entries +- Implemented idempotent sshd_config modification using pattern matching and deduplication +- Added atomic configuration updates with proper indentation handling +- Removed redundant SSH service restarts while maintaining reliability +- Added configuration validation before applying changes + Version 0.2 Changelogs: - Added a submitUnchanged property to allow submitting the 'Add User' form even if the settings haven't been changed. - Changed required: true to required: false for the 'Accept User Creation' checkbox diff --git a/add-sftp.sh b/add-sftp.sh index 60860c5..ade4dee 100644 --- a/add-sftp.sh +++ b/add-sftp.sh @@ -24,9 +24,14 @@ log_debug() { fi } -# Generate random username -generate_username() { - echo "user$(shuf -i 10000-99999 -n 1)" +# Validate username format +validate_username() { + local username=$1 + if ! [[ $username =~ ^[a-zA-Z0-9_]{3,32}$ ]]; then + log_error "Invalid username format. Username must be 3-32 characters long and contain only letters, numbers, and underscores." + return 1 + fi + return 0 } USERNAME=$1 @@ -35,11 +40,16 @@ SSH_ENABLED=$3 log "Script started" -# Check if user already exists, if yes generate a new one -while id "$USERNAME" &>/dev/null; do - USERNAME=$(generate_username) - log_warning "Username $USERNAME already exists, generating a new username." -done +# Validate username format +if ! validate_username "$USERNAME"; then + exit 1 +fi + +# Check if user already exists +if id "$USERNAME" &>/dev/null; then + log_error "Username $USERNAME already exists. Please choose a different username." + exit 1 +fi USER_HOME="/home/sftpusers/$USERNAME" ROOT_DIRECTORY="/var/www/webroot/ROOT" diff --git a/manifest.jps b/manifest.jps index cb29495..ab3657e 100644 --- a/manifest.jps +++ b/manifest.jps @@ -1,4 +1,4 @@ -version: 0.2 +version: 0.4 id: addsftp type: update description: An addon to add new SFTP users. It can also manage created user accounts. If SSH is enabled, WP-CLI will attempt to be installed if it is not yet installed. @@ -16,6 +16,13 @@ settings: caption: Root Directory /var/www/webroot/ROOT/ description: "A user-specific directory will be created under /home/username" required: false + - type: string + name: custom_username + caption: Custom Username + description: "Enter a custom username (3-32 characters, alphanumeric + underscore only)" + required: true + regex: ^[a-zA-Z0-9_]{3,32}$ + regexText: "Username must be 3-32 characters long and contain only letters, numbers, and underscores" - type: checkbox name: allow caption: Accept User Creation @@ -60,7 +67,7 @@ settings: globals: - username: "user${fn.random(10000,99999)}" + username: ${settings.custom_username} password: ${fn.password(min)} sftpHost: ${env.domain} sftpPort: 22 @@ -75,9 +82,15 @@ onInstall: wget https://deploy-proxy.mightybox.io/addons/add-sftp-user/raw/branch/main/add-sftp.sh -O /home/jelastic/add-sftp-user-addon/add-sftp.sh chmod +x /home/jelastic/add-sftp-user-addon/*.sh - cmd[cp]: - user: root - commands: - - echo -e "\nMatch User user*\nPasswordAuthentication yes" >> /etc/ssh/sshd_config + user: root + commands: |- + if grep -qE "^Match User user[0-9]*$" /etc/ssh/sshd_config; then + sed -i '/^Match User user[0-9]*/!b;n;c\ PasswordAuthentication yes' /etc/ssh/sshd_config + else + echo -e "\n# Added by SFTP addon\nMatch User user*\n\tPasswordAuthentication yes" >> /etc/ssh/sshd_config + fi + awk '!seen[$0]++' /etc/ssh/sshd_config > /etc/ssh/sshd_config.tmp && mv /etc/ssh/sshd_config.tmp /etc/ssh/sshd_config + systemctl restart sshd - cmd[cp]: user: root commands: