Updated JSP and separated the bash script action.
parent
c72743825e
commit
6a272e82fe
56
add-sftp.jps
56
add-sftp.jps
|
|
@ -9,60 +9,10 @@ user: root
|
|||
globals:
|
||||
username: "user-${fn.random(10000,99999)}"
|
||||
password: ${fn.password(min)}
|
||||
|
||||
|
||||
actions:
|
||||
add_sftp_user:
|
||||
cmd[${nodes.cp.master.id}]: |-
|
||||
# Extract the provided details
|
||||
USERNAME=${globals.username}
|
||||
PASSWORD=${fn.password(min)}
|
||||
ROOT_DIRECTORY=/var/www/webroot/ROOT
|
||||
ENABLE_SSH=false
|
||||
EMAILS=${user.email}
|
||||
|
||||
# Check if user already exists
|
||||
if id "$USERNAME" &>/dev/null; then
|
||||
echo '{"result": "error", "message": "Error: User $USERNAME already exists."}'
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if home directory exists
|
||||
if [ -d "$ROOT_DIRECTORY" ]; then
|
||||
echo "Warning: Home directory $ROOT_DIRECTORY already exists."
|
||||
fi
|
||||
|
||||
# Detect the group of the home directory
|
||||
GROUP=$(stat -c '%G' $ROOT_DIRECTORY)
|
||||
|
||||
# Create the user with the detected group and appropriate home directory
|
||||
useradd -m -d $ROOT_DIRECTORY -g $GROUP $USERNAME
|
||||
|
||||
# Set the password for the user
|
||||
echo "$USERNAME:$PASSWORD" | chpasswd
|
||||
|
||||
# Ensure the user's home directory exists and has the correct permissions
|
||||
mkdir -p $ROOT_DIRECTORY
|
||||
chown $USERNAME:$GROUP $ROOT_DIRECTORY
|
||||
|
||||
# Reassign ownership of webroot path to root:detected_group
|
||||
chown -R root:$GROUP /var/www
|
||||
|
||||
# Add configuration to sshd_config
|
||||
echo "Match Group $GROUP" >> /etc/ssh/sshd_config
|
||||
echo " ChrootDirectory $ROOT_DIRECTORY" >> /etc/ssh/sshd_config
|
||||
echo " PasswordAuthentication yes" >> /etc/ssh/sshd_config
|
||||
echo " ForceCommand internal-sftp" >> /etc/ssh/sshd_config
|
||||
|
||||
# Set up bash access
|
||||
cd /var/www/webroot
|
||||
mkdir -p bin lib lib64
|
||||
cp /bin/bash bin/
|
||||
cp /lib64/libtinfo.so.5 /lib64/libdl.so.2 /lib64/libc.so.6 /lib64/ld-linux-x86-64.so.2 lib64/
|
||||
|
||||
# Restart SSH
|
||||
systemctl restart sshd
|
||||
|
||||
exit 0
|
||||
script: /scripts/add-sftp-user.cs?_r=${fn.random}
|
||||
|
||||
success:
|
||||
email: "Username: ${globals.username}, Password: ${globals.password}"
|
||||
|
|
@ -101,4 +51,4 @@ buttons:
|
|||
- settings: sftpForm
|
||||
action: add_sftp_user
|
||||
caption: Add SFTP User
|
||||
confirmText: "Are you sure you want to add this SFTP user?"
|
||||
confirmText: "Are you sure you want to add this SFTP user?"
|
||||
|
|
|
|||
Loading…
Reference in New Issue