Updated JSP and separated the bash script action.
parent
c72743825e
commit
6a272e82fe
56
add-sftp.jps
56
add-sftp.jps
|
|
@ -9,60 +9,10 @@ user: root
|
||||||
globals:
|
globals:
|
||||||
username: "user-${fn.random(10000,99999)}"
|
username: "user-${fn.random(10000,99999)}"
|
||||||
password: ${fn.password(min)}
|
password: ${fn.password(min)}
|
||||||
|
|
||||||
actions:
|
actions:
|
||||||
add_sftp_user:
|
add_sftp_user:
|
||||||
cmd[${nodes.cp.master.id}]: |-
|
script: /scripts/add-sftp-user.cs?_r=${fn.random}
|
||||||
# Extract the provided details
|
|
||||||
USERNAME=${globals.username}
|
|
||||||
PASSWORD=${fn.password(min)}
|
|
||||||
ROOT_DIRECTORY=/var/www/webroot/ROOT
|
|
||||||
ENABLE_SSH=false
|
|
||||||
EMAILS=${user.email}
|
|
||||||
|
|
||||||
# Check if user already exists
|
|
||||||
if id "$USERNAME" &>/dev/null; then
|
|
||||||
echo '{"result": "error", "message": "Error: User $USERNAME already exists."}'
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Check if home directory exists
|
|
||||||
if [ -d "$ROOT_DIRECTORY" ]; then
|
|
||||||
echo "Warning: Home directory $ROOT_DIRECTORY already exists."
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Detect the group of the home directory
|
|
||||||
GROUP=$(stat -c '%G' $ROOT_DIRECTORY)
|
|
||||||
|
|
||||||
# Create the user with the detected group and appropriate home directory
|
|
||||||
useradd -m -d $ROOT_DIRECTORY -g $GROUP $USERNAME
|
|
||||||
|
|
||||||
# Set the password for the user
|
|
||||||
echo "$USERNAME:$PASSWORD" | chpasswd
|
|
||||||
|
|
||||||
# Ensure the user's home directory exists and has the correct permissions
|
|
||||||
mkdir -p $ROOT_DIRECTORY
|
|
||||||
chown $USERNAME:$GROUP $ROOT_DIRECTORY
|
|
||||||
|
|
||||||
# Reassign ownership of webroot path to root:detected_group
|
|
||||||
chown -R root:$GROUP /var/www
|
|
||||||
|
|
||||||
# Add configuration to sshd_config
|
|
||||||
echo "Match Group $GROUP" >> /etc/ssh/sshd_config
|
|
||||||
echo " ChrootDirectory $ROOT_DIRECTORY" >> /etc/ssh/sshd_config
|
|
||||||
echo " PasswordAuthentication yes" >> /etc/ssh/sshd_config
|
|
||||||
echo " ForceCommand internal-sftp" >> /etc/ssh/sshd_config
|
|
||||||
|
|
||||||
# Set up bash access
|
|
||||||
cd /var/www/webroot
|
|
||||||
mkdir -p bin lib lib64
|
|
||||||
cp /bin/bash bin/
|
|
||||||
cp /lib64/libtinfo.so.5 /lib64/libdl.so.2 /lib64/libc.so.6 /lib64/ld-linux-x86-64.so.2 lib64/
|
|
||||||
|
|
||||||
# Restart SSH
|
|
||||||
systemctl restart sshd
|
|
||||||
|
|
||||||
exit 0
|
|
||||||
|
|
||||||
success:
|
success:
|
||||||
email: "Username: ${globals.username}, Password: ${globals.password}"
|
email: "Username: ${globals.username}, Password: ${globals.password}"
|
||||||
|
|
@ -101,4 +51,4 @@ buttons:
|
||||||
- settings: sftpForm
|
- settings: sftpForm
|
||||||
action: add_sftp_user
|
action: add_sftp_user
|
||||||
caption: Add SFTP User
|
caption: Add SFTP User
|
||||||
confirmText: "Are you sure you want to add this SFTP user?"
|
confirmText: "Are you sure you want to add this SFTP user?"
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue