Created the JPS file
commit
c72743825e
|
|
@ -0,0 +1,104 @@
|
|||
type: update
|
||||
name: Add SFTP User
|
||||
|
||||
targetNodes:
|
||||
nodeGroup: cp
|
||||
|
||||
user: root
|
||||
|
||||
globals:
|
||||
username: "user-${fn.random(10000,99999)}"
|
||||
password: ${fn.password(min)}
|
||||
|
||||
actions:
|
||||
add_sftp_user:
|
||||
cmd[${nodes.cp.master.id}]: |-
|
||||
# Extract the provided details
|
||||
USERNAME=${globals.username}
|
||||
PASSWORD=${fn.password(min)}
|
||||
ROOT_DIRECTORY=/var/www/webroot/ROOT
|
||||
ENABLE_SSH=false
|
||||
EMAILS=${user.email}
|
||||
|
||||
# Check if user already exists
|
||||
if id "$USERNAME" &>/dev/null; then
|
||||
echo '{"result": "error", "message": "Error: User $USERNAME already exists."}'
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if home directory exists
|
||||
if [ -d "$ROOT_DIRECTORY" ]; then
|
||||
echo "Warning: Home directory $ROOT_DIRECTORY already exists."
|
||||
fi
|
||||
|
||||
# Detect the group of the home directory
|
||||
GROUP=$(stat -c '%G' $ROOT_DIRECTORY)
|
||||
|
||||
# Create the user with the detected group and appropriate home directory
|
||||
useradd -m -d $ROOT_DIRECTORY -g $GROUP $USERNAME
|
||||
|
||||
# Set the password for the user
|
||||
echo "$USERNAME:$PASSWORD" | chpasswd
|
||||
|
||||
# Ensure the user's home directory exists and has the correct permissions
|
||||
mkdir -p $ROOT_DIRECTORY
|
||||
chown $USERNAME:$GROUP $ROOT_DIRECTORY
|
||||
|
||||
# Reassign ownership of webroot path to root:detected_group
|
||||
chown -R root:$GROUP /var/www
|
||||
|
||||
# Add configuration to sshd_config
|
||||
echo "Match Group $GROUP" >> /etc/ssh/sshd_config
|
||||
echo " ChrootDirectory $ROOT_DIRECTORY" >> /etc/ssh/sshd_config
|
||||
echo " PasswordAuthentication yes" >> /etc/ssh/sshd_config
|
||||
echo " ForceCommand internal-sftp" >> /etc/ssh/sshd_config
|
||||
|
||||
# Set up bash access
|
||||
cd /var/www/webroot
|
||||
mkdir -p bin lib lib64
|
||||
cp /bin/bash bin/
|
||||
cp /lib64/libtinfo.so.5 /lib64/libdl.so.2 /lib64/libc.so.6 /lib64/ld-linux-x86-64.so.2 lib64/
|
||||
|
||||
# Restart SSH
|
||||
systemctl restart sshd
|
||||
|
||||
exit 0
|
||||
|
||||
success:
|
||||
email: "Username: ${globals.username}, Password: ${globals.password}"
|
||||
text:
|
||||
en: "Username: ${globals.username}, Password: ${globals.password}"
|
||||
|
||||
settings:
|
||||
sftpForm:
|
||||
fields:
|
||||
- type: string
|
||||
inputType: text
|
||||
name: username
|
||||
caption: Username
|
||||
placeholder: ${globals.username}
|
||||
disabled: true
|
||||
required: false
|
||||
- type: string
|
||||
inputType: password
|
||||
name: password
|
||||
caption: Password
|
||||
placeholder: ${fn.password(min)}
|
||||
disabled: true
|
||||
required: false
|
||||
- type: string
|
||||
inputType: text
|
||||
name: root_directory
|
||||
caption: Root Directory
|
||||
default: "/var/www/webroot/ROOT"
|
||||
required: true
|
||||
- type: checkbox
|
||||
name: enable_ssh
|
||||
caption: Also enable SSH access
|
||||
default: false
|
||||
|
||||
buttons:
|
||||
- settings: sftpForm
|
||||
action: add_sftp_user
|
||||
caption: Add SFTP User
|
||||
confirmText: "Are you sure you want to add this SFTP user?"
|
||||
Loading…
Reference in New Issue