Created the JPS file
commit
c72743825e
|
|
@ -0,0 +1,104 @@
|
||||||
|
type: update
|
||||||
|
name: Add SFTP User
|
||||||
|
|
||||||
|
targetNodes:
|
||||||
|
nodeGroup: cp
|
||||||
|
|
||||||
|
user: root
|
||||||
|
|
||||||
|
globals:
|
||||||
|
username: "user-${fn.random(10000,99999)}"
|
||||||
|
password: ${fn.password(min)}
|
||||||
|
|
||||||
|
actions:
|
||||||
|
add_sftp_user:
|
||||||
|
cmd[${nodes.cp.master.id}]: |-
|
||||||
|
# Extract the provided details
|
||||||
|
USERNAME=${globals.username}
|
||||||
|
PASSWORD=${fn.password(min)}
|
||||||
|
ROOT_DIRECTORY=/var/www/webroot/ROOT
|
||||||
|
ENABLE_SSH=false
|
||||||
|
EMAILS=${user.email}
|
||||||
|
|
||||||
|
# Check if user already exists
|
||||||
|
if id "$USERNAME" &>/dev/null; then
|
||||||
|
echo '{"result": "error", "message": "Error: User $USERNAME already exists."}'
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Check if home directory exists
|
||||||
|
if [ -d "$ROOT_DIRECTORY" ]; then
|
||||||
|
echo "Warning: Home directory $ROOT_DIRECTORY already exists."
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Detect the group of the home directory
|
||||||
|
GROUP=$(stat -c '%G' $ROOT_DIRECTORY)
|
||||||
|
|
||||||
|
# Create the user with the detected group and appropriate home directory
|
||||||
|
useradd -m -d $ROOT_DIRECTORY -g $GROUP $USERNAME
|
||||||
|
|
||||||
|
# Set the password for the user
|
||||||
|
echo "$USERNAME:$PASSWORD" | chpasswd
|
||||||
|
|
||||||
|
# Ensure the user's home directory exists and has the correct permissions
|
||||||
|
mkdir -p $ROOT_DIRECTORY
|
||||||
|
chown $USERNAME:$GROUP $ROOT_DIRECTORY
|
||||||
|
|
||||||
|
# Reassign ownership of webroot path to root:detected_group
|
||||||
|
chown -R root:$GROUP /var/www
|
||||||
|
|
||||||
|
# Add configuration to sshd_config
|
||||||
|
echo "Match Group $GROUP" >> /etc/ssh/sshd_config
|
||||||
|
echo " ChrootDirectory $ROOT_DIRECTORY" >> /etc/ssh/sshd_config
|
||||||
|
echo " PasswordAuthentication yes" >> /etc/ssh/sshd_config
|
||||||
|
echo " ForceCommand internal-sftp" >> /etc/ssh/sshd_config
|
||||||
|
|
||||||
|
# Set up bash access
|
||||||
|
cd /var/www/webroot
|
||||||
|
mkdir -p bin lib lib64
|
||||||
|
cp /bin/bash bin/
|
||||||
|
cp /lib64/libtinfo.so.5 /lib64/libdl.so.2 /lib64/libc.so.6 /lib64/ld-linux-x86-64.so.2 lib64/
|
||||||
|
|
||||||
|
# Restart SSH
|
||||||
|
systemctl restart sshd
|
||||||
|
|
||||||
|
exit 0
|
||||||
|
|
||||||
|
success:
|
||||||
|
email: "Username: ${globals.username}, Password: ${globals.password}"
|
||||||
|
text:
|
||||||
|
en: "Username: ${globals.username}, Password: ${globals.password}"
|
||||||
|
|
||||||
|
settings:
|
||||||
|
sftpForm:
|
||||||
|
fields:
|
||||||
|
- type: string
|
||||||
|
inputType: text
|
||||||
|
name: username
|
||||||
|
caption: Username
|
||||||
|
placeholder: ${globals.username}
|
||||||
|
disabled: true
|
||||||
|
required: false
|
||||||
|
- type: string
|
||||||
|
inputType: password
|
||||||
|
name: password
|
||||||
|
caption: Password
|
||||||
|
placeholder: ${fn.password(min)}
|
||||||
|
disabled: true
|
||||||
|
required: false
|
||||||
|
- type: string
|
||||||
|
inputType: text
|
||||||
|
name: root_directory
|
||||||
|
caption: Root Directory
|
||||||
|
default: "/var/www/webroot/ROOT"
|
||||||
|
required: true
|
||||||
|
- type: checkbox
|
||||||
|
name: enable_ssh
|
||||||
|
caption: Also enable SSH access
|
||||||
|
default: false
|
||||||
|
|
||||||
|
buttons:
|
||||||
|
- settings: sftpForm
|
||||||
|
action: add_sftp_user
|
||||||
|
caption: Add SFTP User
|
||||||
|
confirmText: "Are you sure you want to add this SFTP user?"
|
||||||
Loading…
Reference in New Issue