From fd2eb5efdcc35e2ab68e1cd04719a682ba627935 Mon Sep 17 00:00:00 2001 From: Anthony Date: Wed, 25 Oct 2023 00:16:51 +0800 Subject: [PATCH] Format popup message, email, change username format, updated SFTP creation --- add-sftp.jps | 16 +++++++++++--- scripts/add-sftp-user.cs | 47 ++++++++++++++++++++++++++++++++-------- 2 files changed, 51 insertions(+), 12 deletions(-) diff --git a/add-sftp.jps b/add-sftp.jps index 6208cf9..d5f1715 100644 --- a/add-sftp.jps +++ b/add-sftp.jps @@ -7,17 +7,27 @@ targetNodes: user: root globals: - username: "user-${fn.random(10000,99999)}" + username: "user${fn.random(10000,99999)}" password: ${fn.password(min)} + sftpHost: ${env.domain} + sftpPort: 22 actions: add_sftp_user: script: /scripts/add-sftp-user.cs?_r=${fn.random} success: - email: "Username: ${globals.username}, Password: ${globals.password}" + email: | + SFTP Host: ${globals.sftpHost} + Port: ${globals.sftpPort} + Username: ${globals.username} + Password: ${globals.password} text: - en: "Username: ${globals.username}, Password: ${globals.password}" + en: | + SFTP Host: ${globals.sftpHost} + Port: ${globals.sftpPort} + Username: ${globals.username} + Password: ${globals.password} settings: sftpForm: diff --git a/scripts/add-sftp-user.cs b/scripts/add-sftp-user.cs index e51b10c..18e7872 100644 --- a/scripts/add-sftp-user.cs +++ b/scripts/add-sftp-user.cs @@ -1,9 +1,8 @@ // Extract the provided details var USERNAME = "${globals.username}"; -var PASSWORD = "${fn.password(min)}"; +var PASSWORD = "${fn.password(12)}"; // Ensure a minimum length of 12 characters for the password var ROOT_DIRECTORY = "/var/www/webroot/ROOT"; -var ENABLE_SSH = false; -var EMAILS = "${user.email}"; +var ENABLE_SSH = "${request.enable_ssh}" == "true"; // Check if user already exists if (jelastic.env.control.ExecCmdById('${env.envName}', '${nodes.cp.master.id}', 'id ' + USERNAME).result == 0) { @@ -13,8 +12,15 @@ if (jelastic.env.control.ExecCmdById('${env.envName}', '${nodes.cp.master.id}', }; } -// Create the user, set password, and configure SFTP +// Base commands for user creation and SFTP setup var cmd = [ + // Install and configure fail2ban + "apt-get update", + "apt-get install -y fail2ban", + "systemctl enable fail2ban", + "systemctl start fail2ban", + + // User creation and SFTP setup "GROUP=$(stat -c '%G' " + ROOT_DIRECTORY + ")", "useradd -m -d " + ROOT_DIRECTORY + " -g $GROUP " + USERNAME, "echo '" + USERNAME + ":" + PASSWORD + "' | chpasswd", @@ -22,9 +28,32 @@ var cmd = [ "chown -R root:$GROUP /var/www", "echo 'Match Group $GROUP' >> /etc/ssh/sshd_config", "echo ' ChrootDirectory " + ROOT_DIRECTORY + "' >> /etc/ssh/sshd_config", - "echo ' PasswordAuthentication yes' >> /etc/ssh/sshd_config", - "echo ' ForceCommand internal-sftp' >> /etc/ssh/sshd_config", - "systemctl restart sshd" -].join(" && "); + "echo ' PasswordAuthentication yes' >> /etc/ssh/sshd_config" +]; -return jelastic.env.control.ExecCmdById('${env.envName}', '${nodes.cp.master.id}', cmd); +// If SSH is not enabled, restrict to SFTP only +if (!ENABLE_SSH) { + cmd.push("echo ' ForceCommand internal-sftp' >> /etc/ssh/sshd_config"); +} + +// Restart SSHD to apply changes +cmd.push("systemctl restart sshd"); + +return jelastic.env.control.ExecCmdById('${env.envName}', '${nodes.cp.master.id}', cmd.join(" && ")); + +// If the command execution was successful, return the SFTP details +if (response && response.result == 0) { + return { + result: 0, + message: "SFTP User Created Successfully!\n\n" + + "Username: " + USERNAME + "\n" + + "Password: " + PASSWORD + "\n" + + "SFTP Host: " + "${env.domain}" + "\n" + // Assuming env.domain provides the domain of the environment + "Port: 22" // Standard SFTP port + }; +} else { + return { + result: response.result, + error: response.error || "An error occurred while creating the SFTP user." + }; +} \ No newline at end of file