// Extract the provided details var USERNAME = "${globals.username}"; var PASSWORD = "${fn.password(12)}"; // Ensure a minimum length of 12 characters for the password var ROOT_DIRECTORY = "/var/www/webroot/ROOT"; var ENABLE_SSH = "${request.enable_ssh}" == "true"; // Check if user already exists if (jelastic.env.control.ExecCmdById('${env.envName}', '${nodes.cp.master.id}', 'id ' + USERNAME).result == 0) { return { result: 99, error: "User " + USERNAME + " already exists." }; } // Base commands for user creation and SFTP setup var cmd = [ // Install and configure fail2ban "apt-get update", "apt-get install -y fail2ban", "systemctl enable fail2ban", "systemctl start fail2ban", // User creation and SFTP setup "GROUP=$(stat -c '%G' " + ROOT_DIRECTORY + ")", "useradd -m -d " + ROOT_DIRECTORY + " -g $GROUP " + USERNAME, "echo '" + USERNAME + ":" + PASSWORD + "' | chpasswd", "chown " + USERNAME + ":$GROUP " + ROOT_DIRECTORY, "chown -R root:$GROUP /var/www", "echo 'Match Group $GROUP' >> /etc/ssh/sshd_config", "echo ' ChrootDirectory " + ROOT_DIRECTORY + "' >> /etc/ssh/sshd_config", "echo ' PasswordAuthentication yes' >> /etc/ssh/sshd_config" ]; // If SSH is not enabled, restrict to SFTP only if (!ENABLE_SSH) { cmd.push("echo ' ForceCommand internal-sftp' >> /etc/ssh/sshd_config"); } // Restart SSHD to apply changes cmd.push("systemctl restart sshd"); return jelastic.env.control.ExecCmdById('${env.envName}', '${nodes.cp.master.id}', cmd.join(" && ")); // If the command execution was successful, return the SFTP details if (response && response.result == 0) { return { result: 0, message: "SFTP User Created Successfully!\n\n" + "Username: " + USERNAME + "\n" + "Password: " + PASSWORD + "\n" + "SFTP Host: " + "${env.domain}" + "\n" + // Assuming env.domain provides the domain of the environment "Port: 22" // Standard SFTP port }; } else { return { result: response.result, error: response.error || "An error occurred while creating the SFTP user." }; }