diff --git a/add_user.sh b/add_user.sh index ebf12f3..790f86c 100755 --- a/add_user.sh +++ b/add_user.sh @@ -2,51 +2,51 @@ # Usage: add_user.sh set -e -source /root/helpers/.env +. /root/helpers/.env LOGIN="$1" [ -z "$LOGIN" ] && { echo "Użycie: $0 "; exit 1; } -# 1. Użytkownik i hasło -PASS="$(openssl rand -base64 16 | sed 's/[\/\+\=\\]//g')" -adduser -D -s /bin/sh -h /home/$LOGIN -H "$LOGIN" -echo "$LOGIN:$PASS" | chpasswd -addgroup $LOGIN tildeusers +setup_user() { + adduser -D -s /bin/sh -h "/home/$LOGIN" -H "$LOGIN" + addgroup "$LOGIN" tildeusers + + PASS="$(openssl rand -base64 16 | sed 's/[\/\+\=\\]//g')" + echo "$LOGIN":"$PASS" | chpasswd + + zfs create -o mountpoint="/home/$LOGIN" -o quota=200M "tank/ROOT/homes/$LOGIN" + chown "$LOGIN":"$LOGIN" "/home/$LOGIN" -# 2. Dataset ZFS (quota 200 MB) -zfs create -o mountpoint=/home/$LOGIN -o quota=200M tank/ROOT/homes/$LOGIN -chown $LOGIN:$LOGIN /home/$LOGIN -cat "export EDITOR=nvim" >> /home/$LOGIN/.ashrc + # neomutt had issues with default vi + cat "export EDITOR=nvim" >> "/home/$LOGIN/.ashrc" -mkdir -p /home/$LOGIN/Maildir/Inbox/cur -mkdir -p /home/$LOGIN/Maildir/Inbox/new -mkdir -p /home/$LOGIN/Maildir/Inbox/tmp + # set cgroup + CG_ROOT=/sys/fs/cgroup/users + mkdir -p "$CG_ROOT" + # upewnij się, że kontrolery włączone w parent „users” + echo "+cpu +memory" > "$CG_ROOT/cgroup.subtree_control" 2>/dev/null || true + + USER_CG="$CG_ROOT/$LOGIN" + mkdir "$USER_CG" + + # set default folders for ssh & gnu and set them private + mkdir -m 0700 "/home/$LOGIN/.ssh" + mkdir -m 0700 "/home/$LOGIN/.gnupg" +} -mkdir -p /home/$LOGIN/Maildir/Sent/cur -mkdir -p /home/$LOGIN/Maildir/Sent/new -mkdir -p /home/$LOGIN/Maildir/Sent/tmp +setup_neomutt () { + for dir in "Inbox" "Sent" "Drafts" "Trash"; do + for subdir in "cur" "new" "tmp"; do + mkdir -p "/home/$LOGIN/Maildir/$dir/$subdir" + done + done -mkdir -p /home/$LOGIN/Maildir/Drafts/cur -mkdir -p /home/$LOGIN/Maildir/Drafts/new -mkdir -p /home/$LOGIN/Maildir/Drafts/tmp + chmod -R 0700 /home/"$LOGIN"/Maildir +} -mkdir -p /home/$LOGIN/Maildir/Trash/cur -mkdir -p /home/$LOGIN/Maildir/Trash/new -mkdir -p /home/$LOGIN/Maildir/Trash/tmp - -chmod -R 0700 /home/$LOGIN/Maildir - -cp -r /root/helpers/public_html /home/$LOGIN/ -sed -i "s/<>/$LOGIN/g" /home/$LOGIN/public_html/index.php -sed -i "s/<>/$LOGIN/g" /home/$LOGIN/public_html/parts/header.php -sed -i "s/<>/$LOGIN/g" /home/$LOGIN/public_html/blog/index.php - -mkdir -p /home/$LOGIN/.config/weechat/ - -cp /root/helpers/irc.conf /home/$LOGIN/.config/weechat - -mkdir -p /home/$LOGIN/.config/tmux -cat << EOF > /home/$LOGIN/.config/tmux/tmux.conf +setup_tmux () { + mkdir -p "/home/$LOGIN/.config/tmux" + cat << EOF > "/home/$LOGIN/.config/tmux/tmux.conf" set -g mouse on setw -g mode-keys vi bind -n F1 select-window -t 0 @@ -65,52 +65,79 @@ set-hook -g client-attached "send-keys -t main:2 '/usr/local/bin/tylda-motd.sh' EOF -cat << EOF > /home/$LOGIN/.profile +cat << EOF > "/home/$LOGIN/.profile" if [ -z "\$TMUX" ]; then exec tmux attach -t main || exec tmux new -s main fi EOF +} - -# 3. Cgroup v2 -CG_ROOT=/sys/fs/cgroup/users -mkdir -p "$CG_ROOT" -# upewnij się, że kontrolery włączone w parent „users” -echo "+cpu +memory" > "$CG_ROOT/cgroup.subtree_control" 2>/dev/null || true - -USER_CG="$CG_ROOT/$LOGIN" -mkdir "$USER_CG" - -# gemini -gmi="/home/$LOGIN/public_gemini/" -mkdir -p $gmi -ln -s $gmi /srv/gemini/~$LOGIN - -cat < $gmi/index.gmi +setup_gemini () { + gmi="/home/$LOGIN/public_gemini/" + mkdir -p "$gmi" + ln -s "$gmi" "/srv/gemini/~$LOGIN" + + cat < "$gmi/index.gmi" # $LOGIN EOF -# end gemini +} -mkdir -p /home/$LOGIN/.ssh -mkdir -p /home/$LOGIN/.gnupg -touch /home/$LOGIN/public_html/.webring +setup_html () { + cp -r /root/helpers/public_html "/home/$LOGIN/" + sed -i "s/<>/$LOGIN/g" "/home/$LOGIN/"public_html/index.php + sed -i "s/<>/$LOGIN/g" "/home/$LOGIN/"public_html/parts/header.php + sed -i "s/<>/$LOGIN/g" "/home/$LOGIN/"public_html/blog/index.php -chmod 0700 /home/$LOGIN/.ssh -chmod 0700 /home/$LOGIN/.gnupg + touch "/home/$LOGIN/public_html/.webring" +} -chown -R $LOGIN:$LOGIN /home/$LOGIN/ +setup_nextcloud () { + curl -X POST https://cloud.tylda.org/ocs/v1.php/cloud/users \ + -d userid="$LOGIN" \ + -d password="$PASS" \ + -H "OCS-APIRequest: true" \ + -u "$NEXTCLOUD_USER:$NEXTCLOUD_PASS" -curl -X POST https://cloud.tylda.org/ocs/v1.php/cloud/users -d userid="$LOGIN" -d password="$PASS" -H "OCS-APIRequest: true" -u "$NEXTCLOUD_USER:$NEXTCLOUD_PASS" -curl -X PUT "https://cloud.tylda.org/ocs/v1.php/cloud/users/$LOGIN" -H "OCS-APIRequest: true" -u "$NEXTCLOUD_USER:$NEXTCLOUD_PASS" -d key="quota" -d value="250MB" + curl -X PUT "https://cloud.tylda.org/ocs/v1.php/cloud/users/$LOGIN" \ + -H "OCS-APIRequest: true" \ + -u "$NEXTCLOUD_USER:$NEXTCLOUD_PASS" \ + -d key="quota" \ + -d value="250MB" +} -cp welcome_tmp.txt welcome.txt +setup_weechat () { + mkdir -p "/home/$LOGIN/.config/weechat/" + cp /root/helpers/irc.conf "/home/$LOGIN/.config/weechat" +} -echo "Login: $LOGIN" >> welcome.txt -echo "Hasło: $PASS" >> welcome.txt +send_welcome_mail () { + sendmail -f v0id1st@tylda.org "$LOGIN@tylda.org" << EOF +Subject: Witaj na tylda.org! +From: v0id1st@tylda.org -sendmail -f v0id1st@tylda.org $LOGIN@tylda.org < welcome.txt +Siemano :D +Witaj na tyldzie, baw się dobrze! Wpadnij się przywitać na IRCa. -rm -f welcome.txt +Twoje dane do Nextcloud to (https://cloud.tylda.org) to: + Login: $LOGIN + Hasło: $PASS +EOF +} + +# critical path +setup_user +setup_nextcloud +send_welcome_mail + +# less important stuff +# shouldn't impact user obtaining registration email +setup_neomutt +setup_tmux +setup_gemini +setup_html +setup_weechat + +chown -R "$LOGIN":"$LOGIN" "/home/$LOGIN/" echo 524288000 > "$USER_CG/memory.max" # 500 MB RAM echo "50000 100000" > "$USER_CG/cpu.max" # 50 % CPU (quota/period μs)