tylda-public/helpers
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: tylda-public:4901af38b48c06657bfddde0f498e08fa3b2c09d
Branches Tags
tylda-public:main tylda-public:editor tylda-public:feature/security-paranoia tylda-public:feature/use-xdg-config-tmux
...
compare: tylda-public:main
Branches Tags
tylda-public:main tylda-public:editor tylda-public:feature/security-paranoia tylda-public:feature/use-xdg-config-tmux

7 Commits
4901af38b4 ... main

Author SHA1 Message Date
v0id1st
fc15f8fff7 delete root from active 2026-06-23 01:16:53 +02:00
v0id1st
59f1607812 active users fix 2026-06-23 00:54:31 +02:00
v0id1st
4f00bccbe5 Merge pull request 'move all steps to functions' (#7) from editor into main 
Reviewed-on: #7
 2026-06-23 00:52:03 +02:00
v0id1st
f082adf206 Merge pull request 'feat: add active users script' (#8) from io/helpers:main into main 
Reviewed-on: #8
 2026-06-23 00:51:52 +02:00
iodomi
9381838e4f fix: check users connected thru ssh 2026-06-22 22:59:12 +02:00
iodomi
62cdc6a67d feat: add active users script 2026-06-22 14:43:18 +02:00
Smoorg
146c6fb1b1 move all add user steps to functions 2026-06-09 15:47:14 +02:00
2 changed files with 96 additions and 58 deletions
Expand all files Collapse all files

12
active-users Executable file
View File

@@ -0,0 +1,12 @@
#!/usr/bin/php
<?php
$jsonFile = '/opt/html/online.json';
$activeUsers = shell_exec("ps -eo user=,comm= | awk '$2 ~ /sshd/ {print $1}' | grep -vE 'sshd|root' | sort -u");
$activeUsersArray = array_filter(explode("\n", $activeUsers));
$activeUsersJson = json_encode($activeUsersArray, JSON_PRETTY_PRINT);
file_put_contents($jsonFile, $activeUsersJson);
?>

142
add_user.sh
View File

@@ -7,11 +7,37 @@ set -e
LOGIN="$1" LOGIN="$1"
[ -z "$LOGIN" ] && { echo "Użycie: $0 <login>"; exit 1; } [ -z "$LOGIN" ] && { echo "Użycie: $0 <login>"; exit 1; }
setup_user() {
adduser -D -s /bin/sh -h "/home/$LOGIN" -H "$LOGIN"
addgroup "$LOGIN" tildeusers
PASS="$(openssl rand -base64 16 | sed 's/[\/\+\=\\]//g')"
echo "$LOGIN":"$PASS" | chpasswd
zfs create -o mountpoint="/home/$LOGIN" -o quota=200M "tank/ROOT/homes/$LOGIN"
chown "$LOGIN":"$LOGIN" "/home/$LOGIN"
# neomutt had issues with default vi
cat "export EDITOR=nvim" >> "/home/$LOGIN/.ashrc"
# set cgroup
CG_ROOT=/sys/fs/cgroup/users
mkdir -p "$CG_ROOT"
# upewnij się, że kontrolery włączone w parent „users”
echo "+cpu +memory" > "$CG_ROOT/cgroup.subtree_control" 2>/dev/null || true
USER_CG="$CG_ROOT/$LOGIN"
mkdir "$USER_CG"
# set default folders for ssh & gnu and set them private
mkdir -m 0700 "/home/$LOGIN/.ssh"
mkdir -m 0700 "/home/$LOGIN/.gnupg"
}
setup_neomutt () { setup_neomutt () {
for dir in "Inbox" "Sent" "Drafts" "Trash"; do for dir in "Inbox" "Sent" "Drafts" "Trash"; do
for subdir in "cur" "new" "tmp"; do for subdir in "cur" "new" "tmp"; do
# mkdir -p /home/"$LOGIN"/Maildir/$dir/$subdir mkdir -p "/home/$LOGIN/Maildir/$dir/$subdir"
echo "$dir/$subdir"
done done
done done
@@ -19,8 +45,8 @@ setup_neomutt () {
} }
setup_tmux () { setup_tmux () {
mkdir -p /home/"$LOGIN"/.config/tmux mkdir -p "/home/$LOGIN/.config/tmux"
cat << EOF > /home/"$LOGIN"/.config/tmux/tmux.conf cat << EOF > "/home/$LOGIN/.config/tmux/tmux.conf"
set -g mouse on set -g mouse on
setw -g mode-keys vi setw -g mode-keys vi
bind -n F1 select-window -t 0 bind -n F1 select-window -t 0
@@ -37,6 +63,12 @@ if-shell "tmux has-session -t main 2>/dev/null" "detach" \
set-hook -g client-attached "send-keys -t main:2 '/usr/local/bin/tylda-motd.sh' C-m" set-hook -g client-attached "send-keys -t main:2 '/usr/local/bin/tylda-motd.sh' C-m"
EOF
cat << EOF > "/home/$LOGIN/.profile"
if [ -z "\$TMUX" ]; then
exec tmux attach -t main || exec tmux new -s main
fi
EOF EOF
} }
@@ -50,69 +82,63 @@ setup_gemini () {
EOF EOF
} }
# 1. Użytkownik i hasło setup_html () {
PASS="$(openssl rand -base64 16 | sed 's/[\/\+\=\\]//g')" cp -r /root/helpers/public_html "/home/$LOGIN/"
adduser -D -s /bin/sh -h "/home/$LOGIN" -H "$LOGIN" sed -i "s/<<USER>>/$LOGIN/g" "/home/$LOGIN/"public_html/index.php
echo "$LOGIN:$PASS" | chpasswd sed -i "s/<<USER>>/$LOGIN/g" "/home/$LOGIN/"public_html/parts/header.php
addgroup $LOGIN tildeusers sed -i "s/<<USER>>/$LOGIN/g" "/home/$LOGIN/"public_html/blog/index.php
# 2. Dataset ZFS (quota 200MB) touch "/home/$LOGIN/public_html/.webring"
zfs create -o mountpoint="/home/$LOGIN" -o quota=200M tank/ROOT/homes/$LOGIN }
chown $LOGIN:$LOGIN /home/$LOGIN
cat "export EDITOR=nvim" >> "/home/$LOGIN/.ashrc"
setup_nextcloud () {
curl -X POST https://cloud.tylda.org/ocs/v1.php/cloud/users \
-d userid="$LOGIN" \
-d password="$PASS" \
-H "OCS-APIRequest: true" \
-u "$NEXTCLOUD_USER:$NEXTCLOUD_PASS"
curl -X PUT "https://cloud.tylda.org/ocs/v1.php/cloud/users/$LOGIN" \
-H "OCS-APIRequest: true" \
-u "$NEXTCLOUD_USER:$NEXTCLOUD_PASS" \
-d key="quota" \
-d value="250MB"
}
setup_weechat () {
mkdir -p "/home/$LOGIN/.config/weechat/"
cp /root/helpers/irc.conf "/home/$LOGIN/.config/weechat"
}
send_welcome_mail () {
sendmail -f v0id1st@tylda.org "$LOGIN@tylda.org" << EOF
Subject: Witaj na tylda.org!
From: v0id1st@tylda.org
Siemano :D
Witaj na tyldzie, baw się dobrze! Wpadnij się przywitać na IRCa.
Twoje dane do Nextcloud to (https://cloud.tylda.org) to:
Login: $LOGIN
Hasło: $PASS
EOF
}
# critical path
setup_user
setup_nextcloud
send_welcome_mail
# less important stuff
# shouldn't impact user obtaining registration email
setup_neomutt setup_neomutt
setup_tmux setup_tmux
setup_gemini setup_gemini
setup_html
cp -r /root/helpers/public_html "/home/$LOGIN/" setup_weechat
sed -i "s/<<USER>>/$LOGIN/g" "/home/$LOGIN/"public_html/index.php
sed -i "s/<<USER>>/$LOGIN/g" "/home/$LOGIN/"public_html/parts/header.php
sed -i "s/<<USER>>/$LOGIN/g" "/home/$LOGIN/"public_html/blog/index.php
mkdir -p "/home/$LOGIN/".config/weechat/
cp /root/helpers/irc.conf "/home/$LOGIN/".config/weechat
cat << EOF > "/home/$LOGIN/.profile"
if [ -z "\$TMUX" ]; then
exec tmux attach -t main || exec tmux new -s main
fi
EOF
# 3. Cgroup v2
CG_ROOT=/sys/fs/cgroup/users
mkdir -p "$CG_ROOT"
# upewnij się, że kontrolery włączone w parent „users”
echo "+cpu +memory" > "$CG_ROOT/cgroup.subtree_control" 2>/dev/null || true
USER_CG="$CG_ROOT/$LOGIN"
mkdir "$USER_CG"
mkdir -p "/home/$LOGIN/.ssh"
mkdir -p "/home/$LOGIN/.gnupg"
touch "/home/$LOGIN/public_html/.webring"
chmod 0700 "/home/$LOGIN/.ssh"
chmod 0700 "/home/$LOGIN/.gnupg"
chown -R "$LOGIN":"$LOGIN" "/home/$LOGIN/" chown -R "$LOGIN":"$LOGIN" "/home/$LOGIN/"
curl -X POST https://cloud.tylda.org/ocs/v1.php/cloud/users -d userid="$LOGIN" -d password="$PASS" -H "OCS-APIRequest: true" -u "$NEXTCLOUD_USER:$NEXTCLOUD_PASS"
curl -X PUT "https://cloud.tylda.org/ocs/v1.php/cloud/users/$LOGIN" -H "OCS-APIRequest: true" -u "$NEXTCLOUD_USER:$NEXTCLOUD_PASS" -d key="quota" -d value="250MB"
cp welcome_tmp.txt welcome.txt
echo "Login: $LOGIN" >> welcome.txt
echo "Hasło: $PASS" >> welcome.txt
sendmail -f v0id1st@tylda.org "$LOGIN@tylda.org" < welcome.txt
rm -f welcome.txt
echo 524288000 > "$USER_CG/memory.max" # 500MB RAM echo 524288000 > "$USER_CG/memory.max" # 500MB RAM
echo "50000 100000" > "$USER_CG/cpu.max" # 50% CPU (quota/period μs) echo "50000 100000" > "$USER_CG/cpu.max" # 50% CPU (quota/period μs)