124 lines
3.3 KiB
Bash
Executable File
124 lines
3.3 KiB
Bash
Executable File
#!/bin/sh
|
||
# Usage: add_user.sh <login>
|
||
set -e
|
||
|
||
. /root/helpers/.env
|
||
|
||
LOGIN="$1"
|
||
[ -z "$LOGIN" ] && { echo "Użycie: $0 <login>"; exit 1; }
|
||
|
||
setup_neomutt () {
|
||
for dir in "Inbox" "Sent" "Drafts" "Trash"; do
|
||
for subdir in "cur" "new" "tmp"; do
|
||
# mkdir -p /home/"$LOGIN"/Maildir/$dir/$subdir
|
||
echo "$dir/$subdir"
|
||
done
|
||
done
|
||
|
||
chmod -R 0700 /home/"$LOGIN"/Maildir
|
||
}
|
||
|
||
setup_tmux () {
|
||
mkdir -p /home/"$LOGIN"/.config/tmux
|
||
cat << EOF > /home/"$LOGIN"/.config/tmux/tmux.conf
|
||
set -g mouse on
|
||
setw -g mode-keys vi
|
||
bind -n F1 select-window -t 0
|
||
bind -n F2 select-window -t 1
|
||
bind -n F3 select-window -t 2
|
||
bind -n F12 detach
|
||
|
||
if-shell "tmux has-session -t main 2>/dev/null" "detach" \
|
||
"new-session -d -s main -n Mail 'neomutt'; \
|
||
new-window -t main:1 -n IRC 'weechat'; \
|
||
new-window -t main:2 -n Shell 'ash'; \
|
||
send-keys -t main:2 '/usr/local/bin/tylda-motd.sh' C-m; \
|
||
select-window -t main:0"
|
||
|
||
set-hook -g client-attached "send-keys -t main:2 '/usr/local/bin/tylda-motd.sh' C-m"
|
||
|
||
EOF
|
||
}
|
||
|
||
setup_gemini () {
|
||
gmi="/home/$LOGIN/public_gemini/"
|
||
mkdir -p "$gmi"
|
||
ln -s "$gmi" "/srv/gemini/~$LOGIN"
|
||
|
||
cat <<EOF > "$gmi/index.gmi"
|
||
# $LOGIN
|
||
EOF
|
||
}
|
||
|
||
# 1. Użytkownik i hasło
|
||
PASS="$(openssl rand -base64 16 | sed 's/[\/\+\=\\]//g')"
|
||
adduser -D -s /bin/sh -h "/home/$LOGIN" -H "$LOGIN"
|
||
echo "$LOGIN:$PASS" | chpasswd
|
||
addgroup $LOGIN tildeusers
|
||
|
||
# 2. Dataset ZFS (quota 200 MB)
|
||
zfs create -o mountpoint="/home/$LOGIN" -o quota=200M tank/ROOT/homes/$LOGIN
|
||
chown $LOGIN:$LOGIN /home/$LOGIN
|
||
cat "export EDITOR=nvim" >> "/home/$LOGIN/.ashrc"
|
||
|
||
|
||
setup_neomutt
|
||
setup_tmux
|
||
setup_gemini
|
||
|
||
cp -r /root/helpers/public_html "/home/$LOGIN/"
|
||
sed -i "s/<<USER>>/$LOGIN/g" "/home/$LOGIN/"public_html/index.php
|
||
sed -i "s/<<USER>>/$LOGIN/g" "/home/$LOGIN/"public_html/parts/header.php
|
||
sed -i "s/<<USER>>/$LOGIN/g" "/home/$LOGIN/"public_html/blog/index.php
|
||
|
||
mkdir -p "/home/$LOGIN/".config/weechat/
|
||
|
||
cp /root/helpers/irc.conf "/home/$LOGIN/".config/weechat
|
||
|
||
|
||
cat << EOF > "/home/$LOGIN/.profile"
|
||
if [ -z "\$TMUX" ]; then
|
||
exec tmux attach -t main || exec tmux new -s main
|
||
fi
|
||
EOF
|
||
|
||
|
||
# 3. Cgroup v2
|
||
CG_ROOT=/sys/fs/cgroup/users
|
||
mkdir -p "$CG_ROOT"
|
||
# upewnij się, że kontrolery włączone w parent „users”
|
||
echo "+cpu +memory" > "$CG_ROOT/cgroup.subtree_control" 2>/dev/null || true
|
||
|
||
USER_CG="$CG_ROOT/$LOGIN"
|
||
mkdir "$USER_CG"
|
||
|
||
mkdir -p "/home/$LOGIN/.ssh"
|
||
mkdir -p "/home/$LOGIN/.gnupg"
|
||
touch "/home/$LOGIN/public_html/.webring"
|
||
|
||
chmod 0700 "/home/$LOGIN/.ssh"
|
||
chmod 0700 "/home/$LOGIN/.gnupg"
|
||
|
||
chown -R "$LOGIN":"$LOGIN" "/home/$LOGIN/"
|
||
|
||
curl -X POST https://cloud.tylda.org/ocs/v1.php/cloud/users -d userid="$LOGIN" -d password="$PASS" -H "OCS-APIRequest: true" -u "$NEXTCLOUD_USER:$NEXTCLOUD_PASS"
|
||
curl -X PUT "https://cloud.tylda.org/ocs/v1.php/cloud/users/$LOGIN" -H "OCS-APIRequest: true" -u "$NEXTCLOUD_USER:$NEXTCLOUD_PASS" -d key="quota" -d value="250MB"
|
||
|
||
cp welcome_tmp.txt welcome.txt
|
||
|
||
echo "Login: $LOGIN" >> welcome.txt
|
||
echo "Hasło: $PASS" >> welcome.txt
|
||
|
||
sendmail -f v0id1st@tylda.org "$LOGIN@tylda.org" < welcome.txt
|
||
|
||
rm -f welcome.txt
|
||
|
||
echo 524288000 > "$USER_CG/memory.max" # 500 MB RAM
|
||
echo "50000 100000" > "$USER_CG/cpu.max" # 50 % CPU (quota/period μs)
|
||
|
||
echo "===== NOWE KONTO ====="
|
||
echo "login : $LOGIN"
|
||
echo "hasło : $PASS"
|
||
echo "RAM : 500 MB"
|
||
echo "CPU : 50 %"
|