garbash-config

etc files for garbash tilde
git clone git://git.alexkarle.com.com/garbash-config
Log | Files | Refs | README | LICENSE

newuser (1640B) [raw]


      1 #!/bin/sh
      2 set -e
      3 die() {
      4     echo "$*" 1>&2
      5     exit 1
      6 }
      7 
      8 [ -z "$1" ] && die "usage: newuser USERNAME AUTHORIZED_KEYS"
      9 [ -z "$2" ] && die "usage: newuser USERNAME AUTHORIZED_KEYS"
     10 [ ! -f "$2" ] && die "$2 is not a file"
     11 
     12 [ "$USER" != "root" ] && die "must be run as root"
     13 
     14 # 1. Create account with `adduser`
     15 #     - Add to wsrc to regen git index, wobj for building /usr/src
     16 USERNAME="$1"
     17 PASS=$(openssl rand -hex 8)
     18 adduser -unencrypted -group "$USERNAME" -batch "$USERNAME" "wsrc,wobj" "$USERNAME" "$PASS" \
     19     -message /etc/skel/README.txt
     20 
     21 # Add SSH keys
     22 cat "$2" >"/home/$USERNAME/.ssh/authorized_keys"
     23 
     24 # 2. Send welcome email (TODO)
     25 #     - could just have a README.txt in /etc/skel
     26 #     - maybe email too?
     27 mail -s "Welcome to garbash.com [READ ME FIRST!]" "$USERNAME" < /etc/skel/README.txt
     28 
     29 # 3. Add soju user -- either via sojuctl && restart 
     30 echo "$PASS" | doas -u _soju sojuctl -config /home/_soju/soju.cfg create-user "$USERNAME"
     31 rcctl restart soju
     32 
     33 # 4. Add wg config via wggen
     34 wggen "$USERNAME"
     35 mail -s "Your wireguard info" "$USERNAME" < "/etc/wg/$USERNAME/client.conf"
     36 
     37 # 5. Create git dir for them (and chown it) in /var/git
     38 mkdir "/var/git/$USERNAME"
     39 chown "$USERNAME:$USERNAME" "/var/git/$USERNAME"
     40 
     41 # 6. Add them to mailing lists
     42 sed -i \
     43     -e "s/^announce: /&$USERNAME, /" \
     44     -e "s/^dev: /&$USERNAME, /" \
     45     -e "s/^bugs: /&$USERNAME, /" \
     46     -e "s/^misc: /&$USERNAME, /" /etc/mail/aliases
     47 newaliases
     48 
     49 # 7. Create a /var/www/htdocs webhosting site
     50 mkdir "/var/www/htdocs/~$USERNAME"
     51 chown "$USERNAME:$USERNAME" "/var/www/htdocs/~$USERNAME"
     52 
     53 echo "Password: $PASS" | mail -s "Your Inital Password [CHANGEME]"