vhost-stack/bin/vhost-user-add.sh

122 lines
4.4 KiB
Bash
Raw Permalink Normal View History

2021-04-04 13:28:22 -07:00
#!/bin/bash
#
# vhost-stack
# https://git.stack-source.com/msb/vhost-stack
2022-08-22 13:22:16 -07:00
# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
2021-04-04 13:28:22 -07:00
2021-04-04 14:15:16 -07:00
# load include file
source $(dirname $0)/vhost.sh
2021-04-04 13:28:22 -07:00
2021-09-16 16:21:35 -07:00
help()
{
thisfilename=$(basename -- "$0")
echo "Add system user to server."
echo ""
2023-05-04 17:15:27 -07:00
echo "usage: $thisfilename -u <username> [-p <password> [-i <uid>] [-x <fpmmax>] [-w <0|1>] [-h]"
2021-09-16 16:21:35 -07:00
echo ""
echo " -h Print this help."
2024-05-16 11:01:35 -07:00
echo " -u <username> System username to add to server."
2021-10-05 11:33:24 -07:00
echo " -p <password> Password for username. Optional, random password generated if none specified."
echo " -i <uid> Numberic User ID to assign to user. Optional, next available uid set if none specified."
echo " -x <fpmmax> PHP-FPM pm.max_children. Optional, defaults to 4, recommended range 2-12 on Shared Server."
2023-05-04 17:15:27 -07:00
echo " -w <0|1> Write user info to /home/username/.passwd. 0 = no, 1 = yes. Default is 1, which can be overridden in main config."
2021-09-16 16:21:35 -07:00
exit
}
2021-10-05 11:33:24 -07:00
vhost:getoptions "$@"
# check for username
if [ -z "$username" ]; then
2021-04-04 13:28:22 -07:00
echo "username not set"
exit 1
fi
2021-09-16 16:21:35 -07:00
# generate password if none specified
2021-10-05 11:33:24 -07:00
if [ -z "$password" ]; then
2021-09-16 16:21:35 -07:00
password=`/usr/bin/pwgen 12 1`
2021-04-04 13:28:22 -07:00
fi
2023-05-04 17:15:27 -07:00
# check for and set write option
if [[ -z $write ]]; then
write=$WRITE_INFO
fi
2021-09-16 16:21:35 -07:00
# get next UID if none specified
2021-10-05 11:33:24 -07:00
if [ -z "$uid" ]; then
uid=`awk -F: '{uid[$3]=1}END{for(x=1000; x<=65534; x++) {if(uid[x] != ""){}else{print x; exit;}}}' /etc/passwd`
2021-04-04 13:28:22 -07:00
fi
2021-09-16 16:21:35 -07:00
# user & related files are only added if they don't already exist
# in this way it's safe to repeatedly try to add the same user
2021-04-04 13:28:22 -07:00
if ! /bin/grep -q "^$username:" /etc/passwd; then
2021-10-05 11:33:24 -07:00
newusers="$username:$password:$uid:$uid::/home/$username:/bin/bash"
2021-04-04 13:28:22 -07:00
echo "$newusers"|newusers
pwck -s
grpck -s
fi
if [[ ! -d "/home/$username" ]]; then
install -d -o $username -g $username -m 755 /home/$username
else
chown -R $username:$username /home/$username
fi
if [[ ! -f "/home/$username/.bash_logout" ]]; then
install -o $username -g $username -m 640 /etc/skel/.bash_logout /home/$username
fi
if [[ ! -f "/home/$username/.bashrc" ]]; then
install -o $username -g $username -m 640 /etc/skel/.bashrc /home/$username
echo '' >> /home/$username/.bashrc
echo '# local settings' >> /home/$username/.bashrc
echo '' >> /home/$username/.bashrc
echo 'export TERM=xterm-256color' >> /home/$username/.bashrc
echo '' >> /home/$username/.bashrc
echo 'command_not_found_handle () {' >> /home/$username/.bashrc
2021-04-22 13:17:36 -07:00
echo ' /usr/local/libexec/command-not-found-handle $@' >> /home/$username/.bashrc
2021-04-04 13:28:22 -07:00
echo ' return 127' >> /home/$username/.bashrc
echo '}' >> /home/$username/.bashrc
fi
if [[ ! -f "/home/$username/.profile" ]]; then
install -o $username -g $username -m 640 /etc/skel/.profile /home/$username
fi
2023-05-04 17:15:27 -07:00
if [[ $write == 1 ]]; then
2023-03-30 14:57:56 -07:00
vhost::set-opensslpass
encryptedpass=`echo -n "$password" | openssl aes-256-cbc -a -salt -pass pass:$opensslpass -pbkdf2`
userpasswdinfo="$username:$encryptedpass:$uid:$uid::/home/$username:/bin/bash"
2023-05-04 17:15:27 -07:00
if [[ -f "/home/$username/.passwd" ]]; then
chmod 640 /home/$username/.passwd
else
2023-03-30 14:57:56 -07:00
install -o $username -g $username -m 640 /dev/null /home/$username/.passwd
2021-10-02 14:59:01 -07:00
fi
2023-05-04 17:15:27 -07:00
echo "$userpasswdinfo" > /home/$username/.passwd
2021-10-02 14:59:01 -07:00
fi
# php-fpm pool
2024-09-18 12:35:55 -07:00
# vhost::set-phpVersion
vhost::set-phpVersionArray
for phpVersion in "${phpVersionArray[@]}"
do
if [[ ! -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
# create /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "[$username]" > /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "user = $username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "group = $username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "listen = /run/php/php$phpVersion-fpm-$username.sock" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "listen.owner = www-data" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "listen.group = www-data" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "pm = ondemand" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
# check for and set php-fpm process manager max children
if [[ -z $fpmmax ]]; then
fpmmax=$FPM_MAX
fi
echo "pm.max_children = $fpmmax" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "pm.process_idle_timeout = 3s;" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
fi
2024-09-18 12:35:55 -07:00
done