freedombone/src/freedombone-adduser

#!/bin/bash
MY_USERNAME=$1
SSH_PUBLIC_KEY=$2
GPG_KEYSERVER='hkp://keys.gnupg.net'
SSH_PORT=2222
COMPLETION_FILE=$HOME/freedombone-completed.txt

if [ ! $MY_USERNAME ]; then
    echo 'No username was given'
    exit 1
fi

if [ -d /home/$MY_USERNAME ]; then
    echo "The user $MY_USERNAME already exists"
    exit 2
fi

if [ ! -f $COMPLETION_FILE ]; then
    echo "$COMPLETION_FILE not found"
    userdel -r $MY_USERNAME
    exit 3
fi

NEW_USER_PASSWORD="$(openssl rand -base64 10 | cut -c1-8)"
useradd -m -p "$NEW_USER_PASSWORD" -s /bin/bash $MY_USERNAME
adduser $MY_USERNAME sasl

if [ ! -d /home/$MY_USERNAME ]; then
    echo 'Home directory was not created'
    exit 4
fi

if [ $2 ]; then
    if [ -f $SSH_PUBLIC_KEY ]; then
        mkdir /home/$MY_USERNAME/.ssh
        cp $SSH_PUBLIC_KEY /home/$MY_USERNAME/.ssh/authorized_keys
        echo 'ssh public key installed'
    else
        if [[ $SSH_PUBLIC_KEY == "ssh-"* ]]; then
            mkdir /home/$MY_USERNAME/.ssh
            echo $SSH_PUBLIC_KEY > /home/$MY_USERNAME/.ssh/authorized_keys
            echo 'ssh public key installed'
        else
            echo 'The second parameter does not look like an ssh key'
            exit 5
        fi
    fi
fi

if [ ! -d /home/$MY_USERNAME/Maildir ]; then
    echo 'Email directory was not created'
    userdel -r $MY_USERNAME
    exit 6
fi

if grep -q "set from=" /home/$MY_USERNAME/.muttrc; then
    sed -i "s|set from=.*|set from='$MY_USERNAME <$MY_USERNAME@$HOSTNAME>'|g" /home/$MY_USERNAME/.muttrc
else
    echo "set from='$MY_USERNAME <$MY_USERNAME@$HOSTNAME>'" >> /home/$MY_USERNAME/.muttrc
fi

USERN='$USER@'
sed -i "s|$USERN|$MY_USERNAME@|g" /home/$MY_USERNAME/.procmailrc

# generate a gpg key
echo "Making a GPG key for $MY_USERNAME@$HOSTNAME"
mkdir /home/$MY_USERNAME/.gnupg
echo "keyserver $GPG_KEYSERVER" >> /home/$MY_USERNAME/.gnupg/gpg.conf
echo 'keyserver-options auto-key-retrieve' >> /home/$MY_USERNAME/.gnupg/gpg.conf
echo '' >> /home/$MY_USERNAME/.gnupg/gpg.conf
echo '# default preferences' >> /home/$MY_USERNAME/.gnupg/gpg.conf
echo 'personal-digest-preferences SHA256' >> /home/$MY_USERNAME/.gnupg/gpg.conf
echo 'cert-digest-algo SHA256' >> /home/$MY_USERNAME/.gnupg/gpg.conf
echo 'default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed' >> /home/$MY_USERNAME/.gnupg/gpg.conf

chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
chmod 700 /home/$MY_USERNAME/.gnupg
chmod 600 /home/$MY_USERNAME/.gnupg/*

# Generate a GPG key
echo 'Key-Type: 1' > /home/$MY_USERNAME/gpg-genkey.conf
echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
echo 'Subkey-Type: 1' >> /home/$MY_USERNAME/gpg-genkey.conf
echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
echo "Name-Real:  $MY_USERNAME" >> /home/$MY_USERNAME/gpg-genkey.conf
echo "Name-Email: $MY_USERNAME@$HOSTNAME" >> /home/$MY_USERNAME/gpg-genkey.conf
echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
su -c "gpg --batch --gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME
shred -zu /home/$MY_USERNAME/gpg-genkey.conf
MY_GPG_PUBLIC_KEY_ID=$(su -c "gpg --list-keys $MY_USERNAME@$HOSTNAME | grep 'pub '" - $MY_USERNAME | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}')
MY_GPG_PUBLIC_KEY=/home/$MY_USERNAME/public_key.gpg
su -c "gpg --output $MY_GPG_PUBLIC_KEY --armor --export $MY_GPG_PUBLIC_KEY_ID" - $MY_USERNAME

if [ ! -f $MY_GPG_PUBLIC_KEY ]; then
    echo "GPG public key was not generated for $MY_USERNAME@$HOSTNAME $MY_GPG_PUBLIC_KEY_ID"
    userdel -r $MY_USERNAME
    exit 7
fi

# encrypt outgoing mail to the "sent" folder
if ! grep -q "pgp_encrypt_only_command" /home/$MY_USERNAME/.muttrc; then
    echo '' >> /home/$MY_USERNAME/.muttrc
    echo '# Encrypt items in the Sent folder' >> /home/$MY_USERNAME/.muttrc
    echo "set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$MY_USERNAME/.muttrc
else
    sed -i "s|set pgp_encrypt_only_command.*|set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" /home/$MY_USERNAME/.muttrc
fi

if ! grep -q "pgp_encrypt_sign_command" /home/$MY_USERNAME/.muttrc; then
    echo "set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$MY_USERNAME/.muttrc
else
    sed -i "s|set pgp_encrypt_sign_command.*|set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" /home/$MY_USERNAME/.muttrc
fi

if ! grep -q "Change your GPG password" /home/$MY_USERNAME/README; then
    echo '' >> /home/$MY_USERNAME/README
    echo '' >> /home/$MY_USERNAME/README
    echo 'Change your GPG password' >> /home/$MY_USERNAME/README
    echo '========================' >> /home/$MY_USERNAME/README
    echo "It's very important to add a password to your GPG key so that" >> /home/$MY_USERNAME/README
    echo "if anyone does get access to your email they still won't be able" >> /home/$MY_USERNAME/README
    echo 'to read them without knowning the GPG password.' >> /home/$MY_USERNAME/README
    echo 'You can change the it with:' >> /home/$MY_USERNAME/README
    echo '' >> /home/$MY_USERNAME/README
    echo "  gpg --edit-key $MY_GPG_PUBLIC_KEY_ID" >> /home/$MY_USERNAME/README
    echo '  passwd' >> /home/$MY_USERNAME/README
    echo '  save' >> /home/$MY_USERNAME/README
    echo '  quit' >> /home/$MY_USERNAME/README
fi

if ! grep -q "Publish your GPG public key" /home/$MY_USERNAME/README; then
    echo '' >> /home/$MY_USERNAME/README
    echo '' >> /home/$MY_USERNAME/README
    echo 'Publish your GPG public key' >> /home/$MY_USERNAME/README
    echo '===========================' >> /home/$MY_USERNAME/README
    echo 'So that others can send emails to you securely you should' >> /home/$MY_USERNAME/README
    echo 'publish your GPG public key with the command:' >> /home/$MY_USERNAME/README
    echo '' >> /home/$MY_USERNAME/README
    echo "  gpg --send-keys $MY_GPG_PUBLIC_KEY_ID" >> /home/$MY_USERNAME/README
fi

chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
chown $MY_USERNAME:$MY_USERNAME $MY_GPG_PUBLIC_KEY
chmod 600 /home/$MY_USERNAME/README

echo "Adding an XMPP account for $MY_USERNAME"
freedombone-addxmpp -e "$MY_USERNAME@$HOSTNAME" -p "$NEW_USER_PASSWORD"
if [ ! "$?" = "0" ]; then
    echo "XMPP account not created"
    userdel -r $MY_USERNAME
    exit 8
fi

if grep -q "Blog domain" $COMPLETION_FILE; then
    FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Blog domain" | awk -F ':' '{print $2}')
    if [ ! -d /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users ]; then
        echo 'Blog users directory not found'
        userdel -r $MY_USERNAME
        exit 9
    fi
    echo ';Password' > /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
    echo "password = '$NEW_USER_PASSWORD'" >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
    echo 'encryption = clear' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
    echo ';Role' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
    echo 'role = admin' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
    echo "$MY_USERNAME added as a blog user"
fi

clear
echo "New user $MY_USERNAME was created"
echo "Their login password is $NEW_USER_PASSWORD"
echo ''
echo 'IMPORTANT: Make a note of the password, because it will not be saved'
echo 'anywhere else. Preferably give it to them in person on paper or via'
echo 'a secure channel, not in an unencrypted email.'
echo ''
echo "They can download their GPG keys with:"
echo ''
echo "    scp -P $SSH_PORT -r $MY_USERNAME@$HOSTNAME:/home/$MY_USERNAME/.gnupg ~/"
echo ''
echo 'They should also run freedombone-client on their system to ensure'
echo 'the best security.'

exit 0
Command to add a new user 2015-10-26 15:25:58 +01:00			`#!/bin/bash`
			`MY_USERNAME=$1`
Specify an ssh public key when adding new user 2015-10-29 10:37:27 +01:00			`SSH_PUBLIC_KEY=$2`
Command to add a new user 2015-10-26 15:25:58 +01:00			`GPG_KEYSERVER='hkp://keys.gnupg.net'`
			`SSH_PORT=2222`
Adding and removing blog users 2015-10-27 11:50:41 +01:00			`COMPLETION_FILE=$HOME/freedombone-completed.txt`
Command to add a new user 2015-10-26 15:25:58 +01:00
			`if [ ! $MY_USERNAME ]; then`
			`echo 'No username was given'`
Check that public key was generated 2015-10-26 18:21:38 +01:00			`exit 1`
Command to add a new user 2015-10-26 15:25:58 +01:00			`fi`

			`if [ -d /home/$MY_USERNAME ]; then`
			`echo "The user $MY_USERNAME already exists"`
Check that public key was generated 2015-10-26 18:21:38 +01:00			`exit 2`
Command to add a new user 2015-10-26 15:25:58 +01:00			`fi`

Adding and removing blog users 2015-10-27 11:50:41 +01:00			`if [ ! -f $COMPLETION_FILE ]; then`
			`echo "$COMPLETION_FILE not found"`
			`userdel -r $MY_USERNAME`
			`exit 3`
			`fi`

Command to add a new user 2015-10-26 15:25:58 +01:00			`NEW_USER_PASSWORD="$(openssl rand -base64 10 \| cut -c1-8)"`
			`useradd -m -p "$NEW_USER_PASSWORD" -s /bin/bash $MY_USERNAME`
			`adduser $MY_USERNAME sasl`

			`if [ ! -d /home/$MY_USERNAME ]; then`
Check that public key was generated 2015-10-26 18:21:38 +01:00			`echo 'Home directory was not created'`
Adding and removing blog users 2015-10-27 11:50:41 +01:00			`exit 4`
Command to add a new user 2015-10-26 15:25:58 +01:00			`fi`

Specify an ssh public key when adding new user 2015-10-29 10:37:27 +01:00			`if [ $2 ]; then`
			`if [ -f $SSH_PUBLIC_KEY ]; then`
			`mkdir /home/$MY_USERNAME/.ssh`
			`cp $SSH_PUBLIC_KEY /home/$MY_USERNAME/.ssh/authorized_keys`
			`echo 'ssh public key installed'`
			`else`
			`if [[ $SSH_PUBLIC_KEY == "ssh-"* ]]; then`
			`mkdir /home/$MY_USERNAME/.ssh`
			`echo $SSH_PUBLIC_KEY > /home/$MY_USERNAME/.ssh/authorized_keys`
			`echo 'ssh public key installed'`
			`else`
			`echo 'The second parameter does not look like an ssh key'`
			`exit 5`
			`fi`
			`fi`
			`fi`

Command to add a new user 2015-10-26 15:25:58 +01:00			`if [ ! -d /home/$MY_USERNAME/Maildir ]; then`
Check that public key was generated 2015-10-26 18:21:38 +01:00			`echo 'Email directory was not created'`
			`userdel -r $MY_USERNAME`
Specify an ssh public key when adding new user 2015-10-29 10:37:27 +01:00			`exit 6`
Command to add a new user 2015-10-26 15:25:58 +01:00			`fi`

Encrypt sent items 2015-10-26 20:16:26 +01:00			`if grep -q "set from=" /home/$MY_USERNAME/.muttrc; then`
			`sed -i "s\|set from=.*\|set from='$MY_USERNAME <$MY_USERNAME@$HOSTNAME>'\|g" /home/$MY_USERNAME/.muttrc`
			`else`
			`echo "set from='$MY_USERNAME <$MY_USERNAME@$HOSTNAME>'" >> /home/$MY_USERNAME/.muttrc`
			`fi`

Username 2015-10-27 20:05:29 +01:00			`USERN='$USER@'`
			`sed -i "s\|$USERN\|$MY_USERNAME@\|g" /home/$MY_USERNAME/.procmailrc`
Skeleton for procmailrc 2015-10-26 21:22:59 +01:00
Command to add a new user 2015-10-26 15:25:58 +01:00			`# generate a gpg key`
			`echo "Making a GPG key for $MY_USERNAME@$HOSTNAME"`
			`mkdir /home/$MY_USERNAME/.gnupg`
			`echo "keyserver $GPG_KEYSERVER" >> /home/$MY_USERNAME/.gnupg/gpg.conf`
			`echo 'keyserver-options auto-key-retrieve' >> /home/$MY_USERNAME/.gnupg/gpg.conf`
			`echo '' >> /home/$MY_USERNAME/.gnupg/gpg.conf`
			`echo '# default preferences' >> /home/$MY_USERNAME/.gnupg/gpg.conf`
			`echo 'personal-digest-preferences SHA256' >> /home/$MY_USERNAME/.gnupg/gpg.conf`
			`echo 'cert-digest-algo SHA256' >> /home/$MY_USERNAME/.gnupg/gpg.conf`
			`echo 'default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed' >> /home/$MY_USERNAME/.gnupg/gpg.conf`

			`chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg`
			`chmod 700 /home/$MY_USERNAME/.gnupg`
			`chmod 600 /home/$MY_USERNAME/.gnupg/*`

			`# Generate a GPG key`
			`echo 'Key-Type: 1' > /home/$MY_USERNAME/gpg-genkey.conf`
			`echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf`
			`echo 'Subkey-Type: 1' >> /home/$MY_USERNAME/gpg-genkey.conf`
			`echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf`
			`echo "Name-Real: $MY_USERNAME" >> /home/$MY_USERNAME/gpg-genkey.conf`
			`echo "Name-Email: $MY_USERNAME@$HOSTNAME" >> /home/$MY_USERNAME/gpg-genkey.conf`
			`echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf`
			`chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf`
			`su -c "gpg --batch --gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME`
			`shred -zu /home/$MY_USERNAME/gpg-genkey.conf`
			`MY_GPG_PUBLIC_KEY_ID=$(su -c "gpg --list-keys $MY_USERNAME@$HOSTNAME \| grep 'pub '" - $MY_USERNAME \| awk -F ' ' '{print $2}' \| awk -F '/' '{print $2}')`
Check that public key was generated 2015-10-26 18:21:38 +01:00			`MY_GPG_PUBLIC_KEY=/home/$MY_USERNAME/public_key.gpg`
Command to add a new user 2015-10-26 15:25:58 +01:00			`su -c "gpg --output $MY_GPG_PUBLIC_KEY --armor --export $MY_GPG_PUBLIC_KEY_ID" - $MY_USERNAME`

Check that public key was generated 2015-10-26 18:21:38 +01:00			`if [ ! -f $MY_GPG_PUBLIC_KEY ]; then`
			`echo "GPG public key was not generated for $MY_USERNAME@$HOSTNAME $MY_GPG_PUBLIC_KEY_ID"`
			`userdel -r $MY_USERNAME`
Specify an ssh public key when adding new user 2015-10-29 10:37:27 +01:00			`exit 7`
Check that public key was generated 2015-10-26 18:21:38 +01:00			`fi`

Encrypt sent items 2015-10-26 20:16:26 +01:00			`# encrypt outgoing mail to the "sent" folder`
			`if ! grep -q "pgp_encrypt_only_command" /home/$MY_USERNAME/.muttrc; then`
			`echo '' >> /home/$MY_USERNAME/.muttrc`
			`echo '# Encrypt items in the Sent folder' >> /home/$MY_USERNAME/.muttrc`
			`echo "set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$MY_USERNAME/.muttrc`
			`else`
			`sed -i "s\|set pgp_encrypt_only_command.*\|set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"\|g" /home/$MY_USERNAME/.muttrc`
			`fi`

			`if ! grep -q "pgp_encrypt_sign_command" /home/$MY_USERNAME/.muttrc; then`
			`echo "set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$MY_USERNAME/.muttrc`
			`else`
			`sed -i "s\|set pgp_encrypt_sign_command.*\|set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"\|g" /home/$MY_USERNAME/.muttrc`
			`fi`

Command to add a new user 2015-10-26 15:25:58 +01:00			`if ! grep -q "Change your GPG password" /home/$MY_USERNAME/README; then`
			`echo '' >> /home/$MY_USERNAME/README`
			`echo '' >> /home/$MY_USERNAME/README`
			`echo 'Change your GPG password' >> /home/$MY_USERNAME/README`
			`echo '========================' >> /home/$MY_USERNAME/README`
			`echo "It's very important to add a password to your GPG key so that" >> /home/$MY_USERNAME/README`
			`echo "if anyone does get access to your email they still won't be able" >> /home/$MY_USERNAME/README`
			`echo 'to read them without knowning the GPG password.' >> /home/$MY_USERNAME/README`
			`echo 'You can change the it with:' >> /home/$MY_USERNAME/README`
			`echo '' >> /home/$MY_USERNAME/README`
			`echo " gpg --edit-key $MY_GPG_PUBLIC_KEY_ID" >> /home/$MY_USERNAME/README`
			`echo ' passwd' >> /home/$MY_USERNAME/README`
			`echo ' save' >> /home/$MY_USERNAME/README`
			`echo ' quit' >> /home/$MY_USERNAME/README`
			`fi`

			`if ! grep -q "Publish your GPG public key" /home/$MY_USERNAME/README; then`
			`echo '' >> /home/$MY_USERNAME/README`
			`echo '' >> /home/$MY_USERNAME/README`
			`echo 'Publish your GPG public key' >> /home/$MY_USERNAME/README`
			`echo '===========================' >> /home/$MY_USERNAME/README`
			`echo 'So that others can send emails to you securely you should' >> /home/$MY_USERNAME/README`
			`echo 'publish your GPG public key with the command:' >> /home/$MY_USERNAME/README`
			`echo '' >> /home/$MY_USERNAME/README`
			`echo " gpg --send-keys $MY_GPG_PUBLIC_KEY_ID" >> /home/$MY_USERNAME/README`
			`fi`

			`chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README`
Check that public key was generated 2015-10-26 18:21:38 +01:00			`chown $MY_USERNAME:$MY_USERNAME $MY_GPG_PUBLIC_KEY`
Command to add a new user 2015-10-26 15:25:58 +01:00			`chmod 600 /home/$MY_USERNAME/README`

			`echo "Adding an XMPP account for $MY_USERNAME"`
Password option 2015-10-26 18:07:40 +01:00			`freedombone-addxmpp -e "$MY_USERNAME@$HOSTNAME" -p "$NEW_USER_PASSWORD"`
Check return code 2015-10-26 18:25:59 +01:00			`if [ ! "$?" = "0" ]; then`
			`echo "XMPP account not created"`
			`userdel -r $MY_USERNAME`
Specify an ssh public key when adding new user 2015-10-29 10:37:27 +01:00			`exit 8`
Adding and removing blog users 2015-10-27 11:50:41 +01:00			`fi`

			`if grep -q "Blog domain" $COMPLETION_FILE; then`
			`FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE \| grep "Blog domain" \| awk -F ':' '{print $2}')`
			`if [ ! -d /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users ]; then`
			`echo 'Blog users directory not found'`
			`userdel -r $MY_USERNAME`
Specify an ssh public key when adding new user 2015-10-29 10:37:27 +01:00			`exit 9`
Adding and removing blog users 2015-10-27 11:50:41 +01:00			`fi`
			`echo ';Password' > /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini`
			`echo "password = '$NEW_USER_PASSWORD'" >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini`
			`echo 'encryption = clear' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini`
			`echo ';Role' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini`
			`echo 'role = admin' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini`
			`echo "$MY_USERNAME added as a blog user"`
Check return code 2015-10-26 18:25:59 +01:00			`fi`
Command to add a new user 2015-10-26 15:25:58 +01:00
			`clear`
			`echo "New user $MY_USERNAME was created"`
			`echo "Their login password is $NEW_USER_PASSWORD"`
			`echo ''`
			`echo 'IMPORTANT: Make a note of the password, because it will not be saved'`
			`echo 'anywhere else. Preferably give it to them in person on paper or via'`
			`echo 'a secure channel, not in an unencrypted email.'`
			`echo ''`
			`echo "They can download their GPG keys with:"`
			`echo ''`
			`echo " scp -P $SSH_PORT -r $MY_USERNAME@$HOSTNAME:/home/$MY_USERNAME/.gnupg ~/"`
			`echo ''`
			`echo 'They should also run freedombone-client on their system to ensure'`
			`echo 'the best security.'`

			`exit 0`