420 lines
18 KiB
Bash
Executable File
420 lines
18 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# .---. . .
|
|
# | | |
|
|
# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
|
|
# | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
|
|
# ' ' --' --' -' - -' ' ' -' -' -' ' - --'
|
|
#
|
|
# Freedom in the Cloud
|
|
#
|
|
|
|
# Adds an user to the system
|
|
|
|
# License
|
|
# =======
|
|
#
|
|
# Copyright (C) 2015-2016 Bob Mottram <bob@robotics.uk.to>
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU Affero General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU Affero General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
PROJECT_NAME='freedombone'
|
|
|
|
export TEXTDOMAIN=${PROJECT_NAME}-adduser
|
|
export TEXTDOMAINDIR="/usr/share/locale"
|
|
|
|
CONFIGURATION_FILE=/root/${PROJECT_NAME}.cfg
|
|
|
|
MY_USERNAME=$1
|
|
SSH_PUBLIC_KEY="$2"
|
|
GPG_KEYSERVER='hkp://keys.gnupg.net'
|
|
SSH_PORT=2222
|
|
COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
|
|
SIP_EXTENSION=
|
|
FULLBLOG_DOMAIN_NAME=
|
|
DEFAULT_DOMAIN_NAME=
|
|
|
|
if [ ! $MY_USERNAME ]; then
|
|
echo $'No username was given'
|
|
exit 1
|
|
fi
|
|
|
|
if [ -d /home/$MY_USERNAME ]; then
|
|
echo $"The user $MY_USERNAME already exists"
|
|
exit 2
|
|
fi
|
|
|
|
if [ ! -f $COMPLETION_FILE ]; then
|
|
echo $"$COMPLETION_FILE not found"
|
|
userdel -r $MY_USERNAME
|
|
exit 3
|
|
fi
|
|
|
|
# Minimum number of characters in a password
|
|
MINIMUM_PASSWORD_LENGTH=10
|
|
if [ -f /usr/local/bin/${PROJECT_NAME} ]; then
|
|
MINIMUM_PASSWORD_LENGTH=$(cat /usr/local/bin/${PROJECT_NAME} | grep 'MINIMUM_PASSWORD_LENGTH=' | head -n 1 | awk -F '=' '{print $2}')
|
|
else
|
|
if [ -f /usr/bin/${PROJECT_NAME} ]; then
|
|
MINIMUM_PASSWORD_LENGTH=$(cat /usr/bin/${PROJECT_NAME} | grep 'MINIMUM_PASSWORD_LENGTH=' | head -n 1 | awk -F '=' '{print $2}')
|
|
fi
|
|
fi
|
|
|
|
NEW_USER_PASSWORD="$(openssl rand -base64 30 | cut -c1-${MINIMUM_PASSWORD_LENGTH})"
|
|
useradd -m -p "$NEW_USER_PASSWORD" -s /bin/bash $MY_USERNAME
|
|
adduser $MY_USERNAME sasl
|
|
|
|
if [ ! -d /home/$MY_USERNAME ]; then
|
|
echo $'Home directory was not created'
|
|
exit 4
|
|
fi
|
|
|
|
if [ "$SSH_PUBLIC_KEY" ]; then
|
|
if [ ${#SSH_PUBLIC_KEY} -gt 5 ]; then
|
|
if [ -f "$SSH_PUBLIC_KEY" ]; then
|
|
mkdir /home/$MY_USERNAME/.ssh
|
|
cp $SSH_PUBLIC_KEY /home/$MY_USERNAME/.ssh/authorized_keys
|
|
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
|
|
echo $'ssh public key installed'
|
|
else
|
|
if [[ "$SSH_PUBLIC_KEY" == "ssh-"* ]]; then
|
|
mkdir /home/$MY_USERNAME/.ssh
|
|
echo "$SSH_PUBLIC_KEY" > /home/$MY_USERNAME/.ssh/authorized_keys
|
|
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
|
|
echo $'ssh public key installed'
|
|
else
|
|
echo $'The second parameter does not look like an ssh key'
|
|
exit 5
|
|
fi
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
if [ -d /home/$MY_USERNAME/Maildir ]; then
|
|
if grep -q "set from=" /home/$MY_USERNAME/.muttrc; then
|
|
sed -i "s|set from=.*|set from='$MY_USERNAME <$MY_USERNAME@$HOSTNAME>'|g" /home/$MY_USERNAME/.muttrc
|
|
else
|
|
echo "set from='$MY_USERNAME <$MY_USERNAME@$HOSTNAME>'" >> /home/$MY_USERNAME/.muttrc
|
|
fi
|
|
|
|
USERN='$USER@'
|
|
sed -i "s|$USERN|$MY_USERNAME@|g" /home/$MY_USERNAME/.procmailrc
|
|
fi
|
|
|
|
# generate a gpg key
|
|
echo "Making a GPG key for $MY_USERNAME@$HOSTNAME"
|
|
mkdir /home/$MY_USERNAME/.gnupg
|
|
echo "keyserver $GPG_KEYSERVER" >> /home/$MY_USERNAME/.gnupg/gpg.conf
|
|
echo 'keyserver-options auto-key-retrieve' >> /home/$MY_USERNAME/.gnupg/gpg.conf
|
|
echo '' >> /home/$MY_USERNAME/.gnupg/gpg.conf
|
|
echo '# default preferences' >> /home/$MY_USERNAME/.gnupg/gpg.conf
|
|
echo 'personal-digest-preferences SHA256' >> /home/$MY_USERNAME/.gnupg/gpg.conf
|
|
echo 'cert-digest-algo SHA256' >> /home/$MY_USERNAME/.gnupg/gpg.conf
|
|
echo 'default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed' >> /home/$MY_USERNAME/.gnupg/gpg.conf
|
|
|
|
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
|
|
chmod 700 /home/$MY_USERNAME/.gnupg
|
|
chmod 600 /home/$MY_USERNAME/.gnupg/*
|
|
|
|
# Generate a GPG key
|
|
echo 'Key-Type: 1' > /home/$MY_USERNAME/gpg-genkey.conf
|
|
echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
echo 'Subkey-Type: 1' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
echo "Name-Real: $MY_USERNAME" >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
echo "Name-Email: $MY_USERNAME@$HOSTNAME" >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
|
|
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
|
|
su -c "gpg --batch --gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME
|
|
shred -zu /home/$MY_USERNAME/gpg-genkey.conf
|
|
MY_GPG_PUBLIC_KEY_ID=$(su -c "gpg --list-keys $MY_USERNAME@$HOSTNAME | grep 'pub '" - $MY_USERNAME | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}')
|
|
MY_GPG_PUBLIC_KEY=/home/$MY_USERNAME/public_key.gpg
|
|
su -c "gpg --output $MY_GPG_PUBLIC_KEY --armor --export $MY_GPG_PUBLIC_KEY_ID" - $MY_USERNAME
|
|
|
|
if [ ! -f $MY_GPG_PUBLIC_KEY ]; then
|
|
echo "GPG public key was not generated for $MY_USERNAME@$HOSTNAME $MY_GPG_PUBLIC_KEY_ID"
|
|
userdel -r $MY_USERNAME
|
|
exit 7
|
|
fi
|
|
|
|
# add a monkeysphere subkey
|
|
su -c "monkeysphere gen-subkey $MY_GPG_PUBLIC_KEY_ID" - $MY_USERNAME
|
|
# add authorized GPG email address
|
|
mkdir /home/$MY_USERNAME/.monkeysphere
|
|
chmod 755 /home/$MY_USERNAME/.monkeysphere
|
|
echo "$MY_USERNAME <$MY_USERNAME@$HOSTNAME>" > /home/$MY_USERNAME/.monkeysphere/authorized_user_ids
|
|
chmod 644 /home/$MY_USERNAME/.monkeysphere/authorized_user_ids
|
|
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.monkeysphere
|
|
monkeysphere-authentication update-users
|
|
|
|
if [ -f /home/$MY_USERNAME/.muttrc ]; then
|
|
# encrypt outgoing mail to the "sent" folder
|
|
if ! grep -q "pgp_encrypt_only_command" /home/$MY_USERNAME/.muttrc; then
|
|
echo '' >> /home/$MY_USERNAME/.muttrc
|
|
echo $'# Encrypt items in the Sent folder' >> /home/$MY_USERNAME/.muttrc
|
|
echo "set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$MY_USERNAME/.muttrc
|
|
else
|
|
sed -i "s|set pgp_encrypt_only_command.*|set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" /home/$MY_USERNAME/.muttrc
|
|
fi
|
|
|
|
if ! grep -q "pgp_encrypt_sign_command" /home/$MY_USERNAME/.muttrc; then
|
|
echo "set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$MY_USERNAME/.muttrc
|
|
else
|
|
sed -i "s|set pgp_encrypt_sign_command.*|set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" /home/$MY_USERNAME/.muttrc
|
|
fi
|
|
fi
|
|
|
|
if ! grep -q "Change your GPG password" /home/$MY_USERNAME/README; then
|
|
echo '' >> /home/$MY_USERNAME/README
|
|
echo '' >> /home/$MY_USERNAME/README
|
|
echo $'Change your GPG password' >> /home/$MY_USERNAME/README
|
|
echo '========================' >> /home/$MY_USERNAME/README
|
|
echo $"It's very important to add a password to your GPG key so that" >> /home/$MY_USERNAME/README
|
|
echo $"if anyone does get access to your email they still won't be able" >> /home/$MY_USERNAME/README
|
|
echo $'to read them without knowning the GPG password.' >> /home/$MY_USERNAME/README
|
|
echo $'You can change the it with:' >> /home/$MY_USERNAME/README
|
|
echo '' >> /home/$MY_USERNAME/README
|
|
echo " gpg --edit-key $MY_GPG_PUBLIC_KEY_ID" >> /home/$MY_USERNAME/README
|
|
echo ' passwd' >> /home/$MY_USERNAME/README
|
|
echo ' save' >> /home/$MY_USERNAME/README
|
|
echo ' quit' >> /home/$MY_USERNAME/README
|
|
fi
|
|
|
|
if ! grep -q "Publish your GPG public key" /home/$MY_USERNAME/README; then
|
|
echo '' >> /home/$MY_USERNAME/README
|
|
echo '' >> /home/$MY_USERNAME/README
|
|
echo $'Publish your GPG public key' >> /home/$MY_USERNAME/README
|
|
echo '===========================' >> /home/$MY_USERNAME/README
|
|
echo $'So that others can send emails to you securely you should' >> /home/$MY_USERNAME/README
|
|
echo $'publish your GPG public key with the command:' >> /home/$MY_USERNAME/README
|
|
echo '' >> /home/$MY_USERNAME/README
|
|
echo " gpg --send-keys $MY_GPG_PUBLIC_KEY_ID" >> /home/$MY_USERNAME/README
|
|
fi
|
|
|
|
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
|
|
chown $MY_USERNAME:$MY_USERNAME $MY_GPG_PUBLIC_KEY
|
|
chmod 600 /home/$MY_USERNAME/README
|
|
|
|
if grep -q "install_xmpp" $COMPLETION_FILE; then
|
|
echo $"Adding an XMPP account for $MY_USERNAME"
|
|
${PROJECT_NAME}-addxmpp -e "$MY_USERNAME@$HOSTNAME" -p "$NEW_USER_PASSWORD"
|
|
if [ ! "$?" = "0" ]; then
|
|
echo $"XMPP account not created"
|
|
userdel -r $MY_USERNAME
|
|
exit 8
|
|
fi
|
|
fi
|
|
|
|
if grep -q "install_xmpp_client" $COMPLETION_FILE; then
|
|
echo $"Adding XMPP client setup"
|
|
XMPP_CLIENT_DIR=/home/$MY_USERNAME/.local/share/profanity
|
|
XMPP_CLIENT_ACCOUNTS=$XMPP_CLIENT_DIR/accounts
|
|
if [ ! -d $XMPP_CLIENT_DIR ]; then
|
|
mkdir -p $XMPP_CLIENT_DIR
|
|
fi
|
|
if [ ! -d /home/$MY_USERNAME/.config/profanity ]; then
|
|
mkdir -p /home/$MY_USERNAME/.config/profanity
|
|
fi
|
|
echo "[${MY_USERNAME}@${HOSTNAME}]" > $XMPP_CLIENT_ACCOUNTS
|
|
echo 'enabled=true' >> $XMPP_CLIENT_ACCOUNTS
|
|
echo "jid=${MY_USERNAME}@${HOSTNAME}" >> $XMPP_CLIENT_ACCOUNTS
|
|
echo 'resource=profanity' >> $XMPP_CLIENT_ACCOUNTS
|
|
echo "muc.service=conference.${HOSTNAME}" >> $XMPP_CLIENT_ACCOUNTS
|
|
echo "muc.nick=${MY_USERNAME}" >> $XMPP_CLIENT_ACCOUNTS
|
|
echo 'presence.last=online' >> $XMPP_CLIENT_ACCOUNTS
|
|
echo 'presence.login=online' >> $XMPP_CLIENT_ACCOUNTS
|
|
echo 'priority.online=0' >> $XMPP_CLIENT_ACCOUNTS
|
|
echo 'priority.chat=0' >> $XMPP_CLIENT_ACCOUNTS
|
|
echo 'priority.away=0' >> $XMPP_CLIENT_ACCOUNTS
|
|
echo 'priority.xa=0' >> $XMPP_CLIENT_ACCOUNTS
|
|
echo 'priority.dnd=0' >> $XMPP_CLIENT_ACCOUNTS
|
|
|
|
echo '[connection]' > /home/$MY_USERNAME/.config/profanity/profrc
|
|
echo "account=${MY_USERNAME}@${HOSTNAME}" >> /home/$MY_USERNAME/.config/profanity/profrc
|
|
|
|
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.local
|
|
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
|
|
fi
|
|
|
|
if grep -q "Blog domain" $COMPLETION_FILE; then
|
|
FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Blog domain" | awk -F ':' '{print $2}')
|
|
if [ ! -d /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users ]; then
|
|
echo $'Blog users directory not found'
|
|
if grep -q "install_xmpp" $COMPLETION_FILE; then
|
|
${PROJECT_NAME}-rmxmpp -e "$MY_USERNAME@$HOSTNAME"
|
|
fi
|
|
userdel -r $MY_USERNAME
|
|
exit 9
|
|
fi
|
|
NEW_USER_PASSWORD_HASH=$(freedombone-sec --bloghash "$NEW_USER_PASSWORD")
|
|
if [ ${#NEW_USER_PASSWORD_HASH} -lt 8 ]; then
|
|
echo $'Blog admin password could not be hashed'
|
|
exit 783528
|
|
fi
|
|
echo ';Password' > /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
|
|
echo "password = $NEW_USER_PASSWORD_HASH" >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
|
|
echo 'encryption = password_hash' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
|
|
echo ';Role' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
|
|
echo 'role = admin' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
|
|
echo "$MY_USERNAME added as a blog user"
|
|
fi
|
|
|
|
if grep -q "install_sip" $COMPLETION_FILE; then
|
|
SIP_EXTENSION=$(${PROJECT_NAME}-sipfreeext)
|
|
${PROJECT_NAME}-addsipuser -u $MY_USERNAME -e $SIP_EXTENSION -p "$NEW_USER_PASSWORD"
|
|
if [ ! "$?" = "0" ]; then
|
|
echo $'SIP user could not be added. Ensure that extension numbers are in order and do no exceed 299'
|
|
if grep -q "install_xmpp" $COMPLETION_FILE; then
|
|
${PROJECT_NAME}-rmxmpp -e "$MY_USERNAME@$HOSTNAME"
|
|
fi
|
|
if grep -q "Blog domain" $COMPLETION_FILE; then
|
|
if [ -f /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini ]; then
|
|
rm /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
|
|
fi
|
|
fi
|
|
userdel -r $MY_USERNAME
|
|
exit 10
|
|
fi
|
|
fi
|
|
|
|
if grep -q "install_gnu_social" $COMPLETION_FILE; then
|
|
MICROBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "GNU Social domain" | awk -F ':' '{print $2}')
|
|
if [ -d /var/www/$MICROBLOG_DOMAIN_NAME ]; then
|
|
cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
|
|
php scripts/registeruser.php -n $MY_USERNAME -w "$NEW_USER_PASSWORD" -e "$MY_USERNAME@$HOSTNAME"
|
|
freedombone-addemail -u $MY_USERNAME -e "noreply@$MICROBLOG_DOMAIN_NAME" -g gnusocial --public no
|
|
echo $'Created GNU Social user'
|
|
else
|
|
echo $"Unable to find GNU Social installation at /var/www/$MICROBLOG_DOMAIN_NAME/htdocs"
|
|
userdel -r $MY_USERNAME
|
|
exit 11
|
|
fi
|
|
fi
|
|
|
|
if grep -q "install_irc_client" $COMPLETION_FILE; then
|
|
IRC_PORT=6697
|
|
if grep -q "IRC_PORT" $CONFIGURATION_FILE; then
|
|
IRC_PORT=$(grep "IRC_PORT" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
|
|
fi
|
|
IRC_PASSWORD=$(cat /etc/ngircd/ngircd.conf | grep "Password =" | head -n 1 | awk -F '=' '{print $2}')
|
|
if [ ${#IRC_PASSWORD} -lt 2 ]; then
|
|
IRC_PASSWORD=
|
|
fi
|
|
|
|
if [ ! -d /home/$MY_USERNAME/.irssi ]; then
|
|
mkdir /home/$MY_USERNAME/.irssi
|
|
fi
|
|
|
|
echo 'servers = (' > /home/$MY_USERNAME/.irssi/config
|
|
echo ' {' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' address = "chat.freenode.net";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' chatnet = "Freenode";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' autoconnect = "no";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' },' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' {' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' address = "irc.oftc.net";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' chatnet = "OFTC";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' },' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' {' >> /home/$MY_USERNAME/.irssi/config
|
|
echo " address = \"${HOSTNAME}\";" >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' chatnet = "Freedombone";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo " port = \"${IRC_PORT}\";" >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' use_ssl = "yes";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' ssl_verify = "no";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
|
|
|
|
echo ' }' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ');' >> /home/$MY_USERNAME/.irssi/config
|
|
echo '' >> /home/$MY_USERNAME/.irssi/config
|
|
echo 'chatnets = {' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' Freedombone = {' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' };' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' Freenode = {' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' };' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' OFTC = {' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' max_msgs = "1";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' };' >> /home/$MY_USERNAME/.irssi/config
|
|
echo '};' >> /home/$MY_USERNAME/.irssi/config
|
|
echo '' >> /home/$MY_USERNAME/.irssi/config
|
|
echo 'channels = (' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' { name = "#freedombone"; chatnet = "Freedombone"; autojoin = "Yes"; },' >> /home/$MY_USERNAME/.irssi/config
|
|
echo ');' >> /home/$MY_USERNAME/.irssi/config
|
|
echo '' >> /home/$MY_USERNAME/.irssi/config
|
|
echo 'settings = {' >> /home/$MY_USERNAME/.irssi/config
|
|
echo " core = { real_name = \"$MY_NAME\"; user_name = \"$MY_USERNAME\"; nick = \"$MY_USERNAME\"; };" >> /home/$MY_USERNAME/.irssi/config
|
|
echo ' "fe-text" = { actlist_sort = "refnum"; };' >> /home/$MY_USERNAME/.irssi/config
|
|
echo '};' >> /home/$MY_USERNAME/.irssi/config
|
|
echo 'ignores = ( { level = "CTCPS"; } );' >> /home/$MY_USERNAME/.irssi/config
|
|
|
|
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.irssi
|
|
fi
|
|
|
|
if [ -f /etc/nginx/.htpasswd ]; then
|
|
if ! grep "${MY_USERNAME}:" /etc/nginx/.htpasswd; then
|
|
echo "$NEW_USER_PASSWORD" | htpasswd -i -s /etc/nginx/.htpasswd $MY_USERNAME
|
|
fi
|
|
fi
|
|
|
|
# add user to the sipwitch group
|
|
if [ -f /etc/sipwitch.conf ]; then
|
|
usermod -aG sipwitch $MY_USERNAME
|
|
fi
|
|
|
|
# add user for SIP STUN/TURN
|
|
if [ -d /etc/turnserver ]; then
|
|
if grep -q "DEFAULT_DOMAIN_NAME" $CONFIGURATION_FILE; then
|
|
DEFAULT_DOMAIN_NAME=$(grep "DEFAULT_DOMAIN_NAME" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
|
|
echo "${MY_USERNAME}:${NEW_USER_PASSWORD}:${DEFAULT_DOMAIN_NAME}:authorized" >> /etc/turnserver/turnusers.txt
|
|
fi
|
|
fi
|
|
|
|
# add user menu on ssh login
|
|
if ! grep -q 'control' /home/$MY_USERNAME/.bashrc; then
|
|
echo 'control' >> /home/$MY_USERNAME/.bashrc
|
|
fi
|
|
|
|
clear
|
|
echo $"New user $MY_USERNAME was created"
|
|
if [ $SIP_EXTENSION ]; then
|
|
echo $"Their SIP phone extension is $SIP_EXTENSION"
|
|
fi
|
|
echo $"Their login password is $NEW_USER_PASSWORD"
|
|
echo ''
|
|
echo $'IMPORTANT: Make a note of the password, because it will not be saved'
|
|
echo $'anywhere else. Preferably give it to them in person on paper or via'
|
|
echo $'a secure channel, not in an unencrypted email.'
|
|
echo ''
|
|
echo $"They can download their GPG keys with:"
|
|
echo ''
|
|
echo " scp -P $SSH_PORT -r $MY_USERNAME@$HOSTNAME:/home/$MY_USERNAME/.gnupg ~/"
|
|
echo ''
|
|
echo $"They should also run ${PROJECT_NAME}-client on their system to ensure"
|
|
echo $'the best security.'
|
|
|
|
exit 0
|