publapi/utils/signup-script-template

36 lines
2.2 KiB
Plaintext
Raw Normal View History

2023-01-21 22:19:17 +05:30
#!/bin/bash
# Path: /var/publapi/users/{{username}}.sh
# This file is generated by PublAPI. Do not edit this file.
echo "E-Mail of {{username}} is {{email}}."
pass="$(tr -dc A-Za-z0-9 </dev/urandom | head -c 64)"
2023-01-21 22:19:17 +05:30
useradd -Um -s /bin/bash {{username}}
chmod 711 /home/{{username}}
printf "%s\n%s" "${pass}" "${pass}" | passwd {{username}}
echo "${pass}" > /home/{{username}}/pass
chmod 600 /home/{{username}}/pass
2023-01-23 14:42:50 +05:30
chown {{username}}:{{username}} /home/{{username}}/pass
2023-01-21 22:29:54 +05:30
usermod -aG users {{username}}
2023-01-21 22:19:17 +05:30
mkdir /home/{{username}}/.ssh
echo "{{sshkey}}" > /home/{{username}}/.ssh/authorized_keys
chmod 700 /home/{{username}}/.ssh
chmod 600 /home/{{username}}/.ssh/authorized_keys
2023-01-23 14:42:50 +05:30
chown -R {{username}}:{{username}} /home/{{username}}/.ssh
sed -i 's/REPLACEME/{{username}}/g' /home/{{username}}/{meta-info.env,Caddyfile}
# sed -i 's/EMAIL=/EMAIL={{email}}/' /home/{{username}}/meta-info.env
2023-01-21 22:19:17 +05:30
loginctl enable-linger {{username}}
setquota -u {{username}} 20G 20G 0 0 /
2023-01-23 14:25:11 +05:30
a=$(curl -X POST "https://auth.p.projectsegfau.lt/api/v3/core/users/" -H "accept: application/json" -H "content-type: application/json" -H "Authorization: Bearer $(</root/pass/authentiktoken)" -d '{"username":"{{username}}","name":"{{username}}","is_active":true,"groups":["57fe5750-5ac6-46ff-95bc-298cbff0b340"],"email":"{{email}}","attributes":{},"path":"users"}')
pk=$(echo $a | jq '.pk')
2023-01-23 14:42:50 +05:30
curl -X POST "https://auth.p.projectsegfau.lt/api/v3/core/users/${pk}/set_password/" -H "accept: application/json" -H "content-type: application/json" -H "Authorization: Bearer $(</root/pass/authentiktoken)" -d "{\"password\": \"${pass}\"}"
printf 'Hi {{username}},
Your Project Segfault account has been approved.
To login, run ssh {{username}}@projectsegfau.lt
You can get help regarding the pubnix at https://matrix.to/#/#pubnix:projectsegfau.lt
The password for pubnix-related things is located at ~/pass on the pubnix.
You can see it by running cat ~/pass while sshing into the pubnix.
Along with the pubnix, you get access to our public authentik instance, which shares the same password.
You can sign-up for most of our services using authentik! \n
Thank you for being part of Project Segfault.' \
| s-nail -vr pubnix@projectsegfau.lt -s 'Your Project Segfault pubnix account has been created' {{email}}
2023-01-23 14:42:50 +05:30
rm -rf $0