forked from ProjectSegfault/publapi
41 lines
3.2 KiB
Bash
41 lines
3.2 KiB
Bash
#!/bin/bash
|
|
# Path: /var/publapi/users/{{username}}.sh
|
|
# This file is generated by PublAPI. Do not edit this file.
|
|
echo "E-Mail of {{username}} is {{email}}."
|
|
pass="$(tr -dc A-Za-z0-9 </dev/urandom | head -c 64)"
|
|
useradd -Um -s /bin/bash {{username}}
|
|
chmod 711 /home/{{username}}
|
|
printf "%s\n%s" "${pass}" "${pass}" | passwd {{username}}
|
|
echo "${pass}" > /home/{{username}}/pass
|
|
chmod 600 /home/{{username}}/pass
|
|
chown {{username}}:{{username}} /home/{{username}}/pass
|
|
usermod -aG users {{username}}
|
|
mkdir /home/{{username}}/.ssh
|
|
echo "{{sshkey}}" > /home/{{username}}/.ssh/authorized_keys
|
|
chmod 700 /home/{{username}}/.ssh
|
|
chmod 600 /home/{{username}}/.ssh/authorized_keys
|
|
chown -R {{username}}:{{username}} /home/{{username}}/.ssh
|
|
sed -i 's/REPLACEME/{{username}}/g' /home/{{username}}/{meta-info.toml,Caddyfile}
|
|
loginctl enable-linger {{username}}
|
|
mkdir /var/gemini/p.projectsegfau.lt/users/{{username}} && ln -s /var/gemini/p.projectsegfau.lt/users/{{username}} /home/{{username}}/public_gemini
|
|
chmod 755 /var/gemini/p.projectsegfau.lt/users/{{username}}
|
|
chown -R {{username}}:{{username}} /var/gemini/p.projectsegfau.lt/users/{{username}} /home/{{username}}/public_gemini
|
|
setquota -u {{username}} 20G 20G 0 0 /
|
|
a=$(curl -X POST "https://auth.p.projectsegfau.lt/api/v3/core/users/" -H "accept: application/json" -H "content-type: application/json" -H "Authorization: Bearer $(</root/pass/authentiktoken)" -d '{"username":"{{username}}","name":"{{username}}","is_active":true,"groups":["57fe5750-5ac6-46ff-95bc-298cbff0b340"],"email":"{{email}}","attributes":{},"path":"users"}')
|
|
pk=$(echo $a | jq '.pk')
|
|
curl -X POST "https://auth.p.projectsegfau.lt/api/v3/core/users/${pk}/set_password/" -H "accept: application/json" -H "content-type: application/json" -H "Authorization: Bearer $(</root/pass/authentiktoken)" -d "{\"password\": \"${pass}\"}"
|
|
printf 'Hi {{username}},
|
|
Your Project Segfault Pubnix account has been approved.
|
|
To login, run ssh {{username}}@p.projectsegfau.lt. You might need to specify a key, and we recommend adding an SSH host to your SSH config file to make it easier to log in later.
|
|
There is a Matrix chat room for everything about the Pubnix. You can ask for help, discuss features etc at #pubnix:projectsegfau.lt.
|
|
There is a password for Pubnix-related things in your user directory, you can run cat ~/pass to see it. We recommend to store it somewhere else and delete the file.
|
|
You also get access to our public authentik instance, which allows you to sign up to many Project Segfault services with your Pubnix account. You can find it at https://auth.p.projectsegfau.lt, log in and you will be able to see a list of applications you can use authentik to log in with.
|
|
|
|
If you ever get confused or have no idea what to do, we have some articles on our wiki at https://wiki.projectsegfau.lt/index.php?title=Category:Pubnix.
|
|
We hope you have enough freedom to do what you want. You are limited to 20GB of storage however.
|
|
|
|
We hope you have as much fun as we did making the Pubnix! :D' \
|
|
| s-nail -vr pubnix@projectsegfau.lt -s 'Your Project Segfault Pubnix account has been created' {{email}}
|
|
source /var/publapi/publapi.env && shoutrrr send -u $PUBLAPI_NOTIFY_SHOUTRRRURL -m "Welcome new user, ~{{username}}!"
|
|
rm -rf $0
|