script/nextcloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add script 'add-new-account.sh'.

Browse Source
This commit is contained in:
Christoph 2025-04-20 02:07:01 +02:00
parent 73f2f79324
commit 23edc5828c
1 changed files with 747 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

747
add-new-account.sh Executable file
View File

@ -0,0 +1,747 @@
#!/usr/bin/env bash
CUR_IFS=$IFS
script_name="$(basename $(realpath $0))"
script_dir="$(dirname $(realpath $0))"
conf_dir="${script_dir}/conf"
snippet_dir="${script_dir}/snippets"
declare -a unsorted_website_arr
declare -a website_arr
declare -a unsorted_account_arr
declare -a account_arr
declare -a unsorted_group_arr
declare -a group_arr
log_file="$(mktemp)"
backup_date=$(date +%Y-%m-%d-%H%M)
# =============
# --- Some functions
# =============
clean_up() {
if [[ -f "$_backup_crontab_file" ]]; then
echononl "(Re)Install previously saved crontab from '$_backup_crontab_file'.."
crontab $_backup_crontab_file >> $log_file 2>&1
if [[ $? -eq 0 ]]; then
echo_ok
else
echo_failed
error "$(cat $log_file)"
fi
fi
# Perform program exit housekeeping
rm -f $log_file
blank_line
exit $1
}
is_number() {
return $(test ! -z "${1##*[!0-9]*}" > /dev/null 2>&1);
# - also possible
# -
#[[ ! -z "${1##*[!0-9]*}" ]] && return 0 || return 1
#return $([[ ! -z "${1##*[!0-9]*}" ]])
}
echononl(){
echo X\\c > /tmp/shprompt$$
if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then
echo -e -n "$*\\c" 1>&2
else
echo -e -n "$*" 1>&2
fi
rm /tmp/shprompt$$
}
echo_done() {
if $terminal ; then
echo -e "\033[75G[ \033[32mdone\033[m ]"
else
echo " [ done ]"
fi
}
echo_ok() {
if $terminal ; then
echo -e "\033[75G[ \033[32mok\033[m ]"
else
echo " [ ok ]"
fi
}
echo_warning() {
if $terminal ; then
echo -e "\033[75G[ \033[33m\033[1mwarn\033[m ]"
else
echo " [ warning ]"
fi
}
echo_failed(){
if $terminal ; then
echo -e "\033[75G[ \033[1;31mfailed\033[m ]"
else
echo ' [ failed! ]'
fi
}
echo_skipped() {
if $terminal ; then
echo -e "\033[75G[ \033[37mskipped\033[m ]"
else
echo " [ skipped ]"
fi
}
fatal (){
echo ""
echo ""
if $terminal ; then
echo -e "\t[ \033[31m\033[1mFatal\033[m ]: \033[37m\033[1m$*\033[m"
echo ""
echo -e "\t\033[31m\033[1m Script will be interrupted..\033[m\033[m"
else
echo "fatal: $*"
echo "Script will be interrupted.."
fi
clean_up 1
}
error(){
echo ""
if $terminal ; then
echo -e "\t[ \033[31m\033[1mFehler\033[m ]: $*"
else
echo "Error: $*"
fi
echo ""
}
warn (){
echo ""
if $terminal ; then
echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*"
else
echo "Warning: $*"
fi
echo ""
}
info (){
echo ""
if $terminal ; then
echo -e "\t[ \033[32m\033[1mInfo\033[m ]: $*"
else
echo "Info: $*"
fi
echo ""
}
detect_os_1 () {
if $(which lsb_release > /dev/null 2>&1) ; then
os_dist="$(lsb_release -i | awk '{print tolower($3)}')"
os_version="$(lsb_release -r | awk '{print tolower($2)}')"
os_codename="$(lsb_release -c | awk '{print tolower($2)}')"
if [[ "$os_dist" = "debian" ]]; then
if $(echo "$os_version" | grep -q '\.') ; then
os_version=$(echo "$os_version" | cut --delimiter='.' -f1)
fi
fi
elif [[ -e "/etc/os-release" ]]; then
. /etc/os-release
os_dist=$ID
os_version=${VERSION_ID}
fi
# remove whitespace from os_dist and os_version
os_dist="${os_dist// /}"
os_version="${os_version// /}"
}
# - Remove leading/trailling whitespaces
# -
trim() {
local var="$*"
var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters
var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters
echo -n "$var"
}
## - Check if a given array (parameter 2) contains a given string (parameter 1)
## -
containsElement () {
local e
for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done
return 1
}
random_char() {
local chars="$1"
echo -n "${chars:RANDOM%${#chars}:1}"
}
# Funktion zur Generierung eines zufälligen Strings mit den angegebenen Anforderungen
generate_random_string() {
local length="$1"
# Überprüfen, ob die Länge größer als 8 ist
if [[ "$length" -le 8 ]]; then
echo "Fehler: Die Länge muss größer als 8 Zeichen sein."
return 1
fi
# Zeichenmengen
# not allowed: 0ODl18B
local lower="abcdefghijkmnopqrstuvwxyz"
#local upper="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
local upper="ACEFGHIJKLMNPQRSTUVWXYZ"
#local digits="0123456789"
local digits="2345679"
#local special="!@#$%^&*()_+-=[]{}|;:,.<>?/"
local special="__+---///...."
# Generiere mindestens ein Zeichen aus jeder Kategorie
local random_string=$(random_char "$lower")
random_string+=$(random_char "$upper")
random_string+=$(random_char "$digits")
random_string+=$(random_char "$special")
random_string+=$(random_char "$special")
# Fülle den Rest der Zeichenkette mit zufälligen Zeichen aus allen Kategorien
local all_chars="$lower$upper$digits$special"
for (( i=${#random_string}; i<length; i++ )); do
random_string+=$(random_char "$all_chars")
done
# Mische die Zeichenkette, um die Reihenfolge der Zeichen zufällig zu machen
random_string=$(echo "$random_string" | fold -w1 | shuf | tr -d '\n')
# Ausgabe des generierten Strings
echo "$random_string"
}
validate_email() {
local email=$1
local pattern="^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$"
if [[ $email =~ $pattern ]]; then
return 0 # Erfolg - E-Mail ist gültig
else
return 1 # Fehler - E-Mail ist ungültig
fi
}
blank_line() {
if $terminal ; then
echo ""
fi
}
# ----------
# - Jobhandling
# ----------
# - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM
# -
trap clean_up SIGHUP SIGINT SIGTERM
## -
while IFS='' read -r -d '' _conf_file ; do
source $_conf_file
if [[ -n "$WEBSITE" ]] ; then
unsorted_website_arr+=("${WEBSITE}:$_conf_file")
fi
WEBSITE=""
done < <(find "${conf_dir}" -maxdepth 1 -type f -name "*.conf" -print0)
if [[ ${#unsorted_website_arr} -eq 0 ]]; then
fatal "No configuration files found in '${script_dir}/conf' or no website configured!"
fi
# - Sort array
# -
IFS=$'\n' website_arr=($(sort <<<"${unsorted_website_arr[*]}"))
# - Reset IFS
# -
IFS=$CUR_IFS
# =============
# --- Some
# =============
# - Support systemd ?
# -
if [[ "X$(which systemd)" = "X" ]]; then
SYSTEMD_EXISTS=false
else
SYSTEMD_EXISTS=true
fi
# - Running in a terminal?
# -
if [[ -t 1 ]] ; then
terminal=true
else
terminal=false
fi
#clear
echo ""
echo -e "\033[32m-----\033[m"
echo -e "Add a new User to NC - \033[1mIts possible to assign existing group(s)\033[m"
echo -e "\033[32m-----\033[m"
# Which cloud instance (website) would you like to update
#
source ${snippet_dir}/get-cloud-instance-to-update.sh
# - Reset IFS
# -
IFS=$CUR_IFS
echo ""
echononl " Include Configuration file.."
if [[ ! -f $conf_file ]]; then
echo_failed
fatal "Missing configuration file '$conf_file'"
else
source $conf_file
echo_ok
fi
echo ""
# =============
# --- Some checks
# =============
DEFAULT_SRC_BASE_DIR="/usr/local/src/nextcloud"
DEFAULT_HTTP_USER="www-data"
DEFAULT_HTTP_GROUP="www-data"
DEFAULT_PHP_ENGINE="FPM"
if [[ -z ${WEBSITE} ]] ; then
fatal "No website given (parameter 'WEBSITE')"
fi
DEFAULT_WEB_BASE_DIR="/var/www/$WEBSITE"
[[ -n "$WEB_BASE_DIR" ]] || WEB_BASE_DIR=$DEFAULT_WEB_BASE_DIR
if [[ ! -d ${WEB_BASE_DIR} ]] ; then
fatal "Web base directory not found (parameter 'WEB_BASE_DIR')"
fi
[[ -n "$PHP_ENGINE" ]] || PHP_ENGINE=$DEFAULT_PHP_ENGINE
if [[ "$DATABASE_TYPE" != "postgres" ]] && [[ "$DATABASE_TYPE" != "mysql" ]]; then
fatal "Wrong or missing database type (parameter 'DATABASE_TYPE')"
fi
if [[ -z "$DATABASE_NAME" ]]; then
fatal "Missing database name (parameter 'DATABASE_NAME')"
fi
if [[ "$DATABASE_TYPE" = "mysql" ]] && [[ -z "$MYSQL_CREDENTIALS" ]]; then
fatal "No Database Credentials for MySQL given (parameter 'MYSQL_CREDENTIALS')"
fi
if [[ "$DATABASE_TYPE" = "postgres" ]]; then
if [[ -z "$PSQL_USER" ]] || [[ -z "$PSQL_PASS" ]]; then
fatal "No Database Credentials for PostgreSQL given (parameters: 'PSQL_USER' 'PSQL_PASS'"
fi
fi
NGINX_IS_ENABLED=false
APACHE2_IS_ENABLED=false
# Get Webservice environment as IS_HTTPD_RUNNING, HTTP_USER, HTTP_GROUP..
#
source ${snippet_dir}/get-webservice-environment.sh
# Check PHP Version
#
source ${snippet_dir}/get-php-major-version.sh
# Get full qualified PHP command
#
source ${snippet_dir}/get-path-of-php-command.sh
CURRENT_INSTALL_DIR=`realpath ${WEB_BASE_DIR}/nextcloud`
CURRENT_DATA_DIR=`realpath ${WEB_BASE_DIR}/data`
CURRENT_VERSION=`basename $CURRENT_INSTALL_DIR | cut -d"-" -f2`
blank_line
echononl " Get list of current accounts.."
# Methode 1: mapfile (empfohlen)
#
mapfile -t unsorted_account_arr < <(su -c "${PHP_BIN} ${WEB_BASE_DIR}/htdocs/occ user:list" -s /bin/bash $HTTP_USER 2> ${log_file} | awk -F'[:[:space:]]+' '{print $3}' 2>> ${log_file} )
# Oder Methode 2: while-Schleife
#
#while IFS= read -r line; do
# unsorted_account_arr+=("$(echo "$line" | awk -F'[:[:space:]]+' '{print $3}' 2>> ${log_file})")
#done <<< "$(su -c "${PHP_BIN} ${WEB_BASE_DIR}/htdocs/occ user:list" -s /bin/bash $HTTP_USER 2> ${log_file})"
if [[ $? -gt 0 ]] || [[ -s "${log_file}" ]] ; then
echo_failed
error "$(cat $log_file)\n"
else
echo_ok
fi
echononl " Get list of current groups.."
mapfile -t unsorted_group_arr < <(su -c "${PHP_BIN} ${WEB_BASE_DIR}/htdocs/occ group:list" -s /bin/bash $HTTP_USER 2> ${log_file} | awk '/^\s*-\s[^:]+:$/{gsub(/^\s*-\s|:$/, ""); print}' 2>> ${log_file} )
#su -c "${PHP_BIN} ${WEB_BASE_DIR}/htdocs/occ user:list" -s /bin/bash $HTTP_USER | \
# | awk -F'[:[:space:]]+' '{print $3}'
echo ""
echo ""
echo -e "\033[32m-----\033[m"
echo ""
echo -e " Which \033[1muser\033[m would you like to add?"
echo ""
NEW_ACCOUNT=
while [[ -z "$(trim ${NEW_ACCOUNT})" ]] ; do
echononl " New NC accoun name: "
read NEW_ACCOUNT
if containsElement "${NEW_ACCOUNT}" "${unsorted_account_arr[@]}" ; then
echo -e "\n\t\033[33m\033[1mAccount \033[m\033[1m${NEW_ACCOUNT}\033[33m already exists! \033[m- Try again\n"
NEW_ACCOUNT=""
#echononl " New NC accoun name: "
continue
fi
if [[ -z "$(trim ${NEW_ACCOUNT})" ]] ; then
echo -e "\n\t\033[33m\033[1mAccount name must be given.\033[m\n"
fi
done
echo ""
echo ""
echo -e "\033[32m-----\033[m"
echo ""
echo -e " Enter the display name for the account \033[1m${NEW_ACCOUNT}\033[m"
echo ""
echo -e " Type \033[33mNone\033[m to not assign a display name"
echo ""
DISPLAY_NAME=
while [[ -z "$(trim ${DISPLAY_NAME})" ]] ; do
echononl " Display name for he account \033[1m${DISPLAY_NAME}\033[m: "
read DISPLAY_NAME
if [[ "${DISPLAY_NAME,,}" = "none" ]] ; then
DISPLAY_NAME=""
break
fi
if [[ -z "$(trim ${DISPLAY_NAME})" ]] ; then
echo -e "\n\t\033[33m\033[1mEntry must not be empty. Type \033[m\033[1mNone\033[33m for not assigning a display name.\033[m\n"
fi
done
blank_line
blank_line
echo -e " Present groups on NC Cloud instance \033[1m${WEBSITE}\033[m\n"
echo -en "\033[33m"
printf " %s\n" "${unsorted_group_arr[@]}"
echo -en "\033[m"
blank_line
echo ""
echo ""
echo -e "\033[32m-----\033[m"
echo ""
echo -e " Which groups should the new account belong to?"
echo ""
echo " - enter a list separated by spaces"
echo -e " - or type \033[33mNone\033[m to not assign the account to any group"
echo ""
ASSIGNED_GROUPS=
while [[ -z "$(trim ${ASSIGNED_GROUPS})" ]] ; do
echononl " Groups to which the new account should belong: "
read ASSIGNED_GROUPS
if [[ "${ASSIGNED_GROUPS,,}" = "none" ]] ; then
ASSIGNED_GROUPS=""
break
fi
if [[ -z "$(trim ${ASSIGNED_GROUPS})" ]] ; then
echo -e "\n\t\033[33m\033[1mEntry must not be empty. Type \033[m\033[1mNone\033[33m for not assigning a group.\033[m\n"
continue
fi
IFS=' ' read -ra assigned_groups_arr <<< "${ASSIGNED_GROUPS}"
for _group in "${assigned_groups_arr[@]}" ; do
if ! containsElement "${_group}" "${unsorted_group_arr[@]}" ; then
echo -e "\n\t\033[33m\033[1m No group \033[m\033[1m${_group}\033[33m present!\033[m - Try again..\n"
ASSIGNED_GROUPS=""
break
fi
done
# - Sort array
# -
IFS=$'\n' assigned_groups_arr=($(sort <<<"${assigned_groups_arr[*]}"))
done
echo ""
echo ""
echo -e "\033[32m-----\033[m"
echo ""
echo -e " Enter a password for the new account \033[1m${NEW_ACCOUNT}\033[m"
echo ""
echo " Some random genaerated Passwords:"
echo ""
for ((i=0; i<=9; i++)); do
echo -en " $i: "
echo -e "\033[33m$(generate_random_string 12)\033[m"
done
echo ""
_PW1="X"
_PW2="Y"
while [ "$_PW1" != "$_PW2" ]
do
echononl "Password: "
#read -s _PW1
read _PW1
echo
if [ "X$_PW1" = "X" ]; then
echo -e "\n\t\033[33m\033[1mA password is required!\033[m\n"
continue
fi
echononl "Repeat the password: "
#read -s _PW2
read _PW2
echo
if [ "$_PW1" != "$_PW2" ];then
echo -e "\n\t\033[33m\033[1mpassword entries are NOT identical!\033[m\n"
else
PASSWORD=$_PW1
fi
done
regex_email="^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$"
echo ""
echo ""
echo -e "\033[32m-----\033[m"
echo ""
echo -e " Enter an e-mail address for the new account \033[1m${NEW_ACCOUNT}\033[m"
echo ""
echo -e " Type \033[33mNone\033[m to not assign an e-mail address"
echo ""
E_MAIL=
while [[ -z "$(trim ${E_MAIL})" ]] ; do
echononl " E-Mail address for the new account \033[1m${E_MAIL}\033[m: "
read E_MAIL
if [[ "${E_MAIL,,}" = "none" ]] ; then
E_MAIL=""
break
fi
if [[ ! "${E_MAIL,,}" =~ ${regex_email} ]]; then
echo -e "\n\t\033[m\033[1m${E_MAIL}\033[33m is not a valid e-mail address\033[m - Try again..\n"
E_MAIL=""
continue
fi
if [[ -z "$(trim ${E_MAIL})" ]] ; then
echo -e "\n\t\033[33m\033[1mEntry must not be empty. Type \033[m\033[1mNone\033[33m for not assigning an e-mail address.\033[m\n"
fi
done
echo ""
echo ""
echo ""
echo -e "\033[1;32mStarting Script for \033[1;37m${WEBSITE}\033[m"
echo ""
echo -e " Cloud instance to be changed.........: ${WEBSITE}"
echo ""
echo -e " Current version of nextcloud.........: $CURRENT_VERSION"
echo ""
echo ""
echo -e " New Account..........................: ${NEW_ACCOUNT}"
if [[ -z "${DISPLAY_NAME}" ]] ; then
echo -e " Display Name.........................: \033[33mNone\033[m"
else
echo -e " Display Name.........................: ${DISPLAY_NAME}"
fi
if [[ -z "${E_MAIL}" ]] ; then
echo -e " E-Mail Address.......................: \033[33mNone\033[m"
else
echo -e " E-Mail Address.......................: ${E_MAIL}"
fi
echo ""
echo -e " Password.............................: ${PASSWORD}"
echo ""
if [[ -z "${ASSIGNED_GROUPS}" ]] ; then
echo -e " Group(s) assigned to the new account.: \033[33mNone\033[m"
else
declare -i index=0
for _group in "${assigned_groups_arr[@]}" ; do
if [[ ${index} -lt 1 ]] ; then
echo -e " Group(s) assigned to the new account.: \033[33m${_group}\033[m"
else
echo -e " \033[33m${_group}\033[m"
fi
(( index++ ))
done
fi
echo ""
echo ""
echo -e " Web base directory...................: $WEB_BASE_DIR"
echo ""
echo -e " Webserver user.......................: $HTTP_USER"
echo -e " Webserver group......................: $HTTP_GROUP"
echo ""
echo -e " PHP version..........................: $PHP_VERSION"
echo -e " PHP Engine...........................: $PHP_ENGINE"
echo ""
echo -e " PHP command..........................: $PHP_BIN"
echo ""
echo -e " Databse name.........................: $DATABASE_NAME"
echo -e " Database type........................: $DATABASE_TYPE"
echo ""
if [[ "$DATABASE_TYPE" = "mysql" ]] ; then
echo -e " Mysql Credentials....................: $MYSQL_CREDENTIALS"
fi
echo ""
echo ""
echo -n " Type upper case 'YES' to continue executing with this parameters: "
read OK
if [[ "$OK" = "YES" ]] ; then
echo ""
echo ""
echo -e "\033[1;32mGoing to create new account \033[1;37m${NEW_ACCOUNT}\033[1;32m on \033[1;37m${WEBSITE}\033[m"
echo ""
else
fatal "Abort by user request - Answer as not 'YES'"
fi
echo ""
# -----
# - Main part of the script
# -----
echo ""
echo ""
echo -e "\033[37m\033[1mMain part of the script\033[m"
echo ""
occ_arg_string="user:add --password-from-env"
echononl " Create Parametwer String.."
[[ -n "${DISPLAY_NAME}" ]] && occ_arg_string="${occ_arg_string} --display-name='${DISPLAY_NAME}'"
if [[ ${#assigned_groups_arr[@]} -gt 0 ]] ; then
for _group in "${assigned_groups_arr[@]}" ; do
occ_arg_string="${occ_arg_string} --group='${_group}'"
done
fi
[[ -n "${E_MAIL}" ]] && occ_arg_string="${occ_arg_string} --email=${E_MAIL}"
occ_arg_string="${occ_arg_string} ${NEW_ACCOUNT}"
echo_done
# - Create new account
# -
echononl " Create new account \033[1;37m${NEW_ACCOUNT}\033[m on \033[1;37m${WEBSITE} \033[m"..""
su -c "OC_PASS='${PASSWORD}' ${PHP_BIN} ${WEB_BASE_DIR}/htdocs/occ ${occ_arg_string}" -s /bin/bash ${HTTP_USER} \
> $log_file 2>&1
if [[ $? -eq 0 ]]; then
echo_ok
blank_line
echo -e "\033[37m\033[1mCommand output was:\033[m"
blank_line
cat ${log_file}
blank_line
echo -e "Password set to '${PASSWORD}'"
else
echo_failed
blank_line
echo ""
echo -e "\033[37m\033[1mCommandline was:\033[m"
echo -e "
su -c \"OC_PASS='${PASSWORD}' ${PHP_BIN} ${WEB_BASE_DIR}/htdocs/occ ${occ_arg_string}\" -s /bin/bash ${HTTP_USER}
"
blank_line
error "\n\n$(cat $log_file)"
fi
blank_line
clean_up 0