#!/bin/bash # info: add ftp account for web domain. # options: USER DOMAIN FTP_USER FTP_PASSWORD [FTP_PATH] # # example: v-add-web-domain-ftp alice wonderland.com alice_ftp p4$$vvOrD # # This function creates additional ftp account for web domain. #----------------------------------------------------------# # Variables & Functions # #----------------------------------------------------------# # Argument definition user=$1 domain=$2 domain_idn=$2 ftp_user=${1}_${3} password=$4 HIDE=4 ftp_path=$5 # Includes # shellcheck source=/etc/hestiacp/hestia.conf source /etc/hestiacp/hestia.conf # shellcheck source=/usr/local/hestia/func/main.sh source $HESTIA/func/main.sh # shellcheck source=/usr/local/hestia/func/domain.sh source $HESTIA/func/domain.sh # load config file source_conf "$HESTIA/conf/hestia.conf" # Additional argument formatting format_domain format_domain_idn # TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN FTP_USER FTP_PASSWORD [FTP_PATH]' is_format_valid 'user' 'domain' 'ftp_user' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain" check_ftp_user=$(grep "^$ftp_user:" /etc/passwd) if [ -n "$check_ftp_user" ] && [ "$FTP_USER" != "$ftp_user" ]; then echo "Error: ftp user $ftp_user already exists" log_event "$E_EXISTS" "$ARGUMENTS" exit "$E_EXISTS" fi is_password_valid # Perform verification if read-only mode is enabled check_hestia_demo_mode #----------------------------------------------------------# # Action # #----------------------------------------------------------# # Get domain values get_domain_values 'web' # Defining ftp user shell shell=$(which nologin) if [ -n "$FTP_SHELL" ]; then shell=$FTP_SHELL fi # Defining path if [ -z "$ftp_path" ]; then ftp_path_a="$HOMEDIR/$user/web/$domain" else # Validating absolute path ftp_path_a=$(readlink -f "$HOMEDIR/$user/web/$domain/$ftp_path") if [ -z "$(echo $ftp_path_a | grep $HOMEDIR/$user/web/$domain)" ]; then echo "Error: absolute path $ftp_path_a is invalid" log_event "$E_INVALID" "$ARGUMENTS" exit "$E_INVALID" fi # Creating ftp user home directory if [ ! -e "$ftp_path_a" ]; then $BIN/v-add-fs-directory "$user" "$ftp_path_a" chown $user:$user "$ftp_path_a" chmod 751 "$ftp_path_a" fi fi # Adding ftp user /usr/sbin/useradd $ftp_user \ -s $shell \ -o -u $(id -u $user) \ -g $(id -g $user) \ -G hestia-users \ -M -d "$ftp_path_a" > /dev/null 2>&1 # Set ftp user password echo "$ftp_user:$password" | /usr/sbin/chpasswd if [ $? -ne 0 ]; then # Delete user on failure again /usr/sbin/deluser "$ftp_user" > /dev/null 2>&1 echo "Error: Password not accepted due to PAM restrictions" exit 2 fi ftp_md5=$(awk -v user=$ftp_user -F : 'user == $1 {print $2}' /etc/shadow) # Adding jailed sftp env $BIN/v-add-user-sftp-jail "$ftp_user" #----------------------------------------------------------# # Hestia # #----------------------------------------------------------# # Transforming absolute path to relative ftp_path_r=$(echo $ftp_path_a | sed "s%$HOMEDIR/$user/web/$domain%%") # Concatenating ftp variables if [ ! -z "$FTP_USER" ]; then ftp_user="$FTP_USER:$ftp_user" ftp_md5="$FTP_MD5:$ftp_md5" ftp_path="$FTP_PATH:$ftp_path_r" fi # Adding new key into web.conf add_object_key "web" 'DOMAIN' "$domain" 'FTP_PATH' 'PROXY' # Updating config update_object_value 'web' 'DOMAIN' "$domain" '$FTP_USER' "$ftp_user" update_object_value 'web' 'DOMAIN' "$domain" '$FTP_MD5' "$ftp_md5" update_object_value 'web' 'DOMAIN' "$domain" '$FTP_PATH' "$ftp_path" # Logging $BIN/v-log-action "$user" "Info" "Web" "Added new FTP account (Name: ${1}_${3}@$domain)." log_event "$OK" "$ARGUMENTS" exit