You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
107 lines
3.4 KiB
107 lines
3.4 KiB
#!/bin/bash
|
|
# info: generate access key
|
|
# options: USER [PERMISSIONS] [COMMENT] [FORMAT]
|
|
#
|
|
# example: v-add-access-key admin v-purge-nginx-cache,v-list-mail-accounts comment json
|
|
#
|
|
# The "PERMISSIONS" argument is optional for the admin user only.
|
|
# This function creates a key file in $HESTIA/data/access-keys/
|
|
|
|
#----------------------------------------------------------#
|
|
# Variables & Functions #
|
|
#----------------------------------------------------------#
|
|
|
|
# Argument definition
|
|
user=$1
|
|
permissions=$2
|
|
comment=$3
|
|
format=${4-shell}
|
|
|
|
# Includes
|
|
# shellcheck source=/etc/hestiacp/hestia.conf
|
|
source /etc/hestiacp/hestia.conf
|
|
# shellcheck source=/usr/local/hestia/func/main.sh
|
|
source $HESTIA/func/main.sh
|
|
# load config file
|
|
source_conf "$HESTIA/conf/hestia.conf"
|
|
|
|
keygen() {
|
|
local LENGTH=${1:-20}
|
|
local USE_SPECIAL_CHARACTERS="${2:-no}"
|
|
|
|
local MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
|
|
if [[ "$USE_SPECIAL_CHARACTERS" == "yes" ]]; then
|
|
MATRIX+='_-='
|
|
fi
|
|
|
|
local PASS N
|
|
while [ ${N:=1} -le $LENGTH ]; do
|
|
PASS="$PASS${MATRIX:$(($RANDOM % ${#MATRIX})):1}"
|
|
let N+=1
|
|
done
|
|
|
|
echo "$PASS"
|
|
}
|
|
|
|
access_key_id="$(keygen)"
|
|
secret_access_key="$(keygen 40 yes)"
|
|
|
|
# Perform verification if read-only mode is enabled
|
|
check_hestia_demo_mode
|
|
|
|
# Remove whitespace and bin path from permissions
|
|
permissions="$(cleanup_key_permissions "$permissions")"
|
|
|
|
time_n_date=$(date +'%T %F')
|
|
time=$(echo "$time_n_date" | cut -f 1 -d \ )
|
|
date=$(echo "$time_n_date" | cut -f 2 -d \ )
|
|
|
|
#----------------------------------------------------------#
|
|
# Verifications #
|
|
#----------------------------------------------------------#
|
|
|
|
check_args '1' "$#" 'USER [PERMISSIONS] [COMMENT] [FORMAT]'
|
|
is_format_valid 'user' 'comment' 'format'
|
|
is_object_valid 'user' 'USER' "$user"
|
|
is_key_permissions_format_valid "$permissions" "$user"
|
|
|
|
#----------------------------------------------------------#
|
|
# Action #
|
|
#----------------------------------------------------------#
|
|
|
|
if [ ! -d "$HESTIA/data/access-keys/" ]; then
|
|
mkdir -p $HESTIA/data/access-keys/
|
|
chown root:root $HESTIA/data/access-keys/
|
|
chmod 750 $HESTIA/data/access-keys/
|
|
fi
|
|
|
|
if [[ -e "$HESTIA/data/access-keys/${access_key_id}" ]]; then
|
|
while [[ -e "$HESTIA/data/access-keys/${access_key_id}" ]]; do
|
|
access_key_id=$(keygen)
|
|
done
|
|
fi
|
|
|
|
echo "SECRET_ACCESS_KEY='$secret_access_key'" > "$HESTIA/data/access-keys/${access_key_id}"
|
|
echo "USER='$user'" >> "$HESTIA/data/access-keys/${access_key_id}"
|
|
echo "PERMISSIONS='$permissions'" >> "$HESTIA/data/access-keys/${access_key_id}"
|
|
echo "COMMENT='$comment'" >> "$HESTIA/data/access-keys/${access_key_id}"
|
|
echo "TIME='$time'" >> "$HESTIA/data/access-keys/${access_key_id}"
|
|
echo "DATE='$date'" >> "$HESTIA/data/access-keys/${access_key_id}"
|
|
# TODO Index reserved for future implementation
|
|
echo "EXPIRES_IN=''" >> "$HESTIA/data/access-keys/${access_key_id}"
|
|
echo "IP=''" >> "$HESTIA/data/access-keys/${access_key_id}"
|
|
|
|
chmod 640 "$HESTIA/data/access-keys/${access_key_id}"
|
|
|
|
$BIN/v-list-access-key "$access_key_id" "$format"
|
|
|
|
#----------------------------------------------------------#
|
|
# Hestia #
|
|
#----------------------------------------------------------#
|
|
|
|
# Logging
|
|
log_history "Access key $access_key_id generated" "Warning" "$user" "API"
|
|
log_event "$OK" "$ARGUMENTS"
|
|
|
|
exit
|