david/scripts-archive
david
/
scripts-archive
Archived
1
0
Fork 0
Code
This repository has been archived on 2022-04-16. You can view files and clone it, but cannot push or open issues or pull requests.
scripts-archive/ftpsftp/archive/ftpsftp_v0.4.1b.sh

511 lines
11 KiB
Bash
Raw Blame History

#!/bin/bash
#################################################
## ##
## FTPsFTP ##
## standalone ftp/sftp server solution ##
## ##
#################################################
# **** do not touch as long as you are not me ****
version="v0.4.1b"
author="david@socialnerds.org"
giturl="http://git.gitorious.org/aec/ftpsftp.git"
# **** usage message ****
usage()
{
cat << EOF
usage: ftpsftp options
OPTIONS:
-h show this message
-i install ftpsftp on this ubuntu box
-a <username> add a user
-d <username> delete a user (not yet implemented)
-r <username> reset password for user (not yet implemented)
-q <username> (re)set the quota for user ****new feature****
-u update ftpsftp (pull from git)
-v version information
EOF
}
# **** version message ****
version()
{
echo
echo "FTPsFTP - standalone ftp/sftp server solution"
echo
echo "vesion: $version"
echo "author: $author"
echo
}
# **** am i root? ****
amiroot()
{
if [ "$(whoami)" != "root" ]; then
echo
echo "sorry $USER, you need to gain root privileges to do this."
echo
exit 1;
fi
}
# **** installation routine ****
installation()
{
## am i root?
amiroot
## installing dependencies
echo "info: trying to install dependencies via apt"
apt-get update
apt-get install -y vsftpd ssh quota quotatool makepasswd pwgen git-core vim
## reading configuration from user (stdin)
echo "specify under which path the account home dirs should be stored (no tailing slash)"
read accpath
echo "specify the mointpoint of the device where your accounts are stored (needed for quota config)"
read quotamountpoint
echo "specify the fqdn of your host"
read acchost
echo "specify a system group for your sftp users [default: sftpusers]"
read sftpgroup
if [ -z $sftpgroup ]; then
sftpgroup="sftpusers"
fi
## creating needed directorys
echo "info: creating directorys"
mkdir -p /etc/ftpsftp
mkdir -p /var/log/ftpsftp
mkdir -p /opt
## creating configfiles and logfiles
echo "info: creating configuration and log files"
echo "$USER" > /etc/vsftpd.chroot_list
touch /etc/vsftpd.user_list
echo "type name pass quota reguester timestamp" > /var/log/ftpsftp/accounts.log
#touch /var/log/ftpsftp/system.log #not yet in use
echo '## ftpsftp configuration file ##
accpath="'$accpath'" # this should point to where your accounts should be located
quotamountpoint="'$quotamountpoint'" # mount point for quota configuration
acchost="'$acchost'" # the dns name where your sever is reachable
sftpgroup="'$sftpgroup'" # system group
trackrequester="1" # switch to 0 if you do not want to track the account requester
logging="1" # set this to 0 if you do not want any logging
mailnotification="0" # set this to 0 if you do not want any mail notifications (not yet implemented)
' > /etc/ftpsftp/ftpsftp.conf
## cloning master of ftpsftp git repo
echo "info: cloning files from git repository to /opt/ftpsftp"
cd /opt
git clone $giturl
## set symlink for script in /usr/local/bin
echo "info: creating symlink for script in /usr/local/bin"
cd /usr/local/bin
ln -s /opt/ftpsftp/ftpsftp.sh ftpsftp
## configure quota
echo "info: configuring quota in fstab for $quotamountpoint"
storageopt=$(cat /etc/fstab | grep $quotamountpoint | awk '{print $4}')
sed -i 's/'$storageopt'/'$storageopt',usrquota/' /etc/fstab
umount $quotamountpoint
mount -a
/etc/init.d/quota restart
## configure vsftp
cp /etc/vsftpd.conf /etc/vsftpd.conf_orig
#sed -i 's/#listen_ipv6=YES/listen_ipv6=YES/' /etc/vsftpd.conf
sed -i 's/#write_enable=YES/write_enable=YES/' /etc/vsftpd.conf
sed -i 's/#local_umask=022/local_umask=0007\nfile_open_mode=0770/' /etc/vsftpd.conf
sed -i 's/#chroot_local_user=YES/chroot_local_user=YES/' /etc/vsftpd.conf
sed -i 's/#chroot_list_enable=YES/chroot_list_enable=YES/' /etc/vsftpd.conf
sed -i 's/#chroot_list_file=\/etc\/vsftpd.chroot_list/chroot_list_file=\/etc\/vsftpd.chroot_list/' /etc/vsftpd.conf
sed -i 's/#ftpd_banner=Welcome to blah FTP service./ftpd_banner=Welcome to '$acchost'./' /etc/vsftpd.conf
echo "
## added by ftpsftp
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd.user_list
" >> /etc/vsftpd.conf
/etc/init.d/vsftpd restart
## configure sshd
echo "info: configuring ssh server"
addgroup $sftpgroup
cp /etc/ssh/sshd_config /etc/ssh/sshd_config_orig
sed -i 's/Subsystem sftp \/usr\/lib\/openssh\/sftp-server/Subsystem sftp internal-sftp/' /etc/ssh/sshd_config
echo "
##### ssh configuration done by ftpsftp ############
AllowGroups admin $sftpgroup
Match group sftpusers
ChrootDirectory $accpath/sftp_accounts/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
####################################################
" >> /etc/ssh/sshd_config
/etc/init.d/ssh restart
## adding shells
echo "
/bin/false
/usr/lib/sftp-server
" >> /etc/shells
echo "you can now delete this script."
echo "all you need is in /opt/ftpsftp, /etc/ftpsftp and /var/log/ftpsftp."
echo 'everything is set to create your first user. try "ftpsftp -a <username>"'
}
##### ftpsftp update #####
update()
{
## am i root?
amiroot
cd /opt/ftpsftp
git pull origin master
}
##### user creation #####
add()
{
## am i root?
amiroot
## set accname
accname=$1
## check if installed
## reading configfile
source /etc/ftpsftp/ftpsftp.conf
## choose ftp or sftp
echo "specify account type [sftp|ftp]"
read acctype
if [ $acctype = "sftp" ]; then
:
else
if [ $acctype = "ftp" ]; then
:
else
echo "i'm sorry, i need to break this up right now."
echo "it seams you can not understand some simple instructions."
exit 1
fi
fi
## quota
ablocks=$(df | grep $quotamountpoint | awk '{print $2}')
gblocks=$(repquota $quotamountpoint | grep 000 | awk '{print $4}')
set -- $gblocks
quotacount=0
for var in "$@"
do
quotacount=$(($quotacount+$var))
done
gblocks=$quotacount
fblocks=$(($ablocks-$gblocks))
fsize=${fblocks:0:$((${#fblocks}-3))}
needaccquota="yes"
while [ $needaccquota = "yes" ]; do
echo "please specify how much diskspace this account should provide. (in megabytes)"
echo "maximum: $fsize"
read accquota
if [ -z "$accquota" ]; then
echo "this field is mandatory."
else
if [ $accquota -lt $fsize ]; then
needaccquota="notanymore"
else
echo "specified size too big or not a number. try again."
fi
fi
done
## requester
while [ $trackrequester = "1" ]; do
echo "who orderd this account? (i'm tracking this for a greater good.)"
read accrequester
if [ -z "$accrequester" ]; then
echo "this field is mandatory."
else
trackrequester="notanymore"
fi
done
## set $accport
if [ $acctype = "sftp" ]; then
accport="22"
else
accport="21"
fi
## get timestamp
acctimestamp=$(date '+%d.%m.%Y %H:%M')
## gen password (accpass)
accpass=$(pwgen -snc 10 1)
echo $accpass > pass.txt
accencpass=$(makepasswd --clearfrom=pass.txt --crypt-md5 | awk '{print $2}')
rm pass.txt
## create home, set its permissions and add the user to sftp/ftpgroup
if [ $acctype = "sftp" ]; then
mkdir -p $accpath/$acctype"_accounts"/$accname/data
# create the actual user (sftp)
useradd -d /data -M -U -s /usr/lib/sftp-server -p $accencpass $accname
chown -R $accname\: $accpath/$acctype"_accounts"/$accname/data
usermod -G $sftpgroup $accname
else
mkdir -p $accpath/$acctype"_accounts"/$accname
# create the actual user (ftp)
useradd -d $accpath/$acctype"_accounts"/$accname -M -U -s /bin/false -p $accencpass $accname
chown -R $accname\: $accpath/$acctype"_accounts"/$accname
echo $accname >> /etc/vsftpd.user_list
fi
## configure quota
accquota=$((accquota/1000*1024))
setquota --all -u $accname $accquota"000" $accquota"000" 0 0
## trigger log
logging
## account data output
echo
echo "account data"
echo
echo "host:" $acchost
echo "port:" $accport
echo "username:" $accname
echo "password:" $accpass
echo "quota:" $accquota"mb"
echo "directory:" $accpath/$acctype"_accounts"/$accname
echo "requester:" $accrequester
echo
}
##### user deletion #####
delete()
{
## am i root?
amiroot
accname=$1
echo "feature not yet implemented"
}
##### password reset #####
reset()
{
## am i root?
amiroot
accname=$1
echo "feature not yet implemented"
}
resetquota()
{
accname=$1
## reading configfile
source /etc/ftpsftp/ftpsftp.conf
## quota calc
ablocks=$(df | grep $quotamountpoint | awk '{print $2}')
gblocks=$(repquota $quotamountpoint | grep 000 | awk '{print $4}')
set -- $gblocks
quotacount=0
for var in "$@"
do
quotacount=$(($quotacount+$var))
done
gblocks=$quotacount
fblocks=$(($ablocks-$gblocks))
fsize=${fblocks:0:$((${#fblocks}-3))}
needaccquota="yes"
while [ $needaccquota = "yes" ]; do
echo "please specify how much diskspace this account should provide. (in megabytes)"
echo "maximum: $fsize"
read accquota
if [ -z "$accquota" ]; then
echo "this field is mandatory."
else
if [ $accquota -lt $fsize ]; then
needaccquota="notanymore"
else
echo "specified size too big or not a number. try again."
fi
fi
done
## set quota
accquota=$((accquota/1000*1024))
setquota --all -u $accname $accquota"000" $accquota"000" 0 0
}
##### logging #####
logging()
{
if [ $logging = 1 ]; then
echo $acctype $accname $accpass $accquota $accrequester $acctimestamp >> /var/log/ftpsftp/accounts.log
fi
}
##### mail notification #####
#mailnotification()
#{
#
#if [ $maillog = 1 ]; then
# echo "mail notification is not yet implemented"
#fi
#
#}
##### processing options #####
while getopts "h,i,a:,d:,r:,q:,u,v" OPTION; do
case $OPTION in
h)
usage
exit 0
;;
i)
installation
exit 0
;;
a)
name=$OPTARG
run="yes"
while [ $run = "yes" ]; do
add $name
echo "do you want to create another user? (yes/no)"
read run
if [[ $run = "yes" ]] || [[ $run = "y" ]]; then
echo "specify account name"
read name
run="yes"
fi
done
exit 0
;;
d)
rmuser=$OPTARG
delete $rmuser
exit 0
;;
r)
rpuser=$OPTARG
reset $rpuser
exit 0
;;
q)
squser=$OPTARG
resetquota $squser
exit 0
;;
u)
update
exit 0
;;
v)
version
exit 0
;;
?)
usage
exit 1
;;
esac
done
## print usage message if no option is given
if [ -z $1 ]; then
usage
exit 1
fi
## end of script
exit 0
View Git Blame Copy Permalink