Merge branch 'shellcheck-web-add' of evolix/evoadmin-web into master

This commit is contained in:
Benoît S. 2018-11-07 15:44:47 +01:00 committed by Gitea
commit 872f1532d5
1 changed files with 193 additions and 162 deletions

View File

@ -52,6 +52,7 @@ PHP_VERSIONS=()
# Utiliser ce fichier pour redefinir la valeur des variables ci-dessus
config_file="/etc/evolinux/web-add.conf"
# shellcheck source=/etc/evolinux/web-add.conf
[ -r $config_file ] && . $config_file
usage() {
@ -148,12 +149,12 @@ validate_login() {
length=${#login}
if [ $length -lt 3 ]; then
if [ "$length" -lt 3 ]; then
in_error "Le login doit contenir plus de 2 caracteres"
return 1
fi
if [ $length -gt $MAX_LOGIN_CHAR ]; then
if [ "$length" -gt $MAX_LOGIN_CHAR ]; then
in_error "Le login ne doit pas contenir plus de $MAX_LOGIN_CHAR caracteres"
return 1
fi
@ -163,7 +164,7 @@ validate_passwd() {
passwd=$1
length=${#passwd}
if [ $length -lt 6 ] && [ $length -gt 0 ]; then
if [ "$length" -lt 6 ] && [ "$length" -gt 0 ]; then
in_error "Le mot de passe doit avoir au moins 6 caracteres"
return 1
fi
@ -192,19 +193,19 @@ validate_mail() {
validate_phpversion() {
php_version="$1"
if [[ ! " ${PHP_VERSIONS[@]} " =~ " ${php_version} " ]]; then
if [[ ! " ${PHP_VERSIONS[*]} " =~ ${php_version} ]]; then
in_error "Version de PHP incorrecte."
return 1
fi
}
validate_quota() {
quota_soft=$(echo $1 |cut -f 1 -d:)
quota_hard=$(echo $1 |cut -f 2 -d:)
quota_soft=$(echo "$1" |cut -f 1 -d:)
quota_hard=$(echo "$1" |cut -f 2 -d:)
if [ -z "$quota_soft" ] || [ -z "$quota_hard" ]; then
in_error "Le quota soft et le quota hard doivent être spécifiés sous la forme <quota soft>:<quota hard>."
return 1
elif [ $quota_soft -gt $quota_hard ]; then
elif [ "$quota_soft" -gt "$quota_hard" ]; then
in_error "Le quota hard doit être plus grand que le quota soft."
return 1
fi
@ -228,6 +229,7 @@ create_www_account() {
############################################################################
if [ -f $PRE_LOCAL_SCRIPT ]; then
# shellcheck source=/usr/share/scripts/evoadmin/web-add.pre-local.sh
source $PRE_LOCAL_SCRIPT
fi
@ -246,46 +248,61 @@ create_www_account() {
return 1
fi
############################################################################
# Create user and force UID / GID if specified
/usr/sbin/adduser \
--gecos "User $in_login" \
--disabled-password \
"$in_login" \
--shell /bin/bash \
${in_uid:+'--uid' "$in_uid"} \
${in_gid:+'--gid' "$in_gid"} \
--force-badname \
--home "$HOME_DIR_USER" >/dev/null
[ -z "$in_sshkey" ] \
&& echo "$in_login:$in_passwd" | chpasswd --md5
[ -z "$in_sshkey" ] \
|| [ -n "$HOME_DIR_USER" ] \
&& mkdir "$HOME_DIR_USER/.ssh" \
&& echo "$in_sshkey" > "$HOME_DIR_USER/.ssh/authorized_keys" \
&& chmod -R u=rwX,g=,o= "$HOME_DIR_USER/.ssh/authorized_keys" \
&& chown -R "$in_login":"$in_login" "$HOME_DIR_USER/.ssh"
# Force UID GID if specified
[ -n "$in_uid" ] && OPT_UID="--uid" && OPT_UID_ARG="$in_uid"
[ -n "$in_gid" ] && OPT_GID="--gid" && OPT_GID_ARG="$in_gid"
[ -n "$in_wwwuid" ] && OPT_WWWUID="--uid" && OPT_WWWUID_ARG="$in_wwwuid"
############################################################################
/usr/sbin/adduser --gecos "User $in_login" --disabled-password "$in_login" --shell /bin/bash $OPT_UID $OPT_UID_ARG --force-badname --home "$HOME_DIR_USER" >/dev/null
[ -z "$in_sshkey" ] && echo "$in_login:$in_passwd" | chpasswd --md5
[ -z "$in_sshkey" ] || [ -n "$HOME_DIR_USER" ] && mkdir "$HOME_DIR_USER/.ssh" && echo "$in_sshkey" > "$HOME_DIR_USER/.ssh/authorized_keys" \
&& chmod -R u=rwX,g=,o= "$HOME_DIR_USER/.ssh/authorized_keys" && chown -R "$in_login":"$in_login" "$HOME_DIR_USER/.ssh"
if [ "$WEB_SERVER" == "apache" ]; then
/usr/sbin/adduser --disabled-password --home $HOME_DIR_USER/www \
--no-create-home --shell /bin/false --gecos "WWW $in_login" www-$in_login $OPT_WWWUID $OPT_WWWUID_ARG --ingroup $in_login --force-badname >/dev/null
if [ "$WEB_SERVER" == "apache" ]; then
# Create www user and force UID if specified
/usr/sbin/adduser \
--gecos "WWW $in_login" \
--disabled-password \
www-"$in_login" \
--shell /bin/false \
${in_wwwuid:+'--uid' "$in_wwwuid"} \
--ingroup "$in_login" \
--force-badname \
--home "$HOME_DIR_USER"/www \
--no-create-home > /dev/null
elif [ "$WEB_SERVER" == "nginx" ]; then
# Adding user www-data to group $in_login.
# And primary group www-data for $in_login.
adduser www-data $in_login
usermod -g www-data $in_login
adduser www-data "$in_login"
usermod -g www-data "$in_login"
fi
# Get uid/gid for newly created accounts
uid=$(id -u $in_login)
gid=$(id -g $in_login)
www_uid=$(id -u www-$in_login)
uid=$(id -u "$in_login")
gid=$(id -g "$in_login")
www_uid=$(id -u www-"$in_login")
# Create users inside all containers
for php_version in ${PHP_VERSIONS[@]}; do
lxc-attach -n php${php_version} -- /usr/sbin/addgroup "$in_login" --gid $gid --force-badname >/dev/null
lxc-attach -n php${php_version} -- /usr/sbin/adduser --gecos "User $in_login" --disabled-password "$in_login" --shell /bin/bash --uid $uid --gid $gid --force-badname --home "$HOME_DIR_USER" >/dev/null
lxc-attach -n php${php_version} -- [ -z "$in_sshkey" ] && echo "$in_login:$in_passwd" | chpasswd --md5
lxc-attach -n php${php_version} -- /usr/sbin/adduser --disabled-password --home $HOME_DIR_USER/www --no-create-home --shell /bin/false --gecos "WWW $in_login" www-$in_login --uid $www_uid --ingroup $in_login --force-badname >/dev/null
for php_version in "${PHP_VERSIONS[@]}"; do
lxc-attach -n php"${php_version}" -- /usr/sbin/addgroup "$in_login" --gid "$gid" --force-badname >/dev/null
lxc-attach -n php"${php_version}" -- /usr/sbin/adduser --gecos "User $in_login" --disabled-password "$in_login" --shell /bin/bash --uid "$uid" --gid "$gid" --force-badname --home "$HOME_DIR_USER" >/dev/null
lxc-attach -n php"${php_version}" -- [ -z "$in_sshkey" ] && echo "$in_login:$in_passwd" | chpasswd --md5
lxc-attach -n php"${php_version}" -- /usr/sbin/adduser --disabled-password --home "$HOME_DIR_USER"/www --no-create-home --shell /bin/false --gecos "WWW $in_login" www-"$in_login" --uid "$www_uid" --ingroup "$in_login" --force-badname >/dev/null
done
if grep -qE '^AllowGroups' /etc/ssh/sshd_config; then
if ! grep -qE "^AllowGroups(\s+\S+)*(\s+$SSH_GROUP)" /etc/ssh/sshd_config; then
if ! grep -qE "^AllowGroups(\\s+\\S+)*(\\s+$SSH_GROUP)" /etc/ssh/sshd_config; then
sed -i "s/^AllowGroups .*/& $SSH_GROUP/" /etc/ssh/sshd_config
groupadd --force $SSH_GROUP
fi
@ -311,49 +328,49 @@ create_www_account() {
############################################################################
chmod 750 $HOME_DIR_USER/
chmod 750 "$HOME_DIR_USER"/
# Répertoires par défaut
mkdir -p $HOME_DIR_USER/{log,www,awstats}
chown $in_login:$in_login $HOME_DIR_USER/www
chgrp $in_login $HOME_DIR_USER/{log,awstats}
chmod 750 $HOME_DIR_USER/{log,www,awstats}
mkdir -p "$HOME_DIR_USER"/{log,www,awstats}
chown "$in_login":"$in_login" "$HOME_DIR_USER"/www
chgrp "$in_login" "$HOME_DIR_USER"/{log,awstats}
chmod 750 "$HOME_DIR_USER"/{log,www,awstats}
# Ajout des logs par defaut
touch $HOME_DIR_USER/log/access.log
touch $HOME_DIR_USER/log/error.log
touch $HOME_DIR_USER/log/php.log
chgrp $in_login $HOME_DIR_USER/log/access.log
chgrp $in_login $HOME_DIR_USER/log/error.log
touch "$HOME_DIR_USER"/log/access.log
touch "$HOME_DIR_USER"/log/error.log
touch "$HOME_DIR_USER"/log/php.log
chgrp "$in_login" "$HOME_DIR_USER"/log/access.log
chgrp "$in_login" "$HOME_DIR_USER"/log/error.log
if [ "$WEB_SERVER" == "apache" ]; then
chown www-$in_login:$in_login $HOME_DIR_USER/log/php.log
chown www-"$in_login":"$in_login" "$HOME_DIR_USER"/log/php.log
fi
# There is no php.log for nginx ATM, it will go in error.log.
chmod 640 $HOME_DIR_USER/log/access.log
chmod 640 $HOME_DIR_USER/log/error.log
chmod 640 $HOME_DIR_USER/log/php.log
chmod 640 "$HOME_DIR_USER"/log/access.log
chmod 640 "$HOME_DIR_USER"/log/error.log
chmod 640 "$HOME_DIR_USER"/log/php.log
step_ok "Création du répertoire personnel"
############################################################################
if [ -n "$in_quota" ]; then
quota_soft=$(($(echo $in_quota |cut -f 1 -d:) * 1024 * 1024))
quota_hard=$(($(echo $in_quota |cut -f 2 -d:) * 1024 * 1024))
setquota --remote --user $in_login $quota_soft $quota_hard 0 0 /home
quota_soft=$(($(echo "$in_quota" |cut -f 1 -d:) * 1024 * 1024))
quota_hard=$(($(echo "$in_quota" |cut -f 2 -d:) * 1024 * 1024))
setquota --remote --user "$in_login" $quota_soft $quota_hard 0 0 /home
fi
############################################################################
# Create FPM pool on all containers.
for php_version in ${PHP_VERSIONS[@]}; do
for php_version in "${PHP_VERSIONS[@]}"; do
if [ "$php_version" = "70" ]; then
pool_path="/etc/php/7.0/fpm/pool.d/"
else
pool_path="/etc/php5/fpm/pool.d/"
fi
phpfpm_socket_path="/home/${in_login}/php-fpm${php_version}.sock"
cat <<EOT >/var/lib/lxc/php${php_version}/rootfs/${pool_path}/${in_login}.conf
cat <<EOT >/var/lib/lxc/php"${php_version}"/rootfs/${pool_path}/"${in_login}".conf
[${in_login}]
user = ${in_login}
group = ${in_login}
@ -374,42 +391,41 @@ EOT
random=$RANDOM
if [ "$WEB_SERVER" == "apache" ]; then
vhostfile="/etc/apache2/sites-available/${in_login}.conf"
cat $TPL_VHOST | \
sed -e "s/XXX/$in_login/g ; s/SERVERNAME/$in_wwwdomain/ ; s/RANDOM/$random/ ; s#HOME_DIR#$HOME_DIR#" >$vhostfile
sed -e "s/XXX/$in_login/g ; s/SERVERNAME/$in_wwwdomain/ ; s/RANDOM/$random/ ; s#HOME_DIR#$HOME_DIR#" < $TPL_VHOST > "$vhostfile"
if [ ${#PHP_VERSIONS[@]} -gt 0 ]; then
phpfpm_socket_path="/home/${in_login}/php-fpm${in_phpversion}.sock"
cat <<EOT >>$vhostfile
cat <<EOT >>"$vhostfile"
<Proxy "unix:${phpfpm_socket_path}|fcgi://localhost/" timeout=300>
</Proxy>
<FilesMatch "\.php$">
<FilesMatch "\\.php$">
SetHandler proxy:unix:${phpfpm_socket_path}|fcgi://localhost/
</FilesMatch>
</VirtualHost>
EOT
else
cat <<EOT >>$vhostfile
cat <<EOT >>"$vhostfile"
</VirtualHost>
EOT
fi
# On active aussi example.com si domaine commence par "www." comme www.example
if echo $in_wwwdomain | grep '^www.' > /dev/null; then
subweb=`echo $in_wwwdomain | sed -e "s/www.//"`
sed -i -e "s/^\(.*\)#\(ServerAlias\).*$/\1\2 $subweb/" $vhostfile
if echo "$in_wwwdomain" | grep '^www.' > /dev/null; then
subweb="${in_wwwdomain#www.}"
sed -i -e "s/^\\(.*\\)#\\(ServerAlias\\).*$/\\1\\2 $subweb/" "$vhostfile"
fi
a2ensite $in_login >/dev/null
a2ensite "$in_login" >/dev/null
step_ok "Configuration d'Apache"
elif [ "$WEB_SERVER" == "nginx" ]; then
cat $TPL_VHOST | \
sed -e "
s/DOMAIN/${in_wwwdomain}/g;
s/LOGIN/${in_login}/g;" > ${VHOST_PATH}/$in_login
ln -s /etc/nginx/sites-available/$in_login \
/etc/nginx/sites-enabled/$in_login
sed -e \
"s/DOMAIN/${in_wwwdomain}/g; s/LOGIN/${in_login}/g;" \
< "$TPL_VHOST" \
> ${VHOST_PATH}/"$in_login"
ln -s /etc/nginx/sites-available/"$in_login" \
/etc/nginx/sites-enabled/"$in_login"
/etc/init.d/nginx restart
@ -417,23 +433,22 @@ EOT
############################################################################
cat $TPL_FPM | \
sed -e "s/SED_LOGIN/${in_login}/g;" > ${FPM_PATH}/${in_login}.conf
sed -e "s/SED_LOGIN/${in_login}/g;" \
< $TPL_FPM > ${FPM_PATH}/"${in_login}".conf
step_ok "Creation du pool PHP-FPM"
############################################################################
fi
cat $TPL_AWSTATS | \
sed -e "s/XXX/$in_login/ ; s/SERVERNAME/$in_wwwdomain/ ; s#HOME_DIR#$HOME_DIR#" \
> /etc/awstats/awstats.$in_login.conf
chmod 644 /etc/awstats/awstats.$in_login.conf
sed -e "s/XXX/$in_login/ ; s/SERVERNAME/$in_wwwdomain/ ; s#HOME_DIR#$HOME_DIR#" \
< $TPL_AWSTATS > /etc/awstats/awstats."$in_login".conf
chmod 644 /etc/awstats/awstats."$in_login".conf
VAR=`grep -v "^#" /etc/cron.d/awstats |tail -1 | cut -d " " -f1`
if [ "$VAR" = "" ] || [ $VAR -ge 59 ]; then
VAR=$(grep -v "^#" /etc/cron.d/awstats |tail -1 | cut -d " " -f1)
if [ "$VAR" = "" ] || [ "$VAR" -ge 59 ]; then
VAR=1
else
VAR=$(($VAR +1))
VAR=$((VAR +1))
fi
echo "$VAR * * * * root umask 033; [ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.$in_login.conf -a -r $HOME_DIR_USER/log/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=$in_login -update >/dev/null" >> /etc/cron.d/awstats
@ -448,7 +463,7 @@ EOT
echo "FLUSH PRIVILEGES;" | mysql $MYSQL_OPTS
my_cnf_file="$HOME_DIR_USER/.my.cnf"
cat >$my_cnf_file <<-EOT
cat > "$my_cnf_file" <<-EOT
[client]
user = $in_login
password = "$in_dbpasswd"
@ -456,8 +471,8 @@ password = "$in_dbpasswd"
[mysql]
database = $in_dbname
EOT
chown $in_login $my_cnf_file
chmod 600 $my_cnf_file
chown "$in_login" "$my_cnf_file"
chmod 600 "$my_cnf_file"
step_ok "Création base de données et compte MySQL"
fi
@ -465,13 +480,28 @@ EOT
############################################################################
if [ "$in_dbname" ]; then
cat $TPL_MAIL | \
sed -e "s/LOGIN/$in_login/g ; s/SERVERNAME/$in_wwwdomain/ ; s/PASSE1/$in_passwd/ ; s/PASSE2/$in_dbpasswd/ ; s/RANDOM/$random/ ; s/QUOTA/$quota/ ; s/RCPTTO/$in_mail/ ; s/DBNAME/$in_dbname/ ; s#HOME_DIR#$HOME_DIR#"| \
/usr/lib/sendmail -oi -t -f "$CONTACT_MAIL"
sed -e "
s/LOGIN/$in_login/g ;
s/SERVERNAME/$in_wwwdomain/ ;
s/PASSE1/$in_passwd/ ;
s/PASSE2/$in_dbpasswd/ ;
s/RANDOM/$random/ ;
s/QUOTA/$quota/ ;
s/RCPTTO/$in_mail/ ;
s/DBNAME/$in_dbname/ ;
s#HOME_DIR#$HOME_DIR#" \
< $TPL_MAIL | /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL"
else
cat $TPL_MAIL | \
sed -e "s/LOGIN/$in_login/g ; s/SERVERNAME/$in_wwwdomain/ ; s/PASSE1/$in_passwd/ ; s/RANDOM/$random/ ; s/QUOTA/$quota/ ; s/RCPTTO/$in_mail/ ; s#HOME_DIR#$HOME_DIR# ; 39,58d"| \
/usr/lib/sendmail -oi -t -f "$CONTACT_MAIL"
sed -e "
s/LOGIN/$in_login/g ;
s/SERVERNAME/$in_wwwdomain/ ;
s/PASSE1/$in_passwd/ ;
s/RANDOM/$random/ ;
s/QUOTA/$quota/ ;
s/RCPTTO/$in_mail/ ;
s#HOME_DIR#$HOME_DIR# ;
39,58d" \
< $TPL_MAIL | /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL"
fi
step_ok "Envoi du mail récapitulatif"
@ -479,6 +509,7 @@ EOT
############################################################################
if [ -f $LOCAL_SCRIPT ]; then
# shellcheck source=/usr/share/scripts/evoadmin/web-add.local.sh
source $LOCAL_SCRIPT
fi
@ -489,7 +520,7 @@ EOT
if [ "$WEB_SERVER" == "apache" ]; then
apache2ctl configtest 2>/dev/null
/etc/init.d/apache2 force-reload >/dev/null
for php_version in ${PHP_VERSIONS[@]}; do
for php_version in "${PHP_VERSIONS[@]}"; do
if [ "$php_version" = "70" ]; then
initscript_path="/etc/init.d/php7.0-fpm"
binary="php-fpm7.0"
@ -497,8 +528,8 @@ EOT
initscript_path="/etc/init.d/php5-fpm"
binary="php5-fpm"
fi
lxc-attach -n php${php_version} -- $binary --test >/dev/null
lxc-attach -n php${php_version} -- $initscript_path restart >/dev/null
lxc-attach -n php"${php_version}" -- $binary --test >/dev/null
lxc-attach -n php"${php_version}" -- $initscript_path restart >/dev/null
step_ok "Rechargement de php-fpm dans php${php_version}"
done
@ -508,8 +539,8 @@ EOT
############################################################################
if [ "$WEB_SERVER" == "nginx" ]; then
fpm_status=$(echo -n $in_login | md5sum | cut -d' ' -f1)
cat <<EOT> /etc/munin/plugin-conf.d/phpfpm_${in_login}_
fpm_status=$(echo -n "$in_login" | md5sum | cut -d' ' -f1)
cat <<EOT> /etc/munin/plugin-conf.d/phpfpm_"${in_login}"_
[phpfpm_${in_login}_*]
env.url http://munin:%d/fpm_status_$fpm_status
@ -519,7 +550,7 @@ env.phppool $in_login
EOT
for name in average connections memory processes status; do
ln -s /usr/local/share/munin/plugins/phpfpm_${name} \
/etc/munin/plugins/phpfpm_${in_login}_${name}
/etc/munin/plugins/phpfpm_"${in_login}"_${name}
done
cat <<EOT>> /etc/nginx/evolinux.d/munin-plugins.conf
@ -533,7 +564,7 @@ location ~ ^/fpm_status_${fpm_status}$ {
}
EOT
sed -i "s#SED_STATUS#/fpm_status_${fpm_status}#" \
${FPM_PATH}/${in_login}.conf
${FPM_PATH}/"${in_login}".conf
/etc/init.d/nginx reload
/etc/init.d/${FPM_SERVICE_NAME} reload
/etc/init.d/munin-node restart
@ -558,17 +589,17 @@ op_del() {
fi
echo "Deleting account $login. Continue ?"
read
read -r
set -x
userdel $login
userdel "$login"
if [ "$WEB_SERVER" == "apache" ]; then
userdel www-$login
userdel www-"$login"
fi
groupdel $login
for php_version in ${PHP_VERSIONS[@]}; do
lxc-attach -n php${php_version} -- userdel -f $login
lxc-attach -n php${php_version} -- userdel -f www-$login
groupdel "$login"
for php_version in "${PHP_VERSIONS[@]}"; do
lxc-attach -n php"${php_version}" -- userdel -f "$login"
lxc-attach -n php"${php_version}" -- userdel -f www-"$login"
done
sed -i.bak "/^$login:/d" /etc/aliases
if [ "$WEB_SERVER" == "apache" ]; then
@ -581,18 +612,18 @@ op_del() {
fi
if [ -d "$HOME_DIR/$login" ]; then
mv -i $HOME_DIR/$login $HOME_DIR/$login.`date '+%Y%m%d-%H%M%S'`.bak
mv -i $HOME_DIR/"$login" $HOME_DIR/"$login"."$(date '+%Y%m%d-%H%M%S')".bak
else
echo "warning : $HOME_DIR/$login does not exist"
fi
if [ "$WEB_SERVER" == "apache" ]; then
a2dissite $login
rm /etc/apache2/sites-available/$login.conf
rm /etc/awstats/awstats.$login.conf
a2dissite "$login"
rm /etc/apache2/sites-available/"$login.conf"
rm /etc/awstats/awstats."$login.conf"
sed -i.bak "/-config=$login /d" /etc/cron.d/awstats
apache2ctl configtest
for php_version in ${PHP_VERSIONS[@]}; do
for php_version in "${PHP_VERSIONS[@]}"; do
if [ "$php_version" = "70" ]; then
phpfpm_dir="/etc/php5/fpm/pool.d/"
initscript_path="/etc/init.d/php7.0-fpm"
@ -600,14 +631,14 @@ op_del() {
phpfpm_dir="/etc/php/7.0/fpm/pool.d/"
initscript_path="/etc/init.d/php5-fpm"
fi
rm /var/lib/lxc/php${php_version}/rootfs/${phpfpm_dir}/${login}.conf
lxc-attach -n php${php_version} -- $initscript_path restart >/dev/null
rm /var/lib/lxc/php"${php_version}"/rootfs/${phpfpm_dir}/"${login}".conf
lxc-attach -n php"${php_version}" -- $initscript_path restart >/dev/null
done
elif [ "$WEB_SERVER" == "nginx" ]; then
rm /etc/nginx/sites-{available,enabled}/$login
rm /etc/awstats/awstats.$login.conf
rm /etc/munin/plugins/phpfpm_${in_login}*
rm /etc/nginx/sites-{available,enabled}/"$login"
rm /etc/awstats/awstats."$login.conf"
rm /etc/munin/plugins/phpfpm_"${in_login}"*
sed -i.bak "/-config=$login/d" /etc/cron.d/awstats
nginx -t
fi
@ -615,7 +646,7 @@ op_del() {
if [ -n "$dbname" ]; then
echo "Deleting mysql DATABASE $dbname and mysql user $login. Continue ?"
read
read -r
set -x
echo "DROP DATABASE $dbname; delete from mysql.user where user='$login' ; FLUSH PRIVILEGES;" | mysql $MYSQL_OPTS
@ -631,10 +662,10 @@ op_setphpversion() {
login="$1"
phpversion="$2"
validate_phpversion $phpversion
validate_phpversion "$phpversion"
sed -i "s#^\( \+SetHandler proxy:unix:/home/.*/php-fpm\)..\(\.sock\)#\1${phpversion}\2#" /etc/apache2/sites-available/${login}.conf
sed -i "s#^\( \+<Proxy .*unix:/home/.*/php-fpm\)..\(\.sock\)#\1${phpversion}\2#" /etc/apache2/sites-available/${login}.conf
sed -i "s#^\\( \\+SetHandler proxy:unix:/home/.*/php-fpm\\)..\\(\\.sock\\)#\\1${phpversion}\\2#" /etc/apache2/sites-available/"${login}".conf
sed -i "s#^\\( \\+<Proxy .*unix:/home/.*/php-fpm\\)..\\(\\.sock\\)#\\1${phpversion}\\2#" /etc/apache2/sites-available/"${login}".conf
/etc/init.d/apache2 force-reload >/dev/null
DATE=$(date +"%Y-%m-%d")
@ -649,11 +680,11 @@ op_setquota() {
login="$1"
quota="$2"
validate_quota $quota
validate_quota "$quota"
quota_soft=$(($(echo $quota |cut -f 1 -d:) * 1024 * 1024))
quota_hard=$(($(echo $quota |cut -f 2 -d:) * 1024 * 1024))
setquota --remote --user $login $quota_soft $quota_hard 0 0 /home
quota_soft=$(($(echo "$quota" |cut -f 1 -d:) * 1024 * 1024))
quota_hard=$(($(echo "$quota" |cut -f 2 -d:) * 1024 * 1024))
setquota --remote --user "$login" $quota_soft $quota_hard 0 0 /home
DATE=$(date +"%Y-%m-%d")
echo "$DATE [web-add.sh] quota set to $quota for $login" >> /var/log/evolix.log
@ -671,25 +702,25 @@ arg_processing() {
case "$commandname" in
add)
op_add $*
op_add "$@"
;;
del)
op_del $*
op_del "$@"
;;
list-vhost)
op_listvhost $*
op_listvhost "$@"
;;
add-alias)
op_aliasadd $*
op_aliasadd "$@"
;;
del-alias)
op_aliasdel $*
op_aliasdel "$@"
;;
setphpversion)
op_setphpversion $*
op_setphpversion "$@"
;;
setquota)
op_setquota $*
op_setquota "$@"
;;
*)
usage
@ -707,24 +738,24 @@ op_listvhost() {
for configfile in $configlist; do
if [ -r "$configfile" ] && echo "$configfile" |grep -qvE "/(000-default|default-ssl)\.conf$"; then
servername=`awk '/^[[:space:]]*ServerName (.*)/ { print $2 }' $configfile | head -n 1`
serveraliases=`perl -ne 'print "$1 " if /^[[:space:]]*ServerAlias (.*)/' $configfile | head -n 1`
serveraliases=`echo $serveraliases | sed 's/ \+/,/g'`
userid=`awk '/^[[:space:]]*AssignUserID.*/ { print $3 }' $configfile | head -n 1`
if [ -r "$configfile" ] && echo "$configfile" |grep -qvE "/(000-default|default-ssl)\\.conf$"; then
servername="$(awk '/^[[:space:]]*ServerName (.*)/ { print $2 }' "$configfile" | head -n 1)"
serveraliases="$(perl -ne 'print "$1 " if /^[[:space:]]*ServerAlias (.*)/' "$configfile" | head -n 1)"
serveraliases="${serveraliases// \+/,}"
userid="$(awk '/^[[:space:]]*AssignUserID.*/ { print $3 }' "$configfile" | head -n 1)"
if [ -x /usr/bin/quota ]; then
size=$(quota --no-wrap --human-readable $userid |grep /home |awk '{print $2}')
quota_soft=$(quota --no-wrap --human-readable $userid |grep /home |awk '{print $3}')
quota_hard=$(quota --no-wrap --human-readable $userid |grep /home |awk '{print $4}')
size=$(quota --no-wrap --human-readable "$userid" |grep /home |awk '{print $2}')
quota_soft=$(quota --no-wrap --human-readable "$userid" |grep /home |awk '{print $3}')
quota_hard=$(quota --no-wrap --human-readable "$userid" |grep /home |awk '{print $4}')
fi
phpversion=$(perl -ne 'print $1 if (m!^\s+SetHandler proxy:unix:/home/.*/php-fpm(\d{2})\.sock!)' $configfile)
if [ -e /etc/apache2/sites-enabled/${userid}.conf ]; then
phpversion=$(perl -ne 'print $1 if (m!^\s+SetHandler proxy:unix:/home/.*/php-fpm(\d{2})\.sock!)' "$configfile")
if [ -e /etc/apache2/sites-enabled/"${userid}".conf ]; then
is_enabled=1
else
is_enabled=0
fi
if [ "$servername" ] && [ "$userid" ]; then
configid=`basename $configfile`
configid=$(basename "$configfile")
echo "$userid:$configid:$servername:$serveraliases:$size:$quota_soft:$quota_hard:$phpversion:$is_enabled"
fi
fi
@ -736,7 +767,7 @@ op_aliasadd() {
vhost="${1}.conf"
alias=$2
[ -f $VHOST_PATH/$vhost ] && sed -i -e "s/\(ServerName .*\)/\1\n\tServerAlias $alias/" $VHOST_PATH/$vhost --follow-symlinks
[ -f $VHOST_PATH/"$vhost" ] && sed -i -e "s/\\(ServerName .*\\)/\\1\\n\\tServerAlias $alias/" "$VHOST_PATH"/"$vhost" --follow-symlinks
apache2ctl configtest 2>/dev/null
/etc/init.d/apache2 force-reload >/dev/null
@ -750,7 +781,7 @@ op_aliasdel() {
vhost="${1}.conf"
alias=$2
[ -f $VHOST_PATH/$vhost ] && sed -i -e "/ServerAlias $alias/d" $VHOST_PATH/$vhost --follow-symlinks
[ -f $VHOST_PATH/"$vhost" ] && sed -i -e "/ServerAlias $alias/d" $VHOST_PATH/"$vhost" --follow-symlinks
apache2ctl configtest 2>/dev/null
/etc/init.d/apache2 force-reload >/dev/null
@ -771,7 +802,7 @@ op_add() {
until [ "$in_login" ]; do
echo -n "Entrez le login du nouveau compte : "
read tmp
read -r tmp
if validate_login "$tmp"; then
in_login="$tmp"
fi
@ -779,11 +810,11 @@ op_add() {
until [ "$in_passwd" ]; do
echo -n "Entrez le mot de passe FTP/SFTP/SSH (ou vide pour aleatoire) : "
read -s tmp
read -rs tmp
echo
if [ -z "$tmp" ]; then
tmp=`gen_random_passwd`
tmp=$(gen_random_passwd)
fi
if validate_passwd "$tmp"; then
@ -792,12 +823,12 @@ op_add() {
done
echo -n "Voulez-vous aussi un compte/base MySQL ? [Y|n] "
read confirm
read -r confirm
if [ "$confirm" != "n" ] && [ "$confirm" != "N" ]; then
until [ "$in_dbname" ]; do
echo -n "Entrez le nom de la base de donnees ($in_login par defaut) : "
read tmp
read -r tmp
if [ -z "$tmp" ]; then
tmp=$in_login
@ -810,11 +841,11 @@ op_add() {
until [ "$in_dbpasswd" ]; do
echo -n "Entrez le mot de passe MySQL (ou vide pour aleatoire) : "
read -s tmp
read -rs tmp
echo
if [ -z "$tmp" ]; then
tmp=`gen_random_passwd`
tmp=$(gen_random_passwd)
fi
if validate_passwd "$tmp"; then
@ -825,7 +856,7 @@ op_add() {
until [ "$in_wwwdomain" ]; do
echo -n "Entrez le nom de domaine web (ex: foo.example.com) : "
read tmp
read -r tmp
if validate_wwwdomain "$tmp"; then
in_wwwdomain="$tmp"
fi
@ -833,8 +864,8 @@ op_add() {
if [ ${#PHP_VERSIONS[@]} -gt 0 ]; then
until [ "$in_phpversion" ]; do
echo -n "Entrez la version de PHP désirée parmis ${PHP_VERSIONS[@]} : "
read tmp
echo -n "Entrez la version de PHP désirée parmis ${PHP_VERSIONS[*]} : "
read -r tmp
if validate_phpversion "$tmp"; then
in_phpversion="$tmp"
fi
@ -843,7 +874,7 @@ op_add() {
until [ "$in_mail" ]; do
echo -n "Entrez votre adresse mail pour recevoir le mail de creation ($CONTACT_MAIL par défaut) : "
read tmp
read -r tmp
if [ -z "$tmp" ]; then
tmp="$CONTACT_MAIL"
fi
@ -902,24 +933,24 @@ op_add() {
esac
done
shift $(($OPTIND - 1))
shift $((OPTIND - 1))
if [ $# -ne 2 ]; then
usage
exit 1
else
in_login=$1
in_wwwdomain=$2
validate_login $in_login || exit 1
[ -z "$in_passwd" ] && [ -z "$in_sshkey" ] && in_passwd=`gen_random_passwd`
[ -z "$in_sshkey" ] && ( validate_passwd $in_passwd || exit 1 )
[ -n "$in_dbname" ] && ( validate_dbname $in_dbname || exit 1 )
[ -z "$in_dbpasswd" ] && [ -n "$in_dbname" ] && in_dbpasswd=`gen_random_passwd`
[ -n "$in_dbname" ] && ( validate_passwd $in_dbpasswd || exit 1 )
validate_wwwdomain $in_wwwdomain || exit 1
validate_login "$in_login" || exit 1
[ -z "$in_passwd" ] && [ -z "$in_sshkey" ] && in_passwd=$(gen_random_passwd)
[ -z "$in_sshkey" ] && ( validate_passwd "$in_passwd" || exit 1 )
[ -n "$in_dbname" ] && ( validate_dbname "$in_dbname" || exit 1 )
[ -z "$in_dbpasswd" ] && [ -n "$in_dbname" ] && in_dbpasswd=$(gen_random_passwd)
[ -n "$in_dbname" ] && ( validate_passwd "$in_dbpasswd" || exit 1 )
validate_wwwdomain "$in_wwwdomain" || exit 1
[ -z "$in_mail" ] && in_mail=$CONTACT_MAIL
validate_mail $in_mail || exit 1
[ -n "$in_phpversion" ] && (validate_phpversion $in_phpversion || exit 1)
[ -n "$in_quota" ] && (validate_quota $in_quota || exit 1)
[ -n "$in_phpversion" ] && (validate_phpversion "$in_phpversion" || exit 1)
[ -n "$in_quota" ] && (validate_quota "$in_quota" || exit 1)
fi
fi
@ -942,7 +973,7 @@ op_add() {
if [ -z "$force_confirm" ]; then
echo -n "Confirmer la création ? [y/N] : "
read tmp
read -r tmp
echo
if [ "$tmp" != "y" ] && [ "$tmp" != "Y" ]; then
echo "Annulation..."
@ -958,4 +989,4 @@ op_add() {
}
# Point d'entrée
arg_processing $*
arg_processing "$@"