| 1 | #!/bin/bash |
| 2 | # wulftp-user - Manage wulftp backup users |
| 3 | |
| 4 | set -e |
| 5 | |
| 6 | ACTION=$1 |
| 7 | USERNAME=$2 |
| 8 | |
| 9 | create_user() { |
| 10 | if id "$USERNAME" &>/dev/null; then |
| 11 | echo "User $USERNAME already exists" |
| 12 | exit 1 |
| 13 | fi |
| 14 | |
| 15 | # Create user |
| 16 | useradd -m -d /home/$USERNAME -s /usr/sbin/nologin -G backup $USERNAME |
| 17 | |
| 18 | # Create backup directories |
| 19 | mkdir -p /srv/backups/$USERNAME/{devices,shared} |
| 20 | chown root:root /srv/backups/$USERNAME |
| 21 | chmod 755 /srv/backups/$USERNAME |
| 22 | |
| 23 | chown $USERNAME:backup /srv/backups/$USERNAME/{devices,shared} |
| 24 | chmod 750 /srv/backups/$USERNAME/{devices,shared} |
| 25 | |
| 26 | # Setup SSH key |
| 27 | mkdir -p /home/$USERNAME/.ssh |
| 28 | touch /home/$USERNAME/.ssh/authorized_keys |
| 29 | chown -R $USERNAME:$USERNAME /home/$USERNAME/.ssh |
| 30 | chmod 700 /home/$USERNAME/.ssh |
| 31 | chmod 600 /home/$USERNAME/.ssh/authorized_keys |
| 32 | |
| 33 | echo "User $USERNAME created. Add their SSH public key to:" |
| 34 | echo "/home/$USERNAME/.ssh/authorized_keys" |
| 35 | } |
| 36 | |
| 37 | delete_user() { |
| 38 | read -p "Delete user $USERNAME and all their backups? [y/N] " -n 1 -r |
| 39 | echo |
| 40 | if [[ $REPLY =~ ^[Yy]$ ]]; then |
| 41 | userdel $USERNAME |
| 42 | rm -rf /home/$USERNAME |
| 43 | # Keep backups by default, uncomment to delete: |
| 44 | # rm -rf /srv/backups/$USERNAME |
| 45 | echo "User $USERNAME deleted (backups preserved)" |
| 46 | fi |
| 47 | } |
| 48 | |
| 49 | case $ACTION in |
| 50 | create) |
| 51 | create_user |
| 52 | ;; |
| 53 | delete) |
| 54 | delete_user |
| 55 | ;; |
| 56 | *) |
| 57 | echo "Usage: $0 {create|delete} username" |
| 58 | exit 1 |
| 59 | ;; |
| 60 | esac |