tenseleyflow/ndotfiles / 0cf6d3c

+#!/bin/bash

+# wulftp-user - Manage wulftp backup users

+

+set -e

+

+ACTION=$1

+USERNAME=$2

+

+create_user() {

+    if id "$USERNAME" &>/dev/null; then

+        echo "User $USERNAME already exists"

+        exit 1

+    fi

+

+    # Create user

+    useradd -m -d /home/$USERNAME -s /usr/sbin/nologin -G backup $USERNAME

+

+    # Create backup directories

+    mkdir -p /srv/backups/$USERNAME/{devices,shared}

+    chown root:root /srv/backups/$USERNAME

+    chmod 755 /srv/backups/$USERNAME

+

+    chown $USERNAME:backup /srv/backups/$USERNAME/{devices,shared}

+    chmod 750 /srv/backups/$USERNAME/{devices,shared}

+

+    # Setup SSH key

+    mkdir -p /home/$USERNAME/.ssh

+    touch /home/$USERNAME/.ssh/authorized_keys

+    chown -R $USERNAME:$USERNAME /home/$USERNAME/.ssh

+    chmod 700 /home/$USERNAME/.ssh

+    chmod 600 /home/$USERNAME/.ssh/authorized_keys

+

+    echo "User $USERNAME created. Add their SSH public key to:"

+    echo "/home/$USERNAME/.ssh/authorized_keys"

+}

+

+delete_user() {

+    read -p "Delete user $USERNAME and all their backups? [y/N] " -n 1 -r

+    echo

+    if [[ $REPLY =~ ^[Yy]$ ]]; then

+        userdel $USERNAME

+        rm -rf /home/$USERNAME

+        # Keep backups by default, uncomment to delete:

+        # rm -rf /srv/backups/$USERNAME

+        echo "User $USERNAME deleted (backups preserved)"

+    fi

+}

+

+case $ACTION in

+    create)

+        create_user

+        ;;

+    delete)

+        delete_user

+        ;;

+    *)

+        echo "Usage: $0 {create|delete} username"

+        exit 1

+        ;;

+esac