From 6fa07b3149688af1d12c16e40340875d357ee64e Mon Sep 17 00:00:00 2001 From: tituspijean Date: Sun, 20 Mar 2022 19:38:17 +0100 Subject: [PATCH] Add SSH and SFTP access settings --- config_panel.toml | 19 ++++++++++++ scripts/_common.sh | 35 ++++++++++++++++++++++ scripts/config | 72 ++++++++++++++++++++++++++++++++++++++++++++++ scripts/install | 2 ++ scripts/upgrade | 9 ++++++ 5 files changed, 137 insertions(+) create mode 100644 config_panel.toml create mode 100644 scripts/config diff --git a/config_panel.toml b/config_panel.toml new file mode 100644 index 0000000..2b1a213 --- /dev/null +++ b/config_panel.toml @@ -0,0 +1,19 @@ +version = "1.0" + +[main] +name = "Grav configuration" + + [main.sftp] + name = "SSH and SFTP access" + + [main.sftp.with_sftp] + ask = "Do you need an SSH and SFTP access?" + type = "boolean" + default = false + + [main.sftp.password] + ask = "Set a password for the SSH and SFTP access" + type = "password" + optional = true + visible = "with_sftp" + help = "If a password already exists, leave blank and it will not be replaced." diff --git a/scripts/_common.sh b/scripts/_common.sh index f10bf59..51e19ec 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -13,3 +13,38 @@ pkg_dependencies="php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-mbstring php${ #================================================= # EXPERIMENTAL HELPERS #================================================= + +ynh_system_user_add_group() { + # Declare an array to define the options of this helper. + local legacy_args=uhs + local -A args_array=([u]=username= [g]=groups=) + local username + local groups + + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + groups="${groups:-}" + + local group + for group in $groups; do + usermod -a -G "$group" "$username" + done +} + + +ynh_system_user_del_group() { + # Declare an array to define the options of this helper. + local legacy_args=uhs + local -A args_array=([u]=username= [g]=groups=) + local username + local groups + + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + groups="${groups:-}" + + local group + for group in $groups; do + gpasswd -d "$username" "$group" + done +} diff --git a/scripts/config b/scripts/config new file mode 100644 index 0000000..756c326 --- /dev/null +++ b/scripts/config @@ -0,0 +1,72 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +final_path=$(ynh_app_setting_get $app final_path) + +#================================================= +# SPECIFIC GETTERS FOR TOML SHORT KEY +#================================================= + +#================================================= +# SPECIFIC VALIDATORS FOR TOML SHORT KEYS +#================================================= + +#================================================= +# SPECIFIC SETTERS FOR TOML SHORT KEYS +#================================================= + +set__password() { + if [ "$password" == "" ] + then + ynh_app_setting_set --app=$app --key=password --value="$password" + fi +} + +#================================================= +# GENERIC FINALIZATION +#================================================= + +ynh_app_config_validate() { + _ynh_app_config_validate + + if [ "${changed[with_sftp]}" == "true" ] && [ $with_sftp -eq 1 ] && [ "$password" == "" ] + then + ynh_die --message="You need to set a password to enable SSH and SFTP" + fi +} + +ynh_app_config_apply() { + _ynh_app_config_apply + + if [ "${changed[with_sftp]}" == "true" ] && [ $with_sftp -eq 1 ] + then + ynh_system_user_add_group --username=$app --groups="sftp.app ssh.app" + usermod --shell /bin/bash $app + + if [ ! "$password" == "" ] + then + chpasswd <<< "${app}:${password}" + fi + elif [ "${changed[with_sftp]}" == "true" ] && [ $with_sftp -eq 0 ] + then + ynh_system_user_del_group --username=$app --groups="sftp.app ssh.app" + usermod --shel /usr/sbin/nologin $app + fi + +} + +ynh_app_config_run $1 diff --git a/scripts/install b/scripts/install index c34f502..87e836e 100644 --- a/scripts/install +++ b/scripts/install @@ -48,6 +48,8 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=language --value=$language +ynh_app_setting_set --app=$app --key=with_sftp --value="false" +ynh_app_setting_set --app=$app --key=password --value=$(ynh_string_random) #================================================= # INSTALL DEPENDENCIES diff --git a/scripts/upgrade b/scripts/upgrade index c997485..7aed40a 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -25,6 +25,9 @@ language=$(ynh_app_setting_get --app=$app --key=language) fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) +with_sftp=$(ynh_app_setting_get --app=$app --key=with_sftp) +password=$(ynh_app_setting_get --app=$app --key=password) + #================================================= # CHECK VERSION #================================================= @@ -79,6 +82,12 @@ if [ -z "$fpm_usage" ]; then ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage fi +# If with_sftp or password don't exist, create them +if [ -z "$with_sftp" ] || [ -z "$password" ]; then + ynh_app_setting_set --app=$app --key=with_sftp --value="false" + ynh_app_setting_set --app=$app --key=password --value=$(ynh_string_random) +fi + #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #=================================================