#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." --weight=2 # Correct user name # An unix user name can contains only :alnum: and . - _ # Replace all other characters by _ ssh_user=${ssh_user//[^[:alnum:].\-_]/_} ynh_app_setting_set --app="$app" --key=ssh_user --value="$ssh_user" if ynh_system_user_exists "$ssh_user"; then ynh_die "This user already exist!" fi if test -z "$password" && test -z "$pub_key"; then ynh_die "You can't left empty both password and public key. Please fill at least one of them." fi #================================================= # STANDARD MODIFICATIONS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=1 ynh_setup_source --dest_dir="$install_dir" mkdir -p "$data_dir/$ssh_user" #================================================= # SPECIFIC SETUP #================================================= # INSTALL QUOTAS SYSTEM #================================================= ynh_script_progression --message="Install quotas system" --weight=3 # https://github.com/maniackcrudelis/ssh_chroot/blob/master/unix_quotas/unix_quotas.sh if ! IS_PACKAGE_CHECK; then ( source "$install_dir/unix_quotas/unix_quotas.sh" quotas_install ) fi #================================================= # CONFIGURE FSTAB TO SUPPORT QUOTAS #================================================= ynh_script_progression --message="Configure fstab to support quotas" --weight=3 # https://github.com/maniackcrudelis/ssh_chroot/blob/master/unix_quotas/unix_quotas.sh # Set fstab if ! IS_PACKAGE_CHECK; then ( source "$install_dir/unix_quotas/unix_quotas.sh" quotas_find_mount_point "$user_dir" quotas_set_fstab "$quotas_mount_point" # Activate quotas quotas_activate "$quotas_mount_point" ) fi #================================================= # CREATE THE USER WITH CHROOT_MANAGER #================================================= ynh_script_progression --message="Create the user with Chroot_manager" --weight=5 chroot_manager_args=() if [ -n "$pub_key" ]; then chroot_manager_args+=( --sshkey "$pub_key" ) elif [ -n "$password" ]; then chroot_manager_args+=( --password "$password" ) fi if ! IS_PACKAGE_CHECK; then "$install_dir/chroot_manager.sh" adduser --name "$ssh_user" "${chroot_manager_args[@]}" --directory "$user_dir" --quota "$size" # Allow the user to use ssh adduser "$ssh_user" ssh.app fi #================================================= # ADD A LINK TO CHROOT_MANAGER #================================================= ln -sf "$install_dir/chroot_manager.sh" "$data_dir/chroot_manager" #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Set permissions to app files chown -R root: "$install_dir" #================================================= # DISCLAIMER #================================================= if grep --quiet "^AllowUsers" /etc/ssh/sshd_config; then ynh_print_warn "Be carreful, your ssh configuration contains an AllowUsers option." ynh_print_warn "You should probably add the user $ssh_user to this line." fi #================================================= # END OF SCRIPT #================================================= # Not really settings, but required for POST_INSTALL.md ynh_app_setting_set --app="$app" --key="domain" --value="$(yunohost domain list --json | jq -r '.["main"]')" ynh_app_setting_set --app="$app" --key="ssh_port" --value="$(grep "^Port " /etc/ssh/sshd_config | awk '{print $2}')" ynh_script_progression --message="Installation of $app completed" --last