publapi/utils/signup-script-template

41 lines
3.2 KiB
Plaintext
Raw Normal View History

2023-01-21 22:19:17 +05:30
#!/bin/bash
# Path: /var/publapi/users/{{username}}.sh
# This file is generated by PublAPI. Do not edit this file.
echo "E-Mail of {{username}} is {{email}}."
pass="$(tr -dc A-Za-z0-9 </dev/urandom | head -c 64)"
2023-01-21 22:19:17 +05:30
useradd -Um -s /bin/bash {{username}}
chmod 711 /home/{{username}}
printf "%s\n%s" "${pass}" "${pass}" | passwd {{username}}
echo "${pass}" > /home/{{username}}/pass
chmod 600 /home/{{username}}/pass
2023-01-23 14:42:50 +05:30
chown {{username}}:{{username}} /home/{{username}}/pass
2023-01-21 22:29:54 +05:30
usermod -aG users {{username}}
2023-01-21 22:19:17 +05:30
mkdir /home/{{username}}/.ssh
echo "{{sshkey}}" > /home/{{username}}/.ssh/authorized_keys
chmod 700 /home/{{username}}/.ssh
chmod 600 /home/{{username}}/.ssh/authorized_keys
2023-01-23 14:42:50 +05:30
chown -R {{username}}:{{username}} /home/{{username}}/.ssh
sed -i 's/REPLACEME/{{username}}/g' /home/{{username}}/{meta-info.toml,Caddyfile}
2023-01-21 22:19:17 +05:30
loginctl enable-linger {{username}}
mkdir /var/gemini/p.projectsegfau.lt/users/{{username}} && ln -s /var/gemini/p.projectsegfau.lt/users/{{username}} /home/{{username}}/public_gemini
2023-02-27 19:21:03 +05:30
chmod 755 /var/gemini/p.projectsegfau.lt/users/{{username}}
chown -R {{username}}:{{username}} /var/gemini/p.projectsegfau.lt/users/{{username}} /home/{{username}}/public_gemini
2023-01-21 22:19:17 +05:30
setquota -u {{username}} 20G 20G 0 0 /
2023-01-23 14:25:11 +05:30
a=$(curl -X POST "https://auth.p.projectsegfau.lt/api/v3/core/users/" -H "accept: application/json" -H "content-type: application/json" -H "Authorization: Bearer $(</root/pass/authentiktoken)" -d '{"username":"{{username}}","name":"{{username}}","is_active":true,"groups":["57fe5750-5ac6-46ff-95bc-298cbff0b340"],"email":"{{email}}","attributes":{},"path":"users"}')
pk=$(echo $a | jq '.pk')
2023-01-23 14:42:50 +05:30
curl -X POST "https://auth.p.projectsegfau.lt/api/v3/core/users/${pk}/set_password/" -H "accept: application/json" -H "content-type: application/json" -H "Authorization: Bearer $(</root/pass/authentiktoken)" -d "{\"password\": \"${pass}\"}"
printf 'Hi {{username}},
Your Project Segfault Pubnix account has been approved.
To login, run ssh {{username}}@p.projectsegfau.lt. You might need to specify a key, and we recommend adding an SSH host to your SSH config file to make it easier to log in later.
There is a Matrix chat room for everything about the Pubnix. You can ask for help, discuss features etc at #pubnix:projectsegfau.lt.
There is a password for Pubnix-related things in your user directory, you can run cat ~/pass to see it. We recommend to store it somewhere else and delete the file.
You also get access to our public authentik instance, which allows you to sign up to many Project Segfault services with your Pubnix account. You can find it at https://auth.p.projectsegfau.lt, log in and you will be able to see a list of applications you can use authentik to log in with.
If you ever get confused or have no idea what to do, we have some articles on our wiki at https://wiki.projectsegfau.lt/index.php?title=Category:Pubnix.
We hope you have enough freedom to do what you want. You are limited to 20GB of storage however.
We hope you have as much fun as we did making the Pubnix! :D' \
| s-nail -vr pubnix@projectsegfau.lt -s 'Your Project Segfault Pubnix account has been created' {{email}}
2023-03-01 19:16:53 +05:30
source /var/publapi/publapi.env && shoutrrr send -u $PUBLAPI_NOTIFY_SHOUTRRRURL -m "Welcome new user, ~{{username}}!"
2023-01-23 14:42:50 +05:30
rm -rf $0