server/new-web-user.sh

#!/bin/bash

DOMAINROOT="mit.tareo-tz.org"
WEBROOT="/var/www"
DATASHEETS="/root/datasheets"

function checkwait {
  read -p "Continue? Press Ctrl+C to cancel." END
}

# BASIC QUESTIONS
read -p "Name of the new user: " USER

if [ "$USER" == "" ]; then
	echo "User is empty. Abort."
	exit 1
elif [ $(grep -q "$USER" /etc/passwd; echo $?) == "0" ]; then
	echo "User already exists. Abort."
	exit 1
fi

read -p "Password of $USER: " PASS

DOMAIN="$USER.$DOMAINROOT"
echo "The new user's domain will be $DOMAIN"
read -p "Is that ok? [Y/n]" yn
if [ "$yn" == "n" ]; then
  read -p "Type in custom domain: " DOMAIN
fi

WEBDIR="$WEBROOT/$USER"
echo "The new user's web directory will be $WEBDIR"
read -p "Is that ok? [Y/n]" yn
if [ "$yn" == "n" ]; then
  read -p "Type in custom web directory: " WEBDIR
fi

checkwait

# ADDING USER
echo "[INFO] Adding user..."
adduser $USER
echo $USER:$PASS | chpasswd
adduser www-data $USER
chmod go-rwx /home/$USER    # Prevent other users to look into home directory. Webdir will be safe anyway.

echo "[INFO] Creating necessary directories..."
mkdir -p $WEBDIR/conf
mkdir $WEBDIR/html
mkdir $WEBDIR/logs
mkdir $WEBDIR/tmp
mkdir $WEBDIR/php-fcgi
chown root:$USER $WEBDIR
chmod 750 $WEBDIR
chown $USER:$USER $WEBDIR/*
chmod 750 $WEBDIR/*
chmod 550 $WEBDIR/conf

checkwait

# PHP-STUFF
echo "[INFO] Configuring PHP..."

cp /etc/php5/cgi/php.ini $WEBDIR/conf/

sed -r -i \
-e "s|;?open_basedir =.*|open_basedir = $WEBDIR/html/:$WEBDIR/tmp/|" \
-e "s|;?upload_tmp_dir =.*|upload_tmp_dir = $WEBDIR/tmp|" \
-e "s|;?session.save_path =.*|session.save_path = $WEBDIR/tmp|" \
$WEBDIR/conf/php.ini

chown $USER:$USER $WEBDIR/conf/php.ini
chmod 440 $WEBDIR/conf/php.ini

checkwait

# PHP-FCGI
echo "[INFO] Configuring PHP-FCGI..."

cat > $WEBDIR/php-fcgi/php-fcgi-starter << EOF
#!/bin/sh
export PHPRC="$WEBDIR/conf"
export TMPDIR="$WEBDIR/tmp"
export USER="$USER"
exec /usr/bin/php5-cgi
EOF

chown $USER:$USER $WEBDIR/php-fcgi/php-fcgi-starter 
chmod 750 $WEBDIR/php-fcgi/php-fcgi-starter
chattr +i -V $WEBDIR/php-fcgi/php-fcgi-starter      # Immutable bit to prevent user changes

checkwait

# APACHE
echo "[INFO] Configuring Apache VirtualHost..."

cat > /etc/apache2/sites-available/$USER.conf << EOF
<VirtualHost *:80>
   ServerAdmin info@tareo-tz.org
   ServerName $USER.server.local
   ServerAlias $DOMAIN
   SuexecUserGroup $USER $USER
   AddHandler fcgid-script .php
   DocumentRoot $WEBDIR/html
   DirectoryIndex index.htm index.html index.php default.html
<Directory />
   Options FollowSymLinks
   AllowOverride None
</Directory>
<Directory "$WEBDIR/html">
   Options -Indexes +MultiViews +FollowSymLinks +ExecCGI
   FCGIWrapper $WEBDIR/php-fcgi/php-fcgi-starter .php
   Order allow,deny
   allow from all
   AllowOverride All
</Directory>
ErrorLog $WEBDIR/logs/error.log
LogLevel warn
CustomLog $WEBDIR/logs/access.log combined
ServerSignature On
</VirtualHost>
EOF

cat > $WEBDIR/html/default.html << EOF
<html>
<head>
<title>Welcome!</title>
</head>
<body>
<p>Welcome to $USER's website.</p>
<p>This is a placeholder. Please upload content via an SFTP program.</p>
</body>
</html>
EOF

chown $USER:$USER $WEBDIR/html/default.html

ln -s $WEBDIR/ /home/$USER/webspace

a2ensite $USER.conf
service apache2 restart

checkwait

# MYSQL
echo "[INFO] Creating MySQL database and user..."

echo "CREATE DATABASE $USER;" | mysql
echo "GRANT usage on *.* to $USER@localhost identified by '$PASS';" | mysql
echo "GRANT all privileges on $USER.* to $USER@localhost;" | mysql
echo "FLUSH privileges;" | mysql


# DOCS
echo "[INFO] Creating datasheets..."

if [ ! -e $DATASHEETS ]; then
	mkdir $DATASHEETS
fi

cat > $DATASHEETS/datasheet-$USER.txt << EOF
################################
### MIT DATASHEET for '$USER'
################################

# Webserver
URL:  $DOMAIN

# FTP (Use FileZilla)
Server:           http://$DOMAIN
Port:             22
Protocol:         SFTP
Logon type:       Normal
User:             $USER
Pass:             $PASS

Please place your files in $WEBDIR/html/

# Database (MySQL)
Database name:	$USER
User Name:     	$USER
Password:     	$PASS
Database Host:	localhost

phpMyAdmin: http://pma.$DOMAINROOT
EOF

enscript -p $DATASHEETS/datasheet-$USER.ps $DATASHEETS/datasheet-$USER.txt 
ps2pdf $DATASHEETS/datasheet-$USER.ps $DATASHEETS/datasheet-$USER.pdf
rm $DATASHEETS/datasheet-$USER.ps

cp $DATASHEETS/datasheet-$USER.pdf /var/share/teachers/

echo "[INFO] Done."
initial commit of already existing scripts 2015-06-12 11:42:25 +03:00			`#!/bin/bash`

			`DOMAINROOT="mit.tareo-tz.org"`
			`WEBROOT="/var/www"`
			`DATASHEETS="/root/datasheets"`

			`function checkwait {`
			`read -p "Continue? Press Ctrl+C to cancel." END`
			`}`

			`# BASIC QUESTIONS`
			`read -p "Name of the new user: " USER`

			`if [ "$USER" == "" ]; then`
			`echo "User is empty. Abort."`
			`exit 1`
			`elif [ $(grep -q "$USER" /etc/passwd; echo $?) == "0" ]; then`
			`echo "User already exists. Abort."`
			`exit 1`
			`fi`

			`read -p "Password of $USER: " PASS`

			`DOMAIN="$USER.$DOMAINROOT"`
			`echo "The new user's domain will be $DOMAIN"`
			`read -p "Is that ok? [Y/n]" yn`
			`if [ "$yn" == "n" ]; then`
			`read -p "Type in custom domain: " DOMAIN`
			`fi`

			`WEBDIR="$WEBROOT/$USER"`
			`echo "The new user's web directory will be $WEBDIR"`
			`read -p "Is that ok? [Y/n]" yn`
			`if [ "$yn" == "n" ]; then`
			`read -p "Type in custom web directory: " WEBDIR`
			`fi`

			`checkwait`

			`# ADDING USER`
			`echo "[INFO] Adding user..."`
			`adduser $USER`
			`echo $USER:$PASS \| chpasswd`
			`adduser www-data $USER`
			`chmod go-rwx /home/$USER # Prevent other users to look into home directory. Webdir will be safe anyway.`

			`echo "[INFO] Creating necessary directories..."`
			`mkdir -p $WEBDIR/conf`
			`mkdir $WEBDIR/html`
			`mkdir $WEBDIR/logs`
			`mkdir $WEBDIR/tmp`
			`mkdir $WEBDIR/php-fcgi`
			`chown root:$USER $WEBDIR`
			`chmod 750 $WEBDIR`
			`chown $USER:$USER $WEBDIR/*`
			`chmod 750 $WEBDIR/*`
			`chmod 550 $WEBDIR/conf`

			`checkwait`

			`# PHP-STUFF`
			`echo "[INFO] Configuring PHP..."`

			`cp /etc/php5/cgi/php.ini $WEBDIR/conf/`

			`sed -r -i \`
			`-e "s\|;?open_basedir =.*\|open_basedir = $WEBDIR/html/:$WEBDIR/tmp/\|" \`
			`-e "s\|;?upload_tmp_dir =.*\|upload_tmp_dir = $WEBDIR/tmp\|" \`
			`-e "s\|;?session.save_path =.*\|session.save_path = $WEBDIR/tmp\|" \`
			`$WEBDIR/conf/php.ini`

			`chown $USER:$USER $WEBDIR/conf/php.ini`
			`chmod 440 $WEBDIR/conf/php.ini`

			`checkwait`

			`# PHP-FCGI`
			`echo "[INFO] Configuring PHP-FCGI..."`

			`cat > $WEBDIR/php-fcgi/php-fcgi-starter << EOF`
			`#!/bin/sh`
			`export PHPRC="$WEBDIR/conf"`
			`export TMPDIR="$WEBDIR/tmp"`
			`export USER="$USER"`
			`exec /usr/bin/php5-cgi`
			`EOF`

			`chown $USER:$USER $WEBDIR/php-fcgi/php-fcgi-starter`
			`chmod 750 $WEBDIR/php-fcgi/php-fcgi-starter`
			`chattr +i -V $WEBDIR/php-fcgi/php-fcgi-starter # Immutable bit to prevent user changes`

			`checkwait`

			`# APACHE`
			`echo "[INFO] Configuring Apache VirtualHost..."`

			`cat > /etc/apache2/sites-available/$USER.conf << EOF`
			`<VirtualHost *:80>`
			`ServerAdmin info@tareo-tz.org`
			`ServerName $USER.server.local`
			`ServerAlias $DOMAIN`
			`SuexecUserGroup $USER $USER`
			`AddHandler fcgid-script .php`
			`DocumentRoot $WEBDIR/html`
			`DirectoryIndex index.htm index.html index.php default.html`
			`<Directory />`
			`Options FollowSymLinks`
			`AllowOverride None`
			`</Directory>`
			`<Directory "$WEBDIR/html">`
			`Options -Indexes +MultiViews +FollowSymLinks +ExecCGI`
			`FCGIWrapper $WEBDIR/php-fcgi/php-fcgi-starter .php`
			`Order allow,deny`
			`allow from all`
changing paths, adding web-user-listing 2015-06-12 12:35:12 +03:00			`AllowOverride All`
initial commit of already existing scripts 2015-06-12 11:42:25 +03:00			`</Directory>`
			`ErrorLog $WEBDIR/logs/error.log`
			`LogLevel warn`
			`CustomLog $WEBDIR/logs/access.log combined`
			`ServerSignature On`
			`</VirtualHost>`
			`EOF`

			`cat > $WEBDIR/html/default.html << EOF`
			`<html>`
			`<head>`
			`<title>Welcome!</title>`
			`</head>`
			`<body>`
			`<p>Welcome to $USER's website.</p>`
			`<p>This is a placeholder. Please upload content via an SFTP program.</p>`
			`</body>`
			`</html>`
			`EOF`

			`chown $USER:$USER $WEBDIR/html/default.html`

			`ln -s $WEBDIR/ /home/$USER/webspace`

			`a2ensite $USER.conf`
			`service apache2 restart`

			`checkwait`

			`# MYSQL`
			`echo "[INFO] Creating MySQL database and user..."`

			`echo "CREATE DATABASE $USER;" \| mysql`
			`echo "GRANT usage on . to $USER@localhost identified by '$PASS';" \| mysql`
			`echo "GRANT all privileges on $USER.* to $USER@localhost;" \| mysql`
			`echo "FLUSH privileges;" \| mysql`


			`# DOCS`
			`echo "[INFO] Creating datasheets..."`

			`if [ ! -e $DATASHEETS ]; then`
			`mkdir $DATASHEETS`
			`fi`

			`cat > $DATASHEETS/datasheet-$USER.txt << EOF`
			`################################`
			`### MIT DATASHEET for '$USER'`
			`################################`

			`# Webserver`
			`URL: $DOMAIN`

			`# FTP (Use FileZilla)`
			`Server: http://$DOMAIN`
			`Port: 22`
			`Protocol: SFTP`
			`Logon type: Normal`
			`User: $USER`
			`Pass: $PASS`

			`Please place your files in $WEBDIR/html/`

			`# Database (MySQL)`
			`Database name: $USER`
			`User Name: $USER`
			`Password: $PASS`
			`Database Host: localhost`

			`phpMyAdmin: http://pma.$DOMAINROOT`
			`EOF`

			`enscript -p $DATASHEETS/datasheet-$USER.ps $DATASHEETS/datasheet-$USER.txt`
			`ps2pdf $DATASHEETS/datasheet-$USER.ps $DATASHEETS/datasheet-$USER.pdf`
			`rm $DATASHEETS/datasheet-$USER.ps`

			`cp $DATASHEETS/datasheet-$USER.pdf /var/share/teachers/`

			`echo "[INFO] Done."`