v-add-web-domain-ftp

#!/bin/bash
# info: add ftp account for web domain.
# options: USER DOMAIN FTP_USER FTP_PASSWORD [FTP_PATH]
# labels: web
#
# example: v-add-web-domain-ftp alice wonderland.com alice_ftp p4$$vvOrD
#
# The function creates additional ftp account for web domain.


#----------------------------------------------------------#
#                    Variable&Function                     #
#----------------------------------------------------------#

# Argument definition
user=$1
domain=$(idn -t --quiet -a "$2" )
ftp_user=${1}_${3}
password=$4; HIDE=4
ftp_path=$5

# Includes
source $HESTIA/func/main.sh
source $HESTIA/func/domain.sh
source $HESTIA/conf/hestia.conf

# Additional argument formatting
format_domain
format_domain_idn


#----------------------------------------------------------#
#                    Verifications                         #
#----------------------------------------------------------#

check_args '4' "$#" 'USER DOMAIN FTP_USER FTP_PASSWORD [FTP_PATH]'
is_format_valid 'user' 'domain' 'ftp_user'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
check_ftp_user=$(grep "^$ftp_user:" /etc/passwd)
if [ ! -z "$check_ftp_user" ] && [ "$FTP_USER" != "$ftp_user" ]; then
    echo "Error: ftp user $ftp_user already exists"
    log_event "$E_EXISTS" "$ARGUMENTS"
    exit $E_EXISTS
fi
is_password_valid

# Perform verification if read-only mode is enabled
check_hestia_demo_mode


#----------------------------------------------------------#
#                       Action                             #
#----------------------------------------------------------#

# Get domain values
get_domain_values 'web'

# Defining ftp user shell
shell=$(which nologin)
if [ ! -z "$FTP_SHELL" ]; then
    shell=$FTP_SHELL
fi

# Defining path
if [ -z "$ftp_path" ]; then
    ftp_path_a="$HOMEDIR/$user/web/$domain"
else
    # Validating absolute path
    ftp_path_a=$(readlink -f "$HOMEDIR/$user/web/$domain/$ftp_path")
    if [ -z "$(echo $ftp_path_a |grep $HOMEDIR/$user/web/$domain)" ]; then
        echo "Error: absolute path $ftp_path_a is invalid"
        log_event "$E_INVALID" "$ARGUMENTS"
        exit $E_INVALID
    fi
    # Creating ftp user home directory
    if [ ! -e "$ftp_path_a" ]; then
        $BIN/v-add-fs-directory "$user" "$ftp_path_a"
        chown $user:$user "$ftp_path_a"
        chmod 751 "$ftp_path_a"
    fi
fi

# Adding ftp user
/usr/sbin/useradd $ftp_user \
    -s $shell \
    -o -u $(id -u $user) \
    -g $(id -g $user) \
    -G hestia-users \
    -M -d "$ftp_path_a"  > /dev/null 2>&1

# Set ftp user password
echo "$ftp_user:$password" | /usr/sbin/chpasswd

if [ $? -ne 0 ]; then 
    # Delete user on failure again
    /usr/sbin/deluser "$ftp_user"  > /dev/null 2>&1
    echo "Error: Password not accepted due to PAM restrictions"
    exit 2
fi

ftp_md5=$(awk -v user=$ftp_user -F : 'user == $1 {print $2}' /etc/shadow)

# Adding jailed sftp env
$BIN/v-add-user-sftp-jail $ftp_user


#----------------------------------------------------------#
#                       Hestia                             #
#----------------------------------------------------------#

# Transforming absolute path to relative
ftp_path_r=$(echo $ftp_path_a |sed "s%$HOMEDIR/$user/web/$domain%%")

# Concatenating ftp variables
if [ ! -z "$FTP_USER" ]; then
    ftp_user="$FTP_USER:$ftp_user"
    ftp_md5="$FTP_MD5:$ftp_md5"
    ftp_path="$FTP_PATH:$ftp_path_r"
fi

# Adding new key into web.conf
add_object_key "web" 'DOMAIN' "$domain" 'FTP_PATH' 'PROXY'

# Updating config
update_object_value 'web' 'DOMAIN' "$domain" '$FTP_USER' "$ftp_user"
update_object_value 'web' 'DOMAIN' "$domain" '$FTP_MD5' "$ftp_md5"
update_object_value 'web' 'DOMAIN' "$domain" '$FTP_PATH' "$ftp_path"

# Logging
log_history "added ftp account ${1}_${3}@$domain"
log_event "$OK" "$ARGUMENTS"

exit