Commit 20cd49c1 authored by Doug Targett's avatar Doug Targett

added ftp functionality to CLI

parent 94a415a4
Pipeline #896 passed with stages
in 25 minutes and 43 seconds
......@@ -468,31 +468,238 @@ _mail_audit() {
##############################################################################
_ftp_none() {
_noop
echo "Sympl FTP command line interface
Usage: sympl ftp [action] [target]
Where action is one of:
create, enable, disable, destroy, set, audit
And target is the domain to work on.
Where create is the action:
the domain folder will be created if it is not already present
Where enable is the action:
the per-domain password will be enabled if disabled and set if not present
Where disable is the action:
FTP Access will be disabled for per-domain and user access
Where destroy is the action:
FTP Access will be removed for both per-domoain and per-user access assuming
all accounts have been disabled
Where set is the action:
FTP Access will be granted to the user<item|option> specified with the folder
name<value>. If you want to set a quota as well you will need to add a
colon ':' to the <value> with the quota amount in the format of 500K, 10M
or 2G. You can also enable a disabled user with 'set <username> on', disable
an enabled user with 'set <username> off or reset the password of a user with
'set <username> reset'. As such 'on', 'off' and 'reset' are not valid folder
names.
Examples:
sympl ftp create example.com
sympl ftp enable example.com
sympl frp disable example.com
sympl ftp audit all
sympl ftp set user1 example.com
sympl ftp set user2 user2:20M example.com
sympl ftp set user1 off example.com
sympl ftp set user2 reset example.com
"
}
_ftp_create() {
_noop
_is_domain $1
_debug "Check for disabled sites"
if [ -d /srv/__disabled__$1/public ]; then
_error "The domain '$1' is disabled. Use 'sympl enable $1' to enable it."
fi
_debug "Check to see if $1 already exists"
if [ -d /srv/$1/public ]; then
_error "$1 Already exists. No need to continue"
fi
_verbose "Creating FTP folder for $1 at /srv/$1/public/"
mkdir -p "/srv/$1/public"
chmod -R 2775 "/srv/$1/public" > /dev/null 2>&1
chown -R sympl: "/srv/$1/public" > /dev/null
}
_ftp_enable() {
_noop
_is_domain $1
_debug "Check if domain is set up"
if [ ! -d /srv/$1 ]; then
_error "The domain $1 does not exist."
fi
_debug "Check if the domains config folder exists"
if [ ! -d /srv/$1/config ]; then
_verbose "Creating the config folder for domain $1."
mkdir -p /srv/$1/config
fi
_debug "Check if per-domain access is already enabled"
if [ -f /srv/$1/config/ftp-password ]; then
_error "The domain $1 is already enabled for FTP access, to reset the pasword please disable, destroy and then enable."
fi
_debug "Check for disabled per-domain access for $1"
if [ -f /srv/$1/config/__disabled__ftp-password ]; then
_verbose "Re-enabling per-domain ftp access for $1."
mv /srv/$1/config/__disabled__ftp-password /srv/$1/config/ftp-password
else
_verbose "Setting per-domain FTP password for $1"
password="$( openssl rand -base64 32 | cut -c 1-32 )"
_debug "Password '$password' for user $1 on domain $1;"
echo "$password" > /srv/$1/config/ftp-password
chown sympl: "/srv/$1/config/ftp-password"
fi
}
_ftp_disable() {
_noop
_is_domain $1
_debug "Checking per-domain ftp access for $1 is enabled and exists"
if [ -f /srv/$1/config/__disabled__ftp-password ]; then
_error "The per-domain ftp access for $1 is already disabled."
elif [ ! -f /srv/$1/config/ftp-password ]; then
_error "The per-domain ftp access for $1 does not exist."
elif [ ! -d /srv/$1 ]; then
_error "The domain '$1' does not exist."
fi
_verbose "Disabling per-domain FTP access for $1"
mv /srv/$1/config/ftp-password /srv/$1/config/__disabled__ftp-password
}
_ftp_destroy() {
_noop
_is_domain $1
_debug "Confirm '$1' is disabled and exists"
if [ -f /srv/$1/config/ftp-password ]; then
_error "The ftp access for '$1' is enabled. It must be disabled before it can be destroyed."
elif [ ! -f /srv/$1/config/__disabled__ftp-password ]; then
_error "The ftp access for '$1' does not exist."
elif [ ! -d /srv/$1 ]; then
_error "The domain '$1' does not exist."
fi
_verbose "Destroying /srv/$1/config/__disabled__ftp-password..."
rm -r /srv/$1/config/__disabled__ftp-password
}
_ftp_set() {
_noop
_is_domain $1
if [ -z "$2" ]; then
_error "<sympl ftp set> requires at least a username argument."
fi
if [ -z "$3" ]; then
_debug "Continuing without folder or quota assignment"
fi
_debug "Check if domain is set up for FTP"
if [ ! -d /srv/$1 ]; then
_error "The domain $1 does not exist."
elif [ ! -d /srv/$1/public ]; then
_error "The domain $1 is not set up for FTP access. Please use <sympl ftp create $1>"
fi
_debug "Check if the domains config folder exists"
if [ ! -d /srv/$1/config ]; then
_verbose "Creating the config folder for domain $1."
mkdir -p /srv/$1/config
fi
_debug "Check for the ftp-users file and create a blank one if it is absent."
if [ ! -f /srv/$1/config/ftp-users ]; then
_verbose "Setting up ftp-users file"
echo "#username:password:folder:quota" > /srv/$1/config/ftp-users
chown sympl: /srv/$1/config/ftp-users
fi
if [ "$3" == "off" ]; then
_debug "Checking for user $2"
if [ "$( grep -R ^$2: /srv/$1/config/ftp-users )" ]; then
_verbose "Disabling access for $2 on domain $1."
sed -ri "s/^$2(.*)/#$2\1/" /srv/$1/config/ftp-users
return 0;
else
_error "User $2 not found in configuration, please use <sympl ftp set username>."
fi
fi
if [[ "$3" == "on" ]]; then
_debug "Checking for turned off user $2"
if [ "$( grep -R ^#$2: /srv/$1/config/ftp-users )" ]; then
_verbose "Enabling access for $2 on domain $1."
sed -ri "s/^#$2(.*)/$2\1/" /srv/$1/config/ftp-users
return 0;
else
_error "Disabled user $2 not found in configuration."
fi
fi
if [[ "$3" == "reset" ]]; then
_debug "Checking for user $2"
if [ "$( grep -R ^.*$2: /srv/$1/config/ftp-users )" ]; then
_verbose "Resetting password for $2 on domain $1."
password="$( openssl rand -base64 23 | cut -c 1-32 )"
_debug "Setting password to $password"
sed -ri "s/(^#*$2:)[^:]*(.*)/\1$password\2/" /srv/$1/config/ftp-users
return 0;
else
_error "User $2 not found in configuration, please use <sympl ftp set username>."
fi
fi
_debug "Checking for user $2 in domain $1"
if [ "$( grep -R ^$2: /srv/$1/config/ftp-users )" ]; then
_error "FTP user $2 already exists on domain $1."
fi
_debug "Setting user for domain $1"
password="$( openssl rand -base64 32 | cut -c 1-32 )"
echo "$2:$password:$3" >> /srv/$1/config/ftp-users
}
_ftp_audit() {
_noop
if [ "$1" != "all" ]; then _is_domain $1 ; else set "*"; fi
find /srv/$1/config/ -type f -name '*ftp-password' > /dev/shm/sympl_ftp_audit
find /srv/$1/config/ -type f -name 'ftp-users' >> /dev/shm/sympl_ftp_audit
_verbose "Enabled per-domain access:"
grep '/ftp-password' /dev/shm/sympl_ftp_audit | cut -d '/' -f 3 | sort
_verbose "Disabled per-domain access:"
grep __disabled__ftp-password /dev/shm/sympl_ftp_audit | cut -d '/' -f 3 | sort
for domain in $( grep ftp-users /dev/shm/sympl_ftp_audit | cut -d '/' -f 3 | sort ); do
_verbose "Per-user access exists for domain $domain:"
printf '\t%-25s%-10s%-10s\n' "<username>" "<folder>" "<quota>"
while read line; do
readarray -d : -t item <<< "$line"
printf '\t%-25s%-10s%-10s\n' "${item[0]}@$domain" "${item[2]}" "${item[3]::-1}"
done <<< $( sed '/^#.*username/d' /srv/$domain/config/ftp-users )
done
}
_ftp_update() {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment