rodger/imagehost-setup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added maintenance user

Browse Source
This commit is contained in:
Rodger Castle 2026-05-04 19:45:45 -04:00
parent 123b225263
commit 3b255e3505
1 changed files with 46 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
imagehost-setup.sh
View File

@ -155,6 +155,41 @@ chmod 750 "${IMAGES_DIR}"
success "User '${SFTP_USER}' created with chroot at ${CHROOT_DIR}." success "User '${SFTP_USER}' created with chroot at ${CHROOT_DIR}."
# =============================================================================
# STEP 2b — Create maintenance user
# =============================================================================
banner "Step 2b/7 — Creating maintenance user"
echo -e "${BOLD}Maintenance username${RESET} for server administration (leave blank for 'siteadmin'):"
read -rp " Username [siteadmin]: " ADMIN_USER
ADMIN_USER="${ADMIN_USER:-siteadmin}"
[[ "$ADMIN_USER" =~ ^[a-z_][a-z0-9_-]{0,31}$ ]] || die "Invalid username."
echo ""
echo -e "${BOLD}Maintenance password${RESET} (leave blank to auto-generate):"
read -rsp " Password [auto]: " ADMIN_PASS
echo ""
if [[ -z "$ADMIN_PASS" ]]; then
ADMIN_PASS="$(tr -dc 'A-Za-z0-9' </dev/urandom | head -c 24 || true)"
GENERATED_ADMIN_PASS=true
else
GENERATED_ADMIN_PASS=false
fi
if id "${ADMIN_USER}" &>/dev/null; then
warn "User '${ADMIN_USER}' already exists — resetting password only."
else
info "Creating user '${ADMIN_USER}'…"
useradd -m -s /bin/bash "${ADMIN_USER}"
fi
echo "${ADMIN_USER}:${ADMIN_PASS}" | chpasswd
usermod -aG wheel "${ADMIN_USER}"
success "Maintenance user '${ADMIN_USER}' created and added to wheel (sudo) group."
# ============================================================================= # =============================================================================
# STEP 3 — Harden SSH / configure chroot SFTP # STEP 3 — Harden SSH / configure chroot SFTP
# ============================================================================= # =============================================================================
@ -391,6 +426,17 @@ echo -e " Password : ${CYAN}(as you entered)${RESET}"
fi fi
echo -e " Upload to: ${CYAN}/images/${RESET} (this is the root you'll see in your SFTP client)" echo -e " Upload to: ${CYAN}/images/${RESET} (this is the root you'll see in your SFTP client)"
echo "" echo ""
echo -e " ${BOLD}Maintenance (SSH) login:${RESET}"
echo -e " Host : ${CYAN}${DOMAIN:-$(hostname -I | awk '{print $1}')}${RESET}"
echo -e " Port : ${CYAN}22${RESET}"
echo -e " Username : ${CYAN}${ADMIN_USER}${RESET}"
if $GENERATED_ADMIN_PASS; then
echo -e " Password : ${YELLOW}${ADMIN_PASS}${RESET} ${RED}← Save this now!${RESET}"
else
echo -e " Password : ${CYAN}(as you entered)${RESET}"
fi
echo -e " Sudo : ${CYAN}sudo -i${RESET} to become root"
echo ""
echo -e " ${BOLD}Allowed file types:${RESET} JPG, PNG, GIF, WebP, AVIF, SVG, BMP, TIFF" echo -e " ${BOLD}Allowed file types:${RESET} JPG, PNG, GIF, WebP, AVIF, SVG, BMP, TIFF"
echo -e " ${BOLD}Max file size:${RESET} ${MAX_SIZE_MB} MB" echo -e " ${BOLD}Max file size:${RESET} ${MAX_SIZE_MB} MB"
echo "" echo ""