Added maintenance user
This commit is contained in:
parent
123b225263
commit
3b255e3505
@ -155,6 +155,41 @@ chmod 750 "${IMAGES_DIR}"
|
||||
|
||||
success "User '${SFTP_USER}' created with chroot at ${CHROOT_DIR}."
|
||||
|
||||
# =============================================================================
|
||||
# STEP 2b — Create maintenance user
|
||||
# =============================================================================
|
||||
banner "Step 2b/7 — Creating maintenance user"
|
||||
|
||||
echo -e "${BOLD}Maintenance username${RESET} for server administration (leave blank for 'siteadmin'):"
|
||||
read -rp " Username [siteadmin]: " ADMIN_USER
|
||||
ADMIN_USER="${ADMIN_USER:-siteadmin}"
|
||||
[[ "$ADMIN_USER" =~ ^[a-z_][a-z0-9_-]{0,31}$ ]] || die "Invalid username."
|
||||
|
||||
echo ""
|
||||
echo -e "${BOLD}Maintenance password${RESET} (leave blank to auto-generate):"
|
||||
read -rsp " Password [auto]: " ADMIN_PASS
|
||||
echo ""
|
||||
|
||||
if [[ -z "$ADMIN_PASS" ]]; then
|
||||
ADMIN_PASS="$(tr -dc 'A-Za-z0-9' </dev/urandom | head -c 24 || true)"
|
||||
GENERATED_ADMIN_PASS=true
|
||||
else
|
||||
GENERATED_ADMIN_PASS=false
|
||||
fi
|
||||
|
||||
if id "${ADMIN_USER}" &>/dev/null; then
|
||||
warn "User '${ADMIN_USER}' already exists — resetting password only."
|
||||
else
|
||||
info "Creating user '${ADMIN_USER}'…"
|
||||
useradd -m -s /bin/bash "${ADMIN_USER}"
|
||||
fi
|
||||
|
||||
echo "${ADMIN_USER}:${ADMIN_PASS}" | chpasswd
|
||||
usermod -aG wheel "${ADMIN_USER}"
|
||||
|
||||
success "Maintenance user '${ADMIN_USER}' created and added to wheel (sudo) group."
|
||||
|
||||
|
||||
# =============================================================================
|
||||
# STEP 3 — Harden SSH / configure chroot SFTP
|
||||
# =============================================================================
|
||||
@ -391,6 +426,17 @@ echo -e " Password : ${CYAN}(as you entered)${RESET}"
|
||||
fi
|
||||
echo -e " Upload to: ${CYAN}/images/${RESET} (this is the root you'll see in your SFTP client)"
|
||||
echo ""
|
||||
echo -e " ${BOLD}Maintenance (SSH) login:${RESET}"
|
||||
echo -e " Host : ${CYAN}${DOMAIN:-$(hostname -I | awk '{print $1}')}${RESET}"
|
||||
echo -e " Port : ${CYAN}22${RESET}"
|
||||
echo -e " Username : ${CYAN}${ADMIN_USER}${RESET}"
|
||||
if $GENERATED_ADMIN_PASS; then
|
||||
echo -e " Password : ${YELLOW}${ADMIN_PASS}${RESET} ${RED}← Save this now!${RESET}"
|
||||
else
|
||||
echo -e " Password : ${CYAN}(as you entered)${RESET}"
|
||||
fi
|
||||
echo -e " Sudo : ${CYAN}sudo -i${RESET} to become root"
|
||||
echo ""
|
||||
echo -e " ${BOLD}Allowed file types:${RESET} JPG, PNG, GIF, WebP, AVIF, SVG, BMP, TIFF"
|
||||
echo -e " ${BOLD}Max file size:${RESET} ${MAX_SIZE_MB} MB"
|
||||
echo ""
|
||||
|
||||
Loading…
Reference in New Issue
Block a user