Thumbnail

mod/infra.git

Clone URL: https://git.buni.party/mod/infra.git

Info Tree Commits Branches Tags Show Grep
commit 6d5c4dfd162180a2864e4ec94740f45d499d4ae2 Author: mod <mod@buni.party> Date: Sat Feb 21 03:17:11 2026 +0000 Add: scripts diff --git a/scripts/git-import b/scripts/git-import new file mode 100755 index 0000000..d9944cb --- /dev/null +++ b/scripts/git-import @@ -00 +185 @@ +#!/bin/sh + +ADMIN_REPO="/home/mod/gitolite-admin" +CONF_FILE="$ADMIN_REPO/conf/gitolite.conf" +KEYS_DIR="$ADMIN_REPO/keydir" + +# $1: user +# $2...: command to run +as() { + user="$1" + shift + su -s /bin/sh "$user" -c "$*" +} + +# $*: message +fail() { + printf '%s\n' "$*" >&2 + exit 1 +} + +# $1: username +# $2: key itself +get_keyname() { + sum="$(printf '%s' "$2" | sha1sum - | cut -d' ' -f1)" + keyname="$KEYS_DIR/${1}@${sum}.pub" + [ -e "$keyname" ] && return 1 + printf '%s' "$keyname" +} + +[ "$(id -u)" -ne 0 ] && fail "Must be run as root" +cd "$ADMIN_REPO" || fail "Cannot enter admin repo" + +import() { + echo "Importing keys" + # default stuff + as mod git pull + cat <<EOF >"$CONF_FILE" +repo gitolite-admin +RW+ = mod +EOF + rm -f "$KEYS_DIR"/*.pub + as mod git rm -r --cached . + + # generate user config & keys + for homedir in /home/*; do + user="${homedir##*/}" + + cat <<EOF >>"$CONF_FILE" +repo $user/.* + C = $user + RW+ = $user + R = @all +EOF + + keysfile="$homedir/.ssh/git_keys" + if [ -e "$keysfile" ]; then + while IFS= read -r line || [ -n "$line" ]; do + keyname="$(get_keyname "$user" "$line")" + if [ $? -gt 0 ]; then + echo "Duplicate key found: $line" + continue + fi + printf '%s' "$line" >"$keyname" + done <"$keysfile" + fi + done + + chown -R mod:mod . + + export GIT_AUTHOR_NAME="mod" + export GIT_AUTHOR_EMAIL="mod@groupnix" + export GIT_COMMITTER_NAME="mod" + export GIT_COMMITTER_EMAIL="mod@groupnix" + as mod 'git add -A && git commit -m "Update using import" && git push' + echo "Keys imported" +} + +trap import USR1 + +while :; do + import + # import twice a day + sleep $(( 60 * 60 * 12 )) & + wait $! +done diff --git a/scripts/kick b/scripts/kick new file mode 100755 index 0000000..fc85058 --- /dev/null +++ b/scripts/kick @@ -00 +122 @@ +#!/bin/sh + +usage() { + echo "Usage" + echo "kick USER" + echo "Kicks a user from the system" + exit 1 +} + + +[ $# -lt 1 ] && usage + +pids="$(who -u | awk '($1 == "'"$1"'"){print $6}')" + +for pid in $pids; do + if [ -z "$pid" ] || [ "$pid" -le 1 ]; then + echo "Invalid PID" >&2 + exit 1 + fi +done + +kill -HUP $pids diff --git a/scripts/newuser b/scripts/newuser new file mode 100755 index 0000000..cd81eeb --- /dev/null +++ b/scripts/newuser @@ -00 +153 @@ +#!/bin/sh + + +usage() { + echo "Usage:" + echo "newuser NAME" + echo "Creates a new user account with the given name." + echo "An SSH key must be given in stdin." + echo "This must be run as root." + exit 0 +} + +fail() { + printf '%s: %s\n' "$0" "$*" >&2 + exit 1 +} + + +[ $# -lt 1 ] && usage +[ "$(id -u)" -ne 0 ] && fail "Must be run as root" +[ -z "$1" ] && fail "Invalid user name" + +read -r key +[ -z "$key" ] && fail "Invalid SSH key" + +useradd -m -s /bin/bash "$1" || fail "Could not add user" + +# set up ssh stuff +mkdir /home/"$1"/.ssh +printf '%s' "$key" >> /home/"$1"/.ssh/authorized_keys +touch /home/"$1"/.ssh/git_keys +chmod 700 /home/"$1"/.ssh +chown -R "$1":"$1" /home/"$1"/.ssh + +# set up web stuff +setfacl -m 'g:www-data:x' /home/"$1" +mkdir /home/"$1"/web +# world readable +chmod 775 /home/"$1"/web +# add index file +cat <<EOF > /home/"$1"/web/index.html +<!DOCTYPE html> +<html> +<head></head> +<body> + <p>Hello, world!</p> + <p>Click <a href="https://u.buni.party/mod/">here</a> for more info.</p> +</body> +</html> +EOF + +chown -R "$1":"www-data" /home/"$1"/web +chmod g+s /home/"$1"/web