From 7ef3708fef015cd66e773a81f5fefffdec862d9d Mon Sep 17 00:00:00 2001 From: Marek Miklewicz <86836305+marsonpl@users.noreply.github.com> Date: Sun, 8 May 2022 21:29:54 +0200 Subject: [PATCH] Create da_cli.sh --- da_cli.sh | 881 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 881 insertions(+) create mode 100644 da_cli.sh diff --git a/da_cli.sh b/da_cli.sh new file mode 100644 index 0000000..f103b34 --- /dev/null +++ b/da_cli.sh @@ -0,0 +1,881 @@ +#!/bin/bash +#version 0.4 +#gedas@mc2.dev + +### VARS ### +DEFAULTPACKAGE=NO_LIMIT +DNSMASTER="192.168.8.13" # IP address of this server that should be used on the client host for multiserver +DNSSLAVE="192.168.8.14" # the second DNS server. This server should be able to login to DNSSLAVE via ssh +DNSSLAVEPORT="22" # port for dnsslave +ADMINUSER="admin" # server main admin user +TRUSTED_IPS="127.0.0.1,192.168.0.1" #comma separated list of IP addresses +### END VARS ### + +######### FUNCTIONS + +createUser() { + + #mandatory options: + USERNAME="$1" + PASSWORD="$2" + DOMAIN="$3" + + if [[ -z "${USERNAME}" ]] || [[ -z "${PASSWORD}" ]] || [[ -z "${DOMAIN}" ]]; then + echo "+---------------------------------------+" + echo "Create a user:" + echo "$0 createuser USERNAME PASSWORD DOMAIN " + echo " are optional" + echo "+---------------------------------------+" + exit 1 + fi + + #optional + PACKAGE="$4" + EMAIL="$5" + #default values if not set + [[ -z "${PACKAGE}" ]] && PACKAGE="${DEFAULTPACKAGE}" + [[ -z "${EMAIL}" ]] && EMAIL="admin@`hostname -f`" + + #json template: + CREATE_USER_JSON=$(cat << EOF +{ + "username": "${USERNAME}", + "email": "${EMAIL}", + "passwd": "${PASSWORD}", + "passwd2": "${PASSWORD}", + "domain": "${DOMAIN}", + "package": "${PACKAGE}", + "ip": "server", + "notify": "no", + "json": "yes", + "add": "yes", + "action": "create" +} +EOF +) + #create user + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_ACCOUNT_USER?json=yes" --request "POST" --data "${CREATE_USER_JSON}" +} + +deleteUser() { + + USERNAME="$1" + + + if [[ -z "${USERNAME}" ]]; then + echo "+---------------------------------------+" + echo "Delete a user:" + echo "$0 deleteuser USERNAME" + echo "+---------------------------------------+" + exit 1 + fi + + DELETE_USER_JSON=$(cat << EOF +{ + "leave_dns": "no", + "json": "yes", + "location": "CMD_ALL_USER_SHOW", + "delete": "yes", + "confirmed": "yes", + "select0": "${USERNAME}" +} +EOF +) + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_SELECT_USERS?json=yes" --request "POST" --data "${DELETE_USER_JSON}" +} + +createDB() { + + DBNAME="$1" + DBUSERNAME="$2" + DBPASSWORD="$3" + + if [[ -z "${DBNAME}" ]] || [[ -z "${DBUSERNAME}" ]] || [[ -z "${DBPASSWORD}" ]]; then + echo "+---------------------------------------+" + echo "Create a database:" + echo "$0 createdb DBNAME DBUSERNAME DBPASSWORD" + echo "+---------------------------------------+" + exit 1 + fi + + USERNAME=$(echo ${DBNAME} | cut -f1 -d_) + DBNAME=$(echo ${DBNAME} | cut -f2 -d_) + DBUSERNAME=$(echo ${DBUSERNAME} | cut -f2 -d_) + + CREATE_DB_JSON=$(cat << EOF +{ + "name": "${DBNAME}", + "user": "${DBUSERNAME}", + "passwd": "${DBPASSWORD}", + "passwd2": "${DBPASSWORD}", + "userlist": "...", + "json": "yes", + "action": "create" +} +EOF +) + + #create db + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DB?json=yes" --request "POST" --data "${CREATE_DB_JSON}" +} + +deleteDB() { + + DBNAME="$1" + + if [[ -z "${DBNAME}" ]]; then + echo "+---------------------------------------+" + echo "Delete a database:" + echo "$0 deletedb DBNAME" + echo "+---------------------------------------+" + exit 1 + fi + + USERNAME=$(echo ${DBNAME} | cut -f1 -d_) + + DELETE_DB_JSON=$(cat << EOF +{ + "json": "yes", + "action": "select", + "delete_db": "yes", + "select0": "${DBNAME}" +} +EOF +) + + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DB?json=yes" --request "POST" --data "${DELETE_DB_JSON}" + +} + + +createForwarder() { + + FORWARDER="$1" + DESTINATION="$2" + + if [[ -z "${FORWARDER}" ]] || [[ -z "${DESTINATION}" ]]; then + echo "+---------------------------------------+" + echo "Create a forwarder:" + echo "$0 createforwarder FORWARDER DESTINATION" + echo "+---------------------------------------+" + exit 1 + fi + + DOMAIN=$(echo ${FORWARDER} | cut -f2 -d@) + USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs) + + CREATE_FORWARDER_JSON=$(cat << EOF +{ + "json": "yes", + "action": "create", + "raw_forwarders": "${FORWARDER} --> ${DESTINATION}" +} +EOF +) + + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_FORWARDER?json=yes" --request "POST" --data "${CREATE_FORWARDER_JSON}" +} + + +deleteForwarder() { + + FORWARDER="$1" + + if [[ -z "${FORWARDER}" ]]; then + echo "+---------------------------------------+" + echo "Delete a forwarder:" + echo "$0 deleteforwarder FORWARDER" + echo "+---------------------------------------+" + exit 1 + fi + + DOMAIN=$(echo ${FORWARDER} | cut -f2 -d@) + BOX=$(echo ${FORWARDER} | cut -f1 -d@) + USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs) + + DELETE_FORWARDER_JSON=$(cat << EOF +{ + "domain": "${DOMAIN}", + "json": "yes", + "action": "delete", + "delete": "yes", + "select0": "${BOX}" +} +EOF +) + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_FORWARDER?json=yes" --request "POST" --data "${DELETE_FORWARDER_JSON}" +} + +createDomain() { + + USERNAME="$1" + DOMAIN="$2" + + if [[ -z "${USERNAME}" ]] || [[ -z "${DOMAIN}" ]]; then + echo "+---------------------------------------+" + echo "Create a domain for a user:" + echo "$0 createdomain USERNAME DOMAIN" + echo "or" + echo "$0 createdomain USERNAME list=file" + echo "+---------------------------------------+" + exit 1 + fi + + + if [[ $(echo ${DOMAIN} | grep -c -E "^list=") -gt 0 ]]; then + DOMFILE=$(echo ${DOMAIN} | cut -f2 -d=) + for DOMAIN in `cat ${DOMFILE}`; do + CREATE_DOMAIN_JSON=$(cat << EOF +{ + "domain": "${DOMAIN}", + "uquota": "unlimited", + "ssl": "ON", + "php": "ON", + "json": "yes", + "action": "create", + "ubandwidth": "unlimited" +} +EOF +) + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${CREATE_DOMAIN_JSON}" + done + else + CREATE_DOMAIN_JSON=$(cat << EOF +{ + "domain": "${DOMAIN}", + "uquota": "unlimited", + "ssl": "ON", + "php": "ON", + "json": "yes", + "action": "create", + "ubandwidth": "unlimited" +} +EOF +) + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${CREATE_DOMAIN_JSON}" + fi +} + + deleteDomain() { + + USERNAME="$1" + DOMAIN="$2" + + if [[ -z "${USERNAME}" ]] || [[ -z "${DOMAIN}" ]]; then + echo "+---------------------------------------+" + echo "Delete a domain from a user:" + echo "$0 deletedomain USERNAME DOMAIN" + echo "or" + echo "$0 deletedomain USERNAME list=file" + echo "+---------------------------------------+" + exit 1 + fi + + if [[ $(echo ${DOMAIN} | grep -c -E "^list=") -gt 0 ]]; then + DOMFILE=$(echo ${DOMAIN} | cut -f2 -d=) + for DOMAIN in `cat ${DOMFILE}`; do + DELETE_DOMAIN_JSON=$(cat << EOF +{ + "delete_data": "yes", + "json": "yes", + "action": "select", + "delete": "yes", + "confirmed": "yes", + "delete_data_aware": "yes", + "select0": "${DOMAIN}" +} +EOF +) + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${DELETE_DOMAIN_JSON}" + done + else + DELETE_DOMAIN_JSON=$(cat << EOF +{ + "delete_data": "yes", + "json": "yes", + "action": "select", + "delete": "yes", + "confirmed": "yes", + "delete_data_aware": "yes", + "select0": "${DOMAIN}" +} +EOF +) + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${DELETE_DOMAIN_JSON}" + fi + + } + +enableSSH() { + + USERNAME="$1" + + if [[ -z "${USERNAME}" ]]; then + echo "+---------------------------------------+" + echo "Enable SSH for a user:" + echo "$0 enablessh USERNAME" + echo "+---------------------------------------+" + exit 1 + fi + + chsh -s /bin/bash ${USERNAME} + sed -i -e 's/ssh=OFF/ssh=ON/g' /usr/local/directadmin/data/users/${USERNAME}/user.conf + + } + +disableSSH() { + + USERNAME="$1" + + if [[ -z "${USERNAME}" ]]; then + echo "+---------------------------------------+" + echo "Disable SSH for a user:" + echo "$0 disablessh USERNAME" + echo "+---------------------------------------+" + exit 1 + fi + + chsh -s /bin/false ${USERNAME} + sed -i -e 's/ssh=ON/ssh=OFF/g' /usr/local/directadmin/data/users/${USERNAME}/user.conf +} + +docroot() { + + + USERNAME="$1" + DOMAIN="$2" + DOCROOT="$3" + + if [[ -z "${USERNAME}" ]] || [[ -z "${DOMAIN}" ]] || [[ -z "${DOCROOT}" ]]; then + echo "+---------------------------------------+" + echo "Change DOCROOT for a domain:" + echo "$0 docroot USERNAME DOMAIN DOCROOT" + echo "Example $0 docroot john domain.tld domains/domain.tld/public_html" + echo "+---------------------------------------+" + exit 1 + fi + + if [[ $(grep DOCROOT /usr/local/directadmin/data/users/${USERNAME}/domains/${DOMAIN}.cust_httpd -q -c) -gt 0 ]]; then + echo "Custom docroot already exist. Please remove the customisation." + else + echo "|?DOCROOT=/home/${USERNAME}/${DOCROOT}|" >> /usr/local/directadmin/data/users/${USERNAME}/domains/${DOMAIN}.cust_httpd + echo "action=rewrite&value=httpd&domain=${DOMAIN}" >> /usr/local/directadmin/data/task.queue.cb + /usr/local/directadmin/dataskq d --custombuild + fi + } + +createmail() { + + DOMAIN="$1" + MBOX="$2" + PASSWORD="$3" + SIZE="$4" + [[ -z "${SIZE}" ]] && SIZE="0" + + + if [[ -z "${DOMAIN}" ]] || [[ -z "${MBOX}" ]] || [[ -z "${PASSWORD}" ]]; then + echo "+---------------------------------------+" + echo "Create a mailbox:" + echo "$0 createmail DOMAIN MBOX PASSWORD " + echo "+---------------------------------------+" + exit 1 + fi + + CREATE_EMAIL_JSON=$(cat << EOF +{ + "user": "${MBOX}", + "passwd2": "${PASSWORD}", + "passwd": "${PASSWORD}", + "quota": "${SIZE}", + "limit": "200", + "domain": "${DOMAIN}", + "json": "yes", + "action": "create" +} +EOF +) + + USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs) + + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${CREATE_EMAIL_JSON}" +} + +deletemail() { + + DOMAIN="$1" + MBOX="$2" + + + if [[ -z "${DOMAIN}" ]] || [[ -z "${MBOX}" ]]; then + echo "+---------------------------------------+" + echo "Delete a mailbox:" + echo "$0 deletemail DOMAIN MBOX" + echo "+---------------------------------------+" + exit 1 + fi + + DELETE_EMAIL_JSON=$(cat << EOF +{ + "clean_forwarders": "yes", + "domain": "${DOMAIN}", + "json": "yes", + "action": "delete", + "delete": "yes", + "select0": "${MBOX}" +} +EOF +) + + USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs) + + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${DELETE_EMAIL_JSON}" +} + + +enabledkim() { + DOMAIN="$1" + + if [[ -z "${DOMAIN}" ]]; then + echo "+---------------------------------------+" + echo "Enable DKIM for a domain:" + echo "$0 enabledkim DOMAIN" + echo "+---------------------------------------+" + exit 1 + fi + + ENABLE_DKIM_JSON=$(cat << EOF +{ + "action": "set_dkim", + "domain": "${DOMAIN}", + "json": "yes", + "enable": "yes" +} +EOF +) + + USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs) + + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${ENABLE_DKIM_JSON}" + +} + +disabledkim() { + DOMAIN="$1" + + if [[ -z "${DOMAIN}" ]]; then + echo "+---------------------------------------+" + echo "Enable DKIM for a domain:" + echo "$0 enabledkim DOMAIN" + echo "+---------------------------------------+" + exit 1 + fi + + DISABLE_DKIM_JSON=$(cat << EOF +{ + "action": "set_dkim", + "domain": "${DOMAIN}", + "json": "yes", + "disable": "yes" +} +EOF +) + + USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs) + + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${DISABLE_DKIM_JSON}" +} + + + + +changemailpass() { + + DOMAIN="$1" + MBOX="$2" + PASSWORD="$3" + + if [[ -z "${DOMAIN}" ]] || [[ -z "${MBOX}" ]] || [[ -z "${PASSWORD}" ]]; then + echo "+---------------------------------------+" + echo "Change mailbox password:" + echo "$0 changemailpass DOMAIN MBOX PASSWORD" + echo "+---------------------------------------+" + exit 1 + fi + + CHANGE_EMAIL_PASS_JSON=$(cat << EOF +{ + "user": "${MBOX}", + "newuser": "${MBOX}", + "passwd2": "${PASSWORD}", + "passwd": "${PASSWORD}", + "quota": "50", + "limit": "200", + "domain": "${DOMAIN}", + "json": "yes", + "action": "modify" +} +EOF +) + + USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs) + + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${CHANGE_EMAIL_PASS_JSON}" +} + +changeuserpass() { + + USER="$1" + PASSWORD="$2" + + if [[ -z "${USER}" ]] || [[ -z "${PASSWORD}" ]]; then + echo "+---------------------------------------+" + echo "Change mailbox password:" + echo "$0 changeuserpass LOGIN PASSWORD" + echo "+---------------------------------------+" + exit 1 + fi + + CHANGE_USER_PASS_JSON=$(cat << EOF +{ + "username": "${USER}", + "passwd": "${PASSWORD}", + "json": "yes", + "action": "create", + "referer": "CMD_API_USER_PASSWD", + "passwd2": "${PASSWORD}" +} +EOF +) + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_USER_PASSWD?json=yes" --request "POST" --data "${CHANGE_USER_PASS_JSON}" +} + +disablenamed() { + sed -i -e 's/named=ON/named=OFF/g' /usr/local/directadmin/data/admin/services.status + systemctl stop named + systemctl disable named + + NAMED_PLACEBO=$(cat << EOF +[Unit] +Description=Named Placebo +After=syslog.target network.target +Requires=network.target +Documentation=http://help.directadmin.com/item.php?id=25 + +[Service] +Type=oneshot +ExecStart=/usr/bin/echo -n '' +EOF +) + + [[ -f '/etc/systemd/system/named.service' ]] && echo "${NAMED_PLACEBO}" > /etc/systemd/system/named.service + [[ -f '/usr/lib/systemd/system/named.service' ]] && echo "${NAMED_PLACEBO}" > /usr/lib/systemd/system/named.service + + systemctl daemon-reload +} + +enablenamed() { + [[ `grep 'Placebo' -q /etc/systemd/system/named.service` ]] && rm -fv /etc/systemd/system/named.service + [[ `grep 'Placebo' -q /usr/lib/systemd/system/named.service` ]] && rm -fv /usr/lib/systemd/system/named.service + + cd /usr/local/directadmin/custombuild + ./build update + ./build bind +} + +sethostname() { + /usr/local/directadmin/scripts/hostname.sh "$1" +} + +multiserver() { + #Is used to create admin account locally + create the same account on the DNSSLAVE server using SSH. + #Then client to the CLIENTHOSTNAME and use that for multiserver setup. + + CLIENTHOSTNAME="$1" + CLIENTNAME="$2" + + if [[ -z "${CLIENTHOSTNAME}" ]] || [[ -z "${CLIENTNAME}" ]]; then + echo "+---------------------------------------+" + echo "Push multiserver settings to CLIENTHOSTNAME:" + echo "$0 multiserver CLIENTHOSTNAME CLIENTNAME" + echo "+---------------------------------------+" + exit 1 + fi + + + GLOBALKEYDIR="/usr/local/directadmin/data/users/admin/login_keys" + KEYDIR="${GLOBALKEYDIR}/dns${CLIENTNAME}" + PASSWD=`openssl rand -base64 20` + HASH=`echo -n "${PASSWD}" | openssl passwd -6 -stdin` + +## precheck connectivity + + if [[ `whoami` == root ]]; then + if [[ `ssh -lroot ${CLIENTHOSTNAME} 'whoami'` == "root" ]]; then + if [[ `ssh -lroot ${DNSSLAVE} 'whoami'` == "root" ]]; then + echo "Access looks good" + else + echo "Error: We need root access to the ${DNSSLAVE}" + exit 1 + fi + else + echo "Error: We need root access to the ${CLIENTHOSTNAME}" + exit 1 + fi + else + echo "Error: Script must be executed as root" + exit 1 + fi + +## local DNS key creation + echo "Creating local keys 'dns${CLIENTNAME}'" + mkdir -p ${KEYDIR} + + cat << EOF > ${KEYDIR}/key.conf +allow_htm=no +clear_key=no +created_by=127.0.0.1 +date_created=$(date +%s) +expiry=0 +key=${HASH} +max_uses=0 +uses=0 +EOF + + cat << EOF > ${KEYDIR}/commands.allow +CMD_API_DNS_ADMIN +CMD_API_LOGIN_TEST +EOF + + chown -R diradmin:diradmin ${KEYDIR} + chmod 700 ${KEYDIR} + chmod 600 ${KEYDIR}/key.conf ${KEYDIR}/commands.allow + + ## Remote DNS rsync keys to DNSSLAVE. + echo "Syncing keys to ${DNSSLAVE}" + rsync ${KEYDIR}/ root@${DNSSLAVE}:${KEYDIR}/ -e "ssh -p ${DNSSLAVEPORT}" -a --delete + + ### Push settings to the client server. + echo "Enabling multiserver on the ${CLIENTHOSTNAME}" + BASE64PW=`echo -n ${PASSWD} | base64` + SSHREMOTE="ssh -lroot ${CLIENTHOSTNAME} --" + CLUSTERCONF="/usr/local/directadmin/data/admin/cluster.conf" + + ${SSHREMOTE} "/usr/local/directadmin/directadmin set cluster 1" + ${SSHREMOTE} "systemctl restart directadmin" + ${SSHREMOTE} "sed -i -e '/^${DNSMASTER}=/d' ${CLUSTERCONF}" + ${SSHREMOTE} "sed -i -e '/^${DNSSLAVE}=/d' ${CLUSTERCONF}" + ${SSHREMOTE} "echo '${DNSMASTER}=dns=yes&domain_check=yes&email=no&passwd=${BASE64PW}&port=2222&show_all_users=no&ssl=yes&user=admin&user_check=no&user_sync=no' >> ${CLUSTERCONF}" + ${SSHREMOTE} "echo '${DNSSLAVE}=dns=yes&domain_check=yes&email=no&passwd=${BASE64PW}&port=2222&show_all_users=no&ssl=yes&user=admin&user_check=no&user_sync=no' >> ${CLUSTERCONF}" + ${SSHREMOTE} "echo 'action=rewrite&value=named' >> /usr/local/directadmin/data/task.queue; /usr/local/directadmin/dataskq d" + +} + +enablemultiserver() { + + ENABLE_MULTISERVER_JSON=$(cat << EOF +{ + "json": "yes", + "action": "onoff", + "on": "yes" +} +EOF +) + + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_MULTI_SERVER?json=yes" --request "POST" --data "${ENABLE_MULTISERVER_JSON}" + +} + +disablemultiserver() { + + DISABLE_MULTISERVER_JSON=$(cat << EOF +{ + "json": "yes", + "action": "onoff", + "off": "yes" +} +EOF +) + + curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_MULTI_SERVER?json=yes" --request "POST" --data "${DISABLE_MULTISERVER_JSON}" + +} + + +enablemultiserverpage() { + ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh" + + if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEMULTISERVER#########' "${ALL_PRE}"` ]]; then + perl -i -0pe 's/###########DISABLEMULTISERVER.*DISABLEMULTISERVEREND#########//gs' "${ALL_PRE}" + echo "Multiserver page has been enabled" + else + echo "Multiserver page is not disabled. Not doing anything" + fi + +} + +disablemultiserverpage() { + ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh" + ALLOW_LIST="/usr/local/directadmin/scripts/custom/admin_allow.list" + + if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEMULTISERVER#########' "${ALL_PRE}"` ]]; then + echo "Seems like multiserver page is already disabled" + exit 0 + fi + echo "Creating admin whitelist IP file." + echo "${TRUSTED_IPS}" | sed -e "s/,/\n/g" > "${ALLOW_LIST}" + + + DISABLE_ADMIN=$(cat << EOF +#!/bin/sh +###########DISABLEMULTISERVER######### +if [ "\$command" = "/CMD_API_MULTI_SERVER" ]; then + if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then + exit 0; + fi + echo "You cannot use multiserver"; + exit 1; +fi +if [ "\$command" = "/CMD_MULTI_SERVER" ]; then + if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then + exit 0; + fi + echo "You cannot use multiserver"; + exit 1; +fi +###########DISABLEMULTISERVEREND######### +EOF +) + echo "Adding disable script" + echo "${DISABLE_ADMIN}" > "${ALL_PRE}.tmp" + chown diradmin:diradmin "${ALL_PRE}.tmp" "${ALLOW_LIST}" + chmod 700 "${ALL_PRE}.tmp" "${ALLOW_LIST}" + if [[ -f "${ALL_PRE}" ]]; then + tail -n+2 "${ALL_PRE}" >> "${ALL_PRE}.tmp" + fi + mv -f "${ALL_PRE}.tmp" "${ALL_PRE}" + echo "Done" +} + + +enablecreateadmin() { + ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh" + + if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEADMIN#########' "${ALL_PRE}"` ]]; then + perl -i -0pe 's/###########DISABLEADMIN.*DISABLEADMINEND#########//gs' "${ALL_PRE}" + echo "Admin creation has been enabled" + else + echo "Admin creation is not disabled. Not doing anything" + fi + +} + +disablecreateadmin() { + ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh" + ALLOW_LIST="/usr/local/directadmin/scripts/custom/admin_allow.list" + + if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEADMIN#########' "${ALL_PRE}"` ]]; then + echo "Seems like admin creation is already disabled" + exit 0 + fi + echo "Creating admin whitelist IP file." + echo "${TRUSTED_IPS}" | sed -e "s/,/\n/g" > "${ALLOW_LIST}" + + + DISABLE_ADMIN=$(cat << EOF +#!/bin/sh +###########DISABLEADMIN######### +if [ "\$command" = "/CMD_API_ACCOUNT_ADMIN" ]; then + if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then + exit 0; + fi + echo "You cannot create admin"; + exit 1; +fi +if [ "\$command" = "/CMD_ACCOUNT_ADMIN" ]; then + if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then + exit 0; + fi + echo "You cannot create admin"; + exit 1; +fi +###########DISABLEADMINEND######### +EOF +) + echo "Adding disable script" + echo "${DISABLE_ADMIN}" > "${ALL_PRE}.tmp" + chown diradmin:diradmin "${ALL_PRE}.tmp" "${ALLOW_LIST}" + chmod 700 "${ALL_PRE}.tmp" "${ALLOW_LIST}" + if [[ -f "${ALL_PRE}" ]]; then + tail -n+2 "${ALL_PRE}" >> "${ALL_PRE}.tmp" + fi + mv -f "${ALL_PRE}.tmp" "${ALL_PRE}" + echo "Done" +} + + +listFunctions () { + echo "+---------------------------------------+" + echo "| TASKS:" + echo "| $0 createuser USERNAME PASSWORD DOMAIN " + echo "| $0 deleteuser USERNAME" + echo "| $0 createdb DBNAME DBUSERNAME DBPASSWORD" + echo "| $0 deletedb DBNAME" + echo "| $0 createforwarder FORWARDER DESTINATION" + echo "| $0 deleteforwarder FORWARDER" + echo "| $0 createdomain USERNAME DOMAIN" + echo "| $0 createdomain USERNAME list=file" + echo "| $0 deletedomain USERNAME DOMAIN" + echo "| $0 deletedomain USERNAME list=file" + echo "| $0 enablessh USERNAME" + echo "| $0 disablessh USERNAME" + echo "| $0 docroot USERNAME DOMAIN DOCROOT" + echo "| $0 createmail DOMAIN MBOX PASSWORD " + echo "| $0 deletemail DOMAIN MBOX" + echo "| $0 enabledkim domain" + echo "| $0 disabledkim domain" + echo "| $0 changemailpass DOMAIN MBOX PASSWORD" + echo "| $0 changeuserpass LOGIN PASSWORD" + echo "| $0 disablenamed" + echo "| $0 enablenamed" + echo "| $0 sethostname HOSTNAME" + echo "| $0 multiserver CLIENTHOSTNAME CLIENTNAME" + echo "| $0 enablemultiserver" + echo "| $0 disablemultiserver" + echo "| $0 enablemultiserverpage" + echo "| $0 disablemultiserverpage" + echo "| $0 enablecreateadmin" + echo "| $0 disablecreateadmin" + echo "+--------------------------------------+" +} + + +case "$1" in + createuser) createUser $2 $3 $4 $5 $6 ;; + deleteuser) deleteUser $2 ;; + createdb) createDB $2 $3 $4 ;; + deletedb) deleteDB $2 ;; + createforwarder) createForwarder $2 $3 ;; + deleteforwarder) deleteForwarder $2 ;; + createdomain) createDomain $2 $3 ;; + deletedomain) deleteDomain $2 $3 ;; + enablessh) enableSSH $2 ;; + disablessh) disableSSH $2 ;; + docroot) docroot $2 $3 $4 ;; + createmail) createmail $2 $3 $4 $5 ;; + deletemail) deletemail $2 $3 ;; + enabledkim) enabledkim $2 ;; + disabledkim) disabledkim $2 ;; + changemailpass) changemailpass $2 $3 $4 ;; + changeuserpass) changeuserpass $2 $3 ;; + disablenamed) disablenamed ;; + enablenamed) enablenamed ;; + sethostname) sethostname $2 ;; + multiserver) multiserver $2 $3 ;; + enablemultiserver) enablemultiserver ;; + disablemultiserver) disablemultiserver ;; + enablemultiserverpage) enablemultiserverpage ;; + disablemultiserverpage) disablemultiserverpage ;; + enablecreateadmin) enablecreateadmin ;; + disablecreateadmin) disablecreateadmin ;; + *) listFunctions ;; +esac