882 lines
25 KiB
Bash
882 lines
25 KiB
Bash
#!/bin/bash
|
|
#version 0.4
|
|
#gedas@mc2.dev
|
|
|
|
### VARS ###
|
|
DEFAULTPACKAGE=NO_LIMIT
|
|
DNSMASTER="192.168.8.13" # IP address of this server that should be used on the client host for multiserver
|
|
DNSSLAVE="192.168.8.14" # the second DNS server. This server should be able to login to DNSSLAVE via ssh
|
|
DNSSLAVEPORT="22" # port for dnsslave
|
|
ADMINUSER="admin" # server main admin user
|
|
TRUSTED_IPS="127.0.0.1,185.242.134.92,185.242.134.93,185.242.134.94,193.177.165.192,193.177.165.193,193.177.165.194,193.177.165.195,193.177.165.196" #comma separated list of IP addresses
|
|
### END VARS ###
|
|
|
|
######### FUNCTIONS
|
|
|
|
createUser() {
|
|
|
|
#mandatory options:
|
|
USERNAME="$1"
|
|
PASSWORD="$2"
|
|
DOMAIN="$3"
|
|
|
|
if [[ -z "${USERNAME}" ]] || [[ -z "${PASSWORD}" ]] || [[ -z "${DOMAIN}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Create a user:"
|
|
echo "$0 createuser USERNAME PASSWORD DOMAIN <PACKAGE> <EMAIL>"
|
|
echo "<PACKAGE> <EMAIL> are optional"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
#optional
|
|
PACKAGE="$4"
|
|
EMAIL="$5"
|
|
#default values if not set
|
|
[[ -z "${PACKAGE}" ]] && PACKAGE="${DEFAULTPACKAGE}"
|
|
[[ -z "${EMAIL}" ]] && EMAIL="admin@`hostname -f`"
|
|
|
|
#json template:
|
|
CREATE_USER_JSON=$(cat << EOF
|
|
{
|
|
"username": "${USERNAME}",
|
|
"email": "${EMAIL}",
|
|
"passwd": "${PASSWORD}",
|
|
"passwd2": "${PASSWORD}",
|
|
"domain": "${DOMAIN}",
|
|
"package": "${PACKAGE}",
|
|
"ip": "server",
|
|
"notify": "no",
|
|
"json": "yes",
|
|
"add": "yes",
|
|
"action": "create"
|
|
}
|
|
EOF
|
|
)
|
|
#create user
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_ACCOUNT_USER?json=yes" --request "POST" --data "${CREATE_USER_JSON}"
|
|
}
|
|
|
|
deleteUser() {
|
|
|
|
USERNAME="$1"
|
|
|
|
|
|
if [[ -z "${USERNAME}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Delete a user:"
|
|
echo "$0 deleteuser USERNAME"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
DELETE_USER_JSON=$(cat << EOF
|
|
{
|
|
"leave_dns": "no",
|
|
"json": "yes",
|
|
"location": "CMD_ALL_USER_SHOW",
|
|
"delete": "yes",
|
|
"confirmed": "yes",
|
|
"select0": "${USERNAME}"
|
|
}
|
|
EOF
|
|
)
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_SELECT_USERS?json=yes" --request "POST" --data "${DELETE_USER_JSON}"
|
|
}
|
|
|
|
createDB() {
|
|
|
|
DBNAME="$1"
|
|
DBUSERNAME="$2"
|
|
DBPASSWORD="$3"
|
|
|
|
if [[ -z "${DBNAME}" ]] || [[ -z "${DBUSERNAME}" ]] || [[ -z "${DBPASSWORD}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Create a database:"
|
|
echo "$0 createdb DBNAME DBUSERNAME DBPASSWORD"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
USERNAME=$(echo ${DBNAME} | cut -f1 -d_)
|
|
DBNAME=$(echo ${DBNAME} | cut -f2 -d_)
|
|
DBUSERNAME=$(echo ${DBUSERNAME} | cut -f2 -d_)
|
|
|
|
CREATE_DB_JSON=$(cat << EOF
|
|
{
|
|
"name": "${DBNAME}",
|
|
"user": "${DBUSERNAME}",
|
|
"passwd": "${DBPASSWORD}",
|
|
"passwd2": "${DBPASSWORD}",
|
|
"userlist": "...",
|
|
"json": "yes",
|
|
"action": "create"
|
|
}
|
|
EOF
|
|
)
|
|
|
|
#create db
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DB?json=yes" --request "POST" --data "${CREATE_DB_JSON}"
|
|
}
|
|
|
|
deleteDB() {
|
|
|
|
DBNAME="$1"
|
|
|
|
if [[ -z "${DBNAME}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Delete a database:"
|
|
echo "$0 deletedb DBNAME"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
USERNAME=$(echo ${DBNAME} | cut -f1 -d_)
|
|
|
|
DELETE_DB_JSON=$(cat << EOF
|
|
{
|
|
"json": "yes",
|
|
"action": "select",
|
|
"delete_db": "yes",
|
|
"select0": "${DBNAME}"
|
|
}
|
|
EOF
|
|
)
|
|
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DB?json=yes" --request "POST" --data "${DELETE_DB_JSON}"
|
|
|
|
}
|
|
|
|
|
|
createForwarder() {
|
|
|
|
FORWARDER="$1"
|
|
DESTINATION="$2"
|
|
|
|
if [[ -z "${FORWARDER}" ]] || [[ -z "${DESTINATION}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Create a forwarder:"
|
|
echo "$0 createforwarder FORWARDER DESTINATION"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
DOMAIN=$(echo ${FORWARDER} | cut -f2 -d@)
|
|
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
|
|
|
|
CREATE_FORWARDER_JSON=$(cat << EOF
|
|
{
|
|
"json": "yes",
|
|
"action": "create",
|
|
"raw_forwarders": "${FORWARDER} --> ${DESTINATION}"
|
|
}
|
|
EOF
|
|
)
|
|
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_FORWARDER?json=yes" --request "POST" --data "${CREATE_FORWARDER_JSON}"
|
|
}
|
|
|
|
|
|
deleteForwarder() {
|
|
|
|
FORWARDER="$1"
|
|
|
|
if [[ -z "${FORWARDER}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Delete a forwarder:"
|
|
echo "$0 deleteforwarder FORWARDER"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
DOMAIN=$(echo ${FORWARDER} | cut -f2 -d@)
|
|
BOX=$(echo ${FORWARDER} | cut -f1 -d@)
|
|
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
|
|
|
|
DELETE_FORWARDER_JSON=$(cat << EOF
|
|
{
|
|
"domain": "${DOMAIN}",
|
|
"json": "yes",
|
|
"action": "delete",
|
|
"delete": "yes",
|
|
"select0": "${BOX}"
|
|
}
|
|
EOF
|
|
)
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_FORWARDER?json=yes" --request "POST" --data "${DELETE_FORWARDER_JSON}"
|
|
}
|
|
|
|
createDomain() {
|
|
|
|
USERNAME="$1"
|
|
DOMAIN="$2"
|
|
|
|
if [[ -z "${USERNAME}" ]] || [[ -z "${DOMAIN}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Create a domain for a user:"
|
|
echo "$0 createdomain USERNAME DOMAIN"
|
|
echo "or"
|
|
echo "$0 createdomain USERNAME list=file"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
|
|
if [[ $(echo ${DOMAIN} | grep -c -E "^list=") -gt 0 ]]; then
|
|
DOMFILE=$(echo ${DOMAIN} | cut -f2 -d=)
|
|
for DOMAIN in `cat ${DOMFILE}`; do
|
|
CREATE_DOMAIN_JSON=$(cat << EOF
|
|
{
|
|
"domain": "${DOMAIN}",
|
|
"uquota": "unlimited",
|
|
"ssl": "ON",
|
|
"php": "ON",
|
|
"json": "yes",
|
|
"action": "create",
|
|
"ubandwidth": "unlimited"
|
|
}
|
|
EOF
|
|
)
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${CREATE_DOMAIN_JSON}"
|
|
done
|
|
else
|
|
CREATE_DOMAIN_JSON=$(cat << EOF
|
|
{
|
|
"domain": "${DOMAIN}",
|
|
"uquota": "unlimited",
|
|
"ssl": "ON",
|
|
"php": "ON",
|
|
"json": "yes",
|
|
"action": "create",
|
|
"ubandwidth": "unlimited"
|
|
}
|
|
EOF
|
|
)
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${CREATE_DOMAIN_JSON}"
|
|
fi
|
|
}
|
|
|
|
deleteDomain() {
|
|
|
|
USERNAME="$1"
|
|
DOMAIN="$2"
|
|
|
|
if [[ -z "${USERNAME}" ]] || [[ -z "${DOMAIN}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Delete a domain from a user:"
|
|
echo "$0 deletedomain USERNAME DOMAIN"
|
|
echo "or"
|
|
echo "$0 deletedomain USERNAME list=file"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
if [[ $(echo ${DOMAIN} | grep -c -E "^list=") -gt 0 ]]; then
|
|
DOMFILE=$(echo ${DOMAIN} | cut -f2 -d=)
|
|
for DOMAIN in `cat ${DOMFILE}`; do
|
|
DELETE_DOMAIN_JSON=$(cat << EOF
|
|
{
|
|
"delete_data": "yes",
|
|
"json": "yes",
|
|
"action": "select",
|
|
"delete": "yes",
|
|
"confirmed": "yes",
|
|
"delete_data_aware": "yes",
|
|
"select0": "${DOMAIN}"
|
|
}
|
|
EOF
|
|
)
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${DELETE_DOMAIN_JSON}"
|
|
done
|
|
else
|
|
DELETE_DOMAIN_JSON=$(cat << EOF
|
|
{
|
|
"delete_data": "yes",
|
|
"json": "yes",
|
|
"action": "select",
|
|
"delete": "yes",
|
|
"confirmed": "yes",
|
|
"delete_data_aware": "yes",
|
|
"select0": "${DOMAIN}"
|
|
}
|
|
EOF
|
|
)
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${DELETE_DOMAIN_JSON}"
|
|
fi
|
|
|
|
}
|
|
|
|
enableSSH() {
|
|
|
|
USERNAME="$1"
|
|
|
|
if [[ -z "${USERNAME}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Enable SSH for a user:"
|
|
echo "$0 enablessh USERNAME"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
chsh -s /bin/bash ${USERNAME}
|
|
sed -i -e 's/ssh=OFF/ssh=ON/g' /usr/local/directadmin/data/users/${USERNAME}/user.conf
|
|
|
|
}
|
|
|
|
disableSSH() {
|
|
|
|
USERNAME="$1"
|
|
|
|
if [[ -z "${USERNAME}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Disable SSH for a user:"
|
|
echo "$0 disablessh USERNAME"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
chsh -s /bin/false ${USERNAME}
|
|
sed -i -e 's/ssh=ON/ssh=OFF/g' /usr/local/directadmin/data/users/${USERNAME}/user.conf
|
|
}
|
|
|
|
docroot() {
|
|
|
|
|
|
USERNAME="$1"
|
|
DOMAIN="$2"
|
|
DOCROOT="$3"
|
|
|
|
if [[ -z "${USERNAME}" ]] || [[ -z "${DOMAIN}" ]] || [[ -z "${DOCROOT}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Change DOCROOT for a domain:"
|
|
echo "$0 docroot USERNAME DOMAIN DOCROOT"
|
|
echo "Example $0 docroot john domain.tld domains/domain.tld/public_html"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
if [[ $(grep DOCROOT /usr/local/directadmin/data/users/${USERNAME}/domains/${DOMAIN}.cust_httpd -q -c) -gt 0 ]]; then
|
|
echo "Custom docroot already exist. Please remove the customisation."
|
|
else
|
|
echo "|?DOCROOT=/home/${USERNAME}/${DOCROOT}|" >> /usr/local/directadmin/data/users/${USERNAME}/domains/${DOMAIN}.cust_httpd
|
|
echo "action=rewrite&value=httpd&domain=${DOMAIN}" >> /usr/local/directadmin/data/task.queue.cb
|
|
/usr/local/directadmin/dataskq d --custombuild
|
|
fi
|
|
}
|
|
|
|
createmail() {
|
|
|
|
DOMAIN="$1"
|
|
MBOX="$2"
|
|
PASSWORD="$3"
|
|
SIZE="$4"
|
|
[[ -z "${SIZE}" ]] && SIZE="0"
|
|
|
|
|
|
if [[ -z "${DOMAIN}" ]] || [[ -z "${MBOX}" ]] || [[ -z "${PASSWORD}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Create a mailbox:"
|
|
echo "$0 createmail DOMAIN MBOX PASSWORD <SIZE>"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
CREATE_EMAIL_JSON=$(cat << EOF
|
|
{
|
|
"user": "${MBOX}",
|
|
"passwd2": "${PASSWORD}",
|
|
"passwd": "${PASSWORD}",
|
|
"quota": "${SIZE}",
|
|
"limit": "200",
|
|
"domain": "${DOMAIN}",
|
|
"json": "yes",
|
|
"action": "create"
|
|
}
|
|
EOF
|
|
)
|
|
|
|
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
|
|
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${CREATE_EMAIL_JSON}"
|
|
}
|
|
|
|
deletemail() {
|
|
|
|
DOMAIN="$1"
|
|
MBOX="$2"
|
|
|
|
|
|
if [[ -z "${DOMAIN}" ]] || [[ -z "${MBOX}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Delete a mailbox:"
|
|
echo "$0 deletemail DOMAIN MBOX"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
DELETE_EMAIL_JSON=$(cat << EOF
|
|
{
|
|
"clean_forwarders": "yes",
|
|
"domain": "${DOMAIN}",
|
|
"json": "yes",
|
|
"action": "delete",
|
|
"delete": "yes",
|
|
"select0": "${MBOX}"
|
|
}
|
|
EOF
|
|
)
|
|
|
|
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
|
|
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${DELETE_EMAIL_JSON}"
|
|
}
|
|
|
|
|
|
enabledkim() {
|
|
DOMAIN="$1"
|
|
|
|
if [[ -z "${DOMAIN}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Enable DKIM for a domain:"
|
|
echo "$0 enabledkim DOMAIN"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
ENABLE_DKIM_JSON=$(cat << EOF
|
|
{
|
|
"action": "set_dkim",
|
|
"domain": "${DOMAIN}",
|
|
"json": "yes",
|
|
"enable": "yes"
|
|
}
|
|
EOF
|
|
)
|
|
|
|
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
|
|
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${ENABLE_DKIM_JSON}"
|
|
|
|
}
|
|
|
|
disabledkim() {
|
|
DOMAIN="$1"
|
|
|
|
if [[ -z "${DOMAIN}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Enable DKIM for a domain:"
|
|
echo "$0 enabledkim DOMAIN"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
DISABLE_DKIM_JSON=$(cat << EOF
|
|
{
|
|
"action": "set_dkim",
|
|
"domain": "${DOMAIN}",
|
|
"json": "yes",
|
|
"disable": "yes"
|
|
}
|
|
EOF
|
|
)
|
|
|
|
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
|
|
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${DISABLE_DKIM_JSON}"
|
|
}
|
|
|
|
|
|
|
|
|
|
changemailpass() {
|
|
|
|
DOMAIN="$1"
|
|
MBOX="$2"
|
|
PASSWORD="$3"
|
|
|
|
if [[ -z "${DOMAIN}" ]] || [[ -z "${MBOX}" ]] || [[ -z "${PASSWORD}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Change mailbox password:"
|
|
echo "$0 changemailpass DOMAIN MBOX PASSWORD"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
CHANGE_EMAIL_PASS_JSON=$(cat << EOF
|
|
{
|
|
"user": "${MBOX}",
|
|
"newuser": "${MBOX}",
|
|
"passwd2": "${PASSWORD}",
|
|
"passwd": "${PASSWORD}",
|
|
"quota": "50",
|
|
"limit": "200",
|
|
"domain": "${DOMAIN}",
|
|
"json": "yes",
|
|
"action": "modify"
|
|
}
|
|
EOF
|
|
)
|
|
|
|
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
|
|
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${CHANGE_EMAIL_PASS_JSON}"
|
|
}
|
|
|
|
changeuserpass() {
|
|
|
|
USER="$1"
|
|
PASSWORD="$2"
|
|
|
|
if [[ -z "${USER}" ]] || [[ -z "${PASSWORD}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Change mailbox password:"
|
|
echo "$0 changeuserpass LOGIN PASSWORD"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
CHANGE_USER_PASS_JSON=$(cat << EOF
|
|
{
|
|
"username": "${USER}",
|
|
"passwd": "${PASSWORD}",
|
|
"json": "yes",
|
|
"action": "create",
|
|
"referer": "CMD_API_USER_PASSWD",
|
|
"passwd2": "${PASSWORD}"
|
|
}
|
|
EOF
|
|
)
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_USER_PASSWD?json=yes" --request "POST" --data "${CHANGE_USER_PASS_JSON}"
|
|
}
|
|
|
|
disablenamed() {
|
|
sed -i -e 's/named=ON/named=OFF/g' /usr/local/directadmin/data/admin/services.status
|
|
systemctl stop named
|
|
systemctl disable named
|
|
|
|
NAMED_PLACEBO=$(cat << EOF
|
|
[Unit]
|
|
Description=Named Placebo
|
|
After=syslog.target network.target
|
|
Requires=network.target
|
|
Documentation=http://help.directadmin.com/item.php?id=25
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=/usr/bin/echo -n ''
|
|
EOF
|
|
)
|
|
|
|
[[ -f '/etc/systemd/system/named.service' ]] && echo "${NAMED_PLACEBO}" > /etc/systemd/system/named.service
|
|
[[ -f '/usr/lib/systemd/system/named.service' ]] && echo "${NAMED_PLACEBO}" > /usr/lib/systemd/system/named.service
|
|
|
|
systemctl daemon-reload
|
|
}
|
|
|
|
enablenamed() {
|
|
[[ `grep 'Placebo' -q /etc/systemd/system/named.service` ]] && rm -fv /etc/systemd/system/named.service
|
|
[[ `grep 'Placebo' -q /usr/lib/systemd/system/named.service` ]] && rm -fv /usr/lib/systemd/system/named.service
|
|
|
|
cd /usr/local/directadmin/custombuild
|
|
./build update
|
|
./build bind
|
|
}
|
|
|
|
sethostname() {
|
|
/usr/local/directadmin/scripts/hostname.sh "$1"
|
|
}
|
|
|
|
multiserver() {
|
|
#Is used to create admin account locally + create the same account on the DNSSLAVE server using SSH.
|
|
#Then client to the CLIENTHOSTNAME and use that for multiserver setup.
|
|
|
|
CLIENTHOSTNAME="$1"
|
|
CLIENTNAME="$2"
|
|
|
|
if [[ -z "${CLIENTHOSTNAME}" ]] || [[ -z "${CLIENTNAME}" ]]; then
|
|
echo "+---------------------------------------+"
|
|
echo "Push multiserver settings to CLIENTHOSTNAME:"
|
|
echo "$0 multiserver CLIENTHOSTNAME CLIENTNAME"
|
|
echo "+---------------------------------------+"
|
|
exit 1
|
|
fi
|
|
|
|
|
|
GLOBALKEYDIR="/usr/local/directadmin/data/users/admin/login_keys"
|
|
KEYDIR="${GLOBALKEYDIR}/dns${CLIENTNAME}"
|
|
PASSWD=`openssl rand -base64 20`
|
|
HASH=`echo -n "${PASSWD}" | openssl passwd -6 -stdin`
|
|
|
|
## precheck connectivity
|
|
|
|
if [[ `whoami` == root ]]; then
|
|
if [[ `ssh -lroot ${CLIENTHOSTNAME} 'whoami'` == "root" ]]; then
|
|
if [[ `ssh -lroot ${DNSSLAVE} 'whoami'` == "root" ]]; then
|
|
echo "Access looks good"
|
|
else
|
|
echo "Error: We need root access to the ${DNSSLAVE}"
|
|
exit 1
|
|
fi
|
|
else
|
|
echo "Error: We need root access to the ${CLIENTHOSTNAME}"
|
|
exit 1
|
|
fi
|
|
else
|
|
echo "Error: Script must be executed as root"
|
|
exit 1
|
|
fi
|
|
|
|
## local DNS key creation
|
|
echo "Creating local keys 'dns${CLIENTNAME}'"
|
|
mkdir -p ${KEYDIR}
|
|
|
|
cat << EOF > ${KEYDIR}/key.conf
|
|
allow_htm=no
|
|
clear_key=no
|
|
created_by=127.0.0.1
|
|
date_created=$(date +%s)
|
|
expiry=0
|
|
key=${HASH}
|
|
max_uses=0
|
|
uses=0
|
|
EOF
|
|
|
|
cat << EOF > ${KEYDIR}/commands.allow
|
|
CMD_API_DNS_ADMIN
|
|
CMD_API_LOGIN_TEST
|
|
EOF
|
|
|
|
chown -R diradmin:diradmin ${KEYDIR}
|
|
chmod 700 ${KEYDIR}
|
|
chmod 600 ${KEYDIR}/key.conf ${KEYDIR}/commands.allow
|
|
|
|
## Remote DNS rsync keys to DNSSLAVE.
|
|
echo "Syncing keys to ${DNSSLAVE}"
|
|
rsync ${KEYDIR}/ root@${DNSSLAVE}:${KEYDIR}/ -e "ssh -p ${DNSSLAVEPORT}" -a --delete
|
|
|
|
### Push settings to the client server.
|
|
echo "Enabling multiserver on the ${CLIENTHOSTNAME}"
|
|
BASE64PW=`echo -n ${PASSWD} | base64`
|
|
SSHREMOTE="ssh -lroot ${CLIENTHOSTNAME} --"
|
|
CLUSTERCONF="/usr/local/directadmin/data/admin/cluster.conf"
|
|
|
|
${SSHREMOTE} "/usr/local/directadmin/directadmin set cluster 1"
|
|
${SSHREMOTE} "systemctl restart directadmin"
|
|
${SSHREMOTE} "sed -i -e '/^${DNSMASTER}=/d' ${CLUSTERCONF}"
|
|
${SSHREMOTE} "sed -i -e '/^${DNSSLAVE}=/d' ${CLUSTERCONF}"
|
|
${SSHREMOTE} "echo '${DNSMASTER}=dns=yes&domain_check=yes&email=no&passwd=${BASE64PW}&port=2222&show_all_users=no&ssl=yes&user=admin&user_check=no&user_sync=no' >> ${CLUSTERCONF}"
|
|
${SSHREMOTE} "echo '${DNSSLAVE}=dns=yes&domain_check=yes&email=no&passwd=${BASE64PW}&port=2222&show_all_users=no&ssl=yes&user=admin&user_check=no&user_sync=no' >> ${CLUSTERCONF}"
|
|
${SSHREMOTE} "echo 'action=rewrite&value=named' >> /usr/local/directadmin/data/task.queue; /usr/local/directadmin/dataskq d"
|
|
|
|
}
|
|
|
|
enablemultiserver() {
|
|
|
|
ENABLE_MULTISERVER_JSON=$(cat << EOF
|
|
{
|
|
"json": "yes",
|
|
"action": "onoff",
|
|
"on": "yes"
|
|
}
|
|
EOF
|
|
)
|
|
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_MULTI_SERVER?json=yes" --request "POST" --data "${ENABLE_MULTISERVER_JSON}"
|
|
|
|
}
|
|
|
|
disablemultiserver() {
|
|
|
|
DISABLE_MULTISERVER_JSON=$(cat << EOF
|
|
{
|
|
"json": "yes",
|
|
"action": "onoff",
|
|
"off": "yes"
|
|
}
|
|
EOF
|
|
)
|
|
|
|
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_MULTI_SERVER?json=yes" --request "POST" --data "${DISABLE_MULTISERVER_JSON}"
|
|
|
|
}
|
|
|
|
|
|
enablemultiserverpage() {
|
|
ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh"
|
|
|
|
if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEMULTISERVER#########' "${ALL_PRE}"` ]]; then
|
|
perl -i -0pe 's/###########DISABLEMULTISERVER.*DISABLEMULTISERVEREND#########//gs' "${ALL_PRE}"
|
|
echo "Multiserver page has been enabled"
|
|
else
|
|
echo "Multiserver page is not disabled. Not doing anything"
|
|
fi
|
|
|
|
}
|
|
|
|
disablemultiserverpage() {
|
|
ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh"
|
|
ALLOW_LIST="/usr/local/directadmin/scripts/custom/admin_allow.list"
|
|
|
|
if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEMULTISERVER#########' "${ALL_PRE}"` ]]; then
|
|
echo "Seems like multiserver page is already disabled"
|
|
exit 0
|
|
fi
|
|
echo "Creating admin whitelist IP file."
|
|
echo "${TRUSTED_IPS}" | sed -e "s/,/\n/g" > "${ALLOW_LIST}"
|
|
|
|
|
|
DISABLE_ADMIN=$(cat << EOF
|
|
#!/bin/sh
|
|
###########DISABLEMULTISERVER#########
|
|
if [ "\$command" = "/CMD_API_MULTI_SERVER" ]; then
|
|
if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then
|
|
exit 0;
|
|
fi
|
|
echo "You cannot use multiserver";
|
|
exit 1;
|
|
fi
|
|
if [ "\$command" = "/CMD_MULTI_SERVER" ]; then
|
|
if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then
|
|
exit 0;
|
|
fi
|
|
echo "You cannot use multiserver";
|
|
exit 1;
|
|
fi
|
|
###########DISABLEMULTISERVEREND#########
|
|
EOF
|
|
)
|
|
echo "Adding disable script"
|
|
echo "${DISABLE_ADMIN}" > "${ALL_PRE}.tmp"
|
|
chown diradmin:diradmin "${ALL_PRE}.tmp" "${ALLOW_LIST}"
|
|
chmod 700 "${ALL_PRE}.tmp" "${ALLOW_LIST}"
|
|
if [[ -f "${ALL_PRE}" ]]; then
|
|
tail -n+2 "${ALL_PRE}" >> "${ALL_PRE}.tmp"
|
|
fi
|
|
mv -f "${ALL_PRE}.tmp" "${ALL_PRE}"
|
|
echo "Done"
|
|
}
|
|
|
|
|
|
enablecreateadmin() {
|
|
ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh"
|
|
|
|
if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEADMIN#########' "${ALL_PRE}"` ]]; then
|
|
perl -i -0pe 's/###########DISABLEADMIN.*DISABLEADMINEND#########//gs' "${ALL_PRE}"
|
|
echo "Admin creation has been enabled"
|
|
else
|
|
echo "Admin creation is not disabled. Not doing anything"
|
|
fi
|
|
|
|
}
|
|
|
|
disablecreateadmin() {
|
|
ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh"
|
|
ALLOW_LIST="/usr/local/directadmin/scripts/custom/admin_allow.list"
|
|
|
|
if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEADMIN#########' "${ALL_PRE}"` ]]; then
|
|
echo "Seems like admin creation is already disabled"
|
|
exit 0
|
|
fi
|
|
echo "Creating admin whitelist IP file."
|
|
echo "${TRUSTED_IPS}" | sed -e "s/,/\n/g" > "${ALLOW_LIST}"
|
|
|
|
|
|
DISABLE_ADMIN=$(cat << EOF
|
|
#!/bin/sh
|
|
###########DISABLEADMIN#########
|
|
if [ "\$command" = "/CMD_API_ACCOUNT_ADMIN" ]; then
|
|
if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then
|
|
exit 0;
|
|
fi
|
|
echo "You cannot create admin";
|
|
exit 1;
|
|
fi
|
|
if [ "\$command" = "/CMD_ACCOUNT_ADMIN" ]; then
|
|
if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then
|
|
exit 0;
|
|
fi
|
|
echo "You cannot create admin";
|
|
exit 1;
|
|
fi
|
|
###########DISABLEADMINEND#########
|
|
EOF
|
|
)
|
|
echo "Adding disable script"
|
|
echo "${DISABLE_ADMIN}" > "${ALL_PRE}.tmp"
|
|
chown diradmin:diradmin "${ALL_PRE}.tmp" "${ALLOW_LIST}"
|
|
chmod 700 "${ALL_PRE}.tmp" "${ALLOW_LIST}"
|
|
if [[ -f "${ALL_PRE}" ]]; then
|
|
tail -n+2 "${ALL_PRE}" >> "${ALL_PRE}.tmp"
|
|
fi
|
|
mv -f "${ALL_PRE}.tmp" "${ALL_PRE}"
|
|
echo "Done"
|
|
}
|
|
|
|
|
|
listFunctions () {
|
|
echo "+---------------------------------------+"
|
|
echo "| TASKS:"
|
|
echo "| $0 createuser USERNAME PASSWORD DOMAIN <PACKAGE> <EMAIL>"
|
|
echo "| $0 deleteuser USERNAME"
|
|
echo "| $0 createdb DBNAME DBUSERNAME DBPASSWORD"
|
|
echo "| $0 deletedb DBNAME"
|
|
echo "| $0 createforwarder FORWARDER DESTINATION"
|
|
echo "| $0 deleteforwarder FORWARDER"
|
|
echo "| $0 createdomain USERNAME DOMAIN"
|
|
echo "| $0 createdomain USERNAME list=file"
|
|
echo "| $0 deletedomain USERNAME DOMAIN"
|
|
echo "| $0 deletedomain USERNAME list=file"
|
|
echo "| $0 enablessh USERNAME"
|
|
echo "| $0 disablessh USERNAME"
|
|
echo "| $0 docroot USERNAME DOMAIN DOCROOT"
|
|
echo "| $0 createmail DOMAIN MBOX PASSWORD <SIZE>"
|
|
echo "| $0 deletemail DOMAIN MBOX"
|
|
echo "| $0 enabledkim domain"
|
|
echo "| $0 disabledkim domain"
|
|
echo "| $0 changemailpass DOMAIN MBOX PASSWORD"
|
|
echo "| $0 changeuserpass LOGIN PASSWORD"
|
|
echo "| $0 disablenamed"
|
|
echo "| $0 enablenamed"
|
|
echo "| $0 sethostname HOSTNAME"
|
|
echo "| $0 multiserver CLIENTHOSTNAME CLIENTNAME"
|
|
echo "| $0 enablemultiserver"
|
|
echo "| $0 disablemultiserver"
|
|
echo "| $0 enablemultiserverpage"
|
|
echo "| $0 disablemultiserverpage"
|
|
echo "| $0 enablecreateadmin"
|
|
echo "| $0 disablecreateadmin"
|
|
echo "+--------------------------------------+"
|
|
}
|
|
|
|
|
|
case "$1" in
|
|
createuser) createUser $2 $3 $4 $5 $6 ;;
|
|
deleteuser) deleteUser $2 ;;
|
|
createdb) createDB $2 $3 $4 ;;
|
|
deletedb) deleteDB $2 ;;
|
|
createforwarder) createForwarder $2 $3 ;;
|
|
deleteforwarder) deleteForwarder $2 ;;
|
|
createdomain) createDomain $2 $3 ;;
|
|
deletedomain) deleteDomain $2 $3 ;;
|
|
enablessh) enableSSH $2 ;;
|
|
disablessh) disableSSH $2 ;;
|
|
docroot) docroot $2 $3 $4 ;;
|
|
createmail) createmail $2 $3 $4 $5 ;;
|
|
deletemail) deletemail $2 $3 ;;
|
|
enabledkim) enabledkim $2 ;;
|
|
disabledkim) disabledkim $2 ;;
|
|
changemailpass) changemailpass $2 $3 $4 ;;
|
|
changeuserpass) changeuserpass $2 $3 ;;
|
|
disablenamed) disablenamed ;;
|
|
enablenamed) enablenamed ;;
|
|
sethostname) sethostname $2 ;;
|
|
multiserver) multiserver $2 $3 ;;
|
|
enablemultiserver) enablemultiserver ;;
|
|
disablemultiserver) disablemultiserver ;;
|
|
enablemultiserverpage) enablemultiserverpage ;;
|
|
disablemultiserverpage) disablemultiserverpage ;;
|
|
enablecreateadmin) enablecreateadmin ;;
|
|
disablecreateadmin) disablecreateadmin ;;
|
|
*) listFunctions ;;
|
|
esac
|