Files
dapostinstall/da_cli.sh
T
Marek Miklewicz 57bebc51d7 Update da_cli.sh
2022-05-08 21:35:32 +02:00

882 lines
25 KiB
Bash

#!/bin/bash
#version 0.4
#gedas@mc2.dev
### VARS ###
DEFAULTPACKAGE=NO_LIMIT
DNSMASTER="192.168.8.13" # IP address of this server that should be used on the client host for multiserver
DNSSLAVE="192.168.8.14" # the second DNS server. This server should be able to login to DNSSLAVE via ssh
DNSSLAVEPORT="22" # port for dnsslave
ADMINUSER="admin" # server main admin user
TRUSTED_IPS="127.0.0.1,185.242.134.92,185.242.134.93,185.242.134.94,193.177.165.192,193.177.165.193,193.177.165.194,193.177.165.195,193.177.165.196" #comma separated list of IP addresses
### END VARS ###
######### FUNCTIONS
createUser() {
#mandatory options:
USERNAME="$1"
PASSWORD="$2"
DOMAIN="$3"
if [[ -z "${USERNAME}" ]] || [[ -z "${PASSWORD}" ]] || [[ -z "${DOMAIN}" ]]; then
echo "+---------------------------------------+"
echo "Create a user:"
echo "$0 createuser USERNAME PASSWORD DOMAIN <PACKAGE> <EMAIL>"
echo "<PACKAGE> <EMAIL> are optional"
echo "+---------------------------------------+"
exit 1
fi
#optional
PACKAGE="$4"
EMAIL="$5"
#default values if not set
[[ -z "${PACKAGE}" ]] && PACKAGE="${DEFAULTPACKAGE}"
[[ -z "${EMAIL}" ]] && EMAIL="admin@`hostname -f`"
#json template:
CREATE_USER_JSON=$(cat << EOF
{
"username": "${USERNAME}",
"email": "${EMAIL}",
"passwd": "${PASSWORD}",
"passwd2": "${PASSWORD}",
"domain": "${DOMAIN}",
"package": "${PACKAGE}",
"ip": "server",
"notify": "no",
"json": "yes",
"add": "yes",
"action": "create"
}
EOF
)
#create user
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_ACCOUNT_USER?json=yes" --request "POST" --data "${CREATE_USER_JSON}"
}
deleteUser() {
USERNAME="$1"
if [[ -z "${USERNAME}" ]]; then
echo "+---------------------------------------+"
echo "Delete a user:"
echo "$0 deleteuser USERNAME"
echo "+---------------------------------------+"
exit 1
fi
DELETE_USER_JSON=$(cat << EOF
{
"leave_dns": "no",
"json": "yes",
"location": "CMD_ALL_USER_SHOW",
"delete": "yes",
"confirmed": "yes",
"select0": "${USERNAME}"
}
EOF
)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_SELECT_USERS?json=yes" --request "POST" --data "${DELETE_USER_JSON}"
}
createDB() {
DBNAME="$1"
DBUSERNAME="$2"
DBPASSWORD="$3"
if [[ -z "${DBNAME}" ]] || [[ -z "${DBUSERNAME}" ]] || [[ -z "${DBPASSWORD}" ]]; then
echo "+---------------------------------------+"
echo "Create a database:"
echo "$0 createdb DBNAME DBUSERNAME DBPASSWORD"
echo "+---------------------------------------+"
exit 1
fi
USERNAME=$(echo ${DBNAME} | cut -f1 -d_)
DBNAME=$(echo ${DBNAME} | cut -f2 -d_)
DBUSERNAME=$(echo ${DBUSERNAME} | cut -f2 -d_)
CREATE_DB_JSON=$(cat << EOF
{
"name": "${DBNAME}",
"user": "${DBUSERNAME}",
"passwd": "${DBPASSWORD}",
"passwd2": "${DBPASSWORD}",
"userlist": "...",
"json": "yes",
"action": "create"
}
EOF
)
#create db
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DB?json=yes" --request "POST" --data "${CREATE_DB_JSON}"
}
deleteDB() {
DBNAME="$1"
if [[ -z "${DBNAME}" ]]; then
echo "+---------------------------------------+"
echo "Delete a database:"
echo "$0 deletedb DBNAME"
echo "+---------------------------------------+"
exit 1
fi
USERNAME=$(echo ${DBNAME} | cut -f1 -d_)
DELETE_DB_JSON=$(cat << EOF
{
"json": "yes",
"action": "select",
"delete_db": "yes",
"select0": "${DBNAME}"
}
EOF
)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DB?json=yes" --request "POST" --data "${DELETE_DB_JSON}"
}
createForwarder() {
FORWARDER="$1"
DESTINATION="$2"
if [[ -z "${FORWARDER}" ]] || [[ -z "${DESTINATION}" ]]; then
echo "+---------------------------------------+"
echo "Create a forwarder:"
echo "$0 createforwarder FORWARDER DESTINATION"
echo "+---------------------------------------+"
exit 1
fi
DOMAIN=$(echo ${FORWARDER} | cut -f2 -d@)
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
CREATE_FORWARDER_JSON=$(cat << EOF
{
"json": "yes",
"action": "create",
"raw_forwarders": "${FORWARDER} --> ${DESTINATION}"
}
EOF
)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_FORWARDER?json=yes" --request "POST" --data "${CREATE_FORWARDER_JSON}"
}
deleteForwarder() {
FORWARDER="$1"
if [[ -z "${FORWARDER}" ]]; then
echo "+---------------------------------------+"
echo "Delete a forwarder:"
echo "$0 deleteforwarder FORWARDER"
echo "+---------------------------------------+"
exit 1
fi
DOMAIN=$(echo ${FORWARDER} | cut -f2 -d@)
BOX=$(echo ${FORWARDER} | cut -f1 -d@)
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
DELETE_FORWARDER_JSON=$(cat << EOF
{
"domain": "${DOMAIN}",
"json": "yes",
"action": "delete",
"delete": "yes",
"select0": "${BOX}"
}
EOF
)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_FORWARDER?json=yes" --request "POST" --data "${DELETE_FORWARDER_JSON}"
}
createDomain() {
USERNAME="$1"
DOMAIN="$2"
if [[ -z "${USERNAME}" ]] || [[ -z "${DOMAIN}" ]]; then
echo "+---------------------------------------+"
echo "Create a domain for a user:"
echo "$0 createdomain USERNAME DOMAIN"
echo "or"
echo "$0 createdomain USERNAME list=file"
echo "+---------------------------------------+"
exit 1
fi
if [[ $(echo ${DOMAIN} | grep -c -E "^list=") -gt 0 ]]; then
DOMFILE=$(echo ${DOMAIN} | cut -f2 -d=)
for DOMAIN in `cat ${DOMFILE}`; do
CREATE_DOMAIN_JSON=$(cat << EOF
{
"domain": "${DOMAIN}",
"uquota": "unlimited",
"ssl": "ON",
"php": "ON",
"json": "yes",
"action": "create",
"ubandwidth": "unlimited"
}
EOF
)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${CREATE_DOMAIN_JSON}"
done
else
CREATE_DOMAIN_JSON=$(cat << EOF
{
"domain": "${DOMAIN}",
"uquota": "unlimited",
"ssl": "ON",
"php": "ON",
"json": "yes",
"action": "create",
"ubandwidth": "unlimited"
}
EOF
)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${CREATE_DOMAIN_JSON}"
fi
}
deleteDomain() {
USERNAME="$1"
DOMAIN="$2"
if [[ -z "${USERNAME}" ]] || [[ -z "${DOMAIN}" ]]; then
echo "+---------------------------------------+"
echo "Delete a domain from a user:"
echo "$0 deletedomain USERNAME DOMAIN"
echo "or"
echo "$0 deletedomain USERNAME list=file"
echo "+---------------------------------------+"
exit 1
fi
if [[ $(echo ${DOMAIN} | grep -c -E "^list=") -gt 0 ]]; then
DOMFILE=$(echo ${DOMAIN} | cut -f2 -d=)
for DOMAIN in `cat ${DOMFILE}`; do
DELETE_DOMAIN_JSON=$(cat << EOF
{
"delete_data": "yes",
"json": "yes",
"action": "select",
"delete": "yes",
"confirmed": "yes",
"delete_data_aware": "yes",
"select0": "${DOMAIN}"
}
EOF
)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${DELETE_DOMAIN_JSON}"
done
else
DELETE_DOMAIN_JSON=$(cat << EOF
{
"delete_data": "yes",
"json": "yes",
"action": "select",
"delete": "yes",
"confirmed": "yes",
"delete_data_aware": "yes",
"select0": "${DOMAIN}"
}
EOF
)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_DOMAIN?json=yes" --request "POST" --data "${DELETE_DOMAIN_JSON}"
fi
}
enableSSH() {
USERNAME="$1"
if [[ -z "${USERNAME}" ]]; then
echo "+---------------------------------------+"
echo "Enable SSH for a user:"
echo "$0 enablessh USERNAME"
echo "+---------------------------------------+"
exit 1
fi
chsh -s /bin/bash ${USERNAME}
sed -i -e 's/ssh=OFF/ssh=ON/g' /usr/local/directadmin/data/users/${USERNAME}/user.conf
}
disableSSH() {
USERNAME="$1"
if [[ -z "${USERNAME}" ]]; then
echo "+---------------------------------------+"
echo "Disable SSH for a user:"
echo "$0 disablessh USERNAME"
echo "+---------------------------------------+"
exit 1
fi
chsh -s /bin/false ${USERNAME}
sed -i -e 's/ssh=ON/ssh=OFF/g' /usr/local/directadmin/data/users/${USERNAME}/user.conf
}
docroot() {
USERNAME="$1"
DOMAIN="$2"
DOCROOT="$3"
if [[ -z "${USERNAME}" ]] || [[ -z "${DOMAIN}" ]] || [[ -z "${DOCROOT}" ]]; then
echo "+---------------------------------------+"
echo "Change DOCROOT for a domain:"
echo "$0 docroot USERNAME DOMAIN DOCROOT"
echo "Example $0 docroot john domain.tld domains/domain.tld/public_html"
echo "+---------------------------------------+"
exit 1
fi
if [[ $(grep DOCROOT /usr/local/directadmin/data/users/${USERNAME}/domains/${DOMAIN}.cust_httpd -q -c) -gt 0 ]]; then
echo "Custom docroot already exist. Please remove the customisation."
else
echo "|?DOCROOT=/home/${USERNAME}/${DOCROOT}|" >> /usr/local/directadmin/data/users/${USERNAME}/domains/${DOMAIN}.cust_httpd
echo "action=rewrite&value=httpd&domain=${DOMAIN}" >> /usr/local/directadmin/data/task.queue.cb
/usr/local/directadmin/dataskq d --custombuild
fi
}
createmail() {
DOMAIN="$1"
MBOX="$2"
PASSWORD="$3"
SIZE="$4"
[[ -z "${SIZE}" ]] && SIZE="0"
if [[ -z "${DOMAIN}" ]] || [[ -z "${MBOX}" ]] || [[ -z "${PASSWORD}" ]]; then
echo "+---------------------------------------+"
echo "Create a mailbox:"
echo "$0 createmail DOMAIN MBOX PASSWORD <SIZE>"
echo "+---------------------------------------+"
exit 1
fi
CREATE_EMAIL_JSON=$(cat << EOF
{
"user": "${MBOX}",
"passwd2": "${PASSWORD}",
"passwd": "${PASSWORD}",
"quota": "${SIZE}",
"limit": "200",
"domain": "${DOMAIN}",
"json": "yes",
"action": "create"
}
EOF
)
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${CREATE_EMAIL_JSON}"
}
deletemail() {
DOMAIN="$1"
MBOX="$2"
if [[ -z "${DOMAIN}" ]] || [[ -z "${MBOX}" ]]; then
echo "+---------------------------------------+"
echo "Delete a mailbox:"
echo "$0 deletemail DOMAIN MBOX"
echo "+---------------------------------------+"
exit 1
fi
DELETE_EMAIL_JSON=$(cat << EOF
{
"clean_forwarders": "yes",
"domain": "${DOMAIN}",
"json": "yes",
"action": "delete",
"delete": "yes",
"select0": "${MBOX}"
}
EOF
)
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${DELETE_EMAIL_JSON}"
}
enabledkim() {
DOMAIN="$1"
if [[ -z "${DOMAIN}" ]]; then
echo "+---------------------------------------+"
echo "Enable DKIM for a domain:"
echo "$0 enabledkim DOMAIN"
echo "+---------------------------------------+"
exit 1
fi
ENABLE_DKIM_JSON=$(cat << EOF
{
"action": "set_dkim",
"domain": "${DOMAIN}",
"json": "yes",
"enable": "yes"
}
EOF
)
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${ENABLE_DKIM_JSON}"
}
disabledkim() {
DOMAIN="$1"
if [[ -z "${DOMAIN}" ]]; then
echo "+---------------------------------------+"
echo "Enable DKIM for a domain:"
echo "$0 enabledkim DOMAIN"
echo "+---------------------------------------+"
exit 1
fi
DISABLE_DKIM_JSON=$(cat << EOF
{
"action": "set_dkim",
"domain": "${DOMAIN}",
"json": "yes",
"disable": "yes"
}
EOF
)
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${DISABLE_DKIM_JSON}"
}
changemailpass() {
DOMAIN="$1"
MBOX="$2"
PASSWORD="$3"
if [[ -z "${DOMAIN}" ]] || [[ -z "${MBOX}" ]] || [[ -z "${PASSWORD}" ]]; then
echo "+---------------------------------------+"
echo "Change mailbox password:"
echo "$0 changemailpass DOMAIN MBOX PASSWORD"
echo "+---------------------------------------+"
exit 1
fi
CHANGE_EMAIL_PASS_JSON=$(cat << EOF
{
"user": "${MBOX}",
"newuser": "${MBOX}",
"passwd2": "${PASSWORD}",
"passwd": "${PASSWORD}",
"quota": "50",
"limit": "200",
"domain": "${DOMAIN}",
"json": "yes",
"action": "modify"
}
EOF
)
USERNAME=$(grep -E "^${DOMAIN}:" -m1 /etc/virtual/domainowners | cut -f2 -d: | xargs)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${USERNAME})/CMD_EMAIL_POP?json=yes" --request "POST" --data "${CHANGE_EMAIL_PASS_JSON}"
}
changeuserpass() {
USER="$1"
PASSWORD="$2"
if [[ -z "${USER}" ]] || [[ -z "${PASSWORD}" ]]; then
echo "+---------------------------------------+"
echo "Change mailbox password:"
echo "$0 changeuserpass LOGIN PASSWORD"
echo "+---------------------------------------+"
exit 1
fi
CHANGE_USER_PASS_JSON=$(cat << EOF
{
"username": "${USER}",
"passwd": "${PASSWORD}",
"json": "yes",
"action": "create",
"referer": "CMD_API_USER_PASSWD",
"passwd2": "${PASSWORD}"
}
EOF
)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_USER_PASSWD?json=yes" --request "POST" --data "${CHANGE_USER_PASS_JSON}"
}
disablenamed() {
sed -i -e 's/named=ON/named=OFF/g' /usr/local/directadmin/data/admin/services.status
systemctl stop named
systemctl disable named
NAMED_PLACEBO=$(cat << EOF
[Unit]
Description=Named Placebo
After=syslog.target network.target
Requires=network.target
Documentation=http://help.directadmin.com/item.php?id=25
[Service]
Type=oneshot
ExecStart=/usr/bin/echo -n ''
EOF
)
[[ -f '/etc/systemd/system/named.service' ]] && echo "${NAMED_PLACEBO}" > /etc/systemd/system/named.service
[[ -f '/usr/lib/systemd/system/named.service' ]] && echo "${NAMED_PLACEBO}" > /usr/lib/systemd/system/named.service
systemctl daemon-reload
}
enablenamed() {
[[ `grep 'Placebo' -q /etc/systemd/system/named.service` ]] && rm -fv /etc/systemd/system/named.service
[[ `grep 'Placebo' -q /usr/lib/systemd/system/named.service` ]] && rm -fv /usr/lib/systemd/system/named.service
cd /usr/local/directadmin/custombuild
./build update
./build bind
}
sethostname() {
/usr/local/directadmin/scripts/hostname.sh "$1"
}
multiserver() {
#Is used to create admin account locally + create the same account on the DNSSLAVE server using SSH.
#Then client to the CLIENTHOSTNAME and use that for multiserver setup.
CLIENTHOSTNAME="$1"
CLIENTNAME="$2"
if [[ -z "${CLIENTHOSTNAME}" ]] || [[ -z "${CLIENTNAME}" ]]; then
echo "+---------------------------------------+"
echo "Push multiserver settings to CLIENTHOSTNAME:"
echo "$0 multiserver CLIENTHOSTNAME CLIENTNAME"
echo "+---------------------------------------+"
exit 1
fi
GLOBALKEYDIR="/usr/local/directadmin/data/users/admin/login_keys"
KEYDIR="${GLOBALKEYDIR}/dns${CLIENTNAME}"
PASSWD=`openssl rand -base64 20`
HASH=`echo -n "${PASSWD}" | openssl passwd -6 -stdin`
## precheck connectivity
if [[ `whoami` == root ]]; then
if [[ `ssh -lroot ${CLIENTHOSTNAME} 'whoami'` == "root" ]]; then
if [[ `ssh -lroot ${DNSSLAVE} 'whoami'` == "root" ]]; then
echo "Access looks good"
else
echo "Error: We need root access to the ${DNSSLAVE}"
exit 1
fi
else
echo "Error: We need root access to the ${CLIENTHOSTNAME}"
exit 1
fi
else
echo "Error: Script must be executed as root"
exit 1
fi
## local DNS key creation
echo "Creating local keys 'dns${CLIENTNAME}'"
mkdir -p ${KEYDIR}
cat << EOF > ${KEYDIR}/key.conf
allow_htm=no
clear_key=no
created_by=127.0.0.1
date_created=$(date +%s)
expiry=0
key=${HASH}
max_uses=0
uses=0
EOF
cat << EOF > ${KEYDIR}/commands.allow
CMD_API_DNS_ADMIN
CMD_API_LOGIN_TEST
EOF
chown -R diradmin:diradmin ${KEYDIR}
chmod 700 ${KEYDIR}
chmod 600 ${KEYDIR}/key.conf ${KEYDIR}/commands.allow
## Remote DNS rsync keys to DNSSLAVE.
echo "Syncing keys to ${DNSSLAVE}"
rsync ${KEYDIR}/ root@${DNSSLAVE}:${KEYDIR}/ -e "ssh -p ${DNSSLAVEPORT}" -a --delete
### Push settings to the client server.
echo "Enabling multiserver on the ${CLIENTHOSTNAME}"
BASE64PW=`echo -n ${PASSWD} | base64`
SSHREMOTE="ssh -lroot ${CLIENTHOSTNAME} --"
CLUSTERCONF="/usr/local/directadmin/data/admin/cluster.conf"
${SSHREMOTE} "/usr/local/directadmin/directadmin set cluster 1"
${SSHREMOTE} "systemctl restart directadmin"
${SSHREMOTE} "sed -i -e '/^${DNSMASTER}=/d' ${CLUSTERCONF}"
${SSHREMOTE} "sed -i -e '/^${DNSSLAVE}=/d' ${CLUSTERCONF}"
${SSHREMOTE} "echo '${DNSMASTER}=dns=yes&domain_check=yes&email=no&passwd=${BASE64PW}&port=2222&show_all_users=no&ssl=yes&user=admin&user_check=no&user_sync=no' >> ${CLUSTERCONF}"
${SSHREMOTE} "echo '${DNSSLAVE}=dns=yes&domain_check=yes&email=no&passwd=${BASE64PW}&port=2222&show_all_users=no&ssl=yes&user=admin&user_check=no&user_sync=no' >> ${CLUSTERCONF}"
${SSHREMOTE} "echo 'action=rewrite&value=named' >> /usr/local/directadmin/data/task.queue; /usr/local/directadmin/dataskq d"
}
enablemultiserver() {
ENABLE_MULTISERVER_JSON=$(cat << EOF
{
"json": "yes",
"action": "onoff",
"on": "yes"
}
EOF
)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_MULTI_SERVER?json=yes" --request "POST" --data "${ENABLE_MULTISERVER_JSON}"
}
disablemultiserver() {
DISABLE_MULTISERVER_JSON=$(cat << EOF
{
"json": "yes",
"action": "onoff",
"off": "yes"
}
EOF
)
curl -k -X -u "$(/usr/local/directadmin/directadmin --root-auth-url-for=${ADMINUSER})/CMD_MULTI_SERVER?json=yes" --request "POST" --data "${DISABLE_MULTISERVER_JSON}"
}
enablemultiserverpage() {
ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh"
if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEMULTISERVER#########' "${ALL_PRE}"` ]]; then
perl -i -0pe 's/###########DISABLEMULTISERVER.*DISABLEMULTISERVEREND#########//gs' "${ALL_PRE}"
echo "Multiserver page has been enabled"
else
echo "Multiserver page is not disabled. Not doing anything"
fi
}
disablemultiserverpage() {
ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh"
ALLOW_LIST="/usr/local/directadmin/scripts/custom/admin_allow.list"
if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEMULTISERVER#########' "${ALL_PRE}"` ]]; then
echo "Seems like multiserver page is already disabled"
exit 0
fi
echo "Creating admin whitelist IP file."
echo "${TRUSTED_IPS}" | sed -e "s/,/\n/g" > "${ALLOW_LIST}"
DISABLE_ADMIN=$(cat << EOF
#!/bin/sh
###########DISABLEMULTISERVER#########
if [ "\$command" = "/CMD_API_MULTI_SERVER" ]; then
if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then
exit 0;
fi
echo "You cannot use multiserver";
exit 1;
fi
if [ "\$command" = "/CMD_MULTI_SERVER" ]; then
if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then
exit 0;
fi
echo "You cannot use multiserver";
exit 1;
fi
###########DISABLEMULTISERVEREND#########
EOF
)
echo "Adding disable script"
echo "${DISABLE_ADMIN}" > "${ALL_PRE}.tmp"
chown diradmin:diradmin "${ALL_PRE}.tmp" "${ALLOW_LIST}"
chmod 700 "${ALL_PRE}.tmp" "${ALLOW_LIST}"
if [[ -f "${ALL_PRE}" ]]; then
tail -n+2 "${ALL_PRE}" >> "${ALL_PRE}.tmp"
fi
mv -f "${ALL_PRE}.tmp" "${ALL_PRE}"
echo "Done"
}
enablecreateadmin() {
ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh"
if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEADMIN#########' "${ALL_PRE}"` ]]; then
perl -i -0pe 's/###########DISABLEADMIN.*DISABLEADMINEND#########//gs' "${ALL_PRE}"
echo "Admin creation has been enabled"
else
echo "Admin creation is not disabled. Not doing anything"
fi
}
disablecreateadmin() {
ALL_PRE="/usr/local/directadmin/scripts/custom/all_pre.sh"
ALLOW_LIST="/usr/local/directadmin/scripts/custom/admin_allow.list"
if [[ -f "${ALL_PRE}" ]] && [[ `grep -m1 '###########DISABLEADMIN#########' "${ALL_PRE}"` ]]; then
echo "Seems like admin creation is already disabled"
exit 0
fi
echo "Creating admin whitelist IP file."
echo "${TRUSTED_IPS}" | sed -e "s/,/\n/g" > "${ALLOW_LIST}"
DISABLE_ADMIN=$(cat << EOF
#!/bin/sh
###########DISABLEADMIN#########
if [ "\$command" = "/CMD_API_ACCOUNT_ADMIN" ]; then
if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then
exit 0;
fi
echo "You cannot create admin";
exit 1;
fi
if [ "\$command" = "/CMD_ACCOUNT_ADMIN" ]; then
if grep -m1 -q "^\$caller_ip$" "${ALLOW_LIST}"; then
exit 0;
fi
echo "You cannot create admin";
exit 1;
fi
###########DISABLEADMINEND#########
EOF
)
echo "Adding disable script"
echo "${DISABLE_ADMIN}" > "${ALL_PRE}.tmp"
chown diradmin:diradmin "${ALL_PRE}.tmp" "${ALLOW_LIST}"
chmod 700 "${ALL_PRE}.tmp" "${ALLOW_LIST}"
if [[ -f "${ALL_PRE}" ]]; then
tail -n+2 "${ALL_PRE}" >> "${ALL_PRE}.tmp"
fi
mv -f "${ALL_PRE}.tmp" "${ALL_PRE}"
echo "Done"
}
listFunctions () {
echo "+---------------------------------------+"
echo "| TASKS:"
echo "| $0 createuser USERNAME PASSWORD DOMAIN <PACKAGE> <EMAIL>"
echo "| $0 deleteuser USERNAME"
echo "| $0 createdb DBNAME DBUSERNAME DBPASSWORD"
echo "| $0 deletedb DBNAME"
echo "| $0 createforwarder FORWARDER DESTINATION"
echo "| $0 deleteforwarder FORWARDER"
echo "| $0 createdomain USERNAME DOMAIN"
echo "| $0 createdomain USERNAME list=file"
echo "| $0 deletedomain USERNAME DOMAIN"
echo "| $0 deletedomain USERNAME list=file"
echo "| $0 enablessh USERNAME"
echo "| $0 disablessh USERNAME"
echo "| $0 docroot USERNAME DOMAIN DOCROOT"
echo "| $0 createmail DOMAIN MBOX PASSWORD <SIZE>"
echo "| $0 deletemail DOMAIN MBOX"
echo "| $0 enabledkim domain"
echo "| $0 disabledkim domain"
echo "| $0 changemailpass DOMAIN MBOX PASSWORD"
echo "| $0 changeuserpass LOGIN PASSWORD"
echo "| $0 disablenamed"
echo "| $0 enablenamed"
echo "| $0 sethostname HOSTNAME"
echo "| $0 multiserver CLIENTHOSTNAME CLIENTNAME"
echo "| $0 enablemultiserver"
echo "| $0 disablemultiserver"
echo "| $0 enablemultiserverpage"
echo "| $0 disablemultiserverpage"
echo "| $0 enablecreateadmin"
echo "| $0 disablecreateadmin"
echo "+--------------------------------------+"
}
case "$1" in
createuser) createUser $2 $3 $4 $5 $6 ;;
deleteuser) deleteUser $2 ;;
createdb) createDB $2 $3 $4 ;;
deletedb) deleteDB $2 ;;
createforwarder) createForwarder $2 $3 ;;
deleteforwarder) deleteForwarder $2 ;;
createdomain) createDomain $2 $3 ;;
deletedomain) deleteDomain $2 $3 ;;
enablessh) enableSSH $2 ;;
disablessh) disableSSH $2 ;;
docroot) docroot $2 $3 $4 ;;
createmail) createmail $2 $3 $4 $5 ;;
deletemail) deletemail $2 $3 ;;
enabledkim) enabledkim $2 ;;
disabledkim) disabledkim $2 ;;
changemailpass) changemailpass $2 $3 $4 ;;
changeuserpass) changeuserpass $2 $3 ;;
disablenamed) disablenamed ;;
enablenamed) enablenamed ;;
sethostname) sethostname $2 ;;
multiserver) multiserver $2 $3 ;;
enablemultiserver) enablemultiserver ;;
disablemultiserver) disablemultiserver ;;
enablemultiserverpage) enablemultiserverpage ;;
disablemultiserverpage) disablemultiserverpage ;;
enablecreateadmin) enablecreateadmin ;;
disablecreateadmin) disablecreateadmin ;;
*) listFunctions ;;
esac