mirror of
https://github.com/Ravinou/borgwarehouse
synced 2024-05-29 03:52:48 +02:00
Change helper scripts to use less permissions
This commit is contained in:
Philipp Rintz
parent
38824c2c6b
commit
d9d1156cfb
|
|
@ -1 +0,0 @@
|
|||
[]
|
||||
|
|
@ -1 +0,0 @@
|
|||
[{"id":0,"email":"admin@demo.fr","username":"admin","password":"$2a$12$20yqRnuaDBH6AE0EvIUcEOzqkuBtn1wDzJdw2Beg8w9S.vEqdso0a","roles":["admin"]}]
|
||||
10
helpers/shells/createRepo.sh
Normal file → Executable file
10
helpers/shells/createRepo.sh
Normal file → Executable file
|
|
@ -65,9 +65,6 @@ sudo mkdir -p ${home}/.ssh
|
|||
## Create autorized_keys file
|
||||
sudo touch ${home}/.ssh/authorized_keys
|
||||
|
||||
## Create ${pool}
|
||||
sudo mkdir -p ${pool}
|
||||
|
||||
## Create the repo
|
||||
sudo mkdir -p "${pool}/$1"
|
||||
|
||||
|
|
@ -79,12 +76,13 @@ if [ ! -f "${authorized_keys}" ];then
|
|||
fi
|
||||
|
||||
## Change permissions
|
||||
sudo chmod -R 700 ${home}
|
||||
sudo chmod -R 750 ${home}
|
||||
sudo chmod 600 ${authorized_keys}
|
||||
sudo chown -R ${user}:${user} ${home}
|
||||
sudo chown -R ${user}:borgwarehouse ${home}
|
||||
|
||||
## Add ssh public key in authorized_keys with borg restriction for only 1 repository (:$1) and storage quota
|
||||
sudo -u ${user} bash -c "echo 'command=\"cd ${pool};borg serve --restrict-to-repository ${pool}/$1 --storage-quota $3G\",restrict $2' >> ${authorized_keys}"
|
||||
restricted_authkeys="command=\"cd ${pool};borg serve --restrict-to-repository ${pool}/$1 --storage-quota $3G\",restrict $2"
|
||||
echo "$restricted_authkeys" | sudo tee ${authorized_keys} >/dev/null
|
||||
|
||||
## Return the unix user
|
||||
echo ${user}
|
||||
5
helpers/shells/deleteRepo.sh
Normal file → Executable file
5
helpers/shells/deleteRepo.sh
Normal file → Executable file
|
|
@ -8,7 +8,7 @@
|
|||
set -e
|
||||
|
||||
# Check arg
|
||||
if [ "$1" == "" ];then
|
||||
if [[ $# -ne 1 || $1 = "" ]]; then
|
||||
echo "You must provide a username in argument."
|
||||
exit 1
|
||||
fi
|
||||
|
|
@ -23,8 +23,7 @@ then
|
|||
fi
|
||||
|
||||
# Delete the user if it exists
|
||||
if sudo grep -q $1 /etc/passwd
|
||||
then
|
||||
if id "$1" &>/dev/null; then
|
||||
sudo userdel -rf $1
|
||||
echo "The user $1 and all his data have been deleted"
|
||||
else
|
||||
|
|
|
|||
2
helpers/shells/getLastSave.sh
Normal file → Executable file
2
helpers/shells/getLastSave.sh
Normal file → Executable file
|
|
@ -22,4 +22,4 @@
|
|||
# Exit when any command fails
|
||||
set -e
|
||||
|
||||
sudo bash -c 'stat -c {\"user\":\"%U\",\"lastSave\":%Y\} /var/borgwarehouse/*/repos/*/integrity* | jq -s'
|
||||
stat -c {\"user\":\"%U\",\"lastSave\":%Y\} /var/borgwarehouse/*/repos/*/integrity* | jq -s
|
||||
|
|
|
|||
2
helpers/shells/getStorageUsed.sh
Normal file → Executable file
2
helpers/shells/getStorageUsed.sh
Normal file → Executable file
|
|
@ -16,4 +16,4 @@ set -e
|
|||
|
||||
# Use jc to output a JSON format with du command
|
||||
cd /var/borgwarehouse
|
||||
sudo jc du -s *
|
||||
jc du -s *
|
||||
|
|
|
|||
3
helpers/shells/updateRepo.sh
Normal file → Executable file
3
helpers/shells/updateRepo.sh
Normal file → Executable file
|
|
@ -35,8 +35,7 @@ then
|
|||
fi
|
||||
|
||||
# Check if the user exists
|
||||
if ! sudo grep -q $1 /etc/passwd
|
||||
then
|
||||
if ! id "$1" &>/dev/null; then
|
||||
echo "The user $1 does not exist"
|
||||
exit 4
|
||||
fi
|
||||
|
|
|
|||
Loading…
Reference in a new issue