wbollock/classweb_login.sh

## classweb_login.sh
#!/bin/bash
# made by Will Bollock, CCI HelpDesk

# mysql root user/pass for account creation
rootuser=
rootpasswd=
informationFile=Torch_Account_Information.txt
# master file that is copied to $user's home
# make an HTML template here
# html email template here
emailMaster=
# whatever you want for placeholder index.html
webPlaceholder=

# [web15c@torch]~❯ inotifywait -q -e create /home/ | awk '{ print $NF }'


# infinite loop
while true
do

# upon new /home/ directory creation, spit out the username to $FSUID
FSUID=$(inotifywait -q -e create /home/ | awk '{ print $NF }')

flag=/home/"$FSUID"/.flag_DONOTDELETE

        if [ -e /home/$FSUID/$flag ]
        then
            # user has already logged in once
            echo "Welcome $FSUID to torch.cci.fsu.edu"
            # https://www.attosol.com/login-script-that-runs-only-once-per-user/
        else

        # Ignore usernames with hyphens - IT service accounts
                if echo "$FSUID" | grep -q "-"; then

                    # found dash; service account
                    echo "Dash detected in username. No MySQL account made." > /home/"$FSUID"/$informationFile
                    echo "If you think this is an error, please contact the CCI HelpDesk." >> /home/"$FSUID"/$informationFile

                else

                    #echo "Welcome $FSUID to torch.cci.fsu.edu."
                    #echo "Please review the file $informationFile in your directory."

                    # create Apache2 web directory if not exists
                    if [ ! -d /web/"$FSUID" ]
                    then
                        mkdir /web/"$FSUID"
                    fi

                    # Set Apache2 permissions
                    chmod -R 755 /web/"$FSUID"
                    # ownership
                    chown -R "$FSUID":'domain users' /web/"$FSUID"

                    # create sym link for ease of use
                    ln -s /web/"$FSUID" /home/"$FSUID"/public_html

                    # give placeholder index.html
                    cp $webPlaceholder /web/"$FSUID"/index.html
                    chmod 644 /web/"$FSUID"/index.html


                    # ownership again cause im lazy

                    chown -R "$FSUID":'domain users' /web/"$FSUID"

                    # generate password
                    # https://www.howtogeek.com/howto/30184/10-ways-to-generate-a-random-password-from-the-command-line/

                    PASSWDDB=$(date +%s | sha256sum | base64 | head -c 12 ; echo)

                    # drop user if exists
                    mysql -u${rootuser} -p${rootpasswd} -e "DROP USER IF EXISTS '"$FSUID"'@'localhost';" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

                    # drop database if exists
                    mysql -u${rootuser} -p${rootpasswd} -e "DROP DATABASE IF EXISTS '"$FSUID"';" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."


                    #echo "Create User"
                    mysql -u${rootuser} -p${rootpasswd} -e "CREATE USER IF NOT EXISTS '"$FSUID"'@'localhost' IDENTIFIED BY '${PASSWDDB}';" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

                    #echo "Create DB"
                    mysql -u${rootuser} -p${rootpasswd} -e "CREATE DATABASE IF NOT EXISTS \`"$FSUID"\`;" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

                    #echo "Grant all to "$FSUID""
                    mysql -u${rootuser} -p${rootpasswd} -e "GRANT ALL PRIVILEGES ON \`"$FSUID"\`.* TO '"$FSUID"'@'localhost';" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

                    # allow users to make databases starting with $FSUID_
                    mysql -u${rootuser} -p${rootpasswd} -e "GRANT ALL PRIVILEGES ON \`"$FSUID"_%\`.* TO '"$FSUID"'@'localhost';" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

                    #echo "Flush"
                    mysql -u${rootuser} -p${rootpasswd} -e "FLUSH PRIVILEGES;" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

                    # https://github.com/koalaman/shellcheck/wiki/SC2129
                    {
                    echo "Welcome to torch.cci.fsu.edu."
                    echo "------------------------------------"
                    echo "MySQL Account Information:"
                    echo "*Please* save this username and password somewhere safe, and delete this file."
                    echo "Verify you received this information at your FSU email address (@my.fsu.edu)."
                    echo "------------------------------------"
                    echo "Username:"
                    echo "$FSUID"
                    echo "Password:"
                    echo "$PASSWDDB"
                    echo "------------------------------------"
                    echo "This information is only used for MySQL database access."
                    echo "To use your MySQL account, type the following, then enter your password when prompted:"
                    echo "mysql -u "$FSUID" -p"
                    echo "Caution: if you delete $flag, your MySQL database and user will be lost."
                    echo "------------------------------------"
                    echo "To use the Apache webserver, create or upload a file such as index.html in your public_html folder, or /web/"$FSUID"."
                    echo "It can then be accessed at <INSERT SERVER URL>~"$FSUID""
                    echo "------------------------------------"
                    echo "Thank you for using CCI servers."
                    echo "Have a question or issue? Contact your instructor, or the CCI Helpdesk."
                    } >> /home/"$FSUID"/$informationFile
                    # emailing user login info
                    cp $emailMaster /home/$FSUID/torch-template.html

                    # insert students mysql user/pass into the welcome email
                    sed -i "s/FSUID/$FSUID/g" /home/$FSUID/torch-template.html
                    sed -i "s/PASSWDDB/$PASSWDDB/g" /home/$FSUID/torch-template.html

                        # send mail

                        cat /home/$FSUID/torch-template.html | mail -s "Welcome to torch.cci.fsu.edu $FSUID!" -a "From: XXXXX@cci.fsu.edu" $FSUID@my.fsu.edu --content-type=text/html

                        cat /home/$FSUID/torch-template.html | mail -s "Welcome to torch.cci.fsu.edu $FSUID!" -a "From: XXXXX@cci.fsu.edu" <insert service desk email> --content-type=text/html

                    # clean up files
                    rm -f /home/$FSUID/torch-template.html

                # restore home perms
                chown -R "$FSUID":"domain users" /home/$FSUID/

                # make flag signifying first login is done
                   touch $flag
                   echo "Reading the .dotfiles? You're a curious student. Apply for a job at the CCI HelpDesk and mention this message!" >> $flag

                fi #end of productive if
        fi # end of first if
done
	#!/bin/bash
	# made by Will Bollock, CCI HelpDesk

	# mysql root user/pass for account creation
	rootuser=
	rootpasswd=
	informationFile=Torch_Account_Information.txt
	# master file that is copied to $user's home
	# make an HTML template here
	# html email template here
	emailMaster=
	# whatever you want for placeholder index.html
	webPlaceholder=

	# [web15c@torch]~❯ inotifywait -q -e create /home/ \| awk '{ print $NF }'


	# infinite loop
	while true
	do

	# upon new /home/ directory creation, spit out the username to $FSUID
	FSUID=$(inotifywait -q -e create /home/ \| awk '{ print $NF }')

	flag=/home/"$FSUID"/.flag_DONOTDELETE

	if [ -e /home/$FSUID/$flag ]
	then
	# user has already logged in once
	echo "Welcome $FSUID to torch.cci.fsu.edu"
	# https://www.attosol.com/login-script-that-runs-only-once-per-user/
	else

	# Ignore usernames with hyphens - IT service accounts
	if echo "$FSUID" \| grep -q "-"; then

	# found dash; service account
	echo "Dash detected in username. No MySQL account made." > /home/"$FSUID"/$informationFile
	echo "If you think this is an error, please contact the CCI HelpDesk." >> /home/"$FSUID"/$informationFile

	else

	#echo "Welcome $FSUID to torch.cci.fsu.edu."
	#echo "Please review the file $informationFile in your directory."

	# create Apache2 web directory if not exists
	if [ ! -d /web/"$FSUID" ]
	then
	mkdir /web/"$FSUID"
	fi

	# Set Apache2 permissions
	chmod -R 755 /web/"$FSUID"
	# ownership
	chown -R "$FSUID":'domain users' /web/"$FSUID"

	# create sym link for ease of use
	ln -s /web/"$FSUID" /home/"$FSUID"/public_html

	# give placeholder index.html
	cp $webPlaceholder /web/"$FSUID"/index.html
	chmod 644 /web/"$FSUID"/index.html


	# ownership again cause im lazy

	chown -R "$FSUID":'domain users' /web/"$FSUID"

	# generate password
	# https://www.howtogeek.com/howto/30184/10-ways-to-generate-a-random-password-from-the-command-line/

	PASSWDDB=$(date +%s \| sha256sum \| base64 \| head -c 12 ; echo)

	# drop user if exists
	mysql -u${rootuser} -p${rootpasswd} -e "DROP USER IF EXISTS '"$FSUID"'@'localhost';" 2>/dev/null \| grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

	# drop database if exists
	mysql -u${rootuser} -p${rootpasswd} -e "DROP DATABASE IF EXISTS '"$FSUID"';" 2>/dev/null \| grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."


	#echo "Create User"
	mysql -u${rootuser} -p${rootpasswd} -e "CREATE USER IF NOT EXISTS '"$FSUID"'@'localhost' IDENTIFIED BY '${PASSWDDB}';" 2>/dev/null \| grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

	#echo "Create DB"
	mysql -u${rootuser} -p${rootpasswd} -e "CREATE DATABASE IF NOT EXISTS \`"$FSUID"\`;" 2>/dev/null \| grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

	#echo "Grant all to "$FSUID""
	mysql -u${rootuser} -p${rootpasswd} -e "GRANT ALL PRIVILEGES ON \`"$FSUID"\`.* TO '"$FSUID"'@'localhost';" 2>/dev/null \| grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

	# allow users to make databases starting with $FSUID_
	mysql -u${rootuser} -p${rootpasswd} -e "GRANT ALL PRIVILEGES ON \`"$FSUID"_%\`.* TO '"$FSUID"'@'localhost';" 2>/dev/null \| grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

	#echo "Flush"
	mysql -u${rootuser} -p${rootpasswd} -e "FLUSH PRIVILEGES;" 2>/dev/null \| grep -v "mysql: [Warning] Using a password on the command line interface can be insecure."

	# https://github.com/koalaman/shellcheck/wiki/SC2129
	{
	echo "Welcome to torch.cci.fsu.edu."
	echo "------------------------------------"
	echo "MySQL Account Information:"
	echo "Please save this username and password somewhere safe, and delete this file."
	echo "Verify you received this information at your FSU email address (@my.fsu.edu)."
	echo "------------------------------------"
	echo "Username:"
	echo "$FSUID"
	echo "Password:"
	echo "$PASSWDDB"
	echo "------------------------------------"
	echo "This information is only used for MySQL database access."
	echo "To use your MySQL account, type the following, then enter your password when prompted:"
	echo "mysql -u "$FSUID" -p"
	echo "Caution: if you delete $flag, your MySQL database and user will be lost."
	echo "------------------------------------"
	echo "To use the Apache webserver, create or upload a file such as index.html in your public_html folder, or /web/"$FSUID"."
	echo "It can then be accessed at <INSERT SERVER URL>~"$FSUID""
	echo "------------------------------------"
	echo "Thank you for using CCI servers."
	echo "Have a question or issue? Contact your instructor, or the CCI Helpdesk."
	} >> /home/"$FSUID"/$informationFile
	# emailing user login info
	cp $emailMaster /home/$FSUID/torch-template.html

	# insert students mysql user/pass into the welcome email
	sed -i "s/FSUID/$FSUID/g" /home/$FSUID/torch-template.html
	sed -i "s/PASSWDDB/$PASSWDDB/g" /home/$FSUID/torch-template.html

	# send mail

	cat /home/$FSUID/torch-template.html \| mail -s "Welcome to torch.cci.fsu.edu $FSUID!" -a "From: XXXXX@cci.fsu.edu" $FSUID@my.fsu.edu --content-type=text/html

	cat /home/$FSUID/torch-template.html \| mail -s "Welcome to torch.cci.fsu.edu $FSUID!" -a "From: XXXXX@cci.fsu.edu" <insert service desk email> --content-type=text/html

	# clean up files
	rm -f /home/$FSUID/torch-template.html

	# restore home perms
	chown -R "$FSUID":"domain users" /home/$FSUID/

	# make flag signifying first login is done
	touch $flag
	echo "Reading the .dotfiles? You're a curious student. Apply for a job at the CCI HelpDesk and mention this message!" >> $flag

	fi #end of productive if
	fi # end of first if
	done