diff --git a/README.md b/README.md
index 56b70ac..262ac3d 100644
--- a/README.md
+++ b/README.md
@@ -5,4 +5,4 @@ Scripts that make [tilde.institute](https://tilde.institute) work.
Includes new user creation
and other miscellaneous tasks, such as various monitoring scripts.
-Scripts have author credited at the top of the file
+Scripts have author credited at the top of the file if they were written by someone else.
diff --git a/bin/badprocs.py b/bin/badprocs.py
index ae41702..515e366 100755
--- a/bin/badprocs.py
+++ b/bin/badprocs.py
@@ -2,7 +2,6 @@
# Checks the process list for anything that could be potentially worrisome.
# If something is found, emails the admins@tilde.institute account.
-# gbmor <ben@gbmor.dev>
from shlex import quote
import subprocess
@@ -47,6 +46,7 @@ if __name__ == "__main__":
"transmission",
"tshark",
"xmr", # lots of monero miners have this in the name
+ "znc",
]
procsFound = getBadProcs(procsList)
diff --git a/bin/connusers.py b/bin/connusers.py
index ebdde7f..0a1cafd 100755
--- a/bin/connusers.py
+++ b/bin/connusers.py
@@ -1,7 +1,6 @@
#!/usr/local/bin/python3 -I
# Lists currently connected users for https://tilde.institute/stats
-# gbmor <ben@gbmor.dev>
# 'ps' truncates usernames at 8 characters (called by 'showwhoison' to find mosh users)
# so I'm matching the potentially-partial username to a home directory to retrieve
diff --git a/bin/makeuser b/bin/makeuser
deleted file mode 100755
index e9a4c1f..0000000
--- a/bin/makeuser
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/usr/local/bin/bash
-# ---------------------------------------------------------------------------
-# makeuser - tilde.institute new user creation
-# Usage: makeuser [-h|--help] <username> <email> "<pubkey>"
-# <gbmor> ben@gbmor.dev
-# ---------------------------------------------------------------------------
-
-PROGNAME=${0##*/}
-VERSION="0.1"
-
-error_exit() {
- echo -e "${PROGNAME}: ${1:-"Unknown Error"}" >&2
- exit 1
-}
-
-usage() {
- echo -e "usage: $PROGNAME [-h|--help] <username> <email> \"<pubkey>\""
-}
-
-[[ $(id -u) != 0 ]] && error_exit "you must be the superuser to run this script."
-
-USERLIST=$(</etc/passwd cut -d ":" -f1)
-if [[ $USERLIST == $1* ]]; then
- error_exit "User already exists!"
-fi
-
-case $1 in
- -h | --help)
- usage; exit ;;
- -* | --*)
- usage; error_exit "unknown option $1" ;;
- *)
- [[ $# -ne 3 ]] && error_exit "not enough args"
-
-# generate a random 20 digit password
-# encrypt the password and pass it to
-# useradd, set ksh as default shell
- echo "adding new user $1"
- newpw=$(pwgen -1B 20)
- pwcrypt=$(encrypt ${newpw})
- useradd -m -g 1001 -p $pwcrypt -s /bin/ksh -k /etc/skel $1
-
-# make the public_html directory for the users
- mkdir /var/www/users/$1
- chown $1:tilde /var/www/users/$1
- doas -u $1 ln -s /var/www/users/$1 /home/$1/public_html
-
-# make the public_repos directory
- mkdir /var/www/cgit_repos/$1
- chown $1:tilde /var/www/cgit_repos/$1
- doas -u $1 ln -s /var/www/cgit_repos/$1 /home/$1/public_repos
-
-# set up the httpd configuration for
-# individual users. this config forces tls
-# for all subdomains
- echo "server \"$1.tilde.institute\" {
- listen on \$ext_addr port 80 block return 301 \"https://\$SERVER_NAME\$REQUEST_URI\"
- }
- server \"$1.tilde.institute\" {
- listen on \$ext_addr tls port 443
- root \"/users/$1\"
- tls {
- key \"/etc/letsencrypt/live/tilde.institute-0001/privkey.pem\"
- certificate \"/etc/letsencrypt/live/tilde.institute-0001/fullchain.pem\"
- }
- directory index index.html
- directory auto index
- location \"/*.cgi\" {
- fastcgi
- }
- location \"/*.php\" {
- fastcgi socket \"/run/php-fpm.sock\"
- }
- }" > /etc/httpd/$1.conf
-
-# add the user's vhost config to the bridged vhost config, which
-# is loaded by /etc/httpd.conf. This is necessary because httpd(8)
-# does not support globbing on includes
- echo "include \"/etc/httpd/$1.conf\"" >> /etc/httpd-vusers.conf
-
-# Sort and deduplicate entries in the bridged vhost config file
-# Duplicate entries cause weird behavior. Subdomains after the
-# duplicated entry won't resolve properly and instead resolve
-# to the main site
- sort -u /etc/httpd-vusers.conf > /etc/httpd-vusers.conf.sorted
- cp /etc/httpd-vusers.conf.sorted /etc/httpd-vusers.conf
- #pkill -HUP httpd
- rcctl restart httpd
-
-# send welcome email
- sed -e "s/newusername/$1/g" /admin/misc/email.tmpl | mail -r admins@tilde.institute -s "welcome to tilde.institute!" $2
-
-# subscribe to mailing list
- #echo " " | doas -u $1 mail -s "subscribe" institute-join@lists.tildeverse.org
-
-# lock down the users' history files so they can't be deleted or truncated (bash and ksh only)
- doas -u "$1" touch /home/$1/.history
- doas -u "$1" touch /home/$1/.bash_history
- chflags uappnd /home/$1/.history
- chflags uappnd /home/$1/.bash_history
-
-# announce the new user's creation on mastodon
-# then copy their ssh key to their home directory
- /admin/bin/toot.py "Welcome new user ~$1!"
- </etc/passwd cut -d ":" -f1 > /var/www/htdocs/userlist
- echo "$3" | tee /home/$1/.ssh/authorized_keys
-esac
diff --git a/bin/makeuser.sh b/bin/makeuser.sh
new file mode 100755
index 0000000..b349459
--- /dev/null
+++ b/bin/makeuser.sh
@@ -0,0 +1,110 @@
+#!/usr/local/bin/bash
+# ---------------------------------------------------------------------------
+# makeuser - tilde.institute new user creation
+# Usage: makeuser [-h|--help] <username> <email> "<pubkey>"
+# ---------------------------------------------------------------------------
+
+PROGNAME=${0##*/}
+
+error_exit() {
+ echo -e "${PROGNAME}: ${1:-"Unknown Error"}" >&2
+ exit 1
+}
+
+usage() {
+ echo -e "usage: $PROGNAME [-h|--help] <username> <email> \"<pubkey>\""
+}
+
+[[ $(id -u) != 0 ]] && error_exit "you must be the superuser to run this script."
+
+USERLIST=$(cut </etc/passwd -d ":" -f1)
+if [[ $USERLIST == $1* ]]; then
+ error_exit "User already exists!"
+fi
+
+case $1 in
+-h | --help)
+ usage
+ exit
+ ;;
+-*)
+ usage
+ error_exit "unknown option $1"
+ ;;
+*)
+ [[ $# -ne 3 ]] && error_exit "not enough args"
+
+ # generate a random 20 digit password
+ # encrypt the password and pass it to
+ # useradd, set ksh as default shell
+ echo "adding new user $1"
+ newpw=$(pwgen -1B 20)
+ pwcrypt=$(encrypt ${newpw})
+ useradd -m -g 1001 -p $pwcrypt -s /bin/ksh -k /etc/skel $1
+
+ # make the public_html directory for the users
+ mkdir /var/www/users/$1
+ chown $1:tilde /var/www/users/$1
+ doas -u $1 ln -s /var/www/users/$1 /home/$1/public_html
+
+ # make the public_repos directory
+ mkdir /var/www/cgit_repos/$1
+ chown $1:tilde /var/www/cgit_repos/$1
+ doas -u $1 ln -s /var/www/cgit_repos/$1 /home/$1/public_repos
+
+ # set up the httpd configuration for
+ # individual users. this config forces tls
+ # for all subdomains
+ echo "server \"$1.tilde.institute\" {
+ listen on \$ext_addr port 80 block return 301 \"https://\$SERVER_NAME\$REQUEST_URI\"
+ }
+ server \"$1.tilde.institute\" {
+ listen on \$ext_addr tls port 443
+ root \"/users/$1\"
+ tls {
+ key \"/etc/letsencrypt/live/tilde.institute-0001/privkey.pem\"
+ certificate \"/etc/letsencrypt/live/tilde.institute-0001/fullchain.pem\"
+ }
+ directory index index.html
+ directory auto index
+ location \"/*.cgi\" {
+ fastcgi
+ }
+ location \"/*.php\" {
+ fastcgi socket \"/run/php-fpm.sock\"
+ }
+ }" >/etc/httpd/$1.conf
+
+ # add the user's vhost config to the bridged vhost config, which
+ # is loaded by /etc/httpd.conf. This is necessary because httpd(8)
+ # does not support globbing on includes
+ echo "include \"/etc/httpd/$1.conf\"" >>/etc/httpd-vusers.conf
+
+ # Sort and deduplicate entries in the bridged vhost config file
+ # Duplicate entries cause weird behavior. Subdomains after the
+ # duplicated entry won't resolve properly and instead resolve
+ # to the main site
+ sort -u /etc/httpd-vusers.conf >/etc/httpd-vusers.conf.sorted
+ cp /etc/httpd-vusers.conf.sorted /etc/httpd-vusers.conf
+ #pkill -HUP httpd
+ #rcctl restart httpd
+
+ # send welcome email
+ sed -e "s/newusername/$1/g" /admin/misc/email.tmpl | mail -r admins@tilde.institute -s "welcome to tilde.institute!" $2
+
+ # subscribe to mailing list
+ #echo " " | doas -u $1 mail -s "subscribe" institute-join@lists.tildeverse.org
+
+ # lock down the users' history files so they can't be deleted or truncated (bash and ksh only)
+ doas -u "$1" touch /home/$1/.history
+ doas -u "$1" touch /home/$1/.bash_history
+ chflags uappnd /home/$1/.history
+ chflags uappnd /home/$1/.bash_history
+
+ # announce the new user's creation on mastodon
+ # then copy their ssh key to their home directory
+ /admin/bin/toot.py "Welcome new user ~$1!"
+ cut </etc/passwd -d ":" -f1 >/var/www/htdocs/userlist
+ echo "$3" | tee /home/$1/.ssh/authorized_keys
+ ;;
+esac
diff --git a/bin/makeuser_all.sh b/bin/makeuser_all.sh
new file mode 100644
index 0000000..7fdad76
--- /dev/null
+++ b/bin/makeuser_all.sh
@@ -0,0 +1,97 @@
+#!/bin/sh
+
+new_users_file="$1"
+if [ -z "${new_users_file}" ]; then
+ printf 'Please specify a new users file: ./%s new_users.txt\n' "$0"
+ exit 1
+fi
+
+add_user() {
+ user_name="$1"
+ user_email="$2"
+ user_pubkey="$3"
+
+ # generate a random 20 digit password
+ # encrypt the password and pass it to
+ # useradd, set ksh as default shell
+ printf 'Adding new user %s\n' "$1"
+ new_pw="$(pwgen -1B 20)"
+ pw_crypt="$(encrypt "${new_pw}")"
+ useradd -m -g 1001 -p "$pw_crypt" -s /bin/ksh -k /etc/skel "${user_name}"
+
+ # make the public_html directory for the users
+ mkdir "/var/www/users/$1"
+ chown "${user_name}:tilde" "/var/www/users/${user_name}"
+ doas -u "${user_name}" ln -s "/var/www/users/${user_name}" "/home/${user_name}/public_html"
+
+ # make the public_repos directory
+ mkdir "/var/www/cgit_repos/${user_name}"
+ chown "${user_name}:tilde" "/var/www/cgit_repos/${user_name}"
+ doas -u "${user_name}" ln -s "/var/www/cgit_repos/${user_name}" "/home/${user_name}/public_repos"
+
+ # set up the httpd configuration for
+ # individual users. this config forces tls
+ # for all subdomains
+ echo "server \"${user_name}.tilde.institute\" {
+ listen on \$ext_addr port 80 block return 301 \"https://\$SERVER_NAME\$REQUEST_URI\"
+ }
+ server \"${user_name}.tilde.institute\" {
+ listen on \$ext_addr tls port 443
+ root \"/users/${user_name}\"
+ tls {
+ key \"/etc/letsencrypt/live/tilde.institute-0001/privkey.pem\"
+ certificate \"/etc/letsencrypt/live/tilde.institute-0001/fullchain.pem\"
+ }
+ directory index index.html
+ directory auto index
+ location \"/*.cgi\" {
+ fastcgi
+ }
+ location \"/*.php\" {
+ fastcgi socket \"/run/php-fpm.sock\"
+ }
+ }" >"/etc/httpd/${user_name}.conf"
+
+ # httpd(8) does not support globbing on includes.
+ # we need to add the includes to a larger include file to keep the main config cleaner.
+ echo "include \"/etc/httpd/${user_name}.conf\"" >>/etc/httpd-vusers.conf
+
+ # Sort and deduplicate entries in the bridged vhost config file
+ # Duplicate entries cause weird behavior. Subdomains after the
+ # duplicated entry won't resolve properly and instead resolve
+ # to the main site
+ sort -u /etc/httpd-vusers.conf >/etc/httpd-vusers.conf.sorted
+ cp /etc/httpd-vusers.conf.sorted /etc/httpd-vusers.conf
+
+ # send welcome email
+ sed -e "s/newusername/${user_name}/g" /admin/misc/email.tmpl | mail -r admins@tilde.institute -s "welcome to tilde.institute!" "${user_email}"
+
+ # subscribe to mailing list
+ #echo " " | doas -u $1 mail -s "subscribe" institute-join@lists.tildeverse.org
+
+ # lock down the users' history files so they can't be deleted or truncated (bash and ksh only)
+ doas -u "${user_name}" touch "/home/${user_name}/.history"
+ doas -u "${user_name}" touch "/home/${user_name}/.bash_history"
+ chflags uappnd "/home/${user_name}/.history"
+ chflags uappnd "/home/${user_name}/.bash_history"
+
+ # announce the new user's creation on mastodon
+ # then copy their ssh key to their home directory
+ /admin/bin/toot.py "Welcome new user ~${user_name}!"
+ cut </etc/passwd -d ":" -f1 >/var/www/htdocs/userlist
+ echo "${user_pubkey}" | tee "/home/${user_name}/.ssh/authorized_keys"
+}
+
+mailing_list_users=""
+while IFS="" read -r line || [ -n "$line" ]; do
+ [ -z "$line" ] && continue
+ this_user_name="$(echo "$line" | cut -d -f1)"
+ # shellcheck disable=SC2086
+ add_user $line || continue
+ mailing_list_users="${this_user_name}@tilde.institute\n${mailing_list_users}"
+done <"${new_users_file}"
+
+printf '\nRestarting httpd(8)\n'
+rcctl restart httpd
+
+printf 'Users to add to mailing list:\n\n%s\n' "${mailing_list_users}"
diff --git a/bin/motdrotate.py b/bin/motdrotate.py
index 15593f0..cad8688 100755
--- a/bin/motdrotate.py
+++ b/bin/motdrotate.py
@@ -6,8 +6,6 @@ import random
##############################################
## Uses a skeleton motd plus a random quote ##
## to produce a motd with a nifty quote. ##
-##------------------------------------------##
-## <gbmor> ben@gbmor.dev ##
##############################################
def pullfile(filename):
diff --git a/bin/regusers.py b/bin/regusers.py
index 53997da..d240b9e 100755
--- a/bin/regusers.py
+++ b/bin/regusers.py
@@ -2,7 +2,6 @@
# Lists all the currently registered users extant on the system
# for the stats page at https://tilde.institute/stats
-# gbmor <ben@gbmor.dev>
import os
import sys
diff --git a/bin/rmuser b/bin/rmuser
index 98c697a..b7f5932 100755
--- a/bin/rmuser
+++ b/bin/rmuser
@@ -1,5 +1,4 @@
#!/bin/sh
-set -eu
if [ -z "$1" ]; then
printf 'Please pass a user as the first argument.\n'
@@ -7,6 +6,12 @@ if [ -z "$1" ]; then
fi
printf 'Removing user %s from the system\n' "$1"
+
+chflags nouappnd "/home/$1/.history"
+chflags nouappnd "/home/$1/.bash_history"
+
+set -e
+
userdel -r -v "$1"
printf 'Cleaning /var/www/users/%s\n' "$1"
rm -rf "/var/www/users/$1"
diff --git a/bin/showwhoison b/bin/showwhoison
index 6c36584..5247282 100755
--- a/bin/showwhoison
+++ b/bin/showwhoison
@@ -4,8 +4,13 @@
# Shows connected users, including those
# connected via mosh
-x=$(who | cut -d' ' -f1 )
+x=$(who | cut -d' ' -f1)
y=$(ps aux | grep mosh | cut -d' ' -f1)
+z=$(ps aux | grep notty | cut -d' ' -f1)
echo "Currently logged in users, including MOSH: "
-echo "$x" |sort | uniq
+echo "$x" | sort | uniq
echo "$y" | sort | uniq
+
+echo ""
+echo "NO TTY:"
+echo "$z" | sort | uniq
diff --git a/bin/weekconns.py b/bin/weekconns.py
index ed9d375..0c62263 100755
--- a/bin/weekconns.py
+++ b/bin/weekconns.py
@@ -3,7 +3,6 @@
# Lists the users who have connected in
# the last week for the stats page at
# https://tilde.institute/stats
-# <gbmor> ben@gbmor.dev
from sys import exit
import subprocess
|