Add create-user.sh

2025-07-21 20:10:13 +00:00
commit c0a7a0da31
1 changed files with 74 additions and 0 deletions
--- a/create-user.sh
+++ b/create-user.sh
@@ -0,0 +1,74 @@
+#!/bin/bash
+
+echo "== Flexible User Creation Script =="
+
+# Prompt for username
+printf "Username to create (required): "
+IFS= read -r NEWUSER_NAME </dev/tty
+if [[ -z "$NEWUSER_NAME" ]]; then
+    echo "Error: Username is required."
+    exit 1
+fi
+
+# Prompt for SSH public key
+printf "Paste the SSH public key: "
+IFS= read -r NEWUSER_PUBKEY </dev/tty
+if [[ -z "$NEWUSER_PUBKEY" ]]; then
+    echo "Error: Public key is required."
+    exit 1
+fi
+
+# Prompt for group(s)
+printf "Comma-separated groups to add (e.g. sudo,sshusers,docker): "
+IFS= read -r NEWUSER_GROUPS </dev/tty
+
+# Create user if needed
+if id "$NEWUSER_NAME" &>/dev/null; then
+    echo "[*] User '$NEWUSER_NAME' already exists. Skipping creation."
+else
+    echo "[+] Creating user: $NEWUSER_NAME"
+    useradd -m -s /bin/bash "$NEWUSER_NAME"
+fi
+
+# Add to groups (if provided)
+if [[ -n "$NEWUSER_GROUPS" ]]; then
+    echo "[+] Adding $NEWUSER_NAME to groups: $NEWUSER_GROUPS"
+    usermod -aG "$NEWUSER_GROUPS" "$NEWUSER_NAME"
+fi
+
+# Optional: ask for passwordless sudo if 'sudo' is included
+if [[ "$NEWUSER_GROUPS" == *sudo* ]]; then
+    printf "Allow passwordless sudo for this user? [y/N]: "
+    IFS= read -r NEWUSER_SUDO_NOPASS </dev/tty
+    if [[ "$NEWUSER_SUDO_NOPASS" =~ ^[Yy]$ ]]; then
+        echo "[+] Enabling passwordless sudo for $NEWUSER_NAME"
+        echo "$NEWUSER_NAME ALL=(ALL) NOPASSWD:ALL" > "/etc/sudoers.d/$NEWUSER_NAME"
+        chmod 440 "/etc/sudoers.d/$NEWUSER_NAME"
+    else
+        echo "[*] Skipping passwordless sudo."
+    fi
+fi
+
+# Setup SSH access
+NEWUSER_HOME="/home/$NEWUSER_NAME"
+NEWUSER_SSH_DIR="$NEWUSER_HOME/.ssh"
+NEWUSER_AUTH_KEYS="$NEWUSER_SSH_DIR/authorized_keys"
+
+mkdir -p "$NEWUSER_SSH_DIR"
+touch "$NEWUSER_AUTH_KEYS"
+chmod 700 "$NEWUSER_SSH_DIR"
+chmod 600 "$NEWUSER_AUTH_KEYS"
+chown -R "$NEWUSER_NAME:$NEWUSER_NAME" "$NEWUSER_SSH_DIR"
+
+# Add key if not already present
+if grep -Fxq "$NEWUSER_PUBKEY" "$NEWUSER_AUTH_KEYS"; then
+    echo "[*] Public key already present. Skipping."
+else
+    echo "$NEWUSER_PUBKEY" >> "$NEWUSER_AUTH_KEYS"
+    echo "[+] Public key added."
+fi
+
+echo
+echo "[✓] User '$NEWUSER_NAME' setup complete."
+[[ -n "$NEWUSER_GROUPS" ]] && echo "[✓] Groups added: $NEWUSER_GROUPS"
+echo "[✓] SSH access configured."