AI-Cognitive-Leap/agnes-the-ai-analyst
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
agnes-the-ai-analyst/server/bin/add-admin
Petr c56905d34f Initial commit: OSS data distribution platform 
Open-source AI data analyst platform extracted from internal repo.
Includes data sync engine, Keboola adapter, Flask web portal,
server deployment scripts, and configuration templates.
2026-03-08 23:31:28 +01:00

84 lines
2.8 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
# Add server administrator with full access
# Usage: sudo add-admin username "ssh-public-key"
set -euo pipefail
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root (use sudo)"
exit 1
fi
if [[ $# -lt 2 ]]; then
echo "Usage: sudo add-admin username \"ssh-public-key\""
echo ""
echo "Example:"
echo " sudo add-admin novak \"ssh-rsa AAAAB3... novak@example.com\""
exit 1
fi
USERNAME="$1"
SSH_KEY="$2"
# Check if user already exists
if id "$USERNAME" &>/dev/null; then
echo "Error: User '$USERNAME' already exists"
exit 1
fi
echo "Creating admin user: $USERNAME"
# Create user with home directory
useradd -m -s /bin/bash "$USERNAME"
# Add to groups
usermod -aG sudo "$USERNAME" # Server administration
usermod -aG dataread "$USERNAME" # Public data access
usermod -aG data-private "$USERNAME" # Private data access
usermod -aG data-ops "$USERNAME" # Application deployment
# Set up SSH key
mkdir -p "/home/${USERNAME}/.ssh"
echo "$SSH_KEY" > "/home/${USERNAME}/.ssh/authorized_keys"
chmod 700 "/home/${USERNAME}/.ssh"
chmod 600 "/home/${USERNAME}/.ssh/authorized_keys"
chown -R "${USERNAME}:${USERNAME}" "/home/${USERNAME}/.ssh"
# Create workspace
mkdir -p "/home/${USERNAME}/workspace"
chown "${USERNAME}:${USERNAME}" "/home/${USERNAME}/workspace"
# Create symlinks to data, docs, and user scripts
ln -sf /data/src_data "/home/${USERNAME}/data"
ln -sf /data/docs "/home/${USERNAME}/docs"
ln -sf /data/user_scripts "/home/${USERNAME}/user_scripts"
# Add admin to resource limits (unlimited access)
LIMITS_FILE="/etc/security/limits.d/99-users.conf"
if [[ -f "$LIMITS_FILE" ]] && ! grep -q "^${USERNAME} " "$LIMITS_FILE"; then
ADMIN_BLOCK="${USERNAME} soft nproc unlimited
${USERNAME} hard nproc unlimited
${USERNAME} - as unlimited
${USERNAME} - fsize unlimited
${USERNAME} - nofile 65535
"
# Insert before the marker line
if grep -q "NEW_ADMIN_ENTRY_ABOVE_THIS_LINE" "$LIMITS_FILE"; then
sed -i "/NEW_ADMIN_ENTRY_ABOVE_THIS_LINE/i\\${ADMIN_BLOCK}" "$LIMITS_FILE"
else
# Fallback: append before wildcard section
sed -i "/^\* /i\\${ADMIN_BLOCK}" "$LIMITS_FILE"
fi
echo " - Added to resource limits (unlimited)"
fi
echo ""
echo "Admin '$USERNAME' created successfully"
echo " - Added to group: sudo (server administration)"
echo " - Added to group: dataread (public data access)"
echo " - Added to group: data-private (private data access)"
echo " - Added to group: data-ops (application deployment)"
echo " - Workspace: /home/${USERNAME}/workspace"
echo " - Data link: /home/${USERNAME}/data -> /data/src_data"
echo " - Docs link: /home/${USERNAME}/docs -> /data/docs"
echo " - Scripts link: /home/${USERNAME}/user_scripts -> /data/user_scripts"
Reference in a new issue View git blame Copy permalink