Forem: akintola abdulazeez oladele

DevOpsFetch: A system monitoring and management tool.

akintola abdulazeez oladele — Mon, 05 Aug 2024 09:20:58 +0000

Introduction

Welcome to DevOpsFetch, your new best friend in system monitoring and management. Picture this: You’re a DevOps engineer managing lot of servers, multitasking between Docker containers, Nginx configurations, and user activities. It’s a typical day, and you’re bombarded with requests for information—active ports, container statuses, and more.

Instead of desperately typing away commands to gather this information, you can rely on DevOpsFetch to streamline the process. This script is designed to simplify your life by retrieving and logging various system information including active ports, Docker images and containers, Nginx domains, user logins, and system activities within a specified time range.

What the Script Does

DevOpsFetch is a comprehensive script that automates the retrieval and logging of critical system information. Here’s a detailed breakdown of its functionality:

Log File Creation and Permissions:

The script first checks if the log file (/var/log/devopsfetch.log) exists.
If it doesn’t exist, it creates the log file and sets the necessary permissions to allow writing.

LOG_FILE="/var/log/devopsfetch.log"

#Create the log file if it doesn't exist and set permissions

if [ ! -f "$LOG_FILE" ]; then
    sudo touch "$LOG_FILE"
    sudo chmod 666 "$LOG_FILE"
fi

Help Display:

Provides a help message (--help or -h) that shows usage instructions and available options.

show_help() {
    echo "Usage: $0 [OPTIONS]"
    echo "Options:"
    echo "  -p, --port                List all active ports and services"
    echo "  -p <port_number>          Detailed information about a specific port"
    echo "  -d, --docker              List all Docker images and containers"
    echo "  -d <container_name>       Detailed information about a specific container"
    echo "  -n, --nginx               Display all Nginx domains and their ports"
    echo "  -n <domain>               Detailed configuration information for a specific domain"
    echo "  -u, --users               List all users and their last login times"
    echo "  -u <username>             Detailed information about a specific user"
    echo "  -t, --time <start> <end>  Display activities within a specified time range"
    echo "  --install                 Install dependencies and set up the service"
    echo "  -h, --help                Show this help message"
}

Logging Mechanism:

Defines a function (log_message) to log messages to the log file, ensuring all output is consistently recorded.

log_message() {
    echo "$1" | sudo tee -a "$LOG_FILE"
}

Port Information:

Lists all active ports and services (--port or -p).
Provides detailed information about a specific port (-p <port_number>).

list_ports() {
    log_message "Listing all active ports and services..."
    netstat -tuln | sudo tee -a "$LOG_FILE"
}

port_details() {
    local port=$1
    log_message "Detailed information about port $port"
    netstat -tuln | grep ":$port" | sudo tee -a "$LOG_FILE"
}

Docker Information:

Lists all Docker images and containers (--docker or -d).
Provides detailed information about a specific container (-d <container_name>).

list_docker() {
    log_message "Listing all Docker images..."
    docker images | sudo tee -a "$LOG_FILE"
    log_message "Listing all Docker containers..."
    docker ps -a | sudo tee -a "$LOG_FILE"
}

container_details() {
    local container_name=$1
    log_message "Detailed information about container $container_name..."
    docker inspect "$container_name" | sudo tee -a "$LOG_FILE"
}

Nginx Information:

Displays all Nginx domains and their ports (--nginx or -n).
Provides detailed configuration information for a specific domain (-n <domain>).

domain_details() {
    local domain=$1
    log_message "Detailed configuration for domain $domain..."
    grep -r "server_name $domain" /etc/nginx/sites-enabled/ | sudo tee -a "$LOG_FILE"
}

User Information:

Lists all users and their last login times (--users or -u).
Provides detailed information about a specific user (-u <username>).

list_users() {
    log_message "Listing all users and their last login times..."
    lastlog | sudo tee -a "$LOG_FILE"
}

user_details() {
    local username=$1
    log_message "Detailed information about user $username..."
    lastlog | grep "$username" | sudo tee -a "$LOG_FILE"
}

Time-Range Activities:

Displays system activities within a specified time range (--time <start> <end>).

filter_by_time_range() {
    local start_time=$1
    local end_time=$2
    log_message "Activities from $start_time to $end_time..."
    journalctl --since="$start_time" --until="$end_time" | sudo tee -a "$LOG_FILE"
}

Installation:

Installs necessary dependencies and sets up the systemd service for DevOpsFetch (--install).

if [ "$1" == "--install" ]; then
    log_message "Installing dependencies and setting up the service..."
    sudo apt-get update
    sudo apt-get install -y net-tools nginx docker.io
    sudo systemctl enable docker
    sudo systemctl start docker

    sudo tee /etc/systemd/system/devopsfetch.service > /dev/null <<EOL
[Unit]
Description=devopsfetch - DevOps System Information Retrieval Tool
After=network.target

[Service]
ExecStart=/home/hayzedak/HNG5/devopsfetch.sh
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target
EOL

    sudo systemctl daemon-reload
    sudo systemctl enable devopsfetch
    sudo systemctl start devopsfetch

Main Script Logic:

Handles the different options provided by the user and calls the appropriate functions.

elif [ "$1" == "-p" ] || [ "$1" == "--port" ]; then
    if [ -n "$2" ]; then
        port_details "$2"
    else
        list_ports
    fi
elif [ "$1" == "-d" ] || [ "$1" == "--docker" ]; then
    if [ -n "$2" ]; then
        container_details "$2"
    else
        list_docker
    fi
elif [ "$1" == "-n" ] || [ "$1" == "--nginx" ]; then
    if [ -n "$2" ]; then
        domain_details "$2"
    else
        grep -r "server_name" /etc/nginx/sites-enabled/ | sudo tee -a "$LOG_FILE"
    fi
elif [ "$1" == "-u" ] || [ "$1" == "--users" ]; then
    if [ -n "$2" ]; then
        user_details "$2"
    else
        list_users
    fi
elif [ "$1" == "-t" ] || [ "$1" == "--time" ]; then
    if [ -n "$2" ] && [ -n "$3" ]; then
        filter_by_time_range "$2" "$3"
    else
        echo "Please provide both start and end times in the format 'YYYY-MM-DD HH:MM:SS'"
    fi
elif [ "$1" == "-h" ] || [ "$1" == "--help" ]; then
    show_help
else
    echo "Unknown option: $1"
    show_help
fi

Installation and Configuration

Fork or Clone This Repo

Fork or clone the DevOpsFetch repository to your local machine here.

You can choose to place the script in the root directory /usr/local/bin/devopsfetch.sh and set the ExecStart path to /etc/systemd/system/devopsfetch.service or save the script to your desired location, such as /home/hayzedak/HNG5/devopsfetch.sh, thereby making similar changes to the ExecStart path.

Make the Script Executable

To ensure the script can be executed, change its permissions:

sudo chmod +x /path/to/devopsfetch.sh

Install Dependencies and Set Up the Service

Run the script with the --install option to install necessary dependencies and set up the systemd service:

./devopsfetch.sh --install

This command will:

Update the package list.
Install net-tools, nginx, and docker.io.
Enable and start the Docker service.
Create a systemd service file for DevOpsFetch.
Enable and start the devopsfetch service.

Enable and Start the Service

If you need to enable and start the service manually:

sudo systemctl daemon-reload
sudo systemctl enable devopsfetch
sudo systemctl start devopsfetch

Usage

Run the script with different options to retrieve specific system information.

./devopsfetch.sh [OPTIONS]

Options

-p, --port: List all active ports and services.
-p <port_number>: Detailed information about a specific port.
-d, --docker: List all Docker images and containers.
-d <container_name>: Detailed information about a specific container.
-n, --nginx: Display all Nginx domains and their ports.
-n <domain>: Detailed configuration information for a specific domain.
-u, --users: List all users and their last login times.
-u <username>: Detailed information about a specific user.
-t, --time <start> <end>: Display activities within a specified time range.
--install: Install dependencies and set up the service.
-h, --help: Show the help message.

Examples

List all active ports and services:

./devopsfetch.sh --port

-Get detailed information about a specific port:

./devopsfetch.sh --port 80

List all Docker images and containers:

./devopsfetch.sh --docker

Get detailed information about a specific container:

./devopsfetch.sh --docker my_container

Display all Nginx domains and their ports:

./devopsfetch.sh --nginx

Get detailed configuration information for a specific domain:

./devopsfetch.sh --nginx mydomain.com

List all users and their last login times:

./devopsfetch.sh --users

Get detailed information about a specific user:

./devopsfetch.sh -u username

Display activities within a specified time range:

./devopsfetch.sh --time "2024-08-01 00:00:00" "2024-08-01 23:59:59"

Show the help message:

./devopsfetch.sh --help

Logging Mechanism

Log File

All output from the script is logged to /var/log/devopsfetch.log. This log file is created and its permissions are set to ensure it can be written to by the script.

Viewing Logs

To view the log file, use:

sudo cat /var/log/devopsfetch.log

To continuously monitor the log file, use:

sudo tail -f /var/log/devopsfetch.log

Conclusion

This is a useful tool designed to make the life of a DevOps engineer easier by automating the retrieval and logging of important system information. Whether you're monitoring ports, managing Docker containers, configuring Nginx, or tracking user activities, it has you covered. Its simple yet effective logging mechanism ensures that all actions are recorded, providing a comprehensive audit trail for your system's activities.

By automating these tasks, you can save valuable time and reduce the risk of human error, allowing you to focus on more critical aspects of your work. It is easily configurable and extensible, integrating seamlessly with your existing workflows.

Feel free to reach out if you have any questions or need further assistance. Happy monitoring!

Messaging System with Flask App and RabbitMQ/Celery for Email Handling 🚀

akintola abdulazeez oladele — Fri, 26 Jul 2024 10:04:05 +0000

Overview

Welcome to the Messaging System!. This system is designed to handle two main tasks: sending emails and logging requests. It’s built using Flask for the web application and Celery for asynchronous task management, ensuring efficient and scalable processing.

Prerequisites

Python 3.12+
Virtualenv
RabbitMQ/Celery
An SMTP email account
Nginx
Ngrok for external access

Key Components:

app.py: This is the main entry point of our web application. It handles incoming HTTP requests, routes them appropriately, and interacts with the Celery tasks for sending emails or logging requests.
tasks.py: This file contains the Celery task for sending emails. It ensures that email sending is handled asynchronously, allowing the web application to remain responsive.
Celery: An asynchronous task queue/job queue that distributes tasks to multiple workers, making the system scalable and efficient.

app.py 📄

This file sets up the Flask web application. It includes routes to handle sending emails and logging requests.

Logging Setup: Ensures the logging directory and log file exist.
Route Handling: Defines a route (/) that can handle two types of requests: sendmail to send an email and talktome to log a message with a timestamp.

import os
import logging
import time  # Import the time module
from flask import Flask, request
from tasks import send_email

app = Flask(__name__)

# Ensure logging directory exists
log_dir = "/var/log"
log_file = os.path.join(log_dir, "messaging_system.log")
if not os.path.exists(log_dir):
    os.makedirs(log_dir)
if not os.path.exists(log_file):
    open(log_file, 'a').close()

logging.basicConfig(filename=log_file, level=logging.INFO)

@app.route('/')
def index():
    sendmail = request.args.get('sendmail')
    talktome = request.args.get('talktome')

    try:
        if sendmail:
            recipient_email = sendmail.replace('mailto:', '')
            send_email.delay(recipient_email)
            return "Email sent!"

        if talktome:
            logging.info(f"Talk to me request at {time.strftime('%Y-%m-%d %H:%M:%S')}")
            return "Logged time!"

        return "Welcome to the messaging system!"
    except Exception as e:
        logging.error(f"Error occurred: {e}")
        return "An error occurred. Check the logs for details.", 500

if __name__ == '__main__':
    app.run(host='0.0.0.0', port=5000)

tasks.py 📄

This file contains the Celery task for sending emails.

Celery Setup: Configures Celery to use RabbitMQ as the message broker.
send_email Task: Defines a task to send an email asynchronously using SMTP.

import os
from celery import Celery
from smtplib import SMTP_SSL
from email.mime.text import MIMEText

celery = Celery('tasks', broker='amqp://guest@localhost//')

@celery.task
def send_email(recipient_email):
    email_password = os.environ.get("EMAIL_PASSWORD")
    if not email_password:
        raise ValueError("EMAIL_PASSWORD not set")

    msg = MIMEText('This is a test email.')
    msg['Subject'] = 'Test Email'
    msg['From'] = 'akintola130@gmail.com'
    msg['To'] = recipient_email

    try:
        with SMTP_SSL('smtp.gmail.com', 465) as server:
            server.login('akintola130@gmail.com', email_password)
            server.sendmail('akintola130@gmail.com', recipient_email, msg.as_string())
        print("Email sent successfully!")
    except Exception as e:
        print(f"Failed to send email: {e}")

Setup

1. Clone the Repository

git clone https://github.com/hayzedak/HNG3.git
cd HNG3/messaging_system

2. Create and Activate a Virtual Environment

python3 -m venv venv
source venv/bin/activate

3. Install Dependencies

pip install Flask celery

4. Configure Environment Variable
Set the EMAIL_PASSWORD environment variable:

export EMAIL_PASSWORD=your_email_password

Make sure to replace your_email_password with your actual email app password.

5. Initialize RabbitMQ 🐇
Ensure that RabbitMQ is running on your system. You can start RabbitMQ with:

sudo systemctl start rabbitmq-server

6. Ensure Log Directory Exists
Ensure the /var/log/messaging_system.log file exists and set the appropriate permissions:

sudo touch /var/log/messaging_system.log
sudo chmod 666 /var/log/messaging_system.log

7. Configure Nginx
Install Nginx if it's not already installed:

sudo apt update
sudo apt install nginx

Create an Nginx configuration file for your Flask application. For example, create /etc/nginx/sites-available/messaging_system:

sudo nano /etc/nginx/sites-available/messaging_system

Add the following configuration, remember to replace your_domain_or_ip with your actual IP address or domain:

server {
    listen 80;
    server_name your_domain_or_ip;

    location / {
        proxy_pass http://your_domain_or_ip:5000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    error_log /var/log/nginx/messaging_system_error.log;
    access_log /var/log/nginx/messaging_system_access.log;
}

Enable the configuration by creating a symlink:

sudo ln -s /etc/nginx/sites-available/messaging_system /etc/nginx/sites-enabled

Test the Nginx configuration and restart Nginx:

sudo nginx -t
sudo systemctl restart nginx

Now, your Flask application should be accessible via your domain or IP.

Running the Application 🚀

Start the Flask Application

Remember to activate the virtual environment.

python3 app.py

Start the Celery Worker: In another terminal, ensure you activate the virtual env.

celery -A tasks worker --loglevel=info

Exposing with ngrok 🌍

To expose your local server to the internet using ngrok, follow these steps:

Download and install ngrok from ngrok.com.
Start ngrok with the following command:

ngrok http 5000

Copy the generated ngrok URL and use it to access your Flask application from the internet.

Usage

To send an email, navigate to http://your_ngrok_endpoint/?sendmail=mailto:recipient@example.com.
To log a request, navigate to http://your_ngrok_endpoint/?talktome.

Troubleshooting 🛠️

If you encounter any issues, check the logs for more information:

Flask application logs: /var/log/messaging_system.log
Celery worker logs: Run sudo journalctl -u celery.service -f to view real-time logs.
Nginx logs: /var/log/nginx/error.log and /var/log/nginx/access.log

By following these steps, you can set up and run your own messaging system with Flask and Celery. Enjoy! 🎉

🚀 Deploying a 3-tier Application with Docker and Nginx Proxy Manager 🌐

akintola abdulazeez oladele — Mon, 22 Jul 2024 08:11:31 +0000

Welcome, tech enthusiast!. I’m excited to walk you through deploying a 3-tier application using Docker and Nginx Proxy Manager. If you've ever felt overwhelmed by the complexity of full-stack development, this guide is your friendly companion, designed to make the process smooth and straightforward. Let’s dive in!

📂 Project Structure

Our project is neatly organized into two main directories:

frontend/: Houses the ReactJS application.
backend/: Contains the FastAPI application and PostgreSQL database integration.

Here’s the project structure for a quick reference:

/project-root
/frontend
Dockerfile
package.json
src/
public/
.env
/backend
Dockerfile
pyproject.toml
poetry.lock
app/
.env
docker-compose.yml

Initial Setup: Cloning the Repository

First things first, let’s clone the project repository. Open your terminal and run:

git clone https://github.com/Hayzedak/hng2.git
cd hng2

This repository serves as a demo application, perfect for interns or anyone looking to get their hands dirty with full-stack development.

🖥️ Manual Deployment: Setting Up on Ubuntu

Step 1: Install Prerequisites

Let’s ensure our system is up-to-date and ready for action:

sudo apt update

Now let's install Git, PostgreSQL, Node.js, and npm:

sudo apt install git postgresql nodejs npm

Step 2: Setting Up Poetry

We’ll use Poetry for managing our Python dependencies:

curl -sSL https://install.python-poetry.org | python3 -

Add Poetry to your system's PATH:

echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.bashrc

source ~/.bashrc

Step 3: Configuring PostgreSQL

Set up PostgreSQL to match the configuration in the .env file located in the backend directory:

sudo -u postgres psql

Then,

CREATE DATABASE app;
CREATE USER app WITH ENCRYPTED PASSWORD 'changethis123';
GRANT ALL PRIVILEGES ON DATABASE app TO app;

These commands create a new database and user, and grant all privileges on the database to the user.

Step 4: Backend Setup

Navigate to the backend directory and install dependencies.

Install necessary dependencies:

poetry install

Set up the database:

poetry run bash ./prestart.sh

Run the FastAPI server:

poetry run uvicorn app.main:app --reload

Step 5: Frontend Setup

Now, let’s get the frontend up and running.

Install the necessary dependencies, and start the development server:

npm install
npm run dev

Update your .env files with your machine's IP address:

VITE_API_URL=http://<your_ip>:8000
BACKEND_CORS_ORIGINS=http://<your_ip>:5173

Now let's test by going to the browser:

http://:5173 => Frontend

http://:8000/api => Backend

http://:8000/docs => Backend Docs

http://:8000/redoc => Backend Redoc

http://:8080 => Adminer

http://:8090 => Proxy Manager GUI

☁️ Deploying to EC2

Deploying our application to AWS EC2 involves a few additional steps.

Step 1: Clone Repository and Update .env Files

SSH into your EC2 instance and clone the repository.

git clone https://github.com/Hayzedak/hng2.git
cd hng2

Update the .env files with your domain information:

VITE_API_URL=https://<your_domain>
BACKEND_CORS_ORIGINS=http://<your_domain>:5173, https://<your_domain>:5173

Step 2: 🐳 Docker Setup

Install Docker on your EC2 instance.

Update the package list:

sudo apt-get update

Install required packages:

sudo apt-get install apt-transport-https ca-certificates curl software-properties-common

Add Docker's official GPG key:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

Add the Docker repository to APT resources:

sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

Update package list:

sudo apt-get update

Install Docker:

sudo apt-get install docker-ce

Verify Docker is properly installed and running:

sudo systemctl status docker

Add user to Docker group:

sudo usermod -aG docker $USER

Step 3: Docker Compose Setup

Install Docker Compose:

sudo curl -L "https://github.com/docker/compose/releases/download/$(curl -s https://api.github.com/repos/docker/compose/releases/latest | grep -oP '"tag_name": "\K(.*)(?=")')" /usr/local/bin/docker-compose

Apply executable permission:

sudo chmod +x /usr/local/bin/docker-compose

Verify Docker Compose is installed:

docker-compose --version

Step 4: Dockerfile Configuration

Let’s create Dockerfiles for our frontend and backend applications.

Frontend Dockerfile

# Official Node.js runtime as a parent image
FROM node:20.15.0-alpine

# Set the working directory in the container
WORKDIR /app

# Copy the rest of the application code
COPY . /app
RUN npm install

# Make port 5173 available to the world outside this container
EXPOSE 5173

CMD ["npm", "run", "dev", "--", "--host"]

Backend Dockerfile

# Official Python runtime as a parent image
FROM python:3.10

RUN set -xe

# Install Poetry
RUN curl -sSL https://install.python-poetry.org | python3 - --git https://github.com/python-poetry/poetry.git@master

ENV PATH="/root/.local/bin:$PATH"

# Confirm poetry version
RUN poetry --version

# Set up the working directory
WORKDIR /app

# Copy and install dependencies
COPY . /app

RUN poetry install

EXPOSE 8000

# Start the application
CMD ["bash", "-c", "poetry run bash ./prestart.sh && poetry run uvicorn app.main:app --reload --host 0.0.0.0"]

Step 5: Docker Compose Configuration

Create a docker-compose.yml file to orchestrate our containers.

version: '3.8'

services:
  nginx-proxy:
    image: jc21/nginx-proxy-manager:latest
    restart: always
    ports:
      - "80:80"
      - "8090:81"
      - "443:443"
    environment:
      DB_SQLITE_FILE: "/data/database.sqlite"
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

  postgres-db:
    image: postgres:13
    environment:
      POSTGRES_DB: app
      POSTGRES_USER: app
      POSTGRES_PASSWORD: changethis123
    ports:
      - "5432:5432"
    volumes:
      - postgres_data:/var/lib/postgresql/data

  backend-container:
    build: ./backend
    environment:
      DATABASE_URL: postgres://app:changethis123@postgres-db:5432/app
    depends_on:
      - postgres-db
    ports:
      - "8000:8000"

  frontend-container:
    build: ./frontend
    depends_on:
      - backend-container
    ports:
      - "5173:5173"

  adminer:
    image: adminer
    restart: always
    ports:
      - "8080:8080"
    environment:
      ADMINER_DEFAULT_SERVER: postgres-db

volumes:
  postgres_data:
    driver: local

Step 6: Build and Run Containers

Run the following command to build and start your Docker containers:

docker-compose up -d

Step 7: Configure Nginx Proxy Manager

Set up A records for your domain and sub-domains in Route53 on your AWS dashboard.

Access Nginx Proxy Manager via http://<your_domain:8090> and use the default credentials to log in.

Configure proxy hosts for your frontend and backend on the same proxy. Map your domain name to the respective container service names and ports.

Enable SSL certificates using Let's Encrypt and enforce SSL for secure connections.

Configure the frontend to route API requests to the backend on the same domain, click on 'Advanced' on the frontend proxy host and paste this configuration

location /api {
    proxy_pass http://backend:8000;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

location /docs {
    proxy_pass http://backend:8000;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

location /redoc {
    proxy_pass http://backend:8000;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

Set up a different proxy host for your adminer and Nginx Proxy Manager. Map your subdomain name to the service name of respective containers and ports.

🧪 Testing Your Application

Congratulations! Your application is now deployed. You can access it via the following URLs:

Frontend: http://your_domain
Backend: http://your_domain/api
Backend Docs: http://<your_domain/docs
Backend Redoc: http://your_domain/redoc
Proxy Manager GUI: http://proxy.your_domain
Adminer: http://db.your_domain

And there you have it! You've successfully deployed a 3-tier application with Docker and Nginx Proxy Manager. This journey might seem impossible at first, but with each step, you're building a robust understanding of full-stack development and deployment. Keep experimenting, keep learning, and most importantly, have fun!

Feel free to reach out if you have any questions or need further assistance. Happy proxying!💻🎉

#nginx #linux #docker #ubuntu #postgres

Automating User and Group Management with Bash Script

akintola abdulazeez oladele — Fri, 05 Jul 2024 08:51:47 +0000

Managing user accounts and groups is a crucial job for system administrators, especially in environments where many new users are frequently added. Automating this process can save significant time and reduce the risk of human error.

In this article, we will demonstrate how to automate user and group management using Bash script. This script will read a text file containing usernames and group names, create the users and groups as specified, set up home directories, generate random passwords, and log all actions.

Script Overview

The script create_users.sh performs the following tasks:

Reads a text file where each line contains a username and a list of groups, separated by a semicolon (;).
Creates a personal group for each user.
Creates user accounts with their respective personal groups.
Adds users to additional groups as specified.
Sets up home directories with appropriate permissions.
Generates random passwords for each user.
Logs all actions to /var/log/user_management.log.
Stores the generated passwords securely in /var/secure/user_passwords.txt.

Prerequisites

Ensure you have the necessary permissions to create users, groups, and modify system files. The script needs to be executed with superuser privileges.

The Bash Script: create_users.sh

Preparing the Input File

Create a text file named user_list.txt with the following format:

azeez;developers,admins
hng;developers
nora;admins

Each line contains a username and a list of groups separated by a semicolon (;). Multiple groups are separated by commas (,).

Running the Script

Make the Script Executable:

sudo chmod +x create_users.sh

Execute the Script:

sudo ./create_users.sh user_list.txt

Verifying the Script Execution

Check the Log File:

sudo cat /var/log/user_management.log

Check the Password File:

sudo cat /var/secure/user_passwords.txt

*Verify User Accounts:
*
cut -d: -f1 /etc/passwd | grep -E 'azeez|hng|nora'

Verify Group Membership:

groups azeez
groups hng
groups nora

Conclusion

Automating user and group management with a Bash script can enhance the efficiency and accuracy of administrative tasks. This script provides solution for creating users, managing group memberships, setting up home directories, and ensuring secure password handling. By following this guide, system administrators can save time and reduce errors, particularly in environments with frequent user account changes.