Isolate Users (#431)

* WIP to isolate users * Resolved issue with SSH AsUser Updated Isolated User Script to use Server User for Team Access Updated Path creation script to simplify for running as the isolated user * Included the server user * PHPMyAdmin script updated Wordpress Script Updated Updated Execute Script to support executing as isolated users * Issue Resolution & Resolved Failing Unit Tests * Fix for isolated_username vs user * Run the deploy as the isolated user * queue updates for isolated user * Support isolated users in cronjobs * script tests for isolated users * Queue tests for isolated users * Cronjob tests for isolated user * Removed default queue command for laravel apps * add default user to factory * laravel pint fixes * ensure echos are consistent * removed unneeded parameter * update * fix queues for isolated users * revert addslashes --------- Co-authored-by: Saeed Vaziry <mr.saeedvaziry@gmail.com>
2025-07-01 05:56:16 +00:00 · 2025-01-18 00:17:48 +00:00
parent 5947ae80bb
commit c1ae58772c
50 changed files with 717 additions and 69 deletions
--- a/app/SSH/OS/OS.php
+++ b/app/SSH/OS/OS.php
@ -5,6 +5,7 @@
 use App\Exceptions\SSHUploadFailed;
 use App\Models\Server;
 use App\Models\ServerLog;
+use App\Models\Site;
 use App\SSH\HasScripts;
 use Illuminate\Filesystem\FilesystemAdapter;
 use Illuminate\Support\Facades\Storage;
@ -58,6 +59,30 @@ public function createUser(string $user, string $password, string $key): void
        );
    }

+    public function createIsolatedUser(string $user, string $password, int $site_id): void
+    {
+        $this->server->ssh()->exec(
+            $this->getScript('create-isolated-user.sh', [
+                'user' => $user,
+                'server_user' => $this->server->getSshUser(),
+                'password' => $password,
+            ]),
+            'create-isolated-user',
+            $site_id
+        );
+    }
+
+    public function deleteIsolatedUser(string $user): void
+    {
+        $this->server->ssh()->exec(
+            $this->getScript('delete-isolated-user.sh', [
+                'user' => $user,
+                'server_user' => $this->server->getSshUser(),
+            ]),
+            'delete-isolated-user'
+        );
+    }
+
    public function getPublicKey(string $user): string
    {
        return $this->server->ssh()->exec(
@ -88,19 +113,20 @@ public function deleteSSHKey(string $key): void
        );
    }

-    public function generateSSHKey(string $name): void
+    public function generateSSHKey(string $name, ?Site $site = null): void
    {
-        $this->server->ssh()->exec(
+        $site->server->ssh($site->user)->exec(
            $this->getScript('generate-ssh-key.sh', [
                'name' => $name,
            ]),
-            'generate-ssh-key'
+            'generate-ssh-key',
+            $site?->id
        );
    }

-    public function readSSHKey(string $name): string
+    public function readSSHKey(string $name, ?Site $site = null): string
    {
-        return $this->server->ssh()->exec(
+        return $site->server->ssh($site->user)->exec(
            $this->getScript('read-ssh-key.sh', [
                'name' => $name,
            ]),