feat: Use existing sudo user instead of creating new nasadmin user

- Modify setup.sh to automatically detect and use SUDO_USER - Pre-fill admin username with current sudo user - Only create new user if specified user doesn't exist - Update README.md to document user management changes - Update CHANGELOG.md with user management improvements - Remove unnecessary NEW_USER default creation
2025-10-03 13:15:51 +02:00
parent 5a0a2401ce
commit 21781166ea
3 changed files with 18 additions and 9 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -40,10 +40,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
  - I/O scheduler path validation with automatic disk detection
  - Optional unattended-upgrades (disabled by default for user control)

- **Enhanced Security Documentation**
-  - New SECURITY.md with comprehensive security policy
-  - Updated security features documentation
-  - Container security considerations and warnings
+- **User Management Overhaul**
+  - Script now uses existing sudo user instead of creating new "nasadmin" user
+  - Automatic detection of SUDO_USER environment variable
+  - Interactive user creation only when specified user doesn't exist
+  - Simplified user management workflow

 - **Code Quality Improvements**
  - New CODE_OF_CONDUCT.md for community guidelines
--- a/README.md
+++ b/README.md
@@ -154,10 +154,8 @@ The script guides you through an interactive configuration:
 - **Webmin:** Web-based system administration interface (optional)
 - **Unattended Upgrades:** Automatic security updates (optional, disabled by default)

-### Security Configuration
- **Firewall Rules:** IPv4/IPv6 automatic based on selected services
- **Fail2ban:** Protection against brute-force attacks
- **Rate Limiting:** IPv4/IPv6 protection against DoS attacks
+### User Configuration
+- **Admin User:** Uses the current sudo user by default (no new user creation required)
 - **SSH Keys:** Ed25519 key generation for enhanced security

 ## 📁 Directory Structure
--- a/setup.sh
+++ b/setup.sh
@@ -311,7 +311,17 @@ create_interactive_config() {
    save_config "SSH_PORT" "$ssh_port"
    
    # User configuration
-    local username=$(ask_input "Admin username" "$NEW_USER" "validate_username")
+    local current_user
+    if [[ -n "${SUDO_USER:-}" ]]; then
+        current_user="$SUDO_USER"
+        log_info "Using current sudo user: $current_user"
+    else
+        current_user="$USER"
+        log_info "Using current user: $current_user"
+    fi
+    
+    # Pre-fill with current user, but allow override
+    local username=$(ask_input "Admin username" "$current_user" "validate_username")
    save_config "ADMIN_USER" "$username"
    # Ensure the configured admin user exists (offer interactive creation)
    ensure_user_exists_interactive "$username" || log_warning "Admin user '$username' not created; some features may require it."