From 15297f537698ee8df23db30d39f9533f2dc5378f Mon Sep 17 00:00:00 2001
From: waldek <waldek@mailbox.org>
Date: Mon, 26 Apr 2021 19:37:15 +0200
Subject: [PATCH] adds postproduction solution

---
 .../resources/exercise_config_versioning.md   |   2 +-
 modules/resources/solution_postproduction.md  | 420 ++++++++++++++++++
 2 files changed, 421 insertions(+), 1 deletion(-)
 create mode 100644 modules/resources/solution_postproduction.md

diff --git a/modules/resources/exercise_config_versioning.md b/modules/resources/exercise_config_versioning.md
index 22af7b6..b0a6f9a 100644
--- a/modules/resources/exercise_config_versioning.md
+++ b/modules/resources/exercise_config_versioning.md
@@ -64,4 +64,4 @@ To get you going here are a few links.
 * general vim configuration [tutorial](https://linuxhint.com/vimrc_tutorial/)
 * [powerline](https://powerline.readthedocs.io/en/master/overview.html#screenshots)
 * quick options for your [bashrc](https://www.ivanglinkin.com/useful-bashrc-configuration-file/)
-* why not try [zsh](https://www.howtogeek.com/362409/what-is-zsh-and-why-should-you-use-it-instead-of-bash/)?
+* why not try [zsh](https://linuxhint.com/differences_between_bash_zsh/)
diff --git a/modules/resources/solution_postproduction.md b/modules/resources/solution_postproduction.md
new file mode 100644
index 0000000..a5e9da1
--- /dev/null
+++ b/modules/resources/solution_postproduction.md
@@ -0,0 +1,420 @@
+# Post production SFTP solution
+
+## Mapping out the users
+
+From the information given in the text I would create the following users and groups:
+
+We could write a script that takes a CSV file as input but I decided to go the oldschool way and just write a full script.
+First we add the groups we think we'll need.
+
+```bash
+#!/bin/bash
+
+groupadd production
+groupadd planning
+groupadd script
+groupadd technical
+groupadd videoeditors
+groupadd audioengineers
+groupadd sftpjailed
+```
+
+Most of these are self explanitory, but the `production`, `technical` and `sftpjailed` require a bit more explanitation.
+They are *overarching* groups, meaning they group other groups.
+From a Linux standpoint they are no different from the normal groups, but we'll use the to group together the technical department and all users that don't need ssh.
+
+Next we'll add the users and we'll set their passwords to a *test* password.
+In order for them to share a `$HOME` directory we'll need to create one as well.
+
+
+```bash
+#!/bin/bash
+
+# adding the groups
+groupadd production
+groupadd planning
+groupadd script
+groupadd technical
+groupadd videoeditors
+groupadd audioengineers
+groupadd sftpjailed
+
+# creating the shared home directory
+mkdir -p /home/postproduction
+
+# adding the users
+useradd marie
+echo "marie:test" | chpasswd
+usermod -d /home/postproduction marie
+
+useradd hugo
+echo "hugo:test" | chpasswd
+usermod -d /home/postproduction hugo
+
+useradd victor
+echo "victor:test" | chpasswd
+usermod -d /home/postproduction victor
+
+useradd camille
+echo "camille:test" | chpasswd
+usermod -d /home/postproduction camille
+
+useradd dave
+echo "dave:test" | chpasswd
+usermod -d /home/postproduction dave
+
+useradd sarah
+echo "sarah:test" | chpasswd
+usermod -d /home/postproduction sarah
+
+useradd ester
+echo "ester:test" | chpasswd
+usermod -d /home/postproduction ester
+
+useradd adam
+echo "adam:test" | chpasswd
+usermod -d /home/postproduction adam
+
+useradd eefje
+echo "eefje:test" | chpasswd
+usermod -d /home/postproduction eefje
+
+useradd alex
+echo "alex:test" | chpasswd
+usermod -d /home/postproduction alex
+```
+
+The quick ones among you probably see there is quite a lot of room for error here when typing the same names over and over again.
+We can optimise this with some easy variables.
+
+```bash
+#!/bin/bash
+
+# the shared home for all users
+sharedhome="/home/postproduction"
+mkdir -p $sharedhome
+
+# adding the groups
+groupadd production
+groupadd planning
+groupadd script
+groupadd technical
+groupadd videoeditors
+groupadd audioengineers
+groupadd sftpjailed
+
+# adding the users
+username="marie"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+
+username="victor"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+
+username="camille"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+
+username="dave"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+
+username="sarah"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+
+username="ester"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+
+username="adam"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+
+username="eefje"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+
+username="alex"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+```
+
+Those who already did programming before see this is an ideal situation to create our own [functions](https://ryanstutorials.net/bash-scripting-tutorial/bash-functions.php).
+Try to optimise the script if you can with your own function!
+
+Next we need to add all the users to their groups.
+
+```bash
+#!/bin/bash
+
+# the shared home for all users
+sharedhome="/home/postproduction"
+mkdir -p $sharedhome
+
+# adding the groups
+groupadd production
+groupadd planning
+groupadd script
+groupadd technical
+groupadd videoeditors
+groupadd audioengineers
+groupadd sftpjailed
+
+# adding the users
+username="marie"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+usermod -a -G production $username
+usermod -a -G planning $username
+usermod -a -G script $username
+usermod -a -G technical $username
+usermod -a -G videoeditors $username
+usermod -a -G audioengineers $username
+usermod -a -G sftpjailed $username
+
+username="hugo"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+usermod -a -G production $username
+usermod -a -G planning $username
+usermod -a -G script $username
+usermod -a -G sftpjailed $username
+
+username="victor"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+usermod -a -G production $username
+usermod -a -G planning $username
+usermod -a -G sftpjailed $username
+
+username="camille"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+usermod -a -G production $username
+usermod -a -G planning $username
+usermod -a -G sftpjailed $username
+
+username="dave"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+usermod -a -G videoeditors $username
+usermod -a -G technical $username
+usermod -a -G sftpjailed $username
+
+username="sarah"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+usermod -a -G videoeditors $username
+usermod -a -G technical $username
+usermod -a -G sftpjailed $username
+
+username="ester"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+usermod -a -G videoeditors $username
+usermod -a -G technical $username
+usermod -a -G sftpjailed $username
+
+username="adam"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+usermod -a -G audioengineers $username
+usermod -a -G technical $username
+usermod -a -G sftpjailed $username
+
+username="eefje"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+usermod -a -G audioengineers $username
+usermod -a -G technical $username
+usermod -a -G sftpjailed $username
+
+username="alex"
+useradd $username
+echo "$username:test" | chpasswd
+usermod -d $sharedhome $username
+usermod -a -G production $username
+usermod -a -G planning $username
+usermod -a -G script $username
+usermod -a -G technical $username
+usermod -a -G videoeditors $username
+usermod -a -G audioengineers $username
+```
+
+When testing this out you'll quickly discover the need for a second script, one that removes all the users and groups from your system.
+I would advise something along these lines.
+
+```bash
+#!/bin/bash
+
+sharedhome="/home/postproduction"
+
+# removing the groups
+groupdel production
+groupdel planning
+groupdel script
+groupdel technical
+groupdel videoeditors
+groupdel audioengineers
+groupdel sftpjailed
+
+# removing the users
+userdel marie
+userdel hugo
+userdel victor
+userdel camille
+userdel dave
+userdel sarah
+userdel ester
+userdel adam
+userdel eefje
+userdel alex
+
+# removing the groups created for the users
+groupdel marie
+groupdel hugo
+groupdel victor
+groupdel camille
+groupdel dave
+groupdel sarah
+groupdel ester
+groupdel adam
+groupdel eefje
+groupdel alex
+
+# removing the home
+rm -r $sharedhome
+```
+
+Both scripts together now give us a basic toolset to add and remove the users we need.
+They work quite nicely but are not *verbose* at all!
+To add debug messages with `echo` all around will become very prone to errors unless we start adding `for` loops and `functions`.
+Let's start with a for loop in the remove script.
+
+```bash 
+#!/bin/bash
+
+sharedhome="/home/postproduction"
+
+groups="production planning script technical videoeditors audioengineers sftpjailed"
+users="marie hugo victor camille dave sarah ester adam eefje alex"
+
+# removing the groups
+for group in $groups
+do
+	echo "removing group $group"
+	groupdel $group
+done
+
+# removing the users and their primary groups
+for user in $users
+do
+	echo "removing user $user"
+	userdel $user
+	echo "removing group $user"
+	groupdel $user
+done
+
+# removing the home
+rm -r $sharedhome
+```
+
+So much cleaner no?
+This is also a good place to start controlling our `STDERR` output.
+Can you think of a clean way to deal with the error messages?
+Remember what `$?` does?
+And you remember what `2> /dev/null` does?
+A combination of these two concepts can tame the error message output quite nicely.
+Have a test yourself!
+
+The script to create the users will be a bit more complicated as there are a lot more variables.
+A function would be ideal, but we'll try to deal with the problem without first!
+
+```bash
+#!/bin/bash
+
+sharedhome="/home/postproduction"
+
+groups="production planning script technical videoeditors audioengineers sftpjailed"
+users="marie hugo victor camille dave sarah ester adam eefje alex"
+
+marie="production planning script technical videoeditors audioengineers sftpjailed"
+hugo="production planning script sftpjailed"
+victor="production planning sftpjailed"
+camille="production script sftpjailed"
+dave="technical videoeditors sftpjailed"
+sarah="technical videoeditors sftpjailed"
+ester="technical videoeditors sftpjailed"
+adam="technical audioengineers sftpjailed"
+eefje="technical audioengineers sftpjailed"
+alex="production planning script technical videoeditors audioengineers"
+
+# adding the home
+mkdir -p $sharedhome
+
+# adding the groups
+for group in $groups
+do
+	echo "adding group $group"
+	groupadd $group
+done
+
+# adding the users
+for user in $users
+do
+	echo "adding user $user"
+	useradd $user
+	echo "setting the password for $user"
+	echo "$user:test" | chpasswd
+done
+
+# adding the users to their groups
+for user in $users
+do
+	echo "adding groups for $user"
+	usergroups=$(eval echo \$$user)
+	for group in $usergroups 
+	do
+		echo "adding $user to $group"
+		usermod -a -G $group $user
+	done
+done
+```
+
+Two things worth pointing out in the above script are:
+
+1. the loop in a loop
+2. the `eval` statement
+
+The loop in a loop might look intimidating at first sight but it's not super exotic.
+For each user is the `$users` list we will look at each group they need to belong to.
+for each of those groups we add them with `usermod`.
+
+The `eval` is a bit trickier to explain and I would consider it a bit of a *hack* to make it all work.
+For each user in the `$users` list we also have a variable with their name.
+This variable contains the groups they need to belong to.
+The `eval` statement will *evaluate* the expression following and `\$` will interpretate the $ sign *litterally*.
+All of this serves to make a call to `$camille` and get `"production script sftpjailed"` in return so we can iterate over the groups.
+
+There are *cleaner* ways of doing this and I would advise you to look into bash [arrays](https://www.gnu.org/software/bash/manual/html_node/Arrays.html).
+If you decide to try this out, you *might* run into compatibility issues when testing in `zsh` but from inside a `bash` script you should be fine.