#!/bin/bash
USER=${1:-$USER}
USER_PW=${2-$USER_PW}
if [[ $USER ]]; then
    echo "------- Adding USER: $USER ------"
    source $LIB_DIR/verbose.lib
    echo loading acl package
    silence $INSTALL_PKGS acl
    echo "------- Adding User: $USER ------"
    groupadd -g 1001 $USER
    useradd -rm -s /bin/bash -G host,$([[ $(getent group sudo) ]] && echo sudo || echo wheel) -g $USER -u 1001 $USER
    echo $USER groups: $(groups $USER)
    chpasswd <<< "sysadmin:${USER_PW:-$USER}"
    # SUDOERS Setup 
    cat <<SUDO >> /etc/sudoers.d/01-sudo-wheel
Defaults lecture = never     
%wheel ALL=(ALL:ALL) ALL
%sudo  ALL=(ALL:ALL) ALL
SUDO
chmod 440 /etc/sudoers.d/01-sudo-wheel
cat <<USER >> /etc/sudoers.d/02-$USER
$USER ALL = NOPASSWD:/bin/chown
$USER ALL = NOPASSWD:/bin/chmod
USER
chmod 440 /etc/sudoers.d/02-$USER
    if [[ -f $USER-permits ]]; then
        echo "--- $USER-permits file supplied copying to /etc/sudoers.d ---"
        cat $USER-permits 
        cat $USER-permits >> /etc/sudoers.d/02-$USER
    fi    

chmod g+rw /opt
setfacl -d --set u::rwx,g::rwx,o::- /opt
echo "done------- Adding USER: $USER ------"
fi