I am working on a game panel and I building it in PHP and BASH. So, the web panel controls the game severs by running bash scripts when buttons are pressed. So far so good. My problems come when I need to run the bash scripts because the user running them needs sudo privileges or the scripts will have a an unexpected behavior:
Should I create a new user and give it sudo privileges, then login to the server via SSH (through PHP)? If so how can I store the login credentials safely so if a hacker breaches my website he won't find them?
Should I give www-data sudo privileges to the specific scripts? Is this a dangerous approach?
Is there any better and more secure way to run bash scripts from a webpage?
I am a newbie PHP developer and my first project is a game panel running on Ubuntu server. Please have mercy. :)