diff --git a/README.md b/README.md
index db684bd..677c5a0 100644
--- a/README.md
+++ b/README.md
@@ -1,29 +1,51 @@
# Bash Scripts collection
-wget -O init_scripts.sh https://git.studi7.com/roger/bashscripts/raw/branch/master/init_scripts.sh && chmod +x init_scripts.sh && ./init_scripts.sh
+## Permanent enviroment variables in ~/.profile
-## gotifypush.sh
+Append file `~/.profile` with this variables:
+
+```
+# E7 Scripts
+# ClamAV scan script
+export E7S_CLAM_LOGPATH="/path/to/logs/"
+# Multiple folders separate by space
+export E7S_CLAM_DIRSTOSCAN="/path/to/target/"
+# Global script variables
+export E7S_GOTIFY_SERVER_URL="https://push.example.com"
+export E7S_LOGS_PRESERVE_DAYS=30
+export ES7_LOGS_SERVER_SSH="server.example.com"
+export ES7_LOGS_PATH="/path/to/web/root/"
+export ES7_LOGS_URL="https://logs.example.com"
+```
+
+## Scripts
+
+### utils/gotifypush.sh
Send markdown notifications to gotify channel throught curl
* Usage: `./gotifypush.sh
`
-## scan_chk.sh
+### utils/logger.sh
+
+Save logs into remote server and publish it into web server
+
+* Usage: `./logger.sh `
+
+### scan_chk.sh
Scan rootkits into system with chkrootkit
* Usage: `./scan_chk.sh`
-## scan_rkh.sh
+### scan_rkh.sh
Scan rootkits into system with rkhunter
* Usage: `./scan_rkh.sh`
-## scan_clam.sh
+### scan_clam.sh
Scan virus and malware into system with clamav
* Usage: `./scan_clam.sh`
-
-**NOTE:** Need set paths (DIRTOSCAN variable) to scan
diff --git a/init_scripts.sh b/init_scripts.sh
deleted file mode 100644
index bb08332..0000000
--- a/init_scripts.sh
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/bin/bash
-
-# Functions
-show_cron_help () {
- echo "--------------------------------------------"
- echo "* * * * * command to be executed"
- echo "- - - - -"
- echo "| | | | |"
- echo "| | | | ----- Day of week (0 - 7) (Sunday=0 or 7)"
- echo "| | | ------- Month (1 - 12)"
- echo "| | --------- Day of month (1 - 31)"
- echo "| ----------- Hour (0 - 23)"
- echo "------------- Minute (0 - 59)"
- echo "Examples:"
- echo "(predefined) @annually | @yearly | @monthly | @weekly | @daily | @hourly | @reboot"
- echo "(every) @every 5s | @every 20h30m"
- echo "(custom) 10 20 * * * | 0 3 * * 1-5"
- echo -e "--------------------------------------------\n"
-}
-
-get_cron () {
- cron=false
- while [ "$cron" != "true" ]
- do
- read -p 'Escriu el periode del cron: ' CRON
- case $CRON in
- ("") echo "El cron no pot ser buit";;
- (*) cron=true #echo "just numeric";;
- esac
- done
- echo "$CRON"
-}
-# End functions
-
-readonly SCRIPTS_FOLDER="e7scripts"
-readonly GOTIFY_SCRIPT_NAME="gotifypush.sh"
-readonly GOTIFY_SCRIPT_URL="https://git.studi7.com/roger/bashscripts/raw/branch/master/gotifypush.sh"
-readonly UPDATES_SCRIPT_NAME="updates_notifier.sh"
-readonly UPDATES_SCRIPT_URL="https://git.studi7.com/roger/bashscripts/raw/branch/master/updates_notifier.sh"
-
-#verify run as root or sudo
-if [[ $EUID -ne 0 ]]; then
- echo "This script must be run as root"
- exit 1
-fi
-
-#set -f
-#func_result="$(get_cron)"
-#echo $func_result
-#set +f
-
-echo "/////////////////////////////////////////"
-echo "Benvingut a l'instalador d'Scripts"
-echo -e "/////////////////////////////////////\n"
-
-finished=false
-while [ "$finished" != "true" ]
-do
-
-# Choose script to install
-echo "0) Sortir de l'instalador"
-echo "1) Notificador dels resultats dels scripts (Gotify Push Notifications)"
-echo "2) Notificador d'actualitzacions"
-echo "3) Escaneig de rootkits amb RK Hunter"
-echo "4) Escaneig de rootkits amb CHK Rootkit"
-echo -e "5) Escaneig de virus amb ClamAV\n"
-
-choosed=false
-while [ "$choosed" != "true" ]
-do
- read -p 'Indica quin script vols instal·lar (0 per sortir): ' SCRIPT_NUM
- case $SCRIPT_NUM in
- ("") echo "El número no pot ser buit";;
- (*[!0-9]*) echo "Has d'introduir un número";;
- (*) choosed=true #echo "just numeric";;
- esac
-done
-
-if [ "$SCRIPT_NUM" = "0" ]; then
- finished=true
- exit 0
-elif [ "$SCRIPT_NUM" = "1" ]; then
- mkdir -p $SCRIPTS_FOLDER
- wget -O "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME" $GOTIFY_SCRIPT_URL
- read -p 'Indica el domini de gotify: ' GOTIFY_DOMAIN
- sed -i "s/push.example.com/$GOTIFY_DOMAIN/" "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME"
- chmod +x "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME"
- echo -e "Script instal·lat correctament\n"
-elif [ "$SCRIPT_NUM" = "2" ];then
- mkdir -p $SCRIPTS_FOLDER
- wget -O "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME" $UPDATES_SCRIPT_URL
- read -p 'Indica el token del canal de gotify: ' TOKEN
- sed -i "s//$TOKEN/" "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
- sed -i "s/Hostname/$(hostname)/" "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
- chmod +x "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
- echo -e "\nAFEGEIX EL CRON\n"
- show_cron_help
- cron="$(get_cron)"
- #https://stackoverflow.com/questions/878600/how-to-create-a-cron-job-using-bash-automatically-without-the-interactive-editor
- #remove previous crontab
- (crontab -l | grep -v -F "$UPDATES_SCRIPT_NAME") | crontab -
- #add crontab
- (crontab -l ; echo "$cron cd $(pwd)/$SCRIPTS_FOLDER/ && ./$UPDATES_SCRIPT_NAME 2>&1") | crontab -
- echo -e "Script instal·lat correctament\n"
- #TODO Function cron get period
-
-else
- echo -e "Aquest número d'script no existeix. Tornar a intentar-ho\n"
-fi
-
-done
diff --git a/scan_chk.sh b/scan_chk.sh
index 31d310d..025820b 100644
--- a/scan_chk.sh
+++ b/scan_chk.sh
@@ -1,14 +1,12 @@
#!/bin/bash
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
-
+# variables
LOGFILE="$(hostname)_chkrootkit-$(date +'%Y-%m-%d').txt";
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
-
-# vars gotify
+LOGS_RELATIVE_PATH="security/"
readonly TOKEN=""
-#vars chkrootkit
+# vars chkrootkit
SNIFFERS_WHITELIST="dhclient"
FILES_WHITELIST="/usr/lib/ruby/vendor_ruby/rubygems/ssl_certs/.document "
FILES_WHITELIST="${FILES_WHITELIST} /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/*/.htaccess "
@@ -24,7 +22,7 @@ then
echo $OUT > "./$LOGFILE"
# send log to logs public archive
- LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE")
+ LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE" $LOGS_RELATIVE_PATH)
# delete local log
rm $LOGFILE
diff --git a/scan_clam.sh b/scan_clam.sh
index 2fb8acb..d9d5dac 100644
--- a/scan_clam.sh
+++ b/scan_clam.sh
@@ -1,26 +1,24 @@
#!/bin/bash
-LOGDIR="/var/log/clamav/scan/";
-LOGFILE="kerodes_clamav-$(date +'%Y-%m-%d').log";
-#DIRTOSCAN="/home/roger/Públic /home/roger/Baixades/targets"; #multiple folders separate by space
-DIRTOSCAN="/home/roger/Baixades/targets"; #multiple folders separate by space
-readonly TOKEN="";
-readonly GOTIFY_SERVER=""
-LOG_PRESERVE_DAYS=30;
+
+# variables
+LOGFILE="$(hostname)_clamav-$(date +'%Y-%m-%d').log";
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
+LOGS_RELATIVE_PATH="security/"
MALWARE_FOUND=false
+readonly TOKEN="";
-mkdir -p $LOGDIR
+mkdir -p $E7S_CLAM_LOGPATH
-for S in ${DIRTOSCAN}; do
+for S in ${E7S_CLAM_DIRSTOSCAN}; do
DIRSIZE=$(du -sh "$S" 2>/dev/null | cut -f1);
echo "Starting a daily scan of "$S" directory. Amount of data to be scanned is "$DIRSIZE".";
- clamscan -ri "$S" >> "$LOGDIR$LOGFILE";
- echo "Scanned folder: "$S >> "$LOGDIR$LOGFILE";
+ clamscan -ri "$S" >> "$E7S_CLAM_LOGPATH$LOGFILE";
+ echo "Scanned folder: "$S >> "$E7S_CLAM_LOGPATH$LOGFILE";
# get the value of "Infected lines"
- MALWARE=$(tail "$LOGDIR$LOGFILE"|grep Infected|cut -d" " -f3);
+ MALWARE=$(tail "$E7S_CLAM_LOGPATH$LOGFILE"|grep Infected|cut -d" " -f3);
# if the value is not equal to zero, send an email with the log file attached
if [ "$MALWARE" -ne "0" ];then
@@ -34,13 +32,13 @@ done
if $MALWARE_FOUND
then
# send log to logs public archive
- LOG_URL=$(sh ./utils/logger.sh "$LOGDIR$LOGFILE")
+ LOG_URL=$(sh ./utils/logger.sh "$E7S_CLAM_LOGPATH$LOGFILE" $LOGS_RELATIVE_PATH)
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Scan end: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} [LogFile]($LOG_URL)"
sh ./utils/gotifypush.sh "ClamAV Scan $(hostname)" "$GOTIFY_MESSAGE" 5 $TOKEN
fi
#clean old logs files
-find $LOGDIR -maxdepth 1 -mtime +$LOG_PRESERVE_DAYS -exec "rm" -R {} \;
+find $E7S_CLAM_LOGPATH -maxdepth 1 -mtime +$E7S_LOGS_PRESERVE_DAYS -exec "rm" -R {} \;
exit 0
diff --git a/scan_rkh.sh b/scan_rkh.sh
index 0dbd532..22055f0 100644
--- a/scan_rkh.sh
+++ b/scan_rkh.sh
@@ -1,22 +1,18 @@
-GNU nano 5.4 scan_rkh.sh
#!/bin/bash
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
-
-LOGFILE="$(hostname)_rkhunter-$(date +'%Y-%m-%d').txt";
+# variables
+LOGFILE="$(hostname)_rkhunter-$(date +'%Y-%m-%d').log";
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
-
-#vars rkhunter
+LOGS_RELATIVE_PATH="security/"
readonly TOKEN=""
-OUT=$(rkhunter -c -sk --rwo -l "./rkhunter.log")
+OUT=$(rkhunter -c -sk --rwo -l "./$LOGFILE")
if [ -n "$OUT" ]
then
issues=$(echo "$OUT" | wc -l)
- mv "./rkhunter.log" "./$LOGFILE"
# send log to logs public archive
- LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE")
+ LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE" $LOGS_RELATIVE_PATH)
# delete local log
rm $LOGFILE
diff --git a/updates_notifier.sh b/updates_notifier.sh
index e42457e..90d4f5a 100644
--- a/updates_notifier.sh
+++ b/updates_notifier.sh
@@ -1,7 +1,5 @@
#!/bin/bash
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
-
#verify run as root or sudo
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
diff --git a/utils/gotifypush.sh b/utils/gotifypush.sh
index ff8a4fc..f3ac293 100644
--- a/utils/gotifypush.sh
+++ b/utils/gotifypush.sh
@@ -2,14 +2,11 @@
#Use ./gotifypush
-#uncomment when use script from cron
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
-
# Gotify notification parameters
TITLE=$1
MESSAGE=$2
PRIORITY=$3
-URL="https://push.example.com/message?token=$4"
+URL="$ES7_GOTIFY_SERVER_URL/message?token=$4"
#if url passed by parameter, set to extras
if [ -n "$5" ]
then
diff --git a/utils/logger.sh b/utils/logger.sh
index 578fd66..d9a121a 100644
--- a/utils/logger.sh
+++ b/utils/logger.sh
@@ -1,23 +1,23 @@
#!/bin/bash
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
-#Use ./logger.sh
+#Use ./logger.sh
-# Log parameters
-REMOTE_SERVER="estudiset.backups"
-REMOTE_PATH="/var/www/html/logs/clamav/"
-PUBLIC_LOG_URL="https://logs.studi7.com/clamav/"
-LOG_PRESERVE_DAYS=30
+# variables
+REMOTE_PATH="$ES7_LOGS_PATH$2"
+PUBLIC_LOG_URL="$ES7_LOGS_URL/$2"
# create remote folder to store logs if not exist
-ssh $REMOTE_SERVER "mkdir -p $REMOTE_PATH"
+ssh $ES7_LOGS_SERVER_SSH "sudo mkdir -p $REMOTE_PATH"
# Copy local logfile to remote destination
-scp $1 "$REMOTE_SERVER:$REMOTE_PATH"
+scp $1 "$ES7_LOGS_SERVER_SSH:$REMOTE_PATH"
+
+# set correct permissions
+ssh $ES7_LOGS_SERVER_SSH "sudo chmod 644 $REMOTE_PATH$1"
# Clear x days old remote logs
-ssh $REMOTE_SERVER 'bash -s' << EOF
-find $REMOTE_PATH -maxdepth 1 -mtime +$LOG_PRESERVE_DAYS -exec "rm" -R {} \;
+ssh $ES7_LOGS_SERVER_SSH 'bash -s' << EOF
+find $REMOTE_PATH -maxdepth 1 -mtime +$E7S_LOGS_PRESERVE_DAYS -exec "rm" -R {} \;
EOF
# return final log url
@@ -27,6 +27,6 @@ extension=${file##*.}
base=$(basename "${file%.*}")
# change to txt if log is another text format
if [ $extension != "txt" ]; then
- ssh $REMOTE_SERVER "mv $REMOTE_PATH$file $REMOTE_PATH$base.txt"
+ ssh $ES7_LOGS_SERVER_SSH "mv $REMOTE_PATH$file $REMOTE_PATH$base.txt"
fi
echo "${PUBLIC_LOG_URL}${base}.txt"