version to use environment variables

2023-07-25 17:20:02 +02:00 · 2023-07-25 17:20:02 +02:00 · 4323a3940d
parent f42eddacbb
commit 4323a3940d
8 changed files with 63 additions and 165 deletions
--- a/README.md
+++ b/README.md
@ -1,29 +1,51 @@
 # Bash Scripts collection
-wget -O init_scripts.sh https://git.studi7.com/roger/bashscripts/raw/branch/master/init_scripts.sh && chmod +x init_scripts.sh && ./init_scripts.sh
+## Permanent enviroment variables in ~/.profile
-## gotifypush.sh
+Append file `~/.profile` with this variables:
 ```
 # E7 Scripts
 # ClamAV scan script
 export E7S_CLAM_LOGPATH="/path/to/logs/"
 # Multiple folders separate by space
 export E7S_CLAM_DIRSTOSCAN="/path/to/target/"
 # Global script variables
 export E7S_GOTIFY_SERVER_URL="https://push.example.com"
 export E7S_LOGS_PRESERVE_DAYS=30
 export ES7_LOGS_SERVER_SSH="server.example.com"
 export ES7_LOGS_PATH="/path/to/web/root/"
 export ES7_LOGS_URL="https://logs.example.com"
 ```
 ## Scripts
 ### utils/gotifypush.sh
 Send markdown notifications to gotify channel throught curl
 * Usage: `./gotifypush.sh <title> <message> <priority> <token> <clickurl>`
-## scan_chk.sh
+### utils/logger.sh
 Save logs into remote server and publish it into web server
 * Usage: `./logger.sh <logfile> <relativepath>`
 ### scan_chk.sh
 Scan rootkits into system with chkrootkit
 * Usage: `./scan_chk.sh`
-## scan_rkh.sh
+### scan_rkh.sh
 Scan rootkits into system with rkhunter
 * Usage: `./scan_rkh.sh`
-## scan_clam.sh
+### scan_clam.sh
 Scan virus and malware into system with clamav
 * Usage: `./scan_clam.sh`
 **NOTE:** Need set paths (DIRTOSCAN variable) to scan
--- a/init_scripts.sh
+++ b/init_scripts.sh
@ -1,111 +0,0 @@
 #!/bin/bash
 # Functions
 show_cron_help () {
 	echo "--------------------------------------------"
        echo "* * * * * command to be executed"
        echo "- - - - -"
        echo "| | | | |"
        echo "| | | | ----- Day of week (0 - 7) (Sunday=0 or 7)"
        echo "| | | ------- Month (1 - 12)"
        echo "| | --------- Day of month (1 - 31)"
        echo "| ----------- Hour (0 - 23)"
        echo "------------- Minute (0 - 59)"
 	echo "Examples:"
 	echo "(predefined) @annually | @yearly | @monthly | @weekly | @daily | @hourly | @reboot"
 	echo "(every) @every 5s | @every 20h30m"
 	echo "(custom) 10 20 * * * | 0 3 * * 1-5"
 	echo -e "--------------------------------------------\n"
 }
 get_cron () {
 	cron=false
 	while [ "$cron" != "true" ]
 	do
 	  read -p 'Escriu el periode del cron: ' CRON
 	  case $CRON in
 	     ("") echo "El cron no pot ser buit";;
 	     (*) cron=true #echo "just numeric";;
 	  esac
 	done
 	echo "$CRON"
 }
 # End functions
 readonly SCRIPTS_FOLDER="e7scripts"
 readonly GOTIFY_SCRIPT_NAME="gotifypush.sh"
 readonly GOTIFY_SCRIPT_URL="https://git.studi7.com/roger/bashscripts/raw/branch/master/gotifypush.sh"
 readonly UPDATES_SCRIPT_NAME="updates_notifier.sh"
 readonly UPDATES_SCRIPT_URL="https://git.studi7.com/roger/bashscripts/raw/branch/master/updates_notifier.sh"
 #verify run as root or sudo
 if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root"
   exit 1
 fi
 #set -f
 #func_result="$(get_cron)"
 #echo $func_result
 #set +f
 echo "/////////////////////////////////////////"
 echo "Benvingut a l'instalador d'Scripts"
 echo -e "/////////////////////////////////////\n"
 finished=false
 while [ "$finished" != "true" ]
 do
 # Choose script to install
 echo "0) Sortir de l'instalador"
 echo "1) Notificador dels resultats dels scripts (Gotify Push Notifications)"
 echo "2) Notificador d'actualitzacions"
 echo "3) Escaneig de rootkits amb RK Hunter"
 echo "4) Escaneig de rootkits amb CHK Rootkit"
 echo -e "5) Escaneig de virus amb ClamAV\n"
 choosed=false
 while [ "$choosed" != "true" ]
 do
  read -p 'Indica quin script vols instal·lar (0 per sortir): ' SCRIPT_NUM
  case $SCRIPT_NUM in
     ("") echo "El número no pot ser buit";;
     (*[!0-9]*) echo "Has d'introduir un número";;
     (*) choosed=true #echo "just numeric";;
  esac
 done
 if [ "$SCRIPT_NUM" = "0" ]; then
 	finished=true
 	exit 0
 elif [ "$SCRIPT_NUM" = "1" ]; then
 	mkdir -p $SCRIPTS_FOLDER
 	wget -O "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME" $GOTIFY_SCRIPT_URL
 	read -p 'Indica el domini de gotify: ' GOTIFY_DOMAIN
 	sed -i "s/push.example.com/$GOTIFY_DOMAIN/" "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME"
 	chmod +x "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME"
 	echo -e "Script instal·lat correctament\n"
 elif [ "$SCRIPT_NUM" = "2" ];then
 	mkdir -p $SCRIPTS_FOLDER
 	wget -O "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME" $UPDATES_SCRIPT_URL
 	read -p 'Indica el token del canal de gotify: ' TOKEN
 	sed -i "s/<TOKEN_GOTIFY_APP>/$TOKEN/" "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
 	sed -i "s/Hostname/$(hostname)/" "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
 	chmod +x "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
 	echo -e "\nAFEGEIX EL CRON\n"
 	show_cron_help
 	cron="$(get_cron)"
 	#https://stackoverflow.com/questions/878600/how-to-create-a-cron-job-using-bash-automatically-without-the-interactive-editor
 	#remove previous crontab
 	(crontab -l | grep -v -F "$UPDATES_SCRIPT_NAME") | crontab -
 	#add crontab
 	(crontab -l ; echo "$cron cd $(pwd)/$SCRIPTS_FOLDER/ && ./$UPDATES_SCRIPT_NAME 2>&1") | crontab -
 	echo -e "Script instal·lat correctament\n"
 	#TODO Function cron get period
 else
 	echo -e "Aquest número d'script no existeix. Tornar a intentar-ho\n"
 fi
 done
--- a/scan_chk.sh
+++ b/scan_chk.sh
@ -1,14 +1,12 @@
 #!/bin/bash
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
+# variables
 LOGFILE="$(hostname)_chkrootkit-$(date +'%Y-%m-%d').txt";
 GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"**  \r"
-
+LOGS_RELATIVE_PATH="security/"
 # vars gotify
 readonly TOKEN="<TOKEN_GOTIFY_APP>"
-#vars chkrootkit
+# vars chkrootkit
 SNIFFERS_WHITELIST="dhclient"
 FILES_WHITELIST="/usr/lib/ruby/vendor_ruby/rubygems/ssl_certs/.document "
 FILES_WHITELIST="${FILES_WHITELIST} /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/*/.htaccess "
@ -24,7 +22,7 @@ then
  echo $OUT > "./$LOGFILE"
  # send log to logs public archive
-  LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE")
+  LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE" $LOGS_RELATIVE_PATH)
  # delete local log
  rm $LOGFILE
--- a/scan_clam.sh
+++ b/scan_clam.sh
@ -1,26 +1,24 @@
 #!/bin/bash
-LOGDIR="/var/log/clamav/scan/";
+
-LOGFILE="kerodes_clamav-$(date +'%Y-%m-%d').log";
+# variables
-#DIRTOSCAN="/home/roger/Públic /home/roger/Baixades/targets"; #multiple folders separate by space
+LOGFILE="$(hostname)_clamav-$(date +'%Y-%m-%d').log";
 DIRTOSCAN="/home/roger/Baixades/targets"; #multiple folders separate by space
 readonly TOKEN="<TOKEN_GOTIFY_APP>";
 readonly GOTIFY_SERVER="<GOTIFY_URL_SERVER>"
 LOG_PRESERVE_DAYS=30;
 GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"**  \r"
 LOGS_RELATIVE_PATH="security/"
 MALWARE_FOUND=false
 readonly TOKEN="<TOKEN_GOTIFY_APP>";
-mkdir -p $LOGDIR
+mkdir -p $E7S_CLAM_LOGPATH
-for S in ${DIRTOSCAN}; do
+for S in ${E7S_CLAM_DIRSTOSCAN}; do
 DIRSIZE=$(du -sh "$S" 2>/dev/null | cut -f1);
 echo "Starting a daily scan of "$S" directory. Amount of data to be scanned is "$DIRSIZE".";
- clamscan -ri "$S" >> "$LOGDIR$LOGFILE";
+ clamscan -ri "$S" >> "$E7S_CLAM_LOGPATH$LOGFILE";
- echo "Scanned folder: "$S >> "$LOGDIR$LOGFILE";
+ echo "Scanned folder: "$S >> "$E7S_CLAM_LOGPATH$LOGFILE";
 # get the value of "Infected lines"
- MALWARE=$(tail "$LOGDIR$LOGFILE"|grep Infected|cut -d" " -f3);
+ MALWARE=$(tail "$E7S_CLAM_LOGPATH$LOGFILE"|grep Infected|cut -d" " -f3);
 # if the value is not equal to zero, send an email with the log file attached
 if [ "$MALWARE" -ne "0" ];then
@ -34,13 +32,13 @@ done
 if $MALWARE_FOUND
 then
   # send log to logs public archive
-   LOG_URL=$(sh ./utils/logger.sh "$LOGDIR$LOGFILE")
+   LOG_URL=$(sh ./utils/logger.sh "$E7S_CLAM_LOGPATH$LOGFILE" $LOGS_RELATIVE_PATH)
   GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Scan end: **"`date +"%d/%m/%Y %H:%M:%S"`"**  \r"
   GOTIFY_MESSAGE="${GOTIFY_MESSAGE} [LogFile]($LOG_URL)"
   sh ./utils/gotifypush.sh "ClamAV Scan $(hostname)" "$GOTIFY_MESSAGE" 5 $TOKEN
 fi
 #clean old logs files
-find $LOGDIR -maxdepth 1 -mtime +$LOG_PRESERVE_DAYS -exec "rm" -R {} \;
+find $E7S_CLAM_LOGPATH -maxdepth 1 -mtime +$E7S_LOGS_PRESERVE_DAYS -exec "rm" -R {} \;
 exit 0
--- a/scan_rkh.sh
+++ b/scan_rkh.sh
@ -1,22 +1,18 @@
 GNU nano 5.4                                                                                                      scan_rkh.sh
 #!/bin/bash
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
+# variables
-
+LOGFILE="$(hostname)_rkhunter-$(date +'%Y-%m-%d').log";
 LOGFILE="$(hostname)_rkhunter-$(date +'%Y-%m-%d').txt";
 GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"**  \r"
-
+LOGS_RELATIVE_PATH="security/"
 #vars rkhunter
 readonly TOKEN="<TOKEN_GOTIFY_APP>"
-OUT=$(rkhunter -c -sk --rwo -l "./rkhunter.log")
+OUT=$(rkhunter -c -sk --rwo -l "./$LOGFILE")
 if [ -n "$OUT" ]
 then
  issues=$(echo "$OUT" | wc -l)
  mv "./rkhunter.log" "./$LOGFILE"
  # send log to logs public archive
-  LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE")
+  LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE" $LOGS_RELATIVE_PATH)
  # delete local log
  rm $LOGFILE
--- a/updates_notifier.sh
+++ b/updates_notifier.sh
@ -1,7 +1,5 @@
 #!/bin/bash
 PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
 #verify run as root or sudo
 if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root"
--- a/utils/gotifypush.sh
+++ b/utils/gotifypush.sh
@ -2,14 +2,11 @@
 #Use ./gotifypush <title> <message> <priority> <token> <clickurl>
 #uncomment when use script from cron
 PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
 # Gotify notification parameters
 TITLE=$1
 MESSAGE=$2
 PRIORITY=$3
-URL="https://push.example.com/message?token=$4"
+URL="$ES7_GOTIFY_SERVER_URL/message?token=$4"
 #if url passed by parameter, set to extras
 if [ -n "$5" ]
 then
--- a/utils/logger.sh
+++ b/utils/logger.sh
@ -1,23 +1,23 @@
 #!/bin/bash
 PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
-#Use ./logger.sh <logfile>
+#Use ./logger.sh <logfile> <relativepath>
-# Log parameters
+# variables
-REMOTE_SERVER="estudiset.backups"
+REMOTE_PATH="$ES7_LOGS_PATH$2"
-REMOTE_PATH="/var/www/html/logs/clamav/"
+PUBLIC_LOG_URL="$ES7_LOGS_URL/$2"
 PUBLIC_LOG_URL="https://logs.studi7.com/clamav/"
 LOG_PRESERVE_DAYS=30
 # create remote folder to store logs if not exist
-ssh $REMOTE_SERVER "mkdir -p $REMOTE_PATH"
+ssh $ES7_LOGS_SERVER_SSH "sudo mkdir -p $REMOTE_PATH"
 # Copy local logfile to remote destination
-scp $1 "$REMOTE_SERVER:$REMOTE_PATH"
+scp $1 "$ES7_LOGS_SERVER_SSH:$REMOTE_PATH"
 # set correct permissions
 ssh $ES7_LOGS_SERVER_SSH "sudo chmod 644 $REMOTE_PATH$1"
 # Clear x days old remote logs
-ssh $REMOTE_SERVER 'bash -s' << EOF
+ssh $ES7_LOGS_SERVER_SSH 'bash -s' << EOF
-find $REMOTE_PATH -maxdepth 1 -mtime +$LOG_PRESERVE_DAYS -exec "rm" -R {} \;
+find $REMOTE_PATH -maxdepth 1 -mtime +$E7S_LOGS_PRESERVE_DAYS -exec "rm" -R {} \;
 EOF
 # return final log url
@ -27,6 +27,6 @@ extension=${file##*.}
 base=$(basename "${file%.*}")
 # change to txt if log is another text format
 if [ $extension != "txt" ]; then
-        ssh $REMOTE_SERVER "mv $REMOTE_PATH$file $REMOTE_PATH$base.txt"
+        ssh $ES7_LOGS_SERVER_SSH "mv $REMOTE_PATH$file $REMOTE_PATH$base.txt"
 fi
 echo "${PUBLIC_LOG_URL}${base}.txt"