version to use environment variables

README.md

@@ -1,29 +1,51 @@
 # Bash Scripts collection
 
-wget -O init_scripts.sh https://git.studi7.com/roger/bashscripts/raw/branch/master/init_scripts.sh && chmod +x init_scripts.sh && ./init_scripts.sh
+## Permanent enviroment variables in ~/.profile
 
-## gotifypush.sh
+Append file `~/.profile` with this variables:
+
+```
+# E7 Scripts
+# ClamAV scan script
+export E7S_CLAM_LOGPATH="/path/to/logs/"
+# Multiple folders separate by space
+export E7S_CLAM_DIRSTOSCAN="/path/to/target/"
+# Global script variables
+export E7S_GOTIFY_SERVER_URL="https://push.example.com"
+export E7S_LOGS_PRESERVE_DAYS=30
+export ES7_LOGS_SERVER_SSH="server.example.com"
+export ES7_LOGS_PATH="/path/to/web/root/"
+export ES7_LOGS_URL="https://logs.example.com"
+```
+
+## Scripts
+
+### utils/gotifypush.sh
 
 Send markdown notifications to gotify channel throught curl
 
 * Usage: `./gotifypush.sh <title> <message> <priority> <token> <clickurl>`
 
-## scan_chk.sh
+### utils/logger.sh
+
+Save logs into remote server and publish it into web server
+
+* Usage: `./logger.sh <logfile> <relativepath>`
+
+### scan_chk.sh
 
 Scan rootkits into system with chkrootkit
 
 * Usage: `./scan_chk.sh`
 
-## scan_rkh.sh
+### scan_rkh.sh
 
 Scan rootkits into system with rkhunter
 
 * Usage: `./scan_rkh.sh`
 
-## scan_clam.sh
+### scan_clam.sh
 
 Scan virus and malware into system with clamav
 
 * Usage: `./scan_clam.sh`
-
-**NOTE:** Need set paths (DIRTOSCAN variable) to scan

init_scripts.sh

@@ -1,111 +0,0 @@
-#!/bin/bash
-
-# Functions
-show_cron_help () {
-	echo "--------------------------------------------"
-        echo "* * * * * command to be executed"
-        echo "- - - - -"
-        echo "| | | | |"
-        echo "| | | | ----- Day of week (0 - 7) (Sunday=0 or 7)"
-        echo "| | | ------- Month (1 - 12)"
-        echo "| | --------- Day of month (1 - 31)"
-        echo "| ----------- Hour (0 - 23)"
-        echo "------------- Minute (0 - 59)"
-	echo "Examples:"
-	echo "(predefined) @annually | @yearly | @monthly | @weekly | @daily | @hourly | @reboot"
-	echo "(every) @every 5s | @every 20h30m"
-	echo "(custom) 10 20 * * * | 0 3 * * 1-5"
-	echo -e "--------------------------------------------\n"
-}
-
-get_cron () {
-	cron=false
-	while [ "$cron" != "true" ]
-	do
-	  read -p 'Escriu el periode del cron: ' CRON
-	  case $CRON in
-	     ("") echo "El cron no pot ser buit";;
-	     (*) cron=true #echo "just numeric";;
-	  esac
-	done
-	echo "$CRON"
-}
-# End functions
-
-readonly SCRIPTS_FOLDER="e7scripts"
-readonly GOTIFY_SCRIPT_NAME="gotifypush.sh"
-readonly GOTIFY_SCRIPT_URL="https://git.studi7.com/roger/bashscripts/raw/branch/master/gotifypush.sh"
-readonly UPDATES_SCRIPT_NAME="updates_notifier.sh"
-readonly UPDATES_SCRIPT_URL="https://git.studi7.com/roger/bashscripts/raw/branch/master/updates_notifier.sh"
-
-#verify run as root or sudo
-if [[ $EUID -ne 0 ]]; then
-   echo "This script must be run as root"
-   exit 1
-fi
-
-#set -f
-#func_result="$(get_cron)"
-#echo $func_result
-#set +f
-
-echo "/////////////////////////////////////////"
-echo "Benvingut a l'instalador d'Scripts"
-echo -e "/////////////////////////////////////\n"
-
-finished=false
-while [ "$finished" != "true" ]
-do
-
-# Choose script to install
-echo "0) Sortir de l'instalador"
-echo "1) Notificador dels resultats dels scripts (Gotify Push Notifications)"
-echo "2) Notificador d'actualitzacions"
-echo "3) Escaneig de rootkits amb RK Hunter"
-echo "4) Escaneig de rootkits amb CHK Rootkit"
-echo -e "5) Escaneig de virus amb ClamAV\n"
-
-choosed=false
-while [ "$choosed" != "true" ]
-do
-  read -p 'Indica quin script vols instal·lar (0 per sortir): ' SCRIPT_NUM
-  case $SCRIPT_NUM in
-     ("") echo "El número no pot ser buit";;
-     (*[!0-9]*) echo "Has d'introduir un número";;
-     (*) choosed=true #echo "just numeric";;
-  esac
-done
-
-if [ "$SCRIPT_NUM" = "0" ]; then
-	finished=true
-	exit 0
-elif [ "$SCRIPT_NUM" = "1" ]; then
-	mkdir -p $SCRIPTS_FOLDER
-	wget -O "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME" $GOTIFY_SCRIPT_URL
-	read -p 'Indica el domini de gotify: ' GOTIFY_DOMAIN
-	sed -i "s/push.example.com/$GOTIFY_DOMAIN/" "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME"
-	chmod +x "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME"
-	echo -e "Script instal·lat correctament\n"
-elif [ "$SCRIPT_NUM" = "2" ];then
-	mkdir -p $SCRIPTS_FOLDER
-	wget -O "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME" $UPDATES_SCRIPT_URL
-	read -p 'Indica el token del canal de gotify: ' TOKEN
-	sed -i "s/<TOKEN_GOTIFY_APP>/$TOKEN/" "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
-	sed -i "s/Hostname/$(hostname)/" "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
-	chmod +x "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
-	echo -e "\nAFEGEIX EL CRON\n"
-	show_cron_help
-	cron="$(get_cron)"
-	#https://stackoverflow.com/questions/878600/how-to-create-a-cron-job-using-bash-automatically-without-the-interactive-editor
-	#remove previous crontab
-	(crontab -l | grep -v -F "$UPDATES_SCRIPT_NAME") | crontab -
-	#add crontab
-	(crontab -l ; echo "$cron cd $(pwd)/$SCRIPTS_FOLDER/ && ./$UPDATES_SCRIPT_NAME 2>&1") | crontab -
-	echo -e "Script instal·lat correctament\n"
-	#TODO Function cron get period
-
-else
-	echo -e "Aquest número d'script no existeix. Tornar a intentar-ho\n"
-fi
-
-done

scan_chk.sh

@@ -1,14 +1,12 @@
 #!/bin/bash
 
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
-
+# variables
 LOGFILE="$(hostname)_chkrootkit-$(date +'%Y-%m-%d').txt";
 GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"**  \r"
-
-# vars gotify
+LOGS_RELATIVE_PATH="security/"
 readonly TOKEN="<TOKEN_GOTIFY_APP>"
 
-#vars chkrootkit
+# vars chkrootkit
 SNIFFERS_WHITELIST="dhclient"
 FILES_WHITELIST="/usr/lib/ruby/vendor_ruby/rubygems/ssl_certs/.document "
 FILES_WHITELIST="${FILES_WHITELIST} /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/*/.htaccess "
@@ -24,7 +22,7 @@ then
   echo $OUT > "./$LOGFILE"
 
   # send log to logs public archive
-  LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE")
+  LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE" $LOGS_RELATIVE_PATH)
   # delete local log
   rm $LOGFILE
 

scan_clam.sh

@@ -1,26 +1,24 @@
 #!/bin/bash
-LOGDIR="/var/log/clamav/scan/";
-LOGFILE="kerodes_clamav-$(date +'%Y-%m-%d').log";
-#DIRTOSCAN="/home/roger/Públic /home/roger/Baixades/targets"; #multiple folders separate by space
-DIRTOSCAN="/home/roger/Baixades/targets"; #multiple folders separate by space
-readonly TOKEN="<TOKEN_GOTIFY_APP>";
-readonly GOTIFY_SERVER="<GOTIFY_URL_SERVER>"
-LOG_PRESERVE_DAYS=30;
+
+# variables
+LOGFILE="$(hostname)_clamav-$(date +'%Y-%m-%d').log";
 GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"**  \r"
+LOGS_RELATIVE_PATH="security/"
 MALWARE_FOUND=false
+readonly TOKEN="<TOKEN_GOTIFY_APP>";
 
-mkdir -p $LOGDIR
+mkdir -p $E7S_CLAM_LOGPATH
 
-for S in ${DIRTOSCAN}; do
+for S in ${E7S_CLAM_DIRSTOSCAN}; do
  DIRSIZE=$(du -sh "$S" 2>/dev/null | cut -f1);
 
  echo "Starting a daily scan of "$S" directory. Amount of data to be scanned is "$DIRSIZE".";
 
- clamscan -ri "$S" >> "$LOGDIR$LOGFILE";
- echo "Scanned folder: "$S >> "$LOGDIR$LOGFILE";
+ clamscan -ri "$S" >> "$E7S_CLAM_LOGPATH$LOGFILE";
+ echo "Scanned folder: "$S >> "$E7S_CLAM_LOGPATH$LOGFILE";
 
  # get the value of "Infected lines"
- MALWARE=$(tail "$LOGDIR$LOGFILE"|grep Infected|cut -d" " -f3);
+ MALWARE=$(tail "$E7S_CLAM_LOGPATH$LOGFILE"|grep Infected|cut -d" " -f3);
 
  # if the value is not equal to zero, send an email with the log file attached
  if [ "$MALWARE" -ne "0" ];then
@@ -34,13 +32,13 @@ done
 if $MALWARE_FOUND
 then
    # send log to logs public archive
-   LOG_URL=$(sh ./utils/logger.sh "$LOGDIR$LOGFILE")
+   LOG_URL=$(sh ./utils/logger.sh "$E7S_CLAM_LOGPATH$LOGFILE" $LOGS_RELATIVE_PATH)
    GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Scan end: **"`date +"%d/%m/%Y %H:%M:%S"`"**  \r"
    GOTIFY_MESSAGE="${GOTIFY_MESSAGE} [LogFile]($LOG_URL)"
    sh ./utils/gotifypush.sh "ClamAV Scan $(hostname)" "$GOTIFY_MESSAGE" 5 $TOKEN
 fi
 
 #clean old logs files
-find $LOGDIR -maxdepth 1 -mtime +$LOG_PRESERVE_DAYS -exec "rm" -R {} \;
+find $E7S_CLAM_LOGPATH -maxdepth 1 -mtime +$E7S_LOGS_PRESERVE_DAYS -exec "rm" -R {} \;
 
 exit 0

scan_rkh.sh

@@ -1,22 +1,18 @@
-GNU nano 5.4                                                                                                      scan_rkh.sh
 #!/bin/bash
 
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
-
-LOGFILE="$(hostname)_rkhunter-$(date +'%Y-%m-%d').txt";
+# variables
+LOGFILE="$(hostname)_rkhunter-$(date +'%Y-%m-%d').log";
 GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"**  \r"
-
-#vars rkhunter
+LOGS_RELATIVE_PATH="security/"
 readonly TOKEN="<TOKEN_GOTIFY_APP>"
 
-OUT=$(rkhunter -c -sk --rwo -l "./rkhunter.log")
+OUT=$(rkhunter -c -sk --rwo -l "./$LOGFILE")
 if [ -n "$OUT" ]
 then
   issues=$(echo "$OUT" | wc -l)
-  mv "./rkhunter.log" "./$LOGFILE"
 
   # send log to logs public archive
-  LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE")
+  LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE" $LOGS_RELATIVE_PATH)
   # delete local log
   rm $LOGFILE
 

updates_notifier.sh

@@ -1,7 +1,5 @@
 #!/bin/bash
 
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
-
 #verify run as root or sudo
 if [[ $EUID -ne 0 ]]; then
    echo "This script must be run as root"

utils/gotifypush.sh

@@ -2,14 +2,11 @@
 
 #Use ./gotifypush <title> <message> <priority> <token> <clickurl>
 
-#uncomment when use script from cron
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
-
 # Gotify notification parameters
 TITLE=$1
 MESSAGE=$2
 PRIORITY=$3
-URL="https://push.example.com/message?token=$4"
+URL="$ES7_GOTIFY_SERVER_URL/message?token=$4"
 #if url passed by parameter, set to extras
 if [ -n "$5" ]
 then

utils/logger.sh

@@ -1,23 +1,23 @@
 #!/bin/bash
-PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
 
-#Use ./logger.sh <logfile>
+#Use ./logger.sh <logfile> <relativepath>
 
-# Log parameters
-REMOTE_SERVER="estudiset.backups"
-REMOTE_PATH="/var/www/html/logs/clamav/"
-PUBLIC_LOG_URL="https://logs.studi7.com/clamav/"
-LOG_PRESERVE_DAYS=30
+# variables
+REMOTE_PATH="$ES7_LOGS_PATH$2"
+PUBLIC_LOG_URL="$ES7_LOGS_URL/$2"
 
 # create remote folder to store logs if not exist
-ssh $REMOTE_SERVER "mkdir -p $REMOTE_PATH"
+ssh $ES7_LOGS_SERVER_SSH "sudo mkdir -p $REMOTE_PATH"
 
 # Copy local logfile to remote destination
-scp $1 "$REMOTE_SERVER:$REMOTE_PATH"
+scp $1 "$ES7_LOGS_SERVER_SSH:$REMOTE_PATH"
+
+# set correct permissions
+ssh $ES7_LOGS_SERVER_SSH "sudo chmod 644 $REMOTE_PATH$1"
 
 # Clear x days old remote logs
-ssh $REMOTE_SERVER 'bash -s' << EOF
-find $REMOTE_PATH -maxdepth 1 -mtime +$LOG_PRESERVE_DAYS -exec "rm" -R {} \;
+ssh $ES7_LOGS_SERVER_SSH 'bash -s' << EOF
+find $REMOTE_PATH -maxdepth 1 -mtime +$E7S_LOGS_PRESERVE_DAYS -exec "rm" -R {} \;
 EOF
 
 # return final log url
@@ -27,6 +27,6 @@ extension=${file##*.}
 base=$(basename "${file%.*}")
 # change to txt if log is another text format
 if [ $extension != "txt" ]; then
-        ssh $REMOTE_SERVER "mv $REMOTE_PATH$file $REMOTE_PATH$base.txt"
+        ssh $ES7_LOGS_SERVER_SSH "mv $REMOTE_PATH$file $REMOTE_PATH$base.txt"
 fi
 echo "${PUBLIC_LOG_URL}${base}.txt"