Compare commits
1 Commits
Author | SHA1 | Date |
---|---|---|
Roger Pàmies Fabra | 6a7de97c63 |
49
README.md
49
README.md
|
@ -1,66 +1,29 @@
|
|||
# Bash Scripts collection
|
||||
|
||||
TODO: Need install packages for each script
|
||||
wget -O init_scripts.sh https://git.studi7.com/roger/bashscripts/raw/branch/master/init_scripts.sh && chmod +x init_scripts.sh && ./init_scripts.sh
|
||||
|
||||
## Permanent enviroment variables in ~/.profile
|
||||
|
||||
Append file `~/.profile` with this variables:
|
||||
|
||||
```
|
||||
# E7 Scripts
|
||||
# ClamAV scan script
|
||||
export E7S_CLAM_LOGPATH="/path/to/logs/"
|
||||
# Multiple folders separate by space
|
||||
export E7S_CLAM_DIRSTOSCAN="/path/to/target/"
|
||||
# Global script variables
|
||||
export E7S_GOTIFY_SERVER_URL="https://push.example.com"
|
||||
export E7S_LOGS_PRESERVE_DAYS=30
|
||||
export ES7_LOGS_SERVER_SSH="server.example.com"
|
||||
export ES7_LOGS_PATH="/path/to/web/root/"
|
||||
export ES7_LOGS_URL="https://logs.example.com"
|
||||
```
|
||||
|
||||
## Scripts
|
||||
|
||||
### utils/gotifypush.sh
|
||||
## gotifypush.sh
|
||||
|
||||
Send markdown notifications to gotify channel throught curl
|
||||
|
||||
* Usage: `./gotifypush.sh <title> <message> <priority> <token> <clickurl>`
|
||||
|
||||
### utils/logger.sh
|
||||
|
||||
Save logs into remote server and publish it into web server
|
||||
|
||||
* Usage: `./logger.sh <logfile> <relativepath>`
|
||||
|
||||
### scan_chk.sh
|
||||
## scan_chk.sh
|
||||
|
||||
Scan rootkits into system with chkrootkit
|
||||
|
||||
* Usage: `./scan_chk.sh`
|
||||
|
||||
### scan_rkh.sh
|
||||
## scan_rkh.sh
|
||||
|
||||
Scan rootkits into system with rkhunter
|
||||
|
||||
* Usage: `./scan_rkh.sh`
|
||||
|
||||
### scan_clam.sh
|
||||
## scan_clam.sh
|
||||
|
||||
Scan virus and malware into system with clamav
|
||||
|
||||
* Usage: `./scan_clam.sh`
|
||||
|
||||
### updates_notifier.sh
|
||||
|
||||
TODO!
|
||||
|
||||
## Some tips
|
||||
|
||||
* https://www.appsloveworld.com/bash/100/6/how-have-both-local-and-remote-variable-inside-an-ssh-command
|
||||
* https://stackoverflow.com/questions/27932694/shell-script-ssh-server-eof (script detect expire users)
|
||||
* use xargs: https://www.baeldung.com/linux/xargs-multiple-arguments
|
||||
* load env vars in cron: https://www.baeldung.com/linux/load-env-variables-in-cron-job
|
||||
* crontab need path sometimes: https://askubuntu.com/questions/117978/script-doesnt-run-via-crontab-but-works-fine-standalone
|
||||
* errors and best practices: https://tecadmin.net/resolved-unary-operator-expected-error-in-bash/
|
||||
**NOTE:** Need set paths (DIRTOSCAN variable) to scan
|
||||
|
|
|
@ -1,19 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
||||
|
||||
GOTIFY_TOKEN="token"
|
||||
GOTIFY_MESSAGE="Backup task init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
GITEA_DIR="/path/to/gitea"
|
||||
BACKUP_FILE="gitea-backup_"`date +\%Y\%m\%d`".zip"
|
||||
REMOTE_SERVER="remote.example.com"
|
||||
REMOTE_PATH="/path/to/remote/store/backups/"
|
||||
|
||||
# gitea
|
||||
su - gitea -s /bin/bash -c "$GITEA_DIR/gitea dump -c $GITEA_DIR/custom/conf/app.ini --file $BACKUP_FILE --tempdir $GITEA_DIR/"
|
||||
rsync -AaxzPh --remove-source-files "$GITEA_DIR/$BACKUP_FILE" "$REMOTE_SERVER:$REMOTE_PATH"
|
||||
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Backup task end: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
|
||||
# send gotify notification
|
||||
sh ./gotifypush.sh "Gitea $(hostname) Backup" "$GOTIFY_MESSAGE" 5 "$GOTIFY_TOKEN"
|
94
backup_nc.sh
94
backup_nc.sh
|
@ -1,94 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
###################################################################################
|
||||
# Nextcloud Backups as incremental mode, using rdiff-backup
|
||||
#
|
||||
# 1. Backup database and send to remote backups server throught rsync using
|
||||
# ssh public/private key configuration.
|
||||
# 2. Set X days to preserve db backups
|
||||
# 3. Backup data folder of nextcloud using rdiff-backup (https://rdiff-backup.net/)
|
||||
# 4. Set X days to preserve rdiff-backups increments
|
||||
# 5. Get report statistics of rdiff-backup and send push message throught gotify
|
||||
# self-hosted server (https://gotify.net/).
|
||||
#
|
||||
# Tools needed: mysqldump, gzip. rsync, rdiff-backup, curl
|
||||
# TODO: save current version 'sudo -u www-data php /var/www/html/nextcloud/occ config:system:get version'
|
||||
###################################################################################
|
||||
|
||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
||||
|
||||
# variables push notifications
|
||||
readonly GOTIFY_TOKEN="<GOTIFY_TOKEN>"
|
||||
readonly GOTIFY_HOST="<GOTIFY_HOST>"
|
||||
readonly GOTIFY_PRIORITY=5
|
||||
# backup db variables
|
||||
readonly BACKUP_DB_FILE="nextcloud-sqlbkp-"`date +\%Y\%m\%d`".sql"
|
||||
readonly DB_HOST="<DB_HOST>"
|
||||
readonly DB_USER="<DB_USER>"
|
||||
readonly DB_PASS="<DB_PASS>"
|
||||
readonly DB_NAME="<DB_NAME>"
|
||||
# backup data variables
|
||||
readonly NEXTCLOUD_DATA="<NEXTCLOUD_DATA>"
|
||||
readonly NEXTCLOUD_DIR="<NEXTCLOUD_DIR>"
|
||||
readonly INCLUDE_LIST="include-list"
|
||||
# remote settings
|
||||
readonly REMOTE_SERVER="<REMOTE_SERVER>"
|
||||
# TODO: Use $(hostname) "/path/to/example/"`hostname`"/nextcloud"
|
||||
readonly REMOTE_PATH="<REMOTE_PATH>"
|
||||
readonly REMOTE_NC_DATA_FOLDER="files"
|
||||
readonly REMOTE_NC_DB_FOLDER="db"
|
||||
readonly REMOTE_NC_DIR_FOLDER="dir"
|
||||
readonly BACKUP_PRESERVE_DAYS=60
|
||||
|
||||
# create include list file and set exclude logs
|
||||
touch $INCLUDE_LIST
|
||||
cat > $INCLUDE_LIST <<EOF
|
||||
- **nextcloud.log
|
||||
- **nextcloud.log*
|
||||
- **updater.log
|
||||
EOF
|
||||
|
||||
# init notification message
|
||||
MESSAGE="Backup task init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
|
||||
# dump and backup db nextcloud handycat and rsync deleting origin
|
||||
mysqldump --single-transaction --verbose -h $DB_HOST -u $DB_USER -p$DB_PASS $DB_NAME > $BACKUP_DB_FILE
|
||||
gzip $BACKUP_DB_FILE
|
||||
|
||||
# TODO: force create multiple paths (mkdir -p) if not exist with rsync trick
|
||||
# https://www.schwertly.com/2013/07/forcing-rsync-to-create-a-remote-path-using-rsync-path/
|
||||
rsync -AaxzPh --remove-source-files "$BACKUP_DB_FILE.gz" "$REMOTE_SERVER:$REMOTE_PATH/$REMOTE_NC_DB_FOLDER"
|
||||
|
||||
# clear X days old remote db backups
|
||||
ssh $REMOTE_SERVER 'bash -s' << EOF
|
||||
find "$REMOTE_PATH/$REMOTE_NC_DB_FOLDER" -maxdepth 1 -mtime +$BACKUP_PRESERVE_DAYS -print -exec "rm" -R {} \;
|
||||
EOF
|
||||
|
||||
# rdiff-backup all dir of nextcloud
|
||||
rdiff-backup backup $NEXTCLOUD_DIR "$REMOTE_SERVER::$REMOTE_PATH/$REMOTE_NC_DIR_FOLDER"
|
||||
# clear X days old increments of backup dir
|
||||
rdiff-backup remove increments --older-than "${BACKUP_PRESERVE_DAYS}D" "$REMOTE_SERVER::$REMOTE_PATH/$REMOTE_NC_DIR_FOLDER"
|
||||
|
||||
# rdiff-backup all data of nextcloud
|
||||
OUT=$(rdiff-backup backup --print-statistics --include-globbing-filelist $INCLUDE_LIST $NEXTCLOUD_DATA \
|
||||
"$REMOTE_SERVER::$REMOTE_PATH/$REMOTE_NC_DATA_FOLDER")
|
||||
# set output lines into array and append notification message
|
||||
readarray -t stats <<<"$OUT"
|
||||
for val in "${stats[@]}"; do
|
||||
line=$(echo $val | tr -d '-')
|
||||
MESSAGE="${MESSAGE} $line \r"
|
||||
done
|
||||
|
||||
# clear X days old increments of backup data
|
||||
rdiff-backup remove increments --older-than "${BACKUP_PRESERVE_DAYS}D" \
|
||||
"$REMOTE_SERVER::$REMOTE_PATH/$REMOTE_NC_DATA_FOLDER"
|
||||
|
||||
MESSAGE="${MESSAGE} Backup task end: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
|
||||
rm $INCLUDE_LIST
|
||||
|
||||
# send gotify notification
|
||||
TITLE="NC $(hostname) Backup"
|
||||
EXTRAS="{\"client::display\": {\"contentType\": \"text/markdown\"}}"
|
||||
curl -X POST "$GOTIFY_HOST/message?token=$GOTIFY_TOKEN" -H "accept: application/json" -H "Content-Type: application/json" \
|
||||
-d "{ \"message\": \"${MESSAGE}\", \"priority\": ${GOTIFY_PRIORITY}, \"title\": \"${TITLE}\", \"extras\": ${EXTRAS} }"
|
|
@ -0,0 +1,46 @@
|
|||
#!/bin/bash
|
||||
|
||||
# A script to perform incremental backups using rsync
|
||||
|
||||
set -o errexit
|
||||
set -o nounset
|
||||
set -o pipefail
|
||||
|
||||
readonly SOURCE_DIR="/home/roger/prova"
|
||||
readonly BACKUP_DIR="/home/roger/backups"
|
||||
readonly DATETIME="$(date '+%Y-%m-%d_%H:%M:%S')"
|
||||
readonly BACKUP_PATH="${BACKUP_DIR}/${DATETIME}"
|
||||
readonly LATEST_LINK="${BACKUP_DIR}/latest"
|
||||
|
||||
mkdir -p "${BACKUP_DIR}"
|
||||
|
||||
rsync -av --delete \
|
||||
"${SOURCE_DIR}/" \
|
||||
--link-dest "${LATEST_LINK}" \
|
||||
--exclude=".cache" \
|
||||
"${BACKUP_PATH}"
|
||||
|
||||
rm -rf "${LATEST_LINK}"
|
||||
ln -s "${BACKUP_PATH}" "${LATEST_LINK}"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#rsync -AaxzvPh --delete /home/roger/prova/ --link-dest /home/roger/latest /home/roger/prova_inc1
|
||||
#ln -s /home/roger/prova_inc1 /home/roger/latest
|
||||
|
||||
# add file into prova
|
||||
|
||||
rsync -rti --delete --dry-run /home/roger/prova/ /home/roger/latest/ 2>&1 | grep -v '^[^*]d' | head -
|
||||
n1
|
||||
|
||||
#rsync -rtiv --link-dest "../latest/" "/home/roger/prova/" "/home/roger/provabkp_inc1"
|
||||
sending incremental file list
|
||||
created directory /home/roger/backups/provabkp_inc1
|
||||
cd+++++++++ prova/
|
||||
>f+++++++++ prova/file1.txt
|
||||
>f+++++++++ prova/file2.txt
|
||||
>f+++++++++ prova/file3.txt
|
||||
>f+++++++++ prova/file4.txt
|
|
@ -0,0 +1,10 @@
|
|||
#! /usr/bin/env bash
|
||||
|
||||
RED="\e[31m"
|
||||
GREEN="\e[32m"
|
||||
ENDCOLOR="\e[0m"
|
||||
|
||||
echo -e "${RED}This is some red text, ${ENDCOLOR}"
|
||||
echo -e "${GREEN}And this is some green text${ENDCOLOR}"
|
||||
|
||||
#https://misc.flogisoft.com/bash/tip_colors_and_formatting
|
|
@ -1,24 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
#Use ./unbanipcloud.sh <ip>
|
||||
echo $#
|
||||
|
||||
JAIL_NAME=$ES7_F2B_JAIL_NAME
|
||||
REMOTE_SERVER="estudiset.nextcloud.handycat"
|
||||
UNBAN_IP=$1
|
||||
|
||||
if [ $# -eq 0 ]; then
|
||||
echo "Falta la IP a desbloquejar com a argument. Per exemple: $0 X.X.X.X"
|
||||
exit 1
|
||||
elif [ $# -eq 2 ]; then
|
||||
JAIL_NAME=$2
|
||||
fi
|
||||
|
||||
# unban with fail2ban
|
||||
out=$(ssh $REMOTE_SERVER "sudo fail2ban-client set $JAIL_NAME unbanip $UNBAN_IP")
|
||||
|
||||
if [ "$out" -eq "1" ]; then
|
||||
echo "La IP [$UNBAN_IP] s'ha desbloquejat correctament"
|
||||
else
|
||||
echo "No s'ha trobat la IP [$UNBAN_IP] a la llista de bloquejos"
|
||||
fi
|
|
@ -2,14 +2,14 @@
|
|||
|
||||
#Use ./gotifypush <title> <message> <priority> <token> <clickurl>
|
||||
|
||||
# uncomment when use script from cron
|
||||
#uncomment when use script from cron
|
||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
||||
|
||||
# Gotify notification parameters
|
||||
TITLE=$1
|
||||
MESSAGE=$2
|
||||
PRIORITY=$3
|
||||
URL="$E7S_GOTIFY_SERVER_URL/message?token=$4"
|
||||
URL="https://push.example.com/message?token=$4"
|
||||
#if url passed by parameter, set to extras
|
||||
if [ -n "$5" ]
|
||||
then
|
||||
|
@ -18,11 +18,6 @@ else
|
|||
EXTRAS="{\"client::display\": {\"contentType\": \"text/markdown\"}}"
|
||||
fi
|
||||
|
||||
# prevent gotify post error: invalid character '\\n' in string literal
|
||||
# scape \\n newlines for json
|
||||
# https://unix.stackexchange.com/questions/453883/how-to-escape-new-line-characters-for-json
|
||||
# MESSAGE=$(echo "$MESSAGE" | sed -z 's/\n/\\n/g')
|
||||
|
||||
# better curl usage https://github.com/gotify/server/issues/68
|
||||
#curl --silent --output /dev/null --show-error --fail -X .... #silent curl execution, no output, only html code if error
|
||||
curl -X POST "${URL}" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"message\": \"${MESSAGE}\", \"priority\": ${PRIORITY}, \"title\": \"${TITLE}\", \"extras\": ${EXTRAS} }"
|
|
@ -0,0 +1,111 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Functions
|
||||
show_cron_help () {
|
||||
echo "--------------------------------------------"
|
||||
echo "* * * * * command to be executed"
|
||||
echo "- - - - -"
|
||||
echo "| | | | |"
|
||||
echo "| | | | ----- Day of week (0 - 7) (Sunday=0 or 7)"
|
||||
echo "| | | ------- Month (1 - 12)"
|
||||
echo "| | --------- Day of month (1 - 31)"
|
||||
echo "| ----------- Hour (0 - 23)"
|
||||
echo "------------- Minute (0 - 59)"
|
||||
echo "Examples:"
|
||||
echo "(predefined) @annually | @yearly | @monthly | @weekly | @daily | @hourly | @reboot"
|
||||
echo "(every) @every 5s | @every 20h30m"
|
||||
echo "(custom) 10 20 * * * | 0 3 * * 1-5"
|
||||
echo -e "--------------------------------------------\n"
|
||||
}
|
||||
|
||||
get_cron () {
|
||||
cron=false
|
||||
while [ "$cron" != "true" ]
|
||||
do
|
||||
read -p 'Escriu el periode del cron: ' CRON
|
||||
case $CRON in
|
||||
("") echo "El cron no pot ser buit";;
|
||||
(*) cron=true #echo "just numeric";;
|
||||
esac
|
||||
done
|
||||
echo "$CRON"
|
||||
}
|
||||
# End functions
|
||||
|
||||
readonly SCRIPTS_FOLDER="e7scripts"
|
||||
readonly GOTIFY_SCRIPT_NAME="gotifypush.sh"
|
||||
readonly GOTIFY_SCRIPT_URL="https://git.studi7.com/roger/bashscripts/raw/branch/master/gotifypush.sh"
|
||||
readonly UPDATES_SCRIPT_NAME="updates_notifier.sh"
|
||||
readonly UPDATES_SCRIPT_URL="https://git.studi7.com/roger/bashscripts/raw/branch/master/updates_notifier.sh"
|
||||
|
||||
#verify run as root or sudo
|
||||
if [[ $EUID -ne 0 ]]; then
|
||||
echo "This script must be run as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
#set -f
|
||||
#func_result="$(get_cron)"
|
||||
#echo $func_result
|
||||
#set +f
|
||||
|
||||
echo "/////////////////////////////////////////"
|
||||
echo "Benvingut a l'instalador d'Scripts"
|
||||
echo -e "/////////////////////////////////////\n"
|
||||
|
||||
finished=false
|
||||
while [ "$finished" != "true" ]
|
||||
do
|
||||
|
||||
# Choose script to install
|
||||
echo "0) Sortir de l'instalador"
|
||||
echo "1) Notificador dels resultats dels scripts (Gotify Push Notifications)"
|
||||
echo "2) Notificador d'actualitzacions"
|
||||
echo "3) Escaneig de rootkits amb RK Hunter"
|
||||
echo "4) Escaneig de rootkits amb CHK Rootkit"
|
||||
echo -e "5) Escaneig de virus amb ClamAV\n"
|
||||
|
||||
choosed=false
|
||||
while [ "$choosed" != "true" ]
|
||||
do
|
||||
read -p 'Indica quin script vols instal·lar (0 per sortir): ' SCRIPT_NUM
|
||||
case $SCRIPT_NUM in
|
||||
("") echo "El número no pot ser buit";;
|
||||
(*[!0-9]*) echo "Has d'introduir un número";;
|
||||
(*) choosed=true #echo "just numeric";;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ "$SCRIPT_NUM" = "0" ]; then
|
||||
finished=true
|
||||
exit 0
|
||||
elif [ "$SCRIPT_NUM" = "1" ]; then
|
||||
mkdir -p $SCRIPTS_FOLDER
|
||||
wget -O "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME" $GOTIFY_SCRIPT_URL
|
||||
read -p 'Indica el domini de gotify: ' GOTIFY_DOMAIN
|
||||
sed -i "s/push.example.com/$GOTIFY_DOMAIN/" "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME"
|
||||
chmod +x "$SCRIPTS_FOLDER/$GOTIFY_SCRIPT_NAME"
|
||||
echo -e "Script instal·lat correctament\n"
|
||||
elif [ "$SCRIPT_NUM" = "2" ];then
|
||||
mkdir -p $SCRIPTS_FOLDER
|
||||
wget -O "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME" $UPDATES_SCRIPT_URL
|
||||
read -p 'Indica el token del canal de gotify: ' TOKEN
|
||||
sed -i "s/<TOKEN_GOTIFY_APP>/$TOKEN/" "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
|
||||
sed -i "s/Hostname/$(hostname)/" "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
|
||||
chmod +x "$SCRIPTS_FOLDER/$UPDATES_SCRIPT_NAME"
|
||||
echo -e "\nAFEGEIX EL CRON\n"
|
||||
show_cron_help
|
||||
cron="$(get_cron)"
|
||||
#https://stackoverflow.com/questions/878600/how-to-create-a-cron-job-using-bash-automatically-without-the-interactive-editor
|
||||
#remove previous crontab
|
||||
(crontab -l | grep -v -F "$UPDATES_SCRIPT_NAME") | crontab -
|
||||
#add crontab
|
||||
(crontab -l ; echo "$cron cd $(pwd)/$SCRIPTS_FOLDER/ && ./$UPDATES_SCRIPT_NAME 2>&1") | crontab -
|
||||
echo -e "Script instal·lat correctament\n"
|
||||
#TODO Function cron get period
|
||||
|
||||
else
|
||||
echo -e "Aquest número d'script no existeix. Tornar a intentar-ho\n"
|
||||
fi
|
||||
|
||||
done
|
|
@ -0,0 +1,17 @@
|
|||
sudo -u www-data php /mnt/md0/nextcloud/updater/updater.phar --no-interaction
|
||||
|
||||
if no sudo:
|
||||
|
||||
su -l www-data -s /bin/bash -c 'php /opt/nextcloud/updater/updater.phar --no-interaction'
|
||||
|
||||
----- no updates ----
|
||||
|
||||
Nextcloud Updater - version: v20.0.0beta4-11-g68fa0d4
|
||||
|
||||
Current version is 23.0.12.
|
||||
|
||||
No update available.
|
||||
|
||||
Nothing to do.
|
||||
|
||||
--------
|
|
@ -73,12 +73,14 @@ elevate_cmd () {
|
|||
}
|
||||
|
||||
remote_update () {
|
||||
ssh $1 << EOF
|
||||
ssh -t $1 << EOF
|
||||
$(typeset -f has_sudo)
|
||||
$(typeset -f elevate_cmd)
|
||||
elevate_cmd apt update -qq
|
||||
elevate_cmd apt upgrade -y
|
||||
elevate_cmd apt autoremove
|
||||
elevate_cmd apt-get update -qq
|
||||
elevate_cmd echo 'debconf debconf/frontend select Noninteractive' | elevate_cmd debconf-set-selections
|
||||
elevate_cmd apt-get upgrade -y
|
||||
elevate_cmd apt-get autoremove
|
||||
elevate_cmd echo 'debconf debconf/frontend select Dialog' | elevate_cmd debconf-set-selections
|
||||
EOF
|
||||
}
|
||||
|
||||
|
|
23
scan_chk.sh
23
scan_chk.sh
|
@ -1,15 +1,11 @@
|
|||
#!/bin/bash
|
||||
|
||||
# uncomment when use script from cron
|
||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
||||
|
||||
# variables
|
||||
LOGFILE="$(hostname)_chkrootkit-$(date +'%Y-%m-%d').txt";
|
||||
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
LOGS_RELATIVE_PATH="security/"
|
||||
# vars gotify
|
||||
readonly TOKEN="<TOKEN_GOTIFY_APP>"
|
||||
|
||||
# vars chkrootkit
|
||||
#vars chkrootkit
|
||||
SNIFFERS_WHITELIST="dhclient"
|
||||
FILES_WHITELIST="/usr/lib/ruby/vendor_ruby/rubygems/ssl_certs/.document "
|
||||
FILES_WHITELIST="${FILES_WHITELIST} /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/*/.htaccess "
|
||||
|
@ -20,20 +16,7 @@ FILES_WHITELIST="${FILES_WHITELIST} /usr/lib/python3/dist-packages/fail2ban/test
|
|||
OUT=$(chkrootkit -q -s "$SNIFFERS_WHITELIST" -e "$FILES_WHITELIST")
|
||||
if [ -n "$OUT" ]
|
||||
then
|
||||
issues=$(echo "$OUT" | wc -l)
|
||||
OUT=$(echo "$OUT" | sed -z 's/\n/\\n/g')
|
||||
echo $OUT > "./$LOGFILE"
|
||||
|
||||
# send log to logs public archive
|
||||
LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE" $LOGS_RELATIVE_PATH)
|
||||
# delete local log
|
||||
rm $LOGFILE
|
||||
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Scan end: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} There are **$issues** security issues \r"
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} [LogFile]($LOG_URL)"
|
||||
|
||||
sh ./utils/gotifypush.sh "CHK Scan $(hostname)" "$GOTIFY_MESSAGE" 5 $TOKEN
|
||||
sh ./gotifypush.sh "CHK Scan handycat cloud" "$OUT" 5 $TOKEN
|
||||
else
|
||||
echo "[chkrootkit] system clean"
|
||||
fi
|
||||
|
|
37
scan_clam.sh
37
scan_clam.sh
|
@ -1,47 +1,32 @@
|
|||
#!/bin/bash
|
||||
|
||||
# uncomment when use script from cron
|
||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
||||
|
||||
# variables
|
||||
LOGFILE="$(hostname)_clamav-$(date +'%Y-%m-%d').log";
|
||||
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
LOGS_RELATIVE_PATH="security/"
|
||||
MALWARE_FOUND=false
|
||||
LOGDIR="/var/log/clamav/scan/";
|
||||
LOGFILE="clamav-$(date +'%Y-%m-%d').log";
|
||||
DIRTOSCAN="/path/to/folder/to/scan"; #multiple folders separate by space
|
||||
readonly TOKEN="<TOKEN_GOTIFY_APP>";
|
||||
LOG_PRESERVE_DAYS=30;
|
||||
|
||||
mkdir -p $E7S_CLAM_LOGPATH
|
||||
mkdir -p $LOGDIR
|
||||
|
||||
for S in ${E7S_CLAM_DIRSTOSCAN}; do
|
||||
for S in ${DIRTOSCAN}; do
|
||||
DIRSIZE=$(du -sh "$S" 2>/dev/null | cut -f1);
|
||||
|
||||
echo "Starting a daily scan of "$S" directory. Amount of data to be scanned is "$DIRSIZE".";
|
||||
|
||||
clamscan -ri "$S" >> "$E7S_CLAM_LOGPATH$LOGFILE";
|
||||
echo "Scanned folder: "$S >> "$E7S_CLAM_LOGPATH$LOGFILE";
|
||||
clamscan -ri "$S" >> "$LOGDIR$LOGFILE";
|
||||
echo "Scanned folder: "$S >> "$LOGDIR$LOGFILE";
|
||||
|
||||
# get the value of "Infected lines"
|
||||
MALWARE=$(tail "$E7S_CLAM_LOGPATH$LOGFILE"|grep Infected|cut -d" " -f3);
|
||||
MALWARE=$(tail "$LOGDIR$LOGFILE"|grep Infected|cut -d" " -f3);
|
||||
|
||||
# if the value is not equal to zero, send an email with the log file attached
|
||||
if [ "$MALWARE" -ne "0" ];then
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Found **$MALWARE** infected files into **$S** \r"
|
||||
MALWARE_FOUND=true
|
||||
sh ./gotifypush.sh "CLAMAV Scan Kerodes Studi7" "Scanned folder: **$S** \r $MALWARE" 5 $TOKEN
|
||||
else
|
||||
echo "[clamav] No infected files found."
|
||||
fi
|
||||
done
|
||||
|
||||
if $MALWARE_FOUND
|
||||
then
|
||||
# send log to logs public archive
|
||||
LOG_URL=$(sh ./utils/logger.sh "$E7S_CLAM_LOGPATH$LOGFILE" $LOGS_RELATIVE_PATH)
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Scan end: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} [LogFile]($LOG_URL)"
|
||||
sh ./utils/gotifypush.sh "ClamAV Scan $(hostname)" "$GOTIFY_MESSAGE" 5 $TOKEN
|
||||
fi
|
||||
|
||||
#clean old logs files
|
||||
find $E7S_CLAM_LOGPATH -maxdepth 1 -mtime +$E7S_LOGS_PRESERVE_DAYS -exec "rm" -R {} \;
|
||||
find $LOGDIR -maxdepth 1 -mtime +$LOG_PRESERVE_DAYS -exec "rm" -R {} \;
|
||||
|
||||
exit 0
|
||||
|
|
23
scan_rkh.sh
23
scan_rkh.sh
|
@ -1,29 +1,14 @@
|
|||
#!/bin/bash
|
||||
|
||||
# uncomment when use script from cron
|
||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
||||
|
||||
# variables
|
||||
LOGFILE="$(hostname)_rkhunter-$(date +'%Y-%m-%d').log";
|
||||
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
LOGS_RELATIVE_PATH="security/"
|
||||
#vars rkhunter
|
||||
readonly TOKEN="<TOKEN_GOTIFY_APP>"
|
||||
|
||||
OUT=$(rkhunter -c -sk --rwo -l "./$LOGFILE")
|
||||
OUT=$(rkhunter -c -sk --rwo)
|
||||
if [ -n "$OUT" ]
|
||||
then
|
||||
issues=$(echo "$OUT" | wc -l)
|
||||
|
||||
# send log to logs public archive
|
||||
LOG_URL=$(sh ./utils/logger.sh "./$LOGFILE" $LOGS_RELATIVE_PATH)
|
||||
# delete local log
|
||||
rm $LOGFILE
|
||||
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Scan end: **"`date +"%d/%m/%Y %H:%M:%S"`"** \r"
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} There are **$issues** security issues \r"
|
||||
GOTIFY_MESSAGE="${GOTIFY_MESSAGE} [LogFile]($LOG_URL)"
|
||||
|
||||
sh ./utils/gotifypush.sh "RKH Scan $(hostname)" "$GOTIFY_MESSAGE" 5 $TOKEN
|
||||
sh ./gotifypush.sh "RKH Scan handycat cloud" "$OUT" 5 $TOKEN
|
||||
else
|
||||
echo "[rkhunter] system clean"
|
||||
echo "[rkhunter] system clean"
|
||||
fi
|
||||
|
|
|
@ -0,0 +1,70 @@
|
|||
#!/usr/bin/env bash
|
||||
FRAME=("⠋" "⠙" "⠹" "⠸" "⠼" "⠴" "⠦" "⠧" "⠇" "⠏")
|
||||
FRAME_INTERVAL=0.1
|
||||
RED="\e[31m"
|
||||
GREEN="\e[32m"
|
||||
ENDCOLOR="\e[0m"
|
||||
|
||||
start_spinner() {
|
||||
#local step=0
|
||||
local CMD=$1
|
||||
local STEP=$2
|
||||
|
||||
tput civis -- invisible
|
||||
|
||||
#while [ "$step" -lt "${#CMDS[@]}" ]; do
|
||||
#${CMDS[$step]} & pid=$!
|
||||
$CMD & pid=$!
|
||||
#status=$($CMD & pid=$!)
|
||||
#status=$?
|
||||
#pid=$!
|
||||
|
||||
while ps -p $pid &>/dev/null; do
|
||||
#while kill -0 $pid 2>/dev/null; do
|
||||
#echo -ne "\\r[ ] ${STEPS[$step]} ..."
|
||||
echo -ne "\\r[ ] $STEP ..."
|
||||
|
||||
for k in "${!FRAME[@]}"; do
|
||||
echo -ne "\\r[ ${FRAME[k]} ] "
|
||||
sleep $FRAME_INTERVAL
|
||||
done
|
||||
done
|
||||
|
||||
wait "$pid"; status=$!
|
||||
#echo "${PIPESTATUS[0]} ${PIPESTATUS[1]}"
|
||||
#echo -ne "\\r[ ✔ ] ${STEPS[$step]}\\n"
|
||||
#re='^[0-9]+$'
|
||||
#if ! [[ $status =~ $re ]]; then
|
||||
# echo $status
|
||||
#else
|
||||
if [ $status -eq 0 ]; then
|
||||
echo -ne "\\r[ ${GREEN}✔${ENDCOLOR} ] $STEP\\n"
|
||||
else
|
||||
echo -ne "\\r[ ${RED}✗${ENDCOLOR} ] $STEP\\n"
|
||||
fi
|
||||
#fi
|
||||
#step=$((step + 1))
|
||||
#done
|
||||
|
||||
tput cnorm -- normal
|
||||
}
|
||||
|
||||
start_spinner "apt update -qq" "Search for updates"
|
||||
start_spinner "apt upgrade -qq -y" "Apply updates"
|
||||
start_spinner "./testsleep.sh" "Testing fail" #ha de donar FAIL!!
|
||||
start_spinner "rm *.mp3" "Testing fail"
|
||||
./testsleep.sh
|
||||
echo $?
|
||||
|
||||
|
||||
#/usr/bin/scp me@website.com:file somewhere 2>/dev/null &
|
||||
#apt update -qq > /dev/null 2>/dev/null & pid=$! # Process Id of the previous running command
|
||||
#spin='-\|/'
|
||||
|
||||
#i=0
|
||||
#while kill -0 $pid 2>/dev/null
|
||||
#do
|
||||
# i=$(( (i+1) %4 ))
|
||||
# printf "\r${spin:$i:1}"
|
||||
# sleep .1
|
||||
#done
|
|
@ -0,0 +1,4 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
sleep 3
|
||||
exit 1
|
|
@ -1,6 +1,5 @@
|
|||
#!/bin/bash
|
||||
|
||||
# uncomment when use script from cron
|
||||
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
|
||||
|
||||
#verify run as root or sudo
|
||||
|
@ -10,9 +9,7 @@ if [[ $EUID -ne 0 ]]; then
|
|||
fi
|
||||
|
||||
# vars gotify
|
||||
readonly GOTIFY_TOKEN="<TOKEN_GOTIFY_APP>"
|
||||
readonly GOTIFY_HOST="<GOTIFY_HOST>"
|
||||
readonly GOTIFY_PRIORITY=5
|
||||
readonly TOKEN="<TOKEN_GOTIFY_APP>"
|
||||
|
||||
apt update -qq
|
||||
|
||||
|
@ -28,9 +25,5 @@ else
|
|||
updates=$(echo $updates|tr -d '\n')
|
||||
OUT="There are **$num** updates: \r"
|
||||
OUT="${OUT} Packages: *$updates*"
|
||||
|
||||
# send gotify notification
|
||||
TITLE="$(hostname) pending updates"
|
||||
EXTRAS="{\"client::display\": {\"contentType\": \"text/markdown\"}}"
|
||||
curl -X POST "$GOTIFY_HOST/message?token=$GOTIFY_TOKEN" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"message\": \"${OUT}\", \"priority\": ${GOTIFY_PRIORITY}, \"title\": \"${TITLE}\", \"extras\": ${EXTRAS} }"
|
||||
sh ./gotifypush.sh "Hostname pending updates" "$OUT" 5 $TOKEN
|
||||
fi
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
#require:
|
||||
#wp-cli https://wp-cli.org/#installing
|
||||
#wp-updater https://github.com/keesiemeijer/wp-update
|
||||
|
||||
#get accounts and domains
|
||||
/usr/local/cpanel/scripts/updateuserdomains
|
||||
cat /etc/trueuserdomains
|
||||
|
||||
#https://docs.cpanel.net/whm/scripts/whm-scripts/
|
||||
#https://docs.cpanel.net/whm/account-functions/manage-shell-access/
|
||||
#https://support.cpanel.net/hc/en-us/articles/360051992634-Differences-Between-Normal-and-Jailed-Shell
|
||||
#https://www.cyberciti.biz/tips/how-do-i-find-out-what-shell-im-using.html
|
||||
|
||||
#get bash from user
|
||||
grep "^$USER" /etc/passwd
|
||||
awk -F: '/$USER/ { print $7}' /etc/passwd
|
||||
|
||||
#change shell
|
||||
usermod -s /bin/false $USER
|
||||
|
||||
#https://github.com/layfellow/cpanel-cli (?)
|
Loading…
Reference in New Issue