#!/bin/bash

# uncomment when use script from cron
PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin

# variables
readonly LOGFILE="$(hostname)_rkhunter-$(date +'%Y-%m-%d').txt"
readonly NC_USER="log"
readonly NC_PASS="t1todelogs"
readonly NC_URL_WEBDAV="https://cloud.studi7.com/remote.php/dav/files"
readonly GOTIFY_TOKEN="A4w5ShWUHxcTLbx"
readonly GOTIFY_HOST="https://push.studi7.com"
readonly GOTIFY_PRIORITY=5
GOTIFY_MESSAGE="Scan init: **"`date +"%d/%m/%Y %H:%M:%S"`"**  \r"

OUT=$(rkhunter -c --sk --enable rootkits,malware,trojans --rwo -l "./$LOGFILE")
if [ -n "$OUT" ]
then
  issues=$(echo "$OUT" | wc -l)

  #send log to nextcloud folder
  curl -u $NC_USER:$NC_PASS -T "./$LOGFILE" "$NC_URL_WEBDAV/$NC_USER/"

  # delete local log
  rm $LOGFILE

  GOTIFY_MESSAGE="${GOTIFY_MESSAGE} Scan end: **"`date +"%d/%m/%Y %H:%M:%S"`"**  \r"
  GOTIFY_MESSAGE="${GOTIFY_MESSAGE} There are **$issues** security issues  \r"
  GOTIFY_MESSAGE="${GOTIFY_MESSAGE} [LogFile]($NC_URL_WEBDAV/$NC_USER/$LOGFILE)"

  # send gotify notification
  TITLE="RKH Scan $(hostname)"
  EXTRAS="{\"client::display\": {\"contentType\": \"text/markdown\"}, \"client::notification\": {\"click\": {  \"url\": \"$NC_URL_WEBDAV/$NC_USER/$LOGFILE\"}}}"
  curl -X POST "$GOTIFY_HOST/message?token=$GOTIFY_TOKEN" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"message\": \"${GOTIFY_MESSAGE}\", \"priority\": ${GOTIFY_PRIORITY}, \"title\": \"${TITLE}\", \"extras\": ${EXTRAS} }"
else
  echo "[rkhunter] system clean"
fi