From 53bef2b6e64080554c6c470248692fb96664ac95 Mon Sep 17 00:00:00 2001
From: samuel-p <codes@samuel-philipp.de>
Date: Thu, 21 May 2020 01:57:45 +0200
Subject: [PATCH] added scripts and setup.sh

---
 .gitignore                |  2 ++
 README.md                 | 18 +++++++++++++++++-
 healthcheck.sh            | 24 ++++++++++++++++++++++++
 login-notify.sh           | 11 +++++++++++
 setup.sh                  |  9 +++++++++
 validate-remote-backup.sh | 31 +++++++++++++++++++++++++++++++
 6 files changed, 94 insertions(+), 1 deletion(-)
 create mode 100644 .gitignore
 create mode 100644 healthcheck.sh
 create mode 100644 login-notify.sh
 create mode 100644 setup.sh
 create mode 100644 validate-remote-backup.sh

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..1062418
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+.idea/
+*.iml
diff --git a/README.md b/README.md
index 8698a48..e2133f4 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,19 @@
 # awesome-scripts
 
-Some useful bash scripts.
\ No newline at end of file
+Some useful bash scripts.
+
+## Content
+
+|Script|Description|
+|---|---|
+|[healthcheck.sh](healthcheck.sh)|Script to use as cron wrap to monitor the job with health.sp-codes.de|
+|[login-notify.sh](login-notify.sh)|Script to send an alert mail on ssh login|
+|[validate-remote-backup.sh](validate-remote-backup.sh)|Script to validate server side rsync command to use ssh force command|
+
+## Setup
+
+To setup all scripts in the current directory run this:
+
+```
+curl https://git.sp-codes.de/samuel-p/awesome-scripts/raw/branch/master/setup.sh | bash
+```
diff --git a/healthcheck.sh b/healthcheck.sh
new file mode 100644
index 0000000..259eaf6
--- /dev/null
+++ b/healthcheck.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+if [[ "$#" -lt 2 ]]; then
+  echo "Usage: $0 <uuid> <command>"
+  exit 1;
+fi
+
+UUID=$1
+ARGS=("$@")
+COMMANDS=("${ARGS[@]:1}")
+
+echo -n "PING: "
+curl -fsS --retry 3 "https://health.sp-codes.de/ping/$UUID/start"
+echo
+
+echo "RUN ${COMMANDS[@]}:"
+LOG=$("${COMMANDS[@]}" 2>&1)
+CODE=$?
+echo "$LOG"
+
+echo -n "PING: "
+# append the last 10 kb
+echo "$LOG" | tail --bytes 10240 | curl -fsS --retry 3 --data-binary @- "https://health.sp-codes.de/ping/$UUID$([[ ${CODE} -ne 0 ]] && echo -n /fail)"
+echo
diff --git a/login-notify.sh b/login-notify.sh
new file mode 100644
index 0000000..e7cd5e8
--- /dev/null
+++ b/login-notify.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+sender="SSH-Notification <notifications@sp-codes.de>"
+recipient="codes@samuel-philipp.de"
+
+if [ "$PAM_TYPE" == "open_session" ] && [ "$PAM_USER" != "root" ]; then
+    HOST="`hostname`"
+    subject="SSH Login: $PAM_USER from $PAM_RHOST on $HOST"
+    message="User $PAM_USER logged in on $HOST from $PAM_RHOST at $(date)."
+    echo "$message" | mailx -a "From: $sender" -s "$subject" "$recipient"
+fi
diff --git a/setup.sh b/setup.sh
new file mode 100644
index 0000000..4bf9ba8
--- /dev/null
+++ b/setup.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+URL="https://git.sp-codes.de/samuel-p/awesome-scripts/raw/branch/master/"
+SCRIPTS=("healthcheck.sh" "login-notify.sh" "validate-remote-backup.sh")
+
+for script in "${SCRIPTS[@]}"; do
+  curl "$URL$script" >"$script"
+  chmod +x "$script"
+done
diff --git a/validate-remote-backup.sh b/validate-remote-backup.sh
new file mode 100644
index 0000000..4d7d2a3
--- /dev/null
+++ b/validate-remote-backup.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+case "$SSH_ORIGINAL_COMMAND" in
+*\&*)
+echo "Rejected"
+;;
+*\(*)
+echo "Rejected"
+;;
+*\{*)
+echo "Rejected"
+;;
+*\;*)
+echo "Rejected"
+;;
+*\<*)
+echo "Rejected"
+;;
+*\`*)
+echo "Rejected"
+;;
+*\|*)
+echo "Rejected"
+;;
+rsync\ --server*)
+$SSH_ORIGINAL_COMMAND
+;;
+*)
+echo "Rejected"
+;;
+esac