added scripts and setup.sh

This commit is contained in:
Samuel Philipp 2020-05-21 01:57:45 +02:00
parent b9e22ddbd4
commit 53bef2b6e6
6 changed files with 94 additions and 1 deletions

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
.idea/
*.iml

View file

@ -1,3 +1,19 @@
# awesome-scripts # awesome-scripts
Some useful bash scripts. Some useful bash scripts.
## Content
|Script|Description|
|---|---|
|[healthcheck.sh](healthcheck.sh)|Script to use as cron wrap to monitor the job with health.sp-codes.de|
|[login-notify.sh](login-notify.sh)|Script to send an alert mail on ssh login|
|[validate-remote-backup.sh](validate-remote-backup.sh)|Script to validate server side rsync command to use ssh force command|
## Setup
To setup all scripts in the current directory run this:
```
curl https://git.sp-codes.de/samuel-p/awesome-scripts/raw/branch/master/setup.sh | bash
```

24
healthcheck.sh Normal file
View file

@ -0,0 +1,24 @@
#!/bin/bash
if [[ "$#" -lt 2 ]]; then
echo "Usage: $0 <uuid> <command>"
exit 1;
fi
UUID=$1
ARGS=("$@")
COMMANDS=("${ARGS[@]:1}")
echo -n "PING: "
curl -fsS --retry 3 "https://health.sp-codes.de/ping/$UUID/start"
echo
echo "RUN ${COMMANDS[@]}:"
LOG=$("${COMMANDS[@]}" 2>&1)
CODE=$?
echo "$LOG"
echo -n "PING: "
# append the last 10 kb
echo "$LOG" | tail --bytes 10240 | curl -fsS --retry 3 --data-binary @- "https://health.sp-codes.de/ping/$UUID$([[ ${CODE} -ne 0 ]] && echo -n /fail)"
echo

11
login-notify.sh Normal file
View file

@ -0,0 +1,11 @@
#!/bin/bash
sender="SSH-Notification <notifications@sp-codes.de>"
recipient="codes@samuel-philipp.de"
if [ "$PAM_TYPE" == "open_session" ] && [ "$PAM_USER" != "root" ]; then
HOST="`hostname`"
subject="SSH Login: $PAM_USER from $PAM_RHOST on $HOST"
message="User $PAM_USER logged in on $HOST from $PAM_RHOST at $(date)."
echo "$message" | mailx -a "From: $sender" -s "$subject" "$recipient"
fi

9
setup.sh Normal file
View file

@ -0,0 +1,9 @@
#!/bin/bash
URL="https://git.sp-codes.de/samuel-p/awesome-scripts/raw/branch/master/"
SCRIPTS=("healthcheck.sh" "login-notify.sh" "validate-remote-backup.sh")
for script in "${SCRIPTS[@]}"; do
curl "$URL$script" >"$script"
chmod +x "$script"
done

31
validate-remote-backup.sh Normal file
View file

@ -0,0 +1,31 @@
#!/bin/bash
case "$SSH_ORIGINAL_COMMAND" in
*\&*)
echo "Rejected"
;;
*\(*)
echo "Rejected"
;;
*\{*)
echo "Rejected"
;;
*\;*)
echo "Rejected"
;;
*\<*)
echo "Rejected"
;;
*\`*)
echo "Rejected"
;;
*\|*)
echo "Rejected"
;;
rsync\ --server*)
$SSH_ORIGINAL_COMMAND
;;
*)
echo "Rejected"
;;
esac