-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcommon
More file actions
199 lines (172 loc) · 6.5 KB
/
common
File metadata and controls
199 lines (172 loc) · 6.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
#!/bin/bash
# sysadmin/common
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
CYAN='\033[0;36m'
NC='\033[0m'
# Configuration
SCRIPT_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" &> /dev/null && pwd)
CONFIG_FILE="$SCRIPT_DIR/.config"
setup_config() {
echo -e "${CYAN}--- FIRST RUN: CONFIGURATION SETUP ---${NC}"
echo "No .config file found. Starting auto-detection..."
# 1. Base Directory
local det_base_dir="$SCRIPT_DIR"
read -p "Base directory [$det_base_dir]: " input_base_dir
SYSADMIN_DIR="${input_base_dir:-$det_base_dir}"
# 2. Modules Directory
local det_modules_dir="$SYSADMIN_DIR/modules"
read -p "Modules directory [$det_modules_dir]: " input_modules_dir
MODULES_DIR="${input_modules_dir:-$det_modules_dir}"
# 3. Log File
local det_log_file="/var/log/sysadmin_tools.log"
read -p "Log file path [$det_log_file]: " input_log_file
LOG_FILE="${input_log_file:-$det_log_file}"
# 4. Nginx Paths
local det_nginx_avail="/etc/nginx/sites-available"
read -p "Nginx sites-available path [$det_nginx_avail]: " input_nginx_avail
NGINX_AVAIL="${input_nginx_avail:-$det_nginx_avail}"
local det_nginx_enab="/etc/nginx/sites-enabled"
read -p "Nginx sites-enabled path [$det_nginx_enab]: " input_nginx_enab
NGINX_ENAB="${input_nginx_enab:-$det_nginx_enab}"
# 5. Nextcloud Path (Auto-detect)
local det_nc_path=""
if [[ -d "/var/www" ]]; then
det_nc_path=$(find /var/www -maxdepth 2 -name "occ" -exec dirname {} \; | head -n 1)
fi
read -p "Nextcloud path [${det_nc_path:-none}]: " input_nc_path
NC_PATH="${input_nc_path:-$det_nc_path}"
# 6. PHP Command
local det_php_cmd="php"
if command -v php8.4 &> /dev/null; then det_php_cmd="php8.4";
elif command -v php8.3 &> /dev/null; then det_php_cmd="php8.3";
elif command -v php8.2 &> /dev/null; then det_php_cmd="php8.2";
fi
read -p "PHP command [$det_php_cmd]: " input_php_cmd
PHP_CMD="${input_php_cmd:-$det_php_cmd}"
# 7. SSH Port
local det_ssh_port="22"
if [[ -f "/etc/ssh/sshd_config" ]]; then
det_ssh_port=$(grep "^Port " /etc/ssh/sshd_config | awk '{print $2}')
[[ -z "$det_ssh_port" ]] && det_ssh_port="22"
fi
read -p "SSH Port [$det_ssh_port]: " input_ssh_port
SSH_PORT="${input_ssh_port:-$det_ssh_port}"
# 8. Fail2ban Log
local det_f2b_log="/var/log/fail2ban.log"
read -p "Fail2ban log path [$det_f2b_log]: " input_f2b_log
F2B_LOG="${input_f2b_log:-$det_f2b_log}"
# 9. Web User (for Nextcloud/Web services)
local det_web_user="www-data"
if id "nginx" &>/dev/null; then det_web_user="nginx"; fi
read -p "Web server user [$det_web_user]: " input_web_user
WEB_USER="${input_web_user:-$det_web_user}"
# 10. PostgreSQL User
local det_pg_user="postgres"
read -p "PostgreSQL superuser [$det_pg_user]: " input_pg_user
PG_USER="${input_pg_user:-$det_pg_user}"
# 11. MySQL Check Command
local det_mysql_check="mysqlcheck"
if command -v mariadb-check &>/dev/null; then det_mysql_check="mariadb-check"; fi
read -p "MySQL check command [$det_mysql_check]: " input_mysql_check
MYSQL_CHECK_CMD="${input_mysql_check:-$det_mysql_check}"
# 12. Package Managers (Auto-detect)
local det_apt_avail="no"
command -v apt &>/dev/null && det_apt_avail="yes"
read -p "Apt available [$det_apt_avail]: " input_apt_avail
APT_AVAIL="${input_apt_avail:-$det_apt_avail}"
local det_snap_avail="no"
command -v snap &>/dev/null && det_snap_avail="yes"
read -p "Snap available [$det_snap_avail]: " input_snap_avail
SNAP_AVAIL="${input_snap_avail:-$det_snap_avail}"
local det_flatpak_avail="no"
command -v flatpak &>/dev/null && det_flatpak_avail="yes"
read -p "Flatpak available [$det_flatpak_avail]: " input_flatpak_avail
FLATPAK_AVAIL="${input_flatpak_avail:-$det_flatpak_avail}"
# Verification
echo -e "\n${YELLOW}Please verify the following configuration:${NC}"
echo "SYSADMIN_DIR=$SYSADMIN_DIR"
echo "MODULES_DIR=$MODULES_DIR"
echo "LOG_FILE=$LOG_FILE"
echo "NGINX_AVAIL=$NGINX_AVAIL"
echo "NGINX_ENAB=$NGINX_ENAB"
echo "NC_PATH=$NC_PATH"
echo "PHP_CMD=$PHP_CMD"
echo "SSH_PORT=$SSH_PORT"
echo "F2B_LOG=$F2B_LOG"
echo "WEB_USER=$WEB_USER"
echo "PG_USER=$PG_USER"
echo "MYSQL_CHECK_CMD=$MYSQL_CHECK_CMD"
echo "APT_AVAIL=$APT_AVAIL"
echo "SNAP_AVAIL=$SNAP_AVAIL"
echo "FLATPAK_AVAIL=$FLATPAK_AVAIL"
read -p "Is this correct? [y/N]: " confirm
if [[ $confirm =~ ^[Yy]$ ]]; then
cat <<EOF > "$CONFIG_FILE"
SYSADMIN_DIR="$SYSADMIN_DIR"
MODULES_DIR="$MODULES_DIR"
LOG_FILE="$LOG_FILE"
NGINX_AVAIL="$NGINX_AVAIL"
NGINX_ENAB="$NGINX_ENAB"
NC_PATH="$NC_PATH"
PHP_CMD="$PHP_CMD"
SSH_PORT="$SSH_PORT"
F2B_LOG="$F2B_LOG"
WEB_USER="$WEB_USER"
PG_USER="$PG_USER"
MYSQL_CHECK_CMD="$MYSQL_CHECK_CMD"
APT_AVAIL="$APT_AVAIL"
SNAP_AVAIL="$SNAP_AVAIL"
FLATPAK_AVAIL="$FLATPAK_AVAIL"
EOF
echo -e "${GREEN}Config saved to $CONFIG_FILE${NC}"
else
echo -e "${RED}Setup aborted. Please run again.${NC}"
exit 1
fi
}
require_root() {
if [[ $EUID -ne 0 ]]; then
echo -e "${YELLOW}Elevation required. Requesting sudo...${NC}"
exec sudo "$0" "$@"
fi
}
load_config() {
# If config exists, source it
if [[ -f "$CONFIG_FILE" ]]; then
source "$CONFIG_FILE"
fi
# If config is missing OR has missing variables, elevate then prompt
if [[ ! -f "$CONFIG_FILE" || -z "$MYSQL_CHECK_CMD" || -z "$WEB_USER" || -z "$PG_USER" || -z "$APT_AVAIL" || -z "$SNAP_AVAIL" || -z "$FLATPAK_AVAIL" ]]; then
require_root
if [[ ! -f "$CONFIG_FILE" ]]; then
setup_config
else
echo -e "${YELLOW}Warning: Existing .config is missing newer settings.${NC}"
read -p "Would you like to re-run setup to update it? [y/N]: " rerun
if [[ $rerun =~ ^[Yy]$ ]]; then
setup_config
fi
fi
# Re-source after potential update
source "$CONFIG_FILE"
fi
}
load_config
# Updated to accept a single keypress (no Enter needed)
pause() {
echo -e "\n${CYAN}Press any key to return...${NC}"
read -n 1 -s -r
}
log_action() {
local TIMESTAMP=$(date '+%Y-%m-%d %H:%M:%S')
# Use global LOG_FILE if set, otherwise default
local TARGET_LOG="${LOG_FILE:-/var/log/sysadmin_tools.log}"
if [ ! -f "$TARGET_LOG" ]; then
sudo touch "$TARGET_LOG"
sudo chmod 600 "$TARGET_LOG"
fi
echo "[$TIMESTAMP] $1" | sudo tee -a "$TARGET_LOG" > /dev/null
}