oib/bubu-server-scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update 2025-04-13_16:21:50

Browse Source
This commit is contained in:
root
2025-04-13 16:21:50 +02:00
commit 37e70e30e8
24 changed files with 985 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
bind_add_slave_zone.sh Executable file
View File

@ -0,0 +1,42 @@
#!/bin/zsh
# Version 01.0
# Script to add a new slave zone to /etc/bind/named.conf.local on ns2.dynproxy.net
# Script Name: bind_add_slave_zone.sh
# Variables
NAMED_CONF="/etc/bind/named.conf.local"
CACHE_DIR="/var/cache/bind"
# Check if a domain name argument is provided
if [ -z "$1" ]; then
echo "Usage: $0 <domain.tld>"
exit 1
fi
DOMAIN=$1
ZONE_FILE="$CACHE_DIR/db.$DOMAIN"
# Check if the zone configuration already exists
if grep -q "zone \"$DOMAIN\"" $NAMED_CONF; then
echo "Zone $DOMAIN already exists in $NAMED_CONF. Aborting!"
exit 2
fi
# Append zone configuration to named.conf.local
echo "Adding slave zone configuration for $DOMAIN to $NAMED_CONF"
cat <<EOF >> $NAMED_CONF
zone "$DOMAIN" {
type slave;
file "$ZONE_FILE";
masters { 23.88.113.138; };
allow-transfer { key "ns3-key"; };
};
EOF
# Reload BIND configuration
echo "Reloading BIND configuration"
rndc reload
# Success message
echo "Slave zone for $DOMAIN has been added successfully"

46
calculate_bitrate.sh Executable file
View File

@ -0,0 +1,46 @@
#!/bin/bash
# Check if the folder is provided as an argument
if [ -z "$1" ]; then
echo "Usage: $0 <folder_with_videos>"
exit 1
fi
VIDEO_FOLDER="$1"
OUTPUT_FILE="bitrates.txt"
TOTAL_BITRATE=0
VIDEO_COUNT=0
# Clear or create the output file
> "$OUTPUT_FILE"
# Function to get bitrate of a video in Mbps
get_bitrate() {
local video_file="$1"
bitrate_kbps=$(ffprobe -v error -select_streams v:0 -show_entries stream=bit_rate -of default=noprint_wrappers=1:nokey=1 "$video_file" | head -n 1)
if [[ "$bitrate_kbps" =~ ^[0-9]+$ ]]; then
bitrate_mbps=$(echo "scale=2; $bitrate_kbps / 1000 / 1000" | bc)
echo "$bitrate_mbps"
else
echo "0"
fi
}
# Iterate through each video file in the folder
for video_file in "$VIDEO_FOLDER"/*; do
if [ -f "$video_file" ]; then
bitrate=$(get_bitrate "$video_file")
echo "File: $video_file - Bitrate: ${bitrate} Mbps" | tee -a "$OUTPUT_FILE"
TOTAL_BITRATE=$(echo "$TOTAL_BITRATE + $bitrate" | bc)
((VIDEO_COUNT++))
fi
done
# Calculate the average bitrate
if [ "$VIDEO_COUNT" -gt 0 ]; then
AVERAGE_BITRATE=$(echo "scale=2; $TOTAL_BITRATE / $VIDEO_COUNT" | bc)
echo "Average Bitrate: $AVERAGE_BITRATE Mbps" | tee -a "$OUTPUT_FILE"
else
echo "No video files found in the specified folder." | tee -a "$OUTPUT_FILE"
fi

6
dnsbl.sh Executable file
View File

@ -0,0 +1,6 @@
#!/bin/sh
cat /var/log/dnsbl-ipset/blacklist.log | cut -d ' ' -f1 | sort | uniq -c | sort -nr | mail -s "dnsbl blacklist.log 32 weekly Report `date`" srvlogz@bubuit.net
cat /var/log/dnsbl-ipset/blacklist.log | cut -d ' ' -f1 | awk -F\. '{print $1"."$2"."$3"."}' | sort | uniq -c | sort -nr | mail -s "dnsbl blacklist.log 24 weekly Report `date`" srvlogz@bubuit.net
cat /var/log/dnsbl-ipset/blacklist.log | cut -d ' ' -f1 | awk -F\. '{print $1"."$2"."}' | sort | uniq -c | sort -nr | mail -s "dnsbl blacklist.log 16 weekly Report `date`" srvlogz@bubuit.net
rm /var/log/dnsbl-ipset/blacklist.log

10
f2b-c_s-div.sh Executable file
View File

@ -0,0 +1,10 @@
#!/bin/bash
F2BRULES="recidive sshd"
echo $F2BRULES
for i in $F2BRULES; do
echo $i
fail2ban-client status $i
echo ""
done

10
f2b-c_s-drupal.sh Executable file
View File

@ -0,0 +1,10 @@
#!/bin/bash
F2BRULES="apache-badbots drupal-auth"
echo $F2BRULES
for i in $F2BRULES; do
echo $i
fail2ban-client status $i
echo ""
done

10
f2b-c_s-mail.sh Executable file
View File

@ -0,0 +1,10 @@
#!/bin/bash
F2BRULES="dovecot dovecot-pop3impap postfix-flood-attack postfix-rbl postfix postfix-sasl"
echo $F2BRULES
for i in $F2BRULES; do
echo $i
fail2ban-client status $i
echo ""
done

10
f2b-c_s-proxy.sh Executable file
View File

@ -0,0 +1,10 @@
#!/bin/bash
F2BRULES="nginx-401 nginx-http-auth nginx-nohome nginx-noproxy nginx-noscript"
echo $F2BRULES
for i in $F2BRULES; do
echo $i
fail2ban-client status $i
echo ""
done

53
f2b-ip.sh Executable file
View File

@ -0,0 +1,53 @@
#!/bin/zsh
# Function to extract the list of jails
extract_jail_list() {
# Run fail2ban-client status and extract the jail list
JAIL_LIST=$(fail2ban-client status | awk -F'\t' '/Jail list/ {print $2}' | tr ',' '\n' | tr -d ' ')
# Check if jail list is empty
if [[ -z "$JAIL_LIST" ]]; then
echo "No jails found."
return 1
fi
echo "$JAIL_LIST"
return 0
}
# Function to extract and print all banned IPs
extract_and_print_all_banned_ips() {
JAIL_LIST=$(extract_jail_list)
if [[ $? -ne 0 ]]; then
return 1
fi
ALL_BANNED_IPS=""
for JAIL in ${(f)JAIL_LIST}; do
STATUS_OUTPUT=$(fail2ban-client status $JAIL)
# Extract the banned IPs
BANNED_IP_LIST=$(echo "$STATUS_OUTPUT" | grep -oP '(?<=Banned IP list:\t).*')
if [[ -n "$BANNED_IP_LIST" ]]; then
ALL_BANNED_IPS+="$BANNED_IP_LIST "
fi
done
# Print all found IPs
echo "$ALL_BANNED_IPS" | tr ' ' '\n'
}
# Function to filter the IPs based on the provided argument
filter_ips() {
SEARCH_IP=$1
extract_and_print_all_banned_ips | grep "$SEARCH_IP"
}
# Main execution
if [[ $# -gt 0 ]]; then
filter_ips $1
else
extract_and_print_all_banned_ips
fi

8
f2b-jails.sh Executable file
View File

@ -0,0 +1,8 @@
#!/bin/sh
for i in dovecot dovecot-pop3impap nginx-401 nginx-http-auth nginx-nohome nginx-noproxy nginx-noscript postfix postfix-flood-attack postfix-rbl postfix-sasl recidive sshd
do
echo " "
fail2ban-client status $i
echo " "
done

7
f2b-status.sh Executable file
View File

@ -0,0 +1,7 @@
#!/bin/sh
list=$(fail2ban-client status | grep list | cut -d ":" -f2 | tr -d ',')
for i in $list; do
fail2ban-client status $i
done

36
firehol-reload-netset-blacklist.sh Executable file
View File

@ -0,0 +1,36 @@
#!/bin/bash
# Define your ipset name
IPSET_NAME="blacklist"
# Path to your list of IP network ranges, one per line
IP_LIST_PATH="/etc/firehol/blacklist.netset"
# Function to check if a string is a CIDR network range specifically for /24
is_cidr_24() {
local CIDR=$1
if [[ $CIDR =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/24$ ]]; then
return 0 # True
else
return 1 # False
fi
}
# Clear the existing ipset
ipset flush "$IPSET_NAME"
# Repopulate the ipset
while IFS= read -r LINE; do
# Skip empty lines and lines starting with #
[[ -z "$LINE" ]] || [[ "$LINE" =~ ^# ]] && continue
if is_cidr_24 "$LINE"; then
# It's a CIDR /24 network range, add to blacklist
ipset add "$IPSET_NAME" "$LINE" 2>/dev/null
else
echo "Skipping unrecognized format: $LINE"
fi
done < "$IP_LIST_PATH"
echo "Ipset $IPSET_NAME reloaded with networks from $IP_LIST_PATH"

219
gitea_push.sh Executable file
View File

@ -0,0 +1,219 @@
#!/bin/zsh
# Script Version: 1.5
# Description: Pushes the current folder (e.g. /etc) to a nested Gitea repo using provided nesting arguments. Auto-creates the remote repo via Gitea API if missing.
# Set variables
# ========
# Try to extract GITEA_API_TOKEN from ~/.gitea_token if not set
if [ -z "$GITEA_API_TOKEN" ] && [ -f "$HOME/.gitea_token" ]; then
GITEA_API_TOKEN=$(<"$HOME/.gitea_token")
export GITEA_API_TOKEN
fi
GITEA_USER=$(awk '{for(i=1;i<=NF;i++) if($i=="login") print $(i+1)}' ~/.netrc | head -n1)
if [ -z "$GITEA_USER" ]; then
echo "[ERROR] No login found in ~/.netrc"
exit 1
fi
GITEA_URL="https://$(awk '{for(i=1;i<=NF;i++) if($i=="machine") print $(i+1)}' ~/.netrc | head -n1)"
if [ -z "$GITEA_URL" ]; then
echo "[ERROR] No URL found in ~/.netrc"
exit 1
fi
GITEA_API_URL="$GITEA_URL/api/v1"
PRIVATE=false
DEBUG=false
COMMIT_MESSAGE="Update $(date +"%F_%T")"
# Logging function
# ========
log() {
local level="$1"; shift
if [[ "$level" == "DEBUG" && "$DEBUG" != true ]]; then return; fi
local color_reset="$(tput sgr0)"
local color=""
case "$level" in
INFO) color="$(tput setaf 2)" ;; # green
WARNING) color="$(tput setaf 3)" ;; # yellow
ERROR) color="$(tput setaf 1)" ;; # red
DEBUG) color="$(tput setaf 4)" ;; # blue
esac
echo "${color}[$level] $*${color_reset}"
}
# Functions
# ========
create_repo() {
log INFO "Repository does not exist. Creating via API: $REMOTE_PATH"
log DEBUG "POST $GITEA_API_URL/user/repos with name=$REMOTE_PATH and private=$PRIVATE"
RESPONSE=$(curl -s -X POST \
-H "Authorization: token $GITEA_API_TOKEN" \
-H "Content-Type: application/json" \
-d "{\"name\": \"$FOLDER_NAME\", \"private\": $PRIVATE}" \
"$GITEA_API_URL/user/repos")
if echo "$RESPONSE" | grep -q '"clone_url"'; then
log INFO "Remote repository created successfully."
HTTP_STATUS=200
else
log ERROR "Failed to create remote repository: $RESPONSE"
exit 1
fi
}
prepare_commit() {
git add .
if git diff --quiet HEAD && ! git rev-parse --verify HEAD >/dev/null 2>&1; then
log INFO "Creating initial commit"
git commit -m "$COMMIT_MESSAGE"
elif ! git diff --quiet HEAD; then
log INFO "Committing changes"
git commit -m "$COMMIT_MESSAGE"
else
log INFO "Nothing to commit"
fi
}
setup_remote() {
if git remote | grep -q '^origin$'; then
log INFO "Updating remote origin URL"
git remote set-url origin "$GIT_REMOTE"
else
log INFO "Adding remote origin"
git remote add origin "$GIT_REMOTE"
fi
}
push_changes() {
log INFO "Pushing to $GIT_REMOTE"
git push -u origin main
}
# Show help if no arguments are given
# ========
if [ $# -eq 0 ]; then
echo "GITEA_API_TOKEN=<your token>"
echo "Usage: $0 [--private] [--debug] [--message \"your commit message\"] <host_group>"
echo "Example: $0 server"
echo " $0 --private workstation"
echo " $0 --debug server"
echo " $0 --message \"minor update\" server"
echo
echo "Note: You must cd into the target folder before running this script."
echo "For example:"
echo " cd /etc && $0 server"
echo
echo "Authentication:"
echo " Git operations (clone, push, pull) use ~/.netrc with your Git password:"
echo " machine \$(echo \"$GITEA_URL\" | sed 's|https\?://||') login $GITEA_USER password \"<your Git password>\""
echo " chmod 600 ~/.netrc"
echo
echo " API operations (e.g. creating repos) use a Personal Access Token stored in ~/.gitea_token"
echo " echo \"<your_token>\" > ~/.gitea_token && chmod 600 ~/.gitea_token"
exit 0
fi
# Parse arguments
# ========
POSITIONAL_ARGS=()
while [[ $# -gt 0 ]]; do
case "$1" in
--private)
PRIVATE=true
shift
;;
--debug)
DEBUG=true
shift
;;
--message)
COMMIT_MESSAGE="$2"
shift 2
;;
*)
POSITIONAL_ARGS+=("$1")
shift
;;
esac
done
set -- "${POSITIONAL_ARGS[@]}"
if [[ $# -ne 1 ]]; then
echo "Usage: $0 [--private] [--debug] [--message \"your commit message\"] <host_group>"
exit 1
fi
HOST_GROUP=$(echo "$1" | tr '[:upper:]' '[:lower:]' | tr -cd 'a-z0-9-')
HOST_NAME=$(hostname -s | tr '[:upper:]' '[:lower:]' | tr -cd 'a-z0-9-')
FOLDER_NAME="${HOST_NAME}-${HOST_GROUP}-$(basename "$PWD")"
REPO_PATH="$PWD"
REMOTE_PATH="$FOLDER_NAME"
GIT_REMOTE="$GITEA_URL/$GITEA_USER/$FOLDER_NAME.git"
# Git authentication hint
log DEBUG "Ensure ~/.netrc has: machine <host> login $GITEA_USER password <your Git password>"
# Check or create remote repo
check_or_create_repo() {
if [ -z "$GITEA_API_TOKEN" ]; then
log WARNING "GITEA_API_TOKEN is not set. Skipping API repo creation."
return
fi
HTTP_STATUS=$(curl -s -o /dev/null -w "%{http_code}" \
-H "Authorization: token $GITEA_API_TOKEN" \
"$GITEA_API_URL/repos/$GITEA_USER/$FOLDER_NAME")
if [ "$HTTP_STATUS" -ne 200 ]; then
create_repo
else
log INFO "Remote repository already exists."
fi
}
check_or_create_repo
# Main Process
# ========
# Safety check against pushing from / or $HOME
if [[ "$PWD" == "$HOME" || "$PWD" == "/" ]]; then
log ERROR "Refusing to run inside \$PWD=$PWD"
exit 1
fi
log INFO "Pushing $REPO_PATH to $GIT_REMOTE"
cd "$REPO_PATH" || { log ERROR "Directory $REPO_PATH not found"; exit 1; }
# Initialize git if needed
# Branch is fixed to 'main' for simplicity and consistency
if [ ! -d .git ]; then
log INFO "Initializing Git repo"
git init
git config init.defaultBranch main
git checkout -b main
else
log DEBUG ".git directory already present"
fi
# Ensure at least one commit exists
prepare_commit
# Set or update remote
if [ "$HTTP_STATUS" -eq 200 ]; then
setup_remote
else
log WARNING "Skipping remote setup repository does not exist."
fi
# Push to remote
if [ "$HTTP_STATUS" -eq 200 ]; then
push_changes
else
log WARNING "Skipping push repository does not exist."
fi

9
ipinipset.sh Executable file
View File

@ -0,0 +1,9 @@
#!/bin/bash
IPSETS=$(ipset list -n| sort)
for i in $IPSETS; do
echo $i
ipset list $i | grep "^$1"
# echo ""
done

28
listen_change.sh Executable file
View File

@ -0,0 +1,28 @@
#!/bin/bash
# Script Version: 01
# Description: Replaces 'listen 443 ssl' with 'listen 80' in Nginx configuration files under /etc/nginx/sites-enabled/
# Directory containing Nginx site configurations
CONFIG_DIR="/etc/nginx/sites-enabled"
# Iterate over each file in the configuration directory
for FILE in "$CONFIG_DIR"/*; do
# Check if the file is a regular file
if [ -f "$FILE" ]; then
# Replace 'listen 443 ssl' with 'listen 80'
sed -i 's/listen 443 ssl;/listen 80;/g' "$FILE"
fi
done
# Test Nginx configuration
nginx -t
# Check if the configuration test was successful
if [ $? -eq 0 ]; then
# Reload Nginx to apply changes
systemctl reload nginx
echo "Nginx reloaded successfully."
else
echo "Nginx configuration test failed. Please check the configuration files."
fi

59
lxc-ai-package.sh Executable file
View File

@ -0,0 +1,59 @@
#!/bin/bash
# Check if a package name is provided
if [ -z "$1" ]; then
echo "Usage: $0 <package_name>"
exit 1
fi
PACKAGE_NAME="$1"
# Function to log messages with timestamp
log_message() {
echo "$(date +"%Y-%m-%d %H:%M:%S") - $1"
}
# Function to check if a container is running
is_container_running() {
local container=$1
lxc-info -n "$container" | grep -q 'RUNNING'
}
# List all running Linux containers
containers=$(lxc-ls -f G RUNNING | awk 'NR>1 {print $1}')
# Install the package inside each container
install_package_in_container() {
local container=$1
local package=$2
if is_container_running "$container"; then
log_message "Installing $package in container: $container"
lxc-attach -n "$container" -- apt update > /tmp/${container}_apt_update.log 2>&1
if [[ $? -ne 0 ]]; then
log_message "Failed to update APT in container: $container. Check /tmp/${container}_apt_update.log for details."
return 1
fi
lxc-attach -n "$container" -- apt install -y "$package" > /tmp/${container}_apt_install_${package}.log 2>&1
if [[ $? -ne 0 ]]; then
log_message "Failed to install $package in container: $container. Check /tmp/${container}_apt_install_${package}.log for details."
return 1
fi
log_message "Successfully installed $package in container: $container"
else
log_message "Container $container is not running. Skipping."
fi
}
export -f log_message
export -f is_container_running
export -f install_package_in_container
# Process each container in parallel
echo "$containers" | xargs -I{} -n1 -P4 bash -c 'install_package_in_container "{}" "$PACKAGE_NAME"' _ "$PACKAGE_NAME"
log_message "All containers have been processed."

34
lxc-create.sh Executable file
View File

@ -0,0 +1,34 @@
#!/bin/bash
LXCHOSTNAME=drupal24
lxc-stop -n drupal10
lxc-copy -n drupal10 -N $LXCHOSTNAME
# Funktion zur Generierung einer einzigartigen MAC-Adresse
generate_unique_hwaddr() {
local hwaddr
local existing_hwaddrs
while : ; do
hwaddr=$(printf '00:16:3e:%02x:%02x:%02x\n' $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)))
existing_hwaddrs=$(grep "lxc.net.0.hwaddr" /var/lib/lxc/*/config | grep "$hwaddr")
if [ -z "$existing_hwaddrs" ]; then
# MAC-Adresse ist einzigartig
echo "$hwaddr"
return
fi
done
}
# Generiere eine einzigartige MAC-Adresse
NEW_HWADDR=$(generate_unique_hwaddr)
# Pfad zur LXC-Konfigurationsdatei
CONFIG_FILE="/var/lib/lxc/$LXCHOSTNAME/config"
# Ersetze die existierende hwaddr Zeile
sed -i "/^lxc.net.0.hwaddr/c\lxc.net.0.hwaddr = $NEW_HWADDR" "$CONFIG_FILE"
#echo "MAC-Adresse in $CONFIG_FILE auf $NEW_HWADDR aktualisiert."
lxc-start -n drupal10

23
lxc-hwaddr.sh Executable file
View File

@ -0,0 +1,23 @@
#!/bin/bash
# Funktion zur Generierung einer einzigartigen MAC-Adresse
generate_unique_hwaddr() {
local hwaddr
local existing_hwaddrs
while : ; do
hwaddr=$(printf '00:16:3e:%02x:%02x:%02x\n' $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)))
existing_hwaddrs=$(grep "lxc.net.0.hwaddr" /var/lib/lxc/*/config | grep "$hwaddr")
if [ -z "$existing_hwaddrs" ]; then
# MAC-Adresse ist einzigartig
echo "$hwaddr"
return
fi
done
}
# Generiere eine einzigartige MAC-Adresse
NEW_HWADDR=$(generate_unique_hwaddr)
grep "lxc.net.0.hwaddr" /var/lib/lxc/*/config | awk '{print $3}'
echo "$NEW_HWADDR new hwaddr"

65
lxc_create.sh Executable file
View File

@ -0,0 +1,65 @@
#!/bin/bash
read -e -p "LXCHOSTNAME: " LXCHOSTNAME
export LXCHOSTNAME
# Stop the template container
lxc-stop -n template
# Copy the template to create a new container with the given hostname
lxc-copy -n template -N "$LXCHOSTNAME"
# Function to generate a unique MAC address
generate_unique_hwaddr() {
local hwaddr
local existing_hwaddrs
while : ; do
hwaddr=$(printf '00:16:3e:%02x:%02x:%02x\n' $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)))
existing_hwaddrs=$(grep "lxc.net.0.hwaddr" /var/lib/lxc/*/config | grep "$hwaddr")
if [ -z "$existing_hwaddrs" ]; then
# MAC address is unique
echo "$hwaddr"
return
fi
done
}
# Generate a unique MAC address
NEW_HWADDR=$(generate_unique_hwaddr)
# Path to the LXC configuration file
CONFIG_FILE="/var/lib/lxc/$LXCHOSTNAME/config"
# Replace the existing hwaddr line
sed -i "/^lxc.net.0.hwaddr/c\lxc.net.0.hwaddr = $NEW_HWADDR" "$CONFIG_FILE"
echo "MAC address in $CONFIG_FILE updated to $NEW_HWADDR."
# Start the new container
lxc-start -n "$LXCHOSTNAME"
# Wait for the container to start
sleep 5
# Change the hostname inside the container
lxc-attach -n "$LXCHOSTNAME" -- bash -c "echo '$LXCHOSTNAME' > /etc/hostname"
lxc-attach -n "$LXCHOSTNAME" -- hostname "$LXCHOSTNAME"
# Update /etc/hosts
lxc-attach -n "$LXCHOSTNAME" -- bash -c "echo '127.0.0.1 $LXCHOSTNAME' >> /etc/hosts"
# Ensure the container has internet access (optional, check and adjust if needed)
lxc-attach -n "$LXCHOSTNAME" -- ping -c 4 google.com
echo
# Stop and restart the container
lxc-stop -n "$LXCHOSTNAME"
lxc-start -n "$LXCHOSTNAME"
# Display the MAC addresses to verify the changes
grep lxc.net.0.hwaddr /var/lib/lxc/*/config
# Wait and list containers to ensure they are running
sleep 9
lxc-ls -f

83
lxc_list_login.sh Executable file
View File

@ -0,0 +1,83 @@
#!/bin/bash
# =============================================================================
# Script Name: lxc_list_login.sh
# Version: 1.2
# Description: Lists LXC containers, checks their statuses, and allows login.
# =============================================================================
# Required commands
REQUIRED_CMDS=("lxc-ls" "lxc-info" "lxc-start" "lxc-attach")
# Check if required commands are available
for CMD in "${REQUIRED_CMDS[@]}"; do
if ! command -v "$CMD" &> /dev/null; then
echo "The command $CMD is not installed. Please install it and try again."
exit 1
fi
done
# List and check LXC containers
echo "List of all LXC containers:"
CONTAINERS=($(lxc-ls -f | awk 'NR>1 && $1 != "" {print $1}'))
# Check if there are any containers
if [[ ${#CONTAINERS[@]} -eq 0 ]]; then
echo "There are no LXC containers."
exit 1
fi
# Display containers and their status
printf "\n%-5s %-20s %-10s\n" "Index" "Container Name" "Status"
echo "------------------------------------------"
for (( I=0; I<${#CONTAINERS[@]}; I++ )); do
LXCHOSTNAME="${CONTAINERS[$I]}"
if [[ -n "$LXCHOSTNAME" ]]; then
STATUS=$(lxc-info --name="$LXCHOSTNAME" | grep "State" | awk '{print $2}')
printf "%-5d %-20s %-10s\n" "$I" "$LXCHOSTNAME" "$STATUS"
fi
done
# Prompt user to select a container
read -p "Select a container to log in (0-$(( ${#CONTAINERS[@]} - 1 ))): " SELECTION
# Validate selection
if [[ $SELECTION =~ ^[0-9]+$ ]] && [[ $SELECTION -ge 0 && $SELECTION -lt ${#CONTAINERS[@]} ]]; then
LXCHOSTNAME="${CONTAINERS[$SELECTION]}"
STATUS=$(lxc-info --name="$LXCHOSTNAME" | grep "State" | awk '{print $2}')
if [[ $STATUS == "STOPPED" ]]; then
read -p "Container $LXCHOSTNAME is stopped. Do you want to start it? (y/n) " START_SELECTION
if [[ $START_SELECTION == "y" ]]; then
echo "Starting the container $LXCHOSTNAME..."
if lxc-start --name="$LXCHOSTNAME"; then
echo "Container $LXCHOSTNAME has been started."
for i in {1..10}; do
STATUS=$(lxc-info --name="$LXCHOSTNAME" | grep "State" | awk '{print $2}')
if [[ $STATUS == "RUNNING" ]]; then
break
fi
sleep 1
done
if [[ $STATUS != "RUNNING" ]]; then
echo "Container $LXCHOSTNAME failed to start within the timeout period."
exit 1
fi
else
echo "Error starting the container $LXCHOSTNAME."
exit 1
fi
else
echo "Container $LXCHOSTNAME was not started."
exit 1
fi
fi
echo "Logging into the container $LXCHOSTNAME..."
if ! lxc-attach --name="$LXCHOSTNAME"; then
echo "Error logging into the container $LXCHOSTNAME."
exit 1
fi
else
echo "Invalid selection. Please run the script again and choose a valid number."
exit 1
fi

69
lxc_list_sed.sh Executable file
View File

@ -0,0 +1,69 @@
#!/bin/bash
# =============================================================================
# Script Name: lxc_list_sed.sh
# Version: 1.10
# Description: This script lists all LXC containers, checks their statuses, and
# updates the SENDMAILTO field in /etc/logcheck/logcheck.conf for
# running containers. It includes error handling and logging.
# =============================================================================
# 01 Required commands
REQUIRED_CMDS=("lxc-ls" "lxc-info" "lxc-attach" "lxc-start")
# 02 Check if required commands are available
for CMD in "${REQUIRED_CMDS[@]}"; do
if ! command -v $CMD &> /dev/null; then
echo "Command $CMD is not installed. Please install it and try again."
exit 1
fi
done
# 03 Function to check if a container is running
is_container_running() {
local CONTAINER=$1
if lxc-info -n "$CONTAINER" | grep -q 'RUNNING'; then
echo "$CONTAINER is running."
return 0 # Container is running
else
echo "$CONTAINER is not running or does not exist."
return 1 # Container is not running
fi
}
# 04 List all running Linux containers
list_running_containers() {
local CONTAINERS=($(lxc-ls -f | awk '$2 == "RUNNING" {print $1}'))
echo ${CONTAINERS[@]}
}
# 05 Update SENDMAILTO in /etc/logcheck/logcheck.conf for running LXC containers
update_sendmailto() {
local NEW_EMAIL="logcheck+srvlogz@bubuit.net"
local RUNNING_CONTAINERS=($@) # Get the list of running containers as arguments
for CONTAINER in "${RUNNING_CONTAINERS[@]}"; do
echo "Attempting to update SENDMAILTO in $CONTAINER"
if lxc-attach -n "$CONTAINER" -- bash -c "[ -f /etc/logcheck/logcheck.conf ]"; then
if lxc-attach -n "$CONTAINER" -- bash -c "sed -i 's/^SENDMAILTO.*/SENDMAILTO=\"$NEW_EMAIL\"/' /etc/logcheck/logcheck.conf"; then
echo "Successfully updated SENDMAILTO in $CONTAINER"
else
echo "Failed to update SENDMAILTO in $CONTAINER"
fi
else
echo "/etc/logcheck/logcheck.conf does not exist in $CONTAINER"
fi
sleep 1 # Introduce a sleep to avoid running too fast
done
}
# 06 Main script execution
RUNNING_CONTAINERS=$(list_running_containers)
echo -e "\nRunning Containers: ${RUNNING_CONTAINERS[@]}"
echo -ne "\n"
if [ -n "$RUNNING_CONTAINERS" ]; then
update_sendmailto ${RUNNING_CONTAINERS[@]}
else
echo "No running containers found."
fi

53
lxc_snapshot_create.sh Executable file
View File

@ -0,0 +1,53 @@
#!/bin/bash
# v01
# List and check LXC containers
echo "Listing all LXC containers..."
CONTAINERS=($(lxc-ls -1))
# Check if there are any containers
if [[ ${#CONTAINERS[@]} -eq 0 ]]; then
echo "There are no LXC containers."
exit 1
fi
echo "Found ${#CONTAINERS[@]} container(s): ${CONTAINERS[@]}"
echo "----------------------------------"
# Loop over each container
for LXCHOSTNAME in "${CONTAINERS[@]}"; do
echo "Processing container: $LXCHOSTNAME"
# Stop the container
echo "Stopping container $LXCHOSTNAME..."
if ! lxc-stop -n "$LXCHOSTNAME"; then
echo "Failed to stop container $LXCHOSTNAME"
continue
fi
# Create a snapshot (using default directory)
echo "Creating snapshot for $LXCHOSTNAME..."
if ! lxc-snapshot -n "$LXCHOSTNAME"; then
echo "Failed to create snapshot for $LXCHOSTNAME"
# Optionally, start the container back up if snapshot fails
lxc-start -n "$LXCHOSTNAME"
continue
fi
# Start the container
echo "Starting container $LXCHOSTNAME..."
if ! lxc-start -n "$LXCHOSTNAME"; then
echo "Failed to start container $LXCHOSTNAME"
continue
fi
# List snapshots for the container
echo "Listing snapshots for $LXCHOSTNAME..."
lxc-snapshot -n "$LXCHOSTNAME" -L
echo "----------------------------------"
echo "Finished processing $LXCHOSTNAME"
echo "=================================="
done
lxc-ls -f

65
remove_nonexistent_rules.sh Executable file
View File

@ -0,0 +1,65 @@
#!/bin/zsh
# Script Version: 01
# Description: Removes non-existent rules from SpamAssassin local.cf configuration file.
# Variables
# ========
CONFIG_FILE="/etc/mail/spamassassin/local.cf"
BACKUP_FILE="/etc/mail/spamassassin/local.cf.bak"
TEMP_FILE=$(mktemp /tmp/local.cf.temp.XXXXXX)
# Backup original config
# ========
if ! cp "$CONFIG_FILE" "$BACKUP_FILE"; then
echo "Error: Backup of $CONFIG_FILE to $BACKUP_FILE failed. Aborting." >&2
exit 1
fi
echo "Backup of local.cf saved to $BACKUP_FILE"
# Extract non-existent rules from SpamAssassin lint output
# ========
RULES=$(spamassassin --lint -D 2>&1 | grep 'warning: score set for non-existent rule' | awk '{print $NF}' | sort | uniq)
if [ -z "$RULES" ]; then
echo "No non-existent rules found in the lint output."
rm -f "$TEMP_FILE" # Clean up the temporary file
exit 0
fi
echo "Non-existent rules to be removed:"
echo "$RULES"
# Remove non-existent rules from the config file
# ========
cp "$CONFIG_FILE" "$TEMP_FILE"
while read -r RULE; do
sed -i "/^score\s\+$RULE\b/d" "$TEMP_FILE"
done <<< "$RULES"
# Overwrite the original config
# ========
if mv "$TEMP_FILE" "$CONFIG_FILE"; then
echo "Non-existent rules removed from $CONFIG_FILE"
else
echo "Error: Failed to update $CONFIG_FILE. Aborting." >&2
rm -f "$TEMP_FILE" # Clean up in case of failure
exit 1
fi
# Restart SpamAssassin to apply changes
# ========
echo "Restarting SpamAssassin..."
if systemctl restart spamassassin; then
echo "SpamAssassin restarted successfully."
if ! systemctl is-active --quiet spamassassin; then
echo "Error: SpamAssassin is not active after restart." >&2
exit 1
fi
else
echo "Error: Failed to restart SpamAssassin." >&2
exit 1
fi
exit 0

29
ssl_certificate_delete.sh Executable file
View File

@ -0,0 +1,29 @@
#!/bin/bash
# Script Version: 01
# Description: Removes ssl_certificate and ssl_certificate_key directives from Nginx configuration files in /etc/nginx/sites-enabled/
# Directory containing Nginx site configurations
CONFIG_DIR="/etc/nginx/sites-enabled"
# Iterate over each file in the configuration directory
for FILE in "$CONFIG_DIR"/*; do
# Check if the file is a regular file
if [ -f "$FILE" ]; then
# Remove lines containing ssl_certificate or ssl_certificate_key
sed -i '/^\s*ssl_certificate\s\+/d' "$FILE"
sed -i '/^\s*ssl_certificate_key\s\+/d' "$FILE"
fi
done
# Test Nginx configuration
nginx -t
# Check if the configuration test was successful
if [ $? -eq 0 ]; then
# Reload Nginx to apply changes
systemctl reload nginx
echo "Nginx reloaded successfully."
else
echo "Nginx configuration test failed. Please check the configuration files."
fi

11
updateContainer.sh Executable file
View File

@ -0,0 +1,11 @@
#!/bin/bash
# List all running Linux containers
containers=$(lxc-ls -f G RUNNING | awk '{print $1}')
# Upgrade the package manager (APT) inside each container
for container in $containers; do
echo $container
lxc-attach -n $container -- apt update
lxc-attach -n $container -- apt upgrade -y
done