Determined Server Setup
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

determined-server-setup.sh 4.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186
  1. #!/bin/bash
  2. # determined-server-setup (dss)
  3. # Written by Josh Mudge
  4. # Ad Mejorem Dei Glorium
  5. version=$(curl -s https://git.coolaj86.com/josh/dss/raw/branch/master/VERSION | cat)
  6. # Get options from CLI arguments
  7. usr=$USER
  8. init=0
  9. clean=0
  10. log=0
  11. authlog=0
  12. update=0
  13. mon=0
  14. while [[ $# -gt 0 ]]
  15. do
  16. key="$1"
  17. case $key in
  18. --init)
  19. init=1
  20. shift # past argument
  21. ;;
  22. --clean)
  23. clean=1
  24. shift # past argument
  25. ;;
  26. --log)
  27. log=1
  28. shift # past argument
  29. ;;
  30. --authlog)
  31. authlog="$2"
  32. shift # past argument
  33. ;;
  34. --user)
  35. usr="$2"
  36. shift # past argument
  37. ;;
  38. --user2)
  39. user2="$2"
  40. shift # past argument
  41. ;;
  42. --user3)
  43. user3="$2"
  44. shift # past argument
  45. ;;
  46. --update)
  47. update=1
  48. shift # past argument
  49. ;;
  50. --monitor)
  51. mon=1
  52. shift # past argument
  53. ;;
  54. --mon-setup)
  55. mon=2
  56. shift # past argument
  57. ;;
  58. --email)
  59. email=1
  60. shift # past argument
  61. ;;
  62. --logfile)
  63. logfile=1
  64. shift # past argument
  65. ;;
  66. blacklist)
  67. blacklist="$2"
  68. shift # past argument
  69. ;;
  70. -h|help)
  71. echo "dss $version"
  72. echo "Usage: dss [OPTION]"
  73. echo "You can run the following commands:"
  74. echo "dss --clean # Update the server and cleanup uneeded files and programs. Use with caution."
  75. echo "dss --log # Print the system log."
  76. echo "dss --authlog 1 # Print the SSH authentication log. Use 'dss authlog attacks' to show attacks on your SSH server."
  77. echo "dss --user USERNAME --init # Setup server with server utilities and enable automatic security updates."
  78. exit 1
  79. ;;
  80. -v|version)
  81. echo "dss $version"
  82. exit 1
  83. ;;
  84. *)
  85. # unknown option
  86. if test -z "${unknown}"
  87. then
  88. unknown=$1
  89. else
  90. echo "dss $version"
  91. echo "dss --user USERNAME --init # Setup server with server utilities and enable automatic security updates."
  92. exit 1
  93. fi
  94. ;;
  95. esac
  96. shift # past argument or value
  97. done
  98. if test $init = 1
  99. then
  100. # Update server
  101. sudo apt-get update
  102. sudo apt-get upgrade -y
  103. # Install server utilities
  104. sudo apt-get install -y screen curl nano htop fail2ban rsync man shellcheck git software-properties-common
  105. # Prompt user to set up automatic security updates.
  106. sudo apt-get install -y unattended-upgrades
  107. sudo dpkg-reconfigure -plow unattended-upgrades
  108. # Harden ssh
  109. if determined-harden-ssh --user $usr
  110. then
  111. echo "dss" | sudo tee /home/.dssv1.7
  112. else
  113. "You cannot create root user and disable root login, that won't work... See 'dss help'"
  114. exit
  115. fi
  116. elif test $log = 1
  117. then
  118. sudo cat /var/log/syslog
  119. elif test $authlog = 1
  120. then
  121. sudo cat /var/log/auth.log
  122. elif test $authlog = attacks
  123. then
  124. sudo cat /var/log/auth.log | grep "Invalid user"
  125. sudo cat /var/log/auth.log | grep "Connection closed"
  126. exit
  127. elif test ! -z $blacklist
  128. then
  129. echo "Note to self: add blacklist function, empty elif is not allowed in BASH."
  130. # Blacklist code
  131. elif test $update = 1
  132. then
  133. # Update Linux and determined-setup
  134. sudo apt-get update
  135. sudo apt-get upgrade
  136. curl -s "https://git.coolaj86.com/josh/raw/master/dss/setup.sh" | bash
  137. elif test $clean = 1
  138. then
  139. # Update
  140. sudo apt-get update
  141. sudo apt-get upgrade
  142. # Cleanup
  143. sudo apt-get clean
  144. sudo apt-get autoremove
  145. elif test $mon = 1
  146. then
  147. cd /home
  148. ./sysmon.sh -- email $email
  149. elif test $mon = 2
  150. then
  151. dss init
  152. curl -sO "https://git.coolaj86.com/josh/raw/master/dss/sysmon.sh"
  153. sudo mv sysmon.sh /home/.sysmon.sh
  154. ( sudo crontab -l ; echo "14 1 * * * /bin/bash -c "/home/.sysmon.sh --email $email"" &> "$logfile" ) | sudo crontab -
  155. else
  156. echo "dss $version"
  157. echo "Usage: dss [OPTION]"
  158. echo "You can run the following commands:"
  159. echo "dss --clean # Update the server and cleanup uneeded files and programs. Use with caution."
  160. echo "dss --log # Print the system log."
  161. echo "dss --authlog 1 # Print the SSH authentication log. Use 'dss authlog attacks' to show attacks on your SSH server."
  162. echo "dss --user USERNAME init # Setup server with server utilities and enable automatic security updates."
  163. exit 1
  164. fi