efelon/shell_sequencer
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

New steps for fail2ban and postfix (postfix-queue postfixdetailed)

Browse Source
This commit is contained in:
Martin Winkler
2021-01-17 22:44:45 +01:00
parent 6c2dc20d1b
commit 22e10edbad
1 changed files with 87 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
seqs/snmp.sh
View File

@@ -260,8 +260,94 @@ step_30() {
} }
nginxExtendLoc="${toolConfigLoc}/nginx" nginxExtendLoc="${toolConfigLoc}/nginx"
# postfix
step_32_info() { echo "Extend for postfix detailed and queue"; }
step_32_alias() { ALIAS="postfix"; }
step_32() {
local aptOpt=
if [ $QUIET -ne 0 ];then
aptOpt="-y"
fi
exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/postfix-queues -O "${postfixQueuesExtendLoc}"
endReturn -o $? "Download postfix-queues failed"
exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/postfixdetailed -O "${postfixScript}"
endReturn -o $? "Download postfixdetailed failed"
exe chmod +x "${postfixQueuesExtendLoc}"
exe chmod +x "${postfixScript}"
exe apt install $postfixDeps $aptOpt
}
postfixDeps="pflogsumm"
step_33_info() { echo "Prepare cache folder for postfix details"; }
step_33() {
exe touch "$postfixCacheLoc"
exe chown root:$toolSysUser "$postfixCacheLoc"
exe chmod 770 "$postfixCacheLoc"
echo " [I] Create symlink /var/log/maillog which is used by postfixdetailed"
exe ln -fs /var/log/mail.log /var/log/maillog
echo " [I] Run /etc/snmp/postfixdetailed to create the initial cache file"
echo " so you don't end up with some crazy initial starting value."
exe sudo -u $toolSysUser "$postfixScript"
}
postfixCacheLoc="/var/cache/postfixdetailed"
postfixScript="${toolConfigLoc}/postfixdetailed"
postfixQueuesExtendLoc="${toolConfigLoc}/postfix-queues"
step_34_info() { echo "Create postfix extends (postfixdetailed and postfix-queues)"; }
step_34() {
checkExtend postfix-queues
if [ $? -eq 0 ]; then
echo " [I] Create postfix-queues extend"
addConf -a "extend mailq ${postfixQueuesExtendLoc}" "$toolConfig"
fi
checkExtend postfix-queues
if [ $? -eq 0 ]; then
echo " [I] Create postfixdetailed extend"
addConf -a "extend postfixdetailed ${postfixScript}" "$toolConfig"
fi
exe service snmpd restart
}
#fail2ban #fail2ban
#exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/fail2ban -O "${toolConfig}/fail2ban" step_36_info() { echo "Extend for fail2ban jail information"; }
step_36_alias() { ALIAS="fail2ban"; }
step_36(){
local aptOpt=
if [ $QUIET -ne 0 ];then
aptOpt="-y"
fi
exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/fail2ban -O "${fail2banExtendLoc}"
endReturn -o $? "Download postfix failed"
exe chmod +x "$fail2banExtendLoc"
checkExtend fail2ban
if [ $? -eq 0 ]; then
echo " [I] Create fail2ban extend"
addConf -a "extend fail2ban ${fail2banExtendLoc} -c" "$toolConfig"
else
echo " [W] Fail2ban extend already included"
fi
exe apt install $fail2banDeps $aptOpt
}
fail2banDeps="libjson-perl"
fail2banExtendLoc="${toolConfigLoc}/fail2ban"
step_37_info() { echo "Create cron to update fail2ban cache"; }
step_37() {
addConf -s "$fail2banCron" "$fail2banCronLoc"
}
fail2banCronLoc="/etc/cron.d/fail2banCache"
fail2banCron="# Update cache for faster fail2ban polling
*/3 * * * * root ${fail2banExtendLoc} -u"
checkExtend() { checkExtend() {
# adding dry run output for clarification # adding dry run output for clarification