efelon/shell_sequencer
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

Used sequpgrade.sh to upgrade existing seqs

Browse Source
This commit is contained in:
Martin Winkler
2022-05-29 20:58:23 +02:00
parent 10ee4198f0
commit 6214493c18
57 changed files with 802 additions and 806 deletions
Download Patch File Download Diff File Expand all files Collapse all files

126
seqs/snmp.sh
View File

@@ -6,9 +6,9 @@ toolConfigLoc="/etc/snmp"
toolConfig="${toolConfigLoc}/snmpd.conf"
toolSysUser="Debian-snmp"
step_config() {
seq_config() {
## Apt cmdline option to suppress user interaction
[ $QUIET -ne 0 ] && APTOPT="-y"
quiet && APTOPT="-y"
## Return of non zero value will abort the sequence
return 0
@@ -16,10 +16,10 @@ step_config() {
step_1_info() { echo "Install packages for $toolName"; }
step_1_alias() { ALIAS="install"; }
step_1_alias() { echo "install"; }
step_1() {
exe apt update
if [ $QUIET != 0 ]; then
if quiet; then
exe apt-get -qq install $toolName
else
exe apt install $toolName
@@ -32,23 +32,23 @@ step_2_info() {
echo "Setup snmp v3 access"
echoinfo " -s : Stop after creating authentication entry"
}
step_2_alias() { ALIAS="v3access"; }
step_2_alias() { echo "v3access"; }
step_2() {
#
## Create authentication entry
exep "cat \"$v3AuthLoc\" | grep -e '^\s*usmUser'"
if [ "$?" == "0" ]; then
echoseq
info
exe read -p "User entry found. Continue: y/n(default)? " answer
case $answer in
[yY])
echoseq
echoseq "Continuing installation..."
info
info "Continuing installation..."
;;
*)
echoseq
echoseq "Installation aborted"
info
info "Installation aborted"
return 1;
;;
esac
@@ -56,14 +56,14 @@ step_2() {
read -p "SNMPv3 Username: " v3User
read -p "SNMPv3 Password: " v3Pass
echoseq
info
read -p "Repeat Password: " v3Pass2
if [ "$v3Pass" != "$v3Pass2" ] ; then
echoerr " [E] Password mismatch"
error -e "Password mismatch"
return 1
fi
echoseq
info
exe service snmpd stop
@@ -74,7 +74,7 @@ step_2() {
shift
if [ ! -z $1 ] && [ "$1" == "-s" ] ; then
echoseq " [I] Stop after creating authentication config"
info "Stop after creating authentication config"
exe service snmpd start
return 0
fi
@@ -105,7 +105,7 @@ step_5_info() {
echo "Add ufw rules for port 161 udp"
echoinfo " [INTERFACE] (default: eth0)"
}
step_5_alias() { ALIAS="ufw"; }
step_5_alias() { echo "ufw"; }
step_5() {
shift
local lInterface="eth0"
@@ -118,7 +118,7 @@ step_5() {
}
step_20_info() { echo "Extend $toolName for Raspberry Pi"; }
step_20_alias() { ALIAS="raspberry"; }
step_20_alias() { echo "raspberry"; }
step_20() {
checkExtend raspberry
if [ "$?" != "0" ]; then
@@ -143,7 +143,7 @@ rpiSudoersLoc="/etc/sudoers.d/snmprpi"
rpiSudoersContent="${toolSysUser} ALL=(ALL) NOPASSWD: /etc/snmp/raspberry.sh, /usr/bin/vcgencmd*"
step_22_info() { echo "Extend $toolName with OS update availablity"; }
step_22_alias() { ALIAS="osupdate"; }
step_22_alias() { echo "osupdate"; }
step_22() {
checkExtend osupdate
if [ "$?" != "0" ]; then
@@ -167,21 +167,21 @@ osUpdateCron="/etc/cron.d/aptUpdate"
osUpdateCronContent="22 */6 * * * root /usr/bin/apt-get -qq update"
step_25_info() { echo "Prepare nginx to provide php-fpm status to $toolName"; }
step_25_alias() { ALIAS="phpfpm"; }
step_25_alias() { echo "phpfpm"; }
step_25() {
echo -e "\n [!] Please add the following to your default server:\n"
echo "$phpFpmStatusNginx"
echo
if [ $QUIET -ne 0 ] ; then
if quiet ; then
answer=n
else
exe read -p "Open new shell to configure y/[n]? " answer
fi
case $answer in
[yY])
echoseq " [I] Opening interactive shell. Type \"exit\" to return to this script."
info "Opening interactive shell. Type \"exit\" to return to this script."
exe bash -i
echoseq " [I] Interactive shell ended. Continuing with $0."
info "Interactive shell ended. Continuing with $0."
exe nginx -t
endReturn -o $? "Nginx configuration error"
@@ -206,7 +206,7 @@ fastcgi_pass unix:/var/run/php/php${phpVersionStr}-fpm.sock;
}"
step_26_info() { echo "Prepare php config for php-fpm status"; }
step_26_alias() { ALIAS="phpfpm_config"; }
step_26_alias() { echo "phpfpm_config"; }
step_26() {
exe sed -i "s/^;\(pm\.status_path\)/\1/" "$phpPoolConfigLoc"
exe php-fpm${phpVersionStr} -t
@@ -218,7 +218,7 @@ phpConfigDir="/etc/php/${phpVersionStr}"
phpPoolConfigLoc="${phpConfigDir}/fpm/pool.d/www.conf"
step_27_info() { echo "Extend $toolName with parsing of php-fpm status"; }
step_27_alias() { ALIAS="phpfpm_extend"; }
step_27_alias() { echo "phpfpm_extend"; }
step_27() {
checkExtend phpfpmsp
if [ "$?" != "0" ]; then
@@ -236,21 +236,21 @@ step_27() {
phpfpmExtendLoc="${toolConfigLoc}/phpfpmsp"
step_29_info() { echo "Prepare nginx to provide status to $toolName"; }
step_29_alias() { ALIAS="nginx"; }
step_29_alias() { echo "nginx"; }
step_29() {
echoseq -e "\n [!] Please add the following to your default server:\n"
echoseq "$nginxStatus"
echoseq
if [ $QUIET -ne 0 ] ; then
info -e "\n [!] Please add the following to your default server:\n"
info "$nginxStatus"
info
if quiet ; then
answer=n
else
exe read -p "Open new shell to configure y/[n]? " answer
fi
case $answer in
[yY])
echoseq " [I] Opening interactive shell. Type \"exit\" to return to this script."
info "Opening interactive shell. Type \"exit\" to return to this script."
exe bash -i
echoseq " [I] Interactive shell ended. Continuing with $0."
info "Interactive shell ended. Continuing with $0."
exe nginx -t
endReturn -o $? "Nginx configuration error"
@@ -270,7 +270,7 @@ deny all;
}
"
step_30_info() { echo "Extend $toolName with parsing of nginx status"; }
step_30_alias() { ALIAS="nginx_extend"; }
step_30_alias() { echo "nginx_extend"; }
step_30() {
checkExtend nginx
if [ "$?" != "0" ]; then
@@ -289,10 +289,10 @@ nginxExtendLoc="${toolConfigLoc}/nginx"
# postfix
step_32_info() { echo "Extend for postfix detailed and queue"; }
step_32_alias() { ALIAS="postfix"; }
step_32_alias() { echo "postfix"; }
step_32() {
local aptOpt=
if [ $QUIET -ne 0 ];then
if quiet;then
aptOpt="-y"
fi
@@ -314,11 +314,11 @@ step_33() {
exe chown root:$toolSysUser "$postfixCacheLoc"
exe chmod 770 "$postfixCacheLoc"
echoseq " [I] Create symlink /var/log/maillog which is used by postfixdetailed"
info "Create symlink /var/log/maillog which is used by postfixdetailed"
exe ln -fs /var/log/mail.log /var/log/maillog
echoseq " [I] Run /etc/snmp/postfixdetailed to create the initial cache file"
echoseq " so you don't end up with some crazy initial starting value."
info "Run /etc/snmp/postfixdetailed to create the initial cache file"
info " so you don't end up with some crazy initial starting value."
exe sudo -u $toolSysUser "$postfixScript"
}
postfixCacheLoc="/var/cache/postfixdetailed"
@@ -328,9 +328,9 @@ postfixQueuesExtendLoc="${toolConfigLoc}/postfix-queues"
step_34_info() { echo "Create sudoers file for postfix scripts"; }
step_34() {
addConf -s "$postfixSudoersContent" "$postfixSudoersLoc"
echoseq " [I] Changing ${postfixQueuesExtendLoc} to add sudo for qshape"
info "Changing ${postfixQueuesExtendLoc} to add sudo for qshape"
exe sed -i -E "s/\`qshape/\`sudo qshape/" "${postfixQueuesExtendLoc}"
echoseq " [W] Reboot may be required to make these changes active"
warning "Reboot may be required to make these changes active"
}
postfixSudoersLoc="/etc/sudoers.d/snmppostfix"
postfixSudoersContent="${toolSysUser} ALL=(ALL) NOPASSWD: /usr/sbin/qshape"
@@ -339,12 +339,12 @@ step_35_info() { echo "Create postfix extends (postfixdetailed and postfix-queue
step_35() {
checkExtend postfix-queues
if [ $? -eq 0 ]; then
echoseq " [I] Create postfix-queues extend"
info "Create postfix-queues extend"
addConf -a "extend mailq ${postfixQueuesExtendLoc}" "$toolConfig"
fi
checkExtend postfixdetailed
if [ $? -eq 0 ]; then
echoseq " [I] Create postfixdetailed extend"
info "Create postfixdetailed extend"
addConf -a "extend postfixdetailed ${postfixScript}" "$toolConfig"
fi
@@ -353,10 +353,10 @@ step_35() {
#fail2ban
step_37_info() { echo "Extend for fail2ban jail information"; }
step_37_alias() { ALIAS="fail2ban"; }
step_37_alias() { echo "fail2ban"; }
step_37(){
local aptOpt=
if [ $QUIET -ne 0 ];then
if quiet;then
aptOpt="-y"
fi
@@ -367,7 +367,7 @@ step_37(){
checkExtend fail2ban
if [ $? -eq 0 ]; then
echoseq " [I] Create fail2ban extend"
info "Create fail2ban extend"
addConf -a "extend fail2ban ${fail2banExtendLoc} -c" "$toolConfig"
fi
@@ -385,7 +385,7 @@ fail2banCron="# Update cache for faster fail2ban polling
*/3 * * * * root ${fail2banExtendLoc} -u"
step_40_info() { echo "Create linux distribution detection extend (distro)"; }
step_40_alias() { ALIAS="distro"; }
step_40_alias() { echo "distro"; }
step_40() {
checkExtend distro
if [ $? -ne 0 ]; then
@@ -396,7 +396,7 @@ step_40() {
endReturn -o $? "Download distro detection script failed"
exe chmod +x "$distroExtendLoc"
echoseq " [I] Create distro extend"
info "Create distro extend"
addConf -a "extend distro ${distroExtendLoc}" "$toolConfig"
exe service snmpd restart
@@ -408,7 +408,7 @@ step_42_info() {
echo "Gather dhcp information from a dhcpd lease file"
echoinfo "pi-hole lease file not supported"
}
step_42_alias() { ALIAS="dhcp"; }
step_42_alias() { echo "dhcp"; }
step_42() {
local locExtName="dhcpstats"
local locExtUrl="https://github.com/librenms/librenms-agent/raw/master/snmp/dhcp.py"
@@ -424,10 +424,10 @@ step_42() {
endReturn -o $? "Download $locExtName script failed"
exe chmod +x "$locExtLoc"
echoseq " [I] Create extend for $locExtName"
info "Create extend for $locExtName"
addConf -a "extend $locExtName ${locExtLoc}" "$toolConfig"
echoseq " [I] Create config for $locExtName"
info "Create config for $locExtName"
addConf -s "$dhcpExtendConfig" "$dhcpExtendConfigLoc"
echo " [W] Adapt config $dhcpExtendConfigLoc manually and restart snmpd"
@@ -437,7 +437,7 @@ dhcpExtendConfig="{\"leasefile\": \"/var/lib/dhcp/dhcpd.leases\"
}"
step_44_info() { echo "Extend unbound stats"; }
step_44_alias() { ALIAS="unbound"; }
step_44_alias() { echo "unbound"; }
step_44() {
local locExtName="unbound"
local locExtUrl="https://github.com/librenms/librenms-agent/raw/master/snmp/unbound"
@@ -450,10 +450,10 @@ step_44() {
endReturn -o $? "Download $locExtName script failed"
exe chmod +x "$locExtLoc"
echoseq " [I] Create extend for $locExtName"
info "Create extend for $locExtName"
addConf -a "extend $locExtName /usr/bin/sudo ${locExtLoc}" "$toolConfig"
echoseq " [I] Create config for $locExtName"
info "Create config for $locExtName"
addConf -s "$unboundExtendConfig" "$unboundExtendConfigLoc"
exe systemctl restart unbound.service
@@ -480,7 +480,7 @@ unboundSudoerLoc="/etc/sudoers.d/snmpunbound"
unboundSudoer="Debian-snmp ALL=(ALL) NOPASSWD: /usr/sbin/unbound-control, ${toolConfigLoc}/unbound"
step_46_info() { echo "Extend pi-hole stats"; }
step_46_alias() { ALIAS="pihole"; }
step_46_alias() { echo "pihole"; }
step_46() {
local locExtName="pi-hole"
local locExtUrl="https://github.com/librenms/librenms-agent/raw/master/snmp/pi-hole"
@@ -495,19 +495,19 @@ step_46() {
endReturn -o $? "Download $locExtName script failed"
exe chmod +x "$locExtLoc"
echoseq " [I] Create extend for $locExtName"
info "Create extend for $locExtName"
addConf -a "extend $locExtName ${locExtLoc}" "$toolConfig"
if [ $QUIET -ne 0 ]; then
outColor red
if quiet; then
color red
echo -e " [W] Check the following in the extend script and restart snmpd:\n"
else
echo " [I] Check the follwing in the extend script:"
fi
echo "(API_AUTH_KEY) Add your pi-hole API key"
echo " (API_URL) and check the API URL"
outColor
if [ $QUIET -eq 0 ]; then
color
if interactive; then
exe read -p "Hit Enter to continue..."
exe vi "$locExtLoc"
exe systemctl restart snmpd.service
@@ -516,9 +516,9 @@ step_46() {
piholeDeps="jq"
step_100_info() { echo "Notes"; }
step_100_alias() { ALIAS="notes"; }
step_100_alias() { echo "notes"; }
step_100() {
outColor green
color green
cat <<NOTES_END
# Reduce log level of snmpd
@@ -565,18 +565,18 @@ NOTES_END
checkExtend() {
# adding dry run output for clarification
if [ $DRY -ne 0 ] ; then
echoseq " [I] check if \"extend ${1}\" exists..dry-run"
if dry ; then
info "check if \"extend ${1}\" exists..dry-run"
fi
exep "cat \"$toolConfig\" | grep -e '^\s*extend\s\+${1}' >>/dev/null 2>&1"
# Only warn if entry exists and dry-run is not seleted
if [ $? -eq 0 ] && [ $DRY -eq 0 ] ; then
if [ $? -eq 0 ] && ! dry ; then
return 1
fi
return 0
}
VERSION_SEQREV=15
readonly sqr_minVersion=16
. /usr/local/bin/sequencer.sh