281 lines
		
	
	
		
			7.3 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
			
		
		
	
	
			281 lines
		
	
	
		
			7.3 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
| #!/bin/bash
 | |
| 
 | |
| seqDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )"
 | |
| toolName="snmpd"
 | |
| toolConfigLoc="/etc/snmp"
 | |
| toolConfig="${toolConfigLoc}/snmpd.conf"
 | |
| 
 | |
| 
 | |
| step_1_info() { echo "Install packages for $toolName"; }
 | |
| step_1_alias() { ALIAS="install"; }
 | |
| step_1() {
 | |
|   exe apt update
 | |
|   if [ $QUIET != 0 ]; then
 | |
|     exe apt-get -qq install $toolName
 | |
|   else
 | |
|     exe apt install $toolName
 | |
|   fi
 | |
|   endReturn -o $? "$toolName installation failed"
 | |
| }
 | |
| 
 | |
| step_2_info() { 
 | |
|   echo "Setup snmp v3 access [-s]"
 | |
|   echoinfo "  -s : Stop after creating authentication entry"
 | |
| }
 | |
| step_2() {
 | |
|   #
 | |
|   ## Create authentication entry
 | |
|   exep "cat \"$v3AuthLoc\" | grep -e '^\s*usmUser'"
 | |
|   if [ "$?" == "0" ]; then
 | |
|     echo
 | |
| 
 | |
|     exe read -p "User entry found. Continue: y/n(default)? " answer
 | |
|     case $answer in
 | |
|       [yY])
 | |
|         echo
 | |
|         echo Continuing installation...
 | |
|         ;;
 | |
|       *)
 | |
|         echo
 | |
|         echo Installation aborted
 | |
|         return 1; 
 | |
|         ;;
 | |
|     esac 
 | |
|   fi
 | |
| 
 | |
|   read -p "SNMPv3 Username: " v3User
 | |
|   read -s -p "SNMPv3 Password: " v3Pass
 | |
|   echo
 | |
|   read -s -p "Repeat Password: " v3Pass2
 | |
| 
 | |
|   if [ "$v3Pass" != "$v3Pass2" ] ; then
 | |
|     echoerr " [E] Password mismatch"
 | |
|     return 1
 | |
|   fi
 | |
|   echo
 | |
| 
 | |
|   exe service snmpd stop
 | |
| 
 | |
|   # this line will be replaced on start of snmpd with a line starting with:
 | |
|   # usmUser
 | |
|   v3AuthEntry="createUser ${v3User} SHA \"${v3Pass}\" DES" 
 | |
|   addConf -a "$v3AuthEntry" "$v3AuthLoc"
 | |
| 
 | |
|   shift
 | |
|   if [ ! -z $1 ] && [ "$1" == "-s" ] ; then
 | |
|     echo " [I] Stop after creating authentication config"
 | |
|     exe service snmpd start
 | |
|     return 0
 | |
|   fi
 | |
| 
 | |
|   #
 | |
|   ## Add custom base configuration
 | |
|   addConf -c "" "${toolConfig}"
 | |
|   exe cp "${seqDir}/snmpd.conf" "${toolConfig}"
 | |
| 
 | |
|   #
 | |
|   ## Add username as rouser
 | |
|   exe sed -i "s/authOnlyUser/${v3User}/" "$toolConfig"
 | |
| 
 | |
|   #
 | |
|   ## Write syslocation
 | |
|   exe read -p "sysLocation: " v3Location
 | |
|   exe read -p "sysContact (name <webmaster@example.com>): " v3Contact
 | |
| 
 | |
|   exe sed -i "s/\(sysLocation\s*\).*/\1${v3Location}/" "$toolConfig"
 | |
|   exe sed -i "s/\(sysContact\s*\).*/\1${v3Contact}/" "$toolConfig"
 | |
| 
 | |
|   exe service snmpd start
 | |
| }
 | |
| v3AuthLoc="/var/lib/snmp/snmpd.conf"
 | |
| 
 | |
| step_20_info() { echo "Extend $toolName for Raspberry Pi"; }
 | |
| step_20_alias() { ALIAS="raspberry"; }
 | |
| step_20() {
 | |
|   checkExtend raspberry
 | |
|   if [ "$?" != "0" ]; then
 | |
|     return 1
 | |
|   fi
 | |
| 
 | |
|   exe wget https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/raspberry.sh -O "${rpiExtendLoc}"
 | |
|   endReturn -o $? "Download failed"
 | |
|   exe chmod +x "$rpiExtendLoc"
 | |
| 
 | |
|   addConf -a "extend raspberry /etc/snmp/raspberry.sh" "$toolConfig"
 | |
|   addConf -c "$rpiSudoersContent" "$rpiSudoersLoc"
 | |
| 
 | |
|   exe service snmpd restart
 | |
| }
 | |
| 
 | |
| rpiExtendLoc="${toolConfigLoc}/raspberry.sh"
 | |
| rpiSudoersLoc="/etc/sudoers.d/snmprpi"
 | |
| rpiSudoersContent="
 | |
| Debian-snmp ALL=(ALL) NOPASSWD: /etc/snmp/raspberry.sh, /usr/bin/vcgencmd*"
 | |
| 
 | |
| step_22_info() { echo "Extend $toolName with OS update availablity"; }
 | |
| step_22_alias() { ALIAS="osupdate"; }
 | |
| step_22() {
 | |
|   checkExtend osupdate 
 | |
|   if [ "$?" != "0" ]; then
 | |
|     return 1
 | |
|   fi
 | |
|   
 | |
|   exe wget https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/osupdate -O "${osUpdateExtendLoc}"
 | |
|   endReturn -o $? "Download failed"
 | |
|   exe chmod +x "$osUpdateExtendLoc"
 | |
|   addConf -a "extend osupdate $osUpdateExtendLoc" "$toolConfig"
 | |
| 
 | |
|   exe service snmpd restart
 | |
| }
 | |
| osUpdateExtendLoc="${toolConfigLoc}/osupdate"
 | |
| 
 | |
| step_23_info() { echo "Create cron job for periodical (every 8 hours) apt-get update"; }
 | |
| step_23() {
 | |
|   addConf -s "$osUpdateCronContent" "$osUpdateCron"
 | |
| }
 | |
| osUpdateCron="/etc/cron.d/aptUpdate"
 | |
| osUpdateCronContent="22 */6 * * * root /usr/bin/apt-get -qq update"
 | |
| 
 | |
| step_25_info() { echo "Prepare nginx to provide php-fpm status to $toolName"; }
 | |
| step_25_alias() { ALIAS="phpfpm"; }
 | |
| step_25() {
 | |
|   echo -e "\n [!] Please add the following to your default server:\n"
 | |
|   echo "$phpFpmStatusNginx"
 | |
|   echo
 | |
|   if [ $QUIET -ne 0 ] ; then
 | |
|     answer=n
 | |
|   else
 | |
|     exe read -p "Open new shell to configure y/[n]? " answer
 | |
|   fi
 | |
|   case $answer in
 | |
|     [yY])
 | |
|       echo " [I] Opening interactive shell. Type \"exit\" to return to this script."
 | |
|       exe bash -i
 | |
|       echo " [I] Interactive shell ended. Continuing with $0."
 | |
|       exe nginx -t
 | |
|       endReturn -o $? "Nginx configuration error"
 | |
| 
 | |
|       exe service nginx restart
 | |
|       ;;
 | |
|     *)
 | |
|       ;;
 | |
|   esac
 | |
| }
 | |
| # TODO error when no php is installed
 | |
| phpVersionStr="$(php -r 'echo PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')"
 | |
| phpFpmStatusNginx="# Provide php-fpm status
 | |
| location ~ ^/(status|ping)\$ {
 | |
| access_log off;
 | |
| allow 127.0.0.1;
 | |
| allow ::1;
 | |
| deny all;
 | |
| include fastcgi_params;
 | |
| fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
 | |
| #fastcgi_pass 127.0.0.1:9000;
 | |
| fastcgi_pass   unix:/var/run/php/php${phpVersionStr}-fpm.sock;
 | |
| }"
 | |
| 
 | |
| step_26_info() { echo "Prepare php config for php-fpm status"; }
 | |
| step_26_alias() { ALIAS="phpfpm_config"; }
 | |
| step_26() {
 | |
|   exe sed -i "s/^;\(pm\.status_path\)/\1/" "$phpPoolConfigLoc"
 | |
|   exe php-fpm${phpVersionStr} -t
 | |
|   endReturn -o $? "Invalid php configuration"
 | |
| 
 | |
|   service php${phpVersionStr}-fpm restart
 | |
| }
 | |
| phpConfigDir="/etc/php/${phpVersionStr}"
 | |
| phpPoolConfigLoc="${phpConfigDir}/fpm/pool.d/www.conf"
 | |
| 
 | |
| step_27_info() { echo "Extend $toolName with parsing of php-fpm status"; }
 | |
| step_27_alias() { ALIAS="phpfpm_extend"; }
 | |
| step_27() {
 | |
|   checkExtend phpfpmsp
 | |
|   if [ "$?" != "0" ]; then
 | |
|     return 1
 | |
|   fi
 | |
| 
 | |
|   exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/phpfpmsp -O "${phpfpmExtendLoc}"
 | |
|   endReturn -o $? "Download failed"
 | |
|   exe chmod +x "$phpfpmExtendLoc"
 | |
| 
 | |
|   addConf -a "extend phpfpmsp ${phpfpmExtendLoc}" "$toolConfig"
 | |
| 
 | |
|   exe service snmpd restart
 | |
| }
 | |
| phpfpmExtendLoc="${toolConfigLoc}/phpfpmsp"
 | |
| 
 | |
| step_29_info() { echo "Prepare nginx to provide status to $toolName"; }
 | |
| step_29_alias() { ALIAS="nginx"; }
 | |
| step_29() {
 | |
|   echo -e "\n [!] Please add the following to your default server:\n"
 | |
|   echo "$nginxStatus"
 | |
|   echo
 | |
|   if [ $QUIET -ne 0 ] ; then
 | |
|     answer=n
 | |
|   else
 | |
|     exe read -p "Open new shell to configure y/[n]? " answer
 | |
|   fi
 | |
|   case $answer in
 | |
|     [yY])
 | |
|       echo " [I] Opening interactive shell. Type \"exit\" to return to this script."
 | |
|       exe bash -i
 | |
|       echo " [I] Interactive shell ended. Continuing with $0."
 | |
|       exe nginx -t
 | |
|       endReturn -o $? "Nginx configuration error"
 | |
| 
 | |
|       exe service nginx restart
 | |
|       ;;
 | |
|     *)
 | |
|       ;;
 | |
|   esac
 | |
| }
 | |
| nginxStatus="# Provide nginx status
 | |
| location /nginx-status {
 | |
| stub_status on;
 | |
| access_log   off;
 | |
| allow 127.0.0.1;
 | |
| allow ::1;
 | |
| deny all;
 | |
| }
 | |
| "
 | |
| step_30_info() { echo "Extend $toolName with parsing of nginx status"; }
 | |
| step_30_alias() { ALIAS="nginx_extend"; }
 | |
| step_30() {
 | |
|   checkExtend nginx
 | |
|   if [ "$?" != "0" ]; then
 | |
|     return 1
 | |
|   fi
 | |
| 
 | |
|   exe wget https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/nginx -O "${nginxExtendLoc}"
 | |
|   endReturn -o $? "Download failed"
 | |
|   exe chmod +x "$nginxExtendLoc"
 | |
| 
 | |
|   addConf -a "extend nginx ${nginxExtendLoc}" "$toolConfig"
 | |
| 
 | |
|   exe service snmpd restart
 | |
| }
 | |
| nginxExtendLoc="${toolConfigLoc}/nginx"
 | |
| 
 | |
| #fail2ban
 | |
| #exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/fail2ban -O "${toolConfig}/fail2ban"
 | |
| 
 | |
| checkExtend() {
 | |
|   # adding dry run output for clarification
 | |
|   if [ "$DRY" != "0" ] ; then
 | |
|     echo " [I] check if \"extend ${1}\" exists..dry-run"
 | |
|   fi
 | |
| 
 | |
|   exep "cat \"$toolConfig\" | grep -e '^\s*extend\s\+${1}' >>/dev/null 2>&1"
 | |
|   # Only warn if entry exists and dry-run is not seleted
 | |
|   if [ "$?" == "0" ] && [ "$DRY" == "0" ] ; then  
 | |
|     echoerr " [W] Extend for ${1} exists"
 | |
|     return 1
 | |
|   fi 
 | |
|   
 | |
|   return 0
 | |
| }
 | |
| 
 | |
| VERSION_SEQREV=10
 | |
| . /usr/local/bin/sequencer.sh
 |