From 16d3474327644bad618dcf5fb4548a8d52e7c2f8 Mon Sep 17 00:00:00 2001 From: Georg Date: Wed, 21 Jul 2021 13:47:29 +0200 Subject: Initial Scripts Run Signed-off-by: Georg --- scripts/README.md | 1 + scripts/bash/README.md | 1 + scripts/bash/pdns_init_zone | 46 +++++++++++++++++++++++++++++++++++++++++++++ scripts/bash/restic_run | 16 ++++++++++++++++ scripts/perl/README.md | 1 + scripts/perl/botproc.pl | 34 +++++++++++++++++++++++++++++++++ scripts/sh/README.md | 1 + 7 files changed, 100 insertions(+) create mode 100644 scripts/README.md create mode 100644 scripts/bash/README.md create mode 100644 scripts/bash/pdns_init_zone create mode 100644 scripts/bash/restic_run create mode 100644 scripts/perl/README.md create mode 100644 scripts/perl/botproc.pl create mode 100644 scripts/sh/README.md diff --git a/scripts/README.md b/scripts/README.md new file mode 100644 index 0000000..a67dc6d --- /dev/null +++ b/scripts/README.md @@ -0,0 +1 @@ +This contains scripts which are generally called manually or through cronjobs. Scripts which serve integrated purposese, i.e. init scripts, are to be found in the respective service directories. diff --git a/scripts/bash/README.md b/scripts/bash/README.md new file mode 100644 index 0000000..69af5a6 --- /dev/null +++ b/scripts/bash/README.md @@ -0,0 +1 @@ +Contains scripts desgined to be executed through the Bourne Again Shell (#!/bin/bash). diff --git a/scripts/bash/pdns_init_zone b/scripts/bash/pdns_init_zone new file mode 100644 index 0000000..bcdc3d8 --- /dev/null +++ b/scripts/bash/pdns_init_zone @@ -0,0 +1,46 @@ +#!/bin/bash + +PDNSGROUP="pdns" + +if id -nG $(id -un) | grep -qw "$PDNSGROUP"; then + +if [ $# -eq 0 ] || [ $1 == "help" ] || [ $1 == "h" ] || [ $1 == "-h" ] || [ $1 == "-help" ] || [ $1 == "--help" ]; then + echo "=======================================================" + echo "This script will create and secure a new zone in the Lysergic PowerDNS cluster." + echo "Please run it by specifying the desired domain name as an argument." + echo "Syntax: $ bash domain.sh example.com" + echo "Warning: No syntax check will be performed. Make sure you type the domain name exactly right or you'll cause a deep fucking mess." + echo "=======================================================" + exit 1 +fi + +else + echo "You do not belong to the group $PDNSGROUP and hence are not allowed to run this program." + echo "Assign yourself to the group or contact someone who is authorized to do so." + exit 1 +fi + +DOMAIN=$1 +NS1="ns1.3zy.de" +NS2="ns2.3zy.de" +NS3="ns3.3zy.de" + +echo "===================================================" +echo "===== CREATING ZONE FOR DOMAIN $DOMAIN =====" +echo "===================================================" +/usr/bin/pdnsutil create-zone $DOMAIN $NS1 +#/usr/bin/pdnsutil add-record $DOMAIN . SOA '$NS1 system.lysergic.dev 1 010800 3600 604800 3600' +#/usr/bin/pdnsutil add-record $DOMAIN . NS $NS1 +/usr/bin/pdnsutil add-record $DOMAIN . NS $NS2 +/usr/bin/pdnsutil add-record $DOMAIN . NS $NS3 +echo "===================================================" +echo "================= ENABLING DNSSEC =================" +echo "===================================================" +/usr/bin/pdnsutil secure-zone $DOMAIN +/usr/bin/pdnsutil set-nsec3 $DOMAIN '1 0 1 ab' +/usr/bin/pdnsutil rectify-zone $DOMAIN +echo "===================================================" +/usr/bin/pdnsutil show-zone $DOMAIN +echo "===================================================" +/usr/bin/pdnsutil list-zone $DOMAIN +echo "===================================================" diff --git a/scripts/bash/restic_run b/scripts/bash/restic_run new file mode 100644 index 0000000..0b60c40 --- /dev/null +++ b/scripts/bash/restic_run @@ -0,0 +1,16 @@ +#!/bin/bash +#/usr/bin/echo Executing Restic S3 Backup for $(hostname -f) +export RESTIC_REPOSITORY="s3:https://$S3HOST/$S3BUCKET" +export RESTIC_PASSWORD_FILE="/etc/restic/.sec" +export AWS_ACCESS_KEY_ID="$S301" +export AWS_SECRET_ACCESS_KEY="$S302" +export RESTIC_CACHE_DIR="/opt/restic/cache" +EXCLUDE=".restic.excludes" +/usr/bin/restic --verbose backup --exclude-file="/etc/$EXCLUDE" /etc +echo "EXIT $?" +/usr/bin/restic --verbose backup --exclude-file="/home/$EXCLUDE" /home +echo "EXIT $?" +/usr/bin/restic --verbose backup --exclude-file="/opt/$EXCLUDE" /opt +echo "EXIT $?" +/usr/bin/restic --verbose backup --exclude-file="/srv/$EXCLUDE" /srv +echo "EXIT $?" diff --git a/scripts/perl/README.md b/scripts/perl/README.md new file mode 100644 index 0000000..6362185 --- /dev/null +++ b/scripts/perl/README.md @@ -0,0 +1 @@ +Contains scripts designed to be executed through Perl interpreters (#!/bin/perl). diff --git a/scripts/perl/botproc.pl b/scripts/perl/botproc.pl new file mode 100644 index 0000000..3ea4e9d --- /dev/null +++ b/scripts/perl/botproc.pl @@ -0,0 +1,34 @@ +#!/usr/bin/perl + +# Work in progress. +# Requires botproc.ini. + +use Config::Tiny; +use Net::OpenSSH; +use warnings; +use strict; +#use feature qw(say); + +my $config = Config::Tiny->new; +$config = Config::Tiny->read( 'botproc.ini' ); + +foreach my $section (keys %{$config}) { + my $host = "$section"; + my $OS = $config->{$section}->{OS}; + #print 'The OS of ', $host, ' is ', $OS, "\n"; + my $user = $config->{$section}->{User}; + my $keyname = $config->{$section}->{Key}; + my $keypath = "/home/georg/.ssh/" . $keyname; + my $port = $config->{$section}->{Port}; + print 'Connecting to ', $host, ':', $port, ' as ', $user, ' using key ', $keyname, "\n"; + my $ssh = Net::OpenSSH->new($host, user => $user, port => $port, key_path => $keypath); + $ssh->error and + die "FATAL: ", $ssh->error; + $ssh->system("uname -a") or + die "Remote command failed: ", $ssh->error; + my ($df, $err) = $ssh->pipe_out("df -h /") or + die "df query failed: " . $ssh->error; + print "Root Partition:\n"; + while (<$df>) { print } + close $df; +} diff --git a/scripts/sh/README.md b/scripts/sh/README.md new file mode 100644 index 0000000..b72121f --- /dev/null +++ b/scripts/sh/README.md @@ -0,0 +1 @@ +Contains scripts desgined to be executed through the Bourne Shell or compatible derivates (#!/bin/sh). -- cgit v1.2.3