From: Frank Brehm Date: Fri, 26 Nov 2021 08:54:30 +0000 (+0100) Subject: Moving scripts to scripts/ X-Git-Tag: 0.4.1~5^2~25 X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=e0a8d2dc5072b3168148f3c1c46699e21b6e72c7;p=pixelpark%2Fpp-admin-tools.git Moving scripts to scripts/ --- diff --git a/bin/backup-pgsql.sh b/bin/backup-pgsql.sh deleted file mode 100755 index 20f00ee..0000000 --- a/bin/backup-pgsql.sh +++ /dev/null @@ -1,636 +0,0 @@ -#!/usr/bin/env bash - -########################### -# REQUIREMENTS -########################### -# -# * Required commands: -# + pg_dump -# + du -# + tee -# + bzip2 # If bzip2 is not available, change 'CMD_COMPRESS' -# # to use 'gzip' or whatever compress command you want. -# - -########################### -# USAGE -########################### -# -# * It stores all backup copies in directory '/var/vmail/backup' by default, -# You can change it in variable $BACKUP_ROOTDIR below or via the -b parameter. -# -# * Set correct values for below variables: -# -# PGSQL_SYS_USER -# BACKUP_ROOTDIR -# -# * Add crontab job for root user (or whatever user you want): -# -# # crontab -e -u postgres -# 1 4 * * * bash /path/to/backup_pgsql.sh -q -# -# * Make sure 'crond' service is running. -# - -set -e -set -u - -export LC_ALL=C -export LANG=C - -VERBOSE="n" -DEBUG="n" -QUIET='n' - -VERSION="3.2" - -# console colors: -RED="" -YELLOW="" -GREEN="" -BLUE="" -NORMAL="" - -HAS_TTY='y' - -BASENAME="$(basename ${0})" -BASE_DIR="$(dirname ${0})" - -declare -a DATABASES=() - -######################################################### -# Modify below variables to fit your need ---- -######################################################### -# Keep backup for how many days. Default is 90 days. -KEEP_DAYS='30' - -# System user used to run PostgreSQL daemon. -# - On Linux, it's postgres. -# - On FreeBSD, it's pgsql. -# - On OpenBSD, it's _postgresql. -PGSQL_SYS_USER="postgres" - -# Where to store backup copies. -BACKUP_ROOTDIR="/var/backup/pgsql" - -# Date. -YEAR="$( date +%Y)" -MONTH="$( date +%m)" -DAY="$( date +%d)" -TIME="$( date +%H:%M:%S)" -TIMESTAMP="${YEAR}-${MONTH}-${DAY}-${TIME}" - -# Pre-defined backup status -BACKUP_SUCCESS='YES' - -# Define, check, create directories. -BACKUP_DIR="${BACKUP_ROOTDIR}/${YEAR}/${MONTH}/${DAY}" -TMP_DIR= -LOGFILE="/dev/null" - -BYTES_TOTAL="0" - -#------------------------------------------------------------------- -detect_color() { - - local safe_term="${TERM//[^[:alnum:]]/?}" - local match_lhs="" - local use_color="false" - [[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" - [[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ - && match_lhs=$(dircolors --print-database) - [[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color="true" - - # console colors: - if [ "${use_color}" = "true" ] ; then - RED="\033[38;5;196m" - YELLOW="\033[38;5;226m" - GREEN="\033[38;5;46m" - BLUE="\033[38;5;27m" - NORMAL="\033[39m" - else - RED="" - YELLOW="" - GREEN="" - BLUE="" - NORMAL="" - fi - - local my_tty=$(tty) - if [[ "${my_tty}" =~ 'not a tty' ]] ; then - my_tty='-' - fi - - if [[ "${my_tty}" = '-' || "${safe_term}" = "dump" ]] ; then - HAS_TTY='n' - fi - -} -detect_color - -#------------------------------------------------------------------------------ -description() { - echo -e $( cat <<-EOF - Creates a backup of all databases of the PostgreSQL installatio - on the current host. - - Only the user '${GREEN}${PGSQL_SYS_USER}${NORMAL}' may execute this script. - - EOF - ) -} - -#------------------------------------------------------------------------------ -usage() { - cat <<-EOF - Usage: ${BASENAME} [-K DAYS|--keep=DAYS] [-b DIR|--backupdir=DIR] [-d|--debug] [[-v|--verbose] | [-q|--quiet]]] [--nocolor] - ${BASENAME} [-h|--help] - ${BASENAME} [-V|--version] - - Options: - -K|--keep DAYS Keep the backup files of the last DAYS. Default: ${KEEP_DAYS} days. - -b|--backupdir DIR - Set root backup directory. Default: ${BACKUP_ROOTDIR} - -d|--debug Debug output (bash -x). - -v|--verbose Set verbosity on. Mutually exclusive to '--quiet'. - -q|--quiet Quiet execution, only errors and warnings are shown. - --nocolor Don't use colors on display. - -h|--help Show this output and exit. - -V|--version prints out version number of the script and exit - EOF -} - - -#------------------------------------------------------------------------------ -get_options() { - - local tmp= - local base_dir= - - set +e - tmp=$( getopt -o K:b:dvqhV \ - --long keep:,backupdir:,debug,verbose,quiet,nocolor,help,version \ - -n "${BASENAME}" -- "$@" ) - if [[ $? != 0 ]] ; then - echo "" >&2 - usage >&2 - exit 1 - fi - set -e - - # Note the quotes around `$TEMP': they are essential! - eval set -- "${tmp}" - - local p= - - while true ; do - case "$1" in - -K|--keep) - KEEP_DAYS="$2" - shift - shift - ;; - -b|--backupdir) - BACKUP_ROOTDIR="$2" - BACKUP_DIR="${BACKUP_ROOTDIR}/${YEAR}/${MONTH}/${DAY}" - shift - shift - ;; - -d|--debug) - DEBUG="y" - shift - ;; - -v|--verbose) - VERBOSE="y" - shift - ;; - -q|--quiet) - QUIET="y" - RED="" - YELLOW="" - GREEN="" - BLUE="" - NORMAL="" - shift - ;; - --nocolor) - RED="" - YELLOW="" - GREEN="" - BLUE="" - NORMAL="" - shift - ;; - -h|--help) - description - echo - usage - exit 0 - ;; - -V|--version) - echo "${BASENAME} version: ${VERSION}" - exit 0 - ;; - --) shift - break - ;; - *) echo "Internal error!" - exit 1 - ;; - esac - done - - if [[ "${DEBUG}" = "y" ]] ; then - set -x - fi - if [[ "${VERBOSE}" == "y" && "${QUIET}" == "y" ]] ; then - error "The parameters '${RED}${VERBOSE}${NORMAL}' and '${RED}${VERBOSE}${NORMAL}' are mutually exclusive." - usage >&2 - exit 1 - fi - - local keep_int=$(( $KEEP_DAYS + 0 )) - if [[ "${keep_int}" -le "0" ]] ; then - error "Invalid number of days '${RED}${KEEP_DAYS}${NORMAL}' to keep backup files." - echo >&2 - description >&2 - echo - usage >&2 - exit 1 - fi - debug "Keeping backupfiles, which are not older than ${keep_int} days." - KEEP_DAYS="${keep_int}" - - local cur_user=$( id -u -n ) - if [[ "${cur_user}" != "${PGSQL_SYS_USER}" ]] ; then - error "Wrong user '${RED}${cur_user}${NORMAL}'." - echo >&2 - description >&2 - echo - usage >&2 - exit 1 - fi - -} - -######################################### -# Some often used funktions - -#------------------------------------------------------------------------------ -my_date() { - date +'%F %T.%N %:::z' -} - -#------------------------------------------------------------------------------ -debug() { - if [[ "${VERBOSE}" != "y" ]] ; then - return 0 - fi - echo -e " * [$(my_date)] [${BASENAME}:DEBUG]: $@" | tee -a "${LOGFILE}" -} - -#------------------------------------------------------------------------------ -info() { - if [[ "${QUIET}" == "y" ]] ; then - echo -e " * [$(my_date)] [${BASENAME}:INFO] : $@" >> "${LOGFILE}" - return 0 - fi - echo -e " ${GREEN}*${NORMAL} [$(my_date)] [${BASENAME}:${GREEN}INFO${NORMAL}] : $@" | tee -a "${LOGFILE}" -} - -#------------------------------------------------------------------------------ -warn() { - echo -e " ${YELLOW}*${NORMAL} [$(my_date)] [${BASENAME}:${YELLOW}WARN${NORMAL}] : $@" | tee -a "${LOGFILE}" -} - -#------------------------------------------------------------------------------ -error() { - echo -e " ${RED}*${NORMAL} [$(my_date)] [${BASENAME}:${RED}ERROR${NORMAL}]: $@" | tee -a "${LOGFILE}" -} - -#------------------------------------------------------------------------------ -MKDIR() { - local cmd="mkdir" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd+=" --verbose" - fi - eval ${cmd} "$@" 2>&1 | tee -a "${LOGFILE}" -} - -#------------------------------------------------------------------------------ -RM() { - local cmd="rm" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd+=" --verbose" - fi - eval ${cmd} "$@" 2>&1 | tee -a "${LOGFILE}" -} - -#------------------------------------------------------------------------------ -MV() { - local cmd="mv" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd+=" --verbose" - fi - eval ${cmd} "$@" 2>&1 | tee -a "${LOGFILE}" -} - -#------------------------------------------------------------------------------ -RMDIR() { - local cmd="rmdir" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd+=" --verbose" - fi - eval ${cmd} "$@" 2>&1 | tee -a "${LOGFILE}" -} - -#------------------------------------------------------------------------------ -LN() { - local cmd="ln" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd+=" --verbose" - fi - eval ${cmd} "$@" 2>&1 | tee -a "${LOGFILE}" -} - -#------------------------------------------------------------------------------ -empty_line() { - if [[ "${QUIET}" == "y" ]] ; then - echo >> "${LOGFILE}" - return 0 - fi - echo 2>&1 | tee -a "${LOGFILE}" -} - -################################################################################ - -get_databases() { - - debug "Detecting databases to backup ..." - local db= - for db in $( psql --list \ - --tuples-only \ - --no-align \ - --no-readline \ - --expanded \ - --field-separator=',' | \ - grep -i '^Name' | \ - awk -F ',' '{print $2}' ) ; do - DATABASES+=( "${db}" ) - done - - if [[ "${VERBOSE}" == "y" ]] ; then - echo | tee -a "${LOGFILE}" - echo "Databases to backup:" | tee -a "${LOGFILE}" - for db in "${DATABASES[@]}" ; do - echo " * '${db}'" | tee -a "${LOGFILE}" - done - echo | tee -a "${LOGFILE}" - fi - -} - -#------------------------------------------------------------------------------ -cleanup_tmp_dir() { - if [[ -n "${TMP_DIR}" ]] ; then - if [[ -e "${TMP_DIR}" ]] ; then - debug "Removing temporary directory '${TMP_DIR}' ..." - RM --force --recursive "${TMP_DIR}" - fi - fi -} - -#------------------------------------------------------------------------------ -prepare_dirs() { - - if [[ ! -d "${BACKUP_ROOTDIR}" ]] ; then - error "Directory '${RED}${BACKUP_ROOTDIR}${NORMAL}' does not exists or is not a directory." - exit 5 - fi - if [[ ! -w "${BACKUP_ROOTDIR}" ]] ; then - error "No write access to '${RED}${BACKUP_ROOTDIR}${NORMAL}'." - exit 6 - fi - - info "Creating all necessary directories ..." - MKDIR -p "${BACKUP_DIR}" - TMP_DIR=$( mktemp -d -p "${HOME}" backup.XXXXXXXX.d ) - debug "Temporary directory is '${TMP_DIR}'." - LOGFILE="${BACKUP_DIR}/${TIMESTAMP}.log" - - debug "Creating trap to cleanup temporary directory ..." - trap cleanup_tmp_dir INT TERM EXIT ABRT - -} - -#------------------------------------------------------------------------------ -cleanup_old_backups() { - - info "Cleaning up old backup files and directories ..." - - local verbose_option="" - if [[ "${VERBOSE}" == "y" ]] ; then - verbose_option="--verbose" - fi - - find "${BACKUP_ROOTDIR}" -type f -mtime +${KEEP_DAYS} -print0 | \ - xargs --null --no-run-if-empty rm ${verbose_option} 2>&1 | tee -a "${LOGFILE}" - - local year= - local month= - local day= - - for year in $( ls -1 "${BACKUP_ROOTDIR}" ); do - local y_dir="${BACKUP_ROOTDIR}/${year}" - if [[ -d "${y_dir}" ]] ; then - for month in $( ls -1 "${y_dir}" ); do - local m_dir="${y_dir}/${month}" - if [[ -d "${m_dir}" ]] ; then - for day in $( ls -1 "${m_dir}" ); do - local d_dir="${m_dir}/${day}" - if [[ -d "${d_dir}" && "${d_dir}" != "${BACKUP_DIR}" ]] ; then - rmdir --ignore-fail-on-non-empty "${d_dir}" - if [[ ! -d "${d_dir}" ]] ; then - debug "Removed directory '${d_dir}'." - fi - fi - done - rmdir --ignore-fail-on-non-empty "${m_dir}" - if [[ ! -d "${m_dir}" ]] ; then - debug "Removed directory '${m_dir}'." - fi - fi - done - rmdir --ignore-fail-on-non-empty "${y_dir}" - if [[ ! -d "${y_dir}" ]] ; then - debug "Removed directory '${y_dir}'." - fi - fi - done - -} - -#------------------------------------------------------------------------------ -backup_globals() { - - empty_line - info "Backing up ${GREEN}globals${NORMAL} ..." - - local output_sql="globals-${TIMESTAMP}.sql" - local output_sql_compressed="${output_sql}.bz2" - local out_sql_tmp="${TMP_DIR}/${output_sql}" - local out_sql_tmp_compressed="${TMP_DIR}/${output_sql_compressed}" - local out_sql_tgt="${BACKUP_DIR}/${output_sql}" - local out_sql_tgt_compressed="${BACKUP_DIR}/${output_sql_compressed}" - local out_sql_tgt_latest="${BACKUP_ROOTDIR}/globals-latest.sql.bz2" - - local verbose_option="" - if [[ "${VERBOSE}" == "y" ]] ; then - verbose_option="--verbose" - fi - - pg_dumpall --globals-only ${verbose_option} 2>&1 >"${out_sql_tmp}" | tee -a "${LOGFILE}" - - local blocks=$(stat -c "%b" "${out_sql_tmp}") - local bs=$(stat -c "%B" "${out_sql_tmp}") - local bytes=$(stat -c "%s" "${out_sql_tmp}") - local b_bytes=$(( ${blocks} * ${bs} )) - local k_bytes=$(( ${b_bytes} / 1024 )) - local m_bytes=$(( ${k_bytes} / 1024 )) - local msg=$( printf "Original size of %-50s %10d Bytes => %7d KiB => %4d MiB" \ - "'${output_sql}':" "${bytes}" "${k_bytes}" "${m_bytes}" ) - info "${msg}" - - debug "Compressing '${out_sql_tmp}' ..." - bzip2 ${verbose_option} --best "${out_sql_tmp}" 2>&1 | tee -a "${LOGFILE}" - - blocks=$(stat -c "%b" "${out_sql_tmp_compressed}") - bs=$(stat -c "%B" "${out_sql_tmp_compressed}") - bytes=$(stat -c "%s" "${out_sql_tmp_compressed}") - b_bytes=$(( ${blocks} * ${bs} )) - k_bytes=$(( ${b_bytes} / 1024 )) - m_bytes=$(( ${k_bytes} / 1024 )) - - BYTES_TOTAL=$(( ${BYTES_TOTAL} + ${b_bytes} )) - - local msg=$( printf "Compressed size of %-50s %10d Bytes => %7d KiB => %4d MiB" \ - "'${output_sql}':" "${bytes}" "${k_bytes}" "${m_bytes}" ) - info "${msg}" - - debug "Moving '${out_sql_tmp_compressed}' => '${BACKUP_DIR}' ..." - MV -i "${out_sql_tmp_compressed}" "${BACKUP_DIR}" - - info "Updating reference '${out_sql_tgt_latest}' -> '${out_sql_tgt_compressed}'" - LN -sf "${out_sql_tgt_compressed}" "${out_sql_tgt_latest}" - -} - -#------------------------------------------------------------------------------ -backup_databases() { - - local db= - for db in "${DATABASES[@]}" ; do - backup_database "${db}" - done - - empty_line - local k_bytes=$(( ${BYTES_TOTAL} / 1024 )) - local m_bytes=$(( ${k_bytes} / 1024 )) - local msg=$( printf "Total compressed size: %10d Bytes => %7d KiB => %4d MiB" \ - "${BYTES_TOTAL}" "${k_bytes}" "${m_bytes}" ) - info "${msg}" -} - -#------------------------------------------------------------------------------ -backup_database() { - - local db="$1" - - empty_line - info "Backing up database '${GREEN}${db}${NORMAL}' ..." - - local output_sql="${db}-${TIMESTAMP}.sql" - local output_sql_compressed="${output_sql}.bz2" - local out_sql_tmp="${TMP_DIR}/${output_sql}" - local out_sql_tmp_compressed="${TMP_DIR}/${output_sql_compressed}" - local out_sql_tgt="${BACKUP_DIR}/${output_sql}" - local out_sql_tgt_compressed="${BACKUP_DIR}/${output_sql_compressed}" - local out_sql_tgt_latest="${BACKUP_ROOTDIR}/${db}-latest.sql.bz2" - - local verbose_option="" - if [[ "${VERBOSE}" == "y" ]] ; then - verbose_option="--verbose" - fi - - pg_dump ${verbose_option} --blobs --clean \ - --create --if-exists --serializable-deferrable \ - "${db}" 2>&1 >"${out_sql_tmp}" | tee -a "${LOGFILE}" - - local blocks=$(stat -c "%b" "${out_sql_tmp}") - local bs=$(stat -c "%B" "${out_sql_tmp}") - local bytes=$(stat -c "%s" "${out_sql_tmp}") - local b_bytes=$(( ${blocks} * ${bs} )) - local k_bytes=$(( ${b_bytes} / 1024 )) - local m_bytes=$(( ${k_bytes} / 1024 )) - local msg=$( printf "Original size of %-50s %10d Bytes => %7d KiB => %4d MiB" \ - "'${output_sql}':" "${bytes}" "${k_bytes}" "${m_bytes}" ) - info "${msg}" - - debug "Compressing '${out_sql_tmp}' ..." - bzip2 ${verbose_option} --best "${out_sql_tmp}" 2>&1 | tee -a "${LOGFILE}" - - blocks=$(stat -c "%b" "${out_sql_tmp_compressed}") - bs=$(stat -c "%B" "${out_sql_tmp_compressed}") - bytes=$(stat -c "%s" "${out_sql_tmp_compressed}") - b_bytes=$(( ${blocks} * ${bs} )) - k_bytes=$(( ${b_bytes} / 1024 )) - m_bytes=$(( ${k_bytes} / 1024 )) - - BYTES_TOTAL=$(( ${BYTES_TOTAL} + ${b_bytes} )) - - local msg=$( printf "Compressed size of %-50s %10d Bytes => %7d KiB => %4d MiB" \ - "'${output_sql}':" "${bytes}" "${k_bytes}" "${m_bytes}" ) - info "${msg}" - - debug "Moving '${out_sql_tmp_compressed}' => '${BACKUP_DIR}' ..." - MV -i "${out_sql_tmp_compressed}" "${BACKUP_DIR}" - - info "Updating reference '${out_sql_tgt_latest}' -> '${out_sql_tgt_compressed}'" - LN -sf "${out_sql_tgt_compressed}" "${out_sql_tgt_latest}" -} - - - -################################################################################ -## -## Main -## -################################################################################ - -#------------------------------------------------------------------------------ -main() { - - get_options "$@" - - prepare_dirs - info "Starting backup ..." - get_databases - backup_globals - cleanup_old_backups - backup_databases - - empty_line - debug "Deactivating trap." - trap - INT TERM EXIT ABRT - cleanup_tmp_dir - info "Finished." - -} - -main "$@" - -exit 0 - -# vim: ts=4 et list diff --git a/bin/check-ldap-passwd b/bin/check-ldap-passwd deleted file mode 100755 index cc4d9f5..0000000 --- a/bin/check-ldap-passwd +++ /dev/null @@ -1,185 +0,0 @@ -#!/bin/bash - -set -u -set -e - -BASE_NAME="$( basename ${0} )" -MY_REAL_NAME=$( readlink -f $0 ) -BIN_DIR=$( dirname "${MY_REAL_NAME}" ) -BASE_DIR=$( dirname "${BIN_DIR}" ) -LIB_DIR="${BASE_DIR}/lib" -CONF_DIR="${BASE_DIR}/etc" - -if [[ -f "${LIB_DIR}/functions.rc" ]] ; then - . "${LIB_DIR}/functions.rc" -else - echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 - exit 5 -fi - -OBJECT_TOKEN= -GIVEN_PASSWD= - -detect_color - -DESCRIPTION=$( cat <<-EOF - Checks the given password of the given user against the password in LDAP. - -EOF -) - -#------------------------------------------------------------------------------ -usage() { - cat <<-EOF - Usage: ${BASE_NAME} [Common Options] [LDAP Options] - ${BASE_NAME} [-h|--help] - ${BASE_NAME} [-V|--version] - - Mandatory Parameter(s): - UID|EMAIL: Either the Uid of the requested object - (Posix name, mostly in the form 'first_name.last_name'), or - the E-Mail address of the account or group to search. - PASSWORD: The password to check against the password inside LDAP. - - LDAP Options: - EOF - - echo "${LDAP_USAGE_MSG}" - echo - echo " Common Options:" - echo "${STD_USAGE_MSG}" - -} - -#------------------------------------------------------------------------------ -get_options() { - - local tmp= - local base_dir= - - set +e - tmp=$( getopt -o ${LDAP_STD_OPTS_SHORT}${STD_SHORT_OPTIONS} \ - --long ${LDAP_STD_OPTS_LONG},${STD_LONG_OPTIONS} \ - -n "${BASE_NAME}" -- "$@" ) - if [[ $? != 0 ]] ; then - echo "" >&2 - usage >&2 - exit 1 - fi - set -e - - # Note the quotes around `$TEMP': they are essential! - eval set -- "${tmp}" - eval_common_options "$@" - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p REMAINING_OPTS - declare -p REMAINING_ARGS - fi - - eval_ldap_options "${REMAINING_OPTS[@]}" "${REMAINING_ARGS[@]}" - - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p REMAINING_OPTS - declare -p REMAINING_ARGS - fi - - debug "Remaining arguments: ${CYAN}${#REMAINING_ARGS[@]}${NORMAL}" - - if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then - error "Unknown options: ${REMAINING_OPTS[*]}" - echo >&2 - usage >&2 - exit 2 - fi - - if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then - error "No Uids or E-Mail addresses given to retrieve." - echo >&2 - usage >&2 - exit 2 - fi - - if [[ "${#REMAINING_ARGS[@]}" != "3" ]] ; then - error "No Password given to check." - echo >&2 - usage >&2 - exit 2 - fi - OBJECT_TOKEN="${REMAINING_ARGS[1]}" - GIVEN_PASSWD="${REMAINING_ARGS[2]}" - - info "Checking password '${CYAN}${GIVEN_PASSWD}${NORMAL}' of user '${CYAN}${OBJECT_TOKEN}${NORMAL}' ..." - -} - -#------------------------------------------------------------------------------ -main() { - - get_options "$@" - - local oifs="${IFS}" - IFS=" -" - - local cmd= - local filter= - local result= - - local cmd_base="ldapsearch -LLL -o ldif-wrap=no " - cmd_base+="-h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\" " - cmd_base+="-x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\"" - - local filter="(&(|(uid=${OBJECT_TOKEN})(mail=${OBJECT_TOKEN}))(userPassword=*))" - local cmd="${cmd_base} \"${filter}\" userPassword 2>&1 | " - cmd+=" grep -i '^userPassword:' | sed -e 's/^userPassword::[ ][ ]*//'" - debug "Executing: ${cmd}" - result=$( eval ${cmd} ) - debug "ldap_passwd_coded: '${CYAN}${result}${NORMAL}'." - - if [[ -z "${result}" ]] ; then - echo - error "Nutzer mit uid '${RED}${OBJECT_TOKEN}${NORMAL}' nicht gefunden oder hat kein Passwort." >&2 - echo - exit 1 - fi - - local ldap_passwd_value=$( echo "${result}" | base64 -d ) - debug "ldap_passwd_value: '${CYAN}${ldap_passwd_value}${NORMAL}'." - - local ldap_hash_method=$( echo "${ldap_passwd_value}" | \ - sed -e 's/^{//' -e 's/}.*//' | \ - tr '[:upper:]' '[:lower:]' ) - debug "ldap_hash_method: '${CYAN}${ldap_hash_method}${NORMAL}'." - - if [[ "${ldap_hash_method}" != 'crypt' ]] ; then - echo - error "Unbekannte Hash-Methode '${RED}${ldap_hash_method}${NORMAL}'" >&2 - echo - exit 5 - fi - - local ldap_passwd_hash=$( echo "${ldap_passwd_value}" | sed -e 's/^{[^}]*}//' ) - debug "ldap_passwd_hash: '${CYAN}${ldap_passwd_hash}${NORMAL}'." - - local salt=$( echo "${ldap_passwd_hash}" | sed -e 's/^\(..\).*/\1/' ) - debug "salt: '${CYAN}${salt}${NORMAL}'." - - local encr_passwd=$( mkpasswd -m des "${GIVEN_PASSWD}" "${salt}" ) - debug "encr_passwd: '${CYAN}${encr_passwd}${NORMAL}'." - - echo - if [[ "${ldap_passwd_hash}" == "${encr_passwd}" ]] ; then - echo -e "Passwort ist ${GREEN}OKAY${NORMAL}." - echo - else - echo -e "Passwort is ${RED}FALSCH${NORMAL}." >&2 - echo - exit 1 - fi - -} - -main "$@" -exit 0 - -# vim: et list filetype=sh diff --git a/bin/get-dns-zonefiles b/bin/get-dns-zonefiles deleted file mode 100755 index 8ca38e2..0000000 --- a/bin/get-dns-zonefiles +++ /dev/null @@ -1,161 +0,0 @@ -#!/bin/bash - -set -e -set -u - -BASE_NAME="$( basename ${0} )" -MY_REAL_NAME=$( readlink -f $0 ) -BIN_DIR=$( dirname "${MY_REAL_NAME}" ) -BASE_DIR=$( dirname "${BIN_DIR}" ) -LIB_DIR="${BASE_DIR}/lib" -CONF_DIR="${BASE_DIR}/etc" - -if [[ -f "${LIB_DIR}/functions.rc" ]] ; then - . "${LIB_DIR}/functions.rc" -else - echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 - exit 5 -fi - -declare -a ZONES=() - -detect_color - -DESCRIPTION=$( cat <<-EOF - Gets via zone transfer the complete content of a DNS zone and generates - a normalized zone file for this zone. - - EOF -) - -#------------------------------------------------------------------------------ -usage() { - cat <<-EOF - Usage: ${BASE_NAME} [Common Options] [ ...] - ${BASE_NAME} [-h|--help] - ${BASE_NAME} [-V|--version] - - Mandatory Parameter(s): - ZONE: The name of the zone (a.k.a. domain), which you want to retrieve - completely. May be given for multiple zones. - - It generates in current directory zone files for each given zone - with a timestamp and a sequential number included in the file name. - - Common Options: - ${STD_USAGE_MSG} - EOF - -} - -get_options() { - - local tmp= - local base_dir= - - set +e - tmp=$( getopt -o ${STD_SHORT_OPTIONS} --long ${STD_LONG_OPTIONS} -n "${BASE_NAME}" -- "$@" ) - if [[ $? != 0 ]] ; then - echo "" >&2 - usage >&2 - exit 1 - fi - set -e - - # Note the quotes around `$TEMP': they are essential! - eval set -- "${tmp}" - eval_common_options "$@" - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p REMAINING_OPTS - declare -p REMAINING_ARGS - fi - - if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then - error "Unknown options: ${REMAINING_OPTS[*]}" - echo >&2 - usage >&2 - exit 2 - fi - - if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then - error "No zones given to retrieve." - echo >&2 - usage >&2 - exit 2 - fi - - local i=0 - local zone= - for zone in "${REMAINING_ARGS[@]}" ; do - if [[ "$i" == 0 ]]; then - i=1 - continue - fi - ZONES+=(${zone}) - i=$(( $i + 1 )) - done - - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p ZONES - fi - -} - -#------------------------------------------------------------------------------ -cur_ts() { - date +'%Y-%m-%d_%H-%M-%S' -} - -#------------------------------------------------------------------------------ -get_zone() { - - local zone="$1" - - echo >&2 - info "Get zone '${GREEN}${zone}${NORMAL}' ..." - - local tmpfile=$( mktemp "${zone}.XXXXXXXXXX.zone" ) - local i=0 - local zone_file="${zone}.$( cur_ts ).${i}.zone" - while [[ -e "${zone_file}" ]] ; do - i=$(( $i + 1 )) - zone_file="${zone}.$( cur_ts ).${i}.zone" - done - - dig axfr "${zone}" >"${tmpfile}" - if grep -i 'Transfer failed' "${tmpfile}" >/dev/null ; then - error "Could not transfer zone '${RED}${zone}${NORMAL}'." - else - if type -p named-compilezone >/dev/null ; then - named-compilezone -o "${zone_file}" -s relative "${zone}" "${tmpfile}" - else - cat "${tmpfile}" | grep -P -v '^\s*(;|$)' >"${zone_file}" - fi - info "Created zone file '${GREEN}${zone_file}${NORMAL}'." - fi - - RM "${tmpfile}" -} - -#------------------------------------------------------------------------------ -main() { - - get_options "$@" - umask 0022 - local the_zone= - - set_locale "en_US.utf8" - - for the_zone in "${ZONES[@]}" ; do - get_zone "${the_zone}" - done - -} - -main "$@" - - - -exit 0 - -# vim: et list diff --git a/bin/get-k8s-master-configs b/bin/get-k8s-master-configs deleted file mode 100755 index 9a915ed..0000000 --- a/bin/get-k8s-master-configs +++ /dev/null @@ -1,495 +0,0 @@ -#!/usr/bin/env bash - -export LC_ALL=C -export LANG=C - -VERBOSE="n" -DEBUG="n" -QUIET='n' - -VERSION="1.0" - -# console colors: -RED="" -YELLOW="" -GREEN="" -BLUE="" -NORMAL="" - -HAS_TTY='y' - -BASENAME="$(basename ${0})" -BASE_DIR="$(dirname ${0})" - -REL_K8S_CFGDIR='.kube' -REL_K8S_CFGFILE='config' - -TIMEOUT=30 - -TEMPFILE= - -declare -A ENV_HOST=() -declare -A ENV_PORT=() -declare -A ENV_USER=() -declare -A ENV_GROUP=() -declare -A ENV_HOME=() - -ENV_HOST['live']='live-master01-k8s-spk.spk.pixelpark.net' -ENV_HOST['stage']='stage-master01-k8s-spk.spk.pixelpark.net' - -ENV_PORT['live']=1080 -ENV_PORT['stage']=1080 - -ENV_USER['live']='k8s-live' -ENV_USER['stage']='k8s-stage' - -ENV_GROUP['live']='users' -ENV_GROUP['stage']='users' - -#------------------------------------------------------------------- -detect_color() { - - local safe_term="${TERM//[^[:alnum:]]/?}" - local match_lhs="" - local use_color="false" - [[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" - [[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ - && match_lhs=$(dircolors --print-database) - [[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color="true" - - # console colors: - if [ "${use_color}" = "true" ] ; then - RED="\033[38;5;196m" - YELLOW="\033[38;5;226m" - GREEN="\033[38;5;46m" - BLUE="\033[38;5;27m" - NORMAL="\033[39m" - else - RED="" - YELLOW="" - GREEN="" - BLUE="" - NORMAL="" - fi - - local my_tty=$(tty) - if [[ "${my_tty}" =~ 'not a tty' ]] ; then - my_tty='-' - fi - - if [[ "${my_tty}" = '-' || "${safe_term}" = "dump" ]] ; then - HAS_TTY='n' - fi - -} -detect_color - -#------------------------------------------------------------------------------ -description() { - echo -e $( cat <<-EOF - Gets the current root Kubernetes configuration files of both live - and stage Kubernetes of Sparkasse. - - Only the user '${GREEN}root${NORMAL}' may execute this script. - - EOF - ) -} - -#------------------------------------------------------------------------------ -usage() { - cat <<-EOF - Usage: ${BASENAME} [-d|--debug] [[-v|--verbose] | [-q|--quiet]]] [--nocolor] - ${BASENAME} [-h|--help] - ${BASENAME} [-V|--version] - - Options: - -d|--debug Debug output (bash -x). - -v|--verbose Set verbosity on. Mutually exclusive to '--quiet'. - -q|--quiet Quiet execution, only errors and warnings are shown. - --nocolor Don't use colors on display. - -h|--help Show this output and exit. - -V|--version prints out version number of the script and exit - EOF -} - - -#------------------------------------------------------------------------------ -get_options() { - - local tmp= - local base_dir= - - set +e - tmp=$( getopt -o dvqhV \ - --long debug,verbose,quiet,nocolor,help,version \ - -n "${BASENAME}" -- "$@" ) - if [[ $? != 0 ]] ; then - echo "" >&2 - usage >&2 - exit 1 - fi - set -e - - # Note the quotes around `$TEMP': they are essential! - eval set -- "${tmp}" - - local p= - - while true ; do - case "$1" in - -d|--debug) - DEBUG="y" - shift - ;; - -v|--verbose) - VERBOSE="y" - shift - ;; - -q|--quiet) - QUIET="y" - RED="" - YELLOW="" - GREEN="" - BLUE="" - NORMAL="" - shift - ;; - --nocolor) - RED="" - YELLOW="" - GREEN="" - BLUE="" - NORMAL="" - shift - ;; - -h|--help) - description - echo - usage - exit 0 - ;; - -V|--version) - echo "${BASENAME} version: ${VERSION}" - exit 0 - ;; - --) shift - break - ;; - *) echo "Internal error!" - exit 1 - ;; - esac - done - - if [[ "${DEBUG}" = "y" ]] ; then - set -x - fi - if [[ "${VERBOSE}" == "y" && "${QUIET}" == "y" ]] ; then - error "The parameters '${RED}${VERBOSE}${NORMAL}' and '${RED}${VERBOSE}${NORMAL}' are mutually exclusive." - usage >&2 - exit 1 - fi - - if [[ "$( type -t curl || true )" != "file" ]] ; then - error "Command '${RED}curl${NORMAL}' not found, please install the appropriate package." - echo >&2 - exit 5 - fi - - local cur_user_id=$( id -u ) - if [[ "${cur_user_id}" != "0" ]] ; then - error "Wrong user '${RED}$( id -u -n )${NORMAL}'." - echo >&2 - description >&2 - echo - usage >&2 - exit 1 - fi - -} - -######################################### -# Some often used funktions - -#------------------------------------------------------------------------------ -my_date() { - date +'%F %T.%N %:::z' -} - -#------------------------------------------------------------------------------ -debug() { - if [[ "${VERBOSE}" != "y" ]] ; then - return 0 - fi - echo -e " * [$(my_date)] [${BASENAME}:DEBUG]: $@" -} - -#------------------------------------------------------------------------------ -info() { - if [[ "${QUIET}" == "y" ]] ; then - return - fi - echo -e " ${GREEN}*${NORMAL} [$(my_date)] [${BASENAME}:${GREEN}INFO${NORMAL}] : $@" -} - -#------------------------------------------------------------------------------ -warn() { - echo -e " ${YELLOW}*${NORMAL} [$(my_date)] [${BASENAME}:${YELLOW}WARN${NORMAL}] : $@" >&2 -} - -#------------------------------------------------------------------------------ -error() { - echo -e " ${RED}*${NORMAL} [$(my_date)] [${BASENAME}:${RED}ERROR${NORMAL}]: $@" >&2 -} - -#------------------------------------------------------------------------------ -MKDIR() { - local cmd="mkdir" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd+=" --verbose" - fi - eval ${cmd} "$@" -} - -#------------------------------------------------------------------------------ -CHMOD() { - local cmd="chmod" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd+=" --verbose" - fi - eval ${cmd} "$@" -} - -#------------------------------------------------------------------------------ -CHOWN() { - local cmd="chown" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd+=" --verbose" - fi - eval ${cmd} "$@" -} - -#------------------------------------------------------------------------------ -CHGRP() { - local cmd="chgrp" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd+=" --verbose" - fi - eval ${cmd} "$@" -} - -#------------------------------------------------------------------------------ -RM() { - local cmd="rm" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd+=" --verbose" - fi - eval ${cmd} "$@" -} - -#------------------------------------------------------------------------------ -CP() { - local cmd="cp" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd+=" --verbose" - fi - eval ${cmd} "$@" -} - -#------------------------------------------------------------------------------ -cleanup_tmp_file() { - if [[ -n "${TEMPFILE}" ]] ; then - if [[ -e "${TEMPFILE}" ]] ; then - debug "Removing temporary file '${TEMPFILE}' ..." - RM --force "${TEMPFILE}" - fi - fi -} - -#------------------------------------------------------------------------------ -do_backup() { - - local my_user_home="$1" - local k8s_dir="${my_user_home}/${REL_K8S_CFGDIR}" - local k8s_cfg_file="${k8s_dir}/${REL_K8S_CFGFILE}" - - if [[ ! -f "${k8s_cfg_file}" ]] ; then - debug "File '${k8s_cfg_file}' not found for backup" - return 0 - fi - - local backup_file="${k8s_cfg_file}.$( date -r "${k8s_cfg_file}" +'%Y-%m-%d_%H:%M:%S' )" - info "Copying '${k8s_cfg_file}' => '${backup_file}' ..." - CP -p "${k8s_cfg_file}" "${backup_file}" - -} - -#------------------------------------------------------------------------------ -check_home_dirs() { - - local my_user_home="$1" - local my_user="$2" - local my_group="$3" - - local k8s_dir="${my_user_home}/${REL_K8S_CFGDIR}" - - debug "Checking directories '${my_user_home}' and '${k8s_dir}' ..." - - if [[ -z "${my_user_home}" ]] ; then - error "Could not evaluate \$HOME of user '${RED}${my_user}${NORMAL}'." - return 6 - fi - - if [[ ! -e "${my_user_home}" ]] ; then - error "Directory '${RED}${my_user_home}${NORMAL}' does not exists." - return 6 - fi - - if [[ ! -d "${my_user_home}" ]] ; then - error "Path '${RED}${my_user_home}${NORMAL}' exists, but is not a directory." - return 6 - fi - - if [[ -e "${k8s_dir}" ]] ; then - MKDIR -p "${k8s_dir}" - else - if [[ ! -d "${k8s_dir}" ]] ; then - error "Path '${RED}${k8s_dir}${NORMAL}' exists, but is not a directory." - return 6 - fi - fi - - local dir_owner=$( stat --printf="%U" "${k8s_dir}" ) - local dir_group=$( stat --printf="%G" "${k8s_dir}" ) - local dir_mode=$( stat --printf="%a" "${k8s_dir}" ) - debug "Directory '${k8s_dir}' current: owner='${dir_owner}', group='${dir_group}', mode='${dir_mode}'" - - if [[ "${dir_owner}" != "${my_user}" ]] ; then - info "Setting owner of '${k8s_dir}' to '${my_user}'." - CHOWN "${my_user}" "${k8s_dir}" - fi - - if [[ "${dir_group}" != "${my_group}" ]] ; then - info "Setting group of '${k8s_dir}' to '${my_group}'." - CHGRP "${my_group}" "${k8s_dir}" - fi - - if [[ "${dir_mode}" != "700" ]] ; then - info "Setting mode of '${k8s_dir}' to 0700." - CHMOD "0700" "${k8s_dir}" - fi - - return 0 - -} - -#------------------------------------------------------------------------------ -get_config() { - - local env="$1" - - info "Get current Kubernetes configuration for environment '${GREEN}${env}${NORMAL}'." - - local host="${ENV_HOST[${env}]}" - local port="${ENV_PORT[${env}]}" - local user="${ENV_USER[${env}]}" - local group="${ENV_GROUP[${env}]}" - - local url="http://${host}" - if [[ "${port}" != "80" ]] ; then - url+=":${port}" - fi - url+="/" - debug "URL to get the config: '${url}'." - - local user_home=$( getent passwd "${user}" | head -n 1 | awk -F: '{print $6}' ) - debug "Home directory of user '${user}': '${user_home}'" - if check_home_dirs "${user_home}" "${user}" "${group}" ; then - : - else - return 0 - fi - - TEMPFILE=$( mktemp ) - debug "Temporary file is '${TEMPFILE}'." - trap cleanup_tmp_file INT TERM EXIT ABRT - - debug "Get '${url}' ..." - cmd="curl -o \"${TEMPFILE}\" --silent --max-time \"${TIMEOUT}\" \"${url}\"" - debug "Executing: ${cmd}" - eval ${cmd} - if [[ "${VERBOSE}" == "y" ]] ; then - ls -l "${TEMPFILE}" - fi - - if [[ ! -s "${TEMPFILE}" ]] ; then - error "Got an empty configuration from '${url}' ..." - trap - INT TERM EXIT ABRT - cleanup_tmp_file - return 0 - fi - - local k8s_dir="${user_home}/${REL_K8S_CFGDIR}" - local k8s_cfg_file="${k8s_dir}/${REL_K8S_CFGFILE}" - - if diff --ignore-tab-expansion --ignore-trailing-space --ignore-blank-lines \ - --text "${k8s_cfg_file}" "${TEMPFILE}" >/dev/null ; then - info "Kubernetes configuration '${GREEN}${k8s_cfg_file}${NORMAL}' will be left unchanged." - else - warn "Installing new Kubernetes configuration '${YELLOW}${k8s_cfg_file}${NORMAL}' ..." - do_backup "${user_home}" - CP -p "${TEMPFILE}" "${k8s_cfg_file}" - - fi - - trap - INT TERM EXIT ABRT - cleanup_tmp_file - - local file_owner=$( stat --printf="%U" "${k8s_cfg_file}" ) - local file_group=$( stat --printf="%G" "${k8s_cfg_file}" ) - local file_mode=$( stat --printf="%a" "${k8s_cfg_file}" ) - debug "File '${k8s_cfg_file}' current: owner='${file_owner}', group='${file_group}', mode='${file_mode}'" - - if [[ "${file_owner}" != "${user}" ]] ; then - info "Setting owner of '${k8s_cfg_file}' to '${user}'." - CHOWN "${user}" "${k8s_cfg_file}" - fi - - if [[ "${file_group}" != "${group}" ]] ; then - info "Setting group of '${k8s_cfg_file}' to '${group}'." - CHGRP "${group}" "${k8s_cfg_file}" - fi - - if [[ "${file_mode}" != "600" ]] ; then - info "Setting mode of '${k8s_cfg_file}' to 0600." - CHMOD "0600" "${k8s_cfg_file}" - fi - - debug "Finished environment '${env}'." - -} - -################################################################################ -## -## Main -## -################################################################################ - -#------------------------------------------------------------------------------ -main() { - - get_options "$@" - get_config 'live' - get_config 'stage' - cleanup_tmp_file - -} - -main "$@" - -exit 0 - -# vim: ts=4 et list diff --git a/bin/get-ldap-dn b/bin/get-ldap-dn deleted file mode 100755 index 5e9cbcc..0000000 --- a/bin/get-ldap-dn +++ /dev/null @@ -1,156 +0,0 @@ -#!/bin/bash - -set -e -set -u - -BASE_NAME="$( basename ${0} )" -MY_REAL_NAME=$( readlink -f $0 ) -BIN_DIR=$( dirname "${MY_REAL_NAME}" ) -BASE_DIR=$( dirname "${BIN_DIR}" ) -LIB_DIR="${BASE_DIR}/lib" -CONF_DIR="${BASE_DIR}/etc" - -if [[ -f "${LIB_DIR}/functions.rc" ]] ; then - . "${LIB_DIR}/functions.rc" -else - echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 - exit 5 -fi - -declare -a TOKENS=() - -detect_color - -DESCRIPTION=$( cat <<-EOF - Get LDAP distinguished names (DN) either by a given UID or Mail address. - - EOF -) - -#------------------------------------------------------------------------------ -usage() { - cat <<-EOF - Usage: ${BASE_NAME} [Common Options] [LDAP Options] [ ...] - ${BASE_NAME} [-h|--help] - ${BASE_NAME} [-V|--version] - - Mandatory Parameter(s): - UID|EMAIL: Either the Uid of the requested User - (Posix name, mostly in the form 'first_name.last_name'), or - the E-Mail address of the account or group to search. - - LDAP Options: - EOF - - echo "${LDAP_USAGE_MSG}" - echo - echo " Common Options:" - echo "${STD_USAGE_MSG}" - -} - -#------------------------------------------------------------------------------ -get_options() { - - local tmp= - local base_dir= - - set +e - tmp=$( getopt -o ${LDAP_STD_OPTS_SHORT}${STD_SHORT_OPTIONS} \ - --long ${LDAP_STD_OPTS_LONG},${STD_LONG_OPTIONS} \ - -n "${BASE_NAME}" -- "$@" ) - if [[ $? != 0 ]] ; then - echo "" >&2 - usage >&2 - exit 1 - fi - set -e - - # Note the quotes around `$TEMP': they are essential! - eval set -- "${tmp}" - eval_common_options "$@" - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p REMAINING_OPTS - declare -p REMAINING_ARGS - fi - -# local -a rest_args_common=() -# for tmp in "${REMAINING_ARGS[@]}" ; do -# rest_args_common+=(${tmp}) -# done - - eval_ldap_options "${REMAINING_OPTS[@]}" "${REMAINING_ARGS[@]}" - - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p REMAINING_OPTS - declare -p REMAINING_ARGS - fi - - if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then - error "Unknown options: ${REMAINING_OPTS[*]}" - echo >&2 - usage >&2 - exit 2 - fi - - if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then - error "No Uids or E-Mail addresses given to retrieve." - echo >&2 - usage >&2 - exit 2 - fi - - local i=0 - local token= - for token in "${REMAINING_ARGS[@]}" ; do - if [[ "$i" == 0 ]]; then - i=1 - continue - fi - TOKENS+=(${token}) - i=$(( $i + 1 )) - done - - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p TOKENS - fi - -} - -#------------------------------------------------------------------------------ -main() { - - get_options "$@" - - local oifs="${IFS}" - IFS=" -" - - local token= - local cmd= - local filter= - - local cmd_base="ldapsearch -LLL -o ldif-wrap=no " - cmd_base+="-h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\"" - cmd_base+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" " - - for token in "${TOKENS[@]}" ; do - - echo >&2 - info "Getting DN of LDAP-Object with token '${GREEN}${token}${NORMAL}' ..." >&2 - - filter="(|(uid=${token})(mail=${token})(mailAlternateAddress=${token})(mailEquivalentAddress=${token}))" - cmd="${cmd_base} \"${filter}\" dn" - debug "Executing: ${cmd}" - echo >&2 - eval ${cmd} - - done - -} - -main "$@" - -exit 0 - -# vim: et list diff --git a/bin/get-ldap-info b/bin/get-ldap-info deleted file mode 100755 index 73dd080..0000000 --- a/bin/get-ldap-info +++ /dev/null @@ -1,168 +0,0 @@ -#!/bin/bash - -set -e -set -u - -BASE_NAME="$( basename ${0} )" -MY_REAL_NAME=$( readlink -f $0 ) -BIN_DIR=$( dirname "${MY_REAL_NAME}" ) -BASE_DIR=$( dirname "${BIN_DIR}" ) -LIB_DIR="${BASE_DIR}/lib" -CONF_DIR="${BASE_DIR}/etc" - -if [[ -f "${LIB_DIR}/functions.rc" ]] ; then - . "${LIB_DIR}/functions.rc" -else - echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 - exit 5 -fi - -declare -a TOKENS=() - -detect_color - -DESCRIPTION=$( cat <<-EOF - Get complete information about the given LDAP objects by their uid- - or mail-Attribute. - - EOF -) - -#------------------------------------------------------------------------------ -usage() { - cat <<-EOF - Usage: ${BASE_NAME} [Common Options] [LDAP Options] [ ...] - ${BASE_NAME} [-h|--help] - ${BASE_NAME} [-V|--version] - - Mandatory Parameter(s): - UID|EMAIL: Either the Uid of the requested object - (Posix name, mostly in the form 'first_name.last_name'), or - the E-Mail address of the account or group to search. - - LDAP Options: - EOF - - echo "${LDAP_USAGE_MSG}" - echo - echo " Common Options:" - echo "${STD_USAGE_MSG}" - -} - -#------------------------------------------------------------------------------ -get_options() { - - local tmp= - local base_dir= - - set +e - tmp=$( getopt -o ${LDAP_STD_OPTS_SHORT}${STD_SHORT_OPTIONS} \ - --long ${LDAP_STD_OPTS_LONG},${STD_LONG_OPTIONS} \ - -n "${BASE_NAME}" -- "$@" ) - if [[ $? != 0 ]] ; then - echo "" >&2 - usage >&2 - exit 1 - fi - set -e - - # Note the quotes around `$TEMP': they are essential! - eval set -- "${tmp}" - eval_common_options "$@" - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p REMAINING_OPTS - declare -p REMAINING_ARGS - fi - - eval_ldap_options "${REMAINING_OPTS[@]}" "${REMAINING_ARGS[@]}" - - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p REMAINING_OPTS - declare -p REMAINING_ARGS - fi - - if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then - error "Unknown options: ${REMAINING_OPTS[*]}" - echo >&2 - usage >&2 - exit 2 - fi - - if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then - error "No Uids or E-Mail addresses given to retrieve." - echo >&2 - usage >&2 - exit 2 - fi - - local i=0 - local token= - for token in "${REMAINING_ARGS[@]}" ; do - if [[ "$i" == 0 ]]; then - i=1 - continue - fi - TOKENS+=(${token}) - i=$(( $i + 1 )) - done - - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p TOKENS - fi - -} - -#------------------------------------------------------------------------------ -main() { - - get_options "$@" - - local oifs="${IFS}" - IFS=" -" - - local token= - local cmd= - local filter= - local result= - - local cmd_base="ldapsearch -LLL -o ldif-wrap=no " - cmd_base+="-h \"${LDAP_HOST}\" -p ${LDAP_PORT} -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" " - - for token in "${TOKENS[@]}" ; do - - local -a dns=() - local dn= - - echo >&2 - info "Getting LDAP info about user with token '${GREEN}${token}${NORMAL}' ..." >&2 - - filter="(|(uid=${token})(mail=${token})(mailAlternateAddress=${token})(mailEquivalentAddress=${token}))" - cmd="${cmd_base} -b \"${LDAP_BASE}\" \"${filter}\" dn 2>/dev/null | grep '^dn' | sed -e 's/^dn:[ ]*//'" - debug "Executing: ${cmd}" - result=$( eval ${cmd} ) - if [[ -z "${result}" ]] ; then - warn "LDAP object with Uid or Mail '${YELLOW}${token}${NORMAL}' not found." - continue - fi - - for dn in ${result} ; do - echo >&2 - info "Found DN: '${GREEN}${dn}${NORMAL}'" - - cmd="${cmd_base} -b \"${dn}\" -s base \"objectclass=*\" 2>/dev/null | sort -i" - debug "Executing: ${cmd}" - eval ${cmd} - - done - - done - -} - -main "$@" - -exit 0 - -# vim: et list diff --git a/bin/get-ldap-mail b/bin/get-ldap-mail deleted file mode 100755 index ae530a2..0000000 --- a/bin/get-ldap-mail +++ /dev/null @@ -1,162 +0,0 @@ -#!/bin/bash - -set -e -set -u - -BASE_NAME="$( basename ${0} )" -MY_REAL_NAME=$( readlink -f $0 ) -BIN_DIR=$( dirname "${MY_REAL_NAME}" ) -BASE_DIR=$( dirname "${BIN_DIR}" ) -LIB_DIR="${BASE_DIR}/lib" -CONF_DIR="${BASE_DIR}/etc" - -if [[ -f "${LIB_DIR}/functions.rc" ]] ; then - . "${LIB_DIR}/functions.rc" -else - echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 - exit 5 -fi - -declare -a TOKENS=() - -detect_color - -DESCRIPTION=$( cat <<-EOF - Get all relevant information about the given mail addresses from LDAP. - - EOF -) - -#------------------------------------------------------------------------------ -usage() { - cat <<-EOF - Usage: ${BASE_NAME} [Common Options] [LDAP Options] [ ...] - ${BASE_NAME} [-h|--help] - ${BASE_NAME} [-V|--version] - - Mandatory Parameter(s): - EMAIL: The E-Mail address of the account or group to search. - - LDAP Options: - EOF - - echo "${LDAP_USAGE_MSG}" - echo - echo " Common Options:" - echo "${STD_USAGE_MSG}" - -} - -#------------------------------------------------------------------------------ -get_options() { - - local tmp= - local base_dir= - - set +e - tmp=$( getopt -o ${LDAP_STD_OPTS_SHORT}${STD_SHORT_OPTIONS} \ - --long ${LDAP_STD_OPTS_LONG},${STD_LONG_OPTIONS} \ - -n "${BASE_NAME}" -- "$@" ) - if [[ $? != 0 ]] ; then - echo "" >&2 - usage >&2 - exit 1 - fi - set -e - - # Note the quotes around `$TEMP': they are essential! - eval set -- "${tmp}" - eval_common_options "$@" - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p REMAINING_OPTS - declare -p REMAINING_ARGS - fi - - eval_ldap_options "${REMAINING_OPTS[@]}" "${REMAINING_ARGS[@]}" - - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p REMAINING_OPTS - declare -p REMAINING_ARGS - fi - - if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then - error "Unknown options: ${REMAINING_OPTS[*]}" - echo >&2 - usage >&2 - exit 2 - fi - - if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then - error "No E-Mail addresses given to retrieve." - echo >&2 - usage >&2 - exit 2 - fi - - local i=0 - local token= - for token in "${REMAINING_ARGS[@]}" ; do - if [[ "$i" == 0 ]]; then - i=1 - continue - fi - TOKENS+=(${token}) - i=$(( $i + 1 )) - done - - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p TOKENS - fi - -} - -#------------------------------------------------------------------------------ -main() { - - get_options "$@" - - local ldap_filter_oclass="(|" - local oclass= - - for oclass in inetLocalMailRecipient inetMailGroup inetMailingListUser inetOrgPerson \ - inetResource mailGroup mailGroupMember mailRecipient; do - ldap_filter_oclass+="(objectClass=${oclass})" - done - ldap_filter_oclass+=")" - - local filter_tpl="(&${ldap_filter_oclass}(|(mail=@@ADDRESS@@)(mailAlternateAddress=@@ADDRESS@@)" - filter_tpl+="(mailEquivalentAddress=@@ADDRESS@@)))" - - local oifs="${IFS}" - IFS=" -" - - local token= - local cmd= - local filter= - - local cmd_base="ldapsearch -LLL -o ldif-wrap=no " - cmd_base+="-h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\"" - cmd_base+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" " - - for token in "${TOKENS[@]}" ; do - - echo >&2 - info "Getting DN of LDAP-Object with E-Mail address '${GREEN}${token}${NORMAL}' ..." >&2 - - filter=$( echo "${filter_tpl}" | sed -e "s/@@ADDRESS@@/${token}/g" ) - cmd="${cmd_base} \"${filter}\" dn cn mail mailAlternateAddress mailEquivalentAddress " - cmd+="mgrpRFC822MailMember uniqueMember memberURL mailForwardingAddress mailRoutingAddress" - debug "Executing: ${cmd}" - echo >&2 - eval ${cmd} - - done - -} - -main "$@" - -exit 0 - -# vim: et list diff --git a/bin/get-ldap-membership b/bin/get-ldap-membership deleted file mode 100755 index 8e68722..0000000 --- a/bin/get-ldap-membership +++ /dev/null @@ -1,207 +0,0 @@ -#!/bin/bash - -set -e -set -u - -BASE_NAME="$( basename ${0} )" -MY_REAL_NAME=$( readlink -f $0 ) -BIN_DIR=$( dirname "${MY_REAL_NAME}" ) -BASE_DIR=$( dirname "${BIN_DIR}" ) -LIB_DIR="${BASE_DIR}/lib" -CONF_DIR="${BASE_DIR}/etc" - -if [[ -f "${LIB_DIR}/functions.rc" ]] ; then - . "${LIB_DIR}/functions.rc" -else - echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 - exit 5 -fi - -declare -a SEARCH_IDS=() - -detect_color - -DESCRIPTION=$( cat <<-EOF - Get all LDAP groups, where the user with the given DN uid or mail address is a member of. - - EOF -) - -#------------------------------------------------------------------------------ -get_options() { - - local tmp= - local base_dir= - - set +e - tmp=$( getopt -o ${LDAP_STD_OPTS_SHORT}${STD_SHORT_OPTIONS} \ - --long ${LDAP_STD_OPTS_LONG},${STD_LONG_OPTIONS} \ - -n "${BASE_NAME}" -- "$@" ) - if [[ $? != 0 ]] ; then - echo "" >&2 - usage >&2 - exit 1 - fi - set -e - - # Note the quotes around `$TEMP': they are essential! - eval set -- "${tmp}" - eval_common_options "$@" - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p REMAINING_OPTS - declare -p REMAINING_ARGS - fi - - eval_ldap_options "${REMAINING_OPTS[@]}" "${REMAINING_ARGS[@]}" - - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p REMAINING_OPTS - declare -p REMAINING_ARGS - fi - - if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then - error "Unknown options: ${REMAINING_OPTS[*]}" - echo >&2 - usage >&2 - exit 2 - fi - - if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then - error "No user given to retrieve." - echo >&2 - usage >&2 - exit 2 - fi - - local i=0 - local token= - for token in "${REMAINING_ARGS[@]}" ; do - if [[ "$i" == 0 ]]; then - i=1 - continue - fi - SEARCH_IDS+=(${token}) - i=$(( $i + 1 )) - done - - if [[ "${DEBUG}" == 'y' ]] ; then - declare -p SEARCH_IDS - fi - -} - -#------------------------------------------------------------------------------ -usage() { - cat <<-EOF - Usage: ${BASE_NAME} [Common Options] [LDAP Options] [ ...] - ${BASE_NAME} [-h|--help] - ${BASE_NAME} [-V|--version] - - Mandatory Parameter(s): - ID: The DN, UID or mail address of the user to search. - - LDAP Options: - EOF - - echo "${LDAP_USAGE_MSG}" - echo - echo " Common Options:" - echo "${STD_USAGE_MSG}" - -} - -#------------------------------------------------------------------------------ -get_dn() { - - local user_id="$1" - local dn= - - local ldap_filter_oclass="(|" - local oclass= - local line= - - for oclass in inetLocalMailRecipient inetMailingListUser inetOrgPerson \ - inetResource mailGroupMember mailRecipient; do - ldap_filter_oclass+="(objectClass=${oclass})" - done - ldap_filter_oclass+=")" - - local filter="(&${ldap_filter_oclass}(|(mail=${user_id})(mailAlternateAddress=${user_id})" - filter+="(mailEquivalentAddress=${user_id})(uid=${user_id})))" - - info "Getting DN of LDAP-Object with E-Mail address or UID '${CYAN}${user_id}${NORMAL}' ..." - - cmd="ldapsearch -LLL -o ldif-wrap=no -h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\"" - cmd+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" \"${filter}\" dn" - debug "Executing: ${cmd}" - for line in $( eval ${cmd} | grep -i '^dn:' | sed -e 's/^dn:[ ]*//i' ) ; do - echo "${line}" - done - -} - -#------------------------------------------------------------------------------ -search_memberships() { - - local dn="$1" - - info "Searching for groups with member '${CYAN}${dn}${NORMAL}' ..." - local ldap_filter_oclass="(|" - local oclass= - - for oclass in groupOfNames groupOfUniqueNames; do - ldap_filter_oclass+="(objectClass=${oclass})" - done - ldap_filter_oclass+=")" - - local filter="(&${ldap_filter_oclass}(|(uniqueMember=${dn})(member=${dn})))" - cmd="ldapsearch -LLL -o ldif-wrap=no -h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\"" - cmd+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" \"${filter}\"" - cmd+=" dn cn description mail mailAlternateAddress mailEquivalentAddress" - debug "Executing: ${cmd}" - eval ${cmd} -} - -#------------------------------------------------------------------------------ -search_user() { - - local user_id="$1" - local dn= - - local oifs="${IFS}" - IFS=" -" - - echo - if echo "${user_id}" | grep -q -i "${LDAP_BASE}\$" ; then - dn="${user_id}" - info "Searching for user with DN '${CYAN}${dn}${NORMAL}' ..." - search_memberships "${dn}" - else - for dn in $( get_dn "${user_id}" ); do - info "Searching for user '${CYAN}${user_id}${NORMAL}' with DN '${CYAN}${dn}${NORMAL}' ..." - search_memberships "${dn}" - done - fi - - IFS="${oifs}" - -} - -#------------------------------------------------------------------------------ -main() { - - get_options "$@" - - local id - for id in "${SEARCH_IDS[@]}" ; do - search_user "${id}" - done - -} - -main "$@" - -exit 0 - -# vim: et list diff --git a/bin/nfs-clean-homedirs b/bin/nfs-clean-homedirs deleted file mode 100755 index a5c0425..0000000 --- a/bin/nfs-clean-homedirs +++ /dev/null @@ -1,300 +0,0 @@ -#!/bin/bash - -set -e -set -u - -BASE_NAME="$( basename ${0} )" -MY_REAL_NAME=$( readlink -f $0 ) -BIN_DIR=$( dirname "${MY_REAL_NAME}" ) -BASE_DIR=$( dirname "${BIN_DIR}" ) -LIB_DIR="${BASE_DIR}/lib" -CONF_DIR="${BASE_DIR}/etc" -OLD_HOMES_DIR="_old_homes" - -EXCLUDE_DIRS="regina -noemi -elmar -miriam -nick -stefanie -esther -juliane -claudia -anja -ellen -justus -kira -oliva -anja.o -erika -mailbox -barbara -nicole -alexandra -lost+found -patches -TT_DB -stuttgart -momamemberships -faxserver -amdraht -MM -creative_vp1 -creative_vp2 -creative_vp3 -issybase -hohes-c -eventure -surfpool -db1n -qbic -test-ftd-de -s+s -conradmail -CPAN -newspool -bms -netuser -ipunkt -hamburg -superagent -cyberline -slowtiger -rsync -db1n1 -db1n2 -unit2 -conrad -sekt -db2n2 -concheck -oestereich -teamkonzept -work -sachsenhausen -scimone -con_rep_2 -goodbye -usenet -cegame -info -newshabitat -wodef -barmermesse -services -Christina.Hoschka -ahrens -bachem -bartels -baumgarten -brandis -dietsch -diezmann -fisahn -gamer -hanusch -head -johnson -keating -kleffmann -kotra -kueppers -kuppi -luciana -schade -stehle -steinbach -tautenhahn -thuerwaechter -vorst -CFO -CEO -_old_homes -alf -ceo -idm -info_visioplant -pp.user -pts.user -COO -Investorrelations" - -if [[ -f "${LIB_DIR}/functions.rc" ]] ; then - . "${LIB_DIR}/functions.rc" -else - echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 - exit 5 -fi - -if [[ -f "${CONF_DIR}/pp-nfs.rc" ]] ; then - . "${CONF_DIR}/pp-nfs.rc" -fi - -NFS_HOMEDIRS="${NFS_HOMEDIR_PARENT}" - -detect_color - -DESCRIPTION=$( cat <<-EOF - Removes orphaned NFS home directories under ${CYAN}${NFS_HOMEDIR_PARENT}${NORMAL} - and archives them under ${CYAN}${NFS_HOMEDIR_PARENT}/${OLD_HOMES_DIR}${NORMAL}. - EOF -) - -#------------------------------------------------------------------------------ -usage() { - cat <<-EOF - Usage: ${BASE_NAME} [-d] [-v] [--nocolor] [NFS_HOMEDIR_PARENT] - ${BASE_NAME} [-h|--help] - ${BASE_NAME} [-V|--version] - - Optional Parameter: - NFS_HOMEDIR_PARENT: The parent directory of the NFS home directories. - Defaults to: '${NFS_HOMEDIR_PARENT}'. - - Options: - EOF - - echo "${STD_USAGE_MSG}" - -} - -#------------------------------------------------------------------------------ -get_options() { - - local tmp= - local base_dir= - - set +e - tmp=$( getopt -o ${STD_SHORT_OPTIONS} \ - --long start:,${STD_LONG_OPTIONS} \ - -n "${BASE_NAME}" -- "$@" ) - if [[ $? != 0 ]] ; then - echo "" >&2 - usage >&2 - exit 1 - fi - set -e - - # Note the quotes around `$TEMP': they are essential! - eval set -- "${tmp}" - eval_common_options "$@" - #if [[ "${VERBOSE}" == 'y' ]] ; then - # declare -p REMAINING_ARGS - #fi - - local num_args="${#REMAINING_ARGS[@]}" - - if [[ "${num_args}" != "0" ]] ; then - if [[ "${num_args}" -gt "2" ]] ; then - error "Invalid number of arguments." - echo >&2 - usage >&2 - exit 1 - fi - NFS_HOMEDIRS="${REMAINING_ARGS[1]}" - fi - - if [[ ! -d "${NFS_HOMEDIRS}" ]] ; then - error "Parent of NFS home directories '${RED}${NFS_HOMEDIRS}${NORMAL}' not found." - echo >&2 - usage >&2 - exit 2 - fi - -} - -#------------------------------------------------------------------------------ -check_dir() { - - local hdir="${1}" - local bname=$( basename "${hdir}" ) - local ex= - local skip="n" - - debug "Checking directory '${CYAN}${NFS_HOMEDIRS}/${hdir}${NORMAL}' ..." - - local owner=$( stat --format="%U" "${hdir}" ) - if [[ "${owner}" != 'UNKNOWN' ]] ; then - debug "Owner: '${owner}'" - return - fi - - for ex in $( echo "${EXCLUDE_DIRS}" | egrep -v "^[ ]*(#|$)" | sed -e 's/^[ ]*//' -e 's/[ ]*$//' ) ; do - if [[ "${bname}" == "${ex}" ]] ; then - skip="y" - break - fi - done - if [[ "${skip}" == "y" ]] ; then - info "Skipping '${CYAN}${NFS_HOMEDIRS}/${hdir}${NORMAL}'." - return - fi - - info "Directory '${CYAN}${NFS_HOMEDIRS}/${hdir}${NORMAL}' is orphaned, cleaning it up" - ls -ld "${hdir}" - du -sm "${hdir}" - - local j=0 - local tarfile="${NFS_HOMEDIRS}/${OLD_HOMES_DIR}/$bname.$j.tar.gz" - while [[ -e "${tarfile}" ]] ; do - j=$(( $j + 1 )) - tarfile="${NFS_HOMEDIRS}/${OLD_HOMES_DIR}/$bname.$j.tar.gz" - done - debug "Creating tarfile: '${CYAN}${tarfile}${NORMAL}'" - local cmd="tar cfz \"${tarfile}\" \"${hdir}\"" - if [[ "${VERBOSE}" == "y" ]] ; then - cmd="tar cfzv \"${tarfile}\" \"${hdir}\"" - fi - debug "Executing: ${cmd}" - if [[ "${SIMULATE}" != "y" ]] ; then - eval ${cmd} - ls -l "${tarfile}" - else - debug "Tarfile '${tarfile}' not created." - fi - - info "Removing directory '${CYAN}${NFS_HOMEDIRS}/${hdir}${NORMAL}' ..." - RM --recursive "${hdir}" - -} - -#------------------------------------------------------------------------------ -do_cleanup() { - - cd "${NFS_HOMEDIRS}" - - local dir= - local oifs="${IFS}" - IFS=" -" - - for dir in $( ls -1 -U ) ; do - if [[ ! -d "${dir}" ]] ; then - continue - fi - if [[ "${dir}" == "${OLD_HOMES_DIR}" ]] ; then - continue - fi - check_dir "${dir}" - done - IFS="${oifs}" - -} - -#------------------------------------------------------------------------------ -main() { - - get_options "$@" - set_locale "en_US.utf8" - info "Starting cleanup homedirs ..." - do_cleanup - info "Finished cleanup homedirs." - -} - -main "$@" - - -exit 0 - -# vim: et ts=4 list diff --git a/bin/zelos-make_backup_and_do_update.sh b/bin/zelos-make_backup_and_do_update.sh deleted file mode 100755 index 8b4132e..0000000 --- a/bin/zelos-make_backup_and_do_update.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash - -# by @rwaffen - -#update zelos -DATE=$(date '+%Y-%m-%d') -is_mounted=$(mount | grep /mnt/storagebox/backup -c) -backup_box_pass=$1 #see tpm - -if [ -z "${backup_box_pass}" ]; then - echo "Bitte Password aus TPM entnehmen!" - exit 1 -fi - -# mount hetzner backup disk -if [ $is_mounted -ne 1 ]; then - mount.cifs -o user=u234365,pass=${backup_box_pass} //u234365.your-storagebox.de/backup /mnt/storagebox/backup -fi - -# delete older backups -find /mnt/storagebox/backup -mtime +20 -delete - -# make file backups -echo "packe /root" -tar cfz /mnt/storagebox/backup/${DATE}_root.tgz /root - -echo "packe /opt/asterisk" -tar cfz /mnt/storagebox/backup/${DATE}_asterisk.tgz /opt/asterisk - -echo "packe /etc" -tar cfz /mnt/storagebox/backup/${DATE}_etc.tgz /etc - -echo "packe /home" -tar cfz /mnt/storagebox/backup/${DATE}_home.tgz /home - -# make db backup -echo "mache db dump" -echo "kann so 60min. dauern..." -time /root/MysqlDumps/backupZabbixDB.sh - -mv $(find /opt/dbstorage -name "*.bz2" -daystart -ctime 0) /mnt/storagebox/backup - -# update system -yum update -y - -# reboot -systemctl reboot diff --git a/scripts/backup-pgsql.sh b/scripts/backup-pgsql.sh new file mode 100755 index 0000000..20f00ee --- /dev/null +++ b/scripts/backup-pgsql.sh @@ -0,0 +1,636 @@ +#!/usr/bin/env bash + +########################### +# REQUIREMENTS +########################### +# +# * Required commands: +# + pg_dump +# + du +# + tee +# + bzip2 # If bzip2 is not available, change 'CMD_COMPRESS' +# # to use 'gzip' or whatever compress command you want. +# + +########################### +# USAGE +########################### +# +# * It stores all backup copies in directory '/var/vmail/backup' by default, +# You can change it in variable $BACKUP_ROOTDIR below or via the -b parameter. +# +# * Set correct values for below variables: +# +# PGSQL_SYS_USER +# BACKUP_ROOTDIR +# +# * Add crontab job for root user (or whatever user you want): +# +# # crontab -e -u postgres +# 1 4 * * * bash /path/to/backup_pgsql.sh -q +# +# * Make sure 'crond' service is running. +# + +set -e +set -u + +export LC_ALL=C +export LANG=C + +VERBOSE="n" +DEBUG="n" +QUIET='n' + +VERSION="3.2" + +# console colors: +RED="" +YELLOW="" +GREEN="" +BLUE="" +NORMAL="" + +HAS_TTY='y' + +BASENAME="$(basename ${0})" +BASE_DIR="$(dirname ${0})" + +declare -a DATABASES=() + +######################################################### +# Modify below variables to fit your need ---- +######################################################### +# Keep backup for how many days. Default is 90 days. +KEEP_DAYS='30' + +# System user used to run PostgreSQL daemon. +# - On Linux, it's postgres. +# - On FreeBSD, it's pgsql. +# - On OpenBSD, it's _postgresql. +PGSQL_SYS_USER="postgres" + +# Where to store backup copies. +BACKUP_ROOTDIR="/var/backup/pgsql" + +# Date. +YEAR="$( date +%Y)" +MONTH="$( date +%m)" +DAY="$( date +%d)" +TIME="$( date +%H:%M:%S)" +TIMESTAMP="${YEAR}-${MONTH}-${DAY}-${TIME}" + +# Pre-defined backup status +BACKUP_SUCCESS='YES' + +# Define, check, create directories. +BACKUP_DIR="${BACKUP_ROOTDIR}/${YEAR}/${MONTH}/${DAY}" +TMP_DIR= +LOGFILE="/dev/null" + +BYTES_TOTAL="0" + +#------------------------------------------------------------------- +detect_color() { + + local safe_term="${TERM//[^[:alnum:]]/?}" + local match_lhs="" + local use_color="false" + [[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" + [[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ + && match_lhs=$(dircolors --print-database) + [[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color="true" + + # console colors: + if [ "${use_color}" = "true" ] ; then + RED="\033[38;5;196m" + YELLOW="\033[38;5;226m" + GREEN="\033[38;5;46m" + BLUE="\033[38;5;27m" + NORMAL="\033[39m" + else + RED="" + YELLOW="" + GREEN="" + BLUE="" + NORMAL="" + fi + + local my_tty=$(tty) + if [[ "${my_tty}" =~ 'not a tty' ]] ; then + my_tty='-' + fi + + if [[ "${my_tty}" = '-' || "${safe_term}" = "dump" ]] ; then + HAS_TTY='n' + fi + +} +detect_color + +#------------------------------------------------------------------------------ +description() { + echo -e $( cat <<-EOF + Creates a backup of all databases of the PostgreSQL installatio + on the current host. + + Only the user '${GREEN}${PGSQL_SYS_USER}${NORMAL}' may execute this script. + + EOF + ) +} + +#------------------------------------------------------------------------------ +usage() { + cat <<-EOF + Usage: ${BASENAME} [-K DAYS|--keep=DAYS] [-b DIR|--backupdir=DIR] [-d|--debug] [[-v|--verbose] | [-q|--quiet]]] [--nocolor] + ${BASENAME} [-h|--help] + ${BASENAME} [-V|--version] + + Options: + -K|--keep DAYS Keep the backup files of the last DAYS. Default: ${KEEP_DAYS} days. + -b|--backupdir DIR + Set root backup directory. Default: ${BACKUP_ROOTDIR} + -d|--debug Debug output (bash -x). + -v|--verbose Set verbosity on. Mutually exclusive to '--quiet'. + -q|--quiet Quiet execution, only errors and warnings are shown. + --nocolor Don't use colors on display. + -h|--help Show this output and exit. + -V|--version prints out version number of the script and exit + EOF +} + + +#------------------------------------------------------------------------------ +get_options() { + + local tmp= + local base_dir= + + set +e + tmp=$( getopt -o K:b:dvqhV \ + --long keep:,backupdir:,debug,verbose,quiet,nocolor,help,version \ + -n "${BASENAME}" -- "$@" ) + if [[ $? != 0 ]] ; then + echo "" >&2 + usage >&2 + exit 1 + fi + set -e + + # Note the quotes around `$TEMP': they are essential! + eval set -- "${tmp}" + + local p= + + while true ; do + case "$1" in + -K|--keep) + KEEP_DAYS="$2" + shift + shift + ;; + -b|--backupdir) + BACKUP_ROOTDIR="$2" + BACKUP_DIR="${BACKUP_ROOTDIR}/${YEAR}/${MONTH}/${DAY}" + shift + shift + ;; + -d|--debug) + DEBUG="y" + shift + ;; + -v|--verbose) + VERBOSE="y" + shift + ;; + -q|--quiet) + QUIET="y" + RED="" + YELLOW="" + GREEN="" + BLUE="" + NORMAL="" + shift + ;; + --nocolor) + RED="" + YELLOW="" + GREEN="" + BLUE="" + NORMAL="" + shift + ;; + -h|--help) + description + echo + usage + exit 0 + ;; + -V|--version) + echo "${BASENAME} version: ${VERSION}" + exit 0 + ;; + --) shift + break + ;; + *) echo "Internal error!" + exit 1 + ;; + esac + done + + if [[ "${DEBUG}" = "y" ]] ; then + set -x + fi + if [[ "${VERBOSE}" == "y" && "${QUIET}" == "y" ]] ; then + error "The parameters '${RED}${VERBOSE}${NORMAL}' and '${RED}${VERBOSE}${NORMAL}' are mutually exclusive." + usage >&2 + exit 1 + fi + + local keep_int=$(( $KEEP_DAYS + 0 )) + if [[ "${keep_int}" -le "0" ]] ; then + error "Invalid number of days '${RED}${KEEP_DAYS}${NORMAL}' to keep backup files." + echo >&2 + description >&2 + echo + usage >&2 + exit 1 + fi + debug "Keeping backupfiles, which are not older than ${keep_int} days." + KEEP_DAYS="${keep_int}" + + local cur_user=$( id -u -n ) + if [[ "${cur_user}" != "${PGSQL_SYS_USER}" ]] ; then + error "Wrong user '${RED}${cur_user}${NORMAL}'." + echo >&2 + description >&2 + echo + usage >&2 + exit 1 + fi + +} + +######################################### +# Some often used funktions + +#------------------------------------------------------------------------------ +my_date() { + date +'%F %T.%N %:::z' +} + +#------------------------------------------------------------------------------ +debug() { + if [[ "${VERBOSE}" != "y" ]] ; then + return 0 + fi + echo -e " * [$(my_date)] [${BASENAME}:DEBUG]: $@" | tee -a "${LOGFILE}" +} + +#------------------------------------------------------------------------------ +info() { + if [[ "${QUIET}" == "y" ]] ; then + echo -e " * [$(my_date)] [${BASENAME}:INFO] : $@" >> "${LOGFILE}" + return 0 + fi + echo -e " ${GREEN}*${NORMAL} [$(my_date)] [${BASENAME}:${GREEN}INFO${NORMAL}] : $@" | tee -a "${LOGFILE}" +} + +#------------------------------------------------------------------------------ +warn() { + echo -e " ${YELLOW}*${NORMAL} [$(my_date)] [${BASENAME}:${YELLOW}WARN${NORMAL}] : $@" | tee -a "${LOGFILE}" +} + +#------------------------------------------------------------------------------ +error() { + echo -e " ${RED}*${NORMAL} [$(my_date)] [${BASENAME}:${RED}ERROR${NORMAL}]: $@" | tee -a "${LOGFILE}" +} + +#------------------------------------------------------------------------------ +MKDIR() { + local cmd="mkdir" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd+=" --verbose" + fi + eval ${cmd} "$@" 2>&1 | tee -a "${LOGFILE}" +} + +#------------------------------------------------------------------------------ +RM() { + local cmd="rm" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd+=" --verbose" + fi + eval ${cmd} "$@" 2>&1 | tee -a "${LOGFILE}" +} + +#------------------------------------------------------------------------------ +MV() { + local cmd="mv" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd+=" --verbose" + fi + eval ${cmd} "$@" 2>&1 | tee -a "${LOGFILE}" +} + +#------------------------------------------------------------------------------ +RMDIR() { + local cmd="rmdir" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd+=" --verbose" + fi + eval ${cmd} "$@" 2>&1 | tee -a "${LOGFILE}" +} + +#------------------------------------------------------------------------------ +LN() { + local cmd="ln" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd+=" --verbose" + fi + eval ${cmd} "$@" 2>&1 | tee -a "${LOGFILE}" +} + +#------------------------------------------------------------------------------ +empty_line() { + if [[ "${QUIET}" == "y" ]] ; then + echo >> "${LOGFILE}" + return 0 + fi + echo 2>&1 | tee -a "${LOGFILE}" +} + +################################################################################ + +get_databases() { + + debug "Detecting databases to backup ..." + local db= + for db in $( psql --list \ + --tuples-only \ + --no-align \ + --no-readline \ + --expanded \ + --field-separator=',' | \ + grep -i '^Name' | \ + awk -F ',' '{print $2}' ) ; do + DATABASES+=( "${db}" ) + done + + if [[ "${VERBOSE}" == "y" ]] ; then + echo | tee -a "${LOGFILE}" + echo "Databases to backup:" | tee -a "${LOGFILE}" + for db in "${DATABASES[@]}" ; do + echo " * '${db}'" | tee -a "${LOGFILE}" + done + echo | tee -a "${LOGFILE}" + fi + +} + +#------------------------------------------------------------------------------ +cleanup_tmp_dir() { + if [[ -n "${TMP_DIR}" ]] ; then + if [[ -e "${TMP_DIR}" ]] ; then + debug "Removing temporary directory '${TMP_DIR}' ..." + RM --force --recursive "${TMP_DIR}" + fi + fi +} + +#------------------------------------------------------------------------------ +prepare_dirs() { + + if [[ ! -d "${BACKUP_ROOTDIR}" ]] ; then + error "Directory '${RED}${BACKUP_ROOTDIR}${NORMAL}' does not exists or is not a directory." + exit 5 + fi + if [[ ! -w "${BACKUP_ROOTDIR}" ]] ; then + error "No write access to '${RED}${BACKUP_ROOTDIR}${NORMAL}'." + exit 6 + fi + + info "Creating all necessary directories ..." + MKDIR -p "${BACKUP_DIR}" + TMP_DIR=$( mktemp -d -p "${HOME}" backup.XXXXXXXX.d ) + debug "Temporary directory is '${TMP_DIR}'." + LOGFILE="${BACKUP_DIR}/${TIMESTAMP}.log" + + debug "Creating trap to cleanup temporary directory ..." + trap cleanup_tmp_dir INT TERM EXIT ABRT + +} + +#------------------------------------------------------------------------------ +cleanup_old_backups() { + + info "Cleaning up old backup files and directories ..." + + local verbose_option="" + if [[ "${VERBOSE}" == "y" ]] ; then + verbose_option="--verbose" + fi + + find "${BACKUP_ROOTDIR}" -type f -mtime +${KEEP_DAYS} -print0 | \ + xargs --null --no-run-if-empty rm ${verbose_option} 2>&1 | tee -a "${LOGFILE}" + + local year= + local month= + local day= + + for year in $( ls -1 "${BACKUP_ROOTDIR}" ); do + local y_dir="${BACKUP_ROOTDIR}/${year}" + if [[ -d "${y_dir}" ]] ; then + for month in $( ls -1 "${y_dir}" ); do + local m_dir="${y_dir}/${month}" + if [[ -d "${m_dir}" ]] ; then + for day in $( ls -1 "${m_dir}" ); do + local d_dir="${m_dir}/${day}" + if [[ -d "${d_dir}" && "${d_dir}" != "${BACKUP_DIR}" ]] ; then + rmdir --ignore-fail-on-non-empty "${d_dir}" + if [[ ! -d "${d_dir}" ]] ; then + debug "Removed directory '${d_dir}'." + fi + fi + done + rmdir --ignore-fail-on-non-empty "${m_dir}" + if [[ ! -d "${m_dir}" ]] ; then + debug "Removed directory '${m_dir}'." + fi + fi + done + rmdir --ignore-fail-on-non-empty "${y_dir}" + if [[ ! -d "${y_dir}" ]] ; then + debug "Removed directory '${y_dir}'." + fi + fi + done + +} + +#------------------------------------------------------------------------------ +backup_globals() { + + empty_line + info "Backing up ${GREEN}globals${NORMAL} ..." + + local output_sql="globals-${TIMESTAMP}.sql" + local output_sql_compressed="${output_sql}.bz2" + local out_sql_tmp="${TMP_DIR}/${output_sql}" + local out_sql_tmp_compressed="${TMP_DIR}/${output_sql_compressed}" + local out_sql_tgt="${BACKUP_DIR}/${output_sql}" + local out_sql_tgt_compressed="${BACKUP_DIR}/${output_sql_compressed}" + local out_sql_tgt_latest="${BACKUP_ROOTDIR}/globals-latest.sql.bz2" + + local verbose_option="" + if [[ "${VERBOSE}" == "y" ]] ; then + verbose_option="--verbose" + fi + + pg_dumpall --globals-only ${verbose_option} 2>&1 >"${out_sql_tmp}" | tee -a "${LOGFILE}" + + local blocks=$(stat -c "%b" "${out_sql_tmp}") + local bs=$(stat -c "%B" "${out_sql_tmp}") + local bytes=$(stat -c "%s" "${out_sql_tmp}") + local b_bytes=$(( ${blocks} * ${bs} )) + local k_bytes=$(( ${b_bytes} / 1024 )) + local m_bytes=$(( ${k_bytes} / 1024 )) + local msg=$( printf "Original size of %-50s %10d Bytes => %7d KiB => %4d MiB" \ + "'${output_sql}':" "${bytes}" "${k_bytes}" "${m_bytes}" ) + info "${msg}" + + debug "Compressing '${out_sql_tmp}' ..." + bzip2 ${verbose_option} --best "${out_sql_tmp}" 2>&1 | tee -a "${LOGFILE}" + + blocks=$(stat -c "%b" "${out_sql_tmp_compressed}") + bs=$(stat -c "%B" "${out_sql_tmp_compressed}") + bytes=$(stat -c "%s" "${out_sql_tmp_compressed}") + b_bytes=$(( ${blocks} * ${bs} )) + k_bytes=$(( ${b_bytes} / 1024 )) + m_bytes=$(( ${k_bytes} / 1024 )) + + BYTES_TOTAL=$(( ${BYTES_TOTAL} + ${b_bytes} )) + + local msg=$( printf "Compressed size of %-50s %10d Bytes => %7d KiB => %4d MiB" \ + "'${output_sql}':" "${bytes}" "${k_bytes}" "${m_bytes}" ) + info "${msg}" + + debug "Moving '${out_sql_tmp_compressed}' => '${BACKUP_DIR}' ..." + MV -i "${out_sql_tmp_compressed}" "${BACKUP_DIR}" + + info "Updating reference '${out_sql_tgt_latest}' -> '${out_sql_tgt_compressed}'" + LN -sf "${out_sql_tgt_compressed}" "${out_sql_tgt_latest}" + +} + +#------------------------------------------------------------------------------ +backup_databases() { + + local db= + for db in "${DATABASES[@]}" ; do + backup_database "${db}" + done + + empty_line + local k_bytes=$(( ${BYTES_TOTAL} / 1024 )) + local m_bytes=$(( ${k_bytes} / 1024 )) + local msg=$( printf "Total compressed size: %10d Bytes => %7d KiB => %4d MiB" \ + "${BYTES_TOTAL}" "${k_bytes}" "${m_bytes}" ) + info "${msg}" +} + +#------------------------------------------------------------------------------ +backup_database() { + + local db="$1" + + empty_line + info "Backing up database '${GREEN}${db}${NORMAL}' ..." + + local output_sql="${db}-${TIMESTAMP}.sql" + local output_sql_compressed="${output_sql}.bz2" + local out_sql_tmp="${TMP_DIR}/${output_sql}" + local out_sql_tmp_compressed="${TMP_DIR}/${output_sql_compressed}" + local out_sql_tgt="${BACKUP_DIR}/${output_sql}" + local out_sql_tgt_compressed="${BACKUP_DIR}/${output_sql_compressed}" + local out_sql_tgt_latest="${BACKUP_ROOTDIR}/${db}-latest.sql.bz2" + + local verbose_option="" + if [[ "${VERBOSE}" == "y" ]] ; then + verbose_option="--verbose" + fi + + pg_dump ${verbose_option} --blobs --clean \ + --create --if-exists --serializable-deferrable \ + "${db}" 2>&1 >"${out_sql_tmp}" | tee -a "${LOGFILE}" + + local blocks=$(stat -c "%b" "${out_sql_tmp}") + local bs=$(stat -c "%B" "${out_sql_tmp}") + local bytes=$(stat -c "%s" "${out_sql_tmp}") + local b_bytes=$(( ${blocks} * ${bs} )) + local k_bytes=$(( ${b_bytes} / 1024 )) + local m_bytes=$(( ${k_bytes} / 1024 )) + local msg=$( printf "Original size of %-50s %10d Bytes => %7d KiB => %4d MiB" \ + "'${output_sql}':" "${bytes}" "${k_bytes}" "${m_bytes}" ) + info "${msg}" + + debug "Compressing '${out_sql_tmp}' ..." + bzip2 ${verbose_option} --best "${out_sql_tmp}" 2>&1 | tee -a "${LOGFILE}" + + blocks=$(stat -c "%b" "${out_sql_tmp_compressed}") + bs=$(stat -c "%B" "${out_sql_tmp_compressed}") + bytes=$(stat -c "%s" "${out_sql_tmp_compressed}") + b_bytes=$(( ${blocks} * ${bs} )) + k_bytes=$(( ${b_bytes} / 1024 )) + m_bytes=$(( ${k_bytes} / 1024 )) + + BYTES_TOTAL=$(( ${BYTES_TOTAL} + ${b_bytes} )) + + local msg=$( printf "Compressed size of %-50s %10d Bytes => %7d KiB => %4d MiB" \ + "'${output_sql}':" "${bytes}" "${k_bytes}" "${m_bytes}" ) + info "${msg}" + + debug "Moving '${out_sql_tmp_compressed}' => '${BACKUP_DIR}' ..." + MV -i "${out_sql_tmp_compressed}" "${BACKUP_DIR}" + + info "Updating reference '${out_sql_tgt_latest}' -> '${out_sql_tgt_compressed}'" + LN -sf "${out_sql_tgt_compressed}" "${out_sql_tgt_latest}" +} + + + +################################################################################ +## +## Main +## +################################################################################ + +#------------------------------------------------------------------------------ +main() { + + get_options "$@" + + prepare_dirs + info "Starting backup ..." + get_databases + backup_globals + cleanup_old_backups + backup_databases + + empty_line + debug "Deactivating trap." + trap - INT TERM EXIT ABRT + cleanup_tmp_dir + info "Finished." + +} + +main "$@" + +exit 0 + +# vim: ts=4 et list diff --git a/scripts/check-ldap-passwd b/scripts/check-ldap-passwd new file mode 100755 index 0000000..cc4d9f5 --- /dev/null +++ b/scripts/check-ldap-passwd @@ -0,0 +1,185 @@ +#!/bin/bash + +set -u +set -e + +BASE_NAME="$( basename ${0} )" +MY_REAL_NAME=$( readlink -f $0 ) +BIN_DIR=$( dirname "${MY_REAL_NAME}" ) +BASE_DIR=$( dirname "${BIN_DIR}" ) +LIB_DIR="${BASE_DIR}/lib" +CONF_DIR="${BASE_DIR}/etc" + +if [[ -f "${LIB_DIR}/functions.rc" ]] ; then + . "${LIB_DIR}/functions.rc" +else + echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 + exit 5 +fi + +OBJECT_TOKEN= +GIVEN_PASSWD= + +detect_color + +DESCRIPTION=$( cat <<-EOF + Checks the given password of the given user against the password in LDAP. + +EOF +) + +#------------------------------------------------------------------------------ +usage() { + cat <<-EOF + Usage: ${BASE_NAME} [Common Options] [LDAP Options] + ${BASE_NAME} [-h|--help] + ${BASE_NAME} [-V|--version] + + Mandatory Parameter(s): + UID|EMAIL: Either the Uid of the requested object + (Posix name, mostly in the form 'first_name.last_name'), or + the E-Mail address of the account or group to search. + PASSWORD: The password to check against the password inside LDAP. + + LDAP Options: + EOF + + echo "${LDAP_USAGE_MSG}" + echo + echo " Common Options:" + echo "${STD_USAGE_MSG}" + +} + +#------------------------------------------------------------------------------ +get_options() { + + local tmp= + local base_dir= + + set +e + tmp=$( getopt -o ${LDAP_STD_OPTS_SHORT}${STD_SHORT_OPTIONS} \ + --long ${LDAP_STD_OPTS_LONG},${STD_LONG_OPTIONS} \ + -n "${BASE_NAME}" -- "$@" ) + if [[ $? != 0 ]] ; then + echo "" >&2 + usage >&2 + exit 1 + fi + set -e + + # Note the quotes around `$TEMP': they are essential! + eval set -- "${tmp}" + eval_common_options "$@" + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p REMAINING_OPTS + declare -p REMAINING_ARGS + fi + + eval_ldap_options "${REMAINING_OPTS[@]}" "${REMAINING_ARGS[@]}" + + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p REMAINING_OPTS + declare -p REMAINING_ARGS + fi + + debug "Remaining arguments: ${CYAN}${#REMAINING_ARGS[@]}${NORMAL}" + + if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then + error "Unknown options: ${REMAINING_OPTS[*]}" + echo >&2 + usage >&2 + exit 2 + fi + + if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then + error "No Uids or E-Mail addresses given to retrieve." + echo >&2 + usage >&2 + exit 2 + fi + + if [[ "${#REMAINING_ARGS[@]}" != "3" ]] ; then + error "No Password given to check." + echo >&2 + usage >&2 + exit 2 + fi + OBJECT_TOKEN="${REMAINING_ARGS[1]}" + GIVEN_PASSWD="${REMAINING_ARGS[2]}" + + info "Checking password '${CYAN}${GIVEN_PASSWD}${NORMAL}' of user '${CYAN}${OBJECT_TOKEN}${NORMAL}' ..." + +} + +#------------------------------------------------------------------------------ +main() { + + get_options "$@" + + local oifs="${IFS}" + IFS=" +" + + local cmd= + local filter= + local result= + + local cmd_base="ldapsearch -LLL -o ldif-wrap=no " + cmd_base+="-h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\" " + cmd_base+="-x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\"" + + local filter="(&(|(uid=${OBJECT_TOKEN})(mail=${OBJECT_TOKEN}))(userPassword=*))" + local cmd="${cmd_base} \"${filter}\" userPassword 2>&1 | " + cmd+=" grep -i '^userPassword:' | sed -e 's/^userPassword::[ ][ ]*//'" + debug "Executing: ${cmd}" + result=$( eval ${cmd} ) + debug "ldap_passwd_coded: '${CYAN}${result}${NORMAL}'." + + if [[ -z "${result}" ]] ; then + echo + error "Nutzer mit uid '${RED}${OBJECT_TOKEN}${NORMAL}' nicht gefunden oder hat kein Passwort." >&2 + echo + exit 1 + fi + + local ldap_passwd_value=$( echo "${result}" | base64 -d ) + debug "ldap_passwd_value: '${CYAN}${ldap_passwd_value}${NORMAL}'." + + local ldap_hash_method=$( echo "${ldap_passwd_value}" | \ + sed -e 's/^{//' -e 's/}.*//' | \ + tr '[:upper:]' '[:lower:]' ) + debug "ldap_hash_method: '${CYAN}${ldap_hash_method}${NORMAL}'." + + if [[ "${ldap_hash_method}" != 'crypt' ]] ; then + echo + error "Unbekannte Hash-Methode '${RED}${ldap_hash_method}${NORMAL}'" >&2 + echo + exit 5 + fi + + local ldap_passwd_hash=$( echo "${ldap_passwd_value}" | sed -e 's/^{[^}]*}//' ) + debug "ldap_passwd_hash: '${CYAN}${ldap_passwd_hash}${NORMAL}'." + + local salt=$( echo "${ldap_passwd_hash}" | sed -e 's/^\(..\).*/\1/' ) + debug "salt: '${CYAN}${salt}${NORMAL}'." + + local encr_passwd=$( mkpasswd -m des "${GIVEN_PASSWD}" "${salt}" ) + debug "encr_passwd: '${CYAN}${encr_passwd}${NORMAL}'." + + echo + if [[ "${ldap_passwd_hash}" == "${encr_passwd}" ]] ; then + echo -e "Passwort ist ${GREEN}OKAY${NORMAL}." + echo + else + echo -e "Passwort is ${RED}FALSCH${NORMAL}." >&2 + echo + exit 1 + fi + +} + +main "$@" +exit 0 + +# vim: et list filetype=sh diff --git a/scripts/get-dns-zonefiles b/scripts/get-dns-zonefiles new file mode 100755 index 0000000..8ca38e2 --- /dev/null +++ b/scripts/get-dns-zonefiles @@ -0,0 +1,161 @@ +#!/bin/bash + +set -e +set -u + +BASE_NAME="$( basename ${0} )" +MY_REAL_NAME=$( readlink -f $0 ) +BIN_DIR=$( dirname "${MY_REAL_NAME}" ) +BASE_DIR=$( dirname "${BIN_DIR}" ) +LIB_DIR="${BASE_DIR}/lib" +CONF_DIR="${BASE_DIR}/etc" + +if [[ -f "${LIB_DIR}/functions.rc" ]] ; then + . "${LIB_DIR}/functions.rc" +else + echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 + exit 5 +fi + +declare -a ZONES=() + +detect_color + +DESCRIPTION=$( cat <<-EOF + Gets via zone transfer the complete content of a DNS zone and generates + a normalized zone file for this zone. + + EOF +) + +#------------------------------------------------------------------------------ +usage() { + cat <<-EOF + Usage: ${BASE_NAME} [Common Options] [ ...] + ${BASE_NAME} [-h|--help] + ${BASE_NAME} [-V|--version] + + Mandatory Parameter(s): + ZONE: The name of the zone (a.k.a. domain), which you want to retrieve + completely. May be given for multiple zones. + + It generates in current directory zone files for each given zone + with a timestamp and a sequential number included in the file name. + + Common Options: + ${STD_USAGE_MSG} + EOF + +} + +get_options() { + + local tmp= + local base_dir= + + set +e + tmp=$( getopt -o ${STD_SHORT_OPTIONS} --long ${STD_LONG_OPTIONS} -n "${BASE_NAME}" -- "$@" ) + if [[ $? != 0 ]] ; then + echo "" >&2 + usage >&2 + exit 1 + fi + set -e + + # Note the quotes around `$TEMP': they are essential! + eval set -- "${tmp}" + eval_common_options "$@" + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p REMAINING_OPTS + declare -p REMAINING_ARGS + fi + + if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then + error "Unknown options: ${REMAINING_OPTS[*]}" + echo >&2 + usage >&2 + exit 2 + fi + + if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then + error "No zones given to retrieve." + echo >&2 + usage >&2 + exit 2 + fi + + local i=0 + local zone= + for zone in "${REMAINING_ARGS[@]}" ; do + if [[ "$i" == 0 ]]; then + i=1 + continue + fi + ZONES+=(${zone}) + i=$(( $i + 1 )) + done + + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p ZONES + fi + +} + +#------------------------------------------------------------------------------ +cur_ts() { + date +'%Y-%m-%d_%H-%M-%S' +} + +#------------------------------------------------------------------------------ +get_zone() { + + local zone="$1" + + echo >&2 + info "Get zone '${GREEN}${zone}${NORMAL}' ..." + + local tmpfile=$( mktemp "${zone}.XXXXXXXXXX.zone" ) + local i=0 + local zone_file="${zone}.$( cur_ts ).${i}.zone" + while [[ -e "${zone_file}" ]] ; do + i=$(( $i + 1 )) + zone_file="${zone}.$( cur_ts ).${i}.zone" + done + + dig axfr "${zone}" >"${tmpfile}" + if grep -i 'Transfer failed' "${tmpfile}" >/dev/null ; then + error "Could not transfer zone '${RED}${zone}${NORMAL}'." + else + if type -p named-compilezone >/dev/null ; then + named-compilezone -o "${zone_file}" -s relative "${zone}" "${tmpfile}" + else + cat "${tmpfile}" | grep -P -v '^\s*(;|$)' >"${zone_file}" + fi + info "Created zone file '${GREEN}${zone_file}${NORMAL}'." + fi + + RM "${tmpfile}" +} + +#------------------------------------------------------------------------------ +main() { + + get_options "$@" + umask 0022 + local the_zone= + + set_locale "en_US.utf8" + + for the_zone in "${ZONES[@]}" ; do + get_zone "${the_zone}" + done + +} + +main "$@" + + + +exit 0 + +# vim: et list diff --git a/scripts/get-k8s-master-configs b/scripts/get-k8s-master-configs new file mode 100755 index 0000000..9a915ed --- /dev/null +++ b/scripts/get-k8s-master-configs @@ -0,0 +1,495 @@ +#!/usr/bin/env bash + +export LC_ALL=C +export LANG=C + +VERBOSE="n" +DEBUG="n" +QUIET='n' + +VERSION="1.0" + +# console colors: +RED="" +YELLOW="" +GREEN="" +BLUE="" +NORMAL="" + +HAS_TTY='y' + +BASENAME="$(basename ${0})" +BASE_DIR="$(dirname ${0})" + +REL_K8S_CFGDIR='.kube' +REL_K8S_CFGFILE='config' + +TIMEOUT=30 + +TEMPFILE= + +declare -A ENV_HOST=() +declare -A ENV_PORT=() +declare -A ENV_USER=() +declare -A ENV_GROUP=() +declare -A ENV_HOME=() + +ENV_HOST['live']='live-master01-k8s-spk.spk.pixelpark.net' +ENV_HOST['stage']='stage-master01-k8s-spk.spk.pixelpark.net' + +ENV_PORT['live']=1080 +ENV_PORT['stage']=1080 + +ENV_USER['live']='k8s-live' +ENV_USER['stage']='k8s-stage' + +ENV_GROUP['live']='users' +ENV_GROUP['stage']='users' + +#------------------------------------------------------------------- +detect_color() { + + local safe_term="${TERM//[^[:alnum:]]/?}" + local match_lhs="" + local use_color="false" + [[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" + [[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ + && match_lhs=$(dircolors --print-database) + [[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color="true" + + # console colors: + if [ "${use_color}" = "true" ] ; then + RED="\033[38;5;196m" + YELLOW="\033[38;5;226m" + GREEN="\033[38;5;46m" + BLUE="\033[38;5;27m" + NORMAL="\033[39m" + else + RED="" + YELLOW="" + GREEN="" + BLUE="" + NORMAL="" + fi + + local my_tty=$(tty) + if [[ "${my_tty}" =~ 'not a tty' ]] ; then + my_tty='-' + fi + + if [[ "${my_tty}" = '-' || "${safe_term}" = "dump" ]] ; then + HAS_TTY='n' + fi + +} +detect_color + +#------------------------------------------------------------------------------ +description() { + echo -e $( cat <<-EOF + Gets the current root Kubernetes configuration files of both live + and stage Kubernetes of Sparkasse. + + Only the user '${GREEN}root${NORMAL}' may execute this script. + + EOF + ) +} + +#------------------------------------------------------------------------------ +usage() { + cat <<-EOF + Usage: ${BASENAME} [-d|--debug] [[-v|--verbose] | [-q|--quiet]]] [--nocolor] + ${BASENAME} [-h|--help] + ${BASENAME} [-V|--version] + + Options: + -d|--debug Debug output (bash -x). + -v|--verbose Set verbosity on. Mutually exclusive to '--quiet'. + -q|--quiet Quiet execution, only errors and warnings are shown. + --nocolor Don't use colors on display. + -h|--help Show this output and exit. + -V|--version prints out version number of the script and exit + EOF +} + + +#------------------------------------------------------------------------------ +get_options() { + + local tmp= + local base_dir= + + set +e + tmp=$( getopt -o dvqhV \ + --long debug,verbose,quiet,nocolor,help,version \ + -n "${BASENAME}" -- "$@" ) + if [[ $? != 0 ]] ; then + echo "" >&2 + usage >&2 + exit 1 + fi + set -e + + # Note the quotes around `$TEMP': they are essential! + eval set -- "${tmp}" + + local p= + + while true ; do + case "$1" in + -d|--debug) + DEBUG="y" + shift + ;; + -v|--verbose) + VERBOSE="y" + shift + ;; + -q|--quiet) + QUIET="y" + RED="" + YELLOW="" + GREEN="" + BLUE="" + NORMAL="" + shift + ;; + --nocolor) + RED="" + YELLOW="" + GREEN="" + BLUE="" + NORMAL="" + shift + ;; + -h|--help) + description + echo + usage + exit 0 + ;; + -V|--version) + echo "${BASENAME} version: ${VERSION}" + exit 0 + ;; + --) shift + break + ;; + *) echo "Internal error!" + exit 1 + ;; + esac + done + + if [[ "${DEBUG}" = "y" ]] ; then + set -x + fi + if [[ "${VERBOSE}" == "y" && "${QUIET}" == "y" ]] ; then + error "The parameters '${RED}${VERBOSE}${NORMAL}' and '${RED}${VERBOSE}${NORMAL}' are mutually exclusive." + usage >&2 + exit 1 + fi + + if [[ "$( type -t curl || true )" != "file" ]] ; then + error "Command '${RED}curl${NORMAL}' not found, please install the appropriate package." + echo >&2 + exit 5 + fi + + local cur_user_id=$( id -u ) + if [[ "${cur_user_id}" != "0" ]] ; then + error "Wrong user '${RED}$( id -u -n )${NORMAL}'." + echo >&2 + description >&2 + echo + usage >&2 + exit 1 + fi + +} + +######################################### +# Some often used funktions + +#------------------------------------------------------------------------------ +my_date() { + date +'%F %T.%N %:::z' +} + +#------------------------------------------------------------------------------ +debug() { + if [[ "${VERBOSE}" != "y" ]] ; then + return 0 + fi + echo -e " * [$(my_date)] [${BASENAME}:DEBUG]: $@" +} + +#------------------------------------------------------------------------------ +info() { + if [[ "${QUIET}" == "y" ]] ; then + return + fi + echo -e " ${GREEN}*${NORMAL} [$(my_date)] [${BASENAME}:${GREEN}INFO${NORMAL}] : $@" +} + +#------------------------------------------------------------------------------ +warn() { + echo -e " ${YELLOW}*${NORMAL} [$(my_date)] [${BASENAME}:${YELLOW}WARN${NORMAL}] : $@" >&2 +} + +#------------------------------------------------------------------------------ +error() { + echo -e " ${RED}*${NORMAL} [$(my_date)] [${BASENAME}:${RED}ERROR${NORMAL}]: $@" >&2 +} + +#------------------------------------------------------------------------------ +MKDIR() { + local cmd="mkdir" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd+=" --verbose" + fi + eval ${cmd} "$@" +} + +#------------------------------------------------------------------------------ +CHMOD() { + local cmd="chmod" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd+=" --verbose" + fi + eval ${cmd} "$@" +} + +#------------------------------------------------------------------------------ +CHOWN() { + local cmd="chown" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd+=" --verbose" + fi + eval ${cmd} "$@" +} + +#------------------------------------------------------------------------------ +CHGRP() { + local cmd="chgrp" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd+=" --verbose" + fi + eval ${cmd} "$@" +} + +#------------------------------------------------------------------------------ +RM() { + local cmd="rm" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd+=" --verbose" + fi + eval ${cmd} "$@" +} + +#------------------------------------------------------------------------------ +CP() { + local cmd="cp" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd+=" --verbose" + fi + eval ${cmd} "$@" +} + +#------------------------------------------------------------------------------ +cleanup_tmp_file() { + if [[ -n "${TEMPFILE}" ]] ; then + if [[ -e "${TEMPFILE}" ]] ; then + debug "Removing temporary file '${TEMPFILE}' ..." + RM --force "${TEMPFILE}" + fi + fi +} + +#------------------------------------------------------------------------------ +do_backup() { + + local my_user_home="$1" + local k8s_dir="${my_user_home}/${REL_K8S_CFGDIR}" + local k8s_cfg_file="${k8s_dir}/${REL_K8S_CFGFILE}" + + if [[ ! -f "${k8s_cfg_file}" ]] ; then + debug "File '${k8s_cfg_file}' not found for backup" + return 0 + fi + + local backup_file="${k8s_cfg_file}.$( date -r "${k8s_cfg_file}" +'%Y-%m-%d_%H:%M:%S' )" + info "Copying '${k8s_cfg_file}' => '${backup_file}' ..." + CP -p "${k8s_cfg_file}" "${backup_file}" + +} + +#------------------------------------------------------------------------------ +check_home_dirs() { + + local my_user_home="$1" + local my_user="$2" + local my_group="$3" + + local k8s_dir="${my_user_home}/${REL_K8S_CFGDIR}" + + debug "Checking directories '${my_user_home}' and '${k8s_dir}' ..." + + if [[ -z "${my_user_home}" ]] ; then + error "Could not evaluate \$HOME of user '${RED}${my_user}${NORMAL}'." + return 6 + fi + + if [[ ! -e "${my_user_home}" ]] ; then + error "Directory '${RED}${my_user_home}${NORMAL}' does not exists." + return 6 + fi + + if [[ ! -d "${my_user_home}" ]] ; then + error "Path '${RED}${my_user_home}${NORMAL}' exists, but is not a directory." + return 6 + fi + + if [[ -e "${k8s_dir}" ]] ; then + MKDIR -p "${k8s_dir}" + else + if [[ ! -d "${k8s_dir}" ]] ; then + error "Path '${RED}${k8s_dir}${NORMAL}' exists, but is not a directory." + return 6 + fi + fi + + local dir_owner=$( stat --printf="%U" "${k8s_dir}" ) + local dir_group=$( stat --printf="%G" "${k8s_dir}" ) + local dir_mode=$( stat --printf="%a" "${k8s_dir}" ) + debug "Directory '${k8s_dir}' current: owner='${dir_owner}', group='${dir_group}', mode='${dir_mode}'" + + if [[ "${dir_owner}" != "${my_user}" ]] ; then + info "Setting owner of '${k8s_dir}' to '${my_user}'." + CHOWN "${my_user}" "${k8s_dir}" + fi + + if [[ "${dir_group}" != "${my_group}" ]] ; then + info "Setting group of '${k8s_dir}' to '${my_group}'." + CHGRP "${my_group}" "${k8s_dir}" + fi + + if [[ "${dir_mode}" != "700" ]] ; then + info "Setting mode of '${k8s_dir}' to 0700." + CHMOD "0700" "${k8s_dir}" + fi + + return 0 + +} + +#------------------------------------------------------------------------------ +get_config() { + + local env="$1" + + info "Get current Kubernetes configuration for environment '${GREEN}${env}${NORMAL}'." + + local host="${ENV_HOST[${env}]}" + local port="${ENV_PORT[${env}]}" + local user="${ENV_USER[${env}]}" + local group="${ENV_GROUP[${env}]}" + + local url="http://${host}" + if [[ "${port}" != "80" ]] ; then + url+=":${port}" + fi + url+="/" + debug "URL to get the config: '${url}'." + + local user_home=$( getent passwd "${user}" | head -n 1 | awk -F: '{print $6}' ) + debug "Home directory of user '${user}': '${user_home}'" + if check_home_dirs "${user_home}" "${user}" "${group}" ; then + : + else + return 0 + fi + + TEMPFILE=$( mktemp ) + debug "Temporary file is '${TEMPFILE}'." + trap cleanup_tmp_file INT TERM EXIT ABRT + + debug "Get '${url}' ..." + cmd="curl -o \"${TEMPFILE}\" --silent --max-time \"${TIMEOUT}\" \"${url}\"" + debug "Executing: ${cmd}" + eval ${cmd} + if [[ "${VERBOSE}" == "y" ]] ; then + ls -l "${TEMPFILE}" + fi + + if [[ ! -s "${TEMPFILE}" ]] ; then + error "Got an empty configuration from '${url}' ..." + trap - INT TERM EXIT ABRT + cleanup_tmp_file + return 0 + fi + + local k8s_dir="${user_home}/${REL_K8S_CFGDIR}" + local k8s_cfg_file="${k8s_dir}/${REL_K8S_CFGFILE}" + + if diff --ignore-tab-expansion --ignore-trailing-space --ignore-blank-lines \ + --text "${k8s_cfg_file}" "${TEMPFILE}" >/dev/null ; then + info "Kubernetes configuration '${GREEN}${k8s_cfg_file}${NORMAL}' will be left unchanged." + else + warn "Installing new Kubernetes configuration '${YELLOW}${k8s_cfg_file}${NORMAL}' ..." + do_backup "${user_home}" + CP -p "${TEMPFILE}" "${k8s_cfg_file}" + + fi + + trap - INT TERM EXIT ABRT + cleanup_tmp_file + + local file_owner=$( stat --printf="%U" "${k8s_cfg_file}" ) + local file_group=$( stat --printf="%G" "${k8s_cfg_file}" ) + local file_mode=$( stat --printf="%a" "${k8s_cfg_file}" ) + debug "File '${k8s_cfg_file}' current: owner='${file_owner}', group='${file_group}', mode='${file_mode}'" + + if [[ "${file_owner}" != "${user}" ]] ; then + info "Setting owner of '${k8s_cfg_file}' to '${user}'." + CHOWN "${user}" "${k8s_cfg_file}" + fi + + if [[ "${file_group}" != "${group}" ]] ; then + info "Setting group of '${k8s_cfg_file}' to '${group}'." + CHGRP "${group}" "${k8s_cfg_file}" + fi + + if [[ "${file_mode}" != "600" ]] ; then + info "Setting mode of '${k8s_cfg_file}' to 0600." + CHMOD "0600" "${k8s_cfg_file}" + fi + + debug "Finished environment '${env}'." + +} + +################################################################################ +## +## Main +## +################################################################################ + +#------------------------------------------------------------------------------ +main() { + + get_options "$@" + get_config 'live' + get_config 'stage' + cleanup_tmp_file + +} + +main "$@" + +exit 0 + +# vim: ts=4 et list diff --git a/scripts/get-ldap-dn b/scripts/get-ldap-dn new file mode 100755 index 0000000..5e9cbcc --- /dev/null +++ b/scripts/get-ldap-dn @@ -0,0 +1,156 @@ +#!/bin/bash + +set -e +set -u + +BASE_NAME="$( basename ${0} )" +MY_REAL_NAME=$( readlink -f $0 ) +BIN_DIR=$( dirname "${MY_REAL_NAME}" ) +BASE_DIR=$( dirname "${BIN_DIR}" ) +LIB_DIR="${BASE_DIR}/lib" +CONF_DIR="${BASE_DIR}/etc" + +if [[ -f "${LIB_DIR}/functions.rc" ]] ; then + . "${LIB_DIR}/functions.rc" +else + echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 + exit 5 +fi + +declare -a TOKENS=() + +detect_color + +DESCRIPTION=$( cat <<-EOF + Get LDAP distinguished names (DN) either by a given UID or Mail address. + + EOF +) + +#------------------------------------------------------------------------------ +usage() { + cat <<-EOF + Usage: ${BASE_NAME} [Common Options] [LDAP Options] [ ...] + ${BASE_NAME} [-h|--help] + ${BASE_NAME} [-V|--version] + + Mandatory Parameter(s): + UID|EMAIL: Either the Uid of the requested User + (Posix name, mostly in the form 'first_name.last_name'), or + the E-Mail address of the account or group to search. + + LDAP Options: + EOF + + echo "${LDAP_USAGE_MSG}" + echo + echo " Common Options:" + echo "${STD_USAGE_MSG}" + +} + +#------------------------------------------------------------------------------ +get_options() { + + local tmp= + local base_dir= + + set +e + tmp=$( getopt -o ${LDAP_STD_OPTS_SHORT}${STD_SHORT_OPTIONS} \ + --long ${LDAP_STD_OPTS_LONG},${STD_LONG_OPTIONS} \ + -n "${BASE_NAME}" -- "$@" ) + if [[ $? != 0 ]] ; then + echo "" >&2 + usage >&2 + exit 1 + fi + set -e + + # Note the quotes around `$TEMP': they are essential! + eval set -- "${tmp}" + eval_common_options "$@" + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p REMAINING_OPTS + declare -p REMAINING_ARGS + fi + +# local -a rest_args_common=() +# for tmp in "${REMAINING_ARGS[@]}" ; do +# rest_args_common+=(${tmp}) +# done + + eval_ldap_options "${REMAINING_OPTS[@]}" "${REMAINING_ARGS[@]}" + + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p REMAINING_OPTS + declare -p REMAINING_ARGS + fi + + if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then + error "Unknown options: ${REMAINING_OPTS[*]}" + echo >&2 + usage >&2 + exit 2 + fi + + if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then + error "No Uids or E-Mail addresses given to retrieve." + echo >&2 + usage >&2 + exit 2 + fi + + local i=0 + local token= + for token in "${REMAINING_ARGS[@]}" ; do + if [[ "$i" == 0 ]]; then + i=1 + continue + fi + TOKENS+=(${token}) + i=$(( $i + 1 )) + done + + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p TOKENS + fi + +} + +#------------------------------------------------------------------------------ +main() { + + get_options "$@" + + local oifs="${IFS}" + IFS=" +" + + local token= + local cmd= + local filter= + + local cmd_base="ldapsearch -LLL -o ldif-wrap=no " + cmd_base+="-h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\"" + cmd_base+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" " + + for token in "${TOKENS[@]}" ; do + + echo >&2 + info "Getting DN of LDAP-Object with token '${GREEN}${token}${NORMAL}' ..." >&2 + + filter="(|(uid=${token})(mail=${token})(mailAlternateAddress=${token})(mailEquivalentAddress=${token}))" + cmd="${cmd_base} \"${filter}\" dn" + debug "Executing: ${cmd}" + echo >&2 + eval ${cmd} + + done + +} + +main "$@" + +exit 0 + +# vim: et list diff --git a/scripts/get-ldap-info b/scripts/get-ldap-info new file mode 100755 index 0000000..73dd080 --- /dev/null +++ b/scripts/get-ldap-info @@ -0,0 +1,168 @@ +#!/bin/bash + +set -e +set -u + +BASE_NAME="$( basename ${0} )" +MY_REAL_NAME=$( readlink -f $0 ) +BIN_DIR=$( dirname "${MY_REAL_NAME}" ) +BASE_DIR=$( dirname "${BIN_DIR}" ) +LIB_DIR="${BASE_DIR}/lib" +CONF_DIR="${BASE_DIR}/etc" + +if [[ -f "${LIB_DIR}/functions.rc" ]] ; then + . "${LIB_DIR}/functions.rc" +else + echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 + exit 5 +fi + +declare -a TOKENS=() + +detect_color + +DESCRIPTION=$( cat <<-EOF + Get complete information about the given LDAP objects by their uid- + or mail-Attribute. + + EOF +) + +#------------------------------------------------------------------------------ +usage() { + cat <<-EOF + Usage: ${BASE_NAME} [Common Options] [LDAP Options] [ ...] + ${BASE_NAME} [-h|--help] + ${BASE_NAME} [-V|--version] + + Mandatory Parameter(s): + UID|EMAIL: Either the Uid of the requested object + (Posix name, mostly in the form 'first_name.last_name'), or + the E-Mail address of the account or group to search. + + LDAP Options: + EOF + + echo "${LDAP_USAGE_MSG}" + echo + echo " Common Options:" + echo "${STD_USAGE_MSG}" + +} + +#------------------------------------------------------------------------------ +get_options() { + + local tmp= + local base_dir= + + set +e + tmp=$( getopt -o ${LDAP_STD_OPTS_SHORT}${STD_SHORT_OPTIONS} \ + --long ${LDAP_STD_OPTS_LONG},${STD_LONG_OPTIONS} \ + -n "${BASE_NAME}" -- "$@" ) + if [[ $? != 0 ]] ; then + echo "" >&2 + usage >&2 + exit 1 + fi + set -e + + # Note the quotes around `$TEMP': they are essential! + eval set -- "${tmp}" + eval_common_options "$@" + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p REMAINING_OPTS + declare -p REMAINING_ARGS + fi + + eval_ldap_options "${REMAINING_OPTS[@]}" "${REMAINING_ARGS[@]}" + + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p REMAINING_OPTS + declare -p REMAINING_ARGS + fi + + if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then + error "Unknown options: ${REMAINING_OPTS[*]}" + echo >&2 + usage >&2 + exit 2 + fi + + if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then + error "No Uids or E-Mail addresses given to retrieve." + echo >&2 + usage >&2 + exit 2 + fi + + local i=0 + local token= + for token in "${REMAINING_ARGS[@]}" ; do + if [[ "$i" == 0 ]]; then + i=1 + continue + fi + TOKENS+=(${token}) + i=$(( $i + 1 )) + done + + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p TOKENS + fi + +} + +#------------------------------------------------------------------------------ +main() { + + get_options "$@" + + local oifs="${IFS}" + IFS=" +" + + local token= + local cmd= + local filter= + local result= + + local cmd_base="ldapsearch -LLL -o ldif-wrap=no " + cmd_base+="-h \"${LDAP_HOST}\" -p ${LDAP_PORT} -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" " + + for token in "${TOKENS[@]}" ; do + + local -a dns=() + local dn= + + echo >&2 + info "Getting LDAP info about user with token '${GREEN}${token}${NORMAL}' ..." >&2 + + filter="(|(uid=${token})(mail=${token})(mailAlternateAddress=${token})(mailEquivalentAddress=${token}))" + cmd="${cmd_base} -b \"${LDAP_BASE}\" \"${filter}\" dn 2>/dev/null | grep '^dn' | sed -e 's/^dn:[ ]*//'" + debug "Executing: ${cmd}" + result=$( eval ${cmd} ) + if [[ -z "${result}" ]] ; then + warn "LDAP object with Uid or Mail '${YELLOW}${token}${NORMAL}' not found." + continue + fi + + for dn in ${result} ; do + echo >&2 + info "Found DN: '${GREEN}${dn}${NORMAL}'" + + cmd="${cmd_base} -b \"${dn}\" -s base \"objectclass=*\" 2>/dev/null | sort -i" + debug "Executing: ${cmd}" + eval ${cmd} + + done + + done + +} + +main "$@" + +exit 0 + +# vim: et list diff --git a/scripts/get-ldap-mail b/scripts/get-ldap-mail new file mode 100755 index 0000000..ae530a2 --- /dev/null +++ b/scripts/get-ldap-mail @@ -0,0 +1,162 @@ +#!/bin/bash + +set -e +set -u + +BASE_NAME="$( basename ${0} )" +MY_REAL_NAME=$( readlink -f $0 ) +BIN_DIR=$( dirname "${MY_REAL_NAME}" ) +BASE_DIR=$( dirname "${BIN_DIR}" ) +LIB_DIR="${BASE_DIR}/lib" +CONF_DIR="${BASE_DIR}/etc" + +if [[ -f "${LIB_DIR}/functions.rc" ]] ; then + . "${LIB_DIR}/functions.rc" +else + echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 + exit 5 +fi + +declare -a TOKENS=() + +detect_color + +DESCRIPTION=$( cat <<-EOF + Get all relevant information about the given mail addresses from LDAP. + + EOF +) + +#------------------------------------------------------------------------------ +usage() { + cat <<-EOF + Usage: ${BASE_NAME} [Common Options] [LDAP Options] [ ...] + ${BASE_NAME} [-h|--help] + ${BASE_NAME} [-V|--version] + + Mandatory Parameter(s): + EMAIL: The E-Mail address of the account or group to search. + + LDAP Options: + EOF + + echo "${LDAP_USAGE_MSG}" + echo + echo " Common Options:" + echo "${STD_USAGE_MSG}" + +} + +#------------------------------------------------------------------------------ +get_options() { + + local tmp= + local base_dir= + + set +e + tmp=$( getopt -o ${LDAP_STD_OPTS_SHORT}${STD_SHORT_OPTIONS} \ + --long ${LDAP_STD_OPTS_LONG},${STD_LONG_OPTIONS} \ + -n "${BASE_NAME}" -- "$@" ) + if [[ $? != 0 ]] ; then + echo "" >&2 + usage >&2 + exit 1 + fi + set -e + + # Note the quotes around `$TEMP': they are essential! + eval set -- "${tmp}" + eval_common_options "$@" + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p REMAINING_OPTS + declare -p REMAINING_ARGS + fi + + eval_ldap_options "${REMAINING_OPTS[@]}" "${REMAINING_ARGS[@]}" + + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p REMAINING_OPTS + declare -p REMAINING_ARGS + fi + + if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then + error "Unknown options: ${REMAINING_OPTS[*]}" + echo >&2 + usage >&2 + exit 2 + fi + + if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then + error "No E-Mail addresses given to retrieve." + echo >&2 + usage >&2 + exit 2 + fi + + local i=0 + local token= + for token in "${REMAINING_ARGS[@]}" ; do + if [[ "$i" == 0 ]]; then + i=1 + continue + fi + TOKENS+=(${token}) + i=$(( $i + 1 )) + done + + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p TOKENS + fi + +} + +#------------------------------------------------------------------------------ +main() { + + get_options "$@" + + local ldap_filter_oclass="(|" + local oclass= + + for oclass in inetLocalMailRecipient inetMailGroup inetMailingListUser inetOrgPerson \ + inetResource mailGroup mailGroupMember mailRecipient; do + ldap_filter_oclass+="(objectClass=${oclass})" + done + ldap_filter_oclass+=")" + + local filter_tpl="(&${ldap_filter_oclass}(|(mail=@@ADDRESS@@)(mailAlternateAddress=@@ADDRESS@@)" + filter_tpl+="(mailEquivalentAddress=@@ADDRESS@@)))" + + local oifs="${IFS}" + IFS=" +" + + local token= + local cmd= + local filter= + + local cmd_base="ldapsearch -LLL -o ldif-wrap=no " + cmd_base+="-h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\"" + cmd_base+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" " + + for token in "${TOKENS[@]}" ; do + + echo >&2 + info "Getting DN of LDAP-Object with E-Mail address '${GREEN}${token}${NORMAL}' ..." >&2 + + filter=$( echo "${filter_tpl}" | sed -e "s/@@ADDRESS@@/${token}/g" ) + cmd="${cmd_base} \"${filter}\" dn cn mail mailAlternateAddress mailEquivalentAddress " + cmd+="mgrpRFC822MailMember uniqueMember memberURL mailForwardingAddress mailRoutingAddress" + debug "Executing: ${cmd}" + echo >&2 + eval ${cmd} + + done + +} + +main "$@" + +exit 0 + +# vim: et list diff --git a/scripts/get-ldap-membership b/scripts/get-ldap-membership new file mode 100755 index 0000000..8e68722 --- /dev/null +++ b/scripts/get-ldap-membership @@ -0,0 +1,207 @@ +#!/bin/bash + +set -e +set -u + +BASE_NAME="$( basename ${0} )" +MY_REAL_NAME=$( readlink -f $0 ) +BIN_DIR=$( dirname "${MY_REAL_NAME}" ) +BASE_DIR=$( dirname "${BIN_DIR}" ) +LIB_DIR="${BASE_DIR}/lib" +CONF_DIR="${BASE_DIR}/etc" + +if [[ -f "${LIB_DIR}/functions.rc" ]] ; then + . "${LIB_DIR}/functions.rc" +else + echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 + exit 5 +fi + +declare -a SEARCH_IDS=() + +detect_color + +DESCRIPTION=$( cat <<-EOF + Get all LDAP groups, where the user with the given DN uid or mail address is a member of. + + EOF +) + +#------------------------------------------------------------------------------ +get_options() { + + local tmp= + local base_dir= + + set +e + tmp=$( getopt -o ${LDAP_STD_OPTS_SHORT}${STD_SHORT_OPTIONS} \ + --long ${LDAP_STD_OPTS_LONG},${STD_LONG_OPTIONS} \ + -n "${BASE_NAME}" -- "$@" ) + if [[ $? != 0 ]] ; then + echo "" >&2 + usage >&2 + exit 1 + fi + set -e + + # Note the quotes around `$TEMP': they are essential! + eval set -- "${tmp}" + eval_common_options "$@" + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p REMAINING_OPTS + declare -p REMAINING_ARGS + fi + + eval_ldap_options "${REMAINING_OPTS[@]}" "${REMAINING_ARGS[@]}" + + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p REMAINING_OPTS + declare -p REMAINING_ARGS + fi + + if [[ "${#REMAINING_OPTS[@]}" -gt 0 ]] ; then + error "Unknown options: ${REMAINING_OPTS[*]}" + echo >&2 + usage >&2 + exit 2 + fi + + if [[ "${#REMAINING_ARGS[@]}" == "0" ]] ; then + error "No user given to retrieve." + echo >&2 + usage >&2 + exit 2 + fi + + local i=0 + local token= + for token in "${REMAINING_ARGS[@]}" ; do + if [[ "$i" == 0 ]]; then + i=1 + continue + fi + SEARCH_IDS+=(${token}) + i=$(( $i + 1 )) + done + + if [[ "${DEBUG}" == 'y' ]] ; then + declare -p SEARCH_IDS + fi + +} + +#------------------------------------------------------------------------------ +usage() { + cat <<-EOF + Usage: ${BASE_NAME} [Common Options] [LDAP Options] [ ...] + ${BASE_NAME} [-h|--help] + ${BASE_NAME} [-V|--version] + + Mandatory Parameter(s): + ID: The DN, UID or mail address of the user to search. + + LDAP Options: + EOF + + echo "${LDAP_USAGE_MSG}" + echo + echo " Common Options:" + echo "${STD_USAGE_MSG}" + +} + +#------------------------------------------------------------------------------ +get_dn() { + + local user_id="$1" + local dn= + + local ldap_filter_oclass="(|" + local oclass= + local line= + + for oclass in inetLocalMailRecipient inetMailingListUser inetOrgPerson \ + inetResource mailGroupMember mailRecipient; do + ldap_filter_oclass+="(objectClass=${oclass})" + done + ldap_filter_oclass+=")" + + local filter="(&${ldap_filter_oclass}(|(mail=${user_id})(mailAlternateAddress=${user_id})" + filter+="(mailEquivalentAddress=${user_id})(uid=${user_id})))" + + info "Getting DN of LDAP-Object with E-Mail address or UID '${CYAN}${user_id}${NORMAL}' ..." + + cmd="ldapsearch -LLL -o ldif-wrap=no -h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\"" + cmd+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" \"${filter}\" dn" + debug "Executing: ${cmd}" + for line in $( eval ${cmd} | grep -i '^dn:' | sed -e 's/^dn:[ ]*//i' ) ; do + echo "${line}" + done + +} + +#------------------------------------------------------------------------------ +search_memberships() { + + local dn="$1" + + info "Searching for groups with member '${CYAN}${dn}${NORMAL}' ..." + local ldap_filter_oclass="(|" + local oclass= + + for oclass in groupOfNames groupOfUniqueNames; do + ldap_filter_oclass+="(objectClass=${oclass})" + done + ldap_filter_oclass+=")" + + local filter="(&${ldap_filter_oclass}(|(uniqueMember=${dn})(member=${dn})))" + cmd="ldapsearch -LLL -o ldif-wrap=no -h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\"" + cmd+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" \"${filter}\"" + cmd+=" dn cn description mail mailAlternateAddress mailEquivalentAddress" + debug "Executing: ${cmd}" + eval ${cmd} +} + +#------------------------------------------------------------------------------ +search_user() { + + local user_id="$1" + local dn= + + local oifs="${IFS}" + IFS=" +" + + echo + if echo "${user_id}" | grep -q -i "${LDAP_BASE}\$" ; then + dn="${user_id}" + info "Searching for user with DN '${CYAN}${dn}${NORMAL}' ..." + search_memberships "${dn}" + else + for dn in $( get_dn "${user_id}" ); do + info "Searching for user '${CYAN}${user_id}${NORMAL}' with DN '${CYAN}${dn}${NORMAL}' ..." + search_memberships "${dn}" + done + fi + + IFS="${oifs}" + +} + +#------------------------------------------------------------------------------ +main() { + + get_options "$@" + + local id + for id in "${SEARCH_IDS[@]}" ; do + search_user "${id}" + done + +} + +main "$@" + +exit 0 + +# vim: et list diff --git a/scripts/nfs-clean-homedirs b/scripts/nfs-clean-homedirs new file mode 100755 index 0000000..a5c0425 --- /dev/null +++ b/scripts/nfs-clean-homedirs @@ -0,0 +1,300 @@ +#!/bin/bash + +set -e +set -u + +BASE_NAME="$( basename ${0} )" +MY_REAL_NAME=$( readlink -f $0 ) +BIN_DIR=$( dirname "${MY_REAL_NAME}" ) +BASE_DIR=$( dirname "${BIN_DIR}" ) +LIB_DIR="${BASE_DIR}/lib" +CONF_DIR="${BASE_DIR}/etc" +OLD_HOMES_DIR="_old_homes" + +EXCLUDE_DIRS="regina +noemi +elmar +miriam +nick +stefanie +esther +juliane +claudia +anja +ellen +justus +kira +oliva +anja.o +erika +mailbox +barbara +nicole +alexandra +lost+found +patches +TT_DB +stuttgart +momamemberships +faxserver +amdraht +MM +creative_vp1 +creative_vp2 +creative_vp3 +issybase +hohes-c +eventure +surfpool +db1n +qbic +test-ftd-de +s+s +conradmail +CPAN +newspool +bms +netuser +ipunkt +hamburg +superagent +cyberline +slowtiger +rsync +db1n1 +db1n2 +unit2 +conrad +sekt +db2n2 +concheck +oestereich +teamkonzept +work +sachsenhausen +scimone +con_rep_2 +goodbye +usenet +cegame +info +newshabitat +wodef +barmermesse +services +Christina.Hoschka +ahrens +bachem +bartels +baumgarten +brandis +dietsch +diezmann +fisahn +gamer +hanusch +head +johnson +keating +kleffmann +kotra +kueppers +kuppi +luciana +schade +stehle +steinbach +tautenhahn +thuerwaechter +vorst +CFO +CEO +_old_homes +alf +ceo +idm +info_visioplant +pp.user +pts.user +COO +Investorrelations" + +if [[ -f "${LIB_DIR}/functions.rc" ]] ; then + . "${LIB_DIR}/functions.rc" +else + echo "Bash resource file '${LIB_DIR}/functions.rc' not found" >&2 + exit 5 +fi + +if [[ -f "${CONF_DIR}/pp-nfs.rc" ]] ; then + . "${CONF_DIR}/pp-nfs.rc" +fi + +NFS_HOMEDIRS="${NFS_HOMEDIR_PARENT}" + +detect_color + +DESCRIPTION=$( cat <<-EOF + Removes orphaned NFS home directories under ${CYAN}${NFS_HOMEDIR_PARENT}${NORMAL} + and archives them under ${CYAN}${NFS_HOMEDIR_PARENT}/${OLD_HOMES_DIR}${NORMAL}. + EOF +) + +#------------------------------------------------------------------------------ +usage() { + cat <<-EOF + Usage: ${BASE_NAME} [-d] [-v] [--nocolor] [NFS_HOMEDIR_PARENT] + ${BASE_NAME} [-h|--help] + ${BASE_NAME} [-V|--version] + + Optional Parameter: + NFS_HOMEDIR_PARENT: The parent directory of the NFS home directories. + Defaults to: '${NFS_HOMEDIR_PARENT}'. + + Options: + EOF + + echo "${STD_USAGE_MSG}" + +} + +#------------------------------------------------------------------------------ +get_options() { + + local tmp= + local base_dir= + + set +e + tmp=$( getopt -o ${STD_SHORT_OPTIONS} \ + --long start:,${STD_LONG_OPTIONS} \ + -n "${BASE_NAME}" -- "$@" ) + if [[ $? != 0 ]] ; then + echo "" >&2 + usage >&2 + exit 1 + fi + set -e + + # Note the quotes around `$TEMP': they are essential! + eval set -- "${tmp}" + eval_common_options "$@" + #if [[ "${VERBOSE}" == 'y' ]] ; then + # declare -p REMAINING_ARGS + #fi + + local num_args="${#REMAINING_ARGS[@]}" + + if [[ "${num_args}" != "0" ]] ; then + if [[ "${num_args}" -gt "2" ]] ; then + error "Invalid number of arguments." + echo >&2 + usage >&2 + exit 1 + fi + NFS_HOMEDIRS="${REMAINING_ARGS[1]}" + fi + + if [[ ! -d "${NFS_HOMEDIRS}" ]] ; then + error "Parent of NFS home directories '${RED}${NFS_HOMEDIRS}${NORMAL}' not found." + echo >&2 + usage >&2 + exit 2 + fi + +} + +#------------------------------------------------------------------------------ +check_dir() { + + local hdir="${1}" + local bname=$( basename "${hdir}" ) + local ex= + local skip="n" + + debug "Checking directory '${CYAN}${NFS_HOMEDIRS}/${hdir}${NORMAL}' ..." + + local owner=$( stat --format="%U" "${hdir}" ) + if [[ "${owner}" != 'UNKNOWN' ]] ; then + debug "Owner: '${owner}'" + return + fi + + for ex in $( echo "${EXCLUDE_DIRS}" | egrep -v "^[ ]*(#|$)" | sed -e 's/^[ ]*//' -e 's/[ ]*$//' ) ; do + if [[ "${bname}" == "${ex}" ]] ; then + skip="y" + break + fi + done + if [[ "${skip}" == "y" ]] ; then + info "Skipping '${CYAN}${NFS_HOMEDIRS}/${hdir}${NORMAL}'." + return + fi + + info "Directory '${CYAN}${NFS_HOMEDIRS}/${hdir}${NORMAL}' is orphaned, cleaning it up" + ls -ld "${hdir}" + du -sm "${hdir}" + + local j=0 + local tarfile="${NFS_HOMEDIRS}/${OLD_HOMES_DIR}/$bname.$j.tar.gz" + while [[ -e "${tarfile}" ]] ; do + j=$(( $j + 1 )) + tarfile="${NFS_HOMEDIRS}/${OLD_HOMES_DIR}/$bname.$j.tar.gz" + done + debug "Creating tarfile: '${CYAN}${tarfile}${NORMAL}'" + local cmd="tar cfz \"${tarfile}\" \"${hdir}\"" + if [[ "${VERBOSE}" == "y" ]] ; then + cmd="tar cfzv \"${tarfile}\" \"${hdir}\"" + fi + debug "Executing: ${cmd}" + if [[ "${SIMULATE}" != "y" ]] ; then + eval ${cmd} + ls -l "${tarfile}" + else + debug "Tarfile '${tarfile}' not created." + fi + + info "Removing directory '${CYAN}${NFS_HOMEDIRS}/${hdir}${NORMAL}' ..." + RM --recursive "${hdir}" + +} + +#------------------------------------------------------------------------------ +do_cleanup() { + + cd "${NFS_HOMEDIRS}" + + local dir= + local oifs="${IFS}" + IFS=" +" + + for dir in $( ls -1 -U ) ; do + if [[ ! -d "${dir}" ]] ; then + continue + fi + if [[ "${dir}" == "${OLD_HOMES_DIR}" ]] ; then + continue + fi + check_dir "${dir}" + done + IFS="${oifs}" + +} + +#------------------------------------------------------------------------------ +main() { + + get_options "$@" + set_locale "en_US.utf8" + info "Starting cleanup homedirs ..." + do_cleanup + info "Finished cleanup homedirs." + +} + +main "$@" + + +exit 0 + +# vim: et ts=4 list diff --git a/scripts/zelos-make_backup_and_do_update.sh b/scripts/zelos-make_backup_and_do_update.sh new file mode 100755 index 0000000..8b4132e --- /dev/null +++ b/scripts/zelos-make_backup_and_do_update.sh @@ -0,0 +1,47 @@ +#!/bin/bash + +# by @rwaffen + +#update zelos +DATE=$(date '+%Y-%m-%d') +is_mounted=$(mount | grep /mnt/storagebox/backup -c) +backup_box_pass=$1 #see tpm + +if [ -z "${backup_box_pass}" ]; then + echo "Bitte Password aus TPM entnehmen!" + exit 1 +fi + +# mount hetzner backup disk +if [ $is_mounted -ne 1 ]; then + mount.cifs -o user=u234365,pass=${backup_box_pass} //u234365.your-storagebox.de/backup /mnt/storagebox/backup +fi + +# delete older backups +find /mnt/storagebox/backup -mtime +20 -delete + +# make file backups +echo "packe /root" +tar cfz /mnt/storagebox/backup/${DATE}_root.tgz /root + +echo "packe /opt/asterisk" +tar cfz /mnt/storagebox/backup/${DATE}_asterisk.tgz /opt/asterisk + +echo "packe /etc" +tar cfz /mnt/storagebox/backup/${DATE}_etc.tgz /etc + +echo "packe /home" +tar cfz /mnt/storagebox/backup/${DATE}_home.tgz /home + +# make db backup +echo "mache db dump" +echo "kann so 60min. dauern..." +time /root/MysqlDumps/backupZabbixDB.sh + +mv $(find /opt/dbstorage -name "*.bz2" -daystart -ctime 0) /mnt/storagebox/backup + +# update system +yum update -y + +# reboot +systemctl reboot