Skip to content
Snippets Groups Projects
Select Git revision
  • b1e1f30d39bf2ff100e08b5ae40b0238cf97ecd7
  • master default protected
  • 133-fail2ban-page
  • reorganisation
  • 16-maintenace-service
  • 11-fail2ban
  • 6-monit-update
  • 7-dolibarr-fail2ban
  • 6-surveillance-interne-des-serveur
  • test-glpi
  • 2-migrate-to-phpfpm
  • jessie
  • github
13 results

upgradeAll.sh

Blame
    • David Beniamine's avatar
    Configure vim and bash
    David Beniamine authored
    7447a60d
    History
    David Beniamine's avatar 7447a60d
    History
    upgradeAll.sh 2.88 KiB
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102 
    

    

    

    #!/bin/bash

# Copyright (C) 2017  Tetras Libre <admin@tetras-libre.fr>
# Author: Beniamine, David <David.Beniamine@tetras-libre.fr>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

DIR=`dirname $0`
$DIR/configure_base_tools.sh
. $DIR/main.env
. $DIR/installNextcloud.env
if [ -z "$MODS" ] || [ -z "$MAINTENANCE_LEVEL" ]
then
    echo "Please update your main.env"
    exit 1
fi

# Base system update
aptitude update
if [ "$MAINTENANCE_LEVEL" == "upgrade" ]
then
    aptitude upgrade
else
    unattended-upgrade -d
    apt-get install `apt-get -s dist-upgrade | awk '/^Inst.*Security/{print $2}'`
fi

# Update modules
for mod in $MODS
do
    script="$DIR/upgrade$mod.sh"
    if [ -f $script ]
    then
        /bin/bash $script
    fi
done
customfile="$DIR/upgradeCustom.sh"
if [ -f "$customfile" ]
then
    /bin/bash $customfile
fi

# Check rootkits and antivirus
if [ `grep -c "^ALLOWHIDDENDIR=/etc/.java" /etc/rkhunter.conf` -eq 0 ]
then
    echo "ALLOWHIDDENDIR=/etc/.java" >> /etc/rkhunter.conf
fi
if [ `egrep -c '^\s*WEB_CMD="/bin/false"' /etc/rkhunter.conf` -gt 0 ]
then
    sed -ie 's@^\s*\(WEB_CMD="/bin/false"\)@# \1@' /etc/rkhunter.conf
fi
sed -ie 's/ALLOW_SSH_ROOT_USER=.*/ALLOW_SSH_ROOT_USER=prohibit-password/' /etc/rkhunter.conf
rkhunter --update > /dev/null
rkhunter --propupdate
rkhunter --sk -c
if [ `crontab -l | grep -c "clamav-weekly"` -eq 0 ]
then
    echo -e "\tERROR : clamav weekly not installed"
else
    cat /var/log/clamav.log
fi

df -h

# Check docker is running
if [ ! -z "`echo $MODS | grep -i collabora`" ]
then
    docker ps -a
fi

# Restart services
services="`checkrestart | awk '/^service/{print $2} /^systemctl/{print $3}'` \
    $EXTRAS_SERVICES_TO_RESTART"
[ ! -z "$services" ] && systemctl restart $services
checkrestart
echo -e "\tPlease check that the following services are up and running"
if [ "${WEB_SERVER}" == "apache2" ]
then
    apache2ctl -S 2>/dev/null | awk '/namevhost/{print "https://"$4}' | sort -u | grep -v "127.0...1"
else
    awk '/^[ \t]*(server_name|server_alias)/{gsub(/;$/, "", $2); print "https://"$2}' /etc/nginx/*-enabled/* | sort -u
fi

# Check if reeboot is requird
last_kernel="$(dpkg -l | awk '/linux-image-[0-9]/{print $2}' | sort -rn | head -n 1)"
running_kernel="linux-image-$(uname -r)"
if [ "$last_kernel" != "$running_kernel" ]
then
    echo "Running on an old kernel, reboot required"
fi