bootstrap.sh

# **************************************************************************** #
#                                                                              #
#                                                         :::      ::::::::    #
#    bootstrap.sh                                       :+:      :+:    :+:    #
#                                                     +:+ +:+         +:+      #
#    By: gbaconni@student.42lausanne.ch             +#+  +:+       +#+         #
#                                                 +#+#+#+#+#+   +#+            #
#    Created: 2021/11/04 10:58:16 by gbaconni          #+#    #+#              #
#    Updated: 2021/11/07 19:22:52 by gbaconni         ###   lausanne.ch        #
#                                                                              #
# **************************************************************************** #

PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

ft_apt ()
{
	user=${1-marvin}
	sed -i'.orig' -r 's/^(deb cdrom)/#\1/' /etc/apt/sources.list
	apt-get update >/dev/null 2>&1
	apt-get clean
	return 0
}

ft_editor ()
{
	user=${1-marvin}
	update-alternatives --set editor /usr/bin/vim.basic >/dev/null 2>&1
	ln -snf /usr/bin/vim.basic /etc/alternatives/editor
	return 0
}

ft_ssh ()
{
	user=${1-marvin}
	port=${2-4242}
	home=$(eval echo ~${user})
	sed -i'.orig' -r 's/^#?(Port) .*/\1 '${port}'/; s/^#?(PermitRootLogin) .*/\1 no/;' /etc/ssh/sshd_config
	install -D -d -o ${user} -g ${user} -m 0700 ${home}/.ssh
	install -o ${user} -g ${user} -m 0600 /dev/null ${home}/.ssh/authorized_keys
	echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1Ol5Sfn9XTleGg6PDSRu9+Bs/V+dWmY+EeIQuE/3XH4XxQjguip0e7lLvP1emmnHYrRzD913MbTpYIEidcxQdk/1bauYcMoW01Sx5nG1I+pkdgnQP4p06995/2hM1GPuY7WSDKOMydu1zuJ/7N9TlzItGwV5bivc7tjISdep/rhugFI5ApfcdhEyst+M8T40+s7CRkgnatqx+s8xmzvRIFf4jf/u76FegxYqC5tV30AkUIF/CTpCcENRiQkCTIpwkt55Y0Rk0YnWhM1D1HDyNQizmud38R5B9spfKZH6sOhuzUtRNKE1jVdAdl7fEaCT4Y7kYW2HF7sa7uy+IlNRbebDg5HHfy91c2pyUkl65QQOWfqLm0P3J9i5xywmRenVrLxe8P9Cs00CJGdfXaaE2f/5K7nkphVIXE8nCqye2I50ifNYktWdcWQdD4nJpDzFAZllJqSKobdGOn9qW9h8dPrTTB3dTRroRTXoIZRHCKRE8lL+jVTKLlMcMyLUgAXrsJ0ehmuskaDdQc9Mm9i7/2J84RLfs64zsLkC5xqhBaw4Er4GuZ3r1LHS09iqKCQ1T52wJ9ZTHjVd6auikevWf3beLj5NQy25b1bAoWFmfg3fhsg7pbcyqHeSSPuCoXfuaqA5+Fz4ARTdXSodmriqCmM6YUzWMUX1+VZIXaVr5bw== '${user} > ${home}/.ssh/authorized_keys
	return 0
}

ft_groups ()
{
	user=${1-marvin}
	groupadd -f -r sudo
	groupadd -f user42
	usermod -a -G sudo,user42 ${user}
	return 0
}

ft_policy ()
{
	user=${1-marvin}
	sed -i'.orig' -r 's/^#?(PASS_MAX_DAYS).*/\1\t30/; s/^#?(PASS_MIN_DAYS).*/\1\t2/; s/^#?(PASS_WARN_AGE).*/\1\t7/; s/^#?(PASS_MIN_LEN).*/\1\t10/;' /etc/login.defs
	sed -i'.orig' -r 's/^[# ]*(minlen =)/\1 10/; s/^[# ]*([ud]credit =)/\1 -1/; s/^[# ]*(maxrepeat =)/\1 3/; s/^[# ]*(usercheck =)/\1 1/; s/^[# ]*(difok =)/\1 7/;' /etc/security/pwquality.conf
	chage -M 30 -m 2 -W 7 ${user}
	return 0
}

ft_sudo ()
{
	user=${1-marvin}
	install -D -d /var/log/sudo
	echo -e 'passwd_tries=3\nbadpass_message="I am sorry. I am afraid you cannot do that."\nlog_input\nlog_output\niolog_dir="/var/log/sudo"\nrequiretty\nsecure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"' | sed 's/^/Defaults\t/' > /etc/sudoers.d/sudo
	chmod 0440 /etc/sudoers.d/sudo
	return 0
}

ft_rc_local ()
{
	user=${1-marvin}
	systemctl enable rc-local.service >/dev/null 2>&1
	echo '#!/bin/sh -e' > /etc/rc.local
	echo '' >> /etc/rc.local
	echo 'exit 0' >> /etc/rc.local
	chmod +x /etc/rc.local
	return 0
}

ft_ufw ()
{
	user=${1-marvin}
	port=${2-4242}
	ft_rc_local ${user}
	cp /etc/rc.local /etc/rc.local.orig
	echo '#!/bin/sh' > /etc/rc.local
	echo '/usr/sbin/ufw enable' >> /etc/rc.local
	echo '/usr/sbin/ufw allow proto tcp from any to any port '${port} >> /etc/rc.local
	echo 'mv -f /etc/rc.local.orig /etc/rc.local' >> /etc/rc.local
	echo 'test -x /etc/rc.local && /etc/rc.local' >> /etc/rc.local
	echo 'exit 0' >> /etc/rc.local
	return 0
}

ft_monitoring ()
{
	user=${1-marvin}
	curl -sLo /usr/local/bin/monitoring.sh 'https://42url.com/tDJM3BPO'
	chmod 0755 /usr/local/bin/monitoring.sh
	echo "MONITORING=yes" > /etc/default/monitoring
	echo "# min hour dom mon dow user command" > /etc/cron.d/monitoring
	echo "" >> /etc/cron.d/monitoring
	echo "SHELL=/bin/bash" >> /etc/cron.d/monitoring
	echo "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" >> /etc/cron.d/monitoring
	echo "MAILTO=root" >> /etc/cron.d/monitoring
	echo "" >> /etc/cron.d/monitoring
	echo "# Every 10 minutes" >> /etc/cron.d/monitoring
	echo "*/10 * * * * root /usr/local/bin/monitoring.sh -w" >> /etc/cron.d/monitoring
	echo "" >> /etc/cron.d/monitoring
	echo "# Every 10 seconds" >> /etc/cron.d/monitoring
	echo "#* * * * * root /bin/bash -c 'for i in {1..6}; do /usr/local/bin/monitoring.sh -w; sleep 10; done'" >> /etc/cron.d/monitoring
	echo "" >> /etc/cron.d/monitoring
	return 0
}

ft_bonus ()
{
	user=${1-marvin}
	curl -sLo /usr/local/bin/bonus.sh 'https://42url.com/q3FDubUs'
	chmod 0755 /usr/local/bin/bonus.sh
	bash -x /usr/local/bin/bonus.sh
	return 0
}

main ()
{
	port=${1-4242}
	user=${2-marvin}
	if [ "${user}" == "marvin" ] || [ "${port}" == "marvin" ]
	then
		echo "Are you sad today, Marvin?"
		echo "$(basename $0) <port> <user>"
		exit 1
	fi
	ft_apt ${user}
	ft_editor ${user}
	ft_ssh ${user}
	ft_groups ${user}
	ft_policy ${user}
	ft_sudo ${user}
	ft_ufw ${user} ${port}
	ft_monitoring ${user}
	ft_bonus ${user}
	echo "That's all Folks!"
	return 0
}

main $@
exit $?
Add bootstrap script 2021-11-04 11:37:02 +01:00			`# **************************************************************************** #`
			`# #`
			`# ::: :::::::: #`
			`# bootstrap.sh :+: :+: :+: #`
			`# +:+ +:+ +:+ #`
			`# By: gbaconni@student.42lausanne.ch +#+ +:+ +#+ #`
			`# +#+#+#+#+#+ +#+ #`
			`# Created: 2021/11/04 10:58:16 by gbaconni #+# #+# #`
2021-11-07 19:23:37 2021-11-07 19:23:37 +01:00			`# Updated: 2021/11/07 19:22:52 by gbaconni ### lausanne.ch #`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`# #`
			`# **************************************************************************** #`

2021-11-04 13:24:48 2021-11-04 13:24:48 +01:00			`PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"`

2021-11-04 12:11:52 2021-11-04 12:11:52 +01:00			`ft_apt ()`
			`{`
			`user=${1-marvin}`
			`sed -i'.orig' -r 's/^(deb cdrom)/#\1/' /etc/apt/sources.list`
2021-11-04 12:21:33 2021-11-04 12:21:33 +01:00			`apt-get update >/dev/null 2>&1`
2021-11-04 12:11:52 2021-11-04 12:11:52 +01:00			`apt-get clean`
Add return 0 everywhere and push bonus in bootstrap 2021-11-07 15:18:50 +01:00			`return 0`
2021-11-04 12:11:52 2021-11-04 12:11:52 +01:00			`}`

Add bootstrap script 2021-11-04 11:37:02 +01:00			`ft_editor ()`
			`{`
2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`user=${1-marvin}`
2021-11-04 12:21:33 2021-11-04 12:21:33 +01:00			`update-alternatives --set editor /usr/bin/vim.basic >/dev/null 2>&1`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`ln -snf /usr/bin/vim.basic /etc/alternatives/editor`
Add return 0 everywhere and push bonus in bootstrap 2021-11-07 15:18:50 +01:00			`return 0`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`}`

			`ft_ssh ()`
			`{`
2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`user=${1-marvin}`
			`port=${2-4242}`
2021-11-04 13:40:13 2021-11-04 13:40:13 +01:00			`home=$(eval echo ~${user})`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`sed -i'.orig' -r 's/^#?(Port) ./\1 '${port}'/; s/^#?(PermitRootLogin) ./\1 no/;' /etc/ssh/sshd_config`
2021-11-04 13:40:13 2021-11-04 13:40:13 +01:00			`install -D -d -o ${user} -g ${user} -m 0700 ${home}/.ssh`
			`install -o ${user} -g ${user} -m 0600 /dev/null ${home}/.ssh/authorized_keys`
			echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1Ol5Sfn9XTleGg6PDSRu9+Bs/V+dWmY+EeIQuE/3XH4XxQjguip0e7lLvP1emmnHYrRzD913MbTpYIEidcxQdk/1bauYcMoW01Sx5nG1I+pkdgnQP4p06995/2hM1GPuY7WSDKOMydu1zuJ/7N9TlzItGwV5bivc7tjISdep/rhugFI5ApfcdhEyst+M8T40+s7CRkgnatqx+s8xmzvRIFf4jf/u76FegxYqC5tV30AkUIF/CTpCcENRiQkCTIpwkt55Y0Rk0YnWhM1D1HDyNQizmud38R5B9spfKZH6sOhuzUtRNKE1jVdAdl7fEaCT4Y7kYW2HF7sa7uy+IlNRbebDg5HHfy91c2pyUkl65QQOWfqLm0P3J9i5xywmRenVrLxe8P9Cs00CJGdfXaaE2f/5K7nkphVIXE8nCqye2I50ifNYktWdcWQdD4nJpDzFAZllJqSKobdGOn9qW9h8dPrTTB3dTRroRTXoIZRHCKRE8lL+jVTKLlMcMyLUgAXrsJ0ehmuskaDdQc9Mm9i7/2J84RLfs64zsLkC5xqhBaw4Er4GuZ3r1LHS09iqKCQ1T52wJ9ZTHjVd6auikevWf3beLj5NQy25b1bAoWFmfg3fhsg7pbcyqHeSSPuCoXfuaqA5+Fz4ARTdXSodmriqCmM6YUzWMUX1+VZIXaVr5bw== '${user} > ${home}/.ssh/authorized_keys
Add return 0 everywhere and push bonus in bootstrap 2021-11-07 15:18:50 +01:00			`return 0`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`}`

			`ft_groups ()`
			`{`
2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`user=${1-marvin}`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`groupadd -f -r sudo`
			`groupadd -f user42`
2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`usermod -a -G sudo,user42 ${user}`
Add return 0 everywhere and push bonus in bootstrap 2021-11-07 15:18:50 +01:00			`return 0`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`}`

			`ft_policy ()`
			`{`
2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`user=${1-marvin}`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`sed -i'.orig' -r 's/^#?(PASS_MAX_DAYS)./\1\t30/; s/^#?(PASS_MIN_DAYS)./\1\t2/; s/^#?(PASS_WARN_AGE)./\1\t7/; s/^#?(PASS_MIN_LEN)./\1\t10/;' /etc/login.defs`
			`sed -i'.orig' -r 's/^[# ](minlen =)/\1 10/; s/^[# ]([ud]credit =)/\1 -1/; s/^[# ](maxrepeat =)/\1 3/; s/^[# ](usercheck =)/\1 1/; s/^[# ]*(difok =)/\1 7/;' /etc/security/pwquality.conf`
2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`chage -M 30 -m 2 -W 7 ${user}`
Add return 0 everywhere and push bonus in bootstrap 2021-11-07 15:18:50 +01:00			`return 0`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`}`

			`ft_sudo ()`
			`{`
2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`user=${1-marvin}`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`install -D -d /var/log/sudo`
			`echo -e 'passwd_tries=3\nbadpass_message="I am sorry. I am afraid you cannot do that."\nlog_input\nlog_output\niolog_dir="/var/log/sudo"\nrequiretty\nsecure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"' \| sed 's/^/Defaults\t/' > /etc/sudoers.d/sudo`
			`chmod 0440 /etc/sudoers.d/sudo`
Add return 0 everywhere and push bonus in bootstrap 2021-11-07 15:18:50 +01:00			`return 0`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`}`

			`ft_rc_local ()`
			`{`
2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`user=${1-marvin}`
2021-11-04 12:26:08 2021-11-04 12:26:08 +01:00			`systemctl enable rc-local.service >/dev/null 2>&1`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`echo '#!/bin/sh -e' > /etc/rc.local`
			`echo '' >> /etc/rc.local`
			`echo 'exit 0' >> /etc/rc.local`
			`chmod +x /etc/rc.local`
Add return 0 everywhere and push bonus in bootstrap 2021-11-07 15:18:50 +01:00			`return 0`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`}`

			`ft_ufw ()`
			`{`
2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`user=${1-marvin}`
2021-11-04 13:24:48 2021-11-04 13:24:48 +01:00			`port=${2-4242}`
2021-11-04 13:25:58 2021-11-04 13:25:58 +01:00			`ft_rc_local ${user}`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`cp /etc/rc.local /etc/rc.local.orig`
			`echo '#!/bin/sh' > /etc/rc.local`
			`echo '/usr/sbin/ufw enable' >> /etc/rc.local`
2021-11-04 13:24:48 2021-11-04 13:24:48 +01:00			`echo '/usr/sbin/ufw allow proto tcp from any to any port '${port} >> /etc/rc.local`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`echo 'mv -f /etc/rc.local.orig /etc/rc.local' >> /etc/rc.local`
			`echo 'test -x /etc/rc.local && /etc/rc.local' >> /etc/rc.local`
			`echo 'exit 0' >> /etc/rc.local`
Add return 0 everywhere and push bonus in bootstrap 2021-11-07 15:18:50 +01:00			`return 0`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`}`

2021-11-04 13:24:48 2021-11-04 13:24:48 +01:00			`ft_monitoring ()`
			`{`
			`user=${1-marvin}`
			`curl -sLo /usr/local/bin/monitoring.sh 'https://42url.com/tDJM3BPO'`
			`chmod 0755 /usr/local/bin/monitoring.sh`
			`echo "MONITORING=yes" > /etc/default/monitoring`
2021-11-05 15:32:47 2021-11-05 15:32:47 +01:00			`echo "# min hour dom mon dow user command" > /etc/cron.d/monitoring`
			`echo "" >> /etc/cron.d/monitoring`
			`echo "SHELL=/bin/bash" >> /etc/cron.d/monitoring`
			`echo "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" >> /etc/cron.d/monitoring`
			`echo "MAILTO=root" >> /etc/cron.d/monitoring`
			`echo "" >> /etc/cron.d/monitoring`
2021-11-05 15:10:07 2021-11-05 15:10:07 +01:00			`echo "# Every 10 minutes" >> /etc/cron.d/monitoring`
			`echo "/10 * * * root /usr/local/bin/monitoring.sh -w" >> /etc/cron.d/monitoring`
			`echo "" >> /etc/cron.d/monitoring`
			`echo "# Every 10 seconds" >> /etc/cron.d/monitoring`
2021-11-05 15:32:47 2021-11-05 15:32:47 +01:00			`echo "#* * * * * root /bin/bash -c 'for i in {1..6}; do /usr/local/bin/monitoring.sh -w; sleep 10; done'" >> /etc/cron.d/monitoring`
2021-11-05 15:19:49 2021-11-05 15:19:49 +01:00			`echo "" >> /etc/cron.d/monitoring`
Add return 0 everywhere and push bonus in bootstrap 2021-11-07 15:18:50 +01:00			`return 0`
			`}`

			`ft_bonus ()`
			`{`
			`user=${1-marvin}`
			`curl -sLo /usr/local/bin/bonus.sh 'https://42url.com/q3FDubUs'`
			`chmod 0755 /usr/local/bin/bonus.sh`
			`bash -x /usr/local/bin/bonus.sh`
			`return 0`
2021-11-04 13:24:48 2021-11-04 13:24:48 +01:00			`}`

Add bootstrap script 2021-11-04 11:37:02 +01:00			`main ()`
			`{`
2021-11-07 19:23:37 2021-11-07 19:23:37 +01:00			`port=${1-4242}`
			`user=${2-marvin}`
			`if [ "${user}" == "marvin" ] \|\| [ "${port}" == "marvin" ]`
2021-11-05 15:16:58 2021-11-05 15:16:58 +01:00			`then`
			`echo "Are you sad today, Marvin?"`
2021-11-07 19:23:37 2021-11-07 19:23:37 +01:00			`echo "$(basename $0) <port> <user>"`
2021-11-05 15:16:58 2021-11-05 15:16:58 +01:00			`exit 1`
			`fi`
2021-11-04 12:11:52 2021-11-04 12:11:52 +01:00			`ft_apt ${user}`
2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`ft_editor ${user}`
			`ft_ssh ${user}`
			`ft_groups ${user}`
			`ft_policy ${user}`
			`ft_sudo ${user}`
2021-11-04 12:11:52 2021-11-04 12:11:52 +01:00			`ft_ufw ${user} ${port}`
2021-11-04 13:24:48 2021-11-04 13:24:48 +01:00			`ft_monitoring ${user}`
Add return 0 everywhere and push bonus in bootstrap 2021-11-07 15:18:50 +01:00			`ft_bonus ${user}`
2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`echo "That's all Folks!"`
Add bootstrap script 2021-11-04 11:37:02 +01:00			`return 0`
			`}`

2021-11-04 11:54:03 2021-11-04 11:54:03 +01:00			`main $@`
			`exit $?`