ok. i think this is the last of the regressions.
This commit is contained in:
@ -1,24 +1,14 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
#Framework variables are read from hee
|
|
||||||
source "$FRAMEWORK_CONFIGS_FULL_PATH"/FrameworkVars
|
|
||||||
|
|
||||||
#Boilerplate and support functions
|
for framework_include_file in ../../../Framework-Includes/*; do
|
||||||
FrameworkIncludeFiles="$(ls -1 --color=none "$FRAMEWORK_INCLUDES_FULL_PATH"/*)"
|
source "$framework_include_file"
|
||||||
|
|
||||||
IFS=$'\n\t'
|
|
||||||
for file in "${FrameworkIncludeFiles[@]}"; do
|
|
||||||
. "$file"
|
|
||||||
done
|
done
|
||||||
unset IFS
|
|
||||||
|
|
||||||
|
for project_include_file in ../../../Project-Includes/*; do
|
||||||
ProjectIncludeFiles="$(ls -1 --color=none "$PROJECT_INCLUDES_FULL_PATH"/*)"
|
source "$project_include_file"
|
||||||
IFS=$'\n\t'
|
|
||||||
for file in "${ProjectIncludeFiles[@]}"; do
|
|
||||||
. "$file"
|
|
||||||
done
|
done
|
||||||
unset IFS
|
|
||||||
|
|
||||||
export SUBODEV_CHECK
|
export SUBODEV_CHECK
|
||||||
SUBODEV_CHECK="$(getent passwd|grep -c subodev || true)"
|
SUBODEV_CHECK="$(getent passwd|grep -c subodev || true)"
|
||||||
|
|||||||
@ -10,7 +10,6 @@ PROJECT_ROOT_PATH="$(realpath ../)"
|
|||||||
#Framework variables are read from hee
|
#Framework variables are read from hee
|
||||||
source $PROJECT_ROOT_PATH/Framework-ConfigFiles/FrameworkVars
|
source $PROJECT_ROOT_PATH/Framework-ConfigFiles/FrameworkVars
|
||||||
|
|
||||||
|
|
||||||
for framework_include_file in ../Framework-Includes/*; do
|
for framework_include_file in ../Framework-Includes/*; do
|
||||||
source "$framework_include_file"
|
source "$framework_include_file"
|
||||||
done
|
done
|
||||||
@ -39,13 +38,11 @@ LOCALUSER_CHECK="$(getent passwd|grep -c localuser || true)"
|
|||||||
export DL_ROOT
|
export DL_ROOT
|
||||||
DL_ROOT="https://dl.knownelement.com/KNEL/FetchApply/"
|
DL_ROOT="https://dl.knownelement.com/KNEL/FetchApply/"
|
||||||
|
|
||||||
|
|
||||||
#######################
|
#######################
|
||||||
# Support functions
|
# Support functions
|
||||||
#######################
|
#######################
|
||||||
|
|
||||||
function global-oam()
|
function global-oam() {
|
||||||
{
|
|
||||||
print_info "Now running "$FUNCNAME"...."
|
print_info "Now running "$FUNCNAME"...."
|
||||||
|
|
||||||
cat ./scripts/up2date.sh >/usr/local/bin/up2date.sh && chmod +x /usr/local/bin/up2date.sh
|
cat ./scripts/up2date.sh >/usr/local/bin/up2date.sh && chmod +x /usr/local/bin/up2date.sh
|
||||||
@ -58,26 +55,21 @@ print_info "Completed running "$FUNCNAME""
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function global-systemServiceConfigurationFiles()
|
function global-systemServiceConfigurationFiles() {
|
||||||
{
|
|
||||||
print_info "Now running "$FUNCNAME"...."
|
print_info "Now running "$FUNCNAME"...."
|
||||||
|
|
||||||
|
|
||||||
curl --silent ${DL_ROOT}/ProjectCode/ConfigFiles/ZSH/tsys-zshrc >/etc/zshrc
|
curl --silent ${DL_ROOT}/ProjectCode/ConfigFiles/ZSH/tsys-zshrc >/etc/zshrc
|
||||||
curl --silent ${DL_ROOT}/ProjectCode/ConfigFiles/SMTP/aliases >/etc/aliases
|
curl --silent ${DL_ROOT}/ProjectCode/ConfigFiles/SMTP/aliases >/etc/aliases
|
||||||
curl --silent ${DL_ROOT}/ProjectCode/ConfigFiles/Syslog/rsyslog.conf >/etc/rsyslog.conf
|
curl --silent ${DL_ROOT}/ProjectCode/ConfigFiles/Syslog/rsyslog.conf >/etc/rsyslog.conf
|
||||||
|
|
||||||
|
|
||||||
newaliases
|
newaliases
|
||||||
|
|
||||||
print_info "Completed running "$FUNCNAME""
|
print_info "Completed running "$FUNCNAME""
|
||||||
}
|
}
|
||||||
|
|
||||||
function global-installPackages()
|
function global-installPackages() {
|
||||||
{
|
|
||||||
print_info "Now running "$FUNCNAME"...."
|
print_info "Now running "$FUNCNAME"...."
|
||||||
|
|
||||||
|
|
||||||
# Setup webmin repo, used for RBAC/2fa PAM
|
# Setup webmin repo, used for RBAC/2fa PAM
|
||||||
|
|
||||||
curl https://raw.githubusercontent.com/webmin/webmin/master/webmin-setup-repo.sh >/tmp/webmin-setup.sh
|
curl https://raw.githubusercontent.com/webmin/webmin/master/webmin-setup-repo.sh >/tmp/webmin-setup.sh
|
||||||
@ -198,8 +190,7 @@ fi
|
|||||||
print_info "Completed running "$FUNCNAME""
|
print_info "Completed running "$FUNCNAME""
|
||||||
}
|
}
|
||||||
|
|
||||||
function global-postPackageConfiguration()
|
function global-postPackageConfiguration() {
|
||||||
{
|
|
||||||
|
|
||||||
print_info "Now running "$FUNCNAME""
|
print_info "Now running "$FUNCNAME""
|
||||||
|
|
||||||
@ -275,7 +266,6 @@ systemctl start postfix
|
|||||||
|
|
||||||
/usr/sbin/accton on
|
/usr/sbin/accton on
|
||||||
|
|
||||||
|
|
||||||
if [ "$IS_PHYSICAL_HOST" -gt 0 ]; then
|
if [ "$IS_PHYSICAL_HOST" -gt 0 ]; then
|
||||||
cpufreq-set -r -g performance
|
cpufreq-set -r -g performance
|
||||||
cpupower frequency-set --governor performance
|
cpupower frequency-set --governor performance
|
||||||
@ -295,7 +285,6 @@ fi
|
|||||||
print_info "Completed running "$FUNCNAME""
|
print_info "Completed running "$FUNCNAME""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
####################################################################################################
|
####################################################################################################
|
||||||
# Run various modules
|
# Run various modules
|
||||||
####################################################################################################
|
####################################################################################################
|
||||||
@ -306,8 +295,7 @@ print_info "Completed running "$FUNCNAME""
|
|||||||
|
|
||||||
# SSH
|
# SSH
|
||||||
|
|
||||||
function secharden-ssh()
|
function secharden-ssh() {
|
||||||
{
|
|
||||||
print_info "Now running "$FUNCNAME""
|
print_info "Now running "$FUNCNAME""
|
||||||
|
|
||||||
cd ./Modules/Security
|
cd ./Modules/Security
|
||||||
@ -317,55 +305,46 @@ cd -
|
|||||||
print_info "Completed running "$FUNCNAME""
|
print_info "Completed running "$FUNCNAME""
|
||||||
}
|
}
|
||||||
|
|
||||||
function secharden-wazuh()
|
function secharden-wazuh() {
|
||||||
{
|
|
||||||
print_info "Now running "$FUNCNAME""
|
print_info "Now running "$FUNCNAME""
|
||||||
bash ./Modules/Security/secharden-wazuh.sh
|
bash ./Modules/Security/secharden-wazuh.sh
|
||||||
print_info "Completed running "$FUNCNAME""
|
print_info "Completed running "$FUNCNAME""
|
||||||
}
|
}
|
||||||
|
|
||||||
function secharden-auto-upgrades()
|
function secharden-auto-upgrades() {
|
||||||
{
|
|
||||||
print_info "Now running "$FUNCNAME""
|
print_info "Now running "$FUNCNAME""
|
||||||
#curl --silent ${DL_ROOT}/Modules/Security/secharden-ssh.sh|$(which bash)
|
#curl --silent ${DL_ROOT}/Modules/Security/secharden-ssh.sh|$(which bash)
|
||||||
print_info "Completed running "$FUNCNAME""
|
print_info "Completed running "$FUNCNAME""
|
||||||
}
|
}
|
||||||
|
|
||||||
function secharden-2fa()
|
function secharden-2fa() {
|
||||||
{
|
|
||||||
print_info "Now running "$FUNCNAME""
|
print_info "Now running "$FUNCNAME""
|
||||||
#curl --silent ${DL_ROOT}/Modules/Security/secharden-2fa.sh|$(which bash)
|
#curl --silent ${DL_ROOT}/Modules/Security/secharden-2fa.sh|$(which bash)
|
||||||
print_info "Completed running "$FUNCNAME""
|
print_info "Completed running "$FUNCNAME""
|
||||||
}
|
}
|
||||||
|
|
||||||
function secharden-agents()
|
function secharden-agents() {
|
||||||
{
|
|
||||||
print_info "Now running "$FUNCNAME""
|
print_info "Now running "$FUNCNAME""
|
||||||
#curl --silent ${DL_ROOT}/Modules/Security/secharden-audit-agents.sh|$(which bash)
|
#curl --silent ${DL_ROOT}/Modules/Security/secharden-audit-agents.sh|$(which bash)
|
||||||
print_info "Completed running "$FUNCNAME""
|
print_info "Completed running "$FUNCNAME""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function secharden-scap-stig() {
|
||||||
function secharden-scap-stig()
|
|
||||||
{
|
|
||||||
print_info "Now running "$FUNCNAME""
|
print_info "Now running "$FUNCNAME""
|
||||||
bash ./Modules/Security/secharden-scap-stig.sh
|
bash ./Modules/Security/secharden-scap-stig.sh
|
||||||
print_info "Completed running "$FUNCNAME""
|
print_info "Completed running "$FUNCNAME""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
####################################################################################################
|
####################################################################################################
|
||||||
# Authentication
|
# Authentication
|
||||||
####################################################################################################
|
####################################################################################################
|
||||||
|
|
||||||
function auth-cloudron-ldap()
|
function auth-cloudron-ldap() {
|
||||||
{
|
|
||||||
print_info "Now running "$FUNCNAME""
|
print_info "Now running "$FUNCNAME""
|
||||||
#curl --silent ${DL_ROOT}/Modules/Auth/auth-cloudron-ldap.sh|$(which bash)
|
#curl --silent ${DL_ROOT}/Modules/Auth/auth-cloudron-ldap.sh|$(which bash)
|
||||||
print_info "Completed running "$FUNCNAME""
|
print_info "Completed running "$FUNCNAME""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
####################################################################################################
|
####################################################################################################
|
||||||
# RUn the various functions in the correct order
|
# RUn the various functions in the correct order
|
||||||
####################################################################################################
|
####################################################################################################
|
||||||
|
|||||||
Reference in New Issue
Block a user