|
|
|
@ -191,6 +191,51 @@ ynh_remove_logrotate () { |
|
|
|
sudo rm "/etc/logrotate.d/$app" |
|
|
|
fi |
|
|
|
} |
|
|
|
# Calculate and store a file checksum into the app settings |
|
|
|
# |
|
|
|
# $app should be defined when calling this helper |
|
|
|
# |
|
|
|
# usage: ynh_store_file_checksum file |
|
|
|
# | arg: file - The file on which the checksum will performed, then stored. |
|
|
|
ynh_store_file_checksum () { |
|
|
|
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' |
|
|
|
ynh_app_setting_set $app $checksum_setting_name $(sudo md5sum "$1" | cut -d' ' -f1) |
|
|
|
} |
|
|
|
|
|
|
|
# Verify the checksum and backup the file if it's different |
|
|
|
# This helper is primarily meant to allow to easily backup personalised/manually |
|
|
|
# modified config files. |
|
|
|
# |
|
|
|
# $app should be defined when calling this helper |
|
|
|
# |
|
|
|
# usage: ynh_backup_if_checksum_is_different file [compress] |
|
|
|
# | arg: file - The file on which the checksum test will be perfomed. |
|
|
|
# | arg: compress - 1 to compress the backup instead of a simple copy |
|
|
|
# A compression is needed for a file which will be analyzed even if its name is different. |
|
|
|
# |
|
|
|
# | ret: Return the name a the backup file, or nothing |
|
|
|
ynh_backup_if_checksum_is_different () { |
|
|
|
local file=$1 |
|
|
|
local compress_backup=${2:-0} # If $2 is empty, compress_backup will set at 0 |
|
|
|
local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' |
|
|
|
local checksum_value=$(ynh_app_setting_get $app $checksum_setting_name) |
|
|
|
if [ -n "$checksum_value" ] |
|
|
|
then # Proceed only if a value was stored into the app settings |
|
|
|
if ! echo "$checksum_value $file" | sudo md5sum -c --status |
|
|
|
then # If the checksum is now different |
|
|
|
backup_file="$file.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')" |
|
|
|
if [ $compress_backup -eq 1 ] |
|
|
|
then |
|
|
|
sudo tar --create --gzip --file "$backup_file.tar.gz" "$file" # Backup the current file and compress |
|
|
|
backup_file="$backup_file.tar.gz" |
|
|
|
else |
|
|
|
sudo cp -a "$file" "$backup_file" # Backup the current file |
|
|
|
fi |
|
|
|
echo "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file" >&2 |
|
|
|
echo "$backup_file" # Return the name of the backup file |
|
|
|
fi |
|
|
|
fi |
|
|
|
} |
|
|
|
|
|
|
|
ynh_add_fail2ban_config () { |
|
|
|
# Process parameters |
|
|
|
@ -207,7 +252,7 @@ ynh_add_fail2ban_config () { |
|
|
|
ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1 |
|
|
|
ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1 |
|
|
|
|
|
|
|
echo | sudo tee $finalfail2banjailconf <<EOF |
|
|
|
sudo tee $finalfail2banjailconf <<EOF |
|
|
|
[$app] |
|
|
|
enabled = true |
|
|
|
port = $ports |
|
|
|
@ -216,7 +261,7 @@ logpath = $logpath |
|
|
|
maxretry = $max_retry" |
|
|
|
EOF |
|
|
|
|
|
|
|
echo | sudo tee $finalfail2banfilterconf <<EOF |
|
|
|
sudo tee $finalfail2banfilterconf <<EOF |
|
|
|
[INCLUDES] |
|
|
|
before = common.conf |
|
|
|
[Definition] |
|
|
|
@ -238,3 +283,4 @@ ynh_remove_fail2ban_config () { |
|
|
|
ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf" |
|
|
|
sudo systemctl restart fail2ban |
|
|
|
} |
|
|
|
|
Jimmy Monin
9 years ago