Scripts | Bots!

Delete files older than 10 days using shell command

October 28, 2023 by Rumi

find is the common tool for this kind of task :

find ./my_dir -mtime +10 -type f -delete

EXPLANATIONS

./my_dir your directory (replace with your own)
-mtime +10 older than 10 days
-type f only files
-delete no surprise. Remove it to test your find filter before executing the whole command

Src:
https://stackoverflow.com/questions/13489398/delete-files-older-than-10-days-using-shell-script-in-unix

Zimbra Let’s Encrypt auto-renew SSL

January 26, 2023 by Rumi

Required for this script to work is certbot package installed on email server and sudo rights to add script in crontab. You can add script in crontab at a weekly run like this: 0 0 * * 0 root /path_to_script.

#!/bin/bash

#Set domain for renew (in format openthreat.ro)
DOMAIN=""

certbot certificates

EXPIRE_DAYS=`cat /var/log/letsencrypt/letsencrypt.log | grep VALID | cut -d\( -f2 | cut -d\) -f1 | awk '{print $2}'`

if [[ $EXPIRE_DAYS -lt 30 ]]; then

#Stop the jetty or nginx service at Zimbra level
runuser -l zimbra -c 'zmproxyctl stop'
runuser -l zimbra -c 'zmmailboxdctl stop'

#Renew SSL
certbot renew --standalone

#Copy new SSL to Zimbra SSL folder
cp /etc/letsencrypt/live/mail.$DOMAIN/* /opt/zimbra/ssl/letsencrypt/
chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/*

#Build the proper Intermediate CA plus Root CA
echo "-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
-----END CERTIFICATE-----" >> /opt/zimbra/ssl/letsencrypt/chain.pem

#Backup Zimbra SSL directory
cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d")

#Copy the private key under Zimbra SSL path
cp /opt/zimbra/ssl/letsencrypt/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key

#Final SSL deployment
runuser -l zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem'
runuser -l zimbra -c 'zmcontrol restart'

else
echo "Not expire, skipping!"
fi

Zimbra Let’s Encrypt SSL Script

December 28, 2022 by Rumi

#!/bin/bash -x

# SSL certificate installation in Zimbra
# with SSL certificate provided by Let's Encrypt (letsencrypt.org)

# Check if running as root
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root" 1>&2
exit 1
fi

read -p 'letsencrypt_email [mail@server]: ' letsencrypt_email
read -p 'mail_server_url [mail.server]: ' mail_server_url

# Check All variable have a value
if [ -z $mail_server_url ] || [ -z $letsencrypt_email ]
then
echo run script again please insert all value. do not miss any value
else

# Installation start
# Stop the jetty or nginx service at Zimbra level
su - zimbra -c 'zmproxyctl stop'
su - zimbra -c 'zmmailboxdctl stop'

# Install git and letsencrypt
cd /opt/
apt-get install git
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt

# Get SSL certificate
./letsencrypt-auto certonly --standalone --non-interactive --agree-tos --email $letsencrypt_email -d $mail_server_url --hsts
cd /etc/letsencrypt/live/$mail_server_url
cat <<EOF >>chain.pem
-----BEGIN CERTIFICATE-----
MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
-----END CERTIFICATE-----
EOF

# Verify commercial certificate
mkdir /opt/zimbra/ssl/letsencrypt
cp /etc/letsencrypt/live/$mail_server_url/* /opt/zimbra/ssl/letsencrypt/
chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/*
ls -la /opt/zimbra/ssl/letsencrypt/
su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem'

# Deploy the new Let's Encrypt SSL certificate
cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d")
cp /opt/zimbra/ssl/letsencrypt/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key
sudo chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key
su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem'

# Restart Zimbra
su - zimbra -c 'zmcontrol restart'

# setting auto https redirect
cd /opt && touch https-redirect.sh && chown zimbra:zimbra https-redirect.sh && chmod +x https-redirect.sh
cat <<EOF >>/opt/https-redirect.sh
zmprov ms $mail_server_url zimbraReverseProxyMailMode redirect
EOF
su - zimbra -c '/opt/https-redirect.sh'
rm /opt/https-redirect.sh
fi

Installer for jitsi-meet, jigasi and jibri

November 19, 2022 by Rumi

Found this lovely code base (that actually worked) on github, supported on a debian 10/11 or ubuntu 20+ versions-

The script (jitsi_setup.sh) can be used to install stable version of all 3 on a stand-alone server. This is simply a script version of quick-install document at https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart

It Installs below mentioned software:

nginx, prosody, jitsi-meet-prosody, jitsi-meet, jitsi-meet-web, jitsi-meet-web-config, jitsi-meet-turnserver, jicofo, jitsi-videobridge2

Below are optional, will be installed only if opted for:

jigasi (https://github.com/jitsi/jigasi)
jibri (https://github.com/jitsi/jibri)

Also has option for configuring:

secure domain (https://jitsi.github.io/handbook/docs/devops-guide/secure-domain)
jigasi authentication (find it towards the end of secure domain link)
transcription(Google/Vosk) (https://github.com/jitsi/jigasi#configuring-sip-and-transcription)
Etherpad (https://github.com/ether/etherpad-lite)

Monitor Service Port if Down execute a Bash Script

November 14, 2022 by Rumi

#!/bin/bash

HOST_NAME="127.0.0.1"
HOST_PORT="1656"

if ( (exec 3<>/dev/tcp/${HOST_NAME}/${HOST_PORT}) 2> /dev/null); then
echo -e "PORT: ${HOST_PORT} | ON"
else
cd /home/rumi/my-app/ && `node service.js`
fi

exit;

Clean RDP Sessions

June 18, 2022 by Rumi

Just found it useful with the garbage of RDP session to clean-

Paste the below lines on a notepad and rename it- rdp_clean.bat. Execute the batch file through cmd line as admin user.

@echo off
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default" /va /f
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Servers" /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Servers"
cd %userprofile%\documents\
attrib Default.rdp -s -h
del Default.rdp

Voila!

Bash Script To Restart Linux Server Services

December 21, 2021 by Rumi

Here’s the command line code to create the file in nano:

sudo nano /opt/launch-crashed-services.sh

Here is the bash script.

#!/bin/bash

service mysql status | grep 'active (running)' > /dev/null 2>&1
if [ $? != 0 ]
then
sudo service mysql restart > /dev/null
fi

service nginx status | grep 'active (running)' > /dev/null 2>&1
if [ $? != 0 ]
then
sudo service nginx restart > /dev/null
fi

service php7.2-fpm status | grep 'active (running)' > /dev/null 2>&1
if [ $? != 0 ]
then
sudo service php7.2-fpm restart > /dev/null
fi

osTicket Automated Install Script

December 13, 2021 by Rumi

osTicket is one of the leading open source ticketing systems. Here’s an easy way to spin up an instance on Ubuntu.

Note:
This script is purely intended for use in short-lived demo systems. The passwords are obvious (password !?) and there is no hardening applied to any of this system. DO NOT USE THIS SCRIPT IN PRODUCTION.

Create Shell Script
Spin up an Ubuntu instance then create a new shell script and give it executable permissions:

touch osTicket.sh
chmod +x osTicket.sh

Script Content
Paste this into the script:

Proxmox VM auto start VM after found in shutdown state

July 30, 2021July 30, 2021 by Rumi

I was having this strange issue, where a running busy VM stopeed all of a sudden due to high CPU or Memory overload issue. So manually had to start everythime. In order to avoid this, created a small script to start the VM in case if it’s down.

#!/bin/bash

# Set environment
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

su -

if [[ $(qm status 101) = *"status: stopped"* ]];
then
echo `qm start 101`
fi

Email Alert for Host down using fping

October 26, 2020 by Rumi

A simplified bash script for host status alert:

#!/bin/bash

email=h.t.emdad@gmail.com
NBR_DOWN=0
LOGFILE=/tmp/pinglog.txt

echo "Server Down Status" > $LOGFILE
for i in $(cat ping.txt); do
fping $i >/dev/null
if [ $? -ne 0 ]; then
echo "$i is down" >> $LOGFILE
NBR_DOWN=$((NBR_DOWN+1))
fi
done

if [ $NBR_DOWN -gt 0 ]; then
mailx -s "Server Down Alert" $email < $LOGFILE
fi

The contents on ping.txt is like (entries are with new line entry:

core-router
host1
bc
host2
host3
host4
cpanel

If you do not have ‘mailx’ installed, install it using

yum install mailx.