From ce3d1990651b334b5febac531065c7fa4e2b556b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Beno=C3=AEt=20S=C3=89RIE?= <bserie@evolix.fr>
Date: Fri, 3 Jun 2016 14:30:27 +0200
Subject: [PATCH] Added jail_init.sh.

A script that can be used when you have two servers in nodes.
---
 jail_init.sh | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 jail_init.sh

diff --git a/jail_init.sh b/jail_init.sh
new file mode 100644
index 0000000..31ad592
--- /dev/null
+++ b/jail_init.sh
@@ -0,0 +1,42 @@
+#!/bin/bash
+#!! Need export JAIL="jailName"
+
+
+ipBackup1=198.51.100.10
+ipBackup2=198.51.100.20
+
+# Start jail.
+echo -e "\e[34mStarting jail...\e[39m"
+mount -t proc proc-chroot /backup/jails/$JAIL/proc/
+mount -t devtmpfs udev /backup/jails/$JAIL/dev/
+mount -t devpts devpts /backup/jails/$JAIL/dev/pts
+chroot /backup/jails/$JAIL /usr/sbin/sshd > /dev/null
+# Plan-sauvegardes.
+echo -e "$(grep Port /backup/jails/$JAIL/etc/ssh/sshd_config |cut -d ' ' -f 2) $JAIL ($(grep AllowUsers /backup/jails/$JAIL/etc/ssh/sshd_config |cut -d ' ' -f 2 |cut -d '@' -f 2))\n" >> PLAN-SAUVEGARDES
+# File for incs.
+echo -e "\e[34mCreate file inc config...\e[39m"
+cp inc.tpl /etc/evobackup/$JAIL
+# iptables rules.
+echo -e "\e[34mAdd iptables rule...\e[39m"
+echo -e "# $JAIL\n/sbin/iptables -A INPUT -p tcp --sport 1024: --dport $(grep Port /backup/jails/${JAIL}/etc/ssh/sshd_config |cut -d ' ' -f 2) -s $(grep AllowUsers /backup/jails/${JAIL}/etc/ssh/sshd_config |cut -d ' ' -f 2 |cut -d '@' -f 2) -j ACCEPT" >> /etc/firewall.rc.jails
+/etc/init.d/minifirewall restart
+
+# Create the jail on the second server.
+echo -e "\e[34mDeploy on second server...\e[39m"
+rsync -a --exclude='var/backup/**' --exclude='proc/**' --exclude='dev/**' /backup/jails/$JAIL/ ${ipBackup2}:/backup/jails/$JAIL/
+rsync -a /etc/evobackup/$JAIL ${ipBackup2}:/etc/evobackup/
+rsync -a /etc/firewall.rc.jails ${ipBackup2}:/etc/
+ssh ${ipBackup2} "
+mount -t proc proc-chroot /backup/jails/$JAIL/proc/
+mount -t devtmpfs udev /backup/jails/$JAIL/dev/
+mount -t devpts devpts /backup/jails/$JAIL/dev/pts
+chroot /backup/jails/$JAIL /usr/sbin/sshd > /dev/null
+/etc/init.d/minifirewall restart
+"
+echo -e "\e[32mDone!\e[39m"
+
+# Information to user
+
+echo "You can add these iptables rules to backuped server:"
+echo /sbin/iptables -A INPUT -p tcp --sport $(grep Port /backup/jails/${JAIL}/etc/ssh/sshd_config |cut -d ' ' -f 2) --dport 1024:65535 -s $ipBackup1 -m state --state ESTABLISHED,RELATED -j ACCEPT
+echo /sbin/iptables -A INPUT -p tcp --sport $(grep Port /backup/jails/${JAIL}/etc/ssh/sshd_config |cut -d ' ' -f 2) --dport 1024:65535 -s $ipBackup2 -m state --state ESTABLISHED,RELATED -j ACCEPT