Jérémy Lecour
b659e9d8c5
better sync
...
* add/remove config files to mirror source
* restart minifirewall only if present
* sync state with proper action
2020-05-03 11:03:04 +02:00
Jérémy Lecour
3ac79da9b2
bkctld-sync: don't sync whole firewall file, just rules for jail
2020-05-01 10:33:06 +02:00
Jérémy Lecour
8311e33c76
join arguments in ssh command
2020-05-01 10:31:46 +02:00
Jérémy Lecour
8ed06511d9
bkctld-sync: don't init jail if it already exists
2020-05-01 10:31:20 +02:00
Jérémy Lecour
9cd94dabc2
An empty lock file shouldn't stop the program
2020-05-01 09:52:06 +02:00
Jérémy Lecour
ebfc16f65a
grammar
2020-05-01 09:51:47 +02:00
Jérémy Lecour
b3529f2131
bkctld-is-on returns code 100 if jail is stopped
2020-05-01 09:51:36 +02:00
Jérémy Lecour
64ec60428d
error() function accepts an optional return code
2020-05-01 09:51:09 +02:00
Jérémy Lecour
fa109e216b
Give the pid of the new process
2020-04-21 09:03:18 +02:00
Jérémy Lecour
4829232a65
quote variable
2020-04-21 09:03:01 +02:00
Jérémy Lecour
ea912c40f0
missing whitespace
2020-04-20 23:43:56 +02:00
Jérémy Lecour
5f3cc873a1
fix date format
2020-04-20 23:43:45 +02:00
Jérémy Lecour
11bb59831c
bkctld-rm: state the age of the process when killing it
2020-04-20 23:31:39 +02:00
Jérémy Lecour
ea140f6137
fix log message wording
2020-04-20 23:30:57 +02:00
Jérémy Lecour
86e88ad2c2
fix log date format
...
%S = seconds
%s = number of seconds since epoch
2020-04-20 23:30:45 +02:00
Jérémy Lecour
205e3774a9
rewrite log messages and format
2020-04-20 08:29:21 +02:00
Jérémy Lecour
35d257d9c7
rm/inc : log progress
2020-04-20 00:38:44 +02:00
Jérémy Lecour
1846be4e45
better quotes
2020-04-19 10:05:20 +02:00
Jérémy Lecour
478703d96e
No space before colons in log messages
2020-04-19 09:56:52 +02:00
Jérémy Lecour
32f242fe9c
Reorganize temp files and lock files
...
Temp files/dirs all share a common prefix, so we can delete them all
effectively
Lock file is managed globally for bkctld-rm.
No need for a lock file for bkctld-inc anymore since there is a check on
the inc directory before starting.
2020-04-19 09:55:43 +02:00
Jérémy Lecour
f66d832d3a
properly call subcommands
2020-04-19 00:16:30 +02:00
Jérémy Lecour
096fe95b2f
bkctld-rm: fix lock file management
...
logic was badly implemented
2020-04-18 19:11:08 +02:00
Jérémy Lecour
723c8511e1
Don't forget to log the start time!
2020-04-18 19:10:19 +02:00
Jérémy Lecour
7a13a42ad2
Create empty directory in the default tmp directory
2020-04-18 19:09:52 +02:00
Jérémy Lecour
f7e8324ba5
Embed check-incs and check-last-incs in bkctld
2020-04-18 10:29:21 +02:00
Jérémy Lecour
0dcd72d3f2
move relative_date() function to includes files
2020-04-18 10:28:44 +02:00
Jérémy Lecour
9c6be0e74c
bkctld-rm: fix inc removal
...
echo-ing the list of incs gives a single line, hard to match with lines
in the keep file.
We store the incs list in a temp file to help comparing contents.
2020-04-12 11:45:21 +02:00
Jérémy Lecour
2d4cae58bc
fix typo
2020-04-12 11:43:06 +02:00
Jérémy Lecour
3198ba7f37
bkctld-rm: log incs to be deleted
2020-04-11 08:41:04 +02:00
Jérémy Lecour
11f84a9f7b
Emit a warning if no firewall file is configured
2020-04-08 18:35:09 +02:00
Jérémy Lecour
bdc6b4fa4d
bkctld-check: sourcing issue is just a warning
2020-04-08 18:32:27 +02:00
Jérémy Lecour
a0b3c4fd26
bkctld-check: shorter output
2020-04-08 17:54:09 +02:00
Jérémy Lecour
c2f39a0218
bkctld-check: don't eval the variables
2020-04-08 17:53:56 +02:00
Jérémy Lecour
e5997400cd
bkctld-check: verify that firewall rules are sourced
2020-04-08 12:26:59 +02:00
Jérémy Lecour
53b8fe8376
extract variable "jail_sshd_config"
2020-04-08 00:32:15 +02:00
Jérémy Lecour
5a90ae8a16
bkctld-ip: fail when trying to add an IP when there is no AllowUsers
2020-04-08 00:31:55 +02:00
Jérémy Lecour
2ef20df5ca
whitespaces
2020-04-05 11:43:52 +02:00
Jérémy Lecour
d29743357a
rename function for ext4 filesystems
2020-04-05 11:41:41 +02:00
Jérémy Lecour
6377ffd09e
bkctld-inc: add locks to btrfs actions
...
It's probably useless since btrfs commands return almost instantly
but it's consistent with ext4 commands.
2020-04-05 11:40:24 +02:00
Jérémy Lecour
db70bd21e9
use explicitly relative path
2020-04-03 09:58:10 +02:00
Jérémy Lecour
3f3ffbfffd
bkctld-start: extract "mount_jail_fs" function
2020-04-03 09:48:54 +02:00
Jérémy Lecour
f8ef5b22cd
bkctld-start: better retry logic around fetch SSH PID
2020-04-03 08:31:29 +02:00
Jérémy Lecour
9bbcb852b0
bkctld-start: chroot preparation must stay in the main process
2020-04-03 00:42:08 +02:00
Jérémy Lecour
88dd2e448b
bkctld-stop: pkill outside of conditional
...
it breaks the stop action
2020-04-03 00:37:43 +02:00
Jérémy Lecour
c920e91304
improve incs policy parsing
2020-04-02 23:52:27 +02:00
Jérémy Lecour
09d2014db3
bkctld-stop: use pkill instead of a loop
2020-04-02 23:34:14 +02:00
Jérémy Lecour
b141daca29
code clarification
2020-04-02 23:33:54 +02:00
Jérémy Lecour
7a80b433d6
bkctld-sync: more comment and variables
2020-04-02 18:40:27 +02:00
Jérémy Lecour
1da1c8a7fe
extract function for jail config directory
2020-04-02 18:39:15 +02:00
Jérémy Lecour
f36771d1f0
bkctld-rm: kill existing processes
...
Ifa process is still removing incs when a ew one starts, the newest
kills the other to start again.
2020-04-02 18:30:52 +02:00
Jérémy Lecour
4e6c5cfb20
bkctld-inc : smaller lock file
...
Only one process can create a specific inc at the same time
2020-04-02 18:29:40 +02:00
Jérémy Lecour
45036bf731
fix incs policy on jail init
2020-04-02 18:28:41 +02:00
Jérémy Lecour
54e66aea84
Raise error if missing arguments in functions
2020-04-02 18:27:54 +02:00
Jérémy Lecour
c58878b065
extract functions for config files
2020-04-02 18:26:53 +02:00
Jérémy Lecour
7a040bac20
better log messages
2020-04-02 14:50:55 +02:00
Jérémy Lecour
c7816abd1e
bkctld-key: check if the key file is readable
2020-04-02 14:50:21 +02:00
Jérémy Lecour
aa8bc9381b
bkctld-firewall: removed useless test
2020-04-02 14:43:39 +02:00
Jérémy Lecour
9136d3cff4
replace "! -n" test with "-z"
2020-04-02 14:43:17 +02:00
Jérémy Lecour
1652ebeb67
fix shecllcheck source directives
2020-04-02 13:44:13 +02:00
Jérémy Lecour
779dd9c518
use new conventions
2020-04-02 01:17:11 +02:00
Jérémy Lecour
01cc972d83
rename lib/config to lib/includes
2020-04-02 00:31:57 +02:00
Jérémy Lecour
77d0681d14
refactor init and update subcommands
2020-04-02 00:30:48 +02:00
Jérémy Lecour
e9e8a790ba
refactor check, inc, rm subcommands
...
function extractions
variables extractions
comments
2020-04-01 18:44:38 +02:00
Jérémy Lecour
e7e3683944
fix shellcheck source directive
2020-04-01 11:23:35 +02:00
Jérémy Lecour
018392e8e3
bkctld-rm: add support for the "new" canonical path for incs policy
2020-04-01 09:13:57 +02:00
Jérémy Lecour
a5c0745d09
bkctld-check: use findmnt instead of grep + check "rw" for backup disk
2020-04-01 09:12:40 +02:00
Jérémy Lecour
5cc6d9e28f
bkctld-check: simplify overrides
...
1. add support for the "new" canonical path for jail specific
configurations
2. use a local value in the loop to prevent changing the global default
value
2020-04-01 09:11:56 +02:00
Jérémy Lecour
10cc3695a4
Add some shellcheck directives for config source
2020-04-01 07:31:33 +02:00
Jérémy Lecour
9ae2168b1b
bkctld-list: note for later, try a simpler command
2020-04-01 07:27:43 +02:00
Jérémy Lecour
6cf49b2a8b
bkctld-check: add overrides for "per jail" thresholds
...
Putting values for CRITICAL/WARNING in <JAIL_DIR>/etc/bkctld-check
overrides the values for this specific jail.
Setting to a value <=0 disables the threshold.
2020-04-01 07:27:17 +02:00
Jérémy Lecour
0b5164b91c
Add some shellcheck directives
2020-04-01 07:24:33 +02:00
Jérémy Lecour
14012ca9b0
bkctld-check: fix typos
2020-04-01 07:24:06 +02:00
Jérémy Lecour
1bc5d4ed93
bkctld-check: extract check_jail function
2020-04-01 07:23:23 +02:00
Victor LABORIE
0a6b5c1b80
Do not run inc / rm in background when not using btrfs
2020-03-09 16:08:17 +01:00
Victor LABORIE
ed83404806
Add lock for bkctld inc / rm when not using btrfs ( Fix #32 )
2020-03-05 14:49:25 +01:00
Victor LABORIE
24ffa76dfc
Do not unnecessary use is-on and reload in ip/port/key ( Fix #31 )
2020-02-05 14:58:15 +01:00
Victor LABORIE
ae883e8ed0
Use mktemp for keepfile and rm it after usage ( Fix #9 )
2019-02-18 11:32:28 +01:00
Victor LABORIE
d09d0b0572
Do not create dirs in bkctld script
2019-01-08 16:29:03 +01:00
Victor LABORIE
183bc05ec4
Use bkctld-list script for jails listing
2019-01-08 16:23:46 +01:00
Victor LABORIE
cda35bba6e
Move logging functions into config
2019-01-07 16:57:12 +01:00
Victor LABORIE
91272f49d5
Remove check_jail function
2019-01-07 16:41:29 +01:00
Victor LABORIE
d9f8ae7036
Move check_jail_on functions into bkctld-is-on script
2019-01-07 16:34:44 +01:00
Victor LABORIE
5856cb2011
Fix help output (command can have dash)
2019-01-07 16:33:08 +01:00
Victor LABORIE
41b3536bcf
Remove get_inc function
2019-01-07 16:12:51 +01:00
Victor LABORIE
a028d3abee
Fix typo in bkctld-stats
2019-01-07 16:11:57 +01:00
Victor LABORIE
0272c43751
Move usage functions into bkctld-help script
...
* Usage output is now auto-generated
2019-01-07 14:47:07 +01:00
Victor LABORIE
d0165a9e3c
Move firewall functions into bkctld-firewall script
2019-01-04 16:55:56 +01:00
Victor LABORIE
1522d2f6cd
Merge bkctld-params and some functions into bkctld-(ip|port|key) scripts
2019-01-04 16:39:35 +01:00
Victor LABORIE
6caa9078e6
Parallelize bkctld <subcommand> all
2019-01-04 16:03:33 +01:00
Victor LABORIE
16014f3c4f
Fix typo in bkctld-update
2019-01-04 15:55:34 +01:00
Victor LABORIE
e062a05a4b
Split bkctld into multiples scripts
2019-01-04 13:52:15 +01:00