forked from littlebizzy/slickstack
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path10-cron-weekly.txt
421 lines (341 loc) · 18.8 KB
/
10-cron-weekly.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
#!/bin/bash
####################################################################################################
#### author: SlickStack ############################################################################
#### link: https://slickstack.io ###################################################################
#### mirror: https://mirrors.slickstack.io/crons/10-cron-weekly.txt ################################
#### path: /var/www/crons/10-cron-weekly ###########################################################
#### destination: n/a (not a boilerplate) ##########################################################
#### purpose: SlickStack cron job *weekly* (10/13) will run every 1 week ###########################
#### module version: Ubuntu 22.04 LTS ##############################################################
#### sourced by: root crontab ######################################################################
#### bash aliases: ss cron 10, ss cron weekly ######################################################
####################################################################################################
## NEVER MODIFY ROOT CRONTAB OR SLICKSTACK CRON JOBS OR YOUR STACK WILL STOP WORKING ##
## INSTEAD ADJUST INTERVAL_SS SETTINGS IN SS-CONFIG OR EDIT CUSTOM CRON FILES ##
####################################################################################################
#### TABLE OF CONTENTS (10-Cron-Weekly) ############################################################
####################################################################################################
## this is a brief summary of the different code snippets you will find in this script ##
## each section should be commented so you understand what is being accomplished ##
## A. Validate (Restore) SS-Config
## B. Validate (Restore) SS-Functions
## C. Validate (Restore) SS-Check + SS-Worker
## D. Source SS-Config + SS-Functions (After Validated)
## E. Touch Timestamp File
## F. Run Custom Tasks (EDIT SOURCED FILES)
## G. Run Scheduled Tasks (DO NOT EDIT)
## H. Reset Permissions (SlickStack Core Scripts)
## I. Delete Lock File
####################################################################################################
#### A. 10-Cron-Weekly: Validate (Restore) SS-Config ###############################################
####################################################################################################
## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS
## SNIPPET: ss core cron jobs
## this attempts to restore missing or damaged ss-config using a recent intact backup ##
## however it is not fool-proof since there is no way to verify all settings ##
## validate ss-config ##
VALIDATE_SS_CONFIG=$(grep 'SS_BUILD' /var/www/ss-config)
if [[ -z "$VALIDATE_SS_CONFIG" ]]; then
SS_CONFIG_RECENT_BACKUPS=$(ls -1rta /var/www/backups/config/ss-config.bak* | tail -n1)
SS_CONFIG_BEST_MATCH=$(grep -il 'SS_BUILD' "$SS_CONFIG_RECENT_BACKUPS")
rm -rf /tmp/ss-config
mv -f "$SS_CONFIG_BEST_MATCH" /tmp/ss-config
VALIDATE_TMP_SS_CONFIG=$(grep 'SS_BUILD' /tmp/ss-config)
if [[ -n "$VALIDATE_TMP_SS_CONFIG" ]]; then
mv -f /tmp/ss-config /var/www/ss-config
chown root:root /var/www/ss-config ## must be root:root
chmod 0700 /var/www/ss-config ## 0700 means only root can execute
fi
rm -rf /tmp/ss-config
fi
####################################################################################################
#### B. 10-Cron-Weekly: Validate (Restore) SS-Functions ############################################
####################################################################################################
## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS
## SNIPPET: ss-install, ss cron jobs
## UPDATED: 03APR2022
## this attempts to restore missing or outdated ss-functions from our public mirrors ##
## we perform this check before ss-install runs and before any cron job tasks ##
## validate ss-functions ##
VALIDATE_SS_FUNCTIONS=$(grep 'SS_EOF' /var/www/ss-functions 2> /dev/null)
OUTDATED_SS_FUNCTIONS=$(find "/var/www/ss-functions" -mtime 2> /dev/null)
if [[ -z "${VALIDATE_SS_FUNCTIONS}" ]] || [[ -n "${OUTDATED_SS_FUNCTIONS}" ]]; then
rm -rf /tmp/ss-functions
wget --no-check-certificate --no-cache --no-cookies --quiet --inet4-only --tries=3 --timeout=15 --waitretry=5 -O /tmp/ss-functions https://raw.githubusercontent.com/littlebizzy/slickstack/master/bash/ss-functions.txt
VALIDATE_TMP_SS_FUNCTIONS=$(grep 'SS_EOF' /tmp/ss-functions 2> /dev/null)
if [[ -n "${VALIDATE_TMP_SS_FUNCTIONS}" ]]; then
mkdir -p /var/www > /dev/null 2>&1
mv -f /tmp/ss-functions /var/www/ss-functions
chown root:root /var/www/ss-functions ## must be root:root
chmod 0700 /var/www/ss-functions ## 0700 means only root can execute
else
wget --no-check-certificate --no-cache --no-cookies --quiet --inet4-only --tries=3 --timeout=15 --waitretry=5 -O /tmp/ss-functions https://gitlab.com/littlebizzy/slickstack/-/raw/master/bash/ss-functions.txt
VALIDATE_TMP_SS_FUNCTIONS=$(grep 'SS_EOF' /tmp/ss-functions 2> /dev/null)
if [[ -n "${VALIDATE_TMP_SS_FUNCTIONS}" ]]; then
mkdir -p /var/www > /dev/null 2>&1
mv -f /tmp/ss-functions /var/www/ss-functions
chown root:root /var/www/ss-functions ## must be root:root
chmod 0700 /var/www/ss-functions ## 0700 means only root can execute
else
wget --no-check-certificate --no-cache --no-cookies --quiet --inet4-only --tries=3 --timeout=15 --waitretry=5 -O /tmp/ss-functions https://sourceforge.net/p/slickstack/code/ci/master/tree/bash/ss-functions.txt?format=raw
mkdir -p /var/www > /dev/null 2>&1
mv -f /tmp/ss-functions /var/www/ss-functions
chown root:root /var/www/ss-functions ## must be root:root
chmod 0700 /var/www/ss-functions ## 0700 means only root can execute
fi
fi
rm -rf /tmp/ss-functions
fi
####################################################################################################
#### C. 10-Cron-Weekly: Validate (Restore) SS-Check + SS-Worker ####################################
####################################################################################################
## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS
## SNIPPET: ss core cron jobs
## this attempts to restore damaged or outdated ss-check and ss-worker bash scripts ##
## they are critical to maintenance tasks and keeping ss core files updated ##
## validate ss-check ##
VALIDATE_SS_CHECK=$(grep 'SS_EOF' /var/www/ss-check)
OUTDATED_SS_CHECK=$(find "/var/www/ss-check" -mtime +1)
if [[ -z "$VALIDATE_SS_CHECK" ]] || [[ -n "$OUTDATED_SS_CHECK" ]]; then
rm -rf /tmp/ss-check
wget --no-check-certificate -q -4 -t 1 -T 15 -O /tmp/ss-check https://raw.githubusercontent.com/littlebizzy/slickstack/master/bash/ss-check.txt
VALIDATE_TMP_SS_CHECK=$(grep 'SS_EOF' /tmp/ss-check)
if [[ -n "$VALIDATE_TMP_SS_CHECK" ]]; then
mv -f /tmp/ss-check /var/www/ss-check
chown root:root /var/www/ss-check ## must be root:root
chmod 0700 /var/www/ss-check ## 0700 means only root can execute
else
wget --no-check-certificate -q -4 -t 3 -T 30 -O /tmp/ss-check https://gitlab.com/littlebizzy/slickstack/-/raw/master/bash/ss-check.txt
mv -f /tmp/ss-check /var/www/ss-check
chown root:root /var/www/ss-check ## must be root:root
chmod 0700 /var/www/ss-check ## 0700 means only root can execute
fi
rm -rf /tmp/ss-check
fi
## validate ss-worker ##
VALIDATE_SS_WORKER=$(grep 'SS_EOF' /var/www/ss-worker)
OUTDATED_SS_WORKER=$(find "/var/www/ss-worker" -mtime +1)
if [[ -z "$VALIDATE_SS_WORKER" ]] || [[ -n "$OUTDATED_SS_WORKER" ]]; then
rm -rf /tmp/ss-worker
wget --no-check-certificate -q -4 -t 1 -T 15 -O /tmp/ss-worker https://raw.githubusercontent.com/littlebizzy/slickstack/master/bash/ss-worker.txt
VALIDATE_TMP_SS_WORKER=$(grep 'SS_EOF' /tmp/ss-worker)
if [[ -n "$VALIDATE_TMP_SS_WORKER" ]]; then
mv -f /tmp/ss-worker /var/www/ss-worker
chown root:root /var/www/ss-worker ## must be root:root
chmod 0700 /var/www/ss-worker ## 0700 means only root can execute
else
wget --no-check-certificate -q -4 -t 3 -T 30 -O /tmp/ss-worker https://gitlab.com/littlebizzy/slickstack/-/raw/master/bash/ss-worker.txt
mv -f /tmp/ss-worker /var/www/ss-worker
chown root:root /var/www/ss-worker ## must be root:root
chmod 0700 /var/www/ss-worker ## 0700 means only root can execute
fi
rm -rf /tmp/ss-worker
fi
####################################################################################################
#### D. 10-Cron-Weekly: Source SS-Config + SS-Functions (After Validated) ##########################
####################################################################################################
## at this point we know that ss-config and ss-functions exist or have been restored ##
## so we source them now to carry on with custom and scheduled cron job tasks ##
## source ss-config ##
source /var/www/ss-config
## source ss-functions ##
source /var/www/ss-functions
## BELOW THIS RELIES ON SS-CONFIG AND SS-FUNCTIONS
####################################################################################################
#### E. 10-Cron-Weekly: Touch Timestamp File #######################################################
####################################################################################################
## this is a dummy timestamp file that will remember the last time this script was run ##
## it can be useful for developer reference and is sometimes used by SlickStack ##
## script timestamp ##
ss_touch "${TIMESTAMP_10_CRON_WEEKLY}"
####################################################################################################
#### F. 10-Cron-Weekly: Run Custom Tasks (EDIT SOURCED FILES) ######################################
####################################################################################################
## this will run custom shell commands that you can save in a reserved filename below ##
## carefully consider server resources and best practices before customizing ##
## run 10-cron-weekly-custom ##
source "${PATH_10_CRON_WEEKLY_CUSTOM}"
####################################################################################################
#### G. 10-Cron-Weekly: Run Scheduled Tasks (DO NOT EDIT) ##########################################
####################################################################################################
## the below tasks will be called if configured to run at this interval in ss-config ##
## certain tasks are automatically called if the relevant interval is missing ##
## run ss-clean-database if set to weekly ##
if [[ "${INTERVAL_SS_CLEAN_DATABASE}" == "weekly" ]]; then
source "${PATH_SS_CLEAN_DATABASE}"
fi
## run ss-optimize-database if set to weekly or if not defined (default) ##
if [[ "${INTERVAL_SS_OPTIMIZE_DATABASE}" == "weekly" ]] || [[ -z "${INTERVAL_SS_OPTIMIZE_DATABASE}" ]]; then
source "${PATH_SS_OPTIMIZE_DATABASE}"
fi
## run ss-clean-files if set to weekly ##
if [[ "${INTERVAL_SS_CLEAN_FILES}" == "weekly" ]]; then
source "${PATH_SS_CLEAN_FILES}"
fi
## run ss-optimize-files if set to weekly ##
if [[ "${INTERVAL_SS_OPTIMIZE_FILES}" == "weekly" ]]; then
source "${PATH_SS_OPTIMIZE_FILES}"
fi
## run ss-scan-malware if set to weekly or if not defined (default) ##
if [[ "${INTERVAL_SS_SCAN_MALWARE}" == "weekly" ]] || [[ -z "${INTERVAL_SS_SCAN_MALWARE}" ]]; then
source "${PATH_SS_SCAN_MALWARE}"
fi
## run ss-install-adminer if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_ADMINER}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_ADMINER}"
fi
## run ss-install-wordpress-config if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_WORDPRESS_CONFIG}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_WORDPRESS_CONFIG}"
fi
## run ss-install-wordpress-core if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_WORDPRESS_CORE}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_WORDPRESS_CORE}"
fi
## run ss-install-wordpress-cli if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_WORDPRESS_CLI}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_WORDPRESS_CLI}"
fi
## run ss-install-php-packages if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_PHP_PACKAGES}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_PHP_PACKAGES}"
fi
## run ss-install-php-config if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_PHP_CONFIG}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_PHP_CONFIG}"
fi
## run ss-install-redis-packages if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_REDIS_PACKAGES}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_REDIS_PACKAGES}"
fi
## run ss-install-redis-config if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_REDIS_CONFIG}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_REDIS_CONFIG}"
fi
## run ss-install-mysql-packages if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_MYSQL_PACKAGES}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_MYSQL_PACKAGES}"
fi
## run ss-install-mysql-config if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_MYSQL_CONFIG}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_MYSQL_CONFIG}"
fi
## run ss-install-nginx-packages if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_NGINX_PACKAGES}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_NGINX_PACKAGES}"
fi
## run ss-install-nginx-config if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_NGINX_CONFIG}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_NGINX_CONFIG}"
fi
## run ss-install-clamav if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_CLAMAV}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_CLAMAV}"
fi
## run ss-encrypt-certbot if set to weekly ##
if [[ "${INTERVAL_SS_ENCRYPT_CERTBOT}" == "weekly" ]]; then
source "${PATH_SS_ENCRYPT_CERTBOT}"
fi
## run ss-encrypt-openssl if set to weekly ##
if [[ "${INTERVAL_SS_ENCRYPT_OPENSSL}" == "weekly" ]]; then
source "${PATH_SS_ENCRYPT_OPENSSL}"
fi
## run ss-purge-nginx if set to weekly ##
if [[ "${INTERVAL_SS_PURGE_NGINX}" == "weekly" ]]; then
source "${PATH_SS_PURGE_NGINX}"
fi
## run ss-purge-opcache if set to weekly ##
if [[ "${INTERVAL_SS_PURGE_OPCACHE}" == "weekly" ]]; then
source "${PATH_SS_PURGE_OPCACHE}"
fi
## run ss-purge-redis if set to weekly ##
if [[ "${INTERVAL_SS_PURGE_REDIS}" == "weekly" ]]; then
source "${PATH_SS_PURGE_REDIS}"
fi
## run ss-purge-transients if set to weekly ##
if [[ "${INTERVAL_SS_PURGE_TRANSIENTS}" == "weekly " ]]; then
source "${PATH_SS_PURGE_TRANSIENTS}"
fi
## run ss-reset-password-sftp if set to weekly ##
if [[ "${INTERVAL_SS_RESET_PASSWORD_SFTP}" == "weekly" ]]; then
source "${PATH_SS_RESET_PASSWORD_SFTP}"
fi
## run ss-install-ubuntu-users if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_UBUNTU_USERS}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_UBUNTU_USERS}"
fi
## run ss-install-ubuntu-bash if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_UBUNTU_BASH}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_UBUNTU_BASH}"
fi
## run ss-install-ubuntu-ssh if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_UBUNTU_SSH}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_UBUNTU_SSH}"
fi
## run ss-install-ubuntu-kernel if set to weekly ##
if [[ "${INTERVAL_SS_INSTALL_UBUNTU_KERNEL}" == "weekly" ]]; then
source "${PATH_SS_INSTALL_UBUNTU_KERNEL}"
fi
## run ss-remote-backup if set to weekly ##
if [[ "${INTERVAL_SS_REMOTE_BACKUP}" == "weekly" ]]; then
source "${PATH_SS_REMOTE_BACKUP}"
fi
## run ss-restart-mysql if set to weekly ##
if [[ "${INTERVAL_SS_RESTART_MYSQL}" == "weekly" ]]; then
source "${PATH_SS_RESTART_MYSQL}"
fi
## run ss-restart-nginx if set to weekly ##
if [[ "${INTERVAL_SS_RESTART_NGINX}" == "weekly" ]]; then
source "${PATH_SS_RESTART_NGINX}"
fi
## run ss-restart-php if set to weekly ##
if [[ "${INTERVAL_SS_RESTART_PHP}" == "weekly" ]]; then
source "${PATH_SS_RESTART_PHP}"
fi
## run ss-restart-redis if set to weekly ##
if [[ "${INTERVAL_SS_RESTART_REDIS}" == "weekly" ]]; then
source "${PATH_SS_RESTART_REDIS}"
fi
## run ss-restart-ufw if set to weekly ##
if [[ "${INTERVAL_SS_RESTART_UFW}" == "weekly" ]]; then
source "${PATH_SS_RESTART_UFW}"
fi
## run ss-empty-logs if set to weekly ##
if [[ "${INTERVAL_SS_EMPTY_LOGS}" == "weekly" ]]; then
source "${PATH_SS_EMPTY_LOGS}"
fi
## run ss-reboot-machine if set to weekly ##
if [[ "${INTERVAL_SS_REBOOT_MACHINE}" == "weekly" ]]; then
source "${PATH_SS_REBOOT_MACHINE}"
fi
####################################################################################################
#### H. 10-Cron-Weekly: Reset Permissions (SlickStack Scripts) #####################################
####################################################################################################
## we include this permissions reset in all cron jobs and bash scripts for redundancy ##
## chmod 0700 means only the root/sudo users can execute any SlickStack scripts ##
## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS
## SNIPPET: ss bash scripts, ss cron jobs
## UPDATED: 02JUL2022
chown root:root /var/www/ss* ## must be root:root
chown root:root /var/www/crons/*cron* ## must be root:root
chown root:root /var/www/crons/custom/*cron* ## must be root:root
chmod 0700 /var/www/ss* ## 0700 means only root/sudo can execute
chmod 0700 /var/www/crons/*cron* ## 0700 means only root/sudo can execute
chmod 0700 /var/www/crons/custom/*cron* ## 0700 means only root/sudo can execute
####################################################################################################
#### I. 10-Cron-Weekly: Delete Lock File ###########################################################
####################################################################################################
## here we delete the lock file associated with this cron job to clear the cron queue ##
## this is technically not necessary but we do it anyway for extra security ##
## delete lock ##
ss_rm "${LOCK_10_CRON_WEEKLY}"
####################################################################################################
#### SlickStack: External References Used To Improve This Script (Thanks, Interwebz) ###############
####################################################################################################
## Ref: https://bash.cyberciti.biz/guide/Setting_up_permissions_on_a_script
## Ref: https://stackoverflow.com/questions/22861580/bash-script-check-if-a-file-contains-a-specific-line
## Ref: https://stackoverflow.com/questions/4749330/how-to-test-if-string-exists-in-file-with-bash/14201583
## Ref: https://stackoverflow.com/questions/11287861/how-to-check-if-a-file-contains-a-specific-string-using-bash
## Ref: https://stackoverflow.com/questions/4749330/how-to-test-if-string-exists-in-file-with-bash-
## Ref: https://stackoverflow.com/questions/42377739/while-file-doesnt-contain-string-bash
## SS_EOF