Compare commits
12 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| eaa0445d11 | |||
| 87a75777c2 | |||
| b6f1b9ac58 | |||
| b40c0d4231 | |||
| c05c9946d6 | |||
| 09e382464b | |||
| 4e1010206c | |||
| 2213f78c08 | |||
| d2ded4a7fb | |||
|
3b4713e185 | ||
| b2982c3ec4 | |||
| c729f92814 |
51
check.sh
Executable file
51
check.sh
Executable file
@@ -0,0 +1,51 @@
|
||||
#! /bin/bash
|
||||
#
|
||||
set -u
|
||||
set -o pipefail
|
||||
|
||||
|
||||
test $# -lt 1 && dir=/home/tom/MCO || dir=$1
|
||||
|
||||
mkdir -p ${dir} || exit 5
|
||||
|
||||
exec 1> ${dir}/$(date -I)_$(hostname).report
|
||||
|
||||
echo -ne "\n\n########## $(hostname) ##########\n"
|
||||
|
||||
echo -ne "\n\n########## RH UPDATES ########## \n"
|
||||
test -x /usr/bin/yum && yum --security check-update
|
||||
|
||||
echo -ne "\n\n########## Debian UPDATES ########## \n"
|
||||
test -x /usr/bin/apt-get && /usr/bin/apt-get --just-print upgrade | grep "^Inst.*-security.*" | cut -d ' ' -f 2 | sort
|
||||
|
||||
echo -ne "\n\n########## CERTIFICATES ##########\n"
|
||||
|
||||
test -x /usr/bin/certbot && /usr/bin/certbot certificates
|
||||
|
||||
echo -ne "\n\n########## UPTIME ##########\n"
|
||||
|
||||
uptime
|
||||
|
||||
echo -ne "\n\n########## SERVICE STATUS ##########\n"
|
||||
|
||||
systemctl --failed
|
||||
|
||||
|
||||
echo -ne "\n\n########## BACKUP LIST ##########\n"
|
||||
|
||||
test -x /usr/sbin/burp && /usr/sbin/burp -a l
|
||||
|
||||
|
||||
echo -ne "\n\n########## LAST USER ##########\n"
|
||||
|
||||
last | head
|
||||
|
||||
echo -ne "\n\########## LOG Warnings ##########\n"
|
||||
|
||||
journalctl --priority warning --no-pager --since "1 month ago"
|
||||
|
||||
|
||||
echo -ne "\n\########## fail2ban ##########\n"
|
||||
|
||||
test -x /usr/bin/fail2ban-client && fail2ban-client status sshd
|
||||
|
||||
41
mco.md
41
mco.md
@@ -1,4 +1,5 @@
|
||||
# <+hostname+>
|
||||
vim: set filetype=markdown:
|
||||
|
||||
## Légende
|
||||
* [ ] non fait
|
||||
@@ -13,17 +14,27 @@
|
||||
* [ ] services - systemctl --failed
|
||||
* [ ] accès console depuis dedibox / ovh
|
||||
* [ ] âge des certificats - certbot certificates | ag Expiry
|
||||
* [ ] test reboot - reboot
|
||||
* [ ] zabbix: vérifier les graph / alertes du mois, les items invalides ...
|
||||
|
||||
## Sauvegardes
|
||||
|
||||
* [ ] date de la dernière sauvegarde
|
||||
* [ ] test de restauration
|
||||
|
||||
## Envoi de mail
|
||||
|
||||
* [ ] test send mail to root
|
||||
|
||||
## Zabbix
|
||||
* [ ] vérifier dernières alertes
|
||||
* [ ] vérifier items non supportés
|
||||
* [ ] vérifier logs
|
||||
|
||||
## Services
|
||||
|
||||
### Apache et PHP-FPM
|
||||
* [ ] apachecheck
|
||||
* [ ] score ssl
|
||||
* [ ] logs - ne pas oublier les logs des différents vhosts !
|
||||
* taille
|
||||
* fréquence dévenements
|
||||
@@ -37,10 +48,29 @@
|
||||
* [ ] vérification externalisation sauvegarde
|
||||
* [ ] test restauration
|
||||
|
||||
### Docker
|
||||
* [ ] logs
|
||||
* [ ] vieilles images
|
||||
* [ ] test arrêt et redémarrage
|
||||
* [ ] mise à jour containers
|
||||
|
||||
### PostgreSQL
|
||||
* [ ] logs
|
||||
* [ ] espace disque
|
||||
* [ ] vérification backup
|
||||
* [ ] pgtuner
|
||||
|
||||
### Postfix / dovecot
|
||||
* [ ] logs
|
||||
* [ ] postqueue -p
|
||||
* [ ] pflogsum
|
||||
* [ ] blacklist check
|
||||
|
||||
|
||||
### Rainloop
|
||||
* [ ] mise à jour
|
||||
* [ ] vérification taille répertoire de données
|
||||
* [ ] suppression anciennes versions
|
||||
|
||||
### Ldap
|
||||
* [ ] vérification âge sauvegarde
|
||||
@@ -51,3 +81,12 @@
|
||||
|
||||
* [ ] mise à jour
|
||||
* [ ] logs / fichiers temp ou cache
|
||||
|
||||
|
||||
### Nextcloud
|
||||
* [ ] - logs (y compris logs nextcloud depuis config)
|
||||
* [ ] - mise à jour core
|
||||
* [ ] - mise à jour plugins
|
||||
* [ ] - nettoyer vieux comptes utilisateurs ( php occ:show-remnants )
|
||||
* [ ] - vérifier espace disque des principaux utilisateurs
|
||||
* [ ] - vue d'ensemble
|
||||
|
||||
Reference in New Issue
Block a user