diff --git a/script/check/host/README.md b/script/check/README.md similarity index 100% rename from script/check/host/README.md rename to script/check/README.md diff --git a/script/check/host/checks/app_docker-compose_is_installed.check.sh b/script/check/host/all/app_docker-compose_is_installed.check.sh similarity index 100% rename from script/check/host/checks/app_docker-compose_is_installed.check.sh rename to script/check/host/all/app_docker-compose_is_installed.check.sh diff --git a/script/check/host/checks/app_docker_is_installed.check.sh b/script/check/host/all/app_docker_is_installed.check.sh similarity index 100% rename from script/check/host/checks/app_docker_is_installed.check.sh rename to script/check/host/all/app_docker_is_installed.check.sh diff --git a/script/check/host/checks/app_nginx_is_installed.check.sh b/script/check/host/all/app_nginx_is_installed.check.sh similarity index 100% rename from script/check/host/checks/app_nginx_is_installed.check.sh rename to script/check/host/all/app_nginx_is_installed.check.sh diff --git a/script/check/host/checks/app_nginx_starts_reliable.check.sh b/script/check/host/all/app_nginx_starts_reliable.check.sh similarity index 100% rename from script/check/host/checks/app_nginx_starts_reliable.check.sh rename to script/check/host/all/app_nginx_starts_reliable.check.sh diff --git a/script/check/host/checks/core_cron_starts_setup_as_fallback.check.sh b/script/check/host/all/core_cron_starts_setup_as_fallback.check.sh similarity index 100% rename from script/check/host/checks/core_cron_starts_setup_as_fallback.check.sh rename to script/check/host/all/core_cron_starts_setup_as_fallback.check.sh diff --git a/script/check/host/checks/core_git_app_is_installed.check.sh b/script/check/host/all/core_git_app_is_installed.check.sh similarity index 100% rename from script/check/host/checks/core_git_app_is_installed.check.sh rename to script/check/host/all/core_git_app_is_installed.check.sh diff --git a/script/check/host/checks/core_hostname_is_long.check.sh b/script/check/host/all/core_hostname_is_long.check.sh similarity index 100% rename from script/check/host/checks/core_hostname_is_long.check.sh rename to script/check/host/all/core_hostname_is_long.check.sh diff --git a/script/check/host/checks/core_ssh_app_is_installed.check.sh b/script/check/host/all/core_ssh_app_is_installed.check.sh similarity index 100% rename from script/check/host/checks/core_ssh_app_is_installed.check.sh rename to script/check/host/all/core_ssh_app_is_installed.check.sh diff --git a/script/check/host/checks/core_ssh_authorized_keys_of_jenkins_points_to_definitions.check.sh b/script/check/host/all/core_ssh_authorized_keys_of_jenkins_points_to_definitions.check.sh similarity index 100% rename from script/check/host/checks/core_ssh_authorized_keys_of_jenkins_points_to_definitions.check.sh rename to script/check/host/all/core_ssh_authorized_keys_of_jenkins_points_to_definitions.check.sh diff --git a/script/check/host/checks/core_ssh_authorized_keys_of_root_is_empty_or_points_to_definitions.check.sh b/script/check/host/all/core_ssh_authorized_keys_of_root_is_empty_or_points_to_definitions.check.sh similarity index 100% rename from script/check/host/checks/core_ssh_authorized_keys_of_root_is_empty_or_points_to_definitions.check.sh rename to script/check/host/all/core_ssh_authorized_keys_of_root_is_empty_or_points_to_definitions.check.sh diff --git a/script/check/host/checks/core_ssh_key_of_root_exists_as_expected.check.sh b/script/check/host/all/core_ssh_key_of_root_exists_as_expected.check.sh similarity index 100% rename from script/check/host/checks/core_ssh_key_of_root_exists_as_expected.check.sh rename to script/check/host/all/core_ssh_key_of_root_exists_as_expected.check.sh diff --git a/script/check/host/checks/core_sudoers_file_of_jenkins_points_to_definitions.check.sh b/script/check/host/all/core_sudoers_file_of_jenkins_points_to_definitions.check.sh similarity index 100% rename from script/check/host/checks/core_sudoers_file_of_jenkins_points_to_definitions.check.sh rename to script/check/host/all/core_sudoers_file_of_jenkins_points_to_definitions.check.sh diff --git a/script/check/host/checks/core_user_jenkins_exists.check.sh b/script/check/host/all/core_user_jenkins_exists.check.sh similarity index 100% rename from script/check/host/checks/core_user_jenkins_exists.check.sh rename to script/check/host/all/core_user_jenkins_exists.check.sh diff --git a/script/check/host/checks/system_localtime_contains_cet_and_cest.check.sh b/script/check/host/all/system_localtime_contains_cet_and_cest.check.sh similarity index 100% rename from script/check/host/checks/system_localtime_contains_cet_and_cest.check.sh rename to script/check/host/all/system_localtime_contains_cet_and_cest.check.sh diff --git a/script/check/host/checks/system_timezone_is_berlin.check.sh b/script/check/host/all/system_timezone_is_berlin.check.sh similarity index 100% rename from script/check/host/checks/system_timezone_is_berlin.check.sh rename to script/check/host/all/system_timezone_is_berlin.check.sh diff --git a/script/check/host/checks/system_unattended_upgrades_are_disabled.check.sh b/script/check/host/all/system_unattended_upgrades_are_disabled.check.sh similarity index 100% rename from script/check/host/checks/system_unattended_upgrades_are_disabled.check.sh rename to script/check/host/all/system_unattended_upgrades_are_disabled.check.sh diff --git a/script/check/host/checks/system_zfs_app_is_installed.check.sh b/script/check/host/all/system_zfs_app_is_installed.check.sh similarity index 100% rename from script/check/host/checks/system_zfs_app_is_installed.check.sh rename to script/check/host/all/system_zfs_app_is_installed.check.sh diff --git a/script/check/host/checks/system_zfs_atime_of_rootfs_zpool1.check.sh b/script/check/host/all/system_zfs_atime_of_rootfs_zpool1.check.sh similarity index 100% rename from script/check/host/checks/system_zfs_atime_of_rootfs_zpool1.check.sh rename to script/check/host/all/system_zfs_atime_of_rootfs_zpool1.check.sh diff --git a/script/check/host/checks/system_zfs_compression_of_rootfs_zpool1.check.sh b/script/check/host/all/system_zfs_compression_of_rootfs_zpool1.check.sh similarity index 100% rename from script/check/host/checks/system_zfs_compression_of_rootfs_zpool1.check.sh rename to script/check/host/all/system_zfs_compression_of_rootfs_zpool1.check.sh diff --git a/script/check/host/checks/system_zfs_mountpoint_of_rootfs_zpool1.check.sh b/script/check/host/all/system_zfs_mountpoint_of_rootfs_zpool1.check.sh similarity index 100% rename from script/check/host/checks/system_zfs_mountpoint_of_rootfs_zpool1.check.sh rename to script/check/host/all/system_zfs_mountpoint_of_rootfs_zpool1.check.sh diff --git a/script/check/host/checks/system_zpool_alignment_of_pool.check.sh b/script/check/host/all/system_zpool_alignment_of_pool.check.sh similarity index 100% rename from script/check/host/checks/system_zpool_alignment_of_pool.check.sh rename to script/check/host/all/system_zpool_alignment_of_pool.check.sh diff --git a/script/check/host/checks/system_zfs_mountpoint_of_subfs_persistent.check.sh b/script/check/host/checks/system_zfs_mountpoint_of_subfs_persistent.check.sh deleted file mode 100755 index 8d246f5..0000000 --- a/script/check/host/checks/system_zfs_mountpoint_of_subfs_persistent.check.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -_CURRENT_ZFS='zpool1/persistent' - -#Check if the tool 'zfs' is available, then -#retrieve the property 'mountpoint' from 'zpool1/persistent', without header and compare the result with 'none' - -#Set with: 'zfs set mountpoint=none zpool1/persistent' -zfs version &> /dev/null \ - && [ "$(zfs get mountpoint -Ho value ${_CURRENT_ZFS})" == "none" ] \ - && exit 0 -exit 1 diff --git a/script/check/host/checks/system_zfs_recordsize_of_subfs_persistent.check.sh b/script/check/host/checks/system_zfs_recordsize_of_subfs_persistent.check.sh deleted file mode 100755 index ef798bb..0000000 --- a/script/check/host/checks/system_zfs_recordsize_of_subfs_persistent.check.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash - -_CURRENT_POOL='zpool1/persistent' - -#Check if the tool 'zfs' is available, then -#retrieve the property 'recordsize' from 'zpool1/persistent', without header and compare the result with '16K' -#because this a 'recordsize' of '16K' matches to the needs of 'mariadb'. - -#Set with: 'zfs set recordsize=16K zpool1/persistent' -zfs version &> /dev/null \ - && [ "$(zfs get recordsize -Ho value ${_CURRENT_POOL})" == "16K" ] \ - && exit 0 -exit 1 - diff --git a/script/check/host/runAllChecks.sh b/script/check/host/runAllChecks.sh deleted file mode 100755 index e585bea..0000000 --- a/script/check/host/runAllChecks.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -_OWN_PATH="$(dirname $(readlink -f $0))" - -function run_as_root() { - [ "0" == "$(id -u)" ] \ - && echo OK \ - && return 0 - - echo FAIL - return 1 -} - -function scripts_are_updateable_by_git() { - git -C "${_OWN_PATH:?"Missing OWN_PATH"}" pull > /dev/null 2>&1 \ - && echo OK \ - && return 0 - - echo FAIL - return 1 -} - -echo "PRECONDITION run as root: $(run_as_root)" -echo "PRECONDITION scripts are updateable by git: $(scripts_are_updateable_by_git)" -echo -echo "Check all:" -for _CURRENT_CHECK in ${_OWN_PATH}/checks/*.check.sh; do - _NAME="$(basename ${_CURRENT_CHECK} | cut -d'.' -f1)" - _CONTEXT="$(echo ${_NAME} | cut -d'_' -f1)" - _CHECK="$(echo ${_NAME} | cut -d'_' -f2- | tr '_' ' ')" - _RESULT="$("${_CURRENT_CHECK}" && echo OK || echo FAIL)" - echo " ${_CONTEXT^^} ${_CHECK}: ${_RESULT}" -done diff --git a/script/check/runAllChecks.sh b/script/check/runAllChecks.sh new file mode 100755 index 0000000..b4432ba --- /dev/null +++ b/script/check/runAllChecks.sh @@ -0,0 +1,56 @@ +#!/bin/bash + +_CIS_ROOT="$(../../core/printCisRoot.sh)" +_SCRIPT_PATH="${_CIS_ROOT:?"Missing CIS_ROOT"}script/" +_OWN_DOMAIN="$(../../core/printOwnDomain.sh)" +_OWN_DEFINITIONS="${_CIS_ROOT}definitions/${_OWN_DOMAIN:?"Missing OWN_DOMAIN"}/" + + + +function run_as_root() { + [ "0" == "$(id -u)" ] \ + && echo OK \ + && return 0 + + echo FAIL + return 1 +} + +function scripts_are_updateable_by_git() { + git -C "${_SCRIPT_PATH:?"Missing SCRIPT_PATH"}" pull > /dev/null 2>&1 \ + && echo OK \ + && return 0 + + echo FAIL + return 1 +} + +function allChecks() { + local _CHECK_PATH _MODE_PATH + _CHECK_PATH="${1:?"allChecks(): Missing first parameter CHECK_PATH"}check/" + _MODE_PATH="${2:-all}/" + readonly _CHECK_PATH _MODE_PATH + + echo " - ${_CHECK_PATH}host/${_MODE_PATH}*.check.sh" + [ "$(ls -1 ${_CHECK_PATH}host/${_MODE_PATH}*.check.sh 2> /dev/null | grep -cE '.*')" == "0" ] \ + && echo " nothing to do" \ + && return 0 + + for _CURRENT_CHECK in ${_CHECK_PATH}host/${_MODE_PATH}*.check.sh; do + _NAME="$(basename ${_CURRENT_CHECK} | cut -d'.' -f1)" + _CONTEXT="$(echo ${_NAME} | cut -d'_' -f1)" + _CHECK="$(echo ${_NAME} | cut -d'_' -f2- | tr '_' ' ')" + _RESULT="$("${_CURRENT_CHECK}" && echo OK || echo FAIL)" + echo " ${_CONTEXT^^} ${_CHECK}: ${_RESULT}" + done +} + +echo "PRECONDITION run as root: $(run_as_root)" +echo "PRECONDITION scripts are updateable by git: $(scripts_are_updateable_by_git)" +echo +echo "Check all (common):" +allChecks "${_SCRIPT_PATH}" +echo "Check all (own):" +allChecks "${_OWN_DEFINITIONS}" +echo "Check this host:" +allChecks "${_OWN_DEFINITIONS}" "$(hostname -s)"