Good : full update
This commit is contained in:
96
main.sh
Normal file
96
main.sh
Normal file
@ -0,0 +1,96 @@
|
||||
#!/bin/bash
|
||||
# =============================================================================
|
||||
# Linux Security Hardening Script for Debian/Ubuntu
|
||||
# =============================================================================
|
||||
|
||||
# Script version
|
||||
VERSION="1.0.0"
|
||||
|
||||
# Set script directory
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
|
||||
# Source common functions and variables
|
||||
source "$SCRIPT_DIR/common.sh"
|
||||
|
||||
# Ensure the script is run as root
|
||||
if [ "$EUID" -ne 0 ]; then
|
||||
echo " * This script must be run with sudo privileges."
|
||||
echo " * Please run it again using: sudo $0"
|
||||
echo
|
||||
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if the system is Debian or Ubuntu
|
||||
if ! grep -q -E "Debian|Ubuntu" /etc/issue && ! grep -q -E "Debian|Ubuntu" /etc/os-release; then
|
||||
echo "This script is designed for Debian or Ubuntu systems only."
|
||||
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Create necessary directories
|
||||
create_directories
|
||||
|
||||
# Display banner
|
||||
display_banner
|
||||
|
||||
# Display OS information
|
||||
display_os_info
|
||||
|
||||
# Main execution
|
||||
log_message "INFO" "Starting security hardening process"
|
||||
|
||||
# Initialize progress
|
||||
TOTAL_STEPS=14
|
||||
CURRENT_STEP=0
|
||||
|
||||
# Update and configure package management
|
||||
$SCRIPT_DIR/modules/package_management.sh "Configuring package management"
|
||||
|
||||
# Configure SSH
|
||||
$SCRIPT_DIR/modules/ssh_hardening.sh "Hardening SSH configuration"
|
||||
|
||||
# Configure firewall
|
||||
$SCRIPT_DIR/modules/firewall.sh "Configuring firewall rules"
|
||||
|
||||
# Setup fail2ban
|
||||
$SCRIPT_DIR/modules/fail2ban.sh "Setting up fail2ban"
|
||||
|
||||
# Configure system auditing
|
||||
$SCRIPT_DIR/modules/auditing.sh "Configuring system auditing"
|
||||
|
||||
# Setup DNS
|
||||
$SCRIPT_DIR/modules/dns_config.sh "Configuring DNS settings"
|
||||
|
||||
# Configure NTP
|
||||
$SCRIPT_DIR/modules/ntp.sh "Configuring NTP"
|
||||
|
||||
# Setup automatic updates
|
||||
$SCRIPT_DIR/modules/auto_updates.sh "Setting up automatic updates"
|
||||
|
||||
# Install and configure ClamAV
|
||||
$SCRIPT_DIR/modules/antivirus.sh "Installing and configuring ClamAV"
|
||||
|
||||
# Setup custom prompt
|
||||
$SCRIPT_DIR/modules/custom_prompt.sh "Setting up custom system prompt"
|
||||
|
||||
# Install GLPI agent
|
||||
$SCRIPT_DIR/modules/glpi_agent.sh "Installing GLPI agent"
|
||||
|
||||
# Install Wazuh agent
|
||||
$SCRIPT_DIR/modules/wazuh_agent.sh "Installing Wazuh agent"
|
||||
|
||||
# Setup monitoring (SNMP and NRPE)
|
||||
$SCRIPT_DIR/modules/monitoring.sh "Setting up monitoring services"
|
||||
|
||||
# Apply additional security measures
|
||||
$SCRIPT_DIR/modules/additional_hardening.sh "Applying additional security measures"
|
||||
|
||||
# Display completion message
|
||||
echo
|
||||
log_message "SUCCESS" "Security hardening completed successfully!"
|
||||
echo "Log file available at: $LOG_FILE"
|
||||
echo "System backup files stored at: $BACKUP_DIR"
|
||||
echo
|
||||
|
||||
exit 0
|
||||
Reference in New Issue
Block a user