#!/bin/bash # ============================================================================= # Common functions and variables for security hardening # ============================================================================= # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[0;33m' BLUE='\033[0;34m' PURPLE='\033[0;35m' CYAN='\033[0;36m' GRAY='\033[0;37m' NC='\033[0m' # No Color # Date format DATE_FORMAT=$(date +"%Y-%m-%d") TIMESTAMP_FORMAT=$(date +"%Y-%m-%d %H:%M:%S") # Log file LOG_FILE="/var/log/security-hardening.log" # Backup directory BACKUP_DIR="/root/security-backup-${DATE_FORMAT}" # Function to create necessary directories create_directories() { mkdir -p "$BACKUP_DIR" touch "$LOG_FILE" chmod 600 "$LOG_FILE" } # Function to log MESSAGEs log_message() { local LEVEL="$1" local MESSAGE="$2" local TIMESTAMP=$(date +"%Y-%m-%d %H:%M:%S") # Log to file echo "$TIMESTAMP [$LEVEL] $MESSAGE" >> "$LOG_FILE" # Display to console with colors case "$LEVEL" in "INFO") echo -e "${BLUE}[$LEVEL]${NC} $MESSAGE" ;; "WARNING") echo "" echo -e "${YELLOW}[$LEVEL]${NC} $MESSAGE" echo ;; "ERROR") echo "" echo -e "${RED}[$LEVEL]${NC} $MESSAGE" echo ;; "SUCCESS") echo "" echo -e "${GREEN}[$LEVEL]${NC} $MESSAGE" echo ;; "SERVICE") echo "" echo -e "${CYAN}[$LEVEL]${NC} $MESSAGE" echo ;; *) echo "[$LEVEL] $MESSAGE" ;; esac } # Function to back up a file before modifying backup_file() { local FILE="$1" if [ -f "$FILE" ]; then local BACKUP_PATH="$BACKUP_DIR$(dirname "$FILE")" mkdir -p "$BACKUP_PATH" cp -p "$FILE" "$BACKUP_PATH/" 2>/dev/null if [ $? -eq 0 ]; then log_message "INFO" "Backed up $FILE to $BACKUP_PATH/" return 0 else log_message "ERROR" "Failed to back up $FILE" return 1 fi else log_message "WARNING" "File $FILE does not exist, no backup needed" return 0 fi } # Function to display a progress bar show_progress() { local CURRENT="$1" local TOTAL="$2" local PERCENTAGE=$((current * 100 / total)) local PROGRESS=$((percentage / 2)) printf "\r[%-50s] %d%%" "$(printf '%0.s#' $(seq 1 $PROGRESS))" "$PERCENTAGE" } # Function to run a module run_module() { local MODULE="$1" local DESCRIPTION="$2" # Increment step counter ((CURRENT_STEP++)) echo echo -e "${PURPLE}[$CURRENT_STEP/$TOTAL_STEPS] ${CYAN}$DESCRIPTION${NC}" echo -e "${GRAY}$(printf '=%.0s' $(seq 1 80))${NC}" # Source and run the module if [ -f "$SCRIPT_DIR/modules/$MODULE.sh" ]; then source "$SCRIPT_DIR/modules/$MODULE.sh" show_progress "$CURRENT_STEP" "$TOTAL_STEPS" else log_MESSAGE "ERROR" "Module $module.sh not found" show_progress "$CURRENT_STEP" "$TOTAL_STEPS" fi } # Function to display a banner display_banner() { clear echo -e "${GREEN}" echo " _ _ _ _ _ " echo " | | (_)_ __ _ ___ _ | |__ __ _ _ __| |_ ___ _ __ (_)_ __ __ _ " echo " | | | | '_ \| | | \ \/ / | '_ \ / _ \| '__| __/ _ \ '_ \| | '_ \ / _ \`| " echo " | |___| | | | | |_| |> < | | | | (_| | | | || __/ | | | | | | | (_| | " echo " |_____|_|_| |_|\__,_/_/\_\ |_| |_|\__,_|_| \__\___|_| |_|_|_| |_|\__, | " echo " |___/ " echo -e "${NC}" echo -e "${CYAN}Security Hardening Script for Debian/Ubuntu Systems${NC}" echo -e "${CYAN}Version: ${VERSION}${NC}" echo -e "${GRAY}$(printf '=%.0s' $(seq 1 80))${NC}" echo } # Function to display OS information display_os_info() { local OS_NAME=$(grep -E "^NAME=" /etc/os-release | cut -d= -f2 | tr -d '"') local OS_VERSION=$(grep -E "^VERSION=" /etc/os-release | cut -d= -f2 | tr -d '"') local KERNEL_VERSION=$(uname -r) log_message "INFO" "Operating System: $OS_NAME $OS_VERSION" log_message "INFO" "Kernel Version: $KERNEL_VERSION" echo } # Function to check if command exists command_exists() { command -v "$1" >/dev/null 2>&1 } # Function to check if package is installed is_package_installed() { dpkg -l "$1" | grep -q "^ii" >/dev/null 2>&1 } # Function to check if a service is running service() { systemctl $1 $2 || handle_error "test" log_message "SERVICE" "Action : $1 for service : $2 successfully" } # Fonction pour la gestion des erreurs handle_error() { log "${RED} - Erreur : $1 ${NOCOLOR}" exit 1 }