Merge pull request #2 from d-Rickyy-b/fail2ban_status

feat: implement full fail2ban overview

20-sysinfo

@@ -4,31 +4,31 @@
 # https://github.com/yboetz/motd/blob/master/20-sysinfo
 
 # get load averages
-IFS=" " read LOAD1 LOAD5 LOAD15 <<<$(cat /proc/loadavg | awk '{ print $1,$2,$3 }')
+IFS=" " read -r LOAD1 LOAD5 LOAD15 <<<"$(awk '{ print $1,$2,$3 }' /proc/loadavg)"
 # get free memory
-IFS=" " read USED FREE TOTAL <<<$(free -htm | grep "Mem" | awk {'print $3,$4,$2'})
+IFS=" " read -r USED FREE TOTAL <<<"$(free -htm | grep "Mem" | awk {'print $3,$4,$2'})"
 # get processes
-PROCESS=`ps -eo user=|sort|uniq -c | awk '{ print $2 " " $1 }'`
-PROCESS_ALL=`echo "$PROCESS"| awk {'print $2'} | awk '{ SUM += $1} END { print SUM }'`
-PROCESS_ROOT=`echo "$PROCESS"| grep root | awk {'print $2'}`
-PROCESS_USER=`echo "$PROCESS"| grep -v root | awk {'print $2'} | awk '{ SUM += $1} END { print SUM }'`
+PROCESS=$(ps -eo user=|sort|uniq -c | awk '{ print $2 " " $1 }')
+PROCESS_ALL=$(echo "$PROCESS"| awk {'print $2'} | awk '{ SUM += $1} END { print SUM }')
+PROCESS_ROOT=$(echo "$PROCESS"| grep root | awk {'print $2'})
+PROCESS_USER=$(echo "$PROCESS"| grep -v root | awk {'print $2'} | awk '{ SUM += $1} END { print SUM }')
 # get processors
-PROCESSOR_NAME=`grep "model name" /proc/cpuinfo | cut -d ' ' -f3- | awk {'print $0'} | head -1`
-PROCESSOR_COUNT=`grep -ioP 'processor\t:' /proc/cpuinfo | wc -l`
+PROCESSOR_NAME=$(grep "model name" /proc/cpuinfo | cut -d ' ' -f3- | awk {'print $0'} | head -1)
+PROCESSOR_COUNT=$(grep -ioP 'processor\t:' /proc/cpuinfo | wc -l)
 
-W="\e[0;39m"
-G="\e[1;32m"
+W="\\e[0;39m"
+G="\\e[1;32m"
 
 echo -e "
 ${W}system info:
-$W  Distro......: $W`cat /etc/*release | grep "PRETTY_NAME" | cut -d "=" -f 2- | sed 's/"//g'`
-$W  Kernel......: $W`uname -sr` `uname -v | sed -e 's/^.*(/(/'`
+$W  Distro......: $W$(cat /etc/*release | grep "PRETTY_NAME" | cut -d "=" -f 2- | sed 's/"//g')
+$W  Kernel......: $W$(uname -sr) $(uname -v | sed -e 's/^.*(/(/')
 
-$W  Uptime......: $W`uptime -p`
-$W  Current time: $W`date`
+$W  Uptime......: $W$(uptime -p)
+$W  Current time: $W$(date)
 $W  Load........: $G$LOAD1$W (1m), $G$LOAD5$W (5m), $G$LOAD15$W (15m)
 $W  Processes...:$W $G$PROCESS_ROOT$W (root), $G$PROCESS_USER$W (user), $G$PROCESS_ALL$W (total)
-$W  Online users: $W`who|wc -l`
+$W  Online users: $W$(who|wc -l)
 
 $W  CPU.........: $W$PROCESSOR_NAME ($G$PROCESSOR_COUNT$W vCPU)
 $W  Memory......: $G$USED$W used, $G$FREE$W free, $G$TOTAL$W total$W"

30-diskspace

@@ -41,7 +41,7 @@ for point in ${mountpoints}; do
 
     # Rest of the unused space in white
     barContent="${barContent}${clear}${dim}"
-    for sep in $(seq 1 $(($barWidth-$usedBarWidth))); do
+    for sep in $(seq 1 $((barWidth-usedBarWidth))); do
         barContent="${barContent}="
     done
     bar="[${barContent}${clear}]"

40-services

@@ -22,15 +22,15 @@ for service in "${services[@]}"; do
 done
 
 out=""
-for i in ${!services[@]}; do
+for i in "${!services[@]}"; do
     # color green if service is active, else red
     if [[ "${service_status[$i]}" == "active" ]]; then
         out+="${services[$i]}:,${green}${service_status[$i]}${undim},"
     else
         out+="${services[$i]}:,${red}${service_status[$i]}${undim},"
     fi
     # insert \n every $COLUMNS column
-    if [ $((($i+1) % $COLUMNS)) -eq 0 ]; then
+    if [ $(((i+1) % COLUMNS)) -eq 0 ]; then
         out+="\n"
     fi
 done

50-fail2ban

@@ -4,17 +4,17 @@
 # Taken from: https://github.com/yboetz/motd/blob/master/50-fail2ban
 
 logfile='/var/log/fail2ban.log*'
-mapfile -t lines < <(grep -hioP '(\[[a-z-]+\]) (ban|unban)' $logfile | sort | uniq -c)
+mapfile -t lines < <(grep -hioP '(\[[a-z-]+\]) (ban|unban)' "$logfile" | sort | uniq -c)
 jails=($(printf -- '%s\n' "${lines[@]}" | grep -oP '\[\K[^\]]+' | sort | uniq))
 
 out=""
-for jail in ${jails[@]}; do
+for jail in "${jails[@]}"; do
     bans=$(printf -- '%s\n' "${lines[@]}" | grep -iP "[[:digit:]]+ \[$jail\] ban" | awk '{print $1}')
     unbans=$(printf -- '%s\n' "${lines[@]}" | grep -iP "[[:digit:]]+ \[$jail\] unban" | awk '{print $1}')
     bans=${bans:-0} # default value
     unbans=${unbans:-0} # default value
-    diff=$(($bans-$unbans))
-    out+=$(printf "$jail, %+3s bans, %+3s unbans, %+3s active" $bans $unbans $diff)"\n"
+    diff=$((bans-unbans))
+    out+=$(printf "$jail, %+3s bans, %+3s unbans, %+3s active" "$bans" "$unbans" "$diff")"\n"
 done
 
 printf "\nfail2ban status (monthly):\n"

51-fail2ban_status

@@ -0,0 +1,18 @@
+#!/bin/bash
+# fail2ban-client status to get all jails, takes about ~70ms
+jails=($(fail2ban-client status | grep "Jail list:" | sed "s/ //g" | awk '{split($2,a,",");for(i in a) print a[i]}'))
+
+out="jail,failed,total,banned,total\n"
+
+for jail in "${jails[@]}"; do
+    # slow because fail2ban-client has to be called for every jail (~70ms per jail)
+    status=$(fail2ban-client status "${jail}")
+    failed=$(echo "$status" | grep -ioP '(?<=Currently failed:\t)[[:digit:]]+')
+    totalfailed=$(echo "$status" | grep -ioP '(?<=Total failed:\t)[[:digit:]]+')
+    banned=$(echo "$status" | grep -ioP '(?<=Currently banned:\t)[[:digit:]]+')
+    totalbanned=$(echo "$status" | grep -ioP '(?<=Total banned:\t)[[:digit:]]+')
+    out+="$jail,$failed,$totalfailed,$banned,$totalbanned\n"
+done
+
+printf "\nfail2ban status:\n"
+printf $out | column -ts $',' | sed -e 's/^/  /'

60-docker

@@ -13,15 +13,15 @@ mapfile -t containers < <(docker ps -a --format '{{.Names}}\t{{.Status}}' | awk
 
 out=""
 for i in "${!containers[@]}"; do
-    IFS=" " read name status <<< ${containers[i]}
+    IFS=" " read -r name status <<< "${containers[i]}"
     # color green if service is active, else red
     if [[ "${status}" == "Up" ]]; then
         out+="${name}:,${green}${status,,}${undim},"
     else
         out+="${name}:,${red}${status,,}${undim},"
     fi
     # insert \n every $COLUMNS column
-    if [ $((($i+1) % $COLUMNS)) -eq 0 ]; then
+    if [ $(((i+1) % COLUMNS)) -eq 0 ]; then
         out+="\n"
     fi
 done

70-tls

@@ -38,10 +38,10 @@ unix_date () {
 # Generate a string based on the expiry date
 expires_in () {
     diff=$(( $1 - $2 ))
-    expiresInHours=$(( $diff / 3600 ))
+    expiresInHours=$(( diff / 3600 ))
 
     if [ $expiresInHours -gt 48 ]; then
-        echo "$(( $expiresInHours / 24 )) days"
+        echo "$(( expiresInHours / 24 )) days"
     else
         echo "$expiresInHours hours"
     fi
@@ -54,23 +54,23 @@ output=""
 output+="  Domain | Status\n"
 for i in "${!certificates[@]}"; do
     cert="${certificates[$i]}"
-    certname="$(openssl x509 -subject -noout -in $cert | cut -d " " -f3)"
+    certname=$(openssl x509 -subject -noout -in "$cert" | cut -d " " -f3)
 
-    exp_date=$(expiry_date $cert)
+    exp_date=$(expiry_date "$cert")
     expires=$(unix_date "$exp_date")
     now=$(unix_date "now")
     inAWeek=$(unix_date "1 week")
 
-    expiresIn=$(expires_in $expires $now)
+    expiresIn=$(expires_in "$expires" "$now")
     expiryDate=$(date -d "$exp_date" +"%d.%m.%Y")
 
     # We can also get the name of the certificate automatically with:
     # openssl x509 -subject -noout -in $cert | cut -d " " -f3
     # But that takes a lot of time. We don't want to wait during login
 
-    if [ $expires -le $now ]; then
+    if [ "$expires" -le "$now" ]; then
         output+=" $red▲$undim ${certificateNames[$i]} | ${red}expired ($expiryDate)$undim\n"
-    elif [ $expires -le $inAWeek ]; then
+    elif [ "$expires" -le "$inAWeek" ]; then
         output+="  $orange●$undim ${certificateNames[$i]} | ${orange}expiring soon ($expiresIn left)$undim\n"
     else
         output+="  $green●$undim ${certificateNames[$i]} | ${green}expires in $expiresIn ($expiryDate)$undim\n"