add banunban script and update install.sh with ubuntu/debian detection

dbp/banunban.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+
+usage() { echo "Usage: $0 [-f dbp.ini] -d [ban|unban] -i IP" 1>&2; exit 1; }
+
+while getopts ":f:b:u:" o; do
+    case "${o}" in
+        f)
+            INIFILE=${OPTARG}
+            ;;
+        d)
+            DO_BAN=${OPTARG}
+            ;;
+        i)
+            BAN_IP=${OPTARG}
+            ;;
+        *)
+            usage
+            ;;
+    esac
+done
+shift $((OPTIND-1))
+
+if [ -z "${INIFILE}" ] || [ -z "${d}" ] || [ -z "${i}" ]; then
+    usage
+fi
+
+MYSTIC_DIR="@MYSTIC_DIR@"
+TMP_DIR=$(mktemp -d)
+
+BAN_UNBAN_ENABLE=`${MYSTIC_DIR}/inimod r ${INIFILE} -S GeneralDbP -k BanUnbanIP --silent`
+BAN_UNBAN_SERVICE=`${MYSTIC_DIR}/inimod r ${INIFILE} -S BanUnbanIP -k BanningService --silent`
+BAN_UNBAN_MYSTIC=`${MYSTIC_DIR}/inimod r ${INIFILE} -S BanUnbanIP -k UnbanInMystic --silent`
+
+if [ $BAN_UNBAN_ENABLE = "true" ]; then
+    if [ $BAN_UNBAN_SERVICE = "fail2ban" ]; then
+	if [ $DO_BAN = "ban" ]; then
+	    /usr/bin/fail2ban-client set mysticbbs banip ${BAN_IP}
+	fi
+	if [ $DO_BAN = "unban" ]; then
+	    /usr/bin/fail2ban-client set mysticbbs unbanip ${BAN_IP}
+	    if [ $BAN_UNBAN_MYSTIC = "true" ]; then
+		sed -e "/${BAN_IP}/d" -i ${MYSTIC_DIR}/data/blacklist.txt
+	    fi
+	fi
+    fi
+
+    if [ $BAN_UNBAN_SERVICE = "ipban" ]; then
+	if [ $DO_BAN = "ban" ]; then
+	    echo ${BAN_IP} > /opt/ipban/ban.txt
+	fi
+	if [ $DO_BAN = "unban" ]; then
+	    echo ${BAN_IP} > /opt/ipban/unban.txt
+	    if [ $BAN_UNBAN_MYSTIC = "true" ]; then
+		sed -e "/${BAN_IP}/d" -i ${MYSTIC_DIR}/data/blacklist.txt
+	    fi
+	fi
+    fi
+fi
+
+exit 0

dbp/cron.sh

@@ -22,10 +22,20 @@ MYSTIC_DIR="@MYSTIC_DIR@"
 TMP_DIR=$(mktemp -d)
 
 MIS_ENABLE=`${MYSTIC_DIR}/inimod r ${INIFILE} -S GeneralDbP -k MisLog --silent`
+MIS_KEEP=`${MYSTIC_DIR}/inimod r ${INIFILE} -S MisLog -k RetentionTime --silent`
+
 MUTIL_ENABLE=`${MYSTIC_DIR}/inimod r ${INIFILE} -S GeneralDbP -k MutilLog --silent`
+MUTIL_KEEP=`${MYSTIC_DIR}/inimod r ${INIFILE} -S MutilLog -k RetentionTime --silent`
+
 ERROR_ENABLE=`${MYSTIC_DIR}/inimod r ${INIFILE} -S GeneralDbP -k ErrorLog --silent`
+ERROR_KEEP=`${MYSTIC_DIR}/inimod r ${INIFILE} -S ErrorLog -k RetentionTime --silent`
+
 MRCCHAT_ENABLE=`${MYSTIC_DIR}/inimod r ${INIFILE} -S GeneralDbP -k MrcChatLog --silent`
+MRCCHAT_KEEP=`${MYSTIC_DIR}/inimod r ${INIFILE} -S MrcChatLog -k RetentionTime --silent`
+
 NODE_ENABLE=`${MYSTIC_DIR}/inimod r ${INIFILE} -S GeneralDbP -k NodeLog --silent`
+NODE_COUNT=`${MYSTIC_DIR}/inimod r ${INIFILE} -S NodeLog -k MaxNodes --silent`
+NODE_KEEP=`${MYSTIC_DIR}/inimod r ${INIFILE} -S NodeLog -k RetentionTime --silent`
 
 IP2L_ENABLE=`${MYSTIC_DIR}/inimod r ${INIFILE} -S GeneralDbP -k Ip2Location --silent`
 IP2L_TOKEN=`${MYSTIC_DIR}/inimod r ${INIFILE} -S Ip2Location -k Token --silent`
@@ -40,6 +50,7 @@ if [ $MIS_ENABLE = "true" ]; then
     touch ${MYSTIC_DIR}/logs/mis.${TOMORROW}.log
     ln -sf mis.${NOW}.log ${MYSTIC_DIR}/logs/mis.log
     [ -f /${MYSTIC_DIR}/logs/mis.${YESTERDAY}.log ] && gzip -9 ${MYSTIC_DIR}/logs/mis.${YESTERDAY}.log
+    find ${MYSTIC_DIR}/logs/ -type f -mtime +${MIS_KEEP} -name 'mis.*' -exec rm {} \;
 fi
 
 if [ $MUTIL_ENABLE = "true" ]; then
@@ -47,6 +58,7 @@ if [ $MUTIL_ENABLE = "true" ]; then
     touch ${MYSTIC_DIR}/logs/mutil.${TOMORROW}.log
     ln -sf mutil.${NOW}.log ${MYSTIC_DIR}/logs/mutil.log
     [ -f /${MYSTIC_DIR}/logs/mutil.${YESTERDAY}.log ] && gzip -9 ${MYSTIC_DIR}/logs/mutil.${YESTERDAY}.log
+    find ${MYSTIC_DIR}/logs/ -type f -mtime +${MUTIL_KEEP} -name 'mutil.*' -exec rm {} \;
 fi
 
 if [ $ERROR_ENABLE = "true" ]; then
@@ -54,6 +66,7 @@ if [ $ERROR_ENABLE = "true" ]; then
     touch ${MYSTIC_DIR}/logs/errors.${TOMORROW}.log
     ln -sf errors.${NOW}.log ${MYSTIC_DIR}/logs/errors.log
     [ -f /${MYSTIC_DIR}/logs/errors.${YESTERDAY}.log ] && gzip -9 ${MYSTIC_DIR}/logs/errors.${YESTERDAY}.log
+    find ${MYSTIC_DIR}/logs/ -type f -mtime +${ERROR_KEEP} -name 'error.*' -exec rm {} \;
 fi
 
 if [ $MRCCHAT_ENABLE = "true" ]; then
@@ -63,15 +76,17 @@ if [ $MRCCHAT_ENABLE = "true" ]; then
     ln -sf ../../logs/mrcchat.${NOW}.log ${MYSTIC_DIR}/data/mrc/mrcchat.log
     ln -sf mrcchat.${NOW}.log ${MYSTIC_DIR}/logs/mrcchat.log
     [ -f /${MYSTIC_DIR}/logs/mrcchat.${YESTERDAY}.log ] && gzip -9 ${MYSTIC_DIR}/logs/mrcchat.${YESTERDAY}.log
+    find ${MYSTIC_DIR}/logs/ -type f -mtime +${MRCCHAT_KEEP} -name 'mrcchat.*' -exec rm {} \;
 fi
 
 if [ $NODE_ENABLE = "true" ]; then
-    for i in {0..10}
+    for i in {0..${NODE_COUNT}}
     do
 	touch ${MYSTIC_DIR}/logs/node${i}.${NOW}.log
 	touch ${MYSTIC_DIR}/logs/node${i}.${TOMORROW}.log
 	ln -sf node${i}.${NOW}.log ${MYSTIC_DIR}/logs/node${i}.log
 	[ -f ${MYSTIC_DIR}/logs/node${i}.${YESTERDAY}.log ] && gzip -9 ${MYSTIC_DIR}/logs/node${i}.${YESTERDAY}.log
+	find ${MYSTIC_DIR}/logs/ -type f -mtime +${NODE_KEEP} -name 'node*' -exec rm {} \;
     done
 fi
 

dbp/dbp.ini

@@ -21,13 +21,32 @@ Token=PleasePutTokenHere
 Database=DB1LITEBIN
 
 [MisLog]
+; Set maximum days of logs to keep for the Mis Daemon
+RetentionTime=7
 
 [ErrorLog]
+; Set maximum days of logs to keep for the Error Log
+RetentionTime=7
 
 [NodeLog]
+; Set maximum days of logs to keep for the Node Processes
+RetentionTime=7
+
+; Set the Maximum Number of Node instances to the same Value as in "Servers->General Options->Max BBS Nodes"
+MaxNodes=32
 
 [MutilLog]
+; Set maximum days of logs to keep for the Mutil Process
+RetentionTime=7
 
 [MrcChatLog]
+; Set maximum days of logs to keep for the Multo Relay Chat
+RetentionTime=7
 
 [BanUnbanIP]
+;Set the banning Service to fail2ban or banip
+; depends on what you seleted in the install stage
+BanningService=fail2ban
+
+;Also unban in Mystic when useng the unban
+UnbanInMystic=true

dbp/install.sh

@@ -4,7 +4,7 @@ MYSTIC_DIR="$1"
 
 sed -e "s!@MYSTIC_DIR@!${MYSTIC_DIR}!g" cron.sh > ${MYSTIC_DIR}/cron
 chmod +x ${MYSTIC_DIR}/cron
-#sed -e "s!@MYSTIC_DIR@!${MYSTIC_DIR}!g" mis-stop.sh > ${MYSTIC_DIR}/mis-stop
-#chmod +x ${MYSTIC_DIR}/mis-stop
+sed -e "s!@MYSTIC_DIR@!${MYSTIC_DIR}!g" banunban.sh > ${MYSTIC_DIR}/banunban
+chmod +x ${MYSTIC_DIR}/banunban
 sed -e "s!@MYSTIC_DIR@!${MYSTIC_DIR}!g" dbp.ini > ${MYSTIC_DIR}/dbp.ini
 

install.sh

@@ -13,9 +13,16 @@ APP="Mystic"
 MSDIR="/opt/mystic"
 TMP_DIR=$(mktemp -d)
 ARCH=$(dpkg-architecture -qDEB_HOST_MULTIARCH)
+
+DIST=$(lsb_release -i -s)
+CODENAME=$(lsb_release -c -s)
+
 GROUP=$(getent group mystic)
 USER=$(getent shadow mystic)
 
+FAIL2BAN_GROUP=$(getent group fail2ban)
+IPBAN_GROUP=$(getent group ipban)
+
 
 LIBDIR=/usr/lib/${ARCH}
 MYSTIC_VER="112a47"
@@ -96,7 +103,17 @@ function msg_ok() {
 }
 
 msg_info "Setting up ${APP} Repository"
-sed -i -e's/ main/ main contrib non-free/g' /etc/apt/sources.list &>/dev/null
+apt-get update &>/dev/null
+apt-get install -y software-properties-common &>/dev/null
+if [ "${DIST}" = "Debian" ]; then
+    apt-add-repository contrib &>/dev/null
+    apt-add-repository non-free &>/dev/null
+fi 
+if [ "${DIST}" = "Ubuntu" ]; then
+    apt-add-repository universe &>/dev/null
+    apt-add-repository restricted &>/dev/null
+    apt-add-repository multiverse &>/dev/null
+fi 
 apt-get update &>/dev/null
 apt-get install -y curl &>/dev/null
 apt-get install -y wget &>/dev/null
@@ -165,6 +182,16 @@ if [ $exitstatus = 0 ]; then
     echo -e "${DGN}Add DbP Script: ${BGN}$DBPSCRIPTS${CL}"
 fi
 
+BANUNBAN=$(whiptail --title "Add Ban / Anban to Mystic" --radiolist --cancel-button Exit-Script "Choose Fail2Ban IpBan  No" 12 58 5 \
+    "fail2ban" "Add Fail2Ban" FAIL2BAN \
+    "ipban" "Add IpBan" IPBAN \
+    "No" "Don't add IP Banning" OFF \
+    3>&1 1>&2 2>&3)
+  exitstatus=$?
+if [ $exitstatus = 0 ]; then
+    echo -e "${DGN}Add Fail2Ban: ${BGN}$BANUNBAN${CL}"
+fi
+
 
 
 #==============================================================================================================
@@ -334,6 +361,59 @@ fi
 
 #==============================================================================================================
 
+if [ $BANUNBAN = "fail2ban" ]; then
+msg_info "Installing Fail2Ban Dependencies for ${APP}"
+apt-get install -y fail2ban &>/dev/null
+apt-get install -y iptables &>/dev/null
+apt-get install -y ipset &>/dev/null
+if [ -z "${FAIL2BAN_GROUP}" ]; then
+groupadd fail2ban &>/dev/null
+fi
+usermod --append --groups fail2ban mystic &>/dev/null
+chown root:fail2ban /var/run/fail2ban/fail2ban.sock &>/dev/null
+chmod g+w /var/run/fail2ban/fail2ban.sock &>/dev/null
+msg_ok "Installing Fail2Ban Dependencies for ${APP}"
+
+msg_info "Installing Fail2Ban Scripts for ${APP}"
+pushd /usr/local/src/mystic/mystic/fail2ban &>/dev/null
+bash install.sh $MYSTIC_DIR &>/dev/null
+popd &>/dev/null
+msg_ok "Installing Fail2Ban Scripts for ${APP}"
+
+fi
+
+if [ $BANUNBAN = "ipban" ]; then
+msg_info "Installing IpBan Dependencies for ${APP}"
+pushd /usr/local/src/mystic &>/dev/null
+wget -N https://github.com/DigitalRuby/IPBan/raw/master/IPBanCore/Linux/Scripts/Install.sh -O /usr/local/src/mystic/ipban-install.sh &>/dev/null
+apt-get install -y fail2ban &>/dev/null
+apt-get install -y iptables &>/dev/null
+apt-get install -y ipset &>/dev/null
+apt-get install -y xmlstarlet &>/dev/null
+sed -i '/yum/d' /usr/local/src/mystic/ipban-install.sh &>/dev/null
+sed -i '/systemctl/d' /usr/local/src/mystic/ipban-install.sh &>/dev/null
+sed -e 's!sudo !!g' -i /usr/local/src/mystic/ipban-install.sh &>/dev/null
+sed -i '/nano/d' /usr/local/src/mystic/ipban-install.sh &>/dev/null
+bash /usr/local/src/mystic/ipban-install.sh &>/dev/null
+if [ -z "${IPBAN_GROUP}" ]; then
+groupadd ipban &>/dev/null
+fi
+usermod --append --groups ipban mystic &>/dev/null
+chown -R root:ipban /opt/ipban &>/dev/null
+chmod 775 /opt/ipban/ &>/dev/null
+popd &>/dev/null
+msg_ok "Installing IpBan Dependencies for ${APP}"
+
+#msg_info "Installing Fail2Ban Scripts for ${APP}"
+#pushd /usr/local/src/mystic/mystic/ipban &>/dev/null
+#bash install.sh $MYSTIC_DIR &>/dev/null
+#popd &>/dev/null
+#msg_ok "Installing Fail2Ban Scripts for ${APP}"
+
+fi
+
+#==============================================================================================================
+
 sed -e 's/\\/\//g' -i ${MYSTIC_DIR}/mutil.ini
 sed -e "s!c:/mystic!${MYSTIC_DIR}!g" -i ${MYSTIC_DIR}/mutil.ini
 sed -e "s!d:/mystic!${MYSTIC_DIR}!g" -i ${MYSTIC_DIR}/mutil.ini