feat: rework entire file system (must change soon)

scripts/aws-bak.sh

@@ -0,0 +1,83 @@
+#!/bin/bash
+
+source /etc/serverconfig/.env
+
+DIR="$(cd "$(dirname "$0")" && pwd)"
+BACKUP="$DIR/aws-bakup.bak"
+LOG="/var/log/aws-bak.log"
+
+SYNCED_FILES=""
+
+date_print() {
+    echo -n "$(date +"%d-%m-%Y %H:%M:%S") - " | tee -a $LOG
+}
+
+error_print() {
+    date_print
+    if [ "$1" == "true" ]; then
+        echo "Backup error $2 -/> s3://$AWS : " | tee -a "$LOG"
+    else
+        echo "Backup succeeded --> s3://$AWS : " | tee -a "$LOG"
+    fi
+}
+
+if [ "$1" == "clean" ]; then
+    if [ "$2" == "aws" ]; then
+        echo "Cleaning the S3 bucket: s3://$AWS" | tee -a "$LOG"
+        aws s3 rm "s3://$AWS/" --recursive | tee -a "$LOG"
+
+        if [ $? -ne 0 ]; then
+            error_print true "Failed to clean the S3 bucket"
+            exit 1
+        fi
+
+        echo "Bucket cleaned successfully." | tee -a "$LOG"
+        exit 0
+    else
+        echo "Purge aws-bak files."
+        rm -f $BACKUP $LOG $DIR/aws-bak.sh
+        exit 0
+    fi
+fi
+
+if [ -n "$1" ]; then
+    AWS="$1"
+fi
+
+if [ ! -e "$BACKUP" ]; then
+    touch "$BACKUP"
+    error_print true "$BACKUP"
+    echo "$BACKUP created. Please include only the dirname in this file." | tee -a "$LOG"
+    exit 1
+fi
+
+while IFS= read -r SOURCE_PATH || [ -n "$SOURCE_PATH" ]; do
+    if [ -z "$SOURCE_PATH" ] || [[ "$SOURCE_PATH" =~ ^[[:space:]]*$ ]]; then
+        continue
+    fi
+
+    if [ -d "$SOURCE_PATH" ] || [ -f "$SOURCE_PATH" ]; then
+        aws s3 sync "$SOURCE_PATH" "s3://$AWS/$(basename "$SOURCE_PATH")" --delete > /dev/null 2>&1
+
+        if [ $? -ne 0 ]; then
+            error_print true "$SOURCE_PATH"
+            echo "Error while syncing $SOURCE_PATH to the AWS server." | tee -a "$LOG"
+            exit 1
+        fi
+
+        SYNCED_FILES="$SYNCED_FILES\n$SOURCE_PATH"
+    else
+        error_print true "$SOURCE_PATH"
+        echo "$SOURCE_PATH not found or inaccessible." | tee -a "$LOG"
+    fi
+done < "$BACKUP"
+
+if [ -n "$SYNCED_FILES" ]; then
+    error_print false ""
+    echo -e "Files synced:$SYNCED_FILES" | tee -a "$LOG"
+else
+    echo "No files synced." | tee -a "$LOG"
+    exit 0;
+fi
+
+echo "All files synced to AWS." | tee -a "$LOG"

scripts/disk-monitor.sh

@@ -0,0 +1,19 @@
+    #!/bin/bash
+
+    source /etc/serverconfig/.env
+
+    disk_usage() {
+        df -h / | grep / | awk -v max="$1" '{
+            usage = $5;
+            gsub("%", "", usage);
+            if (usage > max) {
+                printf "<b>🚨 WARNING:</b>\nDisk usage is at %d%%. which exceed the treshold of %d%%.\n\n", usage, max;
+            } 
+            printf "<b>💾 Disk Usage Information:</b>\nTotal Size: %s, Used: %s, Available: %s\n\n", $2, $3, $4;
+        }'
+    }
+
+    curl -X POST "https://api.telegram.org/bot$TOKEN/sendMessage" \
+        -d "chat_id=$CHAT_ID" \
+        -d "text=$(disk_usage 80)" \
+        -d "parse_mode=HTML"

scripts/docker-compose.yml

@@ -0,0 +1,73 @@
+volumes:
+  etc_wireguard:
+  etc_certs:
+  etc_acme:
+
+services:
+
+  wg-easy:
+    image: ghcr.io/wg-easy/wg-easy:15
+    container_name: wg-easy
+    networks:
+        - network-container
+    volumes:
+      - etc_wireguard:/etc/wireguard
+      - /lib/modules:/lib/modules:ro
+    ports:
+      - "51820:51820/udp"
+      - "51821:51821/tcp"
+    restart: unless-stopped
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    sysctls:
+      - net.ipv4.ip_forward=1
+      - net.ipv4.conf.all.src_valid_mark=1
+      - net.ipv6.conf.all.disable_ipv6=0
+      - net.ipv6.conf.all.forwarding=1
+      - net.ipv6.conf.default.forwarding=1
+    environment:
+      - VIRTUAL_HOST=${HOSTNAME_VPN}
+      - LETSENCRYPT_HOST=${HOSTNAME_VPN}
+      - LETSENCRYPT_EMAIL=${EMAIL}
+      - VIRTUAL_PORT=51821
+    depends_on:
+      - nginx-proxy
+
+  acme-companion:
+    image: nginxproxy/acme-companion
+    container_name: acme-companion
+    restart: unless-stopped
+    environment:
+      - DEFAULT_EMAIL=${EMAIL}
+      - NGINX_PROXY_CONTAINER=nginx-proxy
+    depends_on:
+      - nginx-proxy
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - etc_certs:/etc/nginx/certs
+      - /etc/nginx/vhost.d
+      - ./default_html:/usr/share/nginx/html
+      - etc_acme:/etc/acme.sh
+    networks:
+      - network-container
+
+  nginx-proxy:
+    image: nginxproxy/nginx-proxy:alpine
+    container_name: nginx-proxy
+    restart: unless-stopped
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - etc_certs:/etc/nginx/certs
+      - /etc/nginx/vhost.d
+      - ./default_html:/usr/share/nginx/html
+    networks:
+      - network-container
+    
+
+networks:
+  network-container:
+    external: false

scripts/sshd-login.sh

@@ -0,0 +1,19 @@
+#!bin/bash
+
+source /etc/serverconfig/.env
+
+case "$PAM_TYPE" in
+     open_session)
+	     PAYLOAD=" { \"text\": \"$PAM_USER logged in (remote host: $PAM_RHOST) at $(date).\" }"
+         ;;
+     close_session)
+         PAYLOAD=" { \"text\": \"$PAM_USER logged out (remote host: $PAM_RHOST) at $(date).\" }"
+         ;;
+esac
+
+if [ -n "$PAYLOAD" ] ; then
+     curl -X POST "https://api.telegram.org/bot$TOKEN/sendMessage" \
+          -d "chat_id=$CHAT_ID" \
+          -d "text=$PLAYLOAD" \
+          -d "parse_mode=HTML"
+fi