add notification and update aws-backup (the changes will come soon)

2026-01-25 06:34:22 +00:00 · 2024-12-17 20:49:59 +01:00
parent 97e628deab
commit e9e0d7cc64
4 changed files with 164 additions and 2 deletions
--- a/aws-backup/aws-bak.sh
+++ b/aws-backup/aws-bak.sh
@@ -1,7 +1,6 @@
 #!/bin/bash

-# change to your aws-server name
-AWS="<AWS-server Name>"
+source /etc/serverconfig/.env

 DIR="$(cd "$(dirname "$0")" && pwd)"
 BACKUP="$DIR/aws-bakup.bak"
--- a/notification/README.md
+++ b/notification/README.md
@@ -0,0 +1,125 @@
+# Auto-Notification
+
+This repository contains two Bash scripts designed for monitoring user logins and system disk usage. Notifications are sent via **Telegram Bot**. Below is a detailed explanation of each script, their functionality, and how to set them up.
+
+---
+
+## Scripts Overview
+
+### 1. **PAM Hook Script**
+- **Purpose:** Monitors user sessions (login and logout) and sends notifications via Telegram whenever a user connects or disconnects from the system.
+- **Trigger:** The script is invoked by **PAM (Pluggable Authentication Module)** during session events (e.g., SSH login).
+- **Notification Content:**
+  - Username (`$PAM_USER`)
+  - Remote host (`$PAM_RHOST`)
+  - Timestamp (`$(date)`)
+
+---
+
+### 2. **Disk Monitoring Script**
+- **Purpose:** Monitors disk usage on the root filesystem (`/`) and sends an alert if the usage exceeds a predefined threshold.
+- **Trigger:** Can be run manually, or scheduled to run periodically using **Cron**.
+- **Notification Content:**
+  - Current disk usage percentage.
+  - Total disk size, used space, and available space.
+
+---
+
+## Prerequisites
+
+1. **Linux Environment:**
+   - Both scripts are designed to work on Linux systems.
+   - Ensure **PAM** is available for the login monitoring script.
+
+2. **Telegram Bot Setup:**
+   - Create a Telegram bot by talking to [BotFather](https://core.telegram.org/bots#botfather).
+   - Save the bot token (`TOKEN`).
+   - Get your `CHAT_ID` by sending a message to the bot and using an API call like:
+     ```bash
+     curl https://api.telegram.org/bot<YOUR_TOKEN>/getUpdates
+     ```
+   - Add these variables (`TOKEN` and `CHAT_ID`) to the `.env` file.
+
+3. **Environment File (`.env`):**
+   - Place the `.env` file in `/etc/serverconfig/.env`.
+   - Example `.env` file:
+     ```bash
+     TOKEN=your_bot_token_here
+     CHAT_ID=your_chat_id_here
+     ```
+
+4. **Dependencies:**
+   - Ensure `curl` is installed:
+     ```bash
+     sudo apt install curl
+     ```
+
+---
+## Installation & Configuration
+
+### 1. **PAM Hook Script**
+
+1. **Place the Script:**
+   - Save the script as `/usr/local/bin/sshd-login.sh`.
+   - Make it executable:
+     ```bash
+     sudo chmod +x /usr/local/bin/sshd-login.sh
+     ```
+
+2. **Configure PAM:**
+   - Edit the PAM configuration for the service you want to monitor. For SSH:
+     ```bash
+     sudo nano /etc/pam.d/sshd
+     ```
+   - Add the following line to trigger the script:
+     ```bash
+     session optional pam_exec.so /usr/local/bin/sshd-login.sh
+     ```
+
+3. **Test the Setup:**
+   - Log in and out of the system via SSH.
+   - Check Telegram for notifications.
+
+---
+
+### 2. **Disk Monitoring Script**
+
+1. **Place the Script:**
+   - Save the script as `/usr/local/bin/disk-monitor.sh`.
+   - Make it executable:
+     ```bash
+     sudo chmod +x /usr/local/bin/disk-monitor.sh
+     ```
+
+2. **Run Manually:**
+   - Execute the script with a threshold percentage:
+     ```bash
+     /usr/local/bin/disk-monitor.sh
+     ```
+
+3. **Automate with Cron:**
+   - Schedule the script to run periodically:
+     ```bash
+     crontab -e
+     ```
+   - Add a cron job, e.g., to check disk usage every hour:
+     ```bash
+     0 * * * * /usr/local/bin/disk-monitor.sh
+     ```
+
+---
+
+## Security Considerations
+
+1.	Restrict Access to Scripts and .env:
+- Ensure only root or authorized users can access these files:
+```
+sudo chmod 600 /etc/serverconfig/.env
+sudo chmod 700 /usr/local/bin/sshd-login.sh
+sudo chmod 700 /usr/local/bin/disk-monitor.sh
+```
+
+---
+## Conclusion
+
+These scripts provide a lightweight solution for real-time session monitoring and disk usage alerts via Telegram. By integrating with PAM and automating periodic checks, they enhance system monitoring and improve administrator response time to critical events.
--- a/notification/disk-monitor.sh
+++ b/notification/disk-monitor.sh
@@ -0,0 +1,19 @@
+    #!/bin/bash
+
+    source /etc/serverconfig/.env
+
+    disk_usage() {
+        df -h / | grep / | awk -v max="$1" '{
+            usage = $5;
+            gsub("%", "", usage);
+            if (usage > max) {
+                printf "<b>🚨 WARNING:</b>\nDisk usage is at %d%%. which exceed the treshold of %d%%.\n\n", usage, max;
+            } 
+            printf "<b>💾 Disk Usage Information:</b>\nTotal Size: %s, Used: %s, Available: %s\n\n", $2, $3, $4;
+        }'
+    }
+
+    curl -X POST "https://api.telegram.org/bot$TOKEN/sendMessage" \
+        -d "chat_id=$CHAT_ID" \
+        -d "text=$(disk_usage 80)" \
+        -d "parse_mode=HTML"
--- a/notification/sshd-login.sh
+++ b/notification/sshd-login.sh
@@ -0,0 +1,19 @@
+#!bin/bash
+
+source /etc/serverconfig/.env
+
+case "$PAM_TYPE" in
+     open_session)
+	     PAYLOAD=" { \"text\": \"$PAM_USER logged in (remote host: $PAM_RHOST) at $(date).\" }"
+         ;;
+     close_session)
+         PAYLOAD=" { \"text\": \"$PAM_USER logged out (remote host: $PAM_RHOST) at $(date).\" }"
+         ;;
+esac
+
+if [ -n "$PAYLOAD" ] ; then
+     curl -X POST "https://api.telegram.org/bot$TOKEN/sendMessage" \
+          -d "chat_id=$CHAT_ID" \
+          -d "text=$PLAYLOAD" \
+          -d "parse_mode=HTML"
+fi