From: Frank Brehm Date: Thu, 22 Apr 2021 16:19:23 +0000 (+0200) Subject: daily autocommit X-Git-Url: https://git.uhu-banane.net/?a=commitdiff_plain;h=c0f30fafe0fd0e238dbb6b125fba5ba69b2a5b70;p=config%2Fhelga-hetzner%2Fetc.git daily autocommit --- diff --git a/.etckeeper b/.etckeeper index c3461ff..22e328d 100755 --- a/.etckeeper +++ b/.etckeeper @@ -28,7 +28,6 @@ mkdir -p './kernel/install.d' mkdir -p './letsencrypt/renewal-hooks/deploy' mkdir -p './letsencrypt/renewal-hooks/post' mkdir -p './letsencrypt/renewal-hooks/pre' -mkdir -p './logwatch/conf/logfiles' mkdir -p './logwatch/conf/services' mkdir -p './logwatch/scripts/services' mkdir -p './nginx/conf.d' @@ -839,6 +838,16 @@ maybe chmod 0644 'logrotate.d/wtmp' maybe chmod 0755 'logwatch' maybe chmod 0755 'logwatch/conf' maybe chmod 0755 'logwatch/conf/logfiles' +maybe chmod 0644 'logwatch/conf/logfiles/cron.conf' +maybe chmod 0644 'logwatch/conf/logfiles/daemon.conf' +maybe chmod 0644 'logwatch/conf/logfiles/dovecot.conf' +maybe chmod 0644 'logwatch/conf/logfiles/fail2ban.conf' +maybe chmod 0644 'logwatch/conf/logfiles/iptables.conf' +maybe chmod 0644 'logwatch/conf/logfiles/maillog.conf' +maybe chmod 0644 'logwatch/conf/logfiles/named.conf' +maybe chmod 0644 'logwatch/conf/logfiles/secure.conf' +maybe chmod 0644 'logwatch/conf/logfiles/syslog.conf' +maybe chmod 0644 'logwatch/conf/logwatch.conf' maybe chmod 0755 'logwatch/conf/services' maybe chmod 0755 'logwatch/scripts' maybe chmod 0755 'logwatch/scripts/services' diff --git a/logwatch/conf/logfiles/cron.conf b/logwatch/conf/logfiles/cron.conf new file mode 100644 index 0000000..4549bbd --- /dev/null +++ b/logwatch/conf/logfiles/cron.conf @@ -0,0 +1,21 @@ +########################################################################## +# $Id: cron.conf 149 2013-06-18 22:18:12Z mtremaine $ +########################################################################## + +# What actual file? Defaults to LogPath if not absolute path.... +#Solaris is /var/cron/log -mgt +LogFile = syslog.d/cron.log +LogFile = syslog.d/.old/cron.log-*[0-9] + +# If the archives are searched, here is one or more line +# (optionally containing wildcards) that tell where they are... +Archive = syslog.d/.old/cron.*.gz +Archive = syslog.d/.old/cron-*.gz + +# Expand the repeats (actually just removes them now) +*ExpandRepeats + +# Keep only the lines in the proper date range... +*ApplyStdDate + +# vi: shiftwidth=3 tabstop=3 et diff --git a/logwatch/conf/logfiles/daemon.conf b/logwatch/conf/logfiles/daemon.conf new file mode 100644 index 0000000..d5c34fe --- /dev/null +++ b/logwatch/conf/logfiles/daemon.conf @@ -0,0 +1,18 @@ +########################################################################### +# $Id: daemon.conf 149 2013-06-18 22:18:12Z mtremaine $ +########################################################################### + +# daemon log file for debian-based systems + +LogFile = syslog.d/daemon.log +LogFile = syslog.d/.old/daemon.log-*[0-9] +Archive = syslog.d/.old/daemon.log.*.gz +Archive = syslog.d/.old/daemon.log-*.gz + +*ExpandRepeats +*ApplyStdDate + +########################################################################### +# Please send all comments, suggestions, bug reports, +# etc, to logwatch-devel@lists.sourceforge.net +########################################################################### diff --git a/logwatch/conf/logfiles/dovecot.conf b/logwatch/conf/logfiles/dovecot.conf new file mode 100644 index 0000000..d2e60f4 --- /dev/null +++ b/logwatch/conf/logfiles/dovecot.conf @@ -0,0 +1,4 @@ +LogFile = dovecot/*.log +LogFile = dovecot/.old/*[0-9] +Archive = dovecot/.old/*.gz +*ApplyStdDate = "%b %d %H:%M:%S " diff --git a/logwatch/conf/logfiles/fail2ban.conf b/logwatch/conf/logfiles/fail2ban.conf new file mode 100644 index 0000000..377e264 --- /dev/null +++ b/logwatch/conf/logfiles/fail2ban.conf @@ -0,0 +1,32 @@ +########################################################################### +# $Id: fail2ban.conf 149 2013-06-18 22:18:12Z mtremaine $ +########################################################################### +# $Log: fail2ban.conf,v $ +# Revision 1.2 2006/12/15 04:53:39 bjorn +# Now using ApplyEuroDate, by Willi Mann. +# +# Revision 1.1 2006/05/30 19:04:26 bjorn +# Added fail2ban service, written by Yaroslav Halchenko. +# +########################################################################### + +# You can put comments anywhere you want to. They are effective for the +# rest of the line. + +# this is in the format of = . Whitespace at the beginning +# and end of the lines is removed. Whitespace before and after the = sign +# is removed. Everything is case *insensitive*. + +# Yes = True = On = 1 +# No = False = Off = 0 + + +*ApplyEuroDate + + +LogFile = fail2ban.log +LogFile = .old/fail2ban.log-*[0-9] + +Archive = .old/fail2ban.*.gz +Archive = .old/fail2ban-*.gz + diff --git a/logwatch/conf/logfiles/iptables.conf b/logwatch/conf/logfiles/iptables.conf new file mode 100644 index 0000000..3826d98 --- /dev/null +++ b/logwatch/conf/logfiles/iptables.conf @@ -0,0 +1,24 @@ +########################################################################## +# $Id$ +########################################################################## + +######################################################## +# This was written and is maintained by: +# Kirk Bauer +# +# Please send all comments, suggestions, bug reports, +# etc, to kirk@kaybee.org. +######################################################## + +# What actual file? Defaults to LogPath if not absolute path.... +LogFile = ulog/syslogemu.log + +# If the archives are searched, here is one or more line +# (optionally containing wildcards) that tell where they are... +Archive = ulog/syslogemu.log.* +Archive = ulog/syslogemu.log-* + +# Keep only the lines in the proper date range... +*ApplyStdDate + +# vi: shiftwidth=3 tabstop=3 et diff --git a/logwatch/conf/logfiles/maillog.conf b/logwatch/conf/logfiles/maillog.conf new file mode 100644 index 0000000..eff8d51 --- /dev/null +++ b/logwatch/conf/logfiles/maillog.conf @@ -0,0 +1,23 @@ +########################################################################## +# $Id: maillog.conf,v 1.14 2007/10/01 16:55:18 mike Exp $ +########################################################################## + +# What actual file? Defaults to LogPath if not absolute path.... +LogFile = syslog.d/mail.log +LogFile = syslog.d/.old/mail.log-*[0-9] + + +# If the archives are searched, here is one or more line +# (optionally containing wildcards) that tell where they are... +#If you use a "-" in naming add that as well -mgt +Archive = syslog.d/.old/mail.*.gz +Archive = syslog.d/.old/mail-*.gz + + +# Expand the repeats (actually just removes them now) +*ExpandRepeats + +# Keep only the lines in the proper date range... +*ApplyStdDate + +# vi: shiftwidth=3 tabstop=3 et diff --git a/logwatch/conf/logfiles/named.conf b/logwatch/conf/logfiles/named.conf new file mode 100644 index 0000000..90bbd17 --- /dev/null +++ b/logwatch/conf/logfiles/named.conf @@ -0,0 +1,24 @@ +########################################################################## +# $Id$ +########################################################################## + +######################################################## +# This was written and is maintained by: +# Frank Brehm +######################################################## + +# What actual file? Defaults to LogPath if not absolute path.... +LogFile = bind/named.log +LogFile = bind/security.log + +# If the archives are searched, here is one or more line +# (optionally containing wildcards) that tell where they are... +Archive = bind/named.log.* +Archive = bind/named.log-* +Archive = bind/.old/named.log.* +Archive = bind/.old/named.log-* + +# Keep only the lines in the proper date range... +*ApplyBindDate + +# vi: filetype=conf shiftwidth=3 tabstop=3 et diff --git a/logwatch/conf/logfiles/secure.conf b/logwatch/conf/logfiles/secure.conf new file mode 100644 index 0000000..5e9bf27 --- /dev/null +++ b/logwatch/conf/logfiles/secure.conf @@ -0,0 +1,26 @@ +########################################################################## +# $Id: secure.conf 149 2013-06-18 22:18:12Z mtremaine $ +########################################################################## + +# What actual file? Defaults to LogPath if not absolute path.... +LogFile = syslog.d/auth.log +LogFile = syslog.d/authpriv.log +LogFile = syslog.d/.old/auth.log-*[0-9] +LogFile = syslog.d/.old/authpriv.log-*[0-9] + +# If the archives are searched, here is one or more line +# (optionally containing wildcards) that tell where they are... +#If you use a "-" in naming add that as well -mgt +Archive = syslog.d/.old/auth.*.gz +Archive = syslog.d/.old/auth-*.gz +Archive = syslog.d/.old/authpriv.*.gz +Archive = syslog.d/.old/authpriv-*.gz + + +# Expand the repeats (actually just removes them now) +*ExpandRepeats + +# Keep only the lines in the proper date range... +*ApplyStdDate + +# vi: shiftwidth=3 tabstop=3 et diff --git a/logwatch/conf/logfiles/syslog.conf b/logwatch/conf/logfiles/syslog.conf new file mode 100644 index 0000000..de92bf7 --- /dev/null +++ b/logwatch/conf/logfiles/syslog.conf @@ -0,0 +1,21 @@ +########################################################################### +# $Id: syslog.conf 149 2013-06-18 22:18:12Z mtremaine $ +########################################################################### + +# Syslog file for debian-based systems + +LogFile = messages +LogFile = syslog +LogFile = .old/messages-*[0-9] +LogFile = .old/syslog-*[0-9] +Archive = .old/messages.*.gz +Archive = .old/messages-*.gz +Archive = .old/syslog.*.gz +Archive = .old/syslog-*.gz +*ExpandRepeats +#Comma separated list works best -mgt +*RemoveService = talkd,telnetd,inetd,nfsd,/sbin/mingetty +*applystddate +# *ApplyStdDate + +# vi: shiftwidth=3 tabstop=3 et diff --git a/logwatch/conf/logwatch.conf b/logwatch/conf/logwatch.conf new file mode 100644 index 0000000..ac4dac7 --- /dev/null +++ b/logwatch/conf/logwatch.conf @@ -0,0 +1,151 @@ +######################################################## +# This was written and is maintained by: +# Kirk Bauer +# +# Please send all comments, suggestions, bug reports, +# etc, to kirk@kaybee.org. +# +######################################################## + +# NOTE: +# All these options are the defaults if you run logwatch with no +# command-line arguments. You can override all of these on the +# command-line. + +# You can put comments anywhere you want to. They are effective for the +# rest of the line. + +# this is in the format of = . Whitespace at the beginning +# and end of the lines is removed. Whitespace before and after the = sign +# is removed. Everything is case *insensitive*. + +# Yes = True = On = 1 +# No = False = Off = 0 + +# Default Log Directory +# All log-files are assumed to be given relative to this directory. +LogDir = /var/log + +# You can override the default temp directory (/tmp) here +TmpDir = /var/cache/logwatch + +#Output/Format Options +#By default Logwatch will print to stdout in text with no encoding. +#To make email Default set Output = mail to save to file set Output = file +Output = stdout +#To make Html the default formatting Format = html +Format = text +#To make Base64 [aka uuencode] Encode = base64 +Encode = none + +# Input Encoding +# Logwatch assumes that the input is in UTF-8 encoding. Defining CharEncoding +# will use iconv to convert text to the UTF-8 encoding. Set CharEncoding +# to an empty string to use the default current locale. If set to a valid +# encoding, the input characters are converted to UTF-8, discarding any +# illegal characters. Valid encodings are as used by the iconv program, +# and `iconv -l` lists valid character set encodings. +# Setting CharEncoding to UTF-8 simply discards illegal UTF-8 characters. +#CharEncoding = "" + +# Default person to mail reports to. Can be a local account or a +# complete email address. Variable Output should be set to mail, or +# --output mail should be passed on command line to enable mail feature. +MailTo = root +# WHen using option --multiemail, it is possible to specify a different +# email recipient per host processed. For example, to send the report +# for hostname host1 to user@example.com, use: +#Mailto_host1 = user@example.com +# Multiple recipients can be specified by separating them with a space. + +# Default person to mail reports from. Can be a local account or a +# complete email address. +MailFrom = Logwatch + +# if set, the results will be saved in instead of mailed +# or displayed. Be sure to set Output = file also. +#Filename = /tmp/logwatch + +# Use archives? If set to 'Yes', the archives of logfiles +# (i.e. /var/log/messages.1 or /var/log/messages.1.gz) will +# be searched in addition to the /var/log/messages file. +# This usually will not do much if your range is set to just +# 'Yesterday' or 'Today'... it is probably best used with Range = All +# By default this is now set to Yes. To turn off Archives uncomment this. +#Archives = No + +# The default time range for the report... +# The current choices are All, Today, Yesterday +Range = yesterday + +# The default detail level for the report. +# This can either be Low, Med, High or a number. +# Low = 0 +# Med = 5 +# High = 10 +Detail = Low + + +# The 'Service' option expects either the name of a filter +# (in /usr/share/logwatch/scripts/services/*) or 'All'. +# The default service(s) to report on. This should be left as All for +# most people. +Service = All +# You can also disable certain services (when specifying all) +Service = "-zz-network" # Prevents execution of zz-network service, which + # prints useful network configuration info. +Service = "-zz-sys" # Prevents execution of zz-sys service, which + # prints useful system configuration info. +Service = "-eximstats" # Prevents execution of eximstats service, which + # is a wrapper for the eximstats program. +# If you only cared about FTP messages, you could use these 2 lines +# instead of the above: +#Service = ftpd-messages # Processes ftpd messages in /var/log/messages +#Service = ftpd-xferlog # Processes ftpd messages in /var/log/xferlog +# Maybe you only wanted reports on PAM messages, then you would use: +#Service = pam_pwdb # PAM_pwdb messages - usually quite a bit +#Service = pam # General PAM messages... usually not many + +# You can also choose to use the 'LogFile' option. This will cause +# logwatch to only analyze that one logfile.. for example: +#LogFile = messages +# will process /var/log/messages. This will run all the filters that +# process that logfile. This option is probably not too useful to +# most people. Setting 'Service' to 'All' above analyzes all LogFiles +# anyways... + +# +# By default we assume that all Unix systems have sendmail or a sendmail-like MTA. +# The mailer code prints a header with To: From: and Subject:. +# At this point you can change the mailer to anything that can handle this output +# stream. +# TODO test variables in the mailer string to see if the To/From/Subject can be set +# From here with out breaking anything. This would allow mail/mailx/nail etc..... -mgt +mailer = "/usr/sbin/sendmail -t" + +# +# With this option set to a comma separated list of hostnames, only log entries +# for these particular hosts will be processed. This can allow a log host to +# process only its own logs, or Logwatch can be run once per a set of hosts +# included in the logfiles. +# Example: HostLimit = hosta,hostb,myhost +# +# The default is to report on all log entries, regardless of its source host. +# Note that some logfiles do not include host information and will not be +# influenced by this setting. +# +#HostLimit = myhost + +# +# By default /var/adm is searched after LogDir. +#AppendVarAdmToLogDirs = 1 + +# +# By default /var/log is to be searched after LogDir and /var/adm/ . +#AppendVarLogToLogDirs = 1 + +# +# By default the current working directory is searched last after LogDir, /var/adm/, and /var/log/ . +#AppendCWDToLogDirs = 1 + +# vi: shiftwidth=3 tabstop=3 et diff --git a/motd b/motd index 6934503..a277cd0 100644 --- a/motd +++ b/motd @@ -6,11 +6,9 @@ Debian GNU/Linux 10 (buster) |_| |_|\___|_|\__, |\__,_| |___/ -Alle unmittelbare Aufforderung zum Ideellen ist bedenklich, -besonders an die Weiblein. Wie es auch sei, umgibt sich der einzelne -bedeutende Mann mit einem mehr oder weniger -religios-moralisch-ästhetischen Serail. - -- Goethe, Maximen und Reflektionen, Nr. 534 +Eine humoristische Stelle glänzt am meisten in einem ernsthaften Buch +zitiert. + -- Jean Paul Today is Boomtime, the 39th day of Discord in the YOLD 3187