#!/bin/bash # # .---. . . # | | | # |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. # | | (.-' (.-' ( | ( )| | | | )( )| | (.-' # ' ' --' --' -' - -' ' ' -' -' -' ' - --' # # Freedom in the Cloud # # Turn logging on or off # License # ======= # # Copyright (C) 2015-2016 Bob Mottram # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . PROJECT_NAME='freedombone' export TEXTDOMAIN=${PROJECT_NAME}-logging export TEXTDOMAINDIR="/usr/share/locale" WEBSERVER_LOG_LEVEL='warn' if [ ! "$1" ]; then exit 1 fi if [[ "$1" == "on" || "$1" == "On" || "$1" == "ON" ]]; then if [ -f /etc/fail2ban/fail2ban.conf ]; then sed -i 's|loglevel.*|loglevel = 3|g' /etc/fail2ban/fail2ban.conf sed -i 's|logtarget.*|logtarget = /var/log/fail2ban.log|g' /etc/fail2ban/fail2ban.conf fi if [ -d /etc/tor ]; then sed -i 's|#Log notice file.*|Log notice file /var/log/tor.log|g' /etc/tor/torrc sed -i 's|Log notice file.*|Log notice file /var/log/tor.log|g' /etc/tor/torrc fi if [ -f /etc/mumble-server.ini ]; then sed -i 's|logfile=.*|logfile=/var/log/mumble-server.log|g' /etc/mumble-server.ini fi if [ -f /etc/php5/fpm/php-fpm.conf ]; then sed -i 's|error_log =.*|error_log = /var/log/php5-fpm.log|g' /etc/php5/fpm/php-fpm.conf fi if [ -d /etc/nginx ]; then if [ ! -d /var/log/nginx ]; then mkdir /var/log/nginx fi for filename in /etc/nginx/sites-available/* ; do filename_domain=$(echo "$filename" | awk -F '/' '{print $5}') sed -i "s|access_log.*|access_log /var/log/nginx/$filename_domain.access.log;|g" $filename sed -i "s|error_log.*|error_log /var/log/nginx/$filename_domain.err.log $WEBSERVER_LOG_LEVEL;|g" $filename done fi if [ -f /etc/init.d/spamassassin ]; then sed -i 's|DOPTIONS="-s null -d --pidfile=$PIDFILE"|DOPTIONS="-d --pidfile=$PIDFILE"|g' /etc/init.d/spamassassin fi if [ -d /etc/prosody ]; then if [ ! -d /var/log/prosody ]; then mkdir /var/log/prosody fi sed -i 's|info = "/dev/null";|info = "/var/log/prosody/prosody.log";|g' /etc/prosody/prosody.cfg.lua sed -i 's|error = "/dev/null";|error = "/var/log/prosody/prosody.err";|g' /etc/prosody/prosody.cfg.lua fi if [ -d /etc/exim4 ]; then if [ ! -d /var/log/exim4 ]; then mkdir /var/log/exim4 fi sed -i 's|log_selector =.*|log_selector = MAIN_LOG_SELECTOR|g' /etc/exim4/conf.d/main/90_exim4-config_log_selector fi if [ -f /etc/dovecot/dovecot.conf ]; then sed -i 's|log_path =.*|log_path = /var/log/dovecot.log|g' /etc/dovecot/dovecot.conf sed -i 's|info_log_path =.*|info_log_path = /var/log/dovecot-info.log|g' /etc/dovecot/dovecot.conf sed -i 's|debug_log_path =.*|debug_log_path = /var/log/dovecot-debug.log|g' /etc/dovecot/dovecot.conf fi if [ -d /etc/mysql ]; then if [ ! -d /var/log/mysql ]; then mkdir /var/log/mysql fi sed -i 's|log_error =.*|log_error = /var/log/mysql/error.log|g' /etc/mysql/my.cnf fi else if [ -d /etc/tor ]; then sed -i 's|#Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc sed -i 's|Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc if [ -d /var/log/tor ]; then shred -zu /var/log/tor/* rm -rf /var/log/tor fi fi if [ -f /etc/mumble-server.ini ]; then sed -i 's|logfile=.*|logfile=/dev/null|g' /etc/mumble-server.ini if [ -d /var/log/mumble-server ]; then shred -zu /var/log/mumble-server/* rm -rf /var/log/mumble-server fi fi if [ -d /var/log/radicale ]; then shred -zu /var/log/radicale/* rm -rf /var/log/radicale fi if [ -f /etc/php5/fpm/php-fpm.conf ]; then sed -i 's|error_log =.*|error_log = /dev/null|g' /etc/php5/fpm/php-fpm.conf fi if [ -d /etc/nginx ]; then for filename in /etc/nginx/sites-available/* ; do sed -i 's|access_log.*|access_log /dev/null;|g' $filename sed -i 's|warn_log.*|warn_log /dev/null;|g' $filename sed -i 's|error_log.*|error_log /dev/null;|g' $filename done shred -zu /var/log/nginx/* fi if [ -f /etc/init.d/spamassassin ]; then sed -i 's|DOPTIONS="-d --pidfile=$PIDFILE"|DOPTIONS="-s null -d --pidfile=$PIDFILE"|g' /etc/init.d/spamassassin fi if [ -d /etc/prosody ]; then sed -i 's|info = "/var/log/prosody/prosody.log";|info = "/dev/null";|g' /etc/prosody/prosody.cfg.lua sed -i 's|error = "/var/log/prosody/prosody.err";|error = "/dev/null";|g' /etc/prosody/prosody.cfg.lua shred -zu /var/log/prosody/prosody.log shred -zu /var/log/prosody/prosody.err fi if [ -d /etc/exim4 ]; then sed -i 's|log_selector =.*|log_selector = -all|g' /etc/exim4/conf.d/main/90_exim4-config_log_selector shred -zu /var/log/exim4/* fi if [ -f /etc/dovecot/dovecot.conf ]; then sed -i 's|log_path =.*|log_path = /dev/null|g' /etc/dovecot/dovecot.conf sed -i 's|info_log_path =.*|info_log_path = /dev/null|g' /etc/dovecot/dovecot.conf sed -i 's|debug_log_path =.*|debug_log_path = /dev/null|g' /etc/dovecot/dovecot.conf shred -zu /var/log/mail.* fi if [ -d /etc/mysql ]; then if [ -d /var/log/mysql ]; then shred -zu /var/log/mysql/* fi if [ -f /var/log/mysql.err ]; then shred -zu /var/log/mysql.err fi if [ -f /var/log/mysql.log ]; then shred -zu /var/log/mysql.log fi sed -i 's|log_error =.*|log_error = /dev/null|g' /etc/mysql/my.cnf fi if [ -f /etc/fail2ban/fail2ban.conf ]; then sed -i 's|loglevel.*|loglevel = 1|g' /etc/fail2ban/fail2ban.conf sed -i 's|logtarget.*|logtarget = /dev/null|g' /etc/fail2ban/fail2ban.conf fi fi if [ -d /etc/nginx ]; then systemctl restart php5-fpm systemctl restart nginx fi if [ -f /etc/init.d/spamassassin ]; then systemctl restart spamassassin fi if [ -d /etc/prosody ]; then systemctl restart prosody fi if [ -d /etc/exim4 ]; then systemctl restart exim4 fi if [ -d /etc/dovecot ]; then systemctl restart dovecot fi if [ -d /etc/tor ]; then systemctl reload tor fi if [ -f /etc/mumble-server.ini ]; then systemctl restart mumble-server fi if [ -d /var/www/radicale ]; then systemctl restart radicale fi if [ -d /etc/fail2ban ]; then systemctl restart fail2ban fi exit 0