Catching up Sharingan, Geth, and ShadowArch roles

2022-05-25 14:50:16 -05:00
parent 8b2b0be95b
commit 59b54619f7
21 changed files with 509 additions and 1503 deletions
--- a/roles/Sharingan/files/clamav/clamscan.service
+++ b/roles/Sharingan/files/clamav/clamscan.service
@@ -6,7 +6,7 @@ Nice=19
 IOSchedulingClass=best-effort
 IOSchedulingPriority=7
 Type=simple
-ExecStart=clamscan -r / -i --exclude-dir="/srv/ygddrasil" --exclude-dir="/dev" --exclude-dir="/sys" --exclude-dir="/proc" --exclude-dir="/media/Infected/" --exclude-dir="/etc/snort/rules" --exclude-dir="/etc/suricata/rules"
+ExecStart=-clamscan -r / -i --exclude-dir="/srv/ygddrasil" --exclude-dir="/dev" --exclude-dir="/sys" --exclude-dir="/proc" --exclude-dir="/media/Infected/" --exclude-dir="/etc/snort/rules" --exclude-dir="/etc/suricata/rules"
 TimeoutSec=3600
 User=root
 Group=root
--- a/roles/Sharingan/files/monit/checks/system
+++ b/roles/Sharingan/files/monit/checks/system
@@ -6,9 +6,9 @@
 ## usage. Each test specifies a resource, conditions and the action to be
 ## performed should a test fail.
 check system $HOST
-  if loadavg (1min) per core > 2 for 5 cycles then exec "/etc/monit.d/scripts/critical Load average is high"
-  if memory usage > 75% then exec "/etc/monit.d/scripts/critical Memory is overused."
-  if swap usage > 25% then exec "/etc/monit.d/scripts/critical Swap is overused."
+  if loadavg (1min) per core > 2 for 25 times within 30 cycles then exec "/etc/monit.d/scripts/critical Load average is high"
+  if memory usage > 75% for 8 times within 10 cycles then exec "/etc/monit.d/scripts/critical Memory is overused."
+  if swap usage > 25% for 8 times within 10 cycles then exec "/etc/monit.d/scripts/critical Swap is overused."
  group system
 #
 ## Check filesystem permissions, uid, gid, space usage, inode usage and disk I/O.
--- a/roles/Sharingan/files/monit/checks/vips
+++ b/roles/Sharingan/files/monit/checks/vips
@@ -1,29 +1,29 @@
-check program https_aninix with path "/usr/lib/monitoring-plugins/check_http --ssl -H aninix.net"
-    if status != 0 then exec "/etc/monit.d/scripts/critical aninix.net not reporting OK"
+check program https_aninix with path "/usr/lib/monitoring-plugins/check_http --ssl -w 10 -c 10 -H aninix.net"
+    if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical aninix.net not reporting OK"

-check program https_foundation with path "/usr/lib/monitoring-plugins/check_http --ssl -H foundation.aninix.net"
-    if status != 0 then exec "/etc/monit.d/scripts/critical foundation.aninix.net not reporting OK"
+check program https_foundation with path "/usr/lib/monitoring-plugins/check_http --ssl -w 10 -c 10 -H foundation.aninix.net"
+    if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical foundation.aninix.net not reporting OK"

-check program https_geth with path "/usr/lib/monitoring-plugins/check_http --ssl -H geth.aninix.net"
-    if status != 0 then exec "/etc/monit.d/scripts/critical geth.aninix.net not reporting OK"
+check program https_geth with path "/usr/lib/monitoring-plugins/check_http --ssl -w 10 -c 10 -H geth.aninix.net"
+    if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical geth.aninix.net not reporting OK"

-check program https_lykos with path "/usr/lib/monitoring-plugins/check_http --ssl -H lykos.aninix.net"
-    if status != 0 then exec "/etc/monit.d/scripts/critical lykos.aninix.net not reporting OK"
+check program https_lykos with path "/usr/lib/monitoring-plugins/check_http --ssl -w 10 -c 10 -H lykos.aninix.net"
+    if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical lykos.aninix.net not reporting OK"

-check program https_maat with path "/usr/lib/monitoring-plugins/check_http --ssl -H maat.aninix.net -r PASS"
-    if status != 0 then exec "/etc/monit.d/scripts/critical maat.aninix.net not reporting OK"
+check program https_maat with path "/usr/lib/monitoring-plugins/check_http --ssl -w 10 -c 10 -H maat.aninix.net -r PASS"
+    if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical maat.aninix.net not reporting OK"

-check program https_password with path "/usr/lib/monitoring-plugins/check_http --ssl -H password.aninix.net"
-    if status != 0 then exec "/etc/monit.d/scripts/critical password.aninix.net not reporting OK"
+check program https_password with path "/usr/lib/monitoring-plugins/check_http --ssl -w 10 -c 10 -H password.aninix.net"
+    if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical password.aninix.net not reporting OK"

-check program https_sharingan with path "/usr/lib/monitoring-plugins/check_http --ssl -H sharingan.aninix.net"
-    if status != 0 then exec "/etc/monit.d/scripts/critical sharingan.aninix.net not reporting OK"
+check program https_sharingan with path "/usr/lib/monitoring-plugins/check_http --ssl -w 10 -c 10 -H sharingan.aninix.net"
+    if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical sharingan.aninix.net not reporting OK"

-check program https_singularity with path "/usr/lib/monitoring-plugins/check_http --ssl -H singularity.aninix.net"
-    if status != 0 then exec "/etc/monit.d/scripts/critical singularity.aninix.net not reporting OK"
+check program https_singularity with path "/usr/lib/monitoring-plugins/check_http --ssl -w 10 -c 10 -H singularity.aninix.net"
+    if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical singularity.aninix.net not reporting OK"

-check program https_wolfpack with path "/usr/lib/monitoring-plugins/check_http --ssl -H wolfpack.aninix.net"
-    if status != 0 then exec "/etc/monit.d/scripts/critical wolfpack.aninix.net not reporting OK"
+check program https_wolfpack with path "/usr/lib/monitoring-plugins/check_http --ssl -w 10 -c 10 -H wolfpack.aninix.net"
+    if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical wolfpack.aninix.net not reporting OK"

-#check program https_yggdrasil with path "/usr/lib/monitoring-plugins/check_http --ssl -u /web/index.html -H yggdrasil.aninix.net"
-#    if status != 0 then exec "/etc/monit.d/scripts/critical yggdrasil.aninix.net not reporting OK"
+#check program https_yggdrasil with path "/usr/lib/monitoring-plugins/check_http --ssl -w 10 -c 10 -u /web/index.html -H yggdrasil.aninix.net"
+#    if status != 0 for 3 times within 5 cycles then exec "/etc/monit.d/scripts/critical yggdrasil.aninix.net not reporting OK"
--- a/roles/Sharingan/files/oinkmaster/oinkmaster.service
+++ b/roles/Sharingan/files/oinkmaster/oinkmaster.service
@@ -1,11 +1,10 @@
 [Unit]
-Description=Darebee Notifier for AniNIX Martial Arts
+Description=AniNIX/Sharingan | oinkmaster service

 [Service]
 Nice=19
 IOSchedulingClass=best-effort
 IOSchedulingPriority=7
 Type=simple
-ExecStart=/home/DarkFeather/bin/darebee-notifier
-
-#EOF
+ExecStart=/usr/bin/oinkmaster.pl -Q -o /etc/suricata/rules/
+ExecStartPost=systemctl restart suricata
--- a/roles/Sharingan/files/oinkmaster/oinkmaster.timer
+++ b/roles/Sharingan/files/oinkmaster/oinkmaster.timer
@@ -1,5 +1,5 @@
 [Unit]
-Description=Sharingan-IDS | oinkmaster timer
+Description=AniNIX/Sharingan | oinkmaster timer

 [Timer]
 OnCalendar=05:00