Oxbian
/
matrix-monitoring
1
0
Fork 0
Code Issues Pull Requests Activity
⚙️ Some scripts to monitor your server and send data to matrix.
6 Commits 1 Branch 0 Tags 41 KiB
Shell 100%
Go to file
Oxbian 16d02aa1c7 Oops forgot the actions in jail.local 2023-04-28 19:09:19 +02:00
Fail2Ban Oops forgot the actions in jail.local 2023-04-28 19:09:19 +02:00
matrix-sender@217660d0cf Adding logwatch documentation 2023-04-24 13:40:14 +02:00
.gitmodules Adding matrix-sender submodules & logwatch.sh 2023-04-24 13:15:49 +02:00
LICENSE Initial commit 2023-04-24 11:52:17 +02:00
README.md Adding Fail2Ban monitoring / matrix message 2023-04-28 19:03:32 +02:00
login-notify.sh Adding SSH notification script 2023-04-26 22:02:57 +02:00
logwatch.sh Adding matrix-sender submodules & logwatch.sh 2023-04-24 13:15:49 +02:00

README.md

matrix-monitoring

Some scripts to monitor your server and send data to matrix. Those scripts use a matrix-sender, another script I made to send message to matrix.

Install

To install this project & load submodules, use:

git clone --recurse-submodules https://github.com/Oxbian/matrix-monitoring.git

Or you can use:

git clone https://github.com/Oxbian/matrix-monitoring.git
git submodule update --init --recursive

Update

To get the latest update from this repo, you will need to run those commands in the matrix-monitoring folder:

git stash
git pull origin main
git pull --recurse-submodules
git stash pop

Thanks to those commands you will be able to get the last update without losing your token & configurations.

Logwatch

First you need to configure matrix-sender, I recommend you to check the repo matrix-sender.

After that you need to edit logwatch.sh to add the matrix.sh absolute path.

Now you can add the script to your crontab, sudo crontab -e.

0 0 * * * /home/oxbian/matrix-monitoring/logwatch.sh

SSH Login

The script login-notify.sh will allow you to get a message when someone successfully open a SSH connection on your server.

First, you will need to have matrix-sender configured, then add the path of matrix.sh in the login-notify.sh script.

After that I recommand to create a symlink of this file in /etc/ssh and let the access to root only for security reason.

sudo ln -sf "$(pwd)/login-notify.sh" /etc/ssh/login-notify.sh 
sudo chown root:root /etc/ssh/login-notify.sh

After that you will need to add those lines in your pam configuration /etc/pam.d/sshd:

#Send a message on SSH connection
session optional pam_exec.so seteuid /etc/ssh/login-notify.sh

Fail2Ban

First you need to configure matrix-sender, I recommend you to check the repo matrix-sender.

After that you need to edit Fail2Ban/matrix.conf and change the absolute path to your matrix.sh script.

Once all this is done, you can copy the jail.local in your jail.d folder and matrix.conf in the action.d folder.

sudo ln -sf "$(pwd)/Fail2Ban/jail.local" /etc/fail2ban/jail.d/jail.local
sudo ln -sf "$(pwd)/Fail2Ban/matrix.conf" /etc/fail2ban/action.d/matrix.conf

After that just restart the fail2ban service and check for errors, and if you have some, fix them.

You will probably need to edit the jail.local script to your liking.

Contributing

If you want to contribute, make a pull request with your contribution.

License

This project is under the GPLv3 license, you can use it in your project but not in closed sources ones.
Sharing project is what make the world live, think about it.