354 lines
No EOL
10 KiB
Bash
354 lines
No EOL
10 KiB
Bash
#!/bin/bash
|
|
|
|
#-----------------------------------#
|
|
# VARIABLES #
|
|
#-----------------------------------#
|
|
|
|
this_script_url="https://example.com/crowdsec-removal.sh" # Replace with actual URL
|
|
this_script_name="CrowdSec Removal Script"
|
|
formatter_url="https://git.hhf.technology/hhf/TaskFormatter/raw/branch/main/bash_task_formatter/task_formatter.sh"
|
|
scriptname=$0
|
|
|
|
# Script version
|
|
VERSION="2.0.0"
|
|
|
|
# Initialize success flag
|
|
success=0
|
|
|
|
# Determine the user (use the first argument if provided, otherwise fallback)
|
|
USER_TO_RUN_AS="${1:-$SUDO_USER}"
|
|
USER_HOME=$(eval echo ~$USER_TO_RUN_AS)
|
|
|
|
# Logging and backup setup
|
|
LOGFILE="/var/log/crowdsec_removal_$(date +%Y%m%d_%H%M%S).log"
|
|
BACKUP_DIR="/var/backup/crowdsec_$(date +%Y%m%d_%H%M%S)"
|
|
|
|
#-----------------------------------#
|
|
# FORMATTER #
|
|
#-----------------------------------#
|
|
|
|
# Download and source the formatter with error handling
|
|
download_formatter() {
|
|
if [ ! -f "task_formatter.sh" ]; then
|
|
if ! wget "$formatter_url" --no-check-certificate -O task_formatter.sh > /dev/null 2>&1; then
|
|
echo "Error: Failed to download task_formatter.sh"
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
if [ ! -f "task_formatter.sh" ]; then
|
|
echo "Error: task_formatter.sh not found after download attempt"
|
|
exit 1
|
|
fi
|
|
|
|
# Make the formatter executable
|
|
chmod +x task_formatter.sh
|
|
|
|
# Source the formatter with error checking
|
|
source ./task_formatter.sh || { echo "Error: Failed to source task_formatter.sh"; exit 1; }
|
|
|
|
# Check if print_header is available after sourcing
|
|
if ! declare -f print_header > /dev/null; then
|
|
echo "Error: print_header function not found after sourcing."
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
# Call the download_formatter function
|
|
download_formatter
|
|
|
|
#-----------------------------------#
|
|
# FUNCTIONS #
|
|
#-----------------------------------#
|
|
|
|
# Function to check if a command exists
|
|
command_exists() {
|
|
command -v "$1" >/dev/null 2>&1
|
|
}
|
|
|
|
# Function to check if running as root
|
|
check_root() {
|
|
if [ "$(id -u)" -ne 0 ]; then
|
|
echo -e "Please run as root $CROSS_MARK"
|
|
exit 1
|
|
fi
|
|
echo -e "Running as root $CHECK_MARK"
|
|
return 0
|
|
}
|
|
|
|
# Function to create backup
|
|
create_backup() {
|
|
mkdir -p "$BACKUP_DIR"
|
|
|
|
# Backup configuration files
|
|
if [ -d "/etc/crowdsec" ]; then
|
|
cp -r "/etc/crowdsec" "$BACKUP_DIR/"
|
|
fi
|
|
|
|
if [ -d "/var/lib/crowdsec" ]; then
|
|
cp -r "/var/lib/crowdsec" "$BACKUP_DIR/"
|
|
fi
|
|
|
|
# Backup service files
|
|
if [ -d "/etc/systemd/system" ]; then
|
|
find "/etc/systemd/system" -name "*crowdsec*" -exec cp {} "$BACKUP_DIR/" \;
|
|
fi
|
|
|
|
echo -e "Backup created at $BACKUP_DIR $CHECK_MARK"
|
|
return 0
|
|
}
|
|
|
|
# Function to check services
|
|
check_services() {
|
|
systemctl list-units --type=service --all | grep -i crowdsec | awk '{print $1}' > /tmp/crowdsec_services.tmp
|
|
|
|
if [ ! -s /tmp/crowdsec_services.tmp ]; then
|
|
echo -e "No CrowdSec services found $CHECK_MARK"
|
|
services=""
|
|
return 0
|
|
else
|
|
services=$(cat /tmp/crowdsec_services.tmp)
|
|
echo "Found CrowdSec services:"
|
|
cat /tmp/crowdsec_services.tmp
|
|
echo -e "Service check completed $CHECK_MARK"
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
# Function to check packages
|
|
check_packages() {
|
|
if command_exists dpkg; then
|
|
dpkg -l | grep -i crowdsec | awk '{print $2}' > /tmp/crowdsec_packages.tmp
|
|
elif command_exists rpm; then
|
|
rpm -qa | grep -i crowdsec > /tmp/crowdsec_packages.tmp
|
|
else
|
|
echo -e "Unable to determine package manager $CROSS_MARK"
|
|
return 1
|
|
fi
|
|
|
|
if [ ! -s /tmp/crowdsec_packages.tmp ]; then
|
|
echo -e "No CrowdSec packages found $CHECK_MARK"
|
|
packages=""
|
|
return 0
|
|
else
|
|
packages=$(cat /tmp/crowdsec_packages.tmp)
|
|
echo "Found CrowdSec packages:"
|
|
cat /tmp/crowdsec_packages.tmp
|
|
echo -e "Package check completed $CHECK_MARK"
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
# Function to disable services
|
|
disable_services() {
|
|
if [ -z "$services" ]; then
|
|
echo -e "No CrowdSec services to disable $CHECK_MARK"
|
|
return 0
|
|
fi
|
|
|
|
local success=0
|
|
echo "$services" | while read -r service; do
|
|
if ! systemctl stop "$service" 2>/dev/null || ! systemctl disable "$service" 2>/dev/null; then
|
|
echo -e "Failed to disable $service $CROSS_MARK"
|
|
success=1
|
|
fi
|
|
done
|
|
|
|
if [ $success -eq 0 ]; then
|
|
echo -e "Services disabled successfully $CHECK_MARK"
|
|
return 0
|
|
else
|
|
echo -e "Some services failed to disable $CROSS_MARK"
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
# Function to remove packages
|
|
remove_packages() {
|
|
if [ -z "$packages" ]; then
|
|
echo -e "No CrowdSec packages to remove $CHECK_MARK"
|
|
return 0
|
|
fi
|
|
|
|
# First stop and disable all CrowdSec-related services
|
|
systemctl stop 'crowdsec*' 2>/dev/null
|
|
systemctl disable 'crowdsec*' 2>/dev/null
|
|
|
|
local success=0
|
|
|
|
# Debian/Ubuntu systems
|
|
if command_exists apt-get; then
|
|
# Remove CrowdSec packages
|
|
DEBIAN_FRONTEND=noninteractive apt-get remove --purge -y crowdsec crowdsec-firewall-bouncer-iptables '*crowdsec*' 2>/dev/null
|
|
DEBIAN_FRONTEND=noninteractive apt-get autoremove -y 2>/dev/null
|
|
|
|
# Remove APT repository
|
|
rm -f /etc/apt/sources.list.d/crowdsec.list
|
|
apt-get update
|
|
|
|
# RHEL/CentOS systems
|
|
elif command_exists yum; then
|
|
yum remove -y crowdsec crowdsec-firewall-bouncer-iptables '*crowdsec*' 2>/dev/null
|
|
yum autoremove -y 2>/dev/null
|
|
|
|
# Remove YUM repository
|
|
rm -f /etc/yum.repos.d/crowdsec.repo
|
|
yum clean all
|
|
|
|
# Fedora systems
|
|
elif command_exists dnf; then
|
|
dnf remove -y crowdsec crowdsec-firewall-bouncer-iptables '*crowdsec*' 2>/dev/null
|
|
dnf autoremove -y 2>/dev/null
|
|
|
|
# Remove DNF repository
|
|
rm -f /etc/yum.repos.d/crowdsec.repo
|
|
dnf clean all
|
|
else
|
|
echo -e "No supported package manager found $CROSS_MARK"
|
|
return 1
|
|
fi
|
|
|
|
echo -e "Packages and repositories removed successfully $CHECK_MARK"
|
|
return 0
|
|
}
|
|
|
|
# Function to remove configuration and additional files
|
|
remove_config() {
|
|
# List of locations to clean
|
|
local paths_to_clean=(
|
|
# Configuration directories
|
|
"/etc/crowdsec"
|
|
"/var/lib/crowdsec"
|
|
"/usr/local/lib/crowdsec"
|
|
"/usr/share/crowdsec"
|
|
# Binary and executable files
|
|
"/usr/local/bin/crowdsec"
|
|
"/usr/local/bin/cscli"
|
|
"/usr/bin/crowdsec"
|
|
"/usr/bin/cscli"
|
|
# Service files
|
|
"/etc/systemd/system/crowdsec.service"
|
|
"/etc/systemd/system/crowdsec-firewall-bouncer.service"
|
|
"/lib/systemd/system/crowdsec.service"
|
|
"/lib/systemd/system/crowdsec-firewall-bouncer.service"
|
|
# Log files
|
|
"/var/log/crowdsec.log"
|
|
"/var/log/crowdsec-firewall-bouncer.log"
|
|
# Additional data directories
|
|
"/var/run/crowdsec"
|
|
"/run/crowdsec"
|
|
# Database files
|
|
"/var/lib/crowdsec/data/crowdsec.db"
|
|
)
|
|
|
|
local success=0
|
|
for path in "${paths_to_clean[@]}"; do
|
|
if [ -e "$path" ]; then
|
|
if ! rm -rf "$path" 2>/dev/null; then
|
|
echo -e "Failed to remove: $path $CROSS_MARK"
|
|
success=1
|
|
else
|
|
echo -e "Removed: $path $CHECK_MARK"
|
|
fi
|
|
fi
|
|
done
|
|
|
|
# Clean up any remaining crowdsec processes
|
|
pkill -f crowdsec 2>/dev/null
|
|
|
|
# Reload systemd to recognize the changes
|
|
systemctl daemon-reload 2>/dev/null
|
|
|
|
if [ $success -eq 0 ]; then
|
|
echo -e "All CrowdSec files and configurations removed successfully $CHECK_MARK"
|
|
return 0
|
|
else
|
|
echo -e "Some files or configurations could not be removed $CROSS_MARK"
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
# Remove created files on cleanup
|
|
cleanup_files() {
|
|
rm -f /tmp/crowdsec_services.tmp /tmp/crowdsec_packages.tmp
|
|
echo -e "Cleaned up temporary files $CHECK_MARK"
|
|
return 0
|
|
}
|
|
|
|
# Remove the script itself
|
|
remove_script() {
|
|
if [ -f "$0" ]; then
|
|
echo "Removing monitoring script..."
|
|
rm -- "$0"
|
|
fi
|
|
if [ -f "task_formatter.sh" ]; then
|
|
rm task_formatter.sh
|
|
fi
|
|
echo -e "Cleaned up $CHECK_MARK"
|
|
return 0
|
|
}
|
|
|
|
#-----------------------------------#
|
|
# MAIN LOGIC #
|
|
#-----------------------------------#
|
|
|
|
# Print header
|
|
print_header "$this_script_name" "$this_script_url"
|
|
|
|
echo -e "Running as User: $USER_TO_RUN_AS\nUser Home: $USER_HOME\n"
|
|
|
|
# Run with formatted output
|
|
if ! format_output check_root "Checking root privileges"; then
|
|
cleanup_files
|
|
success=1
|
|
fi
|
|
|
|
if ! format_output check_services "Checking CrowdSec services"; then
|
|
cleanup_files
|
|
success=1
|
|
fi
|
|
|
|
if ! format_output check_packages "Checking CrowdSec packages"; then
|
|
cleanup_files
|
|
success=1
|
|
fi
|
|
|
|
if [ -z "$services" ] && [ -z "$packages" ]; then
|
|
echo -e "No CrowdSec components found on your system $CHECK_MARK"
|
|
format_output cleanup_files "Cleaning up temporary files"
|
|
format_output remove_script "Removing script"
|
|
exit 0
|
|
fi
|
|
|
|
echo "What would you like to do?"
|
|
echo "1) Disable CrowdSec services"
|
|
echo "2) Remove CrowdSec packages"
|
|
echo "3) Remove everything (services, packages, and configuration)"
|
|
echo "4) Exit without changes"
|
|
|
|
read -r -p "Enter your choice (1-4): " choice
|
|
|
|
case $choice in
|
|
1) format_output disable_services "Disabling CrowdSec services" ;;
|
|
2) format_output remove_packages "Removing CrowdSec packages" ;;
|
|
3)
|
|
format_output create_backup "Creating backup"
|
|
format_output disable_services "Disabling CrowdSec services"
|
|
format_output remove_packages "Removing CrowdSec packages"
|
|
format_output remove_config "Removing CrowdSec configuration"
|
|
;;
|
|
4)
|
|
echo -e "Exiting without changes $CHECK_MARK"
|
|
success=0
|
|
;;
|
|
*)
|
|
echo -e "Invalid choice $CROSS_MARK"
|
|
success=1
|
|
;;
|
|
esac
|
|
|
|
format_output cleanup_files "Cleaning up temporary files"
|
|
format_output remove_script "Removing script"
|
|
|
|
# Exit with appropriate status
|
|
exit $success |