#!/bin/bash # Script per configurare crontab per il sistema IDS # Eseguire con: chmod +x setup_crontab.sh && sudo ./setup_crontab.sh # Colori per output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' echo -e "${BLUE}๐Ÿ”ง CONFIGURAZIONE CRONTAB SISTEMA IDS${NC}" echo "==================================================" # Rileva percorso corrente IDS_DIR="/opt/ids" echo -e "${YELLOW}๐Ÿ“ Directory IDS: ${IDS_DIR}${NC}" # Percorsi dei log TRAINING_LOG="/var/log/ids/training.log" DETECT_LOG="/var/log/ids/detect.log" FRONTEND_LOG="/var/log/ids/frontend.log" BACKEND_LOG="/var/log/ids/backend.log" CRON_LOG="/var/log/ids/cron.log" # Crea directory log mkdir -p /var/log/ids chown -R ids:ids /var/log/ids echo -e "${YELLOW}๐Ÿ“„ Log files:${NC}" echo -e " โ€ข Training: ${TRAINING_LOG}" echo -e " โ€ข Detection: ${DETECT_LOG}" echo -e " โ€ข Frontend: ${FRONTEND_LOG}" echo -e " โ€ข Backend Python: ${BACKEND_LOG}" echo -e " โ€ข Crontab: ${CRON_LOG}" # Crea backup del crontab esistente echo -e "\n${BLUE}๐Ÿ’พ Backup crontab esistente...${NC}" crontab -u ids -l > /tmp/crontab_backup_$(date +%Y%m%d_%H%M%S) 2>/dev/null || echo "Nessun crontab esistente" # Crea il nuovo crontab echo -e "\n${BLUE}โš™๏ธ Configurazione nuovo crontab...${NC}" cat > /tmp/new_crontab << EOF # ============================================ # SISTEMA IDS - CONFIGURAZIONE AUTOMATICA # ============================================ # Training ML ogni 12 ore (alle 00:00 e 12:00) 0 */12 * * * cd ${IDS_DIR}/python_ml && /usr/bin/python3.11 -c "import requests; requests.post('http://localhost:8000/train', json={'max_records': 10000, 'hours_back': 24})" >> ${TRAINING_LOG} 2>&1 # Detection automatica ogni 5 minuti */5 * * * * cd ${IDS_DIR}/python_ml && /usr/bin/python3.11 -c "import requests; requests.post('http://localhost:8000/detect', json={'max_records': 5000, 'auto_block': True, 'risk_threshold': 75})" >> ${DETECT_LOG} 2>&1 # Verifica processo backend Python ogni 5 minuti (riavvia se non attivo) */5 * * * * ${IDS_DIR}/deployment/check_backend.sh >> ${CRON_LOG} 2>&1 # Verifica processo frontend ogni 5 minuti (riavvia se non attivo) */5 * * * * ${IDS_DIR}/deployment/check_frontend.sh >> ${CRON_LOG} 2>&1 # Pulizia log settimanale (ogni domenica alle 02:00) 0 2 * * 0 find /var/log/ids -name "*.log" -size +100M -exec truncate -s 50M {} \; >> ${CRON_LOG} 2>&1 # Restart completo del sistema ogni settimana (domenica alle 03:00) 0 3 * * 0 ${IDS_DIR}/deployment/restart_all.sh >> ${CRON_LOG} 2>&1 # Backup database giornaliero (alle 04:00) 0 4 * * * ${IDS_DIR}/deployment/backup_db.sh >> ${CRON_LOG} 2>&1 EOF # Installa il nuovo crontab crontab -u ids /tmp/new_crontab echo -e "${GREEN}โœ… Crontab configurato con successo!${NC}" # Crea script di controllo backend Python echo -e "\n${BLUE}๐Ÿ“œ Creazione script di controllo backend...${NC}" cat > ${IDS_DIR}/deployment/check_backend.sh << 'EOF' #!/bin/bash # Script per verificare e riavviare il backend Python se necessario BACKEND_LOG="/var/log/ids/backend.log" IDS_DIR="/opt/ids" PIDFILE="/var/run/ids/backend.pid" mkdir -p /var/run/ids # Funzione per avviare backend start_backend() { echo "$(date): Avvio backend Python FastAPI..." >> "$BACKEND_LOG" cd "$IDS_DIR/python_ml" nohup /usr/bin/python3.11 main.py >> "$BACKEND_LOG" 2>&1 & echo $! > "$PIDFILE" echo "$(date): Backend avviato con PID $(cat $PIDFILE)" >> "$BACKEND_LOG" } # Verifica se il processo รจ attivo if [ -f "$PIDFILE" ]; then PID=$(cat "$PIDFILE") if ps -p "$PID" > /dev/null 2>&1; then # Processo attivo, verifica health endpoint if ! curl -f http://localhost:8000/health > /dev/null 2>&1; then echo "$(date): Backend non risponde, riavvio..." >> "$BACKEND_LOG" kill "$PID" 2>/dev/null sleep 5 start_backend fi else echo "$(date): Backend non trovato, riavvio..." >> "$BACKEND_LOG" start_backend fi else echo "$(date): File PID non trovato, avvio backend..." >> "$BACKEND_LOG" start_backend fi EOF chmod +x ${IDS_DIR}/deployment/check_backend.sh # Crea script di controllo frontend echo -e "\n${BLUE}๐Ÿ“œ Creazione script di controllo frontend...${NC}" cat > ${IDS_DIR}/deployment/check_frontend.sh << 'EOF' #!/bin/bash # Script per verificare e riavviare il frontend se necessario FRONTEND_LOG="/var/log/ids/frontend.log" IDS_DIR="/opt/ids" PIDFILE="/var/run/ids/frontend.pid" mkdir -p /var/run/ids # Funzione per avviare frontend start_frontend() { echo "$(date): Avvio frontend Node.js..." >> "$FRONTEND_LOG" cd "$IDS_DIR" nohup npm run dev >> "$FRONTEND_LOG" 2>&1 & echo $! > "$PIDFILE" echo "$(date): Frontend avviato con PID $(cat $PIDFILE)" >> "$FRONTEND_LOG" } # Verifica se il processo รจ attivo if [ -f "$PIDFILE" ]; then PID=$(cat "$PIDFILE") if ps -p "$PID" > /dev/null 2>&1; then # Processo attivo, verifica se risponde if ! curl -f http://localhost:5000 > /dev/null 2>&1; then echo "$(date): Frontend non risponde, riavvio..." >> "$FRONTEND_LOG" kill "$PID" 2>/dev/null sleep 5 start_frontend fi else echo "$(date): Frontend non trovato, riavvio..." >> "$FRONTEND_LOG" start_frontend fi else echo "$(date): File PID non trovato, avvio frontend..." >> "$FRONTEND_LOG" start_frontend fi EOF chmod +x ${IDS_DIR}/deployment/check_frontend.sh # Crea script di restart completo echo -e "\n${BLUE}๐Ÿ”„ Creazione script di restart...${NC}" cat > ${IDS_DIR}/deployment/restart_all.sh << 'EOF' #!/bin/bash # Script per restart completo del sistema IDS CRON_LOG="/var/log/ids/cron.log" IDS_DIR="/opt/ids" echo "$(date): === RESTART SETTIMANALE SISTEMA IDS ===" >> "$CRON_LOG" # Termina backend if [ -f "/var/run/ids/backend.pid" ]; then PID=$(cat /var/run/ids/backend.pid) kill -TERM "$PID" 2>/dev/null rm -f /var/run/ids/backend.pid fi # Termina frontend if [ -f "/var/run/ids/frontend.pid" ]; then PID=$(cat /var/run/ids/frontend.pid) kill -TERM "$PID" 2>/dev/null rm -f /var/run/ids/frontend.pid fi sleep 10 # Pulizia file temporanei echo "$(date): Pulizia file temporanei..." >> "$CRON_LOG" find /tmp -name "*ids*" -mtime +1 -delete 2>/dev/null find "$IDS_DIR" -name "*.pyc" -delete 2>/dev/null find "$IDS_DIR" -name "__pycache__" -type d -exec rm -rf {} + 2>/dev/null # Riavvio servizi echo "$(date): Riavvio servizi..." >> "$CRON_LOG" ${IDS_DIR}/deployment/check_backend.sh ${IDS_DIR}/deployment/check_frontend.sh EOF chmod +x ${IDS_DIR}/deployment/restart_all.sh # Crea script di backup database echo -e "\n${BLUE}๐Ÿ’พ Creazione script di backup database...${NC}" cat > ${IDS_DIR}/deployment/backup_db.sh << 'EOF' #!/bin/bash # Backup giornaliero database PostgreSQL BACKUP_DIR="/opt/ids/backups" TIMESTAMP=$(date +%Y%m%d_%H%M%S) BACKUP_FILE="$BACKUP_DIR/ids_backup_$TIMESTAMP.sql" mkdir -p "$BACKUP_DIR" # Esegui backup PGPASSWORD="ids_password_change_me" pg_dump -U ids_user -h localhost ids_database > "$BACKUP_FILE" # Comprimi backup gzip "$BACKUP_FILE" # Mantieni solo gli ultimi 7 backup find "$BACKUP_DIR" -name "ids_backup_*.sql.gz" -mtime +7 -delete echo "$(date): Backup completato: ${BACKUP_FILE}.gz" EOF chmod +x ${IDS_DIR}/deployment/backup_db.sh # Avvio immediato dei processi echo -e "\n${BLUE}๐Ÿš€ Avvio immediato dei processi...${NC}" sudo -u ids ${IDS_DIR}/deployment/check_backend.sh sudo -u ids ${IDS_DIR}/deployment/check_frontend.sh echo -e "\n${GREEN}โœ… CONFIGURAZIONE COMPLETATA!${NC}" echo "" echo -e "${YELLOW}๐Ÿ“‹ COMANDI UTILI:${NC}" echo -e " โ€ข Visualizza log backend: ${BLUE}tail -f ${BACKEND_LOG}${NC}" echo -e " โ€ข Visualizza log frontend: ${BLUE}tail -f ${FRONTEND_LOG}${NC}" echo -e " โ€ข Visualizza log training: ${BLUE}tail -f ${TRAINING_LOG}${NC}" echo -e " โ€ข Visualizza log detection: ${BLUE}tail -f ${DETECT_LOG}${NC}" echo -e " โ€ข Stato crontab: ${BLUE}crontab -u ids -l${NC}" echo -e " โ€ข Stato processi: ${BLUE}ps aux | grep -E 'python.*main|npm.*dev'${NC}" echo -e " โ€ข Restart manuale: ${BLUE}sudo ${IDS_DIR}/deployment/restart_all.sh${NC}" echo "" echo -e "${YELLOW}โš ๏ธ IMPORTANTE:${NC}" echo -e " โ€ข Training automatico ogni 12 ore" echo -e " โ€ข Detection automatica ogni 5 minuti" echo -e " โ€ข Monitoring processi ogni 5 minuti" echo -e " โ€ข Restart automatico ogni domenica alle 03:00" echo -e " โ€ข Backup database giornaliero alle 04:00" echo "" echo -e "${GREEN}๐ŸŽ‰ Sistema IDS configurato per l'esecuzione automatica!${NC}"