#!/bin/bash #=============================================================================== # ШАГ 99: ФИНАЛЬНАЯ ПРОВЕРКА #=============================================================================== # Запуск: sudo bash 01-k-server-initial-setup.99.sh #=============================================================================== SCRIPT_DIR=$(cd "$(dirname "$0")" && pwd) source "$SCRIPT_DIR/01-k-server-initial-setup.00.sh" init_log check_root print_header "ШАГ 99: ФИНАЛЬНАЯ ПРОВЕРКА" echo "" echo -e "${BLUE}================================================================${NC}" echo -e "${BLUE} СТАТУС СИСТЕМЫ${NC}" echo -e "${BLUE}================================================================${NC}" #------------------------------------------------------------------------------- # Системная информация #------------------------------------------------------------------------------- echo "" echo "Система:" echo " Hostname: $(hostname)" echo " OS: $(lsb_release -d 2>/dev/null | cut -f2 || cat /etc/os-release | grep PRETTY_NAME | cut -d\" -f2)" echo " Kernel: $(uname -r)" echo " Uptime: $(uptime -p)" echo " Timezone: $(timedatectl show --property=Timezone --value 2>/dev/null || cat /etc/timezone)" echo "" #------------------------------------------------------------------------------- # Проверка сервисов #------------------------------------------------------------------------------- echo "Сервисы:" # SSH if service_running sshd || service_running ssh; then echo -e " SSH: ${GREEN}OK${NC}" else echo -e " SSH: ${RED}FAILED${NC}" fi # nftables if nft list table inet filter &>/dev/null; then echo -e " Firewall: ${GREEN}OK${NC}" else echo -e " Firewall: ${YELLOW}НЕ НАСТРОЕН${NC}" fi # Fail2ban if service_running fail2ban; then echo -e " Fail2ban: ${GREEN}OK${NC}" else echo -e " Fail2ban: ${YELLOW}НЕ ЗАПУЩЕН${NC}" fi echo "" #------------------------------------------------------------------------------- # Проверка пользователя #------------------------------------------------------------------------------- echo "Пользователь:" if user_exists "$ADMIN_USER"; then echo -e " $ADMIN_USER: ${GREEN}OK${NC}" if groups "$ADMIN_USER" | grep -q sudo; then echo " Группы: $(groups $ADMIN_USER | cut -d: -f2)" fi if [[ -f "/home/$ADMIN_USER/.ssh/authorized_keys" ]]; then KEY_COUNT=$(wc -l < "/home/$ADMIN_USER/.ssh/authorized_keys") echo " SSH ключи: $KEY_COUNT" else echo -e " SSH ключи: ${YELLOW}НЕ ДОБАВЛЕНЫ${NC}" fi else echo -e " $ADMIN_USER: ${RED}НЕ СОЗДАН${NC}" fi echo "" #------------------------------------------------------------------------------- # Сеть #------------------------------------------------------------------------------- echo "Сеть:" echo " Интерфейсы:" for iface in $IFACE_EXT $IFACE_INT; do if ip link show "$iface" &>/dev/null; then STATE=$(ip link show "$iface" | grep -oP 'state \K\w+') IP=$(ip -4 addr show "$iface" | grep -oP 'inet \K[\d.]+' | head -1) if [[ "$iface" == "$IFACE_EXT" ]]; then echo " $iface (внешний): $STATE, $IP" else echo " $iface (внутренний): $STATE, $IP" fi fi done echo "" #------------------------------------------------------------------------------- # Ресурсы #------------------------------------------------------------------------------- echo "Ресурсы:" # Память MEM_TOTAL=$(free -h | grep Mem | awk '{print $2}') MEM_USED=$(free -h | grep Mem | awk '{print $3}') echo " Память: $MEM_USED / $MEM_TOTAL" # Swap if has_swap; then SWAP_TOTAL=$(free -h | grep Swap | awk '{print $2}') SWAP_USED=$(free -h | grep Swap | awk '{print $3}') echo " Swap: $SWAP_USED / $SWAP_TOTAL" else echo " Swap: не настроен" fi # Диск DISK_USAGE=$(df -h / | tail -1 | awk '{print $3 " / " $2 " (" $5 ")"}') echo " Диск /: $DISK_USAGE" echo "" #------------------------------------------------------------------------------- # Firewall правила #------------------------------------------------------------------------------- echo "Firewall (открытые порты):" nft list table inet filter 2>/dev/null | grep "dport" | grep -oE "dport [0-9]+" | sort -u | awk '{print " " $2}' | tr '\n' ' ' echo "" echo "" #------------------------------------------------------------------------------- # Итог #------------------------------------------------------------------------------- echo -e "${GREEN}================================================================${NC}" echo -e "${GREEN} ПЕРВОНАЧАЛЬНАЯ НАСТРОЙКА ЗАВЕРШЕНА${NC}" echo -e "${GREEN}================================================================${NC}" echo "" if [[ ! -f "/home/$ADMIN_USER/.ssh/authorized_keys" ]] || [[ ! -s "/home/$ADMIN_USER/.ssh/authorized_keys" ]]; then echo -e "${YELLOW}============================================================${NC}" echo -e "${YELLOW} ВАЖНО: Добавьте SSH-ключ для $ADMIN_USER!${NC}" echo -e "${YELLOW}============================================================${NC}" echo "" echo " sudo nano /home/$ADMIN_USER/.ssh/authorized_keys" echo "" fi echo "Следующие шаги:" echo " 1. Добавьте SSH-ключ для $ADMIN_USER" echo " 2. Проверьте вход по SSH с другой консоли" echo " 3. Проверьте сетевую конфигурацию: /etc/netplan/01-netcfg.yaml" echo " 4. Перезагрузите сервер: reboot" echo " 5. Запустите скрипт развёртывания Git-сервера" echo "" echo "Лог установки: $LOG_FILE" echo ""