diff --git a/postgres/user.sql b/postgres/user.sql index 35a7896..18b58f1 100644 --- a/postgres/user.sql +++ b/postgres/user.sql @@ -1,39 +1,39 @@ -DROP USER IF EXISTS report; - -SET password_encryption = 'scram-sha-256'; - -CREATE ROLE report WITH - LOGIN - NOSUPERUSER - NOCREATEDB - NOCREATEROLE - INHERIT - NOREPLICATION - CONNECTION LIMIT -1 - PASSWORD 'report'; - ---------------------grant-------------------------------------------------- - -GRANT USAGE ON SCHEMA lgdat TO report; - -GRANT SELECT /*, UPDATE, INSERT, DELETE*/ ON ALL TABLES IN SCHEMA lgdat TO report; - -GRANT USAGE ON ALL SEQUENCES IN SCHEMA lgdat TO report; - -ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat GRANT SELECT/*, UPDATE, INSERT, DELETE*/ ON TABLES TO report; - -ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat GRANT USAGE ON SEQUENCES TO report; - ----------------------------revoke--------------------------------------- - -REVOKE USAGE ON SCHEMA lgdat FROM report; - -REVOKE USAGE ON SCHEMA lgdat FROM report; - -REVOKE SELECT , UPDATE, INSERT, DELETE ON ALL TABLES IN SCHEMA lgdat FROM report; - -REVOKE USAGE ON ALL SEQUENCES IN SCHEMA lgdat FROM report; - -ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat REVOKE SELECT, UPDATE, INSERT, DELETE ON TABLES FROM report; - -ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat REVOKE USAGE ON SEQUENCES FROM report; +DROP USER IF EXISTS api; + +SET password_encryption = 'scram-sha-256'; + +CREATE ROLE api WITH + LOGIN + NOSUPERUSER + NOCREATEDB + NOCREATEROLE + INHERIT + NOREPLICATION + CONNECTION LIMIT -1 + PASSWORD 'api'; + +--------------------grant-------------------------------------------------- + +GRANT USAGE ON SCHEMA lgdat TO api; + +GRANT SELECT /*, UPDATE, INSERT, DELETE*/ ON ALL TABLES IN SCHEMA lgdat TO api; + +GRANT USAGE ON ALL SEQUENCES IN SCHEMA lgdat TO api; + +ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat GRANT SELECT/*, UPDATE, INSERT, DELETE*/ ON TABLES TO api; + +ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat GRANT USAGE ON SEQUENCES TO api; + +---------------------------revoke--------------------------------------- + +REVOKE USAGE ON SCHEMA lgdat FROM api; + +REVOKE USAGE ON SCHEMA lgdat FROM api; + +REVOKE SELECT , UPDATE, INSERT, DELETE ON ALL TABLES IN SCHEMA lgdat FROM api; + +REVOKE USAGE ON ALL SEQUENCES IN SCHEMA lgdat FROM api; + +ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat REVOKE SELECT, UPDATE, INSERT, DELETE ON TABLES FROM api; + +ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat REVOKE USAGE ON SEQUENCES FROM api; diff --git a/ubuntu/net-scan.sh b/ubuntu/net-scan.sh new file mode 100644 index 0000000..d3587c9 --- /dev/null +++ b/ubuntu/net-scan.sh @@ -0,0 +1,108 @@ +usage="$(basename "$0") [OPTIONS] -- program to retrieve network devices and show IP address paired with the device name +where: + -h show this help text + -i set the IP interface to check (default: 1) - check available IPs list with [-l] option + -l list the available IP addresses + -a show all network IPs, even if no computer name is found + -m show MAC address + -b show devices brand when no other information is available (if nmap installed and if can be found)" + +myip=1 +shownoname=false +showmac=false +showbrand=false +RED='\033[0;31m' +GREEN='\033[0;32m' +ORANGE='\033[0;33m' +NC='\033[0m' + +while getopts ':halmbi:' option; do + case "$option" in + h) echo "$usage" + exit 0 + ;; + a) shownoname=true + ;; + l) sudo nm-tool | grep -i 'address' | grep -Po '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | nl -n 'ln' + exit 0 + ;; + m) showmac=true + ;; + b) showbrand=true + ;; + i) myip=$OPTARG + if [ -z $(sudo nm-tool | grep -i 'address' | grep -Po '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | sed -n "$myip"p) ]; then + echo "there is no such interface, try the [-l] option" + exit 1 + fi + ;; + :) printf "missing argument for -%s\n" "$OPTARG" >&2 + exit 1 + ;; + \?) printf "illegal option: -%s\n" "$OPTARG" >&2 + exit 1 + ;; + esac +done +shift $((OPTIND - 1)) + +# get if nmap is installed +nmapInstalled=$(whereis nmap) +if [ -z "$nmapInstalled" ]; then + showbrand=false +fi + +maxwait=0.1; +# get starter IP address +IFS=. read -r i1 i2 i3 i4 <<< $(sudo nm-tool | grep -i 'address' | grep -Po '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | sed -n "$myip"p) +IFS=. read -r m1 m2 m3 m4 <<< $(sudo nm-tool | grep -i 'prefix' | grep -Po '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | sed -n "$myip"p) +si1=$(($i1 & $m1)) +si2=$(($i2 & $m2)) +si3=$(($i3 & $m3)) +si4=$(($i4 & $m4)) +# get my HW address +myhwaddr=$(ifconfig | grep -B 1 "$i1.$i2.$i3.$i4" | grep -oP '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | sed -n "$myip"p) +# get number of IPs in network +iprange=$(sudo nm-tool | grep -i 'prefix' | grep -Po '\s[0-9]+' | grep -Po '[0-9]+' | sed -n "$myip"p) +iprange=$(( 2**(32-$iprange) -1 )) +# cycle through IPs +for((i=1;i<$iprange;i++)); do + # calulate IP + ci4=$(($si4 + $i)) + ci3=$(($si3 + ($ci4 / 256) )); ci4=$(($ci4 % 256)) + ci2=$(($si2 + ($ci3 / 256) )); ci3=$(($ci3 % 256)) + ci1=$(($si1 + ($ci2 / 256) )); ci2=$(($ci2 % 256)) + # get computer name + result=$(timeout $maxwait nmblookup -A "$ci1.$ci2.$ci3.$ci4" | sed -n 2p | grep -Po '\t.+?\s' | xargs) + hwaddress=$(arp "$ci1.$ci2.$ci3.$ci4" | grep -Po '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})') + if [ -z "$result" ] && [ ! -z "$hwaddress" ] && [ $shownoname == true ]; then + result="???" + fi + # print if response given + if [ ! -z "$result" ]; then + toprint="$ci1.$ci2.$ci3.$ci4" + if [ $showmac == true ]; then + if [ -z "$hwaddress" ]; then + hwaddress=$myhwaddr + fi + toprint="$toprint ( $hwaddress )" + fi + myhost=$(grep "$ci1.$ci2.$ci3.$ci4" /etc/hosts | grep -oP '\s.+' | xargs) + if [ ! -z "$myhost" ]; then + result="$result ( ${GREEN}$myhost${NC} )" + fi + if [ "$ci1.$ci2.$ci3.$ci4" == "$i1.$i2.$i3.$i4" ]; then + result="$result ( ${RED}THIS DEVICE${NC} )" + fi + # if nothing found and nmap installed get device brand + if [ "$result" == "???" ] && [ $showbrand == true ]; then + result=$(sudo nmap -sP "$ci1.$ci2.$ci3.$ci4" | grep 'MAC Address' | grep -Po '\(.+?\)') + if [ "$result" == "(Unknown)" ]; then + result="???" + else + result="??? ${ORANGE}$result${NC}" + fi + fi + echo -e "$toprint\t=>\t$result" + fi +done \ No newline at end of file diff --git a/ubuntu/network.md b/ubuntu/network.md new file mode 100644 index 0000000..e69de29 diff --git a/ubuntu/scan.sh b/ubuntu/scan.sh new file mode 100644 index 0000000..f727794 --- /dev/null +++ b/ubuntu/scan.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +is_alive_ping() +{ + ping -c 1 $1 > /dev/null + [ $? -eq 0 ] && echo Node with IP: $i is up. +} + +for i in 192.168.1.{1..255} +do +is_alive_ping $i & disown +done \ No newline at end of file diff --git a/ubuntu/systemd.md b/ubuntu/systemd.md new file mode 100644 index 0000000..19a12fc --- /dev/null +++ b/ubuntu/systemd.md @@ -0,0 +1,24 @@ +save in //etc/systemd/system/this_file.service + +``` +[Unit] +Description=Redis persistent key-value database +After=network.target + +[Service] +ExecStart=/usr/bin/node //var/wwww/forecast_api/index.js +User=fc +Restart=always +StandardOutput=syslog +StandardError=syslog +WorkingDirectory=//var/www/forecast_api + +[Install] +WantedBy=multi-user.target +``` + +`sudo systemctl daemon-reload` + +`sudo systemctl enable forecast_api` + +https://www.axllent.org/docs/view/nodejs-service-with-systemd/ \ No newline at end of file diff --git a/ubuntu/users.md b/ubuntu/users.md index 9e2c2c6..a9ac694 100644 --- a/ubuntu/users.md +++ b/ubuntu/users.md @@ -1,8 +1,20 @@ -`adduser` -> high-level -`useradd` -> low-level - -adduser fc_api -usermod -a -G sudo fc_api - -chown user_name directory/ -chgrp user_name directory/ \ No newline at end of file +add a new user and then add to multiple groups +`adduser user_name` +`usermod -a -G adm,sudo user_name` +`chfn` -> changes full name + +change a ownership +`chown file_or_dir user_name` +`chgrp file_or_dir user_name` + + +delete user +`userdel user_name` +`adduser` -> high-level +`useradd` -> low-level + +adduser fc_api +usermod -a -G sudo fc_api + +chown user_name directory/ +chgrp user_name directory/