#!/usr/bin/env bash
#####################################################################################
# Server log cleaner script
# Used by Privex to purge space-wasting logs when making an OS template.
#
# This also helps to remove leftover staff SSH public keys and logs containing
# their IP addresses.
#
# curl -fsSL https://cdn.privex.io/extras/logcleaner.sh | sudo bash
#
# (C) 2020 Privex Inc. https://www.privex.io
#
#####################################################################################

USRLOGS=('.zsh_history' '.zcompdump' '.viminfo' '.bash_history' '.cache')
: ${VL="/var/log"}
: ${REGEN_SSH=1}
: ${CLEAR_LOGS=1}
: ${CLEAR_SSH=1}
: ${FSTRIM=1}

if (( REGEN_SSH )); then
    echo " >> Removing SSH server host keys"
    rm -v /etc/ssh/ssh_host_*
    if [[ -f /etc/debian_version ]]; then
        echo " >> Re-generating SSH host keys (dpkg-reconfigure openssh-server)"
        DEBIAN_FRONTEND=noninteractive dpkg-reconfigure openssh-server
    else
        echo " >> Re-generating SSH host keys (ssh-keygen for non-debian servers)"
        echo "     -> Re-generating RSA 4096 key"
        ssh-keygen -q -N "" -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key
        echo "     -> Re-generating ECDSA 521 key"
        ssh-keygen -q -N "" -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_key
        echo "     -> Re-generating ed25519 key"
        ssh-keygen -q -N "" -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
    fi
    echo " >> Restarting SSH"
    systemctl restart ssh
    systemctl restart sshd
fi

if (( CLEAR_LOGS )); then
    rm -rvf "${VL}/auth"* "${VL}/kern"* "${VL}/lastlo"* 
    rm -rvf "${VL}/fail"* "${VL}/syslo"* "${VL}/wtm"* "${VL}/btm"*
    rm -rvf "${VL}/journal/"*
    rm -rvf "${VL}/message"* "${VL}/cron"* 
    rm -rvf "${VL}/audit/"* "${VL}/secur"*
    rm -rvf "${VL}/dmes"*
    rm -rvf "${VL}/cloud"*

    for u in "${USRLOGS[@]}"; do
        echo " >> Removing $u from /home/*"
        rm -rvf "/home"/*/${u}
        echo " >> Removing $u from /root"
        rm -rvf "/root"/${u}
    done
    echo " >> Removing any zcompdump files"
    rm -rvf "/home"/*/.zcomp*
    rm -rvf "/root"/.zcomp*
fi

if (( CLEAR_SSH )); then
    echo " >> Removing /home/*/.ssh"
    rm -rvf "/home"/*/.ssh
    echo " >> Removing /root/.ssh"
    rm -rvf "/root/.ssh"
fi
if [[ -d "/hive" ]] && [[ -d "/hive/data/witness_node_data_dir/logs" ]]; then
    echo " >> Removing /hive/data/witness_node_data_dir/logs"
    rm -rvf /hive/data/witness_node_data_dir/logs
fi
if [[ -d "/blurt" ]] && [[ -d "/blurt/data/witness_node_data_dir/logs" ]]; then
    echo " >> Removing /blurt/data/witness_node_data_dir/logs"
    rm -rvf /blurt/data/witness_node_data_dir/logs
fi
if [[ -d "/steem" ]] && [[ -d "/steem/data/witness_node_data_dir/logs" ]]; then
    echo " >> Removing /steem/data/witness_node_data_dir/logs"
    rm -rvf /steem/data/witness_node_data_dir/logs
fi

if (( FSTRIM )); then
    echo " >> Running fstrim"
    fstrim -av
fi