diff --git a/launcher.sh b/launcher.sh index 60a99ed..ec722fa 100755 --- a/launcher.sh +++ b/launcher.sh @@ -559,6 +559,10 @@ show_backup_menu() { echo -e " ${YELLOW}7)${NC} Backup Verification - Test backup integrity" echo -e " ${YELLOW}8)${NC} Off-site Sync - Sync to remote storage" echo "" + echo -e "${BOLD}Data Management:${NC}" + echo "" + echo -e " ${RED}9)${NC} 🗑️ Cleanup Toolkit Data - Remove IP reputation & temp files" + echo "" echo -e " ${RED}0)${NC} Back to Main Menu" echo "" echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" @@ -1320,6 +1324,7 @@ handle_backup_menu() { 6) run_module "backup" "log-archive.sh" ;; 7) run_module "backup" "backup-verification.sh" ;; 8) run_module "backup" "offsite-sync.sh" ;; + 9) run_module "maintenance" "cleanup-toolkit-data.sh" ;; 0) return ;; *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; esac diff --git a/modules/maintenance/cleanup-toolkit-data.sh b/modules/maintenance/cleanup-toolkit-data.sh new file mode 100755 index 0000000..ce016dd --- /dev/null +++ b/modules/maintenance/cleanup-toolkit-data.sh @@ -0,0 +1,243 @@ +#!/bin/bash + +################################################################################ +# Server Toolkit Data Cleanup +################################################################################ +# Purpose: Remove all toolkit-generated data (for wiping before system transfer) +# Use Case: When moving toolkit to another server or fresh start +# +# What gets cleaned: +# - IP reputation database +# - Temporary analysis files +# - Cached data +# - Generated reports +# - Session data +################################################################################ + +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)" +source "$SCRIPT_DIR/lib/common-functions.sh" + +# Require root +if [ "$EUID" -ne 0 ]; then + print_error "This script must be run as root" + exit 1 +fi + +print_banner "Server Toolkit Data Cleanup" + +echo "" +echo -e "${YELLOW}${BOLD}⚠️ WARNING ⚠️${NC}" +echo "" +echo "This will remove ALL data collected by the Server Toolkit:" +echo "" +echo " • IP reputation database (/var/lib/server-toolkit/)" +echo " • Temporary analysis files (/tmp/)" +echo " • Generated reports" +echo " • Cached data" +echo " • Session files" +echo "" +echo -e "${RED}This action CANNOT be undone!${NC}" +echo "" +echo "Use this when:" +echo " ✓ Moving toolkit to a different server" +echo " ✓ Starting fresh analysis" +echo " ✓ Removing server-specific data before sharing" +echo "" +echo -e "${CYAN}────────────────────────────────────────────────────────────${NC}" +echo "" +read -p "Type 'yes' to confirm cleanup: " confirm + +if [ "$confirm" != "yes" ]; then + echo "" + print_error "Cleanup cancelled" + exit 0 +fi + +echo "" +echo "Starting cleanup..." +echo "" + +# Track what was cleaned +cleaned_count=0 +cleaned_size=0 + +# Function to safely remove directory/file and track size +safe_remove() { + local path="$1" + local description="$2" + + if [ -e "$path" ]; then + # Calculate size before removing + if [ -d "$path" ]; then + size=$(du -sb "$path" 2>/dev/null | awk '{print $1}' || echo "0") + else + size=$(stat -c%s "$path" 2>/dev/null || echo "0") + fi + + # Remove + rm -rf "$path" 2>/dev/null + + if [ $? -eq 0 ]; then + cleaned_size=$((cleaned_size + size)) + ((cleaned_count++)) + echo -e " ${GREEN}✓${NC} Removed: $description" + return 0 + else + echo -e " ${RED}✗${NC} Failed to remove: $description" + return 1 + fi + else + echo -e " ${DIM}○${NC} Not found: $description (already clean)" + return 0 + fi +} + +echo -e "${BOLD}IP Reputation Database:${NC}" +safe_remove "/var/lib/server-toolkit/ip-reputation" "IP reputation database" +safe_remove "/var/lib/server-toolkit" "Toolkit data directory" +echo "" + +echo -e "${BOLD}Temporary Analysis Files:${NC}" +# Bot analyzer temp files +for pattern in /tmp/bot_analysis_* /tmp/*_bot_*.txt; do + if ls $pattern 2>/dev/null | grep -q .; then + rm -f $pattern 2>/dev/null + echo -e " ${GREEN}✓${NC} Removed: Bot analysis temp files" + ((cleaned_count++)) + break + fi +done + +# 500 error tracker temp files +for pattern in /tmp/500-tracker-* /tmp/*500*.txt; do + if ls $pattern 2>/dev/null | grep -q .; then + rm -rf $pattern 2>/dev/null + echo -e " ${GREEN}✓${NC} Removed: 500 error tracker temp files" + ((cleaned_count++)) + break + fi +done + +# Live monitoring temp files +for pattern in /tmp/live-monitor-* /tmp/*monitor*.tmp; do + if ls $pattern 2>/dev/null | grep -q .; then + rm -rf $pattern 2>/dev/null + echo -e " ${GREEN}✓${NC} Removed: Live monitoring temp files" + ((cleaned_count++)) + break + fi +done + +# Error analyzer temp files +for pattern in /tmp/error_analysis_* /tmp/*error*.tmp; do + if ls $pattern 2>/dev/null | grep -q .; then + rm -f $pattern 2>/dev/null + echo -e " ${GREEN}✓${NC} Removed: Error analyzer temp files" + ((cleaned_count++)) + break + fi +done + +# Generic toolkit temp files +for pattern in /tmp/toolkit_* /tmp/server-toolkit*; do + if ls $pattern 2>/dev/null | grep -q .; then + rm -rf $pattern 2>/dev/null + echo -e " ${GREEN}✓${NC} Removed: Generic toolkit temp files" + ((cleaned_count++)) + break + fi +done + +echo "" + +echo -e "${BOLD}Generated Reports:${NC}" +# Look for common report locations +for pattern in /tmp/*_report_*.txt /tmp/*_analysis_*.txt /root/*toolkit*.txt /root/*_report*.txt; do + if ls $pattern 2>/dev/null | grep -q .; then + count=$(ls $pattern 2>/dev/null | wc -l) + rm -f $pattern 2>/dev/null + echo -e " ${GREEN}✓${NC} Removed: $count report file(s)" + ((cleaned_count++)) + break + fi +done + +echo "" + +echo -e "${BOLD}Cache and Session Data:${NC}" +# Cached analysis data +if [ -d "/var/cache/server-toolkit" ]; then + safe_remove "/var/cache/server-toolkit" "Toolkit cache directory" +fi + +# Session/lock files +for pattern in /var/run/server-toolkit* /var/lock/server-toolkit*; do + if ls $pattern 2>/dev/null | grep -q .; then + rm -f $pattern 2>/dev/null + echo -e " ${GREEN}✓${NC} Removed: Session/lock files" + ((cleaned_count++)) + break + fi +done + +echo "" + +echo -e "${BOLD}Log Files (Optional):${NC}" +echo -n "Remove toolkit execution logs? (yes/no) [no]: " +read remove_logs +remove_logs="${remove_logs:-no}" + +if [ "$remove_logs" = "yes" ]; then + for pattern in /var/log/server-toolkit*.log; do + if ls $pattern 2>/dev/null | grep -q .; then + count=$(ls $pattern 2>/dev/null | wc -l) + rm -f $pattern 2>/dev/null + echo -e " ${GREEN}✓${NC} Removed: $count log file(s)" + ((cleaned_count++)) + break + fi + done +else + echo -e " ${DIM}○${NC} Logs kept (skipped)" +fi + +echo "" +echo -e "${CYAN}────────────────────────────────────────────────────────────${NC}" +echo "" + +# Convert size to human readable +if [ $cleaned_size -lt 1024 ]; then + size_human="${cleaned_size}B" +elif [ $cleaned_size -lt 1048576 ]; then + size_human="$((cleaned_size / 1024))KB" +elif [ $cleaned_size -lt 1073741824 ]; then + size_human="$((cleaned_size / 1048576))MB" +else + size_human="$((cleaned_size / 1073741824))GB" +fi + +echo -e "${GREEN}${BOLD}✓ Cleanup Complete!${NC}" +echo "" +echo "Summary:" +echo " Items removed: $cleaned_count" +echo " Space freed: $size_human" +echo "" +echo "The toolkit is now clean and ready for:" +echo " • Transfer to another server" +echo " • Fresh analysis start" +echo " • Sharing without server-specific data" +echo "" + +# Verify critical directories are gone +missing=0 +[ -d "/var/lib/server-toolkit" ] && { echo -e "${YELLOW}Warning: /var/lib/server-toolkit still exists${NC}"; ((missing++)); } +[ -d "/tmp/live-monitor-current" ] && { echo -e "${YELLOW}Warning: /tmp/live-monitor-current still exists${NC}"; ((missing++)); } + +if [ $missing -gt 0 ]; then + echo "" + echo -e "${YELLOW}Some directories could not be removed (may be in use)${NC}" + echo "Try stopping any running toolkit scripts and run cleanup again." +fi + +echo "" +press_enter