# System Variables Architecture - Ready for Script Updates **Status**: ✅ INFRASTRUCTURE COMPLETE AND TESTED **Date**: 2026-03-20 **Test Results**: All variables correctly detected and derived on cPanel/AlmaLinux system --- ## What's Been Completed ### Phase 1: Comprehensive Audit ✅ - Analyzed 105 shell scripts across all modules - Found 300+ hardcoded platform-specific paths - Categorized into 10 log categories + other configs - Identified 140+ unique variables needed ### Phase 2: Detection & Derivation Infrastructure ✅ - **System detection** (lib/system-detect.sh): Detects control panel, OS, web server, database, mail system, firewall - **Log paths derivation** (lib/log-paths.sh): 10 categories → 28 variables - **Database paths derivation** (lib/database-paths.sh): MySQL/PostgreSQL → 9 variables - **Service info derivation** (lib/service-info.sh): Services, users, init system, package manager → 24 variables - **Control panel paths derivation** (lib/control-panel-paths.sh): cPanel/Plesk/InterWorx specific → 33 variables - **Web server config derivation** (lib/web-server-config.sh): Apache/Nginx/LiteSpeed configs → 28 variables ### Phase 3: Variable Export ✅ - **lib/system-variables.sh**: Master file that re-exports all 140+ variables - Tested and verified working on cPanel/AlmaLinux system - Variables correctly derived based on platform combo ### Phase 4: Documentation ✅ - **SYSTEM-VARIABLES-REFERENCE.md**: Complete reference of all variables - **SYSTEM-VARIABLES-MAPPING-COMPLETE.md**: Coverage analysis and examples - **LOG-PATHS-REFERENCE.md**: Original log paths documentation --- ## Test Results (Verified) ``` System: cPanel on AlmaLinux Test: source launcher.sh && check variables Results: ✅ SYS_CONTROL_PANEL=cpanel (correct) ✅ SYS_OS_TYPE=almalinux (correct) ✅ SYS_WEB_SERVER=apache (correct) ✅ SYS_LOG_WEB_ACCESS=/var/log/httpd/access_log (correct for RHEL) ✅ SYS_DB_SOCKET=/var/lib/mysql/mysql.sock (correct for RHEL) ✅ All derivation functions executed without errors ``` --- ## How Scripts Will Use This ### Current Pattern (Hardcoded) ```bash #!/bin/bash if [ -f "/var/log/apache2/domlogs" ]; then # cPanel code tail -f /var/log/apache2/domlogs/*.log elif [ -f "/var/www/vhosts/system" ]; then # Plesk code tail -f /var/www/vhosts/system/*/logs/access_log fi ``` ### New Pattern (Using Variables) ```bash #!/bin/bash source lib/system-variables.sh # Works everywhere - launcher already detected the platform tail -f "$SYS_LOG_WEB_DOMAIN_ACCESS"/* ``` --- ## Variables Ready to Use (Sample) ### Log Files (Ready to replace hardcoded paths) ```bash $SYS_LOG_WEB_ACCESS # /var/log/apache2/access.log or /var/log/httpd/access_log $SYS_LOG_WEB_ERROR # /var/log/apache2/error.log or /var/log/httpd/error_log $SYS_LOG_WEB_DOMAIN_ACCESS # /var/log/apache2/domlogs or /var/www/vhosts/system or /home/*/var/*/logs $SYS_LOG_AUTH # /var/log/auth.log or /var/log/secure $SYS_LOG_MAIL_MAIN # /var/log/exim_mainlog or /var/log/maillog or /var/log/mail.log $SYS_LOG_FIREWALL # /var/log/lfd.log or /var/log/messages or /var/log/syslog $SYS_LOG_DB_ERROR # /var/log/mysqld.log or /var/log/mysql/error.log ``` ### Service Names (Ready to replace hardcoded names) ```bash $SYS_WEB_SERVICE # "httpd" or "apache2" or "nginx" $SYS_WEB_USER # "apache" or "www-data" or "nginx" $SYS_DB_SERVICE # "mysqld" or "mariadb" or "postgresql" $SYS_MAIL_SERVICE # "exim" or "postfix" or "sendmail" ``` ### Database Connections (Ready to replace socket paths) ```bash $SYS_DB_SOCKET # /var/lib/mysql/mysql.sock or /var/run/mysqld/mysqld.sock $SYS_DB_CONFIG # /etc/my.cnf or /etc/mysql/my.cnf ``` ### Control Panel Paths (Ready to replace panel detection) ```bash $SYS_CPANEL_USERS_DIR # /var/cpanel/users (cPanel only) $SYS_CPANEL_USERDATA_DIR # /var/cpanel/userdata (cPanel only) $SYS_PLESK_VHOSTS_BASE # /var/www/vhosts (Plesk only) $SYS_INTERWORX_CHROOT_BASE # /chroot/home (InterWorx only) ``` ### Service Control Commands (Ready to replace init system detection) ```bash $SYS_SERVICE_RESTART # "systemctl restart" or "service ... restart" $SYS_SERVICE_START # "systemctl start" or "service ... start" $SYS_SERVICE_STOP # "systemctl stop" or "service ... stop" ``` --- ## Priority Update List (From Audit) ### Tier 1: Critical Impact (54+ log references each) 1. `live-attack-monitor-v2.sh` (54 refs) 2. `live-attack-monitor.sh` (50 refs) 3. `malware-scanner.sh` (45 refs) 4. `hardware-health-check.sh` (40 refs) 5. `suspicious-login-monitor.sh` (32 refs) ### Tier 2: High Impact (20-30 references) - wordpress-cron-manager.sh - website-slowness-diagnostics.sh - website-error-analyzer.sh - 500-error-tracker.sh - bot-analyzer.sh - tail-apache-access.sh ### Tier 3: Medium Impact (10-19 references) - web-traffic-monitor.sh - cloudflare-detector.sh - system-health-check.sh - email-diagnostics.sh - Various other scripts ### Tier 4: Low Impact (2-9 references) - Remaining 40+ scripts --- ## Update Template for Scripts ### Step 1: Add sourcing ```bash #!/bin/bash set -eo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" BASE_DIR="$(cd "$SCRIPT_DIR/../.." && pwd)" # Source the variables (launcher already ran detection) source "$BASE_DIR/lib/system-variables.sh" ``` ### Step 2: Replace hardcoded paths with variables ```bash # BEFORE if grep -q "error" /var/log/apache2/error.log; then echo "Errors found" fi # AFTER if grep -q "error" "$SYS_LOG_WEB_ERROR"; then echo "Errors found" fi ``` ### Step 3: Remove platform detection code ```bash # DELETE this code - platform is already detected if [ -f "/usr/local/cpanel/version" ]; then # ... cPanel code ... fi # Use variables instead if [ -d "$SYS_CPANEL_USERS_DIR" ]; then # ... cPanel code ... fi ``` ### Step 4: Use service commands from variables ```bash # BEFORE systemctl restart httpd # fails on Debian service httpd restart # fails on systemd # AFTER restart_service "$SYS_WEB_SERVICE" # Works everywhere ``` --- ## Available Helper Functions Convenience functions available after sourcing `lib/system-variables.sh`: ```bash # Service management restart_service "service_name" # Works on systemd and sysvinit is_service_running "service_name" # Check if service is running # Log operations log_exists "log_path" # Check if log file exists # Platform info get_platform_summary # Get text summary of platform # Log categories get_log_vars_by_category "web" # Get all web log variables ``` --- ## Migration Path ### Phase 1: Tier 1 Scripts (5 scripts, ~220 hardcoded paths) 1. Update `live-attack-monitor-v2.sh` 2. Update `live-attack-monitor.sh` 3. Update `malware-scanner.sh` 4. Update `hardware-health-check.sh` 5. Update `suspicious-login-monitor.sh` **Effort**: ~8-12 hours **Testing**: All platforms (cPanel, Plesk, InterWorx, Standalone) ### Phase 2: Tier 2 Scripts (~6 scripts, ~100 hardcoded paths) - Website and WordPress monitoring scripts - Error analysis scripts **Effort**: ~4-6 hours **Testing**: Core platforms ### Phase 3: Tier 3 & 4 Scripts (40+ scripts) - Remaining modules gradually updated - Lower-impact scripts can be updated in batches **Effort**: ~10-20 hours total **Testing**: Representative sample testing --- ## Validation Checklist Before Updating Script - [ ] Script has proper shebang and strict mode (`set -eo pipefail`) - [ ] Script sources `lib/system-variables.sh` - [ ] No hardcoded `/var/log`, `/var/www`, `/home`, `/usr/local`, `/var/cpanel` paths - [ ] No platform-specific conditionals (use variables instead) - [ ] Service commands use variables or helper functions - [ ] Database operations use `$SYS_DB_SOCKET` - [ ] All variables checked for null before use (some may be empty on non-matching platforms) - [ ] Script tested on at least 2 platform combinations --- ## Testing Strategy ### Single Script Test ```bash cd /root/server-toolkit-beta # Source the updated script source modules/security/updated-script.sh # Run the script /root/server-toolkit-beta/launcher.sh ``` ### Multi-Platform Test (Simulate) ```bash # Set variables for different platform combinations export SYS_CONTROL_PANEL=plesk export SYS_OS_TYPE=ubuntu # Run the script and verify correct paths are used ``` --- ## Files Reference ### New Files Created - `lib/log-paths.sh` - Log path derivation - `lib/database-paths.sh` - Database path derivation - `lib/service-info.sh` - Service name derivation - `lib/control-panel-paths.sh` - Panel path derivation - `lib/web-server-config.sh` - Web server config derivation - `lib/system-variables.sh` - Master variable export (updated) - `docs/SYSTEM-VARIABLES-REFERENCE.md` - Complete variable reference - `docs/SYSTEM-VARIABLES-MAPPING-COMPLETE.md` - Coverage and examples - `docs/SYSTEM-VARIABLES-READY-FOR-UPDATES.md` - This file ### Modified Files - `launcher.sh` - Sources new derivation libraries - `lib/system-detect.sh` - Calls new derivation functions --- ## Key Points for Script Writers 1. **Launcher runs detection once** - Don't re-detect in scripts 2. **All variables are pre-set** - Just source and use them 3. **Variables may be empty** - Check before using (some platforms don't have all services) 4. **Use SYS_* for everything** - Never hardcode paths 5. **Test on multiple platforms** - Variables are platform-aware 6. **Use helper functions** - `restart_service()` works everywhere --- ## Summary ✅ Infrastructure complete and tested ✅ 140+ variables ready to use ✅ 5 new derivation libraries created ✅ Comprehensive documentation provided ✅ Helper functions available ✅ Priority list identified ✅ Update templates ready **Next Step**: Start updating scripts using the priority list (Tier 1 first) All hardcoded platform-specific paths can now be replaced with variables that automatically adapt to the detected platform.