#!/bin/bash

####################################################################################################
#### author: SlickStack ############################################################################
#### link: https://slickstack.io ###################################################################
#### mirror: https://mirrors.slickstack.io/crons/12-cron-monthly.txt ###############################
#### path: /var/www/crons/12-cron-monthly ##########################################################
#### destination: n/a (not a boilerplate) ##########################################################
#### purpose: SlickStack core cron job *monthly* (12/13) will run every 1 month ####################
#### module version: Ubuntu 20.04 LTS ##############################################################
#### sourced by: root crontab ######################################################################
#### bash aliases: ss cron 12, ss cron monthly #####################################################
####################################################################################################

## NEVER MODIFY THE ROOT CRONTAB OR SS CORE CRON JOBS OR YOUR STACK WILL STOP WORKING ##
## INSTEAD ADJUST INTERVAL_SS SETTINGS IN SS-CONFIG OR EDIT CUSTOM CRON FILES ##

####################################################################################################
#### TABLE OF CONTENTS (12-Cron-Monthly) ###########################################################
####################################################################################################

## A. Validate (Restore) SS-Config
## B. Validate (Restore) SS-Functions
## C. Validate (Restore) SS-Check + SS-Worker
## D. Source SS-Config + SS-Functions (After Validated)
## E. Touch Timestamp File
## F. Run Custom Tasks (EDIT SOURCED FILES)
## G. Run Scheduled Tasks (DO NOT EDIT)
## H. Reset Permissions (SlickStack Core Scripts)
## I. Delete Lock File

####################################################################################################
#### A. 12-Cron-Monthly: Validate (Restore) SS-Config ##############################################
####################################################################################################

## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS

## SNIPPET: ss core cron jobs

## this attempts to restore missing or damaged ss-config using a recent intact backup ##
## however it is not fool-proof since there is no way to verify all settings ##

## validate ss-config ##
VALIDATE_SS_CONFIG=$(grep 'SS_BUILD' /var/www/ss-config)
if [[ -z "$VALIDATE_SS_CONFIG" ]]; then
    SS_CONFIG_RECENT_BACKUPS=$(ls -1rta /var/www/backups/config/ss-config.bak* | tail -n1)
    SS_CONFIG_BEST_MATCH=$(grep -il 'SS_BUILD' "$SS_CONFIG_RECENT_BACKUPS")
    rm -rf /tmp/ss-config
    mv -f "$SS_CONFIG_BEST_MATCH" /tmp/ss-config
    VALIDATE_TMP_SS_CONFIG=$(grep 'SS_BUILD' /tmp/ss-config)
    if [[ -n "$VALIDATE_TMP_SS_CONFIG" ]]; then
        mv -f /tmp/ss-config /var/www/ss-config
        chown root:root /var/www/ss-config ## must be root:root
        chmod 0700 /var/www/ss-config ## 0700 means only root can execute
    fi
    rm -rf /tmp/ss-config
fi

####################################################################################################
#### B. 12-Cron-Monthly: Validate (Restore) SS-Functions ###########################################
####################################################################################################

## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS

## SNIPPET: ss core cron jobs

## this attempts to restore damaged or outdated ss-functions from our public mirrors ##
## we perform this check before cron job tasks as they rely on ss-functions ##

## validate ss-functions ##
VALIDATE_SS_FUNCTIONS=$(grep 'SS_EOF' /var/www/ss-functions)
OUTDATED_SS_FUNCTIONS=$(find "/var/www/ss-functions" -mtime +1)
if [[ -z "$VALIDATE_SS_FUNCTIONS" ]] || [[ -n "$OUTDATED_SS_FUNCTIONS" ]]; then
    rm -rf /tmp/ss-functions
    wget --no-check-certificate -q -4 -t 1 -T 15 -O /tmp/ss-functions https://raw.githubusercontent.com/littlebizzy/slickstack/master/bash/ss-functions.txt
    VALIDATE_TMP_SS_FUNCTIONS=$(grep 'SS_EOF' /tmp/ss-functions)
    if [[ -n "$VALIDATE_TMP_SS_FUNCTIONS" ]]; then
        mv -f /tmp/ss-functions /var/www/ss-functions
        chown root:root /var/www/ss-functions ## must be root:root
        chmod 0700 /var/www/ss-functions ## 0700 means only root can execute
    else
        wget --no-check-certificate -q -4 -t 3 -T 30 -O /tmp/ss-functions https://gitlab.com/littlebizzy/slickstack/-/raw/master/bash/ss-functions.txt
        mv -f /tmp/ss-functions /var/www/ss-functions
        chown root:root /var/www/ss-functions ## must be root:root
        chmod 0700 /var/www/ss-functions ## 0700 means only root can execute
    fi
    rm -rf /tmp/ss-functions
fi

####################################################################################################
#### C. 12-Cron-Monthly: Validate (Restore) SS-Check + SS-Worker ###################################
####################################################################################################

## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS

## SNIPPET: ss core cron jobs

## this attempts to restore damaged or outdated ss-check and ss-worker bash scripts ##
## they are critical to maintenance tasks and keeping ss core files updated ##

## validate ss-check ##
VALIDATE_SS_CHECK=$(grep 'SS_EOF' /var/www/ss-check)
OUTDATED_SS_CHECK=$(find "/var/www/ss-check" -mtime +1)
if [[ -z "$VALIDATE_SS_CHECK" ]] || [[ -n "$OUTDATED_SS_CHECK" ]]; then
    rm -rf /tmp/ss-check
    wget --no-check-certificate -q -4 -t 1 -T 15 -O /tmp/ss-check https://raw.githubusercontent.com/littlebizzy/slickstack/master/bash/ss-check.txt
    VALIDATE_TMP_SS_CHECK=$(grep 'SS_EOF' /tmp/ss-check)
    if [[ -n "$VALIDATE_TMP_SS_CHECK" ]]; then
        mv -f /tmp/ss-check /var/www/ss-check
        chown root:root /var/www/ss-check ## must be root:root
        chmod 0700 /var/www/ss-check ## 0700 means only root can execute
    else
        wget --no-check-certificate -q -4 -t 3 -T 30 -O /tmp/ss-check https://gitlab.com/littlebizzy/slickstack/-/raw/master/bash/ss-check.txt
        mv -f /tmp/ss-check /var/www/ss-check
        chown root:root /var/www/ss-check ## must be root:root
        chmod 0700 /var/www/ss-check ## 0700 means only root can execute
    fi
    rm -rf /tmp/ss-check
fi

## validate ss-worker ##
VALIDATE_SS_WORKER=$(grep 'SS_EOF' /var/www/ss-worker)
OUTDATED_SS_WORKER=$(find "/var/www/ss-worker" -mtime +1)
if [[ -z "$VALIDATE_SS_WORKER" ]] || [[ -n "$OUTDATED_SS_WORKER" ]]; then
    rm -rf /tmp/ss-worker
    wget --no-check-certificate -q -4 -t 1 -T 15 -O /tmp/ss-worker https://raw.githubusercontent.com/littlebizzy/slickstack/master/bash/ss-worker.txt
    VALIDATE_TMP_SS_WORKER=$(grep 'SS_EOF' /tmp/ss-worker)
    if [[ -n "$VALIDATE_TMP_SS_WORKER" ]]; then
        mv -f /tmp/ss-worker /var/www/ss-worker
        chown root:root /var/www/ss-worker ## must be root:root
        chmod 0700 /var/www/ss-worker ## 0700 means only root can execute
    else
        wget --no-check-certificate -q -4 -t 3 -T 30 -O /tmp/ss-worker https://gitlab.com/littlebizzy/slickstack/-/raw/master/bash/ss-worker.txt
        mv -f /tmp/ss-worker /var/www/ss-worker
        chown root:root /var/www/ss-worker ## must be root:root
        chmod 0700 /var/www/ss-worker ## 0700 means only root can execute
    fi
    rm -rf /tmp/ss-worker
fi

####################################################################################################
#### D. 12-Cron-Monthly: Source SS-Config + SS-Functions (After Validated) #########################
####################################################################################################

## at this point we know that ss-config and ss-functions exist or have been restored ##
## so we source them now to carry on with custom and scheduled cron job tasks ##

## source ss-config ##
source /var/www/ss-config

## source ss-functions ##
source /var/www/ss-functions

## BELOW THIS RELIES ON SS-CONFIG AND SS-FUNCTIONS

####################################################################################################
#### E. 12-Cron-Monthly: Touch Timestamp File ######################################################
####################################################################################################

## this is a dummy timestamp file that will remember the last time this script was run ##
## it can be useful for developer reference and is sometimes used by SlickStack ##

## script timestamp ##
ss_touch "$TIMESTAMP_12_CRON_MONTHLY"

####################################################################################################
#### F. 12-Cron-Monthly: Run Custom Tasks (EDIT SOURCED FILES) #####################################
####################################################################################################

## this will run custom shell commands that you can save in a reserved filename below ##
## carefully consider server resources and best practices before customizing ##

## run 12-cron-monthly-custom ##
source "$PATH_12_CRON_MONTHLY_CUSTOM"

####################################################################################################
#### G. 12-Cron-Monthly: Run Scheduled Tasks (DO NOT EDIT) #########################################
####################################################################################################

## the below tasks will be called if configured to run at this interval in ss-config ##
## certain tasks are automatically called if the relevant interval is missing ##

## run ss-install-adminer if set to monthly or if not defined (default) ##
if [[ "$INTERVAL_SS_INSTALL_ADMINER" == "monthly" ]] || [[ -z "$INTERVAL_SS_INSTALL_ADMINER" ]]; then 
    source "$PATH_SS_INSTALL_ADMINER"
fi

## run ss-update-config if set to monthly ##
if [[ "$INTERVAL_SS_UPDATE_CONFIG" == "monthly" ]]; then 
    source "$PATH_SS_UPDATE_CONFIG"
fi

## run ss-install-wordpress-config if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_WORDPRESS_CONFIG" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_WORDPRESS_CONFIG"
fi

## run ss-install-wordpress-core if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_WORDPRESS_CORE" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_WORDPRESS_CORE"
fi

## run ss-install-wordpress-cli if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_WORDPRESS_CLI" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_WORDPRESS_CLI"
fi

## run ss-install-php-packages if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_PHP_PACKAGES" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_PHP_PACKAGES"
fi

## run ss-install-php-config if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_PHP_CONFIG" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_PHP_CONFIG"
fi

## run ss-install-redis-packages if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_REDIS_PACKAGES" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_REDIS_PACKAGES"
fi

## run ss-install-redis-config if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_REDIS_CONFIG" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_REDIS_CONFIG"
fi

## run ss-install-mysql-packages if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_MYSQL_PACKAGES" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_MYSQL_PACKAGES"
fi

## run ss-install-mysql-config if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_MYSQL_CONFIG" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_MYSQL_CONFIG"
fi

## run ss-install-nginx-packages if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_NGINX_PACKAGES" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_NGINX_PACKAGES"
fi

## run ss-install-nginx-config if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_NGINX_CONFIG" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_NGINX_CONFIG"
fi

## run ss-encrypt-openssl if set to monthly ##
if [[ "$INTERVAL_SS_ENCRYPT_OPENSSL" == "monthly" ]]; then 
    source "$PATH_SS_ENCRYPT_OPENSSL"
fi

## run ss-encrypt-certbot if set to monthly ##
if [[ "$INTERVAL_SS_ENCRYPT_CERTBOT" == "monthly" ]]; then 
    source "$PATH_SS_ENCRYPT_CERTBOT"
fi

## run ss-install-clamav if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_CLAMAV" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_CLAMAV"
fi

## run ss-purge-nginx if set to monthly ##
if [[ "$INTERVAL_SS_PURGE_NGINX" == "monthly" ]]; then 
    source "$PATH_SS_PURGE_NGINX"
fi

## run ss-purge-opcache if set to monthly ##
if [[ "$INTERVAL_SS_PURGE_OPCACHE" == "monthly" ]]; then 
    source "$PATH_SS_PURGE_OPCACHE"
fi

## run ss-purge-redis if set to monthly ##
if [[ "$INTERVAL_SS_PURGE_REDIS" == "monthly" ]]; then 
    source "$PATH_SS_PURGE_REDIS"
fi

## run ss-purge-transients if set to monthly ##
if [[ "$INTERVAL_SS_PURGE_TRANSIENTS" == "monthly" ]]; then 
    source "$PATH_SS_PURGE_TRANSIENTS"
fi

## run ss-install-ubuntu-utils if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_UBUNTU_UTILS" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_UBUNTU_UTILS"
fi

## run ss-reset-password-sftp if set to monthly ##
if [[ "$INTERVAL_SS_RESET_PASSWORD_SFTP" == "monthly" ]]; then 
    source "$PATH_SS_RESET_PASSWORD_SFTP"
fi

## run ss-install-ubuntu-users if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_UBUNTU_USERS" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_UBUNTU_USERS"
fi

## run ss-install-ubuntu-ssh if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_UBUNTU_SSH" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_UBUNTU_SSH"
fi

## run ss-install-ubuntu-kernel if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_UBUNTU_KERNEL" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_UBUNTU_KERNEL"
fi

## run ss-install-ufw-packages if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_UFW_PACKAGES" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_UFW_PACKAGES"
fi

## run ss-install-ufw-config if set to monthly ##
if [[ "$INTERVAL_SS_INSTALL_UFW_CONFIG" == "monthly" ]]; then 
    source "$PATH_SS_INSTALL_UFW_CONFIG"
fi

## run ss-update-modules if set to monthly ##
if [[ "$INTERVAL_SS_UPDATE_MODULES" == "monthly" ]]; then 
    source "$PATH_SS_UPDATE_MODULES"
fi

## run ss-restart-mysql if set to monthly ##
if [[ "$INTERVAL_SS_RESTART_MYSQL" == "monthly" ]]; then 
    source "$PATH_SS_RESTART_MYSQL"
fi

## run ss-restart-nginx if set to monthly ##
if [[ "$INTERVAL_SS_RESTART_NGINX" == "monthly" ]]; then 
    source "$PATH_SS_RESTART_NGINX"
fi

## run ss-restart-php if set to monthly ##
if [[ "$INTERVAL_SS_RESTART_PHP" == "monthly" ]]; then 
    source "$PATH_SS_RESTART_PHP"
fi

## run ss-restart-redis if set to monthly ##
if [[ "$INTERVAL_SS_RESTART_REDIS" == "monthly" ]]; then 
    source "$PATH_SS_RESTART_REDIS"
fi

## run ss-restart-ufw if set to monthly ##
if [[ "$INTERVAL_SS_RESTART_UFW" == "monthly" ]]; then 
    source "$PATH_SS_RESTART_UFW"
fi

## run ss-reboot-machine if set to monthly ##
if [[ "$INTERVAL_SS_REBOOT_MACHINE" == "monthly" ]]; then 
    source "$PATH_SS_REBOOT_MACHINE"
fi

####################################################################################################
#### H. 12-Cron-Monthly: Reset Permissions (SlickStack Core Scripts) ###############################
####################################################################################################

## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS
## SNIPPET: ss core cron jobs
## UPDATED: 20NOV2021

## we hardcode this permissions reset snippet in all ss core cron jobs for redundancy ##
## chmod 0700 means only the root/sudo users can execute any ss core scripts ##

chown root:root /var/www/ss* ## must be root:root
chown root:root /var/www/crons/*cron* ## must be root:root
chown root:root /var/www/crons/custom/*cron* ## must be root:root
chmod 0700 /var/www/ss* ## 0700 means only root can execute
chmod 0700 /var/www/crons/*cron* ## 0700 means only root can execute
chmod 0700 /var/www/crons/custom/*cron* ## 0700 means only root can execute

####################################################################################################
#### I. 12-Cron-Monthly: Delete Lock File ##########################################################
####################################################################################################

## here we delete the lock file associated with this cron job to clear the cron queue ##
## this is technically not necessary but we do it anyway for extra security ##

## delete lock ##
ss_rm "$LOCK_12_CRON_MONTHLY"

####################################################################################################
#### SlickStack: External References Used To Improve This Script (Thanks, Interwebz) ###############
####################################################################################################

## Ref: https://bash.cyberciti.biz/guide/Setting_up_permissions_on_a_script
## Ref: https://stackoverflow.com/questions/22861580/bash-script-check-if-a-file-contains-a-specific-line
## Ref: https://stackoverflow.com/questions/4749330/how-to-test-if-string-exists-in-file-with-bash/14201583
## Ref: https://stackoverflow.com/questions/11287861/how-to-check-if-a-file-contains-a-specific-string-using-bash
## Ref: https://stackoverflow.com/questions/4749330/how-to-test-if-string-exists-in-file-with-bash-
## Ref: https://stackoverflow.com/questions/42377739/while-file-doesnt-contain-string-bash

## SS_EOF