From e2a1a81b529ebf6cff385a38089d4b483f5be764 Mon Sep 17 00:00:00 2001
From: konsthol <konsthol@konsthol.eu>
Date: Fri, 1 Sep 2023 20:05:34 +0300
Subject: [PATCH] REALLY FUCKING FIXED

---
 harden | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/harden b/harden
index a2a400b..6d3c665 100755
--- a/harden
+++ b/harden
@@ -19,7 +19,7 @@ trap 'printf "Error on line %d with signal %s" "$LINENO" "$?"' ERR # Exit on err
 trap 'printf "Interrupted on line %d with signal %s" "$LINENO" "$?"' INT SIGHUP SIGINT SIGTERM
 
 # Get script name using parameter expansion to not spawn a new subprocess
-##SCRIPT_NAME="${0##*/}"
+SCRIPT_NAME="${0##*/}"
 
 # We will be using printf instead of echo because it is more standardised.
 # Also we will be using the test command's functionality as
@@ -164,7 +164,8 @@ function getCorrectFirewall {
 	distro="$(get_distro)"          # Get the distribution name
 	case "$distro" in               # Use case to check for the distribution name
 		"Ubuntu" | "Debian GNU/Linux") # If the distribution is Ubuntu or Debian
-            echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections
+            printf "%s" 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections
+            # echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections
 			export DEBIAN_FRONTEND=noninteractive
             export NEEDRESTART_MODE=a
             export DEBIAN_PRIORITY=critical
@@ -199,7 +200,8 @@ function getCorrectKernelSecurityModule {
             printf "%s" "apparmor" # Output apparmor
 			;;
         "Debian GNU/Linux") # If the distribution is Debian
-            echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections
+            printf "%s" 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections
+            # echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections
 			export DEBIAN_FRONTEND=noninteractive
             export NEEDRESTART_MODE=a
             export DEBIAN_PRIORITY=critical
@@ -333,7 +335,7 @@ EOF
     ## Check if we can use docker-compose config for that unless we have no access to the output
     # sudo machinectl shell secdep@ "$(which bash)" -c 'DOCKER_HOST=unix:///run/user/$UID/docker.sock /home/secdep/bin/docker-compose -f /home/secdep/docker-compose.yml config'
     # [[ -f /home/secdep/docker-compose.yml ]] && sudo PORTS="$(grep '[0-9]:[0-9]' /home/secdep/docker-compose.yml | rev | cut -d':' -f1 | rev | grep -Eow '[[:digit:]]+' | tr '\n' ' ')" || PORTS=""
-    CMD_PORTS="grep '[0-9]:[0-9]' /home/secdep/docker-compose.yml | rev | cut -d':' -f1 | rev | grep -Eow '[[:digit:]]+' | tr '\n' ' '"
+    CMD_PORTS="cat /home/secdep/docker-compose.yml | grep -A1 ports | grep '[0-9]:[0-9]' | rev | cut -d':' -f1 | rev | grep -Eow '[[:digit:]]+' | tr '\n' ' '"
     sudo -E runuser - secdep -c "$CMD_PORTS" > /dev/null 2>&1 && PORTS="$(sudo -E runuser - secdep -c "$CMD_PORTS")" || PORTS=""
     # Loop through the ports in the PORTS variable
     if [[ -n "$PORTS" ]]; then
@@ -540,12 +542,17 @@ EOF
 # The main function will call the check_dependencies function and exit if it fails.
 # It will also output a message to the user to let them know that the script has finished.
 function main {
+    printf "%s" "$SCRIPT_NAME started"
 	check_dependencies || exit 1  # Check dependencies and exit if it fails
+    printf "%s" "Dependencies installed"
     hardenSSH || exit 1          # Harden ssh and exit if it fails
+    printf "%s" "SSH hardened"
     firewallInit || exit 1        # Initialize the firewall and exit if it fails
+    printf "%s" "Firewall initialized"
     kernelSecurityModuleInit || exit 1 # Initialize the kernel security module and exit if it fails
+    printf "%s" "Kernel security module initialized"
     configureFail2ban || exit 1        # Initialize fail2ban and exit if it fails
-## I should probably delete this one    dockerInit || exit 1          # Initialize docker and exit if it fails
+    printf "%s" "Fail2ban configured"
 #    apparmorConfig      # Configure apparmor
 #    apparmorProfiles    # Create apparmor profiles for all docker images
 #    selinuxConfig       # Configure selinux
@@ -553,12 +560,11 @@ function main {
     # Call the dockerInit function with the arguments passed to the script
     # Else exit with error code 1
 ##    [[ $# -gt 0 ]] && dockerInit "$@" || exit 1
-    dockerInit "$@" || exit 1
+    dockerInit "$@" || exit 1         # Initialize docker and exit if it fails
     enableServices || exit 1
     deleteRemainingUsers || exit 1
-	printf "%s" "Script finished" # Output message to the user
+	printf "%s" "$SCRIPT_NAME finished" # Output message to the user
 	printf "%s" "You should reboot" # Output message to the user
-	# printf "%s" "Now rebooting" # Output message to the user
     # sudo reboot
 }
 
@@ -573,5 +579,4 @@ function main {
 # Call the main function
 main "$@"
 
-# exit 1 # The right and proper way to exit a script
 exit 0 # The right and proper way to exit a script