|
|
|
#!/bin/bash
|
|
|
|
# Modified version, original source: https://gitlab.com/snippets/1871482#note_188602535
|
|
|
|
|
|
|
|
CACHE_DIR={{ notify_cache_directory | quote }}
|
|
|
|
USERID={{ recipient_id | quote }}
|
|
|
|
KEY={{ bot_key | quote }}
|
|
|
|
|
|
|
|
TIMEOUT={{ timeout | quote }}
|
|
|
|
|
|
|
|
URL="https://api.telegram.org/bot$KEY/sendMessage"
|
|
|
|
sendMessage() {
|
|
|
|
curl -s --max-time "$TIMEOUT" -d "chat_id=$1" -d "disable_web_page_preview=1" -d "parse_mode=Markdown" -d "text=$2" "$URL" >/dev/null
|
|
|
|
}
|
|
|
|
|
|
|
|
if [[ "$PAM_SERVICE" == "sshd" && "$PAM_TYPE" == "open_session" && "$PAM_USER" != "git" && -z "$TMUX" ]]; then
|
|
|
|
IP="$PAM_RHOST"
|
|
|
|
cache_file="${CACHE_DIR}/${IP}-${PAM_USER}"
|
|
|
|
cache_mtime=$(stat --format="%Y" "$cache_file" 2>/dev/null)
|
|
|
|
current_time=$(date +%s)
|
|
|
|
touch "$cache_file"
|
|
|
|
if (( cache_mtime > (current_time - 4*60*60) )); then
|
|
|
|
exit 0
|
|
|
|
fi
|
|
|
|
HOSTNAME=$(hostname --fqdn)
|
|
|
|
TEXT="Successful login from [$IP](https://stat.ripe.net/app/$IP) for ${PAM_USER} @ ${HOSTNAME} ($(date "+%Y-%m-%d %H:%M"))"
|
|
|
|
sendMessage "$USERID" "$TEXT"
|
|
|
|
fi
|