<img src="https://makerhacks.com/wp-content/uploads/2018/03/bigstock-Internet-Search-7415396.jpg" alt="Linux Automation Scheduling and Starting Scripts on Boot" width="832" height="633" /><br>

Running commands from the shell is all well and good, but what if you don't want to always be logging into your terminal? What if the script, or even server, crashes or needs to reboot? In this series, we have been looking at automation in Linux, and nothing is more important than automating the launching (and relaunching) of your scripts.
<h3>Previously</h3>
https://makerhacks.com/linux-automation-tip-kill-script-already-running/
<h3>Sheduling Scripts</h3>

The first way we ensure our scripts run is by putting them on a schedule using Crontab. This will launch the commands you set at chosen times, every minute, hour, day, etc.

To edit your schedule, enter:

<code>crontab -e</code>

You can add a command like so:

<code># m h dom mon dow command
*/30 * * * * /home/chrisg/steemit/reclaim-cron.sh</code>

This launches my Reclaim script every 30 minutes. It checks if I have any Steemit rewards ready to claim so I don't have to hit the button on the website.

There is an excellent resource for figuring out the schedules <a href="https://crontab.guru/" target="_blank">here at crontab.guru</a>

<h3>Launching on Reboot or Crash</h3>

What, though, about starting the scripts on reboot? Or if the script crashes?

You don't want to run a webserver using Cron, it should be there all the time, right?

There is an app for that! <a href="http://supervisord.org/" target="_blank">It's called Supervisor</a>.

Install with:

<code>sudo apt-get install supervisor</code>

When Supervisor runs, it checks for .conf files in <code>/etc/supervisor/conf.d/</code>

Create a new configuration file with a meaningful name:

<code>sudo nano /etc/supervisor/conf.d/[your program].conf</code>

and add your configuration information into the file. In the following, I am creating a <i>test.conf</i> with the program called <i>test</i>.

<code>[program:test]
command=[your command]

[program:test]
user=myuser
autostart=true
autorestart=true
command=/bin/sh /home/chrisg/test.sh
stderr_logfile=/var/log/supervisor/test.err.log
stdout_logfile=/var/log/supervisor/test.out.log</code>

Note I am also outputting two log files, one for script errors and the other for script output. This is important for debugging in case you find something doesn't run. 

You can see that I want my test script to start when the machine boots and if the script crashes for any reason.

When you make changes to your .conf files you will need to re-read and update the configuration, like so:

<code>sudo supervisorctl reread
sudo supervisorctl update</code>

There are also the following commands for stopping, starting and so on.

<code>sudo supervisorctl stop all
sudo supervisorctl reload
sudo supervisorctl restart all</code>

<h3>Starting Supervisord on Boot</h3>

Of course you also want Supervisor to run on server boot, so you will need to enter the following commands when you are happy with your configuration (Google for your OS and version if this does not work for you):

<code>sudo systemctl enable supervisor
sudo systemctl start supervisor</code>

<h3>Tightening Security</h3>

Now your machine is doing important work and needs to be semi-reliable, it is a good idea to tighten your security.

First lets stop root logins, you can use Sudo if necessary:

<code>sudo nano /etc/ssh/ssh_config</code>

Find and uncomment, or add the following line:

<code>PermitRootLogin no</code>

If you are only ever <a href="https://makerhacks.com/ssh-linux-raspberrypi-public-keys/" target="_blank">running passwordless using Public Key SSH</a>, then you can use the following too:

<code>PasswordAuthentication no</code>

<h3>Adding a Simple Firewall in Linux</h3>

You can also run a quick and easy <i>uncomplicated firewall</i> called, as it happens, UFW.

Install ufw with:

<code>sudo apt-get install -y ufw</code>

This will stop your machine accepting connections, so now you need to <i>allow</i> the connections you actually want.

I have a dev website running using Flask on port 5000, so I would enter:

<code>sudo ufw allow 5000</code>

Plus obviously HTTP port 80 and, SSH of course:

<code>sudo ufw allow http

sudo ufw allow ssh</code>

Of course if you have an SSL certificate you would add HTTPS.

Check your work with:

<code>sudo ufw status</code>

After making changes, make them take hold using:

<code>sudo ufw --force enable

sudo ufw status</code>


<hr>

<sub>Image Source: Bigstock</sub>
<br /><center><hr/><em>Posted from my blog with <a href='https://wordpress.org/plugins/steempress/'>SteemPress</a> : https://makerhacks.com/linux-automation-tips-running-scripts-automatically/</em><hr/></center>