From c35401f5579b16c31e926a0e44909c6257f2b2bd Mon Sep 17 00:00:00 2001 From: David Schroeder Date: Sun, 16 Jul 2023 22:22:16 -0500 Subject: [PATCH] update --- defaults.inc | 39 ++++++++++++++++++++++----------------- inc/certs.inc | 10 +++++----- nodemgmt-scripts.sh | 4 ++-- ssl-cert-check/ssldomains | 21 --------------------- ssl-domain-checks.conf | 5 +++++ 5 files changed, 34 insertions(+), 45 deletions(-) delete mode 100644 ssl-cert-check/ssldomains create mode 100644 ssl-domain-checks.conf diff --git a/defaults.inc b/defaults.inc index ce2bd6da..1cdb169e 100755 --- a/defaults.inc +++ b/defaults.inc @@ -1,5 +1,5 @@ -VERS='4.10.1-07162023' +VERS='4.10.5-07162023' noheader=' service status-check nightlyrephp7.3-fpm,new backup report check checkcerts gitea update-nodes copynpmcerts singleservercheck update-dyndns ' CERT_DAEMON='/snap/bin/certbot' @@ -113,22 +113,27 @@ fi TSI=$(/sbin/ip link | grep tailscale0) && [ ${#TSI} != 0 ] && RUN_NODE_TSIP=$(/sbin/ip -o -4 addr list tailscale0 | awk '{print $4}' | cut -d/ -f1) || RUN_NODE_TSIP= RNIP=$(ip addr show $(ip route | awk '/default/ { print $5 }') | grep "inet" | head -n 1 | awk '/inet/ {print $2}' | cut -d'/' -f1) -for NTYPE in "${NM_NODE_TYPES[@]}"; do - var=${NTYPE}_HOSTS[@] - RUN_NODE_TYPE="" - for nip in "${!var}"; do - # echo "$nip - ${RNIP} - ${RUN_NODE_TSIP}" - if [[ "${RNIP}" == *"${nip}"* ]]; then - RUN_NODE_TYPE=${NTYPE}; - RUN_NODE_IP=${RNIP} - break 2 - elif [[ "${RUN_NODE_TSIP}" == *"${nip}"* ]]; then - RUN_NODE_TYPE=${NTYPE}; - RUN_NODE_IP=${RUN_NODE_TSIP} - break 2 - fi +if [ "${RNIP}" == "${NM_NODEMANAGER}" ]; then + RUN_NODE_TYPE=NM; + RUN_NODE_IP=${RNIP} +else + for NTYPE in "${NM_NODE_TYPES[@]}"; do + var=${NTYPE}_HOSTS[@] + RUN_NODE_TYPE="" + for nip in "${!var}"; do + # echo "$nip - ${RNIP} - ${RUN_NODE_TSIP}" + if [[ "${RNIP}" == *"${nip}"* ]]; then + RUN_NODE_TYPE=${NTYPE}; + RUN_NODE_IP=${RNIP} + break 2 + elif [[ "${RUN_NODE_TSIP}" == *"${nip}"* ]]; then + RUN_NODE_TYPE=${NTYPE}; + RUN_NODE_IP=${RUN_NODE_TSIP} + break 2 + fi + done done -done +fi [ "${NM_REPL_NGINX_PATHS[${RUN_NODE_TYPE}]}" != "" ] && NM_NGINXPATH=${NM_REPL_NGINX_PATHS[${RUN_NODE_TYPE}]} || NM_NGINXPATH=/etc/nginx [ "${NM_CERTPATHS[${RUN_NODE_TYPE}]}" != "" ] && NM_CERTPATH=${NM_CERTPATHS[${RUN_NODE_TYPE}]} || NM_CERTPATH=/etc/letsencrypt @@ -160,7 +165,7 @@ NM_BACKUP_ITEMS['fail2ban']=/etc/fail2ban GET-CHECKCERT-DOMAINS(){ declare -A CHECKCERT_DOMAINS IFS=$'\n' - for LINE in `egrep -v '(^#|^$)' ${NM_FOLDER}/ssl-cert-check/ssldomains`; do + for LINE in `egrep -v '(^#|^$)' ${NM_FOLDER}/ssl-domain-checks.conf`; do HOST=${LINE%% *} PORT=${LINE#* } IFS=" " diff --git a/inc/certs.inc b/inc/certs.inc index ce43fd2f..e06fd3db 100755 --- a/inc/certs.inc +++ b/inc/certs.inc @@ -182,7 +182,7 @@ LISTCERTS(){ declare -i cw; declare -i spc1; declare -i c declare -A CHECKCERT_DOMAINS IFS=$'\n' - for LINE in `egrep -v '(^#|^$)' ${NM_FOLDER}/ssl-cert-check/ssldomains`; do + for LINE in `egrep -v '(^#|^$)' ${NM_FOLDER}/ssl-domain-checks.conf`; do HOST=${LINE%% *} PORT=${LINE#* } IFS=" " @@ -261,7 +261,7 @@ LISTCERTS_NPM(){ declare -i cw; declare -i spc1; declare -i c declare -A CHECKCERT_DOMAINS IFS=$'\n' - for LINE in `egrep -v '(^#|^$)' ${NM_FOLDER}/ssl-cert-check/ssldomains`; do + for LINE in `egrep -v '(^#|^$)' ${NM_FOLDER}/ssl-domain-checks.conf`; do HOST=${LINE%% *} PORT=${LINE#* } IFS=" " @@ -395,13 +395,13 @@ CHECK_NPMCERTS(){ CHECK-CERTS(){ if [ "${1}" == "check" ]; then rm -f ${NM_FOLDER}/ssl-cert-check.lastrun - ${NM_FOLDER}/ssl-cert-check/ssl-cert-check -f ${NM_FOLDER}/ssl-cert-check/ssldomains > ${NM_FOLDER}/ssl-cert-check.lastrun + ${NM_FOLDER}/ssl-cert-check/ssl-cert-check -f ${NM_FOLDER}/ssl-domain-checks.conf > ${NM_FOLDER}/ssl-cert-check.lastrun SSLLOG="$(cat ${NM_FOLDER}/ssl-cert-check.lastrun)" SENDNOTICE "SSL Certs Check" "SSL Certs Check\n$SSLLOG" else - # ${NM_FOLDER}/ssl-cert-check/ssl-cert-check -f ${NM_FOLDER}/ssl-cert-check/ssldomains + # ${NM_FOLDER}/ssl-cert-check/ssl-cert-check -f ${NM_FOLDER}/ssl-domain-checks.conf IFS=$'\n' - for LINE in `egrep -v '(^#|^$)' ${NM_FOLDER}/ssl-cert-check/ssldomains`; do + for LINE in `egrep -v '(^#|^$)' ${NM_FOLDER}/ssl-domain-checks.conf`; do HOST=${LINE%% *} PORT=${LINE#* } CERTINFO=$(${NM_FOLDER}/ssl-cert-check/ssl-cert-check -p ${PORT} -s ${HOST} -N) diff --git a/nodemgmt-scripts.sh b/nodemgmt-scripts.sh index 3c0bd9a9..3368e1bb 100755 --- a/nodemgmt-scripts.sh +++ b/nodemgmt-scripts.sh @@ -373,8 +373,8 @@ NODEUPDATE() { else echo -en " ~ ${idsCL[LightCyan]}Sync Defaults${idsCL[Default]} : " - if ssh -tq root@${nip} [[ ! -f /opt/idssys/nodemgmt/defaults.local.inc ]] || [ ${nmdiv} -ne $(ssh -tq root@${nip} ls -l --time-style=+%s ${NM_FOLDER}/defaults.local.inc | cut -d ' ' -f 6) ]; then - ssh -tq root@${nmip} rsync -az ${NM_FOLDER}/defaults.local.inc root@${nip}:${NM_FOLDER}/ >/dev/null 2>&1 + if ssh -tq root@${nip} [[ ! -f ${NM_FOLDER}/defaults.local.inc ]] || [ ${nmdiv} -ne $(ssh -tq root@${nip} ls -l --time-style=+%s ${NM_FOLDER}/defaults.local.inc | cut -d ' ' -f 6) ]; then + ssh -tq root@${nmip} rsync -az ${NM_FOLDER}/defaults.local.inc ${NM_FOLDER}/ssl-domain-checks.conf root@${nip}:${NM_FOLDER}/ >/dev/null 2>&1 echo -e "${idsCL[Green]}NodeMgmt Defaults File Synced${idsCL[Default]}" else echo -e "${idsCL[Green]}NodeMgmt Defaults File Already Synced${idsCL[Default]}" diff --git a/ssl-cert-check/ssldomains b/ssl-cert-check/ssldomains deleted file mode 100644 index e2fa36ab..00000000 --- a/ssl-cert-check/ssldomains +++ /dev/null @@ -1,21 +0,0 @@ -cloud.schroedercity.com 443 -dns.scity.us 443 -dyndns.scity.us 443 -git.schroedercity.com 443 -go.scity.us 443 -mail.scity.us 443 -media.scity.us 443 -mysql.scity.us 443 -pma.scity.us 443 -plex.scity.us 32400 -plex.schroedercity.com 443 -pwd.schroedercity.com 443 -status.scity.us 443 -statusint.scity.us 443 -stdiscosrv.scity.us 443 -unifistats.scity.us 443 -vcenter.scity.us 443 -vpn.scity.us 4433 -wdns.scity.us 443 -www.schroedercity.com 443 -www.scity.us 443 diff --git a/ssl-domain-checks.conf b/ssl-domain-checks.conf new file mode 100644 index 00000000..84f9a130 --- /dev/null +++ b/ssl-domain-checks.conf @@ -0,0 +1,5 @@ +# domain.name.com PORT +# +# example +# somethingcool.example.com 443 +